From f1625f274acf5dcd5601f6cb5e29e233b2a441a3 Mon Sep 17 00:00:00 2001 From: djm <> Date: Sat, 6 Sep 2008 12:15:54 +0000 Subject: import of OpenSSL 0.9.8h --- src/lib/libcrypto/Attic/Makefile | 174 +- src/lib/libcrypto/aes/Makefile | 55 +- src/lib/libcrypto/asn1/Makefile | 1303 ++++----- src/lib/libcrypto/asn1/a_gentm.c | 2 +- src/lib/libcrypto/asn1/a_hdr.c | 6 +- src/lib/libcrypto/asn1/a_meth.c | 16 +- src/lib/libcrypto/asn1/a_utctm.c | 2 +- src/lib/libcrypto/bf/Makefile | 45 +- src/lib/libcrypto/bf/bf_opts.c | 3 + src/lib/libcrypto/bf/bfspeed.c | 3 + src/lib/libcrypto/bf/bftest.c | 4 + src/lib/libcrypto/bio/Makefile | 123 +- src/lib/libcrypto/bn/Makefile | 286 +- src/lib/libcrypto/bn/asm/mo-586.pl | 603 +++++ src/lib/libcrypto/bn/bntest.c | 775 +++++- src/lib/libcrypto/bn/exptest.c | 3 + src/lib/libcrypto/buffer/Makefile | 18 +- src/lib/libcrypto/cast/Makefile | 41 +- src/lib/libcrypto/cast/cast_spd.c | 3 + src/lib/libcrypto/cast/castopts.c | 3 + src/lib/libcrypto/cast/casttest.c | 1 + src/lib/libcrypto/comp/Makefile | 47 +- src/lib/libcrypto/conf/Makefile | 109 +- src/lib/libcrypto/crypto-lib.com | 68 +- src/lib/libcrypto/des/FILES0 | 2 +- src/lib/libcrypto/des/INSTALL | 2 +- src/lib/libcrypto/des/Makefile | 288 +- src/lib/libcrypto/des/des_old.c | 4 +- src/lib/libcrypto/des/des_old.h | 13 +- src/lib/libcrypto/des/des_opts.c | 4 + src/lib/libcrypto/des/des_ver.h | 4 +- src/lib/libcrypto/des/destest.c | 18 +- src/lib/libcrypto/des/read2pwd.c | 1 + src/lib/libcrypto/des/speed.c | 4 + src/lib/libcrypto/dh/Makefile | 44 +- src/lib/libcrypto/dh/dhtest.c | 28 +- src/lib/libcrypto/dsa/Makefile | 103 +- src/lib/libcrypto/dsa/dsatest.c | 35 +- src/lib/libcrypto/dso/Makefile | 46 +- src/lib/libcrypto/dso/dso_dl.c | 102 +- src/lib/libcrypto/dso/dso_vms.c | 137 +- src/lib/libcrypto/dso/dso_win32.c | 364 ++- src/lib/libcrypto/ebcdic.c | 15 +- src/lib/libcrypto/ec/Makefile | 163 +- src/lib/libcrypto/ec/ec2_smpt.c | 74 + src/lib/libcrypto/ec/ectest.c | 815 +++++- src/lib/libcrypto/engine/Makefile | 532 +--- src/lib/libcrypto/engine/eng_cryptodev.c | 1133 ++++++++ src/lib/libcrypto/engine/enginetest.c | 2 +- src/lib/libcrypto/err/Makefile | 57 +- src/lib/libcrypto/evp/Makefile | 1266 +++------ src/lib/libcrypto/evp/bio_ok.c | 60 +- src/lib/libcrypto/evp/c_allc.c | 37 + src/lib/libcrypto/evp/c_alld.c | 5 +- src/lib/libcrypto/evp/e_rc5.c | 5 +- src/lib/libcrypto/evp/evp_test.c | 61 +- src/lib/libcrypto/evp/evptests.txt | 245 +- src/lib/libcrypto/evp/m_md2.c | 10 +- src/lib/libcrypto/evp/m_mdc2.c | 8 +- src/lib/libcrypto/evp/m_sha.c | 13 +- src/lib/libcrypto/hmac/Makefile | 32 +- src/lib/libcrypto/idea/Makefile | 14 +- src/lib/libcrypto/idea/ideatest.c | 3 + src/lib/libcrypto/install.com | 23 +- src/lib/libcrypto/krb5/Makefile | 12 +- src/lib/libcrypto/lhash/Makefile | 17 +- src/lib/libcrypto/md2/Makefile | 22 +- src/lib/libcrypto/md2/md2.h | 12 +- src/lib/libcrypto/md2/md2_dgst.c | 12 +- src/lib/libcrypto/md2/md2_one.c | 2 +- src/lib/libcrypto/md2/md2test.c | 6 +- src/lib/libcrypto/md4/Makefile | 24 +- src/lib/libcrypto/md4/md4test.c | 8 +- src/lib/libcrypto/md5/Makefile | 68 +- src/lib/libcrypto/md5/md5test.c | 12 +- src/lib/libcrypto/mdc2/Makefile | 23 +- src/lib/libcrypto/mdc2/mdc2.h | 10 +- src/lib/libcrypto/mdc2/mdc2test.c | 3 + src/lib/libcrypto/mem.c | 10 +- src/lib/libcrypto/o_str.h | 1 + src/lib/libcrypto/objects/Makefile | 51 +- src/lib/libcrypto/objects/obj_dat.h | 2850 ++++++++++++-------- src/lib/libcrypto/objects/obj_mac.h | 515 +++- src/lib/libcrypto/ocsp/Makefile | 272 +- src/lib/libcrypto/opensslconf.h | 52 + src/lib/libcrypto/opensslconf.h.in | 1 + src/lib/libcrypto/pem/Makefile | 318 +-- src/lib/libcrypto/perlasm/x86ms.pl | 122 +- src/lib/libcrypto/perlasm/x86nasm.pl | 153 +- src/lib/libcrypto/perlasm/x86unix.pl | 220 +- src/lib/libcrypto/pkcs12/Makefile | 435 ++- src/lib/libcrypto/pkcs7/Makefile | 188 +- src/lib/libcrypto/pkcs7/bio_ber.c | 2 +- src/lib/libcrypto/pkcs7/example.c | 8 +- src/lib/libcrypto/pqueue/pq_compat.h | 147 + src/lib/libcrypto/rand/Makefile | 141 +- src/lib/libcrypto/rand/md_rand.c | 17 +- src/lib/libcrypto/rand/rand_egd.c | 2 +- src/lib/libcrypto/rand/rand_unix.c | 119 +- src/lib/libcrypto/rand/rand_win.c | 99 +- src/lib/libcrypto/rand/randtest.c | 5 +- src/lib/libcrypto/rc2/Makefile | 14 +- src/lib/libcrypto/rc2/rc2speed.c | 3 + src/lib/libcrypto/rc2/rc2test.c | 3 + src/lib/libcrypto/rc4/Makefile | 63 +- src/lib/libcrypto/rc4/asm/rc4-ia64.S | 5 +- src/lib/libcrypto/rc4/rc4.c | 3 +- src/lib/libcrypto/rc4/rc4speed.c | 3 + src/lib/libcrypto/rc4/rc4test.c | 51 +- src/lib/libcrypto/rc5/Makefile | 51 +- src/lib/libcrypto/rc5/rc5.h | 7 +- src/lib/libcrypto/rc5/rc5_locl.h | 2 +- src/lib/libcrypto/ripemd/Makefile | 46 +- src/lib/libcrypto/ripemd/rmdtest.c | 8 +- src/lib/libcrypto/rsa/Makefile | 126 +- src/lib/libcrypto/rsa/rsa_null.c | 15 +- src/lib/libcrypto/rsa/rsa_test.c | 32 +- src/lib/libcrypto/sha/Makefile | 102 +- src/lib/libcrypto/sha/asm/sha512-sse2.pl | 404 +++ src/lib/libcrypto/sha/sha1test.c | 12 +- src/lib/libcrypto/sha/sha_dgst.c | 3 +- src/lib/libcrypto/sha/sha_one.c | 2 +- src/lib/libcrypto/sha/shatest.c | 12 +- src/lib/libcrypto/stack/Makefile | 18 +- src/lib/libcrypto/symhacks.h | 129 +- src/lib/libcrypto/threads/mttest.c | 115 + src/lib/libcrypto/threads/th-lock.c | 2 +- src/lib/libcrypto/tmdiff.c | 45 +- src/lib/libcrypto/tmdiff.h | 22 +- src/lib/libcrypto/txt_db/Makefile | 14 +- src/lib/libcrypto/ui/Makefile | 38 +- src/lib/libcrypto/uid.c | 2 +- src/lib/libcrypto/util/ck_errf.pl | 13 +- src/lib/libcrypto/util/clean-depend.pl | 7 +- src/lib/libcrypto/util/cygwin.sh | 22 +- src/lib/libcrypto/util/domd | 2 +- src/lib/libcrypto/util/libeay.num | 915 ++++++- src/lib/libcrypto/util/mk1mf.pl | 590 ++-- src/lib/libcrypto/util/mkdef.pl | 142 +- src/lib/libcrypto/util/mkdir-p.pl | 1 + src/lib/libcrypto/util/mkfiles.pl | 17 +- src/lib/libcrypto/util/mklink.pl | 1 - src/lib/libcrypto/util/opensslwrap.sh | 4 + src/lib/libcrypto/util/pl/BC-32.pl | 13 +- src/lib/libcrypto/util/pl/Mingw32.pl | 17 +- src/lib/libcrypto/util/pl/OS2-EMX.pl | 11 +- src/lib/libcrypto/util/pl/VC-32.pl | 294 +- src/lib/libcrypto/util/pl/linux.pl | 11 +- src/lib/libcrypto/util/pl/ultrix.pl | 11 +- src/lib/libcrypto/util/pl/unix.pl | 9 +- src/lib/libcrypto/util/shlib_wrap.sh | 33 +- src/lib/libcrypto/util/ssleay.num | 28 +- src/lib/libcrypto/x509/Makefile | 708 ++--- src/lib/libcrypto/x509v3/Makefile | 920 +++---- src/lib/libssl/src/CHANGES | 1453 ++++++++++ .../libssl/src/ChangeLog.0_9_7-stable_not-in-head | 163 ++ .../src/ChangeLog.0_9_7-stable_not-in-head_FIPS | 1494 ++++++++++ src/lib/libssl/src/Configure | 1085 ++++---- src/lib/libssl/src/FAQ | 168 +- src/lib/libssl/src/INSTALL | 44 +- src/lib/libssl/src/INSTALL.W32 | 52 +- src/lib/libssl/src/INSTALL.WCE | 7 +- src/lib/libssl/src/LICENSE | 2 +- src/lib/libssl/src/Makefile | 696 ++--- src/lib/libssl/src/Makefile.org | 698 ++--- src/lib/libssl/src/NEWS | 132 +- src/lib/libssl/src/Netware/build.bat | 228 ++ src/lib/libssl/src/Netware/cpy_tests.bat | 113 + src/lib/libssl/src/Netware/do_tests.pl | 624 +++++ src/lib/libssl/src/Netware/globals.txt | 254 ++ src/lib/libssl/src/Netware/readme.txt | 19 + src/lib/libssl/src/Netware/set_env.bat | 112 + src/lib/libssl/src/PROBLEMS | 33 + src/lib/libssl/src/README | 23 +- src/lib/libssl/src/VMS/mkshared.com | 9 +- src/lib/libssl/src/apps/CA.pl | 20 +- src/lib/libssl/src/apps/CA.pl.in | 20 +- src/lib/libssl/src/apps/CA.sh | 13 +- src/lib/libssl/src/apps/Makefile | 1596 +++++------ src/lib/libssl/src/apps/apps.c | 352 ++- src/lib/libssl/src/apps/apps.h | 38 +- src/lib/libssl/src/apps/asn1pars.c | 121 +- src/lib/libssl/src/apps/ca.c | 357 ++- src/lib/libssl/src/apps/ciphers.c | 4 +- src/lib/libssl/src/apps/crl.c | 6 +- src/lib/libssl/src/apps/dgst.c | 64 +- src/lib/libssl/src/apps/dh.c | 1 + src/lib/libssl/src/apps/dhparam.c | 25 +- src/lib/libssl/src/apps/dsa.c | 13 + src/lib/libssl/src/apps/dsaparam.c | 86 +- src/lib/libssl/src/apps/enc.c | 42 +- src/lib/libssl/src/apps/engine.c | 21 +- src/lib/libssl/src/apps/gendh.c | 24 +- src/lib/libssl/src/apps/gendsa.c | 21 + src/lib/libssl/src/apps/genrsa.c | 77 +- src/lib/libssl/src/apps/makeapps.com | 21 +- src/lib/libssl/src/apps/ocsp.c | 213 +- src/lib/libssl/src/apps/openssl-vms.cnf | 8 +- src/lib/libssl/src/apps/openssl.c | 37 +- src/lib/libssl/src/apps/openssl.cnf | 8 +- src/lib/libssl/src/apps/passwd.c | 10 +- src/lib/libssl/src/apps/pkcs12.c | 309 +-- src/lib/libssl/src/apps/prime.c | 4 +- src/lib/libssl/src/apps/progs.h | 55 +- src/lib/libssl/src/apps/progs.pl | 22 +- src/lib/libssl/src/apps/rand.c | 4 +- src/lib/libssl/src/apps/req.c | 223 +- src/lib/libssl/src/apps/rsa.c | 15 +- src/lib/libssl/src/apps/rsautl.c | 40 +- src/lib/libssl/src/apps/s_apps.h | 13 +- src/lib/libssl/src/apps/s_cb.c | 115 +- src/lib/libssl/src/apps/s_client.c | 466 +++- src/lib/libssl/src/apps/s_server.c | 830 +++++- src/lib/libssl/src/apps/s_socket.c | 119 +- src/lib/libssl/src/apps/s_time.c | 18 +- src/lib/libssl/src/apps/sess_id.c | 6 +- src/lib/libssl/src/apps/smime.c | 564 ++-- src/lib/libssl/src/apps/speed.c | 1033 ++++++- src/lib/libssl/src/apps/spkac.c | 5 +- src/lib/libssl/src/apps/verify.c | 43 +- src/lib/libssl/src/apps/version.c | 15 +- src/lib/libssl/src/apps/x509.c | 70 +- src/lib/libssl/src/config | 199 +- src/lib/libssl/src/crypto/Makefile | 174 +- src/lib/libssl/src/crypto/aes/Makefile | 55 +- src/lib/libssl/src/crypto/aes/aes.h | 27 +- src/lib/libssl/src/crypto/aes/aes_cbc.c | 2 - src/lib/libssl/src/crypto/aes/aes_core.c | 304 +-- src/lib/libssl/src/crypto/aes/aes_locl.h | 6 +- src/lib/libssl/src/crypto/aes/aes_misc.c | 2 +- src/lib/libssl/src/crypto/asn1/Makefile | 1303 ++++----- src/lib/libssl/src/crypto/asn1/a_bitstr.c | 13 +- src/lib/libssl/src/crypto/asn1/a_bool.c | 4 +- src/lib/libssl/src/crypto/asn1/a_bytes.c | 22 +- src/lib/libssl/src/crypto/asn1/a_d2i_fp.c | 32 +- src/lib/libssl/src/crypto/asn1/a_digest.c | 2 +- src/lib/libssl/src/crypto/asn1/a_dup.c | 18 +- src/lib/libssl/src/crypto/asn1/a_enum.c | 12 +- src/lib/libssl/src/crypto/asn1/a_gentm.c | 2 +- src/lib/libssl/src/crypto/asn1/a_hdr.c | 6 +- src/lib/libssl/src/crypto/asn1/a_i2d_fp.c | 8 +- src/lib/libssl/src/crypto/asn1/a_int.c | 26 +- src/lib/libssl/src/crypto/asn1/a_mbstr.c | 20 +- src/lib/libssl/src/crypto/asn1/a_meth.c | 16 +- src/lib/libssl/src/crypto/asn1/a_object.c | 100 +- src/lib/libssl/src/crypto/asn1/a_octet.c | 2 +- src/lib/libssl/src/crypto/asn1/a_set.c | 21 +- src/lib/libssl/src/crypto/asn1/a_sign.c | 23 +- src/lib/libssl/src/crypto/asn1/a_strex.c | 32 +- src/lib/libssl/src/crypto/asn1/a_type.c | 28 +- src/lib/libssl/src/crypto/asn1/a_utctm.c | 2 +- src/lib/libssl/src/crypto/asn1/a_verify.c | 12 +- src/lib/libssl/src/crypto/asn1/asn1.h | 341 ++- src/lib/libssl/src/crypto/asn1/asn1_err.c | 91 +- src/lib/libssl/src/crypto/asn1/asn1_lib.c | 73 +- src/lib/libssl/src/crypto/asn1/asn1_mac.h | 39 +- src/lib/libssl/src/crypto/asn1/asn1_par.c | 58 +- src/lib/libssl/src/crypto/asn1/asn1t.h | 109 +- src/lib/libssl/src/crypto/asn1/asn_moid.c | 64 +- src/lib/libssl/src/crypto/asn1/asn_pack.c | 26 +- src/lib/libssl/src/crypto/asn1/d2i_pr.c | 24 +- src/lib/libssl/src/crypto/asn1/d2i_pu.c | 19 +- src/lib/libssl/src/crypto/asn1/evp_asn1.c | 4 +- src/lib/libssl/src/crypto/asn1/i2d_pr.c | 9 + src/lib/libssl/src/crypto/asn1/i2d_pu.c | 7 + src/lib/libssl/src/crypto/asn1/n_pkey.c | 49 +- src/lib/libssl/src/crypto/asn1/p5_pbe.c | 15 +- src/lib/libssl/src/crypto/asn1/p5_pbev2.c | 6 +- src/lib/libssl/src/crypto/asn1/t_crl.c | 4 +- src/lib/libssl/src/crypto/asn1/t_pkey.c | 548 +++- src/lib/libssl/src/crypto/asn1/t_req.c | 22 +- src/lib/libssl/src/crypto/asn1/t_spki.c | 16 + src/lib/libssl/src/crypto/asn1/t_x509.c | 37 +- src/lib/libssl/src/crypto/asn1/tasn_dec.c | 1057 +++++--- src/lib/libssl/src/crypto/asn1/tasn_enc.c | 514 ++-- src/lib/libssl/src/crypto/asn1/tasn_fre.c | 149 +- src/lib/libssl/src/crypto/asn1/tasn_new.c | 234 +- src/lib/libssl/src/crypto/asn1/tasn_typ.c | 4 + src/lib/libssl/src/crypto/asn1/tasn_utl.c | 128 +- src/lib/libssl/src/crypto/asn1/x_algor.c | 57 + src/lib/libssl/src/crypto/asn1/x_bignum.c | 6 +- src/lib/libssl/src/crypto/asn1/x_crl.c | 2 +- src/lib/libssl/src/crypto/asn1/x_exten.c | 5 + src/lib/libssl/src/crypto/asn1/x_long.c | 8 +- src/lib/libssl/src/crypto/asn1/x_name.c | 52 +- src/lib/libssl/src/crypto/asn1/x_pkey.c | 6 +- src/lib/libssl/src/crypto/asn1/x_pubkey.c | 285 +- src/lib/libssl/src/crypto/asn1/x_req.c | 2 +- src/lib/libssl/src/crypto/asn1/x_x509.c | 27 +- src/lib/libssl/src/crypto/asn1/x_x509a.c | 29 + src/lib/libssl/src/crypto/bf/Makefile | 45 +- src/lib/libssl/src/crypto/bf/bf_ecb.c | 2 +- src/lib/libssl/src/crypto/bf/bf_enc.c | 4 +- src/lib/libssl/src/crypto/bf/bf_opts.c | 3 + src/lib/libssl/src/crypto/bf/bf_skey.c | 4 +- src/lib/libssl/src/crypto/bf/bfspeed.c | 3 + src/lib/libssl/src/crypto/bf/bftest.c | 4 + src/lib/libssl/src/crypto/bf/blowfish.h | 5 +- src/lib/libssl/src/crypto/bio/Makefile | 123 +- src/lib/libssl/src/crypto/bio/b_dump.c | 75 +- src/lib/libssl/src/crypto/bio/b_print.c | 20 +- src/lib/libssl/src/crypto/bio/b_sock.c | 60 +- src/lib/libssl/src/crypto/bio/bf_nbio.c | 4 +- src/lib/libssl/src/crypto/bio/bio.h | 133 +- src/lib/libssl/src/crypto/bio/bio_err.c | 10 +- src/lib/libssl/src/crypto/bio/bio_lib.c | 60 +- src/lib/libssl/src/crypto/bio/bss_acpt.c | 4 +- src/lib/libssl/src/crypto/bio/bss_conn.c | 10 +- src/lib/libssl/src/crypto/bio/bss_fd.c | 30 +- src/lib/libssl/src/crypto/bio/bss_file.c | 109 +- src/lib/libssl/src/crypto/bio/bss_log.c | 2 + src/lib/libssl/src/crypto/bio/bss_sock.c | 7 +- src/lib/libssl/src/crypto/bn/Makefile | 286 +- src/lib/libssl/src/crypto/bn/asm/bn-586.pl | 86 +- src/lib/libssl/src/crypto/bn/asm/ia64.S | 35 +- src/lib/libssl/src/crypto/bn/asm/mo-586.pl | 603 +++++ src/lib/libssl/src/crypto/bn/asm/x86_64-gcc.c | 4 + src/lib/libssl/src/crypto/bn/bn.h | 399 ++- src/lib/libssl/src/crypto/bn/bn_add.c | 96 +- src/lib/libssl/src/crypto/bn/bn_asm.c | 28 + src/lib/libssl/src/crypto/bn/bn_blind.c | 249 +- src/lib/libssl/src/crypto/bn/bn_ctx.c | 417 ++- src/lib/libssl/src/crypto/bn/bn_div.c | 299 +- src/lib/libssl/src/crypto/bn/bn_err.c | 29 +- src/lib/libssl/src/crypto/bn/bn_exp.c | 133 +- src/lib/libssl/src/crypto/bn/bn_exp2.c | 56 +- src/lib/libssl/src/crypto/bn/bn_gcd.c | 164 ++ src/lib/libssl/src/crypto/bn/bn_kron.c | 8 +- src/lib/libssl/src/crypto/bn/bn_lcl.h | 114 +- src/lib/libssl/src/crypto/bn/bn_lib.c | 225 +- src/lib/libssl/src/crypto/bn/bn_mod.c | 7 +- src/lib/libssl/src/crypto/bn/bn_mont.c | 455 +++- src/lib/libssl/src/crypto/bn/bn_mpi.c | 1 + src/lib/libssl/src/crypto/bn/bn_mul.c | 539 +++- src/lib/libssl/src/crypto/bn/bn_prime.c | 116 +- src/lib/libssl/src/crypto/bn/bn_prime.h | 4 +- src/lib/libssl/src/crypto/bn/bn_prime.pl | 6 +- src/lib/libssl/src/crypto/bn/bn_print.c | 45 +- src/lib/libssl/src/crypto/bn/bn_rand.c | 24 +- src/lib/libssl/src/crypto/bn/bn_recp.c | 22 +- src/lib/libssl/src/crypto/bn/bn_shift.c | 27 +- src/lib/libssl/src/crypto/bn/bn_sqr.c | 18 +- src/lib/libssl/src/crypto/bn/bn_sqrt.c | 76 +- src/lib/libssl/src/crypto/bn/bn_word.c | 65 +- src/lib/libssl/src/crypto/bn/bntest.c | 775 +++++- src/lib/libssl/src/crypto/bn/exptest.c | 3 + src/lib/libssl/src/crypto/buffer/Makefile | 18 +- src/lib/libssl/src/crypto/buffer/buf_err.c | 12 +- src/lib/libssl/src/crypto/buffer/buffer.c | 31 +- src/lib/libssl/src/crypto/buffer/buffer.h | 17 +- src/lib/libssl/src/crypto/cast/Makefile | 41 +- src/lib/libssl/src/crypto/cast/c_ecb.c | 2 +- src/lib/libssl/src/crypto/cast/c_skey.c | 5 +- src/lib/libssl/src/crypto/cast/cast.h | 7 +- src/lib/libssl/src/crypto/cast/cast_spd.c | 3 + src/lib/libssl/src/crypto/cast/castopts.c | 3 + src/lib/libssl/src/crypto/cast/casttest.c | 1 + src/lib/libssl/src/crypto/comp/Makefile | 47 +- src/lib/libssl/src/crypto/comp/c_zlib.c | 600 ++++- src/lib/libssl/src/crypto/comp/comp.h | 37 +- src/lib/libssl/src/crypto/comp/comp_err.c | 26 +- src/lib/libssl/src/crypto/comp/comp_lib.c | 6 - src/lib/libssl/src/crypto/conf/Makefile | 109 +- src/lib/libssl/src/crypto/conf/conf.h | 6 +- src/lib/libssl/src/crypto/conf/conf_api.c | 2 +- src/lib/libssl/src/crypto/conf/conf_def.c | 36 +- src/lib/libssl/src/crypto/conf/conf_err.c | 11 +- src/lib/libssl/src/crypto/conf/conf_lib.c | 4 +- src/lib/libssl/src/crypto/conf/conf_mod.c | 15 +- src/lib/libssl/src/crypto/conf/conf_sap.c | 4 +- src/lib/libssl/src/crypto/cpt_err.c | 9 +- src/lib/libssl/src/crypto/cryptlib.c | 226 +- src/lib/libssl/src/crypto/cryptlib.h | 8 + src/lib/libssl/src/crypto/crypto-lib.com | 68 +- src/lib/libssl/src/crypto/crypto.h | 182 +- src/lib/libssl/src/crypto/cversion.c | 3 - src/lib/libssl/src/crypto/des/FILES0 | 2 +- src/lib/libssl/src/crypto/des/INSTALL | 2 +- src/lib/libssl/src/crypto/des/Makefile | 288 +- src/lib/libssl/src/crypto/des/cfb64ede.c | 4 +- src/lib/libssl/src/crypto/des/cfb_enc.c | 71 +- src/lib/libssl/src/crypto/des/des.h | 11 +- src/lib/libssl/src/crypto/des/des_enc.c | 8 - src/lib/libssl/src/crypto/des/des_locl.h | 2 +- src/lib/libssl/src/crypto/des/des_old.c | 4 +- src/lib/libssl/src/crypto/des/des_old.h | 13 +- src/lib/libssl/src/crypto/des/des_opts.c | 4 + src/lib/libssl/src/crypto/des/des_ver.h | 4 +- src/lib/libssl/src/crypto/des/destest.c | 18 +- src/lib/libssl/src/crypto/des/ecb3_enc.c | 4 +- src/lib/libssl/src/crypto/des/ecb_enc.c | 4 +- src/lib/libssl/src/crypto/des/ede_cbcm_enc.c | 2 + src/lib/libssl/src/crypto/des/fcrypt.c | 3 - src/lib/libssl/src/crypto/des/read2pwd.c | 1 + src/lib/libssl/src/crypto/des/set_key.c | 10 +- src/lib/libssl/src/crypto/des/speed.c | 4 + src/lib/libssl/src/crypto/des/str2key.c | 1 + src/lib/libssl/src/crypto/des/xcbc_enc.c | 4 +- src/lib/libssl/src/crypto/dh/Makefile | 44 +- src/lib/libssl/src/crypto/dh/dh.h | 60 +- src/lib/libssl/src/crypto/dh/dh_check.c | 30 +- src/lib/libssl/src/crypto/dh/dh_err.c | 18 +- src/lib/libssl/src/crypto/dh/dh_gen.c | 50 +- src/lib/libssl/src/crypto/dh/dh_key.c | 38 +- src/lib/libssl/src/crypto/dh/dh_lib.c | 2 +- src/lib/libssl/src/crypto/dh/dhtest.c | 28 +- src/lib/libssl/src/crypto/dsa/Makefile | 103 +- src/lib/libssl/src/crypto/dsa/dsa.h | 61 +- src/lib/libssl/src/crypto/dsa/dsa_err.c | 11 +- src/lib/libssl/src/crypto/dsa/dsa_gen.c | 111 +- src/lib/libssl/src/crypto/dsa/dsa_key.c | 15 +- src/lib/libssl/src/crypto/dsa/dsa_lib.c | 5 +- src/lib/libssl/src/crypto/dsa/dsa_ossl.c | 120 +- src/lib/libssl/src/crypto/dsa/dsa_sign.c | 14 - src/lib/libssl/src/crypto/dsa/dsa_vrf.c | 9 - src/lib/libssl/src/crypto/dsa/dsatest.c | 35 +- src/lib/libssl/src/crypto/dso/Makefile | 46 +- src/lib/libssl/src/crypto/dso/dso.h | 52 +- src/lib/libssl/src/crypto/dso/dso_dl.c | 102 +- src/lib/libssl/src/crypto/dso/dso_dlfcn.c | 114 +- src/lib/libssl/src/crypto/dso/dso_err.c | 22 +- src/lib/libssl/src/crypto/dso/dso_lib.c | 29 +- src/lib/libssl/src/crypto/dso/dso_null.c | 2 + src/lib/libssl/src/crypto/dso/dso_vms.c | 137 +- src/lib/libssl/src/crypto/dso/dso_win32.c | 364 ++- src/lib/libssl/src/crypto/ebcdic.c | 15 +- src/lib/libssl/src/crypto/ec/Makefile | 163 +- src/lib/libssl/src/crypto/ec/ec.h | 319 ++- src/lib/libssl/src/crypto/ec/ec2_smpt.c | 74 + src/lib/libssl/src/crypto/ec/ec_cvt.c | 76 +- src/lib/libssl/src/crypto/ec/ec_err.c | 114 +- src/lib/libssl/src/crypto/ec/ec_lcl.h | 241 +- src/lib/libssl/src/crypto/ec/ec_lib.c | 678 ++++- src/lib/libssl/src/crypto/ec/ec_mult.c | 673 ++++- src/lib/libssl/src/crypto/ec/ecp_mont.c | 151 +- src/lib/libssl/src/crypto/ec/ecp_nist.c | 180 +- src/lib/libssl/src/crypto/ec/ecp_smpl.c | 335 ++- src/lib/libssl/src/crypto/ec/ectest.c | 815 +++++- src/lib/libssl/src/crypto/engine/Makefile | 532 +--- src/lib/libssl/src/crypto/engine/eng_all.c | 31 +- src/lib/libssl/src/crypto/engine/eng_cnf.c | 7 +- src/lib/libssl/src/crypto/engine/eng_cryptodev.c | 1133 ++++++++ src/lib/libssl/src/crypto/engine/eng_ctrl.c | 12 +- src/lib/libssl/src/crypto/engine/eng_dyn.c | 108 +- src/lib/libssl/src/crypto/engine/eng_err.c | 16 +- src/lib/libssl/src/crypto/engine/eng_fat.c | 26 +- src/lib/libssl/src/crypto/engine/eng_init.c | 5 +- src/lib/libssl/src/crypto/engine/eng_int.h | 9 + src/lib/libssl/src/crypto/engine/eng_lib.c | 18 +- src/lib/libssl/src/crypto/engine/eng_list.c | 43 +- src/lib/libssl/src/crypto/engine/eng_openssl.c | 25 +- src/lib/libssl/src/crypto/engine/eng_padlock.c | 1219 +++++++++ src/lib/libssl/src/crypto/engine/eng_pkey.c | 3 - src/lib/libssl/src/crypto/engine/eng_table.c | 94 +- src/lib/libssl/src/crypto/engine/engine.h | 158 +- src/lib/libssl/src/crypto/engine/enginetest.c | 2 +- src/lib/libssl/src/crypto/engine/tb_cipher.c | 2 - src/lib/libssl/src/crypto/engine/tb_dh.c | 2 - src/lib/libssl/src/crypto/engine/tb_digest.c | 2 - src/lib/libssl/src/crypto/engine/tb_dsa.c | 2 - src/lib/libssl/src/crypto/engine/tb_rand.c | 2 - src/lib/libssl/src/crypto/engine/tb_rsa.c | 2 - src/lib/libssl/src/crypto/err/Makefile | 57 +- src/lib/libssl/src/crypto/err/err.c | 86 +- src/lib/libssl/src/crypto/err/err.h | 28 +- src/lib/libssl/src/crypto/err/err_all.c | 25 +- src/lib/libssl/src/crypto/err/err_prn.c | 9 +- src/lib/libssl/src/crypto/err/openssl.ec | 7 +- src/lib/libssl/src/crypto/evp/Makefile | 1266 +++------ src/lib/libssl/src/crypto/evp/bio_b64.c | 2 +- src/lib/libssl/src/crypto/evp/bio_enc.c | 4 +- src/lib/libssl/src/crypto/evp/bio_md.c | 11 +- src/lib/libssl/src/crypto/evp/bio_ok.c | 60 +- src/lib/libssl/src/crypto/evp/c_all.c | 6 + src/lib/libssl/src/crypto/evp/c_allc.c | 37 + src/lib/libssl/src/crypto/evp/c_alld.c | 5 +- src/lib/libssl/src/crypto/evp/digest.c | 61 +- src/lib/libssl/src/crypto/evp/e_aes.c | 22 +- src/lib/libssl/src/crypto/evp/e_bf.c | 2 +- src/lib/libssl/src/crypto/evp/e_cast.c | 4 +- src/lib/libssl/src/crypto/evp/e_des.c | 36 +- src/lib/libssl/src/crypto/evp/e_des3.c | 61 +- src/lib/libssl/src/crypto/evp/e_idea.c | 4 +- src/lib/libssl/src/crypto/evp/e_null.c | 5 +- src/lib/libssl/src/crypto/evp/e_old.c | 17 + src/lib/libssl/src/crypto/evp/e_rc2.c | 12 +- src/lib/libssl/src/crypto/evp/e_rc4.c | 8 +- src/lib/libssl/src/crypto/evp/e_rc5.c | 5 +- src/lib/libssl/src/crypto/evp/e_xcbc_d.c | 5 +- src/lib/libssl/src/crypto/evp/encode.c | 10 +- src/lib/libssl/src/crypto/evp/evp.h | 319 +-- src/lib/libssl/src/crypto/evp/evp_enc.c | 127 +- src/lib/libssl/src/crypto/evp/evp_err.c | 39 +- src/lib/libssl/src/crypto/evp/evp_key.c | 2 +- src/lib/libssl/src/crypto/evp/evp_lib.c | 125 +- src/lib/libssl/src/crypto/evp/evp_locl.h | 24 +- src/lib/libssl/src/crypto/evp/evp_pbe.c | 5 +- src/lib/libssl/src/crypto/evp/evp_pkey.c | 398 ++- src/lib/libssl/src/crypto/evp/evp_test.c | 61 +- src/lib/libssl/src/crypto/evp/evptests.txt | 245 +- src/lib/libssl/src/crypto/evp/m_dss.c | 8 +- src/lib/libssl/src/crypto/evp/m_dss1.c | 18 +- src/lib/libssl/src/crypto/evp/m_md2.c | 10 +- src/lib/libssl/src/crypto/evp/m_md4.c | 10 +- src/lib/libssl/src/crypto/evp/m_md5.c | 10 +- src/lib/libssl/src/crypto/evp/m_mdc2.c | 8 +- src/lib/libssl/src/crypto/evp/m_null.c | 2 +- src/lib/libssl/src/crypto/evp/m_ripemd.c | 9 +- src/lib/libssl/src/crypto/evp/m_sha.c | 13 +- src/lib/libssl/src/crypto/evp/m_sha1.c | 46 +- src/lib/libssl/src/crypto/evp/names.c | 11 +- src/lib/libssl/src/crypto/evp/p5_crpt.c | 14 +- src/lib/libssl/src/crypto/evp/p5_crpt2.c | 21 +- src/lib/libssl/src/crypto/evp/p_dec.c | 2 +- src/lib/libssl/src/crypto/evp/p_enc.c | 2 +- src/lib/libssl/src/crypto/evp/p_lib.c | 177 +- src/lib/libssl/src/crypto/evp/p_open.c | 10 +- src/lib/libssl/src/crypto/evp/p_seal.c | 2 +- src/lib/libssl/src/crypto/evp/p_verify.c | 2 +- src/lib/libssl/src/crypto/ex_data.c | 10 +- src/lib/libssl/src/crypto/hmac/Makefile | 32 +- src/lib/libssl/src/crypto/hmac/hmac.c | 20 +- src/lib/libssl/src/crypto/hmac/hmac.h | 13 +- src/lib/libssl/src/crypto/idea/Makefile | 14 +- src/lib/libssl/src/crypto/idea/idea.h | 9 +- src/lib/libssl/src/crypto/idea/ideatest.c | 3 + src/lib/libssl/src/crypto/install.com | 23 +- src/lib/libssl/src/crypto/krb5/Makefile | 12 +- src/lib/libssl/src/crypto/krb5/krb5_asn.h | 2 +- src/lib/libssl/src/crypto/lhash/Makefile | 17 +- src/lib/libssl/src/crypto/lhash/lhash.c | 20 +- src/lib/libssl/src/crypto/lhash/lhash.h | 17 +- src/lib/libssl/src/crypto/md2/Makefile | 22 +- src/lib/libssl/src/crypto/md2/md2.h | 12 +- src/lib/libssl/src/crypto/md2/md2_dgst.c | 12 +- src/lib/libssl/src/crypto/md2/md2_one.c | 2 +- src/lib/libssl/src/crypto/md2/md2test.c | 6 +- src/lib/libssl/src/crypto/md32_common.h | 473 +--- src/lib/libssl/src/crypto/md4/Makefile | 24 +- src/lib/libssl/src/crypto/md4/md4.h | 10 +- src/lib/libssl/src/crypto/md4/md4_dgst.c | 95 +- src/lib/libssl/src/crypto/md4/md4_locl.h | 44 +- src/lib/libssl/src/crypto/md4/md4_one.c | 2 +- src/lib/libssl/src/crypto/md4/md4test.c | 8 +- src/lib/libssl/src/crypto/md5/Makefile | 68 +- src/lib/libssl/src/crypto/md5/asm/md5-586.pl | 2 +- src/lib/libssl/src/crypto/md5/md5.h | 10 +- src/lib/libssl/src/crypto/md5/md5_dgst.c | 112 +- src/lib/libssl/src/crypto/md5/md5_locl.h | 52 +- src/lib/libssl/src/crypto/md5/md5_one.c | 2 +- src/lib/libssl/src/crypto/md5/md5test.c | 12 +- src/lib/libssl/src/crypto/mdc2/Makefile | 23 +- src/lib/libssl/src/crypto/mdc2/mdc2.h | 10 +- src/lib/libssl/src/crypto/mdc2/mdc2test.c | 3 + src/lib/libssl/src/crypto/mem.c | 10 +- src/lib/libssl/src/crypto/mem_clr.c | 12 +- src/lib/libssl/src/crypto/mem_dbg.c | 10 +- src/lib/libssl/src/crypto/o_str.c | 13 + src/lib/libssl/src/crypto/o_str.h | 1 + src/lib/libssl/src/crypto/objects/Makefile | 51 +- src/lib/libssl/src/crypto/objects/o_names.c | 6 +- src/lib/libssl/src/crypto/objects/obj_dat.c | 254 +- src/lib/libssl/src/crypto/objects/obj_dat.h | 2850 ++++++++++++-------- src/lib/libssl/src/crypto/objects/obj_dat.pl | 4 +- src/lib/libssl/src/crypto/objects/obj_err.c | 9 +- src/lib/libssl/src/crypto/objects/obj_lib.c | 3 +- src/lib/libssl/src/crypto/objects/obj_mac.h | 515 +++- src/lib/libssl/src/crypto/objects/obj_mac.num | 115 + src/lib/libssl/src/crypto/objects/objects.h | 7 +- src/lib/libssl/src/crypto/objects/objects.txt | 185 +- src/lib/libssl/src/crypto/ocsp/Makefile | 272 +- src/lib/libssl/src/crypto/ocsp/ocsp.h | 42 +- src/lib/libssl/src/crypto/ocsp/ocsp_asn.c | 2 +- src/lib/libssl/src/crypto/ocsp/ocsp_cl.c | 2 + src/lib/libssl/src/crypto/ocsp/ocsp_err.c | 14 +- src/lib/libssl/src/crypto/ocsp/ocsp_ext.c | 35 +- src/lib/libssl/src/crypto/ocsp/ocsp_ht.c | 468 +++- src/lib/libssl/src/crypto/ocsp/ocsp_lib.c | 4 +- src/lib/libssl/src/crypto/ocsp/ocsp_prn.c | 4 +- src/lib/libssl/src/crypto/ocsp/ocsp_vfy.c | 2 +- src/lib/libssl/src/crypto/opensslconf.h | 52 + src/lib/libssl/src/crypto/opensslconf.h.in | 1 + src/lib/libssl/src/crypto/opensslv.h | 10 +- src/lib/libssl/src/crypto/ossl_typ.h | 57 + src/lib/libssl/src/crypto/pem/Makefile | 318 +-- src/lib/libssl/src/crypto/pem/pem.h | 173 +- src/lib/libssl/src/crypto/pem/pem_all.c | 233 +- src/lib/libssl/src/crypto/pem/pem_err.c | 18 +- src/lib/libssl/src/crypto/pem/pem_info.c | 58 +- src/lib/libssl/src/crypto/pem/pem_lib.c | 33 +- src/lib/libssl/src/crypto/pem/pem_oth.c | 7 +- src/lib/libssl/src/crypto/pem/pem_pk8.c | 7 +- src/lib/libssl/src/crypto/pem/pem_pkey.c | 12 +- src/lib/libssl/src/crypto/pem/pem_seal.c | 2 + src/lib/libssl/src/crypto/pem/pem_xaux.c | 1 + src/lib/libssl/src/crypto/perlasm/cbc.pl | 4 +- src/lib/libssl/src/crypto/perlasm/x86asm.pl | 27 +- src/lib/libssl/src/crypto/perlasm/x86ms.pl | 122 +- src/lib/libssl/src/crypto/perlasm/x86nasm.pl | 153 +- src/lib/libssl/src/crypto/perlasm/x86unix.pl | 220 +- src/lib/libssl/src/crypto/pkcs12/Makefile | 435 ++- src/lib/libssl/src/crypto/pkcs12/p12_add.c | 6 +- src/lib/libssl/src/crypto/pkcs12/p12_crpt.c | 16 +- src/lib/libssl/src/crypto/pkcs12/p12_crt.c | 336 ++- src/lib/libssl/src/crypto/pkcs12/p12_decr.c | 13 +- src/lib/libssl/src/crypto/pkcs12/p12_init.c | 2 +- src/lib/libssl/src/crypto/pkcs12/p12_key.c | 2 +- src/lib/libssl/src/crypto/pkcs12/p12_kiss.c | 20 +- src/lib/libssl/src/crypto/pkcs12/p12_mutl.c | 20 +- src/lib/libssl/src/crypto/pkcs12/p12_npas.c | 37 +- src/lib/libssl/src/crypto/pkcs12/pk12err.c | 18 +- src/lib/libssl/src/crypto/pkcs12/pkcs12.h | 22 +- src/lib/libssl/src/crypto/pkcs7/Makefile | 188 +- src/lib/libssl/src/crypto/pkcs7/bio_ber.c | 2 +- src/lib/libssl/src/crypto/pkcs7/example.c | 8 +- src/lib/libssl/src/crypto/pkcs7/pk7_asn1.c | 41 +- src/lib/libssl/src/crypto/pkcs7/pk7_attr.c | 3 +- src/lib/libssl/src/crypto/pkcs7/pk7_doit.c | 354 ++- src/lib/libssl/src/crypto/pkcs7/pk7_lib.c | 117 +- src/lib/libssl/src/crypto/pkcs7/pk7_mime.c | 104 +- src/lib/libssl/src/crypto/pkcs7/pk7_smime.c | 109 +- src/lib/libssl/src/crypto/pkcs7/pkcs7.h | 15 +- src/lib/libssl/src/crypto/pkcs7/pkcs7err.c | 15 +- src/lib/libssl/src/crypto/pqueue/pq_compat.h | 147 + src/lib/libssl/src/crypto/rand/Makefile | 141 +- src/lib/libssl/src/crypto/rand/md_rand.c | 17 +- src/lib/libssl/src/crypto/rand/rand.h | 15 +- src/lib/libssl/src/crypto/rand/rand_egd.c | 2 +- src/lib/libssl/src/crypto/rand/rand_err.c | 15 +- src/lib/libssl/src/crypto/rand/rand_lib.c | 18 +- src/lib/libssl/src/crypto/rand/rand_unix.c | 119 +- src/lib/libssl/src/crypto/rand/rand_win.c | 99 +- src/lib/libssl/src/crypto/rand/randfile.c | 12 +- src/lib/libssl/src/crypto/rand/randtest.c | 5 +- src/lib/libssl/src/crypto/rc2/Makefile | 14 +- src/lib/libssl/src/crypto/rc2/rc2.h | 7 +- src/lib/libssl/src/crypto/rc2/rc2_ecb.c | 2 +- src/lib/libssl/src/crypto/rc2/rc2_skey.c | 21 +- src/lib/libssl/src/crypto/rc2/rc2speed.c | 3 + src/lib/libssl/src/crypto/rc2/rc2test.c | 3 + src/lib/libssl/src/crypto/rc4/Makefile | 63 +- src/lib/libssl/src/crypto/rc4/asm/rc4-586.pl | 11 +- src/lib/libssl/src/crypto/rc4/asm/rc4-ia64.S | 5 +- src/lib/libssl/src/crypto/rc4/rc4.c | 3 +- src/lib/libssl/src/crypto/rc4/rc4.h | 6 +- src/lib/libssl/src/crypto/rc4/rc4_enc.c | 4 +- src/lib/libssl/src/crypto/rc4/rc4_skey.c | 55 +- src/lib/libssl/src/crypto/rc4/rc4speed.c | 3 + src/lib/libssl/src/crypto/rc4/rc4test.c | 51 +- src/lib/libssl/src/crypto/rc5/Makefile | 51 +- src/lib/libssl/src/crypto/rc5/rc5.h | 7 +- src/lib/libssl/src/crypto/rc5/rc5_locl.h | 2 +- src/lib/libssl/src/crypto/ripemd/Makefile | 46 +- src/lib/libssl/src/crypto/ripemd/asm/rmd-586.pl | 4 +- src/lib/libssl/src/crypto/ripemd/ripemd.h | 10 +- src/lib/libssl/src/crypto/ripemd/rmd_dgst.c | 212 +- src/lib/libssl/src/crypto/ripemd/rmd_locl.h | 14 +- src/lib/libssl/src/crypto/ripemd/rmd_one.c | 2 +- src/lib/libssl/src/crypto/ripemd/rmdtest.c | 8 +- src/lib/libssl/src/crypto/rsa/Makefile | 126 +- src/lib/libssl/src/crypto/rsa/rsa.h | 96 +- src/lib/libssl/src/crypto/rsa/rsa_asn1.c | 8 +- src/lib/libssl/src/crypto/rsa/rsa_chk.c | 4 +- src/lib/libssl/src/crypto/rsa/rsa_eay.c | 560 ++-- src/lib/libssl/src/crypto/rsa/rsa_err.c | 23 +- src/lib/libssl/src/crypto/rsa/rsa_gen.c | 160 +- src/lib/libssl/src/crypto/rsa/rsa_lib.c | 130 +- src/lib/libssl/src/crypto/rsa/rsa_null.c | 15 +- src/lib/libssl/src/crypto/rsa/rsa_oaep.c | 38 +- src/lib/libssl/src/crypto/rsa/rsa_saos.c | 3 +- src/lib/libssl/src/crypto/rsa/rsa_sign.c | 21 +- src/lib/libssl/src/crypto/rsa/rsa_test.c | 32 +- src/lib/libssl/src/crypto/sha/Makefile | 102 +- src/lib/libssl/src/crypto/sha/asm/sha1-586.pl | 472 +--- src/lib/libssl/src/crypto/sha/asm/sha1-ia64.pl | 346 +-- src/lib/libssl/src/crypto/sha/asm/sha512-sse2.pl | 404 +++ src/lib/libssl/src/crypto/sha/sha.h | 90 +- src/lib/libssl/src/crypto/sha/sha1_one.c | 4 +- src/lib/libssl/src/crypto/sha/sha1dgst.c | 11 +- src/lib/libssl/src/crypto/sha/sha1test.c | 12 +- src/lib/libssl/src/crypto/sha/sha_dgst.c | 3 +- src/lib/libssl/src/crypto/sha/sha_locl.h | 306 +-- src/lib/libssl/src/crypto/sha/sha_one.c | 2 +- src/lib/libssl/src/crypto/sha/shatest.c | 12 +- src/lib/libssl/src/crypto/stack/Makefile | 18 +- src/lib/libssl/src/crypto/stack/safestack.h | 512 +++- src/lib/libssl/src/crypto/stack/stack.c | 29 +- src/lib/libssl/src/crypto/stack/stack.h | 1 + src/lib/libssl/src/crypto/symhacks.h | 129 +- src/lib/libssl/src/crypto/threads/mttest.c | 115 + src/lib/libssl/src/crypto/threads/th-lock.c | 2 +- src/lib/libssl/src/crypto/tmdiff.c | 45 +- src/lib/libssl/src/crypto/tmdiff.h | 22 +- src/lib/libssl/src/crypto/txt_db/Makefile | 14 +- src/lib/libssl/src/crypto/txt_db/txt_db.c | 23 +- src/lib/libssl/src/crypto/txt_db/txt_db.h | 5 +- src/lib/libssl/src/crypto/ui/Makefile | 38 +- src/lib/libssl/src/crypto/ui/ui.h | 20 +- src/lib/libssl/src/crypto/ui/ui_err.c | 9 +- src/lib/libssl/src/crypto/ui/ui_lib.c | 8 +- src/lib/libssl/src/crypto/ui/ui_locl.h | 5 + src/lib/libssl/src/crypto/ui/ui_openssl.c | 48 +- src/lib/libssl/src/crypto/ui/ui_util.c | 2 +- src/lib/libssl/src/crypto/uid.c | 2 +- src/lib/libssl/src/crypto/x509/Makefile | 708 ++--- src/lib/libssl/src/crypto/x509/by_dir.c | 10 +- src/lib/libssl/src/crypto/x509/x509.h | 140 +- src/lib/libssl/src/crypto/x509/x509_att.c | 45 +- src/lib/libssl/src/crypto/x509/x509_cmp.c | 59 +- src/lib/libssl/src/crypto/x509/x509_err.c | 19 +- src/lib/libssl/src/crypto/x509/x509_lu.c | 30 +- src/lib/libssl/src/crypto/x509/x509_r2x.c | 6 +- src/lib/libssl/src/crypto/x509/x509_req.c | 49 +- src/lib/libssl/src/crypto/x509/x509_trs.c | 4 +- src/lib/libssl/src/crypto/x509/x509_txt.c | 10 +- src/lib/libssl/src/crypto/x509/x509_v3.c | 10 +- src/lib/libssl/src/crypto/x509/x509_vfy.c | 481 +++- src/lib/libssl/src/crypto/x509/x509_vfy.h | 143 +- src/lib/libssl/src/crypto/x509/x509spki.c | 3 +- src/lib/libssl/src/crypto/x509/x509type.c | 6 + src/lib/libssl/src/crypto/x509/x_all.c | 137 +- src/lib/libssl/src/crypto/x509v3/Makefile | 920 +++---- src/lib/libssl/src/crypto/x509v3/ext_dat.h | 13 + src/lib/libssl/src/crypto/x509v3/v3_akey.c | 190 +- src/lib/libssl/src/crypto/x509v3/v3_alt.c | 289 +- src/lib/libssl/src/crypto/x509v3/v3_bcons.c | 2 +- src/lib/libssl/src/crypto/x509v3/v3_bitst.c | 14 +- src/lib/libssl/src/crypto/x509v3/v3_conf.c | 73 +- src/lib/libssl/src/crypto/x509v3/v3_cpols.c | 24 +- src/lib/libssl/src/crypto/x509v3/v3_crld.c | 2 +- src/lib/libssl/src/crypto/x509v3/v3_enum.c | 2 +- src/lib/libssl/src/crypto/x509v3/v3_extku.c | 8 +- src/lib/libssl/src/crypto/x509v3/v3_ia5.c | 2 +- src/lib/libssl/src/crypto/x509v3/v3_info.c | 17 +- src/lib/libssl/src/crypto/x509v3/v3_int.c | 17 +- src/lib/libssl/src/crypto/x509v3/v3_lib.c | 7 +- src/lib/libssl/src/crypto/x509v3/v3_ocsp.c | 22 +- src/lib/libssl/src/crypto/x509v3/v3_pci.c | 31 +- src/lib/libssl/src/crypto/x509v3/v3_pku.c | 2 +- src/lib/libssl/src/crypto/x509v3/v3_prn.c | 5 +- src/lib/libssl/src/crypto/x509v3/v3_purp.c | 18 +- src/lib/libssl/src/crypto/x509v3/v3_skey.c | 10 +- src/lib/libssl/src/crypto/x509v3/v3_sxnet.c | 6 +- src/lib/libssl/src/crypto/x509v3/v3_utl.c | 343 ++- src/lib/libssl/src/crypto/x509v3/v3err.c | 52 +- src/lib/libssl/src/crypto/x509v3/x509v3.h | 281 +- src/lib/libssl/src/demos/easy_tls/easy-tls.c | 4 +- .../engines/cluster_labs/hw_cluster_labs_err.h | 4 + .../libssl/src/demos/engines/ibmca/hw_ibmca_err.h | 4 + .../libssl/src/demos/engines/zencod/hw_zencod.c | 4 +- .../src/demos/engines/zencod/hw_zencod_err.h | 4 + src/lib/libssl/src/demos/tunala/autoungunk.sh | 10 +- src/lib/libssl/src/demos/tunala/cb.c | 10 + src/lib/libssl/src/demos/tunala/configure.in | 1 + src/lib/libssl/src/demos/tunala/tunala.c | 28 +- src/lib/libssl/src/demos/tunala/tunala.h | 1 + src/lib/libssl/src/doc/HOWTO/certificates.txt | 11 +- src/lib/libssl/src/doc/apps/asn1parse.pod | 42 + src/lib/libssl/src/doc/apps/ca.pod | 72 +- src/lib/libssl/src/doc/apps/ciphers.pod | 56 +- src/lib/libssl/src/doc/apps/config.pod | 7 + src/lib/libssl/src/doc/apps/dgst.pod | 5 + src/lib/libssl/src/doc/apps/enc.pod | 8 + src/lib/libssl/src/doc/apps/ocsp.pod | 8 +- src/lib/libssl/src/doc/apps/openssl.pod | 16 + src/lib/libssl/src/doc/apps/req.pod | 10 + src/lib/libssl/src/doc/apps/rsautl.pod | 2 +- src/lib/libssl/src/doc/apps/s_client.pod | 49 +- src/lib/libssl/src/doc/apps/s_server.pod | 44 + src/lib/libssl/src/doc/apps/smime.pod | 11 +- src/lib/libssl/src/doc/apps/verify.pod | 2 +- src/lib/libssl/src/doc/apps/x509.pod | 28 +- src/lib/libssl/src/doc/c-indentation.el | 1 + .../libssl/src/doc/crypto/ASN1_STRING_print_ex.pod | 4 +- src/lib/libssl/src/doc/crypto/BIO_f_base64.pod | 2 +- src/lib/libssl/src/doc/crypto/BIO_set_callback.pod | 2 +- src/lib/libssl/src/doc/crypto/BN_add_word.pod | 10 +- src/lib/libssl/src/doc/crypto/BN_new.pod | 2 +- .../libssl/src/doc/crypto/CONF_modules_free.pod | 4 +- src/lib/libssl/src/doc/crypto/DH_set_method.pod | 2 +- src/lib/libssl/src/doc/crypto/DSA_set_method.pod | 2 +- src/lib/libssl/src/doc/crypto/EVP_BytesToKey.pod | 2 +- src/lib/libssl/src/doc/crypto/EVP_DigestInit.pod | 2 +- src/lib/libssl/src/doc/crypto/EVP_SealInit.pod | 6 +- src/lib/libssl/src/doc/crypto/PKCS12_create.pod | 18 + src/lib/libssl/src/doc/crypto/PKCS7_sign.pod | 24 +- src/lib/libssl/src/doc/crypto/RAND_bytes.pod | 3 + src/lib/libssl/src/doc/crypto/RAND_egd.pod | 2 +- .../libssl/src/doc/crypto/RAND_set_rand_method.pod | 2 +- .../libssl/src/doc/crypto/RSA_get_ex_new_index.pod | 12 +- src/lib/libssl/src/doc/crypto/RSA_set_method.pod | 2 +- src/lib/libssl/src/doc/crypto/RSA_sign.pod | 4 +- .../libssl/src/doc/crypto/SMIME_write_PKCS7.pod | 14 +- .../libssl/src/doc/crypto/X509_NAME_print_ex.pod | 4 +- src/lib/libssl/src/doc/crypto/bn.pod | 25 +- src/lib/libssl/src/doc/crypto/bn_internal.pod | 14 +- src/lib/libssl/src/doc/crypto/d2i_X509.pod | 6 +- src/lib/libssl/src/doc/crypto/d2i_X509_CRL.pod | 2 +- src/lib/libssl/src/doc/crypto/d2i_X509_REQ.pod | 2 +- src/lib/libssl/src/doc/crypto/des_modes.pod | 4 +- src/lib/libssl/src/doc/crypto/engine.pod | 212 +- src/lib/libssl/src/doc/crypto/md5.pod | 22 +- src/lib/libssl/src/doc/crypto/mdc2.pod | 8 +- src/lib/libssl/src/doc/crypto/ripemd.pod | 10 +- src/lib/libssl/src/doc/crypto/sha.pod | 8 +- src/lib/libssl/src/doc/openssl.txt | 27 +- src/lib/libssl/src/doc/ssl/SSL_CTX_set_options.pod | 9 + .../src/doc/ssl/SSL_CTX_set_tmp_rsa_callback.pod | 2 +- .../libssl/src/doc/ssl/SSL_CTX_use_certificate.pod | 12 + .../libssl/src/doc/ssl/SSL_SESSION_get_time.pod | 2 +- src/lib/libssl/src/doc/ssleay.txt | 2 +- src/lib/libssl/src/doc/standards.txt | 22 +- src/lib/libssl/src/e_os.h | 128 +- src/lib/libssl/src/e_os2.h | 19 +- src/lib/libssl/src/engines/makeengines.com | 902 +++++++ src/lib/libssl/src/install.com | 12 +- src/lib/libssl/src/makevms.com | 113 +- src/lib/libssl/src/ms/README | 5 - src/lib/libssl/src/ms/applink.c | 94 + src/lib/libssl/src/ms/do_masm.bat | 146 +- src/lib/libssl/src/ms/do_ms.bat | 17 +- src/lib/libssl/src/ms/do_nasm.bat | 150 +- src/lib/libssl/src/ms/do_nt.bat | 8 +- src/lib/libssl/src/ms/do_win64a.bat | 9 + src/lib/libssl/src/ms/do_win64i.bat | 9 + src/lib/libssl/src/ms/mingw32.bat | 184 +- src/lib/libssl/src/ms/test.bat | 4 - src/lib/libssl/src/ms/uplink.c | 116 + src/lib/libssl/src/ms/uplink.h | 29 + src/lib/libssl/src/ms/uplink.pl | 204 ++ src/lib/libssl/src/ms/x86asm.bat | 120 +- src/lib/libssl/src/openssl.spec | 6 +- src/lib/libssl/src/shlib/Makefile.hpux10-cc | 2 +- src/lib/libssl/src/shlib/hpux10-cc.sh | 12 +- src/lib/libssl/src/ssl/Makefile | 1527 +++++------ src/lib/libssl/src/ssl/bio_ssl.c | 6 +- src/lib/libssl/src/ssl/install.com | 2 +- src/lib/libssl/src/ssl/kssl.c | 56 +- src/lib/libssl/src/ssl/s23_clnt.c | 63 +- src/lib/libssl/src/ssl/s23_lib.c | 62 +- src/lib/libssl/src/ssl/s23_meth.c | 39 +- src/lib/libssl/src/ssl/s23_srvr.c | 36 +- src/lib/libssl/src/ssl/s2_clnt.c | 45 +- src/lib/libssl/src/ssl/s2_enc.c | 11 +- src/lib/libssl/src/ssl/s2_lib.c | 131 +- src/lib/libssl/src/ssl/s2_meth.c | 26 +- src/lib/libssl/src/ssl/s2_srvr.c | 46 +- src/lib/libssl/src/ssl/s3_both.c | 41 +- src/lib/libssl/src/ssl/s3_clnt.c | 1021 ++++++- src/lib/libssl/src/ssl/s3_enc.c | 43 +- src/lib/libssl/src/ssl/s3_lib.c | 1594 ++++++++--- src/lib/libssl/src/ssl/s3_meth.c | 26 +- src/lib/libssl/src/ssl/s3_pkt.c | 49 +- src/lib/libssl/src/ssl/s3_srvr.c | 937 ++++++- src/lib/libssl/src/ssl/ssl-lib.com | 2 + src/lib/libssl/src/ssl/ssl.h | 330 ++- src/lib/libssl/src/ssl/ssl3.h | 41 +- src/lib/libssl/src/ssl/ssl_algs.c | 21 + src/lib/libssl/src/ssl/ssl_asn1.c | 124 +- src/lib/libssl/src/ssl/ssl_cert.c | 243 +- src/lib/libssl/src/ssl/ssl_ciph.c | 379 ++- src/lib/libssl/src/ssl/ssl_err.c | 67 +- src/lib/libssl/src/ssl/ssl_lib.c | 410 ++- src/lib/libssl/src/ssl/ssl_locl.h | 441 ++- src/lib/libssl/src/ssl/ssl_rsa.c | 112 +- src/lib/libssl/src/ssl/ssl_sess.c | 189 +- src/lib/libssl/src/ssl/ssl_stat.c | 4 + src/lib/libssl/src/ssl/ssl_txt.c | 21 +- src/lib/libssl/src/ssl/ssltest.c | 256 +- src/lib/libssl/src/ssl/t1_clnt.c | 26 +- src/lib/libssl/src/ssl/t1_enc.c | 80 +- src/lib/libssl/src/ssl/t1_lib.c | 799 +++++- src/lib/libssl/src/ssl/t1_meth.c | 28 +- src/lib/libssl/src/ssl/t1_srvr.c | 26 +- src/lib/libssl/src/ssl/tls1.h | 216 +- src/lib/libssl/src/test/CAss.cnf | 45 +- src/lib/libssl/src/test/Makefile | 725 ++--- src/lib/libssl/src/test/bctest | 2 +- src/lib/libssl/src/test/evptests.txt | 245 +- src/lib/libssl/src/test/maketests.com | 6 +- src/lib/libssl/src/test/tcrl | 7 - src/lib/libssl/src/test/testca | 6 +- src/lib/libssl/src/test/testenc | 16 +- src/lib/libssl/src/test/tests.com | 15 +- src/lib/libssl/src/test/tpkcs7 | 7 - src/lib/libssl/src/test/tpkcs7d | 7 - src/lib/libssl/src/test/treq | 9 +- src/lib/libssl/src/test/trsa | 7 - src/lib/libssl/src/test/tsid | 7 - src/lib/libssl/src/test/tx509 | 7 - src/lib/libssl/src/tools/Makefile | 7 +- src/lib/libssl/src/util/ck_errf.pl | 13 +- src/lib/libssl/src/util/clean-depend.pl | 7 +- src/lib/libssl/src/util/cygwin.sh | 22 +- src/lib/libssl/src/util/domd | 2 +- src/lib/libssl/src/util/libeay.num | 915 ++++++- src/lib/libssl/src/util/mk1mf.pl | 590 ++-- src/lib/libssl/src/util/mkdef.pl | 142 +- src/lib/libssl/src/util/mkdir-p.pl | 1 + src/lib/libssl/src/util/mkerr.pl | 135 +- src/lib/libssl/src/util/mkfiles.pl | 17 +- src/lib/libssl/src/util/mklink.pl | 1 - src/lib/libssl/src/util/mkstack.pl | 1 + src/lib/libssl/src/util/opensslwrap.sh | 4 + src/lib/libssl/src/util/pl/BC-32.pl | 13 +- src/lib/libssl/src/util/pl/Mingw32.pl | 17 +- src/lib/libssl/src/util/pl/OS2-EMX.pl | 11 +- src/lib/libssl/src/util/pl/VC-32.pl | 294 +- src/lib/libssl/src/util/pl/linux.pl | 11 +- src/lib/libssl/src/util/pl/ultrix.pl | 11 +- src/lib/libssl/src/util/pl/unix.pl | 9 +- src/lib/libssl/src/util/shlib_wrap.sh | 33 +- src/lib/libssl/src/util/ssleay.num | 28 +- src/lib/libssl/test/Makefile | 725 ++--- src/lib/libssl/test/evptests.txt | 245 +- src/lib/libssl/test/maketests.com | 6 +- src/lib/libssl/test/tests.com | 15 +- 917 files changed, 67097 insertions(+), 31357 deletions(-) create mode 100644 src/lib/libcrypto/bn/asm/mo-586.pl create mode 100644 src/lib/libcrypto/ec/ec2_smpt.c create mode 100644 src/lib/libcrypto/engine/eng_cryptodev.c create mode 100644 src/lib/libcrypto/pqueue/pq_compat.h create mode 100644 src/lib/libcrypto/sha/asm/sha512-sse2.pl create mode 100644 src/lib/libssl/src/ChangeLog.0_9_7-stable_not-in-head create mode 100644 src/lib/libssl/src/ChangeLog.0_9_7-stable_not-in-head_FIPS create mode 100644 src/lib/libssl/src/Netware/build.bat create mode 100644 src/lib/libssl/src/Netware/cpy_tests.bat create mode 100644 src/lib/libssl/src/Netware/do_tests.pl create mode 100644 src/lib/libssl/src/Netware/globals.txt create mode 100644 src/lib/libssl/src/Netware/readme.txt create mode 100644 src/lib/libssl/src/Netware/set_env.bat create mode 100644 src/lib/libssl/src/crypto/bn/asm/mo-586.pl create mode 100644 src/lib/libssl/src/crypto/ec/ec2_smpt.c create mode 100644 src/lib/libssl/src/crypto/engine/eng_cryptodev.c create mode 100644 src/lib/libssl/src/crypto/engine/eng_padlock.c create mode 100644 src/lib/libssl/src/crypto/pqueue/pq_compat.h create mode 100644 src/lib/libssl/src/crypto/sha/asm/sha512-sse2.pl create mode 100644 src/lib/libssl/src/engines/makeengines.com create mode 100644 src/lib/libssl/src/ms/applink.c create mode 100755 src/lib/libssl/src/ms/do_win64a.bat create mode 100755 src/lib/libssl/src/ms/do_win64i.bat create mode 100644 src/lib/libssl/src/ms/uplink.c create mode 100644 src/lib/libssl/src/ms/uplink.h create mode 100755 src/lib/libssl/src/ms/uplink.pl diff --git a/src/lib/libcrypto/Attic/Makefile b/src/lib/libcrypto/Attic/Makefile index cda9de0ac9..bb8eaa036c 100644 --- a/src/lib/libcrypto/Attic/Makefile +++ b/src/lib/libcrypto/Attic/Makefile @@ -6,43 +6,41 @@ DIR= crypto TOP= .. CC= cc INCLUDE= -I. -I$(TOP) -I../include +# INCLUDES targets sudbirs! INCLUDES= -I.. -I../.. -I../../include CFLAG= -g -INSTALL_PREFIX= -OPENSSLDIR= /usr/local/ssl -INSTALLTOP= /usr/local/ssl MAKEDEPPROG= makedepend MAKEDEPEND= $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG) MAKEFILE= Makefile RM= rm -f AR= ar r +RECURSIVE_MAKE= [ -n "$(SDIRS)" ] && for i in $(SDIRS) ; do \ + (cd $$i && echo "making $$target in $(DIR)/$$i..." && \ + $(MAKE) -e TOP=../.. DIR=$$i INCLUDES='${INCLUDES}' $$target ) || exit 1; \ + done; + PEX_LIBS= EX_LIBS= CFLAGS= $(INCLUDE) $(CFLAG) - +ASFLAGS= $(INCLUDE) $(ASFLAG) +AFLAGS=$(ASFLAGS) LIBS= -SDIRS= md2 md5 sha mdc2 hmac ripemd \ - des rc2 rc4 rc5 idea bf cast \ - bn ec rsa dsa dh dso engine aes \ - buffer bio stack lhash rand err objects \ - evp asn1 pem x509 x509v3 conf txt_db pkcs7 pkcs12 comp ocsp ui krb5 - GENERAL=Makefile README crypto-lib.com install.com LIB= $(TOP)/libcrypto.a SHARED_LIB= libcrypto$(SHLIB_EXT) -LIBSRC= cryptlib.c mem.c mem_clr.c mem_dbg.c cversion.c ex_data.c tmdiff.c cpt_err.c ebcdic.c uid.c o_time.c o_str.c -LIBOBJ= cryptlib.o mem.o mem_clr.o mem_dbg.o cversion.o ex_data.o tmdiff.o cpt_err.o ebcdic.o uid.o o_time.o o_str.o +LIBSRC= cryptlib.c mem.c mem_clr.c mem_dbg.c cversion.c ex_data.c tmdiff.c cpt_err.c ebcdic.c uid.c o_time.c o_str.c o_dir.c +LIBOBJ= cryptlib.o mem.o mem_clr.o mem_dbg.o cversion.o ex_data.o tmdiff.o cpt_err.o ebcdic.o uid.o o_time.o o_str.o o_dir.o $(CPUID_OBJ) SRC= $(LIBSRC) EXHEADER= crypto.h tmdiff.h opensslv.h opensslconf.h ebcdic.h symhacks.h \ ossl_typ.h -HEADER= cryptlib.h buildinf.h md32_common.h o_time.h o_str.h $(EXHEADER) +HEADER= cryptlib.h buildinf.h md32_common.h o_time.h o_str.h o_dir.h $(EXHEADER) ALL= $(GENERAL) $(SRC) $(HEADER) @@ -59,148 +57,136 @@ buildinf.h: ../Makefile echo " #define DATE \"`LC_ALL=C LC_TIME=C date`\""; \ echo '#endif' ) >buildinf.h +x86cpuid-elf.s: x86cpuid.pl perlasm/x86asm.pl + $(PERL) x86cpuid.pl elf $(CFLAGS) $(PROCESSOR) > $@ +x86cpuid-cof.s: x86cpuid.pl perlasm/x86asm.pl + $(PERL) x86cpuid.pl coff $(CFLAGS) $(PROCESSOR) > $@ +x86cpuid-out.s: x86cpuid.pl perlasm/x86asm.pl + $(PERL) x86cpuid.pl a.out $(CFLAGS) $(PROCESSOR) > $@ + +uplink.o: ../ms/uplink.c + $(CC) $(CFLAGS) -c -o $@ ../ms/uplink.c + +uplink-cof.s: ../ms/uplink.pl + $(PERL) ../ms/uplink.pl coff > $@ + +x86_64cpuid.s: x86_64cpuid.pl + $(PERL) x86_64cpuid.pl $@ +ia64cpuid.s: ia64cpuid.S + $(CC) $(CFLAGS) -E ia64cpuid.S > $@ + testapps: - if echo ${SDIRS} | fgrep ' des '; \ - then cd des && $(MAKE) CC='$(CC)' INCLUDES='${INCLUDES}' CFLAG='${CFLAG}' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' BN_ASM='${BN_ASM}' DES_ENC='${DES_ENC}' SHA1_ASM_OBJ='${SHA1_ASM_OBJ}' MD5_ASM_OBJ='${MD5_ASM_OBJ}' RMD160_ASM_OBJ='${RMD160_ASM_OBJ}' BF_ENC='${BF_ENC}' CAST_ENC='${CAST_ENC}' RC4_ENC='${RC4_ENC}' RC5_ENC='${RC5_ENC}' AR='${AR}' PROCESSOR='${PROCESSOR}' PERL='${PERL}' RANLIB='${RANLIB}' des; fi - cd pkcs7 && $(MAKE) CC='$(CC)' INCLUDES='${INCLUDES}' CFLAG='${CFLAG}' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' BN_ASM='${BN_ASM}' DES_ENC='${DES_ENC}' SHA1_ASM_OBJ='${SHA1_ASM_OBJ}' MD5_ASM_OBJ='${MD5_ASM_OBJ}' RMD160_ASM_OBJ='${RMD160_ASM_OBJ}' BF_ENC='${BF_ENC}' CAST_ENC='${CAST_ENC}' RC4_ENC='${RC4_ENC}' RC5_ENC='${RC5_ENC}' AR='${AR}' PROCESSOR='${PROCESSOR}' PERL='${PERL}' RANLIB='${RANLIB}' testapps + [ -z "$(THIS)" ] || ( if echo ${SDIRS} | fgrep ' des '; \ + then cd des && $(MAKE) -e des; fi ) + [ -z "$(THIS)" ] || ( cd pkcs7 && $(MAKE) -e testapps ); + @if [ -z "$(THIS)" ]; then $(MAKE) -f $(TOP)/Makefile reflect THIS=$@; fi subdirs: - @for i in $(SDIRS) ;\ - do \ - (cd $$i && echo "making all in crypto/$$i..." && \ - $(MAKE) CC='$(CC)' INCLUDES='${INCLUDES}' CFLAG='${CFLAG}' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' BN_ASM='${BN_ASM}' DES_ENC='${DES_ENC}' SHA1_ASM_OBJ='${SHA1_ASM_OBJ}' MD5_ASM_OBJ='${MD5_ASM_OBJ}' RMD160_ASM_OBJ='${RMD160_ASM_OBJ}' BF_ENC='${BF_ENC}' CAST_ENC='${CAST_ENC}' RC4_ENC='${RC4_ENC}' RC5_ENC='${RC5_ENC}' AR='${AR}' PROCESSOR='${PROCESSOR}' PERL='${PERL}' RANLIB='${RANLIB}' all ) || exit 1; \ - done; + @target=all; $(RECURSIVE_MAKE) files: $(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO - @for i in $(SDIRS) ;\ - do \ - (cd $$i && echo "making 'files' in crypto/$$i..." && \ - $(MAKE) PERL='${PERL}' files ); \ - done; + @target=files; $(RECURSIVE_MAKE) links: @$(PERL) $(TOP)/util/mklink.pl ../include/openssl $(EXHEADER) @$(PERL) $(TOP)/util/mklink.pl ../test $(TEST) @$(PERL) $(TOP)/util/mklink.pl ../apps $(APPS) - @for i in $(SDIRS); do \ - (cd $$i && echo "making links in crypto/$$i..." && \ - $(MAKE) CC='$(CC)' INCLUDES='${INCLUDES}' CFLAG='${CFLAG}' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' BN_ASM='${BN_ASM}' DES_ENC='${DES_ENC}' SHA1_ASM_OBJ='${SHA1_ASM_OBJ}' MD5_ASM_OBJ='${MD5_ASM_OBJ}' RMD160_ASM_OBJ='${RMD160_ASM_OBJ}' BF_ENC='${BF_ENC}' CAST_ENC='${CAST_ENC}' RC4_ENC='${RC4_ENC}' RC5_ENC='${RC5_ENC}' AR='${AR}' PERL='${PERL}' links ); \ - done; + @target=links; $(RECURSIVE_MAKE) -lib: $(LIBOBJ) +# lib: and $(LIB): are splitted to avoid end-less loop +lib: $(LIB) + @touch lib +$(LIB): $(LIBOBJ) $(AR) $(LIB) $(LIBOBJ) $(RANLIB) $(LIB) || echo Never mind. - @touch lib shared: buildinf.h lib subdirs - @if [ -n "$(SHARED_LIBS)" ]; then \ - egrep 'define OPENSSL_FIPS' $(TOP)/include/openssl/opensslconf.h > /dev/null || \ + if [ -n "$(SHARED_LIBS)" ]; then \ (cd ..; $(MAKE) $(SHARED_LIB)); \ fi libs: - @for i in $(SDIRS) ;\ - do \ - (cd $$i && echo "making libs in crypto/$$i..." && \ - $(MAKE) CC='$(CC)' CFLAG='${CFLAG}' INSTALL_PREFIX='${INSTALL_PREFIX}' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' AR='${AR}' lib ); \ - done; - -tests: - @for i in $(SDIRS) ;\ - do \ - (cd $$i && echo "making tests in crypto/$$i..." && \ - $(MAKE) CC='$(CC)' CFLAG='${CFLAG}' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' AR='${AR}' tests ); \ - done; + @target=lib; $(RECURSIVE_MAKE) install: + @[ -n "$(INSTALLTOP)" ] # should be set by top Makefile... @headerlist="$(EXHEADER)"; for i in $$headerlist ;\ do \ (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \ chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \ done; - @for i in $(SDIRS) ;\ - do \ - (cd $$i && echo "making install in crypto/$$i..." && \ - $(MAKE) CC='$(CC)' CFLAG='${CFLAG}' INSTALL_PREFIX='${INSTALL_PREFIX}' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' install ); \ - done; + @target=install; $(RECURSIVE_MAKE) lint: - @for i in $(SDIRS) ;\ - do \ - (cd $$i && echo "making lint in crypto/$$i..." && \ - $(MAKE) CC='$(CC)' CFLAG='${CFLAG}' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' lint ); \ - done; + @target=lint; $(RECURSIVE_MAKE) depend: - if [ ! -f buildinf.h ]; then touch buildinf.h; fi # fake buildinf.h if it does not exist - $(MAKEDEPEND) -- $(CFLAG) $(INCLUDE) $(DEPFLAG) -- $(PROGS) $(LIBSRC) - if [ ! -s buildinf.h ]; then rm buildinf.h; fi - @for i in $(SDIRS) ;\ - do \ - (cd $$i && echo "making depend in crypto/$$i..." && \ - $(MAKE) MAKEFILE='${MAKEFILE}' INCLUDES='${INCLUDES}' CFLAG='${CFLAG}' DEPFLAG='${DEPFLAG}' MAKEDEPPROG='${MAKEDEPPROG}' KRB5_INCLUDES='${KRB5_INCLUDES}' PERL='${PERL}' depend ); \ - done; + @[ -z "$(THIS)" -o -f buildinf.h ] || touch buildinf.h # fake buildinf.h if it does not exist + @[ -z "$(THIS)" ] || $(MAKEDEPEND) -- $(CFLAG) $(INCLUDE) $(DEPFLAG) -- $(PROGS) $(LIBSRC) + @[ -z "$(THIS)" -o -s buildinf.h ] || rm buildinf.h + @[ -z "$(THIS)" ] || (set -e; target=depend; $(RECURSIVE_MAKE) ) + @if [ -z "$(THIS)" ]; then $(MAKE) -f $(TOP)/Makefile reflect THIS=$@; fi clean: - rm -f buildinf.h *.o */*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff - @for i in $(SDIRS) ;\ - do \ - (cd $$i && echo "making clean in crypto/$$i..." && \ - $(MAKE) CC='$(CC)' CFLAG='${CFLAG}' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' clean ); \ - done; + rm -f buildinf.h *.s *.o */*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff + @target=clean; $(RECURSIVE_MAKE) dclean: $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new mv -f Makefile.new $(MAKEFILE) - @for i in $(SDIRS) ;\ - do \ - (cd $$i && echo "making dclean in crypto/$$i..." && \ - $(MAKE) PERL='${PERL}' CC='$(CC)' CFLAG='${CFLAG}' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' dclean ); \ - done; + @target=dclean; $(RECURSIVE_MAKE) # DO NOT DELETE THIS LINE -- make depend depends on it. cpt_err.o: ../include/openssl/bio.h ../include/openssl/crypto.h cpt_err.o: ../include/openssl/e_os2.h ../include/openssl/err.h cpt_err.o: ../include/openssl/lhash.h ../include/openssl/opensslconf.h -cpt_err.o: ../include/openssl/opensslv.h ../include/openssl/safestack.h -cpt_err.o: ../include/openssl/stack.h ../include/openssl/symhacks.h cpt_err.c +cpt_err.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h +cpt_err.o: ../include/openssl/safestack.h ../include/openssl/stack.h +cpt_err.o: ../include/openssl/symhacks.h cpt_err.c cryptlib.o: ../e_os.h ../include/openssl/bio.h ../include/openssl/buffer.h cryptlib.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h cryptlib.o: ../include/openssl/err.h ../include/openssl/lhash.h cryptlib.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h -cryptlib.o: ../include/openssl/safestack.h ../include/openssl/stack.h -cryptlib.o: ../include/openssl/symhacks.h cryptlib.c cryptlib.h +cryptlib.o: ../include/openssl/ossl_typ.h ../include/openssl/safestack.h +cryptlib.o: ../include/openssl/stack.h ../include/openssl/symhacks.h cryptlib.c +cryptlib.o: cryptlib.h cversion.o: ../e_os.h ../include/openssl/bio.h ../include/openssl/buffer.h cversion.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h cversion.o: ../include/openssl/err.h ../include/openssl/lhash.h cversion.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h -cversion.o: ../include/openssl/safestack.h ../include/openssl/stack.h -cversion.o: ../include/openssl/symhacks.h buildinf.h cryptlib.h cversion.c +cversion.o: ../include/openssl/ossl_typ.h ../include/openssl/safestack.h +cversion.o: ../include/openssl/stack.h ../include/openssl/symhacks.h buildinf.h +cversion.o: cryptlib.h cversion.c ebcdic.o: ../include/openssl/e_os2.h ../include/openssl/opensslconf.h ebcdic.c ex_data.o: ../e_os.h ../include/openssl/bio.h ../include/openssl/buffer.h ex_data.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h ex_data.o: ../include/openssl/err.h ../include/openssl/lhash.h ex_data.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h -ex_data.o: ../include/openssl/safestack.h ../include/openssl/stack.h -ex_data.o: ../include/openssl/symhacks.h cryptlib.h ex_data.c +ex_data.o: ../include/openssl/ossl_typ.h ../include/openssl/safestack.h +ex_data.o: ../include/openssl/stack.h ../include/openssl/symhacks.h cryptlib.h +ex_data.o: ex_data.c mem.o: ../e_os.h ../include/openssl/bio.h ../include/openssl/buffer.h mem.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h mem.o: ../include/openssl/err.h ../include/openssl/lhash.h mem.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h -mem.o: ../include/openssl/safestack.h ../include/openssl/stack.h -mem.o: ../include/openssl/symhacks.h cryptlib.h mem.c +mem.o: ../include/openssl/ossl_typ.h ../include/openssl/safestack.h +mem.o: ../include/openssl/stack.h ../include/openssl/symhacks.h cryptlib.h +mem.o: mem.c mem_clr.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h mem_clr.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h -mem_clr.o: ../include/openssl/safestack.h ../include/openssl/stack.h -mem_clr.o: ../include/openssl/symhacks.h mem_clr.c +mem_clr.o: ../include/openssl/ossl_typ.h ../include/openssl/safestack.h +mem_clr.o: ../include/openssl/stack.h ../include/openssl/symhacks.h mem_clr.c mem_dbg.o: ../e_os.h ../include/openssl/bio.h ../include/openssl/buffer.h mem_dbg.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h mem_dbg.o: ../include/openssl/err.h ../include/openssl/lhash.h mem_dbg.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h -mem_dbg.o: ../include/openssl/safestack.h ../include/openssl/stack.h -mem_dbg.o: ../include/openssl/symhacks.h cryptlib.h mem_dbg.c +mem_dbg.o: ../include/openssl/ossl_typ.h ../include/openssl/safestack.h +mem_dbg.o: ../include/openssl/stack.h ../include/openssl/symhacks.h cryptlib.h +mem_dbg.o: mem_dbg.c +o_dir.o: ../e_os.h ../include/openssl/e_os2.h ../include/openssl/opensslconf.h +o_dir.o: LPdir_unix.c o_dir.c o_dir.h o_str.o: ../e_os.h ../include/openssl/e_os2.h ../include/openssl/opensslconf.h o_str.o: o_str.c o_str.h o_time.o: ../include/openssl/e_os2.h ../include/openssl/opensslconf.h o_time.c @@ -209,10 +195,10 @@ tmdiff.o: ../e_os.h ../include/openssl/bio.h ../include/openssl/buffer.h tmdiff.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h tmdiff.o: ../include/openssl/err.h ../include/openssl/lhash.h tmdiff.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h -tmdiff.o: ../include/openssl/safestack.h ../include/openssl/stack.h -tmdiff.o: ../include/openssl/symhacks.h ../include/openssl/tmdiff.h cryptlib.h -tmdiff.o: tmdiff.c +tmdiff.o: ../include/openssl/ossl_typ.h ../include/openssl/safestack.h +tmdiff.o: ../include/openssl/stack.h ../include/openssl/symhacks.h +tmdiff.o: ../include/openssl/tmdiff.h cryptlib.h tmdiff.c uid.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h uid.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h -uid.o: ../include/openssl/safestack.h ../include/openssl/stack.h -uid.o: ../include/openssl/symhacks.h uid.c +uid.o: ../include/openssl/ossl_typ.h ../include/openssl/safestack.h +uid.o: ../include/openssl/stack.h ../include/openssl/symhacks.h uid.c diff --git a/src/lib/libcrypto/aes/Makefile b/src/lib/libcrypto/aes/Makefile index a37c6f66a2..22c7203dbb 100644 --- a/src/lib/libcrypto/aes/Makefile +++ b/src/lib/libcrypto/aes/Makefile @@ -8,16 +8,14 @@ CC= cc CPP= $(CC) -E INCLUDES= CFLAG=-g -INSTALL_PREFIX= -OPENSSLDIR= /usr/local/ssl -INSTALLTOP= /usr/local/ssl -MAKEDEPPROG= makedepend -MAKEDEPEND= $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG) MAKEFILE= Makefile AR= ar r -# CFLAGS= -mpentiumpro $(INCLUDES) $(CFLAG) -O3 -fexpensive-optimizations -funroll-loops -fforce-addr +AES_ASM_OBJ=aes_core.o aes_cbc.o + CFLAGS= $(INCLUDES) $(CFLAG) +ASFLAGS= $(INCLUDES) $(ASFLAG) +AFLAGS= $(ASFLAGS) GENERAL=Makefile #TEST=aestest.c @@ -25,8 +23,10 @@ TEST= APPS= LIB=$(TOP)/libcrypto.a -LIBSRC=aes_core.c aes_misc.c aes_ecb.c aes_cbc.c aes_cfb.c aes_ofb.c aes_ctr.c -LIBOBJ=aes_core.o aes_misc.o aes_ecb.o aes_cbc.o aes_cfb.o aes_ofb.o aes_ctr.o +LIBSRC=aes_core.c aes_misc.c aes_ecb.c aes_cbc.c aes_cfb.c aes_ofb.c \ + aes_ctr.c aes_ige.c aes_wrap.c +LIBOBJ=aes_misc.o aes_ecb.o aes_cfb.o aes_ofb.o aes_ctr.o aes_ige.o aes_wrap.o \ + $(AES_ASM_OBJ) SRC= $(LIBSRC) @@ -47,6 +47,19 @@ lib: $(LIBOBJ) $(LIBOBJ): $(LIBSRC) +aes-ia64.s: asm/aes-ia64.S + $(CC) $(CFLAGS) -E asm/aes-ia64.S > $@ + +ax86-elf.s: asm/aes-586.pl ../perlasm/x86asm.pl + (cd asm; $(PERL) aes-586.pl elf $(CFLAGS) $(PROCESSOR) > ../$@) +ax86-cof.s: asm/aes-586.pl ../perlasm/x86asm.pl + (cd asm; $(PERL) aes-586.pl coff $(CFLAGS) $(PROCESSOR) > ../$@) +ax86-out.s: asm/aes-586.pl ../perlasm/x86asm.pl + (cd asm; $(PERL) aes-586.pl a.out $(CFLAGS) $(PROCESSOR) > ../$@) + +aes-x86_64.s: asm/aes-x86_64.pl + $(PERL) asm/aes-x86_64.pl $@ + files: $(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO @@ -55,9 +68,8 @@ links: @$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST) @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS) -install: installs - -installs: +install: + @[ -n "$(INSTALLTOP)" ] # should be set by top Makefile... @headerlist="$(EXHEADER)"; for i in $$headerlist ; \ do \ (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \ @@ -73,6 +85,7 @@ lint: lint -DLINT $(INCLUDES) $(SRC)>fluff depend: + @[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile... $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC) dclean: @@ -80,7 +93,7 @@ dclean: mv -f Makefile.new $(MAKEFILE) clean: - rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff + rm -f *.s *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff # DO NOT DELETE THIS LINE -- make depend depends on it. @@ -90,14 +103,28 @@ aes_cfb.o: ../../e_os.h ../../include/openssl/aes.h aes_cfb.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h aes_cfb.o: aes_cfb.c aes_locl.h aes_core.o: ../../include/openssl/aes.h ../../include/openssl/e_os2.h -aes_core.o: ../../include/openssl/fips.h ../../include/openssl/opensslconf.h -aes_core.o: aes_core.c aes_locl.h +aes_core.o: ../../include/openssl/opensslconf.h aes_core.c aes_locl.h aes_ctr.o: ../../include/openssl/aes.h ../../include/openssl/e_os2.h aes_ctr.o: ../../include/openssl/opensslconf.h aes_ctr.c aes_locl.h aes_ecb.o: ../../include/openssl/aes.h ../../include/openssl/e_os2.h aes_ecb.o: ../../include/openssl/opensslconf.h aes_ecb.c aes_locl.h +aes_ige.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/bio.h +aes_ige.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h +aes_ige.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h +aes_ige.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h +aes_ige.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +aes_ige.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +aes_ige.o: ../../include/openssl/symhacks.h ../cryptlib.h aes_ige.c aes_locl.h aes_misc.o: ../../include/openssl/aes.h ../../include/openssl/e_os2.h aes_misc.o: ../../include/openssl/opensslconf.h aes_misc.o: ../../include/openssl/opensslv.h aes_locl.h aes_misc.c aes_ofb.o: ../../include/openssl/aes.h ../../include/openssl/e_os2.h aes_ofb.o: ../../include/openssl/opensslconf.h aes_locl.h aes_ofb.c +aes_wrap.o: ../../e_os.h ../../include/openssl/aes.h +aes_wrap.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h +aes_wrap.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h +aes_wrap.o: ../../include/openssl/err.h ../../include/openssl/lhash.h +aes_wrap.o: ../../include/openssl/opensslconf.h +aes_wrap.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +aes_wrap.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +aes_wrap.o: ../../include/openssl/symhacks.h ../cryptlib.h aes_wrap.c diff --git a/src/lib/libcrypto/asn1/Makefile b/src/lib/libcrypto/asn1/Makefile index d1c2d8f490..63066899d0 100644 --- a/src/lib/libcrypto/asn1/Makefile +++ b/src/lib/libcrypto/asn1/Makefile @@ -7,11 +7,6 @@ TOP= ../.. CC= cc INCLUDES= -I.. -I$(TOP) -I../../include CFLAG=-g -INSTALL_PREFIX= -OPENSSLDIR= /usr/local/ssl -INSTALLTOP=/usr/local/ssl -MAKEDEPPROG= makedepend -MAKEDEPEND= $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG) MAKEFILE= Makefile AR= ar r @@ -31,8 +26,8 @@ LIBSRC= a_object.c a_bitstr.c a_utctm.c a_gentm.c a_time.c a_int.c a_octet.c \ t_req.c t_x509.c t_x509a.c t_crl.c t_pkey.c t_spki.c t_bitst.c \ tasn_new.c tasn_fre.c tasn_enc.c tasn_dec.c tasn_utl.c tasn_typ.c \ f_int.c f_string.c n_pkey.c \ - f_enum.c a_hdr.c x_pkey.c a_bool.c x_exten.c \ - asn1_par.c asn1_lib.c asn1_err.c a_meth.c a_bytes.c a_strnid.c \ + f_enum.c a_hdr.c x_pkey.c a_bool.c x_exten.c asn_mime.c \ + asn1_gen.c asn1_par.c asn1_lib.c asn1_err.c a_meth.c a_bytes.c a_strnid.c \ evp_asn1.c asn_pack.c p5_pbe.c p5_pbev2.c p8_pkey.c asn_moid.c LIBOBJ= a_object.o a_bitstr.o a_utctm.o a_gentm.o a_time.o a_int.o a_octet.o \ a_print.o a_type.o a_set.o a_dup.o a_d2i_fp.o a_i2d_fp.o \ @@ -43,8 +38,8 @@ LIBOBJ= a_object.o a_bitstr.o a_utctm.o a_gentm.o a_time.o a_int.o a_octet.o \ t_req.o t_x509.o t_x509a.o t_crl.o t_pkey.o t_spki.o t_bitst.o \ tasn_new.o tasn_fre.o tasn_enc.o tasn_dec.o tasn_utl.o tasn_typ.o \ f_int.o f_string.o n_pkey.o \ - f_enum.o a_hdr.o x_pkey.o a_bool.o x_exten.o \ - asn1_par.o asn1_lib.o asn1_err.o a_meth.o a_bytes.o a_strnid.o \ + f_enum.o a_hdr.o x_pkey.o a_bool.o x_exten.o asn_mime.o \ + asn1_gen.o asn1_par.o asn1_lib.o asn1_err.o a_meth.o a_bytes.o a_strnid.o \ evp_asn1.o asn_pack.o p5_pbe.o p5_pbev2.o p8_pkey.o asn_moid.o SRC= $(LIBSRC) @@ -81,6 +76,7 @@ links: @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS) install: + @[ -n "$(INSTALLTOP)" ] # should be set by top Makefile... @headerlist="$(EXHEADER)"; for i in $$headerlist ; \ do \ (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \ @@ -96,6 +92,7 @@ lint: lint -DLINT $(INCLUDES) $(SRC)>fluff depend: + @[ -n "$(MAKEDEPEND)" ] # should be set by top Makefile... $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC) dclean: @@ -109,69 +106,57 @@ clean: # DO NOT DELETE THIS LINE -- make depend depends on it. a_bitstr.o: ../../e_os.h ../../include/openssl/asn1.h -a_bitstr.o: ../../include/openssl/bio.h ../../include/openssl/bn.h -a_bitstr.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h -a_bitstr.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -a_bitstr.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h +a_bitstr.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h +a_bitstr.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h +a_bitstr.o: ../../include/openssl/err.h ../../include/openssl/lhash.h +a_bitstr.o: ../../include/openssl/opensslconf.h a_bitstr.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h a_bitstr.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h a_bitstr.o: ../../include/openssl/symhacks.h ../cryptlib.h a_bitstr.c a_bool.o: ../../e_os.h ../../include/openssl/asn1.h a_bool.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h -a_bool.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -a_bool.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h -a_bool.o: ../../include/openssl/err.h ../../include/openssl/lhash.h -a_bool.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -a_bool.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h -a_bool.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -a_bool.o: ../cryptlib.h a_bool.c +a_bool.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h +a_bool.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h +a_bool.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h +a_bool.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +a_bool.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +a_bool.o: ../../include/openssl/symhacks.h ../cryptlib.h a_bool.c a_bytes.o: ../../e_os.h ../../include/openssl/asn1.h -a_bytes.o: ../../include/openssl/bio.h ../../include/openssl/bn.h -a_bytes.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h -a_bytes.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -a_bytes.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h -a_bytes.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -a_bytes.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h -a_bytes.o: ../../include/openssl/symhacks.h ../cryptlib.h a_bytes.c +a_bytes.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h +a_bytes.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h +a_bytes.o: ../../include/openssl/err.h ../../include/openssl/lhash.h +a_bytes.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h +a_bytes.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h +a_bytes.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +a_bytes.o: ../cryptlib.h a_bytes.c a_d2i_fp.o: ../../e_os.h ../../include/openssl/asn1.h a_d2i_fp.o: ../../include/openssl/asn1_mac.h ../../include/openssl/bio.h -a_d2i_fp.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -a_d2i_fp.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h -a_d2i_fp.o: ../../include/openssl/err.h ../../include/openssl/lhash.h -a_d2i_fp.o: ../../include/openssl/opensslconf.h +a_d2i_fp.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h +a_d2i_fp.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h +a_d2i_fp.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h a_d2i_fp.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h a_d2i_fp.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h a_d2i_fp.o: ../../include/openssl/symhacks.h ../cryptlib.h a_d2i_fp.c -a_digest.o: ../../e_os.h ../../include/openssl/aes.h -a_digest.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -a_digest.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -a_digest.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -a_digest.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -a_digest.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -a_digest.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -a_digest.o: ../../include/openssl/err.h ../../include/openssl/evp.h -a_digest.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -a_digest.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -a_digest.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h +a_digest.o: ../../e_os.h ../../include/openssl/asn1.h +a_digest.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h +a_digest.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h +a_digest.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h +a_digest.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h +a_digest.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h a_digest.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h a_digest.o: ../../include/openssl/opensslconf.h a_digest.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -a_digest.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -a_digest.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -a_digest.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -a_digest.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -a_digest.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -a_digest.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -a_digest.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -a_digest.o: ../cryptlib.h a_digest.c +a_digest.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h +a_digest.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +a_digest.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h +a_digest.o: ../../include/openssl/x509_vfy.h ../cryptlib.h a_digest.c a_dup.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h -a_dup.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -a_dup.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h -a_dup.o: ../../include/openssl/err.h ../../include/openssl/lhash.h -a_dup.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -a_dup.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h -a_dup.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -a_dup.o: ../cryptlib.h a_dup.c +a_dup.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h +a_dup.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h +a_dup.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h +a_dup.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +a_dup.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +a_dup.o: ../../include/openssl/symhacks.h ../cryptlib.h a_dup.c a_enum.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h a_enum.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h a_enum.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h @@ -181,27 +166,26 @@ a_enum.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h a_enum.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h a_enum.o: ../cryptlib.h a_enum.c a_gentm.o: ../../e_os.h ../../include/openssl/asn1.h -a_gentm.o: ../../include/openssl/bio.h ../../include/openssl/bn.h -a_gentm.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h -a_gentm.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -a_gentm.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h -a_gentm.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -a_gentm.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h -a_gentm.o: ../../include/openssl/symhacks.h ../cryptlib.h ../o_time.h a_gentm.c +a_gentm.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h +a_gentm.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h +a_gentm.o: ../../include/openssl/err.h ../../include/openssl/lhash.h +a_gentm.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h +a_gentm.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h +a_gentm.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +a_gentm.o: ../cryptlib.h ../o_time.h a_gentm.c a_hdr.o: ../../e_os.h ../../include/openssl/asn1.h a_hdr.o: ../../include/openssl/asn1_mac.h ../../include/openssl/bio.h -a_hdr.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -a_hdr.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h -a_hdr.o: ../../include/openssl/err.h ../../include/openssl/lhash.h -a_hdr.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -a_hdr.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h -a_hdr.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -a_hdr.o: ../cryptlib.h a_hdr.c +a_hdr.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h +a_hdr.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h +a_hdr.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h +a_hdr.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +a_hdr.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +a_hdr.o: ../../include/openssl/symhacks.h ../cryptlib.h a_hdr.c a_i2d_fp.o: ../../e_os.h ../../include/openssl/asn1.h -a_i2d_fp.o: ../../include/openssl/bio.h ../../include/openssl/bn.h -a_i2d_fp.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h -a_i2d_fp.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -a_i2d_fp.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h +a_i2d_fp.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h +a_i2d_fp.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h +a_i2d_fp.o: ../../include/openssl/err.h ../../include/openssl/lhash.h +a_i2d_fp.o: ../../include/openssl/opensslconf.h a_i2d_fp.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h a_i2d_fp.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h a_i2d_fp.o: ../../include/openssl/symhacks.h ../cryptlib.h a_i2d_fp.c @@ -214,21 +198,20 @@ a_int.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h a_int.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h a_int.o: ../cryptlib.h a_int.c a_mbstr.o: ../../e_os.h ../../include/openssl/asn1.h -a_mbstr.o: ../../include/openssl/bio.h ../../include/openssl/bn.h -a_mbstr.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h -a_mbstr.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -a_mbstr.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h -a_mbstr.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -a_mbstr.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h -a_mbstr.o: ../../include/openssl/symhacks.h ../cryptlib.h a_mbstr.c +a_mbstr.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h +a_mbstr.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h +a_mbstr.o: ../../include/openssl/err.h ../../include/openssl/lhash.h +a_mbstr.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h +a_mbstr.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h +a_mbstr.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +a_mbstr.o: ../cryptlib.h a_mbstr.c a_meth.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h -a_meth.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -a_meth.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h -a_meth.o: ../../include/openssl/err.h ../../include/openssl/lhash.h -a_meth.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -a_meth.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h -a_meth.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -a_meth.o: ../cryptlib.h a_meth.c +a_meth.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h +a_meth.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h +a_meth.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h +a_meth.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +a_meth.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +a_meth.o: ../../include/openssl/symhacks.h ../cryptlib.h a_meth.c a_object.o: ../../e_os.h ../../include/openssl/asn1.h a_object.o: ../../include/openssl/bio.h ../../include/openssl/bn.h a_object.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h @@ -239,642 +222,492 @@ a_object.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h a_object.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h a_object.o: ../../include/openssl/symhacks.h ../cryptlib.h a_object.c a_octet.o: ../../e_os.h ../../include/openssl/asn1.h -a_octet.o: ../../include/openssl/bio.h ../../include/openssl/bn.h -a_octet.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h -a_octet.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -a_octet.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h -a_octet.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -a_octet.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h -a_octet.o: ../../include/openssl/symhacks.h ../cryptlib.h a_octet.c +a_octet.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h +a_octet.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h +a_octet.o: ../../include/openssl/err.h ../../include/openssl/lhash.h +a_octet.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h +a_octet.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h +a_octet.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +a_octet.o: ../cryptlib.h a_octet.c a_print.o: ../../e_os.h ../../include/openssl/asn1.h -a_print.o: ../../include/openssl/bio.h ../../include/openssl/bn.h -a_print.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h -a_print.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -a_print.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h -a_print.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -a_print.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h -a_print.o: ../../include/openssl/symhacks.h ../cryptlib.h a_print.c +a_print.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h +a_print.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h +a_print.o: ../../include/openssl/err.h ../../include/openssl/lhash.h +a_print.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h +a_print.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h +a_print.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +a_print.o: ../cryptlib.h a_print.c a_set.o: ../../e_os.h ../../include/openssl/asn1.h a_set.o: ../../include/openssl/asn1_mac.h ../../include/openssl/bio.h -a_set.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -a_set.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h -a_set.o: ../../include/openssl/err.h ../../include/openssl/lhash.h -a_set.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -a_set.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h -a_set.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -a_set.o: ../cryptlib.h a_set.c -a_sign.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h -a_sign.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h +a_set.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h +a_set.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h +a_set.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h +a_set.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +a_set.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +a_set.o: ../../include/openssl/symhacks.h ../cryptlib.h a_set.c +a_sign.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h a_sign.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -a_sign.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h -a_sign.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -a_sign.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -a_sign.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -a_sign.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -a_sign.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -a_sign.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -a_sign.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h -a_sign.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -a_sign.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -a_sign.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -a_sign.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -a_sign.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h +a_sign.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h +a_sign.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h +a_sign.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h +a_sign.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h +a_sign.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h +a_sign.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h +a_sign.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h a_sign.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h a_sign.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -a_sign.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h a_sign.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h a_sign.o: ../cryptlib.h a_sign.c -a_strex.o: ../../e_os.h ../../include/openssl/aes.h -a_strex.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -a_strex.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -a_strex.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -a_strex.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -a_strex.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -a_strex.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -a_strex.o: ../../include/openssl/err.h ../../include/openssl/evp.h -a_strex.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -a_strex.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -a_strex.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h +a_strex.o: ../../e_os.h ../../include/openssl/asn1.h +a_strex.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h +a_strex.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h +a_strex.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h +a_strex.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h +a_strex.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h a_strex.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h a_strex.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h a_strex.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h -a_strex.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -a_strex.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h -a_strex.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -a_strex.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -a_strex.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -a_strex.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h -a_strex.o: ../../include/openssl/x509_vfy.h ../cryptlib.h a_strex.c charmap.h +a_strex.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +a_strex.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +a_strex.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +a_strex.o: ../cryptlib.h a_strex.c charmap.h a_strnid.o: ../../e_os.h ../../include/openssl/asn1.h -a_strnid.o: ../../include/openssl/bio.h ../../include/openssl/bn.h -a_strnid.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h -a_strnid.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -a_strnid.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h -a_strnid.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h +a_strnid.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h +a_strnid.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h +a_strnid.o: ../../include/openssl/err.h ../../include/openssl/lhash.h +a_strnid.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h +a_strnid.o: ../../include/openssl/opensslconf.h a_strnid.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h a_strnid.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h a_strnid.o: ../../include/openssl/symhacks.h ../cryptlib.h a_strnid.c a_time.o: ../../e_os.h ../../include/openssl/asn1.h a_time.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h -a_time.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -a_time.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h -a_time.o: ../../include/openssl/err.h ../../include/openssl/lhash.h -a_time.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -a_time.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h -a_time.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -a_time.o: ../cryptlib.h ../o_time.h a_time.c +a_time.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h +a_time.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h +a_time.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h +a_time.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +a_time.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +a_time.o: ../../include/openssl/symhacks.h ../cryptlib.h ../o_time.h a_time.c a_type.o: ../../e_os.h ../../include/openssl/asn1.h a_type.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h -a_type.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -a_type.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h -a_type.o: ../../include/openssl/err.h ../../include/openssl/lhash.h -a_type.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -a_type.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h -a_type.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -a_type.o: ../cryptlib.h a_type.c +a_type.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h +a_type.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h +a_type.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h +a_type.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h +a_type.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +a_type.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +a_type.o: ../../include/openssl/symhacks.h ../cryptlib.h a_type.c a_utctm.o: ../../e_os.h ../../include/openssl/asn1.h -a_utctm.o: ../../include/openssl/bio.h ../../include/openssl/bn.h -a_utctm.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h -a_utctm.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -a_utctm.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h -a_utctm.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -a_utctm.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h -a_utctm.o: ../../include/openssl/symhacks.h ../cryptlib.h ../o_time.h a_utctm.c +a_utctm.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h +a_utctm.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h +a_utctm.o: ../../include/openssl/err.h ../../include/openssl/lhash.h +a_utctm.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h +a_utctm.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h +a_utctm.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +a_utctm.o: ../cryptlib.h ../o_time.h a_utctm.c a_utf8.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h -a_utf8.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -a_utf8.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h -a_utf8.o: ../../include/openssl/err.h ../../include/openssl/lhash.h -a_utf8.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -a_utf8.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h -a_utf8.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -a_utf8.o: ../cryptlib.h a_utf8.c -a_verify.o: ../../e_os.h ../../include/openssl/aes.h -a_verify.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -a_verify.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -a_verify.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -a_verify.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -a_verify.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -a_verify.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h +a_utf8.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h +a_utf8.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h +a_utf8.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h +a_utf8.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +a_utf8.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +a_utf8.o: ../../include/openssl/symhacks.h ../cryptlib.h a_utf8.c +a_verify.o: ../../e_os.h ../../include/openssl/asn1.h +a_verify.o: ../../include/openssl/bio.h ../../include/openssl/bn.h +a_verify.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h +a_verify.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h +a_verify.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h a_verify.o: ../../include/openssl/err.h ../../include/openssl/evp.h -a_verify.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -a_verify.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -a_verify.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h -a_verify.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -a_verify.o: ../../include/openssl/opensslconf.h +a_verify.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h +a_verify.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h a_verify.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -a_verify.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -a_verify.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -a_verify.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -a_verify.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -a_verify.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -a_verify.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -a_verify.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -a_verify.o: ../cryptlib.h a_verify.c +a_verify.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h +a_verify.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +a_verify.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h +a_verify.o: ../../include/openssl/x509_vfy.h ../cryptlib.h a_verify.c asn1_err.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -asn1_err.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h -asn1_err.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -asn1_err.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h +asn1_err.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h +asn1_err.o: ../../include/openssl/err.h ../../include/openssl/lhash.h +asn1_err.o: ../../include/openssl/opensslconf.h asn1_err.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h asn1_err.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h asn1_err.o: ../../include/openssl/symhacks.h asn1_err.c +asn1_gen.o: ../../e_os.h ../../include/openssl/asn1.h +asn1_gen.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h +asn1_gen.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h +asn1_gen.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h +asn1_gen.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h +asn1_gen.o: ../../include/openssl/err.h ../../include/openssl/evp.h +asn1_gen.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h +asn1_gen.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h +asn1_gen.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +asn1_gen.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h +asn1_gen.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +asn1_gen.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h +asn1_gen.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h +asn1_gen.o: ../cryptlib.h asn1_gen.c asn1_lib.o: ../../e_os.h ../../include/openssl/asn1.h asn1_lib.o: ../../include/openssl/asn1_mac.h ../../include/openssl/bio.h -asn1_lib.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -asn1_lib.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h -asn1_lib.o: ../../include/openssl/err.h ../../include/openssl/lhash.h -asn1_lib.o: ../../include/openssl/opensslconf.h +asn1_lib.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h +asn1_lib.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h +asn1_lib.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h asn1_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h asn1_lib.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h asn1_lib.o: ../../include/openssl/symhacks.h ../cryptlib.h asn1_lib.c asn1_par.o: ../../e_os.h ../../include/openssl/asn1.h -asn1_par.o: ../../include/openssl/bio.h ../../include/openssl/bn.h -asn1_par.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h -asn1_par.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -asn1_par.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h -asn1_par.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h +asn1_par.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h +asn1_par.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h +asn1_par.o: ../../include/openssl/err.h ../../include/openssl/lhash.h +asn1_par.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h +asn1_par.o: ../../include/openssl/opensslconf.h asn1_par.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h asn1_par.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h asn1_par.o: ../../include/openssl/symhacks.h ../cryptlib.h asn1_par.c -asn_moid.o: ../../e_os.h ../../include/openssl/aes.h -asn_moid.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -asn_moid.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -asn_moid.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h +asn_mime.o: ../../e_os.h ../../include/openssl/asn1.h +asn_mime.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h +asn_mime.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h +asn_mime.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h +asn_mime.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h +asn_mime.o: ../../include/openssl/err.h ../../include/openssl/evp.h +asn_mime.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h +asn_mime.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h +asn_mime.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +asn_mime.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h +asn_mime.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +asn_mime.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +asn_mime.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +asn_mime.o: ../cryptlib.h asn_mime.c +asn_moid.o: ../../e_os.h ../../include/openssl/asn1.h +asn_moid.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h asn_moid.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h -asn_moid.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -asn_moid.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h asn_moid.o: ../../include/openssl/dso.h ../../include/openssl/e_os2.h -asn_moid.o: ../../include/openssl/err.h ../../include/openssl/evp.h -asn_moid.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -asn_moid.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -asn_moid.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h +asn_moid.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h +asn_moid.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h +asn_moid.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h asn_moid.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h asn_moid.o: ../../include/openssl/opensslconf.h asn_moid.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -asn_moid.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -asn_moid.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -asn_moid.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -asn_moid.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -asn_moid.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -asn_moid.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -asn_moid.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -asn_moid.o: ../cryptlib.h asn_moid.c +asn_moid.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h +asn_moid.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +asn_moid.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h +asn_moid.o: ../../include/openssl/x509_vfy.h ../cryptlib.h asn_moid.c asn_pack.o: ../../e_os.h ../../include/openssl/asn1.h -asn_pack.o: ../../include/openssl/bio.h ../../include/openssl/bn.h -asn_pack.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h -asn_pack.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -asn_pack.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h +asn_pack.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h +asn_pack.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h +asn_pack.o: ../../include/openssl/err.h ../../include/openssl/lhash.h +asn_pack.o: ../../include/openssl/opensslconf.h asn_pack.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h asn_pack.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h asn_pack.o: ../../include/openssl/symhacks.h ../cryptlib.h asn_pack.c -d2i_pr.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h -d2i_pr.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h +d2i_pr.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h d2i_pr.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -d2i_pr.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h -d2i_pr.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -d2i_pr.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -d2i_pr.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -d2i_pr.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -d2i_pr.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -d2i_pr.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -d2i_pr.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h +d2i_pr.o: ../../include/openssl/crypto.h ../../include/openssl/dsa.h +d2i_pr.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h +d2i_pr.o: ../../include/openssl/err.h ../../include/openssl/evp.h +d2i_pr.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h d2i_pr.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h d2i_pr.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -d2i_pr.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -d2i_pr.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h d2i_pr.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -d2i_pr.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -d2i_pr.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -d2i_pr.o: ../../include/openssl/ui_compat.h ../cryptlib.h d2i_pr.c -d2i_pu.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h -d2i_pu.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h +d2i_pr.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +d2i_pr.o: ../cryptlib.h d2i_pr.c +d2i_pu.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h d2i_pu.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -d2i_pu.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h -d2i_pu.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -d2i_pu.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -d2i_pu.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -d2i_pu.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -d2i_pu.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -d2i_pu.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -d2i_pu.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h +d2i_pu.o: ../../include/openssl/crypto.h ../../include/openssl/dsa.h +d2i_pu.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h +d2i_pu.o: ../../include/openssl/err.h ../../include/openssl/evp.h +d2i_pu.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h d2i_pu.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h d2i_pu.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -d2i_pu.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -d2i_pu.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h d2i_pu.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -d2i_pu.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -d2i_pu.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -d2i_pu.o: ../../include/openssl/ui_compat.h ../cryptlib.h d2i_pu.c +d2i_pu.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +d2i_pu.o: ../cryptlib.h d2i_pu.c evp_asn1.o: ../../e_os.h ../../include/openssl/asn1.h evp_asn1.o: ../../include/openssl/asn1_mac.h ../../include/openssl/bio.h -evp_asn1.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -evp_asn1.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h -evp_asn1.o: ../../include/openssl/err.h ../../include/openssl/lhash.h -evp_asn1.o: ../../include/openssl/opensslconf.h +evp_asn1.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h +evp_asn1.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h +evp_asn1.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h evp_asn1.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h evp_asn1.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h evp_asn1.o: ../../include/openssl/symhacks.h ../cryptlib.h evp_asn1.c f_enum.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h -f_enum.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -f_enum.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h -f_enum.o: ../../include/openssl/err.h ../../include/openssl/lhash.h -f_enum.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -f_enum.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h -f_enum.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -f_enum.o: ../cryptlib.h f_enum.c +f_enum.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h +f_enum.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h +f_enum.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h +f_enum.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +f_enum.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +f_enum.o: ../../include/openssl/symhacks.h ../cryptlib.h f_enum.c f_int.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h -f_int.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -f_int.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h -f_int.o: ../../include/openssl/err.h ../../include/openssl/lhash.h -f_int.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -f_int.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h -f_int.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -f_int.o: ../cryptlib.h f_int.c +f_int.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h +f_int.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h +f_int.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h +f_int.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +f_int.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +f_int.o: ../../include/openssl/symhacks.h ../cryptlib.h f_int.c f_string.o: ../../e_os.h ../../include/openssl/asn1.h -f_string.o: ../../include/openssl/bio.h ../../include/openssl/bn.h -f_string.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h -f_string.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -f_string.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h +f_string.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h +f_string.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h +f_string.o: ../../include/openssl/err.h ../../include/openssl/lhash.h +f_string.o: ../../include/openssl/opensslconf.h f_string.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h f_string.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h f_string.o: ../../include/openssl/symhacks.h ../cryptlib.h f_string.c -i2d_pr.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h -i2d_pr.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h +i2d_pr.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h i2d_pr.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -i2d_pr.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h -i2d_pr.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -i2d_pr.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -i2d_pr.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -i2d_pr.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -i2d_pr.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -i2d_pr.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -i2d_pr.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h +i2d_pr.o: ../../include/openssl/crypto.h ../../include/openssl/dsa.h +i2d_pr.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h +i2d_pr.o: ../../include/openssl/err.h ../../include/openssl/evp.h +i2d_pr.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h i2d_pr.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h i2d_pr.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -i2d_pr.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -i2d_pr.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h i2d_pr.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -i2d_pr.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -i2d_pr.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -i2d_pr.o: ../../include/openssl/ui_compat.h ../cryptlib.h i2d_pr.c -i2d_pu.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h -i2d_pu.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h +i2d_pr.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +i2d_pr.o: ../cryptlib.h i2d_pr.c +i2d_pu.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h i2d_pu.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -i2d_pu.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h -i2d_pu.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -i2d_pu.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -i2d_pu.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -i2d_pu.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -i2d_pu.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -i2d_pu.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -i2d_pu.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h +i2d_pu.o: ../../include/openssl/crypto.h ../../include/openssl/dsa.h +i2d_pu.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h +i2d_pu.o: ../../include/openssl/err.h ../../include/openssl/evp.h +i2d_pu.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h i2d_pu.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h i2d_pu.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -i2d_pu.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -i2d_pu.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h i2d_pu.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -i2d_pu.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -i2d_pu.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -i2d_pu.o: ../../include/openssl/ui_compat.h ../cryptlib.h i2d_pu.c -n_pkey.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h +i2d_pu.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +i2d_pu.o: ../cryptlib.h i2d_pu.c +n_pkey.o: ../../e_os.h ../../include/openssl/asn1.h n_pkey.o: ../../include/openssl/asn1_mac.h ../../include/openssl/asn1t.h -n_pkey.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -n_pkey.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -n_pkey.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h -n_pkey.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -n_pkey.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -n_pkey.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -n_pkey.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -n_pkey.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -n_pkey.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -n_pkey.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h -n_pkey.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -n_pkey.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -n_pkey.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -n_pkey.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -n_pkey.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -n_pkey.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -n_pkey.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -n_pkey.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -n_pkey.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -n_pkey.o: ../cryptlib.h n_pkey.c -nsseq.o: ../../include/openssl/aes.h ../../include/openssl/asn1.h -nsseq.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h -nsseq.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -nsseq.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -nsseq.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -nsseq.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -nsseq.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -nsseq.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -nsseq.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -nsseq.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -nsseq.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h +n_pkey.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h +n_pkey.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h +n_pkey.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h +n_pkey.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h +n_pkey.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h +n_pkey.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h +n_pkey.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h +n_pkey.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h +n_pkey.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h +n_pkey.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +n_pkey.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h +n_pkey.o: ../../include/openssl/x509_vfy.h ../cryptlib.h n_pkey.c +nsseq.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h +nsseq.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h +nsseq.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h +nsseq.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h +nsseq.o: ../../include/openssl/ecdsa.h ../../include/openssl/evp.h +nsseq.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h nsseq.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h nsseq.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -nsseq.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -nsseq.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -nsseq.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -nsseq.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -nsseq.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -nsseq.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -nsseq.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h nsseq.c -p5_pbe.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h +nsseq.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h +nsseq.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +nsseq.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h +nsseq.o: ../../include/openssl/x509_vfy.h nsseq.c +p5_pbe.o: ../../e_os.h ../../include/openssl/asn1.h p5_pbe.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h -p5_pbe.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -p5_pbe.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -p5_pbe.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -p5_pbe.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -p5_pbe.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h +p5_pbe.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h +p5_pbe.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h +p5_pbe.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h p5_pbe.o: ../../include/openssl/err.h ../../include/openssl/evp.h -p5_pbe.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -p5_pbe.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -p5_pbe.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h -p5_pbe.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -p5_pbe.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -p5_pbe.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h -p5_pbe.o: ../../include/openssl/rand.h ../../include/openssl/rc2.h -p5_pbe.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -p5_pbe.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h +p5_pbe.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h +p5_pbe.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h +p5_pbe.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +p5_pbe.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h p5_pbe.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h p5_pbe.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -p5_pbe.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h p5_pbe.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h p5_pbe.o: ../cryptlib.h p5_pbe.c -p5_pbev2.o: ../../e_os.h ../../include/openssl/aes.h -p5_pbev2.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h -p5_pbev2.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -p5_pbev2.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -p5_pbev2.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h -p5_pbev2.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -p5_pbev2.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -p5_pbev2.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -p5_pbev2.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -p5_pbev2.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -p5_pbev2.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -p5_pbev2.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h +p5_pbev2.o: ../../e_os.h ../../include/openssl/asn1.h +p5_pbev2.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h +p5_pbev2.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h +p5_pbev2.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h +p5_pbev2.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h +p5_pbev2.o: ../../include/openssl/err.h ../../include/openssl/evp.h +p5_pbev2.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h p5_pbev2.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h p5_pbev2.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h p5_pbev2.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h -p5_pbev2.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -p5_pbev2.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h -p5_pbev2.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -p5_pbev2.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -p5_pbev2.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -p5_pbev2.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h -p5_pbev2.o: ../../include/openssl/x509_vfy.h ../cryptlib.h p5_pbev2.c -p8_pkey.o: ../../e_os.h ../../include/openssl/aes.h -p8_pkey.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h -p8_pkey.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -p8_pkey.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -p8_pkey.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h -p8_pkey.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -p8_pkey.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -p8_pkey.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -p8_pkey.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -p8_pkey.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -p8_pkey.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -p8_pkey.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h +p5_pbev2.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +p5_pbev2.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +p5_pbev2.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +p5_pbev2.o: ../cryptlib.h p5_pbev2.c +p8_pkey.o: ../../e_os.h ../../include/openssl/asn1.h +p8_pkey.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h +p8_pkey.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h +p8_pkey.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h +p8_pkey.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h +p8_pkey.o: ../../include/openssl/err.h ../../include/openssl/evp.h +p8_pkey.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h p8_pkey.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h p8_pkey.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -p8_pkey.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -p8_pkey.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -p8_pkey.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -p8_pkey.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -p8_pkey.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -p8_pkey.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -p8_pkey.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -p8_pkey.o: ../cryptlib.h p8_pkey.c -t_bitst.o: ../../e_os.h ../../include/openssl/aes.h -t_bitst.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -t_bitst.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -t_bitst.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h +p8_pkey.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h +p8_pkey.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +p8_pkey.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h +p8_pkey.o: ../../include/openssl/x509_vfy.h ../cryptlib.h p8_pkey.c +t_bitst.o: ../../e_os.h ../../include/openssl/asn1.h +t_bitst.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h t_bitst.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h -t_bitst.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -t_bitst.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -t_bitst.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -t_bitst.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -t_bitst.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -t_bitst.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -t_bitst.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h +t_bitst.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h +t_bitst.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h +t_bitst.o: ../../include/openssl/err.h ../../include/openssl/evp.h +t_bitst.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h t_bitst.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h t_bitst.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -t_bitst.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -t_bitst.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -t_bitst.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -t_bitst.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -t_bitst.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -t_bitst.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -t_bitst.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -t_bitst.o: ../../include/openssl/x509v3.h ../cryptlib.h t_bitst.c -t_crl.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h -t_crl.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h +t_bitst.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h +t_bitst.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +t_bitst.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h +t_bitst.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h +t_bitst.o: ../cryptlib.h t_bitst.c +t_crl.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h t_crl.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -t_crl.o: ../../include/openssl/cast.h ../../include/openssl/conf.h -t_crl.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -t_crl.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -t_crl.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h +t_crl.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h +t_crl.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h +t_crl.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h t_crl.o: ../../include/openssl/err.h ../../include/openssl/evp.h -t_crl.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -t_crl.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -t_crl.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h -t_crl.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -t_crl.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -t_crl.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h -t_crl.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -t_crl.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h -t_crl.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h +t_crl.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h +t_crl.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h +t_crl.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +t_crl.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h t_crl.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -t_crl.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -t_crl.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h +t_crl.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h t_crl.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h t_crl.o: ../cryptlib.h t_crl.c t_pkey.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h t_pkey.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h t_pkey.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h t_pkey.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -t_pkey.o: ../../include/openssl/err.h ../../include/openssl/lhash.h -t_pkey.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -t_pkey.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rsa.h -t_pkey.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h -t_pkey.o: ../../include/openssl/symhacks.h ../cryptlib.h t_pkey.c -t_req.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h -t_req.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h +t_pkey.o: ../../include/openssl/ec.h ../../include/openssl/err.h +t_pkey.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h +t_pkey.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h +t_pkey.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +t_pkey.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h +t_pkey.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +t_pkey.o: ../cryptlib.h t_pkey.c +t_req.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h t_req.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -t_req.o: ../../include/openssl/cast.h ../../include/openssl/conf.h -t_req.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -t_req.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h +t_req.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h t_req.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -t_req.o: ../../include/openssl/err.h ../../include/openssl/evp.h -t_req.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -t_req.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -t_req.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h +t_req.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h +t_req.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h +t_req.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h t_req.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h t_req.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h t_req.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h -t_req.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -t_req.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h t_req.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h t_req.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -t_req.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -t_req.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h +t_req.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h t_req.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h t_req.o: ../cryptlib.h t_req.c -t_spki.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h -t_spki.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h +t_spki.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h t_spki.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -t_spki.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h -t_spki.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -t_spki.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -t_spki.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -t_spki.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -t_spki.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -t_spki.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -t_spki.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h +t_spki.o: ../../include/openssl/crypto.h ../../include/openssl/dsa.h +t_spki.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h +t_spki.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h +t_spki.o: ../../include/openssl/err.h ../../include/openssl/evp.h +t_spki.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h t_spki.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h t_spki.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -t_spki.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -t_spki.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -t_spki.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h +t_spki.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h t_spki.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h t_spki.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -t_spki.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h t_spki.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h t_spki.o: ../cryptlib.h t_spki.c -t_x509.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h -t_x509.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h +t_x509.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h t_x509.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -t_x509.o: ../../include/openssl/cast.h ../../include/openssl/conf.h -t_x509.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -t_x509.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h +t_x509.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h t_x509.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -t_x509.o: ../../include/openssl/err.h ../../include/openssl/evp.h -t_x509.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -t_x509.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -t_x509.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h +t_x509.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h +t_x509.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h +t_x509.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h t_x509.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h t_x509.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h t_x509.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h -t_x509.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -t_x509.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h t_x509.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h t_x509.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -t_x509.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -t_x509.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h +t_x509.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h t_x509.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h t_x509.o: ../cryptlib.h t_x509.c -t_x509a.o: ../../e_os.h ../../include/openssl/aes.h -t_x509a.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -t_x509a.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -t_x509a.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -t_x509a.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -t_x509a.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -t_x509a.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -t_x509a.o: ../../include/openssl/err.h ../../include/openssl/evp.h -t_x509a.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -t_x509a.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -t_x509a.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h +t_x509a.o: ../../e_os.h ../../include/openssl/asn1.h +t_x509a.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h +t_x509a.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h +t_x509a.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h +t_x509a.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h +t_x509a.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h t_x509a.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h t_x509a.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h t_x509a.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h -t_x509a.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -t_x509a.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h -t_x509a.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -t_x509a.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -t_x509a.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -t_x509a.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h -t_x509a.o: ../../include/openssl/x509_vfy.h ../cryptlib.h t_x509a.c +t_x509a.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +t_x509a.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +t_x509a.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +t_x509a.o: ../cryptlib.h t_x509a.c tasn_dec.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h -tasn_dec.o: ../../include/openssl/bio.h ../../include/openssl/bn.h -tasn_dec.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h -tasn_dec.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -tasn_dec.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h -tasn_dec.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h +tasn_dec.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h +tasn_dec.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h +tasn_dec.o: ../../include/openssl/err.h ../../include/openssl/lhash.h +tasn_dec.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h +tasn_dec.o: ../../include/openssl/opensslconf.h tasn_dec.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h tasn_dec.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h tasn_dec.o: ../../include/openssl/symhacks.h tasn_dec.c -tasn_enc.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h -tasn_enc.o: ../../include/openssl/bio.h ../../include/openssl/bn.h -tasn_enc.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h -tasn_enc.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -tasn_enc.o: ../../include/openssl/opensslconf.h +tasn_enc.o: ../../e_os.h ../../include/openssl/asn1.h +tasn_enc.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h +tasn_enc.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h +tasn_enc.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h +tasn_enc.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h +tasn_enc.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h tasn_enc.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h tasn_enc.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h -tasn_enc.o: ../../include/openssl/symhacks.h tasn_enc.c +tasn_enc.o: ../../include/openssl/symhacks.h ../cryptlib.h tasn_enc.c tasn_fre.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h -tasn_fre.o: ../../include/openssl/bio.h ../../include/openssl/bn.h -tasn_fre.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h -tasn_fre.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -tasn_fre.o: ../../include/openssl/opensslconf.h +tasn_fre.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h +tasn_fre.o: ../../include/openssl/e_os2.h ../../include/openssl/obj_mac.h +tasn_fre.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h tasn_fre.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h tasn_fre.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h tasn_fre.o: ../../include/openssl/symhacks.h tasn_fre.c tasn_new.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h -tasn_new.o: ../../include/openssl/bio.h ../../include/openssl/bn.h -tasn_new.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h -tasn_new.o: ../../include/openssl/err.h ../../include/openssl/lhash.h -tasn_new.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -tasn_new.o: ../../include/openssl/opensslconf.h +tasn_new.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h +tasn_new.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h +tasn_new.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h +tasn_new.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h tasn_new.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h tasn_new.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h tasn_new.o: ../../include/openssl/symhacks.h tasn_new.c tasn_typ.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h -tasn_typ.o: ../../include/openssl/bio.h ../../include/openssl/bn.h -tasn_typ.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h -tasn_typ.o: ../../include/openssl/opensslconf.h +tasn_typ.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h +tasn_typ.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h tasn_typ.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h tasn_typ.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h tasn_typ.o: ../../include/openssl/symhacks.h tasn_typ.c tasn_utl.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h -tasn_utl.o: ../../include/openssl/bio.h ../../include/openssl/bn.h -tasn_utl.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h -tasn_utl.o: ../../include/openssl/err.h ../../include/openssl/lhash.h -tasn_utl.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -tasn_utl.o: ../../include/openssl/opensslconf.h +tasn_utl.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h +tasn_utl.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h +tasn_utl.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h +tasn_utl.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h tasn_utl.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h tasn_utl.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h tasn_utl.o: ../../include/openssl/symhacks.h tasn_utl.c -x_algor.o: ../../include/openssl/aes.h ../../include/openssl/asn1.h -x_algor.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h -x_algor.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -x_algor.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -x_algor.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -x_algor.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -x_algor.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -x_algor.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -x_algor.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -x_algor.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -x_algor.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h +x_algor.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h +x_algor.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h +x_algor.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h +x_algor.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h +x_algor.o: ../../include/openssl/ecdsa.h ../../include/openssl/evp.h +x_algor.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h x_algor.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h x_algor.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -x_algor.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -x_algor.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -x_algor.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -x_algor.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -x_algor.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -x_algor.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -x_algor.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -x_algor.o: x_algor.c -x_attrib.o: ../../e_os.h ../../include/openssl/aes.h -x_attrib.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h -x_attrib.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -x_attrib.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -x_attrib.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h -x_attrib.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -x_attrib.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -x_attrib.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -x_attrib.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -x_attrib.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -x_attrib.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -x_attrib.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h +x_algor.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h +x_algor.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +x_algor.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h +x_algor.o: ../../include/openssl/x509_vfy.h x_algor.c +x_attrib.o: ../../e_os.h ../../include/openssl/asn1.h +x_attrib.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h +x_attrib.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h +x_attrib.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h +x_attrib.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h +x_attrib.o: ../../include/openssl/err.h ../../include/openssl/evp.h +x_attrib.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h x_attrib.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h x_attrib.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -x_attrib.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -x_attrib.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -x_attrib.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -x_attrib.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -x_attrib.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -x_attrib.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -x_attrib.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -x_attrib.o: ../cryptlib.h x_attrib.c +x_attrib.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h +x_attrib.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +x_attrib.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h +x_attrib.o: ../../include/openssl/x509_vfy.h ../cryptlib.h x_attrib.c x_bignum.o: ../../e_os.h ../../include/openssl/asn1.h x_bignum.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h x_bignum.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h @@ -884,69 +717,43 @@ x_bignum.o: ../../include/openssl/opensslconf.h x_bignum.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h x_bignum.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h x_bignum.o: ../../include/openssl/symhacks.h ../cryptlib.h x_bignum.c -x_crl.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h +x_crl.o: ../../e_os.h ../../include/openssl/asn1.h x_crl.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h -x_crl.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -x_crl.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -x_crl.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -x_crl.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -x_crl.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h +x_crl.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h +x_crl.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h +x_crl.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h x_crl.o: ../../include/openssl/err.h ../../include/openssl/evp.h -x_crl.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -x_crl.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -x_crl.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h -x_crl.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -x_crl.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -x_crl.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h -x_crl.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -x_crl.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h -x_crl.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h +x_crl.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h +x_crl.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h +x_crl.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +x_crl.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h x_crl.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -x_crl.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -x_crl.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h +x_crl.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h x_crl.o: ../../include/openssl/x509_vfy.h ../cryptlib.h x_crl.c -x_exten.o: ../../include/openssl/aes.h ../../include/openssl/asn1.h -x_exten.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h -x_exten.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -x_exten.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -x_exten.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -x_exten.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -x_exten.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -x_exten.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -x_exten.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -x_exten.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -x_exten.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h +x_exten.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h +x_exten.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h +x_exten.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h +x_exten.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h +x_exten.o: ../../include/openssl/ecdsa.h ../../include/openssl/evp.h +x_exten.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h x_exten.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h x_exten.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -x_exten.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -x_exten.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -x_exten.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -x_exten.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -x_exten.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -x_exten.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -x_exten.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -x_exten.o: x_exten.c -x_info.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h -x_info.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -x_info.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -x_info.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h -x_info.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -x_info.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -x_info.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -x_info.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -x_info.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -x_info.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -x_info.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h +x_exten.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h +x_exten.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +x_exten.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h +x_exten.o: ../../include/openssl/x509_vfy.h x_exten.c +x_info.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h +x_info.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h +x_info.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h +x_info.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h +x_info.o: ../../include/openssl/err.h ../../include/openssl/evp.h +x_info.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h x_info.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h x_info.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -x_info.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -x_info.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -x_info.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -x_info.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -x_info.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -x_info.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -x_info.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -x_info.o: ../cryptlib.h x_info.c +x_info.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h +x_info.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +x_info.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h +x_info.o: ../../include/openssl/x509_vfy.h ../cryptlib.h x_info.c x_long.o: ../../e_os.h ../../include/openssl/asn1.h x_long.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h x_long.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h @@ -956,195 +763,123 @@ x_long.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h x_long.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h x_long.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h x_long.o: ../cryptlib.h x_long.c -x_name.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h +x_name.o: ../../e_os.h ../../include/openssl/asn1.h x_name.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h -x_name.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -x_name.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -x_name.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -x_name.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -x_name.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h +x_name.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h +x_name.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h +x_name.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h x_name.o: ../../include/openssl/err.h ../../include/openssl/evp.h -x_name.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -x_name.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -x_name.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h -x_name.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -x_name.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -x_name.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h -x_name.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -x_name.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h -x_name.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h +x_name.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h +x_name.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h +x_name.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +x_name.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h x_name.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -x_name.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -x_name.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h +x_name.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h x_name.o: ../../include/openssl/x509_vfy.h ../cryptlib.h x_name.c -x_pkey.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h +x_pkey.o: ../../e_os.h ../../include/openssl/asn1.h x_pkey.o: ../../include/openssl/asn1_mac.h ../../include/openssl/bio.h -x_pkey.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -x_pkey.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -x_pkey.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -x_pkey.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -x_pkey.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h +x_pkey.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h +x_pkey.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h +x_pkey.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h x_pkey.o: ../../include/openssl/err.h ../../include/openssl/evp.h -x_pkey.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -x_pkey.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -x_pkey.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h -x_pkey.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -x_pkey.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -x_pkey.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h -x_pkey.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -x_pkey.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h -x_pkey.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h +x_pkey.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h +x_pkey.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h +x_pkey.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +x_pkey.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h x_pkey.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -x_pkey.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -x_pkey.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h +x_pkey.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h x_pkey.o: ../../include/openssl/x509_vfy.h ../cryptlib.h x_pkey.c -x_pubkey.o: ../../e_os.h ../../include/openssl/aes.h -x_pubkey.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h -x_pubkey.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -x_pubkey.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -x_pubkey.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h -x_pubkey.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -x_pubkey.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -x_pubkey.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -x_pubkey.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -x_pubkey.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -x_pubkey.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -x_pubkey.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h -x_pubkey.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h +x_pubkey.o: ../../e_os.h ../../include/openssl/asn1.h +x_pubkey.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h +x_pubkey.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h +x_pubkey.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h +x_pubkey.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h +x_pubkey.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h +x_pubkey.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h +x_pubkey.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h +x_pubkey.o: ../../include/openssl/opensslconf.h x_pubkey.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -x_pubkey.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -x_pubkey.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -x_pubkey.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h +x_pubkey.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h x_pubkey.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h x_pubkey.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -x_pubkey.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h x_pubkey.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h x_pubkey.o: ../cryptlib.h x_pubkey.c -x_req.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h +x_req.o: ../../e_os.h ../../include/openssl/asn1.h x_req.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h -x_req.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -x_req.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -x_req.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -x_req.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -x_req.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h +x_req.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h +x_req.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h +x_req.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h x_req.o: ../../include/openssl/err.h ../../include/openssl/evp.h -x_req.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -x_req.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -x_req.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h -x_req.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -x_req.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -x_req.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h -x_req.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -x_req.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h -x_req.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h +x_req.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h +x_req.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h +x_req.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +x_req.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h x_req.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -x_req.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -x_req.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h +x_req.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h x_req.o: ../../include/openssl/x509_vfy.h ../cryptlib.h x_req.c -x_sig.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h +x_sig.o: ../../e_os.h ../../include/openssl/asn1.h x_sig.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h -x_sig.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -x_sig.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -x_sig.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -x_sig.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -x_sig.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h +x_sig.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h +x_sig.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h +x_sig.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h x_sig.o: ../../include/openssl/err.h ../../include/openssl/evp.h -x_sig.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -x_sig.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -x_sig.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h -x_sig.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -x_sig.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -x_sig.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h -x_sig.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -x_sig.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h -x_sig.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h +x_sig.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h +x_sig.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h +x_sig.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +x_sig.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h x_sig.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -x_sig.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -x_sig.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h +x_sig.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h x_sig.o: ../../include/openssl/x509_vfy.h ../cryptlib.h x_sig.c -x_spki.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h +x_spki.o: ../../e_os.h ../../include/openssl/asn1.h x_spki.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h -x_spki.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -x_spki.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -x_spki.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -x_spki.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -x_spki.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h +x_spki.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h +x_spki.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h +x_spki.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h x_spki.o: ../../include/openssl/err.h ../../include/openssl/evp.h -x_spki.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -x_spki.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -x_spki.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h -x_spki.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -x_spki.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -x_spki.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h -x_spki.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -x_spki.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h -x_spki.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h +x_spki.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h +x_spki.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h +x_spki.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +x_spki.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h x_spki.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -x_spki.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -x_spki.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h +x_spki.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h x_spki.o: ../../include/openssl/x509_vfy.h ../cryptlib.h x_spki.c -x_val.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h +x_val.o: ../../e_os.h ../../include/openssl/asn1.h x_val.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h -x_val.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -x_val.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -x_val.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -x_val.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -x_val.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h +x_val.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h +x_val.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h +x_val.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h x_val.o: ../../include/openssl/err.h ../../include/openssl/evp.h -x_val.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -x_val.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -x_val.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h -x_val.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -x_val.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -x_val.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h -x_val.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -x_val.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h -x_val.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h +x_val.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h +x_val.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h +x_val.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +x_val.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h x_val.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -x_val.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -x_val.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h +x_val.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h x_val.o: ../../include/openssl/x509_vfy.h ../cryptlib.h x_val.c -x_x509.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h +x_x509.o: ../../e_os.h ../../include/openssl/asn1.h x_x509.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h -x_x509.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -x_x509.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -x_x509.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h -x_x509.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -x_x509.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -x_x509.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -x_x509.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -x_x509.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -x_x509.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -x_x509.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h -x_x509.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -x_x509.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -x_x509.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -x_x509.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -x_x509.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h +x_x509.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h +x_x509.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h +x_x509.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h +x_x509.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h +x_x509.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h +x_x509.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h +x_x509.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h +x_x509.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h x_x509.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h x_x509.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -x_x509.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h x_x509.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h x_x509.o: ../../include/openssl/x509v3.h ../cryptlib.h x_x509.c -x_x509a.o: ../../e_os.h ../../include/openssl/aes.h -x_x509a.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h -x_x509a.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -x_x509a.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -x_x509a.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h -x_x509a.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -x_x509a.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -x_x509a.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -x_x509a.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -x_x509a.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -x_x509a.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -x_x509a.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h +x_x509a.o: ../../e_os.h ../../include/openssl/asn1.h +x_x509a.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h +x_x509a.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h +x_x509a.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h +x_x509a.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h +x_x509a.o: ../../include/openssl/err.h ../../include/openssl/evp.h +x_x509a.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h x_x509a.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h x_x509a.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -x_x509a.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -x_x509a.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -x_x509a.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -x_x509a.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -x_x509a.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -x_x509a.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -x_x509a.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -x_x509a.o: ../cryptlib.h x_x509a.c +x_x509a.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h +x_x509a.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +x_x509a.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h +x_x509a.o: ../../include/openssl/x509_vfy.h ../cryptlib.h x_x509a.c diff --git a/src/lib/libcrypto/asn1/a_gentm.c b/src/lib/libcrypto/asn1/a_gentm.c index 0dfd576211..def79062a5 100644 --- a/src/lib/libcrypto/asn1/a_gentm.c +++ b/src/lib/libcrypto/asn1/a_gentm.c @@ -181,7 +181,7 @@ err: return(0); } -int ASN1_GENERALIZEDTIME_set_string(ASN1_GENERALIZEDTIME *s, char *str) +int ASN1_GENERALIZEDTIME_set_string(ASN1_GENERALIZEDTIME *s, const char *str) { ASN1_GENERALIZEDTIME t; diff --git a/src/lib/libcrypto/asn1/a_hdr.c b/src/lib/libcrypto/asn1/a_hdr.c index b1aad81f77..d1c2a7b9e3 100644 --- a/src/lib/libcrypto/asn1/a_hdr.c +++ b/src/lib/libcrypto/asn1/a_hdr.c @@ -76,17 +76,17 @@ int i2d_ASN1_HEADER(ASN1_HEADER *a, unsigned char **pp) M_ASN1_I2D_finish(); } -ASN1_HEADER *d2i_ASN1_HEADER(ASN1_HEADER **a, unsigned char **pp, +ASN1_HEADER *d2i_ASN1_HEADER(ASN1_HEADER **a, const unsigned char **pp, long length) { M_ASN1_D2I_vars(a,ASN1_HEADER *,ASN1_HEADER_new); M_ASN1_D2I_Init(); M_ASN1_D2I_start_sequence(); - M_ASN1_D2I_get(ret->header,d2i_ASN1_OCTET_STRING); + M_ASN1_D2I_get_x(ASN1_OCTET_STRING,ret->header,d2i_ASN1_OCTET_STRING); if (ret->meth != NULL) { - M_ASN1_D2I_get(ret->data,ret->meth->d2i); + M_ASN1_D2I_get_x(void,ret->data,ret->meth->d2i); } else { diff --git a/src/lib/libcrypto/asn1/a_meth.c b/src/lib/libcrypto/asn1/a_meth.c index 63158e9cab..50bea917e3 100644 --- a/src/lib/libcrypto/asn1/a_meth.c +++ b/src/lib/libcrypto/asn1/a_meth.c @@ -62,16 +62,16 @@ #include static ASN1_METHOD ia5string_meth={ - (int (*)()) i2d_ASN1_IA5STRING, - (char *(*)()) d2i_ASN1_IA5STRING, - (char *(*)()) ASN1_STRING_new, - (void (*)()) ASN1_STRING_free}; + (I2D_OF(void)) i2d_ASN1_IA5STRING, + (D2I_OF(void)) d2i_ASN1_IA5STRING, + (void *(*)(void))ASN1_STRING_new, + (void (*)(void *))ASN1_STRING_free}; static ASN1_METHOD bit_string_meth={ - (int (*)()) i2d_ASN1_BIT_STRING, - (char *(*)()) d2i_ASN1_BIT_STRING, - (char *(*)()) ASN1_STRING_new, - (void (*)()) ASN1_STRING_free}; + (I2D_OF(void)) i2d_ASN1_BIT_STRING, + (D2I_OF(void)) d2i_ASN1_BIT_STRING, + (void *(*)(void))ASN1_STRING_new, + (void (*)(void *))ASN1_STRING_free}; ASN1_METHOD *ASN1_IA5STRING_asn1_meth(void) { diff --git a/src/lib/libcrypto/asn1/a_utctm.c b/src/lib/libcrypto/asn1/a_utctm.c index 7b25fed331..d31c028193 100644 --- a/src/lib/libcrypto/asn1/a_utctm.c +++ b/src/lib/libcrypto/asn1/a_utctm.c @@ -162,7 +162,7 @@ err: return(0); } -int ASN1_UTCTIME_set_string(ASN1_UTCTIME *s, char *str) +int ASN1_UTCTIME_set_string(ASN1_UTCTIME *s, const char *str) { ASN1_UTCTIME t; diff --git a/src/lib/libcrypto/bf/Makefile b/src/lib/libcrypto/bf/Makefile index 42e2c050f8..8441954a8d 100644 --- a/src/lib/libcrypto/bf/Makefile +++ b/src/lib/libcrypto/bf/Makefile @@ -8,11 +8,6 @@ CC= cc CPP= $(CC) -E INCLUDES= CFLAG=-g -INSTALL_PREFIX= -OPENSSLDIR= /usr/local/ssl -INSTALLTOP=/usr/local/ssl -MAKEDEPPROG= makedepend -MAKEDEPEND= $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG) MAKEFILE= Makefile AR= ar r @@ -22,6 +17,7 @@ BF_ENC= bf_enc.o CFLAGS= $(INCLUDES) $(CFLAG) ASFLAGS= $(INCLUDES) $(ASFLAG) +AFLAGS= $(ASFLAGS) GENERAL=Makefile TEST=bftest.c @@ -48,20 +44,15 @@ lib: $(LIBOBJ) $(RANLIB) $(LIB) || echo Never mind. @touch lib -# elf -asm/bx86-elf.s: asm/bf-586.pl ../perlasm/x86asm.pl ../perlasm/cbc.pl - (cd asm; $(PERL) bf-586.pl elf $(CFLAGS) $(PROCESSOR) > bx86-elf.s) - +# ELF +bx86-elf.s: asm/bf-586.pl ../perlasm/x86asm.pl ../perlasm/cbc.pl + (cd asm; $(PERL) bf-586.pl elf $(CFLAGS) $(PROCESSOR) > ../$@) +# COFF +bx86-cof.s: asm/bf-586.pl ../perlasm/x86asm.pl ../perlasm/cbc.pl + (cd asm; $(PERL) bf-586.pl coff $(CFLAGS) $(PROCESSOR) > ../$@) # a.out -asm/bx86-out.o: asm/bx86unix.cpp - $(CPP) -DOUT asm/bx86unix.cpp | as -o asm/bx86-out.o - -# bsdi -asm/bx86bsdi.o: asm/bx86unix.cpp - $(CPP) -DBSDI asm/bx86unix.cpp | sed 's/ :/:/' | as -o asm/bx86bsdi.o - -asm/bx86unix.cpp: asm/bf-586.pl ../perlasm/x86asm.pl ../perlasm/cbc.pl - (cd asm; $(PERL) bf-586.pl cpp $(PROCESSOR) >bx86unix.cpp) +bx86-out.s: asm/bf-586.pl ../perlasm/x86asm.pl ../perlasm/cbc.pl + (cd asm; $(PERL) bf-586.pl a.out $(CFLAGS) $(PROCESSOR) > ../$@) files: $(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO @@ -71,9 +62,11 @@ links: @$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST) @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS) -install: installs - -installs: +# We need to use force because 'install' matches 'INSTALL' on case +# insensitive systems +FRC.install: +install: FRC.install + @[ -n "$(INSTALLTOP)" ] # should be set by top Makefile... @headerlist="$(EXHEADER)"; for i in $$headerlist ; \ do \ (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \ @@ -89,6 +82,7 @@ lint: lint -DLINT $(INCLUDES) $(SRC)>fluff depend: + @[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile... $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC) dclean: @@ -96,7 +90,7 @@ dclean: mv -f Makefile.new $(MAKEFILE) clean: - rm -f asm/bx86unix.cpp asm/*-elf.* *.o asm/*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff + rm -f *.s *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff # DO NOT DELETE THIS LINE -- make depend depends on it. @@ -109,8 +103,5 @@ bf_enc.o: ../../include/openssl/blowfish.h ../../include/openssl/e_os2.h bf_enc.o: ../../include/openssl/opensslconf.h bf_enc.c bf_locl.h bf_ofb64.o: ../../include/openssl/blowfish.h ../../include/openssl/e_os2.h bf_ofb64.o: ../../include/openssl/opensslconf.h bf_locl.h bf_ofb64.c -bf_skey.o: ../../include/openssl/blowfish.h ../../include/openssl/crypto.h -bf_skey.o: ../../include/openssl/e_os2.h ../../include/openssl/fips.h -bf_skey.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -bf_skey.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h -bf_skey.o: ../../include/openssl/symhacks.h bf_locl.h bf_pi.h bf_skey.c +bf_skey.o: ../../include/openssl/blowfish.h ../../include/openssl/e_os2.h +bf_skey.o: ../../include/openssl/opensslconf.h bf_locl.h bf_pi.h bf_skey.c diff --git a/src/lib/libcrypto/bf/bf_opts.c b/src/lib/libcrypto/bf/bf_opts.c index 171dada2ca..1721bb99b4 100644 --- a/src/lib/libcrypto/bf/bf_opts.c +++ b/src/lib/libcrypto/bf/bf_opts.c @@ -69,7 +69,10 @@ #include OPENSSL_UNISTD_IO OPENSSL_DECLARE_EXIT +#ifndef OPENSSL_SYS_NETWARE #include +#endif + #ifndef _IRIX #include #endif diff --git a/src/lib/libcrypto/bf/bfspeed.c b/src/lib/libcrypto/bf/bfspeed.c index f346af64f3..c41ef3b403 100644 --- a/src/lib/libcrypto/bf/bfspeed.c +++ b/src/lib/libcrypto/bf/bfspeed.c @@ -69,7 +69,10 @@ #include OPENSSL_UNISTD_IO OPENSSL_DECLARE_EXIT +#ifndef OPENSSL_SYS_NETWARE #include +#endif + #ifndef _IRIX #include #endif diff --git a/src/lib/libcrypto/bf/bftest.c b/src/lib/libcrypto/bf/bftest.c index 24d526b14b..97e6634d37 100644 --- a/src/lib/libcrypto/bf/bftest.c +++ b/src/lib/libcrypto/bf/bftest.c @@ -62,6 +62,7 @@ #include #include #include +#include /* To see if OPENSSL_NO_BF is defined */ #include "../e_os.h" @@ -277,6 +278,9 @@ int main(int argc, char *argv[]) else ret=test(); +#ifdef OPENSSL_SYS_NETWARE + if (ret) printf("ERROR: %d\n", ret); +#endif EXIT(ret); return(0); } diff --git a/src/lib/libcrypto/bio/Makefile b/src/lib/libcrypto/bio/Makefile index a565154499..1ef6c2fb9f 100644 --- a/src/lib/libcrypto/bio/Makefile +++ b/src/lib/libcrypto/bio/Makefile @@ -7,11 +7,6 @@ TOP= ../.. CC= cc INCLUDES= -I.. -I$(TOP) -I../../include CFLAG=-g -INSTALL_PREFIX= -OPENSSLDIR= /usr/local/ssl -INSTALLTOP=/usr/local/ssl -MAKEDEPPROG= makedepend -MAKEDEPEND= $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG) MAKEFILE= Makefile AR= ar r @@ -26,19 +21,21 @@ LIBSRC= bio_lib.c bio_cb.c bio_err.c \ bss_mem.c bss_null.c bss_fd.c \ bss_file.c bss_sock.c bss_conn.c \ bf_null.c bf_buff.c b_print.c b_dump.c \ - b_sock.c bss_acpt.c bf_nbio.c bss_log.c bss_bio.c + b_sock.c bss_acpt.c bf_nbio.c bss_log.c bss_bio.c \ + bss_dgram.c # bf_lbuf.c LIBOBJ= bio_lib.o bio_cb.o bio_err.o \ bss_mem.o bss_null.o bss_fd.o \ bss_file.o bss_sock.o bss_conn.o \ bf_null.o bf_buff.o b_print.o b_dump.o \ - b_sock.o bss_acpt.o bf_nbio.o bss_log.o bss_bio.o + b_sock.o bss_acpt.o bf_nbio.o bss_log.o bss_bio.o \ + bss_dgram.o # bf_lbuf.o SRC= $(LIBSRC) EXHEADER= bio.h -HEADER= bss_file.c $(EXHEADER) +HEADER= bio_lcl.h $(EXHEADER) ALL= $(GENERAL) $(SRC) $(HEADER) @@ -61,6 +58,7 @@ links: @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS) install: + @[ -n "$(INSTALLTOP)" ] # should be set by top Makefile... @headerlist="$(EXHEADER)"; for i in $$headerlist; \ do \ (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \ @@ -76,6 +74,7 @@ lint: lint -DLINT $(INCLUDES) $(SRC)>fluff depend: + @[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile... $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC) dclean: @@ -91,30 +90,30 @@ b_dump.o: ../../e_os.h ../../include/openssl/bio.h b_dump.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h b_dump.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h b_dump.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h -b_dump.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h -b_dump.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -b_dump.o: ../cryptlib.h b_dump.c +b_dump.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +b_dump.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +b_dump.o: ../../include/openssl/symhacks.h ../cryptlib.h b_dump.c bio_lcl.h b_print.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h b_print.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h b_print.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h b_print.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h -b_print.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h -b_print.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -b_print.o: ../cryptlib.h b_print.c +b_print.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +b_print.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +b_print.o: ../../include/openssl/symhacks.h ../cryptlib.h b_print.c b_sock.o: ../../e_os.h ../../include/openssl/bio.h b_sock.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h b_sock.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h b_sock.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h -b_sock.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h -b_sock.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -b_sock.o: ../cryptlib.h b_sock.c +b_sock.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +b_sock.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +b_sock.o: ../../include/openssl/symhacks.h ../cryptlib.h b_sock.c bf_buff.o: ../../e_os.h ../../include/openssl/bio.h bf_buff.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h bf_buff.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h bf_buff.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h -bf_buff.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h -bf_buff.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -bf_buff.o: ../cryptlib.h bf_buff.c +bf_buff.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +bf_buff.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +bf_buff.o: ../../include/openssl/symhacks.h ../cryptlib.h bf_buff.c bf_nbio.o: ../../e_os.h ../../include/openssl/bio.h bf_nbio.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h bf_nbio.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h @@ -127,88 +126,96 @@ bf_null.o: ../../e_os.h ../../include/openssl/bio.h bf_null.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h bf_null.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h bf_null.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h -bf_null.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h -bf_null.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -bf_null.o: ../cryptlib.h bf_null.c +bf_null.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +bf_null.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +bf_null.o: ../../include/openssl/symhacks.h ../cryptlib.h bf_null.c bio_cb.o: ../../e_os.h ../../include/openssl/bio.h bio_cb.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h bio_cb.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h bio_cb.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h -bio_cb.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h -bio_cb.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -bio_cb.o: ../cryptlib.h bio_cb.c +bio_cb.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +bio_cb.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +bio_cb.o: ../../include/openssl/symhacks.h ../cryptlib.h bio_cb.c bio_err.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h bio_err.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h bio_err.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h -bio_err.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h -bio_err.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -bio_err.o: bio_err.c +bio_err.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +bio_err.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +bio_err.o: ../../include/openssl/symhacks.h bio_err.c bio_lib.o: ../../e_os.h ../../include/openssl/bio.h bio_lib.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h bio_lib.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h bio_lib.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h -bio_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h -bio_lib.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -bio_lib.o: ../cryptlib.h bio_lib.c +bio_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +bio_lib.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +bio_lib.o: ../../include/openssl/symhacks.h ../cryptlib.h bio_lib.c bss_acpt.o: ../../e_os.h ../../include/openssl/bio.h bss_acpt.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h bss_acpt.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h bss_acpt.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h -bss_acpt.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h -bss_acpt.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -bss_acpt.o: ../cryptlib.h bss_acpt.c +bss_acpt.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +bss_acpt.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +bss_acpt.o: ../../include/openssl/symhacks.h ../cryptlib.h bss_acpt.c bss_bio.o: ../../e_os.h ../../include/openssl/bio.h bss_bio.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h bss_bio.o: ../../include/openssl/err.h ../../include/openssl/lhash.h bss_bio.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -bss_bio.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h -bss_bio.o: ../../include/openssl/symhacks.h bss_bio.c +bss_bio.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h +bss_bio.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +bss_bio.o: bss_bio.c bss_conn.o: ../../e_os.h ../../include/openssl/bio.h bss_conn.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h bss_conn.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h bss_conn.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h -bss_conn.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h -bss_conn.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -bss_conn.o: ../cryptlib.h bss_conn.c +bss_conn.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +bss_conn.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +bss_conn.o: ../../include/openssl/symhacks.h ../cryptlib.h bss_conn.c +bss_dgram.o: ../../e_os.h ../../include/openssl/bio.h +bss_dgram.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h +bss_dgram.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h +bss_dgram.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h +bss_dgram.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +bss_dgram.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +bss_dgram.o: ../../include/openssl/symhacks.h ../cryptlib.h bss_dgram.c bss_fd.o: ../../e_os.h ../../include/openssl/bio.h bss_fd.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h bss_fd.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h bss_fd.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h -bss_fd.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h -bss_fd.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -bss_fd.o: ../cryptlib.h bss_fd.c +bss_fd.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +bss_fd.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +bss_fd.o: ../../include/openssl/symhacks.h ../cryptlib.h bio_lcl.h bss_fd.c bss_file.o: ../../e_os.h ../../include/openssl/bio.h bss_file.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h bss_file.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h bss_file.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h -bss_file.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h -bss_file.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -bss_file.o: ../cryptlib.h bss_file.c +bss_file.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +bss_file.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +bss_file.o: ../../include/openssl/symhacks.h ../cryptlib.h bio_lcl.h bss_file.c bss_log.o: ../../e_os.h ../../include/openssl/bio.h bss_log.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h bss_log.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h bss_log.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h -bss_log.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h -bss_log.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -bss_log.o: ../cryptlib.h bss_log.c +bss_log.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +bss_log.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +bss_log.o: ../../include/openssl/symhacks.h ../cryptlib.h bss_log.c bss_mem.o: ../../e_os.h ../../include/openssl/bio.h bss_mem.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h bss_mem.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h bss_mem.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h -bss_mem.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h -bss_mem.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -bss_mem.o: ../cryptlib.h bss_mem.c +bss_mem.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +bss_mem.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +bss_mem.o: ../../include/openssl/symhacks.h ../cryptlib.h bss_mem.c bss_null.o: ../../e_os.h ../../include/openssl/bio.h bss_null.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h bss_null.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h bss_null.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h -bss_null.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h -bss_null.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -bss_null.o: ../cryptlib.h bss_null.c +bss_null.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +bss_null.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +bss_null.o: ../../include/openssl/symhacks.h ../cryptlib.h bss_null.c bss_sock.o: ../../e_os.h ../../include/openssl/bio.h bss_sock.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h bss_sock.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h bss_sock.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h -bss_sock.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h -bss_sock.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -bss_sock.o: ../cryptlib.h bss_sock.c +bss_sock.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +bss_sock.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +bss_sock.o: ../../include/openssl/symhacks.h ../cryptlib.h bss_sock.c diff --git a/src/lib/libcrypto/bn/Makefile b/src/lib/libcrypto/bn/Makefile index 9969d242cc..e97c751390 100644 --- a/src/lib/libcrypto/bn/Makefile +++ b/src/lib/libcrypto/bn/Makefile @@ -8,11 +8,6 @@ CC= cc CPP= $(CC) -E INCLUDES= -I.. -I$(TOP) -I../../include CFLAG=-g -INSTALL_PREFIX= -OPENSSLDIR= /usr/local/ssl -INSTALLTOP=/usr/local/ssl -MAKEDEPPROG= makedepend -MAKEDEPEND= $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG) MAKEFILE= Makefile AR= ar r @@ -22,6 +17,7 @@ BN_ASM= bn_asm.o CFLAGS= $(INCLUDES) $(CFLAG) ASFLAGS= $(INCLUDES) $(ASFLAG) +AFLAGS= $(ASFLAGS) GENERAL=Makefile TEST=bntest.c exptest.c @@ -31,12 +27,14 @@ LIB=$(TOP)/libcrypto.a LIBSRC= bn_add.c bn_div.c bn_exp.c bn_lib.c bn_ctx.c bn_mul.c bn_mod.c \ bn_print.c bn_rand.c bn_shift.c bn_word.c bn_blind.c \ bn_kron.c bn_sqrt.c bn_gcd.c bn_prime.c bn_err.c bn_sqr.c bn_asm.c \ - bn_recp.c bn_mont.c bn_mpi.c bn_exp2.c bn_x931p.c + bn_recp.c bn_mont.c bn_mpi.c bn_exp2.c bn_gf2m.c bn_nist.c \ + bn_depr.c bn_const.c LIBOBJ= bn_add.o bn_div.o bn_exp.o bn_lib.o bn_ctx.o bn_mul.o bn_mod.o \ bn_print.o bn_rand.o bn_shift.o bn_word.o bn_blind.o \ bn_kron.o bn_sqrt.o bn_gcd.o bn_prime.o bn_err.o bn_sqr.o $(BN_ASM) \ - bn_recp.o bn_mont.o bn_mpi.o bn_exp2.o bn_x931p.o + bn_recp.o bn_mont.o bn_mpi.o bn_exp2.o bn_gf2m.o bn_nist.o \ + bn_depr.o bn_const.o SRC= $(LIBSRC) @@ -64,70 +62,60 @@ lib: $(LIBOBJ) $(RANLIB) $(LIB) || echo Never mind. @touch lib -# elf -asm/bn86-elf.s: asm/bn-586.pl ../perlasm/x86asm.pl - (cd asm; $(PERL) bn-586.pl elf $(CFLAGS) > bn86-elf.s) - -asm/co86-elf.s: asm/co-586.pl ../perlasm/x86asm.pl - (cd asm; $(PERL) co-586.pl elf $(CFLAGS) > co86-elf.s) - +# ELF +bn86-elf.s: asm/bn-586.pl ../perlasm/x86asm.pl + (cd asm; $(PERL) bn-586.pl elf $(CFLAGS) > ../$@) +co86-elf.s: asm/co-586.pl ../perlasm/x86asm.pl + (cd asm; $(PERL) co-586.pl elf $(CFLAGS) > ../$@) +mo86-elf.s: asm/mo-586.pl ../perlasm/x86asm.pl + (cd asm; $(PERL) mo-586.pl elf $(CFLAGS) > ../$@) +# COFF +bn86-cof.s: asm/bn-586.pl ../perlasm/x86asm.pl + (cd asm; $(PERL) bn-586.pl coff $(CFLAGS) > ../$@) +co86-cof.s: asm/co-586.pl ../perlasm/x86asm.pl + (cd asm; $(PERL) co-586.pl coff $(CFLAGS) > ../$@) +mo86-cof.s: asm/mo-586.pl ../perlasm/x86asm.pl + (cd asm; $(PERL) mo-586.pl coff $(CFLAGS) > ../$@) # a.out -asm/bn86-out.o: asm/bn86unix.cpp - $(CPP) -DOUT asm/bn86unix.cpp | as -o asm/bn86-out.o - -asm/co86-out.o: asm/co86unix.cpp - $(CPP) -DOUT asm/co86unix.cpp | as -o asm/co86-out.o - -# bsdi -asm/bn86bsdi.o: asm/bn86unix.cpp - $(CPP) -DBSDI asm/bn86unix.cpp | sed 's/ :/:/' | as -o asm/bn86bsdi.o - -asm/co86bsdi.o: asm/co86unix.cpp - $(CPP) -DBSDI asm/co86unix.cpp | sed 's/ :/:/' | as -o asm/co86bsdi.o - -asm/bn86unix.cpp: asm/bn-586.pl ../perlasm/x86asm.pl - (cd asm; $(PERL) bn-586.pl cpp >bn86unix.cpp ) - -asm/co86unix.cpp: asm/co-586.pl ../perlasm/x86asm.pl - (cd asm; $(PERL) co-586.pl cpp >co86unix.cpp ) - -asm/sparcv8.o: asm/sparcv8.S - -asm/sparcv8plus.o: asm/sparcv8plus.S - -# Old GNU assembler doesn't understand V9 instructions, so we -# hire /usr/ccs/bin/as to do the job. Note that option is called -# *-gcc27, but even gcc 2>=8 users may experience similar problem -# if they didn't bother to upgrade GNU assembler. Such users should -# not choose this option, but be adviced to *remove* GNU assembler -# or upgrade it. -asm/sparcv8plus-gcc27.o: asm/sparcv8plus.S - $(CC) $(ASFLAGS) -E asm/sparcv8plus.S | \ - /usr/ccs/bin/as -xarch=v8plus - -o asm/sparcv8plus-gcc27.o - - -asm/ia64.o: asm/ia64.S - -# Some compiler drivers (most notably HP-UX and Intel C++) don't -# understand .S extension:-( I wish I could pipe output from cc -E, -# but it's too compiler driver/ABI dependent to cover with a single -# rule... -asm/ia64-cpp.o: asm/ia64.S - $(CC) $(ASFLAGS) -E asm/ia64.S > /tmp/ia64.$$$$.s && \ - $(CC) $(ASFLAGS) -c -o asm/ia64-cpp.o /tmp/ia64.$$$$.s; \ - rm -f /tmp/ia64.$$$$.s - -asm/x86_64-gcc.o: asm/x86_64-gcc.c - $(CC) $(ASFLAGS) -c -o $@ $< - -asm/pa-risc2W.o: asm/pa-risc2W.s - /usr/ccs/bin/as -o asm/pa-risc2W.o asm/pa-risc2W.s - -asm/linux_ppc32.s: asm/ppc.pl; $(PERL) $< $@ -asm/linux_ppc64.s: asm/ppc.pl; $(PERL) $< $@ -asm/aix_ppc32.s: asm/ppc.pl; $(PERL) asm/ppc.pl $@ -asm/aix_ppc64.s: asm/ppc.pl; $(PERL) asm/ppc.pl $@ -asm/osx_ppc32.s: asm/ppc.pl; $(PERL) $< $@ +bn86-out.s: asm/bn-586.pl ../perlasm/x86asm.pl + (cd asm; $(PERL) bn-586.pl a.out $(CFLAGS) > ../$@) +co86-out.s: asm/co-586.pl ../perlasm/x86asm.pl + (cd asm; $(PERL) co-586.pl a.out $(CFLAGS) > ../$@) +mo86-out.s: asm/mo-586.pl ../perlasm/x86asm.pl + (cd asm; $(PERL) mo-586.pl a.out $(CFLAGS) > ../$@) + +sparcv8.o: asm/sparcv8.S + $(CC) $(CFLAGS) -c asm/sparcv8.S +sparcv8plus.o: asm/sparcv8plus.S + $(CC) $(CFLAGS) -c asm/sparcv8plus.S + +bn-mips3.o: asm/mips3.s + @if [ "$(CC)" = "gcc" ]; then \ + ABI=`expr "$(CFLAGS)" : ".*-mabi=\([n3264]*\)"` && \ + as -$$ABI -O -o $@ asm/mips3.s; \ + else $(CC) -c $(CFLAGS) -o $@ asm/mips3.s; fi + +x86_64-gcc.o: asm/x86_64-gcc.c + $(CC) $(CFLAGS) -c -o $@ asm/x86_64-gcc.c +x86_64-mont.s: asm/x86_64-mont.pl + $(PERL) asm/x86_64-mont.pl $@ + +bn-ia64.s: asm/ia64.S + $(CC) $(CFLAGS) -E asm/ia64.S > $@ + +# GNU assembler fails to compile PA-RISC2 modules, insist on calling +# vendor assembler... +pa-risc2W.o: asm/pa-risc2W.s + /usr/ccs/bin/as -o pa-risc2W.o asm/pa-risc2W.s +pa-risc2.o: asm/pa-risc2.s + /usr/ccs/bin/as -o pa-risc2.o asm/pa-risc2.s + +# ppc - AIX, Linux, MacOS X... +linux_ppc32.s: asm/ppc.pl; $(PERL) $< $@ +linux_ppc64.s: asm/ppc.pl; $(PERL) $< $@ +aix_ppc32.s: asm/ppc.pl; $(PERL) asm/ppc.pl $@ +aix_ppc64.s: asm/ppc.pl; $(PERL) asm/ppc.pl $@ +osx_ppc32.s: asm/ppc.pl; $(PERL) $< $@ files: $(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO @@ -138,6 +126,7 @@ links: @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS) install: + @[ -n "$(INSTALLTOP)" ] # should be set by top Makefile... @headerlist="$(EXHEADER)"; for i in $$headerlist ; \ do \ (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \ @@ -161,6 +150,7 @@ lint: lint -DLINT $(INCLUDES) $(SRC)>fluff depend: + @[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile... $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC) dclean: @@ -168,7 +158,7 @@ dclean: mv -f Makefile.new $(MAKEFILE) clean: - rm -f asm/co86unix.cpp asm/bn86unix.cpp asm/*-elf.* *.o */*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff bn_asm.s + rm -f *.s *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff # DO NOT DELETE THIS LINE -- make depend depends on it. @@ -176,101 +166,131 @@ bn_add.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h bn_add.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h bn_add.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h bn_add.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h -bn_add.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h -bn_add.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -bn_add.o: ../cryptlib.h bn_add.c bn_lcl.h +bn_add.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +bn_add.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +bn_add.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_add.c bn_lcl.h bn_asm.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h bn_asm.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h bn_asm.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h bn_asm.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h -bn_asm.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h -bn_asm.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -bn_asm.o: ../cryptlib.h bn_asm.c bn_lcl.h +bn_asm.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +bn_asm.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +bn_asm.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_asm.c bn_lcl.h bn_blind.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h bn_blind.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h bn_blind.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h bn_blind.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h -bn_blind.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h -bn_blind.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -bn_blind.o: ../cryptlib.h bn_blind.c bn_lcl.h +bn_blind.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +bn_blind.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +bn_blind.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_blind.c bn_lcl.h +bn_const.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h +bn_const.o: ../../include/openssl/ossl_typ.h bn.h bn_const.c bn_ctx.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h bn_ctx.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h bn_ctx.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h bn_ctx.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h -bn_ctx.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h -bn_ctx.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -bn_ctx.o: ../cryptlib.h bn_ctx.c bn_lcl.h +bn_ctx.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +bn_ctx.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +bn_ctx.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_ctx.c bn_lcl.h +bn_depr.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h +bn_depr.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h +bn_depr.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h +bn_depr.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h +bn_depr.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +bn_depr.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h +bn_depr.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +bn_depr.o: ../cryptlib.h bn_depr.c bn_lcl.h bn_div.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h bn_div.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h bn_div.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h bn_div.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h -bn_div.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h -bn_div.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -bn_div.o: ../cryptlib.h bn_div.c bn_lcl.h +bn_div.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +bn_div.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +bn_div.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_div.c bn_lcl.h bn_err.o: ../../include/openssl/bio.h ../../include/openssl/bn.h bn_err.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h bn_err.o: ../../include/openssl/err.h ../../include/openssl/lhash.h bn_err.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -bn_err.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h -bn_err.o: ../../include/openssl/symhacks.h bn_err.c +bn_err.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h +bn_err.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +bn_err.o: bn_err.c bn_exp.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h bn_exp.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h bn_exp.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h bn_exp.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h -bn_exp.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h -bn_exp.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -bn_exp.o: ../cryptlib.h bn_exp.c bn_lcl.h +bn_exp.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +bn_exp.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +bn_exp.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_exp.c bn_lcl.h bn_exp2.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h bn_exp2.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h bn_exp2.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h bn_exp2.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h -bn_exp2.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h -bn_exp2.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -bn_exp2.o: ../cryptlib.h bn_exp2.c bn_lcl.h +bn_exp2.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +bn_exp2.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +bn_exp2.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_exp2.c bn_lcl.h bn_gcd.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h bn_gcd.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h bn_gcd.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h bn_gcd.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h -bn_gcd.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h -bn_gcd.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -bn_gcd.o: ../cryptlib.h bn_gcd.c bn_lcl.h -bn_kron.o: ../../include/openssl/bn.h ../../include/openssl/e_os2.h -bn_kron.o: ../../include/openssl/opensslconf.h bn_kron.c bn_lcl.h +bn_gcd.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +bn_gcd.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +bn_gcd.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_gcd.c bn_lcl.h +bn_gf2m.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h +bn_gf2m.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h +bn_gf2m.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h +bn_gf2m.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h +bn_gf2m.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +bn_gf2m.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +bn_gf2m.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_gf2m.c bn_lcl.h +bn_kron.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h +bn_kron.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h +bn_kron.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h +bn_kron.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h +bn_kron.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +bn_kron.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +bn_kron.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_kron.c bn_lcl.h bn_lib.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h bn_lib.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h bn_lib.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h bn_lib.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h -bn_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h -bn_lib.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -bn_lib.o: ../cryptlib.h bn_lcl.h bn_lib.c +bn_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +bn_lib.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +bn_lib.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_lcl.h bn_lib.c bn_mod.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h bn_mod.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h bn_mod.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h bn_mod.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h -bn_mod.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h -bn_mod.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -bn_mod.o: ../cryptlib.h bn_lcl.h bn_mod.c +bn_mod.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +bn_mod.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +bn_mod.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_lcl.h bn_mod.c bn_mont.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h bn_mont.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h bn_mont.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h bn_mont.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h -bn_mont.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h -bn_mont.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -bn_mont.o: ../cryptlib.h bn_lcl.h bn_mont.c +bn_mont.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +bn_mont.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +bn_mont.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_lcl.h bn_mont.c bn_mpi.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h bn_mpi.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h bn_mpi.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h bn_mpi.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h -bn_mpi.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h -bn_mpi.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -bn_mpi.o: ../cryptlib.h bn_lcl.h bn_mpi.c +bn_mpi.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +bn_mpi.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +bn_mpi.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_lcl.h bn_mpi.c bn_mul.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h bn_mul.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h bn_mul.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h bn_mul.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h -bn_mul.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h -bn_mul.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -bn_mul.o: ../cryptlib.h bn_lcl.h bn_mul.c +bn_mul.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +bn_mul.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +bn_mul.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_lcl.h bn_mul.c +bn_nist.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h +bn_nist.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h +bn_nist.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h +bn_nist.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h +bn_nist.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +bn_nist.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +bn_nist.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_lcl.h bn_nist.c bn_prime.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h bn_prime.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h bn_prime.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h @@ -283,9 +303,9 @@ bn_print.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h bn_print.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h bn_print.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h bn_print.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h -bn_print.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h -bn_print.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -bn_print.o: ../cryptlib.h bn_lcl.h bn_print.c +bn_print.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +bn_print.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +bn_print.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_lcl.h bn_print.c bn_rand.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h bn_rand.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h bn_rand.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h @@ -298,36 +318,34 @@ bn_recp.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h bn_recp.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h bn_recp.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h bn_recp.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h -bn_recp.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h -bn_recp.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -bn_recp.o: ../cryptlib.h bn_lcl.h bn_recp.c +bn_recp.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +bn_recp.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +bn_recp.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_lcl.h bn_recp.c bn_shift.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h bn_shift.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h bn_shift.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h bn_shift.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h -bn_shift.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h -bn_shift.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -bn_shift.o: ../cryptlib.h bn_lcl.h bn_shift.c +bn_shift.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +bn_shift.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +bn_shift.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_lcl.h bn_shift.c bn_sqr.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h bn_sqr.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h bn_sqr.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h bn_sqr.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h -bn_sqr.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h -bn_sqr.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -bn_sqr.o: ../cryptlib.h bn_lcl.h bn_sqr.c +bn_sqr.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +bn_sqr.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +bn_sqr.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_lcl.h bn_sqr.c bn_sqrt.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h bn_sqrt.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h bn_sqrt.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h bn_sqrt.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h -bn_sqrt.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h -bn_sqrt.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -bn_sqrt.o: ../cryptlib.h bn_lcl.h bn_sqrt.c +bn_sqrt.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +bn_sqrt.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +bn_sqrt.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_lcl.h bn_sqrt.c bn_word.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h bn_word.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h bn_word.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h bn_word.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h -bn_word.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h -bn_word.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -bn_word.o: ../cryptlib.h bn_lcl.h bn_word.c -bn_x931p.o: ../../include/openssl/bn.h ../../include/openssl/e_os2.h -bn_x931p.o: ../../include/openssl/opensslconf.h bn_x931p.c +bn_word.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +bn_word.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +bn_word.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_lcl.h bn_word.c diff --git a/src/lib/libcrypto/bn/asm/mo-586.pl b/src/lib/libcrypto/bn/asm/mo-586.pl new file mode 100644 index 0000000000..0982293094 --- /dev/null +++ b/src/lib/libcrypto/bn/asm/mo-586.pl @@ -0,0 +1,603 @@ +#!/usr/bin/env perl + +# This is crypto/bn/asm/x86-mont.pl (with asciz from crypto/perlasm/x86asm.pl) +# from OpenSSL 0.9.9-dev + +sub ::asciz +{ my @str=unpack("C*",shift); + push @str,0; + while ($#str>15) { + &data_byte(@str[0..15]); + foreach (0..15) { shift @str; } + } + &data_byte(@str) if (@str); +} + +# ==================================================================== +# Written by Andy Polyakov for the OpenSSL +# project. The module is, however, dual licensed under OpenSSL and +# CRYPTOGAMS licenses depending on where you obtain it. For further +# details see http://www.openssl.org/~appro/cryptogams/. +# ==================================================================== + +# October 2005 +# +# This is a "teaser" code, as it can be improved in several ways... +# First of all non-SSE2 path should be implemented (yes, for now it +# performs Montgomery multiplication/convolution only on SSE2-capable +# CPUs such as P4, others fall down to original code). Then inner loop +# can be unrolled and modulo-scheduled to improve ILP and possibly +# moved to 128-bit XMM register bank (though it would require input +# rearrangement and/or increase bus bandwidth utilization). Dedicated +# squaring procedure should give further performance improvement... +# Yet, for being draft, the code improves rsa512 *sign* benchmark by +# 110%(!), rsa1024 one - by 70% and rsa4096 - by 20%:-) + +# December 2006 +# +# Modulo-scheduling SSE2 loops results in further 15-20% improvement. +# Integer-only code [being equipped with dedicated squaring procedure] +# gives ~40% on rsa512 sign benchmark... + +push(@INC,"perlasm","../../perlasm"); +require "x86asm.pl"; + +&asm_init($ARGV[0],$0); + +$sse2=0; +for (@ARGV) { $sse2=1 if (/-DOPENSSL_IA32_SSE2/); } + +&external_label("OPENSSL_ia32cap_P") if ($sse2); + +&function_begin("bn_mul_mont"); + +$i="edx"; +$j="ecx"; +$ap="esi"; $tp="esi"; # overlapping variables!!! +$rp="edi"; $bp="edi"; # overlapping variables!!! +$np="ebp"; +$num="ebx"; + +$_num=&DWP(4*0,"esp"); # stack top layout +$_rp=&DWP(4*1,"esp"); +$_ap=&DWP(4*2,"esp"); +$_bp=&DWP(4*3,"esp"); +$_np=&DWP(4*4,"esp"); +$_n0=&DWP(4*5,"esp"); $_n0q=&QWP(4*5,"esp"); +$_sp=&DWP(4*6,"esp"); +$_bpend=&DWP(4*7,"esp"); +$frame=32; # size of above frame rounded up to 16n + + &xor ("eax","eax"); + &mov ("edi",&wparam(5)); # int num + &cmp ("edi",4); + &jl (&label("just_leave")); + + &lea ("esi",&wparam(0)); # put aside pointer to argument block + &lea ("edx",&wparam(1)); # load ap + &mov ("ebp","esp"); # saved stack pointer! + &add ("edi",2); # extra two words on top of tp + &neg ("edi"); + &lea ("esp",&DWP(-$frame,"esp","edi",4)); # alloca($frame+4*(num+2)) + &neg ("edi"); + + # minimize cache contention by arraning 2K window between stack + # pointer and ap argument [np is also position sensitive vector, + # but it's assumed to be near ap, as it's allocated at ~same + # time]. + &mov ("eax","esp"); + &sub ("eax","edx"); + &and ("eax",2047); + &sub ("esp","eax"); # this aligns sp and ap modulo 2048 + + &xor ("edx","esp"); + &and ("edx",2048); + &xor ("edx",2048); + &sub ("esp","edx"); # this splits them apart modulo 4096 + + &and ("esp",-64); # align to cache line + + ################################# load argument block... + &mov ("eax",&DWP(0*4,"esi"));# BN_ULONG *rp + &mov ("ebx",&DWP(1*4,"esi"));# const BN_ULONG *ap + &mov ("ecx",&DWP(2*4,"esi"));# const BN_ULONG *bp + &mov ("edx",&DWP(3*4,"esi"));# const BN_ULONG *np + &mov ("esi",&DWP(4*4,"esi"));# const BN_ULONG *n0 + #&mov ("edi",&DWP(5*4,"esi"));# int num + + &mov ("esi",&DWP(0,"esi")); # pull n0[0] + &mov ($_rp,"eax"); # ... save a copy of argument block + &mov ($_ap,"ebx"); + &mov ($_bp,"ecx"); + &mov ($_np,"edx"); + &mov ($_n0,"esi"); + &lea ($num,&DWP(-3,"edi")); # num=num-1 to assist modulo-scheduling + #&mov ($_num,$num); # redundant as $num is not reused + &mov ($_sp,"ebp"); # saved stack pointer! + +if($sse2) { +$acc0="mm0"; # mmx register bank layout +$acc1="mm1"; +$car0="mm2"; +$car1="mm3"; +$mul0="mm4"; +$mul1="mm5"; +$temp="mm6"; +$mask="mm7"; + + &picmeup("eax","OPENSSL_ia32cap_P"); + &bt (&DWP(0,"eax"),26); + &jnc (&label("non_sse2")); + + &mov ("eax",-1); + &movd ($mask,"eax"); # mask 32 lower bits + + &mov ($ap,$_ap); # load input pointers + &mov ($bp,$_bp); + &mov ($np,$_np); + + &xor ($i,$i); # i=0 + &xor ($j,$j); # j=0 + + &movd ($mul0,&DWP(0,$bp)); # bp[0] + &movd ($mul1,&DWP(0,$ap)); # ap[0] + &movd ($car1,&DWP(0,$np)); # np[0] + + &pmuludq($mul1,$mul0); # ap[0]*bp[0] + &movq ($car0,$mul1); + &movq ($acc0,$mul1); # I wish movd worked for + &pand ($acc0,$mask); # inter-register transfers + + &pmuludq($mul1,$_n0q); # *=n0 + + &pmuludq($car1,$mul1); # "t[0]"*np[0]*n0 + &paddq ($car1,$acc0); + + &movd ($acc1,&DWP(4,$np)); # np[1] + &movd ($acc0,&DWP(4,$ap)); # ap[1] + + &psrlq ($car0,32); + &psrlq ($car1,32); + + &inc ($j); # j++ +&set_label("1st",16); + &pmuludq($acc0,$mul0); # ap[j]*bp[0] + &pmuludq($acc1,$mul1); # np[j]*m1 + &paddq ($car0,$acc0); # +=c0 + &paddq ($car1,$acc1); # +=c1 + + &movq ($acc0,$car0); + &pand ($acc0,$mask); + &movd ($acc1,&DWP(4,$np,$j,4)); # np[j+1] + &paddq ($car1,$acc0); # +=ap[j]*bp[0]; + &movd ($acc0,&DWP(4,$ap,$j,4)); # ap[j+1] + &psrlq ($car0,32); + &movd (&DWP($frame-4,"esp",$j,4),$car1); # tp[j-1]= + &psrlq ($car1,32); + + &lea ($j,&DWP(1,$j)); + &cmp ($j,$num); + &jl (&label("1st")); + + &pmuludq($acc0,$mul0); # ap[num-1]*bp[0] + &pmuludq($acc1,$mul1); # np[num-1]*m1 + &paddq ($car0,$acc0); # +=c0 + &paddq ($car1,$acc1); # +=c1 + + &movq ($acc0,$car0); + &pand ($acc0,$mask); + &paddq ($car1,$acc0); # +=ap[num-1]*bp[0]; + &movd (&DWP($frame-4,"esp",$j,4),$car1); # tp[num-2]= + + &psrlq ($car0,32); + &psrlq ($car1,32); + + &paddq ($car1,$car0); + &movq (&QWP($frame,"esp",$num,4),$car1); # tp[num].tp[num-1] + + &inc ($i); # i++ +&set_label("outer"); + &xor ($j,$j); # j=0 + + &movd ($mul0,&DWP(0,$bp,$i,4)); # bp[i] + &movd ($mul1,&DWP(0,$ap)); # ap[0] + &movd ($temp,&DWP($frame,"esp")); # tp[0] + &movd ($car1,&DWP(0,$np)); # np[0] + &pmuludq($mul1,$mul0); # ap[0]*bp[i] + + &paddq ($mul1,$temp); # +=tp[0] + &movq ($acc0,$mul1); + &movq ($car0,$mul1); + &pand ($acc0,$mask); + + &pmuludq($mul1,$_n0q); # *=n0 + + &pmuludq($car1,$mul1); + &paddq ($car1,$acc0); + + &movd ($temp,&DWP($frame+4,"esp")); # tp[1] + &movd ($acc1,&DWP(4,$np)); # np[1] + &movd ($acc0,&DWP(4,$ap)); # ap[1] + + &psrlq ($car0,32); + &psrlq ($car1,32); + &paddq ($car0,$temp); # +=tp[1] + + &inc ($j); # j++ + &dec ($num); +&set_label("inner"); + &pmuludq($acc0,$mul0); # ap[j]*bp[i] + &pmuludq($acc1,$mul1); # np[j]*m1 + &paddq ($car0,$acc0); # +=c0 + &paddq ($car1,$acc1); # +=c1 + + &movq ($acc0,$car0); + &movd ($temp,&DWP($frame+4,"esp",$j,4));# tp[j+1] + &pand ($acc0,$mask); + &movd ($acc1,&DWP(4,$np,$j,4)); # np[j+1] + &paddq ($car1,$acc0); # +=ap[j]*bp[i]+tp[j] + &movd ($acc0,&DWP(4,$ap,$j,4)); # ap[j+1] + &psrlq ($car0,32); + &movd (&DWP($frame-4,"esp",$j,4),$car1);# tp[j-1]= + &psrlq ($car1,32); + &paddq ($car0,$temp); # +=tp[j+1] + + &dec ($num); + &lea ($j,&DWP(1,$j)); # j++ + &jnz (&label("inner")); + + &mov ($num,$j); + &pmuludq($acc0,$mul0); # ap[num-1]*bp[i] + &pmuludq($acc1,$mul1); # np[num-1]*m1 + &paddq ($car0,$acc0); # +=c0 + &paddq ($car1,$acc1); # +=c1 + + &movq ($acc0,$car0); + &pand ($acc0,$mask); + &paddq ($car1,$acc0); # +=ap[num-1]*bp[i]+tp[num-1] + &movd (&DWP($frame-4,"esp",$j,4),$car1); # tp[num-2]= + &psrlq ($car0,32); + &psrlq ($car1,32); + + &movd ($temp,&DWP($frame+4,"esp",$num,4)); # += tp[num] + &paddq ($car1,$car0); + &paddq ($car1,$temp); + &movq (&QWP($frame,"esp",$num,4),$car1); # tp[num].tp[num-1] + + &lea ($i,&DWP(1,$i)); # i++ + &cmp ($i,$num); + &jle (&label("outer")); + + &emms (); # done with mmx bank + &jmp (&label("common_tail")); + +&set_label("non_sse2",16); +} + +if (0) { + &mov ("esp",$_sp); + &xor ("eax","eax"); # signal "not fast enough [yet]" + &jmp (&label("just_leave")); + # While the below code provides competitive performance for + # all key lengthes on modern Intel cores, it's still more + # than 10% slower for 4096-bit key elsewhere:-( "Competitive" + # means compared to the original integer-only assembler. + # 512-bit RSA sign is better by ~40%, but that's about all + # one can say about all CPUs... +} else { +$inp="esi"; # integer path uses these registers differently +$word="edi"; +$carry="ebp"; + + &mov ($inp,$_ap); + &lea ($carry,&DWP(1,$num)); + &mov ($word,$_bp); + &xor ($j,$j); # j=0 + &mov ("edx",$inp); + &and ($carry,1); # see if num is even + &sub ("edx",$word); # see if ap==bp + &lea ("eax",&DWP(4,$word,$num,4)); # &bp[num] + &or ($carry,"edx"); + &mov ($word,&DWP(0,$word)); # bp[0] + &jz (&label("bn_sqr_mont")); + &mov ($_bpend,"eax"); + &mov ("eax",&DWP(0,$inp)); + &xor ("edx","edx"); + +&set_label("mull",16); + &mov ($carry,"edx"); + &mul ($word); # ap[j]*bp[0] + &add ($carry,"eax"); + &lea ($j,&DWP(1,$j)); + &adc ("edx",0); + &mov ("eax",&DWP(0,$inp,$j,4)); # ap[j+1] + &cmp ($j,$num); + &mov (&DWP($frame-4,"esp",$j,4),$carry); # tp[j]= + &jl (&label("mull")); + + &mov ($carry,"edx"); + &mul ($word); # ap[num-1]*bp[0] + &mov ($word,$_n0); + &add ("eax",$carry); + &mov ($inp,$_np); + &adc ("edx",0); + &imul ($word,&DWP($frame,"esp")); # n0*tp[0] + + &mov (&DWP($frame,"esp",$num,4),"eax"); # tp[num-1]= + &xor ($j,$j); + &mov (&DWP($frame+4,"esp",$num,4),"edx"); # tp[num]= + &mov (&DWP($frame+8,"esp",$num,4),$j); # tp[num+1]= + + &mov ("eax",&DWP(0,$inp)); # np[0] + &mul ($word); # np[0]*m + &add ("eax",&DWP($frame,"esp")); # +=tp[0] + &mov ("eax",&DWP(4,$inp)); # np[1] + &adc ("edx",0); + &inc ($j); + + &jmp (&label("2ndmadd")); + +&set_label("1stmadd",16); + &mov ($carry,"edx"); + &mul ($word); # ap[j]*bp[i] + &add ($carry,&DWP($frame,"esp",$j,4)); # +=tp[j] + &lea ($j,&DWP(1,$j)); + &adc ("edx",0); + &add ($carry,"eax"); + &mov ("eax",&DWP(0,$inp,$j,4)); # ap[j+1] + &adc ("edx",0); + &cmp ($j,$num); + &mov (&DWP($frame-4,"esp",$j,4),$carry); # tp[j]= + &jl (&label("1stmadd")); + + &mov ($carry,"edx"); + &mul ($word); # ap[num-1]*bp[i] + &add ("eax",&DWP($frame,"esp",$num,4)); # +=tp[num-1] + &mov ($word,$_n0); + &adc ("edx",0); + &mov ($inp,$_np); + &add ($carry,"eax"); + &adc ("edx",0); + &imul ($word,&DWP($frame,"esp")); # n0*tp[0] + + &xor ($j,$j); + &add ("edx",&DWP($frame+4,"esp",$num,4)); # carry+=tp[num] + &mov (&DWP($frame,"esp",$num,4),$carry); # tp[num-1]= + &adc ($j,0); + &mov ("eax",&DWP(0,$inp)); # np[0] + &mov (&DWP($frame+4,"esp",$num,4),"edx"); # tp[num]= + &mov (&DWP($frame+8,"esp",$num,4),$j); # tp[num+1]= + + &mul ($word); # np[0]*m + &add ("eax",&DWP($frame,"esp")); # +=tp[0] + &mov ("eax",&DWP(4,$inp)); # np[1] + &adc ("edx",0); + &mov ($j,1); + +&set_label("2ndmadd",16); + &mov ($carry,"edx"); + &mul ($word); # np[j]*m + &add ($carry,&DWP($frame,"esp",$j,4)); # +=tp[j] + &lea ($j,&DWP(1,$j)); + &adc ("edx",0); + &add ($carry,"eax"); + &mov ("eax",&DWP(0,$inp,$j,4)); # np[j+1] + &adc ("edx",0); + &cmp ($j,$num); + &mov (&DWP($frame-8,"esp",$j,4),$carry); # tp[j-1]= + &jl (&label("2ndmadd")); + + &mov ($carry,"edx"); + &mul ($word); # np[j]*m + &add ($carry,&DWP($frame,"esp",$num,4)); # +=tp[num-1] + &adc ("edx",0); + &add ($carry,"eax"); + &adc ("edx",0); + &mov (&DWP($frame-4,"esp",$num,4),$carry); # tp[num-2]= + + &xor ("eax","eax"); + &mov ($j,$_bp); # &bp[i] + &add ("edx",&DWP($frame+4,"esp",$num,4)); # carry+=tp[num] + &adc ("eax",&DWP($frame+8,"esp",$num,4)); # +=tp[num+1] + &lea ($j,&DWP(4,$j)); + &mov (&DWP($frame,"esp",$num,4),"edx"); # tp[num-1]= + &cmp ($j,$_bpend); + &mov (&DWP($frame+4,"esp",$num,4),"eax"); # tp[num]= + &je (&label("common_tail")); + + &mov ($word,&DWP(0,$j)); # bp[i+1] + &mov ($inp,$_ap); + &mov ($_bp,$j); # &bp[++i] + &xor ($j,$j); + &xor ("edx","edx"); + &mov ("eax",&DWP(0,$inp)); + &jmp (&label("1stmadd")); + +&set_label("bn_sqr_mont",16); +$sbit=$num; + &mov ($_num,$num); + &mov ($_bp,$j); # i=0 + + &mov ("eax",$word); # ap[0] + &mul ($word); # ap[0]*ap[0] + &mov (&DWP($frame,"esp"),"eax"); # tp[0]= + &mov ($sbit,"edx"); + &shr ("edx",1); + &and ($sbit,1); + &inc ($j); +&set_label("sqr",16); + &mov ("eax",&DWP(0,$inp,$j,4)); # ap[j] + &mov ($carry,"edx"); + &mul ($word); # ap[j]*ap[0] + &add ("eax",$carry); + &lea ($j,&DWP(1,$j)); + &adc ("edx",0); + &lea ($carry,&DWP(0,$sbit,"eax",2)); + &shr ("eax",31); + &cmp ($j,$_num); + &mov ($sbit,"eax"); + &mov (&DWP($frame-4,"esp",$j,4),$carry); # tp[j]= + &jl (&label("sqr")); + + &mov ("eax",&DWP(0,$inp,$j,4)); # ap[num-1] + &mov ($carry,"edx"); + &mul ($word); # ap[num-1]*ap[0] + &add ("eax",$carry); + &mov ($word,$_n0); + &adc ("edx",0); + &mov ($inp,$_np); + &lea ($carry,&DWP(0,$sbit,"eax",2)); + &imul ($word,&DWP($frame,"esp")); # n0*tp[0] + &shr ("eax",31); + &mov (&DWP($frame,"esp",$j,4),$carry); # tp[num-1]= + + &lea ($carry,&DWP(0,"eax","edx",2)); + &mov ("eax",&DWP(0,$inp)); # np[0] + &shr ("edx",31); + &mov (&DWP($frame+4,"esp",$j,4),$carry); # tp[num]= + &mov (&DWP($frame+8,"esp",$j,4),"edx"); # tp[num+1]= + + &mul ($word); # np[0]*m + &add ("eax",&DWP($frame,"esp")); # +=tp[0] + &mov ($num,$j); + &adc ("edx",0); + &mov ("eax",&DWP(4,$inp)); # np[1] + &mov ($j,1); + +&set_label("3rdmadd",16); + &mov ($carry,"edx"); + &mul ($word); # np[j]*m + &add ($carry,&DWP($frame,"esp",$j,4)); # +=tp[j] + &adc ("edx",0); + &add ($carry,"eax"); + &mov ("eax",&DWP(4,$inp,$j,4)); # np[j+1] + &adc ("edx",0); + &mov (&DWP($frame-4,"esp",$j,4),$carry); # tp[j-1]= + + &mov ($carry,"edx"); + &mul ($word); # np[j+1]*m + &add ($carry,&DWP($frame+4,"esp",$j,4)); # +=tp[j+1] + &lea ($j,&DWP(2,$j)); + &adc ("edx",0); + &add ($carry,"eax"); + &mov ("eax",&DWP(0,$inp,$j,4)); # np[j+2] + &adc ("edx",0); + &cmp ($j,$num); + &mov (&DWP($frame-8,"esp",$j,4),$carry); # tp[j]= + &jl (&label("3rdmadd")); + + &mov ($carry,"edx"); + &mul ($word); # np[j]*m + &add ($carry,&DWP($frame,"esp",$num,4)); # +=tp[num-1] + &adc ("edx",0); + &add ($carry,"eax"); + &adc ("edx",0); + &mov (&DWP($frame-4,"esp",$num,4),$carry); # tp[num-2]= + + &mov ($j,$_bp); # i + &xor ("eax","eax"); + &mov ($inp,$_ap); + &add ("edx",&DWP($frame+4,"esp",$num,4)); # carry+=tp[num] + &adc ("eax",&DWP($frame+8,"esp",$num,4)); # +=tp[num+1] + &mov (&DWP($frame,"esp",$num,4),"edx"); # tp[num-1]= + &cmp ($j,$num); + &mov (&DWP($frame+4,"esp",$num,4),"eax"); # tp[num]= + &je (&label("common_tail")); + + &mov ($word,&DWP(4,$inp,$j,4)); # ap[i] + &lea ($j,&DWP(1,$j)); + &mov ("eax",$word); + &mov ($_bp,$j); # ++i + &mul ($word); # ap[i]*ap[i] + &add ("eax",&DWP($frame,"esp",$j,4)); # +=tp[i] + &adc ("edx",0); + &mov (&DWP($frame,"esp",$j,4),"eax"); # tp[i]= + &xor ($carry,$carry); + &cmp ($j,$num); + &lea ($j,&DWP(1,$j)); + &je (&label("sqrlast")); + + &mov ($sbit,"edx"); # zaps $num + &shr ("edx",1); + &and ($sbit,1); +&set_label("sqradd",16); + &mov ("eax",&DWP(0,$inp,$j,4)); # ap[j] + &mov ($carry,"edx"); + &mul ($word); # ap[j]*ap[i] + &add ("eax",$carry); + &lea ($carry,&DWP(0,"eax","eax")); + &adc ("edx",0); + &shr ("eax",31); + &add ($carry,&DWP($frame,"esp",$j,4)); # +=tp[j] + &lea ($j,&DWP(1,$j)); + &adc ("eax",0); + &add ($carry,$sbit); + &adc ("eax",0); + &cmp ($j,$_num); + &mov (&DWP($frame-4,"esp",$j,4),$carry); # tp[j]= + &mov ($sbit,"eax"); + &jle (&label("sqradd")); + + &mov ($carry,"edx"); + &lea ("edx",&DWP(0,$sbit,"edx",2)); + &shr ($carry,31); +&set_label("sqrlast"); + &mov ($word,$_n0); + &mov ($inp,$_np); + &imul ($word,&DWP($frame,"esp")); # n0*tp[0] + + &add ("edx",&DWP($frame,"esp",$j,4)); # +=tp[num] + &mov ("eax",&DWP(0,$inp)); # np[0] + &adc ($carry,0); + &mov (&DWP($frame,"esp",$j,4),"edx"); # tp[num]= + &mov (&DWP($frame+4,"esp",$j,4),$carry); # tp[num+1]= + + &mul ($word); # np[0]*m + &add ("eax",&DWP($frame,"esp")); # +=tp[0] + &lea ($num,&DWP(-1,$j)); + &adc ("edx",0); + &mov ($j,1); + &mov ("eax",&DWP(4,$inp)); # np[1] + + &jmp (&label("3rdmadd")); +} + +&set_label("common_tail",16); + &mov ($np,$_np); # load modulus pointer + &mov ($rp,$_rp); # load result pointer + &lea ($tp,&DWP($frame,"esp")); # [$ap and $bp are zapped] + + &mov ("eax",&DWP(0,$tp)); # tp[0] + &mov ($j,$num); # j=num-1 + &xor ($i,$i); # i=0 and clear CF! + +&set_label("sub",16); + &sbb ("eax",&DWP(0,$np,$i,4)); + &mov (&DWP(0,$rp,$i,4),"eax"); # rp[i]=tp[i]-np[i] + &dec ($j); # doesn't affect CF! + &mov ("eax",&DWP(4,$tp,$i,4)); # tp[i+1] + &lea ($i,&DWP(1,$i)); # i++ + &jge (&label("sub")); + + &sbb ("eax",0); # handle upmost overflow bit + &and ($tp,"eax"); + ¬ ("eax"); + &mov ($np,$rp); + &and ($np,"eax"); + &or ($tp,$np); # tp=carry?tp:rp + +&set_label("copy",16); # copy or in-place refresh + &mov ("eax",&DWP(0,$tp,$num,4)); + &mov (&DWP(0,$rp,$num,4),"eax"); # rp[i]=tp[i] + &mov (&DWP($frame,"esp",$num,4),$j); # zap temporary vector + &dec ($num); + &jge (&label("copy")); + + &mov ("esp",$_sp); # pull saved stack pointer + &mov ("eax",1); +&set_label("just_leave"); +&function_end("bn_mul_mont"); + +&asciz("Montgomery Multiplication for x86, CRYPTOGAMS by "); + +&asm_finish(); diff --git a/src/lib/libcrypto/bn/bntest.c b/src/lib/libcrypto/bn/bntest.c index 685007d330..310763eca0 100644 --- a/src/lib/libcrypto/bn/bntest.c +++ b/src/lib/libcrypto/bn/bntest.c @@ -55,6 +55,25 @@ * copied and put under another distribution licence * [including the GNU Public Licence.] */ +/* ==================================================================== + * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. + * + * Portions of the attached software ("Contribution") are developed by + * SUN MICROSYSTEMS, INC., and are contributed to the OpenSSL project. + * + * The Contribution is licensed pursuant to the Eric Young open source + * license provided above. + * + * The binary polynomial arithmetic software is originally written by + * Sheueling Chang Shantz and Douglas Stebila of Sun Microsystems Laboratories. + * + */ + +/* Until the key-gen callbacks are modified to use newer prototypes, we allow + * deprecated functions for openssl-internal code */ +#ifdef OPENSSL_NO_DEPRECATED +#undef OPENSSL_NO_DEPRECATED +#endif #include #include @@ -79,6 +98,7 @@ int test_lshift(BIO *bp,BN_CTX *ctx,BIGNUM *a_); int test_rshift1(BIO *bp); int test_rshift(BIO *bp,BN_CTX *ctx); int test_div(BIO *bp,BN_CTX *ctx); +int test_div_word(BIO *bp); int test_div_recp(BIO *bp,BN_CTX *ctx); int test_mul(BIO *bp); int test_sqr(BIO *bp,BN_CTX *ctx); @@ -88,6 +108,15 @@ int test_mod_mul(BIO *bp,BN_CTX *ctx); int test_mod_exp(BIO *bp,BN_CTX *ctx); int test_mod_exp_mont_consttime(BIO *bp,BN_CTX *ctx); int test_exp(BIO *bp,BN_CTX *ctx); +int test_gf2m_add(BIO *bp); +int test_gf2m_mod(BIO *bp); +int test_gf2m_mod_mul(BIO *bp,BN_CTX *ctx); +int test_gf2m_mod_sqr(BIO *bp,BN_CTX *ctx); +int test_gf2m_mod_inv(BIO *bp,BN_CTX *ctx); +int test_gf2m_mod_div(BIO *bp,BN_CTX *ctx); +int test_gf2m_mod_exp(BIO *bp,BN_CTX *ctx); +int test_gf2m_mod_sqrt(BIO *bp,BN_CTX *ctx); +int test_gf2m_mod_solve_quad(BIO *bp,BN_CTX *ctx); int test_kron(BIO *bp,BN_CTX *ctx); int test_sqrt(BIO *bp,BN_CTX *ctx); int rand_neg(void); @@ -155,80 +184,120 @@ int main(int argc, char *argv[]) message(out,"BN_add"); if (!test_add(out)) goto err; - BIO_flush(out); + (void)BIO_flush(out); message(out,"BN_sub"); if (!test_sub(out)) goto err; - BIO_flush(out); + (void)BIO_flush(out); message(out,"BN_lshift1"); if (!test_lshift1(out)) goto err; - BIO_flush(out); + (void)BIO_flush(out); message(out,"BN_lshift (fixed)"); if (!test_lshift(out,ctx,BN_bin2bn(lst,sizeof(lst)-1,NULL))) goto err; - BIO_flush(out); + (void)BIO_flush(out); message(out,"BN_lshift"); if (!test_lshift(out,ctx,NULL)) goto err; - BIO_flush(out); + (void)BIO_flush(out); message(out,"BN_rshift1"); if (!test_rshift1(out)) goto err; - BIO_flush(out); + (void)BIO_flush(out); message(out,"BN_rshift"); if (!test_rshift(out,ctx)) goto err; - BIO_flush(out); + (void)BIO_flush(out); message(out,"BN_sqr"); if (!test_sqr(out,ctx)) goto err; - BIO_flush(out); + (void)BIO_flush(out); message(out,"BN_mul"); if (!test_mul(out)) goto err; - BIO_flush(out); + (void)BIO_flush(out); message(out,"BN_div"); if (!test_div(out,ctx)) goto err; - BIO_flush(out); + (void)BIO_flush(out); + + message(out,"BN_div_word"); + if (!test_div_word(out)) goto err; + (void)BIO_flush(out); message(out,"BN_div_recp"); if (!test_div_recp(out,ctx)) goto err; - BIO_flush(out); + (void)BIO_flush(out); message(out,"BN_mod"); if (!test_mod(out,ctx)) goto err; - BIO_flush(out); + (void)BIO_flush(out); message(out,"BN_mod_mul"); if (!test_mod_mul(out,ctx)) goto err; - BIO_flush(out); + (void)BIO_flush(out); message(out,"BN_mont"); if (!test_mont(out,ctx)) goto err; - BIO_flush(out); + (void)BIO_flush(out); message(out,"BN_mod_exp"); if (!test_mod_exp(out,ctx)) goto err; - BIO_flush(out); + (void)BIO_flush(out); message(out,"BN_mod_exp_mont_consttime"); if (!test_mod_exp_mont_consttime(out,ctx)) goto err; - BIO_flush(out); + (void)BIO_flush(out); message(out,"BN_exp"); if (!test_exp(out,ctx)) goto err; - BIO_flush(out); + (void)BIO_flush(out); message(out,"BN_kronecker"); if (!test_kron(out,ctx)) goto err; - BIO_flush(out); + (void)BIO_flush(out); message(out,"BN_mod_sqrt"); if (!test_sqrt(out,ctx)) goto err; - BIO_flush(out); + (void)BIO_flush(out); + + message(out,"BN_GF2m_add"); + if (!test_gf2m_add(out)) goto err; + (void)BIO_flush(out); + + message(out,"BN_GF2m_mod"); + if (!test_gf2m_mod(out)) goto err; + (void)BIO_flush(out); + + message(out,"BN_GF2m_mod_mul"); + if (!test_gf2m_mod_mul(out,ctx)) goto err; + (void)BIO_flush(out); + + message(out,"BN_GF2m_mod_sqr"); + if (!test_gf2m_mod_sqr(out,ctx)) goto err; + (void)BIO_flush(out); + + message(out,"BN_GF2m_mod_inv"); + if (!test_gf2m_mod_inv(out,ctx)) goto err; + (void)BIO_flush(out); + + message(out,"BN_GF2m_mod_div"); + if (!test_gf2m_mod_div(out,ctx)) goto err; + (void)BIO_flush(out); + + message(out,"BN_GF2m_mod_exp"); + if (!test_gf2m_mod_exp(out,ctx)) goto err; + (void)BIO_flush(out); + + message(out,"BN_GF2m_mod_sqrt"); + if (!test_gf2m_mod_sqrt(out,ctx)) goto err; + (void)BIO_flush(out); + + message(out,"BN_GF2m_mod_solve_quad"); + if (!test_gf2m_mod_solve_quad(out,ctx)) goto err; + (void)BIO_flush(out); BN_CTX_free(ctx); BIO_free(out); @@ -237,8 +306,8 @@ int main(int argc, char *argv[]) EXIT(0); err: BIO_puts(out,"1\n"); /* make sure the Perl script fed by bc notices - * the failure, see test_bn in test/Makefile */ - BIO_flush(out); + * the failure, see test_bn in test/Makefile.ssl*/ + (void)BIO_flush(out); ERR_load_crypto_strings(); ERR_print_errors_fp(stderr); EXIT(1); @@ -404,6 +473,78 @@ int test_div(BIO *bp, BN_CTX *ctx) return(1); } +static void print_word(BIO *bp,BN_ULONG w) + { +#ifdef SIXTY_FOUR_BIT + if (sizeof(w) > sizeof(unsigned long)) + { + unsigned long h=(unsigned long)(w>>32), + l=(unsigned long)(w); + + if (h) BIO_printf(bp,"%lX%08lX",h,l); + else BIO_printf(bp,"%lX",l); + return; + } +#endif + BIO_printf(bp,"%lX",w); + } + +int test_div_word(BIO *bp) + { + BIGNUM a,b; + BN_ULONG r,s; + int i; + + BN_init(&a); + BN_init(&b); + + for (i=0; ineg = rand_neg(); putc('\n', stderr); @@ -1023,6 +1741,7 @@ int test_kron(BIO *bp, BN_CTX *ctx) int test_sqrt(BIO *bp, BN_CTX *ctx) { + BN_GENCB cb; BIGNUM *a,*p,*r; int i, j; int ret = 0; @@ -1031,7 +1750,9 @@ int test_sqrt(BIO *bp, BN_CTX *ctx) p = BN_new(); r = BN_new(); if (a == NULL || p == NULL || r == NULL) goto err; - + + BN_GENCB_set(&cb, genprime_cb, NULL); + for (i = 0; i < 16; i++) { if (i < 8) @@ -1045,7 +1766,7 @@ int test_sqrt(BIO *bp, BN_CTX *ctx) if (!BN_set_word(a, 32)) goto err; if (!BN_set_word(r, 2*i + 1)) goto err; - if (!BN_generate_prime(p, 256, 0, a, r, genprime_cb, NULL)) goto err; + if (!BN_generate_prime_ex(p, 256, 0, a, r, &cb)) goto err; putc('\n', stderr); } p->neg = rand_neg(); diff --git a/src/lib/libcrypto/bn/exptest.c b/src/lib/libcrypto/bn/exptest.c index 28aaac2ac1..f598a07cf5 100644 --- a/src/lib/libcrypto/bn/exptest.c +++ b/src/lib/libcrypto/bn/exptest.c @@ -195,6 +195,9 @@ int main(int argc, char *argv[]) err: ERR_load_crypto_strings(); ERR_print_errors(out); +#ifdef OPENSSL_SYS_NETWARE + printf("ERROR\n"); +#endif EXIT(1); return(1); } diff --git a/src/lib/libcrypto/buffer/Makefile b/src/lib/libcrypto/buffer/Makefile index 4b53c595a3..9f3a88d2d6 100644 --- a/src/lib/libcrypto/buffer/Makefile +++ b/src/lib/libcrypto/buffer/Makefile @@ -7,11 +7,6 @@ TOP= ../.. CC= cc INCLUDES= -I.. -I$(TOP) -I../../include CFLAG=-g -INSTALL_PREFIX= -OPENSSLDIR= /usr/local/ssl -INSTALLTOP=/usr/local/ssl -MAKEDEPPROG= makedepend -MAKEDEPEND= $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG) MAKEFILE= Makefile AR= ar r @@ -51,6 +46,7 @@ links: @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS) install: + @[ -n "$(INSTALLTOP)" ] # should be set by top Makefile... @headerlist="$(EXHEADER)"; for i in $$headerlist ; \ do \ (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \ @@ -66,6 +62,7 @@ lint: lint -DLINT $(INCLUDES) $(SRC)>fluff depend: + @[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile... $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC) dclean: @@ -81,12 +78,13 @@ buf_err.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h buf_err.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h buf_err.o: ../../include/openssl/err.h ../../include/openssl/lhash.h buf_err.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -buf_err.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h -buf_err.o: ../../include/openssl/symhacks.h buf_err.c +buf_err.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h +buf_err.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +buf_err.o: buf_err.c buffer.o: ../../e_os.h ../../include/openssl/bio.h buffer.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h buffer.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h buffer.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h -buffer.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h -buffer.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -buffer.o: ../cryptlib.h buffer.c +buffer.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +buffer.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +buffer.o: ../../include/openssl/symhacks.h ../cryptlib.h buffer.c diff --git a/src/lib/libcrypto/cast/Makefile b/src/lib/libcrypto/cast/Makefile index b388f6271c..149956ee90 100644 --- a/src/lib/libcrypto/cast/Makefile +++ b/src/lib/libcrypto/cast/Makefile @@ -8,23 +8,14 @@ CC= cc CPP= $(CC) -E INCLUDES= CFLAG=-g -INSTALL_PREFIX= -OPENSSLDIR= /usr/local/ssl -INSTALLTOP=/usr/local/ssl -MAKEDEPPROG= makedepend -MAKEDEPEND= $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG) MAKEFILE= Makefile AR= ar r CAST_ENC=c_enc.o -# or use -#CAST_ENC=asm/cx86-elf.o -#CAST_ENC=asm/cx86-out.o -#CAST_ENC=asm/cx86-sol.o -#CAST_ENC=asm/cx86bdsi.o CFLAGS= $(INCLUDES) $(CFLAG) ASFLAGS= $(INCLUDES) $(ASFLAG) +AFLAGS= $(ASFLAGS) GENERAL=Makefile TEST=casttest.c @@ -51,20 +42,15 @@ lib: $(LIBOBJ) $(RANLIB) $(LIB) || echo Never mind. @touch lib -# elf -asm/cx86-elf.s: asm/cast-586.pl ../perlasm/x86asm.pl ../perlasm/cbc.pl - (cd asm; $(PERL) cast-586.pl elf $(CLAGS) $(PROCESSOR) > cx86-elf.s) - +# ELF +cx86-elf.s: asm/cast-586.pl ../perlasm/x86asm.pl ../perlasm/cbc.pl + (cd asm; $(PERL) cast-586.pl elf $(CLAGS) $(PROCESSOR) > ../$@) +# COFF +cx86-cof.s: asm/cast-586.pl ../perlasm/x86asm.pl ../perlasm/cbc.pl + (cd asm; $(PERL) cast-586.pl coff $(CLAGS) $(PROCESSOR) > ../$@) # a.out -asm/cx86-out.o: asm/cx86unix.cpp - $(CPP) -DOUT asm/cx86unix.cpp | as -o asm/cx86-out.o - -# bsdi -asm/cx86bsdi.o: asm/cx86unix.cpp - $(CPP) -DBSDI asm/cx86unix.cpp | sed 's/ :/:/' | as -o asm/cx86bsdi.o - -asm/cx86unix.cpp: asm/cast-586.pl ../perlasm/x86asm.pl ../perlasm/cbc.pl - (cd asm; $(PERL) cast-586.pl cpp $(PROCESSOR) >cx86unix.cpp) +cx86-out.s: asm/cast-586.pl ../perlasm/x86asm.pl ../perlasm/cbc.pl + (cd asm; $(PERL) cast-586.pl a.out $(CLAGS) $(PROCESSOR) > ../$@) files: $(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO @@ -75,6 +61,7 @@ links: @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS) install: + @[ -n "$(INSTALLTOP)" ] # should be set by top Makefile... @headerlist="$(EXHEADER)"; for i in $$headerlist ; \ do \ (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \ @@ -90,6 +77,7 @@ lint: lint -DLINT $(INCLUDES) $(SRC)>fluff depend: + @[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile... $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC) dclean: @@ -97,7 +85,7 @@ dclean: mv -f Makefile.new $(MAKEFILE) clean: - rm -f asm/cx86unix.cpp asm/*-elf.* *.o asm/*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff + rm -f *.s *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff # DO NOT DELETE THIS LINE -- make depend depends on it. @@ -114,8 +102,5 @@ c_ofb64.o: ../../e_os.h ../../include/openssl/cast.h c_ofb64.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h c_ofb64.o: c_ofb64.c cast_lcl.h c_skey.o: ../../e_os.h ../../include/openssl/cast.h -c_skey.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h -c_skey.o: ../../include/openssl/fips.h ../../include/openssl/opensslconf.h -c_skey.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h -c_skey.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +c_skey.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h c_skey.o: c_skey.c cast_lcl.h cast_s.h diff --git a/src/lib/libcrypto/cast/cast_spd.c b/src/lib/libcrypto/cast/cast_spd.c index 76abf50d98..d650af475c 100644 --- a/src/lib/libcrypto/cast/cast_spd.c +++ b/src/lib/libcrypto/cast/cast_spd.c @@ -69,7 +69,10 @@ #include OPENSSL_UNISTD_IO OPENSSL_DECLARE_EXIT +#ifndef OPENSSL_SYS_NETWARE #include +#endif + #ifndef _IRIX #include #endif diff --git a/src/lib/libcrypto/cast/castopts.c b/src/lib/libcrypto/cast/castopts.c index 1b858d153b..33b2c7b06f 100644 --- a/src/lib/libcrypto/cast/castopts.c +++ b/src/lib/libcrypto/cast/castopts.c @@ -69,7 +69,10 @@ #include OPENSSL_UNISTD_IO OPENSSL_DECLARE_EXIT +#ifndef OPENSSL_SYS_NETWARE #include +#endif + #ifndef _IRIX #include #endif diff --git a/src/lib/libcrypto/cast/casttest.c b/src/lib/libcrypto/cast/casttest.c index 83e5a16c73..0d020d6975 100644 --- a/src/lib/libcrypto/cast/casttest.c +++ b/src/lib/libcrypto/cast/casttest.c @@ -59,6 +59,7 @@ #include #include #include +#include /* To see if OPENSSL_NO_CAST is defined */ #include "../e_os.h" diff --git a/src/lib/libcrypto/comp/Makefile b/src/lib/libcrypto/comp/Makefile index df1babec5c..efda832dce 100644 --- a/src/lib/libcrypto/comp/Makefile +++ b/src/lib/libcrypto/comp/Makefile @@ -7,11 +7,6 @@ TOP= ../.. CC= cc INCLUDES= -I.. -I$(TOP) -I../../include CFLAG=-g -INSTALL_PREFIX= -OPENSSLDIR= /usr/local/ssl -INSTALLTOP=/usr/local/ssl -MAKEDEPPROG= makedepend -MAKEDEPEND= $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG) MAKEFILE= Makefile AR= ar r @@ -54,6 +49,7 @@ links: @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS) install: + @[ -n "$(INSTALLTOP)" ] # should be set by top Makefile... @headerlist="$(EXHEADER)"; for i in $$headerlist ; \ do \ (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \ @@ -69,6 +65,7 @@ lint: lint -DLINT $(INCLUDES) $(SRC)>fluff depend: + @[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile... $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(LIBSRC) dclean: @@ -81,33 +78,31 @@ clean: # DO NOT DELETE THIS LINE -- make depend depends on it. c_rle.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -c_rle.o: ../../include/openssl/bn.h ../../include/openssl/comp.h -c_rle.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h -c_rle.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -c_rle.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -c_rle.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h -c_rle.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h c_rle.c +c_rle.o: ../../include/openssl/comp.h ../../include/openssl/crypto.h +c_rle.o: ../../include/openssl/e_os2.h ../../include/openssl/obj_mac.h +c_rle.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h +c_rle.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +c_rle.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +c_rle.o: ../../include/openssl/symhacks.h c_rle.c c_zlib.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -c_zlib.o: ../../include/openssl/bn.h ../../include/openssl/comp.h -c_zlib.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h -c_zlib.o: ../../include/openssl/err.h ../../include/openssl/lhash.h -c_zlib.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -c_zlib.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -c_zlib.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h -c_zlib.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -c_zlib.o: c_zlib.c +c_zlib.o: ../../include/openssl/comp.h ../../include/openssl/crypto.h +c_zlib.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h +c_zlib.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h +c_zlib.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h +c_zlib.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +c_zlib.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +c_zlib.o: ../../include/openssl/symhacks.h c_zlib.c comp_err.o: ../../include/openssl/bio.h ../../include/openssl/comp.h comp_err.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h comp_err.o: ../../include/openssl/err.h ../../include/openssl/lhash.h comp_err.o: ../../include/openssl/opensslconf.h -comp_err.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h -comp_err.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -comp_err.o: comp_err.c +comp_err.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +comp_err.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +comp_err.o: ../../include/openssl/symhacks.h comp_err.c comp_lib.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -comp_lib.o: ../../include/openssl/bn.h ../../include/openssl/comp.h -comp_lib.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h -comp_lib.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -comp_lib.o: ../../include/openssl/opensslconf.h +comp_lib.o: ../../include/openssl/comp.h ../../include/openssl/crypto.h +comp_lib.o: ../../include/openssl/e_os2.h ../../include/openssl/obj_mac.h +comp_lib.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h comp_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h comp_lib.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h comp_lib.o: ../../include/openssl/symhacks.h comp_lib.c diff --git a/src/lib/libcrypto/conf/Makefile b/src/lib/libcrypto/conf/Makefile index 403d12b28c..78bb324106 100644 --- a/src/lib/libcrypto/conf/Makefile +++ b/src/lib/libcrypto/conf/Makefile @@ -7,11 +7,6 @@ TOP= ../.. CC= cc INCLUDES= -I.. -I$(TOP) -I../../include CFLAG=-g -INSTALL_PREFIX= -OPENSSLDIR= /usr/local/ssl -INSTALLTOP=/usr/local/ssl -MAKEDEPPROG= makedepend -MAKEDEPEND= $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG) MAKEFILE= Makefile AR= ar r @@ -54,6 +49,7 @@ links: @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS) install: + @[ -n "$(INSTALLTOP)" ] # should be set by top Makefile... @headerlist="$(EXHEADER)"; for i in $$headerlist ; \ do \ (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \ @@ -69,6 +65,7 @@ lint: lint -DLINT $(INCLUDES) $(SRC)>fluff depend: + @[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile... $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(LIBSRC) dclean: @@ -84,98 +81,72 @@ conf_api.o: ../../e_os.h ../../include/openssl/bio.h conf_api.o: ../../include/openssl/conf.h ../../include/openssl/conf_api.h conf_api.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h conf_api.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h -conf_api.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h -conf_api.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -conf_api.o: conf_api.c +conf_api.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +conf_api.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +conf_api.o: ../../include/openssl/symhacks.h conf_api.c conf_def.o: ../../e_os.h ../../include/openssl/bio.h conf_def.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h conf_def.o: ../../include/openssl/conf_api.h ../../include/openssl/crypto.h conf_def.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h conf_def.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h -conf_def.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h -conf_def.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -conf_def.o: ../cryptlib.h conf_def.c conf_def.h +conf_def.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +conf_def.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +conf_def.o: ../../include/openssl/symhacks.h ../cryptlib.h conf_def.c +conf_def.o: conf_def.h conf_err.o: ../../include/openssl/bio.h ../../include/openssl/conf.h conf_err.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h conf_err.o: ../../include/openssl/err.h ../../include/openssl/lhash.h conf_err.o: ../../include/openssl/opensslconf.h -conf_err.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h -conf_err.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -conf_err.o: conf_err.c +conf_err.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +conf_err.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +conf_err.o: ../../include/openssl/symhacks.h conf_err.c conf_lib.o: ../../include/openssl/bio.h ../../include/openssl/conf.h conf_lib.o: ../../include/openssl/conf_api.h ../../include/openssl/crypto.h conf_lib.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h conf_lib.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h -conf_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h -conf_lib.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -conf_lib.o: conf_lib.c -conf_mall.o: ../../e_os.h ../../include/openssl/aes.h -conf_mall.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -conf_mall.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -conf_mall.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h +conf_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +conf_lib.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +conf_lib.o: ../../include/openssl/symhacks.h conf_lib.c +conf_mall.o: ../../e_os.h ../../include/openssl/asn1.h +conf_mall.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h conf_mall.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h -conf_mall.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -conf_mall.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h conf_mall.o: ../../include/openssl/dso.h ../../include/openssl/e_os2.h -conf_mall.o: ../../include/openssl/engine.h ../../include/openssl/err.h -conf_mall.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -conf_mall.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -conf_mall.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -conf_mall.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h +conf_mall.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h +conf_mall.o: ../../include/openssl/ecdsa.h ../../include/openssl/engine.h +conf_mall.o: ../../include/openssl/err.h ../../include/openssl/evp.h +conf_mall.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h conf_mall.o: ../../include/openssl/objects.h conf_mall.o: ../../include/openssl/opensslconf.h conf_mall.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -conf_mall.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h -conf_mall.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -conf_mall.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h -conf_mall.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h +conf_mall.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h conf_mall.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -conf_mall.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -conf_mall.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h +conf_mall.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h conf_mall.o: ../../include/openssl/x509_vfy.h ../cryptlib.h conf_mall.c -conf_mod.o: ../../e_os.h ../../include/openssl/aes.h -conf_mod.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -conf_mod.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -conf_mod.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h +conf_mod.o: ../../e_os.h ../../include/openssl/asn1.h +conf_mod.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h conf_mod.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h -conf_mod.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -conf_mod.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h conf_mod.o: ../../include/openssl/dso.h ../../include/openssl/e_os2.h -conf_mod.o: ../../include/openssl/err.h ../../include/openssl/evp.h -conf_mod.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -conf_mod.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -conf_mod.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h +conf_mod.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h +conf_mod.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h +conf_mod.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h conf_mod.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h conf_mod.o: ../../include/openssl/opensslconf.h conf_mod.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -conf_mod.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -conf_mod.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -conf_mod.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -conf_mod.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -conf_mod.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -conf_mod.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -conf_mod.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -conf_mod.o: ../cryptlib.h conf_mod.c -conf_sap.o: ../../e_os.h ../../include/openssl/aes.h -conf_sap.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -conf_sap.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -conf_sap.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h +conf_mod.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h +conf_mod.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +conf_mod.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h +conf_mod.o: ../../include/openssl/x509_vfy.h ../cryptlib.h conf_mod.c +conf_sap.o: ../../e_os.h ../../include/openssl/asn1.h +conf_sap.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h conf_sap.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h -conf_sap.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -conf_sap.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h conf_sap.o: ../../include/openssl/dso.h ../../include/openssl/e_os2.h -conf_sap.o: ../../include/openssl/engine.h ../../include/openssl/err.h -conf_sap.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -conf_sap.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -conf_sap.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -conf_sap.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h +conf_sap.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h +conf_sap.o: ../../include/openssl/ecdsa.h ../../include/openssl/engine.h +conf_sap.o: ../../include/openssl/err.h ../../include/openssl/evp.h +conf_sap.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h conf_sap.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h conf_sap.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -conf_sap.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h -conf_sap.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -conf_sap.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h -conf_sap.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h +conf_sap.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h conf_sap.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -conf_sap.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -conf_sap.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h +conf_sap.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h conf_sap.o: ../../include/openssl/x509_vfy.h ../cryptlib.h conf_sap.c diff --git a/src/lib/libcrypto/crypto-lib.com b/src/lib/libcrypto/crypto-lib.com index 427c321f25..8898f30c1f 100644 --- a/src/lib/libcrypto/crypto-lib.com +++ b/src/lib/libcrypto/crypto-lib.com @@ -75,12 +75,15 @@ $ ENDIF $! $! Define The Different Encryption Types. $! -$ ENCRYPT_TYPES = "Basic,MD2,MD4,MD5,SHA,MDC2,HMAC,RIPEMD,"+ - - "DES,RC2,RC4,RC5,IDEA,BF,CAST,"+ - - "BN,EC,RSA,DSA,DH,DSO,ENGINE,AES,"+ - - "BUFFER,BIO,STACK,LHASH,RAND,ERR,OBJECTS,"+ - +$ ENCRYPT_TYPES = "Basic,"+ - + "OBJECTS,"+ - + "MD2,MD4,MD5,SHA,MDC2,HMAC,RIPEMD,"+ - + "DES,RC2,RC4,RC5,IDEA,BF,CAST,CAMELLIA,SEED,"+ - + "BN,EC,RSA,DSA,ECDSA,DH,ECDH,DSO,ENGINE,AES,"+ - + "BUFFER,BIO,STACK,LHASH,RAND,ERR,"+ - "EVP,EVP_2,ASN1,ASN1_2,PEM,X509,X509V3,"+ - - "CONF,TXT_DB,PKCS7,PKCS12,COMP,OCSP,UI,KRB5" + "CONF,TXT_DB,PKCS7,PKCS12,COMP,OCSP,UI,KRB5,"+ - + "STORE,CMS,PQUEUE" $! $! Check To Make Sure We Have Valid Command Line Parameters. $! @@ -158,11 +161,11 @@ $! $ APPS_DES = "DES/DES,CBC3_ENC" $ APPS_PKCS7 = "ENC/ENC;DEC/DEC;SIGN/SIGN;VERIFY/VERIFY,EXAMPLE" $ -$ LIB_ = "cryptlib,mem,mem_clr,mem_dbg,cversion,ex_data,tmdiff,cpt_err,ebcdic,uid,o_time,o_str" +$ LIB_ = "cryptlib,mem,mem_clr,mem_dbg,cversion,ex_data,tmdiff,cpt_err,ebcdic,uid,o_time,o_str,o_dir" $ LIB_MD2 = "md2_dgst,md2_one" $ LIB_MD4 = "md4_dgst,md4_one" $ LIB_MD5 = "md5_dgst,md5_one" -$ LIB_SHA = "sha_dgst,sha1dgst,sha_one,sha1_one" +$ LIB_SHA = "sha_dgst,sha1dgst,sha_one,sha1_one,sha256,sha512" $ LIB_MDC2 = "mdc2dgst,mdc2_one" $ LIB_HMAC = "hmac" $ LIB_RIPEMD = "rmd_dgst,rmd_one" @@ -179,34 +182,43 @@ $ LIB_RC5 = "rc5_skey,rc5_ecb,rc5_enc,rc5cfb64,rc5ofb64" $ LIB_IDEA = "i_cbc,i_cfb64,i_ofb64,i_ecb,i_skey" $ LIB_BF = "bf_skey,bf_ecb,bf_enc,bf_cfb64,bf_ofb64" $ LIB_CAST = "c_skey,c_ecb,c_enc,c_cfb64,c_ofb64" +$ LIB_CAMELLIA = "camellia,cmll_misc,cmll_ecb,cmll_cbc,cmll_ofb,"+ - + "cmll_cfb,cmll_ctr" +$ LIB_SEED = "seed,seed_cbc,seed_ecb,seed_cfb,seed_ofb" $ LIB_BN_ASM = "[.asm]vms.mar,vms-helper" $ IF F$TRNLNM("OPENSSL_NO_ASM").OR.ARCH.EQS."AXP" THEN LIB_BN_ASM = "bn_asm" $ LIB_BN = "bn_add,bn_div,bn_exp,bn_lib,bn_ctx,bn_mul,bn_mod,"+ - "bn_print,bn_rand,bn_shift,bn_word,bn_blind,"+ - "bn_kron,bn_sqrt,bn_gcd,bn_prime,bn_err,bn_sqr,"+LIB_BN_ASM+","+ - - "bn_recp,bn_mont,bn_mpi,bn_exp2,bn_x931p" + "bn_recp,bn_mont,bn_mpi,bn_exp2,bn_gf2m,bn_nist,"+ - + "bn_depr,bn_const" +$ LIB_EC = "ec_lib,ecp_smpl,ecp_mont,ecp_nist,ec_cvt,ec_mult,"+ - + "ec_err,ec_curve,ec_check,ec_print,ec_asn1,ec_key,"+ - + "ec2_smpl,ec2_mult" $ LIB_RSA = "rsa_eay,rsa_gen,rsa_lib,rsa_sign,rsa_saos,rsa_err,"+ - "rsa_pk1,rsa_ssl,rsa_none,rsa_oaep,rsa_chk,rsa_null,"+ - - "rsa_pss,rsa_x931,rsa_asn1" -$ LIB_EC = "ec_lib,ecp_smpl,ecp_mont,ecp_recp,ecp_nist,ec_cvt,ec_mult,"+ - - "ec_err" -$ LIB_DSA = "dsa_gen,dsa_key,dsa_lib,dsa_asn1,dsa_vrf,dsa_sign,dsa_err,dsa_ossl" -$ LIB_DH = "dh_asn1,dh_gen,dh_key,dh_lib,dh_check,dh_err" + "rsa_pss,rsa_x931,rsa_asn1,rsa_depr" +$ LIB_DSA = "dsa_gen,dsa_key,dsa_lib,dsa_asn1,dsa_vrf,dsa_sign,"+ - + "dsa_err,dsa_ossl,dsa_depr" +$ LIB_ECDSA = "ecs_lib,ecs_asn1,ecs_ossl,ecs_sign,ecs_vrf,ecs_err" +$ LIB_DH = "dh_asn1,dh_gen,dh_key,dh_lib,dh_check,dh_err,dh_depr" +$ LIB_ECDH = "ech_lib,ech_ossl,ech_key,ech_err" $ LIB_DSO = "dso_dl,dso_dlfcn,dso_err,dso_lib,dso_null,"+ - "dso_openssl,dso_win32,dso_vms" $ LIB_ENGINE = "eng_err,eng_lib,eng_list,eng_init,eng_ctrl,"+ - "eng_table,eng_pkey,eng_fat,eng_all,"+ - - "tb_rsa,tb_dsa,tb_dh,tb_rand,tb_cipher,tb_digest,"+ - - "eng_openssl,eng_dyn,eng_cnf,"+ - - "hw_atalla,hw_cswift,hw_ncipher,hw_nuron,hw_ubsec,"+ - - "hw_cryptodev,hw_aep,hw_sureware,hw_4758_cca" -$ LIB_AES = "aes_core,aes_misc,aes_ecb,aes_cbc,aes_cfb,aes_ofb,aes_ctr" + "tb_rsa,tb_dsa,tb_ecdsa,tb_dh,tb_ecdh,tb_rand,tb_store,"+ - + "tb_cipher,tb_digest,"+ - + "eng_openssl,eng_dyn,eng_cnf,eng_cryptodev,eng_padlock" +$ LIB_AES = "aes_core,aes_misc,aes_ecb,aes_cbc,aes_cfb,aes_ofb,"+ - + "aes_ctr,aes_ige,aes_wrap" $ LIB_BUFFER = "buffer,buf_err" $ LIB_BIO = "bio_lib,bio_cb,bio_err,"+ - "bss_mem,bss_null,bss_fd,"+ - "bss_file,bss_sock,bss_conn,"+ - "bf_null,bf_buff,b_print,b_dump,"+ - "b_sock,bss_acpt,bf_nbio,bss_rtcp,bss_bio,bss_log,"+ - + "bss_dgram,"+ - "bf_lbuf" $ LIB_STACK = "stack" $ LIB_LHASH = "lhash,lh_stats" @@ -215,11 +227,11 @@ $ LIB_RAND = "md_rand,randfile,rand_lib,rand_err,rand_egd,"+ - $ LIB_ERR = "err,err_all,err_prn" $ LIB_OBJECTS = "o_names,obj_dat,obj_lib,obj_err" $ LIB_EVP = "encode,digest,evp_enc,evp_key,evp_acnf,"+ - - "e_des,e_bf,e_idea,e_des3,"+ - + "e_des,e_bf,e_idea,e_des3,e_camellia,e_seed,"+ - "e_rc4,e_aes,names,"+ - "e_xcbc_d,e_rc2,e_cast,e_rc5" $ LIB_EVP_2 = "m_null,m_md2,m_md4,m_md5,m_sha,m_sha1," + - - "m_dss,m_dss1,m_mdc2,m_ripemd,"+ - + "m_dss,m_dss1,m_mdc2,m_ripemd,m_ecdsa,"+ - "p_open,p_seal,p_sign,p_verify,p_lib,p_enc,p_dec,"+ - "bio_md,bio_b64,bio_enc,evp_err,e_null,"+ - "c_all,c_allc,c_alld,evp_lib,bio_ok,"+- @@ -233,8 +245,8 @@ $ LIB_ASN1 = "a_object,a_bitstr,a_utctm,a_gentm,a_time,a_int,a_octet,"+ - $ LIB_ASN1_2 = "t_req,t_x509,t_x509a,t_crl,t_pkey,t_spki,t_bitst,"+ - "tasn_new,tasn_fre,tasn_enc,tasn_dec,tasn_utl,tasn_typ,"+ - "f_int,f_string,n_pkey,"+ - - "f_enum,a_hdr,x_pkey,a_bool,x_exten,"+ - - "asn1_par,asn1_lib,asn1_err,a_meth,a_bytes,a_strnid,"+ - + "f_enum,a_hdr,x_pkey,a_bool,x_exten,asn_mime,"+ - + "asn1_gen,asn1_par,asn1_lib,asn1_err,a_meth,a_bytes,a_strnid,"+ - "evp_asn1,asn_pack,p5_pbe,p5_pbev2,p8_pkey,asn_moid" $ LIB_PEM = "pem_sign,pem_seal,pem_info,pem_lib,pem_all,pem_err,"+ - "pem_x509,pem_xaux,pem_oth,pem_pk8,pem_pkey" @@ -243,11 +255,13 @@ $ LIB_X509 = "x509_def,x509_d2,x509_r2x,x509_cmp,"+ - "x509_set,x509cset,x509rset,x509_err,"+ - "x509name,x509_v3,x509_ext,x509_att,"+ - "x509type,x509_lu,x_all,x509_txt,"+ - - "x509_trs,by_file,by_dir" + "x509_trs,by_file,by_dir,x509_vpm" $ LIB_X509V3 = "v3_bcons,v3_bitst,v3_conf,v3_extku,v3_ia5,v3_lib,"+ - "v3_prn,v3_utl,v3err,v3_genn,v3_alt,v3_skey,v3_akey,v3_pku,"+ - "v3_int,v3_enum,v3_sxnet,v3_cpols,v3_crld,v3_purp,v3_info,"+ - - "v3_ocsp,v3_akeya,v3_pcia,v3_pci" + "v3_ocsp,v3_akeya,v3_pmaps,v3_pcons,v3_ncons,v3_pcia,v3_pci,"+ - + "pcy_cache,pcy_node,pcy_data,pcy_map,pcy_tree,pcy_lib,"+ - + "v3_asid,v3_addr" $ LIB_CONF = "conf_err,conf_lib,conf_api,conf_def,conf_mod,conf_mall,conf_sap" $ LIB_TXT_DB = "txt_db" $ LIB_PKCS7 = "pk7_asn1,pk7_lib,pkcs7err,pk7_doit,pk7_smime,pk7_attr,"+ - @@ -262,13 +276,17 @@ $ LIB_OCSP = "ocsp_asn,ocsp_ext,ocsp_ht,ocsp_lib,ocsp_cl,"+ - $ LIB_UI_COMPAT = ",ui_compat" $ LIB_UI = "ui_err,ui_lib,ui_openssl,ui_util"+LIB_UI_COMPAT $ LIB_KRB5 = "krb5_asn" +$ LIB_STORE = "str_err,str_lib,str_meth,str_mem" +$ LIB_CMS = "cms_lib,cms_asn1,cms_att,cms_io,cms_smime,cms_err,"+ - + "cms_sd,cms_dd,cms_cd,cms_env,cms_enc,cms_ess" +$ LIB_PQUEUE = "pqueue" $! $! Setup exceptional compilations $! $ ! Add definitions for no threads on OpenVMS 7.1 and higher $ COMPILEWITH_CC3 = ",bss_rtcp," $ ! Disable the DOLLARID warning -$ COMPILEWITH_CC4 = ",a_utctm,bss_log,o_time," +$ COMPILEWITH_CC4 = ",a_utctm,bss_log,o_time,o_dir" $ ! Disable disjoint optimization $ COMPILEWITH_CC5 = ",md2_dgst,md4_dgst,md5_dgst,mdc2dgst," + - "sha_dgst,sha1dgst,rmd_dgst,bf_enc," diff --git a/src/lib/libcrypto/des/FILES0 b/src/lib/libcrypto/des/FILES0 index 1c2e1f75b9..4c7ea2de7a 100644 --- a/src/lib/libcrypto/des/FILES0 +++ b/src/lib/libcrypto/des/FILES0 @@ -8,7 +8,7 @@ README - What this package is. VERSION - Which version this is and what was changed. KERBEROS - Kerberos version 4 notes. Makefile.PL - An old makefile to build with perl5, not current. -Makefile - The SSLeay makefile +Makefile.ssl - The SSLeay makefile Makefile.uni - The normal unix makefile. GNUmakefile - The makefile for use with glibc. makefile.bc - A Borland C makefile diff --git a/src/lib/libcrypto/des/INSTALL b/src/lib/libcrypto/des/INSTALL index 32457d775c..8aebdfe110 100644 --- a/src/lib/libcrypto/des/INSTALL +++ b/src/lib/libcrypto/des/INSTALL @@ -25,7 +25,7 @@ and then you can use the 'DES_PTR' option. The file options.txt has the options listed for best speed on quite a few systems. Look and the options (UNROLL, PTR, RISC2 etc) and then -turn on the relevent option in the Makefile +turn on the relevant option in the Makefile. There are some special Makefile targets that make life easier. make cc - standard cc build diff --git a/src/lib/libcrypto/des/Makefile b/src/lib/libcrypto/des/Makefile index 800af0b123..523dfe38f2 100644 --- a/src/lib/libcrypto/des/Makefile +++ b/src/lib/libcrypto/des/Makefile @@ -8,11 +8,6 @@ CC= cc CPP= $(CC) -E INCLUDES=-I$(TOP) -I../../include CFLAG=-g -INSTALL_PREFIX= -OPENSSLDIR= /usr/local/ssl -INSTALLTOP=/usr/local/ssl -MAKEDEPPROG= makedepend -MAKEDEPEND= $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG) MAKEFILE= Makefile AR= ar r RANLIB= ranlib @@ -22,6 +17,7 @@ DES_ENC= des_enc.o fcrypt_b.o CFLAGS= $(INCLUDES) $(CFLAG) ASFLAGS= $(INCLUDES) $(ASFLAG) +AFLAGS= $(ASFLAGS) GENERAL=Makefile TEST=destest.c @@ -65,32 +61,24 @@ lib: $(LIBOBJ) des: des.o cbc3_enc.o lib $(CC) $(CFLAGS) -o des des.o cbc3_enc.o $(LIB) -# elf -asm/dx86-elf.s: asm/des-586.pl ../perlasm/x86asm.pl ../perlasm/cbc.pl - (cd asm; $(PERL) des-586.pl elf $(CFLAGS) > dx86-elf.s) - -asm/yx86-elf.s: asm/crypt586.pl ../perlasm/x86asm.pl ../perlasm/cbc.pl - (cd asm; $(PERL) crypt586.pl elf $(CFLAGS) > yx86-elf.s) - +des_enc-sparc.S: asm/des_enc.m4 + m4 -B 8192 asm/des_enc.m4 > des_enc-sparc.S + +# ELF +dx86-elf.s: asm/des-586.pl ../perlasm/x86asm.pl ../perlasm/cbc.pl + (cd asm; $(PERL) des-586.pl elf $(CFLAGS) > ../$@) +yx86-elf.s: asm/crypt586.pl ../perlasm/x86asm.pl ../perlasm/cbc.pl + (cd asm; $(PERL) crypt586.pl elf $(CFLAGS) > ../$@) +# COFF +dx86-cof.s: asm/des-586.pl ../perlasm/x86asm.pl ../perlasm/cbc.pl + (cd asm; $(PERL) des-586.pl coff $(CFLAGS) > ../$@) +yx86-cof.s: asm/crypt586.pl ../perlasm/x86asm.pl ../perlasm/cbc.pl + (cd asm; $(PERL) crypt586.pl coff $(CFLAGS) > ../$@) # a.out -asm/dx86-out.o: asm/dx86unix.cpp - $(CPP) -DOUT asm/dx86unix.cpp | as -o asm/dx86-out.o - -asm/yx86-out.o: asm/yx86unix.cpp - $(CPP) -DOUT asm/yx86unix.cpp | as -o asm/yx86-out.o - -# bsdi -asm/dx86bsdi.o: asm/dx86unix.cpp - $(CPP) -DBSDI asm/dx86unix.cpp | sed 's/ :/:/' | as -o asm/dx86bsdi.o - -asm/yx86bsdi.o: asm/yx86unix.cpp - $(CPP) -DBSDI asm/yx86unix.cpp | sed 's/ :/:/' | as -o asm/yx86bsdi.o - -asm/dx86unix.cpp: asm/des-586.pl ../perlasm/x86asm.pl ../perlasm/cbc.pl - (cd asm; $(PERL) des-586.pl cpp >dx86unix.cpp) - -asm/yx86unix.cpp: asm/crypt586.pl ../perlasm/x86asm.pl - (cd asm; $(PERL) crypt586.pl cpp >yx86unix.cpp) +dx86-out.s: asm/des-586.pl ../perlasm/x86asm.pl ../perlasm/cbc.pl + (cd asm; $(PERL) des-586.pl a.out $(CFLAGS) > ../$@) +yx86-out.s: asm/crypt586.pl ../perlasm/x86asm.pl ../perlasm/cbc.pl + (cd asm; $(PERL) crypt586.pl a.out $(CFLAGS) > ../$@) files: $(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO @@ -100,9 +88,11 @@ links: @$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST) @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS) -install: installs - -installs: +# We need to use force because 'install' matches 'INSTALL' on case +# insensitive systems +FRC.install: +install: FRC.install + @[ -n "$(INSTALLTOP)" ] # should be set by top Makefile... @headerlist="$(EXHEADER)"; for i in $$headerlist ; \ do \ (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \ @@ -118,6 +108,7 @@ lint: lint -DLINT $(INCLUDES) $(SRC)>fluff depend: + @[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile... $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC) dclean: @@ -125,83 +116,77 @@ dclean: mv -f Makefile.new $(MAKEFILE) clean: - rm -f asm/dx86unix.cpp asm/yx86unix.cpp asm/*-elf.* *.o asm/*.o *.obj des lib tags core .pure .nfs* *.old *.bak fluff + rm -f *.s *.o *.obj des lib tags core .pure .nfs* *.old *.bak fluff # DO NOT DELETE THIS LINE -- make depend depends on it. -cbc_cksm.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -cbc_cksm.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h -cbc_cksm.o: ../../include/openssl/opensslconf.h -cbc_cksm.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h +cbc_cksm.o: ../../include/openssl/des.h ../../include/openssl/des_old.h +cbc_cksm.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h +cbc_cksm.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h cbc_cksm.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h cbc_cksm.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h cbc_cksm.o: cbc_cksm.c des_locl.h -cbc_enc.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -cbc_enc.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h -cbc_enc.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -cbc_enc.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h -cbc_enc.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -cbc_enc.o: ../../include/openssl/ui_compat.h cbc_enc.c des_locl.h ncbc_enc.c -cfb64ede.o: ../../e_os.h ../../include/openssl/crypto.h -cfb64ede.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -cfb64ede.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h -cfb64ede.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h +cbc_enc.o: ../../include/openssl/des.h ../../include/openssl/des_old.h +cbc_enc.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h +cbc_enc.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h +cbc_enc.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +cbc_enc.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h +cbc_enc.o: cbc_enc.c des_locl.h ncbc_enc.c +cfb64ede.o: ../../e_os.h ../../include/openssl/des.h +cfb64ede.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h +cfb64ede.o: ../../include/openssl/opensslconf.h +cfb64ede.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h cfb64ede.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h cfb64ede.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h cfb64ede.o: cfb64ede.c des_locl.h -cfb64enc.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -cfb64enc.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h -cfb64enc.o: ../../include/openssl/opensslconf.h -cfb64enc.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h +cfb64enc.o: ../../include/openssl/des.h ../../include/openssl/des_old.h +cfb64enc.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h +cfb64enc.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h cfb64enc.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h cfb64enc.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h cfb64enc.o: cfb64enc.c des_locl.h -cfb_enc.o: ../../e_os.h ../../include/openssl/crypto.h -cfb_enc.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -cfb_enc.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h -cfb_enc.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h -cfb_enc.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -cfb_enc.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -cfb_enc.o: cfb_enc.c des_locl.h -des_enc.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -des_enc.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h -des_enc.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -des_enc.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h -des_enc.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -des_enc.o: ../../include/openssl/ui_compat.h des_enc.c des_locl.h ncbc_enc.c -des_old.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -des_old.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h -des_old.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h +cfb_enc.o: ../../e_os.h ../../include/openssl/des.h +cfb_enc.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h +cfb_enc.o: ../../include/openssl/opensslconf.h ../../include/openssl/ossl_typ.h +cfb_enc.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +cfb_enc.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h +cfb_enc.o: ../../include/openssl/ui_compat.h cfb_enc.c des_locl.h +des_enc.o: ../../include/openssl/des.h ../../include/openssl/des_old.h +des_enc.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h +des_enc.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h +des_enc.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +des_enc.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h +des_enc.o: des_enc.c des_locl.h ncbc_enc.c +des_old.o: ../../include/openssl/des.h ../../include/openssl/des_old.h +des_old.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h des_old.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h des_old.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h des_old.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h des_old.o: ../../include/openssl/ui_compat.h des_old.c -des_old2.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -des_old2.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h -des_old2.o: ../../include/openssl/opensslconf.h -des_old2.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -des_old2.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h -des_old2.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -des_old2.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -des_old2.o: des_old2.c -ecb3_enc.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -ecb3_enc.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h -ecb3_enc.o: ../../include/openssl/opensslconf.h -ecb3_enc.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h +des_old2.o: ../../include/openssl/des.h ../../include/openssl/des_old.h +des_old2.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h +des_old2.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h +des_old2.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +des_old2.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h +des_old2.o: ../../include/openssl/ui_compat.h des_old2.c +ecb3_enc.o: ../../include/openssl/des.h ../../include/openssl/des_old.h +ecb3_enc.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h +ecb3_enc.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h ecb3_enc.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h ecb3_enc.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h ecb3_enc.o: des_locl.h ecb3_enc.c ecb_enc.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h ecb_enc.o: ../../include/openssl/des.h ../../include/openssl/des_old.h ecb_enc.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h -ecb_enc.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h -ecb_enc.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -ecb_enc.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -ecb_enc.o: des_locl.h des_ver.h ecb_enc.c spr.h -ede_cbcm_enc.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -ede_cbcm_enc.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h +ecb_enc.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +ecb_enc.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +ecb_enc.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h +ecb_enc.o: ../../include/openssl/ui_compat.h des_locl.h des_ver.h ecb_enc.c +ecb_enc.o: spr.h +ede_cbcm_enc.o: ../../include/openssl/des.h ../../include/openssl/des_old.h +ede_cbcm_enc.o: ../../include/openssl/e_os2.h ede_cbcm_enc.o: ../../include/openssl/opensslconf.h -ede_cbcm_enc.o: ../../include/openssl/opensslv.h +ede_cbcm_enc.o: ../../include/openssl/ossl_typ.h ede_cbcm_enc.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h ede_cbcm_enc.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h ede_cbcm_enc.o: ../../include/openssl/ui_compat.h des_locl.h ede_cbcm_enc.c @@ -210,10 +195,11 @@ enc_read.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h enc_read.o: ../../include/openssl/des.h ../../include/openssl/des_old.h enc_read.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h enc_read.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h -enc_read.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h -enc_read.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -enc_read.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -enc_read.o: ../cryptlib.h des_locl.h enc_read.c +enc_read.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +enc_read.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +enc_read.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h +enc_read.o: ../../include/openssl/ui_compat.h ../cryptlib.h des_locl.h +enc_read.o: enc_read.c enc_writ.o: ../../e_os.h ../../include/openssl/bio.h enc_writ.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h enc_writ.o: ../../include/openssl/des.h ../../include/openssl/des_old.h @@ -224,91 +210,83 @@ enc_writ.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h enc_writ.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h enc_writ.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h enc_writ.o: ../cryptlib.h des_locl.h enc_writ.c -fcrypt.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -fcrypt.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h -fcrypt.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -fcrypt.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h -fcrypt.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -fcrypt.o: ../../include/openssl/ui_compat.h des_locl.h fcrypt.c -fcrypt_b.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -fcrypt_b.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h -fcrypt_b.o: ../../include/openssl/opensslconf.h -fcrypt_b.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h +fcrypt.o: ../../include/openssl/des.h ../../include/openssl/des_old.h +fcrypt.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h +fcrypt.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h +fcrypt.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +fcrypt.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h +fcrypt.o: des_locl.h fcrypt.c +fcrypt_b.o: ../../include/openssl/des.h ../../include/openssl/des_old.h +fcrypt_b.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h +fcrypt_b.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h fcrypt_b.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h fcrypt_b.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h fcrypt_b.o: des_locl.h fcrypt_b.c -ofb64ede.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -ofb64ede.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h -ofb64ede.o: ../../include/openssl/opensslconf.h -ofb64ede.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h +ofb64ede.o: ../../include/openssl/des.h ../../include/openssl/des_old.h +ofb64ede.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h +ofb64ede.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h ofb64ede.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h ofb64ede.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h ofb64ede.o: des_locl.h ofb64ede.c -ofb64enc.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -ofb64enc.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h -ofb64enc.o: ../../include/openssl/opensslconf.h -ofb64enc.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h +ofb64enc.o: ../../include/openssl/des.h ../../include/openssl/des_old.h +ofb64enc.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h +ofb64enc.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h ofb64enc.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h ofb64enc.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h ofb64enc.o: des_locl.h ofb64enc.c -ofb_enc.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -ofb_enc.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h -ofb_enc.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -ofb_enc.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h -ofb_enc.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -ofb_enc.o: ../../include/openssl/ui_compat.h des_locl.h ofb_enc.c -pcbc_enc.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -pcbc_enc.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h -pcbc_enc.o: ../../include/openssl/opensslconf.h -pcbc_enc.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h +ofb_enc.o: ../../include/openssl/des.h ../../include/openssl/des_old.h +ofb_enc.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h +ofb_enc.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h +ofb_enc.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +ofb_enc.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h +ofb_enc.o: des_locl.h ofb_enc.c +pcbc_enc.o: ../../include/openssl/des.h ../../include/openssl/des_old.h +pcbc_enc.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h +pcbc_enc.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h pcbc_enc.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h pcbc_enc.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h pcbc_enc.o: des_locl.h pcbc_enc.c -qud_cksm.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -qud_cksm.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h -qud_cksm.o: ../../include/openssl/opensslconf.h -qud_cksm.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h +qud_cksm.o: ../../include/openssl/des.h ../../include/openssl/des_old.h +qud_cksm.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h +qud_cksm.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h qud_cksm.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h qud_cksm.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h qud_cksm.o: des_locl.h qud_cksm.c -rand_key.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -rand_key.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h -rand_key.o: ../../include/openssl/opensslconf.h -rand_key.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -rand_key.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h -rand_key.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -rand_key.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -rand_key.o: rand_key.c +rand_key.o: ../../include/openssl/des.h ../../include/openssl/des_old.h +rand_key.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h +rand_key.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h +rand_key.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +rand_key.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h +rand_key.o: ../../include/openssl/ui_compat.h rand_key.c read2pwd.o: ../../include/openssl/crypto.h ../../include/openssl/des.h read2pwd.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h read2pwd.o: ../../include/openssl/opensslconf.h -read2pwd.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h -read2pwd.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -read2pwd.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -read2pwd.o: read2pwd.c -rpc_enc.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -rpc_enc.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h -rpc_enc.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -rpc_enc.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h -rpc_enc.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -rpc_enc.o: ../../include/openssl/ui_compat.h des_locl.h des_ver.h rpc_des.h -rpc_enc.o: rpc_enc.c -set_key.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -set_key.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h -set_key.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -set_key.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h -set_key.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -set_key.o: ../../include/openssl/ui_compat.h des_locl.h set_key.c +read2pwd.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +read2pwd.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +read2pwd.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h +read2pwd.o: ../../include/openssl/ui_compat.h read2pwd.c +rpc_enc.o: ../../include/openssl/des.h ../../include/openssl/des_old.h +rpc_enc.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h +rpc_enc.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h +rpc_enc.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +rpc_enc.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h +rpc_enc.o: des_locl.h des_ver.h rpc_des.h rpc_enc.c +set_key.o: ../../include/openssl/des.h ../../include/openssl/des_old.h +set_key.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h +set_key.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h +set_key.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +set_key.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h +set_key.o: des_locl.h set_key.c str2key.o: ../../include/openssl/crypto.h ../../include/openssl/des.h str2key.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h str2key.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -str2key.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h -str2key.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -str2key.o: ../../include/openssl/ui_compat.h des_locl.h str2key.c -xcbc_enc.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -xcbc_enc.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h -xcbc_enc.o: ../../include/openssl/opensslconf.h -xcbc_enc.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h +str2key.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h +str2key.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +str2key.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h +str2key.o: des_locl.h str2key.c +xcbc_enc.o: ../../include/openssl/des.h ../../include/openssl/des_old.h +xcbc_enc.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h +xcbc_enc.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h xcbc_enc.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h xcbc_enc.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h xcbc_enc.o: des_locl.h xcbc_enc.c diff --git a/src/lib/libcrypto/des/des_old.c b/src/lib/libcrypto/des/des_old.c index 88e9802aad..7c33ed7a93 100644 --- a/src/lib/libcrypto/des/des_old.c +++ b/src/lib/libcrypto/des/des_old.c @@ -84,7 +84,7 @@ void _ossl_old_des_ecb3_encrypt(_ossl_old_des_cblock *input,_ossl_old_des_cblock des_key_schedule ks1,des_key_schedule ks2, des_key_schedule ks3, int enc) { - DES_ecb3_encrypt((const unsigned char *)input, (unsigned char *)output, + DES_ecb3_encrypt((const_DES_cblock *)input, output, (DES_key_schedule *)ks1, (DES_key_schedule *)ks2, (DES_key_schedule *)ks3, enc); } @@ -169,11 +169,13 @@ void _ossl_old_des_ede3_ofb64_encrypt(unsigned char *in, unsigned char *out, (DES_key_schedule *)ks3, ivec, num); } +#if 0 /* broken code, preserved just in case anyone specifically looks for this */ void _ossl_old_des_xwhite_in2out(_ossl_old_des_cblock (*des_key), _ossl_old_des_cblock (*in_white), _ossl_old_des_cblock (*out_white)) { DES_xwhite_in2out(des_key, in_white, out_white); } +#endif int _ossl_old_des_enc_read(int fd,char *buf,int len,des_key_schedule sched, _ossl_old_des_cblock *iv) diff --git a/src/lib/libcrypto/des/des_old.h b/src/lib/libcrypto/des/des_old.h index 1d840b474a..2b2c372354 100644 --- a/src/lib/libcrypto/des/des_old.h +++ b/src/lib/libcrypto/des/des_old.h @@ -91,6 +91,8 @@ #ifndef HEADER_DES_H #define HEADER_DES_H +#include /* OPENSSL_EXTERN, OPENSSL_NO_DES, DES_LONG */ + #ifdef OPENSSL_NO_DES #error DES is disabled. #endif @@ -103,8 +105,6 @@ #error replaces . #endif -#include /* DES_LONG */ -#include /* OPENSSL_EXTERN */ #include #ifdef OPENSSL_BUILD_SHLIBCRYPTO @@ -116,6 +116,10 @@ extern "C" { #endif +#ifdef _ +#undef _ +#endif + typedef unsigned char _ossl_old_des_cblock[8]; typedef struct _ossl_old_des_ks_struct { @@ -171,9 +175,9 @@ typedef struct _ossl_old_des_ks_struct DES_enc_write((f),(b),(l),&(k),(iv)) #define des_fcrypt(b,s,r)\ DES_fcrypt((b),(s),(r)) +#if 0 #define des_crypt(b,s)\ DES_crypt((b),(s)) -#if 0 #if !defined(PERL5) && !defined(__FreeBSD__) && !defined(NeXT) && !defined(__OpenBSD__) #define crypt(b,s)\ DES_crypt((b),(s)) @@ -360,9 +364,10 @@ void _ossl_old_des_ede3_cfb64_encrypt(unsigned char *in, unsigned char *out, void _ossl_old_des_ede3_ofb64_encrypt(unsigned char *in, unsigned char *out, long length, _ossl_old_des_key_schedule ks1, _ossl_old_des_key_schedule ks2, _ossl_old_des_key_schedule ks3, _ossl_old_des_cblock *ivec, int *num); - +#if 0 void _ossl_old_des_xwhite_in2out(_ossl_old_des_cblock (*des_key), _ossl_old_des_cblock (*in_white), _ossl_old_des_cblock (*out_white)); +#endif int _ossl_old_des_enc_read(int fd,char *buf,int len,_ossl_old_des_key_schedule sched, _ossl_old_des_cblock *iv); diff --git a/src/lib/libcrypto/des/des_opts.c b/src/lib/libcrypto/des/des_opts.c index 79278b920e..2df82962c5 100644 --- a/src/lib/libcrypto/des/des_opts.c +++ b/src/lib/libcrypto/des/des_opts.c @@ -71,7 +71,11 @@ #include extern void exit(); #endif + +#ifndef OPENSSL_SYS_NETWARE #include +#endif + #ifndef _IRIX #include #endif diff --git a/src/lib/libcrypto/des/des_ver.h b/src/lib/libcrypto/des/des_ver.h index 379bbadda2..d1ada258a6 100644 --- a/src/lib/libcrypto/des/des_ver.h +++ b/src/lib/libcrypto/des/des_ver.h @@ -67,5 +67,5 @@ #define DES_version OSSL_DES_version #define libdes_version OSSL_libdes_version -OPENSSL_EXTERN const char *OSSL_DES_version; /* SSLeay version string */ -OPENSSL_EXTERN const char *OSSL_libdes_version; /* old libdes version string */ +OPENSSL_EXTERN const char OSSL_DES_version[]; /* SSLeay version string */ +OPENSSL_EXTERN const char OSSL_libdes_version[]; /* old libdes version string */ diff --git a/src/lib/libcrypto/des/destest.c b/src/lib/libcrypto/des/destest.c index e3e9d77f14..64b92a34fe 100644 --- a/src/lib/libcrypto/des/destest.c +++ b/src/lib/libcrypto/des/destest.c @@ -84,7 +84,7 @@ int main(int argc, char *argv[]) #else #include -#define crypt(c,s) (des_crypt((c),(s))) +#define crypt(c,s) (DES_crypt((c),(s))) /* tisk tisk - the test keys don't all have odd parity :-( */ /* test data */ @@ -333,7 +333,8 @@ static int cfb64_test(unsigned char *cfb_cipher); static int ede_cfb64_test(unsigned char *cfb_cipher); int main(int argc, char *argv[]) { - int i,j,err=0; + int j,err=0; + unsigned int i; des_cblock in,out,outin,iv3,iv2; des_key_schedule ks,ks2,ks3; unsigned char cbc_in[40]; @@ -391,7 +392,7 @@ int main(int argc, char *argv[]) DES_ede3_cbcm_encrypt(cbc_out,cbc_in,i,&ks,&ks2,&ks3,&iv3,&iv2,DES_DECRYPT); if (memcmp(cbc_in,cbc_data,strlen((char *)cbc_data)+1) != 0) { - int n; + unsigned int n; printf("des_ede3_cbcm_encrypt decrypt error\n"); for(n=0 ; n < i ; ++n) @@ -439,8 +440,8 @@ int main(int argc, char *argv[]) memcpy(in,plain_data[i],8); memset(out,0,8); memset(outin,0,8); - des_ecb2_encrypt(in,out,ks,ks2,DES_ENCRYPT); - des_ecb2_encrypt(out,outin,ks,ks2,DES_DECRYPT); + des_ecb2_encrypt(&in,&out,ks,ks2,DES_ENCRYPT); + des_ecb2_encrypt(&out,&outin,ks,ks2,DES_DECRYPT); if (memcmp(out,cipher_ecb2[i],8) != 0) { @@ -540,7 +541,7 @@ int main(int argc, char *argv[]) if (memcmp(cbc_out,cbc3_ok, (unsigned int)(strlen((char *)cbc_data)+1+7)/8*8) != 0) { - int n; + unsigned int n; printf("des_ede3_cbc_encrypt encrypt error\n"); for(n=0 ; n < i ; ++n) @@ -556,7 +557,7 @@ int main(int argc, char *argv[]) des_ede3_cbc_encrypt(cbc_out,cbc_in,i,ks,ks2,ks3,&iv3,DES_DECRYPT); if (memcmp(cbc_in,cbc_data,strlen((char *)cbc_data)+1) != 0) { - int n; + unsigned int n; printf("des_ede3_cbc_encrypt decrypt error\n"); for(n=0 ; n < i ; ++n) @@ -820,6 +821,9 @@ plain[8+4], plain[8+5], plain[8+6], plain[8+7]); printf("fast crypt error, %s should be yA1Rp/1hZXIJk\n",str); err=1; } +#ifdef OPENSSL_SYS_NETWARE + if (err) printf("ERROR: %d\n", err); +#endif printf("\n"); return(err); } diff --git a/src/lib/libcrypto/des/read2pwd.c b/src/lib/libcrypto/des/read2pwd.c index 3a63c4016c..ee6969f76e 100644 --- a/src/lib/libcrypto/des/read2pwd.c +++ b/src/lib/libcrypto/des/read2pwd.c @@ -112,6 +112,7 @@ #include #include #include +#include int DES_read_password(DES_cblock *key, const char *prompt, int verify) { diff --git a/src/lib/libcrypto/des/speed.c b/src/lib/libcrypto/des/speed.c index 48fc1d49fc..1616f4b7c9 100644 --- a/src/lib/libcrypto/des/speed.c +++ b/src/lib/libcrypto/des/speed.c @@ -69,7 +69,11 @@ #include OPENSSL_UNISTD_IO OPENSSL_DECLARE_EXIT +#ifndef OPENSSL_SYS_NETWARE #include +#define crypt(c,s) (des_crypt((c),(s))) +#endif + #ifndef _IRIX #include #endif diff --git a/src/lib/libcrypto/dh/Makefile b/src/lib/libcrypto/dh/Makefile index 352678b94a..d368e33b4c 100644 --- a/src/lib/libcrypto/dh/Makefile +++ b/src/lib/libcrypto/dh/Makefile @@ -7,11 +7,6 @@ TOP= ../.. CC= cc INCLUDES= -I.. -I$(TOP) -I../../include CFLAG=-g -INSTALL_PREFIX= -OPENSSLDIR= /usr/local/ssl -INSTALLTOP=/usr/local/ssl -MAKEDEPPROG= makedepend -MAKEDEPEND= $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG) MAKEFILE= Makefile AR= ar r @@ -22,8 +17,8 @@ TEST= dhtest.c APPS= LIB=$(TOP)/libcrypto.a -LIBSRC= dh_asn1.c dh_gen.c dh_key.c dh_lib.c dh_check.c dh_err.c -LIBOBJ= dh_asn1.o dh_gen.o dh_key.o dh_lib.o dh_check.o dh_err.o +LIBSRC= dh_asn1.c dh_gen.c dh_key.c dh_lib.c dh_check.c dh_err.c dh_depr.c +LIBOBJ= dh_asn1.o dh_gen.o dh_key.o dh_lib.o dh_check.o dh_err.o dh_depr.o SRC= $(LIBSRC) @@ -51,6 +46,7 @@ links: @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS) install: + @[ -n "$(INSTALLTOP)" ] # should be set by top Makefile... @headerlist="$(EXHEADER)"; for i in $$headerlist ; \ do \ (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \ @@ -66,6 +62,7 @@ lint: lint -DLINT $(INCLUDES) $(SRC)>fluff depend: + @[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile... $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC) dclean: @@ -95,13 +92,21 @@ dh_check.o: ../../include/openssl/opensslconf.h dh_check.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h dh_check.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h dh_check.o: ../../include/openssl/symhacks.h ../cryptlib.h dh_check.c -dh_err.o: ../../include/openssl/bio.h ../../include/openssl/bn.h -dh_err.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h -dh_err.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -dh_err.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h -dh_err.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -dh_err.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h -dh_err.o: ../../include/openssl/symhacks.h dh_err.c +dh_depr.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h +dh_depr.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h +dh_depr.o: ../../include/openssl/dh.h ../../include/openssl/e_os2.h +dh_depr.o: ../../include/openssl/err.h ../../include/openssl/lhash.h +dh_depr.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h +dh_depr.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h +dh_depr.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +dh_depr.o: ../cryptlib.h dh_depr.c +dh_err.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h +dh_err.o: ../../include/openssl/dh.h ../../include/openssl/e_os2.h +dh_err.o: ../../include/openssl/err.h ../../include/openssl/lhash.h +dh_err.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h +dh_err.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h +dh_err.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +dh_err.o: dh_err.c dh_gen.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h dh_gen.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h dh_gen.o: ../../include/openssl/dh.h ../../include/openssl/e_os2.h @@ -118,14 +123,11 @@ dh_key.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h dh_key.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h dh_key.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h dh_key.o: ../../include/openssl/symhacks.h ../cryptlib.h dh_key.c -dh_lib.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h -dh_lib.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -dh_lib.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h -dh_lib.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h +dh_lib.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h +dh_lib.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h +dh_lib.o: ../../include/openssl/dh.h ../../include/openssl/e_os2.h dh_lib.o: ../../include/openssl/engine.h ../../include/openssl/err.h dh_lib.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h dh_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -dh_lib.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h dh_lib.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h -dh_lib.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -dh_lib.o: ../cryptlib.h dh_lib.c +dh_lib.o: ../../include/openssl/symhacks.h ../cryptlib.h dh_lib.c diff --git a/src/lib/libcrypto/dh/dhtest.c b/src/lib/libcrypto/dh/dhtest.c index b76dede771..882f5c310a 100644 --- a/src/lib/libcrypto/dh/dhtest.c +++ b/src/lib/libcrypto/dh/dhtest.c @@ -56,6 +56,12 @@ * [including the GNU Public Licence.] */ +/* Until the key-gen callbacks are modified to use newer prototypes, we allow + * deprecated functions for openssl-internal code */ +#ifdef OPENSSL_NO_DEPRECATED +#undef OPENSSL_NO_DEPRECATED +#endif + #include #include #include @@ -83,12 +89,13 @@ int main(int argc, char *argv[]) #define MS_CALLBACK #endif -static void MS_CALLBACK cb(int p, int n, void *arg); +static int MS_CALLBACK cb(int p, int n, BN_GENCB *arg); static const char rnd_seed[] = "string to make the random number generator think it has entropy"; int main(int argc, char *argv[]) { + BN_GENCB _cb; DH *a; DH *b=NULL; char buf[12]; @@ -110,8 +117,10 @@ int main(int argc, char *argv[]) if (out == NULL) EXIT(1); BIO_set_fp(out,stdout,BIO_NOCLOSE); - a=DH_generate_parameters(64,DH_GENERATOR_5,cb,out); - if (a == NULL) goto err; + BN_GENCB_set(&_cb, &cb, out); + if(((a = DH_new()) == NULL) || !DH_generate_parameters_ex(a, 64, + DH_GENERATOR_5, &_cb)) + goto err; if (!DH_check(a, &i)) goto err; if (i & DH_CHECK_P_NOT_PRIME) @@ -192,14 +201,14 @@ err: if(b != NULL) DH_free(b); if(a != NULL) DH_free(a); BIO_free(out); - CRYPTO_cleanup_all_ex_data(); - ERR_remove_state(0); - CRYPTO_mem_leaks_fp(stderr); +#ifdef OPENSSL_SYS_NETWARE + if (ret) printf("ERROR: %d\n", ret); +#endif EXIT(ret); return(ret); } -static void MS_CALLBACK cb(int p, int n, void *arg) +static int MS_CALLBACK cb(int p, int n, BN_GENCB *arg) { char c='*'; @@ -207,10 +216,11 @@ static void MS_CALLBACK cb(int p, int n, void *arg) if (p == 1) c='+'; if (p == 2) c='*'; if (p == 3) c='\n'; - BIO_write((BIO *)arg,&c,1); - (void)BIO_flush((BIO *)arg); + BIO_write(arg->arg,&c,1); + (void)BIO_flush(arg->arg); #ifdef LINT p=n; #endif + return 1; } #endif diff --git a/src/lib/libcrypto/dsa/Makefile b/src/lib/libcrypto/dsa/Makefile index 4f10278039..676baf7d49 100644 --- a/src/lib/libcrypto/dsa/Makefile +++ b/src/lib/libcrypto/dsa/Makefile @@ -7,11 +7,6 @@ TOP= ../.. CC= cc INCLUDES= -I.. -I$(TOP) -I../../include CFLAG=-g -INSTALL_PREFIX= -OPENSSLDIR= /usr/local/ssl -INSTALLTOP=/usr/local/ssl -MAKEDEPPROG= makedepend -MAKEDEPEND= $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG) MAKEFILE= Makefile AR= ar r @@ -23,9 +18,9 @@ APPS= LIB=$(TOP)/libcrypto.a LIBSRC= dsa_gen.c dsa_key.c dsa_lib.c dsa_asn1.c dsa_vrf.c dsa_sign.c \ - dsa_err.c dsa_ossl.c + dsa_err.c dsa_ossl.c dsa_depr.c LIBOBJ= dsa_gen.o dsa_key.o dsa_lib.o dsa_asn1.o dsa_vrf.o dsa_sign.o \ - dsa_err.o dsa_ossl.o + dsa_err.o dsa_ossl.o dsa_depr.o SRC= $(LIBSRC) @@ -53,6 +48,7 @@ links: @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS) install: + @[ -n "$(INSTALLTOP)" ] # should be set by top Makefile... @headerlist="$(EXHEADER)"; for i in $$headerlist ; \ do \ (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \ @@ -68,6 +64,7 @@ lint: lint -DLINT $(INCLUDES) $(SRC)>fluff depend: + @[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile... $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC) dclean: @@ -81,51 +78,50 @@ clean: dsa_asn1.o: ../../e_os.h ../../include/openssl/asn1.h dsa_asn1.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h -dsa_asn1.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -dsa_asn1.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h +dsa_asn1.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h dsa_asn1.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h dsa_asn1.o: ../../include/openssl/err.h ../../include/openssl/lhash.h dsa_asn1.o: ../../include/openssl/opensslconf.h dsa_asn1.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h dsa_asn1.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h dsa_asn1.o: ../../include/openssl/symhacks.h ../cryptlib.h dsa_asn1.c -dsa_err.o: ../../include/openssl/bio.h ../../include/openssl/bn.h -dsa_err.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h +dsa_depr.o: ../../e_os.h ../../include/openssl/asn1.h +dsa_depr.o: ../../include/openssl/bio.h ../../include/openssl/bn.h +dsa_depr.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h +dsa_depr.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h +dsa_depr.o: ../../include/openssl/err.h ../../include/openssl/evp.h +dsa_depr.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h +dsa_depr.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h +dsa_depr.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +dsa_depr.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h +dsa_depr.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +dsa_depr.o: ../../include/openssl/symhacks.h ../cryptlib.h dsa_depr.c +dsa_err.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h dsa_err.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h dsa_err.o: ../../include/openssl/err.h ../../include/openssl/lhash.h dsa_err.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h dsa_err.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h dsa_err.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h dsa_err.o: dsa_err.c -dsa_gen.o: ../../e_os.h ../../include/openssl/aes.h -dsa_gen.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -dsa_gen.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -dsa_gen.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -dsa_gen.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -dsa_gen.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h +dsa_gen.o: ../../e_os.h ../../include/openssl/asn1.h +dsa_gen.o: ../../include/openssl/bio.h ../../include/openssl/bn.h +dsa_gen.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h dsa_gen.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h dsa_gen.o: ../../include/openssl/err.h ../../include/openssl/evp.h -dsa_gen.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -dsa_gen.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -dsa_gen.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h -dsa_gen.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -dsa_gen.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -dsa_gen.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h -dsa_gen.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -dsa_gen.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h -dsa_gen.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h +dsa_gen.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h +dsa_gen.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h +dsa_gen.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +dsa_gen.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h dsa_gen.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -dsa_gen.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -dsa_gen.o: ../../include/openssl/ui_compat.h ../cryptlib.h dsa_gen.c +dsa_gen.o: ../../include/openssl/symhacks.h ../cryptlib.h dsa_gen.c dsa_key.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h dsa_key.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h -dsa_key.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -dsa_key.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -dsa_key.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h -dsa_key.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -dsa_key.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h -dsa_key.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -dsa_key.o: ../cryptlib.h dsa_key.c +dsa_key.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h +dsa_key.o: ../../include/openssl/err.h ../../include/openssl/lhash.h +dsa_key.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h +dsa_key.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h +dsa_key.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +dsa_key.o: ../../include/openssl/symhacks.h ../cryptlib.h dsa_key.c dsa_lib.o: ../../e_os.h ../../include/openssl/asn1.h dsa_lib.o: ../../include/openssl/bio.h ../../include/openssl/bn.h dsa_lib.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h @@ -133,16 +129,15 @@ dsa_lib.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h dsa_lib.o: ../../include/openssl/e_os2.h ../../include/openssl/engine.h dsa_lib.o: ../../include/openssl/err.h ../../include/openssl/lhash.h dsa_lib.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -dsa_lib.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h -dsa_lib.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h +dsa_lib.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h dsa_lib.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -dsa_lib.o: ../../include/openssl/ui.h ../cryptlib.h dsa_lib.c +dsa_lib.o: ../cryptlib.h dsa_lib.c dsa_ossl.o: ../../e_os.h ../../include/openssl/asn1.h dsa_ossl.o: ../../include/openssl/bio.h ../../include/openssl/bn.h dsa_ossl.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h -dsa_ossl.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -dsa_ossl.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -dsa_ossl.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h +dsa_ossl.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h +dsa_ossl.o: ../../include/openssl/err.h ../../include/openssl/lhash.h +dsa_ossl.o: ../../include/openssl/opensslconf.h dsa_ossl.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h dsa_ossl.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h dsa_ossl.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h @@ -150,24 +145,20 @@ dsa_ossl.o: ../cryptlib.h dsa_ossl.c dsa_sign.o: ../../e_os.h ../../include/openssl/asn1.h dsa_sign.o: ../../include/openssl/bio.h ../../include/openssl/bn.h dsa_sign.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h -dsa_sign.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -dsa_sign.o: ../../include/openssl/e_os2.h ../../include/openssl/engine.h -dsa_sign.o: ../../include/openssl/err.h ../../include/openssl/fips.h -dsa_sign.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h +dsa_sign.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h +dsa_sign.o: ../../include/openssl/err.h ../../include/openssl/lhash.h +dsa_sign.o: ../../include/openssl/opensslconf.h dsa_sign.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -dsa_sign.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h -dsa_sign.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h -dsa_sign.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h +dsa_sign.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h +dsa_sign.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h dsa_sign.o: ../cryptlib.h dsa_sign.c dsa_vrf.o: ../../e_os.h ../../include/openssl/asn1.h dsa_vrf.o: ../../include/openssl/asn1_mac.h ../../include/openssl/bio.h dsa_vrf.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -dsa_vrf.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h -dsa_vrf.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -dsa_vrf.o: ../../include/openssl/engine.h ../../include/openssl/err.h -dsa_vrf.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h -dsa_vrf.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -dsa_vrf.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h -dsa_vrf.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h +dsa_vrf.o: ../../include/openssl/crypto.h ../../include/openssl/dsa.h +dsa_vrf.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h +dsa_vrf.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h +dsa_vrf.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +dsa_vrf.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h dsa_vrf.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -dsa_vrf.o: ../../include/openssl/ui.h ../cryptlib.h dsa_vrf.c +dsa_vrf.o: ../cryptlib.h dsa_vrf.c diff --git a/src/lib/libcrypto/dsa/dsatest.c b/src/lib/libcrypto/dsa/dsatest.c index 55a3756aff..912317bb44 100644 --- a/src/lib/libcrypto/dsa/dsatest.c +++ b/src/lib/libcrypto/dsa/dsatest.c @@ -56,6 +56,12 @@ * [including the GNU Public Licence.] */ +/* Until the key-gen callbacks are modified to use newer prototypes, we allow + * deprecated functions for openssl-internal code */ +#ifdef OPENSSL_NO_DEPRECATED +#undef OPENSSL_NO_DEPRECATED +#endif + #include #include #include @@ -68,6 +74,7 @@ #include #include #include +#include #ifdef OPENSSL_NO_DSA int main(int argc, char *argv[]) @@ -84,7 +91,7 @@ int main(int argc, char *argv[]) #define MS_CALLBACK #endif -static void MS_CALLBACK dsa_cb(int p, int n, void *arg); +static int MS_CALLBACK dsa_cb(int p, int n, BN_GENCB *arg); /* seed, out_p, out_q, out_g are taken from the updated Appendix 5 to * FIPS PUB 186 and also appear in Appendix 5 to FIPS PIB 186-1 */ @@ -129,6 +136,7 @@ static BIO *bio_err=NULL; int main(int argc, char **argv) { + BN_GENCB cb; DSA *dsa=NULL; int counter,ret=0,i,j; unsigned char buf[256]; @@ -148,7 +156,10 @@ int main(int argc, char **argv) BIO_printf(bio_err,"test generation of DSA parameters\n"); - dsa=DSA_generate_parameters(512,seed,20,&counter,&h,dsa_cb,bio_err); + BN_GENCB_set(&cb, dsa_cb, bio_err); + if(((dsa = DSA_new()) == NULL) || !DSA_generate_parameters_ex(dsa, 512, + seed, 20, &counter, &h, &cb)) + goto end; BIO_printf(bio_err,"seed\n"); for (i=0; i<20; i+=4) @@ -156,7 +167,7 @@ int main(int argc, char **argv) BIO_printf(bio_err,"%02X%02X%02X%02X ", seed[i],seed[i+1],seed[i+2],seed[i+3]); } - BIO_printf(bio_err,"\ncounter=%d h=%d\n",counter,h); + BIO_printf(bio_err,"\ncounter=%d h=%ld\n",counter,h); if (dsa == NULL) goto end; DSA_print(bio_err,dsa,0); @@ -220,17 +231,14 @@ end: BIO_free(bio_err); bio_err = NULL; } +#ifdef OPENSSL_SYS_NETWARE + if (!ret) printf("ERROR\n"); +#endif EXIT(!ret); return(0); } -static int cb_exit(int ec) - { - EXIT(ec); - return(0); /* To keep some compilers quiet */ - } - -static void MS_CALLBACK dsa_cb(int p, int n, void *arg) +static int MS_CALLBACK dsa_cb(int p, int n, BN_GENCB *arg) { char c='*'; static int ok=0,num=0; @@ -239,13 +247,14 @@ static void MS_CALLBACK dsa_cb(int p, int n, void *arg) if (p == 1) c='+'; if (p == 2) { c='*'; ok++; } if (p == 3) c='\n'; - BIO_write(arg,&c,1); - (void)BIO_flush(arg); + BIO_write(arg->arg,&c,1); + (void)BIO_flush(arg->arg); if (!ok && (p == 0) && (num > 1)) { BIO_printf((BIO *)arg,"error in dsatest\n"); - cb_exit(1); + return 0; } + return 1; } #endif diff --git a/src/lib/libcrypto/dso/Makefile b/src/lib/libcrypto/dso/Makefile index c16278c3ff..07f5d8d159 100644 --- a/src/lib/libcrypto/dso/Makefile +++ b/src/lib/libcrypto/dso/Makefile @@ -7,11 +7,6 @@ TOP= ../.. CC= cc INCLUDES= -I.. -I$(TOP) -I../../include CFLAG=-g -INSTALL_PREFIX= -OPENSSLDIR= /usr/local/ssl -INSTALLTOP=/usr/local/ssl -MAKEDEPPROG= makedepend -MAKEDEPEND= $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG) MAKEFILE= Makefile AR= ar r @@ -53,6 +48,7 @@ links: @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS) install: + @[ -n "$(INSTALLTOP)" ] # should be set by top Makefile... @headerlist="$(EXHEADER)"; for i in $$headerlist ; \ do \ (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \ @@ -68,6 +64,7 @@ lint: lint -DLINT $(INCLUDES) $(SRC)>fluff depend: + @[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile... $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC) dclean: @@ -84,43 +81,47 @@ dso_dl.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h dso_dl.o: ../../include/openssl/dso.h ../../include/openssl/e_os2.h dso_dl.o: ../../include/openssl/err.h ../../include/openssl/lhash.h dso_dl.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -dso_dl.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h -dso_dl.o: ../../include/openssl/symhacks.h ../cryptlib.h dso_dl.c +dso_dl.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h +dso_dl.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +dso_dl.o: ../cryptlib.h dso_dl.c dso_dlfcn.o: ../../e_os.h ../../include/openssl/bio.h dso_dlfcn.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h dso_dlfcn.o: ../../include/openssl/dso.h ../../include/openssl/e_os2.h dso_dlfcn.o: ../../include/openssl/err.h ../../include/openssl/lhash.h dso_dlfcn.o: ../../include/openssl/opensslconf.h -dso_dlfcn.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h -dso_dlfcn.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -dso_dlfcn.o: ../cryptlib.h dso_dlfcn.c +dso_dlfcn.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +dso_dlfcn.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +dso_dlfcn.o: ../../include/openssl/symhacks.h ../cryptlib.h dso_dlfcn.c dso_err.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h dso_err.o: ../../include/openssl/dso.h ../../include/openssl/e_os2.h dso_err.o: ../../include/openssl/err.h ../../include/openssl/lhash.h dso_err.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -dso_err.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h -dso_err.o: ../../include/openssl/symhacks.h dso_err.c +dso_err.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h +dso_err.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +dso_err.o: dso_err.c dso_lib.o: ../../e_os.h ../../include/openssl/bio.h dso_lib.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h dso_lib.o: ../../include/openssl/dso.h ../../include/openssl/e_os2.h dso_lib.o: ../../include/openssl/err.h ../../include/openssl/lhash.h dso_lib.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -dso_lib.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h -dso_lib.o: ../../include/openssl/symhacks.h ../cryptlib.h dso_lib.c +dso_lib.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h +dso_lib.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +dso_lib.o: ../cryptlib.h dso_lib.c dso_null.o: ../../e_os.h ../../include/openssl/bio.h dso_null.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h dso_null.o: ../../include/openssl/dso.h ../../include/openssl/e_os2.h dso_null.o: ../../include/openssl/err.h ../../include/openssl/lhash.h dso_null.o: ../../include/openssl/opensslconf.h -dso_null.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h -dso_null.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -dso_null.o: ../cryptlib.h dso_null.c +dso_null.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +dso_null.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +dso_null.o: ../../include/openssl/symhacks.h ../cryptlib.h dso_null.c dso_openssl.o: ../../e_os.h ../../include/openssl/bio.h dso_openssl.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h dso_openssl.o: ../../include/openssl/dso.h ../../include/openssl/e_os2.h dso_openssl.o: ../../include/openssl/err.h ../../include/openssl/lhash.h dso_openssl.o: ../../include/openssl/opensslconf.h dso_openssl.o: ../../include/openssl/opensslv.h +dso_openssl.o: ../../include/openssl/ossl_typ.h dso_openssl.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h dso_openssl.o: ../../include/openssl/symhacks.h ../cryptlib.h dso_openssl.c dso_vms.o: ../../e_os.h ../../include/openssl/bio.h @@ -128,13 +129,14 @@ dso_vms.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h dso_vms.o: ../../include/openssl/dso.h ../../include/openssl/e_os2.h dso_vms.o: ../../include/openssl/err.h ../../include/openssl/lhash.h dso_vms.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -dso_vms.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h -dso_vms.o: ../../include/openssl/symhacks.h ../cryptlib.h dso_vms.c +dso_vms.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h +dso_vms.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +dso_vms.o: ../cryptlib.h dso_vms.c dso_win32.o: ../../e_os.h ../../include/openssl/bio.h dso_win32.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h dso_win32.o: ../../include/openssl/dso.h ../../include/openssl/e_os2.h dso_win32.o: ../../include/openssl/err.h ../../include/openssl/lhash.h dso_win32.o: ../../include/openssl/opensslconf.h -dso_win32.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h -dso_win32.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -dso_win32.o: ../cryptlib.h dso_win32.c +dso_win32.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +dso_win32.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +dso_win32.o: ../../include/openssl/symhacks.h ../cryptlib.h dso_win32.c diff --git a/src/lib/libcrypto/dso/dso_dl.c b/src/lib/libcrypto/dso/dso_dl.c index f7b4dfc0c3..417abb6ea9 100644 --- a/src/lib/libcrypto/dso/dso_dl.c +++ b/src/lib/libcrypto/dso/dso_dl.c @@ -1,4 +1,4 @@ -/* dso_dl.c */ +/* dso_dl.c -*- mode:C; c-file-style: "eay" -*- */ /* Written by Richard Levitte (richard@levitte.org) for the OpenSSL * project 2000. */ @@ -84,6 +84,7 @@ static int dl_finish(DSO *dso); static int dl_ctrl(DSO *dso, int cmd, long larg, void *parg); #endif static char *dl_name_converter(DSO *dso, const char *filename); +static char *dl_merger(DSO *dso, const char *filespec1, const char *filespec2); static DSO_METHOD dso_meth_dl = { "OpenSSL 'dl' shared library method", @@ -98,6 +99,7 @@ static DSO_METHOD dso_meth_dl = { #endif NULL, /* ctrl */ dl_name_converter, + dl_merger, NULL, /* init */ NULL /* finish */ }; @@ -239,6 +241,72 @@ static DSO_FUNC_TYPE dl_bind_func(DSO *dso, const char *symname) return((DSO_FUNC_TYPE)sym); } +static char *dl_merger(DSO *dso, const char *filespec1, const char *filespec2) + { + char *merged; + + if(!filespec1 && !filespec2) + { + DSOerr(DSO_F_DL_MERGER, + ERR_R_PASSED_NULL_PARAMETER); + return(NULL); + } + /* If the first file specification is a rooted path, it rules. + same goes if the second file specification is missing. */ + if (!filespec2 || filespec1[0] == '/') + { + merged = OPENSSL_malloc(strlen(filespec1) + 1); + if(!merged) + { + DSOerr(DSO_F_DL_MERGER, + ERR_R_MALLOC_FAILURE); + return(NULL); + } + strcpy(merged, filespec1); + } + /* If the first file specification is missing, the second one rules. */ + else if (!filespec1) + { + merged = OPENSSL_malloc(strlen(filespec2) + 1); + if(!merged) + { + DSOerr(DSO_F_DL_MERGER, + ERR_R_MALLOC_FAILURE); + return(NULL); + } + strcpy(merged, filespec2); + } + else + /* This part isn't as trivial as it looks. It assumes that + the second file specification really is a directory, and + makes no checks whatsoever. Therefore, the result becomes + the concatenation of filespec2 followed by a slash followed + by filespec1. */ + { + int spec2len, len; + + spec2len = (filespec2 ? strlen(filespec2) : 0); + len = spec2len + (filespec1 ? strlen(filespec1) : 0); + + if(filespec2 && filespec2[spec2len - 1] == '/') + { + spec2len--; + len--; + } + merged = OPENSSL_malloc(len + 2); + if(!merged) + { + DSOerr(DSO_F_DL_MERGER, + ERR_R_MALLOC_FAILURE); + return(NULL); + } + strcpy(merged, filespec2); + merged[spec2len] = '/'; + strcpy(&merged[spec2len + 1], filespec1); + } + return(merged); + } + /* This function is identical to the one in dso_dlfcn.c, but as it is highly * unlikely that both the "dl" *and* "dlfcn" variants are being compiled at the * same time, there's no great duplicating the code. Figuring out an elegant @@ -282,36 +350,4 @@ static char *dl_name_converter(DSO *dso, const char *filename) return(translated); } -#ifdef OPENSSL_FIPS -static void dl_ref_point(){} - -int DSO_pathbyaddr(void *addr,char *path,int sz) - { - struct shl_descriptor inf; - int i,len; - - if (addr == NULL) - { - union { void(*f)(); void *p; } t = { dl_ref_point }; - addr = t.p; - } - - for (i=-1;shl_get_r(i,&inf)==0;i++) - { - if (((size_t)addr >= inf.tstart && (size_t)addr < inf.tend) || - ((size_t)addr >= inf.dstart && (size_t)addr < inf.dend)) - { - len = (int)strlen(inf.filename); - if (sz <= 0) return len+1; - if (len >= sz) len=sz-1; - memcpy(path,inf.filename,len); - path[len++] = 0; - return len; - } - } - - return -1; - } -#endif - #endif /* DSO_DL */ diff --git a/src/lib/libcrypto/dso/dso_vms.c b/src/lib/libcrypto/dso/dso_vms.c index 1674619d17..2c434ee8a6 100644 --- a/src/lib/libcrypto/dso/dso_vms.c +++ b/src/lib/libcrypto/dso/dso_vms.c @@ -1,4 +1,4 @@ -/* dso_vms.c */ +/* dso_vms.c -*- mode:C; c-file-style: "eay" -*- */ /* Written by Richard Levitte (richard@levitte.org) for the OpenSSL * project 2000. */ @@ -63,6 +63,7 @@ #include #ifdef OPENSSL_SYS_VMS #pragma message disable DOLLARID +#include #include #include #include @@ -89,6 +90,8 @@ static int vms_finish(DSO *dso); static long vms_ctrl(DSO *dso, int cmd, long larg, void *parg); #endif static char *vms_name_converter(DSO *dso, const char *filename); +static char *vms_merger(DSO *dso, const char *filespec1, + const char *filespec2); static DSO_METHOD dso_meth_vms = { "OpenSSL 'VMS' shared library method", @@ -103,6 +106,7 @@ static DSO_METHOD dso_meth_vms = { #endif NULL, /* ctrl */ vms_name_converter, + vms_merger, NULL, /* init */ NULL /* finish */ }; @@ -140,7 +144,7 @@ static int vms_load(DSO *dso) if(filename == NULL) { - DSOerr(DSO_F_DLFCN_LOAD,DSO_R_NO_FILENAME); + DSOerr(DSO_F_VMS_LOAD,DSO_R_NO_FILENAME); goto err; } @@ -295,19 +299,19 @@ void vms_bind_sym(DSO *dso, const char *symname, void **sym) if((dso == NULL) || (symname == NULL)) { - DSOerr(DSO_F_VMS_BIND_VAR,ERR_R_PASSED_NULL_PARAMETER); + DSOerr(DSO_F_VMS_BIND_SYM,ERR_R_PASSED_NULL_PARAMETER); return; } if(sk_num(dso->meth_data) < 1) { - DSOerr(DSO_F_VMS_BIND_VAR,DSO_R_STACK_ERROR); + DSOerr(DSO_F_VMS_BIND_SYM,DSO_R_STACK_ERROR); return; } ptr = (DSO_VMS_INTERNAL *)sk_value(dso->meth_data, sk_num(dso->meth_data) - 1); if(ptr == NULL) { - DSOerr(DSO_F_VMS_BIND_VAR,DSO_R_NULL_HANDLE); + DSOerr(DSO_F_VMS_BIND_SYM,DSO_R_NULL_HANDLE); return; } @@ -336,7 +340,7 @@ void vms_bind_sym(DSO *dso, const char *symname, void **sym) { errstring[length] = '\0'; - DSOerr(DSO_F_VMS_BIND_VAR,DSO_R_SYM_FAILURE); + DSOerr(DSO_F_VMS_BIND_SYM,DSO_R_SYM_FAILURE); if (ptr->imagename_dsc.dsc$w_length) ERR_add_error_data(9, "Symbol ", symname, @@ -368,6 +372,127 @@ static DSO_FUNC_TYPE vms_bind_func(DSO *dso, const char *symname) return sym; } +static char *vms_merger(DSO *dso, const char *filespec1, const char *filespec2) + { + int status; + int filespec1len, filespec2len; + struct FAB fab; +#ifdef NAML$C_MAXRSS + struct NAML nam; + char esa[NAML$C_MAXRSS]; +#else + struct NAM nam; + char esa[NAM$C_MAXRSS]; +#endif + char *merged; + + if (!filespec1) filespec1 = ""; + if (!filespec2) filespec2 = ""; + filespec1len = strlen(filespec1); + filespec2len = strlen(filespec2); + + fab = cc$rms_fab; +#ifdef NAML$C_MAXRSS + nam = cc$rms_naml; +#else + nam = cc$rms_nam; +#endif + + fab.fab$l_fna = (char *)filespec1; + fab.fab$b_fns = filespec1len; + fab.fab$l_dna = (char *)filespec2; + fab.fab$b_dns = filespec2len; +#ifdef NAML$C_MAXRSS + if (filespec1len > NAM$C_MAXRSS) + { + fab.fab$l_fna = 0; + fab.fab$b_fns = 0; + nam.naml$l_long_filename = (char *)filespec1; + nam.naml$l_long_filename_size = filespec1len; + } + if (filespec2len > NAM$C_MAXRSS) + { + fab.fab$l_dna = 0; + fab.fab$b_dns = 0; + nam.naml$l_long_defname = (char *)filespec2; + nam.naml$l_long_defname_size = filespec2len; + } + nam.naml$l_esa = esa; + nam.naml$b_ess = NAM$C_MAXRSS; + nam.naml$l_long_expand = esa; + nam.naml$l_long_expand_alloc = sizeof(esa); + nam.naml$b_nop = NAM$M_SYNCHK | NAM$M_PWD; + nam.naml$v_no_short_upcase = 1; + fab.fab$l_naml = &nam; +#else + nam.nam$l_esa = esa; + nam.nam$b_ess = NAM$C_MAXRSS; + nam.nam$b_nop = NAM$M_SYNCHK | NAM$M_PWD; + fab.fab$l_nam = &nam; +#endif + + status = sys$parse(&fab, 0, 0); + + if(!$VMS_STATUS_SUCCESS(status)) + { + unsigned short length; + char errstring[257]; + struct dsc$descriptor_s errstring_dsc; + + errstring_dsc.dsc$w_length = sizeof(errstring); + errstring_dsc.dsc$b_dtype = DSC$K_DTYPE_T; + errstring_dsc.dsc$b_class = DSC$K_CLASS_S; + errstring_dsc.dsc$a_pointer = errstring; + + status = sys$getmsg(status, &length, &errstring_dsc, 1, 0); + + if (!$VMS_STATUS_SUCCESS(status)) + lib$signal(status); /* This is really bad. Abort! */ + else + { + errstring[length] = '\0'; + + DSOerr(DSO_F_VMS_MERGER,DSO_R_FAILURE); + ERR_add_error_data(7, + "filespec \"", filespec1, "\", ", + "defaults \"", filespec2, "\": ", + errstring); + } + return(NULL); + } +#ifdef NAML$C_MAXRSS + if (nam.naml$l_long_expand_size) + { + merged = OPENSSL_malloc(nam.naml$l_long_expand_size + 1); + if(!merged) + goto malloc_err; + strncpy(merged, nam.naml$l_long_expand, + nam.naml$l_long_expand_size); + merged[nam.naml$l_long_expand_size] = '\0'; + } + else + { + merged = OPENSSL_malloc(nam.naml$b_esl + 1); + if(!merged) + goto malloc_err; + strncpy(merged, nam.naml$l_esa, + nam.naml$b_esl); + merged[nam.naml$b_esl] = '\0'; + } +#else + merged = OPENSSL_malloc(nam.nam$b_esl + 1); + if(!merged) + goto malloc_err; + strncpy(merged, nam.nam$l_esa, + nam.nam$b_esl); + merged[nam.nam$b_esl] = '\0'; +#endif + return(merged); + malloc_err: + DSOerr(DSO_F_VMS_MERGER, + ERR_R_MALLOC_FAILURE); + } + static char *vms_name_converter(DSO *dso, const char *filename) { int len = strlen(filename); diff --git a/src/lib/libcrypto/dso/dso_win32.c b/src/lib/libcrypto/dso/dso_win32.c index cc4ac68696..fd3dd6a7fe 100644 --- a/src/lib/libcrypto/dso/dso_win32.c +++ b/src/lib/libcrypto/dso/dso_win32.c @@ -1,4 +1,4 @@ -/* dso_win32.c */ +/* dso_win32.c -*- mode:C; c-file-style: "eay" -*- */ /* Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL * project 2000. */ @@ -85,6 +85,26 @@ static FARPROC GetProcAddressA(HMODULE hModule,LPCSTR lpProcName) # endif # undef GetProcAddress # define GetProcAddress GetProcAddressA + +static HINSTANCE LoadLibraryA(LPCSTR lpLibFileName) + { + WCHAR *fnamw; + size_t len_0=strlen(lpLibFileName)+1,i; + +#ifdef _MSC_VER + fnamw = (WCHAR *)_alloca (len_0*sizeof(WCHAR)); +#else + fnamw = (WCHAR *)alloca (len_0*sizeof(WCHAR)); +#endif + if (fnamw == NULL) return NULL; + +#if defined(_WIN32_WCE) && _WIN32_WCE>=101 + if (!MultiByteToWideChar(CP_ACP,0,lpLibFileName,len_0,fnamw,len_0)) +#endif + for (i=0;inode = start; + } + + do + { + last = filename[0]; + switch(last) + { + case ':': + if(position != IN_DEVICE) + { + DSOerr(DSO_F_WIN32_SPLITTER, + DSO_R_INCORRECT_FILE_SYNTAX); + /*goto err;*/ + return(NULL); + } + result->device = start; + result->devicelen = filename - start; + position = IN_FILE; + start = ++filename; + result->dir = start; + break; + case '\\': + case '/': + if(position == IN_NODE) + { + result->nodelen = filename - start; + position = IN_FILE; + start = ++filename; + result->dir = start; + } + else if(position == IN_DEVICE) + { + position = IN_FILE; + filename++; + result->dir = start; + result->dirlen = filename - start; + start = filename; + } + else + { + filename++; + result->dirlen += filename - start; + start = filename; + } + break; + case '\0': + if(position == IN_NODE) + { + result->nodelen = filename - start; + } + else + { + if(filename - start > 0) + { + if (assume_last_is_dir) + { + if (position == IN_DEVICE) + { + result->dir = start; + result->dirlen = 0; + } + result->dirlen += + filename - start; + } + else + { + result->file = start; + result->filelen = + filename - start; + } + } + } + break; + default: + filename++; + break; + } + } + while(last); + + if(!result->nodelen) result->node = NULL; + if(!result->devicelen) result->device = NULL; + if(!result->dirlen) result->dir = NULL; + if(!result->filelen) result->file = NULL; + + return(result); + } + +static char *win32_joiner(DSO *dso, const struct file_st *file_split) + { + int len = 0, offset = 0; + char *result = NULL; + const char *start; + + if(!file_split) + { + DSOerr(DSO_F_WIN32_JOINER, + ERR_R_PASSED_NULL_PARAMETER); + return(NULL); + } + if(file_split->node) + { + len += 2 + file_split->nodelen; /* 2 for starting \\ */ + if(file_split->predir || file_split->dir || file_split->file) + len++; /* 1 for ending \ */ + } + else if(file_split->device) + { + len += file_split->devicelen + 1; /* 1 for ending : */ + } + len += file_split->predirlen; + if(file_split->predir && (file_split->dir || file_split->file)) + { + len++; /* 1 for ending \ */ + } + len += file_split->dirlen; + if(file_split->dir && file_split->file) + { + len++; /* 1 for ending \ */ + } + len += file_split->filelen; + + if(!len) + { + DSOerr(DSO_F_WIN32_JOINER, DSO_R_EMPTY_FILE_STRUCTURE); + return(NULL); + } + + result = OPENSSL_malloc(len + 1); + if (!result) + { + DSOerr(DSO_F_WIN32_JOINER, + ERR_R_MALLOC_FAILURE); + return(NULL); + } + + if(file_split->node) + { + strcpy(&result[offset], "\\\\"); offset += 2; + strncpy(&result[offset], file_split->node, + file_split->nodelen); offset += file_split->nodelen; + if(file_split->predir || file_split->dir || file_split->file) + { + result[offset] = '\\'; offset++; + } + } + else if(file_split->device) + { + strncpy(&result[offset], file_split->device, + file_split->devicelen); offset += file_split->devicelen; + result[offset] = ':'; offset++; + } + start = file_split->predir; + while(file_split->predirlen > (start - file_split->predir)) + { + const char *end = openssl_strnchr(start, '/', + file_split->predirlen - (start - file_split->predir)); + if(!end) + end = start + + file_split->predirlen + - (start - file_split->predir); + strncpy(&result[offset], start, + end - start); offset += end - start; + result[offset] = '\\'; offset++; + start = end + 1; + } +#if 0 /* Not needed, since the directory converter above already appeneded + a backslash */ + if(file_split->predir && (file_split->dir || file_split->file)) + { + result[offset] = '\\'; offset++; + } +#endif + start = file_split->dir; + while(file_split->dirlen > (start - file_split->dir)) + { + const char *end = openssl_strnchr(start, '/', + file_split->dirlen - (start - file_split->dir)); + if(!end) + end = start + + file_split->dirlen + - (start - file_split->dir); + strncpy(&result[offset], start, + end - start); offset += end - start; + result[offset] = '\\'; offset++; + start = end + 1; + } +#if 0 /* Not needed, since the directory converter above already appeneded + a backslash */ + if(file_split->dir && file_split->file) + { + result[offset] = '\\'; offset++; + } +#endif + strncpy(&result[offset], file_split->file, + file_split->filelen); offset += file_split->filelen; + result[offset] = '\0'; + return(result); + } + +static char *win32_merger(DSO *dso, const char *filespec1, const char *filespec2) + { + char *merged = NULL; + struct file_st *filespec1_split = NULL; + struct file_st *filespec2_split = NULL; + + if(!filespec1 && !filespec2) + { + DSOerr(DSO_F_WIN32_MERGER, + ERR_R_PASSED_NULL_PARAMETER); + return(NULL); + } + if (!filespec2) + { + merged = OPENSSL_malloc(strlen(filespec1) + 1); + if(!merged) + { + DSOerr(DSO_F_WIN32_MERGER, + ERR_R_MALLOC_FAILURE); + return(NULL); + } + strcpy(merged, filespec1); + } + else if (!filespec1) + { + merged = OPENSSL_malloc(strlen(filespec2) + 1); + if(!merged) + { + DSOerr(DSO_F_WIN32_MERGER, + ERR_R_MALLOC_FAILURE); + return(NULL); + } + strcpy(merged, filespec2); + } + else + { + filespec1_split = win32_splitter(dso, filespec1, 0); + if (!filespec1_split) + { + DSOerr(DSO_F_WIN32_MERGER, + ERR_R_MALLOC_FAILURE); + return(NULL); + } + filespec2_split = win32_splitter(dso, filespec2, 1); + if (!filespec2_split) + { + DSOerr(DSO_F_WIN32_MERGER, + ERR_R_MALLOC_FAILURE); + OPENSSL_free(filespec1_split); + return(NULL); + } + + /* Fill in into filespec1_split */ + if (!filespec1_split->node && !filespec1_split->device) + { + filespec1_split->node = filespec2_split->node; + filespec1_split->nodelen = filespec2_split->nodelen; + filespec1_split->device = filespec2_split->device; + filespec1_split->devicelen = filespec2_split->devicelen; + } + if (!filespec1_split->dir) + { + filespec1_split->dir = filespec2_split->dir; + filespec1_split->dirlen = filespec2_split->dirlen; + } + else if (filespec1_split->dir[0] != '\\' + && filespec1_split->dir[0] != '/') + { + filespec1_split->predir = filespec2_split->dir; + filespec1_split->predirlen = filespec2_split->dirlen; + } + if (!filespec1_split->file) + { + filespec1_split->file = filespec2_split->file; + filespec1_split->filelen = filespec2_split->filelen; + } + + merged = win32_joiner(dso, filespec1_split); + } + return(merged); + } + static char *win32_name_converter(DSO *dso, const char *filename) { char *translated; @@ -295,4 +644,17 @@ static char *win32_name_converter(DSO *dso, const char *filename) return(translated); } +static const char *openssl_strnchr(const char *string, int c, size_t len) + { + size_t i; + const char *p; + for (i = 0, p = string; i < len && *p; i++, p++) + { + if (*p == c) + return p; + } + return NULL; + } + + #endif /* OPENSSL_SYS_WIN32 */ diff --git a/src/lib/libcrypto/ebcdic.c b/src/lib/libcrypto/ebcdic.c index d1bece87f7..43e53bcaf7 100644 --- a/src/lib/libcrypto/ebcdic.c +++ b/src/lib/libcrypto/ebcdic.c @@ -1,6 +1,14 @@ /* crypto/ebcdic.c */ -#ifdef CHARSET_EBCDIC +#ifndef CHARSET_EBCDIC + +#include +#if defined(PEDANTIC) || defined(__DECC) || defined(OPENSSL_SYS_MACOSX) +static void *dummy=&dummy; +#endif + +#else /*CHARSET_EBCDIC*/ + #include "ebcdic.h" /* Initial Port for Apache-1.3 by * Adapted for OpenSSL-0.9.4 by @@ -210,9 +218,4 @@ ascii2ebcdic(void *dest, const void *srce, size_t count) return dest; } -#else /*CHARSET_EBCDIC*/ -#include -#if defined(PEDANTIC) || defined(__DECC) || defined(OPENSSL_SYS_MACOSX) -static void *dummy=&dummy; -#endif #endif diff --git a/src/lib/libcrypto/ec/Makefile b/src/lib/libcrypto/ec/Makefile index 8f03658ad4..42f7bb7fc8 100644 --- a/src/lib/libcrypto/ec/Makefile +++ b/src/lib/libcrypto/ec/Makefile @@ -7,11 +7,6 @@ TOP= ../.. CC= cc INCLUDES= -I.. -I$(TOP) -I../../include CFLAG=-g -INSTALL_PREFIX= -OPENSSLDIR= /usr/local/ssl -INSTALLTOP=/usr/local/ssl -MAKEDEPPROG= makedepend -MAKEDEPEND= $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG) MAKEFILE= Makefile AR= ar r @@ -22,11 +17,13 @@ TEST=ectest.c APPS= LIB=$(TOP)/libcrypto.a -LIBSRC= ec_lib.c ecp_smpl.c ecp_mont.c ecp_recp.c ecp_nist.c ec_cvt.c ec_mult.c \ - ec_err.c +LIBSRC= ec_lib.c ecp_smpl.c ecp_mont.c ecp_nist.c ec_cvt.c ec_mult.c\ + ec_err.c ec_curve.c ec_check.c ec_print.c ec_asn1.c ec_key.c\ + ec2_smpl.c ec2_smpt.c ec2_mult.c -LIBOBJ= ec_lib.o ecp_smpl.o ecp_mont.o ecp_recp.o ecp_nist.o ec_cvt.o ec_mult.o \ - ec_err.o +LIBOBJ= ec_lib.o ecp_smpl.o ecp_mont.o ecp_nist.o ec_cvt.o ec_mult.o\ + ec_err.o ec_curve.o ec_check.o ec_print.o ec_asn1.o ec_key.o\ + ec2_smpl.o ec2_mult.o SRC= $(LIBSRC) @@ -54,6 +51,7 @@ links: @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS) install: + @[ -n "$(INSTALLTOP)" ] # should be set by top Makefile... @headerlist="$(EXHEADER)"; for i in $$headerlist ; \ do \ (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \ @@ -69,6 +67,7 @@ lint: lint -DLINT $(INCLUDES) $(SRC)>fluff depend: + @[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile... $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC) dclean: @@ -80,47 +79,115 @@ clean: # DO NOT DELETE THIS LINE -- make depend depends on it. -ec_cvt.o: ../../include/openssl/bn.h ../../include/openssl/e_os2.h -ec_cvt.o: ../../include/openssl/ec.h ../../include/openssl/opensslconf.h +ec2_mult.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h +ec2_mult.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h +ec2_mult.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h +ec2_mult.o: ../../include/openssl/err.h ../../include/openssl/lhash.h +ec2_mult.o: ../../include/openssl/obj_mac.h ../../include/openssl/opensslconf.h +ec2_mult.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +ec2_mult.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +ec2_mult.o: ../../include/openssl/symhacks.h ec2_mult.c ec_lcl.h +ec2_smpl.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h +ec2_smpl.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h +ec2_smpl.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h +ec2_smpl.o: ../../include/openssl/err.h ../../include/openssl/lhash.h +ec2_smpl.o: ../../include/openssl/obj_mac.h ../../include/openssl/opensslconf.h +ec2_smpl.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +ec2_smpl.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +ec2_smpl.o: ../../include/openssl/symhacks.h ec2_smpl.c ec2_smpt.c ec_lcl.h +ec2_smpt.o: ec2_smpt.c +ec_asn1.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h +ec_asn1.o: ../../include/openssl/bio.h ../../include/openssl/bn.h +ec_asn1.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h +ec_asn1.o: ../../include/openssl/ec.h ../../include/openssl/err.h +ec_asn1.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h +ec_asn1.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h +ec_asn1.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +ec_asn1.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +ec_asn1.o: ../../include/openssl/symhacks.h ec_asn1.c ec_lcl.h +ec_check.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h +ec_check.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h +ec_check.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h +ec_check.o: ../../include/openssl/err.h ../../include/openssl/lhash.h +ec_check.o: ../../include/openssl/obj_mac.h ../../include/openssl/opensslconf.h +ec_check.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +ec_check.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +ec_check.o: ../../include/openssl/symhacks.h ec_check.c ec_lcl.h +ec_curve.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h +ec_curve.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h +ec_curve.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h +ec_curve.o: ../../include/openssl/err.h ../../include/openssl/lhash.h +ec_curve.o: ../../include/openssl/obj_mac.h ../../include/openssl/opensslconf.h +ec_curve.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +ec_curve.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +ec_curve.o: ../../include/openssl/symhacks.h ec_curve.c ec_lcl.h +ec_cvt.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h +ec_cvt.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h +ec_cvt.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h +ec_cvt.o: ../../include/openssl/err.h ../../include/openssl/lhash.h +ec_cvt.o: ../../include/openssl/obj_mac.h ../../include/openssl/opensslconf.h +ec_cvt.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +ec_cvt.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h ec_cvt.o: ../../include/openssl/symhacks.h ec_cvt.c ec_lcl.h -ec_err.o: ../../include/openssl/bio.h ../../include/openssl/bn.h +ec_err.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h ec_err.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h ec_err.o: ../../include/openssl/ec.h ../../include/openssl/err.h ec_err.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h -ec_err.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h -ec_err.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -ec_err.o: ec_err.c -ec_lib.o: ../../include/openssl/bio.h ../../include/openssl/bn.h -ec_lib.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h -ec_lib.o: ../../include/openssl/ec.h ../../include/openssl/err.h -ec_lib.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h -ec_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h -ec_lib.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -ec_lib.o: ec_lcl.h ec_lib.c -ec_mult.o: ../../include/openssl/bio.h ../../include/openssl/bn.h -ec_mult.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h -ec_mult.o: ../../include/openssl/ec.h ../../include/openssl/err.h -ec_mult.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h -ec_mult.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h -ec_mult.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -ec_mult.o: ec_lcl.h ec_mult.c -ecp_mont.o: ../../include/openssl/bio.h ../../include/openssl/bn.h -ecp_mont.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h -ecp_mont.o: ../../include/openssl/ec.h ../../include/openssl/err.h -ecp_mont.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h -ecp_mont.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h -ecp_mont.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -ecp_mont.o: ec_lcl.h ecp_mont.c -ecp_nist.o: ../../include/openssl/bn.h ../../include/openssl/e_os2.h -ecp_nist.o: ../../include/openssl/ec.h ../../include/openssl/opensslconf.h +ec_err.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +ec_err.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +ec_err.o: ../../include/openssl/symhacks.h ec_err.c +ec_key.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h +ec_key.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h +ec_key.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h +ec_key.o: ../../include/openssl/err.h ../../include/openssl/lhash.h +ec_key.o: ../../include/openssl/obj_mac.h ../../include/openssl/opensslconf.h +ec_key.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +ec_key.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +ec_key.o: ../../include/openssl/symhacks.h ec_key.c ec_lcl.h +ec_lib.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h +ec_lib.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h +ec_lib.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h +ec_lib.o: ../../include/openssl/err.h ../../include/openssl/lhash.h +ec_lib.o: ../../include/openssl/obj_mac.h ../../include/openssl/opensslconf.h +ec_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +ec_lib.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +ec_lib.o: ../../include/openssl/symhacks.h ec_lcl.h ec_lib.c +ec_mult.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h +ec_mult.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h +ec_mult.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h +ec_mult.o: ../../include/openssl/err.h ../../include/openssl/lhash.h +ec_mult.o: ../../include/openssl/obj_mac.h ../../include/openssl/opensslconf.h +ec_mult.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +ec_mult.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +ec_mult.o: ../../include/openssl/symhacks.h ec_lcl.h ec_mult.c +ec_print.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h +ec_print.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h +ec_print.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h +ec_print.o: ../../include/openssl/obj_mac.h ../../include/openssl/opensslconf.h +ec_print.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +ec_print.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +ec_print.o: ../../include/openssl/symhacks.h ec_lcl.h ec_print.c +ecp_mont.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h +ecp_mont.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h +ecp_mont.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h +ecp_mont.o: ../../include/openssl/err.h ../../include/openssl/lhash.h +ecp_mont.o: ../../include/openssl/obj_mac.h ../../include/openssl/opensslconf.h +ecp_mont.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +ecp_mont.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +ecp_mont.o: ../../include/openssl/symhacks.h ec_lcl.h ecp_mont.c +ecp_nist.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h +ecp_nist.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h +ecp_nist.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h +ecp_nist.o: ../../include/openssl/err.h ../../include/openssl/lhash.h +ecp_nist.o: ../../include/openssl/obj_mac.h ../../include/openssl/opensslconf.h +ecp_nist.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +ecp_nist.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h ecp_nist.o: ../../include/openssl/symhacks.h ec_lcl.h ecp_nist.c -ecp_recp.o: ../../include/openssl/bn.h ../../include/openssl/e_os2.h -ecp_recp.o: ../../include/openssl/ec.h ../../include/openssl/opensslconf.h -ecp_recp.o: ../../include/openssl/symhacks.h ec_lcl.h ecp_recp.c -ecp_smpl.o: ../../include/openssl/bio.h ../../include/openssl/bn.h -ecp_smpl.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h -ecp_smpl.o: ../../include/openssl/ec.h ../../include/openssl/err.h -ecp_smpl.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h -ecp_smpl.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h -ecp_smpl.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -ecp_smpl.o: ec_lcl.h ecp_smpl.c +ecp_smpl.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h +ecp_smpl.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h +ecp_smpl.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h +ecp_smpl.o: ../../include/openssl/err.h ../../include/openssl/lhash.h +ecp_smpl.o: ../../include/openssl/obj_mac.h ../../include/openssl/opensslconf.h +ecp_smpl.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +ecp_smpl.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +ecp_smpl.o: ../../include/openssl/symhacks.h ec_lcl.h ecp_smpl.c diff --git a/src/lib/libcrypto/ec/ec2_smpt.c b/src/lib/libcrypto/ec/ec2_smpt.c new file mode 100644 index 0000000000..59d52bf663 --- /dev/null +++ b/src/lib/libcrypto/ec/ec2_smpt.c @@ -0,0 +1,74 @@ +/* crypto/ec/ec2_smpt.c */ +/* This code was originally written by Douglas Stebila + * for the OpenSSL project. + */ +/* ==================================================================== + * Copyright (c) 1998-2002 The OpenSSL Project. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * 3. All advertising materials mentioning features or use of this + * software must display the following acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" + * + * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to + * endorse or promote products derived from this software without + * prior written permission. For written permission, please contact + * openssl-core@openssl.org. + * + * 5. Products derived from this software may not be called "OpenSSL" + * nor may "OpenSSL" appear in their names without prior written + * permission of the OpenSSL Project. + * + * 6. Redistributions of any form whatsoever must retain the following + * acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit (http://www.openssl.org/)" + * + * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY + * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR + * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * ==================================================================== + * + * This product includes cryptographic software written by Eric Young + * (eay@cryptsoft.com). This product includes software written by Tim + * Hudson (tjh@cryptsoft.com). + * + */ + + +/* Calaculates and sets the affine coordinates of an EC_POINT from the given + * compressed coordinates. Uses algorithm 2.3.4 of SEC 1. + * Note that the simple implementation only uses affine coordinates. + * + * This algorithm is patented by Certicom Corp. under US Patent 6,141,420 + * (for licensing information, contact licensing@certicom.com). + * This function is disabled by default and can be enabled by defining the + * preprocessor macro OPENSSL_EC_BIN_PT_COMP at Configure-time. + */ +int ec_GF2m_simple_set_compressed_coordinates(const EC_GROUP *group, EC_POINT *point, + const BIGNUM *x_, int y_bit, BN_CTX *ctx) + { + ECerr(EC_F_EC_GF2M_SIMPLE_SET_COMPRESSED_COORDINATES, ERR_R_DISABLED); + return 0; + } diff --git a/src/lib/libcrypto/ec/ectest.c b/src/lib/libcrypto/ec/ectest.c index 345d3e4289..6148d553f9 100644 --- a/src/lib/libcrypto/ec/ectest.c +++ b/src/lib/libcrypto/ec/ectest.c @@ -1,4 +1,7 @@ /* crypto/ec/ectest.c */ +/* + * Originally written by Bodo Moeller for the OpenSSL project. + */ /* ==================================================================== * Copyright (c) 1998-2001 The OpenSSL Project. All rights reserved. * @@ -52,6 +55,19 @@ * Hudson (tjh@cryptsoft.com). * */ +/* ==================================================================== + * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. + * + * Portions of the attached software ("Contribution") are developed by + * SUN MICROSYSTEMS, INC., and are contributed to the OpenSSL project. + * + * The Contribution is licensed pursuant to the OpenSSL open source + * license provided above. + * + * The elliptic curve binary polynomial software is originally written by + * Sheueling Chang Shantz and Douglas Stebila of Sun Microsystems Laboratories. + * + */ #include #include @@ -74,6 +90,15 @@ int main(int argc, char * argv[]) { puts("Elliptic curves are disabled."); retur #include #endif #include +#include +#include +#include +#include + +#if defined(_MSC_VER) && defined(_MIPS_) && (_MSC_VER/100==12) +/* suppress "too big too optimize" warning */ +#pragma warning(disable:4959) +#endif #define ABORT do { \ fflush(stdout); \ @@ -82,47 +107,59 @@ int main(int argc, char * argv[]) { puts("Elliptic curves are disabled."); retur EXIT(1); \ } while (0) +void prime_field_tests(void); +void char2_field_tests(void); +void internal_curve_test(void); + +#define TIMING_BASE_PT 0 +#define TIMING_RAND_PT 1 +#define TIMING_SIMUL 2 + #if 0 -static void timings(EC_GROUP *group, int multi, BN_CTX *ctx) +static void timings(EC_GROUP *group, int type, BN_CTX *ctx) { clock_t clck; int i, j; - BIGNUM *s, *s0; + BIGNUM *s; + BIGNUM *r[10], *r0[10]; EC_POINT *P; s = BN_new(); - s0 = BN_new(); - if (s == NULL || s0 == NULL) ABORT; + if (s == NULL) ABORT; - if (!EC_GROUP_get_curve_GFp(group, s, NULL, NULL, ctx)) ABORT; - fprintf(stdout, "Timings for %d bit prime, ", (int)BN_num_bits(s)); + fprintf(stdout, "Timings for %d-bit field, ", EC_GROUP_get_degree(group)); if (!EC_GROUP_get_order(group, s, ctx)) ABORT; - fprintf(stdout, "%d bit scalars ", (int)BN_num_bits(s)); + fprintf(stdout, "%d-bit scalars ", (int)BN_num_bits(s)); fflush(stdout); P = EC_POINT_new(group); if (P == NULL) ABORT; EC_POINT_copy(P, EC_GROUP_get0_generator(group)); - clck = clock(); for (i = 0; i < 10; i++) { - if (!BN_pseudo_rand(s, BN_num_bits(s), 0, 0)) ABORT; - if (multi) + if ((r[i] = BN_new()) == NULL) ABORT; + if (!BN_pseudo_rand(r[i], BN_num_bits(s), 0, 0)) ABORT; + if (type != TIMING_BASE_PT) { - if (!BN_pseudo_rand(s0, BN_num_bits(s), 0, 0)) ABORT; + if ((r0[i] = BN_new()) == NULL) ABORT; + if (!BN_pseudo_rand(r0[i], BN_num_bits(s), 0, 0)) ABORT; } + } + + clck = clock(); + for (i = 0; i < 10; i++) + { for (j = 0; j < 10; j++) { - if (!EC_POINT_mul(group, P, s, multi ? P : NULL, multi ? s0 : NULL, ctx)) ABORT; + if (!EC_POINT_mul(group, P, (type != TIMING_RAND_PT) ? r[i] : NULL, + (type != TIMING_BASE_PT) ? P : NULL, (type != TIMING_BASE_PT) ? r0[i] : NULL, ctx)) ABORT; } - fprintf(stdout, "."); - fflush(stdout); } - fprintf(stdout, "\n"); - clck = clock() - clck; + fprintf(stdout, "\n"); + #ifdef CLOCKS_PER_SEC /* "To determine the time in seconds, the value returned * by the clock function should be divided by the value @@ -136,43 +173,40 @@ static void timings(EC_GROUP *group, int multi, BN_CTX *ctx) # define CLOCKS_PER_SEC 1 #endif - fprintf(stdout, "%i %s in %.2f " UNIT "\n", i*j, - multi ? "s*P+t*Q operations" : "point multiplications", - (double)clck/CLOCKS_PER_SEC); + if (type == TIMING_BASE_PT) { + fprintf(stdout, "%i %s in %.2f " UNIT "\n", i*j, + "base point multiplications", (double)clck/CLOCKS_PER_SEC); + } else if (type == TIMING_RAND_PT) { + fprintf(stdout, "%i %s in %.2f " UNIT "\n", i*j, + "random point multiplications", (double)clck/CLOCKS_PER_SEC); + } else if (type == TIMING_SIMUL) { + fprintf(stdout, "%i %s in %.2f " UNIT "\n", i*j, + "s*P+t*Q operations", (double)clck/CLOCKS_PER_SEC); + } fprintf(stdout, "average: %.4f " UNIT "\n", (double)clck/(CLOCKS_PER_SEC*i*j)); EC_POINT_free(P); BN_free(s); - BN_free(s0); + for (i = 0; i < 10; i++) + { + BN_free(r[i]); + if (type != TIMING_BASE_PT) BN_free(r0[i]); + } } #endif -int main(int argc, char *argv[]) +void prime_field_tests() { BN_CTX *ctx = NULL; BIGNUM *p, *a, *b; EC_GROUP *group; - EC_GROUP *P_192 = NULL, *P_224 = NULL, *P_256 = NULL, *P_384 = NULL, *P_521 = NULL; + EC_GROUP *P_160 = NULL, *P_192 = NULL, *P_224 = NULL, *P_256 = NULL, *P_384 = NULL, *P_521 = NULL; EC_POINT *P, *Q, *R; BIGNUM *x, *y, *z; unsigned char buf[100]; size_t i, len; int k; - /* enable memory leak checking unless explicitly disabled */ - if (!((getenv("OPENSSL_DEBUG_MEMORY") != NULL) && (0 == strcmp(getenv("OPENSSL_DEBUG_MEMORY"), "off")))) - { - CRYPTO_malloc_debug_init(); - CRYPTO_set_mem_debug_options(V_CRYPTO_MDEBUG_ALL); - } - else - { - /* OPENSSL_DEBUG_MEMORY=off */ - CRYPTO_set_mem_debug_functions(0, 0, 0, 0, 0); - } - CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON); - ERR_load_crypto_strings(); - #if 1 /* optional */ ctx = BN_CTX_new(); if (!ctx) ABORT; @@ -197,7 +231,7 @@ int main(int argc, char *argv[]) EC_GROUP *tmp; tmp = EC_GROUP_new(EC_GROUP_method_of(group)); if (!tmp) ABORT; - if (!EC_GROUP_copy(tmp, group)); + if (!EC_GROUP_copy(tmp, group)) ABORT; EC_GROUP_free(group); group = tmp; } @@ -317,10 +351,56 @@ int main(int argc, char *argv[]) if (0 != EC_POINT_cmp(group, P, R, ctx)) ABORT; + /* Curve secp160r1 (Certicom Research SEC 2 Version 1.0, section 2.4.2, 2000) + * -- not a NIST curve, but commonly used */ + + if (!BN_hex2bn(&p, "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF7FFFFFFF")) ABORT; + if (1 != BN_is_prime_ex(p, BN_prime_checks, ctx, NULL)) ABORT; + if (!BN_hex2bn(&a, "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF7FFFFFFC")) ABORT; + if (!BN_hex2bn(&b, "1C97BEFC54BD7A8B65ACF89F81D4D4ADC565FA45")) ABORT; + if (!EC_GROUP_set_curve_GFp(group, p, a, b, ctx)) ABORT; + + if (!BN_hex2bn(&x, "4A96B5688EF573284664698968C38BB913CBFC82")) ABORT; + if (!BN_hex2bn(&y, "23a628553168947d59dcc912042351377ac5fb32")) ABORT; + if (!EC_POINT_set_affine_coordinates_GFp(group, P, x, y, ctx)) ABORT; + if (!EC_POINT_is_on_curve(group, P, ctx)) ABORT; + if (!BN_hex2bn(&z, "0100000000000000000001F4C8F927AED3CA752257")) ABORT; + if (!EC_GROUP_set_generator(group, P, z, BN_value_one())) ABORT; + + if (!EC_POINT_get_affine_coordinates_GFp(group, P, x, y, ctx)) ABORT; + fprintf(stdout, "\nSEC2 curve secp160r1 -- Generator:\n x = 0x"); + BN_print_fp(stdout, x); + fprintf(stdout, "\n y = 0x"); + BN_print_fp(stdout, y); + fprintf(stdout, "\n"); + /* G_y value taken from the standard: */ + if (!BN_hex2bn(&z, "23a628553168947d59dcc912042351377ac5fb32")) ABORT; + if (0 != BN_cmp(y, z)) ABORT; + + fprintf(stdout, "verify degree ..."); + if (EC_GROUP_get_degree(group) != 160) ABORT; + fprintf(stdout, " ok\n"); + + fprintf(stdout, "verify group order ..."); + fflush(stdout); + if (!EC_GROUP_get_order(group, z, ctx)) ABORT; + if (!EC_POINT_mul(group, Q, z, NULL, NULL, ctx)) ABORT; + if (!EC_POINT_is_at_infinity(group, Q)) ABORT; + fprintf(stdout, "."); + fflush(stdout); + if (!EC_GROUP_precompute_mult(group, ctx)) ABORT; + if (!EC_POINT_mul(group, Q, z, NULL, NULL, ctx)) ABORT; + if (!EC_POINT_is_at_infinity(group, Q)) ABORT; + fprintf(stdout, " ok\n"); + + if (!(P_160 = EC_GROUP_new(EC_GROUP_method_of(group)))) ABORT; + if (!EC_GROUP_copy(P_160, group)) ABORT; + + /* Curve P-192 (FIPS PUB 186-2, App. 6) */ if (!BN_hex2bn(&p, "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFFFFFFFFFF")) ABORT; - if (1 != BN_is_prime(p, BN_prime_checks, 0, ctx, NULL)) ABORT; + if (1 != BN_is_prime_ex(p, BN_prime_checks, ctx, NULL)) ABORT; if (!BN_hex2bn(&a, "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFFFFFFFFFC")) ABORT; if (!BN_hex2bn(&b, "64210519E59C80E70FA7E9AB72243049FEB8DEECC146B9B1")) ABORT; if (!EC_GROUP_set_curve_GFp(group, p, a, b, ctx)) ABORT; @@ -340,6 +420,10 @@ int main(int argc, char *argv[]) /* G_y value taken from the standard: */ if (!BN_hex2bn(&z, "07192B95FFC8DA78631011ED6B24CDD573F977A11E794811")) ABORT; if (0 != BN_cmp(y, z)) ABORT; + + fprintf(stdout, "verify degree ..."); + if (EC_GROUP_get_degree(group) != 192) ABORT; + fprintf(stdout, " ok\n"); fprintf(stdout, "verify group order ..."); fflush(stdout); @@ -348,7 +432,9 @@ int main(int argc, char *argv[]) if (!EC_POINT_is_at_infinity(group, Q)) ABORT; fprintf(stdout, "."); fflush(stdout); +#if 0 if (!EC_GROUP_precompute_mult(group, ctx)) ABORT; +#endif if (!EC_POINT_mul(group, Q, z, NULL, NULL, ctx)) ABORT; if (!EC_POINT_is_at_infinity(group, Q)) ABORT; fprintf(stdout, " ok\n"); @@ -360,7 +446,7 @@ int main(int argc, char *argv[]) /* Curve P-224 (FIPS PUB 186-2, App. 6) */ if (!BN_hex2bn(&p, "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF000000000000000000000001")) ABORT; - if (1 != BN_is_prime(p, BN_prime_checks, 0, ctx, NULL)) ABORT; + if (1 != BN_is_prime_ex(p, BN_prime_checks, ctx, NULL)) ABORT; if (!BN_hex2bn(&a, "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFFFFFFFFFFFFFFFFFE")) ABORT; if (!BN_hex2bn(&b, "B4050A850C04B3ABF54132565044B0B7D7BFD8BA270B39432355FFB4")) ABORT; if (!EC_GROUP_set_curve_GFp(group, p, a, b, ctx)) ABORT; @@ -381,6 +467,10 @@ int main(int argc, char *argv[]) if (!BN_hex2bn(&z, "BD376388B5F723FB4C22DFE6CD4375A05A07476444D5819985007E34")) ABORT; if (0 != BN_cmp(y, z)) ABORT; + fprintf(stdout, "verify degree ..."); + if (EC_GROUP_get_degree(group) != 224) ABORT; + fprintf(stdout, " ok\n"); + fprintf(stdout, "verify group order ..."); fflush(stdout); if (!EC_GROUP_get_order(group, z, ctx)) ABORT; @@ -388,7 +478,9 @@ int main(int argc, char *argv[]) if (!EC_POINT_is_at_infinity(group, Q)) ABORT; fprintf(stdout, "."); fflush(stdout); +#if 0 if (!EC_GROUP_precompute_mult(group, ctx)) ABORT; +#endif if (!EC_POINT_mul(group, Q, z, NULL, NULL, ctx)) ABORT; if (!EC_POINT_is_at_infinity(group, Q)) ABORT; fprintf(stdout, " ok\n"); @@ -400,7 +492,7 @@ int main(int argc, char *argv[]) /* Curve P-256 (FIPS PUB 186-2, App. 6) */ if (!BN_hex2bn(&p, "FFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF")) ABORT; - if (1 != BN_is_prime(p, BN_prime_checks, 0, ctx, NULL)) ABORT; + if (1 != BN_is_prime_ex(p, BN_prime_checks, ctx, NULL)) ABORT; if (!BN_hex2bn(&a, "FFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFC")) ABORT; if (!BN_hex2bn(&b, "5AC635D8AA3A93E7B3EBBD55769886BC651D06B0CC53B0F63BCE3C3E27D2604B")) ABORT; if (!EC_GROUP_set_curve_GFp(group, p, a, b, ctx)) ABORT; @@ -422,6 +514,10 @@ int main(int argc, char *argv[]) if (!BN_hex2bn(&z, "4FE342E2FE1A7F9B8EE7EB4A7C0F9E162BCE33576B315ECECBB6406837BF51F5")) ABORT; if (0 != BN_cmp(y, z)) ABORT; + fprintf(stdout, "verify degree ..."); + if (EC_GROUP_get_degree(group) != 256) ABORT; + fprintf(stdout, " ok\n"); + fprintf(stdout, "verify group order ..."); fflush(stdout); if (!EC_GROUP_get_order(group, z, ctx)) ABORT; @@ -429,7 +525,9 @@ int main(int argc, char *argv[]) if (!EC_POINT_is_at_infinity(group, Q)) ABORT; fprintf(stdout, "."); fflush(stdout); +#if 0 if (!EC_GROUP_precompute_mult(group, ctx)) ABORT; +#endif if (!EC_POINT_mul(group, Q, z, NULL, NULL, ctx)) ABORT; if (!EC_POINT_is_at_infinity(group, Q)) ABORT; fprintf(stdout, " ok\n"); @@ -442,7 +540,7 @@ int main(int argc, char *argv[]) if (!BN_hex2bn(&p, "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF" "FFFFFFFFFFFFFFFFFEFFFFFFFF0000000000000000FFFFFFFF")) ABORT; - if (1 != BN_is_prime(p, BN_prime_checks, 0, ctx, NULL)) ABORT; + if (1 != BN_is_prime_ex(p, BN_prime_checks, ctx, NULL)) ABORT; if (!BN_hex2bn(&a, "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF" "FFFFFFFFFFFFFFFFFEFFFFFFFF0000000000000000FFFFFFFC")) ABORT; if (!BN_hex2bn(&b, "B3312FA7E23EE7E4988E056BE3F82D19181D9C6EFE8141" @@ -468,6 +566,10 @@ int main(int argc, char *argv[]) "7CE9DA3113B5F0B8C00A60B1CE1D7E819D7A431D7C90EA0E5F")) ABORT; if (0 != BN_cmp(y, z)) ABORT; + fprintf(stdout, "verify degree ..."); + if (EC_GROUP_get_degree(group) != 384) ABORT; + fprintf(stdout, " ok\n"); + fprintf(stdout, "verify group order ..."); fflush(stdout); if (!EC_GROUP_get_order(group, z, ctx)) ABORT; @@ -475,7 +577,9 @@ int main(int argc, char *argv[]) if (!EC_POINT_is_at_infinity(group, Q)) ABORT; fprintf(stdout, "."); fflush(stdout); +#if 0 if (!EC_GROUP_precompute_mult(group, ctx)) ABORT; +#endif if (!EC_POINT_mul(group, Q, z, NULL, NULL, ctx)) ABORT; if (!EC_POINT_is_at_infinity(group, Q)) ABORT; fprintf(stdout, " ok\n"); @@ -489,7 +593,7 @@ int main(int argc, char *argv[]) if (!BN_hex2bn(&p, "1FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF" "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF" "FFFFFFFFFFFFFFFFFFFFFFFFFFFF")) ABORT; - if (1 != BN_is_prime(p, BN_prime_checks, 0, ctx, NULL)) ABORT; + if (1 != BN_is_prime_ex(p, BN_prime_checks, ctx, NULL)) ABORT; if (!BN_hex2bn(&a, "1FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF" "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF" "FFFFFFFFFFFFFFFFFFFFFFFFFFFC")) ABORT; @@ -520,6 +624,10 @@ int main(int argc, char *argv[]) "7086A272C24088BE94769FD16650")) ABORT; if (0 != BN_cmp(y, z)) ABORT; + fprintf(stdout, "verify degree ..."); + if (EC_GROUP_get_degree(group) != 521) ABORT; + fprintf(stdout, " ok\n"); + fprintf(stdout, "verify group order ..."); fflush(stdout); if (!EC_GROUP_get_order(group, z, ctx)) ABORT; @@ -527,7 +635,9 @@ int main(int argc, char *argv[]) if (!EC_POINT_is_at_infinity(group, Q)) ABORT; fprintf(stdout, "."); fflush(stdout); +#if 0 if (!EC_GROUP_precompute_mult(group, ctx)) ABORT; +#endif if (!EC_POINT_mul(group, Q, z, NULL, NULL, ctx)) ABORT; if (!EC_POINT_is_at_infinity(group, Q)) ABORT; fprintf(stdout, " ok\n"); @@ -549,13 +659,15 @@ int main(int argc, char *argv[]) if (!EC_POINT_is_at_infinity(group, R)) ABORT; /* R = P + 2Q */ { - const EC_POINT *points[3]; - const BIGNUM *scalars[3]; + const EC_POINT *points[4]; + const BIGNUM *scalars[4]; + BIGNUM scalar3; if (EC_POINT_is_at_infinity(group, Q)) ABORT; points[0] = Q; points[1] = Q; points[2] = Q; + points[3] = Q; if (!BN_add(y, z, BN_value_one())) ABORT; if (BN_is_odd(y)) ABORT; @@ -577,7 +689,7 @@ int main(int argc, char *argv[]) if (!BN_pseudo_rand(y, BN_num_bits(y), 0, 0)) ABORT; if (!BN_add(z, z, y)) ABORT; - z->neg = 1; + BN_set_negative(z, 1); scalars[0] = y; scalars[1] = z; /* z = -(order + y) */ @@ -589,29 +701,43 @@ int main(int argc, char *argv[]) if (!BN_pseudo_rand(x, BN_num_bits(y) - 1, 0, 0)) ABORT; if (!BN_add(z, x, y)) ABORT; - z->neg = 1; + BN_set_negative(z, 1); scalars[0] = x; scalars[1] = y; scalars[2] = z; /* z = -(x+y) */ - if (!EC_POINTs_mul(group, P, NULL, 3, points, scalars, ctx)) ABORT; + BN_init(&scalar3); + BN_zero(&scalar3); + scalars[3] = &scalar3; + + if (!EC_POINTs_mul(group, P, NULL, 4, points, scalars, ctx)) ABORT; if (!EC_POINT_is_at_infinity(group, P)) ABORT; fprintf(stdout, " ok\n\n"); + + BN_free(&scalar3); } #if 0 - timings(P_192, 0, ctx); - timings(P_192, 1, ctx); - timings(P_224, 0, ctx); - timings(P_224, 1, ctx); - timings(P_256, 0, ctx); - timings(P_256, 1, ctx); - timings(P_384, 0, ctx); - timings(P_384, 1, ctx); - timings(P_521, 0, ctx); - timings(P_521, 1, ctx); + timings(P_160, TIMING_BASE_PT, ctx); + timings(P_160, TIMING_RAND_PT, ctx); + timings(P_160, TIMING_SIMUL, ctx); + timings(P_192, TIMING_BASE_PT, ctx); + timings(P_192, TIMING_RAND_PT, ctx); + timings(P_192, TIMING_SIMUL, ctx); + timings(P_224, TIMING_BASE_PT, ctx); + timings(P_224, TIMING_RAND_PT, ctx); + timings(P_224, TIMING_SIMUL, ctx); + timings(P_256, TIMING_BASE_PT, ctx); + timings(P_256, TIMING_RAND_PT, ctx); + timings(P_256, TIMING_SIMUL, ctx); + timings(P_384, TIMING_BASE_PT, ctx); + timings(P_384, TIMING_RAND_PT, ctx); + timings(P_384, TIMING_SIMUL, ctx); + timings(P_521, TIMING_BASE_PT, ctx); + timings(P_521, TIMING_RAND_PT, ctx); + timings(P_521, TIMING_SIMUL, ctx); #endif @@ -624,12 +750,587 @@ int main(int argc, char *argv[]) EC_POINT_free(R); BN_free(x); BN_free(y); BN_free(z); + if (P_160) EC_GROUP_free(P_160); if (P_192) EC_GROUP_free(P_192); if (P_224) EC_GROUP_free(P_224); if (P_256) EC_GROUP_free(P_256); if (P_384) EC_GROUP_free(P_384); if (P_521) EC_GROUP_free(P_521); + } + +/* Change test based on whether binary point compression is enabled or not. */ +#ifdef OPENSSL_EC_BIN_PT_COMP +#define CHAR2_CURVE_TEST_INTERNAL(_name, _p, _a, _b, _x, _y, _y_bit, _order, _cof, _degree, _variable) \ + if (!BN_hex2bn(&x, _x)) ABORT; \ + if (!EC_POINT_set_compressed_coordinates_GF2m(group, P, x, _y_bit, ctx)) ABORT; \ + if (!EC_POINT_is_on_curve(group, P, ctx)) ABORT; \ + if (!BN_hex2bn(&z, _order)) ABORT; \ + if (!BN_hex2bn(&cof, _cof)) ABORT; \ + if (!EC_GROUP_set_generator(group, P, z, cof)) ABORT; \ + if (!EC_POINT_get_affine_coordinates_GF2m(group, P, x, y, ctx)) ABORT; \ + fprintf(stdout, "\n%s -- Generator:\n x = 0x", _name); \ + BN_print_fp(stdout, x); \ + fprintf(stdout, "\n y = 0x"); \ + BN_print_fp(stdout, y); \ + fprintf(stdout, "\n"); \ + /* G_y value taken from the standard: */ \ + if (!BN_hex2bn(&z, _y)) ABORT; \ + if (0 != BN_cmp(y, z)) ABORT; +#else +#define CHAR2_CURVE_TEST_INTERNAL(_name, _p, _a, _b, _x, _y, _y_bit, _order, _cof, _degree, _variable) \ + if (!BN_hex2bn(&x, _x)) ABORT; \ + if (!BN_hex2bn(&y, _y)) ABORT; \ + if (!EC_POINT_set_affine_coordinates_GF2m(group, P, x, y, ctx)) ABORT; \ + if (!EC_POINT_is_on_curve(group, P, ctx)) ABORT; \ + if (!BN_hex2bn(&z, _order)) ABORT; \ + if (!BN_hex2bn(&cof, _cof)) ABORT; \ + if (!EC_GROUP_set_generator(group, P, z, cof)) ABORT; \ + fprintf(stdout, "\n%s -- Generator:\n x = 0x", _name); \ + BN_print_fp(stdout, x); \ + fprintf(stdout, "\n y = 0x"); \ + BN_print_fp(stdout, y); \ + fprintf(stdout, "\n"); +#endif + +#define CHAR2_CURVE_TEST(_name, _p, _a, _b, _x, _y, _y_bit, _order, _cof, _degree, _variable) \ + if (!BN_hex2bn(&p, _p)) ABORT; \ + if (!BN_hex2bn(&a, _a)) ABORT; \ + if (!BN_hex2bn(&b, _b)) ABORT; \ + if (!EC_GROUP_set_curve_GF2m(group, p, a, b, ctx)) ABORT; \ + CHAR2_CURVE_TEST_INTERNAL(_name, _p, _a, _b, _x, _y, _y_bit, _order, _cof, _degree, _variable) \ + fprintf(stdout, "verify degree ..."); \ + if (EC_GROUP_get_degree(group) != _degree) ABORT; \ + fprintf(stdout, " ok\n"); \ + fprintf(stdout, "verify group order ..."); \ + fflush(stdout); \ + if (!EC_GROUP_get_order(group, z, ctx)) ABORT; \ + if (!EC_POINT_mul(group, Q, z, NULL, NULL, ctx)) ABORT; \ + if (!EC_POINT_is_at_infinity(group, Q)) ABORT; \ + fprintf(stdout, "."); \ + fflush(stdout); \ + /* if (!EC_GROUP_precompute_mult(group, ctx)) ABORT; */ \ + if (!EC_POINT_mul(group, Q, z, NULL, NULL, ctx)) ABORT; \ + if (!EC_POINT_is_at_infinity(group, Q)) ABORT; \ + fprintf(stdout, " ok\n"); \ + if (!(_variable = EC_GROUP_new(EC_GROUP_method_of(group)))) ABORT; \ + if (!EC_GROUP_copy(_variable, group)) ABORT; + +void char2_field_tests() + { + BN_CTX *ctx = NULL; + BIGNUM *p, *a, *b; + EC_GROUP *group; + EC_GROUP *C2_K163 = NULL, *C2_K233 = NULL, *C2_K283 = NULL, *C2_K409 = NULL, *C2_K571 = NULL; + EC_GROUP *C2_B163 = NULL, *C2_B233 = NULL, *C2_B283 = NULL, *C2_B409 = NULL, *C2_B571 = NULL; + EC_POINT *P, *Q, *R; + BIGNUM *x, *y, *z, *cof; + unsigned char buf[100]; + size_t i, len; + int k; + +#if 1 /* optional */ + ctx = BN_CTX_new(); + if (!ctx) ABORT; +#endif + + p = BN_new(); + a = BN_new(); + b = BN_new(); + if (!p || !a || !b) ABORT; + + if (!BN_hex2bn(&p, "13")) ABORT; + if (!BN_hex2bn(&a, "3")) ABORT; + if (!BN_hex2bn(&b, "1")) ABORT; + + group = EC_GROUP_new(EC_GF2m_simple_method()); /* applications should use EC_GROUP_new_curve_GF2m + * so that the library gets to choose the EC_METHOD */ + if (!group) ABORT; + if (!EC_GROUP_set_curve_GF2m(group, p, a, b, ctx)) ABORT; + + { + EC_GROUP *tmp; + tmp = EC_GROUP_new(EC_GROUP_method_of(group)); + if (!tmp) ABORT; + if (!EC_GROUP_copy(tmp, group)) ABORT; + EC_GROUP_free(group); + group = tmp; + } + + if (!EC_GROUP_get_curve_GF2m(group, p, a, b, ctx)) ABORT; + + fprintf(stdout, "Curve defined by Weierstrass equation\n y^2 + x*y = x^3 + a*x^2 + b (mod 0x"); + BN_print_fp(stdout, p); + fprintf(stdout, ")\n a = 0x"); + BN_print_fp(stdout, a); + fprintf(stdout, "\n b = 0x"); + BN_print_fp(stdout, b); + fprintf(stdout, "\n(0x... means binary polynomial)\n"); + + P = EC_POINT_new(group); + Q = EC_POINT_new(group); + R = EC_POINT_new(group); + if (!P || !Q || !R) ABORT; + + if (!EC_POINT_set_to_infinity(group, P)) ABORT; + if (!EC_POINT_is_at_infinity(group, P)) ABORT; + + buf[0] = 0; + if (!EC_POINT_oct2point(group, Q, buf, 1, ctx)) ABORT; + + if (!EC_POINT_add(group, P, P, Q, ctx)) ABORT; + if (!EC_POINT_is_at_infinity(group, P)) ABORT; + + x = BN_new(); + y = BN_new(); + z = BN_new(); + cof = BN_new(); + if (!x || !y || !z || !cof) ABORT; + + if (!BN_hex2bn(&x, "6")) ABORT; +/* Change test based on whether binary point compression is enabled or not. */ +#ifdef OPENSSL_EC_BIN_PT_COMP + if (!EC_POINT_set_compressed_coordinates_GF2m(group, Q, x, 1, ctx)) ABORT; +#else + if (!BN_hex2bn(&y, "8")) ABORT; + if (!EC_POINT_set_affine_coordinates_GF2m(group, Q, x, y, ctx)) ABORT; +#endif + if (!EC_POINT_is_on_curve(group, Q, ctx)) + { +/* Change test based on whether binary point compression is enabled or not. */ +#ifdef OPENSSL_EC_BIN_PT_COMP + if (!EC_POINT_get_affine_coordinates_GF2m(group, Q, x, y, ctx)) ABORT; +#endif + fprintf(stderr, "Point is not on curve: x = 0x"); + BN_print_fp(stderr, x); + fprintf(stderr, ", y = 0x"); + BN_print_fp(stderr, y); + fprintf(stderr, "\n"); + ABORT; + } + + fprintf(stdout, "A cyclic subgroup:\n"); + k = 100; + do + { + if (k-- == 0) ABORT; + + if (EC_POINT_is_at_infinity(group, P)) + fprintf(stdout, " point at infinity\n"); + else + { + if (!EC_POINT_get_affine_coordinates_GF2m(group, P, x, y, ctx)) ABORT; + + fprintf(stdout, " x = 0x"); + BN_print_fp(stdout, x); + fprintf(stdout, ", y = 0x"); + BN_print_fp(stdout, y); + fprintf(stdout, "\n"); + } + + if (!EC_POINT_copy(R, P)) ABORT; + if (!EC_POINT_add(group, P, P, Q, ctx)) ABORT; + } + while (!EC_POINT_is_at_infinity(group, P)); + + if (!EC_POINT_add(group, P, Q, R, ctx)) ABORT; + if (!EC_POINT_is_at_infinity(group, P)) ABORT; + +/* Change test based on whether binary point compression is enabled or not. */ +#ifdef OPENSSL_EC_BIN_PT_COMP + len = EC_POINT_point2oct(group, Q, POINT_CONVERSION_COMPRESSED, buf, sizeof buf, ctx); + if (len == 0) ABORT; + if (!EC_POINT_oct2point(group, P, buf, len, ctx)) ABORT; + if (0 != EC_POINT_cmp(group, P, Q, ctx)) ABORT; + fprintf(stdout, "Generator as octet string, compressed form:\n "); + for (i = 0; i < len; i++) fprintf(stdout, "%02X", buf[i]); +#endif + + len = EC_POINT_point2oct(group, Q, POINT_CONVERSION_UNCOMPRESSED, buf, sizeof buf, ctx); + if (len == 0) ABORT; + if (!EC_POINT_oct2point(group, P, buf, len, ctx)) ABORT; + if (0 != EC_POINT_cmp(group, P, Q, ctx)) ABORT; + fprintf(stdout, "\nGenerator as octet string, uncompressed form:\n "); + for (i = 0; i < len; i++) fprintf(stdout, "%02X", buf[i]); + +/* Change test based on whether binary point compression is enabled or not. */ +#ifdef OPENSSL_EC_BIN_PT_COMP + len = EC_POINT_point2oct(group, Q, POINT_CONVERSION_HYBRID, buf, sizeof buf, ctx); + if (len == 0) ABORT; + if (!EC_POINT_oct2point(group, P, buf, len, ctx)) ABORT; + if (0 != EC_POINT_cmp(group, P, Q, ctx)) ABORT; + fprintf(stdout, "\nGenerator as octet string, hybrid form:\n "); + for (i = 0; i < len; i++) fprintf(stdout, "%02X", buf[i]); +#endif + + fprintf(stdout, "\n"); + + if (!EC_POINT_invert(group, P, ctx)) ABORT; + if (0 != EC_POINT_cmp(group, P, R, ctx)) ABORT; + + + /* Curve K-163 (FIPS PUB 186-2, App. 6) */ + CHAR2_CURVE_TEST + ( + "NIST curve K-163", + "0800000000000000000000000000000000000000C9", + "1", + "1", + "02FE13C0537BBC11ACAA07D793DE4E6D5E5C94EEE8", + "0289070FB05D38FF58321F2E800536D538CCDAA3D9", + 1, + "04000000000000000000020108A2E0CC0D99F8A5EF", + "2", + 163, + C2_K163 + ); + + /* Curve B-163 (FIPS PUB 186-2, App. 6) */ + CHAR2_CURVE_TEST + ( + "NIST curve B-163", + "0800000000000000000000000000000000000000C9", + "1", + "020A601907B8C953CA1481EB10512F78744A3205FD", + "03F0EBA16286A2D57EA0991168D4994637E8343E36", + "00D51FBC6C71A0094FA2CDD545B11C5C0C797324F1", + 1, + "040000000000000000000292FE77E70C12A4234C33", + "2", + 163, + C2_B163 + ); + + /* Curve K-233 (FIPS PUB 186-2, App. 6) */ + CHAR2_CURVE_TEST + ( + "NIST curve K-233", + "020000000000000000000000000000000000000004000000000000000001", + "0", + "1", + "017232BA853A7E731AF129F22FF4149563A419C26BF50A4C9D6EEFAD6126", + "01DB537DECE819B7F70F555A67C427A8CD9BF18AEB9B56E0C11056FAE6A3", + 0, + "008000000000000000000000000000069D5BB915BCD46EFB1AD5F173ABDF", + "4", + 233, + C2_K233 + ); + + /* Curve B-233 (FIPS PUB 186-2, App. 6) */ + CHAR2_CURVE_TEST + ( + "NIST curve B-233", + "020000000000000000000000000000000000000004000000000000000001", + "000000000000000000000000000000000000000000000000000000000001", + "0066647EDE6C332C7F8C0923BB58213B333B20E9CE4281FE115F7D8F90AD", + "00FAC9DFCBAC8313BB2139F1BB755FEF65BC391F8B36F8F8EB7371FD558B", + "01006A08A41903350678E58528BEBF8A0BEFF867A7CA36716F7E01F81052", + 1, + "01000000000000000000000000000013E974E72F8A6922031D2603CFE0D7", + "2", + 233, + C2_B233 + ); + + /* Curve K-283 (FIPS PUB 186-2, App. 6) */ + CHAR2_CURVE_TEST + ( + "NIST curve K-283", + "0800000000000000000000000000000000000000000000000000000000000000000010A1", + "0", + "1", + "0503213F78CA44883F1A3B8162F188E553CD265F23C1567A16876913B0C2AC2458492836", + "01CCDA380F1C9E318D90F95D07E5426FE87E45C0E8184698E45962364E34116177DD2259", + 0, + "01FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFE9AE2ED07577265DFF7F94451E061E163C61", + "4", + 283, + C2_K283 + ); + + /* Curve B-283 (FIPS PUB 186-2, App. 6) */ + CHAR2_CURVE_TEST + ( + "NIST curve B-283", + "0800000000000000000000000000000000000000000000000000000000000000000010A1", + "000000000000000000000000000000000000000000000000000000000000000000000001", + "027B680AC8B8596DA5A4AF8A19A0303FCA97FD7645309FA2A581485AF6263E313B79A2F5", + "05F939258DB7DD90E1934F8C70B0DFEC2EED25B8557EAC9C80E2E198F8CDBECD86B12053", + "03676854FE24141CB98FE6D4B20D02B4516FF702350EDDB0826779C813F0DF45BE8112F4", + 1, + "03FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEF90399660FC938A90165B042A7CEFADB307", + "2", + 283, + C2_B283 + ); + + /* Curve K-409 (FIPS PUB 186-2, App. 6) */ + CHAR2_CURVE_TEST + ( + "NIST curve K-409", + "02000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000001", + "0", + "1", + "0060F05F658F49C1AD3AB1890F7184210EFD0987E307C84C27ACCFB8F9F67CC2C460189EB5AAAA62EE222EB1B35540CFE9023746", + "01E369050B7C4E42ACBA1DACBF04299C3460782F918EA427E6325165E9EA10E3DA5F6C42E9C55215AA9CA27A5863EC48D8E0286B", + 1, + "007FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFE5F83B2D4EA20400EC4557D5ED3E3E7CA5B4B5C83B8E01E5FCF", + "4", + 409, + C2_K409 + ); + + /* Curve B-409 (FIPS PUB 186-2, App. 6) */ + CHAR2_CURVE_TEST + ( + "NIST curve B-409", + "02000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000001", + "00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001", + "0021A5C2C8EE9FEB5C4B9A753B7B476B7FD6422EF1F3DD674761FA99D6AC27C8A9A197B272822F6CD57A55AA4F50AE317B13545F", + "015D4860D088DDB3496B0C6064756260441CDE4AF1771D4DB01FFE5B34E59703DC255A868A1180515603AEAB60794E54BB7996A7", + "0061B1CFAB6BE5F32BBFA78324ED106A7636B9C5A7BD198D0158AA4F5488D08F38514F1FDF4B4F40D2181B3681C364BA0273C706", + 1, + "010000000000000000000000000000000000000000000000000001E2AAD6A612F33307BE5FA47C3C9E052F838164CD37D9A21173", + "2", + 409, + C2_B409 + ); + + /* Curve K-571 (FIPS PUB 186-2, App. 6) */ + CHAR2_CURVE_TEST + ( + "NIST curve K-571", + "80000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000425", + "0", + "1", + "026EB7A859923FBC82189631F8103FE4AC9CA2970012D5D46024804801841CA44370958493B205E647DA304DB4CEB08CBBD1BA39494776FB988B47174DCA88C7E2945283A01C8972", + "0349DC807F4FBF374F4AEADE3BCA95314DD58CEC9F307A54FFC61EFC006D8A2C9D4979C0AC44AEA74FBEBBB9F772AEDCB620B01A7BA7AF1B320430C8591984F601CD4C143EF1C7A3", + 0, + "020000000000000000000000000000000000000000000000000000000000000000000000131850E1F19A63E4B391A8DB917F4138B630D84BE5D639381E91DEB45CFE778F637C1001", + "4", + 571, + C2_K571 + ); + + /* Curve B-571 (FIPS PUB 186-2, App. 6) */ + CHAR2_CURVE_TEST + ( + "NIST curve B-571", + "80000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000425", + "000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001", + "02F40E7E2221F295DE297117B7F3D62F5C6A97FFCB8CEFF1CD6BA8CE4A9A18AD84FFABBD8EFA59332BE7AD6756A66E294AFD185A78FF12AA520E4DE739BACA0C7FFEFF7F2955727A", + "0303001D34B856296C16C0D40D3CD7750A93D1D2955FA80AA5F40FC8DB7B2ABDBDE53950F4C0D293CDD711A35B67FB1499AE60038614F1394ABFA3B4C850D927E1E7769C8EEC2D19", + "037BF27342DA639B6DCCFFFEB73D69D78C6C27A6009CBBCA1980F8533921E8A684423E43BAB08A576291AF8F461BB2A8B3531D2F0485C19B16E2F1516E23DD3C1A4827AF1B8AC15B", + 1, + "03FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFE661CE18FF55987308059B186823851EC7DD9CA1161DE93D5174D66E8382E9BB2FE84E47", + "2", + 571, + C2_B571 + ); + + /* more tests using the last curve */ + + if (!EC_POINT_copy(Q, P)) ABORT; + if (EC_POINT_is_at_infinity(group, Q)) ABORT; + if (!EC_POINT_dbl(group, P, P, ctx)) ABORT; + if (!EC_POINT_is_on_curve(group, P, ctx)) ABORT; + if (!EC_POINT_invert(group, Q, ctx)) ABORT; /* P = -2Q */ + + if (!EC_POINT_add(group, R, P, Q, ctx)) ABORT; + if (!EC_POINT_add(group, R, R, Q, ctx)) ABORT; + if (!EC_POINT_is_at_infinity(group, R)) ABORT; /* R = P + 2Q */ + + { + const EC_POINT *points[3]; + const BIGNUM *scalars[3]; + + if (EC_POINT_is_at_infinity(group, Q)) ABORT; + points[0] = Q; + points[1] = Q; + points[2] = Q; + + if (!BN_add(y, z, BN_value_one())) ABORT; + if (BN_is_odd(y)) ABORT; + if (!BN_rshift1(y, y)) ABORT; + scalars[0] = y; /* (group order + 1)/2, so y*Q + y*Q = Q */ + scalars[1] = y; + + fprintf(stdout, "combined multiplication ..."); + fflush(stdout); + + /* z is still the group order */ + if (!EC_POINTs_mul(group, P, NULL, 2, points, scalars, ctx)) ABORT; + if (!EC_POINTs_mul(group, R, z, 2, points, scalars, ctx)) ABORT; + if (0 != EC_POINT_cmp(group, P, R, ctx)) ABORT; + if (0 != EC_POINT_cmp(group, R, Q, ctx)) ABORT; + + fprintf(stdout, "."); + fflush(stdout); + + if (!BN_pseudo_rand(y, BN_num_bits(y), 0, 0)) ABORT; + if (!BN_add(z, z, y)) ABORT; + BN_set_negative(z, 1); + scalars[0] = y; + scalars[1] = z; /* z = -(order + y) */ + + if (!EC_POINTs_mul(group, P, NULL, 2, points, scalars, ctx)) ABORT; + if (!EC_POINT_is_at_infinity(group, P)) ABORT; + + fprintf(stdout, "."); + fflush(stdout); + + if (!BN_pseudo_rand(x, BN_num_bits(y) - 1, 0, 0)) ABORT; + if (!BN_add(z, x, y)) ABORT; + BN_set_negative(z, 1); + scalars[0] = x; + scalars[1] = y; + scalars[2] = z; /* z = -(x+y) */ + + if (!EC_POINTs_mul(group, P, NULL, 3, points, scalars, ctx)) ABORT; + if (!EC_POINT_is_at_infinity(group, P)) ABORT; + + fprintf(stdout, " ok\n\n"); + } + + +#if 0 + timings(C2_K163, TIMING_BASE_PT, ctx); + timings(C2_K163, TIMING_RAND_PT, ctx); + timings(C2_K163, TIMING_SIMUL, ctx); + timings(C2_B163, TIMING_BASE_PT, ctx); + timings(C2_B163, TIMING_RAND_PT, ctx); + timings(C2_B163, TIMING_SIMUL, ctx); + timings(C2_K233, TIMING_BASE_PT, ctx); + timings(C2_K233, TIMING_RAND_PT, ctx); + timings(C2_K233, TIMING_SIMUL, ctx); + timings(C2_B233, TIMING_BASE_PT, ctx); + timings(C2_B233, TIMING_RAND_PT, ctx); + timings(C2_B233, TIMING_SIMUL, ctx); + timings(C2_K283, TIMING_BASE_PT, ctx); + timings(C2_K283, TIMING_RAND_PT, ctx); + timings(C2_K283, TIMING_SIMUL, ctx); + timings(C2_B283, TIMING_BASE_PT, ctx); + timings(C2_B283, TIMING_RAND_PT, ctx); + timings(C2_B283, TIMING_SIMUL, ctx); + timings(C2_K409, TIMING_BASE_PT, ctx); + timings(C2_K409, TIMING_RAND_PT, ctx); + timings(C2_K409, TIMING_SIMUL, ctx); + timings(C2_B409, TIMING_BASE_PT, ctx); + timings(C2_B409, TIMING_RAND_PT, ctx); + timings(C2_B409, TIMING_SIMUL, ctx); + timings(C2_K571, TIMING_BASE_PT, ctx); + timings(C2_K571, TIMING_RAND_PT, ctx); + timings(C2_K571, TIMING_SIMUL, ctx); + timings(C2_B571, TIMING_BASE_PT, ctx); + timings(C2_B571, TIMING_RAND_PT, ctx); + timings(C2_B571, TIMING_SIMUL, ctx); +#endif + + + if (ctx) + BN_CTX_free(ctx); + BN_free(p); BN_free(a); BN_free(b); + EC_GROUP_free(group); + EC_POINT_free(P); + EC_POINT_free(Q); + EC_POINT_free(R); + BN_free(x); BN_free(y); BN_free(z); BN_free(cof); + + if (C2_K163) EC_GROUP_free(C2_K163); + if (C2_B163) EC_GROUP_free(C2_B163); + if (C2_K233) EC_GROUP_free(C2_K233); + if (C2_B233) EC_GROUP_free(C2_B233); + if (C2_K283) EC_GROUP_free(C2_K283); + if (C2_B283) EC_GROUP_free(C2_B283); + if (C2_K409) EC_GROUP_free(C2_K409); + if (C2_B409) EC_GROUP_free(C2_B409); + if (C2_K571) EC_GROUP_free(C2_K571); + if (C2_B571) EC_GROUP_free(C2_B571); + + } + +void internal_curve_test(void) + { + EC_builtin_curve *curves = NULL; + size_t crv_len = 0, n = 0; + int ok = 1; + + crv_len = EC_get_builtin_curves(NULL, 0); + + curves = OPENSSL_malloc(sizeof(EC_builtin_curve) * crv_len); + + if (curves == NULL) + return; + + if (!EC_get_builtin_curves(curves, crv_len)) + { + OPENSSL_free(curves); + return; + } + + fprintf(stdout, "testing internal curves: "); + + for (n = 0; n < crv_len; n++) + { + EC_GROUP *group = NULL; + int nid = curves[n].nid; + if ((group = EC_GROUP_new_by_curve_name(nid)) == NULL) + { + ok = 0; + fprintf(stdout, "\nEC_GROUP_new_curve_name() failed with" + " curve %s\n", OBJ_nid2sn(nid)); + /* try next curve */ + continue; + } + if (!EC_GROUP_check(group, NULL)) + { + ok = 0; + fprintf(stdout, "\nEC_GROUP_check() failed with" + " curve %s\n", OBJ_nid2sn(nid)); + EC_GROUP_free(group); + /* try the next curve */ + continue; + } + fprintf(stdout, "."); + fflush(stdout); + EC_GROUP_free(group); + } + if (ok) + fprintf(stdout, " ok\n"); + else + fprintf(stdout, " failed\n"); + OPENSSL_free(curves); + return; + } + +static const char rnd_seed[] = "string to make the random number generator think it has entropy"; + +int main(int argc, char *argv[]) + { + + /* enable memory leak checking unless explicitly disabled */ + if (!((getenv("OPENSSL_DEBUG_MEMORY") != NULL) && (0 == strcmp(getenv("OPENSSL_DEBUG_MEMORY"), "off")))) + { + CRYPTO_malloc_debug_init(); + CRYPTO_set_mem_debug_options(V_CRYPTO_MDEBUG_ALL); + } + else + { + /* OPENSSL_DEBUG_MEMORY=off */ + CRYPTO_set_mem_debug_functions(0, 0, 0, 0, 0); + } + CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON); + ERR_load_crypto_strings(); + + RAND_seed(rnd_seed, sizeof rnd_seed); /* or BN_generate_prime may fail */ + + prime_field_tests(); + puts(""); + char2_field_tests(); + /* test the internal curves */ + internal_curve_test(); + #ifndef OPENSSL_NO_ENGINE ENGINE_cleanup(); #endif diff --git a/src/lib/libcrypto/engine/Makefile b/src/lib/libcrypto/engine/Makefile index 38f83f1654..13f211a0ae 100644 --- a/src/lib/libcrypto/engine/Makefile +++ b/src/lib/libcrypto/engine/Makefile @@ -7,11 +7,6 @@ TOP= ../.. CC= cc INCLUDES= -I.. -I$(TOP) -I../../include CFLAG=-g -INSTALL_PREFIX= -OPENSSLDIR= /usr/local/ssl -INSTALLTOP=/usr/local/ssl -MAKEDEPPROG= makedepend -MAKEDEPEND= $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG) MAKEFILE= Makefile AR= ar r @@ -24,16 +19,14 @@ APPS= LIB=$(TOP)/libcrypto.a LIBSRC= eng_err.c eng_lib.c eng_list.c eng_init.c eng_ctrl.c \ eng_table.c eng_pkey.c eng_fat.c eng_all.c \ - tb_rsa.c tb_dsa.c tb_dh.c tb_rand.c tb_cipher.c tb_digest.c \ - eng_openssl.c eng_dyn.c eng_cnf.c \ - hw_atalla.c hw_cswift.c hw_ncipher.c hw_nuron.c hw_ubsec.c \ - hw_cryptodev.c hw_aep.c hw_sureware.c hw_4758_cca.c + tb_rsa.c tb_dsa.c tb_ecdsa.c tb_dh.c tb_ecdh.c tb_rand.c tb_store.c \ + tb_cipher.c tb_digest.c \ + eng_openssl.c eng_cnf.c eng_dyn.c eng_cryptodev.c eng_padlock.c LIBOBJ= eng_err.o eng_lib.o eng_list.o eng_init.o eng_ctrl.o \ eng_table.o eng_pkey.o eng_fat.o eng_all.o \ - tb_rsa.o tb_dsa.o tb_dh.o tb_rand.o tb_cipher.o tb_digest.o \ - eng_openssl.o eng_dyn.o eng_cnf.o \ - hw_atalla.o hw_cswift.o hw_ncipher.o hw_nuron.o hw_ubsec.o \ - hw_cryptodev.o hw_aep.o hw_sureware.o hw_4758_cca.o + tb_rsa.o tb_dsa.o tb_ecdsa.o tb_dh.o tb_ecdh.o tb_rand.o tb_store.o \ + tb_cipher.o tb_digest.o \ + eng_openssl.o eng_cnf.o eng_dyn.o eng_cryptodev.o eng_padlock.o SRC= $(LIBSRC) @@ -61,6 +54,7 @@ links: @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS) install: + @[ -n "$(INSTALLTOP)" ] # should be set by top Makefile... @headerlist="$(EXHEADER)"; for i in $$headerlist ; \ do \ (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \ @@ -70,16 +64,13 @@ install: tags: ctags $(SRC) -errors: - $(PERL) $(TOP)/util/mkerr.pl -conf hw.ec \ - -nostatic -staticloader -write hw_*.c - tests: lint: lint -DLINT $(INCLUDES) $(SRC)>fluff depend: + @[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile... $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC) dclean: @@ -91,446 +82,207 @@ clean: # DO NOT DELETE THIS LINE -- make depend depends on it. -eng_all.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -eng_all.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h -eng_all.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h +eng_all.o: ../../e_os.h ../../include/openssl/bio.h +eng_all.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h eng_all.o: ../../include/openssl/e_os2.h ../../include/openssl/engine.h eng_all.o: ../../include/openssl/err.h ../../include/openssl/lhash.h eng_all.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -eng_all.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h -eng_all.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h +eng_all.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h eng_all.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -eng_all.o: ../../include/openssl/ui.h eng_all.c eng_int.h -eng_cnf.o: ../../e_os.h ../../include/openssl/asn1.h -eng_cnf.o: ../../include/openssl/bio.h ../../include/openssl/bn.h +eng_all.o: ../cryptlib.h eng_all.c eng_int.h +eng_cnf.o: ../../e_os.h ../../include/openssl/bio.h eng_cnf.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h -eng_cnf.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h -eng_cnf.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h +eng_cnf.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h eng_cnf.o: ../../include/openssl/engine.h ../../include/openssl/err.h eng_cnf.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h eng_cnf.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -eng_cnf.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h eng_cnf.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h -eng_cnf.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -eng_cnf.o: ../cryptlib.h eng_cnf.c -eng_ctrl.o: ../../e_os.h ../../include/openssl/asn1.h -eng_ctrl.o: ../../include/openssl/bio.h ../../include/openssl/bn.h +eng_cnf.o: ../../include/openssl/symhacks.h ../cryptlib.h eng_cnf.c eng_int.h +eng_cryptodev.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h +eng_cryptodev.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h +eng_cryptodev.o: ../../include/openssl/e_os2.h ../../include/openssl/engine.h +eng_cryptodev.o: ../../include/openssl/evp.h ../../include/openssl/obj_mac.h +eng_cryptodev.o: ../../include/openssl/objects.h +eng_cryptodev.o: ../../include/openssl/opensslconf.h +eng_cryptodev.o: ../../include/openssl/opensslv.h +eng_cryptodev.o: ../../include/openssl/ossl_typ.h +eng_cryptodev.o: ../../include/openssl/safestack.h +eng_cryptodev.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +eng_cryptodev.o: eng_cryptodev.c +eng_ctrl.o: ../../e_os.h ../../include/openssl/bio.h eng_ctrl.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h -eng_ctrl.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h eng_ctrl.o: ../../include/openssl/e_os2.h ../../include/openssl/engine.h eng_ctrl.o: ../../include/openssl/err.h ../../include/openssl/lhash.h eng_ctrl.o: ../../include/openssl/opensslconf.h eng_ctrl.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -eng_ctrl.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h eng_ctrl.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h -eng_ctrl.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -eng_ctrl.o: ../cryptlib.h eng_ctrl.c eng_int.h -eng_dyn.o: ../../e_os.h ../../include/openssl/asn1.h -eng_dyn.o: ../../include/openssl/bio.h ../../include/openssl/bn.h +eng_ctrl.o: ../../include/openssl/symhacks.h ../cryptlib.h eng_ctrl.c eng_int.h +eng_dyn.o: ../../e_os.h ../../include/openssl/bio.h eng_dyn.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h -eng_dyn.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h eng_dyn.o: ../../include/openssl/dso.h ../../include/openssl/e_os2.h eng_dyn.o: ../../include/openssl/engine.h ../../include/openssl/err.h eng_dyn.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h eng_dyn.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -eng_dyn.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h eng_dyn.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h -eng_dyn.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -eng_dyn.o: ../cryptlib.h eng_dyn.c eng_int.h -eng_err.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -eng_err.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h -eng_err.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h +eng_dyn.o: ../../include/openssl/symhacks.h ../cryptlib.h eng_dyn.c eng_int.h +eng_err.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h eng_err.o: ../../include/openssl/e_os2.h ../../include/openssl/engine.h eng_err.o: ../../include/openssl/err.h ../../include/openssl/lhash.h eng_err.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -eng_err.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h -eng_err.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h +eng_err.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h eng_err.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -eng_err.o: ../../include/openssl/ui.h eng_err.c -eng_fat.o: ../../e_os.h ../../include/openssl/asn1.h -eng_fat.o: ../../include/openssl/bio.h ../../include/openssl/bn.h +eng_err.o: eng_err.c +eng_fat.o: ../../e_os.h ../../include/openssl/bio.h eng_fat.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h -eng_fat.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h -eng_fat.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h +eng_fat.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h eng_fat.o: ../../include/openssl/engine.h ../../include/openssl/err.h eng_fat.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h eng_fat.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -eng_fat.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h eng_fat.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h -eng_fat.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -eng_fat.o: ../cryptlib.h eng_fat.c eng_int.h -eng_init.o: ../../e_os.h ../../include/openssl/asn1.h -eng_init.o: ../../include/openssl/bio.h ../../include/openssl/bn.h +eng_fat.o: ../../include/openssl/symhacks.h ../cryptlib.h eng_fat.c eng_int.h +eng_init.o: ../../e_os.h ../../include/openssl/bio.h eng_init.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h -eng_init.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h eng_init.o: ../../include/openssl/e_os2.h ../../include/openssl/engine.h eng_init.o: ../../include/openssl/err.h ../../include/openssl/lhash.h eng_init.o: ../../include/openssl/opensslconf.h eng_init.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -eng_init.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h eng_init.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h -eng_init.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -eng_init.o: ../cryptlib.h eng_init.c eng_int.h -eng_lib.o: ../../e_os.h ../../include/openssl/asn1.h -eng_lib.o: ../../include/openssl/bio.h ../../include/openssl/bn.h +eng_init.o: ../../include/openssl/symhacks.h ../cryptlib.h eng_init.c eng_int.h +eng_lib.o: ../../e_os.h ../../include/openssl/bio.h eng_lib.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h -eng_lib.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h eng_lib.o: ../../include/openssl/e_os2.h ../../include/openssl/engine.h eng_lib.o: ../../include/openssl/err.h ../../include/openssl/lhash.h eng_lib.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h eng_lib.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h -eng_lib.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -eng_lib.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -eng_lib.o: ../../include/openssl/ui.h ../cryptlib.h eng_int.h eng_lib.c -eng_list.o: ../../e_os.h ../../include/openssl/asn1.h -eng_list.o: ../../include/openssl/bio.h ../../include/openssl/bn.h +eng_lib.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +eng_lib.o: ../../include/openssl/symhacks.h ../cryptlib.h eng_int.h eng_lib.c +eng_list.o: ../../e_os.h ../../include/openssl/bio.h eng_list.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h -eng_list.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h eng_list.o: ../../include/openssl/e_os2.h ../../include/openssl/engine.h eng_list.o: ../../include/openssl/err.h ../../include/openssl/lhash.h eng_list.o: ../../include/openssl/opensslconf.h eng_list.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -eng_list.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h eng_list.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h -eng_list.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -eng_list.o: ../cryptlib.h eng_int.h eng_list.c -eng_openssl.o: ../../e_os.h ../../include/openssl/aes.h -eng_openssl.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -eng_openssl.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -eng_openssl.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -eng_openssl.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -eng_openssl.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h +eng_list.o: ../../include/openssl/symhacks.h ../cryptlib.h eng_int.h eng_list.c +eng_openssl.o: ../../e_os.h ../../include/openssl/asn1.h +eng_openssl.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h +eng_openssl.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h eng_openssl.o: ../../include/openssl/dsa.h ../../include/openssl/dso.h -eng_openssl.o: ../../include/openssl/e_os2.h ../../include/openssl/engine.h -eng_openssl.o: ../../include/openssl/err.h ../../include/openssl/evp.h -eng_openssl.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -eng_openssl.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -eng_openssl.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h +eng_openssl.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h +eng_openssl.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h +eng_openssl.o: ../../include/openssl/engine.h ../../include/openssl/err.h +eng_openssl.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h eng_openssl.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h eng_openssl.o: ../../include/openssl/opensslconf.h eng_openssl.o: ../../include/openssl/opensslv.h eng_openssl.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pem.h eng_openssl.o: ../../include/openssl/pem2.h ../../include/openssl/pkcs7.h -eng_openssl.o: ../../include/openssl/rand.h ../../include/openssl/rc2.h -eng_openssl.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -eng_openssl.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -eng_openssl.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -eng_openssl.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -eng_openssl.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -eng_openssl.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -eng_openssl.o: ../cryptlib.h eng_openssl.c -eng_pkey.o: ../../e_os.h ../../include/openssl/asn1.h -eng_pkey.o: ../../include/openssl/bio.h ../../include/openssl/bn.h +eng_openssl.o: ../../include/openssl/rand.h ../../include/openssl/rc4.h +eng_openssl.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h +eng_openssl.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +eng_openssl.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h +eng_openssl.o: ../../include/openssl/x509_vfy.h ../cryptlib.h eng_openssl.c +eng_padlock.o: ../../include/openssl/aes.h ../../include/openssl/asn1.h +eng_padlock.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h +eng_padlock.o: ../../include/openssl/dso.h ../../include/openssl/e_os2.h +eng_padlock.o: ../../include/openssl/engine.h ../../include/openssl/err.h +eng_padlock.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h +eng_padlock.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h +eng_padlock.o: ../../include/openssl/opensslconf.h +eng_padlock.o: ../../include/openssl/opensslv.h +eng_padlock.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h +eng_padlock.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +eng_padlock.o: ../../include/openssl/symhacks.h eng_padlock.c +eng_pkey.o: ../../e_os.h ../../include/openssl/bio.h eng_pkey.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h -eng_pkey.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h eng_pkey.o: ../../include/openssl/e_os2.h ../../include/openssl/engine.h eng_pkey.o: ../../include/openssl/err.h ../../include/openssl/lhash.h eng_pkey.o: ../../include/openssl/opensslconf.h eng_pkey.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -eng_pkey.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h eng_pkey.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h -eng_pkey.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -eng_pkey.o: ../cryptlib.h eng_int.h eng_pkey.c -eng_table.o: ../../include/openssl/aes.h ../../include/openssl/asn1.h -eng_table.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -eng_table.o: ../../include/openssl/bn.h ../../include/openssl/cast.h -eng_table.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -eng_table.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -eng_table.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h +eng_pkey.o: ../../include/openssl/symhacks.h ../cryptlib.h eng_int.h eng_pkey.c +eng_table.o: ../../e_os.h ../../include/openssl/asn1.h +eng_table.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h +eng_table.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h eng_table.o: ../../include/openssl/engine.h ../../include/openssl/err.h -eng_table.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -eng_table.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -eng_table.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -eng_table.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h -eng_table.o: ../../include/openssl/objects.h +eng_table.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h +eng_table.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h eng_table.o: ../../include/openssl/opensslconf.h eng_table.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -eng_table.o: ../../include/openssl/rand.h ../../include/openssl/rc2.h -eng_table.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -eng_table.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -eng_table.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -eng_table.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -eng_table.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -eng_table.o: eng_int.h eng_table.c -hw_4758_cca.o: ../../e_os.h ../../include/openssl/aes.h -hw_4758_cca.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -hw_4758_cca.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -hw_4758_cca.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -hw_4758_cca.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -hw_4758_cca.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -hw_4758_cca.o: ../../include/openssl/dsa.h ../../include/openssl/dso.h -hw_4758_cca.o: ../../include/openssl/e_os2.h ../../include/openssl/engine.h -hw_4758_cca.o: ../../include/openssl/err.h ../../include/openssl/evp.h -hw_4758_cca.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -hw_4758_cca.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -hw_4758_cca.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h -hw_4758_cca.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -hw_4758_cca.o: ../../include/openssl/opensslconf.h -hw_4758_cca.o: ../../include/openssl/opensslv.h -hw_4758_cca.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h -hw_4758_cca.o: ../../include/openssl/rand.h ../../include/openssl/rc2.h -hw_4758_cca.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -hw_4758_cca.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -hw_4758_cca.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -hw_4758_cca.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -hw_4758_cca.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -hw_4758_cca.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -hw_4758_cca.o: ../cryptlib.h hw_4758_cca.c hw_4758_cca_err.c hw_4758_cca_err.h -hw_4758_cca.o: vendor_defns/hw_4758_cca.h -hw_aep.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -hw_aep.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -hw_aep.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h -hw_aep.o: ../../include/openssl/dsa.h ../../include/openssl/dso.h -hw_aep.o: ../../include/openssl/e_os2.h ../../include/openssl/engine.h -hw_aep.o: ../../include/openssl/err.h ../../include/openssl/lhash.h -hw_aep.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -hw_aep.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h -hw_aep.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -hw_aep.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -hw_aep.o: ../../include/openssl/ui.h hw_aep.c hw_aep_err.c hw_aep_err.h -hw_aep.o: vendor_defns/aep.h -hw_atalla.o: ../../e_os.h ../../include/openssl/asn1.h -hw_atalla.o: ../../include/openssl/bio.h ../../include/openssl/bn.h -hw_atalla.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h -hw_atalla.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -hw_atalla.o: ../../include/openssl/dso.h ../../include/openssl/e_os2.h -hw_atalla.o: ../../include/openssl/engine.h ../../include/openssl/err.h -hw_atalla.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h -hw_atalla.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -hw_atalla.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h -hw_atalla.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h -hw_atalla.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -hw_atalla.o: ../cryptlib.h hw_atalla.c hw_atalla_err.c hw_atalla_err.h -hw_atalla.o: vendor_defns/atalla.h -hw_cryptodev.o: ../../include/openssl/aes.h ../../include/openssl/asn1.h -hw_cryptodev.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -hw_cryptodev.o: ../../include/openssl/bn.h ../../include/openssl/cast.h -hw_cryptodev.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -hw_cryptodev.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -hw_cryptodev.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -hw_cryptodev.o: ../../include/openssl/engine.h ../../include/openssl/err.h -hw_cryptodev.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -hw_cryptodev.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -hw_cryptodev.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -hw_cryptodev.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h -hw_cryptodev.o: ../../include/openssl/objects.h -hw_cryptodev.o: ../../include/openssl/opensslconf.h -hw_cryptodev.o: ../../include/openssl/opensslv.h -hw_cryptodev.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h -hw_cryptodev.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -hw_cryptodev.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h -hw_cryptodev.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -hw_cryptodev.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -hw_cryptodev.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -hw_cryptodev.o: ../../include/openssl/ui_compat.h hw_cryptodev.c -hw_cswift.o: ../../e_os.h ../../include/openssl/asn1.h -hw_cswift.o: ../../include/openssl/bio.h ../../include/openssl/bn.h -hw_cswift.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h -hw_cswift.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -hw_cswift.o: ../../include/openssl/dso.h ../../include/openssl/e_os2.h -hw_cswift.o: ../../include/openssl/engine.h ../../include/openssl/err.h -hw_cswift.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h -hw_cswift.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -hw_cswift.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h -hw_cswift.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h -hw_cswift.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -hw_cswift.o: ../cryptlib.h hw_cswift.c hw_cswift_err.c hw_cswift_err.h -hw_cswift.o: vendor_defns/cswift.h -hw_ncipher.o: ../../e_os.h ../../include/openssl/aes.h -hw_ncipher.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -hw_ncipher.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -hw_ncipher.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -hw_ncipher.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -hw_ncipher.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -hw_ncipher.o: ../../include/openssl/dsa.h ../../include/openssl/dso.h -hw_ncipher.o: ../../include/openssl/e_os2.h ../../include/openssl/engine.h -hw_ncipher.o: ../../include/openssl/err.h ../../include/openssl/evp.h -hw_ncipher.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -hw_ncipher.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -hw_ncipher.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h -hw_ncipher.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -hw_ncipher.o: ../../include/openssl/opensslconf.h -hw_ncipher.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -hw_ncipher.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h -hw_ncipher.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h -hw_ncipher.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -hw_ncipher.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h -hw_ncipher.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -hw_ncipher.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -hw_ncipher.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -hw_ncipher.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h -hw_ncipher.o: ../../include/openssl/x509_vfy.h ../cryptlib.h hw_ncipher.c -hw_ncipher.o: hw_ncipher_err.c hw_ncipher_err.h vendor_defns/hwcryptohook.h -hw_nuron.o: ../../e_os.h ../../include/openssl/asn1.h -hw_nuron.o: ../../include/openssl/bio.h ../../include/openssl/bn.h -hw_nuron.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h -hw_nuron.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -hw_nuron.o: ../../include/openssl/dso.h ../../include/openssl/e_os2.h -hw_nuron.o: ../../include/openssl/engine.h ../../include/openssl/err.h -hw_nuron.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h -hw_nuron.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -hw_nuron.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h -hw_nuron.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h -hw_nuron.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -hw_nuron.o: ../cryptlib.h hw_nuron.c hw_nuron_err.c hw_nuron_err.h -hw_sureware.o: ../../e_os.h ../../include/openssl/aes.h -hw_sureware.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -hw_sureware.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -hw_sureware.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -hw_sureware.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -hw_sureware.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -hw_sureware.o: ../../include/openssl/dsa.h ../../include/openssl/dso.h -hw_sureware.o: ../../include/openssl/e_os2.h ../../include/openssl/engine.h -hw_sureware.o: ../../include/openssl/err.h ../../include/openssl/evp.h -hw_sureware.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -hw_sureware.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -hw_sureware.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h -hw_sureware.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -hw_sureware.o: ../../include/openssl/opensslconf.h -hw_sureware.o: ../../include/openssl/opensslv.h -hw_sureware.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pem.h -hw_sureware.o: ../../include/openssl/pem2.h ../../include/openssl/pkcs7.h -hw_sureware.o: ../../include/openssl/rand.h ../../include/openssl/rc2.h -hw_sureware.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -hw_sureware.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -hw_sureware.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -hw_sureware.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -hw_sureware.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -hw_sureware.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -hw_sureware.o: ../cryptlib.h eng_int.h engine.h hw_sureware.c hw_sureware_err.c -hw_sureware.o: hw_sureware_err.h vendor_defns/sureware.h -hw_ubsec.o: ../../e_os.h ../../include/openssl/asn1.h -hw_ubsec.o: ../../include/openssl/bio.h ../../include/openssl/bn.h -hw_ubsec.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h -hw_ubsec.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -hw_ubsec.o: ../../include/openssl/dso.h ../../include/openssl/e_os2.h -hw_ubsec.o: ../../include/openssl/engine.h ../../include/openssl/err.h -hw_ubsec.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h -hw_ubsec.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -hw_ubsec.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h -hw_ubsec.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h -hw_ubsec.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -hw_ubsec.o: ../cryptlib.h hw_ubsec.c hw_ubsec_err.c hw_ubsec_err.h -hw_ubsec.o: vendor_defns/hw_ubsec.h -tb_cipher.o: ../../include/openssl/aes.h ../../include/openssl/asn1.h -tb_cipher.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -tb_cipher.o: ../../include/openssl/bn.h ../../include/openssl/cast.h -tb_cipher.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -tb_cipher.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -tb_cipher.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -tb_cipher.o: ../../include/openssl/engine.h ../../include/openssl/err.h -tb_cipher.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -tb_cipher.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -tb_cipher.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -tb_cipher.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h -tb_cipher.o: ../../include/openssl/objects.h +eng_table.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +eng_table.o: ../../include/openssl/symhacks.h ../cryptlib.h eng_int.h +eng_table.o: eng_table.c +tb_cipher.o: ../../e_os.h ../../include/openssl/bio.h +tb_cipher.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h +tb_cipher.o: ../../include/openssl/e_os2.h ../../include/openssl/engine.h +tb_cipher.o: ../../include/openssl/err.h ../../include/openssl/lhash.h tb_cipher.o: ../../include/openssl/opensslconf.h tb_cipher.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -tb_cipher.o: ../../include/openssl/rand.h ../../include/openssl/rc2.h -tb_cipher.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -tb_cipher.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -tb_cipher.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -tb_cipher.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -tb_cipher.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -tb_cipher.o: eng_int.h tb_cipher.c -tb_dh.o: ../../include/openssl/aes.h ../../include/openssl/asn1.h -tb_dh.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -tb_dh.o: ../../include/openssl/bn.h ../../include/openssl/cast.h -tb_dh.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -tb_dh.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -tb_dh.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -tb_dh.o: ../../include/openssl/engine.h ../../include/openssl/err.h -tb_dh.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -tb_dh.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -tb_dh.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -tb_dh.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h -tb_dh.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -tb_dh.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -tb_dh.o: ../../include/openssl/rand.h ../../include/openssl/rc2.h -tb_dh.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -tb_dh.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -tb_dh.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +tb_cipher.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +tb_cipher.o: ../../include/openssl/symhacks.h ../cryptlib.h eng_int.h +tb_cipher.o: tb_cipher.c +tb_dh.o: ../../e_os.h ../../include/openssl/bio.h +tb_dh.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h +tb_dh.o: ../../include/openssl/e_os2.h ../../include/openssl/engine.h +tb_dh.o: ../../include/openssl/err.h ../../include/openssl/lhash.h +tb_dh.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h +tb_dh.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h tb_dh.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -tb_dh.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h eng_int.h -tb_dh.o: tb_dh.c -tb_digest.o: ../../include/openssl/aes.h ../../include/openssl/asn1.h -tb_digest.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -tb_digest.o: ../../include/openssl/bn.h ../../include/openssl/cast.h -tb_digest.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -tb_digest.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -tb_digest.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -tb_digest.o: ../../include/openssl/engine.h ../../include/openssl/err.h -tb_digest.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -tb_digest.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -tb_digest.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -tb_digest.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h -tb_digest.o: ../../include/openssl/objects.h +tb_dh.o: ../cryptlib.h eng_int.h tb_dh.c +tb_digest.o: ../../e_os.h ../../include/openssl/bio.h +tb_digest.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h +tb_digest.o: ../../include/openssl/e_os2.h ../../include/openssl/engine.h +tb_digest.o: ../../include/openssl/err.h ../../include/openssl/lhash.h tb_digest.o: ../../include/openssl/opensslconf.h tb_digest.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -tb_digest.o: ../../include/openssl/rand.h ../../include/openssl/rc2.h -tb_digest.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -tb_digest.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -tb_digest.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -tb_digest.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -tb_digest.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -tb_digest.o: eng_int.h tb_digest.c -tb_dsa.o: ../../include/openssl/aes.h ../../include/openssl/asn1.h -tb_dsa.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -tb_dsa.o: ../../include/openssl/bn.h ../../include/openssl/cast.h -tb_dsa.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -tb_dsa.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -tb_dsa.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -tb_dsa.o: ../../include/openssl/engine.h ../../include/openssl/err.h -tb_dsa.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -tb_dsa.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -tb_dsa.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -tb_dsa.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h -tb_dsa.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -tb_dsa.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -tb_dsa.o: ../../include/openssl/rand.h ../../include/openssl/rc2.h -tb_dsa.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -tb_dsa.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -tb_dsa.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +tb_digest.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +tb_digest.o: ../../include/openssl/symhacks.h ../cryptlib.h eng_int.h +tb_digest.o: tb_digest.c +tb_dsa.o: ../../e_os.h ../../include/openssl/bio.h +tb_dsa.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h +tb_dsa.o: ../../include/openssl/e_os2.h ../../include/openssl/engine.h +tb_dsa.o: ../../include/openssl/err.h ../../include/openssl/lhash.h +tb_dsa.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h +tb_dsa.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h tb_dsa.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -tb_dsa.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -tb_dsa.o: eng_int.h tb_dsa.c -tb_rand.o: ../../include/openssl/aes.h ../../include/openssl/asn1.h -tb_rand.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -tb_rand.o: ../../include/openssl/bn.h ../../include/openssl/cast.h -tb_rand.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -tb_rand.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -tb_rand.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -tb_rand.o: ../../include/openssl/engine.h ../../include/openssl/err.h -tb_rand.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -tb_rand.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -tb_rand.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -tb_rand.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h -tb_rand.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -tb_rand.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -tb_rand.o: ../../include/openssl/rand.h ../../include/openssl/rc2.h -tb_rand.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -tb_rand.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -tb_rand.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +tb_dsa.o: ../cryptlib.h eng_int.h tb_dsa.c +tb_ecdh.o: ../../e_os.h ../../include/openssl/bio.h +tb_ecdh.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h +tb_ecdh.o: ../../include/openssl/e_os2.h ../../include/openssl/engine.h +tb_ecdh.o: ../../include/openssl/err.h ../../include/openssl/lhash.h +tb_ecdh.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h +tb_ecdh.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h +tb_ecdh.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +tb_ecdh.o: ../cryptlib.h eng_int.h tb_ecdh.c +tb_ecdsa.o: ../../e_os.h ../../include/openssl/bio.h +tb_ecdsa.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h +tb_ecdsa.o: ../../include/openssl/e_os2.h ../../include/openssl/engine.h +tb_ecdsa.o: ../../include/openssl/err.h ../../include/openssl/lhash.h +tb_ecdsa.o: ../../include/openssl/opensslconf.h +tb_ecdsa.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +tb_ecdsa.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +tb_ecdsa.o: ../../include/openssl/symhacks.h ../cryptlib.h eng_int.h tb_ecdsa.c +tb_rand.o: ../../e_os.h ../../include/openssl/bio.h +tb_rand.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h +tb_rand.o: ../../include/openssl/e_os2.h ../../include/openssl/engine.h +tb_rand.o: ../../include/openssl/err.h ../../include/openssl/lhash.h +tb_rand.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h +tb_rand.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h tb_rand.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -tb_rand.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -tb_rand.o: eng_int.h tb_rand.c -tb_rsa.o: ../../include/openssl/aes.h ../../include/openssl/asn1.h -tb_rsa.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -tb_rsa.o: ../../include/openssl/bn.h ../../include/openssl/cast.h -tb_rsa.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -tb_rsa.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -tb_rsa.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -tb_rsa.o: ../../include/openssl/engine.h ../../include/openssl/err.h -tb_rsa.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -tb_rsa.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -tb_rsa.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -tb_rsa.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h -tb_rsa.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -tb_rsa.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -tb_rsa.o: ../../include/openssl/rand.h ../../include/openssl/rc2.h -tb_rsa.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -tb_rsa.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -tb_rsa.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +tb_rand.o: ../cryptlib.h eng_int.h tb_rand.c +tb_rsa.o: ../../e_os.h ../../include/openssl/bio.h +tb_rsa.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h +tb_rsa.o: ../../include/openssl/e_os2.h ../../include/openssl/engine.h +tb_rsa.o: ../../include/openssl/err.h ../../include/openssl/lhash.h +tb_rsa.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h +tb_rsa.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h tb_rsa.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -tb_rsa.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -tb_rsa.o: eng_int.h tb_rsa.c +tb_rsa.o: ../cryptlib.h eng_int.h tb_rsa.c +tb_store.o: ../../e_os.h ../../include/openssl/bio.h +tb_store.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h +tb_store.o: ../../include/openssl/e_os2.h ../../include/openssl/engine.h +tb_store.o: ../../include/openssl/err.h ../../include/openssl/lhash.h +tb_store.o: ../../include/openssl/opensslconf.h +tb_store.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +tb_store.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +tb_store.o: ../../include/openssl/symhacks.h ../cryptlib.h eng_int.h tb_store.c diff --git a/src/lib/libcrypto/engine/eng_cryptodev.c b/src/lib/libcrypto/engine/eng_cryptodev.c new file mode 100644 index 0000000000..ab38cd52f0 --- /dev/null +++ b/src/lib/libcrypto/engine/eng_cryptodev.c @@ -0,0 +1,1133 @@ +/* + * Copyright (c) 2002 Bob Beck + * Copyright (c) 2002 Theo de Raadt + * Copyright (c) 2002 Markus Friedl + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND ANY + * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED + * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE + * DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE FOR ANY + * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES + * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND + * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT + * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF + * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + * + */ + +#include +#include +#include +#include + +#if (defined(__unix__) || defined(unix)) && !defined(USG) && \ + (defined(OpenBSD) || defined(__FreeBSD_version)) +#include +# if (OpenBSD >= 200112) || ((__FreeBSD_version >= 470101 && __FreeBSD_version < 500000) || __FreeBSD_version >= 500041) +# define HAVE_CRYPTODEV +# endif +# if (OpenBSD >= 200110) +# define HAVE_SYSLOG_R +# endif +#endif + +#ifndef HAVE_CRYPTODEV + +void +ENGINE_load_cryptodev(void) +{ + /* This is a NOP on platforms without /dev/crypto */ + return; +} + +#else + +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include + +struct dev_crypto_state { + struct session_op d_sess; + int d_fd; +}; + +static u_int32_t cryptodev_asymfeat = 0; + +static int get_asym_dev_crypto(void); +static int open_dev_crypto(void); +static int get_dev_crypto(void); +static int cryptodev_max_iv(int cipher); +static int cryptodev_key_length_valid(int cipher, int len); +static int cipher_nid_to_cryptodev(int nid); +static int get_cryptodev_ciphers(const int **cnids); +static int get_cryptodev_digests(const int **cnids); +static int cryptodev_usable_ciphers(const int **nids); +static int cryptodev_usable_digests(const int **nids); +static int cryptodev_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, + const unsigned char *in, unsigned int inl); +static int cryptodev_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, + const unsigned char *iv, int enc); +static int cryptodev_cleanup(EVP_CIPHER_CTX *ctx); +static int cryptodev_engine_ciphers(ENGINE *e, const EVP_CIPHER **cipher, + const int **nids, int nid); +static int cryptodev_engine_digests(ENGINE *e, const EVP_MD **digest, + const int **nids, int nid); +static int bn2crparam(const BIGNUM *a, struct crparam *crp); +static int crparam2bn(struct crparam *crp, BIGNUM *a); +static void zapparams(struct crypt_kop *kop); +static int cryptodev_asym(struct crypt_kop *kop, int rlen, BIGNUM *r, + int slen, BIGNUM *s); + +static int cryptodev_bn_mod_exp(BIGNUM *r, const BIGNUM *a, + const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx); +static int cryptodev_rsa_nocrt_mod_exp(BIGNUM *r0, const BIGNUM *I, + RSA *rsa); +static int cryptodev_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa, BN_CTX *ctx); +static int cryptodev_dsa_bn_mod_exp(DSA *dsa, BIGNUM *r, BIGNUM *a, + const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx); +static int cryptodev_dsa_dsa_mod_exp(DSA *dsa, BIGNUM *t1, BIGNUM *g, + BIGNUM *u1, BIGNUM *pub_key, BIGNUM *u2, BIGNUM *p, + BN_CTX *ctx, BN_MONT_CTX *mont); +static DSA_SIG *cryptodev_dsa_do_sign(const unsigned char *dgst, + int dlen, DSA *dsa); +static int cryptodev_dsa_verify(const unsigned char *dgst, int dgst_len, + DSA_SIG *sig, DSA *dsa); +static int cryptodev_mod_exp_dh(const DH *dh, BIGNUM *r, const BIGNUM *a, + const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx, + BN_MONT_CTX *m_ctx); +static int cryptodev_dh_compute_key(unsigned char *key, + const BIGNUM *pub_key, DH *dh); +static int cryptodev_ctrl(ENGINE *e, int cmd, long i, void *p, + void (*f)()); +void ENGINE_load_cryptodev(void); + +static const ENGINE_CMD_DEFN cryptodev_defns[] = { + { 0, NULL, NULL, 0 } +}; + +static struct { + int id; + int nid; + int ivmax; + int keylen; +} ciphers[] = { + { CRYPTO_DES_CBC, NID_des_cbc, 8, 8, }, + { CRYPTO_3DES_CBC, NID_des_ede3_cbc, 8, 24, }, + { CRYPTO_AES_CBC, NID_aes_128_cbc, 16, 16, }, + { CRYPTO_BLF_CBC, NID_bf_cbc, 8, 16, }, + { CRYPTO_CAST_CBC, NID_cast5_cbc, 8, 16, }, + { CRYPTO_SKIPJACK_CBC, NID_undef, 0, 0, }, + { 0, NID_undef, 0, 0, }, +}; + +static struct { + int id; + int nid; +} digests[] = { + { CRYPTO_SHA1_HMAC, NID_hmacWithSHA1, }, + { CRYPTO_RIPEMD160_HMAC, NID_ripemd160, }, + { CRYPTO_MD5_KPDK, NID_undef, }, + { CRYPTO_SHA1_KPDK, NID_undef, }, + { CRYPTO_MD5, NID_md5, }, + { CRYPTO_SHA1, NID_undef, }, + { 0, NID_undef, }, +}; + +/* + * Return a fd if /dev/crypto seems usable, 0 otherwise. + */ +static int +open_dev_crypto(void) +{ + static int fd = -1; + + if (fd == -1) { + if ((fd = open("/dev/crypto", O_RDWR, 0)) == -1) + return (-1); + /* close on exec */ + if (fcntl(fd, F_SETFD, 1) == -1) { + close(fd); + fd = -1; + return (-1); + } + } + return (fd); +} + +static int +get_dev_crypto(void) +{ + int fd, retfd; + + if ((fd = open_dev_crypto()) == -1) + return (-1); + if (ioctl(fd, CRIOGET, &retfd) == -1) + return (-1); + + /* close on exec */ + if (fcntl(retfd, F_SETFD, 1) == -1) { + close(retfd); + return (-1); + } + return (retfd); +} + +/* Caching version for asym operations */ +static int +get_asym_dev_crypto(void) +{ + static int fd = -1; + + if (fd == -1) + fd = get_dev_crypto(); + return fd; +} + +/* + * XXXX this needs to be set for each alg - and determined from + * a running card. + */ +static int +cryptodev_max_iv(int cipher) +{ + int i; + + for (i = 0; ciphers[i].id; i++) + if (ciphers[i].id == cipher) + return (ciphers[i].ivmax); + return (0); +} + +/* + * XXXX this needs to be set for each alg - and determined from + * a running card. For now, fake it out - but most of these + * for real devices should return 1 for the supported key + * sizes the device can handle. + */ +static int +cryptodev_key_length_valid(int cipher, int len) +{ + int i; + + for (i = 0; ciphers[i].id; i++) + if (ciphers[i].id == cipher) + return (ciphers[i].keylen == len); + return (0); +} + +/* convert libcrypto nids to cryptodev */ +static int +cipher_nid_to_cryptodev(int nid) +{ + int i; + + for (i = 0; ciphers[i].id; i++) + if (ciphers[i].nid == nid) + return (ciphers[i].id); + return (0); +} + +/* + * Find out what ciphers /dev/crypto will let us have a session for. + * XXX note, that some of these openssl doesn't deal with yet! + * returning them here is harmless, as long as we return NULL + * when asked for a handler in the cryptodev_engine_ciphers routine + */ +static int +get_cryptodev_ciphers(const int **cnids) +{ + static int nids[CRYPTO_ALGORITHM_MAX]; + struct session_op sess; + int fd, i, count = 0; + + if ((fd = get_dev_crypto()) < 0) { + *cnids = NULL; + return (0); + } + memset(&sess, 0, sizeof(sess)); + sess.key = (caddr_t)"123456781234567812345678"; + + for (i = 0; ciphers[i].id && count < CRYPTO_ALGORITHM_MAX; i++) { + if (ciphers[i].nid == NID_undef) + continue; + sess.cipher = ciphers[i].id; + sess.keylen = ciphers[i].keylen; + sess.mac = 0; + if (ioctl(fd, CIOCGSESSION, &sess) != -1 && + ioctl(fd, CIOCFSESSION, &sess.ses) != -1) + nids[count++] = ciphers[i].nid; + } + close(fd); + + if (count > 0) + *cnids = nids; + else + *cnids = NULL; + return (count); +} + +/* + * Find out what digests /dev/crypto will let us have a session for. + * XXX note, that some of these openssl doesn't deal with yet! + * returning them here is harmless, as long as we return NULL + * when asked for a handler in the cryptodev_engine_digests routine + */ +static int +get_cryptodev_digests(const int **cnids) +{ + static int nids[CRYPTO_ALGORITHM_MAX]; + struct session_op sess; + int fd, i, count = 0; + + if ((fd = get_dev_crypto()) < 0) { + *cnids = NULL; + return (0); + } + memset(&sess, 0, sizeof(sess)); + for (i = 0; digests[i].id && count < CRYPTO_ALGORITHM_MAX; i++) { + if (digests[i].nid == NID_undef) + continue; + sess.mac = digests[i].id; + sess.cipher = 0; + if (ioctl(fd, CIOCGSESSION, &sess) != -1 && + ioctl(fd, CIOCFSESSION, &sess.ses) != -1) + nids[count++] = digests[i].nid; + } + close(fd); + + if (count > 0) + *cnids = nids; + else + *cnids = NULL; + return (count); +} + +/* + * Find the useable ciphers|digests from dev/crypto - this is the first + * thing called by the engine init crud which determines what it + * can use for ciphers from this engine. We want to return + * only what we can do, anythine else is handled by software. + * + * If we can't initialize the device to do anything useful for + * any reason, we want to return a NULL array, and 0 length, + * which forces everything to be done is software. By putting + * the initalization of the device in here, we ensure we can + * use this engine as the default, and if for whatever reason + * /dev/crypto won't do what we want it will just be done in + * software + * + * This can (should) be greatly expanded to perhaps take into + * account speed of the device, and what we want to do. + * (although the disabling of particular alg's could be controlled + * by the device driver with sysctl's.) - this is where we + * want most of the decisions made about what we actually want + * to use from /dev/crypto. + */ +static int +cryptodev_usable_ciphers(const int **nids) +{ + return (get_cryptodev_ciphers(nids)); +} + +static int +cryptodev_usable_digests(const int **nids) +{ + /* + * XXXX just disable all digests for now, because it sucks. + * we need a better way to decide this - i.e. I may not + * want digests on slow cards like hifn on fast machines, + * but might want them on slow or loaded machines, etc. + * will also want them when using crypto cards that don't + * suck moose gonads - would be nice to be able to decide something + * as reasonable default without having hackery that's card dependent. + * of course, the default should probably be just do everything, + * with perhaps a sysctl to turn algoritms off (or have them off + * by default) on cards that generally suck like the hifn. + */ + *nids = NULL; + return (0); +} + +static int +cryptodev_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, + const unsigned char *in, unsigned int inl) +{ + struct crypt_op cryp; + struct dev_crypto_state *state = ctx->cipher_data; + struct session_op *sess = &state->d_sess; + void *iiv; + unsigned char save_iv[EVP_MAX_IV_LENGTH]; + + if (state->d_fd < 0) + return (0); + if (!inl) + return (1); + if ((inl % ctx->cipher->block_size) != 0) + return (0); + + memset(&cryp, 0, sizeof(cryp)); + + cryp.ses = sess->ses; + cryp.flags = 0; + cryp.len = inl; + cryp.src = (caddr_t) in; + cryp.dst = (caddr_t) out; + cryp.mac = 0; + + cryp.op = ctx->encrypt ? COP_ENCRYPT : COP_DECRYPT; + + if (ctx->cipher->iv_len) { + cryp.iv = (caddr_t) ctx->iv; + if (!ctx->encrypt) { + iiv = (void *) in + inl - ctx->cipher->iv_len; + memcpy(save_iv, iiv, ctx->cipher->iv_len); + } + } else + cryp.iv = NULL; + + if (ioctl(state->d_fd, CIOCCRYPT, &cryp) == -1) { + /* XXX need better errror handling + * this can fail for a number of different reasons. + */ + return (0); + } + + if (ctx->cipher->iv_len) { + if (ctx->encrypt) + iiv = (void *) out + inl - ctx->cipher->iv_len; + else + iiv = save_iv; + memcpy(ctx->iv, iiv, ctx->cipher->iv_len); + } + return (1); +} + +static int +cryptodev_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, + const unsigned char *iv, int enc) +{ + struct dev_crypto_state *state = ctx->cipher_data; + struct session_op *sess = &state->d_sess; + int cipher; + + if ((cipher = cipher_nid_to_cryptodev(ctx->cipher->nid)) == NID_undef) + return (0); + + if (ctx->cipher->iv_len > cryptodev_max_iv(cipher)) + return (0); + + if (!cryptodev_key_length_valid(cipher, ctx->key_len)) + return (0); + + memset(sess, 0, sizeof(struct session_op)); + + if ((state->d_fd = get_dev_crypto()) < 0) + return (0); + + sess->key = (unsigned char *)key; + sess->keylen = ctx->key_len; + sess->cipher = cipher; + + if (ioctl(state->d_fd, CIOCGSESSION, sess) == -1) { + close(state->d_fd); + state->d_fd = -1; + return (0); + } + return (1); +} + +/* + * free anything we allocated earlier when initting a + * session, and close the session. + */ +static int +cryptodev_cleanup(EVP_CIPHER_CTX *ctx) +{ + int ret = 0; + struct dev_crypto_state *state = ctx->cipher_data; + struct session_op *sess = &state->d_sess; + + if (state->d_fd < 0) + return (0); + + /* XXX if this ioctl fails, someting's wrong. the invoker + * may have called us with a bogus ctx, or we could + * have a device that for whatever reason just doesn't + * want to play ball - it's not clear what's right + * here - should this be an error? should it just + * increase a counter, hmm. For right now, we return + * 0 - I don't believe that to be "right". we could + * call the gorpy openssl lib error handlers that + * print messages to users of the library. hmm.. + */ + + if (ioctl(state->d_fd, CIOCFSESSION, &sess->ses) == -1) { + ret = 0; + } else { + ret = 1; + } + close(state->d_fd); + state->d_fd = -1; + + return (ret); +} + +/* + * libcrypto EVP stuff - this is how we get wired to EVP so the engine + * gets called when libcrypto requests a cipher NID. + */ + +/* DES CBC EVP */ +const EVP_CIPHER cryptodev_des_cbc = { + NID_des_cbc, + 8, 8, 8, + EVP_CIPH_CBC_MODE, + cryptodev_init_key, + cryptodev_cipher, + cryptodev_cleanup, + sizeof(struct dev_crypto_state), + EVP_CIPHER_set_asn1_iv, + EVP_CIPHER_get_asn1_iv, + NULL +}; + +/* 3DES CBC EVP */ +const EVP_CIPHER cryptodev_3des_cbc = { + NID_des_ede3_cbc, + 8, 24, 8, + EVP_CIPH_CBC_MODE, + cryptodev_init_key, + cryptodev_cipher, + cryptodev_cleanup, + sizeof(struct dev_crypto_state), + EVP_CIPHER_set_asn1_iv, + EVP_CIPHER_get_asn1_iv, + NULL +}; + +const EVP_CIPHER cryptodev_bf_cbc = { + NID_bf_cbc, + 8, 16, 8, + EVP_CIPH_CBC_MODE, + cryptodev_init_key, + cryptodev_cipher, + cryptodev_cleanup, + sizeof(struct dev_crypto_state), + EVP_CIPHER_set_asn1_iv, + EVP_CIPHER_get_asn1_iv, + NULL +}; + +const EVP_CIPHER cryptodev_cast_cbc = { + NID_cast5_cbc, + 8, 16, 8, + EVP_CIPH_CBC_MODE, + cryptodev_init_key, + cryptodev_cipher, + cryptodev_cleanup, + sizeof(struct dev_crypto_state), + EVP_CIPHER_set_asn1_iv, + EVP_CIPHER_get_asn1_iv, + NULL +}; + +const EVP_CIPHER cryptodev_aes_cbc = { + NID_aes_128_cbc, + 16, 16, 16, + EVP_CIPH_CBC_MODE, + cryptodev_init_key, + cryptodev_cipher, + cryptodev_cleanup, + sizeof(struct dev_crypto_state), + EVP_CIPHER_set_asn1_iv, + EVP_CIPHER_get_asn1_iv, + NULL +}; + +/* + * Registered by the ENGINE when used to find out how to deal with + * a particular NID in the ENGINE. this says what we'll do at the + * top level - note, that list is restricted by what we answer with + */ +static int +cryptodev_engine_ciphers(ENGINE *e, const EVP_CIPHER **cipher, + const int **nids, int nid) +{ + if (!cipher) + return (cryptodev_usable_ciphers(nids)); + + switch (nid) { + case NID_des_ede3_cbc: + *cipher = &cryptodev_3des_cbc; + break; + case NID_des_cbc: + *cipher = &cryptodev_des_cbc; + break; + case NID_bf_cbc: + *cipher = &cryptodev_bf_cbc; + break; + case NID_cast5_cbc: + *cipher = &cryptodev_cast_cbc; + break; + case NID_aes_128_cbc: + *cipher = &cryptodev_aes_cbc; + break; + default: + *cipher = NULL; + break; + } + return (*cipher != NULL); +} + +static int +cryptodev_engine_digests(ENGINE *e, const EVP_MD **digest, + const int **nids, int nid) +{ + if (!digest) + return (cryptodev_usable_digests(nids)); + + switch (nid) { + case NID_md5: + *digest = NULL; /* need to make a clean md5 critter */ + break; + default: + *digest = NULL; + break; + } + return (*digest != NULL); +} + +/* + * Convert a BIGNUM to the representation that /dev/crypto needs. + * Upon completion of use, the caller is responsible for freeing + * crp->crp_p. + */ +static int +bn2crparam(const BIGNUM *a, struct crparam *crp) +{ + int i, j, k; + ssize_t words, bytes, bits; + u_char *b; + + crp->crp_p = NULL; + crp->crp_nbits = 0; + + bits = BN_num_bits(a); + bytes = (bits + 7) / 8; + + b = malloc(bytes); + if (b == NULL) + return (1); + + crp->crp_p = b; + crp->crp_nbits = bits; + + for (i = 0, j = 0; i < a->top; i++) { + for (k = 0; k < BN_BITS2 / 8; k++) { + if ((j + k) >= bytes) + return (0); + b[j + k] = a->d[i] >> (k * 8); + } + j += BN_BITS2 / 8; + } + return (0); +} + +/* Convert a /dev/crypto parameter to a BIGNUM */ +static int +crparam2bn(struct crparam *crp, BIGNUM *a) +{ + u_int8_t *pd; + int i, bytes; + + bytes = (crp->crp_nbits + 7) / 8; + + if (bytes == 0) + return (-1); + + if ((pd = (u_int8_t *) malloc(bytes)) == NULL) + return (-1); + + for (i = 0; i < bytes; i++) + pd[i] = crp->crp_p[bytes - i - 1]; + + BN_bin2bn(pd, bytes, a); + free(pd); + + return (0); +} + +static void +zapparams(struct crypt_kop *kop) +{ + int i; + + for (i = 0; i <= kop->crk_iparams + kop->crk_oparams; i++) { + if (kop->crk_param[i].crp_p) + free(kop->crk_param[i].crp_p); + kop->crk_param[i].crp_p = NULL; + kop->crk_param[i].crp_nbits = 0; + } +} + +static int +cryptodev_asym(struct crypt_kop *kop, int rlen, BIGNUM *r, int slen, BIGNUM *s) +{ + int fd, ret = -1; + + if ((fd = get_asym_dev_crypto()) < 0) + return (ret); + + if (r) { + kop->crk_param[kop->crk_iparams].crp_p = calloc(rlen, sizeof(char)); + kop->crk_param[kop->crk_iparams].crp_nbits = rlen * 8; + kop->crk_oparams++; + } + if (s) { + kop->crk_param[kop->crk_iparams+1].crp_p = calloc(slen, sizeof(char)); + kop->crk_param[kop->crk_iparams+1].crp_nbits = slen * 8; + kop->crk_oparams++; + } + + if (ioctl(fd, CIOCKEY, kop) == 0) { + if (r) + crparam2bn(&kop->crk_param[kop->crk_iparams], r); + if (s) + crparam2bn(&kop->crk_param[kop->crk_iparams+1], s); + ret = 0; + } + + return (ret); +} + +static int +cryptodev_bn_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, + const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *in_mont) +{ + struct crypt_kop kop; + int ret = 1; + + /* Currently, we know we can do mod exp iff we can do any + * asymmetric operations at all. + */ + if (cryptodev_asymfeat == 0) { + ret = BN_mod_exp(r, a, p, m, ctx); + return (ret); + } + + memset(&kop, 0, sizeof kop); + kop.crk_op = CRK_MOD_EXP; + + /* inputs: a^p % m */ + if (bn2crparam(a, &kop.crk_param[0])) + goto err; + if (bn2crparam(p, &kop.crk_param[1])) + goto err; + if (bn2crparam(m, &kop.crk_param[2])) + goto err; + kop.crk_iparams = 3; + + if (cryptodev_asym(&kop, BN_num_bytes(m), r, 0, NULL) == -1) { + const RSA_METHOD *meth = RSA_PKCS1_SSLeay(); + ret = meth->bn_mod_exp(r, a, p, m, ctx, in_mont); + } +err: + zapparams(&kop); + return (ret); +} + +static int +cryptodev_rsa_nocrt_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa) +{ + int r; + BN_CTX *ctx; + + ctx = BN_CTX_new(); + r = cryptodev_bn_mod_exp(r0, I, rsa->d, rsa->n, ctx, NULL); + BN_CTX_free(ctx); + return (r); +} + +static int +cryptodev_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa, BN_CTX *ctx) +{ + struct crypt_kop kop; + int ret = 1; + + if (!rsa->p || !rsa->q || !rsa->dmp1 || !rsa->dmq1 || !rsa->iqmp) { + /* XXX 0 means failure?? */ + return (0); + } + + memset(&kop, 0, sizeof kop); + kop.crk_op = CRK_MOD_EXP_CRT; + /* inputs: rsa->p rsa->q I rsa->dmp1 rsa->dmq1 rsa->iqmp */ + if (bn2crparam(rsa->p, &kop.crk_param[0])) + goto err; + if (bn2crparam(rsa->q, &kop.crk_param[1])) + goto err; + if (bn2crparam(I, &kop.crk_param[2])) + goto err; + if (bn2crparam(rsa->dmp1, &kop.crk_param[3])) + goto err; + if (bn2crparam(rsa->dmq1, &kop.crk_param[4])) + goto err; + if (bn2crparam(rsa->iqmp, &kop.crk_param[5])) + goto err; + kop.crk_iparams = 6; + + if (cryptodev_asym(&kop, BN_num_bytes(rsa->n), r0, 0, NULL) == -1) { + const RSA_METHOD *meth = RSA_PKCS1_SSLeay(); + ret = (*meth->rsa_mod_exp)(r0, I, rsa, ctx); + } +err: + zapparams(&kop); + return (ret); +} + +static RSA_METHOD cryptodev_rsa = { + "cryptodev RSA method", + NULL, /* rsa_pub_enc */ + NULL, /* rsa_pub_dec */ + NULL, /* rsa_priv_enc */ + NULL, /* rsa_priv_dec */ + NULL, + NULL, + NULL, /* init */ + NULL, /* finish */ + 0, /* flags */ + NULL, /* app_data */ + NULL, /* rsa_sign */ + NULL /* rsa_verify */ +}; + +static int +cryptodev_dsa_bn_mod_exp(DSA *dsa, BIGNUM *r, BIGNUM *a, const BIGNUM *p, + const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx) +{ + return (cryptodev_bn_mod_exp(r, a, p, m, ctx, m_ctx)); +} + +static int +cryptodev_dsa_dsa_mod_exp(DSA *dsa, BIGNUM *t1, BIGNUM *g, + BIGNUM *u1, BIGNUM *pub_key, BIGNUM *u2, BIGNUM *p, + BN_CTX *ctx, BN_MONT_CTX *mont) +{ + BIGNUM t2; + int ret = 0; + + BN_init(&t2); + + /* v = ( g^u1 * y^u2 mod p ) mod q */ + /* let t1 = g ^ u1 mod p */ + ret = 0; + + if (!dsa->meth->bn_mod_exp(dsa,t1,dsa->g,u1,dsa->p,ctx,mont)) + goto err; + + /* let t2 = y ^ u2 mod p */ + if (!dsa->meth->bn_mod_exp(dsa,&t2,dsa->pub_key,u2,dsa->p,ctx,mont)) + goto err; + /* let u1 = t1 * t2 mod p */ + if (!BN_mod_mul(u1,t1,&t2,dsa->p,ctx)) + goto err; + + BN_copy(t1,u1); + + ret = 1; +err: + BN_free(&t2); + return(ret); +} + +static DSA_SIG * +cryptodev_dsa_do_sign(const unsigned char *dgst, int dlen, DSA *dsa) +{ + struct crypt_kop kop; + BIGNUM *r = NULL, *s = NULL; + DSA_SIG *dsaret = NULL; + + if ((r = BN_new()) == NULL) + goto err; + if ((s = BN_new()) == NULL) { + BN_free(r); + goto err; + } + + memset(&kop, 0, sizeof kop); + kop.crk_op = CRK_DSA_SIGN; + + /* inputs: dgst dsa->p dsa->q dsa->g dsa->priv_key */ + kop.crk_param[0].crp_p = (caddr_t)dgst; + kop.crk_param[0].crp_nbits = dlen * 8; + if (bn2crparam(dsa->p, &kop.crk_param[1])) + goto err; + if (bn2crparam(dsa->q, &kop.crk_param[2])) + goto err; + if (bn2crparam(dsa->g, &kop.crk_param[3])) + goto err; + if (bn2crparam(dsa->priv_key, &kop.crk_param[4])) + goto err; + kop.crk_iparams = 5; + + if (cryptodev_asym(&kop, BN_num_bytes(dsa->q), r, + BN_num_bytes(dsa->q), s) == 0) { + dsaret = DSA_SIG_new(); + dsaret->r = r; + dsaret->s = s; + } else { + const DSA_METHOD *meth = DSA_OpenSSL(); + BN_free(r); + BN_free(s); + dsaret = (meth->dsa_do_sign)(dgst, dlen, dsa); + } +err: + kop.crk_param[0].crp_p = NULL; + zapparams(&kop); + return (dsaret); +} + +static int +cryptodev_dsa_verify(const unsigned char *dgst, int dlen, + DSA_SIG *sig, DSA *dsa) +{ + struct crypt_kop kop; + int dsaret = 1; + + memset(&kop, 0, sizeof kop); + kop.crk_op = CRK_DSA_VERIFY; + + /* inputs: dgst dsa->p dsa->q dsa->g dsa->pub_key sig->r sig->s */ + kop.crk_param[0].crp_p = (caddr_t)dgst; + kop.crk_param[0].crp_nbits = dlen * 8; + if (bn2crparam(dsa->p, &kop.crk_param[1])) + goto err; + if (bn2crparam(dsa->q, &kop.crk_param[2])) + goto err; + if (bn2crparam(dsa->g, &kop.crk_param[3])) + goto err; + if (bn2crparam(dsa->pub_key, &kop.crk_param[4])) + goto err; + if (bn2crparam(sig->r, &kop.crk_param[5])) + goto err; + if (bn2crparam(sig->s, &kop.crk_param[6])) + goto err; + kop.crk_iparams = 7; + + if (cryptodev_asym(&kop, 0, NULL, 0, NULL) == 0) { + dsaret = kop.crk_status; + } else { + const DSA_METHOD *meth = DSA_OpenSSL(); + + dsaret = (meth->dsa_do_verify)(dgst, dlen, sig, dsa); + } +err: + kop.crk_param[0].crp_p = NULL; + zapparams(&kop); + return (dsaret); +} + +static DSA_METHOD cryptodev_dsa = { + "cryptodev DSA method", + NULL, + NULL, /* dsa_sign_setup */ + NULL, + NULL, /* dsa_mod_exp */ + NULL, + NULL, /* init */ + NULL, /* finish */ + 0, /* flags */ + NULL /* app_data */ +}; + +static int +cryptodev_mod_exp_dh(const DH *dh, BIGNUM *r, const BIGNUM *a, + const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx, + BN_MONT_CTX *m_ctx) +{ + return (cryptodev_bn_mod_exp(r, a, p, m, ctx, m_ctx)); +} + +static int +cryptodev_dh_compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh) +{ + struct crypt_kop kop; + int dhret = 1; + int fd, keylen; + + if ((fd = get_asym_dev_crypto()) < 0) { + const DH_METHOD *meth = DH_OpenSSL(); + + return ((meth->compute_key)(key, pub_key, dh)); + } + + keylen = BN_num_bits(dh->p); + + memset(&kop, 0, sizeof kop); + kop.crk_op = CRK_DH_COMPUTE_KEY; + + /* inputs: dh->priv_key pub_key dh->p key */ + if (bn2crparam(dh->priv_key, &kop.crk_param[0])) + goto err; + if (bn2crparam(pub_key, &kop.crk_param[1])) + goto err; + if (bn2crparam(dh->p, &kop.crk_param[2])) + goto err; + kop.crk_iparams = 3; + + kop.crk_param[3].crp_p = key; + kop.crk_param[3].crp_nbits = keylen * 8; + kop.crk_oparams = 1; + + if (ioctl(fd, CIOCKEY, &kop) == -1) { + const DH_METHOD *meth = DH_OpenSSL(); + + dhret = (meth->compute_key)(key, pub_key, dh); + } +err: + kop.crk_param[3].crp_p = NULL; + zapparams(&kop); + return (dhret); +} + +static DH_METHOD cryptodev_dh = { + "cryptodev DH method", + NULL, /* cryptodev_dh_generate_key */ + NULL, + NULL, + NULL, + NULL, + 0, /* flags */ + NULL /* app_data */ +}; + +/* + * ctrl right now is just a wrapper that doesn't do much + * but I expect we'll want some options soon. + */ +static int +cryptodev_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)()) +{ +#ifdef HAVE_SYSLOG_R + struct syslog_data sd = SYSLOG_DATA_INIT; +#endif + + switch (cmd) { + default: +#ifdef HAVE_SYSLOG_R + syslog_r(LOG_ERR, &sd, + "cryptodev_ctrl: unknown command %d", cmd); +#else + syslog(LOG_ERR, "cryptodev_ctrl: unknown command %d", cmd); +#endif + break; + } + return (1); +} + +void +ENGINE_load_cryptodev(void) +{ + ENGINE *engine = ENGINE_new(); + int fd; + + if (engine == NULL) + return; + if ((fd = get_dev_crypto()) < 0) { + ENGINE_free(engine); + return; + } + + /* + * find out what asymmetric crypto algorithms we support + */ + if (ioctl(fd, CIOCASYMFEAT, &cryptodev_asymfeat) == -1) { + close(fd); + ENGINE_free(engine); + return; + } + close(fd); + + if (!ENGINE_set_id(engine, "cryptodev") || + !ENGINE_set_name(engine, "BSD cryptodev engine") || + !ENGINE_set_ciphers(engine, cryptodev_engine_ciphers) || + !ENGINE_set_digests(engine, cryptodev_engine_digests) || + !ENGINE_set_ctrl_function(engine, cryptodev_ctrl) || + !ENGINE_set_cmd_defns(engine, cryptodev_defns)) { + ENGINE_free(engine); + return; + } + + if (ENGINE_set_RSA(engine, &cryptodev_rsa)) { + const RSA_METHOD *rsa_meth = RSA_PKCS1_SSLeay(); + + cryptodev_rsa.bn_mod_exp = rsa_meth->bn_mod_exp; + cryptodev_rsa.rsa_mod_exp = rsa_meth->rsa_mod_exp; + cryptodev_rsa.rsa_pub_enc = rsa_meth->rsa_pub_enc; + cryptodev_rsa.rsa_pub_dec = rsa_meth->rsa_pub_dec; + cryptodev_rsa.rsa_priv_enc = rsa_meth->rsa_priv_enc; + cryptodev_rsa.rsa_priv_dec = rsa_meth->rsa_priv_dec; + if (cryptodev_asymfeat & CRF_MOD_EXP) { + cryptodev_rsa.bn_mod_exp = cryptodev_bn_mod_exp; + if (cryptodev_asymfeat & CRF_MOD_EXP_CRT) + cryptodev_rsa.rsa_mod_exp = + cryptodev_rsa_mod_exp; + else + cryptodev_rsa.rsa_mod_exp = + cryptodev_rsa_nocrt_mod_exp; + } + } + + if (ENGINE_set_DSA(engine, &cryptodev_dsa)) { + const DSA_METHOD *meth = DSA_OpenSSL(); + + memcpy(&cryptodev_dsa, meth, sizeof(DSA_METHOD)); + if (cryptodev_asymfeat & CRF_DSA_SIGN) + cryptodev_dsa.dsa_do_sign = cryptodev_dsa_do_sign; + if (cryptodev_asymfeat & CRF_MOD_EXP) { + cryptodev_dsa.bn_mod_exp = cryptodev_dsa_bn_mod_exp; + cryptodev_dsa.dsa_mod_exp = cryptodev_dsa_dsa_mod_exp; + } + if (cryptodev_asymfeat & CRF_DSA_VERIFY) + cryptodev_dsa.dsa_do_verify = cryptodev_dsa_verify; + } + + if (ENGINE_set_DH(engine, &cryptodev_dh)){ + const DH_METHOD *dh_meth = DH_OpenSSL(); + + cryptodev_dh.generate_key = dh_meth->generate_key; + cryptodev_dh.compute_key = dh_meth->compute_key; + cryptodev_dh.bn_mod_exp = dh_meth->bn_mod_exp; + if (cryptodev_asymfeat & CRF_MOD_EXP) { + cryptodev_dh.bn_mod_exp = cryptodev_mod_exp_dh; + if (cryptodev_asymfeat & CRF_DH_COMPUTE_KEY) + cryptodev_dh.compute_key = + cryptodev_dh_compute_key; + } + } + + ENGINE_add(engine); + ENGINE_free(engine); + ERR_clear_error(); +} + +#endif /* HAVE_CRYPTODEV */ diff --git a/src/lib/libcrypto/engine/enginetest.c b/src/lib/libcrypto/engine/enginetest.c index c2d0297392..cf82f490db 100644 --- a/src/lib/libcrypto/engine/enginetest.c +++ b/src/lib/libcrypto/engine/enginetest.c @@ -72,7 +72,7 @@ int main(int argc, char *argv[]) #include #include -static void display_engine_list() +static void display_engine_list(void) { ENGINE *h; int loop; diff --git a/src/lib/libcrypto/err/Makefile b/src/lib/libcrypto/err/Makefile index 4adec55302..23e38409c8 100644 --- a/src/lib/libcrypto/err/Makefile +++ b/src/lib/libcrypto/err/Makefile @@ -7,11 +7,6 @@ TOP= ../.. CC= cc INCLUDES= -I.. -I$(TOP) -I../../include CFLAG=-g -INSTALL_PREFIX= -OPENSSLDIR= /usr/local/ssl -INSTALLTOP=/usr/local/ssl -MAKEDEPPROG= makedepend -MAKEDEPEND= $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG) MAKEFILE= Makefile AR= ar r @@ -51,6 +46,7 @@ links: @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS) install: + @[ -n "$(INSTALLTOP)" ] # should be set by top Makefile... @headerlist="$(EXHEADER)"; for i in $$headerlist ; \ do \ (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \ @@ -66,6 +62,7 @@ lint: lint -DLINT $(INCLUDES) $(SRC)>fluff depend: + @[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile... $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC) dclean: @@ -81,38 +78,32 @@ err.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/buffer.h err.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h err.o: ../../include/openssl/err.h ../../include/openssl/lhash.h err.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -err.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h -err.o: ../../include/openssl/symhacks.h ../cryptlib.h err.c -err_all.o: ../../include/openssl/aes.h ../../include/openssl/asn1.h -err_all.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h +err.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h +err.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +err.o: ../cryptlib.h err.c +err_all.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h err_all.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -err_all.o: ../../include/openssl/cast.h ../../include/openssl/conf.h -err_all.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -err_all.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -err_all.o: ../../include/openssl/dsa.h ../../include/openssl/dso.h -err_all.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h -err_all.o: ../../include/openssl/engine.h ../../include/openssl/err.h -err_all.o: ../../include/openssl/evp.h ../../include/openssl/fips.h -err_all.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -err_all.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -err_all.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h -err_all.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -err_all.o: ../../include/openssl/ocsp.h ../../include/openssl/opensslconf.h -err_all.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -err_all.o: ../../include/openssl/pem2.h ../../include/openssl/pkcs12.h -err_all.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h -err_all.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -err_all.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h -err_all.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -err_all.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -err_all.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -err_all.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h +err_all.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h +err_all.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h +err_all.o: ../../include/openssl/dso.h ../../include/openssl/e_os2.h +err_all.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h +err_all.o: ../../include/openssl/ecdsa.h ../../include/openssl/engine.h +err_all.o: ../../include/openssl/err.h ../../include/openssl/evp.h +err_all.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h +err_all.o: ../../include/openssl/objects.h ../../include/openssl/ocsp.h +err_all.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h +err_all.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pem2.h +err_all.o: ../../include/openssl/pkcs12.h ../../include/openssl/pkcs7.h +err_all.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h +err_all.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +err_all.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +err_all.o: ../../include/openssl/ui.h ../../include/openssl/x509.h err_all.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h err_all.o: err_all.c err_prn.o: ../../e_os.h ../../include/openssl/bio.h err_prn.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h err_prn.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h err_prn.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h -err_prn.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h -err_prn.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -err_prn.o: ../cryptlib.h err_prn.c +err_prn.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +err_prn.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +err_prn.o: ../../include/openssl/symhacks.h ../cryptlib.h err_prn.c diff --git a/src/lib/libcrypto/evp/Makefile b/src/lib/libcrypto/evp/Makefile index d1c2a272bb..8f2555c7e5 100644 --- a/src/lib/libcrypto/evp/Makefile +++ b/src/lib/libcrypto/evp/Makefile @@ -7,11 +7,6 @@ TOP= ../.. CC= cc INCLUDES= -I.. -I$(TOP) -I../../include CFLAG=-g -INSTALL_PREFIX= -OPENSSLDIR= /usr/local/ssl -INSTALLTOP=/usr/local/ssl -MAKEDEPPROG= makedepend -MAKEDEPEND= $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG) MAKEFILE= Makefile AR= ar r @@ -24,11 +19,11 @@ APPS= LIB=$(TOP)/libcrypto.a LIBSRC= encode.c digest.c evp_enc.c evp_key.c evp_acnf.c \ - e_des.c e_bf.c e_idea.c e_des3.c \ - e_rc4.c e_aes.c names.c \ + e_des.c e_bf.c e_idea.c e_des3.c e_camellia.c\ + e_rc4.c e_aes.c names.c e_seed.c \ e_xcbc_d.c e_rc2.c e_cast.c e_rc5.c \ m_null.c m_md2.c m_md4.c m_md5.c m_sha.c m_sha1.c \ - m_dss.c m_dss1.c m_mdc2.c m_ripemd.c \ + m_dss.c m_dss1.c m_mdc2.c m_ripemd.c m_ecdsa.c\ p_open.c p_seal.c p_sign.c p_verify.c p_lib.c p_enc.c p_dec.c \ bio_md.c bio_b64.c bio_enc.c evp_err.c e_null.c \ c_all.c c_allc.c c_alld.c evp_lib.c bio_ok.c \ @@ -36,11 +31,11 @@ LIBSRC= encode.c digest.c evp_enc.c evp_key.c evp_acnf.c \ e_old.c LIBOBJ= encode.o digest.o evp_enc.o evp_key.o evp_acnf.o \ - e_des.o e_bf.o e_idea.o e_des3.o \ - e_rc4.o e_aes.o names.o \ + e_des.o e_bf.o e_idea.o e_des3.o e_camellia.o\ + e_rc4.o e_aes.o names.o e_seed.o \ e_xcbc_d.o e_rc2.o e_cast.o e_rc5.o \ m_null.o m_md2.o m_md4.o m_md5.o m_sha.o m_sha1.o \ - m_dss.o m_dss1.o m_mdc2.o m_ripemd.o \ + m_dss.o m_dss1.o m_mdc2.o m_ripemd.o m_ecdsa.o\ p_open.o p_seal.o p_sign.o p_verify.o p_lib.o p_enc.o p_dec.o \ bio_md.o bio_b64.o bio_enc.o evp_err.o e_null.o \ c_all.o c_allc.o c_alld.o evp_lib.o bio_ok.o \ @@ -74,6 +69,7 @@ links: @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS) install: + @[ -n "$(INSTALLTOP)" ] # should be set by top Makefile... @headerlist="$(EXHEADER)"; for i in $$headerlist ; \ do \ (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \ @@ -89,6 +85,7 @@ lint: lint -DLINT $(INCLUDES) $(SRC)>fluff depend: + @[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile... $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(LIBSRC) dclean: @@ -100,977 +97,550 @@ clean: # DO NOT DELETE THIS LINE -- make depend depends on it. -bio_b64.o: ../../e_os.h ../../include/openssl/aes.h -bio_b64.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -bio_b64.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -bio_b64.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -bio_b64.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -bio_b64.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -bio_b64.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h +bio_b64.o: ../../e_os.h ../../include/openssl/asn1.h +bio_b64.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h +bio_b64.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h bio_b64.o: ../../include/openssl/err.h ../../include/openssl/evp.h -bio_b64.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -bio_b64.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -bio_b64.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h -bio_b64.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -bio_b64.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -bio_b64.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rc2.h -bio_b64.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -bio_b64.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -bio_b64.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -bio_b64.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -bio_b64.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -bio_b64.o: ../cryptlib.h bio_b64.c -bio_enc.o: ../../e_os.h ../../include/openssl/aes.h -bio_enc.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -bio_enc.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -bio_enc.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -bio_enc.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -bio_enc.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -bio_enc.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h +bio_b64.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h +bio_b64.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h +bio_b64.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +bio_b64.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +bio_b64.o: ../../include/openssl/symhacks.h ../cryptlib.h bio_b64.c +bio_enc.o: ../../e_os.h ../../include/openssl/asn1.h +bio_enc.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h +bio_enc.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h bio_enc.o: ../../include/openssl/err.h ../../include/openssl/evp.h -bio_enc.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -bio_enc.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -bio_enc.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h -bio_enc.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -bio_enc.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -bio_enc.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rc2.h -bio_enc.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -bio_enc.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -bio_enc.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -bio_enc.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -bio_enc.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -bio_enc.o: ../cryptlib.h bio_enc.c -bio_md.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h -bio_md.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -bio_md.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -bio_md.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h -bio_md.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -bio_md.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h +bio_enc.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h +bio_enc.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h +bio_enc.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +bio_enc.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +bio_enc.o: ../../include/openssl/symhacks.h ../cryptlib.h bio_enc.c +bio_md.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h +bio_md.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h bio_md.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -bio_md.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -bio_md.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -bio_md.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -bio_md.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h -bio_md.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -bio_md.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -bio_md.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -bio_md.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h -bio_md.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -bio_md.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -bio_md.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -bio_md.o: ../../include/openssl/ui_compat.h ../cryptlib.h bio_md.c -bio_ok.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h -bio_ok.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -bio_ok.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -bio_ok.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h -bio_ok.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -bio_ok.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h +bio_md.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h +bio_md.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h +bio_md.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h +bio_md.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h +bio_md.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +bio_md.o: ../cryptlib.h bio_md.c +bio_ok.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h +bio_ok.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h bio_ok.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -bio_ok.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -bio_ok.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -bio_ok.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -bio_ok.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h -bio_ok.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -bio_ok.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -bio_ok.o: ../../include/openssl/rand.h ../../include/openssl/rc2.h -bio_ok.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -bio_ok.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -bio_ok.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -bio_ok.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -bio_ok.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -bio_ok.o: ../cryptlib.h bio_ok.c -c_all.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h -c_all.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -c_all.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -c_all.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h -c_all.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -c_all.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h +bio_ok.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h +bio_ok.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h +bio_ok.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h +bio_ok.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h +bio_ok.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +bio_ok.o: ../../include/openssl/symhacks.h ../cryptlib.h bio_ok.c +c_all.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h +c_all.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h c_all.o: ../../include/openssl/e_os2.h ../../include/openssl/engine.h c_all.o: ../../include/openssl/err.h ../../include/openssl/evp.h -c_all.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -c_all.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -c_all.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h -c_all.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -c_all.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -c_all.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h -c_all.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -c_all.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h -c_all.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -c_all.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -c_all.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -c_all.o: ../../include/openssl/ui_compat.h ../cryptlib.h c_all.c -c_allc.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h -c_allc.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -c_allc.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -c_allc.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h -c_allc.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -c_allc.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -c_allc.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -c_allc.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -c_allc.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -c_allc.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -c_allc.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h +c_all.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h +c_all.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h +c_all.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +c_all.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +c_all.o: ../../include/openssl/symhacks.h ../cryptlib.h c_all.c +c_allc.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h +c_allc.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h +c_allc.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h +c_allc.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h +c_allc.o: ../../include/openssl/err.h ../../include/openssl/evp.h +c_allc.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h c_allc.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h c_allc.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h c_allc.o: ../../include/openssl/pkcs12.h ../../include/openssl/pkcs7.h -c_allc.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -c_allc.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h -c_allc.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -c_allc.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -c_allc.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -c_allc.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h -c_allc.o: ../../include/openssl/x509_vfy.h ../cryptlib.h c_allc.c -c_alld.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h -c_alld.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -c_alld.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -c_alld.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h -c_alld.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -c_alld.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -c_alld.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -c_alld.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -c_alld.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -c_alld.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -c_alld.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h +c_allc.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +c_allc.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +c_allc.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +c_allc.o: ../cryptlib.h c_allc.c +c_alld.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h +c_alld.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h +c_alld.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h +c_alld.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h +c_alld.o: ../../include/openssl/err.h ../../include/openssl/evp.h +c_alld.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h c_alld.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h c_alld.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h c_alld.o: ../../include/openssl/pkcs12.h ../../include/openssl/pkcs7.h -c_alld.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -c_alld.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h -c_alld.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -c_alld.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -c_alld.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -c_alld.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h -c_alld.o: ../../include/openssl/x509_vfy.h ../cryptlib.h c_alld.c -digest.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h -digest.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -digest.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -digest.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h -digest.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -digest.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h +c_alld.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +c_alld.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +c_alld.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +c_alld.o: ../cryptlib.h c_alld.c +digest.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h +digest.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h digest.o: ../../include/openssl/e_os2.h ../../include/openssl/engine.h digest.o: ../../include/openssl/err.h ../../include/openssl/evp.h -digest.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -digest.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -digest.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h -digest.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -digest.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -digest.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h -digest.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -digest.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h -digest.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -digest.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -digest.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -digest.o: ../../include/openssl/ui_compat.h ../cryptlib.h digest.c +digest.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h +digest.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h +digest.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +digest.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +digest.o: ../../include/openssl/symhacks.h ../cryptlib.h digest.c e_aes.o: ../../include/openssl/aes.h ../../include/openssl/asn1.h -e_aes.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -e_aes.o: ../../include/openssl/bn.h ../../include/openssl/cast.h -e_aes.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -e_aes.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -e_aes.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -e_aes.o: ../../include/openssl/err.h ../../include/openssl/evp.h -e_aes.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -e_aes.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -e_aes.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h +e_aes.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h +e_aes.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h +e_aes.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h e_aes.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h e_aes.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -e_aes.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rc2.h -e_aes.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -e_aes.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -e_aes.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -e_aes.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -e_aes.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h e_aes.c +e_aes.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h +e_aes.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h e_aes.c e_aes.o: evp_locl.h -e_bf.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h -e_bf.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -e_bf.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -e_bf.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h -e_bf.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -e_bf.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -e_bf.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -e_bf.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -e_bf.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -e_bf.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -e_bf.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h +e_bf.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h +e_bf.o: ../../include/openssl/blowfish.h ../../include/openssl/buffer.h +e_bf.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h +e_bf.o: ../../include/openssl/err.h ../../include/openssl/evp.h +e_bf.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h e_bf.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h e_bf.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -e_bf.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -e_bf.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h -e_bf.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -e_bf.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -e_bf.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -e_bf.o: ../../include/openssl/ui_compat.h ../cryptlib.h e_bf.c evp_locl.h -e_cast.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h -e_cast.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -e_cast.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -e_cast.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h -e_cast.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -e_cast.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -e_cast.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -e_cast.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -e_cast.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -e_cast.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -e_cast.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h +e_bf.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +e_bf.o: ../../include/openssl/symhacks.h ../cryptlib.h e_bf.c evp_locl.h +e_camellia.o: ../../include/openssl/opensslconf.h e_camellia.c +e_cast.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h +e_cast.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h +e_cast.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h +e_cast.o: ../../include/openssl/err.h ../../include/openssl/evp.h +e_cast.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h e_cast.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h e_cast.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -e_cast.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -e_cast.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h -e_cast.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -e_cast.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -e_cast.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -e_cast.o: ../../include/openssl/ui_compat.h ../cryptlib.h e_cast.c evp_locl.h -e_des.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h -e_des.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -e_des.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -e_des.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h +e_cast.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +e_cast.o: ../../include/openssl/symhacks.h ../cryptlib.h e_cast.c evp_locl.h +e_des.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h +e_des.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h e_des.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -e_des.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h e_des.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -e_des.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -e_des.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -e_des.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -e_des.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h -e_des.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -e_des.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -e_des.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -e_des.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h -e_des.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -e_des.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +e_des.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h +e_des.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h +e_des.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h +e_des.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h +e_des.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h e_des.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h e_des.o: ../../include/openssl/ui_compat.h ../cryptlib.h e_des.c evp_locl.h -e_des3.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h -e_des3.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -e_des3.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -e_des3.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h +e_des3.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h +e_des3.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h e_des3.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -e_des3.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h e_des3.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -e_des3.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -e_des3.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -e_des3.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -e_des3.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h -e_des3.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -e_des3.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -e_des3.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -e_des3.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h -e_des3.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -e_des3.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +e_des3.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h +e_des3.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h +e_des3.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h +e_des3.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h +e_des3.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h e_des3.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h e_des3.o: ../../include/openssl/ui_compat.h ../cryptlib.h e_des3.c evp_locl.h -e_idea.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h -e_idea.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -e_idea.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -e_idea.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h -e_idea.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -e_idea.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h +e_idea.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h +e_idea.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h e_idea.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h e_idea.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -e_idea.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -e_idea.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -e_idea.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h +e_idea.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h e_idea.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h e_idea.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -e_idea.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -e_idea.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h -e_idea.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -e_idea.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -e_idea.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -e_idea.o: ../../include/openssl/ui_compat.h ../cryptlib.h e_idea.c evp_locl.h -e_null.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h -e_null.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -e_null.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -e_null.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h -e_null.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -e_null.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h +e_idea.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +e_idea.o: ../../include/openssl/symhacks.h ../cryptlib.h e_idea.c evp_locl.h +e_null.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h +e_null.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h e_null.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -e_null.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -e_null.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -e_null.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -e_null.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h -e_null.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -e_null.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -e_null.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -e_null.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h -e_null.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -e_null.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -e_null.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -e_null.o: ../../include/openssl/ui_compat.h ../cryptlib.h e_null.c -e_old.o: ../../include/openssl/aes.h ../../include/openssl/asn1.h -e_old.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -e_old.o: ../../include/openssl/bn.h ../../include/openssl/cast.h -e_old.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -e_old.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -e_old.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -e_old.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -e_old.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -e_old.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h -e_old.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -e_old.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -e_old.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rc2.h -e_old.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -e_old.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -e_old.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -e_old.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -e_old.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h e_old.c -e_rc2.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h -e_rc2.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -e_rc2.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -e_rc2.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h -e_rc2.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -e_rc2.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h +e_null.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h +e_null.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h +e_null.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h +e_null.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h +e_null.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +e_null.o: ../cryptlib.h e_null.c +e_old.o: e_old.c +e_rc2.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h +e_rc2.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h e_rc2.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -e_rc2.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -e_rc2.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -e_rc2.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -e_rc2.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h -e_rc2.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -e_rc2.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -e_rc2.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -e_rc2.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h -e_rc2.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -e_rc2.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -e_rc2.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -e_rc2.o: ../../include/openssl/ui_compat.h ../cryptlib.h e_rc2.c evp_locl.h -e_rc4.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h -e_rc4.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -e_rc4.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -e_rc4.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h -e_rc4.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -e_rc4.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h +e_rc2.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h +e_rc2.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h +e_rc2.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h +e_rc2.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rc2.h +e_rc2.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +e_rc2.o: ../../include/openssl/symhacks.h ../cryptlib.h e_rc2.c evp_locl.h +e_rc4.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h +e_rc4.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h e_rc4.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -e_rc4.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -e_rc4.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -e_rc4.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -e_rc4.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h -e_rc4.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -e_rc4.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -e_rc4.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -e_rc4.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h -e_rc4.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -e_rc4.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -e_rc4.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -e_rc4.o: ../../include/openssl/ui_compat.h ../cryptlib.h e_rc4.c evp_locl.h -e_rc5.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h -e_rc5.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -e_rc5.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -e_rc5.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h -e_rc5.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -e_rc5.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h +e_rc4.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h +e_rc4.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h +e_rc4.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h +e_rc4.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rc4.h +e_rc4.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +e_rc4.o: ../../include/openssl/symhacks.h ../cryptlib.h e_rc4.c +e_rc5.o: ../../e_os.h ../../include/openssl/bio.h +e_rc5.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h e_rc5.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -e_rc5.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -e_rc5.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -e_rc5.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -e_rc5.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h -e_rc5.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h +e_rc5.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h e_rc5.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -e_rc5.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -e_rc5.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h -e_rc5.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -e_rc5.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -e_rc5.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -e_rc5.o: ../../include/openssl/ui_compat.h ../cryptlib.h e_rc5.c evp_locl.h -e_xcbc_d.o: ../../e_os.h ../../include/openssl/aes.h -e_xcbc_d.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -e_xcbc_d.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -e_xcbc_d.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h +e_rc5.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +e_rc5.o: ../../include/openssl/symhacks.h ../cryptlib.h e_rc5.c +e_seed.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h +e_seed.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h +e_seed.o: ../../include/openssl/err.h ../../include/openssl/evp.h +e_seed.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h +e_seed.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h +e_seed.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +e_seed.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +e_seed.o: ../../include/openssl/symhacks.h e_seed.c +e_xcbc_d.o: ../../e_os.h ../../include/openssl/asn1.h +e_xcbc_d.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h e_xcbc_d.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -e_xcbc_d.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -e_xcbc_d.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h +e_xcbc_d.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h e_xcbc_d.o: ../../include/openssl/err.h ../../include/openssl/evp.h -e_xcbc_d.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -e_xcbc_d.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -e_xcbc_d.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h -e_xcbc_d.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -e_xcbc_d.o: ../../include/openssl/opensslconf.h +e_xcbc_d.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h +e_xcbc_d.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h e_xcbc_d.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -e_xcbc_d.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -e_xcbc_d.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h -e_xcbc_d.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -e_xcbc_d.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +e_xcbc_d.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h e_xcbc_d.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h e_xcbc_d.o: ../../include/openssl/ui_compat.h ../cryptlib.h e_xcbc_d.c -encode.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h -encode.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -encode.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -encode.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h -encode.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -encode.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h +encode.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h +encode.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h encode.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -encode.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -encode.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -encode.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -encode.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h -encode.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -encode.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -encode.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -encode.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h -encode.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -encode.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -encode.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -encode.o: ../../include/openssl/ui_compat.h ../cryptlib.h encode.c -evp_acnf.o: ../../e_os.h ../../include/openssl/aes.h -evp_acnf.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -evp_acnf.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -evp_acnf.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h +encode.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h +encode.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h +encode.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h +encode.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h +encode.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +encode.o: ../cryptlib.h encode.c +evp_acnf.o: ../../e_os.h ../../include/openssl/asn1.h +evp_acnf.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h evp_acnf.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h -evp_acnf.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -evp_acnf.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h evp_acnf.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -evp_acnf.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -evp_acnf.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -evp_acnf.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -evp_acnf.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h -evp_acnf.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h +evp_acnf.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h +evp_acnf.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h +evp_acnf.o: ../../include/openssl/opensslconf.h evp_acnf.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -evp_acnf.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -evp_acnf.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h -evp_acnf.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -evp_acnf.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -evp_acnf.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -evp_acnf.o: ../../include/openssl/ui_compat.h ../cryptlib.h evp_acnf.c -evp_enc.o: ../../e_os.h ../../include/openssl/aes.h -evp_enc.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -evp_enc.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -evp_enc.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -evp_enc.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -evp_enc.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -evp_enc.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h +evp_acnf.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +evp_acnf.o: ../../include/openssl/symhacks.h ../cryptlib.h evp_acnf.c +evp_enc.o: ../../e_os.h ../../include/openssl/asn1.h +evp_enc.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h +evp_enc.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h evp_enc.o: ../../include/openssl/engine.h ../../include/openssl/err.h -evp_enc.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -evp_enc.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -evp_enc.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -evp_enc.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h -evp_enc.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -evp_enc.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -evp_enc.o: ../../include/openssl/rand.h ../../include/openssl/rc2.h -evp_enc.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -evp_enc.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -evp_enc.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -evp_enc.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -evp_enc.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -evp_enc.o: ../cryptlib.h evp_enc.c evp_locl.h -evp_err.o: ../../include/openssl/aes.h ../../include/openssl/asn1.h -evp_err.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -evp_err.o: ../../include/openssl/bn.h ../../include/openssl/cast.h -evp_err.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -evp_err.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -evp_err.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h +evp_enc.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h +evp_enc.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h +evp_enc.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h +evp_enc.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h +evp_enc.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +evp_enc.o: ../../include/openssl/symhacks.h ../cryptlib.h evp_enc.c evp_locl.h +evp_err.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h +evp_err.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h evp_err.o: ../../include/openssl/err.h ../../include/openssl/evp.h -evp_err.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -evp_err.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -evp_err.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h -evp_err.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -evp_err.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -evp_err.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rc2.h -evp_err.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -evp_err.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -evp_err.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -evp_err.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -evp_err.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -evp_err.o: evp_err.c -evp_key.o: ../../e_os.h ../../include/openssl/aes.h -evp_key.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -evp_key.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -evp_key.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -evp_key.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -evp_key.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -evp_key.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -evp_key.o: ../../include/openssl/err.h ../../include/openssl/evp.h -evp_key.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -evp_key.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -evp_key.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h +evp_err.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h +evp_err.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h +evp_err.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +evp_err.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +evp_err.o: ../../include/openssl/symhacks.h evp_err.c +evp_key.o: ../../e_os.h ../../include/openssl/asn1.h +evp_key.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h +evp_key.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h +evp_key.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h +evp_key.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h +evp_key.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h evp_key.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h evp_key.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h evp_key.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h -evp_key.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -evp_key.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h -evp_key.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -evp_key.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -evp_key.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -evp_key.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h +evp_key.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +evp_key.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +evp_key.o: ../../include/openssl/ui.h ../../include/openssl/x509.h evp_key.o: ../../include/openssl/x509_vfy.h ../cryptlib.h evp_key.c -evp_lib.o: ../../e_os.h ../../include/openssl/aes.h -evp_lib.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -evp_lib.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -evp_lib.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -evp_lib.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -evp_lib.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -evp_lib.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h +evp_lib.o: ../../e_os.h ../../include/openssl/asn1.h +evp_lib.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h +evp_lib.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h evp_lib.o: ../../include/openssl/err.h ../../include/openssl/evp.h -evp_lib.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -evp_lib.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -evp_lib.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h -evp_lib.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -evp_lib.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -evp_lib.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rc2.h -evp_lib.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -evp_lib.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -evp_lib.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -evp_lib.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -evp_lib.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -evp_lib.o: ../cryptlib.h evp_lib.c -evp_pbe.o: ../../e_os.h ../../include/openssl/aes.h -evp_pbe.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -evp_pbe.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -evp_pbe.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -evp_pbe.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -evp_pbe.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -evp_pbe.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -evp_pbe.o: ../../include/openssl/err.h ../../include/openssl/evp.h -evp_pbe.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -evp_pbe.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -evp_pbe.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h +evp_lib.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h +evp_lib.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h +evp_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +evp_lib.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +evp_lib.o: ../../include/openssl/symhacks.h ../cryptlib.h evp_lib.c +evp_pbe.o: ../../e_os.h ../../include/openssl/asn1.h +evp_pbe.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h +evp_pbe.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h +evp_pbe.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h +evp_pbe.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h +evp_pbe.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h evp_pbe.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h evp_pbe.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h evp_pbe.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h -evp_pbe.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -evp_pbe.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h -evp_pbe.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -evp_pbe.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -evp_pbe.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -evp_pbe.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h -evp_pbe.o: ../../include/openssl/x509_vfy.h ../cryptlib.h evp_pbe.c -evp_pkey.o: ../../e_os.h ../../include/openssl/aes.h -evp_pkey.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -evp_pkey.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -evp_pkey.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -evp_pkey.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -evp_pkey.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h +evp_pbe.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +evp_pbe.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +evp_pbe.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +evp_pbe.o: ../cryptlib.h evp_pbe.c +evp_pkey.o: ../../e_os.h ../../include/openssl/asn1.h +evp_pkey.o: ../../include/openssl/bio.h ../../include/openssl/bn.h +evp_pkey.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h evp_pkey.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -evp_pkey.o: ../../include/openssl/err.h ../../include/openssl/evp.h -evp_pkey.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -evp_pkey.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -evp_pkey.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h +evp_pkey.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h +evp_pkey.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h +evp_pkey.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h evp_pkey.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h evp_pkey.o: ../../include/openssl/opensslconf.h evp_pkey.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h evp_pkey.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h -evp_pkey.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -evp_pkey.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h evp_pkey.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h evp_pkey.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -evp_pkey.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -evp_pkey.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h +evp_pkey.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h evp_pkey.o: ../../include/openssl/x509_vfy.h ../cryptlib.h evp_pkey.c -m_dss.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h -m_dss.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -m_dss.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -m_dss.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h -m_dss.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -m_dss.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -m_dss.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -m_dss.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -m_dss.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -m_dss.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -m_dss.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h -m_dss.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -m_dss.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -m_dss.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -m_dss.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -m_dss.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h +m_dss.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h +m_dss.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h +m_dss.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h +m_dss.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h +m_dss.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h +m_dss.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h +m_dss.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h +m_dss.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h +m_dss.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h m_dss.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h m_dss.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -m_dss.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h m_dss.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h m_dss.o: ../cryptlib.h m_dss.c -m_dss1.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h -m_dss1.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -m_dss1.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -m_dss1.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h -m_dss1.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -m_dss1.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -m_dss1.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -m_dss1.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -m_dss1.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -m_dss1.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -m_dss1.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h -m_dss1.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -m_dss1.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -m_dss1.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -m_dss1.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -m_dss1.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h +m_dss1.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h +m_dss1.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h +m_dss1.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h +m_dss1.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h +m_dss1.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h +m_dss1.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h +m_dss1.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h +m_dss1.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h +m_dss1.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h m_dss1.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h m_dss1.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -m_dss1.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h m_dss1.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h m_dss1.o: ../cryptlib.h m_dss1.c -m_md2.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h -m_md2.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -m_md2.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -m_md2.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h -m_md2.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -m_md2.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -m_md2.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -m_md2.o: ../../include/openssl/evp.h ../../include/openssl/idea.h +m_ecdsa.o: ../../e_os.h ../../include/openssl/asn1.h +m_ecdsa.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h +m_ecdsa.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h +m_ecdsa.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h +m_ecdsa.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h +m_ecdsa.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h +m_ecdsa.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h +m_ecdsa.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h +m_ecdsa.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h +m_ecdsa.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +m_ecdsa.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +m_ecdsa.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +m_ecdsa.o: ../cryptlib.h m_ecdsa.c +m_md2.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h +m_md2.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h +m_md2.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h +m_md2.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h +m_md2.o: ../../include/openssl/err.h ../../include/openssl/evp.h m_md2.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -m_md2.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -m_md2.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h -m_md2.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -m_md2.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -m_md2.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -m_md2.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -m_md2.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -m_md2.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -m_md2.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -m_md2.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -m_md2.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -m_md2.o: ../cryptlib.h evp_locl.h m_md2.c -m_md4.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h -m_md4.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -m_md4.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -m_md4.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h -m_md4.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -m_md4.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -m_md4.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -m_md4.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -m_md4.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -m_md4.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -m_md4.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h -m_md4.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -m_md4.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -m_md4.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -m_md4.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -m_md4.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -m_md4.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -m_md4.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -m_md4.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -m_md4.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -m_md4.o: ../cryptlib.h evp_locl.h m_md4.c -m_md5.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h -m_md5.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -m_md5.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -m_md5.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h -m_md5.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -m_md5.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -m_md5.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -m_md5.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -m_md5.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -m_md5.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -m_md5.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h -m_md5.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -m_md5.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -m_md5.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -m_md5.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -m_md5.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -m_md5.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -m_md5.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -m_md5.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -m_md5.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -m_md5.o: ../cryptlib.h evp_locl.h m_md5.c -m_mdc2.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h -m_mdc2.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -m_mdc2.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -m_mdc2.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h -m_mdc2.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -m_mdc2.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h +m_md2.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h +m_md2.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h +m_md2.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h +m_md2.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h +m_md2.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +m_md2.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h +m_md2.o: ../../include/openssl/x509_vfy.h ../cryptlib.h m_md2.c +m_md4.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h +m_md4.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h +m_md4.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h +m_md4.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h +m_md4.o: ../../include/openssl/err.h ../../include/openssl/evp.h +m_md4.o: ../../include/openssl/lhash.h ../../include/openssl/md4.h +m_md4.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h +m_md4.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h +m_md4.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h +m_md4.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h +m_md4.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +m_md4.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h +m_md4.o: ../../include/openssl/x509_vfy.h ../cryptlib.h m_md4.c +m_md5.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h +m_md5.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h +m_md5.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h +m_md5.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h +m_md5.o: ../../include/openssl/err.h ../../include/openssl/evp.h +m_md5.o: ../../include/openssl/lhash.h ../../include/openssl/md5.h +m_md5.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h +m_md5.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h +m_md5.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h +m_md5.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h +m_md5.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +m_md5.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h +m_md5.o: ../../include/openssl/x509_vfy.h ../cryptlib.h m_md5.c +m_mdc2.o: ../../e_os.h ../../include/openssl/bio.h +m_mdc2.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h m_mdc2.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -m_mdc2.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -m_mdc2.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -m_mdc2.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -m_mdc2.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h -m_mdc2.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h +m_mdc2.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h m_mdc2.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -m_mdc2.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -m_mdc2.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -m_mdc2.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -m_mdc2.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -m_mdc2.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -m_mdc2.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -m_mdc2.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -m_mdc2.o: ../cryptlib.h evp_locl.h m_mdc2.c -m_null.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h -m_null.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -m_null.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -m_null.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h -m_null.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -m_null.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -m_null.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -m_null.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -m_null.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -m_null.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -m_null.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h +m_mdc2.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +m_mdc2.o: ../../include/openssl/symhacks.h ../cryptlib.h m_mdc2.c +m_null.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h +m_null.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h +m_null.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h +m_null.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h +m_null.o: ../../include/openssl/err.h ../../include/openssl/evp.h +m_null.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h m_null.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h m_null.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -m_null.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -m_null.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -m_null.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -m_null.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -m_null.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -m_null.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -m_null.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -m_null.o: ../cryptlib.h m_null.c -m_ripemd.o: ../../e_os.h ../../include/openssl/aes.h -m_ripemd.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -m_ripemd.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -m_ripemd.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -m_ripemd.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -m_ripemd.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -m_ripemd.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -m_ripemd.o: ../../include/openssl/err.h ../../include/openssl/evp.h -m_ripemd.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -m_ripemd.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -m_ripemd.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h +m_null.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h +m_null.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +m_null.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h +m_null.o: ../../include/openssl/x509_vfy.h ../cryptlib.h m_null.c +m_ripemd.o: ../../e_os.h ../../include/openssl/asn1.h +m_ripemd.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h +m_ripemd.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h +m_ripemd.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h +m_ripemd.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h +m_ripemd.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h m_ripemd.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h m_ripemd.o: ../../include/openssl/opensslconf.h m_ripemd.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -m_ripemd.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -m_ripemd.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -m_ripemd.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -m_ripemd.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -m_ripemd.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -m_ripemd.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -m_ripemd.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -m_ripemd.o: ../cryptlib.h m_ripemd.c -m_sha.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h -m_sha.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -m_sha.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -m_sha.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h -m_sha.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -m_sha.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -m_sha.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -m_sha.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -m_sha.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -m_sha.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -m_sha.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h +m_ripemd.o: ../../include/openssl/pkcs7.h ../../include/openssl/ripemd.h +m_ripemd.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h +m_ripemd.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +m_ripemd.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h +m_ripemd.o: ../../include/openssl/x509_vfy.h ../cryptlib.h m_ripemd.c +m_sha.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h +m_sha.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h +m_sha.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h +m_sha.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h +m_sha.o: ../../include/openssl/err.h ../../include/openssl/evp.h +m_sha.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h m_sha.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h m_sha.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -m_sha.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -m_sha.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -m_sha.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h +m_sha.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h m_sha.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h m_sha.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -m_sha.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h m_sha.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -m_sha.o: ../cryptlib.h evp_locl.h m_sha.c -m_sha1.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h -m_sha1.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -m_sha1.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -m_sha1.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h -m_sha1.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -m_sha1.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -m_sha1.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -m_sha1.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -m_sha1.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -m_sha1.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -m_sha1.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h +m_sha.o: ../cryptlib.h m_sha.c +m_sha1.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h +m_sha1.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h +m_sha1.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h +m_sha1.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h +m_sha1.o: ../../include/openssl/err.h ../../include/openssl/evp.h +m_sha1.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h m_sha1.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h m_sha1.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -m_sha1.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -m_sha1.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -m_sha1.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h +m_sha1.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h m_sha1.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h m_sha1.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -m_sha1.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h m_sha1.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h m_sha1.o: ../cryptlib.h m_sha1.c -names.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h -names.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -names.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -names.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h -names.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -names.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -names.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -names.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -names.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -names.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -names.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h +names.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h +names.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h +names.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h +names.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h +names.o: ../../include/openssl/err.h ../../include/openssl/evp.h +names.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h names.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h names.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -names.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -names.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -names.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -names.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -names.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -names.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -names.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -names.o: ../cryptlib.h names.c -p5_crpt.o: ../../e_os.h ../../include/openssl/aes.h -p5_crpt.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -p5_crpt.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -p5_crpt.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -p5_crpt.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -p5_crpt.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -p5_crpt.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -p5_crpt.o: ../../include/openssl/err.h ../../include/openssl/evp.h -p5_crpt.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -p5_crpt.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -p5_crpt.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h +names.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h +names.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +names.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h +names.o: ../../include/openssl/x509_vfy.h ../cryptlib.h names.c +p5_crpt.o: ../../e_os.h ../../include/openssl/asn1.h +p5_crpt.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h +p5_crpt.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h +p5_crpt.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h +p5_crpt.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h +p5_crpt.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h p5_crpt.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h p5_crpt.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h p5_crpt.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h -p5_crpt.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -p5_crpt.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h -p5_crpt.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -p5_crpt.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -p5_crpt.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -p5_crpt.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h -p5_crpt.o: ../../include/openssl/x509_vfy.h ../cryptlib.h p5_crpt.c -p5_crpt2.o: ../../e_os.h ../../include/openssl/aes.h -p5_crpt2.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -p5_crpt2.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -p5_crpt2.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -p5_crpt2.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -p5_crpt2.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -p5_crpt2.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -p5_crpt2.o: ../../include/openssl/err.h ../../include/openssl/evp.h -p5_crpt2.o: ../../include/openssl/hmac.h ../../include/openssl/idea.h -p5_crpt2.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -p5_crpt2.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -p5_crpt2.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h +p5_crpt.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +p5_crpt.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +p5_crpt.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +p5_crpt.o: ../cryptlib.h p5_crpt.c +p5_crpt2.o: ../../e_os.h ../../include/openssl/asn1.h +p5_crpt2.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h +p5_crpt2.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h +p5_crpt2.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h +p5_crpt2.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h +p5_crpt2.o: ../../include/openssl/evp.h ../../include/openssl/hmac.h +p5_crpt2.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h p5_crpt2.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h p5_crpt2.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -p5_crpt2.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -p5_crpt2.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -p5_crpt2.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -p5_crpt2.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -p5_crpt2.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -p5_crpt2.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -p5_crpt2.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -p5_crpt2.o: ../cryptlib.h p5_crpt2.c -p_dec.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h -p_dec.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -p_dec.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -p_dec.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h -p_dec.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -p_dec.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -p_dec.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -p_dec.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -p_dec.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -p_dec.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -p_dec.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h +p5_crpt2.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h +p5_crpt2.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +p5_crpt2.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h +p5_crpt2.o: ../../include/openssl/x509_vfy.h ../cryptlib.h p5_crpt2.c +p_dec.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h +p_dec.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h +p_dec.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h +p_dec.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h +p_dec.o: ../../include/openssl/err.h ../../include/openssl/evp.h +p_dec.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h p_dec.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h p_dec.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h p_dec.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h -p_dec.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -p_dec.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h p_dec.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h p_dec.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -p_dec.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -p_dec.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h +p_dec.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h p_dec.o: ../../include/openssl/x509_vfy.h ../cryptlib.h p_dec.c -p_enc.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h -p_enc.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -p_enc.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -p_enc.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h -p_enc.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -p_enc.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -p_enc.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -p_enc.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -p_enc.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -p_enc.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -p_enc.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h +p_enc.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h +p_enc.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h +p_enc.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h +p_enc.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h +p_enc.o: ../../include/openssl/err.h ../../include/openssl/evp.h +p_enc.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h p_enc.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h p_enc.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h p_enc.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h -p_enc.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -p_enc.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h p_enc.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h p_enc.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -p_enc.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -p_enc.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h +p_enc.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h p_enc.o: ../../include/openssl/x509_vfy.h ../cryptlib.h p_enc.c -p_lib.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h +p_lib.o: ../../e_os.h ../../include/openssl/asn1.h p_lib.o: ../../include/openssl/asn1_mac.h ../../include/openssl/bio.h -p_lib.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -p_lib.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -p_lib.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -p_lib.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h +p_lib.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h +p_lib.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h p_lib.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -p_lib.o: ../../include/openssl/err.h ../../include/openssl/evp.h -p_lib.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -p_lib.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -p_lib.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h +p_lib.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h +p_lib.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h +p_lib.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h p_lib.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h p_lib.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h p_lib.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h -p_lib.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -p_lib.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h p_lib.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h p_lib.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -p_lib.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -p_lib.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h +p_lib.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h p_lib.o: ../../include/openssl/x509_vfy.h ../cryptlib.h p_lib.c -p_open.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h -p_open.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -p_open.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -p_open.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h -p_open.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -p_open.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -p_open.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -p_open.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -p_open.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -p_open.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -p_open.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h +p_open.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h +p_open.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h +p_open.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h +p_open.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h +p_open.o: ../../include/openssl/err.h ../../include/openssl/evp.h +p_open.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h p_open.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h p_open.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -p_open.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -p_open.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -p_open.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h +p_open.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h p_open.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h p_open.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -p_open.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h p_open.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h p_open.o: ../cryptlib.h p_open.c -p_seal.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h -p_seal.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -p_seal.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -p_seal.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h -p_seal.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -p_seal.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -p_seal.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -p_seal.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -p_seal.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -p_seal.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -p_seal.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h +p_seal.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h +p_seal.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h +p_seal.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h +p_seal.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h +p_seal.o: ../../include/openssl/err.h ../../include/openssl/evp.h +p_seal.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h p_seal.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h p_seal.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h p_seal.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h -p_seal.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -p_seal.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h p_seal.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h p_seal.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -p_seal.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -p_seal.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h +p_seal.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h p_seal.o: ../../include/openssl/x509_vfy.h ../cryptlib.h p_seal.c -p_sign.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h -p_sign.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -p_sign.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -p_sign.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h -p_sign.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -p_sign.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -p_sign.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -p_sign.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -p_sign.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -p_sign.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -p_sign.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h +p_sign.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h +p_sign.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h +p_sign.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h +p_sign.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h +p_sign.o: ../../include/openssl/err.h ../../include/openssl/evp.h +p_sign.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h p_sign.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h p_sign.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -p_sign.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -p_sign.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -p_sign.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -p_sign.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -p_sign.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -p_sign.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -p_sign.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -p_sign.o: ../cryptlib.h p_sign.c -p_verify.o: ../../e_os.h ../../include/openssl/aes.h -p_verify.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -p_verify.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -p_verify.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -p_verify.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -p_verify.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -p_verify.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -p_verify.o: ../../include/openssl/err.h ../../include/openssl/evp.h -p_verify.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -p_verify.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -p_verify.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h +p_sign.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h +p_sign.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +p_sign.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h +p_sign.o: ../../include/openssl/x509_vfy.h ../cryptlib.h p_sign.c +p_verify.o: ../../e_os.h ../../include/openssl/asn1.h +p_verify.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h +p_verify.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h +p_verify.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h +p_verify.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h +p_verify.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h p_verify.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h p_verify.o: ../../include/openssl/opensslconf.h p_verify.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -p_verify.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -p_verify.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -p_verify.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -p_verify.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -p_verify.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -p_verify.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -p_verify.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -p_verify.o: ../cryptlib.h p_verify.c +p_verify.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h +p_verify.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +p_verify.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h +p_verify.o: ../../include/openssl/x509_vfy.h ../cryptlib.h p_verify.c diff --git a/src/lib/libcrypto/evp/bio_ok.c b/src/lib/libcrypto/evp/bio_ok.c index 4e3f10141b..98bc1ab409 100644 --- a/src/lib/libcrypto/evp/bio_ok.c +++ b/src/lib/libcrypto/evp/bio_ok.c @@ -119,6 +119,7 @@ #include #include +#include #include "cryptlib.h" #include #include @@ -141,22 +142,12 @@ static void block_in(BIO* b); #define IOBS (OK_BLOCK_SIZE+ OK_BLOCK_BLOCK+ 3*EVP_MAX_MD_SIZE) #define WELLKNOWN "The quick brown fox jumped over the lazy dog's back." -#ifndef L_ENDIAN -#define swapem(x) \ - ((unsigned long int)((((unsigned long int)(x) & 0x000000ffU) << 24) | \ - (((unsigned long int)(x) & 0x0000ff00U) << 8) | \ - (((unsigned long int)(x) & 0x00ff0000U) >> 8) | \ - (((unsigned long int)(x) & 0xff000000U) >> 24))) -#else -#define swapem(x) (x) -#endif - typedef struct ok_struct { - int buf_len; - int buf_off; - int buf_len_save; - int buf_off_save; + size_t buf_len; + size_t buf_off; + size_t buf_len_save; + size_t buf_off_save; int cont; /* <= 0 when finished */ int finished; EVP_MD_CTX md; @@ -295,6 +286,8 @@ static int ok_write(BIO *b, const char *in, int inl) int ret=0,n,i; BIO_OK_CTX *ctx; + if (inl <= 0) return inl; + ctx=(BIO_OK_CTX *)b->ptr; ret=inl; @@ -330,7 +323,7 @@ static int ok_write(BIO *b, const char *in, int inl) if ((in == NULL) || (inl <= 0)) return(0); n= (inl+ ctx->buf_len > OK_BLOCK_SIZE+ OK_BLOCK_BLOCK) ? - OK_BLOCK_SIZE+ OK_BLOCK_BLOCK- ctx->buf_len : inl; + (int)(OK_BLOCK_SIZE+OK_BLOCK_BLOCK-ctx->buf_len) : inl; memcpy((unsigned char *)(&(ctx->buf[ctx->buf_len])),(unsigned char *)in,n); ctx->buf_len+= n; @@ -448,16 +441,18 @@ static long ok_callback_ctrl(BIO *b, int cmd, bio_info_cb *fp) return(ret); } -static void longswap(void *_ptr, int len) -{ -#ifndef L_ENDIAN - int i; - char *ptr=_ptr; +static void longswap(void *_ptr, size_t len) +{ const union { long one; char little; } is_endian = {1}; - for(i= 0;i < len;i+= 4){ - *((unsigned long *)&(ptr[i]))= swapem(*((unsigned long *)&(ptr[i]))); + if (is_endian.little) { + size_t i; + unsigned char *p=_ptr,c; + + for(i= 0;i < len;i+= 4) { + c=p[0],p[0]=p[3],p[3]=c; + c=p[1],p[1]=p[2],p[2]=c; + } } -#endif } static void sig_out(BIO* b) @@ -496,7 +491,7 @@ static void sig_in(BIO* b) ctx=b->ptr; md=&ctx->md; - if(ctx->buf_len- ctx->buf_off < 2* md->digest->md_size) return; + if((int)(ctx->buf_len-ctx->buf_off) < 2*md->digest->md_size) return; EVP_DigestInit_ex(md, md->digest, NULL); memcpy(md->md_data, &(ctx->buf[ctx->buf_off]), md->digest->md_size); @@ -533,9 +528,10 @@ static void block_out(BIO* b) md=&ctx->md; tl= ctx->buf_len- OK_BLOCK_BLOCK; - tl= swapem(tl); - memcpy(ctx->buf, &tl, OK_BLOCK_BLOCK); - tl= swapem(tl); + ctx->buf[0]=(unsigned char)(tl>>24); + ctx->buf[1]=(unsigned char)(tl>>16); + ctx->buf[2]=(unsigned char)(tl>>8); + ctx->buf[3]=(unsigned char)(tl); EVP_DigestUpdate(md, (unsigned char*) &(ctx->buf[OK_BLOCK_BLOCK]), tl); EVP_DigestFinal_ex(md, &(ctx->buf[ctx->buf_len]), NULL); ctx->buf_len+= md->digest->md_size; @@ -546,14 +542,18 @@ static void block_in(BIO* b) { BIO_OK_CTX *ctx; EVP_MD_CTX *md; - long tl= 0; + unsigned long tl= 0; unsigned char tmp[EVP_MAX_MD_SIZE]; ctx=b->ptr; md=&ctx->md; - memcpy(&tl, ctx->buf, OK_BLOCK_BLOCK); - tl= swapem(tl); + assert(sizeof(tl)>=OK_BLOCK_BLOCK); /* always true */ + tl =ctx->buf[0]; tl<<=8; + tl|=ctx->buf[1]; tl<<=8; + tl|=ctx->buf[2]; tl<<=8; + tl|=ctx->buf[3]; + if (ctx->buf_len < tl+ OK_BLOCK_BLOCK+ md->digest->md_size) return; EVP_DigestUpdate(md, (unsigned char*) &(ctx->buf[OK_BLOCK_BLOCK]), tl); diff --git a/src/lib/libcrypto/evp/c_allc.c b/src/lib/libcrypto/evp/c_allc.c index fc96812365..7054d8125d 100644 --- a/src/lib/libcrypto/evp/c_allc.c +++ b/src/lib/libcrypto/evp/c_allc.c @@ -107,6 +107,15 @@ void OpenSSL_add_all_ciphers(void) EVP_add_cipher_alias(SN_idea_cbc,"idea"); #endif +#ifndef OPENSSL_NO_SEED + EVP_add_cipher(EVP_seed_ecb()); + EVP_add_cipher(EVP_seed_cfb()); + EVP_add_cipher(EVP_seed_ofb()); + EVP_add_cipher(EVP_seed_cbc()); + EVP_add_cipher_alias(SN_seed_cbc,"SEED"); + EVP_add_cipher_alias(SN_seed_cbc,"seed"); +#endif + #ifndef OPENSSL_NO_RC2 EVP_add_cipher(EVP_rc2_ecb()); EVP_add_cipher(EVP_rc2_cfb()); @@ -183,6 +192,34 @@ void OpenSSL_add_all_ciphers(void) EVP_add_cipher_alias(SN_aes_256_cbc,"AES256"); EVP_add_cipher_alias(SN_aes_256_cbc,"aes256"); #endif + +#ifndef OPENSSL_NO_CAMELLIA + EVP_add_cipher(EVP_camellia_128_ecb()); + EVP_add_cipher(EVP_camellia_128_cbc()); + EVP_add_cipher(EVP_camellia_128_cfb()); + EVP_add_cipher(EVP_camellia_128_cfb1()); + EVP_add_cipher(EVP_camellia_128_cfb8()); + EVP_add_cipher(EVP_camellia_128_ofb()); + EVP_add_cipher_alias(SN_camellia_128_cbc,"CAMELLIA128"); + EVP_add_cipher_alias(SN_camellia_128_cbc,"camellia128"); + EVP_add_cipher(EVP_camellia_192_ecb()); + EVP_add_cipher(EVP_camellia_192_cbc()); + EVP_add_cipher(EVP_camellia_192_cfb()); + EVP_add_cipher(EVP_camellia_192_cfb1()); + EVP_add_cipher(EVP_camellia_192_cfb8()); + EVP_add_cipher(EVP_camellia_192_ofb()); + EVP_add_cipher_alias(SN_camellia_192_cbc,"CAMELLIA192"); + EVP_add_cipher_alias(SN_camellia_192_cbc,"camellia192"); + EVP_add_cipher(EVP_camellia_256_ecb()); + EVP_add_cipher(EVP_camellia_256_cbc()); + EVP_add_cipher(EVP_camellia_256_cfb()); + EVP_add_cipher(EVP_camellia_256_cfb1()); + EVP_add_cipher(EVP_camellia_256_cfb8()); + EVP_add_cipher(EVP_camellia_256_ofb()); + EVP_add_cipher_alias(SN_camellia_256_cbc,"CAMELLIA256"); + EVP_add_cipher_alias(SN_camellia_256_cbc,"camellia256"); +#endif + PKCS12_PBE_add(); PKCS5_PBE_add(); } diff --git a/src/lib/libcrypto/evp/c_alld.c b/src/lib/libcrypto/evp/c_alld.c index 929ea56a3e..d270b0ee03 100644 --- a/src/lib/libcrypto/evp/c_alld.c +++ b/src/lib/libcrypto/evp/c_alld.c @@ -91,6 +91,9 @@ void OpenSSL_add_all_digests(void) EVP_add_digest_alias(SN_dsaWithSHA1,"DSS1"); EVP_add_digest_alias(SN_dsaWithSHA1,"dss1"); #endif +#ifndef OPENSSL_NO_ECDSA + EVP_add_digest(EVP_ecdsa()); +#endif #endif #if !defined(OPENSSL_NO_MDC2) && !defined(OPENSSL_NO_DES) EVP_add_digest(EVP_mdc2()); @@ -100,7 +103,6 @@ void OpenSSL_add_all_digests(void) EVP_add_digest_alias(SN_ripemd160,"ripemd"); EVP_add_digest_alias(SN_ripemd160,"rmd160"); #endif -#ifdef OPENSSL_FIPS #ifndef OPENSSL_NO_SHA256 EVP_add_digest(EVP_sha224()); EVP_add_digest(EVP_sha256()); @@ -108,6 +110,5 @@ void OpenSSL_add_all_digests(void) #ifndef OPENSSL_NO_SHA512 EVP_add_digest(EVP_sha384()); EVP_add_digest(EVP_sha512()); -#endif #endif } diff --git a/src/lib/libcrypto/evp/e_rc5.c b/src/lib/libcrypto/evp/e_rc5.c index 3c7713b181..19a10c6402 100644 --- a/src/lib/libcrypto/evp/e_rc5.c +++ b/src/lib/libcrypto/evp/e_rc5.c @@ -56,10 +56,11 @@ * [including the GNU Public Licence.] */ -#ifndef OPENSSL_NO_RC5 - #include #include "cryptlib.h" + +#ifndef OPENSSL_NO_RC5 + #include #include #include "evp_locl.h" diff --git a/src/lib/libcrypto/evp/evp_test.c b/src/lib/libcrypto/evp/evp_test.c index a624cfd248..bb6f02c2e9 100644 --- a/src/lib/libcrypto/evp/evp_test.c +++ b/src/lib/libcrypto/evp/evp_test.c @@ -52,6 +52,7 @@ #include "../e_os.h" +#include #include #ifndef OPENSSL_NO_ENGINE #include @@ -136,7 +137,7 @@ static void test1(const EVP_CIPHER *c,const unsigned char *key,int kn, const unsigned char *iv,int in, const unsigned char *plaintext,int pn, const unsigned char *ciphertext,int cn, - int encdec,int multiplier) + int encdec) { EVP_CIPHER_CTX ctx; unsigned char out[4096]; @@ -167,7 +168,7 @@ static void test1(const EVP_CIPHER *c,const unsigned char *key,int kn, } EVP_CIPHER_CTX_set_padding(&ctx,0); - if(!EVP_EncryptUpdate(&ctx,out,&outl,plaintext,pn*multiplier)) + if(!EVP_EncryptUpdate(&ctx,out,&outl,plaintext,pn)) { fprintf(stderr,"Encrypt failed\n"); ERR_print_errors_fp(stderr); @@ -180,7 +181,7 @@ static void test1(const EVP_CIPHER *c,const unsigned char *key,int kn, test1_exit(7); } - if(outl+outl2 != cn*multiplier) + if(outl+outl2 != cn) { fprintf(stderr,"Ciphertext length mismatch got %d expected %d\n", outl+outl2,cn); @@ -206,7 +207,7 @@ static void test1(const EVP_CIPHER *c,const unsigned char *key,int kn, } EVP_CIPHER_CTX_set_padding(&ctx,0); - if(!EVP_DecryptUpdate(&ctx,out,&outl,ciphertext,cn*multiplier)) + if(!EVP_DecryptUpdate(&ctx,out,&outl,ciphertext,cn)) { fprintf(stderr,"Decrypt failed\n"); ERR_print_errors_fp(stderr); @@ -219,7 +220,7 @@ static void test1(const EVP_CIPHER *c,const unsigned char *key,int kn, test1_exit(7); } - if(outl+outl2 != cn*multiplier) + if(outl+outl2 != cn) { fprintf(stderr,"Plaintext length mismatch got %d expected %d\n", outl+outl2,cn); @@ -244,7 +245,7 @@ static int test_cipher(const char *cipher,const unsigned char *key,int kn, const unsigned char *iv,int in, const unsigned char *plaintext,int pn, const unsigned char *ciphertext,int cn, - int encdec,int multiplier) + int encdec) { const EVP_CIPHER *c; @@ -252,7 +253,7 @@ static int test_cipher(const char *cipher,const unsigned char *key,int kn, if(!c) return 0; - test1(c,key,kn,iv,in,plaintext,pn,ciphertext,cn,encdec,multiplier); + test1(c,key,kn,iv,in,plaintext,pn,ciphertext,cn,encdec); return 1; } @@ -368,7 +369,6 @@ int main(int argc,char **argv) unsigned char *iv,*key,*plaintext,*ciphertext; int encdec; int kn,in,pn,cn; - int multiplier=1; if(!fgets((char *)line,sizeof line,f)) break; @@ -393,17 +393,44 @@ int main(int argc,char **argv) pn=convert(plaintext); cn=convert(ciphertext); - if(strchr(cipher,'*')) - { - p=cipher; - sstrsep(&p,"*"); - multiplier=atoi(sstrsep(&p,"*")); - } - - if(!test_cipher(cipher,key,kn,iv,in,plaintext,pn,ciphertext,cn,encdec, - multiplier) + if(!test_cipher(cipher,key,kn,iv,in,plaintext,pn,ciphertext,cn,encdec) && !test_digest(cipher,plaintext,pn,ciphertext,cn)) { +#ifdef OPENSSL_NO_AES + if (strstr(cipher, "AES") == cipher) + { + fprintf(stdout, "Cipher disabled, skipping %s\n", cipher); + continue; + } +#endif +#ifdef OPENSSL_NO_DES + if (strstr(cipher, "DES") == cipher) + { + fprintf(stdout, "Cipher disabled, skipping %s\n", cipher); + continue; + } +#endif +#ifdef OPENSSL_NO_RC4 + if (strstr(cipher, "RC4") == cipher) + { + fprintf(stdout, "Cipher disabled, skipping %s\n", cipher); + continue; + } +#endif +#ifdef OPENSSL_NO_CAMELLIA + if (strstr(cipher, "CAMELLIA") == cipher) + { + fprintf(stdout, "Cipher disabled, skipping %s\n", cipher); + continue; + } +#endif +#ifdef OPENSSL_NO_SEED + if (strstr(cipher, "SEED") == cipher) + { + fprintf(stdout, "Cipher disabled, skipping %s\n", cipher); + continue; + } +#endif fprintf(stderr,"Can't find %s\n",cipher); EXIT(3); } diff --git a/src/lib/libcrypto/evp/evptests.txt b/src/lib/libcrypto/evp/evptests.txt index dfe91a5bc0..beb12144b6 100644 --- a/src/lib/libcrypto/evp/evptests.txt +++ b/src/lib/libcrypto/evp/evptests.txt @@ -92,102 +92,7 @@ AES-256-CBC:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:000 AES-256-CBC:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:F58C4C04D6E5F1BA779EABFB5F7BFBD6:AE2D8A571E03AC9C9EB76FAC45AF8E51:9CFC4E967EDB808D679F777BC6702C7D AES-256-CBC:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:9CFC4E967EDB808D679F777BC6702C7D:30C81C46A35CE411E5FBC1191A0A52EF:39F23369A9D9BACFA530E26304231461 AES-256-CBC:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:39F23369A9D9BACFA530E26304231461:F69F2445DF4F9B17AD2B417BE66C3710:B2EB05E2C39BE9FCDA6C19078C6A9D1B - -# CFB1-AES128.Encrypt - -AES-128-CFB1:2b7e151628aed2a6abf7158809cf4f3c:000102030405060708090a0b0c0d0e0f:00:00:1 -AES-128-CFB1:2b7e151628aed2a6abf7158809cf4f3c:00020406080a0c0e10121416181a1c1e:80:80:1 -AES-128-CFB1:2b7e151628aed2a6abf7158809cf4f3c:0004080c1014181c2024282c3034383d:80:80:1 -AES-128-CFB1:2b7e151628aed2a6abf7158809cf4f3c:0008101820283038404850586068707b:00:00:1 -AES-128-CFB1:2b7e151628aed2a6abf7158809cf4f3c:00102030405060708090a0b0c0d0e0f6:80:80:1 -AES-128-CFB1:2b7e151628aed2a6abf7158809cf4f3c:0020406080a0c0e10121416181a1c1ed:00:00:1 -AES-128-CFB1:2b7e151628aed2a6abf7158809cf4f3c:004080c1014181c2024282c3034383da:80:00:1 -AES-128-CFB1:2b7e151628aed2a6abf7158809cf4f3c:008101820283038404850586068707b4:80:00:1 -AES-128-CFB1:2b7e151628aed2a6abf7158809cf4f3c:0102030405060708090a0b0c0d0e0f68:80:80:1 -AES-128-CFB1:2b7e151628aed2a6abf7158809cf4f3c:020406080a0c0e10121416181a1c1ed1:80:00:1 -AES-128-CFB1:2b7e151628aed2a6abf7158809cf4f3c:04080c1014181c2024282c3034383da2:00:80:1 -AES-128-CFB1:2b7e151628aed2a6abf7158809cf4f3c:08101820283038404850586068707b45:00:80:1 -AES-128-CFB1:2b7e151628aed2a6abf7158809cf4f3c:102030405060708090a0b0c0d0e0f68b:00:00:1 -AES-128-CFB1:2b7e151628aed2a6abf7158809cf4f3c:20406080a0c0e10121416181a1c1ed16:00:00:1 -AES-128-CFB1:2b7e151628aed2a6abf7158809cf4f3c:4080c1014181c2024282c3034383da2c:00:80:1 -AES-128-CFB1:2b7e151628aed2a6abf7158809cf4f3c:8101820283038404850586068707b459:80:80:1 -# all of the above packed into one... -# in: 0110 1011 1100 0001 = 6bc1 -# out: 0110 1000 1011 0011 = 68b3 -AES-128-CFB1*8:2b7e151628aed2a6abf7158809cf4f3c:000102030405060708090a0b0c0d0e0f:6bc1:68b3:1 - -# CFB1-AES128.Decrypt -AES-128-CFB1:2b7e151628aed2a6abf7158809cf4f3c:000102030405060708090a0b0c0d0e0f:00:00:0 -AES-128-CFB1:2b7e151628aed2a6abf7158809cf4f3c:00020406080a0c0e10121416181a1c1e:80:80:0 -AES-128-CFB1:2b7e151628aed2a6abf7158809cf4f3c:0004080c1014181c2024282c3034383d:80:80:0 -AES-128-CFB1:2b7e151628aed2a6abf7158809cf4f3c:0008101820283038404850586068707b:00:00:0 -AES-128-CFB1:2b7e151628aed2a6abf7158809cf4f3c:00102030405060708090a0b0c0d0e0f6:80:80:0 -AES-128-CFB1:2b7e151628aed2a6abf7158809cf4f3c:0020406080a0c0e10121416181a1c1ed:00:00:0 -AES-128-CFB1:2b7e151628aed2a6abf7158809cf4f3c:004080c1014181c2024282c3034383da:80:00:0 -AES-128-CFB1:2b7e151628aed2a6abf7158809cf4f3c:008101820283038404850586068707b4:80:00:0 -AES-128-CFB1:2b7e151628aed2a6abf7158809cf4f3c:0102030405060708090a0b0c0d0e0f68:80:80:0 -AES-128-CFB1:2b7e151628aed2a6abf7158809cf4f3c:020406080a0c0e10121416181a1c1ed1:80:00:0 -AES-128-CFB1:2b7e151628aed2a6abf7158809cf4f3c:04080c1014181c2024282c3034383da2:00:80:0 -AES-128-CFB1:2b7e151628aed2a6abf7158809cf4f3c:08101820283038404850586068707b45:00:80:0 -AES-128-CFB1:2b7e151628aed2a6abf7158809cf4f3c:102030405060708090a0b0c0d0e0f68b:00:00:0 -AES-128-CFB1:2b7e151628aed2a6abf7158809cf4f3c:20406080a0c0e10121416181a1c1ed16:00:00:0 -AES-128-CFB1:2b7e151628aed2a6abf7158809cf4f3c:4080c1014181c2024282c3034383da2c:00:80:0 -AES-128-CFB1:2b7e151628aed2a6abf7158809cf4f3c:8101820283038404850586068707b459:80:80:0 -# all of the above packed into one... -# in: 0110 1000 1011 0011 = 68b3 -# out: 0110 1011 1100 0001 = 6bc1 -AES-128-CFB1*8:2b7e151628aed2a6abf7158809cf4f3c:000102030405060708090a0b0c0d0e0f:6bc1:68b3:0 - -# TODO: CFB1-AES192 and 256 - -# CFB8-AES128.Encrypt - -AES-128-CFB8:2b7e151628aed2a6abf7158809cf4f3c:000102030405060708090a0b0c0d0e0f:6b:3b:1 -AES-128-CFB8:2b7e151628aed2a6abf7158809cf4f3c:0102030405060708090a0b0c0d0e0f3b:c1:79:1 -AES-128-CFB8:2b7e151628aed2a6abf7158809cf4f3c:02030405060708090a0b0c0d0e0f3b79:be:42:1 -AES-128-CFB8:2b7e151628aed2a6abf7158809cf4f3c:030405060708090a0b0c0d0e0f3b7942:e2:4c:1 -AES-128-CFB8:2b7e151628aed2a6abf7158809cf4f3c:0405060708090a0b0c0d0e0f3b79424c:2e:9c:1 -AES-128-CFB8:2b7e151628aed2a6abf7158809cf4f3c:05060708090a0b0c0d0e0f3b79424c9c:40:0d:1 -AES-128-CFB8:2b7e151628aed2a6abf7158809cf4f3c:060708090a0b0c0d0e0f3b79424c9c0d:9f:d4:1 -AES-128-CFB8:2b7e151628aed2a6abf7158809cf4f3c:0708090a0b0c0d0e0f3b79424c9c0dd4:96:36:1 -AES-128-CFB8:2b7e151628aed2a6abf7158809cf4f3c:08090a0b0c0d0e0f3b79424c9c0dd436:e9:ba:1 -AES-128-CFB8:2b7e151628aed2a6abf7158809cf4f3c:090a0b0c0d0e0f3b79424c9c0dd436ba:3d:ce:1 -AES-128-CFB8:2b7e151628aed2a6abf7158809cf4f3c:0a0b0c0d0e0f3b79424c9c0dd436bace:7e:9e:1 -AES-128-CFB8:2b7e151628aed2a6abf7158809cf4f3c:0b0c0d0e0f3b79424c9c0dd436bace9e:11:0e:1 -AES-128-CFB8:2b7e151628aed2a6abf7158809cf4f3c:0c0d0e0f3b79424c9c0dd436bace9e0e:73:d4:1 -AES-128-CFB8:2b7e151628aed2a6abf7158809cf4f3c:0d0e0f3b79424c9c0dd436bace9e0ed4:93:58:1 -AES-128-CFB8:2b7e151628aed2a6abf7158809cf4f3c:0e0f3b79424c9c0dd436bace9e0ed458:17:6a:1 -AES-128-CFB8:2b7e151628aed2a6abf7158809cf4f3c:0f3b79424c9c0dd436bace9e0ed4586a:2a:4f:1 -AES-128-CFB8:2b7e151628aed2a6abf7158809cf4f3c:3b79424c9c0dd436bace9e0ed4586a4f:ae:32:1 -AES-128-CFB8:2b7e151628aed2a6abf7158809cf4f3c:79424c9c0dd436bace9e0ed4586a4f32:2d:b9:1 -# all of the above packed into one -AES-128-CFB8:2b7e151628aed2a6abf7158809cf4f3c:000102030405060708090a0b0c0d0e0f:6bc1bee22e409f96e93d7e117393172aae2d:3b79424c9c0dd436bace9e0ed4586a4f32b9:1 - -# CFB8-AES128.Decrypt - -AES-128-CFB8:2b7e151628aed2a6abf7158809cf4f3c:000102030405060708090a0b0c0d0e0f:6b:3b:0 -AES-128-CFB8:2b7e151628aed2a6abf7158809cf4f3c:0102030405060708090a0b0c0d0e0f3b:c1:79:0 -AES-128-CFB8:2b7e151628aed2a6abf7158809cf4f3c:02030405060708090a0b0c0d0e0f3b79:be:42:0 -AES-128-CFB8:2b7e151628aed2a6abf7158809cf4f3c:030405060708090a0b0c0d0e0f3b7942:e2:4c:0 -AES-128-CFB8:2b7e151628aed2a6abf7158809cf4f3c:0405060708090a0b0c0d0e0f3b79424c:2e:9c:0 -AES-128-CFB8:2b7e151628aed2a6abf7158809cf4f3c:05060708090a0b0c0d0e0f3b79424c9c:40:0d:0 -AES-128-CFB8:2b7e151628aed2a6abf7158809cf4f3c:060708090a0b0c0d0e0f3b79424c9c0d:9f:d4:0 -AES-128-CFB8:2b7e151628aed2a6abf7158809cf4f3c:0708090a0b0c0d0e0f3b79424c9c0dd4:96:36:0 -AES-128-CFB8:2b7e151628aed2a6abf7158809cf4f3c:08090a0b0c0d0e0f3b79424c9c0dd436:e9:ba:0 -AES-128-CFB8:2b7e151628aed2a6abf7158809cf4f3c:090a0b0c0d0e0f3b79424c9c0dd436ba:3d:ce:0 -AES-128-CFB8:2b7e151628aed2a6abf7158809cf4f3c:0a0b0c0d0e0f3b79424c9c0dd436bace:7e:9e:0 -AES-128-CFB8:2b7e151628aed2a6abf7158809cf4f3c:0b0c0d0e0f3b79424c9c0dd436bace9e:11:0e:0 -AES-128-CFB8:2b7e151628aed2a6abf7158809cf4f3c:0c0d0e0f3b79424c9c0dd436bace9e0e:73:d4:0 -AES-128-CFB8:2b7e151628aed2a6abf7158809cf4f3c:0d0e0f3b79424c9c0dd436bace9e0ed4:93:58:0 -AES-128-CFB8:2b7e151628aed2a6abf7158809cf4f3c:0e0f3b79424c9c0dd436bace9e0ed458:17:6a:0 -AES-128-CFB8:2b7e151628aed2a6abf7158809cf4f3c:0f3b79424c9c0dd436bace9e0ed4586a:2a:4f:0 -AES-128-CFB8:2b7e151628aed2a6abf7158809cf4f3c:3b79424c9c0dd436bace9e0ed4586a4f:ae:32:0 -AES-128-CFB8:2b7e151628aed2a6abf7158809cf4f3c:79424c9c0dd436bace9e0ed4586a4f32:2d:b9:0 -# all of the above packed into one -AES-128-CFB8:2b7e151628aed2a6abf7158809cf4f3c:000102030405060708090a0b0c0d0e0f:6bc1bee22e409f96e93d7e117393172aae2d:3b79424c9c0dd436bace9e0ed4586a4f32b9:0 - -# TODO: 192 and 256 bit keys - +# We don't support CFB{1,8}-AESxxx.{En,De}crypt # For all CFB128 encrypts and decrypts, the transformed sequence is # AES-bits-CFB:key:IV/ciphertext':plaintext:ciphertext:encdec # CFB128-AES128.Encrypt @@ -269,16 +174,6 @@ DESX-CBC:0123456789abcdeff1e0d3c2b5a49786fedcba9876543210:fedcba9876543210:37363 # DES EDE3 CBC tests (from destest) DES-EDE3-CBC:0123456789abcdeff1e0d3c2b5a49786fedcba9876543210:fedcba9876543210:37363534333231204E6F77206973207468652074696D6520666F722000000000:3FE301C962AC01D02213763C1CBD4CDC799657C064ECF5D41C673812CFDE9675 -# DES CFB1 from FIPS 81 -# plaintext: 0100 1110 0110 1111 0111 0111 = 4e6f77 -# ciphertext: 1100 1101 0001 1110 1100 1001 = cd1ec9 - -DES-CFB1*8:0123456789abcdef:1234567890abcdef:4e6f77:cd1ec9 - -# DES CFB8 from FIPS 81 - -DES-CFB8:0123456789abcdef:1234567890abcdef:4e6f7720697320746865:f31fda07011462ee187f - # RC4 tests (from rc4test) RC4:0123456789abcdef0123456789abcdef::0123456789abcdef:75b7878099e0c596 RC4:0123456789abcdef0123456789abcdef::0000000000000000:7494c2e7104b0879 @@ -286,3 +181,141 @@ RC4:00000000000000000000000000000000::0000000000000000:de188941a3375d3a RC4:ef012345ef012345ef012345ef012345::0000000000000000000000000000000000000000:d6a141a7ec3c38dfbd615a1162e1c7ba36b67858 RC4:0123456789abcdef0123456789abcdef::123456789ABCDEF0123456789ABCDEF0123456789ABCDEF012345678:66a0949f8af7d6891f7f832ba833c00c892ebe30143ce28740011ecf RC4:ef012345ef012345ef012345ef012345::00000000000000000000:d6a141a7ec3c38dfbd61 + + +# Camellia tests from RFC3713 +# For all ECB encrypts and decrypts, the transformed sequence is +# CAMELLIA-bits-ECB:key::plaintext:ciphertext:encdec +CAMELLIA-128-ECB:0123456789abcdeffedcba9876543210::0123456789abcdeffedcba9876543210:67673138549669730857065648eabe43 +CAMELLIA-192-ECB:0123456789abcdeffedcba98765432100011223344556677::0123456789abcdeffedcba9876543210:b4993401b3e996f84ee5cee7d79b09b9 +CAMELLIA-256-ECB:0123456789abcdeffedcba987654321000112233445566778899aabbccddeeff::0123456789abcdeffedcba9876543210:9acc237dff16d76c20ef7c919e3a7509 + +# ECB-CAMELLIA128.Encrypt +CAMELLIA-128-ECB:000102030405060708090A0B0C0D0E0F::00112233445566778899AABBCCDDEEFF:77CF412067AF8270613529149919546F:1 +CAMELLIA-192-ECB:000102030405060708090A0B0C0D0E0F1011121314151617::00112233445566778899AABBCCDDEEFF:B22F3C36B72D31329EEE8ADDC2906C68:1 +CAMELLIA-256-ECB:000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F::00112233445566778899AABBCCDDEEFF:2EDF1F3418D53B88841FC8985FB1ECF2:1 + +# ECB-CAMELLIA128.Encrypt and ECB-CAMELLIA128.Decrypt +CAMELLIA-128-ECB:2B7E151628AED2A6ABF7158809CF4F3C::6BC1BEE22E409F96E93D7E117393172A:432FC5DCD628115B7C388D770B270C96 +CAMELLIA-128-ECB:2B7E151628AED2A6ABF7158809CF4F3C::AE2D8A571E03AC9C9EB76FAC45AF8E51:0BE1F14023782A22E8384C5ABB7FAB2B +CAMELLIA-128-ECB:2B7E151628AED2A6ABF7158809CF4F3C::30C81C46A35CE411E5FBC1191A0A52EF:A0A1ABCD1893AB6FE0FE5B65DF5F8636 +CAMELLIA-128-ECB:2B7E151628AED2A6ABF7158809CF4F3C::F69F2445DF4F9B17AD2B417BE66C3710:E61925E0D5DFAA9BB29F815B3076E51A + +# ECB-CAMELLIA192.Encrypt and ECB-CAMELLIA192.Decrypt +CAMELLIA-192-ECB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B::6BC1BEE22E409F96E93D7E117393172A:CCCC6C4E138B45848514D48D0D3439D3 +CAMELLIA-192-ECB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B::AE2D8A571E03AC9C9EB76FAC45AF8E51:5713C62C14B2EC0F8393B6AFD6F5785A +CAMELLIA-192-ECB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B::30C81C46A35CE411E5FBC1191A0A52EF:B40ED2B60EB54D09D030CF511FEEF366 +CAMELLIA-192-ECB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B::F69F2445DF4F9B17AD2B417BE66C3710:909DBD95799096748CB27357E73E1D26 + +# ECB-CAMELLIA256.Encrypt and ECB-CAMELLIA256.Decrypt +CAMELLIA-256-ECB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4::6BC1BEE22E409F96E93D7E117393172A:BEFD219B112FA00098919CD101C9CCFA +CAMELLIA-256-ECB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4::AE2D8A571E03AC9C9EB76FAC45AF8E51:C91D3A8F1AEA08A9386CF4B66C0169EA +CAMELLIA-256-ECB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4::30C81C46A35CE411E5FBC1191A0A52EF:A623D711DC5F25A51BB8A80D56397D28 +CAMELLIA-256-ECB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4::F69F2445DF4F9B17AD2B417BE66C3710:7960109FB6DC42947FCFE59EA3C5EB6B + +# For all CBC encrypts and decrypts, the transformed sequence is +# CAMELLIA-bits-CBC:key:IV/ciphertext':plaintext:ciphertext:encdec +# CBC-CAMELLIA128.Encrypt and CBC-CAMELLIA128.Decrypt +CAMELLIA-128-CBC:2B7E151628AED2A6ABF7158809CF4F3C:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:1607CF494B36BBF00DAEB0B503C831AB +CAMELLIA-128-CBC:2B7E151628AED2A6ABF7158809CF4F3C:1607CF494B36BBF00DAEB0B503C831AB:AE2D8A571E03AC9C9EB76FAC45AF8E51:A2F2CF671629EF7840C5A5DFB5074887 +CAMELLIA-128-CBC:2B7E151628AED2A6ABF7158809CF4F3C:A2F2CF671629EF7840C5A5DFB5074887:30C81C46A35CE411E5FBC1191A0A52EF:0F06165008CF8B8B5A63586362543E54 +CAMELLIA-128-CBC:2B7E151628AED2A6ABF7158809CF4F3C:36A84CDAFD5F9A85ADA0F0A993D6D577:F69F2445DF4F9B17AD2B417BE66C3710:74C64268CDB8B8FAF5B34E8AF3732980 + +# CBC-CAMELLIA192.Encrypt and CBC-CAMELLIA192.Decrypt +CAMELLIA-192-CBC:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:2A4830AB5AC4A1A2405955FD2195CF93 +CAMELLIA-192-CBC:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:2A4830AB5AC4A1A2405955FD2195CF93:AE2D8A571E03AC9C9EB76FAC45AF8E51:5D5A869BD14CE54264F892A6DD2EC3D5 +CAMELLIA-192-CBC:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:5D5A869BD14CE54264F892A6DD2EC3D5:30C81C46A35CE411E5FBC1191A0A52EF:37D359C3349836D884E310ADDF68C449 +CAMELLIA-192-CBC:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:37D359C3349836D884E310ADDF68C449:F69F2445DF4F9B17AD2B417BE66C3710:01FAAA930B4AB9916E9668E1428C6B08 + +# CBC-CAMELLIA256.Encrypt and CBC-CAMELLIA256.Decrypt +CAMELLIA-256-CBC:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:E6CFA35FC02B134A4D2C0B6737AC3EDA +CAMELLIA-256-CBC:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:E6CFA35FC02B134A4D2C0B6737AC3EDA:AE2D8A571E03AC9C9EB76FAC45AF8E51:36CBEB73BD504B4070B1B7DE2B21EB50 +CAMELLIA-256-CBC:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:36CBEB73BD504B4070B1B7DE2B21EB50:30C81C46A35CE411E5FBC1191A0A52EF:E31A6055297D96CA3330CDF1B1860A83 +CAMELLIA-256-CBC:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:E31A6055297D96CA3330CDF1B1860A83:F69F2445DF4F9B17AD2B417BE66C3710:5D563F6D1CCCF236051C0C5C1C58F28F + +# We don't support CFB{1,8}-CAMELLIAxxx.{En,De}crypt +# For all CFB128 encrypts and decrypts, the transformed sequence is +# CAMELLIA-bits-CFB:key:IV/ciphertext':plaintext:ciphertext:encdec +# CFB128-CAMELLIA128.Encrypt +CAMELLIA-128-CFB:2B7E151628AED2A6ABF7158809CF4F3C:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:14F7646187817EB586599146B82BD719:1 +CAMELLIA-128-CFB:2B7E151628AED2A6ABF7158809CF4F3C:14F7646187817EB586599146B82BD719:AE2D8A571E03AC9C9EB76FAC45AF8E51:A53D28BB82DF741103EA4F921A44880B:1 +CAMELLIA-128-CFB:2B7E151628AED2A6ABF7158809CF4F3C:A53D28BB82DF741103EA4F921A44880B:30C81C46A35CE411E5FBC1191A0A52EF:9C2157A664626D1DEF9EA420FDE69B96:1 +CAMELLIA-128-CFB:2B7E151628AED2A6ABF7158809CF4F3C:9C2157A664626D1DEF9EA420FDE69B96:F69F2445DF4F9B17AD2B417BE66C3710:742A25F0542340C7BAEF24CA8482BB09:1 + +# CFB128-CAMELLIA128.Decrypt +CAMELLIA-128-CFB:2B7E151628AED2A6ABF7158809CF4F3C:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:14F7646187817EB586599146B82BD719:0 +CAMELLIA-128-CFB:2B7E151628AED2A6ABF7158809CF4F3C:14F7646187817EB586599146B82BD719:AE2D8A571E03AC9C9EB76FAC45AF8E51:A53D28BB82DF741103EA4F921A44880B:0 +CAMELLIA-128-CFB:2B7E151628AED2A6ABF7158809CF4F3C:A53D28BB82DF741103EA4F921A44880B:30C81C46A35CE411E5FBC1191A0A52EF:9C2157A664626D1DEF9EA420FDE69B96:0 +CAMELLIA-128-CFB:2B7E151628AED2A6ABF7158809CF4F3C:9C2157A664626D1DEF9EA420FDE69B96:F69F2445DF4F9B17AD2B417BE66C3710:742A25F0542340C7BAEF24CA8482BB09:0 + +# CFB128-CAMELLIA192.Encrypt +CAMELLIA-192-CFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:C832BB9780677DAA82D9B6860DCD565E:1 +CAMELLIA-192-CFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:C832BB9780677DAA82D9B6860DCD565E:AE2D8A571E03AC9C9EB76FAC45AF8E51:86F8491627906D780C7A6D46EA331F98:1 +CAMELLIA-192-CFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:86F8491627906D780C7A6D46EA331F98:30C81C46A35CE411E5FBC1191A0A52EF:69511CCE594CF710CB98BB63D7221F01:1 +CAMELLIA-192-CFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:69511CCE594CF710CB98BB63D7221F01:F69F2445DF4F9B17AD2B417BE66C3710:D5B5378A3ABED55803F25565D8907B84:1 + +# CFB128-CAMELLIA192.Decrypt +CAMELLIA-192-CFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:C832BB9780677DAA82D9B6860DCD565E:0 +CAMELLIA-192-CFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:C832BB9780677DAA82D9B6860DCD565E:AE2D8A571E03AC9C9EB76FAC45AF8E51:86F8491627906D780C7A6D46EA331F98:0 +CAMELLIA-192-CFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:86F8491627906D780C7A6D46EA331F98:30C81C46A35CE411E5FBC1191A0A52EF:69511CCE594CF710CB98BB63D7221F01:0 +CAMELLIA-192-CFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:69511CCE594CF710CB98BB63D7221F01:F69F2445DF4F9B17AD2B417BE66C3710:D5B5378A3ABED55803F25565D8907B84:0 + +# CFB128-CAMELLIA256.Encrypt +CAMELLIA-256-CFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:CF6107BB0CEA7D7FB1BD31F5E7B06C93:1 +CAMELLIA-256-CFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:CF6107BB0CEA7D7FB1BD31F5E7B06C93:AE2D8A571E03AC9C9EB76FAC45AF8E51:89BEDB4CCDD864EA11BA4CBE849B5E2B:1 +CAMELLIA-256-CFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:89BEDB4CCDD864EA11BA4CBE849B5E2B:30C81C46A35CE411E5FBC1191A0A52EF:555FC3F34BDD2D54C62D9E3BF338C1C4:1 +CAMELLIA-256-CFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:555FC3F34BDD2D54C62D9E3BF338C1C4:F69F2445DF4F9B17AD2B417BE66C3710:5953ADCE14DB8C7F39F1BD39F359BFFA:1 + +# CFB128-CAMELLIA256.Decrypt +CAMELLIA-256-CFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:CF6107BB0CEA7D7FB1BD31F5E7B06C93:0 +CAMELLIA-256-CFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:CF6107BB0CEA7D7FB1BD31F5E7B06C93:AE2D8A571E03AC9C9EB76FAC45AF8E51:89BEDB4CCDD864EA11BA4CBE849B5E2B:0 +CAMELLIA-256-CFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:89BEDB4CCDD864EA11BA4CBE849B5E2B:30C81C46A35CE411E5FBC1191A0A52EF:555FC3F34BDD2D54C62D9E3BF338C1C4:0 +CAMELLIA-256-CFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:555FC3F34BDD2D54C62D9E3BF338C1C4:F69F2445DF4F9B17AD2B417BE66C3710:5953ADCE14DB8C7F39F1BD39F359BFFA:0 + +# For all OFB encrypts and decrypts, the transformed sequence is +# CAMELLIA-bits-OFB:key:IV/output':plaintext:ciphertext:encdec +# OFB-CAMELLIA128.Encrypt +CAMELLIA-128-OFB:2B7E151628AED2A6ABF7158809CF4F3C:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:14F7646187817EB586599146B82BD719:1 +CAMELLIA-128-OFB:2B7E151628AED2A6ABF7158809CF4F3C:50FE67CC996D32B6DA0937E99BAFEC60:AE2D8A571E03AC9C9EB76FAC45AF8E51:25623DB569CA51E01482649977E28D84:1 +CAMELLIA-128-OFB:2B7E151628AED2A6ABF7158809CF4F3C:D9A4DADA0892239F6B8B3D7680E15674:30C81C46A35CE411E5FBC1191A0A52EF:C776634A60729DC657D12B9FCA801E98:1 +CAMELLIA-128-OFB:2B7E151628AED2A6ABF7158809CF4F3C:A78819583F0308E7A6BF36B1386ABF23:F69F2445DF4F9B17AD2B417BE66C3710:D776379BE0E50825E681DA1A4C980E8E:1 + +# OFB-CAMELLIA128.Decrypt +CAMELLIA-128-OFB:2B7E151628AED2A6ABF7158809CF4F3C:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:14F7646187817EB586599146B82BD719:0 +CAMELLIA-128-OFB:2B7E151628AED2A6ABF7158809CF4F3C:50FE67CC996D32B6DA0937E99BAFEC60:AE2D8A571E03AC9C9EB76FAC45AF8E51:25623DB569CA51E01482649977E28D84:0 +CAMELLIA-128-OFB:2B7E151628AED2A6ABF7158809CF4F3C:D9A4DADA0892239F6B8B3D7680E15674:30C81C46A35CE411E5FBC1191A0A52EF:C776634A60729DC657D12B9FCA801E98:0 +CAMELLIA-128-OFB:2B7E151628AED2A6ABF7158809CF4F3C:A78819583F0308E7A6BF36B1386ABF23:F69F2445DF4F9B17AD2B417BE66C3710:D776379BE0E50825E681DA1A4C980E8E:0 + +# OFB-CAMELLIA192.Encrypt +CAMELLIA-192-OFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:C832BB9780677DAA82D9B6860DCD565E:1 +CAMELLIA-192-OFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:A609B38DF3B1133DDDFF2718BA09565E:AE2D8A571E03AC9C9EB76FAC45AF8E51:8ECEB7D0350D72C7F78562AEBDF99339:1 +CAMELLIA-192-OFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:52EF01DA52602FE0975F78AC84BF8A50:30C81C46A35CE411E5FBC1191A0A52EF:BDD62DBBB9700846C53B507F544696F0:1 +CAMELLIA-192-OFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:BD5286AC63AABD7EB067AC54B553F71D:F69F2445DF4F9B17AD2B417BE66C3710:E28014E046B802F385C4C2E13EAD4A72:1 + +# OFB-CAMELLIA192.Decrypt +CAMELLIA-192-OFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:C832BB9780677DAA82D9B6860DCD565E:0 +CAMELLIA-192-OFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:A609B38DF3B1133DDDFF2718BA09565E:AE2D8A571E03AC9C9EB76FAC45AF8E51:8ECEB7D0350D72C7F78562AEBDF99339:0 +CAMELLIA-192-OFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:52EF01DA52602FE0975F78AC84BF8A50:30C81C46A35CE411E5FBC1191A0A52EF:BDD62DBBB9700846C53B507F544696F0:0 +CAMELLIA-192-OFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:BD5286AC63AABD7EB067AC54B553F71D:F69F2445DF4F9B17AD2B417BE66C3710:E28014E046B802F385C4C2E13EAD4A72:0 + +# OFB-CAMELLIA256.Encrypt +CAMELLIA-256-OFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:CF6107BB0CEA7D7FB1BD31F5E7B06C93:1 +CAMELLIA-256-OFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:B7BF3A5DF43989DD97F0FA97EBCE2F4A:AE2D8A571E03AC9C9EB76FAC45AF8E51:127AD97E8E3994E4820027D7BA109368:1 +CAMELLIA-256-OFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:E1C656305ED1A7A6563805746FE03EDC:30C81C46A35CE411E5FBC1191A0A52EF:6BFF6265A6A6B7A535BC65A80B17214E:1 +CAMELLIA-256-OFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:41635BE625B48AFC1666DD42A09D96E7:F69F2445DF4F9B17AD2B417BE66C3710:0A4A0404E26AA78A27CB271E8BF3CF20:1 + +# OFB-CAMELLIA256.Decrypt +CAMELLIA-256-OFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:CF6107BB0CEA7D7FB1BD31F5E7B06C93:0 +CAMELLIA-256-OFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:B7BF3A5DF43989DD97F0FA97EBCE2F4A:AE2D8A571E03AC9C9EB76FAC45AF8E51:127AD97E8E3994E4820027D7BA109368:0 +CAMELLIA-256-OFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:E1C656305ED1A7A6563805746FE03EDC:30C81C46A35CE411E5FBC1191A0A52EF:6BFF6265A6A6B7A535BC65A80B17214E:0 +CAMELLIA-256-OFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:41635BE625B48AFC1666DD42A09D96E7:F69F2445DF4F9B17AD2B417BE66C3710:0A4A0404E26AA78A27CB271E8BF3CF20:0 + +# SEED test vectors from RFC4269 +SEED-ECB:00000000000000000000000000000000::000102030405060708090A0B0C0D0E0F:5EBAC6E0054E166819AFF1CC6D346CDB:0 +SEED-ECB:000102030405060708090A0B0C0D0E0F::00000000000000000000000000000000:C11F22F20140505084483597E4370F43:0 +SEED-ECB:4706480851E61BE85D74BFB3FD956185::83A2F8A288641FB9A4E9A5CC2F131C7D:EE54D13EBCAE706D226BC3142CD40D4A:0 +SEED-ECB:28DBC3BC49FFD87DCFA509B11D422BE7::B41E6BE2EBA84A148E2EED84593C5EC7:9B9B7BFCD1813CB95D0B3618F40F5122:0 +SEED-ECB:00000000000000000000000000000000::000102030405060708090A0B0C0D0E0F:5EBAC6E0054E166819AFF1CC6D346CDB:1 +SEED-ECB:000102030405060708090A0B0C0D0E0F::00000000000000000000000000000000:C11F22F20140505084483597E4370F43:1 +SEED-ECB:4706480851E61BE85D74BFB3FD956185::83A2F8A288641FB9A4E9A5CC2F131C7D:EE54D13EBCAE706D226BC3142CD40D4A:1 +SEED-ECB:28DBC3BC49FFD87DCFA509B11D422BE7::B41E6BE2EBA84A148E2EED84593C5EC7:9B9B7BFCD1813CB95D0B3618F40F5122:1 diff --git a/src/lib/libcrypto/evp/m_md2.c b/src/lib/libcrypto/evp/m_md2.c index 0df48e5199..5ce849f161 100644 --- a/src/lib/libcrypto/evp/m_md2.c +++ b/src/lib/libcrypto/evp/m_md2.c @@ -56,19 +56,23 @@ * [including the GNU Public Licence.] */ -#ifndef OPENSSL_NO_MD2 #include #include "cryptlib.h" + +#ifndef OPENSSL_NO_MD2 + #include -#include "evp_locl.h" #include #include #include +#ifndef OPENSSL_NO_RSA +#include +#endif static int init(EVP_MD_CTX *ctx) { return MD2_Init(ctx->md_data); } -static int update(EVP_MD_CTX *ctx,const void *data,unsigned long count) +static int update(EVP_MD_CTX *ctx,const void *data,size_t count) { return MD2_Update(ctx->md_data,data,count); } static int final(EVP_MD_CTX *ctx,unsigned char *md) diff --git a/src/lib/libcrypto/evp/m_mdc2.c b/src/lib/libcrypto/evp/m_mdc2.c index 62de1336b8..36c4e9b134 100644 --- a/src/lib/libcrypto/evp/m_mdc2.c +++ b/src/lib/libcrypto/evp/m_mdc2.c @@ -56,19 +56,21 @@ * [including the GNU Public Licence.] */ -#ifndef OPENSSL_NO_MDC2 #include #include "cryptlib.h" + +#ifndef OPENSSL_NO_MDC2 + #include -#include "evp_locl.h" #include #include #include +#include static int init(EVP_MD_CTX *ctx) { return MDC2_Init(ctx->md_data); } -static int update(EVP_MD_CTX *ctx,const void *data,unsigned long count) +static int update(EVP_MD_CTX *ctx,const void *data,size_t count) { return MDC2_Update(ctx->md_data,data,count); } static int final(EVP_MD_CTX *ctx,unsigned char *md) diff --git a/src/lib/libcrypto/evp/m_sha.c b/src/lib/libcrypto/evp/m_sha.c index ed54909b16..acccc8f92d 100644 --- a/src/lib/libcrypto/evp/m_sha.c +++ b/src/lib/libcrypto/evp/m_sha.c @@ -56,21 +56,22 @@ * [including the GNU Public Licence.] */ -#if !defined(OPENSSL_NO_SHA) && !defined(OPENSSL_NO_SHA0) #include #include "cryptlib.h" -/* Including sha.h prior evp.h masks FIPS SHA declarations, but that's - * exactly what we want to achieve here... */ -#include + +#if !defined(OPENSSL_NO_SHA) && !defined(OPENSSL_NO_SHA0) + #include -#include "evp_locl.h" #include #include +#ifndef OPENSSL_NO_RSA +#include +#endif static int init(EVP_MD_CTX *ctx) { return SHA_Init(ctx->md_data); } -static int update(EVP_MD_CTX *ctx,const void *data,unsigned long count) +static int update(EVP_MD_CTX *ctx,const void *data,size_t count) { return SHA_Update(ctx->md_data,data,count); } static int final(EVP_MD_CTX *ctx,unsigned char *md) diff --git a/src/lib/libcrypto/hmac/Makefile b/src/lib/libcrypto/hmac/Makefile index 3d53d8240f..01f10c396f 100644 --- a/src/lib/libcrypto/hmac/Makefile +++ b/src/lib/libcrypto/hmac/Makefile @@ -7,11 +7,6 @@ TOP= ../.. CC= cc INCLUDES= CFLAG=-g -INSTALL_PREFIX= -OPENSSLDIR= /usr/local/ssl -INSTALLTOP=/usr/local/ssl -MAKEDEPPROG= makedepend -MAKEDEPEND= $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG) MAKEFILE= Makefile AR= ar r @@ -51,6 +46,7 @@ links: @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS) install: + @[ -n "$(INSTALLTOP)" ] # should be set by top Makefile... @headerlist="$(EXHEADER)"; for i in $$headerlist ; \ do \ (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \ @@ -66,6 +62,7 @@ lint: lint -DLINT $(INCLUDES) $(SRC)>fluff depend: + @[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile... $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC) dclean: @@ -77,23 +74,12 @@ clean: # DO NOT DELETE THIS LINE -- make depend depends on it. -hmac.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h -hmac.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -hmac.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -hmac.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h -hmac.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -hmac.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h +hmac.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h +hmac.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h hmac.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h hmac.o: ../../include/openssl/evp.h ../../include/openssl/hmac.h -hmac.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -hmac.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -hmac.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h -hmac.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -hmac.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -hmac.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rc2.h -hmac.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -hmac.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -hmac.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -hmac.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -hmac.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -hmac.o: ../cryptlib.h hmac.c +hmac.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h +hmac.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h +hmac.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +hmac.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +hmac.o: ../../include/openssl/symhacks.h ../cryptlib.h hmac.c diff --git a/src/lib/libcrypto/idea/Makefile b/src/lib/libcrypto/idea/Makefile index 6b8e530d9d..b2e7add666 100644 --- a/src/lib/libcrypto/idea/Makefile +++ b/src/lib/libcrypto/idea/Makefile @@ -7,11 +7,6 @@ TOP= ../.. CC= cc INCLUDES= CFLAG=-g -INSTALL_PREFIX= -OPENSSLDIR= /usr/local/ssl -INSTALLTOP=/usr/local/ssl -MAKEDEPPROG= makedepend -MAKEDEPEND= $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG) MAKEFILE= Makefile AR= ar r @@ -51,6 +46,7 @@ links: @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS) install: + @[ -n "$(INSTALLTOP)" ] # should be set by top Makefile... @headerlist="$(EXHEADER)"; for i in $$headerlist ; \ do \ (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \ @@ -66,6 +62,7 @@ lint: lint -DLINT $(INCLUDES) $(SRC)>fluff depend: + @[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile... $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC) dclean: @@ -85,8 +82,5 @@ i_ecb.o: ../../include/openssl/idea.h ../../include/openssl/opensslconf.h i_ecb.o: ../../include/openssl/opensslv.h i_ecb.c idea_lcl.h i_ofb64.o: ../../include/openssl/idea.h ../../include/openssl/opensslconf.h i_ofb64.o: i_ofb64.c idea_lcl.h -i_skey.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h -i_skey.o: ../../include/openssl/fips.h ../../include/openssl/idea.h -i_skey.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -i_skey.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h -i_skey.o: ../../include/openssl/symhacks.h i_skey.c idea_lcl.h +i_skey.o: ../../include/openssl/idea.h ../../include/openssl/opensslconf.h +i_skey.o: i_skey.c idea_lcl.h diff --git a/src/lib/libcrypto/idea/ideatest.c b/src/lib/libcrypto/idea/ideatest.c index 98f805d72a..e6ffc7025e 100644 --- a/src/lib/libcrypto/idea/ideatest.c +++ b/src/lib/libcrypto/idea/ideatest.c @@ -169,6 +169,9 @@ int main(int argc, char *argv[]) else printf("ok\n"); +#ifdef OPENSSL_SYS_NETWARE + if (err) printf("ERROR: %d\n", err); +#endif EXIT(err); return(err); } diff --git a/src/lib/libcrypto/install.com b/src/lib/libcrypto/install.com index b3d155e964..58a4fecdaa 100644 --- a/src/lib/libcrypto/install.com +++ b/src/lib/libcrypto/install.com @@ -32,14 +32,18 @@ $ IF F$PARSE("WRK_SSLALIB:") .EQS. "" THEN - $ IF F$PARSE("WRK_SSLINCLUDE:") .EQS. "" THEN - CREATE/DIR/LOG WRK_SSLINCLUDE: $ -$ SDIRS := ,MD2,MD4,MD5,SHA,MDC2,HMAC,RIPEMD,- - DES,RC2,RC4,RC5,IDEA,BF,CAST,- - BN,EC,RSA,DSA,DH,DSO,ENGINE,AES,- - BUFFER,BIO,STACK,LHASH,RAND,ERR,OBJECTS,- +$ SDIRS := ,- + OBJECTS,- + MD2,MD4,MD5,SHA,MDC2,HMAC,RIPEMD,- + DES,RC2,RC4,RC5,IDEA,BF,CAST,CAMELLIA,SEED,- + BN,EC,RSA,DSA,ECDSA,DH,ECDH,DSO,ENGINE,AES,- + BUFFER,BIO,STACK,LHASH,RAND,ERR,- EVP,ASN1,PEM,X509,X509V3,CONF,TXT_DB,PKCS7,PKCS12,COMP,OCSP,- - UI,KRB5 + UI,KRB5,- + STORE,CMS,PQUEUE $ EXHEADER_ := crypto.h,tmdiff.h,opensslv.h,opensslconf.h,ebcdic.h,- symhacks.h,ossl_typ.h +$ EXHEADER_OBJECTS := objects.h,obj_mac.h $ EXHEADER_MD2 := md2.h $ EXHEADER_MD4 := md4.h $ EXHEADER_MD5 := md5.h @@ -54,11 +58,15 @@ $ EXHEADER_RC5 := rc5.h $ EXHEADER_IDEA := idea.h $ EXHEADER_BF := blowfish.h $ EXHEADER_CAST := cast.h +$ EXHEADER_CAMELLIA := camellia.h +$ EXHEADER_SEED := seed.h $ EXHEADER_BN := bn.h $ EXHEADER_EC := ec.h $ EXHEADER_RSA := rsa.h $ EXHEADER_DSA := dsa.h +$ EXHEADER_ECDSA := ecdsa.h $ EXHEADER_DH := dh.h +$ EXHEADER_ECDH := ecdh.h $ EXHEADER_DSO := dso.h $ EXHEADER_ENGINE := engine.h $ EXHEADER_AES := aes.h @@ -68,7 +76,6 @@ $ EXHEADER_STACK := stack.h,safestack.h $ EXHEADER_LHASH := lhash.h $ EXHEADER_RAND := rand.h $ EXHEADER_ERR := err.h -$ EXHEADER_OBJECTS := objects.h,obj_mac.h $ EXHEADER_EVP := evp.h $ EXHEADER_ASN1 := asn1.h,asn1_mac.h,asn1t.h $ EXHEADER_PEM := pem.h,pem2.h @@ -82,6 +89,10 @@ $ EXHEADER_COMP := comp.h $ EXHEADER_OCSP := ocsp.h $ EXHEADER_UI := ui.h,ui_compat.h $ EXHEADER_KRB5 := krb5_asn.h +$! EXHEADER_STORE := store.h,str_compat.h +$ EXHEADER_STORE := store.h +$ EXHEADER_PQUEUE := pqueue.h,pq_compat.h +$ EXHEADER_CMS := cms.h $ LIBS := LIBCRYPTO $ $ VEXE_DIR := [-.VAX.EXE.CRYPTO] diff --git a/src/lib/libcrypto/krb5/Makefile b/src/lib/libcrypto/krb5/Makefile index 25cc695e8d..14077390d6 100644 --- a/src/lib/libcrypto/krb5/Makefile +++ b/src/lib/libcrypto/krb5/Makefile @@ -7,11 +7,6 @@ TOP= ../.. CC= cc INCLUDES= -I.. -I$(TOP) -I../../include CFLAG=-g -INSTALL_PREFIX= -OPENSSLDIR= /usr/local/ssl -INSTALLTOP=/usr/local/ssl -MAKEDEPPROG= makedepend -MAKEDEPEND= $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG) MAKEFILE= Makefile AR= ar r @@ -52,6 +47,7 @@ links: @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS) install: + @[ -n "$(INSTALLTOP)" ] # should be set by top Makefile... @headerlist="$(EXHEADER)"; for i in $$headerlist ; \ do \ (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \ @@ -67,6 +63,7 @@ lint: lint -DLINT $(INCLUDES) $(SRC)>fluff depend: + @[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile... $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(LIBSRC) dclean: @@ -79,9 +76,8 @@ clean: # DO NOT DELETE THIS LINE -- make depend depends on it. krb5_asn.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h -krb5_asn.o: ../../include/openssl/bio.h ../../include/openssl/bn.h -krb5_asn.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h -krb5_asn.o: ../../include/openssl/krb5_asn.h +krb5_asn.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h +krb5_asn.o: ../../include/openssl/e_os2.h ../../include/openssl/krb5_asn.h krb5_asn.o: ../../include/openssl/opensslconf.h krb5_asn.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h krb5_asn.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h diff --git a/src/lib/libcrypto/lhash/Makefile b/src/lib/libcrypto/lhash/Makefile index cdb0e77fad..82bddac474 100644 --- a/src/lib/libcrypto/lhash/Makefile +++ b/src/lib/libcrypto/lhash/Makefile @@ -7,11 +7,6 @@ TOP= ../.. CC= cc INCLUDES= CFLAG=-g -INSTALL_PREFIX= -OPENSSLDIR= /usr/local/ssl -INSTALLTOP=/usr/local/ssl -MAKEDEPPROG= makedepend -MAKEDEPEND= $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG) MAKEFILE= Makefile AR= ar r @@ -51,6 +46,7 @@ links: @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS) install: + @[ -n "$(INSTALLTOP)" ] # should be set by top Makefile... @headerlist="$(EXHEADER)"; for i in $$headerlist ; \ do \ (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \ @@ -66,6 +62,7 @@ lint: lint -DLINT $(INCLUDES) $(SRC)>fluff depend: + @[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile... $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC) dclean: @@ -81,11 +78,11 @@ lh_stats.o: ../../e_os.h ../../include/openssl/bio.h lh_stats.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h lh_stats.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h lh_stats.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h -lh_stats.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h -lh_stats.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -lh_stats.o: ../cryptlib.h lh_stats.c +lh_stats.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +lh_stats.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +lh_stats.o: ../../include/openssl/symhacks.h ../cryptlib.h lh_stats.c lhash.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h lhash.o: ../../include/openssl/e_os2.h ../../include/openssl/lhash.h lhash.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -lhash.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h -lhash.o: ../../include/openssl/symhacks.h lhash.c +lhash.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h +lhash.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h lhash.c diff --git a/src/lib/libcrypto/md2/Makefile b/src/lib/libcrypto/md2/Makefile index 9d0351bb2f..17f878aeb7 100644 --- a/src/lib/libcrypto/md2/Makefile +++ b/src/lib/libcrypto/md2/Makefile @@ -7,11 +7,6 @@ TOP= ../.. CC= cc INCLUDES= CFLAG=-g -INSTALL_PREFIX= -OPENSSLDIR= /usr/local/ssl -INSTALLTOP=/usr/local/ssl -MAKEDEPPROG= makedepend -MAKEDEPEND= $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG) MAKEFILE= Makefile AR= ar r @@ -51,6 +46,7 @@ links: @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS) install: + @[ -n "$(INSTALLTOP)" ] # should be set by top Makefile... @headerlist="$(EXHEADER)"; for i in $$headerlist ; \ do \ (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \ @@ -66,6 +62,7 @@ lint: lint -DLINT $(INCLUDES) $(SRC)>fluff depend: + @[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile... $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC) dclean: @@ -77,17 +74,16 @@ clean: # DO NOT DELETE THIS LINE -- make depend depends on it. -md2_dgst.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h -md2_dgst.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -md2_dgst.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h +md2_dgst.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h md2_dgst.o: ../../include/openssl/md2.h ../../include/openssl/opensslconf.h -md2_dgst.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h -md2_dgst.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -md2_dgst.o: md2_dgst.c +md2_dgst.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +md2_dgst.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +md2_dgst.o: ../../include/openssl/symhacks.h md2_dgst.c md2_one.o: ../../e_os.h ../../include/openssl/bio.h md2_one.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h md2_one.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h md2_one.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h md2_one.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -md2_one.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h -md2_one.o: ../../include/openssl/symhacks.h ../cryptlib.h md2_one.c +md2_one.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h +md2_one.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +md2_one.o: ../cryptlib.h md2_one.c diff --git a/src/lib/libcrypto/md2/md2.h b/src/lib/libcrypto/md2/md2.h index d0ef9da08e..a46120e7d4 100644 --- a/src/lib/libcrypto/md2/md2.h +++ b/src/lib/libcrypto/md2/md2.h @@ -59,13 +59,14 @@ #ifndef HEADER_MD2_H #define HEADER_MD2_H +#include /* OPENSSL_NO_MD2, MD2_INT */ #ifdef OPENSSL_NO_MD2 #error MD2 is disabled. #endif +#include #define MD2_DIGEST_LENGTH 16 #define MD2_BLOCK 16 -#include /* MD2_INT */ #ifdef __cplusplus extern "C" { @@ -73,20 +74,17 @@ extern "C" { typedef struct MD2state_st { - int num; + unsigned int num; unsigned char data[MD2_BLOCK]; MD2_INT cksm[MD2_BLOCK]; MD2_INT state[MD2_BLOCK]; } MD2_CTX; const char *MD2_options(void); -#ifdef OPENSSL_FIPS -int private_MD2_Init(MD2_CTX *c); -#endif int MD2_Init(MD2_CTX *c); -int MD2_Update(MD2_CTX *c, const unsigned char *data, unsigned long len); +int MD2_Update(MD2_CTX *c, const unsigned char *data, size_t len); int MD2_Final(unsigned char *md, MD2_CTX *c); -unsigned char *MD2(const unsigned char *d, unsigned long n,unsigned char *md); +unsigned char *MD2(const unsigned char *d, size_t n,unsigned char *md); #ifdef __cplusplus } #endif diff --git a/src/lib/libcrypto/md2/md2_dgst.c b/src/lib/libcrypto/md2/md2_dgst.c index 8124acd687..6f68b25c6a 100644 --- a/src/lib/libcrypto/md2/md2_dgst.c +++ b/src/lib/libcrypto/md2/md2_dgst.c @@ -62,10 +62,8 @@ #include #include #include -#include -#include -const char *MD2_version="MD2" OPENSSL_VERSION_PTEXT; +const char MD2_version[]="MD2" OPENSSL_VERSION_PTEXT; /* Implemented from RFC1319 The MD2 Message-Digest Algorithm */ @@ -118,7 +116,7 @@ const char *MD2_options(void) return("md2(int)"); } -FIPS_NON_FIPS_MD_Init(MD2) +int MD2_Init(MD2_CTX *c) { c->num=0; memset(c->state,0,sizeof c->state); @@ -127,7 +125,7 @@ FIPS_NON_FIPS_MD_Init(MD2) return 1; } -int MD2_Update(MD2_CTX *c, const unsigned char *data, unsigned long len) +int MD2_Update(MD2_CTX *c, const unsigned char *data, size_t len) { register UCHAR *p; @@ -147,7 +145,7 @@ int MD2_Update(MD2_CTX *c, const unsigned char *data, unsigned long len) } else { - memcpy(&(p[c->num]),data,(int)len); + memcpy(&(p[c->num]),data,len); /* data+=len; */ c->num+=(int)len; return 1; @@ -161,7 +159,7 @@ int MD2_Update(MD2_CTX *c, const unsigned char *data, unsigned long len) data+=MD2_BLOCK; len-=MD2_BLOCK; } - memcpy(p,data,(int)len); + memcpy(p,data,len); c->num=(int)len; return 1; } diff --git a/src/lib/libcrypto/md2/md2_one.c b/src/lib/libcrypto/md2/md2_one.c index 8c36ba5779..f7fef5cc0a 100644 --- a/src/lib/libcrypto/md2/md2_one.c +++ b/src/lib/libcrypto/md2/md2_one.c @@ -63,7 +63,7 @@ /* This is a separate file so that #defines in cryptlib.h can * map my MD functions to different names */ -unsigned char *MD2(const unsigned char *d, unsigned long n, unsigned char *md) +unsigned char *MD2(const unsigned char *d, size_t n, unsigned char *md) { MD2_CTX c; static unsigned char m[MD2_DIGEST_LENGTH]; diff --git a/src/lib/libcrypto/md2/md2test.c b/src/lib/libcrypto/md2/md2test.c index 9c1e28b6ce..db5f5bc6d2 100644 --- a/src/lib/libcrypto/md2/md2test.c +++ b/src/lib/libcrypto/md2/md2test.c @@ -110,7 +110,7 @@ int main(int argc, char *argv[]) i=1; while (*P != NULL) { - EVP_Digest((unsigned char *)*P,(unsigned long)strlen(*P),md,NULL,EVP_md2(), NULL); + EVP_Digest((unsigned char *)*P,strlen(*P),md,NULL,EVP_md2(), NULL); p=pt(md); if (strcmp(p,*R) != 0) { @@ -124,7 +124,11 @@ int main(int argc, char *argv[]) R++; P++; } +#ifdef OPENSSL_SYS_NETWARE + if (err) printf("ERROR: %d\n", err); +#endif EXIT(err); + return err; } static char *pt(unsigned char *md) diff --git a/src/lib/libcrypto/md4/Makefile b/src/lib/libcrypto/md4/Makefile index eeb457f20f..ef97bb0cbe 100644 --- a/src/lib/libcrypto/md4/Makefile +++ b/src/lib/libcrypto/md4/Makefile @@ -8,11 +8,6 @@ CC= cc CPP= $(CC) -E INCLUDES= CFLAG=-g -INSTALL_PREFIX= -OPENSSLDIR= /usr/local/ssl -INSTALLTOP=/usr/local/ssl -MAKEDEPPROG= makedepend -MAKEDEPEND= $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG) MAKEFILE= Makefile AR= ar r @@ -52,6 +47,7 @@ links: @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS) install: + @[ -n "$(INSTALLTOP)" ] # should be set by top Makefile... @headerlist="$(EXHEADER)"; for i in $$headerlist ; \ do \ (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \ @@ -67,6 +63,7 @@ lint: lint -DLINT $(INCLUDES) $(SRC)>fluff depend: + @[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile... $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC) dclean: @@ -78,15 +75,12 @@ clean: # DO NOT DELETE THIS LINE -- make depend depends on it. -md4_dgst.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h -md4_dgst.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -md4_dgst.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h -md4_dgst.o: ../../include/openssl/md4.h ../../include/openssl/opensslconf.h -md4_dgst.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h -md4_dgst.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -md4_dgst.o: ../md32_common.h md4_dgst.c md4_locl.h +md4_dgst.o: ../../include/openssl/e_os2.h ../../include/openssl/md4.h +md4_dgst.o: ../../include/openssl/opensslconf.h +md4_dgst.o: ../../include/openssl/opensslv.h ../md32_common.h md4_dgst.c +md4_dgst.o: md4_locl.h md4_one.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h md4_one.o: ../../include/openssl/md4.h ../../include/openssl/opensslconf.h -md4_one.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h -md4_one.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -md4_one.o: md4_one.c +md4_one.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +md4_one.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +md4_one.o: ../../include/openssl/symhacks.h md4_one.c diff --git a/src/lib/libcrypto/md4/md4test.c b/src/lib/libcrypto/md4/md4test.c index 21a77d96f7..56591728a1 100644 --- a/src/lib/libcrypto/md4/md4test.c +++ b/src/lib/libcrypto/md4/md4test.c @@ -97,16 +97,16 @@ static char *pt(unsigned char *md); int main(int argc, char *argv[]) { int i,err=0; - unsigned char **P,**R; + char **P,**R; char *p; unsigned char md[MD4_DIGEST_LENGTH]; - P=(unsigned char **)test; - R=(unsigned char **)ret; + P=test; + R=ret; i=1; while (*P != NULL) { - EVP_Digest(&(P[0][0]),(unsigned long)strlen((char *)*P),md,NULL,EVP_md4(), NULL); + EVP_Digest(&(P[0][0]),strlen((char *)*P),md,NULL,EVP_md4(), NULL); p=pt(md); if (strcmp(p,(char *)*R) != 0) { diff --git a/src/lib/libcrypto/md5/Makefile b/src/lib/libcrypto/md5/Makefile index 1ed018526f..ceb00e8956 100644 --- a/src/lib/libcrypto/md5/Makefile +++ b/src/lib/libcrypto/md5/Makefile @@ -8,11 +8,6 @@ CC= cc CPP= $(CC) -E INCLUDES=-I.. -I$(TOP) -I../../include CFLAG=-g -INSTALL_PREFIX= -OPENSSLDIR= /usr/local/ssl -INSTALLTOP=/usr/local/ssl -MAKEDEPPROG= makedepend -MAKEDEPEND= $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG) MAKEFILE= Makefile AR= ar r @@ -20,6 +15,7 @@ MD5_ASM_OBJ= CFLAGS= $(INCLUDES) $(CFLAG) ASFLAGS= $(INCLUDES) $(ASFLAG) +AFLAGS= $(ASFLAGS) GENERAL=Makefile TEST=md5test.c @@ -46,38 +42,17 @@ lib: $(LIBOBJ) $(RANLIB) $(LIB) || echo Never mind. @touch lib -# elf -asm/mx86-elf.s: asm/md5-586.pl ../perlasm/x86asm.pl - (cd asm; $(PERL) md5-586.pl elf $(CFLAGS) > mx86-elf.s) - +# ELF +mx86-elf.s: asm/md5-586.pl ../perlasm/x86asm.pl + (cd asm; $(PERL) md5-586.pl elf $(CFLAGS) > ../$@) +# COFF +mx86-cof.s: asm/md5-586.pl ../perlasm/x86asm.pl + (cd asm; $(PERL) md5-586.pl coff $(CFLAGS) > ../$@) # a.out -asm/mx86-out.o: asm/mx86unix.cpp - $(CPP) -DOUT asm/mx86unix.cpp | as -o asm/mx86-out.o - -# bsdi -asm/mx86bsdi.o: asm/mx86unix.cpp - $(CPP) -DBSDI asm/mx86unix.cpp | sed 's/ :/:/' | as -o asm/mx86bsdi.o - -asm/mx86unix.cpp: asm/md5-586.pl ../perlasm/x86asm.pl - (cd asm; $(PERL) md5-586.pl cpp >mx86unix.cpp) - -asm/md5-sparcv8plus.o: asm/md5-sparcv9.S - $(CC) $(ASFLAGS) -DMD5_BLOCK_DATA_ORDER -c \ - -o asm/md5-sparcv8plus.o asm/md5-sparcv9.S - -# Old GNU assembler doesn't understand V9 instructions, so we -# hire /usr/ccs/bin/as to do the job. Note that option is called -# *-gcc27, but even gcc 2>=8 users may experience similar problem -# if they didn't bother to upgrade GNU assembler. Such users should -# not choose this option, but be adviced to *remove* GNU assembler -# or upgrade it. -asm/md5-sparcv8plus-gcc27.o: asm/md5-sparcv9.S - $(CC) $(ASFLAGS) -DMD5_BLOCK_DATA_ORDER -E asm/md5-sparcv9.S | \ - /usr/ccs/bin/as -xarch=v8plus - -o asm/md5-sparcv8plus-gcc27.o - -asm/md5-sparcv9.o: asm/md5-sparcv9.S - $(CC) $(ASFLAGS) -DMD5_BLOCK_DATA_ORDER -c \ - -o asm/md5-sparcv9.o asm/md5-sparcv9.S +mx86-out.s: asm/md5-586.pl ../perlasm/x86asm.pl + (cd asm; $(PERL) md5-586.pl a.out $(CFLAGS) > ../$@) + +md5-x86_64.s: asm/md5-x86_64.pl; $(PERL) asm/md5-x86_64.pl $@ files: $(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO @@ -88,6 +63,7 @@ links: @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS) install: + @[ -n "$(INSTALLTOP)" ] # should be set by top Makefile... @headerlist="$(EXHEADER)"; for i in $$headerlist ; \ do \ (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \ @@ -103,6 +79,7 @@ lint: lint -DLINT $(INCLUDES) $(SRC)>fluff depend: + @[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile... $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC) dclean: @@ -110,19 +87,16 @@ dclean: mv -f Makefile.new $(MAKEFILE) clean: - rm -f asm/mx86unix.cpp asm/*-elf.* *.o asm/*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff + rm -f *.s *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff # DO NOT DELETE THIS LINE -- make depend depends on it. -md5_dgst.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h -md5_dgst.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -md5_dgst.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h -md5_dgst.o: ../../include/openssl/md5.h ../../include/openssl/opensslconf.h -md5_dgst.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h -md5_dgst.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -md5_dgst.o: ../md32_common.h md5_dgst.c md5_locl.h +md5_dgst.o: ../../include/openssl/e_os2.h ../../include/openssl/md5.h +md5_dgst.o: ../../include/openssl/opensslconf.h +md5_dgst.o: ../../include/openssl/opensslv.h ../md32_common.h md5_dgst.c +md5_dgst.o: md5_locl.h md5_one.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h md5_one.o: ../../include/openssl/md5.h ../../include/openssl/opensslconf.h -md5_one.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h -md5_one.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -md5_one.o: md5_one.c +md5_one.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +md5_one.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +md5_one.o: ../../include/openssl/symhacks.h md5_one.c diff --git a/src/lib/libcrypto/md5/md5test.c b/src/lib/libcrypto/md5/md5test.c index bfd62629ed..2b37190e32 100644 --- a/src/lib/libcrypto/md5/md5test.c +++ b/src/lib/libcrypto/md5/md5test.c @@ -97,16 +97,16 @@ static char *pt(unsigned char *md); int main(int argc, char *argv[]) { int i,err=0; - unsigned char **P,**R; + char **P,**R; char *p; unsigned char md[MD5_DIGEST_LENGTH]; - P=(unsigned char **)test; - R=(unsigned char **)ret; + P=test; + R=ret; i=1; while (*P != NULL) { - EVP_Digest(&(P[0][0]),(unsigned long)strlen((char *)*P),md,NULL,EVP_md5(), NULL); + EVP_Digest(&(P[0][0]),strlen((char *)*P),md,NULL,EVP_md5(), NULL); p=pt(md); if (strcmp(p,(char *)*R) != 0) { @@ -120,6 +120,10 @@ int main(int argc, char *argv[]) R++; P++; } + +#ifdef OPENSSL_SYS_NETWARE + if (err) printf("ERROR: %d\n", err); +#endif EXIT(err); return(0); } diff --git a/src/lib/libcrypto/mdc2/Makefile b/src/lib/libcrypto/mdc2/Makefile index b8e9a9a4fa..1d064f17a6 100644 --- a/src/lib/libcrypto/mdc2/Makefile +++ b/src/lib/libcrypto/mdc2/Makefile @@ -7,11 +7,6 @@ TOP= ../.. CC= cc INCLUDES= CFLAG=-g -INSTALL_PREFIX= -OPENSSLDIR= /usr/local/ssl -INSTALLTOP=/usr/local/ssl -MAKEDEPPROG= makedepend -MAKEDEPEND= $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG) MAKEFILE= Makefile AR= ar r @@ -51,6 +46,7 @@ links: @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS) install: + @[ -n "$(INSTALLTOP)" ] # should be set by top Makefile... @headerlist="$(EXHEADER)"; for i in $$headerlist ; \ do \ (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \ @@ -66,6 +62,7 @@ lint: lint -DLINT $(INCLUDES) $(SRC)>fluff depend: + @[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile... $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC) dclean: @@ -83,16 +80,14 @@ mdc2_one.o: ../../include/openssl/des.h ../../include/openssl/des_old.h mdc2_one.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h mdc2_one.o: ../../include/openssl/lhash.h ../../include/openssl/mdc2.h mdc2_one.o: ../../include/openssl/opensslconf.h -mdc2_one.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h -mdc2_one.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -mdc2_one.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -mdc2_one.o: ../cryptlib.h mdc2_one.c -mdc2dgst.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h +mdc2_one.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +mdc2_one.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +mdc2_one.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h +mdc2_one.o: ../../include/openssl/ui_compat.h ../cryptlib.h mdc2_one.c mdc2dgst.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -mdc2dgst.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -mdc2dgst.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h -mdc2dgst.o: ../../include/openssl/mdc2.h ../../include/openssl/opensslconf.h -mdc2dgst.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h +mdc2dgst.o: ../../include/openssl/e_os2.h ../../include/openssl/mdc2.h +mdc2dgst.o: ../../include/openssl/opensslconf.h +mdc2dgst.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h mdc2dgst.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h mdc2dgst.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h mdc2dgst.o: mdc2dgst.c diff --git a/src/lib/libcrypto/mdc2/mdc2.h b/src/lib/libcrypto/mdc2/mdc2.h index 4cba101f37..72778a5212 100644 --- a/src/lib/libcrypto/mdc2/mdc2.h +++ b/src/lib/libcrypto/mdc2/mdc2.h @@ -74,19 +74,17 @@ extern "C" { typedef struct mdc2_ctx_st { - int num; + unsigned int num; unsigned char data[MDC2_BLOCK]; DES_cblock h,hh; int pad_type; /* either 1 or 2, default 1 */ } MDC2_CTX; -#ifdef OPENSSL_FIPS -int private_MDC2_Init(MDC2_CTX *c); -#endif + int MDC2_Init(MDC2_CTX *c); -int MDC2_Update(MDC2_CTX *c, const unsigned char *data, unsigned long len); +int MDC2_Update(MDC2_CTX *c, const unsigned char *data, size_t len); int MDC2_Final(unsigned char *md, MDC2_CTX *c); -unsigned char *MDC2(const unsigned char *d, unsigned long n, +unsigned char *MDC2(const unsigned char *d, size_t n, unsigned char *md); #ifdef __cplusplus diff --git a/src/lib/libcrypto/mdc2/mdc2test.c b/src/lib/libcrypto/mdc2/mdc2test.c index c9abe99d92..017b31add2 100644 --- a/src/lib/libcrypto/mdc2/mdc2test.c +++ b/src/lib/libcrypto/mdc2/mdc2test.c @@ -140,6 +140,9 @@ int main(int argc, char *argv[]) printf("pad2 - ok\n"); EVP_MD_CTX_cleanup(&c); +#ifdef OPENSSL_SYS_NETWARE + if (ret) printf("ERROR: %d\n", ret); +#endif EXIT(ret); return(ret); } diff --git a/src/lib/libcrypto/mem.c b/src/lib/libcrypto/mem.c index dd86733b77..6635167228 100644 --- a/src/lib/libcrypto/mem.c +++ b/src/lib/libcrypto/mem.c @@ -324,8 +324,8 @@ void *CRYPTO_realloc(void *str, int num, const char *file, int line) if (str == NULL) return CRYPTO_malloc(num, file, line); - if (num <= 0) return NULL; - + if (num <= 0) return NULL; + if (realloc_debug_func != NULL) realloc_debug_func(str, NULL, num, file, line, 0); ret = realloc_ex_func(str,num,file,line); @@ -345,9 +345,9 @@ void *CRYPTO_realloc_clean(void *str, int old_len, int num, const char *file, if (str == NULL) return CRYPTO_malloc(num, file, line); - - if (num <= 0) return NULL; - + + if (num <= 0) return NULL; + if (realloc_debug_func != NULL) realloc_debug_func(str, NULL, num, file, line, 0); ret=malloc_ex_func(num,file,line); diff --git a/src/lib/libcrypto/o_str.h b/src/lib/libcrypto/o_str.h index 4a70a9e00b..dfc98494c6 100644 --- a/src/lib/libcrypto/o_str.h +++ b/src/lib/libcrypto/o_str.h @@ -63,5 +63,6 @@ int OPENSSL_strcasecmp(const char *str1, const char *str2); int OPENSSL_strncasecmp(const char *str1, const char *str2, size_t n); +int OPENSSL_memcmp(const void *p1,const void *p2,size_t n); #endif diff --git a/src/lib/libcrypto/objects/Makefile b/src/lib/libcrypto/objects/Makefile index 23b2a69e6d..9c5615099c 100644 --- a/src/lib/libcrypto/objects/Makefile +++ b/src/lib/libcrypto/objects/Makefile @@ -7,11 +7,6 @@ TOP= ../.. CC= cc INCLUDES= -I.. -I$(TOP) -I../../include CFLAG=-g -INSTALL_PREFIX= -OPENSSLDIR= /usr/local/ssl -INSTALLTOP=/usr/local/ssl -MAKEDEPPROG= makedepend -MAKEDEPEND= $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG) MAKEFILE= Makefile AR= ar r PERL= perl @@ -60,6 +55,7 @@ links: @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS) install: + @[ -n "$(INSTALLTOP)" ] # should be set by top Makefile... @headerlist="$(EXHEADER)"; for i in $$headerlist ; \ do \ (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \ @@ -75,6 +71,7 @@ lint: lint -DLINT $(INCLUDES) $(SRC)>fluff depend: + @[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile... $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC) dclean: @@ -87,13 +84,13 @@ clean: # DO NOT DELETE THIS LINE -- make depend depends on it. o_names.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -o_names.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h -o_names.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -o_names.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h -o_names.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -o_names.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -o_names.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h -o_names.o: ../../include/openssl/symhacks.h o_names.c +o_names.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h +o_names.o: ../../include/openssl/err.h ../../include/openssl/lhash.h +o_names.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h +o_names.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h +o_names.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h +o_names.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +o_names.o: o_names.c obj_dat.o: ../../e_os.h ../../include/openssl/asn1.h obj_dat.o: ../../include/openssl/bio.h ../../include/openssl/bn.h obj_dat.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h @@ -104,19 +101,19 @@ obj_dat.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h obj_dat.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h obj_dat.o: ../../include/openssl/symhacks.h ../cryptlib.h obj_dat.c obj_dat.h obj_err.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -obj_err.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h -obj_err.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -obj_err.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h -obj_err.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -obj_err.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -obj_err.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h -obj_err.o: ../../include/openssl/symhacks.h obj_err.c +obj_err.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h +obj_err.o: ../../include/openssl/err.h ../../include/openssl/lhash.h +obj_err.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h +obj_err.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h +obj_err.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h +obj_err.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +obj_err.o: obj_err.c obj_lib.o: ../../e_os.h ../../include/openssl/asn1.h -obj_lib.o: ../../include/openssl/bio.h ../../include/openssl/bn.h -obj_lib.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h -obj_lib.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -obj_lib.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h -obj_lib.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -obj_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -obj_lib.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h -obj_lib.o: ../../include/openssl/symhacks.h ../cryptlib.h obj_lib.c +obj_lib.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h +obj_lib.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h +obj_lib.o: ../../include/openssl/err.h ../../include/openssl/lhash.h +obj_lib.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h +obj_lib.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h +obj_lib.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h +obj_lib.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +obj_lib.o: ../cryptlib.h obj_lib.c diff --git a/src/lib/libcrypto/objects/obj_dat.h b/src/lib/libcrypto/objects/obj_dat.h index cc22152682..99acf131f8 100644 --- a/src/lib/libcrypto/objects/obj_dat.h +++ b/src/lib/libcrypto/objects/obj_dat.h @@ -62,12 +62,12 @@ * [including the GNU Public Licence.] */ -#define NUM_NID 676 -#define NUM_SN 669 -#define NUM_LN 669 -#define NUM_OBJ 633 +#define NUM_NID 791 +#define NUM_SN 784 +#define NUM_LN 784 +#define NUM_OBJ 740 -static unsigned char lvalues[4575]={ +static unsigned char lvalues[5258]={ 0x00, /* [ 0] OBJ_undef */ 0x2A,0x86,0x48,0x86,0xF7,0x0D, /* [ 1] OBJ_rsadsi */ 0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01, /* [ 7] OBJ_pkcs */ @@ -166,541 +166,648 @@ static unsigned char lvalues[4575]={ 0x2B,0x24,0x03,0x03,0x01,0x02, /* [603] OBJ_ripemd160WithRSA */ 0x2A,0x86,0x48,0x86,0xF7,0x0D,0x03,0x08, /* [609] OBJ_rc5_cbc */ 0x29,0x01,0x01,0x85,0x1A,0x01, /* [617] OBJ_rle_compression */ -0x29,0x01,0x01,0x85,0x1A,0x02, /* [623] OBJ_zlib_compression */ -0x55,0x1D,0x25, /* [629] OBJ_ext_key_usage */ -0x2B,0x06,0x01,0x05,0x05,0x07, /* [632] OBJ_id_pkix */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x03, /* [638] OBJ_id_kp */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x01, /* [645] OBJ_server_auth */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x02, /* [653] OBJ_client_auth */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x03, /* [661] OBJ_code_sign */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x04, /* [669] OBJ_email_protect */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x08, /* [677] OBJ_time_stamp */ -0x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x02,0x01,0x15,/* [685] OBJ_ms_code_ind */ -0x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x02,0x01,0x16,/* [695] OBJ_ms_code_com */ -0x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x0A,0x03,0x01,/* [705] OBJ_ms_ctl_sign */ -0x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x0A,0x03,0x03,/* [715] OBJ_ms_sgc */ -0x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x0A,0x03,0x04,/* [725] OBJ_ms_efs */ -0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x04,0x01,/* [735] OBJ_ns_sgc */ -0x55,0x1D,0x1B, /* [744] OBJ_delta_crl */ -0x55,0x1D,0x15, /* [747] OBJ_crl_reason */ -0x55,0x1D,0x18, /* [750] OBJ_invalidity_date */ -0x2B,0x65,0x01,0x04,0x01, /* [753] OBJ_sxnet */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x01,0x01,/* [758] OBJ_pbe_WithSHA1And128BitRC4 */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x01,0x02,/* [768] OBJ_pbe_WithSHA1And40BitRC4 */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x01,0x03,/* [778] OBJ_pbe_WithSHA1And3_Key_TripleDES_CBC */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x01,0x04,/* [788] OBJ_pbe_WithSHA1And2_Key_TripleDES_CBC */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x01,0x05,/* [798] OBJ_pbe_WithSHA1And128BitRC2_CBC */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x01,0x06,/* [808] OBJ_pbe_WithSHA1And40BitRC2_CBC */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x0A,0x01,0x01,/* [818] OBJ_keyBag */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x0A,0x01,0x02,/* [829] OBJ_pkcs8ShroudedKeyBag */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x0A,0x01,0x03,/* [840] OBJ_certBag */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x0A,0x01,0x04,/* [851] OBJ_crlBag */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x0A,0x01,0x05,/* [862] OBJ_secretBag */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x0A,0x01,0x06,/* [873] OBJ_safeContentsBag */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x14,/* [884] OBJ_friendlyName */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x15,/* [893] OBJ_localKeyID */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x16,0x01,/* [902] OBJ_x509Certificate */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x16,0x02,/* [912] OBJ_sdsiCertificate */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x17,0x01,/* [922] OBJ_x509Crl */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x05,0x0D,/* [932] OBJ_pbes2 */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x05,0x0E,/* [941] OBJ_pbmac1 */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x02,0x07, /* [950] OBJ_hmacWithSHA1 */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x02,0x01, /* [958] OBJ_id_qt_cps */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x02,0x02, /* [966] OBJ_id_qt_unotice */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x0F,/* [974] OBJ_SMIMECapabilities */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x05,0x04,/* [983] OBJ_pbeWithMD2AndRC2_CBC */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x05,0x06,/* [992] OBJ_pbeWithMD5AndRC2_CBC */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x05,0x0A,/* [1001] OBJ_pbeWithSHA1AndDES_CBC */ -0x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x02,0x01,0x0E,/* [1010] OBJ_ms_ext_req */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x0E,/* [1020] OBJ_ext_req */ -0x55,0x04,0x29, /* [1029] OBJ_name */ -0x55,0x04,0x2E, /* [1032] OBJ_dnQualifier */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x01, /* [1035] OBJ_id_pe */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x30, /* [1042] OBJ_id_ad */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x01, /* [1049] OBJ_info_access */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01, /* [1057] OBJ_ad_OCSP */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x02, /* [1065] OBJ_ad_ca_issuers */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x09, /* [1073] OBJ_OCSP_sign */ -0x28, /* [1081] OBJ_iso */ -0x2A, /* [1082] OBJ_member_body */ -0x2A,0x86,0x48, /* [1083] OBJ_ISO_US */ -0x2A,0x86,0x48,0xCE,0x38, /* [1086] OBJ_X9_57 */ -0x2A,0x86,0x48,0xCE,0x38,0x04, /* [1091] OBJ_X9cm */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01, /* [1097] OBJ_pkcs1 */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x05, /* [1105] OBJ_pkcs5 */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,/* [1113] OBJ_SMIME */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x00,/* [1122] OBJ_id_smime_mod */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x01,/* [1132] OBJ_id_smime_ct */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,/* [1142] OBJ_id_smime_aa */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x03,/* [1152] OBJ_id_smime_alg */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x04,/* [1162] OBJ_id_smime_cd */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x05,/* [1172] OBJ_id_smime_spq */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x06,/* [1182] OBJ_id_smime_cti */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x00,0x01,/* [1192] OBJ_id_smime_mod_cms */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x00,0x02,/* [1203] OBJ_id_smime_mod_ess */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x00,0x03,/* [1214] OBJ_id_smime_mod_oid */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x00,0x04,/* [1225] OBJ_id_smime_mod_msg_v3 */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x00,0x05,/* [1236] OBJ_id_smime_mod_ets_eSignature_88 */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x00,0x06,/* [1247] OBJ_id_smime_mod_ets_eSignature_97 */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x00,0x07,/* [1258] OBJ_id_smime_mod_ets_eSigPolicy_88 */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x00,0x08,/* [1269] OBJ_id_smime_mod_ets_eSigPolicy_97 */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x01,0x01,/* [1280] OBJ_id_smime_ct_receipt */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x01,0x02,/* [1291] OBJ_id_smime_ct_authData */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x01,0x03,/* [1302] OBJ_id_smime_ct_publishCert */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x01,0x04,/* [1313] OBJ_id_smime_ct_TSTInfo */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x01,0x05,/* [1324] OBJ_id_smime_ct_TDTInfo */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x01,0x06,/* [1335] OBJ_id_smime_ct_contentInfo */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x01,0x07,/* [1346] OBJ_id_smime_ct_DVCSRequestData */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x01,0x08,/* [1357] OBJ_id_smime_ct_DVCSResponseData */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x01,/* [1368] OBJ_id_smime_aa_receiptRequest */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x02,/* [1379] OBJ_id_smime_aa_securityLabel */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x03,/* [1390] OBJ_id_smime_aa_mlExpandHistory */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x04,/* [1401] OBJ_id_smime_aa_contentHint */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x05,/* [1412] OBJ_id_smime_aa_msgSigDigest */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x06,/* [1423] OBJ_id_smime_aa_encapContentType */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x07,/* [1434] OBJ_id_smime_aa_contentIdentifier */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x08,/* [1445] OBJ_id_smime_aa_macValue */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x09,/* [1456] OBJ_id_smime_aa_equivalentLabels */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x0A,/* [1467] OBJ_id_smime_aa_contentReference */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x0B,/* [1478] OBJ_id_smime_aa_encrypKeyPref */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x0C,/* [1489] OBJ_id_smime_aa_signingCertificate */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x0D,/* [1500] OBJ_id_smime_aa_smimeEncryptCerts */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x0E,/* [1511] OBJ_id_smime_aa_timeStampToken */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x0F,/* [1522] OBJ_id_smime_aa_ets_sigPolicyId */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x10,/* [1533] OBJ_id_smime_aa_ets_commitmentType */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x11,/* [1544] OBJ_id_smime_aa_ets_signerLocation */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x12,/* [1555] OBJ_id_smime_aa_ets_signerAttr */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x13,/* [1566] OBJ_id_smime_aa_ets_otherSigCert */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x14,/* [1577] OBJ_id_smime_aa_ets_contentTimestamp */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x15,/* [1588] OBJ_id_smime_aa_ets_CertificateRefs */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x16,/* [1599] OBJ_id_smime_aa_ets_RevocationRefs */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x17,/* [1610] OBJ_id_smime_aa_ets_certValues */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x18,/* [1621] OBJ_id_smime_aa_ets_revocationValues */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x19,/* [1632] OBJ_id_smime_aa_ets_escTimeStamp */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x1A,/* [1643] OBJ_id_smime_aa_ets_certCRLTimestamp */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x1B,/* [1654] OBJ_id_smime_aa_ets_archiveTimeStamp */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x1C,/* [1665] OBJ_id_smime_aa_signatureType */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x1D,/* [1676] OBJ_id_smime_aa_dvcs_dvc */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x03,0x01,/* [1687] OBJ_id_smime_alg_ESDHwith3DES */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x03,0x02,/* [1698] OBJ_id_smime_alg_ESDHwithRC2 */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x03,0x03,/* [1709] OBJ_id_smime_alg_3DESwrap */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x03,0x04,/* [1720] OBJ_id_smime_alg_RC2wrap */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x03,0x05,/* [1731] OBJ_id_smime_alg_ESDH */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x03,0x06,/* [1742] OBJ_id_smime_alg_CMS3DESwrap */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x03,0x07,/* [1753] OBJ_id_smime_alg_CMSRC2wrap */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x04,0x01,/* [1764] OBJ_id_smime_cd_ldap */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x05,0x01,/* [1775] OBJ_id_smime_spq_ets_sqt_uri */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x05,0x02,/* [1786] OBJ_id_smime_spq_ets_sqt_unotice */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x06,0x01,/* [1797] OBJ_id_smime_cti_ets_proofOfOrigin */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x06,0x02,/* [1808] OBJ_id_smime_cti_ets_proofOfReceipt */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x06,0x03,/* [1819] OBJ_id_smime_cti_ets_proofOfDelivery */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x06,0x04,/* [1830] OBJ_id_smime_cti_ets_proofOfSender */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x06,0x05,/* [1841] OBJ_id_smime_cti_ets_proofOfApproval */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x06,0x06,/* [1852] OBJ_id_smime_cti_ets_proofOfCreation */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x02,0x04, /* [1863] OBJ_md4 */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x00, /* [1871] OBJ_id_pkix_mod */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x02, /* [1878] OBJ_id_qt */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x04, /* [1885] OBJ_id_it */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x05, /* [1892] OBJ_id_pkip */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x06, /* [1899] OBJ_id_alg */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x07, /* [1906] OBJ_id_cmc */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x08, /* [1913] OBJ_id_on */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x09, /* [1920] OBJ_id_pda */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x0A, /* [1927] OBJ_id_aca */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x0B, /* [1934] OBJ_id_qcs */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x0C, /* [1941] OBJ_id_cct */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x01, /* [1948] OBJ_id_pkix1_explicit_88 */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x02, /* [1956] OBJ_id_pkix1_implicit_88 */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x03, /* [1964] OBJ_id_pkix1_explicit_93 */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x04, /* [1972] OBJ_id_pkix1_implicit_93 */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x05, /* [1980] OBJ_id_mod_crmf */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x06, /* [1988] OBJ_id_mod_cmc */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x07, /* [1996] OBJ_id_mod_kea_profile_88 */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x08, /* [2004] OBJ_id_mod_kea_profile_93 */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x09, /* [2012] OBJ_id_mod_cmp */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x0A, /* [2020] OBJ_id_mod_qualified_cert_88 */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x0B, /* [2028] OBJ_id_mod_qualified_cert_93 */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x0C, /* [2036] OBJ_id_mod_attribute_cert */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x0D, /* [2044] OBJ_id_mod_timestamp_protocol */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x0E, /* [2052] OBJ_id_mod_ocsp */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x0F, /* [2060] OBJ_id_mod_dvcs */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x10, /* [2068] OBJ_id_mod_cmp2000 */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x02, /* [2076] OBJ_biometricInfo */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x03, /* [2084] OBJ_qcStatements */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x04, /* [2092] OBJ_ac_auditEntity */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x05, /* [2100] OBJ_ac_targeting */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x06, /* [2108] OBJ_aaControls */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x07, /* [2116] OBJ_sbgp_ipAddrBlock */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x08, /* [2124] OBJ_sbgp_autonomousSysNum */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x09, /* [2132] OBJ_sbgp_routerIdentifier */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x02,0x03, /* [2140] OBJ_textNotice */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x05, /* [2148] OBJ_ipsecEndSystem */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x06, /* [2156] OBJ_ipsecTunnel */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x07, /* [2164] OBJ_ipsecUser */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x0A, /* [2172] OBJ_dvcs */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x01, /* [2180] OBJ_id_it_caProtEncCert */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x02, /* [2188] OBJ_id_it_signKeyPairTypes */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x03, /* [2196] OBJ_id_it_encKeyPairTypes */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x04, /* [2204] OBJ_id_it_preferredSymmAlg */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x05, /* [2212] OBJ_id_it_caKeyUpdateInfo */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x06, /* [2220] OBJ_id_it_currentCRL */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x07, /* [2228] OBJ_id_it_unsupportedOIDs */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x08, /* [2236] OBJ_id_it_subscriptionRequest */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x09, /* [2244] OBJ_id_it_subscriptionResponse */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x0A, /* [2252] OBJ_id_it_keyPairParamReq */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x0B, /* [2260] OBJ_id_it_keyPairParamRep */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x0C, /* [2268] OBJ_id_it_revPassphrase */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x0D, /* [2276] OBJ_id_it_implicitConfirm */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x0E, /* [2284] OBJ_id_it_confirmWaitTime */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x0F, /* [2292] OBJ_id_it_origPKIMessage */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x05,0x01, /* [2300] OBJ_id_regCtrl */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x05,0x02, /* [2308] OBJ_id_regInfo */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x05,0x01,0x01,/* [2316] OBJ_id_regCtrl_regToken */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x05,0x01,0x02,/* [2325] OBJ_id_regCtrl_authenticator */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x05,0x01,0x03,/* [2334] OBJ_id_regCtrl_pkiPublicationInfo */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x05,0x01,0x04,/* [2343] OBJ_id_regCtrl_pkiArchiveOptions */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x05,0x01,0x05,/* [2352] OBJ_id_regCtrl_oldCertID */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x05,0x01,0x06,/* [2361] OBJ_id_regCtrl_protocolEncrKey */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x05,0x02,0x01,/* [2370] OBJ_id_regInfo_utf8Pairs */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x05,0x02,0x02,/* [2379] OBJ_id_regInfo_certReq */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x06,0x01, /* [2388] OBJ_id_alg_des40 */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x06,0x02, /* [2396] OBJ_id_alg_noSignature */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x06,0x03, /* [2404] OBJ_id_alg_dh_sig_hmac_sha1 */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x06,0x04, /* [2412] OBJ_id_alg_dh_pop */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x01, /* [2420] OBJ_id_cmc_statusInfo */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x02, /* [2428] OBJ_id_cmc_identification */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x03, /* [2436] OBJ_id_cmc_identityProof */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x04, /* [2444] OBJ_id_cmc_dataReturn */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x05, /* [2452] OBJ_id_cmc_transactionId */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x06, /* [2460] OBJ_id_cmc_senderNonce */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x07, /* [2468] OBJ_id_cmc_recipientNonce */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x08, /* [2476] OBJ_id_cmc_addExtensions */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x09, /* [2484] OBJ_id_cmc_encryptedPOP */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x0A, /* [2492] OBJ_id_cmc_decryptedPOP */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x0B, /* [2500] OBJ_id_cmc_lraPOPWitness */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x0F, /* [2508] OBJ_id_cmc_getCert */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x10, /* [2516] OBJ_id_cmc_getCRL */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x11, /* [2524] OBJ_id_cmc_revokeRequest */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x12, /* [2532] OBJ_id_cmc_regInfo */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x13, /* [2540] OBJ_id_cmc_responseInfo */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x15, /* [2548] OBJ_id_cmc_queryPending */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x16, /* [2556] OBJ_id_cmc_popLinkRandom */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x17, /* [2564] OBJ_id_cmc_popLinkWitness */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x18, /* [2572] OBJ_id_cmc_confirmCertAcceptance */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x08,0x01, /* [2580] OBJ_id_on_personalData */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x09,0x01, /* [2588] OBJ_id_pda_dateOfBirth */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x09,0x02, /* [2596] OBJ_id_pda_placeOfBirth */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x09,0x03, /* [2604] OBJ_id_pda_gender */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x09,0x04, /* [2612] OBJ_id_pda_countryOfCitizenship */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x09,0x05, /* [2620] OBJ_id_pda_countryOfResidence */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x0A,0x01, /* [2628] OBJ_id_aca_authenticationInfo */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x0A,0x02, /* [2636] OBJ_id_aca_accessIdentity */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x0A,0x03, /* [2644] OBJ_id_aca_chargingIdentity */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x0A,0x04, /* [2652] OBJ_id_aca_group */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x0A,0x05, /* [2660] OBJ_id_aca_role */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x0B,0x01, /* [2668] OBJ_id_qcs_pkixQCSyntax_v1 */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x0C,0x01, /* [2676] OBJ_id_cct_crs */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x0C,0x02, /* [2684] OBJ_id_cct_PKIData */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x0C,0x03, /* [2692] OBJ_id_cct_PKIResponse */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x03, /* [2700] OBJ_ad_timeStamping */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x04, /* [2708] OBJ_ad_dvcs */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,0x01,/* [2716] OBJ_id_pkix_OCSP_basic */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,0x02,/* [2725] OBJ_id_pkix_OCSP_Nonce */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,0x03,/* [2734] OBJ_id_pkix_OCSP_CrlID */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,0x04,/* [2743] OBJ_id_pkix_OCSP_acceptableResponses */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,0x05,/* [2752] OBJ_id_pkix_OCSP_noCheck */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,0x06,/* [2761] OBJ_id_pkix_OCSP_archiveCutoff */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,0x07,/* [2770] OBJ_id_pkix_OCSP_serviceLocator */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,0x08,/* [2779] OBJ_id_pkix_OCSP_extendedStatus */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,0x09,/* [2788] OBJ_id_pkix_OCSP_valid */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,0x0A,/* [2797] OBJ_id_pkix_OCSP_path */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,0x0B,/* [2806] OBJ_id_pkix_OCSP_trustRoot */ -0x2B,0x0E,0x03,0x02, /* [2815] OBJ_algorithm */ -0x2B,0x0E,0x03,0x02,0x0B, /* [2819] OBJ_rsaSignature */ -0x55,0x08, /* [2824] OBJ_X500algorithms */ -0x2B, /* [2826] OBJ_org */ -0x2B,0x06, /* [2827] OBJ_dod */ -0x2B,0x06,0x01, /* [2829] OBJ_iana */ -0x2B,0x06,0x01,0x01, /* [2832] OBJ_Directory */ -0x2B,0x06,0x01,0x02, /* [2836] OBJ_Management */ -0x2B,0x06,0x01,0x03, /* [2840] OBJ_Experimental */ -0x2B,0x06,0x01,0x04, /* [2844] OBJ_Private */ -0x2B,0x06,0x01,0x05, /* [2848] OBJ_Security */ -0x2B,0x06,0x01,0x06, /* [2852] OBJ_SNMPv2 */ -0x2B,0x06,0x01,0x07, /* [2856] OBJ_Mail */ -0x2B,0x06,0x01,0x04,0x01, /* [2860] OBJ_Enterprises */ -0x2B,0x06,0x01,0x04,0x01,0x8B,0x3A,0x82,0x58,/* [2865] OBJ_dcObject */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x19,/* [2874] OBJ_domainComponent */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x0D,/* [2884] OBJ_Domain */ -0x50, /* [2894] OBJ_joint_iso_ccitt */ -0x55,0x01,0x05, /* [2895] OBJ_selected_attribute_types */ -0x55,0x01,0x05,0x37, /* [2898] OBJ_clearance */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x03,/* [2902] OBJ_md4WithRSAEncryption */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x0A, /* [2911] OBJ_ac_proxying */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x0B, /* [2919] OBJ_sinfo_access */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x0A,0x06, /* [2927] OBJ_id_aca_encAttrs */ -0x55,0x04,0x48, /* [2935] OBJ_role */ -0x55,0x1D,0x24, /* [2938] OBJ_policy_constraints */ -0x55,0x1D,0x37, /* [2941] OBJ_target_information */ -0x55,0x1D,0x38, /* [2944] OBJ_no_rev_avail */ -0x00, /* [2947] OBJ_ccitt */ -0x2A,0x86,0x48,0xCE,0x3D, /* [2948] OBJ_ansi_X9_62 */ -0x2A,0x86,0x48,0xCE,0x3D,0x01,0x01, /* [2953] OBJ_X9_62_prime_field */ -0x2A,0x86,0x48,0xCE,0x3D,0x01,0x02, /* [2960] OBJ_X9_62_characteristic_two_field */ -0x2A,0x86,0x48,0xCE,0x3D,0x02,0x01, /* [2967] OBJ_X9_62_id_ecPublicKey */ -0x2A,0x86,0x48,0xCE,0x3D,0x03,0x01,0x01, /* [2974] OBJ_X9_62_prime192v1 */ -0x2A,0x86,0x48,0xCE,0x3D,0x03,0x01,0x02, /* [2982] OBJ_X9_62_prime192v2 */ -0x2A,0x86,0x48,0xCE,0x3D,0x03,0x01,0x03, /* [2990] OBJ_X9_62_prime192v3 */ -0x2A,0x86,0x48,0xCE,0x3D,0x03,0x01,0x04, /* [2998] OBJ_X9_62_prime239v1 */ -0x2A,0x86,0x48,0xCE,0x3D,0x03,0x01,0x05, /* [3006] OBJ_X9_62_prime239v2 */ -0x2A,0x86,0x48,0xCE,0x3D,0x03,0x01,0x06, /* [3014] OBJ_X9_62_prime239v3 */ -0x2A,0x86,0x48,0xCE,0x3D,0x03,0x01,0x07, /* [3022] OBJ_X9_62_prime256v1 */ -0x2A,0x86,0x48,0xCE,0x3D,0x04,0x01, /* [3030] OBJ_ecdsa_with_SHA1 */ -0x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x11,0x01,/* [3037] OBJ_ms_csp_name */ -0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x01,/* [3046] OBJ_aes_128_ecb */ -0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x02,/* [3055] OBJ_aes_128_cbc */ -0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x03,/* [3064] OBJ_aes_128_ofb128 */ -0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x04,/* [3073] OBJ_aes_128_cfb128 */ -0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x15,/* [3082] OBJ_aes_192_ecb */ -0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x16,/* [3091] OBJ_aes_192_cbc */ -0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x17,/* [3100] OBJ_aes_192_ofb128 */ -0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x18,/* [3109] OBJ_aes_192_cfb128 */ -0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x29,/* [3118] OBJ_aes_256_ecb */ -0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x2A,/* [3127] OBJ_aes_256_cbc */ -0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x2B,/* [3136] OBJ_aes_256_ofb128 */ -0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x2C,/* [3145] OBJ_aes_256_cfb128 */ -0x55,0x1D,0x17, /* [3154] OBJ_hold_instruction_code */ -0x2A,0x86,0x48,0xCE,0x38,0x02,0x01, /* [3157] OBJ_hold_instruction_none */ -0x2A,0x86,0x48,0xCE,0x38,0x02,0x02, /* [3164] OBJ_hold_instruction_call_issuer */ -0x2A,0x86,0x48,0xCE,0x38,0x02,0x03, /* [3171] OBJ_hold_instruction_reject */ -0x09, /* [3178] OBJ_data */ -0x09,0x92,0x26, /* [3179] OBJ_pss */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C, /* [3182] OBJ_ucl */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64, /* [3189] OBJ_pilot */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,/* [3197] OBJ_pilotAttributeType */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x03,/* [3206] OBJ_pilotAttributeSyntax */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,/* [3215] OBJ_pilotObjectClass */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x0A,/* [3224] OBJ_pilotGroups */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x03,0x04,/* [3233] OBJ_iA5StringSyntax */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x03,0x05,/* [3243] OBJ_caseIgnoreIA5StringSyntax */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x03,/* [3253] OBJ_pilotObject */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x04,/* [3263] OBJ_pilotPerson */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x05,/* [3273] OBJ_account */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x06,/* [3283] OBJ_document */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x07,/* [3293] OBJ_room */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x09,/* [3303] OBJ_documentSeries */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x0E,/* [3313] OBJ_rFC822localPart */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x0F,/* [3323] OBJ_dNSDomain */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x11,/* [3333] OBJ_domainRelatedObject */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x12,/* [3343] OBJ_friendlyCountry */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x13,/* [3353] OBJ_simpleSecurityObject */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x14,/* [3363] OBJ_pilotOrganization */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x15,/* [3373] OBJ_pilotDSA */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x16,/* [3383] OBJ_qualityLabelledData */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x01,/* [3393] OBJ_userId */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x02,/* [3403] OBJ_textEncodedORAddress */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x03,/* [3413] OBJ_rfc822Mailbox */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x04,/* [3423] OBJ_info */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x05,/* [3433] OBJ_favouriteDrink */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x06,/* [3443] OBJ_roomNumber */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x07,/* [3453] OBJ_photo */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x08,/* [3463] OBJ_userClass */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x09,/* [3473] OBJ_host */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x0A,/* [3483] OBJ_manager */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x0B,/* [3493] OBJ_documentIdentifier */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x0C,/* [3503] OBJ_documentTitle */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x0D,/* [3513] OBJ_documentVersion */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x0E,/* [3523] OBJ_documentAuthor */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x0F,/* [3533] OBJ_documentLocation */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x14,/* [3543] OBJ_homeTelephoneNumber */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x15,/* [3553] OBJ_secretary */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x16,/* [3563] OBJ_otherMailbox */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x17,/* [3573] OBJ_lastModifiedTime */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x18,/* [3583] OBJ_lastModifiedBy */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x1A,/* [3593] OBJ_aRecord */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x1B,/* [3603] OBJ_pilotAttributeType27 */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x1C,/* [3613] OBJ_mXRecord */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x1D,/* [3623] OBJ_nSRecord */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x1E,/* [3633] OBJ_sOARecord */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x1F,/* [3643] OBJ_cNAMERecord */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x25,/* [3653] OBJ_associatedDomain */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x26,/* [3663] OBJ_associatedName */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x27,/* [3673] OBJ_homePostalAddress */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x28,/* [3683] OBJ_personalTitle */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x29,/* [3693] OBJ_mobileTelephoneNumber */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x2A,/* [3703] OBJ_pagerTelephoneNumber */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x2B,/* [3713] OBJ_friendlyCountryName */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x2D,/* [3723] OBJ_organizationalStatus */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x2E,/* [3733] OBJ_janetMailbox */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x2F,/* [3743] OBJ_mailPreferenceOption */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x30,/* [3753] OBJ_buildingName */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x31,/* [3763] OBJ_dSAQuality */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x32,/* [3773] OBJ_singleLevelQuality */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x33,/* [3783] OBJ_subtreeMinimumQuality */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x34,/* [3793] OBJ_subtreeMaximumQuality */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x35,/* [3803] OBJ_personalSignature */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x36,/* [3813] OBJ_dITRedirect */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x37,/* [3823] OBJ_audio */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x38,/* [3833] OBJ_documentPublisher */ -0x55,0x04,0x2D, /* [3843] OBJ_x500UniqueIdentifier */ -0x2B,0x06,0x01,0x07,0x01, /* [3846] OBJ_mime_mhs */ -0x2B,0x06,0x01,0x07,0x01,0x01, /* [3851] OBJ_mime_mhs_headings */ -0x2B,0x06,0x01,0x07,0x01,0x02, /* [3857] OBJ_mime_mhs_bodies */ -0x2B,0x06,0x01,0x07,0x01,0x01,0x01, /* [3863] OBJ_id_hex_partial_message */ -0x2B,0x06,0x01,0x07,0x01,0x01,0x02, /* [3870] OBJ_id_hex_multipart_message */ -0x55,0x04,0x2C, /* [3877] OBJ_generationQualifier */ -0x55,0x04,0x41, /* [3880] OBJ_pseudonym */ -0x67,0x2A, /* [3883] OBJ_id_set */ -0x67,0x2A,0x00, /* [3885] OBJ_set_ctype */ -0x67,0x2A,0x01, /* [3888] OBJ_set_msgExt */ -0x67,0x2A,0x03, /* [3891] OBJ_set_attr */ -0x67,0x2A,0x05, /* [3894] OBJ_set_policy */ -0x67,0x2A,0x07, /* [3897] OBJ_set_certExt */ -0x67,0x2A,0x08, /* [3900] OBJ_set_brand */ -0x67,0x2A,0x00,0x00, /* [3903] OBJ_setct_PANData */ -0x67,0x2A,0x00,0x01, /* [3907] OBJ_setct_PANToken */ -0x67,0x2A,0x00,0x02, /* [3911] OBJ_setct_PANOnly */ -0x67,0x2A,0x00,0x03, /* [3915] OBJ_setct_OIData */ -0x67,0x2A,0x00,0x04, /* [3919] OBJ_setct_PI */ -0x67,0x2A,0x00,0x05, /* [3923] OBJ_setct_PIData */ -0x67,0x2A,0x00,0x06, /* [3927] OBJ_setct_PIDataUnsigned */ -0x67,0x2A,0x00,0x07, /* [3931] OBJ_setct_HODInput */ -0x67,0x2A,0x00,0x08, /* [3935] OBJ_setct_AuthResBaggage */ -0x67,0x2A,0x00,0x09, /* [3939] OBJ_setct_AuthRevReqBaggage */ -0x67,0x2A,0x00,0x0A, /* [3943] OBJ_setct_AuthRevResBaggage */ -0x67,0x2A,0x00,0x0B, /* [3947] OBJ_setct_CapTokenSeq */ -0x67,0x2A,0x00,0x0C, /* [3951] OBJ_setct_PInitResData */ -0x67,0x2A,0x00,0x0D, /* [3955] OBJ_setct_PI_TBS */ -0x67,0x2A,0x00,0x0E, /* [3959] OBJ_setct_PResData */ -0x67,0x2A,0x00,0x10, /* [3963] OBJ_setct_AuthReqTBS */ -0x67,0x2A,0x00,0x11, /* [3967] OBJ_setct_AuthResTBS */ -0x67,0x2A,0x00,0x12, /* [3971] OBJ_setct_AuthResTBSX */ -0x67,0x2A,0x00,0x13, /* [3975] OBJ_setct_AuthTokenTBS */ -0x67,0x2A,0x00,0x14, /* [3979] OBJ_setct_CapTokenData */ -0x67,0x2A,0x00,0x15, /* [3983] OBJ_setct_CapTokenTBS */ -0x67,0x2A,0x00,0x16, /* [3987] OBJ_setct_AcqCardCodeMsg */ -0x67,0x2A,0x00,0x17, /* [3991] OBJ_setct_AuthRevReqTBS */ -0x67,0x2A,0x00,0x18, /* [3995] OBJ_setct_AuthRevResData */ -0x67,0x2A,0x00,0x19, /* [3999] OBJ_setct_AuthRevResTBS */ -0x67,0x2A,0x00,0x1A, /* [4003] OBJ_setct_CapReqTBS */ -0x67,0x2A,0x00,0x1B, /* [4007] OBJ_setct_CapReqTBSX */ -0x67,0x2A,0x00,0x1C, /* [4011] OBJ_setct_CapResData */ -0x67,0x2A,0x00,0x1D, /* [4015] OBJ_setct_CapRevReqTBS */ -0x67,0x2A,0x00,0x1E, /* [4019] OBJ_setct_CapRevReqTBSX */ -0x67,0x2A,0x00,0x1F, /* [4023] OBJ_setct_CapRevResData */ -0x67,0x2A,0x00,0x20, /* [4027] OBJ_setct_CredReqTBS */ -0x67,0x2A,0x00,0x21, /* [4031] OBJ_setct_CredReqTBSX */ -0x67,0x2A,0x00,0x22, /* [4035] OBJ_setct_CredResData */ -0x67,0x2A,0x00,0x23, /* [4039] OBJ_setct_CredRevReqTBS */ -0x67,0x2A,0x00,0x24, /* [4043] OBJ_setct_CredRevReqTBSX */ -0x67,0x2A,0x00,0x25, /* [4047] OBJ_setct_CredRevResData */ -0x67,0x2A,0x00,0x26, /* [4051] OBJ_setct_PCertReqData */ -0x67,0x2A,0x00,0x27, /* [4055] OBJ_setct_PCertResTBS */ -0x67,0x2A,0x00,0x28, /* [4059] OBJ_setct_BatchAdminReqData */ -0x67,0x2A,0x00,0x29, /* [4063] OBJ_setct_BatchAdminResData */ -0x67,0x2A,0x00,0x2A, /* [4067] OBJ_setct_CardCInitResTBS */ -0x67,0x2A,0x00,0x2B, /* [4071] OBJ_setct_MeAqCInitResTBS */ -0x67,0x2A,0x00,0x2C, /* [4075] OBJ_setct_RegFormResTBS */ -0x67,0x2A,0x00,0x2D, /* [4079] OBJ_setct_CertReqData */ -0x67,0x2A,0x00,0x2E, /* [4083] OBJ_setct_CertReqTBS */ -0x67,0x2A,0x00,0x2F, /* [4087] OBJ_setct_CertResData */ -0x67,0x2A,0x00,0x30, /* [4091] OBJ_setct_CertInqReqTBS */ -0x67,0x2A,0x00,0x31, /* [4095] OBJ_setct_ErrorTBS */ -0x67,0x2A,0x00,0x32, /* [4099] OBJ_setct_PIDualSignedTBE */ -0x67,0x2A,0x00,0x33, /* [4103] OBJ_setct_PIUnsignedTBE */ -0x67,0x2A,0x00,0x34, /* [4107] OBJ_setct_AuthReqTBE */ -0x67,0x2A,0x00,0x35, /* [4111] OBJ_setct_AuthResTBE */ -0x67,0x2A,0x00,0x36, /* [4115] OBJ_setct_AuthResTBEX */ -0x67,0x2A,0x00,0x37, /* [4119] OBJ_setct_AuthTokenTBE */ -0x67,0x2A,0x00,0x38, /* [4123] OBJ_setct_CapTokenTBE */ -0x67,0x2A,0x00,0x39, /* [4127] OBJ_setct_CapTokenTBEX */ -0x67,0x2A,0x00,0x3A, /* [4131] OBJ_setct_AcqCardCodeMsgTBE */ -0x67,0x2A,0x00,0x3B, /* [4135] OBJ_setct_AuthRevReqTBE */ -0x67,0x2A,0x00,0x3C, /* [4139] OBJ_setct_AuthRevResTBE */ -0x67,0x2A,0x00,0x3D, /* [4143] OBJ_setct_AuthRevResTBEB */ -0x67,0x2A,0x00,0x3E, /* [4147] OBJ_setct_CapReqTBE */ -0x67,0x2A,0x00,0x3F, /* [4151] OBJ_setct_CapReqTBEX */ -0x67,0x2A,0x00,0x40, /* [4155] OBJ_setct_CapResTBE */ -0x67,0x2A,0x00,0x41, /* [4159] OBJ_setct_CapRevReqTBE */ -0x67,0x2A,0x00,0x42, /* [4163] OBJ_setct_CapRevReqTBEX */ -0x67,0x2A,0x00,0x43, /* [4167] OBJ_setct_CapRevResTBE */ -0x67,0x2A,0x00,0x44, /* [4171] OBJ_setct_CredReqTBE */ -0x67,0x2A,0x00,0x45, /* [4175] OBJ_setct_CredReqTBEX */ -0x67,0x2A,0x00,0x46, /* [4179] OBJ_setct_CredResTBE */ -0x67,0x2A,0x00,0x47, /* [4183] OBJ_setct_CredRevReqTBE */ -0x67,0x2A,0x00,0x48, /* [4187] OBJ_setct_CredRevReqTBEX */ -0x67,0x2A,0x00,0x49, /* [4191] OBJ_setct_CredRevResTBE */ -0x67,0x2A,0x00,0x4A, /* [4195] OBJ_setct_BatchAdminReqTBE */ -0x67,0x2A,0x00,0x4B, /* [4199] OBJ_setct_BatchAdminResTBE */ -0x67,0x2A,0x00,0x4C, /* [4203] OBJ_setct_RegFormReqTBE */ -0x67,0x2A,0x00,0x4D, /* [4207] OBJ_setct_CertReqTBE */ -0x67,0x2A,0x00,0x4E, /* [4211] OBJ_setct_CertReqTBEX */ -0x67,0x2A,0x00,0x4F, /* [4215] OBJ_setct_CertResTBE */ -0x67,0x2A,0x00,0x50, /* [4219] OBJ_setct_CRLNotificationTBS */ -0x67,0x2A,0x00,0x51, /* [4223] OBJ_setct_CRLNotificationResTBS */ -0x67,0x2A,0x00,0x52, /* [4227] OBJ_setct_BCIDistributionTBS */ -0x67,0x2A,0x01,0x01, /* [4231] OBJ_setext_genCrypt */ -0x67,0x2A,0x01,0x03, /* [4235] OBJ_setext_miAuth */ -0x67,0x2A,0x01,0x04, /* [4239] OBJ_setext_pinSecure */ -0x67,0x2A,0x01,0x05, /* [4243] OBJ_setext_pinAny */ -0x67,0x2A,0x01,0x07, /* [4247] OBJ_setext_track2 */ -0x67,0x2A,0x01,0x08, /* [4251] OBJ_setext_cv */ -0x67,0x2A,0x05,0x00, /* [4255] OBJ_set_policy_root */ -0x67,0x2A,0x07,0x00, /* [4259] OBJ_setCext_hashedRoot */ -0x67,0x2A,0x07,0x01, /* [4263] OBJ_setCext_certType */ -0x67,0x2A,0x07,0x02, /* [4267] OBJ_setCext_merchData */ -0x67,0x2A,0x07,0x03, /* [4271] OBJ_setCext_cCertRequired */ -0x67,0x2A,0x07,0x04, /* [4275] OBJ_setCext_tunneling */ -0x67,0x2A,0x07,0x05, /* [4279] OBJ_setCext_setExt */ -0x67,0x2A,0x07,0x06, /* [4283] OBJ_setCext_setQualf */ -0x67,0x2A,0x07,0x07, /* [4287] OBJ_setCext_PGWYcapabilities */ -0x67,0x2A,0x07,0x08, /* [4291] OBJ_setCext_TokenIdentifier */ -0x67,0x2A,0x07,0x09, /* [4295] OBJ_setCext_Track2Data */ -0x67,0x2A,0x07,0x0A, /* [4299] OBJ_setCext_TokenType */ -0x67,0x2A,0x07,0x0B, /* [4303] OBJ_setCext_IssuerCapabilities */ -0x67,0x2A,0x03,0x00, /* [4307] OBJ_setAttr_Cert */ -0x67,0x2A,0x03,0x01, /* [4311] OBJ_setAttr_PGWYcap */ -0x67,0x2A,0x03,0x02, /* [4315] OBJ_setAttr_TokenType */ -0x67,0x2A,0x03,0x03, /* [4319] OBJ_setAttr_IssCap */ -0x67,0x2A,0x03,0x00,0x00, /* [4323] OBJ_set_rootKeyThumb */ -0x67,0x2A,0x03,0x00,0x01, /* [4328] OBJ_set_addPolicy */ -0x67,0x2A,0x03,0x02,0x01, /* [4333] OBJ_setAttr_Token_EMV */ -0x67,0x2A,0x03,0x02,0x02, /* [4338] OBJ_setAttr_Token_B0Prime */ -0x67,0x2A,0x03,0x03,0x03, /* [4343] OBJ_setAttr_IssCap_CVM */ -0x67,0x2A,0x03,0x03,0x04, /* [4348] OBJ_setAttr_IssCap_T2 */ -0x67,0x2A,0x03,0x03,0x05, /* [4353] OBJ_setAttr_IssCap_Sig */ -0x67,0x2A,0x03,0x03,0x03,0x01, /* [4358] OBJ_setAttr_GenCryptgrm */ -0x67,0x2A,0x03,0x03,0x04,0x01, /* [4364] OBJ_setAttr_T2Enc */ -0x67,0x2A,0x03,0x03,0x04,0x02, /* [4370] OBJ_setAttr_T2cleartxt */ -0x67,0x2A,0x03,0x03,0x05,0x01, /* [4376] OBJ_setAttr_TokICCsig */ -0x67,0x2A,0x03,0x03,0x05,0x02, /* [4382] OBJ_setAttr_SecDevSig */ -0x67,0x2A,0x08,0x01, /* [4388] OBJ_set_brand_IATA_ATA */ -0x67,0x2A,0x08,0x1E, /* [4392] OBJ_set_brand_Diners */ -0x67,0x2A,0x08,0x22, /* [4396] OBJ_set_brand_AmericanExpress */ -0x67,0x2A,0x08,0x23, /* [4400] OBJ_set_brand_JCB */ -0x67,0x2A,0x08,0x04, /* [4404] OBJ_set_brand_Visa */ -0x67,0x2A,0x08,0x05, /* [4408] OBJ_set_brand_MasterCard */ -0x67,0x2A,0x08,0xAE,0x7B, /* [4412] OBJ_set_brand_Novus */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x03,0x0A, /* [4417] OBJ_des_cdmf */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x06,/* [4425] OBJ_rsaOAEPEncryptionSET */ -0x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x14,0x02,0x02,/* [4434] OBJ_ms_smartcard_login */ -0x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x14,0x02,0x03,/* [4444] OBJ_ms_upn */ -0x55,0x04,0x09, /* [4454] OBJ_streetAddress */ -0x55,0x04,0x11, /* [4457] OBJ_postalCode */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x15, /* [4460] OBJ_id_ppl */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x0E, /* [4467] OBJ_proxyCertInfo */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x15,0x00, /* [4475] OBJ_id_ppl_anyLanguage */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x15,0x01, /* [4483] OBJ_id_ppl_inheritAll */ -0x55,0x1D,0x1E, /* [4491] OBJ_name_constraints */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x15,0x02, /* [4494] OBJ_Independent */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x0B,/* [4502] OBJ_sha256WithRSAEncryption */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x0C,/* [4511] OBJ_sha384WithRSAEncryption */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x0D,/* [4520] OBJ_sha512WithRSAEncryption */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x0E,/* [4529] OBJ_sha224WithRSAEncryption */ -0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x02,0x01,/* [4538] OBJ_sha256 */ -0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x02,0x02,/* [4547] OBJ_sha384 */ -0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x02,0x03,/* [4556] OBJ_sha512 */ -0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x02,0x04,/* [4565] OBJ_sha224 */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x03,0x08,/* [623] OBJ_zlib_compression */ +0x55,0x1D,0x25, /* [634] OBJ_ext_key_usage */ +0x2B,0x06,0x01,0x05,0x05,0x07, /* [637] OBJ_id_pkix */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x03, /* [643] OBJ_id_kp */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x01, /* [650] OBJ_server_auth */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x02, /* [658] OBJ_client_auth */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x03, /* [666] OBJ_code_sign */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x04, /* [674] OBJ_email_protect */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x08, /* [682] OBJ_time_stamp */ +0x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x02,0x01,0x15,/* [690] OBJ_ms_code_ind */ +0x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x02,0x01,0x16,/* [700] OBJ_ms_code_com */ +0x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x0A,0x03,0x01,/* [710] OBJ_ms_ctl_sign */ +0x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x0A,0x03,0x03,/* [720] OBJ_ms_sgc */ +0x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x0A,0x03,0x04,/* [730] OBJ_ms_efs */ +0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x04,0x01,/* [740] OBJ_ns_sgc */ +0x55,0x1D,0x1B, /* [749] OBJ_delta_crl */ +0x55,0x1D,0x15, /* [752] OBJ_crl_reason */ +0x55,0x1D,0x18, /* [755] OBJ_invalidity_date */ +0x2B,0x65,0x01,0x04,0x01, /* [758] OBJ_sxnet */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x01,0x01,/* [763] OBJ_pbe_WithSHA1And128BitRC4 */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x01,0x02,/* [773] OBJ_pbe_WithSHA1And40BitRC4 */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x01,0x03,/* [783] OBJ_pbe_WithSHA1And3_Key_TripleDES_CBC */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x01,0x04,/* [793] OBJ_pbe_WithSHA1And2_Key_TripleDES_CBC */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x01,0x05,/* [803] OBJ_pbe_WithSHA1And128BitRC2_CBC */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x01,0x06,/* [813] OBJ_pbe_WithSHA1And40BitRC2_CBC */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x0A,0x01,0x01,/* [823] OBJ_keyBag */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x0A,0x01,0x02,/* [834] OBJ_pkcs8ShroudedKeyBag */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x0A,0x01,0x03,/* [845] OBJ_certBag */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x0A,0x01,0x04,/* [856] OBJ_crlBag */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x0A,0x01,0x05,/* [867] OBJ_secretBag */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x0A,0x01,0x06,/* [878] OBJ_safeContentsBag */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x14,/* [889] OBJ_friendlyName */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x15,/* [898] OBJ_localKeyID */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x16,0x01,/* [907] OBJ_x509Certificate */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x16,0x02,/* [917] OBJ_sdsiCertificate */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x17,0x01,/* [927] OBJ_x509Crl */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x05,0x0D,/* [937] OBJ_pbes2 */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x05,0x0E,/* [946] OBJ_pbmac1 */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x02,0x07, /* [955] OBJ_hmacWithSHA1 */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x02,0x01, /* [963] OBJ_id_qt_cps */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x02,0x02, /* [971] OBJ_id_qt_unotice */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x0F,/* [979] OBJ_SMIMECapabilities */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x05,0x04,/* [988] OBJ_pbeWithMD2AndRC2_CBC */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x05,0x06,/* [997] OBJ_pbeWithMD5AndRC2_CBC */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x05,0x0A,/* [1006] OBJ_pbeWithSHA1AndDES_CBC */ +0x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x02,0x01,0x0E,/* [1015] OBJ_ms_ext_req */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x0E,/* [1025] OBJ_ext_req */ +0x55,0x04,0x29, /* [1034] OBJ_name */ +0x55,0x04,0x2E, /* [1037] OBJ_dnQualifier */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x01, /* [1040] OBJ_id_pe */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x30, /* [1047] OBJ_id_ad */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x01, /* [1054] OBJ_info_access */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01, /* [1062] OBJ_ad_OCSP */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x02, /* [1070] OBJ_ad_ca_issuers */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x09, /* [1078] OBJ_OCSP_sign */ +0x28, /* [1086] OBJ_iso */ +0x2A, /* [1087] OBJ_member_body */ +0x2A,0x86,0x48, /* [1088] OBJ_ISO_US */ +0x2A,0x86,0x48,0xCE,0x38, /* [1091] OBJ_X9_57 */ +0x2A,0x86,0x48,0xCE,0x38,0x04, /* [1096] OBJ_X9cm */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01, /* [1102] OBJ_pkcs1 */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x05, /* [1110] OBJ_pkcs5 */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,/* [1118] OBJ_SMIME */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x00,/* [1127] OBJ_id_smime_mod */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x01,/* [1137] OBJ_id_smime_ct */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,/* [1147] OBJ_id_smime_aa */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x03,/* [1157] OBJ_id_smime_alg */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x04,/* [1167] OBJ_id_smime_cd */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x05,/* [1177] OBJ_id_smime_spq */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x06,/* [1187] OBJ_id_smime_cti */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x00,0x01,/* [1197] OBJ_id_smime_mod_cms */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x00,0x02,/* [1208] OBJ_id_smime_mod_ess */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x00,0x03,/* [1219] OBJ_id_smime_mod_oid */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x00,0x04,/* [1230] OBJ_id_smime_mod_msg_v3 */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x00,0x05,/* [1241] OBJ_id_smime_mod_ets_eSignature_88 */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x00,0x06,/* [1252] OBJ_id_smime_mod_ets_eSignature_97 */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x00,0x07,/* [1263] OBJ_id_smime_mod_ets_eSigPolicy_88 */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x00,0x08,/* [1274] OBJ_id_smime_mod_ets_eSigPolicy_97 */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x01,0x01,/* [1285] OBJ_id_smime_ct_receipt */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x01,0x02,/* [1296] OBJ_id_smime_ct_authData */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x01,0x03,/* [1307] OBJ_id_smime_ct_publishCert */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x01,0x04,/* [1318] OBJ_id_smime_ct_TSTInfo */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x01,0x05,/* [1329] OBJ_id_smime_ct_TDTInfo */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x01,0x06,/* [1340] OBJ_id_smime_ct_contentInfo */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x01,0x07,/* [1351] OBJ_id_smime_ct_DVCSRequestData */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x01,0x08,/* [1362] OBJ_id_smime_ct_DVCSResponseData */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x01,/* [1373] OBJ_id_smime_aa_receiptRequest */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x02,/* [1384] OBJ_id_smime_aa_securityLabel */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x03,/* [1395] OBJ_id_smime_aa_mlExpandHistory */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x04,/* [1406] OBJ_id_smime_aa_contentHint */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x05,/* [1417] OBJ_id_smime_aa_msgSigDigest */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x06,/* [1428] OBJ_id_smime_aa_encapContentType */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x07,/* [1439] OBJ_id_smime_aa_contentIdentifier */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x08,/* [1450] OBJ_id_smime_aa_macValue */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x09,/* [1461] OBJ_id_smime_aa_equivalentLabels */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x0A,/* [1472] OBJ_id_smime_aa_contentReference */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x0B,/* [1483] OBJ_id_smime_aa_encrypKeyPref */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x0C,/* [1494] OBJ_id_smime_aa_signingCertificate */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x0D,/* [1505] OBJ_id_smime_aa_smimeEncryptCerts */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x0E,/* [1516] OBJ_id_smime_aa_timeStampToken */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x0F,/* [1527] OBJ_id_smime_aa_ets_sigPolicyId */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x10,/* [1538] OBJ_id_smime_aa_ets_commitmentType */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x11,/* [1549] OBJ_id_smime_aa_ets_signerLocation */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x12,/* [1560] OBJ_id_smime_aa_ets_signerAttr */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x13,/* [1571] OBJ_id_smime_aa_ets_otherSigCert */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x14,/* [1582] OBJ_id_smime_aa_ets_contentTimestamp */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x15,/* [1593] OBJ_id_smime_aa_ets_CertificateRefs */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x16,/* [1604] OBJ_id_smime_aa_ets_RevocationRefs */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x17,/* [1615] OBJ_id_smime_aa_ets_certValues */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x18,/* [1626] OBJ_id_smime_aa_ets_revocationValues */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x19,/* [1637] OBJ_id_smime_aa_ets_escTimeStamp */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x1A,/* [1648] OBJ_id_smime_aa_ets_certCRLTimestamp */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x1B,/* [1659] OBJ_id_smime_aa_ets_archiveTimeStamp */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x1C,/* [1670] OBJ_id_smime_aa_signatureType */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x1D,/* [1681] OBJ_id_smime_aa_dvcs_dvc */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x03,0x01,/* [1692] OBJ_id_smime_alg_ESDHwith3DES */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x03,0x02,/* [1703] OBJ_id_smime_alg_ESDHwithRC2 */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x03,0x03,/* [1714] OBJ_id_smime_alg_3DESwrap */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x03,0x04,/* [1725] OBJ_id_smime_alg_RC2wrap */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x03,0x05,/* [1736] OBJ_id_smime_alg_ESDH */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x03,0x06,/* [1747] OBJ_id_smime_alg_CMS3DESwrap */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x03,0x07,/* [1758] OBJ_id_smime_alg_CMSRC2wrap */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x04,0x01,/* [1769] OBJ_id_smime_cd_ldap */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x05,0x01,/* [1780] OBJ_id_smime_spq_ets_sqt_uri */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x05,0x02,/* [1791] OBJ_id_smime_spq_ets_sqt_unotice */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x06,0x01,/* [1802] OBJ_id_smime_cti_ets_proofOfOrigin */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x06,0x02,/* [1813] OBJ_id_smime_cti_ets_proofOfReceipt */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x06,0x03,/* [1824] OBJ_id_smime_cti_ets_proofOfDelivery */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x06,0x04,/* [1835] OBJ_id_smime_cti_ets_proofOfSender */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x06,0x05,/* [1846] OBJ_id_smime_cti_ets_proofOfApproval */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x06,0x06,/* [1857] OBJ_id_smime_cti_ets_proofOfCreation */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x02,0x04, /* [1868] OBJ_md4 */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x00, /* [1876] OBJ_id_pkix_mod */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x02, /* [1883] OBJ_id_qt */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x04, /* [1890] OBJ_id_it */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x05, /* [1897] OBJ_id_pkip */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x06, /* [1904] OBJ_id_alg */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x07, /* [1911] OBJ_id_cmc */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x08, /* [1918] OBJ_id_on */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x09, /* [1925] OBJ_id_pda */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x0A, /* [1932] OBJ_id_aca */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x0B, /* [1939] OBJ_id_qcs */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x0C, /* [1946] OBJ_id_cct */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x01, /* [1953] OBJ_id_pkix1_explicit_88 */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x02, /* [1961] OBJ_id_pkix1_implicit_88 */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x03, /* [1969] OBJ_id_pkix1_explicit_93 */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x04, /* [1977] OBJ_id_pkix1_implicit_93 */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x05, /* [1985] OBJ_id_mod_crmf */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x06, /* [1993] OBJ_id_mod_cmc */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x07, /* [2001] OBJ_id_mod_kea_profile_88 */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x08, /* [2009] OBJ_id_mod_kea_profile_93 */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x09, /* [2017] OBJ_id_mod_cmp */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x0A, /* [2025] OBJ_id_mod_qualified_cert_88 */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x0B, /* [2033] OBJ_id_mod_qualified_cert_93 */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x0C, /* [2041] OBJ_id_mod_attribute_cert */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x0D, /* [2049] OBJ_id_mod_timestamp_protocol */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x0E, /* [2057] OBJ_id_mod_ocsp */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x0F, /* [2065] OBJ_id_mod_dvcs */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x10, /* [2073] OBJ_id_mod_cmp2000 */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x02, /* [2081] OBJ_biometricInfo */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x03, /* [2089] OBJ_qcStatements */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x04, /* [2097] OBJ_ac_auditEntity */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x05, /* [2105] OBJ_ac_targeting */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x06, /* [2113] OBJ_aaControls */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x07, /* [2121] OBJ_sbgp_ipAddrBlock */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x08, /* [2129] OBJ_sbgp_autonomousSysNum */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x09, /* [2137] OBJ_sbgp_routerIdentifier */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x02,0x03, /* [2145] OBJ_textNotice */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x05, /* [2153] OBJ_ipsecEndSystem */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x06, /* [2161] OBJ_ipsecTunnel */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x07, /* [2169] OBJ_ipsecUser */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x0A, /* [2177] OBJ_dvcs */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x01, /* [2185] OBJ_id_it_caProtEncCert */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x02, /* [2193] OBJ_id_it_signKeyPairTypes */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x03, /* [2201] OBJ_id_it_encKeyPairTypes */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x04, /* [2209] OBJ_id_it_preferredSymmAlg */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x05, /* [2217] OBJ_id_it_caKeyUpdateInfo */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x06, /* [2225] OBJ_id_it_currentCRL */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x07, /* [2233] OBJ_id_it_unsupportedOIDs */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x08, /* [2241] OBJ_id_it_subscriptionRequest */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x09, /* [2249] OBJ_id_it_subscriptionResponse */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x0A, /* [2257] OBJ_id_it_keyPairParamReq */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x0B, /* [2265] OBJ_id_it_keyPairParamRep */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x0C, /* [2273] OBJ_id_it_revPassphrase */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x0D, /* [2281] OBJ_id_it_implicitConfirm */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x0E, /* [2289] OBJ_id_it_confirmWaitTime */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x0F, /* [2297] OBJ_id_it_origPKIMessage */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x05,0x01, /* [2305] OBJ_id_regCtrl */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x05,0x02, /* [2313] OBJ_id_regInfo */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x05,0x01,0x01,/* [2321] OBJ_id_regCtrl_regToken */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x05,0x01,0x02,/* [2330] OBJ_id_regCtrl_authenticator */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x05,0x01,0x03,/* [2339] OBJ_id_regCtrl_pkiPublicationInfo */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x05,0x01,0x04,/* [2348] OBJ_id_regCtrl_pkiArchiveOptions */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x05,0x01,0x05,/* [2357] OBJ_id_regCtrl_oldCertID */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x05,0x01,0x06,/* [2366] OBJ_id_regCtrl_protocolEncrKey */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x05,0x02,0x01,/* [2375] OBJ_id_regInfo_utf8Pairs */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x05,0x02,0x02,/* [2384] OBJ_id_regInfo_certReq */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x06,0x01, /* [2393] OBJ_id_alg_des40 */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x06,0x02, /* [2401] OBJ_id_alg_noSignature */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x06,0x03, /* [2409] OBJ_id_alg_dh_sig_hmac_sha1 */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x06,0x04, /* [2417] OBJ_id_alg_dh_pop */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x01, /* [2425] OBJ_id_cmc_statusInfo */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x02, /* [2433] OBJ_id_cmc_identification */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x03, /* [2441] OBJ_id_cmc_identityProof */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x04, /* [2449] OBJ_id_cmc_dataReturn */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x05, /* [2457] OBJ_id_cmc_transactionId */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x06, /* [2465] OBJ_id_cmc_senderNonce */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x07, /* [2473] OBJ_id_cmc_recipientNonce */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x08, /* [2481] OBJ_id_cmc_addExtensions */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x09, /* [2489] OBJ_id_cmc_encryptedPOP */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x0A, /* [2497] OBJ_id_cmc_decryptedPOP */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x0B, /* [2505] OBJ_id_cmc_lraPOPWitness */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x0F, /* [2513] OBJ_id_cmc_getCert */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x10, /* [2521] OBJ_id_cmc_getCRL */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x11, /* [2529] OBJ_id_cmc_revokeRequest */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x12, /* [2537] OBJ_id_cmc_regInfo */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x13, /* [2545] OBJ_id_cmc_responseInfo */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x15, /* [2553] OBJ_id_cmc_queryPending */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x16, /* [2561] OBJ_id_cmc_popLinkRandom */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x17, /* [2569] OBJ_id_cmc_popLinkWitness */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x18, /* [2577] OBJ_id_cmc_confirmCertAcceptance */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x08,0x01, /* [2585] OBJ_id_on_personalData */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x09,0x01, /* [2593] OBJ_id_pda_dateOfBirth */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x09,0x02, /* [2601] OBJ_id_pda_placeOfBirth */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x09,0x03, /* [2609] OBJ_id_pda_gender */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x09,0x04, /* [2617] OBJ_id_pda_countryOfCitizenship */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x09,0x05, /* [2625] OBJ_id_pda_countryOfResidence */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x0A,0x01, /* [2633] OBJ_id_aca_authenticationInfo */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x0A,0x02, /* [2641] OBJ_id_aca_accessIdentity */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x0A,0x03, /* [2649] OBJ_id_aca_chargingIdentity */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x0A,0x04, /* [2657] OBJ_id_aca_group */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x0A,0x05, /* [2665] OBJ_id_aca_role */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x0B,0x01, /* [2673] OBJ_id_qcs_pkixQCSyntax_v1 */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x0C,0x01, /* [2681] OBJ_id_cct_crs */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x0C,0x02, /* [2689] OBJ_id_cct_PKIData */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x0C,0x03, /* [2697] OBJ_id_cct_PKIResponse */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x03, /* [2705] OBJ_ad_timeStamping */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x04, /* [2713] OBJ_ad_dvcs */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,0x01,/* [2721] OBJ_id_pkix_OCSP_basic */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,0x02,/* [2730] OBJ_id_pkix_OCSP_Nonce */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,0x03,/* [2739] OBJ_id_pkix_OCSP_CrlID */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,0x04,/* [2748] OBJ_id_pkix_OCSP_acceptableResponses */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,0x05,/* [2757] OBJ_id_pkix_OCSP_noCheck */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,0x06,/* [2766] OBJ_id_pkix_OCSP_archiveCutoff */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,0x07,/* [2775] OBJ_id_pkix_OCSP_serviceLocator */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,0x08,/* [2784] OBJ_id_pkix_OCSP_extendedStatus */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,0x09,/* [2793] OBJ_id_pkix_OCSP_valid */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,0x0A,/* [2802] OBJ_id_pkix_OCSP_path */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,0x0B,/* [2811] OBJ_id_pkix_OCSP_trustRoot */ +0x2B,0x0E,0x03,0x02, /* [2820] OBJ_algorithm */ +0x2B,0x0E,0x03,0x02,0x0B, /* [2824] OBJ_rsaSignature */ +0x55,0x08, /* [2829] OBJ_X500algorithms */ +0x2B, /* [2831] OBJ_org */ +0x2B,0x06, /* [2832] OBJ_dod */ +0x2B,0x06,0x01, /* [2834] OBJ_iana */ +0x2B,0x06,0x01,0x01, /* [2837] OBJ_Directory */ +0x2B,0x06,0x01,0x02, /* [2841] OBJ_Management */ +0x2B,0x06,0x01,0x03, /* [2845] OBJ_Experimental */ +0x2B,0x06,0x01,0x04, /* [2849] OBJ_Private */ +0x2B,0x06,0x01,0x05, /* [2853] OBJ_Security */ +0x2B,0x06,0x01,0x06, /* [2857] OBJ_SNMPv2 */ +0x2B,0x06,0x01,0x07, /* [2861] OBJ_Mail */ +0x2B,0x06,0x01,0x04,0x01, /* [2865] OBJ_Enterprises */ +0x2B,0x06,0x01,0x04,0x01,0x8B,0x3A,0x82,0x58,/* [2870] OBJ_dcObject */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x19,/* [2879] OBJ_domainComponent */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x0D,/* [2889] OBJ_Domain */ +0x00, /* [2899] OBJ_joint_iso_ccitt */ +0x55,0x01,0x05, /* [2900] OBJ_selected_attribute_types */ +0x55,0x01,0x05,0x37, /* [2903] OBJ_clearance */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x03,/* [2907] OBJ_md4WithRSAEncryption */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x0A, /* [2916] OBJ_ac_proxying */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x0B, /* [2924] OBJ_sinfo_access */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x0A,0x06, /* [2932] OBJ_id_aca_encAttrs */ +0x55,0x04,0x48, /* [2940] OBJ_role */ +0x55,0x1D,0x24, /* [2943] OBJ_policy_constraints */ +0x55,0x1D,0x37, /* [2946] OBJ_target_information */ +0x55,0x1D,0x38, /* [2949] OBJ_no_rev_avail */ +0x00, /* [2952] OBJ_ccitt */ +0x2A,0x86,0x48,0xCE,0x3D, /* [2953] OBJ_ansi_X9_62 */ +0x2A,0x86,0x48,0xCE,0x3D,0x01,0x01, /* [2958] OBJ_X9_62_prime_field */ +0x2A,0x86,0x48,0xCE,0x3D,0x01,0x02, /* [2965] OBJ_X9_62_characteristic_two_field */ +0x2A,0x86,0x48,0xCE,0x3D,0x02,0x01, /* [2972] OBJ_X9_62_id_ecPublicKey */ +0x2A,0x86,0x48,0xCE,0x3D,0x03,0x01,0x01, /* [2979] OBJ_X9_62_prime192v1 */ +0x2A,0x86,0x48,0xCE,0x3D,0x03,0x01,0x02, /* [2987] OBJ_X9_62_prime192v2 */ +0x2A,0x86,0x48,0xCE,0x3D,0x03,0x01,0x03, /* [2995] OBJ_X9_62_prime192v3 */ +0x2A,0x86,0x48,0xCE,0x3D,0x03,0x01,0x04, /* [3003] OBJ_X9_62_prime239v1 */ +0x2A,0x86,0x48,0xCE,0x3D,0x03,0x01,0x05, /* [3011] OBJ_X9_62_prime239v2 */ +0x2A,0x86,0x48,0xCE,0x3D,0x03,0x01,0x06, /* [3019] OBJ_X9_62_prime239v3 */ +0x2A,0x86,0x48,0xCE,0x3D,0x03,0x01,0x07, /* [3027] OBJ_X9_62_prime256v1 */ +0x2A,0x86,0x48,0xCE,0x3D,0x04,0x01, /* [3035] OBJ_ecdsa_with_SHA1 */ +0x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x11,0x01,/* [3042] OBJ_ms_csp_name */ +0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x01,/* [3051] OBJ_aes_128_ecb */ +0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x02,/* [3060] OBJ_aes_128_cbc */ +0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x03,/* [3069] OBJ_aes_128_ofb128 */ +0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x04,/* [3078] OBJ_aes_128_cfb128 */ +0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x15,/* [3087] OBJ_aes_192_ecb */ +0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x16,/* [3096] OBJ_aes_192_cbc */ +0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x17,/* [3105] OBJ_aes_192_ofb128 */ +0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x18,/* [3114] OBJ_aes_192_cfb128 */ +0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x29,/* [3123] OBJ_aes_256_ecb */ +0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x2A,/* [3132] OBJ_aes_256_cbc */ +0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x2B,/* [3141] OBJ_aes_256_ofb128 */ +0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x2C,/* [3150] OBJ_aes_256_cfb128 */ +0x55,0x1D,0x17, /* [3159] OBJ_hold_instruction_code */ +0x2A,0x86,0x48,0xCE,0x38,0x02,0x01, /* [3162] OBJ_hold_instruction_none */ +0x2A,0x86,0x48,0xCE,0x38,0x02,0x02, /* [3169] OBJ_hold_instruction_call_issuer */ +0x2A,0x86,0x48,0xCE,0x38,0x02,0x03, /* [3176] OBJ_hold_instruction_reject */ +0x09, /* [3183] OBJ_data */ +0x09,0x92,0x26, /* [3184] OBJ_pss */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C, /* [3187] OBJ_ucl */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64, /* [3194] OBJ_pilot */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,/* [3202] OBJ_pilotAttributeType */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x03,/* [3211] OBJ_pilotAttributeSyntax */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,/* [3220] OBJ_pilotObjectClass */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x0A,/* [3229] OBJ_pilotGroups */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x03,0x04,/* [3238] OBJ_iA5StringSyntax */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x03,0x05,/* [3248] OBJ_caseIgnoreIA5StringSyntax */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x03,/* [3258] OBJ_pilotObject */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x04,/* [3268] OBJ_pilotPerson */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x05,/* [3278] OBJ_account */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x06,/* [3288] OBJ_document */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x07,/* [3298] OBJ_room */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x09,/* [3308] OBJ_documentSeries */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x0E,/* [3318] OBJ_rFC822localPart */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x0F,/* [3328] OBJ_dNSDomain */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x11,/* [3338] OBJ_domainRelatedObject */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x12,/* [3348] OBJ_friendlyCountry */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x13,/* [3358] OBJ_simpleSecurityObject */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x14,/* [3368] OBJ_pilotOrganization */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x15,/* [3378] OBJ_pilotDSA */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x16,/* [3388] OBJ_qualityLabelledData */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x01,/* [3398] OBJ_userId */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x02,/* [3408] OBJ_textEncodedORAddress */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x03,/* [3418] OBJ_rfc822Mailbox */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x04,/* [3428] OBJ_info */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x05,/* [3438] OBJ_favouriteDrink */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x06,/* [3448] OBJ_roomNumber */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x07,/* [3458] OBJ_photo */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x08,/* [3468] OBJ_userClass */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x09,/* [3478] OBJ_host */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x0A,/* [3488] OBJ_manager */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x0B,/* [3498] OBJ_documentIdentifier */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x0C,/* [3508] OBJ_documentTitle */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x0D,/* [3518] OBJ_documentVersion */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x0E,/* [3528] OBJ_documentAuthor */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x0F,/* [3538] OBJ_documentLocation */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x14,/* [3548] OBJ_homeTelephoneNumber */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x15,/* [3558] OBJ_secretary */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x16,/* [3568] OBJ_otherMailbox */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x17,/* [3578] OBJ_lastModifiedTime */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x18,/* [3588] OBJ_lastModifiedBy */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x1A,/* [3598] OBJ_aRecord */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x1B,/* [3608] OBJ_pilotAttributeType27 */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x1C,/* [3618] OBJ_mXRecord */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x1D,/* [3628] OBJ_nSRecord */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x1E,/* [3638] OBJ_sOARecord */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x1F,/* [3648] OBJ_cNAMERecord */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x25,/* [3658] OBJ_associatedDomain */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x26,/* [3668] OBJ_associatedName */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x27,/* [3678] OBJ_homePostalAddress */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x28,/* [3688] OBJ_personalTitle */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x29,/* [3698] OBJ_mobileTelephoneNumber */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x2A,/* [3708] OBJ_pagerTelephoneNumber */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x2B,/* [3718] OBJ_friendlyCountryName */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x2D,/* [3728] OBJ_organizationalStatus */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x2E,/* [3738] OBJ_janetMailbox */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x2F,/* [3748] OBJ_mailPreferenceOption */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x30,/* [3758] OBJ_buildingName */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x31,/* [3768] OBJ_dSAQuality */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x32,/* [3778] OBJ_singleLevelQuality */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x33,/* [3788] OBJ_subtreeMinimumQuality */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x34,/* [3798] OBJ_subtreeMaximumQuality */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x35,/* [3808] OBJ_personalSignature */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x36,/* [3818] OBJ_dITRedirect */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x37,/* [3828] OBJ_audio */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x38,/* [3838] OBJ_documentPublisher */ +0x55,0x04,0x2D, /* [3848] OBJ_x500UniqueIdentifier */ +0x2B,0x06,0x01,0x07,0x01, /* [3851] OBJ_mime_mhs */ +0x2B,0x06,0x01,0x07,0x01,0x01, /* [3856] OBJ_mime_mhs_headings */ +0x2B,0x06,0x01,0x07,0x01,0x02, /* [3862] OBJ_mime_mhs_bodies */ +0x2B,0x06,0x01,0x07,0x01,0x01,0x01, /* [3868] OBJ_id_hex_partial_message */ +0x2B,0x06,0x01,0x07,0x01,0x01,0x02, /* [3875] OBJ_id_hex_multipart_message */ +0x55,0x04,0x2C, /* [3882] OBJ_generationQualifier */ +0x55,0x04,0x41, /* [3885] OBJ_pseudonym */ +0x67,0x2A, /* [3888] OBJ_id_set */ +0x67,0x2A,0x00, /* [3890] OBJ_set_ctype */ +0x67,0x2A,0x01, /* [3893] OBJ_set_msgExt */ +0x67,0x2A,0x03, /* [3896] OBJ_set_attr */ +0x67,0x2A,0x05, /* [3899] OBJ_set_policy */ +0x67,0x2A,0x07, /* [3902] OBJ_set_certExt */ +0x67,0x2A,0x08, /* [3905] OBJ_set_brand */ +0x67,0x2A,0x00,0x00, /* [3908] OBJ_setct_PANData */ +0x67,0x2A,0x00,0x01, /* [3912] OBJ_setct_PANToken */ +0x67,0x2A,0x00,0x02, /* [3916] OBJ_setct_PANOnly */ +0x67,0x2A,0x00,0x03, /* [3920] OBJ_setct_OIData */ +0x67,0x2A,0x00,0x04, /* [3924] OBJ_setct_PI */ +0x67,0x2A,0x00,0x05, /* [3928] OBJ_setct_PIData */ +0x67,0x2A,0x00,0x06, /* [3932] OBJ_setct_PIDataUnsigned */ +0x67,0x2A,0x00,0x07, /* [3936] OBJ_setct_HODInput */ +0x67,0x2A,0x00,0x08, /* [3940] OBJ_setct_AuthResBaggage */ +0x67,0x2A,0x00,0x09, /* [3944] OBJ_setct_AuthRevReqBaggage */ +0x67,0x2A,0x00,0x0A, /* [3948] OBJ_setct_AuthRevResBaggage */ +0x67,0x2A,0x00,0x0B, /* [3952] OBJ_setct_CapTokenSeq */ +0x67,0x2A,0x00,0x0C, /* [3956] OBJ_setct_PInitResData */ +0x67,0x2A,0x00,0x0D, /* [3960] OBJ_setct_PI_TBS */ +0x67,0x2A,0x00,0x0E, /* [3964] OBJ_setct_PResData */ +0x67,0x2A,0x00,0x10, /* [3968] OBJ_setct_AuthReqTBS */ +0x67,0x2A,0x00,0x11, /* [3972] OBJ_setct_AuthResTBS */ +0x67,0x2A,0x00,0x12, /* [3976] OBJ_setct_AuthResTBSX */ +0x67,0x2A,0x00,0x13, /* [3980] OBJ_setct_AuthTokenTBS */ +0x67,0x2A,0x00,0x14, /* [3984] OBJ_setct_CapTokenData */ +0x67,0x2A,0x00,0x15, /* [3988] OBJ_setct_CapTokenTBS */ +0x67,0x2A,0x00,0x16, /* [3992] OBJ_setct_AcqCardCodeMsg */ +0x67,0x2A,0x00,0x17, /* [3996] OBJ_setct_AuthRevReqTBS */ +0x67,0x2A,0x00,0x18, /* [4000] OBJ_setct_AuthRevResData */ +0x67,0x2A,0x00,0x19, /* [4004] OBJ_setct_AuthRevResTBS */ +0x67,0x2A,0x00,0x1A, /* [4008] OBJ_setct_CapReqTBS */ +0x67,0x2A,0x00,0x1B, /* [4012] OBJ_setct_CapReqTBSX */ +0x67,0x2A,0x00,0x1C, /* [4016] OBJ_setct_CapResData */ +0x67,0x2A,0x00,0x1D, /* [4020] OBJ_setct_CapRevReqTBS */ +0x67,0x2A,0x00,0x1E, /* [4024] OBJ_setct_CapRevReqTBSX */ +0x67,0x2A,0x00,0x1F, /* [4028] OBJ_setct_CapRevResData */ +0x67,0x2A,0x00,0x20, /* [4032] OBJ_setct_CredReqTBS */ +0x67,0x2A,0x00,0x21, /* [4036] OBJ_setct_CredReqTBSX */ +0x67,0x2A,0x00,0x22, /* [4040] OBJ_setct_CredResData */ +0x67,0x2A,0x00,0x23, /* [4044] OBJ_setct_CredRevReqTBS */ +0x67,0x2A,0x00,0x24, /* [4048] OBJ_setct_CredRevReqTBSX */ +0x67,0x2A,0x00,0x25, /* [4052] OBJ_setct_CredRevResData */ +0x67,0x2A,0x00,0x26, /* [4056] OBJ_setct_PCertReqData */ +0x67,0x2A,0x00,0x27, /* [4060] OBJ_setct_PCertResTBS */ +0x67,0x2A,0x00,0x28, /* [4064] OBJ_setct_BatchAdminReqData */ +0x67,0x2A,0x00,0x29, /* [4068] OBJ_setct_BatchAdminResData */ +0x67,0x2A,0x00,0x2A, /* [4072] OBJ_setct_CardCInitResTBS */ +0x67,0x2A,0x00,0x2B, /* [4076] OBJ_setct_MeAqCInitResTBS */ +0x67,0x2A,0x00,0x2C, /* [4080] OBJ_setct_RegFormResTBS */ +0x67,0x2A,0x00,0x2D, /* [4084] OBJ_setct_CertReqData */ +0x67,0x2A,0x00,0x2E, /* [4088] OBJ_setct_CertReqTBS */ +0x67,0x2A,0x00,0x2F, /* [4092] OBJ_setct_CertResData */ +0x67,0x2A,0x00,0x30, /* [4096] OBJ_setct_CertInqReqTBS */ +0x67,0x2A,0x00,0x31, /* [4100] OBJ_setct_ErrorTBS */ +0x67,0x2A,0x00,0x32, /* [4104] OBJ_setct_PIDualSignedTBE */ +0x67,0x2A,0x00,0x33, /* [4108] OBJ_setct_PIUnsignedTBE */ +0x67,0x2A,0x00,0x34, /* [4112] OBJ_setct_AuthReqTBE */ +0x67,0x2A,0x00,0x35, /* [4116] OBJ_setct_AuthResTBE */ +0x67,0x2A,0x00,0x36, /* [4120] OBJ_setct_AuthResTBEX */ +0x67,0x2A,0x00,0x37, /* [4124] OBJ_setct_AuthTokenTBE */ +0x67,0x2A,0x00,0x38, /* [4128] OBJ_setct_CapTokenTBE */ +0x67,0x2A,0x00,0x39, /* [4132] OBJ_setct_CapTokenTBEX */ +0x67,0x2A,0x00,0x3A, /* [4136] OBJ_setct_AcqCardCodeMsgTBE */ +0x67,0x2A,0x00,0x3B, /* [4140] OBJ_setct_AuthRevReqTBE */ +0x67,0x2A,0x00,0x3C, /* [4144] OBJ_setct_AuthRevResTBE */ +0x67,0x2A,0x00,0x3D, /* [4148] OBJ_setct_AuthRevResTBEB */ +0x67,0x2A,0x00,0x3E, /* [4152] OBJ_setct_CapReqTBE */ +0x67,0x2A,0x00,0x3F, /* [4156] OBJ_setct_CapReqTBEX */ +0x67,0x2A,0x00,0x40, /* [4160] OBJ_setct_CapResTBE */ +0x67,0x2A,0x00,0x41, /* [4164] OBJ_setct_CapRevReqTBE */ +0x67,0x2A,0x00,0x42, /* [4168] OBJ_setct_CapRevReqTBEX */ +0x67,0x2A,0x00,0x43, /* [4172] OBJ_setct_CapRevResTBE */ +0x67,0x2A,0x00,0x44, /* [4176] OBJ_setct_CredReqTBE */ +0x67,0x2A,0x00,0x45, /* [4180] OBJ_setct_CredReqTBEX */ +0x67,0x2A,0x00,0x46, /* [4184] OBJ_setct_CredResTBE */ +0x67,0x2A,0x00,0x47, /* [4188] OBJ_setct_CredRevReqTBE */ +0x67,0x2A,0x00,0x48, /* [4192] OBJ_setct_CredRevReqTBEX */ +0x67,0x2A,0x00,0x49, /* [4196] OBJ_setct_CredRevResTBE */ +0x67,0x2A,0x00,0x4A, /* [4200] OBJ_setct_BatchAdminReqTBE */ +0x67,0x2A,0x00,0x4B, /* [4204] OBJ_setct_BatchAdminResTBE */ +0x67,0x2A,0x00,0x4C, /* [4208] OBJ_setct_RegFormReqTBE */ +0x67,0x2A,0x00,0x4D, /* [4212] OBJ_setct_CertReqTBE */ +0x67,0x2A,0x00,0x4E, /* [4216] OBJ_setct_CertReqTBEX */ +0x67,0x2A,0x00,0x4F, /* [4220] OBJ_setct_CertResTBE */ +0x67,0x2A,0x00,0x50, /* [4224] OBJ_setct_CRLNotificationTBS */ +0x67,0x2A,0x00,0x51, /* [4228] OBJ_setct_CRLNotificationResTBS */ +0x67,0x2A,0x00,0x52, /* [4232] OBJ_setct_BCIDistributionTBS */ +0x67,0x2A,0x01,0x01, /* [4236] OBJ_setext_genCrypt */ +0x67,0x2A,0x01,0x03, /* [4240] OBJ_setext_miAuth */ +0x67,0x2A,0x01,0x04, /* [4244] OBJ_setext_pinSecure */ +0x67,0x2A,0x01,0x05, /* [4248] OBJ_setext_pinAny */ +0x67,0x2A,0x01,0x07, /* [4252] OBJ_setext_track2 */ +0x67,0x2A,0x01,0x08, /* [4256] OBJ_setext_cv */ +0x67,0x2A,0x05,0x00, /* [4260] OBJ_set_policy_root */ +0x67,0x2A,0x07,0x00, /* [4264] OBJ_setCext_hashedRoot */ +0x67,0x2A,0x07,0x01, /* [4268] OBJ_setCext_certType */ +0x67,0x2A,0x07,0x02, /* [4272] OBJ_setCext_merchData */ +0x67,0x2A,0x07,0x03, /* [4276] OBJ_setCext_cCertRequired */ +0x67,0x2A,0x07,0x04, /* [4280] OBJ_setCext_tunneling */ +0x67,0x2A,0x07,0x05, /* [4284] OBJ_setCext_setExt */ +0x67,0x2A,0x07,0x06, /* [4288] OBJ_setCext_setQualf */ +0x67,0x2A,0x07,0x07, /* [4292] OBJ_setCext_PGWYcapabilities */ +0x67,0x2A,0x07,0x08, /* [4296] OBJ_setCext_TokenIdentifier */ +0x67,0x2A,0x07,0x09, /* [4300] OBJ_setCext_Track2Data */ +0x67,0x2A,0x07,0x0A, /* [4304] OBJ_setCext_TokenType */ +0x67,0x2A,0x07,0x0B, /* [4308] OBJ_setCext_IssuerCapabilities */ +0x67,0x2A,0x03,0x00, /* [4312] OBJ_setAttr_Cert */ +0x67,0x2A,0x03,0x01, /* [4316] OBJ_setAttr_PGWYcap */ +0x67,0x2A,0x03,0x02, /* [4320] OBJ_setAttr_TokenType */ +0x67,0x2A,0x03,0x03, /* [4324] OBJ_setAttr_IssCap */ +0x67,0x2A,0x03,0x00,0x00, /* [4328] OBJ_set_rootKeyThumb */ +0x67,0x2A,0x03,0x00,0x01, /* [4333] OBJ_set_addPolicy */ +0x67,0x2A,0x03,0x02,0x01, /* [4338] OBJ_setAttr_Token_EMV */ +0x67,0x2A,0x03,0x02,0x02, /* [4343] OBJ_setAttr_Token_B0Prime */ +0x67,0x2A,0x03,0x03,0x03, /* [4348] OBJ_setAttr_IssCap_CVM */ +0x67,0x2A,0x03,0x03,0x04, /* [4353] OBJ_setAttr_IssCap_T2 */ +0x67,0x2A,0x03,0x03,0x05, /* [4358] OBJ_setAttr_IssCap_Sig */ +0x67,0x2A,0x03,0x03,0x03,0x01, /* [4363] OBJ_setAttr_GenCryptgrm */ +0x67,0x2A,0x03,0x03,0x04,0x01, /* [4369] OBJ_setAttr_T2Enc */ +0x67,0x2A,0x03,0x03,0x04,0x02, /* [4375] OBJ_setAttr_T2cleartxt */ +0x67,0x2A,0x03,0x03,0x05,0x01, /* [4381] OBJ_setAttr_TokICCsig */ +0x67,0x2A,0x03,0x03,0x05,0x02, /* [4387] OBJ_setAttr_SecDevSig */ +0x67,0x2A,0x08,0x01, /* [4393] OBJ_set_brand_IATA_ATA */ +0x67,0x2A,0x08,0x1E, /* [4397] OBJ_set_brand_Diners */ +0x67,0x2A,0x08,0x22, /* [4401] OBJ_set_brand_AmericanExpress */ +0x67,0x2A,0x08,0x23, /* [4405] OBJ_set_brand_JCB */ +0x67,0x2A,0x08,0x04, /* [4409] OBJ_set_brand_Visa */ +0x67,0x2A,0x08,0x05, /* [4413] OBJ_set_brand_MasterCard */ +0x67,0x2A,0x08,0xAE,0x7B, /* [4417] OBJ_set_brand_Novus */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x03,0x0A, /* [4422] OBJ_des_cdmf */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x06,/* [4430] OBJ_rsaOAEPEncryptionSET */ +0x00, /* [4439] OBJ_itu_t */ +0x50, /* [4440] OBJ_joint_iso_itu_t */ +0x67, /* [4441] OBJ_international_organizations */ +0x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x14,0x02,0x02,/* [4442] OBJ_ms_smartcard_login */ +0x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x14,0x02,0x03,/* [4452] OBJ_ms_upn */ +0x55,0x04,0x09, /* [4462] OBJ_streetAddress */ +0x55,0x04,0x11, /* [4465] OBJ_postalCode */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x15, /* [4468] OBJ_id_ppl */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x0E, /* [4475] OBJ_proxyCertInfo */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x15,0x00, /* [4483] OBJ_id_ppl_anyLanguage */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x15,0x01, /* [4491] OBJ_id_ppl_inheritAll */ +0x55,0x1D,0x1E, /* [4499] OBJ_name_constraints */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x15,0x02, /* [4502] OBJ_Independent */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x0B,/* [4510] OBJ_sha256WithRSAEncryption */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x0C,/* [4519] OBJ_sha384WithRSAEncryption */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x0D,/* [4528] OBJ_sha512WithRSAEncryption */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x0E,/* [4537] OBJ_sha224WithRSAEncryption */ +0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x02,0x01,/* [4546] OBJ_sha256 */ +0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x02,0x02,/* [4555] OBJ_sha384 */ +0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x02,0x03,/* [4564] OBJ_sha512 */ +0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x02,0x04,/* [4573] OBJ_sha224 */ +0x2B, /* [4582] OBJ_identified_organization */ +0x2B,0x81,0x04, /* [4583] OBJ_certicom_arc */ +0x67,0x2B, /* [4586] OBJ_wap */ +0x67,0x2B,0x0D, /* [4588] OBJ_wap_wsg */ +0x2A,0x86,0x48,0xCE,0x3D,0x01,0x02,0x03, /* [4591] OBJ_X9_62_id_characteristic_two_basis */ +0x2A,0x86,0x48,0xCE,0x3D,0x01,0x02,0x03,0x01,/* [4599] OBJ_X9_62_onBasis */ +0x2A,0x86,0x48,0xCE,0x3D,0x01,0x02,0x03,0x02,/* [4608] OBJ_X9_62_tpBasis */ +0x2A,0x86,0x48,0xCE,0x3D,0x01,0x02,0x03,0x03,/* [4617] OBJ_X9_62_ppBasis */ +0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x01, /* [4626] OBJ_X9_62_c2pnb163v1 */ +0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x02, /* [4634] OBJ_X9_62_c2pnb163v2 */ +0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x03, /* [4642] OBJ_X9_62_c2pnb163v3 */ +0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x04, /* [4650] OBJ_X9_62_c2pnb176v1 */ +0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x05, /* [4658] OBJ_X9_62_c2tnb191v1 */ +0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x06, /* [4666] OBJ_X9_62_c2tnb191v2 */ +0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x07, /* [4674] OBJ_X9_62_c2tnb191v3 */ +0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x08, /* [4682] OBJ_X9_62_c2onb191v4 */ +0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x09, /* [4690] OBJ_X9_62_c2onb191v5 */ +0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x0A, /* [4698] OBJ_X9_62_c2pnb208w1 */ +0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x0B, /* [4706] OBJ_X9_62_c2tnb239v1 */ +0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x0C, /* [4714] OBJ_X9_62_c2tnb239v2 */ +0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x0D, /* [4722] OBJ_X9_62_c2tnb239v3 */ +0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x0E, /* [4730] OBJ_X9_62_c2onb239v4 */ +0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x0F, /* [4738] OBJ_X9_62_c2onb239v5 */ +0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x10, /* [4746] OBJ_X9_62_c2pnb272w1 */ +0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x11, /* [4754] OBJ_X9_62_c2pnb304w1 */ +0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x12, /* [4762] OBJ_X9_62_c2tnb359v1 */ +0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x13, /* [4770] OBJ_X9_62_c2pnb368w1 */ +0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x14, /* [4778] OBJ_X9_62_c2tnb431r1 */ +0x2B,0x81,0x04,0x00,0x06, /* [4786] OBJ_secp112r1 */ +0x2B,0x81,0x04,0x00,0x07, /* [4791] OBJ_secp112r2 */ +0x2B,0x81,0x04,0x00,0x1C, /* [4796] OBJ_secp128r1 */ +0x2B,0x81,0x04,0x00,0x1D, /* [4801] OBJ_secp128r2 */ +0x2B,0x81,0x04,0x00,0x09, /* [4806] OBJ_secp160k1 */ +0x2B,0x81,0x04,0x00,0x08, /* [4811] OBJ_secp160r1 */ +0x2B,0x81,0x04,0x00,0x1E, /* [4816] OBJ_secp160r2 */ +0x2B,0x81,0x04,0x00,0x1F, /* [4821] OBJ_secp192k1 */ +0x2B,0x81,0x04,0x00,0x20, /* [4826] OBJ_secp224k1 */ +0x2B,0x81,0x04,0x00,0x21, /* [4831] OBJ_secp224r1 */ +0x2B,0x81,0x04,0x00,0x0A, /* [4836] OBJ_secp256k1 */ +0x2B,0x81,0x04,0x00,0x22, /* [4841] OBJ_secp384r1 */ +0x2B,0x81,0x04,0x00,0x23, /* [4846] OBJ_secp521r1 */ +0x2B,0x81,0x04,0x00,0x04, /* [4851] OBJ_sect113r1 */ +0x2B,0x81,0x04,0x00,0x05, /* [4856] OBJ_sect113r2 */ +0x2B,0x81,0x04,0x00,0x16, /* [4861] OBJ_sect131r1 */ +0x2B,0x81,0x04,0x00,0x17, /* [4866] OBJ_sect131r2 */ +0x2B,0x81,0x04,0x00,0x01, /* [4871] OBJ_sect163k1 */ +0x2B,0x81,0x04,0x00,0x02, /* [4876] OBJ_sect163r1 */ +0x2B,0x81,0x04,0x00,0x0F, /* [4881] OBJ_sect163r2 */ +0x2B,0x81,0x04,0x00,0x18, /* [4886] OBJ_sect193r1 */ +0x2B,0x81,0x04,0x00,0x19, /* [4891] OBJ_sect193r2 */ +0x2B,0x81,0x04,0x00,0x1A, /* [4896] OBJ_sect233k1 */ +0x2B,0x81,0x04,0x00,0x1B, /* [4901] OBJ_sect233r1 */ +0x2B,0x81,0x04,0x00,0x03, /* [4906] OBJ_sect239k1 */ +0x2B,0x81,0x04,0x00,0x10, /* [4911] OBJ_sect283k1 */ +0x2B,0x81,0x04,0x00,0x11, /* [4916] OBJ_sect283r1 */ +0x2B,0x81,0x04,0x00,0x24, /* [4921] OBJ_sect409k1 */ +0x2B,0x81,0x04,0x00,0x25, /* [4926] OBJ_sect409r1 */ +0x2B,0x81,0x04,0x00,0x26, /* [4931] OBJ_sect571k1 */ +0x2B,0x81,0x04,0x00,0x27, /* [4936] OBJ_sect571r1 */ +0x67,0x2B,0x0D,0x04,0x01, /* [4941] OBJ_wap_wsg_idm_ecid_wtls1 */ +0x67,0x2B,0x0D,0x04,0x03, /* [4946] OBJ_wap_wsg_idm_ecid_wtls3 */ +0x67,0x2B,0x0D,0x04,0x04, /* [4951] OBJ_wap_wsg_idm_ecid_wtls4 */ +0x67,0x2B,0x0D,0x04,0x05, /* [4956] OBJ_wap_wsg_idm_ecid_wtls5 */ +0x67,0x2B,0x0D,0x04,0x06, /* [4961] OBJ_wap_wsg_idm_ecid_wtls6 */ +0x67,0x2B,0x0D,0x04,0x07, /* [4966] OBJ_wap_wsg_idm_ecid_wtls7 */ +0x67,0x2B,0x0D,0x04,0x08, /* [4971] OBJ_wap_wsg_idm_ecid_wtls8 */ +0x67,0x2B,0x0D,0x04,0x09, /* [4976] OBJ_wap_wsg_idm_ecid_wtls9 */ +0x67,0x2B,0x0D,0x04,0x0A, /* [4981] OBJ_wap_wsg_idm_ecid_wtls10 */ +0x67,0x2B,0x0D,0x04,0x0B, /* [4986] OBJ_wap_wsg_idm_ecid_wtls11 */ +0x67,0x2B,0x0D,0x04,0x0C, /* [4991] OBJ_wap_wsg_idm_ecid_wtls12 */ +0x55,0x1D,0x20,0x00, /* [4996] OBJ_any_policy */ +0x55,0x1D,0x21, /* [5000] OBJ_policy_mappings */ +0x55,0x1D,0x36, /* [5003] OBJ_inhibit_any_policy */ +0x2A,0x83,0x08,0x8C,0x9A,0x4B,0x3D,0x01,0x01,0x01,0x02,/* [5006] OBJ_camellia_128_cbc */ +0x2A,0x83,0x08,0x8C,0x9A,0x4B,0x3D,0x01,0x01,0x01,0x03,/* [5017] OBJ_camellia_192_cbc */ +0x2A,0x83,0x08,0x8C,0x9A,0x4B,0x3D,0x01,0x01,0x01,0x04,/* [5028] OBJ_camellia_256_cbc */ +0x03,0xA2,0x31,0x05,0x03,0x01,0x09,0x01, /* [5039] OBJ_camellia_128_ecb */ +0x03,0xA2,0x31,0x05,0x03,0x01,0x09,0x15, /* [5047] OBJ_camellia_192_ecb */ +0x03,0xA2,0x31,0x05,0x03,0x01,0x09,0x29, /* [5055] OBJ_camellia_256_ecb */ +0x03,0xA2,0x31,0x05,0x03,0x01,0x09,0x04, /* [5063] OBJ_camellia_128_cfb128 */ +0x03,0xA2,0x31,0x05,0x03,0x01,0x09,0x18, /* [5071] OBJ_camellia_192_cfb128 */ +0x03,0xA2,0x31,0x05,0x03,0x01,0x09,0x2C, /* [5079] OBJ_camellia_256_cfb128 */ +0x03,0xA2,0x31,0x05,0x03,0x01,0x09,0x03, /* [5087] OBJ_camellia_128_ofb128 */ +0x03,0xA2,0x31,0x05,0x03,0x01,0x09,0x17, /* [5095] OBJ_camellia_192_ofb128 */ +0x03,0xA2,0x31,0x05,0x03,0x01,0x09,0x2B, /* [5103] OBJ_camellia_256_ofb128 */ +0x55,0x1D,0x09, /* [5111] OBJ_subject_directory_attributes */ +0x55,0x1D,0x1C, /* [5114] OBJ_issuing_distribution_point */ +0x55,0x1D,0x1D, /* [5117] OBJ_certificate_issuer */ +0x2A,0x83,0x1A,0x8C,0x9A,0x44, /* [5120] OBJ_kisa */ +0x2A,0x83,0x1A,0x8C,0x9A,0x44,0x01,0x03, /* [5126] OBJ_seed_ecb */ +0x2A,0x83,0x1A,0x8C,0x9A,0x44,0x01,0x04, /* [5134] OBJ_seed_cbc */ +0x2A,0x83,0x1A,0x8C,0x9A,0x44,0x01,0x06, /* [5142] OBJ_seed_ofb128 */ +0x2A,0x83,0x1A,0x8C,0x9A,0x44,0x01,0x05, /* [5150] OBJ_seed_cfb128 */ +0x2B,0x06,0x01,0x05,0x05,0x08,0x01,0x01, /* [5158] OBJ_hmac_md5 */ +0x2B,0x06,0x01,0x05,0x05,0x08,0x01,0x02, /* [5166] OBJ_hmac_sha1 */ +0x2A,0x86,0x48,0x86,0xF6,0x7D,0x07,0x42,0x0D,/* [5174] OBJ_id_PasswordBasedMAC */ +0x2A,0x86,0x48,0x86,0xF6,0x7D,0x07,0x42,0x1E,/* [5183] OBJ_id_DHBasedMac */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x10, /* [5192] OBJ_id_it_suppLangTags */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x05, /* [5200] OBJ_caRepository */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x01,0x09,/* [5208] OBJ_id_smime_ct_compressedData */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x01,0x1B,/* [5219] OBJ_id_ct_asciiTextWithCRLF */ +0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x05,/* [5230] OBJ_id_aes128_wrap */ +0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x19,/* [5239] OBJ_id_aes192_wrap */ +0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x2D,/* [5248] OBJ_id_aes256_wrap */ }; static ASN1_OBJECT nid_objs[NUM_NID]={ @@ -748,21 +855,21 @@ static ASN1_OBJECT nid_objs[NUM_NID]={ {"DES-CFB","des-cfb",NID_des_cfb64,5,&(lvalues[192]),0}, {"DES-CBC","des-cbc",NID_des_cbc,5,&(lvalues[197]),0}, {"DES-EDE","des-ede",NID_des_ede_ecb,5,&(lvalues[202]),0}, -{"DES-EDE3","des-ede3",NID_des_ede3_ecb,0,NULL}, +{"DES-EDE3","des-ede3",NID_des_ede3_ecb,0,NULL,0}, {"IDEA-CBC","idea-cbc",NID_idea_cbc,11,&(lvalues[207]),0}, -{"IDEA-CFB","idea-cfb",NID_idea_cfb64,0,NULL}, -{"IDEA-ECB","idea-ecb",NID_idea_ecb,0,NULL}, +{"IDEA-CFB","idea-cfb",NID_idea_cfb64,0,NULL,0}, +{"IDEA-ECB","idea-ecb",NID_idea_ecb,0,NULL,0}, {"RC2-CBC","rc2-cbc",NID_rc2_cbc,8,&(lvalues[218]),0}, -{"RC2-ECB","rc2-ecb",NID_rc2_ecb,0,NULL}, -{"RC2-CFB","rc2-cfb",NID_rc2_cfb64,0,NULL}, -{"RC2-OFB","rc2-ofb",NID_rc2_ofb64,0,NULL}, +{"RC2-ECB","rc2-ecb",NID_rc2_ecb,0,NULL,0}, +{"RC2-CFB","rc2-cfb",NID_rc2_cfb64,0,NULL,0}, +{"RC2-OFB","rc2-ofb",NID_rc2_ofb64,0,NULL,0}, {"SHA","sha",NID_sha,5,&(lvalues[226]),0}, {"RSA-SHA","shaWithRSAEncryption",NID_shaWithRSAEncryption,5, &(lvalues[231]),0}, -{"DES-EDE-CBC","des-ede-cbc",NID_des_ede_cbc,0,NULL}, +{"DES-EDE-CBC","des-ede-cbc",NID_des_ede_cbc,0,NULL,0}, {"DES-EDE3-CBC","des-ede3-cbc",NID_des_ede3_cbc,8,&(lvalues[236]),0}, {"DES-OFB","des-ofb",NID_des_ofb64,5,&(lvalues[244]),0}, -{"IDEA-OFB","idea-ofb",NID_idea_ofb64,0,NULL}, +{"IDEA-OFB","idea-ofb",NID_idea_ofb64,0,NULL,0}, {"pkcs9","pkcs9",NID_pkcs9,8,&(lvalues[249]),0}, {"emailAddress","emailAddress",NID_pkcs9_emailAddress,9, &(lvalues[257]),0}, @@ -786,10 +893,10 @@ static ASN1_OBJECT nid_objs[NUM_NID]={ NID_netscape_cert_extension,8,&(lvalues[345]),0}, {"nsDataType","Netscape Data Type",NID_netscape_data_type,8, &(lvalues[353]),0}, -{"DES-EDE-CFB","des-ede-cfb",NID_des_ede_cfb64,0,NULL}, -{"DES-EDE3-CFB","des-ede3-cfb",NID_des_ede3_cfb64,0,NULL}, -{"DES-EDE-OFB","des-ede-ofb",NID_des_ede_ofb64,0,NULL}, -{"DES-EDE3-OFB","des-ede3-ofb",NID_des_ede3_ofb64,0,NULL}, +{"DES-EDE-CFB","des-ede-cfb",NID_des_ede_cfb64,0,NULL,0}, +{"DES-EDE3-CFB","des-ede3-cfb",NID_des_ede3_cfb64,0,NULL,0}, +{"DES-EDE-OFB","des-ede-ofb",NID_des_ede_ofb64,0,NULL,0}, +{"DES-EDE3-OFB","des-ede3-ofb",NID_des_ede3_ofb64,0,NULL,0}, {"SHA1","sha1",NID_sha1,5,&(lvalues[361]),0}, {"RSA-SHA1","sha1WithRSAEncryption",NID_sha1WithRSAEncryption,9, &(lvalues[366]),0}, @@ -816,7 +923,7 @@ static ASN1_OBJECT nid_objs[NUM_NID]={ {"nsComment","Netscape Comment",NID_netscape_comment,9,&(lvalues[471]),0}, {"nsCertSequence","Netscape Certificate Sequence", NID_netscape_cert_sequence,9,&(lvalues[480]),0}, -{"DESX-CBC","desx-cbc",NID_desx_cbc,0,NULL}, +{"DESX-CBC","desx-cbc",NID_desx_cbc,0,NULL,0}, {"id-ce","id-ce",NID_id_ce,2,&(lvalues[489]),0}, {"subjectKeyIdentifier","X509v3 Subject Key Identifier", NID_subject_key_identifier,3,&(lvalues[491]),0}, @@ -835,17 +942,17 @@ static ASN1_OBJECT nid_objs[NUM_NID]={ {"authorityKeyIdentifier","X509v3 Authority Key Identifier", NID_authority_key_identifier,3,&(lvalues[515]),0}, {"BF-CBC","bf-cbc",NID_bf_cbc,9,&(lvalues[518]),0}, -{"BF-ECB","bf-ecb",NID_bf_ecb,0,NULL}, -{"BF-CFB","bf-cfb",NID_bf_cfb64,0,NULL}, -{"BF-OFB","bf-ofb",NID_bf_ofb64,0,NULL}, +{"BF-ECB","bf-ecb",NID_bf_ecb,0,NULL,0}, +{"BF-CFB","bf-cfb",NID_bf_cfb64,0,NULL,0}, +{"BF-OFB","bf-ofb",NID_bf_ofb64,0,NULL,0}, {"MDC2","mdc2",NID_mdc2,4,&(lvalues[527]),0}, {"RSA-MDC2","mdc2WithRSA",NID_mdc2WithRSA,4,&(lvalues[531]),0}, -{"RC4-40","rc4-40",NID_rc4_40,0,NULL}, -{"RC2-40-CBC","rc2-40-cbc",NID_rc2_40_cbc,0,NULL}, +{"RC4-40","rc4-40",NID_rc4_40,0,NULL,0}, +{"RC2-40-CBC","rc2-40-cbc",NID_rc2_40_cbc,0,NULL,0}, {"GN","givenName",NID_givenName,3,&(lvalues[535]),0}, {"SN","surname",NID_surname,3,&(lvalues[538]),0}, {"initials","initials",NID_initials,3,&(lvalues[541]),0}, -{NULL,NULL,NID_undef,0,NULL}, +{NULL,NULL,NID_undef,0,NULL,0}, {"crlDistributionPoints","X509v3 CRL Distribution Points", NID_crl_distribution_points,3,&(lvalues[544]),0}, {"RSA-NP-MD5","md5WithRSA",NID_md5WithRSA,5,&(lvalues[547]),0}, @@ -853,931 +960,1085 @@ static ASN1_OBJECT nid_objs[NUM_NID]={ {"title","title",NID_title,3,&(lvalues[555]),0}, {"description","description",NID_description,3,&(lvalues[558]),0}, {"CAST5-CBC","cast5-cbc",NID_cast5_cbc,9,&(lvalues[561]),0}, -{"CAST5-ECB","cast5-ecb",NID_cast5_ecb,0,NULL}, -{"CAST5-CFB","cast5-cfb",NID_cast5_cfb64,0,NULL}, -{"CAST5-OFB","cast5-ofb",NID_cast5_ofb64,0,NULL}, +{"CAST5-ECB","cast5-ecb",NID_cast5_ecb,0,NULL,0}, +{"CAST5-CFB","cast5-cfb",NID_cast5_cfb64,0,NULL,0}, +{"CAST5-OFB","cast5-ofb",NID_cast5_ofb64,0,NULL,0}, {"pbeWithMD5AndCast5CBC","pbeWithMD5AndCast5CBC", NID_pbeWithMD5AndCast5_CBC,9,&(lvalues[570]),0}, {"DSA-SHA1","dsaWithSHA1",NID_dsaWithSHA1,7,&(lvalues[579]),0}, -{"MD5-SHA1","md5-sha1",NID_md5_sha1,0,NULL}, +{"MD5-SHA1","md5-sha1",NID_md5_sha1,0,NULL,0}, {"RSA-SHA1-2","sha1WithRSA",NID_sha1WithRSA,5,&(lvalues[586]),0}, {"DSA","dsaEncryption",NID_dsa,7,&(lvalues[591]),0}, {"RIPEMD160","ripemd160",NID_ripemd160,5,&(lvalues[598]),0}, -{NULL,NULL,NID_undef,0,NULL}, +{NULL,NULL,NID_undef,0,NULL,0}, {"RSA-RIPEMD160","ripemd160WithRSA",NID_ripemd160WithRSA,6, &(lvalues[603]),0}, {"RC5-CBC","rc5-cbc",NID_rc5_cbc,8,&(lvalues[609]),0}, -{"RC5-ECB","rc5-ecb",NID_rc5_ecb,0,NULL}, -{"RC5-CFB","rc5-cfb",NID_rc5_cfb64,0,NULL}, -{"RC5-OFB","rc5-ofb",NID_rc5_ofb64,0,NULL}, +{"RC5-ECB","rc5-ecb",NID_rc5_ecb,0,NULL,0}, +{"RC5-CFB","rc5-cfb",NID_rc5_cfb64,0,NULL,0}, +{"RC5-OFB","rc5-ofb",NID_rc5_ofb64,0,NULL,0}, {"RLE","run length compression",NID_rle_compression,6,&(lvalues[617]),0}, -{"ZLIB","zlib compression",NID_zlib_compression,6,&(lvalues[623]),0}, +{"ZLIB","zlib compression",NID_zlib_compression,11,&(lvalues[623]),0}, {"extendedKeyUsage","X509v3 Extended Key Usage",NID_ext_key_usage,3, - &(lvalues[629]),0}, -{"PKIX","PKIX",NID_id_pkix,6,&(lvalues[632]),0}, -{"id-kp","id-kp",NID_id_kp,7,&(lvalues[638]),0}, + &(lvalues[634]),0}, +{"PKIX","PKIX",NID_id_pkix,6,&(lvalues[637]),0}, +{"id-kp","id-kp",NID_id_kp,7,&(lvalues[643]),0}, {"serverAuth","TLS Web Server Authentication",NID_server_auth,8, - &(lvalues[645]),0}, + &(lvalues[650]),0}, {"clientAuth","TLS Web Client Authentication",NID_client_auth,8, - &(lvalues[653]),0}, -{"codeSigning","Code Signing",NID_code_sign,8,&(lvalues[661]),0}, + &(lvalues[658]),0}, +{"codeSigning","Code Signing",NID_code_sign,8,&(lvalues[666]),0}, {"emailProtection","E-mail Protection",NID_email_protect,8, - &(lvalues[669]),0}, -{"timeStamping","Time Stamping",NID_time_stamp,8,&(lvalues[677]),0}, + &(lvalues[674]),0}, +{"timeStamping","Time Stamping",NID_time_stamp,8,&(lvalues[682]),0}, {"msCodeInd","Microsoft Individual Code Signing",NID_ms_code_ind,10, - &(lvalues[685]),0}, + &(lvalues[690]),0}, {"msCodeCom","Microsoft Commercial Code Signing",NID_ms_code_com,10, - &(lvalues[695]),0}, + &(lvalues[700]),0}, {"msCTLSign","Microsoft Trust List Signing",NID_ms_ctl_sign,10, - &(lvalues[705]),0}, -{"msSGC","Microsoft Server Gated Crypto",NID_ms_sgc,10,&(lvalues[715]),0}, + &(lvalues[710]),0}, +{"msSGC","Microsoft Server Gated Crypto",NID_ms_sgc,10,&(lvalues[720]),0}, {"msEFS","Microsoft Encrypted File System",NID_ms_efs,10, - &(lvalues[725]),0}, -{"nsSGC","Netscape Server Gated Crypto",NID_ns_sgc,9,&(lvalues[735]),0}, + &(lvalues[730]),0}, +{"nsSGC","Netscape Server Gated Crypto",NID_ns_sgc,9,&(lvalues[740]),0}, {"deltaCRL","X509v3 Delta CRL Indicator",NID_delta_crl,3, - &(lvalues[744]),0}, -{"CRLReason","X509v3 CRL Reason Code",NID_crl_reason,3,&(lvalues[747]),0}, + &(lvalues[749]),0}, +{"CRLReason","X509v3 CRL Reason Code",NID_crl_reason,3,&(lvalues[752]),0}, {"invalidityDate","Invalidity Date",NID_invalidity_date,3, - &(lvalues[750]),0}, -{"SXNetID","Strong Extranet ID",NID_sxnet,5,&(lvalues[753]),0}, + &(lvalues[755]),0}, +{"SXNetID","Strong Extranet ID",NID_sxnet,5,&(lvalues[758]),0}, {"PBE-SHA1-RC4-128","pbeWithSHA1And128BitRC4", - NID_pbe_WithSHA1And128BitRC4,10,&(lvalues[758]),0}, + NID_pbe_WithSHA1And128BitRC4,10,&(lvalues[763]),0}, {"PBE-SHA1-RC4-40","pbeWithSHA1And40BitRC4", - NID_pbe_WithSHA1And40BitRC4,10,&(lvalues[768]),0}, + NID_pbe_WithSHA1And40BitRC4,10,&(lvalues[773]),0}, {"PBE-SHA1-3DES","pbeWithSHA1And3-KeyTripleDES-CBC", - NID_pbe_WithSHA1And3_Key_TripleDES_CBC,10,&(lvalues[778]),0}, + NID_pbe_WithSHA1And3_Key_TripleDES_CBC,10,&(lvalues[783]),0}, {"PBE-SHA1-2DES","pbeWithSHA1And2-KeyTripleDES-CBC", - NID_pbe_WithSHA1And2_Key_TripleDES_CBC,10,&(lvalues[788]),0}, + NID_pbe_WithSHA1And2_Key_TripleDES_CBC,10,&(lvalues[793]),0}, {"PBE-SHA1-RC2-128","pbeWithSHA1And128BitRC2-CBC", - NID_pbe_WithSHA1And128BitRC2_CBC,10,&(lvalues[798]),0}, + NID_pbe_WithSHA1And128BitRC2_CBC,10,&(lvalues[803]),0}, {"PBE-SHA1-RC2-40","pbeWithSHA1And40BitRC2-CBC", - NID_pbe_WithSHA1And40BitRC2_CBC,10,&(lvalues[808]),0}, -{"keyBag","keyBag",NID_keyBag,11,&(lvalues[818]),0}, + NID_pbe_WithSHA1And40BitRC2_CBC,10,&(lvalues[813]),0}, +{"keyBag","keyBag",NID_keyBag,11,&(lvalues[823]),0}, {"pkcs8ShroudedKeyBag","pkcs8ShroudedKeyBag",NID_pkcs8ShroudedKeyBag, - 11,&(lvalues[829]),0}, -{"certBag","certBag",NID_certBag,11,&(lvalues[840]),0}, -{"crlBag","crlBag",NID_crlBag,11,&(lvalues[851]),0}, -{"secretBag","secretBag",NID_secretBag,11,&(lvalues[862]),0}, + 11,&(lvalues[834]),0}, +{"certBag","certBag",NID_certBag,11,&(lvalues[845]),0}, +{"crlBag","crlBag",NID_crlBag,11,&(lvalues[856]),0}, +{"secretBag","secretBag",NID_secretBag,11,&(lvalues[867]),0}, {"safeContentsBag","safeContentsBag",NID_safeContentsBag,11, - &(lvalues[873]),0}, -{"friendlyName","friendlyName",NID_friendlyName,9,&(lvalues[884]),0}, -{"localKeyID","localKeyID",NID_localKeyID,9,&(lvalues[893]),0}, + &(lvalues[878]),0}, +{"friendlyName","friendlyName",NID_friendlyName,9,&(lvalues[889]),0}, +{"localKeyID","localKeyID",NID_localKeyID,9,&(lvalues[898]),0}, {"x509Certificate","x509Certificate",NID_x509Certificate,10, - &(lvalues[902]),0}, + &(lvalues[907]),0}, {"sdsiCertificate","sdsiCertificate",NID_sdsiCertificate,10, - &(lvalues[912]),0}, -{"x509Crl","x509Crl",NID_x509Crl,10,&(lvalues[922]),0}, -{"PBES2","PBES2",NID_pbes2,9,&(lvalues[932]),0}, -{"PBMAC1","PBMAC1",NID_pbmac1,9,&(lvalues[941]),0}, -{"hmacWithSHA1","hmacWithSHA1",NID_hmacWithSHA1,8,&(lvalues[950]),0}, -{"id-qt-cps","Policy Qualifier CPS",NID_id_qt_cps,8,&(lvalues[958]),0}, + &(lvalues[917]),0}, +{"x509Crl","x509Crl",NID_x509Crl,10,&(lvalues[927]),0}, +{"PBES2","PBES2",NID_pbes2,9,&(lvalues[937]),0}, +{"PBMAC1","PBMAC1",NID_pbmac1,9,&(lvalues[946]),0}, +{"hmacWithSHA1","hmacWithSHA1",NID_hmacWithSHA1,8,&(lvalues[955]),0}, +{"id-qt-cps","Policy Qualifier CPS",NID_id_qt_cps,8,&(lvalues[963]),0}, {"id-qt-unotice","Policy Qualifier User Notice",NID_id_qt_unotice,8, - &(lvalues[966]),0}, -{"RC2-64-CBC","rc2-64-cbc",NID_rc2_64_cbc,0,NULL}, + &(lvalues[971]),0}, +{"RC2-64-CBC","rc2-64-cbc",NID_rc2_64_cbc,0,NULL,0}, {"SMIME-CAPS","S/MIME Capabilities",NID_SMIMECapabilities,9, - &(lvalues[974]),0}, + &(lvalues[979]),0}, {"PBE-MD2-RC2-64","pbeWithMD2AndRC2-CBC",NID_pbeWithMD2AndRC2_CBC,9, - &(lvalues[983]),0}, + &(lvalues[988]),0}, {"PBE-MD5-RC2-64","pbeWithMD5AndRC2-CBC",NID_pbeWithMD5AndRC2_CBC,9, - &(lvalues[992]),0}, + &(lvalues[997]),0}, {"PBE-SHA1-DES","pbeWithSHA1AndDES-CBC",NID_pbeWithSHA1AndDES_CBC,9, - &(lvalues[1001]),0}, + &(lvalues[1006]),0}, {"msExtReq","Microsoft Extension Request",NID_ms_ext_req,10, - &(lvalues[1010]),0}, -{"extReq","Extension Request",NID_ext_req,9,&(lvalues[1020]),0}, -{"name","name",NID_name,3,&(lvalues[1029]),0}, -{"dnQualifier","dnQualifier",NID_dnQualifier,3,&(lvalues[1032]),0}, -{"id-pe","id-pe",NID_id_pe,7,&(lvalues[1035]),0}, -{"id-ad","id-ad",NID_id_ad,7,&(lvalues[1042]),0}, + &(lvalues[1015]),0}, +{"extReq","Extension Request",NID_ext_req,9,&(lvalues[1025]),0}, +{"name","name",NID_name,3,&(lvalues[1034]),0}, +{"dnQualifier","dnQualifier",NID_dnQualifier,3,&(lvalues[1037]),0}, +{"id-pe","id-pe",NID_id_pe,7,&(lvalues[1040]),0}, +{"id-ad","id-ad",NID_id_ad,7,&(lvalues[1047]),0}, {"authorityInfoAccess","Authority Information Access",NID_info_access, - 8,&(lvalues[1049]),0}, -{"OCSP","OCSP",NID_ad_OCSP,8,&(lvalues[1057]),0}, -{"caIssuers","CA Issuers",NID_ad_ca_issuers,8,&(lvalues[1065]),0}, -{"OCSPSigning","OCSP Signing",NID_OCSP_sign,8,&(lvalues[1073]),0}, -{"ISO","iso",NID_iso,1,&(lvalues[1081]),0}, -{"member-body","ISO Member Body",NID_member_body,1,&(lvalues[1082]),0}, -{"ISO-US","ISO US Member Body",NID_ISO_US,3,&(lvalues[1083]),0}, -{"X9-57","X9.57",NID_X9_57,5,&(lvalues[1086]),0}, -{"X9cm","X9.57 CM ?",NID_X9cm,6,&(lvalues[1091]),0}, -{"pkcs1","pkcs1",NID_pkcs1,8,&(lvalues[1097]),0}, -{"pkcs5","pkcs5",NID_pkcs5,8,&(lvalues[1105]),0}, -{"SMIME","S/MIME",NID_SMIME,9,&(lvalues[1113]),0}, -{"id-smime-mod","id-smime-mod",NID_id_smime_mod,10,&(lvalues[1122]),0}, -{"id-smime-ct","id-smime-ct",NID_id_smime_ct,10,&(lvalues[1132]),0}, -{"id-smime-aa","id-smime-aa",NID_id_smime_aa,10,&(lvalues[1142]),0}, -{"id-smime-alg","id-smime-alg",NID_id_smime_alg,10,&(lvalues[1152]),0}, -{"id-smime-cd","id-smime-cd",NID_id_smime_cd,10,&(lvalues[1162]),0}, -{"id-smime-spq","id-smime-spq",NID_id_smime_spq,10,&(lvalues[1172]),0}, -{"id-smime-cti","id-smime-cti",NID_id_smime_cti,10,&(lvalues[1182]),0}, + 8,&(lvalues[1054]),0}, +{"OCSP","OCSP",NID_ad_OCSP,8,&(lvalues[1062]),0}, +{"caIssuers","CA Issuers",NID_ad_ca_issuers,8,&(lvalues[1070]),0}, +{"OCSPSigning","OCSP Signing",NID_OCSP_sign,8,&(lvalues[1078]),0}, +{"ISO","iso",NID_iso,1,&(lvalues[1086]),0}, +{"member-body","ISO Member Body",NID_member_body,1,&(lvalues[1087]),0}, +{"ISO-US","ISO US Member Body",NID_ISO_US,3,&(lvalues[1088]),0}, +{"X9-57","X9.57",NID_X9_57,5,&(lvalues[1091]),0}, +{"X9cm","X9.57 CM ?",NID_X9cm,6,&(lvalues[1096]),0}, +{"pkcs1","pkcs1",NID_pkcs1,8,&(lvalues[1102]),0}, +{"pkcs5","pkcs5",NID_pkcs5,8,&(lvalues[1110]),0}, +{"SMIME","S/MIME",NID_SMIME,9,&(lvalues[1118]),0}, +{"id-smime-mod","id-smime-mod",NID_id_smime_mod,10,&(lvalues[1127]),0}, +{"id-smime-ct","id-smime-ct",NID_id_smime_ct,10,&(lvalues[1137]),0}, +{"id-smime-aa","id-smime-aa",NID_id_smime_aa,10,&(lvalues[1147]),0}, +{"id-smime-alg","id-smime-alg",NID_id_smime_alg,10,&(lvalues[1157]),0}, +{"id-smime-cd","id-smime-cd",NID_id_smime_cd,10,&(lvalues[1167]),0}, +{"id-smime-spq","id-smime-spq",NID_id_smime_spq,10,&(lvalues[1177]),0}, +{"id-smime-cti","id-smime-cti",NID_id_smime_cti,10,&(lvalues[1187]),0}, {"id-smime-mod-cms","id-smime-mod-cms",NID_id_smime_mod_cms,11, - &(lvalues[1192]),0}, + &(lvalues[1197]),0}, {"id-smime-mod-ess","id-smime-mod-ess",NID_id_smime_mod_ess,11, - &(lvalues[1203]),0}, + &(lvalues[1208]),0}, {"id-smime-mod-oid","id-smime-mod-oid",NID_id_smime_mod_oid,11, - &(lvalues[1214]),0}, + &(lvalues[1219]),0}, {"id-smime-mod-msg-v3","id-smime-mod-msg-v3",NID_id_smime_mod_msg_v3, - 11,&(lvalues[1225]),0}, + 11,&(lvalues[1230]),0}, {"id-smime-mod-ets-eSignature-88","id-smime-mod-ets-eSignature-88", - NID_id_smime_mod_ets_eSignature_88,11,&(lvalues[1236]),0}, + NID_id_smime_mod_ets_eSignature_88,11,&(lvalues[1241]),0}, {"id-smime-mod-ets-eSignature-97","id-smime-mod-ets-eSignature-97", - NID_id_smime_mod_ets_eSignature_97,11,&(lvalues[1247]),0}, + NID_id_smime_mod_ets_eSignature_97,11,&(lvalues[1252]),0}, {"id-smime-mod-ets-eSigPolicy-88","id-smime-mod-ets-eSigPolicy-88", - NID_id_smime_mod_ets_eSigPolicy_88,11,&(lvalues[1258]),0}, + NID_id_smime_mod_ets_eSigPolicy_88,11,&(lvalues[1263]),0}, {"id-smime-mod-ets-eSigPolicy-97","id-smime-mod-ets-eSigPolicy-97", - NID_id_smime_mod_ets_eSigPolicy_97,11,&(lvalues[1269]),0}, + NID_id_smime_mod_ets_eSigPolicy_97,11,&(lvalues[1274]),0}, {"id-smime-ct-receipt","id-smime-ct-receipt",NID_id_smime_ct_receipt, - 11,&(lvalues[1280]),0}, + 11,&(lvalues[1285]),0}, {"id-smime-ct-authData","id-smime-ct-authData", - NID_id_smime_ct_authData,11,&(lvalues[1291]),0}, + NID_id_smime_ct_authData,11,&(lvalues[1296]),0}, {"id-smime-ct-publishCert","id-smime-ct-publishCert", - NID_id_smime_ct_publishCert,11,&(lvalues[1302]),0}, + NID_id_smime_ct_publishCert,11,&(lvalues[1307]),0}, {"id-smime-ct-TSTInfo","id-smime-ct-TSTInfo",NID_id_smime_ct_TSTInfo, - 11,&(lvalues[1313]),0}, + 11,&(lvalues[1318]),0}, {"id-smime-ct-TDTInfo","id-smime-ct-TDTInfo",NID_id_smime_ct_TDTInfo, - 11,&(lvalues[1324]),0}, + 11,&(lvalues[1329]),0}, {"id-smime-ct-contentInfo","id-smime-ct-contentInfo", - NID_id_smime_ct_contentInfo,11,&(lvalues[1335]),0}, + NID_id_smime_ct_contentInfo,11,&(lvalues[1340]),0}, {"id-smime-ct-DVCSRequestData","id-smime-ct-DVCSRequestData", - NID_id_smime_ct_DVCSRequestData,11,&(lvalues[1346]),0}, + NID_id_smime_ct_DVCSRequestData,11,&(lvalues[1351]),0}, {"id-smime-ct-DVCSResponseData","id-smime-ct-DVCSResponseData", - NID_id_smime_ct_DVCSResponseData,11,&(lvalues[1357]),0}, + NID_id_smime_ct_DVCSResponseData,11,&(lvalues[1362]),0}, {"id-smime-aa-receiptRequest","id-smime-aa-receiptRequest", - NID_id_smime_aa_receiptRequest,11,&(lvalues[1368]),0}, + NID_id_smime_aa_receiptRequest,11,&(lvalues[1373]),0}, {"id-smime-aa-securityLabel","id-smime-aa-securityLabel", - NID_id_smime_aa_securityLabel,11,&(lvalues[1379]),0}, + NID_id_smime_aa_securityLabel,11,&(lvalues[1384]),0}, {"id-smime-aa-mlExpandHistory","id-smime-aa-mlExpandHistory", - NID_id_smime_aa_mlExpandHistory,11,&(lvalues[1390]),0}, + NID_id_smime_aa_mlExpandHistory,11,&(lvalues[1395]),0}, {"id-smime-aa-contentHint","id-smime-aa-contentHint", - NID_id_smime_aa_contentHint,11,&(lvalues[1401]),0}, + NID_id_smime_aa_contentHint,11,&(lvalues[1406]),0}, {"id-smime-aa-msgSigDigest","id-smime-aa-msgSigDigest", - NID_id_smime_aa_msgSigDigest,11,&(lvalues[1412]),0}, + NID_id_smime_aa_msgSigDigest,11,&(lvalues[1417]),0}, {"id-smime-aa-encapContentType","id-smime-aa-encapContentType", - NID_id_smime_aa_encapContentType,11,&(lvalues[1423]),0}, + NID_id_smime_aa_encapContentType,11,&(lvalues[1428]),0}, {"id-smime-aa-contentIdentifier","id-smime-aa-contentIdentifier", - NID_id_smime_aa_contentIdentifier,11,&(lvalues[1434]),0}, + NID_id_smime_aa_contentIdentifier,11,&(lvalues[1439]),0}, {"id-smime-aa-macValue","id-smime-aa-macValue", - NID_id_smime_aa_macValue,11,&(lvalues[1445]),0}, + NID_id_smime_aa_macValue,11,&(lvalues[1450]),0}, {"id-smime-aa-equivalentLabels","id-smime-aa-equivalentLabels", - NID_id_smime_aa_equivalentLabels,11,&(lvalues[1456]),0}, + NID_id_smime_aa_equivalentLabels,11,&(lvalues[1461]),0}, {"id-smime-aa-contentReference","id-smime-aa-contentReference", - NID_id_smime_aa_contentReference,11,&(lvalues[1467]),0}, + NID_id_smime_aa_contentReference,11,&(lvalues[1472]),0}, {"id-smime-aa-encrypKeyPref","id-smime-aa-encrypKeyPref", - NID_id_smime_aa_encrypKeyPref,11,&(lvalues[1478]),0}, + NID_id_smime_aa_encrypKeyPref,11,&(lvalues[1483]),0}, {"id-smime-aa-signingCertificate","id-smime-aa-signingCertificate", - NID_id_smime_aa_signingCertificate,11,&(lvalues[1489]),0}, + NID_id_smime_aa_signingCertificate,11,&(lvalues[1494]),0}, {"id-smime-aa-smimeEncryptCerts","id-smime-aa-smimeEncryptCerts", - NID_id_smime_aa_smimeEncryptCerts,11,&(lvalues[1500]),0}, + NID_id_smime_aa_smimeEncryptCerts,11,&(lvalues[1505]),0}, {"id-smime-aa-timeStampToken","id-smime-aa-timeStampToken", - NID_id_smime_aa_timeStampToken,11,&(lvalues[1511]),0}, + NID_id_smime_aa_timeStampToken,11,&(lvalues[1516]),0}, {"id-smime-aa-ets-sigPolicyId","id-smime-aa-ets-sigPolicyId", - NID_id_smime_aa_ets_sigPolicyId,11,&(lvalues[1522]),0}, + NID_id_smime_aa_ets_sigPolicyId,11,&(lvalues[1527]),0}, {"id-smime-aa-ets-commitmentType","id-smime-aa-ets-commitmentType", - NID_id_smime_aa_ets_commitmentType,11,&(lvalues[1533]),0}, + NID_id_smime_aa_ets_commitmentType,11,&(lvalues[1538]),0}, {"id-smime-aa-ets-signerLocation","id-smime-aa-ets-signerLocation", - NID_id_smime_aa_ets_signerLocation,11,&(lvalues[1544]),0}, + NID_id_smime_aa_ets_signerLocation,11,&(lvalues[1549]),0}, {"id-smime-aa-ets-signerAttr","id-smime-aa-ets-signerAttr", - NID_id_smime_aa_ets_signerAttr,11,&(lvalues[1555]),0}, + NID_id_smime_aa_ets_signerAttr,11,&(lvalues[1560]),0}, {"id-smime-aa-ets-otherSigCert","id-smime-aa-ets-otherSigCert", - NID_id_smime_aa_ets_otherSigCert,11,&(lvalues[1566]),0}, + NID_id_smime_aa_ets_otherSigCert,11,&(lvalues[1571]),0}, {"id-smime-aa-ets-contentTimestamp", "id-smime-aa-ets-contentTimestamp", - NID_id_smime_aa_ets_contentTimestamp,11,&(lvalues[1577]),0}, + NID_id_smime_aa_ets_contentTimestamp,11,&(lvalues[1582]),0}, {"id-smime-aa-ets-CertificateRefs","id-smime-aa-ets-CertificateRefs", - NID_id_smime_aa_ets_CertificateRefs,11,&(lvalues[1588]),0}, + NID_id_smime_aa_ets_CertificateRefs,11,&(lvalues[1593]),0}, {"id-smime-aa-ets-RevocationRefs","id-smime-aa-ets-RevocationRefs", - NID_id_smime_aa_ets_RevocationRefs,11,&(lvalues[1599]),0}, + NID_id_smime_aa_ets_RevocationRefs,11,&(lvalues[1604]),0}, {"id-smime-aa-ets-certValues","id-smime-aa-ets-certValues", - NID_id_smime_aa_ets_certValues,11,&(lvalues[1610]),0}, + NID_id_smime_aa_ets_certValues,11,&(lvalues[1615]),0}, {"id-smime-aa-ets-revocationValues", "id-smime-aa-ets-revocationValues", - NID_id_smime_aa_ets_revocationValues,11,&(lvalues[1621]),0}, + NID_id_smime_aa_ets_revocationValues,11,&(lvalues[1626]),0}, {"id-smime-aa-ets-escTimeStamp","id-smime-aa-ets-escTimeStamp", - NID_id_smime_aa_ets_escTimeStamp,11,&(lvalues[1632]),0}, + NID_id_smime_aa_ets_escTimeStamp,11,&(lvalues[1637]),0}, {"id-smime-aa-ets-certCRLTimestamp", "id-smime-aa-ets-certCRLTimestamp", - NID_id_smime_aa_ets_certCRLTimestamp,11,&(lvalues[1643]),0}, + NID_id_smime_aa_ets_certCRLTimestamp,11,&(lvalues[1648]),0}, {"id-smime-aa-ets-archiveTimeStamp", "id-smime-aa-ets-archiveTimeStamp", - NID_id_smime_aa_ets_archiveTimeStamp,11,&(lvalues[1654]),0}, + NID_id_smime_aa_ets_archiveTimeStamp,11,&(lvalues[1659]),0}, {"id-smime-aa-signatureType","id-smime-aa-signatureType", - NID_id_smime_aa_signatureType,11,&(lvalues[1665]),0}, + NID_id_smime_aa_signatureType,11,&(lvalues[1670]),0}, {"id-smime-aa-dvcs-dvc","id-smime-aa-dvcs-dvc", - NID_id_smime_aa_dvcs_dvc,11,&(lvalues[1676]),0}, + NID_id_smime_aa_dvcs_dvc,11,&(lvalues[1681]),0}, {"id-smime-alg-ESDHwith3DES","id-smime-alg-ESDHwith3DES", - NID_id_smime_alg_ESDHwith3DES,11,&(lvalues[1687]),0}, + NID_id_smime_alg_ESDHwith3DES,11,&(lvalues[1692]),0}, {"id-smime-alg-ESDHwithRC2","id-smime-alg-ESDHwithRC2", - NID_id_smime_alg_ESDHwithRC2,11,&(lvalues[1698]),0}, + NID_id_smime_alg_ESDHwithRC2,11,&(lvalues[1703]),0}, {"id-smime-alg-3DESwrap","id-smime-alg-3DESwrap", - NID_id_smime_alg_3DESwrap,11,&(lvalues[1709]),0}, + NID_id_smime_alg_3DESwrap,11,&(lvalues[1714]),0}, {"id-smime-alg-RC2wrap","id-smime-alg-RC2wrap", - NID_id_smime_alg_RC2wrap,11,&(lvalues[1720]),0}, + NID_id_smime_alg_RC2wrap,11,&(lvalues[1725]),0}, {"id-smime-alg-ESDH","id-smime-alg-ESDH",NID_id_smime_alg_ESDH,11, - &(lvalues[1731]),0}, + &(lvalues[1736]),0}, {"id-smime-alg-CMS3DESwrap","id-smime-alg-CMS3DESwrap", - NID_id_smime_alg_CMS3DESwrap,11,&(lvalues[1742]),0}, + NID_id_smime_alg_CMS3DESwrap,11,&(lvalues[1747]),0}, {"id-smime-alg-CMSRC2wrap","id-smime-alg-CMSRC2wrap", - NID_id_smime_alg_CMSRC2wrap,11,&(lvalues[1753]),0}, + NID_id_smime_alg_CMSRC2wrap,11,&(lvalues[1758]),0}, {"id-smime-cd-ldap","id-smime-cd-ldap",NID_id_smime_cd_ldap,11, - &(lvalues[1764]),0}, + &(lvalues[1769]),0}, {"id-smime-spq-ets-sqt-uri","id-smime-spq-ets-sqt-uri", - NID_id_smime_spq_ets_sqt_uri,11,&(lvalues[1775]),0}, + NID_id_smime_spq_ets_sqt_uri,11,&(lvalues[1780]),0}, {"id-smime-spq-ets-sqt-unotice","id-smime-spq-ets-sqt-unotice", - NID_id_smime_spq_ets_sqt_unotice,11,&(lvalues[1786]),0}, + NID_id_smime_spq_ets_sqt_unotice,11,&(lvalues[1791]),0}, {"id-smime-cti-ets-proofOfOrigin","id-smime-cti-ets-proofOfOrigin", - NID_id_smime_cti_ets_proofOfOrigin,11,&(lvalues[1797]),0}, + NID_id_smime_cti_ets_proofOfOrigin,11,&(lvalues[1802]),0}, {"id-smime-cti-ets-proofOfReceipt","id-smime-cti-ets-proofOfReceipt", - NID_id_smime_cti_ets_proofOfReceipt,11,&(lvalues[1808]),0}, + NID_id_smime_cti_ets_proofOfReceipt,11,&(lvalues[1813]),0}, {"id-smime-cti-ets-proofOfDelivery", "id-smime-cti-ets-proofOfDelivery", - NID_id_smime_cti_ets_proofOfDelivery,11,&(lvalues[1819]),0}, + NID_id_smime_cti_ets_proofOfDelivery,11,&(lvalues[1824]),0}, {"id-smime-cti-ets-proofOfSender","id-smime-cti-ets-proofOfSender", - NID_id_smime_cti_ets_proofOfSender,11,&(lvalues[1830]),0}, + NID_id_smime_cti_ets_proofOfSender,11,&(lvalues[1835]),0}, {"id-smime-cti-ets-proofOfApproval", "id-smime-cti-ets-proofOfApproval", - NID_id_smime_cti_ets_proofOfApproval,11,&(lvalues[1841]),0}, + NID_id_smime_cti_ets_proofOfApproval,11,&(lvalues[1846]),0}, {"id-smime-cti-ets-proofOfCreation", "id-smime-cti-ets-proofOfCreation", - NID_id_smime_cti_ets_proofOfCreation,11,&(lvalues[1852]),0}, -{"MD4","md4",NID_md4,8,&(lvalues[1863]),0}, -{"id-pkix-mod","id-pkix-mod",NID_id_pkix_mod,7,&(lvalues[1871]),0}, -{"id-qt","id-qt",NID_id_qt,7,&(lvalues[1878]),0}, -{"id-it","id-it",NID_id_it,7,&(lvalues[1885]),0}, -{"id-pkip","id-pkip",NID_id_pkip,7,&(lvalues[1892]),0}, -{"id-alg","id-alg",NID_id_alg,7,&(lvalues[1899]),0}, -{"id-cmc","id-cmc",NID_id_cmc,7,&(lvalues[1906]),0}, -{"id-on","id-on",NID_id_on,7,&(lvalues[1913]),0}, -{"id-pda","id-pda",NID_id_pda,7,&(lvalues[1920]),0}, -{"id-aca","id-aca",NID_id_aca,7,&(lvalues[1927]),0}, -{"id-qcs","id-qcs",NID_id_qcs,7,&(lvalues[1934]),0}, -{"id-cct","id-cct",NID_id_cct,7,&(lvalues[1941]),0}, + NID_id_smime_cti_ets_proofOfCreation,11,&(lvalues[1857]),0}, +{"MD4","md4",NID_md4,8,&(lvalues[1868]),0}, +{"id-pkix-mod","id-pkix-mod",NID_id_pkix_mod,7,&(lvalues[1876]),0}, +{"id-qt","id-qt",NID_id_qt,7,&(lvalues[1883]),0}, +{"id-it","id-it",NID_id_it,7,&(lvalues[1890]),0}, +{"id-pkip","id-pkip",NID_id_pkip,7,&(lvalues[1897]),0}, +{"id-alg","id-alg",NID_id_alg,7,&(lvalues[1904]),0}, +{"id-cmc","id-cmc",NID_id_cmc,7,&(lvalues[1911]),0}, +{"id-on","id-on",NID_id_on,7,&(lvalues[1918]),0}, +{"id-pda","id-pda",NID_id_pda,7,&(lvalues[1925]),0}, +{"id-aca","id-aca",NID_id_aca,7,&(lvalues[1932]),0}, +{"id-qcs","id-qcs",NID_id_qcs,7,&(lvalues[1939]),0}, +{"id-cct","id-cct",NID_id_cct,7,&(lvalues[1946]),0}, {"id-pkix1-explicit-88","id-pkix1-explicit-88", - NID_id_pkix1_explicit_88,8,&(lvalues[1948]),0}, + NID_id_pkix1_explicit_88,8,&(lvalues[1953]),0}, {"id-pkix1-implicit-88","id-pkix1-implicit-88", - NID_id_pkix1_implicit_88,8,&(lvalues[1956]),0}, + NID_id_pkix1_implicit_88,8,&(lvalues[1961]),0}, {"id-pkix1-explicit-93","id-pkix1-explicit-93", - NID_id_pkix1_explicit_93,8,&(lvalues[1964]),0}, + NID_id_pkix1_explicit_93,8,&(lvalues[1969]),0}, {"id-pkix1-implicit-93","id-pkix1-implicit-93", - NID_id_pkix1_implicit_93,8,&(lvalues[1972]),0}, -{"id-mod-crmf","id-mod-crmf",NID_id_mod_crmf,8,&(lvalues[1980]),0}, -{"id-mod-cmc","id-mod-cmc",NID_id_mod_cmc,8,&(lvalues[1988]),0}, + NID_id_pkix1_implicit_93,8,&(lvalues[1977]),0}, +{"id-mod-crmf","id-mod-crmf",NID_id_mod_crmf,8,&(lvalues[1985]),0}, +{"id-mod-cmc","id-mod-cmc",NID_id_mod_cmc,8,&(lvalues[1993]),0}, {"id-mod-kea-profile-88","id-mod-kea-profile-88", - NID_id_mod_kea_profile_88,8,&(lvalues[1996]),0}, + NID_id_mod_kea_profile_88,8,&(lvalues[2001]),0}, {"id-mod-kea-profile-93","id-mod-kea-profile-93", - NID_id_mod_kea_profile_93,8,&(lvalues[2004]),0}, -{"id-mod-cmp","id-mod-cmp",NID_id_mod_cmp,8,&(lvalues[2012]),0}, + NID_id_mod_kea_profile_93,8,&(lvalues[2009]),0}, +{"id-mod-cmp","id-mod-cmp",NID_id_mod_cmp,8,&(lvalues[2017]),0}, {"id-mod-qualified-cert-88","id-mod-qualified-cert-88", - NID_id_mod_qualified_cert_88,8,&(lvalues[2020]),0}, + NID_id_mod_qualified_cert_88,8,&(lvalues[2025]),0}, {"id-mod-qualified-cert-93","id-mod-qualified-cert-93", - NID_id_mod_qualified_cert_93,8,&(lvalues[2028]),0}, + NID_id_mod_qualified_cert_93,8,&(lvalues[2033]),0}, {"id-mod-attribute-cert","id-mod-attribute-cert", - NID_id_mod_attribute_cert,8,&(lvalues[2036]),0}, + NID_id_mod_attribute_cert,8,&(lvalues[2041]),0}, {"id-mod-timestamp-protocol","id-mod-timestamp-protocol", - NID_id_mod_timestamp_protocol,8,&(lvalues[2044]),0}, -{"id-mod-ocsp","id-mod-ocsp",NID_id_mod_ocsp,8,&(lvalues[2052]),0}, -{"id-mod-dvcs","id-mod-dvcs",NID_id_mod_dvcs,8,&(lvalues[2060]),0}, + NID_id_mod_timestamp_protocol,8,&(lvalues[2049]),0}, +{"id-mod-ocsp","id-mod-ocsp",NID_id_mod_ocsp,8,&(lvalues[2057]),0}, +{"id-mod-dvcs","id-mod-dvcs",NID_id_mod_dvcs,8,&(lvalues[2065]),0}, {"id-mod-cmp2000","id-mod-cmp2000",NID_id_mod_cmp2000,8, - &(lvalues[2068]),0}, -{"biometricInfo","Biometric Info",NID_biometricInfo,8,&(lvalues[2076]),0}, -{"qcStatements","qcStatements",NID_qcStatements,8,&(lvalues[2084]),0}, + &(lvalues[2073]),0}, +{"biometricInfo","Biometric Info",NID_biometricInfo,8,&(lvalues[2081]),0}, +{"qcStatements","qcStatements",NID_qcStatements,8,&(lvalues[2089]),0}, {"ac-auditEntity","ac-auditEntity",NID_ac_auditEntity,8, - &(lvalues[2092]),0}, -{"ac-targeting","ac-targeting",NID_ac_targeting,8,&(lvalues[2100]),0}, -{"aaControls","aaControls",NID_aaControls,8,&(lvalues[2108]),0}, + &(lvalues[2097]),0}, +{"ac-targeting","ac-targeting",NID_ac_targeting,8,&(lvalues[2105]),0}, +{"aaControls","aaControls",NID_aaControls,8,&(lvalues[2113]),0}, {"sbgp-ipAddrBlock","sbgp-ipAddrBlock",NID_sbgp_ipAddrBlock,8, - &(lvalues[2116]),0}, + &(lvalues[2121]),0}, {"sbgp-autonomousSysNum","sbgp-autonomousSysNum", - NID_sbgp_autonomousSysNum,8,&(lvalues[2124]),0}, + NID_sbgp_autonomousSysNum,8,&(lvalues[2129]),0}, {"sbgp-routerIdentifier","sbgp-routerIdentifier", - NID_sbgp_routerIdentifier,8,&(lvalues[2132]),0}, -{"textNotice","textNotice",NID_textNotice,8,&(lvalues[2140]),0}, + NID_sbgp_routerIdentifier,8,&(lvalues[2137]),0}, +{"textNotice","textNotice",NID_textNotice,8,&(lvalues[2145]),0}, {"ipsecEndSystem","IPSec End System",NID_ipsecEndSystem,8, - &(lvalues[2148]),0}, -{"ipsecTunnel","IPSec Tunnel",NID_ipsecTunnel,8,&(lvalues[2156]),0}, -{"ipsecUser","IPSec User",NID_ipsecUser,8,&(lvalues[2164]),0}, -{"DVCS","dvcs",NID_dvcs,8,&(lvalues[2172]),0}, + &(lvalues[2153]),0}, +{"ipsecTunnel","IPSec Tunnel",NID_ipsecTunnel,8,&(lvalues[2161]),0}, +{"ipsecUser","IPSec User",NID_ipsecUser,8,&(lvalues[2169]),0}, +{"DVCS","dvcs",NID_dvcs,8,&(lvalues[2177]),0}, {"id-it-caProtEncCert","id-it-caProtEncCert",NID_id_it_caProtEncCert, - 8,&(lvalues[2180]),0}, + 8,&(lvalues[2185]),0}, {"id-it-signKeyPairTypes","id-it-signKeyPairTypes", - NID_id_it_signKeyPairTypes,8,&(lvalues[2188]),0}, + NID_id_it_signKeyPairTypes,8,&(lvalues[2193]),0}, {"id-it-encKeyPairTypes","id-it-encKeyPairTypes", - NID_id_it_encKeyPairTypes,8,&(lvalues[2196]),0}, + NID_id_it_encKeyPairTypes,8,&(lvalues[2201]),0}, {"id-it-preferredSymmAlg","id-it-preferredSymmAlg", - NID_id_it_preferredSymmAlg,8,&(lvalues[2204]),0}, + NID_id_it_preferredSymmAlg,8,&(lvalues[2209]),0}, {"id-it-caKeyUpdateInfo","id-it-caKeyUpdateInfo", - NID_id_it_caKeyUpdateInfo,8,&(lvalues[2212]),0}, + NID_id_it_caKeyUpdateInfo,8,&(lvalues[2217]),0}, {"id-it-currentCRL","id-it-currentCRL",NID_id_it_currentCRL,8, - &(lvalues[2220]),0}, + &(lvalues[2225]),0}, {"id-it-unsupportedOIDs","id-it-unsupportedOIDs", - NID_id_it_unsupportedOIDs,8,&(lvalues[2228]),0}, + NID_id_it_unsupportedOIDs,8,&(lvalues[2233]),0}, {"id-it-subscriptionRequest","id-it-subscriptionRequest", - NID_id_it_subscriptionRequest,8,&(lvalues[2236]),0}, + NID_id_it_subscriptionRequest,8,&(lvalues[2241]),0}, {"id-it-subscriptionResponse","id-it-subscriptionResponse", - NID_id_it_subscriptionResponse,8,&(lvalues[2244]),0}, + NID_id_it_subscriptionResponse,8,&(lvalues[2249]),0}, {"id-it-keyPairParamReq","id-it-keyPairParamReq", - NID_id_it_keyPairParamReq,8,&(lvalues[2252]),0}, + NID_id_it_keyPairParamReq,8,&(lvalues[2257]),0}, {"id-it-keyPairParamRep","id-it-keyPairParamRep", - NID_id_it_keyPairParamRep,8,&(lvalues[2260]),0}, + NID_id_it_keyPairParamRep,8,&(lvalues[2265]),0}, {"id-it-revPassphrase","id-it-revPassphrase",NID_id_it_revPassphrase, - 8,&(lvalues[2268]),0}, + 8,&(lvalues[2273]),0}, {"id-it-implicitConfirm","id-it-implicitConfirm", - NID_id_it_implicitConfirm,8,&(lvalues[2276]),0}, + NID_id_it_implicitConfirm,8,&(lvalues[2281]),0}, {"id-it-confirmWaitTime","id-it-confirmWaitTime", - NID_id_it_confirmWaitTime,8,&(lvalues[2284]),0}, + NID_id_it_confirmWaitTime,8,&(lvalues[2289]),0}, {"id-it-origPKIMessage","id-it-origPKIMessage", - NID_id_it_origPKIMessage,8,&(lvalues[2292]),0}, -{"id-regCtrl","id-regCtrl",NID_id_regCtrl,8,&(lvalues[2300]),0}, -{"id-regInfo","id-regInfo",NID_id_regInfo,8,&(lvalues[2308]),0}, + NID_id_it_origPKIMessage,8,&(lvalues[2297]),0}, +{"id-regCtrl","id-regCtrl",NID_id_regCtrl,8,&(lvalues[2305]),0}, +{"id-regInfo","id-regInfo",NID_id_regInfo,8,&(lvalues[2313]),0}, {"id-regCtrl-regToken","id-regCtrl-regToken",NID_id_regCtrl_regToken, - 9,&(lvalues[2316]),0}, + 9,&(lvalues[2321]),0}, {"id-regCtrl-authenticator","id-regCtrl-authenticator", - NID_id_regCtrl_authenticator,9,&(lvalues[2325]),0}, + NID_id_regCtrl_authenticator,9,&(lvalues[2330]),0}, {"id-regCtrl-pkiPublicationInfo","id-regCtrl-pkiPublicationInfo", - NID_id_regCtrl_pkiPublicationInfo,9,&(lvalues[2334]),0}, + NID_id_regCtrl_pkiPublicationInfo,9,&(lvalues[2339]),0}, {"id-regCtrl-pkiArchiveOptions","id-regCtrl-pkiArchiveOptions", - NID_id_regCtrl_pkiArchiveOptions,9,&(lvalues[2343]),0}, + NID_id_regCtrl_pkiArchiveOptions,9,&(lvalues[2348]),0}, {"id-regCtrl-oldCertID","id-regCtrl-oldCertID", - NID_id_regCtrl_oldCertID,9,&(lvalues[2352]),0}, + NID_id_regCtrl_oldCertID,9,&(lvalues[2357]),0}, {"id-regCtrl-protocolEncrKey","id-regCtrl-protocolEncrKey", - NID_id_regCtrl_protocolEncrKey,9,&(lvalues[2361]),0}, + NID_id_regCtrl_protocolEncrKey,9,&(lvalues[2366]),0}, {"id-regInfo-utf8Pairs","id-regInfo-utf8Pairs", - NID_id_regInfo_utf8Pairs,9,&(lvalues[2370]),0}, + NID_id_regInfo_utf8Pairs,9,&(lvalues[2375]),0}, {"id-regInfo-certReq","id-regInfo-certReq",NID_id_regInfo_certReq,9, - &(lvalues[2379]),0}, -{"id-alg-des40","id-alg-des40",NID_id_alg_des40,8,&(lvalues[2388]),0}, + &(lvalues[2384]),0}, +{"id-alg-des40","id-alg-des40",NID_id_alg_des40,8,&(lvalues[2393]),0}, {"id-alg-noSignature","id-alg-noSignature",NID_id_alg_noSignature,8, - &(lvalues[2396]),0}, + &(lvalues[2401]),0}, {"id-alg-dh-sig-hmac-sha1","id-alg-dh-sig-hmac-sha1", - NID_id_alg_dh_sig_hmac_sha1,8,&(lvalues[2404]),0}, -{"id-alg-dh-pop","id-alg-dh-pop",NID_id_alg_dh_pop,8,&(lvalues[2412]),0}, + NID_id_alg_dh_sig_hmac_sha1,8,&(lvalues[2409]),0}, +{"id-alg-dh-pop","id-alg-dh-pop",NID_id_alg_dh_pop,8,&(lvalues[2417]),0}, {"id-cmc-statusInfo","id-cmc-statusInfo",NID_id_cmc_statusInfo,8, - &(lvalues[2420]),0}, + &(lvalues[2425]),0}, {"id-cmc-identification","id-cmc-identification", - NID_id_cmc_identification,8,&(lvalues[2428]),0}, + NID_id_cmc_identification,8,&(lvalues[2433]),0}, {"id-cmc-identityProof","id-cmc-identityProof", - NID_id_cmc_identityProof,8,&(lvalues[2436]),0}, + NID_id_cmc_identityProof,8,&(lvalues[2441]),0}, {"id-cmc-dataReturn","id-cmc-dataReturn",NID_id_cmc_dataReturn,8, - &(lvalues[2444]),0}, + &(lvalues[2449]),0}, {"id-cmc-transactionId","id-cmc-transactionId", - NID_id_cmc_transactionId,8,&(lvalues[2452]),0}, + NID_id_cmc_transactionId,8,&(lvalues[2457]),0}, {"id-cmc-senderNonce","id-cmc-senderNonce",NID_id_cmc_senderNonce,8, - &(lvalues[2460]),0}, + &(lvalues[2465]),0}, {"id-cmc-recipientNonce","id-cmc-recipientNonce", - NID_id_cmc_recipientNonce,8,&(lvalues[2468]),0}, + NID_id_cmc_recipientNonce,8,&(lvalues[2473]),0}, {"id-cmc-addExtensions","id-cmc-addExtensions", - NID_id_cmc_addExtensions,8,&(lvalues[2476]),0}, + NID_id_cmc_addExtensions,8,&(lvalues[2481]),0}, {"id-cmc-encryptedPOP","id-cmc-encryptedPOP",NID_id_cmc_encryptedPOP, - 8,&(lvalues[2484]),0}, + 8,&(lvalues[2489]),0}, {"id-cmc-decryptedPOP","id-cmc-decryptedPOP",NID_id_cmc_decryptedPOP, - 8,&(lvalues[2492]),0}, + 8,&(lvalues[2497]),0}, {"id-cmc-lraPOPWitness","id-cmc-lraPOPWitness", - NID_id_cmc_lraPOPWitness,8,&(lvalues[2500]),0}, + NID_id_cmc_lraPOPWitness,8,&(lvalues[2505]),0}, {"id-cmc-getCert","id-cmc-getCert",NID_id_cmc_getCert,8, - &(lvalues[2508]),0}, -{"id-cmc-getCRL","id-cmc-getCRL",NID_id_cmc_getCRL,8,&(lvalues[2516]),0}, + &(lvalues[2513]),0}, +{"id-cmc-getCRL","id-cmc-getCRL",NID_id_cmc_getCRL,8,&(lvalues[2521]),0}, {"id-cmc-revokeRequest","id-cmc-revokeRequest", - NID_id_cmc_revokeRequest,8,&(lvalues[2524]),0}, + NID_id_cmc_revokeRequest,8,&(lvalues[2529]),0}, {"id-cmc-regInfo","id-cmc-regInfo",NID_id_cmc_regInfo,8, - &(lvalues[2532]),0}, + &(lvalues[2537]),0}, {"id-cmc-responseInfo","id-cmc-responseInfo",NID_id_cmc_responseInfo, - 8,&(lvalues[2540]),0}, + 8,&(lvalues[2545]),0}, {"id-cmc-queryPending","id-cmc-queryPending",NID_id_cmc_queryPending, - 8,&(lvalues[2548]),0}, + 8,&(lvalues[2553]),0}, {"id-cmc-popLinkRandom","id-cmc-popLinkRandom", - NID_id_cmc_popLinkRandom,8,&(lvalues[2556]),0}, + NID_id_cmc_popLinkRandom,8,&(lvalues[2561]),0}, {"id-cmc-popLinkWitness","id-cmc-popLinkWitness", - NID_id_cmc_popLinkWitness,8,&(lvalues[2564]),0}, + NID_id_cmc_popLinkWitness,8,&(lvalues[2569]),0}, {"id-cmc-confirmCertAcceptance","id-cmc-confirmCertAcceptance", - NID_id_cmc_confirmCertAcceptance,8,&(lvalues[2572]),0}, + NID_id_cmc_confirmCertAcceptance,8,&(lvalues[2577]),0}, {"id-on-personalData","id-on-personalData",NID_id_on_personalData,8, - &(lvalues[2580]),0}, + &(lvalues[2585]),0}, {"id-pda-dateOfBirth","id-pda-dateOfBirth",NID_id_pda_dateOfBirth,8, - &(lvalues[2588]),0}, + &(lvalues[2593]),0}, {"id-pda-placeOfBirth","id-pda-placeOfBirth",NID_id_pda_placeOfBirth, - 8,&(lvalues[2596]),0}, -{NULL,NULL,NID_undef,0,NULL}, -{"id-pda-gender","id-pda-gender",NID_id_pda_gender,8,&(lvalues[2604]),0}, + 8,&(lvalues[2601]),0}, +{NULL,NULL,NID_undef,0,NULL,0}, +{"id-pda-gender","id-pda-gender",NID_id_pda_gender,8,&(lvalues[2609]),0}, {"id-pda-countryOfCitizenship","id-pda-countryOfCitizenship", - NID_id_pda_countryOfCitizenship,8,&(lvalues[2612]),0}, + NID_id_pda_countryOfCitizenship,8,&(lvalues[2617]),0}, {"id-pda-countryOfResidence","id-pda-countryOfResidence", - NID_id_pda_countryOfResidence,8,&(lvalues[2620]),0}, + NID_id_pda_countryOfResidence,8,&(lvalues[2625]),0}, {"id-aca-authenticationInfo","id-aca-authenticationInfo", - NID_id_aca_authenticationInfo,8,&(lvalues[2628]),0}, + NID_id_aca_authenticationInfo,8,&(lvalues[2633]),0}, {"id-aca-accessIdentity","id-aca-accessIdentity", - NID_id_aca_accessIdentity,8,&(lvalues[2636]),0}, + NID_id_aca_accessIdentity,8,&(lvalues[2641]),0}, {"id-aca-chargingIdentity","id-aca-chargingIdentity", - NID_id_aca_chargingIdentity,8,&(lvalues[2644]),0}, -{"id-aca-group","id-aca-group",NID_id_aca_group,8,&(lvalues[2652]),0}, -{"id-aca-role","id-aca-role",NID_id_aca_role,8,&(lvalues[2660]),0}, + NID_id_aca_chargingIdentity,8,&(lvalues[2649]),0}, +{"id-aca-group","id-aca-group",NID_id_aca_group,8,&(lvalues[2657]),0}, +{"id-aca-role","id-aca-role",NID_id_aca_role,8,&(lvalues[2665]),0}, {"id-qcs-pkixQCSyntax-v1","id-qcs-pkixQCSyntax-v1", - NID_id_qcs_pkixQCSyntax_v1,8,&(lvalues[2668]),0}, -{"id-cct-crs","id-cct-crs",NID_id_cct_crs,8,&(lvalues[2676]),0}, + NID_id_qcs_pkixQCSyntax_v1,8,&(lvalues[2673]),0}, +{"id-cct-crs","id-cct-crs",NID_id_cct_crs,8,&(lvalues[2681]),0}, {"id-cct-PKIData","id-cct-PKIData",NID_id_cct_PKIData,8, - &(lvalues[2684]),0}, + &(lvalues[2689]),0}, {"id-cct-PKIResponse","id-cct-PKIResponse",NID_id_cct_PKIResponse,8, - &(lvalues[2692]),0}, + &(lvalues[2697]),0}, {"ad_timestamping","AD Time Stamping",NID_ad_timeStamping,8, - &(lvalues[2700]),0}, -{"AD_DVCS","ad dvcs",NID_ad_dvcs,8,&(lvalues[2708]),0}, + &(lvalues[2705]),0}, +{"AD_DVCS","ad dvcs",NID_ad_dvcs,8,&(lvalues[2713]),0}, {"basicOCSPResponse","Basic OCSP Response",NID_id_pkix_OCSP_basic,9, - &(lvalues[2716]),0}, -{"Nonce","OCSP Nonce",NID_id_pkix_OCSP_Nonce,9,&(lvalues[2725]),0}, -{"CrlID","OCSP CRL ID",NID_id_pkix_OCSP_CrlID,9,&(lvalues[2734]),0}, + &(lvalues[2721]),0}, +{"Nonce","OCSP Nonce",NID_id_pkix_OCSP_Nonce,9,&(lvalues[2730]),0}, +{"CrlID","OCSP CRL ID",NID_id_pkix_OCSP_CrlID,9,&(lvalues[2739]),0}, {"acceptableResponses","Acceptable OCSP Responses", - NID_id_pkix_OCSP_acceptableResponses,9,&(lvalues[2743]),0}, -{"noCheck","OCSP No Check",NID_id_pkix_OCSP_noCheck,9,&(lvalues[2752]),0}, + NID_id_pkix_OCSP_acceptableResponses,9,&(lvalues[2748]),0}, +{"noCheck","OCSP No Check",NID_id_pkix_OCSP_noCheck,9,&(lvalues[2757]),0}, {"archiveCutoff","OCSP Archive Cutoff",NID_id_pkix_OCSP_archiveCutoff, - 9,&(lvalues[2761]),0}, + 9,&(lvalues[2766]),0}, {"serviceLocator","OCSP Service Locator", - NID_id_pkix_OCSP_serviceLocator,9,&(lvalues[2770]),0}, + NID_id_pkix_OCSP_serviceLocator,9,&(lvalues[2775]),0}, {"extendedStatus","Extended OCSP Status", - NID_id_pkix_OCSP_extendedStatus,9,&(lvalues[2779]),0}, -{"valid","valid",NID_id_pkix_OCSP_valid,9,&(lvalues[2788]),0}, -{"path","path",NID_id_pkix_OCSP_path,9,&(lvalues[2797]),0}, + NID_id_pkix_OCSP_extendedStatus,9,&(lvalues[2784]),0}, +{"valid","valid",NID_id_pkix_OCSP_valid,9,&(lvalues[2793]),0}, +{"path","path",NID_id_pkix_OCSP_path,9,&(lvalues[2802]),0}, {"trustRoot","Trust Root",NID_id_pkix_OCSP_trustRoot,9, - &(lvalues[2806]),0}, -{"algorithm","algorithm",NID_algorithm,4,&(lvalues[2815]),0}, -{"rsaSignature","rsaSignature",NID_rsaSignature,5,&(lvalues[2819]),0}, + &(lvalues[2811]),0}, +{"algorithm","algorithm",NID_algorithm,4,&(lvalues[2820]),0}, +{"rsaSignature","rsaSignature",NID_rsaSignature,5,&(lvalues[2824]),0}, {"X500algorithms","directory services - algorithms", - NID_X500algorithms,2,&(lvalues[2824]),0}, -{"ORG","org",NID_org,1,&(lvalues[2826]),0}, -{"DOD","dod",NID_dod,2,&(lvalues[2827]),0}, -{"IANA","iana",NID_iana,3,&(lvalues[2829]),0}, -{"directory","Directory",NID_Directory,4,&(lvalues[2832]),0}, -{"mgmt","Management",NID_Management,4,&(lvalues[2836]),0}, -{"experimental","Experimental",NID_Experimental,4,&(lvalues[2840]),0}, -{"private","Private",NID_Private,4,&(lvalues[2844]),0}, -{"security","Security",NID_Security,4,&(lvalues[2848]),0}, -{"snmpv2","SNMPv2",NID_SNMPv2,4,&(lvalues[2852]),0}, -{"Mail","Mail",NID_Mail,4,&(lvalues[2856]),0}, -{"enterprises","Enterprises",NID_Enterprises,5,&(lvalues[2860]),0}, -{"dcobject","dcObject",NID_dcObject,9,&(lvalues[2865]),0}, -{"DC","domainComponent",NID_domainComponent,10,&(lvalues[2874]),0}, -{"domain","Domain",NID_Domain,10,&(lvalues[2884]),0}, -{"JOINT-ISO-CCITT","joint-iso-ccitt",NID_joint_iso_ccitt,1, - &(lvalues[2894]),0}, + NID_X500algorithms,2,&(lvalues[2829]),0}, +{"ORG","org",NID_org,1,&(lvalues[2831]),0}, +{"DOD","dod",NID_dod,2,&(lvalues[2832]),0}, +{"IANA","iana",NID_iana,3,&(lvalues[2834]),0}, +{"directory","Directory",NID_Directory,4,&(lvalues[2837]),0}, +{"mgmt","Management",NID_Management,4,&(lvalues[2841]),0}, +{"experimental","Experimental",NID_Experimental,4,&(lvalues[2845]),0}, +{"private","Private",NID_Private,4,&(lvalues[2849]),0}, +{"security","Security",NID_Security,4,&(lvalues[2853]),0}, +{"snmpv2","SNMPv2",NID_SNMPv2,4,&(lvalues[2857]),0}, +{"Mail","Mail",NID_Mail,4,&(lvalues[2861]),0}, +{"enterprises","Enterprises",NID_Enterprises,5,&(lvalues[2865]),0}, +{"dcobject","dcObject",NID_dcObject,9,&(lvalues[2870]),0}, +{"DC","domainComponent",NID_domainComponent,10,&(lvalues[2879]),0}, +{"domain","Domain",NID_Domain,10,&(lvalues[2889]),0}, +{"NULL","NULL",NID_joint_iso_ccitt,1,&(lvalues[2899]),0}, {"selected-attribute-types","Selected Attribute Types", - NID_selected_attribute_types,3,&(lvalues[2895]),0}, -{"clearance","clearance",NID_clearance,4,&(lvalues[2898]),0}, + NID_selected_attribute_types,3,&(lvalues[2900]),0}, +{"clearance","clearance",NID_clearance,4,&(lvalues[2903]),0}, {"RSA-MD4","md4WithRSAEncryption",NID_md4WithRSAEncryption,9, - &(lvalues[2902]),0}, -{"ac-proxying","ac-proxying",NID_ac_proxying,8,&(lvalues[2911]),0}, + &(lvalues[2907]),0}, +{"ac-proxying","ac-proxying",NID_ac_proxying,8,&(lvalues[2916]),0}, {"subjectInfoAccess","Subject Information Access",NID_sinfo_access,8, - &(lvalues[2919]),0}, + &(lvalues[2924]),0}, {"id-aca-encAttrs","id-aca-encAttrs",NID_id_aca_encAttrs,8, - &(lvalues[2927]),0}, -{"role","role",NID_role,3,&(lvalues[2935]),0}, + &(lvalues[2932]),0}, +{"role","role",NID_role,3,&(lvalues[2940]),0}, {"policyConstraints","X509v3 Policy Constraints", - NID_policy_constraints,3,&(lvalues[2938]),0}, + NID_policy_constraints,3,&(lvalues[2943]),0}, {"targetInformation","X509v3 AC Targeting",NID_target_information,3, - &(lvalues[2941]),0}, + &(lvalues[2946]),0}, {"noRevAvail","X509v3 No Revocation Available",NID_no_rev_avail,3, - &(lvalues[2944]),0}, -{"CCITT","ccitt",NID_ccitt,1,&(lvalues[2947]),0}, -{"ansi-X9-62","ANSI X9.62",NID_ansi_X9_62,5,&(lvalues[2948]),0}, -{"prime-field","prime-field",NID_X9_62_prime_field,7,&(lvalues[2953]),0}, + &(lvalues[2949]),0}, +{"NULL","NULL",NID_ccitt,1,&(lvalues[2952]),0}, +{"ansi-X9-62","ANSI X9.62",NID_ansi_X9_62,5,&(lvalues[2953]),0}, +{"prime-field","prime-field",NID_X9_62_prime_field,7,&(lvalues[2958]),0}, {"characteristic-two-field","characteristic-two-field", - NID_X9_62_characteristic_two_field,7,&(lvalues[2960]),0}, + NID_X9_62_characteristic_two_field,7,&(lvalues[2965]),0}, {"id-ecPublicKey","id-ecPublicKey",NID_X9_62_id_ecPublicKey,7, - &(lvalues[2967]),0}, -{"prime192v1","prime192v1",NID_X9_62_prime192v1,8,&(lvalues[2974]),0}, -{"prime192v2","prime192v2",NID_X9_62_prime192v2,8,&(lvalues[2982]),0}, -{"prime192v3","prime192v3",NID_X9_62_prime192v3,8,&(lvalues[2990]),0}, -{"prime239v1","prime239v1",NID_X9_62_prime239v1,8,&(lvalues[2998]),0}, -{"prime239v2","prime239v2",NID_X9_62_prime239v2,8,&(lvalues[3006]),0}, -{"prime239v3","prime239v3",NID_X9_62_prime239v3,8,&(lvalues[3014]),0}, -{"prime256v1","prime256v1",NID_X9_62_prime256v1,8,&(lvalues[3022]),0}, + &(lvalues[2972]),0}, +{"prime192v1","prime192v1",NID_X9_62_prime192v1,8,&(lvalues[2979]),0}, +{"prime192v2","prime192v2",NID_X9_62_prime192v2,8,&(lvalues[2987]),0}, +{"prime192v3","prime192v3",NID_X9_62_prime192v3,8,&(lvalues[2995]),0}, +{"prime239v1","prime239v1",NID_X9_62_prime239v1,8,&(lvalues[3003]),0}, +{"prime239v2","prime239v2",NID_X9_62_prime239v2,8,&(lvalues[3011]),0}, +{"prime239v3","prime239v3",NID_X9_62_prime239v3,8,&(lvalues[3019]),0}, +{"prime256v1","prime256v1",NID_X9_62_prime256v1,8,&(lvalues[3027]),0}, {"ecdsa-with-SHA1","ecdsa-with-SHA1",NID_ecdsa_with_SHA1,7, - &(lvalues[3030]),0}, -{"CSPName","Microsoft CSP Name",NID_ms_csp_name,9,&(lvalues[3037]),0}, -{"AES-128-ECB","aes-128-ecb",NID_aes_128_ecb,9,&(lvalues[3046]),0}, -{"AES-128-CBC","aes-128-cbc",NID_aes_128_cbc,9,&(lvalues[3055]),0}, -{"AES-128-OFB","aes-128-ofb",NID_aes_128_ofb128,9,&(lvalues[3064]),0}, -{"AES-128-CFB","aes-128-cfb",NID_aes_128_cfb128,9,&(lvalues[3073]),0}, -{"AES-192-ECB","aes-192-ecb",NID_aes_192_ecb,9,&(lvalues[3082]),0}, -{"AES-192-CBC","aes-192-cbc",NID_aes_192_cbc,9,&(lvalues[3091]),0}, -{"AES-192-OFB","aes-192-ofb",NID_aes_192_ofb128,9,&(lvalues[3100]),0}, -{"AES-192-CFB","aes-192-cfb",NID_aes_192_cfb128,9,&(lvalues[3109]),0}, -{"AES-256-ECB","aes-256-ecb",NID_aes_256_ecb,9,&(lvalues[3118]),0}, -{"AES-256-CBC","aes-256-cbc",NID_aes_256_cbc,9,&(lvalues[3127]),0}, -{"AES-256-OFB","aes-256-ofb",NID_aes_256_ofb128,9,&(lvalues[3136]),0}, -{"AES-256-CFB","aes-256-cfb",NID_aes_256_cfb128,9,&(lvalues[3145]),0}, + &(lvalues[3035]),0}, +{"CSPName","Microsoft CSP Name",NID_ms_csp_name,9,&(lvalues[3042]),0}, +{"AES-128-ECB","aes-128-ecb",NID_aes_128_ecb,9,&(lvalues[3051]),0}, +{"AES-128-CBC","aes-128-cbc",NID_aes_128_cbc,9,&(lvalues[3060]),0}, +{"AES-128-OFB","aes-128-ofb",NID_aes_128_ofb128,9,&(lvalues[3069]),0}, +{"AES-128-CFB","aes-128-cfb",NID_aes_128_cfb128,9,&(lvalues[3078]),0}, +{"AES-192-ECB","aes-192-ecb",NID_aes_192_ecb,9,&(lvalues[3087]),0}, +{"AES-192-CBC","aes-192-cbc",NID_aes_192_cbc,9,&(lvalues[3096]),0}, +{"AES-192-OFB","aes-192-ofb",NID_aes_192_ofb128,9,&(lvalues[3105]),0}, +{"AES-192-CFB","aes-192-cfb",NID_aes_192_cfb128,9,&(lvalues[3114]),0}, +{"AES-256-ECB","aes-256-ecb",NID_aes_256_ecb,9,&(lvalues[3123]),0}, +{"AES-256-CBC","aes-256-cbc",NID_aes_256_cbc,9,&(lvalues[3132]),0}, +{"AES-256-OFB","aes-256-ofb",NID_aes_256_ofb128,9,&(lvalues[3141]),0}, +{"AES-256-CFB","aes-256-cfb",NID_aes_256_cfb128,9,&(lvalues[3150]),0}, {"holdInstructionCode","Hold Instruction Code", - NID_hold_instruction_code,3,&(lvalues[3154]),0}, + NID_hold_instruction_code,3,&(lvalues[3159]),0}, {"holdInstructionNone","Hold Instruction None", - NID_hold_instruction_none,7,&(lvalues[3157]),0}, + NID_hold_instruction_none,7,&(lvalues[3162]),0}, {"holdInstructionCallIssuer","Hold Instruction Call Issuer", - NID_hold_instruction_call_issuer,7,&(lvalues[3164]),0}, + NID_hold_instruction_call_issuer,7,&(lvalues[3169]),0}, {"holdInstructionReject","Hold Instruction Reject", - NID_hold_instruction_reject,7,&(lvalues[3171]),0}, -{"data","data",NID_data,1,&(lvalues[3178]),0}, -{"pss","pss",NID_pss,3,&(lvalues[3179]),0}, -{"ucl","ucl",NID_ucl,7,&(lvalues[3182]),0}, -{"pilot","pilot",NID_pilot,8,&(lvalues[3189]),0}, + NID_hold_instruction_reject,7,&(lvalues[3176]),0}, +{"data","data",NID_data,1,&(lvalues[3183]),0}, +{"pss","pss",NID_pss,3,&(lvalues[3184]),0}, +{"ucl","ucl",NID_ucl,7,&(lvalues[3187]),0}, +{"pilot","pilot",NID_pilot,8,&(lvalues[3194]),0}, {"pilotAttributeType","pilotAttributeType",NID_pilotAttributeType,9, - &(lvalues[3197]),0}, + &(lvalues[3202]),0}, {"pilotAttributeSyntax","pilotAttributeSyntax", - NID_pilotAttributeSyntax,9,&(lvalues[3206]),0}, + NID_pilotAttributeSyntax,9,&(lvalues[3211]),0}, {"pilotObjectClass","pilotObjectClass",NID_pilotObjectClass,9, - &(lvalues[3215]),0}, -{"pilotGroups","pilotGroups",NID_pilotGroups,9,&(lvalues[3224]),0}, + &(lvalues[3220]),0}, +{"pilotGroups","pilotGroups",NID_pilotGroups,9,&(lvalues[3229]),0}, {"iA5StringSyntax","iA5StringSyntax",NID_iA5StringSyntax,10, - &(lvalues[3233]),0}, + &(lvalues[3238]),0}, {"caseIgnoreIA5StringSyntax","caseIgnoreIA5StringSyntax", - NID_caseIgnoreIA5StringSyntax,10,&(lvalues[3243]),0}, -{"pilotObject","pilotObject",NID_pilotObject,10,&(lvalues[3253]),0}, -{"pilotPerson","pilotPerson",NID_pilotPerson,10,&(lvalues[3263]),0}, -{"account","account",NID_account,10,&(lvalues[3273]),0}, -{"document","document",NID_document,10,&(lvalues[3283]),0}, -{"room","room",NID_room,10,&(lvalues[3293]),0}, + NID_caseIgnoreIA5StringSyntax,10,&(lvalues[3248]),0}, +{"pilotObject","pilotObject",NID_pilotObject,10,&(lvalues[3258]),0}, +{"pilotPerson","pilotPerson",NID_pilotPerson,10,&(lvalues[3268]),0}, +{"account","account",NID_account,10,&(lvalues[3278]),0}, +{"document","document",NID_document,10,&(lvalues[3288]),0}, +{"room","room",NID_room,10,&(lvalues[3298]),0}, {"documentSeries","documentSeries",NID_documentSeries,10, - &(lvalues[3303]),0}, + &(lvalues[3308]),0}, {"rFC822localPart","rFC822localPart",NID_rFC822localPart,10, - &(lvalues[3313]),0}, -{"dNSDomain","dNSDomain",NID_dNSDomain,10,&(lvalues[3323]),0}, + &(lvalues[3318]),0}, +{"dNSDomain","dNSDomain",NID_dNSDomain,10,&(lvalues[3328]),0}, {"domainRelatedObject","domainRelatedObject",NID_domainRelatedObject, - 10,&(lvalues[3333]),0}, + 10,&(lvalues[3338]),0}, {"friendlyCountry","friendlyCountry",NID_friendlyCountry,10, - &(lvalues[3343]),0}, + &(lvalues[3348]),0}, {"simpleSecurityObject","simpleSecurityObject", - NID_simpleSecurityObject,10,&(lvalues[3353]),0}, + NID_simpleSecurityObject,10,&(lvalues[3358]),0}, {"pilotOrganization","pilotOrganization",NID_pilotOrganization,10, - &(lvalues[3363]),0}, -{"pilotDSA","pilotDSA",NID_pilotDSA,10,&(lvalues[3373]),0}, + &(lvalues[3368]),0}, +{"pilotDSA","pilotDSA",NID_pilotDSA,10,&(lvalues[3378]),0}, {"qualityLabelledData","qualityLabelledData",NID_qualityLabelledData, - 10,&(lvalues[3383]),0}, -{"UID","userId",NID_userId,10,&(lvalues[3393]),0}, + 10,&(lvalues[3388]),0}, +{"UID","userId",NID_userId,10,&(lvalues[3398]),0}, {"textEncodedORAddress","textEncodedORAddress", - NID_textEncodedORAddress,10,&(lvalues[3403]),0}, -{"mail","rfc822Mailbox",NID_rfc822Mailbox,10,&(lvalues[3413]),0}, -{"info","info",NID_info,10,&(lvalues[3423]),0}, + NID_textEncodedORAddress,10,&(lvalues[3408]),0}, +{"mail","rfc822Mailbox",NID_rfc822Mailbox,10,&(lvalues[3418]),0}, +{"info","info",NID_info,10,&(lvalues[3428]),0}, {"favouriteDrink","favouriteDrink",NID_favouriteDrink,10, - &(lvalues[3433]),0}, -{"roomNumber","roomNumber",NID_roomNumber,10,&(lvalues[3443]),0}, -{"photo","photo",NID_photo,10,&(lvalues[3453]),0}, -{"userClass","userClass",NID_userClass,10,&(lvalues[3463]),0}, -{"host","host",NID_host,10,&(lvalues[3473]),0}, -{"manager","manager",NID_manager,10,&(lvalues[3483]),0}, + &(lvalues[3438]),0}, +{"roomNumber","roomNumber",NID_roomNumber,10,&(lvalues[3448]),0}, +{"photo","photo",NID_photo,10,&(lvalues[3458]),0}, +{"userClass","userClass",NID_userClass,10,&(lvalues[3468]),0}, +{"host","host",NID_host,10,&(lvalues[3478]),0}, +{"manager","manager",NID_manager,10,&(lvalues[3488]),0}, {"documentIdentifier","documentIdentifier",NID_documentIdentifier,10, - &(lvalues[3493]),0}, -{"documentTitle","documentTitle",NID_documentTitle,10,&(lvalues[3503]),0}, + &(lvalues[3498]),0}, +{"documentTitle","documentTitle",NID_documentTitle,10,&(lvalues[3508]),0}, {"documentVersion","documentVersion",NID_documentVersion,10, - &(lvalues[3513]),0}, + &(lvalues[3518]),0}, {"documentAuthor","documentAuthor",NID_documentAuthor,10, - &(lvalues[3523]),0}, + &(lvalues[3528]),0}, {"documentLocation","documentLocation",NID_documentLocation,10, - &(lvalues[3533]),0}, + &(lvalues[3538]),0}, {"homeTelephoneNumber","homeTelephoneNumber",NID_homeTelephoneNumber, - 10,&(lvalues[3543]),0}, -{"secretary","secretary",NID_secretary,10,&(lvalues[3553]),0}, -{"otherMailbox","otherMailbox",NID_otherMailbox,10,&(lvalues[3563]),0}, + 10,&(lvalues[3548]),0}, +{"secretary","secretary",NID_secretary,10,&(lvalues[3558]),0}, +{"otherMailbox","otherMailbox",NID_otherMailbox,10,&(lvalues[3568]),0}, {"lastModifiedTime","lastModifiedTime",NID_lastModifiedTime,10, - &(lvalues[3573]),0}, + &(lvalues[3578]),0}, {"lastModifiedBy","lastModifiedBy",NID_lastModifiedBy,10, - &(lvalues[3583]),0}, -{"aRecord","aRecord",NID_aRecord,10,&(lvalues[3593]),0}, + &(lvalues[3588]),0}, +{"aRecord","aRecord",NID_aRecord,10,&(lvalues[3598]),0}, {"pilotAttributeType27","pilotAttributeType27", - NID_pilotAttributeType27,10,&(lvalues[3603]),0}, -{"mXRecord","mXRecord",NID_mXRecord,10,&(lvalues[3613]),0}, -{"nSRecord","nSRecord",NID_nSRecord,10,&(lvalues[3623]),0}, -{"sOARecord","sOARecord",NID_sOARecord,10,&(lvalues[3633]),0}, -{"cNAMERecord","cNAMERecord",NID_cNAMERecord,10,&(lvalues[3643]),0}, + NID_pilotAttributeType27,10,&(lvalues[3608]),0}, +{"mXRecord","mXRecord",NID_mXRecord,10,&(lvalues[3618]),0}, +{"nSRecord","nSRecord",NID_nSRecord,10,&(lvalues[3628]),0}, +{"sOARecord","sOARecord",NID_sOARecord,10,&(lvalues[3638]),0}, +{"cNAMERecord","cNAMERecord",NID_cNAMERecord,10,&(lvalues[3648]),0}, {"associatedDomain","associatedDomain",NID_associatedDomain,10, - &(lvalues[3653]),0}, + &(lvalues[3658]),0}, {"associatedName","associatedName",NID_associatedName,10, - &(lvalues[3663]),0}, + &(lvalues[3668]),0}, {"homePostalAddress","homePostalAddress",NID_homePostalAddress,10, - &(lvalues[3673]),0}, -{"personalTitle","personalTitle",NID_personalTitle,10,&(lvalues[3683]),0}, + &(lvalues[3678]),0}, +{"personalTitle","personalTitle",NID_personalTitle,10,&(lvalues[3688]),0}, {"mobileTelephoneNumber","mobileTelephoneNumber", - NID_mobileTelephoneNumber,10,&(lvalues[3693]),0}, + NID_mobileTelephoneNumber,10,&(lvalues[3698]),0}, {"pagerTelephoneNumber","pagerTelephoneNumber", - NID_pagerTelephoneNumber,10,&(lvalues[3703]),0}, + NID_pagerTelephoneNumber,10,&(lvalues[3708]),0}, {"friendlyCountryName","friendlyCountryName",NID_friendlyCountryName, - 10,&(lvalues[3713]),0}, + 10,&(lvalues[3718]),0}, {"organizationalStatus","organizationalStatus", - NID_organizationalStatus,10,&(lvalues[3723]),0}, -{"janetMailbox","janetMailbox",NID_janetMailbox,10,&(lvalues[3733]),0}, + NID_organizationalStatus,10,&(lvalues[3728]),0}, +{"janetMailbox","janetMailbox",NID_janetMailbox,10,&(lvalues[3738]),0}, {"mailPreferenceOption","mailPreferenceOption", - NID_mailPreferenceOption,10,&(lvalues[3743]),0}, -{"buildingName","buildingName",NID_buildingName,10,&(lvalues[3753]),0}, -{"dSAQuality","dSAQuality",NID_dSAQuality,10,&(lvalues[3763]),0}, + NID_mailPreferenceOption,10,&(lvalues[3748]),0}, +{"buildingName","buildingName",NID_buildingName,10,&(lvalues[3758]),0}, +{"dSAQuality","dSAQuality",NID_dSAQuality,10,&(lvalues[3768]),0}, {"singleLevelQuality","singleLevelQuality",NID_singleLevelQuality,10, - &(lvalues[3773]),0}, + &(lvalues[3778]),0}, {"subtreeMinimumQuality","subtreeMinimumQuality", - NID_subtreeMinimumQuality,10,&(lvalues[3783]),0}, + NID_subtreeMinimumQuality,10,&(lvalues[3788]),0}, {"subtreeMaximumQuality","subtreeMaximumQuality", - NID_subtreeMaximumQuality,10,&(lvalues[3793]),0}, + NID_subtreeMaximumQuality,10,&(lvalues[3798]),0}, {"personalSignature","personalSignature",NID_personalSignature,10, - &(lvalues[3803]),0}, -{"dITRedirect","dITRedirect",NID_dITRedirect,10,&(lvalues[3813]),0}, -{"audio","audio",NID_audio,10,&(lvalues[3823]),0}, + &(lvalues[3808]),0}, +{"dITRedirect","dITRedirect",NID_dITRedirect,10,&(lvalues[3818]),0}, +{"audio","audio",NID_audio,10,&(lvalues[3828]),0}, {"documentPublisher","documentPublisher",NID_documentPublisher,10, - &(lvalues[3833]),0}, + &(lvalues[3838]),0}, {"x500UniqueIdentifier","x500UniqueIdentifier", - NID_x500UniqueIdentifier,3,&(lvalues[3843]),0}, -{"mime-mhs","MIME MHS",NID_mime_mhs,5,&(lvalues[3846]),0}, + NID_x500UniqueIdentifier,3,&(lvalues[3848]),0}, +{"mime-mhs","MIME MHS",NID_mime_mhs,5,&(lvalues[3851]),0}, {"mime-mhs-headings","mime-mhs-headings",NID_mime_mhs_headings,6, - &(lvalues[3851]),0}, + &(lvalues[3856]),0}, {"mime-mhs-bodies","mime-mhs-bodies",NID_mime_mhs_bodies,6, - &(lvalues[3857]),0}, + &(lvalues[3862]),0}, {"id-hex-partial-message","id-hex-partial-message", - NID_id_hex_partial_message,7,&(lvalues[3863]),0}, + NID_id_hex_partial_message,7,&(lvalues[3868]),0}, {"id-hex-multipart-message","id-hex-multipart-message", - NID_id_hex_multipart_message,7,&(lvalues[3870]),0}, + NID_id_hex_multipart_message,7,&(lvalues[3875]),0}, {"generationQualifier","generationQualifier",NID_generationQualifier, - 3,&(lvalues[3877]),0}, -{"pseudonym","pseudonym",NID_pseudonym,3,&(lvalues[3880]),0}, -{NULL,NULL,NID_undef,0,NULL}, + 3,&(lvalues[3882]),0}, +{"pseudonym","pseudonym",NID_pseudonym,3,&(lvalues[3885]),0}, +{NULL,NULL,NID_undef,0,NULL,0}, {"id-set","Secure Electronic Transactions",NID_id_set,2, - &(lvalues[3883]),0}, -{"set-ctype","content types",NID_set_ctype,3,&(lvalues[3885]),0}, -{"set-msgExt","message extensions",NID_set_msgExt,3,&(lvalues[3888]),0}, -{"set-attr","set-attr",NID_set_attr,3,&(lvalues[3891]),0}, -{"set-policy","set-policy",NID_set_policy,3,&(lvalues[3894]),0}, + &(lvalues[3888]),0}, +{"set-ctype","content types",NID_set_ctype,3,&(lvalues[3890]),0}, +{"set-msgExt","message extensions",NID_set_msgExt,3,&(lvalues[3893]),0}, +{"set-attr","set-attr",NID_set_attr,3,&(lvalues[3896]),0}, +{"set-policy","set-policy",NID_set_policy,3,&(lvalues[3899]),0}, {"set-certExt","certificate extensions",NID_set_certExt,3, - &(lvalues[3897]),0}, -{"set-brand","set-brand",NID_set_brand,3,&(lvalues[3900]),0}, -{"setct-PANData","setct-PANData",NID_setct_PANData,4,&(lvalues[3903]),0}, + &(lvalues[3902]),0}, +{"set-brand","set-brand",NID_set_brand,3,&(lvalues[3905]),0}, +{"setct-PANData","setct-PANData",NID_setct_PANData,4,&(lvalues[3908]),0}, {"setct-PANToken","setct-PANToken",NID_setct_PANToken,4, - &(lvalues[3907]),0}, -{"setct-PANOnly","setct-PANOnly",NID_setct_PANOnly,4,&(lvalues[3911]),0}, -{"setct-OIData","setct-OIData",NID_setct_OIData,4,&(lvalues[3915]),0}, -{"setct-PI","setct-PI",NID_setct_PI,4,&(lvalues[3919]),0}, -{"setct-PIData","setct-PIData",NID_setct_PIData,4,&(lvalues[3923]),0}, + &(lvalues[3912]),0}, +{"setct-PANOnly","setct-PANOnly",NID_setct_PANOnly,4,&(lvalues[3916]),0}, +{"setct-OIData","setct-OIData",NID_setct_OIData,4,&(lvalues[3920]),0}, +{"setct-PI","setct-PI",NID_setct_PI,4,&(lvalues[3924]),0}, +{"setct-PIData","setct-PIData",NID_setct_PIData,4,&(lvalues[3928]),0}, {"setct-PIDataUnsigned","setct-PIDataUnsigned", - NID_setct_PIDataUnsigned,4,&(lvalues[3927]),0}, + NID_setct_PIDataUnsigned,4,&(lvalues[3932]),0}, {"setct-HODInput","setct-HODInput",NID_setct_HODInput,4, - &(lvalues[3931]),0}, + &(lvalues[3936]),0}, {"setct-AuthResBaggage","setct-AuthResBaggage", - NID_setct_AuthResBaggage,4,&(lvalues[3935]),0}, + NID_setct_AuthResBaggage,4,&(lvalues[3940]),0}, {"setct-AuthRevReqBaggage","setct-AuthRevReqBaggage", - NID_setct_AuthRevReqBaggage,4,&(lvalues[3939]),0}, + NID_setct_AuthRevReqBaggage,4,&(lvalues[3944]),0}, {"setct-AuthRevResBaggage","setct-AuthRevResBaggage", - NID_setct_AuthRevResBaggage,4,&(lvalues[3943]),0}, + NID_setct_AuthRevResBaggage,4,&(lvalues[3948]),0}, {"setct-CapTokenSeq","setct-CapTokenSeq",NID_setct_CapTokenSeq,4, - &(lvalues[3947]),0}, + &(lvalues[3952]),0}, {"setct-PInitResData","setct-PInitResData",NID_setct_PInitResData,4, - &(lvalues[3951]),0}, -{"setct-PI-TBS","setct-PI-TBS",NID_setct_PI_TBS,4,&(lvalues[3955]),0}, + &(lvalues[3956]),0}, +{"setct-PI-TBS","setct-PI-TBS",NID_setct_PI_TBS,4,&(lvalues[3960]),0}, {"setct-PResData","setct-PResData",NID_setct_PResData,4, - &(lvalues[3959]),0}, + &(lvalues[3964]),0}, {"setct-AuthReqTBS","setct-AuthReqTBS",NID_setct_AuthReqTBS,4, - &(lvalues[3963]),0}, + &(lvalues[3968]),0}, {"setct-AuthResTBS","setct-AuthResTBS",NID_setct_AuthResTBS,4, - &(lvalues[3967]),0}, + &(lvalues[3972]),0}, {"setct-AuthResTBSX","setct-AuthResTBSX",NID_setct_AuthResTBSX,4, - &(lvalues[3971]),0}, + &(lvalues[3976]),0}, {"setct-AuthTokenTBS","setct-AuthTokenTBS",NID_setct_AuthTokenTBS,4, - &(lvalues[3975]),0}, + &(lvalues[3980]),0}, {"setct-CapTokenData","setct-CapTokenData",NID_setct_CapTokenData,4, - &(lvalues[3979]),0}, + &(lvalues[3984]),0}, {"setct-CapTokenTBS","setct-CapTokenTBS",NID_setct_CapTokenTBS,4, - &(lvalues[3983]),0}, + &(lvalues[3988]),0}, {"setct-AcqCardCodeMsg","setct-AcqCardCodeMsg", - NID_setct_AcqCardCodeMsg,4,&(lvalues[3987]),0}, + NID_setct_AcqCardCodeMsg,4,&(lvalues[3992]),0}, {"setct-AuthRevReqTBS","setct-AuthRevReqTBS",NID_setct_AuthRevReqTBS, - 4,&(lvalues[3991]),0}, + 4,&(lvalues[3996]),0}, {"setct-AuthRevResData","setct-AuthRevResData", - NID_setct_AuthRevResData,4,&(lvalues[3995]),0}, + NID_setct_AuthRevResData,4,&(lvalues[4000]),0}, {"setct-AuthRevResTBS","setct-AuthRevResTBS",NID_setct_AuthRevResTBS, - 4,&(lvalues[3999]),0}, + 4,&(lvalues[4004]),0}, {"setct-CapReqTBS","setct-CapReqTBS",NID_setct_CapReqTBS,4, - &(lvalues[4003]),0}, + &(lvalues[4008]),0}, {"setct-CapReqTBSX","setct-CapReqTBSX",NID_setct_CapReqTBSX,4, - &(lvalues[4007]),0}, + &(lvalues[4012]),0}, {"setct-CapResData","setct-CapResData",NID_setct_CapResData,4, - &(lvalues[4011]),0}, + &(lvalues[4016]),0}, {"setct-CapRevReqTBS","setct-CapRevReqTBS",NID_setct_CapRevReqTBS,4, - &(lvalues[4015]),0}, + &(lvalues[4020]),0}, {"setct-CapRevReqTBSX","setct-CapRevReqTBSX",NID_setct_CapRevReqTBSX, - 4,&(lvalues[4019]),0}, + 4,&(lvalues[4024]),0}, {"setct-CapRevResData","setct-CapRevResData",NID_setct_CapRevResData, - 4,&(lvalues[4023]),0}, + 4,&(lvalues[4028]),0}, {"setct-CredReqTBS","setct-CredReqTBS",NID_setct_CredReqTBS,4, - &(lvalues[4027]),0}, + &(lvalues[4032]),0}, {"setct-CredReqTBSX","setct-CredReqTBSX",NID_setct_CredReqTBSX,4, - &(lvalues[4031]),0}, + &(lvalues[4036]),0}, {"setct-CredResData","setct-CredResData",NID_setct_CredResData,4, - &(lvalues[4035]),0}, + &(lvalues[4040]),0}, {"setct-CredRevReqTBS","setct-CredRevReqTBS",NID_setct_CredRevReqTBS, - 4,&(lvalues[4039]),0}, + 4,&(lvalues[4044]),0}, {"setct-CredRevReqTBSX","setct-CredRevReqTBSX", - NID_setct_CredRevReqTBSX,4,&(lvalues[4043]),0}, + NID_setct_CredRevReqTBSX,4,&(lvalues[4048]),0}, {"setct-CredRevResData","setct-CredRevResData", - NID_setct_CredRevResData,4,&(lvalues[4047]),0}, + NID_setct_CredRevResData,4,&(lvalues[4052]),0}, {"setct-PCertReqData","setct-PCertReqData",NID_setct_PCertReqData,4, - &(lvalues[4051]),0}, + &(lvalues[4056]),0}, {"setct-PCertResTBS","setct-PCertResTBS",NID_setct_PCertResTBS,4, - &(lvalues[4055]),0}, + &(lvalues[4060]),0}, {"setct-BatchAdminReqData","setct-BatchAdminReqData", - NID_setct_BatchAdminReqData,4,&(lvalues[4059]),0}, + NID_setct_BatchAdminReqData,4,&(lvalues[4064]),0}, {"setct-BatchAdminResData","setct-BatchAdminResData", - NID_setct_BatchAdminResData,4,&(lvalues[4063]),0}, + NID_setct_BatchAdminResData,4,&(lvalues[4068]),0}, {"setct-CardCInitResTBS","setct-CardCInitResTBS", - NID_setct_CardCInitResTBS,4,&(lvalues[4067]),0}, + NID_setct_CardCInitResTBS,4,&(lvalues[4072]),0}, {"setct-MeAqCInitResTBS","setct-MeAqCInitResTBS", - NID_setct_MeAqCInitResTBS,4,&(lvalues[4071]),0}, + NID_setct_MeAqCInitResTBS,4,&(lvalues[4076]),0}, {"setct-RegFormResTBS","setct-RegFormResTBS",NID_setct_RegFormResTBS, - 4,&(lvalues[4075]),0}, + 4,&(lvalues[4080]),0}, {"setct-CertReqData","setct-CertReqData",NID_setct_CertReqData,4, - &(lvalues[4079]),0}, + &(lvalues[4084]),0}, {"setct-CertReqTBS","setct-CertReqTBS",NID_setct_CertReqTBS,4, - &(lvalues[4083]),0}, + &(lvalues[4088]),0}, {"setct-CertResData","setct-CertResData",NID_setct_CertResData,4, - &(lvalues[4087]),0}, + &(lvalues[4092]),0}, {"setct-CertInqReqTBS","setct-CertInqReqTBS",NID_setct_CertInqReqTBS, - 4,&(lvalues[4091]),0}, + 4,&(lvalues[4096]),0}, {"setct-ErrorTBS","setct-ErrorTBS",NID_setct_ErrorTBS,4, - &(lvalues[4095]),0}, + &(lvalues[4100]),0}, {"setct-PIDualSignedTBE","setct-PIDualSignedTBE", - NID_setct_PIDualSignedTBE,4,&(lvalues[4099]),0}, + NID_setct_PIDualSignedTBE,4,&(lvalues[4104]),0}, {"setct-PIUnsignedTBE","setct-PIUnsignedTBE",NID_setct_PIUnsignedTBE, - 4,&(lvalues[4103]),0}, + 4,&(lvalues[4108]),0}, {"setct-AuthReqTBE","setct-AuthReqTBE",NID_setct_AuthReqTBE,4, - &(lvalues[4107]),0}, + &(lvalues[4112]),0}, {"setct-AuthResTBE","setct-AuthResTBE",NID_setct_AuthResTBE,4, - &(lvalues[4111]),0}, + &(lvalues[4116]),0}, {"setct-AuthResTBEX","setct-AuthResTBEX",NID_setct_AuthResTBEX,4, - &(lvalues[4115]),0}, + &(lvalues[4120]),0}, {"setct-AuthTokenTBE","setct-AuthTokenTBE",NID_setct_AuthTokenTBE,4, - &(lvalues[4119]),0}, + &(lvalues[4124]),0}, {"setct-CapTokenTBE","setct-CapTokenTBE",NID_setct_CapTokenTBE,4, - &(lvalues[4123]),0}, + &(lvalues[4128]),0}, {"setct-CapTokenTBEX","setct-CapTokenTBEX",NID_setct_CapTokenTBEX,4, - &(lvalues[4127]),0}, + &(lvalues[4132]),0}, {"setct-AcqCardCodeMsgTBE","setct-AcqCardCodeMsgTBE", - NID_setct_AcqCardCodeMsgTBE,4,&(lvalues[4131]),0}, + NID_setct_AcqCardCodeMsgTBE,4,&(lvalues[4136]),0}, {"setct-AuthRevReqTBE","setct-AuthRevReqTBE",NID_setct_AuthRevReqTBE, - 4,&(lvalues[4135]),0}, + 4,&(lvalues[4140]),0}, {"setct-AuthRevResTBE","setct-AuthRevResTBE",NID_setct_AuthRevResTBE, - 4,&(lvalues[4139]),0}, + 4,&(lvalues[4144]),0}, {"setct-AuthRevResTBEB","setct-AuthRevResTBEB", - NID_setct_AuthRevResTBEB,4,&(lvalues[4143]),0}, + NID_setct_AuthRevResTBEB,4,&(lvalues[4148]),0}, {"setct-CapReqTBE","setct-CapReqTBE",NID_setct_CapReqTBE,4, - &(lvalues[4147]),0}, + &(lvalues[4152]),0}, {"setct-CapReqTBEX","setct-CapReqTBEX",NID_setct_CapReqTBEX,4, - &(lvalues[4151]),0}, + &(lvalues[4156]),0}, {"setct-CapResTBE","setct-CapResTBE",NID_setct_CapResTBE,4, - &(lvalues[4155]),0}, + &(lvalues[4160]),0}, {"setct-CapRevReqTBE","setct-CapRevReqTBE",NID_setct_CapRevReqTBE,4, - &(lvalues[4159]),0}, + &(lvalues[4164]),0}, {"setct-CapRevReqTBEX","setct-CapRevReqTBEX",NID_setct_CapRevReqTBEX, - 4,&(lvalues[4163]),0}, + 4,&(lvalues[4168]),0}, {"setct-CapRevResTBE","setct-CapRevResTBE",NID_setct_CapRevResTBE,4, - &(lvalues[4167]),0}, + &(lvalues[4172]),0}, {"setct-CredReqTBE","setct-CredReqTBE",NID_setct_CredReqTBE,4, - &(lvalues[4171]),0}, + &(lvalues[4176]),0}, {"setct-CredReqTBEX","setct-CredReqTBEX",NID_setct_CredReqTBEX,4, - &(lvalues[4175]),0}, + &(lvalues[4180]),0}, {"setct-CredResTBE","setct-CredResTBE",NID_setct_CredResTBE,4, - &(lvalues[4179]),0}, + &(lvalues[4184]),0}, {"setct-CredRevReqTBE","setct-CredRevReqTBE",NID_setct_CredRevReqTBE, - 4,&(lvalues[4183]),0}, + 4,&(lvalues[4188]),0}, {"setct-CredRevReqTBEX","setct-CredRevReqTBEX", - NID_setct_CredRevReqTBEX,4,&(lvalues[4187]),0}, + NID_setct_CredRevReqTBEX,4,&(lvalues[4192]),0}, {"setct-CredRevResTBE","setct-CredRevResTBE",NID_setct_CredRevResTBE, - 4,&(lvalues[4191]),0}, + 4,&(lvalues[4196]),0}, {"setct-BatchAdminReqTBE","setct-BatchAdminReqTBE", - NID_setct_BatchAdminReqTBE,4,&(lvalues[4195]),0}, + NID_setct_BatchAdminReqTBE,4,&(lvalues[4200]),0}, {"setct-BatchAdminResTBE","setct-BatchAdminResTBE", - NID_setct_BatchAdminResTBE,4,&(lvalues[4199]),0}, + NID_setct_BatchAdminResTBE,4,&(lvalues[4204]),0}, {"setct-RegFormReqTBE","setct-RegFormReqTBE",NID_setct_RegFormReqTBE, - 4,&(lvalues[4203]),0}, + 4,&(lvalues[4208]),0}, {"setct-CertReqTBE","setct-CertReqTBE",NID_setct_CertReqTBE,4, - &(lvalues[4207]),0}, + &(lvalues[4212]),0}, {"setct-CertReqTBEX","setct-CertReqTBEX",NID_setct_CertReqTBEX,4, - &(lvalues[4211]),0}, + &(lvalues[4216]),0}, {"setct-CertResTBE","setct-CertResTBE",NID_setct_CertResTBE,4, - &(lvalues[4215]),0}, + &(lvalues[4220]),0}, {"setct-CRLNotificationTBS","setct-CRLNotificationTBS", - NID_setct_CRLNotificationTBS,4,&(lvalues[4219]),0}, + NID_setct_CRLNotificationTBS,4,&(lvalues[4224]),0}, {"setct-CRLNotificationResTBS","setct-CRLNotificationResTBS", - NID_setct_CRLNotificationResTBS,4,&(lvalues[4223]),0}, + NID_setct_CRLNotificationResTBS,4,&(lvalues[4228]),0}, {"setct-BCIDistributionTBS","setct-BCIDistributionTBS", - NID_setct_BCIDistributionTBS,4,&(lvalues[4227]),0}, + NID_setct_BCIDistributionTBS,4,&(lvalues[4232]),0}, {"setext-genCrypt","generic cryptogram",NID_setext_genCrypt,4, - &(lvalues[4231]),0}, + &(lvalues[4236]),0}, {"setext-miAuth","merchant initiated auth",NID_setext_miAuth,4, - &(lvalues[4235]),0}, + &(lvalues[4240]),0}, {"setext-pinSecure","setext-pinSecure",NID_setext_pinSecure,4, - &(lvalues[4239]),0}, -{"setext-pinAny","setext-pinAny",NID_setext_pinAny,4,&(lvalues[4243]),0}, -{"setext-track2","setext-track2",NID_setext_track2,4,&(lvalues[4247]),0}, + &(lvalues[4244]),0}, +{"setext-pinAny","setext-pinAny",NID_setext_pinAny,4,&(lvalues[4248]),0}, +{"setext-track2","setext-track2",NID_setext_track2,4,&(lvalues[4252]),0}, {"setext-cv","additional verification",NID_setext_cv,4, - &(lvalues[4251]),0}, + &(lvalues[4256]),0}, {"set-policy-root","set-policy-root",NID_set_policy_root,4, - &(lvalues[4255]),0}, + &(lvalues[4260]),0}, {"setCext-hashedRoot","setCext-hashedRoot",NID_setCext_hashedRoot,4, - &(lvalues[4259]),0}, + &(lvalues[4264]),0}, {"setCext-certType","setCext-certType",NID_setCext_certType,4, - &(lvalues[4263]),0}, + &(lvalues[4268]),0}, {"setCext-merchData","setCext-merchData",NID_setCext_merchData,4, - &(lvalues[4267]),0}, + &(lvalues[4272]),0}, {"setCext-cCertRequired","setCext-cCertRequired", - NID_setCext_cCertRequired,4,&(lvalues[4271]),0}, + NID_setCext_cCertRequired,4,&(lvalues[4276]),0}, {"setCext-tunneling","setCext-tunneling",NID_setCext_tunneling,4, - &(lvalues[4275]),0}, + &(lvalues[4280]),0}, {"setCext-setExt","setCext-setExt",NID_setCext_setExt,4, - &(lvalues[4279]),0}, + &(lvalues[4284]),0}, {"setCext-setQualf","setCext-setQualf",NID_setCext_setQualf,4, - &(lvalues[4283]),0}, + &(lvalues[4288]),0}, {"setCext-PGWYcapabilities","setCext-PGWYcapabilities", - NID_setCext_PGWYcapabilities,4,&(lvalues[4287]),0}, + NID_setCext_PGWYcapabilities,4,&(lvalues[4292]),0}, {"setCext-TokenIdentifier","setCext-TokenIdentifier", - NID_setCext_TokenIdentifier,4,&(lvalues[4291]),0}, + NID_setCext_TokenIdentifier,4,&(lvalues[4296]),0}, {"setCext-Track2Data","setCext-Track2Data",NID_setCext_Track2Data,4, - &(lvalues[4295]),0}, + &(lvalues[4300]),0}, {"setCext-TokenType","setCext-TokenType",NID_setCext_TokenType,4, - &(lvalues[4299]),0}, + &(lvalues[4304]),0}, {"setCext-IssuerCapabilities","setCext-IssuerCapabilities", - NID_setCext_IssuerCapabilities,4,&(lvalues[4303]),0}, -{"setAttr-Cert","setAttr-Cert",NID_setAttr_Cert,4,&(lvalues[4307]),0}, + NID_setCext_IssuerCapabilities,4,&(lvalues[4308]),0}, +{"setAttr-Cert","setAttr-Cert",NID_setAttr_Cert,4,&(lvalues[4312]),0}, {"setAttr-PGWYcap","payment gateway capabilities",NID_setAttr_PGWYcap, - 4,&(lvalues[4311]),0}, + 4,&(lvalues[4316]),0}, {"setAttr-TokenType","setAttr-TokenType",NID_setAttr_TokenType,4, - &(lvalues[4315]),0}, + &(lvalues[4320]),0}, {"setAttr-IssCap","issuer capabilities",NID_setAttr_IssCap,4, - &(lvalues[4319]),0}, + &(lvalues[4324]),0}, {"set-rootKeyThumb","set-rootKeyThumb",NID_set_rootKeyThumb,5, - &(lvalues[4323]),0}, -{"set-addPolicy","set-addPolicy",NID_set_addPolicy,5,&(lvalues[4328]),0}, + &(lvalues[4328]),0}, +{"set-addPolicy","set-addPolicy",NID_set_addPolicy,5,&(lvalues[4333]),0}, {"setAttr-Token-EMV","setAttr-Token-EMV",NID_setAttr_Token_EMV,5, - &(lvalues[4333]),0}, + &(lvalues[4338]),0}, {"setAttr-Token-B0Prime","setAttr-Token-B0Prime", - NID_setAttr_Token_B0Prime,5,&(lvalues[4338]),0}, + NID_setAttr_Token_B0Prime,5,&(lvalues[4343]),0}, {"setAttr-IssCap-CVM","setAttr-IssCap-CVM",NID_setAttr_IssCap_CVM,5, - &(lvalues[4343]),0}, -{"setAttr-IssCap-T2","setAttr-IssCap-T2",NID_setAttr_IssCap_T2,5, &(lvalues[4348]),0}, -{"setAttr-IssCap-Sig","setAttr-IssCap-Sig",NID_setAttr_IssCap_Sig,5, +{"setAttr-IssCap-T2","setAttr-IssCap-T2",NID_setAttr_IssCap_T2,5, &(lvalues[4353]),0}, +{"setAttr-IssCap-Sig","setAttr-IssCap-Sig",NID_setAttr_IssCap_Sig,5, + &(lvalues[4358]),0}, {"setAttr-GenCryptgrm","generate cryptogram",NID_setAttr_GenCryptgrm, - 6,&(lvalues[4358]),0}, + 6,&(lvalues[4363]),0}, {"setAttr-T2Enc","encrypted track 2",NID_setAttr_T2Enc,6, - &(lvalues[4364]),0}, + &(lvalues[4369]),0}, {"setAttr-T2cleartxt","cleartext track 2",NID_setAttr_T2cleartxt,6, - &(lvalues[4370]),0}, + &(lvalues[4375]),0}, {"setAttr-TokICCsig","ICC or token signature",NID_setAttr_TokICCsig,6, - &(lvalues[4376]),0}, + &(lvalues[4381]),0}, {"setAttr-SecDevSig","secure device signature",NID_setAttr_SecDevSig, - 6,&(lvalues[4382]),0}, + 6,&(lvalues[4387]),0}, {"set-brand-IATA-ATA","set-brand-IATA-ATA",NID_set_brand_IATA_ATA,4, - &(lvalues[4388]),0}, + &(lvalues[4393]),0}, {"set-brand-Diners","set-brand-Diners",NID_set_brand_Diners,4, - &(lvalues[4392]),0}, + &(lvalues[4397]),0}, {"set-brand-AmericanExpress","set-brand-AmericanExpress", - NID_set_brand_AmericanExpress,4,&(lvalues[4396]),0}, -{"set-brand-JCB","set-brand-JCB",NID_set_brand_JCB,4,&(lvalues[4400]),0}, + NID_set_brand_AmericanExpress,4,&(lvalues[4401]),0}, +{"set-brand-JCB","set-brand-JCB",NID_set_brand_JCB,4,&(lvalues[4405]),0}, {"set-brand-Visa","set-brand-Visa",NID_set_brand_Visa,4, - &(lvalues[4404]),0}, + &(lvalues[4409]),0}, {"set-brand-MasterCard","set-brand-MasterCard", - NID_set_brand_MasterCard,4,&(lvalues[4408]),0}, + NID_set_brand_MasterCard,4,&(lvalues[4413]),0}, {"set-brand-Novus","set-brand-Novus",NID_set_brand_Novus,5, - &(lvalues[4412]),0}, -{"DES-CDMF","des-cdmf",NID_des_cdmf,8,&(lvalues[4417]),0}, + &(lvalues[4417]),0}, +{"DES-CDMF","des-cdmf",NID_des_cdmf,8,&(lvalues[4422]),0}, {"rsaOAEPEncryptionSET","rsaOAEPEncryptionSET", - NID_rsaOAEPEncryptionSET,9,&(lvalues[4425]),0}, -{NULL,NULL,NID_undef,0,NULL}, -{NULL,NULL,NID_undef,0,NULL}, -{NULL,NULL,NID_undef,0,NULL}, + NID_rsaOAEPEncryptionSET,9,&(lvalues[4430]),0}, +{"ITU-T","itu-t",NID_itu_t,1,&(lvalues[4439]),0}, +{"JOINT-ISO-ITU-T","joint-iso-itu-t",NID_joint_iso_itu_t,1, + &(lvalues[4440]),0}, +{"international-organizations","International Organizations", + NID_international_organizations,1,&(lvalues[4441]),0}, {"msSmartcardLogin","Microsoft Smartcardlogin",NID_ms_smartcard_login, - 10,&(lvalues[4434]),0}, + 10,&(lvalues[4442]),0}, {"msUPN","Microsoft Universal Principal Name",NID_ms_upn,10, - &(lvalues[4444]),0}, -{"AES-128-CFB1","aes-128-cfb1",NID_aes_128_cfb1,0,NULL}, -{"AES-192-CFB1","aes-192-cfb1",NID_aes_192_cfb1,0,NULL}, -{"AES-256-CFB1","aes-256-cfb1",NID_aes_256_cfb1,0,NULL}, -{"AES-128-CFB8","aes-128-cfb8",NID_aes_128_cfb8,0,NULL}, -{"AES-192-CFB8","aes-192-cfb8",NID_aes_192_cfb8,0,NULL}, -{"AES-256-CFB8","aes-256-cfb8",NID_aes_256_cfb8,0,NULL}, -{"DES-CFB1","des-cfb1",NID_des_cfb1,0,NULL}, -{"DES-CFB8","des-cfb8",NID_des_cfb8,0,NULL}, -{"DES-EDE3-CFB1","des-ede3-cfb1",NID_des_ede3_cfb1,0,NULL}, -{"DES-EDE3-CFB8","des-ede3-cfb8",NID_des_ede3_cfb8,0,NULL}, -{"streetAddress","streetAddress",NID_streetAddress,3,&(lvalues[4454]),0}, -{"postalCode","postalCode",NID_postalCode,3,&(lvalues[4457]),0}, -{"id-ppl","id-ppl",NID_id_ppl,7,&(lvalues[4460]),0}, + &(lvalues[4452]),0}, +{"AES-128-CFB1","aes-128-cfb1",NID_aes_128_cfb1,0,NULL,0}, +{"AES-192-CFB1","aes-192-cfb1",NID_aes_192_cfb1,0,NULL,0}, +{"AES-256-CFB1","aes-256-cfb1",NID_aes_256_cfb1,0,NULL,0}, +{"AES-128-CFB8","aes-128-cfb8",NID_aes_128_cfb8,0,NULL,0}, +{"AES-192-CFB8","aes-192-cfb8",NID_aes_192_cfb8,0,NULL,0}, +{"AES-256-CFB8","aes-256-cfb8",NID_aes_256_cfb8,0,NULL,0}, +{"DES-CFB1","des-cfb1",NID_des_cfb1,0,NULL,0}, +{"DES-CFB8","des-cfb8",NID_des_cfb8,0,NULL,0}, +{"DES-EDE3-CFB1","des-ede3-cfb1",NID_des_ede3_cfb1,0,NULL,0}, +{"DES-EDE3-CFB8","des-ede3-cfb8",NID_des_ede3_cfb8,0,NULL,0}, +{"streetAddress","streetAddress",NID_streetAddress,3,&(lvalues[4462]),0}, +{"postalCode","postalCode",NID_postalCode,3,&(lvalues[4465]),0}, +{"id-ppl","id-ppl",NID_id_ppl,7,&(lvalues[4468]),0}, {"proxyCertInfo","Proxy Certificate Information",NID_proxyCertInfo,8, - &(lvalues[4467]),0}, -{"id-ppl-anyLanguage","Any language",NID_id_ppl_anyLanguage,8, &(lvalues[4475]),0}, -{"id-ppl-inheritAll","Inherit all",NID_id_ppl_inheritAll,8, +{"id-ppl-anyLanguage","Any language",NID_id_ppl_anyLanguage,8, &(lvalues[4483]),0}, -{"nameConstraints","X509v3 Name Constraints",NID_name_constraints,3, +{"id-ppl-inheritAll","Inherit all",NID_id_ppl_inheritAll,8, &(lvalues[4491]),0}, -{"id-ppl-independent","Independent",NID_Independent,8,&(lvalues[4494]),0}, +{"nameConstraints","X509v3 Name Constraints",NID_name_constraints,3, + &(lvalues[4499]),0}, +{"id-ppl-independent","Independent",NID_Independent,8,&(lvalues[4502]),0}, {"RSA-SHA256","sha256WithRSAEncryption",NID_sha256WithRSAEncryption,9, - &(lvalues[4502]),0}, + &(lvalues[4510]),0}, {"RSA-SHA384","sha384WithRSAEncryption",NID_sha384WithRSAEncryption,9, - &(lvalues[4511]),0}, + &(lvalues[4519]),0}, {"RSA-SHA512","sha512WithRSAEncryption",NID_sha512WithRSAEncryption,9, - &(lvalues[4520]),0}, + &(lvalues[4528]),0}, {"RSA-SHA224","sha224WithRSAEncryption",NID_sha224WithRSAEncryption,9, - &(lvalues[4529]),0}, -{"SHA256","sha256",NID_sha256,9,&(lvalues[4538]),0}, -{"SHA384","sha384",NID_sha384,9,&(lvalues[4547]),0}, -{"SHA512","sha512",NID_sha512,9,&(lvalues[4556]),0}, -{"SHA224","sha224",NID_sha224,9,&(lvalues[4565]),0}, + &(lvalues[4537]),0}, +{"SHA256","sha256",NID_sha256,9,&(lvalues[4546]),0}, +{"SHA384","sha384",NID_sha384,9,&(lvalues[4555]),0}, +{"SHA512","sha512",NID_sha512,9,&(lvalues[4564]),0}, +{"SHA224","sha224",NID_sha224,9,&(lvalues[4573]),0}, +{"identified-organization","identified-organization", + NID_identified_organization,1,&(lvalues[4582]),0}, +{"certicom-arc","certicom-arc",NID_certicom_arc,3,&(lvalues[4583]),0}, +{"wap","wap",NID_wap,2,&(lvalues[4586]),0}, +{"wap-wsg","wap-wsg",NID_wap_wsg,3,&(lvalues[4588]),0}, +{"id-characteristic-two-basis","id-characteristic-two-basis", + NID_X9_62_id_characteristic_two_basis,8,&(lvalues[4591]),0}, +{"onBasis","onBasis",NID_X9_62_onBasis,9,&(lvalues[4599]),0}, +{"tpBasis","tpBasis",NID_X9_62_tpBasis,9,&(lvalues[4608]),0}, +{"ppBasis","ppBasis",NID_X9_62_ppBasis,9,&(lvalues[4617]),0}, +{"c2pnb163v1","c2pnb163v1",NID_X9_62_c2pnb163v1,8,&(lvalues[4626]),0}, +{"c2pnb163v2","c2pnb163v2",NID_X9_62_c2pnb163v2,8,&(lvalues[4634]),0}, +{"c2pnb163v3","c2pnb163v3",NID_X9_62_c2pnb163v3,8,&(lvalues[4642]),0}, +{"c2pnb176v1","c2pnb176v1",NID_X9_62_c2pnb176v1,8,&(lvalues[4650]),0}, +{"c2tnb191v1","c2tnb191v1",NID_X9_62_c2tnb191v1,8,&(lvalues[4658]),0}, +{"c2tnb191v2","c2tnb191v2",NID_X9_62_c2tnb191v2,8,&(lvalues[4666]),0}, +{"c2tnb191v3","c2tnb191v3",NID_X9_62_c2tnb191v3,8,&(lvalues[4674]),0}, +{"c2onb191v4","c2onb191v4",NID_X9_62_c2onb191v4,8,&(lvalues[4682]),0}, +{"c2onb191v5","c2onb191v5",NID_X9_62_c2onb191v5,8,&(lvalues[4690]),0}, +{"c2pnb208w1","c2pnb208w1",NID_X9_62_c2pnb208w1,8,&(lvalues[4698]),0}, +{"c2tnb239v1","c2tnb239v1",NID_X9_62_c2tnb239v1,8,&(lvalues[4706]),0}, +{"c2tnb239v2","c2tnb239v2",NID_X9_62_c2tnb239v2,8,&(lvalues[4714]),0}, +{"c2tnb239v3","c2tnb239v3",NID_X9_62_c2tnb239v3,8,&(lvalues[4722]),0}, +{"c2onb239v4","c2onb239v4",NID_X9_62_c2onb239v4,8,&(lvalues[4730]),0}, +{"c2onb239v5","c2onb239v5",NID_X9_62_c2onb239v5,8,&(lvalues[4738]),0}, +{"c2pnb272w1","c2pnb272w1",NID_X9_62_c2pnb272w1,8,&(lvalues[4746]),0}, +{"c2pnb304w1","c2pnb304w1",NID_X9_62_c2pnb304w1,8,&(lvalues[4754]),0}, +{"c2tnb359v1","c2tnb359v1",NID_X9_62_c2tnb359v1,8,&(lvalues[4762]),0}, +{"c2pnb368w1","c2pnb368w1",NID_X9_62_c2pnb368w1,8,&(lvalues[4770]),0}, +{"c2tnb431r1","c2tnb431r1",NID_X9_62_c2tnb431r1,8,&(lvalues[4778]),0}, +{"secp112r1","secp112r1",NID_secp112r1,5,&(lvalues[4786]),0}, +{"secp112r2","secp112r2",NID_secp112r2,5,&(lvalues[4791]),0}, +{"secp128r1","secp128r1",NID_secp128r1,5,&(lvalues[4796]),0}, +{"secp128r2","secp128r2",NID_secp128r2,5,&(lvalues[4801]),0}, +{"secp160k1","secp160k1",NID_secp160k1,5,&(lvalues[4806]),0}, +{"secp160r1","secp160r1",NID_secp160r1,5,&(lvalues[4811]),0}, +{"secp160r2","secp160r2",NID_secp160r2,5,&(lvalues[4816]),0}, +{"secp192k1","secp192k1",NID_secp192k1,5,&(lvalues[4821]),0}, +{"secp224k1","secp224k1",NID_secp224k1,5,&(lvalues[4826]),0}, +{"secp224r1","secp224r1",NID_secp224r1,5,&(lvalues[4831]),0}, +{"secp256k1","secp256k1",NID_secp256k1,5,&(lvalues[4836]),0}, +{"secp384r1","secp384r1",NID_secp384r1,5,&(lvalues[4841]),0}, +{"secp521r1","secp521r1",NID_secp521r1,5,&(lvalues[4846]),0}, +{"sect113r1","sect113r1",NID_sect113r1,5,&(lvalues[4851]),0}, +{"sect113r2","sect113r2",NID_sect113r2,5,&(lvalues[4856]),0}, +{"sect131r1","sect131r1",NID_sect131r1,5,&(lvalues[4861]),0}, +{"sect131r2","sect131r2",NID_sect131r2,5,&(lvalues[4866]),0}, +{"sect163k1","sect163k1",NID_sect163k1,5,&(lvalues[4871]),0}, +{"sect163r1","sect163r1",NID_sect163r1,5,&(lvalues[4876]),0}, +{"sect163r2","sect163r2",NID_sect163r2,5,&(lvalues[4881]),0}, +{"sect193r1","sect193r1",NID_sect193r1,5,&(lvalues[4886]),0}, +{"sect193r2","sect193r2",NID_sect193r2,5,&(lvalues[4891]),0}, +{"sect233k1","sect233k1",NID_sect233k1,5,&(lvalues[4896]),0}, +{"sect233r1","sect233r1",NID_sect233r1,5,&(lvalues[4901]),0}, +{"sect239k1","sect239k1",NID_sect239k1,5,&(lvalues[4906]),0}, +{"sect283k1","sect283k1",NID_sect283k1,5,&(lvalues[4911]),0}, +{"sect283r1","sect283r1",NID_sect283r1,5,&(lvalues[4916]),0}, +{"sect409k1","sect409k1",NID_sect409k1,5,&(lvalues[4921]),0}, +{"sect409r1","sect409r1",NID_sect409r1,5,&(lvalues[4926]),0}, +{"sect571k1","sect571k1",NID_sect571k1,5,&(lvalues[4931]),0}, +{"sect571r1","sect571r1",NID_sect571r1,5,&(lvalues[4936]),0}, +{"wap-wsg-idm-ecid-wtls1","wap-wsg-idm-ecid-wtls1", + NID_wap_wsg_idm_ecid_wtls1,5,&(lvalues[4941]),0}, +{"wap-wsg-idm-ecid-wtls3","wap-wsg-idm-ecid-wtls3", + NID_wap_wsg_idm_ecid_wtls3,5,&(lvalues[4946]),0}, +{"wap-wsg-idm-ecid-wtls4","wap-wsg-idm-ecid-wtls4", + NID_wap_wsg_idm_ecid_wtls4,5,&(lvalues[4951]),0}, +{"wap-wsg-idm-ecid-wtls5","wap-wsg-idm-ecid-wtls5", + NID_wap_wsg_idm_ecid_wtls5,5,&(lvalues[4956]),0}, +{"wap-wsg-idm-ecid-wtls6","wap-wsg-idm-ecid-wtls6", + NID_wap_wsg_idm_ecid_wtls6,5,&(lvalues[4961]),0}, +{"wap-wsg-idm-ecid-wtls7","wap-wsg-idm-ecid-wtls7", + NID_wap_wsg_idm_ecid_wtls7,5,&(lvalues[4966]),0}, +{"wap-wsg-idm-ecid-wtls8","wap-wsg-idm-ecid-wtls8", + NID_wap_wsg_idm_ecid_wtls8,5,&(lvalues[4971]),0}, +{"wap-wsg-idm-ecid-wtls9","wap-wsg-idm-ecid-wtls9", + NID_wap_wsg_idm_ecid_wtls9,5,&(lvalues[4976]),0}, +{"wap-wsg-idm-ecid-wtls10","wap-wsg-idm-ecid-wtls10", + NID_wap_wsg_idm_ecid_wtls10,5,&(lvalues[4981]),0}, +{"wap-wsg-idm-ecid-wtls11","wap-wsg-idm-ecid-wtls11", + NID_wap_wsg_idm_ecid_wtls11,5,&(lvalues[4986]),0}, +{"wap-wsg-idm-ecid-wtls12","wap-wsg-idm-ecid-wtls12", + NID_wap_wsg_idm_ecid_wtls12,5,&(lvalues[4991]),0}, +{"anyPolicy","X509v3 Any Policy",NID_any_policy,4,&(lvalues[4996]),0}, +{"policyMappings","X509v3 Policy Mappings",NID_policy_mappings,3, + &(lvalues[5000]),0}, +{"inhibitAnyPolicy","X509v3 Inhibit Any Policy", + NID_inhibit_any_policy,3,&(lvalues[5003]),0}, +{"Oakley-EC2N-3","ipsec3",NID_ipsec3,0,NULL,0}, +{"Oakley-EC2N-4","ipsec4",NID_ipsec4,0,NULL,0}, +{"CAMELLIA-128-CBC","camellia-128-cbc",NID_camellia_128_cbc,11, + &(lvalues[5006]),0}, +{"CAMELLIA-192-CBC","camellia-192-cbc",NID_camellia_192_cbc,11, + &(lvalues[5017]),0}, +{"CAMELLIA-256-CBC","camellia-256-cbc",NID_camellia_256_cbc,11, + &(lvalues[5028]),0}, +{"CAMELLIA-128-ECB","camellia-128-ecb",NID_camellia_128_ecb,8, + &(lvalues[5039]),0}, +{"CAMELLIA-192-ECB","camellia-192-ecb",NID_camellia_192_ecb,8, + &(lvalues[5047]),0}, +{"CAMELLIA-256-ECB","camellia-256-ecb",NID_camellia_256_ecb,8, + &(lvalues[5055]),0}, +{"CAMELLIA-128-CFB","camellia-128-cfb",NID_camellia_128_cfb128,8, + &(lvalues[5063]),0}, +{"CAMELLIA-192-CFB","camellia-192-cfb",NID_camellia_192_cfb128,8, + &(lvalues[5071]),0}, +{"CAMELLIA-256-CFB","camellia-256-cfb",NID_camellia_256_cfb128,8, + &(lvalues[5079]),0}, +{"CAMELLIA-128-CFB1","camellia-128-cfb1",NID_camellia_128_cfb1,0,NULL,0}, +{"CAMELLIA-192-CFB1","camellia-192-cfb1",NID_camellia_192_cfb1,0,NULL,0}, +{"CAMELLIA-256-CFB1","camellia-256-cfb1",NID_camellia_256_cfb1,0,NULL,0}, +{"CAMELLIA-128-CFB8","camellia-128-cfb8",NID_camellia_128_cfb8,0,NULL,0}, +{"CAMELLIA-192-CFB8","camellia-192-cfb8",NID_camellia_192_cfb8,0,NULL,0}, +{"CAMELLIA-256-CFB8","camellia-256-cfb8",NID_camellia_256_cfb8,0,NULL,0}, +{"CAMELLIA-128-OFB","camellia-128-ofb",NID_camellia_128_ofb128,8, + &(lvalues[5087]),0}, +{"CAMELLIA-192-OFB","camellia-192-ofb",NID_camellia_192_ofb128,8, + &(lvalues[5095]),0}, +{"CAMELLIA-256-OFB","camellia-256-ofb",NID_camellia_256_ofb128,8, + &(lvalues[5103]),0}, +{"subjectDirectoryAttributes","X509v3 Subject Directory Attributes", + NID_subject_directory_attributes,3,&(lvalues[5111]),0}, +{"issuingDistributionPoint","X509v3 Issuing Distrubution Point", + NID_issuing_distribution_point,3,&(lvalues[5114]),0}, +{"certificateIssuer","X509v3 Certificate Issuer", + NID_certificate_issuer,3,&(lvalues[5117]),0}, +{NULL,NULL,NID_undef,0,NULL,0}, +{"KISA","kisa",NID_kisa,6,&(lvalues[5120]),0}, +{NULL,NULL,NID_undef,0,NULL,0}, +{NULL,NULL,NID_undef,0,NULL,0}, +{"SEED-ECB","seed-ecb",NID_seed_ecb,8,&(lvalues[5126]),0}, +{"SEED-CBC","seed-cbc",NID_seed_cbc,8,&(lvalues[5134]),0}, +{"SEED-OFB","seed-ofb",NID_seed_ofb128,8,&(lvalues[5142]),0}, +{"SEED-CFB","seed-cfb",NID_seed_cfb128,8,&(lvalues[5150]),0}, +{"HMAC-MD5","hmac-md5",NID_hmac_md5,8,&(lvalues[5158]),0}, +{"HMAC-SHA1","hmac-sha1",NID_hmac_sha1,8,&(lvalues[5166]),0}, +{"id-PasswordBasedMAC","password based MAC",NID_id_PasswordBasedMAC,9, + &(lvalues[5174]),0}, +{"id-DHBasedMac","Diffie-Hellman based MAC",NID_id_DHBasedMac,9, + &(lvalues[5183]),0}, +{"id-it-suppLangTags","id-it-suppLangTags",NID_id_it_suppLangTags,8, + &(lvalues[5192]),0}, +{"caRepository","CA Repository",NID_caRepository,8,&(lvalues[5200]),0}, +{"id-smime-ct-compressedData","id-smime-ct-compressedData", + NID_id_smime_ct_compressedData,11,&(lvalues[5208]),0}, +{"id-ct-asciiTextWithCRLF","id-ct-asciiTextWithCRLF", + NID_id_ct_asciiTextWithCRLF,11,&(lvalues[5219]),0}, +{"id-aes128-wrap","id-aes128-wrap",NID_id_aes128_wrap,9, + &(lvalues[5230]),0}, +{"id-aes192-wrap","id-aes192-wrap",NID_id_aes192_wrap,9, + &(lvalues[5239]),0}, +{"id-aes256-wrap","id-aes256-wrap",NID_id_aes256_wrap,9, + &(lvalues[5248]),0}, }; static ASN1_OBJECT *sn_objs[NUM_SN]={ @@ -1805,11 +2066,28 @@ static ASN1_OBJECT *sn_objs[NUM_SN]={ &(nid_objs[92]),/* "BF-ECB" */ &(nid_objs[94]),/* "BF-OFB" */ &(nid_objs[14]),/* "C" */ +&(nid_objs[751]),/* "CAMELLIA-128-CBC" */ +&(nid_objs[757]),/* "CAMELLIA-128-CFB" */ +&(nid_objs[760]),/* "CAMELLIA-128-CFB1" */ +&(nid_objs[763]),/* "CAMELLIA-128-CFB8" */ +&(nid_objs[754]),/* "CAMELLIA-128-ECB" */ +&(nid_objs[766]),/* "CAMELLIA-128-OFB" */ +&(nid_objs[752]),/* "CAMELLIA-192-CBC" */ +&(nid_objs[758]),/* "CAMELLIA-192-CFB" */ +&(nid_objs[761]),/* "CAMELLIA-192-CFB1" */ +&(nid_objs[764]),/* "CAMELLIA-192-CFB8" */ +&(nid_objs[755]),/* "CAMELLIA-192-ECB" */ +&(nid_objs[767]),/* "CAMELLIA-192-OFB" */ +&(nid_objs[753]),/* "CAMELLIA-256-CBC" */ +&(nid_objs[759]),/* "CAMELLIA-256-CFB" */ +&(nid_objs[762]),/* "CAMELLIA-256-CFB1" */ +&(nid_objs[765]),/* "CAMELLIA-256-CFB8" */ +&(nid_objs[756]),/* "CAMELLIA-256-ECB" */ +&(nid_objs[768]),/* "CAMELLIA-256-OFB" */ &(nid_objs[108]),/* "CAST5-CBC" */ &(nid_objs[110]),/* "CAST5-CFB" */ &(nid_objs[109]),/* "CAST5-ECB" */ &(nid_objs[111]),/* "CAST5-OFB" */ -&(nid_objs[404]),/* "CCITT" */ &(nid_objs[13]),/* "CN" */ &(nid_objs[141]),/* "CRLReason" */ &(nid_objs[417]),/* "CSPName" */ @@ -1841,6 +2119,8 @@ static ASN1_OBJECT *sn_objs[NUM_SN]={ &(nid_objs[67]),/* "DSA-old" */ &(nid_objs[297]),/* "DVCS" */ &(nid_objs[99]),/* "GN" */ +&(nid_objs[780]),/* "HMAC-MD5" */ +&(nid_objs[781]),/* "HMAC-SHA1" */ &(nid_objs[381]),/* "IANA" */ &(nid_objs[34]),/* "IDEA-CBC" */ &(nid_objs[35]),/* "IDEA-CFB" */ @@ -1848,7 +2128,9 @@ static ASN1_OBJECT *sn_objs[NUM_SN]={ &(nid_objs[46]),/* "IDEA-OFB" */ &(nid_objs[181]),/* "ISO" */ &(nid_objs[183]),/* "ISO-US" */ -&(nid_objs[393]),/* "JOINT-ISO-CCITT" */ +&(nid_objs[645]),/* "ITU-T" */ +&(nid_objs[646]),/* "JOINT-ISO-ITU-T" */ +&(nid_objs[773]),/* "KISA" */ &(nid_objs[15]),/* "L" */ &(nid_objs[ 3]),/* "MD2" */ &(nid_objs[257]),/* "MD4" */ @@ -1856,6 +2138,8 @@ static ASN1_OBJECT *sn_objs[NUM_SN]={ &(nid_objs[114]),/* "MD5-SHA1" */ &(nid_objs[95]),/* "MDC2" */ &(nid_objs[388]),/* "Mail" */ +&(nid_objs[393]),/* "NULL" */ +&(nid_objs[404]),/* "NULL" */ &(nid_objs[57]),/* "Netscape" */ &(nid_objs[366]),/* "Nonce" */ &(nid_objs[17]),/* "O" */ @@ -1863,6 +2147,8 @@ static ASN1_OBJECT *sn_objs[NUM_SN]={ &(nid_objs[180]),/* "OCSPSigning" */ &(nid_objs[379]),/* "ORG" */ &(nid_objs[18]),/* "OU" */ +&(nid_objs[749]),/* "Oakley-EC2N-3" */ +&(nid_objs[750]),/* "Oakley-EC2N-4" */ &(nid_objs[ 9]),/* "PBE-MD2-DES" */ &(nid_objs[168]),/* "PBE-MD2-RC2-64" */ &(nid_objs[10]),/* "PBE-MD5-DES" */ @@ -1907,6 +2193,10 @@ static ASN1_OBJECT *sn_objs[NUM_SN]={ &(nid_objs[668]),/* "RSA-SHA256" */ &(nid_objs[669]),/* "RSA-SHA384" */ &(nid_objs[670]),/* "RSA-SHA512" */ +&(nid_objs[777]),/* "SEED-CBC" */ +&(nid_objs[779]),/* "SEED-CFB" */ +&(nid_objs[776]),/* "SEED-ECB" */ +&(nid_objs[778]),/* "SEED-OFB" */ &(nid_objs[41]),/* "SHA" */ &(nid_objs[64]),/* "SHA1" */ &(nid_objs[675]),/* "SHA224" */ @@ -1936,6 +2226,7 @@ static ASN1_OBJECT *sn_objs[NUM_SN]={ &(nid_objs[363]),/* "ad_timestamping" */ &(nid_objs[376]),/* "algorithm" */ &(nid_objs[405]),/* "ansi-X9-62" */ +&(nid_objs[746]),/* "anyPolicy" */ &(nid_objs[370]),/* "archiveCutoff" */ &(nid_objs[484]),/* "associatedDomain" */ &(nid_objs[485]),/* "associatedName" */ @@ -1946,10 +2237,33 @@ static ASN1_OBJECT *sn_objs[NUM_SN]={ &(nid_objs[365]),/* "basicOCSPResponse" */ &(nid_objs[285]),/* "biometricInfo" */ &(nid_objs[494]),/* "buildingName" */ +&(nid_objs[691]),/* "c2onb191v4" */ +&(nid_objs[692]),/* "c2onb191v5" */ +&(nid_objs[697]),/* "c2onb239v4" */ +&(nid_objs[698]),/* "c2onb239v5" */ +&(nid_objs[684]),/* "c2pnb163v1" */ +&(nid_objs[685]),/* "c2pnb163v2" */ +&(nid_objs[686]),/* "c2pnb163v3" */ +&(nid_objs[687]),/* "c2pnb176v1" */ +&(nid_objs[693]),/* "c2pnb208w1" */ +&(nid_objs[699]),/* "c2pnb272w1" */ +&(nid_objs[700]),/* "c2pnb304w1" */ +&(nid_objs[702]),/* "c2pnb368w1" */ +&(nid_objs[688]),/* "c2tnb191v1" */ +&(nid_objs[689]),/* "c2tnb191v2" */ +&(nid_objs[690]),/* "c2tnb191v3" */ +&(nid_objs[694]),/* "c2tnb239v1" */ +&(nid_objs[695]),/* "c2tnb239v2" */ +&(nid_objs[696]),/* "c2tnb239v3" */ +&(nid_objs[701]),/* "c2tnb359v1" */ +&(nid_objs[703]),/* "c2tnb431r1" */ &(nid_objs[483]),/* "cNAMERecord" */ &(nid_objs[179]),/* "caIssuers" */ +&(nid_objs[785]),/* "caRepository" */ &(nid_objs[443]),/* "caseIgnoreIA5StringSyntax" */ &(nid_objs[152]),/* "certBag" */ +&(nid_objs[677]),/* "certicom-arc" */ +&(nid_objs[771]),/* "certificateIssuer" */ &(nid_objs[89]),/* "certificatePolicies" */ &(nid_objs[54]),/* "challengePassword" */ &(nid_objs[407]),/* "characteristic-two-field" */ @@ -2004,6 +2318,8 @@ static ASN1_OBJECT *sn_objs[NUM_SN]={ &(nid_objs[473]),/* "homeTelephoneNumber" */ &(nid_objs[466]),/* "host" */ &(nid_objs[442]),/* "iA5StringSyntax" */ +&(nid_objs[783]),/* "id-DHBasedMac" */ +&(nid_objs[782]),/* "id-PasswordBasedMAC" */ &(nid_objs[266]),/* "id-aca" */ &(nid_objs[355]),/* "id-aca-accessIdentity" */ &(nid_objs[354]),/* "id-aca-authenticationInfo" */ @@ -2012,6 +2328,9 @@ static ASN1_OBJECT *sn_objs[NUM_SN]={ &(nid_objs[357]),/* "id-aca-group" */ &(nid_objs[358]),/* "id-aca-role" */ &(nid_objs[176]),/* "id-ad" */ +&(nid_objs[788]),/* "id-aes128-wrap" */ +&(nid_objs[789]),/* "id-aes192-wrap" */ +&(nid_objs[790]),/* "id-aes256-wrap" */ &(nid_objs[262]),/* "id-alg" */ &(nid_objs[323]),/* "id-alg-des40" */ &(nid_objs[326]),/* "id-alg-dh-pop" */ @@ -2022,6 +2341,7 @@ static ASN1_OBJECT *sn_objs[NUM_SN]={ &(nid_objs[362]),/* "id-cct-PKIResponse" */ &(nid_objs[360]),/* "id-cct-crs" */ &(nid_objs[81]),/* "id-ce" */ +&(nid_objs[680]),/* "id-characteristic-two-basis" */ &(nid_objs[263]),/* "id-cmc" */ &(nid_objs[334]),/* "id-cmc-addExtensions" */ &(nid_objs[346]),/* "id-cmc-confirmCertAcceptance" */ @@ -2043,6 +2363,7 @@ static ASN1_OBJECT *sn_objs[NUM_SN]={ &(nid_objs[332]),/* "id-cmc-senderNonce" */ &(nid_objs[327]),/* "id-cmc-statusInfo" */ &(nid_objs[331]),/* "id-cmc-transactionId" */ +&(nid_objs[787]),/* "id-ct-asciiTextWithCRLF" */ &(nid_objs[408]),/* "id-ecPublicKey" */ &(nid_objs[508]),/* "id-hex-multipart-message" */ &(nid_objs[507]),/* "id-hex-partial-message" */ @@ -2061,6 +2382,7 @@ static ASN1_OBJECT *sn_objs[NUM_SN]={ &(nid_objs[299]),/* "id-it-signKeyPairTypes" */ &(nid_objs[305]),/* "id-it-subscriptionRequest" */ &(nid_objs[306]),/* "id-it-subscriptionResponse" */ +&(nid_objs[784]),/* "id-it-suppLangTags" */ &(nid_objs[304]),/* "id-it-unsupportedOIDs" */ &(nid_objs[128]),/* "id-kp" */ &(nid_objs[280]),/* "id-mod-attribute-cert" */ @@ -2156,6 +2478,7 @@ static ASN1_OBJECT *sn_objs[NUM_SN]={ &(nid_objs[208]),/* "id-smime-ct-TDTInfo" */ &(nid_objs[207]),/* "id-smime-ct-TSTInfo" */ &(nid_objs[205]),/* "id-smime-ct-authData" */ +&(nid_objs[786]),/* "id-smime-ct-compressedData" */ &(nid_objs[209]),/* "id-smime-ct-contentInfo" */ &(nid_objs[206]),/* "id-smime-ct-publishCert" */ &(nid_objs[204]),/* "id-smime-ct-receipt" */ @@ -2178,13 +2501,17 @@ static ASN1_OBJECT *sn_objs[NUM_SN]={ &(nid_objs[194]),/* "id-smime-spq" */ &(nid_objs[250]),/* "id-smime-spq-ets-sqt-unotice" */ &(nid_objs[249]),/* "id-smime-spq-ets-sqt-uri" */ +&(nid_objs[676]),/* "identified-organization" */ &(nid_objs[461]),/* "info" */ +&(nid_objs[748]),/* "inhibitAnyPolicy" */ &(nid_objs[101]),/* "initials" */ +&(nid_objs[647]),/* "international-organizations" */ &(nid_objs[142]),/* "invalidityDate" */ &(nid_objs[294]),/* "ipsecEndSystem" */ &(nid_objs[295]),/* "ipsecTunnel" */ &(nid_objs[296]),/* "ipsecUser" */ &(nid_objs[86]),/* "issuerAltName" */ +&(nid_objs[770]),/* "issuingDistributionPoint" */ &(nid_objs[492]),/* "janetMailbox" */ &(nid_objs[150]),/* "keyBag" */ &(nid_objs[83]),/* "keyUsage" */ @@ -2227,6 +2554,7 @@ static ASN1_OBJECT *sn_objs[NUM_SN]={ &(nid_objs[73]),/* "nsRevocationUrl" */ &(nid_objs[139]),/* "nsSGC" */ &(nid_objs[77]),/* "nsSslServerName" */ +&(nid_objs[681]),/* "onBasis" */ &(nid_objs[491]),/* "organizationalStatus" */ &(nid_objs[475]),/* "otherMailbox" */ &(nid_objs[489]),/* "pagerTelephoneNumber" */ @@ -2259,7 +2587,9 @@ static ASN1_OBJECT *sn_objs[NUM_SN]={ &(nid_objs[151]),/* "pkcs8ShroudedKeyBag" */ &(nid_objs[47]),/* "pkcs9" */ &(nid_objs[401]),/* "policyConstraints" */ +&(nid_objs[747]),/* "policyMappings" */ &(nid_objs[661]),/* "postalCode" */ +&(nid_objs[683]),/* "ppBasis" */ &(nid_objs[406]),/* "prime-field" */ &(nid_objs[409]),/* "prime192v1" */ &(nid_objs[410]),/* "prime192v2" */ @@ -2289,8 +2619,39 @@ static ASN1_OBJECT *sn_objs[NUM_SN]={ &(nid_objs[290]),/* "sbgp-ipAddrBlock" */ &(nid_objs[292]),/* "sbgp-routerIdentifier" */ &(nid_objs[159]),/* "sdsiCertificate" */ +&(nid_objs[704]),/* "secp112r1" */ +&(nid_objs[705]),/* "secp112r2" */ +&(nid_objs[706]),/* "secp128r1" */ +&(nid_objs[707]),/* "secp128r2" */ +&(nid_objs[708]),/* "secp160k1" */ +&(nid_objs[709]),/* "secp160r1" */ +&(nid_objs[710]),/* "secp160r2" */ +&(nid_objs[711]),/* "secp192k1" */ +&(nid_objs[712]),/* "secp224k1" */ +&(nid_objs[713]),/* "secp224r1" */ +&(nid_objs[714]),/* "secp256k1" */ +&(nid_objs[715]),/* "secp384r1" */ +&(nid_objs[716]),/* "secp521r1" */ &(nid_objs[154]),/* "secretBag" */ &(nid_objs[474]),/* "secretary" */ +&(nid_objs[717]),/* "sect113r1" */ +&(nid_objs[718]),/* "sect113r2" */ +&(nid_objs[719]),/* "sect131r1" */ +&(nid_objs[720]),/* "sect131r2" */ +&(nid_objs[721]),/* "sect163k1" */ +&(nid_objs[722]),/* "sect163r1" */ +&(nid_objs[723]),/* "sect163r2" */ +&(nid_objs[724]),/* "sect193r1" */ +&(nid_objs[725]),/* "sect193r2" */ +&(nid_objs[726]),/* "sect233k1" */ +&(nid_objs[727]),/* "sect233r1" */ +&(nid_objs[728]),/* "sect239k1" */ +&(nid_objs[729]),/* "sect283k1" */ +&(nid_objs[730]),/* "sect283r1" */ +&(nid_objs[731]),/* "sect409k1" */ +&(nid_objs[732]),/* "sect409r1" */ +&(nid_objs[733]),/* "sect571k1" */ +&(nid_objs[734]),/* "sect571r1" */ &(nid_objs[386]),/* "security" */ &(nid_objs[394]),/* "selected-attribute-types" */ &(nid_objs[105]),/* "serialNumber" */ @@ -2432,6 +2793,7 @@ static ASN1_OBJECT *sn_objs[NUM_SN]={ &(nid_objs[387]),/* "snmpv2" */ &(nid_objs[660]),/* "streetAddress" */ &(nid_objs[85]),/* "subjectAltName" */ +&(nid_objs[769]),/* "subjectDirectoryAttributes" */ &(nid_objs[398]),/* "subjectInfoAccess" */ &(nid_objs[82]),/* "subjectKeyIdentifier" */ &(nid_objs[498]),/* "subtreeMaximumQuality" */ @@ -2441,12 +2803,26 @@ static ASN1_OBJECT *sn_objs[NUM_SN]={ &(nid_objs[293]),/* "textNotice" */ &(nid_objs[133]),/* "timeStamping" */ &(nid_objs[106]),/* "title" */ +&(nid_objs[682]),/* "tpBasis" */ &(nid_objs[375]),/* "trustRoot" */ &(nid_objs[436]),/* "ucl" */ &(nid_objs[55]),/* "unstructuredAddress" */ &(nid_objs[49]),/* "unstructuredName" */ &(nid_objs[465]),/* "userClass" */ &(nid_objs[373]),/* "valid" */ +&(nid_objs[678]),/* "wap" */ +&(nid_objs[679]),/* "wap-wsg" */ +&(nid_objs[735]),/* "wap-wsg-idm-ecid-wtls1" */ +&(nid_objs[743]),/* "wap-wsg-idm-ecid-wtls10" */ +&(nid_objs[744]),/* "wap-wsg-idm-ecid-wtls11" */ +&(nid_objs[745]),/* "wap-wsg-idm-ecid-wtls12" */ +&(nid_objs[736]),/* "wap-wsg-idm-ecid-wtls3" */ +&(nid_objs[737]),/* "wap-wsg-idm-ecid-wtls4" */ +&(nid_objs[738]),/* "wap-wsg-idm-ecid-wtls5" */ +&(nid_objs[739]),/* "wap-wsg-idm-ecid-wtls6" */ +&(nid_objs[740]),/* "wap-wsg-idm-ecid-wtls7" */ +&(nid_objs[741]),/* "wap-wsg-idm-ecid-wtls8" */ +&(nid_objs[742]),/* "wap-wsg-idm-ecid-wtls9" */ &(nid_objs[503]),/* "x500UniqueIdentifier" */ &(nid_objs[158]),/* "x509Certificate" */ &(nid_objs[160]),/* "x509Crl" */ @@ -2461,7 +2837,9 @@ static ASN1_OBJECT *ln_objs[NUM_LN]={ &(nid_objs[365]),/* "Basic OCSP Response" */ &(nid_objs[285]),/* "Biometric Info" */ &(nid_objs[179]),/* "CA Issuers" */ +&(nid_objs[785]),/* "CA Repository" */ &(nid_objs[131]),/* "Code Signing" */ +&(nid_objs[783]),/* "Diffie-Hellman based MAC" */ &(nid_objs[382]),/* "Directory" */ &(nid_objs[392]),/* "Domain" */ &(nid_objs[132]),/* "E-mail Protection" */ @@ -2481,6 +2859,7 @@ static ASN1_OBJECT *ln_objs[NUM_LN]={ &(nid_objs[183]),/* "ISO US Member Body" */ &(nid_objs[667]),/* "Independent" */ &(nid_objs[665]),/* "Inherit all" */ +&(nid_objs[647]),/* "International Organizations" */ &(nid_objs[142]),/* "Invalidity Date" */ &(nid_objs[504]),/* "MIME MHS" */ &(nid_objs[388]),/* "Mail" */ @@ -2494,6 +2873,8 @@ static ASN1_OBJECT *ln_objs[NUM_LN]={ &(nid_objs[648]),/* "Microsoft Smartcardlogin" */ &(nid_objs[136]),/* "Microsoft Trust List Signing" */ &(nid_objs[649]),/* "Microsoft Universal Principal Name" */ +&(nid_objs[393]),/* "NULL" */ +&(nid_objs[404]),/* "NULL" */ &(nid_objs[72]),/* "Netscape Base Url" */ &(nid_objs[76]),/* "Netscape CA Policy Url" */ &(nid_objs[74]),/* "Netscape CA Revocation Url" */ @@ -2538,21 +2919,27 @@ static ASN1_OBJECT *ln_objs[NUM_LN]={ &(nid_objs[375]),/* "Trust Root" */ &(nid_objs[12]),/* "X509" */ &(nid_objs[402]),/* "X509v3 AC Targeting" */ +&(nid_objs[746]),/* "X509v3 Any Policy" */ &(nid_objs[90]),/* "X509v3 Authority Key Identifier" */ &(nid_objs[87]),/* "X509v3 Basic Constraints" */ &(nid_objs[103]),/* "X509v3 CRL Distribution Points" */ &(nid_objs[88]),/* "X509v3 CRL Number" */ &(nid_objs[141]),/* "X509v3 CRL Reason Code" */ +&(nid_objs[771]),/* "X509v3 Certificate Issuer" */ &(nid_objs[89]),/* "X509v3 Certificate Policies" */ &(nid_objs[140]),/* "X509v3 Delta CRL Indicator" */ &(nid_objs[126]),/* "X509v3 Extended Key Usage" */ +&(nid_objs[748]),/* "X509v3 Inhibit Any Policy" */ &(nid_objs[86]),/* "X509v3 Issuer Alternative Name" */ +&(nid_objs[770]),/* "X509v3 Issuing Distrubution Point" */ &(nid_objs[83]),/* "X509v3 Key Usage" */ &(nid_objs[666]),/* "X509v3 Name Constraints" */ &(nid_objs[403]),/* "X509v3 No Revocation Available" */ &(nid_objs[401]),/* "X509v3 Policy Constraints" */ +&(nid_objs[747]),/* "X509v3 Policy Mappings" */ &(nid_objs[84]),/* "X509v3 Private Key Usage Period" */ &(nid_objs[85]),/* "X509v3 Subject Alternative Name" */ +&(nid_objs[769]),/* "X509v3 Subject Directory Attributes" */ &(nid_objs[82]),/* "X509v3 Subject Key Identifier" */ &(nid_objs[184]),/* "X9.57" */ &(nid_objs[185]),/* "X9.57 CM ?" */ @@ -2591,14 +2978,52 @@ static ASN1_OBJECT *ln_objs[NUM_LN]={ &(nid_objs[92]),/* "bf-ecb" */ &(nid_objs[94]),/* "bf-ofb" */ &(nid_objs[494]),/* "buildingName" */ +&(nid_objs[691]),/* "c2onb191v4" */ +&(nid_objs[692]),/* "c2onb191v5" */ +&(nid_objs[697]),/* "c2onb239v4" */ +&(nid_objs[698]),/* "c2onb239v5" */ +&(nid_objs[684]),/* "c2pnb163v1" */ +&(nid_objs[685]),/* "c2pnb163v2" */ +&(nid_objs[686]),/* "c2pnb163v3" */ +&(nid_objs[687]),/* "c2pnb176v1" */ +&(nid_objs[693]),/* "c2pnb208w1" */ +&(nid_objs[699]),/* "c2pnb272w1" */ +&(nid_objs[700]),/* "c2pnb304w1" */ +&(nid_objs[702]),/* "c2pnb368w1" */ +&(nid_objs[688]),/* "c2tnb191v1" */ +&(nid_objs[689]),/* "c2tnb191v2" */ +&(nid_objs[690]),/* "c2tnb191v3" */ +&(nid_objs[694]),/* "c2tnb239v1" */ +&(nid_objs[695]),/* "c2tnb239v2" */ +&(nid_objs[696]),/* "c2tnb239v3" */ +&(nid_objs[701]),/* "c2tnb359v1" */ +&(nid_objs[703]),/* "c2tnb431r1" */ &(nid_objs[483]),/* "cNAMERecord" */ +&(nid_objs[751]),/* "camellia-128-cbc" */ +&(nid_objs[757]),/* "camellia-128-cfb" */ +&(nid_objs[760]),/* "camellia-128-cfb1" */ +&(nid_objs[763]),/* "camellia-128-cfb8" */ +&(nid_objs[754]),/* "camellia-128-ecb" */ +&(nid_objs[766]),/* "camellia-128-ofb" */ +&(nid_objs[752]),/* "camellia-192-cbc" */ +&(nid_objs[758]),/* "camellia-192-cfb" */ +&(nid_objs[761]),/* "camellia-192-cfb1" */ +&(nid_objs[764]),/* "camellia-192-cfb8" */ +&(nid_objs[755]),/* "camellia-192-ecb" */ +&(nid_objs[767]),/* "camellia-192-ofb" */ +&(nid_objs[753]),/* "camellia-256-cbc" */ +&(nid_objs[759]),/* "camellia-256-cfb" */ +&(nid_objs[762]),/* "camellia-256-cfb1" */ +&(nid_objs[765]),/* "camellia-256-cfb8" */ +&(nid_objs[756]),/* "camellia-256-ecb" */ +&(nid_objs[768]),/* "camellia-256-ofb" */ &(nid_objs[443]),/* "caseIgnoreIA5StringSyntax" */ &(nid_objs[108]),/* "cast5-cbc" */ &(nid_objs[110]),/* "cast5-cfb" */ &(nid_objs[109]),/* "cast5-ecb" */ &(nid_objs[111]),/* "cast5-ofb" */ -&(nid_objs[404]),/* "ccitt" */ &(nid_objs[152]),/* "certBag" */ +&(nid_objs[677]),/* "certicom-arc" */ &(nid_objs[517]),/* "certificate extensions" */ &(nid_objs[54]),/* "challengePassword" */ &(nid_objs[407]),/* "characteristic-two-field" */ @@ -2667,6 +3092,8 @@ static ASN1_OBJECT *ln_objs[NUM_LN]={ &(nid_objs[509]),/* "generationQualifier" */ &(nid_objs[601]),/* "generic cryptogram" */ &(nid_objs[99]),/* "givenName" */ +&(nid_objs[780]),/* "hmac-md5" */ +&(nid_objs[781]),/* "hmac-sha1" */ &(nid_objs[163]),/* "hmacWithSHA1" */ &(nid_objs[486]),/* "homePostalAddress" */ &(nid_objs[473]),/* "homeTelephoneNumber" */ @@ -2681,6 +3108,9 @@ static ASN1_OBJECT *ln_objs[NUM_LN]={ &(nid_objs[357]),/* "id-aca-group" */ &(nid_objs[358]),/* "id-aca-role" */ &(nid_objs[176]),/* "id-ad" */ +&(nid_objs[788]),/* "id-aes128-wrap" */ +&(nid_objs[789]),/* "id-aes192-wrap" */ +&(nid_objs[790]),/* "id-aes256-wrap" */ &(nid_objs[262]),/* "id-alg" */ &(nid_objs[323]),/* "id-alg-des40" */ &(nid_objs[326]),/* "id-alg-dh-pop" */ @@ -2691,6 +3121,7 @@ static ASN1_OBJECT *ln_objs[NUM_LN]={ &(nid_objs[362]),/* "id-cct-PKIResponse" */ &(nid_objs[360]),/* "id-cct-crs" */ &(nid_objs[81]),/* "id-ce" */ +&(nid_objs[680]),/* "id-characteristic-two-basis" */ &(nid_objs[263]),/* "id-cmc" */ &(nid_objs[334]),/* "id-cmc-addExtensions" */ &(nid_objs[346]),/* "id-cmc-confirmCertAcceptance" */ @@ -2712,6 +3143,7 @@ static ASN1_OBJECT *ln_objs[NUM_LN]={ &(nid_objs[332]),/* "id-cmc-senderNonce" */ &(nid_objs[327]),/* "id-cmc-statusInfo" */ &(nid_objs[331]),/* "id-cmc-transactionId" */ +&(nid_objs[787]),/* "id-ct-asciiTextWithCRLF" */ &(nid_objs[408]),/* "id-ecPublicKey" */ &(nid_objs[508]),/* "id-hex-multipart-message" */ &(nid_objs[507]),/* "id-hex-partial-message" */ @@ -2730,6 +3162,7 @@ static ASN1_OBJECT *ln_objs[NUM_LN]={ &(nid_objs[299]),/* "id-it-signKeyPairTypes" */ &(nid_objs[305]),/* "id-it-subscriptionRequest" */ &(nid_objs[306]),/* "id-it-subscriptionResponse" */ +&(nid_objs[784]),/* "id-it-suppLangTags" */ &(nid_objs[304]),/* "id-it-unsupportedOIDs" */ &(nid_objs[128]),/* "id-kp" */ &(nid_objs[280]),/* "id-mod-attribute-cert" */ @@ -2819,6 +3252,7 @@ static ASN1_OBJECT *ln_objs[NUM_LN]={ &(nid_objs[208]),/* "id-smime-ct-TDTInfo" */ &(nid_objs[207]),/* "id-smime-ct-TSTInfo" */ &(nid_objs[205]),/* "id-smime-ct-authData" */ +&(nid_objs[786]),/* "id-smime-ct-compressedData" */ &(nid_objs[209]),/* "id-smime-ct-contentInfo" */ &(nid_objs[206]),/* "id-smime-ct-publishCert" */ &(nid_objs[204]),/* "id-smime-ct-receipt" */ @@ -2845,13 +3279,18 @@ static ASN1_OBJECT *ln_objs[NUM_LN]={ &(nid_objs[35]),/* "idea-cfb" */ &(nid_objs[36]),/* "idea-ecb" */ &(nid_objs[46]),/* "idea-ofb" */ +&(nid_objs[676]),/* "identified-organization" */ &(nid_objs[461]),/* "info" */ &(nid_objs[101]),/* "initials" */ +&(nid_objs[749]),/* "ipsec3" */ +&(nid_objs[750]),/* "ipsec4" */ &(nid_objs[181]),/* "iso" */ &(nid_objs[623]),/* "issuer capabilities" */ +&(nid_objs[645]),/* "itu-t" */ &(nid_objs[492]),/* "janetMailbox" */ -&(nid_objs[393]),/* "joint-iso-ccitt" */ +&(nid_objs[646]),/* "joint-iso-itu-t" */ &(nid_objs[150]),/* "keyBag" */ +&(nid_objs[773]),/* "kisa" */ &(nid_objs[477]),/* "lastModifiedBy" */ &(nid_objs[476]),/* "lastModifiedTime" */ &(nid_objs[157]),/* "localKeyID" */ @@ -2877,12 +3316,14 @@ static ASN1_OBJECT *ln_objs[NUM_LN]={ &(nid_objs[488]),/* "mobileTelephoneNumber" */ &(nid_objs[481]),/* "nSRecord" */ &(nid_objs[173]),/* "name" */ +&(nid_objs[681]),/* "onBasis" */ &(nid_objs[379]),/* "org" */ &(nid_objs[17]),/* "organizationName" */ &(nid_objs[491]),/* "organizationalStatus" */ &(nid_objs[18]),/* "organizationalUnitName" */ &(nid_objs[475]),/* "otherMailbox" */ &(nid_objs[489]),/* "pagerTelephoneNumber" */ +&(nid_objs[782]),/* "password based MAC" */ &(nid_objs[374]),/* "path" */ &(nid_objs[621]),/* "payment gateway capabilities" */ &(nid_objs[ 9]),/* "pbeWithMD2AndDES-CBC" */ @@ -2924,6 +3365,7 @@ static ASN1_OBJECT *ln_objs[NUM_LN]={ &(nid_objs[151]),/* "pkcs8ShroudedKeyBag" */ &(nid_objs[47]),/* "pkcs9" */ &(nid_objs[661]),/* "postalCode" */ +&(nid_objs[683]),/* "ppBasis" */ &(nid_objs[406]),/* "prime-field" */ &(nid_objs[409]),/* "prime192v1" */ &(nid_objs[410]),/* "prime192v2" */ @@ -2966,9 +3408,44 @@ static ASN1_OBJECT *ln_objs[NUM_LN]={ &(nid_objs[290]),/* "sbgp-ipAddrBlock" */ &(nid_objs[292]),/* "sbgp-routerIdentifier" */ &(nid_objs[159]),/* "sdsiCertificate" */ +&(nid_objs[704]),/* "secp112r1" */ +&(nid_objs[705]),/* "secp112r2" */ +&(nid_objs[706]),/* "secp128r1" */ +&(nid_objs[707]),/* "secp128r2" */ +&(nid_objs[708]),/* "secp160k1" */ +&(nid_objs[709]),/* "secp160r1" */ +&(nid_objs[710]),/* "secp160r2" */ +&(nid_objs[711]),/* "secp192k1" */ +&(nid_objs[712]),/* "secp224k1" */ +&(nid_objs[713]),/* "secp224r1" */ +&(nid_objs[714]),/* "secp256k1" */ +&(nid_objs[715]),/* "secp384r1" */ +&(nid_objs[716]),/* "secp521r1" */ &(nid_objs[154]),/* "secretBag" */ &(nid_objs[474]),/* "secretary" */ +&(nid_objs[717]),/* "sect113r1" */ +&(nid_objs[718]),/* "sect113r2" */ +&(nid_objs[719]),/* "sect131r1" */ +&(nid_objs[720]),/* "sect131r2" */ +&(nid_objs[721]),/* "sect163k1" */ +&(nid_objs[722]),/* "sect163r1" */ +&(nid_objs[723]),/* "sect163r2" */ +&(nid_objs[724]),/* "sect193r1" */ +&(nid_objs[725]),/* "sect193r2" */ +&(nid_objs[726]),/* "sect233k1" */ +&(nid_objs[727]),/* "sect233r1" */ +&(nid_objs[728]),/* "sect239k1" */ +&(nid_objs[729]),/* "sect283k1" */ +&(nid_objs[730]),/* "sect283r1" */ +&(nid_objs[731]),/* "sect409k1" */ +&(nid_objs[732]),/* "sect409r1" */ +&(nid_objs[733]),/* "sect571k1" */ +&(nid_objs[734]),/* "sect571r1" */ &(nid_objs[635]),/* "secure device signature" */ +&(nid_objs[777]),/* "seed-cbc" */ +&(nid_objs[779]),/* "seed-cfb" */ +&(nid_objs[776]),/* "seed-ecb" */ +&(nid_objs[778]),/* "seed-ofb" */ &(nid_objs[105]),/* "serialNumber" */ &(nid_objs[625]),/* "set-addPolicy" */ &(nid_objs[515]),/* "set-attr" */ @@ -3111,6 +3588,7 @@ static ASN1_OBJECT *ln_objs[NUM_LN]={ &(nid_objs[459]),/* "textEncodedORAddress" */ &(nid_objs[293]),/* "textNotice" */ &(nid_objs[106]),/* "title" */ +&(nid_objs[682]),/* "tpBasis" */ &(nid_objs[436]),/* "ucl" */ &(nid_objs[ 0]),/* "undefined" */ &(nid_objs[55]),/* "unstructuredAddress" */ @@ -3118,6 +3596,19 @@ static ASN1_OBJECT *ln_objs[NUM_LN]={ &(nid_objs[465]),/* "userClass" */ &(nid_objs[458]),/* "userId" */ &(nid_objs[373]),/* "valid" */ +&(nid_objs[678]),/* "wap" */ +&(nid_objs[679]),/* "wap-wsg" */ +&(nid_objs[735]),/* "wap-wsg-idm-ecid-wtls1" */ +&(nid_objs[743]),/* "wap-wsg-idm-ecid-wtls10" */ +&(nid_objs[744]),/* "wap-wsg-idm-ecid-wtls11" */ +&(nid_objs[745]),/* "wap-wsg-idm-ecid-wtls12" */ +&(nid_objs[736]),/* "wap-wsg-idm-ecid-wtls3" */ +&(nid_objs[737]),/* "wap-wsg-idm-ecid-wtls4" */ +&(nid_objs[738]),/* "wap-wsg-idm-ecid-wtls5" */ +&(nid_objs[739]),/* "wap-wsg-idm-ecid-wtls6" */ +&(nid_objs[740]),/* "wap-wsg-idm-ecid-wtls7" */ +&(nid_objs[741]),/* "wap-wsg-idm-ecid-wtls8" */ +&(nid_objs[742]),/* "wap-wsg-idm-ecid-wtls9" */ &(nid_objs[503]),/* "x500UniqueIdentifier" */ &(nid_objs[158]),/* "x509Certificate" */ &(nid_objs[160]),/* "x509Crl" */ @@ -3126,21 +3617,27 @@ static ASN1_OBJECT *ln_objs[NUM_LN]={ static ASN1_OBJECT *obj_objs[NUM_OBJ]={ &(nid_objs[ 0]),/* OBJ_undef 0 */ -&(nid_objs[404]),/* OBJ_ccitt 0 */ +&(nid_objs[393]),/* OBJ_joint_iso_ccitt OBJ_joint_iso_itu_t */ +&(nid_objs[404]),/* OBJ_ccitt OBJ_itu_t */ +&(nid_objs[645]),/* OBJ_itu_t 0 */ &(nid_objs[434]),/* OBJ_data 0 9 */ &(nid_objs[181]),/* OBJ_iso 1 */ &(nid_objs[182]),/* OBJ_member_body 1 2 */ &(nid_objs[379]),/* OBJ_org 1 3 */ -&(nid_objs[393]),/* OBJ_joint_iso_ccitt 2 */ +&(nid_objs[676]),/* OBJ_identified_organization 1 3 */ +&(nid_objs[646]),/* OBJ_joint_iso_itu_t 2 */ &(nid_objs[11]),/* OBJ_X500 2 5 */ +&(nid_objs[647]),/* OBJ_international_organizations 2 23 */ &(nid_objs[380]),/* OBJ_dod 1 3 6 */ &(nid_objs[12]),/* OBJ_X509 2 5 4 */ &(nid_objs[378]),/* OBJ_X500algorithms 2 5 8 */ &(nid_objs[81]),/* OBJ_id_ce 2 5 29 */ &(nid_objs[512]),/* OBJ_id_set 2 23 42 */ +&(nid_objs[678]),/* OBJ_wap 2 23 43 */ &(nid_objs[435]),/* OBJ_pss 0 9 2342 */ &(nid_objs[183]),/* OBJ_ISO_US 1 2 840 */ &(nid_objs[381]),/* OBJ_iana 1 3 6 1 */ +&(nid_objs[677]),/* OBJ_certicom_arc 1 3 132 */ &(nid_objs[394]),/* OBJ_selected_attribute_types 2 5 1 5 */ &(nid_objs[13]),/* OBJ_commonName 2 5 4 3 */ &(nid_objs[100]),/* OBJ_surname 2 5 4 4 */ @@ -3162,6 +3659,7 @@ static ASN1_OBJECT *obj_objs[NUM_OBJ]={ &(nid_objs[174]),/* OBJ_dnQualifier 2 5 4 46 */ &(nid_objs[510]),/* OBJ_pseudonym 2 5 4 65 */ &(nid_objs[400]),/* OBJ_role 2 5 4 72 */ +&(nid_objs[769]),/* OBJ_subject_directory_attributes 2 5 29 9 */ &(nid_objs[82]),/* OBJ_subject_key_identifier 2 5 29 14 */ &(nid_objs[83]),/* OBJ_key_usage 2 5 29 15 */ &(nid_objs[84]),/* OBJ_private_key_usage_period 2 5 29 16 */ @@ -3173,12 +3671,16 @@ static ASN1_OBJECT *obj_objs[NUM_OBJ]={ &(nid_objs[430]),/* OBJ_hold_instruction_code 2 5 29 23 */ &(nid_objs[142]),/* OBJ_invalidity_date 2 5 29 24 */ &(nid_objs[140]),/* OBJ_delta_crl 2 5 29 27 */ +&(nid_objs[770]),/* OBJ_issuing_distribution_point 2 5 29 28 */ +&(nid_objs[771]),/* OBJ_certificate_issuer 2 5 29 29 */ &(nid_objs[666]),/* OBJ_name_constraints 2 5 29 30 */ &(nid_objs[103]),/* OBJ_crl_distribution_points 2 5 29 31 */ &(nid_objs[89]),/* OBJ_certificate_policies 2 5 29 32 */ +&(nid_objs[747]),/* OBJ_policy_mappings 2 5 29 33 */ &(nid_objs[90]),/* OBJ_authority_key_identifier 2 5 29 35 */ &(nid_objs[401]),/* OBJ_policy_constraints 2 5 29 36 */ &(nid_objs[126]),/* OBJ_ext_key_usage 2 5 29 37 */ +&(nid_objs[748]),/* OBJ_inhibit_any_policy 2 5 29 54 */ &(nid_objs[402]),/* OBJ_target_information 2 5 29 55 */ &(nid_objs[403]),/* OBJ_no_rev_avail 2 5 29 56 */ &(nid_objs[513]),/* OBJ_set_ctype 2 23 42 0 */ @@ -3187,6 +3689,7 @@ static ASN1_OBJECT *obj_objs[NUM_OBJ]={ &(nid_objs[516]),/* OBJ_set_policy 2 23 42 5 */ &(nid_objs[517]),/* OBJ_set_certExt 2 23 42 7 */ &(nid_objs[518]),/* OBJ_set_brand 2 23 42 8 */ +&(nid_objs[679]),/* OBJ_wap_wsg 2 23 43 13 */ &(nid_objs[382]),/* OBJ_Directory 1 3 6 1 1 */ &(nid_objs[383]),/* OBJ_Management 1 3 6 1 2 */ &(nid_objs[384]),/* OBJ_Experimental 1 3 6 1 3 */ @@ -3199,6 +3702,7 @@ static ASN1_OBJECT *obj_objs[NUM_OBJ]={ &(nid_objs[19]),/* OBJ_rsa 2 5 8 1 1 */ &(nid_objs[96]),/* OBJ_mdc2WithRSA 2 5 8 3 100 */ &(nid_objs[95]),/* OBJ_mdc2 2 5 8 3 101 */ +&(nid_objs[746]),/* OBJ_any_policy 2 5 29 32 0 */ &(nid_objs[519]),/* OBJ_setct_PANData 2 23 42 0 0 */ &(nid_objs[520]),/* OBJ_setct_PANToken 2 23 42 0 1 */ &(nid_objs[521]),/* OBJ_setct_PANOnly 2 23 42 0 2 */ @@ -3330,6 +3834,37 @@ static ASN1_OBJECT *obj_objs[NUM_OBJ]={ &(nid_objs[115]),/* OBJ_sha1WithRSA 1 3 14 3 2 29 */ &(nid_objs[117]),/* OBJ_ripemd160 1 3 36 3 2 1 */ &(nid_objs[143]),/* OBJ_sxnet 1 3 101 1 4 1 */ +&(nid_objs[721]),/* OBJ_sect163k1 1 3 132 0 1 */ +&(nid_objs[722]),/* OBJ_sect163r1 1 3 132 0 2 */ +&(nid_objs[728]),/* OBJ_sect239k1 1 3 132 0 3 */ +&(nid_objs[717]),/* OBJ_sect113r1 1 3 132 0 4 */ +&(nid_objs[718]),/* OBJ_sect113r2 1 3 132 0 5 */ +&(nid_objs[704]),/* OBJ_secp112r1 1 3 132 0 6 */ +&(nid_objs[705]),/* OBJ_secp112r2 1 3 132 0 7 */ +&(nid_objs[709]),/* OBJ_secp160r1 1 3 132 0 8 */ +&(nid_objs[708]),/* OBJ_secp160k1 1 3 132 0 9 */ +&(nid_objs[714]),/* OBJ_secp256k1 1 3 132 0 10 */ +&(nid_objs[723]),/* OBJ_sect163r2 1 3 132 0 15 */ +&(nid_objs[729]),/* OBJ_sect283k1 1 3 132 0 16 */ +&(nid_objs[730]),/* OBJ_sect283r1 1 3 132 0 17 */ +&(nid_objs[719]),/* OBJ_sect131r1 1 3 132 0 22 */ +&(nid_objs[720]),/* OBJ_sect131r2 1 3 132 0 23 */ +&(nid_objs[724]),/* OBJ_sect193r1 1 3 132 0 24 */ +&(nid_objs[725]),/* OBJ_sect193r2 1 3 132 0 25 */ +&(nid_objs[726]),/* OBJ_sect233k1 1 3 132 0 26 */ +&(nid_objs[727]),/* OBJ_sect233r1 1 3 132 0 27 */ +&(nid_objs[706]),/* OBJ_secp128r1 1 3 132 0 28 */ +&(nid_objs[707]),/* OBJ_secp128r2 1 3 132 0 29 */ +&(nid_objs[710]),/* OBJ_secp160r2 1 3 132 0 30 */ +&(nid_objs[711]),/* OBJ_secp192k1 1 3 132 0 31 */ +&(nid_objs[712]),/* OBJ_secp224k1 1 3 132 0 32 */ +&(nid_objs[713]),/* OBJ_secp224r1 1 3 132 0 33 */ +&(nid_objs[715]),/* OBJ_secp384r1 1 3 132 0 34 */ +&(nid_objs[716]),/* OBJ_secp521r1 1 3 132 0 35 */ +&(nid_objs[731]),/* OBJ_sect409k1 1 3 132 0 36 */ +&(nid_objs[732]),/* OBJ_sect409r1 1 3 132 0 37 */ +&(nid_objs[733]),/* OBJ_sect571k1 1 3 132 0 38 */ +&(nid_objs[734]),/* OBJ_sect571r1 1 3 132 0 39 */ &(nid_objs[624]),/* OBJ_set_rootKeyThumb 2 23 42 3 0 0 */ &(nid_objs[625]),/* OBJ_set_addPolicy 2 23 42 3 0 1 */ &(nid_objs[626]),/* OBJ_setAttr_Token_EMV 2 23 42 3 2 1 */ @@ -3338,8 +3873,19 @@ static ASN1_OBJECT *obj_objs[NUM_OBJ]={ &(nid_objs[629]),/* OBJ_setAttr_IssCap_T2 2 23 42 3 3 4 */ &(nid_objs[630]),/* OBJ_setAttr_IssCap_Sig 2 23 42 3 3 5 */ &(nid_objs[642]),/* OBJ_set_brand_Novus 2 23 42 8 6011 */ +&(nid_objs[735]),/* OBJ_wap_wsg_idm_ecid_wtls1 2 23 43 13 4 1 */ +&(nid_objs[736]),/* OBJ_wap_wsg_idm_ecid_wtls3 2 23 43 13 4 3 */ +&(nid_objs[737]),/* OBJ_wap_wsg_idm_ecid_wtls4 2 23 43 13 4 4 */ +&(nid_objs[738]),/* OBJ_wap_wsg_idm_ecid_wtls5 2 23 43 13 4 5 */ +&(nid_objs[739]),/* OBJ_wap_wsg_idm_ecid_wtls6 2 23 43 13 4 6 */ +&(nid_objs[740]),/* OBJ_wap_wsg_idm_ecid_wtls7 2 23 43 13 4 7 */ +&(nid_objs[741]),/* OBJ_wap_wsg_idm_ecid_wtls8 2 23 43 13 4 8 */ +&(nid_objs[742]),/* OBJ_wap_wsg_idm_ecid_wtls9 2 23 43 13 4 9 */ +&(nid_objs[743]),/* OBJ_wap_wsg_idm_ecid_wtls10 2 23 43 13 4 10 */ +&(nid_objs[744]),/* OBJ_wap_wsg_idm_ecid_wtls11 2 23 43 13 4 11 */ +&(nid_objs[745]),/* OBJ_wap_wsg_idm_ecid_wtls12 2 23 43 13 4 12 */ &(nid_objs[124]),/* OBJ_rle_compression 1 1 1 1 666 1 */ -&(nid_objs[125]),/* OBJ_zlib_compression 1 1 1 1 666 2 */ +&(nid_objs[773]),/* OBJ_kisa 1 2 410 200004 */ &(nid_objs[ 1]),/* OBJ_rsadsi 1 2 840 113549 */ &(nid_objs[185]),/* OBJ_X9cm 1 2 840 10040 4 */ &(nid_objs[127]),/* OBJ_id_pkix 1 3 6 1 5 5 7 */ @@ -3380,7 +3926,20 @@ static ASN1_OBJECT *obj_objs[NUM_OBJ]={ &(nid_objs[507]),/* OBJ_id_hex_partial_message 1 3 6 1 7 1 1 1 */ &(nid_objs[508]),/* OBJ_id_hex_multipart_message 1 3 6 1 7 1 1 2 */ &(nid_objs[57]),/* OBJ_netscape 2 16 840 1 113730 */ +&(nid_objs[754]),/* OBJ_camellia_128_ecb 0 3 4401 5 3 1 9 1 */ +&(nid_objs[766]),/* OBJ_camellia_128_ofb128 0 3 4401 5 3 1 9 3 */ +&(nid_objs[757]),/* OBJ_camellia_128_cfb128 0 3 4401 5 3 1 9 4 */ +&(nid_objs[755]),/* OBJ_camellia_192_ecb 0 3 4401 5 3 1 9 21 */ +&(nid_objs[767]),/* OBJ_camellia_192_ofb128 0 3 4401 5 3 1 9 23 */ +&(nid_objs[758]),/* OBJ_camellia_192_cfb128 0 3 4401 5 3 1 9 24 */ +&(nid_objs[756]),/* OBJ_camellia_256_ecb 0 3 4401 5 3 1 9 41 */ +&(nid_objs[768]),/* OBJ_camellia_256_ofb128 0 3 4401 5 3 1 9 43 */ +&(nid_objs[759]),/* OBJ_camellia_256_cfb128 0 3 4401 5 3 1 9 44 */ &(nid_objs[437]),/* OBJ_pilot 0 9 2342 19200300 100 */ +&(nid_objs[776]),/* OBJ_seed_ecb 1 2 410 200004 1 3 */ +&(nid_objs[777]),/* OBJ_seed_cbc 1 2 410 200004 1 4 */ +&(nid_objs[779]),/* OBJ_seed_cfb128 1 2 410 200004 1 5 */ +&(nid_objs[778]),/* OBJ_seed_ofb128 1 2 410 200004 1 6 */ &(nid_objs[186]),/* OBJ_pkcs1 1 2 840 113549 1 1 */ &(nid_objs[27]),/* OBJ_pkcs3 1 2 840 113549 1 3 */ &(nid_objs[187]),/* OBJ_pkcs5 1 2 840 113549 1 5 */ @@ -3395,6 +3954,27 @@ static ASN1_OBJECT *obj_objs[NUM_OBJ]={ &(nid_objs[44]),/* OBJ_des_ede3_cbc 1 2 840 113549 3 7 */ &(nid_objs[120]),/* OBJ_rc5_cbc 1 2 840 113549 3 8 */ &(nid_objs[643]),/* OBJ_des_cdmf 1 2 840 113549 3 10 */ +&(nid_objs[680]),/* OBJ_X9_62_id_characteristic_two_basis 1 2 840 10045 1 2 3 */ +&(nid_objs[684]),/* OBJ_X9_62_c2pnb163v1 1 2 840 10045 3 0 1 */ +&(nid_objs[685]),/* OBJ_X9_62_c2pnb163v2 1 2 840 10045 3 0 2 */ +&(nid_objs[686]),/* OBJ_X9_62_c2pnb163v3 1 2 840 10045 3 0 3 */ +&(nid_objs[687]),/* OBJ_X9_62_c2pnb176v1 1 2 840 10045 3 0 4 */ +&(nid_objs[688]),/* OBJ_X9_62_c2tnb191v1 1 2 840 10045 3 0 5 */ +&(nid_objs[689]),/* OBJ_X9_62_c2tnb191v2 1 2 840 10045 3 0 6 */ +&(nid_objs[690]),/* OBJ_X9_62_c2tnb191v3 1 2 840 10045 3 0 7 */ +&(nid_objs[691]),/* OBJ_X9_62_c2onb191v4 1 2 840 10045 3 0 8 */ +&(nid_objs[692]),/* OBJ_X9_62_c2onb191v5 1 2 840 10045 3 0 9 */ +&(nid_objs[693]),/* OBJ_X9_62_c2pnb208w1 1 2 840 10045 3 0 10 */ +&(nid_objs[694]),/* OBJ_X9_62_c2tnb239v1 1 2 840 10045 3 0 11 */ +&(nid_objs[695]),/* OBJ_X9_62_c2tnb239v2 1 2 840 10045 3 0 12 */ +&(nid_objs[696]),/* OBJ_X9_62_c2tnb239v3 1 2 840 10045 3 0 13 */ +&(nid_objs[697]),/* OBJ_X9_62_c2onb239v4 1 2 840 10045 3 0 14 */ +&(nid_objs[698]),/* OBJ_X9_62_c2onb239v5 1 2 840 10045 3 0 15 */ +&(nid_objs[699]),/* OBJ_X9_62_c2pnb272w1 1 2 840 10045 3 0 16 */ +&(nid_objs[700]),/* OBJ_X9_62_c2pnb304w1 1 2 840 10045 3 0 17 */ +&(nid_objs[701]),/* OBJ_X9_62_c2tnb359v1 1 2 840 10045 3 0 18 */ +&(nid_objs[702]),/* OBJ_X9_62_c2pnb368w1 1 2 840 10045 3 0 19 */ +&(nid_objs[703]),/* OBJ_X9_62_c2tnb431r1 1 2 840 10045 3 0 20 */ &(nid_objs[409]),/* OBJ_X9_62_prime192v1 1 2 840 10045 3 1 1 */ &(nid_objs[410]),/* OBJ_X9_62_prime192v2 1 2 840 10045 3 1 2 */ &(nid_objs[411]),/* OBJ_X9_62_prime192v3 1 2 840 10045 3 1 3 */ @@ -3458,6 +4038,7 @@ static ASN1_OBJECT *obj_objs[NUM_OBJ]={ &(nid_objs[310]),/* OBJ_id_it_implicitConfirm 1 3 6 1 5 5 7 4 13 */ &(nid_objs[311]),/* OBJ_id_it_confirmWaitTime 1 3 6 1 5 5 7 4 14 */ &(nid_objs[312]),/* OBJ_id_it_origPKIMessage 1 3 6 1 5 5 7 4 15 */ +&(nid_objs[784]),/* OBJ_id_it_suppLangTags 1 3 6 1 5 5 7 4 16 */ &(nid_objs[313]),/* OBJ_id_regCtrl 1 3 6 1 5 5 7 5 1 */ &(nid_objs[314]),/* OBJ_id_regInfo 1 3 6 1 5 5 7 5 2 */ &(nid_objs[323]),/* OBJ_id_alg_des40 1 3 6 1 5 5 7 6 1 */ @@ -3507,6 +4088,9 @@ static ASN1_OBJECT *obj_objs[NUM_OBJ]={ &(nid_objs[179]),/* OBJ_ad_ca_issuers 1 3 6 1 5 5 7 48 2 */ &(nid_objs[363]),/* OBJ_ad_timeStamping 1 3 6 1 5 5 7 48 3 */ &(nid_objs[364]),/* OBJ_ad_dvcs 1 3 6 1 5 5 7 48 4 */ +&(nid_objs[785]),/* OBJ_caRepository 1 3 6 1 5 5 7 48 5 */ +&(nid_objs[780]),/* OBJ_hmac_md5 1 3 6 1 5 5 8 1 1 */ +&(nid_objs[781]),/* OBJ_hmac_sha1 1 3 6 1 5 5 8 1 2 */ &(nid_objs[58]),/* OBJ_netscape_cert_extension 2 16 840 1 113730 1 */ &(nid_objs[59]),/* OBJ_netscape_data_type 2 16 840 1 113730 2 */ &(nid_objs[438]),/* OBJ_pilotAttributeType 0 9 2342 19200300 100 1 */ @@ -3515,6 +4099,8 @@ static ASN1_OBJECT *obj_objs[NUM_OBJ]={ &(nid_objs[441]),/* OBJ_pilotGroups 0 9 2342 19200300 100 10 */ &(nid_objs[108]),/* OBJ_cast5_cbc 1 2 840 113533 7 66 10 */ &(nid_objs[112]),/* OBJ_pbeWithMD5AndCast5_CBC 1 2 840 113533 7 66 12 */ +&(nid_objs[782]),/* OBJ_id_PasswordBasedMAC 1 2 840 113533 7 66 13 */ +&(nid_objs[783]),/* OBJ_id_DHBasedMac 1 2 840 113533 7 66 30 */ &(nid_objs[ 6]),/* OBJ_rsaEncryption 1 2 840 113549 1 1 1 */ &(nid_objs[ 7]),/* OBJ_md2WithRSAEncryption 1 2 840 113549 1 1 2 */ &(nid_objs[396]),/* OBJ_md4WithRSAEncryption 1 2 840 113549 1 1 3 */ @@ -3555,6 +4141,9 @@ static ASN1_OBJECT *obj_objs[NUM_OBJ]={ &(nid_objs[188]),/* OBJ_SMIME 1 2 840 113549 1 9 16 */ &(nid_objs[156]),/* OBJ_friendlyName 1 2 840 113549 1 9 20 */ &(nid_objs[157]),/* OBJ_localKeyID 1 2 840 113549 1 9 21 */ +&(nid_objs[681]),/* OBJ_X9_62_onBasis 1 2 840 10045 1 2 3 1 */ +&(nid_objs[682]),/* OBJ_X9_62_tpBasis 1 2 840 10045 1 2 3 2 */ +&(nid_objs[683]),/* OBJ_X9_62_ppBasis 1 2 840 10045 1 2 3 3 */ &(nid_objs[417]),/* OBJ_ms_csp_name 1 3 6 1 4 1 311 17 1 */ &(nid_objs[390]),/* OBJ_dcObject 1 3 6 1 4 1 1466 344 */ &(nid_objs[91]),/* OBJ_bf_cbc 1 3 6 1 4 1 3029 1 2 */ @@ -3581,14 +4170,17 @@ static ASN1_OBJECT *obj_objs[NUM_OBJ]={ &(nid_objs[419]),/* OBJ_aes_128_cbc 2 16 840 1 101 3 4 1 2 */ &(nid_objs[420]),/* OBJ_aes_128_ofb128 2 16 840 1 101 3 4 1 3 */ &(nid_objs[421]),/* OBJ_aes_128_cfb128 2 16 840 1 101 3 4 1 4 */ +&(nid_objs[788]),/* OBJ_id_aes128_wrap 2 16 840 1 101 3 4 1 5 */ &(nid_objs[422]),/* OBJ_aes_192_ecb 2 16 840 1 101 3 4 1 21 */ &(nid_objs[423]),/* OBJ_aes_192_cbc 2 16 840 1 101 3 4 1 22 */ &(nid_objs[424]),/* OBJ_aes_192_ofb128 2 16 840 1 101 3 4 1 23 */ &(nid_objs[425]),/* OBJ_aes_192_cfb128 2 16 840 1 101 3 4 1 24 */ +&(nid_objs[789]),/* OBJ_id_aes192_wrap 2 16 840 1 101 3 4 1 25 */ &(nid_objs[426]),/* OBJ_aes_256_ecb 2 16 840 1 101 3 4 1 41 */ &(nid_objs[427]),/* OBJ_aes_256_cbc 2 16 840 1 101 3 4 1 42 */ &(nid_objs[428]),/* OBJ_aes_256_ofb128 2 16 840 1 101 3 4 1 43 */ &(nid_objs[429]),/* OBJ_aes_256_cfb128 2 16 840 1 101 3 4 1 44 */ +&(nid_objs[790]),/* OBJ_id_aes256_wrap 2 16 840 1 101 3 4 1 45 */ &(nid_objs[672]),/* OBJ_sha256 2 16 840 1 101 3 4 2 1 */ &(nid_objs[673]),/* OBJ_sha384 2 16 840 1 101 3 4 2 2 */ &(nid_objs[674]),/* OBJ_sha512 2 16 840 1 101 3 4 2 3 */ @@ -3690,6 +4282,9 @@ static ASN1_OBJECT *obj_objs[NUM_OBJ]={ &(nid_objs[138]),/* OBJ_ms_efs 1 3 6 1 4 1 311 10 3 4 */ &(nid_objs[648]),/* OBJ_ms_smartcard_login 1 3 6 1 4 1 311 20 2 2 */ &(nid_objs[649]),/* OBJ_ms_upn 1 3 6 1 4 1 311 20 2 3 */ +&(nid_objs[751]),/* OBJ_camellia_128_cbc 1 2 392 200011 61 1 1 1 2 */ +&(nid_objs[752]),/* OBJ_camellia_192_cbc 1 2 392 200011 61 1 1 1 3 */ +&(nid_objs[753]),/* OBJ_camellia_256_cbc 1 2 392 200011 61 1 1 1 4 */ &(nid_objs[196]),/* OBJ_id_smime_mod_cms 1 2 840 113549 1 9 16 0 1 */ &(nid_objs[197]),/* OBJ_id_smime_mod_ess 1 2 840 113549 1 9 16 0 2 */ &(nid_objs[198]),/* OBJ_id_smime_mod_oid 1 2 840 113549 1 9 16 0 3 */ @@ -3706,6 +4301,8 @@ static ASN1_OBJECT *obj_objs[NUM_OBJ]={ &(nid_objs[209]),/* OBJ_id_smime_ct_contentInfo 1 2 840 113549 1 9 16 1 6 */ &(nid_objs[210]),/* OBJ_id_smime_ct_DVCSRequestData 1 2 840 113549 1 9 16 1 7 */ &(nid_objs[211]),/* OBJ_id_smime_ct_DVCSResponseData 1 2 840 113549 1 9 16 1 8 */ +&(nid_objs[786]),/* OBJ_id_smime_ct_compressedData 1 2 840 113549 1 9 16 1 9 */ +&(nid_objs[787]),/* OBJ_id_ct_asciiTextWithCRLF 1 2 840 113549 1 9 16 1 27 */ &(nid_objs[212]),/* OBJ_id_smime_aa_receiptRequest 1 2 840 113549 1 9 16 2 1 */ &(nid_objs[213]),/* OBJ_id_smime_aa_securityLabel 1 2 840 113549 1 9 16 2 2 */ &(nid_objs[214]),/* OBJ_id_smime_aa_mlExpandHistory 1 2 840 113549 1 9 16 2 3 */ @@ -3742,6 +4339,7 @@ static ASN1_OBJECT *obj_objs[NUM_OBJ]={ &(nid_objs[245]),/* OBJ_id_smime_alg_ESDH 1 2 840 113549 1 9 16 3 5 */ &(nid_objs[246]),/* OBJ_id_smime_alg_CMS3DESwrap 1 2 840 113549 1 9 16 3 6 */ &(nid_objs[247]),/* OBJ_id_smime_alg_CMSRC2wrap 1 2 840 113549 1 9 16 3 7 */ +&(nid_objs[125]),/* OBJ_zlib_compression 1 2 840 113549 1 9 16 3 8 */ &(nid_objs[248]),/* OBJ_id_smime_cd_ldap 1 2 840 113549 1 9 16 4 1 */ &(nid_objs[249]),/* OBJ_id_smime_spq_ets_sqt_uri 1 2 840 113549 1 9 16 5 1 */ &(nid_objs[250]),/* OBJ_id_smime_spq_ets_sqt_unotice 1 2 840 113549 1 9 16 5 2 */ diff --git a/src/lib/libcrypto/objects/obj_mac.h b/src/lib/libcrypto/objects/obj_mac.h index 51bb50047f..76d5ec9c0b 100644 --- a/src/lib/libcrypto/objects/obj_mac.h +++ b/src/lib/libcrypto/objects/obj_mac.h @@ -67,30 +67,67 @@ #define NID_undef 0 #define OBJ_undef 0L -#define SN_ccitt "CCITT" -#define LN_ccitt "ccitt" +#define SN_itu_t "ITU-T" +#define LN_itu_t "itu-t" +#define NID_itu_t 645 +#define OBJ_itu_t 0L + #define NID_ccitt 404 -#define OBJ_ccitt 0L +#define OBJ_ccitt OBJ_itu_t #define SN_iso "ISO" #define LN_iso "iso" #define NID_iso 181 #define OBJ_iso 1L -#define SN_joint_iso_ccitt "JOINT-ISO-CCITT" -#define LN_joint_iso_ccitt "joint-iso-ccitt" +#define SN_joint_iso_itu_t "JOINT-ISO-ITU-T" +#define LN_joint_iso_itu_t "joint-iso-itu-t" +#define NID_joint_iso_itu_t 646 +#define OBJ_joint_iso_itu_t 2L + #define NID_joint_iso_ccitt 393 -#define OBJ_joint_iso_ccitt 2L +#define OBJ_joint_iso_ccitt OBJ_joint_iso_itu_t #define SN_member_body "member-body" #define LN_member_body "ISO Member Body" #define NID_member_body 182 #define OBJ_member_body OBJ_iso,2L +#define SN_identified_organization "identified-organization" +#define NID_identified_organization 676 +#define OBJ_identified_organization OBJ_iso,3L + +#define SN_hmac_md5 "HMAC-MD5" +#define LN_hmac_md5 "hmac-md5" +#define NID_hmac_md5 780 +#define OBJ_hmac_md5 OBJ_identified_organization,6L,1L,5L,5L,8L,1L,1L + +#define SN_hmac_sha1 "HMAC-SHA1" +#define LN_hmac_sha1 "hmac-sha1" +#define NID_hmac_sha1 781 +#define OBJ_hmac_sha1 OBJ_identified_organization,6L,1L,5L,5L,8L,1L,2L + +#define SN_certicom_arc "certicom-arc" +#define NID_certicom_arc 677 +#define OBJ_certicom_arc OBJ_identified_organization,132L + +#define SN_international_organizations "international-organizations" +#define LN_international_organizations "International Organizations" +#define NID_international_organizations 647 +#define OBJ_international_organizations OBJ_joint_iso_itu_t,23L + +#define SN_wap "wap" +#define NID_wap 678 +#define OBJ_wap OBJ_international_organizations,43L + +#define SN_wap_wsg "wap-wsg" +#define NID_wap_wsg 679 +#define OBJ_wap_wsg OBJ_wap,13L + #define SN_selected_attribute_types "selected-attribute-types" #define LN_selected_attribute_types "Selected Attribute Types" #define NID_selected_attribute_types 394 -#define OBJ_selected_attribute_types OBJ_joint_iso_ccitt,5L,1L,5L +#define OBJ_selected_attribute_types OBJ_joint_iso_itu_t,5L,1L,5L #define SN_clearance "clearance" #define NID_clearance 395 @@ -136,6 +173,22 @@ #define NID_X9_62_characteristic_two_field 407 #define OBJ_X9_62_characteristic_two_field OBJ_X9_62_id_fieldType,2L +#define SN_X9_62_id_characteristic_two_basis "id-characteristic-two-basis" +#define NID_X9_62_id_characteristic_two_basis 680 +#define OBJ_X9_62_id_characteristic_two_basis OBJ_X9_62_characteristic_two_field,3L + +#define SN_X9_62_onBasis "onBasis" +#define NID_X9_62_onBasis 681 +#define OBJ_X9_62_onBasis OBJ_X9_62_id_characteristic_two_basis,1L + +#define SN_X9_62_tpBasis "tpBasis" +#define NID_X9_62_tpBasis 682 +#define OBJ_X9_62_tpBasis OBJ_X9_62_id_characteristic_two_basis,2L + +#define SN_X9_62_ppBasis "ppBasis" +#define NID_X9_62_ppBasis 683 +#define OBJ_X9_62_ppBasis OBJ_X9_62_id_characteristic_two_basis,3L + #define OBJ_X9_62_id_publicKeyType OBJ_ansi_X9_62,2L #define SN_X9_62_id_ecPublicKey "id-ecPublicKey" @@ -146,6 +199,86 @@ #define OBJ_X9_62_c_TwoCurve OBJ_X9_62_ellipticCurve,0L +#define SN_X9_62_c2pnb163v1 "c2pnb163v1" +#define NID_X9_62_c2pnb163v1 684 +#define OBJ_X9_62_c2pnb163v1 OBJ_X9_62_c_TwoCurve,1L + +#define SN_X9_62_c2pnb163v2 "c2pnb163v2" +#define NID_X9_62_c2pnb163v2 685 +#define OBJ_X9_62_c2pnb163v2 OBJ_X9_62_c_TwoCurve,2L + +#define SN_X9_62_c2pnb163v3 "c2pnb163v3" +#define NID_X9_62_c2pnb163v3 686 +#define OBJ_X9_62_c2pnb163v3 OBJ_X9_62_c_TwoCurve,3L + +#define SN_X9_62_c2pnb176v1 "c2pnb176v1" +#define NID_X9_62_c2pnb176v1 687 +#define OBJ_X9_62_c2pnb176v1 OBJ_X9_62_c_TwoCurve,4L + +#define SN_X9_62_c2tnb191v1 "c2tnb191v1" +#define NID_X9_62_c2tnb191v1 688 +#define OBJ_X9_62_c2tnb191v1 OBJ_X9_62_c_TwoCurve,5L + +#define SN_X9_62_c2tnb191v2 "c2tnb191v2" +#define NID_X9_62_c2tnb191v2 689 +#define OBJ_X9_62_c2tnb191v2 OBJ_X9_62_c_TwoCurve,6L + +#define SN_X9_62_c2tnb191v3 "c2tnb191v3" +#define NID_X9_62_c2tnb191v3 690 +#define OBJ_X9_62_c2tnb191v3 OBJ_X9_62_c_TwoCurve,7L + +#define SN_X9_62_c2onb191v4 "c2onb191v4" +#define NID_X9_62_c2onb191v4 691 +#define OBJ_X9_62_c2onb191v4 OBJ_X9_62_c_TwoCurve,8L + +#define SN_X9_62_c2onb191v5 "c2onb191v5" +#define NID_X9_62_c2onb191v5 692 +#define OBJ_X9_62_c2onb191v5 OBJ_X9_62_c_TwoCurve,9L + +#define SN_X9_62_c2pnb208w1 "c2pnb208w1" +#define NID_X9_62_c2pnb208w1 693 +#define OBJ_X9_62_c2pnb208w1 OBJ_X9_62_c_TwoCurve,10L + +#define SN_X9_62_c2tnb239v1 "c2tnb239v1" +#define NID_X9_62_c2tnb239v1 694 +#define OBJ_X9_62_c2tnb239v1 OBJ_X9_62_c_TwoCurve,11L + +#define SN_X9_62_c2tnb239v2 "c2tnb239v2" +#define NID_X9_62_c2tnb239v2 695 +#define OBJ_X9_62_c2tnb239v2 OBJ_X9_62_c_TwoCurve,12L + +#define SN_X9_62_c2tnb239v3 "c2tnb239v3" +#define NID_X9_62_c2tnb239v3 696 +#define OBJ_X9_62_c2tnb239v3 OBJ_X9_62_c_TwoCurve,13L + +#define SN_X9_62_c2onb239v4 "c2onb239v4" +#define NID_X9_62_c2onb239v4 697 +#define OBJ_X9_62_c2onb239v4 OBJ_X9_62_c_TwoCurve,14L + +#define SN_X9_62_c2onb239v5 "c2onb239v5" +#define NID_X9_62_c2onb239v5 698 +#define OBJ_X9_62_c2onb239v5 OBJ_X9_62_c_TwoCurve,15L + +#define SN_X9_62_c2pnb272w1 "c2pnb272w1" +#define NID_X9_62_c2pnb272w1 699 +#define OBJ_X9_62_c2pnb272w1 OBJ_X9_62_c_TwoCurve,16L + +#define SN_X9_62_c2pnb304w1 "c2pnb304w1" +#define NID_X9_62_c2pnb304w1 700 +#define OBJ_X9_62_c2pnb304w1 OBJ_X9_62_c_TwoCurve,17L + +#define SN_X9_62_c2tnb359v1 "c2tnb359v1" +#define NID_X9_62_c2tnb359v1 701 +#define OBJ_X9_62_c2tnb359v1 OBJ_X9_62_c_TwoCurve,18L + +#define SN_X9_62_c2pnb368w1 "c2pnb368w1" +#define NID_X9_62_c2pnb368w1 702 +#define OBJ_X9_62_c2pnb368w1 OBJ_X9_62_c_TwoCurve,19L + +#define SN_X9_62_c2tnb431r1 "c2tnb431r1" +#define NID_X9_62_c2tnb431r1 703 +#define OBJ_X9_62_c2tnb431r1 OBJ_X9_62_c_TwoCurve,20L + #define OBJ_X9_62_primeCurve OBJ_X9_62_ellipticCurve,1L #define SN_X9_62_prime192v1 "prime192v1" @@ -182,6 +315,178 @@ #define NID_ecdsa_with_SHA1 416 #define OBJ_ecdsa_with_SHA1 OBJ_X9_62_id_ecSigType,1L +#define OBJ_secg_ellipticCurve OBJ_certicom_arc,0L + +#define SN_secp112r1 "secp112r1" +#define NID_secp112r1 704 +#define OBJ_secp112r1 OBJ_secg_ellipticCurve,6L + +#define SN_secp112r2 "secp112r2" +#define NID_secp112r2 705 +#define OBJ_secp112r2 OBJ_secg_ellipticCurve,7L + +#define SN_secp128r1 "secp128r1" +#define NID_secp128r1 706 +#define OBJ_secp128r1 OBJ_secg_ellipticCurve,28L + +#define SN_secp128r2 "secp128r2" +#define NID_secp128r2 707 +#define OBJ_secp128r2 OBJ_secg_ellipticCurve,29L + +#define SN_secp160k1 "secp160k1" +#define NID_secp160k1 708 +#define OBJ_secp160k1 OBJ_secg_ellipticCurve,9L + +#define SN_secp160r1 "secp160r1" +#define NID_secp160r1 709 +#define OBJ_secp160r1 OBJ_secg_ellipticCurve,8L + +#define SN_secp160r2 "secp160r2" +#define NID_secp160r2 710 +#define OBJ_secp160r2 OBJ_secg_ellipticCurve,30L + +#define SN_secp192k1 "secp192k1" +#define NID_secp192k1 711 +#define OBJ_secp192k1 OBJ_secg_ellipticCurve,31L + +#define SN_secp224k1 "secp224k1" +#define NID_secp224k1 712 +#define OBJ_secp224k1 OBJ_secg_ellipticCurve,32L + +#define SN_secp224r1 "secp224r1" +#define NID_secp224r1 713 +#define OBJ_secp224r1 OBJ_secg_ellipticCurve,33L + +#define SN_secp256k1 "secp256k1" +#define NID_secp256k1 714 +#define OBJ_secp256k1 OBJ_secg_ellipticCurve,10L + +#define SN_secp384r1 "secp384r1" +#define NID_secp384r1 715 +#define OBJ_secp384r1 OBJ_secg_ellipticCurve,34L + +#define SN_secp521r1 "secp521r1" +#define NID_secp521r1 716 +#define OBJ_secp521r1 OBJ_secg_ellipticCurve,35L + +#define SN_sect113r1 "sect113r1" +#define NID_sect113r1 717 +#define OBJ_sect113r1 OBJ_secg_ellipticCurve,4L + +#define SN_sect113r2 "sect113r2" +#define NID_sect113r2 718 +#define OBJ_sect113r2 OBJ_secg_ellipticCurve,5L + +#define SN_sect131r1 "sect131r1" +#define NID_sect131r1 719 +#define OBJ_sect131r1 OBJ_secg_ellipticCurve,22L + +#define SN_sect131r2 "sect131r2" +#define NID_sect131r2 720 +#define OBJ_sect131r2 OBJ_secg_ellipticCurve,23L + +#define SN_sect163k1 "sect163k1" +#define NID_sect163k1 721 +#define OBJ_sect163k1 OBJ_secg_ellipticCurve,1L + +#define SN_sect163r1 "sect163r1" +#define NID_sect163r1 722 +#define OBJ_sect163r1 OBJ_secg_ellipticCurve,2L + +#define SN_sect163r2 "sect163r2" +#define NID_sect163r2 723 +#define OBJ_sect163r2 OBJ_secg_ellipticCurve,15L + +#define SN_sect193r1 "sect193r1" +#define NID_sect193r1 724 +#define OBJ_sect193r1 OBJ_secg_ellipticCurve,24L + +#define SN_sect193r2 "sect193r2" +#define NID_sect193r2 725 +#define OBJ_sect193r2 OBJ_secg_ellipticCurve,25L + +#define SN_sect233k1 "sect233k1" +#define NID_sect233k1 726 +#define OBJ_sect233k1 OBJ_secg_ellipticCurve,26L + +#define SN_sect233r1 "sect233r1" +#define NID_sect233r1 727 +#define OBJ_sect233r1 OBJ_secg_ellipticCurve,27L + +#define SN_sect239k1 "sect239k1" +#define NID_sect239k1 728 +#define OBJ_sect239k1 OBJ_secg_ellipticCurve,3L + +#define SN_sect283k1 "sect283k1" +#define NID_sect283k1 729 +#define OBJ_sect283k1 OBJ_secg_ellipticCurve,16L + +#define SN_sect283r1 "sect283r1" +#define NID_sect283r1 730 +#define OBJ_sect283r1 OBJ_secg_ellipticCurve,17L + +#define SN_sect409k1 "sect409k1" +#define NID_sect409k1 731 +#define OBJ_sect409k1 OBJ_secg_ellipticCurve,36L + +#define SN_sect409r1 "sect409r1" +#define NID_sect409r1 732 +#define OBJ_sect409r1 OBJ_secg_ellipticCurve,37L + +#define SN_sect571k1 "sect571k1" +#define NID_sect571k1 733 +#define OBJ_sect571k1 OBJ_secg_ellipticCurve,38L + +#define SN_sect571r1 "sect571r1" +#define NID_sect571r1 734 +#define OBJ_sect571r1 OBJ_secg_ellipticCurve,39L + +#define OBJ_wap_wsg_idm_ecid OBJ_wap_wsg,4L + +#define SN_wap_wsg_idm_ecid_wtls1 "wap-wsg-idm-ecid-wtls1" +#define NID_wap_wsg_idm_ecid_wtls1 735 +#define OBJ_wap_wsg_idm_ecid_wtls1 OBJ_wap_wsg_idm_ecid,1L + +#define SN_wap_wsg_idm_ecid_wtls3 "wap-wsg-idm-ecid-wtls3" +#define NID_wap_wsg_idm_ecid_wtls3 736 +#define OBJ_wap_wsg_idm_ecid_wtls3 OBJ_wap_wsg_idm_ecid,3L + +#define SN_wap_wsg_idm_ecid_wtls4 "wap-wsg-idm-ecid-wtls4" +#define NID_wap_wsg_idm_ecid_wtls4 737 +#define OBJ_wap_wsg_idm_ecid_wtls4 OBJ_wap_wsg_idm_ecid,4L + +#define SN_wap_wsg_idm_ecid_wtls5 "wap-wsg-idm-ecid-wtls5" +#define NID_wap_wsg_idm_ecid_wtls5 738 +#define OBJ_wap_wsg_idm_ecid_wtls5 OBJ_wap_wsg_idm_ecid,5L + +#define SN_wap_wsg_idm_ecid_wtls6 "wap-wsg-idm-ecid-wtls6" +#define NID_wap_wsg_idm_ecid_wtls6 739 +#define OBJ_wap_wsg_idm_ecid_wtls6 OBJ_wap_wsg_idm_ecid,6L + +#define SN_wap_wsg_idm_ecid_wtls7 "wap-wsg-idm-ecid-wtls7" +#define NID_wap_wsg_idm_ecid_wtls7 740 +#define OBJ_wap_wsg_idm_ecid_wtls7 OBJ_wap_wsg_idm_ecid,7L + +#define SN_wap_wsg_idm_ecid_wtls8 "wap-wsg-idm-ecid-wtls8" +#define NID_wap_wsg_idm_ecid_wtls8 741 +#define OBJ_wap_wsg_idm_ecid_wtls8 OBJ_wap_wsg_idm_ecid,8L + +#define SN_wap_wsg_idm_ecid_wtls9 "wap-wsg-idm-ecid-wtls9" +#define NID_wap_wsg_idm_ecid_wtls9 742 +#define OBJ_wap_wsg_idm_ecid_wtls9 OBJ_wap_wsg_idm_ecid,9L + +#define SN_wap_wsg_idm_ecid_wtls10 "wap-wsg-idm-ecid-wtls10" +#define NID_wap_wsg_idm_ecid_wtls10 743 +#define OBJ_wap_wsg_idm_ecid_wtls10 OBJ_wap_wsg_idm_ecid,10L + +#define SN_wap_wsg_idm_ecid_wtls11 "wap-wsg-idm-ecid-wtls11" +#define NID_wap_wsg_idm_ecid_wtls11 744 +#define OBJ_wap_wsg_idm_ecid_wtls11 OBJ_wap_wsg_idm_ecid,11L + +#define SN_wap_wsg_idm_ecid_wtls12 "wap-wsg-idm-ecid-wtls12" +#define NID_wap_wsg_idm_ecid_wtls12 745 +#define OBJ_wap_wsg_idm_ecid_wtls12 OBJ_wap_wsg_idm_ecid,12L + #define SN_cast5_cbc "CAST5-CBC" #define LN_cast5_cbc "cast5-cbc" #define NID_cast5_cbc 108 @@ -203,6 +508,16 @@ #define NID_pbeWithMD5AndCast5_CBC 112 #define OBJ_pbeWithMD5AndCast5_CBC OBJ_ISO_US,113533L,7L,66L,12L +#define SN_id_PasswordBasedMAC "id-PasswordBasedMAC" +#define LN_id_PasswordBasedMAC "password based MAC" +#define NID_id_PasswordBasedMAC 782 +#define OBJ_id_PasswordBasedMAC OBJ_ISO_US,113533L,7L,66L,13L + +#define SN_id_DHBasedMac "id-DHBasedMac" +#define LN_id_DHBasedMac "Diffie-Hellman based MAC" +#define NID_id_DHBasedMac 783 +#define OBJ_id_DHBasedMac OBJ_ISO_US,113533L,7L,66L,30L + #define SN_rsadsi "rsadsi" #define LN_rsadsi "RSA Data Security, Inc." #define NID_rsadsi 1 @@ -490,6 +805,14 @@ #define NID_id_smime_ct_DVCSResponseData 211 #define OBJ_id_smime_ct_DVCSResponseData OBJ_id_smime_ct,8L +#define SN_id_smime_ct_compressedData "id-smime-ct-compressedData" +#define NID_id_smime_ct_compressedData 786 +#define OBJ_id_smime_ct_compressedData OBJ_id_smime_ct,9L + +#define SN_id_ct_asciiTextWithCRLF "id-ct-asciiTextWithCRLF" +#define NID_id_ct_asciiTextWithCRLF 787 +#define OBJ_id_ct_asciiTextWithCRLF OBJ_id_smime_ct,27L + #define SN_id_smime_aa_receiptRequest "id-smime-aa-receiptRequest" #define NID_id_smime_aa_receiptRequest 212 #define OBJ_id_smime_aa_receiptRequest OBJ_id_smime_aa,1L @@ -1218,6 +1541,10 @@ #define NID_id_it_origPKIMessage 312 #define OBJ_id_it_origPKIMessage OBJ_id_it,15L +#define SN_id_it_suppLangTags "id-it-suppLangTags" +#define NID_id_it_suppLangTags 784 +#define OBJ_id_it_suppLangTags OBJ_id_it,16L + #define SN_id_regCtrl "id-regCtrl" #define NID_id_regCtrl 313 #define OBJ_id_regCtrl OBJ_id_pkip,1L @@ -1453,6 +1780,11 @@ #define NID_ad_dvcs 364 #define OBJ_ad_dvcs OBJ_id_ad,4L +#define SN_caRepository "caRepository" +#define LN_caRepository "CA Repository" +#define NID_caRepository 785 +#define OBJ_caRepository OBJ_id_ad,5L + #define OBJ_id_pkix_OCSP OBJ_ad_OCSP #define SN_id_pkix_OCSP_basic "basicOCSPResponse" @@ -1749,6 +2081,11 @@ #define NID_id_ce 81 #define OBJ_id_ce OBJ_X500,29L +#define SN_subject_directory_attributes "subjectDirectoryAttributes" +#define LN_subject_directory_attributes "X509v3 Subject Directory Attributes" +#define NID_subject_directory_attributes 769 +#define OBJ_subject_directory_attributes OBJ_id_ce,9L + #define SN_subject_key_identifier "subjectKeyIdentifier" #define LN_subject_key_identifier "X509v3 Subject Key Identifier" #define NID_subject_key_identifier 82 @@ -1799,6 +2136,16 @@ #define NID_delta_crl 140 #define OBJ_delta_crl OBJ_id_ce,27L +#define SN_issuing_distribution_point "issuingDistributionPoint" +#define LN_issuing_distribution_point "X509v3 Issuing Distrubution Point" +#define NID_issuing_distribution_point 770 +#define OBJ_issuing_distribution_point OBJ_id_ce,28L + +#define SN_certificate_issuer "certificateIssuer" +#define LN_certificate_issuer "X509v3 Certificate Issuer" +#define NID_certificate_issuer 771 +#define OBJ_certificate_issuer OBJ_id_ce,29L + #define SN_name_constraints "nameConstraints" #define LN_name_constraints "X509v3 Name Constraints" #define NID_name_constraints 666 @@ -1814,6 +2161,16 @@ #define NID_certificate_policies 89 #define OBJ_certificate_policies OBJ_id_ce,32L +#define SN_any_policy "anyPolicy" +#define LN_any_policy "X509v3 Any Policy" +#define NID_any_policy 746 +#define OBJ_any_policy OBJ_certificate_policies,0L + +#define SN_policy_mappings "policyMappings" +#define LN_policy_mappings "X509v3 Policy Mappings" +#define NID_policy_mappings 747 +#define OBJ_policy_mappings OBJ_id_ce,33L + #define SN_authority_key_identifier "authorityKeyIdentifier" #define LN_authority_key_identifier "X509v3 Authority Key Identifier" #define NID_authority_key_identifier 90 @@ -1829,6 +2186,11 @@ #define NID_ext_key_usage 126 #define OBJ_ext_key_usage OBJ_id_ce,37L +#define SN_inhibit_any_policy "inhibitAnyPolicy" +#define LN_inhibit_any_policy "X509v3 Inhibit Any Policy" +#define NID_inhibit_any_policy 748 +#define OBJ_inhibit_any_policy OBJ_id_ce,54L + #define SN_target_information "targetInformation" #define LN_target_information "X509v3 AC Targeting" #define NID_target_information 402 @@ -1998,7 +2360,7 @@ #define SN_zlib_compression "ZLIB" #define LN_zlib_compression "zlib compression" #define NID_zlib_compression 125 -#define OBJ_zlib_compression 1L,1L,1L,1L,666L,2L +#define OBJ_zlib_compression OBJ_id_smime_alg,8L #define OBJ_csor 2L,16L,840L,1L,101L,3L @@ -2106,6 +2468,18 @@ #define LN_des_ede3_cfb8 "des-ede3-cfb8" #define NID_des_ede3_cfb8 659 +#define SN_id_aes128_wrap "id-aes128-wrap" +#define NID_id_aes128_wrap 788 +#define OBJ_id_aes128_wrap OBJ_aes,5L + +#define SN_id_aes192_wrap "id-aes192-wrap" +#define NID_id_aes192_wrap 789 +#define OBJ_id_aes192_wrap OBJ_aes,25L + +#define SN_id_aes256_wrap "id-aes256-wrap" +#define NID_id_aes256_wrap 790 +#define OBJ_id_aes256_wrap OBJ_aes,45L + #define OBJ_nist_hashalgs OBJ_nistAlgorithms,2L #define SN_sha256 "SHA256" @@ -2152,7 +2526,7 @@ #define SN_data "data" #define NID_data 434 -#define OBJ_data OBJ_ccitt,9L +#define OBJ_data OBJ_itu_t,9L #define SN_pss "pss" #define NID_pss 435 @@ -2441,7 +2815,7 @@ #define SN_id_set "id-set" #define LN_id_set "Secure Electronic Transactions" #define NID_id_set 512 -#define OBJ_id_set 2L,23L,42L +#define OBJ_id_set OBJ_international_organizations,42L #define SN_set_ctype "set-ctype" #define LN_set_ctype "content types" @@ -2985,3 +3359,124 @@ #define NID_rsaOAEPEncryptionSET 644 #define OBJ_rsaOAEPEncryptionSET OBJ_rsadsi,1L,1L,6L +#define SN_ipsec3 "Oakley-EC2N-3" +#define LN_ipsec3 "ipsec3" +#define NID_ipsec3 749 + +#define SN_ipsec4 "Oakley-EC2N-4" +#define LN_ipsec4 "ipsec4" +#define NID_ipsec4 750 + +#define SN_camellia_128_cbc "CAMELLIA-128-CBC" +#define LN_camellia_128_cbc "camellia-128-cbc" +#define NID_camellia_128_cbc 751 +#define OBJ_camellia_128_cbc 1L,2L,392L,200011L,61L,1L,1L,1L,2L + +#define SN_camellia_192_cbc "CAMELLIA-192-CBC" +#define LN_camellia_192_cbc "camellia-192-cbc" +#define NID_camellia_192_cbc 752 +#define OBJ_camellia_192_cbc 1L,2L,392L,200011L,61L,1L,1L,1L,3L + +#define SN_camellia_256_cbc "CAMELLIA-256-CBC" +#define LN_camellia_256_cbc "camellia-256-cbc" +#define NID_camellia_256_cbc 753 +#define OBJ_camellia_256_cbc 1L,2L,392L,200011L,61L,1L,1L,1L,4L + +#define OBJ_ntt_ds 0L,3L,4401L,5L + +#define OBJ_camellia OBJ_ntt_ds,3L,1L,9L + +#define SN_camellia_128_ecb "CAMELLIA-128-ECB" +#define LN_camellia_128_ecb "camellia-128-ecb" +#define NID_camellia_128_ecb 754 +#define OBJ_camellia_128_ecb OBJ_camellia,1L + +#define SN_camellia_128_ofb128 "CAMELLIA-128-OFB" +#define LN_camellia_128_ofb128 "camellia-128-ofb" +#define NID_camellia_128_ofb128 766 +#define OBJ_camellia_128_ofb128 OBJ_camellia,3L + +#define SN_camellia_128_cfb128 "CAMELLIA-128-CFB" +#define LN_camellia_128_cfb128 "camellia-128-cfb" +#define NID_camellia_128_cfb128 757 +#define OBJ_camellia_128_cfb128 OBJ_camellia,4L + +#define SN_camellia_192_ecb "CAMELLIA-192-ECB" +#define LN_camellia_192_ecb "camellia-192-ecb" +#define NID_camellia_192_ecb 755 +#define OBJ_camellia_192_ecb OBJ_camellia,21L + +#define SN_camellia_192_ofb128 "CAMELLIA-192-OFB" +#define LN_camellia_192_ofb128 "camellia-192-ofb" +#define NID_camellia_192_ofb128 767 +#define OBJ_camellia_192_ofb128 OBJ_camellia,23L + +#define SN_camellia_192_cfb128 "CAMELLIA-192-CFB" +#define LN_camellia_192_cfb128 "camellia-192-cfb" +#define NID_camellia_192_cfb128 758 +#define OBJ_camellia_192_cfb128 OBJ_camellia,24L + +#define SN_camellia_256_ecb "CAMELLIA-256-ECB" +#define LN_camellia_256_ecb "camellia-256-ecb" +#define NID_camellia_256_ecb 756 +#define OBJ_camellia_256_ecb OBJ_camellia,41L + +#define SN_camellia_256_ofb128 "CAMELLIA-256-OFB" +#define LN_camellia_256_ofb128 "camellia-256-ofb" +#define NID_camellia_256_ofb128 768 +#define OBJ_camellia_256_ofb128 OBJ_camellia,43L + +#define SN_camellia_256_cfb128 "CAMELLIA-256-CFB" +#define LN_camellia_256_cfb128 "camellia-256-cfb" +#define NID_camellia_256_cfb128 759 +#define OBJ_camellia_256_cfb128 OBJ_camellia,44L + +#define SN_camellia_128_cfb1 "CAMELLIA-128-CFB1" +#define LN_camellia_128_cfb1 "camellia-128-cfb1" +#define NID_camellia_128_cfb1 760 + +#define SN_camellia_192_cfb1 "CAMELLIA-192-CFB1" +#define LN_camellia_192_cfb1 "camellia-192-cfb1" +#define NID_camellia_192_cfb1 761 + +#define SN_camellia_256_cfb1 "CAMELLIA-256-CFB1" +#define LN_camellia_256_cfb1 "camellia-256-cfb1" +#define NID_camellia_256_cfb1 762 + +#define SN_camellia_128_cfb8 "CAMELLIA-128-CFB8" +#define LN_camellia_128_cfb8 "camellia-128-cfb8" +#define NID_camellia_128_cfb8 763 + +#define SN_camellia_192_cfb8 "CAMELLIA-192-CFB8" +#define LN_camellia_192_cfb8 "camellia-192-cfb8" +#define NID_camellia_192_cfb8 764 + +#define SN_camellia_256_cfb8 "CAMELLIA-256-CFB8" +#define LN_camellia_256_cfb8 "camellia-256-cfb8" +#define NID_camellia_256_cfb8 765 + +#define SN_kisa "KISA" +#define LN_kisa "kisa" +#define NID_kisa 773 +#define OBJ_kisa OBJ_member_body,410L,200004L + +#define SN_seed_ecb "SEED-ECB" +#define LN_seed_ecb "seed-ecb" +#define NID_seed_ecb 776 +#define OBJ_seed_ecb OBJ_kisa,1L,3L + +#define SN_seed_cbc "SEED-CBC" +#define LN_seed_cbc "seed-cbc" +#define NID_seed_cbc 777 +#define OBJ_seed_cbc OBJ_kisa,1L,4L + +#define SN_seed_cfb128 "SEED-CFB" +#define LN_seed_cfb128 "seed-cfb" +#define NID_seed_cfb128 779 +#define OBJ_seed_cfb128 OBJ_kisa,1L,5L + +#define SN_seed_ofb128 "SEED-OFB" +#define LN_seed_ofb128 "seed-ofb" +#define NID_seed_ofb128 778 +#define OBJ_seed_ofb128 OBJ_kisa,1L,6L + diff --git a/src/lib/libcrypto/ocsp/Makefile b/src/lib/libcrypto/ocsp/Makefile index 59f7098d9e..0fe028960e 100644 --- a/src/lib/libcrypto/ocsp/Makefile +++ b/src/lib/libcrypto/ocsp/Makefile @@ -7,11 +7,6 @@ TOP= ../.. CC= cc INCLUDES= -I.. -I$(TOP) -I../../include CFLAG=-g -INSTALL_PREFIX= -OPENSSLDIR= /usr/local/ssl -INSTALLTOP=/usr/local/ssl -MAKEDEPPROG= makedepend -MAKEDEPEND= $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG) MAKEFILE= Makefile AR= ar r @@ -54,6 +49,7 @@ links: @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS) install: + @[ -n "$(INSTALLTOP)" ] # should be set by top Makefile... @headerlist="$(EXHEADER)"; for i in $$headerlist ; \ do \ (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \ @@ -69,6 +65,7 @@ lint: lint -DLINT $(INCLUDES) $(SRC)>fluff depend: + @[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile... $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(LIBSRC) dclean: @@ -80,212 +77,137 @@ clean: # DO NOT DELETE THIS LINE -- make depend depends on it. -ocsp_asn.o: ../../include/openssl/aes.h ../../include/openssl/asn1.h -ocsp_asn.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h -ocsp_asn.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -ocsp_asn.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h +ocsp_asn.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h +ocsp_asn.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h ocsp_asn.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h -ocsp_asn.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -ocsp_asn.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -ocsp_asn.o: ../../include/openssl/e_os2.h ../../include/openssl/evp.h -ocsp_asn.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -ocsp_asn.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -ocsp_asn.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h +ocsp_asn.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h +ocsp_asn.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h +ocsp_asn.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h ocsp_asn.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h ocsp_asn.o: ../../include/openssl/ocsp.h ../../include/openssl/opensslconf.h ocsp_asn.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -ocsp_asn.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -ocsp_asn.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -ocsp_asn.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -ocsp_asn.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -ocsp_asn.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -ocsp_asn.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -ocsp_asn.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -ocsp_asn.o: ../../include/openssl/x509v3.h ocsp_asn.c -ocsp_cl.o: ../../e_os.h ../../include/openssl/aes.h -ocsp_cl.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -ocsp_cl.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -ocsp_cl.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h +ocsp_asn.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h +ocsp_asn.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +ocsp_asn.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h +ocsp_asn.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h +ocsp_asn.o: ocsp_asn.c +ocsp_cl.o: ../../e_os.h ../../include/openssl/asn1.h +ocsp_cl.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h ocsp_cl.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h -ocsp_cl.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -ocsp_cl.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -ocsp_cl.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -ocsp_cl.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -ocsp_cl.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -ocsp_cl.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -ocsp_cl.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h +ocsp_cl.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h +ocsp_cl.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h +ocsp_cl.o: ../../include/openssl/err.h ../../include/openssl/evp.h +ocsp_cl.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h ocsp_cl.o: ../../include/openssl/objects.h ../../include/openssl/ocsp.h ocsp_cl.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h ocsp_cl.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pem.h ocsp_cl.o: ../../include/openssl/pem2.h ../../include/openssl/pkcs7.h -ocsp_cl.o: ../../include/openssl/rand.h ../../include/openssl/rc2.h -ocsp_cl.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -ocsp_cl.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -ocsp_cl.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -ocsp_cl.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -ocsp_cl.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -ocsp_cl.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -ocsp_cl.o: ../../include/openssl/x509v3.h ../cryptlib.h ocsp_cl.c -ocsp_err.o: ../../include/openssl/aes.h ../../include/openssl/asn1.h -ocsp_err.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -ocsp_err.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -ocsp_err.o: ../../include/openssl/cast.h ../../include/openssl/conf.h -ocsp_err.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -ocsp_err.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -ocsp_err.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -ocsp_err.o: ../../include/openssl/err.h ../../include/openssl/evp.h -ocsp_err.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -ocsp_err.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -ocsp_err.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h +ocsp_cl.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h +ocsp_cl.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +ocsp_cl.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h +ocsp_cl.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h +ocsp_cl.o: ../cryptlib.h ocsp_cl.c +ocsp_err.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h +ocsp_err.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h +ocsp_err.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h +ocsp_err.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h +ocsp_err.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h +ocsp_err.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h ocsp_err.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h ocsp_err.o: ../../include/openssl/ocsp.h ../../include/openssl/opensslconf.h ocsp_err.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -ocsp_err.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -ocsp_err.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -ocsp_err.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -ocsp_err.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -ocsp_err.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -ocsp_err.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -ocsp_err.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -ocsp_err.o: ../../include/openssl/x509v3.h ocsp_err.c -ocsp_ext.o: ../../e_os.h ../../include/openssl/aes.h -ocsp_ext.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -ocsp_ext.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -ocsp_ext.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h +ocsp_err.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h +ocsp_err.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +ocsp_err.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h +ocsp_err.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h +ocsp_err.o: ocsp_err.c +ocsp_ext.o: ../../e_os.h ../../include/openssl/asn1.h +ocsp_ext.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h ocsp_ext.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h -ocsp_ext.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -ocsp_ext.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -ocsp_ext.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -ocsp_ext.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -ocsp_ext.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -ocsp_ext.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -ocsp_ext.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h +ocsp_ext.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h +ocsp_ext.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h +ocsp_ext.o: ../../include/openssl/err.h ../../include/openssl/evp.h +ocsp_ext.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h ocsp_ext.o: ../../include/openssl/objects.h ../../include/openssl/ocsp.h ocsp_ext.o: ../../include/openssl/opensslconf.h ocsp_ext.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h ocsp_ext.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h -ocsp_ext.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -ocsp_ext.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h -ocsp_ext.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -ocsp_ext.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -ocsp_ext.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -ocsp_ext.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h -ocsp_ext.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h -ocsp_ext.o: ../cryptlib.h ocsp_ext.c -ocsp_ht.o: ../../include/openssl/aes.h ../../include/openssl/asn1.h -ocsp_ht.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -ocsp_ht.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -ocsp_ht.o: ../../include/openssl/cast.h ../../include/openssl/conf.h -ocsp_ht.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -ocsp_ht.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -ocsp_ht.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -ocsp_ht.o: ../../include/openssl/err.h ../../include/openssl/evp.h -ocsp_ht.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -ocsp_ht.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -ocsp_ht.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h +ocsp_ext.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +ocsp_ext.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +ocsp_ext.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +ocsp_ext.o: ../../include/openssl/x509v3.h ../cryptlib.h ocsp_ext.c +ocsp_ht.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h +ocsp_ht.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h +ocsp_ht.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h +ocsp_ht.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h +ocsp_ht.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h +ocsp_ht.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h ocsp_ht.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h ocsp_ht.o: ../../include/openssl/ocsp.h ../../include/openssl/opensslconf.h ocsp_ht.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -ocsp_ht.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -ocsp_ht.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -ocsp_ht.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -ocsp_ht.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -ocsp_ht.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -ocsp_ht.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -ocsp_ht.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -ocsp_ht.o: ../../include/openssl/x509v3.h ocsp_ht.c -ocsp_lib.o: ../../e_os.h ../../include/openssl/aes.h -ocsp_lib.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -ocsp_lib.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -ocsp_lib.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h +ocsp_ht.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h +ocsp_ht.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +ocsp_ht.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h +ocsp_ht.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h +ocsp_ht.o: ocsp_ht.c +ocsp_lib.o: ../../e_os.h ../../include/openssl/asn1.h +ocsp_lib.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h ocsp_lib.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h -ocsp_lib.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -ocsp_lib.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -ocsp_lib.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -ocsp_lib.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -ocsp_lib.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -ocsp_lib.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -ocsp_lib.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h +ocsp_lib.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h +ocsp_lib.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h +ocsp_lib.o: ../../include/openssl/err.h ../../include/openssl/evp.h +ocsp_lib.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h ocsp_lib.o: ../../include/openssl/objects.h ../../include/openssl/ocsp.h ocsp_lib.o: ../../include/openssl/opensslconf.h ocsp_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h ocsp_lib.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h ocsp_lib.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h -ocsp_lib.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -ocsp_lib.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h -ocsp_lib.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -ocsp_lib.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -ocsp_lib.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -ocsp_lib.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h -ocsp_lib.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h -ocsp_lib.o: ../cryptlib.h ocsp_lib.c -ocsp_prn.o: ../../include/openssl/aes.h ../../include/openssl/asn1.h -ocsp_prn.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -ocsp_prn.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -ocsp_prn.o: ../../include/openssl/cast.h ../../include/openssl/conf.h -ocsp_prn.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -ocsp_prn.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -ocsp_prn.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -ocsp_prn.o: ../../include/openssl/err.h ../../include/openssl/evp.h -ocsp_prn.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -ocsp_prn.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -ocsp_prn.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h +ocsp_lib.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +ocsp_lib.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +ocsp_lib.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +ocsp_lib.o: ../../include/openssl/x509v3.h ../cryptlib.h ocsp_lib.c +ocsp_prn.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h +ocsp_prn.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h +ocsp_prn.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h +ocsp_prn.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h +ocsp_prn.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h +ocsp_prn.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h ocsp_prn.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h ocsp_prn.o: ../../include/openssl/ocsp.h ../../include/openssl/opensslconf.h ocsp_prn.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h ocsp_prn.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h -ocsp_prn.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -ocsp_prn.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -ocsp_prn.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -ocsp_prn.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -ocsp_prn.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -ocsp_prn.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -ocsp_prn.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -ocsp_prn.o: ../../include/openssl/x509v3.h ocsp_prn.c -ocsp_srv.o: ../../e_os.h ../../include/openssl/aes.h -ocsp_srv.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -ocsp_srv.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -ocsp_srv.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h +ocsp_prn.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h +ocsp_prn.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +ocsp_prn.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h +ocsp_prn.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h +ocsp_prn.o: ocsp_prn.c +ocsp_srv.o: ../../e_os.h ../../include/openssl/asn1.h +ocsp_srv.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h ocsp_srv.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h -ocsp_srv.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -ocsp_srv.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -ocsp_srv.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -ocsp_srv.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -ocsp_srv.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -ocsp_srv.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -ocsp_srv.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h +ocsp_srv.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h +ocsp_srv.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h +ocsp_srv.o: ../../include/openssl/err.h ../../include/openssl/evp.h +ocsp_srv.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h ocsp_srv.o: ../../include/openssl/objects.h ../../include/openssl/ocsp.h ocsp_srv.o: ../../include/openssl/opensslconf.h ocsp_srv.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h ocsp_srv.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h ocsp_srv.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h -ocsp_srv.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -ocsp_srv.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h -ocsp_srv.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -ocsp_srv.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -ocsp_srv.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -ocsp_srv.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h -ocsp_srv.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h -ocsp_srv.o: ../cryptlib.h ocsp_srv.c -ocsp_vfy.o: ../../include/openssl/aes.h ../../include/openssl/asn1.h -ocsp_vfy.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -ocsp_vfy.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -ocsp_vfy.o: ../../include/openssl/cast.h ../../include/openssl/conf.h -ocsp_vfy.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -ocsp_vfy.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -ocsp_vfy.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -ocsp_vfy.o: ../../include/openssl/err.h ../../include/openssl/evp.h -ocsp_vfy.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -ocsp_vfy.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -ocsp_vfy.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h +ocsp_srv.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +ocsp_srv.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +ocsp_srv.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +ocsp_srv.o: ../../include/openssl/x509v3.h ../cryptlib.h ocsp_srv.c +ocsp_vfy.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h +ocsp_vfy.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h +ocsp_vfy.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h +ocsp_vfy.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h +ocsp_vfy.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h +ocsp_vfy.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h ocsp_vfy.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h ocsp_vfy.o: ../../include/openssl/ocsp.h ../../include/openssl/opensslconf.h ocsp_vfy.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -ocsp_vfy.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -ocsp_vfy.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -ocsp_vfy.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -ocsp_vfy.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -ocsp_vfy.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -ocsp_vfy.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -ocsp_vfy.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -ocsp_vfy.o: ../../include/openssl/x509v3.h ocsp_vfy.c +ocsp_vfy.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h +ocsp_vfy.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +ocsp_vfy.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h +ocsp_vfy.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h +ocsp_vfy.o: ocsp_vfy.c diff --git a/src/lib/libcrypto/opensslconf.h b/src/lib/libcrypto/opensslconf.h index 492041bc7c..0850d4a693 100644 --- a/src/lib/libcrypto/opensslconf.h +++ b/src/lib/libcrypto/opensslconf.h @@ -4,20 +4,71 @@ /* OpenSSL was configured with the following options: */ #ifndef OPENSSL_DOING_MAKEDEPEND +#ifndef OPENSSL_NO_CAMELLIA +# define OPENSSL_NO_CAMELLIA +#endif +#ifndef OPENSSL_NO_CMS +# define OPENSSL_NO_CMS +#endif +#ifndef OPENSSL_NO_GMP +# define OPENSSL_NO_GMP +#endif #ifndef OPENSSL_NO_KRB5 # define OPENSSL_NO_KRB5 #endif +#ifndef OPENSSL_NO_MDC2 +# define OPENSSL_NO_MDC2 +#endif +#ifndef OPENSSL_NO_RC5 +# define OPENSSL_NO_RC5 +#endif +#ifndef OPENSSL_NO_RFC3779 +# define OPENSSL_NO_RFC3779 +#endif +#ifndef OPENSSL_NO_SEED +# define OPENSSL_NO_SEED +#endif +#ifndef OPENSSL_NO_TLSEXT +# define OPENSSL_NO_TLSEXT +#endif #endif /* OPENSSL_DOING_MAKEDEPEND */ +#ifndef OPENSSL_NO_DYNAMIC_ENGINE +# define OPENSSL_NO_DYNAMIC_ENGINE +#endif /* The OPENSSL_NO_* macros are also defined as NO_* if the application asks for it. This is a transient feature that is provided for those who haven't had the time to do the appropriate changes in their applications. */ #ifdef OPENSSL_ALGORITHM_DEFINES +# if defined(OPENSSL_NO_CAMELLIA) && !defined(NO_CAMELLIA) +# define NO_CAMELLIA +# endif +# if defined(OPENSSL_NO_CMS) && !defined(NO_CMS) +# define NO_CMS +# endif +# if defined(OPENSSL_NO_GMP) && !defined(NO_GMP) +# define NO_GMP +# endif # if defined(OPENSSL_NO_KRB5) && !defined(NO_KRB5) # define NO_KRB5 # endif +# if defined(OPENSSL_NO_MDC2) && !defined(NO_MDC2) +# define NO_MDC2 +# endif +# if defined(OPENSSL_NO_RC5) && !defined(NO_RC5) +# define NO_RC5 +# endif +# if defined(OPENSSL_NO_RFC3779) && !defined(NO_RFC3779) +# define NO_RFC3779 +# endif +# if defined(OPENSSL_NO_SEED) && !defined(NO_SEED) +# define NO_SEED +# endif +# if defined(OPENSSL_NO_TLSEXT) && !defined(NO_TLSEXT) +# define NO_TLSEXT +# endif #endif /* crypto/opensslconf.h.in */ @@ -27,6 +78,7 @@ #if !(defined(VMS) || defined(__VMS)) /* VMS uses logical names instead */ #if defined(HEADER_CRYPTLIB_H) && !defined(OPENSSLDIR) +#define ENGINESDIR "/usr/local/ssl/lib/engines" #define OPENSSLDIR "/usr/local/ssl" #endif #endif diff --git a/src/lib/libcrypto/opensslconf.h.in b/src/lib/libcrypto/opensslconf.h.in index 685e83b7a3..cee83acf98 100644 --- a/src/lib/libcrypto/opensslconf.h.in +++ b/src/lib/libcrypto/opensslconf.h.in @@ -5,6 +5,7 @@ #if !(defined(VMS) || defined(__VMS)) /* VMS uses logical names instead */ #if defined(HEADER_CRYPTLIB_H) && !defined(OPENSSLDIR) +#define ENGINESDIR "/usr/local/lib/engines" #define OPENSSLDIR "/usr/local/ssl" #endif #endif diff --git a/src/lib/libcrypto/pem/Makefile b/src/lib/libcrypto/pem/Makefile index fbc2b5d056..742194fd24 100644 --- a/src/lib/libcrypto/pem/Makefile +++ b/src/lib/libcrypto/pem/Makefile @@ -7,11 +7,6 @@ TOP= ../.. CC= cc INCLUDES= -I.. -I$(TOP) -I../../include CFLAG=-g -INSTALL_PREFIX= -OPENSSLDIR= /usr/local/ssl -INSTALLTOP=/usr/local/ssl -MAKEDEPPROG= makedepend -MAKEDEPEND= $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG) MAKEFILE= Makefile AR= ar r @@ -54,6 +49,7 @@ links: $(EXHEADER) @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS) install: + @[ -n "$(INSTALLTOP)" ] # should be set by top Makefile... @headerlist="$(EXHEADER)"; for i in $$headerlist ; \ do \ (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \ @@ -69,6 +65,7 @@ lint: lint -DLINT $(INCLUDES) $(SRC)>fluff depend: + @[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile... $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(LIBSRC) dclean: @@ -80,256 +77,165 @@ clean: # DO NOT DELETE THIS LINE -- make depend depends on it. -pem_all.o: ../../e_os.h ../../include/openssl/aes.h -pem_all.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -pem_all.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -pem_all.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -pem_all.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -pem_all.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h +pem_all.o: ../../e_os.h ../../include/openssl/asn1.h +pem_all.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h +pem_all.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h pem_all.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -pem_all.o: ../../include/openssl/err.h ../../include/openssl/evp.h -pem_all.o: ../../include/openssl/fips.h ../../include/openssl/idea.h -pem_all.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -pem_all.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -pem_all.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h -pem_all.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -pem_all.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -pem_all.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h -pem_all.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -pem_all.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -pem_all.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -pem_all.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -pem_all.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -pem_all.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -pem_all.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -pem_all.o: ../cryptlib.h pem_all.c -pem_err.o: ../../include/openssl/aes.h ../../include/openssl/asn1.h -pem_err.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -pem_err.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -pem_err.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h -pem_err.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -pem_err.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -pem_err.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -pem_err.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -pem_err.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -pem_err.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -pem_err.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h +pem_all.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h +pem_all.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h +pem_all.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h +pem_all.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h +pem_all.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h +pem_all.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pem.h +pem_all.o: ../../include/openssl/pem2.h ../../include/openssl/pkcs7.h +pem_all.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h +pem_all.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +pem_all.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h +pem_all.o: ../../include/openssl/x509_vfy.h ../cryptlib.h pem_all.c +pem_err.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h +pem_err.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h +pem_err.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h +pem_err.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h +pem_err.o: ../../include/openssl/err.h ../../include/openssl/evp.h +pem_err.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h pem_err.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h pem_err.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h pem_err.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h -pem_err.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -pem_err.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -pem_err.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -pem_err.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -pem_err.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -pem_err.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -pem_err.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -pem_err.o: pem_err.c -pem_info.o: ../../e_os.h ../../include/openssl/aes.h -pem_info.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -pem_info.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -pem_info.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -pem_info.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -pem_info.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -pem_info.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h +pem_err.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h +pem_err.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +pem_err.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h +pem_err.o: ../../include/openssl/x509_vfy.h pem_err.c +pem_info.o: ../../e_os.h ../../include/openssl/asn1.h +pem_info.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h +pem_info.o: ../../include/openssl/crypto.h ../../include/openssl/dsa.h +pem_info.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h +pem_info.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h pem_info.o: ../../include/openssl/err.h ../../include/openssl/evp.h -pem_info.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -pem_info.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -pem_info.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h -pem_info.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -pem_info.o: ../../include/openssl/opensslconf.h +pem_info.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h +pem_info.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h pem_info.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h pem_info.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h -pem_info.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -pem_info.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -pem_info.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h +pem_info.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h pem_info.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h pem_info.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -pem_info.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h pem_info.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h pem_info.o: ../cryptlib.h pem_info.c -pem_lib.o: ../../e_os.h ../../include/openssl/aes.h -pem_lib.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -pem_lib.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -pem_lib.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h +pem_lib.o: ../../e_os.h ../../include/openssl/asn1.h +pem_lib.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h pem_lib.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -pem_lib.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -pem_lib.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -pem_lib.o: ../../include/openssl/err.h ../../include/openssl/evp.h -pem_lib.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -pem_lib.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -pem_lib.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h +pem_lib.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h +pem_lib.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h +pem_lib.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h +pem_lib.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h pem_lib.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h pem_lib.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h pem_lib.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pem.h pem_lib.o: ../../include/openssl/pem2.h ../../include/openssl/pkcs12.h pem_lib.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h -pem_lib.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -pem_lib.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h -pem_lib.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -pem_lib.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -pem_lib.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -pem_lib.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h -pem_lib.o: ../../include/openssl/x509_vfy.h ../cryptlib.h pem_lib.c -pem_oth.o: ../../e_os.h ../../include/openssl/aes.h -pem_oth.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -pem_oth.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -pem_oth.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -pem_oth.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -pem_oth.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -pem_oth.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -pem_oth.o: ../../include/openssl/err.h ../../include/openssl/evp.h -pem_oth.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -pem_oth.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -pem_oth.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h +pem_lib.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +pem_lib.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +pem_lib.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h +pem_lib.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +pem_lib.o: ../cryptlib.h pem_lib.c +pem_oth.o: ../../e_os.h ../../include/openssl/asn1.h +pem_oth.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h +pem_oth.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h +pem_oth.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h +pem_oth.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h +pem_oth.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h pem_oth.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h pem_oth.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h pem_oth.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pem.h pem_oth.o: ../../include/openssl/pem2.h ../../include/openssl/pkcs7.h -pem_oth.o: ../../include/openssl/rand.h ../../include/openssl/rc2.h -pem_oth.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -pem_oth.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -pem_oth.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -pem_oth.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -pem_oth.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -pem_oth.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -pem_oth.o: ../cryptlib.h pem_oth.c -pem_pk8.o: ../../e_os.h ../../include/openssl/aes.h -pem_pk8.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -pem_pk8.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -pem_pk8.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -pem_pk8.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -pem_pk8.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -pem_pk8.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -pem_pk8.o: ../../include/openssl/err.h ../../include/openssl/evp.h -pem_pk8.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -pem_pk8.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -pem_pk8.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h +pem_oth.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h +pem_oth.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +pem_oth.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h +pem_oth.o: ../../include/openssl/x509_vfy.h ../cryptlib.h pem_oth.c +pem_pk8.o: ../../e_os.h ../../include/openssl/asn1.h +pem_pk8.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h +pem_pk8.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h +pem_pk8.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h +pem_pk8.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h +pem_pk8.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h pem_pk8.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h pem_pk8.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h pem_pk8.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pem.h pem_pk8.o: ../../include/openssl/pem2.h ../../include/openssl/pkcs12.h pem_pk8.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h -pem_pk8.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -pem_pk8.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h -pem_pk8.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -pem_pk8.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -pem_pk8.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -pem_pk8.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h -pem_pk8.o: ../../include/openssl/x509_vfy.h ../cryptlib.h pem_pk8.c -pem_pkey.o: ../../e_os.h ../../include/openssl/aes.h -pem_pkey.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -pem_pkey.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -pem_pkey.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -pem_pkey.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -pem_pkey.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -pem_pkey.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -pem_pkey.o: ../../include/openssl/err.h ../../include/openssl/evp.h -pem_pkey.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -pem_pkey.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -pem_pkey.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h +pem_pk8.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +pem_pk8.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +pem_pk8.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +pem_pk8.o: ../cryptlib.h pem_pk8.c +pem_pkey.o: ../../e_os.h ../../include/openssl/asn1.h +pem_pkey.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h +pem_pkey.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h +pem_pkey.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h +pem_pkey.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h +pem_pkey.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h pem_pkey.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h pem_pkey.o: ../../include/openssl/opensslconf.h pem_pkey.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h pem_pkey.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h pem_pkey.o: ../../include/openssl/pkcs12.h ../../include/openssl/pkcs7.h -pem_pkey.o: ../../include/openssl/rand.h ../../include/openssl/rc2.h -pem_pkey.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -pem_pkey.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -pem_pkey.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -pem_pkey.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -pem_pkey.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -pem_pkey.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -pem_pkey.o: ../cryptlib.h pem_pkey.c -pem_seal.o: ../../e_os.h ../../include/openssl/aes.h -pem_seal.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -pem_seal.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -pem_seal.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -pem_seal.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -pem_seal.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -pem_seal.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -pem_seal.o: ../../include/openssl/err.h ../../include/openssl/evp.h -pem_seal.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -pem_seal.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -pem_seal.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h +pem_pkey.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h +pem_pkey.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +pem_pkey.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h +pem_pkey.o: ../../include/openssl/x509_vfy.h ../cryptlib.h pem_pkey.c +pem_seal.o: ../../e_os.h ../../include/openssl/asn1.h +pem_seal.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h +pem_seal.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h +pem_seal.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h +pem_seal.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h +pem_seal.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h pem_seal.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h pem_seal.o: ../../include/openssl/opensslconf.h pem_seal.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h pem_seal.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h pem_seal.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h -pem_seal.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -pem_seal.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h pem_seal.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h pem_seal.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -pem_seal.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -pem_seal.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h +pem_seal.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h pem_seal.o: ../../include/openssl/x509_vfy.h ../cryptlib.h pem_seal.c -pem_sign.o: ../../e_os.h ../../include/openssl/aes.h -pem_sign.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -pem_sign.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -pem_sign.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -pem_sign.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -pem_sign.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -pem_sign.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -pem_sign.o: ../../include/openssl/err.h ../../include/openssl/evp.h -pem_sign.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -pem_sign.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -pem_sign.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h +pem_sign.o: ../../e_os.h ../../include/openssl/asn1.h +pem_sign.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h +pem_sign.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h +pem_sign.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h +pem_sign.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h +pem_sign.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h pem_sign.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h pem_sign.o: ../../include/openssl/opensslconf.h pem_sign.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h pem_sign.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h pem_sign.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h -pem_sign.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -pem_sign.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h -pem_sign.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -pem_sign.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -pem_sign.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -pem_sign.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h -pem_sign.o: ../../include/openssl/x509_vfy.h ../cryptlib.h pem_sign.c -pem_x509.o: ../../e_os.h ../../include/openssl/aes.h -pem_x509.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -pem_x509.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -pem_x509.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -pem_x509.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -pem_x509.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -pem_x509.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -pem_x509.o: ../../include/openssl/err.h ../../include/openssl/evp.h -pem_x509.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -pem_x509.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -pem_x509.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h +pem_sign.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +pem_sign.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +pem_sign.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +pem_sign.o: ../cryptlib.h pem_sign.c +pem_x509.o: ../../e_os.h ../../include/openssl/asn1.h +pem_x509.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h +pem_x509.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h +pem_x509.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h +pem_x509.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h +pem_x509.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h pem_x509.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h pem_x509.o: ../../include/openssl/opensslconf.h pem_x509.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h pem_x509.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h -pem_x509.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -pem_x509.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -pem_x509.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -pem_x509.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -pem_x509.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -pem_x509.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -pem_x509.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -pem_x509.o: ../cryptlib.h pem_x509.c -pem_xaux.o: ../../e_os.h ../../include/openssl/aes.h -pem_xaux.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -pem_xaux.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -pem_xaux.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -pem_xaux.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -pem_xaux.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -pem_xaux.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -pem_xaux.o: ../../include/openssl/err.h ../../include/openssl/evp.h -pem_xaux.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -pem_xaux.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -pem_xaux.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h +pem_x509.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h +pem_x509.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +pem_x509.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h +pem_x509.o: ../../include/openssl/x509_vfy.h ../cryptlib.h pem_x509.c +pem_xaux.o: ../../e_os.h ../../include/openssl/asn1.h +pem_xaux.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h +pem_xaux.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h +pem_xaux.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h +pem_xaux.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h +pem_xaux.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h pem_xaux.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h pem_xaux.o: ../../include/openssl/opensslconf.h pem_xaux.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h pem_xaux.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h -pem_xaux.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -pem_xaux.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -pem_xaux.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -pem_xaux.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -pem_xaux.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -pem_xaux.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -pem_xaux.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -pem_xaux.o: ../cryptlib.h pem_xaux.c +pem_xaux.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h +pem_xaux.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +pem_xaux.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h +pem_xaux.o: ../../include/openssl/x509_vfy.h ../cryptlib.h pem_xaux.c diff --git a/src/lib/libcrypto/perlasm/x86ms.pl b/src/lib/libcrypto/perlasm/x86ms.pl index b6bd744057..a0be2934c2 100644 --- a/src/lib/libcrypto/perlasm/x86ms.pl +++ b/src/lib/libcrypto/perlasm/x86ms.pl @@ -27,7 +27,13 @@ $label="L000"; sub main'asm_init_output { @out=(); } sub main'asm_get_output { return(@out); } sub main'get_labels { return(@labels); } -sub main'external_label { push(@labels,@_); } +sub main'external_label +{ + push(@labels,@_); + foreach (@_) { + push(@out, "EXTRN\t_$_:DWORD\n"); + } +} sub main'LB { @@ -51,6 +57,11 @@ sub main'DWP &get_mem("DWORD",@_); } +sub main'QWP + { + &get_mem("QWORD",@_); + } + sub main'BC { return @_; @@ -87,7 +98,7 @@ sub get_mem $reg2=&conv($1); $addr="_$2"; } - elsif ($addr =~ /^[_a-zA-Z]/) + elsif ($addr =~ /^[_a-z][_a-z0-9]*$/i) { $addr="_$addr"; } @@ -128,12 +139,14 @@ sub main'xorb { &out2("xor",@_); } sub main'add { &out2("add",@_); } sub main'adc { &out2("adc",@_); } sub main'sub { &out2("sub",@_); } +sub main'sbb { &out2("sbb",@_); } sub main'rotl { &out2("rol",@_); } sub main'rotr { &out2("ror",@_); } sub main'exch { &out2("xchg",@_); } sub main'cmp { &out2("cmp",@_); } sub main'lea { &out2("lea",@_); } sub main'mul { &out1("mul",@_); } +sub main'imul { &out2("imul",@_); } sub main'div { &out1("div",@_); } sub main'dec { &out1("dec",@_); } sub main'inc { &out1("inc",@_); } @@ -155,26 +168,54 @@ sub main'jne { &out1("jne",@_); } sub main'jno { &out1("jno",@_); } sub main'push { &out1("push",@_); $stack+=4; } sub main'pop { &out1("pop",@_); $stack-=4; } +sub main'pushf { &out0("pushfd"); $stack+=4; } +sub main'popf { &out0("popfd"); $stack-=4; } sub main'bswap { &out1("bswap",@_); &using486(); } sub main'not { &out1("not",@_); } sub main'call { &out1("call",($_[0]=~/^\$L/?'':'_').$_[0]); } +sub main'call_ptr { &out1p("call",@_); } sub main'ret { &out0("ret"); } sub main'nop { &out0("nop"); } +sub main'test { &out2("test",@_); } +sub main'bt { &out2("bt",@_); } +sub main'leave { &out0("leave"); } +sub main'cpuid { &out0("DW\t0A20Fh"); } +sub main'rdtsc { &out0("DW\t0310Fh"); } +sub main'halt { &out0("hlt"); } sub main'movz { &out2("movzx",@_); } +sub main'neg { &out1("neg",@_); } +sub main'cld { &out0("cld"); } + +# SSE2 +sub main'emms { &out0("emms"); } +sub main'movd { &out2("movd",@_); } +sub main'movq { &out2("movq",@_); } +sub main'movdqu { &out2("movdqu",@_); } +sub main'movdqa { &out2("movdqa",@_); } +sub main'movdq2q{ &out2("movdq2q",@_); } +sub main'movq2dq{ &out2("movq2dq",@_); } +sub main'paddq { &out2("paddq",@_); } +sub main'pmuludq{ &out2("pmuludq",@_); } +sub main'psrlq { &out2("psrlq",@_); } +sub main'psllq { &out2("psllq",@_); } +sub main'pxor { &out2("pxor",@_); } +sub main'por { &out2("por",@_); } +sub main'pand { &out2("pand",@_); } sub out2 { local($name,$p1,$p2)=@_; - local($l,$t); + local($l,$t,$line); - push(@out,"\t$name\t"); + $line="\t$name\t"; $t=&conv($p1).","; $l=length($t); - push(@out,$t); + $line.="$t"; $l=4-($l+9)/8; - push(@out,"\t" x $l); - push(@out,&conv($p2)); - push(@out,"\n"); + $line.="\t" x $l; + $line.=&conv($p2); + if ($line=~/\bxmm[0-7]\b/i) { $line=~s/\b[A-Z]+WORD\s+PTR/XMMWORD PTR/i; } + push(@out,$line."\n"); } sub out0 @@ -214,7 +255,9 @@ sub main'file local($tmp)=<<"EOF"; TITLE $file.asm .386 -.model FLAT +.model FLAT +_TEXT\$ SEGMENT PAGE 'CODE' + EOF push(@out,$tmp); } @@ -226,7 +269,6 @@ sub main'function_begin push(@labels,$func); local($tmp)=<<"EOF"; -_TEXT SEGMENT PUBLIC _$func $extra _$func PROC NEAR @@ -244,7 +286,6 @@ sub main'function_begin_B local($func,$extra)=@_; local($tmp)=<<"EOF"; -_TEXT SEGMENT PUBLIC _$func $extra _$func PROC NEAR @@ -264,7 +305,6 @@ sub main'function_end pop ebp ret _$func ENDP -_TEXT ENDS EOF push(@out,$tmp); $stack=0; @@ -277,7 +317,6 @@ sub main'function_end_B local($tmp)=<<"EOF"; _$func ENDP -_TEXT ENDS EOF push(@out,$tmp); $stack=0; @@ -300,6 +339,20 @@ EOF sub main'file_end { + # try to detect if SSE2 or MMX extensions were used... + my $xmmheader=<<___; +.686 +.XMM +IF \@Version LT 800 +XMMWORD STRUCT 16 + DQ 2 dup (?) +XMMWORD ENDS +ENDIF +___ + if (grep {/\b[x]?mm[0-7]\b/i} @out) { + grep {s/\.[3-7]86/$xmmheader/} @out; + } + push(@out,"_TEXT\$ ENDS\n"); push(@out,"END\n"); } @@ -331,6 +384,12 @@ sub main'comment } } +sub main'public_label + { + $label{$_[0]}="_$_[0]" if (!defined($label{$_[0]})); + push(@out,"PUBLIC\t$label{$_[0]}\n"); + } + sub main'label { if (!defined($label{$_[0]})) @@ -348,19 +407,37 @@ sub main'set_label $label{$_[0]}="\$${label}${_[0]}"; $label++; } + if ($_[1]!=0 && $_[1]>1) + { + main'align($_[1]); + } if((defined $_[2]) && ($_[2] == 1)) { push(@out,"$label{$_[0]}::\n"); } + elsif ($label{$_[0]} !~ /^\$/) + { + push(@out,"$label{$_[0]}\tLABEL PTR\n"); + } else { push(@out,"$label{$_[0]}:\n"); } } +sub main'data_byte + { + push(@out,"\tDB\t".join(',',@_)."\n"); + } + sub main'data_word { - push(@out,"\tDD\t$_[0]\n"); + push(@out,"\tDD\t".join(',',@_)."\n"); + } + +sub main'align + { + push(@out,"\tALIGN\t$_[0]\n"); } sub out1p @@ -368,7 +445,7 @@ sub out1p local($name,$p1)=@_; local($l,$t); - push(@out,"\t$name\t ".&conv($p1)."\n"); + push(@out,"\t$name\t".&conv($p1)."\n"); } sub main'picmeup @@ -378,3 +455,18 @@ sub main'picmeup } sub main'blindpop { &out1("pop",@_); } + +sub main'initseg + { + local($f)=@_; + local($tmp)=<<___; +OPTION DOTNAME +.CRT\$XCU SEGMENT DWORD PUBLIC 'DATA' +EXTRN _$f:NEAR +DD _$f +.CRT\$XCU ENDS +___ + push(@out,$tmp); + } + +1; diff --git a/src/lib/libcrypto/perlasm/x86nasm.pl b/src/lib/libcrypto/perlasm/x86nasm.pl index 4bdb3fe180..fa38f89c09 100644 --- a/src/lib/libcrypto/perlasm/x86nasm.pl +++ b/src/lib/libcrypto/perlasm/x86nasm.pl @@ -3,6 +3,7 @@ package x86nasm; $label="L000"; +$under=($main'netware)?'':'_'; %lb=( 'eax', 'al', 'ebx', 'bl', @@ -32,7 +33,8 @@ sub main'external_label { push(@labels,@_); foreach (@_) { - push(@out, "extern\t_$_\n"); + push(@out,".") if ($main'mwerks); + push(@out, "extern\t${under}$_\n"); } } @@ -58,14 +60,19 @@ sub main'DWP &get_mem("DWORD",@_); } +sub main'QWP + { + &get_mem("",@_); + } + sub main'BC { - return "BYTE @_"; + return (($main'mwerks)?"":"BYTE ")."@_"; } sub main'DWC { - return "DWORD @_"; + return (($main'mwerks)?"":"DWORD ")."@_"; } sub main'stack_push @@ -86,16 +93,22 @@ sub get_mem { my($size,$addr,$reg1,$reg2,$idx)=@_; my($t,$post); - my($ret)="$size ["; + my($ret)=$size; + if ($ret ne "") + { + $ret .= " PTR" if ($main'mwerks); + $ret .= " "; + } + $ret .= "["; $addr =~ s/^\s+//; if ($addr =~ /^(.+)\+(.+)$/) { $reg2=&conv($1); - $addr="_$2"; + $addr="$under$2"; } - elsif ($addr =~ /^[_a-zA-Z]/) + elsif ($addr =~ /^[_a-z][_a-z0-9]*$/i) { - $addr="_$addr"; + $addr="$under$addr"; } if ($addr =~ /^.+\-.+$/) { $addr="($addr)"; } @@ -134,12 +147,14 @@ sub main'xorb { &out2("xor",@_); } sub main'add { &out2("add",@_); } sub main'adc { &out2("adc",@_); } sub main'sub { &out2("sub",@_); } +sub main'sbb { &out2("sbb",@_); } sub main'rotl { &out2("rol",@_); } sub main'rotr { &out2("ror",@_); } sub main'exch { &out2("xchg",@_); } sub main'cmp { &out2("cmp",@_); } sub main'lea { &out2("lea",@_); } sub main'mul { &out1("mul",@_); } +sub main'imul { &out2("imul",@_); } sub main'div { &out1("div",@_); } sub main'dec { &out1("dec",@_); } sub main'inc { &out1("inc",@_); } @@ -147,29 +162,57 @@ sub main'jmp { &out1("jmp",@_); } sub main'jmp_ptr { &out1p("jmp",@_); } # This is a bit of a kludge: declare all branches as NEAR. -sub main'je { &out1("je NEAR",@_); } -sub main'jle { &out1("jle NEAR",@_); } -sub main'jz { &out1("jz NEAR",@_); } -sub main'jge { &out1("jge NEAR",@_); } -sub main'jl { &out1("jl NEAR",@_); } -sub main'ja { &out1("ja NEAR",@_); } -sub main'jae { &out1("jae NEAR",@_); } -sub main'jb { &out1("jb NEAR",@_); } -sub main'jbe { &out1("jbe NEAR",@_); } -sub main'jc { &out1("jc NEAR",@_); } -sub main'jnc { &out1("jnc NEAR",@_); } -sub main'jnz { &out1("jnz NEAR",@_); } -sub main'jne { &out1("jne NEAR",@_); } -sub main'jno { &out1("jno NEAR",@_); } +$near=($main'mwerks)?'':'NEAR'; +sub main'je { &out1("je $near",@_); } +sub main'jle { &out1("jle $near",@_); } +sub main'jz { &out1("jz $near",@_); } +sub main'jge { &out1("jge $near",@_); } +sub main'jl { &out1("jl $near",@_); } +sub main'ja { &out1("ja $near",@_); } +sub main'jae { &out1("jae $near",@_); } +sub main'jb { &out1("jb $near",@_); } +sub main'jbe { &out1("jbe $near",@_); } +sub main'jc { &out1("jc $near",@_); } +sub main'jnc { &out1("jnc $near",@_); } +sub main'jnz { &out1("jnz $near",@_); } +sub main'jne { &out1("jne $near",@_); } +sub main'jno { &out1("jno $near",@_); } sub main'push { &out1("push",@_); $stack+=4; } sub main'pop { &out1("pop",@_); $stack-=4; } +sub main'pushf { &out0("pushfd"); $stack+=4; } +sub main'popf { &out0("popfd"); $stack-=4; } sub main'bswap { &out1("bswap",@_); &using486(); } sub main'not { &out1("not",@_); } -sub main'call { &out1("call",($_[0]=~/^\$L/?'':'_').$_[0]); } +sub main'call { &out1("call",($_[0]=~/^\@L/?'':$under).$_[0]); } +sub main'call_ptr { &out1p("call",@_); } sub main'ret { &out0("ret"); } sub main'nop { &out0("nop"); } +sub main'test { &out2("test",@_); } +sub main'bt { &out2("bt",@_); } +sub main'leave { &out0("leave"); } +sub main'cpuid { &out0("cpuid"); } +sub main'rdtsc { &out0("rdtsc"); } +sub main'halt { &out0("hlt"); } sub main'movz { &out2("movzx",@_); } +sub main'neg { &out1("neg",@_); } +sub main'cld { &out0("cld"); } + +# SSE2 +sub main'emms { &out0("emms"); } +sub main'movd { &out2("movd",@_); } +sub main'movq { &out2("movq",@_); } +sub main'movdqu { &out2("movdqu",@_); } +sub main'movdqa { &out2("movdqa",@_); } +sub main'movdq2q{ &out2("movdq2q",@_); } +sub main'movq2dq{ &out2("movq2dq",@_); } +sub main'paddq { &out2("paddq",@_); } +sub main'pmuludq{ &out2("pmuludq",@_); } +sub main'psrlq { &out2("psrlq",@_); } +sub main'psllq { &out2("psllq",@_); } +sub main'pxor { &out2("pxor",@_); } +sub main'por { &out2("por",@_); } +sub main'pand { &out2("pand",@_); } sub out2 { @@ -177,7 +220,7 @@ sub out2 my($l,$t); push(@out,"\t$name\t"); - if ($name eq "lea") + if (!$main'mwerks and $name eq "lea") { $p1 =~ s/^[^\[]*\[/\[/; $p2 =~ s/^[^\[]*\[/\[/; @@ -221,15 +264,17 @@ sub using486 sub main'file { - local $tmp; - $tmp=<<___; + if ($main'mwerks) { push(@out,".section\t.text\n"); } + else { + local $tmp=<<___; %ifdef __omf__ section code use32 class=code %else section .text %endif ___ - push(@out,$tmp); + push(@out,$tmp); + } } sub main'function_begin @@ -237,9 +282,10 @@ sub main'function_begin my($func,$extra)=@_; push(@labels,$func); + push(@out,".") if ($main'mwerks); my($tmp)=<<"EOF"; -global _$func -_$func: +global $under$func +$under$func: push ebp push ebx push esi @@ -252,9 +298,10 @@ EOF sub main'function_begin_B { my($func,$extra)=@_; + push(@out,".") if ($main'mwerks); my($tmp)=<<"EOF"; -global _$func -_$func: +global $under$func +$under$func: EOF push(@out,$tmp); $stack=4; @@ -328,11 +375,18 @@ sub main'comment } } +sub main'public_label + { + $label{$_[0]}="${under}${_[0]}" if (!defined($label{$_[0]})); + push(@out,".") if ($main'mwerks); + push(@out,"global\t$label{$_[0]}\n"); + } + sub main'label { if (!defined($label{$_[0]})) { - $label{$_[0]}="\$${label}${_[0]}"; + $label{$_[0]}="\@${label}${_[0]}"; $label++; } return($label{$_[0]}); @@ -342,15 +396,30 @@ sub main'set_label { if (!defined($label{$_[0]})) { - $label{$_[0]}="\$${label}${_[0]}"; + $label{$_[0]}="\@${label}${_[0]}"; $label++; } + if ($_[1]!=0 && $_[1]>1) + { + main'align($_[1]); + } push(@out,"$label{$_[0]}:\n"); } +sub main'data_byte + { + push(@out,(($main'mwerks)?".byte\t":"DB\t").join(',',@_)."\n"); + } + sub main'data_word { - push(@out,"\tDD\t$_[0]\n"); + push(@out,(($main'mwerks)?".long\t":"DD\t").join(',',@_)."\n"); + } + +sub main'align + { + push(@out,".") if ($main'mwerks); + push(@out,"align\t$_[0]\n"); } sub out1p @@ -358,7 +427,7 @@ sub out1p my($name,$p1)=@_; my($l,$t); - push(@out,"\t$name\t ".&conv($p1)."\n"); + push(@out,"\t$name\t".&conv($p1)."\n"); } sub main'picmeup @@ -368,3 +437,19 @@ sub main'picmeup } sub main'blindpop { &out1("pop",@_); } + +sub main'initseg + { + local($f)=@_; + if ($main'win32) + { + local($tmp)=<<___; +segment .CRT\$XCU data +extern $under$f +DD $under$f +___ + push(@out,$tmp); + } + } + +1; diff --git a/src/lib/libcrypto/perlasm/x86unix.pl b/src/lib/libcrypto/perlasm/x86unix.pl index a31a25c12b..a4c947165e 100644 --- a/src/lib/libcrypto/perlasm/x86unix.pl +++ b/src/lib/libcrypto/perlasm/x86unix.pl @@ -1,14 +1,15 @@ #!/usr/local/bin/perl -package x86unix; +package x86unix; # GAS actually... $label="L000"; $const=""; $constl=0; $align=($main'aout)?"4":"16"; -$under=($main'aout)?"_":""; -$com_start=($main'sol)?"/":"#"; +$under=($main'aout or $main'coff)?"_":""; +$dot=($main'aout)?"":"."; +$com_start="#" if ($main'aout or $main'coff); sub main'asm_init_output { @out=(); } sub main'asm_get_output { return(@out); } @@ -51,6 +52,24 @@ if ($main'cpp) 'edi', '%edi', 'ebp', '%ebp', 'esp', '%esp', + + 'mm0', '%mm0', + 'mm1', '%mm1', + 'mm2', '%mm2', + 'mm3', '%mm3', + 'mm4', '%mm4', + 'mm5', '%mm5', + 'mm6', '%mm6', + 'mm7', '%mm7', + + 'xmm0', '%xmm0', + 'xmm1', '%xmm1', + 'xmm2', '%xmm2', + 'xmm3', '%xmm3', + 'xmm4', '%xmm4', + 'xmm5', '%xmm5', + 'xmm6', '%xmm6', + 'xmm7', '%xmm7', ); %reg_val=( @@ -97,6 +116,11 @@ sub main'DWP return($ret); } +sub main'QWP + { + return(&main'DWP(@_)); + } + sub main'BP { return(&main'DWP(@_)); @@ -140,12 +164,14 @@ sub main'xorb { &out2("xorb",@_); } sub main'add { &out2($_[0]=~/%[a-d][lh]/?"addb":"addl",@_); } sub main'adc { &out2("adcl",@_); } sub main'sub { &out2("subl",@_); } +sub main'sbb { &out2("sbbl",@_); } sub main'rotl { &out2("roll",@_); } sub main'rotr { &out2("rorl",@_); } sub main'exch { &out2($_[0]=~/%[a-d][lh]/?"xchgb":"xchgl",@_); } sub main'cmp { &out2("cmpl",@_); } sub main'lea { &out2("leal",@_); } sub main'mul { &out1("mull",@_); } +sub main'imul { &out2("imull",@_); } sub main'div { &out1("divl",@_); } sub main'jmp { &out1("jmp",@_); } sub main'jmp_ptr { &out1p("jmp",@_); } @@ -167,13 +193,48 @@ sub main'dec { &out1("decl",@_); } sub main'inc { &out1($_[0]=~/%[a-d][hl]/?"incb":"incl",@_); } sub main'push { &out1("pushl",@_); $stack+=4; } sub main'pop { &out1("popl",@_); $stack-=4; } -sub main'pushf { &out0("pushf"); $stack+=4; } -sub main'popf { &out0("popf"); $stack-=4; } +sub main'pushf { &out0("pushfl"); $stack+=4; } +sub main'popf { &out0("popfl"); $stack-=4; } sub main'not { &out1("notl",@_); } -sub main'call { &out1("call",($_[0]=~/^\.L/?'':$under).$_[0]); } +sub main'call { my $pre=$under; + foreach $i (%label) + { if ($label{$i} eq $_[0]) { $pre=''; last; } } + &out1("call",$pre.$_[0]); + } +sub main'call_ptr { &out1p("call",@_); } sub main'ret { &out0("ret"); } sub main'nop { &out0("nop"); } +sub main'test { &out2("testl",@_); } +sub main'bt { &out2("btl",@_); } +sub main'leave { &out0("leave"); } +sub main'cpuid { &out0(".byte\t0x0f,0xa2"); } +sub main'rdtsc { &out0(".byte\t0x0f,0x31"); } +sub main'halt { &out0("hlt"); } sub main'movz { &out2("movzbl",@_); } +sub main'neg { &out1("negl",@_); } +sub main'cld { &out0("cld"); } + +# SSE2 +sub main'emms { &out0("emms"); } +sub main'movd { &out2("movd",@_); } +sub main'movdqu { &out2("movdqu",@_); } +sub main'movdqa { &out2("movdqa",@_); } +sub main'movdq2q{ &out2("movdq2q",@_); } +sub main'movq2dq{ &out2("movq2dq",@_); } +sub main'paddq { &out2("paddq",@_); } +sub main'pmuludq{ &out2("pmuludq",@_); } +sub main'psrlq { &out2("psrlq",@_); } +sub main'psllq { &out2("psllq",@_); } +sub main'pxor { &out2("pxor",@_); } +sub main'por { &out2("por",@_); } +sub main'pand { &out2("pand",@_); } +sub main'movq { + local($p1,$p2,$optimize)=@_; + if ($optimize && $p1=~/^mm[0-7]$/ && $p2=~/^mm[0-7]$/) + # movq between mmx registers can sink Intel CPUs + { push(@out,"\tpshufw\t\$0xe4,%$p2,%$p1\n"); } + else { &out2("movq",@_); } + } # The bswapl instruction is new for the 486. Emulate if i386. sub main'bswap @@ -279,8 +340,6 @@ sub main'file local($tmp)=<<"EOF"; .file "$file.s" - .version "01.01" -gcc2_compiled.: EOF push(@out,$tmp); } @@ -294,15 +353,17 @@ sub main'function_begin local($tmp)=<<"EOF"; .text - .align $align -.globl $func +.globl $func EOF push(@out,$tmp); if ($main'cpp) - { $tmp=push(@out,"\tTYPE($func,\@function)\n"); } - elsif ($main'gaswin) - { $tmp=push(@out,"\t.def\t$func;\t.scl\t2;\t.type\t32;\t.endef\n"); } - else { $tmp=push(@out,"\t.type\t$func,\@function\n"); } + { $tmp=push(@out,"TYPE($func,\@function)\n"); } + elsif ($main'coff) + { $tmp=push(@out,".def\t$func;\t.scl\t2;\t.type\t32;\t.endef\n"); } + elsif ($main'aout and !$main'pic) + { } + else { $tmp=push(@out,".type\t$func,\@function\n"); } + push(@out,".align\t$align\n"); push(@out,"$func:\n"); $tmp=<<"EOF"; pushl %ebp @@ -324,15 +385,17 @@ sub main'function_begin_B local($tmp)=<<"EOF"; .text - .align $align -.globl $func +.globl $func EOF push(@out,$tmp); if ($main'cpp) - { push(@out,"\tTYPE($func,\@function)\n"); } - elsif ($main'gaswin) - { $tmp=push(@out,"\t.def\t$func;\t.scl\t2;\t.type\t32;\t.endef\n"); } - else { push(@out,"\t.type $func,\@function\n"); } + { push(@out,"TYPE($func,\@function)\n"); } + elsif ($main'coff) + { $tmp=push(@out,".def\t$func;\t.scl\t2;\t.type\t32;\t.endef\n"); } + elsif ($main'aout and !$main'pic) + { } + else { push(@out,".type $func,\@function\n"); } + push(@out,".align\t$align\n"); push(@out,"$func:\n"); $stack=4; } @@ -349,15 +412,15 @@ sub main'function_end popl %ebx popl %ebp ret -.L_${func}_end: +${dot}L_${func}_end: EOF push(@out,$tmp); if ($main'cpp) - { push(@out,"\tSIZE($func,.L_${func}_end-$func)\n"); } - elsif ($main'gaswin) - { $tmp=push(@out,"\t.align 4\n"); } - else { push(@out,"\t.size\t$func,.L_${func}_end-$func\n"); } + { push(@out,"SIZE($func,${dot}L_${func}_end-$func)\n"); } + elsif ($main'coff or $main'aout) + { } + else { push(@out,".size\t$func,${dot}L_${func}_end-$func\n"); } push(@out,".ident \"$func\"\n"); $stack=0; %label=(); @@ -383,13 +446,13 @@ sub main'function_end_B $func=$under.$func; - push(@out,".L_${func}_end:\n"); + push(@out,"${dot}L_${func}_end:\n"); if ($main'cpp) - { push(@out,"\tSIZE($func,.L_${func}_end-$func)\n"); } - elsif ($main'gaswin) - { push(@out,"\t.align 4\n"); } - else { push(@out,"\t.size\t$func,.L_${func}_end-$func\n"); } - push(@out,".ident \"desasm.pl\"\n"); + { push(@out,"SIZE($func,${dot}L_${func}_end-$func)\n"); } + elsif ($main'coff or $main'aout) + { } + else { push(@out,".size\t$func,${dot}L_${func}_end-$func\n"); } + push(@out,".ident \"$func\"\n"); $stack=0; %label=(); } @@ -430,9 +493,10 @@ sub main'swtmp sub main'comment { - if ($main'elf) # GNU and SVR4 as'es use different comment delimiters, - { # so we just skip comments... - push(@out,"\n"); + if (!defined($com_start) or $main'elf) + { # Regarding $main'elf above... + # GNU and SVR4 as'es use different comment delimiters, + push(@out,"\n"); # so we just skip ELF comments... return; } foreach (@_) @@ -444,11 +508,17 @@ sub main'comment } } +sub main'public_label + { + $label{$_[0]}="${under}${_[0]}" if (!defined($label{$_[0]})); + push(@out,".globl\t$label{$_[0]}\n"); + } + sub main'label { if (!defined($label{$_[0]})) { - $label{$_[0]}=".${label}${_[0]}"; + $label{$_[0]}="${dot}${label}${_[0]}"; $label++; } return($label{$_[0]}); @@ -458,15 +528,29 @@ sub main'set_label { if (!defined($label{$_[0]})) { - $label{$_[0]}=".${label}${_[0]}"; + $label{$_[0]}="${dot}${label}${_[0]}"; $label++; } - push(@out,".align $align\n") if ($_[1] != 0); + if ($_[1]!=0) + { + if ($_[1]>1) { main'align($_[1]); } + else { push(@out,".align $align\n"); } + } push(@out,"$label{$_[0]}:\n"); } sub main'file_end { + # try to detect if SSE2 or MMX extensions were used on ELF platform... + if ($main'elf && grep {/\b%[x]*mm[0-7]\b|OPENSSL_ia32cap_P\b/i} @out) { + local($tmp); + + push (@out,"\n.section\t.bss\n"); + push (@out,".comm\t${under}OPENSSL_ia32cap_P,4,4\n"); + + return; + } + if ($const ne "") { push(@out,".section .rodata\n"); @@ -475,9 +559,25 @@ sub main'file_end } } +sub main'data_byte + { + push(@out,"\t.byte\t".join(',',@_)."\n"); + } + sub main'data_word { - push(@out,"\t.long $_[0]\n"); + push(@out,"\t.long\t".join(',',@_)."\n"); + } + +sub main'align + { + my $val=$_[0],$p2,$i; + if ($main'aout) { + for ($p2=0;$val!=0;$val>>=1) { $p2++; } + $val=$p2-1; + $val.=",0x90"; + } + push(@out,".align\t$val\n"); } # debug output functions: puts, putx, printf @@ -559,7 +659,6 @@ sub main'picmeup { local($tmp)=<<___; #if (defined(ELF) || defined(SOL)) && defined(PIC) - .align 8 call 1f 1: popl $regs{$dst} addl \$_GLOBAL_OFFSET_TABLE_+[.-1b],$regs{$dst} @@ -572,13 +671,12 @@ ___ } elsif ($main'pic && ($main'elf || $main'aout)) { - push(@out,"\t.align\t8\n"); &main'call(&main'label("PIC_me_up")); &main'set_label("PIC_me_up"); &main'blindpop($dst); - &main'add($dst,"\$$under"."_GLOBAL_OFFSET_TABLE_+[.-". + &main'add($dst,"\$${under}_GLOBAL_OFFSET_TABLE_+[.-". &main'label("PIC_me_up") . "]"); - &main'mov($dst,&main'DWP($sym."\@GOT",$dst)); + &main'mov($dst,&main'DWP($under.$sym."\@GOT",$dst)); } else { @@ -587,3 +685,41 @@ ___ } sub main'blindpop { &out1("popl",@_); } + +sub main'initseg + { + local($f)=@_; + local($tmp); + if ($main'elf) + { + $tmp=<<___; +.section .init + call $under$f + jmp .Linitalign +.align $align +.Linitalign: +___ + } + elsif ($main'coff) + { + $tmp=<<___; # applies to both Cygwin and Mingw +.section .ctors +.long $under$f +___ + } + elsif ($main'aout) + { + local($ctor)="${under}_GLOBAL_\$I\$$f"; + $tmp=".text\n"; + $tmp.=".type $ctor,\@function\n" if ($main'pic); + $tmp.=<<___; # OpenBSD way... +.globl $ctor +.align 2 +$ctor: + jmp $under$f +___ + } + push(@out,$tmp) if ($tmp); + } + +1; diff --git a/src/lib/libcrypto/pkcs12/Makefile b/src/lib/libcrypto/pkcs12/Makefile index bef4f27912..3a7498fe7a 100644 --- a/src/lib/libcrypto/pkcs12/Makefile +++ b/src/lib/libcrypto/pkcs12/Makefile @@ -7,11 +7,6 @@ TOP= ../.. CC= cc INCLUDES= -I.. -I$(TOP) -I../../include CFLAG=-g -INSTALL_PREFIX= -OPENSSLDIR= /usr/local/ssl -INSTALLTOP=/usr/local/ssl -MAKEDEPPROG= makedepend -MAKEDEPEND= $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG) MAKEFILE= Makefile AR= ar r @@ -57,6 +52,7 @@ links: @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS) install: + @[ -n "$(INSTALLTOP)" ] # should be set by top Makefile... @headerlist="$(EXHEADER)"; for i in $$headerlist ; \ do \ (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \ @@ -72,6 +68,7 @@ lint: lint -DLINT $(INCLUDES) $(SRC)>fluff depend: + @[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile... $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC) dclean: @@ -83,333 +80,207 @@ clean: # DO NOT DELETE THIS LINE -- make depend depends on it. -p12_add.o: ../../e_os.h ../../include/openssl/aes.h -p12_add.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -p12_add.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -p12_add.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -p12_add.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -p12_add.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -p12_add.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -p12_add.o: ../../include/openssl/err.h ../../include/openssl/evp.h -p12_add.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -p12_add.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -p12_add.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h +p12_add.o: ../../e_os.h ../../include/openssl/asn1.h +p12_add.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h +p12_add.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h +p12_add.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h +p12_add.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h +p12_add.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h p12_add.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h p12_add.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h p12_add.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs12.h -p12_add.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -p12_add.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -p12_add.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -p12_add.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -p12_add.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -p12_add.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -p12_add.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -p12_add.o: ../cryptlib.h p12_add.c -p12_asn.o: ../../e_os.h ../../include/openssl/aes.h -p12_asn.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h -p12_asn.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -p12_asn.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -p12_asn.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h -p12_asn.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -p12_asn.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -p12_asn.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -p12_asn.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -p12_asn.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -p12_asn.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -p12_asn.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h +p12_add.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h +p12_add.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +p12_add.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h +p12_add.o: ../../include/openssl/x509_vfy.h ../cryptlib.h p12_add.c +p12_asn.o: ../../e_os.h ../../include/openssl/asn1.h +p12_asn.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h +p12_asn.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h +p12_asn.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h +p12_asn.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h +p12_asn.o: ../../include/openssl/err.h ../../include/openssl/evp.h +p12_asn.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h p12_asn.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h p12_asn.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h p12_asn.o: ../../include/openssl/pkcs12.h ../../include/openssl/pkcs7.h -p12_asn.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -p12_asn.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h -p12_asn.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -p12_asn.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -p12_asn.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -p12_asn.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h -p12_asn.o: ../../include/openssl/x509_vfy.h ../cryptlib.h p12_asn.c -p12_attr.o: ../../e_os.h ../../include/openssl/aes.h -p12_attr.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -p12_attr.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -p12_attr.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -p12_attr.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -p12_attr.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -p12_attr.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -p12_attr.o: ../../include/openssl/err.h ../../include/openssl/evp.h -p12_attr.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -p12_attr.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -p12_attr.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h +p12_asn.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +p12_asn.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +p12_asn.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +p12_asn.o: ../cryptlib.h p12_asn.c +p12_attr.o: ../../e_os.h ../../include/openssl/asn1.h +p12_attr.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h +p12_attr.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h +p12_attr.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h +p12_attr.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h +p12_attr.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h p12_attr.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h p12_attr.o: ../../include/openssl/opensslconf.h p12_attr.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h p12_attr.o: ../../include/openssl/pkcs12.h ../../include/openssl/pkcs7.h -p12_attr.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -p12_attr.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h -p12_attr.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -p12_attr.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -p12_attr.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -p12_attr.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h -p12_attr.o: ../../include/openssl/x509_vfy.h ../cryptlib.h p12_attr.c -p12_crpt.o: ../../e_os.h ../../include/openssl/aes.h -p12_crpt.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -p12_crpt.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -p12_crpt.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -p12_crpt.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -p12_crpt.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -p12_crpt.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -p12_crpt.o: ../../include/openssl/err.h ../../include/openssl/evp.h -p12_crpt.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -p12_crpt.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -p12_crpt.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h +p12_attr.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +p12_attr.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +p12_attr.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +p12_attr.o: ../cryptlib.h p12_attr.c +p12_crpt.o: ../../e_os.h ../../include/openssl/asn1.h +p12_crpt.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h +p12_crpt.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h +p12_crpt.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h +p12_crpt.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h +p12_crpt.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h p12_crpt.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h p12_crpt.o: ../../include/openssl/opensslconf.h p12_crpt.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h p12_crpt.o: ../../include/openssl/pkcs12.h ../../include/openssl/pkcs7.h -p12_crpt.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -p12_crpt.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h -p12_crpt.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -p12_crpt.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -p12_crpt.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -p12_crpt.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h -p12_crpt.o: ../../include/openssl/x509_vfy.h ../cryptlib.h p12_crpt.c -p12_crt.o: ../../e_os.h ../../include/openssl/aes.h -p12_crt.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -p12_crt.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -p12_crt.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -p12_crt.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -p12_crt.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -p12_crt.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -p12_crt.o: ../../include/openssl/err.h ../../include/openssl/evp.h -p12_crt.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -p12_crt.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -p12_crt.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h +p12_crpt.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +p12_crpt.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +p12_crpt.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +p12_crpt.o: ../cryptlib.h p12_crpt.c +p12_crt.o: ../../e_os.h ../../include/openssl/asn1.h +p12_crt.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h +p12_crt.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h +p12_crt.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h +p12_crt.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h +p12_crt.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h p12_crt.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h p12_crt.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h p12_crt.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs12.h -p12_crt.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -p12_crt.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -p12_crt.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -p12_crt.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -p12_crt.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -p12_crt.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -p12_crt.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -p12_crt.o: ../cryptlib.h p12_crt.c -p12_decr.o: ../../e_os.h ../../include/openssl/aes.h -p12_decr.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -p12_decr.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -p12_decr.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -p12_decr.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -p12_decr.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -p12_decr.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -p12_decr.o: ../../include/openssl/err.h ../../include/openssl/evp.h -p12_decr.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -p12_decr.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -p12_decr.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h +p12_crt.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h +p12_crt.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +p12_crt.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h +p12_crt.o: ../../include/openssl/x509_vfy.h ../cryptlib.h p12_crt.c +p12_decr.o: ../../e_os.h ../../include/openssl/asn1.h +p12_decr.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h +p12_decr.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h +p12_decr.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h +p12_decr.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h +p12_decr.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h p12_decr.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h p12_decr.o: ../../include/openssl/opensslconf.h p12_decr.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h p12_decr.o: ../../include/openssl/pkcs12.h ../../include/openssl/pkcs7.h -p12_decr.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -p12_decr.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h -p12_decr.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -p12_decr.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -p12_decr.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -p12_decr.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h -p12_decr.o: ../../include/openssl/x509_vfy.h ../cryptlib.h p12_decr.c -p12_init.o: ../../e_os.h ../../include/openssl/aes.h -p12_init.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -p12_init.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -p12_init.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -p12_init.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -p12_init.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -p12_init.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -p12_init.o: ../../include/openssl/err.h ../../include/openssl/evp.h -p12_init.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -p12_init.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -p12_init.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h +p12_decr.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +p12_decr.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +p12_decr.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +p12_decr.o: ../cryptlib.h p12_decr.c +p12_init.o: ../../e_os.h ../../include/openssl/asn1.h +p12_init.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h +p12_init.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h +p12_init.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h +p12_init.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h +p12_init.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h p12_init.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h p12_init.o: ../../include/openssl/opensslconf.h p12_init.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h p12_init.o: ../../include/openssl/pkcs12.h ../../include/openssl/pkcs7.h -p12_init.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -p12_init.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h -p12_init.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -p12_init.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -p12_init.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -p12_init.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h -p12_init.o: ../../include/openssl/x509_vfy.h ../cryptlib.h p12_init.c -p12_key.o: ../../e_os.h ../../include/openssl/aes.h -p12_key.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -p12_key.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -p12_key.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -p12_key.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -p12_key.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -p12_key.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h +p12_init.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +p12_init.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +p12_init.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +p12_init.o: ../cryptlib.h p12_init.c +p12_key.o: ../../e_os.h ../../include/openssl/asn1.h +p12_key.o: ../../include/openssl/bio.h ../../include/openssl/bn.h +p12_key.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h +p12_key.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h +p12_key.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h p12_key.o: ../../include/openssl/err.h ../../include/openssl/evp.h -p12_key.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -p12_key.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -p12_key.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h -p12_key.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -p12_key.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -p12_key.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs12.h -p12_key.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -p12_key.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -p12_key.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h +p12_key.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h +p12_key.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h +p12_key.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +p12_key.o: ../../include/openssl/pkcs12.h ../../include/openssl/pkcs7.h p12_key.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h p12_key.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -p12_key.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h p12_key.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h p12_key.o: ../cryptlib.h p12_key.c -p12_kiss.o: ../../e_os.h ../../include/openssl/aes.h -p12_kiss.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -p12_kiss.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -p12_kiss.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -p12_kiss.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -p12_kiss.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -p12_kiss.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -p12_kiss.o: ../../include/openssl/err.h ../../include/openssl/evp.h -p12_kiss.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -p12_kiss.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -p12_kiss.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h +p12_kiss.o: ../../e_os.h ../../include/openssl/asn1.h +p12_kiss.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h +p12_kiss.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h +p12_kiss.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h +p12_kiss.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h +p12_kiss.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h p12_kiss.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h p12_kiss.o: ../../include/openssl/opensslconf.h p12_kiss.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h p12_kiss.o: ../../include/openssl/pkcs12.h ../../include/openssl/pkcs7.h -p12_kiss.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -p12_kiss.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h -p12_kiss.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -p12_kiss.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -p12_kiss.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -p12_kiss.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h -p12_kiss.o: ../../include/openssl/x509_vfy.h ../cryptlib.h p12_kiss.c -p12_mutl.o: ../../e_os.h ../../include/openssl/aes.h -p12_mutl.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -p12_mutl.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -p12_mutl.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -p12_mutl.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -p12_mutl.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -p12_mutl.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -p12_mutl.o: ../../include/openssl/err.h ../../include/openssl/evp.h -p12_mutl.o: ../../include/openssl/hmac.h ../../include/openssl/idea.h -p12_mutl.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -p12_mutl.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -p12_mutl.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h +p12_kiss.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +p12_kiss.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +p12_kiss.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +p12_kiss.o: ../cryptlib.h p12_kiss.c +p12_mutl.o: ../../e_os.h ../../include/openssl/asn1.h +p12_mutl.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h +p12_mutl.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h +p12_mutl.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h +p12_mutl.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h +p12_mutl.o: ../../include/openssl/evp.h ../../include/openssl/hmac.h +p12_mutl.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h p12_mutl.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h p12_mutl.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h p12_mutl.o: ../../include/openssl/pkcs12.h ../../include/openssl/pkcs7.h -p12_mutl.o: ../../include/openssl/rand.h ../../include/openssl/rc2.h -p12_mutl.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -p12_mutl.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -p12_mutl.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -p12_mutl.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -p12_mutl.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -p12_mutl.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -p12_mutl.o: ../cryptlib.h p12_mutl.c -p12_npas.o: ../../include/openssl/aes.h ../../include/openssl/asn1.h -p12_npas.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -p12_npas.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -p12_npas.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h -p12_npas.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -p12_npas.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -p12_npas.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -p12_npas.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -p12_npas.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -p12_npas.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -p12_npas.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h +p12_mutl.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h +p12_mutl.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +p12_mutl.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h +p12_mutl.o: ../../include/openssl/x509_vfy.h ../cryptlib.h p12_mutl.c +p12_npas.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h +p12_npas.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h +p12_npas.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h +p12_npas.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h +p12_npas.o: ../../include/openssl/err.h ../../include/openssl/evp.h +p12_npas.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h p12_npas.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h p12_npas.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h p12_npas.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h p12_npas.o: ../../include/openssl/pkcs12.h ../../include/openssl/pkcs7.h -p12_npas.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -p12_npas.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h -p12_npas.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -p12_npas.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -p12_npas.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -p12_npas.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h -p12_npas.o: ../../include/openssl/x509_vfy.h p12_npas.c -p12_p8d.o: ../../e_os.h ../../include/openssl/aes.h -p12_p8d.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -p12_p8d.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -p12_p8d.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -p12_p8d.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -p12_p8d.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -p12_p8d.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -p12_p8d.o: ../../include/openssl/err.h ../../include/openssl/evp.h -p12_p8d.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -p12_p8d.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -p12_p8d.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h +p12_npas.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +p12_npas.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +p12_npas.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +p12_npas.o: p12_npas.c +p12_p8d.o: ../../e_os.h ../../include/openssl/asn1.h +p12_p8d.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h +p12_p8d.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h +p12_p8d.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h +p12_p8d.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h +p12_p8d.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h p12_p8d.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h p12_p8d.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h p12_p8d.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs12.h -p12_p8d.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -p12_p8d.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -p12_p8d.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -p12_p8d.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -p12_p8d.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -p12_p8d.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -p12_p8d.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -p12_p8d.o: ../cryptlib.h p12_p8d.c -p12_p8e.o: ../../e_os.h ../../include/openssl/aes.h -p12_p8e.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -p12_p8e.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -p12_p8e.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -p12_p8e.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -p12_p8e.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -p12_p8e.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -p12_p8e.o: ../../include/openssl/err.h ../../include/openssl/evp.h -p12_p8e.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -p12_p8e.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -p12_p8e.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h +p12_p8d.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h +p12_p8d.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +p12_p8d.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h +p12_p8d.o: ../../include/openssl/x509_vfy.h ../cryptlib.h p12_p8d.c +p12_p8e.o: ../../e_os.h ../../include/openssl/asn1.h +p12_p8e.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h +p12_p8e.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h +p12_p8e.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h +p12_p8e.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h +p12_p8e.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h p12_p8e.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h p12_p8e.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h p12_p8e.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs12.h -p12_p8e.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -p12_p8e.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -p12_p8e.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -p12_p8e.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -p12_p8e.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -p12_p8e.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -p12_p8e.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -p12_p8e.o: ../cryptlib.h p12_p8e.c -p12_utl.o: ../../e_os.h ../../include/openssl/aes.h -p12_utl.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -p12_utl.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -p12_utl.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -p12_utl.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -p12_utl.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -p12_utl.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -p12_utl.o: ../../include/openssl/err.h ../../include/openssl/evp.h -p12_utl.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -p12_utl.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -p12_utl.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h +p12_p8e.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h +p12_p8e.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +p12_p8e.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h +p12_p8e.o: ../../include/openssl/x509_vfy.h ../cryptlib.h p12_p8e.c +p12_utl.o: ../../e_os.h ../../include/openssl/asn1.h +p12_utl.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h +p12_utl.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h +p12_utl.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h +p12_utl.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h +p12_utl.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h p12_utl.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h p12_utl.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h p12_utl.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs12.h -p12_utl.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -p12_utl.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -p12_utl.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -p12_utl.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -p12_utl.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -p12_utl.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -p12_utl.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -p12_utl.o: ../cryptlib.h p12_utl.c -pk12err.o: ../../include/openssl/aes.h ../../include/openssl/asn1.h -pk12err.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -pk12err.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -pk12err.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h -pk12err.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -pk12err.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -pk12err.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -pk12err.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -pk12err.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -pk12err.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -pk12err.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h +p12_utl.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h +p12_utl.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +p12_utl.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h +p12_utl.o: ../../include/openssl/x509_vfy.h ../cryptlib.h p12_utl.c +pk12err.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h +pk12err.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h +pk12err.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h +pk12err.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h +pk12err.o: ../../include/openssl/err.h ../../include/openssl/evp.h +pk12err.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h pk12err.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h pk12err.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h pk12err.o: ../../include/openssl/pkcs12.h ../../include/openssl/pkcs7.h -pk12err.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -pk12err.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h -pk12err.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -pk12err.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -pk12err.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -pk12err.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h -pk12err.o: ../../include/openssl/x509_vfy.h pk12err.c +pk12err.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +pk12err.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +pk12err.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +pk12err.o: pk12err.c diff --git a/src/lib/libcrypto/pkcs7/Makefile b/src/lib/libcrypto/pkcs7/Makefile index a213ae2227..3f7e88b40f 100644 --- a/src/lib/libcrypto/pkcs7/Makefile +++ b/src/lib/libcrypto/pkcs7/Makefile @@ -7,11 +7,6 @@ TOP= ../.. CC= cc INCLUDES= -I.. -I$(TOP) -I../../include CFLAG=-g -INSTALL_PREFIX= -OPENSSLDIR= /usr/local/ssl -INSTALLTOP=/usr/local/ssl -MAKEDEPPROG= makedepend -MAKEDEPEND= $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG) MAKEFILE= Makefile AR= ar r @@ -72,6 +67,7 @@ links: @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS) install: + @[ -n "$(INSTALLTOP)" ] # should be set by top Makefile... @headerlist="$(EXHEADER)"; for i in $$headerlist ; \ do \ (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \ @@ -87,6 +83,7 @@ lint: lint -DLINT $(INCLUDES) $(SRC)>fluff depend: + @[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile... $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC) dclean: @@ -98,143 +95,92 @@ clean: # DO NOT DELETE THIS LINE -- make depend depends on it. -pk7_asn1.o: ../../e_os.h ../../include/openssl/aes.h -pk7_asn1.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h -pk7_asn1.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -pk7_asn1.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -pk7_asn1.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h -pk7_asn1.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -pk7_asn1.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -pk7_asn1.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -pk7_asn1.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -pk7_asn1.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -pk7_asn1.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -pk7_asn1.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h +pk7_asn1.o: ../../e_os.h ../../include/openssl/asn1.h +pk7_asn1.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h +pk7_asn1.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h +pk7_asn1.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h +pk7_asn1.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h +pk7_asn1.o: ../../include/openssl/err.h ../../include/openssl/evp.h +pk7_asn1.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h pk7_asn1.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h pk7_asn1.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -pk7_asn1.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -pk7_asn1.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -pk7_asn1.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -pk7_asn1.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -pk7_asn1.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -pk7_asn1.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -pk7_asn1.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -pk7_asn1.o: ../cryptlib.h pk7_asn1.c -pk7_attr.o: ../../include/openssl/aes.h ../../include/openssl/asn1.h -pk7_attr.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -pk7_attr.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -pk7_attr.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h -pk7_attr.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -pk7_attr.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -pk7_attr.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -pk7_attr.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -pk7_attr.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -pk7_attr.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -pk7_attr.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h +pk7_asn1.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h +pk7_asn1.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +pk7_asn1.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h +pk7_asn1.o: ../../include/openssl/x509_vfy.h ../cryptlib.h pk7_asn1.c +pk7_attr.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h +pk7_attr.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h +pk7_attr.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h +pk7_attr.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h +pk7_attr.o: ../../include/openssl/err.h ../../include/openssl/evp.h +pk7_attr.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h pk7_attr.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h pk7_attr.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h pk7_attr.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h -pk7_attr.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -pk7_attr.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -pk7_attr.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -pk7_attr.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -pk7_attr.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -pk7_attr.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -pk7_attr.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -pk7_attr.o: pk7_attr.c -pk7_doit.o: ../../e_os.h ../../include/openssl/aes.h -pk7_doit.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -pk7_doit.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -pk7_doit.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h +pk7_attr.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h +pk7_attr.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +pk7_attr.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h +pk7_attr.o: ../../include/openssl/x509_vfy.h pk7_attr.c +pk7_doit.o: ../../e_os.h ../../include/openssl/asn1.h +pk7_doit.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h pk7_doit.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h -pk7_doit.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -pk7_doit.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -pk7_doit.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -pk7_doit.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -pk7_doit.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -pk7_doit.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -pk7_doit.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h +pk7_doit.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h +pk7_doit.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h +pk7_doit.o: ../../include/openssl/err.h ../../include/openssl/evp.h +pk7_doit.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h pk7_doit.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h pk7_doit.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h pk7_doit.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h -pk7_doit.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -pk7_doit.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h -pk7_doit.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -pk7_doit.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -pk7_doit.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -pk7_doit.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h -pk7_doit.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h -pk7_doit.o: ../cryptlib.h pk7_doit.c -pk7_lib.o: ../../e_os.h ../../include/openssl/aes.h -pk7_lib.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -pk7_lib.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -pk7_lib.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -pk7_lib.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -pk7_lib.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -pk7_lib.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -pk7_lib.o: ../../include/openssl/err.h ../../include/openssl/evp.h -pk7_lib.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -pk7_lib.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -pk7_lib.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h +pk7_doit.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +pk7_doit.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +pk7_doit.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +pk7_doit.o: ../../include/openssl/x509v3.h ../cryptlib.h pk7_doit.c +pk7_lib.o: ../../e_os.h ../../include/openssl/asn1.h +pk7_lib.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h +pk7_lib.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h +pk7_lib.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h +pk7_lib.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h +pk7_lib.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h pk7_lib.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h pk7_lib.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h pk7_lib.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h -pk7_lib.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -pk7_lib.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h -pk7_lib.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -pk7_lib.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -pk7_lib.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -pk7_lib.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h -pk7_lib.o: ../../include/openssl/x509_vfy.h ../cryptlib.h pk7_lib.c -pk7_mime.o: ../../e_os.h ../../include/openssl/aes.h -pk7_mime.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -pk7_mime.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -pk7_mime.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -pk7_mime.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -pk7_mime.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -pk7_mime.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -pk7_mime.o: ../../include/openssl/err.h ../../include/openssl/evp.h -pk7_mime.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -pk7_mime.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -pk7_mime.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h +pk7_lib.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +pk7_lib.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +pk7_lib.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +pk7_lib.o: ../cryptlib.h pk7_lib.c +pk7_mime.o: ../../e_os.h ../../include/openssl/asn1.h +pk7_mime.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h +pk7_mime.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h +pk7_mime.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h +pk7_mime.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h +pk7_mime.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h pk7_mime.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h pk7_mime.o: ../../include/openssl/opensslconf.h pk7_mime.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h pk7_mime.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h -pk7_mime.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -pk7_mime.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h -pk7_mime.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -pk7_mime.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -pk7_mime.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -pk7_mime.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h -pk7_mime.o: ../../include/openssl/x509_vfy.h ../cryptlib.h pk7_mime.c -pk7_smime.o: ../../e_os.h ../../include/openssl/aes.h -pk7_smime.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -pk7_smime.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -pk7_smime.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h +pk7_mime.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +pk7_mime.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +pk7_mime.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +pk7_mime.o: ../cryptlib.h pk7_mime.c +pk7_smime.o: ../../e_os.h ../../include/openssl/asn1.h +pk7_smime.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h pk7_smime.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h -pk7_smime.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -pk7_smime.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -pk7_smime.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -pk7_smime.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -pk7_smime.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -pk7_smime.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -pk7_smime.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h +pk7_smime.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h +pk7_smime.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h +pk7_smime.o: ../../include/openssl/err.h ../../include/openssl/evp.h +pk7_smime.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h pk7_smime.o: ../../include/openssl/objects.h pk7_smime.o: ../../include/openssl/opensslconf.h pk7_smime.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -pk7_smime.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -pk7_smime.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -pk7_smime.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -pk7_smime.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -pk7_smime.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -pk7_smime.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -pk7_smime.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -pk7_smime.o: ../../include/openssl/x509v3.h ../cryptlib.h pk7_smime.c +pk7_smime.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h +pk7_smime.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +pk7_smime.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h +pk7_smime.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h +pk7_smime.o: ../cryptlib.h pk7_smime.c pkcs7err.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -pkcs7err.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h -pkcs7err.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -pkcs7err.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h +pkcs7err.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h +pkcs7err.o: ../../include/openssl/err.h ../../include/openssl/lhash.h +pkcs7err.o: ../../include/openssl/opensslconf.h pkcs7err.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h pkcs7err.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h pkcs7err.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h diff --git a/src/lib/libcrypto/pkcs7/bio_ber.c b/src/lib/libcrypto/pkcs7/bio_ber.c index 895a91177b..31973fcd1f 100644 --- a/src/lib/libcrypto/pkcs7/bio_ber.c +++ b/src/lib/libcrypto/pkcs7/bio_ber.c @@ -204,7 +204,7 @@ int bio_ber_get_header(BIO *bio, BIO_BER_CTX *ctx) if ((ctx->buf_len < BER_BUF_SIZE) && (ERR_GET_REASON(ERR_peek_error()) == ASN1_R_TOO_LONG)) { - ERR_get_error(); /* clear the error */ + ERR_clear_error(); /* clear the error */ BIO_set_retry_read(b); } return(-1); diff --git a/src/lib/libcrypto/pkcs7/example.c b/src/lib/libcrypto/pkcs7/example.c index c993947cc3..2953d04b5c 100644 --- a/src/lib/libcrypto/pkcs7/example.c +++ b/src/lib/libcrypto/pkcs7/example.c @@ -123,7 +123,7 @@ int get_signed_seq2string(PKCS7_SIGNER_INFO *si, char **str1, char **str2) so=PKCS7_get_signed_attribute(si,signed_seq2string_nid); if (so && (so->type == V_ASN1_SEQUENCE)) { - ASN1_CTX c; + ASN1_const_CTX c; ASN1_STRING *s; long length; ASN1_OCTET_STRING *os1,*os2; @@ -144,7 +144,7 @@ int get_signed_seq2string(PKCS7_SIGNER_INFO *si, char **str1, char **str2) goto err; c.slen-=(c.p-c.q); - if (!asn1_Finish(&c)) goto err; + if (!asn1_const_Finish(&c)) goto err; *str1=malloc(os1->length+1); *str2=malloc(os2->length+1); memcpy(*str1,os1->data,os1->length); @@ -290,7 +290,7 @@ int sk_get_seq2string(STACK_OF(X509_ATTRIBUTE) *sk, char **str1, char **str2) so=PKCS7_get_signed_attribute(&si,signed_seq2string_nid); if (so->type == V_ASN1_SEQUENCE) { - ASN1_CTX c; + ASN1_const_CTX c; ASN1_STRING *s; long length; ASN1_OCTET_STRING *os1,*os2; @@ -311,7 +311,7 @@ int sk_get_seq2string(STACK_OF(X509_ATTRIBUTE) *sk, char **str1, char **str2) goto err; c.slen-=(c.p-c.q); - if (!asn1_Finish(&c)) goto err; + if (!asn1_const_Finish(&c)) goto err; *str1=malloc(os1->length+1); *str2=malloc(os2->length+1); memcpy(*str1,os1->data,os1->length); diff --git a/src/lib/libcrypto/pqueue/pq_compat.h b/src/lib/libcrypto/pqueue/pq_compat.h new file mode 100644 index 0000000000..fd36578882 --- /dev/null +++ b/src/lib/libcrypto/pqueue/pq_compat.h @@ -0,0 +1,147 @@ +/* crypto/pqueue/pqueue_compat.h */ +/* + * DTLS implementation written by Nagendra Modadugu + * (nagendra@cs.stanford.edu) for the OpenSSL project 2005. + */ +/* ==================================================================== + * Copyright (c) 1999-2005 The OpenSSL Project. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * 3. All advertising materials mentioning features or use of this + * software must display the following acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" + * + * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to + * endorse or promote products derived from this software without + * prior written permission. For written permission, please contact + * openssl-core@OpenSSL.org. + * + * 5. Products derived from this software may not be called "OpenSSL" + * nor may "OpenSSL" appear in their names without prior written + * permission of the OpenSSL Project. + * + * 6. Redistributions of any form whatsoever must retain the following + * acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" + * + * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY + * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR + * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * ==================================================================== + * + * This product includes cryptographic software written by Eric Young + * (eay@cryptsoft.com). This product includes software written by Tim + * Hudson (tjh@cryptsoft.com). + * + */ + +#include +#include + +/* + * The purpose of this header file is for supporting 64-bit integer + * manipulation on 32-bit (and lower) machines. Currently the only + * such environment is VMS, Utrix and those with smaller default integer + * sizes than 32 bits. For all such environment, we fall back to using + * BIGNUM. We may need to fine tune the conditions for systems that + * are incorrectly configured. + * + * The only clients of this code are (1) pqueue for priority, and + * (2) DTLS, for sequence number manipulation. + */ + +#if (defined(THIRTY_TWO_BIT) && !defined(BN_LLONG)) || defined(SIXTEEN_BIT) || defined(EIGHT_BIT) + +#define PQ_64BIT_IS_INTEGER 0 +#define PQ_64BIT_IS_BIGNUM 1 + +#define PQ_64BIT BIGNUM +#define PQ_64BIT_CTX BN_CTX + +#define pq_64bit_init(x) BN_init(x) +#define pq_64bit_free(x) BN_free(x) + +#define pq_64bit_ctx_new(ctx) BN_CTX_new() +#define pq_64bit_ctx_free(x) BN_CTX_free(x) + +#define pq_64bit_assign(x, y) BN_copy(x, y) +#define pq_64bit_assign_word(x, y) BN_set_word(x, y) +#define pq_64bit_gt(x, y) BN_ucmp(x, y) >= 1 ? 1 : 0 +#define pq_64bit_eq(x, y) BN_ucmp(x, y) == 0 ? 1 : 0 +#define pq_64bit_add_word(x, w) BN_add_word(x, w) +#define pq_64bit_sub(r, x, y) BN_sub(r, x, y) +#define pq_64bit_sub_word(x, w) BN_sub_word(x, w) +#define pq_64bit_mod(r, x, n, ctx) BN_mod(r, x, n, ctx) + +#define pq_64bit_bin2num(bn, bytes, len) BN_bin2bn(bytes, len, bn) +#define pq_64bit_num2bin(bn, bytes) BN_bn2bin(bn, bytes) +#define pq_64bit_get_word(x) BN_get_word(x) +#define pq_64bit_is_bit_set(x, offset) BN_is_bit_set(x, offset) +#define pq_64bit_lshift(r, x, shift) BN_lshift(r, x, shift) +#define pq_64bit_set_bit(x, num) BN_set_bit(x, num) +#define pq_64bit_get_length(x) BN_num_bits((x)) + +#else + +#define PQ_64BIT_IS_INTEGER 1 +#define PQ_64BIT_IS_BIGNUM 0 + +#if defined(SIXTY_FOUR_BIT) +#define PQ_64BIT BN_ULONG +#define PQ_64BIT_PRINT "%lld" +#elif defined(SIXTY_FOUR_BIT_LONG) +#define PQ_64BIT BN_ULONG +#define PQ_64BIT_PRINT "%ld" +#elif defined(THIRTY_TWO_BIT) +#define PQ_64BIT BN_ULLONG +#define PQ_64BIT_PRINT "%lld" +#endif + +#define PQ_64BIT_CTX void + +#define pq_64bit_init(x) +#define pq_64bit_free(x) +#define pq_64bit_ctx_new(ctx) (ctx) +#define pq_64bit_ctx_free(x) + +#define pq_64bit_assign(x, y) (*(x) = *(y)) +#define pq_64bit_assign_word(x, y) (*(x) = y) +#define pq_64bit_gt(x, y) (*(x) > *(y)) +#define pq_64bit_eq(x, y) (*(x) == *(y)) +#define pq_64bit_add_word(x, w) (*(x) = (*(x) + (w))) +#define pq_64bit_sub(r, x, y) (*(r) = (*(x) - *(y))) +#define pq_64bit_sub_word(x, w) (*(x) = (*(x) - (w))) +#define pq_64bit_mod(r, x, n, ctx) + +#define pq_64bit_bin2num(num, bytes, len) bytes_to_long_long(bytes, num) +#define pq_64bit_num2bin(num, bytes) long_long_to_bytes(num, bytes) +#define pq_64bit_get_word(x) *(x) +#define pq_64bit_lshift(r, x, shift) (*(r) = (*(x) << (shift))) +#define pq_64bit_set_bit(x, num) do { \ + PQ_64BIT mask = 1; \ + mask = mask << (num); \ + *(x) |= mask; \ + } while(0) +#endif /* OPENSSL_SYS_VMS */ diff --git a/src/lib/libcrypto/rand/Makefile b/src/lib/libcrypto/rand/Makefile index b1d1a75f98..3c1ab5bbae 100644 --- a/src/lib/libcrypto/rand/Makefile +++ b/src/lib/libcrypto/rand/Makefile @@ -7,11 +7,6 @@ TOP= ../.. CC= cc INCLUDES= CFLAG=-g -INSTALL_PREFIX= -OPENSSLDIR= /usr/local/ssl -INSTALLTOP=/usr/local/ssl -MAKEDEPPROG= makedepend -MAKEDEPEND= $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG) MAKEFILE= Makefile AR= ar r @@ -23,9 +18,9 @@ APPS= LIB=$(TOP)/libcrypto.a LIBSRC=md_rand.c randfile.c rand_lib.c rand_err.c rand_egd.c \ - rand_win.c rand_unix.c rand_os2.c + rand_win.c rand_unix.c rand_os2.c rand_nw.c LIBOBJ=md_rand.o randfile.o rand_lib.o rand_err.o rand_egd.o \ - rand_win.o rand_unix.o rand_os2.o + rand_win.o rand_unix.o rand_os2.o rand_nw.o SRC= $(LIBSRC) @@ -53,6 +48,7 @@ links: @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS) install: + @[ -n "$(INSTALLTOP)" ] # should be set by top Makefile... @headerlist="$(EXHEADER)"; for i in $$headerlist ; \ do \ (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \ @@ -68,6 +64,7 @@ lint: lint -DLINT $(INCLUDES) $(SRC)>fluff depend: + @[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile... $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC) dclean: @@ -79,26 +76,16 @@ clean: # DO NOT DELETE THIS LINE -- make depend depends on it. -md_rand.o: ../../e_os.h ../../include/openssl/aes.h -md_rand.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -md_rand.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -md_rand.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h -md_rand.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -md_rand.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h +md_rand.o: ../../e_os.h ../../include/openssl/asn1.h +md_rand.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h md_rand.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -md_rand.o: ../../include/openssl/evp.h ../../include/openssl/fips.h -md_rand.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -md_rand.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -md_rand.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h +md_rand.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h md_rand.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h md_rand.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h md_rand.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h -md_rand.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -md_rand.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h -md_rand.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -md_rand.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -md_rand.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -md_rand.o: ../../include/openssl/ui_compat.h md_rand.c rand_lcl.h +md_rand.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +md_rand.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +md_rand.o: md_rand.c rand_lcl.h rand_egd.o: ../../include/openssl/buffer.h ../../include/openssl/e_os2.h rand_egd.o: ../../include/openssl/opensslconf.h rand_egd.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h @@ -110,83 +97,59 @@ rand_err.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h rand_err.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h rand_err.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h rand_err.o: rand_err.c -rand_lib.o: ../../e_os.h ../../include/openssl/asn1.h -rand_lib.o: ../../include/openssl/bio.h ../../include/openssl/bn.h +rand_lib.o: ../../e_os.h ../../include/openssl/bio.h rand_lib.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h -rand_lib.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -rand_lib.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h rand_lib.o: ../../include/openssl/e_os2.h ../../include/openssl/engine.h -rand_lib.o: ../../include/openssl/err.h ../../include/openssl/fips.h -rand_lib.o: ../../include/openssl/fips_rand.h ../../include/openssl/lhash.h +rand_lib.o: ../../include/openssl/err.h ../../include/openssl/lhash.h rand_lib.o: ../../include/openssl/opensslconf.h rand_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -rand_lib.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h -rand_lib.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h -rand_lib.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -rand_lib.o: ../../include/openssl/ui_compat.h ../cryptlib.h rand_lib.c -rand_os2.o: ../../e_os.h ../../include/openssl/aes.h -rand_os2.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -rand_os2.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -rand_os2.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -rand_os2.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -rand_os2.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -rand_os2.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h +rand_lib.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h +rand_lib.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +rand_lib.o: ../cryptlib.h rand_lib.c +rand_nw.o: ../../e_os.h ../../include/openssl/asn1.h +rand_nw.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h +rand_nw.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h +rand_nw.o: ../../include/openssl/err.h ../../include/openssl/evp.h +rand_nw.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h +rand_nw.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h +rand_nw.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +rand_nw.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h +rand_nw.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +rand_nw.o: ../../include/openssl/symhacks.h ../cryptlib.h rand_lcl.h rand_nw.c +rand_os2.o: ../../e_os.h ../../include/openssl/asn1.h +rand_os2.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h +rand_os2.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h rand_os2.o: ../../include/openssl/err.h ../../include/openssl/evp.h -rand_os2.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -rand_os2.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -rand_os2.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h -rand_os2.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -rand_os2.o: ../../include/openssl/opensslconf.h +rand_os2.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h +rand_os2.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h rand_os2.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -rand_os2.o: ../../include/openssl/rand.h ../../include/openssl/rc2.h -rand_os2.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -rand_os2.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -rand_os2.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -rand_os2.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -rand_os2.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -rand_os2.o: ../cryptlib.h rand_lcl.h rand_os2.c -rand_unix.o: ../../e_os.h ../../include/openssl/aes.h -rand_unix.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -rand_unix.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -rand_unix.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -rand_unix.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -rand_unix.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -rand_unix.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h +rand_os2.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h +rand_os2.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +rand_os2.o: ../../include/openssl/symhacks.h ../cryptlib.h rand_lcl.h +rand_os2.o: rand_os2.c +rand_unix.o: ../../e_os.h ../../include/openssl/asn1.h +rand_unix.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h +rand_unix.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h rand_unix.o: ../../include/openssl/err.h ../../include/openssl/evp.h -rand_unix.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -rand_unix.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -rand_unix.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h -rand_unix.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h +rand_unix.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h +rand_unix.o: ../../include/openssl/objects.h rand_unix.o: ../../include/openssl/opensslconf.h rand_unix.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -rand_unix.o: ../../include/openssl/rand.h ../../include/openssl/rc2.h -rand_unix.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -rand_unix.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -rand_unix.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -rand_unix.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -rand_unix.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -rand_unix.o: ../cryptlib.h rand_lcl.h rand_unix.c -rand_win.o: ../../e_os.h ../../include/openssl/aes.h -rand_win.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -rand_win.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -rand_win.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -rand_win.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -rand_win.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -rand_win.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h +rand_unix.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h +rand_unix.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +rand_unix.o: ../../include/openssl/symhacks.h ../cryptlib.h rand_lcl.h +rand_unix.o: rand_unix.c +rand_win.o: ../../e_os.h ../../include/openssl/asn1.h +rand_win.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h +rand_win.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h rand_win.o: ../../include/openssl/err.h ../../include/openssl/evp.h -rand_win.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -rand_win.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -rand_win.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h -rand_win.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -rand_win.o: ../../include/openssl/opensslconf.h +rand_win.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h +rand_win.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h rand_win.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -rand_win.o: ../../include/openssl/rand.h ../../include/openssl/rc2.h -rand_win.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -rand_win.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -rand_win.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -rand_win.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -rand_win.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -rand_win.o: ../cryptlib.h rand_lcl.h rand_win.c +rand_win.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h +rand_win.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +rand_win.o: ../../include/openssl/symhacks.h ../cryptlib.h rand_lcl.h +rand_win.o: rand_win.c randfile.o: ../../e_os.h ../../include/openssl/buffer.h randfile.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h randfile.o: ../../include/openssl/opensslconf.h diff --git a/src/lib/libcrypto/rand/md_rand.c b/src/lib/libcrypto/rand/md_rand.c index c84968df88..9783d0c23e 100644 --- a/src/lib/libcrypto/rand/md_rand.c +++ b/src/lib/libcrypto/rand/md_rand.c @@ -126,7 +126,6 @@ #include #include -#include #ifdef BN_DEBUG # define PREDICT @@ -153,7 +152,7 @@ static unsigned long locking_thread = 0; /* valid iff crypto_lock_rand is set */ int rand_predictable=0; #endif -const char *RAND_version="RAND" OPENSSL_VERSION_PTEXT; +const char RAND_version[]="RAND" OPENSSL_VERSION_PTEXT; static void ssleay_rand_cleanup(void); static void ssleay_rand_seed(const void *buf, int num); @@ -301,7 +300,7 @@ static void ssleay_rand_add(const void *buf, int num, double add) * other thread's seeding remains without effect (except for * the incremented counter). By XORing it we keep at least as * much entropy as fits into md. */ - for (k = 0; k < sizeof md; k++) + for (k = 0; k < (int)sizeof(md); k++) { md[k] ^= local_md[k]; } @@ -316,7 +315,7 @@ static void ssleay_rand_add(const void *buf, int num, double add) static void ssleay_rand_seed(const void *buf, int num) { - ssleay_rand_add(buf, num, num); + ssleay_rand_add(buf, num, (double)num); } static int ssleay_rand_bytes(unsigned char *buf, int num) @@ -333,14 +332,6 @@ static int ssleay_rand_bytes(unsigned char *buf, int num) #endif int do_stir_pool = 0; -#ifdef OPENSSL_FIPS - if(FIPS_mode()) - { - FIPSerr(FIPS_F_SSLEAY_RAND_BYTES,FIPS_R_NON_FIPS_METHOD); - return 0; - } -#endif - #ifdef PREDICT if (rand_predictable) { @@ -529,7 +520,7 @@ static int ssleay_rand_pseudo_bytes(unsigned char *buf, int num) err = ERR_peek_error(); if (ERR_GET_LIB(err) == ERR_LIB_RAND && ERR_GET_REASON(err) == RAND_R_PRNG_NOT_SEEDED) - (void)ERR_get_error(); + ERR_clear_error(); } return (ret); } diff --git a/src/lib/libcrypto/rand/rand_egd.c b/src/lib/libcrypto/rand/rand_egd.c index cd666abfcb..50bce6caba 100644 --- a/src/lib/libcrypto/rand/rand_egd.c +++ b/src/lib/libcrypto/rand/rand_egd.c @@ -95,7 +95,7 @@ * RAND_egd() is a wrapper for RAND_egd_bytes() with numbytes=255. */ -#if defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_VMS) || defined(OPENSSL_SYS_MSDOS) || defined(OPENSSL_SYS_VXWORKS) || defined(OPENSSL_SYS_VOS) +#if defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_VMS) || defined(OPENSSL_SYS_MSDOS) || defined(OPENSSL_SYS_VXWORKS) || defined(OPENSSL_SYS_NETWARE) || defined(OPENSSL_SYS_VOS) int RAND_query_egd_bytes(const char *path, unsigned char *buf, int bytes) { return(-1); diff --git a/src/lib/libcrypto/rand/rand_unix.c b/src/lib/libcrypto/rand/rand_unix.c index 9376554fae..6c2be5cb96 100644 --- a/src/lib/libcrypto/rand/rand_unix.c +++ b/src/lib/libcrypto/rand/rand_unix.c @@ -56,7 +56,7 @@ * [including the GNU Public Licence.] */ /* ==================================================================== - * Copyright (c) 1998-2000 The OpenSSL Project. All rights reserved. + * Copyright (c) 1998-2006 The OpenSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -108,6 +108,7 @@ * Hudson (tjh@cryptsoft.com). * */ +#include #define USE_SOCKETS #include "e_os.h" @@ -115,7 +116,7 @@ #include #include "rand_lcl.h" -#if !(defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_VMS) || defined(OPENSSL_SYS_OS2) || defined(OPENSSL_SYS_VXWORKS)) +#if !(defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_VMS) || defined(OPENSSL_SYS_OS2) || defined(OPENSSL_SYS_VXWORKS) || defined(OPENSSL_SYS_NETWARE)) #include #include @@ -124,6 +125,13 @@ #include #include #include +#if defined(OPENSSL_SYS_LINUX) /* should actually be available virtually everywhere */ +# include +#endif +#include +#ifndef FD_SETSIZE +# define FD_SETSIZE (8*sizeof(fd_set)) +#endif #ifdef __OpenBSD__ int RAND_poll(void) @@ -142,7 +150,7 @@ int RAND_poll(void) return 1; } -#else +#else /* !defined(__OpenBSD__) */ int RAND_poll(void) { unsigned long l; @@ -154,7 +162,8 @@ int RAND_poll(void) #ifdef DEVRANDOM static const char *randomfiles[] = { DEVRANDOM }; struct stat randomstats[sizeof(randomfiles)/sizeof(randomfiles[0])]; - int fd,i; + int fd; + size_t i; #endif #ifdef DEVRANDOM_EGD static const char *egdsockets[] = { DEVRANDOM_EGD, NULL }; @@ -182,10 +191,9 @@ int RAND_poll(void) #endif )) >= 0) { - struct timeval t = { 0, 10*1000 }; /* Spend 10ms on - each file. */ - int r,j; - fd_set fset; + int usec = 10*1000; /* spend 10ms on each file */ + int r; + size_t j; struct stat *st=&randomstats[i]; /* Avoid using same input... Used to be O_NOFOLLOW @@ -201,35 +209,75 @@ int RAND_poll(void) do { - FD_ZERO(&fset); - FD_SET(fd, &fset); - r = -1; + int try_read = 0; - if (select(fd+1,&fset,NULL,NULL,&t) < 0) - t.tv_usec=0; - else if (FD_ISSET(fd, &fset)) +#if defined(OPENSSL_SYS_LINUX) + /* use poll() */ + struct pollfd pset; + + pset.fd = fd; + pset.events = POLLIN; + pset.revents = 0; + + if (poll(&pset, 1, usec / 1000) < 0) + usec = 0; + else + try_read = (pset.revents & POLLIN) != 0; + +#else + /* use select() */ + fd_set fset; + struct timeval t; + + t.tv_sec = 0; + t.tv_usec = usec; + + if (FD_SETSIZE > 0 && fd >= FD_SETSIZE) + { + /* can't use select, so just try to read once anyway */ + try_read = 1; + } + else + { + FD_ZERO(&fset); + FD_SET(fd, &fset); + + if (select(fd+1,&fset,NULL,NULL,&t) >= 0) + { + usec = t.tv_usec; + if (FD_ISSET(fd, &fset)) + try_read = 1; + } + else + usec = 0; + } +#endif + + if (try_read) { - r=read(fd,(unsigned char *)tmpbuf+n, - ENTROPY_NEEDED-n); + r = read(fd,(unsigned char *)tmpbuf+n, ENTROPY_NEEDED-n); if (r > 0) n += r; } - - /* Some Unixen will update t, some - won't. For those who won't, give - up here, otherwise, we will do + else + r = -1; + + /* Some Unixen will update t in select(), some + won't. For those who won't, or if we + didn't use select() in the first place, + give up here, otherwise, we will do this once again for the remaining time. */ - if (t.tv_usec == 10*1000) - t.tv_usec=0; + if (usec == 10*1000) + usec = 0; } - while ((r > 0 || (errno == EINTR || errno == EAGAIN)) - && t.tv_usec != 0 && n < ENTROPY_NEEDED); + while ((r > 0 || + (errno == EINTR || errno == EAGAIN)) && usec != 0 && n < ENTROPY_NEEDED); close(fd); } } -#endif +#endif /* defined(DEVRANDOM) */ #ifdef DEVRANDOM_EGD /* Use an EGD socket to read entropy from an EGD or PRNGD entropy @@ -244,24 +292,24 @@ int RAND_poll(void) if (r > 0) n += r; } -#endif +#endif /* defined(DEVRANDOM_EGD) */ #if defined(DEVRANDOM) || defined(DEVRANDOM_EGD) if (n > 0) { - RAND_add(tmpbuf,sizeof tmpbuf,n); + RAND_add(tmpbuf,sizeof tmpbuf,(double)n); OPENSSL_cleanse(tmpbuf,n); } #endif /* put in some default random data, we need more than just this */ l=curr_pid; - RAND_add(&l,sizeof(l),0); + RAND_add(&l,sizeof(l),0.0); l=getuid(); - RAND_add(&l,sizeof(l),0); + RAND_add(&l,sizeof(l),0.0); l=time(NULL); - RAND_add(&l,sizeof(l),0); + RAND_add(&l,sizeof(l),0.0); #if defined(DEVRANDOM) || defined(DEVRANDOM_EGD) return 1; @@ -270,12 +318,13 @@ int RAND_poll(void) #endif } -#endif -#endif +#endif /* defined(__OpenBSD__) */ +#endif /* !(defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_VMS) || defined(OPENSSL_SYS_OS2) || defined(OPENSSL_SYS_VXWORKS) || defined(OPENSSL_SYS_NETWARE)) */ + #if defined(OPENSSL_SYS_VXWORKS) int RAND_poll(void) -{ - return 0; -} + { + return 0; + } #endif diff --git a/src/lib/libcrypto/rand/rand_win.c b/src/lib/libcrypto/rand/rand_win.c index 30c69161ef..00dbe4232c 100644 --- a/src/lib/libcrypto/rand/rand_win.c +++ b/src/lib/libcrypto/rand/rand_win.c @@ -121,6 +121,10 @@ #include #include +/* Limit the time spent walking through the heap, processes, threads and modules to + a maximum of 1000 miliseconds each, unless CryptoGenRandom failed */ +#define MAXDELAY 1000 + /* Intel hardware RNG CSP -- available from * http://developer.intel.com/design/security/rng/redist_license.htm */ @@ -152,6 +156,7 @@ typedef struct tagCURSORINFO #define CURSOR_SHOWING 0x00000001 #endif /* CURSOR_SHOWING */ +#if !defined(OPENSSL_SYS_WINCE) typedef BOOL (WINAPI *CRYPTACQUIRECONTEXTW)(HCRYPTPROV *, LPCWSTR, LPCWSTR, DWORD, DWORD); typedef BOOL (WINAPI *CRYPTGENRANDOM)(HCRYPTPROV, DWORD, BYTE *); @@ -163,7 +168,7 @@ typedef DWORD (WINAPI *GETQUEUESTATUS)(UINT); typedef HANDLE (WINAPI *CREATETOOLHELP32SNAPSHOT)(DWORD, DWORD); typedef BOOL (WINAPI *CLOSETOOLHELP32SNAPSHOT)(HANDLE); -typedef BOOL (WINAPI *HEAP32FIRST)(LPHEAPENTRY32, DWORD, DWORD); +typedef BOOL (WINAPI *HEAP32FIRST)(LPHEAPENTRY32, DWORD, size_t); typedef BOOL (WINAPI *HEAP32NEXT)(LPHEAPENTRY32); typedef BOOL (WINAPI *HEAP32LIST)(HANDLE, LPHEAPLIST32); typedef BOOL (WINAPI *PROCESS32)(HANDLE, LPPROCESSENTRY32); @@ -171,9 +176,7 @@ typedef BOOL (WINAPI *THREAD32)(HANDLE, LPTHREADENTRY32); typedef BOOL (WINAPI *MODULE32)(HANDLE, LPMODULEENTRY32); #include -#ifndef OPENSSL_SYS_WINCE #include -#endif #if 1 /* The NET API is Unicode only. It requires the use of the UNICODE * macro. When UNICODE is defined LPTSTR becomes LPWSTR. LMSTR was * was added to the Platform SDK to allow the NET API to be used in @@ -184,26 +187,14 @@ typedef NET_API_STATUS (NET_API_FUNCTION * NETSTATGET) (LPWSTR, LPWSTR, DWORD, DWORD, LPBYTE*); typedef NET_API_STATUS (NET_API_FUNCTION * NETFREE)(LPBYTE); #endif /* 1 */ +#endif /* !OPENSSL_SYS_WINCE */ int RAND_poll(void) { MEMORYSTATUS m; HCRYPTPROV hProvider = 0; - BYTE buf[64]; DWORD w; - HWND h; - - HMODULE advapi, kernel, user, netapi; - CRYPTACQUIRECONTEXTW acquire = 0; - CRYPTGENRANDOM gen = 0; - CRYPTRELEASECONTEXT release = 0; -#if 1 /* There was previously a problem with NETSTATGET. Currently, this - * section is still experimental, but if all goes well, this conditional - * will be removed - */ - NETSTATGET netstatget = 0; - NETFREE netfree = 0; -#endif /* 1 */ + int good = 0; /* Determine the OS version we are on so we can turn off things * that do not work properly. @@ -212,21 +203,24 @@ int RAND_poll(void) osverinfo.dwOSVersionInfoSize = sizeof(OSVERSIONINFO) ; GetVersionEx( &osverinfo ) ; -#if defined(OPENSSL_SYS_WINCE) && WCEPLATFORM!=MS_HPC_PRO -#ifndef CryptAcquireContext -#define CryptAcquireContext CryptAcquireContextW -#endif +#if defined(OPENSSL_SYS_WINCE) +# if defined(_WIN32_WCE) && _WIN32_WCE>=300 +/* Even though MSDN says _WIN32_WCE>=210, it doesn't seem to be available + * in commonly available implementations prior 300... */ + { + BYTE buf[64]; /* poll the CryptoAPI PRNG */ /* The CryptoAPI returns sizeof(buf) bytes of randomness */ - if (CryptAcquireContext(&hProvider, 0, 0, PROV_RSA_FULL, CRYPT_VERIFYCONTEXT)) + if (CryptAcquireContextW(&hProvider, NULL, NULL, PROV_RSA_FULL, + CRYPT_VERIFYCONTEXT)) { if (CryptGenRandom(hProvider, sizeof(buf), buf)) RAND_add(buf, sizeof(buf), sizeof(buf)); CryptReleaseContext(hProvider, 0); } -#endif - -#ifndef OPENSSL_SYS_WINCE + } +# endif +#else /* OPENSSL_SYS_WINCE */ /* * None of below libraries are present on Windows CE, which is * why we #ifndef the whole section. This also excuses us from @@ -240,17 +234,19 @@ int RAND_poll(void) * implement own shim routine, which would accept ANSI argument * and expand it to Unicode. */ - + { /* load functions dynamically - not available on all systems */ - advapi = LoadLibrary(TEXT("ADVAPI32.DLL")); - kernel = LoadLibrary(TEXT("KERNEL32.DLL")); - user = LoadLibrary(TEXT("USER32.DLL")); - netapi = LoadLibrary(TEXT("NETAPI32.DLL")); - -#if 1 /* There was previously a problem with NETSTATGET. Currently, this - * section is still experimental, but if all goes well, this conditional - * will be removed - */ + HMODULE advapi = LoadLibrary(TEXT("ADVAPI32.DLL")); + HMODULE kernel = LoadLibrary(TEXT("KERNEL32.DLL")); + HMODULE user = NULL; + HMODULE netapi = LoadLibrary(TEXT("NETAPI32.DLL")); + CRYPTACQUIRECONTEXTW acquire = NULL; + CRYPTGENRANDOM gen = NULL; + CRYPTRELEASECONTEXT release = NULL; + NETSTATGET netstatget = NULL; + NETFREE netfree = NULL; + BYTE buf[64]; + if (netapi) { netstatget = (NETSTATGET) GetProcAddress(netapi,"NetStatisticsGet"); @@ -280,7 +276,6 @@ int RAND_poll(void) if (netapi) FreeLibrary(netapi); -#endif /* 1 */ /* It appears like this can cause an exception deep within ADVAPI32.DLL * at random times on Windows 2000. Reported by Jeffrey Altman. @@ -356,12 +351,13 @@ int RAND_poll(void) { /* poll the CryptoAPI PRNG */ /* The CryptoAPI returns sizeof(buf) bytes of randomness */ - if (acquire(&hProvider, 0, 0, PROV_RSA_FULL, + if (acquire(&hProvider, NULL, NULL, PROV_RSA_FULL, CRYPT_VERIFYCONTEXT)) { if (gen(hProvider, sizeof(buf), buf) != 0) { RAND_add(buf, sizeof(buf), 0); + good = 1; #if 0 printf("randomness from PROV_RSA_FULL\n"); #endif @@ -375,6 +371,7 @@ int RAND_poll(void) if (gen(hProvider, sizeof(buf), buf) != 0) { RAND_add(buf, sizeof(buf), sizeof(buf)); + good = 1; #if 0 printf("randomness from PROV_INTEL_SEC\n"); #endif @@ -386,7 +383,9 @@ int RAND_poll(void) if (advapi) FreeLibrary(advapi); - if (user) + if ((osverinfo.dwPlatformId != VER_PLATFORM_WIN32_NT || + !OPENSSL_isservice()) && + (user = LoadLibrary(TEXT("USER32.DLL")))) { GETCURSORINFO cursor; GETFOREGROUNDWINDOW win; @@ -399,7 +398,7 @@ int RAND_poll(void) if (win) { /* window handle */ - h = win(); + HWND h = win(); RAND_add(&h, sizeof(h), 0); } if (cursor) @@ -464,6 +463,7 @@ int RAND_poll(void) PROCESSENTRY32 p; THREADENTRY32 t; MODULEENTRY32 m; + DWORD stoptime = 0; snap = (CREATETOOLHELP32SNAPSHOT) GetProcAddress(kernel, "CreateToolhelp32Snapshot"); @@ -495,6 +495,7 @@ int RAND_poll(void) * of entropy. */ hlist.dwSize = sizeof(HEAPLIST32); + if (good) stoptime = GetTickCount() + MAXDELAY; if (heaplist_first(handle, &hlist)) do { @@ -512,18 +513,20 @@ int RAND_poll(void) && --entrycnt > 0); } } while (heaplist_next(handle, - &hlist)); - + &hlist) && GetTickCount() < stoptime); + /* process walking */ /* PROCESSENTRY32 contains 9 fields that will change * with each entry. Consider each field a source of * 1 byte of entropy. */ p.dwSize = sizeof(PROCESSENTRY32); + + if (good) stoptime = GetTickCount() + MAXDELAY; if (process_first(handle, &p)) do RAND_add(&p, p.dwSize, 9); - while (process_next(handle, &p)); + while (process_next(handle, &p) && GetTickCount() < stoptime); /* thread walking */ /* THREADENTRY32 contains 6 fields that will change @@ -531,10 +534,11 @@ int RAND_poll(void) * 1 byte of entropy. */ t.dwSize = sizeof(THREADENTRY32); + if (good) stoptime = GetTickCount() + MAXDELAY; if (thread_first(handle, &t)) do RAND_add(&t, t.dwSize, 6); - while (thread_next(handle, &t)); + while (thread_next(handle, &t) && GetTickCount() < stoptime); /* module walking */ /* MODULEENTRY32 contains 9 fields that will change @@ -542,18 +546,22 @@ int RAND_poll(void) * 1 byte of entropy. */ m.dwSize = sizeof(MODULEENTRY32); + if (good) stoptime = GetTickCount() + MAXDELAY; if (module_first(handle, &m)) do RAND_add(&m, m.dwSize, 9); - while (module_next(handle, &m)); + while (module_next(handle, &m) + && (GetTickCount() < stoptime)); if (close_snap) close_snap(handle); else CloseHandle(handle); + } FreeLibrary(kernel); } + } #endif /* !OPENSSL_SYS_WINCE */ /* timer data */ @@ -693,6 +701,9 @@ static void readscreen(void) int y; /* y-coordinate of screen lines to grab */ int n = 16; /* number of screen lines to grab at a time */ + if (GetVersion() >= 0x80000000 || !OPENSSL_isservice()) + return; + /* Create a screen DC and a memory DC compatible to screen DC */ hScrDC = CreateDC(TEXT("DISPLAY"), NULL, NULL, NULL); hMemDC = CreateCompatibleDC(hScrDC); diff --git a/src/lib/libcrypto/rand/randtest.c b/src/lib/libcrypto/rand/randtest.c index 701932e6ee..9e92a70b03 100644 --- a/src/lib/libcrypto/rand/randtest.c +++ b/src/lib/libcrypto/rand/randtest.c @@ -65,7 +65,7 @@ /* some FIPS 140-1 random number test */ /* some simple tests */ -int main() +int main(int argc,char **argv) { unsigned char buf[2500]; int i,j,k,s,sign,nsign,err=0; @@ -211,6 +211,9 @@ int main() printf("test 4 done\n"); err: err=((err)?1:0); +#ifdef OPENSSL_SYS_NETWARE + if (err) printf("ERROR: %d\n", err); +#endif EXIT(err); return(err); } diff --git a/src/lib/libcrypto/rc2/Makefile b/src/lib/libcrypto/rc2/Makefile index 34080ab741..73eac347e7 100644 --- a/src/lib/libcrypto/rc2/Makefile +++ b/src/lib/libcrypto/rc2/Makefile @@ -7,11 +7,6 @@ TOP= ../.. CC= cc INCLUDES= CFLAG=-g -INSTALL_PREFIX= -OPENSSLDIR= /usr/local/ssl -INSTALLTOP=/usr/local/ssl -MAKEDEPPROG= makedepend -MAKEDEPEND= $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG) MAKEFILE= Makefile AR= ar r @@ -51,6 +46,7 @@ links: @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS) install: + @[ -n "$(INSTALLTOP)" ] # should be set by top Makefile... @headerlist="$(EXHEADER)"; for i in $$headerlist ; \ do \ (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \ @@ -66,6 +62,7 @@ lint: lint -DLINT $(INCLUDES) $(SRC)>fluff depend: + @[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile... $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC) dclean: @@ -81,11 +78,8 @@ rc2_cbc.o: ../../include/openssl/opensslconf.h ../../include/openssl/rc2.h rc2_cbc.o: rc2_cbc.c rc2_locl.h rc2_ecb.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h rc2_ecb.o: ../../include/openssl/rc2.h rc2_ecb.c rc2_locl.h -rc2_skey.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h -rc2_skey.o: ../../include/openssl/fips.h ../../include/openssl/opensslconf.h -rc2_skey.o: ../../include/openssl/opensslv.h ../../include/openssl/rc2.h -rc2_skey.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h -rc2_skey.o: ../../include/openssl/symhacks.h rc2_locl.h rc2_skey.c +rc2_skey.o: ../../include/openssl/opensslconf.h ../../include/openssl/rc2.h +rc2_skey.o: rc2_locl.h rc2_skey.c rc2cfb64.o: ../../include/openssl/opensslconf.h ../../include/openssl/rc2.h rc2cfb64.o: rc2_locl.h rc2cfb64.c rc2ofb64.o: ../../include/openssl/opensslconf.h ../../include/openssl/rc2.h diff --git a/src/lib/libcrypto/rc2/rc2speed.c b/src/lib/libcrypto/rc2/rc2speed.c index 4d0e1242ea..85cf6f65bf 100644 --- a/src/lib/libcrypto/rc2/rc2speed.c +++ b/src/lib/libcrypto/rc2/rc2speed.c @@ -69,7 +69,10 @@ #include OPENSSL_UNISTD_IO OPENSSL_DECLARE_EXIT +#ifndef OPENSSL_SYS_NETWARE #include +#endif + #ifndef _IRIX #include #endif diff --git a/src/lib/libcrypto/rc2/rc2test.c b/src/lib/libcrypto/rc2/rc2test.c index b67bafb49f..0e117436bb 100644 --- a/src/lib/libcrypto/rc2/rc2test.c +++ b/src/lib/libcrypto/rc2/rc2test.c @@ -205,6 +205,9 @@ int main(int argc, char *argv[]) printf("ok\n"); #endif +#ifdef OPENSSL_SYS_NETWARE + if (err) printf("ERROR: %d\n", err); +#endif EXIT(err); return(err); } diff --git a/src/lib/libcrypto/rc4/Makefile b/src/lib/libcrypto/rc4/Makefile index 20d078ec87..187ed5c668 100644 --- a/src/lib/libcrypto/rc4/Makefile +++ b/src/lib/libcrypto/rc4/Makefile @@ -8,23 +8,13 @@ CC= cc CPP= $(CC) -E INCLUDES= CFLAG=-g -INSTALL_PREFIX= -OPENSSLDIR= /usr/local/ssl -INSTALLTOP=/usr/local/ssl -MAKEDEPPROG= makedepend -MAKEDEPEND= $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG) -MAKEFILE= Makefile AR= ar r -RC4_ENC=rc4_enc.o -# or use -#RC4_ENC=asm/rx86-elf.o -#RC4_ENC=asm/rx86-out.o -#RC4_ENC=asm/rx86-sol.o -#RC4_ENC=asm/rx86bdsi.o +RC4_ENC=rc4_enc.o rc4_skey.o CFLAGS= $(INCLUDES) $(CFLAG) ASFLAGS= $(INCLUDES) $(ASFLAG) +AFLAGS= $(ASFLAGS) GENERAL=Makefile TEST=rc4test.c @@ -32,7 +22,7 @@ APPS= LIB=$(TOP)/libcrypto.a LIBSRC=rc4_skey.c rc4_enc.c -LIBOBJ=rc4_skey.o $(RC4_ENC) +LIBOBJ=$(RC4_ENC) SRC= $(LIBSRC) @@ -51,24 +41,19 @@ lib: $(LIBOBJ) $(RANLIB) $(LIB) || echo Never mind. @touch lib -# elf -asm/rx86-elf.s: asm/rc4-586.pl ../perlasm/x86asm.pl - (cd asm; $(PERL) rc4-586.pl elf $(CFLAGS) > rx86-elf.s) - +# ELF +rx86-elf.s: asm/rc4-586.pl ../perlasm/x86asm.pl + (cd asm; $(PERL) rc4-586.pl elf $(CFLAGS) > ../$@) +# COFF +rx86-cof.s: asm/rc4-586.pl ../perlasm/x86asm.pl + (cd asm; $(PERL) rc4-586.pl coff $(CFLAGS) > ../$@) # a.out -asm/rx86-out.o: asm/rx86unix.cpp - $(CPP) -DOUT asm/rx86unix.cpp | as -o asm/rx86-out.o - -# bsdi -asm/rx86bsdi.o: asm/rx86unix.cpp - $(CPP) -DBSDI asm/rx86unix.cpp | sed 's/ :/:/' | as -o asm/rx86bsdi.o - -asm/rx86unix.cpp: asm/rc4-586.pl ../perlasm/x86asm.pl - (cd asm; $(PERL) rc4-586.pl cpp >rx86unix.cpp) +rx86-out.s: asm/rc4-586.pl ../perlasm/x86asm.pl + (cd asm; $(PERL) rc4-586.pl a.out $(CFLAGS) > ../$@) -asm/rc4-x86_64.s: asm/rc4-x86_64.pl; $(PERL) asm/rc4-x86_64.pl $@ +rc4-x86_64.s: asm/rc4-x86_64.pl; $(PERL) asm/rc4-x86_64.pl $@ -asm/rc4-ia64.s: asm/rc4-ia64.S +rc4-ia64.s: asm/rc4-ia64.S @case `awk '/^#define RC4_INT/{print$$NF}' $(TOP)/include/openssl/opensslconf.h` in \ int) set -x; $(CC) $(CFLAGS) -DSZ=4 -E asm/rc4-ia64.S > $@ ;; \ char) set -x; $(CC) $(CFLAGS) -DSZ=1 -E asm/rc4-ia64.S > $@ ;; \ @@ -84,6 +69,7 @@ links: @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS) install: + @[ -n "$(INSTALLTOP)" ] # should be set by top Makefile... @headerlist="$(EXHEADER)"; for i in $$headerlist ; \ do \ (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \ @@ -99,6 +85,7 @@ lint: lint -DLINT $(INCLUDES) $(SRC)>fluff depend: + @[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile... $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC) dclean: @@ -106,7 +93,7 @@ dclean: mv -f Makefile.new $(MAKEFILE) clean: - rm -f asm/rx86unix.cpp asm/*-elf.* *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff asm/*.o + rm -f *.s *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff # DO NOT DELETE THIS LINE -- make depend depends on it. @@ -114,15 +101,15 @@ rc4_enc.o: ../../e_os.h ../../include/openssl/bio.h rc4_enc.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h rc4_enc.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h rc4_enc.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h -rc4_enc.o: ../../include/openssl/opensslv.h ../../include/openssl/rc4.h -rc4_enc.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h -rc4_enc.o: ../../include/openssl/symhacks.h ../cryptlib.h rc4_enc.c rc4_locl.h +rc4_enc.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +rc4_enc.o: ../../include/openssl/rc4.h ../../include/openssl/safestack.h +rc4_enc.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +rc4_enc.o: ../cryptlib.h rc4_enc.c rc4_locl.h rc4_skey.o: ../../e_os.h ../../include/openssl/bio.h rc4_skey.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h rc4_skey.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -rc4_skey.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h -rc4_skey.o: ../../include/openssl/opensslconf.h -rc4_skey.o: ../../include/openssl/opensslv.h ../../include/openssl/rc4.h -rc4_skey.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h -rc4_skey.o: ../../include/openssl/symhacks.h ../cryptlib.h rc4_locl.h -rc4_skey.o: rc4_skey.c +rc4_skey.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h +rc4_skey.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +rc4_skey.o: ../../include/openssl/rc4.h ../../include/openssl/safestack.h +rc4_skey.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +rc4_skey.o: ../cryptlib.h rc4_locl.h rc4_skey.c diff --git a/src/lib/libcrypto/rc4/asm/rc4-ia64.S b/src/lib/libcrypto/rc4/asm/rc4-ia64.S index a322d0c718..8210c47d04 100644 --- a/src/lib/libcrypto/rc4/asm/rc4-ia64.S +++ b/src/lib/libcrypto/rc4/asm/rc4-ia64.S @@ -75,14 +75,13 @@ yy=r31; .skip 16 RC4: .prologue - .fframe 0 .save ar.pfs,r2 - .save ar.lc,r3 - .save pr,prsave { .mii; alloc r2=ar.pfs,4,12,0,16 + .save pr,prsave mov prsave=pr ADDP key=0,in0 };; { .mib; cmp.eq p6,p0=0,in1 // len==0? + .save ar.lc,r3 mov r3=ar.lc (p6) br.ret.spnt.many b0 };; // emergency exit diff --git a/src/lib/libcrypto/rc4/rc4.c b/src/lib/libcrypto/rc4/rc4.c index b39c070292..c900b26055 100644 --- a/src/lib/libcrypto/rc4/rc4.c +++ b/src/lib/libcrypto/rc4/rc4.c @@ -60,6 +60,7 @@ #include #include #include +#include char *usage[]={ "usage: rc4 args\n", @@ -162,7 +163,7 @@ bad: keystr=buf; } - EVP_Digest((unsigned char *)keystr,(unsigned long)strlen(keystr),md,NULL,EVP_md5()); + EVP_Digest((unsigned char *)keystr,strlen(keystr),md,NULL,EVP_md5(),NULL); OPENSSL_cleanse(keystr,strlen(keystr)); RC4_set_key(&key,MD5_DIGEST_LENGTH,md); diff --git a/src/lib/libcrypto/rc4/rc4speed.c b/src/lib/libcrypto/rc4/rc4speed.c index ced98c52df..0ebd38123d 100644 --- a/src/lib/libcrypto/rc4/rc4speed.c +++ b/src/lib/libcrypto/rc4/rc4speed.c @@ -69,7 +69,10 @@ #include OPENSSL_UNISTD_IO OPENSSL_DECLARE_EXIT +#ifndef OPENSSL_SYS_NETWARE #include +#endif + #ifndef _IRIX #include #endif diff --git a/src/lib/libcrypto/rc4/rc4test.c b/src/lib/libcrypto/rc4/rc4test.c index b9d8f20975..54b597fa26 100644 --- a/src/lib/libcrypto/rc4/rc4test.c +++ b/src/lib/libcrypto/rc4/rc4test.c @@ -70,6 +70,7 @@ int main(int argc, char *argv[]) } #else #include +#include static unsigned char keys[7][30]={ {8,0x01,0x23,0x45,0x67,0x89,0xab,0xcd,0xef}, @@ -113,13 +114,11 @@ static unsigned char output[7][30]={ int main(int argc, char *argv[]) { - int i,err=0; - int j; + int err=0; + unsigned int i, j; unsigned char *p; RC4_KEY key; - unsigned char buf[512],obuf[512]; - - for (i=0; i<512; i++) buf[i]=0x01; + unsigned char obuf[512]; for (i=0; i<6; i++) { @@ -130,12 +129,12 @@ int main(int argc, char *argv[]) { printf("error calculating RC4\n"); printf("output:"); - for (j=0; j r586-elf.s) - +# ELF +r586-elf.s: asm/rc5-586.pl ../perlasm/x86asm.pl ../perlasm/cbc.pl + (cd asm; $(PERL) rc5-586.pl elf $(CFLAGS) > ../$@) +# COFF +r586-cof.s: asm/rc5-586.pl ../perlasm/x86asm.pl ../perlasm/cbc.pl + (cd asm; $(PERL) rc5-586.pl coff $(CFLAGS) > ../$@) # a.out -asm/r586-out.o: asm/r586unix.cpp - $(CPP) -DOUT asm/r586unix.cpp | as -o asm/r586-out.o - -# bsdi -asm/r586bsdi.o: asm/r586unix.cpp - $(CPP) -DBSDI asm/r586unix.cpp | sed 's/ :/:/' | as -o asm/r586bsdi.o - -asm/r586unix.cpp: asm/rc5-586.pl ../perlasm/x86asm.pl ../perlasm/cbc.pl - (cd asm; $(PERL) rc5-586.pl cpp >r586unix.cpp) +r586-out.s: asm/rc5-586.pl ../perlasm/x86asm.pl ../perlasm/cbc.pl + (cd asm; $(PERL) rc5-586.pl a.out $(CFLAGS) > ../$@) files: $(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO @@ -72,6 +63,7 @@ links: @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS) install: + @[ -n "$(INSTALLTOP)" ] # should be set by top Makefile... @headerlist="$(EXHEADER)"; for i in $$headerlist ; \ do \ (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \ @@ -87,6 +79,7 @@ lint: lint -DLINT $(INCLUDES) $(SRC)>fluff depend: + @[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile... $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC) dclean: @@ -94,17 +87,17 @@ dclean: mv -f Makefile.new $(MAKEFILE) clean: - rm -f asm/r586unix.cpp asm/*-elf.* *.o asm/*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff + rm -f *.s *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff # DO NOT DELETE THIS LINE -- make depend depends on it. -rc5_ecb.o: ../../include/openssl/opensslv.h ../../include/openssl/rc5.h -rc5_ecb.o: rc5_ecb.c rc5_locl.h -rc5_enc.o: ../../include/openssl/rc5.h rc5_enc.c rc5_locl.h -rc5_skey.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h -rc5_skey.o: ../../include/openssl/fips.h ../../include/openssl/opensslconf.h -rc5_skey.o: ../../include/openssl/opensslv.h ../../include/openssl/rc5.h -rc5_skey.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h -rc5_skey.o: ../../include/openssl/symhacks.h rc5_locl.h rc5_skey.c -rc5cfb64.o: ../../include/openssl/rc5.h rc5_locl.h rc5cfb64.c -rc5ofb64.o: ../../include/openssl/rc5.h rc5_locl.h rc5ofb64.c +rc5_ecb.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h +rc5_ecb.o: ../../include/openssl/rc5.h rc5_ecb.c rc5_locl.h +rc5_enc.o: ../../include/openssl/opensslconf.h ../../include/openssl/rc5.h +rc5_enc.o: rc5_enc.c rc5_locl.h +rc5_skey.o: ../../include/openssl/opensslconf.h ../../include/openssl/rc5.h +rc5_skey.o: rc5_locl.h rc5_skey.c +rc5cfb64.o: ../../include/openssl/opensslconf.h ../../include/openssl/rc5.h +rc5cfb64.o: rc5_locl.h rc5cfb64.c +rc5ofb64.o: ../../include/openssl/opensslconf.h ../../include/openssl/rc5.h +rc5ofb64.o: rc5_locl.h rc5ofb64.c diff --git a/src/lib/libcrypto/rc5/rc5.h b/src/lib/libcrypto/rc5/rc5.h index aa3f26920b..4b3c153b50 100644 --- a/src/lib/libcrypto/rc5/rc5.h +++ b/src/lib/libcrypto/rc5/rc5.h @@ -59,6 +59,8 @@ #ifndef HEADER_RC5_H #define HEADER_RC5_H +#include /* OPENSSL_NO_RC5 */ + #ifdef __cplusplus extern "C" { #endif @@ -92,10 +94,7 @@ typedef struct rc5_key_st RC5_32_INT data[2*(RC5_16_ROUNDS+1)]; } RC5_32_KEY; -#ifdef OPENSSL_FIPS -void private_RC5_32_set_key(RC5_32_KEY *key, int len, const unsigned char *data, - int rounds); -#endif + void RC5_32_set_key(RC5_32_KEY *key, int len, const unsigned char *data, int rounds); void RC5_32_ecb_encrypt(const unsigned char *in,unsigned char *out,RC5_32_KEY *key, diff --git a/src/lib/libcrypto/rc5/rc5_locl.h b/src/lib/libcrypto/rc5/rc5_locl.h index f4ebc23004..282dd38822 100644 --- a/src/lib/libcrypto/rc5/rc5_locl.h +++ b/src/lib/libcrypto/rc5/rc5_locl.h @@ -146,7 +146,7 @@ *((c)++)=(unsigned char)(((l)>> 8L)&0xff), \ *((c)++)=(unsigned char)(((l) )&0xff)) -#if defined(OPENSSL_SYS_WIN32) && defined(_MSC_VER) +#if (defined(OPENSSL_SYS_WIN32) && defined(_MSC_VER)) || defined(__ICC) #define ROTATE_l32(a,n) _lrotl(a,n) #define ROTATE_r32(a,n) _lrotr(a,n) #elif defined(__GNUC__) && __GNUC__>=2 && !defined(__STRICT_ANSI__) && !defined(OPENSSL_NO_ASM) && !defined(OPENSSL_NO_INLINE_ASM) && !defined(PEDANTIC) diff --git a/src/lib/libcrypto/ripemd/Makefile b/src/lib/libcrypto/ripemd/Makefile index 20c8b4d8db..d55875c20c 100644 --- a/src/lib/libcrypto/ripemd/Makefile +++ b/src/lib/libcrypto/ripemd/Makefile @@ -8,11 +8,6 @@ CC= cc CPP= $(CC) -E INCLUDES= CFLAG=-g -INSTALL_PREFIX= -OPENSSLDIR= /usr/local/ssl -INSTALLTOP=/usr/local/ssl -MAKEDEPPROG= makedepend -MAKEDEPEND= $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG) MAKEFILE= Makefile AR= ar r @@ -20,6 +15,7 @@ RIP_ASM_OBJ= CFLAGS= $(INCLUDES) $(CFLAG) ASFLAGS= $(INCLUDES) $(ASFLAG) +AFLAGS= $(ASFLAGS) GENERAL=Makefile TEST=rmdtest.c @@ -46,20 +42,15 @@ lib: $(LIBOBJ) $(RANLIB) $(LIB) || echo Never mind. @touch lib -# elf -asm/rm86-elf.s: asm/rmd-586.pl ../perlasm/x86asm.pl - (cd asm; $(PERL) rmd-586.pl elf $(CFLAGS) > rm86-elf.s) - +# ELF +rm86-elf.s: asm/rmd-586.pl ../perlasm/x86asm.pl + (cd asm; $(PERL) rmd-586.pl elf $(CFLAGS) > ../$@) +# COFF +rm86-cof.s: asm/rmd-586.pl ../perlasm/x86asm.pl + (cd asm; $(PERL) rmd-586.pl coff $(CFLAGS) > ../$@) # a.out -asm/rm86-out.o: asm/rm86unix.cpp - $(CPP) -DOUT asm/rm86unix.cpp | as -o asm/rm86-out.o - -# bsdi -asm/rm86bsdi.o: asm/rm86unix.cpp - $(CPP) -DBSDI asm/rm86unix.cpp | sed 's/ :/:/' | as -o asm/rm86bsdi.o - -asm/rm86unix.cpp: asm/rmd-586.pl ../perlasm/x86asm.pl - (cd asm; $(PERL) rmd-586.pl cpp >rm86unix.cpp) +rm86-out.s: asm/rmd-586.pl ../perlasm/x86asm.pl + (cd asm; $(PERL) rmd-586.pl a.out $(CFLAGS) > ../$@) files: $(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO @@ -70,6 +61,7 @@ links: @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS) install: + @[ -n "$(INSTALLTOP)" ] # should be set by top Makefile... @headerlist="$(EXHEADER)"; for i in $$headerlist ; \ do \ (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \ @@ -85,6 +77,7 @@ lint: lint -DLINT $(INCLUDES) $(SRC)>fluff depend: + @[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile... $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC) dclean: @@ -92,20 +85,15 @@ dclean: mv -f Makefile.new $(MAKEFILE) clean: - rm -f asm/rm86unix.cpp asm/*-elf.* *.o asm/*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff + rm -f *.s *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff # DO NOT DELETE THIS LINE -- make depend depends on it. -rmd_dgst.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h -rmd_dgst.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -rmd_dgst.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h -rmd_dgst.o: ../../include/openssl/opensslconf.h +rmd_dgst.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h rmd_dgst.o: ../../include/openssl/opensslv.h ../../include/openssl/ripemd.h -rmd_dgst.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h -rmd_dgst.o: ../../include/openssl/symhacks.h ../md32_common.h rmd_dgst.c -rmd_dgst.o: rmd_locl.h rmdconst.h +rmd_dgst.o: ../md32_common.h rmd_dgst.c rmd_locl.h rmdconst.h rmd_one.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h rmd_one.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -rmd_one.o: ../../include/openssl/ripemd.h ../../include/openssl/safestack.h -rmd_one.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -rmd_one.o: rmd_one.c +rmd_one.o: ../../include/openssl/ossl_typ.h ../../include/openssl/ripemd.h +rmd_one.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +rmd_one.o: ../../include/openssl/symhacks.h rmd_one.c diff --git a/src/lib/libcrypto/ripemd/rmdtest.c b/src/lib/libcrypto/ripemd/rmdtest.c index d4c709e646..fb34e0e836 100644 --- a/src/lib/libcrypto/ripemd/rmdtest.c +++ b/src/lib/libcrypto/ripemd/rmdtest.c @@ -103,19 +103,19 @@ static char *pt(unsigned char *md); int main(int argc, char *argv[]) { int i,err=0; - unsigned char **P,**R; + char **P,**R; char *p; unsigned char md[RIPEMD160_DIGEST_LENGTH]; - P=(unsigned char **)test; - R=(unsigned char **)ret; + P=test; + R=ret; i=1; while (*P != NULL) { #ifdef CHARSET_EBCDIC ebcdic2ascii((char *)*P, (char *)*P, strlen((char *)*P)); #endif - EVP_Digest(&(P[0][0]),(unsigned long)strlen((char *)*P),md,NULL,EVP_ripemd160(), NULL); + EVP_Digest(&(P[0][0]),strlen((char *)*P),md,NULL,EVP_ripemd160(), NULL); p=pt(md); if (strcmp(p,(char *)*R) != 0) { diff --git a/src/lib/libcrypto/rsa/Makefile b/src/lib/libcrypto/rsa/Makefile index 8851825250..13900812ac 100644 --- a/src/lib/libcrypto/rsa/Makefile +++ b/src/lib/libcrypto/rsa/Makefile @@ -7,11 +7,6 @@ TOP= ../.. CC= cc INCLUDES= -I.. -I$(TOP) -I../../include CFLAG=-g -INSTALL_PREFIX= -OPENSSLDIR= /usr/local/ssl -INSTALLTOP=/usr/local/ssl -MAKEDEPPROG= makedepend -MAKEDEPEND= $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG) MAKEFILE= Makefile AR= ar r @@ -24,10 +19,10 @@ APPS= LIB=$(TOP)/libcrypto.a LIBSRC= rsa_eay.c rsa_gen.c rsa_lib.c rsa_sign.c rsa_saos.c rsa_err.c \ rsa_pk1.c rsa_ssl.c rsa_none.c rsa_oaep.c rsa_chk.c rsa_null.c \ - rsa_pss.c rsa_x931.c rsa_asn1.c + rsa_pss.c rsa_x931.c rsa_asn1.c rsa_depr.c LIBOBJ= rsa_eay.o rsa_gen.o rsa_lib.o rsa_sign.o rsa_saos.o rsa_err.o \ rsa_pk1.o rsa_ssl.o rsa_none.o rsa_oaep.o rsa_chk.o rsa_null.o \ - rsa_pss.o rsa_x931.o rsa_asn1.o + rsa_pss.o rsa_x931.o rsa_asn1.o rsa_depr.o SRC= $(LIBSRC) @@ -55,6 +50,7 @@ links: @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS) install: + @[ -n "$(INSTALLTOP)" ] # should be set by top Makefile... @headerlist="$(EXHEADER)"; for i in $$headerlist ; \ do \ (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \ @@ -70,6 +66,7 @@ lint: lint -DLINT $(INCLUDES) $(SRC)>fluff depend: + @[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile... $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC) dclean: @@ -99,6 +96,15 @@ rsa_chk.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h rsa_chk.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h rsa_chk.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h rsa_chk.o: rsa_chk.c +rsa_depr.o: ../../e_os.h ../../include/openssl/asn1.h +rsa_depr.o: ../../include/openssl/bio.h ../../include/openssl/bn.h +rsa_depr.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h +rsa_depr.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h +rsa_depr.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h +rsa_depr.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +rsa_depr.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h +rsa_depr.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +rsa_depr.o: ../cryptlib.h rsa_depr.c rsa_eay.o: ../../e_os.h ../../include/openssl/asn1.h rsa_eay.o: ../../include/openssl/bio.h ../../include/openssl/bn.h rsa_eay.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h @@ -109,13 +115,12 @@ rsa_eay.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h rsa_eay.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h rsa_eay.o: ../../include/openssl/symhacks.h ../cryptlib.h rsa_eay.c rsa_err.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -rsa_err.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h -rsa_err.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -rsa_err.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h -rsa_err.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -rsa_err.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -rsa_err.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -rsa_err.o: rsa_err.c +rsa_err.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h +rsa_err.o: ../../include/openssl/err.h ../../include/openssl/lhash.h +rsa_err.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h +rsa_err.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rsa.h +rsa_err.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +rsa_err.o: ../../include/openssl/symhacks.h rsa_err.c rsa_gen.o: ../../e_os.h ../../include/openssl/asn1.h rsa_gen.o: ../../include/openssl/bio.h ../../include/openssl/bn.h rsa_gen.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h @@ -128,14 +133,13 @@ rsa_gen.o: ../cryptlib.h rsa_gen.c rsa_lib.o: ../../e_os.h ../../include/openssl/asn1.h rsa_lib.o: ../../include/openssl/bio.h ../../include/openssl/bn.h rsa_lib.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h -rsa_lib.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h rsa_lib.o: ../../include/openssl/e_os2.h ../../include/openssl/engine.h rsa_lib.o: ../../include/openssl/err.h ../../include/openssl/lhash.h rsa_lib.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h rsa_lib.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h rsa_lib.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h rsa_lib.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -rsa_lib.o: ../../include/openssl/ui.h ../cryptlib.h rsa_lib.c +rsa_lib.o: ../cryptlib.h rsa_lib.c rsa_none.o: ../../e_os.h ../../include/openssl/asn1.h rsa_none.o: ../../include/openssl/bio.h ../../include/openssl/bn.h rsa_none.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h @@ -154,26 +158,17 @@ rsa_null.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h rsa_null.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h rsa_null.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h rsa_null.o: ../../include/openssl/symhacks.h ../cryptlib.h rsa_null.c -rsa_oaep.o: ../../e_os.h ../../include/openssl/aes.h -rsa_oaep.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -rsa_oaep.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -rsa_oaep.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -rsa_oaep.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -rsa_oaep.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -rsa_oaep.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -rsa_oaep.o: ../../include/openssl/err.h ../../include/openssl/evp.h -rsa_oaep.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -rsa_oaep.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -rsa_oaep.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h +rsa_oaep.o: ../../e_os.h ../../include/openssl/asn1.h +rsa_oaep.o: ../../include/openssl/bio.h ../../include/openssl/bn.h +rsa_oaep.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h +rsa_oaep.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h +rsa_oaep.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h rsa_oaep.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h rsa_oaep.o: ../../include/openssl/opensslconf.h rsa_oaep.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -rsa_oaep.o: ../../include/openssl/rand.h ../../include/openssl/rc2.h -rsa_oaep.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -rsa_oaep.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h +rsa_oaep.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h rsa_oaep.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h rsa_oaep.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -rsa_oaep.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h rsa_oaep.o: ../cryptlib.h rsa_oaep.c rsa_pk1.o: ../../e_os.h ../../include/openssl/asn1.h rsa_pk1.o: ../../include/openssl/bio.h ../../include/openssl/bn.h @@ -184,68 +179,43 @@ rsa_pk1.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h rsa_pk1.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h rsa_pk1.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h rsa_pk1.o: ../../include/openssl/symhacks.h ../cryptlib.h rsa_pk1.c -rsa_pss.o: ../../e_os.h ../../include/openssl/aes.h -rsa_pss.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -rsa_pss.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -rsa_pss.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -rsa_pss.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -rsa_pss.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -rsa_pss.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -rsa_pss.o: ../../include/openssl/err.h ../../include/openssl/evp.h -rsa_pss.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -rsa_pss.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -rsa_pss.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h +rsa_pss.o: ../../e_os.h ../../include/openssl/asn1.h +rsa_pss.o: ../../include/openssl/bio.h ../../include/openssl/bn.h +rsa_pss.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h +rsa_pss.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h +rsa_pss.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h rsa_pss.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h rsa_pss.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h rsa_pss.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h -rsa_pss.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -rsa_pss.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h rsa_pss.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h rsa_pss.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -rsa_pss.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -rsa_pss.o: ../../include/openssl/ui_compat.h ../cryptlib.h rsa_pss.c -rsa_saos.o: ../../e_os.h ../../include/openssl/aes.h -rsa_saos.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -rsa_saos.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -rsa_saos.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -rsa_saos.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -rsa_saos.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -rsa_saos.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h +rsa_pss.o: ../../include/openssl/symhacks.h ../cryptlib.h rsa_pss.c +rsa_saos.o: ../../e_os.h ../../include/openssl/asn1.h +rsa_saos.o: ../../include/openssl/bio.h ../../include/openssl/bn.h +rsa_saos.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h +rsa_saos.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h +rsa_saos.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h rsa_saos.o: ../../include/openssl/err.h ../../include/openssl/evp.h -rsa_saos.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -rsa_saos.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -rsa_saos.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h -rsa_saos.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -rsa_saos.o: ../../include/openssl/opensslconf.h +rsa_saos.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h +rsa_saos.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h rsa_saos.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -rsa_saos.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -rsa_saos.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -rsa_saos.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h +rsa_saos.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h rsa_saos.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h rsa_saos.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -rsa_saos.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h rsa_saos.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h rsa_saos.o: ../cryptlib.h rsa_saos.c -rsa_sign.o: ../../e_os.h ../../include/openssl/aes.h -rsa_sign.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -rsa_sign.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -rsa_sign.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -rsa_sign.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -rsa_sign.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -rsa_sign.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h +rsa_sign.o: ../../e_os.h ../../include/openssl/asn1.h +rsa_sign.o: ../../include/openssl/bio.h ../../include/openssl/bn.h +rsa_sign.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h +rsa_sign.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h +rsa_sign.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h rsa_sign.o: ../../include/openssl/err.h ../../include/openssl/evp.h -rsa_sign.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -rsa_sign.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -rsa_sign.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h -rsa_sign.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -rsa_sign.o: ../../include/openssl/opensslconf.h +rsa_sign.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h +rsa_sign.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h rsa_sign.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -rsa_sign.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -rsa_sign.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -rsa_sign.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h +rsa_sign.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h rsa_sign.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h rsa_sign.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -rsa_sign.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h rsa_sign.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h rsa_sign.o: ../cryptlib.h rsa_sign.c rsa_ssl.o: ../../e_os.h ../../include/openssl/asn1.h diff --git a/src/lib/libcrypto/rsa/rsa_null.c b/src/lib/libcrypto/rsa/rsa_null.c index 64057fbdcf..491572c82b 100644 --- a/src/lib/libcrypto/rsa/rsa_null.c +++ b/src/lib/libcrypto/rsa/rsa_null.c @@ -94,6 +94,9 @@ static RSA_METHOD rsa_null_meth={ RSA_null_finish, 0, NULL, + NULL, + NULL, + NULL }; const RSA_METHOD *RSA_null_method(void) @@ -104,35 +107,35 @@ const RSA_METHOD *RSA_null_method(void) static int RSA_null_public_encrypt(int flen, const unsigned char *from, unsigned char *to, RSA *rsa, int padding) { - RSAerr(RSA_F_RSA_NULL, RSA_R_RSA_OPERATIONS_NOT_SUPPORTED); + RSAerr(RSA_F_RSA_NULL_PUBLIC_ENCRYPT, RSA_R_RSA_OPERATIONS_NOT_SUPPORTED); return -1; } static int RSA_null_private_encrypt(int flen, const unsigned char *from, unsigned char *to, RSA *rsa, int padding) { - RSAerr(RSA_F_RSA_NULL, RSA_R_RSA_OPERATIONS_NOT_SUPPORTED); + RSAerr(RSA_F_RSA_NULL_PRIVATE_ENCRYPT, RSA_R_RSA_OPERATIONS_NOT_SUPPORTED); return -1; } static int RSA_null_private_decrypt(int flen, const unsigned char *from, unsigned char *to, RSA *rsa, int padding) { - RSAerr(RSA_F_RSA_NULL, RSA_R_RSA_OPERATIONS_NOT_SUPPORTED); + RSAerr(RSA_F_RSA_NULL_PRIVATE_DECRYPT, RSA_R_RSA_OPERATIONS_NOT_SUPPORTED); return -1; } static int RSA_null_public_decrypt(int flen, const unsigned char *from, unsigned char *to, RSA *rsa, int padding) { - RSAerr(RSA_F_RSA_NULL, RSA_R_RSA_OPERATIONS_NOT_SUPPORTED); + RSAerr(RSA_F_RSA_NULL_PUBLIC_DECRYPT, RSA_R_RSA_OPERATIONS_NOT_SUPPORTED); return -1; } #if 0 /* not currently used */ static int RSA_null_mod_exp(BIGNUM *r0, BIGNUM *I, RSA *rsa) { - RSAerr(RSA_F_RSA_NULL, RSA_R_RSA_OPERATIONS_NOT_SUPPORTED); + ...err(RSA_F_RSA_NULL_MOD_EXP, RSA_R_RSA_OPERATIONS_NOT_SUPPORTED); return -1; } #endif @@ -146,5 +149,3 @@ static int RSA_null_finish(RSA *rsa) { return(1); } - - diff --git a/src/lib/libcrypto/rsa/rsa_test.c b/src/lib/libcrypto/rsa/rsa_test.c index 218bb2a39b..4080de8bcf 100644 --- a/src/lib/libcrypto/rsa/rsa_test.c +++ b/src/lib/libcrypto/rsa/rsa_test.c @@ -8,6 +8,7 @@ #include #include #include +#include #ifdef OPENSSL_NO_RSA int main(int argc, char *argv[]) { @@ -218,6 +219,7 @@ int main(int argc, char *argv[]) int plen; int clen = 0; int num; + int n; CRYPTO_malloc_debug_init(); CRYPTO_dbg_set_options(V_CRYPTO_MDEBUG_ALL); @@ -241,7 +243,7 @@ int main(int argc, char *argv[]) clen = key3(key, ctext_ex); break; } - if (v/3 > 1) key->flags |= RSA_FLAG_NO_EXP_CONSTTIME; + if (v/3 >= 1) key->flags |= RSA_FLAG_NO_CONSTTIME; num = RSA_public_encrypt(plen, ptext_ex, ctext, key, RSA_PKCS1_PADDING); @@ -277,7 +279,7 @@ int main(int argc, char *argv[]) err=1; goto next; } - + num = RSA_private_decrypt(num, ctext, ptext, key, RSA_PKCS1_OAEP_PADDING); if (num != plen || memcmp(ptext, ptext_ex, num) != 0) @@ -286,10 +288,7 @@ int main(int argc, char *argv[]) err=1; } else if (memcmp(ctext, ctext_ex, num) == 0) - { printf("OAEP test vector %d passed!\n", v); - goto next; - } /* Different ciphertexts (rsa_oaep.c without -DPKCS_TESTVECT). Try decrypting ctext_ex */ @@ -304,6 +303,26 @@ int main(int argc, char *argv[]) } else printf("OAEP encryption/decryption ok\n"); + + /* Try decrypting corrupted ciphertexts */ + for(n = 0 ; n < clen ; ++n) + { + int b; + unsigned char saved = ctext[n]; + for(b = 0 ; b < 256 ; ++b) + { + if(b == saved) + continue; + ctext[n] = b; + num = RSA_private_decrypt(num, ctext, ptext, key, + RSA_PKCS1_OAEP_PADDING); + if(num > 0) + { + printf("Corrupt data decrypted!\n"); + err = 1; + } + } + } next: RSA_free(key); } @@ -313,6 +332,9 @@ int main(int argc, char *argv[]) CRYPTO_mem_leaks_fp(stderr); +#ifdef OPENSSL_SYS_NETWARE + if (err) printf("ERROR: %d\n", err); +#endif return err; } #endif diff --git a/src/lib/libcrypto/sha/Makefile b/src/lib/libcrypto/sha/Makefile index 46103bbc83..ac64fb61d3 100644 --- a/src/lib/libcrypto/sha/Makefile +++ b/src/lib/libcrypto/sha/Makefile @@ -8,11 +8,6 @@ CC= cc CPP= $(CC) -E INCLUDES= CFLAG=-g -INSTALL_PREFIX= -OPENSSLDIR= /usr/local/ssl -INSTALLTOP=/usr/local/ssl -MAKEDEPPROG= makedepend -MAKEDEPEND= $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG) MAKEFILE= Makefile AR= ar r @@ -20,14 +15,15 @@ SHA1_ASM_OBJ= CFLAGS= $(INCLUDES) $(CFLAG) ASFLAGS= $(INCLUDES) $(ASFLAG) +AFLAGS= $(ASFLAGS) GENERAL=Makefile -TEST=shatest.c sha1test.c +TEST=shatest.c sha1test.c sha256t.c sha512t.c APPS= LIB=$(TOP)/libcrypto.a -LIBSRC=sha_dgst.c sha1dgst.c sha_one.c sha1_one.c -LIBOBJ=sha_dgst.o sha1dgst.o sha_one.o sha1_one.o $(SHA1_ASM_OBJ) +LIBSRC=sha_dgst.c sha1dgst.c sha_one.c sha1_one.c sha256.c sha512.c +LIBOBJ=sha_dgst.o sha1dgst.o sha_one.o sha1_one.o sha256.o sha512.o $(SHA1_ASM_OBJ) SRC= $(LIBSRC) @@ -46,23 +42,33 @@ lib: $(LIBOBJ) $(RANLIB) $(LIB) || echo Never mind. @touch lib -# elf -asm/sx86-elf.s: asm/sha1-586.pl ../perlasm/x86asm.pl - (cd asm; $(PERL) sha1-586.pl elf $(CFLAGS) $(PROCESSOR) > sx86-elf.s) - +# ELF +sx86-elf.s: asm/sha1-586.pl ../perlasm/x86asm.pl + (cd asm; $(PERL) sha1-586.pl elf $(CFLAGS) $(PROCESSOR) > ../$@) +s512sse2-elf.s: asm/sha512-sse2.pl ../perlasm/x86asm.pl + (cd asm; $(PERL) sha512-sse2.pl elf $(CFLAGS) $(PROCESSOR) > ../$@) +# COFF +sx86-cof.s: asm/sha1-586.pl ../perlasm/x86asm.pl + (cd asm; $(PERL) sha1-586.pl coff $(CFLAGS) $(PROCESSOR) > ../$@) +s512sse2-cof.s: asm/sha512-sse2.pl ../perlasm/x86asm.pl + (cd asm; $(PERL) sha512-sse2.pl coff $(CFLAGS) $(PROCESSOR) > ../$@) # a.out -asm/sx86-out.o: asm/sx86unix.cpp - $(CPP) -DOUT asm/sx86unix.cpp | as -o asm/sx86-out.o - -# bsdi -asm/sx86bsdi.o: asm/sx86unix.cpp - $(CPP) -DBSDI asm/sx86unix.cpp | sed 's/ :/:/' | as -o asm/sx86bsdi.o +sx86-out.s: asm/sha1-586.pl ../perlasm/x86asm.pl + (cd asm; $(PERL) sha1-586.pl a.out $(CFLAGS) $(PROCESSOR) > ../$@) +s512sse2-out.s: asm/sha512-sse2.pl ../perlasm/x86asm.pl + (cd asm; $(PERL) sha512-sse2.pl a.out $(CFLAGS) $(PROCESSOR) > ../$@) -asm/sx86unix.cpp: asm/sha1-586.pl ../perlasm/x86asm.pl - (cd asm; $(PERL) sha1-586.pl cpp $(PROCESSOR) >sx86unix.cpp) - -asm/sha1-ia64.s: asm/sha1-ia64.pl +sha1-ia64.s: asm/sha1-ia64.pl (cd asm; $(PERL) sha1-ia64.pl $(CFLAGS) ) > $@ +sha256-ia64.s: asm/sha512-ia64.pl + (cd asm; $(PERL) sha512-ia64.pl ../$@ $(CFLAGS)) +sha512-ia64.s: asm/sha512-ia64.pl + (cd asm; $(PERL) sha512-ia64.pl ../$@ $(CFLAGS)) + +# Solaris make has to be explicitly told +sha1-x86_64.s: asm/sha1-x86_64.pl; $(PERL) asm/sha1-x86_64.pl $@ +sha256-x86_64.s:asm/sha512-x86_64.pl; $(PERL) asm/sha512-x86_64.pl $@ +sha512-x86_64.s:asm/sha512-x86_64.pl; $(PERL) asm/sha512-x86_64.pl $@ files: $(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO @@ -73,6 +79,7 @@ links: @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS) install: + @[ -n "$(INSTALLTOP)" ] # should be set by top Makefile... @headerlist="$(EXHEADER)"; for i in $$headerlist ; \ do \ (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \ @@ -88,6 +95,7 @@ lint: lint -DLINT $(INCLUDES) $(SRC)>fluff depend: + @[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile... $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC) dclean: @@ -95,33 +103,37 @@ dclean: mv -f Makefile.new $(MAKEFILE) clean: - rm -f asm/sx86unix.cpp asm/*-elf.* *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff asm/*.o + rm -f *.s *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff # DO NOT DELETE THIS LINE -- make depend depends on it. sha1_one.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h sha1_one.o: ../../include/openssl/opensslconf.h -sha1_one.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h -sha1_one.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -sha1_one.o: ../../include/openssl/symhacks.h sha1_one.c -sha1dgst.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h -sha1dgst.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -sha1dgst.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h -sha1dgst.o: ../../include/openssl/opensslconf.h -sha1dgst.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h -sha1dgst.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -sha1dgst.o: ../../include/openssl/symhacks.h ../md32_common.h sha1dgst.c -sha1dgst.o: sha_locl.h -sha_dgst.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h -sha_dgst.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -sha_dgst.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h -sha_dgst.o: ../../include/openssl/opensslconf.h -sha_dgst.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h -sha_dgst.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -sha_dgst.o: ../../include/openssl/symhacks.h ../md32_common.h sha_dgst.c -sha_dgst.o: sha_locl.h +sha1_one.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +sha1_one.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +sha1_one.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +sha1_one.o: sha1_one.c +sha1dgst.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h +sha1dgst.o: ../../include/openssl/opensslv.h ../../include/openssl/sha.h +sha1dgst.o: ../md32_common.h sha1dgst.c sha_locl.h +sha256.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h +sha256.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h +sha256.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h +sha256.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +sha256.o: ../../include/openssl/symhacks.h ../md32_common.h sha256.c +sha512.o: ../../e_os.h ../../include/openssl/bio.h +sha512.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h +sha512.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h +sha512.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h +sha512.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +sha512.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +sha512.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +sha512.o: ../cryptlib.h sha512.c +sha_dgst.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h +sha_dgst.o: ../../include/openssl/opensslv.h ../../include/openssl/sha.h +sha_dgst.o: ../md32_common.h sha_dgst.c sha_locl.h sha_one.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h sha_one.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -sha_one.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -sha_one.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -sha_one.o: sha_one.c +sha_one.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h +sha_one.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +sha_one.o: ../../include/openssl/symhacks.h sha_one.c diff --git a/src/lib/libcrypto/sha/asm/sha512-sse2.pl b/src/lib/libcrypto/sha/asm/sha512-sse2.pl new file mode 100644 index 0000000000..10902bf673 --- /dev/null +++ b/src/lib/libcrypto/sha/asm/sha512-sse2.pl @@ -0,0 +1,404 @@ +#!/usr/bin/env perl +# +# ==================================================================== +# Written by Andy Polyakov for the OpenSSL +# project. Rights for redistribution and usage in source and binary +# forms are granted according to the OpenSSL license. +# ==================================================================== +# +# SHA512_Transform_SSE2. +# +# As the name suggests, this is an IA-32 SSE2 implementation of +# SHA512_Transform. Motivating factor for the undertaken effort was that +# SHA512 was observed to *consistently* perform *significantly* poorer +# than SHA256 [2x and slower is common] on 32-bit platforms. On 64-bit +# platforms on the other hand SHA512 tend to outperform SHA256 [~50% +# seem to be common improvement factor]. All this is perfectly natural, +# as SHA512 is a 64-bit algorithm. But isn't IA-32 SSE2 essentially +# a 64-bit instruction set? Is it rich enough to implement SHA512? +# If answer was "no," then you wouldn't have been reading this... +# +# Throughput performance in MBps (larger is better): +# +# 2.4GHz P4 1.4GHz AMD32 1.4GHz AMD64(*) +# SHA256/gcc(*) 54 43 59 +# SHA512/gcc 17 23 92 +# SHA512/sse2 61(**) 57(**) +# SHA512/icc 26 28 +# SHA256/icc(*) 65 54 +# +# (*) AMD64 and SHA256 numbers are presented mostly for amusement or +# reference purposes. +# (**) I.e. it gives ~2-3x speed-up if compared with compiler generated +# code. One can argue that hand-coded *non*-SSE2 implementation +# would perform better than compiler generated one as well, and +# that comparison is therefore not exactly fair. Well, as SHA512 +# puts enormous pressure on IA-32 GP register bank, I reckon that +# hand-coded version wouldn't perform significantly better than +# one compiled with icc, ~20% perhaps... So that this code would +# still outperform it with distinguishing marginal. But feel free +# to prove me wrong:-) +# +push(@INC,"perlasm","../../perlasm"); +require "x86asm.pl"; + +&asm_init($ARGV[0],"sha512-sse2.pl",$ARGV[$#ARGV] eq "386"); + +$K512="esi"; # K512[80] table, found at the end... +#$W512="esp"; # $W512 is not just W512[16]: it comprises *two* copies + # of W512[16] and a copy of A-H variables... +$W512_SZ=8*(16+16+8); # see above... +#$Kidx="ebx"; # index in K512 table, advances from 0 to 80... +$Widx="edx"; # index in W512, wraps around at 16... +$data="edi"; # 16 qwords of input data... +$A="mm0"; # B-D and +$E="mm1"; # F-H are allocated dynamically... +$Aoff=256+0; # A-H offsets relative to $W512... +$Boff=256+8; +$Coff=256+16; +$Doff=256+24; +$Eoff=256+32; +$Foff=256+40; +$Goff=256+48; +$Hoff=256+56; + +sub SHA2_ROUND() +{ local ($kidx,$widx)=@_; + + # One can argue that one could reorder instructions for better + # performance. Well, I tried and it doesn't seem to make any + # noticeable difference. Modern out-of-order execution cores + # reorder instructions to their liking in either case and they + # apparently do decent job. So we can keep the code more + # readable/regular/comprehensible:-) + + # I adhere to 64-bit %mmX registers in order to avoid/not care + # about #GP exceptions on misaligned 128-bit access, most + # notably in paddq with memory operand. Not to mention that + # SSE2 intructions operating on %mmX can be scheduled every + # cycle [and not every second one if operating on %xmmN]. + + &movq ("mm4",&QWP($Foff,$W512)); # load f + &movq ("mm5",&QWP($Goff,$W512)); # load g + &movq ("mm6",&QWP($Hoff,$W512)); # load h + + &movq ("mm2",$E); # %mm2 is sliding right + &movq ("mm3",$E); # %mm3 is sliding left + &psrlq ("mm2",14); + &psllq ("mm3",23); + &movq ("mm7","mm2"); # %mm7 is T1 + &pxor ("mm7","mm3"); + &psrlq ("mm2",4); + &psllq ("mm3",23); + &pxor ("mm7","mm2"); + &pxor ("mm7","mm3"); + &psrlq ("mm2",23); + &psllq ("mm3",4); + &pxor ("mm7","mm2"); + &pxor ("mm7","mm3"); # T1=Sigma1_512(e) + + &movq (&QWP($Foff,$W512),$E); # f = e + &movq (&QWP($Goff,$W512),"mm4"); # g = f + &movq (&QWP($Hoff,$W512),"mm5"); # h = g + + &pxor ("mm4","mm5"); # f^=g + &pand ("mm4",$E); # f&=e + &pxor ("mm4","mm5"); # f^=g + &paddq ("mm7","mm4"); # T1+=Ch(e,f,g) + + &movq ("mm2",&QWP($Boff,$W512)); # load b + &movq ("mm3",&QWP($Coff,$W512)); # load c + &movq ($E,&QWP($Doff,$W512)); # e = d + + &paddq ("mm7","mm6"); # T1+=h + &paddq ("mm7",&QWP(0,$K512,$kidx,8)); # T1+=K512[i] + &paddq ("mm7",&QWP(0,$W512,$widx,8)); # T1+=W512[i] + &paddq ($E,"mm7"); # e += T1 + + &movq ("mm4",$A); # %mm4 is sliding right + &movq ("mm5",$A); # %mm5 is sliding left + &psrlq ("mm4",28); + &psllq ("mm5",25); + &movq ("mm6","mm4"); # %mm6 is T2 + &pxor ("mm6","mm5"); + &psrlq ("mm4",6); + &psllq ("mm5",5); + &pxor ("mm6","mm4"); + &pxor ("mm6","mm5"); + &psrlq ("mm4",5); + &psllq ("mm5",6); + &pxor ("mm6","mm4"); + &pxor ("mm6","mm5"); # T2=Sigma0_512(a) + + &movq (&QWP($Boff,$W512),$A); # b = a + &movq (&QWP($Coff,$W512),"mm2"); # c = b + &movq (&QWP($Doff,$W512),"mm3"); # d = c + + &movq ("mm4",$A); # %mm4=a + &por ($A,"mm3"); # a=a|c + &pand ("mm4","mm3"); # %mm4=a&c + &pand ($A,"mm2"); # a=(a|c)&b + &por ("mm4",$A); # %mm4=(a&c)|((a|c)&b) + &paddq ("mm6","mm4"); # T2+=Maj(a,b,c) + + &movq ($A,"mm7"); # a=T1 + &paddq ($A,"mm6"); # a+=T2 +} + +$func="sha512_block_sse2"; + +&function_begin_B($func); + if (0) {# Caller is expected to check if it's appropriate to + # call this routine. Below 3 lines are retained for + # debugging purposes... + &picmeup("eax","OPENSSL_ia32cap"); + &bt (&DWP(0,"eax"),26); + &jnc ("SHA512_Transform"); + } + + &push ("ebp"); + &mov ("ebp","esp"); + &push ("ebx"); + &push ("esi"); + &push ("edi"); + + &mov ($Widx,&DWP(8,"ebp")); # A-H state, 1st arg + &mov ($data,&DWP(12,"ebp")); # input data, 2nd arg + &call (&label("pic_point")); # make it PIC! +&set_label("pic_point"); + &blindpop($K512); + &lea ($K512,&DWP(&label("K512")."-".&label("pic_point"),$K512)); + + $W512 = "esp"; # start using %esp as W512 + &sub ($W512,$W512_SZ); + &and ($W512,-16); # ensure 128-bit alignment + + # make private copy of A-H + # v assume the worst and stick to unaligned load + &movdqu ("xmm0",&QWP(0,$Widx)); + &movdqu ("xmm1",&QWP(16,$Widx)); + &movdqu ("xmm2",&QWP(32,$Widx)); + &movdqu ("xmm3",&QWP(48,$Widx)); + +&align(8); +&set_label("_chunk_loop"); + + &movdqa (&QWP($Aoff,$W512),"xmm0"); # a,b + &movdqa (&QWP($Coff,$W512),"xmm1"); # c,d + &movdqa (&QWP($Eoff,$W512),"xmm2"); # e,f + &movdqa (&QWP($Goff,$W512),"xmm3"); # g,h + + &xor ($Widx,$Widx); + + &movdq2q($A,"xmm0"); # load a + &movdq2q($E,"xmm2"); # load e + + # Why aren't loops unrolled? It makes sense to unroll if + # execution time for loop body is comparable with branch + # penalties and/or if whole data-set resides in register bank. + # Neither is case here... Well, it would be possible to + # eliminate few store operations, but it would hardly affect + # so to say stop-watch performance, as there is a lot of + # available memory slots to fill. It will only relieve some + # pressure off memory bus... + + # flip input stream byte order... + &mov ("eax",&DWP(0,$data,$Widx,8)); + &mov ("ebx",&DWP(4,$data,$Widx,8)); + &bswap ("eax"); + &bswap ("ebx"); + &mov (&DWP(0,$W512,$Widx,8),"ebx"); # W512[i] + &mov (&DWP(4,$W512,$Widx,8),"eax"); + &mov (&DWP(128+0,$W512,$Widx,8),"ebx"); # copy of W512[i] + &mov (&DWP(128+4,$W512,$Widx,8),"eax"); + +&align(8); +&set_label("_1st_loop"); # 0-15 + # flip input stream byte order... + &mov ("eax",&DWP(0+8,$data,$Widx,8)); + &mov ("ebx",&DWP(4+8,$data,$Widx,8)); + &bswap ("eax"); + &bswap ("ebx"); + &mov (&DWP(0+8,$W512,$Widx,8),"ebx"); # W512[i] + &mov (&DWP(4+8,$W512,$Widx,8),"eax"); + &mov (&DWP(128+0+8,$W512,$Widx,8),"ebx"); # copy of W512[i] + &mov (&DWP(128+4+8,$W512,$Widx,8),"eax"); +&set_label("_1st_looplet"); + &SHA2_ROUND($Widx,$Widx); &inc($Widx); + +&cmp ($Widx,15) +&jl (&label("_1st_loop")); +&je (&label("_1st_looplet")); # playing similar trick on 2nd loop + # does not improve performance... + + $Kidx = "ebx"; # start using %ebx as Kidx + &mov ($Kidx,$Widx); + +&align(8); +&set_label("_2nd_loop"); # 16-79 + &and($Widx,0xf); + + # 128-bit fragment! I update W512[i] and W512[i+1] in + # parallel:-) Note that I refer to W512[(i&0xf)+N] and not to + # W512[(i+N)&0xf]! This is exactly what I maintain the second + # copy of W512[16] for... + &movdqu ("xmm0",&QWP(8*1,$W512,$Widx,8)); # s0=W512[i+1] + &movdqa ("xmm2","xmm0"); # %xmm2 is sliding right + &movdqa ("xmm3","xmm0"); # %xmm3 is sliding left + &psrlq ("xmm2",1); + &psllq ("xmm3",56); + &movdqa ("xmm0","xmm2"); + &pxor ("xmm0","xmm3"); + &psrlq ("xmm2",6); + &psllq ("xmm3",7); + &pxor ("xmm0","xmm2"); + &pxor ("xmm0","xmm3"); + &psrlq ("xmm2",1); + &pxor ("xmm0","xmm2"); # s0 = sigma0_512(s0); + + &movdqa ("xmm1",&QWP(8*14,$W512,$Widx,8)); # s1=W512[i+14] + &movdqa ("xmm4","xmm1"); # %xmm4 is sliding right + &movdqa ("xmm5","xmm1"); # %xmm5 is sliding left + &psrlq ("xmm4",6); + &psllq ("xmm5",3); + &movdqa ("xmm1","xmm4"); + &pxor ("xmm1","xmm5"); + &psrlq ("xmm4",13); + &psllq ("xmm5",42); + &pxor ("xmm1","xmm4"); + &pxor ("xmm1","xmm5"); + &psrlq ("xmm4",42); + &pxor ("xmm1","xmm4"); # s1 = sigma1_512(s1); + + # + have to explictly load W512[i+9] as it's not 128-bit + # v aligned and paddq would throw an exception... + &movdqu ("xmm6",&QWP(8*9,$W512,$Widx,8)); + &paddq ("xmm0","xmm1"); # s0 += s1 + &paddq ("xmm0","xmm6"); # s0 += W512[i+9] + &paddq ("xmm0",&QWP(0,$W512,$Widx,8)); # s0 += W512[i] + + &movdqa (&QWP(0,$W512,$Widx,8),"xmm0"); # W512[i] = s0 + &movdqa (&QWP(16*8,$W512,$Widx,8),"xmm0"); # copy of W512[i] + + # as the above fragment was 128-bit, we "owe" 2 rounds... + &SHA2_ROUND($Kidx,$Widx); &inc($Kidx); &inc($Widx); + &SHA2_ROUND($Kidx,$Widx); &inc($Kidx); &inc($Widx); + +&cmp ($Kidx,80); +&jl (&label("_2nd_loop")); + + # update A-H state + &mov ($Widx,&DWP(8,"ebp")); # A-H state, 1st arg + &movq (&QWP($Aoff,$W512),$A); # write out a + &movq (&QWP($Eoff,$W512),$E); # write out e + &movdqu ("xmm0",&QWP(0,$Widx)); + &movdqu ("xmm1",&QWP(16,$Widx)); + &movdqu ("xmm2",&QWP(32,$Widx)); + &movdqu ("xmm3",&QWP(48,$Widx)); + &paddq ("xmm0",&QWP($Aoff,$W512)); # 128-bit additions... + &paddq ("xmm1",&QWP($Coff,$W512)); + &paddq ("xmm2",&QWP($Eoff,$W512)); + &paddq ("xmm3",&QWP($Goff,$W512)); + &movdqu (&QWP(0,$Widx),"xmm0"); + &movdqu (&QWP(16,$Widx),"xmm1"); + &movdqu (&QWP(32,$Widx),"xmm2"); + &movdqu (&QWP(48,$Widx),"xmm3"); + +&add ($data,16*8); # advance input data pointer +&dec (&DWP(16,"ebp")); # decrement 3rd arg +&jnz (&label("_chunk_loop")); + + # epilogue + &emms (); # required for at least ELF and Win32 ABIs + &mov ("edi",&DWP(-12,"ebp")); + &mov ("esi",&DWP(-8,"ebp")); + &mov ("ebx",&DWP(-4,"ebp")); + &leave (); +&ret (); + +&align(64); +&set_label("K512"); # Yes! I keep it in the code segment! + &data_word(0xd728ae22,0x428a2f98); # u64 + &data_word(0x23ef65cd,0x71374491); # u64 + &data_word(0xec4d3b2f,0xb5c0fbcf); # u64 + &data_word(0x8189dbbc,0xe9b5dba5); # u64 + &data_word(0xf348b538,0x3956c25b); # u64 + &data_word(0xb605d019,0x59f111f1); # u64 + &data_word(0xaf194f9b,0x923f82a4); # u64 + &data_word(0xda6d8118,0xab1c5ed5); # u64 + &data_word(0xa3030242,0xd807aa98); # u64 + &data_word(0x45706fbe,0x12835b01); # u64 + &data_word(0x4ee4b28c,0x243185be); # u64 + &data_word(0xd5ffb4e2,0x550c7dc3); # u64 + &data_word(0xf27b896f,0x72be5d74); # u64 + &data_word(0x3b1696b1,0x80deb1fe); # u64 + &data_word(0x25c71235,0x9bdc06a7); # u64 + &data_word(0xcf692694,0xc19bf174); # u64 + &data_word(0x9ef14ad2,0xe49b69c1); # u64 + &data_word(0x384f25e3,0xefbe4786); # u64 + &data_word(0x8b8cd5b5,0x0fc19dc6); # u64 + &data_word(0x77ac9c65,0x240ca1cc); # u64 + &data_word(0x592b0275,0x2de92c6f); # u64 + &data_word(0x6ea6e483,0x4a7484aa); # u64 + &data_word(0xbd41fbd4,0x5cb0a9dc); # u64 + &data_word(0x831153b5,0x76f988da); # u64 + &data_word(0xee66dfab,0x983e5152); # u64 + &data_word(0x2db43210,0xa831c66d); # u64 + &data_word(0x98fb213f,0xb00327c8); # u64 + &data_word(0xbeef0ee4,0xbf597fc7); # u64 + &data_word(0x3da88fc2,0xc6e00bf3); # u64 + &data_word(0x930aa725,0xd5a79147); # u64 + &data_word(0xe003826f,0x06ca6351); # u64 + &data_word(0x0a0e6e70,0x14292967); # u64 + &data_word(0x46d22ffc,0x27b70a85); # u64 + &data_word(0x5c26c926,0x2e1b2138); # u64 + &data_word(0x5ac42aed,0x4d2c6dfc); # u64 + &data_word(0x9d95b3df,0x53380d13); # u64 + &data_word(0x8baf63de,0x650a7354); # u64 + &data_word(0x3c77b2a8,0x766a0abb); # u64 + &data_word(0x47edaee6,0x81c2c92e); # u64 + &data_word(0x1482353b,0x92722c85); # u64 + &data_word(0x4cf10364,0xa2bfe8a1); # u64 + &data_word(0xbc423001,0xa81a664b); # u64 + &data_word(0xd0f89791,0xc24b8b70); # u64 + &data_word(0x0654be30,0xc76c51a3); # u64 + &data_word(0xd6ef5218,0xd192e819); # u64 + &data_word(0x5565a910,0xd6990624); # u64 + &data_word(0x5771202a,0xf40e3585); # u64 + &data_word(0x32bbd1b8,0x106aa070); # u64 + &data_word(0xb8d2d0c8,0x19a4c116); # u64 + &data_word(0x5141ab53,0x1e376c08); # u64 + &data_word(0xdf8eeb99,0x2748774c); # u64 + &data_word(0xe19b48a8,0x34b0bcb5); # u64 + &data_word(0xc5c95a63,0x391c0cb3); # u64 + &data_word(0xe3418acb,0x4ed8aa4a); # u64 + &data_word(0x7763e373,0x5b9cca4f); # u64 + &data_word(0xd6b2b8a3,0x682e6ff3); # u64 + &data_word(0x5defb2fc,0x748f82ee); # u64 + &data_word(0x43172f60,0x78a5636f); # u64 + &data_word(0xa1f0ab72,0x84c87814); # u64 + &data_word(0x1a6439ec,0x8cc70208); # u64 + &data_word(0x23631e28,0x90befffa); # u64 + &data_word(0xde82bde9,0xa4506ceb); # u64 + &data_word(0xb2c67915,0xbef9a3f7); # u64 + &data_word(0xe372532b,0xc67178f2); # u64 + &data_word(0xea26619c,0xca273ece); # u64 + &data_word(0x21c0c207,0xd186b8c7); # u64 + &data_word(0xcde0eb1e,0xeada7dd6); # u64 + &data_word(0xee6ed178,0xf57d4f7f); # u64 + &data_word(0x72176fba,0x06f067aa); # u64 + &data_word(0xa2c898a6,0x0a637dc5); # u64 + &data_word(0xbef90dae,0x113f9804); # u64 + &data_word(0x131c471b,0x1b710b35); # u64 + &data_word(0x23047d84,0x28db77f5); # u64 + &data_word(0x40c72493,0x32caab7b); # u64 + &data_word(0x15c9bebc,0x3c9ebe0a); # u64 + &data_word(0x9c100d4c,0x431d67c4); # u64 + &data_word(0xcb3e42b6,0x4cc5d4be); # u64 + &data_word(0xfc657e2a,0x597f299c); # u64 + &data_word(0x3ad6faec,0x5fcb6fab); # u64 + &data_word(0x4a475817,0x6c44198c); # u64 + +&function_end_B($func); + +&asm_finish(); diff --git a/src/lib/libcrypto/sha/sha1test.c b/src/lib/libcrypto/sha/sha1test.c index 4f2e4ada2d..6feb3964c7 100644 --- a/src/lib/libcrypto/sha/sha1test.c +++ b/src/lib/libcrypto/sha/sha1test.c @@ -106,7 +106,7 @@ static char *pt(unsigned char *md); int main(int argc, char *argv[]) { int i,err=0; - unsigned char **P,**R; + char **P,**R; static unsigned char buf[1000]; char *p,*r; EVP_MD_CTX c; @@ -118,12 +118,12 @@ int main(int argc, char *argv[]) #endif EVP_MD_CTX_init(&c); - P=(unsigned char **)test; - R=(unsigned char **)ret; + P=test; + R=ret; i=1; while (*P != NULL) { - EVP_Digest(*P,(unsigned long)strlen((char *)*P),md,NULL,EVP_sha1(), NULL); + EVP_Digest(*P,strlen((char *)*P),md,NULL,EVP_sha1(), NULL); p=pt(md); if (strcmp(p,(char *)*R) != 0) { @@ -157,6 +157,10 @@ int main(int argc, char *argv[]) } else printf("test 3 ok\n"); + +#ifdef OPENSSL_SYS_NETWARE + if (err) printf("ERROR: %d\n", err); +#endif EXIT(err); EVP_MD_CTX_cleanup(&c); return(0); diff --git a/src/lib/libcrypto/sha/sha_dgst.c b/src/lib/libcrypto/sha/sha_dgst.c index 5a4b3ab204..70eb56032c 100644 --- a/src/lib/libcrypto/sha/sha_dgst.c +++ b/src/lib/libcrypto/sha/sha_dgst.c @@ -56,6 +56,7 @@ * [including the GNU Public Licence.] */ +#include #if !defined(OPENSSL_NO_SHA0) && !defined(OPENSSL_NO_SHA) #undef SHA_1 @@ -63,7 +64,7 @@ #include -const char *SHA_version="SHA" OPENSSL_VERSION_PTEXT; +const char SHA_version[]="SHA" OPENSSL_VERSION_PTEXT; /* The implementation is in ../md32_common.h */ diff --git a/src/lib/libcrypto/sha/sha_one.c b/src/lib/libcrypto/sha/sha_one.c index d4f4d344df..3bae623ce8 100644 --- a/src/lib/libcrypto/sha/sha_one.c +++ b/src/lib/libcrypto/sha/sha_one.c @@ -62,7 +62,7 @@ #include #ifndef OPENSSL_NO_SHA0 -unsigned char *SHA(const unsigned char *d, unsigned long n, unsigned char *md) +unsigned char *SHA(const unsigned char *d, size_t n, unsigned char *md) { SHA_CTX c; static unsigned char m[SHA_DIGEST_LENGTH]; diff --git a/src/lib/libcrypto/sha/shatest.c b/src/lib/libcrypto/sha/shatest.c index ff702aa53e..ed0fe06a7b 100644 --- a/src/lib/libcrypto/sha/shatest.c +++ b/src/lib/libcrypto/sha/shatest.c @@ -106,7 +106,7 @@ static char *pt(unsigned char *md); int main(int argc, char *argv[]) { int i,err=0; - unsigned char **P,**R; + char **P,**R; static unsigned char buf[1000]; char *p,*r; EVP_MD_CTX c; @@ -118,12 +118,12 @@ int main(int argc, char *argv[]) #endif EVP_MD_CTX_init(&c); - P=(unsigned char **)test; - R=(unsigned char **)ret; + P=test; + R=ret; i=1; while (*P != NULL) { - EVP_Digest(*P,(unsigned long)strlen((char *)*P),md,NULL,EVP_sha(), NULL); + EVP_Digest(*P,strlen((char *)*P),md,NULL,EVP_sha(), NULL); p=pt(md); if (strcmp(p,(char *)*R) != 0) { @@ -157,6 +157,10 @@ int main(int argc, char *argv[]) } else printf("test 3 ok\n"); + +#ifdef OPENSSL_SYS_NETWARE + if (err) printf("ERROR: %d\n", err); +#endif EVP_MD_CTX_cleanup(&c); EXIT(err); return(0); diff --git a/src/lib/libcrypto/stack/Makefile b/src/lib/libcrypto/stack/Makefile index 711b16832a..5327692ac8 100644 --- a/src/lib/libcrypto/stack/Makefile +++ b/src/lib/libcrypto/stack/Makefile @@ -7,11 +7,6 @@ TOP= ../.. CC= cc INCLUDES= CFLAG=-g -INSTALL_PREFIX= -OPENSSLDIR= /usr/local/ssl -INSTALLTOP=/usr/local/ssl -MAKEDEPPROG= makedepend -MAKEDEPEND= $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG) MAKEFILE= Makefile AR= ar r @@ -51,6 +46,7 @@ links: @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS) install: + @[ -n "$(INSTALLTOP)" ] # should be set by top Makefile... @headerlist="$(EXHEADER)"; for i in $$headerlist ; \ do \ (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \ @@ -66,6 +62,7 @@ lint: lint -DLINT $(INCLUDES) $(SRC)>fluff depend: + @[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile... $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC) dclean: @@ -77,10 +74,11 @@ clean: # DO NOT DELETE THIS LINE -- make depend depends on it. -stack.o: ../../e_os.h ../../include/openssl/bio.h +stack.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h stack.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h stack.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -stack.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h -stack.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h -stack.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -stack.o: ../cryptlib.h stack.c +stack.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h +stack.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h +stack.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +stack.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +stack.o: ../../include/openssl/symhacks.h ../cryptlib.h stack.c diff --git a/src/lib/libcrypto/symhacks.h b/src/lib/libcrypto/symhacks.h index 774162fec9..64528ad5c2 100644 --- a/src/lib/libcrypto/symhacks.h +++ b/src/lib/libcrypto/symhacks.h @@ -127,6 +127,12 @@ /* Hack some long X509 names */ #undef X509_REVOKED_get_ext_by_critical #define X509_REVOKED_get_ext_by_critical X509_REVOKED_get_ext_by_critic +#undef X509_policy_tree_get0_user_policies +#define X509_policy_tree_get0_user_policies X509_pcy_tree_get0_usr_policies +#undef X509_policy_node_get0_qualifiers +#define X509_policy_node_get0_qualifiers X509_pcy_node_get0_qualifiers +#undef X509_STORE_CTX_get_explicit_policy +#define X509_STORE_CTX_get_explicit_policy X509_STORE_CTX_get_expl_policy /* Hack some long CRYPTO names */ #undef CRYPTO_set_dynlock_destroy_callback @@ -153,16 +159,16 @@ #define SSL_get_ex_data_X509_STORE_CTX_idx SSL_get_ex_d_X509_STORE_CTX_idx #undef SSL_add_file_cert_subjects_to_stack #define SSL_add_file_cert_subjects_to_stack SSL_add_file_cert_subjs_to_stk -#if 0 /* This function is not defined i VMS. */ #undef SSL_add_dir_cert_subjects_to_stack #define SSL_add_dir_cert_subjects_to_stack SSL_add_dir_cert_subjs_to_stk -#endif #undef SSL_CTX_use_certificate_chain_file #define SSL_CTX_use_certificate_chain_file SSL_CTX_use_cert_chain_file #undef SSL_CTX_set_cert_verify_callback #define SSL_CTX_set_cert_verify_callback SSL_CTX_set_cert_verify_cb #undef SSL_CTX_set_default_passwd_cb_userdata #define SSL_CTX_set_default_passwd_cb_userdata SSL_CTX_set_def_passwd_cb_ud +#undef SSL_COMP_get_compression_methods +#define SSL_COMP_get_compression_methods SSL_COMP_get_compress_methods /* Hack some long ENGINE names */ #undef ENGINE_get_default_BN_mod_exp_crt @@ -195,6 +201,12 @@ #define OPENSSL_add_all_algorithms_conf OPENSSL_add_all_algo_conf /* Hack some long EC names */ +#undef EC_GROUP_set_point_conversion_form +#define EC_GROUP_set_point_conversion_form EC_GROUP_set_point_conv_form +#undef EC_GROUP_get_point_conversion_form +#define EC_GROUP_get_point_conversion_form EC_GROUP_get_point_conv_form +#undef EC_GROUP_clear_free_all_extra_data +#define EC_GROUP_clear_free_all_extra_data EC_GROUP_clr_free_all_xtra_data #undef EC_POINT_set_Jprojective_coordinates_GFp #define EC_POINT_set_Jprojective_coordinates_GFp \ EC_POINT_set_Jproj_coords_GFp @@ -207,6 +219,32 @@ #define EC_POINT_get_affine_coordinates_GFp EC_POINT_get_affine_coords_GFp #undef EC_POINT_set_compressed_coordinates_GFp #define EC_POINT_set_compressed_coordinates_GFp EC_POINT_set_compr_coords_GFp +#undef EC_POINT_set_affine_coordinates_GF2m +#define EC_POINT_set_affine_coordinates_GF2m EC_POINT_set_affine_coords_GF2m +#undef EC_POINT_get_affine_coordinates_GF2m +#define EC_POINT_get_affine_coordinates_GF2m EC_POINT_get_affine_coords_GF2m +#undef EC_POINT_set_compressed_coordinates_GF2m +#define EC_POINT_set_compressed_coordinates_GF2m \ + EC_POINT_set_compr_coords_GF2m +#undef ec_GF2m_simple_group_clear_finish +#define ec_GF2m_simple_group_clear_finish ec_GF2m_simple_grp_clr_finish +#undef ec_GF2m_simple_group_check_discriminant +#define ec_GF2m_simple_group_check_discriminant ec_GF2m_simple_grp_chk_discrim +#undef ec_GF2m_simple_point_clear_finish +#define ec_GF2m_simple_point_clear_finish ec_GF2m_simple_pt_clr_finish +#undef ec_GF2m_simple_point_set_to_infinity +#define ec_GF2m_simple_point_set_to_infinity ec_GF2m_simple_pt_set_to_inf +#undef ec_GF2m_simple_points_make_affine +#define ec_GF2m_simple_points_make_affine ec_GF2m_simple_pts_make_affine +#undef ec_GF2m_simple_point_set_affine_coordinates +#define ec_GF2m_simple_point_set_affine_coordinates \ + ec_GF2m_smp_pt_set_af_coords +#undef ec_GF2m_simple_point_get_affine_coordinates +#define ec_GF2m_simple_point_get_affine_coordinates \ + ec_GF2m_smp_pt_get_af_coords +#undef ec_GF2m_simple_set_compressed_coordinates +#define ec_GF2m_simple_set_compressed_coordinates \ + ec_GF2m_smp_set_compr_coords #undef ec_GFp_simple_group_set_curve_GFp #define ec_GFp_simple_group_set_curve_GFp ec_GFp_simple_grp_set_curve_GFp #undef ec_GFp_simple_group_get_curve_GFp @@ -242,6 +280,81 @@ #undef ec_GFp_simple_set_compressed_coordinates_GFp #define ec_GFp_simple_set_compressed_coordinates_GFp \ ec_GFp_smp_set_compr_coords_GFp +#undef ec_GFp_simple_point_set_affine_coordinates +#define ec_GFp_simple_point_set_affine_coordinates \ + ec_GFp_smp_pt_set_af_coords +#undef ec_GFp_simple_point_get_affine_coordinates +#define ec_GFp_simple_point_get_affine_coordinates \ + ec_GFp_smp_pt_get_af_coords +#undef ec_GFp_simple_set_compressed_coordinates +#define ec_GFp_simple_set_compressed_coordinates \ + ec_GFp_smp_set_compr_coords +#undef ec_GFp_simple_group_check_discriminant +#define ec_GFp_simple_group_check_discriminant ec_GFp_simple_grp_chk_discrim + +/* Hack som long STORE names */ +#undef STORE_method_set_initialise_function +#define STORE_method_set_initialise_function STORE_meth_set_initialise_fn +#undef STORE_method_set_cleanup_function +#define STORE_method_set_cleanup_function STORE_meth_set_cleanup_fn +#undef STORE_method_set_generate_function +#define STORE_method_set_generate_function STORE_meth_set_generate_fn +#undef STORE_method_set_modify_function +#define STORE_method_set_modify_function STORE_meth_set_modify_fn +#undef STORE_method_set_revoke_function +#define STORE_method_set_revoke_function STORE_meth_set_revoke_fn +#undef STORE_method_set_delete_function +#define STORE_method_set_delete_function STORE_meth_set_delete_fn +#undef STORE_method_set_list_start_function +#define STORE_method_set_list_start_function STORE_meth_set_list_start_fn +#undef STORE_method_set_list_next_function +#define STORE_method_set_list_next_function STORE_meth_set_list_next_fn +#undef STORE_method_set_list_end_function +#define STORE_method_set_list_end_function STORE_meth_set_list_end_fn +#undef STORE_method_set_update_store_function +#define STORE_method_set_update_store_function STORE_meth_set_update_store_fn +#undef STORE_method_set_lock_store_function +#define STORE_method_set_lock_store_function STORE_meth_set_lock_store_fn +#undef STORE_method_set_unlock_store_function +#define STORE_method_set_unlock_store_function STORE_meth_set_unlock_store_fn +#undef STORE_method_get_initialise_function +#define STORE_method_get_initialise_function STORE_meth_get_initialise_fn +#undef STORE_method_get_cleanup_function +#define STORE_method_get_cleanup_function STORE_meth_get_cleanup_fn +#undef STORE_method_get_generate_function +#define STORE_method_get_generate_function STORE_meth_get_generate_fn +#undef STORE_method_get_modify_function +#define STORE_method_get_modify_function STORE_meth_get_modify_fn +#undef STORE_method_get_revoke_function +#define STORE_method_get_revoke_function STORE_meth_get_revoke_fn +#undef STORE_method_get_delete_function +#define STORE_method_get_delete_function STORE_meth_get_delete_fn +#undef STORE_method_get_list_start_function +#define STORE_method_get_list_start_function STORE_meth_get_list_start_fn +#undef STORE_method_get_list_next_function +#define STORE_method_get_list_next_function STORE_meth_get_list_next_fn +#undef STORE_method_get_list_end_function +#define STORE_method_get_list_end_function STORE_meth_get_list_end_fn +#undef STORE_method_get_update_store_function +#define STORE_method_get_update_store_function STORE_meth_get_update_store_fn +#undef STORE_method_get_lock_store_function +#define STORE_method_get_lock_store_function STORE_meth_get_lock_store_fn +#undef STORE_method_get_unlock_store_function +#define STORE_method_get_unlock_store_function STORE_meth_get_unlock_store_fn + +/* Hack some long CMS names */ +#undef CMS_RecipientInfo_ktri_get0_algs +#define CMS_RecipientInfo_ktri_get0_algs CMS_RecipInfo_ktri_get0_algs +#undef CMS_RecipientInfo_ktri_get0_signer_id +#define CMS_RecipientInfo_ktri_get0_signer_id CMS_RecipInfo_ktri_get0_sigr_id +#undef CMS_OtherRevocationInfoFormat_it +#define CMS_OtherRevocationInfoFormat_it CMS_OtherRevocInfoFormat_it +#undef CMS_KeyAgreeRecipientIdentifier_it +#define CMS_KeyAgreeRecipientIdentifier_it CMS_KeyAgreeRecipIdentifier_it +#undef CMS_OriginatorIdentifierOrKey_it +#define CMS_OriginatorIdentifierOrKey_it CMS_OriginatorIdOrKey_it +#undef cms_SignerIdentifier_get0_signer_id +#define cms_SignerIdentifier_get0_signer_id cms_SignerId_get0_signer_id #endif /* defined OPENSSL_SYS_VMS */ @@ -253,6 +366,15 @@ #undef OCSP_crlID_new #define OCSP_crlID_new OCSP_crlID2_new +#undef d2i_ECPARAMETERS +#define d2i_ECPARAMETERS d2i_UC_ECPARAMETERS +#undef i2d_ECPARAMETERS +#define i2d_ECPARAMETERS i2d_UC_ECPARAMETERS +#undef d2i_ECPKPARAMETERS +#define d2i_ECPKPARAMETERS d2i_UC_ECPKPARAMETERS +#undef i2d_ECPKPARAMETERS +#define i2d_ECPKPARAMETERS i2d_UC_ECPKPARAMETERS + /* These functions do not seem to exist! However, I'm paranoid... Original command in x509v3.h: These functions are being redefined in another directory, @@ -273,3 +395,6 @@ #endif /* ! defined HEADER_VMS_IDHACKS_H */ +/* This one clashes with CMS_data_create */ +#undef cms_Data_create +#define cms_Data_create priv_cms_Data_create diff --git a/src/lib/libcrypto/threads/mttest.c b/src/lib/libcrypto/threads/mttest.c index 7588966cb2..f6f3df4b6a 100644 --- a/src/lib/libcrypto/threads/mttest.c +++ b/src/lib/libcrypto/threads/mttest.c @@ -77,6 +77,12 @@ #ifdef PTHREADS #include #endif +#ifdef OPENSSL_SYS_NETWARE +#if !defined __int64 +# define __int64 long long +#endif +#include +#endif #include #include #include @@ -86,8 +92,18 @@ #include #include +#ifdef OPENSSL_NO_FP_API +#define APPS_WIN16 +#include "../buffer/bss_file.c" +#endif + +#ifdef OPENSSL_SYS_NETWARE +#define TEST_SERVER_CERT "/openssl/apps/server.pem" +#define TEST_CLIENT_CERT "/openssl/apps/client.pem" +#else #define TEST_SERVER_CERT "../../apps/server.pem" #define TEST_CLIENT_CERT "../../apps/client.pem" +#endif #define MAX_THREAD_NUMBER 100 @@ -100,10 +116,18 @@ void irix_locking_callback(int mode,int type,char *file,int line); void solaris_locking_callback(int mode,int type,char *file,int line); void win32_locking_callback(int mode,int type,char *file,int line); void pthreads_locking_callback(int mode,int type,char *file,int line); +void netware_locking_callback(int mode,int type,char *file,int line); unsigned long irix_thread_id(void ); unsigned long solaris_thread_id(void ); unsigned long pthreads_thread_id(void ); +unsigned long netware_thread_id(void ); + +#if defined(OPENSSL_SYS_NETWARE) +static MPKMutex *lock_cs; +static MPKSema ThreadSem; +static long *lock_count; +#endif BIO *bio_err=NULL; BIO *bio_stdout=NULL; @@ -384,6 +408,9 @@ int ndoit(SSL_CTX *ssl_ctx[2]) SSL_free((SSL *)ctx[2]); SSL_free((SSL *)ctx[3]); } +# ifdef OPENSSL_SYS_NETWARE + MPKSemaphoreSignal(ThreadSem); +# endif return(0); } @@ -627,6 +654,9 @@ int doit(char *ctx[4]) } if ((done & S_DONE) && (done & C_DONE)) break; +# if defined(OPENSSL_SYS_NETWARE) + ThreadSwitchWithDelay(); +# endif } SSL_set_shutdown(c_ssl,SSL_SENT_SHUTDOWN|SSL_RECEIVED_SHUTDOWN); @@ -1094,3 +1124,88 @@ unsigned long pthreads_thread_id(void) +#ifdef OPENSSL_SYS_NETWARE + +void thread_setup(void) +{ + int i; + + lock_cs=OPENSSL_malloc(CRYPTO_num_locks() * sizeof(MPKMutex)); + lock_count=OPENSSL_malloc(CRYPTO_num_locks() * sizeof(long)); + for (i=0; ireferences,c_ctx->references); +} + +unsigned long netware_thread_id(void) +{ + unsigned long ret; + + ret=(unsigned long)GetThreadID(); + return(ret); +} +#endif /* NETWARE */ diff --git a/src/lib/libcrypto/threads/th-lock.c b/src/lib/libcrypto/threads/th-lock.c index a6a79b9f45..14aae5f912 100644 --- a/src/lib/libcrypto/threads/th-lock.c +++ b/src/lib/libcrypto/threads/th-lock.c @@ -80,7 +80,7 @@ #include #include #include -#include +#include "../../e_os.h" #include #include #include diff --git a/src/lib/libcrypto/tmdiff.c b/src/lib/libcrypto/tmdiff.c index 307523ebba..1c6e052ac9 100644 --- a/src/lib/libcrypto/tmdiff.c +++ b/src/lib/libcrypto/tmdiff.c @@ -72,7 +72,11 @@ # define TIMES #endif -#ifndef _IRIX +#ifdef OPENSSL_SYS_NETWARE +#undef TIMES +#endif + +#if !defined(_IRIX) || defined (OPENSSL_SYS_NETWARE) # include #endif #ifdef TIMES @@ -94,7 +98,7 @@ #include #endif -#if !defined(TIMES) && !defined(OPENSSL_SYS_VXWORKS) +#if !defined(TIMES) && !defined(OPENSSL_SYS_VXWORKS) && !defined(OPENSSL_SYS_NETWARE) #include #endif @@ -106,7 +110,8 @@ #ifndef HZ # if defined(_SC_CLK_TCK) \ && (!defined(OPENSSL_SYS_VMS) || __CTRL_VER >= 70000000) -# define HZ ((double)sysconf(_SC_CLK_TCK)) +/* # define HZ ((double)sysconf(_SC_CLK_TCK)) */ +# define HZ sysconf(_SC_CLK_TCK) # else # ifndef CLK_TCK # ifndef _BSD_CLK_TCK_ /* FreeBSD hack */ @@ -120,7 +125,7 @@ # endif #endif -typedef struct ms_tm +struct ms_tm { #ifdef TIMES struct tms ms_tms; @@ -128,6 +133,8 @@ typedef struct ms_tm # ifdef OPENSSL_SYS_WIN32 HANDLE thread_id; FILETIME ms_win32; +# elif defined (OPENSSL_SYS_NETWARE) + clock_t ms_clock; # else # ifdef OPENSSL_SYS_VXWORKS unsigned long ticks; @@ -136,9 +143,9 @@ typedef struct ms_tm # endif # endif #endif - } MS_TM; + }; -char *ms_time_new(void) +MS_TM *ms_time_new(void) { MS_TM *ret; @@ -149,18 +156,17 @@ char *ms_time_new(void) #ifdef OPENSSL_SYS_WIN32 ret->thread_id=GetCurrentThread(); #endif - return((char *)ret); + return ret; } -void ms_time_free(char *a) +void ms_time_free(MS_TM *a) { if (a != NULL) OPENSSL_free(a); } -void ms_time_get(char *a) +void ms_time_get(MS_TM *tm) { - MS_TM *tm=(MS_TM *)a; #ifdef OPENSSL_SYS_WIN32 FILETIME tmpa,tmpb,tmpc; #endif @@ -170,6 +176,8 @@ void ms_time_get(char *a) #else # ifdef OPENSSL_SYS_WIN32 GetThreadTimes(tm->thread_id,&tmpa,&tmpb,&tmpc,&(tm->ms_win32)); +# elif defined (OPENSSL_SYS_NETWARE) + tm->ms_clock = clock(); # else # ifdef OPENSSL_SYS_VXWORKS tm->ticks = tickGet(); @@ -180,14 +188,13 @@ void ms_time_get(char *a) #endif } -double ms_time_diff(char *ap, char *bp) +double ms_time_diff(MS_TM *a, MS_TM *b) { - MS_TM *a=(MS_TM *)ap; - MS_TM *b=(MS_TM *)bp; double ret; #ifdef TIMES - ret=(b->ms_tms.tms_utime-a->ms_tms.tms_utime)/HZ; + ret = HZ; + ret = (b->ms_tms.tms_utime-a->ms_tms.tms_utime) / ret; #else # ifdef OPENSSL_SYS_WIN32 { @@ -204,6 +211,8 @@ double ms_time_diff(char *ap, char *bp) lb+=b->ms_win32.dwLowDateTime; ret=((double)(lb-la))/1e7; } +# elif defined (OPENSSL_SYS_NETWARE) + ret= (double)(b->ms_clock - a->ms_clock); # else # ifdef OPENSSL_SYS_VXWORKS ret = (double)(b->ticks - a->ticks) / (double)sysClkRateGet(); @@ -217,18 +226,20 @@ double ms_time_diff(char *ap, char *bp) return((ret < 0.0000001)?0.0000001:ret); } -int ms_time_cmp(char *ap, char *bp) +int ms_time_cmp(const MS_TM *a, const MS_TM *b) { - MS_TM *a=(MS_TM *)ap,*b=(MS_TM *)bp; double d; int ret; #ifdef TIMES - d=(b->ms_tms.tms_utime-a->ms_tms.tms_utime)/HZ; + d = HZ; + d = (b->ms_tms.tms_utime-a->ms_tms.tms_utime) / d; #else # ifdef OPENSSL_SYS_WIN32 d =(b->ms_win32.dwHighDateTime&0x000fffff)*10+b->ms_win32.dwLowDateTime/1e7; d-=(a->ms_win32.dwHighDateTime&0x000fffff)*10+a->ms_win32.dwLowDateTime/1e7; +# elif defined (OPENSSL_SYS_NETWARE) + d= (double)(b->ms_clock - a->ms_clock); # else # ifdef OPENSSL_SYS_VXWORKS d = (b->ticks - a->ticks); diff --git a/src/lib/libcrypto/tmdiff.h b/src/lib/libcrypto/tmdiff.h index 41a8a1e0e0..af5c41c649 100644 --- a/src/lib/libcrypto/tmdiff.h +++ b/src/lib/libcrypto/tmdiff.h @@ -59,6 +59,16 @@ /* Header for dynamic hash table routines * Author - Eric Young */ +/* ... erm yeah, "dynamic hash tables" you say? + * + * And what would dynamic hash tables have to do with any of this code *now*? + * AFAICS, this code is only referenced by crypto/bn/exp.c which is an unused + * file that I doubt compiles any more. speed.c is the only thing that could + * use this (and it has nothing to do with hash tables), yet it instead has its + * own duplication of all this stuff and looks, if anything, more complete. See + * the corresponding note in apps/speed.c. + * The Bemused - Geoff + */ #ifndef HEADER_TMDIFF_H #define HEADER_TMDIFF_H @@ -67,11 +77,13 @@ extern "C" { #endif -char *ms_time_new(void ); -void ms_time_free(char *a); -void ms_time_get(char *a); -double ms_time_diff(char *start,char *end); -int ms_time_cmp(char *ap,char *bp); +typedef struct ms_tm MS_TM; + +MS_TM *ms_time_new(void ); +void ms_time_free(MS_TM *a); +void ms_time_get(MS_TM *a); +double ms_time_diff(MS_TM *start, MS_TM *end); +int ms_time_cmp(const MS_TM *ap, const MS_TM *bp); #ifdef __cplusplus } diff --git a/src/lib/libcrypto/txt_db/Makefile b/src/lib/libcrypto/txt_db/Makefile index 3cb550a795..e6f30331d8 100644 --- a/src/lib/libcrypto/txt_db/Makefile +++ b/src/lib/libcrypto/txt_db/Makefile @@ -7,11 +7,6 @@ TOP= ../.. CC= cc INCLUDES= CFLAG=-g -INSTALL_PREFIX= -OPENSSLDIR= /usr/local/ssl -INSTALLTOP=/usr/local/ssl -MAKEDEPPROG= makedepend -MAKEDEPEND= $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG) MAKEFILE= Makefile AR= ar r @@ -51,6 +46,7 @@ links: @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS) install: + @[ -n "$(INSTALLTOP)" ] # should be set by top Makefile... @headerlist="$(EXHEADER)"; for i in $$headerlist ; \ do \ (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \ @@ -66,6 +62,7 @@ lint: lint -DLINT $(INCLUDES) $(SRC)>fluff depend: + @[ -n "$(MAKEDEPEND)" ] # should be set by top Makefile... $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC) dclean: @@ -81,6 +78,7 @@ txt_db.o: ../../e_os.h ../../include/openssl/bio.h txt_db.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h txt_db.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h txt_db.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h -txt_db.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h -txt_db.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -txt_db.o: ../../include/openssl/txt_db.h ../cryptlib.h txt_db.c +txt_db.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +txt_db.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +txt_db.o: ../../include/openssl/symhacks.h ../../include/openssl/txt_db.h +txt_db.o: ../cryptlib.h txt_db.c diff --git a/src/lib/libcrypto/ui/Makefile b/src/lib/libcrypto/ui/Makefile index fcb2a66a39..a685659fb4 100644 --- a/src/lib/libcrypto/ui/Makefile +++ b/src/lib/libcrypto/ui/Makefile @@ -7,11 +7,6 @@ TOP= ../.. CC= cc INCLUDES= -I.. -I$(TOP) -I../../include CFLAG=-g -INSTALL_PREFIX= -OPENSSLDIR= /usr/local/ssl -INSTALLTOP=/usr/local/ssl -MAKEDEPPROG= makedepend -MAKEDEPEND= $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG) MAKEFILE= Makefile AR= ar r @@ -55,6 +50,7 @@ links: @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS) install: + @[ -n "$(INSTALLTOP)" ] # should be set by top Makefile... @headerlist="$(EXHEADER)"; for i in $$headerlist ; \ do \ (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \ @@ -70,6 +66,7 @@ lint: lint -DLINT $(INCLUDES) $(SRC)>fluff depend: + @[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile... $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC) dclean: @@ -81,35 +78,34 @@ clean: # DO NOT DELETE THIS LINE -- make depend depends on it. -ui_compat.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h -ui_compat.o: ../../include/openssl/opensslconf.h -ui_compat.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h -ui_compat.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -ui_compat.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -ui_compat.o: ui_compat.c +ui_compat.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h +ui_compat.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h +ui_compat.o: ../../include/openssl/stack.h ../../include/openssl/ui.h +ui_compat.o: ../../include/openssl/ui_compat.h ui_compat.c ui_err.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h ui_err.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h ui_err.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h -ui_err.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h -ui_err.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -ui_err.o: ../../include/openssl/ui.h ui_err.c +ui_err.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +ui_err.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +ui_err.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h ui_err.c ui_lib.o: ../../e_os.h ../../include/openssl/bio.h ui_lib.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h ui_lib.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h ui_lib.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h -ui_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h -ui_lib.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -ui_lib.o: ../../include/openssl/ui.h ../cryptlib.h ui_lib.c ui_locl.h +ui_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +ui_lib.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +ui_lib.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h +ui_lib.o: ../cryptlib.h ui_lib.c ui_locl.h ui_openssl.o: ../../e_os.h ../../include/openssl/bio.h ui_openssl.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h ui_openssl.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h ui_openssl.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h -ui_openssl.o: ../../include/openssl/opensslv.h +ui_openssl.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h ui_openssl.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h ui_openssl.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h ui_openssl.o: ../cryptlib.h ui_locl.h ui_openssl.c ui_util.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h ui_util.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -ui_util.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h -ui_util.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -ui_util.o: ui_util.c +ui_util.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h +ui_util.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +ui_util.o: ../../include/openssl/ui.h ui_locl.h ui_util.c diff --git a/src/lib/libcrypto/uid.c b/src/lib/libcrypto/uid.c index 73205a4baa..b1fd52bada 100644 --- a/src/lib/libcrypto/uid.c +++ b/src/lib/libcrypto/uid.c @@ -65,7 +65,7 @@ int OPENSSL_issetugid(void) return issetugid(); } -#elif defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_VXWORKS) +#elif defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_VXWORKS) || defined(OPENSSL_SYS_NETWARE) int OPENSSL_issetugid(void) { diff --git a/src/lib/libcrypto/util/ck_errf.pl b/src/lib/libcrypto/util/ck_errf.pl index 7a24d6c5a2..344b422c34 100644 --- a/src/lib/libcrypto/util/ck_errf.pl +++ b/src/lib/libcrypto/util/ck_errf.pl @@ -13,16 +13,21 @@ foreach $file (@ARGV) $func=""; while () { - if (/^[a-zA-Z].+[\s*]([A-Za-z_0-9]+)\(.*\)/) + if (!/;$/ && /^([a-zA-Z].*[\s*])?([A-Za-z_0-9]+)\(.*[),]/) { - $func=$1; + /^([^()]*(\([^()]*\)[^()]*)*)\(/; + $1 =~ /([A-Za-z_0-9]*)$/; + $func = $1; $func =~ tr/A-Z/a-z/; } if (/([A-Z0-9]+)err\(([^,]+)/) { - next if ($func eq ""); $errlib=$1; $n=$2; + + if ($func eq "") + { print "$file:$.:???:$n\n"; next; } + if ($n !~ /([^_]+)_F_(.+)$/) { # print "check -$file:$.:$func:$n\n"; @@ -32,7 +37,7 @@ foreach $file (@ARGV) $n=$2; if ($lib ne $errlib) - { print "$file:$.:$func:$n\n"; next; } + { print "$file:$.:$func:$n [${errlib}err]\n"; next; } $n =~ tr/A-Z/a-z/; if (($n ne $func) && ($errlib ne "SYS")) diff --git a/src/lib/libcrypto/util/clean-depend.pl b/src/lib/libcrypto/util/clean-depend.pl index 6c485d1e2f..2b2bdb4048 100644 --- a/src/lib/libcrypto/util/clean-depend.pl +++ b/src/lib/libcrypto/util/clean-depend.pl @@ -37,8 +37,11 @@ foreach $file (sort keys %files) { $file=~s/^\.\///; push @{$files{$file}},$origfile; my $prevdep=""; - foreach $dep (sort @{$files{$file}}) { - $dep=~s/^\.\///; + + # Remove leading ./ before sorting + my @deps = map { $_ =~ s/^\.\///; $_ } @{$files{$file}}; + + foreach $dep (sort @deps) { next if $prevdep eq $dep; # to exterminate duplicates... $prevdep = $dep; $len=0 if $len+length($dep)+1 >= 80; diff --git a/src/lib/libcrypto/util/cygwin.sh b/src/lib/libcrypto/util/cygwin.sh index 7f791d47f4..89d1dda95b 100644 --- a/src/lib/libcrypto/util/cygwin.sh +++ b/src/lib/libcrypto/util/cygwin.sh @@ -47,6 +47,14 @@ function doc_install() create_cygwin_readme } +function certs_install() +{ + CERTS_DIR=${INSTALL_PREFIX}/usr/ssl/certs + + mkdir -p ${CERTS_DIR} + cp -rp certs/* ${CERTS_DIR} +} + function create_cygwin_readme() { README_DIR=${INSTALL_PREFIX}/usr/share/doc/Cygwin @@ -104,19 +112,25 @@ base_install doc_install +certs_install + create_cygwin_readme create_profile_files cd ${INSTALL_PREFIX} -strip usr/bin/*.exe usr/bin/*.dll +chmod u+w usr/lib/engines/*.so +strip usr/bin/*.exe usr/bin/*.dll usr/lib/engines/*.so +chmod u-w usr/lib/engines/*.so # Runtime package -find etc usr/bin usr/share/doc usr/ssl/certs usr/ssl/man/man[157] \ - usr/ssl/misc usr/ssl/openssl.cnf usr/ssl/private -empty -o \! -type d | +find etc usr/bin usr/lib/engines usr/share/doc usr/ssl/certs \ + usr/ssl/man/man[157] usr/ssl/misc usr/ssl/openssl.cnf usr/ssl/private \ + -empty -o \! -type d | tar cjfT openssl-${VERSION}-${SUBVERSION}.tar.bz2 - # Development package -find usr/include usr/lib usr/ssl/man/man3 -empty -o \! -type d | +find usr/include usr/lib/*.a usr/lib/pkgconfig usr/ssl/man/man3 \ + -empty -o \! -type d | tar cjfT openssl-devel-${VERSION}-${SUBVERSION}.tar.bz2 - ls -l openssl-${VERSION}-${SUBVERSION}.tar.bz2 diff --git a/src/lib/libcrypto/util/domd b/src/lib/libcrypto/util/domd index 5610521f0b..691be7a440 100644 --- a/src/lib/libcrypto/util/domd +++ b/src/lib/libcrypto/util/domd @@ -26,7 +26,7 @@ if [ "$MAKEDEPEND" = "gcc" ]; then ${PERL} $TOP/util/clean-depend.pl < Makefile.tmp > Makefile.new rm -f Makefile.tmp else - ${MAKEDEPEND} -D OPENSSL_DOING_MAKEDEPEND -f Makefile $@ + ${MAKEDEPEND} -D OPENSSL_DOING_MAKEDEPEND $@ ${PERL} $TOP/util/clean-depend.pl < Makefile > Makefile.new fi mv Makefile.new Makefile diff --git a/src/lib/libcrypto/util/libeay.num b/src/lib/libcrypto/util/libeay.num index 4222bef6d6..2989500c4b 100644 --- a/src/lib/libcrypto/util/libeay.num +++ b/src/lib/libcrypto/util/libeay.num @@ -123,10 +123,10 @@ BN_dup 128 EXIST::FUNCTION: BN_free 129 EXIST::FUNCTION: BN_from_montgomery 130 EXIST::FUNCTION: BN_gcd 131 EXIST::FUNCTION: -BN_generate_prime 132 EXIST::FUNCTION: +BN_generate_prime 132 EXIST::FUNCTION:DEPRECATED BN_get_word 133 EXIST::FUNCTION: BN_is_bit_set 134 EXIST::FUNCTION: -BN_is_prime 135 EXIST::FUNCTION: +BN_is_prime 135 EXIST::FUNCTION:DEPRECATED BN_lshift 136 EXIST::FUNCTION: BN_lshift1 137 EXIST::FUNCTION: BN_mask_bits 138 EXIST::FUNCTION: @@ -193,14 +193,14 @@ DH_check 200 EXIST::FUNCTION:DH DH_compute_key 201 EXIST::FUNCTION:DH DH_free 202 EXIST::FUNCTION:DH DH_generate_key 203 EXIST::FUNCTION:DH -DH_generate_parameters 204 EXIST::FUNCTION:DH +DH_generate_parameters 204 EXIST::FUNCTION:DEPRECATED,DH DH_new 205 EXIST::FUNCTION:DH DH_size 206 EXIST::FUNCTION:DH DHparams_print 207 EXIST::FUNCTION:BIO,DH DHparams_print_fp 208 EXIST::FUNCTION:DH,FP_API DSA_free 209 EXIST::FUNCTION:DSA DSA_generate_key 210 EXIST::FUNCTION:DSA -DSA_generate_parameters 211 EXIST::FUNCTION:DSA +DSA_generate_parameters 211 EXIST::FUNCTION:DEPRECATED,DSA DSA_is_prime 212 NOEXIST::FUNCTION: DSA_new 213 EXIST::FUNCTION:DSA DSA_print 214 EXIST::FUNCTION:BIO,DSA @@ -474,7 +474,7 @@ RSAPrivateKey_dup 481 EXIST::FUNCTION:RSA RSAPublicKey_dup 482 EXIST::FUNCTION:RSA RSA_PKCS1_SSLeay 483 EXIST::FUNCTION:RSA RSA_free 484 EXIST::FUNCTION:RSA -RSA_generate_key 485 EXIST::FUNCTION:RSA +RSA_generate_key 485 EXIST::FUNCTION:DEPRECATED,RSA RSA_new 486 EXIST::FUNCTION:RSA RSA_new_method 487 EXIST::FUNCTION:RSA RSA_print 488 EXIST::FUNCTION:BIO,RSA @@ -802,7 +802,7 @@ DES_set_odd_parity 809 EXIST::FUNCTION:DES DES_string_to_2keys 810 EXIST::FUNCTION:DES DES_string_to_key 811 EXIST::FUNCTION:DES DES_xcbc_encrypt 812 EXIST::FUNCTION:DES -DES_xwhite_in2out 813 EXIST::FUNCTION:DES +DES_xwhite_in2out 813 NOEXIST::FUNCTION: fcrypt_body 814 NOEXIST::FUNCTION: i2a_ASN1_INTEGER 815 EXIST::FUNCTION:BIO i2a_ASN1_OBJECT 816 EXIST::FUNCTION:BIO @@ -1104,7 +1104,7 @@ BN_RECP_CTX_set 1131 EXIST::FUNCTION: BN_mod_mul_reciprocal 1132 EXIST::FUNCTION: BN_mod_exp_recp 1133 EXIST::FUNCTION: BN_div_recp 1134 EXIST::FUNCTION: -BN_CTX_init 1135 EXIST::FUNCTION: +BN_CTX_init 1135 EXIST::FUNCTION:DEPRECATED BN_MONT_CTX_init 1136 EXIST::FUNCTION: RAND_get_rand_method 1137 EXIST::FUNCTION: PKCS7_add_attribute 1138 EXIST::FUNCTION: @@ -1221,8 +1221,8 @@ BIO_f_reliable 1244 EXIST::FUNCTION:BIO PKCS7_dataFinal 1245 EXIST::FUNCTION: PKCS7_dataDecode 1246 EXIST::FUNCTION: X509V3_EXT_CRL_add_conf 1247 EXIST::FUNCTION: -BN_set_params 1248 EXIST::FUNCTION: -BN_get_params 1249 EXIST::FUNCTION: +BN_set_params 1248 EXIST::FUNCTION:DEPRECATED +BN_get_params 1249 EXIST::FUNCTION:DEPRECATED BIO_get_ex_num 1250 NOEXIST::FUNCTION: BIO_set_ex_free_func 1251 NOEXIST::FUNCTION: EVP_ripemd160 1252 EXIST::FUNCTION:RIPEMD @@ -1744,7 +1744,7 @@ X509_REQ_add1_attr_by_txt 2217 EXIST::FUNCTION: X509_ATTRIBUTE_create_by_txt 2218 EXIST::FUNCTION: X509at_add1_attr_by_txt 2219 EXIST::FUNCTION: BN_pseudo_rand 2239 EXIST::FUNCTION: -BN_is_prime_fasttest 2240 EXIST::FUNCTION: +BN_is_prime_fasttest 2240 EXIST::FUNCTION:DEPRECATED BN_CTX_end 2241 EXIST::FUNCTION: BN_CTX_start 2242 EXIST::FUNCTION: BN_CTX_get 2243 EXIST::FUNCTION: @@ -2071,7 +2071,7 @@ PKCS7_ATTR_SIGN_it 2632 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTI UI_add_error_string 2633 EXIST::FUNCTION: KRB5_CHECKSUM_free 2634 EXIST::FUNCTION: OCSP_REQUEST_get_ext 2635 EXIST::FUNCTION: -ENGINE_load_ubsec 2636 EXIST::FUNCTION:ENGINE +ENGINE_load_ubsec 2636 EXIST::FUNCTION:ENGINE,STATIC_ENGINE ENGINE_register_all_digests 2637 EXIST::FUNCTION:ENGINE PKEY_USAGE_PERIOD_it 2638 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: PKEY_USAGE_PERIOD_it 2638 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: @@ -2089,7 +2089,7 @@ OCSP_BASICRESP_get_ext_by_crit 2646 EXIST:VMS:FUNCTION: OCSP_cert_status_str 2647 EXIST::FUNCTION: d2i_OCSP_REQUEST 2648 EXIST::FUNCTION: UI_dup_info_string 2649 EXIST::FUNCTION: -_ossl_old_des_xwhite_in2out 2650 EXIST::FUNCTION:DES +_ossl_old_des_xwhite_in2out 2650 NOEXIST::FUNCTION: PKCS12_it 2651 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: PKCS12_it 2651 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: OCSP_SINGLERESP_get_ext_by_critical 2652 EXIST:!VMS:FUNCTION: @@ -2419,7 +2419,7 @@ UI_get_string_type 2916 EXIST::FUNCTION: ENGINE_unregister_DH 2917 EXIST::FUNCTION:ENGINE ENGINE_register_all_DSA 2918 EXIST::FUNCTION:ENGINE OCSP_ONEREQ_get_ext_by_critical 2919 EXIST::FUNCTION: -bn_dup_expand 2920 EXIST::FUNCTION: +bn_dup_expand 2920 EXIST::FUNCTION:DEPRECATED OCSP_cert_id_new 2921 EXIST::FUNCTION: BASIC_CONSTRAINTS_it 2922 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: BASIC_CONSTRAINTS_it 2922 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: @@ -2545,7 +2545,7 @@ OCSP_RESPONSE_new 3023 EXIST::FUNCTION: AES_set_encrypt_key 3024 EXIST::FUNCTION:AES OCSP_resp_count 3025 EXIST::FUNCTION: KRB5_CHECKSUM_new 3026 EXIST::FUNCTION: -ENGINE_load_cswift 3027 EXIST::FUNCTION:ENGINE +ENGINE_load_cswift 3027 EXIST::FUNCTION:ENGINE,STATIC_ENGINE OCSP_onereq_get0_id 3028 EXIST::FUNCTION: ENGINE_set_default_ciphers 3029 EXIST::FUNCTION:ENGINE NOTICEREF_it 3030 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: @@ -2576,7 +2576,7 @@ ASN1_primitive_free 3051 EXIST::FUNCTION: i2d_EXTENDED_KEY_USAGE 3052 EXIST::FUNCTION: i2d_OCSP_SIGNATURE 3053 EXIST::FUNCTION: asn1_enc_save 3054 EXIST::FUNCTION: -ENGINE_load_nuron 3055 EXIST::FUNCTION:ENGINE +ENGINE_load_nuron 3055 EXIST::FUNCTION:ENGINE,STATIC_ENGINE _ossl_old_des_pcbc_encrypt 3056 EXIST::FUNCTION:DES PKCS12_MAC_DATA_it 3057 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: PKCS12_MAC_DATA_it 3057 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: @@ -2600,7 +2600,7 @@ asn1_get_choice_selector 3071 EXIST::FUNCTION: i2d_KRB5_CHECKSUM 3072 EXIST::FUNCTION: ENGINE_set_table_flags 3073 EXIST::FUNCTION:ENGINE AES_options 3074 EXIST::FUNCTION:AES -ENGINE_load_chil 3075 EXIST::FUNCTION:ENGINE +ENGINE_load_chil 3075 EXIST::FUNCTION:ENGINE,STATIC_ENGINE OCSP_id_cmp 3076 EXIST::FUNCTION: OCSP_BASICRESP_new 3077 EXIST::FUNCTION: OCSP_REQUEST_get_ext_by_NID 3078 EXIST::FUNCTION: @@ -2667,7 +2667,7 @@ OCSP_CRLID_it 3127 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIA OCSP_CRLID_it 3127 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: i2d_KRB5_AUTHENTBODY 3128 EXIST::FUNCTION: OCSP_REQUEST_get_ext_count 3129 EXIST::FUNCTION: -ENGINE_load_atalla 3130 EXIST::FUNCTION:ENGINE +ENGINE_load_atalla 3130 EXIST::FUNCTION:ENGINE,STATIC_ENGINE X509_NAME_it 3131 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: X509_NAME_it 3131 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: USERNOTICE_it 3132 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: @@ -2762,8 +2762,8 @@ DES_read_2passwords 3206 EXIST::FUNCTION:DES DES_read_password 3207 EXIST::FUNCTION:DES UI_UTIL_read_pw 3208 EXIST::FUNCTION: UI_UTIL_read_pw_string 3209 EXIST::FUNCTION: -ENGINE_load_aep 3210 EXIST::FUNCTION:ENGINE -ENGINE_load_sureware 3211 EXIST::FUNCTION:ENGINE +ENGINE_load_aep 3210 EXIST::FUNCTION:ENGINE,STATIC_ENGINE +ENGINE_load_sureware 3211 EXIST::FUNCTION:ENGINE,STATIC_ENGINE OPENSSL_add_all_algorithms_noconf 3212 EXIST:!VMS:FUNCTION: OPENSSL_add_all_algo_noconf 3212 EXIST:VMS:FUNCTION: OPENSSL_add_all_algorithms_conf 3213 EXIST:!VMS:FUNCTION: @@ -2772,7 +2772,7 @@ OPENSSL_load_builtin_modules 3214 EXIST::FUNCTION: AES_ofb128_encrypt 3215 EXIST::FUNCTION:AES AES_ctr128_encrypt 3216 EXIST::FUNCTION:AES AES_cfb128_encrypt 3217 EXIST::FUNCTION:AES -ENGINE_load_4758cca 3218 EXIST::FUNCTION:ENGINE +ENGINE_load_4758cca 3218 EXIST::FUNCTION:ENGINE,STATIC_ENGINE _ossl_096_des_random_seed 3219 EXIST::FUNCTION:DES EVP_aes_256_ofb 3220 EXIST::FUNCTION:AES EVP_aes_192_ofb 3221 EXIST::FUNCTION:AES @@ -2804,57 +2804,57 @@ OPENSSL_cleanse 3245 EXIST::FUNCTION: ENGINE_setup_bsd_cryptodev 3246 EXIST:__FreeBSD__:FUNCTION:ENGINE ERR_release_err_state_table 3247 EXIST::FUNCTION:LHASH EVP_aes_128_cfb8 3248 EXIST::FUNCTION:AES -FIPS_corrupt_rsa 3249 EXIST:OPENSSL_FIPS:FUNCTION: -FIPS_selftest_des 3250 EXIST:OPENSSL_FIPS:FUNCTION: +FIPS_corrupt_rsa 3249 NOEXIST::FUNCTION: +FIPS_selftest_des 3250 NOEXIST::FUNCTION: EVP_aes_128_cfb1 3251 EXIST::FUNCTION:AES EVP_aes_192_cfb8 3252 EXIST::FUNCTION:AES -FIPS_mode_set 3253 EXIST:OPENSSL_FIPS:FUNCTION: -FIPS_selftest_dsa 3254 EXIST:OPENSSL_FIPS:FUNCTION: +FIPS_mode_set 3253 NOEXIST::FUNCTION: +FIPS_selftest_dsa 3254 NOEXIST::FUNCTION: EVP_aes_256_cfb8 3255 EXIST::FUNCTION:AES FIPS_allow_md5 3256 NOEXIST::FUNCTION: DES_ede3_cfb_encrypt 3257 EXIST::FUNCTION:DES EVP_des_ede3_cfb8 3258 EXIST::FUNCTION:DES -FIPS_rand_seeded 3259 EXIST:OPENSSL_FIPS:FUNCTION: +FIPS_rand_seeded 3259 NOEXIST::FUNCTION: AES_cfbr_encrypt_block 3260 EXIST::FUNCTION:AES AES_cfb8_encrypt 3261 EXIST::FUNCTION:AES -FIPS_rand_seed 3262 EXIST:OPENSSL_FIPS:FUNCTION: -FIPS_corrupt_des 3263 EXIST:OPENSSL_FIPS:FUNCTION: +FIPS_rand_seed 3262 NOEXIST::FUNCTION: +FIPS_corrupt_des 3263 NOEXIST::FUNCTION: EVP_aes_192_cfb1 3264 EXIST::FUNCTION:AES -FIPS_selftest_aes 3265 EXIST:OPENSSL_FIPS:FUNCTION: -FIPS_set_prng_key 3266 EXIST:OPENSSL_FIPS:FUNCTION: +FIPS_selftest_aes 3265 NOEXIST::FUNCTION: +FIPS_set_prng_key 3266 NOEXIST::FUNCTION: EVP_des_cfb8 3267 EXIST::FUNCTION:DES -FIPS_corrupt_dsa 3268 EXIST:OPENSSL_FIPS:FUNCTION: -FIPS_test_mode 3269 EXIST:OPENSSL_FIPS:FUNCTION: -FIPS_rand_method 3270 EXIST:OPENSSL_FIPS:FUNCTION: +FIPS_corrupt_dsa 3268 NOEXIST::FUNCTION: +FIPS_test_mode 3269 NOEXIST::FUNCTION: +FIPS_rand_method 3270 NOEXIST::FUNCTION: EVP_aes_256_cfb1 3271 EXIST::FUNCTION:AES -ERR_load_FIPS_strings 3272 EXIST:OPENSSL_FIPS:FUNCTION: -FIPS_corrupt_aes 3273 EXIST:OPENSSL_FIPS:FUNCTION: -FIPS_selftest_sha1 3274 EXIST:OPENSSL_FIPS:FUNCTION: -FIPS_selftest_rsa 3275 EXIST:OPENSSL_FIPS:FUNCTION: -FIPS_corrupt_sha1 3276 EXIST:OPENSSL_FIPS:FUNCTION: +ERR_load_FIPS_strings 3272 NOEXIST::FUNCTION: +FIPS_corrupt_aes 3273 NOEXIST::FUNCTION: +FIPS_selftest_sha1 3274 NOEXIST::FUNCTION: +FIPS_selftest_rsa 3275 NOEXIST::FUNCTION: +FIPS_corrupt_sha1 3276 NOEXIST::FUNCTION: EVP_des_cfb1 3277 EXIST::FUNCTION:DES -FIPS_dsa_check 3278 EXIST:OPENSSL_FIPS:FUNCTION: +FIPS_dsa_check 3278 NOEXIST::FUNCTION: AES_cfb1_encrypt 3279 EXIST::FUNCTION:AES EVP_des_ede3_cfb1 3280 EXIST::FUNCTION:DES -FIPS_rand_check 3281 EXIST:OPENSSL_FIPS:FUNCTION: +FIPS_rand_check 3281 NOEXIST::FUNCTION: FIPS_md5_allowed 3282 NOEXIST::FUNCTION: -FIPS_mode 3283 EXIST:OPENSSL_FIPS:FUNCTION: -FIPS_selftest_failed 3284 EXIST:OPENSSL_FIPS:FUNCTION: +FIPS_mode 3283 NOEXIST::FUNCTION: +FIPS_selftest_failed 3284 NOEXIST::FUNCTION: sk_is_sorted 3285 EXIST::FUNCTION: X509_check_ca 3286 EXIST::FUNCTION: -private_idea_set_encrypt_key 3287 EXIST:OPENSSL_FIPS:FUNCTION:IDEA -HMAC_CTX_set_flags 3288 EXIST::FUNCTION:HMAC -private_SHA_Init 3289 EXIST:OPENSSL_FIPS:FUNCTION:SHA,SHA0 -private_CAST_set_key 3290 EXIST:OPENSSL_FIPS:FUNCTION:CAST -private_RIPEMD160_Init 3291 EXIST:OPENSSL_FIPS:FUNCTION:RIPEMD -private_RC5_32_set_key 3292 EXIST:OPENSSL_FIPS:FUNCTION:RC5 -private_MD5_Init 3293 EXIST:OPENSSL_FIPS:FUNCTION:MD5 -private_RC4_set_key 3294 EXIST:OPENSSL_FIPS:FUNCTION:RC4 -private_MDC2_Init 3295 EXIST:OPENSSL_FIPS:FUNCTION:MDC2 -private_RC2_set_key 3296 EXIST:OPENSSL_FIPS:FUNCTION:RC2 -private_MD4_Init 3297 EXIST:OPENSSL_FIPS:FUNCTION:MD4 -private_BF_set_key 3298 EXIST:OPENSSL_FIPS:FUNCTION:BF -private_MD2_Init 3299 EXIST:OPENSSL_FIPS:FUNCTION:MD2 +private_idea_set_encrypt_key 3287 NOEXIST::FUNCTION: +HMAC_CTX_set_flags 3288 NOEXIST::FUNCTION: +private_SHA_Init 3289 NOEXIST::FUNCTION: +private_CAST_set_key 3290 NOEXIST::FUNCTION: +private_RIPEMD160_Init 3291 NOEXIST::FUNCTION: +private_RC5_32_set_key 3292 NOEXIST::FUNCTION: +private_MD5_Init 3293 NOEXIST::FUNCTION: +private_RC4_set_key 3294 NOEXIST::FUNCTION: +private_MDC2_Init 3295 NOEXIST::FUNCTION: +private_RC2_set_key 3296 NOEXIST::FUNCTION: +private_MD4_Init 3297 NOEXIST::FUNCTION: +private_BF_set_key 3298 NOEXIST::FUNCTION: +private_MD2_Init 3299 NOEXIST::FUNCTION: d2i_PROXY_CERT_INFO_EXTENSION 3300 EXIST::FUNCTION: PROXY_POLICY_it 3301 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: PROXY_POLICY_it 3301 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: @@ -2868,13 +2868,13 @@ PROXY_CERT_INFO_EXTENSION_it 3307 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTI PROXY_POLICY_free 3308 EXIST::FUNCTION: PROXY_POLICY_new 3309 EXIST::FUNCTION: BN_MONT_CTX_set_locked 3310 EXIST::FUNCTION: -FIPS_selftest_rng 3311 EXIST:OPENSSL_FIPS:FUNCTION: -EVP_sha384 3312 EXIST:OPENSSL_FIPS:FUNCTION:SHA,SHA512 -EVP_sha512 3313 EXIST:OPENSSL_FIPS:FUNCTION:SHA,SHA512 -EVP_sha224 3314 EXIST:OPENSSL_FIPS:FUNCTION:SHA,SHA256 -EVP_sha256 3315 EXIST:OPENSSL_FIPS:FUNCTION:SHA,SHA256 -FIPS_selftest_hmac 3316 EXIST:OPENSSL_FIPS:FUNCTION: -FIPS_corrupt_rng 3317 EXIST:OPENSSL_FIPS:FUNCTION: +FIPS_selftest_rng 3311 NOEXIST::FUNCTION: +EVP_sha384 3312 EXIST::FUNCTION:SHA,SHA512 +EVP_sha512 3313 EXIST::FUNCTION:SHA,SHA512 +EVP_sha224 3314 EXIST::FUNCTION:SHA,SHA256 +EVP_sha256 3315 EXIST::FUNCTION:SHA,SHA256 +FIPS_selftest_hmac 3316 NOEXIST::FUNCTION: +FIPS_corrupt_rng 3317 NOEXIST::FUNCTION: BN_mod_exp_mont_consttime 3318 EXIST::FUNCTION: RSA_X931_hash_id 3319 EXIST::FUNCTION:RSA RSA_padding_check_X931 3320 EXIST::FUNCTION:RSA @@ -2882,26 +2882,773 @@ RSA_verify_PKCS1_PSS 3321 EXIST::FUNCTION:RSA RSA_padding_add_X931 3322 EXIST::FUNCTION:RSA RSA_padding_add_PKCS1_PSS 3323 EXIST::FUNCTION:RSA PKCS1_MGF1 3324 EXIST::FUNCTION:RSA -BN_X931_generate_Xpq 3325 EXIST:OPENSSL_FIPS:FUNCTION: -RSA_X931_generate_key 3326 EXIST:OPENSSL_FIPS:FUNCTION:RSA -BN_X931_derive_prime 3327 EXIST:OPENSSL_FIPS:FUNCTION: -BN_X931_generate_prime 3328 EXIST:OPENSSL_FIPS:FUNCTION: -RSA_X931_derive 3329 EXIST:OPENSSL_FIPS:FUNCTION:RSA -SHA512_Update 3356 EXIST:OPENSSL_FIPS:FUNCTION:SHA,SHA512 -SHA256_Init 3479 EXIST:OPENSSL_FIPS:FUNCTION:SHA,SHA256 -SHA224 3510 EXIST:OPENSSL_FIPS:FUNCTION:SHA,SHA256 -SHA384_Update 3551 EXIST:OPENSSL_FIPS:FUNCTION:SHA,SHA512 -SHA224_Final 3560 EXIST:OPENSSL_FIPS:FUNCTION:SHA,SHA256 -SHA224_Update 3562 EXIST:OPENSSL_FIPS:FUNCTION:SHA,SHA256 -SHA512_Final 3581 EXIST:OPENSSL_FIPS:FUNCTION:SHA,SHA512 -SHA224_Init 3631 EXIST:OPENSSL_FIPS:FUNCTION:SHA,SHA256 -SHA512_Init 3633 EXIST:OPENSSL_FIPS:FUNCTION:SHA,SHA512 -SHA256 3654 EXIST:OPENSSL_FIPS:FUNCTION:SHA,SHA256 -SHA256_Transform 3664 EXIST:OPENSSL_FIPS:FUNCTION:SHA,SHA256 -SHA512 3669 EXIST:OPENSSL_FIPS:FUNCTION:SHA,SHA512 -SHA512_Transform 3675 EXIST:OPENSSL_FIPS:FUNCTION:SHA,SHA512 -SHA256_Final 3712 EXIST:OPENSSL_FIPS:FUNCTION:SHA,SHA256 -SHA384_Init 3737 EXIST:OPENSSL_FIPS:FUNCTION:SHA,SHA512 -SHA384_Final 3740 EXIST:OPENSSL_FIPS:FUNCTION:SHA,SHA512 -SHA384 3745 EXIST:OPENSSL_FIPS:FUNCTION:SHA,SHA512 -SHA256_Update 3765 EXIST:OPENSSL_FIPS:FUNCTION:SHA,SHA256 +BN_X931_generate_Xpq 3325 NOEXIST::FUNCTION: +RSA_X931_generate_key 3326 NOEXIST::FUNCTION: +BN_X931_derive_prime 3327 NOEXIST::FUNCTION: +BN_X931_generate_prime 3328 NOEXIST::FUNCTION: +RSA_X931_derive 3329 NOEXIST::FUNCTION: +BIO_new_dgram 3330 EXIST::FUNCTION: +BN_get0_nist_prime_384 3331 EXIST::FUNCTION: +ERR_set_mark 3332 EXIST::FUNCTION: +X509_STORE_CTX_set0_crls 3333 EXIST::FUNCTION: +ENGINE_set_STORE 3334 EXIST::FUNCTION:ENGINE +ENGINE_register_ECDSA 3335 EXIST::FUNCTION:ENGINE +STORE_method_set_list_start_function 3336 EXIST:!VMS:FUNCTION: +STORE_meth_set_list_start_fn 3336 EXIST:VMS:FUNCTION: +BN_BLINDING_invert_ex 3337 EXIST::FUNCTION: +NAME_CONSTRAINTS_free 3338 EXIST::FUNCTION: +STORE_ATTR_INFO_set_number 3339 EXIST::FUNCTION: +BN_BLINDING_get_thread_id 3340 EXIST::FUNCTION: +X509_STORE_CTX_set0_param 3341 EXIST::FUNCTION: +POLICY_MAPPING_it 3342 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +POLICY_MAPPING_it 3342 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +STORE_parse_attrs_start 3343 EXIST::FUNCTION: +POLICY_CONSTRAINTS_free 3344 EXIST::FUNCTION: +EVP_PKEY_add1_attr_by_NID 3345 EXIST::FUNCTION: +BN_nist_mod_192 3346 EXIST::FUNCTION: +EC_GROUP_get_trinomial_basis 3347 EXIST::FUNCTION:EC +STORE_set_method 3348 EXIST::FUNCTION: +GENERAL_SUBTREE_free 3349 EXIST::FUNCTION: +NAME_CONSTRAINTS_it 3350 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +NAME_CONSTRAINTS_it 3350 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +ECDH_get_default_method 3351 EXIST::FUNCTION:ECDH +PKCS12_add_safe 3352 EXIST::FUNCTION: +EC_KEY_new_by_curve_name 3353 EXIST::FUNCTION:EC +STORE_method_get_update_store_function 3354 EXIST:!VMS:FUNCTION: +STORE_meth_get_update_store_fn 3354 EXIST:VMS:FUNCTION: +ENGINE_register_ECDH 3355 EXIST::FUNCTION:ENGINE +SHA512_Update 3356 EXIST::FUNCTION:SHA,SHA512 +i2d_ECPrivateKey 3357 EXIST::FUNCTION:EC +BN_get0_nist_prime_192 3358 EXIST::FUNCTION: +STORE_modify_certificate 3359 EXIST::FUNCTION: +EC_POINT_set_affine_coordinates_GF2m 3360 EXIST:!VMS:FUNCTION:EC +EC_POINT_set_affine_coords_GF2m 3360 EXIST:VMS:FUNCTION:EC +BN_GF2m_mod_exp_arr 3361 EXIST::FUNCTION: +STORE_ATTR_INFO_modify_number 3362 EXIST::FUNCTION: +X509_keyid_get0 3363 EXIST::FUNCTION: +ENGINE_load_gmp 3364 EXIST::FUNCTION:ENGINE,GMP,STATIC_ENGINE +pitem_new 3365 EXIST::FUNCTION: +BN_GF2m_mod_mul_arr 3366 EXIST::FUNCTION: +STORE_list_public_key_endp 3367 EXIST::FUNCTION: +o2i_ECPublicKey 3368 EXIST::FUNCTION:EC +EC_KEY_copy 3369 EXIST::FUNCTION:EC +BIO_dump_fp 3370 EXIST::FUNCTION:FP_API +X509_policy_node_get0_parent 3371 EXIST::FUNCTION: +EC_GROUP_check_discriminant 3372 EXIST::FUNCTION:EC +i2o_ECPublicKey 3373 EXIST::FUNCTION:EC +EC_KEY_precompute_mult 3374 EXIST::FUNCTION:EC +a2i_IPADDRESS 3375 EXIST::FUNCTION: +STORE_method_set_initialise_function 3376 EXIST:!VMS:FUNCTION: +STORE_meth_set_initialise_fn 3376 EXIST:VMS:FUNCTION: +X509_STORE_CTX_set_depth 3377 EXIST::FUNCTION: +X509_VERIFY_PARAM_inherit 3378 EXIST::FUNCTION: +EC_POINT_point2bn 3379 EXIST::FUNCTION:EC +STORE_ATTR_INFO_set_dn 3380 EXIST::FUNCTION: +X509_policy_tree_get0_policies 3381 EXIST::FUNCTION: +EC_GROUP_new_curve_GF2m 3382 EXIST::FUNCTION:EC +STORE_destroy_method 3383 EXIST::FUNCTION: +ENGINE_unregister_STORE 3384 EXIST::FUNCTION:ENGINE +EVP_PKEY_get1_EC_KEY 3385 EXIST::FUNCTION:EC +STORE_ATTR_INFO_get0_number 3386 EXIST::FUNCTION: +ENGINE_get_default_ECDH 3387 EXIST::FUNCTION:ENGINE +EC_KEY_get_conv_form 3388 EXIST::FUNCTION:EC +ASN1_OCTET_STRING_NDEF_it 3389 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +ASN1_OCTET_STRING_NDEF_it 3389 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +STORE_delete_public_key 3390 EXIST::FUNCTION: +STORE_get_public_key 3391 EXIST::FUNCTION: +STORE_modify_arbitrary 3392 EXIST::FUNCTION: +ENGINE_get_static_state 3393 EXIST::FUNCTION:ENGINE +pqueue_iterator 3394 EXIST::FUNCTION: +ECDSA_SIG_new 3395 EXIST::FUNCTION:ECDSA +OPENSSL_DIR_end 3396 EXIST::FUNCTION: +BN_GF2m_mod_sqr 3397 EXIST::FUNCTION: +EC_POINT_bn2point 3398 EXIST::FUNCTION:EC +X509_VERIFY_PARAM_set_depth 3399 EXIST::FUNCTION: +EC_KEY_set_asn1_flag 3400 EXIST::FUNCTION:EC +STORE_get_method 3401 EXIST::FUNCTION: +EC_KEY_get_key_method_data 3402 EXIST::FUNCTION:EC +ECDSA_sign_ex 3403 EXIST::FUNCTION:ECDSA +STORE_parse_attrs_end 3404 EXIST::FUNCTION: +EC_GROUP_get_point_conversion_form 3405 EXIST:!VMS:FUNCTION:EC +EC_GROUP_get_point_conv_form 3405 EXIST:VMS:FUNCTION:EC +STORE_method_set_store_function 3406 EXIST::FUNCTION: +STORE_ATTR_INFO_in 3407 EXIST::FUNCTION: +PEM_read_bio_ECPKParameters 3408 EXIST::FUNCTION:EC +EC_GROUP_get_pentanomial_basis 3409 EXIST::FUNCTION:EC +EVP_PKEY_add1_attr_by_txt 3410 EXIST::FUNCTION: +BN_BLINDING_set_flags 3411 EXIST::FUNCTION: +X509_VERIFY_PARAM_set1_policies 3412 EXIST::FUNCTION: +X509_VERIFY_PARAM_set1_name 3413 EXIST::FUNCTION: +X509_VERIFY_PARAM_set_purpose 3414 EXIST::FUNCTION: +STORE_get_number 3415 EXIST::FUNCTION: +ECDSA_sign_setup 3416 EXIST::FUNCTION:ECDSA +BN_GF2m_mod_solve_quad_arr 3417 EXIST::FUNCTION: +EC_KEY_up_ref 3418 EXIST::FUNCTION:EC +POLICY_MAPPING_free 3419 EXIST::FUNCTION: +BN_GF2m_mod_div 3420 EXIST::FUNCTION: +X509_VERIFY_PARAM_set_flags 3421 EXIST::FUNCTION: +EC_KEY_free 3422 EXIST::FUNCTION:EC +STORE_method_set_list_next_function 3423 EXIST:!VMS:FUNCTION: +STORE_meth_set_list_next_fn 3423 EXIST:VMS:FUNCTION: +PEM_write_bio_ECPrivateKey 3424 EXIST::FUNCTION:EC +d2i_EC_PUBKEY 3425 EXIST::FUNCTION:EC +STORE_method_get_generate_function 3426 EXIST:!VMS:FUNCTION: +STORE_meth_get_generate_fn 3426 EXIST:VMS:FUNCTION: +STORE_method_set_list_end_function 3427 EXIST:!VMS:FUNCTION: +STORE_meth_set_list_end_fn 3427 EXIST:VMS:FUNCTION: +pqueue_print 3428 EXIST::FUNCTION: +EC_GROUP_have_precompute_mult 3429 EXIST::FUNCTION:EC +EC_KEY_print_fp 3430 EXIST::FUNCTION:EC,FP_API +BN_GF2m_mod_arr 3431 EXIST::FUNCTION: +PEM_write_bio_X509_CERT_PAIR 3432 EXIST::FUNCTION: +EVP_PKEY_cmp 3433 EXIST::FUNCTION: +X509_policy_level_node_count 3434 EXIST::FUNCTION: +STORE_new_engine 3435 EXIST::FUNCTION: +STORE_list_public_key_start 3436 EXIST::FUNCTION: +X509_VERIFY_PARAM_new 3437 EXIST::FUNCTION: +ECDH_get_ex_data 3438 EXIST::FUNCTION:ECDH +EVP_PKEY_get_attr 3439 EXIST::FUNCTION: +ECDSA_do_sign 3440 EXIST::FUNCTION:ECDSA +ENGINE_unregister_ECDH 3441 EXIST::FUNCTION:ENGINE +ECDH_OpenSSL 3442 EXIST::FUNCTION:ECDH +EC_KEY_set_conv_form 3443 EXIST::FUNCTION:EC +EC_POINT_dup 3444 EXIST::FUNCTION:EC +GENERAL_SUBTREE_new 3445 EXIST::FUNCTION: +STORE_list_crl_endp 3446 EXIST::FUNCTION: +EC_get_builtin_curves 3447 EXIST::FUNCTION:EC +X509_policy_node_get0_qualifiers 3448 EXIST:!VMS:FUNCTION: +X509_pcy_node_get0_qualifiers 3448 EXIST:VMS:FUNCTION: +STORE_list_crl_end 3449 EXIST::FUNCTION: +EVP_PKEY_set1_EC_KEY 3450 EXIST::FUNCTION:EC +BN_GF2m_mod_sqrt_arr 3451 EXIST::FUNCTION: +i2d_ECPrivateKey_bio 3452 EXIST::FUNCTION:BIO,EC +ECPKParameters_print_fp 3453 EXIST::FUNCTION:EC,FP_API +pqueue_find 3454 EXIST::FUNCTION: +ECDSA_SIG_free 3455 EXIST::FUNCTION:ECDSA +PEM_write_bio_ECPKParameters 3456 EXIST::FUNCTION:EC +STORE_method_set_ctrl_function 3457 EXIST::FUNCTION: +STORE_list_public_key_end 3458 EXIST::FUNCTION: +EC_KEY_set_private_key 3459 EXIST::FUNCTION:EC +pqueue_peek 3460 EXIST::FUNCTION: +STORE_get_arbitrary 3461 EXIST::FUNCTION: +STORE_store_crl 3462 EXIST::FUNCTION: +X509_policy_node_get0_policy 3463 EXIST::FUNCTION: +PKCS12_add_safes 3464 EXIST::FUNCTION: +BN_BLINDING_convert_ex 3465 EXIST::FUNCTION: +X509_policy_tree_free 3466 EXIST::FUNCTION: +OPENSSL_ia32cap_loc 3467 EXIST::FUNCTION: +BN_GF2m_poly2arr 3468 EXIST::FUNCTION: +STORE_ctrl 3469 EXIST::FUNCTION: +STORE_ATTR_INFO_compare 3470 EXIST::FUNCTION: +BN_get0_nist_prime_224 3471 EXIST::FUNCTION: +i2d_ECParameters 3472 EXIST::FUNCTION:EC +i2d_ECPKParameters 3473 EXIST::FUNCTION:EC +BN_GENCB_call 3474 EXIST::FUNCTION: +d2i_ECPKParameters 3475 EXIST::FUNCTION:EC +STORE_method_set_generate_function 3476 EXIST:!VMS:FUNCTION: +STORE_meth_set_generate_fn 3476 EXIST:VMS:FUNCTION: +ENGINE_set_ECDH 3477 EXIST::FUNCTION:ENGINE +NAME_CONSTRAINTS_new 3478 EXIST::FUNCTION: +SHA256_Init 3479 EXIST::FUNCTION:SHA,SHA256 +EC_KEY_get0_public_key 3480 EXIST::FUNCTION:EC +PEM_write_bio_EC_PUBKEY 3481 EXIST::FUNCTION:EC +STORE_ATTR_INFO_set_cstr 3482 EXIST::FUNCTION: +STORE_list_crl_next 3483 EXIST::FUNCTION: +STORE_ATTR_INFO_in_range 3484 EXIST::FUNCTION: +ECParameters_print 3485 EXIST::FUNCTION:BIO,EC +STORE_method_set_delete_function 3486 EXIST:!VMS:FUNCTION: +STORE_meth_set_delete_fn 3486 EXIST:VMS:FUNCTION: +STORE_list_certificate_next 3487 EXIST::FUNCTION: +ASN1_generate_nconf 3488 EXIST::FUNCTION: +BUF_memdup 3489 EXIST::FUNCTION: +BN_GF2m_mod_mul 3490 EXIST::FUNCTION: +STORE_method_get_list_next_function 3491 EXIST:!VMS:FUNCTION: +STORE_meth_get_list_next_fn 3491 EXIST:VMS:FUNCTION: +STORE_ATTR_INFO_get0_dn 3492 EXIST::FUNCTION: +STORE_list_private_key_next 3493 EXIST::FUNCTION: +EC_GROUP_set_seed 3494 EXIST::FUNCTION:EC +X509_VERIFY_PARAM_set_trust 3495 EXIST::FUNCTION: +STORE_ATTR_INFO_free 3496 EXIST::FUNCTION: +STORE_get_private_key 3497 EXIST::FUNCTION: +EVP_PKEY_get_attr_count 3498 EXIST::FUNCTION: +STORE_ATTR_INFO_new 3499 EXIST::FUNCTION: +EC_GROUP_get_curve_GF2m 3500 EXIST::FUNCTION:EC +STORE_method_set_revoke_function 3501 EXIST:!VMS:FUNCTION: +STORE_meth_set_revoke_fn 3501 EXIST:VMS:FUNCTION: +STORE_store_number 3502 EXIST::FUNCTION: +BN_is_prime_ex 3503 EXIST::FUNCTION: +STORE_revoke_public_key 3504 EXIST::FUNCTION: +X509_STORE_CTX_get0_param 3505 EXIST::FUNCTION: +STORE_delete_arbitrary 3506 EXIST::FUNCTION: +PEM_read_X509_CERT_PAIR 3507 EXIST:!WIN16:FUNCTION: +X509_STORE_set_depth 3508 EXIST::FUNCTION: +ECDSA_get_ex_data 3509 EXIST::FUNCTION:ECDSA +SHA224 3510 EXIST::FUNCTION:SHA,SHA256 +BIO_dump_indent_fp 3511 EXIST::FUNCTION:FP_API +EC_KEY_set_group 3512 EXIST::FUNCTION:EC +BUF_strndup 3513 EXIST::FUNCTION: +STORE_list_certificate_start 3514 EXIST::FUNCTION: +BN_GF2m_mod 3515 EXIST::FUNCTION: +X509_REQ_check_private_key 3516 EXIST::FUNCTION: +EC_GROUP_get_seed_len 3517 EXIST::FUNCTION:EC +ERR_load_STORE_strings 3518 EXIST::FUNCTION: +PEM_read_bio_EC_PUBKEY 3519 EXIST::FUNCTION:EC +STORE_list_private_key_end 3520 EXIST::FUNCTION: +i2d_EC_PUBKEY 3521 EXIST::FUNCTION:EC +ECDSA_get_default_method 3522 EXIST::FUNCTION:ECDSA +ASN1_put_eoc 3523 EXIST::FUNCTION: +X509_STORE_CTX_get_explicit_policy 3524 EXIST:!VMS:FUNCTION: +X509_STORE_CTX_get_expl_policy 3524 EXIST:VMS:FUNCTION: +X509_VERIFY_PARAM_table_cleanup 3525 EXIST::FUNCTION: +STORE_modify_private_key 3526 EXIST::FUNCTION: +X509_VERIFY_PARAM_free 3527 EXIST::FUNCTION: +EC_METHOD_get_field_type 3528 EXIST::FUNCTION:EC +EC_GFp_nist_method 3529 EXIST::FUNCTION:EC +STORE_method_set_modify_function 3530 EXIST:!VMS:FUNCTION: +STORE_meth_set_modify_fn 3530 EXIST:VMS:FUNCTION: +STORE_parse_attrs_next 3531 EXIST::FUNCTION: +ENGINE_load_padlock 3532 EXIST::FUNCTION:ENGINE +EC_GROUP_set_curve_name 3533 EXIST::FUNCTION:EC +X509_CERT_PAIR_it 3534 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +X509_CERT_PAIR_it 3534 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +STORE_method_get_revoke_function 3535 EXIST:!VMS:FUNCTION: +STORE_meth_get_revoke_fn 3535 EXIST:VMS:FUNCTION: +STORE_method_set_get_function 3536 EXIST::FUNCTION: +STORE_modify_number 3537 EXIST::FUNCTION: +STORE_method_get_store_function 3538 EXIST::FUNCTION: +STORE_store_private_key 3539 EXIST::FUNCTION: +BN_GF2m_mod_sqr_arr 3540 EXIST::FUNCTION: +RSA_setup_blinding 3541 EXIST::FUNCTION:RSA +BIO_s_datagram 3542 EXIST::FUNCTION:DGRAM +STORE_Memory 3543 EXIST::FUNCTION: +sk_find_ex 3544 EXIST::FUNCTION: +EC_GROUP_set_curve_GF2m 3545 EXIST::FUNCTION:EC +ENGINE_set_default_ECDSA 3546 EXIST::FUNCTION:ENGINE +POLICY_CONSTRAINTS_new 3547 EXIST::FUNCTION: +BN_GF2m_mod_sqrt 3548 EXIST::FUNCTION: +ECDH_set_default_method 3549 EXIST::FUNCTION:ECDH +EC_KEY_generate_key 3550 EXIST::FUNCTION:EC +SHA384_Update 3551 EXIST::FUNCTION:SHA,SHA512 +BN_GF2m_arr2poly 3552 EXIST::FUNCTION: +STORE_method_get_get_function 3553 EXIST::FUNCTION: +STORE_method_set_cleanup_function 3554 EXIST:!VMS:FUNCTION: +STORE_meth_set_cleanup_fn 3554 EXIST:VMS:FUNCTION: +EC_GROUP_check 3555 EXIST::FUNCTION:EC +d2i_ECPrivateKey_bio 3556 EXIST::FUNCTION:BIO,EC +EC_KEY_insert_key_method_data 3557 EXIST::FUNCTION:EC +STORE_method_get_lock_store_function 3558 EXIST:!VMS:FUNCTION: +STORE_meth_get_lock_store_fn 3558 EXIST:VMS:FUNCTION: +X509_VERIFY_PARAM_get_depth 3559 EXIST::FUNCTION: +SHA224_Final 3560 EXIST::FUNCTION:SHA,SHA256 +STORE_method_set_update_store_function 3561 EXIST:!VMS:FUNCTION: +STORE_meth_set_update_store_fn 3561 EXIST:VMS:FUNCTION: +SHA224_Update 3562 EXIST::FUNCTION:SHA,SHA256 +d2i_ECPrivateKey 3563 EXIST::FUNCTION:EC +ASN1_item_ndef_i2d 3564 EXIST::FUNCTION: +STORE_delete_private_key 3565 EXIST::FUNCTION: +ERR_pop_to_mark 3566 EXIST::FUNCTION: +ENGINE_register_all_STORE 3567 EXIST::FUNCTION:ENGINE +X509_policy_level_get0_node 3568 EXIST::FUNCTION: +i2d_PKCS7_NDEF 3569 EXIST::FUNCTION: +EC_GROUP_get_degree 3570 EXIST::FUNCTION:EC +ASN1_generate_v3 3571 EXIST::FUNCTION: +STORE_ATTR_INFO_modify_cstr 3572 EXIST::FUNCTION: +X509_policy_tree_level_count 3573 EXIST::FUNCTION: +BN_GF2m_add 3574 EXIST::FUNCTION: +EC_KEY_get0_group 3575 EXIST::FUNCTION:EC +STORE_generate_crl 3576 EXIST::FUNCTION: +STORE_store_public_key 3577 EXIST::FUNCTION: +X509_CERT_PAIR_free 3578 EXIST::FUNCTION: +STORE_revoke_private_key 3579 EXIST::FUNCTION: +BN_nist_mod_224 3580 EXIST::FUNCTION: +SHA512_Final 3581 EXIST::FUNCTION:SHA,SHA512 +STORE_ATTR_INFO_modify_dn 3582 EXIST::FUNCTION: +STORE_method_get_initialise_function 3583 EXIST:!VMS:FUNCTION: +STORE_meth_get_initialise_fn 3583 EXIST:VMS:FUNCTION: +STORE_delete_number 3584 EXIST::FUNCTION: +i2d_EC_PUBKEY_bio 3585 EXIST::FUNCTION:BIO,EC +BIO_dgram_non_fatal_error 3586 EXIST::FUNCTION: +EC_GROUP_get_asn1_flag 3587 EXIST::FUNCTION:EC +STORE_ATTR_INFO_in_ex 3588 EXIST::FUNCTION: +STORE_list_crl_start 3589 EXIST::FUNCTION: +ECDH_get_ex_new_index 3590 EXIST::FUNCTION:ECDH +STORE_method_get_modify_function 3591 EXIST:!VMS:FUNCTION: +STORE_meth_get_modify_fn 3591 EXIST:VMS:FUNCTION: +v2i_ASN1_BIT_STRING 3592 EXIST::FUNCTION: +STORE_store_certificate 3593 EXIST::FUNCTION: +OBJ_bsearch_ex 3594 EXIST::FUNCTION: +X509_STORE_CTX_set_default 3595 EXIST::FUNCTION: +STORE_ATTR_INFO_set_sha1str 3596 EXIST::FUNCTION: +BN_GF2m_mod_inv 3597 EXIST::FUNCTION: +BN_GF2m_mod_exp 3598 EXIST::FUNCTION: +STORE_modify_public_key 3599 EXIST::FUNCTION: +STORE_method_get_list_start_function 3600 EXIST:!VMS:FUNCTION: +STORE_meth_get_list_start_fn 3600 EXIST:VMS:FUNCTION: +EC_GROUP_get0_seed 3601 EXIST::FUNCTION:EC +STORE_store_arbitrary 3602 EXIST::FUNCTION: +STORE_method_set_unlock_store_function 3603 EXIST:!VMS:FUNCTION: +STORE_meth_set_unlock_store_fn 3603 EXIST:VMS:FUNCTION: +BN_GF2m_mod_div_arr 3604 EXIST::FUNCTION: +ENGINE_set_ECDSA 3605 EXIST::FUNCTION:ENGINE +STORE_create_method 3606 EXIST::FUNCTION: +ECPKParameters_print 3607 EXIST::FUNCTION:BIO,EC +EC_KEY_get0_private_key 3608 EXIST::FUNCTION:EC +PEM_write_EC_PUBKEY 3609 EXIST:!WIN16:FUNCTION:EC +X509_VERIFY_PARAM_set1 3610 EXIST::FUNCTION: +ECDH_set_method 3611 EXIST::FUNCTION:ECDH +v2i_GENERAL_NAME_ex 3612 EXIST::FUNCTION: +ECDH_set_ex_data 3613 EXIST::FUNCTION:ECDH +STORE_generate_key 3614 EXIST::FUNCTION: +BN_nist_mod_521 3615 EXIST::FUNCTION: +X509_policy_tree_get0_level 3616 EXIST::FUNCTION: +EC_GROUP_set_point_conversion_form 3617 EXIST:!VMS:FUNCTION:EC +EC_GROUP_set_point_conv_form 3617 EXIST:VMS:FUNCTION:EC +PEM_read_EC_PUBKEY 3618 EXIST:!WIN16:FUNCTION:EC +i2d_ECDSA_SIG 3619 EXIST::FUNCTION:ECDSA +ECDSA_OpenSSL 3620 EXIST::FUNCTION:ECDSA +STORE_delete_crl 3621 EXIST::FUNCTION: +EC_KEY_get_enc_flags 3622 EXIST::FUNCTION:EC +ASN1_const_check_infinite_end 3623 EXIST::FUNCTION: +EVP_PKEY_delete_attr 3624 EXIST::FUNCTION: +ECDSA_set_default_method 3625 EXIST::FUNCTION:ECDSA +EC_POINT_set_compressed_coordinates_GF2m 3626 EXIST:!VMS:FUNCTION:EC +EC_POINT_set_compr_coords_GF2m 3626 EXIST:VMS:FUNCTION:EC +EC_GROUP_cmp 3627 EXIST::FUNCTION:EC +STORE_revoke_certificate 3628 EXIST::FUNCTION: +BN_get0_nist_prime_256 3629 EXIST::FUNCTION: +STORE_method_get_delete_function 3630 EXIST:!VMS:FUNCTION: +STORE_meth_get_delete_fn 3630 EXIST:VMS:FUNCTION: +SHA224_Init 3631 EXIST::FUNCTION:SHA,SHA256 +PEM_read_ECPrivateKey 3632 EXIST:!WIN16:FUNCTION:EC +SHA512_Init 3633 EXIST::FUNCTION:SHA,SHA512 +STORE_parse_attrs_endp 3634 EXIST::FUNCTION: +BN_set_negative 3635 EXIST::FUNCTION: +ERR_load_ECDSA_strings 3636 EXIST::FUNCTION:ECDSA +EC_GROUP_get_basis_type 3637 EXIST::FUNCTION:EC +STORE_list_public_key_next 3638 EXIST::FUNCTION: +i2v_ASN1_BIT_STRING 3639 EXIST::FUNCTION: +STORE_OBJECT_free 3640 EXIST::FUNCTION: +BN_nist_mod_384 3641 EXIST::FUNCTION: +i2d_X509_CERT_PAIR 3642 EXIST::FUNCTION: +PEM_write_ECPKParameters 3643 EXIST:!WIN16:FUNCTION:EC +ECDH_compute_key 3644 EXIST::FUNCTION:ECDH +STORE_ATTR_INFO_get0_sha1str 3645 EXIST::FUNCTION: +ENGINE_register_all_ECDH 3646 EXIST::FUNCTION:ENGINE +pqueue_pop 3647 EXIST::FUNCTION: +STORE_ATTR_INFO_get0_cstr 3648 EXIST::FUNCTION: +POLICY_CONSTRAINTS_it 3649 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +POLICY_CONSTRAINTS_it 3649 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +STORE_get_ex_new_index 3650 EXIST::FUNCTION: +EVP_PKEY_get_attr_by_OBJ 3651 EXIST::FUNCTION: +X509_VERIFY_PARAM_add0_policy 3652 EXIST::FUNCTION: +BN_GF2m_mod_solve_quad 3653 EXIST::FUNCTION: +SHA256 3654 EXIST::FUNCTION:SHA,SHA256 +i2d_ECPrivateKey_fp 3655 EXIST::FUNCTION:EC,FP_API +X509_policy_tree_get0_user_policies 3656 EXIST:!VMS:FUNCTION: +X509_pcy_tree_get0_usr_policies 3656 EXIST:VMS:FUNCTION: +OPENSSL_DIR_read 3657 EXIST::FUNCTION: +ENGINE_register_all_ECDSA 3658 EXIST::FUNCTION:ENGINE +X509_VERIFY_PARAM_lookup 3659 EXIST::FUNCTION: +EC_POINT_get_affine_coordinates_GF2m 3660 EXIST:!VMS:FUNCTION:EC +EC_POINT_get_affine_coords_GF2m 3660 EXIST:VMS:FUNCTION:EC +EC_GROUP_dup 3661 EXIST::FUNCTION:EC +ENGINE_get_default_ECDSA 3662 EXIST::FUNCTION:ENGINE +EC_KEY_new 3663 EXIST::FUNCTION:EC +SHA256_Transform 3664 EXIST::FUNCTION:SHA,SHA256 +EC_KEY_set_enc_flags 3665 EXIST::FUNCTION:EC +ECDSA_verify 3666 EXIST::FUNCTION:ECDSA +EC_POINT_point2hex 3667 EXIST::FUNCTION:EC +ENGINE_get_STORE 3668 EXIST::FUNCTION:ENGINE +SHA512 3669 EXIST::FUNCTION:SHA,SHA512 +STORE_get_certificate 3670 EXIST::FUNCTION: +ECDSA_do_sign_ex 3671 EXIST::FUNCTION:ECDSA +ECDSA_do_verify 3672 EXIST::FUNCTION:ECDSA +d2i_ECPrivateKey_fp 3673 EXIST::FUNCTION:EC,FP_API +STORE_delete_certificate 3674 EXIST::FUNCTION: +SHA512_Transform 3675 EXIST::FUNCTION:SHA,SHA512 +X509_STORE_set1_param 3676 EXIST::FUNCTION: +STORE_method_get_ctrl_function 3677 EXIST::FUNCTION: +STORE_free 3678 EXIST::FUNCTION: +PEM_write_ECPrivateKey 3679 EXIST:!WIN16:FUNCTION:EC +STORE_method_get_unlock_store_function 3680 EXIST:!VMS:FUNCTION: +STORE_meth_get_unlock_store_fn 3680 EXIST:VMS:FUNCTION: +STORE_get_ex_data 3681 EXIST::FUNCTION: +EC_KEY_set_public_key 3682 EXIST::FUNCTION:EC +PEM_read_ECPKParameters 3683 EXIST:!WIN16:FUNCTION:EC +X509_CERT_PAIR_new 3684 EXIST::FUNCTION: +ENGINE_register_STORE 3685 EXIST::FUNCTION:ENGINE +RSA_generate_key_ex 3686 EXIST::FUNCTION:RSA +DSA_generate_parameters_ex 3687 EXIST::FUNCTION:DSA +ECParameters_print_fp 3688 EXIST::FUNCTION:EC,FP_API +X509V3_NAME_from_section 3689 EXIST::FUNCTION: +EVP_PKEY_add1_attr 3690 EXIST::FUNCTION: +STORE_modify_crl 3691 EXIST::FUNCTION: +STORE_list_private_key_start 3692 EXIST::FUNCTION: +POLICY_MAPPINGS_it 3693 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +POLICY_MAPPINGS_it 3693 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +GENERAL_SUBTREE_it 3694 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +GENERAL_SUBTREE_it 3694 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +EC_GROUP_get_curve_name 3695 EXIST::FUNCTION:EC +PEM_write_X509_CERT_PAIR 3696 EXIST:!WIN16:FUNCTION: +BIO_dump_indent_cb 3697 EXIST::FUNCTION: +d2i_X509_CERT_PAIR 3698 EXIST::FUNCTION: +STORE_list_private_key_endp 3699 EXIST::FUNCTION: +asn1_const_Finish 3700 EXIST::FUNCTION: +i2d_EC_PUBKEY_fp 3701 EXIST::FUNCTION:EC,FP_API +BN_nist_mod_256 3702 EXIST::FUNCTION: +X509_VERIFY_PARAM_add0_table 3703 EXIST::FUNCTION: +pqueue_free 3704 EXIST::FUNCTION: +BN_BLINDING_create_param 3705 EXIST::FUNCTION: +ECDSA_size 3706 EXIST::FUNCTION:ECDSA +d2i_EC_PUBKEY_bio 3707 EXIST::FUNCTION:BIO,EC +BN_get0_nist_prime_521 3708 EXIST::FUNCTION: +STORE_ATTR_INFO_modify_sha1str 3709 EXIST::FUNCTION: +BN_generate_prime_ex 3710 EXIST::FUNCTION: +EC_GROUP_new_by_curve_name 3711 EXIST::FUNCTION:EC +SHA256_Final 3712 EXIST::FUNCTION:SHA,SHA256 +DH_generate_parameters_ex 3713 EXIST::FUNCTION:DH +PEM_read_bio_ECPrivateKey 3714 EXIST::FUNCTION:EC +STORE_method_get_cleanup_function 3715 EXIST:!VMS:FUNCTION: +STORE_meth_get_cleanup_fn 3715 EXIST:VMS:FUNCTION: +ENGINE_get_ECDH 3716 EXIST::FUNCTION:ENGINE +d2i_ECDSA_SIG 3717 EXIST::FUNCTION:ECDSA +BN_is_prime_fasttest_ex 3718 EXIST::FUNCTION: +ECDSA_sign 3719 EXIST::FUNCTION:ECDSA +X509_policy_check 3720 EXIST::FUNCTION: +EVP_PKEY_get_attr_by_NID 3721 EXIST::FUNCTION: +STORE_set_ex_data 3722 EXIST::FUNCTION: +ENGINE_get_ECDSA 3723 EXIST::FUNCTION:ENGINE +EVP_ecdsa 3724 EXIST::FUNCTION:SHA +BN_BLINDING_get_flags 3725 EXIST::FUNCTION: +PKCS12_add_cert 3726 EXIST::FUNCTION: +STORE_OBJECT_new 3727 EXIST::FUNCTION: +ERR_load_ECDH_strings 3728 EXIST::FUNCTION:ECDH +EC_KEY_dup 3729 EXIST::FUNCTION:EC +EVP_CIPHER_CTX_rand_key 3730 EXIST::FUNCTION: +ECDSA_set_method 3731 EXIST::FUNCTION:ECDSA +a2i_IPADDRESS_NC 3732 EXIST::FUNCTION: +d2i_ECParameters 3733 EXIST::FUNCTION:EC +STORE_list_certificate_end 3734 EXIST::FUNCTION: +STORE_get_crl 3735 EXIST::FUNCTION: +X509_POLICY_NODE_print 3736 EXIST::FUNCTION: +SHA384_Init 3737 EXIST::FUNCTION:SHA,SHA512 +EC_GF2m_simple_method 3738 EXIST::FUNCTION:EC +ECDSA_set_ex_data 3739 EXIST::FUNCTION:ECDSA +SHA384_Final 3740 EXIST::FUNCTION:SHA,SHA512 +PKCS7_set_digest 3741 EXIST::FUNCTION: +EC_KEY_print 3742 EXIST::FUNCTION:BIO,EC +STORE_method_set_lock_store_function 3743 EXIST:!VMS:FUNCTION: +STORE_meth_set_lock_store_fn 3743 EXIST:VMS:FUNCTION: +ECDSA_get_ex_new_index 3744 EXIST::FUNCTION:ECDSA +SHA384 3745 EXIST::FUNCTION:SHA,SHA512 +POLICY_MAPPING_new 3746 EXIST::FUNCTION: +STORE_list_certificate_endp 3747 EXIST::FUNCTION: +X509_STORE_CTX_get0_policy_tree 3748 EXIST::FUNCTION: +EC_GROUP_set_asn1_flag 3749 EXIST::FUNCTION:EC +EC_KEY_check_key 3750 EXIST::FUNCTION:EC +d2i_EC_PUBKEY_fp 3751 EXIST::FUNCTION:EC,FP_API +PKCS7_set0_type_other 3752 EXIST::FUNCTION: +PEM_read_bio_X509_CERT_PAIR 3753 EXIST::FUNCTION: +pqueue_next 3754 EXIST::FUNCTION: +STORE_method_get_list_end_function 3755 EXIST:!VMS:FUNCTION: +STORE_meth_get_list_end_fn 3755 EXIST:VMS:FUNCTION: +EVP_PKEY_add1_attr_by_OBJ 3756 EXIST::FUNCTION: +X509_VERIFY_PARAM_set_time 3757 EXIST::FUNCTION: +pqueue_new 3758 EXIST::FUNCTION: +ENGINE_set_default_ECDH 3759 EXIST::FUNCTION:ENGINE +STORE_new_method 3760 EXIST::FUNCTION: +PKCS12_add_key 3761 EXIST::FUNCTION: +DSO_merge 3762 EXIST::FUNCTION: +EC_POINT_hex2point 3763 EXIST::FUNCTION:EC +BIO_dump_cb 3764 EXIST::FUNCTION: +SHA256_Update 3765 EXIST::FUNCTION:SHA,SHA256 +pqueue_insert 3766 EXIST::FUNCTION: +pitem_free 3767 EXIST::FUNCTION: +BN_GF2m_mod_inv_arr 3768 EXIST::FUNCTION: +ENGINE_unregister_ECDSA 3769 EXIST::FUNCTION:ENGINE +BN_BLINDING_set_thread_id 3770 EXIST::FUNCTION: +get_rfc3526_prime_8192 3771 EXIST::FUNCTION: +X509_VERIFY_PARAM_clear_flags 3772 EXIST::FUNCTION: +get_rfc2409_prime_1024 3773 EXIST::FUNCTION: +DH_check_pub_key 3774 EXIST::FUNCTION:DH +get_rfc3526_prime_2048 3775 EXIST::FUNCTION: +get_rfc3526_prime_6144 3776 EXIST::FUNCTION: +get_rfc3526_prime_1536 3777 EXIST::FUNCTION: +get_rfc3526_prime_3072 3778 EXIST::FUNCTION: +get_rfc3526_prime_4096 3779 EXIST::FUNCTION: +get_rfc2409_prime_768 3780 EXIST::FUNCTION: +X509_VERIFY_PARAM_get_flags 3781 EXIST::FUNCTION: +EVP_CIPHER_CTX_new 3782 EXIST::FUNCTION: +EVP_CIPHER_CTX_free 3783 EXIST::FUNCTION: +Camellia_cbc_encrypt 3784 EXIST::FUNCTION:CAMELLIA +Camellia_cfb128_encrypt 3785 EXIST::FUNCTION:CAMELLIA +Camellia_cfb1_encrypt 3786 EXIST::FUNCTION:CAMELLIA +Camellia_cfb8_encrypt 3787 EXIST::FUNCTION:CAMELLIA +Camellia_ctr128_encrypt 3788 EXIST::FUNCTION:CAMELLIA +Camellia_cfbr_encrypt_block 3789 EXIST::FUNCTION:CAMELLIA +Camellia_decrypt 3790 EXIST::FUNCTION:CAMELLIA +Camellia_ecb_encrypt 3791 EXIST::FUNCTION:CAMELLIA +Camellia_encrypt 3792 EXIST::FUNCTION:CAMELLIA +Camellia_ofb128_encrypt 3793 EXIST::FUNCTION:CAMELLIA +Camellia_set_key 3794 EXIST::FUNCTION:CAMELLIA +EVP_camellia_128_cbc 3795 EXIST::FUNCTION:CAMELLIA +EVP_camellia_128_cfb128 3796 EXIST::FUNCTION:CAMELLIA +EVP_camellia_128_cfb1 3797 EXIST::FUNCTION:CAMELLIA +EVP_camellia_128_cfb8 3798 EXIST::FUNCTION:CAMELLIA +EVP_camellia_128_ecb 3799 EXIST::FUNCTION:CAMELLIA +EVP_camellia_128_ofb 3800 EXIST::FUNCTION:CAMELLIA +EVP_camellia_192_cbc 3801 EXIST::FUNCTION:CAMELLIA +EVP_camellia_192_cfb128 3802 EXIST::FUNCTION:CAMELLIA +EVP_camellia_192_cfb1 3803 EXIST::FUNCTION:CAMELLIA +EVP_camellia_192_cfb8 3804 EXIST::FUNCTION:CAMELLIA +EVP_camellia_192_ecb 3805 EXIST::FUNCTION:CAMELLIA +EVP_camellia_192_ofb 3806 EXIST::FUNCTION:CAMELLIA +EVP_camellia_256_cbc 3807 EXIST::FUNCTION:CAMELLIA +EVP_camellia_256_cfb128 3808 EXIST::FUNCTION:CAMELLIA +EVP_camellia_256_cfb1 3809 EXIST::FUNCTION:CAMELLIA +EVP_camellia_256_cfb8 3810 EXIST::FUNCTION:CAMELLIA +EVP_camellia_256_ecb 3811 EXIST::FUNCTION:CAMELLIA +EVP_camellia_256_ofb 3812 EXIST::FUNCTION:CAMELLIA +a2i_ipadd 3813 EXIST::FUNCTION: +ASIdentifiers_free 3814 EXIST::FUNCTION:RFC3779 +i2d_ASIdOrRange 3815 EXIST::FUNCTION:RFC3779 +EVP_CIPHER_block_size 3816 EXIST::FUNCTION: +v3_asid_is_canonical 3817 EXIST::FUNCTION:RFC3779 +IPAddressChoice_free 3818 EXIST::FUNCTION:RFC3779 +EVP_CIPHER_CTX_set_app_data 3819 EXIST::FUNCTION: +BIO_set_callback_arg 3820 EXIST::FUNCTION: +v3_addr_add_prefix 3821 EXIST::FUNCTION:RFC3779 +IPAddressOrRange_it 3822 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:RFC3779 +IPAddressOrRange_it 3822 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:RFC3779 +BIO_set_flags 3823 EXIST::FUNCTION: +ASIdentifiers_it 3824 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:RFC3779 +ASIdentifiers_it 3824 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:RFC3779 +v3_addr_get_range 3825 EXIST::FUNCTION:RFC3779 +BIO_method_type 3826 EXIST::FUNCTION: +v3_addr_inherits 3827 EXIST::FUNCTION:RFC3779 +IPAddressChoice_it 3828 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:RFC3779 +IPAddressChoice_it 3828 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:RFC3779 +AES_ige_encrypt 3829 EXIST::FUNCTION:AES +v3_addr_add_range 3830 EXIST::FUNCTION:RFC3779 +EVP_CIPHER_CTX_nid 3831 EXIST::FUNCTION: +d2i_ASRange 3832 EXIST::FUNCTION:RFC3779 +v3_addr_add_inherit 3833 EXIST::FUNCTION:RFC3779 +v3_asid_add_id_or_range 3834 EXIST::FUNCTION:RFC3779 +v3_addr_validate_resource_set 3835 EXIST::FUNCTION:RFC3779 +EVP_CIPHER_iv_length 3836 EXIST::FUNCTION: +EVP_MD_type 3837 EXIST::FUNCTION: +v3_asid_canonize 3838 EXIST::FUNCTION:RFC3779 +IPAddressRange_free 3839 EXIST::FUNCTION:RFC3779 +v3_asid_add_inherit 3840 EXIST::FUNCTION:RFC3779 +EVP_CIPHER_CTX_key_length 3841 EXIST::FUNCTION: +IPAddressRange_new 3842 EXIST::FUNCTION:RFC3779 +ASIdOrRange_new 3843 EXIST::FUNCTION:RFC3779 +EVP_MD_size 3844 EXIST::FUNCTION: +EVP_MD_CTX_test_flags 3845 EXIST::FUNCTION: +BIO_clear_flags 3846 EXIST::FUNCTION: +i2d_ASRange 3847 EXIST::FUNCTION:RFC3779 +IPAddressRange_it 3848 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:RFC3779 +IPAddressRange_it 3848 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:RFC3779 +IPAddressChoice_new 3849 EXIST::FUNCTION:RFC3779 +ASIdentifierChoice_new 3850 EXIST::FUNCTION:RFC3779 +ASRange_free 3851 EXIST::FUNCTION:RFC3779 +EVP_MD_pkey_type 3852 EXIST::FUNCTION: +EVP_MD_CTX_clear_flags 3853 EXIST::FUNCTION: +IPAddressFamily_free 3854 EXIST::FUNCTION:RFC3779 +i2d_IPAddressFamily 3855 EXIST::FUNCTION:RFC3779 +IPAddressOrRange_new 3856 EXIST::FUNCTION:RFC3779 +EVP_CIPHER_flags 3857 EXIST::FUNCTION: +v3_asid_validate_resource_set 3858 EXIST::FUNCTION:RFC3779 +d2i_IPAddressRange 3859 EXIST::FUNCTION:RFC3779 +AES_bi_ige_encrypt 3860 EXIST::FUNCTION:AES +BIO_get_callback 3861 EXIST::FUNCTION: +IPAddressOrRange_free 3862 EXIST::FUNCTION:RFC3779 +v3_addr_subset 3863 EXIST::FUNCTION:RFC3779 +d2i_IPAddressFamily 3864 EXIST::FUNCTION:RFC3779 +v3_asid_subset 3865 EXIST::FUNCTION:RFC3779 +BIO_test_flags 3866 EXIST::FUNCTION: +i2d_ASIdentifierChoice 3867 EXIST::FUNCTION:RFC3779 +ASRange_it 3868 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:RFC3779 +ASRange_it 3868 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:RFC3779 +d2i_ASIdentifiers 3869 EXIST::FUNCTION:RFC3779 +ASRange_new 3870 EXIST::FUNCTION:RFC3779 +d2i_IPAddressChoice 3871 EXIST::FUNCTION:RFC3779 +v3_addr_get_afi 3872 EXIST::FUNCTION:RFC3779 +EVP_CIPHER_key_length 3873 EXIST::FUNCTION: +EVP_Cipher 3874 EXIST::FUNCTION: +i2d_IPAddressOrRange 3875 EXIST::FUNCTION:RFC3779 +ASIdOrRange_it 3876 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:RFC3779 +ASIdOrRange_it 3876 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:RFC3779 +EVP_CIPHER_nid 3877 EXIST::FUNCTION: +i2d_IPAddressChoice 3878 EXIST::FUNCTION:RFC3779 +EVP_CIPHER_CTX_block_size 3879 EXIST::FUNCTION: +ASIdentifiers_new 3880 EXIST::FUNCTION:RFC3779 +v3_addr_validate_path 3881 EXIST::FUNCTION:RFC3779 +IPAddressFamily_new 3882 EXIST::FUNCTION:RFC3779 +EVP_MD_CTX_set_flags 3883 EXIST::FUNCTION: +v3_addr_is_canonical 3884 EXIST::FUNCTION:RFC3779 +i2d_IPAddressRange 3885 EXIST::FUNCTION:RFC3779 +IPAddressFamily_it 3886 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:RFC3779 +IPAddressFamily_it 3886 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:RFC3779 +v3_asid_inherits 3887 EXIST::FUNCTION:RFC3779 +EVP_CIPHER_CTX_cipher 3888 EXIST::FUNCTION: +EVP_CIPHER_CTX_get_app_data 3889 EXIST::FUNCTION: +EVP_MD_block_size 3890 EXIST::FUNCTION: +EVP_CIPHER_CTX_flags 3891 EXIST::FUNCTION: +v3_asid_validate_path 3892 EXIST::FUNCTION:RFC3779 +d2i_IPAddressOrRange 3893 EXIST::FUNCTION:RFC3779 +v3_addr_canonize 3894 EXIST::FUNCTION:RFC3779 +ASIdentifierChoice_it 3895 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:RFC3779 +ASIdentifierChoice_it 3895 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:RFC3779 +EVP_MD_CTX_md 3896 EXIST::FUNCTION: +d2i_ASIdentifierChoice 3897 EXIST::FUNCTION:RFC3779 +BIO_method_name 3898 EXIST::FUNCTION: +EVP_CIPHER_CTX_iv_length 3899 EXIST::FUNCTION: +ASIdOrRange_free 3900 EXIST::FUNCTION:RFC3779 +ASIdentifierChoice_free 3901 EXIST::FUNCTION:RFC3779 +BIO_get_callback_arg 3902 EXIST::FUNCTION: +BIO_set_callback 3903 EXIST::FUNCTION: +d2i_ASIdOrRange 3904 EXIST::FUNCTION:RFC3779 +i2d_ASIdentifiers 3905 EXIST::FUNCTION:RFC3779 +SEED_decrypt 3908 EXIST::FUNCTION:SEED +SEED_encrypt 3909 EXIST::FUNCTION:SEED +SEED_cbc_encrypt 3910 EXIST::FUNCTION:SEED +EVP_seed_ofb 3911 EXIST::FUNCTION:SEED +SEED_cfb128_encrypt 3912 EXIST::FUNCTION:SEED +SEED_ofb128_encrypt 3913 EXIST::FUNCTION:SEED +EVP_seed_cbc 3914 EXIST::FUNCTION:SEED +SEED_ecb_encrypt 3915 EXIST::FUNCTION:SEED +EVP_seed_ecb 3916 EXIST::FUNCTION:SEED +SEED_set_key 3917 EXIST::FUNCTION:SEED +EVP_seed_cfb128 3918 EXIST::FUNCTION:SEED +X509_EXTENSIONS_it 3919 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +X509_EXTENSIONS_it 3919 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +X509_get1_ocsp 3920 EXIST::FUNCTION: +OCSP_REQ_CTX_free 3921 EXIST::FUNCTION: +i2d_X509_EXTENSIONS 3922 EXIST::FUNCTION: +OCSP_sendreq_nbio 3923 EXIST::FUNCTION: +OCSP_sendreq_new 3924 EXIST::FUNCTION: +d2i_X509_EXTENSIONS 3925 EXIST::FUNCTION: +X509_ALGORS_it 3926 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +X509_ALGORS_it 3926 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +X509_ALGOR_get0 3927 EXIST::FUNCTION: +X509_ALGOR_set0 3928 EXIST::FUNCTION: +AES_unwrap_key 3929 EXIST::FUNCTION:AES +AES_wrap_key 3930 EXIST::FUNCTION:AES +X509at_get0_data_by_OBJ 3931 EXIST::FUNCTION: +ASN1_TYPE_set1 3932 EXIST::FUNCTION: +ASN1_STRING_set0 3933 EXIST::FUNCTION: +i2d_X509_ALGORS 3934 EXIST::FUNCTION: +BIO_f_zlib 3935 EXIST:ZLIB:FUNCTION: +COMP_zlib_cleanup 3936 EXIST::FUNCTION: +d2i_X509_ALGORS 3937 EXIST::FUNCTION: +CMS_ReceiptRequest_free 3938 EXIST::FUNCTION:CMS +PEM_write_CMS 3939 EXIST:!WIN16:FUNCTION:CMS +CMS_add0_CertificateChoices 3940 EXIST::FUNCTION:CMS +CMS_unsigned_add1_attr_by_OBJ 3941 EXIST::FUNCTION:CMS +ERR_load_CMS_strings 3942 EXIST::FUNCTION:CMS +CMS_sign_receipt 3943 EXIST::FUNCTION:CMS +i2d_CMS_ContentInfo 3944 EXIST::FUNCTION:CMS +CMS_signed_delete_attr 3945 EXIST::FUNCTION:CMS +d2i_CMS_bio 3946 EXIST::FUNCTION:CMS +CMS_unsigned_get_attr_by_NID 3947 EXIST::FUNCTION:CMS +CMS_verify 3948 EXIST::FUNCTION:CMS +SMIME_read_CMS 3949 EXIST::FUNCTION:CMS +CMS_decrypt_set1_key 3950 EXIST::FUNCTION:CMS +CMS_SignerInfo_get0_algs 3951 EXIST::FUNCTION:CMS +CMS_add1_cert 3952 EXIST::FUNCTION:CMS +CMS_set_detached 3953 EXIST::FUNCTION:CMS +CMS_encrypt 3954 EXIST::FUNCTION:CMS +CMS_EnvelopedData_create 3955 EXIST::FUNCTION:CMS +CMS_uncompress 3956 EXIST::FUNCTION:CMS +CMS_add0_crl 3957 EXIST::FUNCTION:CMS +CMS_SignerInfo_verify_content 3958 EXIST::FUNCTION:CMS +CMS_unsigned_get0_data_by_OBJ 3959 EXIST::FUNCTION:CMS +PEM_write_bio_CMS 3960 EXIST::FUNCTION:CMS +CMS_unsigned_get_attr 3961 EXIST::FUNCTION:CMS +CMS_RecipientInfo_ktri_cert_cmp 3962 EXIST::FUNCTION:CMS +CMS_RecipientInfo_ktri_get0_algs 3963 EXIST:!VMS:FUNCTION:CMS +CMS_RecipInfo_ktri_get0_algs 3963 EXIST:VMS:FUNCTION:CMS +CMS_ContentInfo_free 3964 EXIST::FUNCTION:CMS +CMS_final 3965 EXIST::FUNCTION:CMS +CMS_add_simple_smimecap 3966 EXIST::FUNCTION:CMS +CMS_SignerInfo_verify 3967 EXIST::FUNCTION:CMS +CMS_data 3968 EXIST::FUNCTION:CMS +CMS_ContentInfo_it 3969 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:CMS +CMS_ContentInfo_it 3969 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:CMS +d2i_CMS_ReceiptRequest 3970 EXIST::FUNCTION:CMS +CMS_compress 3971 EXIST::FUNCTION:CMS +CMS_digest_create 3972 EXIST::FUNCTION:CMS +CMS_SignerInfo_cert_cmp 3973 EXIST::FUNCTION:CMS +CMS_SignerInfo_sign 3974 EXIST::FUNCTION:CMS +CMS_data_create 3975 EXIST::FUNCTION:CMS +i2d_CMS_bio 3976 EXIST::FUNCTION:CMS +CMS_EncryptedData_set1_key 3977 EXIST::FUNCTION:CMS +CMS_decrypt 3978 EXIST::FUNCTION:CMS +int_smime_write_ASN1 3979 EXIST::FUNCTION: +CMS_unsigned_delete_attr 3980 EXIST::FUNCTION:CMS +CMS_unsigned_get_attr_count 3981 EXIST::FUNCTION:CMS +CMS_add_smimecap 3982 EXIST::FUNCTION:CMS +PEM_read_CMS 3983 EXIST:!WIN16:FUNCTION:CMS +CMS_signed_get_attr_by_OBJ 3984 EXIST::FUNCTION:CMS +d2i_CMS_ContentInfo 3985 EXIST::FUNCTION:CMS +CMS_add_standard_smimecap 3986 EXIST::FUNCTION:CMS +CMS_ContentInfo_new 3987 EXIST::FUNCTION:CMS +CMS_RecipientInfo_type 3988 EXIST::FUNCTION:CMS +CMS_get0_type 3989 EXIST::FUNCTION:CMS +CMS_is_detached 3990 EXIST::FUNCTION:CMS +CMS_sign 3991 EXIST::FUNCTION:CMS +CMS_signed_add1_attr 3992 EXIST::FUNCTION:CMS +CMS_unsigned_get_attr_by_OBJ 3993 EXIST::FUNCTION:CMS +SMIME_write_CMS 3994 EXIST::FUNCTION:CMS +CMS_EncryptedData_decrypt 3995 EXIST::FUNCTION:CMS +CMS_get0_RecipientInfos 3996 EXIST::FUNCTION:CMS +CMS_add0_RevocationInfoChoice 3997 EXIST::FUNCTION:CMS +CMS_decrypt_set1_pkey 3998 EXIST::FUNCTION:CMS +CMS_SignerInfo_set1_signer_cert 3999 EXIST::FUNCTION:CMS +CMS_get0_signers 4000 EXIST::FUNCTION:CMS +CMS_ReceiptRequest_get0_values 4001 EXIST::FUNCTION:CMS +CMS_signed_get0_data_by_OBJ 4002 EXIST::FUNCTION:CMS +CMS_get0_SignerInfos 4003 EXIST::FUNCTION:CMS +CMS_add0_cert 4004 EXIST::FUNCTION:CMS +CMS_EncryptedData_encrypt 4005 EXIST::FUNCTION:CMS +CMS_digest_verify 4006 EXIST::FUNCTION:CMS +CMS_set1_signers_certs 4007 EXIST::FUNCTION:CMS +CMS_signed_get_attr 4008 EXIST::FUNCTION:CMS +CMS_RecipientInfo_set0_key 4009 EXIST::FUNCTION:CMS +CMS_SignedData_init 4010 EXIST::FUNCTION:CMS +CMS_RecipientInfo_kekri_get0_id 4011 EXIST::FUNCTION:CMS +CMS_verify_receipt 4012 EXIST::FUNCTION:CMS +CMS_ReceiptRequest_it 4013 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:CMS +CMS_ReceiptRequest_it 4013 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:CMS +PEM_read_bio_CMS 4014 EXIST::FUNCTION:CMS +CMS_get1_crls 4015 EXIST::FUNCTION:CMS +CMS_add0_recipient_key 4016 EXIST::FUNCTION:CMS +SMIME_read_ASN1 4017 EXIST::FUNCTION: +CMS_ReceiptRequest_new 4018 EXIST::FUNCTION:CMS +CMS_get0_content 4019 EXIST::FUNCTION:CMS +CMS_get1_ReceiptRequest 4020 EXIST::FUNCTION:CMS +CMS_signed_add1_attr_by_OBJ 4021 EXIST::FUNCTION:CMS +CMS_RecipientInfo_kekri_id_cmp 4022 EXIST::FUNCTION:CMS +CMS_add1_ReceiptRequest 4023 EXIST::FUNCTION:CMS +CMS_SignerInfo_get0_signer_id 4024 EXIST::FUNCTION:CMS +CMS_unsigned_add1_attr_by_NID 4025 EXIST::FUNCTION:CMS +CMS_unsigned_add1_attr 4026 EXIST::FUNCTION:CMS +CMS_signed_get_attr_by_NID 4027 EXIST::FUNCTION:CMS +CMS_get1_certs 4028 EXIST::FUNCTION:CMS +CMS_signed_add1_attr_by_NID 4029 EXIST::FUNCTION:CMS +CMS_unsigned_add1_attr_by_txt 4030 EXIST::FUNCTION:CMS +CMS_dataFinal 4031 EXIST::FUNCTION:CMS +CMS_RecipientInfo_ktri_get0_signer_id 4032 EXIST:!VMS:FUNCTION:CMS +CMS_RecipInfo_ktri_get0_sigr_id 4032 EXIST:VMS:FUNCTION:CMS +i2d_CMS_ReceiptRequest 4033 EXIST::FUNCTION:CMS +CMS_add1_recipient_cert 4034 EXIST::FUNCTION:CMS +CMS_dataInit 4035 EXIST::FUNCTION:CMS +CMS_signed_add1_attr_by_txt 4036 EXIST::FUNCTION:CMS +CMS_RecipientInfo_decrypt 4037 EXIST::FUNCTION:CMS +CMS_signed_get_attr_count 4038 EXIST::FUNCTION:CMS +CMS_get0_eContentType 4039 EXIST::FUNCTION:CMS +CMS_set1_eContentType 4040 EXIST::FUNCTION:CMS +CMS_ReceiptRequest_create0 4041 EXIST::FUNCTION:CMS +CMS_add1_signer 4042 EXIST::FUNCTION:CMS +CMS_RecipientInfo_set0_pkey 4043 EXIST::FUNCTION:CMS diff --git a/src/lib/libcrypto/util/mk1mf.pl b/src/lib/libcrypto/util/mk1mf.pl index 05a6086164..1ac5fd3a50 100644 --- a/src/lib/libcrypto/util/mk1mf.pl +++ b/src/lib/libcrypto/util/mk1mf.pl @@ -10,19 +10,11 @@ $OPTIONS=""; $ssl_version=""; $banner="\t\@echo Building OpenSSL"; +my $no_static_engine = 0; +my $engines = ""; local $zlib_opt = 0; # 0 = no zlib, 1 = static, 2 = dynamic local $zlib_lib = ""; -my $fips_canister_path = ""; -my $fips_premain_dso_exe_path = ""; -my $fips_premain_c_path = ""; -my $fips_sha1_exe_path = ""; - -my $fipslibdir = ""; -my $baseaddr = ""; - -my $ex_l_libs = ""; - open(IN,") { @@ -38,22 +30,21 @@ $infile="MINFO"; %ops=( "VC-WIN32", "Microsoft Visual C++ [4-6] - Windows NT or 9X", - "VC-WIN32-GMAKE", "Microsoft Visual C++ [4-6] - Windows NT or 9X, GNU make", + "VC-WIN64I", "Microsoft C/C++ - Win64/IA-64", + "VC-WIN64A", "Microsoft C/C++ - Win64/x64", "VC-CE", "Microsoft eMbedded Visual C++ 3.0 - Windows CE ONLY", "VC-NT", "Microsoft Visual C++ [4-6] - Windows NT ONLY", - "VC-W31-16", "Microsoft Visual C++ 1.52 - Windows 3.1 - 286", - "VC-WIN16", "Alias for VC-W31-32", - "VC-W31-32", "Microsoft Visual C++ 1.52 - Windows 3.1 - 386+", - "VC-MSDOS","Microsoft Visual C++ 1.52 - MSDOS", "Mingw32", "GNU C++ - Windows NT or 9x", "Mingw32-files", "Create files with DOS copy ...", "BC-NT", "Borland C++ 4.5 - Windows NT", - "BC-W31", "Borland C++ 4.5 - Windows 3.1 - PROBABLY NOT WORKING", - "BC-MSDOS","Borland C++ 4.5 - MSDOS", "linux-elf","Linux elf", "ultrix-mips","DEC mips ultrix", "FreeBSD","FreeBSD distribution", "OS2-EMX", "EMX GCC OS/2", + "netware-clib", "CodeWarrior for NetWare - CLib - with WinSock Sockets", + "netware-clib-bsdsock", "CodeWarrior for NetWare - CLib - with BSD Sockets", + "netware-libc", "CodeWarrior for NetWare - LibC - with WinSock Sockets", + "netware-libc-bsdsock", "CodeWarrior for NetWare - LibC - with BSD Sockets", "default","cc under unix", ); @@ -73,16 +64,20 @@ and [options] can be one of no-md2 no-md4 no-md5 no-sha no-mdc2 - Skip this digest no-ripemd no-rc2 no-rc4 no-rc5 no-idea no-des - Skip this symetric cipher - no-bf no-cast no-aes + no-bf no-cast no-aes no-camellia no-seed no-rsa no-dsa no-dh - Skip this public key cipher no-ssl2 no-ssl3 - Skip this version of SSL just-ssl - remove all non-ssl keys/digest no-asm - No x86 asm no-krb5 - No KRB5 no-ec - No EC + no-ecdsa - No ECDSA + no-ecdh - No ECDH no-engine - No engine no-hw - No hw nasm - Use NASM for x86 asm + nw-nasm - Use NASM x86 asm for NetWare + nw-mwasm - Use Metrowerks x86 asm for NetWare gaswin - Use GNU as with Mingw32 no-socks - No socket code no-err - No error strings @@ -107,6 +102,8 @@ foreach (grep(!/^$/, split(/ /, $OPTIONS))) print STDERR "unknown option - $_\n" if !&read_options; } +$no_static_engine = 0 if (!$shlib); + $no_mdc2=1 if ($no_des); $no_ssl3=1 if ($no_md5 || $no_sha); @@ -119,13 +116,10 @@ $out_def="out"; $inc_def="outinc"; $tmp_def="tmp"; -$mkdir="-mkdir"; -$mkcanister="ld -r -o"; - -$ex_build_targets = ""; +$perl="perl" unless defined $perl; +$mkdir="-mkdir" unless defined $mkdir; ($ssl,$crypto)=("ssl","crypto"); -$cryptocompat = ""; $ranlib="echo ranlib"; $cc=(defined($VARS{'CC'}))?$VARS{'CC'}:'cc'; @@ -134,40 +128,16 @@ $bin_dir=(defined($VARS{'BIN'}))?$VARS{'BIN'}:''; # $bin_dir.=$o causes a core dump on my sparc :-( + $NT=0; push(@INC,"util/pl","pl"); -if ($platform eq "VC-MSDOS") - { - $asmbits=16; - $msdos=1; - require 'VC-16.pl'; - } -elsif ($platform eq "VC-W31-16") +if (($platform =~ /VC-(.+)/)) { - $asmbits=16; - $msdos=1; $win16=1; - require 'VC-16.pl'; - } -elsif (($platform eq "VC-W31-32") || ($platform eq "VC-WIN16")) - { - $asmbits=32; - $msdos=1; $win16=1; - require 'VC-16.pl'; - } -elsif (($platform eq "VC-WIN32") || ($platform eq "VC-NT")) - { - $NT = 1 if $platform eq "VC-NT"; + $FLAVOR=$1; + $NT = 1 if $1 eq "NT"; require 'VC-32.pl'; } -elsif ($platform eq "VC-WIN32-GMAKE") - { - require 'VC-32-GMAKE.pl'; - } -elsif ($platform eq "VC-CE") - { - require 'VC-CE.pl'; - } elsif ($platform eq "Mingw32") { require 'Mingw32.pl'; @@ -181,23 +151,6 @@ elsif ($platform eq "BC-NT") $bc=1; require 'BC-32.pl'; } -elsif ($platform eq "BC-W31") - { - $bc=1; - $msdos=1; $w16=1; - require 'BC-16.pl'; - } -elsif ($platform eq "BC-Q16") - { - $msdos=1; $w16=1; $shlib=0; $qw=1; - require 'BC-16.pl'; - } -elsif ($platform eq "BC-MSDOS") - { - $asmbits=16; - $msdos=1; - require 'BC-16.pl'; - } elsif ($platform eq "FreeBSD") { require 'unix.pl'; @@ -220,6 +173,13 @@ elsif ($platform eq "OS2-EMX") $wc=1; require 'OS2-EMX.pl'; } +elsif (($platform eq "netware-clib") || ($platform eq "netware-libc") || + ($platform eq "netware-clib-bsdsock") || ($platform eq "netware-libc-bsdsock")) + { + $LIBC=1 if $platform eq "netware-libc" || $platform eq "netware-libc-bsdsock"; + $BSDSOCK=1 if ($platform eq "netware-libc-bsdsock") || ($platform eq "netware-clib-bsdsock"); + require 'netware.pl'; + } else { require "unix.pl"; @@ -238,6 +198,8 @@ $cflags= "$xcflags$cflags" if $xcflags ne ""; $cflags.=" -DOPENSSL_NO_IDEA" if $no_idea; $cflags.=" -DOPENSSL_NO_AES" if $no_aes; +$cflags.=" -DOPENSSL_NO_CAMELLIA" if $no_camellia; +$cflags.=" -DOPENSSL_NO_SEED" if $no_seed; $cflags.=" -DOPENSSL_NO_RC2" if $no_rc2; $cflags.=" -DOPENSSL_NO_RC4" if $no_rc4; $cflags.=" -DOPENSSL_NO_RC5" if $no_rc5; @@ -248,7 +210,7 @@ $cflags.=" -DOPENSSL_NO_SHA" if $no_sha; $cflags.=" -DOPENSSL_NO_SHA1" if $no_sha1; $cflags.=" -DOPENSSL_NO_RIPEMD" if $no_ripemd; $cflags.=" -DOPENSSL_NO_MDC2" if $no_mdc2; -$cflags.=" -DOPENSSL_NO_BF" if $no_bf; +$cflags.=" -DOPENSSL_NO_BF" if $no_bf; $cflags.=" -DOPENSSL_NO_CAST" if $no_cast; $cflags.=" -DOPENSSL_NO_DES" if $no_des; $cflags.=" -DOPENSSL_NO_RSA" if $no_rsa; @@ -257,17 +219,30 @@ $cflags.=" -DOPENSSL_NO_DH" if $no_dh; $cflags.=" -DOPENSSL_NO_SOCK" if $no_sock; $cflags.=" -DOPENSSL_NO_SSL2" if $no_ssl2; $cflags.=" -DOPENSSL_NO_SSL3" if $no_ssl3; +$cflags.=" -DOPENSSL_NO_TLSEXT" if $no_tlsext; +$cflags.=" -DOPENSSL_NO_CMS" if $no_cms; $cflags.=" -DOPENSSL_NO_ERR" if $no_err; $cflags.=" -DOPENSSL_NO_KRB5" if $no_krb5; $cflags.=" -DOPENSSL_NO_EC" if $no_ec; +$cflags.=" -DOPENSSL_NO_ECDSA" if $no_ecdsa; +$cflags.=" -DOPENSSL_NO_ECDH" if $no_ecdh; $cflags.=" -DOPENSSL_NO_ENGINE" if $no_engine; $cflags.=" -DOPENSSL_NO_HW" if $no_hw; -$cflags.=" -DOPENSSL_FIPS" if $fips; -#$cflags.=" -DRSAref" if $rsaref ne ""; $cflags.= " -DZLIB" if $zlib_opt; $cflags.= " -DZLIB_SHARED" if $zlib_opt == 2; +if ($no_static_engine) + { + $cflags .= " -DOPENSSL_NO_STATIC_ENGINE"; + } +else + { + $cflags .= " -DOPENSSL_NO_DYNAMIC_ENGINE"; + } + +#$cflags.=" -DRSAref" if $rsaref ne ""; + ## if ($unix) ## { $cflags="$c_flags" if ($c_flags ne ""); } ##else @@ -305,21 +280,11 @@ for (;;) { if ($lib ne "") { - if ($fips && $dir =~ /^fips/) - { - $uc = "FIPS"; - } - else - { - $uc=$lib; - $uc =~ s/^lib(.*)\.a/$1/; - $uc =~ tr/a-z/A-Z/; - } - if (($uc ne "FIPS") || $fips_canister_build) - { - $lib_nam{$uc}=$uc; - $lib_obj{$uc}.=$libobj." "; - } + $uc=$lib; + $uc =~ s/^lib(.*)\.a/$1/; + $uc =~ tr/a-z/A-Z/; + $lib_nam{$uc}=$uc; + $lib_obj{$uc}.=$libobj." "; } last if ($val eq "FINISHED"); $lib=""; @@ -340,10 +305,10 @@ for (;;) { $ex_libs .= " $val" if $val ne "";} if ($key eq "TEST") - { $test.=&var_add($dir,$val); } + { $test.=&var_add($dir,$val, 0); } if (($key eq "PROGS") || ($key eq "E_OBJ")) - { $e_exe.=&var_add($dir,$val); } + { $e_exe.=&var_add($dir,$val, 0); } if ($key eq "LIB") { @@ -352,74 +317,45 @@ for (;;) } if ($key eq "EXHEADER") - { $exheader.=&var_add($dir,$val); } + { $exheader.=&var_add($dir,$val, 1); } if ($key eq "HEADER") - { $header.=&var_add($dir,$val); } - - if ($key eq "LIBOBJ") - { $libobj=&var_add($dir,$val); } + { $header.=&var_add($dir,$val, 1); } - if ($key eq "FIPSLIBDIR") - { $fipslibdir=$val;} - - if ($key eq "BASEADDR") - { $baseaddr=$val;} + if ($key eq "LIBOBJ" && ($dir ne "engines" || !$no_static_engine)) + { $libobj=&var_add($dir,$val, 0); } + if ($key eq "LIBNAMES" && $dir eq "engines" && $no_static_engine) + { $engines.=$val } if (!($_=)) { $_="RELATIVE_DIRECTORY=FINISHED\n"; } } close(IN); -if ($fips_canister_path eq "") - { - $fips_canister_path = "\$(FIPSLIB_D)${o}fipscanister.o"; - } - -if ($fips_premain_c_path eq "") +if ($shlib) { - $fips_premain_c_path = "\$(FIPSLIB_D)${o}fips_premain.c"; - } - -if ($fips) - { - if ($fips_sha1_exe_path eq "") + $extra_install= <<"EOF"; + \$(CP) \"\$(O_SSL)\" \"\$(INSTALLTOP)${o}bin\" + \$(CP) \"\$(O_CRYPTO)\" \"\$(INSTALLTOP)${o}bin\" + \$(CP) \"\$(L_SSL)\" \"\$(INSTALLTOP)${o}lib\" + \$(CP) \"\$(L_CRYPTO)\" \"\$(INSTALLTOP)${o}lib\" +EOF + if ($no_static_engine) { - $fips_sha1_exe_path = - "\$(BIN_D)${o}fips_standalone_sha1$exep"; + $extra_install .= <<"EOF" + \$(MKDIR) \"\$(INSTALLTOP)${o}lib${o}engines\" + \$(CP) \"\$(E_SHLIB)\" \"\$(INSTALLTOP)${o}lib${o}engines\" +EOF } } - else - { - $fips_sha1_exe_path = ""; - } - -if ($fips_premain_dso_exe_path eq "") - { - $fips_premain_dso_exe_path = "\$(BIN_D)${o}fips_premain_dso$exep"; - } - -# $ex_build_targets .= "\$(BIN_D)${o}\$(E_PREMAIN_DSO)$exep" if ($fips); - -if ($fips) +else { - if (!$shlib) - { - $ex_build_targets .= " \$(LIB_D)$o$crypto_compat \$(PREMAIN_DSO_EXE)"; - $ex_l_libs .= " \$(O_FIPSCANISTER)"; - } - if ($fipslibdir eq "") - { - open (IN, "util/fipslib_path.txt") || fipslib_error(); - $fipslibdir = ; - chomp $fipslibdir; - close IN; - } - fips_check_files($fipslibdir, - "fipscanister.o", "fipscanister.o.sha1", - "fips_premain.c", "fips_premain.c.sha1"); + $extra_install= <<"EOF"; + \$(CP) \"\$(O_SSL)\" \"\$(INSTALLTOP)${o}lib\" + \$(CP) \"\$(O_CRYPTO)\" \"\$(INSTALLTOP)${o}lib\" +EOF + $ex_libs .= " $zlib_lib" if $zlib_opt == 1; } - $defs= <<"EOF"; # This makefile has been automatically generated from the OpenSSL distribution. @@ -439,15 +375,6 @@ EOF $defs .= $preamble if defined $preamble; -if ($platform eq "VC-CE") - { - $defs.= <<"EOF"; -!INCLUDE <\$(WCECOMPAT)/wcedefs.mak> - -EOF - $ex_libs .= " $zlib_lib" if $zlib_opt == 1; - } - $defs.= <<"EOF"; INSTALLTOP=$INSTALLTOP @@ -468,10 +395,11 @@ EX_LIBS=$ex_libs SRC_D=$src_dir LINK=$link -PERL=perl -FIPSLINK=\$(PERL) util${o}fipslink.pl LFLAGS=$lflags +RSC=$rsc +AES_ASM_OBJ=$aes_asm_obj +AES_ASM_SRC=$aes_asm_src BN_ASM_OBJ=$bn_asm_obj BN_ASM_SRC=$bn_asm_src BNCO_ASM_OBJ=$bnco_asm_obj @@ -492,6 +420,8 @@ SHA1_ASM_OBJ=$sha1_asm_obj SHA1_ASM_SRC=$sha1_asm_src RMD160_ASM_OBJ=$rmd160_asm_obj RMD160_ASM_SRC=$rmd160_asm_src +CPUID_ASM_OBJ=$cpuid_asm_obj +CPUID_ASM_SRC=$cpuid_asm_src # The output directory for everything intersting OUT_D=$out_dir @@ -501,9 +431,7 @@ TMP_D=$tmp_dir INC_D=$inc_dir INCO_D=$inc_dir${o}openssl -# Directory containing FIPS module - - +PERL=$perl CP=$cp RM=$rm RANLIB=$ranlib @@ -511,18 +439,6 @@ MKDIR=$mkdir MKLIB=$bin_dir$mklib MLFLAGS=$mlflags ASM=$bin_dir$asm -MKCANISTER=$mkcanister - -# FIPS validated module and support file locations - -E_PREMAIN_DSO=fips_premain_dso - -FIPSLIB_D=$fipslibdir -BASEADDR=$baseaddr -FIPS_PREMAIN_SRC=$fips_premain_c_path -O_FIPSCANISTER=$fips_canister_path -FIPS_SHA1_EXE=$fips_sha1_exe_path -PREMAIN_DSO_EXE=$fips_premain_dso_exe_path ###################################################### # You should not need to touch anything below this point @@ -535,12 +451,14 @@ CRYPTO=$crypto # BIN_D - Binary output directory # TEST_D - Binary test file output directory # LIB_D - library output directory +# ENG_D - dynamic engine output directory # Note: if you change these point to different directories then uncomment out # the lines around the 'NB' comment below. # BIN_D=\$(OUT_D) TEST_D=\$(OUT_D) LIB_D=\$(OUT_D) +ENG_D=\$(OUT_D) # INCL_D - local library directory # OBJ_D - temp object file directory @@ -554,7 +472,7 @@ SO_CRYPTO= $plib\$(CRYPTO)$so_shlibp L_SSL= \$(LIB_D)$o$plib\$(SSL)$libp L_CRYPTO= \$(LIB_D)$o$plib\$(CRYPTO)$libp -L_LIBS= \$(L_SSL) \$(L_CRYPTO) $ex_l_libs +L_LIBS= \$(L_SSL) \$(L_CRYPTO) ###################################################### # Don't touch anything below this point @@ -564,19 +482,19 @@ INC=-I\$(INC_D) -I\$(INCL_D) APP_CFLAGS=\$(INC) \$(CFLAG) \$(APP_CFLAG) LIB_CFLAGS=\$(INC) \$(CFLAG) \$(LIB_CFLAG) SHLIB_CFLAGS=\$(INC) \$(CFLAG) \$(LIB_CFLAG) \$(SHLIB_CFLAG) -LIBS_DEP=\$(O_CRYPTO) \$(O_SSL) $ex_libs_dep +LIBS_DEP=\$(O_CRYPTO) \$(O_SSL) ############################################# EOF $rules=<<"EOF"; -all: banner \$(TMP_D) \$(BIN_D) \$(TEST_D) \$(LIB_D) \$(INCO_D) headers \$(FIPS_SHA1_EXE) lib exe $ex_build_targets +all: banner \$(TMP_D) \$(BIN_D) \$(TEST_D) \$(LIB_D) \$(INCO_D) headers lib exe banner: $banner \$(TMP_D): - \$(MKDIR) \$(TMP_D) + \$(MKDIR) \"\$(TMP_D)\" # NB: uncomment out these lines if BIN_D, TEST_D and LIB_D are different #\$(BIN_D): # \$(MKDIR) \$(BIN_D) @@ -585,31 +503,36 @@ $banner # \$(MKDIR) \$(TEST_D) \$(LIB_D): - \$(MKDIR) \$(LIB_D) + \$(MKDIR) \"\$(LIB_D)\" \$(INCO_D): \$(INC_D) - \$(MKDIR) \$(INCO_D) + \$(MKDIR) \"\$(INCO_D)\" \$(INC_D): - \$(MKDIR) \$(INC_D) + \$(MKDIR) \"\$(INC_D)\" headers: \$(HEADER) \$(EXHEADER) @ -lib: \$(LIBS_DEP) +lib: \$(LIBS_DEP) \$(E_SHLIB) exe: \$(T_EXE) \$(BIN_D)$o\$(E_EXE)$exep -install: - \$(MKDIR) \$(INSTALLTOP) - \$(MKDIR) \$(INSTALLTOP)${o}bin - \$(MKDIR) \$(INSTALLTOP)${o}include - \$(MKDIR) \$(INSTALLTOP)${o}include${o}openssl - \$(MKDIR) \$(INSTALLTOP)${o}lib - \$(CP) \$(INCO_D)${o}*.\[ch\] \$(INSTALLTOP)${o}include${o}openssl - \$(CP) \$(BIN_D)$o\$(E_EXE)$exep \$(INSTALLTOP)${o}bin - \$(CP) \$(O_SSL) \$(INSTALLTOP)${o}lib - \$(CP) \$(O_CRYPTO) \$(INSTALLTOP)${o}lib +install: all + \$(MKDIR) \"\$(INSTALLTOP)\" + \$(MKDIR) \"\$(INSTALLTOP)${o}bin\" + \$(MKDIR) \"\$(INSTALLTOP)${o}include\" + \$(MKDIR) \"\$(INSTALLTOP)${o}include${o}openssl\" + \$(MKDIR) \"\$(INSTALLTOP)${o}lib\" + \$(CP) \"\$(INCO_D)${o}*.\[ch\]\" \"\$(INSTALLTOP)${o}include${o}openssl\" + \$(CP) \"\$(BIN_D)$o\$(E_EXE)$exep\" \"\$(INSTALLTOP)${o}bin\" + \$(CP) \"apps${o}openssl.cnf\" \"\$(INSTALLTOP)\" +$extra_install + + +test: \$(T_EXE) + cd \$(BIN_D) + ..${o}ms${o}test clean: \$(RM) \$(TMP_D)$o*.* @@ -668,11 +591,11 @@ foreach (split(/\s+/,$exheader)){ $h{$_}=1; } foreach (split(/\s+/,$header)) { $h.=$_." " unless $h{$_}; } chop($h); $header=$h; -$defs.=&do_defs("HEADER",$header,"\$(INCL_D)",".h"); -$rules.=&do_copy_rule("\$(INCL_D)",$header,".h"); +$defs.=&do_defs("HEADER",$header,"\$(INCL_D)",""); +$rules.=&do_copy_rule("\$(INCL_D)",$header,""); -$defs.=&do_defs("EXHEADER",$exheader,"\$(INCO_D)",".h"); -$rules.=&do_copy_rule("\$(INCO_D)",$exheader,".h"); +$defs.=&do_defs("EXHEADER",$exheader,"\$(INCO_D)",""); +$rules.=&do_copy_rule("\$(INCO_D)",$exheader,""); $defs.=&do_defs("T_OBJ",$test,"\$(OBJ_D)",$obj); $rules.=&do_compile_rule("\$(OBJ_D)",$test,"\$(APP_CFLAGS)"); @@ -680,29 +603,6 @@ $rules.=&do_compile_rule("\$(OBJ_D)",$test,"\$(APP_CFLAGS)"); $defs.=&do_defs("E_OBJ",$e_exe,"\$(OBJ_D)",$obj); $rules.=&do_compile_rule("\$(OBJ_D)",$e_exe,'-DMONOLITH $(APP_CFLAGS)'); -# Special case rules for fips_start and fips_end fips_premain_dso - -if ($fips) - { - if ($fips_canister_build) - { - $rules.=&cc_compile_target("\$(OBJ_D)${o}fips_start$obj", - "fips-1.0${o}fips_canister.c", - "-DFIPS_START \$(SHLIB_CFLAGS)"); - $rules.=&cc_compile_target("\$(OBJ_D)${o}fips_end$obj", - "fips-1.0${o}fips_canister.c", "\$(SHLIB_CFLAGS)"); - } - $rules.=&cc_compile_target("\$(OBJ_D)${o}fips_standalone_sha1$obj", - "fips-1.0${o}sha${o}fips_standalone_sha1.c", - "\$(SHLIB_CFLAGS)"); - $rules.=&cc_compile_target("\$(OBJ_D)${o}fips_sha1dgst$obj", - "fips-1.0${o}sha${o}fips_sha1dgst.c", - "\$(SHLIB_CFLAGS)") unless $fips_canister_build; - $rules.=&cc_compile_target("\$(OBJ_D)${o}\$(E_PREMAIN_DSO)$obj", - "fips-1.0${o}fips_premain.c", - "-DFINGERPRINT_PREMAIN_DSO_LOAD \$(SHLIB_CFLAGS)"); - } - foreach (values %lib_nam) { $lib_obj=$lib_obj{$_}; @@ -713,7 +613,12 @@ foreach (values %lib_nam) $rules.="\$(O_SSL):\n\n"; next; } - + if (($aes_asm_obj ne "") && ($_ eq "CRYPTO")) + { + $lib_obj =~ s/\s(\S*\/aes_core\S*)/ \$(AES_ASM_OBJ)/; + $lib_obj =~ s/\s\S*\/aes_cbc\S*//; + $rules.=&do_asm_rule($aes_asm_obj,$aes_asm_src); + } if (($bn_asm_obj ne "") && ($_ eq "CRYPTO")) { $lib_obj =~ s/\s\S*\/bn_asm\S*/ \$(BN_ASM_OBJ)/; @@ -765,11 +670,28 @@ foreach (values %lib_nam) $lib_obj =~ s/\s(\S*\/rmd_dgst\S*)/ $1 \$(RMD160_ASM_OBJ)/; $rules.=&do_asm_rule($rmd160_asm_obj,$rmd160_asm_src); } + if (($cpuid_asm_obj ne "") && ($_ eq "CRYPTO")) + { + $lib_obj =~ s/\s(\S*\/cversion\S*)/ $1 \$(CPUID_ASM_OBJ)/; + $rules.=&do_asm_rule($cpuid_asm_obj,$cpuid_asm_src); + } $defs.=&do_defs(${_}."OBJ",$lib_obj,"\$(OBJ_D)",$obj); $lib=($slib)?" \$(SHLIB_CFLAGS)".$shlib_ex_cflags{$_}:" \$(LIB_CFLAGS)"; $rules.=&do_compile_rule("\$(OBJ_D)",$lib_obj{$_},$lib); } +# hack to add version info on MSVC +if (($platform eq "VC-WIN32") || ($platform eq "VC-NT")) { + $rules.= <<"EOF"; +\$(OBJ_D)\\\$(CRYPTO).res: ms\\version32.rc + \$(RSC) /fo"\$(OBJ_D)\\\$(CRYPTO).res" /d CRYPTO ms\\version32.rc + +\$(OBJ_D)\\\$(SSL).res: ms\\version32.rc + \$(RSC) /fo"\$(OBJ_D)\\\$(SSL).res" /d SSL ms\\version32.rc + +EOF +} + $defs.=&do_defs("T_EXE",$test,"\$(TEST_D)",$exep); foreach (split(/\s+/,$test)) { @@ -778,42 +700,20 @@ foreach (split(/\s+/,$test)) $rules.=&do_link_rule("\$(TEST_D)$o$t$exep",$tt,"\$(LIBS_DEP)","\$(L_LIBS) \$(EX_LIBS)"); } -$rules.= &do_lib_rule("\$(SSLOBJ)","\$(O_SSL)",$ssl,$shlib,"\$(SO_SSL)"); - +$defs.=&do_defs("E_SHLIB",$engines,"\$(ENG_D)",$shlibp); -if ($fips) - { - if ($shlib) - { - $rules.= &do_lib_rule("\$(CRYPTOOBJ) \$(O_FIPSCANISTER)", - "\$(O_CRYPTO)", - "$crypto", - $shlib, "\$(SO_CRYPTO)", "\$(BASEADDR)"); - } - else - { - $rules.= &do_lib_rule("\$(CRYPTOOBJ)", - "\$(O_CRYPTO)",$crypto,$shlib,"\$(SO_CRYPTO)", ""); - $rules.= &do_lib_rule("\$(CRYPTOOBJ) \$(O_FIPSCANISTER)", - "\$(LIB_D)$o$crypto_compat",$crypto,$shlib,"\$(SO_CRYPTO)", ""); - } - } - else +foreach (split(/\s+/,$engines)) { - $rules.= &do_lib_rule("\$(CRYPTOOBJ)","\$(O_CRYPTO)",$crypto,$shlib, - "\$(SO_CRYPTO)"); + $rules.=&do_compile_rule("\$(OBJ_D)","engines${o}e_$_",$lib); + $rules.= &do_lib_rule("\$(OBJ_D)${o}e_${_}.obj","\$(ENG_D)$o$_$shlibp","",$shlib,""); } -if ($fips) - { - $rules.= &do_rlink_rule("\$(O_FIPSCANISTER)", "\$(OBJ_D)${o}fips_start$obj \$(FIPSOBJ) \$(OBJ_D)${o}fips_end$obj", "\$(FIPSLIB_D)${o}fips_standalone_sha1$exep", "") if $fips_canister_build; - $rules.=&do_link_rule("\$(PREMAIN_DSO_EXE)","\$(OBJ_D)${o}\$(E_PREMAIN_DSO)$obj \$(CRYPTOOBJ) \$(O_FIPSCANISTER)","","\$(EX_LIBS)", 1); - - $rules.=&do_link_rule("\$(FIPS_SHA1_EXE)","\$(OBJ_D)${o}fips_standalone_sha1$obj \$(OBJ_D)${o}fips_sha1dgst$obj","","", 1); - } - $rules.=&do_link_rule("\$(BIN_D)$o\$(E_EXE)$exep","\$(E_OBJ)","\$(LIBS_DEP)","\$(L_LIBS) \$(EX_LIBS)",0); +$rules.= &do_lib_rule("\$(SSLOBJ)","\$(O_SSL)",$ssl,$shlib,"\$(SO_SSL)"); +$rules.= &do_lib_rule("\$(CRYPTOOBJ)","\$(O_CRYPTO)",$crypto,$shlib,"\$(SO_CRYPTO)"); + +$rules.=&do_link_rule("\$(BIN_D)$o\$(E_EXE)$exep","\$(E_OBJ)","\$(LIBS_DEP)","\$(L_LIBS) \$(EX_LIBS)"); print $defs; @@ -833,13 +733,15 @@ print $rules; # directories sub var_add { - local($dir,$val)=@_; + local($dir,$val,$keepext)=@_; local(@a,$_,$ret); return("") if $no_engine && $dir =~ /\/engine/; return("") if $no_hw && $dir =~ /\/hw/; return("") if $no_idea && $dir =~ /\/idea/; return("") if $no_aes && $dir =~ /\/aes/; + return("") if $no_camellia && $dir =~ /\/camellia/; + return("") if $no_seed && $dir =~ /\/seed/; return("") if $no_rc2 && $dir =~ /\/rc2/; return("") if $no_rc4 && $dir =~ /\/rc4/; return("") if $no_rc5 && $dir =~ /\/rc5/; @@ -848,6 +750,7 @@ sub var_add return("") if $no_dsa && $dir =~ /\/dsa/; return("") if $no_dh && $dir =~ /\/dh/; return("") if $no_ec && $dir =~ /\/ec/; + return("") if $no_cms && $dir =~ /\/cms/; if ($no_des && $dir =~ /\/des/) { if ($val =~ /read_pwd/) @@ -862,7 +765,7 @@ sub var_add $val =~ s/^\s*(.*)\s*$/$1/; @a=split(/\s+/,$val); - grep(s/\.[och]$//,@a); + grep(s/\.[och]$//,@a) unless $keepext; @a=grep(!/^e_.*_3d$/,@a) if $no_des; @a=grep(!/^e_.*_d$/,@a) if $no_des; @@ -873,6 +776,8 @@ sub var_add @a=grep(!/^e_.*_bf$/,@a) if $no_bf; @a=grep(!/^e_.*_c$/,@a) if $no_cast; @a=grep(!/^e_rc4$/,@a) if $no_rc4; + @a=grep(!/^e_camellia$/,@a) if $no_camellia; + @a=grep(!/^e_seed$/,@a) if $no_seed; @a=grep(!/(^s2_)|(^s23_)/,@a) if $no_ssl2; @a=grep(!/(^s3_)|(^s23_)/,@a) if $no_ssl3; @@ -956,13 +861,23 @@ sub do_defs elsif ($_ =~ /RC5_ENC/) { $t="$_ "; } elsif ($_ =~ /MD5_ASM/) { $t="$_ "; } elsif ($_ =~ /SHA1_ASM/){ $t="$_ "; } + elsif ($_ =~ /AES_ASM/){ $t="$_ "; } elsif ($_ =~ /RMD160_ASM/){ $t="$_ "; } + elsif ($_ =~ /CPUID_ASM/){ $t="$_ "; } else { $t="$location${o}$_$pf "; } $Vars{$var}.="$t "; $ret.=$t; } - chop($ret); + # hack to add version info on MSVC + if ($shlib && (($platform eq "VC-WIN32") || ($platform eq "VC-NT"))) + { + if ($var eq "CRYPTOOBJ") + { $ret.="\$(OBJ_D)\\\$(CRYPTO).res "; } + elsif ($var eq "SSLOBJ") + { $ret.="\$(OBJ_D)\\\$(SSL).res "; } + } + chomp($ret); $ret.="\n\n"; return($ret); } @@ -1057,61 +972,118 @@ sub do_copy_rule if ($n =~ /bss_file/) { $pp=".c"; } else { $pp=$p; } - $ret.="$to${o}$n$pp: \$(SRC_D)$o$_$pp\n\t\$(CP) \$(SRC_D)$o$_$pp $to${o}$n$pp\n\n"; + $ret.="$to${o}$n$pp: \$(SRC_D)$o$_$pp\n\t\$(CP) \"\$(SRC_D)$o$_$pp\" \"$to${o}$n$pp\"\n\n"; } return($ret); } sub read_options { - if (/^no-rc2$/) { $no_rc2=1; } - elsif (/^no-rc4$/) { $no_rc4=1; } - elsif (/^no-rc5$/) { $no_rc5=1; } - elsif (/^no-idea$/) { $no_idea=1; } - elsif (/^no-aes$/) { $no_aes=1; } - elsif (/^no-des$/) { $no_des=1; } - elsif (/^no-bf$/) { $no_bf=1; } - elsif (/^no-cast$/) { $no_cast=1; } - elsif (/^no-md2$/) { $no_md2=1; } - elsif (/^no-md4$/) { $no_md4=1; } - elsif (/^no-md5$/) { $no_md5=1; } - elsif (/^no-sha$/) { $no_sha=1; } - elsif (/^no-sha1$/) { $no_sha1=1; } - elsif (/^no-ripemd$/) { $no_ripemd=1; } - elsif (/^no-mdc2$/) { $no_mdc2=1; } - elsif (/^no-patents$/) { $no_rc2=$no_rc4=$no_rc5=$no_idea=$no_rsa=1; } - elsif (/^no-rsa$/) { $no_rsa=1; } - elsif (/^no-dsa$/) { $no_dsa=1; } - elsif (/^no-dh$/) { $no_dh=1; } - elsif (/^no-hmac$/) { $no_hmac=1; } - elsif (/^no-aes$/) { $no_aes=1; } - elsif (/^no-asm$/) { $no_asm=1; } - elsif (/^nasm$/) { $nasm=1; } - elsif (/^gaswin$/) { $gaswin=1; } - elsif (/^no-ssl2$/) { $no_ssl2=1; } - elsif (/^no-ssl3$/) { $no_ssl3=1; } - elsif (/^no-err$/) { $no_err=1; } - elsif (/^no-sock$/) { $no_sock=1; } - elsif (/^no-krb5$/) { $no_krb5=1; } - elsif (/^no-ec$/) { $no_ec=1; } - elsif (/^no-engine$/) { $no_engine=1; } - elsif (/^no-hw$/) { $no_hw=1; } - - elsif (/^just-ssl$/) { $no_rc2=$no_idea=$no_des=$no_bf=$no_cast=1; - $no_md2=$no_sha=$no_mdc2=$no_dsa=$no_dh=1; - $no_ssl2=$no_err=$no_ripemd=$no_rc5=1; - $no_aes=1; } - - elsif (/^rsaref$/) { } - elsif (/^fips$/) { $fips=1; } - elsif (/^gcc$/) { $gcc=1; } - elsif (/^debug$/) { $debug=1; } - elsif (/^profile$/) { $profile=1; } - elsif (/^shlib$/) { $shlib=1; } - elsif (/^dll$/) { $shlib=1; } - elsif (/^shared$/) { } # We just need to ignore it for now... - elsif (/^zlib$/) { $zlib_opt = 1 if $zlib_opt == 0 } - elsif (/^zlib-dynamic$/){ $zlib_opt = 2; } + # Many options are handled in a similar way. In particular + # no-xxx sets zero or more scalars to 1. + # Process these using a hash containing the option name and + # reference to the scalars to set. + + my %valid_options = ( + "no-rc2" => \$no_rc2, + "no-rc4" => \$no_rc4, + "no-rc5" => \$no_rc5, + "no-idea" => \$no_idea, + "no-aes" => \$no_aes, + "no-camellia" => \$no_camellia, + "no-seed" => \$no_seed, + "no-des" => \$no_des, + "no-bf" => \$no_bf, + "no-cast" => \$no_cast, + "no-md2" => \$no_md2, + "no-md4" => \$no_md4, + "no-md5" => \$no_md5, + "no-sha" => \$no_sha, + "no-sha1" => \$no_sha1, + "no-ripemd" => \$no_ripemd, + "no-mdc2" => \$no_mdc2, + "no-patents" => + [\$no_rc2, \$no_rc4, \$no_rc5, \$no_idea, \$no_rsa], + "no-rsa" => \$no_rsa, + "no-dsa" => \$no_dsa, + "no-dh" => \$no_dh, + "no-hmac" => \$no_hmac, + "no-asm" => \$no_asm, + "nasm" => \$nasm, + "nw-nasm" => \$nw_nasm, + "nw-mwasm" => \$nw_mwasm, + "gaswin" => \$gaswin, + "no-ssl2" => \$no_ssl2, + "no-ssl3" => \$no_ssl3, + "no-tlsext" => \$no_tlsext, + "no-cms" => \$no_cms, + "no-err" => \$no_err, + "no-sock" => \$no_sock, + "no-krb5" => \$no_krb5, + "no-ec" => \$no_ec, + "no-ecdsa" => \$no_ecdsa, + "no-ecdh" => \$no_ecdh, + "no-engine" => \$no_engine, + "no-hw" => \$no_hw, + "just-ssl" => + [\$no_rc2, \$no_idea, \$no_des, \$no_bf, \$no_cast, + \$no_md2, \$no_sha, \$no_mdc2, \$no_dsa, \$no_dh, + \$no_ssl2, \$no_err, \$no_ripemd, \$no_rc5, + \$no_aes, \$no_camellia, \$no_seed], + "rsaref" => 0, + "gcc" => \$gcc, + "debug" => \$debug, + "profile" => \$profile, + "shlib" => \$shlib, + "dll" => \$shlib, + "shared" => 0, + "no-gmp" => 0, + "no-rfc3779" => 0, + "no-montasm" => 0, + "no-shared" => 0, + "no-zlib" => 0, + "no-zlib-dynamic" => 0, + ); + + if (exists $valid_options{$_}) + { + my $r = $valid_options{$_}; + if ( ref $r eq "SCALAR") + { $$r = 1;} + elsif ( ref $r eq "ARRAY") + { + my $r2; + foreach $r2 (@$r) + { + $$r2 = 1; + } + } + } + elsif (/^no-comp$/) { $xcflags = "-DOPENSSL_NO_COMP $xcflags"; } + elsif (/^enable-zlib$/) { $zlib_opt = 1 if $zlib_opt == 0 } + elsif (/^enable-zlib-dynamic$/) + { + $zlib_opt = 2; + } + elsif (/^no-static-engine/) + { + $no_static_engine = 1; + } + elsif (/^enable-static-engine/) + { + $no_static_engine = 0; + } + # There are also enable-xxx options which correspond to + # the no-xxx. Since the scalars are enabled by default + # these can be ignored. + elsif (/^enable-/) + { + my $t = $_; + $t =~ s/^enable/no/; + if (exists $valid_options{$t}) + {return 1;} + return 0; + } elsif (/^--with-krb5-flavor=(.*)$/) { my $krb5_flavor = $1; @@ -1135,31 +1107,3 @@ sub read_options else { return(0); } return(1); } - -sub fipslib_error - { - print STDERR "***FIPS module directory sanity check failed***\n"; - print STDERR "FIPS module build failed, or was deleted\n"; - print STDERR "Please rebuild FIPS module.\n"; - exit 1; - } - -sub fips_check_files - { - my $dir = shift @_; - my $ret = 1; - if (!-d $dir) - { - print STDERR "FIPS module directory $dir does not exist\n"; - fipslib_error(); - } - foreach (@_) - { - if (!-f "$dir${o}$_") - { - print STDERR "FIPS module file $_ does not exist!\n"; - $ret = 0; - } - } - fipslib_error() if ($ret == 0); - } diff --git a/src/lib/libcrypto/util/mkdef.pl b/src/lib/libcrypto/util/mkdef.pl index 6c1e53bb14..ef1cc6e513 100644 --- a/src/lib/libcrypto/util/mkdef.pl +++ b/src/lib/libcrypto/util/mkdef.pl @@ -79,19 +79,29 @@ my $OS2=0; my $safe_stack_def = 0; my @known_platforms = ( "__FreeBSD__", "PERL5", "NeXT", - "EXPORT_VAR_AS_FUNCTION", "OPENSSL_FIPS" ); + "EXPORT_VAR_AS_FUNCTION", "ZLIB" ); my @known_ossl_platforms = ( "VMS", "WIN16", "WIN32", "WINNT", "OS2" ); my @known_algorithms = ( "RC2", "RC4", "RC5", "IDEA", "DES", "BF", "CAST", "MD2", "MD4", "MD5", "SHA", "SHA0", "SHA1", "SHA256", "SHA512", "RIPEMD", - "MDC2", "RSA", "DSA", "DH", "EC", "HMAC", "AES", + "MDC2", "RSA", "DSA", "DH", "EC", "ECDH", "ECDSA", "HMAC", "AES", "CAMELLIA", "SEED", # Envelope "algorithms" "EVP", "X509", "ASN1_TYPEDEFS", # Helper "algorithms" "BIO", "COMP", "BUFFER", "LHASH", "STACK", "ERR", "LOCKING", # External "algorithms" - "FP_API", "STDIO", "SOCK", "KRB5", "ENGINE", "HW" ); + "FP_API", "STDIO", "SOCK", "KRB5", "DGRAM", + # Engines + "STATIC_ENGINE", "ENGINE", "HW", "GMP", + # RFC3779 support + "RFC3779", + # TLS extension support + "TLSEXT", + # CMS + "CMS", + # Deprecated functions + "DEPRECATED" ); my $options=""; open(IN,") { - last if (/\/\* Error codes for the \w+ functions\. \*\//); + if (/\/\* Error codes for the \w+ functions\. \*\//) + { + undef @tag; + last; + } if ($line ne '') { $_ = $line . $_; $line = ''; @@ -436,17 +474,22 @@ sub do_defs next; } - $cpp = 1 if /^\#.*ifdef.*cplusplus/; + if(/\/\*/) { + if (not /\*\//) { # multiline comment... + $line = $_; # ... just accumulate + next; + } else { + s/\/\*.*?\*\///gs;# wipe it + } + } + if ($cpp) { - $cpp = 0 if /^\#.*endif/; + $cpp++ if /^#\s*if/; + $cpp-- if /^#\s*endif/; next; } + $cpp = 1 if /^#.*ifdef.*cplusplus/; - s/\/\*.*?\*\///gs; # ignore comments - if (/\/\*/) { # if we have part - $line = $_; # of a comment, - next; # continue reading - } s/{[^{}]*}//gs; # ignore {} blocks print STDERR "DEBUG: \$def=\"$def\"\n" if $debug && $def ne ""; print STDERR "DEBUG: \$_=\"$_\"\n" if $debug; @@ -505,7 +548,7 @@ sub do_defs } } elsif (/^\#\s*endif/) { my $tag_i = $#tag; - while($tag[$tag_i] ne "-") { + while($tag_i > 0 && $tag[$tag_i] ne "-") { my $t=$tag[$tag_i]; print STDERR "DEBUG: \$t=\"$t\"\n" if $debug; if ($tag{$t}==2) { @@ -672,6 +715,10 @@ sub do_defs "EXPORT_VAR_AS_FUNCTION", "FUNCTION"); next; + } elsif (/^\s*DECLARE_ASN1_ALLOC_FUNCTIONS\s*\(\s*(\w*)\s*\)/) { + $def .= "int $1_free(void);"; + $def .= "int $1_new(void);"; + next; } elsif (/^\s*DECLARE_ASN1_FUNCTIONS_name\s*\(\s*(\w*)\s*,\s*(\w*)\s*\)/) { $def .= "int d2i_$2(void);"; $def .= "int i2d_$2(void);"; @@ -716,12 +763,21 @@ sub do_defs "EXPORT_VAR_AS_FUNCTION", "FUNCTION"); next; + } elsif (/^\s*DECLARE_ASN1_NDEF_FUNCTION\s*\(\s*(\w*)\s*\)/) { + $def .= "int i2d_$1_NDEF(void);"; } elsif (/^\s*DECLARE_ASN1_SET_OF\s*\(\s*(\w*)\s*\)/) { next; + } elsif (/^\s*DECLARE_ASN1_PRINT_FUNCTION\s*\(\s*(\w*)\s*\)/) { + $def .= "int $1_print_ctx(void);"; + next; + } elsif (/^\s*DECLARE_ASN1_PRINT_FUNCTION_name\s*\(\s*(\w*)\s*,\s*(\w*)\s*\)/) { + $def .= "int $2_print_ctx(void);"; + next; } elsif (/^\s*DECLARE_PKCS12_STACK_OF\s*\(\s*(\w*)\s*\)/) { next; } elsif (/^DECLARE_PEM_rw\s*\(\s*(\w*)\s*,/ || - /^DECLARE_PEM_rw_cb\s*\(\s*(\w*)\s*,/ ) { + /^DECLARE_PEM_rw_cb\s*\(\s*(\w*)\s*,/ || + /^DECLARE_PEM_rw_const\s*\(\s*(\w*)\s*,/ ) { # Things not in Win16 $def .= "#INFO:" @@ -797,7 +853,7 @@ sub do_defs } close(IN); - my $algs = ''; + my $algs; my $plays; print STDERR "DEBUG: postprocessing ----------\n" if $debug; @@ -809,6 +865,17 @@ sub do_defs next if(/typedef\W/); next if(/\#define/); + # Reduce argument lists to empty () + # fold round brackets recursively: (t(*v)(t),t) -> (t{}{},t) -> {} + while(/\(.*\)/s) { + s/\([^\(\)]+\)/\{\}/gs; + s/\(\s*\*\s*(\w+)\s*\{\}\s*\)/$1/gs; #(*f{}) -> f + } + # pretend as we didn't use curly braces: {} -> () + s/\{\}/\(\)/gs; + + s/STACK_OF\(\)/void/gs; + print STDERR "DEBUG: \$_ = \"$_\"\n" if $debug; if (/^\#INFO:([^:]*):(.*)$/) { $plats = $1; @@ -819,21 +886,10 @@ sub do_defs $s = $1; $k = "VARIABLE"; print STDERR "DEBUG: found external variable $s\n" if $debug; - } elsif (/\(\*(\w*(\{[0-9]+\})?)\([^\)]+/) { - $s = $1; - print STDERR "DEBUG: found ANSI C function $s\n" if $debug; - } elsif (/\w+\W+(\w+)\W*\(\s*\)(\s*__attribute__\(.*\)\s*)?$/s) { - # K&R C - print STDERR "DEBUG: found K&R C function $s\n" if $debug; + } elsif (/TYPEDEF_\w+_OF/s) { next; - } elsif (/\w+\W+\w+(\{[0-9]+\})?\W*\(.*\)(\s*__attribute__\(.*\)\s*)?$/s) { - while (not /\(\)(\s*__attribute__\(.*\)\s*)?$/s) { - s/[^\(\)]*\)(\s*__attribute__\(.*\)\s*)?$/\)/s; - s/\([^\(\)]*\)\)(\s*__attribute__\(.*\)\s*)?$/\)/s; - } - s/\(void\)//; - /(\w+(\{[0-9]+\})?)\W*\(\)/s; - $s = $1; + } elsif (/(\w+)\s*\(\).*/s) { # first token prior [first] () is + $s = $1; # a function name! print STDERR "DEBUG: found function $s\n" if $debug; } elsif (/\(/ and not (/=/)) { print STDERR "File $file: cannot parse: $_;\n"; @@ -864,13 +920,9 @@ sub do_defs $a .= ",RSA" if($s =~ /PEM_Seal(Final|Init|Update)/); $a .= ",RSA" if($s =~ /RSAPrivateKey/); $a .= ",RSA" if($s =~ /SSLv23?_((client|server)_)?method/); - # SHA2 algorithms only defined in FIPS mode for - # OpenSSL 0.9.7 - $p .= "OPENSSL_FIPS" if($s =~ /SHA[235]/); $platform{$s} = &reduce_platforms((defined($platform{$s})?$platform{$s}.',':"").$p); - $algorithm{$s} = '' if !defined $algorithm{$s}; $algorithm{$s} .= ','.$a; if (defined($variant{$s})) { @@ -1035,9 +1087,7 @@ sub is_valid if ($keyword eq "EXPORT_VAR_AS_FUNCTION" && ($VMSVAX || $W32 || $W16)) { return 1; } - if ($keyword eq "OPENSSL_FIPS" && $fips) { - return 1; - } + if ($keyword eq "ZLIB" && $zlib) { return 1; } return 0; } else { # algorithms @@ -1058,8 +1108,12 @@ sub is_valid if ($keyword eq "DSA" && $no_dsa) { return 0; } if ($keyword eq "DH" && $no_dh) { return 0; } if ($keyword eq "EC" && $no_ec) { return 0; } + if ($keyword eq "ECDSA" && $no_ecdsa) { return 0; } + if ($keyword eq "ECDH" && $no_ecdh) { return 0; } if ($keyword eq "HMAC" && $no_hmac) { return 0; } if ($keyword eq "AES" && $no_aes) { return 0; } + if ($keyword eq "CAMELLIA" && $no_camellia) { return 0; } + if ($keyword eq "SEED" && $no_seed) { return 0; } if ($keyword eq "EVP" && $no_evp) { return 0; } if ($keyword eq "LHASH" && $no_lhash) { return 0; } if ($keyword eq "STACK" && $no_stack) { return 0; } @@ -1072,6 +1126,12 @@ sub is_valid if ($keyword eq "ENGINE" && $no_engine) { return 0; } if ($keyword eq "HW" && $no_hw) { return 0; } if ($keyword eq "FP_API" && $no_fp_api) { return 0; } + if ($keyword eq "STATIC_ENGINE" && $no_static_engine) { return 0; } + if ($keyword eq "GMP" && $no_gmp) { return 0; } + if ($keyword eq "RFC3779" && $no_rfc3779) { return 0; } + if ($keyword eq "TLSEXT" && $no_tlsext) { return 0; } + if ($keyword eq "CMS" && $no_cms) { return 0; } + if ($keyword eq "DEPRECATED" && $no_deprecated) { return 0; } # Nothing recognise as true return 1; @@ -1174,8 +1234,6 @@ EOO LIBRARY $libname $liboptions -DESCRIPTION '$description' - EOF if ($W16) { diff --git a/src/lib/libcrypto/util/mkdir-p.pl b/src/lib/libcrypto/util/mkdir-p.pl index 6c69c2daa4..e73d02b073 100644 --- a/src/lib/libcrypto/util/mkdir-p.pl +++ b/src/lib/libcrypto/util/mkdir-p.pl @@ -8,6 +8,7 @@ my $arg; foreach $arg (@ARGV) { + $arg =~ tr|\\|/|; &do_mkdir_p($arg); } diff --git a/src/lib/libcrypto/util/mkfiles.pl b/src/lib/libcrypto/util/mkfiles.pl index bc78510f56..1282392fea 100644 --- a/src/lib/libcrypto/util/mkfiles.pl +++ b/src/lib/libcrypto/util/mkfiles.pl @@ -24,12 +24,16 @@ my @dirs = ( "crypto/bf", "crypto/cast", "crypto/aes", +"crypto/camellia", +"crypto/seed", "crypto/bn", "crypto/rsa", "crypto/dsa", "crypto/dso", "crypto/dh", "crypto/ec", +"crypto/ecdh", +"crypto/ecdsa", "crypto/buffer", "crypto/bio", "crypto/stack", @@ -51,17 +55,12 @@ my @dirs = ( "crypto/ocsp", "crypto/ui", "crypto/krb5", -"fips-1.0", -"fips-1.0/aes", -"fips-1.0/des", -"fips-1.0/dsa", -"fips-1.0/dh", -"fips-1.0/hmac", -"fips-1.0/rand", -"fips-1.0/rsa", -"fips-1.0/sha", +"crypto/store", +"crypto/pqueue", +"crypto/cms", "ssl", "apps", +"engines", "test", "tools" ); diff --git a/src/lib/libcrypto/util/mklink.pl b/src/lib/libcrypto/util/mklink.pl index 182732d959..d9bc98aab8 100644 --- a/src/lib/libcrypto/util/mklink.pl +++ b/src/lib/libcrypto/util/mklink.pl @@ -14,7 +14,6 @@ # not contain symbolic links and that the parent of / is never referenced. # Apart from this, this script should be able to handle even the most # pathological cases. -# use Cwd; diff --git a/src/lib/libcrypto/util/opensslwrap.sh b/src/lib/libcrypto/util/opensslwrap.sh index 91d29e2b87..b27cbb897f 100755 --- a/src/lib/libcrypto/util/opensslwrap.sh +++ b/src/lib/libcrypto/util/opensslwrap.sh @@ -3,6 +3,10 @@ HERE="`echo $0 | sed -e 's|[^/]*$||'`" OPENSSL="${HERE}../apps/openssl" +if [ -d "${HERE}../engines" -a "x$OPENSSL_ENGINES" = "x" ]; then + OPENSSL_ENGINES="${HERE}../engines"; export OPENSSL_ENGINES +fi + if [ -x "${OPENSSL}.exe" ]; then # The original reason for this script existence is to work around # certain caveats in run-time linker behaviour. On Windows platforms diff --git a/src/lib/libcrypto/util/pl/BC-32.pl b/src/lib/libcrypto/util/pl/BC-32.pl index 28869c868d..99b8c058d2 100644 --- a/src/lib/libcrypto/util/pl/BC-32.pl +++ b/src/lib/libcrypto/util/pl/BC-32.pl @@ -62,7 +62,7 @@ $des_enc_src=''; $bf_enc_obj=''; $bf_enc_src=''; -if (!$no_asm && !$fips) +if (!$no_asm) { $bn_mulw_obj='crypto\bn\asm\bn_win32.obj'; $bn_mulw_src='crypto\bn\asm\bn_win32.asm'; @@ -126,18 +126,13 @@ ___ sub do_link_rule { - local($target,$files,$dep_libs,$libs,$sha1file,$openssl)=@_; + local($target,$files,$dep_libs,$libs)=@_; local($ret,$_); - + $file =~ s/\//$o/g if $o ne '/'; $n=&bname($targer); $ret.="$target: $files $dep_libs\n"; - $ret.="\t\$(LINK) \$(LFLAGS) $files \$(APP_EX_OBJ), $target,, $libs\n"; - if (defined $sha1file) - { - $ret.="\t$openssl sha1 -hmac etaonrishdlcupfm -binary $target > $sha1file"; - } - $ret.="\n"; + $ret.="\t\$(LINK) \$(LFLAGS) $files \$(APP_EX_OBJ), $target,, $libs\n\n"; return($ret); } diff --git a/src/lib/libcrypto/util/pl/Mingw32.pl b/src/lib/libcrypto/util/pl/Mingw32.pl index b9bb24d21d..8f0483fb93 100644 --- a/src/lib/libcrypto/util/pl/Mingw32.pl +++ b/src/lib/libcrypto/util/pl/Mingw32.pl @@ -19,9 +19,9 @@ $cc='gcc'; if ($debug) { $cflags="-DL_ENDIAN -DDSO_WIN32 -g2 -ggdb"; } else - { $cflags="-DL_ENDIAN -DDSO_WIN32 -fomit-frame-pointer -O3 -mcpu=i486 -Wall"; } + { $cflags="-DL_ENDIAN -DDSO_WIN32 -fomit-frame-pointer -O3 -march=i486 -Wall"; } -if ($gaswin and !$no_asm and !$fips) +if ($gaswin and !$no_asm) { $bn_asm_obj='$(OBJ_D)\bn-win32.o'; $bn_asm_src='crypto/bn/asm/bn-win32.s'; @@ -43,7 +43,9 @@ if ($gaswin and !$no_asm and !$fips) $rmd160_asm_src='crypto/ripemd/asm/rm-win32.s'; $sha1_asm_obj='$(OBJ_D)\s1-win32.o'; $sha1_asm_src='crypto/sha/asm/s1-win32.s'; - $cflags.=" -DBN_ASM -DMD5_ASM -DSHA1_ASM"; + $cpuid_asm_obj='$(OBJ_D)\cpu-win32.o'; + $cpuid_asm_src='crypto/cpu-win32.s'; + $cflags.=" -DBN_ASM -DMD5_ASM -DSHA1_ASM -DOPENSSL_BN_ASM_PART_WORDS"; } @@ -92,18 +94,13 @@ sub do_lib_rule sub do_link_rule { - local($target,$files,$dep_libs,$libs,$sha1file,$openssl)=@_; + local($target,$files,$dep_libs,$libs)=@_; local($ret,$_); $file =~ s/\//$o/g if $o ne '/'; $n=&bname($target); $ret.="$target: $files $dep_libs\n"; - $ret.="\t\$(LINK) ${efile}$target \$(LFLAGS) $files $libs\n"; - if (defined $sha1file) - { - $ret.="\t$openssl sha1 -hmac etaonrishdlcupfm -binary $target > $sha1file"; - } - $ret.="\n"; + $ret.="\t\$(LINK) ${efile}$target \$(LFLAGS) $files $libs\n\n"; return($ret); } 1; diff --git a/src/lib/libcrypto/util/pl/OS2-EMX.pl b/src/lib/libcrypto/util/pl/OS2-EMX.pl index 8dbeaa7a08..28cd116907 100644 --- a/src/lib/libcrypto/util/pl/OS2-EMX.pl +++ b/src/lib/libcrypto/util/pl/OS2-EMX.pl @@ -48,7 +48,7 @@ $des_enc_src=""; $bf_enc_obj=""; $bf_enc_src=""; -if (!$no_asm && !$fips) +if (!$no_asm) { $bn_asm_obj="crypto/bn/asm/bn-os2$obj crypto/bn/asm/co-os2$obj"; $bn_asm_src="crypto/bn/asm/bn-os2.asm crypto/bn/asm/co-os2.asm"; @@ -107,18 +107,13 @@ sub do_lib_rule sub do_link_rule { - local($target,$files,$dep_libs,$libs,$sha1file,$openssl)=@_; + local($target,$files,$dep_libs,$libs)=@_; local($ret,$_); $file =~ s/\//$o/g if $o ne '/'; $n=&bname($target); $ret.="$target: $files $dep_libs\n"; - $ret.="\t\$(LINK) ${efile}$target \$(CFLAG) \$(LFLAGS) $files $libs\n"; - if (defined $sha1file) - { - $ret.="\t$openssl sha1 -hmac etaonrishdlcupfm -binary $target > $sha1file"; - } - $ret.="\n"; + $ret.="\t\$(LINK) ${efile}$target \$(CFLAG) \$(LFLAGS) $files $libs\n\n"; return($ret); } diff --git a/src/lib/libcrypto/util/pl/VC-32.pl b/src/lib/libcrypto/util/pl/VC-32.pl index 4e97dfa9af..9cb2ab7e99 100644 --- a/src/lib/libcrypto/util/pl/VC-32.pl +++ b/src/lib/libcrypto/util/pl/VC-32.pl @@ -1,56 +1,154 @@ #!/usr/local/bin/perl -# VCw32lib.pl - the file for Visual C++ 4.[01] for windows NT, static libraries +# VC-32.pl - unified script for Microsoft Visual C++, covering Win32, +# Win64 and WinCE [follow $FLAVOR variable to trace the differences]. # $ssl= "ssleay32"; - -if ($fips && !$shlib) - { - $crypto="libeayfips32"; - $crypto_compat = "libeaycompat32.lib"; - } -else - { - $crypto="libeay32"; - } +$crypto="libeay32"; $o='\\'; -$cp='copy nul+'; # Timestamps get stuffed otherwise +$cp='$(PERL) util/copy.pl'; +$mkdir='$(PERL) util/mkdir-p.pl'; $rm='del'; $zlib_lib="zlib1.lib"; # C compiler stuff $cc='cl'; -$cflags=' /MD /W3 /WX /Ox /O2 /Ob2 /Gs0 /GF /Gy /nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -DDSO_WIN32'; -$cflags.=' -D_CRT_SECURE_NO_DEPRECATE'; # shut up VC8 -$cflags.=' -D_CRT_NONSTDC_NO_DEPRECATE'; # shut up VC8 -$lflags="/nologo /subsystem:console /machine:I386 /opt:ref"; +if ($FLAVOR =~ /WIN64/) + { + # Note that we currently don't have /WX on Win64! There is a lot of + # warnings, but only of two types: + # + # C4344: conversion from '__int64' to 'int/long', possible loss of data + # C4267: conversion from 'size_t' to 'int/long', possible loss of data + # + # Amount of latter type is minimized by aliasing strlen to function of + # own desing and limiting its return value to 2GB-1 (see e_os.h). As + # per 0.9.8 release remaining warnings were explicitly examined and + # considered safe to ignore. + # + $base_cflags=' /W3 /Gs0 /GF /Gy /nologo -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -DDSO_WIN32 -DOPENSSL_SYSNAME_WIN32 -DOPENSSL_SYSNAME_WINNT -DUNICODE -D_UNICODE'; + $base_cflags.=' -D_CRT_SECURE_NO_DEPRECATE'; # shut up VC8 + $base_cflags.=' -D_CRT_NONSTDC_NO_DEPRECATE'; # shut up VC8 + my $f = $shlib?' /MD':' /MT'; + $lib_cflag='/Zl' if (!$shlib); # remove /DEFAULTLIBs from static lib + $opt_cflags=$f.' /Ox'; + $dbg_cflags=$f.'d /Od -DDEBUG -D_DEBUG'; + $lflags="/nologo /subsystem:console /opt:ref"; + } +elsif ($FLAVOR =~ /CE/) + { + # sanity check + die '%OSVERSION% is not defined' if (!defined($ENV{'OSVERSION'})); + die '%PLATFORM% is not defined' if (!defined($ENV{'PLATFORM'})); + die '%TARGETCPU% is not defined' if (!defined($ENV{'TARGETCPU'})); + + # + # Idea behind this is to mimic flags set by eVC++ IDE... + # + $wcevers = $ENV{'OSVERSION'}; # WCENNN + die '%OSVERSION% value is insane' if ($wcevers !~ /^WCE([1-9])([0-9]{2})$/); + $wcecdefs = "-D_WIN32_WCE=$1$2 -DUNDER_CE=$1$2"; # -D_WIN32_WCE=NNN + $wcelflag = "/subsystem:windowsce,$1.$2"; # ...,N.NN + + $wceplatf = $ENV{'PLATFORM'}; + $wceplatf =~ tr/a-z0-9 /A-Z0-9_/d; + $wcecdefs .= " -DWCE_PLATFORM_$wceplatf"; + + $wcetgt = $ENV{'TARGETCPU'}; # just shorter name... + SWITCH: for($wcetgt) { + /^X86/ && do { $wcecdefs.=" -Dx86 -D_X86_ -D_i386_ -Di_386_"; + $wcelflag.=" /machine:IX86"; last; }; + /^ARMV4[IT]/ && do { $wcecdefs.=" -DARM -D_ARM_ -D$wcetgt"; + $wcecdefs.=" -DTHUMB -D_THUMB_" if($wcetgt=~/T$/); + $wcecdefs.=" -QRarch4T -QRinterwork-return"; + $wcelflag.=" /machine:THUMB"; last; }; + /^ARM/ && do { $wcecdefs.=" -DARM -D_ARM_ -D$wcetgt"; + $wcelflag.=" /machine:ARM"; last; }; + /^MIPSIV/ && do { $wcecdefs.=" -DMIPS -D_MIPS_ -DR4000 -D$wcetgt"; + $wcecdefs.=" -D_MIPS64 -QMmips4 -QMn32"; + $wcelflag.=" /machine:MIPSFPU"; last; }; + /^MIPS16/ && do { $wcecdefs.=" -DMIPS -D_MIPS_ -DR4000 -D$wcetgt"; + $wcecdefs.=" -DMIPSII -QMmips16"; + $wcelflag.=" /machine:MIPS16"; last; }; + /^MIPSII/ && do { $wcecdefs.=" -DMIPS -D_MIPS_ -DR4000 -D$wcetgt"; + $wcecdefs.=" -QMmips2"; + $wcelflag.=" /machine:MIPS"; last; }; + /^R4[0-9]{3}/ && do { $wcecdefs.=" -DMIPS -D_MIPS_ -DR4000"; + $wcelflag.=" /machine:MIPS"; last; }; + /^SH[0-9]/ && do { $wcecdefs.=" -D$wcetgt -D_$wcetgt_ -DSHx"; + $wcecdefs.=" -Qsh4" if ($wcetgt =~ /^SH4/); + $wcelflag.=" /machine:$wcetgt"; last; }; + { $wcecdefs.=" -D$wcetgt -D_$wcetgt_"; + $wcelflag.=" /machine:$wcetgt"; last; }; + } + + $cc='$(CC)'; + $base_cflags=' /W3 /WX /GF /Gy /nologo -DUNICODE -D_UNICODE -DOPENSSL_SYSNAME_WINCE -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -DDSO_WIN32 -DNO_CHMOD -I$(WCECOMPAT)/include -DOPENSSL_SMALL_FOOTPRINT'; + $base_cflags.=" $wcecdefs"; + $opt_cflags=' /MC /O1i'; # optimize for space, but with intrinsics... + $dbg_clfags=' /MC /Od -DDEBUG -D_DEBUG'; + $lflags="/nologo /opt:ref $wcelflag"; + } +else # Win32 + { + $base_cflags=' /W3 /WX /Gs0 /GF /Gy /nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -DDSO_WIN32'; + $base_cflags.=' -D_CRT_SECURE_NO_DEPRECATE'; # shut up VC8 + $base_cflags.=' -D_CRT_NONSTDC_NO_DEPRECATE'; # shut up VC8 + my $f = $shlib?' /MD':' /MT'; + $lib_cflag='/Zl' if (!$shlib); # remove /DEFAULTLIBs from static lib + $opt_cflags=$f.' /Ox /O2 /Ob2'; + $dbg_cflags=$f.'d /Od -DDEBUG -D_DEBUG'; + $lflags="/nologo /subsystem:console /opt:ref"; + } $mlflags=''; -$out_def="out32"; -$tmp_def="tmp32"; +$out_def="out32"; $out_def.='_$(TARGETCPU)' if ($FLAVOR =~ /CE/); +$tmp_def="tmp32"; $tmp_def.='_$(TARGETCPU)' if ($FLAVOR =~ /CE/); $inc_def="inc32"; if ($debug) { - $cflags=" /MDd /W3 /WX /Zi /Yd /Od /nologo -DOPENSSL_SYSNAME_WIN32 -D_DEBUG -DL_ENDIAN -DWIN32_LEAN_AND_MEAN -DDEBUG -DDSO_WIN32"; + $cflags=$dbg_cflags.$base_cflags; $lflags.=" /debug"; $mlflags.=' /debug'; } -$cflags .= " -DOPENSSL_SYSNAME_WINNT" if $NT == 1; +else + { + $cflags=$opt_cflags.$base_cflags; + } $obj='.obj'; $ofile="/Fo"; # EXE linking stuff $link="link"; +$rsc="rc"; $efile="/out:"; $exep='.exe'; -if ($no_sock) - { $ex_libs=""; } -else { $ex_libs="wsock32.lib user32.lib gdi32.lib"; } +if ($no_sock) { $ex_libs=''; } +elsif ($FLAVOR =~ /CE/) { $ex_libs='winsock.lib'; } +else { $ex_libs='wsock32.lib'; } +if ($FLAVOR =~ /CE/) + { + $ex_libs.=' $(WCECOMPAT)/lib/wcecompatex.lib'; + $ex_libs.=' /nodefaultlib:oldnames.lib coredll.lib corelibc.lib' if ($ENV{'TARGETCPU'} eq "X86"); + } +else + { + $ex_libs.=' gdi32.lib advapi32.lib user32.lib'; + $ex_libs.=' bufferoverflowu.lib' if ($FLAVOR =~ /WIN64/); + } + +# As native NT API is pure UNICODE, our WIN-NT build defaults to UNICODE, +# but gets linked with unicows.lib to ensure backward compatibility. +if ($FLAVOR =~ /NT/) + { + $cflags.=" -DOPENSSL_SYSNAME_WINNT -DUNICODE -D_UNICODE"; + $ex_libs="unicows.lib $ex_libs"; + } # static library stuff $mklib='lib'; $ranlib=''; @@ -60,9 +158,12 @@ $shlibp=($shlib)?".dll":".lib"; $lfile='/out:'; $shlib_ex_obj=""; -$app_ex_obj="setargv.obj"; +$app_ex_obj="setargv.obj" if ($FLAVOR !~ /CE/); if ($nasm) { - $asm='nasmw -f win32'; + my $ver=`nasm -v 2>NUL`; + my $vew=`nasmw -v 2>NUL`; + # pick newest version + $asm=($ver gt $vew?"nasm":"nasmw")." -f win32"; $afile='-o '; } else { $asm='ml /Cp /coff /c /Cx'; @@ -77,10 +178,14 @@ $des_enc_src=''; $bf_enc_obj=''; $bf_enc_src=''; -if (!$no_asm && !$fips) +if (!$no_asm) { + $aes_asm_obj='crypto\aes\asm\a_win32.obj'; + $aes_asm_src='crypto\aes\asm\a_win32.asm'; $bn_asm_obj='crypto\bn\asm\bn_win32.obj'; $bn_asm_src='crypto\bn\asm\bn_win32.asm'; + $bnco_asm_obj='crypto\bn\asm\co_win32.obj'; + $bnco_asm_src='crypto\bn\asm\co_win32.asm'; $des_enc_obj='crypto\des\asm\d_win32.obj crypto\des\asm\y_win32.obj'; $des_enc_src='crypto\des\asm\d_win32.asm crypto\des\asm\y_win32.asm'; $bf_enc_obj='crypto\bf\asm\b_win32.obj'; @@ -93,128 +198,113 @@ if (!$no_asm && !$fips) $rc5_enc_src='crypto\rc5\asm\r5_win32.asm'; $md5_asm_obj='crypto\md5\asm\m5_win32.obj'; $md5_asm_src='crypto\md5\asm\m5_win32.asm'; - $sha1_asm_obj='crypto\sha\asm\s1_win32.obj'; - $sha1_asm_src='crypto\sha\asm\s1_win32.asm'; + $sha1_asm_obj='crypto\sha\asm\s1_win32.obj crypto\sha\asm\sha512-sse2.obj'; + $sha1_asm_src='crypto\sha\asm\s1_win32.asm crypto\sha\asm\sha512-sse2.asm'; $rmd160_asm_obj='crypto\ripemd\asm\rm_win32.obj'; $rmd160_asm_src='crypto\ripemd\asm\rm_win32.asm'; - $cflags.=" -DBN_ASM -DMD5_ASM -DSHA1_ASM -DRMD160_ASM"; + $cpuid_asm_obj='crypto\cpu_win32.obj'; + $cpuid_asm_src='crypto\cpu_win32.asm'; + $cflags.=" -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DAES_ASM -DBN_ASM -DOPENSSL_BN_ASM_PART_WORDS -DMD5_ASM -DSHA1_ASM -DRMD160_ASM"; } -if ($shlib) +if ($shlib && $FLAVOR !~ /CE/) { $mlflags.=" $lflags /dll"; -# $cflags =~ s| /MD| /MT|; $lib_cflag=" -D_WINDLL"; $out_def="out32dll"; $tmp_def="tmp32dll"; + # + # Engage Applink... + # + $app_ex_obj.=" \$(OBJ_D)\\applink.obj /implib:\$(TMP_D)\\junk.lib"; + $cflags.=" -DOPENSSL_USE_APPLINK -I."; + # I'm open for better suggestions than overriding $banner... + $banner=<<'___'; + @echo Building OpenSSL + +$(OBJ_D)\applink.obj: ms\applink.c + $(CC) /Fo$(OBJ_D)\applink.obj $(APP_CFLAGS) -c ms\applink.c +$(OBJ_D)\uplink.obj: ms\uplink.c ms\applink.c + $(CC) /Fo$(OBJ_D)\uplink.obj $(SHLIB_CFLAGS) -c ms\uplink.c +$(INCO_D)\applink.c: ms\applink.c + $(CP) ms\applink.c $(INCO_D)\applink.c + +EXHEADER= $(EXHEADER) $(INCO_D)\applink.c + +LIBS_DEP=$(LIBS_DEP) $(OBJ_D)\applink.obj +CRYPTOOBJ=$(OBJ_D)\uplink.obj $(CRYPTOOBJ) +___ + $banner.=<<'___' if ($FLAVOR =~ /WIN64/); +CRYPTOOBJ=ms\uptable.obj $(CRYPTOOBJ) +___ + } +elsif ($shlib && $FLAVOR =~ /CE/) + { + $mlflags.=" $lflags /dll"; + $lib_cflag=" -D_WINDLL -D_DLL"; + $out_def='out32dll_$(TARGETCPU)'; + $tmp_def='tmp32dll_$(TARGETCPU)'; } $cflags.=" /Fd$out_def"; sub do_lib_rule { - local($objs,$target,$name,$shlib,$ign,$base_addr) = @_; - local($ret,$Name); + local($objs,$target,$name,$shlib)=@_; + local($ret); $taget =~ s/\//$o/g if $o ne '/'; - ($Name=$name) =~ tr/a-z/A-Z/; - my $base_arg; - if ($base_addr ne "") - { - $base_arg= " /base:$base_addr"; - } - else + if ($name ne "") { - $base_arg = ""; + $name =~ tr/a-z/A-Z/; + $name = "/def:ms/${name}.def"; } - # $target="\$(LIB_D)$o$target"; + $ret.="$target: $objs\n"; if (!$shlib) { # $ret.="\t\$(RM) \$(O_$Name)\n"; - $ret.="$target: $objs\n"; - $ex =' advapi32.lib'; - $ex.=" \$(FIPSLIB_D)${o}_chkstk.o" if $fips && $target =~ /O_CRYPTO/; + $ex =' '; $ret.="\t\$(MKLIB) $lfile$target @<<\n $objs $ex\n<<\n"; } else { - local($ex)=($target =~ /O_SSL/)?' $(L_CRYPTO)':''; - $ex.=' wsock32.lib gdi32.lib advapi32.lib user32.lib'; - $ex.=" $zlib_lib" if $zlib_opt == 1 && $target =~ /O_CRYPTO/; - if ($fips && $target =~ /O_CRYPTO/) + local($ex)=($target =~ /O_CRYPTO/)?'':' $(L_CRYPTO)'; + if ($name eq "") + { + $ex.=' bufferoverflowu.lib' if ($FLAVOR =~ /WIN64/); + } + elsif ($FLAVOR =~ /CE/) { - $ex.=" \$(FIPSLIB_D)${o}_chkstk.o"; - $ret.="$target: $objs \$(PREMAIN_DSO_EXE)\n"; - $ret.="\tSET FIPS_LINK=\$(LINK)\n"; - $ret.="\tSET FIPS_CC=\$(CC)\n"; - $ret.="\tSET FIPS_CC_ARGS=/Fo\$(OBJ_D)${o}fips_premain.obj \$(SHLIB_CFLAGS) -c\n"; - $ret.="\tSET PREMAIN_DSO_EXE=\$(PREMAIN_DSO_EXE)\n"; - $ret.="\tSET FIPS_SHA1_EXE=\$(FIPS_SHA1_EXE)\n"; - $ret.="\tSET FIPS_TARGET=$target\n"; - $ret.="\tSET FIPSLIB_D=\$(FIPSLIB_D)\n"; - $ret.="\t\$(FIPSLINK) \$(MLFLAGS) $base_arg $efile$target "; - $ret.="/def:ms/${Name}.def @<<\n \$(SHLIB_EX_OBJ) $objs "; - $ret.="\$(OBJ_D)${o}fips_premain.obj $ex\n<<\n"; + $ex.=' winsock.lib $(WCECOMPAT)/lib/wcecompatex.lib'; } else { - $ret.="$target: $objs\n"; - $ret.="\t\$(LINK) \$(MLFLAGS) $base_arg $efile$target /def:ms/${Name}.def @<<\n \$(SHLIB_EX_OBJ) $objs $ex\n<<\n"; + $ex.=' unicows.lib' if ($FLAVOR =~ /NT/); + $ex.=' wsock32.lib gdi32.lib advapi32.lib user32.lib'; + $ex.=' bufferoverflowu.lib' if ($FLAVOR =~ /WIN64/); } + $ex.=" $zlib_lib" if $zlib_opt == 1 && $target =~ /O_CRYPTO/; + $ret.="\t\$(LINK) \$(MLFLAGS) $efile$target $name @<<\n \$(SHLIB_EX_OBJ) $objs $ex\n<<\n"; + $ret.="\tIF EXIST \$@.manifest mt -nologo -manifest \$@.manifest -outputresource:\$@;2\n\n"; } $ret.="\n"; return($ret); } sub do_link_rule - { - local($target,$files,$dep_libs,$libs,$standalone)=@_; - local($ret,$_); - $file =~ s/\//$o/g if $o ne '/'; - $n=&bname($targer); - $ret.="$target: $files $dep_libs\n"; - if ($standalone) - { - $ret.=" \$(LINK) \$(LFLAGS) $efile$target @<<\n\t"; - $ret.="\$(FIPSLIB_D)${o}_chkstk.o " if ($files =~ /O_FIPSCANISTER/); - $ret.="$files $libs\n<<\n"; - } - elsif ($fips && !$shlib) - { - $ret.="\tSET FIPS_LINK=\$(LINK)\n"; - $ret.="\tSET FIPS_CC=\$(CC)\n"; - $ret.="\tSET FIPS_CC_ARGS=/Fo\$(OBJ_D)${o}fips_premain.obj \$(SHLIB_CFLAGS) -c\n"; - $ret.="\tSET PREMAIN_DSO_EXE=\n"; - $ret.="\tSET FIPS_TARGET=$target\n"; - $ret.="\tSET FIPS_SHA1_EXE=\$(FIPS_SHA1_EXE)\n"; - $ret.="\tSET FIPSLIB_D=\$(FIPSLIB_D)\n"; - $ret.=" \$(FIPSLINK) \$(LFLAGS) $efile$target @<<\n"; - $ret.=" \$(APP_EX_OBJ) $files \$(OBJ_D)${o}fips_premain.obj $libs\n<<\n"; - } - else - { - $ret.=" \$(LINK) \$(LFLAGS) $efile$target @<<\n"; - $ret.=" \$(APP_EX_OBJ) $files $libs\n<<\n"; - } - $ret.="\n"; - return($ret); - } - -sub do_rlink_rule { local($target,$files,$dep_libs,$libs)=@_; local($ret,$_); - + $file =~ s/\//$o/g if $o ne '/'; $n=&bname($targer); $ret.="$target: $files $dep_libs\n"; - $ret.=" \$(MKCANISTER) $target <<\n"; - $ret.="INPUT($files)\n<<\n"; - $ret.="\n"; + $ret.="\t\$(LINK) \$(LFLAGS) $efile$target @<<\n"; + $ret.=" \$(APP_EX_OBJ) $files $libs\n<<\n"; + $ret.="\tIF EXIST \$@.manifest mt -nologo -manifest \$@.manifest -outputresource:\$@;1\n\n"; return($ret); } - 1; diff --git a/src/lib/libcrypto/util/pl/linux.pl b/src/lib/libcrypto/util/pl/linux.pl index df05c40526..d24f7b7291 100644 --- a/src/lib/libcrypto/util/pl/linux.pl +++ b/src/lib/libcrypto/util/pl/linux.pl @@ -39,7 +39,7 @@ if (!$no_asm) $rmd160_asm_src='crypto/ripemd/asm/rm86unix.cpp'; $sha1_asm_obj='$(OBJ_D)/sx86-elf.o'; $sha1_asm_src='crypto/sha/asm/sx86unix.cpp'; - $cflags.=" -DBN_ASM -DMD5_ASM -DSHA1_ASM"; + $cflags.=" -DBN_ASM -DMD5_ASM -DSHA1_ASM -DOPENSSL_BN_ASM_PART_WORDS"; } $cflags.=" -DTERMIO -DL_ENDIAN -m486 -Wall"; @@ -72,18 +72,13 @@ sub do_shlib_rule sub do_link_rule { - local($target,$files,$dep_libs,$libs,$sha1file,$openssl)=@_; + local($target,$files,$dep_libs,$libs)=@_; local($ret,$_); $file =~ s/\//$o/g if $o ne '/'; $n=&bname($target); $ret.="$target: $files $dep_libs\n"; - $ret.="\t\$(LINK) ${efile}$target \$(LFLAGS) $files $libs\n"; - if (defined $sha1file) - { - $ret.="\t$openssl sha1 -hmac etaonrishdlcupfm -binary $target > $sha1file"; - } - $ret.="\n"; + $ret.="\t\$(LINK) ${efile}$target \$(LFLAGS) $files $libs\n\n"; return($ret); } diff --git a/src/lib/libcrypto/util/pl/ultrix.pl b/src/lib/libcrypto/util/pl/ultrix.pl index 447b854708..ea370c71f9 100644 --- a/src/lib/libcrypto/util/pl/ultrix.pl +++ b/src/lib/libcrypto/util/pl/ultrix.pl @@ -17,7 +17,7 @@ else $cflags.=" -std1 -DL_ENDIAN"; -if (!$no_asm && !$fips) +if (!$no_asm) { $bn_asm_obj='$(OBJ_D)/mips1.o'; $bn_asm_src='crypto/bn/asm/mips1.s'; @@ -25,18 +25,13 @@ if (!$no_asm && !$fips) sub do_link_rule { - local($target,$files,$dep_libs,$libs,$sha1file,$openssl)=@_; + local($target,$files,$dep_libs,$libs)=@_; local($ret,$_); $file =~ s/\//$o/g if $o ne '/'; $n=&bname($target); $ret.="$target: $files $dep_libs\n"; - $ret.="\t\$(LINK) ${efile}$target \$(LFLAGS) $files $libs\n"; - if (defined $sha1file) - { - $ret.="\t$openssl sha1 -hmac etaonrishdlcupfm -binary $target > $sha1file"; - } - $ret.="\n"; + $ret.="\t\$(LINK) ${efile}$target \$(LFLAGS) $files $libs\n\n"; return($ret); } diff --git a/src/lib/libcrypto/util/pl/unix.pl b/src/lib/libcrypto/util/pl/unix.pl index bbd1798a2e..146611ad99 100644 --- a/src/lib/libcrypto/util/pl/unix.pl +++ b/src/lib/libcrypto/util/pl/unix.pl @@ -70,18 +70,13 @@ sub do_lib_rule sub do_link_rule { - local($target,$files,$dep_libs,$libs,$sha1file,$openssl)=@_; + local($target,$files,$dep_libs,$libs)=@_; local($ret,$_); $file =~ s/\//$o/g if $o ne '/'; $n=&bname($target); $ret.="$target: $files $dep_libs\n"; - $ret.="\t\$(LINK) ${efile}$target \$(LFLAGS) $files $libs\n"; - if (defined $sha1file) - { - $ret.="\t$openssl sha1 -hmac etaonrishdlcupfm -binary $target > $sha1file"; - } - $ret.="\n"; + $ret.="\t\$(LINK) ${efile}$target \$(LFLAGS) $files $libs\n\n"; return($ret); } diff --git a/src/lib/libcrypto/util/shlib_wrap.sh b/src/lib/libcrypto/util/shlib_wrap.sh index dc5f5b1ce4..a2f62d696f 100755 --- a/src/lib/libcrypto/util/shlib_wrap.sh +++ b/src/lib/libcrypto/util/shlib_wrap.sh @@ -22,19 +22,39 @@ SunOS|IRIX*) # variables depending on target ABI... rld_var=LD_LIBRARY_PATH case "`(/usr/bin/file "$LIBCRYPTOSO") 2>/dev/null`" in - *ELF\ 64*SPARC*) + *ELF\ 64*SPARC*|*ELF\ 64*AMD64*) [ -n "$LD_LIBRARY_PATH_64" ] && rld_var=LD_LIBRARY_PATH_64 + LD_PRELOAD_64="$LIBCRYPTOSO $LIBSSLSO"; export LD_PRELOAD_64 + preload_var=LD_PRELOAD_64 + ;; + # Why are newly built .so's preloaded anyway? Because run-time + # .so lookup path embedded into application takes precedence + # over LD_LIBRARY_PATH and as result application ends up linking + # to previously installed .so's. On IRIX instead of preloading + # newly built .so's we trick run-time linker to fail to find + # the installed .so by setting _RLD_ROOT variable. + *ELF\ 32*MIPS*) + #_RLD_LIST="$LIBCRYPTOSO:$LIBSSLSO:DEFAULT"; export _RLD_LIST + _RLD_ROOT=/no/such/dir; export _RLD_ROOT + eval $rld_var=\"/usr/lib'${'$rld_var':+:$'$rld_var'}'\" + preload_var=_RLD_LIST ;; *ELF\ N32*MIPS*) [ -n "$LD_LIBRARYN32_PATH" ] && rld_var=LD_LIBRARYN32_PATH - _RLDN32_LIST="$LIBCRYPTOSO:$LIBSSLSO:DEFAULT"; export _RLDN32_LIST + #_RLDN32_LIST="$LIBCRYPTOSO:$LIBSSLSO:DEFAULT"; export _RLDN32_LIST + _RLDN32_ROOT=/no/such/dir; export _RLDN32_ROOT + eval $rld_var=\"/usr/lib32'${'$rld_var':+:$'$rld_var'}'\" + preload_var=_RLDN32_LIST ;; *ELF\ 64*MIPS*) [ -n "$LD_LIBRARY64_PATH" ] && rld_var=LD_LIBRARY64_PATH - _RLD64_LIST="$LIBCRYPTOSO:$LIBSSLSO:DEFAULT"; export _RLD64_LIST + #_RLD64_LIST="$LIBCRYPTOSO:$LIBSSLSO:DEFAULT"; export _RLD64_LIST + _RLD64_ROOT=/no/such/dir; export _RLD64_ROOT + eval $rld_var=\"/usr/lib64'${'$rld_var':+:$'$rld_var'}'\" + preload_var=_RLD64_LIST ;; esac - eval $rld_var=\"${THERE}:'$'$rld_var\"; export $rld_var + eval $rld_var=\"${THERE}'${'$rld_var':+:$'$rld_var'}'\"; export $rld_var unset rld_var ;; *) LD_LIBRARY_PATH="${THERE}:$LD_LIBRARY_PATH" # Linux, ELF HP-UX @@ -52,7 +72,7 @@ SunOS|IRIX*) ;; esac -if [ -f "$LIBCRYPTOSO" ]; then +if [ -f "$LIBCRYPTOSO" -a -z "$preload_var" ]; then # Following three lines are major excuse for isolating them into # this wrapper script. Original reason for setting LD_PRELOAD # was to make it possible to pass 'make test' when user linked @@ -64,7 +84,8 @@ if [ -f "$LIBCRYPTOSO" ]; then *) LD_PRELOAD="$LIBCRYPTOSO $LIBSSLSO" ;; # SunOS, Linux, ELF HP-UX esac _RLD_LIST="$LIBCRYPTOSO:$LIBSSLSO:DEFAULT" # Tru64, o32 IRIX - export LD_PRELOAD _RLD_LIST + DYLD_INSERT_LIBRARIES="$LIBCRYPTOSO:$LIBSSLSO" # MacOS X + export LD_PRELOAD _RLD_LIST DYLD_INSERT_LIBRARIES fi exec "$@" diff --git a/src/lib/libcrypto/util/ssleay.num b/src/lib/libcrypto/util/ssleay.num index 46e38a131f..b3ac136a56 100644 --- a/src/lib/libcrypto/util/ssleay.num +++ b/src/lib/libcrypto/util/ssleay.num @@ -170,7 +170,7 @@ SSL_add_file_cert_subjs_to_stk 185 EXIST:VMS:FUNCTION:STDIO SSL_set_tmp_rsa_callback 186 EXIST::FUNCTION:RSA SSL_set_tmp_dh_callback 187 EXIST::FUNCTION:DH SSL_add_dir_cert_subjects_to_stack 188 EXIST:!VMS:FUNCTION:STDIO -SSL_add_dir_cert_subjs_to_stk 188 NOEXIST::FUNCTION: +SSL_add_dir_cert_subjs_to_stk 188 EXIST:VMS:FUNCTION:STDIO SSL_set_session_id_context 189 EXIST::FUNCTION: SSL_CTX_use_certificate_chain_file 222 EXIST:!VMS:FUNCTION:STDIO SSL_CTX_use_cert_chain_file 222 EXIST:VMS:FUNCTION:STDIO @@ -215,3 +215,29 @@ SSL_CTX_set_generate_session_id 264 EXIST::FUNCTION: SSL_renegotiate_pending 265 EXIST::FUNCTION: SSL_CTX_set_msg_callback 266 EXIST::FUNCTION: SSL_set_msg_callback 267 EXIST::FUNCTION: +DTLSv1_client_method 268 EXIST::FUNCTION: +SSL_CTX_set_tmp_ecdh_callback 269 EXIST::FUNCTION:ECDH +SSL_set_tmp_ecdh_callback 270 EXIST::FUNCTION:ECDH +SSL_COMP_get_name 271 EXIST::FUNCTION:COMP +SSL_get_current_compression 272 EXIST::FUNCTION:COMP +DTLSv1_method 273 EXIST::FUNCTION: +SSL_get_current_expansion 274 EXIST::FUNCTION:COMP +DTLSv1_server_method 275 EXIST::FUNCTION: +SSL_COMP_get_compression_methods 276 EXIST:!VMS:FUNCTION:COMP +SSL_COMP_get_compress_methods 276 EXIST:VMS:FUNCTION:COMP +SSL_SESSION_get_id 277 EXIST::FUNCTION: +SSL_CTX_sess_set_new_cb 278 EXIST::FUNCTION: +SSL_CTX_sess_get_get_cb 279 EXIST::FUNCTION: +SSL_CTX_sess_set_get_cb 280 EXIST::FUNCTION: +SSL_CTX_set_cookie_verify_cb 281 EXIST::FUNCTION: +SSL_CTX_get_info_callback 282 EXIST::FUNCTION: +SSL_CTX_set_cookie_generate_cb 283 EXIST::FUNCTION: +SSL_CTX_set_client_cert_cb 284 EXIST::FUNCTION: +SSL_CTX_sess_set_remove_cb 285 EXIST::FUNCTION: +SSL_CTX_set_info_callback 286 EXIST::FUNCTION: +SSL_CTX_sess_get_new_cb 287 EXIST::FUNCTION: +SSL_CTX_get_client_cert_cb 288 EXIST::FUNCTION: +SSL_CTX_sess_get_remove_cb 289 EXIST::FUNCTION: +SSL_set_SSL_CTX 290 EXIST::FUNCTION: +SSL_get_servername 291 EXIST::FUNCTION:TLSEXT +SSL_get_servername_type 292 EXIST::FUNCTION:TLSEXT diff --git a/src/lib/libcrypto/x509/Makefile b/src/lib/libcrypto/x509/Makefile index ee3f8a4a23..ddcc3124a7 100644 --- a/src/lib/libcrypto/x509/Makefile +++ b/src/lib/libcrypto/x509/Makefile @@ -7,11 +7,6 @@ TOP= ../.. CC= cc INCLUDES= -I.. -I$(TOP) -I../../include CFLAG=-g -INSTALL_PREFIX= -OPENSSLDIR= /usr/local/ssl -INSTALLTOP=/usr/local/ssl -MAKEDEPPROG= makedepend -MAKEDEPEND= $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG) MAKEFILE= Makefile AR= ar r @@ -27,13 +22,13 @@ LIBSRC= x509_def.c x509_d2.c x509_r2x.c x509_cmp.c \ x509_set.c x509cset.c x509rset.c x509_err.c \ x509name.c x509_v3.c x509_ext.c x509_att.c \ x509type.c x509_lu.c x_all.c x509_txt.c \ - x509_trs.c by_file.c by_dir.c + x509_trs.c by_file.c by_dir.c x509_vpm.c LIBOBJ= x509_def.o x509_d2.o x509_r2x.o x509_cmp.o \ x509_obj.o x509_req.o x509spki.o x509_vfy.o \ x509_set.o x509cset.o x509rset.o x509_err.o \ x509name.o x509_v3.o x509_ext.o x509_att.o \ x509type.o x509_lu.o x_all.o x509_txt.o \ - x509_trs.o by_file.o by_dir.o + x509_trs.o by_file.o by_dir.o x509_vpm.o SRC= $(LIBSRC) @@ -53,7 +48,7 @@ lib: $(LIBOBJ) @touch lib files: - $(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO + $(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO links: @$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER) @@ -61,6 +56,7 @@ links: @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS) install: + @[ -n "$(INSTALLTOP)" ] # should be set by top Makefile... @headerlist="$(EXHEADER)"; for i in $$headerlist ; \ do \ (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \ @@ -76,6 +72,7 @@ lint: lint -DLINT $(INCLUDES) $(SRC)>fluff depend: + @[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile... $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC) dclean: @@ -87,506 +84,323 @@ clean: # DO NOT DELETE THIS LINE -- make depend depends on it. -by_dir.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h -by_dir.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -by_dir.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -by_dir.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h -by_dir.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -by_dir.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -by_dir.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -by_dir.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -by_dir.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -by_dir.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -by_dir.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h +by_dir.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h +by_dir.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h +by_dir.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h +by_dir.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h +by_dir.o: ../../include/openssl/err.h ../../include/openssl/evp.h +by_dir.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h by_dir.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h by_dir.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -by_dir.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -by_dir.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -by_dir.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -by_dir.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -by_dir.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -by_dir.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -by_dir.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -by_dir.o: ../cryptlib.h by_dir.c -by_file.o: ../../e_os.h ../../include/openssl/aes.h -by_file.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -by_file.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -by_file.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -by_file.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -by_file.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -by_file.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -by_file.o: ../../include/openssl/err.h ../../include/openssl/evp.h -by_file.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -by_file.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -by_file.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h +by_dir.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h +by_dir.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +by_dir.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h +by_dir.o: ../../include/openssl/x509_vfy.h ../cryptlib.h by_dir.c +by_file.o: ../../e_os.h ../../include/openssl/asn1.h +by_file.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h +by_file.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h +by_file.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h +by_file.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h +by_file.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h by_file.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h by_file.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h by_file.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pem.h by_file.o: ../../include/openssl/pem2.h ../../include/openssl/pkcs7.h -by_file.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -by_file.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h -by_file.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -by_file.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -by_file.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -by_file.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h -by_file.o: ../../include/openssl/x509_vfy.h ../cryptlib.h by_file.c -x509_att.o: ../../e_os.h ../../include/openssl/aes.h -x509_att.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -x509_att.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -x509_att.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h +by_file.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +by_file.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +by_file.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +by_file.o: ../cryptlib.h by_file.c +x509_att.o: ../../e_os.h ../../include/openssl/asn1.h +x509_att.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h x509_att.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h -x509_att.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -x509_att.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -x509_att.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -x509_att.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -x509_att.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -x509_att.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -x509_att.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h +x509_att.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h +x509_att.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h +x509_att.o: ../../include/openssl/err.h ../../include/openssl/evp.h +x509_att.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h x509_att.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h x509_att.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -x509_att.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -x509_att.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -x509_att.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -x509_att.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -x509_att.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -x509_att.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -x509_att.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -x509_att.o: ../../include/openssl/x509v3.h ../cryptlib.h x509_att.c -x509_cmp.o: ../../e_os.h ../../include/openssl/aes.h -x509_cmp.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -x509_cmp.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -x509_cmp.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h +x509_att.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h +x509_att.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +x509_att.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h +x509_att.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h +x509_att.o: ../cryptlib.h x509_att.c +x509_cmp.o: ../../e_os.h ../../include/openssl/asn1.h +x509_cmp.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h x509_cmp.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h -x509_cmp.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -x509_cmp.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -x509_cmp.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -x509_cmp.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -x509_cmp.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -x509_cmp.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -x509_cmp.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h +x509_cmp.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h +x509_cmp.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h +x509_cmp.o: ../../include/openssl/err.h ../../include/openssl/evp.h +x509_cmp.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h x509_cmp.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h x509_cmp.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -x509_cmp.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -x509_cmp.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -x509_cmp.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -x509_cmp.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -x509_cmp.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -x509_cmp.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -x509_cmp.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -x509_cmp.o: ../../include/openssl/x509v3.h ../cryptlib.h x509_cmp.c -x509_d2.o: ../../e_os.h ../../include/openssl/aes.h -x509_d2.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -x509_d2.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -x509_d2.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -x509_d2.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -x509_d2.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -x509_d2.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -x509_d2.o: ../../include/openssl/err.h ../../include/openssl/evp.h -x509_d2.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -x509_d2.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -x509_d2.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h +x509_cmp.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h +x509_cmp.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +x509_cmp.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h +x509_cmp.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h +x509_cmp.o: ../cryptlib.h x509_cmp.c +x509_d2.o: ../../e_os.h ../../include/openssl/asn1.h +x509_d2.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h +x509_d2.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h +x509_d2.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h +x509_d2.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h +x509_d2.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h x509_d2.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h x509_d2.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h x509_d2.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h -x509_d2.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -x509_d2.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h -x509_d2.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -x509_d2.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -x509_d2.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -x509_d2.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h -x509_d2.o: ../../include/openssl/x509_vfy.h ../cryptlib.h x509_d2.c -x509_def.o: ../../e_os.h ../../include/openssl/aes.h -x509_def.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -x509_def.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -x509_def.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -x509_def.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -x509_def.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -x509_def.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -x509_def.o: ../../include/openssl/err.h ../../include/openssl/evp.h -x509_def.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -x509_def.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -x509_def.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h +x509_d2.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +x509_d2.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +x509_d2.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +x509_d2.o: ../cryptlib.h x509_d2.c +x509_def.o: ../../e_os.h ../../include/openssl/asn1.h +x509_def.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h +x509_def.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h +x509_def.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h +x509_def.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h +x509_def.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h x509_def.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h x509_def.o: ../../include/openssl/opensslconf.h x509_def.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -x509_def.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -x509_def.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -x509_def.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -x509_def.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -x509_def.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -x509_def.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -x509_def.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -x509_def.o: ../cryptlib.h x509_def.c -x509_err.o: ../../include/openssl/aes.h ../../include/openssl/asn1.h -x509_err.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -x509_err.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -x509_err.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h -x509_err.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -x509_err.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -x509_err.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -x509_err.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -x509_err.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -x509_err.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -x509_err.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h +x509_def.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h +x509_def.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +x509_def.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h +x509_def.o: ../../include/openssl/x509_vfy.h ../cryptlib.h x509_def.c +x509_err.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h +x509_err.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h +x509_err.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h +x509_err.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h +x509_err.o: ../../include/openssl/err.h ../../include/openssl/evp.h +x509_err.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h x509_err.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h x509_err.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -x509_err.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -x509_err.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -x509_err.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -x509_err.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -x509_err.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -x509_err.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -x509_err.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -x509_err.o: x509_err.c -x509_ext.o: ../../e_os.h ../../include/openssl/aes.h -x509_ext.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -x509_ext.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -x509_ext.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h +x509_err.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h +x509_err.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +x509_err.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h +x509_err.o: ../../include/openssl/x509_vfy.h x509_err.c +x509_ext.o: ../../e_os.h ../../include/openssl/asn1.h +x509_ext.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h x509_ext.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h -x509_ext.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -x509_ext.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -x509_ext.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -x509_ext.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -x509_ext.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -x509_ext.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -x509_ext.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h +x509_ext.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h +x509_ext.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h +x509_ext.o: ../../include/openssl/err.h ../../include/openssl/evp.h +x509_ext.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h x509_ext.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h x509_ext.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -x509_ext.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -x509_ext.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -x509_ext.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -x509_ext.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -x509_ext.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -x509_ext.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -x509_ext.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -x509_ext.o: ../../include/openssl/x509v3.h ../cryptlib.h x509_ext.c -x509_lu.o: ../../e_os.h ../../include/openssl/aes.h -x509_lu.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -x509_lu.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -x509_lu.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h +x509_ext.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h +x509_ext.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +x509_ext.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h +x509_ext.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h +x509_ext.o: ../cryptlib.h x509_ext.c +x509_lu.o: ../../e_os.h ../../include/openssl/asn1.h +x509_lu.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h x509_lu.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h -x509_lu.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -x509_lu.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -x509_lu.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -x509_lu.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -x509_lu.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -x509_lu.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -x509_lu.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h +x509_lu.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h +x509_lu.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h +x509_lu.o: ../../include/openssl/err.h ../../include/openssl/evp.h +x509_lu.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h x509_lu.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h x509_lu.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -x509_lu.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -x509_lu.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -x509_lu.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -x509_lu.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -x509_lu.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -x509_lu.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -x509_lu.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -x509_lu.o: ../../include/openssl/x509v3.h ../cryptlib.h x509_lu.c -x509_obj.o: ../../e_os.h ../../include/openssl/aes.h -x509_obj.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -x509_obj.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -x509_obj.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -x509_obj.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -x509_obj.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -x509_obj.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -x509_obj.o: ../../include/openssl/err.h ../../include/openssl/evp.h -x509_obj.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -x509_obj.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -x509_obj.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h +x509_lu.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h +x509_lu.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +x509_lu.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h +x509_lu.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h +x509_lu.o: ../cryptlib.h x509_lu.c +x509_obj.o: ../../e_os.h ../../include/openssl/asn1.h +x509_obj.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h +x509_obj.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h +x509_obj.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h +x509_obj.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h +x509_obj.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h x509_obj.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h x509_obj.o: ../../include/openssl/opensslconf.h x509_obj.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -x509_obj.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -x509_obj.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -x509_obj.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -x509_obj.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -x509_obj.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -x509_obj.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -x509_obj.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -x509_obj.o: ../cryptlib.h x509_obj.c -x509_r2x.o: ../../e_os.h ../../include/openssl/aes.h -x509_r2x.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -x509_r2x.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -x509_r2x.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -x509_r2x.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -x509_r2x.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -x509_r2x.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h +x509_obj.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h +x509_obj.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +x509_obj.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h +x509_obj.o: ../../include/openssl/x509_vfy.h ../cryptlib.h x509_obj.c +x509_r2x.o: ../../e_os.h ../../include/openssl/asn1.h +x509_r2x.o: ../../include/openssl/bio.h ../../include/openssl/bn.h +x509_r2x.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h +x509_r2x.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h +x509_r2x.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h x509_r2x.o: ../../include/openssl/err.h ../../include/openssl/evp.h -x509_r2x.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -x509_r2x.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -x509_r2x.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h -x509_r2x.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -x509_r2x.o: ../../include/openssl/opensslconf.h +x509_r2x.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h +x509_r2x.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h x509_r2x.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -x509_r2x.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -x509_r2x.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -x509_r2x.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -x509_r2x.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -x509_r2x.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -x509_r2x.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -x509_r2x.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -x509_r2x.o: ../cryptlib.h x509_r2x.c -x509_req.o: ../../e_os.h ../../include/openssl/aes.h -x509_req.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -x509_req.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -x509_req.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -x509_req.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -x509_req.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -x509_req.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h +x509_r2x.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h +x509_r2x.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +x509_r2x.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h +x509_r2x.o: ../../include/openssl/x509_vfy.h ../cryptlib.h x509_r2x.c +x509_req.o: ../../e_os.h ../../include/openssl/asn1.h +x509_req.o: ../../include/openssl/bio.h ../../include/openssl/bn.h +x509_req.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h +x509_req.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h +x509_req.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h x509_req.o: ../../include/openssl/err.h ../../include/openssl/evp.h -x509_req.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -x509_req.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -x509_req.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h -x509_req.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -x509_req.o: ../../include/openssl/opensslconf.h +x509_req.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h +x509_req.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h x509_req.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h x509_req.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h -x509_req.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -x509_req.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -x509_req.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -x509_req.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -x509_req.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -x509_req.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -x509_req.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -x509_req.o: ../cryptlib.h x509_req.c -x509_set.o: ../../e_os.h ../../include/openssl/aes.h -x509_set.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -x509_set.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -x509_set.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -x509_set.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -x509_set.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -x509_set.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -x509_set.o: ../../include/openssl/err.h ../../include/openssl/evp.h -x509_set.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -x509_set.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -x509_set.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h +x509_req.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h +x509_req.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +x509_req.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h +x509_req.o: ../../include/openssl/x509_vfy.h ../cryptlib.h x509_req.c +x509_set.o: ../../e_os.h ../../include/openssl/asn1.h +x509_set.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h +x509_set.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h +x509_set.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h +x509_set.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h +x509_set.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h x509_set.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h x509_set.o: ../../include/openssl/opensslconf.h x509_set.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -x509_set.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -x509_set.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -x509_set.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -x509_set.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -x509_set.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -x509_set.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -x509_set.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -x509_set.o: ../cryptlib.h x509_set.c -x509_trs.o: ../../e_os.h ../../include/openssl/aes.h -x509_trs.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -x509_trs.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -x509_trs.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h +x509_set.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h +x509_set.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +x509_set.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h +x509_set.o: ../../include/openssl/x509_vfy.h ../cryptlib.h x509_set.c +x509_trs.o: ../../e_os.h ../../include/openssl/asn1.h +x509_trs.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h x509_trs.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h -x509_trs.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -x509_trs.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -x509_trs.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -x509_trs.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -x509_trs.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -x509_trs.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -x509_trs.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h +x509_trs.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h +x509_trs.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h +x509_trs.o: ../../include/openssl/err.h ../../include/openssl/evp.h +x509_trs.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h x509_trs.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h x509_trs.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -x509_trs.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -x509_trs.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -x509_trs.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -x509_trs.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -x509_trs.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -x509_trs.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -x509_trs.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -x509_trs.o: ../../include/openssl/x509v3.h ../cryptlib.h x509_trs.c -x509_txt.o: ../../e_os.h ../../include/openssl/aes.h -x509_txt.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -x509_txt.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -x509_txt.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -x509_txt.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -x509_txt.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -x509_txt.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -x509_txt.o: ../../include/openssl/err.h ../../include/openssl/evp.h -x509_txt.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -x509_txt.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -x509_txt.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h +x509_trs.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h +x509_trs.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +x509_trs.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h +x509_trs.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h +x509_trs.o: ../cryptlib.h x509_trs.c +x509_txt.o: ../../e_os.h ../../include/openssl/asn1.h +x509_txt.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h +x509_txt.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h +x509_txt.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h +x509_txt.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h +x509_txt.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h x509_txt.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h x509_txt.o: ../../include/openssl/opensslconf.h x509_txt.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -x509_txt.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -x509_txt.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -x509_txt.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -x509_txt.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -x509_txt.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -x509_txt.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -x509_txt.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -x509_txt.o: ../cryptlib.h x509_txt.c -x509_v3.o: ../../e_os.h ../../include/openssl/aes.h -x509_v3.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -x509_v3.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -x509_v3.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h +x509_txt.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h +x509_txt.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +x509_txt.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h +x509_txt.o: ../../include/openssl/x509_vfy.h ../cryptlib.h x509_txt.c +x509_v3.o: ../../e_os.h ../../include/openssl/asn1.h +x509_v3.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h x509_v3.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h -x509_v3.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -x509_v3.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -x509_v3.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -x509_v3.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -x509_v3.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -x509_v3.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -x509_v3.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h +x509_v3.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h +x509_v3.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h +x509_v3.o: ../../include/openssl/err.h ../../include/openssl/evp.h +x509_v3.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h x509_v3.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h x509_v3.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -x509_v3.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -x509_v3.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -x509_v3.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -x509_v3.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -x509_v3.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -x509_v3.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -x509_v3.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -x509_v3.o: ../../include/openssl/x509v3.h ../cryptlib.h x509_v3.c -x509_vfy.o: ../../e_os.h ../../include/openssl/aes.h -x509_vfy.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -x509_vfy.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -x509_vfy.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h +x509_v3.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h +x509_v3.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +x509_v3.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h +x509_v3.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h +x509_v3.o: ../cryptlib.h x509_v3.c +x509_vfy.o: ../../e_os.h ../../include/openssl/asn1.h +x509_vfy.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h x509_vfy.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h -x509_vfy.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -x509_vfy.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -x509_vfy.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -x509_vfy.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -x509_vfy.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -x509_vfy.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -x509_vfy.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h +x509_vfy.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h +x509_vfy.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h +x509_vfy.o: ../../include/openssl/err.h ../../include/openssl/evp.h +x509_vfy.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h x509_vfy.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h x509_vfy.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -x509_vfy.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -x509_vfy.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -x509_vfy.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -x509_vfy.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -x509_vfy.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -x509_vfy.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -x509_vfy.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -x509_vfy.o: ../../include/openssl/x509v3.h ../cryptlib.h x509_vfy.c -x509cset.o: ../../e_os.h ../../include/openssl/aes.h -x509cset.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -x509cset.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -x509cset.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -x509cset.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -x509cset.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -x509cset.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -x509cset.o: ../../include/openssl/err.h ../../include/openssl/evp.h -x509cset.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -x509cset.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -x509cset.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h +x509_vfy.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h +x509_vfy.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +x509_vfy.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h +x509_vfy.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h +x509_vfy.o: ../cryptlib.h x509_vfy.c +x509_vpm.o: ../../e_os.h ../../include/openssl/asn1.h +x509_vpm.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h +x509_vpm.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h +x509_vpm.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h +x509_vpm.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h +x509_vpm.o: ../../include/openssl/err.h ../../include/openssl/evp.h +x509_vpm.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h +x509_vpm.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h +x509_vpm.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +x509_vpm.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h +x509_vpm.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +x509_vpm.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h +x509_vpm.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h +x509_vpm.o: ../cryptlib.h x509_vpm.c +x509cset.o: ../../e_os.h ../../include/openssl/asn1.h +x509cset.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h +x509cset.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h +x509cset.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h +x509cset.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h +x509cset.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h x509cset.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h x509cset.o: ../../include/openssl/opensslconf.h x509cset.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -x509cset.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -x509cset.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -x509cset.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -x509cset.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -x509cset.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -x509cset.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -x509cset.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -x509cset.o: ../cryptlib.h x509cset.c -x509name.o: ../../e_os.h ../../include/openssl/aes.h -x509name.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -x509name.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -x509name.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -x509name.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -x509name.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -x509name.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -x509name.o: ../../include/openssl/err.h ../../include/openssl/evp.h -x509name.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -x509name.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -x509name.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h +x509cset.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h +x509cset.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +x509cset.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h +x509cset.o: ../../include/openssl/x509_vfy.h ../cryptlib.h x509cset.c +x509name.o: ../../e_os.h ../../include/openssl/asn1.h +x509name.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h +x509name.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h +x509name.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h +x509name.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h +x509name.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h x509name.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h x509name.o: ../../include/openssl/opensslconf.h x509name.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -x509name.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -x509name.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -x509name.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -x509name.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -x509name.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -x509name.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -x509name.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -x509name.o: ../cryptlib.h x509name.c -x509rset.o: ../../e_os.h ../../include/openssl/aes.h -x509rset.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -x509rset.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -x509rset.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -x509rset.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -x509rset.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -x509rset.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -x509rset.o: ../../include/openssl/err.h ../../include/openssl/evp.h -x509rset.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -x509rset.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -x509rset.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h +x509name.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h +x509name.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +x509name.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h +x509name.o: ../../include/openssl/x509_vfy.h ../cryptlib.h x509name.c +x509rset.o: ../../e_os.h ../../include/openssl/asn1.h +x509rset.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h +x509rset.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h +x509rset.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h +x509rset.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h +x509rset.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h x509rset.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h x509rset.o: ../../include/openssl/opensslconf.h x509rset.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -x509rset.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -x509rset.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -x509rset.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -x509rset.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -x509rset.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -x509rset.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -x509rset.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -x509rset.o: ../cryptlib.h x509rset.c -x509spki.o: ../../e_os.h ../../include/openssl/aes.h -x509spki.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -x509spki.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -x509spki.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -x509spki.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -x509spki.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -x509spki.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -x509spki.o: ../../include/openssl/err.h ../../include/openssl/evp.h -x509spki.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -x509spki.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -x509spki.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h +x509rset.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h +x509rset.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +x509rset.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h +x509rset.o: ../../include/openssl/x509_vfy.h ../cryptlib.h x509rset.c +x509spki.o: ../../e_os.h ../../include/openssl/asn1.h +x509spki.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h +x509spki.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h +x509spki.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h +x509spki.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h +x509spki.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h x509spki.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h x509spki.o: ../../include/openssl/opensslconf.h x509spki.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -x509spki.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -x509spki.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -x509spki.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -x509spki.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -x509spki.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -x509spki.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -x509spki.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -x509spki.o: ../cryptlib.h x509spki.c -x509type.o: ../../e_os.h ../../include/openssl/aes.h -x509type.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -x509type.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -x509type.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -x509type.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -x509type.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -x509type.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -x509type.o: ../../include/openssl/err.h ../../include/openssl/evp.h -x509type.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -x509type.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -x509type.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h +x509spki.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h +x509spki.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +x509spki.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h +x509spki.o: ../../include/openssl/x509_vfy.h ../cryptlib.h x509spki.c +x509type.o: ../../e_os.h ../../include/openssl/asn1.h +x509type.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h +x509type.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h +x509type.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h +x509type.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h +x509type.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h x509type.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h x509type.o: ../../include/openssl/opensslconf.h x509type.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -x509type.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -x509type.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -x509type.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -x509type.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -x509type.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -x509type.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -x509type.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -x509type.o: ../cryptlib.h x509type.c -x_all.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h -x_all.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -x_all.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -x_all.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h -x_all.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -x_all.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -x_all.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -x_all.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -x_all.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -x_all.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -x_all.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h -x_all.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -x_all.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -x_all.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -x_all.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -x_all.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -x_all.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -x_all.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -x_all.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -x_all.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -x_all.o: ../cryptlib.h x_all.c +x509type.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h +x509type.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +x509type.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h +x509type.o: ../../include/openssl/x509_vfy.h ../cryptlib.h x509type.c +x_all.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h +x_all.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h +x_all.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h +x_all.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h +x_all.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h +x_all.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h +x_all.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h +x_all.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h +x_all.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h +x_all.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h +x_all.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +x_all.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h +x_all.o: ../../include/openssl/x509_vfy.h ../cryptlib.h x_all.c diff --git a/src/lib/libcrypto/x509v3/Makefile b/src/lib/libcrypto/x509v3/Makefile index 49423f39f7..556ef351bf 100644 --- a/src/lib/libcrypto/x509v3/Makefile +++ b/src/lib/libcrypto/x509v3/Makefile @@ -7,11 +7,6 @@ TOP= ../.. CC= cc INCLUDES= -I.. -I$(TOP) -I../../include CFLAG=-g -INSTALL_PREFIX= -OPENSSLDIR= /usr/local/ssl -INSTALLTOP=/usr/local/ssl -MAKEDEPPROG= makedepend -MAKEDEPEND= $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG) MAKEFILE= Makefile AR= ar r @@ -25,16 +20,20 @@ LIB=$(TOP)/libcrypto.a LIBSRC= v3_bcons.c v3_bitst.c v3_conf.c v3_extku.c v3_ia5.c v3_lib.c \ v3_prn.c v3_utl.c v3err.c v3_genn.c v3_alt.c v3_skey.c v3_akey.c v3_pku.c \ v3_int.c v3_enum.c v3_sxnet.c v3_cpols.c v3_crld.c v3_purp.c v3_info.c \ -v3_ocsp.c v3_akeya.c v3_pcia.c v3_pci.c +v3_ocsp.c v3_akeya.c v3_pmaps.c v3_pcons.c v3_ncons.c v3_pcia.c v3_pci.c \ +pcy_cache.c pcy_node.c pcy_data.c pcy_map.c pcy_tree.c pcy_lib.c \ +v3_asid.c v3_addr.c LIBOBJ= v3_bcons.o v3_bitst.o v3_conf.o v3_extku.o v3_ia5.o v3_lib.o \ v3_prn.o v3_utl.o v3err.o v3_genn.o v3_alt.o v3_skey.o v3_akey.o v3_pku.o \ v3_int.o v3_enum.o v3_sxnet.o v3_cpols.o v3_crld.o v3_purp.o v3_info.o \ -v3_ocsp.o v3_akeya.o v3_pcia.o v3_pci.o +v3_ocsp.o v3_akeya.o v3_pmaps.o v3_pcons.o v3_ncons.o v3_pcia.o v3_pci.o \ +pcy_cache.o pcy_node.o pcy_data.o pcy_map.o pcy_tree.o pcy_lib.o \ +v3_asid.o v3_addr.o SRC= $(LIBSRC) EXHEADER= x509v3.h -HEADER= $(EXHEADER) +HEADER= $(EXHEADER) pcy_int.h ALL= $(GENERAL) $(SRC) $(HEADER) @@ -57,6 +56,7 @@ links: @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS) install: + @[ -n "$(INSTALLTOP)" ] # should be set by top Makefile... @headerlist="$(EXHEADER)"; for i in $$headerlist ; \ do \ (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \ @@ -72,6 +72,7 @@ lint: lint -DLINT $(INCLUDES) $(SRC)>fluff depend: + @[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile... $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC) dclean: @@ -83,563 +84,508 @@ clean: # DO NOT DELETE THIS LINE -- make depend depends on it. -v3_akey.o: ../../e_os.h ../../include/openssl/aes.h -v3_akey.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h -v3_akey.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -v3_akey.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -v3_akey.o: ../../include/openssl/cast.h ../../include/openssl/conf.h -v3_akey.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -v3_akey.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -v3_akey.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -v3_akey.o: ../../include/openssl/err.h ../../include/openssl/evp.h -v3_akey.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -v3_akey.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -v3_akey.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h +pcy_cache.o: ../../e_os.h ../../include/openssl/asn1.h +pcy_cache.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h +pcy_cache.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h +pcy_cache.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h +pcy_cache.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h +pcy_cache.o: ../../include/openssl/err.h ../../include/openssl/evp.h +pcy_cache.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h +pcy_cache.o: ../../include/openssl/objects.h +pcy_cache.o: ../../include/openssl/opensslconf.h +pcy_cache.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +pcy_cache.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h +pcy_cache.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +pcy_cache.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h +pcy_cache.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h +pcy_cache.o: ../cryptlib.h pcy_cache.c pcy_int.h +pcy_data.o: ../../e_os.h ../../include/openssl/asn1.h +pcy_data.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h +pcy_data.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h +pcy_data.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h +pcy_data.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h +pcy_data.o: ../../include/openssl/err.h ../../include/openssl/evp.h +pcy_data.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h +pcy_data.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h +pcy_data.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +pcy_data.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h +pcy_data.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +pcy_data.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h +pcy_data.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h +pcy_data.o: ../cryptlib.h pcy_data.c pcy_int.h +pcy_lib.o: ../../e_os.h ../../include/openssl/asn1.h +pcy_lib.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h +pcy_lib.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h +pcy_lib.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h +pcy_lib.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h +pcy_lib.o: ../../include/openssl/err.h ../../include/openssl/evp.h +pcy_lib.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h +pcy_lib.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h +pcy_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +pcy_lib.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h +pcy_lib.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +pcy_lib.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h +pcy_lib.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h +pcy_lib.o: ../cryptlib.h pcy_int.h pcy_lib.c +pcy_map.o: ../../e_os.h ../../include/openssl/asn1.h +pcy_map.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h +pcy_map.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h +pcy_map.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h +pcy_map.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h +pcy_map.o: ../../include/openssl/err.h ../../include/openssl/evp.h +pcy_map.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h +pcy_map.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h +pcy_map.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +pcy_map.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h +pcy_map.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +pcy_map.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h +pcy_map.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h +pcy_map.o: ../cryptlib.h pcy_int.h pcy_map.c +pcy_node.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h +pcy_node.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h +pcy_node.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h +pcy_node.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h +pcy_node.o: ../../include/openssl/ecdsa.h ../../include/openssl/evp.h +pcy_node.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h +pcy_node.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h +pcy_node.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +pcy_node.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h +pcy_node.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +pcy_node.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h +pcy_node.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h +pcy_node.o: pcy_int.h pcy_node.c +pcy_tree.o: ../../e_os.h ../../include/openssl/asn1.h +pcy_tree.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h +pcy_tree.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h +pcy_tree.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h +pcy_tree.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h +pcy_tree.o: ../../include/openssl/err.h ../../include/openssl/evp.h +pcy_tree.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h +pcy_tree.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h +pcy_tree.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +pcy_tree.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h +pcy_tree.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +pcy_tree.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h +pcy_tree.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h +pcy_tree.o: ../cryptlib.h pcy_int.h pcy_tree.c +v3_addr.o: ../../e_os.h ../../include/openssl/asn1.h +v3_addr.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h +v3_addr.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h +v3_addr.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h +v3_addr.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h +v3_addr.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h +v3_addr.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h +v3_addr.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h +v3_addr.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h +v3_addr.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h +v3_addr.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +v3_addr.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +v3_addr.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +v3_addr.o: ../../include/openssl/x509v3.h ../cryptlib.h v3_addr.c +v3_akey.o: ../../e_os.h ../../include/openssl/asn1.h +v3_akey.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h +v3_akey.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h +v3_akey.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h +v3_akey.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h +v3_akey.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h +v3_akey.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h v3_akey.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h v3_akey.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h v3_akey.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h -v3_akey.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -v3_akey.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h -v3_akey.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -v3_akey.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -v3_akey.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -v3_akey.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h -v3_akey.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h -v3_akey.o: ../cryptlib.h v3_akey.c -v3_akeya.o: ../../e_os.h ../../include/openssl/aes.h -v3_akeya.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h -v3_akeya.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -v3_akeya.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -v3_akeya.o: ../../include/openssl/cast.h ../../include/openssl/conf.h -v3_akeya.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -v3_akeya.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -v3_akeya.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -v3_akeya.o: ../../include/openssl/err.h ../../include/openssl/evp.h -v3_akeya.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -v3_akeya.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -v3_akeya.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h +v3_akey.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +v3_akey.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +v3_akey.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +v3_akey.o: ../../include/openssl/x509v3.h ../cryptlib.h v3_akey.c +v3_akeya.o: ../../e_os.h ../../include/openssl/asn1.h +v3_akeya.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h +v3_akeya.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h +v3_akeya.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h +v3_akeya.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h +v3_akeya.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h +v3_akeya.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h v3_akeya.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h v3_akeya.o: ../../include/openssl/opensslconf.h v3_akeya.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -v3_akeya.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -v3_akeya.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -v3_akeya.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -v3_akeya.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -v3_akeya.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -v3_akeya.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -v3_akeya.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -v3_akeya.o: ../../include/openssl/x509v3.h ../cryptlib.h v3_akeya.c -v3_alt.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h -v3_alt.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -v3_alt.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -v3_alt.o: ../../include/openssl/cast.h ../../include/openssl/conf.h -v3_alt.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -v3_alt.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -v3_alt.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -v3_alt.o: ../../include/openssl/err.h ../../include/openssl/evp.h -v3_alt.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -v3_alt.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -v3_alt.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h +v3_akeya.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h +v3_akeya.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +v3_akeya.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h +v3_akeya.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h +v3_akeya.o: ../cryptlib.h v3_akeya.c +v3_alt.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h +v3_alt.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h +v3_alt.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h +v3_alt.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h +v3_alt.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h +v3_alt.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h v3_alt.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h v3_alt.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h v3_alt.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h -v3_alt.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -v3_alt.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h -v3_alt.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -v3_alt.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -v3_alt.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -v3_alt.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h -v3_alt.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h -v3_alt.o: ../cryptlib.h v3_alt.c -v3_bcons.o: ../../e_os.h ../../include/openssl/aes.h -v3_bcons.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h -v3_bcons.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -v3_bcons.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -v3_bcons.o: ../../include/openssl/cast.h ../../include/openssl/conf.h -v3_bcons.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -v3_bcons.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -v3_bcons.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -v3_bcons.o: ../../include/openssl/err.h ../../include/openssl/evp.h -v3_bcons.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -v3_bcons.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -v3_bcons.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h +v3_alt.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +v3_alt.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +v3_alt.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +v3_alt.o: ../../include/openssl/x509v3.h ../cryptlib.h v3_alt.c +v3_asid.o: ../../e_os.h ../../include/openssl/asn1.h +v3_asid.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h +v3_asid.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h +v3_asid.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h +v3_asid.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h +v3_asid.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h +v3_asid.o: ../../include/openssl/err.h ../../include/openssl/evp.h +v3_asid.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h +v3_asid.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h +v3_asid.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +v3_asid.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h +v3_asid.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +v3_asid.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h +v3_asid.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h +v3_asid.o: ../cryptlib.h v3_asid.c +v3_bcons.o: ../../e_os.h ../../include/openssl/asn1.h +v3_bcons.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h +v3_bcons.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h +v3_bcons.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h +v3_bcons.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h +v3_bcons.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h +v3_bcons.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h v3_bcons.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h v3_bcons.o: ../../include/openssl/opensslconf.h v3_bcons.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -v3_bcons.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -v3_bcons.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -v3_bcons.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -v3_bcons.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -v3_bcons.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -v3_bcons.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -v3_bcons.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -v3_bcons.o: ../../include/openssl/x509v3.h ../cryptlib.h v3_bcons.c -v3_bitst.o: ../../e_os.h ../../include/openssl/aes.h -v3_bitst.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -v3_bitst.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -v3_bitst.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h +v3_bcons.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h +v3_bcons.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +v3_bcons.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h +v3_bcons.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h +v3_bcons.o: ../cryptlib.h v3_bcons.c +v3_bitst.o: ../../e_os.h ../../include/openssl/asn1.h +v3_bitst.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h v3_bitst.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h -v3_bitst.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -v3_bitst.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -v3_bitst.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -v3_bitst.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -v3_bitst.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -v3_bitst.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -v3_bitst.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h +v3_bitst.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h +v3_bitst.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h +v3_bitst.o: ../../include/openssl/err.h ../../include/openssl/evp.h +v3_bitst.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h v3_bitst.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h v3_bitst.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -v3_bitst.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -v3_bitst.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -v3_bitst.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -v3_bitst.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -v3_bitst.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -v3_bitst.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -v3_bitst.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -v3_bitst.o: ../../include/openssl/x509v3.h ../cryptlib.h v3_bitst.c -v3_conf.o: ../../e_os.h ../../include/openssl/aes.h -v3_conf.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -v3_conf.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -v3_conf.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h +v3_bitst.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h +v3_bitst.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +v3_bitst.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h +v3_bitst.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h +v3_bitst.o: ../cryptlib.h v3_bitst.c +v3_conf.o: ../../e_os.h ../../include/openssl/asn1.h +v3_conf.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h v3_conf.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h -v3_conf.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -v3_conf.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -v3_conf.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -v3_conf.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -v3_conf.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -v3_conf.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -v3_conf.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h +v3_conf.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h +v3_conf.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h +v3_conf.o: ../../include/openssl/err.h ../../include/openssl/evp.h +v3_conf.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h v3_conf.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h v3_conf.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -v3_conf.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -v3_conf.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -v3_conf.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -v3_conf.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -v3_conf.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -v3_conf.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -v3_conf.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -v3_conf.o: ../../include/openssl/x509v3.h ../cryptlib.h v3_conf.c -v3_cpols.o: ../../e_os.h ../../include/openssl/aes.h -v3_cpols.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h -v3_cpols.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -v3_cpols.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -v3_cpols.o: ../../include/openssl/cast.h ../../include/openssl/conf.h -v3_cpols.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -v3_cpols.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -v3_cpols.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -v3_cpols.o: ../../include/openssl/err.h ../../include/openssl/evp.h -v3_cpols.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -v3_cpols.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -v3_cpols.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h +v3_conf.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h +v3_conf.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +v3_conf.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h +v3_conf.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h +v3_conf.o: ../cryptlib.h v3_conf.c +v3_cpols.o: ../../e_os.h ../../include/openssl/asn1.h +v3_cpols.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h +v3_cpols.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h +v3_cpols.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h +v3_cpols.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h +v3_cpols.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h +v3_cpols.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h v3_cpols.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h v3_cpols.o: ../../include/openssl/opensslconf.h v3_cpols.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -v3_cpols.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -v3_cpols.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -v3_cpols.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -v3_cpols.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -v3_cpols.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -v3_cpols.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -v3_cpols.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -v3_cpols.o: ../../include/openssl/x509v3.h ../cryptlib.h v3_cpols.c -v3_crld.o: ../../e_os.h ../../include/openssl/aes.h -v3_crld.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h -v3_crld.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -v3_crld.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -v3_crld.o: ../../include/openssl/cast.h ../../include/openssl/conf.h -v3_crld.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -v3_crld.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -v3_crld.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -v3_crld.o: ../../include/openssl/err.h ../../include/openssl/evp.h -v3_crld.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -v3_crld.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -v3_crld.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h +v3_cpols.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h +v3_cpols.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +v3_cpols.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h +v3_cpols.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h +v3_cpols.o: ../cryptlib.h pcy_int.h v3_cpols.c +v3_crld.o: ../../e_os.h ../../include/openssl/asn1.h +v3_crld.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h +v3_crld.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h +v3_crld.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h +v3_crld.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h +v3_crld.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h +v3_crld.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h v3_crld.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h v3_crld.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h v3_crld.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h -v3_crld.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -v3_crld.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h -v3_crld.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -v3_crld.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -v3_crld.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -v3_crld.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h -v3_crld.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h -v3_crld.o: ../cryptlib.h v3_crld.c -v3_enum.o: ../../e_os.h ../../include/openssl/aes.h -v3_enum.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -v3_enum.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -v3_enum.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h +v3_crld.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +v3_crld.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +v3_crld.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +v3_crld.o: ../../include/openssl/x509v3.h ../cryptlib.h v3_crld.c +v3_enum.o: ../../e_os.h ../../include/openssl/asn1.h +v3_enum.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h v3_enum.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h -v3_enum.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -v3_enum.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -v3_enum.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -v3_enum.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -v3_enum.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -v3_enum.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -v3_enum.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h +v3_enum.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h +v3_enum.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h +v3_enum.o: ../../include/openssl/err.h ../../include/openssl/evp.h +v3_enum.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h v3_enum.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h v3_enum.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -v3_enum.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -v3_enum.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -v3_enum.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -v3_enum.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -v3_enum.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -v3_enum.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -v3_enum.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -v3_enum.o: ../../include/openssl/x509v3.h ../cryptlib.h v3_enum.c -v3_extku.o: ../../e_os.h ../../include/openssl/aes.h -v3_extku.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h -v3_extku.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -v3_extku.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -v3_extku.o: ../../include/openssl/cast.h ../../include/openssl/conf.h -v3_extku.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -v3_extku.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -v3_extku.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -v3_extku.o: ../../include/openssl/err.h ../../include/openssl/evp.h -v3_extku.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -v3_extku.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -v3_extku.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h +v3_enum.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h +v3_enum.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +v3_enum.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h +v3_enum.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h +v3_enum.o: ../cryptlib.h v3_enum.c +v3_extku.o: ../../e_os.h ../../include/openssl/asn1.h +v3_extku.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h +v3_extku.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h +v3_extku.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h +v3_extku.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h +v3_extku.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h +v3_extku.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h v3_extku.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h v3_extku.o: ../../include/openssl/opensslconf.h v3_extku.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -v3_extku.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -v3_extku.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -v3_extku.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -v3_extku.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -v3_extku.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -v3_extku.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -v3_extku.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -v3_extku.o: ../../include/openssl/x509v3.h ../cryptlib.h v3_extku.c -v3_genn.o: ../../e_os.h ../../include/openssl/aes.h -v3_genn.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h -v3_genn.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -v3_genn.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -v3_genn.o: ../../include/openssl/cast.h ../../include/openssl/conf.h -v3_genn.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -v3_genn.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -v3_genn.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -v3_genn.o: ../../include/openssl/err.h ../../include/openssl/evp.h -v3_genn.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -v3_genn.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -v3_genn.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h +v3_extku.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h +v3_extku.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +v3_extku.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h +v3_extku.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h +v3_extku.o: ../cryptlib.h v3_extku.c +v3_genn.o: ../../e_os.h ../../include/openssl/asn1.h +v3_genn.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h +v3_genn.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h +v3_genn.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h +v3_genn.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h +v3_genn.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h +v3_genn.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h v3_genn.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h v3_genn.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h v3_genn.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h -v3_genn.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -v3_genn.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h -v3_genn.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -v3_genn.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -v3_genn.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -v3_genn.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h -v3_genn.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h -v3_genn.o: ../cryptlib.h v3_genn.c -v3_ia5.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h -v3_ia5.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -v3_ia5.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -v3_ia5.o: ../../include/openssl/cast.h ../../include/openssl/conf.h -v3_ia5.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -v3_ia5.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -v3_ia5.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -v3_ia5.o: ../../include/openssl/err.h ../../include/openssl/evp.h -v3_ia5.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -v3_ia5.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -v3_ia5.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h +v3_genn.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +v3_genn.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +v3_genn.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +v3_genn.o: ../../include/openssl/x509v3.h ../cryptlib.h v3_genn.c +v3_ia5.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h +v3_ia5.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h +v3_ia5.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h +v3_ia5.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h +v3_ia5.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h +v3_ia5.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h v3_ia5.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h v3_ia5.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h v3_ia5.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h -v3_ia5.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -v3_ia5.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h -v3_ia5.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -v3_ia5.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -v3_ia5.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -v3_ia5.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h -v3_ia5.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h -v3_ia5.o: ../cryptlib.h v3_ia5.c -v3_info.o: ../../e_os.h ../../include/openssl/aes.h -v3_info.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h -v3_info.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -v3_info.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -v3_info.o: ../../include/openssl/cast.h ../../include/openssl/conf.h -v3_info.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -v3_info.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -v3_info.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -v3_info.o: ../../include/openssl/err.h ../../include/openssl/evp.h -v3_info.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -v3_info.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -v3_info.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h +v3_ia5.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +v3_ia5.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +v3_ia5.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +v3_ia5.o: ../../include/openssl/x509v3.h ../cryptlib.h v3_ia5.c +v3_info.o: ../../e_os.h ../../include/openssl/asn1.h +v3_info.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h +v3_info.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h +v3_info.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h +v3_info.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h +v3_info.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h +v3_info.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h v3_info.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h v3_info.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h v3_info.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h -v3_info.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -v3_info.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h -v3_info.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -v3_info.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -v3_info.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -v3_info.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h -v3_info.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h -v3_info.o: ../cryptlib.h v3_info.c -v3_int.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h -v3_int.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -v3_int.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -v3_int.o: ../../include/openssl/cast.h ../../include/openssl/conf.h -v3_int.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -v3_int.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -v3_int.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -v3_int.o: ../../include/openssl/err.h ../../include/openssl/evp.h -v3_int.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -v3_int.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -v3_int.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h +v3_info.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +v3_info.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +v3_info.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +v3_info.o: ../../include/openssl/x509v3.h ../cryptlib.h v3_info.c +v3_int.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h +v3_int.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h +v3_int.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h +v3_int.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h +v3_int.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h +v3_int.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h v3_int.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h v3_int.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h v3_int.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h -v3_int.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -v3_int.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h -v3_int.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -v3_int.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -v3_int.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -v3_int.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h -v3_int.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h -v3_int.o: ../cryptlib.h v3_int.c -v3_lib.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h -v3_lib.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -v3_lib.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -v3_lib.o: ../../include/openssl/cast.h ../../include/openssl/conf.h -v3_lib.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -v3_lib.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -v3_lib.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -v3_lib.o: ../../include/openssl/err.h ../../include/openssl/evp.h -v3_lib.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -v3_lib.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -v3_lib.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h +v3_int.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +v3_int.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +v3_int.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +v3_int.o: ../../include/openssl/x509v3.h ../cryptlib.h v3_int.c +v3_lib.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h +v3_lib.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h +v3_lib.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h +v3_lib.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h +v3_lib.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h +v3_lib.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h v3_lib.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h v3_lib.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h v3_lib.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h -v3_lib.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -v3_lib.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h -v3_lib.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -v3_lib.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -v3_lib.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -v3_lib.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h -v3_lib.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h -v3_lib.o: ../cryptlib.h ext_dat.h v3_lib.c -v3_ocsp.o: ../../e_os.h ../../include/openssl/aes.h -v3_ocsp.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -v3_ocsp.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -v3_ocsp.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h +v3_lib.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +v3_lib.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +v3_lib.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +v3_lib.o: ../../include/openssl/x509v3.h ../cryptlib.h ext_dat.h v3_lib.c +v3_ncons.o: ../../e_os.h ../../include/openssl/asn1.h +v3_ncons.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h +v3_ncons.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h +v3_ncons.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h +v3_ncons.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h +v3_ncons.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h +v3_ncons.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h +v3_ncons.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h +v3_ncons.o: ../../include/openssl/opensslconf.h +v3_ncons.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +v3_ncons.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h +v3_ncons.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +v3_ncons.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h +v3_ncons.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h +v3_ncons.o: ../cryptlib.h v3_ncons.c +v3_ocsp.o: ../../e_os.h ../../include/openssl/asn1.h +v3_ocsp.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h v3_ocsp.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h -v3_ocsp.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -v3_ocsp.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -v3_ocsp.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -v3_ocsp.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -v3_ocsp.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -v3_ocsp.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -v3_ocsp.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h +v3_ocsp.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h +v3_ocsp.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h +v3_ocsp.o: ../../include/openssl/err.h ../../include/openssl/evp.h +v3_ocsp.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h v3_ocsp.o: ../../include/openssl/objects.h ../../include/openssl/ocsp.h v3_ocsp.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h v3_ocsp.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h -v3_ocsp.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -v3_ocsp.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h -v3_ocsp.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -v3_ocsp.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -v3_ocsp.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -v3_ocsp.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h -v3_ocsp.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h -v3_ocsp.o: ../cryptlib.h v3_ocsp.c -v3_pci.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h -v3_pci.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -v3_pci.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -v3_pci.o: ../../include/openssl/cast.h ../../include/openssl/conf.h -v3_pci.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -v3_pci.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -v3_pci.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -v3_pci.o: ../../include/openssl/err.h ../../include/openssl/evp.h -v3_pci.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -v3_pci.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -v3_pci.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h +v3_ocsp.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +v3_ocsp.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +v3_ocsp.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +v3_ocsp.o: ../../include/openssl/x509v3.h ../cryptlib.h v3_ocsp.c +v3_pci.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h +v3_pci.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h +v3_pci.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h +v3_pci.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h +v3_pci.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h +v3_pci.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h v3_pci.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h v3_pci.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h v3_pci.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h -v3_pci.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -v3_pci.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h -v3_pci.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -v3_pci.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -v3_pci.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -v3_pci.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h -v3_pci.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h -v3_pci.o: ../cryptlib.h v3_pci.c -v3_pcia.o: ../../include/openssl/aes.h ../../include/openssl/asn1.h -v3_pcia.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h -v3_pcia.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -v3_pcia.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h +v3_pci.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +v3_pci.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +v3_pci.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +v3_pci.o: ../../include/openssl/x509v3.h ../cryptlib.h v3_pci.c +v3_pcia.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h +v3_pcia.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h v3_pcia.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h -v3_pcia.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -v3_pcia.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -v3_pcia.o: ../../include/openssl/e_os2.h ../../include/openssl/evp.h -v3_pcia.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -v3_pcia.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -v3_pcia.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h +v3_pcia.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h +v3_pcia.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h +v3_pcia.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h v3_pcia.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h v3_pcia.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h v3_pcia.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h -v3_pcia.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -v3_pcia.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h -v3_pcia.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -v3_pcia.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -v3_pcia.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -v3_pcia.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h -v3_pcia.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h -v3_pcia.o: v3_pcia.c -v3_pku.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h +v3_pcia.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +v3_pcia.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +v3_pcia.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +v3_pcia.o: ../../include/openssl/x509v3.h v3_pcia.c +v3_pcons.o: ../../e_os.h ../../include/openssl/asn1.h +v3_pcons.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h +v3_pcons.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h +v3_pcons.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h +v3_pcons.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h +v3_pcons.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h +v3_pcons.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h +v3_pcons.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h +v3_pcons.o: ../../include/openssl/opensslconf.h +v3_pcons.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +v3_pcons.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h +v3_pcons.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +v3_pcons.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h +v3_pcons.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h +v3_pcons.o: ../cryptlib.h v3_pcons.c +v3_pku.o: ../../e_os.h ../../include/openssl/asn1.h v3_pku.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h -v3_pku.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -v3_pku.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -v3_pku.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h -v3_pku.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -v3_pku.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -v3_pku.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -v3_pku.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -v3_pku.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -v3_pku.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -v3_pku.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h -v3_pku.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -v3_pku.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -v3_pku.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -v3_pku.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -v3_pku.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h +v3_pku.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h +v3_pku.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h +v3_pku.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h +v3_pku.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h +v3_pku.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h +v3_pku.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h +v3_pku.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h +v3_pku.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h v3_pku.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h v3_pku.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -v3_pku.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h v3_pku.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h v3_pku.o: ../../include/openssl/x509v3.h ../cryptlib.h v3_pku.c -v3_prn.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h -v3_prn.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -v3_prn.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -v3_prn.o: ../../include/openssl/cast.h ../../include/openssl/conf.h -v3_prn.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -v3_prn.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -v3_prn.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -v3_prn.o: ../../include/openssl/err.h ../../include/openssl/evp.h -v3_prn.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -v3_prn.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -v3_prn.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h +v3_pmaps.o: ../../e_os.h ../../include/openssl/asn1.h +v3_pmaps.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h +v3_pmaps.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h +v3_pmaps.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h +v3_pmaps.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h +v3_pmaps.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h +v3_pmaps.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h +v3_pmaps.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h +v3_pmaps.o: ../../include/openssl/opensslconf.h +v3_pmaps.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +v3_pmaps.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h +v3_pmaps.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +v3_pmaps.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h +v3_pmaps.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h +v3_pmaps.o: ../cryptlib.h v3_pmaps.c +v3_prn.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h +v3_prn.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h +v3_prn.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h +v3_prn.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h +v3_prn.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h +v3_prn.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h v3_prn.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h v3_prn.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h v3_prn.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h -v3_prn.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -v3_prn.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h -v3_prn.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -v3_prn.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -v3_prn.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -v3_prn.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h -v3_prn.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h -v3_prn.o: ../cryptlib.h v3_prn.c -v3_purp.o: ../../e_os.h ../../include/openssl/aes.h -v3_purp.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -v3_purp.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -v3_purp.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h +v3_prn.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +v3_prn.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +v3_prn.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +v3_prn.o: ../../include/openssl/x509v3.h ../cryptlib.h v3_prn.c +v3_purp.o: ../../e_os.h ../../include/openssl/asn1.h +v3_purp.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h v3_purp.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h -v3_purp.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -v3_purp.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -v3_purp.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -v3_purp.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -v3_purp.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -v3_purp.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -v3_purp.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h +v3_purp.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h +v3_purp.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h +v3_purp.o: ../../include/openssl/err.h ../../include/openssl/evp.h +v3_purp.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h v3_purp.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h v3_purp.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -v3_purp.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -v3_purp.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -v3_purp.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -v3_purp.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -v3_purp.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -v3_purp.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -v3_purp.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -v3_purp.o: ../../include/openssl/x509v3.h ../cryptlib.h v3_purp.c -v3_skey.o: ../../e_os.h ../../include/openssl/aes.h -v3_skey.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -v3_skey.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -v3_skey.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h +v3_purp.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h +v3_purp.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +v3_purp.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h +v3_purp.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h +v3_purp.o: ../cryptlib.h v3_purp.c +v3_skey.o: ../../e_os.h ../../include/openssl/asn1.h +v3_skey.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h v3_skey.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h -v3_skey.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -v3_skey.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -v3_skey.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -v3_skey.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -v3_skey.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -v3_skey.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -v3_skey.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h +v3_skey.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h +v3_skey.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h +v3_skey.o: ../../include/openssl/err.h ../../include/openssl/evp.h +v3_skey.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h v3_skey.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h v3_skey.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -v3_skey.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -v3_skey.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -v3_skey.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -v3_skey.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -v3_skey.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -v3_skey.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -v3_skey.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -v3_skey.o: ../../include/openssl/x509v3.h ../cryptlib.h v3_skey.c -v3_sxnet.o: ../../e_os.h ../../include/openssl/aes.h -v3_sxnet.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h -v3_sxnet.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -v3_sxnet.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -v3_sxnet.o: ../../include/openssl/cast.h ../../include/openssl/conf.h -v3_sxnet.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -v3_sxnet.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -v3_sxnet.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -v3_sxnet.o: ../../include/openssl/err.h ../../include/openssl/evp.h -v3_sxnet.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -v3_sxnet.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -v3_sxnet.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h +v3_skey.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h +v3_skey.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +v3_skey.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h +v3_skey.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h +v3_skey.o: ../cryptlib.h v3_skey.c +v3_sxnet.o: ../../e_os.h ../../include/openssl/asn1.h +v3_sxnet.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h +v3_sxnet.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h +v3_sxnet.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h +v3_sxnet.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h +v3_sxnet.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h +v3_sxnet.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h v3_sxnet.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h v3_sxnet.o: ../../include/openssl/opensslconf.h v3_sxnet.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -v3_sxnet.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -v3_sxnet.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -v3_sxnet.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -v3_sxnet.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -v3_sxnet.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -v3_sxnet.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -v3_sxnet.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -v3_sxnet.o: ../../include/openssl/x509v3.h ../cryptlib.h v3_sxnet.c -v3_utl.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h -v3_utl.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h +v3_sxnet.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h +v3_sxnet.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +v3_sxnet.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h +v3_sxnet.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h +v3_sxnet.o: ../cryptlib.h v3_sxnet.c +v3_utl.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h v3_utl.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -v3_utl.o: ../../include/openssl/cast.h ../../include/openssl/conf.h -v3_utl.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -v3_utl.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -v3_utl.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h +v3_utl.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h +v3_utl.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h +v3_utl.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h v3_utl.o: ../../include/openssl/err.h ../../include/openssl/evp.h -v3_utl.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -v3_utl.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -v3_utl.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h -v3_utl.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -v3_utl.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -v3_utl.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h -v3_utl.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -v3_utl.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h -v3_utl.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h +v3_utl.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h +v3_utl.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h +v3_utl.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +v3_utl.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h v3_utl.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -v3_utl.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -v3_utl.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h +v3_utl.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h v3_utl.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h v3_utl.o: ../cryptlib.h v3_utl.c -v3err.o: ../../include/openssl/aes.h ../../include/openssl/asn1.h -v3err.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -v3err.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -v3err.o: ../../include/openssl/cast.h ../../include/openssl/conf.h -v3err.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -v3err.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -v3err.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -v3err.o: ../../include/openssl/err.h ../../include/openssl/evp.h -v3err.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -v3err.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -v3err.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h +v3err.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h +v3err.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h +v3err.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h +v3err.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h +v3err.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h +v3err.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h v3err.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h v3err.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h v3err.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h -v3err.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -v3err.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h -v3err.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -v3err.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -v3err.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -v3err.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h -v3err.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h -v3err.o: v3err.c +v3err.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +v3err.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +v3err.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +v3err.o: ../../include/openssl/x509v3.h v3err.c diff --git a/src/lib/libssl/src/CHANGES b/src/lib/libssl/src/CHANGES index 2840a36a6d..217aa70dcb 100644 --- a/src/lib/libssl/src/CHANGES +++ b/src/lib/libssl/src/CHANGES @@ -2,6 +2,1459 @@ OpenSSL CHANGES _______________ + Changes between 0.9.8g and 0.9.8h [28 May 2008] + + *) Fix flaw if 'Server Key exchange message' is omitted from a TLS + handshake which could lead to a cilent crash as found using the + Codenomicon TLS test suite (CVE-2008-1672) + [Steve Henson, Mark Cox] + + *) Fix double free in TLS server name extensions which could lead to + a remote crash found by Codenomicon TLS test suite (CVE-2008-0891) + [Joe Orton] + + *) Clear error queue in SSL_CTX_use_certificate_chain_file() + + Clear the error queue to ensure that error entries left from + older function calls do not interfere with the correct operation. + [Lutz Jaenicke, Erik de Castro Lopo] + + *) Remove root CA certificates of commercial CAs: + + The OpenSSL project does not recommend any specific CA and does not + have any policy with respect to including or excluding any CA. + Therefore it does not make any sense to ship an arbitrary selection + of root CA certificates with the OpenSSL software. + [Lutz Jaenicke] + + *) RSA OAEP patches to fix two separate invalid memory reads. + The first one involves inputs when 'lzero' is greater than + 'SHA_DIGEST_LENGTH' (it would read about SHA_DIGEST_LENGTH bytes + before the beginning of from). The second one involves inputs where + the 'db' section contains nothing but zeroes (there is a one-byte + invalid read after the end of 'db'). + [Ivan Nestlerode ] + + *) Partial backport from 0.9.9-dev: + + Introduce bn_mul_mont (dedicated Montgomery multiplication + procedure) as a candidate for BIGNUM assembler implementation. + While 0.9.9-dev uses assembler for various architectures, only + x86_64 is available by default here in the 0.9.8 branch, and + 32-bit x86 is available through a compile-time setting. + + To try the 32-bit x86 assembler implementation, use Configure + option "enable-montasm" (which exists only for this backport). + + As "enable-montasm" for 32-bit x86 disclaims code stability + anyway, in this constellation we activate additional code + backported from 0.9.9-dev for further performance improvements, + namely BN_from_montgomery_word. (To enable this otherwise, + e.g. x86_64, try "-DMONT_FROM_WORD___NON_DEFAULT_0_9_8_BUILD".) + + [Andy Polyakov (backport partially by Bodo Moeller)] + + *) Add TLS session ticket callback. This allows an application to set + TLS ticket cipher and HMAC keys rather than relying on hardcoded fixed + values. This is useful for key rollover for example where several key + sets may exist with different names. + [Steve Henson] + + *) Reverse ENGINE-internal logic for caching default ENGINE handles. + This was broken until now in 0.9.8 releases, such that the only way + a registered ENGINE could be used (assuming it initialises + successfully on the host) was to explicitly set it as the default + for the relevant algorithms. This is in contradiction with 0.9.7 + behaviour and the documentation. With this fix, when an ENGINE is + registered into a given algorithm's table of implementations, the + 'uptodate' flag is reset so that auto-discovery will be used next + time a new context for that algorithm attempts to select an + implementation. + [Ian Lister (tweaked by Geoff Thorpe)] + + *) Backport of CMS code to OpenSSL 0.9.8. This differs from the 0.9.9 + implemention in the following ways: + + Lack of EVP_PKEY_ASN1_METHOD means algorithm parameters have to be + hard coded. + + Lack of BER streaming support means one pass streaming processing is + only supported if data is detached: setting the streaming flag is + ignored for embedded content. + + CMS support is disabled by default and must be explicitly enabled + with the enable-cms configuration option. + [Steve Henson] + + *) Update the GMP engine glue to do direct copies between BIGNUM and + mpz_t when openssl and GMP use the same limb size. Otherwise the + existing "conversion via a text string export" trick is still used. + [Paul Sheer ] + + *) Zlib compression BIO. This is a filter BIO which compressed and + uncompresses any data passed through it. + [Steve Henson] + + *) Add AES_wrap_key() and AES_unwrap_key() functions to implement + RFC3394 compatible AES key wrapping. + [Steve Henson] + + *) Add utility functions to handle ASN1 structures. ASN1_STRING_set0(): + sets string data without copying. X509_ALGOR_set0() and + X509_ALGOR_get0(): set and retrieve X509_ALGOR (AlgorithmIdentifier) + data. Attribute function X509at_get0_data_by_OBJ(): retrieves data + from an X509_ATTRIBUTE structure optionally checking it occurs only + once. ASN1_TYPE_set1(): set and ASN1_TYPE structure copying supplied + data. + [Steve Henson] + + *) Fix BN flag handling in RSA_eay_mod_exp() and BN_MONT_CTX_set() + to get the expected BN_FLG_CONSTTIME behavior. + [Bodo Moeller (Google)] + + *) Netware support: + + - fixed wrong usage of ioctlsocket() when build for LIBC BSD sockets + - fixed do_tests.pl to run the test suite with CLIB builds too (CLIB_OPT) + - added some more tests to do_tests.pl + - fixed RunningProcess usage so that it works with newer LIBC NDKs too + - removed usage of BN_LLONG for CLIB builds to avoid runtime dependency + - added new Configure targets netware-clib-bsdsock, netware-clib-gcc, + netware-clib-bsdsock-gcc, netware-libc-bsdsock-gcc + - various changes to netware.pl to enable gcc-cross builds on Win32 + platform + - changed crypto/bio/b_sock.c to work with macro functions (CLIB BSD) + - various changes to fix missing prototype warnings + - fixed x86nasm.pl to create correct asm files for NASM COFF output + - added AES, WHIRLPOOL and CPUID assembler code to build files + - added missing AES assembler make rules to mk1mf.pl + - fixed order of includes in apps/ocsp.c so that e_os.h settings apply + [Guenter Knauf ] + + *) Implement certificate status request TLS extension defined in RFC3546. + A client can set the appropriate parameters and receive the encoded + OCSP response via a callback. A server can query the supplied parameters + and set the encoded OCSP response in the callback. Add simplified examples + to s_client and s_server. + [Steve Henson] + + Changes between 0.9.8f and 0.9.8g [19 Oct 2007] + + *) Fix various bugs: + + Binary incompatibility of ssl_ctx_st structure + + DTLS interoperation with non-compliant servers + + Don't call get_session_cb() without proposed session + + Fix ia64 assembler code + [Andy Polyakov, Steve Henson] + + Changes between 0.9.8e and 0.9.8f [11 Oct 2007] + + *) DTLS Handshake overhaul. There were longstanding issues with + OpenSSL DTLS implementation, which were making it impossible for + RFC 4347 compliant client to communicate with OpenSSL server. + Unfortunately just fixing these incompatibilities would "cut off" + pre-0.9.8f clients. To allow for hassle free upgrade post-0.9.8e + server keeps tolerating non RFC compliant syntax. The opposite is + not true, 0.9.8f client can not communicate with earlier server. + This update even addresses CVE-2007-4995. + [Andy Polyakov] + + *) Changes to avoid need for function casts in OpenSSL: some compilers + (gcc 4.2 and later) reject their use. + [Kurt Roeckx , Peter Hartley , + Steve Henson] + + *) Add RFC4507 support to OpenSSL. This includes the corrections in + RFC4507bis. The encrypted ticket format is an encrypted encoded + SSL_SESSION structure, that way new session features are automatically + supported. + + If a client application caches session in an SSL_SESSION structure + support is transparent because tickets are now stored in the encoded + SSL_SESSION. + + The SSL_CTX structure automatically generates keys for ticket + protection in servers so again support should be possible + with no application modification. + + If a client or server wishes to disable RFC4507 support then the option + SSL_OP_NO_TICKET can be set. + + Add a TLS extension debugging callback to allow the contents of any client + or server extensions to be examined. + + This work was sponsored by Google. + [Steve Henson] + + *) Add initial support for TLS extensions, specifically for the server_name + extension so far. The SSL_SESSION, SSL_CTX, and SSL data structures now + have new members for a host name. The SSL data structure has an + additional member SSL_CTX *initial_ctx so that new sessions can be + stored in that context to allow for session resumption, even after the + SSL has been switched to a new SSL_CTX in reaction to a client's + server_name extension. + + New functions (subject to change): + + SSL_get_servername() + SSL_get_servername_type() + SSL_set_SSL_CTX() + + New CTRL codes and macros (subject to change): + + SSL_CTRL_SET_TLSEXT_SERVERNAME_CB + - SSL_CTX_set_tlsext_servername_callback() + SSL_CTRL_SET_TLSEXT_SERVERNAME_ARG + - SSL_CTX_set_tlsext_servername_arg() + SSL_CTRL_SET_TLSEXT_HOSTNAME - SSL_set_tlsext_host_name() + + openssl s_client has a new '-servername ...' option. + + openssl s_server has new options '-servername_host ...', '-cert2 ...', + '-key2 ...', '-servername_fatal' (subject to change). This allows + testing the HostName extension for a specific single host name ('-cert' + and '-key' remain fallbacks for handshakes without HostName + negotiation). If the unrecogninzed_name alert has to be sent, this by + default is a warning; it becomes fatal with the '-servername_fatal' + option. + + [Peter Sylvester, Remy Allais, Christophe Renou, Steve Henson] + + *) Add AES and SSE2 assembly language support to VC++ build. + [Steve Henson] + + *) Mitigate attack on final subtraction in Montgomery reduction. + [Andy Polyakov] + + *) Fix crypto/ec/ec_mult.c to work properly with scalars of value 0 + (which previously caused an internal error). + [Bodo Moeller] + + *) Squeeze another 10% out of IGE mode when in != out. + [Ben Laurie] + + *) AES IGE mode speedup. + [Dean Gaudet (Google)] + + *) Add the Korean symmetric 128-bit cipher SEED (see + http://www.kisa.or.kr/kisa/seed/jsp/seed_eng.jsp) and + add SEED ciphersuites from RFC 4162: + + TLS_RSA_WITH_SEED_CBC_SHA = "SEED-SHA" + TLS_DHE_DSS_WITH_SEED_CBC_SHA = "DHE-DSS-SEED-SHA" + TLS_DHE_RSA_WITH_SEED_CBC_SHA = "DHE-RSA-SEED-SHA" + TLS_DH_anon_WITH_SEED_CBC_SHA = "ADH-SEED-SHA" + + To minimize changes between patchlevels in the OpenSSL 0.9.8 + series, SEED remains excluded from compilation unless OpenSSL + is configured with 'enable-seed'. + [KISA, Bodo Moeller] + + *) Mitigate branch prediction attacks, which can be practical if a + single processor is shared, allowing a spy process to extract + information. For detailed background information, see + http://eprint.iacr.org/2007/039 (O. Aciicmez, S. Gueron, + J.-P. Seifert, "New Branch Prediction Vulnerabilities in OpenSSL + and Necessary Software Countermeasures"). The core of the change + are new versions BN_div_no_branch() and + BN_mod_inverse_no_branch() of BN_div() and BN_mod_inverse(), + respectively, which are slower, but avoid the security-relevant + conditional branches. These are automatically called by BN_div() + and BN_mod_inverse() if the flag BN_FLG_CONSTTIME is set for one + of the input BIGNUMs. Also, BN_is_bit_set() has been changed to + remove a conditional branch. + + BN_FLG_CONSTTIME is the new name for the previous + BN_FLG_EXP_CONSTTIME flag, since it now affects more than just + modular exponentiation. (Since OpenSSL 0.9.7h, setting this flag + in the exponent causes BN_mod_exp_mont() to use the alternative + implementation in BN_mod_exp_mont_consttime().) The old name + remains as a deprecated alias. + + Similary, RSA_FLAG_NO_EXP_CONSTTIME is replaced by a more general + RSA_FLAG_NO_CONSTTIME flag since the RSA implementation now uses + constant-time implementations for more than just exponentiation. + Here too the old name is kept as a deprecated alias. + + BN_BLINDING_new() will now use BN_dup() for the modulus so that + the BN_BLINDING structure gets an independent copy of the + modulus. This means that the previous "BIGNUM *m" argument to + BN_BLINDING_new() and to BN_BLINDING_create_param() now + essentially becomes "const BIGNUM *m", although we can't actually + change this in the header file before 0.9.9. It allows + RSA_setup_blinding() to use BN_with_flags() on the modulus to + enable BN_FLG_CONSTTIME. + + [Matthew D Wood (Intel Corp)] + + *) In the SSL/TLS server implementation, be strict about session ID + context matching (which matters if an application uses a single + external cache for different purposes). Previously, + out-of-context reuse was forbidden only if SSL_VERIFY_PEER was + set. This did ensure strict client verification, but meant that, + with applications using a single external cache for quite + different requirements, clients could circumvent ciphersuite + restrictions for a given session ID context by starting a session + in a different context. + [Bodo Moeller] + + *) Include "!eNULL" in SSL_DEFAULT_CIPHER_LIST to make sure that + a ciphersuite string such as "DEFAULT:RSA" cannot enable + authentication-only ciphersuites. + [Bodo Moeller] + + *) Update the SSL_get_shared_ciphers() fix CVE-2006-3738 which was + not complete and could lead to a possible single byte overflow + (CVE-2007-5135) [Ben Laurie] + + Changes between 0.9.8d and 0.9.8e [23 Feb 2007] + + *) Since AES128 and AES256 (and similarly Camellia128 and + Camellia256) share a single mask bit in the logic of + ssl/ssl_ciph.c, the code for masking out disabled ciphers needs a + kludge to work properly if AES128 is available and AES256 isn't + (or if Camellia128 is available and Camellia256 isn't). + [Victor Duchovni] + + *) Fix the BIT STRING encoding generated by crypto/ec/ec_asn1.c + (within i2d_ECPrivateKey, i2d_ECPKParameters, i2d_ECParameters): + When a point or a seed is encoded in a BIT STRING, we need to + prevent the removal of trailing zero bits to get the proper DER + encoding. (By default, crypto/asn1/a_bitstr.c assumes the case + of a NamedBitList, for which trailing 0 bits need to be removed.) + [Bodo Moeller] + + *) Have SSL/TLS server implementation tolerate "mismatched" record + protocol version while receiving ClientHello even if the + ClientHello is fragmented. (The server can't insist on the + particular protocol version it has chosen before the ServerHello + message has informed the client about his choice.) + [Bodo Moeller] + + *) Add RFC 3779 support. + [Rob Austein for ARIN, Ben Laurie] + + *) Load error codes if they are not already present instead of using a + static variable. This allows them to be cleanly unloaded and reloaded. + Improve header file function name parsing. + [Steve Henson] + + *) extend SMTP and IMAP protocol emulation in s_client to use EHLO + or CAPABILITY handshake as required by RFCs. + [Goetz Babin-Ebell] + + Changes between 0.9.8c and 0.9.8d [28 Sep 2006] + + *) Introduce limits to prevent malicious keys being able to + cause a denial of service. (CVE-2006-2940) + [Steve Henson, Bodo Moeller] + + *) Fix ASN.1 parsing of certain invalid structures that can result + in a denial of service. (CVE-2006-2937) [Steve Henson] + + *) Fix buffer overflow in SSL_get_shared_ciphers() function. + (CVE-2006-3738) [Tavis Ormandy and Will Drewry, Google Security Team] + + *) Fix SSL client code which could crash if connecting to a + malicious SSLv2 server. (CVE-2006-4343) + [Tavis Ormandy and Will Drewry, Google Security Team] + + *) Since 0.9.8b, ciphersuite strings naming explicit ciphersuites + match only those. Before that, "AES256-SHA" would be interpreted + as a pattern and match "AES128-SHA" too (since AES128-SHA got + the same strength classification in 0.9.7h) as we currently only + have a single AES bit in the ciphersuite description bitmap. + That change, however, also applied to ciphersuite strings such as + "RC4-MD5" that intentionally matched multiple ciphersuites -- + namely, SSL 2.0 ciphersuites in addition to the more common ones + from SSL 3.0/TLS 1.0. + + So we change the selection algorithm again: Naming an explicit + ciphersuite selects this one ciphersuite, and any other similar + ciphersuite (same bitmap) from *other* protocol versions. + Thus, "RC4-MD5" again will properly select both the SSL 2.0 + ciphersuite and the SSL 3.0/TLS 1.0 ciphersuite. + + Since SSL 2.0 does not have any ciphersuites for which the + 128/256 bit distinction would be relevant, this works for now. + The proper fix will be to use different bits for AES128 and + AES256, which would have avoided the problems from the beginning; + however, bits are scarce, so we can only do this in a new release + (not just a patchlevel) when we can change the SSL_CIPHER + definition to split the single 'unsigned long mask' bitmap into + multiple values to extend the available space. + + [Bodo Moeller] + + Changes between 0.9.8b and 0.9.8c [05 Sep 2006] + + *) Avoid PKCS #1 v1.5 signature attack discovered by Daniel Bleichenbacher + (CVE-2006-4339) [Ben Laurie and Google Security Team] + + *) Add AES IGE and biIGE modes. + [Ben Laurie] + + *) Change the Unix randomness entropy gathering to use poll() when + possible instead of select(), since the latter has some + undesirable limitations. + [Darryl Miles via Richard Levitte and Bodo Moeller] + + *) Disable "ECCdraft" ciphersuites more thoroughly. Now special + treatment in ssl/ssl_ciph.s makes sure that these ciphersuites + cannot be implicitly activated as part of, e.g., the "AES" alias. + However, please upgrade to OpenSSL 0.9.9[-dev] for + non-experimental use of the ECC ciphersuites to get TLS extension + support, which is required for curve and point format negotiation + to avoid potential handshake problems. + [Bodo Moeller] + + *) Disable rogue ciphersuites: + + - SSLv2 0x08 0x00 0x80 ("RC4-64-MD5") + - SSLv3/TLSv1 0x00 0x61 ("EXP1024-RC2-CBC-MD5") + - SSLv3/TLSv1 0x00 0x60 ("EXP1024-RC4-MD5") + + The latter two were purportedly from + draft-ietf-tls-56-bit-ciphersuites-0[01].txt, but do not really + appear there. + + Also deactivate the remaining ciphersuites from + draft-ietf-tls-56-bit-ciphersuites-01.txt. These are just as + unofficial, and the ID has long expired. + [Bodo Moeller] + + *) Fix RSA blinding Heisenbug (problems sometimes occured on + dual-core machines) and other potential thread-safety issues. + [Bodo Moeller] + + *) Add the symmetric cipher Camellia (128-bit, 192-bit, 256-bit key + versions), which is now available for royalty-free use + (see http://info.isl.ntt.co.jp/crypt/eng/info/chiteki.html). + Also, add Camellia TLS ciphersuites from RFC 4132. + + To minimize changes between patchlevels in the OpenSSL 0.9.8 + series, Camellia remains excluded from compilation unless OpenSSL + is configured with 'enable-camellia'. + [NTT] + + *) Disable the padding bug check when compression is in use. The padding + bug check assumes the first packet is of even length, this is not + necessarily true if compresssion is enabled and can result in false + positives causing handshake failure. The actual bug test is ancient + code so it is hoped that implementations will either have fixed it by + now or any which still have the bug do not support compression. + [Steve Henson] + + Changes between 0.9.8a and 0.9.8b [04 May 2006] + + *) When applying a cipher rule check to see if string match is an explicit + cipher suite and only match that one cipher suite if it is. + [Steve Henson] + + *) Link in manifests for VC++ if needed. + [Austin Ziegler ] + + *) Update support for ECC-based TLS ciphersuites according to + draft-ietf-tls-ecc-12.txt with proposed changes (but without + TLS extensions, which are supported starting with the 0.9.9 + branch, not in the OpenSSL 0.9.8 branch). + [Douglas Stebila] + + *) New functions EVP_CIPHER_CTX_new() and EVP_CIPHER_CTX_free() to support + opaque EVP_CIPHER_CTX handling. + [Steve Henson] + + *) Fixes and enhancements to zlib compression code. We now only use + "zlib1.dll" and use the default __cdecl calling convention on Win32 + to conform with the standards mentioned here: + http://www.zlib.net/DLL_FAQ.txt + Static zlib linking now works on Windows and the new --with-zlib-include + --with-zlib-lib options to Configure can be used to supply the location + of the headers and library. Gracefully handle case where zlib library + can't be loaded. + [Steve Henson] + + *) Several fixes and enhancements to the OID generation code. The old code + sometimes allowed invalid OIDs (1.X for X >= 40 for example), couldn't + handle numbers larger than ULONG_MAX, truncated printing and had a + non standard OBJ_obj2txt() behaviour. + [Steve Henson] + + *) Add support for building of engines under engine/ as shared libraries + under VC++ build system. + [Steve Henson] + + *) Corrected the numerous bugs in the Win32 path splitter in DSO. + Hopefully, we will not see any false combination of paths any more. + [Richard Levitte] + + Changes between 0.9.8 and 0.9.8a [11 Oct 2005] + + *) Remove the functionality of SSL_OP_MSIE_SSLV2_RSA_PADDING + (part of SSL_OP_ALL). This option used to disable the + countermeasure against man-in-the-middle protocol-version + rollback in the SSL 2.0 server implementation, which is a bad + idea. (CVE-2005-2969) + + [Bodo Moeller; problem pointed out by Yutaka Oiwa (Research Center + for Information Security, National Institute of Advanced Industrial + Science and Technology [AIST], Japan)] + + *) Add two function to clear and return the verify parameter flags. + [Steve Henson] + + *) Keep cipherlists sorted in the source instead of sorting them at + runtime, thus removing the need for a lock. + [Nils Larsch] + + *) Avoid some small subgroup attacks in Diffie-Hellman. + [Nick Mathewson and Ben Laurie] + + *) Add functions for well-known primes. + [Nick Mathewson] + + *) Extended Windows CE support. + [Satoshi Nakamura and Andy Polyakov] + + *) Initialize SSL_METHOD structures at compile time instead of during + runtime, thus removing the need for a lock. + [Steve Henson] + + *) Make PKCS7_decrypt() work even if no certificate is supplied by + attempting to decrypt each encrypted key in turn. Add support to + smime utility. + [Steve Henson] + + Changes between 0.9.7h and 0.9.8 [05 Jul 2005] + + [NB: OpenSSL 0.9.7i and later 0.9.7 patch levels were released after + OpenSSL 0.9.8.] + + *) Add libcrypto.pc and libssl.pc for those who feel they need them. + [Richard Levitte] + + *) Change CA.sh and CA.pl so they don't bundle the CSR and the private + key into the same file any more. + [Richard Levitte] + + *) Add initial support for Win64, both IA64 and AMD64/x64 flavors. + [Andy Polyakov] + + *) Add -utf8 command line and config file option to 'ca'. + [Stefan and Geoff Thorpe] + + *) Add attribute functions to EVP_PKEY structure. Modify + PKCS12_create() to recognize a CSP name attribute and + use it. Make -CSP option work again in pkcs12 utility. + [Steve Henson] + + *) Add new functionality to the bn blinding code: + - automatic re-creation of the BN_BLINDING parameters after + a fixed number of uses (currently 32) + - add new function for parameter creation + - introduce flags to control the update behaviour of the + BN_BLINDING parameters + - hide BN_BLINDING structure + Add a second BN_BLINDING slot to the RSA structure to improve + performance when a single RSA object is shared among several + threads. + [Nils Larsch] + + *) Add support for DTLS. + [Nagendra Modadugu and Ben Laurie] + + *) Add support for DER encoded private keys (SSL_FILETYPE_ASN1) + to SSL_CTX_use_PrivateKey_file() and SSL_use_PrivateKey_file() + [Walter Goulet] + + *) Remove buggy and incompletet DH cert support from + ssl/ssl_rsa.c and ssl/s3_both.c + [Nils Larsch] + + *) Use SHA-1 instead of MD5 as the default digest algorithm for + the apps/openssl applications. + [Nils Larsch] + + *) Compile clean with "-Wall -Wmissing-prototypes + -Wstrict-prototypes -Wmissing-declarations -Werror". Currently + DEBUG_SAFESTACK must also be set. + [Ben Laurie] + + *) Change ./Configure so that certain algorithms can be disabled by default. + The new counterpiece to "no-xxx" is "enable-xxx". + + The patented RC5 and MDC2 algorithms will now be disabled unless + "enable-rc5" and "enable-mdc2", respectively, are specified. + + (IDEA remains enabled despite being patented. This is because IDEA + is frequently required for interoperability, and there is no license + fee for non-commercial use. As before, "no-idea" can be used to + avoid this algorithm.) + + [Bodo Moeller] + + *) Add processing of proxy certificates (see RFC 3820). This work was + sponsored by KTH (The Royal Institute of Technology in Stockholm) and + EGEE (Enabling Grids for E-science in Europe). + [Richard Levitte] + + *) RC4 performance overhaul on modern architectures/implementations, such + as Intel P4, IA-64 and AMD64. + [Andy Polyakov] + + *) New utility extract-section.pl. This can be used specify an alternative + section number in a pod file instead of having to treat each file as + a separate case in Makefile. This can be done by adding two lines to the + pod file: + + =for comment openssl_section:XXX + + The blank line is mandatory. + + [Steve Henson] + + *) New arguments -certform, -keyform and -pass for s_client and s_server + to allow alternative format key and certificate files and passphrase + sources. + [Steve Henson] + + *) New structure X509_VERIFY_PARAM which combines current verify parameters, + update associated structures and add various utility functions. + + Add new policy related verify parameters, include policy checking in + standard verify code. Enhance 'smime' application with extra parameters + to support policy checking and print out. + [Steve Henson] + + *) Add a new engine to support VIA PadLock ACE extensions in the VIA C3 + Nehemiah processors. These extensions support AES encryption in hardware + as well as RNG (though RNG support is currently disabled). + [Michal Ludvig , with help from Andy Polyakov] + + *) Deprecate BN_[get|set]_params() functions (they were ignored internally). + [Geoff Thorpe] + + *) New FIPS 180-2 algorithms, SHA-224/-256/-384/-512 are implemented. + [Andy Polyakov and a number of other people] + + *) Improved PowerPC platform support. Most notably BIGNUM assembler + implementation contributed by IBM. + [Suresh Chari, Peter Waltenberg, Andy Polyakov] + + *) The new 'RSA_generate_key_ex' function now takes a BIGNUM for the public + exponent rather than 'unsigned long'. There is a corresponding change to + the new 'rsa_keygen' element of the RSA_METHOD structure. + [Jelte Jansen, Geoff Thorpe] + + *) Functionality for creating the initial serial number file is now + moved from CA.pl to the 'ca' utility with a new option -create_serial. + + (Before OpenSSL 0.9.7e, CA.pl used to initialize the serial + number file to 1, which is bound to cause problems. To avoid + the problems while respecting compatibility between different 0.9.7 + patchlevels, 0.9.7e employed 'openssl x509 -next_serial' in + CA.pl for serial number initialization. With the new release 0.9.8, + we can fix the problem directly in the 'ca' utility.) + [Steve Henson] + + *) Reduced header interdepencies by declaring more opaque objects in + ossl_typ.h. As a consequence, including some headers (eg. engine.h) will + give fewer recursive includes, which could break lazy source code - so + this change is covered by the OPENSSL_NO_DEPRECATED symbol. As always, + developers should define this symbol when building and using openssl to + ensure they track the recommended behaviour, interfaces, [etc], but + backwards-compatible behaviour prevails when this isn't defined. + [Geoff Thorpe] + + *) New function X509_POLICY_NODE_print() which prints out policy nodes. + [Steve Henson] + + *) Add new EVP function EVP_CIPHER_CTX_rand_key and associated functionality. + This will generate a random key of the appropriate length based on the + cipher context. The EVP_CIPHER can provide its own random key generation + routine to support keys of a specific form. This is used in the des and + 3des routines to generate a key of the correct parity. Update S/MIME + code to use new functions and hence generate correct parity DES keys. + Add EVP_CHECK_DES_KEY #define to return an error if the key is not + valid (weak or incorrect parity). + [Steve Henson] + + *) Add a local set of CRLs that can be used by X509_verify_cert() as well + as looking them up. This is useful when the verified structure may contain + CRLs, for example PKCS#7 signedData. Modify PKCS7_verify() to use any CRLs + present unless the new PKCS7_NO_CRL flag is asserted. + [Steve Henson] + + *) Extend ASN1 oid configuration module. It now additionally accepts the + syntax: + + shortName = some long name, 1.2.3.4 + [Steve Henson] + + *) Reimplemented the BN_CTX implementation. There is now no more static + limitation on the number of variables it can handle nor the depth of the + "stack" handling for BN_CTX_start()/BN_CTX_end() pairs. The stack + information can now expand as required, and rather than having a single + static array of bignums, BN_CTX now uses a linked-list of such arrays + allowing it to expand on demand whilst maintaining the usefulness of + BN_CTX's "bundling". + [Geoff Thorpe] + + *) Add a missing BN_CTX parameter to the 'rsa_mod_exp' callback in RSA_METHOD + to allow all RSA operations to function using a single BN_CTX. + [Geoff Thorpe] + + *) Preliminary support for certificate policy evaluation and checking. This + is initially intended to pass the tests outlined in "Conformance Testing + of Relying Party Client Certificate Path Processing Logic" v1.07. + [Steve Henson] + + *) bn_dup_expand() has been deprecated, it was introduced in 0.9.7 and + remained unused and not that useful. A variety of other little bignum + tweaks and fixes have also been made continuing on from the audit (see + below). + [Geoff Thorpe] + + *) Constify all or almost all d2i, c2i, s2i and r2i functions, along with + associated ASN1, EVP and SSL functions and old ASN1 macros. + [Richard Levitte] + + *) BN_zero() only needs to set 'top' and 'neg' to zero for correct results, + and this should never fail. So the return value from the use of + BN_set_word() (which can fail due to needless expansion) is now deprecated; + if OPENSSL_NO_DEPRECATED is defined, BN_zero() is a void macro. + [Geoff Thorpe] + + *) BN_CTX_get() should return zero-valued bignums, providing the same + initialised value as BN_new(). + [Geoff Thorpe, suggested by Ulf Möller] + + *) Support for inhibitAnyPolicy certificate extension. + [Steve Henson] + + *) An audit of the BIGNUM code is underway, for which debugging code is + enabled when BN_DEBUG is defined. This makes stricter enforcements on what + is considered valid when processing BIGNUMs, and causes execution to + assert() when a problem is discovered. If BN_DEBUG_RAND is defined, + further steps are taken to deliberately pollute unused data in BIGNUM + structures to try and expose faulty code further on. For now, openssl will + (in its default mode of operation) continue to tolerate the inconsistent + forms that it has tolerated in the past, but authors and packagers should + consider trying openssl and their own applications when compiled with + these debugging symbols defined. It will help highlight potential bugs in + their own code, and will improve the test coverage for OpenSSL itself. At + some point, these tighter rules will become openssl's default to improve + maintainability, though the assert()s and other overheads will remain only + in debugging configurations. See bn.h for more details. + [Geoff Thorpe, Nils Larsch, Ulf Möller] + + *) BN_CTX_init() has been deprecated, as BN_CTX is an opaque structure + that can only be obtained through BN_CTX_new() (which implicitly + initialises it). The presence of this function only made it possible + to overwrite an existing structure (and cause memory leaks). + [Geoff Thorpe] + + *) Because of the callback-based approach for implementing LHASH as a + template type, lh_insert() adds opaque objects to hash-tables and + lh_doall() or lh_doall_arg() are typically used with a destructor callback + to clean up those corresponding objects before destroying the hash table + (and losing the object pointers). So some over-zealous constifications in + LHASH have been relaxed so that lh_insert() does not take (nor store) the + objects as "const" and the lh_doall[_arg] callback wrappers are not + prototyped to have "const" restrictions on the object pointers they are + given (and so aren't required to cast them away any more). + [Geoff Thorpe] + + *) The tmdiff.h API was so ugly and minimal that our own timing utility + (speed) prefers to use its own implementation. The two implementations + haven't been consolidated as yet (volunteers?) but the tmdiff API has had + its object type properly exposed (MS_TM) instead of casting to/from "char + *". This may still change yet if someone realises MS_TM and "ms_time_***" + aren't necessarily the greatest nomenclatures - but this is what was used + internally to the implementation so I've used that for now. + [Geoff Thorpe] + + *) Ensure that deprecated functions do not get compiled when + OPENSSL_NO_DEPRECATED is defined. Some "openssl" subcommands and a few of + the self-tests were still using deprecated key-generation functions so + these have been updated also. + [Geoff Thorpe] + + *) Reorganise PKCS#7 code to separate the digest location functionality + into PKCS7_find_digest(), digest addtion into PKCS7_bio_add_digest(). + New function PKCS7_set_digest() to set the digest type for PKCS#7 + digestedData type. Add additional code to correctly generate the + digestedData type and add support for this type in PKCS7 initialization + functions. + [Steve Henson] + + *) New function PKCS7_set0_type_other() this initializes a PKCS7 + structure of type "other". + [Steve Henson] + + *) Fix prime generation loop in crypto/bn/bn_prime.pl by making + sure the loop does correctly stop and breaking ("division by zero") + modulus operations are not performed. The (pre-generated) prime + table crypto/bn/bn_prime.h was already correct, but it could not be + re-generated on some platforms because of the "division by zero" + situation in the script. + [Ralf S. Engelschall] + + *) Update support for ECC-based TLS ciphersuites according to + draft-ietf-tls-ecc-03.txt: the KDF1 key derivation function with + SHA-1 now is only used for "small" curves (where the + representation of a field element takes up to 24 bytes); for + larger curves, the field element resulting from ECDH is directly + used as premaster secret. + [Douglas Stebila (Sun Microsystems Laboratories)] + + *) Add code for kP+lQ timings to crypto/ec/ectest.c, and add SEC2 + curve secp160r1 to the tests. + [Douglas Stebila (Sun Microsystems Laboratories)] + + *) Add the possibility to load symbols globally with DSO. + [Götz Babin-Ebell via Richard Levitte] + + *) Add the functions ERR_set_mark() and ERR_pop_to_mark() for better + control of the error stack. + [Richard Levitte] + + *) Add support for STORE in ENGINE. + [Richard Levitte] + + *) Add the STORE type. The intention is to provide a common interface + to certificate and key stores, be they simple file-based stores, or + HSM-type store, or LDAP stores, or... + NOTE: The code is currently UNTESTED and isn't really used anywhere. + [Richard Levitte] + + *) Add a generic structure called OPENSSL_ITEM. This can be used to + pass a list of arguments to any function as well as provide a way + for a function to pass data back to the caller. + [Richard Levitte] + + *) Add the functions BUF_strndup() and BUF_memdup(). BUF_strndup() + works like BUF_strdup() but can be used to duplicate a portion of + a string. The copy gets NUL-terminated. BUF_memdup() duplicates + a memory area. + [Richard Levitte] + + *) Add the function sk_find_ex() which works like sk_find(), but will + return an index to an element even if an exact match couldn't be + found. The index is guaranteed to point at the element where the + searched-for key would be inserted to preserve sorting order. + [Richard Levitte] + + *) Add the function OBJ_bsearch_ex() which works like OBJ_bsearch() but + takes an extra flags argument for optional functionality. Currently, + the following flags are defined: + + OBJ_BSEARCH_VALUE_ON_NOMATCH + This one gets OBJ_bsearch_ex() to return a pointer to the first + element where the comparing function returns a negative or zero + number. + + OBJ_BSEARCH_FIRST_VALUE_ON_MATCH + This one gets OBJ_bsearch_ex() to return a pointer to the first + element where the comparing function returns zero. This is useful + if there are more than one element where the comparing function + returns zero. + [Richard Levitte] + + *) Make it possible to create self-signed certificates with 'openssl ca' + in such a way that the self-signed certificate becomes part of the + CA database and uses the same mechanisms for serial number generation + as all other certificate signing. The new flag '-selfsign' enables + this functionality. Adapt CA.sh and CA.pl.in. + [Richard Levitte] + + *) Add functionality to check the public key of a certificate request + against a given private. This is useful to check that a certificate + request can be signed by that key (self-signing). + [Richard Levitte] + + *) Make it possible to have multiple active certificates with the same + subject in the CA index file. This is done only if the keyword + 'unique_subject' is set to 'no' in the main CA section (default + if 'CA_default') of the configuration file. The value is saved + with the database itself in a separate index attribute file, + named like the index file with '.attr' appended to the name. + [Richard Levitte] + + *) Generate muti valued AVAs using '+' notation in config files for + req and dirName. + [Steve Henson] + + *) Support for nameConstraints certificate extension. + [Steve Henson] + + *) Support for policyConstraints certificate extension. + [Steve Henson] + + *) Support for policyMappings certificate extension. + [Steve Henson] + + *) Make sure the default DSA_METHOD implementation only uses its + dsa_mod_exp() and/or bn_mod_exp() handlers if they are non-NULL, + and change its own handlers to be NULL so as to remove unnecessary + indirection. This lets alternative implementations fallback to the + default implementation more easily. + [Geoff Thorpe] + + *) Support for directoryName in GeneralName related extensions + in config files. + [Steve Henson] + + *) Make it possible to link applications using Makefile.shared. + Make that possible even when linking against static libraries! + [Richard Levitte] + + *) Support for single pass processing for S/MIME signing. This now + means that S/MIME signing can be done from a pipe, in addition + cleartext signing (multipart/signed type) is effectively streaming + and the signed data does not need to be all held in memory. + + This is done with a new flag PKCS7_STREAM. When this flag is set + PKCS7_sign() only initializes the PKCS7 structure and the actual signing + is done after the data is output (and digests calculated) in + SMIME_write_PKCS7(). + [Steve Henson] + + *) Add full support for -rpath/-R, both in shared libraries and + applications, at least on the platforms where it's known how + to do it. + [Richard Levitte] + + *) In crypto/ec/ec_mult.c, implement fast point multiplication with + precomputation, based on wNAF splitting: EC_GROUP_precompute_mult() + will now compute a table of multiples of the generator that + makes subsequent invocations of EC_POINTs_mul() or EC_POINT_mul() + faster (notably in the case of a single point multiplication, + scalar * generator). + [Nils Larsch, Bodo Moeller] + + *) IPv6 support for certificate extensions. The various extensions + which use the IP:a.b.c.d can now take IPv6 addresses using the + formats of RFC1884 2.2 . IPv6 addresses are now also displayed + correctly. + [Steve Henson] + + *) Added an ENGINE that implements RSA by performing private key + exponentiations with the GMP library. The conversions to and from + GMP's mpz_t format aren't optimised nor are any montgomery forms + cached, and on x86 it appears OpenSSL's own performance has caught up. + However there are likely to be other architectures where GMP could + provide a boost. This ENGINE is not built in by default, but it can be + specified at Configure time and should be accompanied by the necessary + linker additions, eg; + ./config -DOPENSSL_USE_GMP -lgmp + [Geoff Thorpe] + + *) "openssl engine" will not display ENGINE/DSO load failure errors when + testing availability of engines with "-t" - the old behaviour is + produced by increasing the feature's verbosity with "-tt". + [Geoff Thorpe] + + *) ECDSA routines: under certain error conditions uninitialized BN objects + could be freed. Solution: make sure initialization is performed early + enough. (Reported and fix supplied by Nils Larsch + via PR#459) + [Lutz Jaenicke] + + *) Key-generation can now be implemented in RSA_METHOD, DSA_METHOD + and DH_METHOD (eg. by ENGINE implementations) to override the normal + software implementations. For DSA and DH, parameter generation can + also be overriden by providing the appropriate method callbacks. + [Geoff Thorpe] + + *) Change the "progress" mechanism used in key-generation and + primality testing to functions that take a new BN_GENCB pointer in + place of callback/argument pairs. The new API functions have "_ex" + postfixes and the older functions are reimplemented as wrappers for + the new ones. The OPENSSL_NO_DEPRECATED symbol can be used to hide + declarations of the old functions to help (graceful) attempts to + migrate to the new functions. Also, the new key-generation API + functions operate on a caller-supplied key-structure and return + success/failure rather than returning a key or NULL - this is to + help make "keygen" another member function of RSA_METHOD etc. + + Example for using the new callback interface: + + int (*my_callback)(int a, int b, BN_GENCB *cb) = ...; + void *my_arg = ...; + BN_GENCB my_cb; + + BN_GENCB_set(&my_cb, my_callback, my_arg); + + return BN_is_prime_ex(some_bignum, BN_prime_checks, NULL, &cb); + /* For the meaning of a, b in calls to my_callback(), see the + * documentation of the function that calls the callback. + * cb will point to my_cb; my_arg can be retrieved as cb->arg. + * my_callback should return 1 if it wants BN_is_prime_ex() + * to continue, or 0 to stop. + */ + + [Geoff Thorpe] + + *) Change the ZLIB compression method to be stateful, and make it + available to TLS with the number defined in + draft-ietf-tls-compression-04.txt. + [Richard Levitte] + + *) Add the ASN.1 structures and functions for CertificatePair, which + is defined as follows (according to X.509_4thEditionDraftV6.pdf): + + CertificatePair ::= SEQUENCE { + forward [0] Certificate OPTIONAL, + reverse [1] Certificate OPTIONAL, + -- at least one of the pair shall be present -- } + + Also implement the PEM functions to read and write certificate + pairs, and defined the PEM tag as "CERTIFICATE PAIR". + + This needed to be defined, mostly for the sake of the LDAP + attribute crossCertificatePair, but may prove useful elsewhere as + well. + [Richard Levitte] + + *) Make it possible to inhibit symlinking of shared libraries in + Makefile.shared, for Cygwin's sake. + [Richard Levitte] + + *) Extend the BIGNUM API by creating a function + void BN_set_negative(BIGNUM *a, int neg); + and a macro that behave like + int BN_is_negative(const BIGNUM *a); + + to avoid the need to access 'a->neg' directly in applications. + [Nils Larsch] + + *) Implement fast modular reduction for pseudo-Mersenne primes + used in NIST curves (crypto/bn/bn_nist.c, crypto/ec/ecp_nist.c). + EC_GROUP_new_curve_GFp() will now automatically use this + if applicable. + [Nils Larsch ] + + *) Add new lock type (CRYPTO_LOCK_BN). + [Bodo Moeller] + + *) Change the ENGINE framework to automatically load engines + dynamically from specific directories unless they could be + found to already be built in or loaded. Move all the + current engines except for the cryptodev one to a new + directory engines/. + The engines in engines/ are built as shared libraries if + the "shared" options was given to ./Configure or ./config. + Otherwise, they are inserted in libcrypto.a. + /usr/local/ssl/engines is the default directory for dynamic + engines, but that can be overriden at configure time through + the usual use of --prefix and/or --openssldir, and at run + time with the environment variable OPENSSL_ENGINES. + [Geoff Thorpe and Richard Levitte] + + *) Add Makefile.shared, a helper makefile to build shared + libraries. Addapt Makefile.org. + [Richard Levitte] + + *) Add version info to Win32 DLLs. + [Peter 'Luna' Runestig" ] + + *) Add new 'medium level' PKCS#12 API. Certificates and keys + can be added using this API to created arbitrary PKCS#12 + files while avoiding the low level API. + + New options to PKCS12_create(), key or cert can be NULL and + will then be omitted from the output file. The encryption + algorithm NIDs can be set to -1 for no encryption, the mac + iteration count can be set to 0 to omit the mac. + + Enhance pkcs12 utility by making the -nokeys and -nocerts + options work when creating a PKCS#12 file. New option -nomac + to omit the mac, NONE can be set for an encryption algorithm. + New code is modified to use the enhanced PKCS12_create() + instead of the low level API. + [Steve Henson] + + *) Extend ASN1 encoder to support indefinite length constructed + encoding. This can output sequences tags and octet strings in + this form. Modify pk7_asn1.c to support indefinite length + encoding. This is experimental and needs additional code to + be useful, such as an ASN1 bio and some enhanced streaming + PKCS#7 code. + + Extend template encode functionality so that tagging is passed + down to the template encoder. + [Steve Henson] + + *) Let 'openssl req' fail if an argument to '-newkey' is not + recognized instead of using RSA as a default. + [Bodo Moeller] + + *) Add support for ECC-based ciphersuites from draft-ietf-tls-ecc-01.txt. + As these are not official, they are not included in "ALL"; + the "ECCdraft" ciphersuite group alias can be used to select them. + [Vipul Gupta and Sumit Gupta (Sun Microsystems Laboratories)] + + *) Add ECDH engine support. + [Nils Gura and Douglas Stebila (Sun Microsystems Laboratories)] + + *) Add ECDH in new directory crypto/ecdh/. + [Douglas Stebila (Sun Microsystems Laboratories)] + + *) Let BN_rand_range() abort with an error after 100 iterations + without success (which indicates a broken PRNG). + [Bodo Moeller] + + *) Change BN_mod_sqrt() so that it verifies that the input value + is really the square of the return value. (Previously, + BN_mod_sqrt would show GIGO behaviour.) + [Bodo Moeller] + + *) Add named elliptic curves over binary fields from X9.62, SECG, + and WAP/WTLS; add OIDs that were still missing. + + [Sheueling Chang Shantz and Douglas Stebila + (Sun Microsystems Laboratories)] + + *) Extend the EC library for elliptic curves over binary fields + (new files ec2_smpl.c, ec2_smpt.c, ec2_mult.c in crypto/ec/). + New EC_METHOD: + + EC_GF2m_simple_method + + New API functions: + + EC_GROUP_new_curve_GF2m + EC_GROUP_set_curve_GF2m + EC_GROUP_get_curve_GF2m + EC_POINT_set_affine_coordinates_GF2m + EC_POINT_get_affine_coordinates_GF2m + EC_POINT_set_compressed_coordinates_GF2m + + Point compression for binary fields is disabled by default for + patent reasons (compile with OPENSSL_EC_BIN_PT_COMP defined to + enable it). + + As binary polynomials are represented as BIGNUMs, various members + of the EC_GROUP and EC_POINT data structures can be shared + between the implementations for prime fields and binary fields; + the above ..._GF2m functions (except for EX_GROUP_new_curve_GF2m) + are essentially identical to their ..._GFp counterparts. + (For simplicity, the '..._GFp' prefix has been dropped from + various internal method names.) + + An internal 'field_div' method (similar to 'field_mul' and + 'field_sqr') has been added; this is used only for binary fields. + + [Sheueling Chang Shantz and Douglas Stebila + (Sun Microsystems Laboratories)] + + *) Optionally dispatch EC_POINT_mul(), EC_POINT_precompute_mult() + through methods ('mul', 'precompute_mult'). + + The generic implementations (now internally called 'ec_wNAF_mul' + and 'ec_wNAF_precomputed_mult') remain the default if these + methods are undefined. + + [Sheueling Chang Shantz and Douglas Stebila + (Sun Microsystems Laboratories)] + + *) New function EC_GROUP_get_degree, which is defined through + EC_METHOD. For curves over prime fields, this returns the bit + length of the modulus. + + [Sheueling Chang Shantz and Douglas Stebila + (Sun Microsystems Laboratories)] + + *) New functions EC_GROUP_dup, EC_POINT_dup. + (These simply call ..._new and ..._copy). + + [Sheueling Chang Shantz and Douglas Stebila + (Sun Microsystems Laboratories)] + + *) Add binary polynomial arithmetic software in crypto/bn/bn_gf2m.c. + Polynomials are represented as BIGNUMs (where the sign bit is not + used) in the following functions [macros]: + + BN_GF2m_add + BN_GF2m_sub [= BN_GF2m_add] + BN_GF2m_mod [wrapper for BN_GF2m_mod_arr] + BN_GF2m_mod_mul [wrapper for BN_GF2m_mod_mul_arr] + BN_GF2m_mod_sqr [wrapper for BN_GF2m_mod_sqr_arr] + BN_GF2m_mod_inv + BN_GF2m_mod_exp [wrapper for BN_GF2m_mod_exp_arr] + BN_GF2m_mod_sqrt [wrapper for BN_GF2m_mod_sqrt_arr] + BN_GF2m_mod_solve_quad [wrapper for BN_GF2m_mod_solve_quad_arr] + BN_GF2m_cmp [= BN_ucmp] + + (Note that only the 'mod' functions are actually for fields GF(2^m). + BN_GF2m_add() is misnomer, but this is for the sake of consistency.) + + For some functions, an the irreducible polynomial defining a + field can be given as an 'unsigned int[]' with strictly + decreasing elements giving the indices of those bits that are set; + i.e., p[] represents the polynomial + f(t) = t^p[0] + t^p[1] + ... + t^p[k] + where + p[0] > p[1] > ... > p[k] = 0. + This applies to the following functions: + + BN_GF2m_mod_arr + BN_GF2m_mod_mul_arr + BN_GF2m_mod_sqr_arr + BN_GF2m_mod_inv_arr [wrapper for BN_GF2m_mod_inv] + BN_GF2m_mod_div_arr [wrapper for BN_GF2m_mod_div] + BN_GF2m_mod_exp_arr + BN_GF2m_mod_sqrt_arr + BN_GF2m_mod_solve_quad_arr + BN_GF2m_poly2arr + BN_GF2m_arr2poly + + Conversion can be performed by the following functions: + + BN_GF2m_poly2arr + BN_GF2m_arr2poly + + bntest.c has additional tests for binary polynomial arithmetic. + + Two implementations for BN_GF2m_mod_div() are available. + The default algorithm simply uses BN_GF2m_mod_inv() and + BN_GF2m_mod_mul(). The alternative algorithm is compiled in only + if OPENSSL_SUN_GF2M_DIV is defined (patent pending; read the + copyright notice in crypto/bn/bn_gf2m.c before enabling it). + + [Sheueling Chang Shantz and Douglas Stebila + (Sun Microsystems Laboratories)] + + *) Add new error code 'ERR_R_DISABLED' that can be used when some + functionality is disabled at compile-time. + [Douglas Stebila ] + + *) Change default behaviour of 'openssl asn1parse' so that more + information is visible when viewing, e.g., a certificate: + + Modify asn1_parse2 (crypto/asn1/asn1_par.c) so that in non-'dump' + mode the content of non-printable OCTET STRINGs is output in a + style similar to INTEGERs, but with '[HEX DUMP]' prepended to + avoid the appearance of a printable string. + [Nils Larsch ] + + *) Add 'asn1_flag' and 'asn1_form' member to EC_GROUP with access + functions + EC_GROUP_set_asn1_flag() + EC_GROUP_get_asn1_flag() + EC_GROUP_set_point_conversion_form() + EC_GROUP_get_point_conversion_form() + These control ASN1 encoding details: + - Curves (i.e., groups) are encoded explicitly unless asn1_flag + has been set to OPENSSL_EC_NAMED_CURVE. + - Points are encoded in uncompressed form by default; options for + asn1_for are as for point2oct, namely + POINT_CONVERSION_COMPRESSED + POINT_CONVERSION_UNCOMPRESSED + POINT_CONVERSION_HYBRID + + Also add 'seed' and 'seed_len' members to EC_GROUP with access + functions + EC_GROUP_set_seed() + EC_GROUP_get0_seed() + EC_GROUP_get_seed_len() + This is used only for ASN1 purposes (so far). + [Nils Larsch ] + + *) Add 'field_type' member to EC_METHOD, which holds the NID + of the appropriate field type OID. The new function + EC_METHOD_get_field_type() returns this value. + [Nils Larsch ] + + *) Add functions + EC_POINT_point2bn() + EC_POINT_bn2point() + EC_POINT_point2hex() + EC_POINT_hex2point() + providing useful interfaces to EC_POINT_point2oct() and + EC_POINT_oct2point(). + [Nils Larsch ] + + *) Change internals of the EC library so that the functions + EC_GROUP_set_generator() + EC_GROUP_get_generator() + EC_GROUP_get_order() + EC_GROUP_get_cofactor() + are implemented directly in crypto/ec/ec_lib.c and not dispatched + to methods, which would lead to unnecessary code duplication when + adding different types of curves. + [Nils Larsch with input by Bodo Moeller] + + *) Implement compute_wNAF (crypto/ec/ec_mult.c) without BIGNUM + arithmetic, and such that modified wNAFs are generated + (which avoid length expansion in many cases). + [Bodo Moeller] + + *) Add a function EC_GROUP_check_discriminant() (defined via + EC_METHOD) that verifies that the curve discriminant is non-zero. + + Add a function EC_GROUP_check() that makes some sanity tests + on a EC_GROUP, its generator and order. This includes + EC_GROUP_check_discriminant(). + [Nils Larsch ] + + *) Add ECDSA in new directory crypto/ecdsa/. + + Add applications 'openssl ecparam' and 'openssl ecdsa' + (these are based on 'openssl dsaparam' and 'openssl dsa'). + + ECDSA support is also included in various other files across the + library. Most notably, + - 'openssl req' now has a '-newkey ecdsa:file' option; + - EVP_PKCS82PKEY (crypto/evp/evp_pkey.c) now can handle ECDSA; + - X509_PUBKEY_get (crypto/asn1/x_pubkey.c) and + d2i_PublicKey (crypto/asn1/d2i_pu.c) have been modified to make + them suitable for ECDSA where domain parameters must be + extracted before the specific public key; + - ECDSA engine support has been added. + [Nils Larsch ] + + *) Include some named elliptic curves, and add OIDs from X9.62, + SECG, and WAP/WTLS. Each curve can be obtained from the new + function + EC_GROUP_new_by_curve_name(), + and the list of available named curves can be obtained with + EC_get_builtin_curves(). + Also add a 'curve_name' member to EC_GROUP objects, which can be + accessed via + EC_GROUP_set_curve_name() + EC_GROUP_get_curve_name() + [Nils Larsch ] + + *) Include "!eNULL" in SSL_DEFAULT_CIPHER_LIST to make sure that + a ciphersuite string such as "DEFAULT:RSA" cannot enable + authentication-only ciphersuites. + [Bodo Moeller] + + *) Since AES128 and AES256 share a single mask bit in the logic of + ssl/ssl_ciph.c, the code for masking out disabled ciphers needs a + kludge to work properly if AES128 is available and AES256 isn't. + [Victor Duchovni] + + *) Expand security boundary to match 1.1.1 module. + [Steve Henson] + + *) Remove redundant features: hash file source, editing of test vectors + modify fipsld to use external fips_premain.c signature. + [Steve Henson] + + *) New perl script mkfipsscr.pl to create shell scripts or batch files to + run algorithm test programs. + [Steve Henson] + + *) Make algorithm test programs more tolerant of whitespace. + [Steve Henson] + + *) Have SSL/TLS server implementation tolerate "mismatched" record + protocol version while receiving ClientHello even if the + ClientHello is fragmented. (The server can't insist on the + particular protocol version it has chosen before the ServerHello + message has informed the client about his choice.) + [Bodo Moeller] + + *) Load error codes if they are not already present instead of using a + static variable. This allows them to be cleanly unloaded and reloaded. + [Steve Henson] + + Changes between 0.9.7k and 0.9.7l [28 Sep 2006] + + *) Introduce limits to prevent malicious keys being able to + cause a denial of service. (CVE-2006-2940) + [Steve Henson, Bodo Moeller] + + *) Fix ASN.1 parsing of certain invalid structures that can result + in a denial of service. (CVE-2006-2937) [Steve Henson] + + *) Fix buffer overflow in SSL_get_shared_ciphers() function. + (CVE-2006-3738) [Tavis Ormandy and Will Drewry, Google Security Team] + + *) Fix SSL client code which could crash if connecting to a + malicious SSLv2 server. (CVE-2006-4343) + [Tavis Ormandy and Will Drewry, Google Security Team] + + *) Change ciphersuite string processing so that an explicit + ciphersuite selects this one ciphersuite (so that "AES256-SHA" + will no longer include "AES128-SHA"), and any other similar + ciphersuite (same bitmap) from *other* protocol versions (so that + "RC4-MD5" will still include both the SSL 2.0 ciphersuite and the + SSL 3.0/TLS 1.0 ciphersuite). This is a backport combining + changes from 0.9.8b and 0.9.8d. + [Bodo Moeller] + + Changes between 0.9.7j and 0.9.7k [05 Sep 2006] + + *) Avoid PKCS #1 v1.5 signature attack discovered by Daniel Bleichenbacher + (CVE-2006-4339) [Ben Laurie and Google Security Team] + + *) Change the Unix randomness entropy gathering to use poll() when + possible instead of select(), since the latter has some + undesirable limitations. + [Darryl Miles via Richard Levitte and Bodo Moeller] + + *) Disable rogue ciphersuites: + + - SSLv2 0x08 0x00 0x80 ("RC4-64-MD5") + - SSLv3/TLSv1 0x00 0x61 ("EXP1024-RC2-CBC-MD5") + - SSLv3/TLSv1 0x00 0x60 ("EXP1024-RC4-MD5") + + The latter two were purportedly from + draft-ietf-tls-56-bit-ciphersuites-0[01].txt, but do not really + appear there. + + Also deactive the remaining ciphersuites from + draft-ietf-tls-56-bit-ciphersuites-01.txt. These are just as + unofficial, and the ID has long expired. + [Bodo Moeller] + + *) Fix RSA blinding Heisenbug (problems sometimes occured on + dual-core machines) and other potential thread-safety issues. + [Bodo Moeller] + Changes between 0.9.7i and 0.9.7j [04 May 2006] *) Adapt fipsld and the build system to link against the validated FIPS diff --git a/src/lib/libssl/src/ChangeLog.0_9_7-stable_not-in-head b/src/lib/libssl/src/ChangeLog.0_9_7-stable_not-in-head new file mode 100644 index 0000000000..1203a22158 --- /dev/null +++ b/src/lib/libssl/src/ChangeLog.0_9_7-stable_not-in-head @@ -0,0 +1,163 @@ +This file, together with ChangeLog.0_9_7-stable_not-in-head_FIPS, +provides a collection of those CVS change log entries for the +0.9.7 branch (OpenSSL_0_9_7-stable) that do not appear similarly in +0.9.8-dev (CVS head). + +ChangeLog.0_9_7-stable_not-in-head_FIPS - "FIPS" related changes +ChangeLog.0_9_7-stable_not-in-head - everything else + +Some obvious false positives have been eliminated: e.g., we do not +care about a simple "make update"; and we don't care about changes +identified to the 0.9.7 branch that were explicitly identified as +backports from head. + +Eliminating all other entries (and finally this file and its +compantion), either as false positives or as things that should go +into 0.9.8, remains to be done. Any additional changes to 0.9.7 that +are not immediately put into 0.9.8, but belong there as well, should +be added to the end of this file. + + +2002-11-04 17:33 levitte + + Changed: + Configure (1.314.2.38), "Exp", lines: +4 -2 + + Return my normal debug targets to something not so extreme, and + make the extreme ones special (or 'extreme', if you will :-)). + +2002-12-16 19:17 appro + + Changed: + crypto/bn/bn_lcl.h (1.23.2.3), "Exp", lines: +3 -0 + crypto/bn/bn_mul.c (1.28.2.4), "Exp", lines: +84 -445 + + This is rollback to 0.9.6h bn_mul.c to address problem reported in + RT#272. + +2003-07-27 15:46 ben + + Changed: + crypto/aes/aes.h (1.1.2.5), "Exp", lines: +3 -0 + crypto/aes/aes_cfb.c (1.1.2.4), "Exp", lines: +57 -0 + + Add untested CFB-r mode. Will be tested soon. + +2003-07-28 17:07 ben + + Changed: + Makefile.org (1.154.2.69), "Exp", lines: +5 -1 + crypto/aes/aes.h (1.1.2.6), "Exp", lines: +3 -0 + crypto/aes/aes_cfb.c (1.1.2.5), "Exp", lines: +19 -0 + crypto/dsa/Makefile.ssl (1.49.2.6), "Exp", lines: +3 -2 + crypto/err/Makefile.ssl (1.48.2.4), "Exp", lines: +17 -16 + crypto/evp/e_aes.c (1.6.2.5), "Exp", lines: +8 -0 + crypto/evp/e_des.c (1.5.2.2), "Exp", lines: +1 -1 + crypto/evp/e_des3.c (1.8.2.3), "Exp", lines: +2 -2 + crypto/evp/evp.h (1.86.2.11), "Exp", lines: +28 -11 + crypto/evp/evp_locl.h (1.7.2.3), "Exp", lines: +2 -2 + crypto/objects/obj_dat.h (1.49.2.13), "Exp", lines: +10 -5 + crypto/objects/obj_mac.h (1.19.2.13), "Exp", lines: +5 -0 + crypto/objects/obj_mac.num (1.15.2.9), "Exp", lines: +1 -0 + crypto/objects/objects.txt (1.20.2.14), "Exp", lines: +4 -0 + fips/Makefile.ssl (1.1.2.3), "Exp", lines: +7 -0 + fips/aes/Makefile.ssl (1.1.2.2), "Exp", lines: +23 -1 + fips/aes/fips_aesavs.c (1.1.2.3), "Exp", lines: +9 -1 + test/Makefile.ssl (1.84.2.30), "Exp", lines: +101 -43 + + Add support for partial CFB modes, make tests work, update + dependencies. + +2003-07-29 12:56 ben + + Changed: + crypto/aes/aes_cfb.c (1.1.2.6), "Exp", lines: +9 -6 + crypto/evp/c_allc.c (1.8.2.3), "Exp", lines: +1 -0 + crypto/evp/evp_test.c (1.14.2.11), "Exp", lines: +17 -8 + crypto/evp/evptests.txt (1.9.2.2), "Exp", lines: +48 -1 + + Working CFB1 and test vectors. + +2003-07-29 15:24 ben + + Changed: + crypto/evp/e_aes.c (1.6.2.6), "Exp", lines: +14 -0 + crypto/objects/obj_dat.h (1.49.2.14), "Exp", lines: +15 -5 + crypto/objects/obj_mac.h (1.19.2.14), "Exp", lines: +10 -0 + crypto/objects/obj_mac.num (1.15.2.10), "Exp", lines: +2 -0 + crypto/objects/objects.txt (1.20.2.15), "Exp", lines: +2 -0 + fips/aes/Makefile.ssl (1.1.2.3), "Exp", lines: +1 -1 + fips/aes/fips_aesavs.c (1.1.2.4), "Exp", lines: +34 -19 + + The rest of the keysizes for CFB1, working AES AVS test for CFB1. + +2003-07-29 19:05 ben + + Changed: + crypto/aes/aes.h (1.1.2.7), "Exp", lines: +3 -0 + crypto/aes/aes_cfb.c (1.1.2.7), "Exp", lines: +14 -0 + crypto/evp/c_allc.c (1.8.2.4), "Exp", lines: +1 -0 + crypto/evp/e_aes.c (1.6.2.7), "Exp", lines: +4 -9 + crypto/evp/evptests.txt (1.9.2.3), "Exp", lines: +48 -0 + crypto/objects/obj_dat.h (1.49.2.15), "Exp", lines: +20 -5 + crypto/objects/obj_mac.h (1.19.2.15), "Exp", lines: +15 -0 + crypto/objects/obj_mac.num (1.15.2.11), "Exp", lines: +3 -0 + crypto/objects/objects.txt (1.20.2.16), "Exp", lines: +3 -0 + fips/aes/fips_aesavs.c (1.1.2.7), "Exp", lines: +11 -0 + + AES CFB8. + +2003-07-30 20:30 ben + + Changed: + Makefile.org (1.154.2.70), "Exp", lines: +16 -5 + crypto/des/cfb_enc.c (1.7.2.1), "Exp", lines: +2 -1 + crypto/des/des_enc.c (1.11.2.2), "Exp", lines: +4 -0 + crypto/evp/e_aes.c (1.6.2.8), "Exp", lines: +7 -14 + crypto/evp/e_des.c (1.5.2.3), "Exp", lines: +37 -1 + crypto/evp/evp.h (1.86.2.12), "Exp", lines: +6 -0 + crypto/evp/evp_locl.h (1.7.2.4), "Exp", lines: +9 -0 + crypto/objects/obj_dat.h (1.49.2.16), "Exp", lines: +48 -23 + crypto/objects/obj_mac.h (1.19.2.16), "Exp", lines: +31 -6 + crypto/objects/obj_mac.num (1.15.2.12), "Exp", lines: +5 -0 + crypto/objects/objects.txt (1.20.2.17), "Exp", lines: +12 -6 + fips/Makefile.ssl (1.1.2.4), "Exp", lines: +8 -1 + fips/fips_make_sha1 (1.1.2.3), "Exp", lines: +3 -0 + fips/aes/Makefile.ssl (1.1.2.4), "Exp", lines: +1 -1 + fips/des/.cvsignore (1.1.2.1), "Exp", lines: +3 -0 + fips/des/Makefile.ssl (1.1.2.1), "Exp", lines: +96 -0 + fips/des/fingerprint.sha1 (1.1.2.1), "Exp", lines: +2 -0 + fips/des/fips_des_enc.c (1.1.2.1), "Exp", lines: +288 -0 + fips/des/fips_des_locl.h (1.1.2.1), "Exp", lines: +428 -0 + fips/des/fips_desmovs.c (1.1.2.1), "Exp", lines: +659 -0 + + Whoops, forgot FIPS DES, also add EVPs for DES CFB1 and 8. + +2003-08-01 12:25 ben + + Changed: + crypto/des/cfb_enc.c (1.7.2.2), "Exp", lines: +45 -36 + crypto/evp/c_allc.c (1.8.2.5), "Exp", lines: +2 -0 + crypto/evp/e_des.c (1.5.2.4), "Exp", lines: +8 -3 + crypto/evp/evptests.txt (1.9.2.4), "Exp", lines: +6 -0 + + Fix DES CFB-r. + +2003-08-01 12:31 ben + + Changed: + crypto/evp/evptests.txt (1.9.2.5), "Exp", lines: +4 -0 + + DES CFB8 test. + +2005-04-19 16:21 appro + + Changed: + Configure (1.314.2.117), "Exp", lines: +24 -21 + Makefile.org (1.154.2.100), "Exp", lines: +1 -11 + TABLE (1.99.2.52), "Exp", lines: +20 -20 + apps/Makefile (1.1.4.15), "Exp", lines: +1 -1 + test/Makefile (1.1.4.12), "Exp", lines: +1 -1 + + Enable shared link on HP-UX. + diff --git a/src/lib/libssl/src/ChangeLog.0_9_7-stable_not-in-head_FIPS b/src/lib/libssl/src/ChangeLog.0_9_7-stable_not-in-head_FIPS new file mode 100644 index 0000000000..1e6c88f77a --- /dev/null +++ b/src/lib/libssl/src/ChangeLog.0_9_7-stable_not-in-head_FIPS @@ -0,0 +1,1494 @@ +See file ChangeLog.0_9_7-stable_not-in-head for explanations. +This is the "FIPS"-related part. + + + +2003-07-27 19:00 ben + + Changed: + Configure (1.314.2.85), "Exp", lines: +2 -0 + Makefile.org (1.154.2.67), "Exp", lines: +12 -3 + crypto/cryptlib.c (1.32.2.9), "Exp", lines: +5 -0 + crypto/md32_common.h (1.22.2.4), "Exp", lines: +11 -0 + crypto/aes/Makefile.ssl (1.4.2.6), "Exp", lines: +2 -1 + crypto/aes/aes_core.c (1.1.2.4), "Exp", lines: +4 -0 + crypto/des/des.h (1.40.2.4), "Exp", lines: +1 -1 + crypto/des/des_old.c (1.11.2.4), "Exp", lines: +1 -1 + crypto/des/destest.c (1.30.2.6), "Exp", lines: +2 -2 + crypto/des/ecb3_enc.c (1.8.2.1), "Exp", lines: +1 -3 + crypto/dsa/Makefile.ssl (1.49.2.5), "Exp", lines: +7 -4 + crypto/dsa/dsa_ossl.c (1.12.2.4), "Exp", lines: +2 -0 + crypto/dsa/dsa_sign.c (1.10.2.3), "Exp", lines: +12 -0 + crypto/dsa/dsa_vrf.c (1.10.2.3), "Exp", lines: +8 -0 + crypto/engine/engine.h (1.36.2.6), "Exp", lines: +4 -0 + crypto/err/err.h (1.35.2.3), "Exp", lines: +2 -0 + crypto/err/err_all.c (1.17.2.2), "Exp", lines: +4 -0 + crypto/err/openssl.ec (1.11.2.1), "Exp", lines: +1 -0 + crypto/evp/Makefile.ssl (1.64.2.8), "Exp", lines: +8 -7 + crypto/evp/c_all.c (1.7.8.7), "Exp", lines: +1 -0 + crypto/evp/e_aes.c (1.6.2.4), "Exp", lines: +12 -4 + crypto/evp/e_des3.c (1.8.2.2), "Exp", lines: +1 -1 + crypto/evp/evp.h (1.86.2.10), "Exp", lines: +2 -0 + crypto/evp/evp_err.c (1.23.2.1), "Exp", lines: +3 -1 + crypto/md4/Makefile.ssl (1.6.2.4), "Exp", lines: +7 -4 + crypto/md5/Makefile.ssl (1.33.2.7), "Exp", lines: +7 -4 + crypto/rand/Makefile.ssl (1.56.2.4), "Exp", lines: +17 -15 + crypto/rand/md_rand.c (1.69.2.2), "Exp", lines: +9 -0 + crypto/rand/rand.h (1.26.2.5), "Exp", lines: +2 -0 + crypto/rand/rand_err.c (1.6.2.1), "Exp", lines: +3 -1 + crypto/rand/rand_lib.c (1.15.2.2), "Exp", lines: +11 -0 + crypto/ripemd/Makefile.ssl (1.25.2.5), "Exp", lines: +7 -2 + crypto/sha/Makefile.ssl (1.26.2.5), "Exp", lines: +16 -6 + fips/.cvsignore (1.1.2.1), "Exp", lines: +1 -0 + fips/Makefile.ssl (1.1.2.1), "Exp", lines: +155 -0 + fips/fingerprint.sha1 (1.1.2.1), "Exp", lines: +3 -0 + fips/fips.c (1.1.2.1), "Exp", lines: +74 -0 + fips/fips.h (1.1.2.1), "Exp", lines: +85 -0 + fips/fips_check_sha1 (1.1.2.1), "Exp", lines: +7 -0 + fips/fips_err.c (1.1.2.1), "Exp", lines: +96 -0 + fips/fips_make_sha1 (1.1.2.1), "Exp", lines: +21 -0 + fips/lib (1.1.2.1), "Exp", lines: +0 -0 + fips/aes/.cvsignore (1.1.2.1), "Exp", lines: +4 -0 + fips/aes/Makefile.ssl (1.1.2.1), "Exp", lines: +95 -0 + fips/aes/fingerprint.sha1 (1.1.2.1), "Exp", lines: +2 -0 + fips/aes/fips_aes_core.c (1.1.2.1), "Exp", lines: +1260 -0 + fips/aes/fips_aes_locl.h (1.1.2.1), "Exp", lines: +85 -0 + fips/aes/fips_aesavs.c (1.1.2.1), "Exp", lines: +896 -0 + fips/dsa/.cvsignore (1.1.2.1), "Exp", lines: +2 -0 + fips/dsa/Makefile.ssl (1.1.2.1), "Exp", lines: +95 -0 + fips/dsa/fingerprint.sha1 (1.1.2.1), "Exp", lines: +1 -0 + fips/dsa/fips_dsa_ossl.c (1.1.2.1), "Exp", lines: +366 -0 + fips/dsa/fips_dsatest.c (1.1.2.1), "Exp", lines: +252 -0 + fips/rand/.cvsignore (1.1.2.1), "Exp", lines: +2 -0 + fips/rand/Makefile.ssl (1.1.2.1), "Exp", lines: +94 -0 + fips/rand/fingerprint.sha1 (1.1.2.1), "Exp", lines: +2 -0 + fips/rand/fips_rand.c (1.1.2.1), "Exp", lines: +236 -0 + fips/rand/fips_rand.h (1.1.2.1), "Exp", lines: +55 -0 + fips/rand/fips_randtest.c (1.1.2.1), "Exp", lines: +348 -0 + fips/sha1/.cvsignore (1.1.2.1), "Exp", lines: +3 -0 + fips/sha1/Makefile.ssl (1.1.2.1), "Exp", lines: +94 -0 + fips/sha1/fingerprint.sha1 (1.1.2.1), "Exp", lines: +3 -0 + fips/sha1/fips_md32_common.h (1.1.2.1), "Exp", lines: +637 -0 + fips/sha1/fips_sha1dgst.c (1.1.2.1), "Exp", lines: +76 -0 + fips/sha1/fips_sha1test.c (1.1.2.1), "Exp", lines: +128 -0 + fips/sha1/fips_sha_locl.h (1.1.2.1), "Exp", lines: +472 -0 + fips/sha1/fips_standalone_sha1.c (1.1.2.1), "Exp", lines: +101 -0 + fips/sha1/standalone.sha1 (1.1.2.1), "Exp", lines: +4 -0 + test/Makefile.ssl (1.84.2.29), "Exp", lines: +81 -13 + util/mkerr.pl (1.18.2.4), "Exp", lines: +2 -1 + + Unfinished FIPS stuff for review/improvement. + +2003-07-27 19:19 ben + + Changed: + fips/fips_check_sha1 (1.1.2.2), "Exp", lines: +1 -1 + + Use unified diff. + +2003-07-27 19:23 ben + + Changed: + fips/Makefile.ssl (1.1.2.2), "Exp", lines: +3 -3 + fips/fingerprint.sha1 (1.1.2.2), "Exp", lines: +2 -1 + fips/fips_make_sha1 (1.1.2.2), "Exp", lines: +1 -1 + + Build in non-FIPS mode. + +2003-07-27 23:13 ben + + Changed: + Makefile.org (1.154.2.68), "Exp", lines: +1 -1 + fips/fips_check_sha1 (1.1.2.3), "Exp", lines: +2 -1 + fips/aes/fips_aesavs.c (1.1.2.2), "Exp", lines: +2 -0 + fips/dsa/fips_dsa_ossl.c (1.1.2.2), "Exp", lines: +8 -0 + fips/dsa/fips_dsatest.c (1.1.2.2), "Exp", lines: +2 -1 + fips/sha1/fingerprint.sha1 (1.1.2.2), "Exp", lines: +1 -1 + fips/sha1/fips_sha1dgst.c (1.1.2.2), "Exp", lines: +5 -1 + fips/sha1/fips_standalone_sha1.c (1.1.2.2), "Exp", lines: +2 -0 + fips/sha1/standalone.sha1 (1.1.2.2), "Exp", lines: +1 -1 + + Build when not FIPS. + +2003-07-28 11:56 ben + + Changed: + fips/dsa/fingerprint.sha1 (1.1.2.2), "Exp", lines: +1 -1 + fips/sha1/standalone.sha1 (1.1.2.3), "Exp", lines: +1 -1 + + New fingerprints. + +2003-07-29 16:06 ben + + Changed: + fips/aes/fips_aesavs.c (1.1.2.5), "Exp", lines: +295 -303 + + Reformat. + +2003-07-29 16:34 ben + + Changed: + fips/aes/fips_aesavs.c (1.1.2.6), "Exp", lines: +43 -17 + + MMT for CFB1 + +2003-07-29 17:17 ben + + Changed: + fips/fips_err_wrapper.c (1.1.2.1), "Exp", lines: +5 -0 + fips/sha1/sha1hashes.txt (1.1.2.1), "Exp", lines: +342 -0 + fips/sha1/sha1vectors.txt (1.1.2.1), "Exp", lines: +2293 -0 + + Missing files. + +2003-07-31 23:30 levitte + + Changed: + Makefile.org (1.154.2.71), "Exp", lines: +2 -0 + + If FDIRS is to be treated like SDIRS, let's not forget to + initialize it in Makefile.org. + +2003-07-31 23:41 levitte + + Changed: + fips/sha1/fips_sha1test.c (1.1.2.2), "Exp", lines: +3 -3 + + No C++ comments in C programs! + +2003-08-01 15:07 steve + + Changed: + fips/aes/fips_aesavs.c (1.1.2.8), "Exp", lines: +3 -3 + + Replace C++ style comments. + +2003-08-03 14:22 ben + + Changed: + fips/des/fips_desmovs.c (1.1.2.2), "Exp", lines: +55 -37 + + Make tests work (CFB1 still doesn't produce the right answers, + strangely). + +2003-08-08 12:08 levitte + + Changed: + fips/des/fips_des_enc.c (1.1.2.2), "Exp", lines: +9 -0 + + Avoid clashing with the regular DES functions when not compiling + with -DFIPS. This is basically only visible when building with + shared library supoort... + +2003-08-11 11:36 levitte + + Deleted: + fips/sha1/.cvsignore (1.1.2.2) + fips/sha1/Makefile.ssl (1.1.2.3) + fips/sha1/fingerprint.sha1 (1.1.2.3) + fips/sha1/fips_md32_common.h (1.1.2.2) + fips/sha1/fips_sha1dgst.c (1.1.2.3) + fips/sha1/fips_sha1test.c (1.1.2.3) + fips/sha1/fips_sha_locl.h (1.1.2.2) + fips/sha1/fips_standalone_sha1.c (1.1.2.3) + fips/sha1/sha1hashes.txt (1.1.2.2) + fips/sha1/sha1vectors.txt (1.1.2.2) + fips/sha1/standalone.sha1 (1.1.2.4) + fips/dsa/.cvsignore (1.1.2.2) + fips/dsa/Makefile.ssl (1.1.2.2) + fips/dsa/fingerprint.sha1 (1.1.2.3) + fips/dsa/fips_dsa_ossl.c (1.1.2.3) + fips/dsa/fips_dsatest.c (1.1.2.3) + fips/rand/.cvsignore (1.1.2.2) + fips/rand/Makefile.ssl (1.1.2.2) + fips/rand/fingerprint.sha1 (1.1.2.2) + fips/rand/fips_rand.c (1.1.2.2) + fips/rand/fips_rand.h (1.1.2.2) + fips/rand/fips_randtest.c (1.1.2.2) + fips/des/.cvsignore (1.1.2.2) + fips/des/Makefile.ssl (1.1.2.3) + fips/des/fingerprint.sha1 (1.1.2.2) + fips/des/fips_des_enc.c (1.1.2.3) + fips/des/fips_des_locl.h (1.1.2.2) + fips/des/fips_desmovs.c (1.1.2.3) + fips/aes/.cvsignore (1.1.2.2) + fips/aes/Makefile.ssl (1.1.2.5) + fips/aes/fingerprint.sha1 (1.1.2.2) + fips/aes/fips_aes_core.c (1.1.2.2) + fips/aes/fips_aes_locl.h (1.1.2.2) + fips/aes/fips_aesavs.c (1.1.2.9) + fips/.cvsignore (1.1.2.2) + fips/Makefile.ssl (1.1.2.6) + fips/fingerprint.sha1 (1.1.2.3) + fips/fips.c (1.1.2.2) + fips/fips.h (1.1.2.2) + fips/fips_check_sha1 (1.1.2.4) + fips/fips_err.c (1.1.2.2) + fips/fips_err_wrapper.c (1.1.2.2) + fips/fips_make_sha1 (1.1.2.4) + fips/lib (1.1.2.2) + Changed: + util/libeay.num (1.173.2.16), "Exp", lines: +11 -38 + util/mkerr.pl (1.18.2.5), "Exp", lines: +1 -2 + test/Makefile.ssl (1.84.2.31), "Exp", lines: +54 -180 + crypto/ripemd/Makefile.ssl (1.25.2.6), "Exp", lines: +2 -7 + crypto/sha/Makefile.ssl (1.26.2.6), "Exp", lines: +6 -16 + crypto/rand/Makefile.ssl (1.56.2.5), "Exp", lines: +15 -17 + crypto/rand/md_rand.c (1.69.2.3), "Exp", lines: +0 -9 + crypto/rand/rand.h (1.26.2.6), "Exp", lines: +0 -2 + crypto/rand/rand_err.c (1.6.2.2), "Exp", lines: +1 -3 + crypto/rand/rand_lib.c (1.15.2.3), "Exp", lines: +0 -11 + crypto/objects/obj_dat.h (1.49.2.18), "Exp", lines: +3 -27 + crypto/objects/obj_mac.h (1.19.2.18), "Exp", lines: +0 -32 + crypto/objects/obj_mac.num (1.15.2.14), "Exp", lines: +0 -8 + crypto/objects/objects.txt (1.20.2.19), "Exp", lines: +0 -11 + crypto/md4/Makefile.ssl (1.6.2.5), "Exp", lines: +4 -7 + crypto/md5/Makefile.ssl (1.33.2.8), "Exp", lines: +4 -7 + crypto/evp/Makefile.ssl (1.64.2.9), "Exp", lines: +7 -8 + crypto/evp/c_allc.c (1.8.2.6), "Exp", lines: +0 -4 + crypto/evp/e_aes.c (1.6.2.9), "Exp", lines: +4 -22 + crypto/evp/e_des.c (1.5.2.5), "Exp", lines: +2 -43 + crypto/evp/e_des3.c (1.8.2.4), "Exp", lines: +3 -3 + crypto/evp/evp.h (1.86.2.13), "Exp", lines: +11 -36 + crypto/evp/evp_err.c (1.23.2.2), "Exp", lines: +1 -3 + crypto/evp/evp_lib.c (1.6.8.3), "Exp", lines: +0 -24 + crypto/evp/evp_locl.h (1.7.2.5), "Exp", lines: +2 -11 + crypto/evp/evp_test.c (1.14.2.12), "Exp", lines: +8 -17 + crypto/evp/evptests.txt (1.9.2.6), "Exp", lines: +1 -106 + crypto/dsa/Makefile.ssl (1.49.2.7), "Exp", lines: +6 -10 + crypto/dsa/dsa_ossl.c (1.12.2.5), "Exp", lines: +0 -2 + crypto/dsa/dsa_sign.c (1.10.2.4), "Exp", lines: +0 -12 + crypto/dsa/dsa_vrf.c (1.10.2.4), "Exp", lines: +0 -8 + crypto/err/Makefile.ssl (1.48.2.5), "Exp", lines: +16 -17 + crypto/err/err.h (1.35.2.4), "Exp", lines: +0 -2 + crypto/err/err_all.c (1.17.2.3), "Exp", lines: +0 -4 + crypto/err/openssl.ec (1.11.2.2), "Exp", lines: +0 -1 + crypto/des/des.h (1.40.2.5), "Exp", lines: +1 -1 + crypto/des/des_enc.c (1.11.2.3), "Exp", lines: +0 -4 + crypto/des/des_old.c (1.11.2.5), "Exp", lines: +1 -1 + crypto/des/destest.c (1.30.2.7), "Exp", lines: +2 -2 + crypto/des/ecb3_enc.c (1.8.2.2), "Exp", lines: +3 -1 + crypto/aes/Makefile.ssl (1.4.2.7), "Exp", lines: +1 -2 + crypto/aes/aes.h (1.1.2.8), "Exp", lines: +0 -9 + crypto/aes/aes_cfb.c (1.1.2.8), "Exp", lines: +0 -93 + crypto/aes/aes_core.c (1.1.2.5), "Exp", lines: +0 -4 + crypto/cryptlib.c (1.32.2.10), "Exp", lines: +0 -5 + crypto/md32_common.h (1.22.2.5), "Exp", lines: +0 -11 + Configure (1.314.2.86), "Exp", lines: +0 -2 + Makefile.org (1.154.2.72), "Exp", lines: +8 -34 + TABLE (1.99.2.30), "Exp", lines: +0 -50 + + A new branch for FIPS-related changes has been created with the + name OpenSSL-fips-0_9_7-stable. + + Since the 0.9.7-stable branch is supposed to be in freeze + and should only contain bug corrections, this change removes the + FIPS changes from that branch. + +2004-05-11 14:44 ben + + Deleted: + apps/Makefile.ssl (1.100.2.27) + crypto/Makefile.ssl (1.84.2.12) + crypto/aes/Makefile.ssl (1.4.2.9) + crypto/asn1/Makefile.ssl (1.77.2.7) + crypto/bf/Makefile.ssl (1.25.2.6) + crypto/bio/Makefile.ssl (1.52.2.4) + crypto/bn/Makefile.ssl (1.65.2.9) + crypto/buffer/Makefile.ssl (1.32.2.4) + crypto/cast/Makefile.ssl (1.31.2.6) + crypto/comp/Makefile.ssl (1.32.2.4) + crypto/conf/Makefile.ssl (1.38.2.8) + crypto/des/Makefile.ssl (1.61.2.13) + crypto/dh/Makefile.ssl (1.43.2.5) + crypto/dsa/Makefile.ssl (1.49.2.9) + crypto/dso/Makefile.ssl (1.11.2.4) + crypto/ec/Makefile.ssl (1.7.2.4) + crypto/engine/Makefile.ssl (1.30.2.13) + crypto/err/Makefile.ssl (1.48.2.7) + crypto/evp/Makefile.ssl (1.64.2.12) + crypto/hmac/Makefile.ssl (1.33.2.6) + crypto/idea/Makefile.ssl (1.20.2.4) + crypto/krb5/Makefile.ssl (1.5.2.6) + crypto/lhash/Makefile.ssl (1.28.2.4) + crypto/md2/Makefile.ssl (1.29.2.5) + crypto/md4/Makefile.ssl (1.6.2.7) + crypto/md5/Makefile.ssl (1.33.2.10) + crypto/mdc2/Makefile.ssl (1.30.2.4) + crypto/objects/Makefile.ssl (1.46.2.6) + crypto/ocsp/Makefile.ssl (1.19.2.7) + crypto/pem/Makefile.ssl (1.51.2.5) + crypto/pkcs12/Makefile.ssl (1.37.2.5) + crypto/pkcs7/Makefile.ssl (1.47.2.5) + crypto/rand/Makefile.ssl (1.56.2.8) + crypto/rc2/Makefile.ssl (1.20.2.4) + crypto/rc4/Makefile.ssl (1.25.2.6) + crypto/rc5/Makefile.ssl (1.22.2.6) + crypto/ripemd/Makefile.ssl (1.25.2.9) + crypto/rsa/Makefile.ssl (1.53.2.6) + crypto/sha/Makefile.ssl (1.26.2.9) + crypto/stack/Makefile.ssl (1.28.2.4) + crypto/txt_db/Makefile.ssl (1.26.2.4) + crypto/ui/Makefile.ssl (1.10.2.6) + crypto/x509/Makefile.ssl (1.56.2.5) + crypto/x509v3/Makefile.ssl (1.62.2.5) + ssl/Makefile.ssl (1.53.2.11) + test/Makefile.ssl (1.84.2.36) + tools/Makefile.ssl (1.9.2.4) + Changed: + .cvsignore (1.7.6.2), "Exp", lines: +2 -1 + Configure (1.314.2.92), "Exp", lines: +38 -8 + FAQ (1.61.2.31), "Exp", lines: +1 -1 + INSTALL (1.45.2.9), "Exp", lines: +2 -2 + INSTALL.W32 (1.30.2.14), "Exp", lines: +9 -4 + Makefile.org (1.154.2.78), "Exp", lines: +51 -19 + PROBLEMS (1.4.2.10), "Exp", lines: +2 -2 + e_os.h (1.56.2.17), "Exp", lines: +20 -1 + apps/.cvsignore (1.5.8.1), "Exp", lines: +1 -0 + apps/Makefile (1.1.4.1), "Exp", lines: +1147 -0 + apps/apps.c (1.49.2.27), "Exp", lines: +0 -10 + apps/ca.c (1.102.2.31), "Exp", lines: +0 -10 + apps/dgst.c (1.23.2.10), "Exp", lines: +39 -11 + apps/openssl.c (1.48.2.9), "Exp", lines: +19 -0 + crypto/Makefile (1.1.4.1), "Exp", lines: +217 -0 + crypto/cryptlib.c (1.32.2.11), "Exp", lines: +5 -0 + crypto/crypto-lib.com (1.53.2.12), "Exp", lines: +1 -1 + crypto/md32_common.h (1.22.2.6), "Exp", lines: +12 -0 + crypto/aes/Makefile (1.1.4.1), "Exp", lines: +102 -0 + crypto/aes/aes.h (1.1.2.9), "Exp", lines: +9 -0 + crypto/aes/aes_cfb.c (1.1.2.9), "Exp", lines: +93 -0 + crypto/aes/aes_core.c (1.1.2.6), "Exp", lines: +4 -0 + crypto/asn1/Makefile (1.1.4.1), "Exp", lines: +1150 -0 + crypto/bf/Makefile (1.1.4.1), "Exp", lines: +113 -0 + crypto/bio/Makefile (1.1.4.1), "Exp", lines: +214 -0 + crypto/bio/bio.h (1.56.2.6), "Exp", lines: +1 -0 + crypto/bn/Makefile (1.1.4.1), "Exp", lines: +324 -0 + crypto/bn/bntest.c (1.55.2.4), "Exp", lines: +1 -1 + crypto/buffer/Makefile (1.1.4.1), "Exp", lines: +92 -0 + crypto/cast/Makefile (1.1.4.1), "Exp", lines: +118 -0 + crypto/cast/asm/.cvsignore (1.2.8.1), "Exp", lines: +1 -0 + crypto/comp/Makefile (1.1.4.1), "Exp", lines: +112 -0 + crypto/conf/Makefile (1.1.4.1), "Exp", lines: +181 -0 + crypto/des/Makefile (1.1.4.1), "Exp", lines: +314 -0 + crypto/des/cfb64ede.c (1.6.2.4), "Exp", lines: +111 -0 + crypto/des/des.h (1.40.2.6), "Exp", lines: +5 -1 + crypto/des/des_enc.c (1.11.2.4), "Exp", lines: +8 -0 + crypto/des/des_old.c (1.11.2.6), "Exp", lines: +1 -1 + crypto/des/destest.c (1.30.2.8), "Exp", lines: +2 -2 + crypto/des/ecb3_enc.c (1.8.2.3), "Exp", lines: +1 -3 + crypto/des/set_key.c (1.18.2.2), "Exp", lines: +4 -0 + crypto/dh/Makefile (1.1.4.1), "Exp", lines: +131 -0 + crypto/dsa/Makefile (1.1.4.1), "Exp", lines: +173 -0 + crypto/dsa/dsa_gen.c (1.19.2.1), "Exp", lines: +4 -1 + crypto/dsa/dsa_key.c (1.9.2.1), "Exp", lines: +2 -0 + crypto/dsa/dsa_ossl.c (1.12.2.6), "Exp", lines: +2 -0 + crypto/dsa/dsa_sign.c (1.10.2.5), "Exp", lines: +12 -0 + crypto/dsa/dsa_vrf.c (1.10.2.5), "Exp", lines: +8 -0 + crypto/dso/Makefile (1.1.4.1), "Exp", lines: +140 -0 + crypto/ec/Makefile (1.1.4.1), "Exp", lines: +126 -0 + crypto/engine/Makefile (1.1.4.1), "Exp", lines: +536 -0 + crypto/engine/hw_cryptodev.c (1.1.2.6), "Exp", lines: +6 -2 + crypto/err/Makefile (1.1.4.1), "Exp", lines: +118 -0 + crypto/err/err.h (1.35.2.6), "Exp", lines: +2 -0 + crypto/err/err_all.c (1.17.2.4), "Exp", lines: +4 -0 + crypto/err/openssl.ec (1.11.2.3), "Exp", lines: +1 -0 + crypto/evp/Makefile (1.1.4.1), "Exp", lines: +1057 -0 + crypto/evp/bio_md.c (1.11.2.1), "Exp", lines: +6 -0 + crypto/evp/c_allc.c (1.8.2.7), "Exp", lines: +8 -0 + crypto/evp/e_aes.c (1.6.2.10), "Exp", lines: +22 -4 + crypto/evp/e_des.c (1.5.2.8), "Exp", lines: +36 -3 + crypto/evp/e_des3.c (1.8.2.7), "Exp", lines: +43 -4 + crypto/evp/evp.h (1.86.2.15), "Exp", lines: +39 -11 + crypto/evp/evp_err.c (1.23.2.3), "Exp", lines: +3 -1 + crypto/evp/evp_lib.c (1.6.8.4), "Exp", lines: +24 -0 + crypto/evp/evp_locl.h (1.7.2.6), "Exp", lines: +11 -2 + crypto/evp/evp_test.c (1.14.2.13), "Exp", lines: +17 -8 + crypto/evp/evptests.txt (1.9.2.7), "Exp", lines: +106 -1 + crypto/hmac/Makefile (1.1.4.1), "Exp", lines: +99 -0 + crypto/idea/Makefile (1.1.4.1), "Exp", lines: +89 -0 + crypto/krb5/Makefile (1.1.4.1), "Exp", lines: +88 -0 + crypto/lhash/Makefile (1.1.4.1), "Exp", lines: +91 -0 + crypto/md2/Makefile (1.1.4.1), "Exp", lines: +91 -0 + crypto/md4/Makefile (1.1.4.1), "Exp", lines: +93 -0 + crypto/md5/Makefile (1.1.4.1), "Exp", lines: +129 -0 + crypto/mdc2/Makefile (1.1.4.1), "Exp", lines: +96 -0 + crypto/objects/Makefile (1.1.4.1), "Exp", lines: +121 -0 + crypto/objects/obj_dat.h (1.49.2.19), "Exp", lines: +33 -3 + crypto/objects/obj_mac.h (1.19.2.19), "Exp", lines: +40 -0 + crypto/objects/obj_mac.num (1.15.2.15), "Exp", lines: +10 -0 + crypto/objects/objects.txt (1.20.2.20), "Exp", lines: +13 -0 + crypto/ocsp/Makefile (1.1.4.1), "Exp", lines: +291 -0 + crypto/pem/Makefile (1.1.4.1), "Exp", lines: +334 -0 + crypto/pkcs12/Makefile (1.1.4.1), "Exp", lines: +415 -0 + crypto/pkcs7/Makefile (1.1.4.1), "Exp", lines: +241 -0 + crypto/rand/Makefile (1.1.4.1), "Exp", lines: +196 -0 + crypto/rand/md_rand.c (1.69.2.4), "Exp", lines: +9 -0 + crypto/rand/rand.h (1.26.2.7), "Exp", lines: +3 -0 + crypto/rand/rand_err.c (1.6.2.3), "Exp", lines: +4 -1 + crypto/rand/rand_lib.c (1.15.2.4), "Exp", lines: +11 -0 + crypto/rc2/Makefile (1.1.4.1), "Exp", lines: +89 -0 + crypto/rc4/Makefile (1.1.4.1), "Exp", lines: +108 -0 + crypto/rc5/Makefile (1.1.4.1), "Exp", lines: +106 -0 + crypto/ripemd/Makefile (1.1.4.1), "Exp", lines: +111 -0 + crypto/rsa/Makefile (1.1.4.1), "Exp", lines: +239 -0 + crypto/rsa/rsa_eay.c (1.28.2.9), "Exp", lines: +1 -1 + crypto/rsa/rsa_gen.c (1.8.6.1), "Exp", lines: +3 -0 + crypto/sha/Makefile (1.1.4.1), "Exp", lines: +118 -0 + crypto/sha/sha1dgst.c (1.21.2.1), "Exp", lines: +8 -0 + crypto/stack/Makefile (1.1.4.1), "Exp", lines: +86 -0 + crypto/txt_db/Makefile (1.1.4.1), "Exp", lines: +86 -0 + crypto/ui/Makefile (1.1.4.1), "Exp", lines: +115 -0 + crypto/x509/Makefile (1.1.4.1), "Exp", lines: +592 -0 + crypto/x509v3/Makefile (1.1.4.1), "Exp", lines: +601 -0 + fips/Makefile (1.1.4.1), "Exp", lines: +202 -0 + fips/fingerprint.sha1 (1.1.2.4), "Exp", lines: +4 -4 + fips/fips.c (1.1.2.3), "Exp", lines: +120 -5 + fips/fips.h (1.1.2.3), "Exp", lines: +42 -2 + fips/fips_check_sha1 (1.1.2.5), "Exp", lines: +2 -2 + fips/fips_err.h (1.1.4.1), "Exp", lines: +117 -0 + fips/fips_err_wrapper.c (1.1.2.3), "Exp", lines: +4 -2 + fips/fips_locl.h (1.1.4.1), "Exp", lines: +62 -0 + fips/fips_make_sha1 (1.1.2.5), "Exp", lines: +9 -6 + fips/fips_test_suite.c (1.1.4.1), "Exp", lines: +302 -0 + fips/openssl_fips_fingerprint (1.1.4.1), "Exp", lines: +25 -0 + fips/aes/Makefile (1.1.4.1), "Exp", lines: +131 -0 + fips/aes/fingerprint.sha1 (1.1.2.3), "Exp", lines: +3 -2 + fips/aes/fips_aes_core.c (1.1.2.3), "Exp", lines: +5 -2 + fips/aes/fips_aes_locl.h (1.1.2.3), "Exp", lines: +0 -0 + fips/aes/fips_aes_selftest.c (1.1.4.1), "Exp", lines: +112 -0 + fips/aes/fips_aesavs.c (1.1.2.10), "Exp", lines: +12 -6 + fips/des/Makefile (1.1.4.1), "Exp", lines: +155 -0 + fips/des/fingerprint.sha1 (1.1.2.3), "Exp", lines: +5 -2 + fips/des/fips_des_enc.c (1.1.2.4), "Exp", lines: +16 -3 + fips/des/fips_des_locl.h (1.1.2.3), "Exp", lines: +1 -1 + fips/des/fips_des_selftest.c (1.1.4.1), "Exp", lines: +200 -0 + fips/des/fips_desmovs.c (1.1.2.4), "Exp", lines: +186 -79 + fips/des/fips_set_key.c (1.1.4.1), "Exp", lines: +415 -0 + fips/des/asm/fips-dx86-elf.s (1.1.4.1), "Exp", lines: +2697 -0 + fips/dsa/Makefile (1.1.4.1), "Exp", lines: +159 -0 + fips/dsa/fingerprint.sha1 (1.1.2.4), "Exp", lines: +3 -1 + fips/dsa/fips_dsa_gen.c (1.1.4.1), "Exp", lines: +373 -0 + fips/dsa/fips_dsa_ossl.c (1.1.2.4), "Exp", lines: +16 -3 + fips/dsa/fips_dsa_selftest.c (1.1.4.1), "Exp", lines: +168 -0 + fips/dsa/fips_dsatest.c (1.1.2.4), "Exp", lines: +10 -6 + fips/dsa/fips_dssvs.c (1.1.4.1), "Exp", lines: +306 -0 + fips/rand/Makefile (1.1.4.1), "Exp", lines: +104 -0 + fips/rand/fingerprint.sha1 (1.1.2.3), "Exp", lines: +2 -2 + fips/rand/fips_rand.c (1.1.2.3), "Exp", lines: +60 -10 + fips/rand/fips_rand.h (1.1.2.3), "Exp", lines: +19 -1 + fips/rand/fips_randtest.c (1.1.2.3), "Exp", lines: +31 -10 + fips/rsa/Makefile (1.1.4.1), "Exp", lines: +112 -0 + fips/rsa/fingerprint.sha1 (1.1.4.1), "Exp", lines: +3 -0 + fips/rsa/fips_rsa_eay.c (1.1.4.1), "Exp", lines: +735 -0 + fips/rsa/fips_rsa_gen.c (1.1.4.1), "Exp", lines: +249 -0 + fips/rsa/fips_rsa_selftest.c (1.1.4.1), "Exp", lines: +207 -0 + fips/sha1/.cvsignore (1.1.2.3), "Exp", lines: +1 -2 + fips/sha1/Makefile (1.1.4.1), "Exp", lines: +158 -0 + fips/sha1/fingerprint.sha1 (1.1.2.4), "Exp", lines: +5 -3 + fips/sha1/fips_md32_common.h (1.1.2.3), "Exp", lines: +0 -0 + fips/sha1/fips_sha1_selftest.c (1.1.4.1), "Exp", lines: +97 -0 + fips/sha1/fips_sha1dgst.c (1.1.2.4), "Exp", lines: +4 -4 + fips/sha1/fips_sha1test.c (1.1.2.4), "Exp", lines: +17 -0 + fips/sha1/fips_sha_locl.h (1.1.2.3), "Exp", lines: +7 -0 + fips/sha1/fips_standalone_sha1.c (1.1.2.4), "Exp", lines: +60 -7 + fips/sha1/sha1hashes.txt (1.1.2.3), "Exp", lines: +0 -0 + fips/sha1/sha1vectors.txt (1.1.2.3), "Exp", lines: +0 -0 + fips/sha1/standalone.sha1 (1.1.2.5), "Exp", lines: +6 -4 + fips/sha1/asm/sx86-elf.s (1.1.4.1), "Exp", lines: +1568 -0 + ms/do_masm.bat (1.1.8.2), "Exp", lines: +12 -10 + ms/do_ms.bat (1.4.8.2), "Exp", lines: +11 -11 + ms/do_nasm.bat (1.1.8.2), "Exp", lines: +12 -11 + ms/do_nt.bat (1.2.8.1), "Exp", lines: +4 -4 + shlib/hpux10-cc.sh (1.3.2.2), "Exp", lines: +3 -3 + ssl/Makefile (1.1.4.1), "Exp", lines: +1019 -0 + ssl/s3_clnt.c (1.53.2.16), "Exp", lines: +10 -0 + ssl/s3_srvr.c (1.85.2.21), "Exp", lines: +9 -0 + ssl/ssl_cert.c (1.48.2.7), "Exp", lines: +9 -0 + ssl/ssl_lib.c (1.110.2.12), "Exp", lines: +13 -1 + ssl/ssltest.c (1.53.2.23), "Exp", lines: +33 -1 + ssl/t1_enc.c (1.27.2.8), "Exp", lines: +19 -1 + test/.cvsignore (1.4.8.1), "Exp", lines: +4 -0 + test/Makefile (1.1.4.1), "Exp", lines: +941 -0 + test/bctest (1.14.2.1), "Exp", lines: +1 -1 + test/testenc (1.3.8.1), "Exp", lines: +1 -1 + test/testfipsssl (1.1.4.1), "Exp", lines: +113 -0 + tools/Makefile (1.1.4.1), "Exp", lines: +61 -0 + util/cygwin.sh (1.1.2.5), "Exp", lines: +3 -3 + util/domd (1.6.2.3), "Exp", lines: +5 -5 + util/fixNT.sh (1.1.1.2.8.1), "Exp", lines: +3 -3 + util/libeay.num (1.173.2.19), "Exp", lines: +55 -11 + util/mk1mf.pl (1.41.2.10), "Exp", lines: +6 -4 + util/mkdef.pl (1.67.2.7), "Exp", lines: +11 -4 + util/mkerr.pl (1.18.2.6), "Exp", lines: +2 -1 + util/mkfiles.pl (1.12.2.1), "Exp", lines: +8 -1 + util/pod2mantest (1.1.2.7), "Exp", lines: +1 -1 + util/selftest.pl (1.18.2.1), "Exp", lines: +2 -2 + util/pl/BC-16.pl (1.2.2.1), "Exp", lines: +1 -1 + util/pl/BC-32.pl (1.11.2.4), "Exp", lines: +1 -1 + util/pl/Mingw32.pl (1.12.6.5), "Exp", lines: +1 -1 + util/pl/OS2-EMX.pl (1.1.2.3), "Exp", lines: +1 -1 + util/pl/VC-16.pl (1.3.2.1), "Exp", lines: +2 -2 + util/pl/VC-32.pl (1.11.2.3), "Exp", lines: +2 -2 + util/pl/VC-CE.pl (1.1.2.5), "Exp", lines: +1 -1 + util/pl/ultrix.pl (1.2.8.1), "Exp", lines: +1 -1 + + Pull FIPS back into stable. + +2004-05-12 10:27 levitte + + Changed: + apps/Makefile (1.1.4.2), "Exp", lines: +3 -1 + + Only check for FIPS signatures when FIPS is enabled. + +2004-05-12 10:28 levitte + + Changed: + crypto/des/FILES0 (1.1.4.2), "Exp", lines: +1 -1 + + Makefile.ssl changed name to Makefile. + +2004-05-12 10:28 levitte + + Changed: + fips/rand/fips_rand.c (1.1.2.4), "Exp", lines: +5 -1 + + Only really build this file when OPENSSL_FIPS is defined. And oh, + let's keep internal variables static. + +2004-05-12 10:42 levitte + + Changed: + fips/rand/fingerprint.sha1 (1.1.2.4), "Exp", lines: +1 -1 + + I forgot to modify the signature for fips_rand.c... + +2004-05-12 10:46 levitte + + Changed: + fips/rsa/.cvsignore (1.1.4.1), "Exp", lines: +1 -0 + fips/.cvsignore (1.1.2.3), "Exp", lines: +1 -1 + fips/aes/.cvsignore (1.1.2.3), "Exp", lines: +0 -3 + fips/des/.cvsignore (1.1.2.3), "Exp", lines: +0 -2 + fips/dsa/.cvsignore (1.1.2.3), "Exp", lines: +0 -1 + fips/rand/.cvsignore (1.1.2.3), "Exp", lines: +0 -1 + + Ignore the 'lib' timestamp file. + +2004-05-12 12:07 levitte + + Changed: + fips/.cvsignore (1.1.2.4), "Exp", lines: +1 -0 + fips/aes/.cvsignore (1.1.2.4), "Exp", lines: +1 -0 + fips/des/.cvsignore (1.1.2.4), "Exp", lines: +1 -0 + fips/dsa/.cvsignore (1.1.2.4), "Exp", lines: +1 -0 + fips/rand/.cvsignore (1.1.2.4), "Exp", lines: +1 -0 + fips/rsa/.cvsignore (1.1.4.2), "Exp", lines: +1 -0 + fips/sha1/.cvsignore (1.1.2.4), "Exp", lines: +1 -0 + + Ignore 'Makefile.save' + +2004-05-12 16:11 ben + + Changed: + crypto/rand/rand.h (1.26.2.8), "Exp", lines: +2 -0 + crypto/rand/rand_err.c (1.6.2.4), "Exp", lines: +2 -0 + fips/fingerprint.sha1 (1.1.2.5), "Exp", lines: +1 -1 + fips/fips.c (1.1.2.4), "Exp", lines: +5 -1 + fips/rand/fingerprint.sha1 (1.1.2.5), "Exp", lines: +1 -1 + fips/rand/fips_rand.c (1.1.2.5), "Exp", lines: +29 -0 + + Blow up in people's faces if they don't reseed. + +2004-05-15 19:51 ben + + Changed: + crypto/dh/dh.h (1.23.2.6), "Exp", lines: +1 -0 + crypto/dh/dh_err.c (1.6.2.3), "Exp", lines: +2 -1 + crypto/dh/dh_gen.c (1.8.8.2), "Exp", lines: +9 -0 + fips/fips_test_suite.c (1.1.4.2), "Exp", lines: +4 -3 + fips/aes/fips_aesavs.c (1.1.2.11), "Exp", lines: +49 -1 + fips/des/fingerprint.sha1 (1.1.2.4), "Exp", lines: +1 -1 + fips/des/fips_desmovs.c (1.1.2.5), "Exp", lines: +49 -1 + fips/des/fips_set_key.c (1.1.4.2), "Exp", lines: +2 -0 + fips/sha1/fingerprint.sha1 (1.1.2.5), "Exp", lines: +1 -1 + fips/sha1/fips_md32_common.h (1.1.2.4), "Exp", lines: +3 -0 + fips/sha1/standalone.sha1 (1.1.2.6), "Exp", lines: +1 -1 + + Fix self-tests, ban some things in FIPS mode, fix copyrights. + +2004-05-17 06:28 levitte + + Changed: + util/mk1mf.pl (1.41.2.11), "Exp", lines: +8 -2 + util/pl/BC-16.pl (1.2.2.2), "Exp", lines: +9 -4 + util/pl/BC-32.pl (1.11.2.5), "Exp", lines: +8 -3 + util/pl/Mingw32.pl (1.12.6.6), "Exp", lines: +7 -2 + util/pl/OS2-EMX.pl (1.1.2.4), "Exp", lines: +7 -2 + util/pl/VC-16.pl (1.3.2.2), "Exp", lines: +7 -2 + util/pl/VC-32.pl (1.11.2.4), "Exp", lines: +7 -2 + util/pl/VC-CE.pl (1.1.2.6), "Exp", lines: +7 -2 + util/pl/linux.pl (1.3.6.1), "Exp", lines: +7 -2 + util/pl/ultrix.pl (1.2.8.2), "Exp", lines: +7 -2 + util/pl/unix.pl (1.2.8.1), "Exp", lines: +7 -2 + + Generate SHA1 files on Windows and other platforms supported by + mk1mf.pl, when building in FIPS mode. + + Note: UNTESTED! + +2004-05-17 06:30 levitte + + Changed: + apps/apps.h (1.44.2.14), "Exp", lines: +3 -0 + apps/openssl.c (1.48.2.10), "Exp", lines: +9 -5 + + Make sure the applications know when we are running in FIPS mode. + We can't use the variable in libcrypto, since it's supposedly + unknown. + + Note: currently only supported in MONOLITH mode. + +2004-05-17 06:31 levitte + + Changed: + apps/enc.c (1.35.2.9), "Exp", lines: +10 -1 + + When in FIPS mode, use SHA1 to digest the key, rather than MD5, as + MD5 isn't a FIPS-approved algorithm. + + Note: this means the user needs to keep track of this, and + we need to add support for that... + +2004-05-19 16:16 levitte + + Changed: + fips/rsa/fingerprint.sha1 (1.1.4.2), "Exp", lines: +2 -2 + fips/rsa/fips_rsa_eay.c (1.1.4.2), "Exp", lines: +8 -8 + fips/rsa/fips_rsa_gen.c (1.1.4.2), "Exp", lines: +1 -1 + fips/dsa/fingerprint.sha1 (1.1.2.5), "Exp", lines: +2 -2 + fips/dsa/fips_dsa_gen.c (1.1.4.2), "Exp", lines: +2 -2 + fips/dsa/fips_dsa_ossl.c (1.1.2.5), "Exp", lines: +4 -4 + fips/aes/fingerprint.sha1 (1.1.2.4), "Exp", lines: +1 -1 + fips/aes/fips_aes_core.c (1.1.2.4), "Exp", lines: +5 -5 + crypto/rsa/rsa.h (1.36.2.11), "Exp", lines: +4 -0 + crypto/aes/aes.h (1.1.2.10), "Exp", lines: +6 -0 + crypto/dsa/dsa.h (1.26.2.5), "Exp", lines: +4 -0 + + Define FIPS_*_SIZE_T for AES, DSA and RSA as well, in preparation + for size_t-ification of those algorithms in future version of + OpenSSL... + +2004-05-27 11:33 levitte + + Changed: + makevms.com (1.35.2.3), "Exp", lines: +27 -0 + + Copy the FIPS files to the temporary openssl include directory. + +2004-05-27 12:04 levitte + + Changed: + fips/fips-lib.com (1.1.2.1), "Exp", lines: +1179 -0 + makevms.com (1.35.2.4), "Exp", lines: +8 -0 + + Compile the FIPS directory on VMS as well. fips-lib.com is + essentially a copy of crypto-lib.com, with just a few edits. + +2004-05-27 12:07 levitte + + Changed: + fips/install.com (1.1.2.1), "Exp", lines: +55 -0 + install.com (1.4.2.2), "Exp", lines: +6 -6 + + Run an installation of FIPS stuff as well. + +2004-05-27 12:19 levitte + + Changed: + test/maketests.com (1.13.2.5), "Exp", lines: +3 -3 + apps/makeapps.com (1.18.2.5), "Exp", lines: +3 -3 + + Make sure o_str.h is reachable. + +2004-06-19 15:15 ben + + Changed: + Makefile.org (1.154.2.80), "Exp", lines: +1 -1 + crypto/dh/dh.h (1.23.2.7), "Exp", lines: +0 -1 + crypto/dh/dh_check.c (1.6.2.1), "Exp", lines: +4 -0 + crypto/dh/dh_err.c (1.6.2.4), "Exp", lines: +0 -1 + crypto/dh/dh_gen.c (1.8.8.3), "Exp", lines: +5 -9 + crypto/dh/dh_key.c (1.16.2.3), "Exp", lines: +4 -0 + fips/Makefile (1.1.4.2), "Exp", lines: +13 -14 + fips/fingerprint.sha1 (1.1.2.6), "Exp", lines: +2 -2 + fips/fips.h (1.1.2.4), "Exp", lines: +1 -0 + fips/fips_err.h (1.1.4.2), "Exp", lines: +1 -0 + fips/fips_make_sha1 (1.1.2.6), "Exp", lines: +3 -0 + fips/fips_test_suite.c (1.1.4.3), "Exp", lines: +13 -9 + fips/openssl_fips_fingerprint (1.1.4.2), "Exp", lines: +1 -2 + + The version that was actually submitted for FIPS testing. + +2004-06-19 15:16 ben + + Changed: + fips/dh/Makefile (1.1.2.1), "Exp", lines: +92 -0 + fips/dh/fingerprint.sha1 (1.1.2.1), "Exp", lines: +3 -0 + fips/dh/fips_dh_check.c (1.1.2.1), "Exp", lines: +119 -0 + fips/dh/fips_dh_gen.c (1.1.2.1), "Exp", lines: +182 -0 + fips/dh/fips_dh_key.c (1.1.2.1), "Exp", lines: +222 -0 + + Add Diffie-Hellman to FIPS. + +2004-06-19 15:18 ben + + Changed: + fips/.cvsignore (1.1.2.5), "Exp", lines: +2 -0 + fips/dh/.cvsignore (1.1.2.1), "Exp", lines: +1 -0 + + Update ignores. + +2004-06-21 11:07 levitte + + Changed: + fips/aes/Makefile (1.1.4.2), "Exp", lines: +7 -5 + fips/des/Makefile (1.1.4.2), "Exp", lines: +7 -5 + fips/dh/Makefile (1.1.2.2), "Exp", lines: +7 -6 + fips/dsa/Makefile (1.1.4.2), "Exp", lines: +7 -6 + fips/rsa/Makefile (1.1.4.2), "Exp", lines: +7 -6 + fips/sha1/Makefile (1.1.4.2), "Exp", lines: +7 -5 + + Make sure we don't try to loop over an empty EXHEADER. In the + Makefiles where this was fixed by commenting away code, change it + to check for an empty EXHEADER instead, so we have less hassle in a + future where EXHEADER changes. + + PR: 900 + +2004-06-21 20:05 levitte + + Changed: + Makefile.org (1.154.2.82), "Exp", lines: +3 -1 + + Standard sh doesn't tolerate ! as part of the conditional command. + + PR: 900 + +2004-06-28 22:33 levitte + + Changed: + fips/dh/fips_dh_check.c (1.1.2.2), "Exp", lines: +6 -0 + fips/dh/fips_dh_gen.c (1.1.2.2), "Exp", lines: +6 -2 + fips/dh/fips_dh_key.c (1.1.2.2), "Exp", lines: +8 -0 + + Make sure the FIPS stuff is only really compiled when in FIPS mode. + +2004-07-12 19:59 ben + + Changed: + fips/fips_test_suite.c (1.1.4.4), "Exp", lines: +39 -6 + fips/dh/fingerprint.sha1 (1.1.2.2), "Exp", lines: +3 -3 + + Corrected test program. + +2004-07-17 14:48 appro + + Changed: + fips/des/Makefile (1.1.4.3), "Exp", lines: +1 -1 + + Eliminate enforced -g from CFLAGS. It switches off optimization + with some compilers, e.g. DEC C. + +2004-07-21 19:41 steve + + Changed: + crypto/pem/pem_all.c (1.20.2.1), "Exp", lines: +119 -0 + + When in FIPS mode write private keys in PKCS#8 and PBES2 format to + avoid use of prohibited MD5 algorithm. + +2004-07-23 15:20 ben + + Changed: + fips/rand/fingerprint.sha1 (1.1.2.7), "Exp", lines: +1 -1 + fips/rand/fips_rand.c (1.1.2.7), "Exp", lines: +22 -7 + fips/rand/fips_randtest.c (1.1.2.5), "Exp", lines: +2 -2 + + Convert to X9.31. + +2004-07-21 19:35 steve + + Changed: + fips/fingerprint.sha1 (1.1.2.7), "Exp", lines: +1 -1 + fips/fips.c (1.1.2.5), "Exp", lines: +3 -3 + fips/rsa/fingerprint.sha1 (1.1.4.3), "Exp", lines: +1 -1 + fips/rsa/fips_rsa_selftest.c (1.1.4.2), "Exp", lines: +8 -8 + + Avoid compiler warnings. + +2004-07-27 02:17 steve + + Changed: + fips/fips_test_suite.c (1.1.4.5), "Exp", lines: +9 -8 + + Stop compiler warnings. + +2004-07-27 02:20 steve + + Changed: + crypto/err/err.c (1.51.2.6), "Exp", lines: +1 -0 + + Add FIPS name to error library. + +2004-07-27 14:22 steve + + Changed: + Makefile.org (1.154.2.84), "Exp", lines: +3 -3 + fips/fips_check_sha1 (1.1.2.6), "Exp", lines: +1 -1 + fips/openssl_fips_fingerprint (1.1.4.3), "Exp", lines: +1 -1 + + Rename libcrypto.sha1 to libcrypto.a.sha1 + +2004-07-27 20:28 steve + + Changed: + ssl/s3_lib.c (1.57.2.11), "Exp", lines: +33 -33 + ssl/ssl.h (1.126.2.20), "Exp", lines: +1 -0 + ssl/ssl_ciph.c (1.33.2.9), "Exp", lines: +11 -0 + ssl/ssl_locl.h (1.47.2.3), "Exp", lines: +2 -1 + + New cipher "strength" FIPS which specifies that a cipher suite is + FIPS compatible. + + New cipherstring "FIPS" is all FIPS compatible ciphersuites + except eNULL. + + Only allow FIPS ciphersuites in FIPS mode. + +2004-07-28 04:24 levitte + + Changed: + makevms.com (1.35.2.6), "Exp", lines: +2 -2 + + From the FIPS directory, darnit! + +2004-07-28 15:47 levitte + + Changed: + makevms.com (1.35.2.7), "Exp", lines: +5 -1 + + Define OPENSSL_FIPS in opensslconf.h if a logical name with the + same name is defined. + + Go up one directory level before dealing with FIPS stuff. + +2004-07-30 00:26 levitte + + Changed: + fips/fips-lib.com (1.1.2.2), "Exp", lines: +3 -3 + + We're building crypto stuff, not ssl stuff. Additionally, we're in + the fips subdirectory, not the crypto one... + +2004-07-30 16:37 levitte + + Changed: + fips/sha1/fingerprint.sha1 (1.1.2.7), "Exp", lines: +2 -2 + fips/sha1/fips_md32_common.h (1.1.2.6), "Exp", lines: +1 -1 + fips/sha1/fips_sha_locl.h (1.1.2.5), "Exp", lines: +2 -2 + fips/sha1/fips_standalone_sha1.c (1.1.2.5), "Exp", lines: +1 -1 + fips/sha1/standalone.sha1 (1.1.2.8), "Exp", lines: +3 -3 + ssl/ssl_ciph.c (1.33.2.10), "Exp", lines: +2 -2 + fips/rsa/fingerprint.sha1 (1.1.4.4), "Exp", lines: +2 -2 + fips/rsa/fips_rsa_eay.c (1.1.4.3), "Exp", lines: +1 -1 + fips/rsa/fips_rsa_gen.c (1.1.4.3), "Exp", lines: +1 -1 + fips/dh/fingerprint.sha1 (1.1.2.3), "Exp", lines: +1 -1 + fips/dh/fips_dh_gen.c (1.1.2.3), "Exp", lines: +1 -1 + fips/dsa/fingerprint.sha1 (1.1.2.6), "Exp", lines: +2 -2 + fips/dsa/fips_dsa_gen.c (1.1.4.3), "Exp", lines: +4 -3 + fips/dsa/fips_dsa_ossl.c (1.1.2.6), "Exp", lines: +2 -2 + fips/des/fingerprint.sha1 (1.1.2.5), "Exp", lines: +2 -2 + fips/des/fips_des_enc.c (1.1.2.5), "Exp", lines: +2 -2 + fips/des/fips_set_key.c (1.1.4.3), "Exp", lines: +3 -3 + fips/fingerprint.sha1 (1.1.2.8), "Exp", lines: +2 -2 + fips/fips.c (1.1.2.6), "Exp", lines: +76 -23 + fips/fips.h (1.1.2.5), "Exp", lines: +2 -3 + fips/fips_locl.h (1.1.4.2), "Exp", lines: +7 -2 + fips/aes/fingerprint.sha1 (1.1.2.5), "Exp", lines: +1 -1 + fips/aes/fips_aes_core.c (1.1.2.5), "Exp", lines: +1 -1 + crypto/rand/md_rand.c (1.69.2.5), "Exp", lines: +1 -1 + crypto/rand/rand_lib.c (1.15.2.5), "Exp", lines: +2 -1 + crypto/dsa/dsa_sign.c (1.10.2.6), "Exp", lines: +2 -2 + crypto/dsa/dsa_vrf.c (1.10.2.6), "Exp", lines: +1 -1 + crypto/pem/pem_all.c (1.20.2.2), "Exp", lines: +2 -2 + crypto/cryptlib.c (1.32.2.12), "Exp", lines: +122 -6 + crypto/crypto.h (1.62.2.8), "Exp", lines: +8 -1 + crypto/md32_common.h (1.22.2.7), "Exp", lines: +2 -2 + + To protect FIPS-related global variables, add locking mechanisms + around them. + + NOTE: because two new locks are added, this adds potential + binary incompatibility with earlier versions in the 0.9.7 series. + However, those locks will only ever be touched when FIPS_mode_set() + is called and after, thanks to a variable that's only changed from + 0 to 1 once (when FIPS_mode_set() is called). So basically, as + long as FIPS mode hasn't been engaged explicitely by the calling + application, the new locks are treated as if they didn't exist at + all, thus not becoming a problem. Applications that are built or + rebuilt to use FIPS functionality will need to be recompiled in any + case, thus not being a problem either. + +2004-08-02 16:15 levitte + + Changed: + crypto/cryptlib.c (1.32.2.13), "Exp", lines: +4 -4 + + Let's lock a write lock when changing values, shall we? + + Thanks to Dr Stephen Henson + for making me aware of this error. + +2004-08-05 20:11 steve + + Changed: + fips/fingerprint.sha1 (1.1.2.9), "Exp", lines: +1 -1 + fips/fips.c (1.1.2.7), "Exp", lines: +1 -1 + + Stop compiler giving bogus shadow warning. + +2004-08-09 14:13 levitte + + Changed: + makevms.com (1.35.2.8), "Exp", lines: +1 -1 + + In the fips directory, we use FIPS-LIB.COM, not CRYPTO-LIB.COM... + +2004-08-09 14:14 levitte + + Changed: + fips/fips-lib.com (1.1.2.3), "Exp", lines: +4 -4 + + Correct typos and include directory specifications. + +2004-08-10 11:11 levitte + + Changed: + fips/fips-lib.com (1.1.2.4), "Exp", lines: +2 -1 + + Update the VMS fips library builder with the DH library. + +2004-08-10 12:04 levitte + + Changed: + fips/rand/fingerprint.sha1 (1.1.2.8), "Exp", lines: +1 -1 + fips/rand/fips_rand.c (1.1.2.8), "Exp", lines: +7 -1 + + With DEC C in ANSI C mode, we need to define _XOPEN_SOURCE_EXTENDED + to get struct timeval and gettimeofday(). + +2004-09-06 16:19 levitte + + Changed: + fips/fips.c (1.1.2.8), "Exp", lines: +5 -4 + + Replace the bogus checks of n with proper uses of feof(), ferror() + and clearerr(). + +2004-09-06 16:21 levitte + + Changed: + fips/sha1/fips_sha_locl.h (1.1.2.6), "Exp", lines: +2 -2 + + num is an unsigned long, but since it was transfered from + crypto/sha/sha_locl.h, where it is in fact an int, we need to check + for less-than-zero as if it was an int... + +2004-10-08 12:03 ben + + Changed: + fips/fingerprint.sha1 (1.1.2.10), "Exp", lines: +1 -1 + fips/sha1/fingerprint.sha1 (1.1.2.8), "Exp", lines: +1 -1 + fips/sha1/standalone.sha1 (1.1.2.9), "Exp", lines: +1 -1 + + Update fingerprints. + +2004-10-14 07:51 levitte + + Changed: + VMS/mkshared.com (1.3.2.1), "Exp", lines: +8 -0 + + We need to check for OPENSSL_FIPS when building shared libraries, + so we get correct transfer vectors for those functions when + required. + +2004-10-26 13:47 steve + + Changed: + util/mkfiles.pl (1.12.2.2), "Exp", lines: +1 -0 + + Add fips/dh directory to mkfiles.pl + +2004-10-26 14:17 levitte + + Changed: + fips/sha1/Makefile (1.1.4.4), "Exp", lines: +3 -1 + util/mkfiles.pl (1.12.2.3), "Exp", lines: +1 -0 + fips/Makefile (1.1.4.5), "Exp", lines: +7 -1 + crypto/sha/Makefile (1.1.4.4), "Exp", lines: +1 -7 + + fips/dh was missing in mkfiles.pl. make update + +2004-10-26 15:01 steve + + Changed: + util/mkfiles.pl (1.12.2.4), "Exp", lines: +0 -1 + + Only add fips/dh once... + +2004-11-01 09:20 levitte + + Changed: + fips/rand/fingerprint.sha1 (1.1.2.9), "Exp", lines: +1 -1 + fips/rand/fips_rand.c (1.1.2.9), "Exp", lines: +3 -1 + + Make sure _XOPEN_SOURCE_EXTENDED is correctly defined, and only if + not already defined. + +2004-12-09 19:03 appro + + vChanged: + crypto/Makefile (1.1.4.4), "Exp", lines: +2 -0 + + Postpone linking of shared libcrypto in FIPS build. + +2004-12-09 19:13 appro + + Changed: + fips/fingerprint.sha1 (1.1.2.11), "Exp", lines: +1 -1 + fips/fips.c (1.1.2.9), "Exp", lines: +13 -1 + fips/openssl_fips_fingerprint (1.1.4.4), "Exp", lines: +4 -2 + + Cygwin specific FIPS fix-ups. + +2004-12-09 23:43 appro + + Changed: + Configure (1.314.2.100), "Exp", lines: +2 -3 + crypto/des/des_enc.c (1.11.2.5), "Exp", lines: +2 -2 + + Eliminate false dependency on 386 config option is FIPS context. + At the same time limit assembler support to ELF platforms [that's + what is there, ELF modules]. + +2004-12-10 12:37 appro + + Changed: + Configure (1.314.2.101), "Exp", lines: +10 -3 + crypto/des/des_enc.c (1.11.2.6), "Exp", lines: +2 -2 + + Respect no-asm with fips option and disable FIPS DES assembler in + shared context [because it's not PIC]. + +2004-12-10 14:15 appro + + Changed: + fips/sha1/fingerprint.sha1 (1.1.2.10), "Exp", lines: +1 -1 + fips/sha1/standalone.sha1 (1.1.2.11), "Exp", lines: +1 -1 + fips/sha1/asm/sx86-elf.s (1.1.4.3), "Exp", lines: +32 -32 + + Solaris x86 assembler update. + +2004-12-10 17:30 appro + + Changed: + fips/fips_check_sha1 (1.1.2.7), "Exp", lines: +1 -1 + fips/openssl_fips_fingerprint (1.1.4.5), "Exp", lines: +1 -1 + fips/sha1/Makefile (1.1.4.6), "Exp", lines: +1 -1 + + Adapt FIPS sub-tree for mingw. + +2005-01-03 18:46 steve + + Changed: + fips/rsa/fingerprint.sha1 (1.1.4.5), "Exp", lines: +1 -1 + fips/rsa/fips_rsa_selftest.c (1.1.4.3), "Exp", lines: +55 -11 + + RSA KAT. + +2005-01-11 17:54 levitte + + Changed: + fips/rsa/fingerprint.sha1 (1.1.4.6), "Exp", lines: +1 -1 + fips/rsa/fips_rsa_selftest.c (1.1.4.4), "Exp", lines: +2 -2 + + Clear signed vs. unsigned conflicts. Change the fingerprint + accordingly. + +2005-01-11 19:25 levitte + + Changed: + ssl/ssltest.c (1.53.2.24), "Exp", lines: +2 -2 + fips/rand/fips_randtest.c (1.1.2.6), "Exp", lines: +3 -3 + fips/sha1/fips_sha1test.c (1.1.2.5), "Exp", lines: +10 -4 + fips/des/fips_desmovs.c (1.1.2.6), "Exp", lines: +8 -7 + fips/dsa/fips_dsatest.c (1.1.2.5), "Exp", lines: +2 -2 + apps/openssl.c (1.48.2.12), "Exp", lines: +1 -1 + fips/aes/fips_aesavs.c (1.1.2.12), "Exp", lines: +8 -7 + + Use EXIT() instead of exit(). + +2005-01-26 21:00 steve + + Changed: + apps/dgst.c (1.23.2.13), "Exp", lines: +10 -0 + apps/pkcs12.c (1.60.2.13), "Exp", lines: +8 -1 + crypto/crypto.h (1.62.2.9), "Exp", lines: +49 -0 + crypto/md32_common.h (1.22.2.9), "Exp", lines: +1 -1 + crypto/bf/bf_skey.c (1.6.2.1), "Exp", lines: +2 -1 + crypto/bf/blowfish.h (1.9.2.1), "Exp", lines: +4 -1 + crypto/cast/c_skey.c (1.5.6.1), "Exp", lines: +3 -1 + crypto/cast/cast.h (1.7.2.1), "Exp", lines: +4 -1 + crypto/evp/bio_md.c (1.11.2.3), "Exp", lines: +2 -7 + crypto/evp/digest.c (1.21.2.7), "Exp", lines: +11 -0 + crypto/evp/e_aes.c (1.6.2.11), "Exp", lines: +11 -11 + crypto/evp/e_des.c (1.5.2.9), "Exp", lines: +5 -3 + crypto/evp/e_des3.c (1.8.2.8), "Exp", lines: +6 -6 + crypto/evp/evp.h (1.86.2.16), "Exp", lines: +17 -0 + crypto/evp/evp_enc.c (1.28.2.11), "Exp", lines: +15 -1 + crypto/evp/evp_err.c (1.23.2.4), "Exp", lines: +6 -1 + crypto/evp/evp_locl.h (1.7.2.7), "Exp", lines: +17 -2 + crypto/evp/m_dss.c (1.8.2.1), "Exp", lines: +1 -1 + crypto/evp/m_md2.c (1.9.2.1), "Exp", lines: +1 -0 + crypto/evp/m_md4.c (1.8.2.1), "Exp", lines: +1 -0 + crypto/evp/m_md5.c (1.9.2.1), "Exp", lines: +1 -0 + crypto/evp/m_mdc2.c (1.9.2.1), "Exp", lines: +1 -0 + crypto/evp/m_sha.c (1.8.2.2), "Exp", lines: +1 -0 + crypto/evp/m_sha1.c (1.8.2.1), "Exp", lines: +1 -1 + crypto/evp/names.c (1.7.2.1), "Exp", lines: +3 -0 + crypto/hmac/hmac.c (1.12.2.3), "Exp", lines: +7 -0 + crypto/hmac/hmac.h (1.14.2.2), "Exp", lines: +1 -0 + crypto/idea/i_skey.c (1.5.6.1), "Exp", lines: +13 -0 + crypto/idea/idea.h (1.10.2.1), "Exp", lines: +4 -0 + crypto/md2/md2.h (1.11.2.1), "Exp", lines: +3 -0 + crypto/md2/md2_dgst.c (1.13.2.4), "Exp", lines: +3 -1 + crypto/md4/md4.h (1.3.2.1), "Exp", lines: +3 -0 + crypto/md4/md4_dgst.c (1.2.2.2), "Exp", lines: +1 -1 + crypto/md5/md5.h (1.10.2.3), "Exp", lines: +3 -0 + crypto/md5/md5_dgst.c (1.16.2.2), "Exp", lines: +1 -1 + crypto/mdc2/mdc2.h (1.9.2.1), "Exp", lines: +3 -1 + crypto/mdc2/mdc2dgst.c (1.13.2.1), "Exp", lines: +3 -1 + crypto/rc2/rc2.h (1.10.2.1), "Exp", lines: +4 -1 + crypto/rc2/rc2_skey.c (1.4.6.1), "Exp", lines: +13 -0 + crypto/rc4/rc4.h (1.10.2.2), "Exp", lines: +3 -0 + crypto/rc4/rc4_skey.c (1.10.8.2), "Exp", lines: +2 -1 + crypto/rc5/rc5.h (1.5.2.1), "Exp", lines: +4 -1 + crypto/rc5/rc5_skey.c (1.4.6.1), "Exp", lines: +14 -0 + crypto/ripemd/ripemd.h (1.8.2.1), "Exp", lines: +3 -0 + crypto/ripemd/rmd_dgst.c (1.13.2.2), "Exp", lines: +2 -1 + crypto/sha/sha.h (1.11.2.2), "Exp", lines: +3 -0 + crypto/sha/sha_locl.h (1.16.2.3), "Exp", lines: +4 -0 + crypto/x509/x509_cmp.c (1.22.2.4), "Exp", lines: +7 -1 + crypto/x509/x509_vfy.c (1.56.2.13), "Exp", lines: +1 -1 + ssl/s3_clnt.c (1.53.2.18), "Exp", lines: +2 -0 + ssl/s3_enc.c (1.31.2.9), "Exp", lines: +3 -0 + ssl/s3_srvr.c (1.85.2.23), "Exp", lines: +2 -0 + ssl/t1_enc.c (1.27.2.9), "Exp", lines: +2 -0 + + FIPS algorithm blocking. + + Non FIPS algorithms are not normally allowed in FIPS mode. + + Any attempt to use them via high level functions will + return an error. + + The low level non-FIPS algorithm functions cannot return + errors so they produce assertion failures. HMAC also has to give an + assertion error because it (erroneously) can't return an error + either. + + There are exceptions (such as MD5 in TLS and non + cryptographic use of algorithms) and applications can override the + blocking and use non FIPS algorithms anyway. + + For low level functions the override is perfomed by + prefixing the algorithm initalization function with "private_" for + example private_MD5_Init(). + + For high level functions an override is performed by + setting a flag in the context. + +2005-01-27 02:49 steve + + Changed: + apps/dgst.c (1.23.2.14), "Exp", lines: +9 -5 + crypto/crypto.h (1.62.2.10), "Exp", lines: +3 -0 + crypto/evp/digest.c (1.21.2.8), "Exp", lines: +34 -0 + crypto/hmac/hmac.c (1.12.2.4), "Exp", lines: +9 -0 + + More FIPS algorithm blocking. + + Catch attempted use of non FIPS algorithms with HMAC. + + Give an assertion error for applications that ignore FIPS + digest errors. + + Make -non-fips-allow work with dgst and HMAC. + +2005-01-28 15:03 steve + + Changed: + apps/dgst.c (1.23.2.15), "Exp", lines: +2 -1 + apps/enc.c (1.35.2.13), "Exp", lines: +38 -4 + crypto/evp/e_rc4.c (1.11.2.2), "Exp", lines: +1 -0 + crypto/evp/evp.h (1.86.2.17), "Exp", lines: +3 -0 + crypto/evp/evp_enc.c (1.28.2.12), "Exp", lines: +60 -15 + crypto/evp/evp_locl.h (1.7.2.8), "Exp", lines: +1 -0 + test/testenc (1.3.8.2), "Exp", lines: +8 -8 + + Further FIPS algorithm blocking. + + Fixes to cipher blocking and enabling code. + + Add option -non-fips-allow to 'enc' and update testenc. + +2005-01-31 02:33 steve + + Changed: + ssl/s23_clnt.c (1.20.2.7), "Exp", lines: +16 -0 + ssl/s23_srvr.c (1.41.2.6), "Exp", lines: +9 -0 + ssl/s3_clnt.c (1.53.2.19), "Exp", lines: +0 -8 + ssl/s3_enc.c (1.31.2.10), "Exp", lines: +1 -0 + ssl/s3_srvr.c (1.85.2.24), "Exp", lines: +0 -8 + ssl/ssl.h (1.126.2.21), "Exp", lines: +1 -0 + ssl/ssl_cert.c (1.48.2.10), "Exp", lines: +0 -8 + ssl/ssl_err.c (1.41.2.4), "Exp", lines: +2 -1 + ssl/ssl_lib.c (1.110.2.13), "Exp", lines: +8 -9 + ssl/t1_enc.c (1.27.2.10), "Exp", lines: +0 -18 + + Only allow TLS is FIPS mode. + + Remove old FIPS_allow_md5() calls. + +2005-02-05 19:24 steve + + Changed: + apps/req.c (1.88.2.18), "Exp", lines: +8 -1 + apps/x509.c (1.67.2.20), "Exp", lines: +8 -1 + + In FIPS mode use SHA1 as default digest in x509 and req utilities. + +2005-03-15 10:46 appro + + Changed: + Makefile.org (1.154.2.96), "Exp", lines: +1 -1 + crypto/Makefile (1.1.4.6), "Exp", lines: +2 -3 + fips/Makefile (1.1.4.8), "Exp", lines: +4 -1 + + Real Bourne shell doesn't accept ! as in "if ! grep ..." Fix this + in crypto/Makefile and make Makefile.org and fips/Makefile more + discreet. + +2005-03-22 18:29 steve + + Changed: + fips/fingerprint.sha1 (1.1.2.12), "Exp", lines: +1 -1 + fips/fips.c (1.1.2.10), "Exp", lines: +1 -0 + + Fix memory leak. + +2005-03-27 05:36 steve + + Changed: + crypto/evp/e_null.c (1.9.2.1), "Exp", lines: +1 -1 + ssl/s3_lib.c (1.57.2.13), "Exp", lines: +3 -3 + + Allow 'null' cipher and appropriate Kerberos ciphersuites in FIPS + mode. + +2005-04-14 14:44 steve + + Changed: + fips/fipshashes.sha1 (1.1.2.1), "Exp", lines: +29 -0 + util/checkhash.pl (1.1.2.1), "Exp", lines: +181 -0 + + Perl script that checks or rebuilds FIPS hash files. This works on + both Unix and Windows. + + Merge all FIPS hash files into a single hash file + fips/fips.sha1 + +2005-04-15 05:27 steve + + Changed: + fips/Makefile (1.1.4.9), "Exp", lines: +1 -1 + fips/aes/Makefile (1.1.4.4), "Exp", lines: +1 -4 + fips/des/Makefile (1.1.4.6), "Exp", lines: +1 -4 + fips/dh/Makefile (1.1.2.5), "Exp", lines: +1 -4 + fips/dsa/Makefile (1.1.4.4), "Exp", lines: +1 -4 + fips/rand/Makefile (1.1.4.3), "Exp", lines: +1 -4 + fips/rsa/Makefile (1.1.4.5), "Exp", lines: +1 -4 + fips/sha1/Makefile (1.1.4.9), "Exp", lines: +1 -7 + + Update hash checking in makefiles to use new perl script. + +2005-04-17 06:37 steve + + Changed: + util/checkhash.pl (1.1.2.2), "Exp", lines: +163 -127 + + Modify checkhash.pl so it can be run standalone or included as a + funtion in another perl script. + +2005-04-17 16:00 appro + + Changed: + fips/sha1/Makefile (1.1.4.10), "Exp", lines: +9 -5 + + Bring back fips_standalone_sha1. + +2005-04-17 16:17 appro + + Deleted: + fips/sha1/asm/sx86-elf.s (1.1.4.4) + Changed: + Configure (1.314.2.114), "Exp", lines: +1 -1 + fips/fipshashes.sha1 (1.1.2.2), "Exp", lines: +1 -1 + fips/sha1/Makefile (1.1.4.11), "Exp", lines: +1 -1 + fips/sha1/standalone.sha1 (1.1.2.13), "Exp", lines: +1 -1 + fips/sha1/asm/fips-sx86-elf.s (1.1.2.1), "Exp", lines: +1568 -0 + + Rename fips/sha1/sx86-elf.s to fips/sha1/fips-sx86-elf.s. + +2005-04-17 16:21 steve + + Changed: + util/checkhash.pl (1.1.2.3), "Exp", lines: +2 -0 + + Return 0 for successful hash check. + +2005-04-17 16:54 appro + + Changed: + Configure (1.314.2.116), "Exp", lines: +8 -1 + Makefile.org (1.154.2.99), "Exp", lines: +3 -2 + crypto/aes/aes_cbc.c (1.1.2.11), "Exp", lines: +2 -0 + fips/fipshashes.sha1 (1.1.2.4), "Exp", lines: +1 -0 + fips/aes/Makefile (1.1.4.5), "Exp", lines: +4 -2 + fips/aes/asm/fips-ax86-elf.s (1.1.2.1), "Exp", lines: +1822 -0 + + Throw in fips/aes/asm/fips-ax86-elf.s. + +2005-04-17 16:35 appro + + Changed: + Configure (1.314.2.115), "Exp", lines: +1 -1 + fips/fipshashes.sha1 (1.1.2.3), "Exp", lines: +1 -1 + fips/des/asm/fips-dx86-elf.s (1.1.4.2), "Exp", lines: +108 -98 + + Regenerate fips/des/asm/fips-dx86-elf.s with -fPIC flag. + +2005-04-17 17:26 appro + + Changed: + crypto/cryptlib.c (1.32.2.18), "Exp", lines: +6 -55 + crypto/crypto.h (1.62.2.11), "Exp", lines: +0 -3 + fips/fips.c (1.1.2.11), "Exp", lines: +62 -8 + fips/fips.h (1.1.2.7), "Exp", lines: +2 -3 + fips/fips_locl.h (1.1.4.3), "Exp", lines: +6 -3 + fips/fipshashes.sha1 (1.1.2.5), "Exp", lines: +4 -4 + fips/rand/fips_rand.c (1.1.2.10), "Exp", lines: +3 -1 + fips/rsa/fips_rsa_gen.c (1.1.4.4), "Exp", lines: +4 -2 + + Resolve minor binary compatibility issues in fips. + +2005-04-17 18:22 appro + + Changed: + fips/fipshashes.sha1 (1.1.2.6), "Exp", lines: +12 -12 + fips/des/fips_des_locl.h (1.1.2.4), "Exp", lines: +1 -1 + fips/des/fips_set_key.c (1.1.4.4), "Exp", lines: +2 -2 + fips/dh/fips_dh_key.c (1.1.2.3), "Exp", lines: +1 -1 + fips/dsa/fips_dsa_ossl.c (1.1.2.7), "Exp", lines: +1 -1 + fips/dsa/fips_dsa_selftest.c (1.1.4.2), "Exp", lines: +3 -3 + fips/rand/fips_rand.c (1.1.2.11), "Exp", lines: +2 -2 + fips/rand/fips_rand.h (1.1.2.5), "Exp", lines: +1 -1 + fips/rsa/fips_rsa_eay.c (1.1.4.4), "Exp", lines: +1 -1 + fips/rsa/fips_rsa_gen.c (1.1.4.5), "Exp", lines: +1 -1 + fips/rsa/fips_rsa_selftest.c (1.1.4.5), "Exp", lines: +11 -11 + fips/sha1/fips_sha1_selftest.c (1.1.4.2), "Exp", lines: +1 -1 + fips/sha1/fips_sha1dgst.c (1.1.2.5), "Exp", lines: +1 -1 + fips/sha1/standalone.sha1 (1.1.2.14), "Exp", lines: +2 -2 + + Minor fips const-ification. + +2005-04-18 07:02 steve + + Changed: + crypto/bf/bf_skey.c (1.6.2.2), "Exp", lines: +1 -0 + crypto/cast/c_skey.c (1.5.6.2), "Exp", lines: +1 -0 + crypto/idea/i_skey.c (1.5.6.2), "Exp", lines: +1 -0 + crypto/rc2/rc2_skey.c (1.4.6.2), "Exp", lines: +1 -0 + crypto/rc4/rc4_skey.c (1.10.8.3), "Exp", lines: +1 -0 + crypto/rc5/rc5_skey.c (1.4.6.2), "Exp", lines: +1 -0 + + Pick up definition of FIPS_mode() in fips.h to avoid warnings. + +2005-04-18 10:34 steve + + Deleted: + fips/fingerprint.sha1 (1.1.2.14) + fips/fips_check_sha1 (1.1.2.8) + fips/fips_make_sha1 (1.1.2.7) + fips/aes/fingerprint.sha1 (1.1.2.7) + fips/des/fingerprint.sha1 (1.1.2.6) + fips/dh/fingerprint.sha1 (1.1.2.4) + fips/dsa/fingerprint.sha1 (1.1.2.7) + fips/rand/fingerprint.sha1 (1.1.2.10) + fips/rsa/fingerprint.sha1 (1.1.4.7) + fips/sha1/fingerprint.sha1 (1.1.2.12) + Changed: + fips/sha1/Makefile (1.1.4.12), "Exp", lines: +1 -4 + + Remove obsolete fingerprint.sha1 files and associated scripts. + Delete test in fips/sha1/Makefile: the top level test checks the + same files. + +2005-04-19 09:11 appro + + Deleted: + fips/fipshashes.sha1 (1.1.2.7) + fips/sha1/standalone.sha1 (1.1.2.15) + Changed: + fips/fipshashes.c (1.1.2.1), "Exp", lines: +32 -0 + util/checkhash.pl (1.1.2.4), "Exp", lines: +7 -4 + + Maintain fingerprint hashes as C source. + +2005-04-19 09:17 appro + + Changed: + util/checkhash.pl (1.1.2.5), "Exp", lines: +1 -1 + + Complete the transition C-code hashes. + +2005-04-21 19:06 steve + + Changed: + apps/openssl.c (1.48.2.13), "Exp", lines: +0 -2 + fips/fips.c (1.1.2.12), "Exp", lines: +0 -27 + fips/fips.h (1.1.2.8), "Exp", lines: +0 -2 + fips/fipshashes.c (1.1.2.2), "Exp", lines: +2 -2 + + Remove defunct FIPS_allow_md5() and related functions. + +2005-04-22 06:15 appro + + Changed: + fips/fips.c (1.1.2.13), "Exp", lines: +3 -3 + fips/fips_err.h (1.1.4.4), "Exp", lines: +3 -3 + fips/fipshashes.c (1.1.2.4), "Exp", lines: +2 -2 + + Move some variables to .bss. + diff --git a/src/lib/libssl/src/Configure b/src/lib/libssl/src/Configure index a38783dd98..1a9a59f969 100644 --- a/src/lib/libssl/src/Configure +++ b/src/lib/libssl/src/Configure @@ -10,7 +10,7 @@ use strict; # see INSTALL for instructions. -my $usage="Usage: Configure [no- ...] [-Dxxx] [-lxxx] [-Lxxx] [-fxxx] [-Kxxx] [no-engine] [no-hw-xxx|no-hw] [[no-]threads] [[no-]shared] [[no-]zlib|zlib-dynamic] [no-asm] [no-dso] [no-krb5] [386] [[no-]fips] [debug] [--prefix=DIR] [--openssldir=OPENSSLDIR] [--with-xxx[=vvv]] [--test-sanity] os/compiler[:flags]\n"; +my $usage="Usage: Configure [no- ...] [enable- ...] [-Dxxx] [-lxxx] [-Lxxx] [-fxxx] [-Kxxx] [no-hw-xxx|no-hw] [[no-]threads] [[no-]shared] [[no-]zlib|zlib-dynamic] [enable-montasm] [no-asm] [no-dso] [no-krb5] [386] [--prefix=DIR] [--openssldir=OPENSSLDIR] [--with-xxx[=vvv]] [--test-sanity] os/compiler[:flags]\n"; # Options: # @@ -38,7 +38,6 @@ my $usage="Usage: Configure [no- ...] [-Dxxx] [-lxxx] [-Lxxx] [-fxxx] [- # --test-sanity Make a number of sanity checks on the data in this file. # This is a debugging tool for OpenSSL developers. # -# no-engine do not compile in any engine code. # no-hw-xxx do not compile support for specific crypto hardware. # Generic OpenSSL-style methods relating to this support # are always compiled but return NULL if the hardware @@ -55,7 +54,10 @@ my $usage="Usage: Configure [no- ...] [-Dxxx] [-lxxx] [-Lxxx] [-fxxx] [- # [no-]zlib [don't] compile support for zlib compression. # zlib-dynamic Like "zlib", but the zlib library is expected to be a shared # library and will be loaded in run-time by the OpenSSL library. +# enable-montasm 0.9.8 branch only: enable Montgomery x86 assembler backport +# from 0.9.9 # 386 generate 80386 code +# no-sse2 disables IA-32 SSE2 code, above option implies no-sse2 # no- build without specified algorithm (rsa, idea, rc5, ...) # - + compiler options are passed through # @@ -87,9 +89,15 @@ my $usage="Usage: Configure [no- ...] [-Dxxx] [-lxxx] [-Lxxx] [-fxxx] [- # (intended for 64-bit CPUs running 32-bit OS). # BF_PTR use 'pointer arithmatic' for Blowfish (unsafe on Alpha). # BF_PTR2 intel specific version (generic version is more efficient). +# +# Following are set automatically by this script +# # MD5_ASM use some extra md5 assember, # SHA1_ASM use some extra sha1 assember, must define L_ENDIAN for x86 # RMD160_ASM use some extra ripemd160 assember, +# SHA256_ASM sha256_block is implemented in assembler +# SHA512_ASM sha512_block is implemented in assembler +# AES_ASM ASE_[en|de]crypt is implemented in assembler my $x86_gcc_des="DES_PTR DES_RISC1 DES_UNROLL"; @@ -108,19 +116,25 @@ my $tlib="-lnsl -lsocket"; my $bits1="THIRTY_TWO_BIT "; my $bits2="SIXTY_FOUR_BIT "; -my $x86_elf_asm="asm/bn86-elf.o asm/co86-elf.o:asm/dx86-elf.o asm/yx86-elf.o:asm/bx86-elf.o:asm/mx86-elf.o:asm/sx86-elf.o:asm/cx86-elf.o:asm/rx86-elf.o:asm/rm86-elf.o:asm/r586-elf.o"; -my $x86_out_asm="asm/bn86-out.o asm/co86-out.o:asm/dx86-out.o asm/yx86-out.o:asm/bx86-out.o:asm/mx86-out.o:asm/sx86-out.o:asm/cx86-out.o:asm/rx86-out.o:asm/rm86-out.o:asm/r586-out.o"; -my $x86_bsdi_asm="asm/bn86bsdi.o asm/co86bsdi.o:asm/dx86bsdi.o asm/yx86bsdi.o:asm/bx86bsdi.o:asm/mx86bsdi.o:asm/sx86bsdi.o:asm/cx86bsdi.o:asm/rx86bsdi.o:asm/rm86bsdi.o:asm/r586bsdi.o"; +my $x86_elf_asm="x86cpuid-elf.o:bn86-elf.o co86-elf.o MAYBE-MO86-elf.o:dx86-elf.o yx86-elf.o:ax86-elf.o:bx86-elf.o:mx86-elf.o:sx86-elf.o s512sse2-elf.o:cx86-elf.o:rx86-elf.o rc4_skey.o:rm86-elf.o:r586-elf.o"; +my $x86_coff_asm="x86cpuid-cof.o:bn86-cof.o co86-cof.o MAYBE-MO86-cof.o:dx86-cof.o yx86-cof.o:ax86-cof.o:bx86-cof.o:mx86-cof.o:sx86-cof.o s512sse2-cof.o:cx86-cof.o:rx86-cof.o rc4_skey.o:rm86-cof.o:r586-cof.o"; +my $x86_out_asm="x86cpuid-out.o:bn86-out.o co86-out.o MAYBE-MO86-out.o:dx86-out.o yx86-out.o:ax86-out.o:bx86-out.o:mx86-out.o:sx86-out.o s512sse2-out.o:cx86-out.o:rx86-out.o rc4_skey.o:rm86-out.o:r586-out.o"; + +my $x86_64_asm="x86_64cpuid.o:x86_64-gcc.o x86_64-mont.o::aes-x86_64.o::md5-x86_64.o:sha1-x86_64.o sha256-x86_64.o sha512-x86_64.o::rc4-x86_64.o::"; +my $ia64_asm=":bn-ia64.o::aes_core.o aes_cbc.o aes-ia64.o:::sha1-ia64.o sha256-ia64.o sha512-ia64.o::rc4-ia64.o rc4_skey.o::"; -my $mips3_irix_asm="asm/mips3.o::::::::"; -# There seems to be boundary faults in asm/alpha.s. -#my $alpha_asm="asm/alpha.o::::::::"; -my $alpha_asm="::::::::"; +my $no_asm="::::::::::"; -# -DB_ENDIAN slows things down on a sparc for md5, but helps sha1. -# So the md5_locl.h file has an undef B_ENDIAN if sun is defined +# As for $BSDthreads. Idea is to maintain "collective" set of flags, +# which would cover all BSD flavors. -pthread applies to them all, +# but is treated differently. OpenBSD expands is as -D_POSIX_THREAD +# -lc_r, which is sufficient. FreeBSD 4.x expands it as -lc_r, +# which has to be accompanied by explicit -D_THREAD_SAFE and +# sometimes -D_REENTRANT. FreeBSD 5.x expands it as -lc_r, which +# seems to be sufficient? +my $BSDthreads="-pthread -D_THREAD_SAFE -D_REENTRANT"; -#config-string $cc : $cflags : $unistd : $thread_cflag : $sys_id : $lflags : $bn_ops : $bn_obj : $des_obj : $bf_obj : $md5_obj : $sha1_obj : $cast_obj : $rc4_obj : $rmd160_obj : $rc5_obj : $dso_scheme : $shared_target : $shared_cflag : $shared_ldflag : $shared_extension : $ranlib : $arflags +#config-string $cc : $cflags : $unistd : $thread_cflag : $sys_id : $lflags : $bn_ops : $cpuid_obj : $bn_obj : $des_obj : $aes_obj : $bf_obj : $md5_obj : $sha1_obj : $cast_obj : $rc4_obj : $rmd160_obj : $rc5_obj : $dso_scheme : $shared_target : $shared_cflag : $shared_ldflag : $shared_extension : $ranlib : $arflags my %table=( # File 'TABLE' (created by 'make TABLE') contains the data from this list, @@ -135,21 +149,28 @@ my %table=( # Our development configs "purify", "purify gcc:-g -DPURIFY -Wall::(unknown)::-lsocket -lnsl::::", "debug", "gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DOPENSSL_NO_ASM -ggdb -g2 -Wformat -Wshadow -Wmissing-prototypes -Wmissing-declarations -Werror::(unknown)::-lefence::::", -"debug-ben", "gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DPEDANTIC -DDEBUG_SAFESTACK -O2 -Wall -Wshadow -Werror -pipe::(unknown)::::asm/bn86-elf.o asm/co86-elf.o", +"debug-ben", "gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DPEDANTIC -DDEBUG_SAFESTACK -O2 -pedantic -Wall -Wshadow -Werror -pipe::(unknown):::::bn86-elf.o co86-elf.o", "debug-ben-openbsd","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DPEDANTIC -DDEBUG_SAFESTACK -DOPENSSL_OPENBSD_DEV_CRYPTO -DOPENSSL_NO_ASM -O2 -pedantic -Wall -Wshadow -Werror -pipe::(unknown)::::", "debug-ben-openbsd-debug","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DPEDANTIC -DDEBUG_SAFESTACK -DOPENSSL_OPENBSD_DEV_CRYPTO -DOPENSSL_NO_ASM -g3 -O2 -pedantic -Wall -Wshadow -Werror -pipe::(unknown)::::", -"debug-ben-debug", "gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DPEDANTIC -DDEBUG_SAFESTACK -g3 -O2 -Wall -Wshadow -Werror -pipe::(unknown)::::::", +"debug-ben-debug", "gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DPEDANTIC -DDEBUG_SAFESTACK -g3 -O2 -pedantic -Wall -Wshadow -Werror -pipe::(unknown)::::::", "debug-ben-strict", "gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DCONST_STRICT -O2 -Wall -Wshadow -Werror -Wpointer-arith -Wcast-qual -Wwrite-strings -pipe::(unknown)::::::", -"debug-ben-fips-debug","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DPEDANTIC -DDEBUG_SAFESTACK -DOPENSSL_FIPS -g3 -O2 -pedantic -Wall -Wshadow -Werror -pipe::(unknown)::::asm/bn86-elf.o asm/co86-elf.o", "debug-rse","cc:-DTERMIOS -DL_ENDIAN -pipe -O -g -ggdb3 -Wall::(unknown):::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}", -"debug-bodo", "gcc:-DL_ENDIAN -DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DBIO_PAIR_DEBUG -DPEDANTIC -g -m486 -pedantic -Wshadow -Wall::-D_REENTRANT:::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}", -"debug-ulf", "gcc:-DL_ENDIAN -DREF_CHECK -DCONF_DEBUG -DBN_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG_ALL -g -O2 -m486 -Wall -Werror -Wshadow -pipe::-D_REENTRANT:::${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}", -"debug-steve", "gcc:-DL_ENDIAN -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DDEBUG_SAFESTACK -DCRYPTO_MDEBUG_ALL -DPEDANTIC -g -mcpu=i486 -pedantic -Wno-long-long -Wall -Werror -Wshadow -pipe::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn", -"debug-steve-linux-pseudo64", "gcc:-DL_ENDIAN -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DDEBUG_SAFESTACK -DCRYPTO_MDEBUG_ALL -DOPENSSL_NO_ASM -g -mcpu=i486 -Wall -Werror -Wshadow -pipe::-D_REENTRANT::-rdynamic -ldl:SIXTY_FOUR_BIT::dlfcn", -"debug-levitte-linux-elf","gcc:-DLEVITTE_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DL_ENDIAN -DTERMIO -D_POSIX_SOURCE -DPEDANTIC -ggdb -g3 -mcpu=i486 -pedantic -ansi -Wall -Wshadow -Wcast-align -Wmissing-prototypes -Wno-long-long -pipe::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -"debug-levitte-linux-noasm","gcc:-DLEVITTE_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DOPENSSL_NO_ASM -DL_ENDIAN -DTERMIO -D_POSIX_SOURCE -DPEDANTIC -ggdb -g3 -mcpu=i486 -pedantic -ansi -Wall -Wshadow -Wcast-align -Wmissing-prototypes -Wno-long-long -pipe::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -"debug-levitte-linux-elf-extreme","gcc:-DLEVITTE_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DL_ENDIAN -DTERMIO -D_POSIX_SOURCE -DPEDANTIC -ggdb -g3 -mcpu=i486 -pedantic -ansi -Wall -W -Wundef -Wshadow -Wcast-align -Wmissing-prototypes -Wconversion -Wno-long-long -pipe::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -"debug-levitte-linux-noasm-extreme","gcc:-DLEVITTE_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DOPENSSL_NO_ASM -DL_ENDIAN -DTERMIO -D_POSIX_SOURCE -DPEDANTIC -ggdb -g3 -mcpu=i486 -pedantic -ansi -Wall -W -Wundef -Wshadow -Wcast-align -Wmissing-prototypes -Wconversion -Wno-long-long -pipe::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", +"debug-bodo", "gcc:-DL_ENDIAN -DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBIO_PAIR_DEBUG -DPEDANTIC -g -march=i486 -pedantic -Wshadow -Wall::-D_REENTRANT:::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}", +"debug-ulf", "gcc:-DTERMIOS -DL_ENDIAN -march=i486 -Wall -DBN_DEBUG -DBN_DEBUG_RAND -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DOPENSSL_NO_ASM -g -Wformat -Wshadow -Wmissing-prototypes -Wmissing-declarations:::CYGWIN32:::${no_asm}:win32:cygwin-shared:::.dll", +"debug-steve64", "gcc:-m64 -DL_ENDIAN -DTERMIO -DREF_CHECK -DCONF_DEBUG -DDEBUG_SAFESTACK -DCRYPTO_MDEBUG_ALL -DPEDANTIC -DOPENSSL_NO_DEPRECATED -g -pedantic -Wall -Werror -Wno-long-long -DMD32_REG_T=int::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK BF_PTR2 DES_INT DES_UNROLL:${x86_64_asm}:dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", +"debug-steve32", "gcc:-m32 -DL_ENDIAN -DREF_CHECK -DCONF_DEBUG -DDEBUG_SAFESTACK -DCRYPTO_MDEBUG_ALL -DPEDANTIC -DOPENSSL_NO_DEPRECATED -g -pedantic -Wno-long-long -Wall -Werror -Wshadow -pipe::-D_REENTRANT::-rdynamic -ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC:-m32:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", +"debug-steve", "gcc:-DL_ENDIAN -DREF_CHECK -DCONF_DEBUG -DDEBUG_SAFESTACK -DCRYPTO_MDEBUG_ALL -DPEDANTIC -m32 -g -pedantic -Wno-long-long -Wall -Werror -Wshadow -pipe::-D_REENTRANT::-rdynamic -ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared", +"debug-steve-opt", "gcc:-DL_ENDIAN -DREF_CHECK -DCONF_DEBUG -DDEBUG_SAFESTACK -DCRYPTO_MDEBUG_ALL -DPEDANTIC -m32 -O3 -g -pedantic -Wno-long-long -Wall -Werror -Wshadow -pipe::-D_REENTRANT::-rdynamic -ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared", +"debug-steve-linux-pseudo64", "gcc:-DL_ENDIAN -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DDEBUG_SAFESTACK -DCRYPTO_MDEBUG_ALL -DOPENSSL_NO_ASM -g -mcpu=i486 -Wall -Werror -Wshadow -pipe::-D_REENTRANT::-rdynamic -ldl:SIXTY_FOUR_BIT:${no_asm}:dlfcn:linux-shared", +"debug-levitte-linux-elf","gcc:-DLEVITTE_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_DEBUG -DBN_DEBUG_RAND -DCRYPTO_MDEBUG -DENGINE_CONF_DEBUG -DL_ENDIAN -DTERMIO -D_POSIX_SOURCE -DPEDANTIC -ggdb -g3 -mcpu=i486 -pedantic -ansi -Wall -Wshadow -Wcast-align -Wstrict-prototypes -Wmissing-prototypes -Wno-long-long -Wundef -Wconversion -pipe::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", +"debug-levitte-linux-noasm","gcc:-DLEVITTE_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_DEBUG -DBN_DEBUG_RAND -DCRYPTO_MDEBUG -DENGINE_CONF_DEBUG -DOPENSSL_NO_ASM -DL_ENDIAN -DTERMIO -D_POSIX_SOURCE -DPEDANTIC -ggdb -g3 -mcpu=i486 -pedantic -ansi -Wall -Wshadow -Wcast-align -Wstrict-prototypes -Wmissing-prototypes -Wno-long-long -Wundef -Wconversion -pipe::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", +"debug-levitte-linux-elf-extreme","gcc:-DLEVITTE_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_DEBUG -DBN_DEBUG_RAND -DCRYPTO_MDEBUG -DENGINE_CONF_DEBUG -DL_ENDIAN -DTERMIO -D_POSIX_SOURCE -DPEDANTIC -ggdb -g3 -mcpu=i486 -pedantic -ansi -Wall -W -Wundef -Wshadow -Wcast-align -Wstrict-prototypes -Wmissing-prototypes -Wno-long-long -Wundef -Wconversion -pipe::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", +"debug-levitte-linux-noasm-extreme","gcc:-DLEVITTE_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_DEBUG -DBN_DEBUG_RAND -DCRYPTO_MDEBUG -DENGINE_CONF_DEBUG -DOPENSSL_NO_ASM -DL_ENDIAN -DTERMIO -D_POSIX_SOURCE -DPEDANTIC -ggdb -g3 -mcpu=i486 -pedantic -ansi -Wall -W -Wundef -Wshadow -Wcast-align -Wstrict-prototypes -Wmissing-prototypes -Wno-long-long -Wundef -Wconversion -pipe::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", +"debug-geoff","gcc:-DBN_DEBUG -DBN_DEBUG_RAND -DBN_STRICT -DPURIFY -DOPENSSL_NO_DEPRECATED -DOPENSSL_NO_ASM -DOPENSSL_NO_INLINE_ASM -DL_ENDIAN -DTERMIO -DPEDANTIC -O1 -ggdb2 -Wall -Werror -Wundef -pedantic -Wshadow -Wpointer-arith -Wbad-function-cast -Wcast-align -Wsign-compare -Wmissing-prototypes -Wmissing-declarations -Wno-long-long::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", +"debug-linux-pentium","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DCRYPTO_MDEBUG -DL_ENDIAN -DTERMIO -g -mcpu=pentium -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn", +"debug-linux-ppro","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DCRYPTO_MDEBUG -DL_ENDIAN -DTERMIO -g -mcpu=pentiumpro -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn", +"debug-linux-elf","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DCRYPTO_MDEBUG -DL_ENDIAN -DTERMIO -g -march=i486 -Wall::-D_REENTRANT::-lefence -ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", +"debug-linux-elf-noefence","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DCRYPTO_MDEBUG -DL_ENDIAN -DTERMIO -g -march=i486 -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", "dist", "cc:-O::(unknown)::::::", # Basic configs that should work on any (32 and less bit) box @@ -157,10 +178,8 @@ my %table=( "cc", "cc:-O::(unknown)::::::", ####VOS Configurations -"vos-gcc","gcc:-b hppa1.1-stratus-vos -O3 -Wall -Wuninitialized -D_POSIX_C_SOURCE=200112L -D_BSD::(unknown):VOS:-Wl,-map:BN_LLONG:::::::::::::.so:", -"debug-vos-gcc","gcc:-b hppa1.1-stratus-vos -O0 -g -Wall -D_POSIX_C_SOURCE=200112L -D_BSD -DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG::(unknown):VOS:-Wl,-map:BN_LLONG:::::::::::::.so:", -"vos-vcc","vcc:-b i386-stratus-vos -O3 -D_POSIX_C_SOURCE=200112L -D_BSD::(unknown):VOS:-Wl,-map::::::::::::::.so:", -"debug-vos-vcc","vcc:-b i386-stratus-vos -O0 -g -D_POSIX_C_SOURCE=200112L -D_BSD -DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG::(unknown):VOS:-Wl,-map::::::::::::::.so:", +"vos-gcc","gcc:-O3 -Wall -D_POSIX_C_SOURCE=200112L -D_BSD -DB_ENDIAN::(unknown):VOS:-Wl,-map:BN_LLONG:${no_asm}:::::.so:", +"debug-vos-gcc","gcc:-O0 -g -Wall -D_POSIX_C_SOURCE=200112L -D_BSD -DB_ENDIAN -DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DCRYPTO_MDEBUG::(unknown):VOS:-Wl,-map:BN_LLONG:${no_asm}:::::.so:", #### Solaris x86 with GNU C setups # -DOPENSSL_NO_INLINE_ASM switches off inline assembler. We have to do it @@ -168,7 +187,7 @@ my %table=( # surrounds it with #APP #NO_APP comment pair which (at least Solaris # 7_x86) /usr/ccs/bin/as fails to assemble with "Illegal mnemonic" # error message. -"solaris-x86-gcc","gcc:-O3 -fomit-frame-pointer -m486 -Wall -DL_ENDIAN -DOPENSSL_NO_INLINE_ASM::-D_REENTRANT::-lsocket -lnsl -ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:solaris-shared:-fPIC:-shared:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", +"solaris-x86-gcc","gcc:-O3 -fomit-frame-pointer -march=pentium -Wall -DL_ENDIAN -DOPENSSL_NO_INLINE_ASM::-D_REENTRANT::-lsocket -lnsl -ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:solaris-shared:-fPIC:-shared:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", # -shared -static-libgcc might appear controversial, but modules taken # from static libgcc do not have relocations and linking them into our # shared objects doesn't have any negative side-effects. On the contrary, @@ -177,69 +196,50 @@ my %table=( # actually recommend to consider using gcc shared build even with vendor # compiler:-) # -"solaris64-x86_64-gcc","gcc:-m64 -O3 -Wall -DL_ENDIAN -DMD32_REG_T=int::-D_REENTRANT::-lsocket -lnsl -ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK RC4_CHAR BF_PTR2 DES_INT DES_UNROLL:asm/x86_64-gcc.o::::::asm/rc4-x86_64.o:::dlfcn:solaris-shared:-fPIC:-m64 -shared -static-libgcc:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", - +"solaris64-x86_64-gcc","gcc:-m64 -O3 -Wall -DL_ENDIAN -DMD32_REG_T=int::-D_REENTRANT::-lsocket -lnsl -ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK BF_PTR2 DES_INT DES_UNROLL:${x86_64_asm}:dlfcn:solaris-shared:-fPIC:-m64 -shared -static-libgcc:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", + #### Solaris x86 with Sun C setups -"solaris-x86-cc","cc:-fast -O -Xa::-D_REENTRANT::-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_PTR DES_UNROLL BF_PTR::::::::::dlfcn:solaris-shared:-KPIC:-G -dy -z text:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -"solaris64-x86_64-cc","cc:-fast -xarch=amd64 -xstrconst -Xa -DL_ENDIAN::-D_REENTRANT::-lsocket -lnsl -ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK RC4_CHAR BF_PTR2 DES_INT DES_UNROLL::::::::::dlfcn:solaris-shared:-KPIC:-xarch=amd64 -G -dy -z text:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", +"solaris-x86-cc","cc:-fast -O -Xa::-D_REENTRANT::-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_PTR DES_UNROLL BF_PTR:${no_asm}:dlfcn:solaris-shared:-KPIC:-G -dy -z text:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", +"solaris64-x86_64-cc","cc:-fast -xarch=amd64 -xstrconst -Xa -DL_ENDIAN::-D_REENTRANT::-lsocket -lnsl -ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK BF_PTR2 DES_INT DES_UNROLL:${x86_64_asm}:dlfcn:solaris-shared:-KPIC:-xarch=amd64 -G -dy -z text:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", #### SPARC Solaris with GNU C setups -"solaris-sparcv7-gcc","gcc:-O3 -fomit-frame-pointer -Wall -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT::-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR::::::::::dlfcn:solaris-shared:-fPIC:-shared:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -"solaris-sparcv8-gcc","gcc:-mv8 -O3 -fomit-frame-pointer -Wall -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT::-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:asm/sparcv8.o:::::::::dlfcn:solaris-shared:-fPIC:-shared:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", +"solaris-sparcv7-gcc","gcc:-O3 -fomit-frame-pointer -Wall -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT::-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:${no_asm}:dlfcn:solaris-shared:-fPIC:-shared:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", +"solaris-sparcv8-gcc","gcc:-mv8 -O3 -fomit-frame-pointer -Wall -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT::-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR::sparcv8.o:des_enc-sparc.o fcrypt_b.o:::::::::dlfcn:solaris-shared:-fPIC:-shared:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", # -m32 should be safe to add as long as driver recognizes -mcpu=ultrasparc -"solaris-sparcv9-gcc","gcc:-m32 -mcpu=ultrasparc -O3 -fomit-frame-pointer -Wall -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT:ULTRASPARC:-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:asm/sparcv8plus.o:::asm/md5-sparcv8plus.o::::::dlfcn:solaris-shared:-fPIC:-shared:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -"solaris64-sparcv9-gcc31","gcc:-mcpu=ultrasparc -m64 -O3 -fomit-frame-pointer -Wall -DB_ENDIAN::-D_REENTRANT:ULTRASPARC:-lsocket -lnsl -ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_PTR DES_RISC1 DES_UNROLL BF_PTR::::asm/md5-sparcv9.o::::::dlfcn:solaris-shared:-fPIC:-m64 -shared:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -# gcc pre-2.8 doesn't understand -mcpu=ultrasparc, so fall down to -mv8 -# but keep the assembler modules. -"solaris-sparcv9-gcc27","gcc:-mv8 -O3 -fomit-frame-pointer -Wall -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT:ULTRASPARC:-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:asm/sparcv8plus-gcc27.o:::asm/md5-sparcv8plus-gcc27.o::::::dlfcn:solaris-shared:-fPIC:-shared:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -"solaris64-sparcv9-gcc","gcc:-m64 -mcpu=ultrasparc -O3 -Wall -DB_ENDIAN::-D_REENTRANT:ULTRASPARC:-lsocket -lnsl -ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_PTR DES_RISC1 DES_UNROLL BF_PTR::::asm/md5-sparcv9.o::::::dlfcn:solaris-shared:-fPIC:-m64 -shared:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", - +"solaris-sparcv9-gcc","gcc:-m32 -mcpu=ultrasparc -O3 -fomit-frame-pointer -Wall -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT:ULTRASPARC:-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR::sparcv8plus.o:des_enc-sparc.o fcrypt_b.o:::::::::dlfcn:solaris-shared:-fPIC:-shared:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", +"solaris64-sparcv9-gcc","gcc:-m64 -mcpu=ultrasparc -O3 -Wall -DB_ENDIAN::-D_REENTRANT:ULTRASPARC:-lsocket -lnsl -ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_PTR DES_RISC1 DES_UNROLL BF_PTR:::des_enc-sparc.o fcrypt_b.o:::::::::dlfcn:solaris-shared:-fPIC:-m64 -shared:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", #### -"debug-solaris-sparcv8-gcc","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG_ALL -O -g -mv8 -Wall -DB_ENDIAN::-D_REENTRANT::-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:asm/sparcv8.o:::::::::dlfcn:solaris-shared:-fPIC:-shared:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -"debug-solaris-sparcv9-gcc","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG_ALL -O -g -mcpu=ultrasparc -Wall -DB_ENDIAN::-D_REENTRANT::-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:asm/sparcv8plus.o:::::::::dlfcn:solaris-shared:-fPIC:-shared:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", +"debug-solaris-sparcv8-gcc","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DCRYPTO_MDEBUG_ALL -O -g -mv8 -Wall -DB_ENDIAN::-D_REENTRANT::-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR::sparcv8.o::::::::::dlfcn:solaris-shared:-fPIC:-shared:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", +"debug-solaris-sparcv9-gcc","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DCRYPTO_MDEBUG_ALL -DPEDANTIC -O -g -mcpu=ultrasparc -pedantic -ansi -Wall -Wshadow -Wno-long-long -D__EXTENSIONS__ -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT:ULTRASPARC:-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR::sparcv8plus.o:des_enc-sparc.o fcrypt_b.o:::::::::dlfcn:solaris-shared:-fPIC:-shared:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", #### SPARC Solaris with Sun C setups -# DO NOT use /xO[34] on sparc with SC3.0. It is broken, and will not pass the tests -"solaris-sparc-sc3","cc:-fast -O -Xa -DB_ENDIAN::-D_REENTRANT::-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_PTR DES_UNROLL BF_PTR::::::::::dlfcn:solaris-shared:-KPIC:-G -dy -z text:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", # SC4.0 doesn't pass 'make test', upgrade to SC5.0 or SC4.2. # SC4.2 is ok, better than gcc even on bn as long as you tell it -xarch=v8 # SC5.0 note: Compiler common patch 107357-01 or later is required! -"solaris-sparcv7-cc","cc:-xO5 -xstrconst -xdepend -Xa -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT::-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_PTR DES_RISC1 DES_UNROLL BF_PTR::::::::::dlfcn:solaris-shared:-KPIC:-G -dy -z text:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -"solaris-sparcv8-cc","cc:-xarch=v8 -xO5 -xstrconst -xdepend -Xa -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT::-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_PTR DES_RISC1 DES_UNROLL BF_PTR:asm/sparcv8.o:::::::::dlfcn:solaris-shared:-KPIC:-G -dy -z text:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -"solaris-sparcv9-cc","cc:-xtarget=ultra -xarch=v8plus -xO5 -xstrconst -xdepend -Xa -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT:ULTRASPARC:-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK_LL DES_PTR DES_RISC1 DES_UNROLL BF_PTR:asm/sparcv8plus.o:::asm/md5-sparcv8plus.o::::::dlfcn:solaris-shared:-KPIC:-G -dy -z text:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -"solaris64-sparcv9-cc","cc:-xtarget=ultra -xarch=v9 -xO5 -xstrconst -xdepend -Xa -DB_ENDIAN::-D_REENTRANT:ULTRASPARC:-lsocket -lnsl -ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_PTR DES_RISC1 DES_UNROLL BF_PTR::::asm/md5-sparcv9.o::::::dlfcn:solaris-shared:-KPIC:-xarch=v9 -G -dy -z text:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):/usr/ccs/bin/ar rs", +"solaris-sparcv7-cc","cc:-xO5 -xstrconst -xdepend -Xa -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT::-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_PTR DES_RISC1 DES_UNROLL BF_PTR:${no_asm}:dlfcn:solaris-shared:-KPIC:-G -dy -z text:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", +"solaris-sparcv8-cc","cc:-xarch=v8 -xO5 -xstrconst -xdepend -Xa -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT::-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_PTR DES_RISC1 DES_UNROLL BF_PTR::sparcv8.o:des_enc-sparc.o fcrypt_b.o:::::::::dlfcn:solaris-shared:-KPIC:-G -dy -z text:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", +"solaris-sparcv9-cc","cc:-xtarget=ultra -xarch=v8plus -xO5 -xstrconst -xdepend -Xa -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT:ULTRASPARC:-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK_LL DES_PTR DES_RISC1 DES_UNROLL BF_PTR::sparcv8plus.o:des_enc-sparc.o fcrypt_b.o:::::::::dlfcn:solaris-shared:-KPIC:-G -dy -z text:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", +"solaris64-sparcv9-cc","cc:-xtarget=ultra -xarch=v9 -xO5 -xstrconst -xdepend -Xa -DB_ENDIAN::-D_REENTRANT:ULTRASPARC:-lsocket -lnsl -ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_PTR DES_RISC1 DES_UNROLL BF_PTR:::des_enc-sparc.o fcrypt_b.o:::::::::dlfcn:solaris-shared:-KPIC:-xarch=v9 -G -dy -z text:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):/usr/ccs/bin/ar rs", #### -"debug-solaris-sparcv8-cc","cc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG_ALL -xarch=v8 -g -O -xstrconst -Xa -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT::-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_PTR DES_RISC1 DES_UNROLL BF_PTR:asm/sparcv8.o:::::::::dlfcn:solaris-shared:-KPIC:-G -dy -z text:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -"debug-solaris-sparcv9-cc","cc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG_ALL -xtarget=ultra -xarch=v8plus -g -O -xstrconst -Xa -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT:ULTRASPARC:-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK_LL DES_PTR DES_RISC1 DES_UNROLL BF_PTR:asm/sparcv8plus.o:::asm/md5-sparcv8plus.o::::::dlfcn:solaris-shared:-KPIC:-G -dy -z text:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", - -#### SPARC Linux setups -"linux-sparcv7","gcc:-DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT:::BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR::", -# Ray Miller has patiently -# assisted with debugging of following two configs. -"linux-sparcv8","gcc:-mv8 -DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall -DBN_DIV2W::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:asm/sparcv8.o:::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -# it's a real mess with -mcpu=ultrasparc option under Linux, but -# -Wa,-Av8plus should do the trick no matter what. -"linux-sparcv9","gcc:-mcpu=ultrasparc -DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall -Wa,-Av8plus -DBN_DIV2W::-D_REENTRANT:ULTRASPARC:-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:asm/sparcv8plus.o:::asm/md5-sparcv8plus.o::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -# GCC 3.1 is a requirement -"linux64-sparcv9","gcc:-m64 -mcpu=ultrasparc -DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT:ULTRASPARC:-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR::::asm/md5-sparcv9.o::::::dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", +"debug-solaris-sparcv8-cc","cc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DCRYPTO_MDEBUG_ALL -xarch=v8 -g -O -xstrconst -Xa -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT::-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_PTR DES_RISC1 DES_UNROLL BF_PTR::sparcv8.o::::::::::dlfcn:solaris-shared:-KPIC:-G -dy -z text:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", +"debug-solaris-sparcv9-cc","cc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DCRYPTO_MDEBUG_ALL -xtarget=ultra -xarch=v8plus -g -O -xstrconst -Xa -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT:ULTRASPARC:-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK_LL DES_PTR DES_RISC1 DES_UNROLL BF_PTR::sparcv8plus.o::::::::::dlfcn:solaris-shared:-KPIC:-G -dy -z text:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -# Sunos configs, assuming sparc for the gcc one. -##"sunos-cc", "cc:-O4 -DNOPROTO -DNOCONST::(unknown):SUNOS::DES_UNROLL:::", -"sunos-gcc","gcc:-O3 -mv8 -Dssize_t=int::(unknown):SUNOS::BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL DES_PTR DES_RISC1:::", +#### SunOS configs, assuming sparc for the gcc one. +#"sunos-cc", "cc:-O4 -DNOPROTO -DNOCONST::(unknown):SUNOS::DES_UNROLL:${no_asm}::", +"sunos-gcc","gcc:-O3 -mv8 -Dssize_t=int::(unknown):SUNOS::BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL DES_PTR DES_RISC1:${no_asm}::", #### IRIX 5.x configs # -mips2 flag is added by ./config when appropriate. -"irix-gcc","gcc:-O3 -DTERMIOS -DB_ENDIAN::(unknown):::BN_LLONG MD2_CHAR RC4_INDEX RC4_CHAR RC4_CHUNK DES_UNROLL DES_RISC2 DES_PTR BF_PTR::::::::::dlfcn:irix-shared:::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -"irix-cc", "cc:-O2 -use_readonly_const -DTERMIOS -DB_ENDIAN::(unknown):::BN_LLONG RC4_CHAR RC4_CHUNK DES_PTR DES_RISC2 DES_UNROLL BF_PTR::::::::::dlfcn:irix-shared:::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", +"irix-gcc","gcc:-O3 -DTERMIOS -DB_ENDIAN::(unknown):::BN_LLONG MD2_CHAR RC4_INDEX RC4_CHAR RC4_CHUNK DES_UNROLL DES_RISC2 DES_PTR BF_PTR:${no_asm}:dlfcn:irix-shared:::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", +"irix-cc", "cc:-O2 -use_readonly_const -DTERMIOS -DB_ENDIAN::(unknown):::BN_LLONG RC4_CHAR RC4_CHUNK DES_PTR DES_RISC2 DES_UNROLL BF_PTR:${no_asm}:dlfcn:irix-shared:::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", #### IRIX 6.x configs # Only N32 and N64 ABIs are supported. If you need O32 ABI build, invoke # './Configure irix-cc -o32' manually. -# -mips4 flag is added by ./config when appropriate. -"irix-mips3-gcc","gcc:-mabi=n32 -mmips-as -O3 -DTERMIOS -DB_ENDIAN -DBN_DIV3W::-D_SGI_MP_SOURCE:::MD2_CHAR RC4_INDEX RC4_CHAR RC4_CHUNK_LL DES_UNROLL DES_RISC2 DES_PTR BF_PTR SIXTY_FOUR_BIT:${mips3_irix_asm}:dlfcn:irix-shared::-mabi=n32:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -"irix-mips3-cc", "cc:-n32 -mips3 -O2 -use_readonly_const -DTERMIOS -DB_ENDIAN -DBN_DIV3W::-D_SGI_MP_SOURCE:::DES_PTR RC4_CHAR RC4_CHUNK_LL DES_RISC2 DES_UNROLL BF_PTR SIXTY_FOUR_BIT:${mips3_irix_asm}:dlfcn:irix-shared::-n32:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", +"irix-mips3-gcc","gcc:-mabi=n32 -O3 -DTERMIOS -DB_ENDIAN -DBN_DIV3W::-D_SGI_MP_SOURCE:::MD2_CHAR RC4_INDEX RC4_CHAR RC4_CHUNK_LL DES_UNROLL DES_RISC2 DES_PTR BF_PTR SIXTY_FOUR_BIT::bn-mips3.o::::::::::dlfcn:irix-shared::-mabi=n32:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", +"irix-mips3-cc", "cc:-n32 -mips3 -O2 -use_readonly_const -G0 -rdata_shared -DTERMIOS -DB_ENDIAN -DBN_DIV3W::-D_SGI_MP_SOURCE:::DES_PTR RC4_CHAR RC4_CHUNK_LL DES_RISC2 DES_UNROLL BF_PTR SIXTY_FOUR_BIT::bn-mips3.o::::::::::dlfcn:irix-shared::-n32:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", # N64 ABI builds. -"irix64-mips4-gcc","gcc:-mabi=64 -mips4 -mmips-as -O3 -DTERMIOS -DB_ENDIAN -DBN_DIV3W::-D_SGI_MP_SOURCE:::RC4_CHAR RC4_CHUNK DES_RISC2 DES_UNROLL SIXTY_FOUR_BIT_LONG:${mips3_irix_asm}:dlfcn:irix-shared::-mabi=64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -"irix64-mips4-cc", "cc:-64 -mips4 -O2 -use_readonly_const -DTERMIOS -DB_ENDIAN -DBN_DIV3W::-D_SGI_MP_SOURCE:::RC4_CHAR RC4_CHUNK DES_RISC2 DES_UNROLL SIXTY_FOUR_BIT_LONG:${mips3_irix_asm}:dlfcn:irix-shared::-64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", +"irix64-mips4-gcc","gcc:-mabi=64 -mips4 -O3 -DTERMIOS -DB_ENDIAN -DBN_DIV3W::-D_SGI_MP_SOURCE:::RC4_CHAR RC4_CHUNK DES_RISC2 DES_UNROLL SIXTY_FOUR_BIT_LONG::bn-mips3.o::::::::::dlfcn:irix-shared::-mabi=64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", +"irix64-mips4-cc", "cc:-64 -mips4 -O2 -use_readonly_const -G0 -rdata_shared -DTERMIOS -DB_ENDIAN -DBN_DIV3W::-D_SGI_MP_SOURCE:::RC4_CHAR RC4_CHUNK DES_RISC2 DES_UNROLL SIXTY_FOUR_BIT_LONG::bn-mips3.o::::::::::dlfcn:irix-shared::-64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", #### Unified HP-UX ANSI C configs. # Special notes: @@ -258,7 +258,7 @@ my %table=( # suitable for execution on the host you're currently compiling at. # If the toolkit is ment to be used on various PA-RISC processors # consider './config +DAportable'. -# - +DD64 is chosen in favour of +DA2.0W because it's ment to be +# - +DD64 is chosen in favour of +DA2.0W because it's meant to be # compatible with *future* releases. # - If you run ./Configure hpux-parisc-[g]cc manually don't forget to # pass -D_REENTRANT on HP-UX 10 and later. @@ -269,106 +269,77 @@ my %table=( # crypto/sha/sha_lcl.h. # # -#!#"hpux-parisc-cc","cc:-Ae +O3 +ESlit -z -DB_ENDIAN -DBN_DIV2W -DMD32_XARRAY::::-ldld:BN_LLONG DES_PTR DES_UNROLL DES_RISC1::::::::::dl", # Since there is mention of this in shlib/hpux10-cc.sh -"hpux-parisc-cc-o4","cc:-Ae +O4 +ESlit -z -DB_ENDIAN -DBN_DIV2W -DMD32_XARRAY::::-Wl,+cdp,../%3a,+cdp,./%3a,+s,+b,\$(INSTALLTOP)/lib -ldld:BN_LLONG DES_PTR DES_UNROLL DES_RISC1::::::::::dl:hpux-shared:+Z:-b:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -"hpux-parisc-gcc","gcc:-O3 -DB_ENDIAN -DBN_DIV2W::::-Wl,+cdp,../%3a,+cdp,./%3a,+s,+b,\$(INSTALLTOP)/lib -ldld:BN_LLONG DES_PTR DES_UNROLL DES_RISC1::::::::::dl:hpux-shared:-fPIC:-shared:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -"hpux64-parisc-cc","cc:-Ae +DD64 +O3 +ESlit -z -DB_ENDIAN -DMD32_XARRAY::-D_REENTRANT::-Wl,+s,+b,\$(INSTALLTOP)/lib -ldl:SIXTY_FOUR_BIT_LONG MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT::::::::::dlfcn:hpux-shared:+Z:+DD64 -b:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -# 64bit PARISC for GCC without optimization, which seems to make problems. -# Submitted by -"hpux64-parisc-gcc","gcc:-DB_ENDIAN -DMD32_XARRAY::-D_REENTRANT::-Wl,+s,+b,\$(INSTALLTOP)/lib -ldl:SIXTY_FOUR_BIT_LONG MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT::::::::::dlfcn:hpux-shared:-fpic:-shared:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -"hpux64-parisc2-gcc","gcc:-O3 -DB_ENDIAN -DMD32_XARRAY::-D_REENTRANT::-Wl,+s,+b,\$(INSTALLTOP)/lib -ldl:SIXTY_FOUR_BIT_LONG MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT:asm/pa-risc2W.o:::::::::dlfcn:hpux-shared:-fPIC:-shared:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", - -# IA-64 targets -"hpux-ia64-cc","cc:-Ae +DD32 +O3 +Olit=all -z -DB_ENDIAN::-D_REENTRANT::-Wl,+s,+b,\$(INSTALLTOP)/lib -ldl:SIXTY_FOUR_BIT MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT:asm/ia64-cpp.o::::asm/sha1-ia64.o::asm/rc4-ia64.o:::dlfcn:hpux-shared:+Z:-b:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -# Frank Geurts has patiently assisted with -# with debugging of the following config. -"hpux64-ia64-cc","cc:-Ae +DD64 +O3 +Olit=all -z -DB_ENDIAN::-D_REENTRANT::-Wl,+s,+b,\$(INSTALLTOP)/lib -ldl:SIXTY_FOUR_BIT_LONG MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT:asm/ia64-cpp.o::::asm/sha1-ia64.o::asm/rc4-ia64.o:::dlfcn:hpux-shared:+Z:+DD64 -b:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", +"hpux-parisc-cc-o4","cc:-Ae +O4 +ESlit -z -DB_ENDIAN -DBN_DIV2W -DMD32_XARRAY::-D_REENTRANT::-ldld:BN_LLONG DES_PTR DES_UNROLL DES_RISC1:${no_asm}:dl:hpux-shared:+Z:-b:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", +"hpux-parisc-gcc","gcc:-O3 -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT::-Wl,+s -ldld:BN_LLONG DES_PTR DES_UNROLL DES_RISC1:${no_asm}:dl:hpux-shared:-fPIC:-shared:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", +"hpux-parisc2-gcc","gcc:-march=2.0 -O3 -DB_ENDIAN -D_REENTRANT::::-Wl,+s -ldld:SIXTY_FOUR_BIT RC4_CHAR RC4_CHUNK DES_PTR DES_UNROLL DES_RISC1::pa-risc2.o::::::::::dl:hpux-shared:-fPIC:-shared:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", +"hpux64-parisc2-gcc","gcc:-O3 -DB_ENDIAN -D_REENTRANT::::-ldl:SIXTY_FOUR_BIT_LONG MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT::pa-risc2W.o::::::::::dlfcn:hpux-shared:-fpic:-shared:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", # More attempts at unified 10.X and 11.X targets for HP C compiler. # # Chris Ruemmler # Kevin Steves -"hpux-parisc-cc","cc:+O3 +Optrs_strongly_typed -Ae +ESlit -DB_ENDIAN -DBN_DIV2W -DMD32_XARRAY::-D_REENTRANT::-Wl,+cdp,../%3a,+cdp,./%3a,+s,+b,\$(INSTALLTOP)/lib -ldld:MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT::::::::::dl:hpux-shared:+Z:-b:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -"hpux-parisc2-cc","cc:+DA2.0 +DS2.0 +O3 +Optrs_strongly_typed -Ae +ESlit -DB_ENDIAN -DMD32_XARRAY::-D_REENTRANT::-Wl,+cdp,../%3a,+cdp,./%3a,+s,+b,\$(INSTALLTOP)/lib -ldld:SIXTY_FOUR_BIT MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT:asm/pa-risc2.o:::::::::dl:hpux-shared:+Z:-b:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -"hpux64-parisc2-cc","cc:+DD64 +O3 +Optrs_strongly_typed -Ae +ESlit -DB_ENDIAN -DMD32_XARRAY::-D_REENTRANT::-Wl,+s,+b,\$(INSTALLTOP)/lib -ldl:SIXTY_FOUR_BIT_LONG MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT:asm/pa-risc2W.o:::::::::dlfcn:hpux-shared:+Z:+DD64 -b:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -# Isn't the line below meaningless? HP-UX cc optimizes for host by default. -# hpux-parisc1_0-cc with +DAportable flag would make more sense. -"hpux-parisc1_1-cc","cc:+DA1.1 +DS1.1 +O3 +Optrs_strongly_typed -Ae +ESlit -DB_ENDIAN -DMD32_XARRAY::-D_REENTRANT::-Wl,+cdp,../%3a,+cdp,./%3a,+s,+b,\$(INSTALLTOP)/lib -ldld:MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT::::::::::dl:hpux-shared:+Z:-b:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", - -# HPUX 9.X config. -# Don't use the bundled cc. It is broken. Use HP ANSI C if possible, or -# egcs. gcc 2.8.1 is also broken. - -"hpux-cc", "cc:-DB_ENDIAN -DBN_DIV2W -DMD32_XARRAY -Ae +ESlit +O3 -z::(unknown)::-Wl,+s,+b,\$(INSTALLTOP)/lib -ldld:BN_LLONG DES_PTR DES_UNROLL DES_RISC1::::::::::dl:hpux-shared:+Z:-b:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -# If hpux-cc fails (e.g. during "make test"), try the next one; otherwise, -# please report your OS and compiler version to the openssl-bugs@openssl.org -# mailing list. -"hpux-brokencc", "cc:-DB_ENDIAN -DBN_DIV2W -Ae +ESlit +O2 -z::(unknown)::-Wl,+s,+b,\$(INSTALLTOP)/lib -ldld:DES_PTR DES_UNROLL DES_RISC1::::::::::dl:hpux-shared:+Z:-b:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", - -"hpux-gcc", "gcc:-DB_ENDIAN -DBN_DIV2W -O3::(unknown)::-Wl,+s,+b,\$(INSTALLTOP)/lib -ldld:BN_LLONG DES_PTR DES_UNROLL DES_RISC1::::::::::dl:hpux-shared:-fPIC:-shared:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -# If hpux-gcc fails, try this one: -"hpux-brokengcc", "gcc:-DB_ENDIAN -DBN_DIV2W -O3::(unknown)::-Wl,+s,+b,\$(INSTALLTOP)/lib -ldld:DES_PTR DES_UNROLL DES_RISC1::::::::::dl:hpux-shared:-fPIC:-shared:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", - -# HPUX 9.X on Motorola 68k platforms with gcc -"hpux-m68k-gcc", "gcc:-DB_ENDIAN -DBN_DIV2W -O3::(unknown):::BN_LLONG DES_PTR DES_UNROLL:::::::::::::", - -# HPUX 10.X config. Supports threads. -"hpux10-cc", "cc:-DB_ENDIAN -DBN_DIV2W -DMD32_XARRAY -Ae +ESlit +O3 -z::-D_REENTRANT::-Wl,+s,+b,\$(INSTALLTOP)/lib -ldld:BN_LLONG DES_PTR DES_UNROLL DES_RISC1::::::::::dl:hpux-shared:+Z:-b:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -# If hpux10-cc fails, try this one (if still fails, try deleting BN_LLONG): -"hpux10-brokencc", "cc:-DB_ENDIAN -DBN_DIV2W -Ae +ESlit +O2 -z::-D_REENTRANT::-Wl,+s,+b,\$(INSTALLTOP)/lib -ldld:BN_LLONG DES_PTR DES_UNROLL DES_RISC1::::::::::dl:hpux-shared:+Z:-b:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", - -"hpux10-gcc", "gcc:-DB_ENDIAN -DBN_DIV2W -O3::-D_REENTRANT::-Wl,+s,+b,\$(INSTALLTOP)/lib -ldld:BN_LLONG DES_PTR DES_UNROLL DES_RISC1::::::::::dl:hpux-shared:-fPIC:-shared:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -# If hpux10-gcc fails, try this one: -"hpux10-brokengcc", "gcc:-DB_ENDIAN -DBN_DIV2W -O3::-D_REENTRANT::-Wl,+s,+b,\$(INSTALLTOP)/lib -ldld:DES_PTR DES_UNROLL DES_RISC1::::::::::dl:hpux-shared:-fPIC:-shared:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", - -# HPUX 11.X from www.globus.org. -# Only works on PA-RISC 2.0 cpus, and not optimized. Why? -#"hpux11-32bit-cc","cc:+DA2.0 -DB_ENDIAN -D_HPUX_SOURCE -Aa -Ae +ESlit::-D_REENTRANT:::DES_PTR DES_UNROLL DES_RISC1:::", -#"hpux11-64bit-cc","cc:+DA2.0W -g -D_HPUX_SOURCE -Aa -Ae +ESlit::-D_REENTRANT:::SIXTY_FOUR_BIT_LONG MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT :::", -# Use unified settings above instead. +"hpux-parisc-cc","cc:+O3 +Optrs_strongly_typed -Ae +ESlit -DB_ENDIAN -DBN_DIV2W -DMD32_XARRAY::-D_REENTRANT::-Wl,+s -ldld:MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT:${no_asm}:dl:hpux-shared:+Z:-b:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", +"hpux-parisc1_0-cc","cc:+DAportable +O3 +Optrs_strongly_typed -Ae +ESlit -DB_ENDIAN -DMD32_XARRAY::-D_REENTRANT::-Wl,+s -ldld:MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT:${no_asm}:dl:hpux-shared:+Z:-b:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", +"hpux-parisc2-cc","cc:+DA2.0 +DS2.0 +O3 +Optrs_strongly_typed -Ae +ESlit -DB_ENDIAN -DMD32_XARRAY -D_REENTRANT::::-Wl,+s -ldld:SIXTY_FOUR_BIT MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT::pa-risc2.o::::::::::dl:hpux-shared:+Z:-b:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", +"hpux64-parisc2-cc","cc:+DD64 +O3 +Optrs_strongly_typed -Ae +ESlit -DB_ENDIAN -DMD32_XARRAY -D_REENTRANT::::-ldl:SIXTY_FOUR_BIT_LONG MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT::pa-risc2W.o::::::::::dlfcn:hpux-shared:+Z:+DD64 -b:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -#### HP MPE/iX http://jazz.external.hp.com/src/openssl/ -"MPE/iX-gcc", "gcc:-D_ENDIAN -DBN_DIV2W -O3 -D_POSIX_SOURCE -D_SOCKET_SOURCE -I/SYSLOG/PUB::(unknown):MPE:-L/SYSLOG/PUB -lsyslog -lsocket -lcurses:BN_LLONG DES_PTR DES_UNROLL DES_RISC1:::", +# HP/UX IA-64 targets +"hpux-ia64-cc","cc:-Ae +DD32 +O2 +Olit=all -z -DB_ENDIAN -D_REENTRANT::::-ldl:SIXTY_FOUR_BIT MD2_CHAR RC4_INDEX DES_UNROLL DES_RISC1 DES_INT:${ia64_asm}:dlfcn:hpux-shared:+Z:+DD32 -b:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", +# Frank Geurts has patiently assisted with +# with debugging of the following config. +"hpux64-ia64-cc","cc:-Ae +DD64 +O3 +Olit=all -z -DB_ENDIAN -D_REENTRANT::::-ldl:SIXTY_FOUR_BIT_LONG MD2_CHAR RC4_INDEX DES_UNROLL DES_RISC1 DES_INT:${ia64_asm}:dlfcn:hpux-shared:+Z:+DD64 -b:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", +# GCC builds... +"hpux-ia64-gcc","gcc:-O3 -DB_ENDIAN -D_REENTRANT::::-ldl:SIXTY_FOUR_BIT MD2_CHAR RC4_INDEX DES_UNROLL DES_RISC1 DES_INT:${ia64_asm}:dlfcn:hpux-shared:-fpic:-shared:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", +"hpux64-ia64-gcc","gcc:-mlp64 -O3 -DB_ENDIAN -D_REENTRANT::::-ldl:SIXTY_FOUR_BIT_LONG MD2_CHAR RC4_INDEX DES_UNROLL DES_RISC1 DES_INT:${ia64_asm}:dlfcn:hpux-shared:-fpic:-mlp64 -shared:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -#### PARISC Linux setups -"linux-parisc","gcc:-DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall -DBN_DIV2W::-D_REENTRANT:::BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR::", +# Legacy HPUX 9.X configs... +"hpux-cc", "cc:-DB_ENDIAN -DBN_DIV2W -DMD32_XARRAY -Ae +ESlit +O2 -z::(unknown)::-Wl,+s -ldld:DES_PTR DES_UNROLL DES_RISC1:${no_asm}:dl:hpux-shared:+Z:-b:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", +"hpux-gcc", "gcc:-DB_ENDIAN -DBN_DIV2W -O3::(unknown)::-Wl,+s -ldld:DES_PTR DES_UNROLL DES_RISC1:${no_asm}:dl:hpux-shared:-fPIC:-shared:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -# Dec Alpha, OSF/1 - the alpha164-cc is historical, for the conversion -# from the older DEC C Compiler to the newer compiler. It's now the -# same as the preferred entry, alpha-cc. If you are still using the -# older compiler (you're at 3.x or earlier, or perhaps very early 4.x) -# you should use `alphaold-cc'. +#### HP MPE/iX http://jazz.external.hp.com/src/openssl/ +"MPE/iX-gcc", "gcc:-D_ENDIAN -DBN_DIV2W -O3 -D_POSIX_SOURCE -D_SOCKET_SOURCE -I/SYSLOG/PUB::(unknown):MPE:-L/SYSLOG/PUB -lsyslog -lsocket -lcurses:BN_LLONG DES_PTR DES_UNROLL DES_RISC1:::", + +# DEC Alpha OSF/1/Tru64 targets. # # "What's in a name? That which we call a rose # By any other word would smell as sweet." # # - William Shakespeare, "Romeo & Juliet", Act II, scene II. # -# For OSF/1 3.2b and earlier, and Digital UNIX 3.2c - 3.2g, with the -# vendor compiler, use alphaold-cc. -# For Digital UNIX 4.0 - 4.0e, with the vendor compiler, use alpha-cc. -# For Tru64 UNIX 4.f - current, with the vendor compiler, use alpha-cc. -# -# There's also an alternate target available (which `config' will never -# select) called alpha-cc-rpath. This target builds an RPATH into the -# shared libraries, which is very convenient on Tru64 since binaries -# linked against that shared library will automatically inherit that RPATH, -# and hence know where to look for the openssl libraries, even if they're in -# an odd place. -# # For gcc, the following gave a %50 speedup on a 164 over the 'DES_INT' version # -"alpha-gcc","gcc:-O3::(unknown):::SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_UNROLL DES_RISC1:${alpha_asm}:dlfcn:alpha-osf1-shared:::.so", -"alphaold-cc", "cc:-std1 -tune host -O4 -readonly_strings::(unknown):::SIXTY_FOUR_BIT_LONG RC4_CHUNK:${alpha_asm}:dlfcn:alpha-osf1-shared:::.so", -"alpha164-cc", "cc:-std1 -tune host -fast -readonly_strings::-pthread:::SIXTY_FOUR_BIT_LONG RC4_CHUNK:${alpha_asm}:dlfcn:tru64-shared:::.so", -"alpha-cc", "cc:-std1 -tune host -fast -readonly_strings::-pthread:::SIXTY_FOUR_BIT_LONG RC4_CHUNK:${alpha_asm}:dlfcn:tru64-shared:::.so", -"alpha-cc-rpath", "cc:-std1 -tune host -fast -readonly_strings::-pthread:::SIXTY_FOUR_BIT_LONG RC4_CHUNK:${alpha_asm}:dlfcn:tru64-shared-rpath:::.so", -# -# This probably belongs in a different section. -# -"FreeBSD-alpha","gcc:-DTERMIOS -O -fomit-frame-pointer::(unknown):::SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_PTR DES_RISC2::::::::::dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", +"osf1-alpha-gcc", "gcc:-O3::(unknown):::SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_UNROLL DES_RISC1:${no_asm}:dlfcn:alpha-osf1-shared:::.so", +"osf1-alpha-cc", "cc:-std1 -tune host -O4 -readonly_strings::(unknown):::SIXTY_FOUR_BIT_LONG RC4_CHUNK:${no_asm}:dlfcn:alpha-osf1-shared:::.so", +"tru64-alpha-cc", "cc:-std1 -tune host -fast -readonly_strings::-pthread:::SIXTY_FOUR_BIT_LONG RC4_CHUNK:${no_asm}:dlfcn:alpha-osf1-shared::-msym:.so", +#### +#### Variety of LINUX:-) +#### +# *-generic* is endian-neutral target, but ./config is free to +# throw in -D[BL]_ENDIAN, whichever appropriate... +"linux-generic32","gcc:-DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", +"linux-ppc", "gcc:-DB_ENDIAN -DTERMIO -O3 -Wall::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_RISC1 DES_UNROLL::linux_ppc32.o::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", +#### IA-32 targets... +"linux-ia32-icc", "icc:-DL_ENDIAN -DTERMIO -O2 -no_cpprt::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-KPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", +"linux-elf", "gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", +"linux-aout", "gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -march=i486 -Wall::(unknown):::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_out_asm}", +#### +"linux-generic64","gcc:-DTERMIO -O3 -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", +"linux-ppc64", "gcc:-m64 -DB_ENDIAN -DTERMIO -O3 -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_RISC1 DES_UNROLL::linux_ppc64.o::::::::::dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", +"linux-ia64", "gcc:-DL_ENDIAN -DTERMIO -O3 -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK:${ia64_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", +"linux-ia64-ecc","ecc:-DL_ENDIAN -DTERMIO -O2 -Wall -no_cpprt::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK:${ia64_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", +"linux-ia64-icc","icc:-DL_ENDIAN -DTERMIO -O2 -Wall -no_cpprt::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK:${ia64_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", +"linux-x86_64", "gcc:-m64 -DL_ENDIAN -DTERMIO -O3 -Wall -DMD32_REG_T=int::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK BF_PTR2 DES_INT DES_UNROLL:${x86_64_asm}:dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", +#### SPARC Linux setups +# Ray Miller has patiently +# assisted with debugging of following two configs. +"linux-sparcv8","gcc:-mv8 -DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall -DBN_DIV2W::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR::sparcv8.o:des_enc-sparc.o fcrypt_b.o:::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", +# it's a real mess with -mcpu=ultrasparc option under Linux, but +# -Wa,-Av8plus should do the trick no matter what. +"linux-sparcv9","gcc:-m32 -mcpu=ultrasparc -DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall -Wa,-Av8plus -DBN_DIV2W::-D_REENTRANT:ULTRASPARC:-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR::sparcv8plus.o:des_enc-sparc.o fcrypt_b.o:::::::::dlfcn:linux-shared:-fPIC:-m32:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", +# GCC 3.1 is a requirement +"linux64-sparcv9","gcc:-m64 -mcpu=ultrasparc -DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT:ULTRASPARC:-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR::::::::::::dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", #### Alpha Linux with GNU C and Compaq C setups # Special notes: # - linux-alpha+bwx-gcc is ment to be used from ./config only. If you @@ -382,63 +353,39 @@ my %table=( # # # -"linux-alpha-gcc","gcc:-O3 -DL_ENDIAN -DTERMIO::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_RISC1 DES_UNROLL:${alpha_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -"linux-alpha+bwx-gcc","gcc:-O3 -DL_ENDIAN -DTERMIO::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_RISC1 DES_UNROLL:${alpha_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -"linux-alpha-ccc","ccc:-fast -readonly_strings -DL_ENDIAN -DTERMIO::-D_REENTRANT:::SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_PTR DES_RISC1 DES_UNROLL:${alpha_asm}", -"linux-alpha+bwx-ccc","ccc:-fast -readonly_strings -DL_ENDIAN -DTERMIO::-D_REENTRANT:::SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_PTR DES_RISC1 DES_UNROLL:${alpha_asm}", - -# assembler versions -- currently defunct: -##"OpenBSD-alpha","gcc:-DTERMIOS -O3 -fomit-frame-pointer:::(unknown):SIXTY_FOUR_BIT_LONG DES_INT DES_PTR DES_RISC2:${alpha_asm}", - -# The intel boxes :-), It would be worth seeing if bsdi-gcc can use the -# bn86-elf.o file file since it is hand tweaked assembler. -"linux-elf", "gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -m486 -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -"linux-pentium", "gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -mcpu=pentium -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -"linux-ppro", "gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -mcpu=pentiumpro -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -"linux-k6", "gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -mcpu=k6 -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -"debug-linux-pentium","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DL_ENDIAN -DTERMIO -g -mcpu=pentium -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn", -"debug-linux-ppro","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DL_ENDIAN -DTERMIO -g -mcpu=pentiumpro -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn", -"debug-linux-elf","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DL_ENDIAN -DTERMIO -g -m486 -Wall::-D_REENTRANT::-lefence -ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -"debug-linux-elf-noefence","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DL_ENDIAN -DTERMIO -g -m486 -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -"linux-aout", "gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -m486 -Wall::(unknown):::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_out_asm}", -"linux-mipsel", "gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG RC2_CHAR RC4_INDEX DES_INT DES_UNROLL DES_RISC2::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -"linux-mips", "gcc:-DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG RC2_CHAR RC4_INDEX DES_INT DES_UNROLL DES_RISC2::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -"linux-ppc", "gcc:-DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_RISC1 DES_UNROLL:asm/linux_ppc32.o:::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -# -bpowerpc64-linux is transient option, -m64 should be the one to use... -"linux-ppc64", "gcc:-bpowerpc64-linux -DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_RISC1 DES_UNROLL:asm/linux_ppc64.o:::::::::dlfcn:linux-shared:-fPIC:-bpowerpc64-linux:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -"linux-m68k", "gcc:-DB_ENDIAN -DTERMIO -O2 -fomit-frame-pointer -Wall::-D_REENTRANT:::BN_LLONG::", -"linux-s390", "gcc:-DB_ENDIAN -DTERMIO -DNO_ASM -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -"linux-s390x", "gcc:-DB_ENDIAN -DTERMIO -DNO_ASM -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -"linux-ia64", "gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK RC4_CHAR:asm/ia64.o::::asm/sha1-ia64.o::asm/rc4-ia64.o:::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -"linux-ia64-ecc", "ecc:-DL_ENDIAN -DTERMIO -O2 -Wall -no_cpprt::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK RC4_CHAR:asm/ia64.o::::asm/sha1-ia64.o::asm/rc4-ia64.o:::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -"linux-x86_64", "gcc:-m64 -DL_ENDIAN -DTERMIO -O3 -Wall -DMD32_REG_T=int::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK RC4_CHAR BF_PTR2 DES_INT DES_UNROLL:asm/x86_64-gcc.o::::::asm/rc4-x86_64.o:::dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -"NetBSD-sparc", "gcc:-DTERMIOS -O3 -fomit-frame-pointer -mv8 -Wall -DB_ENDIAN::(unknown):::BN_LLONG MD2_CHAR RC4_INDEX DES_UNROLL::::::::::dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -"NetBSD-m68", "gcc:-DTERMIOS -O3 -fomit-frame-pointer -Wall -DB_ENDIAN::(unknown):::BN_LLONG MD2_CHAR RC4_INDEX DES_UNROLL::::::::::dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -"NetBSD-x86", "gcc:-DTERMIOS -O3 -fomit-frame-pointer -m486 -Wall::(unknown):::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}::::::::::dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -"FreeBSD-elf", "gcc:-DTERMIOS -DL_ENDIAN -fomit-frame-pointer -O3 -m486 -Wall::-pthread -D_REENTRANT -D_THREAD_SAFE -D_THREADSAFE:::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -"FreeBSD-sparc64","gcc:-DB_ENDIAN -DTERMIOS -O3 -fomit-frame-pointer::-pthread -D_REENTRANT -D_THREAD_SAFE -D_THREADSAFE:::SIXTY_FOUR_BIT_LONG DES_INT DES_PTR DES_RISC2 BF_PTR::::::::::dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -"FreeBSD-ia64","gcc:-DL_ENDIAN -DTERMIOS -O -fomit-frame-pointer::(unknown):::SIXTY_FOUR_BIT_LONG RC4_CHUNK RC4_CHAR:asm/ia64-cpp.o:::::::::dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -"FreeBSD", "gcc:-DTERMIOS -DL_ENDIAN -fomit-frame-pointer -O3 -m486 -Wall::(unknown):::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_out_asm}", -"bsdi-gcc", "gcc:-O3 -ffast-math -DL_ENDIAN -DPERL5 -m486::(unknown):::RSA_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_bsdi_asm}", -"bsdi-elf-gcc", "gcc:-DPERL5 -DL_ENDIAN -fomit-frame-pointer -O3 -m486 -Wall::(unknown)::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", +"linux-alpha-gcc","gcc:-O3 -DL_ENDIAN -DTERMIO::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_RISC1 DES_UNROLL:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", +"linux-alpha+bwx-gcc","gcc:-O3 -DL_ENDIAN -DTERMIO::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_RISC1 DES_UNROLL:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", +"linux-alpha-ccc","ccc:-fast -readonly_strings -DL_ENDIAN -DTERMIO::-D_REENTRANT:::SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_PTR DES_RISC1 DES_UNROLL:${no_asm}", +"linux-alpha+bwx-ccc","ccc:-fast -readonly_strings -DL_ENDIAN -DTERMIO::-D_REENTRANT:::SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_PTR DES_RISC1 DES_UNROLL:${no_asm}", + +#### *BSD [do see comment about ${BSDthreads} above!] +"BSD-generic32","gcc:-DTERMIOS -O3 -fomit-frame-pointer -Wall::${BSDthreads}:::BN_LLONG RC2_CHAR RC4_INDEX DES_INT DES_UNROLL:${no_asm}:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", +"BSD-x86", "gcc:-DL_ENDIAN -DTERMIOS -O3 -fomit-frame-pointer -Wall::${BSDthreads}:::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_out_asm}:dlfcn:bsd-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", +"BSD-x86-elf", "gcc:-DL_ENDIAN -DTERMIOS -O3 -fomit-frame-pointer -Wall::${BSDthreads}:::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:bsd-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", +"debug-BSD-x86-elf", "gcc:-DL_ENDIAN -DTERMIOS -O3 -Wall -g::${BSDthreads}:::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:bsd-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", +"BSD-sparcv8", "gcc:-DB_ENDIAN -DTERMIOS -O3 -mv8 -Wall::${BSDthreads}:::BN_LLONG RC2_CHAR RC4_INDEX DES_INT DES_UNROLL::sparcv8.o:des_enc-sparc.o fcrypt_b.o:::::::::dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", + +"BSD-generic64","gcc:-DTERMIOS -O3 -Wall::${BSDthreads}:::SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL:${no_asm}:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", +# -DMD32_REG_T=int doesn't actually belong in sparc64 target, it +# simply *happens* to work around a compiler bug in gcc 3.3.3, +# triggered by RIPEMD160 code. +"BSD-sparc64", "gcc:-DB_ENDIAN -DTERMIOS -O3 -DMD32_REG_T=int -Wall::${BSDthreads}:::SIXTY_FOUR_BIT_LONG RC2_CHAR RC4_CHUNK DES_INT DES_PTR DES_RISC2 BF_PTR:::des_enc-sparc.o fcrypt_b.o:::::::::dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", +"BSD-ia64", "gcc:-DL_ENDIAN -DTERMIOS -O3 -Wall::${BSDthreads}:::SIXTY_FOUR_BIT_LONG RC4_CHUNK:${ia64_asm}:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", +"BSD-x86_64", "gcc:-DL_ENDIAN -DTERMIOS -O3 -DMD32_REG_T=int -Wall::${BSDthreads}:::SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL:${x86_64_asm}:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", + +"bsdi-elf-gcc", "gcc:-DPERL5 -DL_ENDIAN -fomit-frame-pointer -O3 -march=i486 -Wall::(unknown)::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", + "nextstep", "cc:-O -Wall::(unknown):::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:::", "nextstep3.3", "cc:-O3 -Wall::(unknown):::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:::", # NCR MP-RAS UNIX ver 02.03.01 "ncr-scde","cc:-O6 -Xa -Hoff=BEHAVED -686 -Hwide -Hiw::(unknown)::-lsocket -lnsl -lc89:${x86_gcc_des} ${x86_gcc_opts}:::", -# QNX 4 +# QNX "qnx4", "cc:-DL_ENDIAN -DTERMIO::(unknown):::${x86_gcc_des} ${x86_gcc_opts}:", - -# QNX 6 "qnx6", "cc:-DL_ENDIAN -DTERMIOS::(unknown)::-lsocket:${x86_gcc_des} ${x86_gcc_opts}:", -# Linux on ARM -# ARM comes in both little- and big-endian flavors. The following line is -# endian neutral, but ./config is free to throw in -D[BL]_ENDIAN... -"linux-elf-arm","gcc:-DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", - -# SCO/Caldera targets. +#### SCO/Caldera targets. # # Originally we had like unixware-*, unixware-*-pentium, unixware-*-p6, etc. # Now we only have blended unixware-* as it's the only one used by ./config. @@ -449,24 +396,23 @@ my %table=( # compiler drivers and assemblers. Tim Rice has # patiently assisted to debug most of it. # -# UnixWare 2.0x fails destest with -O +# UnixWare 2.0x fails destest with -O. "unixware-2.0","cc:-DFILIO_H -DNO_STRINGS_H::-Kthread::-lsocket -lnsl -lresolv -lx:${x86_gcc_des} ${x86_gcc_opts}:::", "unixware-2.1","cc:-O -DFILIO_H::-Kthread::-lsocket -lnsl -lresolv -lx:${x86_gcc_des} ${x86_gcc_opts}:::", "unixware-7","cc:-O -DFILIO_H -Kalloca::-Kthread::-lsocket -lnsl:BN_LLONG MD2_CHAR RC4_INDEX ${x86_gcc_des}:${x86_elf_asm}:dlfcn:svr5-shared:-Kpic::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -"unixware-7-gcc","gcc:-DL_ENDIAN -DFILIO_H -O3 -fomit-frame-pointer -m486 -Wall::-D_REENTRANT::-lsocket -lnsl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:gnu-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -"OpenUNIX-8","cc:-O -DFILIO_H -Kalloca::-Kthread::-lsocket -lnsl:BN_LLONG MD2_CHAR RC4_INDEX ${x86_gcc_des}:${x86_elf_asm}:dlfcn:svr5-shared:-Kpic::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -"OpenUNIX-8-gcc","gcc:-O -DFILIO_H -fomit-frame-pointer::-pthread::-lsocket -lnsl:BN_LLONG MD2_CHAR RC4_INDEX ${x86_gcc_des}:${x86_elf_asm}:dlfcn:svr5-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -"sco3-gcc", "gcc:-O3 -fomit-frame-pointer -Dssize_t=int -DNO_SYS_UN_H::(unknown)::-lsocket:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:::", # the SCO assembler doesn't seem to like our assembler files ... +"unixware-7-gcc","gcc:-DL_ENDIAN -DFILIO_H -O3 -fomit-frame-pointer -march=pentium -Wall::-D_REENTRANT::-lsocket -lnsl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:gnu-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", # SCO 5 - Ben Laurie says the -O breaks the SCO cc. "sco5-cc", "cc:-belf::(unknown)::-lsocket -lnsl:${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:svr3-shared:-Kpic::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", "sco5-gcc", "gcc:-O3 -fomit-frame-pointer::(unknown)::-lsocket -lnsl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:svr3-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", - -# IBM's AIX. -"aix3-cc", "cc:-O -DB_ENDIAN -qmaxmem=16384::(unknown):AIX::BN_LLONG RC4_CHAR:::", -"aix-gcc", "gcc:-O3 -DB_ENDIAN::-D_THREAD_SAFE:AIX::BN_LLONG RC4_CHAR:asm/aix_ppc32.o:::::::::dlfcn:", -"aix-cc", "cc:-q32 -O -DB_ENDIAN -qmaxmem=16384::-qthreaded:AIX::BN_LLONG RC4_CHAR:asm/aix_ppc32.o:::::::::dlfcn:aix-shared::-q32:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)::-X 32", -"aix64-cc", "cc:-q64 -O -DB_ENDIAN -qmaxmem=16384::-qthreaded:AIX::SIXTY_FOUR_BIT_LONG RC4_CHAR:asm/aix_ppc64.o:::::::::dlfcn:aix-shared::-q64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)::-X 64", +#### IBM's AIX. +"aix3-cc", "cc:-O -DB_ENDIAN -qmaxmem=16384::(unknown):AIX::BN_LLONG RC4_CHAR:::", +"aix-gcc", "gcc:-O -DB_ENDIAN::-D_THREAD_SAFE:AIX::BN_LLONG RC4_CHAR::aix_ppc32.o::::::::::dlfcn:aix-shared:::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)::-X 32", +"aix64-gcc","gcc:-maix64 -O -DB_ENDIAN::-D_THREAD_SAFE:AIX::SIXTY_FOUR_BIT_LONG RC4_CHAR::aix_ppc64.o::::::::::dlfcn:aix-shared::-maix64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)::-X64", +# Below targets assume AIX 5. Idea is to effectively disregard $OBJECT_MODE +# at build time. $OBJECT_MODE is respected at ./config stage! +"aix-cc", "cc:-q32 -O -DB_ENDIAN -qmaxmem=16384 -qro -qroconst::-qthreaded:AIX::BN_LLONG RC4_CHAR::aix_ppc32.o::::::::::dlfcn:aix-shared::-q32:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)::-X 32", +"aix64-cc", "cc:-q64 -O -DB_ENDIAN -qmaxmem=16384 -qro -qroconst::-qthreaded:AIX::SIXTY_FOUR_BIT_LONG RC4_CHAR::aix_ppc64.o::::::::::dlfcn:aix-shared::-q64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)::-X 64", # # Cray T90 and similar (SDSC) @@ -501,7 +447,7 @@ my %table=( # Sinix/ReliantUNIX RM400 # NOTE: The CDS++ Compiler up to V2.0Bsomething has the IRIX_CC_BUG optimizer problem. Better use -g */ -"ReliantUNIX","cc:-KPIC -g -DTERMIOS -DB_ENDIAN::-Kthread:SNI:-lsocket -lnsl -lc -L/usr/ucblib -lucb:BN_LLONG DES_PTR DES_RISC2 DES_UNROLL BF_PTR::::::::::dlfcn:reliantunix-shared:::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", +"ReliantUNIX","cc:-KPIC -g -DTERMIOS -DB_ENDIAN::-Kthread:SNI:-lsocket -lnsl -lc -L/usr/ucblib -lucb:BN_LLONG DES_PTR DES_RISC2 DES_UNROLL BF_PTR:${no_asm}:dlfcn:reliantunix-shared:::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", "SINIX","cc:-O::(unknown):SNI:-lsocket -lnsl -lc -L/usr/ucblib -lucb:RC4_INDEX RC4_CHAR:::", "SINIX-N","/usr/ucb/cc:-O2 -misaligned::(unknown)::-lucb:RC4_INDEX RC4_CHAR:::", @@ -514,56 +460,60 @@ my %table=( # "OS390-Unix","c89.sh:-O -DB_ENDIAN -DCHARSET_EBCDIC -DNO_SYS_PARAM_H -D_ALL_SOURCE::(unknown):::THIRTY_TWO_BIT DES_PTR DES_UNROLL MD2_CHAR RC4_INDEX RC4_CHAR BF_PTR:::", -# Windows NT, Microsoft Visual C++ 4.0 +# Win64 targets, WIN64I denotes IA-64 and WIN64A - AMD64 +"VC-WIN64I","cl::::WIN64I::SIXTY_FOUR_BIT RC4_CHUNK_LL DES_INT EXPORT_VAR_AS_FN:${no_asm}:win32", +"VC-WIN64A","cl::::WIN64A::SIXTY_FOUR_BIT RC4_CHUNK_LL DES_INT EXPORT_VAR_AS_FN:${no_asm}:win32", -"VC-NT","cl::::WINNT::BN_LLONG RC4_INDEX EXPORT_VAR_AS_FN ${x86_gcc_opts}::::::::::win32", -"VC-CE","cl::::WINCE::BN_LLONG RC4_INDEX EXPORT_VAR_AS_FN ${x86_gcc_opts}::::::::::win32", -"VC-WIN32","cl::::WIN32::BN_LLONG RC4_INDEX EXPORT_VAR_AS_FN ${x86_gcc_opts}::::::::::win32", -"VC-WIN16","cl:::(unknown):WIN16::MD2_CHAR DES_UNROLL DES_PTR RC4_INDEX THIRTY_TWO_BIT:::", -"VC-W31-16","cl:::(unknown):WIN16::BN_LLONG MD2_CHAR DES_UNROLL DES_PTR RC4_INDEX SIXTEEN_BIT:::", -"VC-W31-32","cl::::WIN16::BN_LLONG MD2_CHAR DES_UNROLL DES_PTR RC4_INDEX THIRTY_TWO_BIT:::", -"VC-MSDOS","cl:::(unknown):MSDOS::BN_LLONG MD2_CHAR DES_UNROLL DES_PTR RC4_INDEX SIXTEEN_BIT:::", +# Visual C targets +"VC-NT","cl::::WINNT::BN_LLONG RC4_INDEX EXPORT_VAR_AS_FN ${x86_gcc_opts}:${no_asm}:win32", +"VC-CE","cl::::WINCE::BN_LLONG RC4_INDEX EXPORT_VAR_AS_FN ${x86_gcc_opts}:${no_asm}:win32", +"VC-WIN32","cl::::WIN32::BN_LLONG RC4_INDEX EXPORT_VAR_AS_FN ${x86_gcc_opts}:${no_asm}:win32", # Borland C++ 4.5 -"BC-32","bcc32::::WIN32::BN_LLONG DES_PTR RC4_INDEX EXPORT_VAR_AS_FN::::::::::win32", -"BC-16","bcc:::(unknown):WIN16::BN_LLONG DES_PTR RC4_INDEX SIXTEEN_BIT:::", +"BC-32","bcc32::::WIN32::BN_LLONG DES_PTR RC4_INDEX EXPORT_VAR_AS_FN:${no_asm}:win32", # MinGW -"mingw", "gcc:-DL_ENDIAN -fomit-frame-pointer -O3 -march=i486 -mno-cygwin -Wall -D_WIN32_WINNT=0x333:::MINGW32:-lwsock32 -lgdi32:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts} EXPORT_VAR_AS_FN:${x86_out_asm}:win32:cygwin-shared:-D_WINDLL:-mno-cygwin:.dll.a", +"mingw", "gcc:-mno-cygwin -DL_ENDIAN -fomit-frame-pointer -O3 -march=i486 -Wall -D_WIN32_WINNT=0x333:::MINGW32:-lwsock32 -lgdi32:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts} EXPORT_VAR_AS_FN:${x86_coff_asm}:win32:cygwin-shared:-D_WINDLL -DOPENSSL_USE_APPLINK:-mno-cygwin -shared:.dll.a", # UWIN -"UWIN", "cc:-DTERMIOS -DL_ENDIAN -O -Wall:::UWIN::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}::::::::::win32", +"UWIN", "cc:-DTERMIOS -DL_ENDIAN -O -Wall:::UWIN::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${no_asm}:win32", # Cygwin -"Cygwin-pre1.3", "gcc:-DTERMIOS -DL_ENDIAN -fomit-frame-pointer -O3 -m486 -Wall::(unknown):CYGWIN32::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}::::::::::win32", -"Cygwin", "gcc:-DTERMIOS -DL_ENDIAN -fomit-frame-pointer -O3 -march=i486 -Wall:::CYGWIN32::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_out_asm}:dlfcn:cygwin-shared:-D_WINDLL::.dll.a", +"Cygwin-pre1.3", "gcc:-DTERMIOS -DL_ENDIAN -fomit-frame-pointer -O3 -m486 -Wall::(unknown):CYGWIN32::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${no_asm}:win32", +"Cygwin", "gcc:-DTERMIOS -DL_ENDIAN -fomit-frame-pointer -O3 -march=i486 -Wall:::CYGWIN32::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_coff_asm}:dlfcn:cygwin-shared:-D_WINDLL:-shared:.dll.a", +"debug-Cygwin", "gcc:-DTERMIOS -DL_ENDIAN -march=i486 -Wall -DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DCRYPTO_MDEBUG -DOPENSSL_NO_ASM -g -Wformat -Wshadow -Wmissing-prototypes -Wmissing-declarations -Werror:::CYGWIN32:::${no_asm}:dlfcn:cygwin-shared:-D_WINDLL:-shared:.dll.a", + +# NetWare from David Ward (dsward@novell.com) +# requires either MetroWerks NLM development tools, or gcc / nlmconv +# NetWare defaults socket bio to WinSock sockets. However, +# the builds can be configured to use BSD sockets instead. +# netware-clib => legacy CLib c-runtime support +"netware-clib", "mwccnlm::::::${x86_gcc_opts}::", +"netware-clib-bsdsock", "mwccnlm::::::${x86_gcc_opts}::", +"netware-clib-gcc", "i586-netware-gcc:-nostdinc -I/ndk/nwsdk/include/nlm -I/ndk/ws295sdk/include -DL_ENDIAN -DNETWARE_CLIB -DOPENSSL_SYSNAME_NETWARE -O2 -Wall:::::${x86_gcc_opts}::", +"netware-clib-bsdsock-gcc", "i586-netware-gcc:-nostdinc -I/ndk/nwsdk/include/nlm -DNETWARE_BSDSOCK -DNETDB_USE_INTERNET -DL_ENDIAN -DNETWARE_CLIB -DOPENSSL_SYSNAME_NETWARE -O2 -Wall:::::${x86_gcc_opts}::", +# netware-libc => LibC/NKS support +"netware-libc", "mwccnlm::::::BN_LLONG ${x86_gcc_opts}::", +"netware-libc-bsdsock", "mwccnlm::::::BN_LLONG ${x86_gcc_opts}::", +"netware-libc-gcc", "i586-netware-gcc:-nostdinc -I/ndk/libc/include -I/ndk/libc/include/winsock -DL_ENDIAN -DNETWARE_LIBC -DOPENSSL_SYSNAME_NETWARE -DTERMIO -O2 -Wall:::::BN_LLONG ${x86_gcc_opts}::", +"netware-libc-bsdsock-gcc", "i586-netware-gcc:-nostdinc -I/ndk/libc/include -DNETWARE_BSDSOCK -DL_ENDIAN -DNETWARE_LIBC -DOPENSSL_SYSNAME_NETWARE -DTERMIO -O2 -Wall:::::BN_LLONG ${x86_gcc_opts}::", # DJGPP -"DJGPP", "gcc:-I/dev/env/WATT_ROOT/inc -DTERMIOS -DL_ENDIAN -fomit-frame-pointer -O2 -Wall:::MSDOS:-L/dev/env/WATT_ROOT/lib -lwatt:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}::::::::::", +"DJGPP", "gcc:-I/dev/env/WATT_ROOT/inc -DTERMIOS -DL_ENDIAN -fomit-frame-pointer -O2 -Wall:::MSDOS:-L/dev/env/WATT_ROOT/lib -lwatt:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_out_asm}:", # Ultrix from Bernhard Simon "ultrix-cc","cc:-std1 -O -Olimit 2500 -DL_ENDIAN::(unknown):::::::", -"ultrix-gcc","gcc:-O3 -DL_ENDIAN::(unknown):::::::", +"ultrix-gcc","gcc:-O3 -DL_ENDIAN::(unknown):::BN_LLONG::::", # K&R C is no longer supported; you need gcc on old Ultrix installations ##"ultrix","cc:-O2 -DNOPROTO -DNOCONST -DL_ENDIAN::(unknown):::::::", -# Some OpenBSD from Bob Beck -"OpenBSD", "gcc:-DTERMIOS -O3 -fomit-frame-pointer::(unknown):::BN_LLONG RC2_CHAR RC4_INDEX DES_INT DES_UNROLL::::::::::dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -"OpenBSD-alpha", "gcc:-DTERMIOS -O3 -fomit-frame-pointer::(unknown):::SIXTY_FOUR_BIT_LONG DES_INT DES_PTR DES_RISC2::::::::::dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -"OpenBSD-i386", "gcc:-DL_ENDIAN -DTERMIOS -O3 -fomit-frame-pointer::(unknown):::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_out_asm}:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -"OpenBSD-m68k", "gcc:-DTERMIOS -O3 -fomit-frame-pointer::(unknown):::BN_LLONG RC2_CHAR RC4_INDEX DES_INT DES_UNROLL::::::::::dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -"OpenBSD-m88k", "gcc:-DTERMIOS -O3 -fomit-frame-pointer::(unknown):::BN_LLONG RC2_CHAR RC4_INDEX DES_INT DES_UNROLL::::::::::dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -"OpenBSD-mips", "gcc:-DL_ENDIAN -DTERMIOS -O3 -fomit-frame-pointer::(unknown):::BN_LLONG RC2_CHAR RC4_INDEX DES_INT DES_UNROLL DES_RISC2::::::::::dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -"OpenBSD-powerpc", "gcc:-DTERMIOS -O3 -fomit-frame-pointer::(unknown):::BN_LLONG RC2_CHAR RC4_INDEX DES_INT DES_UNROLL::::::::::dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -"OpenBSD-sparc", "gcc:-DTERMIOS -O3 -fomit-frame-pointer::(unknown):::BN_LLONG RC2_CHAR RC4_INDEX DES_INT DES_UNROLL::::::::::dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -"OpenBSD-sparc64", "gcc:-DB_ENDIAN -DTERMIOS -O3 -fomit-frame-pointer::(unknown):::SIXTY_FOUR_BIT_LONG DES_INT DES_PTR DES_RISC2 BF_PTR::::::::::dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -"OpenBSD-vax", "gcc:-DL_ENDIAN -DTERMIOS -O3 -fomit-frame-pointer::(unknown):::BN_LLONG RC2_CHAR RC4_INDEX DES_INT DES_UNROLL::::::::::dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -"OpenBSD-hppa", "gcc:-DTERMIOS -O3 -fomit-frame-pointer::(unknown):::BN_LLONG RC2_CHAR RC4_INDEX DES_UNROLL::::::::::dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", - ##### MacOS X (a.k.a. Rhapsody or Darwin) setup -"rhapsody-ppc-cc","cc:-O3 -DB_ENDIAN::(unknown):MACOSX_RHAPSODY::BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:::", -"darwin-ppc-cc","cc:-O3 -fomit-frame-pointer -DB_ENDIAN::-D_REENTRANT:MACOSX::BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:asm/osx_ppc32.o:::::::::dlfcn:darwin-shared:-fPIC -fno-common::.\$(SHLIB_MAJOR).\$(SHLIB_MINOR).dylib", -"darwin-i386-cc","cc:-O3 -fomit-frame-pointer -fno-common::-D_REENTRANT:MACOSX::BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:::::::::::darwin-shared:-fPIC::.\$(SHLIB_MAJOR).\$(SHLIB_MINOR).dylib", +"rhapsody-ppc-cc","cc:-O3 -DB_ENDIAN::(unknown):MACOSX_RHAPSODY::BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:${no_asm}::", +"darwin-ppc-cc","cc:-arch ppc -O3 -DB_ENDIAN::-D_REENTRANT:MACOSX:-Wl,-search_paths_first%:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR::osx_ppc32.o::::::::::dlfcn:darwin-shared:-fPIC -fno-common:-arch ppc -dynamiclib:.\$(SHLIB_MAJOR).\$(SHLIB_MINOR).dylib", +"darwin64-ppc-cc","cc:-arch ppc64 -O3 -DB_ENDIAN::-D_REENTRANT:MACOSX:-Wl,-search_paths_first%:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:ppccpuid_osx64.o:osx_ppc64.o osx_ppc64-mont.o:::::sha1-ppc_osx64.o sha256-ppc_osx64.o sha512-ppc_osx64.o:::::dlfcn:darwin-shared:-fPIC -fno-common:-arch ppc64 -dynamiclib:.\$(SHLIB_MAJOR).\$(SHLIB_MINOR).dylib", +"darwin-i386-cc","cc:-arch i386 -O3 -fomit-frame-pointer -fno-common::-D_REENTRANT:MACOSX:-Wl,-search_paths_first%:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:${no_asm}:dlfcn:darwin-shared:-fPIC -fno-common:-arch i386 -dynamiclib:.\$(SHLIB_MAJOR).\$(SHLIB_MINOR).dylib", +"darwin64-x86_64-cc","cc:-arch x86_64 -O3 -fomit-frame-pointer -DL_ENDIAN -DMD32_REG_T=int -Wall::-D_REENTRANT:MACOSX:-Wl,-search_paths_first%:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK BF_PTR2 DES_INT DES_UNROLL:${no_asm}:dlfcn:darwin-shared:-fPIC -fno-common:-arch x86_64 -dynamiclib:.\$(SHLIB_MAJOR).\$(SHLIB_MINOR).dylib", +"debug-darwin-ppc-cc","cc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DCRYPTO_MDEBUG -DB_ENDIAN -g -Wall -O::-D_REENTRANT:MACOSX::BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR::osx_ppc32.o::::::::::dlfcn:darwin-shared:-fPIC -fno-common:-dynamiclib:.\$(SHLIB_MAJOR).\$(SHLIB_MINOR).dylib", ##### A/UX "aux3-gcc","gcc:-O2 -DTERMIO::(unknown):AUX:-lbsd:RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:::", @@ -572,7 +522,7 @@ my %table=( "newsos4-gcc","gcc:-O -DB_ENDIAN::(unknown):NEWS4:-lmld -liberty:BN_LLONG RC4_CHAR RC4_CHUNK DES_PTR DES_RISC1 DES_UNROLL BF_PTR::::", ##### GNU Hurd -"hurd-x86", "gcc:-DL_ENDIAN -DTERMIOS -O3 -fomit-frame-pointer -m486 -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC", +"hurd-x86", "gcc:-DL_ENDIAN -DTERMIOS -O3 -fomit-frame-pointer -march=i486 -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC", ##### OS/2 EMX "OS2-EMX", "gcc::::::::", @@ -580,17 +530,20 @@ my %table=( ##### VxWorks for various targets "vxworks-ppc405","ccppc:-g -msoft-float -mlongcall -DCPU=PPC405 -I\$(WIND_BASE)/target/h:::VXWORKS:-r:::::", "vxworks-ppc750","ccppc:-ansi -nostdinc -DPPC750 -D_REENTRANT -fvolatile -fno-builtin -fno-for-scope -fsigned-char -Wall -msoft-float -mlongcall -DCPU=PPC604 -I\$(WIND_BASE)/target/h \$(DEBUG_FLAG):::VXWORKS:-r:::::", -"vxworks-ppc750-debug","ccppc:-ansi -nostdinc -DPPC750 -D_REENTRANT -fvolatile -fno-builtin -fno-for-scope -fsigned-char -Wall -msoft-float -mlongcall -DCPU=PPC604 -I\$(WIND_BASE)/target/h -DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DPEDANTIC -DDEBUG_SAFESTACK -DDEBUG -g:::VXWORKS:-r:::::", +"vxworks-ppc750-debug","ccppc:-ansi -nostdinc -DPPC750 -D_REENTRANT -fvolatile -fno-builtin -fno-for-scope -fsigned-char -Wall -msoft-float -mlongcall -DCPU=PPC604 -I\$(WIND_BASE)/target/h -DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DCRYPTO_MDEBUG -DPEDANTIC -DDEBUG_SAFESTACK -DDEBUG -g:::VXWORKS:-r:::::", "vxworks-ppc860","ccppc:-nostdinc -msoft-float -DCPU=PPC860 -DNO_STRINGS_H -I\$(WIND_BASE)/target/h:::VXWORKS:-r:::::", -"vxworks-mipsle","ccmips:-B\$(WIND_BASE)/host/\$(WIND_HOST_TYPE)/lib/gcc-lib/ -DL_ENDIAN -EL -Wl,-EL -mips2 -mno-branch-likely -G 0 -fno-builtin -msoft-float -DCPU=MIPS32 -DMIPSEL -DNO_STRINGS_H -I\$(WIND_BASE)/target/h:::VXWORKS:-r::::::::::::::::ranlibmips:", +"vxworks-mipsle","ccmips:-B\$(WIND_BASE)/host/\$(WIND_HOST_TYPE)/lib/gcc-lib/ -DL_ENDIAN -EL -Wl,-EL -mips2 -mno-branch-likely -G 0 -fno-builtin -msoft-float -DCPU=MIPS32 -DMIPSEL -DNO_STRINGS_H -I\$(WIND_BASE)/target/h:::VXWORKS:-r::${no_asm}::::::ranlibmips:", ##### Compaq Non-Stop Kernel (Tandem) "tandem-c89","c89:-Ww -D__TANDEM -D_XOPEN_SOURCE -D_XOPEN_SOURCE_EXTENDED=1 -D_TANDEM_SOURCE -DB_ENDIAN::(unknown):::THIRTY_TWO_BIT:::", ); -my @WinTargets=qw(VC-NT VC-CE VC-WIN32 VC-WIN16 VC-W31-16 VC-W31-32 VC-MSDOS - BC-32 BC-16 Mingw32 OS2-EMX); +my @MK1MF_Builds=qw(VC-WIN64I VC-WIN64A + VC-NT VC-CE VC-WIN32 + BC-32 OS2-EMX + netware-clib netware-clib-bsdsock + netware-libc netware-libc-bsdsock); my $idx = 0; my $idx_cc = $idx++; @@ -600,8 +553,10 @@ my $idx_thread_cflag = $idx++; my $idx_sys_id = $idx++; my $idx_lflags = $idx++; my $idx_bn_ops = $idx++; +my $idx_cpuid_obj = $idx++; my $idx_bn_obj = $idx++; my $idx_des_obj = $idx++; +my $idx_aes_obj = $idx++; my $idx_bf_obj = $idx++; my $idx_md5_obj = $idx++; my $idx_sha1_obj = $idx++; @@ -621,15 +576,16 @@ my $prefix=""; my $openssldir=""; my $exe_ext=""; my $install_prefix=""; -my $fipslibdir="/usr/local/ssl/lib"; -my $baseaddr="0xFB00000"; my $no_threads=0; -my $no_shared=1; -my $zlib=0; -my $no_krb5=0; my $threads=0; +my $no_shared=0; # but "no-shared" is default +my $zlib=1; # but "no-zlib" is default +my $no_krb5=0; # but "no-krb5" is implied unless "--with-krb5-..." is used +my $no_rfc3779=1; # but "no-rfc3779" is default +my $montasm=1; # but "no-montasm" is default my $no_asm=0; my $no_dso=0; +my $no_gmp=0; my @skip=(); my $Makefile="Makefile"; my $des_locl="crypto/des/des_locl.h"; @@ -643,10 +599,10 @@ my $rc2 ="crypto/rc2/rc2.h"; my $bf ="crypto/bf/bf_locl.h"; my $bn_asm ="bn_asm.o"; my $des_enc="des_enc.o fcrypt_b.o"; -my $fips_des_enc="fips_des_enc.o"; +my $aes_enc="aes_core.o aes_cbc.o"; my $bf_enc ="bf_enc.o"; my $cast_enc="c_enc.o"; -my $rc4_enc="rc4_enc.o"; +my $rc4_enc="rc4_enc.o rc4_skey.o"; my $rc5_enc="rc5_enc.o"; my $md5_obj=""; my $sha1_obj=""; @@ -654,16 +610,34 @@ my $rmd160_obj=""; my $processor=""; my $default_ranlib; my $perl; -my $fips=0; -my $debug=0; -my $no_ssl2=0; -my $no_ssl3=0; -my $no_tls1=0; -my $no_md5=0; -my $no_sha=0; -my $no_rsa=0; -my $no_dh=0; + +# All of the following is disabled by default (RC5 was enabled before 0.9.8): + +my %disabled = ( # "what" => "comment" + "camellia" => "default", + "cms" => "default", + "gmp" => "default", + "mdc2" => "default", + "montasm" => "default", # explicit option in 0.9.8 only (implicitly enabled in 0.9.9) + "rc5" => "default", + "rfc3779" => "default", + "seed" => "default", + "shared" => "default", + "tlsext" => "default", + "zlib" => "default", + "zlib-dynamic" => "default" + ); + +# Additional "no-..." options will be collected in %disabled. +# To remove something from %disabled, use e.g. "enable-rc5". +# For symmetry, "disable-..." is a synonym for "no-...". + +# This is what $depflags will look like with the above default: +my $default_depflags = "-DOPENSSL_NO_CAMELLIA -DOPENSSL_NO_CMS -DOPENSSL_NO_GMP -DOPENSSL_NO_MDC2 -DOPENSSL_NO_RC5 -DOPENSSL_NO_RFC3779 -DOPENSSL_NO_SEED -DOPENSSL_NO_TLSEXT "; + + +my $no_sse2=0; &usage if ($#ARGV < 0); @@ -705,102 +679,38 @@ PROCESS_ARGS: foreach (@argvcopy) { s /^-no-/no-/; # some people just can't read the instructions - if (/^--test-sanity$/) - { - exit(&test_sanity()); - } - elsif (/^no-asm$/) - { - $no_asm=1; - $flags .= "-DOPENSSL_NO_ASM "; - $openssl_other_defines .= "#define OPENSSL_NO_ASM\n"; - } - elsif (/^no-err$/) - { - $flags .= "-DOPENSSL_NO_ERR "; - $openssl_other_defines .= "#define OPENSSL_NO_ERR\n"; - } - elsif (/^no-hw-(.+)$/) - { - my $hw=$1; - $hw =~ tr/[a-z]/[A-Z]/; - $flags .= "-DOPENSSL_NO_HW_$hw "; - $openssl_other_defines .= "#define OPENSSL_NO_HW_$hw\n"; - } - elsif (/^no-hw$/) - { - $flags .= "-DOPENSSL_NO_HW "; - $openssl_other_defines .= "#define OPENSSL_NO_HW\n"; - } - elsif (/^no-dso$/) - { $no_dso=1; } - elsif (/^no-krb5$/) - { $no_krb5=1; } - elsif (/^no-threads$/) - { $no_threads=1; } - elsif (/^threads$/) - { $threads=1; } - elsif (/^no-shared$/) - { $no_shared=1; } - elsif (/^shared$/ || /^-shared$/ || /^--shared$/) - { $no_shared=0; } - elsif (/^no-zlib$/) - { $zlib=0; } - elsif (/^zlib$/) - { $zlib=1; } - elsif (/^zlib-dynamic$/) - { $zlib=2; } - elsif (/^no-symlinks$/) - { $symlink=0; } - elsif (/^no-ssl$/) - { $no_ssl2 = $no_ssl3 = 1; } - elsif (/^no-ssl2$/) - { $no_ssl2 = 1; } - elsif (/^no-ssl3$/) - { $no_ssl3 = 1; } - elsif (/^no-tls1?$/) - { $no_tls1 = 1; } - elsif (/^no-fips$/) - { $fips = 0; } - elsif (/^no-(.+)$/) + + # rewrite some options in "enable-..." form + s /^-?-?shared$/enable-shared/; + s /^threads$/enable-threads/; + s /^zlib$/enable-zlib/; + s /^zlib-dynamic$/enable-zlib-dynamic/; + + if (/^no-(.+)$/ || /^disable-(.+)$/) { - my $algo=$1; - push @skip,$algo; - $algo =~ tr/[a-z]/[A-Z]/; - $flags .= "-DOPENSSL_NO_$algo "; - $depflags .= "-DOPENSSL_NO_$algo "; - $openssl_algorithm_defines .= "#define OPENSSL_NO_$algo\n"; - if ($algo eq "RIJNDAEL") - { - push @skip, "aes"; - $flags .= "-DOPENSSL_NO_AES "; - $depflags .= "-DOPENSSL_NO_AES "; - $openssl_algorithm_defines .= "#define OPENSSL_NO_AES\n"; - } - if ($algo eq "DES") + if ($1 eq "ssl") { - push @skip, "mdc2"; - $options .= " no-mdc2"; - $flags .= "-DOPENSSL_NO_MDC2 "; - $depflags .= "-DOPENSSL_NO_MDC2 "; - $openssl_algorithm_defines .= "#define OPENSSL_NO_MDC2\n"; + $disabled{"ssl2"} = "option(ssl)"; + $disabled{"ssl3"} = "option(ssl)"; } - if ($algo eq "MD5") + elsif ($1 eq "tls") { - $no_md5 = 1; + $disabled{"tls1"} = "option(tls)" } - if ($algo eq "SHA") - { - $no_sha = 1; - } - if ($algo eq "RSA") - { - $no_rsa = 1; - } - if ($algo eq "DH") + else { - $no_dh = 1; + $disabled{$1} = "option"; } + } + elsif (/^enable-(.+)$/) + { + delete $disabled{$1}; + + $threads = 1 if ($1 eq "threads"); + } + elsif (/^--test-sanity$/) + { + exit(&test_sanity()); } elsif (/^reconfigure/ || /^reconf/) { @@ -827,14 +737,6 @@ PROCESS_ARGS: } elsif (/^386$/) { $processor=386; } - elsif (/^fips$/) - { - $fips=1; - } - elsif (/^debug$/) - { - $debug=1; - } elsif (/^rsaref$/) { # No RSAref support any more since it's not needed. @@ -871,14 +773,6 @@ PROCESS_ARGS: { $withargs{"zlib-lib"}=$1; } - elsif (/^--with-fipslibdir=(.*)$/) - { - $fipslibdir="$1"; - } - elsif (/^--with-baseaddr=(.*)$/) - { - $baseaddr="$1"; - } elsif (/^--with-zlib-include=(.*)$/) { $withargs{"zlib-include"}="-I$1"; @@ -899,47 +793,72 @@ PROCESS_ARGS: die "target already defined - $target (offending arg: $_)\n" if ($target ne ""); $target=$_; } - unless ($_ eq $target) { - if ($options eq "") { - $options = $_; - } else { - $options .= " ".$_; + + unless ($_ eq $target || /^no-/ || /^disable-/) + { + # "no-..." follows later after implied disactivations + # have been derived. (Don't take this too seroiusly, + # we really only write OPTIONS to the Makefile out of + # nostalgia.) + + if ($options eq "") + { $options = $_; } + else + { $options .= " ".$_; } } } } -} -$no_ssl3=1 if ($no_md5 || $no_sha); -$no_ssl3=1 if ($no_rsa && $no_dh); -$no_ssl2=1 if ($no_md5); -$no_ssl2=1 if ($no_rsa); -$no_tls1=1 if ($no_md5 || $no_sha); -$no_tls1=1 if ($no_dh); +if ($processor eq "386") + { + $disabled{"sse2"} = "forced"; + } + +if (!defined($withargs{"krb5-flavor"}) || $withargs{"krb5-flavor"} eq "") + { + $disabled{"krb5"} = "krb5-flavor not specified"; + } + +if (!defined($disabled{"zlib-dynamic"})) + { + # "zlib-dynamic" was specifically enabled, so enable "zlib" + delete $disabled{"zlib"}; + } + +if (defined($disabled{"rijndael"})) + { + $disabled{"aes"} = "forced"; + } +if (defined($disabled{"des"})) + { + $disabled{"mdc2"} = "forced"; + } +if (defined($disabled{"ec"})) + { + $disabled{"ecdsa"} = "forced"; + $disabled{"ecdh"} = "forced"; + } -if ($no_ssl2) +# SSL 2.0 requires MD5 and RSA +if (defined($disabled{"md5"}) || defined($disabled{"rsa"})) { - push @skip,"SSL2"; - $flags .= "-DOPENSSL_NO_SSL2 "; - $depflags .= "-DOPENSSL_NO_SSL2 "; - $openssl_algorithm_defines .= "#define OPENSSL_NO_SSL2\n"; + $disabled{"ssl2"} = "forced"; } -if ($no_ssl3) +# SSL 3.0 and TLS requires MD5 and SHA and either RSA or DSA+DH +if (defined($disabled{"md5"}) || defined($disabled{"sha"}) + || (defined($disabled{"rsa"}) + && (defined($disabled{"dsa"}) || defined($disabled{"dh"})))) { - push @skip,"SSL3"; - $flags .= "-DOPENSSL_NO_SSL3 "; - $depflags .= "-DOPENSSL_NO_SSL3 "; - $openssl_algorithm_defines .= "#define OPENSSL_NO_SSL3\n"; + $disabled{"ssl3"} = "forced"; + $disabled{"tls1"} = "forced"; } -if ($no_tls1) +if (defined($disabled{"tls1"})) { - push @skip,"TLS1"; - $flags .= "-DOPENSSL_NO_TLS1 "; - $depflags .= "-DOPENSSL_NO_TLS1 "; - $openssl_algorithm_defines .= "#define OPENSSL_NO_TLS1\n"; + $disabled{"tlsext"} = "forced"; } if ($target eq "TABLE") { @@ -965,10 +884,72 @@ print "Configuring for $target\n"; &usage if (!defined($table{$target})); -my $IsWindows=scalar grep /^$target$/,@WinTargets; + +foreach (sort (keys %disabled)) + { + $options .= " no-$_"; + + printf " no-%-12s %-10s", $_, "[$disabled{$_}]"; + + if (/^dso$/) + { $no_dso = 1; } + elsif (/^threads$/) + { $no_threads = 1; } + elsif (/^shared$/) + { $no_shared = 1; } + elsif (/^zlib$/) + { $zlib = 0; } + elsif (/^montasm$/) + { $montasm = 0; } + elsif (/^static-engine$/) + { } + elsif (/^zlib-dynamic$/) + { } + elsif (/^symlinks$/) + { $symlink = 0; } + elsif (/^sse2$/) + { $no_sse2 = 1; } + else + { + my ($ALGO, $algo); + ($ALGO = $algo = $_) =~ tr/[a-z]/[A-Z]/; + + if (/^asm$/ || /^err$/ || /^hw$/ || /^hw-/) + { + $openssl_other_defines .= "#define OPENSSL_NO_$ALGO\n"; + print " OPENSSL_NO_$ALGO"; + + if (/^err$/) { $flags .= "-DOPENSSL_NO_ERR "; } + elsif (/^asm$/) { $no_asm = 1; } + } + else + { + $openssl_algorithm_defines .= "#define OPENSSL_NO_$ALGO\n"; + print " OPENSSL_NO_$ALGO"; + + if (/^krb5$/) + { $no_krb5 = 1; } + else + { + push @skip, $algo; + print " (skip dir)"; + + $depflags .="-DOPENSSL_NO_$ALGO "; + } + } + } + + print "\n"; + } + + +my $IsMK1MF=scalar grep /^$target$/,@MK1MF_Builds; + +$IsMK1MF=1 if ($target eq "mingw" && $^O ne "cygwin" && !is_msys()); $exe_ext=".exe" if ($target eq "Cygwin" || $target eq "DJGPP" || $target eq "mingw"); -$exe_ext=".pm" if ($target eq "vos-gcc" or $target eq "debug-vos-gcc" or $target eq "vos-vcc" or $target eq "debug-vos-vcc"); +$exe_ext=".nlm" if ($target =~ /netware/); +$exe_ext=".pm" if ($target =~ /vos/); $openssldir="/usr/local/ssl" if ($openssldir eq "" and $prefix eq ""); $prefix=$openssldir if $prefix eq ""; @@ -982,26 +963,10 @@ chop $prefix if $prefix =~ /\/$/; $openssldir=$prefix . "/ssl" if $openssldir eq ""; $openssldir=$prefix . "/" . $openssldir if $openssldir !~ /(^\/|^[a-zA-Z]:[\\\/])/; -if ($fips && ! -f "$fipslibdir/fipscanister.o") - { - my $fipswinerr = ""; - $fipswinerr = <&1 |")) + { + while() { $iccver=$1 if (/Version ([0-9]+)\./); } + close(FD); + } + if ($iccver>=8) + { + # Eliminate unnecessary dependency from libirc.a. This is + # essential for shared library support, as otherwise + # apps/openssl can end up in endless loop upon startup... + $cflags.=" -Dmemcpy=__builtin_memcpy -Dmemset=__builtin_memset"; + } + if ($iccver>=9) + { + $cflags.=" -i-static"; + $cflags=~s/\-no_cpprt/-no-cpprt/; + } + if ($iccver>=10) + { + $cflags=~s/\-i\-static/-static-intel/; + } + } + +# Unlike other OSes (like Solaris, Linux, Tru64, IRIX) BSD run-time +# linkers (tested OpenBSD, NetBSD and FreeBSD) "demand" RPATH set on +# .so objects. Apparently application RPATH is not global and does +# not apply to .so linked with other .so. Problem manifests itself +# when libssl.so fails to load libcrypto.so. One can argue that we +# should engrave this into Makefile.shared rules or into BSD-* config +# lines above. Meanwhile let's try to be cautious and pass -rpath to +# linker only when --prefix is not /usr. +if ($target =~ /^BSD\-/) + { + $shared_ldflag.=" -Wl,-rpath,\$(LIBRPATH)" if ($prefix !~ m|^/usr[/]*$|); + } + if ($sys_id ne "") { - $cflags="-DOPENSSL_SYSNAME_$sys_id $cflags"; + #$cflags="-DOPENSSL_SYSNAME_$sys_id $cflags"; $openssl_sys_defines="#define OPENSSL_SYSNAME_$sys_id\n"; } @@ -1205,37 +1247,31 @@ if ($ranlib eq "") #$bn1=$bn_asm unless ($bn1 =~ /\.o$/); #$bn_obj="$bn1"; +$cpuid_obj="" if ($processor eq "386"); + $bn_obj = $bn_asm unless $bn_obj ne ""; +# bn86* is the only one implementing bn_*_part_words +$cflags.=" -DOPENSSL_BN_ASM_PART_WORDS" if ($bn_obj =~ /bn86/); +$cflags.=" -DOPENSSL_IA32_SSE2" if (!$no_sse2 && $bn_obj =~ /bn86/); +$cflags.=" -DOPENSSL_BN_ASM_MONT" if ($bn_obj =~ /\-mont|mo86\-/); -my $fips_des_obj; -my $fips_aes_obj; -my $fips_sha1_obj; -if ($fips) - { - if ($des_obj =~ /\-elf\.o$/) - { - $fips_des_obj='asm/fips-dx86-elf.o'; - $openssl_other_defines.="#define OPENSSL_FIPS_DES_ASM\n"; - $fips_aes_obj='asm/fips-ax86-elf.o'; - $openssl_other_defines.="#define OPENSSL_FIPS_AES_ASM\n"; - } - else { - $fips_des_obj=$fips_des_enc; - $fips_aes_obj='fips_aes_core.o'; - } - $fips_sha1_obj='asm/fips-sx86-elf.o' if ($sha1_obj =~ /\-elf\.o$/); - $des_obj=$sha1_obj=""; - $openssl_other_defines.="#define OPENSSL_FIPS\n"; - } $des_obj=$des_enc unless ($des_obj =~ /\.o$/); $bf_obj=$bf_enc unless ($bf_obj =~ /\.o$/); $cast_obj=$cast_enc unless ($cast_obj =~ /\.o$/); $rc4_obj=$rc4_enc unless ($rc4_obj =~ /\.o$/); $rc5_obj=$rc5_enc unless ($rc5_obj =~ /\.o$/); -if ($sha1_obj =~ /\.o$/ || $fips_sha1_obj =~ /\.o$/) +if ($sha1_obj =~ /\.o$/) { # $sha1_obj=$sha1_enc; - $cflags.=" -DSHA1_ASM"; + $cflags.=" -DSHA1_ASM" if ($sha1_obj =~ /sx86/ || $sha1_obj =~ /sha1/); + $cflags.=" -DSHA256_ASM" if ($sha1_obj =~ /sha256/); + $cflags.=" -DSHA512_ASM" if ($sha1_obj =~ /sha512/); + if ($sha1_obj =~ /sse2/) + { if ($no_sse2) + { $sha1_obj =~ s/\S*sse2\S+//; } + elsif ($cflags !~ /OPENSSL_IA32_SSE2/) + { $cflags.=" -DOPENSSL_IA32_SSE2"; } + } } if ($md5_obj =~ /\.o$/) { @@ -1247,11 +1283,12 @@ if ($rmd160_obj =~ /\.o$/) # $rmd160_obj=$rmd160_enc; $cflags.=" -DRMD160_ASM"; } - -if ($debug) +if ($aes_obj =~ /\.o$/) { - $cflags.=" -g"; - $cflags=~s/-fomit-frame-pointer//; + $cflags.=" -DAES_ASM"; + } +else { + $aes_obj=$aes_enc; } # "Stringify" the C flags string. This permits it to be made part of a string @@ -1259,6 +1296,7 @@ if ($debug) $cflags =~ s/([\\\"])/\\\1/g; my $version = "unknown"; +my $version_num = "unknown"; my $major = "unknown"; my $minor = "unknown"; my $shlib_version_number = "unknown"; @@ -1270,6 +1308,7 @@ open(IN,') { $version=$1 if /OPENSSL.VERSION.TEXT.*OpenSSL (\S+) /; + $version_num=$1 if /OPENSSL.VERSION.NUMBER.*0x(\S+)/; $shlib_version_number=$1 if /SHLIB_VERSION_NUMBER *"([^"]+)"/; $shlib_version_history=$1 if /SHLIB_VERSION_HISTORY *"([^"]*)"/; } @@ -1322,19 +1361,19 @@ while () s/^MAKEDEPPROG=.*$/MAKEDEPPROG= $cc/ if $cc eq "gcc"; s/^CFLAG=.*$/CFLAG= $cflags/; s/^DEPFLAG=.*$/DEPFLAG= $depflags/; + s/^PEX_LIBS=.*$/PEX_LIBS= $prelflags/; s/^EX_LIBS=.*$/EX_LIBS= $lflags/; s/^EXE_EXT=.*$/EXE_EXT= $exe_ext/; + s/^CPUID_OBJ=.*$/CPUID_OBJ= $cpuid_obj/; s/^BN_ASM=.*$/BN_ASM= $bn_obj/; s/^DES_ENC=.*$/DES_ENC= $des_obj/; - s/^FIPS_DES_ENC=.*$/FIPS_DES_ENC= $fips_des_obj/; - s/^FIPS_AES_ENC=.*$/FIPS_AES_ENC= $fips_aes_obj/; + s/^AES_ASM_OBJ=.*$/AES_ASM_OBJ= $aes_obj/; s/^BF_ENC=.*$/BF_ENC= $bf_obj/; s/^CAST_ENC=.*$/CAST_ENC= $cast_obj/; s/^RC4_ENC=.*$/RC4_ENC= $rc4_obj/; s/^RC5_ENC=.*$/RC5_ENC= $rc5_obj/; s/^MD5_ASM_OBJ=.*$/MD5_ASM_OBJ= $md5_obj/; s/^SHA1_ASM_OBJ=.*$/SHA1_ASM_OBJ= $sha1_obj/; - s/^FIPS_SHA1_ASM_OBJ=.*$/FIPS_SHA1_ASM_OBJ= $fips_sha1_obj/; s/^RMD160_ASM_OBJ=.*$/RMD160_ASM_OBJ= $rmd160_obj/; s/^PROCESSOR=.*/PROCESSOR= $processor/; s/^RANLIB=.*/RANLIB= $ranlib/; @@ -1343,8 +1382,6 @@ while () s/^KRB5_INCLUDES=.*/KRB5_INCLUDES=$withargs{"krb5-include"}/; s/^LIBKRB5=.*/LIBKRB5=$withargs{"krb5-lib"}/; s/^LIBZLIB=.*/LIBZLIB=$withargs{"zlib-lib"}/; - s/^FIPSLIBDIR=.*/FIPSLIBDIR=$fipslibdir/; - s/^BASEADDR=.*/BASEADDR=$baseaddr/; s/^ZLIB_INCLUDE=.*/ZLIB_INCLUDE=$withargs{"zlib-include"}/; s/^SHLIB_TARGET=.*/SHLIB_TARGET=$shared_target/; s/^SHLIB_MARK=.*/SHLIB_MARK=$shared_mark/; @@ -1378,8 +1415,10 @@ rename("$Makefile.new",$Makefile) || die "unable to rename $Makefile.new\n"; print "CC =$cc\n"; print "CFLAG =$cflags\n"; print "EX_LIBS =$lflags\n"; +print "CPUID_OBJ =$cpuid_obj\n"; print "BN_ASM =$bn_obj\n"; print "DES_ENC =$des_obj\n"; +print "AES_ASM_OBJ =$aes_obj\n"; print "BF_ENC =$bf_obj\n"; print "CAST_ENC =$cast_obj\n"; print "RC4_ENC =$rc4_obj\n"; @@ -1471,10 +1510,14 @@ print OUT "#ifdef OPENSSL_ALGORITHM_DEFINES\n"; print OUT $openssl_algorithm_defines_trans; print OUT "#endif\n\n"; +print OUT "#define OPENSSL_CPUID_OBJ\n\n" if ($cpuid_obj); + while () { if (/^#define\s+OPENSSLDIR/) { print OUT "#define OPENSSLDIR \"$openssldir\"\n"; } + elsif (/^#define\s+ENGINESDIR/) + { print OUT "#define ENGINESDIR \"$prefix/lib/engines\"\n"; } elsif (/^#((define)|(undef))\s+OPENSSL_EXPORT_VAR_AS_FUNCTION/) { printf OUT "#undef OPENSSL_EXPORT_VAR_AS_FUNCTION\n" if $export_var_as_fn; @@ -1519,7 +1562,7 @@ while () elsif (/^#((define)|(undef))\s+RC4_INDEX/) { printf OUT "#%s RC4_INDEX\n",($rc4_idx)?"define":"undef"; } elsif (/^#(define|undef)\s+I386_ONLY/) - { printf OUT "#%s I386_ONLY\n", ($processor == 386)? + { printf OUT "#%s I386_ONLY\n", ($processor eq "386")? "define":"undef"; } elsif (/^#define\s+MD2_INT\s/) { printf OUT "#define MD2_INT unsigned %s\n",$type[$md2_int]; } @@ -1566,12 +1609,12 @@ print "RC2 uses u$type[$rc2_int]\n" if $rc2_int != $def_int; print "BF_PTR used\n" if $bf_ptr == 1; print "BF_PTR2 used\n" if $bf_ptr == 2; -if($IsWindows) { +if($IsMK1MF) { open (OUT,">crypto/buildinf.h") || die "Can't open buildinf.h"; printf OUT <ms/version32.rc") || die "Can't open ms/version32.rc"; + print OUT < + +LANGUAGE 0x09,0x01 + +1 VERSIONINFO + FILEVERSION $v1,$v2,$v3,$v4 + PRODUCTVERSION $v1,$v2,$v3,$v4 + FILEFLAGSMASK 0x3fL +#ifdef _DEBUG + FILEFLAGS 0x01L +#else + FILEFLAGS 0x00L +#endif + FILEOS VOS__WINDOWS32 + FILETYPE VFT_DLL + FILESUBTYPE 0x0L +BEGIN + BLOCK "StringFileInfo" + BEGIN + BLOCK "040904b0" + BEGIN + // Required: + VALUE "CompanyName", "The OpenSSL Project, http://www.openssl.org/\\0" + VALUE "FileDescription", "OpenSSL Shared Library\\0" + VALUE "FileVersion", "$version\\0" +#if defined(CRYPTO) + VALUE "InternalName", "libeay32\\0" + VALUE "OriginalFilename", "libeay32.dll\\0" +#elif defined(SSL) + VALUE "InternalName", "ssleay32\\0" + VALUE "OriginalFilename", "ssleay32.dll\\0" +#endif + VALUE "ProductName", "The OpenSSL Toolkit\\0" + VALUE "ProductVersion", "$version\\0" + // Optional: + //VALUE "Comments", "\\0" + VALUE "LegalCopyright", "Copyright © 1998-2005 The OpenSSL Project. Copyright © 1995-1998 Eric A. Young, Tim J. Hudson. All rights reserved.\\0" + //VALUE "LegalTrademarks", "\\0" + //VALUE "PrivateBuild", "\\0" + //VALUE "SpecialBuild", "\\0" + END + END + BLOCK "VarFileInfo" + BEGIN + VALUE "Translation", 0x409, 0x4b0 + END +END +EOF + close(OUT); + } + print <. -OpenSSL 0.9.7j was released on May 4, 2006. +OpenSSL 0.9.8h was released on May 28th, 2008. In addition to the current stable release, you can also access daily snapshots of the OpenSSL development version at ). Then just do: pgp TARBALL.asc @@ -166,8 +173,8 @@ you if you want to use OpenSSL. For information on intellectual property rights, please consult a lawyer. The OpenSSL team does not offer legal advice. -You can configure OpenSSL so as not to use RC5 and IDEA by using - ./config no-rc5 no-idea +You can configure OpenSSL so as not to use IDEA, MDC2 and RC5 by using + ./config no-idea no-mdc2 no-rc5 * Can I use OpenSSL with GPL software? @@ -383,6 +390,57 @@ interface, the "-nameopt" option could be introduded. See the manual page of the "openssl x509" commandline tool for details. The old behaviour has however been left as default for the sake of compatibility. +* What is a "128 bit certificate"? Can I create one with OpenSSL? + +The term "128 bit certificate" is a highly misleading marketing term. It does +*not* refer to the size of the public key in the certificate! A certificate +containing a 128 bit RSA key would have negligible security. + +There were various other names such as "magic certificates", "SGC +certificates", "step up certificates" etc. + +You can't generally create such a certificate using OpenSSL but there is no +need to any more. Nowadays web browsers using unrestricted strong encryption +are generally available. + +When there were tight export restrictions on the export of strong encryption +software from the US only weak encryption algorithms could be freely exported +(initially 40 bit and then 56 bit). It was widely recognised that this was +inadequate. A relaxation the rules allowed the use of strong encryption but +only to an authorised server. + +Two slighly different techniques were developed to support this, one used by +Netscape was called "step up", the other used by MSIE was called "Server Gated +Cryptography" (SGC). When a browser initially connected to a server it would +check to see if the certificate contained certain extensions and was issued by +an authorised authority. If these test succeeded it would reconnect using +strong encryption. + +Only certain (initially one) certificate authorities could issue the +certificates and they generally cost more than ordinary certificates. + +Although OpenSSL can create certificates containing the appropriate extensions +the certificate would not come from a permitted authority and so would not +be recognized. + +The export laws were later changed to allow almost unrestricted use of strong +encryption so these certificates are now obsolete. + + +* How can I set up a bundle of commercial root CA certificates? + +The OpenSSL software is shipped without any root CA certificate as the +OpenSSL project does not have any policy on including or excluding +any specific CA and does not intend to set up such a policy. Deciding +about which CAs to support is up to application developers or +administrators. + +Other projects do have other policies so you can for example extract the CA +bundle used by Mozilla and/or modssl as described in this article: + + http://www.mail-archive.com/modssl-users@modssl.org/msg16980.html + + [BUILD] ======================================================================= * Why does the linker complain about undefined symbols? @@ -462,7 +520,7 @@ get the best result from OpenSSL. A bit more complicated solution is the following: ----- snip:start ----- - make DIRS=crypto SDIRS=sha "`grep '^CFLAG=' Makefile | \ + make DIRS=crypto SDIRS=sha "`grep '^CFLAG=' Makefile.ssl | \ sed -e 's/ -O[0-9] / -O0 /'`" rm `ls crypto/*.o crypto/sha/*.o | grep -v 'sha_dgst\.o'` make @@ -472,7 +530,7 @@ This will only compile sha_dgst.c with -O0, the rest with the optimization level chosen by the configuration process. When the above is done, do the test and installation and you're set. -3. Reconfigure the toolkit with no-sha0 option to leave out SHA0. It +3. Reconfigure the toolkit with no-sha0 option to leave out SHA0. It should not be used and is not used in SSL/TLS nor any other recognized protocol in either case. @@ -597,6 +655,35 @@ Reportedly elder *BSD a.out platforms also suffer from this problem and remedy should be same. Provided binary is statically linked and should be working across wider range of *BSD branches, not just OpenBSD. +* Why does the OpenSSL test suite fail in sha512t on x86 CPU? + +If the test program in question fails withs SIGILL, Illegal Instruction +exception, then you more than likely to run SSE2-capable CPU, such as +Intel P4, under control of kernel which does not support SSE2 +instruction extentions. See accompanying INSTALL file and +OPENSSL_ia32cap(3) documentation page for further information. + +* Why does compiler fail to compile sha512.c? + +OpenSSL SHA-512 implementation depends on compiler support for 64-bit +integer type. Few elder compilers [ULTRIX cc, SCO compiler to mention a +couple] lack support for this and therefore are incapable of compiling +the module in question. The recommendation is to disable SHA-512 by +adding no-sha512 to ./config [or ./Configure] command line. Another +possible alternative might be to switch to GCC. + +* Test suite still fails, what to do? + +Another common reason for failure to complete some particular test is +simply bad code generated by a buggy component in toolchain or deficiency +in run-time environment. There are few cases documented in PROBLEMS file, +consult it for possible workaround before you beat the drum. Even if you +don't find solution or even mention there, do reserve for possibility of +a compiler bug. Compiler bugs might appear in rather bizarre ways, they +never make sense, and tend to emerge when you least expect them. In order +to identify one, drop optimization level, e.g. by editing CFLAG line in +top-level Makefile, recompile and re-run the test. + [PROG] ======================================================================== * Is OpenSSL thread-safe? @@ -608,8 +695,9 @@ libraries. If your platform is not one of these, consult the INSTALL file. Multi-threaded applications must provide two callback functions to -OpenSSL. This is described in the threads(3) manpage. - +OpenSSL by calling CRYPTO_set_locking_callback() and +CRYPTO_set_id_callback(). This is described in the threads(3) +manpage. * I've compiled a program under Windows and it crashes: why? @@ -629,10 +717,10 @@ your application must link against the same by which OpenSSL was built. If you are using MS Visual C++ (Studio) this can be changed by: -1. Select Settings... from the Project Menu. -2. Select the C/C++ Tab. -3. Select "Code Generation from the "Category" drop down list box -4. Select the Appropriate library (see table below) from the "Use + 1. Select Settings... from the Project Menu. + 2. Select the C/C++ Tab. + 3. Select "Code Generation from the "Category" drop down list box + 4. Select the Appropriate library (see table below) from the "Use run-time library" drop down list box. Perform this step for both your debug and release versions of your application (look at the top left of the settings panel to change between the two) @@ -651,30 +739,44 @@ by: Note that debug and release libraries are NOT interchangeable. If you built OpenSSL with /MD your application must use /MD and cannot use /MDd. +As per 0.9.8 the above limitation is eliminated for .DLLs. OpenSSL +.DLLs compiled with some specific run-time option [we insist on the +default /MD] can be deployed with application compiled with different +option or even different compiler. But there is a catch! Instead of +re-compiling OpenSSL toolkit, as you would have to with prior versions, +you have to compile small C snippet with compiler and/or options of +your choice. The snippet gets installed as +/include/openssl/applink.c and should be either added to +your application project or simply #include-d in one [and only one] +of your application source files. Failure to link this shim module +into your application manifests itself as fatal "no OPENSSL_Applink" +run-time error. An explicit reminder is due that in this situation +[mixing compiler options] it is as important to add CRYPTO_malloc_init +prior first call to OpenSSL. * How do I read or write a DER encoded buffer using the ASN1 functions? You have two options. You can either use a memory BIO in conjunction -with the i2d_XXX_bio() or d2i_XXX_bio() functions or you can use the -i2d_XXX(), d2i_XXX() functions directly. Since these are often the +with the i2d_*_bio() or d2i_*_bio() functions or you can use the +i2d_*(), d2i_*() functions directly. Since these are often the cause of grief here are some code fragments using PKCS7 as an example: -unsigned char *buf, *p; -int len; + unsigned char *buf, *p; + int len; -len = i2d_PKCS7(p7, NULL); -buf = OPENSSL_malloc(len); /* or Malloc, error checking omitted */ -p = buf; -i2d_PKCS7(p7, &p); + len = i2d_PKCS7(p7, NULL); + buf = OPENSSL_malloc(len); /* or Malloc, error checking omitted */ + p = buf; + i2d_PKCS7(p7, &p); At this point buf contains the len bytes of the DER encoding of p7. The opposite assumes we already have len bytes in buf: -unsigned char *p; -p = buf; -p7 = d2i_PKCS7(NULL, &p, len); + unsigned char *p; + p = buf; + p7 = d2i_PKCS7(NULL, &p, len); At this point p7 contains a valid PKCS7 structure of NULL if an error occurred. If an error occurred ERR_print_errors(bio) should give more @@ -736,11 +838,11 @@ code itself (the hex digits after the second colon). * Why do I get errors about unknown algorithms? -This can happen under several circumstances such as reading in an -encrypted private key or attempting to decrypt a PKCS#12 file. The cause -is forgetting to load OpenSSL's table of algorithms with -OpenSSL_add_all_algorithms(). See the manual page for more information. - +The cause is forgetting to load OpenSSL's table of algorithms with +OpenSSL_add_all_algorithms(). See the manual page for more information. This +can cause several problems such as being unable to read in an encrypted +PEM file, unable to decrypt a PKCS#12 file or signature failure when +verifying certificates. * Why can't the OpenSSH configure script detect OpenSSL? @@ -808,5 +910,15 @@ thread-safe): ERR_free_strings(), EVP_cleanup() and CRYPTO_cleanup_all_ex_data(). +* Why does Valgrind complain about the use of uninitialized data? + +When OpenSSL's PRNG routines are called to generate random numbers the supplied +buffer contents are mixed into the entropy pool: so it technically does not +matter whether the buffer is initialized at this point or not. Valgrind (and +other test tools) will complain about this. When using Valgrind, make sure the +OpenSSL library has been compiled with the PURIFY macro defined (-DPURIFY) +to get rid of these warnings. + + =============================================================================== diff --git a/src/lib/libssl/src/INSTALL b/src/lib/libssl/src/INSTALL index 503474f2e4..c72cc1dcee 100644 --- a/src/lib/libssl/src/INSTALL +++ b/src/lib/libssl/src/INSTALL @@ -2,8 +2,10 @@ INSTALLATION ON THE UNIX PLATFORM --------------------------------- - [Installation on DOS (with djgpp), Windows, OpenVMS and MacOS (before MacOS X) - is described in INSTALL.DJGPP, INSTALL.W32, INSTALL.VMS and INSTALL.MacOS. + [Installation on DOS (with djgpp), Windows, OpenVMS, MacOS (before MacOS X) + and NetWare is described in INSTALL.DJGPP, INSTALL.W32, INSTALL.VMS, + INSTALL.MacOS and INSTALL.NW. + This document describes installation on operating systems in the Unix family.] @@ -73,14 +75,30 @@ no-asm Do not use assembler code. 386 Use the 80386 instruction set only (the default x86 code is - more efficient, but requires at least a 486). + more efficient, but requires at least a 486). Note: Use + compiler flags for any other CPU specific configuration, + e.g. "-m32" to build x86 code on an x64 system. + + no-sse2 Exclude SSE2 code pathes. Normally SSE2 extention is + detected at run-time, but the decision whether or not the + machine code will be executed is taken solely on CPU + capability vector. This means that if you happen to run OS + kernel which does not support SSE2 extension on Intel P4 + processor, then your application might be exposed to + "illegal instruction" exception. There might be a way + to enable support in kernel, e.g. FreeBSD kernel can be + compiled with CPU_ENABLE_SSE, and there is a way to + disengage SSE2 code pathes upon application start-up, + but if you aim for wider "audience" running such kernel, + consider no-sse2. Both 386 and no-asm options above imply + no-sse2. no- Build without the specified cipher (bf, cast, des, dh, dsa, hmac, md2, md5, mdc2, rc2, rc4, rc5, rsa, sha). The crypto/ directory can be removed after running "make depend". - -Dxxx, -lxxx, -Lxxx, -fxxx, -Kxxx These system specific options will + -Dxxx, -lxxx, -Lxxx, -fxxx, -mxxx, -Kxxx These system specific options will be passed through to the compiler to allow you to define preprocessor symbols, specify additional libraries, library directories or other compiler options. @@ -123,7 +141,7 @@ generic configurations "cc" or "gcc" should usually work on 32 bit systems. - Configure creates the file Makefile from Makefile.org and + Configure creates the file Makefile.ssl from Makefile.org and defines various macros in crypto/opensslconf.h (generated from crypto/opensslconf.h.in). @@ -140,7 +158,7 @@ standard headers). If it is a problem with OpenSSL itself, please report the problem to (note that your message will be recorded in the request tracker publicly readable - via http://www.openssl.org/support/rt2.html and will be forwarded to a + via http://www.openssl.org/support/rt.html and will be forwarded to a public mailing list). Include the output of "make report" in your message. Please check out the request tracker. Maybe the bug was already reported or has already been fixed. @@ -159,10 +177,10 @@ the failure that isn't a problem in OpenSSL itself (like a missing or malfunctioning bc). If it is a problem with OpenSSL itself, try removing any compiler optimization flags from the CFLAG line - in Makefile and run "make clean; make". Please send a bug + in Makefile.ssl and run "make clean; make". Please send a bug report to , including the output of "make report" in order to be added to the request tracker at - http://www.openssl.org/support/rt2.html. + http://www.openssl.org/support/rt.html. 4. If everything tests ok, install OpenSSL with @@ -284,10 +302,10 @@ Note on shared libraries ------------------------ - Shared library is currently an experimental feature. The only reason to - have them would be to conserve memory on systems where several program - are using OpenSSL. Binary backward compatibility can't be guaranteed - before OpenSSL version 1.0. + Shared libraries have certain caveats. Binary backward compatibility + can't be guaranteed before OpenSSL version 1.0. The only reason to + use them would be to conserve memory on systems where several programs + are using OpenSSL. For some systems, the OpenSSL Configure script knows what is needed to build shared libraries for libcrypto and libssl. On these systems, @@ -312,7 +330,7 @@ Note on support for multiple builds ----------------------------------- - OpenSSL is usually built in it's source tree. Unfortunately, this doesn't + OpenSSL is usually built in its source tree. Unfortunately, this doesn't support building for multiple platforms from the same source tree very well. It is however possible to build in a separate tree through the use of lots of symbolic links, which should be prepared like this: diff --git a/src/lib/libssl/src/INSTALL.W32 b/src/lib/libssl/src/INSTALL.W32 index c277efa18b..3dd7832f4e 100644 --- a/src/lib/libssl/src/INSTALL.W32 +++ b/src/lib/libssl/src/INSTALL.W32 @@ -3,6 +3,7 @@ ---------------------------------- [Instructions for building for Windows CE can be found in INSTALL.WCE] + [Instructions for building for Win64 can be found in INSTALL.W64] Heres a few comments about building OpenSSL in Windows environments. Most of this is tested on Win32 but it may also work in Win 3.1 with some @@ -46,13 +47,14 @@ http://www.kernel.org/pub/software/devel/nasm/binaries/win32/ The NASM binary nasmw.exe needs to be installed anywhere on your PATH. - Firstly you should run Configure (to build a FIPS-certified variant of - OpenSSL, add the option "fips"): + Firstly you should run Configure: - > perl Configure VC-WIN32 + > perl Configure VC-WIN32 --prefix=c:/some/openssl/dir + +Where the prefix argument specifies where OpenSSL will be installed to. Next you need to build the Makefiles and optionally the assembly language - files (to build a FIPS-certified variant of OpenSSL, add the argument "fips"): + files: - If you are using MASM then run: @@ -77,8 +79,12 @@ If all is well it should compile and you will have some DLLs and executables in out32dll. If you want to try the tests then do: - > cd out32dll - > ..\ms\test + > nmake -f ms\ntdll.mak test + + +To install OpenSSL to the specified location do: + +> nmake -f ms\ntdll.mak install Tweaks: @@ -88,6 +94,12 @@ compiled in. Note that mk1mf.pl expects the platform to be the last argument on the command line, so 'debug' must appear before that, as all other options. + + By default in 0.9.8 OpenSSL will compile builtin ENGINES into the libeay32.dll + shared library. If you specify the "no-static-engine" option on the command + line to Configure the shared library build (ms\ntdll.mak) will compile the + engines as separate DLLs. + The default Win32 environment is to leave out any Windows NT specific features. @@ -98,15 +110,15 @@ You can also build a static version of the library using the Makefile ms\nt.mak + + Borland C++ builder 5 --------------------- - * Configure for building with Borland Builder (to build a FIPS-certified - variant of OpenSSL, add the option "fips"): + * Configure for building with Borland Builder: > perl Configure BC-32 - * Create the appropriate makefile (to build a FIPS-certified variant of - OpenSSL, add the argument "fips") + * Create the appropriate makefile > ms\do_nasm * Build @@ -197,8 +209,6 @@ occur, try > ms\mingw32 no-asm instead. - If you want to build a FIPS-certified variant of OpenSSL, add the argument - "fips" libcrypto.a and libssl.a are the static libraries. To use the DLLs, link with libeay32.a and libssl32.a instead. @@ -291,3 +301,21 @@ (e.g. fopen()), and OpenSSL cannot change these; so in general you cannot rely on CRYPTO_malloc_init() solving your problem, and you should consistently use the multithreaded library. + + Linking your application + ------------------------ + + If you link with static OpenSSL libraries [those built with ms/nt.mak], + then you're expected to additionally link your application with + WSOCK32.LIB, ADVAPI32.LIB, GDI32.LIB and USER32.LIB. Those developing + non-interactive service applications might feel concerned about linking + with latter two, as they are justly associated with interactive desktop, + which is not available to service processes. The toolkit is designed + to detect in which context it's currently executed, GUI, console app + or service, and act accordingly, namely whether or not to actually make + GUI calls. + + If you link with OpenSSL .DLLs, then you're expected to include into + your application code small "shim" snippet, which provides glue between + OpenSSL BIO layer and your compiler run-time. Look up OPENSSL_Applink + reference page for further details. diff --git a/src/lib/libssl/src/INSTALL.WCE b/src/lib/libssl/src/INSTALL.WCE index ac587d6bd2..adc03f41d4 100644 --- a/src/lib/libssl/src/INSTALL.WCE +++ b/src/lib/libssl/src/INSTALL.WCE @@ -11,8 +11,11 @@ You also need Perl for Win32. You will need ActiveState Perl, available from http://www.activestate.com/ActivePerl. - Windows CE support in OpenSSL relies on wcecompat. All Windows CE specific - issues should be directed to www.essemer.com.au. + Windows CE support in OpenSSL relies on wcecompat and therefore it's + appropriate to check http://www.essemer.com.au/windowsce/ for updates in + case of compilation problems. As for the moment of this writing version + 1.1 is available and actually required for WCE 4.2 and newer platforms. + All Windows CE specific issues should be directed to www.essemer.com.au. The C Runtime Library implementation for Windows CE that is included with Microsoft eMbedded Visual C++ 3.0 is incomplete and in some places diff --git a/src/lib/libssl/src/LICENSE b/src/lib/libssl/src/LICENSE index e6afecc724..a2c4adcbe6 100644 --- a/src/lib/libssl/src/LICENSE +++ b/src/lib/libssl/src/LICENSE @@ -12,7 +12,7 @@ --------------- /* ==================================================================== - * Copyright (c) 1998-2005 The OpenSSL Project. All rights reserved. + * Copyright (c) 1998-2008 The OpenSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions diff --git a/src/lib/libssl/src/Makefile b/src/lib/libssl/src/Makefile index 398fd3d5fd..5aec3a2099 100644 --- a/src/lib/libssl/src/Makefile +++ b/src/lib/libssl/src/Makefile @@ -4,16 +4,16 @@ ## Makefile for OpenSSL ## -VERSION=0.9.7j +VERSION=0.9.8h MAJOR=0 -MINOR=9.7 -SHLIB_VERSION_NUMBER=0.9.7 +MINOR=9.8 +SHLIB_VERSION_NUMBER=0.9.8 SHLIB_VERSION_HISTORY= SHLIB_MAJOR=0 -SHLIB_MINOR=9.7 +SHLIB_MINOR=9.8 SHLIB_EXT= PLATFORM=dist -OPTIONS= no-krb5 +OPTIONS= no-camellia no-cms no-gmp no-krb5 no-mdc2 no-montasm no-rc5 no-rfc3779 no-seed no-shared no-tlsext no-zlib no-zlib-dynamic CONFIGURE_ARGS=dist SHLIB_TARGET= @@ -60,9 +60,8 @@ OPENSSLDIR=/usr/local/ssl # PKCS1_CHECK - pkcs1 tests. CC= cc -#CFLAG= -DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -m486 -Wall -Wuninitialized -DSHA1_ASM -DMD5_ASM -DRMD160_ASM -CFLAG= -DOPENSSL_NO_KRB5 -O -DEPFLAG= +CFLAG= -O +DEPFLAG= -DOPENSSL_NO_CAMELLIA -DOPENSSL_NO_CMS -DOPENSSL_NO_GMP -DOPENSSL_NO_MDC2 -DOPENSSL_NO_RC5 -DOPENSSL_NO_RFC3779 -DOPENSSL_NO_SEED -DOPENSSL_NO_TLSEXT PEX_LIBS= EX_LIBS= EXE_EXT= @@ -82,93 +81,22 @@ MAKEDEPPROG=makedepend AS=$(CC) -c ASFLAG=$(CFLAG) -# Set BN_ASM to bn_asm.o if you want to use the C version -BN_ASM= bn_asm.o -#BN_ASM= bn_asm.o -#BN_ASM= asm/bn86-elf.o # elf, linux-elf -#BN_ASM= asm/bn86-sol.o # solaris -#BN_ASM= asm/bn86-out.o # a.out, FreeBSD -#BN_ASM= asm/bn86bsdi.o # bsdi -#BN_ASM= asm/alpha.o # DEC Alpha -#BN_ASM= asm/pa-risc2.o # HP-UX PA-RISC -#BN_ASM= asm/r3000.o # SGI MIPS cpu -#BN_ASM= asm/sparc.o # Sun solaris/SunOS -#BN_ASM= asm/bn-win32.o # Windows 95/NT -#BN_ASM= asm/x86w16.o # 16 bit code for Windows 3.1/DOS -#BN_ASM= asm/x86w32.o # 32 bit code for Windows 3.1 - # For x86 assembler: Set PROCESSOR to 386 if you want to support # the 80386. PROCESSOR= -# Set DES_ENC to des_enc.o if you want to use the C version -#There are 4 x86 assember options. -FIPS_DES_ENC= -FIPS_AES_ENC= +# CPUID module collects small commonly used assembler snippets +CPUID_OBJ= +BN_ASM= bn_asm.o DES_ENC= des_enc.o fcrypt_b.o -#DES_ENC= des_enc.o fcrypt_b.o # C -#DES_ENC= asm/dx86-elf.o asm/yx86-elf.o # elf -#DES_ENC= asm/dx86-sol.o asm/yx86-sol.o # solaris -#DES_ENC= asm/dx86-out.o asm/yx86-out.o # a.out, FreeBSD -#DES_ENC= asm/dx86bsdi.o asm/yx86bsdi.o # bsdi - -# Set BF_ENC to bf_enc.o if you want to use the C version -#There are 4 x86 assember options. +AES_ASM_OBJ= aes_core.o aes_cbc.o BF_ENC= bf_enc.o -#BF_ENC= bf_enc.o -#BF_ENC= asm/bx86-elf.o # elf -#BF_ENC= asm/bx86-sol.o # solaris -#BF_ENC= asm/bx86-out.o # a.out, FreeBSD -#BF_ENC= asm/bx86bsdi.o # bsdi - -# Set CAST_ENC to c_enc.o if you want to use the C version -#There are 4 x86 assember options. CAST_ENC= c_enc.o -#CAST_ENC= c_enc.o -#CAST_ENC= asm/cx86-elf.o # elf -#CAST_ENC= asm/cx86-sol.o # solaris -#CAST_ENC= asm/cx86-out.o # a.out, FreeBSD -#CAST_ENC= asm/cx86bsdi.o # bsdi - -# Set RC4_ENC to rc4_enc.o if you want to use the C version -#There are 4 x86 assember options. -RC4_ENC= rc4_enc.o -#RC4_ENC= rc4_enc.o -#RC4_ENC= asm/rx86-elf.o # elf -#RC4_ENC= asm/rx86-sol.o # solaris -#RC4_ENC= asm/rx86-out.o # a.out, FreeBSD -#RC4_ENC= asm/rx86bsdi.o # bsdi - -# Set RC5_ENC to rc5_enc.o if you want to use the C version -#There are 4 x86 assember options. +RC4_ENC= rc4_enc.o rc4_skey.o RC5_ENC= rc5_enc.o -#RC5_ENC= rc5_enc.o -#RC5_ENC= asm/r586-elf.o # elf -#RC5_ENC= asm/r586-sol.o # solaris -#RC5_ENC= asm/r586-out.o # a.out, FreeBSD -#RC5_ENC= asm/r586bsdi.o # bsdi - -# Also need MD5_ASM defined MD5_ASM_OBJ= -#MD5_ASM_OBJ= asm/mx86-elf.o # elf -#MD5_ASM_OBJ= asm/mx86-sol.o # solaris -#MD5_ASM_OBJ= asm/mx86-out.o # a.out, FreeBSD -#MD5_ASM_OBJ= asm/mx86bsdi.o # bsdi - -# Also need SHA1_ASM defined SHA1_ASM_OBJ= -FIPS_SHA1_ASM_OBJ= -#SHA1_ASM_OBJ= asm/sx86-elf.o # elf -#SHA1_ASM_OBJ= asm/sx86-sol.o # solaris -#SHA1_ASM_OBJ= asm/sx86-out.o # a.out, FreeBSD -#SHA1_ASM_OBJ= asm/sx86bsdi.o # bsdi - -# Also need RMD160_ASM defined RMD160_ASM_OBJ= -#RMD160_ASM_OBJ= asm/rm86-elf.o # elf -#RMD160_ASM_OBJ= asm/rm86-sol.o # solaris -#RMD160_ASM_OBJ= asm/rm86-out.o # a.out, FreeBSD -#RMD160_ASM_OBJ= asm/rm86bsdi.o # bsdi # KRB5 stuff KRB5_INCLUDES= @@ -178,36 +106,20 @@ LIBKRB5= ZLIB_INCLUDE= LIBZLIB= -# This is the location of fipscanister.o and friends. -# The FIPS module build will place it $(INSTALLTOP)/lib -# but since $(INSTALLTOP) can only take the default value -# when the module is built it will be in /usr/local/ssl/lib -# $(INSTALLTOP) for this build make be different so hard -# code the path. - -FIPSLIBDIR=/usr/local/ssl/lib - -# Shared library base address. Currently only used on Windows. -# - -BASEADDR=0xFB00000 - -# When we're prepared to use shared libraries in the programs we link here -# we might set SHLIB_MARK to '$(SHARED_LIBS)'. -SHLIB_MARK= - -DIRS= crypto fips-1.0 ssl $(SHLIB_MARK) apps test tools +DIRS= crypto ssl engines apps test tools SHLIBDIRS= crypto ssl # dirs in crypto to build -SDIRS= objects \ - md2 md4 md5 sha mdc2 hmac ripemd \ - des rc2 rc4 rc5 idea bf cast \ - bn ec rsa dsa dh dso engine aes \ +SDIRS= \ + objects \ + md2 md4 md5 sha hmac ripemd \ + des aes rc2 rc4 idea bf cast \ + bn ec rsa dsa ecdsa dh ecdh dso engine \ buffer bio stack lhash rand err \ - evp asn1 pem x509 x509v3 conf txt_db pkcs7 pkcs12 comp ocsp ui krb5 - -FDIRS= sha rand des aes dsa rsa dh hmac + evp asn1 pem x509 x509v3 conf txt_db pkcs7 pkcs12 comp ocsp ui krb5 \ + store pqueue +# keep in mind that the above list is adjusted by ./Configure +# according to no-xxx arguments... # tests to perform. "alltests" is a special word indicating that all tests # should be performed. @@ -240,38 +152,106 @@ WTARFILE= $(NAME)-win.tar EXHEADER= e_os2.h HEADER= e_os.h -# When we're prepared to use shared libraries in the programs we link here -# we might remove 'clean-shared' from the targets to perform at this stage +all: Makefile build_all openssl.pc libssl.pc libcrypto.pc + +# as we stick to -e, CLEARENV ensures that local variables in lower +# Makefiles remain local and variable. $${VAR+VAR} is tribute to Korn +# shell, which [annoyingly enough] terminates unset with error if VAR +# is not present:-( TOP= && unset TOP is tribute to HP-UX /bin/sh, +# which terminates unset with error if no variable was present:-( +CLEARENV= TOP= && unset TOP $${LIB+LIB} $${LIBS+LIBS} \ + $${INCLUDE+INCLUDE} $${INCLUDES+INCLUDES} \ + $${DIR+DIR} $${DIRS+DIRS} $${SRC+SRC} \ + $${LIBSRC+LIBSRC} $${LIBOBJ+LIBOBJ} $${ALL+ALL} \ + $${EXHEADER+EXHEADER} $${HEADER+HEADER} \ + $${GENERAL+GENERAL} $${CFLAGS+CFLAGS} \ + $${ASFLAGS+ASFLAGS} $${AFLAGS+AFLAGS} \ + $${LDCMD+LDCMD} $${LDFLAGS+LDFLAGS} \ + $${SHAREDCMD+SHAREDCMD} $${SHAREDFLAGS+SHAREDFLAGS} \ + $${SHARED_LIB+SHARED_LIB} $${LIBEXTRAS+LIBEXTRAS} + +BUILDENV= PLATFORM='${PLATFORM}' PROCESSOR='${PROCESSOR}' \ + CC='${CC}' CFLAG='${CFLAG}' \ + AS='${CC}' ASFLAG='${CFLAG} -c' \ + AR='${AR}' PERL='${PERL}' RANLIB='${RANLIB}' \ + SDIRS='${SDIRS}' LIBRPATH='${INSTALLTOP}/lib' \ + INSTALL_PREFIX='${INSTALL_PREFIX}' \ + INSTALLTOP='${INSTALLTOP}' OPENSSLDIR='${OPENSSLDIR}' \ + MAKEDEPEND='$$$${TOP}/util/domd $$$${TOP} -MD ${MAKEDEPPROG}' \ + DEPFLAG='-DOPENSSL_NO_DEPRECATED ${DEPFLAG}' \ + MAKEDEPPROG='${MAKEDEPPROG}' \ + SHARED_LDFLAGS='${SHARED_LDFLAGS}' \ + KRB5_INCLUDES='${KRB5_INCLUDES}' LIBKRB5='${LIBKRB5}' \ + EXE_EXT='${EXE_EXT}' SHARED_LIBS='${SHARED_LIBS}' \ + SHLIB_EXT='${SHLIB_EXT}' SHLIB_TARGET='${SHLIB_TARGET}' \ + PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' \ + CPUID_OBJ='${CPUID_OBJ}' \ + BN_ASM='${BN_ASM}' DES_ENC='${DES_ENC}' \ + AES_ASM_OBJ='${AES_ASM_OBJ}' \ + BF_ENC='${BF_ENC}' CAST_ENC='${CAST_ENC}' \ + RC4_ENC='${RC4_ENC}' RC5_ENC='${RC5_ENC}' \ + SHA1_ASM_OBJ='${SHA1_ASM_OBJ}' \ + MD5_ASM_OBJ='${MD5_ASM_OBJ}' \ + RMD160_ASM_OBJ='${RMD160_ASM_OBJ}' \ + THIS=$${THIS:-$@} MAKEFILE=Makefile MAKEOVERRIDES= +# MAKEOVERRIDES= effectively "equalizes" GNU-ish and SysV-ish make flavors, +# which in turn eliminates ambiguities in variable treatment with -e. + +# BUILD_CMD is a generic macro to build a given target in a given +# subdirectory. The target must be given through the shell variable +# `target' and the subdirectory to build in must be given through `dir'. +# This macro shouldn't be used directly, use RECURSIVE_BUILD_CMD or +# BUILD_ONE_CMD instead. +# +# BUILD_ONE_CMD is a macro to build a given target in a given +# subdirectory if that subdirectory is part of $(DIRS). It requires +# exactly the same shell variables as BUILD_CMD. +# +# RECURSIVE_BUILD_CMD is a macro to build a given target in all +# subdirectories defined in $(DIRS). It requires that the target +# is given through the shell variable `target'. +BUILD_CMD= if [ -d "$$dir" ]; then \ + ( cd $$dir && echo "making $$target in $$dir..." && \ + $(CLEARENV) && $(MAKE) -e $(BUILDENV) TOP=.. DIR=$$dir $$target \ + ) || exit 1; \ + fi +RECURSIVE_BUILD_CMD=for dir in $(DIRS); do $(BUILD_CMD); done +BUILD_ONE_CMD=\ + if echo " $(DIRS) " | grep " $$dir " >/dev/null 2>/dev/null; then \ + $(BUILD_CMD); \ + fi -all: Makefile sub_all openssl.pc +reflect: + @[ -n "$(THIS)" ] && $(CLEARENV) && $(MAKE) $(THIS) -e $(BUILDENV) -sub_all: - @for i in $(DIRS); \ - do \ - if [ -d "$$i" ]; then \ - (cd $$i && echo "making all in $$i..." && \ - $(MAKE) CC='${CC}' PLATFORM='${PLATFORM}' CFLAG='${CFLAG}' AS='${AS}' ASFLAG='${ASFLAG}' SDIRS='$(SDIRS)' FDIRS='$(FDIRS)' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' BN_ASM='${BN_ASM}' DES_ENC='${DES_ENC}' FIPS_DES_ENC='${FIPS_DES_ENC}' FIPS_AES_ENC='${FIPS_AES_ENC}' BF_ENC='${BF_ENC}' CAST_ENC='${CAST_ENC}' RC4_ENC='${RC4_ENC}' RC5_ENC='${RC5_ENC}' SHA1_ASM_OBJ='${SHA1_ASM_OBJ}' FIPS_SHA1_ASM_OBJ='${FIPS_SHA1_ASM_OBJ}' MD5_ASM_OBJ='${MD5_ASM_OBJ}' RMD160_ASM_OBJ='${RMD160_ASM_OBJ}' AR='${AR}' PROCESSOR='${PROCESSOR}' PERL='${PERL}' RANLIB='${RANLIB}' KRB5_INCLUDES='${KRB5_INCLUDES}' LIBKRB5='${LIBKRB5}' EXE_EXT='${EXE_EXT}' SHARED_LIBS='${SHARED_LIBS}' SHLIB_EXT='${SHLIB_EXT}' SHLIB_TARGET='${SHLIB_TARGET}' FIPSLIBDIR='${FIPSLIBDIR}' all ) || exit 1; \ - else \ - $(MAKE) $$i; \ - fi; \ - done; +sub_all: build_all +build_all: build_libs build_apps build_tests build_tools -sub_target: - @for i in $(DIRS); \ - do \ - if [ -d "$$i" ]; then \ - (cd $$i && echo "making $(TARGET) in $$i..." && \ - $(MAKE) CC='${CC}' PLATFORM='${PLATFORM}' CFLAG='${CFLAG}' AS='${AS}' ASFLAG='${ASFLAG}' SDIRS='$(SDIRS)' FDIRS='$(FDIRS)' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' BN_ASM='${BN_ASM}' DES_ENC='${DES_ENC}' FIPS_DES_ENC='${FIPS_DES_ENC}' FIPS_AES_ENC='${FIPS_AES_ENC}' BF_ENC='${BF_ENC}' CAST_ENC='${CAST_ENC}' RC4_ENC='${RC4_ENC}' RC5_ENC='${RC5_ENC}' SHA1_ASM_OBJ='${SHA1_ASM_OBJ}' FIPS_SHA1_ASM_OBJ='${FIPS_SHA1_ASM_OBJ}' MD5_ASM_OBJ='${MD5_ASM_OBJ}' RMD160_ASM_OBJ='${RMD160_ASM_OBJ}' AR='${AR}' PROCESSOR='${PROCESSOR}' PERL='${PERL}' RANLIB='${RANLIB}' KRB5_INCLUDES='${KRB5_INCLUDES}' LIBKRB5='${LIBKRB5}' EXE_EXT='${EXE_EXT}' SHARED_LIBS='${SHARED_LIBS}' SHLIB_EXT='${SHLIB_EXT}' SHLIB_TARGET='${SHLIB_TARGET}' TARGET='$(TARGET)' sub_target ) || exit 1; \ - else \ - $(MAKE) $$i; \ - fi; \ - done; +build_libs: build_crypto build_ssl build_engines + +build_crypto: + @dir=crypto; target=all; $(BUILD_ONE_CMD) +build_ssl: + @dir=ssl; target=all; $(BUILD_ONE_CMD) +build_engines: + @dir=engines; target=all; $(BUILD_ONE_CMD) +build_apps: + @dir=apps; target=all; $(BUILD_ONE_CMD) +build_tests: + @dir=test; target=all; $(BUILD_ONE_CMD) +build_tools: + @dir=tools; target=all; $(BUILD_ONE_CMD) + +all_testapps: build_libs build_testapps +build_testapps: + @dir=crypto; target=testapps; $(BUILD_ONE_CMD) libcrypto$(SHLIB_EXT): libcrypto.a @if [ "$(SHLIB_TARGET)" != "" ]; then \ $(MAKE) SHLIBDIRS=crypto build-shared; \ else \ echo "There's no support for shared libraries on this platform" >&2; \ + exit 1; \ fi libssl$(SHLIB_EXT): libcrypto$(SHLIB_EXT) libssl.a @@ -279,10 +259,11 @@ libssl$(SHLIB_EXT): libcrypto$(SHLIB_EXT) libssl.a $(MAKE) SHLIBDIRS=ssl SHLIBDEPS='-lcrypto' build-shared; \ else \ echo "There's no support for shared libraries on this platform" >&2; \ + exit 1; \ fi clean-shared: - @for i in $(SHLIBDIRS); do \ + @set -e; for i in $(SHLIBDIRS); do \ if [ -n "$(SHARED_LIBS_LINK_EXTS)" ]; then \ tmp="$(SHARED_LIBS_LINK_EXTS)"; \ for j in $${tmp:-x}; do \ @@ -291,312 +272,59 @@ clean-shared: fi; \ ( set -x; rm -f lib$$i$(SHLIB_EXT) ); \ if [ "$(PLATFORM)" = "Cygwin" ]; then \ - ( set -x; rm -f cyg$$i-$(SHLIB_VERSION_NUMBER)$(SHLIB_EXT) lib$$i$(SHLIB_EXT).a ); \ + ( set -x; rm -f cyg$$i$(SHLIB_EXT) lib$$i$(SHLIB_EXT).a ); \ fi; \ done link-shared: - @if [ -n "$(SHARED_LIBS_LINK_EXTS)" ]; then \ - tmp="$(SHARED_LIBS_LINK_EXTS)"; \ - for i in $(SHLIBDIRS); do \ - prev=lib$$i$(SHLIB_EXT); \ - for j in $${tmp:-x}; do \ - ( set -x; \ - rm -f lib$$i$$j; ln -s $$prev lib$$i$$j ); \ - prev=lib$$i$$j; \ - done; \ - done; \ - fi - -build-shared: clean-shared do_$(SHLIB_TARGET) link-shared - -do_bsd-gcc-shared: do_gnu-shared -do_linux-shared: do_gnu-shared -do_gnu-shared: - libs='-L. ${SHLIBDEPS}'; for i in ${SHLIBDIRS}; do \ - if [ "${SHLIBDIRS}" = "ssl" -a -n "$(LIBKRB5)" ]; then \ - libs="$(LIBKRB5) $$libs"; \ - fi; \ - ( set -x; $${FIPSLD:-${CC}} ${SHARED_LDFLAGS} \ - -shared -o lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR} \ - -Wl,-soname=lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR} \ - -Wl,-Bsymbolic \ - -Wl,--whole-archive lib$$i.a \ - -Wl,--no-whole-archive $$libs ${EX_LIBS} ) || exit 1; \ - libs="-l$$i $$libs"; \ + @ set -e; for i in ${SHLIBDIRS}; do \ + $(MAKE) -f $(HERE)/Makefile.shared -e $(BUILDENV) \ + LIBNAME=$$i LIBVERSION=${SHLIB_MAJOR}.${SHLIB_MINOR} \ + LIBCOMPATVERSIONS=";${SHLIB_VERSION_HISTORY}" \ + symlink.$(SHLIB_TARGET); \ + libs="$$libs -l$$i"; \ done -DETECT_GNU_LD=(${CC} -Wl,-V /dev/null 2>&1 | grep '^GNU ld' )>/dev/null - -# For Darwin AKA Mac OS/X (dyld) -do_darwin-shared: - libs='-L. ${SHLIBDEPS}'; for i in ${SHLIBDIRS}; do \ - if [ "${SHLIBDIRS}" = "ssl" -a -n "$(LIBKRB5)" ]; then \ - libs="$(LIBKRB5) $$libs"; \ - fi; \ - ( set -x; $${FIPSLD:-${CC}} ${SHARED_LDFLAGS} \ - --verbose -dynamiclib -o lib$$i${SHLIB_EXT} \ - lib$$i.a $$libs -all_load -current_version ${SHLIB_MAJOR}.${SHLIB_MINOR} \ - -compatibility_version ${SHLIB_MAJOR}.`echo ${SHLIB_MINOR} | cut -d. -f1` \ - -install_name ${INSTALLTOP}/lib/lib$$i${SHLIB_EXT} ) || exit 1; \ - libs="-l`basename $$i${SHLIB_EXT} .dylib` $$libs"; \ - echo "" ; \ - done - -do_cygwin-shared: - libs='-L. ${SHLIBDEPS}'; for i in ${SHLIBDIRS}; do \ - if [ "${SHLIBDIRS}" = "ssl" -a -n "$(LIBKRB5)" ]; then \ - libs="$(LIBKRB5) $$libs"; \ - fi; \ - shlib=cyg$${i}-$(SHLIB_VERSION_NUMBER).dll; \ - [ "$(PLATFORM)" = "mingw" ] && shlib=$${i}eay32.dll; \ - [ -f apps/$$shlib ] && rm apps/$$shlib; \ - [ -f test/$$shlib ] && rm test/$$shlib; \ - base=; [ $$i = "crypto" ] && base=-Wl,--image-base,0x63000000; \ - ( set -x; $${FIPSLD:-${CC}} ${SHARED_LDFLAGS} \ - -shared $$base -o $$shlib \ - -Wl,-Bsymbolic \ - -Wl,--whole-archive lib$$i.a \ - -Wl,--out-implib,lib$$i.dll.a \ - -Wl,--no-whole-archive $$libs ${EX_LIBS} ) || exit 1; \ - cp -p $$shlib apps/; cp -p $$shlib test/; \ - touch -c lib$$i.dll.a; \ - libs="-l$$i $$libs"; \ - done - -# This assumes that GNU utilities are *not* used -do_alpha-osf1-shared: - if ${DETECT_GNU_LD}; then \ - $(MAKE) do_gnu-shared; \ - else \ - libs='-L. ${SHLIBDEPS}'; for i in ${SHLIBDIRS}; do \ - if [ "${SHLIBDIRS}" = "ssl" -a -n "$(LIBKRB5)" ]; then \ - libs="$(LIBKRB5) $$libs"; \ - fi; \ - ( set -x; $${FIPSLD:-${CC}} ${SHARED_LDFLAGS} \ - -shared -o lib$$i.so \ - -set_version "${SHLIB_VERSION_HISTORY}${SHLIB_VERSION_NUMBER}" \ - -all lib$$i.a -none $$libs ${EX_LIBS} ) || exit 1; \ - libs="-l$$i $$libs"; \ - done; \ - fi - -# This assumes that GNU utilities are *not* used -# The difference between alpha-osf1-shared and tru64-shared is the `-msym' -# option passed to the linker. -do_tru64-shared: - if ${DETECT_GNU_LD}; then \ - $(MAKE) do_gnu-shared; \ - else \ - libs='-L. ${SHLIBDEPS}'; for i in ${SHLIBDIRS}; do \ - if [ "${SHLIBDIRS}" = "ssl" -a -n "$(LIBKRB5)" ]; then \ - libs="$(LIBKRB5) $$libs"; \ - fi; \ - ( set -x; $${FIPSLD:-${CC}} ${SHARED_LDFLAGS} \ - -shared -msym -o lib$$i.so \ - -set_version "${SHLIB_VERSION_HISTORY}${SHLIB_VERSION_NUMBER}" \ - -all lib$$i.a -none $$libs ${EX_LIBS} ) || exit 1; \ - libs="-l$$i $$libs"; \ - done; \ - fi - -# This assumes that GNU utilities are *not* used -# The difference between tru64-shared and tru64-shared-rpath is the -# -rpath ${INSTALLTOP}/lib passed to the linker. -do_tru64-shared-rpath: - if ${DETECT_GNU_LD}; then \ - $(MAKE) do_gnu-shared; \ - else \ - libs='-L. ${SHLIBDEPS}'; for i in ${SHLIBDIRS}; do \ - if [ "${SHLIBDIRS}" = "ssl" -a -n "$(LIBKRB5)" ]; then \ - libs="$(LIBKRB5) $$libs"; \ - fi; \ - ( set -x; $${FIPSLD:-${CC}} ${SHARED_LDFLAGS} \ - -shared -msym -o lib$$i.so \ - -rpath ${INSTALLTOP}/lib \ - -set_version "${SHLIB_VERSION_HISTORY}${SHLIB_VERSION_NUMBER}" \ - -all lib$$i.a -none $$libs ${EX_LIBS} ) || exit 1; \ - libs="-l$$i $$libs"; \ - done; \ - fi - - -# This assumes that GNU utilities are *not* used -do_solaris-shared: - if ${DETECT_GNU_LD}; then \ - $(MAKE) do_gnu-shared; \ - else \ - libs='-L. ${SHLIBDEPS}'; for i in ${SHLIBDIRS}; do \ - if [ "${SHLIBDIRS}" = "ssl" -a -n "$(LIBKRB5)" ]; then \ - libs="$(LIBKRB5) $$libs"; \ - fi; \ - ( PATH=/usr/ccs/bin:$$PATH ; export PATH; \ - MINUSZ='-z '; \ - (${CC} -v 2>&1 | grep gcc) > /dev/null && MINUSZ='-Wl,-z,'; \ - set -x; $${FIPSLD:-${CC}} ${SHARED_LDFLAGS} \ - -o lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR} \ - -h lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR} \ - -Wl,-Bsymbolic \ - $${MINUSZ}allextract lib$$i.a $${MINUSZ}defaultextract \ - $$libs ${EX_LIBS} ) || exit 1; \ - libs="-l$$i $$libs"; \ - done; \ - fi - -# OpenServer 5 native compilers used -do_svr3-shared: - if ${DETECT_GNU_LD}; then \ - $(MAKE) do_gnu-shared; \ - else \ - libs='-L. ${SHLIBDEPS}'; for i in ${SHLIBDIRS}; do \ - if [ "${SHLIBDIRS}" = "ssl" -a -n "$(LIBKRB5)" ]; then \ - libs="$(LIBKRB5) $$libs"; \ - fi; \ - ( PATH=/usr/ccs/bin:$$PATH ; export PATH; \ - find . -name "*.o" -print > allobjs ; \ - OBJS= ; export OBJS ; \ - for obj in `ar t lib$$i.a` ; do \ - OBJS="$${OBJS} `grep /$$obj allobjs`" ; \ - done ; \ - set -x; $${FIPSLD:-${CC}} ${SHARED_LDFLAGS} \ - -G -o lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR} \ - -h lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR} \ - $${OBJS} $$libs ${EX_LIBS} ) || exit 1; \ - libs="-l$$i $$libs"; \ - done; \ - fi +build-shared: do_$(SHLIB_TARGET) link-shared -# UnixWare 7 and OpenUNIX 8 native compilers used -do_svr5-shared: - if ${DETECT_GNU_LD}; then \ - $(MAKE) do_gnu-shared; \ - else \ - libs='-L. ${SHLIBDEPS}'; for i in ${SHLIBDIRS}; do \ +do_$(SHLIB_TARGET): + @ set -e; libs='-L. ${SHLIBDEPS}'; for i in ${SHLIBDIRS}; do \ if [ "${SHLIBDIRS}" = "ssl" -a -n "$(LIBKRB5)" ]; then \ libs="$(LIBKRB5) $$libs"; \ fi; \ - ( PATH=/usr/ccs/bin:$$PATH ; export PATH; \ - SHARE_FLAG='-G'; \ - (${CC} -v 2>&1 | grep gcc) > /dev/null && SHARE_FLAG='-shared'; \ - find . -name "*.o" -print > allobjs ; \ - OBJS= ; export OBJS ; \ - for obj in `ar t lib$$i.a` ; do \ - OBJS="$${OBJS} `grep /$$obj allobjs`" ; \ - done ; \ - set -x; LD_LIBRARY_PATH=.:$$LD_LIBRARY_PATH \ - $${FIPSLD:-${CC}} ${SHARED_LDFLAGS} \ - $${SHARE_FLAG} -o lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR} \ - -h lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR} \ - $${OBJS} $$libs ${EX_LIBS} ) || exit 1; \ + $(CLEARENV) && $(MAKE) -f Makefile.shared -e $(BUILDENV) \ + LIBNAME=$$i LIBVERSION=${SHLIB_MAJOR}.${SHLIB_MINOR} \ + LIBCOMPATVERSIONS=";${SHLIB_VERSION_HISTORY}" \ + LIBDEPS="$$libs $(EX_LIBS)" \ + link_a.$(SHLIB_TARGET); \ libs="-l$$i $$libs"; \ - done; \ - fi - -# This assumes that GNU utilities are *not* used -do_irix-shared: - if ${DETECT_GNU_LD}; then \ - $(MAKE) do_gnu-shared; \ - else \ - libs='-L. ${SHLIBDEPS}'; for i in ${SHLIBDIRS}; do \ - if [ "${SHLIBDIRS}" = "ssl" -a -n "$(LIBKRB5)" ]; then \ - libs="$(LIBKRB5) $$libs"; \ - fi; \ - ( WHOLELIB="-all lib$$i.a -none"; \ - (${CC} -v 2>&1 | grep gcc) > /dev/null && WHOLELIB="-Wl,-all,lib$$i.a,-none"; \ - set -x; $${FIPSLD:-${CC}} ${SHARED_LDFLAGS} \ - -shared -o lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR} \ - -Wl,-soname,lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR} \ - $${WHOLELIB} $$libs ${EX_LIBS}) || exit 1; \ - libs="-l$$i $$libs"; \ - done; \ - fi - -# This assumes that GNU utilities are *not* used -# -do_hpux-shared: - for i in ${SHLIBDIRS}; do \ - if [ "${SHLIBDIRS}" = "ssl" -a -n "$(LIBKRB5)" ]; then \ - libs="$(LIBKRB5) $$libs"; \ - fi; \ - if expr $(PLATFORM) : '.*ia64' > /dev/null; then \ - shlib=lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR}; \ - else \ - shlib=lib$$i.sl.${SHLIB_MAJOR}.${SHLIB_MINOR}; \ - fi; \ - [ -f $$shlib ] && rm -f $$shlib; \ - ALLSYMSFLAGS='-Wl,-Fl'; \ - expr $(PLATFORM) : 'hpux64' > /dev/null && ALLSYMSFLAGS='-Wl,+forceload'; \ - ( set -x; $${FIPSLD:-${CC}} ${SHARED_LDFLAGS} \ - -Wl,-B,symbolic,+vnocompatwarnings,-z,+h,$$shlib \ - -o $$shlib $$ALLSYMSFLAGS,lib$$i.a -ldld ) || exit 1; \ - chmod a=rx $$shlib; \ done -# The following method is said to work on all platforms. Tests will -# determine if that's how it's gong to be used. -# This assumes that for all but GNU systems, GNU utilities are *not* used. -# ALLSYMSFLAGS would be: -# GNU systems: --whole-archive -# Tru64 Unix: -all -# Solaris: -z allextract -# Irix: -all -# HP/UX-32bit: -Fl -# HP/UX-64bit: +forceload -# AIX: -bnogc -# SHAREDFLAGS would be: -# GNU systems: -shared -Wl,-soname=lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR} -# Tru64 Unix: -shared \ -# -set_version "${SHLIB_VERSION_HISTORY}${SHLIB_VERSION_NUMBER}" -# Solaris: -G -h lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR} -# Irix: -shared -Wl,-soname,lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR} -# HP/UX-32bit: +vnocompatwarnings -b -z +s \ -# +h lib$$i.sl.${SHLIB_MAJOR}.${SHLIB_MINOR} -# HP/UX-64bit: -b -z +h lib$$i.sl.${SHLIB_MAJOR}.${SHLIB_MINOR} -# AIX: -G -bE:lib$$i.exp -bM:SRE -# SHAREDCMD would be: -# GNU systems: $(CC) -# Tru64 Unix: $(CC) -# Solaris: $(CC) -# Irix: $(CC) -# HP/UX-32bit: /usr/ccs/bin/ld -# HP/UX-64bit: /usr/ccs/bin/ld -# AIX: $(CC) -ALLSYMSFLAG=-bnogc -SHAREDFLAGS=${SHARED_LDFLAGS} -G -bE:lib$$i.exp -bM:SRE -SHAREDCMD=$(CC) -do_aix-shared: - libs='-L. ${SHLIBDEPS}'; for i in ${SHLIBDIRS}; do \ - if [ "${SHLIBDIRS}" = "ssl" -a -n "$(LIBKRB5)" ]; then \ - libs="$(LIBKRB5) $$libs"; \ - fi; \ - ( set -x; \ - OBJECT_MODE=`expr x${SHARED_LDFLAGS} : 'x\-[a-z]\([0-9]*\)'`; \ - OBJECT_MODE=$${OBJECT_MODE:-32}; export OBJECT_MODE; \ - ld -r -o lib$$i.o $(ALLSYMSFLAG) lib$$i.a && \ - ( nm -Pg lib$$i.o | grep ' [BD] ' | cut -f1 -d' ' > lib$$i.exp; \ - $${FIPSLD:-${CC}} $(SHAREDFLAGS) \ - -o lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR} lib$$i.o \ - $$libs ${EX_LIBS} ) ) \ - || exit 1; \ - libs="-l$$i $$libs"; \ - done +libcrypto.pc: Makefile + @ ( echo 'prefix=$(INSTALLTOP)'; \ + echo 'exec_prefix=$${prefix}'; \ + echo 'libdir=$${exec_prefix}/lib'; \ + echo 'includedir=$${prefix}/include'; \ + echo ''; \ + echo 'Name: OpenSSL-libcrypto'; \ + echo 'Description: OpenSSL cryptography library'; \ + echo 'Version: '$(VERSION); \ + echo 'Requires: '; \ + echo 'Libs: -L$${libdir} -lcrypto $(EX_LIBS)'; \ + echo 'Cflags: -I$${includedir} $(KRB5_INCLUDES)' ) > libcrypto.pc -do_reliantunix-shared: - libs='-L. ${SHLIBDEPS}'; for i in ${SHLIBDIRS}; do \ - if [ "${SHLIBDIRS}" = "ssl" -a -n "$(LIBKRB5)" ]; then \ - libs="$(LIBKRB5) $$libs"; \ - fi; \ - tmpdir=/tmp/openssl.$$$$ ; rm -rf $$tmpdir ; \ - ( set -x; \ - ( Opwd=`pwd` ; mkdir $$tmpdir || exit 1; \ - cd $$tmpdir || exit 1 ; ar x $$Opwd/lib$$i.a ; \ - $${FIPSLD:-${CC}} -G -o lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR} *.o \ - ) || exit 1; \ - cp $$tmpdir/lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR} . ; \ - ) || exit 1; \ - rm -rf $$tmpdir ; \ - libs="-l$$i $$libs"; \ - done +libssl.pc: Makefile + @ ( echo 'prefix=$(INSTALLTOP)'; \ + echo 'exec_prefix=$${prefix}'; \ + echo 'libdir=$${exec_prefix}/lib'; \ + echo 'includedir=$${prefix}/include'; \ + echo ''; \ + echo 'Name: OpenSSL'; \ + echo 'Description: Secure Sockets Layer and cryptography libraries'; \ + echo 'Version: '$(VERSION); \ + echo 'Requires: '; \ + echo 'Libs: -L$${libdir} -lssl -lcrypto $(EX_LIBS)'; \ + echo 'Cflags: -I$${includedir} $(KRB5_INCLUDES)' ) > libssl.pc openssl.pc: Makefile @ ( echo 'prefix=$(INSTALLTOP)'; \ @@ -608,31 +336,25 @@ openssl.pc: Makefile echo 'Description: Secure Sockets Layer and cryptography libraries and tools'; \ echo 'Version: '$(VERSION); \ echo 'Requires: '; \ - echo 'Libs: -L$${libdir} -lssl -lcrypto $(LIBKRB5) $(EX_LIBS)'; \ + echo 'Libs: -L$${libdir} -lssl -lcrypto $(EX_LIBS)'; \ echo 'Cflags: -I$${includedir} $(KRB5_INCLUDES)' ) > openssl.pc -Makefile: Makefile.org - @echo "Makefile is older than Makefile.org." +Makefile: Makefile.org Configure config + @echo "Makefile is older than Makefile.org, Configure or config." @echo "Reconfigure the source tree (via './config' or 'perl Configure'), please." @false libclean: - rm -f *.map *.so *.so.* engines/*.so *.a */lib */*/lib + rm -f *.map *.so *.so.* *.dll engines/*.so engines/*.dll *.a engines/*.a */lib */*/lib clean: libclean rm -f shlib/*.o *.o core a.out fluff rehash.time testlog make.log cctest cctest.c - @for i in $(DIRS) ;\ - do \ - if [ -d "$$i" ]; then \ - (cd $$i && echo "making clean in $$i..." && \ - $(MAKE) EXE_EXT='${EXE_EXT}' SDIRS='${SDIRS}' clean ) || exit 1; \ - rm -f $(LIBS); \ - fi; \ - done; - rm -f openssl.pc + @set -e; target=clean; $(RECURSIVE_BUILD_CMD) + rm -f $(LIBS) + rm -f openssl.pc libssl.pc libcrypto.pc rm -f speed.* .pure rm -f $(TARFILE) - @for i in $(ONEDIRS) ;\ + @set -e; for i in $(ONEDIRS) ;\ do \ rm -fr $$i/*; \ done @@ -643,37 +365,20 @@ makefile.one: files files: $(PERL) $(TOP)/util/files.pl Makefile > $(TOP)/MINFO - @for i in $(DIRS) ;\ - do \ - if [ -d "$$i" ]; then \ - (cd $$i && echo "making 'files' in $$i..." && \ - $(MAKE) SDIRS='${SDIRS}' PERL='${PERL}' files ) || exit 1; \ - fi; \ - done; + @set -e; target=files; $(RECURSIVE_BUILD_CMD) links: @$(PERL) $(TOP)/util/mkdir-p.pl include/openssl @$(PERL) $(TOP)/util/mklink.pl include/openssl $(EXHEADER) - @for i in $(DIRS); do \ - if [ -d "$$i" ]; then \ - (cd $$i && echo "making links in $$i..." && \ - $(MAKE) CC='${CC}' PLATFORM='${PLATFORM}' CFLAG='${CFLAG}' SDIRS='$(SDIRS)' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' BN_ASM='${BN_ASM}' DES_ENC='${DES_ENC}' FIPS_DES_ENC='${FIPS_DES_ENC}' BF_ENC='${BF_ENC}' CAST_ENC='${CAST_ENC}' RC4_ENC='${RC4_ENC}' RC5_ENC='${RC5_ENC}' SHA1_ASM_OBJ='${SHA1_ASM_OBJ}' FIPS_SHA1_ASM_OBJ='${FIPS_SHA1_ASM_OBJ}' MD5_ASM_OBJ='${MD5_ASM_OBJ}' RMD160_ASM_OBJ='${RMD160_ASM_OBJ}' AR='${AR}' PERL='${PERL}' KRB5_INCLUDES='${KRB5_INCLUDES}' LIBKRB5='${LIBKRB5}' links ) || exit 1; \ - fi; \ - done; + @set -e; target=links; $(RECURSIVE_BUILD_CMD) gentests: @(cd test && echo "generating dummy tests (if needed)..." && \ - $(MAKE) CC='${CC}' PLATFORM='${PLATFORM}' CFLAG='${CFLAG}' SDIRS='$(SDIRS)' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' BN_ASM='${BN_ASM}' DES_ENC='${DES_ENC}' FIPS_DES_ENC='${FIPS_DES_ENC}' BF_ENC='${BF_ENC}' CAST_ENC='${CAST_ENC}' RC4_ENC='${RC4_ENC}' RC5_ENC='${RC5_ENC}' SHA1_ASM_OBJ='${SHA1_ASM_OBJ}' FIPS_SHA1_ASM_OBJ='${FIPS_SHA1_ASM_OBJ}' MD5_ASM_OBJ='${MD5_ASM_OBJ}' RMD160_ASM_OBJ='${RMD160_ASM_OBJ}' AR='${AR}' PROCESSOR='${PROCESSOR}' PERL='${PERL}' RANLIB='${RANLIB}' TESTS='${TESTS}' KRB5_INCLUDES='${KRB5_INCLUDES}' LIBKRB5='${LIBKRB5}' EXE_EXT='${EXE_EXT}' SHARED_LIBS='${SHARED_LIBS}' SHLIB_EXT='${SHLIB_EXT}' SHLIB_TARGET='${SHLIB_TARGET}' TESTS='${TESTS}' OPENSSL_DEBUG_MEMORY=on generate ); + $(CLEARENV) && $(MAKE) -e $(BUILDENV) TESTS='${TESTS}' OPENSSL_DEBUG_MEMORY=on generate ); dclean: rm -f *.bak - @for i in $(DIRS) ;\ - do \ - if [ -d "$$i" ]; then \ - (cd $$i && echo "making dclean in $$i..." && \ - $(MAKE) SDIRS='${SDIRS}' PERL='${PERL}' dclean ) || exit 1; \ - fi; \ - done; + @set -e; target=dclean; $(RECURSIVE_BUILD_CMD) rehash: rehash.time rehash.time: certs @@ -687,29 +392,17 @@ test: tests tests: rehash @(cd test && echo "testing..." && \ - $(MAKE) CC='${CC}' PLATFORM='${PLATFORM}' CFLAG='${CFLAG}' SDIRS='$(SDIRS)' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' BN_ASM='${BN_ASM}' DES_ENC='${DES_ENC}' FIPS_DES_ENC='${FIPS_DES_ENC}' BF_ENC='${BF_ENC}' CAST_ENC='${CAST_ENC}' RC4_ENC='${RC4_ENC}' RC5_ENC='${RC5_ENC}' SHA1_ASM_OBJ='${SHA1_ASM_OBJ}' FIPS_SHA1_ASM_OBJ='${FIPS_SHA1_ASM_OBJ}' MD5_ASM_OBJ='${MD5_ASM_OBJ}' RMD160_ASM_OBJ='${RMD160_ASM_OBJ}' AR='${AR}' PROCESSOR='${PROCESSOR}' PERL='${PERL}' RANLIB='${RANLIB}' TESTS='${TESTS}' KRB5_INCLUDES='${KRB5_INCLUDES}' LIBKRB5='${LIBKRB5}' EXE_EXT='${EXE_EXT}' SHARED_LIBS='${SHARED_LIBS}' SHLIB_EXT='${SHLIB_EXT}' SHLIB_TARGET='${SHLIB_TARGET}' TESTS='${TESTS}' OPENSSL_DEBUG_MEMORY=on tests ); - util/shlib_wrap.sh apps/openssl version -a + $(CLEARENV) && $(MAKE) -e $(BUILDENV) TOP=.. TESTS='${TESTS}' OPENSSL_DEBUG_MEMORY=on tests ); + util/opensslwrap.sh version -a report: @$(PERL) util/selftest.pl depend: - @for i in $(DIRS) ;\ - do \ - if [ -d "$$i" ]; then \ - (cd $$i && echo "making dependencies $$i..." && \ - $(MAKE) SDIRS='${SDIRS}' CFLAG='${CFLAG}' DEPFLAG='${DEPFLAG}' MAKEDEPPROG='${MAKEDEPPROG}' KRB5_INCLUDES='${KRB5_INCLUDES}' PERL='${PERL}' depend ) || exit 1; \ - fi; \ - done; + @set -e; target=depend; $(RECURSIVE_BUILD_CMD) lint: - @for i in $(DIRS) ;\ - do \ - if [ -d "$$i" ]; then \ - (cd $$i && echo "making lint $$i..." && \ - $(MAKE) SDIRS='${SDIRS}' lint ) || exit 1; \ - fi; \ - done; + @set -e; target=lint; $(RECURSIVE_BUILD_CMD) tags: rm -f TAGS @@ -717,7 +410,8 @@ tags: errors: $(PERL) util/mkerr.pl -recurse -write - (cd crypto/engine; $(MAKE) PERL=$(PERL) errors) + (cd engines; $(MAKE) PERL=$(PERL) errors) + $(PERL) util/ck_errf.pl */*.c */*/*.c stacks: $(PERL) util/mkstack.pl -write @@ -779,45 +473,36 @@ dist: @$(MAKE) TAR='${TAR}' TARFLAGS='${TARFLAGS}' tar dist_pem_h: - (cd crypto/pem; $(MAKE) CC='${CC}' SDIRS='${SDIRS}' CFLAG='${CFLAG}' pem.h; $(MAKE) clean) + (cd crypto/pem; $(MAKE) -e $(BUILDENV) pem.h; $(MAKE) clean) install: all install_docs install_sw install_sw: @$(PERL) $(TOP)/util/mkdir-p.pl $(INSTALL_PREFIX)$(INSTALLTOP)/bin \ $(INSTALL_PREFIX)$(INSTALLTOP)/lib \ + $(INSTALL_PREFIX)$(INSTALLTOP)/lib/engines \ $(INSTALL_PREFIX)$(INSTALLTOP)/lib/pkgconfig \ $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl \ $(INSTALL_PREFIX)$(OPENSSLDIR)/misc \ $(INSTALL_PREFIX)$(OPENSSLDIR)/certs \ $(INSTALL_PREFIX)$(OPENSSLDIR)/private - @headerlist="$(EXHEADER)"; for i in $$headerlist ;\ + @set -e; headerlist="$(EXHEADER)"; for i in $$headerlist;\ do \ (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \ chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \ done; - @for i in $(DIRS) ;\ - do \ - if [ -d "$$i" ]; then \ - (cd $$i; echo "installing $$i..."; \ - $(MAKE) CC='${CC}' CFLAG='${CFLAG}' INSTALL_PREFIX='${INSTALL_PREFIX}' INSTALLTOP='${INSTALLTOP}' OPENSSLDIR='${OPENSSLDIR}' EX_LIBS='${EX_LIBS}' SDIRS='${SDIRS}' RANLIB='${RANLIB}' EXE_EXT='${EXE_EXT}' install ); \ - fi; \ - done - @for i in $(LIBS) ;\ + @set -e; target=install; $(RECURSIVE_BUILD_CMD) + @set -e; for i in $(LIBS) ;\ do \ if [ -f "$$i" ]; then \ ( echo installing $$i; \ cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/lib/$$i.new; \ - if egrep 'define OPENSSL_FIPS' $(TOP)/include/openssl/opensslconf.h > /dev/null; then \ - : ; \ - else \ - $(RANLIB) $(INSTALL_PREFIX)$(INSTALLTOP)/lib/$$i.new; \ - fi; \ + $(RANLIB) $(INSTALL_PREFIX)$(INSTALLTOP)/lib/$$i.new; \ chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/lib/$$i.new; \ mv -f $(INSTALL_PREFIX)$(INSTALLTOP)/lib/$$i.new $(INSTALL_PREFIX)$(INSTALLTOP)/lib/$$i ); \ fi; \ done; - @if [ -n "$(SHARED_LIBS)" ]; then \ + @set -e; if [ -n "$(SHARED_LIBS)" ]; then \ tmp="$(SHARED_LIBS)"; \ for i in $${tmp:-x}; \ do \ @@ -828,20 +513,19 @@ install_sw: chmod 555 $(INSTALL_PREFIX)$(INSTALLTOP)/lib/$$i.new; \ mv -f $(INSTALL_PREFIX)$(INSTALLTOP)/lib/$$i.new $(INSTALL_PREFIX)$(INSTALLTOP)/lib/$$i; \ else \ - c=`echo $$i | sed 's/^lib\(.*\)\.dll/cyg\1-$(SHLIB_VERSION_NUMBER).dll/'`; \ + c=`echo $$i | sed 's/^lib\(.*\)\.dll\.a/cyg\1-$(SHLIB_VERSION_NUMBER).dll/'`; \ cp $$c $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$c.new; \ chmod 755 $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$c.new; \ mv -f $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$c.new $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$c; \ - cp $$i.a $(INSTALL_PREFIX)$(INSTALLTOP)/lib/$$i.a.new; \ - chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/lib/$$i.a.new; \ - mv -f $(INSTALL_PREFIX)$(INSTALLTOP)/lib/$$i.a.new $(INSTALL_PREFIX)$(INSTALLTOP)/lib/$$i.a; \ + cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/lib/$$i.new; \ + chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/lib/$$i.new; \ + mv -f $(INSTALL_PREFIX)$(INSTALLTOP)/lib/$$i.new $(INSTALL_PREFIX)$(INSTALLTOP)/lib/$$i; \ fi ); \ fi; \ done; \ ( here="`pwd`"; \ cd $(INSTALL_PREFIX)$(INSTALLTOP)/lib; \ - set $(MAKE); \ - $$1 -f $$here/Makefile link-shared ); \ + $(MAKE) -f $$here/Makefile HERE="$$here" link-shared ); \ if [ "$(INSTALLTOP)" != "/usr" ]; then \ echo 'OpenSSL shared libraries have been installed in:'; \ echo ' $(INSTALLTOP)'; \ @@ -849,6 +533,10 @@ install_sw: sed -e '1,/^$$/d' doc/openssl-shared.txt; \ fi; \ fi + cp libcrypto.pc $(INSTALL_PREFIX)$(INSTALLTOP)/lib/pkgconfig + chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/lib/pkgconfig/libcrypto.pc + cp libssl.pc $(INSTALL_PREFIX)$(INSTALLTOP)/lib/pkgconfig + chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/lib/pkgconfig/libssl.pc cp openssl.pc $(INSTALL_PREFIX)$(INSTALLTOP)/lib/pkgconfig chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/lib/pkgconfig/openssl.pc @@ -864,9 +552,9 @@ install_docs: if [ "$(PLATFORM)" = "DJGPP" -o "$(PLATFORM)" = "Cygwin" -o "$(PLATFORM)" = "mingw" ]; then \ filecase=-i; \ fi; \ - for i in doc/apps/*.pod; do \ + set -e; for i in doc/apps/*.pod; do \ fn=`basename $$i .pod`; \ - if [ "$$fn" = "config" ]; then sec=5; else sec=1; fi; \ + sec=`$(PERL) util/extract-section.pl 1 < $$i`; \ echo "installing man$$sec/$$fn.$${sec}$(MANSUFFIX)"; \ (cd `$(PERL) util/dirname.pl $$i`; \ sh -c "$$pod2man \ @@ -881,9 +569,9 @@ install_docs: $$here/util/point.sh $$fn.$${sec}$(MANSUFFIX) "$$n".$${sec}$(MANSUFFIX); \ done); \ done; \ - for i in doc/crypto/*.pod doc/ssl/*.pod; do \ + set -e; for i in doc/crypto/*.pod doc/ssl/*.pod; do \ fn=`basename $$i .pod`; \ - if [ "$$fn" = "des_modes" ]; then sec=7; else sec=3; fi; \ + sec=`$(PERL) util/extract-section.pl 3 < $$i`; \ echo "installing man$$sec/$$fn.$${sec}$(MANSUFFIX)"; \ (cd `$(PERL) util/dirname.pl $$i`; \ sh -c "$$pod2man \ diff --git a/src/lib/libssl/src/Makefile.org b/src/lib/libssl/src/Makefile.org index b9db0dd57d..22b1699257 100644 --- a/src/lib/libssl/src/Makefile.org +++ b/src/lib/libssl/src/Makefile.org @@ -57,9 +57,8 @@ OPENSSLDIR=/usr/local/ssl # equal 4. # PKCS1_CHECK - pkcs1 tests. -CC= gcc -#CFLAG= -DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -m486 -Wall -Wuninitialized -DSHA1_ASM -DMD5_ASM -DRMD160_ASM -CFLAG= -DTERMIOS -DL_ENDIAN -fomit-frame-pointer -O3 -m486 -Wall -DSHA1_ASM -DMD5_ASM -DRMD160_ASM +CC= cc +CFLAG= -O DEPFLAG= PEX_LIBS= EX_LIBS= @@ -80,93 +79,22 @@ MAKEDEPPROG=makedepend AS=$(CC) -c ASFLAG=$(CFLAG) -# Set BN_ASM to bn_asm.o if you want to use the C version -BN_ASM= bn_asm.o -#BN_ASM= bn_asm.o -#BN_ASM= asm/bn86-elf.o # elf, linux-elf -#BN_ASM= asm/bn86-sol.o # solaris -#BN_ASM= asm/bn86-out.o # a.out, FreeBSD -#BN_ASM= asm/bn86bsdi.o # bsdi -#BN_ASM= asm/alpha.o # DEC Alpha -#BN_ASM= asm/pa-risc2.o # HP-UX PA-RISC -#BN_ASM= asm/r3000.o # SGI MIPS cpu -#BN_ASM= asm/sparc.o # Sun solaris/SunOS -#BN_ASM= asm/bn-win32.o # Windows 95/NT -#BN_ASM= asm/x86w16.o # 16 bit code for Windows 3.1/DOS -#BN_ASM= asm/x86w32.o # 32 bit code for Windows 3.1 - # For x86 assembler: Set PROCESSOR to 386 if you want to support # the 80386. PROCESSOR= -# Set DES_ENC to des_enc.o if you want to use the C version -#There are 4 x86 assember options. -FIPS_DES_ENC= des_enc.o fcrypt_b.o -FIPS_AES_ENC= fips_aes_core.o -DES_ENC= asm/dx86-out.o asm/yx86-out.o -#DES_ENC= des_enc.o fcrypt_b.o # C -#DES_ENC= asm/dx86-elf.o asm/yx86-elf.o # elf -#DES_ENC= asm/dx86-sol.o asm/yx86-sol.o # solaris -#DES_ENC= asm/dx86-out.o asm/yx86-out.o # a.out, FreeBSD -#DES_ENC= asm/dx86bsdi.o asm/yx86bsdi.o # bsdi - -# Set BF_ENC to bf_enc.o if you want to use the C version -#There are 4 x86 assember options. -BF_ENC= asm/bx86-out.o -#BF_ENC= bf_enc.o -#BF_ENC= asm/bx86-elf.o # elf -#BF_ENC= asm/bx86-sol.o # solaris -#BF_ENC= asm/bx86-out.o # a.out, FreeBSD -#BF_ENC= asm/bx86bsdi.o # bsdi - -# Set CAST_ENC to c_enc.o if you want to use the C version -#There are 4 x86 assember options. -CAST_ENC= asm/cx86-out.o -#CAST_ENC= c_enc.o -#CAST_ENC= asm/cx86-elf.o # elf -#CAST_ENC= asm/cx86-sol.o # solaris -#CAST_ENC= asm/cx86-out.o # a.out, FreeBSD -#CAST_ENC= asm/cx86bsdi.o # bsdi - -# Set RC4_ENC to rc4_enc.o if you want to use the C version -#There are 4 x86 assember options. -RC4_ENC= asm/rx86-out.o -#RC4_ENC= rc4_enc.o -#RC4_ENC= asm/rx86-elf.o # elf -#RC4_ENC= asm/rx86-sol.o # solaris -#RC4_ENC= asm/rx86-out.o # a.out, FreeBSD -#RC4_ENC= asm/rx86bsdi.o # bsdi - -# Set RC5_ENC to rc5_enc.o if you want to use the C version -#There are 4 x86 assember options. -RC5_ENC= asm/r586-out.o -#RC5_ENC= rc5_enc.o -#RC5_ENC= asm/r586-elf.o # elf -#RC5_ENC= asm/r586-sol.o # solaris -#RC5_ENC= asm/r586-out.o # a.out, FreeBSD -#RC5_ENC= asm/r586bsdi.o # bsdi - -# Also need MD5_ASM defined -MD5_ASM_OBJ= asm/mx86-out.o -#MD5_ASM_OBJ= asm/mx86-elf.o # elf -#MD5_ASM_OBJ= asm/mx86-sol.o # solaris -#MD5_ASM_OBJ= asm/mx86-out.o # a.out, FreeBSD -#MD5_ASM_OBJ= asm/mx86bsdi.o # bsdi - -# Also need SHA1_ASM defined -SHA1_ASM_OBJ= asm/sx86-out.o -FIPS_SHA1_ASM_OBJ= asm/sx86-out.o -#SHA1_ASM_OBJ= asm/sx86-elf.o # elf -#SHA1_ASM_OBJ= asm/sx86-sol.o # solaris -#SHA1_ASM_OBJ= asm/sx86-out.o # a.out, FreeBSD -#SHA1_ASM_OBJ= asm/sx86bsdi.o # bsdi - -# Also need RMD160_ASM defined -RMD160_ASM_OBJ= asm/rm86-out.o -#RMD160_ASM_OBJ= asm/rm86-elf.o # elf -#RMD160_ASM_OBJ= asm/rm86-sol.o # solaris -#RMD160_ASM_OBJ= asm/rm86-out.o # a.out, FreeBSD -#RMD160_ASM_OBJ= asm/rm86bsdi.o # bsdi +# CPUID module collects small commonly used assembler snippets +CPUID_OBJ= +BN_ASM= bn_asm.o +DES_ENC= des_enc.o fcrypt_b.o +AES_ASM_OBJ=aes_core.o aes_cbc.o +BF_ENC= bf_enc.o +CAST_ENC= c_enc.o +RC4_ENC= rc4_enc.o +RC5_ENC= rc5_enc.o +MD5_ASM_OBJ= +SHA1_ASM_OBJ= +RMD160_ASM_OBJ= # KRB5 stuff KRB5_INCLUDES= @@ -176,36 +104,20 @@ LIBKRB5= ZLIB_INCLUDE= LIBZLIB= -# This is the location of fipscanister.o and friends. -# The FIPS module build will place it $(INSTALLTOP)/lib -# but since $(INSTALLTOP) can only take the default value -# when the module is built it will be in /usr/local/ssl/lib -# $(INSTALLTOP) for this build make be different so hard -# code the path. - -FIPSLIBDIR=/usr/local/ssl/lib - -# Shared library base address. Currently only used on Windows. -# - -BASEADDR= - -# When we're prepared to use shared libraries in the programs we link here -# we might set SHLIB_MARK to '$(SHARED_LIBS)'. -SHLIB_MARK= - -DIRS= crypto fips-1.0 ssl $(SHLIB_MARK) apps test tools +DIRS= crypto ssl engines apps test tools SHLIBDIRS= crypto ssl # dirs in crypto to build -SDIRS= objects \ +SDIRS= \ + objects \ md2 md4 md5 sha mdc2 hmac ripemd \ - des rc2 rc4 rc5 idea bf cast \ - bn ec rsa dsa dh dso engine aes \ + des aes rc2 rc4 rc5 idea bf cast camellia seed \ + bn ec rsa dsa ecdsa dh ecdh dso engine \ buffer bio stack lhash rand err \ - evp asn1 pem x509 x509v3 conf txt_db pkcs7 pkcs12 comp ocsp ui krb5 - -FDIRS= sha rand des aes dsa rsa dh hmac + evp asn1 pem x509 x509v3 conf txt_db pkcs7 pkcs12 comp ocsp ui krb5 \ + store cms pqueue +# keep in mind that the above list is adjusted by ./Configure +# according to no-xxx arguments... # tests to perform. "alltests" is a special word indicating that all tests # should be performed. @@ -238,38 +150,106 @@ WTARFILE= $(NAME)-win.tar EXHEADER= e_os2.h HEADER= e_os.h -# When we're prepared to use shared libraries in the programs we link here -# we might remove 'clean-shared' from the targets to perform at this stage +all: Makefile build_all openssl.pc libssl.pc libcrypto.pc + +# as we stick to -e, CLEARENV ensures that local variables in lower +# Makefiles remain local and variable. $${VAR+VAR} is tribute to Korn +# shell, which [annoyingly enough] terminates unset with error if VAR +# is not present:-( TOP= && unset TOP is tribute to HP-UX /bin/sh, +# which terminates unset with error if no variable was present:-( +CLEARENV= TOP= && unset TOP $${LIB+LIB} $${LIBS+LIBS} \ + $${INCLUDE+INCLUDE} $${INCLUDES+INCLUDES} \ + $${DIR+DIR} $${DIRS+DIRS} $${SRC+SRC} \ + $${LIBSRC+LIBSRC} $${LIBOBJ+LIBOBJ} $${ALL+ALL} \ + $${EXHEADER+EXHEADER} $${HEADER+HEADER} \ + $${GENERAL+GENERAL} $${CFLAGS+CFLAGS} \ + $${ASFLAGS+ASFLAGS} $${AFLAGS+AFLAGS} \ + $${LDCMD+LDCMD} $${LDFLAGS+LDFLAGS} \ + $${SHAREDCMD+SHAREDCMD} $${SHAREDFLAGS+SHAREDFLAGS} \ + $${SHARED_LIB+SHARED_LIB} $${LIBEXTRAS+LIBEXTRAS} + +BUILDENV= PLATFORM='${PLATFORM}' PROCESSOR='${PROCESSOR}' \ + CC='${CC}' CFLAG='${CFLAG}' \ + AS='${CC}' ASFLAG='${CFLAG} -c' \ + AR='${AR}' PERL='${PERL}' RANLIB='${RANLIB}' \ + SDIRS='${SDIRS}' LIBRPATH='${INSTALLTOP}/lib' \ + INSTALL_PREFIX='${INSTALL_PREFIX}' \ + INSTALLTOP='${INSTALLTOP}' OPENSSLDIR='${OPENSSLDIR}' \ + MAKEDEPEND='$$$${TOP}/util/domd $$$${TOP} -MD ${MAKEDEPPROG}' \ + DEPFLAG='-DOPENSSL_NO_DEPRECATED ${DEPFLAG}' \ + MAKEDEPPROG='${MAKEDEPPROG}' \ + SHARED_LDFLAGS='${SHARED_LDFLAGS}' \ + KRB5_INCLUDES='${KRB5_INCLUDES}' LIBKRB5='${LIBKRB5}' \ + EXE_EXT='${EXE_EXT}' SHARED_LIBS='${SHARED_LIBS}' \ + SHLIB_EXT='${SHLIB_EXT}' SHLIB_TARGET='${SHLIB_TARGET}' \ + PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' \ + CPUID_OBJ='${CPUID_OBJ}' \ + BN_ASM='${BN_ASM}' DES_ENC='${DES_ENC}' \ + AES_ASM_OBJ='${AES_ASM_OBJ}' \ + BF_ENC='${BF_ENC}' CAST_ENC='${CAST_ENC}' \ + RC4_ENC='${RC4_ENC}' RC5_ENC='${RC5_ENC}' \ + SHA1_ASM_OBJ='${SHA1_ASM_OBJ}' \ + MD5_ASM_OBJ='${MD5_ASM_OBJ}' \ + RMD160_ASM_OBJ='${RMD160_ASM_OBJ}' \ + THIS=$${THIS:-$@} MAKEFILE=Makefile MAKEOVERRIDES= +# MAKEOVERRIDES= effectively "equalizes" GNU-ish and SysV-ish make flavors, +# which in turn eliminates ambiguities in variable treatment with -e. + +# BUILD_CMD is a generic macro to build a given target in a given +# subdirectory. The target must be given through the shell variable +# `target' and the subdirectory to build in must be given through `dir'. +# This macro shouldn't be used directly, use RECURSIVE_BUILD_CMD or +# BUILD_ONE_CMD instead. +# +# BUILD_ONE_CMD is a macro to build a given target in a given +# subdirectory if that subdirectory is part of $(DIRS). It requires +# exactly the same shell variables as BUILD_CMD. +# +# RECURSIVE_BUILD_CMD is a macro to build a given target in all +# subdirectories defined in $(DIRS). It requires that the target +# is given through the shell variable `target'. +BUILD_CMD= if [ -d "$$dir" ]; then \ + ( cd $$dir && echo "making $$target in $$dir..." && \ + $(CLEARENV) && $(MAKE) -e $(BUILDENV) TOP=.. DIR=$$dir $$target \ + ) || exit 1; \ + fi +RECURSIVE_BUILD_CMD=for dir in $(DIRS); do $(BUILD_CMD); done +BUILD_ONE_CMD=\ + if echo " $(DIRS) " | grep " $$dir " >/dev/null 2>/dev/null; then \ + $(BUILD_CMD); \ + fi -all: Makefile sub_all openssl.pc +reflect: + @[ -n "$(THIS)" ] && $(CLEARENV) && $(MAKE) $(THIS) -e $(BUILDENV) -sub_all: - @for i in $(DIRS); \ - do \ - if [ -d "$$i" ]; then \ - (cd $$i && echo "making all in $$i..." && \ - $(MAKE) CC='${CC}' PLATFORM='${PLATFORM}' CFLAG='${CFLAG}' AS='${AS}' ASFLAG='${ASFLAG}' SDIRS='$(SDIRS)' FDIRS='$(FDIRS)' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' BN_ASM='${BN_ASM}' DES_ENC='${DES_ENC}' FIPS_DES_ENC='${FIPS_DES_ENC}' FIPS_AES_ENC='${FIPS_AES_ENC}' BF_ENC='${BF_ENC}' CAST_ENC='${CAST_ENC}' RC4_ENC='${RC4_ENC}' RC5_ENC='${RC5_ENC}' SHA1_ASM_OBJ='${SHA1_ASM_OBJ}' FIPS_SHA1_ASM_OBJ='${FIPS_SHA1_ASM_OBJ}' MD5_ASM_OBJ='${MD5_ASM_OBJ}' RMD160_ASM_OBJ='${RMD160_ASM_OBJ}' AR='${AR}' PROCESSOR='${PROCESSOR}' PERL='${PERL}' RANLIB='${RANLIB}' KRB5_INCLUDES='${KRB5_INCLUDES}' LIBKRB5='${LIBKRB5}' EXE_EXT='${EXE_EXT}' SHARED_LIBS='${SHARED_LIBS}' SHLIB_EXT='${SHLIB_EXT}' SHLIB_TARGET='${SHLIB_TARGET}' FIPSLIBDIR='${FIPSLIBDIR}' all ) || exit 1; \ - else \ - $(MAKE) $$i; \ - fi; \ - done; +sub_all: build_all +build_all: build_libs build_apps build_tests build_tools -sub_target: - @for i in $(DIRS); \ - do \ - if [ -d "$$i" ]; then \ - (cd $$i && echo "making $(TARGET) in $$i..." && \ - $(MAKE) CC='${CC}' PLATFORM='${PLATFORM}' CFLAG='${CFLAG}' AS='${AS}' ASFLAG='${ASFLAG}' SDIRS='$(SDIRS)' FDIRS='$(FDIRS)' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' BN_ASM='${BN_ASM}' DES_ENC='${DES_ENC}' FIPS_DES_ENC='${FIPS_DES_ENC}' FIPS_AES_ENC='${FIPS_AES_ENC}' BF_ENC='${BF_ENC}' CAST_ENC='${CAST_ENC}' RC4_ENC='${RC4_ENC}' RC5_ENC='${RC5_ENC}' SHA1_ASM_OBJ='${SHA1_ASM_OBJ}' FIPS_SHA1_ASM_OBJ='${FIPS_SHA1_ASM_OBJ}' MD5_ASM_OBJ='${MD5_ASM_OBJ}' RMD160_ASM_OBJ='${RMD160_ASM_OBJ}' AR='${AR}' PROCESSOR='${PROCESSOR}' PERL='${PERL}' RANLIB='${RANLIB}' KRB5_INCLUDES='${KRB5_INCLUDES}' LIBKRB5='${LIBKRB5}' EXE_EXT='${EXE_EXT}' SHARED_LIBS='${SHARED_LIBS}' SHLIB_EXT='${SHLIB_EXT}' SHLIB_TARGET='${SHLIB_TARGET}' TARGET='$(TARGET)' sub_target ) || exit 1; \ - else \ - $(MAKE) $$i; \ - fi; \ - done; +build_libs: build_crypto build_ssl build_engines + +build_crypto: + @dir=crypto; target=all; $(BUILD_ONE_CMD) +build_ssl: + @dir=ssl; target=all; $(BUILD_ONE_CMD) +build_engines: + @dir=engines; target=all; $(BUILD_ONE_CMD) +build_apps: + @dir=apps; target=all; $(BUILD_ONE_CMD) +build_tests: + @dir=test; target=all; $(BUILD_ONE_CMD) +build_tools: + @dir=tools; target=all; $(BUILD_ONE_CMD) + +all_testapps: build_libs build_testapps +build_testapps: + @dir=crypto; target=testapps; $(BUILD_ONE_CMD) libcrypto$(SHLIB_EXT): libcrypto.a @if [ "$(SHLIB_TARGET)" != "" ]; then \ $(MAKE) SHLIBDIRS=crypto build-shared; \ else \ echo "There's no support for shared libraries on this platform" >&2; \ + exit 1; \ fi libssl$(SHLIB_EXT): libcrypto$(SHLIB_EXT) libssl.a @@ -277,10 +257,11 @@ libssl$(SHLIB_EXT): libcrypto$(SHLIB_EXT) libssl.a $(MAKE) SHLIBDIRS=ssl SHLIBDEPS='-lcrypto' build-shared; \ else \ echo "There's no support for shared libraries on this platform" >&2; \ + exit 1; \ fi clean-shared: - @for i in $(SHLIBDIRS); do \ + @set -e; for i in $(SHLIBDIRS); do \ if [ -n "$(SHARED_LIBS_LINK_EXTS)" ]; then \ tmp="$(SHARED_LIBS_LINK_EXTS)"; \ for j in $${tmp:-x}; do \ @@ -289,312 +270,59 @@ clean-shared: fi; \ ( set -x; rm -f lib$$i$(SHLIB_EXT) ); \ if [ "$(PLATFORM)" = "Cygwin" ]; then \ - ( set -x; rm -f cyg$$i-$(SHLIB_VERSION_NUMBER)$(SHLIB_EXT) lib$$i$(SHLIB_EXT).a ); \ + ( set -x; rm -f cyg$$i$(SHLIB_EXT) lib$$i$(SHLIB_EXT).a ); \ fi; \ done link-shared: - @if [ -n "$(SHARED_LIBS_LINK_EXTS)" ]; then \ - tmp="$(SHARED_LIBS_LINK_EXTS)"; \ - for i in $(SHLIBDIRS); do \ - prev=lib$$i$(SHLIB_EXT); \ - for j in $${tmp:-x}; do \ - ( set -x; \ - rm -f lib$$i$$j; ln -s $$prev lib$$i$$j ); \ - prev=lib$$i$$j; \ - done; \ - done; \ - fi - -build-shared: clean-shared do_$(SHLIB_TARGET) link-shared - -do_bsd-gcc-shared: do_gnu-shared -do_linux-shared: do_gnu-shared -do_gnu-shared: - libs='-L. ${SHLIBDEPS}'; for i in ${SHLIBDIRS}; do \ - if [ "${SHLIBDIRS}" = "ssl" -a -n "$(LIBKRB5)" ]; then \ - libs="$(LIBKRB5) $$libs"; \ - fi; \ - ( set -x; $${FIPSLD:-${CC}} ${SHARED_LDFLAGS} \ - -shared -o lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR} \ - -Wl,-soname=lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR} \ - -Wl,-Bsymbolic \ - -Wl,--whole-archive lib$$i.a \ - -Wl,--no-whole-archive $$libs ${EX_LIBS} ) || exit 1; \ - libs="-l$$i $$libs"; \ - done - -DETECT_GNU_LD=(${CC} -Wl,-V /dev/null 2>&1 | grep '^GNU ld' )>/dev/null - -# For Darwin AKA Mac OS/X (dyld) -do_darwin-shared: - libs='-L. ${SHLIBDEPS}'; for i in ${SHLIBDIRS}; do \ - if [ "${SHLIBDIRS}" = "ssl" -a -n "$(LIBKRB5)" ]; then \ - libs="$(LIBKRB5) $$libs"; \ - fi; \ - ( set -x; $${FIPSLD:-${CC}} ${SHARED_LDFLAGS} \ - --verbose -dynamiclib -o lib$$i${SHLIB_EXT} \ - lib$$i.a $$libs -all_load -current_version ${SHLIB_MAJOR}.${SHLIB_MINOR} \ - -compatibility_version ${SHLIB_MAJOR}.`echo ${SHLIB_MINOR} | cut -d. -f1` \ - -install_name ${INSTALLTOP}/lib/lib$$i${SHLIB_EXT} ) || exit 1; \ - libs="-l`basename $$i${SHLIB_EXT} .dylib` $$libs"; \ - echo "" ; \ + @ set -e; for i in ${SHLIBDIRS}; do \ + $(MAKE) -f $(HERE)/Makefile.shared -e $(BUILDENV) \ + LIBNAME=$$i LIBVERSION=${SHLIB_MAJOR}.${SHLIB_MINOR} \ + LIBCOMPATVERSIONS=";${SHLIB_VERSION_HISTORY}" \ + symlink.$(SHLIB_TARGET); \ + libs="$$libs -l$$i"; \ done -do_cygwin-shared: - libs='-L. ${SHLIBDEPS}'; for i in ${SHLIBDIRS}; do \ - if [ "${SHLIBDIRS}" = "ssl" -a -n "$(LIBKRB5)" ]; then \ - libs="$(LIBKRB5) $$libs"; \ - fi; \ - shlib=cyg$${i}-$(SHLIB_VERSION_NUMBER).dll; \ - [ "$(PLATFORM)" = "mingw" ] && shlib=$${i}eay32.dll; \ - [ -f apps/$$shlib ] && rm apps/$$shlib; \ - [ -f test/$$shlib ] && rm test/$$shlib; \ - base=; [ $$i = "crypto" ] && base=-Wl,--image-base,0x63000000; \ - ( set -x; $${FIPSLD:-${CC}} ${SHARED_LDFLAGS} \ - -shared $$base -o $$shlib \ - -Wl,-Bsymbolic \ - -Wl,--whole-archive lib$$i.a \ - -Wl,--out-implib,lib$$i.dll.a \ - -Wl,--no-whole-archive $$libs ${EX_LIBS} ) || exit 1; \ - cp -p $$shlib apps/; cp -p $$shlib test/; \ - touch -c lib$$i.dll.a; \ - libs="-l$$i $$libs"; \ - done - -# This assumes that GNU utilities are *not* used -do_alpha-osf1-shared: - if ${DETECT_GNU_LD}; then \ - $(MAKE) do_gnu-shared; \ - else \ - libs='-L. ${SHLIBDEPS}'; for i in ${SHLIBDIRS}; do \ - if [ "${SHLIBDIRS}" = "ssl" -a -n "$(LIBKRB5)" ]; then \ - libs="$(LIBKRB5) $$libs"; \ - fi; \ - ( set -x; $${FIPSLD:-${CC}} ${SHARED_LDFLAGS} \ - -shared -o lib$$i.so \ - -set_version "${SHLIB_VERSION_HISTORY}${SHLIB_VERSION_NUMBER}" \ - -all lib$$i.a -none $$libs ${EX_LIBS} ) || exit 1; \ - libs="-l$$i $$libs"; \ - done; \ - fi - -# This assumes that GNU utilities are *not* used -# The difference between alpha-osf1-shared and tru64-shared is the `-msym' -# option passed to the linker. -do_tru64-shared: - if ${DETECT_GNU_LD}; then \ - $(MAKE) do_gnu-shared; \ - else \ - libs='-L. ${SHLIBDEPS}'; for i in ${SHLIBDIRS}; do \ - if [ "${SHLIBDIRS}" = "ssl" -a -n "$(LIBKRB5)" ]; then \ - libs="$(LIBKRB5) $$libs"; \ - fi; \ - ( set -x; $${FIPSLD:-${CC}} ${SHARED_LDFLAGS} \ - -shared -msym -o lib$$i.so \ - -set_version "${SHLIB_VERSION_HISTORY}${SHLIB_VERSION_NUMBER}" \ - -all lib$$i.a -none $$libs ${EX_LIBS} ) || exit 1; \ - libs="-l$$i $$libs"; \ - done; \ - fi +build-shared: do_$(SHLIB_TARGET) link-shared -# This assumes that GNU utilities are *not* used -# The difference between tru64-shared and tru64-shared-rpath is the -# -rpath ${INSTALLTOP}/lib passed to the linker. -do_tru64-shared-rpath: - if ${DETECT_GNU_LD}; then \ - $(MAKE) do_gnu-shared; \ - else \ - libs='-L. ${SHLIBDEPS}'; for i in ${SHLIBDIRS}; do \ +do_$(SHLIB_TARGET): + @ set -e; libs='-L. ${SHLIBDEPS}'; for i in ${SHLIBDIRS}; do \ if [ "${SHLIBDIRS}" = "ssl" -a -n "$(LIBKRB5)" ]; then \ libs="$(LIBKRB5) $$libs"; \ fi; \ - ( set -x; $${FIPSLD:-${CC}} ${SHARED_LDFLAGS} \ - -shared -msym -o lib$$i.so \ - -rpath ${INSTALLTOP}/lib \ - -set_version "${SHLIB_VERSION_HISTORY}${SHLIB_VERSION_NUMBER}" \ - -all lib$$i.a -none $$libs ${EX_LIBS} ) || exit 1; \ + $(CLEARENV) && $(MAKE) -f Makefile.shared -e $(BUILDENV) \ + LIBNAME=$$i LIBVERSION=${SHLIB_MAJOR}.${SHLIB_MINOR} \ + LIBCOMPATVERSIONS=";${SHLIB_VERSION_HISTORY}" \ + LIBDEPS="$$libs $(EX_LIBS)" \ + link_a.$(SHLIB_TARGET); \ libs="-l$$i $$libs"; \ - done; \ - fi - - -# This assumes that GNU utilities are *not* used -do_solaris-shared: - if ${DETECT_GNU_LD}; then \ - $(MAKE) do_gnu-shared; \ - else \ - libs='-L. ${SHLIBDEPS}'; for i in ${SHLIBDIRS}; do \ - if [ "${SHLIBDIRS}" = "ssl" -a -n "$(LIBKRB5)" ]; then \ - libs="$(LIBKRB5) $$libs"; \ - fi; \ - ( PATH=/usr/ccs/bin:$$PATH ; export PATH; \ - MINUSZ='-z '; \ - (${CC} -v 2>&1 | grep gcc) > /dev/null && MINUSZ='-Wl,-z,'; \ - set -x; $${FIPSLD:-${CC}} ${SHARED_LDFLAGS} \ - -o lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR} \ - -h lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR} \ - -Wl,-Bsymbolic \ - $${MINUSZ}allextract lib$$i.a $${MINUSZ}defaultextract \ - $$libs ${EX_LIBS} ) || exit 1; \ - libs="-l$$i $$libs"; \ - done; \ - fi - -# OpenServer 5 native compilers used -do_svr3-shared: - if ${DETECT_GNU_LD}; then \ - $(MAKE) do_gnu-shared; \ - else \ - libs='-L. ${SHLIBDEPS}'; for i in ${SHLIBDIRS}; do \ - if [ "${SHLIBDIRS}" = "ssl" -a -n "$(LIBKRB5)" ]; then \ - libs="$(LIBKRB5) $$libs"; \ - fi; \ - ( PATH=/usr/ccs/bin:$$PATH ; export PATH; \ - find . -name "*.o" -print > allobjs ; \ - OBJS= ; export OBJS ; \ - for obj in `ar t lib$$i.a` ; do \ - OBJS="$${OBJS} `grep /$$obj allobjs`" ; \ - done ; \ - set -x; $${FIPSLD:-${CC}} ${SHARED_LDFLAGS} \ - -G -o lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR} \ - -h lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR} \ - $${OBJS} $$libs ${EX_LIBS} ) || exit 1; \ - libs="-l$$i $$libs"; \ - done; \ - fi - -# UnixWare 7 and OpenUNIX 8 native compilers used -do_svr5-shared: - if ${DETECT_GNU_LD}; then \ - $(MAKE) do_gnu-shared; \ - else \ - libs='-L. ${SHLIBDEPS}'; for i in ${SHLIBDIRS}; do \ - if [ "${SHLIBDIRS}" = "ssl" -a -n "$(LIBKRB5)" ]; then \ - libs="$(LIBKRB5) $$libs"; \ - fi; \ - ( PATH=/usr/ccs/bin:$$PATH ; export PATH; \ - SHARE_FLAG='-G'; \ - (${CC} -v 2>&1 | grep gcc) > /dev/null && SHARE_FLAG='-shared'; \ - find . -name "*.o" -print > allobjs ; \ - OBJS= ; export OBJS ; \ - for obj in `ar t lib$$i.a` ; do \ - OBJS="$${OBJS} `grep /$$obj allobjs`" ; \ - done ; \ - set -x; LD_LIBRARY_PATH=.:$$LD_LIBRARY_PATH \ - $${FIPSLD:-${CC}} ${SHARED_LDFLAGS} \ - $${SHARE_FLAG} -o lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR} \ - -h lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR} \ - $${OBJS} $$libs ${EX_LIBS} ) || exit 1; \ - libs="-l$$i $$libs"; \ - done; \ - fi - -# This assumes that GNU utilities are *not* used -do_irix-shared: - if ${DETECT_GNU_LD}; then \ - $(MAKE) do_gnu-shared; \ - else \ - libs='-L. ${SHLIBDEPS}'; for i in ${SHLIBDIRS}; do \ - if [ "${SHLIBDIRS}" = "ssl" -a -n "$(LIBKRB5)" ]; then \ - libs="$(LIBKRB5) $$libs"; \ - fi; \ - ( WHOLELIB="-all lib$$i.a -none"; \ - (${CC} -v 2>&1 | grep gcc) > /dev/null && WHOLELIB="-Wl,-all,lib$$i.a,-none"; \ - set -x; $${FIPSLD:-${CC}} ${SHARED_LDFLAGS} \ - -shared -o lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR} \ - -Wl,-soname,lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR} \ - $${WHOLELIB} $$libs ${EX_LIBS}) || exit 1; \ - libs="-l$$i $$libs"; \ - done; \ - fi - -# This assumes that GNU utilities are *not* used -# -do_hpux-shared: - for i in ${SHLIBDIRS}; do \ - if [ "${SHLIBDIRS}" = "ssl" -a -n "$(LIBKRB5)" ]; then \ - libs="$(LIBKRB5) $$libs"; \ - fi; \ - if expr $(PLATFORM) : '.*ia64' > /dev/null; then \ - shlib=lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR}; \ - else \ - shlib=lib$$i.sl.${SHLIB_MAJOR}.${SHLIB_MINOR}; \ - fi; \ - [ -f $$shlib ] && rm -f $$shlib; \ - ALLSYMSFLAGS='-Wl,-Fl'; \ - expr $(PLATFORM) : 'hpux64' > /dev/null && ALLSYMSFLAGS='-Wl,+forceload'; \ - ( set -x; $${FIPSLD:-${CC}} ${SHARED_LDFLAGS} \ - -Wl,-B,symbolic,+vnocompatwarnings,-z,+h,$$shlib \ - -o $$shlib $$ALLSYMSFLAGS,lib$$i.a -ldld ) || exit 1; \ - chmod a=rx $$shlib; \ done -# The following method is said to work on all platforms. Tests will -# determine if that's how it's gong to be used. -# This assumes that for all but GNU systems, GNU utilities are *not* used. -# ALLSYMSFLAGS would be: -# GNU systems: --whole-archive -# Tru64 Unix: -all -# Solaris: -z allextract -# Irix: -all -# HP/UX-32bit: -Fl -# HP/UX-64bit: +forceload -# AIX: -bnogc -# SHAREDFLAGS would be: -# GNU systems: -shared -Wl,-soname=lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR} -# Tru64 Unix: -shared \ -# -set_version "${SHLIB_VERSION_HISTORY}${SHLIB_VERSION_NUMBER}" -# Solaris: -G -h lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR} -# Irix: -shared -Wl,-soname,lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR} -# HP/UX-32bit: +vnocompatwarnings -b -z +s \ -# +h lib$$i.sl.${SHLIB_MAJOR}.${SHLIB_MINOR} -# HP/UX-64bit: -b -z +h lib$$i.sl.${SHLIB_MAJOR}.${SHLIB_MINOR} -# AIX: -G -bE:lib$$i.exp -bM:SRE -# SHAREDCMD would be: -# GNU systems: $(CC) -# Tru64 Unix: $(CC) -# Solaris: $(CC) -# Irix: $(CC) -# HP/UX-32bit: /usr/ccs/bin/ld -# HP/UX-64bit: /usr/ccs/bin/ld -# AIX: $(CC) -ALLSYMSFLAG=-bnogc -SHAREDFLAGS=${SHARED_LDFLAGS} -G -bE:lib$$i.exp -bM:SRE -SHAREDCMD=$(CC) -do_aix-shared: - libs='-L. ${SHLIBDEPS}'; for i in ${SHLIBDIRS}; do \ - if [ "${SHLIBDIRS}" = "ssl" -a -n "$(LIBKRB5)" ]; then \ - libs="$(LIBKRB5) $$libs"; \ - fi; \ - ( set -x; \ - OBJECT_MODE=`expr x${SHARED_LDFLAGS} : 'x\-[a-z]\([0-9]*\)'`; \ - OBJECT_MODE=$${OBJECT_MODE:-32}; export OBJECT_MODE; \ - ld -r -o lib$$i.o $(ALLSYMSFLAG) lib$$i.a && \ - ( nm -Pg lib$$i.o | grep ' [BD] ' | cut -f1 -d' ' > lib$$i.exp; \ - $${FIPSLD:-${CC}} $(SHAREDFLAGS) \ - -o lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR} lib$$i.o \ - $$libs ${EX_LIBS} ) ) \ - || exit 1; \ - libs="-l$$i $$libs"; \ - done +libcrypto.pc: Makefile + @ ( echo 'prefix=$(INSTALLTOP)'; \ + echo 'exec_prefix=$${prefix}'; \ + echo 'libdir=$${exec_prefix}/lib'; \ + echo 'includedir=$${prefix}/include'; \ + echo ''; \ + echo 'Name: OpenSSL-libcrypto'; \ + echo 'Description: OpenSSL cryptography library'; \ + echo 'Version: '$(VERSION); \ + echo 'Requires: '; \ + echo 'Libs: -L$${libdir} -lcrypto $(EX_LIBS)'; \ + echo 'Cflags: -I$${includedir} $(KRB5_INCLUDES)' ) > libcrypto.pc -do_reliantunix-shared: - libs='-L. ${SHLIBDEPS}'; for i in ${SHLIBDIRS}; do \ - if [ "${SHLIBDIRS}" = "ssl" -a -n "$(LIBKRB5)" ]; then \ - libs="$(LIBKRB5) $$libs"; \ - fi; \ - tmpdir=/tmp/openssl.$$$$ ; rm -rf $$tmpdir ; \ - ( set -x; \ - ( Opwd=`pwd` ; mkdir $$tmpdir || exit 1; \ - cd $$tmpdir || exit 1 ; ar x $$Opwd/lib$$i.a ; \ - $${FIPSLD:-${CC}} -G -o lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR} *.o \ - ) || exit 1; \ - cp $$tmpdir/lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR} . ; \ - ) || exit 1; \ - rm -rf $$tmpdir ; \ - libs="-l$$i $$libs"; \ - done +libssl.pc: Makefile + @ ( echo 'prefix=$(INSTALLTOP)'; \ + echo 'exec_prefix=$${prefix}'; \ + echo 'libdir=$${exec_prefix}/lib'; \ + echo 'includedir=$${prefix}/include'; \ + echo ''; \ + echo 'Name: OpenSSL'; \ + echo 'Description: Secure Sockets Layer and cryptography libraries'; \ + echo 'Version: '$(VERSION); \ + echo 'Requires: '; \ + echo 'Libs: -L$${libdir} -lssl -lcrypto $(EX_LIBS)'; \ + echo 'Cflags: -I$${includedir} $(KRB5_INCLUDES)' ) > libssl.pc openssl.pc: Makefile @ ( echo 'prefix=$(INSTALLTOP)'; \ @@ -606,31 +334,25 @@ openssl.pc: Makefile echo 'Description: Secure Sockets Layer and cryptography libraries and tools'; \ echo 'Version: '$(VERSION); \ echo 'Requires: '; \ - echo 'Libs: -L$${libdir} -lssl -lcrypto $(LIBKRB5) $(EX_LIBS)'; \ + echo 'Libs: -L$${libdir} -lssl -lcrypto $(EX_LIBS)'; \ echo 'Cflags: -I$${includedir} $(KRB5_INCLUDES)' ) > openssl.pc -Makefile: Makefile.org - @echo "Makefile is older than Makefile.org." +Makefile: Makefile.org Configure config + @echo "Makefile is older than Makefile.org, Configure or config." @echo "Reconfigure the source tree (via './config' or 'perl Configure'), please." @false libclean: - rm -f *.map *.so *.so.* engines/*.so *.a */lib */*/lib + rm -f *.map *.so *.so.* *.dll engines/*.so engines/*.dll *.a engines/*.a */lib */*/lib clean: libclean rm -f shlib/*.o *.o core a.out fluff rehash.time testlog make.log cctest cctest.c - @for i in $(DIRS) ;\ - do \ - if [ -d "$$i" ]; then \ - (cd $$i && echo "making clean in $$i..." && \ - $(MAKE) EXE_EXT='${EXE_EXT}' SDIRS='${SDIRS}' clean ) || exit 1; \ - rm -f $(LIBS); \ - fi; \ - done; - rm -f openssl.pc + @set -e; target=clean; $(RECURSIVE_BUILD_CMD) + rm -f $(LIBS) + rm -f openssl.pc libssl.pc libcrypto.pc rm -f speed.* .pure rm -f $(TARFILE) - @for i in $(ONEDIRS) ;\ + @set -e; for i in $(ONEDIRS) ;\ do \ rm -fr $$i/*; \ done @@ -641,37 +363,20 @@ makefile.one: files files: $(PERL) $(TOP)/util/files.pl Makefile > $(TOP)/MINFO - @for i in $(DIRS) ;\ - do \ - if [ -d "$$i" ]; then \ - (cd $$i && echo "making 'files' in $$i..." && \ - $(MAKE) SDIRS='${SDIRS}' PERL='${PERL}' files ) || exit 1; \ - fi; \ - done; + @set -e; target=files; $(RECURSIVE_BUILD_CMD) links: @$(PERL) $(TOP)/util/mkdir-p.pl include/openssl @$(PERL) $(TOP)/util/mklink.pl include/openssl $(EXHEADER) - @for i in $(DIRS); do \ - if [ -d "$$i" ]; then \ - (cd $$i && echo "making links in $$i..." && \ - $(MAKE) CC='${CC}' PLATFORM='${PLATFORM}' CFLAG='${CFLAG}' SDIRS='$(SDIRS)' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' BN_ASM='${BN_ASM}' DES_ENC='${DES_ENC}' FIPS_DES_ENC='${FIPS_DES_ENC}' BF_ENC='${BF_ENC}' CAST_ENC='${CAST_ENC}' RC4_ENC='${RC4_ENC}' RC5_ENC='${RC5_ENC}' SHA1_ASM_OBJ='${SHA1_ASM_OBJ}' FIPS_SHA1_ASM_OBJ='${FIPS_SHA1_ASM_OBJ}' MD5_ASM_OBJ='${MD5_ASM_OBJ}' RMD160_ASM_OBJ='${RMD160_ASM_OBJ}' AR='${AR}' PERL='${PERL}' KRB5_INCLUDES='${KRB5_INCLUDES}' LIBKRB5='${LIBKRB5}' links ) || exit 1; \ - fi; \ - done; + @set -e; target=links; $(RECURSIVE_BUILD_CMD) gentests: @(cd test && echo "generating dummy tests (if needed)..." && \ - $(MAKE) CC='${CC}' PLATFORM='${PLATFORM}' CFLAG='${CFLAG}' SDIRS='$(SDIRS)' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' BN_ASM='${BN_ASM}' DES_ENC='${DES_ENC}' FIPS_DES_ENC='${FIPS_DES_ENC}' BF_ENC='${BF_ENC}' CAST_ENC='${CAST_ENC}' RC4_ENC='${RC4_ENC}' RC5_ENC='${RC5_ENC}' SHA1_ASM_OBJ='${SHA1_ASM_OBJ}' FIPS_SHA1_ASM_OBJ='${FIPS_SHA1_ASM_OBJ}' MD5_ASM_OBJ='${MD5_ASM_OBJ}' RMD160_ASM_OBJ='${RMD160_ASM_OBJ}' AR='${AR}' PROCESSOR='${PROCESSOR}' PERL='${PERL}' RANLIB='${RANLIB}' TESTS='${TESTS}' KRB5_INCLUDES='${KRB5_INCLUDES}' LIBKRB5='${LIBKRB5}' EXE_EXT='${EXE_EXT}' SHARED_LIBS='${SHARED_LIBS}' SHLIB_EXT='${SHLIB_EXT}' SHLIB_TARGET='${SHLIB_TARGET}' TESTS='${TESTS}' OPENSSL_DEBUG_MEMORY=on generate ); + $(CLEARENV) && $(MAKE) -e $(BUILDENV) TESTS='${TESTS}' OPENSSL_DEBUG_MEMORY=on generate ); dclean: rm -f *.bak - @for i in $(DIRS) ;\ - do \ - if [ -d "$$i" ]; then \ - (cd $$i && echo "making dclean in $$i..." && \ - $(MAKE) SDIRS='${SDIRS}' PERL='${PERL}' dclean ) || exit 1; \ - fi; \ - done; + @set -e; target=dclean; $(RECURSIVE_BUILD_CMD) rehash: rehash.time rehash.time: certs @@ -685,29 +390,17 @@ test: tests tests: rehash @(cd test && echo "testing..." && \ - $(MAKE) CC='${CC}' PLATFORM='${PLATFORM}' CFLAG='${CFLAG}' SDIRS='$(SDIRS)' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' BN_ASM='${BN_ASM}' DES_ENC='${DES_ENC}' FIPS_DES_ENC='${FIPS_DES_ENC}' BF_ENC='${BF_ENC}' CAST_ENC='${CAST_ENC}' RC4_ENC='${RC4_ENC}' RC5_ENC='${RC5_ENC}' SHA1_ASM_OBJ='${SHA1_ASM_OBJ}' FIPS_SHA1_ASM_OBJ='${FIPS_SHA1_ASM_OBJ}' MD5_ASM_OBJ='${MD5_ASM_OBJ}' RMD160_ASM_OBJ='${RMD160_ASM_OBJ}' AR='${AR}' PROCESSOR='${PROCESSOR}' PERL='${PERL}' RANLIB='${RANLIB}' TESTS='${TESTS}' KRB5_INCLUDES='${KRB5_INCLUDES}' LIBKRB5='${LIBKRB5}' EXE_EXT='${EXE_EXT}' SHARED_LIBS='${SHARED_LIBS}' SHLIB_EXT='${SHLIB_EXT}' SHLIB_TARGET='${SHLIB_TARGET}' TESTS='${TESTS}' OPENSSL_DEBUG_MEMORY=on tests ); - util/shlib_wrap.sh apps/openssl version -a + $(CLEARENV) && $(MAKE) -e $(BUILDENV) TOP=.. TESTS='${TESTS}' OPENSSL_DEBUG_MEMORY=on tests ); + util/opensslwrap.sh version -a report: @$(PERL) util/selftest.pl depend: - @for i in $(DIRS) ;\ - do \ - if [ -d "$$i" ]; then \ - (cd $$i && echo "making dependencies $$i..." && \ - $(MAKE) SDIRS='${SDIRS}' CFLAG='${CFLAG}' DEPFLAG='${DEPFLAG}' MAKEDEPPROG='${MAKEDEPPROG}' KRB5_INCLUDES='${KRB5_INCLUDES}' PERL='${PERL}' depend ) || exit 1; \ - fi; \ - done; + @set -e; target=depend; $(RECURSIVE_BUILD_CMD) lint: - @for i in $(DIRS) ;\ - do \ - if [ -d "$$i" ]; then \ - (cd $$i && echo "making lint $$i..." && \ - $(MAKE) SDIRS='${SDIRS}' lint ) || exit 1; \ - fi; \ - done; + @set -e; target=lint; $(RECURSIVE_BUILD_CMD) tags: rm -f TAGS @@ -715,7 +408,8 @@ tags: errors: $(PERL) util/mkerr.pl -recurse -write - (cd crypto/engine; $(MAKE) PERL=$(PERL) errors) + (cd engines; $(MAKE) PERL=$(PERL) errors) + $(PERL) util/ck_errf.pl */*.c */*/*.c stacks: $(PERL) util/mkstack.pl -write @@ -777,45 +471,36 @@ dist: @$(MAKE) TAR='${TAR}' TARFLAGS='${TARFLAGS}' tar dist_pem_h: - (cd crypto/pem; $(MAKE) CC='${CC}' SDIRS='${SDIRS}' CFLAG='${CFLAG}' pem.h; $(MAKE) clean) + (cd crypto/pem; $(MAKE) -e $(BUILDENV) pem.h; $(MAKE) clean) install: all install_docs install_sw install_sw: @$(PERL) $(TOP)/util/mkdir-p.pl $(INSTALL_PREFIX)$(INSTALLTOP)/bin \ $(INSTALL_PREFIX)$(INSTALLTOP)/lib \ + $(INSTALL_PREFIX)$(INSTALLTOP)/lib/engines \ $(INSTALL_PREFIX)$(INSTALLTOP)/lib/pkgconfig \ $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl \ $(INSTALL_PREFIX)$(OPENSSLDIR)/misc \ $(INSTALL_PREFIX)$(OPENSSLDIR)/certs \ $(INSTALL_PREFIX)$(OPENSSLDIR)/private - @headerlist="$(EXHEADER)"; for i in $$headerlist ;\ + @set -e; headerlist="$(EXHEADER)"; for i in $$headerlist;\ do \ (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \ chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \ done; - @for i in $(DIRS) ;\ - do \ - if [ -d "$$i" ]; then \ - (cd $$i; echo "installing $$i..."; \ - $(MAKE) CC='${CC}' CFLAG='${CFLAG}' INSTALL_PREFIX='${INSTALL_PREFIX}' INSTALLTOP='${INSTALLTOP}' OPENSSLDIR='${OPENSSLDIR}' EX_LIBS='${EX_LIBS}' SDIRS='${SDIRS}' RANLIB='${RANLIB}' EXE_EXT='${EXE_EXT}' install ); \ - fi; \ - done - @for i in $(LIBS) ;\ + @set -e; target=install; $(RECURSIVE_BUILD_CMD) + @set -e; for i in $(LIBS) ;\ do \ if [ -f "$$i" ]; then \ ( echo installing $$i; \ cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/lib/$$i.new; \ - if egrep 'define OPENSSL_FIPS' $(TOP)/include/openssl/opensslconf.h > /dev/null; then \ - : ; \ - else \ - $(RANLIB) $(INSTALL_PREFIX)$(INSTALLTOP)/lib/$$i.new; \ - fi; \ + $(RANLIB) $(INSTALL_PREFIX)$(INSTALLTOP)/lib/$$i.new; \ chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/lib/$$i.new; \ mv -f $(INSTALL_PREFIX)$(INSTALLTOP)/lib/$$i.new $(INSTALL_PREFIX)$(INSTALLTOP)/lib/$$i ); \ fi; \ done; - @if [ -n "$(SHARED_LIBS)" ]; then \ + @set -e; if [ -n "$(SHARED_LIBS)" ]; then \ tmp="$(SHARED_LIBS)"; \ for i in $${tmp:-x}; \ do \ @@ -826,20 +511,19 @@ install_sw: chmod 555 $(INSTALL_PREFIX)$(INSTALLTOP)/lib/$$i.new; \ mv -f $(INSTALL_PREFIX)$(INSTALLTOP)/lib/$$i.new $(INSTALL_PREFIX)$(INSTALLTOP)/lib/$$i; \ else \ - c=`echo $$i | sed 's/^lib\(.*\)\.dll/cyg\1-$(SHLIB_VERSION_NUMBER).dll/'`; \ + c=`echo $$i | sed 's/^lib\(.*\)\.dll\.a/cyg\1-$(SHLIB_VERSION_NUMBER).dll/'`; \ cp $$c $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$c.new; \ chmod 755 $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$c.new; \ mv -f $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$c.new $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$c; \ - cp $$i.a $(INSTALL_PREFIX)$(INSTALLTOP)/lib/$$i.a.new; \ - chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/lib/$$i.a.new; \ - mv -f $(INSTALL_PREFIX)$(INSTALLTOP)/lib/$$i.a.new $(INSTALL_PREFIX)$(INSTALLTOP)/lib/$$i.a; \ + cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/lib/$$i.new; \ + chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/lib/$$i.new; \ + mv -f $(INSTALL_PREFIX)$(INSTALLTOP)/lib/$$i.new $(INSTALL_PREFIX)$(INSTALLTOP)/lib/$$i; \ fi ); \ fi; \ done; \ ( here="`pwd`"; \ cd $(INSTALL_PREFIX)$(INSTALLTOP)/lib; \ - set $(MAKE); \ - $$1 -f $$here/Makefile link-shared ); \ + $(MAKE) -f $$here/Makefile HERE="$$here" link-shared ); \ if [ "$(INSTALLTOP)" != "/usr" ]; then \ echo 'OpenSSL shared libraries have been installed in:'; \ echo ' $(INSTALLTOP)'; \ @@ -847,6 +531,10 @@ install_sw: sed -e '1,/^$$/d' doc/openssl-shared.txt; \ fi; \ fi + cp libcrypto.pc $(INSTALL_PREFIX)$(INSTALLTOP)/lib/pkgconfig + chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/lib/pkgconfig/libcrypto.pc + cp libssl.pc $(INSTALL_PREFIX)$(INSTALLTOP)/lib/pkgconfig + chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/lib/pkgconfig/libssl.pc cp openssl.pc $(INSTALL_PREFIX)$(INSTALLTOP)/lib/pkgconfig chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/lib/pkgconfig/openssl.pc @@ -862,9 +550,9 @@ install_docs: if [ "$(PLATFORM)" = "DJGPP" -o "$(PLATFORM)" = "Cygwin" -o "$(PLATFORM)" = "mingw" ]; then \ filecase=-i; \ fi; \ - for i in doc/apps/*.pod; do \ + set -e; for i in doc/apps/*.pod; do \ fn=`basename $$i .pod`; \ - if [ "$$fn" = "config" ]; then sec=5; else sec=1; fi; \ + sec=`$(PERL) util/extract-section.pl 1 < $$i`; \ echo "installing man$$sec/$$fn.$${sec}$(MANSUFFIX)"; \ (cd `$(PERL) util/dirname.pl $$i`; \ sh -c "$$pod2man \ @@ -879,9 +567,9 @@ install_docs: $$here/util/point.sh $$fn.$${sec}$(MANSUFFIX) "$$n".$${sec}$(MANSUFFIX); \ done); \ done; \ - for i in doc/crypto/*.pod doc/ssl/*.pod; do \ + set -e; for i in doc/crypto/*.pod doc/ssl/*.pod; do \ fn=`basename $$i .pod`; \ - if [ "$$fn" = "des_modes" ]; then sec=7; else sec=3; fi; \ + sec=`$(PERL) util/extract-section.pl 3 < $$i`; \ echo "installing man$$sec/$$fn.$${sec}$(MANSUFFIX)"; \ (cd `$(PERL) util/dirname.pl $$i`; \ sh -c "$$pod2man \ diff --git a/src/lib/libssl/src/NEWS b/src/lib/libssl/src/NEWS index 49b443ed4d..40ded1aebf 100644 --- a/src/lib/libssl/src/NEWS +++ b/src/lib/libssl/src/NEWS @@ -5,8 +5,138 @@ This file gives a brief overview of the major changes between each OpenSSL release. For more details please read the CHANGES file. + Major changes between OpenSSL 0.9.8f and OpenSSL 0.9.8g: + + o Fixes for bugs introduced with 0.9.8f. + + Major changes between OpenSSL 0.9.8e and OpenSSL 0.9.8f: + + o Add gcc 4.2 support. + o Add support for AES and SSE2 assembly lanugauge optimization + for VC++ build. + o Support for RFC4507bis and server name extensions if explicitly + selected at compile time. + o DTLS improvements. + o RFC4507bis support. + o TLS Extensions support. + + Major changes between OpenSSL 0.9.8d and OpenSSL 0.9.8e: + + o Various ciphersuite selection fixes. + o RFC3779 support. + + Major changes between OpenSSL 0.9.8c and OpenSSL 0.9.8d: + + o Introduce limits to prevent malicious key DoS (CVE-2006-2940) + o Fix security issues (CVE-2006-2937, CVE-2006-3737, CVE-2006-4343) + o Changes to ciphersuite selection algorithm + + Major changes between OpenSSL 0.9.8b and OpenSSL 0.9.8c: + + o Fix Daniel Bleichenbacher forged signature attack, CVE-2006-4339 + o New cipher Camellia + + Major changes between OpenSSL 0.9.8a and OpenSSL 0.9.8b: + + o Cipher string fixes. + o Fixes for VC++ 2005. + o Updated ECC cipher suite support. + o New functions EVP_CIPHER_CTX_new() and EVP_CIPHER_CTX_free(). + o Zlib compression usage fixes. + o Built in dynamic engine compilation support on Win32. + o Fixes auto dynamic engine loading in Win32. + + Major changes between OpenSSL 0.9.8 and OpenSSL 0.9.8a: + + o Fix potential SSL 2.0 rollback, CVE-2005-2969 + o Extended Windows CE support + + Major changes between OpenSSL 0.9.7g and OpenSSL 0.9.8: + + o Major work on the BIGNUM library for higher efficiency and to + make operations more streamlined and less contradictory. This + is the result of a major audit of the BIGNUM library. + o Addition of BIGNUM functions for fields GF(2^m) and NIST + curves, to support the Elliptic Crypto functions. + o Major work on Elliptic Crypto; ECDH and ECDSA added, including + the use through EVP, X509 and ENGINE. + o New ASN.1 mini-compiler that's usable through the OpenSSL + configuration file. + o Added support for ASN.1 indefinite length constructed encoding. + o New PKCS#12 'medium level' API to manipulate PKCS#12 files. + o Complete rework of shared library construction and linking + programs with shared or static libraries, through a separate + Makefile.shared. + o Rework of the passing of parameters from one Makefile to another. + o Changed ENGINE framework to load dynamic engine modules + automatically from specifically given directories. + o New structure and ASN.1 functions for CertificatePair. + o Changed the ZLIB compression method to be stateful. + o Changed the key-generation and primality testing "progress" + mechanism to take a structure that contains the ticker + function and an argument. + o New engine module: GMP (performs private key exponentiation). + o New engine module: VIA PadLOck ACE extension in VIA C3 + Nehemiah processors. + o Added support for IPv6 addresses in certificate extensions. + See RFC 1884, section 2.2. + o Added support for certificate policy mappings, policy + constraints and name constraints. + o Added support for multi-valued AVAs in the OpenSSL + configuration file. + o Added support for multiple certificates with the same subject + in the 'openssl ca' index file. + o Make it possible to create self-signed certificates using + 'openssl ca -selfsign'. + o Make it possible to generate a serial number file with + 'openssl ca -create_serial'. + o New binary search functions with extended functionality. + o New BUF functions. + o New STORE structure and library to provide an interface to all + sorts of data repositories. Supports storage of public and + private keys, certificates, CRLs, numbers and arbitrary blobs. + This library is unfortunately unfinished and unused withing + OpenSSL. + o New control functions for the error stack. + o Changed the PKCS#7 library to support one-pass S/MIME + processing. + o Added the possibility to compile without old deprecated + functionality with the OPENSSL_NO_DEPRECATED macro or the + 'no-deprecated' argument to the config and Configure scripts. + o Constification of all ASN.1 conversion functions, and other + affected functions. + o Improved platform support for PowerPC. + o New FIPS 180-2 algorithms (SHA-224, -256, -384 and -512). + o New X509_VERIFY_PARAM structure to support parametrisation + of X.509 path validation. + o Major overhaul of RC4 performance on Intel P4, IA-64 and + AMD64. + o Changed the Configure script to have some algorithms disabled + by default. Those can be explicitely enabled with the new + argument form 'enable-xxx'. + o Change the default digest in 'openssl' commands from MD5 to + SHA-1. + o Added support for DTLS. + o New BIGNUM blinding. + o Added support for the RSA-PSS encryption scheme + o Added support for the RSA X.931 padding. + o Added support for BSD sockets on NetWare. + o Added support for files larger than 2GB. + o Added initial support for Win64. + o Added alternate pkg-config files. + + Major changes between OpenSSL 0.9.7k and OpenSSL 0.9.7l: + + o Introduce limits to prevent malicious key DoS (CVE-2006-2940) + o Fix security issues (CVE-2006-2937, CVE-2006-3737, CVE-2006-4343) + + Major changes between OpenSSL 0.9.7j and OpenSSL 0.9.7k: + + o Fix Daniel Bleichenbacher forged signature attack, CVE-2006-4339 + Major changes between OpenSSL 0.9.7i and OpenSSL 0.9.7j: + o Visual C++ 2005 fixes. o Update Windows build system for FIPS. Major changes between OpenSSL 0.9.7h and OpenSSL 0.9.7i: @@ -15,7 +145,7 @@ Major changes between OpenSSL 0.9.7g and OpenSSL 0.9.7h: - o Fix SSL 2.0 Rollback, CAN-2005-2969 + o Fix SSL 2.0 Rollback, CVE-2005-2969 o Allow use of fixed-length exponent on DSA signing o Default fixed-window RSA, DSA, DH private-key operations diff --git a/src/lib/libssl/src/Netware/build.bat b/src/lib/libssl/src/Netware/build.bat new file mode 100644 index 0000000000..823134bda1 --- /dev/null +++ b/src/lib/libssl/src/Netware/build.bat @@ -0,0 +1,228 @@ +@echo off + +rem ======================================================================== +rem Batch file to automate building OpenSSL for NetWare. +rem +rem usage: +rem build [target] [debug opts] [assembly opts] [configure opts] +rem +rem target - "netware-clib" - CLib NetWare build (WinSock Sockets) +rem - "netware-clib-bsdsock" - CLib NetWare build (BSD Sockets) +rem - "netware-libc" - LibC NetWare build (WinSock Sockets) +rem - "netware-libc-bsdsock" - LibC NetWare build (BSD Sockets) +rem +rem debug opts - "debug" - build debug +rem +rem assembly opts - "nw-mwasm" - use Metrowerks assembler +rem - "nw-nasm" - use NASM assembler +rem - "no-asm" - don't use assembly +rem +rem configure opts- all unrecognized arguments are passed to the +rem perl configure script +rem +rem If no arguments are specified the default is to build non-debug with +rem no assembly. NOTE: there is no default BLD_TARGET. +rem + + + +rem No assembly is the default - Uncomment section below to change +rem the assembler default +set ASM_MODE= +set ASSEMBLER= +set NO_ASM=no-asm + +rem Uncomment to default to the Metrowerks assembler +rem set ASM_MODE=nw-mwasm +rem set ASSEMBLER=Metrowerks +rem set NO_ASM= + +rem Uncomment to default to the NASM assembler +rem set ASM_MODE=nw-nasm +rem set ASSEMBLER=NASM +rem set NO_ASM= + +rem No default Bld target +set BLD_TARGET=no_target +rem set BLD_TARGET=netware-clib +rem set BLD_TARGET=netware-libc + + +rem Default to build non-debug +set DEBUG= + +rem Uncomment to default to debug build +rem set DEBUG=debug + + +set CONFIG_OPTS= +set ARG_PROCESSED=NO + + +rem Process command line args +:opts +if "a%1" == "a" goto endopt +if "%1" == "no-asm" set NO_ASM=no-asm +if "%1" == "no-asm" set ARG_PROCESSED=YES +if "%1" == "debug" set DEBUG=debug +if "%1" == "debug" set ARG_PROCESSED=YES +if "%1" == "nw-nasm" set ASM_MODE=nw-nasm +if "%1" == "nw-nasm" set ASSEMBLER=NASM +if "%1" == "nw-nasm" set NO_ASM= +if "%1" == "nw-nasm" set ARG_PROCESSED=YES +if "%1" == "nw-mwasm" set ASM_MODE=nw-mwasm +if "%1" == "nw-mwasm" set ASSEMBLER=Metrowerks +if "%1" == "nw-mwasm" set NO_ASM= +if "%1" == "nw-mwasm" set ARG_PROCESSED=YES +if "%1" == "netware-clib" set BLD_TARGET=netware-clib +if "%1" == "netware-clib" set ARG_PROCESSED=YES +if "%1" == "netware-clib-bsdsock" set BLD_TARGET=netware-clib-bsdsock +if "%1" == "netware-clib-bsdsock" set ARG_PROCESSED=YES +if "%1" == "netware-libc" set BLD_TARGET=netware-libc +if "%1" == "netware-libc" set ARG_PROCESSED=YES +if "%1" == "netware-libc-bsdsock" set BLD_TARGET=netware-libc-bsdsock +if "%1" == "netware-libc-bsdsock" set ARG_PROCESSED=YES + +rem If we didn't recognize the argument, consider it an option for config +if "%ARG_PROCESSED%" == "NO" set CONFIG_OPTS=%CONFIG_OPTS% %1 +if "%ARG_PROCESSED%" == "YES" set ARG_PROCESSED=NO + +shift +goto opts +:endopt + +rem make sure a valid BLD_TARGET was specified +if "%BLD_TARGET%" == "no_target" goto no_target + +rem build the nlm make file name which includes target and debug info +set NLM_MAKE= +if "%BLD_TARGET%" == "netware-clib" set NLM_MAKE=netware\nlm_clib +if "%BLD_TARGET%" == "netware-clib-bsdsock" set NLM_MAKE=netware\nlm_clib_bsdsock +if "%BLD_TARGET%" == "netware-libc" set NLM_MAKE=netware\nlm_libc +if "%BLD_TARGET%" == "netware-libc-bsdsock" set NLM_MAKE=netware\nlm_libc_bsdsock +if "%DEBUG%" == "" set NLM_MAKE=%NLM_MAKE%.mak +if "%DEBUG%" == "debug" set NLM_MAKE=%NLM_MAKE%_dbg.mak + +if "%NO_ASM%" == "no-asm" set ASM_MODE= +if "%NO_ASM%" == "no-asm" set ASSEMBLER= +if "%NO_ASM%" == "no-asm" set CONFIG_OPTS=%CONFIG_OPTS% no-asm +if "%NO_ASM%" == "no-asm" goto do_config + + +rem ================================================== +echo Generating x86 for %ASSEMBLER% assembler + +echo Bignum +cd crypto\bn\asm +rem perl x86.pl %ASM_MODE% > bn-nw.asm +perl bn-586.pl %ASM_MODE% > bn-nw.asm +perl co-586.pl %ASM_MODE% > co-nw.asm +cd ..\..\.. + +echo AES +cd crypto\aes\asm +perl aes-586.pl %ASM_MODE% > a-nw.asm +cd ..\..\.. + +echo DES +cd crypto\des\asm +perl des-586.pl %ASM_MODE% > d-nw.asm +cd ..\..\.. + +echo "crypt(3)" + +cd crypto\des\asm +perl crypt586.pl %ASM_MODE% > y-nw.asm +cd ..\..\.. + +echo Blowfish + +cd crypto\bf\asm +perl bf-586.pl %ASM_MODE% > b-nw.asm +cd ..\..\.. + +echo CAST5 +cd crypto\cast\asm +perl cast-586.pl %ASM_MODE% > c-nw.asm +cd ..\..\.. + +echo RC4 +cd crypto\rc4\asm +perl rc4-586.pl %ASM_MODE% > r4-nw.asm +cd ..\..\.. + +echo MD5 +cd crypto\md5\asm +perl md5-586.pl %ASM_MODE% > m5-nw.asm +cd ..\..\.. + +echo SHA1 +cd crypto\sha\asm +perl sha1-586.pl %ASM_MODE% > s1-nw.asm +cd ..\..\.. + +echo RIPEMD160 +cd crypto\ripemd\asm +perl rmd-586.pl %ASM_MODE% > rm-nw.asm +cd ..\..\.. + +echo RC5\32 +cd crypto\rc5\asm +perl rc5-586.pl %ASM_MODE% > r5-nw.asm +cd ..\..\.. + +echo CPUID +cd crypto +perl x86cpuid.pl %ASM_MODE% > x86cpuid-nw.asm +cd ..\ + +rem =============================================================== +rem +:do_config + +echo . +echo configure options: %CONFIG_OPTS% %BLD_TARGET% +echo . +perl configure %CONFIG_OPTS% %BLD_TARGET% + +perl util\mkfiles.pl >MINFO + +echo . +echo mk1mf.pl options: %DEBUG% %ASM_MODE% %CONFIG_OPTS% %BLD_TARGET% +echo . +perl util\mk1mf.pl %DEBUG% %ASM_MODE% %CONFIG_OPTS% %BLD_TARGET% >%NLM_MAKE% + +make -f %NLM_MAKE% vclean +echo . +echo The makefile "%NLM_MAKE%" has been created use your maketool to +echo build (ex: make -f %NLM_MAKE%) +goto end + +rem =============================================================== +rem +:no_target +echo . +echo . No build target specified!!! +echo . +echo . usage: build [target] [debug opts] [assembly opts] [configure opts] +echo . +echo . target - "netware-clib" - CLib NetWare build (WinSock Sockets) +echo . - "netware-clib-bsdsock" - CLib NetWare build (BSD Sockets) +echo . - "netware-libc" - LibC NetWare build (WinSock Sockets) +echo . - "netware-libc-bsdsock" - LibC NetWare build (BSD Sockets) +echo . +echo . debug opts - "debug" - build debug +echo . +echo . assembly opts - "nw-mwasm" - use Metrowerks assembler +echo . "nw-nasm" - use NASM assembler +echo . "no-asm" - don't use assembly +echo . +echo . configure opts- all unrecognized arguments are passed to the +echo . perl configure script +echo . +echo . If no debug or assembly opts are specified the default is to build +echo . non-debug without assembly +echo . + + +:end diff --git a/src/lib/libssl/src/Netware/cpy_tests.bat b/src/lib/libssl/src/Netware/cpy_tests.bat new file mode 100644 index 0000000000..1583f28067 --- /dev/null +++ b/src/lib/libssl/src/Netware/cpy_tests.bat @@ -0,0 +1,113 @@ +@echo off + +rem Batch file to copy OpenSSL stuff to a NetWare server for testing + +rem This batch file will create an "opensssl" directory at the root of the +rem specified NetWare drive and copy the required files to run the tests. +rem It should be run from inside the "openssl\netware" subdirectory. + +rem Usage: +rem cpy_tests.bat +rem - out_nw.dbg | out_nw +rem - any mapped drive letter +rem +rem example ( copy from debug build to m: dirve ): +rem cpy_tests.bat out_nw.dbg m: +rem +rem CAUTION: If a directory named OpenSSL exists on the target drive +rem it will be deleted first. + + +if "%1" == "" goto usage +if "%2" == "" goto usage + +rem Assume running in \openssl directory unless cpy_tests.bat exists then +rem it must be the \openssl\netware directory +set loc=. +if exist cpy_tests.bat set loc=.. + +rem make sure the local build subdirectory specified is valid +if not exist %loc%\%1\NUL goto invalid_dir + +rem make sure target drive is valid +if not exist %2\NUL goto invalid_drive + +rem If an OpenSSL directory exists on the target drive, remove it +if exist %2\openssl\NUL goto remove_openssl +goto do_copy + +:remove_openssl +echo . +echo OpenSSL directory exists on %2 - it will be removed! +pause +rmdir %2\openssl /s /q + +:do_copy +rem make an "openssl" directory and others at the root of the NetWare drive +mkdir %2\openssl +mkdir %2\openssl\test_out +mkdir %2\openssl\apps +mkdir %2\openssl\certs +mkdir %2\openssl\test + + +rem copy the test nlms +copy %loc%\%1\*.nlm %2\openssl\ + +rem copy the test perl script +copy %loc%\netware\do_tests.pl %2\openssl\ + +rem copy the certs directory stuff +xcopy %loc%\certs\*.* %2\openssl\certs\ /s + +rem copy the test directory stuff +copy %loc%\test\CAss.cnf %2\openssl\test\ +copy %loc%\test\Uss.cnf %2\openssl\test\ +copy %loc%\test\pkcs7.pem %2\openssl\test\ +copy %loc%\test\pkcs7-1.pem %2\openssl\test\ +copy %loc%\test\testcrl.pem %2\openssl\test\ +copy %loc%\test\testp7.pem %2\openssl\test\ +copy %loc%\test\testreq2.pem %2\openssl\test\ +copy %loc%\test\testrsa.pem %2\openssl\test\ +copy %loc%\test\testsid.pem %2\openssl\test\ +copy %loc%\test\testx509.pem %2\openssl\test\ +copy %loc%\test\v3-cert1.pem %2\openssl\test\ +copy %loc%\test\v3-cert2.pem %2\openssl\test\ +copy %loc%\crypto\evp\evptests.txt %2\openssl\test\ + +rem copy the apps directory stuff +copy %loc%\apps\client.pem %2\openssl\apps\ +copy %loc%\apps\server.pem %2\openssl\apps\ +copy %loc%\apps\openssl.cnf %2\openssl\apps\ + +echo . +echo Tests copied +echo Run the test script at the console by typing: +echo "Perl \openssl\do_tests.pl" +echo . +echo Make sure the Search path includes the OpenSSL subdirectory + +goto end + +:invalid_dir +echo. +echo Invalid build directory specified: %1 +echo. +goto usage + +:invalid_drive +echo. +echo Invalid drive: %2 +echo. +goto usage + +:usage +echo. +echo usage: cpy_tests.bat [test subdirectory] [NetWare drive] +echo [test subdirectory] - out_nw_clib.dbg, out_nw_libc.dbg, etc. +echo [NetWare drive] - any mapped drive letter +echo. +echo example: cpy_test out_nw_clib.dbg M: +echo (copy from clib debug build area to M: drive) + +:end diff --git a/src/lib/libssl/src/Netware/do_tests.pl b/src/lib/libssl/src/Netware/do_tests.pl new file mode 100644 index 0000000000..ac482dbe2b --- /dev/null +++ b/src/lib/libssl/src/Netware/do_tests.pl @@ -0,0 +1,624 @@ +# perl script to run OpenSSL tests + + +my $base_path = "\\openssl"; + +my $output_path = "$base_path\\test_out"; +my $cert_path = "$base_path\\certs"; +my $test_path = "$base_path\\test"; +my $app_path = "$base_path\\apps"; + +my $tmp_cert = "$output_path\\cert.tmp"; +my $OpenSSL_config = "$app_path\\openssl.cnf"; +my $log_file = "$output_path\\tests.log"; + +my $pause = 0; + + +# process the command line args to see if they wanted us to pause +# between executing each command +foreach $i (@ARGV) +{ + if ($i =~ /^-p$/) + { $pause=1; } +} + + + +main(); + + +############################################################################ +sub main() +{ + # delete all the output files in the output directory + unlink <$output_path\\*.*>; + + # open the main log file + open(OUT, ">$log_file") || die "unable to open $log_file\n"; + + print( OUT "========================================================\n"); + my $outFile = "$output_path\\version.out"; + system("openssl2 version (CLIB_OPT)/>$outFile"); + log_output("CHECKING FOR OPENSSL VERSION:", $outFile); + + algorithm_tests(); + encryption_tests(); + evp_tests(); + pem_tests(); + verify_tests(); + ca_tests(); + ssl_tests(); + + close(OUT); + + print("\nCompleted running tests.\n\n"); + print("Check log file for errors: $log_file\n"); +} + +############################################################################ +sub algorithm_tests +{ + my $i; + my $outFile; + my @tests = ( rsa_test, destest, ideatest, bftest, bntest, shatest, sha1test, + sha256t, sha512t, dsatest, md2test, md4test, md5test, mdc2test, + rc2test, rc4test, rc5test, randtest, rmdtest, dhtest, ecdhtest, + ecdsatest, ectest, exptest, casttest, hmactest ); + + print( "\nRUNNING CRYPTO ALGORITHM TESTS:\n\n"); + + print( OUT "\n========================================================\n"); + print( OUT "CRYPTO ALGORITHM TESTS:\n\n"); + + foreach $i (@tests) + { + if (-e "$base_path\\$i.nlm") + { + $outFile = "$output_path\\$i.out"; + system("$i (CLIB_OPT)/>$outFile"); + log_desc("Test: $i\.nlm:"); + log_output("", $outFile ); + } + else + { + log_desc("Test: $i\.nlm: file not found"); + } + } +} + +############################################################################ +sub encryption_tests +{ + my $i; + my $outFile; + my @enc_tests = ( "enc", "rc4", "des-cfb", "des-ede-cfb", "des-ede3-cfb", + "des-ofb", "des-ede-ofb", "des-ede3-ofb", + "des-ecb", "des-ede", "des-ede3", "des-cbc", + "des-ede-cbc", "des-ede3-cbc", "idea-ecb", "idea-cfb", + "idea-ofb", "idea-cbc", "rc2-ecb", "rc2-cfb", + "rc2-ofb", "rc2-cbc", "bf-ecb", "bf-cfb", + "bf-ofb", "bf-cbc" ); + + my $input = "$base_path\\do_tests.pl"; + my $cipher = "$output_path\\cipher.out"; + my $clear = "$output_path\\clear.out"; + + print( "\nRUNNING ENCRYPTION & DECRYPTION TESTS:\n\n"); + + print( OUT "\n========================================================\n"); + print( OUT "FILE ENCRYPTION & DECRYPTION TESTS:\n\n"); + + foreach $i (@enc_tests) + { + log_desc("Testing: $i"); + + # do encryption + $outFile = "$output_path\\enc.out"; + system("openssl2 $i -e -bufsize 113 -k test -in $input -out $cipher (CLIB_OPT)/>$outFile" ); + log_output("Encrypting: $input --> $cipher", $outFile); + + # do decryption + $outFile = "$output_path\\dec.out"; + system("openssl2 $i -d -bufsize 157 -k test -in $cipher -out $clear (CLIB_OPT)/>$outFile"); + log_output("Decrypting: $cipher --> $clear", $outFile); + + # compare files + $x = compare_files( $input, $clear, 1); + if ( $x == 0 ) + { + print( "\rSUCCESS - files match: $input, $clear\n"); + print( OUT "SUCCESS - files match: $input, $clear\n"); + } + else + { + print( "\rERROR: files don't match\n"); + print( OUT "ERROR: files don't match\n"); + } + + do_wait(); + + # Now do the same encryption but use Base64 + + # do encryption B64 + $outFile = "$output_path\\B64enc.out"; + system("openssl2 $i -a -e -bufsize 113 -k test -in $input -out $cipher (CLIB_OPT)/>$outFile"); + log_output("Encrypting(B64): $cipher --> $clear", $outFile); + + # do decryption B64 + $outFile = "$output_path\\B64dec.out"; + system("openssl2 $i -a -d -bufsize 157 -k test -in $cipher -out $clear (CLIB_OPT)/>$outFile"); + log_output("Decrypting(B64): $cipher --> $clear", $outFile); + + # compare files + $x = compare_files( $input, $clear, 1); + if ( $x == 0 ) + { + print( "\rSUCCESS - files match: $input, $clear\n"); + print( OUT "SUCCESS - files match: $input, $clear\n"); + } + else + { + print( "\rERROR: files don't match\n"); + print( OUT "ERROR: files don't match\n"); + } + + do_wait(); + + } # end foreach + + # delete the temporary files + unlink($cipher); + unlink($clear); +} + + +############################################################################ +sub pem_tests +{ + my $i; + my $tmp_out; + my $outFile = "$output_path\\pem.out"; + + my %pem_tests = ( + "crl" => "testcrl.pem", + "pkcs7" => "testp7.pem", + "req" => "testreq2.pem", + "rsa" => "testrsa.pem", + "x509" => "testx509.pem", + "x509" => "v3-cert1.pem", + "sess_id" => "testsid.pem" ); + + + print( "\nRUNNING PEM TESTS:\n\n"); + + print( OUT "\n========================================================\n"); + print( OUT "PEM TESTS:\n\n"); + + foreach $i (keys(%pem_tests)) + { + log_desc( "Testing: $i"); + + my $input = "$test_path\\$pem_tests{$i}"; + + $tmp_out = "$output_path\\$pem_tests{$i}"; + + if ($i ne "req" ) + { + system("openssl2 $i -in $input -out $tmp_out (CLIB_OPT)/>$outFile"); + log_output( "openssl2 $i -in $input -out $tmp_out", $outFile); + } + else + { + system("openssl2 $i -in $input -out $tmp_out -config $OpenSSL_config (CLIB_OPT)/>$outFile"); + log_output( "openssl2 $i -in $input -out $tmp_out -config $OpenSSL_config", $outFile ); + } + + $x = compare_files( $input, $tmp_out); + if ( $x == 0 ) + { + print( "\rSUCCESS - files match: $input, $tmp_out\n"); + print( OUT "SUCCESS - files match: $input, $tmp_out\n"); + } + else + { + print( "\rERROR: files don't match\n"); + print( OUT "ERROR: files don't match\n"); + } + do_wait(); + + } # end foreach +} + + +############################################################################ +sub verify_tests +{ + my $i; + my $outFile = "$output_path\\verify.out"; + + $cert_path =~ s/\\/\//g; + my @cert_files = <$cert_path/*.pem>; + + print( "\nRUNNING VERIFY TESTS:\n\n"); + + print( OUT "\n========================================================\n"); + print( OUT "VERIFY TESTS:\n\n"); + + make_tmp_cert_file(); + + foreach $i (@cert_files) + { + system("openssl2 verify -CAfile $tmp_cert $i (CLIB_OPT)/>$outFile"); + log_desc("Verifying cert: $i"); + log_output("openssl2 verify -CAfile $tmp_cert $i", $outFile); + } +} + + +############################################################################ +sub ssl_tests +{ + my $outFile = "$output_path\\ssl_tst.out"; + my($CAcert) = "$output_path\\certCA.ss"; + my($Ukey) = "$output_path\\keyU.ss"; + my($Ucert) = "$output_path\\certU.ss"; + my($ssltest)= "ssltest -key $Ukey -cert $Ucert -c_key $Ukey -c_cert $Ucert -CAfile $CAcert"; + + print( "\nRUNNING SSL TESTS:\n\n"); + + print( OUT "\n========================================================\n"); + print( OUT "SSL TESTS:\n\n"); + + system("ssltest -ssl2 (CLIB_OPT)/>$outFile"); + log_desc("Testing sslv2:"); + log_output("ssltest -ssl2", $outFile); + + system("$ssltest -ssl2 -server_auth (CLIB_OPT)/>$outFile"); + log_desc("Testing sslv2 with server authentication:"); + log_output("$ssltest -ssl2 -server_auth", $outFile); + + system("$ssltest -ssl2 -client_auth (CLIB_OPT)/>$outFile"); + log_desc("Testing sslv2 with client authentication:"); + log_output("$ssltest -ssl2 -client_auth", $outFile); + + system("$ssltest -ssl2 -server_auth -client_auth (CLIB_OPT)/>$outFile"); + log_desc("Testing sslv2 with both client and server authentication:"); + log_output("$ssltest -ssl2 -server_auth -client_auth", $outFile); + + system("ssltest -ssl3 (CLIB_OPT)/>$outFile"); + log_desc("Testing sslv3:"); + log_output("ssltest -ssl3", $outFile); + + system("$ssltest -ssl3 -server_auth (CLIB_OPT)/>$outFile"); + log_desc("Testing sslv3 with server authentication:"); + log_output("$ssltest -ssl3 -server_auth", $outFile); + + system("$ssltest -ssl3 -client_auth (CLIB_OPT)/>$outFile"); + log_desc("Testing sslv3 with client authentication:"); + log_output("$ssltest -ssl3 -client_auth", $outFile); + + system("$ssltest -ssl3 -server_auth -client_auth (CLIB_OPT)/>$outFile"); + log_desc("Testing sslv3 with both client and server authentication:"); + log_output("$ssltest -ssl3 -server_auth -client_auth", $outFile); + + system("ssltest (CLIB_OPT)/>$outFile"); + log_desc("Testing sslv2/sslv3:"); + log_output("ssltest", $outFile); + + system("$ssltest -server_auth (CLIB_OPT)/>$outFile"); + log_desc("Testing sslv2/sslv3 with server authentication:"); + log_output("$ssltest -server_auth", $outFile); + + system("$ssltest -client_auth (CLIB_OPT)/>$outFile"); + log_desc("Testing sslv2/sslv3 with client authentication:"); + log_output("$ssltest -client_auth ", $outFile); + + system("$ssltest -server_auth -client_auth (CLIB_OPT)/>$outFile"); + log_desc("Testing sslv2/sslv3 with both client and server authentication:"); + log_output("$ssltest -server_auth -client_auth", $outFile); + + system("ssltest -bio_pair -ssl2 (CLIB_OPT)/>$outFile"); + log_desc("Testing sslv2 via BIO pair:"); + log_output("ssltest -bio_pair -ssl2", $outFile); + + system("ssltest -bio_pair -dhe1024dsa -v (CLIB_OPT)/>$outFile"); + log_desc("Testing sslv2/sslv3 with 1024 bit DHE via BIO pair:"); + log_output("ssltest -bio_pair -dhe1024dsa -v", $outFile); + + system("$ssltest -bio_pair -ssl2 -server_auth (CLIB_OPT)/>$outFile"); + log_desc("Testing sslv2 with server authentication via BIO pair:"); + log_output("$ssltest -bio_pair -ssl2 -server_auth", $outFile); + + system("$ssltest -bio_pair -ssl2 -client_auth (CLIB_OPT)/>$outFile"); + log_desc("Testing sslv2 with client authentication via BIO pair:"); + log_output("$ssltest -bio_pair -ssl2 -client_auth", $outFile); + + system("$ssltest -bio_pair -ssl2 -server_auth -client_auth (CLIB_OPT)/>$outFile"); + log_desc("Testing sslv2 with both client and server authentication via BIO pair:"); + log_output("$ssltest -bio_pair -ssl2 -server_auth -client_auth", $outFile); + + system("ssltest -bio_pair -ssl3 (CLIB_OPT)/>$outFile"); + log_desc("Testing sslv3 via BIO pair:"); + log_output("ssltest -bio_pair -ssl3", $outFile); + + system("$ssltest -bio_pair -ssl3 -server_auth (CLIB_OPT)/>$outFile"); + log_desc("Testing sslv3 with server authentication via BIO pair:"); + log_output("$ssltest -bio_pair -ssl3 -server_auth", $outFile); + + system("$ssltest -bio_pair -ssl3 -client_auth (CLIB_OPT)/>$outFile"); + log_desc("Testing sslv3 with client authentication via BIO pair:"); + log_output("$ssltest -bio_pair -ssl3 -client_auth", $outFile); + + system("$ssltest -bio_pair -ssl3 -server_auth -client_auth (CLIB_OPT)/>$outFile"); + log_desc("Testing sslv3 with both client and server authentication via BIO pair:"); + log_output("$ssltest -bio_pair -ssl3 -server_auth -client_auth", $outFile); + + system("ssltest -bio_pair (CLIB_OPT)/>$outFile"); + log_desc("Testing sslv2/sslv3 via BIO pair:"); + log_output("ssltest -bio_pair", $outFile); + + system("$ssltest -bio_pair -server_auth (CLIB_OPT)/>$outFile"); + log_desc("Testing sslv2/sslv3 with server authentication via BIO pair:"); + log_output("$ssltest -bio_pair -server_auth", $outFile); + + system("$ssltest -bio_pair -client_auth (CLIB_OPT)/>$outFile"); + log_desc("Testing sslv2/sslv3 with client authentication via BIO pair:"); + log_output("$ssltest -bio_pair -client_auth", $outFile); + + system("$ssltest -bio_pair -server_auth -client_auth (CLIB_OPT)/>$outFile"); + log_desc("Testing sslv2/sslv3 with both client and server authentication via BIO pair:"); + log_output("$ssltest -bio_pair -server_auth -client_auth", $outFile); +} + + +############################################################################ +sub ca_tests +{ + my $outFile = "$output_path\\ca_tst.out"; + + my($CAkey) = "$output_path\\keyCA.ss"; + my($CAcert) = "$output_path\\certCA.ss"; + my($CAserial) = "$output_path\\certCA.srl"; + my($CAreq) = "$output_path\\reqCA.ss"; + my($CAreq2) = "$output_path\\req2CA.ss"; + + my($CAconf) = "$test_path\\CAss.cnf"; + + my($Uconf) = "$test_path\\Uss.cnf"; + + my($Ukey) = "$output_path\\keyU.ss"; + my($Ureq) = "$output_path\\reqU.ss"; + my($Ucert) = "$output_path\\certU.ss"; + + print( "\nRUNNING CA TESTS:\n\n"); + + print( OUT "\n========================================================\n"); + print( OUT "CA TESTS:\n"); + + system("openssl2 req -config $CAconf -out $CAreq -keyout $CAkey -new (CLIB_OPT)/>$outFile"); + log_desc("Make a certificate request using req:"); + log_output("openssl2 req -config $CAconf -out $CAreq -keyout $CAkey -new", $outFile); + + system("openssl2 x509 -CAcreateserial -in $CAreq -days 30 -req -out $CAcert -signkey $CAkey (CLIB_OPT)/>$outFile"); + log_desc("Convert the certificate request into a self signed certificate using x509:"); + log_output("openssl2 x509 -CAcreateserial -in $CAreq -days 30 -req -out $CAcert -signkey $CAkey", $outFile); + + system("openssl2 x509 -in $CAcert -x509toreq -signkey $CAkey -out $CAreq2 (CLIB_OPT)/>$outFile"); + log_desc("Convert a certificate into a certificate request using 'x509':"); + log_output("openssl2 x509 -in $CAcert -x509toreq -signkey $CAkey -out $CAreq2", $outFile); + + system("openssl2 req -config $OpenSSL_config -verify -in $CAreq -noout (CLIB_OPT)/>$outFile"); + log_output("openssl2 req -config $OpenSSL_config -verify -in $CAreq -noout", $outFile); + + system("openssl2 req -config $OpenSSL_config -verify -in $CAreq2 -noout (CLIB_OPT)/>$outFile"); + log_output( "openssl2 req -config $OpenSSL_config -verify -in $CAreq2 -noout", $outFile); + + system("openssl2 verify -CAfile $CAcert $CAcert (CLIB_OPT)/>$outFile"); + log_output("openssl2 verify -CAfile $CAcert $CAcert", $outFile); + + system("openssl2 req -config $Uconf -out $Ureq -keyout $Ukey -new (CLIB_OPT)/>$outFile"); + log_desc("Make another certificate request using req:"); + log_output("openssl2 req -config $Uconf -out $Ureq -keyout $Ukey -new", $outFile); + + system("openssl2 x509 -CAcreateserial -in $Ureq -days 30 -req -out $Ucert -CA $CAcert -CAkey $CAkey -CAserial $CAserial (CLIB_OPT)/>$outFile"); + log_desc("Sign certificate request with the just created CA via x509:"); + log_output("openssl2 x509 -CAcreateserial -in $Ureq -days 30 -req -out $Ucert -CA $CAcert -CAkey $CAkey -CAserial $CAserial", $outFile); + + system("openssl2 verify -CAfile $CAcert $Ucert (CLIB_OPT)/>$outFile"); + log_output("openssl2 verify -CAfile $CAcert $Ucert", $outFile); + + system("openssl2 x509 -subject -issuer -startdate -enddate -noout -in $Ucert (CLIB_OPT)/>$outFile"); + log_desc("Certificate details"); + log_output("openssl2 x509 -subject -issuer -startdate -enddate -noout -in $Ucert", $outFile); + + print(OUT "--\n"); + print(OUT "The generated CA certificate is $CAcert\n"); + print(OUT "The generated CA private key is $CAkey\n"); + print(OUT "The current CA signing serial number is in $CAserial\n"); + + print(OUT "The generated user certificate is $Ucert\n"); + print(OUT "The generated user private key is $Ukey\n"); + print(OUT "--\n"); +} + +############################################################################ +sub evp_tests +{ + my $i = 'evp_test'; + + print( "\nRUNNING EVP TESTS:\n\n"); + + print( OUT "\n========================================================\n"); + print( OUT "EVP TESTS:\n\n"); + + if (-e "$base_path\\$i.nlm") + { + my $outFile = "$output_path\\$i.out"; + system("$i $test_path\\evptests.txt (CLIB_OPT)/>$outFile"); + log_desc("Test: $i\.nlm:"); + log_output("", $outFile ); + } + else + { + log_desc("Test: $i\.nlm: file not found"); + } +} + +############################################################################ +sub log_output( $ $ ) +{ + my( $desc, $file ) = @_; + my($error) = 0; + my($key); + my($msg); + + if ($desc) + { + print("\r$desc\n"); + print(OUT "$desc\n"); + } + + # loop waiting for test program to complete + while ( stat($file) == 0) + { print(". "); sleep(1); } + + + # copy test output to log file + open(IN, "<$file"); + while () + { + print(OUT $_); + if ( $_ =~ /ERROR/ ) + { + $error = 1; + } + } + # close and delete the temporary test output file + close(IN); + unlink($file); + + if ( $error == 0 ) + { + $msg = "Test Succeeded"; + } + else + { + $msg = "Test Failed"; + } + + print(OUT "$msg\n"); + + if ($pause) + { + print("$msg - press ENTER to continue..."); + $key = getc; + print("\n"); + } + + # Several of the testing scripts run a loop loading the + # same NLM with different options. + # On slow NetWare machines there appears to be some delay in the + # OS actually unloading the test nlms and the OS complains about. + # the NLM already being loaded. This additional pause is to + # to help provide a little more time for unloading before trying to + # load again. + sleep(1); +} + + +############################################################################ +sub log_desc( $ ) +{ + my( $desc ) = @_; + + print("\n"); + print("$desc\n"); + + print(OUT "\n"); + print(OUT "$desc\n"); + print(OUT "======================================\n"); +} + +############################################################################ +sub compare_files( $ $ $ ) +{ + my( $file1, $file2, $binary ) = @_; + my( $n1, $n2, $b1, $b2 ); + my($ret) = 1; + + open(IN0, $file1) || die "\nunable to open $file1\n"; + open(IN1, $file2) || die "\nunable to open $file2\n"; + + if ($binary) + { + binmode IN0; + binmode IN1; + } + + for (;;) + { + $n1 = read(IN0, $b1, 512); + $n2 = read(IN1, $b2, 512); + + if ($n1 != $n2) {last;} + if ($b1 != $b2) {last;} + + if ($n1 == 0) + { + $ret = 0; + last; + } + } + close(IN0); + close(IN1); + return($ret); +} + +############################################################################ +sub do_wait() +{ + my($key); + + if ($pause) + { + print("Press ENTER to continue..."); + $key = getc; + print("\n"); + } +} + + +############################################################################ +sub make_tmp_cert_file() +{ + my @cert_files = <$cert_path/*.pem>; + + # delete the file if it already exists + unlink($tmp_cert); + + open( TMP_CERT, ">$tmp_cert") || die "\nunable to open $tmp_cert\n"; + + print("building temporary cert file\n"); + + # create a temporary cert file that contains all the certs + foreach $i (@cert_files) + { + open( IN_CERT, $i ) || die "\nunable to open $i\n"; + + for(;;) + { + $n = sysread(IN_CERT, $data, 1024); + + if ($n == 0) + { + close(IN_CERT); + last; + }; + + syswrite(TMP_CERT, $data, $n); + } + } + + close( TMP_CERT ); +} diff --git a/src/lib/libssl/src/Netware/globals.txt b/src/lib/libssl/src/Netware/globals.txt new file mode 100644 index 0000000000..fe05d390cf --- /dev/null +++ b/src/lib/libssl/src/Netware/globals.txt @@ -0,0 +1,254 @@ +An initial review of the OpenSSL code was done to determine how many +global variables where present. The idea was to determine the amount of +work required to pull the globals into an instance data structure in +order to build a Library NLM for NetWare. This file contains the results +of the review. Each file is listed along with the globals in the file. +The initial review was done very quickly so this list is probably +not a comprehensive list. + + +cryptlib.c +=========================================== + +static STACK *app_locks=NULL; + +static STACK_OF(CRYPTO_dynlock) *dyn_locks=NULL; + +static void (MS_FAR *locking_callback)(int mode,int type, + const char *file,int line)=NULL; +static int (MS_FAR *add_lock_callback)(int *pointer,int amount, + int type,const char *file,int line)=NULL; +static unsigned long (MS_FAR *id_callback)(void)=NULL; +static struct CRYPTO_dynlock_value *(MS_FAR *dynlock_create_callback) + (const char *file,int line)=NULL; +static void (MS_FAR *dynlock_lock_callback)(int mode, + struct CRYPTO_dynlock_value *l, const char *file,int line)=NULL; +static void (MS_FAR *dynlock_destroy_callback)(struct CRYPTO_dynlock_value *l, + const char *file,int line)=NULL; + + +mem.c +=========================================== +static int allow_customize = 1; /* we provide flexible functions for */ +static int allow_customize_debug = 1;/* exchanging memory-related functions at + +/* may be changed as long as `allow_customize' is set */ +static void *(*malloc_locked_func)(size_t) = malloc; +static void (*free_locked_func)(void *) = free; +static void *(*malloc_func)(size_t) = malloc; +static void *(*realloc_func)(void *, size_t)= realloc; +static void (*free_func)(void *) = free; + +/* use default functions from mem_dbg.c */ +static void (*malloc_debug_func)(void *,int,const char *,int,int) + = CRYPTO_dbg_malloc; +static void (*realloc_debug_func)(void *,void *,int,const char *,int,int) + = CRYPTO_dbg_realloc; +static void (*free_debug_func)(void *,int) = CRYPTO_dbg_free; +static void (*set_debug_options_func)(long) = CRYPTO_dbg_set_options; +static long (*get_debug_options_func)(void) = CRYPTO_dbg_get_options; + + +mem_dbg.c +=========================================== +static int mh_mode=CRYPTO_MEM_CHECK_OFF; +static unsigned long order = 0; /* number of memory requests */ +static LHASH *mh=NULL; /* hash-table of memory requests (address as key) */ + +static LHASH *amih=NULL; /* hash-table with those app_mem_info_st's */ +static long options = /* extra information to be recorded */ +static unsigned long disabling_thread = 0; + + +err.c +=========================================== +static LHASH *error_hash=NULL; +static LHASH *thread_hash=NULL; + +several files have routines with static "init" to track if error strings + have been loaded ( may not want seperate error strings for each process ) + The "init" variable can't be left "global" because the error has is a ptr + that is malloc'ed. The malloc'ed error has is dependant on the "init" + vars. + + files: + pem_err.c + cpt_err.c + pk12err.c + asn1_err.c + bio_err.c + bn_err.c + buf_err.c + comp_err.c + conf_err.c + cpt_err.c + dh_err.c + dsa_err.c + dso_err.c + evp_err.c + obj_err.c + pkcs7err.c + rand_err.c + rsa_err.c + rsar_err.c + ssl_err.c + x509_err.c + v3err.c + err.c + +These file have similar "init" globals but they are for other stuff not +error strings: + + bn_lib.c + ecc_enc.c + s23_clnt.c + s23_meth.c + s23_srvr.c + s2_clnt.c + s2_lib.c + s2_meth.c + s2_srvr.c + s3_clnt.c + s3_lib.c + s3_srvr.c + t1_clnt.c + t1_meth.c + t1_srvr.c + +rand_lib.c +=========================================== +static RAND_METHOD *rand_meth= &rand_ssleay_meth; + +md_rand.c +=========================================== +static int state_num=0,state_index=0; +static unsigned char state[STATE_SIZE+MD_DIGEST_LENGTH]; +static unsigned char md[MD_DIGEST_LENGTH]; +static long md_count[2]={0,0}; +static double entropy=0; +static int initialized=0; + +/* This should be set to 1 only when ssleay_rand_add() is called inside + an already locked state, so it doesn't try to lock and thereby cause + a hang. And it should always be reset back to 0 before unlocking. */ +static int add_do_not_lock=0; + +obj_dat.c +============================================ +static int new_nid=NUM_NID; +static LHASH *added=NULL; + +b_sock.c +=========================================== +static unsigned long BIO_ghbn_hits=0L; +static unsigned long BIO_ghbn_miss=0L; +static struct ghbn_cache_st + { + char name[129]; + struct hostent *ent; + unsigned long order; + } ghbn_cache[GHBN_NUM]; + +static int wsa_init_done=0; + + +bio_lib.c +=========================================== +static STACK_OF(CRYPTO_EX_DATA_FUNCS) *bio_meth=NULL; +static int bio_meth_num=0; + + +bn_lib.c +======================================== +static int bn_limit_bits=0; +static int bn_limit_num=8; /* (1<${CATOP}/index.txt"; close OUT; + open OUT, ">${CATOP}/crlnumber"; + print OUT "01\n"; + close OUT; } if ( ! -f "${CATOP}/private/$CAKEY" ) { print "CA certificate filename (or enter to create)\n"; @@ -106,15 +111,16 @@ foreach (@ARGV) { $RET=$?; } else { print "Making CA certificate ...\n"; - system ("$REQ -new -x509 -keyout " . - "${CATOP}/private/$CAKEY -out ${CATOP}/$CACERT $DAYS"); + system ("$REQ -new -keyout " . + "${CATOP}/private/$CAKEY -out ${CATOP}/$CAREQ"); + system ("$CA -create_serial " . + "-out ${CATOP}/$CACERT $CADAYS -batch " . + "-keyfile ${CATOP}/private/$CAKEY -selfsign " . + "-extensions v3_ca " . + "-infiles ${CATOP}/$CAREQ "); $RET=$?; } } - if (! -f "${CATOP}/serial" ) { - system ("$X509 -in ${CATOP}/$CACERT -noout " - . "-next_serial -out ${CATOP}/serial"); - } } elsif (/^-pkcs12$/) { my $cname = $ARGV[1]; $cname = "My Certificate" unless defined $cname; diff --git a/src/lib/libssl/src/apps/CA.pl.in b/src/lib/libssl/src/apps/CA.pl.in index 9c99739092..c783a6e6a5 100644 --- a/src/lib/libssl/src/apps/CA.pl.in +++ b/src/lib/libssl/src/apps/CA.pl.in @@ -45,7 +45,8 @@ if(defined $ENV{OPENSSL}) { } $SSLEAY_CONFIG=$ENV{"SSLEAY_CONFIG"}; -$DAYS="-days 365"; +$DAYS="-days 365"; # 1 year +$CADAYS="-days 1095"; # 3 years $REQ="$openssl req $SSLEAY_CONFIG"; $CA="$openssl ca $SSLEAY_CONFIG"; $VERIFY="$openssl verify"; @@ -54,6 +55,7 @@ $PKCS12="$openssl pkcs12"; $CATOP="./demoCA"; $CAKEY="cakey.pem"; +$CAREQ="careq.pem"; $CACERT="cacert.pem"; $DIRMODE = 0777; @@ -92,6 +94,9 @@ foreach (@ARGV) { mkdir "${CATOP}/private", $DIRMODE; open OUT, ">${CATOP}/index.txt"; close OUT; + open OUT, ">${CATOP}/crlnumber"; + print OUT "01\n"; + close OUT; } if ( ! -f "${CATOP}/private/$CAKEY" ) { print "CA certificate filename (or enter to create)\n"; @@ -106,15 +111,16 @@ foreach (@ARGV) { $RET=$?; } else { print "Making CA certificate ...\n"; - system ("$REQ -new -x509 -keyout " . - "${CATOP}/private/$CAKEY -out ${CATOP}/$CACERT $DAYS"); + system ("$REQ -new -keyout " . + "${CATOP}/private/$CAKEY -out ${CATOP}/$CAREQ"); + system ("$CA -create_serial " . + "-out ${CATOP}/$CACERT $CADAYS -batch " . + "-keyfile ${CATOP}/private/$CAKEY -selfsign " . + "-extensions v3_ca " . + "-infiles ${CATOP}/$CAREQ "); $RET=$?; } } - if (! -f "${CATOP}/serial" ) { - system ("$X509 -in ${CATOP}/$CACERT -noout " - . "-next_serial -out ${CATOP}/serial"); - } } elsif (/^-pkcs12$/) { my $cname = $ARGV[1]; $cname = "My Certificate" unless defined $cname; diff --git a/src/lib/libssl/src/apps/CA.sh b/src/lib/libssl/src/apps/CA.sh index 84d7ec0b33..a0b20d85a9 100644 --- a/src/lib/libssl/src/apps/CA.sh +++ b/src/lib/libssl/src/apps/CA.sh @@ -32,7 +32,8 @@ if [ -z "$OPENSSL" ]; then OPENSSL=openssl; fi -DAYS="-days 365" +DAYS="-days 365" # 1 year +CADAYS="-days 1095" # 3 years REQ="$OPENSSL req $SSLEAY_CONFIG" CA="$OPENSSL ca $SSLEAY_CONFIG" VERIFY="$OPENSSL verify" @@ -40,6 +41,7 @@ X509="$OPENSSL x509" CATOP=./demoCA CAKEY=./cakey.pem +CAREQ=./careq.pem CACERT=./cacert.pem for i @@ -72,7 +74,7 @@ case $i in mkdir ${CATOP}/crl mkdir ${CATOP}/newcerts mkdir ${CATOP}/private - echo "01" > ${CATOP}/serial + echo "00" > ${CATOP}/serial touch ${CATOP}/index.txt fi if [ ! -f ${CATOP}/private/$CAKEY ]; then @@ -85,8 +87,11 @@ case $i in RET=$? else echo "Making CA certificate ..." - $REQ -new -x509 -keyout ${CATOP}/private/$CAKEY \ - -out ${CATOP}/$CACERT $DAYS + $REQ -new -keyout ${CATOP}/private/$CAKEY \ + -out ${CATOP}/$CAREQ + $CA -out ${CATOP}/$CACERT $CADAYS -batch \ + -keyfile ${CATOP}/private/$CAKEY -selfsign \ + -infiles ${CATOP}/$CAREQ RET=$? fi fi diff --git a/src/lib/libssl/src/apps/Makefile b/src/lib/libssl/src/apps/Makefile index 4daa92382f..92ae515b44 100644 --- a/src/lib/libssl/src/apps/Makefile +++ b/src/lib/libssl/src/apps/Makefile @@ -7,11 +7,6 @@ TOP= .. CC= cc INCLUDES= -I$(TOP) -I../include $(KRB5_INCLUDES) CFLAG= -g -static -INSTALL_PREFIX= -INSTALLTOP= /usr/local/ssl -OPENSSLDIR= /usr/local/ssl -MAKEDEPPROG= makedepend -MAKEDEPEND= $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG) MAKEFILE= Makefile PERL= perl RM= rm -f @@ -41,9 +36,9 @@ SCRIPTS=CA.sh CA.pl EXE= $(PROGRAM)$(EXE_EXT) E_EXE= verify asn1pars req dgst dh dhparam enc passwd gendh errstr \ - ca crl rsa rsautl dsa dsaparam \ + ca crl rsa rsautl dsa dsaparam ec ecparam \ x509 genrsa gendsa s_server s_client speed \ - s_time version pkcs7 crl2pkcs7 sess_id ciphers nseq pkcs12 \ + s_time version pkcs7 cms crl2pkcs7 sess_id ciphers nseq pkcs12 \ pkcs8 spkac smime rand engine ocsp prime PROGS= $(PROGRAM).c @@ -57,17 +52,19 @@ RAND_SRC=app_rand.c E_OBJ= verify.o asn1pars.o req.o dgst.o dh.o dhparam.o enc.o passwd.o gendh.o errstr.o \ ca.o pkcs7.o crl2p7.o crl.o \ - rsa.o rsautl.o dsa.o dsaparam.o \ + rsa.o rsautl.o dsa.o dsaparam.o ec.o ecparam.o \ x509.o genrsa.o gendsa.o s_server.o s_client.o speed.o \ s_time.o $(A_OBJ) $(S_OBJ) $(RAND_OBJ) version.o sess_id.o \ - ciphers.o nseq.o pkcs12.o pkcs8.o spkac.o smime.o rand.o engine.o ocsp.o prime.o + ciphers.o nseq.o pkcs12.o pkcs8.o spkac.o smime.o rand.o engine.o \ + ocsp.o prime.o cms.o E_SRC= verify.c asn1pars.c req.c dgst.c dh.c enc.c passwd.c gendh.c errstr.c ca.c \ pkcs7.c crl2p7.c crl.c \ - rsa.c rsautl.c dsa.c dsaparam.c \ + rsa.c rsautl.c dsa.c dsaparam.c ec.c ecparam.c \ x509.c genrsa.c gendsa.c s_server.c s_client.c speed.c \ s_time.c $(A_SRC) $(S_SRC) $(RAND_SRC) version.c sess_id.c \ - ciphers.c nseq.c pkcs12.c pkcs8.c spkac.c smime.c rand.c engine.c ocsp.c prime.c + ciphers.c nseq.c pkcs12.c pkcs8.c spkac.c smime.c rand.c engine.c \ + ocsp.c prime.c cms.c SRC=$(E_SRC) @@ -86,8 +83,13 @@ all: exe exe: $(EXE) req: sreq.o $(A_OBJ) $(DLIBCRYPTO) - LD_LIBRARY_PATH=..:$$LD_LIBRARY_PATH \ - $(CC) -o req $(CFLAG) sreq.o $(A_OBJ) $(RAND_OBJ) $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS) + shlib_target=; if [ -n "$(SHARED_LIBS)" ]; then \ + shlib_target="$(SHLIB_TARGET)"; \ + fi; \ + $(MAKE) -f $(TOP)/Makefile.shared -e \ + APPNAME=req OBJECTS="sreq.o $(A_OBJ) $(RAND_OBJ)" \ + LIBDEPS="$(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS)" \ + link_app.$${shlib_target} sreq.o: req.c $(CC) -c $(INCLUDES) $(CFLAG) -o sreq.o req.c @@ -96,15 +98,15 @@ files: $(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO install: - @for i in $(EXE); \ + @[ -n "$(INSTALLTOP)" ] # should be set by top Makefile... + @set -e; for i in $(EXE); \ do \ (echo installing $$i; \ cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$i.new; \ chmod 755 $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$i.new; \ - mv -f $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$i.new \ - $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$i; \ - ) done; - @for i in $(SCRIPTS); \ + mv -f $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$i.new $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$i ); \ + done; + @set -e; for i in $(SCRIPTS); \ do \ (echo installing $$i; \ cp $$i $(INSTALL_PREFIX)$(OPENSSLDIR)/misc/$$i.new; \ @@ -126,7 +128,11 @@ lint: lint -DLINT $(INCLUDES) $(SRC)>fluff depend: - $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(SRC) + @if [ -z "$(THIS)" ]; then \ + $(MAKE) -f $(TOP)/Makefile reflect THIS=$@; \ + else \ + $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(SRC); \ + fi dclean: $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new @@ -144,19 +150,14 @@ $(DLIBCRYPTO): $(EXE): progs.h $(E_OBJ) $(PROGRAM).o $(DLIBCRYPTO) $(DLIBSSL) $(RM) $(EXE) - @if egrep 'define OPENSSL_FIPS' $(TOP)/include/openssl/opensslconf.h > /dev/null; then \ - FIPSLD_CC=$(CC); CC=$(TOP)/fips-1.0/fipsld; export CC FIPSLD_CC; \ + shlib_target=; if [ -n "$(SHARED_LIBS)" ]; then \ + shlib_target="$(SHLIB_TARGET)"; \ fi; \ - SHARED_LIBS="$(SHARED_LIBS)"; \ - if [ "$(SHLIB_TARGET)" = "darwin-shared" ] ; then \ - SHARED_LIBS=""; \ - fi; \ - if [ -z "$$SHARED_LIBS" ]; then \ - set -x; $${CC:-$(CC)} -o $(EXE) $(CFLAGS) $(PROGRAM).o $(E_OBJ) $(PEX_LIBS) $(DLIBSSL) $(LIBKRB5) $(DLIBCRYPTO) $(EX_LIBS) ; \ - else \ - set -x; LD_LIBRARY_PATH=..:$$LD_LIBRARY_PATH \ - $(CC) -o $(EXE) $(CFLAGS) $(PROGRAM).o $(E_OBJ) $(PEX_LIBS) $(LIBSSL) $(LIBKRB5) $(LIBCRYPTO) $(EX_LIBS) ; \ - fi + LIBRARIES="$(LIBSSL) $(LIBKRB5) $(LIBCRYPTO)" ; \ + $(MAKE) -f $(TOP)/Makefile.shared -e \ + APPNAME=$(EXE) OBJECTS="$(PROGRAM).o $(E_OBJ)" \ + LIBDEPS="$(PEX_LIBS) $$LIBRARIES $(EX_LIBS)" \ + link_app.$${shlib_target} -(cd ..; \ OPENSSL="`pwd`/util/opensslwrap.sh"; export OPENSSL; \ $(PERL) tools/c_rehash certs) @@ -167,1005 +168,786 @@ progs.h: progs.pl # DO NOT DELETE THIS LINE -- make depend depends on it. -app_rand.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h -app_rand.o: ../include/openssl/bio.h ../include/openssl/blowfish.h -app_rand.o: ../include/openssl/bn.h ../include/openssl/buffer.h -app_rand.o: ../include/openssl/cast.h ../include/openssl/conf.h -app_rand.o: ../include/openssl/crypto.h ../include/openssl/des.h -app_rand.o: ../include/openssl/des_old.h ../include/openssl/dh.h -app_rand.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h -app_rand.o: ../include/openssl/engine.h ../include/openssl/err.h -app_rand.o: ../include/openssl/evp.h ../include/openssl/idea.h -app_rand.o: ../include/openssl/lhash.h ../include/openssl/md2.h -app_rand.o: ../include/openssl/md4.h ../include/openssl/md5.h -app_rand.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h -app_rand.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h +app_rand.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h +app_rand.o: ../include/openssl/buffer.h ../include/openssl/conf.h +app_rand.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h +app_rand.o: ../include/openssl/ec.h ../include/openssl/ecdh.h +app_rand.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h +app_rand.o: ../include/openssl/evp.h ../include/openssl/lhash.h +app_rand.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h +app_rand.o: ../include/openssl/ocsp.h ../include/openssl/opensslconf.h app_rand.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h app_rand.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h -app_rand.o: ../include/openssl/rc2.h ../include/openssl/rc4.h -app_rand.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h -app_rand.o: ../include/openssl/rsa.h ../include/openssl/safestack.h -app_rand.o: ../include/openssl/sha.h ../include/openssl/stack.h -app_rand.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h -app_rand.o: ../include/openssl/ui.h ../include/openssl/ui_compat.h -app_rand.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h app_rand.c -app_rand.o: apps.h -apps.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h -apps.o: ../include/openssl/bio.h ../include/openssl/blowfish.h +app_rand.o: ../include/openssl/safestack.h ../include/openssl/sha.h +app_rand.o: ../include/openssl/stack.h ../include/openssl/symhacks.h +app_rand.o: ../include/openssl/txt_db.h ../include/openssl/x509.h +app_rand.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h +app_rand.o: app_rand.c apps.h +apps.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h apps.o: ../include/openssl/bn.h ../include/openssl/buffer.h -apps.o: ../include/openssl/cast.h ../include/openssl/conf.h -apps.o: ../include/openssl/crypto.h ../include/openssl/des.h -apps.o: ../include/openssl/des_old.h ../include/openssl/dh.h -apps.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h +apps.o: ../include/openssl/conf.h ../include/openssl/crypto.h +apps.o: ../include/openssl/e_os2.h ../include/openssl/ec.h +apps.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h apps.o: ../include/openssl/engine.h ../include/openssl/err.h -apps.o: ../include/openssl/evp.h ../include/openssl/idea.h -apps.o: ../include/openssl/lhash.h ../include/openssl/md2.h -apps.o: ../include/openssl/md4.h ../include/openssl/md5.h -apps.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h -apps.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h +apps.o: ../include/openssl/evp.h ../include/openssl/lhash.h +apps.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h +apps.o: ../include/openssl/ocsp.h ../include/openssl/opensslconf.h apps.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h apps.o: ../include/openssl/pem.h ../include/openssl/pem2.h apps.o: ../include/openssl/pkcs12.h ../include/openssl/pkcs7.h -apps.o: ../include/openssl/rand.h ../include/openssl/rc2.h -apps.o: ../include/openssl/rc4.h ../include/openssl/rc5.h -apps.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h -apps.o: ../include/openssl/safestack.h ../include/openssl/sha.h -apps.o: ../include/openssl/stack.h ../include/openssl/symhacks.h -apps.o: ../include/openssl/txt_db.h ../include/openssl/ui.h -apps.o: ../include/openssl/ui_compat.h ../include/openssl/x509.h +apps.o: ../include/openssl/rsa.h ../include/openssl/safestack.h +apps.o: ../include/openssl/sha.h ../include/openssl/stack.h +apps.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h +apps.o: ../include/openssl/ui.h ../include/openssl/x509.h apps.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.c apps.h -asn1pars.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h -asn1pars.o: ../include/openssl/bio.h ../include/openssl/blowfish.h -asn1pars.o: ../include/openssl/bn.h ../include/openssl/buffer.h -asn1pars.o: ../include/openssl/cast.h ../include/openssl/conf.h -asn1pars.o: ../include/openssl/crypto.h ../include/openssl/des.h -asn1pars.o: ../include/openssl/des_old.h ../include/openssl/dh.h -asn1pars.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h -asn1pars.o: ../include/openssl/engine.h ../include/openssl/err.h -asn1pars.o: ../include/openssl/evp.h ../include/openssl/idea.h -asn1pars.o: ../include/openssl/lhash.h ../include/openssl/md2.h -asn1pars.o: ../include/openssl/md4.h ../include/openssl/md5.h -asn1pars.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h -asn1pars.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h -asn1pars.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h -asn1pars.o: ../include/openssl/pem.h ../include/openssl/pem2.h -asn1pars.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h -asn1pars.o: ../include/openssl/rc2.h ../include/openssl/rc4.h -asn1pars.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h -asn1pars.o: ../include/openssl/rsa.h ../include/openssl/safestack.h -asn1pars.o: ../include/openssl/sha.h ../include/openssl/stack.h -asn1pars.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h -asn1pars.o: ../include/openssl/ui.h ../include/openssl/ui_compat.h -asn1pars.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h apps.h +asn1pars.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h +asn1pars.o: ../include/openssl/buffer.h ../include/openssl/conf.h +asn1pars.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h +asn1pars.o: ../include/openssl/ec.h ../include/openssl/ecdh.h +asn1pars.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h +asn1pars.o: ../include/openssl/err.h ../include/openssl/evp.h +asn1pars.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h +asn1pars.o: ../include/openssl/objects.h ../include/openssl/ocsp.h +asn1pars.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h +asn1pars.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h +asn1pars.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h +asn1pars.o: ../include/openssl/safestack.h ../include/openssl/sha.h +asn1pars.o: ../include/openssl/stack.h ../include/openssl/symhacks.h +asn1pars.o: ../include/openssl/txt_db.h ../include/openssl/x509.h +asn1pars.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h asn1pars.o: asn1pars.c -ca.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h -ca.o: ../include/openssl/bio.h ../include/openssl/blowfish.h +ca.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h ca.o: ../include/openssl/bn.h ../include/openssl/buffer.h -ca.o: ../include/openssl/cast.h ../include/openssl/conf.h -ca.o: ../include/openssl/crypto.h ../include/openssl/des.h -ca.o: ../include/openssl/des_old.h ../include/openssl/dh.h -ca.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h +ca.o: ../include/openssl/conf.h ../include/openssl/crypto.h +ca.o: ../include/openssl/e_os2.h ../include/openssl/ec.h +ca.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h ca.o: ../include/openssl/engine.h ../include/openssl/err.h -ca.o: ../include/openssl/evp.h ../include/openssl/idea.h -ca.o: ../include/openssl/lhash.h ../include/openssl/md2.h -ca.o: ../include/openssl/md4.h ../include/openssl/md5.h -ca.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h -ca.o: ../include/openssl/objects.h ../include/openssl/ocsp.h -ca.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h -ca.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h -ca.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h -ca.o: ../include/openssl/rand.h ../include/openssl/rc2.h -ca.o: ../include/openssl/rc4.h ../include/openssl/rc5.h -ca.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h -ca.o: ../include/openssl/safestack.h ../include/openssl/sha.h -ca.o: ../include/openssl/stack.h ../include/openssl/symhacks.h -ca.o: ../include/openssl/txt_db.h ../include/openssl/ui.h -ca.o: ../include/openssl/ui_compat.h ../include/openssl/x509.h -ca.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h ca.c -ciphers.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h -ciphers.o: ../include/openssl/bio.h ../include/openssl/blowfish.h +ca.o: ../include/openssl/evp.h ../include/openssl/lhash.h +ca.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h +ca.o: ../include/openssl/ocsp.h ../include/openssl/opensslconf.h +ca.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h +ca.o: ../include/openssl/pem.h ../include/openssl/pem2.h +ca.o: ../include/openssl/pkcs7.h ../include/openssl/safestack.h +ca.o: ../include/openssl/sha.h ../include/openssl/stack.h +ca.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h +ca.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h +ca.o: ../include/openssl/x509v3.h apps.h ca.c +ciphers.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h ciphers.o: ../include/openssl/bn.h ../include/openssl/buffer.h -ciphers.o: ../include/openssl/cast.h ../include/openssl/comp.h -ciphers.o: ../include/openssl/conf.h ../include/openssl/crypto.h -ciphers.o: ../include/openssl/des.h ../include/openssl/des_old.h -ciphers.o: ../include/openssl/dh.h ../include/openssl/dsa.h -ciphers.o: ../include/openssl/e_os2.h ../include/openssl/engine.h -ciphers.o: ../include/openssl/err.h ../include/openssl/evp.h -ciphers.o: ../include/openssl/idea.h ../include/openssl/kssl.h -ciphers.o: ../include/openssl/lhash.h ../include/openssl/md2.h -ciphers.o: ../include/openssl/md4.h ../include/openssl/md5.h -ciphers.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h -ciphers.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h -ciphers.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h -ciphers.o: ../include/openssl/pem.h ../include/openssl/pem2.h -ciphers.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h -ciphers.o: ../include/openssl/rc2.h ../include/openssl/rc4.h -ciphers.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h -ciphers.o: ../include/openssl/rsa.h ../include/openssl/safestack.h -ciphers.o: ../include/openssl/sha.h ../include/openssl/ssl.h -ciphers.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h -ciphers.o: ../include/openssl/ssl3.h ../include/openssl/stack.h -ciphers.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h -ciphers.o: ../include/openssl/txt_db.h ../include/openssl/ui.h -ciphers.o: ../include/openssl/ui_compat.h ../include/openssl/x509.h -ciphers.o: ../include/openssl/x509_vfy.h apps.h ciphers.c -crl.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h -crl.o: ../include/openssl/bio.h ../include/openssl/blowfish.h -crl.o: ../include/openssl/bn.h ../include/openssl/buffer.h -crl.o: ../include/openssl/cast.h ../include/openssl/conf.h -crl.o: ../include/openssl/crypto.h ../include/openssl/des.h -crl.o: ../include/openssl/des_old.h ../include/openssl/dh.h -crl.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h -crl.o: ../include/openssl/engine.h ../include/openssl/err.h -crl.o: ../include/openssl/evp.h ../include/openssl/idea.h -crl.o: ../include/openssl/lhash.h ../include/openssl/md2.h -crl.o: ../include/openssl/md4.h ../include/openssl/md5.h -crl.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h -crl.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h -crl.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h -crl.o: ../include/openssl/pem.h ../include/openssl/pem2.h -crl.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h -crl.o: ../include/openssl/rc2.h ../include/openssl/rc4.h -crl.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h -crl.o: ../include/openssl/rsa.h ../include/openssl/safestack.h -crl.o: ../include/openssl/sha.h ../include/openssl/stack.h -crl.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h -crl.o: ../include/openssl/ui.h ../include/openssl/ui_compat.h -crl.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h -crl.o: ../include/openssl/x509v3.h apps.h crl.c -crl2p7.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h -crl2p7.o: ../include/openssl/bio.h ../include/openssl/blowfish.h -crl2p7.o: ../include/openssl/bn.h ../include/openssl/buffer.h -crl2p7.o: ../include/openssl/cast.h ../include/openssl/conf.h -crl2p7.o: ../include/openssl/crypto.h ../include/openssl/des.h -crl2p7.o: ../include/openssl/des_old.h ../include/openssl/dh.h -crl2p7.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h -crl2p7.o: ../include/openssl/engine.h ../include/openssl/err.h -crl2p7.o: ../include/openssl/evp.h ../include/openssl/idea.h -crl2p7.o: ../include/openssl/lhash.h ../include/openssl/md2.h -crl2p7.o: ../include/openssl/md4.h ../include/openssl/md5.h -crl2p7.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h -crl2p7.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h -crl2p7.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h -crl2p7.o: ../include/openssl/pem.h ../include/openssl/pem2.h -crl2p7.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h -crl2p7.o: ../include/openssl/rc2.h ../include/openssl/rc4.h -crl2p7.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h -crl2p7.o: ../include/openssl/rsa.h ../include/openssl/safestack.h -crl2p7.o: ../include/openssl/sha.h ../include/openssl/stack.h -crl2p7.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h -crl2p7.o: ../include/openssl/ui.h ../include/openssl/ui_compat.h -crl2p7.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h apps.h +ciphers.o: ../include/openssl/comp.h ../include/openssl/conf.h +ciphers.o: ../include/openssl/crypto.h ../include/openssl/dtls1.h +ciphers.o: ../include/openssl/e_os2.h ../include/openssl/ec.h +ciphers.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h +ciphers.o: ../include/openssl/engine.h ../include/openssl/err.h +ciphers.o: ../include/openssl/evp.h ../include/openssl/kssl.h +ciphers.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h +ciphers.o: ../include/openssl/objects.h ../include/openssl/ocsp.h +ciphers.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h +ciphers.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h +ciphers.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h +ciphers.o: ../include/openssl/pq_compat.h ../include/openssl/pqueue.h +ciphers.o: ../include/openssl/safestack.h ../include/openssl/sha.h +ciphers.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h +ciphers.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h +ciphers.o: ../include/openssl/stack.h ../include/openssl/symhacks.h +ciphers.o: ../include/openssl/tls1.h ../include/openssl/txt_db.h +ciphers.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h +ciphers.o: ../include/openssl/x509v3.h apps.h ciphers.c +cms.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h +cms.o: ../include/openssl/buffer.h ../include/openssl/conf.h +cms.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h +cms.o: ../include/openssl/ec.h ../include/openssl/ecdh.h +cms.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h +cms.o: ../include/openssl/evp.h ../include/openssl/lhash.h +cms.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h +cms.o: ../include/openssl/ocsp.h ../include/openssl/opensslconf.h +cms.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h +cms.o: ../include/openssl/pkcs7.h ../include/openssl/safestack.h +cms.o: ../include/openssl/sha.h ../include/openssl/stack.h +cms.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h +cms.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h +cms.o: ../include/openssl/x509v3.h apps.h cms.c +crl.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h +crl.o: ../include/openssl/buffer.h ../include/openssl/conf.h +crl.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h +crl.o: ../include/openssl/ec.h ../include/openssl/ecdh.h +crl.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h +crl.o: ../include/openssl/err.h ../include/openssl/evp.h +crl.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h +crl.o: ../include/openssl/objects.h ../include/openssl/ocsp.h +crl.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h +crl.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h +crl.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h +crl.o: ../include/openssl/safestack.h ../include/openssl/sha.h +crl.o: ../include/openssl/stack.h ../include/openssl/symhacks.h +crl.o: ../include/openssl/txt_db.h ../include/openssl/x509.h +crl.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h crl.c +crl2p7.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h +crl2p7.o: ../include/openssl/buffer.h ../include/openssl/conf.h +crl2p7.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h +crl2p7.o: ../include/openssl/ec.h ../include/openssl/ecdh.h +crl2p7.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h +crl2p7.o: ../include/openssl/err.h ../include/openssl/evp.h +crl2p7.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h +crl2p7.o: ../include/openssl/objects.h ../include/openssl/ocsp.h +crl2p7.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h +crl2p7.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h +crl2p7.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h +crl2p7.o: ../include/openssl/safestack.h ../include/openssl/sha.h +crl2p7.o: ../include/openssl/stack.h ../include/openssl/symhacks.h +crl2p7.o: ../include/openssl/txt_db.h ../include/openssl/x509.h +crl2p7.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h crl2p7.o: crl2p7.c -dgst.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h -dgst.o: ../include/openssl/bio.h ../include/openssl/blowfish.h -dgst.o: ../include/openssl/bn.h ../include/openssl/buffer.h -dgst.o: ../include/openssl/cast.h ../include/openssl/conf.h -dgst.o: ../include/openssl/crypto.h ../include/openssl/des.h -dgst.o: ../include/openssl/des_old.h ../include/openssl/dh.h -dgst.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h -dgst.o: ../include/openssl/engine.h ../include/openssl/err.h -dgst.o: ../include/openssl/evp.h ../include/openssl/hmac.h -dgst.o: ../include/openssl/idea.h ../include/openssl/lhash.h -dgst.o: ../include/openssl/md2.h ../include/openssl/md4.h -dgst.o: ../include/openssl/md5.h ../include/openssl/mdc2.h +dgst.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h +dgst.o: ../include/openssl/buffer.h ../include/openssl/conf.h +dgst.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h +dgst.o: ../include/openssl/ec.h ../include/openssl/ecdh.h +dgst.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h +dgst.o: ../include/openssl/err.h ../include/openssl/evp.h +dgst.o: ../include/openssl/hmac.h ../include/openssl/lhash.h dgst.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h -dgst.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h -dgst.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h -dgst.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h -dgst.o: ../include/openssl/rand.h ../include/openssl/rc2.h -dgst.o: ../include/openssl/rc4.h ../include/openssl/rc5.h -dgst.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h -dgst.o: ../include/openssl/safestack.h ../include/openssl/sha.h -dgst.o: ../include/openssl/stack.h ../include/openssl/symhacks.h -dgst.o: ../include/openssl/txt_db.h ../include/openssl/ui.h -dgst.o: ../include/openssl/ui_compat.h ../include/openssl/x509.h -dgst.o: ../include/openssl/x509_vfy.h apps.h dgst.c -dh.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h -dh.o: ../include/openssl/bio.h ../include/openssl/blowfish.h +dgst.o: ../include/openssl/ocsp.h ../include/openssl/opensslconf.h +dgst.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h +dgst.o: ../include/openssl/pem.h ../include/openssl/pem2.h +dgst.o: ../include/openssl/pkcs7.h ../include/openssl/safestack.h +dgst.o: ../include/openssl/sha.h ../include/openssl/stack.h +dgst.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h +dgst.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h +dgst.o: ../include/openssl/x509v3.h apps.h dgst.c +dh.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h dh.o: ../include/openssl/bn.h ../include/openssl/buffer.h -dh.o: ../include/openssl/cast.h ../include/openssl/conf.h -dh.o: ../include/openssl/crypto.h ../include/openssl/des.h -dh.o: ../include/openssl/des_old.h ../include/openssl/dh.h -dh.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h -dh.o: ../include/openssl/engine.h ../include/openssl/err.h -dh.o: ../include/openssl/evp.h ../include/openssl/idea.h -dh.o: ../include/openssl/lhash.h ../include/openssl/md2.h -dh.o: ../include/openssl/md4.h ../include/openssl/md5.h -dh.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h -dh.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h -dh.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h -dh.o: ../include/openssl/pem.h ../include/openssl/pem2.h -dh.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h -dh.o: ../include/openssl/rc2.h ../include/openssl/rc4.h -dh.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h -dh.o: ../include/openssl/rsa.h ../include/openssl/safestack.h -dh.o: ../include/openssl/sha.h ../include/openssl/stack.h -dh.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h -dh.o: ../include/openssl/ui.h ../include/openssl/ui_compat.h -dh.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h apps.h dh.c -dsa.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h -dsa.o: ../include/openssl/bio.h ../include/openssl/blowfish.h +dh.o: ../include/openssl/conf.h ../include/openssl/crypto.h +dh.o: ../include/openssl/dh.h ../include/openssl/e_os2.h +dh.o: ../include/openssl/ec.h ../include/openssl/ecdh.h +dh.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h +dh.o: ../include/openssl/err.h ../include/openssl/evp.h +dh.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h +dh.o: ../include/openssl/objects.h ../include/openssl/ocsp.h +dh.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h +dh.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h +dh.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h +dh.o: ../include/openssl/safestack.h ../include/openssl/sha.h +dh.o: ../include/openssl/stack.h ../include/openssl/symhacks.h +dh.o: ../include/openssl/txt_db.h ../include/openssl/x509.h +dh.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h dh.c +dsa.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h dsa.o: ../include/openssl/bn.h ../include/openssl/buffer.h -dsa.o: ../include/openssl/cast.h ../include/openssl/conf.h -dsa.o: ../include/openssl/crypto.h ../include/openssl/des.h -dsa.o: ../include/openssl/des_old.h ../include/openssl/dh.h +dsa.o: ../include/openssl/conf.h ../include/openssl/crypto.h dsa.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h -dsa.o: ../include/openssl/engine.h ../include/openssl/err.h -dsa.o: ../include/openssl/evp.h ../include/openssl/idea.h -dsa.o: ../include/openssl/lhash.h ../include/openssl/md2.h -dsa.o: ../include/openssl/md4.h ../include/openssl/md5.h -dsa.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h -dsa.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h -dsa.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h -dsa.o: ../include/openssl/pem.h ../include/openssl/pem2.h -dsa.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h -dsa.o: ../include/openssl/rc2.h ../include/openssl/rc4.h -dsa.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h -dsa.o: ../include/openssl/rsa.h ../include/openssl/safestack.h -dsa.o: ../include/openssl/sha.h ../include/openssl/stack.h -dsa.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h -dsa.o: ../include/openssl/ui.h ../include/openssl/ui_compat.h -dsa.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h apps.h dsa.c -dsaparam.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h -dsaparam.o: ../include/openssl/bio.h ../include/openssl/blowfish.h +dsa.o: ../include/openssl/ec.h ../include/openssl/ecdh.h +dsa.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h +dsa.o: ../include/openssl/err.h ../include/openssl/evp.h +dsa.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h +dsa.o: ../include/openssl/objects.h ../include/openssl/ocsp.h +dsa.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h +dsa.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h +dsa.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h +dsa.o: ../include/openssl/safestack.h ../include/openssl/sha.h +dsa.o: ../include/openssl/stack.h ../include/openssl/symhacks.h +dsa.o: ../include/openssl/txt_db.h ../include/openssl/x509.h +dsa.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h dsa.c +dsaparam.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h dsaparam.o: ../include/openssl/bn.h ../include/openssl/buffer.h -dsaparam.o: ../include/openssl/cast.h ../include/openssl/conf.h -dsaparam.o: ../include/openssl/crypto.h ../include/openssl/des.h -dsaparam.o: ../include/openssl/des_old.h ../include/openssl/dh.h -dsaparam.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h +dsaparam.o: ../include/openssl/conf.h ../include/openssl/crypto.h +dsaparam.o: ../include/openssl/dh.h ../include/openssl/dsa.h +dsaparam.o: ../include/openssl/e_os2.h ../include/openssl/ec.h +dsaparam.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h dsaparam.o: ../include/openssl/engine.h ../include/openssl/err.h -dsaparam.o: ../include/openssl/evp.h ../include/openssl/idea.h -dsaparam.o: ../include/openssl/lhash.h ../include/openssl/md2.h -dsaparam.o: ../include/openssl/md4.h ../include/openssl/md5.h -dsaparam.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h -dsaparam.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h +dsaparam.o: ../include/openssl/evp.h ../include/openssl/lhash.h +dsaparam.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h +dsaparam.o: ../include/openssl/ocsp.h ../include/openssl/opensslconf.h dsaparam.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h dsaparam.o: ../include/openssl/pem.h ../include/openssl/pem2.h dsaparam.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h -dsaparam.o: ../include/openssl/rc2.h ../include/openssl/rc4.h -dsaparam.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h dsaparam.o: ../include/openssl/rsa.h ../include/openssl/safestack.h dsaparam.o: ../include/openssl/sha.h ../include/openssl/stack.h -dsaparam.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h -dsaparam.o: ../include/openssl/ui.h ../include/openssl/ui_compat.h -dsaparam.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h apps.h -dsaparam.o: dsaparam.c -enc.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h -enc.o: ../include/openssl/bio.h ../include/openssl/blowfish.h -enc.o: ../include/openssl/bn.h ../include/openssl/buffer.h -enc.o: ../include/openssl/cast.h ../include/openssl/conf.h -enc.o: ../include/openssl/crypto.h ../include/openssl/des.h -enc.o: ../include/openssl/des_old.h ../include/openssl/dh.h -enc.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h -enc.o: ../include/openssl/engine.h ../include/openssl/err.h -enc.o: ../include/openssl/evp.h ../include/openssl/idea.h -enc.o: ../include/openssl/lhash.h ../include/openssl/md2.h -enc.o: ../include/openssl/md4.h ../include/openssl/md5.h -enc.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h -enc.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h -enc.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h -enc.o: ../include/openssl/pem.h ../include/openssl/pem2.h -enc.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h -enc.o: ../include/openssl/rc2.h ../include/openssl/rc4.h -enc.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h -enc.o: ../include/openssl/rsa.h ../include/openssl/safestack.h +dsaparam.o: ../include/openssl/store.h ../include/openssl/symhacks.h +dsaparam.o: ../include/openssl/txt_db.h ../include/openssl/ui.h +dsaparam.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h +dsaparam.o: ../include/openssl/x509v3.h apps.h dsaparam.c +ec.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h +ec.o: ../include/openssl/buffer.h ../include/openssl/conf.h +ec.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h +ec.o: ../include/openssl/ec.h ../include/openssl/ecdh.h +ec.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h +ec.o: ../include/openssl/err.h ../include/openssl/evp.h +ec.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h +ec.o: ../include/openssl/objects.h ../include/openssl/ocsp.h +ec.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h +ec.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h +ec.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h +ec.o: ../include/openssl/safestack.h ../include/openssl/sha.h +ec.o: ../include/openssl/stack.h ../include/openssl/symhacks.h +ec.o: ../include/openssl/txt_db.h ../include/openssl/x509.h +ec.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h ec.c +ecparam.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h +ecparam.o: ../include/openssl/bn.h ../include/openssl/buffer.h +ecparam.o: ../include/openssl/conf.h ../include/openssl/crypto.h +ecparam.o: ../include/openssl/e_os2.h ../include/openssl/ec.h +ecparam.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h +ecparam.o: ../include/openssl/engine.h ../include/openssl/err.h +ecparam.o: ../include/openssl/evp.h ../include/openssl/lhash.h +ecparam.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h +ecparam.o: ../include/openssl/ocsp.h ../include/openssl/opensslconf.h +ecparam.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h +ecparam.o: ../include/openssl/pem.h ../include/openssl/pem2.h +ecparam.o: ../include/openssl/pkcs7.h ../include/openssl/safestack.h +ecparam.o: ../include/openssl/sha.h ../include/openssl/stack.h +ecparam.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h +ecparam.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h +ecparam.o: ../include/openssl/x509v3.h apps.h ecparam.c +enc.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h +enc.o: ../include/openssl/buffer.h ../include/openssl/conf.h +enc.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h +enc.o: ../include/openssl/ec.h ../include/openssl/ecdh.h +enc.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h +enc.o: ../include/openssl/err.h ../include/openssl/evp.h +enc.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h +enc.o: ../include/openssl/objects.h ../include/openssl/ocsp.h +enc.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h +enc.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h +enc.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h +enc.o: ../include/openssl/rand.h ../include/openssl/safestack.h enc.o: ../include/openssl/sha.h ../include/openssl/stack.h enc.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h -enc.o: ../include/openssl/ui.h ../include/openssl/ui_compat.h -enc.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h apps.h enc.c -engine.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h -engine.o: ../include/openssl/bio.h ../include/openssl/blowfish.h +enc.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h +enc.o: ../include/openssl/x509v3.h apps.h enc.c +engine.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h engine.o: ../include/openssl/bn.h ../include/openssl/buffer.h -engine.o: ../include/openssl/cast.h ../include/openssl/comp.h -engine.o: ../include/openssl/conf.h ../include/openssl/crypto.h -engine.o: ../include/openssl/des.h ../include/openssl/des_old.h -engine.o: ../include/openssl/dh.h ../include/openssl/dsa.h -engine.o: ../include/openssl/e_os2.h ../include/openssl/engine.h -engine.o: ../include/openssl/err.h ../include/openssl/evp.h -engine.o: ../include/openssl/idea.h ../include/openssl/kssl.h -engine.o: ../include/openssl/lhash.h ../include/openssl/md2.h -engine.o: ../include/openssl/md4.h ../include/openssl/md5.h -engine.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h -engine.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h -engine.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h -engine.o: ../include/openssl/pem.h ../include/openssl/pem2.h -engine.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h -engine.o: ../include/openssl/rc2.h ../include/openssl/rc4.h -engine.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h -engine.o: ../include/openssl/rsa.h ../include/openssl/safestack.h -engine.o: ../include/openssl/sha.h ../include/openssl/ssl.h -engine.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h -engine.o: ../include/openssl/ssl3.h ../include/openssl/stack.h -engine.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h -engine.o: ../include/openssl/txt_db.h ../include/openssl/ui.h -engine.o: ../include/openssl/ui_compat.h ../include/openssl/x509.h -engine.o: ../include/openssl/x509_vfy.h apps.h engine.c -errstr.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h -errstr.o: ../include/openssl/bio.h ../include/openssl/blowfish.h +engine.o: ../include/openssl/comp.h ../include/openssl/conf.h +engine.o: ../include/openssl/crypto.h ../include/openssl/dtls1.h +engine.o: ../include/openssl/e_os2.h ../include/openssl/ec.h +engine.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h +engine.o: ../include/openssl/engine.h ../include/openssl/err.h +engine.o: ../include/openssl/evp.h ../include/openssl/kssl.h +engine.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h +engine.o: ../include/openssl/objects.h ../include/openssl/ocsp.h +engine.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h +engine.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h +engine.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h +engine.o: ../include/openssl/pq_compat.h ../include/openssl/pqueue.h +engine.o: ../include/openssl/safestack.h ../include/openssl/sha.h +engine.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h +engine.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h +engine.o: ../include/openssl/stack.h ../include/openssl/symhacks.h +engine.o: ../include/openssl/tls1.h ../include/openssl/txt_db.h +engine.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h +engine.o: ../include/openssl/x509v3.h apps.h engine.c +errstr.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h errstr.o: ../include/openssl/bn.h ../include/openssl/buffer.h -errstr.o: ../include/openssl/cast.h ../include/openssl/comp.h -errstr.o: ../include/openssl/conf.h ../include/openssl/crypto.h -errstr.o: ../include/openssl/des.h ../include/openssl/des_old.h -errstr.o: ../include/openssl/dh.h ../include/openssl/dsa.h -errstr.o: ../include/openssl/e_os2.h ../include/openssl/engine.h -errstr.o: ../include/openssl/err.h ../include/openssl/evp.h -errstr.o: ../include/openssl/idea.h ../include/openssl/kssl.h -errstr.o: ../include/openssl/lhash.h ../include/openssl/md2.h -errstr.o: ../include/openssl/md4.h ../include/openssl/md5.h -errstr.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h -errstr.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h -errstr.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h -errstr.o: ../include/openssl/pem.h ../include/openssl/pem2.h -errstr.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h -errstr.o: ../include/openssl/rc2.h ../include/openssl/rc4.h -errstr.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h -errstr.o: ../include/openssl/rsa.h ../include/openssl/safestack.h -errstr.o: ../include/openssl/sha.h ../include/openssl/ssl.h -errstr.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h -errstr.o: ../include/openssl/ssl3.h ../include/openssl/stack.h -errstr.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h -errstr.o: ../include/openssl/txt_db.h ../include/openssl/ui.h -errstr.o: ../include/openssl/ui_compat.h ../include/openssl/x509.h -errstr.o: ../include/openssl/x509_vfy.h apps.h errstr.c -gendh.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h -gendh.o: ../include/openssl/bio.h ../include/openssl/blowfish.h +errstr.o: ../include/openssl/comp.h ../include/openssl/conf.h +errstr.o: ../include/openssl/crypto.h ../include/openssl/dtls1.h +errstr.o: ../include/openssl/e_os2.h ../include/openssl/ec.h +errstr.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h +errstr.o: ../include/openssl/engine.h ../include/openssl/err.h +errstr.o: ../include/openssl/evp.h ../include/openssl/kssl.h +errstr.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h +errstr.o: ../include/openssl/objects.h ../include/openssl/ocsp.h +errstr.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h +errstr.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h +errstr.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h +errstr.o: ../include/openssl/pq_compat.h ../include/openssl/pqueue.h +errstr.o: ../include/openssl/safestack.h ../include/openssl/sha.h +errstr.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h +errstr.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h +errstr.o: ../include/openssl/stack.h ../include/openssl/symhacks.h +errstr.o: ../include/openssl/tls1.h ../include/openssl/txt_db.h +errstr.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h +errstr.o: ../include/openssl/x509v3.h apps.h errstr.c +gendh.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h gendh.o: ../include/openssl/bn.h ../include/openssl/buffer.h -gendh.o: ../include/openssl/cast.h ../include/openssl/conf.h -gendh.o: ../include/openssl/crypto.h ../include/openssl/des.h -gendh.o: ../include/openssl/des_old.h ../include/openssl/dh.h -gendh.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h +gendh.o: ../include/openssl/conf.h ../include/openssl/crypto.h +gendh.o: ../include/openssl/dh.h ../include/openssl/dsa.h +gendh.o: ../include/openssl/e_os2.h ../include/openssl/ec.h +gendh.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h gendh.o: ../include/openssl/engine.h ../include/openssl/err.h -gendh.o: ../include/openssl/evp.h ../include/openssl/idea.h -gendh.o: ../include/openssl/lhash.h ../include/openssl/md2.h -gendh.o: ../include/openssl/md4.h ../include/openssl/md5.h -gendh.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h -gendh.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h +gendh.o: ../include/openssl/evp.h ../include/openssl/lhash.h +gendh.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h +gendh.o: ../include/openssl/ocsp.h ../include/openssl/opensslconf.h gendh.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h gendh.o: ../include/openssl/pem.h ../include/openssl/pem2.h gendh.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h -gendh.o: ../include/openssl/rc2.h ../include/openssl/rc4.h -gendh.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h gendh.o: ../include/openssl/rsa.h ../include/openssl/safestack.h gendh.o: ../include/openssl/sha.h ../include/openssl/stack.h -gendh.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h -gendh.o: ../include/openssl/ui.h ../include/openssl/ui_compat.h -gendh.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h apps.h gendh.c -gendsa.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h -gendsa.o: ../include/openssl/bio.h ../include/openssl/blowfish.h +gendh.o: ../include/openssl/store.h ../include/openssl/symhacks.h +gendh.o: ../include/openssl/txt_db.h ../include/openssl/ui.h +gendh.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h +gendh.o: ../include/openssl/x509v3.h apps.h gendh.c +gendsa.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h gendsa.o: ../include/openssl/bn.h ../include/openssl/buffer.h -gendsa.o: ../include/openssl/cast.h ../include/openssl/conf.h -gendsa.o: ../include/openssl/crypto.h ../include/openssl/des.h -gendsa.o: ../include/openssl/des_old.h ../include/openssl/dh.h +gendsa.o: ../include/openssl/conf.h ../include/openssl/crypto.h gendsa.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h -gendsa.o: ../include/openssl/engine.h ../include/openssl/err.h -gendsa.o: ../include/openssl/evp.h ../include/openssl/idea.h -gendsa.o: ../include/openssl/lhash.h ../include/openssl/md2.h -gendsa.o: ../include/openssl/md4.h ../include/openssl/md5.h -gendsa.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h -gendsa.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h -gendsa.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h -gendsa.o: ../include/openssl/pem.h ../include/openssl/pem2.h -gendsa.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h -gendsa.o: ../include/openssl/rc2.h ../include/openssl/rc4.h -gendsa.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h -gendsa.o: ../include/openssl/rsa.h ../include/openssl/safestack.h -gendsa.o: ../include/openssl/sha.h ../include/openssl/stack.h -gendsa.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h -gendsa.o: ../include/openssl/ui.h ../include/openssl/ui_compat.h -gendsa.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h apps.h +gendsa.o: ../include/openssl/ec.h ../include/openssl/ecdh.h +gendsa.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h +gendsa.o: ../include/openssl/err.h ../include/openssl/evp.h +gendsa.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h +gendsa.o: ../include/openssl/objects.h ../include/openssl/ocsp.h +gendsa.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h +gendsa.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h +gendsa.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h +gendsa.o: ../include/openssl/safestack.h ../include/openssl/sha.h +gendsa.o: ../include/openssl/stack.h ../include/openssl/symhacks.h +gendsa.o: ../include/openssl/txt_db.h ../include/openssl/x509.h +gendsa.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h gendsa.o: gendsa.c -genrsa.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h -genrsa.o: ../include/openssl/bio.h ../include/openssl/blowfish.h +genrsa.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h genrsa.o: ../include/openssl/bn.h ../include/openssl/buffer.h -genrsa.o: ../include/openssl/cast.h ../include/openssl/conf.h -genrsa.o: ../include/openssl/crypto.h ../include/openssl/des.h -genrsa.o: ../include/openssl/des_old.h ../include/openssl/dh.h -genrsa.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h +genrsa.o: ../include/openssl/conf.h ../include/openssl/crypto.h +genrsa.o: ../include/openssl/dh.h ../include/openssl/dsa.h +genrsa.o: ../include/openssl/e_os2.h ../include/openssl/ec.h +genrsa.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h genrsa.o: ../include/openssl/engine.h ../include/openssl/err.h -genrsa.o: ../include/openssl/evp.h ../include/openssl/idea.h -genrsa.o: ../include/openssl/lhash.h ../include/openssl/md2.h -genrsa.o: ../include/openssl/md4.h ../include/openssl/md5.h -genrsa.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h -genrsa.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h +genrsa.o: ../include/openssl/evp.h ../include/openssl/lhash.h +genrsa.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h +genrsa.o: ../include/openssl/ocsp.h ../include/openssl/opensslconf.h genrsa.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h genrsa.o: ../include/openssl/pem.h ../include/openssl/pem2.h genrsa.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h -genrsa.o: ../include/openssl/rc2.h ../include/openssl/rc4.h -genrsa.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h genrsa.o: ../include/openssl/rsa.h ../include/openssl/safestack.h genrsa.o: ../include/openssl/sha.h ../include/openssl/stack.h -genrsa.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h -genrsa.o: ../include/openssl/ui.h ../include/openssl/ui_compat.h -genrsa.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h apps.h -genrsa.o: genrsa.c -nseq.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h -nseq.o: ../include/openssl/bio.h ../include/openssl/blowfish.h -nseq.o: ../include/openssl/bn.h ../include/openssl/buffer.h -nseq.o: ../include/openssl/cast.h ../include/openssl/conf.h -nseq.o: ../include/openssl/crypto.h ../include/openssl/des.h -nseq.o: ../include/openssl/des_old.h ../include/openssl/dh.h -nseq.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h -nseq.o: ../include/openssl/engine.h ../include/openssl/err.h -nseq.o: ../include/openssl/evp.h ../include/openssl/idea.h -nseq.o: ../include/openssl/lhash.h ../include/openssl/md2.h -nseq.o: ../include/openssl/md4.h ../include/openssl/md5.h -nseq.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h -nseq.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h -nseq.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h -nseq.o: ../include/openssl/pem.h ../include/openssl/pem2.h -nseq.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h -nseq.o: ../include/openssl/rc2.h ../include/openssl/rc4.h -nseq.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h -nseq.o: ../include/openssl/rsa.h ../include/openssl/safestack.h -nseq.o: ../include/openssl/sha.h ../include/openssl/stack.h -nseq.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h -nseq.o: ../include/openssl/ui.h ../include/openssl/ui_compat.h -nseq.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h apps.h nseq.c -ocsp.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h -ocsp.o: ../include/openssl/bio.h ../include/openssl/blowfish.h +genrsa.o: ../include/openssl/store.h ../include/openssl/symhacks.h +genrsa.o: ../include/openssl/txt_db.h ../include/openssl/ui.h +genrsa.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h +genrsa.o: ../include/openssl/x509v3.h apps.h genrsa.c +nseq.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h +nseq.o: ../include/openssl/buffer.h ../include/openssl/conf.h +nseq.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h +nseq.o: ../include/openssl/ec.h ../include/openssl/ecdh.h +nseq.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h +nseq.o: ../include/openssl/err.h ../include/openssl/evp.h +nseq.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h +nseq.o: ../include/openssl/objects.h ../include/openssl/ocsp.h +nseq.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h +nseq.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h +nseq.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h +nseq.o: ../include/openssl/safestack.h ../include/openssl/sha.h +nseq.o: ../include/openssl/stack.h ../include/openssl/symhacks.h +nseq.o: ../include/openssl/txt_db.h ../include/openssl/x509.h +nseq.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h nseq.c +ocsp.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h ocsp.o: ../include/openssl/bn.h ../include/openssl/buffer.h -ocsp.o: ../include/openssl/cast.h ../include/openssl/comp.h -ocsp.o: ../include/openssl/conf.h ../include/openssl/crypto.h -ocsp.o: ../include/openssl/des.h ../include/openssl/des_old.h -ocsp.o: ../include/openssl/dh.h ../include/openssl/dsa.h -ocsp.o: ../include/openssl/e_os2.h ../include/openssl/engine.h -ocsp.o: ../include/openssl/err.h ../include/openssl/evp.h -ocsp.o: ../include/openssl/idea.h ../include/openssl/kssl.h -ocsp.o: ../include/openssl/lhash.h ../include/openssl/md2.h -ocsp.o: ../include/openssl/md4.h ../include/openssl/md5.h -ocsp.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h +ocsp.o: ../include/openssl/comp.h ../include/openssl/conf.h +ocsp.o: ../include/openssl/crypto.h ../include/openssl/dtls1.h +ocsp.o: ../include/openssl/e_os2.h ../include/openssl/ec.h +ocsp.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h +ocsp.o: ../include/openssl/engine.h ../include/openssl/err.h +ocsp.o: ../include/openssl/evp.h ../include/openssl/kssl.h +ocsp.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h ocsp.o: ../include/openssl/objects.h ../include/openssl/ocsp.h ocsp.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h ocsp.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h ocsp.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h -ocsp.o: ../include/openssl/rand.h ../include/openssl/rc2.h -ocsp.o: ../include/openssl/rc4.h ../include/openssl/rc5.h -ocsp.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h +ocsp.o: ../include/openssl/pq_compat.h ../include/openssl/pqueue.h ocsp.o: ../include/openssl/safestack.h ../include/openssl/sha.h ocsp.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h ocsp.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h ocsp.o: ../include/openssl/stack.h ../include/openssl/symhacks.h ocsp.o: ../include/openssl/tls1.h ../include/openssl/txt_db.h -ocsp.o: ../include/openssl/ui.h ../include/openssl/ui_compat.h ocsp.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h ocsp.o: ../include/openssl/x509v3.h apps.h ocsp.c -openssl.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h -openssl.o: ../include/openssl/bio.h ../include/openssl/blowfish.h +openssl.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h openssl.o: ../include/openssl/bn.h ../include/openssl/buffer.h -openssl.o: ../include/openssl/cast.h ../include/openssl/comp.h -openssl.o: ../include/openssl/conf.h ../include/openssl/crypto.h -openssl.o: ../include/openssl/des.h ../include/openssl/des_old.h -openssl.o: ../include/openssl/dh.h ../include/openssl/dsa.h -openssl.o: ../include/openssl/e_os2.h ../include/openssl/engine.h -openssl.o: ../include/openssl/err.h ../include/openssl/evp.h -openssl.o: ../include/openssl/fips.h ../include/openssl/idea.h -openssl.o: ../include/openssl/kssl.h ../include/openssl/lhash.h -openssl.o: ../include/openssl/md2.h ../include/openssl/md4.h -openssl.o: ../include/openssl/md5.h ../include/openssl/mdc2.h -openssl.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h +openssl.o: ../include/openssl/comp.h ../include/openssl/conf.h +openssl.o: ../include/openssl/crypto.h ../include/openssl/dtls1.h +openssl.o: ../include/openssl/e_os2.h ../include/openssl/ec.h +openssl.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h +openssl.o: ../include/openssl/engine.h ../include/openssl/err.h +openssl.o: ../include/openssl/evp.h ../include/openssl/kssl.h +openssl.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h +openssl.o: ../include/openssl/objects.h ../include/openssl/ocsp.h openssl.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h openssl.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h openssl.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h -openssl.o: ../include/openssl/rand.h ../include/openssl/rc2.h -openssl.o: ../include/openssl/rc4.h ../include/openssl/rc5.h -openssl.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h +openssl.o: ../include/openssl/pq_compat.h ../include/openssl/pqueue.h openssl.o: ../include/openssl/safestack.h ../include/openssl/sha.h openssl.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h openssl.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h openssl.o: ../include/openssl/stack.h ../include/openssl/symhacks.h openssl.o: ../include/openssl/tls1.h ../include/openssl/txt_db.h -openssl.o: ../include/openssl/ui.h ../include/openssl/ui_compat.h -openssl.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h apps.h -openssl.o: openssl.c progs.h s_apps.h -passwd.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h -passwd.o: ../include/openssl/bio.h ../include/openssl/blowfish.h -passwd.o: ../include/openssl/bn.h ../include/openssl/buffer.h -passwd.o: ../include/openssl/cast.h ../include/openssl/conf.h +openssl.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h +openssl.o: ../include/openssl/x509v3.h apps.h openssl.c progs.h s_apps.h +passwd.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h +passwd.o: ../include/openssl/buffer.h ../include/openssl/conf.h passwd.o: ../include/openssl/crypto.h ../include/openssl/des.h -passwd.o: ../include/openssl/des_old.h ../include/openssl/dh.h -passwd.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h -passwd.o: ../include/openssl/engine.h ../include/openssl/err.h -passwd.o: ../include/openssl/evp.h ../include/openssl/idea.h -passwd.o: ../include/openssl/lhash.h ../include/openssl/md2.h -passwd.o: ../include/openssl/md4.h ../include/openssl/md5.h -passwd.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h -passwd.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h +passwd.o: ../include/openssl/des_old.h ../include/openssl/e_os2.h +passwd.o: ../include/openssl/ec.h ../include/openssl/ecdh.h +passwd.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h +passwd.o: ../include/openssl/err.h ../include/openssl/evp.h +passwd.o: ../include/openssl/lhash.h ../include/openssl/md5.h +passwd.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h +passwd.o: ../include/openssl/ocsp.h ../include/openssl/opensslconf.h passwd.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h passwd.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h -passwd.o: ../include/openssl/rc2.h ../include/openssl/rc4.h -passwd.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h -passwd.o: ../include/openssl/rsa.h ../include/openssl/safestack.h -passwd.o: ../include/openssl/sha.h ../include/openssl/stack.h -passwd.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h -passwd.o: ../include/openssl/ui.h ../include/openssl/ui_compat.h -passwd.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h apps.h +passwd.o: ../include/openssl/safestack.h ../include/openssl/sha.h +passwd.o: ../include/openssl/stack.h ../include/openssl/symhacks.h +passwd.o: ../include/openssl/txt_db.h ../include/openssl/ui.h +passwd.o: ../include/openssl/ui_compat.h ../include/openssl/x509.h +passwd.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h passwd.o: passwd.c -pkcs12.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h -pkcs12.o: ../include/openssl/bio.h ../include/openssl/blowfish.h -pkcs12.o: ../include/openssl/bn.h ../include/openssl/buffer.h -pkcs12.o: ../include/openssl/cast.h ../include/openssl/conf.h -pkcs12.o: ../include/openssl/crypto.h ../include/openssl/des.h -pkcs12.o: ../include/openssl/des_old.h ../include/openssl/dh.h -pkcs12.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h -pkcs12.o: ../include/openssl/engine.h ../include/openssl/err.h -pkcs12.o: ../include/openssl/evp.h ../include/openssl/idea.h -pkcs12.o: ../include/openssl/lhash.h ../include/openssl/md2.h -pkcs12.o: ../include/openssl/md4.h ../include/openssl/md5.h -pkcs12.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h -pkcs12.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h -pkcs12.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h -pkcs12.o: ../include/openssl/pem.h ../include/openssl/pem2.h -pkcs12.o: ../include/openssl/pkcs12.h ../include/openssl/pkcs7.h -pkcs12.o: ../include/openssl/rand.h ../include/openssl/rc2.h -pkcs12.o: ../include/openssl/rc4.h ../include/openssl/rc5.h -pkcs12.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h -pkcs12.o: ../include/openssl/safestack.h ../include/openssl/sha.h -pkcs12.o: ../include/openssl/stack.h ../include/openssl/symhacks.h -pkcs12.o: ../include/openssl/txt_db.h ../include/openssl/ui.h -pkcs12.o: ../include/openssl/ui_compat.h ../include/openssl/x509.h -pkcs12.o: ../include/openssl/x509_vfy.h apps.h pkcs12.c -pkcs7.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h -pkcs7.o: ../include/openssl/bio.h ../include/openssl/blowfish.h -pkcs7.o: ../include/openssl/bn.h ../include/openssl/buffer.h -pkcs7.o: ../include/openssl/cast.h ../include/openssl/conf.h -pkcs7.o: ../include/openssl/crypto.h ../include/openssl/des.h -pkcs7.o: ../include/openssl/des_old.h ../include/openssl/dh.h -pkcs7.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h -pkcs7.o: ../include/openssl/engine.h ../include/openssl/err.h -pkcs7.o: ../include/openssl/evp.h ../include/openssl/idea.h -pkcs7.o: ../include/openssl/lhash.h ../include/openssl/md2.h -pkcs7.o: ../include/openssl/md4.h ../include/openssl/md5.h -pkcs7.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h -pkcs7.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h -pkcs7.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h -pkcs7.o: ../include/openssl/pem.h ../include/openssl/pem2.h -pkcs7.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h -pkcs7.o: ../include/openssl/rc2.h ../include/openssl/rc4.h -pkcs7.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h -pkcs7.o: ../include/openssl/rsa.h ../include/openssl/safestack.h -pkcs7.o: ../include/openssl/sha.h ../include/openssl/stack.h -pkcs7.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h -pkcs7.o: ../include/openssl/ui.h ../include/openssl/ui_compat.h -pkcs7.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h apps.h pkcs7.c -pkcs8.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h -pkcs8.o: ../include/openssl/bio.h ../include/openssl/blowfish.h -pkcs8.o: ../include/openssl/bn.h ../include/openssl/buffer.h -pkcs8.o: ../include/openssl/cast.h ../include/openssl/conf.h -pkcs8.o: ../include/openssl/crypto.h ../include/openssl/des.h -pkcs8.o: ../include/openssl/des_old.h ../include/openssl/dh.h -pkcs8.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h -pkcs8.o: ../include/openssl/engine.h ../include/openssl/err.h -pkcs8.o: ../include/openssl/evp.h ../include/openssl/idea.h -pkcs8.o: ../include/openssl/lhash.h ../include/openssl/md2.h -pkcs8.o: ../include/openssl/md4.h ../include/openssl/md5.h -pkcs8.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h -pkcs8.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h -pkcs8.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h -pkcs8.o: ../include/openssl/pem.h ../include/openssl/pem2.h -pkcs8.o: ../include/openssl/pkcs12.h ../include/openssl/pkcs7.h -pkcs8.o: ../include/openssl/rand.h ../include/openssl/rc2.h -pkcs8.o: ../include/openssl/rc4.h ../include/openssl/rc5.h -pkcs8.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h -pkcs8.o: ../include/openssl/safestack.h ../include/openssl/sha.h -pkcs8.o: ../include/openssl/stack.h ../include/openssl/symhacks.h -pkcs8.o: ../include/openssl/txt_db.h ../include/openssl/ui.h -pkcs8.o: ../include/openssl/ui_compat.h ../include/openssl/x509.h -pkcs8.o: ../include/openssl/x509_vfy.h apps.h pkcs8.c -prime.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h -prime.o: ../include/openssl/bio.h ../include/openssl/blowfish.h +pkcs12.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h +pkcs12.o: ../include/openssl/buffer.h ../include/openssl/conf.h +pkcs12.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h +pkcs12.o: ../include/openssl/ec.h ../include/openssl/ecdh.h +pkcs12.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h +pkcs12.o: ../include/openssl/err.h ../include/openssl/evp.h +pkcs12.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h +pkcs12.o: ../include/openssl/objects.h ../include/openssl/ocsp.h +pkcs12.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h +pkcs12.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h +pkcs12.o: ../include/openssl/pem2.h ../include/openssl/pkcs12.h +pkcs12.o: ../include/openssl/pkcs7.h ../include/openssl/safestack.h +pkcs12.o: ../include/openssl/sha.h ../include/openssl/stack.h +pkcs12.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h +pkcs12.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h +pkcs12.o: ../include/openssl/x509v3.h apps.h pkcs12.c +pkcs7.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h +pkcs7.o: ../include/openssl/buffer.h ../include/openssl/conf.h +pkcs7.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h +pkcs7.o: ../include/openssl/ec.h ../include/openssl/ecdh.h +pkcs7.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h +pkcs7.o: ../include/openssl/err.h ../include/openssl/evp.h +pkcs7.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h +pkcs7.o: ../include/openssl/objects.h ../include/openssl/ocsp.h +pkcs7.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h +pkcs7.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h +pkcs7.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h +pkcs7.o: ../include/openssl/safestack.h ../include/openssl/sha.h +pkcs7.o: ../include/openssl/stack.h ../include/openssl/symhacks.h +pkcs7.o: ../include/openssl/txt_db.h ../include/openssl/x509.h +pkcs7.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h +pkcs7.o: pkcs7.c +pkcs8.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h +pkcs8.o: ../include/openssl/buffer.h ../include/openssl/conf.h +pkcs8.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h +pkcs8.o: ../include/openssl/ec.h ../include/openssl/ecdh.h +pkcs8.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h +pkcs8.o: ../include/openssl/err.h ../include/openssl/evp.h +pkcs8.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h +pkcs8.o: ../include/openssl/objects.h ../include/openssl/ocsp.h +pkcs8.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h +pkcs8.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h +pkcs8.o: ../include/openssl/pem2.h ../include/openssl/pkcs12.h +pkcs8.o: ../include/openssl/pkcs7.h ../include/openssl/safestack.h +pkcs8.o: ../include/openssl/sha.h ../include/openssl/stack.h +pkcs8.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h +pkcs8.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h +pkcs8.o: ../include/openssl/x509v3.h apps.h pkcs8.c +prime.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h prime.o: ../include/openssl/bn.h ../include/openssl/buffer.h -prime.o: ../include/openssl/cast.h ../include/openssl/conf.h -prime.o: ../include/openssl/crypto.h ../include/openssl/des.h -prime.o: ../include/openssl/des_old.h ../include/openssl/dh.h -prime.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h -prime.o: ../include/openssl/engine.h ../include/openssl/err.h -prime.o: ../include/openssl/evp.h ../include/openssl/idea.h -prime.o: ../include/openssl/lhash.h ../include/openssl/md2.h -prime.o: ../include/openssl/md4.h ../include/openssl/md5.h -prime.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h -prime.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h -prime.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h -prime.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h -prime.o: ../include/openssl/rc2.h ../include/openssl/rc4.h -prime.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h -prime.o: ../include/openssl/rsa.h ../include/openssl/safestack.h -prime.o: ../include/openssl/sha.h ../include/openssl/stack.h -prime.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h -prime.o: ../include/openssl/ui.h ../include/openssl/ui_compat.h -prime.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h apps.h prime.c -rand.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h -rand.o: ../include/openssl/bio.h ../include/openssl/blowfish.h -rand.o: ../include/openssl/bn.h ../include/openssl/buffer.h -rand.o: ../include/openssl/cast.h ../include/openssl/conf.h -rand.o: ../include/openssl/crypto.h ../include/openssl/des.h -rand.o: ../include/openssl/des_old.h ../include/openssl/dh.h -rand.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h -rand.o: ../include/openssl/engine.h ../include/openssl/err.h -rand.o: ../include/openssl/evp.h ../include/openssl/idea.h -rand.o: ../include/openssl/lhash.h ../include/openssl/md2.h -rand.o: ../include/openssl/md4.h ../include/openssl/md5.h -rand.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h -rand.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h -rand.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h -rand.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h -rand.o: ../include/openssl/rc2.h ../include/openssl/rc4.h -rand.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h -rand.o: ../include/openssl/rsa.h ../include/openssl/safestack.h +prime.o: ../include/openssl/conf.h ../include/openssl/crypto.h +prime.o: ../include/openssl/e_os2.h ../include/openssl/ec.h +prime.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h +prime.o: ../include/openssl/engine.h ../include/openssl/evp.h +prime.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h +prime.o: ../include/openssl/objects.h ../include/openssl/ocsp.h +prime.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h +prime.o: ../include/openssl/ossl_typ.h ../include/openssl/pkcs7.h +prime.o: ../include/openssl/safestack.h ../include/openssl/sha.h +prime.o: ../include/openssl/stack.h ../include/openssl/symhacks.h +prime.o: ../include/openssl/txt_db.h ../include/openssl/x509.h +prime.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h +prime.o: prime.c +rand.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h +rand.o: ../include/openssl/buffer.h ../include/openssl/conf.h +rand.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h +rand.o: ../include/openssl/ec.h ../include/openssl/ecdh.h +rand.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h +rand.o: ../include/openssl/err.h ../include/openssl/evp.h +rand.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h +rand.o: ../include/openssl/objects.h ../include/openssl/ocsp.h +rand.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h +rand.o: ../include/openssl/ossl_typ.h ../include/openssl/pkcs7.h +rand.o: ../include/openssl/rand.h ../include/openssl/safestack.h rand.o: ../include/openssl/sha.h ../include/openssl/stack.h rand.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h -rand.o: ../include/openssl/ui.h ../include/openssl/ui_compat.h -rand.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h apps.h rand.c -req.o: ../crypto/cryptlib.h ../e_os.h ../include/openssl/aes.h -req.o: ../include/openssl/asn1.h ../include/openssl/bio.h -req.o: ../include/openssl/blowfish.h ../include/openssl/bn.h -req.o: ../include/openssl/buffer.h ../include/openssl/cast.h +rand.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h +rand.o: ../include/openssl/x509v3.h apps.h rand.c +req.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h +req.o: ../include/openssl/bn.h ../include/openssl/buffer.h req.o: ../include/openssl/conf.h ../include/openssl/crypto.h -req.o: ../include/openssl/des.h ../include/openssl/des_old.h req.o: ../include/openssl/dh.h ../include/openssl/dsa.h -req.o: ../include/openssl/e_os2.h ../include/openssl/engine.h -req.o: ../include/openssl/err.h ../include/openssl/evp.h -req.o: ../include/openssl/idea.h ../include/openssl/lhash.h -req.o: ../include/openssl/md2.h ../include/openssl/md4.h -req.o: ../include/openssl/md5.h ../include/openssl/mdc2.h +req.o: ../include/openssl/e_os2.h ../include/openssl/ec.h +req.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h +req.o: ../include/openssl/engine.h ../include/openssl/err.h +req.o: ../include/openssl/evp.h ../include/openssl/lhash.h req.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h -req.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h -req.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h -req.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h -req.o: ../include/openssl/rand.h ../include/openssl/rc2.h -req.o: ../include/openssl/rc4.h ../include/openssl/rc5.h -req.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h -req.o: ../include/openssl/safestack.h ../include/openssl/sha.h -req.o: ../include/openssl/stack.h ../include/openssl/symhacks.h +req.o: ../include/openssl/ocsp.h ../include/openssl/opensslconf.h +req.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h +req.o: ../include/openssl/pem.h ../include/openssl/pem2.h +req.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h +req.o: ../include/openssl/rsa.h ../include/openssl/safestack.h +req.o: ../include/openssl/sha.h ../include/openssl/stack.h +req.o: ../include/openssl/store.h ../include/openssl/symhacks.h req.o: ../include/openssl/txt_db.h ../include/openssl/ui.h -req.o: ../include/openssl/ui_compat.h ../include/openssl/x509.h -req.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h req.c -rsa.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h -rsa.o: ../include/openssl/bio.h ../include/openssl/blowfish.h +req.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h +req.o: ../include/openssl/x509v3.h apps.h req.c +rsa.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h rsa.o: ../include/openssl/bn.h ../include/openssl/buffer.h -rsa.o: ../include/openssl/cast.h ../include/openssl/conf.h -rsa.o: ../include/openssl/crypto.h ../include/openssl/des.h -rsa.o: ../include/openssl/des_old.h ../include/openssl/dh.h -rsa.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h +rsa.o: ../include/openssl/conf.h ../include/openssl/crypto.h +rsa.o: ../include/openssl/e_os2.h ../include/openssl/ec.h +rsa.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h rsa.o: ../include/openssl/engine.h ../include/openssl/err.h -rsa.o: ../include/openssl/evp.h ../include/openssl/idea.h -rsa.o: ../include/openssl/lhash.h ../include/openssl/md2.h -rsa.o: ../include/openssl/md4.h ../include/openssl/md5.h -rsa.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h -rsa.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h +rsa.o: ../include/openssl/evp.h ../include/openssl/lhash.h +rsa.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h +rsa.o: ../include/openssl/ocsp.h ../include/openssl/opensslconf.h rsa.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h rsa.o: ../include/openssl/pem.h ../include/openssl/pem2.h -rsa.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h -rsa.o: ../include/openssl/rc2.h ../include/openssl/rc4.h -rsa.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h -rsa.o: ../include/openssl/rsa.h ../include/openssl/safestack.h -rsa.o: ../include/openssl/sha.h ../include/openssl/stack.h -rsa.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h -rsa.o: ../include/openssl/ui.h ../include/openssl/ui_compat.h -rsa.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h apps.h rsa.c -rsautl.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h -rsautl.o: ../include/openssl/bio.h ../include/openssl/blowfish.h -rsautl.o: ../include/openssl/bn.h ../include/openssl/buffer.h -rsautl.o: ../include/openssl/cast.h ../include/openssl/conf.h -rsautl.o: ../include/openssl/crypto.h ../include/openssl/des.h -rsautl.o: ../include/openssl/des_old.h ../include/openssl/dh.h -rsautl.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h -rsautl.o: ../include/openssl/engine.h ../include/openssl/err.h -rsautl.o: ../include/openssl/evp.h ../include/openssl/idea.h -rsautl.o: ../include/openssl/lhash.h ../include/openssl/md2.h -rsautl.o: ../include/openssl/md4.h ../include/openssl/md5.h -rsautl.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h -rsautl.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h -rsautl.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h -rsautl.o: ../include/openssl/pem.h ../include/openssl/pem2.h -rsautl.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h -rsautl.o: ../include/openssl/rc2.h ../include/openssl/rc4.h -rsautl.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h +rsa.o: ../include/openssl/pkcs7.h ../include/openssl/rsa.h +rsa.o: ../include/openssl/safestack.h ../include/openssl/sha.h +rsa.o: ../include/openssl/stack.h ../include/openssl/symhacks.h +rsa.o: ../include/openssl/txt_db.h ../include/openssl/x509.h +rsa.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h rsa.c +rsautl.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h +rsautl.o: ../include/openssl/buffer.h ../include/openssl/conf.h +rsautl.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h +rsautl.o: ../include/openssl/ec.h ../include/openssl/ecdh.h +rsautl.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h +rsautl.o: ../include/openssl/err.h ../include/openssl/evp.h +rsautl.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h +rsautl.o: ../include/openssl/objects.h ../include/openssl/ocsp.h +rsautl.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h +rsautl.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h +rsautl.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h rsautl.o: ../include/openssl/rsa.h ../include/openssl/safestack.h rsautl.o: ../include/openssl/sha.h ../include/openssl/stack.h rsautl.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h -rsautl.o: ../include/openssl/ui.h ../include/openssl/ui_compat.h -rsautl.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h apps.h -rsautl.o: rsautl.c -s_cb.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h -s_cb.o: ../include/openssl/bio.h ../include/openssl/blowfish.h +rsautl.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h +rsautl.o: ../include/openssl/x509v3.h apps.h rsautl.c +s_cb.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h s_cb.o: ../include/openssl/bn.h ../include/openssl/buffer.h -s_cb.o: ../include/openssl/cast.h ../include/openssl/comp.h -s_cb.o: ../include/openssl/conf.h ../include/openssl/crypto.h -s_cb.o: ../include/openssl/des.h ../include/openssl/des_old.h -s_cb.o: ../include/openssl/dh.h ../include/openssl/dsa.h -s_cb.o: ../include/openssl/e_os2.h ../include/openssl/engine.h -s_cb.o: ../include/openssl/err.h ../include/openssl/evp.h -s_cb.o: ../include/openssl/idea.h ../include/openssl/kssl.h -s_cb.o: ../include/openssl/lhash.h ../include/openssl/md2.h -s_cb.o: ../include/openssl/md4.h ../include/openssl/md5.h -s_cb.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h -s_cb.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h -s_cb.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h -s_cb.o: ../include/openssl/pem.h ../include/openssl/pem2.h -s_cb.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h -s_cb.o: ../include/openssl/rc2.h ../include/openssl/rc4.h -s_cb.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h -s_cb.o: ../include/openssl/rsa.h ../include/openssl/safestack.h -s_cb.o: ../include/openssl/sha.h ../include/openssl/ssl.h -s_cb.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h -s_cb.o: ../include/openssl/ssl3.h ../include/openssl/stack.h -s_cb.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h -s_cb.o: ../include/openssl/txt_db.h ../include/openssl/ui.h -s_cb.o: ../include/openssl/ui_compat.h ../include/openssl/x509.h -s_cb.o: ../include/openssl/x509_vfy.h apps.h s_apps.h s_cb.c -s_client.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h -s_client.o: ../include/openssl/bio.h ../include/openssl/blowfish.h +s_cb.o: ../include/openssl/comp.h ../include/openssl/conf.h +s_cb.o: ../include/openssl/crypto.h ../include/openssl/dtls1.h +s_cb.o: ../include/openssl/e_os2.h ../include/openssl/ec.h +s_cb.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h +s_cb.o: ../include/openssl/engine.h ../include/openssl/err.h +s_cb.o: ../include/openssl/evp.h ../include/openssl/kssl.h +s_cb.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h +s_cb.o: ../include/openssl/objects.h ../include/openssl/ocsp.h +s_cb.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h +s_cb.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h +s_cb.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h +s_cb.o: ../include/openssl/pq_compat.h ../include/openssl/pqueue.h +s_cb.o: ../include/openssl/safestack.h ../include/openssl/sha.h +s_cb.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h +s_cb.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h +s_cb.o: ../include/openssl/stack.h ../include/openssl/symhacks.h +s_cb.o: ../include/openssl/tls1.h ../include/openssl/txt_db.h +s_cb.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h +s_cb.o: ../include/openssl/x509v3.h apps.h s_apps.h s_cb.c +s_client.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h s_client.o: ../include/openssl/bn.h ../include/openssl/buffer.h -s_client.o: ../include/openssl/cast.h ../include/openssl/comp.h -s_client.o: ../include/openssl/conf.h ../include/openssl/crypto.h -s_client.o: ../include/openssl/des.h ../include/openssl/des_old.h -s_client.o: ../include/openssl/dh.h ../include/openssl/dsa.h -s_client.o: ../include/openssl/e_os2.h ../include/openssl/engine.h -s_client.o: ../include/openssl/err.h ../include/openssl/evp.h -s_client.o: ../include/openssl/idea.h ../include/openssl/kssl.h -s_client.o: ../include/openssl/lhash.h ../include/openssl/md2.h -s_client.o: ../include/openssl/md4.h ../include/openssl/md5.h -s_client.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h -s_client.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h -s_client.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h -s_client.o: ../include/openssl/pem.h ../include/openssl/pem2.h -s_client.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h -s_client.o: ../include/openssl/rc2.h ../include/openssl/rc4.h -s_client.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h -s_client.o: ../include/openssl/rsa.h ../include/openssl/safestack.h +s_client.o: ../include/openssl/comp.h ../include/openssl/conf.h +s_client.o: ../include/openssl/crypto.h ../include/openssl/dtls1.h +s_client.o: ../include/openssl/e_os2.h ../include/openssl/ec.h +s_client.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h +s_client.o: ../include/openssl/engine.h ../include/openssl/err.h +s_client.o: ../include/openssl/evp.h ../include/openssl/kssl.h +s_client.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h +s_client.o: ../include/openssl/objects.h ../include/openssl/ocsp.h +s_client.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h +s_client.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h +s_client.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h +s_client.o: ../include/openssl/pq_compat.h ../include/openssl/pqueue.h +s_client.o: ../include/openssl/rand.h ../include/openssl/safestack.h s_client.o: ../include/openssl/sha.h ../include/openssl/ssl.h s_client.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h s_client.o: ../include/openssl/ssl3.h ../include/openssl/stack.h s_client.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h -s_client.o: ../include/openssl/txt_db.h ../include/openssl/ui.h -s_client.o: ../include/openssl/ui_compat.h ../include/openssl/x509.h -s_client.o: ../include/openssl/x509_vfy.h apps.h s_apps.h s_client.c -s_server.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h -s_server.o: ../include/openssl/bio.h ../include/openssl/blowfish.h +s_client.o: ../include/openssl/txt_db.h ../include/openssl/x509.h +s_client.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h +s_client.o: s_apps.h s_client.c timeouts.h +s_server.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h s_server.o: ../include/openssl/bn.h ../include/openssl/buffer.h -s_server.o: ../include/openssl/cast.h ../include/openssl/comp.h -s_server.o: ../include/openssl/conf.h ../include/openssl/crypto.h -s_server.o: ../include/openssl/des.h ../include/openssl/des_old.h -s_server.o: ../include/openssl/dh.h ../include/openssl/dsa.h -s_server.o: ../include/openssl/e_os2.h ../include/openssl/engine.h -s_server.o: ../include/openssl/err.h ../include/openssl/evp.h -s_server.o: ../include/openssl/idea.h ../include/openssl/kssl.h -s_server.o: ../include/openssl/lhash.h ../include/openssl/md2.h -s_server.o: ../include/openssl/md4.h ../include/openssl/md5.h -s_server.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h -s_server.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h -s_server.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h -s_server.o: ../include/openssl/pem.h ../include/openssl/pem2.h -s_server.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h -s_server.o: ../include/openssl/rc2.h ../include/openssl/rc4.h -s_server.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h -s_server.o: ../include/openssl/rsa.h ../include/openssl/safestack.h -s_server.o: ../include/openssl/sha.h ../include/openssl/ssl.h -s_server.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h -s_server.o: ../include/openssl/ssl3.h ../include/openssl/stack.h +s_server.o: ../include/openssl/comp.h ../include/openssl/conf.h +s_server.o: ../include/openssl/crypto.h ../include/openssl/dh.h +s_server.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h +s_server.o: ../include/openssl/e_os2.h ../include/openssl/ec.h +s_server.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h +s_server.o: ../include/openssl/engine.h ../include/openssl/err.h +s_server.o: ../include/openssl/evp.h ../include/openssl/kssl.h +s_server.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h +s_server.o: ../include/openssl/objects.h ../include/openssl/ocsp.h +s_server.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h +s_server.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h +s_server.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h +s_server.o: ../include/openssl/pq_compat.h ../include/openssl/pqueue.h +s_server.o: ../include/openssl/rand.h ../include/openssl/rsa.h +s_server.o: ../include/openssl/safestack.h ../include/openssl/sha.h +s_server.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h +s_server.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h +s_server.o: ../include/openssl/stack.h ../include/openssl/store.h s_server.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h s_server.o: ../include/openssl/txt_db.h ../include/openssl/ui.h -s_server.o: ../include/openssl/ui_compat.h ../include/openssl/x509.h -s_server.o: ../include/openssl/x509_vfy.h apps.h s_apps.h s_server.c -s_socket.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h -s_socket.o: ../include/openssl/bio.h ../include/openssl/blowfish.h +s_server.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h +s_server.o: ../include/openssl/x509v3.h apps.h s_apps.h s_server.c timeouts.h +s_socket.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h s_socket.o: ../include/openssl/bn.h ../include/openssl/buffer.h -s_socket.o: ../include/openssl/cast.h ../include/openssl/comp.h -s_socket.o: ../include/openssl/conf.h ../include/openssl/crypto.h -s_socket.o: ../include/openssl/des.h ../include/openssl/des_old.h -s_socket.o: ../include/openssl/dh.h ../include/openssl/dsa.h -s_socket.o: ../include/openssl/e_os2.h ../include/openssl/engine.h -s_socket.o: ../include/openssl/err.h ../include/openssl/evp.h -s_socket.o: ../include/openssl/idea.h ../include/openssl/kssl.h -s_socket.o: ../include/openssl/lhash.h ../include/openssl/md2.h -s_socket.o: ../include/openssl/md4.h ../include/openssl/md5.h -s_socket.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h -s_socket.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h +s_socket.o: ../include/openssl/comp.h ../include/openssl/conf.h +s_socket.o: ../include/openssl/crypto.h ../include/openssl/dtls1.h +s_socket.o: ../include/openssl/e_os2.h ../include/openssl/ec.h +s_socket.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h +s_socket.o: ../include/openssl/engine.h ../include/openssl/evp.h +s_socket.o: ../include/openssl/kssl.h ../include/openssl/lhash.h +s_socket.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h +s_socket.o: ../include/openssl/ocsp.h ../include/openssl/opensslconf.h s_socket.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h s_socket.o: ../include/openssl/pem.h ../include/openssl/pem2.h -s_socket.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h -s_socket.o: ../include/openssl/rc2.h ../include/openssl/rc4.h -s_socket.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h -s_socket.o: ../include/openssl/rsa.h ../include/openssl/safestack.h +s_socket.o: ../include/openssl/pkcs7.h ../include/openssl/pq_compat.h +s_socket.o: ../include/openssl/pqueue.h ../include/openssl/safestack.h s_socket.o: ../include/openssl/sha.h ../include/openssl/ssl.h s_socket.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h s_socket.o: ../include/openssl/ssl3.h ../include/openssl/stack.h s_socket.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h -s_socket.o: ../include/openssl/txt_db.h ../include/openssl/ui.h -s_socket.o: ../include/openssl/ui_compat.h ../include/openssl/x509.h -s_socket.o: ../include/openssl/x509_vfy.h apps.h s_apps.h s_socket.c -s_time.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h -s_time.o: ../include/openssl/bio.h ../include/openssl/blowfish.h +s_socket.o: ../include/openssl/txt_db.h ../include/openssl/x509.h +s_socket.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h +s_socket.o: s_apps.h s_socket.c +s_time.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h s_time.o: ../include/openssl/bn.h ../include/openssl/buffer.h -s_time.o: ../include/openssl/cast.h ../include/openssl/comp.h -s_time.o: ../include/openssl/conf.h ../include/openssl/crypto.h -s_time.o: ../include/openssl/des.h ../include/openssl/des_old.h -s_time.o: ../include/openssl/dh.h ../include/openssl/dsa.h -s_time.o: ../include/openssl/e_os2.h ../include/openssl/engine.h -s_time.o: ../include/openssl/err.h ../include/openssl/evp.h -s_time.o: ../include/openssl/idea.h ../include/openssl/kssl.h -s_time.o: ../include/openssl/lhash.h ../include/openssl/md2.h -s_time.o: ../include/openssl/md4.h ../include/openssl/md5.h -s_time.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h -s_time.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h -s_time.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h -s_time.o: ../include/openssl/pem.h ../include/openssl/pem2.h -s_time.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h -s_time.o: ../include/openssl/rc2.h ../include/openssl/rc4.h -s_time.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h -s_time.o: ../include/openssl/rsa.h ../include/openssl/safestack.h -s_time.o: ../include/openssl/sha.h ../include/openssl/ssl.h -s_time.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h -s_time.o: ../include/openssl/ssl3.h ../include/openssl/stack.h -s_time.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h -s_time.o: ../include/openssl/txt_db.h ../include/openssl/ui.h -s_time.o: ../include/openssl/ui_compat.h ../include/openssl/x509.h -s_time.o: ../include/openssl/x509_vfy.h apps.h s_apps.h s_time.c -sess_id.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h -sess_id.o: ../include/openssl/bio.h ../include/openssl/blowfish.h +s_time.o: ../include/openssl/comp.h ../include/openssl/conf.h +s_time.o: ../include/openssl/crypto.h ../include/openssl/dtls1.h +s_time.o: ../include/openssl/e_os2.h ../include/openssl/ec.h +s_time.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h +s_time.o: ../include/openssl/engine.h ../include/openssl/err.h +s_time.o: ../include/openssl/evp.h ../include/openssl/kssl.h +s_time.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h +s_time.o: ../include/openssl/objects.h ../include/openssl/ocsp.h +s_time.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h +s_time.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h +s_time.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h +s_time.o: ../include/openssl/pq_compat.h ../include/openssl/pqueue.h +s_time.o: ../include/openssl/safestack.h ../include/openssl/sha.h +s_time.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h +s_time.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h +s_time.o: ../include/openssl/stack.h ../include/openssl/symhacks.h +s_time.o: ../include/openssl/tls1.h ../include/openssl/txt_db.h +s_time.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h +s_time.o: ../include/openssl/x509v3.h apps.h s_apps.h s_time.c +sess_id.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h sess_id.o: ../include/openssl/bn.h ../include/openssl/buffer.h -sess_id.o: ../include/openssl/cast.h ../include/openssl/comp.h -sess_id.o: ../include/openssl/conf.h ../include/openssl/crypto.h -sess_id.o: ../include/openssl/des.h ../include/openssl/des_old.h -sess_id.o: ../include/openssl/dh.h ../include/openssl/dsa.h -sess_id.o: ../include/openssl/e_os2.h ../include/openssl/engine.h -sess_id.o: ../include/openssl/err.h ../include/openssl/evp.h -sess_id.o: ../include/openssl/idea.h ../include/openssl/kssl.h -sess_id.o: ../include/openssl/lhash.h ../include/openssl/md2.h -sess_id.o: ../include/openssl/md4.h ../include/openssl/md5.h -sess_id.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h -sess_id.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h -sess_id.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h -sess_id.o: ../include/openssl/pem.h ../include/openssl/pem2.h -sess_id.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h -sess_id.o: ../include/openssl/rc2.h ../include/openssl/rc4.h -sess_id.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h -sess_id.o: ../include/openssl/rsa.h ../include/openssl/safestack.h -sess_id.o: ../include/openssl/sha.h ../include/openssl/ssl.h -sess_id.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h -sess_id.o: ../include/openssl/ssl3.h ../include/openssl/stack.h -sess_id.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h -sess_id.o: ../include/openssl/txt_db.h ../include/openssl/ui.h -sess_id.o: ../include/openssl/ui_compat.h ../include/openssl/x509.h -sess_id.o: ../include/openssl/x509_vfy.h apps.h sess_id.c -smime.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h -smime.o: ../include/openssl/bio.h ../include/openssl/blowfish.h -smime.o: ../include/openssl/bn.h ../include/openssl/buffer.h -smime.o: ../include/openssl/cast.h ../include/openssl/conf.h -smime.o: ../include/openssl/crypto.h ../include/openssl/des.h -smime.o: ../include/openssl/des_old.h ../include/openssl/dh.h -smime.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h -smime.o: ../include/openssl/engine.h ../include/openssl/err.h -smime.o: ../include/openssl/evp.h ../include/openssl/idea.h -smime.o: ../include/openssl/lhash.h ../include/openssl/md2.h -smime.o: ../include/openssl/md4.h ../include/openssl/md5.h -smime.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h -smime.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h -smime.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h -smime.o: ../include/openssl/pem.h ../include/openssl/pem2.h -smime.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h -smime.o: ../include/openssl/rc2.h ../include/openssl/rc4.h -smime.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h -smime.o: ../include/openssl/rsa.h ../include/openssl/safestack.h -smime.o: ../include/openssl/sha.h ../include/openssl/stack.h -smime.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h -smime.o: ../include/openssl/ui.h ../include/openssl/ui_compat.h -smime.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h apps.h smime.c +sess_id.o: ../include/openssl/comp.h ../include/openssl/conf.h +sess_id.o: ../include/openssl/crypto.h ../include/openssl/dtls1.h +sess_id.o: ../include/openssl/e_os2.h ../include/openssl/ec.h +sess_id.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h +sess_id.o: ../include/openssl/engine.h ../include/openssl/err.h +sess_id.o: ../include/openssl/evp.h ../include/openssl/kssl.h +sess_id.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h +sess_id.o: ../include/openssl/objects.h ../include/openssl/ocsp.h +sess_id.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h +sess_id.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h +sess_id.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h +sess_id.o: ../include/openssl/pq_compat.h ../include/openssl/pqueue.h +sess_id.o: ../include/openssl/safestack.h ../include/openssl/sha.h +sess_id.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h +sess_id.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h +sess_id.o: ../include/openssl/stack.h ../include/openssl/symhacks.h +sess_id.o: ../include/openssl/tls1.h ../include/openssl/txt_db.h +sess_id.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h +sess_id.o: ../include/openssl/x509v3.h apps.h sess_id.c +smime.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h +smime.o: ../include/openssl/buffer.h ../include/openssl/conf.h +smime.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h +smime.o: ../include/openssl/ec.h ../include/openssl/ecdh.h +smime.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h +smime.o: ../include/openssl/err.h ../include/openssl/evp.h +smime.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h +smime.o: ../include/openssl/objects.h ../include/openssl/ocsp.h +smime.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h +smime.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h +smime.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h +smime.o: ../include/openssl/safestack.h ../include/openssl/sha.h +smime.o: ../include/openssl/stack.h ../include/openssl/symhacks.h +smime.o: ../include/openssl/txt_db.h ../include/openssl/x509.h +smime.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h +smime.o: smime.c speed.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h speed.o: ../include/openssl/bio.h ../include/openssl/blowfish.h speed.o: ../include/openssl/bn.h ../include/openssl/buffer.h speed.o: ../include/openssl/cast.h ../include/openssl/conf.h speed.o: ../include/openssl/crypto.h ../include/openssl/des.h -speed.o: ../include/openssl/des_old.h ../include/openssl/dh.h -speed.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h +speed.o: ../include/openssl/des_old.h ../include/openssl/dsa.h +speed.o: ../include/openssl/e_os2.h ../include/openssl/ec.h +speed.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h speed.o: ../include/openssl/engine.h ../include/openssl/err.h speed.o: ../include/openssl/evp.h ../include/openssl/hmac.h speed.o: ../include/openssl/idea.h ../include/openssl/lhash.h speed.o: ../include/openssl/md2.h ../include/openssl/md4.h -speed.o: ../include/openssl/md5.h ../include/openssl/mdc2.h -speed.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h +speed.o: ../include/openssl/md5.h ../include/openssl/obj_mac.h +speed.o: ../include/openssl/objects.h ../include/openssl/ocsp.h speed.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h speed.o: ../include/openssl/ossl_typ.h ../include/openssl/pkcs7.h speed.o: ../include/openssl/rand.h ../include/openssl/rc2.h -speed.o: ../include/openssl/rc4.h ../include/openssl/rc5.h -speed.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h -speed.o: ../include/openssl/safestack.h ../include/openssl/sha.h -speed.o: ../include/openssl/stack.h ../include/openssl/symhacks.h -speed.o: ../include/openssl/txt_db.h ../include/openssl/ui.h -speed.o: ../include/openssl/ui_compat.h ../include/openssl/x509.h -speed.o: ../include/openssl/x509_vfy.h apps.h speed.c testdsa.h testrsa.h -spkac.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h -spkac.o: ../include/openssl/bio.h ../include/openssl/blowfish.h -spkac.o: ../include/openssl/bn.h ../include/openssl/buffer.h -spkac.o: ../include/openssl/cast.h ../include/openssl/conf.h -spkac.o: ../include/openssl/crypto.h ../include/openssl/des.h -spkac.o: ../include/openssl/des_old.h ../include/openssl/dh.h -spkac.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h -spkac.o: ../include/openssl/engine.h ../include/openssl/err.h -spkac.o: ../include/openssl/evp.h ../include/openssl/idea.h -spkac.o: ../include/openssl/lhash.h ../include/openssl/md2.h -spkac.o: ../include/openssl/md4.h ../include/openssl/md5.h -spkac.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h -spkac.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h -spkac.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h -spkac.o: ../include/openssl/pem.h ../include/openssl/pem2.h -spkac.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h -spkac.o: ../include/openssl/rc2.h ../include/openssl/rc4.h -spkac.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h -spkac.o: ../include/openssl/rsa.h ../include/openssl/safestack.h -spkac.o: ../include/openssl/sha.h ../include/openssl/stack.h -spkac.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h -spkac.o: ../include/openssl/ui.h ../include/openssl/ui_compat.h -spkac.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h apps.h spkac.c -verify.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h -verify.o: ../include/openssl/bio.h ../include/openssl/blowfish.h -verify.o: ../include/openssl/bn.h ../include/openssl/buffer.h -verify.o: ../include/openssl/cast.h ../include/openssl/conf.h -verify.o: ../include/openssl/crypto.h ../include/openssl/des.h -verify.o: ../include/openssl/des_old.h ../include/openssl/dh.h -verify.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h -verify.o: ../include/openssl/engine.h ../include/openssl/err.h -verify.o: ../include/openssl/evp.h ../include/openssl/idea.h -verify.o: ../include/openssl/lhash.h ../include/openssl/md2.h -verify.o: ../include/openssl/md4.h ../include/openssl/md5.h -verify.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h -verify.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h -verify.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h -verify.o: ../include/openssl/pem.h ../include/openssl/pem2.h -verify.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h -verify.o: ../include/openssl/rc2.h ../include/openssl/rc4.h -verify.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h -verify.o: ../include/openssl/rsa.h ../include/openssl/safestack.h -verify.o: ../include/openssl/sha.h ../include/openssl/stack.h -verify.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h -verify.o: ../include/openssl/ui.h ../include/openssl/ui_compat.h -verify.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h -verify.o: ../include/openssl/x509v3.h apps.h verify.c -version.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h -version.o: ../include/openssl/bio.h ../include/openssl/blowfish.h -version.o: ../include/openssl/bn.h ../include/openssl/buffer.h -version.o: ../include/openssl/cast.h ../include/openssl/conf.h +speed.o: ../include/openssl/rc4.h ../include/openssl/ripemd.h +speed.o: ../include/openssl/rsa.h ../include/openssl/safestack.h +speed.o: ../include/openssl/sha.h ../include/openssl/stack.h +speed.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h +speed.o: ../include/openssl/ui.h ../include/openssl/ui_compat.h +speed.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h +speed.o: ../include/openssl/x509v3.h apps.h speed.c testdsa.h testrsa.h +spkac.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h +spkac.o: ../include/openssl/buffer.h ../include/openssl/conf.h +spkac.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h +spkac.o: ../include/openssl/ec.h ../include/openssl/ecdh.h +spkac.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h +spkac.o: ../include/openssl/err.h ../include/openssl/evp.h +spkac.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h +spkac.o: ../include/openssl/objects.h ../include/openssl/ocsp.h +spkac.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h +spkac.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h +spkac.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h +spkac.o: ../include/openssl/safestack.h ../include/openssl/sha.h +spkac.o: ../include/openssl/stack.h ../include/openssl/symhacks.h +spkac.o: ../include/openssl/txt_db.h ../include/openssl/x509.h +spkac.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h +spkac.o: spkac.c +verify.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h +verify.o: ../include/openssl/buffer.h ../include/openssl/conf.h +verify.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h +verify.o: ../include/openssl/ec.h ../include/openssl/ecdh.h +verify.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h +verify.o: ../include/openssl/err.h ../include/openssl/evp.h +verify.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h +verify.o: ../include/openssl/objects.h ../include/openssl/ocsp.h +verify.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h +verify.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h +verify.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h +verify.o: ../include/openssl/safestack.h ../include/openssl/sha.h +verify.o: ../include/openssl/stack.h ../include/openssl/symhacks.h +verify.o: ../include/openssl/txt_db.h ../include/openssl/x509.h +verify.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h +verify.o: verify.c +version.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h +version.o: ../include/openssl/blowfish.h ../include/openssl/bn.h +version.o: ../include/openssl/buffer.h ../include/openssl/conf.h version.o: ../include/openssl/crypto.h ../include/openssl/des.h -version.o: ../include/openssl/des_old.h ../include/openssl/dh.h -version.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h -version.o: ../include/openssl/engine.h ../include/openssl/err.h +version.o: ../include/openssl/des_old.h ../include/openssl/e_os2.h +version.o: ../include/openssl/ec.h ../include/openssl/ecdh.h +version.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h version.o: ../include/openssl/evp.h ../include/openssl/idea.h version.o: ../include/openssl/lhash.h ../include/openssl/md2.h -version.o: ../include/openssl/md4.h ../include/openssl/md5.h -version.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h -version.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h +version.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h +version.o: ../include/openssl/ocsp.h ../include/openssl/opensslconf.h version.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h -version.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h -version.o: ../include/openssl/rc2.h ../include/openssl/rc4.h -version.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h -version.o: ../include/openssl/rsa.h ../include/openssl/safestack.h -version.o: ../include/openssl/sha.h ../include/openssl/stack.h -version.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h -version.o: ../include/openssl/ui.h ../include/openssl/ui_compat.h -version.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h apps.h +version.o: ../include/openssl/pkcs7.h ../include/openssl/rc4.h +version.o: ../include/openssl/safestack.h ../include/openssl/sha.h +version.o: ../include/openssl/stack.h ../include/openssl/symhacks.h +version.o: ../include/openssl/txt_db.h ../include/openssl/ui.h +version.o: ../include/openssl/ui_compat.h ../include/openssl/x509.h +version.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h version.o: version.c -x509.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h -x509.o: ../include/openssl/bio.h ../include/openssl/blowfish.h +x509.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h x509.o: ../include/openssl/bn.h ../include/openssl/buffer.h -x509.o: ../include/openssl/cast.h ../include/openssl/conf.h -x509.o: ../include/openssl/crypto.h ../include/openssl/des.h -x509.o: ../include/openssl/des_old.h ../include/openssl/dh.h +x509.o: ../include/openssl/conf.h ../include/openssl/crypto.h x509.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h -x509.o: ../include/openssl/engine.h ../include/openssl/err.h -x509.o: ../include/openssl/evp.h ../include/openssl/idea.h -x509.o: ../include/openssl/lhash.h ../include/openssl/md2.h -x509.o: ../include/openssl/md4.h ../include/openssl/md5.h -x509.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h -x509.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h -x509.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h -x509.o: ../include/openssl/pem.h ../include/openssl/pem2.h -x509.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h -x509.o: ../include/openssl/rc2.h ../include/openssl/rc4.h -x509.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h +x509.o: ../include/openssl/ec.h ../include/openssl/ecdh.h +x509.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h +x509.o: ../include/openssl/err.h ../include/openssl/evp.h +x509.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h +x509.o: ../include/openssl/objects.h ../include/openssl/ocsp.h +x509.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h +x509.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h +x509.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h x509.o: ../include/openssl/rsa.h ../include/openssl/safestack.h x509.o: ../include/openssl/sha.h ../include/openssl/stack.h x509.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h -x509.o: ../include/openssl/ui.h ../include/openssl/ui_compat.h x509.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h x509.o: ../include/openssl/x509v3.h apps.h x509.c diff --git a/src/lib/libssl/src/apps/apps.c b/src/lib/libssl/src/apps/apps.c index 9b07e913c5..5209caba2e 100644 --- a/src/lib/libssl/src/apps/apps.c +++ b/src/lib/libssl/src/apps/apps.c @@ -125,13 +125,17 @@ #ifndef OPENSSL_NO_ENGINE #include #endif +#ifndef OPENSSL_NO_RSA +#include +#endif +#include #define NON_MAIN #include "apps.h" #undef NON_MAIN typedef struct { - char *name; + const char *name; unsigned long flag; unsigned long mask; } NAME_EX_TBL; @@ -250,7 +254,7 @@ int str2fmt(char *s) return(FORMAT_UNDEF); } -#if defined(OPENSSL_SYS_MSDOS) || defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_WIN16) +#if defined(OPENSSL_SYS_MSDOS) || defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_WIN16) || defined(OPENSSL_SYS_NETWARE) void program_name(char *in, char *out, int size) { int i,n; @@ -269,12 +273,23 @@ void program_name(char *in, char *out, int size) if (p == NULL) p=in; n=strlen(p); + +#if defined(OPENSSL_SYS_NETWARE) + /* strip off trailing .nlm if present. */ + if ((n > 4) && (p[n-4] == '.') && + ((p[n-3] == 'n') || (p[n-3] == 'N')) && + ((p[n-2] == 'l') || (p[n-2] == 'L')) && + ((p[n-1] == 'm') || (p[n-1] == 'M'))) + n-=4; +#else /* strip off trailing .exe if present. */ if ((n > 4) && (p[n-4] == '.') && ((p[n-3] == 'e') || (p[n-3] == 'E')) && ((p[n-2] == 'x') || (p[n-2] == 'X')) && ((p[n-1] == 'e') || (p[n-1] == 'E'))) n-=4; +#endif + if (n > size-1) n=size-1; @@ -761,7 +776,7 @@ X509 *load_cert(BIO *err, const char *file, int format, x=d2i_X509_bio(cert,NULL); else if (format == FORMAT_NETSCAPE) { - unsigned char *p,*op; + const unsigned char *p,*op; int size=0,i; /* We sort of have to do it this way because it is sort of nice @@ -1263,7 +1278,7 @@ static int set_table_opts(unsigned long *flags, const char *arg, const NAME_EX_T return 0; } -void print_name(BIO *out, char *title, X509_NAME *nm, unsigned long lflags) +void print_name(BIO *out, const char *title, X509_NAME *nm, unsigned long lflags) { char *buf; char mline = 0; @@ -1731,23 +1746,10 @@ CA_DB *load_index(char *dbfile, DB_ATTR *db_attr) char *p = NCONF_get_string(dbattr_conf,NULL,"unique_subject"); if (p) { +#ifdef RL_DEBUG BIO_printf(bio_err, "DEBUG[load_index]: unique_subject = \"%s\"\n", p); - switch(*p) - { - case 'f': /* false */ - case 'F': /* FALSE */ - case 'n': /* no */ - case 'N': /* NO */ - retdb->attributes.unique_subject = 0; - break; - case 't': /* true */ - case 'T': /* TRUE */ - case 'y': /* yes */ - case 'Y': /* YES */ - default: - retdb->attributes.unique_subject = 1; - break; - } +#endif + retdb->attributes.unique_subject = parse_yesno(p,1); } } @@ -1782,7 +1784,7 @@ int index_index(CA_DB *db) return 1; } -int save_index(char *dbfile, char *suffix, CA_DB *db) +int save_index(const char *dbfile, const char *suffix, CA_DB *db) { char buf[3][BSIZE]; BIO *out = BIO_new(BIO_s_file()); @@ -1849,7 +1851,7 @@ int save_index(char *dbfile, char *suffix, CA_DB *db) return 0; } -int rotate_index(char *dbfile, char *new_suffix, char *old_suffix) +int rotate_index(const char *dbfile, const char *new_suffix, const char *old_suffix) { char buf[5][BSIZE]; int i,j; @@ -1989,9 +1991,174 @@ void free_index(CA_DB *db) } } +int parse_yesno(const char *str, int def) + { + int ret = def; + if (str) + { + switch (*str) + { + case 'f': /* false */ + case 'F': /* FALSE */ + case 'n': /* no */ + case 'N': /* NO */ + case '0': /* 0 */ + ret = 0; + break; + case 't': /* true */ + case 'T': /* TRUE */ + case 'y': /* yes */ + case 'Y': /* YES */ + case '1': /* 1 */ + ret = 1; + break; + default: + ret = def; + break; + } + } + return ret; + } + +/* + * subject is expected to be in the format /type0=value0/type1=value1/type2=... + * where characters may be escaped by \ + */ +X509_NAME *parse_name(char *subject, long chtype, int multirdn) + { + size_t buflen = strlen(subject)+1; /* to copy the types and values into. due to escaping, the copy can only become shorter */ + char *buf = OPENSSL_malloc(buflen); + size_t max_ne = buflen / 2 + 1; /* maximum number of name elements */ + char **ne_types = OPENSSL_malloc(max_ne * sizeof (char *)); + char **ne_values = OPENSSL_malloc(max_ne * sizeof (char *)); + int *mval = OPENSSL_malloc (max_ne * sizeof (int)); + + char *sp = subject, *bp = buf; + int i, ne_num = 0; + + X509_NAME *n = NULL; + int nid; + + if (!buf || !ne_types || !ne_values) + { + BIO_printf(bio_err, "malloc error\n"); + goto error; + } + + if (*subject != '/') + { + BIO_printf(bio_err, "Subject does not start with '/'.\n"); + goto error; + } + sp++; /* skip leading / */ + + /* no multivalued RDN by default */ + mval[ne_num] = 0; + + while (*sp) + { + /* collect type */ + ne_types[ne_num] = bp; + while (*sp) + { + if (*sp == '\\') /* is there anything to escape in the type...? */ + { + if (*++sp) + *bp++ = *sp++; + else + { + BIO_printf(bio_err, "escape character at end of string\n"); + goto error; + } + } + else if (*sp == '=') + { + sp++; + *bp++ = '\0'; + break; + } + else + *bp++ = *sp++; + } + if (!*sp) + { + BIO_printf(bio_err, "end of string encountered while processing type of subject name element #%d\n", ne_num); + goto error; + } + ne_values[ne_num] = bp; + while (*sp) + { + if (*sp == '\\') + { + if (*++sp) + *bp++ = *sp++; + else + { + BIO_printf(bio_err, "escape character at end of string\n"); + goto error; + } + } + else if (*sp == '/') + { + sp++; + /* no multivalued RDN by default */ + mval[ne_num+1] = 0; + break; + } + else if (*sp == '+' && multirdn) + { + /* a not escaped + signals a mutlivalued RDN */ + sp++; + mval[ne_num+1] = -1; + break; + } + else + *bp++ = *sp++; + } + *bp++ = '\0'; + ne_num++; + } + + if (!(n = X509_NAME_new())) + goto error; + + for (i = 0; i < ne_num; i++) + { + if ((nid=OBJ_txt2nid(ne_types[i])) == NID_undef) + { + BIO_printf(bio_err, "Subject Attribute %s has no known NID, skipped\n", ne_types[i]); + continue; + } + + if (!*ne_values[i]) + { + BIO_printf(bio_err, "No value provided for Subject Attribute %s, skipped\n", ne_types[i]); + continue; + } + + if (!X509_NAME_add_entry_by_NID(n, nid, chtype, (unsigned char*)ne_values[i], -1,-1,mval[i])) + goto error; + } + + OPENSSL_free(ne_values); + OPENSSL_free(ne_types); + OPENSSL_free(buf); + return n; + +error: + X509_NAME_free(n); + if (ne_values) + OPENSSL_free(ne_values); + if (ne_types) + OPENSSL_free(ne_types); + if (buf) + OPENSSL_free(buf); + return NULL; +} + /* This code MUST COME AFTER anything that uses rename() */ #ifdef OPENSSL_SYS_WIN32 -int WIN32_rename(char *from, char *to) +int WIN32_rename(const char *from, const char *to) { #ifndef OPENSSL_SYS_WINCE /* Windows rename gives an error if 'to' exists, so delete it @@ -2027,3 +2194,142 @@ int WIN32_rename(char *from, char *to) #endif } #endif + +int args_verify(char ***pargs, int *pargc, + int *badarg, BIO *err, X509_VERIFY_PARAM **pm) + { + ASN1_OBJECT *otmp = NULL; + unsigned long flags = 0; + int i; + int purpose = 0; + char **oldargs = *pargs; + char *arg = **pargs, *argn = (*pargs)[1]; + if (!strcmp(arg, "-policy")) + { + if (!argn) + *badarg = 1; + else + { + otmp = OBJ_txt2obj(argn, 0); + if (!otmp) + { + BIO_printf(err, "Invalid Policy \"%s\"\n", + argn); + *badarg = 1; + } + } + (*pargs)++; + } + else if (strcmp(arg,"-purpose") == 0) + { + X509_PURPOSE *xptmp; + if (!argn) + *badarg = 1; + else + { + i = X509_PURPOSE_get_by_sname(argn); + if(i < 0) + { + BIO_printf(err, "unrecognized purpose\n"); + *badarg = 1; + } + else + { + xptmp = X509_PURPOSE_get0(i); + purpose = X509_PURPOSE_get_id(xptmp); + } + } + (*pargs)++; + } + else if (!strcmp(arg, "-ignore_critical")) + flags |= X509_V_FLAG_IGNORE_CRITICAL; + else if (!strcmp(arg, "-issuer_checks")) + flags |= X509_V_FLAG_CB_ISSUER_CHECK; + else if (!strcmp(arg, "-crl_check")) + flags |= X509_V_FLAG_CRL_CHECK; + else if (!strcmp(arg, "-crl_check_all")) + flags |= X509_V_FLAG_CRL_CHECK|X509_V_FLAG_CRL_CHECK_ALL; + else if (!strcmp(arg, "-policy_check")) + flags |= X509_V_FLAG_POLICY_CHECK; + else if (!strcmp(arg, "-explicit_policy")) + flags |= X509_V_FLAG_EXPLICIT_POLICY; + else if (!strcmp(arg, "-x509_strict")) + flags |= X509_V_FLAG_X509_STRICT; + else if (!strcmp(arg, "-policy_print")) + flags |= X509_V_FLAG_NOTIFY_POLICY; + else + return 0; + + if (*badarg) + { + if (*pm) + X509_VERIFY_PARAM_free(*pm); + *pm = NULL; + goto end; + } + + if (!*pm && !(*pm = X509_VERIFY_PARAM_new())) + { + *badarg = 1; + goto end; + } + + if (otmp) + X509_VERIFY_PARAM_add0_policy(*pm, otmp); + if (flags) + X509_VERIFY_PARAM_set_flags(*pm, flags); + + if (purpose) + X509_VERIFY_PARAM_set_purpose(*pm, purpose); + + end: + + (*pargs)++; + + if (pargc) + *pargc -= *pargs - oldargs; + + return 1; + + } + +static void nodes_print(BIO *out, const char *name, + STACK_OF(X509_POLICY_NODE) *nodes) + { + X509_POLICY_NODE *node; + int i; + BIO_printf(out, "%s Policies:", name); + if (nodes) + { + BIO_puts(out, "\n"); + for (i = 0; i < sk_X509_POLICY_NODE_num(nodes); i++) + { + node = sk_X509_POLICY_NODE_value(nodes, i); + X509_POLICY_NODE_print(out, node, 2); + } + } + else + BIO_puts(out, " \n"); + } + +void policies_print(BIO *out, X509_STORE_CTX *ctx) + { + X509_POLICY_TREE *tree; + int explicit_policy; + int free_out = 0; + if (out == NULL) + { + out = BIO_new_fp(stderr, BIO_NOCLOSE); + free_out = 1; + } + tree = X509_STORE_CTX_get0_policy_tree(ctx); + explicit_policy = X509_STORE_CTX_get_explicit_policy(ctx); + + BIO_printf(out, "Require explicit Policy: %s\n", + explicit_policy ? "True" : "False"); + + nodes_print(out, "Authority", X509_policy_tree_get0_policies(tree)); + nodes_print(out, "User", X509_policy_tree_get0_user_policies(tree)); + if (free_out) + BIO_free(out); + } diff --git a/src/lib/libssl/src/apps/apps.h b/src/lib/libssl/src/apps/apps.h index 4320410dad..0df170813a 100644 --- a/src/lib/libssl/src/apps/apps.h +++ b/src/lib/libssl/src/apps/apps.h @@ -114,9 +114,7 @@ #include "e_os.h" -#include #include -#include #include #include #include @@ -124,6 +122,9 @@ #ifndef OPENSSL_NO_ENGINE #include #endif +#ifndef OPENSSL_NO_OCSP +#include +#endif #include int app_RAND_load_file(const char *file, BIO *bio_e, int dont_warn); @@ -138,7 +139,7 @@ long app_RAND_load_files(char *file); /* `file' is a list of files to read, #ifdef OPENSSL_SYS_WIN32 #define rename(from,to) WIN32_rename((from),(to)) -int WIN32_rename(char *oldname,char *newname); +int WIN32_rename(const char *oldname,const char *newname); #endif #ifndef MONOLITH @@ -148,11 +149,9 @@ int WIN32_rename(char *oldname,char *newname); #ifndef NON_MAIN CONF *config=NULL; BIO *bio_err=NULL; -int in_FIPS_mode=0; #else extern CONF *config; extern BIO *bio_err; -extern int in_FIPS_mode; #endif #else @@ -161,11 +160,12 @@ extern int in_FIPS_mode; extern CONF *config; extern char *default_config_file; extern BIO *bio_err; -extern int in_FIPS_mode; #endif +#ifndef OPENSSL_SYS_NETWARE #include +#endif #ifdef SIGPIPE #define do_pipe_sig() signal(SIGPIPE,SIG_IGN) @@ -231,6 +231,12 @@ extern int in_FIPS_mode; # endif #endif +#ifdef OPENSSL_SYSNAME_WIN32 +# define openssl_fdset(a,b) FD_SET((unsigned int)a, b) +#else +# define openssl_fdset(a,b) FD_SET(a, b) +#endif + typedef struct args_st { char **data; @@ -257,7 +263,7 @@ void program_name(char *in,char *out,int size); int chopup_args(ARGS *arg,char *buf, int *argc, char **argv[]); #ifdef HEADER_X509_H int dump_cert_text(BIO *out, X509 *x); -void print_name(BIO *out, char *title, X509_NAME *nm, unsigned long lflags); +void print_name(BIO *out, const char *title, X509_NAME *nm, unsigned long lflags); #endif int set_cert_ex(unsigned long *flags, const char *arg); int set_name_ex(unsigned long *flags, const char *arg); @@ -278,12 +284,18 @@ X509_STORE *setup_verify(BIO *bp, char *CAfile, char *CApath); ENGINE *setup_engine(BIO *err, const char *engine, int debug); #endif +#ifndef OPENSSL_NO_OCSP +OCSP_RESPONSE *process_responder(BIO *err, OCSP_REQUEST *req, + char *host, char *path, char *port, int use_ssl, + int req_timeout); +#endif + int load_config(BIO *err, CONF *cnf); char *make_config_name(void); /* Functions defined in ca.c and also used in ocsp.c */ int unpack_revinfo(ASN1_TIME **prevtm, int *preason, ASN1_OBJECT **phold, - ASN1_GENERALIZEDTIME **pinvtm, char *str); + ASN1_GENERALIZEDTIME **pinvtm, const char *str); #define DB_type 0 #define DB_exp_date 1 @@ -313,12 +325,16 @@ int rotate_serial(char *serialfile, char *new_suffix, char *old_suffix); int rand_serial(BIGNUM *b, ASN1_INTEGER *ai); CA_DB *load_index(char *dbfile, DB_ATTR *dbattr); int index_index(CA_DB *db); -int save_index(char *dbfile, char *suffix, CA_DB *db); -int rotate_index(char *dbfile, char *new_suffix, char *old_suffix); +int save_index(const char *dbfile, const char *suffix, CA_DB *db); +int rotate_index(const char *dbfile, const char *new_suffix, const char *old_suffix); void free_index(CA_DB *db); int index_name_cmp(const char **a, const char **b); +int parse_yesno(const char *str, int def); -X509_NAME *do_subject(char *str, long chtype); +X509_NAME *parse_name(char *str, long chtype, int multirdn); +int args_verify(char ***pargs, int *pargc, + int *badarg, BIO *err, X509_VERIFY_PARAM **pm); +void policies_print(BIO *out, X509_STORE_CTX *ctx); #define FORMAT_UNDEF 0 #define FORMAT_ASN1 1 diff --git a/src/lib/libssl/src/apps/asn1pars.c b/src/lib/libssl/src/apps/asn1pars.c index a6b6c41f13..b1a7c8e5db 100644 --- a/src/lib/libssl/src/apps/asn1pars.c +++ b/src/lib/libssl/src/apps/asn1pars.c @@ -82,6 +82,8 @@ int MAIN(int, char **); +static int do_generate(BIO *bio, char *genstr, char *genconf, BUF_MEM *buf); + int MAIN(int argc, char **argv) { int i,badops=0,offset=0,ret=1,j; @@ -90,7 +92,9 @@ int MAIN(int argc, char **argv) BIO *in=NULL,*out=NULL,*b64=NULL, *derout = NULL; int informat,indent=0, noout = 0, dump = 0; char *infile=NULL,*str=NULL,*prog,*oidfile=NULL, *derfile=NULL; + char *genstr=NULL, *genconf=NULL; unsigned char *tmpbuf; + const unsigned char *ctmpbuf; BUF_MEM *buf=NULL; STACK *osk=NULL; ASN1_TYPE *at=NULL; @@ -167,6 +171,16 @@ int MAIN(int argc, char **argv) if (--argc < 1) goto bad; sk_push(osk,*(++argv)); } + else if (strcmp(*argv,"-genstr") == 0) + { + if (--argc < 1) goto bad; + genstr= *(++argv); + } + else if (strcmp(*argv,"-genconf") == 0) + { + if (--argc < 1) goto bad; + genconf= *(++argv); + } else { BIO_printf(bio_err,"unknown option %s\n",*argv); @@ -195,6 +209,8 @@ bad: BIO_printf(bio_err," -strparse offset\n"); BIO_printf(bio_err," a series of these can be used to 'dig' into multiple\n"); BIO_printf(bio_err," ASN1 blob wrappings\n"); + BIO_printf(bio_err," -genstr str string to generate ASN1 structure from\n"); + BIO_printf(bio_err," -genconf file file to generate ASN1 structure from\n"); goto end; } @@ -248,25 +264,39 @@ bad: if ((buf=BUF_MEM_new()) == NULL) goto end; if (!BUF_MEM_grow(buf,BUFSIZ*8)) goto end; /* Pre-allocate :-) */ - if (informat == FORMAT_PEM) + if (genstr || genconf) { - BIO *tmp; - - if ((b64=BIO_new(BIO_f_base64())) == NULL) + num = do_generate(bio_err, genstr, genconf, buf); + if (num < 0) + { + ERR_print_errors(bio_err); goto end; - BIO_push(b64,in); - tmp=in; - in=b64; - b64=tmp; + } } - num=0; - for (;;) + else { - if (!BUF_MEM_grow(buf,(int)num+BUFSIZ)) goto end; - i=BIO_read(in,&(buf->data[num]),BUFSIZ); - if (i <= 0) break; - num+=i; + + if (informat == FORMAT_PEM) + { + BIO *tmp; + + if ((b64=BIO_new(BIO_f_base64())) == NULL) + goto end; + BIO_push(b64,in); + tmp=in; + in=b64; + b64=tmp; + } + + num=0; + for (;;) + { + if (!BUF_MEM_grow(buf,(int)num+BUFSIZ)) goto end; + i=BIO_read(in,&(buf->data[num]),BUFSIZ); + if (i <= 0) break; + num+=i; + } } str=buf->data; @@ -278,8 +308,8 @@ bad: tmplen=num; for (i=0; idata; + + i2d_ASN1_TYPE(atyp, &p); + + ASN1_TYPE_free(atyp); + return len; + + conferr: + + if (errline > 0) + BIO_printf(bio, "Error on line %ld of config file '%s'\n", + errline, genconf); + else + BIO_printf(bio, "Error loading config file '%s'\n", genconf); + + err: + NCONF_free(cnf); + ASN1_TYPE_free(atyp); + + return -1; + + } diff --git a/src/lib/libssl/src/apps/ca.c b/src/lib/libssl/src/apps/ca.c index 928c6f7f24..87f0405f5d 100644 --- a/src/lib/libssl/src/apps/ca.c +++ b/src/lib/libssl/src/apps/ca.c @@ -83,7 +83,7 @@ # else # include # endif -# elif !defined(OPENSSL_SYS_VXWORKS) && !defined(OPENSSL_SYS_WINDOWS) +# elif !defined(OPENSSL_SYS_VXWORKS) && !defined(OPENSSL_SYS_WINDOWS) && !defined(OPENSSL_SYS_NETWARE) # include # endif #endif @@ -105,6 +105,9 @@ #define ENV_DEFAULT_CA "default_ca" +#define STRING_MASK "string_mask" +#define UTF8_IN "utf8" + #define ENV_DIR "dir" #define ENV_CERTS "certs" #define ENV_CRL_DIR "crl_dir" @@ -131,6 +134,7 @@ #define ENV_NAMEOPT "name_opt" #define ENV_CERTOPT "cert_opt" #define ENV_EXTCOPY "copy_extensions" +#define ENV_UNIQUE_SUBJECT "unique_subject" #define ENV_DATABASE "database" @@ -142,7 +146,7 @@ #define REV_KEY_COMPROMISE 3 /* Value is cert key compromise time */ #define REV_CA_COMPROMISE 4 /* Value is CA key compromise time */ -static char *ca_usage[]={ +static const char *ca_usage[]={ "usage: ca args\n", "\n", " -verbose - Talk alot while doing things\n", @@ -160,6 +164,7 @@ static char *ca_usage[]={ " -keyform arg - private key file format (PEM or ENGINE)\n", " -key arg - key to decode the private key if it is encrypted\n", " -cert file - The CA certificate\n", +" -selfsign - sign a certificate with the key associated with it\n", " -in file - The input PEM encoded certificate request(s)\n", " -out file - Where to put the output file(s)\n", " -outdir dir - Where to put output certificates\n", @@ -172,6 +177,8 @@ static char *ca_usage[]={ " -msie_hack - msie modifications to handle all those universal strings\n", " -revoke file - Revoke a certificate (given in file)\n", " -subj arg - Use arg instead of request's subject\n", +" -utf8 - input characters are UTF8 (default ASCII)\n", +" -multivalue-rdn - enable support for multivalued RDNs\n", " -extensions .. - Extension section (override value in config file)\n", " -extfile file - Configuration file with X509v3 extentions to add\n", " -crlexts .. - CRL extension section (override value in config file)\n", @@ -189,40 +196,40 @@ extern int EF_PROTECT_BELOW; extern int EF_ALIGNMENT; #endif -static void lookup_fail(char *name,char *tag); +static void lookup_fail(const char *name, const char *tag); static int certify(X509 **xret, char *infile,EVP_PKEY *pkey,X509 *x509, const EVP_MD *dgst,STACK_OF(CONF_VALUE) *policy,CA_DB *db, - BIGNUM *serial, char *subj, int email_dn, char *startdate, + BIGNUM *serial, char *subj,unsigned long chtype, int multirdn, int email_dn, char *startdate, char *enddate, long days, int batch, char *ext_sect, CONF *conf, int verbose, unsigned long certopt, unsigned long nameopt, - int default_op, int ext_copy); + int default_op, int ext_copy, int selfsign); static int certify_cert(X509 **xret, char *infile,EVP_PKEY *pkey,X509 *x509, const EVP_MD *dgst,STACK_OF(CONF_VALUE) *policy, - CA_DB *db, BIGNUM *serial, char *subj, int email_dn, + CA_DB *db, BIGNUM *serial, char *subj,unsigned long chtype, int multirdn, int email_dn, char *startdate, char *enddate, long days, int batch, char *ext_sect, CONF *conf,int verbose, unsigned long certopt, unsigned long nameopt, int default_op, int ext_copy, ENGINE *e); static int certify_spkac(X509 **xret, char *infile,EVP_PKEY *pkey,X509 *x509, const EVP_MD *dgst,STACK_OF(CONF_VALUE) *policy, - CA_DB *db, BIGNUM *serial,char *subj, int email_dn, + CA_DB *db, BIGNUM *serial,char *subj,unsigned long chtype, int multirdn, int email_dn, char *startdate, char *enddate, long days, char *ext_sect, CONF *conf, int verbose, unsigned long certopt, unsigned long nameopt, int default_op, int ext_copy); static int fix_data(int nid, int *type); static void write_new_certificate(BIO *bp, X509 *x, int output_der, int notext); static int do_body(X509 **xret, EVP_PKEY *pkey, X509 *x509, const EVP_MD *dgst, - STACK_OF(CONF_VALUE) *policy, CA_DB *db, BIGNUM *serial,char *subj, + STACK_OF(CONF_VALUE) *policy, CA_DB *db, BIGNUM *serial,char *subj,unsigned long chtype, int multirdn, int email_dn, char *startdate, char *enddate, long days, int batch, int verbose, X509_REQ *req, char *ext_sect, CONF *conf, unsigned long certopt, unsigned long nameopt, int default_op, - int ext_copy); + int ext_copy, int selfsign); static int do_revoke(X509 *x509, CA_DB *db, int ext, char *extval); static int get_certificate_status(const char *ser_status, CA_DB *db); static int do_updatedb(CA_DB *db); static int check_time_format(char *str); char *make_revocation_str(int rev_type, char *rev_arg); -int make_revoked(X509_REVOKED *rev, char *str); +int make_revoked(X509_REVOKED *rev, const char *str); int old_entry_print(BIO *bp, ASN1_OBJECT *obj, ASN1_STRING *str); static CONF *conf=NULL; static CONF *extconf=NULL; @@ -272,6 +279,8 @@ int MAIN(int argc, char **argv) char *extensions=NULL; char *extfile=NULL; char *subj=NULL; + unsigned long chtype = MBSTRING_ASC; + int multirdn = 0; char *tmp_email_dn=NULL; char *crl_ext=NULL; int rev_type = REV_NONE; @@ -286,7 +295,8 @@ int MAIN(int argc, char **argv) unsigned long nameopt = 0, certopt = 0; int default_op = 1; int ext_copy = EXT_COPY_NONE; - X509 *x509=NULL; + int selfsign = 0; + X509 *x509=NULL, *x509p = NULL; X509 *x=NULL; BIO *in=NULL,*out=NULL,*Sout=NULL,*Cout=NULL; char *dbfile=NULL; @@ -295,7 +305,8 @@ int MAIN(int argc, char **argv) X509_REVOKED *r=NULL; ASN1_TIME *tmptm; ASN1_INTEGER *tmpser; - char **pp,*p,*f; + char *f; + const char *p, **pp; int i,j; const EVP_MD *dgst=NULL; STACK_OF(CONF_VALUE) *attribs=NULL; @@ -350,6 +361,12 @@ EF_ALIGNMENT=0; subj= *(++argv); /* preserve=1; */ } + else if (strcmp(*argv,"-utf8") == 0) + chtype = MBSTRING_UTF8; + else if (strcmp(*argv,"-create_serial") == 0) + create_ser = 1; + else if (strcmp(*argv,"-multivalue-rdn") == 0) + multirdn=1; else if (strcmp(*argv,"-startdate") == 0) { if (--argc < 1) goto bad; @@ -400,6 +417,8 @@ EF_ALIGNMENT=0; if (--argc < 1) goto bad; certfile= *(++argv); } + else if (strcmp(*argv,"-selfsign") == 0) + selfsign=1; else if (strcmp(*argv,"-in") == 0) { if (--argc < 1) goto bad; @@ -633,29 +652,31 @@ bad: ERR_clear_error(); app_RAND_load_file(randfile, bio_err, 0); + f = NCONF_get_string(conf, section, STRING_MASK); + if (!f) + ERR_clear_error(); + + if(f && !ASN1_STRING_set_default_mask_asc(f)) { + BIO_printf(bio_err, "Invalid global string mask setting %s\n", f); + goto err; + } + + if (chtype != MBSTRING_UTF8){ + f = NCONF_get_string(conf, section, UTF8_IN); + if (!f) + ERR_clear_error(); + else if (!strcmp(f, "yes")) + chtype = MBSTRING_UTF8; + } + db_attr.unique_subject = 1; - p = NCONF_get_string(conf, section, "unique_subject"); + p = NCONF_get_string(conf, section, ENV_UNIQUE_SUBJECT); if (p) { #ifdef RL_DEBUG BIO_printf(bio_err, "DEBUG: unique_subject = \"%s\"\n", p); #endif - switch(*p) - { - case 'f': /* false */ - case 'F': /* FALSE */ - case 'n': /* no */ - case 'N': /* NO */ - db_attr.unique_subject = 0; - break; - case 't': /* true */ - case 'T': /* TRUE */ - case 'y': /* yes */ - case 'Y': /* YES */ - default: - db_attr.unique_subject = 1; - break; - } + db_attr.unique_subject = parse_yesno(p,1); } else ERR_clear_error(); @@ -699,7 +720,7 @@ bad: } /*****************************************************************/ - /* we definitely need a public key, so let's get it */ + /* we definitely need a private key, so let's get it */ if ((keyfile == NULL) && ((keyfile=NCONF_get_string(conf, section,ENV_PRIVATE_KEY)) == NULL)) @@ -727,22 +748,27 @@ bad: /*****************************************************************/ /* we need a certificate */ - if ((certfile == NULL) && ((certfile=NCONF_get_string(conf, - section,ENV_CERTIFICATE)) == NULL)) + if (!selfsign || spkac_file || ss_cert_file || gencrl) { - lookup_fail(section,ENV_CERTIFICATE); - goto err; - } - x509=load_cert(bio_err, certfile, FORMAT_PEM, NULL, e, - "CA certificate"); - if (x509 == NULL) - goto err; + if ((certfile == NULL) + && ((certfile=NCONF_get_string(conf, + section,ENV_CERTIFICATE)) == NULL)) + { + lookup_fail(section,ENV_CERTIFICATE); + goto err; + } + x509=load_cert(bio_err, certfile, FORMAT_PEM, NULL, e, + "CA certificate"); + if (x509 == NULL) + goto err; - if (!X509_check_private_key(x509,pkey)) - { - BIO_printf(bio_err,"CA certificate and CA private key do not match\n"); - goto err; + if (!X509_check_private_key(x509,pkey)) + { + BIO_printf(bio_err,"CA certificate and CA private key do not match\n"); + goto err; + } } + if (!selfsign) x509p = x509; f=NCONF_get_string(conf,BASE_SECTION,ENV_PRESERVE); if (f == NULL) @@ -856,7 +882,7 @@ bad: /* Lets check some fields */ for (i=0; idb->data); i++) { - pp=(char **)sk_value(db->db->data,i); + pp=(const char **)sk_value(db->db->data,i); if ((pp[DB_type][0] != DB_TYPE_REV) && (pp[DB_rev_date][0] != '\0')) { @@ -869,7 +895,7 @@ bad: BIO_printf(bio_err," in entry %d\n", i+1); goto err; } - if (!check_time_format(pp[DB_exp_date])) + if (!check_time_format((char *)pp[DB_exp_date])) { BIO_printf(bio_err,"entry %d: invalid expiry date\n",i+1); goto err; @@ -1132,7 +1158,7 @@ bad: { total++; j=certify_spkac(&x,spkac_file,pkey,x509,dgst,attribs,db, - serial,subj,email_dn,startdate,enddate,days,extensions, + serial,subj,chtype,multirdn,email_dn,startdate,enddate,days,extensions, conf,verbose,certopt,nameopt,default_op,ext_copy); if (j < 0) goto err; if (j > 0) @@ -1156,7 +1182,7 @@ bad: { total++; j=certify_cert(&x,ss_cert_file,pkey,x509,dgst,attribs, - db,serial,subj,email_dn,startdate,enddate,days,batch, + db,serial,subj,chtype,multirdn,email_dn,startdate,enddate,days,batch, extensions,conf,verbose, certopt, nameopt, default_op, ext_copy, e); if (j < 0) goto err; @@ -1175,10 +1201,10 @@ bad: if (infile != NULL) { total++; - j=certify(&x,infile,pkey,x509,dgst,attribs,db, - serial,subj,email_dn,startdate,enddate,days,batch, + j=certify(&x,infile,pkey,x509p,dgst,attribs,db, + serial,subj,chtype,multirdn,email_dn,startdate,enddate,days,batch, extensions,conf,verbose, certopt, nameopt, - default_op, ext_copy); + default_op, ext_copy, selfsign); if (j < 0) goto err; if (j > 0) { @@ -1195,10 +1221,10 @@ bad: for (i=0; i 0) { @@ -1249,7 +1275,7 @@ bad: x=sk_X509_value(cert_sk,i); j=x->cert_info->serialNumber->length; - p=(char *)x->cert_info->serialNumber->data; + p=(const char *)x->cert_info->serialNumber->data; if(strlen(outdir) >= (size_t)(j ? BSIZE-j*2-6 : BSIZE-8)) { @@ -1370,7 +1396,7 @@ bad: for (i=0; idb->data); i++) { - pp=(char **)sk_value(db->db->data,i); + pp=(const char **)sk_value(db->db->data,i); if (pp[DB_type][0] == DB_TYPE_REV) { if ((r=X509_REVOKED_new()) == NULL) goto err; @@ -1399,6 +1425,11 @@ bad: #ifndef OPENSSL_NO_DSA if (pkey->type == EVP_PKEY_DSA) dgst=EVP_dss1(); + else +#endif +#ifndef OPENSSL_NO_ECDSA + if (pkey->type == EVP_PKEY_EC) + dgst=EVP_ecdsa(); #endif /* Add any extensions asked for */ @@ -1486,25 +1517,26 @@ err: BN_free(serial); free_index(db); EVP_PKEY_free(pkey); - X509_free(x509); + if (x509) X509_free(x509); X509_CRL_free(crl); NCONF_free(conf); + NCONF_free(extconf); OBJ_cleanup(); apps_shutdown(); OPENSSL_EXIT(ret); } -static void lookup_fail(char *name, char *tag) +static void lookup_fail(const char *name, const char *tag) { BIO_printf(bio_err,"variable lookup failed for %s::%s\n",name,tag); } static int certify(X509 **xret, char *infile, EVP_PKEY *pkey, X509 *x509, const EVP_MD *dgst, STACK_OF(CONF_VALUE) *policy, CA_DB *db, - BIGNUM *serial, char *subj, int email_dn, char *startdate, char *enddate, + BIGNUM *serial, char *subj,unsigned long chtype, int multirdn, int email_dn, char *startdate, char *enddate, long days, int batch, char *ext_sect, CONF *lconf, int verbose, unsigned long certopt, unsigned long nameopt, int default_op, - int ext_copy) + int ext_copy, int selfsign) { X509_REQ *req=NULL; BIO *in=NULL; @@ -1529,6 +1561,12 @@ static int certify(X509 **xret, char *infile, EVP_PKEY *pkey, X509 *x509, BIO_printf(bio_err,"Check that the request matches the signature\n"); + if (selfsign && !X509_REQ_check_private_key(req,pkey)) + { + BIO_printf(bio_err,"Certificate request and CA private key do not match\n"); + ok=0; + goto err; + } if ((pktmp=X509_REQ_get_pubkey(req)) == NULL) { BIO_printf(bio_err,"error unpacking public key\n"); @@ -1551,9 +1589,9 @@ static int certify(X509 **xret, char *infile, EVP_PKEY *pkey, X509 *x509, else BIO_printf(bio_err,"Signature ok\n"); - ok=do_body(xret,pkey,x509,dgst,policy,db,serial,subj, email_dn, + ok=do_body(xret,pkey,x509,dgst,policy,db,serial,subj,chtype,multirdn, email_dn, startdate,enddate,days,batch,verbose,req,ext_sect,lconf, - certopt, nameopt, default_op, ext_copy); + certopt, nameopt, default_op, ext_copy, selfsign); err: if (req != NULL) X509_REQ_free(req); @@ -1563,7 +1601,7 @@ err: static int certify_cert(X509 **xret, char *infile, EVP_PKEY *pkey, X509 *x509, const EVP_MD *dgst, STACK_OF(CONF_VALUE) *policy, CA_DB *db, - BIGNUM *serial, char *subj, int email_dn, char *startdate, char *enddate, + BIGNUM *serial, char *subj, unsigned long chtype, int multirdn, int email_dn, char *startdate, char *enddate, long days, int batch, char *ext_sect, CONF *lconf, int verbose, unsigned long certopt, unsigned long nameopt, int default_op, int ext_copy, ENGINE *e) @@ -1605,9 +1643,9 @@ static int certify_cert(X509 **xret, char *infile, EVP_PKEY *pkey, X509 *x509, if ((rreq=X509_to_X509_REQ(req,NULL,EVP_md5())) == NULL) goto err; - ok=do_body(xret,pkey,x509,dgst,policy,db,serial,subj,email_dn,startdate,enddate, + ok=do_body(xret,pkey,x509,dgst,policy,db,serial,subj,chtype,multirdn,email_dn,startdate,enddate, days,batch,verbose,rreq,ext_sect,lconf, certopt, nameopt, default_op, - ext_copy); + ext_copy, 0); err: if (rreq != NULL) X509_REQ_free(rreq); @@ -1617,10 +1655,11 @@ err: static int do_body(X509 **xret, EVP_PKEY *pkey, X509 *x509, const EVP_MD *dgst, STACK_OF(CONF_VALUE) *policy, CA_DB *db, BIGNUM *serial, char *subj, + unsigned long chtype, int multirdn, int email_dn, char *startdate, char *enddate, long days, int batch, int verbose, X509_REQ *req, char *ext_sect, CONF *lconf, unsigned long certopt, unsigned long nameopt, int default_op, - int ext_copy) + int ext_copy, int selfsign) { X509_NAME *name=NULL,*CAname=NULL,*subject=NULL, *dn_subject=NULL; ASN1_UTCTIME *tm,*tmptm; @@ -1632,7 +1671,7 @@ static int do_body(X509 **xret, EVP_PKEY *pkey, X509 *x509, const EVP_MD *dgst, X509_NAME_ENTRY *tne,*push; EVP_PKEY *pktmp; int ok= -1,i,j,last,nid; - char *p; + const char *p; CONF_VALUE *cv; char *row[DB_NUMBER],**rrow=NULL,**irow=NULL; char buf[25]; @@ -1649,7 +1688,7 @@ static int do_body(X509 **xret, EVP_PKEY *pkey, X509 *x509, const EVP_MD *dgst, if (subj) { - X509_NAME *n = do_subject(subj, MBSTRING_ASC); + X509_NAME *n = parse_name(subj, chtype, multirdn); if (!n) { @@ -1724,7 +1763,10 @@ static int do_body(X509 **xret, EVP_PKEY *pkey, X509 *x509, const EVP_MD *dgst, } /* take a copy of the issuer name before we mess with it. */ - CAname=X509_NAME_dup(x509->cert_info->subject); + if (selfsign) + CAname=X509_NAME_dup(name); + else + CAname=X509_NAME_dup(x509->cert_info->subject); if (CAname == NULL) goto err; str=str2=NULL; @@ -1936,8 +1978,16 @@ again2: if (BN_to_ASN1_INTEGER(serial,ci->serialNumber) == NULL) goto err; - if (!X509_set_issuer_name(ret,X509_get_subject_name(x509))) - goto err; + if (selfsign) + { + if (!X509_set_issuer_name(ret,subject)) + goto err; + } + else + { + if (!X509_set_issuer_name(ret,X509_get_subject_name(x509))) + goto err; + } if (strcmp(startdate,"today") == 0) X509_gmtime_adj(X509_get_notBefore(ret),0); @@ -1972,7 +2022,10 @@ again2: ci->extensions = NULL; /* Initialize the context structure */ - X509V3_set_ctx(&ctx, x509, ret, req, NULL, 0); + if (selfsign) + X509V3_set_ctx(&ctx, ret, ret, req, NULL, 0); + else + X509V3_set_ctx(&ctx, x509, ret, req, NULL, 0); if (extconf) { @@ -2039,7 +2092,7 @@ again2: BIO_printf(bio_err,"Certificate is to be certified until "); ASN1_UTCTIME_print(bio_err,X509_get_notAfter(ret)); - if (days) BIO_printf(bio_err," (%d days)",days); + if (days) BIO_printf(bio_err," (%ld days)",days); BIO_printf(bio_err, "\n"); if (!batch) @@ -2066,6 +2119,16 @@ again2: EVP_PKEY_copy_parameters(pktmp,pkey); EVP_PKEY_free(pktmp); #endif +#ifndef OPENSSL_NO_ECDSA + if (pkey->type == EVP_PKEY_EC) + dgst = EVP_ecdsa(); + pktmp = X509_get_pubkey(ret); + if (EVP_PKEY_missing_parameters(pktmp) && + !EVP_PKEY_missing_parameters(pkey)) + EVP_PKEY_copy_parameters(pktmp, pkey); + EVP_PKEY_free(pktmp); +#endif + if (!X509_sign(ret,pkey,dgst)) goto err; @@ -2162,7 +2225,7 @@ static void write_new_certificate(BIO *bp, X509 *x, int output_der, int notext) static int certify_spkac(X509 **xret, char *infile, EVP_PKEY *pkey, X509 *x509, const EVP_MD *dgst, STACK_OF(CONF_VALUE) *policy, CA_DB *db, - BIGNUM *serial, char *subj, int email_dn, char *startdate, char *enddate, + BIGNUM *serial, char *subj,unsigned long chtype, int multirdn, int email_dn, char *startdate, char *enddate, long days, char *ext_sect, CONF *lconf, int verbose, unsigned long certopt, unsigned long nameopt, int default_op, int ext_copy) { @@ -2303,9 +2366,9 @@ static int certify_spkac(X509 **xret, char *infile, EVP_PKEY *pkey, X509 *x509, X509_REQ_set_pubkey(req,pktmp); EVP_PKEY_free(pktmp); - ok=do_body(xret,pkey,x509,dgst,policy,db,serial,subj,email_dn,startdate,enddate, + ok=do_body(xret,pkey,x509,dgst,policy,db,serial,subj,chtype,multirdn,email_dn,startdate,enddate, days,1,verbose,req,ext_sect,lconf, certopt, nameopt, default_op, - ext_copy); + ext_copy, 0); err: if (req != NULL) X509_REQ_free(req); if (parms != NULL) CONF_free(parms); @@ -2616,7 +2679,7 @@ err: return (cnt); } -static char *crl_reasons[] = { +static const char *crl_reasons[] = { /* CRL reason strings */ "unspecified", "keyCompromise", @@ -2644,7 +2707,8 @@ static char *crl_reasons[] = { char *make_revocation_str(int rev_type, char *rev_arg) { - char *reason = NULL, *other = NULL, *str; + char *other = NULL, *str; + const char *reason = NULL; ASN1_OBJECT *otmp; ASN1_UTCTIME *revtm = NULL; int i; @@ -2738,7 +2802,7 @@ char *make_revocation_str(int rev_type, char *rev_arg) */ -int make_revoked(X509_REVOKED *rev, char *str) +int make_revoked(X509_REVOKED *rev, const char *str) { char *tmp = NULL; int reason_code = -1; @@ -2792,129 +2856,6 @@ int make_revoked(X509_REVOKED *rev, char *str) return ret; } -/* - * subject is expected to be in the format /type0=value0/type1=value1/type2=... - * where characters may be escaped by \ - */ -X509_NAME *do_subject(char *subject, long chtype) - { - size_t buflen = strlen(subject)+1; /* to copy the types and values into. due to escaping, the copy can only become shorter */ - char *buf = OPENSSL_malloc(buflen); - size_t max_ne = buflen / 2 + 1; /* maximum number of name elements */ - char **ne_types = OPENSSL_malloc(max_ne * sizeof (char *)); - char **ne_values = OPENSSL_malloc(max_ne * sizeof (char *)); - - char *sp = subject, *bp = buf; - int i, ne_num = 0; - - X509_NAME *n = NULL; - int nid; - - if (!buf || !ne_types || !ne_values) - { - BIO_printf(bio_err, "malloc error\n"); - goto error; - } - - if (*subject != '/') - { - BIO_printf(bio_err, "Subject does not start with '/'.\n"); - goto error; - } - sp++; /* skip leading / */ - - while (*sp) - { - /* collect type */ - ne_types[ne_num] = bp; - while (*sp) - { - if (*sp == '\\') /* is there anything to escape in the type...? */ - { - if (*++sp) - *bp++ = *sp++; - else - { - BIO_printf(bio_err, "escape character at end of string\n"); - goto error; - } - } - else if (*sp == '=') - { - sp++; - *bp++ = '\0'; - break; - } - else - *bp++ = *sp++; - } - if (!*sp) - { - BIO_printf(bio_err, "end of string encountered while processing type of subject name element #%d\n", ne_num); - goto error; - } - ne_values[ne_num] = bp; - while (*sp) - { - if (*sp == '\\') - { - if (*++sp) - *bp++ = *sp++; - else - { - BIO_printf(bio_err, "escape character at end of string\n"); - goto error; - } - } - else if (*sp == '/') - { - sp++; - break; - } - else - *bp++ = *sp++; - } - *bp++ = '\0'; - ne_num++; - } - - if (!(n = X509_NAME_new())) - goto error; - - for (i = 0; i < ne_num; i++) - { - if ((nid=OBJ_txt2nid(ne_types[i])) == NID_undef) - { - BIO_printf(bio_err, "Subject Attribute %s has no known NID, skipped\n", ne_types[i]); - continue; - } - - if (!*ne_values[i]) - { - BIO_printf(bio_err, "No value provided for Subject Attribute %s, skipped\n", ne_types[i]); - continue; - } - - if (!X509_NAME_add_entry_by_NID(n, nid, chtype, (unsigned char*)ne_values[i], -1,-1,0)) - goto error; - } - - OPENSSL_free(ne_values); - OPENSSL_free(ne_types); - OPENSSL_free(buf); - return n; - -error: - X509_NAME_free(n); - if (ne_values) - OPENSSL_free(ne_values); - if (ne_types) - OPENSSL_free(ne_types); - if (buf) - OPENSSL_free(buf); - return NULL; -} - int old_entry_print(BIO *bp, ASN1_OBJECT *obj, ASN1_STRING *str) { char buf[25],*pbuf, *p; @@ -2941,25 +2882,35 @@ int old_entry_print(BIO *bp, ASN1_OBJECT *obj, ASN1_STRING *str) p=(char *)str->data; for (j=str->length; j>0; j--) { +#ifdef CHARSET_EBCDIC + if ((*p >= 0x20) && (*p <= 0x7e)) + BIO_printf(bp,"%c",os_toebcdic[*p]); +#else if ((*p >= ' ') && (*p <= '~')) BIO_printf(bp,"%c",*p); +#endif else if (*p & 0x80) BIO_printf(bp,"\\0x%02X",*p); else if ((unsigned char)*p == 0xf7) BIO_printf(bp,"^?"); +#ifdef CHARSET_EBCDIC + else BIO_printf(bp,"^%c",os_toebcdic[*p+0x40]); +#else else BIO_printf(bp,"^%c",*p+'@'); +#endif p++; } BIO_printf(bp,"'\n"); return 1; } -int unpack_revinfo(ASN1_TIME **prevtm, int *preason, ASN1_OBJECT **phold, ASN1_GENERALIZEDTIME **pinvtm, char *str) +int unpack_revinfo(ASN1_TIME **prevtm, int *preason, ASN1_OBJECT **phold, ASN1_GENERALIZEDTIME **pinvtm, const char *str) { char *tmp = NULL; char *rtime_str, *reason_str = NULL, *arg_str = NULL, *p; int reason_code = -1; - int i, ret = 0; + int ret = 0; + unsigned int i; ASN1_OBJECT *hold = NULL; ASN1_GENERALIZEDTIME *comp_time = NULL; tmp = BUF_strdup(str); diff --git a/src/lib/libssl/src/apps/ciphers.c b/src/lib/libssl/src/apps/ciphers.c index 7c62fc5dc3..43f0ac594a 100644 --- a/src/lib/libssl/src/apps/ciphers.c +++ b/src/lib/libssl/src/apps/ciphers.c @@ -69,7 +69,7 @@ #undef PROG #define PROG ciphers_main -static char *ciphers_usage[]={ +static const char *ciphers_usage[]={ "usage: ciphers args\n", " -v - verbose mode, a textual listing of the ciphers in SSLeay\n", " -ssl2 - SSL2 mode\n", @@ -84,7 +84,7 @@ int MAIN(int argc, char **argv) { int ret=1,i; int verbose=0; - char **pp; + const char **pp; const char *p; int badops=0; SSL_CTX *ctx=NULL; diff --git a/src/lib/libssl/src/apps/crl.c b/src/lib/libssl/src/apps/crl.c index 878f65468e..a0040fba11 100644 --- a/src/lib/libssl/src/apps/crl.c +++ b/src/lib/libssl/src/apps/crl.c @@ -72,7 +72,7 @@ #undef POSTFIX #define POSTFIX ".rvk" -static char *crl_usage[]={ +static const char *crl_usage[]={ "usage: crl args\n", "\n", " -inform arg - input format - default PEM (DER or PEM)\n", @@ -108,14 +108,14 @@ int MAIN(int argc, char **argv) char *infile=NULL,*outfile=NULL; int hash=0,issuer=0,lastupdate=0,nextupdate=0,noout=0,text=0; int fingerprint = 0; - char **pp; + const char **pp; X509_STORE *store = NULL; X509_STORE_CTX ctx; X509_LOOKUP *lookup = NULL; X509_OBJECT xobj; EVP_PKEY *pkey; int do_ver = 0; - const EVP_MD *md_alg,*digest=EVP_md5(); + const EVP_MD *md_alg,*digest=EVP_sha1(); apps_startup(); diff --git a/src/lib/libssl/src/apps/dgst.c b/src/lib/libssl/src/apps/dgst.c index 17fb87b77c..c5ecf93d1b 100644 --- a/src/lib/libssl/src/apps/dgst.c +++ b/src/lib/libssl/src/apps/dgst.c @@ -74,11 +74,9 @@ #undef PROG #define PROG dgst_main -static HMAC_CTX hmac_ctx; - int do_fp(BIO *out, unsigned char *buf, BIO *bp, int sep, int binout, EVP_PKEY *key, unsigned char *sigin, int siglen, const char *title, - const char *file,BIO *bmd,const char *hmac_key, int non_fips_allow); + const char *file,BIO *bmd,const char *hmac_key); int MAIN(int, char **); @@ -108,7 +106,6 @@ int MAIN(int argc, char **argv) char *engine=NULL; #endif char *hmac_key=NULL; - int non_fips_allow = 0; apps_startup(); @@ -193,8 +190,8 @@ int MAIN(int argc, char **argv) out_bin = 1; else if (strcmp(*argv,"-d") == 0) debug=1; - else if (strcmp(*argv,"-non-fips-allow") == 0) - non_fips_allow=1; + else if (!strcmp(*argv,"-fips-fingerprint")) + hmac_key = "etaonrishdlcupfm"; else if (!strcmp(*argv,"-hmac")) { if (--argc < 1) @@ -232,30 +229,45 @@ int MAIN(int argc, char **argv) BIO_printf(bio_err,"-keyform arg key file format (PEM or ENGINE)\n"); BIO_printf(bio_err,"-signature file signature to verify\n"); BIO_printf(bio_err,"-binary output in binary form\n"); + BIO_printf(bio_err,"-hmac key create hashed MAC with key\n"); #ifndef OPENSSL_NO_ENGINE BIO_printf(bio_err,"-engine e use engine e, possibly a hardware device.\n"); #endif - BIO_printf(bio_err,"-%3s to use the %s message digest algorithm (default)\n", + BIO_printf(bio_err,"-%-14s to use the %s message digest algorithm (default)\n", LN_md5,LN_md5); - BIO_printf(bio_err,"-%3s to use the %s message digest algorithm\n", + BIO_printf(bio_err,"-%-14s to use the %s message digest algorithm\n", LN_md4,LN_md4); - BIO_printf(bio_err,"-%3s to use the %s message digest algorithm\n", + BIO_printf(bio_err,"-%-14s to use the %s message digest algorithm\n", LN_md2,LN_md2); - BIO_printf(bio_err,"-%3s to use the %s message digest algorithm\n", +#ifndef OPENSSL_NO_SHA + BIO_printf(bio_err,"-%-14s to use the %s message digest algorithm\n", LN_sha1,LN_sha1); - BIO_printf(bio_err,"-%3s to use the %s message digest algorithm\n", + BIO_printf(bio_err,"-%-14s to use the %s message digest algorithm\n", LN_sha,LN_sha); - BIO_printf(bio_err,"-%3s to use the %s message digest algorithm\n", +#ifndef OPENSSL_NO_SHA256 + BIO_printf(bio_err,"-%-14s to use the %s message digest algorithm\n", + LN_sha224,LN_sha224); + BIO_printf(bio_err,"-%-14s to use the %s message digest algorithm\n", + LN_sha256,LN_sha256); +#endif +#ifndef OPENSSL_NO_SHA512 + BIO_printf(bio_err,"-%-14s to use the %s message digest algorithm\n", + LN_sha384,LN_sha384); + BIO_printf(bio_err,"-%-14s to use the %s message digest algorithm\n", + LN_sha512,LN_sha512); +#endif +#endif + BIO_printf(bio_err,"-%-14s to use the %s message digest algorithm\n", LN_mdc2,LN_mdc2); - BIO_printf(bio_err,"-%3s to use the %s message digest algorithm\n", + BIO_printf(bio_err,"-%-14s to use the %s message digest algorithm\n", LN_ripemd160,LN_ripemd160); err=1; goto end; } #ifndef OPENSSL_NO_ENGINE - e = setup_engine(bio_err, engine, 0); + e = setup_engine(bio_err, engine, 0); #endif in=BIO_new(BIO_s_file()); @@ -264,7 +276,7 @@ int MAIN(int argc, char **argv) { BIO_set_callback(in,BIO_debug_callback); /* needed for windows 3.1 */ - BIO_set_callback_arg(in,bio_err); + BIO_set_callback_arg(in,(char *)bio_err); } if(!app_passwd(bio_err, passargin, NULL, &passin, NULL)) @@ -344,19 +356,13 @@ int MAIN(int argc, char **argv) goto end; } } + - if (non_fips_allow) - { - EVP_MD_CTX *md_ctx; - BIO_get_md_ctx(bmd,&md_ctx); - EVP_MD_CTX_set_flags(md_ctx, EVP_MD_CTX_FLAG_NON_FIPS_ALLOW); - } /* we use md as a filter, reading from 'in' */ if (!BIO_set_md(bmd,md)) { - BIO_printf(bio_err, "Error setting digest %s\n", - EVP_MD_name(md)); + BIO_printf(bio_err, "Error setting digest %s\n", pname); ERR_print_errors(bio_err); goto end; } @@ -367,7 +373,7 @@ int MAIN(int argc, char **argv) { BIO_set_fp(in,stdin,BIO_NOCLOSE); err=do_fp(out, buf,inp,separator, out_bin, sigkey, sigbuf, - siglen,"","(stdin)",bmd,hmac_key, non_fips_allow); + siglen,"","(stdin)",bmd,hmac_key); } else { @@ -393,7 +399,7 @@ int MAIN(int argc, char **argv) else tmp=""; r=do_fp(out,buf,inp,separator,out_bin,sigkey,sigbuf, - siglen,tmp,argv[i],bmd,hmac_key,non_fips_allow); + siglen,tmp,argv[i],bmd,hmac_key); if(r) err=r; if(tofree) @@ -420,11 +426,12 @@ end: int do_fp(BIO *out, unsigned char *buf, BIO *bp, int sep, int binout, EVP_PKEY *key, unsigned char *sigin, int siglen, const char *title, - const char *file,BIO *bmd,const char *hmac_key, int non_fips_allow) + const char *file,BIO *bmd,const char *hmac_key) { unsigned int len; int i; EVP_MD_CTX *md_ctx; + HMAC_CTX hmac_ctx; if (hmac_key) { @@ -432,9 +439,6 @@ int do_fp(BIO *out, unsigned char *buf, BIO *bp, int sep, int binout, BIO_get_md(bmd,&md); HMAC_CTX_init(&hmac_ctx); - if (non_fips_allow) - HMAC_CTX_set_flags(&hmac_ctx, - EVP_MD_CTX_FLAG_NON_FIPS_ALLOW); HMAC_Init_ex(&hmac_ctx,hmac_key,strlen(hmac_key),md, NULL); BIO_get_md_ctx(bmd,&md_ctx); BIO_set_md_ctx(bmd,&hmac_ctx.md_ctx); @@ -493,7 +497,7 @@ int do_fp(BIO *out, unsigned char *buf, BIO *bp, int sep, int binout, else { BIO_write(out,title,strlen(title)); - for (i=0; (unsigned int)i /* for OPENSSL_NO_DH */ #ifndef OPENSSL_NO_DH #include #include diff --git a/src/lib/libssl/src/apps/dhparam.c b/src/lib/libssl/src/apps/dhparam.c index dc00355b95..04bd57c6e8 100644 --- a/src/lib/libssl/src/apps/dhparam.c +++ b/src/lib/libssl/src/apps/dhparam.c @@ -109,6 +109,7 @@ * */ +#include /* for OPENSSL_NO_DH */ #ifndef OPENSSL_NO_DH #include #include @@ -142,7 +143,7 @@ * -C */ -static void MS_CALLBACK dh_cb(int p, int n, void *arg); +static int MS_CALLBACK dh_cb(int p, int n, BN_GENCB *cb); int MAIN(int, char **); @@ -294,6 +295,8 @@ bad: if(num) { + BN_GENCB cb; + BN_GENCB_set(&cb, dh_cb, bio_err); if (!app_RAND_load_file(NULL, bio_err, 1) && inrand == NULL) { BIO_printf(bio_err,"warning, not much extra random data, consider using the -rand option\n"); @@ -305,12 +308,13 @@ bad: #ifndef OPENSSL_NO_DSA if (dsaparam) { - DSA *dsa; + DSA *dsa = DSA_new(); BIO_printf(bio_err,"Generating DSA parameters, %d bit long prime\n",num); - dsa = DSA_generate_parameters(num, NULL, 0, NULL, NULL, dh_cb, bio_err); - if (dsa == NULL) + if(!dsa || !DSA_generate_parameters_ex(dsa, num, + NULL, 0, NULL, NULL, &cb)) { + if(dsa) DSA_free(dsa); ERR_print_errors(bio_err); goto end; } @@ -326,12 +330,12 @@ bad: else #endif { + dh = DH_new(); BIO_printf(bio_err,"Generating DH parameters, %d bit long safe prime, generator %d\n",num,g); BIO_printf(bio_err,"This is going to take a long time\n"); - dh=DH_generate_parameters(num,g,dh_cb,bio_err); - - if (dh == NULL) + if(!dh || !DH_generate_parameters_ex(dh, num, g, &cb)) { + if(dh) DH_free(dh); ERR_print_errors(bio_err); goto end; } @@ -534,7 +538,7 @@ end: } /* dh_cb is identical to dsa_cb in apps/dsaparam.c */ -static void MS_CALLBACK dh_cb(int p, int n, void *arg) +static int MS_CALLBACK dh_cb(int p, int n, BN_GENCB *cb) { char c='*'; @@ -542,11 +546,12 @@ static void MS_CALLBACK dh_cb(int p, int n, void *arg) if (p == 1) c='+'; if (p == 2) c='*'; if (p == 3) c='\n'; - BIO_write((BIO *)arg,&c,1); - (void)BIO_flush((BIO *)arg); + BIO_write(cb->arg,&c,1); + (void)BIO_flush(cb->arg); #ifdef LINT p=n; #endif + return 1; } #endif diff --git a/src/lib/libssl/src/apps/dsa.c b/src/lib/libssl/src/apps/dsa.c index e9de3a3bdf..9e103037dd 100644 --- a/src/lib/libssl/src/apps/dsa.c +++ b/src/lib/libssl/src/apps/dsa.c @@ -56,6 +56,7 @@ * [including the GNU Public Licence.] */ +#include /* for OPENSSL_NO_DSA */ #ifndef OPENSSL_NO_DSA #include #include @@ -68,6 +69,7 @@ #include #include #include +#include #undef PROG #define PROG dsa_main @@ -82,6 +84,10 @@ * -aes128 - encrypt output if PEM format * -aes192 - encrypt output if PEM format * -aes256 - encrypt output if PEM format + * -camellia128 - encrypt output if PEM format + * -camellia192 - encrypt output if PEM format + * -camellia256 - encrypt output if PEM format + * -seed - encrypt output if PEM format * -text - print a text version * -modulus - print the DSA public key */ @@ -209,6 +215,13 @@ bad: #ifndef OPENSSL_NO_AES BIO_printf(bio_err," -aes128, -aes192, -aes256\n"); BIO_printf(bio_err," encrypt PEM output with cbc aes\n"); +#endif +#ifndef OPENSSL_NO_CAMELLIA + BIO_printf(bio_err," -camellia128, -camellia192, -camellia256\n"); + BIO_printf(bio_err," encrypt PEM output with cbc camellia\n"); +#endif +#ifndef OPENSSL_NO_SEED + BIO_printf(bio_err," -seed encrypt PEM output with cbc seed\n"); #endif BIO_printf(bio_err," -text print the key in text\n"); BIO_printf(bio_err," -noout don't print key out\n"); diff --git a/src/lib/libssl/src/apps/dsaparam.c b/src/lib/libssl/src/apps/dsaparam.c index 04861e8986..c301e81af1 100644 --- a/src/lib/libssl/src/apps/dsaparam.c +++ b/src/lib/libssl/src/apps/dsaparam.c @@ -56,6 +56,13 @@ * [including the GNU Public Licence.] */ +#include /* for OPENSSL_NO_DSA */ +/* Until the key-gen callbacks are modified to use newer prototypes, we allow + * deprecated functions for openssl-internal code */ +#ifdef OPENSSL_NO_DEPRECATED +#undef OPENSSL_NO_DEPRECATED +#endif + #ifndef OPENSSL_NO_DSA #include #include @@ -82,9 +89,23 @@ * -C * -noout * -genkey + * #ifdef GENCB_TEST + * -timebomb n - interrupt keygen after seconds + * #endif */ -static void MS_CALLBACK dsa_cb(int p, int n, void *arg); +#ifdef GENCB_TEST + +static int stop_keygen_flag = 0; + +static void timebomb_sigalarm(int foo) + { + stop_keygen_flag = 1; + } + +#endif + +static int MS_CALLBACK dsa_cb(int p, int n, BN_GENCB *cb); int MAIN(int, char **); @@ -103,6 +124,9 @@ int MAIN(int argc, char **argv) #ifndef OPENSSL_NO_ENGINE char *engine=NULL; #endif +#ifdef GENCB_TEST + int timebomb=0; +#endif apps_startup(); @@ -149,6 +173,13 @@ int MAIN(int argc, char **argv) if (--argc < 1) goto bad; engine = *(++argv); } +#endif +#ifdef GENCB_TEST + else if(strcmp(*argv, "-timebomb") == 0) + { + if (--argc < 1) goto bad; + timebomb = atoi(*(++argv)); + } #endif else if (strcmp(*argv,"-text") == 0) text=1; @@ -199,6 +230,9 @@ bad: BIO_printf(bio_err," -rand files to use for random number input\n"); #ifndef OPENSSL_NO_ENGINE BIO_printf(bio_err," -engine e use engine e, possibly a hardware device.\n"); +#endif +#ifdef GENCB_TEST + BIO_printf(bio_err," -timebomb n interrupt keygen after seconds\n"); #endif BIO_printf(bio_err," number number of bits to use for generating private key\n"); goto end; @@ -257,10 +291,47 @@ bad: if (numbits > 0) { + BN_GENCB cb; + BN_GENCB_set(&cb, dsa_cb, bio_err); assert(need_rand); + dsa = DSA_new(); + if(!dsa) + { + BIO_printf(bio_err,"Error allocating DSA object\n"); + goto end; + } BIO_printf(bio_err,"Generating DSA parameters, %d bit long prime\n",num); BIO_printf(bio_err,"This could take some time\n"); - dsa=DSA_generate_parameters(num,NULL,0,NULL,NULL, dsa_cb,bio_err); +#ifdef GENCB_TEST + if(timebomb > 0) + { + struct sigaction act; + act.sa_handler = timebomb_sigalarm; + act.sa_flags = 0; + BIO_printf(bio_err,"(though I'll stop it if not done within %d secs)\n", + timebomb); + if(sigaction(SIGALRM, &act, NULL) != 0) + { + BIO_printf(bio_err,"Error, couldn't set SIGALRM handler\n"); + goto end; + } + alarm(timebomb); + } +#endif + if(!DSA_generate_parameters_ex(dsa,num,NULL,0,NULL,NULL, &cb)) + { +#ifdef GENCB_TEST + if(stop_keygen_flag) + { + BIO_printf(bio_err,"DSA key generation time-stopped\n"); + /* This is an asked-for behaviour! */ + ret = 0; + goto end; + } +#endif + BIO_printf(bio_err,"Error, DSA key generation failed\n"); + goto end; + } } else if (informat == FORMAT_ASN1) dsa=d2i_DSAparams_bio(in,NULL); @@ -385,7 +456,7 @@ end: OPENSSL_EXIT(ret); } -static void MS_CALLBACK dsa_cb(int p, int n, void *arg) +static int MS_CALLBACK dsa_cb(int p, int n, BN_GENCB *cb) { char c='*'; @@ -393,10 +464,15 @@ static void MS_CALLBACK dsa_cb(int p, int n, void *arg) if (p == 1) c='+'; if (p == 2) c='*'; if (p == 3) c='\n'; - BIO_write(arg,&c,1); - (void)BIO_flush(arg); + BIO_write(cb->arg,&c,1); + (void)BIO_flush(cb->arg); #ifdef LINT p=n; #endif +#ifdef GENCB_TEST + if(stop_keygen_flag) + return 0; +#endif + return 1; } #endif diff --git a/src/lib/libssl/src/apps/enc.c b/src/lib/libssl/src/apps/enc.c index 6f3161395e..a41ea800ac 100644 --- a/src/lib/libssl/src/apps/enc.c +++ b/src/lib/libssl/src/apps/enc.c @@ -127,7 +127,6 @@ int MAIN(int argc, char **argv) char *engine = NULL; #endif const EVP_MD *dgst=NULL; - int non_fips_allow = 0; apps_startup(); @@ -262,8 +261,6 @@ int MAIN(int argc, char **argv) if (--argc < 1) goto bad; md= *(++argv); } - else if (strcmp(*argv,"-non-fips-allow") == 0) - non_fips_allow = 1; else if ((argv[0][0] == '-') && ((c=EVP_get_cipherbyname(&(argv[0][1]))) != NULL)) { @@ -317,10 +314,7 @@ bad: if (dgst == NULL) { - if (in_FIPS_mode) - dgst = EVP_sha1(); - else - dgst = EVP_md5(); + dgst = EVP_md5(); } if (bufsize != NULL) @@ -346,7 +340,7 @@ bad: } /* It must be large enough for a base64 encoded line */ - if (n < 80) n=80; + if (base64 && n < 80) n=80; bsize=(int)n; if (verbose) BIO_printf(bio_err,"bufsize=%d\n",bsize); @@ -371,12 +365,16 @@ bad: { BIO_set_callback(in,BIO_debug_callback); BIO_set_callback(out,BIO_debug_callback); - BIO_set_callback_arg(in,bio_err); - BIO_set_callback_arg(out,bio_err); + BIO_set_callback_arg(in,(char *)bio_err); + BIO_set_callback_arg(out,(char *)bio_err); } if (inf == NULL) + { + if (bufsize != NULL) + setvbuf(stdin, (char *)NULL, _IONBF, 0); BIO_set_fp(in,stdin,BIO_NOCLOSE); + } else { if (BIO_read_filename(in,inf) <= 0) @@ -427,6 +425,8 @@ bad: if (outf == NULL) { BIO_set_fp(out,stdout,BIO_NOCLOSE); + if (bufsize != NULL) + setvbuf(stdout, (char *)NULL, _IONBF, 0); #ifdef OPENSSL_SYS_VMS { BIO *tmpbio = BIO_new(BIO_f_linebuffer()); @@ -453,7 +453,7 @@ bad: if (debug) { BIO_set_callback(b64,BIO_debug_callback); - BIO_set_callback_arg(b64,bio_err); + BIO_set_callback_arg(b64,(char *)bio_err); } if (olb64) BIO_set_flags(b64,BIO_FLAGS_BASE64_NO_NL); @@ -552,19 +552,7 @@ bad: if (!EVP_CipherInit_ex(ctx, cipher, NULL, NULL, NULL, enc)) { BIO_printf(bio_err, "Error setting cipher %s\n", - EVP_CIPHER_name(cipher)); - ERR_print_errors(bio_err); - goto end; - } - - if (non_fips_allow) - EVP_CIPHER_CTX_set_flags(ctx, - EVP_CIPH_FLAG_NON_FIPS_ALLOW); - - if (!EVP_CipherInit_ex(ctx, NULL, NULL, key, iv, enc)) - { - BIO_printf(bio_err, "Error setting cipher %s\n", - EVP_CIPHER_name(cipher)); + EVP_CIPHER_name(cipher)); ERR_print_errors(bio_err); goto end; } @@ -575,7 +563,7 @@ bad: if (!EVP_CipherInit_ex(ctx, NULL, NULL, key, iv, enc)) { BIO_printf(bio_err, "Error setting cipher %s\n", - EVP_CIPHER_name(cipher)); + EVP_CIPHER_name(cipher)); ERR_print_errors(bio_err); goto end; } @@ -583,7 +571,7 @@ bad: if (debug) { BIO_set_callback(benc,BIO_debug_callback); - BIO_set_callback_arg(benc,bio_err); + BIO_set_callback_arg(benc,(char *)bio_err); } if (printkey) @@ -591,7 +579,7 @@ bad: if (!nosalt) { printf("salt="); - for (i=0; i - runs command 'cmd' against the ENGINE before any attempts\n", " to load it (if -t is used)\n", " -post - runs command 'cmd' against the ENGINE after loading it\n", @@ -343,8 +344,8 @@ int MAIN(int, char **); int MAIN(int argc, char **argv) { int ret=1,i; - char **pp; - int verbose=0, list_cap=0, test_avail=0; + const char **pp; + int verbose=0, list_cap=0, test_avail=0, test_avail_noise = 0; ENGINE *e; STACK *engines = sk_new_null(); STACK *pre_cmds = sk_new_null(); @@ -382,8 +383,14 @@ int MAIN(int argc, char **argv) } else if (strcmp(*argv,"-c") == 0) list_cap=1; - else if (strcmp(*argv,"-t") == 0) + else if (strncmp(*argv,"-t",2) == 0) + { test_avail=1; + if(strspn(*argv + 1, "t") < strlen(*argv + 1)) + goto skip_arg_loop; + if((test_avail_noise = strlen(*argv + 1) - 1) > 1) + goto skip_arg_loop; + } else if (strcmp(*argv,"-pre") == 0) { argc--; argv++; @@ -502,7 +509,8 @@ skip_digests: else { BIO_printf(bio_out, "[ unavailable ]\n"); - ERR_print_errors_fp(stdout); + if(test_avail_noise) + ERR_print_errors_fp(stdout); ERR_clear_error(); } } @@ -516,6 +524,7 @@ skip_digests: ret=0; end: + ERR_print_errors(bio_err); sk_pop_free(engines, identity); sk_pop_free(pre_cmds, identity); diff --git a/src/lib/libssl/src/apps/gendh.c b/src/lib/libssl/src/apps/gendh.c index a34a862caf..47497864b0 100644 --- a/src/lib/libssl/src/apps/gendh.c +++ b/src/lib/libssl/src/apps/gendh.c @@ -57,6 +57,13 @@ * [including the GNU Public Licence.] */ +#include +/* Until the key-gen callbacks are modified to use newer prototypes, we allow + * deprecated functions for openssl-internal code */ +#ifdef OPENSSL_NO_DEPRECATED +#undef OPENSSL_NO_DEPRECATED +#endif + #ifndef OPENSSL_NO_DH #include #include @@ -75,12 +82,13 @@ #undef PROG #define PROG gendh_main -static void MS_CALLBACK dh_cb(int p, int n, void *arg); +static int MS_CALLBACK dh_cb(int p, int n, BN_GENCB *cb); int MAIN(int, char **); int MAIN(int argc, char **argv) { + BN_GENCB cb; #ifndef OPENSSL_NO_ENGINE ENGINE *e = NULL; #endif @@ -96,6 +104,7 @@ int MAIN(int argc, char **argv) apps_startup(); + BN_GENCB_set(&cb, dh_cb, bio_err); if (bio_err == NULL) if ((bio_err=BIO_new(BIO_s_file())) != NULL) BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT); @@ -193,10 +202,10 @@ bad: BIO_printf(bio_err,"Generating DH parameters, %d bit long safe prime, generator %d\n",num,g); BIO_printf(bio_err,"This is going to take a long time\n"); - dh=DH_generate_parameters(num,g,dh_cb,bio_err); - - if (dh == NULL) goto end; + if(((dh = DH_new()) == NULL) || !DH_generate_parameters_ex(dh, num, g, &cb)) + goto end; + app_RAND_write_file(NULL, bio_err); if (!PEM_write_bio_DHparams(out,dh)) @@ -211,7 +220,7 @@ end: OPENSSL_EXIT(ret); } -static void MS_CALLBACK dh_cb(int p, int n, void *arg) +static int MS_CALLBACK dh_cb(int p, int n, BN_GENCB *cb) { char c='*'; @@ -219,10 +228,11 @@ static void MS_CALLBACK dh_cb(int p, int n, void *arg) if (p == 1) c='+'; if (p == 2) c='*'; if (p == 3) c='\n'; - BIO_write((BIO *)arg,&c,1); - (void)BIO_flush((BIO *)arg); + BIO_write(cb->arg,&c,1); + (void)BIO_flush(cb->arg); #ifdef LINT p=n; #endif + return 1; } #endif diff --git a/src/lib/libssl/src/apps/gendsa.c b/src/lib/libssl/src/apps/gendsa.c index 6d2ed06c81..8a296c66e5 100644 --- a/src/lib/libssl/src/apps/gendsa.c +++ b/src/lib/libssl/src/apps/gendsa.c @@ -56,6 +56,7 @@ * [including the GNU Public Licence.] */ +#include /* for OPENSSL_NO_DSA */ #ifndef OPENSSL_NO_DSA #include #include @@ -139,6 +140,10 @@ int MAIN(int argc, char **argv) else if (strcmp(*argv,"-idea") == 0) enc=EVP_idea_cbc(); #endif +#ifndef OPENSSL_NO_SEED + else if (strcmp(*argv,"-seed") == 0) + enc=EVP_seed_cbc(); +#endif #ifndef OPENSSL_NO_AES else if (strcmp(*argv,"-aes128") == 0) enc=EVP_aes_128_cbc(); @@ -146,6 +151,14 @@ int MAIN(int argc, char **argv) enc=EVP_aes_192_cbc(); else if (strcmp(*argv,"-aes256") == 0) enc=EVP_aes_256_cbc(); +#endif +#ifndef OPENSSL_NO_CAMELLIA + else if (strcmp(*argv,"-camellia128") == 0) + enc=EVP_camellia_128_cbc(); + else if (strcmp(*argv,"-camellia192") == 0) + enc=EVP_camellia_192_cbc(); + else if (strcmp(*argv,"-camellia256") == 0) + enc=EVP_camellia_256_cbc(); #endif else if (**argv != '-' && dsaparams == NULL) { @@ -169,10 +182,18 @@ bad: #ifndef OPENSSL_NO_IDEA BIO_printf(bio_err," -idea - encrypt the generated key with IDEA in cbc mode\n"); #endif +#ifndef OPENSSL_NO_SEED + BIO_printf(bio_err," -seed\n"); + BIO_printf(bio_err," encrypt PEM output with cbc seed\n"); +#endif #ifndef OPENSSL_NO_AES BIO_printf(bio_err," -aes128, -aes192, -aes256\n"); BIO_printf(bio_err," encrypt PEM output with cbc aes\n"); #endif +#ifndef OPENSSL_NO_CAMELLIA + BIO_printf(bio_err," -camellia128, -camellia192, -camellia256\n"); + BIO_printf(bio_err," encrypt PEM output with cbc camellia\n"); +#endif #ifndef OPENSSL_NO_ENGINE BIO_printf(bio_err," -engine e - use engine e, possibly a hardware device.\n"); #endif diff --git a/src/lib/libssl/src/apps/genrsa.c b/src/lib/libssl/src/apps/genrsa.c index 7dbd0923b6..1599bb7a69 100644 --- a/src/lib/libssl/src/apps/genrsa.c +++ b/src/lib/libssl/src/apps/genrsa.c @@ -56,6 +56,13 @@ * [including the GNU Public Licence.] */ +#include +/* Until the key-gen callbacks are modified to use newer prototypes, we allow + * deprecated functions for openssl-internal code */ +#ifdef OPENSSL_NO_DEPRECATED +#undef OPENSSL_NO_DEPRECATED +#endif + #ifndef OPENSSL_NO_RSA #include #include @@ -75,22 +82,19 @@ #undef PROG #define PROG genrsa_main -static void MS_CALLBACK genrsa_cb(int p, int n, void *arg); +static int MS_CALLBACK genrsa_cb(int p, int n, BN_GENCB *cb); int MAIN(int, char **); int MAIN(int argc, char **argv) { + BN_GENCB cb; #ifndef OPENSSL_NO_ENGINE ENGINE *e = NULL; #endif int ret=1; - RSA *rsa=NULL; int i,num=DEFBITS; long l; -#ifdef OPENSSL_FIPS - int use_x931 = 0; -#endif const EVP_CIPHER *enc=NULL; unsigned long f4=RSA_F4; char *outfile=NULL; @@ -100,8 +104,13 @@ int MAIN(int argc, char **argv) #endif char *inrand=NULL; BIO *out=NULL; + BIGNUM *bn = BN_new(); + RSA *rsa = RSA_new(); + + if(!bn || !rsa) goto err; apps_startup(); + BN_GENCB_set(&cb, genrsa_cb, bio_err); if (bio_err == NULL) if ((bio_err=BIO_new(BIO_s_file())) != NULL) @@ -129,10 +138,6 @@ int MAIN(int argc, char **argv) f4=3; else if (strcmp(*argv,"-F4") == 0 || strcmp(*argv,"-f4") == 0) f4=RSA_F4; -#ifdef OPENSSL_FIPS - else if (strcmp(*argv,"-x931") == 0) - use_x931 = 1; -#endif #ifndef OPENSSL_NO_ENGINE else if (strcmp(*argv,"-engine") == 0) { @@ -155,6 +160,10 @@ int MAIN(int argc, char **argv) else if (strcmp(*argv,"-idea") == 0) enc=EVP_idea_cbc(); #endif +#ifndef OPENSSL_NO_SEED + else if (strcmp(*argv,"-seed") == 0) + enc=EVP_seed_cbc(); +#endif #ifndef OPENSSL_NO_AES else if (strcmp(*argv,"-aes128") == 0) enc=EVP_aes_128_cbc(); @@ -162,6 +171,14 @@ int MAIN(int argc, char **argv) enc=EVP_aes_192_cbc(); else if (strcmp(*argv,"-aes256") == 0) enc=EVP_aes_256_cbc(); +#endif +#ifndef OPENSSL_NO_CAMELLIA + else if (strcmp(*argv,"-camellia128") == 0) + enc=EVP_camellia_128_cbc(); + else if (strcmp(*argv,"-camellia192") == 0) + enc=EVP_camellia_192_cbc(); + else if (strcmp(*argv,"-camellia256") == 0) + enc=EVP_camellia_256_cbc(); #endif else if (strcmp(*argv,"-passout") == 0) { @@ -182,9 +199,17 @@ bad: #ifndef OPENSSL_NO_IDEA BIO_printf(bio_err," -idea encrypt the generated key with IDEA in cbc mode\n"); #endif +#ifndef OPENSSL_NO_SEED + BIO_printf(bio_err," -seed\n"); + BIO_printf(bio_err," encrypt PEM output with cbc seed\n"); +#endif #ifndef OPENSSL_NO_AES BIO_printf(bio_err," -aes128, -aes192, -aes256\n"); BIO_printf(bio_err," encrypt PEM output with cbc aes\n"); +#endif +#ifndef OPENSSL_NO_CAMELLIA + BIO_printf(bio_err," -camellia128, -camellia192, -camellia256\n"); + BIO_printf(bio_err," encrypt PEM output with cbc camellia\n"); #endif BIO_printf(bio_err," -out file output the key to 'file\n"); BIO_printf(bio_err," -passout arg output file pass phrase source\n"); @@ -240,28 +265,12 @@ bad: BIO_printf(bio_err,"Generating RSA private key, %d bit long modulus\n", num); -#ifdef OPENSSL_FIPS - if (use_x931) - { - BIGNUM *pubexp; - pubexp = BN_new(); - BN_set_word(pubexp, f4); - rsa = RSA_X931_generate_key(num, pubexp, genrsa_cb, bio_err); - BN_free(pubexp); - } - else -#endif - rsa=RSA_generate_key(num,f4,genrsa_cb,bio_err); + + if(!BN_set_word(bn, f4) || !RSA_generate_key_ex(rsa, num, bn, &cb)) + goto err; app_RAND_write_file(NULL, bio_err); - if (rsa == NULL) - { - BIO_printf(bio_err, "Key Generation error\n"); - - goto err; - } - /* We need to do the following for when the base number size is < * long, esp windows 3.1 :-(. */ l=0L; @@ -285,8 +294,9 @@ bad: ret=0; err: - if (rsa != NULL) RSA_free(rsa); - if (out != NULL) BIO_free_all(out); + if (bn) BN_free(bn); + if (rsa) RSA_free(rsa); + if (out) BIO_free_all(out); if(passout) OPENSSL_free(passout); if (ret != 0) ERR_print_errors(bio_err); @@ -294,7 +304,7 @@ err: OPENSSL_EXIT(ret); } -static void MS_CALLBACK genrsa_cb(int p, int n, void *arg) +static int MS_CALLBACK genrsa_cb(int p, int n, BN_GENCB *cb) { char c='*'; @@ -302,11 +312,12 @@ static void MS_CALLBACK genrsa_cb(int p, int n, void *arg) if (p == 1) c='+'; if (p == 2) c='*'; if (p == 3) c='\n'; - BIO_write((BIO *)arg,&c,1); - (void)BIO_flush((BIO *)arg); + BIO_write(cb->arg,&c,1); + (void)BIO_flush(cb->arg); #ifdef LINT p=n; #endif + return 1; } #else /* !OPENSSL_NO_RSA */ diff --git a/src/lib/libssl/src/apps/makeapps.com b/src/lib/libssl/src/apps/makeapps.com index 7b5ff90c62..826ab5bec6 100644 --- a/src/lib/libssl/src/apps/makeapps.com +++ b/src/lib/libssl/src/apps/makeapps.com @@ -139,30 +139,13 @@ $! Define The Application Files. $! $ LIB_FILES = "VERIFY;ASN1PARS;REQ;DGST;DH;DHPARAM;ENC;PASSWD;GENDH;ERRSTR;"+- "CA;PKCS7;CRL2P7;CRL;"+- - "RSA;RSAUTL;DSA;DSAPARAM;"+- + "RSA;RSAUTL;DSA;DSAPARAM;EC;ECPARAM;"+- "X509;GENRSA;GENDSA;S_SERVER;S_CLIENT;SPEED;"+- "S_TIME;APPS;S_CB;S_SOCKET;APP_RAND;VERSION;SESS_ID;"+- - "CIPHERS;NSEQ;PKCS12;PKCS8;SPKAC;SMIME;RAND;ENGINE;OCSP;PRIME" -$ APP_FILES := OPENSSL,'OBJ_DIR'VERIFY.OBJ,ASN1PARS.OBJ,REQ.OBJ,DGST.OBJ,DH.OBJ,DHPARAM.OBJ,ENC.OBJ,PASSWD.OBJ,GENDH.OBJ,ERRSTR.OBJ,- - CA.OBJ,PKCS7.OBJ,CRL2P7.OBJ,CRL.OBJ,- - RSA.OBJ,RSAUTL.OBJ,DSA.OBJ,DSAPARAM.OBJ,- - X509.OBJ,GENRSA.OBJ,GENDSA.OBJ,S_SERVER.OBJ,S_CLIENT.OBJ,SPEED.OBJ,- - S_TIME.OBJ,APPS.OBJ,S_CB.OBJ,S_SOCKET.OBJ,APP_RAND.OBJ,VERSION.OBJ,SESS_ID.OBJ,- - CIPHERS.OBJ,NSEQ.OBJ,PKCS12.OBJ,PKCS8.OBJ,SPKAC.OBJ,SMIME.OBJ,RAND.OBJ,ENGINE.OBJ,OCSP.OBJ,PRIME.OBJ + "CIPHERS;NSEQ;PKCS12;PKCS8;SPKAC;SMIME;CMS;RAND;ENGINE;OCSP;PRIME" $ TCPIP_PROGRAMS = ",," $ IF COMPILER .EQS. "VAXC" THEN - TCPIP_PROGRAMS = ",OPENSSL," -$!$ APP_FILES := VERIFY;ASN1PARS;REQ;DGST;DH;ENC;GENDH;ERRSTR;CA;- -$! PKCS7;CRL2P7;CRL;- -$! RSA;DSA;DSAPARAM;- -$! X509;GENRSA;GENDSA;- -$! S_SERVER,'OBJ_DIR'S_SOCKET.OBJ,'OBJ_DIR'S_CB.OBJ;- -$! S_CLIENT,'OBJ_DIR'S_SOCKET.OBJ,'OBJ_DIR'S_CB.OBJ;- -$! SPEED;- -$! S_TIME,'OBJ_DIR'S_CB.OBJ;VERSION;SESS_ID;CIPHERS;NSEQ -$!$ TCPIP_PROGRAMS = ",," -$!$ IF COMPILER .EQS. "VAXC" THEN - -$! TCPIP_PROGRAMS = ",S_SERVER,S_CLIENT,SESS_ID,CIPHERS,S_TIME," $! $! Setup exceptional compilations $! diff --git a/src/lib/libssl/src/apps/ocsp.c b/src/lib/libssl/src/apps/ocsp.c index 856b797b53..1001f3b25d 100644 --- a/src/lib/libssl/src/apps/ocsp.c +++ b/src/lib/libssl/src/apps/ocsp.c @@ -56,14 +56,14 @@ * */ #ifndef OPENSSL_NO_OCSP - +#define USE_SOCKETS #include +#include #include -#include "apps.h" -#include -#include -#include +#include "apps.h" /* needs to be included before the openssl headers! */ +#include #include +#include /* Maximum leeway in validity period: default 5 minutes */ #define MAX_VALIDITY_PERIOD (5 * 60) @@ -85,6 +85,8 @@ static char **lookup_serial(CA_DB *db, ASN1_INTEGER *ser); static BIO *init_responder(char *port); static int do_responder(OCSP_REQUEST **preq, BIO **pcbio, BIO *acbio, char *port); static int send_ocsp_response(BIO *cbio, OCSP_RESPONSE *resp); +static OCSP_RESPONSE *query_responder(BIO *err, BIO *cbio, char *path, + OCSP_REQUEST *req, int req_timeout); #undef PROG #define PROG ocsp_main @@ -111,11 +113,11 @@ int MAIN(int argc, char **argv) BIO *acbio = NULL, *cbio = NULL; BIO *derbio = NULL; BIO *out = NULL; + int req_timeout = -1; int req_text = 0, resp_text = 0; long nsec = MAX_VALIDITY_PERIOD, maxage = -1; char *CAfile = NULL, *CApath = NULL; X509_STORE *store = NULL; - SSL_CTX *ctx = NULL; STACK_OF(X509) *sign_other = NULL, *verify_other = NULL, *rother = NULL; char *sign_certfile = NULL, *verify_certfile = NULL, *rcertfile = NULL; unsigned long sign_flags = 0, verify_flags = 0, rflags = 0; @@ -138,6 +140,7 @@ int MAIN(int argc, char **argv) if (!load_config(bio_err, NULL)) goto end; SSL_load_error_strings(); + OpenSSL_add_ssl_algorithms(); args = argv + 1; reqnames = sk_new_null(); ids = sk_OCSP_CERTID_new_null(); @@ -152,6 +155,22 @@ int MAIN(int argc, char **argv) } else badarg = 1; } + else if (!strcmp(*args, "-timeout")) + { + if (args[1]) + { + args++; + req_timeout = atol(*args); + if (req_timeout < 0) + { + BIO_printf(bio_err, + "Illegal timeout value %s\n", + *args); + badarg = 1; + } + } + else badarg = 1; + } else if (!strcmp(*args, "-url")) { if (args[1]) @@ -701,47 +720,14 @@ int MAIN(int argc, char **argv) else if (host) { #ifndef OPENSSL_NO_SOCK - cbio = BIO_new_connect(host); + resp = process_responder(bio_err, req, host, path, + port, use_ssl, req_timeout); + if (!resp) + goto end; #else BIO_printf(bio_err, "Error creating connect BIO - sockets not supported.\n"); goto end; #endif - if (!cbio) - { - BIO_printf(bio_err, "Error creating connect BIO\n"); - goto end; - } - if (port) BIO_set_conn_port(cbio, port); - if (use_ssl == 1) - { - BIO *sbio; -#if !defined(OPENSSL_NO_SSL2) && !defined(OPENSSL_NO_SSL3) - ctx = SSL_CTX_new(SSLv23_client_method()); -#elif !defined(OPENSSL_NO_SSL3) - ctx = SSL_CTX_new(SSLv3_client_method()); -#elif !defined(OPENSSL_NO_SSL2) - ctx = SSL_CTX_new(SSLv2_client_method()); -#else - BIO_printf(bio_err, "SSL is disabled\n"); - goto end; -#endif - SSL_CTX_set_mode(ctx, SSL_MODE_AUTO_RETRY); - sbio = BIO_new_ssl(ctx, 1); - cbio = BIO_push(sbio, cbio); - } - if (BIO_do_connect(cbio) <= 0) - { - BIO_printf(bio_err, "Error connecting BIO\n"); - goto end; - } - resp = OCSP_sendreq_bio(cbio, path, req); - BIO_free_all(cbio); - cbio = NULL; - if (!resp) - { - BIO_printf(bio_err, "Error querying OCSP responsder\n"); - goto end; - } } else if (respin) { @@ -784,7 +770,7 @@ int MAIN(int argc, char **argv) if (i != OCSP_RESPONSE_STATUS_SUCCESSFUL) { - BIO_printf(out, "Responder Error: %s (%ld)\n", + BIO_printf(out, "Responder Error: %s (%d)\n", OCSP_response_status_str(i), i); if (ignore_err) goto redo_accept; @@ -850,7 +836,7 @@ int MAIN(int argc, char **argv) if(i <= 0) { - BIO_printf(bio_err, "Response Verify Failure\n", i); + BIO_printf(bio_err, "Response Verify Failure\n"); ERR_print_errors(bio_err); } else @@ -890,7 +876,6 @@ end: OPENSSL_free(host); OPENSSL_free(port); OPENSSL_free(path); - SSL_CTX_free(ctx); } OPENSSL_EXIT(ret); @@ -1114,6 +1099,7 @@ static char **lookup_serial(CA_DB *db, ASN1_INTEGER *ser) char *itmp, *row[DB_NUMBER],**rrow; for (i = 0; i < DB_NUMBER; i++) row[i] = NULL; bn = ASN1_INTEGER_to_BN(ser,NULL); + OPENSSL_assert(bn); /* FIXME: should report an error at this point and abort */ if (BN_is_zero(bn)) itmp = BUF_strdup("00"); else @@ -1220,8 +1206,141 @@ static int send_ocsp_response(BIO *cbio, OCSP_RESPONSE *resp) return 0; BIO_printf(cbio, http_resp, i2d_OCSP_RESPONSE(resp, NULL)); i2d_OCSP_RESPONSE_bio(cbio, resp); - BIO_flush(cbio); + (void)BIO_flush(cbio); return 1; } +static OCSP_RESPONSE *query_responder(BIO *err, BIO *cbio, char *path, + OCSP_REQUEST *req, int req_timeout) + { + int fd; + int rv; + OCSP_REQ_CTX *ctx = NULL; + OCSP_RESPONSE *rsp = NULL; + fd_set confds; + struct timeval tv; + + if (req_timeout != -1) + BIO_set_nbio(cbio, 1); + + rv = BIO_do_connect(cbio); + + if ((rv <= 0) && ((req_timeout == -1) || !BIO_should_retry(cbio))) + { + BIO_puts(err, "Error connecting BIO\n"); + return NULL; + } + + if (req_timeout == -1) + return OCSP_sendreq_bio(cbio, path, req); + + if (BIO_get_fd(cbio, &fd) <= 0) + { + BIO_puts(err, "Can't get connection fd\n"); + goto err; + } + + if (rv <= 0) + { + FD_ZERO(&confds); + openssl_fdset(fd, &confds); + tv.tv_usec = 0; + tv.tv_sec = req_timeout; + rv = select(fd + 1, NULL, (void *)&confds, NULL, &tv); + if (rv == 0) + { + BIO_puts(err, "Timeout on connect\n"); + return NULL; + } + } + + + ctx = OCSP_sendreq_new(cbio, path, req, -1); + if (!ctx) + return NULL; + + for (;;) + { + rv = OCSP_sendreq_nbio(&rsp, ctx); + if (rv != -1) + break; + FD_ZERO(&confds); + openssl_fdset(fd, &confds); + tv.tv_usec = 0; + tv.tv_sec = req_timeout; + if (BIO_should_read(cbio)) + rv = select(fd + 1, (void *)&confds, NULL, NULL, &tv); + else if (BIO_should_write(cbio)) + rv = select(fd + 1, NULL, (void *)&confds, NULL, &tv); + else + { + BIO_puts(err, "Unexpected retry condition\n"); + goto err; + } + if (rv == 0) + { + BIO_puts(err, "Timeout on request\n"); + break; + } + if (rv == -1) + { + BIO_puts(err, "Select error\n"); + break; + } + + } + err: + if (ctx) + OCSP_REQ_CTX_free(ctx); + + return rsp; + } + +OCSP_RESPONSE *process_responder(BIO *err, OCSP_REQUEST *req, + char *host, char *path, char *port, int use_ssl, + int req_timeout) + { + BIO *cbio = NULL; + SSL_CTX *ctx = NULL; + OCSP_RESPONSE *resp = NULL; + cbio = BIO_new_connect(host); + if (!cbio) + { + BIO_printf(err, "Error creating connect BIO\n"); + goto end; + } + if (port) BIO_set_conn_port(cbio, port); + if (use_ssl == 1) + { + BIO *sbio; +#if !defined(OPENSSL_NO_SSL2) && !defined(OPENSSL_NO_SSL3) + ctx = SSL_CTX_new(SSLv23_client_method()); +#elif !defined(OPENSSL_NO_SSL3) + ctx = SSL_CTX_new(SSLv3_client_method()); +#elif !defined(OPENSSL_NO_SSL2) + ctx = SSL_CTX_new(SSLv2_client_method()); +#else + BIO_printf(err, "SSL is disabled\n"); + goto end; +#endif + if (ctx == NULL) + { + BIO_printf(err, "Error creating SSL context.\n"); + goto end; + } + SSL_CTX_set_mode(ctx, SSL_MODE_AUTO_RETRY); + sbio = BIO_new_ssl(ctx, 1); + cbio = BIO_push(sbio, cbio); + } + resp = query_responder(err, cbio, path, req, req_timeout); + if (!resp) + BIO_printf(bio_err, "Error querying OCSP responsder\n"); + end: + if (ctx) + SSL_CTX_free(ctx); + if (cbio) + BIO_free_all(cbio); + return resp; + } + #endif diff --git a/src/lib/libssl/src/apps/openssl-vms.cnf b/src/lib/libssl/src/apps/openssl-vms.cnf index 878467ce98..fae82b0d53 100644 --- a/src/lib/libssl/src/apps/openssl-vms.cnf +++ b/src/lib/libssl/src/apps/openssl-vms.cnf @@ -44,8 +44,8 @@ new_certs_dir = $dir.newcerts] # default place for new certs. certificate = $dir]cacert.pem # The CA certificate serial = $dir]serial. # The current serial number -#crlnumber = $dir]crlnumber. # the current crl number must be - # commented out to leave a V1 CRL +crlnumber = $dir]crlnumber. # the current crl number + # must be commented out to leave a V1 CRL crl = $dir]crl.pem # The current CRL private_key = $dir.private]cakey.pem# The private key RANDFILE = $dir.private].rand # private random number file @@ -67,7 +67,7 @@ cert_opt = ca_default # Certificate field options default_days = 365 # how long to certify for default_crl_days= 30 # how long before next CRL -default_md = md5 # which md to use. +default_md = sha1 # which md to use. preserve = no # keep passed DN ordering # A few difference way of specifying how similar the request should look @@ -188,7 +188,7 @@ nsComment = "OpenSSL Generated Certificate" # PKIX recommendations harmless if included in all certificates. subjectKeyIdentifier=hash -authorityKeyIdentifier=keyid,issuer:always +authorityKeyIdentifier=keyid,issuer # This stuff is for subjectAltName and issuerAltname. # Import the email address. diff --git a/src/lib/libssl/src/apps/openssl.c b/src/lib/libssl/src/apps/openssl.c index cb6ee740e7..47aee5b712 100644 --- a/src/lib/libssl/src/apps/openssl.c +++ b/src/lib/libssl/src/apps/openssl.c @@ -56,7 +56,7 @@ * [including the GNU Public Licence.] */ /* ==================================================================== - * Copyright (c) 1998-2001 The OpenSSL Project. All rights reserved. + * Copyright (c) 1998-2006 The OpenSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -129,7 +129,6 @@ #include "progs.h" #include "s_apps.h" #include -#include /* The LHASH callbacks ("hash" & "cmp") have been replaced by functions with the * base prototypes (we cast each variable inside the function to the required @@ -148,7 +147,6 @@ char *default_config_file=NULL; #ifdef MONOLITH CONF *config=NULL; BIO *bio_err=NULL; -int in_FIPS_mode=0; #endif @@ -222,29 +220,18 @@ int main(int Argc, char *Argv[]) #define PROG_NAME_SIZE 39 char pname[PROG_NAME_SIZE+1]; FUNCTION f,*fp; - MS_STATIC char *prompt,buf[1024]; + MS_STATIC const char *prompt; + MS_STATIC char buf[1024]; char *to_free=NULL; int n,i,ret=0; int argc; char **argv,*p; LHASH *prog=NULL; long errline; - + arg.data=NULL; arg.count=0; - in_FIPS_mode = 0; - -#ifdef OPENSSL_FIPS - if(getenv("OPENSSL_FIPS")) { - if (!FIPS_mode_set(1)) { - ERR_load_crypto_strings(); - ERR_print_errors(BIO_new_fp(stderr,BIO_NOCLOSE)); - EXIT(1); - } - in_FIPS_mode = 1; - } -#endif if (bio_err == NULL) if ((bio_err=BIO_new(BIO_s_file())) != NULL) BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT); @@ -458,7 +445,11 @@ static int do_cmd(LHASH *prog, int argc, char *argv[]) for (fp=functions; fp->name != NULL; fp++) { nl=0; +#ifdef OPENSSL_NO_CAMELLIA if (((i++) % 5) == 0) +#else + if (((i++) % 4) == 0) +#endif { BIO_printf(bio_err,"\n"); nl=1; @@ -479,7 +470,11 @@ static int do_cmd(LHASH *prog, int argc, char *argv[]) BIO_printf(bio_err,"\nCipher commands (see the `enc' command for more details)\n"); } } +#ifdef OPENSSL_NO_CAMELLIA BIO_printf(bio_err,"%-15s",fp->name); +#else + BIO_printf(bio_err,"%-18s",fp->name); +#endif } BIO_printf(bio_err,"\n\n"); ret=0; @@ -502,7 +497,7 @@ static LHASH *prog_init(void) { LHASH *ret; FUNCTION *f; - int i; + size_t i; /* Purely so it looks nice when the user hits ? */ for(i=0,f=functions ; f->name != NULL ; ++f,++i) @@ -520,12 +515,12 @@ static LHASH *prog_init(void) /* static int MS_CALLBACK cmp(FUNCTION *a, FUNCTION *b) */ static int MS_CALLBACK cmp(const void *a_void, const void *b_void) { - return(strncmp(((FUNCTION *)a_void)->name, - ((FUNCTION *)b_void)->name,8)); + return(strncmp(((const FUNCTION *)a_void)->name, + ((const FUNCTION *)b_void)->name,8)); } /* static unsigned long MS_CALLBACK hash(FUNCTION *a) */ static unsigned long MS_CALLBACK hash(const void *a_void) { - return(lh_strhash(((FUNCTION *)a_void)->name)); + return(lh_strhash(((const FUNCTION *)a_void)->name)); } diff --git a/src/lib/libssl/src/apps/openssl.cnf b/src/lib/libssl/src/apps/openssl.cnf index 4c1d595b0a..9e59020c17 100644 --- a/src/lib/libssl/src/apps/openssl.cnf +++ b/src/lib/libssl/src/apps/openssl.cnf @@ -44,8 +44,8 @@ new_certs_dir = $dir/newcerts # default place for new certs. certificate = $dir/cacert.pem # The CA certificate serial = $dir/serial # The current serial number -#crlnumber = $dir/crlnumber # the current crl number must be - # commented out to leave a V1 CRL +crlnumber = $dir/crlnumber # the current crl number + # must be commented out to leave a V1 CRL crl = $dir/crl.pem # The current CRL private_key = $dir/private/cakey.pem# The private key RANDFILE = $dir/private/.rand # private random number file @@ -67,7 +67,7 @@ cert_opt = ca_default # Certificate field options default_days = 365 # how long to certify for default_crl_days= 30 # how long before next CRL -default_md = md5 # which md to use. +default_md = sha1 # which md to use. preserve = no # keep passed DN ordering # A few difference way of specifying how similar the request should look @@ -188,7 +188,7 @@ nsComment = "OpenSSL Generated Certificate" # PKIX recommendations harmless if included in all certificates. subjectKeyIdentifier=hash -authorityKeyIdentifier=keyid,issuer:always +authorityKeyIdentifier=keyid,issuer # This stuff is for subjectAltName and issuerAltname. # Import the email address. diff --git a/src/lib/libssl/src/apps/passwd.c b/src/lib/libssl/src/apps/passwd.c index 3ad91d89d6..9ca25dd1da 100644 --- a/src/lib/libssl/src/apps/passwd.c +++ b/src/lib/libssl/src/apps/passwd.c @@ -312,7 +312,8 @@ static char *md5crypt(const char *passwd, const char *magic, const char *salt) static char out_buf[6 + 9 + 24 + 2]; /* "$apr1$..salt..$.......md5hash..........\0" */ unsigned char buf[MD5_DIGEST_LENGTH]; char *salt_out; - int n, i; + int n; + unsigned int i; EVP_MD_CTX md,md2; size_t passwd_len, salt_len; @@ -358,13 +359,13 @@ static char *md5crypt(const char *passwd, const char *magic, const char *salt) for (i = 0; i < 1000; i++) { EVP_DigestInit_ex(&md2,EVP_md5(), NULL); - EVP_DigestUpdate(&md2, (i & 1) ? (unsigned char *) passwd : buf, + EVP_DigestUpdate(&md2, (i & 1) ? (unsigned const char *) passwd : buf, (i & 1) ? passwd_len : sizeof buf); if (i % 3) EVP_DigestUpdate(&md2, salt_out, salt_len); if (i % 7) EVP_DigestUpdate(&md2, passwd, passwd_len); - EVP_DigestUpdate(&md2, (i & 1) ? buf : (unsigned char *) passwd, + EVP_DigestUpdate(&md2, (i & 1) ? buf : (unsigned const char *) passwd, (i & 1) ? sizeof buf : passwd_len); EVP_DigestFinal_ex(&md2, buf, NULL); } @@ -473,7 +474,8 @@ static int do_passwd(int passed_salt, char **salt_p, char **salt_malloc_p, if ((strlen(passwd) > pw_maxlen)) { if (!quiet) - BIO_printf(bio_err, "Warning: truncating password to %u characters\n", pw_maxlen); + /* XXX: really we should know how to print a size_t, not cast it */ + BIO_printf(bio_err, "Warning: truncating password to %u characters\n", (unsigned)pw_maxlen); passwd[pw_maxlen] = 0; } assert(strlen(passwd) <= pw_maxlen); diff --git a/src/lib/libssl/src/apps/pkcs12.c b/src/lib/libssl/src/apps/pkcs12.c index c961e6b57b..7c71b1a88f 100644 --- a/src/lib/libssl/src/apps/pkcs12.c +++ b/src/lib/libssl/src/apps/pkcs12.c @@ -1,11 +1,9 @@ /* pkcs12.c */ -#if !defined(OPENSSL_NO_DES) && !defined(OPENSSL_NO_SHA1) - /* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL - * project 1999. + * project. */ /* ==================================================================== - * Copyright (c) 1999 The OpenSSL Project. All rights reserved. + * Copyright (c) 1999-2006 The OpenSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -58,6 +56,9 @@ * */ +#include +#if !defined(OPENSSL_NO_DES) && !defined(OPENSSL_NO_SHA1) + #include #include #include @@ -83,7 +84,7 @@ int dump_certs_keys_p12(BIO *out, PKCS12 *p12, char *pass, int passlen, int opti int dump_certs_pkeys_bags(BIO *out, STACK_OF(PKCS12_SAFEBAG) *bags, char *pass, int passlen, int options, char *pempass); int dump_certs_pkeys_bag(BIO *out, PKCS12_SAFEBAG *bags, char *pass, int passlen, int options, char *pempass); -int print_attribs(BIO *out, STACK_OF(X509_ATTRIBUTE) *attrlst, char *name); +int print_attribs(BIO *out, STACK_OF(X509_ATTRIBUTE) *attrlst,const char *name); void hex_prin(BIO *out, unsigned char *buf, int len); int alg_print(BIO *x, X509_ALGOR *alg); int cert_load(BIO *in, STACK_OF(X509) *sk); @@ -109,7 +110,7 @@ int MAIN(int argc, char **argv) int maciter = PKCS12_DEFAULT_ITER; int twopass = 0; int keytype = 0; - int cert_pbe; + int cert_pbe = NID_pbe_WithSHA1And40BitRC2_CBC; int key_pbe = NID_pbe_WithSHA1And3_Key_TripleDES_CBC; int ret = 1; int macver = 1; @@ -126,13 +127,6 @@ int MAIN(int argc, char **argv) apps_startup(); -#ifdef OPENSSL_FIPS - if (FIPS_mode()) - cert_pbe = NID_pbe_WithSHA1And3_Key_TripleDES_CBC; - else -#endif - cert_pbe = NID_pbe_WithSHA1And40BitRC2_CBC; - enc = EVP_des_ede3_cbc(); if (bio_err == NULL ) bio_err = BIO_new_fp (stderr, BIO_NOCLOSE); @@ -159,25 +153,38 @@ int MAIN(int argc, char **argv) cert_pbe = NID_pbe_WithSHA1And3_Key_TripleDES_CBC; else if (!strcmp (*args, "-export")) export_cert = 1; else if (!strcmp (*args, "-des")) enc=EVP_des_cbc(); + else if (!strcmp (*args, "-des3")) enc = EVP_des_ede3_cbc(); #ifndef OPENSSL_NO_IDEA else if (!strcmp (*args, "-idea")) enc=EVP_idea_cbc(); #endif - else if (!strcmp (*args, "-des3")) enc = EVP_des_ede3_cbc(); +#ifndef OPENSSL_NO_SEED + else if (!strcmp(*args, "-seed")) enc=EVP_seed_cbc(); +#endif #ifndef OPENSSL_NO_AES else if (!strcmp(*args,"-aes128")) enc=EVP_aes_128_cbc(); else if (!strcmp(*args,"-aes192")) enc=EVP_aes_192_cbc(); else if (!strcmp(*args,"-aes256")) enc=EVP_aes_256_cbc(); +#endif +#ifndef OPENSSL_NO_CAMELLIA + else if (!strcmp(*args,"-camellia128")) enc=EVP_camellia_128_cbc(); + else if (!strcmp(*args,"-camellia192")) enc=EVP_camellia_192_cbc(); + else if (!strcmp(*args,"-camellia256")) enc=EVP_camellia_256_cbc(); #endif else if (!strcmp (*args, "-noiter")) iter = 1; else if (!strcmp (*args, "-maciter")) maciter = PKCS12_DEFAULT_ITER; else if (!strcmp (*args, "-nomaciter")) maciter = 1; + else if (!strcmp (*args, "-nomac")) + maciter = -1; else if (!strcmp (*args, "-nodes")) enc=NULL; else if (!strcmp (*args, "-certpbe")) { if (args[1]) { args++; - cert_pbe=OBJ_txt2nid(*args); + if (!strcmp(*args, "NONE")) + cert_pbe = -1; + else + cert_pbe=OBJ_txt2nid(*args); if(cert_pbe == NID_undef) { BIO_printf(bio_err, "Unknown PBE algorithm %s\n", *args); @@ -187,7 +194,10 @@ int MAIN(int argc, char **argv) } else if (!strcmp (*args, "-keypbe")) { if (args[1]) { args++; - key_pbe=OBJ_txt2nid(*args); + if (!strcmp(*args, "NONE")) + key_pbe = -1; + else + key_pbe=OBJ_txt2nid(*args); if(key_pbe == NID_undef) { BIO_printf(bio_err, "Unknown PBE algorithm %s\n", *args); @@ -299,9 +309,16 @@ int MAIN(int argc, char **argv) #ifndef OPENSSL_NO_IDEA BIO_printf (bio_err, "-idea encrypt private keys with idea\n"); #endif +#ifndef OPENSSL_NO_SEED + BIO_printf (bio_err, "-seed encrypt private keys with seed\n"); +#endif #ifndef OPENSSL_NO_AES BIO_printf (bio_err, "-aes128, -aes192, -aes256\n"); BIO_printf (bio_err, " encrypt PEM output with cbc aes\n"); +#endif +#ifndef OPENSSL_NO_CAMELLIA + BIO_printf (bio_err, "-camellia128, -camellia192, -camellia256\n"); + BIO_printf (bio_err, " encrypt PEM output with cbc camellia\n"); #endif BIO_printf (bio_err, "-nodes don't encrypt private keys\n"); BIO_printf (bio_err, "-noiter don't use encryption iteration\n"); @@ -372,24 +389,6 @@ int MAIN(int argc, char **argv) goto end; } -#if 0 - if (certfile) { - if(!(certsin = BIO_new_file(certfile, "r"))) { - BIO_printf(bio_err, "Can't open certificate file %s\n", certfile); - perror (certfile); - goto end; - } - } - - if (keyname) { - if(!(inkey = BIO_new_file(keyname, "r"))) { - BIO_printf(bio_err, "Can't key certificate file %s\n", keyname); - perror (keyname); - goto end; - } - } -#endif - #ifdef CRYPTO_MDEBUG CRYPTO_pop_info(); CRYPTO_push_info("write files"); @@ -426,27 +425,31 @@ int MAIN(int argc, char **argv) if (export_cert) { EVP_PKEY *key = NULL; - STACK_OF(PKCS12_SAFEBAG) *bags = NULL; - STACK_OF(PKCS7) *safes = NULL; - PKCS12_SAFEBAG *bag = NULL; - PKCS8_PRIV_KEY_INFO *p8 = NULL; - PKCS7 *authsafe = NULL; - X509 *ucert = NULL; + X509 *ucert = NULL, *x = NULL; STACK_OF(X509) *certs=NULL; - char *catmp = NULL; + unsigned char *catmp = NULL; int i; - unsigned char keyid[EVP_MAX_MD_SIZE]; - unsigned int keyidlen = 0; + + if ((options & (NOCERTS|NOKEYS)) == (NOCERTS|NOKEYS)) + { + BIO_printf(bio_err, "Nothing to do!\n"); + goto export_end; + } + + if (options & NOCERTS) + chain = 0; #ifdef CRYPTO_MDEBUG CRYPTO_push_info("process -export_cert"); CRYPTO_push_info("reading private key"); #endif - key = load_key(bio_err, keyname ? keyname : infile, FORMAT_PEM, 1, - passin, e, "private key"); - if (!key) { - goto export_end; - } + if (!(options & NOKEYS)) + { + key = load_key(bio_err, keyname ? keyname : infile, + FORMAT_PEM, 1, passin, e, "private key"); + if (!key) + goto export_end; + } #ifdef CRYPTO_MDEBUG CRYPTO_pop_info(); @@ -454,49 +457,61 @@ int MAIN(int argc, char **argv) #endif /* Load in all certs in input file */ - if(!(certs = load_certs(bio_err, infile, FORMAT_PEM, NULL, e, - "certificates"))) { - goto export_end; - } + if(!(options & NOCERTS)) + { + certs = load_certs(bio_err, infile, FORMAT_PEM, NULL, e, + "certificates"); + if (!certs) + goto export_end; -#ifdef CRYPTO_MDEBUG - CRYPTO_pop_info(); - CRYPTO_push_info("reading certs from input 2"); -#endif + if (key) + { + /* Look for matching private key */ + for(i = 0; i < sk_X509_num(certs); i++) + { + x = sk_X509_value(certs, i); + if(X509_check_private_key(x, key)) + { + ucert = x; + /* Zero keyid and alias */ + X509_keyid_set1(ucert, NULL, 0); + X509_alias_set1(ucert, NULL, 0); + /* Remove from list */ + (void)sk_X509_delete(certs, i); + break; + } + } + if (!ucert) + { + BIO_printf(bio_err, "No certificate matches private key\n"); + goto export_end; + } + } - for(i = 0; i < sk_X509_num(certs); i++) { - ucert = sk_X509_value(certs, i); - if(X509_check_private_key(ucert, key)) { - X509_digest(ucert, EVP_sha1(), keyid, &keyidlen); - break; } - } - if(!keyidlen) { - ucert = NULL; - BIO_printf(bio_err, "No certificate matches private key\n"); - goto export_end; - } - + #ifdef CRYPTO_MDEBUG CRYPTO_pop_info(); - CRYPTO_push_info("reading certs from certfile"); + CRYPTO_push_info("reading certs from input 2"); #endif - bags = sk_PKCS12_SAFEBAG_new_null (); - /* Add any more certificates asked for */ - if (certfile) { + if(certfile) + { STACK_OF(X509) *morecerts=NULL; if(!(morecerts = load_certs(bio_err, certfile, FORMAT_PEM, NULL, e, - "certificates from certfile"))) { + "certificates from certfile"))) goto export_end; - } - while(sk_X509_num(morecerts) > 0) { + while(sk_X509_num(morecerts) > 0) sk_X509_push(certs, sk_X509_shift(morecerts)); - } sk_X509_free(morecerts); - } + } + +#ifdef CRYPTO_MDEBUG + CRYPTO_pop_info(); + CRYPTO_push_info("reading certs from certfile"); +#endif #ifdef CRYPTO_MDEBUG CRYPTO_pop_info(); @@ -527,106 +542,64 @@ int MAIN(int argc, char **argv) X509_free(sk_X509_value(chain2, 0)); sk_X509_free(chain2); } else { - BIO_printf (bio_err, "Error %s getting chain.\n", + if (vret >= 0) + BIO_printf (bio_err, "Error %s getting chain.\n", X509_verify_cert_error_string(vret)); + else + ERR_print_errors(bio_err); goto export_end; } } -#ifdef CRYPTO_MDEBUG - CRYPTO_pop_info(); - CRYPTO_push_info("building bags"); -#endif - - /* We now have loads of certificates: include them all */ - for(i = 0; i < sk_X509_num(certs); i++) { - X509 *cert = NULL; - cert = sk_X509_value(certs, i); - bag = PKCS12_x5092certbag(cert); - /* If it matches private key set id */ - if(cert == ucert) { - if(name) PKCS12_add_friendlyname(bag, name, -1); - PKCS12_add_localkeyid(bag, keyid, keyidlen); - } else if((catmp = sk_shift(canames))) - PKCS12_add_friendlyname(bag, catmp, -1); - sk_PKCS12_SAFEBAG_push(bags, bag); - } - sk_X509_pop_free(certs, X509_free); - certs = NULL; - -#ifdef CRYPTO_MDEBUG - CRYPTO_pop_info(); - CRYPTO_push_info("encrypting bags"); -#endif + /* Add any CA names */ - if(!noprompt && - EVP_read_pw_string(pass, sizeof pass, "Enter Export Password:", 1)) { - BIO_printf (bio_err, "Can't read Password\n"); - goto export_end; - } - if (!twopass) BUF_strlcpy(macpass, pass, sizeof macpass); - /* Turn certbags into encrypted authsafe */ - authsafe = PKCS12_pack_p7encdata(cert_pbe, cpass, -1, NULL, 0, - iter, bags); - sk_PKCS12_SAFEBAG_pop_free(bags, PKCS12_SAFEBAG_free); - bags = NULL; - - if (!authsafe) { - ERR_print_errors (bio_err); - goto export_end; - } - - safes = sk_PKCS7_new_null (); - sk_PKCS7_push (safes, authsafe); - -#ifdef CRYPTO_MDEBUG - CRYPTO_pop_info(); - CRYPTO_push_info("building shrouded key bag"); -#endif + for (i = 0; i < sk_num(canames); i++) + { + catmp = (unsigned char *)sk_value(canames, i); + X509_alias_set1(sk_X509_value(certs, i), catmp, -1); + } - /* Make a shrouded key bag */ - p8 = EVP_PKEY2PKCS8 (key); - if(keytype) PKCS8_add_keyusage(p8, keytype); - bag = PKCS12_MAKE_SHKEYBAG(key_pbe, cpass, -1, NULL, 0, iter, p8); - PKCS8_PRIV_KEY_INFO_free(p8); - p8 = NULL; - if (name) PKCS12_add_friendlyname (bag, name, -1); - if(csp_name) PKCS12_add_CSPName_asc(bag, csp_name, -1); - PKCS12_add_localkeyid (bag, keyid, keyidlen); - bags = sk_PKCS12_SAFEBAG_new_null(); - sk_PKCS12_SAFEBAG_push (bags, bag); + if (csp_name && key) + EVP_PKEY_add1_attr_by_NID(key, NID_ms_csp_name, + MBSTRING_ASC, (unsigned char *)csp_name, -1); + #ifdef CRYPTO_MDEBUG CRYPTO_pop_info(); - CRYPTO_push_info("encrypting shrouded key bag"); + CRYPTO_push_info("reading password"); #endif - /* Turn it into unencrypted safe bag */ - authsafe = PKCS12_pack_p7data (bags); - sk_PKCS12_SAFEBAG_pop_free(bags, PKCS12_SAFEBAG_free); - bags = NULL; - sk_PKCS7_push (safes, authsafe); + if(!noprompt && + EVP_read_pw_string(pass, sizeof pass, "Enter Export Password:", 1)) + { + BIO_printf (bio_err, "Can't read Password\n"); + goto export_end; + } + if (!twopass) BUF_strlcpy(macpass, pass, sizeof macpass); #ifdef CRYPTO_MDEBUG CRYPTO_pop_info(); - CRYPTO_push_info("building pkcs12"); + CRYPTO_push_info("creating PKCS#12 structure"); #endif - p12 = PKCS12_init(NID_pkcs7_data); - - PKCS12_pack_authsafes(p12, safes); + p12 = PKCS12_create(cpass, name, key, ucert, certs, + key_pbe, cert_pbe, iter, -1, keytype); - sk_PKCS7_pop_free(safes, PKCS7_free); - safes = NULL; + if (!p12) + { + ERR_print_errors (bio_err); + goto export_end; + } - PKCS12_set_mac (p12, mpass, -1, NULL, 0, maciter, NULL); + if (maciter != -1) + PKCS12_set_mac(p12, mpass, -1, NULL, 0, maciter, NULL); #ifdef CRYPTO_MDEBUG CRYPTO_pop_info(); CRYPTO_push_info("writing pkcs12"); #endif - i2d_PKCS12_bio (out, p12); + i2d_PKCS12_bio(out, p12); ret = 0; @@ -639,8 +612,7 @@ int MAIN(int argc, char **argv) if (key) EVP_PKEY_free(key); if (certs) sk_X509_pop_free(certs, X509_free); - if (safes) sk_PKCS7_pop_free(safes, PKCS7_free); - if (bags) sk_PKCS12_SAFEBAG_pop_free(bags, PKCS12_SAFEBAG_free); + if (ucert) X509_free(ucert); #ifdef CRYPTO_MDEBUG CRYPTO_pop_info(); @@ -848,7 +820,7 @@ int get_cert_chain (X509 *cert, X509_STORE *store, STACK_OF(X509) **chain) { X509_STORE_CTX store_ctx; STACK_OF(X509) *chn; - int i; + int i = 0; /* FIXME: Should really check the return status of X509_STORE_CTX_init * for an error, but how that fits into the return value of this @@ -856,13 +828,17 @@ int get_cert_chain (X509 *cert, X509_STORE *store, STACK_OF(X509) **chain) X509_STORE_CTX_init(&store_ctx, store, cert, NULL); if (X509_verify_cert(&store_ctx) <= 0) { i = X509_STORE_CTX_get_error (&store_ctx); + if (i == 0) + /* avoid returning 0 if X509_verify_cert() did not + * set an appropriate error value in the context */ + i = -1; + chn = NULL; goto err; - } - chn = X509_STORE_CTX_get1_chain(&store_ctx); - i = 0; - *chain = chn; + } else + chn = X509_STORE_CTX_get1_chain(&store_ctx); err: X509_STORE_CTX_cleanup(&store_ctx); + *chain = chn; return i; } @@ -870,13 +846,16 @@ err: int alg_print (BIO *x, X509_ALGOR *alg) { PBEPARAM *pbe; - unsigned char *p; + const unsigned char *p; p = alg->parameter->value.sequence->data; - pbe = d2i_PBEPARAM (NULL, &p, alg->parameter->value.sequence->length); - BIO_printf (bio_err, "%s, Iteration %d\n", - OBJ_nid2ln(OBJ_obj2nid(alg->algorithm)), ASN1_INTEGER_get(pbe->iter)); + pbe = d2i_PBEPARAM(NULL, &p, alg->parameter->value.sequence->length); + if (!pbe) + return 1; + BIO_printf (bio_err, "%s, Iteration %ld\n", + OBJ_nid2ln(OBJ_obj2nid(alg->algorithm)), + ASN1_INTEGER_get(pbe->iter)); PBEPARAM_free (pbe); - return 0; + return 1; } /* Load all certificates from a given file */ @@ -908,7 +887,7 @@ int cert_load(BIO *in, STACK_OF(X509) *sk) /* Generalised attribute print: handle PKCS#8 and bag attributes */ -int print_attribs (BIO *out, STACK_OF(X509_ATTRIBUTE) *attrlst, char *name) +int print_attribs (BIO *out, STACK_OF(X509_ATTRIBUTE) *attrlst,const char *name) { X509_ATTRIBUTE *attr; ASN1_TYPE *av; diff --git a/src/lib/libssl/src/apps/prime.c b/src/lib/libssl/src/apps/prime.c index 1753b3ebc1..af2fed15af 100644 --- a/src/lib/libssl/src/apps/prime.c +++ b/src/lib/libssl/src/apps/prime.c @@ -56,6 +56,8 @@ #undef PROG #define PROG prime_main +int MAIN(int, char **); + int MAIN(int argc, char **argv) { int hex=0; @@ -113,7 +115,7 @@ int MAIN(int argc, char **argv) BN_print(bio_out,bn); BIO_printf(bio_out," is %sprime\n", - BN_is_prime(bn,checks,NULL,NULL,NULL) ? "" : "not "); + BN_is_prime_ex(bn,checks,NULL,NULL) ? "" : "not "); BN_free(bn); BIO_free_all(bio_out); diff --git a/src/lib/libssl/src/apps/progs.h b/src/lib/libssl/src/apps/progs.h index 0493257bde..aafd800bdf 100644 --- a/src/lib/libssl/src/apps/progs.h +++ b/src/lib/libssl/src/apps/progs.h @@ -17,6 +17,8 @@ extern int rsa_main(int argc,char *argv[]); extern int rsautl_main(int argc,char *argv[]); extern int dsa_main(int argc,char *argv[]); extern int dsaparam_main(int argc,char *argv[]); +extern int ec_main(int argc,char *argv[]); +extern int ecparam_main(int argc,char *argv[]); extern int x509_main(int argc,char *argv[]); extern int genrsa_main(int argc,char *argv[]); extern int gendsa_main(int argc,char *argv[]); @@ -26,6 +28,7 @@ extern int speed_main(int argc,char *argv[]); extern int s_time_main(int argc,char *argv[]); extern int version_main(int argc,char *argv[]); extern int pkcs7_main(int argc,char *argv[]); +extern int cms_main(int argc,char *argv[]); extern int crl2pkcs7_main(int argc,char *argv[]); extern int sess_id_main(int argc,char *argv[]); extern int ciphers_main(int argc,char *argv[]); @@ -35,11 +38,9 @@ extern int pkcs8_main(int argc,char *argv[]); extern int spkac_main(int argc,char *argv[]); extern int smime_main(int argc,char *argv[]); extern int rand_main(int argc,char *argv[]); -extern int prime_main(int argc,char *argv[]); -#ifndef OPENSSL_NO_ENGINE extern int engine_main(int argc,char *argv[]); -#endif extern int ocsp_main(int argc,char *argv[]); +extern int prime_main(int argc,char *argv[]); #define FUNC_TYPE_GENERAL 1 #define FUNC_TYPE_MD 2 @@ -47,8 +48,8 @@ extern int ocsp_main(int argc,char *argv[]); typedef struct { int type; - char *name; - int (*func)(); + const char *name; + int (*func)(int argc,char *argv[]); } FUNCTION; FUNCTION functions[] = { @@ -81,6 +82,12 @@ FUNCTION functions[] = { #endif #ifndef OPENSSL_NO_DSA {FUNC_TYPE_GENERAL,"dsaparam",dsaparam_main}, +#endif +#ifndef OPENSSL_NO_EC + {FUNC_TYPE_GENERAL,"ec",ec_main}, +#endif +#ifndef OPENSSL_NO_EC + {FUNC_TYPE_GENERAL,"ecparam",ecparam_main}, #endif {FUNC_TYPE_GENERAL,"x509",x509_main}, #ifndef OPENSSL_NO_RSA @@ -103,6 +110,9 @@ FUNCTION functions[] = { #endif {FUNC_TYPE_GENERAL,"version",version_main}, {FUNC_TYPE_GENERAL,"pkcs7",pkcs7_main}, +#ifndef OPENSSL_NO_CMS + {FUNC_TYPE_GENERAL,"cms",cms_main}, +#endif {FUNC_TYPE_GENERAL,"crl2pkcs7",crl2pkcs7_main}, {FUNC_TYPE_GENERAL,"sess_id",sess_id_main}, #if !defined(OPENSSL_NO_SOCK) && !(defined(OPENSSL_NO_SSL2) && defined(OPENSSL_NO_SSL3)) @@ -116,11 +126,11 @@ FUNCTION functions[] = { {FUNC_TYPE_GENERAL,"spkac",spkac_main}, {FUNC_TYPE_GENERAL,"smime",smime_main}, {FUNC_TYPE_GENERAL,"rand",rand_main}, - {FUNC_TYPE_GENERAL,"prime",prime_main}, #ifndef OPENSSL_NO_ENGINE {FUNC_TYPE_GENERAL,"engine",engine_main}, #endif {FUNC_TYPE_GENERAL,"ocsp",ocsp_main}, + {FUNC_TYPE_GENERAL,"prime",prime_main}, #ifndef OPENSSL_NO_MD2 {FUNC_TYPE_MD,"md2",dgst_main}, #endif @@ -159,6 +169,24 @@ FUNCTION functions[] = { #endif #ifndef OPENSSL_NO_AES {FUNC_TYPE_CIPHER,"aes-256-ecb",enc_main}, +#endif +#ifndef OPENSSL_NO_CAMELLIA + {FUNC_TYPE_CIPHER,"camellia-128-cbc",enc_main}, +#endif +#ifndef OPENSSL_NO_CAMELLIA + {FUNC_TYPE_CIPHER,"camellia-128-ecb",enc_main}, +#endif +#ifndef OPENSSL_NO_CAMELLIA + {FUNC_TYPE_CIPHER,"camellia-192-cbc",enc_main}, +#endif +#ifndef OPENSSL_NO_CAMELLIA + {FUNC_TYPE_CIPHER,"camellia-192-ecb",enc_main}, +#endif +#ifndef OPENSSL_NO_CAMELLIA + {FUNC_TYPE_CIPHER,"camellia-256-cbc",enc_main}, +#endif +#ifndef OPENSSL_NO_CAMELLIA + {FUNC_TYPE_CIPHER,"camellia-256-ecb",enc_main}, #endif {FUNC_TYPE_CIPHER,"base64",enc_main}, #ifndef OPENSSL_NO_DES @@ -173,6 +201,9 @@ FUNCTION functions[] = { #ifndef OPENSSL_NO_IDEA {FUNC_TYPE_CIPHER,"idea",enc_main}, #endif +#ifndef OPENSSL_NO_SEED + {FUNC_TYPE_CIPHER,"seed",enc_main}, +#endif #ifndef OPENSSL_NO_RC4 {FUNC_TYPE_CIPHER,"rc4",enc_main}, #endif @@ -239,6 +270,18 @@ FUNCTION functions[] = { #ifndef OPENSSL_NO_IDEA {FUNC_TYPE_CIPHER,"idea-ofb",enc_main}, #endif +#ifndef OPENSSL_NO_SEED + {FUNC_TYPE_CIPHER,"seed-cbc",enc_main}, +#endif +#ifndef OPENSSL_NO_SEED + {FUNC_TYPE_CIPHER,"seed-ecb",enc_main}, +#endif +#ifndef OPENSSL_NO_SEED + {FUNC_TYPE_CIPHER,"seed-cfb",enc_main}, +#endif +#ifndef OPENSSL_NO_SEED + {FUNC_TYPE_CIPHER,"seed-ofb",enc_main}, +#endif #ifndef OPENSSL_NO_RC2 {FUNC_TYPE_CIPHER,"rc2-cbc",enc_main}, #endif diff --git a/src/lib/libssl/src/apps/progs.pl b/src/lib/libssl/src/apps/progs.pl index d6a40edb91..645432cfcc 100644 --- a/src/lib/libssl/src/apps/progs.pl +++ b/src/lib/libssl/src/apps/progs.pl @@ -16,8 +16,8 @@ print <<'EOF'; typedef struct { int type; - char *name; - int (*func)(); + const char *name; + int (*func)(int argc,char *argv[]); } FUNCTION; FUNCTION functions[] = { @@ -29,14 +29,22 @@ foreach (@ARGV) $str="\t{FUNC_TYPE_GENERAL,\"$_\",${_}_main},\n"; if (($_ =~ /^s_/) || ($_ =~ /^ciphers$/)) { print "#if !defined(OPENSSL_NO_SOCK) && !(defined(OPENSSL_NO_SSL2) && defined(OPENSSL_NO_SSL3))\n${str}#endif\n"; } + elsif ( ($_ =~ /^speed$/)) + { print "#ifndef OPENSSL_NO_SPEED\n${str}#endif\n"; } + elsif ( ($_ =~ /^engine$/)) + { print "#ifndef OPENSSL_NO_ENGINE\n${str}#endif\n"; } elsif ( ($_ =~ /^rsa$/) || ($_ =~ /^genrsa$/) || ($_ =~ /^rsautl$/)) { print "#ifndef OPENSSL_NO_RSA\n${str}#endif\n"; } elsif ( ($_ =~ /^dsa$/) || ($_ =~ /^gendsa$/) || ($_ =~ /^dsaparam$/)) { print "#ifndef OPENSSL_NO_DSA\n${str}#endif\n"; } + elsif ( ($_ =~ /^ec$/) || ($_ =~ /^ecparam$/)) + { print "#ifndef OPENSSL_NO_EC\n${str}#endif\n";} elsif ( ($_ =~ /^dh$/) || ($_ =~ /^gendh$/) || ($_ =~ /^dhparam$/)) { print "#ifndef OPENSSL_NO_DH\n${str}#endif\n"; } elsif ( ($_ =~ /^pkcs12$/)) { print "#if !defined(OPENSSL_NO_DES) && !defined(OPENSSL_NO_SHA1)\n${str}#endif\n"; } + elsif ( ($_ =~ /^cms$/)) + { print "#ifndef OPENSSL_NO_CMS\n${str}#endif\n"; } else { print $str; } } @@ -51,14 +59,18 @@ foreach ( "aes-128-cbc", "aes-128-ecb", "aes-192-cbc", "aes-192-ecb", "aes-256-cbc", "aes-256-ecb", + "camellia-128-cbc", "camellia-128-ecb", + "camellia-192-cbc", "camellia-192-ecb", + "camellia-256-cbc", "camellia-256-ecb", "base64", - "des", "des3", "desx", "idea", "rc4", "rc4-40", + "des", "des3", "desx", "idea", "seed", "rc4", "rc4-40", "rc2", "bf", "cast", "rc5", "des-ecb", "des-ede", "des-ede3", "des-cbc", "des-ede-cbc","des-ede3-cbc", "des-cfb", "des-ede-cfb","des-ede3-cfb", "des-ofb", "des-ede-ofb","des-ede3-ofb", - "idea-cbc","idea-ecb", "idea-cfb", "idea-ofb", + "idea-cbc","idea-ecb", "idea-cfb", "idea-ofb", + "seed-cbc","seed-ecb", "seed-cfb", "seed-ofb", "rc2-cbc", "rc2-ecb", "rc2-cfb","rc2-ofb", "rc2-64-cbc", "rc2-40-cbc", "bf-cbc", "bf-ecb", "bf-cfb", "bf-ofb", "cast5-cbc","cast5-ecb", "cast5-cfb","cast5-ofb", @@ -69,7 +81,9 @@ foreach ( $t=sprintf("\t{FUNC_TYPE_CIPHER,\"%s\",enc_main},\n",$_); if ($_ =~ /des/) { $t="#ifndef OPENSSL_NO_DES\n${t}#endif\n"; } elsif ($_ =~ /aes/) { $t="#ifndef OPENSSL_NO_AES\n${t}#endif\n"; } + elsif ($_ =~ /camellia/) { $t="#ifndef OPENSSL_NO_CAMELLIA\n${t}#endif\n"; } elsif ($_ =~ /idea/) { $t="#ifndef OPENSSL_NO_IDEA\n${t}#endif\n"; } + elsif ($_ =~ /seed/) { $t="#ifndef OPENSSL_NO_SEED\n${t}#endif\n"; } elsif ($_ =~ /rc4/) { $t="#ifndef OPENSSL_NO_RC4\n${t}#endif\n"; } elsif ($_ =~ /rc2/) { $t="#ifndef OPENSSL_NO_RC2\n${t}#endif\n"; } elsif ($_ =~ /bf/) { $t="#ifndef OPENSSL_NO_BF\n${t}#endif\n"; } diff --git a/src/lib/libssl/src/apps/rand.c b/src/lib/libssl/src/apps/rand.c index 63724bc730..c3b26c466d 100644 --- a/src/lib/libssl/src/apps/rand.c +++ b/src/lib/libssl/src/apps/rand.c @@ -205,7 +205,7 @@ int MAIN(int argc, char **argv) int chunk; chunk = num; - if (chunk > sizeof buf) + if (chunk > (int)sizeof(buf)) chunk = sizeof buf; r = RAND_bytes(buf, chunk); if (r <= 0) @@ -213,7 +213,7 @@ int MAIN(int argc, char **argv) BIO_write(out, buf, chunk); num -= chunk; } - BIO_flush(out); + (void)BIO_flush(out); app_RAND_write_file(NULL, bio_err); ret = 0; diff --git a/src/lib/libssl/src/apps/req.c b/src/lib/libssl/src/apps/req.c index eebe71b15e..5ed08960c1 100644 --- a/src/lib/libssl/src/apps/req.c +++ b/src/lib/libssl/src/apps/req.c @@ -56,6 +56,12 @@ * [including the GNU Public Licence.] */ +/* Until the key-gen callbacks are modified to use newer prototypes, we allow + * deprecated functions for openssl-internal code */ +#ifdef OPENSSL_NO_DEPRECATED +#undef OPENSSL_NO_DEPRECATED +#endif + #include #include #include @@ -73,7 +79,13 @@ #include #include #include -#include "../crypto/cryptlib.h" +#include +#ifndef OPENSSL_NO_RSA +#include +#endif +#ifndef OPENSSL_NO_DSA +#include +#endif #define SECTION "req" @@ -113,9 +125,10 @@ * require. This format is wrong */ -static int make_REQ(X509_REQ *req,EVP_PKEY *pkey,char *dn,int attribs, - unsigned long chtype); -static int build_subject(X509_REQ *req, char *subj, unsigned long chtype); +static int make_REQ(X509_REQ *req,EVP_PKEY *pkey,char *dn,int mutlirdn, + int attribs,unsigned long chtype); +static int build_subject(X509_REQ *req, char *subj, unsigned long chtype, + int multirdn); static int prompt_info(X509_REQ *req, STACK_OF(CONF_VALUE) *dn_sk, char *dn_sect, STACK_OF(CONF_VALUE) *attr_sk, char *attr_sect, int attribs, @@ -123,16 +136,16 @@ static int prompt_info(X509_REQ *req, static int auto_info(X509_REQ *req, STACK_OF(CONF_VALUE) *sk, STACK_OF(CONF_VALUE) *attr, int attribs, unsigned long chtype); -static int add_attribute_object(X509_REQ *req, char *text, - char *def, char *value, int nid, int n_min, +static int add_attribute_object(X509_REQ *req, char *text, const char *def, + char *value, int nid, int n_min, int n_max, unsigned long chtype); -static int add_DN_object(X509_NAME *n, char *text, char *def, char *value, - int nid,int n_min,int n_max, unsigned long chtype); +static int add_DN_object(X509_NAME *n, char *text, const char *def, char *value, + int nid,int n_min,int n_max, unsigned long chtype, int mval); #ifndef OPENSSL_NO_RSA -static void MS_CALLBACK req_cb(int p,int n,void *arg); +static int MS_CALLBACK req_cb(int p, int n, BN_GENCB *cb); #endif static int req_check_len(int len,int n_min,int n_max); -static int check_end(char *str, char *end); +static int check_end(const char *str, const char *end); #ifndef MONOLITH static char *default_config_file=NULL; #endif @@ -142,6 +155,7 @@ static int batch=0; #define TYPE_RSA 1 #define TYPE_DSA 2 #define TYPE_DH 3 +#define TYPE_EC 4 int MAIN(int, char **); @@ -150,6 +164,9 @@ int MAIN(int argc, char **argv) ENGINE *e = NULL; #ifndef OPENSSL_NO_DSA DSA *dsa_params=NULL; +#endif +#ifndef OPENSSL_NO_ECDSA + EC_KEY *ec_params = NULL; #endif unsigned long nmflag = 0, reqflag = 0; int ex=1,x509=0,days=30; @@ -175,7 +192,8 @@ int MAIN(int argc, char **argv) char *passin = NULL, *passout = NULL; char *p; char *subj = NULL; - const EVP_MD *md_alg=NULL,*digest; + int multirdn = 0; + const EVP_MD *md_alg=NULL,*digest=EVP_sha1(); unsigned long chtype = MBSTRING_ASC; #ifndef MONOLITH char *to_free; @@ -197,13 +215,6 @@ int MAIN(int argc, char **argv) informat=FORMAT_PEM; outformat=FORMAT_PEM; -#ifdef OPENSSL_FIPS - if (FIPS_mode()) - digest = EVP_sha1(); - else -#endif - digest = EVP_md5(); - prog=argv[0]; argc--; argv++; @@ -329,11 +340,64 @@ int MAIN(int argc, char **argv) } } BIO_free(in); - newkey=BN_num_bits(dsa_params->p); in=NULL; + newkey=BN_num_bits(dsa_params->p); } else #endif +#ifndef OPENSSL_NO_ECDSA + if (strncmp("ec:",p,3) == 0) + { + X509 *xtmp=NULL; + EVP_PKEY *dtmp; + EC_GROUP *group; + + pkey_type=TYPE_EC; + p+=3; + if ((in=BIO_new_file(p,"r")) == NULL) + { + perror(p); + goto end; + } + if ((ec_params = EC_KEY_new()) == NULL) + goto end; + group = PEM_read_bio_ECPKParameters(in, NULL, NULL, NULL); + if (group == NULL) + { + EC_KEY_free(ec_params); + ERR_clear_error(); + (void)BIO_reset(in); + if ((xtmp=PEM_read_bio_X509(in,NULL,NULL,NULL)) == NULL) + { + BIO_printf(bio_err,"unable to load EC parameters from file\n"); + goto end; + } + + if ((dtmp=X509_get_pubkey(xtmp))==NULL) + goto end; + if (dtmp->type == EVP_PKEY_EC) + ec_params = EC_KEY_dup(dtmp->pkey.ec); + EVP_PKEY_free(dtmp); + X509_free(xtmp); + if (ec_params == NULL) + { + BIO_printf(bio_err,"Certificate does not contain EC parameters\n"); + goto end; + } + } + else + { + if (EC_KEY_set_group(ec_params, group) == 0) + goto end; + EC_GROUP_free(group); + } + + BIO_free(in); + in=NULL; + newkey = EC_GROUP_get_degree(EC_KEY_get0_group(ec_params)); + } + else +#endif #ifndef OPENSSL_NO_DH if (strncmp("dh:",p,4) == 0) { @@ -342,7 +406,9 @@ int MAIN(int argc, char **argv) } else #endif - pkey_type=TYPE_RSA; + { + goto bad; + } newreq=1; } @@ -387,6 +453,8 @@ int MAIN(int argc, char **argv) if (--argc < 1) goto bad; subj= *(++argv); } + else if (strcmp(*argv,"-multivalue-rdn") == 0) + multirdn=1; else if (strcmp(*argv,"-days") == 0) { if (--argc < 1) goto bad; @@ -452,9 +520,13 @@ bad: BIO_printf(bio_err," the random number generator\n"); BIO_printf(bio_err," -newkey rsa:bits generate a new RSA key of 'bits' in size\n"); BIO_printf(bio_err," -newkey dsa:file generate a new DSA key, parameters taken from CA in 'file'\n"); +#ifndef OPENSSL_NO_ECDSA + BIO_printf(bio_err," -newkey ec:file generate a new EC key, parameters taken from CA in 'file'\n"); +#endif BIO_printf(bio_err," -[digest] Digest to sign with (md5, sha1, md2, mdc2, md4)\n"); BIO_printf(bio_err," -config file request template file.\n"); BIO_printf(bio_err," -subj arg set or modify request subject\n"); + BIO_printf(bio_err," -multivalue-rdn enable support for multivalued RDNs\n"); BIO_printf(bio_err," -new new request.\n"); BIO_printf(bio_err," -batch do not ask anything during request generation\n"); BIO_printf(bio_err," -x509 output a x509 structure instead of a cert. req.\n"); @@ -647,7 +719,7 @@ bad: message */ goto end; } - if (EVP_PKEY_type(pkey->type) == EVP_PKEY_DSA) + else { char *randfile = NCONF_get_string(req_conf,SECTION,"RANDFILE"); if (randfile == NULL) @@ -658,6 +730,9 @@ bad: if (newreq && (pkey == NULL)) { +#ifndef OPENSSL_NO_RSA + BN_GENCB cb; +#endif char *randfile = NCONF_get_string(req_conf,SECTION,"RANDFILE"); if (randfile == NULL) ERR_clear_error(); @@ -671,24 +746,33 @@ bad: newkey=DEFAULT_KEY_LENGTH; } - if (newkey < MIN_KEY_LENGTH) + if (newkey < MIN_KEY_LENGTH && (pkey_type == TYPE_RSA || pkey_type == TYPE_DSA)) { BIO_printf(bio_err,"private key length is too short,\n"); - BIO_printf(bio_err,"it needs to be at least %d bits, not %d\n",MIN_KEY_LENGTH,newkey); + BIO_printf(bio_err,"it needs to be at least %d bits, not %ld\n",MIN_KEY_LENGTH,newkey); goto end; } - BIO_printf(bio_err,"Generating a %d bit %s private key\n", - newkey,(pkey_type == TYPE_RSA)?"RSA":"DSA"); + BIO_printf(bio_err,"Generating a %ld bit %s private key\n", + newkey,(pkey_type == TYPE_RSA)?"RSA": + (pkey_type == TYPE_DSA)?"DSA":"EC"); if ((pkey=EVP_PKEY_new()) == NULL) goto end; #ifndef OPENSSL_NO_RSA + BN_GENCB_set(&cb, req_cb, bio_err); if (pkey_type == TYPE_RSA) { - if (!EVP_PKEY_assign_RSA(pkey, - RSA_generate_key(newkey,0x10001, - req_cb,bio_err))) + RSA *rsa = RSA_new(); + BIGNUM *bn = BN_new(); + if(!bn || !rsa || !BN_set_word(bn, 0x10001) || + !RSA_generate_key_ex(rsa, newkey, bn, &cb) || + !EVP_PKEY_assign_RSA(pkey, rsa)) + { + if(bn) BN_free(bn); + if(rsa) RSA_free(rsa); goto end; + } + BN_free(bn); } else #endif @@ -700,6 +784,15 @@ bad: dsa_params=NULL; } #endif +#ifndef OPENSSL_NO_ECDSA + if (pkey_type == TYPE_EC) + { + if (!EC_KEY_generate_key(ec_params)) goto end; + if (!EVP_PKEY_assign_EC_KEY(pkey, ec_params)) + goto end; + ec_params = NULL; + } +#endif app_RAND_write_file(randfile, bio_err); @@ -805,6 +898,10 @@ loop: #ifndef OPENSSL_NO_DSA if (pkey->type == EVP_PKEY_DSA) digest=EVP_dss1(); +#endif +#ifndef OPENSSL_NO_ECDSA + if (pkey->type == EVP_PKEY_EC) + digest=EVP_ecdsa(); #endif if (req == NULL) { @@ -814,7 +911,7 @@ loop: goto end; } - i=make_REQ(req,pkey,subj,!x509, chtype); + i=make_REQ(req,pkey,subj,multirdn,!x509, chtype); subj=NULL; /* done processing '-subj' option */ if ((kludge > 0) && !sk_X509_ATTRIBUTE_num(req->req_info->attributes)) { @@ -909,7 +1006,7 @@ loop: print_name(bio_err, "old subject=", X509_REQ_get_subject_name(req), nmflag); } - if (build_subject(req, subj, chtype) == 0) + if (build_subject(req, subj, chtype, multirdn) == 0) { BIO_printf(bio_err, "ERROR: cannot modify subject\n"); ex=1; @@ -1092,13 +1189,16 @@ end: OBJ_cleanup(); #ifndef OPENSSL_NO_DSA if (dsa_params != NULL) DSA_free(dsa_params); +#endif +#ifndef OPENSSL_NO_ECDSA + if (ec_params != NULL) EC_KEY_free(ec_params); #endif apps_shutdown(); OPENSSL_EXIT(ex); } -static int make_REQ(X509_REQ *req, EVP_PKEY *pkey, char *subj, int attribs, - unsigned long chtype) +static int make_REQ(X509_REQ *req, EVP_PKEY *pkey, char *subj, int multirdn, + int attribs, unsigned long chtype) { int ret=0,i; char no_prompt = 0; @@ -1148,7 +1248,7 @@ static int make_REQ(X509_REQ *req, EVP_PKEY *pkey, char *subj, int attribs, else { if (subj) - i = build_subject(req, subj, chtype); + i = build_subject(req, subj, chtype, multirdn); else i = prompt_info(req, dn_sk, dn_sect, attr_sk, attr_sect, attribs, chtype); } @@ -1165,11 +1265,11 @@ err: * subject is expected to be in the format /type0=value0/type1=value1/type2=... * where characters may be escaped by \ */ -static int build_subject(X509_REQ *req, char *subject, unsigned long chtype) +static int build_subject(X509_REQ *req, char *subject, unsigned long chtype, int multirdn) { X509_NAME *n; - if (!(n = do_subject(subject, chtype))) + if (!(n = parse_name(subject, chtype, multirdn))) return 0; if (!X509_REQ_set_subject_name(req, n)) @@ -1190,9 +1290,10 @@ static int prompt_info(X509_REQ *req, int i; char *p,*q; char buf[100]; - int nid; + int nid, mval; long n_min,n_max; - char *type,*def,*value; + char *type, *value; + const char *def; CONF_VALUE *v; X509_NAME *subj; subj = X509_REQ_get_subject_name(req); @@ -1233,10 +1334,17 @@ start: for (;;) if(*p) type = p; break; } + if (*type == '+') + { + mval = -1; + type++; + } + else + mval = 0; /* If OBJ not recognised ignore it */ if ((nid=OBJ_txt2nid(type)) == NID_undef) goto start; if (BIO_snprintf(buf,sizeof buf,"%s_default",v->name) - >= sizeof buf) + >= (int)sizeof(buf)) { BIO_printf(bio_err,"Name '%s' too long\n",v->name); return 0; @@ -1270,7 +1378,7 @@ start: for (;;) } if (!add_DN_object(subj,v->value,def,value,nid, - n_min,n_max, chtype)) + n_min,n_max, chtype, mval)) return 0; } if (X509_NAME_entry_count(subj) == 0) @@ -1301,7 +1409,7 @@ start2: for (;;) goto start2; if (BIO_snprintf(buf,sizeof buf,"%s_default",type) - >= sizeof buf) + >= (int)sizeof(buf)) { BIO_printf(bio_err,"Name '%s' too long\n",v->name); return 0; @@ -1360,6 +1468,7 @@ static int auto_info(X509_REQ *req, STACK_OF(CONF_VALUE) *dn_sk, for (i = 0; i < sk_CONF_VALUE_num(dn_sk); i++) { + int mval; v=sk_CONF_VALUE_value(dn_sk,i); p=q=NULL; type=v->name; @@ -1376,8 +1485,19 @@ static int auto_info(X509_REQ *req, STACK_OF(CONF_VALUE) *dn_sk, if(*p) type = p; break; } +#ifndef CHARSET_EBCDIC + if (*p == '+') +#else + if (*p == os_toascii['+']) +#endif + { + p++; + mval = -1; + } + else + mval = 0; if (!X509_NAME_add_entry_by_txt(subj,type, chtype, - (unsigned char *) v->value,-1,-1,0)) return 0; + (unsigned char *) v->value,-1,-1,mval)) return 0; } @@ -1399,8 +1519,8 @@ static int auto_info(X509_REQ *req, STACK_OF(CONF_VALUE) *dn_sk, } -static int add_DN_object(X509_NAME *n, char *text, char *def, char *value, - int nid, int n_min, int n_max, unsigned long chtype) +static int add_DN_object(X509_NAME *n, char *text, const char *def, char *value, + int nid, int n_min, int n_max, unsigned long chtype, int mval) { int i,ret=0; MS_STATIC char buf[1024]; @@ -1449,14 +1569,14 @@ start: #endif if(!req_check_len(i, n_min, n_max)) goto start; if (!X509_NAME_add_entry_by_NID(n,nid, chtype, - (unsigned char *) buf, -1,-1,0)) goto err; + (unsigned char *) buf, -1,-1,mval)) goto err; ret=1; err: return(ret); } -static int add_attribute_object(X509_REQ *req, char *text, - char *def, char *value, int nid, int n_min, +static int add_attribute_object(X509_REQ *req, char *text, const char *def, + char *value, int nid, int n_min, int n_max, unsigned long chtype) { int i; @@ -1520,7 +1640,7 @@ err: } #ifndef OPENSSL_NO_RSA -static void MS_CALLBACK req_cb(int p, int n, void *arg) +static int MS_CALLBACK req_cb(int p, int n, BN_GENCB *cb) { char c='*'; @@ -1528,11 +1648,12 @@ static void MS_CALLBACK req_cb(int p, int n, void *arg) if (p == 1) c='+'; if (p == 2) c='*'; if (p == 3) c='\n'; - BIO_write((BIO *)arg,&c,1); - (void)BIO_flush((BIO *)arg); + BIO_write(cb->arg,&c,1); + (void)BIO_flush(cb->arg); #ifdef LINT p=n; #endif + return 1; } #endif @@ -1552,10 +1673,10 @@ static int req_check_len(int len, int n_min, int n_max) } /* Check if the end of a string matches 'end' */ -static int check_end(char *str, char *end) +static int check_end(const char *str, const char *end) { int elen, slen; - char *tmp; + const char *tmp; elen = strlen(end); slen = strlen(str); if(elen > slen) return 1; diff --git a/src/lib/libssl/src/apps/rsa.c b/src/lib/libssl/src/apps/rsa.c index 0acdb08b24..930f1f038a 100644 --- a/src/lib/libssl/src/apps/rsa.c +++ b/src/lib/libssl/src/apps/rsa.c @@ -56,6 +56,7 @@ * [including the GNU Public Licence.] */ +#include #ifndef OPENSSL_NO_RSA #include #include @@ -68,6 +69,7 @@ #include #include #include +#include #undef PROG #define PROG rsa_main @@ -79,9 +81,13 @@ * -des - encrypt output if PEM format with DES in cbc mode * -des3 - encrypt output if PEM format * -idea - encrypt output if PEM format + * -seed - encrypt output if PEM format * -aes128 - encrypt output if PEM format * -aes192 - encrypt output if PEM format * -aes256 - encrypt output if PEM format + * -camellia128 - encrypt output if PEM format + * -camellia192 - encrypt output if PEM format + * -camellia256 - encrypt output if PEM format * -text - print a text version * -modulus - print the RSA key modulus * -check - verify key consistency @@ -206,9 +212,16 @@ bad: #ifndef OPENSSL_NO_IDEA BIO_printf(bio_err," -idea encrypt PEM output with cbc idea\n"); #endif +#ifndef OPENSSL_NO_SEED + BIO_printf(bio_err," -seed encrypt PEM output with cbc seed\n"); +#endif #ifndef OPENSSL_NO_AES BIO_printf(bio_err," -aes128, -aes192, -aes256\n"); BIO_printf(bio_err," encrypt PEM output with cbc aes\n"); +#endif +#ifndef OPENSSL_NO_CAMELLIA + BIO_printf(bio_err," -camellia128, -camellia192, -camellia256\n"); + BIO_printf(bio_err," encrypt PEM output with cbc camellia\n"); #endif BIO_printf(bio_err," -text print the key in text\n"); BIO_printf(bio_err," -noout don't print key out\n"); @@ -307,7 +320,7 @@ bad: BIO_printf(out,"RSA key ok\n"); else if (r == 0) { - long err; + unsigned long err; while ((err = ERR_peek_error()) != 0 && ERR_GET_LIB(err) == ERR_LIB_RSA && diff --git a/src/lib/libssl/src/apps/rsautl.c b/src/lib/libssl/src/apps/rsautl.c index bdfbe31c14..f3c458ed27 100644 --- a/src/lib/libssl/src/apps/rsautl.c +++ b/src/lib/libssl/src/apps/rsautl.c @@ -3,7 +3,7 @@ * project 2000. */ /* ==================================================================== - * Copyright (c) 2000-2005 The OpenSSL Project. All rights reserved. + * Copyright (c) 2000 The OpenSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -56,12 +56,14 @@ * */ +#include #ifndef OPENSSL_NO_RSA #include "apps.h" #include #include #include +#include #define RSA_SIGN 1 #define RSA_VERIFY 2 @@ -117,24 +119,36 @@ int MAIN(int argc, char **argv) while(argc >= 1) { if (!strcmp(*argv,"-in")) { - if (--argc < 1) badarg = 1; - infile= *(++argv); + if (--argc < 1) + badarg = 1; + else + infile= *(++argv); } else if (!strcmp(*argv,"-out")) { - if (--argc < 1) badarg = 1; - outfile= *(++argv); + if (--argc < 1) + badarg = 1; + else + outfile= *(++argv); } else if(!strcmp(*argv, "-inkey")) { - if (--argc < 1) badarg = 1; - keyfile = *(++argv); + if (--argc < 1) + badarg = 1; + else + keyfile = *(++argv); } else if (!strcmp(*argv,"-passin")) { - if (--argc < 1) badarg = 1; - passargin= *(++argv); + if (--argc < 1) + badarg = 1; + else + passargin= *(++argv); } else if (strcmp(*argv,"-keyform") == 0) { - if (--argc < 1) badarg = 1; - keyform=str2fmt(*(++argv)); + if (--argc < 1) + badarg = 1; + else + keyform=str2fmt(*(++argv)); #ifndef OPENSSL_NO_ENGINE } else if(!strcmp(*argv, "-engine")) { - if (--argc < 1) badarg = 1; - engine = *(++argv); + if (--argc < 1) + badarg = 1; + else + engine = *(++argv); #endif } else if(!strcmp(*argv, "-pubin")) { key_type = KEY_PUBKEY; diff --git a/src/lib/libssl/src/apps/s_apps.h b/src/lib/libssl/src/apps/s_apps.h index 66b6edd442..08fbbc2229 100644 --- a/src/lib/libssl/src/apps/s_apps.h +++ b/src/lib/libssl/src/apps/s_apps.h @@ -108,8 +108,9 @@ * Hudson (tjh@cryptsoft.com). * */ - +#if !defined(OPENSSL_SYS_NETWARE) /* conflicts with winsock2 stuff on netware */ #include +#endif #include #if defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_MSDOS) @@ -147,22 +148,26 @@ typedef fd_mask fd_set; #define PORT_STR "4433" #define PROTOCOL "tcp" -int do_server(int port, int *ret, int (*cb) (), char *context); +int do_server(int port, int type, int *ret, int (*cb) (char *hostname, int s, unsigned char *context), unsigned char *context); #ifdef HEADER_X509_H int MS_CALLBACK verify_callback(int ok, X509_STORE_CTX *ctx); #endif #ifdef HEADER_SSL_H int set_cert_stuff(SSL_CTX *ctx, char *cert_file, char *key_file); +int set_cert_key_stuff(SSL_CTX *ctx, X509 *cert, EVP_PKEY *key); #endif -int init_client(int *sock, char *server, int port); +int init_client(int *sock, char *server, int port, int type); int should_retry(int i); int extract_port(char *str, short *port_ptr); int extract_host_port(char *str,char **host_ptr,unsigned char *ip,short *p); -long MS_CALLBACK bio_dump_cb(BIO *bio, int cmd, const char *argp, +long MS_CALLBACK bio_dump_callback(BIO *bio, int cmd, const char *argp, int argi, long argl, long ret); #ifdef HEADER_SSL_H void MS_CALLBACK apps_ssl_info_callback(const SSL *s, int where, int ret); void MS_CALLBACK msg_cb(int write_p, int version, int content_type, const void *buf, size_t len, SSL *ssl, void *arg); +void MS_CALLBACK tlsext_cb(SSL *s, int client_server, int type, + unsigned char *data, int len, + void *arg); #endif diff --git a/src/lib/libssl/src/apps/s_cb.c b/src/lib/libssl/src/apps/s_cb.c index 675527df1f..a512589e8c 100644 --- a/src/lib/libssl/src/apps/s_cb.c +++ b/src/lib/libssl/src/apps/s_cb.c @@ -229,8 +229,36 @@ int set_cert_stuff(SSL_CTX *ctx, char *cert_file, char *key_file) return(1); } -long MS_CALLBACK bio_dump_cb(BIO *bio, int cmd, const char *argp, int argi, - long argl, long ret) +int set_cert_key_stuff(SSL_CTX *ctx, X509 *cert, EVP_PKEY *key) + { + if (cert == NULL) + return 1; + if (SSL_CTX_use_certificate(ctx,cert) <= 0) + { + BIO_printf(bio_err,"error setting certificate\n"); + ERR_print_errors(bio_err); + return 0; + } + if (SSL_CTX_use_PrivateKey(ctx,key) <= 0) + { + BIO_printf(bio_err,"error setting private key\n"); + ERR_print_errors(bio_err); + return 0; + } + + + /* Now we know that a key and cert have been set against + * the SSL context */ + if (!SSL_CTX_check_private_key(ctx)) + { + BIO_printf(bio_err,"Private key does not match the certificate public key\n"); + return 0; + } + return 1; + } + +long MS_CALLBACK bio_dump_callback(BIO *bio, int cmd, const char *argp, + int argi, long argl, long ret) { BIO *out; @@ -239,15 +267,15 @@ long MS_CALLBACK bio_dump_cb(BIO *bio, int cmd, const char *argp, int argi, if (cmd == (BIO_CB_READ|BIO_CB_RETURN)) { - BIO_printf(out,"read from %08X [%08lX] (%d bytes => %ld (0x%X))\n", - bio,argp,argi,ret,ret); + BIO_printf(out,"read from %p [%p] (%d bytes => %ld (0x%lX))\n", + (void *)bio,argp,argi,ret,ret); BIO_dump(out,argp,(int)ret); return(ret); } else if (cmd == (BIO_CB_WRITE|BIO_CB_RETURN)) { - BIO_printf(out,"write to %08X [%08lX] (%d bytes => %ld (0x%X))\n", - bio,argp,argi,ret,ret); + BIO_printf(out,"write to %p [%p] (%d bytes => %ld (0x%lX))\n", + (void *)bio,argp,argi,ret,ret); BIO_dump(out,argp,(int)ret); } return(ret); @@ -255,7 +283,7 @@ long MS_CALLBACK bio_dump_cb(BIO *bio, int cmd, const char *argp, int argi, void MS_CALLBACK apps_ssl_info_callback(const SSL *s, int where, int ret) { - char *str; + const char *str; int w; w=where& ~SSL_ST_MASK; @@ -318,14 +346,14 @@ void MS_CALLBACK msg_cb(int write_p, int version, int content_type, const void * if (len > 0) { - switch (((unsigned char*)buf)[0]) + switch (((const unsigned char*)buf)[0]) { case 0: str_details1 = ", ERROR:"; str_details2 = " ???"; if (len >= 3) { - unsigned err = (((unsigned char*)buf)[1]<<8) + ((unsigned char*)buf)[2]; + unsigned err = (((const unsigned char*)buf)[1]<<8) + ((const unsigned char*)buf)[2]; switch (err) { @@ -394,7 +422,7 @@ void MS_CALLBACK msg_cb(int write_p, int version, int content_type, const void * if (len == 2) { - switch (((unsigned char*)buf)[0]) + switch (((const unsigned char*)buf)[0]) { case 1: str_details1 = ", warning"; @@ -405,7 +433,7 @@ void MS_CALLBACK msg_cb(int write_p, int version, int content_type, const void * } str_details2 = " ???"; - switch (((unsigned char*)buf)[1]) + switch (((const unsigned char*)buf)[1]) { case 0: str_details2 = " close_notify"; @@ -486,7 +514,7 @@ void MS_CALLBACK msg_cb(int write_p, int version, int content_type, const void * if (len > 0) { - switch (((unsigned char*)buf)[0]) + switch (((const unsigned char*)buf)[0]) { case 0: str_details1 = ", HelloRequest"; @@ -539,11 +567,70 @@ void MS_CALLBACK msg_cb(int write_p, int version, int content_type, const void * { if (i % 16 == 0 && i > 0) BIO_printf(bio, "\n "); - BIO_printf(bio, " %02x", ((unsigned char*)buf)[i]); + BIO_printf(bio, " %02x", ((const unsigned char*)buf)[i]); } if (i < len) BIO_printf(bio, " ..."); BIO_printf(bio, "\n"); } - BIO_flush(bio); + (void)BIO_flush(bio); + } + +void MS_CALLBACK tlsext_cb(SSL *s, int client_server, int type, + unsigned char *data, int len, + void *arg) + { + BIO *bio = arg; + char *extname; + + switch(type) + { + case TLSEXT_TYPE_server_name: + extname = "server name"; + break; + + case TLSEXT_TYPE_max_fragment_length: + extname = "max fragment length"; + break; + + case TLSEXT_TYPE_client_certificate_url: + extname = "client certificate URL"; + break; + + case TLSEXT_TYPE_trusted_ca_keys: + extname = "trusted CA keys"; + break; + + case TLSEXT_TYPE_truncated_hmac: + extname = "truncated HMAC"; + break; + + case TLSEXT_TYPE_status_request: + extname = "status request"; + break; + + case TLSEXT_TYPE_elliptic_curves: + extname = "elliptic curves"; + break; + + case TLSEXT_TYPE_ec_point_formats: + extname = "EC point formats"; + break; + + case TLSEXT_TYPE_session_ticket: + extname = "server ticket"; + break; + + + default: + extname = "unknown"; + break; + + } + + BIO_printf(bio, "TLS %s extension \"%s\" (id=%d), len=%d\n", + client_server ? "server": "client", + extname, type, len); + BIO_dump(bio, (char *)data, len); + (void)BIO_flush(bio); } diff --git a/src/lib/libssl/src/apps/s_client.c b/src/lib/libssl/src/apps/s_client.c index f72195e02d..a4983c178f 100644 --- a/src/lib/libssl/src/apps/s_client.c +++ b/src/lib/libssl/src/apps/s_client.c @@ -134,7 +134,9 @@ typedef unsigned int u_int; #include #include #include +#include #include "s_apps.h" +#include "timeouts.h" #ifdef OPENSSL_SYS_WINCE /* Windows CE incorrectly defines fileno as returning void*, so to avoid problems below... */ @@ -170,11 +172,18 @@ static int c_nbio=0; #endif static int c_Pause=0; static int c_debug=0; +#ifndef OPENSSL_NO_TLSEXT +static int c_tlsextdebug=0; +static int c_status_req=0; +#endif static int c_msg=0; static int c_showcerts=0; static void sc_usage(void); static void print_stuff(BIO *berr,SSL *con,int full); +#ifndef OPENSSL_NO_TLSEXT +static int ocsp_resp_cb(SSL *s, void *arg); +#endif static BIO *bio_c_out=NULL; static int c_quiet=0; static int c_ign_eof=0; @@ -187,10 +196,13 @@ static void sc_usage(void) BIO_printf(bio_err," -port port - use -connect instead\n"); BIO_printf(bio_err," -connect host:port - who to connect to (default is %s:%s)\n",SSL_HOST_NAME,PORT_STR); - BIO_printf(bio_err," -verify arg - turn on peer certificate verification\n"); + BIO_printf(bio_err," -verify depth - turn on peer certificate verification\n"); BIO_printf(bio_err," -cert arg - certificate file to use, PEM format assumed\n"); - BIO_printf(bio_err," -key arg - Private key file to use, PEM format assumed, in cert file if\n"); + BIO_printf(bio_err," -certform arg - certificate format (PEM or DER) PEM default\n"); + BIO_printf(bio_err," -key arg - Private key file to use, in cert file if\n"); BIO_printf(bio_err," not specified but cert file is.\n"); + BIO_printf(bio_err," -keyform arg - key format (PEM or DER) PEM default\n"); + BIO_printf(bio_err," -pass arg - private key file pass phrase source\n"); BIO_printf(bio_err," -CApath arg - PEM format directory of CA's\n"); BIO_printf(bio_err," -CAfile arg - PEM format file of CA's\n"); BIO_printf(bio_err," -reconnect - Drop and re-make the connection with the same Session-ID\n"); @@ -212,6 +224,8 @@ static void sc_usage(void) BIO_printf(bio_err," -ssl2 - just use SSLv2\n"); BIO_printf(bio_err," -ssl3 - just use SSLv3\n"); BIO_printf(bio_err," -tls1 - just use TLSv1\n"); + BIO_printf(bio_err," -dtls1 - just use DTLSv1\n"); + BIO_printf(bio_err," -mtu - set the MTU\n"); BIO_printf(bio_err," -no_tls1/-no_ssl3/-no_ssl2 - turn off that protocol\n"); BIO_printf(bio_err," -bugs - Switch on all SSL implementation bug workarounds\n"); BIO_printf(bio_err," -serverpref - Use server's cipher preferences (only SSLv2)\n"); @@ -220,13 +234,50 @@ static void sc_usage(void) BIO_printf(bio_err," -starttls prot - use the STARTTLS command before starting TLS\n"); BIO_printf(bio_err," for those protocols that support it, where\n"); BIO_printf(bio_err," 'prot' defines which one to assume. Currently,\n"); - BIO_printf(bio_err," only \"smtp\" and \"pop3\" are supported.\n"); + BIO_printf(bio_err," only \"smtp\", \"pop3\", \"imap\", and \"ftp\" are supported.\n"); #ifndef OPENSSL_NO_ENGINE BIO_printf(bio_err," -engine id - Initialise and use the specified engine\n"); #endif BIO_printf(bio_err," -rand file%cfile%c...\n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR); + BIO_printf(bio_err," -sess_out arg - file to write SSL session to\n"); + BIO_printf(bio_err," -sess_in arg - file to read SSL session from\n"); +#ifndef OPENSSL_NO_TLSEXT + BIO_printf(bio_err," -servername host - Set TLS extension servername in ClientHello\n"); + BIO_printf(bio_err," -tlsextdebug - hex dump of all TLS extensions received\n"); + BIO_printf(bio_err," -status - request certificate status from server\n"); + BIO_printf(bio_err," -no_ticket - disable use of RFC4507bis session tickets\n"); +#endif + } + +#ifndef OPENSSL_NO_TLSEXT +/* This is a context that we pass to callbacks */ +typedef struct tlsextctx_st { + BIO * biodebug; + int ack; +} tlsextctx; + + +static int MS_CALLBACK ssl_servername_cb(SSL *s, int *ad, void *arg) + { + tlsextctx * p = (tlsextctx *) arg; + const char * hn= SSL_get_servername(s, TLSEXT_NAMETYPE_host_name); + if (SSL_get_servername_type(s) != -1) + p->ack = !SSL_session_reused(s) && hn != NULL; + else + BIO_printf(bio_err,"Can't use SSL_get_servername\n"); + + return SSL_TLSEXT_ERR_OK; } +#endif +enum +{ + PROTO_OFF = 0, + PROTO_SMTP, + PROTO_POP3, + PROTO_IMAP, + PROTO_FTP +}; int MAIN(int, char **); @@ -244,25 +295,46 @@ int MAIN(int argc, char **argv) int full_log=1; char *host=SSL_HOST_NAME; char *cert_file=NULL,*key_file=NULL; + int cert_format = FORMAT_PEM, key_format = FORMAT_PEM; + char *passarg = NULL, *pass = NULL; + X509 *cert = NULL; + EVP_PKEY *key = NULL; char *CApath=NULL,*CAfile=NULL,*cipher=NULL; int reconnect=0,badop=0,verify=SSL_VERIFY_NONE,bugs=0; int crlf=0; int write_tty,read_tty,write_ssl,read_ssl,tty_on,ssl_pending; SSL_CTX *ctx=NULL; int ret=1,in_init=1,i,nbio_test=0; - int starttls_proto = 0; + int starttls_proto = PROTO_OFF; int prexit = 0, vflags = 0; SSL_METHOD *meth=NULL; +#ifdef sock_type +#undef sock_type +#endif + int sock_type=SOCK_STREAM; BIO *sbio; char *inrand=NULL; + int mbuf_len=0; #ifndef OPENSSL_NO_ENGINE char *engine_id=NULL; ENGINE *e=NULL; #endif -#if defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_MSDOS) +#if defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_MSDOS) || defined(OPENSSL_SYS_NETWARE) struct timeval tv; #endif +#ifndef OPENSSL_NO_TLSEXT + char *servername = NULL; + tlsextctx tlsextcbp = + {NULL,0}; +#endif + char *sess_in = NULL; + char *sess_out = NULL; + struct sockaddr peer; + int peerlen = sizeof(peer); + int enable_timeouts = 0 ; + long mtu = 0; + #if !defined(OPENSSL_NO_SSL2) && !defined(OPENSSL_NO_SSL3) meth=SSLv23_client_method(); #elif !defined(OPENSSL_NO_SSL3) @@ -332,6 +404,21 @@ int MAIN(int argc, char **argv) if (--argc < 1) goto bad; cert_file= *(++argv); } + else if (strcmp(*argv,"-sess_out") == 0) + { + if (--argc < 1) goto bad; + sess_out = *(++argv); + } + else if (strcmp(*argv,"-sess_in") == 0) + { + if (--argc < 1) goto bad; + sess_in = *(++argv); + } + else if (strcmp(*argv,"-certform") == 0) + { + if (--argc < 1) goto bad; + cert_format = str2fmt(*(++argv)); + } else if (strcmp(*argv,"-crl_check") == 0) vflags |= X509_V_FLAG_CRL_CHECK; else if (strcmp(*argv,"-crl_check_all") == 0) @@ -351,8 +438,14 @@ int MAIN(int argc, char **argv) c_Pause=1; else if (strcmp(*argv,"-debug") == 0) c_debug=1; +#ifndef OPENSSL_NO_TLSEXT + else if (strcmp(*argv,"-tlsextdebug") == 0) + c_tlsextdebug=1; + else if (strcmp(*argv,"-status") == 0) + c_status_req=1; +#endif #ifdef WATT32 - else if (strcmp(*argv,"-wdebug") == 0) + else if (strcmp(*argv,"-wdebug") == 0) dbug_init(); #endif else if (strcmp(*argv,"-msg") == 0) @@ -374,9 +467,33 @@ int MAIN(int argc, char **argv) #ifndef OPENSSL_NO_TLS1 else if (strcmp(*argv,"-tls1") == 0) meth=TLSv1_client_method(); +#endif +#ifndef OPENSSL_NO_DTLS1 + else if (strcmp(*argv,"-dtls1") == 0) + { + meth=DTLSv1_client_method(); + sock_type=SOCK_DGRAM; + } + else if (strcmp(*argv,"-timeout") == 0) + enable_timeouts=1; + else if (strcmp(*argv,"-mtu") == 0) + { + if (--argc < 1) goto bad; + mtu = atol(*(++argv)); + } #endif else if (strcmp(*argv,"-bugs") == 0) bugs=1; + else if (strcmp(*argv,"-keyform") == 0) + { + if (--argc < 1) goto bad; + key_format = str2fmt(*(++argv)); + } + else if (strcmp(*argv,"-pass") == 0) + { + if (--argc < 1) goto bad; + passarg = *(++argv); + } else if (strcmp(*argv,"-key") == 0) { if (--argc < 1) goto bad; @@ -402,6 +519,10 @@ int MAIN(int argc, char **argv) off|=SSL_OP_NO_SSLv3; else if (strcmp(*argv,"-no_ssl2") == 0) off|=SSL_OP_NO_SSLv2; +#ifndef OPENSSL_NO_TLSEXT + else if (strcmp(*argv,"-no_ticket") == 0) + { off|=SSL_OP_NO_TICKET; } +#endif else if (strcmp(*argv,"-serverpref") == 0) off|=SSL_OP_CIPHER_SERVER_PREFERENCE; else if (strcmp(*argv,"-cipher") == 0) @@ -418,9 +539,13 @@ int MAIN(int argc, char **argv) if (--argc < 1) goto bad; ++argv; if (strcmp(*argv,"smtp") == 0) - starttls_proto = 1; + starttls_proto = PROTO_SMTP; else if (strcmp(*argv,"pop3") == 0) - starttls_proto = 2; + starttls_proto = PROTO_POP3; + else if (strcmp(*argv,"imap") == 0) + starttls_proto = PROTO_IMAP; + else if (strcmp(*argv,"ftp") == 0) + starttls_proto = PROTO_FTP; else goto bad; } @@ -436,6 +561,14 @@ int MAIN(int argc, char **argv) if (--argc < 1) goto bad; inrand= *(++argv); } +#ifndef OPENSSL_NO_TLSEXT + else if (strcmp(*argv,"-servername") == 0) + { + if (--argc < 1) goto bad; + servername= *(++argv); + /* meth=TLSv1_client_method(); */ + } +#endif else { BIO_printf(bio_err,"unknown option %s\n",*argv); @@ -458,6 +591,42 @@ bad: #ifndef OPENSSL_NO_ENGINE e = setup_engine(bio_err, engine_id, 1); #endif + if (!app_passwd(bio_err, passarg, NULL, &pass, NULL)) + { + BIO_printf(bio_err, "Error getting password\n"); + goto end; + } + + if (key_file == NULL) + key_file = cert_file; + + + if (key_file) + + { + + key = load_key(bio_err, key_file, key_format, 0, pass, e, + "client certificate private key file"); + if (!key) + { + ERR_print_errors(bio_err); + goto end; + } + + } + + if (cert_file) + + { + cert = load_cert(bio_err,cert_file,cert_format, + NULL, e, "client certificate file"); + + if (!cert) + { + ERR_print_errors(bio_err); + goto end; + } + } if (!app_RAND_load_file(NULL, bio_err, 1) && inrand == NULL && !RAND_status()) @@ -492,6 +661,10 @@ bad: SSL_CTX_set_options(ctx,SSL_OP_ALL|off); else SSL_CTX_set_options(ctx,off); + /* DTLS: partial reads end up discarding unread UDP bytes :-( + * Setting read ahead solves this problem. + */ + if (sock_type == SOCK_DGRAM) SSL_CTX_set_read_ahead(ctx, 1); if (state) SSL_CTX_set_info_callback(ctx,apps_ssl_info_callback); if (cipher != NULL) @@ -506,7 +679,7 @@ bad: #endif SSL_CTX_set_verify(ctx,verify,verify_callback); - if (!set_cert_stuff(ctx,cert_file,key_file)) + if (!set_cert_key_stuff(ctx,cert,key)) goto end; if ((!SSL_CTX_load_verify_locations(ctx,CAfile,CApath)) || @@ -519,8 +692,51 @@ bad: store = SSL_CTX_get_cert_store(ctx); X509_STORE_set_flags(store, vflags); +#ifndef OPENSSL_NO_TLSEXT + if (servername != NULL) + { + tlsextcbp.biodebug = bio_err; + SSL_CTX_set_tlsext_servername_callback(ctx, ssl_servername_cb); + SSL_CTX_set_tlsext_servername_arg(ctx, &tlsextcbp); + } +#endif con=SSL_new(ctx); + if (sess_in) + { + SSL_SESSION *sess; + BIO *stmp = BIO_new_file(sess_in, "r"); + if (!stmp) + { + BIO_printf(bio_err, "Can't open session file %s\n", + sess_in); + ERR_print_errors(bio_err); + goto end; + } + sess = PEM_read_bio_SSL_SESSION(stmp, NULL, 0, NULL); + BIO_free(stmp); + if (!sess) + { + BIO_printf(bio_err, "Can't open session file %s\n", + sess_in); + ERR_print_errors(bio_err); + goto end; + } + SSL_set_session(con, sess); + SSL_SESSION_free(sess); + } +#ifndef OPENSSL_NO_TLSEXT + if (servername != NULL) + { + if (!SSL_set_tlsext_host_name(con,servername)) + { + BIO_printf(bio_err,"Unable to set TLS servername extension.\n"); + ERR_print_errors(bio_err); + goto end; + } + } +#endif + #ifndef OPENSSL_NO_KRB5 if (con && (con->kssl_ctx = kssl_ctx_new()) != NULL) { @@ -531,7 +747,7 @@ bad: re_start: - if (init_client(&s,host,port) == 0) + if (init_client(&s,host,port,sock_type) == 0) { BIO_printf(bio_err,"connect:errno=%d\n",get_last_socket_error()); SHUTDOWN(s); @@ -552,7 +768,46 @@ re_start: } #endif if (c_Pause & 0x01) con->debug=1; - sbio=BIO_new_socket(s,BIO_NOCLOSE); + + if ( SSL_version(con) == DTLS1_VERSION) + { + struct timeval timeout; + + sbio=BIO_new_dgram(s,BIO_NOCLOSE); + if (getsockname(s, &peer, (void *)&peerlen) < 0) + { + BIO_printf(bio_err, "getsockname:errno=%d\n", + get_last_socket_error()); + SHUTDOWN(s); + goto end; + } + + (void)BIO_ctrl_set_connected(sbio, 1, &peer); + + if ( enable_timeouts) + { + timeout.tv_sec = 0; + timeout.tv_usec = DGRAM_RCV_TIMEOUT; + BIO_ctrl(sbio, BIO_CTRL_DGRAM_SET_RECV_TIMEOUT, 0, &timeout); + + timeout.tv_sec = 0; + timeout.tv_usec = DGRAM_SND_TIMEOUT; + BIO_ctrl(sbio, BIO_CTRL_DGRAM_SET_SEND_TIMEOUT, 0, &timeout); + } + + if ( mtu > 0) + { + SSL_set_options(con, SSL_OP_NO_QUERY_MTU); + SSL_set_mtu(con, mtu); + } + else + /* want to do MTU discovery */ + BIO_ctrl(sbio, BIO_CTRL_DGRAM_MTU_DISCOVER, 0, NULL); + } + else + sbio=BIO_new_socket(s,BIO_NOCLOSE); + + if (nbio_test) { @@ -565,14 +820,38 @@ re_start: if (c_debug) { con->debug=1; - BIO_set_callback(sbio,bio_dump_cb); - BIO_set_callback_arg(sbio,bio_c_out); + BIO_set_callback(sbio,bio_dump_callback); + BIO_set_callback_arg(sbio,(char *)bio_c_out); } if (c_msg) { SSL_set_msg_callback(con, msg_cb); SSL_set_msg_callback_arg(con, bio_c_out); } +#ifndef OPENSSL_NO_TLSEXT + if (c_tlsextdebug) + { + SSL_set_tlsext_debug_callback(con, tlsext_cb); + SSL_set_tlsext_debug_arg(con, bio_c_out); + } + if (c_status_req) + { + SSL_set_tlsext_status_type(con, TLSEXT_STATUSTYPE_ocsp); + SSL_CTX_set_tlsext_status_cb(ctx, ocsp_resp_cb); + SSL_CTX_set_tlsext_status_arg(ctx, bio_c_out); +#if 0 +{ +STACK_OF(OCSP_RESPID) *ids = sk_OCSP_RESPID_new_null(); +OCSP_RESPID *id = OCSP_RESPID_new(); +id->value.byKey = ASN1_OCTET_STRING_new(); +id->type = V_OCSP_RESPID_KEY; +ASN1_STRING_set(id->value.byKey, "Hello World", -1); +sk_OCSP_RESPID_push(ids, id); +SSL_set_tlsext_status_ids(con, ids); +} +#endif + } +#endif SSL_set_bio(con,sbio,sbio); SSL_set_connect_state(con); @@ -592,20 +871,93 @@ re_start: sbuf_off=0; /* This is an ugly hack that does a lot of assumptions */ - if (starttls_proto == 1) + /* We do have to handle multi-line responses which may come + in a single packet or not. We therefore have to use + BIO_gets() which does need a buffering BIO. So during + the initial chitchat we do push a buffering BIO into the + chain that is removed again later on to not disturb the + rest of the s_client operation. */ + if (starttls_proto == PROTO_SMTP) { - BIO_read(sbio,mbuf,BUFSIZZ); - BIO_printf(sbio,"EHLO some.host.name\r\n"); - BIO_read(sbio,mbuf,BUFSIZZ); + int foundit=0; + BIO *fbio = BIO_new(BIO_f_buffer()); + BIO_push(fbio, sbio); + /* wait for multi-line response to end from SMTP */ + do + { + mbuf_len = BIO_gets(fbio,mbuf,BUFSIZZ); + } + while (mbuf_len>3 && mbuf[3]=='-'); + /* STARTTLS command requires EHLO... */ + BIO_printf(fbio,"EHLO openssl.client.net\r\n"); + (void)BIO_flush(fbio); + /* wait for multi-line response to end EHLO SMTP response */ + do + { + mbuf_len = BIO_gets(fbio,mbuf,BUFSIZZ); + if (strstr(mbuf,"STARTTLS")) + foundit=1; + } + while (mbuf_len>3 && mbuf[3]=='-'); + (void)BIO_flush(fbio); + BIO_pop(fbio); + BIO_free(fbio); + if (!foundit) + BIO_printf(bio_err, + "didn't found starttls in server response," + " try anyway...\n"); BIO_printf(sbio,"STARTTLS\r\n"); BIO_read(sbio,sbuf,BUFSIZZ); } - if (starttls_proto == 2) + else if (starttls_proto == PROTO_POP3) { BIO_read(sbio,mbuf,BUFSIZZ); BIO_printf(sbio,"STLS\r\n"); BIO_read(sbio,sbuf,BUFSIZZ); } + else if (starttls_proto == PROTO_IMAP) + { + int foundit=0; + BIO *fbio = BIO_new(BIO_f_buffer()); + BIO_push(fbio, sbio); + BIO_gets(fbio,mbuf,BUFSIZZ); + /* STARTTLS command requires CAPABILITY... */ + BIO_printf(fbio,". CAPABILITY\r\n"); + (void)BIO_flush(fbio); + /* wait for multi-line CAPABILITY response */ + do + { + mbuf_len = BIO_gets(fbio,mbuf,BUFSIZZ); + if (strstr(mbuf,"STARTTLS")) + foundit=1; + } + while (mbuf_len>3 && mbuf[0]!='.'); + (void)BIO_flush(fbio); + BIO_pop(fbio); + BIO_free(fbio); + if (!foundit) + BIO_printf(bio_err, + "didn't found STARTTLS in server response," + " try anyway...\n"); + BIO_printf(sbio,". STARTTLS\r\n"); + BIO_read(sbio,sbuf,BUFSIZZ); + } + else if (starttls_proto == PROTO_FTP) + { + BIO *fbio = BIO_new(BIO_f_buffer()); + BIO_push(fbio, sbio); + /* wait for multi-line response to end from FTP */ + do + { + mbuf_len = BIO_gets(fbio,mbuf,BUFSIZZ); + } + while (mbuf_len>3 && mbuf[3]=='-'); + (void)BIO_flush(fbio); + BIO_pop(fbio); + BIO_free(fbio); + BIO_printf(sbio,"AUTH TLS\r\n"); + BIO_read(sbio,sbuf,BUFSIZZ); + } for (;;) { @@ -623,6 +975,17 @@ re_start: if (in_init) { in_init=0; + if (sess_out) + { + BIO *stmp = BIO_new_file(sess_out, "w"); + if (stmp) + { + PEM_write_bio_SSL_SESSION(stmp, SSL_get_session(con)); + BIO_free(stmp); + } + else + BIO_printf(bio_err, "Error writing session file %s\n", sess_out); + } print_stuff(bio_c_out,con,full_log); if (full_log > 0) full_log--; @@ -630,7 +993,7 @@ re_start: { BIO_printf(bio_err,"%s",mbuf); /* We don't need to know any more */ - starttls_proto = 0; + starttls_proto = PROTO_OFF; } if (reconnect) @@ -649,7 +1012,7 @@ re_start: if (!ssl_pending) { -#if !defined(OPENSSL_SYS_WINDOWS) && !defined(OPENSSL_SYS_MSDOS) +#if !defined(OPENSSL_SYS_WINDOWS) && !defined(OPENSSL_SYS_MSDOS) && !defined(OPENSSL_SYS_NETWARE) if (tty_on) { if (read_tty) FD_SET(fileno(stdin),&readfds); @@ -699,6 +1062,16 @@ re_start: } else i=select(width,(void *)&readfds,(void *)&writefds, NULL,NULL); } +#elif defined(OPENSSL_SYS_NETWARE) + if(!write_tty) { + if(read_tty) { + tv.tv_sec = 1; + tv.tv_usec = 0; + i=select(width,(void *)&readfds,(void *)&writefds, + NULL,&tv); + } else i=select(width,(void *)&readfds,(void *)&writefds, + NULL,NULL); + } #else i=select(width,(void *)&readfds,(void *)&writefds, NULL,NULL); @@ -779,7 +1152,7 @@ re_start: goto shut; } } -#if defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_MSDOS) +#if defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_MSDOS) || defined(OPENSSL_SYS_NETWARE) /* Assume Windows/DOS can always write */ else if (!ssl_pending && write_tty) #else @@ -866,6 +1239,8 @@ printf("read=%d pending=%d peek=%d\n",k,SSL_pending(con),SSL_peek(con,zbuf,10240 #else else if ((_kbhit()) || (WAIT_OBJECT_0 == WaitForSingleObject(GetStdHandle(STD_INPUT_HANDLE), 0))) #endif +#elif defined (OPENSSL_SYS_NETWARE) + else if (_kbhit()) #else else if (FD_ISSET(fileno(stdin),&readfds)) #endif @@ -929,6 +1304,12 @@ end: if (con != NULL) SSL_free(con); if (con2 != NULL) SSL_free(con2); if (ctx != NULL) SSL_CTX_free(ctx); + if (cert) + X509_free(cert); + if (key) + EVP_PKEY_free(key); + if (pass) + OPENSSL_free(pass); if (cbuf != NULL) { OPENSSL_cleanse(cbuf,BUFSIZZ); OPENSSL_free(cbuf); } if (sbuf != NULL) { OPENSSL_cleanse(sbuf,BUFSIZZ); OPENSSL_free(sbuf); } if (mbuf != NULL) { OPENSSL_cleanse(mbuf,BUFSIZZ); OPENSSL_free(mbuf); } @@ -946,13 +1327,16 @@ static void print_stuff(BIO *bio, SSL *s, int full) { X509 *peer=NULL; char *p; - static char *space=" "; + static const char *space=" "; char buf[BUFSIZ]; STACK_OF(X509) *sk; STACK_OF(X509_NAME) *sk2; SSL_CIPHER *c; X509_NAME *xn; int j,i; +#ifndef OPENSSL_NO_COMP + const COMP_METHOD *comp, *expansion; +#endif if (full) { @@ -1055,11 +1439,47 @@ static void print_stuff(BIO *bio, SSL *s, int full) EVP_PKEY_bits(pktmp)); EVP_PKEY_free(pktmp); } +#ifndef OPENSSL_NO_COMP + comp=SSL_get_current_compression(s); + expansion=SSL_get_current_expansion(s); + BIO_printf(bio,"Compression: %s\n", + comp ? SSL_COMP_get_name(comp) : "NONE"); + BIO_printf(bio,"Expansion: %s\n", + expansion ? SSL_COMP_get_name(expansion) : "NONE"); +#endif SSL_SESSION_print(bio,SSL_get_session(s)); BIO_printf(bio,"---\n"); if (peer != NULL) X509_free(peer); /* flush, or debugging output gets mixed with http response */ - BIO_flush(bio); + (void)BIO_flush(bio); } +#ifndef OPENSSL_NO_TLSEXT + +static int ocsp_resp_cb(SSL *s, void *arg) + { + const unsigned char *p; + int len; + OCSP_RESPONSE *rsp; + len = SSL_get_tlsext_status_ocsp_resp(s, &p); + BIO_puts(arg, "OCSP response: "); + if (!p) + { + BIO_puts(arg, "no response sent\n"); + return 1; + } + rsp = d2i_OCSP_RESPONSE(NULL, &p, len); + if (!rsp) + { + BIO_puts(arg, "response parse error\n"); + BIO_dump_indent(arg, (char *)p, len, 4); + return 0; + } + BIO_puts(arg, "\n======================================\n"); + OCSP_RESPONSE_print(arg, rsp, 0); + BIO_puts(arg, "======================================\n"); + OCSP_RESPONSE_free(rsp); + return 1; + } +#endif /* ndef OPENSSL_NO_TLSEXT */ diff --git a/src/lib/libssl/src/apps/s_server.c b/src/lib/libssl/src/apps/s_server.c index ff4ab6ef28..7919c437c6 100644 --- a/src/lib/libssl/src/apps/s_server.c +++ b/src/lib/libssl/src/apps/s_server.c @@ -108,18 +108,33 @@ * Hudson (tjh@cryptsoft.com). * */ +/* ==================================================================== + * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. + * ECC cipher suite support in OpenSSL originally developed by + * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project. + */ + +/* Until the key-gen callbacks are modified to use newer prototypes, we allow + * deprecated functions for openssl-internal code */ +#ifdef OPENSSL_NO_DEPRECATED +#undef OPENSSL_NO_DEPRECATED +#endif #include #include #include #include -#include + #include #include #ifdef OPENSSL_NO_STDIO #define APPS_WIN16 #endif +#if !defined(OPENSSL_SYS_NETWARE) /* conflicts with winsock2 stuff on netware */ +#include +#endif + /* With IPv6, it looks like Digital has mixed up the proper order of recursive header file inclusion, resulting in the compiler complaining that u_int isn't defined, but only if _POSIX_C_SOURCE is defined, which @@ -138,7 +153,15 @@ typedef unsigned int u_int; #include #include #include +#include +#ifndef OPENSSL_NO_DH +#include +#endif +#ifndef OPENSSL_NO_RSA +#include +#endif #include "s_apps.h" +#include "timeouts.h" #ifdef OPENSSL_SYS_WINCE /* Windows CE incorrectly defines fileno as returning void*, so to avoid problems below... */ @@ -165,9 +188,10 @@ static void print_stats(BIO *bp,SSL_CTX *ctx); static int generate_session_id(const SSL *ssl, unsigned char *id, unsigned int *id_len); #ifndef OPENSSL_NO_DH -static DH *load_dh_param(char *dhfile); +static DH *load_dh_param(const char *dhfile); static DH *get_dh512(void); #endif + #ifdef MONOLITH static void s_server_init(void); #endif @@ -206,6 +230,7 @@ static DH *get_dh512(void) } #endif + /* static int load_CA(SSL_CTX *ctx, char *file);*/ #undef BUFSIZZ @@ -214,6 +239,9 @@ static int bufsize=BUFSIZZ; static int accept_socket= -1; #define TEST_CERT "server.pem" +#ifndef OPENSSL_NO_TLSEXT +#define TEST_CERT2 "server2.pem" +#endif #undef PROG #define PROG s_server_main @@ -222,7 +250,10 @@ extern int verify_depth; static char *cipher=NULL; static int s_server_verify=SSL_VERIFY_NONE; static int s_server_session_id_context = 1; /* anything will do */ -static char *s_cert_file=TEST_CERT,*s_key_file=NULL; +static const char *s_cert_file=TEST_CERT,*s_key_file=NULL; +#ifndef OPENSSL_NO_TLSEXT +static const char *s_cert_file2=TEST_CERT2,*s_key_file2=NULL; +#endif static char *s_dcert_file=NULL,*s_dkey_file=NULL; #ifdef FIONBIO static int s_nbio=0; @@ -230,10 +261,18 @@ static int s_nbio=0; static int s_nbio_test=0; int s_crlf=0; static SSL_CTX *ctx=NULL; +#ifndef OPENSSL_NO_TLSEXT +static SSL_CTX *ctx2=NULL; +#endif static int www=0; static BIO *bio_s_out=NULL; static int s_debug=0; +#ifndef OPENSSL_NO_TLSEXT +static int s_tlsextdebug=0; +static int s_tlsextstatus=0; +static int cert_status_cb(SSL *s, void *arg); +#endif static int s_msg=0; static int s_quiet=0; @@ -243,6 +282,14 @@ static char *engine_id=NULL; #endif static const char *session_id_prefix=NULL; +static int enable_timeouts = 0; +#ifdef mtu +#undef mtu +#endif +static long mtu; +static int cert_chain = 0; + + #ifdef MONOLITH static void s_server_init(void) { @@ -253,6 +300,11 @@ static void s_server_init(void) s_dkey_file=NULL; s_cert_file=TEST_CERT; s_key_file=NULL; +#ifndef OPENSSL_NO_TLSEXT + s_cert_file2=TEST_CERT2; + s_key_file2=NULL; + ctx2=NULL; +#endif #ifdef FIONBIO s_nbio=0; #endif @@ -279,14 +331,30 @@ static void sv_usage(void) BIO_printf(bio_err," -context arg - set session ID context\n"); BIO_printf(bio_err," -verify arg - turn on peer certificate verification\n"); BIO_printf(bio_err," -Verify arg - turn on peer certificate verification, must have a cert.\n"); - BIO_printf(bio_err," -cert arg - certificate file to use, PEM format assumed\n"); + BIO_printf(bio_err," -cert arg - certificate file to use\n"); BIO_printf(bio_err," (default is %s)\n",TEST_CERT); - BIO_printf(bio_err," -key arg - Private Key file to use, PEM format assumed, in cert file if\n"); + BIO_printf(bio_err," -crl_check - check the peer certificate has not been revoked by its CA.\n" \ + " The CRL(s) are appended to the certificate file\n"); + BIO_printf(bio_err," -crl_check_all - check the peer certificate has not been revoked by its CA\n" \ + " or any other CRL in the CA chain. CRL(s) are appened to the\n" \ + " the certificate file.\n"); + BIO_printf(bio_err," -certform arg - certificate format (PEM or DER) PEM default\n"); + BIO_printf(bio_err," -key arg - Private Key file to use, in cert file if\n"); BIO_printf(bio_err," not specified (default is %s)\n",TEST_CERT); + BIO_printf(bio_err," -keyform arg - key format (PEM, DER or ENGINE) PEM default\n"); + BIO_printf(bio_err," -pass arg - private key file pass phrase source\n"); BIO_printf(bio_err," -dcert arg - second certificate file to use (usually for DSA)\n"); + BIO_printf(bio_err," -dcertform x - second certificate format (PEM or DER) PEM default\n"); BIO_printf(bio_err," -dkey arg - second private key file to use (usually for DSA)\n"); + BIO_printf(bio_err," -dkeyform arg - second key format (PEM, DER or ENGINE) PEM default\n"); + BIO_printf(bio_err," -dpass arg - second private key file pass phrase source\n"); BIO_printf(bio_err," -dhparam arg - DH parameter file to use, in cert file if not specified\n"); BIO_printf(bio_err," or a default set of parameters is used\n"); +#ifndef OPENSSL_NO_ECDH + BIO_printf(bio_err," -named_curve arg - Elliptic curve name to use for ephemeral ECDH keys.\n" \ + " Use \"openssl ecparam -list_curves\" for all names\n" \ + " (default is sect163r2).\n"); +#endif #ifdef FIONBIO BIO_printf(bio_err," -nbio - Run with non-blocking IO\n"); #endif @@ -305,11 +373,18 @@ static void sv_usage(void) BIO_printf(bio_err," -ssl2 - Just talk SSLv2\n"); BIO_printf(bio_err," -ssl3 - Just talk SSLv3\n"); BIO_printf(bio_err," -tls1 - Just talk TLSv1\n"); + BIO_printf(bio_err," -dtls1 - Just talk DTLSv1\n"); + BIO_printf(bio_err," -timeout - Enable timeouts\n"); + BIO_printf(bio_err," -mtu - Set MTU\n"); + BIO_printf(bio_err," -chain - Read a certificate chain\n"); BIO_printf(bio_err," -no_ssl2 - Just disable SSLv2\n"); BIO_printf(bio_err," -no_ssl3 - Just disable SSLv3\n"); BIO_printf(bio_err," -no_tls1 - Just disable TLSv1\n"); #ifndef OPENSSL_NO_DH BIO_printf(bio_err," -no_dhe - Disable ephemeral DH\n"); +#endif +#ifndef OPENSSL_NO_ECDH + BIO_printf(bio_err," -no_ecdhe - Disable ephemeral ECDH\n"); #endif BIO_printf(bio_err," -bugs - Turn on SSL bug compatibility\n"); BIO_printf(bio_err," -www - Respond to a 'GET /' with a status page\n"); @@ -321,6 +396,16 @@ static void sv_usage(void) #endif BIO_printf(bio_err," -id_prefix arg - Generate SSL/TLS session IDs prefixed by 'arg'\n"); BIO_printf(bio_err," -rand file%cfile%c...\n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR); +#ifndef OPENSSL_NO_TLSEXT + BIO_printf(bio_err," -servername host - servername for HostName TLS extension\n"); + BIO_printf(bio_err," -servername_fatal - on mismatch send fatal alert (default warning alert)\n"); + BIO_printf(bio_err," -cert2 arg - certificate file to use for servername\n"); + BIO_printf(bio_err," (default is %s)\n",TEST_CERT2); + BIO_printf(bio_err," -key2 arg - Private Key file to use for servername, in cert file if\n"); + BIO_printf(bio_err," not specified (default is %s)\n",TEST_CERT2); + BIO_printf(bio_err," -tlsextdebug - hex dump of all TLS extensions received\n"); + BIO_printf(bio_err," -no_ticket - disable use of RFC4507bis session tickets\n"); +#endif } static int local_argc=0; @@ -476,6 +561,185 @@ static int ebcdic_puts(BIO *bp, const char *str) } #endif +#ifndef OPENSSL_NO_TLSEXT + +/* This is a context that we pass to callbacks */ +typedef struct tlsextctx_st { + char * servername; + BIO * biodebug; + int extension_error; +} tlsextctx; + + +static int MS_CALLBACK ssl_servername_cb(SSL *s, int *ad, void *arg) + { + tlsextctx * p = (tlsextctx *) arg; + const char * servername = SSL_get_servername(s, TLSEXT_NAMETYPE_host_name); + if (servername && p->biodebug) + BIO_printf(p->biodebug,"Hostname in TLS extension: \"%s\"\n",servername); + + if (!p->servername) + return SSL_TLSEXT_ERR_NOACK; + + if (servername) + { + if (strcmp(servername,p->servername)) + return p->extension_error; + if (ctx2) + { + BIO_printf(p->biodebug,"Swiching server context.\n"); + SSL_set_SSL_CTX(s,ctx2); + } + } + return SSL_TLSEXT_ERR_OK; +} + +/* Structure passed to cert status callback */ + +typedef struct tlsextstatusctx_st { + /* Default responder to use */ + char *host, *path, *port; + int use_ssl; + int timeout; + BIO *err; + int verbose; +} tlsextstatusctx; + +static tlsextstatusctx tlscstatp = {NULL, NULL, NULL, 0, -1, NULL, 0}; + +/* Certificate Status callback. This is called when a client includes a + * certificate status request extension. + * + * This is a simplified version. It examines certificates each time and + * makes one OCSP responder query for each request. + * + * A full version would store details such as the OCSP certificate IDs and + * minimise the number of OCSP responses by caching them until they were + * considered "expired". + */ + +static int cert_status_cb(SSL *s, void *arg) + { + tlsextstatusctx *srctx = arg; + BIO *err = srctx->err; + char *host, *port, *path; + int use_ssl; + unsigned char *rspder = NULL; + int rspderlen; + STACK *aia = NULL; + X509 *x = NULL; + X509_STORE_CTX inctx; + X509_OBJECT obj; + OCSP_REQUEST *req = NULL; + OCSP_RESPONSE *resp = NULL; + OCSP_CERTID *id = NULL; + STACK_OF(X509_EXTENSION) *exts; + int ret = SSL_TLSEXT_ERR_NOACK; + int i; +#if 0 +STACK_OF(OCSP_RESPID) *ids; +SSL_get_tlsext_status_ids(s, &ids); +BIO_printf(err, "cert_status: received %d ids\n", sk_OCSP_RESPID_num(ids)); +#endif + if (srctx->verbose) + BIO_puts(err, "cert_status: callback called\n"); + /* Build up OCSP query from server certificate */ + x = SSL_get_certificate(s); + aia = X509_get1_ocsp(x); + if (aia) + { + if (!OCSP_parse_url(sk_value(aia, 0), + &host, &port, &path, &use_ssl)) + { + BIO_puts(err, "cert_status: can't parse AIA URL\n"); + goto err; + } + if (srctx->verbose) + BIO_printf(err, "cert_status: AIA URL: %s\n", + sk_value(aia, 0)); + } + else + { + if (!srctx->host) + { + BIO_puts(srctx->err, "cert_status: no AIA and no default responder URL\n"); + goto done; + } + host = srctx->host; + path = srctx->path; + port = srctx->port; + use_ssl = srctx->use_ssl; + } + + if (!X509_STORE_CTX_init(&inctx, + SSL_CTX_get_cert_store(SSL_get_SSL_CTX(s)), + NULL, NULL)) + goto err; + if (X509_STORE_get_by_subject(&inctx,X509_LU_X509, + X509_get_issuer_name(x),&obj) <= 0) + { + BIO_puts(err, "cert_status: Can't retrieve issuer certificate.\n"); + X509_STORE_CTX_cleanup(&inctx); + goto done; + } + req = OCSP_REQUEST_new(); + if (!req) + goto err; + id = OCSP_cert_to_id(NULL, x, obj.data.x509); + X509_free(obj.data.x509); + X509_STORE_CTX_cleanup(&inctx); + if (!id) + goto err; + if (!OCSP_request_add0_id(req, id)) + goto err; + id = NULL; + /* Add any extensions to the request */ + SSL_get_tlsext_status_exts(s, &exts); + for (i = 0; i < sk_X509_EXTENSION_num(exts); i++) + { + X509_EXTENSION *ext = sk_X509_EXTENSION_value(exts, i); + if (!OCSP_REQUEST_add_ext(req, ext, -1)) + goto err; + } + resp = process_responder(err, req, host, path, port, use_ssl, + srctx->timeout); + if (!resp) + { + BIO_puts(err, "cert_status: error querying responder\n"); + goto done; + } + rspderlen = i2d_OCSP_RESPONSE(resp, &rspder); + if (rspderlen <= 0) + goto err; + SSL_set_tlsext_status_ocsp_resp(s, rspder, rspderlen); + if (srctx->verbose) + { + BIO_puts(err, "cert_status: ocsp response sent:\n"); + OCSP_RESPONSE_print(err, resp, 2); + } + ret = SSL_TLSEXT_ERR_OK; + done: + if (ret != SSL_TLSEXT_ERR_OK) + ERR_print_errors(err); + if (aia) + { + OPENSSL_free(host); + OPENSSL_free(path); + OPENSSL_free(port); + X509_email_free(aia); + } + if (id) + OCSP_CERTID_free(id); + if (req) + OCSP_REQUEST_free(req); + if (resp) + OCSP_RESPONSE_free(resp); + return ret; + err: + ret = SSL_TLSEXT_ERR_ALERT_FATAL; + goto done; + } +#endif int MAIN(int, char **); int MAIN(int argc, char *argv[]) @@ -484,18 +748,36 @@ int MAIN(int argc, char *argv[]) int vflags = 0; short port=PORT; char *CApath=NULL,*CAfile=NULL; - char *context = NULL; + unsigned char *context = NULL; char *dhfile = NULL; +#ifndef OPENSSL_NO_ECDH + char *named_curve = NULL; +#endif int badop=0,bugs=0; int ret=1; int off=0; - int no_tmp_rsa=0,no_dhe=0,nocert=0; + int no_tmp_rsa=0,no_dhe=0,no_ecdhe=0,nocert=0; int state=0; SSL_METHOD *meth=NULL; + int socket_type=SOCK_STREAM; #ifndef OPENSSL_NO_ENGINE ENGINE *e=NULL; #endif char *inrand=NULL; + int s_cert_format = FORMAT_PEM, s_key_format = FORMAT_PEM; + char *passarg = NULL, *pass = NULL; + char *dpassarg = NULL, *dpass = NULL; + int s_dcert_format = FORMAT_PEM, s_dkey_format = FORMAT_PEM; + X509 *s_cert = NULL, *s_dcert = NULL; + EVP_PKEY *s_key = NULL, *s_dkey = NULL; +#ifndef OPENSSL_NO_TLSEXT + EVP_PKEY *s_key2 = NULL; + X509 *s_cert2 = NULL; +#endif + +#ifndef OPENSSL_NO_TLSEXT + tlsextctx tlsextcbp = {NULL, NULL, SSL_TLSEXT_ERR_ALERT_WARNING}; +#endif #if !defined(OPENSSL_NO_SSL2) && !defined(OPENSSL_NO_SSL3) meth=SSLv23_server_method(); @@ -555,28 +837,65 @@ int MAIN(int argc, char *argv[]) else if (strcmp(*argv,"-context") == 0) { if (--argc < 1) goto bad; - context= *(++argv); + context= (unsigned char *)*(++argv); } else if (strcmp(*argv,"-cert") == 0) { if (--argc < 1) goto bad; s_cert_file= *(++argv); } + else if (strcmp(*argv,"-certform") == 0) + { + if (--argc < 1) goto bad; + s_cert_format = str2fmt(*(++argv)); + } else if (strcmp(*argv,"-key") == 0) { if (--argc < 1) goto bad; s_key_file= *(++argv); } + else if (strcmp(*argv,"-keyform") == 0) + { + if (--argc < 1) goto bad; + s_key_format = str2fmt(*(++argv)); + } + else if (strcmp(*argv,"-pass") == 0) + { + if (--argc < 1) goto bad; + passarg = *(++argv); + } else if (strcmp(*argv,"-dhparam") == 0) { if (--argc < 1) goto bad; dhfile = *(++argv); } +#ifndef OPENSSL_NO_ECDH + else if (strcmp(*argv,"-named_curve") == 0) + { + if (--argc < 1) goto bad; + named_curve = *(++argv); + } +#endif + else if (strcmp(*argv,"-dcertform") == 0) + { + if (--argc < 1) goto bad; + s_dcert_format = str2fmt(*(++argv)); + } else if (strcmp(*argv,"-dcert") == 0) { if (--argc < 1) goto bad; s_dcert_file= *(++argv); } + else if (strcmp(*argv,"-dkeyform") == 0) + { + if (--argc < 1) goto bad; + s_dkey_format = str2fmt(*(++argv)); + } + else if (strcmp(*argv,"-dpass") == 0) + { + if (--argc < 1) goto bad; + dpassarg = *(++argv); + } else if (strcmp(*argv,"-dkey") == 0) { if (--argc < 1) goto bad; @@ -595,7 +914,7 @@ int MAIN(int argc, char *argv[]) { vflags |= X509_V_FLAG_CRL_CHECK; } - else if (strcmp(*argv,"-crl_check") == 0) + else if (strcmp(*argv,"-crl_check_all") == 0) { vflags |= X509_V_FLAG_CRL_CHECK|X509_V_FLAG_CRL_CHECK_ALL; } @@ -624,6 +943,37 @@ int MAIN(int argc, char *argv[]) } else if (strcmp(*argv,"-debug") == 0) { s_debug=1; } +#ifndef OPENSSL_NO_TLSEXT + else if (strcmp(*argv,"-tlsextdebug") == 0) + s_tlsextdebug=1; + else if (strcmp(*argv,"-status") == 0) + s_tlsextstatus=1; + else if (strcmp(*argv,"-status_verbose") == 0) + { + s_tlsextstatus=1; + tlscstatp.verbose = 1; + } + else if (!strcmp(*argv, "-status_timeout")) + { + s_tlsextstatus=1; + if (--argc < 1) goto bad; + tlscstatp.timeout = atoi(*(++argv)); + } + else if (!strcmp(*argv, "-status_url")) + { + s_tlsextstatus=1; + if (--argc < 1) goto bad; + if (!OCSP_parse_url(*(++argv), + &tlscstatp.host, + &tlscstatp.port, + &tlscstatp.path, + &tlscstatp.use_ssl)) + { + BIO_printf(bio_err, "Error parsing URL\n"); + goto bad; + } + } +#endif else if (strcmp(*argv,"-msg") == 0) { s_msg=1; } else if (strcmp(*argv,"-hack") == 0) @@ -640,6 +990,8 @@ int MAIN(int argc, char *argv[]) { no_tmp_rsa=1; } else if (strcmp(*argv,"-no_dhe") == 0) { no_dhe=1; } + else if (strcmp(*argv,"-no_ecdhe") == 0) + { no_ecdhe=1; } else if (strcmp(*argv,"-www") == 0) { www=1; } else if (strcmp(*argv,"-WWW") == 0) @@ -652,6 +1004,10 @@ int MAIN(int argc, char *argv[]) { off|=SSL_OP_NO_SSLv3; } else if (strcmp(*argv,"-no_tls1") == 0) { off|=SSL_OP_NO_TLSv1; } +#ifndef OPENSSL_NO_TLSEXT + else if (strcmp(*argv,"-no_ticket") == 0) + { off|=SSL_OP_NO_TICKET; } +#endif #ifndef OPENSSL_NO_SSL2 else if (strcmp(*argv,"-ssl2") == 0) { meth=SSLv2_server_method(); } @@ -663,6 +1019,22 @@ int MAIN(int argc, char *argv[]) #ifndef OPENSSL_NO_TLS1 else if (strcmp(*argv,"-tls1") == 0) { meth=TLSv1_server_method(); } +#endif +#ifndef OPENSSL_NO_DTLS1 + else if (strcmp(*argv,"-dtls1") == 0) + { + meth=DTLSv1_server_method(); + socket_type = SOCK_DGRAM; + } + else if (strcmp(*argv,"-timeout") == 0) + enable_timeouts = 1; + else if (strcmp(*argv,"-mtu") == 0) + { + if (--argc < 1) goto bad; + mtu = atol(*(++argv)); + } + else if (strcmp(*argv, "-chain") == 0) + cert_chain = 1; #endif else if (strcmp(*argv, "-id_prefix") == 0) { @@ -681,6 +1053,25 @@ int MAIN(int argc, char *argv[]) if (--argc < 1) goto bad; inrand= *(++argv); } +#ifndef OPENSSL_NO_TLSEXT + else if (strcmp(*argv,"-servername") == 0) + { + if (--argc < 1) goto bad; + tlsextcbp.servername= *(++argv); + } + else if (strcmp(*argv,"-servername_fatal") == 0) + { tlsextcbp.extension_error = SSL_TLSEXT_ERR_ALERT_FATAL; } + else if (strcmp(*argv,"-cert2") == 0) + { + if (--argc < 1) goto bad; + s_cert_file2= *(++argv); + } + else if (strcmp(*argv,"-key2") == 0) + { + if (--argc < 1) goto bad; + s_key_file2= *(++argv); + } +#endif else { BIO_printf(bio_err,"unknown option %s\n",*argv); @@ -704,6 +1095,87 @@ bad: e = setup_engine(bio_err, engine_id, 1); #endif + if (!app_passwd(bio_err, passarg, dpassarg, &pass, &dpass)) + { + BIO_printf(bio_err, "Error getting password\n"); + goto end; + } + + + if (s_key_file == NULL) + s_key_file = s_cert_file; +#ifndef OPENSSL_NO_TLSEXT + if (s_key_file2 == NULL) + s_key_file2 = s_cert_file2; +#endif + + if (nocert == 0) + { + s_key = load_key(bio_err, s_key_file, s_key_format, 0, pass, e, + "server certificate private key file"); + if (!s_key) + { + ERR_print_errors(bio_err); + goto end; + } + + s_cert = load_cert(bio_err,s_cert_file,s_cert_format, + NULL, e, "server certificate file"); + + if (!s_cert) + { + ERR_print_errors(bio_err); + goto end; + } + +#ifndef OPENSSL_NO_TLSEXT + if (tlsextcbp.servername) + { + s_key2 = load_key(bio_err, s_key_file2, s_key_format, 0, pass, e, + "second server certificate private key file"); + if (!s_key2) + { + ERR_print_errors(bio_err); + goto end; + } + + s_cert2 = load_cert(bio_err,s_cert_file2,s_cert_format, + NULL, e, "second server certificate file"); + + if (!s_cert2) + { + ERR_print_errors(bio_err); + goto end; + } + } +#endif + } + if (s_dcert_file) + { + + if (s_dkey_file == NULL) + s_dkey_file = s_dcert_file; + + s_dkey = load_key(bio_err, s_dkey_file, s_dkey_format, + 0, dpass, e, + "second certificate private key file"); + if (!s_dkey) + { + ERR_print_errors(bio_err); + goto end; + } + + s_dcert = load_cert(bio_err,s_dcert_file,s_dcert_format, + NULL, e, "second server certificate file"); + + if (!s_dcert) + { + ERR_print_errors(bio_err); + goto end; + } + + } + if (!app_RAND_load_file(NULL, bio_err, 1) && inrand == NULL && !RAND_status()) { @@ -726,7 +1198,7 @@ bad: } } -#if !defined(OPENSSL_NO_RSA) || !defined(OPENSSL_NO_DSA) +#if !defined(OPENSSL_NO_RSA) || !defined(OPENSSL_NO_DSA) || !defined(OPENSSL_NO_ECDSA) if (nocert) #endif { @@ -734,6 +1206,10 @@ bad: s_key_file=NULL; s_dcert_file=NULL; s_dkey_file=NULL; +#ifndef OPENSSL_NO_TLSEXT + s_cert_file2=NULL; + s_key_file2=NULL; +#endif } ctx=SSL_CTX_new(meth); @@ -762,6 +1238,10 @@ bad: if (bugs) SSL_CTX_set_options(ctx,SSL_OP_ALL); if (hack) SSL_CTX_set_options(ctx,SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG); SSL_CTX_set_options(ctx,off); + /* DTLS: partial reads end up discarding unread UDP bytes :-( + * Setting read ahead solves this problem. + */ + if (socket_type == SOCK_DGRAM) SSL_CTX_set_read_ahead(ctx, 1); if (state) SSL_CTX_set_info_callback(ctx,apps_ssl_info_callback); @@ -788,6 +1268,62 @@ bad: } store = SSL_CTX_get_cert_store(ctx); X509_STORE_set_flags(store, vflags); +#ifndef OPENSSL_NO_TLSEXT + if (s_cert2) + { + ctx2=SSL_CTX_new(meth); + if (ctx2 == NULL) + { + ERR_print_errors(bio_err); + goto end; + } + } + + if (ctx2) + { + BIO_printf(bio_s_out,"Setting secondary ctx parameters\n"); + + if (session_id_prefix) + { + if(strlen(session_id_prefix) >= 32) + BIO_printf(bio_err, + "warning: id_prefix is too long, only one new session will be possible\n"); + else if(strlen(session_id_prefix) >= 16) + BIO_printf(bio_err, + "warning: id_prefix is too long if you use SSLv2\n"); + if(!SSL_CTX_set_generate_session_id(ctx2, generate_session_id)) + { + BIO_printf(bio_err,"error setting 'id_prefix'\n"); + ERR_print_errors(bio_err); + goto end; + } + BIO_printf(bio_err,"id_prefix '%s' set.\n", session_id_prefix); + } + SSL_CTX_set_quiet_shutdown(ctx2,1); + if (bugs) SSL_CTX_set_options(ctx2,SSL_OP_ALL); + if (hack) SSL_CTX_set_options(ctx2,SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG); + SSL_CTX_set_options(ctx2,off); + + /* DTLS: partial reads end up discarding unread UDP bytes :-( + * Setting read ahead solves this problem. + */ + if (socket_type == SOCK_DGRAM) SSL_CTX_set_read_ahead(ctx2, 1); + + + if (state) SSL_CTX_set_info_callback(ctx2,apps_ssl_info_callback); + + SSL_CTX_sess_set_cache_size(ctx2,128); + + if ((!SSL_CTX_load_verify_locations(ctx2,CAfile,CApath)) || + (!SSL_CTX_set_default_verify_paths(ctx2))) + { + ERR_print_errors(bio_err); + } + store = SSL_CTX_get_cert_store(ctx2); + X509_STORE_set_flags(store, vflags); + } +#endif + #ifndef OPENSSL_NO_DH if (!no_dhe) @@ -811,22 +1347,99 @@ bad: (void)BIO_flush(bio_s_out); SSL_CTX_set_tmp_dh(ctx,dh); +#ifndef OPENSSL_NO_TLSEXT + if (ctx2) + { + if (!dhfile) + { + DH *dh2=load_dh_param(s_cert_file2); + if (dh2 != NULL) + { + BIO_printf(bio_s_out,"Setting temp DH parameters\n"); + (void)BIO_flush(bio_s_out); + + DH_free(dh); + dh = dh2; + } + } + SSL_CTX_set_tmp_dh(ctx2,dh); + } +#endif DH_free(dh); } #endif + +#ifndef OPENSSL_NO_ECDH + if (!no_ecdhe) + { + EC_KEY *ecdh=NULL; + + if (named_curve) + { + int nid = OBJ_sn2nid(named_curve); + + if (nid == 0) + { + BIO_printf(bio_err, "unknown curve name (%s)\n", + named_curve); + goto end; + } + ecdh = EC_KEY_new_by_curve_name(nid); + if (ecdh == NULL) + { + BIO_printf(bio_err, "unable to create curve (%s)\n", + named_curve); + goto end; + } + } + + if (ecdh != NULL) + { + BIO_printf(bio_s_out,"Setting temp ECDH parameters\n"); + } + else + { + BIO_printf(bio_s_out,"Using default temp ECDH parameters\n"); + ecdh = EC_KEY_new_by_curve_name(NID_sect163r2); + if (ecdh == NULL) + { + BIO_printf(bio_err, "unable to create curve (sect163r2)\n"); + goto end; + } + } + (void)BIO_flush(bio_s_out); + + SSL_CTX_set_tmp_ecdh(ctx,ecdh); +#ifndef OPENSSL_NO_TLSEXT + if (ctx2) + SSL_CTX_set_tmp_ecdh(ctx2,ecdh); +#endif + EC_KEY_free(ecdh); + } +#endif - if (!set_cert_stuff(ctx,s_cert_file,s_key_file)) + if (!set_cert_key_stuff(ctx,s_cert,s_key)) goto end; - if (s_dcert_file != NULL) +#ifndef OPENSSL_NO_TLSEXT + if (ctx2 && !set_cert_key_stuff(ctx2,s_cert2,s_key2)) + goto end; +#endif + if (s_dcert != NULL) { - if (!set_cert_stuff(ctx,s_dcert_file,s_dkey_file)) + if (!set_cert_key_stuff(ctx,s_dcert,s_dkey)) goto end; } #ifndef OPENSSL_NO_RSA #if 1 if (!no_tmp_rsa) + { SSL_CTX_set_tmp_rsa_callback(ctx,tmp_rsa_cb); +#ifndef OPENSSL_NO_TLSEXT + if (ctx2) + SSL_CTX_set_tmp_rsa_callback(ctx2,tmp_rsa_cb); +#endif + } #else if (!no_tmp_rsa && SSL_CTX_need_tmp_RSA(ctx)) { @@ -842,6 +1455,16 @@ bad: ERR_print_errors(bio_err); goto end; } +#ifndef OPENSSL_NO_TLSEXT + if (ctx2) + { + if (!SSL_CTX_set_tmp_rsa(ctx2,rsa)) + { + ERR_print_errors(bio_err); + goto end; + } + } +#endif RSA_free(rsa); BIO_printf(bio_s_out,"\n"); } @@ -853,26 +1476,72 @@ bad: BIO_printf(bio_err,"error setting cipher list\n"); ERR_print_errors(bio_err); goto end; +#ifndef OPENSSL_NO_TLSEXT + if (ctx2 && !SSL_CTX_set_cipher_list(ctx2,cipher)) + { + BIO_printf(bio_err,"error setting cipher list\n"); + ERR_print_errors(bio_err); + goto end; + } +#endif } SSL_CTX_set_verify(ctx,s_server_verify,verify_callback); SSL_CTX_set_session_id_context(ctx,(void*)&s_server_session_id_context, sizeof s_server_session_id_context); +#ifndef OPENSSL_NO_TLSEXT + if (ctx2) + { + SSL_CTX_set_verify(ctx2,s_server_verify,verify_callback); + SSL_CTX_set_session_id_context(ctx2,(void*)&s_server_session_id_context, + sizeof s_server_session_id_context); + + tlsextcbp.biodebug = bio_s_out; + SSL_CTX_set_tlsext_servername_callback(ctx2, ssl_servername_cb); + SSL_CTX_set_tlsext_servername_arg(ctx2, &tlsextcbp); + SSL_CTX_set_tlsext_servername_callback(ctx, ssl_servername_cb); + SSL_CTX_set_tlsext_servername_arg(ctx, &tlsextcbp); + } +#endif if (CAfile != NULL) - SSL_CTX_set_client_CA_list(ctx,SSL_load_client_CA_file(CAfile)); - + { + SSL_CTX_set_client_CA_list(ctx,SSL_load_client_CA_file(CAfile)); +#ifndef OPENSSL_NO_TLSEXT + if (ctx2) + SSL_CTX_set_client_CA_list(ctx2,SSL_load_client_CA_file(CAfile)); +#endif + } BIO_printf(bio_s_out,"ACCEPT\n"); if (www) - do_server(port,&accept_socket,www_body, context); + do_server(port,socket_type,&accept_socket,www_body, context); else - do_server(port,&accept_socket,sv_body, context); + do_server(port,socket_type,&accept_socket,sv_body, context); print_stats(bio_s_out,ctx); ret=0; end: if (ctx != NULL) SSL_CTX_free(ctx); + if (s_cert) + X509_free(s_cert); + if (s_dcert) + X509_free(s_dcert); + if (s_key) + EVP_PKEY_free(s_key); + if (s_dkey) + EVP_PKEY_free(s_dkey); + if (pass) + OPENSSL_free(pass); + if (dpass) + OPENSSL_free(dpass); +#ifndef OPENSSL_NO_TLSEXT + if (ctx2 != NULL) SSL_CTX_free(ctx2); + if (s_cert2) + X509_free(s_cert2); + if (s_key2) + EVP_PKEY_free(s_key2); +#endif if (bio_s_out != NULL) { - BIO_free(bio_s_out); + BIO_free(bio_s_out); bio_s_out=NULL; } apps_shutdown(); @@ -883,23 +1552,23 @@ static void print_stats(BIO *bio, SSL_CTX *ssl_ctx) { BIO_printf(bio,"%4ld items in the session cache\n", SSL_CTX_sess_number(ssl_ctx)); - BIO_printf(bio,"%4d client connects (SSL_connect())\n", + BIO_printf(bio,"%4ld client connects (SSL_connect())\n", SSL_CTX_sess_connect(ssl_ctx)); - BIO_printf(bio,"%4d client renegotiates (SSL_connect())\n", + BIO_printf(bio,"%4ld client renegotiates (SSL_connect())\n", SSL_CTX_sess_connect_renegotiate(ssl_ctx)); - BIO_printf(bio,"%4d client connects that finished\n", + BIO_printf(bio,"%4ld client connects that finished\n", SSL_CTX_sess_connect_good(ssl_ctx)); - BIO_printf(bio,"%4d server accepts (SSL_accept())\n", + BIO_printf(bio,"%4ld server accepts (SSL_accept())\n", SSL_CTX_sess_accept(ssl_ctx)); - BIO_printf(bio,"%4d server renegotiates (SSL_accept())\n", + BIO_printf(bio,"%4ld server renegotiates (SSL_accept())\n", SSL_CTX_sess_accept_renegotiate(ssl_ctx)); - BIO_printf(bio,"%4d server accepts that finished\n", + BIO_printf(bio,"%4ld server accepts that finished\n", SSL_CTX_sess_accept_good(ssl_ctx)); - BIO_printf(bio,"%4d session cache hits\n",SSL_CTX_sess_hits(ssl_ctx)); - BIO_printf(bio,"%4d session cache misses\n",SSL_CTX_sess_misses(ssl_ctx)); - BIO_printf(bio,"%4d session cache timeouts\n",SSL_CTX_sess_timeouts(ssl_ctx)); - BIO_printf(bio,"%4d callback cache hits\n",SSL_CTX_sess_cb_hits(ssl_ctx)); - BIO_printf(bio,"%4d cache full overflows (%d allowed)\n", + BIO_printf(bio,"%4ld session cache hits\n",SSL_CTX_sess_hits(ssl_ctx)); + BIO_printf(bio,"%4ld session cache misses\n",SSL_CTX_sess_misses(ssl_ctx)); + BIO_printf(bio,"%4ld session cache timeouts\n",SSL_CTX_sess_timeouts(ssl_ctx)); + BIO_printf(bio,"%4ld callback cache hits\n",SSL_CTX_sess_cb_hits(ssl_ctx)); + BIO_printf(bio,"%4ld cache full overflows (%ld allowed)\n", SSL_CTX_sess_cache_full(ssl_ctx), SSL_CTX_sess_get_cache_size(ssl_ctx)); } @@ -913,7 +1582,7 @@ static int sv_body(char *hostname, int s, unsigned char *context) unsigned long l; SSL *con=NULL; BIO *sbio; -#if defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_MSDOS) +#if defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_MSDOS) || defined(OPENSSL_SYS_NETWARE) struct timeval tv; #endif @@ -936,6 +1605,19 @@ static int sv_body(char *hostname, int s, unsigned char *context) if (con == NULL) { con=SSL_new(ctx); +#ifndef OPENSSL_NO_TLSEXT + if (s_tlsextdebug) + { + SSL_set_tlsext_debug_callback(con, tlsext_cb); + SSL_set_tlsext_debug_arg(con, bio_s_out); + } + if (s_tlsextstatus) + { + SSL_CTX_set_tlsext_status_cb(ctx, cert_status_cb); + tlscstatp.err = bio_err; + SSL_CTX_set_tlsext_status_arg(ctx, &tlscstatp); + } +#endif #ifndef OPENSSL_NO_KRB5 if ((con->kssl_ctx = kssl_ctx_new()) != NULL) { @@ -951,7 +1633,39 @@ static int sv_body(char *hostname, int s, unsigned char *context) } SSL_clear(con); - sbio=BIO_new_socket(s,BIO_NOCLOSE); + if (SSL_version(con) == DTLS1_VERSION) + { + struct timeval timeout; + + sbio=BIO_new_dgram(s,BIO_NOCLOSE); + + if ( enable_timeouts) + { + timeout.tv_sec = 0; + timeout.tv_usec = DGRAM_RCV_TIMEOUT; + BIO_ctrl(sbio, BIO_CTRL_DGRAM_SET_RECV_TIMEOUT, 0, &timeout); + + timeout.tv_sec = 0; + timeout.tv_usec = DGRAM_SND_TIMEOUT; + BIO_ctrl(sbio, BIO_CTRL_DGRAM_SET_SEND_TIMEOUT, 0, &timeout); + } + + + if ( mtu > 0) + { + SSL_set_options(con, SSL_OP_NO_QUERY_MTU); + SSL_set_mtu(con, mtu); + } + else + /* want to do MTU discovery */ + BIO_ctrl(sbio, BIO_CTRL_DGRAM_MTU_DISCOVER, 0, NULL); + + /* turn on cookie exchange */ + SSL_set_options(con, SSL_OP_COOKIE_EXCHANGE); + } + else + sbio=BIO_new_socket(s,BIO_NOCLOSE); + if (s_nbio_test) { BIO *test; @@ -966,14 +1680,21 @@ static int sv_body(char *hostname, int s, unsigned char *context) if (s_debug) { con->debug=1; - BIO_set_callback(SSL_get_rbio(con),bio_dump_cb); - BIO_set_callback_arg(SSL_get_rbio(con),bio_s_out); + BIO_set_callback(SSL_get_rbio(con),bio_dump_callback); + BIO_set_callback_arg(SSL_get_rbio(con),(char *)bio_s_out); } if (s_msg) { SSL_set_msg_callback(con, msg_cb); SSL_set_msg_callback_arg(con, bio_s_out); } +#ifndef OPENSSL_NO_TLSEXT + if (s_tlsextdebug) + { + SSL_set_tlsext_debug_callback(con, tlsext_cb); + SSL_set_tlsext_debug_arg(con, bio_s_out); + } +#endif width=s+1; for (;;) @@ -987,7 +1708,7 @@ static int sv_body(char *hostname, int s, unsigned char *context) if (!read_from_sslcon) { FD_ZERO(&readfds); -#if !defined(OPENSSL_SYS_WINDOWS) && !defined(OPENSSL_SYS_MSDOS) +#if !defined(OPENSSL_SYS_WINDOWS) && !defined(OPENSSL_SYS_MSDOS) && !defined(OPENSSL_SYS_NETWARE) FD_SET(fileno(stdin),&readfds); #endif FD_SET(s,&readfds); @@ -997,7 +1718,7 @@ static int sv_body(char *hostname, int s, unsigned char *context) * the compiler: if you do have a cast then you can either * go for (int *) or (void *). */ -#if defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_MSDOS) +#if defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_MSDOS) || defined(OPENSSL_SYS_NETWARE) /* Under DOS (non-djgpp) and Windows we can't select on stdin: only * on sockets. As a workaround we timeout the select every * second and check for any keypress. In a proper Windows @@ -1057,7 +1778,8 @@ static int sv_body(char *hostname, int s, unsigned char *context) if ((i <= 0) || (buf[0] == 'q')) { BIO_printf(bio_s_out,"DONE\n"); - SHUTDOWN(s); + if (SSL_version(con) != DTLS1_VERSION) + SHUTDOWN(s); /* close_accept_socket(); ret= -11;*/ goto err; @@ -1086,7 +1808,7 @@ static int sv_body(char *hostname, int s, unsigned char *context) } if (buf[0] == 'P') { - static char *str="Lets print some clear text\n"; + static const char *str="Lets print some clear text\n"; BIO_write(SSL_get_wbio(con),str,strlen(str)); } if (buf[0] == 'S') @@ -1270,7 +1992,7 @@ static int init_ssl_connection(SSL *con) } #ifndef OPENSSL_NO_DH -static DH *load_dh_param(char *dhfile) +static DH *load_dh_param(const char *dhfile) { DH *ret=NULL; BIO *bio; @@ -1338,6 +2060,13 @@ static int www_body(char *hostname, int s, unsigned char *context) if (!BIO_set_write_buffer_size(io,bufsize)) goto err; if ((con=SSL_new(ctx)) == NULL) goto err; +#ifndef OPENSSL_NO_TLSEXT + if (s_tlsextdebug) + { + SSL_set_tlsext_debug_callback(con, tlsext_cb); + SSL_set_tlsext_debug_arg(con, bio_s_out); + } +#endif #ifndef OPENSSL_NO_KRB5 if ((con->kssl_ctx = kssl_ctx_new()) != NULL) { @@ -1369,8 +2098,8 @@ static int www_body(char *hostname, int s, unsigned char *context) if (s_debug) { con->debug=1; - BIO_set_callback(SSL_get_rbio(con),bio_dump_cb); - BIO_set_callback_arg(SSL_get_rbio(con),bio_s_out); + BIO_set_callback(SSL_get_rbio(con),bio_dump_callback); + BIO_set_callback_arg(SSL_get_rbio(con),(char *)bio_s_out); } if (s_msg) { @@ -1417,7 +2146,9 @@ static int www_body(char *hostname, int s, unsigned char *context) else { BIO_printf(bio_s_out,"read R BLOCK\n"); -#if !defined(OPENSSL_SYS_MSDOS) && !defined(__DJGPP__) +#if defined(OPENSSL_SYS_NETWARE) + delay(1000); +#elif !defined(OPENSSL_SYS_MSDOS) && !defined(__DJGPP__) sleep(1); #endif continue; @@ -1436,7 +2167,7 @@ static int www_body(char *hostname, int s, unsigned char *context) char *p; X509 *peer; STACK_OF(SSL_CIPHER) *sk; - static char *space=" "; + static const char *space=" "; BIO_puts(io,"HTTP/1.0 200 ok\r\nContent-type: text/html\r\n\r\n"); BIO_puts(io,"\n"); @@ -1516,7 +2247,7 @@ static int www_body(char *hostname, int s, unsigned char *context) { BIO *file; char *p,*e; - static char *text="HTTP/1.0 200 ok\r\nContent-type: text/plain\r\n\r\n"; + static const char *text="HTTP/1.0 200 ok\r\nContent-type: text/plain\r\n\r\n"; /* skip the '/' */ p= &(buf[5]); @@ -1692,21 +2423,30 @@ err: #ifndef OPENSSL_NO_RSA static RSA MS_CALLBACK *tmp_rsa_cb(SSL *s, int is_export, int keylength) { + BIGNUM *bn = NULL; static RSA *rsa_tmp=NULL; - if (rsa_tmp == NULL) + if (!rsa_tmp && ((bn = BN_new()) == NULL)) + BIO_printf(bio_err,"Allocation error in generating RSA key\n"); + if (!rsa_tmp && bn) { if (!s_quiet) { BIO_printf(bio_err,"Generating temp (%d bit) RSA key...",keylength); (void)BIO_flush(bio_err); } - rsa_tmp=RSA_generate_key(keylength,RSA_F4,NULL,NULL); + if(!BN_set_word(bn, RSA_F4) || ((rsa_tmp = RSA_new()) == NULL) || + !RSA_generate_key_ex(rsa_tmp, keylength, bn, NULL)) + { + if(rsa_tmp) RSA_free(rsa_tmp); + rsa_tmp = NULL; + } if (!s_quiet) { BIO_printf(bio_err,"\n"); (void)BIO_flush(bio_err); } + BN_free(bn); } return(rsa_tmp); } diff --git a/src/lib/libssl/src/apps/s_socket.c b/src/lib/libssl/src/apps/s_socket.c index 9c441b0200..4a922e16a0 100644 --- a/src/lib/libssl/src/apps/s_socket.c +++ b/src/lib/libssl/src/apps/s_socket.c @@ -62,8 +62,6 @@ #include #include -#include - /* With IPv6, it looks like Digital has mixed up the proper order of recursive header file inclusion, resulting in the compiler complaining that u_int isn't defined, but only if _POSIX_C_SOURCE is defined, which @@ -81,14 +79,26 @@ typedef unsigned int u_int; #include "s_apps.h" #include +#ifdef FLAT_INC +#include "e_os.h" +#else +#include "../e_os.h" +#endif + +#ifndef OPENSSL_NO_SOCK + +#if defined(OPENSSL_SYS_NETWARE) && defined(NETWARE_BSDSOCK) +#include "netdb.h" +#endif + static struct hostent *GetHostByName(char *name); -#ifdef OPENSSL_SYS_WINDOWS +#if defined(OPENSSL_SYS_WINDOWS) || (defined(OPENSSL_SYS_NETWARE) && !defined(NETWARE_BSDSOCK)) static void ssl_sock_cleanup(void); #endif static int ssl_sock_init(void); -static int init_client_ip(int *sock,unsigned char ip[4], int port); -static int init_server(int *sock, int port); -static int init_server_long(int *sock, int port,char *ip); +static int init_client_ip(int *sock,unsigned char ip[4], int port, int type); +static int init_server(int *sock, int port, int type); +static int init_server_long(int *sock, int port,char *ip, int type); static int do_accept(int acc_sock, int *sock, char **host); static int host_ip(char *str, unsigned char ip[4]); @@ -98,6 +108,10 @@ static int host_ip(char *str, unsigned char ip[4]); #define SOCKET_PROTOCOL IPPROTO_TCP #endif +#if defined(OPENSSL_SYS_NETWARE) && !defined(NETWARE_BSDSOCK) +static int wsa_init_done=0; +#endif + #ifdef OPENSSL_SYS_WINDOWS static struct WSAData wsa_state; static int wsa_init_done=0; @@ -146,6 +160,15 @@ static void ssl_sock_cleanup(void) WSACleanup(); } } +#elif defined(OPENSSL_SYS_NETWARE) && !defined(NETWARE_BSDSOCK) +static void sock_cleanup(void) + { + if (wsa_init_done) + { + wsa_init_done=0; + WSACleanup(); + } + } #endif static int ssl_sock_init(void) @@ -180,11 +203,32 @@ static int ssl_sock_init(void) SetWindowLong(topWnd,GWL_WNDPROC,(LONG)lpTopHookProc); #endif /* OPENSSL_SYS_WIN16 */ } +#elif defined(OPENSSL_SYS_NETWARE) && !defined(NETWARE_BSDSOCK) + WORD wVerReq; + WSADATA wsaData; + int err; + + if (!wsa_init_done) + { + +# ifdef SIGINT + signal(SIGINT,(void (*)(int))sock_cleanup); +# endif + + wsa_init_done=1; + wVerReq = MAKEWORD( 2, 0 ); + err = WSAStartup(wVerReq,&wsaData); + if (err != 0) + { + BIO_printf(bio_err,"unable to start WINSOCK2, error code=%d\n",err); + return(0); + } + } #endif /* OPENSSL_SYS_WINDOWS */ return(1); } -int init_client(int *sock, char *host, int port) +int init_client(int *sock, char *host, int port, int type) { unsigned char ip[4]; short p=0; @@ -194,10 +238,10 @@ int init_client(int *sock, char *host, int port) return(0); } if (p != 0) port=p; - return(init_client_ip(sock,ip,port)); + return(init_client_ip(sock,ip,port,type)); } -static int init_client_ip(int *sock, unsigned char ip[4], int port) +static int init_client_ip(int *sock, unsigned char ip[4], int port, int type) { unsigned long addr; struct sockaddr_in them; @@ -215,13 +259,20 @@ static int init_client_ip(int *sock, unsigned char ip[4], int port) ((unsigned long)ip[3]); them.sin_addr.s_addr=htonl(addr); - s=socket(AF_INET,SOCK_STREAM,SOCKET_PROTOCOL); + if (type == SOCK_STREAM) + s=socket(AF_INET,SOCK_STREAM,SOCKET_PROTOCOL); + else /* ( type == SOCK_DGRAM) */ + s=socket(AF_INET,SOCK_DGRAM,IPPROTO_UDP); + if (s == INVALID_SOCKET) { perror("socket"); return(0); } #ifndef OPENSSL_SYS_MPE - i=0; - i=setsockopt(s,SOL_SOCKET,SO_KEEPALIVE,(char *)&i,sizeof(i)); - if (i < 0) { perror("keepalive"); return(0); } + if (type == SOCK_STREAM) + { + i=0; + i=setsockopt(s,SOL_SOCKET,SO_KEEPALIVE,(char *)&i,sizeof(i)); + if (i < 0) { perror("keepalive"); return(0); } + } #endif if (connect(s,(struct sockaddr *)&them,sizeof(them)) == -1) @@ -230,30 +281,36 @@ static int init_client_ip(int *sock, unsigned char ip[4], int port) return(1); } -int do_server(int port, int *ret, int (*cb)(), char *context) +int do_server(int port, int type, int *ret, int (*cb)(char *hostname, int s, unsigned char *context), unsigned char *context) { int sock; - char *name; + char *name = NULL; int accept_socket; int i; - if (!init_server(&accept_socket,port)) return(0); + if (!init_server(&accept_socket,port,type)) return(0); if (ret != NULL) { *ret=accept_socket; /* return(1);*/ } - for (;;) - { - if (do_accept(accept_socket,&sock,&name) == 0) + for (;;) + { + if (type==SOCK_STREAM) { - SHUTDOWN(accept_socket); - return(0); + if (do_accept(accept_socket,&sock,&name) == 0) + { + SHUTDOWN(accept_socket); + return(0); + } } + else + sock = accept_socket; i=(*cb)(name,sock, context); if (name != NULL) OPENSSL_free(name); - SHUTDOWN2(sock); + if (type==SOCK_STREAM) + SHUTDOWN2(sock); if (i < 0) { SHUTDOWN2(accept_socket); @@ -262,7 +319,7 @@ int do_server(int port, int *ret, int (*cb)(), char *context) } } -static int init_server_long(int *sock, int port, char *ip) +static int init_server_long(int *sock, int port, char *ip, int type) { int ret=0; struct sockaddr_in server; @@ -282,7 +339,11 @@ static int init_server_long(int *sock, int port, char *ip) #else memcpy(&server.sin_addr,ip,4); #endif - s=socket(AF_INET,SOCK_STREAM,SOCKET_PROTOCOL); + + if (type == SOCK_STREAM) + s=socket(AF_INET,SOCK_STREAM,SOCKET_PROTOCOL); + else /* type == SOCK_DGRAM */ + s=socket(AF_INET, SOCK_DGRAM,IPPROTO_UDP); if (s == INVALID_SOCKET) goto err; #if defined SOL_SOCKET && defined SO_REUSEADDR @@ -300,7 +361,7 @@ static int init_server_long(int *sock, int port, char *ip) goto err; } /* Make it 128 for linux */ - if (listen(s,128) == -1) goto err; + if (type==SOCK_STREAM && listen(s,128) == -1) goto err; i=0; *sock=s; ret=1; @@ -312,9 +373,9 @@ err: return(ret); } -static int init_server(int *sock, int port) +static int init_server(int *sock, int port, int type) { - return(init_server_long(sock, port, NULL)); + return(init_server_long(sock, port, NULL, type)); } static int do_accept(int acc_sock, int *sock, char **host) @@ -341,7 +402,7 @@ redoit: ret=accept(acc_sock,(struct sockaddr *)&from,(void *)&len); if (ret == INVALID_SOCKET) { -#ifdef OPENSSL_SYS_WINDOWS +#if defined(OPENSSL_SYS_WINDOWS) || (defined(OPENSSL_SYS_NETWARE) && !defined(NETWARE_BSDSOCK)) i=WSAGetLastError(); BIO_printf(bio_err,"accept error %d\n",i); #else @@ -552,3 +613,5 @@ static struct hostent *GetHostByName(char *name) return(ret); } } + +#endif diff --git a/src/lib/libssl/src/apps/s_time.c b/src/lib/libssl/src/apps/s_time.c index 7d47057465..904945e1a8 100644 --- a/src/lib/libssl/src/apps/s_time.c +++ b/src/lib/libssl/src/apps/s_time.c @@ -85,7 +85,7 @@ #include OPENSSL_UNISTD #endif -#if !defined(OPENSSL_SYS_MSDOS) && !defined(OPENSSL_SYS_VXWORKS) && (!defined(OPENSSL_SYS_VMS) || defined(__DECC)) +#if !defined(OPENSSL_SYS_NETWARE) && !defined(OPENSSL_SYS_MSDOS) && !defined(OPENSSL_SYS_VXWORKS) && (!defined(OPENSSL_SYS_VMS) || defined(__DECC)) #define TIMES #endif @@ -105,7 +105,7 @@ #undef TIMES #endif -#if !defined(TIMES) && !defined(OPENSSL_SYS_VXWORKS) +#if !defined(TIMES) && !defined(OPENSSL_SYS_VXWORKS) && !defined(OPENSSL_SYS_NETWARE) #include #endif @@ -384,6 +384,20 @@ static double tm_Time_F(int s) ret=((double)(tend.tms_utime-tstart.tms_utime))/HZ; return((ret == 0.0)?1e-6:ret); } +#elif defined(OPENSSL_SYS_NETWARE) + static clock_t tstart,tend; + + if (s == START) + { + tstart=clock(); + return(0); + } + else + { + tend=clock(); + ret=(double)((double)(tend)-(double)(tstart)); + return((ret < 0.001)?0.001:ret); + } #elif defined(OPENSSL_SYS_VXWORKS) { static unsigned long tick_start, tick_end; diff --git a/src/lib/libssl/src/apps/sess_id.c b/src/lib/libssl/src/apps/sess_id.c index d91d84d220..b99179f276 100644 --- a/src/lib/libssl/src/apps/sess_id.c +++ b/src/lib/libssl/src/apps/sess_id.c @@ -69,7 +69,7 @@ #undef PROG #define PROG sess_id_main -static char *sess_id_usage[]={ +static const char *sess_id_usage[]={ "usage: sess_id args\n", "\n", " -inform arg - input format - default PEM (DER or PEM)\n", @@ -95,7 +95,7 @@ int MAIN(int argc, char **argv) int informat,outformat; char *infile=NULL,*outfile=NULL,*context=NULL; int cert=0,noout=0,text=0; - char **pp; + const char **pp; apps_startup(); @@ -241,7 +241,7 @@ bad: if (!noout && !cert) { if (outformat == FORMAT_ASN1) - i=(int)i2d_SSL_SESSION_bio(out,x); + i=i2d_SSL_SESSION_bio(out,x); else if (outformat == FORMAT_PEM) i=PEM_write_bio_SSL_SESSION(out,x); else { diff --git a/src/lib/libssl/src/apps/smime.c b/src/lib/libssl/src/apps/smime.c index 51bc893ffa..ce8a1cbecb 100644 --- a/src/lib/libssl/src/apps/smime.c +++ b/src/lib/libssl/src/apps/smime.c @@ -1,9 +1,9 @@ /* smime.c */ /* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL - * project 1999. + * project. */ /* ==================================================================== - * Copyright (c) 1999 The OpenSSL Project. All rights reserved. + * Copyright (c) 1999-2004 The OpenSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -64,10 +64,13 @@ #include #include #include +#include +#include #undef PROG #define PROG smime_main static int save_certs(char *signerfile, STACK_OF(X509) *signers); +static int smime_cb(int ok, X509_STORE_CTX *ctx); #define SMIME_OP 0x10 #define SMIME_ENCRYPT (1 | SMIME_OP) @@ -79,12 +82,12 @@ static int save_certs(char *signerfile, STACK_OF(X509) *signers); int MAIN(int, char **); int MAIN(int argc, char **argv) -{ + { ENGINE *e = NULL; int operation = 0; int ret = 0; char **args; - char *inmode = "r", *outmode = "w"; + const char *inmode = "r", *outmode = "w"; char *infile = NULL, *outfile = NULL; char *signerfile = NULL, *recipfile = NULL; char *certfile = NULL, *keyfile = NULL, *contfile=NULL; @@ -96,7 +99,7 @@ int MAIN(int argc, char **argv) STACK_OF(X509) *encerts = NULL, *other = NULL; BIO *in = NULL, *out = NULL, *indata = NULL; int badarg = 0; - int flags = PKCS7_DETACHED, store_flags = 0; + int flags = PKCS7_DETACHED; char *to = NULL, *from = NULL, *subject = NULL; char *CAfile = NULL, *CApath = NULL; char *passargin = NULL, *passin = NULL; @@ -108,30 +111,44 @@ int MAIN(int argc, char **argv) char *engine=NULL; #endif + X509_VERIFY_PARAM *vpm = NULL; + args = argv + 1; ret = 1; apps_startup(); if (bio_err == NULL) + { if ((bio_err = BIO_new(BIO_s_file())) != NULL) BIO_set_fp(bio_err, stderr, BIO_NOCLOSE|BIO_FP_TEXT); + } if (!load_config(bio_err, NULL)) goto end; - while (!badarg && *args && *args[0] == '-') { - if (!strcmp (*args, "-encrypt")) operation = SMIME_ENCRYPT; - else if (!strcmp (*args, "-decrypt")) operation = SMIME_DECRYPT; - else if (!strcmp (*args, "-sign")) operation = SMIME_SIGN; - else if (!strcmp (*args, "-verify")) operation = SMIME_VERIFY; - else if (!strcmp (*args, "-pk7out")) operation = SMIME_PK7OUT; + while (!badarg && *args && *args[0] == '-') + { + if (!strcmp (*args, "-encrypt")) + operation = SMIME_ENCRYPT; + else if (!strcmp (*args, "-decrypt")) + operation = SMIME_DECRYPT; + else if (!strcmp (*args, "-sign")) + operation = SMIME_SIGN; + else if (!strcmp (*args, "-verify")) + operation = SMIME_VERIFY; + else if (!strcmp (*args, "-pk7out")) + operation = SMIME_PK7OUT; #ifndef OPENSSL_NO_DES else if (!strcmp (*args, "-des3")) cipher = EVP_des_ede3_cbc(); else if (!strcmp (*args, "-des")) cipher = EVP_des_cbc(); #endif +#ifndef OPENSSL_NO_SEED + else if (!strcmp (*args, "-seed")) + cipher = EVP_seed_cbc(); +#endif #ifndef OPENSSL_NO_RC2 else if (!strcmp (*args, "-rc2-40")) cipher = EVP_rc2_40_cbc(); @@ -147,6 +164,14 @@ int MAIN(int argc, char **argv) cipher = EVP_aes_192_cbc(); else if (!strcmp(*args,"-aes256")) cipher = EVP_aes_256_cbc(); +#endif +#ifndef OPENSSL_NO_CAMELLIA + else if (!strcmp(*args,"-camellia128")) + cipher = EVP_camellia_128_cbc(); + else if (!strcmp(*args,"-camellia192")) + cipher = EVP_camellia_192_cbc(); + else if (!strcmp(*args,"-camellia256")) + cipher = EVP_camellia_256_cbc(); #endif else if (!strcmp (*args, "-text")) flags |= PKCS7_TEXT; @@ -172,127 +197,225 @@ int MAIN(int argc, char **argv) flags |= PKCS7_NOOLDMIMETYPE; else if (!strcmp (*args, "-crlfeol")) flags |= PKCS7_CRLFEOL; - else if (!strcmp (*args, "-crl_check")) - store_flags |= X509_V_FLAG_CRL_CHECK; - else if (!strcmp (*args, "-crl_check_all")) - store_flags |= X509_V_FLAG_CRL_CHECK|X509_V_FLAG_CRL_CHECK_ALL; - else if (!strcmp(*args,"-rand")) { - if (args[1]) { + else if (!strcmp(*args,"-rand")) + { + if (args[1]) + { args++; inrand = *args; - } else badarg = 1; + } + else + badarg = 1; need_rand = 1; + } #ifndef OPENSSL_NO_ENGINE - } else if (!strcmp(*args,"-engine")) { - if (args[1]) { + else if (!strcmp(*args,"-engine")) + { + if (args[1]) + { args++; engine = *args; - } else badarg = 1; + } + else badarg = 1; + } #endif - } else if (!strcmp(*args,"-passin")) { - if (args[1]) { + else if (!strcmp(*args,"-passin")) + { + if (args[1]) + { args++; passargin = *args; - } else badarg = 1; - } else if (!strcmp (*args, "-to")) { - if (args[1]) { + } + else + badarg = 1; + } + else if (!strcmp (*args, "-to")) + { + if (args[1]) + { args++; to = *args; - } else badarg = 1; - } else if (!strcmp (*args, "-from")) { - if (args[1]) { + } + else + badarg = 1; + } + else if (!strcmp (*args, "-from")) + { + if (args[1]) + { args++; from = *args; - } else badarg = 1; - } else if (!strcmp (*args, "-subject")) { - if (args[1]) { + } + else badarg = 1; + } + else if (!strcmp (*args, "-subject")) + { + if (args[1]) + { args++; subject = *args; - } else badarg = 1; - } else if (!strcmp (*args, "-signer")) { - if (args[1]) { + } + else + badarg = 1; + } + else if (!strcmp (*args, "-signer")) + { + if (args[1]) + { args++; signerfile = *args; - } else badarg = 1; - } else if (!strcmp (*args, "-recip")) { - if (args[1]) { + } + else + badarg = 1; + } + else if (!strcmp (*args, "-recip")) + { + if (args[1]) + { args++; recipfile = *args; - } else badarg = 1; - } else if (!strcmp (*args, "-inkey")) { - if (args[1]) { + } + else badarg = 1; + } + else if (!strcmp (*args, "-inkey")) + { + if (args[1]) + { args++; keyfile = *args; - } else badarg = 1; - } else if (!strcmp (*args, "-keyform")) { - if (args[1]) { + } + else + badarg = 1; + } + else if (!strcmp (*args, "-keyform")) + { + if (args[1]) + { args++; keyform = str2fmt(*args); - } else badarg = 1; - } else if (!strcmp (*args, "-certfile")) { - if (args[1]) { + } + else + badarg = 1; + } + else if (!strcmp (*args, "-certfile")) + { + if (args[1]) + { args++; certfile = *args; - } else badarg = 1; - } else if (!strcmp (*args, "-CAfile")) { - if (args[1]) { + } + else + badarg = 1; + } + else if (!strcmp (*args, "-CAfile")) + { + if (args[1]) + { args++; CAfile = *args; - } else badarg = 1; - } else if (!strcmp (*args, "-CApath")) { - if (args[1]) { + } + else + badarg = 1; + } + else if (!strcmp (*args, "-CApath")) + { + if (args[1]) + { args++; CApath = *args; - } else badarg = 1; - } else if (!strcmp (*args, "-in")) { - if (args[1]) { + } + else + badarg = 1; + } + else if (!strcmp (*args, "-in")) + { + if (args[1]) + { args++; infile = *args; - } else badarg = 1; - } else if (!strcmp (*args, "-inform")) { - if (args[1]) { + } + else + badarg = 1; + } + else if (!strcmp (*args, "-inform")) + { + if (args[1]) + { args++; informat = str2fmt(*args); - } else badarg = 1; - } else if (!strcmp (*args, "-outform")) { - if (args[1]) { + } + else + badarg = 1; + } + else if (!strcmp (*args, "-outform")) + { + if (args[1]) + { args++; outformat = str2fmt(*args); - } else badarg = 1; - } else if (!strcmp (*args, "-out")) { - if (args[1]) { + } + else + badarg = 1; + } + else if (!strcmp (*args, "-out")) + { + if (args[1]) + { args++; outfile = *args; - } else badarg = 1; - } else if (!strcmp (*args, "-content")) { - if (args[1]) { + } + else + badarg = 1; + } + else if (!strcmp (*args, "-content")) + { + if (args[1]) + { args++; contfile = *args; - } else badarg = 1; - } else badarg = 1; + } + else + badarg = 1; + } + else if (args_verify(&args, NULL, &badarg, bio_err, &vpm)) + continue; + else + badarg = 1; args++; - } + } - if(operation == SMIME_SIGN) { - if(!signerfile) { + + if (operation == SMIME_SIGN) + { + if (!signerfile) + { BIO_printf(bio_err, "No signer certificate specified\n"); badarg = 1; - } + } need_rand = 1; - } else if(operation == SMIME_DECRYPT) { - if(!recipfile) { - BIO_printf(bio_err, "No recipient certificate and key specified\n"); + } + else if (operation == SMIME_DECRYPT) + { + if (!recipfile && !keyfile) + { + BIO_printf(bio_err, "No recipient certificate or key specified\n"); badarg = 1; + } } - } else if(operation == SMIME_ENCRYPT) { - if(!*args) { + else if (operation == SMIME_ENCRYPT) + { + if (!*args) + { BIO_printf(bio_err, "No recipient(s) certificate(s) specified\n"); badarg = 1; - } + } need_rand = 1; - } else if(!operation) badarg = 1; + } + else if (!operation) + badarg = 1; - if (badarg) { + if (badarg) + { BIO_printf (bio_err, "Usage smime [options] cert.pem ...\n"); BIO_printf (bio_err, "where options are\n"); BIO_printf (bio_err, "-encrypt encrypt message\n"); @@ -304,6 +427,9 @@ int MAIN(int argc, char **argv) BIO_printf (bio_err, "-des3 encrypt with triple DES\n"); BIO_printf (bio_err, "-des encrypt with DES\n"); #endif +#ifndef OPENSSL_NO_SEED + BIO_printf (bio_err, "-seed encrypt with SEED\n"); +#endif #ifndef OPENSSL_NO_RC2 BIO_printf (bio_err, "-rc2-40 encrypt with RC2-40 (default)\n"); BIO_printf (bio_err, "-rc2-64 encrypt with RC2-64\n"); @@ -312,6 +438,10 @@ int MAIN(int argc, char **argv) #ifndef OPENSSL_NO_AES BIO_printf (bio_err, "-aes128, -aes192, -aes256\n"); BIO_printf (bio_err, " encrypt PEM output with cbc aes\n"); +#endif +#ifndef OPENSSL_NO_CAMELLIA + BIO_printf (bio_err, "-camellia128, -camellia192, -camellia256\n"); + BIO_printf (bio_err, " encrypt PEM output with cbc camellia\n"); #endif BIO_printf (bio_err, "-nointern don't search certificates in message for signer\n"); BIO_printf (bio_err, "-nosigs don't verify message signature\n"); @@ -347,121 +477,155 @@ int MAIN(int argc, char **argv) BIO_printf(bio_err, " the random number generator\n"); BIO_printf (bio_err, "cert.pem recipient certificate(s) for encryption\n"); goto end; - } + } #ifndef OPENSSL_NO_ENGINE e = setup_engine(bio_err, engine, 0); #endif - if(!app_passwd(bio_err, passargin, NULL, &passin, NULL)) { + if (!app_passwd(bio_err, passargin, NULL, &passin, NULL)) + { BIO_printf(bio_err, "Error getting password\n"); goto end; - } + } - if (need_rand) { + if (need_rand) + { app_RAND_load_file(NULL, bio_err, (inrand != NULL)); if (inrand != NULL) BIO_printf(bio_err,"%ld semi-random bytes loaded\n", app_RAND_load_files(inrand)); - } + } ret = 2; - if(operation != SMIME_SIGN) flags &= ~PKCS7_DETACHED; + if (operation != SMIME_SIGN) + flags &= ~PKCS7_DETACHED; - if(operation & SMIME_OP) { - if(flags & PKCS7_BINARY) inmode = "rb"; - if(outformat == FORMAT_ASN1) outmode = "wb"; - } else { - if(flags & PKCS7_BINARY) outmode = "wb"; - if(informat == FORMAT_ASN1) inmode = "rb"; - } + if (operation & SMIME_OP) + { + if (flags & PKCS7_BINARY) + inmode = "rb"; + if (outformat == FORMAT_ASN1) + outmode = "wb"; + } + else + { + if (flags & PKCS7_BINARY) + outmode = "wb"; + if (informat == FORMAT_ASN1) + inmode = "rb"; + } - if(operation == SMIME_ENCRYPT) { - if (!cipher) { + if (operation == SMIME_ENCRYPT) + { + if (!cipher) + { #ifndef OPENSSL_NO_RC2 cipher = EVP_rc2_40_cbc(); #else BIO_printf(bio_err, "No cipher selected\n"); goto end; #endif - } + } encerts = sk_X509_new_null(); - while (*args) { - if(!(cert = load_cert(bio_err,*args,FORMAT_PEM, - NULL, e, "recipient certificate file"))) { + while (*args) + { + if (!(cert = load_cert(bio_err,*args,FORMAT_PEM, + NULL, e, "recipient certificate file"))) + { #if 0 /* An appropriate message is already printed */ BIO_printf(bio_err, "Can't read recipient certificate file %s\n", *args); #endif goto end; - } + } sk_X509_push(encerts, cert); cert = NULL; args++; + } } - } - if(signerfile && (operation == SMIME_SIGN)) { - if(!(signer = load_cert(bio_err,signerfile,FORMAT_PEM, NULL, - e, "signer certificate"))) { + if (signerfile && (operation == SMIME_SIGN)) + { + if (!(signer = load_cert(bio_err,signerfile,FORMAT_PEM, NULL, + e, "signer certificate"))) + { #if 0 /* An appropri message has already been printed */ BIO_printf(bio_err, "Can't read signer certificate file %s\n", signerfile); #endif goto end; + } } - } - if(certfile) { - if(!(other = load_certs(bio_err,certfile,FORMAT_PEM, NULL, - e, "certificate file"))) { + if (certfile) + { + if (!(other = load_certs(bio_err,certfile,FORMAT_PEM, NULL, + e, "certificate file"))) + { #if 0 /* An appropriate message has already been printed */ BIO_printf(bio_err, "Can't read certificate file %s\n", certfile); #endif ERR_print_errors(bio_err); goto end; + } } - } - if(recipfile && (operation == SMIME_DECRYPT)) { - if(!(recip = load_cert(bio_err,recipfile,FORMAT_PEM,NULL, - e, "recipient certificate file"))) { + if (recipfile && (operation == SMIME_DECRYPT)) + { + if (!(recip = load_cert(bio_err,recipfile,FORMAT_PEM,NULL, + e, "recipient certificate file"))) + { #if 0 /* An appropriate message has alrady been printed */ BIO_printf(bio_err, "Can't read recipient certificate file %s\n", recipfile); #endif ERR_print_errors(bio_err); goto end; + } } - } - if(operation == SMIME_DECRYPT) { - if(!keyfile) keyfile = recipfile; - } else if(operation == SMIME_SIGN) { - if(!keyfile) keyfile = signerfile; - } else keyfile = NULL; + if (operation == SMIME_DECRYPT) + { + if (!keyfile) + keyfile = recipfile; + } + else if (operation == SMIME_SIGN) + { + if (!keyfile) + keyfile = signerfile; + } + else keyfile = NULL; - if(keyfile) { + if (keyfile) + { key = load_key(bio_err, keyfile, keyform, 0, passin, e, "signing key file"); - if (!key) { + if (!key) goto end; - } - } + } - if (infile) { - if (!(in = BIO_new_file(infile, inmode))) { + if (infile) + { + if (!(in = BIO_new_file(infile, inmode))) + { BIO_printf (bio_err, "Can't open input file %s\n", infile); goto end; + } } - } else in = BIO_new_fp(stdin, BIO_NOCLOSE); + else + in = BIO_new_fp(stdin, BIO_NOCLOSE); - if (outfile) { - if (!(out = BIO_new_file(outfile, outmode))) { + if (outfile) + { + if (!(out = BIO_new_file(outfile, outmode))) + { BIO_printf (bio_err, "Can't open output file %s\n", outfile); goto end; + } } - } else { + else + { out = BIO_new_fp(stdout, BIO_NOCLOSE); #ifdef OPENSSL_SYS_VMS { @@ -469,100 +633,127 @@ int MAIN(int argc, char **argv) out = BIO_push(tmpbio, out); } #endif - } + } - if(operation == SMIME_VERIFY) { - if(!(store = setup_verify(bio_err, CAfile, CApath))) goto end; - X509_STORE_set_flags(store, store_flags); - } + if (operation == SMIME_VERIFY) + { + if (!(store = setup_verify(bio_err, CAfile, CApath))) + goto end; + X509_STORE_set_verify_cb_func(store, smime_cb); + if (vpm) + X509_STORE_set1_param(store, vpm); + } ret = 3; - if(operation == SMIME_ENCRYPT) { + if (operation == SMIME_ENCRYPT) p7 = PKCS7_encrypt(encerts, in, cipher, flags); - } else if(operation == SMIME_SIGN) { + else if (operation == SMIME_SIGN) + { + /* If detached data and SMIME output enable partial + * signing. + */ + if ((flags & PKCS7_DETACHED) && (outformat == FORMAT_SMIME)) + flags |= PKCS7_STREAM; p7 = PKCS7_sign(signer, key, other, in, flags); - if (BIO_reset(in) != 0 && (flags & PKCS7_DETACHED)) { - BIO_printf(bio_err, "Can't rewind input file\n"); - goto end; } - } else { - if(informat == FORMAT_SMIME) + else + { + if (informat == FORMAT_SMIME) p7 = SMIME_read_PKCS7(in, &indata); - else if(informat == FORMAT_PEM) + else if (informat == FORMAT_PEM) p7 = PEM_read_bio_PKCS7(in, NULL, NULL, NULL); - else if(informat == FORMAT_ASN1) + else if (informat == FORMAT_ASN1) p7 = d2i_PKCS7_bio(in, NULL); - else { + else + { BIO_printf(bio_err, "Bad input format for PKCS#7 file\n"); goto end; - } + } - if(!p7) { + if (!p7) + { BIO_printf(bio_err, "Error reading S/MIME message\n"); goto end; - } - if(contfile) { + } + if (contfile) + { BIO_free(indata); - if(!(indata = BIO_new_file(contfile, "rb"))) { + if (!(indata = BIO_new_file(contfile, "rb"))) + { BIO_printf(bio_err, "Can't read content file %s\n", contfile); goto end; + } } } - } - if(!p7) { + if (!p7) + { BIO_printf(bio_err, "Error creating PKCS#7 structure\n"); goto end; - } + } ret = 4; - if(operation == SMIME_DECRYPT) { - if(!PKCS7_decrypt(p7, key, recip, out, flags)) { + if (operation == SMIME_DECRYPT) + { + if (!PKCS7_decrypt(p7, key, recip, out, flags)) + { BIO_printf(bio_err, "Error decrypting PKCS#7 structure\n"); goto end; + } } - } else if(operation == SMIME_VERIFY) { + else if (operation == SMIME_VERIFY) + { STACK_OF(X509) *signers; - if(PKCS7_verify(p7, other, store, indata, out, flags)) { + if (PKCS7_verify(p7, other, store, indata, out, flags)) BIO_printf(bio_err, "Verification successful\n"); - } else { + else + { BIO_printf(bio_err, "Verification failure\n"); goto end; - } + } signers = PKCS7_get0_signers(p7, other, flags); - if(!save_certs(signerfile, signers)) { + if (!save_certs(signerfile, signers)) + { BIO_printf(bio_err, "Error writing signers to %s\n", signerfile); ret = 5; goto end; - } + } sk_X509_free(signers); - } else if(operation == SMIME_PK7OUT) { + } + else if (operation == SMIME_PK7OUT) PEM_write_bio_PKCS7(out, p7); - } else { - if(to) BIO_printf(out, "To: %s\n", to); - if(from) BIO_printf(out, "From: %s\n", from); - if(subject) BIO_printf(out, "Subject: %s\n", subject); - if(outformat == FORMAT_SMIME) + else + { + if (to) + BIO_printf(out, "To: %s\n", to); + if (from) + BIO_printf(out, "From: %s\n", from); + if (subject) + BIO_printf(out, "Subject: %s\n", subject); + if (outformat == FORMAT_SMIME) SMIME_write_PKCS7(out, p7, in, flags); - else if(outformat == FORMAT_PEM) + else if (outformat == FORMAT_PEM) PEM_write_bio_PKCS7(out,p7); - else if(outformat == FORMAT_ASN1) + else if (outformat == FORMAT_ASN1) i2d_PKCS7_bio(out,p7); - else { + else + { BIO_printf(bio_err, "Bad output format for PKCS#7 file\n"); goto end; + } } - } ret = 0; end: if (need_rand) app_RAND_write_file(NULL, bio_err); - if(ret) ERR_print_errors(bio_err); + if (ret) ERR_print_errors(bio_err); sk_X509_pop_free(encerts, X509_free); sk_X509_pop_free(other, X509_free); + if (vpm) + X509_VERIFY_PARAM_free(vpm); X509_STORE_free(store); X509_free(cert); X509_free(recip); @@ -572,20 +763,39 @@ end: BIO_free(in); BIO_free(indata); BIO_free_all(out); - if(passin) OPENSSL_free(passin); + if (passin) OPENSSL_free(passin); return (ret); } static int save_certs(char *signerfile, STACK_OF(X509) *signers) -{ + { int i; BIO *tmp; - if(!signerfile) return 1; + if (!signerfile) + return 1; tmp = BIO_new_file(signerfile, "w"); - if(!tmp) return 0; + if (!tmp) return 0; for(i = 0; i < sk_X509_num(signers); i++) PEM_write_bio_X509(tmp, sk_X509_value(signers, i)); BIO_free(tmp); return 1; -} + } + +/* Minimal callback just to output policy info (if any) */ + +static int smime_cb(int ok, X509_STORE_CTX *ctx) + { + int error; + + error = X509_STORE_CTX_get_error(ctx); + + if ((error != X509_V_ERR_NO_EXPLICIT_POLICY) + && ((error != X509_V_OK) || (ok != 2))) + return ok; + + policies_print(NULL, ctx); + + return ok; + + } diff --git a/src/lib/libssl/src/apps/speed.c b/src/lib/libssl/src/apps/speed.c index 2fc327c375..8a1974f5fe 100644 --- a/src/lib/libssl/src/apps/speed.c +++ b/src/lib/libssl/src/apps/speed.c @@ -55,6 +55,19 @@ * copied and put under another distribution licence * [including the GNU Public Licence.] */ +/* ==================================================================== + * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. + * + * Portions of the attached software ("Contribution") are developed by + * SUN MICROSYSTEMS, INC., and are contributed to the OpenSSL project. + * + * The Contribution is licensed pursuant to the OpenSSL open source + * license provided above. + * + * The ECDH and ECDSA speed test software is originally written by + * Sumit Gupta of Sun Microsystems Laboratories. + * + */ /* most of this code has been pilfered from my libdes speed.c program */ @@ -64,6 +77,8 @@ #define SECONDS 3 #define RSA_SECONDS 10 #define DSA_SECONDS 10 +#define ECDSA_SECONDS 10 +#define ECDH_SECONDS 10 /* 11-Sep-92 Andrew Daviel Support for Silicon Graphics IRIX added */ /* 06-Apr-92 Luke Brennan Support for VMS and add extra signal calls */ @@ -73,7 +88,7 @@ #include #include -#include + #include #include #include "apps.h" @@ -89,6 +104,10 @@ #include OPENSSL_UNISTD #endif +#ifndef OPENSSL_SYS_NETWARE +#include +#endif + #if defined(__FreeBSD__) || defined(__NetBSD__) || defined(__OpenBSD__) || defined(OPENSSL_SYS_MACOSX) # define USE_TOD #elif !defined(OPENSSL_SYS_MSDOS) && !defined(OPENSSL_SYS_VXWORKS) && (!defined(OPENSSL_SYS_VMS) || defined(__DECC)) @@ -98,6 +117,12 @@ # define TIMEB #endif +#if defined(OPENSSL_SYS_NETWARE) +#undef TIMES +#undef TIMEB +#include +#endif + #ifndef _IRIX # include #endif @@ -122,7 +147,7 @@ #include #endif -#if !defined(TIMES) && !defined(TIMEB) && !defined(USE_TOD) && !defined(OPENSSL_SYS_VXWORKS) +#if !defined(TIMES) && !defined(TIMEB) && !defined(USE_TOD) && !defined(OPENSSL_SYS_VXWORKS) && !defined(OPENSSL_SYS_NETWARE) #error "It seems neither struct tms nor struct timeb is supported in this platform!" #endif @@ -132,12 +157,16 @@ #include #endif +#include #ifndef OPENSSL_NO_DES #include #endif #ifndef OPENSSL_NO_AES #include #endif +#ifndef OPENSSL_NO_CAMELLIA +#include +#endif #ifndef OPENSSL_NO_MD2 #include #endif @@ -172,6 +201,9 @@ #ifndef OPENSSL_NO_IDEA #include #endif +#ifndef OPENSSL_NO_SEED +#include +#endif #ifndef OPENSSL_NO_BF #include #endif @@ -184,14 +216,31 @@ #endif #include #ifndef OPENSSL_NO_DSA +#include #include "./testdsa.h" #endif +#ifndef OPENSSL_NO_ECDSA +#include +#endif +#ifndef OPENSSL_NO_ECDH +#include +#endif + +/* + * The following "HZ" timing stuff should be sync'd up with the code in + * crypto/tmdiff.[ch]. That appears to try to do the same job, though I think + * this code is more up to date than libcrypto's so there may be features to + * migrate over first. This is used in two places further down AFAICS. + * The point is that nothing in openssl actually *uses* that tmdiff stuff, so + * either speed.c should be using it or it should go because it's obviously not + * useful enough. Anyone want to do a janitorial job on this? + */ /* The following if from times(3) man page. It may need to be changed */ #ifndef HZ # if defined(_SC_CLK_TCK) \ && (!defined(OPENSSL_SYS_VMS) || __CTRL_VER >= 70000000) -# define HZ ((double)sysconf(_SC_CLK_TCK)) +# define HZ sysconf(_SC_CLK_TCK) # else # ifndef CLK_TCK # ifndef _BSD_CLK_TCK_ /* FreeBSD hack */ @@ -205,7 +254,7 @@ # endif #endif -#if !defined(OPENSSL_SYS_VMS) && !defined(OPENSSL_SYS_WINDOWS) && !defined(OPENSSL_SYS_MACINTOSH_CLASSIC) && !defined(OPENSSL_SYS_OS2) +#if !defined(OPENSSL_SYS_VMS) && !defined(OPENSSL_SYS_WINDOWS) && !defined(OPENSSL_SYS_MACINTOSH_CLASSIC) && !defined(OPENSSL_SYS_OS2) && !defined(OPENSSL_SYS_NETWARE) # define HAVE_FORK 1 #endif @@ -219,25 +268,44 @@ static int usertime=1; static double Time_F(int s); static void print_message(const char *s,long num,int length); -static void pkey_print_message(char *str,char *str2,long num,int bits,int sec); +static void pkey_print_message(const char *str, const char *str2, + long num, int bits, int sec); static void print_result(int alg,int run_no,int count,double time_used); #ifdef HAVE_FORK static int do_multi(int multi); #endif -#define ALGOR_NUM 19 +#define ALGOR_NUM 28 #define SIZE_NUM 5 #define RSA_NUM 4 #define DSA_NUM 3 + +#define EC_NUM 16 +#define MAX_ECDH_SIZE 256 + static const char *names[ALGOR_NUM]={ "md2","mdc2","md4","md5","hmac(md5)","sha1","rmd160","rc4", - "des cbc","des ede3","idea cbc", + "des cbc","des ede3","idea cbc","seed cbc", "rc2 cbc","rc5-32/12 cbc","blowfish cbc","cast cbc", - "aes-128 cbc","aes-192 cbc","aes-256 cbc"}; + "aes-128 cbc","aes-192 cbc","aes-256 cbc", + "camellia-128 cbc","camellia-192 cbc","camellia-256 cbc", + "evp","sha256","sha512", + "aes-128 ige","aes-192 ige","aes-256 ige"}; static double results[ALGOR_NUM][SIZE_NUM]; static int lengths[SIZE_NUM]={16,64,256,1024,8*1024}; static double rsa_results[RSA_NUM][2]; static double dsa_results[DSA_NUM][2]; +#ifndef OPENSSL_NO_ECDSA +static double ecdsa_results[EC_NUM][2]; +#endif +#ifndef OPENSSL_NO_ECDH +static double ecdh_results[EC_NUM][1]; +#endif + +#if defined(OPENSSL_NO_DSA) && !(defined(OPENSSL_NO_ECDSA) && defined(OPENSSL_NO_ECDH)) +static const char rnd_seed[] = "string to make the random number generator think it has entropy"; +static int rnd_fake = 0; +#endif #ifdef SIGALRM #if defined(__STDC__) || defined(sgi) || defined(_AIX) @@ -260,13 +328,39 @@ static SIGRETTYPE sig_done(int sig) #define START 0 #define STOP 1 +#if defined(OPENSSL_SYS_NETWARE) + + /* for NetWare the best we can do is use clock() which returns the + * time, in hundredths of a second, since the NLM began executing + */ +static double Time_F(int s) + { + double ret; + + static clock_t tstart,tend; + + if (s == START) + { + tstart=clock(); + return(0); + } + else + { + tend=clock(); + ret=(double)((double)(tend)-(double)(tstart)); + return((ret < 0.001)?0.001:ret); + } + } + +#else + static double Time_F(int s) { double ret; #ifdef USE_TOD if(usertime) - { + { static struct rusage tstart,tend; getrusage_used = 1; @@ -321,7 +415,8 @@ static double Time_F(int s) else { times(&tend); - ret=((double)(tend.tms_utime-tstart.tms_utime))/HZ; + ret = HZ; + ret=(double)(tend.tms_utime-tstart.tms_utime) / ret; return((ret < 1e-3)?1e-3:ret); } } @@ -367,6 +462,25 @@ static double Time_F(int s) # endif #endif } +#endif /* if defined(OPENSSL_SYS_NETWARE) */ + + +#ifndef OPENSSL_NO_ECDH +static const int KDF1_SHA1_len = 20; +static void *KDF1_SHA1(const void *in, size_t inlen, void *out, size_t *outlen) + { +#ifndef OPENSSL_NO_SHA + if (*outlen < SHA_DIGEST_LENGTH) + return NULL; + else + *outlen = SHA_DIGEST_LENGTH; + return SHA1(in, inlen, out); +#else + return NULL; +#endif /* OPENSSL_NO_SHA */ + } +#endif /* OPENSSL_NO_ECDH */ + int MAIN(int, char **); @@ -401,6 +515,12 @@ int MAIN(int argc, char **argv) #endif #ifndef OPENSSL_NO_SHA unsigned char sha[SHA_DIGEST_LENGTH]; +#ifndef OPENSSL_NO_SHA256 + unsigned char sha256[SHA256_DIGEST_LENGTH]; +#endif +#ifndef OPENSSL_NO_SHA512 + unsigned char sha512[SHA512_DIGEST_LENGTH]; +#endif #endif #ifndef OPENSSL_NO_RIPEMD unsigned char rmd160[RIPEMD160_DIGEST_LENGTH]; @@ -417,6 +537,9 @@ int MAIN(int argc, char **argv) #ifndef OPENSSL_NO_IDEA IDEA_KEY_SCHEDULE idea_ks; #endif +#ifndef OPENSSL_NO_SEED + SEED_KEY_SCHEDULE seed_ks; +#endif #ifndef OPENSSL_NO_BF BF_KEY bf_ks; #endif @@ -426,6 +549,7 @@ int MAIN(int argc, char **argv) static const unsigned char key16[16]= {0x12,0x34,0x56,0x78,0x9a,0xbc,0xde,0xf0, 0x34,0x56,0x78,0x9a,0xbc,0xde,0xf0,0x12}; +#ifndef OPENSSL_NO_AES static const unsigned char key24[24]= {0x12,0x34,0x56,0x78,0x9a,0xbc,0xde,0xf0, 0x34,0x56,0x78,0x9a,0xbc,0xde,0xf0,0x12, @@ -435,13 +559,25 @@ int MAIN(int argc, char **argv) 0x34,0x56,0x78,0x9a,0xbc,0xde,0xf0,0x12, 0x56,0x78,0x9a,0xbc,0xde,0xf0,0x12,0x34, 0x78,0x9a,0xbc,0xde,0xf0,0x12,0x34,0x56}; +#endif +#ifndef OPENSSL_NO_CAMELLIA + static const unsigned char ckey24[24]= + {0x12,0x34,0x56,0x78,0x9a,0xbc,0xde,0xf0, + 0x34,0x56,0x78,0x9a,0xbc,0xde,0xf0,0x12, + 0x56,0x78,0x9a,0xbc,0xde,0xf0,0x12,0x34}; + static const unsigned char ckey32[32]= + {0x12,0x34,0x56,0x78,0x9a,0xbc,0xde,0xf0, + 0x34,0x56,0x78,0x9a,0xbc,0xde,0xf0,0x12, + 0x56,0x78,0x9a,0xbc,0xde,0xf0,0x12,0x34, + 0x78,0x9a,0xbc,0xde,0xf0,0x12,0x34,0x56}; +#endif #ifndef OPENSSL_NO_AES #define MAX_BLOCK_SIZE 128 #else #define MAX_BLOCK_SIZE 64 #endif unsigned char DES_iv[8]; - unsigned char iv[MAX_BLOCK_SIZE/8]; + unsigned char iv[2*MAX_BLOCK_SIZE/8]; #ifndef OPENSSL_NO_DES DES_cblock *buf_as_des_cblock = NULL; static DES_cblock key ={0x12,0x34,0x56,0x78,0x9a,0xbc,0xde,0xf0}; @@ -454,6 +590,9 @@ int MAIN(int argc, char **argv) #ifndef OPENSSL_NO_AES AES_KEY aes_ks1, aes_ks2, aes_ks3; #endif +#ifndef OPENSSL_NO_CAMELLIA + CAMELLIA_KEY camellia_ks1, camellia_ks2, camellia_ks3; +#endif #define D_MD2 0 #define D_MDC2 1 #define D_MD4 2 @@ -465,14 +604,23 @@ int MAIN(int argc, char **argv) #define D_CBC_DES 8 #define D_EDE3_DES 9 #define D_CBC_IDEA 10 -#define D_CBC_RC2 11 -#define D_CBC_RC5 12 -#define D_CBC_BF 13 -#define D_CBC_CAST 14 -#define D_CBC_128_AES 15 -#define D_CBC_192_AES 16 -#define D_CBC_256_AES 17 -#define D_EVP 18 +#define D_CBC_SEED 11 +#define D_CBC_RC2 12 +#define D_CBC_RC5 13 +#define D_CBC_BF 14 +#define D_CBC_CAST 15 +#define D_CBC_128_AES 16 +#define D_CBC_192_AES 17 +#define D_CBC_256_AES 18 +#define D_CBC_128_CML 19 +#define D_CBC_192_CML 20 +#define D_CBC_256_CML 21 +#define D_EVP 22 +#define D_SHA256 23 +#define D_SHA512 24 +#define D_IGE_128_AES 25 +#define D_IGE_192_AES 26 +#define D_IGE_256_AES 27 double d=0.0; long c[ALGOR_NUM][SIZE_NUM]; #define R_DSA_512 0 @@ -482,6 +630,24 @@ int MAIN(int argc, char **argv) #define R_RSA_1024 1 #define R_RSA_2048 2 #define R_RSA_4096 3 + +#define R_EC_P160 0 +#define R_EC_P192 1 +#define R_EC_P224 2 +#define R_EC_P256 3 +#define R_EC_P384 4 +#define R_EC_P521 5 +#define R_EC_K163 6 +#define R_EC_K233 7 +#define R_EC_K283 8 +#define R_EC_K409 9 +#define R_EC_K571 10 +#define R_EC_B163 11 +#define R_EC_B233 12 +#define R_EC_B283 13 +#define R_EC_B409 14 +#define R_EC_B571 15 + #ifndef OPENSSL_NO_RSA RSA *rsa_key[RSA_NUM]; long rsa_c[RSA_NUM][2]; @@ -497,8 +663,87 @@ int MAIN(int argc, char **argv) long dsa_c[DSA_NUM][2]; static unsigned int dsa_bits[DSA_NUM]={512,1024,2048}; #endif +#ifndef OPENSSL_NO_EC + /* We only test over the following curves as they are representative, + * To add tests over more curves, simply add the curve NID + * and curve name to the following arrays and increase the + * EC_NUM value accordingly. + */ + static unsigned int test_curves[EC_NUM] = + { + /* Prime Curves */ + NID_secp160r1, + NID_X9_62_prime192v1, + NID_secp224r1, + NID_X9_62_prime256v1, + NID_secp384r1, + NID_secp521r1, + /* Binary Curves */ + NID_sect163k1, + NID_sect233k1, + NID_sect283k1, + NID_sect409k1, + NID_sect571k1, + NID_sect163r2, + NID_sect233r1, + NID_sect283r1, + NID_sect409r1, + NID_sect571r1 + }; + static const char * test_curves_names[EC_NUM] = + { + /* Prime Curves */ + "secp160r1", + "nistp192", + "nistp224", + "nistp256", + "nistp384", + "nistp521", + /* Binary Curves */ + "nistk163", + "nistk233", + "nistk283", + "nistk409", + "nistk571", + "nistb163", + "nistb233", + "nistb283", + "nistb409", + "nistb571" + }; + static int test_curves_bits[EC_NUM] = + { + 160, 192, 224, 256, 384, 521, + 163, 233, 283, 409, 571, + 163, 233, 283, 409, 571 + }; + +#endif + +#ifndef OPENSSL_NO_ECDSA + unsigned char ecdsasig[256]; + unsigned int ecdsasiglen; + EC_KEY *ecdsa[EC_NUM]; + long ecdsa_c[EC_NUM][2]; +#endif + +#ifndef OPENSSL_NO_ECDH + EC_KEY *ecdh_a[EC_NUM], *ecdh_b[EC_NUM]; + unsigned char secret_a[MAX_ECDH_SIZE], secret_b[MAX_ECDH_SIZE]; + int secret_size_a, secret_size_b; + int ecdh_checks = 0; + int secret_idx = 0; + long ecdh_c[EC_NUM][2]; +#endif + int rsa_doit[RSA_NUM]; int dsa_doit[DSA_NUM]; +#ifndef OPENSSL_NO_ECDSA + int ecdsa_doit[EC_NUM]; +#endif +#ifndef OPENSSL_NO_ECDH + int ecdh_doit[EC_NUM]; +#endif int doit[ALGOR_NUM]; int pr_header=0; const EVP_CIPHER *evp_cipher=NULL; @@ -517,6 +762,17 @@ int MAIN(int argc, char **argv) #ifndef OPENSSL_NO_DSA memset(dsa_key,0,sizeof(dsa_key)); #endif +#ifndef OPENSSL_NO_ECDSA + for (i=0; ispkac->challenge, - challenge, strlen(challenge)); + challenge, (int)strlen(challenge)); NETSCAPE_SPKI_set_pubkey(spki, pkey); NETSCAPE_SPKI_sign(spki, pkey, EVP_md5()); spkstr = NETSCAPE_SPKI_b64_encode(spki); diff --git a/src/lib/libssl/src/apps/verify.c b/src/lib/libssl/src/apps/verify.c index d73280cdd0..9ff32cb068 100644 --- a/src/lib/libssl/src/apps/verify.c +++ b/src/lib/libssl/src/apps/verify.c @@ -79,13 +79,14 @@ int MAIN(int, char **); int MAIN(int argc, char **argv) { ENGINE *e = NULL; - int i,ret=1; + int i,ret=1, badarg = 0; int purpose = -1; char *CApath=NULL,*CAfile=NULL; char *untfile = NULL, *trustfile = NULL; STACK_OF(X509) *untrusted = NULL, *trusted = NULL; X509_STORE *cert_ctx=NULL; X509_LOOKUP *lookup=NULL; + X509_VERIFY_PARAM *vpm = NULL; #ifndef OPENSSL_NO_ENGINE char *engine=NULL; #endif @@ -121,18 +122,12 @@ int MAIN(int argc, char **argv) if (argc-- < 1) goto end; CAfile= *(++argv); } - else if (strcmp(*argv,"-purpose") == 0) + else if (args_verify(&argv, &argc, &badarg, bio_err, + &vpm)) { - X509_PURPOSE *xptmp; - if (argc-- < 1) goto end; - i = X509_PURPOSE_get_by_sname(*(++argv)); - if(i < 0) - { - BIO_printf(bio_err, "unrecognized purpose\n"); + if (badarg) goto end; - } - xptmp = X509_PURPOSE_get0(i); - purpose = X509_PURPOSE_get_id(xptmp); + continue; } else if (strcmp(*argv,"-untrusted") == 0) { @@ -153,14 +148,6 @@ int MAIN(int argc, char **argv) #endif else if (strcmp(*argv,"-help") == 0) goto end; - else if (strcmp(*argv,"-ignore_critical") == 0) - vflags |= X509_V_FLAG_IGNORE_CRITICAL; - else if (strcmp(*argv,"-issuer_checks") == 0) - vflags |= X509_V_FLAG_CB_ISSUER_CHECK; - else if (strcmp(*argv,"-crl_check") == 0) - vflags |= X509_V_FLAG_CRL_CHECK; - else if (strcmp(*argv,"-crl_check_all") == 0) - vflags |= X509_V_FLAG_CRL_CHECK|X509_V_FLAG_CRL_CHECK_ALL; else if (strcmp(*argv,"-verbose") == 0) v_verbose=1; else if (argv[0][0] == '-') @@ -178,6 +165,9 @@ int MAIN(int argc, char **argv) e = setup_engine(bio_err, engine, 0); #endif + if (vpm) + X509_STORE_set1_param(cert_ctx, vpm); + lookup=X509_STORE_add_lookup(cert_ctx,X509_LOOKUP_file()); if (lookup == NULL) abort(); if (CAfile) { @@ -238,6 +228,7 @@ end: X509_PURPOSE_get0_name(ptmp)); } } + if (vpm) X509_VERIFY_PARAM_free(vpm); if (cert_ctx != NULL) X509_STORE_free(cert_ctx); sk_X509_pop_free(untrusted, X509_free); sk_X509_pop_free(trusted, X509_free); @@ -339,10 +330,13 @@ static int MS_CALLBACK cb(int ok, X509_STORE_CTX *ctx) if (!ok) { - X509_NAME_oneline( + if (ctx->current_cert) + { + X509_NAME_oneline( X509_get_subject_name(ctx->current_cert),buf, sizeof buf); - printf("%s\n",buf); + printf("%s\n",buf); + } printf("error %d at %d depth lookup:%s\n",ctx->error, ctx->error_depth, X509_verify_cert_error_string(ctx->error)); @@ -361,7 +355,14 @@ static int MS_CALLBACK cb(int ok, X509_STORE_CTX *ctx) if (ctx->error == X509_V_ERR_CRL_HAS_EXPIRED) ok=1; if (ctx->error == X509_V_ERR_CRL_NOT_YET_VALID) ok=1; if (ctx->error == X509_V_ERR_UNHANDLED_CRITICAL_EXTENSION) ok=1; + + if (ctx->error == X509_V_ERR_NO_EXPLICIT_POLICY) + policies_print(NULL, ctx); + return ok; + } + if ((ctx->error == X509_V_OK) && (ok == 2)) + policies_print(NULL, ctx); if (!v_verbose) ERR_clear_error(); return(ok); diff --git a/src/lib/libssl/src/apps/version.c b/src/lib/libssl/src/apps/version.c index 0843b67565..69ef3e1bad 100644 --- a/src/lib/libssl/src/apps/version.c +++ b/src/lib/libssl/src/apps/version.c @@ -115,6 +115,7 @@ #include "apps.h" #include #include +#include #ifndef OPENSSL_NO_MD2 # include #endif @@ -172,7 +173,19 @@ int MAIN(int argc, char **argv) } } - if (version) printf("%s\n",SSLeay_version(SSLEAY_VERSION)); + if (version) + { + if (SSLeay() == SSLEAY_VERSION_NUMBER) + { + printf("%s\n",SSLeay_version(SSLEAY_VERSION)); + } + else + { + printf("%s (Library: %s)\n", + OPENSSL_VERSION_TEXT, + SSLeay_version(SSLEAY_VERSION)); + } + } if (date) printf("%s\n",SSLeay_version(SSLEAY_BUILT_ON)); if (platform) printf("%s\n",SSLeay_version(SSLEAY_PLATFORM)); if (options) diff --git a/src/lib/libssl/src/apps/x509.c b/src/lib/libssl/src/apps/x509.c index e7115cac67..f6938356f8 100644 --- a/src/lib/libssl/src/apps/x509.c +++ b/src/lib/libssl/src/apps/x509.c @@ -73,6 +73,12 @@ #include #include #include +#ifndef OPENSSL_NO_RSA +#include +#endif +#ifndef OPENSSL_NO_DSA +#include +#endif #undef PROG #define PROG x509_main @@ -81,7 +87,7 @@ #define POSTFIX ".srl" #define DEF_DAYS 30 -static char *x509_usage[]={ +static const char *x509_usage[]={ "usage: x509 args\n", " -inform arg - input format - default PEM (one of DER, NET or PEM)\n", " -outform arg - output format - default PEM (one of DER, NET or PEM)\n", @@ -92,7 +98,9 @@ static char *x509_usage[]={ " -out arg - output file - default stdout\n", " -passin arg - private key password source\n", " -serial - print serial number value\n", -" -hash - print hash value\n", +" -subject_hash - print subject hash value\n", +" -issuer_hash - print issuer hash value\n", +" -hash - synonym for -subject_hash\n", " -subject - print subject DN\n", " -issuer - print issuer DN\n", " -email - print email address(es)\n", @@ -106,6 +114,7 @@ static char *x509_usage[]={ " -alias - output certificate alias\n", " -noout - no certificate output\n", " -ocspid - print OCSP hash values for the subject name and public key\n", +" -ocspurl - print OCSP Responder URL(s)\n", " -trustout - output a \"trusted\" certificate\n", " -clrtrust - clear all trusted purposes\n", " -clrreject - clear all rejected purposes\n", @@ -167,19 +176,21 @@ int MAIN(int argc, char **argv) char *infile=NULL,*outfile=NULL,*keyfile=NULL,*CAfile=NULL; char *CAkeyfile=NULL,*CAserial=NULL; char *alias=NULL; - int text=0,serial=0,hash=0,subject=0,issuer=0,startdate=0,enddate=0; - int next_serial=0,ocspid=0; + int text=0,serial=0,subject=0,issuer=0,startdate=0,enddate=0; + int next_serial=0; + int subject_hash=0,issuer_hash=0,ocspid=0; int noout=0,sign_flag=0,CA_flag=0,CA_createserial=0,email=0; + int ocsp_uri=0; int trustout=0,clrtrust=0,clrreject=0,aliasout=0,clrext=0; int C=0; int x509req=0,days=DEF_DAYS,modulus=0,pubkey=0; int pprint = 0; - char **pp; + const char **pp; X509_STORE *ctx=NULL; X509_REQ *rq=NULL; int fingerprint=0; char buf[256]; - const EVP_MD *md_alg,*digest; + const EVP_MD *md_alg,*digest=EVP_sha1(); CONF *extconf = NULL; char *extsect = NULL, *extfile = NULL, *passin = NULL, *passargin = NULL; int need_rand = 0; @@ -216,13 +227,6 @@ int MAIN(int argc, char **argv) if (ctx == NULL) goto end; X509_STORE_set_verify_cb_func(ctx,callb); -#ifdef OPENSSL_FIPS - if (FIPS_mode()) - digest = EVP_sha1(); - else -#endif - digest = EVP_md5(); - argc--; argv++; num=0; @@ -376,6 +380,8 @@ int MAIN(int argc, char **argv) C= ++num; else if (strcmp(*argv,"-email") == 0) email= ++num; + else if (strcmp(*argv,"-ocsp_uri") == 0) + ocsp_uri= ++num; else if (strcmp(*argv,"-serial") == 0) serial= ++num; else if (strcmp(*argv,"-next_serial") == 0) @@ -388,8 +394,11 @@ int MAIN(int argc, char **argv) x509req= ++num; else if (strcmp(*argv,"-text") == 0) text= ++num; - else if (strcmp(*argv,"-hash") == 0) - hash= ++num; + else if (strcmp(*argv,"-hash") == 0 + || strcmp(*argv,"-subject_hash") == 0) + subject_hash= ++num; + else if (strcmp(*argv,"-issuer_hash") == 0) + issuer_hash= ++num; else if (strcmp(*argv,"-subject") == 0) subject= ++num; else if (strcmp(*argv,"-issuer") == 0) @@ -704,7 +713,8 @@ bad: else if (serial == i) { BIO_printf(STDout,"serial="); - i2a_ASN1_INTEGER(STDout,x->cert_info->serialNumber); + i2a_ASN1_INTEGER(STDout, + X509_get_serialNumber(x)); BIO_printf(STDout,"\n"); } else if (next_serial == i) @@ -725,11 +735,14 @@ bad: ASN1_INTEGER_free(ser); BIO_puts(out, "\n"); } - else if (email == i) + else if ((email == i) || (ocsp_uri == i)) { int j; STACK *emlst; - emlst = X509_get1_email(x); + if (email == i) + emlst = X509_get1_email(x); + else + emlst = X509_get1_ocsp(x); for (j = 0; j < sk_num(emlst); j++) BIO_printf(STDout, "%s\n", sk_value(emlst, j)); X509_email_free(emlst); @@ -741,10 +754,14 @@ bad: if (alstr) BIO_printf(STDout,"%s\n", alstr); else BIO_puts(STDout,"\n"); } - else if (hash == i) + else if (subject_hash == i) { BIO_printf(STDout,"%08lx\n",X509_subject_name_hash(x)); } + else if (issuer_hash == i) + { + BIO_printf(STDout,"%08lx\n",X509_issuer_name_hash(x)); + } else if (pprint == i) { X509_PURPOSE *ptmp; @@ -906,6 +923,10 @@ bad: if (Upkey->type == EVP_PKEY_DSA) digest=EVP_dss1(); #endif +#ifndef OPENSSL_NO_ECDSA + if (Upkey->type == EVP_PKEY_EC) + digest=EVP_ecdsa(); +#endif assert(need_rand); if (!sign(x,Upkey,days,clrext,digest, @@ -926,6 +947,10 @@ bad: if (CApkey->type == EVP_PKEY_DSA) digest=EVP_dss1(); #endif +#ifndef OPENSSL_NO_ECDSA + if (CApkey->type == EVP_PKEY_EC) + digest = EVP_ecdsa(); +#endif assert(need_rand); if (!x509_certify(ctx,CAfile,digest,x,xca, @@ -957,6 +982,10 @@ bad: if (pk->type == EVP_PKEY_DSA) digest=EVP_dss1(); #endif +#ifndef OPENSSL_NO_ECDSA + if (pk->type == EVP_PKEY_EC) + digest=EVP_ecdsa(); +#endif rq=X509_to_X509_REQ(x,pk,digest); EVP_PKEY_free(pk); @@ -1020,8 +1049,7 @@ bad: ah.data=(char *)x; ah.meth=X509_asn1_meth(); - /* no macro for this one yet */ - i=ASN1_i2d_bio(i2d_ASN1_HEADER,out,(unsigned char *)&ah); + i=ASN1_i2d_bio_of(ASN1_HEADER,i2d_ASN1_HEADER,out,&ah); } else { BIO_printf(bio_err,"bad output format specified for outfile\n"); diff --git a/src/lib/libssl/src/config b/src/lib/libssl/src/config index c2f504f59e..dde9275b76 100644 --- a/src/lib/libssl/src/config +++ b/src/lib/libssl/src/config @@ -54,22 +54,6 @@ SYSTEM=`(uname -s) 2>/dev/null` || SYSTEM="unknown" VERSION=`(uname -v) 2>/dev/null` || VERSION="unknown" - - - -# Check for VC++ presence first. -# -#if [ "x$MSVCDIR" != "x" -o "x$VCINSTALLDIR" != "x" ]; then -# perl Configure VC-WIN32 $* -# cmd /c ms\\do_masm.bat -# perl util/mk1mf.pl VC-WIN32-GMAKE >mak.tmp -# rm Makefile -# mv mak.tmp Makefile -# echo "Configured for VC++ using GNU make" -# exit 0 -#fi -# - # Now test for ISC and SCO, since it is has a braindamaged uname. # # We need to work around FreeBSD 1.1.5.1 @@ -98,9 +82,9 @@ if [ "x$XREL" != "x" ]; then esac ;; 4.2) - echo "i386-whatever-unixware1"; exit 0 + echo "whatever-whatever-unixware1"; exit 0 ;; - 5) + 5*) case "x${VERSION}" in # We hardcode i586 in place of ${MACHINE} for the # following reason. The catch is that even though Pentium @@ -109,8 +93,7 @@ if [ "x$XREL" != "x" ]; then # with i386 is that it makes ./config pass 386 to # ./Configure, which in turn makes make generate # inefficient SHA-1 (for this moment) code. - x7*) echo "i586-sco-unixware7"; exit 0 ;; - x8*) echo "i586-unkn-OpenUNIX${VERSION}"; exit 0 ;; + x[678]*) echo "i586-sco-unixware7"; exit 0 ;; esac ;; esac @@ -354,11 +337,7 @@ case "${SYSTEM}:${RELEASE}:${VERSION}:${MACHINE}" in ;; MINGW*) - echo "${MACHINE}-whatever-mingw"; echo 0; - # Save fipslib path so VC++ build can find it - (cd /usr/local/ssl/lib ; pwd -W ) > util/fipslib_path.txt - # Extract _chkstk.o so VC++ can use it, to avoid __alloca link error - (cd ms ; ar x `gcc -print-libgcc-file-name` _chkstk.o) + echo "${MACHINE}-whatever-mingw"; exit 0; ;; CYGWIN*) case "$RELEASE" in @@ -472,8 +451,6 @@ if [ "$SYSTEM" = "SunOS" ]; then echo " patch #107357-01 or later applied." sleep 5 fi - elif [ "$CC" = "cc" -a $CCVER -gt 0 ]; then - CC=sc3 fi fi @@ -539,36 +516,23 @@ case "$GUESSOS" in #fi OUT="irix-mips3-$CC" ;; + ppc-apple-rhapsody) OUT="rhapsody-ppc-cc" ;; + ppc-apple-darwin*) OUT="darwin-ppc-cc" ;; + i386-apple-darwin*) OUT="darwin-i386-cc" ;; alpha-*-linux2) - ISA=`awk '/cpu model/{print$4}' /proc/cpuinfo` + ISA=`awk '/cpu model/{print$4;exit(0);}' /proc/cpuinfo` case ${ISA:-generic} in - *[67]) OUT="linux-alpha+bwx-$CC" ;; + *[678]) OUT="linux-alpha+bwx-$CC" ;; *) OUT="linux-alpha-$CC" ;; esac if [ "$CC" = "gcc" ]; then case ${ISA:-generic} in EV5|EV45) options="$options -mcpu=ev5";; EV56|PCA56) options="$options -mcpu=ev56";; - EV6|EV67|PCA57) options="$options -mcpu=ev6";; + *) options="$options -mcpu=ev6";; esac fi ;; - mips-*-linux?) - cat >dummy.c < /* for printf() prototype */ - int main (argc, argv) int argc; char *argv[]; { -#ifdef __MIPSEB__ - printf ("linux-%s\n", argv[1]); -#endif -#ifdef __MIPSEL__ - printf ("linux-%sel\n", argv[1]); -#endif - return 0; -} -EOF - ${CC} -o dummy dummy.c && OUT=`./dummy ${MACHINE}` - rm dummy dummy.c - ;; ppc64-*-linux2) echo "WARNING! If you wish to build 64-bit library, then you have to" echo " invoke './Configure linux-ppc64' *manually*." @@ -579,11 +543,7 @@ EOF OUT="linux-ppc" ;; ppc-*-linux2) OUT="linux-ppc" ;; - m68k-*-linux*) OUT="linux-m68k" ;; ia64-*-linux?) OUT="linux-ia64" ;; - ppc-apple-rhapsody) OUT="rhapsody-ppc-cc" ;; - ppc-apple-darwin*) OUT="darwin-ppc-cc" ;; - i386-apple-darwin*) OUT="darwin-i386-cc" ;; sparc64-*-linux2) echo "WARNING! If you *know* that your GNU C supports 64-bit/V9 ABI" echo " and wish to build 64-bit library, then you have to" @@ -594,16 +554,18 @@ EOF fi OUT="linux-sparcv9" ;; sparc-*-linux2) - KARCH=`awk '/^type/{print$3}' /proc/cpuinfo` + KARCH=`awk '/^type/{print$3;exit(0);}' /proc/cpuinfo` case ${KARCH:-sun4} in sun4u*) OUT="linux-sparcv9" ;; sun4m) OUT="linux-sparcv8" ;; sun4d) OUT="linux-sparcv8" ;; - *) OUT="linux-sparcv7" ;; + *) OUT="linux-generic32"; options="$options -DB_ENDIAN" ;; esac ;; - parisc-*-linux2) - CPUARCH=`awk '/cpu family/{print substr($5,1,3)}' /proc/cpuinfo` - CPUSCHEDULE=`awk '/^cpu.[ ]: PA/{print substr($3,3)}' /proc/cpuinfo` + parisc*-*-linux2) + # 64-bit builds under parisc64 linux are not supported and + # compiler is expected to generate 32-bit objects... + CPUARCH=`awk '/cpu family/{print substr($5,1,3); exit(0);}' /proc/cpuinfo` + CPUSCHEDULE=`awk '/^cpu.[ ]*: PA/{print substr($3,3); exit(0);}' /proc/cpuinfo` # ??TODO ?? Model transformations # 0. CPU Architecture for the 1.1 processor has letter suffixes. We strip that off @@ -616,31 +578,34 @@ EOF # PA8500 -> 8000 (2.0) # PA8600 -> 8000 (2.0) - CPUSCHEDULE=`echo $CPUSCHEDULE|sed -e 's/7300LC/7100LC/' -e 's/8?00/8000/'` + CPUSCHEDULE=`echo $CPUSCHEDULE|sed -e 's/7300LC/7100LC/' -e 's/8.00/8000/'` # Finish Model transformations - options="$options -mschedule=$CPUSCHEDULE -march=$CPUARCH" - OUT="linux-parisc" ;; - arm*b-*-linux2) OUT="linux-elf-arm"; options="$options -DB_ENDIAN" ;; - arm*l-*-linux2) OUT="linux-elf-arm"; options="$options -DL_ENDIAN" ;; - arm*-*-linux2) OUT="linux-elf-arm" ;; - s390-*-linux2) OUT="linux-s390" ;; - s390x-*-linux?) OUT="linux-s390x" ;; + options="$options -DB_ENDIAN -mschedule=$CPUSCHEDULE -march=$CPUARCH" + OUT="linux-generic32" ;; + arm*b-*-linux2) OUT="linux-generic32"; options="$options -DB_ENDIAN" ;; + arm*l-*-linux2) OUT="linux-generic32"; options="$options -DL_ENDIAN" ;; + sh*b-*-linux2) OUT="linux-generic32"; options="$options -DB_ENDIAN" ;; + sh*-*-linux2) OUT="linux-generic32"; options="$options -DL_ENDIAN" ;; + m68k*-*-linux2) OUT="linux-generic32"; options="$options -DB_ENDIAN" ;; + s390-*-linux2) OUT="linux-generic32"; options="$options -DB_ENDIAN -DNO_ASM" ;; + s390x-*-linux2) OUT="linux-generic64"; options="$options -DB_ENDIAN" ;; x86_64-*-linux?) OUT="linux-x86_64" ;; - *-*-linux2) OUT="linux-elf" + *86-*-linux2) OUT="linux-elf" if [ "$GCCVER" -gt 28 ]; then if grep '^model.*Pentium' /proc/cpuinfo >/dev/null ; then - OUT="linux-pentium" + options="$options -march=pentium" fi if grep '^model.*Pentium Pro' /proc/cpuinfo >/dev/null ; then - OUT="linux-ppro" + options="$options -march=pentiumpro" fi if grep '^model.*K6' /proc/cpuinfo >/dev/null ; then - OUT="linux-k6" + options="$options -march=k6" fi fi ;; *-*-linux1) OUT="linux-aout" ;; - sun4u*-*-solaris2) + *-*-linux2) OUT="linux-generic32" ;; + sun4[uv]*-*-solaris2) OUT="solaris-sparcv9-$CC" ISA64=`(isalist) 2>/dev/null | grep sparcv9` if [ "$ISA64" != "" ]; then @@ -683,48 +648,43 @@ EOF OUT="solaris64-x86_64-$CC" else OUT="solaris-x86-$CC" + if [ `uname -r | sed -e 's/5\.//'` -lt 10 ]; then + options="$options no-sse2" + fi fi ;; - *-*-sunos4) OUT="sunos-$CC" ;; - alpha*-*-freebsd*) OUT="FreeBSD-alpha" ;; - sparc64-*-freebsd*) OUT="FreeBSD-sparc64" ;; - ia64-*-freebsd*) OUT="FreeBSD-ia64" ;; - *-freebsd[3-9]*) OUT="FreeBSD-elf" ;; - *-freebsd[1-2]*) OUT="FreeBSD" ;; - *86*-*-netbsd) OUT="NetBSD-x86" ;; - sun3*-*-netbsd) OUT="NetBSD-m68" ;; - *-*-netbsd) OUT="NetBSD-sparc" ;; - alpha*-*-openbsd) OUT="OpenBSD-alpha" ;; - *86*-*-openbsd) OUT="OpenBSD-i386" ;; - m68k*-*-openbsd) OUT="OpenBSD-m68k" ;; - m88k*-*-openbsd) OUT="OpenBSD-m88k" ;; - mips*-*-openbsd) OUT="OpenBSD-mips" ;; - pmax*-*-openbsd) OUT="OpenBSD-mips" ;; - powerpc*-*-openbsd) OUT="OpenBSD-powerpc" ;; - sparc64*-*-openbsd) OUT="OpenBSD-sparc64" ;; - sparc*-*-openbsd) OUT="OpenBSD-sparc" ;; - vax*-*-openbsd) OUT="OpenBSD-vax" ;; - hppa*-*-openbsd) OUT="OpenBSD-hppa" ;; - *-*-openbsd) OUT="OpenBSD" ;; - *86*-*-bsdi4) OUT="bsdi-elf-gcc" ;; - *-*-osf) OUT="alphaold-cc" ;; - *-*-tru64) OUT="alpha-cc" ;; - *-*-OpenUNIX*) + *-*-sunos4) OUT="sunos-$CC" ;; + + *86*-*-bsdi4) OUT="BSD-x86-elf"; options="$options no-sse2 -ldl" ;; + alpha*-*-*bsd*) OUT="BSD-generic64"; options="$options -DL_ENDIAN" ;; + powerpc64-*-*bsd*) OUT="BSD-generic64"; options="$options -DB_ENDIAN" ;; + sparc64-*-*bsd*) OUT="BSD-sparc64" ;; + ia64-*-*bsd*) OUT="BSD-ia64" ;; + amd64-*-*bsd*) OUT="BSD-x86_64" ;; + *86*-*-*bsd*) # mimic ld behaviour when it's looking for libc... + if [ -L /usr/lib/libc.so ]; then # [Free|Net]BSD + libc=/usr/lib/libc.so + else # OpenBSD + # ld searches for highest libc.so.* and so do we + libc=`(ls /usr/lib/libc.so.* | tail -1) 2>/dev/null` + fi + case "`(file -L $libc) 2>/dev/null`" in + *ELF*) OUT="BSD-x86-elf" ;; + *) OUT="BSD-x86"; options="$options no-sse2" ;; + esac ;; + *-*-*bsd*) OUT="BSD-generic32" ;; + + *-*-osf) OUT="osf1-alpha-cc" ;; + *-*-tru64) OUT="tru64-alpha-cc" ;; + *-*-[Uu]nix[Ww]are7) if [ "$CC" = "gcc" ]; then - OUT="OpenUNIX-8-gcc" + OUT="unixware-7-gcc" ; options="$options no-sse2" else - OUT="OpenUNIX-8" + OUT="unixware-7" ; options="$options no-sse2 -D__i386__" fi ;; - *-*-unixware7) OUT="unixware-7" ;; - *-*-UnixWare7) OUT="unixware-7" ;; - *-*-Unixware7) OUT="unixware-7" ;; - *-*-unixware20*) OUT="unixware-2.0" ;; - *-*-unixware21*) OUT="unixware-2.1" ;; - *-*-UnixWare20*) OUT="unixware-2.0" ;; - *-*-UnixWare21*) OUT="unixware-2.1" ;; - *-*-Unixware20*) OUT="unixware-2.0" ;; - *-*-Unixware21*) OUT="unixware-2.1" ;; + *-*-[Uu]nix[Ww]are20*) OUT="unixware-2.0"; options="$options no-sse2 no-sha512" ;; + *-*-[Uu]nix[Ww]are21*) OUT="unixware-2.1"; options="$options no-sse2 no-sha512" ;; *-*-vos) options="$options no-threads no-shared no-asm no-dso" EXE=".pm" @@ -733,15 +693,8 @@ EOF RM*-siemens-sysv4) OUT="ReliantUNIX" ;; *-siemens-sysv4) OUT="SINIX" ;; *-hpux1*) - if [ $CC = "gcc" ]; - then - if [ $GCC_BITS = "64" ]; then + if [ $CC = "gcc" -a $GCC_BITS = "64" ]; then OUT="hpux64-parisc2-gcc" - else - OUT="hpux-parisc-gcc" - fi - else - OUT="hpux-parisc-$CC" fi KERNEL_BITS=`(getconf KERNEL_BITS) 2>/dev/null` KERNEL_BITS=${KERNEL_BITS:-32} @@ -758,9 +711,7 @@ EOF fi OUT="hpux64-ia64-cc" elif [ $CPU_VERSION -ge 532 ]; then # PA-RISC 2.x CPU - if [ "$CC" = "cc" ]; then - OUT="hpux-parisc2-cc" # can't we have hpux-parisc2-gcc? - fi + OUT=${OUT:-"hpux-parisc2-${CC}"} if [ $KERNEL_BITS -eq 64 -a "$CC" = "cc" ]; then echo "WARNING! If you wish to build 64-bit library then you have to" echo " invoke './Configure hpux64-parisc2-cc' *manually*." @@ -770,9 +721,9 @@ EOF fi fi elif [ $CPU_VERSION -ge 528 ]; then # PA-RISC 1.1+ CPU - : + OUT="hpux-parisc-${CC}" elif [ $CPU_VERSION -ge 523 ]; then # PA-RISC 1.0 CPU - : + OUT="hpux-parisc-${CC}" else # Motorola(?) CPU OUT="hpux-$CC" fi @@ -798,6 +749,11 @@ EOF fi fi fi + if (lsattr -E -O -l `lsdev -c processor|awk '{print$1;exit}'` | grep -i powerpc) >/dev/null 2>&1; then + : # this applies even to Power3 and later, as they return PowerPC_POWER[345] + else + options="$options no-asm" + fi ;; # these are all covered by the catchall below # *-dgux) OUT="dgux" ;; @@ -822,12 +778,13 @@ esac # options="$options -DATALLA" #fi -# gcc < 2.8 does not support -mcpu=ultrasparc +# gcc < 2.8 does not support -march=ultrasparc if [ "$OUT" = solaris-sparcv9-gcc -a $GCCVER -lt 28 ] then - echo "WARNING! Do consider upgrading to gcc-2.8 or later." + echo "WARNING! Falling down to 'solaris-sparcv8-gcc'." + echo " Upgrade to gcc-2.8 or later." sleep 5 - OUT=solaris-sparcv9-gcc27 + OUT=solaris-sparcv8-gcc fi if [ "$OUT" = "linux-sparcv9" -a $GCCVER -lt 28 ] then @@ -841,7 +798,7 @@ case "$GUESSOS" in i386-*) options="$options 386" ;; esac -for i in bf cast des dh dsa ec hmac idea md2 md5 mdc2 rc2 rc4 rc5 aes ripemd rsa sha +for i in aes bf camellia cast des dh dsa ec hmac idea md2 md5 mdc2 rc2 rc4 rc5 ripemd rsa seed sha do if [ ! -d crypto/$i ] then diff --git a/src/lib/libssl/src/crypto/Makefile b/src/lib/libssl/src/crypto/Makefile index cda9de0ac9..bb8eaa036c 100644 --- a/src/lib/libssl/src/crypto/Makefile +++ b/src/lib/libssl/src/crypto/Makefile @@ -6,43 +6,41 @@ DIR= crypto TOP= .. CC= cc INCLUDE= -I. -I$(TOP) -I../include +# INCLUDES targets sudbirs! INCLUDES= -I.. -I../.. -I../../include CFLAG= -g -INSTALL_PREFIX= -OPENSSLDIR= /usr/local/ssl -INSTALLTOP= /usr/local/ssl MAKEDEPPROG= makedepend MAKEDEPEND= $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG) MAKEFILE= Makefile RM= rm -f AR= ar r +RECURSIVE_MAKE= [ -n "$(SDIRS)" ] && for i in $(SDIRS) ; do \ + (cd $$i && echo "making $$target in $(DIR)/$$i..." && \ + $(MAKE) -e TOP=../.. DIR=$$i INCLUDES='${INCLUDES}' $$target ) || exit 1; \ + done; + PEX_LIBS= EX_LIBS= CFLAGS= $(INCLUDE) $(CFLAG) - +ASFLAGS= $(INCLUDE) $(ASFLAG) +AFLAGS=$(ASFLAGS) LIBS= -SDIRS= md2 md5 sha mdc2 hmac ripemd \ - des rc2 rc4 rc5 idea bf cast \ - bn ec rsa dsa dh dso engine aes \ - buffer bio stack lhash rand err objects \ - evp asn1 pem x509 x509v3 conf txt_db pkcs7 pkcs12 comp ocsp ui krb5 - GENERAL=Makefile README crypto-lib.com install.com LIB= $(TOP)/libcrypto.a SHARED_LIB= libcrypto$(SHLIB_EXT) -LIBSRC= cryptlib.c mem.c mem_clr.c mem_dbg.c cversion.c ex_data.c tmdiff.c cpt_err.c ebcdic.c uid.c o_time.c o_str.c -LIBOBJ= cryptlib.o mem.o mem_clr.o mem_dbg.o cversion.o ex_data.o tmdiff.o cpt_err.o ebcdic.o uid.o o_time.o o_str.o +LIBSRC= cryptlib.c mem.c mem_clr.c mem_dbg.c cversion.c ex_data.c tmdiff.c cpt_err.c ebcdic.c uid.c o_time.c o_str.c o_dir.c +LIBOBJ= cryptlib.o mem.o mem_clr.o mem_dbg.o cversion.o ex_data.o tmdiff.o cpt_err.o ebcdic.o uid.o o_time.o o_str.o o_dir.o $(CPUID_OBJ) SRC= $(LIBSRC) EXHEADER= crypto.h tmdiff.h opensslv.h opensslconf.h ebcdic.h symhacks.h \ ossl_typ.h -HEADER= cryptlib.h buildinf.h md32_common.h o_time.h o_str.h $(EXHEADER) +HEADER= cryptlib.h buildinf.h md32_common.h o_time.h o_str.h o_dir.h $(EXHEADER) ALL= $(GENERAL) $(SRC) $(HEADER) @@ -59,148 +57,136 @@ buildinf.h: ../Makefile echo " #define DATE \"`LC_ALL=C LC_TIME=C date`\""; \ echo '#endif' ) >buildinf.h +x86cpuid-elf.s: x86cpuid.pl perlasm/x86asm.pl + $(PERL) x86cpuid.pl elf $(CFLAGS) $(PROCESSOR) > $@ +x86cpuid-cof.s: x86cpuid.pl perlasm/x86asm.pl + $(PERL) x86cpuid.pl coff $(CFLAGS) $(PROCESSOR) > $@ +x86cpuid-out.s: x86cpuid.pl perlasm/x86asm.pl + $(PERL) x86cpuid.pl a.out $(CFLAGS) $(PROCESSOR) > $@ + +uplink.o: ../ms/uplink.c + $(CC) $(CFLAGS) -c -o $@ ../ms/uplink.c + +uplink-cof.s: ../ms/uplink.pl + $(PERL) ../ms/uplink.pl coff > $@ + +x86_64cpuid.s: x86_64cpuid.pl + $(PERL) x86_64cpuid.pl $@ +ia64cpuid.s: ia64cpuid.S + $(CC) $(CFLAGS) -E ia64cpuid.S > $@ + testapps: - if echo ${SDIRS} | fgrep ' des '; \ - then cd des && $(MAKE) CC='$(CC)' INCLUDES='${INCLUDES}' CFLAG='${CFLAG}' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' BN_ASM='${BN_ASM}' DES_ENC='${DES_ENC}' SHA1_ASM_OBJ='${SHA1_ASM_OBJ}' MD5_ASM_OBJ='${MD5_ASM_OBJ}' RMD160_ASM_OBJ='${RMD160_ASM_OBJ}' BF_ENC='${BF_ENC}' CAST_ENC='${CAST_ENC}' RC4_ENC='${RC4_ENC}' RC5_ENC='${RC5_ENC}' AR='${AR}' PROCESSOR='${PROCESSOR}' PERL='${PERL}' RANLIB='${RANLIB}' des; fi - cd pkcs7 && $(MAKE) CC='$(CC)' INCLUDES='${INCLUDES}' CFLAG='${CFLAG}' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' BN_ASM='${BN_ASM}' DES_ENC='${DES_ENC}' SHA1_ASM_OBJ='${SHA1_ASM_OBJ}' MD5_ASM_OBJ='${MD5_ASM_OBJ}' RMD160_ASM_OBJ='${RMD160_ASM_OBJ}' BF_ENC='${BF_ENC}' CAST_ENC='${CAST_ENC}' RC4_ENC='${RC4_ENC}' RC5_ENC='${RC5_ENC}' AR='${AR}' PROCESSOR='${PROCESSOR}' PERL='${PERL}' RANLIB='${RANLIB}' testapps + [ -z "$(THIS)" ] || ( if echo ${SDIRS} | fgrep ' des '; \ + then cd des && $(MAKE) -e des; fi ) + [ -z "$(THIS)" ] || ( cd pkcs7 && $(MAKE) -e testapps ); + @if [ -z "$(THIS)" ]; then $(MAKE) -f $(TOP)/Makefile reflect THIS=$@; fi subdirs: - @for i in $(SDIRS) ;\ - do \ - (cd $$i && echo "making all in crypto/$$i..." && \ - $(MAKE) CC='$(CC)' INCLUDES='${INCLUDES}' CFLAG='${CFLAG}' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' BN_ASM='${BN_ASM}' DES_ENC='${DES_ENC}' SHA1_ASM_OBJ='${SHA1_ASM_OBJ}' MD5_ASM_OBJ='${MD5_ASM_OBJ}' RMD160_ASM_OBJ='${RMD160_ASM_OBJ}' BF_ENC='${BF_ENC}' CAST_ENC='${CAST_ENC}' RC4_ENC='${RC4_ENC}' RC5_ENC='${RC5_ENC}' AR='${AR}' PROCESSOR='${PROCESSOR}' PERL='${PERL}' RANLIB='${RANLIB}' all ) || exit 1; \ - done; + @target=all; $(RECURSIVE_MAKE) files: $(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO - @for i in $(SDIRS) ;\ - do \ - (cd $$i && echo "making 'files' in crypto/$$i..." && \ - $(MAKE) PERL='${PERL}' files ); \ - done; + @target=files; $(RECURSIVE_MAKE) links: @$(PERL) $(TOP)/util/mklink.pl ../include/openssl $(EXHEADER) @$(PERL) $(TOP)/util/mklink.pl ../test $(TEST) @$(PERL) $(TOP)/util/mklink.pl ../apps $(APPS) - @for i in $(SDIRS); do \ - (cd $$i && echo "making links in crypto/$$i..." && \ - $(MAKE) CC='$(CC)' INCLUDES='${INCLUDES}' CFLAG='${CFLAG}' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' BN_ASM='${BN_ASM}' DES_ENC='${DES_ENC}' SHA1_ASM_OBJ='${SHA1_ASM_OBJ}' MD5_ASM_OBJ='${MD5_ASM_OBJ}' RMD160_ASM_OBJ='${RMD160_ASM_OBJ}' BF_ENC='${BF_ENC}' CAST_ENC='${CAST_ENC}' RC4_ENC='${RC4_ENC}' RC5_ENC='${RC5_ENC}' AR='${AR}' PERL='${PERL}' links ); \ - done; + @target=links; $(RECURSIVE_MAKE) -lib: $(LIBOBJ) +# lib: and $(LIB): are splitted to avoid end-less loop +lib: $(LIB) + @touch lib +$(LIB): $(LIBOBJ) $(AR) $(LIB) $(LIBOBJ) $(RANLIB) $(LIB) || echo Never mind. - @touch lib shared: buildinf.h lib subdirs - @if [ -n "$(SHARED_LIBS)" ]; then \ - egrep 'define OPENSSL_FIPS' $(TOP)/include/openssl/opensslconf.h > /dev/null || \ + if [ -n "$(SHARED_LIBS)" ]; then \ (cd ..; $(MAKE) $(SHARED_LIB)); \ fi libs: - @for i in $(SDIRS) ;\ - do \ - (cd $$i && echo "making libs in crypto/$$i..." && \ - $(MAKE) CC='$(CC)' CFLAG='${CFLAG}' INSTALL_PREFIX='${INSTALL_PREFIX}' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' AR='${AR}' lib ); \ - done; - -tests: - @for i in $(SDIRS) ;\ - do \ - (cd $$i && echo "making tests in crypto/$$i..." && \ - $(MAKE) CC='$(CC)' CFLAG='${CFLAG}' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' AR='${AR}' tests ); \ - done; + @target=lib; $(RECURSIVE_MAKE) install: + @[ -n "$(INSTALLTOP)" ] # should be set by top Makefile... @headerlist="$(EXHEADER)"; for i in $$headerlist ;\ do \ (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \ chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \ done; - @for i in $(SDIRS) ;\ - do \ - (cd $$i && echo "making install in crypto/$$i..." && \ - $(MAKE) CC='$(CC)' CFLAG='${CFLAG}' INSTALL_PREFIX='${INSTALL_PREFIX}' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' install ); \ - done; + @target=install; $(RECURSIVE_MAKE) lint: - @for i in $(SDIRS) ;\ - do \ - (cd $$i && echo "making lint in crypto/$$i..." && \ - $(MAKE) CC='$(CC)' CFLAG='${CFLAG}' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' lint ); \ - done; + @target=lint; $(RECURSIVE_MAKE) depend: - if [ ! -f buildinf.h ]; then touch buildinf.h; fi # fake buildinf.h if it does not exist - $(MAKEDEPEND) -- $(CFLAG) $(INCLUDE) $(DEPFLAG) -- $(PROGS) $(LIBSRC) - if [ ! -s buildinf.h ]; then rm buildinf.h; fi - @for i in $(SDIRS) ;\ - do \ - (cd $$i && echo "making depend in crypto/$$i..." && \ - $(MAKE) MAKEFILE='${MAKEFILE}' INCLUDES='${INCLUDES}' CFLAG='${CFLAG}' DEPFLAG='${DEPFLAG}' MAKEDEPPROG='${MAKEDEPPROG}' KRB5_INCLUDES='${KRB5_INCLUDES}' PERL='${PERL}' depend ); \ - done; + @[ -z "$(THIS)" -o -f buildinf.h ] || touch buildinf.h # fake buildinf.h if it does not exist + @[ -z "$(THIS)" ] || $(MAKEDEPEND) -- $(CFLAG) $(INCLUDE) $(DEPFLAG) -- $(PROGS) $(LIBSRC) + @[ -z "$(THIS)" -o -s buildinf.h ] || rm buildinf.h + @[ -z "$(THIS)" ] || (set -e; target=depend; $(RECURSIVE_MAKE) ) + @if [ -z "$(THIS)" ]; then $(MAKE) -f $(TOP)/Makefile reflect THIS=$@; fi clean: - rm -f buildinf.h *.o */*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff - @for i in $(SDIRS) ;\ - do \ - (cd $$i && echo "making clean in crypto/$$i..." && \ - $(MAKE) CC='$(CC)' CFLAG='${CFLAG}' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' clean ); \ - done; + rm -f buildinf.h *.s *.o */*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff + @target=clean; $(RECURSIVE_MAKE) dclean: $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new mv -f Makefile.new $(MAKEFILE) - @for i in $(SDIRS) ;\ - do \ - (cd $$i && echo "making dclean in crypto/$$i..." && \ - $(MAKE) PERL='${PERL}' CC='$(CC)' CFLAG='${CFLAG}' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' dclean ); \ - done; + @target=dclean; $(RECURSIVE_MAKE) # DO NOT DELETE THIS LINE -- make depend depends on it. cpt_err.o: ../include/openssl/bio.h ../include/openssl/crypto.h cpt_err.o: ../include/openssl/e_os2.h ../include/openssl/err.h cpt_err.o: ../include/openssl/lhash.h ../include/openssl/opensslconf.h -cpt_err.o: ../include/openssl/opensslv.h ../include/openssl/safestack.h -cpt_err.o: ../include/openssl/stack.h ../include/openssl/symhacks.h cpt_err.c +cpt_err.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h +cpt_err.o: ../include/openssl/safestack.h ../include/openssl/stack.h +cpt_err.o: ../include/openssl/symhacks.h cpt_err.c cryptlib.o: ../e_os.h ../include/openssl/bio.h ../include/openssl/buffer.h cryptlib.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h cryptlib.o: ../include/openssl/err.h ../include/openssl/lhash.h cryptlib.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h -cryptlib.o: ../include/openssl/safestack.h ../include/openssl/stack.h -cryptlib.o: ../include/openssl/symhacks.h cryptlib.c cryptlib.h +cryptlib.o: ../include/openssl/ossl_typ.h ../include/openssl/safestack.h +cryptlib.o: ../include/openssl/stack.h ../include/openssl/symhacks.h cryptlib.c +cryptlib.o: cryptlib.h cversion.o: ../e_os.h ../include/openssl/bio.h ../include/openssl/buffer.h cversion.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h cversion.o: ../include/openssl/err.h ../include/openssl/lhash.h cversion.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h -cversion.o: ../include/openssl/safestack.h ../include/openssl/stack.h -cversion.o: ../include/openssl/symhacks.h buildinf.h cryptlib.h cversion.c +cversion.o: ../include/openssl/ossl_typ.h ../include/openssl/safestack.h +cversion.o: ../include/openssl/stack.h ../include/openssl/symhacks.h buildinf.h +cversion.o: cryptlib.h cversion.c ebcdic.o: ../include/openssl/e_os2.h ../include/openssl/opensslconf.h ebcdic.c ex_data.o: ../e_os.h ../include/openssl/bio.h ../include/openssl/buffer.h ex_data.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h ex_data.o: ../include/openssl/err.h ../include/openssl/lhash.h ex_data.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h -ex_data.o: ../include/openssl/safestack.h ../include/openssl/stack.h -ex_data.o: ../include/openssl/symhacks.h cryptlib.h ex_data.c +ex_data.o: ../include/openssl/ossl_typ.h ../include/openssl/safestack.h +ex_data.o: ../include/openssl/stack.h ../include/openssl/symhacks.h cryptlib.h +ex_data.o: ex_data.c mem.o: ../e_os.h ../include/openssl/bio.h ../include/openssl/buffer.h mem.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h mem.o: ../include/openssl/err.h ../include/openssl/lhash.h mem.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h -mem.o: ../include/openssl/safestack.h ../include/openssl/stack.h -mem.o: ../include/openssl/symhacks.h cryptlib.h mem.c +mem.o: ../include/openssl/ossl_typ.h ../include/openssl/safestack.h +mem.o: ../include/openssl/stack.h ../include/openssl/symhacks.h cryptlib.h +mem.o: mem.c mem_clr.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h mem_clr.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h -mem_clr.o: ../include/openssl/safestack.h ../include/openssl/stack.h -mem_clr.o: ../include/openssl/symhacks.h mem_clr.c +mem_clr.o: ../include/openssl/ossl_typ.h ../include/openssl/safestack.h +mem_clr.o: ../include/openssl/stack.h ../include/openssl/symhacks.h mem_clr.c mem_dbg.o: ../e_os.h ../include/openssl/bio.h ../include/openssl/buffer.h mem_dbg.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h mem_dbg.o: ../include/openssl/err.h ../include/openssl/lhash.h mem_dbg.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h -mem_dbg.o: ../include/openssl/safestack.h ../include/openssl/stack.h -mem_dbg.o: ../include/openssl/symhacks.h cryptlib.h mem_dbg.c +mem_dbg.o: ../include/openssl/ossl_typ.h ../include/openssl/safestack.h +mem_dbg.o: ../include/openssl/stack.h ../include/openssl/symhacks.h cryptlib.h +mem_dbg.o: mem_dbg.c +o_dir.o: ../e_os.h ../include/openssl/e_os2.h ../include/openssl/opensslconf.h +o_dir.o: LPdir_unix.c o_dir.c o_dir.h o_str.o: ../e_os.h ../include/openssl/e_os2.h ../include/openssl/opensslconf.h o_str.o: o_str.c o_str.h o_time.o: ../include/openssl/e_os2.h ../include/openssl/opensslconf.h o_time.c @@ -209,10 +195,10 @@ tmdiff.o: ../e_os.h ../include/openssl/bio.h ../include/openssl/buffer.h tmdiff.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h tmdiff.o: ../include/openssl/err.h ../include/openssl/lhash.h tmdiff.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h -tmdiff.o: ../include/openssl/safestack.h ../include/openssl/stack.h -tmdiff.o: ../include/openssl/symhacks.h ../include/openssl/tmdiff.h cryptlib.h -tmdiff.o: tmdiff.c +tmdiff.o: ../include/openssl/ossl_typ.h ../include/openssl/safestack.h +tmdiff.o: ../include/openssl/stack.h ../include/openssl/symhacks.h +tmdiff.o: ../include/openssl/tmdiff.h cryptlib.h tmdiff.c uid.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h uid.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h -uid.o: ../include/openssl/safestack.h ../include/openssl/stack.h -uid.o: ../include/openssl/symhacks.h uid.c +uid.o: ../include/openssl/ossl_typ.h ../include/openssl/safestack.h +uid.o: ../include/openssl/stack.h ../include/openssl/symhacks.h uid.c diff --git a/src/lib/libssl/src/crypto/aes/Makefile b/src/lib/libssl/src/crypto/aes/Makefile index a37c6f66a2..22c7203dbb 100644 --- a/src/lib/libssl/src/crypto/aes/Makefile +++ b/src/lib/libssl/src/crypto/aes/Makefile @@ -8,16 +8,14 @@ CC= cc CPP= $(CC) -E INCLUDES= CFLAG=-g -INSTALL_PREFIX= -OPENSSLDIR= /usr/local/ssl -INSTALLTOP= /usr/local/ssl -MAKEDEPPROG= makedepend -MAKEDEPEND= $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG) MAKEFILE= Makefile AR= ar r -# CFLAGS= -mpentiumpro $(INCLUDES) $(CFLAG) -O3 -fexpensive-optimizations -funroll-loops -fforce-addr +AES_ASM_OBJ=aes_core.o aes_cbc.o + CFLAGS= $(INCLUDES) $(CFLAG) +ASFLAGS= $(INCLUDES) $(ASFLAG) +AFLAGS= $(ASFLAGS) GENERAL=Makefile #TEST=aestest.c @@ -25,8 +23,10 @@ TEST= APPS= LIB=$(TOP)/libcrypto.a -LIBSRC=aes_core.c aes_misc.c aes_ecb.c aes_cbc.c aes_cfb.c aes_ofb.c aes_ctr.c -LIBOBJ=aes_core.o aes_misc.o aes_ecb.o aes_cbc.o aes_cfb.o aes_ofb.o aes_ctr.o +LIBSRC=aes_core.c aes_misc.c aes_ecb.c aes_cbc.c aes_cfb.c aes_ofb.c \ + aes_ctr.c aes_ige.c aes_wrap.c +LIBOBJ=aes_misc.o aes_ecb.o aes_cfb.o aes_ofb.o aes_ctr.o aes_ige.o aes_wrap.o \ + $(AES_ASM_OBJ) SRC= $(LIBSRC) @@ -47,6 +47,19 @@ lib: $(LIBOBJ) $(LIBOBJ): $(LIBSRC) +aes-ia64.s: asm/aes-ia64.S + $(CC) $(CFLAGS) -E asm/aes-ia64.S > $@ + +ax86-elf.s: asm/aes-586.pl ../perlasm/x86asm.pl + (cd asm; $(PERL) aes-586.pl elf $(CFLAGS) $(PROCESSOR) > ../$@) +ax86-cof.s: asm/aes-586.pl ../perlasm/x86asm.pl + (cd asm; $(PERL) aes-586.pl coff $(CFLAGS) $(PROCESSOR) > ../$@) +ax86-out.s: asm/aes-586.pl ../perlasm/x86asm.pl + (cd asm; $(PERL) aes-586.pl a.out $(CFLAGS) $(PROCESSOR) > ../$@) + +aes-x86_64.s: asm/aes-x86_64.pl + $(PERL) asm/aes-x86_64.pl $@ + files: $(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO @@ -55,9 +68,8 @@ links: @$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST) @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS) -install: installs - -installs: +install: + @[ -n "$(INSTALLTOP)" ] # should be set by top Makefile... @headerlist="$(EXHEADER)"; for i in $$headerlist ; \ do \ (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \ @@ -73,6 +85,7 @@ lint: lint -DLINT $(INCLUDES) $(SRC)>fluff depend: + @[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile... $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC) dclean: @@ -80,7 +93,7 @@ dclean: mv -f Makefile.new $(MAKEFILE) clean: - rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff + rm -f *.s *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff # DO NOT DELETE THIS LINE -- make depend depends on it. @@ -90,14 +103,28 @@ aes_cfb.o: ../../e_os.h ../../include/openssl/aes.h aes_cfb.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h aes_cfb.o: aes_cfb.c aes_locl.h aes_core.o: ../../include/openssl/aes.h ../../include/openssl/e_os2.h -aes_core.o: ../../include/openssl/fips.h ../../include/openssl/opensslconf.h -aes_core.o: aes_core.c aes_locl.h +aes_core.o: ../../include/openssl/opensslconf.h aes_core.c aes_locl.h aes_ctr.o: ../../include/openssl/aes.h ../../include/openssl/e_os2.h aes_ctr.o: ../../include/openssl/opensslconf.h aes_ctr.c aes_locl.h aes_ecb.o: ../../include/openssl/aes.h ../../include/openssl/e_os2.h aes_ecb.o: ../../include/openssl/opensslconf.h aes_ecb.c aes_locl.h +aes_ige.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/bio.h +aes_ige.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h +aes_ige.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h +aes_ige.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h +aes_ige.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +aes_ige.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +aes_ige.o: ../../include/openssl/symhacks.h ../cryptlib.h aes_ige.c aes_locl.h aes_misc.o: ../../include/openssl/aes.h ../../include/openssl/e_os2.h aes_misc.o: ../../include/openssl/opensslconf.h aes_misc.o: ../../include/openssl/opensslv.h aes_locl.h aes_misc.c aes_ofb.o: ../../include/openssl/aes.h ../../include/openssl/e_os2.h aes_ofb.o: ../../include/openssl/opensslconf.h aes_locl.h aes_ofb.c +aes_wrap.o: ../../e_os.h ../../include/openssl/aes.h +aes_wrap.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h +aes_wrap.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h +aes_wrap.o: ../../include/openssl/err.h ../../include/openssl/lhash.h +aes_wrap.o: ../../include/openssl/opensslconf.h +aes_wrap.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +aes_wrap.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +aes_wrap.o: ../../include/openssl/symhacks.h ../cryptlib.h aes_wrap.c diff --git a/src/lib/libssl/src/crypto/aes/aes.h b/src/lib/libssl/src/crypto/aes/aes.h index 8a3ea0b883..baf0222d49 100644 --- a/src/lib/libssl/src/crypto/aes/aes.h +++ b/src/lib/libssl/src/crypto/aes/aes.h @@ -52,7 +52,7 @@ #ifndef HEADER_AES_H #define HEADER_AES_H -#include +#include #ifdef OPENSSL_NO_AES #error AES is disabled. @@ -66,17 +66,17 @@ #define AES_MAXNR 14 #define AES_BLOCK_SIZE 16 -#if defined(OPENSSL_FIPS) -#define FIPS_AES_SIZE_T int -#endif - #ifdef __cplusplus extern "C" { #endif /* This should be a hidden type, but EVP requires that the size be known */ struct aes_key_st { +#ifdef AES_LONG unsigned long rd_key[4 *(AES_MAXNR + 1)]; +#else + unsigned int rd_key[4 *(AES_MAXNR + 1)]; +#endif int rounds; }; typedef struct aes_key_st AES_KEY; @@ -119,6 +119,23 @@ void AES_ctr128_encrypt(const unsigned char *in, unsigned char *out, unsigned char ecount_buf[AES_BLOCK_SIZE], unsigned int *num); +/* For IGE, see also http://www.links.org/files/openssl-ige.pdf */ +/* NB: the IV is _two_ blocks long */ +void AES_ige_encrypt(const unsigned char *in, unsigned char *out, + const unsigned long length, const AES_KEY *key, + unsigned char *ivec, const int enc); +/* NB: the IV is _four_ blocks long */ +void AES_bi_ige_encrypt(const unsigned char *in, unsigned char *out, + const unsigned long length, const AES_KEY *key, + const AES_KEY *key2, const unsigned char *ivec, + const int enc); + +int AES_wrap_key(AES_KEY *key, const unsigned char *iv, + unsigned char *out, + const unsigned char *in, unsigned int inlen); +int AES_unwrap_key(AES_KEY *key, const unsigned char *iv, + unsigned char *out, + const unsigned char *in, unsigned int inlen); #ifdef __cplusplus } diff --git a/src/lib/libssl/src/crypto/aes/aes_cbc.c b/src/lib/libssl/src/crypto/aes/aes_cbc.c index 373864cd4b..d2ba6bcdb4 100644 --- a/src/lib/libssl/src/crypto/aes/aes_cbc.c +++ b/src/lib/libssl/src/crypto/aes/aes_cbc.c @@ -59,7 +59,6 @@ #include #include "aes_locl.h" -#if !defined(OPENSSL_FIPS_AES_ASM) void AES_cbc_encrypt(const unsigned char *in, unsigned char *out, const unsigned long length, const AES_KEY *key, unsigned char *ivec, const int enc) { @@ -130,4 +129,3 @@ void AES_cbc_encrypt(const unsigned char *in, unsigned char *out, } } } -#endif diff --git a/src/lib/libssl/src/crypto/aes/aes_core.c b/src/lib/libssl/src/crypto/aes/aes_core.c index ed566a8123..3a80e18b0a 100644 --- a/src/lib/libssl/src/crypto/aes/aes_core.c +++ b/src/lib/libssl/src/crypto/aes/aes_core.c @@ -37,23 +37,19 @@ #include #include -#include #include "aes_locl.h" -#ifndef OPENSSL_FIPS - /* Te0[x] = S [x].[02, 01, 01, 03]; Te1[x] = S [x].[03, 02, 01, 01]; Te2[x] = S [x].[01, 03, 02, 01]; Te3[x] = S [x].[01, 01, 03, 02]; -Te4[x] = S [x].[01, 01, 01, 01]; Td0[x] = Si[x].[0e, 09, 0d, 0b]; Td1[x] = Si[x].[0b, 0e, 09, 0d]; Td2[x] = Si[x].[0d, 0b, 0e, 09]; Td3[x] = Si[x].[09, 0d, 0b, 0e]; -Td4[x] = Si[x].[01, 01, 01, 01]; +Td4[x] = Si[x].[01]; */ static const u32 Te0[256] = { @@ -255,7 +251,6 @@ static const u32 Te2[256] = { 0xb0cb7bb0U, 0x54fca854U, 0xbbd66dbbU, 0x163a2c16U, }; static const u32 Te3[256] = { - 0x6363a5c6U, 0x7c7c84f8U, 0x777799eeU, 0x7b7b8df6U, 0xf2f20dffU, 0x6b6bbdd6U, 0x6f6fb1deU, 0xc5c55491U, 0x30305060U, 0x01010302U, 0x6767a9ceU, 0x2b2b7d56U, @@ -321,72 +316,7 @@ static const u32 Te3[256] = { 0x4141c382U, 0x9999b029U, 0x2d2d775aU, 0x0f0f111eU, 0xb0b0cb7bU, 0x5454fca8U, 0xbbbbd66dU, 0x16163a2cU, }; -static const u32 Te4[256] = { - 0x63636363U, 0x7c7c7c7cU, 0x77777777U, 0x7b7b7b7bU, - 0xf2f2f2f2U, 0x6b6b6b6bU, 0x6f6f6f6fU, 0xc5c5c5c5U, - 0x30303030U, 0x01010101U, 0x67676767U, 0x2b2b2b2bU, - 0xfefefefeU, 0xd7d7d7d7U, 0xababababU, 0x76767676U, - 0xcacacacaU, 0x82828282U, 0xc9c9c9c9U, 0x7d7d7d7dU, - 0xfafafafaU, 0x59595959U, 0x47474747U, 0xf0f0f0f0U, - 0xadadadadU, 0xd4d4d4d4U, 0xa2a2a2a2U, 0xafafafafU, - 0x9c9c9c9cU, 0xa4a4a4a4U, 0x72727272U, 0xc0c0c0c0U, - 0xb7b7b7b7U, 0xfdfdfdfdU, 0x93939393U, 0x26262626U, - 0x36363636U, 0x3f3f3f3fU, 0xf7f7f7f7U, 0xccccccccU, - 0x34343434U, 0xa5a5a5a5U, 0xe5e5e5e5U, 0xf1f1f1f1U, - 0x71717171U, 0xd8d8d8d8U, 0x31313131U, 0x15151515U, - 0x04040404U, 0xc7c7c7c7U, 0x23232323U, 0xc3c3c3c3U, - 0x18181818U, 0x96969696U, 0x05050505U, 0x9a9a9a9aU, - 0x07070707U, 0x12121212U, 0x80808080U, 0xe2e2e2e2U, - 0xebebebebU, 0x27272727U, 0xb2b2b2b2U, 0x75757575U, - 0x09090909U, 0x83838383U, 0x2c2c2c2cU, 0x1a1a1a1aU, - 0x1b1b1b1bU, 0x6e6e6e6eU, 0x5a5a5a5aU, 0xa0a0a0a0U, - 0x52525252U, 0x3b3b3b3bU, 0xd6d6d6d6U, 0xb3b3b3b3U, - 0x29292929U, 0xe3e3e3e3U, 0x2f2f2f2fU, 0x84848484U, - 0x53535353U, 0xd1d1d1d1U, 0x00000000U, 0xededededU, - 0x20202020U, 0xfcfcfcfcU, 0xb1b1b1b1U, 0x5b5b5b5bU, - 0x6a6a6a6aU, 0xcbcbcbcbU, 0xbebebebeU, 0x39393939U, - 0x4a4a4a4aU, 0x4c4c4c4cU, 0x58585858U, 0xcfcfcfcfU, - 0xd0d0d0d0U, 0xefefefefU, 0xaaaaaaaaU, 0xfbfbfbfbU, - 0x43434343U, 0x4d4d4d4dU, 0x33333333U, 0x85858585U, - 0x45454545U, 0xf9f9f9f9U, 0x02020202U, 0x7f7f7f7fU, - 0x50505050U, 0x3c3c3c3cU, 0x9f9f9f9fU, 0xa8a8a8a8U, - 0x51515151U, 0xa3a3a3a3U, 0x40404040U, 0x8f8f8f8fU, - 0x92929292U, 0x9d9d9d9dU, 0x38383838U, 0xf5f5f5f5U, - 0xbcbcbcbcU, 0xb6b6b6b6U, 0xdadadadaU, 0x21212121U, - 0x10101010U, 0xffffffffU, 0xf3f3f3f3U, 0xd2d2d2d2U, - 0xcdcdcdcdU, 0x0c0c0c0cU, 0x13131313U, 0xececececU, - 0x5f5f5f5fU, 0x97979797U, 0x44444444U, 0x17171717U, - 0xc4c4c4c4U, 0xa7a7a7a7U, 0x7e7e7e7eU, 0x3d3d3d3dU, - 0x64646464U, 0x5d5d5d5dU, 0x19191919U, 0x73737373U, - 0x60606060U, 0x81818181U, 0x4f4f4f4fU, 0xdcdcdcdcU, - 0x22222222U, 0x2a2a2a2aU, 0x90909090U, 0x88888888U, - 0x46464646U, 0xeeeeeeeeU, 0xb8b8b8b8U, 0x14141414U, - 0xdedededeU, 0x5e5e5e5eU, 0x0b0b0b0bU, 0xdbdbdbdbU, - 0xe0e0e0e0U, 0x32323232U, 0x3a3a3a3aU, 0x0a0a0a0aU, - 0x49494949U, 0x06060606U, 0x24242424U, 0x5c5c5c5cU, - 0xc2c2c2c2U, 0xd3d3d3d3U, 0xacacacacU, 0x62626262U, - 0x91919191U, 0x95959595U, 0xe4e4e4e4U, 0x79797979U, - 0xe7e7e7e7U, 0xc8c8c8c8U, 0x37373737U, 0x6d6d6d6dU, - 0x8d8d8d8dU, 0xd5d5d5d5U, 0x4e4e4e4eU, 0xa9a9a9a9U, - 0x6c6c6c6cU, 0x56565656U, 0xf4f4f4f4U, 0xeaeaeaeaU, - 0x65656565U, 0x7a7a7a7aU, 0xaeaeaeaeU, 0x08080808U, - 0xbabababaU, 0x78787878U, 0x25252525U, 0x2e2e2e2eU, - 0x1c1c1c1cU, 0xa6a6a6a6U, 0xb4b4b4b4U, 0xc6c6c6c6U, - 0xe8e8e8e8U, 0xddddddddU, 0x74747474U, 0x1f1f1f1fU, - 0x4b4b4b4bU, 0xbdbdbdbdU, 0x8b8b8b8bU, 0x8a8a8a8aU, - 0x70707070U, 0x3e3e3e3eU, 0xb5b5b5b5U, 0x66666666U, - 0x48484848U, 0x03030303U, 0xf6f6f6f6U, 0x0e0e0e0eU, - 0x61616161U, 0x35353535U, 0x57575757U, 0xb9b9b9b9U, - 0x86868686U, 0xc1c1c1c1U, 0x1d1d1d1dU, 0x9e9e9e9eU, - 0xe1e1e1e1U, 0xf8f8f8f8U, 0x98989898U, 0x11111111U, - 0x69696969U, 0xd9d9d9d9U, 0x8e8e8e8eU, 0x94949494U, - 0x9b9b9b9bU, 0x1e1e1e1eU, 0x87878787U, 0xe9e9e9e9U, - 0xcecececeU, 0x55555555U, 0x28282828U, 0xdfdfdfdfU, - 0x8c8c8c8cU, 0xa1a1a1a1U, 0x89898989U, 0x0d0d0d0dU, - 0xbfbfbfbfU, 0xe6e6e6e6U, 0x42424242U, 0x68686868U, - 0x41414141U, 0x99999999U, 0x2d2d2d2dU, 0x0f0f0f0fU, - 0xb0b0b0b0U, 0x54545454U, 0xbbbbbbbbU, 0x16161616U, -}; + static const u32 Td0[256] = { 0x51f4a750U, 0x7e416553U, 0x1a17a4c3U, 0x3a275e96U, 0x3bab6bcbU, 0x1f9d45f1U, 0xacfa58abU, 0x4be30393U, @@ -540,7 +470,6 @@ static const u32 Td2[256] = { 0xf4cd65daU, 0xbed50605U, 0x621fd134U, 0xfe8ac4a6U, 0x539d342eU, 0x55a0a2f3U, 0xe132058aU, 0xeb75a4f6U, 0xec390b83U, 0xefaa4060U, 0x9f065e71U, 0x1051bd6eU, - 0x8af93e21U, 0x063d96ddU, 0x05aedd3eU, 0xbd464de6U, 0x8db59154U, 0x5d0571c4U, 0xd46f0406U, 0x15ff6050U, 0xfb241998U, 0xe997d6bdU, 0x43cc8940U, 0x9e7767d9U, @@ -652,71 +581,39 @@ static const u32 Td3[256] = { 0xa8017139U, 0x0cb3de08U, 0xb4e49cd8U, 0x56c19064U, 0xcb84617bU, 0x32b670d5U, 0x6c5c7448U, 0xb85742d0U, }; -static const u32 Td4[256] = { - 0x52525252U, 0x09090909U, 0x6a6a6a6aU, 0xd5d5d5d5U, - 0x30303030U, 0x36363636U, 0xa5a5a5a5U, 0x38383838U, - 0xbfbfbfbfU, 0x40404040U, 0xa3a3a3a3U, 0x9e9e9e9eU, - 0x81818181U, 0xf3f3f3f3U, 0xd7d7d7d7U, 0xfbfbfbfbU, - 0x7c7c7c7cU, 0xe3e3e3e3U, 0x39393939U, 0x82828282U, - 0x9b9b9b9bU, 0x2f2f2f2fU, 0xffffffffU, 0x87878787U, - 0x34343434U, 0x8e8e8e8eU, 0x43434343U, 0x44444444U, - 0xc4c4c4c4U, 0xdedededeU, 0xe9e9e9e9U, 0xcbcbcbcbU, - 0x54545454U, 0x7b7b7b7bU, 0x94949494U, 0x32323232U, - 0xa6a6a6a6U, 0xc2c2c2c2U, 0x23232323U, 0x3d3d3d3dU, - 0xeeeeeeeeU, 0x4c4c4c4cU, 0x95959595U, 0x0b0b0b0bU, - 0x42424242U, 0xfafafafaU, 0xc3c3c3c3U, 0x4e4e4e4eU, - 0x08080808U, 0x2e2e2e2eU, 0xa1a1a1a1U, 0x66666666U, - 0x28282828U, 0xd9d9d9d9U, 0x24242424U, 0xb2b2b2b2U, - 0x76767676U, 0x5b5b5b5bU, 0xa2a2a2a2U, 0x49494949U, - 0x6d6d6d6dU, 0x8b8b8b8bU, 0xd1d1d1d1U, 0x25252525U, - 0x72727272U, 0xf8f8f8f8U, 0xf6f6f6f6U, 0x64646464U, - 0x86868686U, 0x68686868U, 0x98989898U, 0x16161616U, - 0xd4d4d4d4U, 0xa4a4a4a4U, 0x5c5c5c5cU, 0xccccccccU, - 0x5d5d5d5dU, 0x65656565U, 0xb6b6b6b6U, 0x92929292U, - 0x6c6c6c6cU, 0x70707070U, 0x48484848U, 0x50505050U, - 0xfdfdfdfdU, 0xededededU, 0xb9b9b9b9U, 0xdadadadaU, - 0x5e5e5e5eU, 0x15151515U, 0x46464646U, 0x57575757U, - 0xa7a7a7a7U, 0x8d8d8d8dU, 0x9d9d9d9dU, 0x84848484U, - 0x90909090U, 0xd8d8d8d8U, 0xababababU, 0x00000000U, - 0x8c8c8c8cU, 0xbcbcbcbcU, 0xd3d3d3d3U, 0x0a0a0a0aU, - 0xf7f7f7f7U, 0xe4e4e4e4U, 0x58585858U, 0x05050505U, - 0xb8b8b8b8U, 0xb3b3b3b3U, 0x45454545U, 0x06060606U, - 0xd0d0d0d0U, 0x2c2c2c2cU, 0x1e1e1e1eU, 0x8f8f8f8fU, - 0xcacacacaU, 0x3f3f3f3fU, 0x0f0f0f0fU, 0x02020202U, - 0xc1c1c1c1U, 0xafafafafU, 0xbdbdbdbdU, 0x03030303U, - 0x01010101U, 0x13131313U, 0x8a8a8a8aU, 0x6b6b6b6bU, - 0x3a3a3a3aU, 0x91919191U, 0x11111111U, 0x41414141U, - 0x4f4f4f4fU, 0x67676767U, 0xdcdcdcdcU, 0xeaeaeaeaU, - 0x97979797U, 0xf2f2f2f2U, 0xcfcfcfcfU, 0xcecececeU, - 0xf0f0f0f0U, 0xb4b4b4b4U, 0xe6e6e6e6U, 0x73737373U, - 0x96969696U, 0xacacacacU, 0x74747474U, 0x22222222U, - 0xe7e7e7e7U, 0xadadadadU, 0x35353535U, 0x85858585U, - 0xe2e2e2e2U, 0xf9f9f9f9U, 0x37373737U, 0xe8e8e8e8U, - 0x1c1c1c1cU, 0x75757575U, 0xdfdfdfdfU, 0x6e6e6e6eU, - 0x47474747U, 0xf1f1f1f1U, 0x1a1a1a1aU, 0x71717171U, - 0x1d1d1d1dU, 0x29292929U, 0xc5c5c5c5U, 0x89898989U, - 0x6f6f6f6fU, 0xb7b7b7b7U, 0x62626262U, 0x0e0e0e0eU, - 0xaaaaaaaaU, 0x18181818U, 0xbebebebeU, 0x1b1b1b1bU, - 0xfcfcfcfcU, 0x56565656U, 0x3e3e3e3eU, 0x4b4b4b4bU, - 0xc6c6c6c6U, 0xd2d2d2d2U, 0x79797979U, 0x20202020U, - 0x9a9a9a9aU, 0xdbdbdbdbU, 0xc0c0c0c0U, 0xfefefefeU, - 0x78787878U, 0xcdcdcdcdU, 0x5a5a5a5aU, 0xf4f4f4f4U, - 0x1f1f1f1fU, 0xddddddddU, 0xa8a8a8a8U, 0x33333333U, - 0x88888888U, 0x07070707U, 0xc7c7c7c7U, 0x31313131U, - 0xb1b1b1b1U, 0x12121212U, 0x10101010U, 0x59595959U, - 0x27272727U, 0x80808080U, 0xececececU, 0x5f5f5f5fU, - 0x60606060U, 0x51515151U, 0x7f7f7f7fU, 0xa9a9a9a9U, - 0x19191919U, 0xb5b5b5b5U, 0x4a4a4a4aU, 0x0d0d0d0dU, - 0x2d2d2d2dU, 0xe5e5e5e5U, 0x7a7a7a7aU, 0x9f9f9f9fU, - 0x93939393U, 0xc9c9c9c9U, 0x9c9c9c9cU, 0xefefefefU, - 0xa0a0a0a0U, 0xe0e0e0e0U, 0x3b3b3b3bU, 0x4d4d4d4dU, - 0xaeaeaeaeU, 0x2a2a2a2aU, 0xf5f5f5f5U, 0xb0b0b0b0U, - 0xc8c8c8c8U, 0xebebebebU, 0xbbbbbbbbU, 0x3c3c3c3cU, - 0x83838383U, 0x53535353U, 0x99999999U, 0x61616161U, - 0x17171717U, 0x2b2b2b2bU, 0x04040404U, 0x7e7e7e7eU, - 0xbabababaU, 0x77777777U, 0xd6d6d6d6U, 0x26262626U, - 0xe1e1e1e1U, 0x69696969U, 0x14141414U, 0x63636363U, - 0x55555555U, 0x21212121U, 0x0c0c0c0cU, 0x7d7d7d7dU, +static const u8 Td4[256] = { + 0x52U, 0x09U, 0x6aU, 0xd5U, 0x30U, 0x36U, 0xa5U, 0x38U, + 0xbfU, 0x40U, 0xa3U, 0x9eU, 0x81U, 0xf3U, 0xd7U, 0xfbU, + 0x7cU, 0xe3U, 0x39U, 0x82U, 0x9bU, 0x2fU, 0xffU, 0x87U, + 0x34U, 0x8eU, 0x43U, 0x44U, 0xc4U, 0xdeU, 0xe9U, 0xcbU, + 0x54U, 0x7bU, 0x94U, 0x32U, 0xa6U, 0xc2U, 0x23U, 0x3dU, + 0xeeU, 0x4cU, 0x95U, 0x0bU, 0x42U, 0xfaU, 0xc3U, 0x4eU, + 0x08U, 0x2eU, 0xa1U, 0x66U, 0x28U, 0xd9U, 0x24U, 0xb2U, + 0x76U, 0x5bU, 0xa2U, 0x49U, 0x6dU, 0x8bU, 0xd1U, 0x25U, + 0x72U, 0xf8U, 0xf6U, 0x64U, 0x86U, 0x68U, 0x98U, 0x16U, + 0xd4U, 0xa4U, 0x5cU, 0xccU, 0x5dU, 0x65U, 0xb6U, 0x92U, + 0x6cU, 0x70U, 0x48U, 0x50U, 0xfdU, 0xedU, 0xb9U, 0xdaU, + 0x5eU, 0x15U, 0x46U, 0x57U, 0xa7U, 0x8dU, 0x9dU, 0x84U, + 0x90U, 0xd8U, 0xabU, 0x00U, 0x8cU, 0xbcU, 0xd3U, 0x0aU, + 0xf7U, 0xe4U, 0x58U, 0x05U, 0xb8U, 0xb3U, 0x45U, 0x06U, + 0xd0U, 0x2cU, 0x1eU, 0x8fU, 0xcaU, 0x3fU, 0x0fU, 0x02U, + 0xc1U, 0xafU, 0xbdU, 0x03U, 0x01U, 0x13U, 0x8aU, 0x6bU, + 0x3aU, 0x91U, 0x11U, 0x41U, 0x4fU, 0x67U, 0xdcU, 0xeaU, + 0x97U, 0xf2U, 0xcfU, 0xceU, 0xf0U, 0xb4U, 0xe6U, 0x73U, + 0x96U, 0xacU, 0x74U, 0x22U, 0xe7U, 0xadU, 0x35U, 0x85U, + 0xe2U, 0xf9U, 0x37U, 0xe8U, 0x1cU, 0x75U, 0xdfU, 0x6eU, + 0x47U, 0xf1U, 0x1aU, 0x71U, 0x1dU, 0x29U, 0xc5U, 0x89U, + 0x6fU, 0xb7U, 0x62U, 0x0eU, 0xaaU, 0x18U, 0xbeU, 0x1bU, + 0xfcU, 0x56U, 0x3eU, 0x4bU, 0xc6U, 0xd2U, 0x79U, 0x20U, + 0x9aU, 0xdbU, 0xc0U, 0xfeU, 0x78U, 0xcdU, 0x5aU, 0xf4U, + 0x1fU, 0xddU, 0xa8U, 0x33U, 0x88U, 0x07U, 0xc7U, 0x31U, + 0xb1U, 0x12U, 0x10U, 0x59U, 0x27U, 0x80U, 0xecU, 0x5fU, + 0x60U, 0x51U, 0x7fU, 0xa9U, 0x19U, 0xb5U, 0x4aU, 0x0dU, + 0x2dU, 0xe5U, 0x7aU, 0x9fU, 0x93U, 0xc9U, 0x9cU, 0xefU, + 0xa0U, 0xe0U, 0x3bU, 0x4dU, 0xaeU, 0x2aU, 0xf5U, 0xb0U, + 0xc8U, 0xebU, 0xbbU, 0x3cU, 0x83U, 0x53U, 0x99U, 0x61U, + 0x17U, 0x2bU, 0x04U, 0x7eU, 0xbaU, 0x77U, 0xd6U, 0x26U, + 0xe1U, 0x69U, 0x14U, 0x63U, 0x55U, 0x21U, 0x0cU, 0x7dU, }; static const u32 rcon[] = { 0x01000000, 0x02000000, 0x04000000, 0x08000000, @@ -756,10 +653,10 @@ int AES_set_encrypt_key(const unsigned char *userKey, const int bits, while (1) { temp = rk[3]; rk[4] = rk[0] ^ - (Te4[(temp >> 16) & 0xff] & 0xff000000) ^ - (Te4[(temp >> 8) & 0xff] & 0x00ff0000) ^ - (Te4[(temp ) & 0xff] & 0x0000ff00) ^ - (Te4[(temp >> 24) ] & 0x000000ff) ^ + (Te2[(temp >> 16) & 0xff] & 0xff000000) ^ + (Te3[(temp >> 8) & 0xff] & 0x00ff0000) ^ + (Te0[(temp ) & 0xff] & 0x0000ff00) ^ + (Te1[(temp >> 24) ] & 0x000000ff) ^ rcon[i]; rk[5] = rk[1] ^ rk[4]; rk[6] = rk[2] ^ rk[5]; @@ -776,10 +673,10 @@ int AES_set_encrypt_key(const unsigned char *userKey, const int bits, while (1) { temp = rk[ 5]; rk[ 6] = rk[ 0] ^ - (Te4[(temp >> 16) & 0xff] & 0xff000000) ^ - (Te4[(temp >> 8) & 0xff] & 0x00ff0000) ^ - (Te4[(temp ) & 0xff] & 0x0000ff00) ^ - (Te4[(temp >> 24) ] & 0x000000ff) ^ + (Te2[(temp >> 16) & 0xff] & 0xff000000) ^ + (Te3[(temp >> 8) & 0xff] & 0x00ff0000) ^ + (Te0[(temp ) & 0xff] & 0x0000ff00) ^ + (Te1[(temp >> 24) ] & 0x000000ff) ^ rcon[i]; rk[ 7] = rk[ 1] ^ rk[ 6]; rk[ 8] = rk[ 2] ^ rk[ 7]; @@ -798,10 +695,10 @@ int AES_set_encrypt_key(const unsigned char *userKey, const int bits, while (1) { temp = rk[ 7]; rk[ 8] = rk[ 0] ^ - (Te4[(temp >> 16) & 0xff] & 0xff000000) ^ - (Te4[(temp >> 8) & 0xff] & 0x00ff0000) ^ - (Te4[(temp ) & 0xff] & 0x0000ff00) ^ - (Te4[(temp >> 24) ] & 0x000000ff) ^ + (Te2[(temp >> 16) & 0xff] & 0xff000000) ^ + (Te3[(temp >> 8) & 0xff] & 0x00ff0000) ^ + (Te0[(temp ) & 0xff] & 0x0000ff00) ^ + (Te1[(temp >> 24) ] & 0x000000ff) ^ rcon[i]; rk[ 9] = rk[ 1] ^ rk[ 8]; rk[10] = rk[ 2] ^ rk[ 9]; @@ -811,10 +708,10 @@ int AES_set_encrypt_key(const unsigned char *userKey, const int bits, } temp = rk[11]; rk[12] = rk[ 4] ^ - (Te4[(temp >> 24) ] & 0xff000000) ^ - (Te4[(temp >> 16) & 0xff] & 0x00ff0000) ^ - (Te4[(temp >> 8) & 0xff] & 0x0000ff00) ^ - (Te4[(temp ) & 0xff] & 0x000000ff); + (Te2[(temp >> 24) ] & 0xff000000) ^ + (Te3[(temp >> 16) & 0xff] & 0x00ff0000) ^ + (Te0[(temp >> 8) & 0xff] & 0x0000ff00) ^ + (Te1[(temp ) & 0xff] & 0x000000ff); rk[13] = rk[ 5] ^ rk[12]; rk[14] = rk[ 6] ^ rk[13]; rk[15] = rk[ 7] ^ rk[14]; @@ -853,29 +750,30 @@ int AES_set_decrypt_key(const unsigned char *userKey, const int bits, for (i = 1; i < (key->rounds); i++) { rk += 4; rk[0] = - Td0[Te4[(rk[0] >> 24) ] & 0xff] ^ - Td1[Te4[(rk[0] >> 16) & 0xff] & 0xff] ^ - Td2[Te4[(rk[0] >> 8) & 0xff] & 0xff] ^ - Td3[Te4[(rk[0] ) & 0xff] & 0xff]; + Td0[Te1[(rk[0] >> 24) ] & 0xff] ^ + Td1[Te1[(rk[0] >> 16) & 0xff] & 0xff] ^ + Td2[Te1[(rk[0] >> 8) & 0xff] & 0xff] ^ + Td3[Te1[(rk[0] ) & 0xff] & 0xff]; rk[1] = - Td0[Te4[(rk[1] >> 24) ] & 0xff] ^ - Td1[Te4[(rk[1] >> 16) & 0xff] & 0xff] ^ - Td2[Te4[(rk[1] >> 8) & 0xff] & 0xff] ^ - Td3[Te4[(rk[1] ) & 0xff] & 0xff]; + Td0[Te1[(rk[1] >> 24) ] & 0xff] ^ + Td1[Te1[(rk[1] >> 16) & 0xff] & 0xff] ^ + Td2[Te1[(rk[1] >> 8) & 0xff] & 0xff] ^ + Td3[Te1[(rk[1] ) & 0xff] & 0xff]; rk[2] = - Td0[Te4[(rk[2] >> 24) ] & 0xff] ^ - Td1[Te4[(rk[2] >> 16) & 0xff] & 0xff] ^ - Td2[Te4[(rk[2] >> 8) & 0xff] & 0xff] ^ - Td3[Te4[(rk[2] ) & 0xff] & 0xff]; + Td0[Te1[(rk[2] >> 24) ] & 0xff] ^ + Td1[Te1[(rk[2] >> 16) & 0xff] & 0xff] ^ + Td2[Te1[(rk[2] >> 8) & 0xff] & 0xff] ^ + Td3[Te1[(rk[2] ) & 0xff] & 0xff]; rk[3] = - Td0[Te4[(rk[3] >> 24) ] & 0xff] ^ - Td1[Te4[(rk[3] >> 16) & 0xff] & 0xff] ^ - Td2[Te4[(rk[3] >> 8) & 0xff] & 0xff] ^ - Td3[Te4[(rk[3] ) & 0xff] & 0xff]; + Td0[Te1[(rk[3] >> 24) ] & 0xff] ^ + Td1[Te1[(rk[3] >> 16) & 0xff] & 0xff] ^ + Td2[Te1[(rk[3] >> 8) & 0xff] & 0xff] ^ + Td3[Te1[(rk[3] ) & 0xff] & 0xff]; } return 0; } +#ifndef AES_ASM /* * Encrypt a single block * in and out can overlap @@ -1038,31 +936,31 @@ void AES_encrypt(const unsigned char *in, unsigned char *out, * map cipher state to byte array block: */ s0 = - (Te4[(t0 >> 24) ] & 0xff000000) ^ - (Te4[(t1 >> 16) & 0xff] & 0x00ff0000) ^ - (Te4[(t2 >> 8) & 0xff] & 0x0000ff00) ^ - (Te4[(t3 ) & 0xff] & 0x000000ff) ^ + (Te2[(t0 >> 24) ] & 0xff000000) ^ + (Te3[(t1 >> 16) & 0xff] & 0x00ff0000) ^ + (Te0[(t2 >> 8) & 0xff] & 0x0000ff00) ^ + (Te1[(t3 ) & 0xff] & 0x000000ff) ^ rk[0]; PUTU32(out , s0); s1 = - (Te4[(t1 >> 24) ] & 0xff000000) ^ - (Te4[(t2 >> 16) & 0xff] & 0x00ff0000) ^ - (Te4[(t3 >> 8) & 0xff] & 0x0000ff00) ^ - (Te4[(t0 ) & 0xff] & 0x000000ff) ^ + (Te2[(t1 >> 24) ] & 0xff000000) ^ + (Te3[(t2 >> 16) & 0xff] & 0x00ff0000) ^ + (Te0[(t3 >> 8) & 0xff] & 0x0000ff00) ^ + (Te1[(t0 ) & 0xff] & 0x000000ff) ^ rk[1]; PUTU32(out + 4, s1); s2 = - (Te4[(t2 >> 24) ] & 0xff000000) ^ - (Te4[(t3 >> 16) & 0xff] & 0x00ff0000) ^ - (Te4[(t0 >> 8) & 0xff] & 0x0000ff00) ^ - (Te4[(t1 ) & 0xff] & 0x000000ff) ^ + (Te2[(t2 >> 24) ] & 0xff000000) ^ + (Te3[(t3 >> 16) & 0xff] & 0x00ff0000) ^ + (Te0[(t0 >> 8) & 0xff] & 0x0000ff00) ^ + (Te1[(t1 ) & 0xff] & 0x000000ff) ^ rk[2]; PUTU32(out + 8, s2); s3 = - (Te4[(t3 >> 24) ] & 0xff000000) ^ - (Te4[(t0 >> 16) & 0xff] & 0x00ff0000) ^ - (Te4[(t1 >> 8) & 0xff] & 0x0000ff00) ^ - (Te4[(t2 ) & 0xff] & 0x000000ff) ^ + (Te2[(t3 >> 24) ] & 0xff000000) ^ + (Te3[(t0 >> 16) & 0xff] & 0x00ff0000) ^ + (Te0[(t1 >> 8) & 0xff] & 0x0000ff00) ^ + (Te1[(t2 ) & 0xff] & 0x000000ff) ^ rk[3]; PUTU32(out + 12, s3); } @@ -1229,33 +1127,33 @@ void AES_decrypt(const unsigned char *in, unsigned char *out, * map cipher state to byte array block: */ s0 = - (Td4[(t0 >> 24) ] & 0xff000000) ^ - (Td4[(t3 >> 16) & 0xff] & 0x00ff0000) ^ - (Td4[(t2 >> 8) & 0xff] & 0x0000ff00) ^ - (Td4[(t1 ) & 0xff] & 0x000000ff) ^ + (Td4[(t0 >> 24) ] << 24) ^ + (Td4[(t3 >> 16) & 0xff] << 16) ^ + (Td4[(t2 >> 8) & 0xff] << 8) ^ + (Td4[(t1 ) & 0xff]) ^ rk[0]; PUTU32(out , s0); s1 = - (Td4[(t1 >> 24) ] & 0xff000000) ^ - (Td4[(t0 >> 16) & 0xff] & 0x00ff0000) ^ - (Td4[(t3 >> 8) & 0xff] & 0x0000ff00) ^ - (Td4[(t2 ) & 0xff] & 0x000000ff) ^ + (Td4[(t1 >> 24) ] << 24) ^ + (Td4[(t0 >> 16) & 0xff] << 16) ^ + (Td4[(t3 >> 8) & 0xff] << 8) ^ + (Td4[(t2 ) & 0xff]) ^ rk[1]; PUTU32(out + 4, s1); s2 = - (Td4[(t2 >> 24) ] & 0xff000000) ^ - (Td4[(t1 >> 16) & 0xff] & 0x00ff0000) ^ - (Td4[(t0 >> 8) & 0xff] & 0x0000ff00) ^ - (Td4[(t3 ) & 0xff] & 0x000000ff) ^ + (Td4[(t2 >> 24) ] << 24) ^ + (Td4[(t1 >> 16) & 0xff] << 16) ^ + (Td4[(t0 >> 8) & 0xff] << 8) ^ + (Td4[(t3 ) & 0xff]) ^ rk[2]; PUTU32(out + 8, s2); s3 = - (Td4[(t3 >> 24) ] & 0xff000000) ^ - (Td4[(t2 >> 16) & 0xff] & 0x00ff0000) ^ - (Td4[(t1 >> 8) & 0xff] & 0x0000ff00) ^ - (Td4[(t0 ) & 0xff] & 0x000000ff) ^ + (Td4[(t3 >> 24) ] << 24) ^ + (Td4[(t2 >> 16) & 0xff] << 16) ^ + (Td4[(t1 >> 8) & 0xff] << 8) ^ + (Td4[(t0 ) & 0xff]) ^ rk[3]; PUTU32(out + 12, s3); } -#endif /* ndef OPENSSL_FIPS */ +#endif /* AES_ASM */ diff --git a/src/lib/libssl/src/crypto/aes/aes_locl.h b/src/lib/libssl/src/crypto/aes/aes_locl.h index 4184729e34..054b442d41 100644 --- a/src/lib/libssl/src/crypto/aes/aes_locl.h +++ b/src/lib/libssl/src/crypto/aes/aes_locl.h @@ -62,7 +62,7 @@ #include #include -#if defined(_MSC_VER) && !defined(_M_IA64) && !defined(OPENSSL_SYS_WINCE) +#if defined(_MSC_VER) && (defined(_M_IX86) || defined(_M_AMD64) || defined(_M_X64)) # define SWAP(x) (_lrotl(x, 8) & 0x00ff00ff | _lrotr(x, 8) & 0xff00ff00) # define GETU32(p) SWAP(*((u32 *)(p))) # define PUTU32(ct, st) { *((u32 *)(ct)) = SWAP((st)); } @@ -71,7 +71,11 @@ # define PUTU32(ct, st) { (ct)[0] = (u8)((st) >> 24); (ct)[1] = (u8)((st) >> 16); (ct)[2] = (u8)((st) >> 8); (ct)[3] = (u8)(st); } #endif +#ifdef AES_LONG typedef unsigned long u32; +#else +typedef unsigned int u32; +#endif typedef unsigned short u16; typedef unsigned char u8; diff --git a/src/lib/libssl/src/crypto/aes/aes_misc.c b/src/lib/libssl/src/crypto/aes/aes_misc.c index 090def25d5..4fead1b4c7 100644 --- a/src/lib/libssl/src/crypto/aes/aes_misc.c +++ b/src/lib/libssl/src/crypto/aes/aes_misc.c @@ -53,7 +53,7 @@ #include #include "aes_locl.h" -const char *AES_version="AES" OPENSSL_VERSION_PTEXT; +const char AES_version[]="AES" OPENSSL_VERSION_PTEXT; const char *AES_options(void) { #ifdef FULL_UNROLL diff --git a/src/lib/libssl/src/crypto/asn1/Makefile b/src/lib/libssl/src/crypto/asn1/Makefile index d1c2d8f490..63066899d0 100644 --- a/src/lib/libssl/src/crypto/asn1/Makefile +++ b/src/lib/libssl/src/crypto/asn1/Makefile @@ -7,11 +7,6 @@ TOP= ../.. CC= cc INCLUDES= -I.. -I$(TOP) -I../../include CFLAG=-g -INSTALL_PREFIX= -OPENSSLDIR= /usr/local/ssl -INSTALLTOP=/usr/local/ssl -MAKEDEPPROG= makedepend -MAKEDEPEND= $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG) MAKEFILE= Makefile AR= ar r @@ -31,8 +26,8 @@ LIBSRC= a_object.c a_bitstr.c a_utctm.c a_gentm.c a_time.c a_int.c a_octet.c \ t_req.c t_x509.c t_x509a.c t_crl.c t_pkey.c t_spki.c t_bitst.c \ tasn_new.c tasn_fre.c tasn_enc.c tasn_dec.c tasn_utl.c tasn_typ.c \ f_int.c f_string.c n_pkey.c \ - f_enum.c a_hdr.c x_pkey.c a_bool.c x_exten.c \ - asn1_par.c asn1_lib.c asn1_err.c a_meth.c a_bytes.c a_strnid.c \ + f_enum.c a_hdr.c x_pkey.c a_bool.c x_exten.c asn_mime.c \ + asn1_gen.c asn1_par.c asn1_lib.c asn1_err.c a_meth.c a_bytes.c a_strnid.c \ evp_asn1.c asn_pack.c p5_pbe.c p5_pbev2.c p8_pkey.c asn_moid.c LIBOBJ= a_object.o a_bitstr.o a_utctm.o a_gentm.o a_time.o a_int.o a_octet.o \ a_print.o a_type.o a_set.o a_dup.o a_d2i_fp.o a_i2d_fp.o \ @@ -43,8 +38,8 @@ LIBOBJ= a_object.o a_bitstr.o a_utctm.o a_gentm.o a_time.o a_int.o a_octet.o \ t_req.o t_x509.o t_x509a.o t_crl.o t_pkey.o t_spki.o t_bitst.o \ tasn_new.o tasn_fre.o tasn_enc.o tasn_dec.o tasn_utl.o tasn_typ.o \ f_int.o f_string.o n_pkey.o \ - f_enum.o a_hdr.o x_pkey.o a_bool.o x_exten.o \ - asn1_par.o asn1_lib.o asn1_err.o a_meth.o a_bytes.o a_strnid.o \ + f_enum.o a_hdr.o x_pkey.o a_bool.o x_exten.o asn_mime.o \ + asn1_gen.o asn1_par.o asn1_lib.o asn1_err.o a_meth.o a_bytes.o a_strnid.o \ evp_asn1.o asn_pack.o p5_pbe.o p5_pbev2.o p8_pkey.o asn_moid.o SRC= $(LIBSRC) @@ -81,6 +76,7 @@ links: @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS) install: + @[ -n "$(INSTALLTOP)" ] # should be set by top Makefile... @headerlist="$(EXHEADER)"; for i in $$headerlist ; \ do \ (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \ @@ -96,6 +92,7 @@ lint: lint -DLINT $(INCLUDES) $(SRC)>fluff depend: + @[ -n "$(MAKEDEPEND)" ] # should be set by top Makefile... $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC) dclean: @@ -109,69 +106,57 @@ clean: # DO NOT DELETE THIS LINE -- make depend depends on it. a_bitstr.o: ../../e_os.h ../../include/openssl/asn1.h -a_bitstr.o: ../../include/openssl/bio.h ../../include/openssl/bn.h -a_bitstr.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h -a_bitstr.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -a_bitstr.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h +a_bitstr.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h +a_bitstr.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h +a_bitstr.o: ../../include/openssl/err.h ../../include/openssl/lhash.h +a_bitstr.o: ../../include/openssl/opensslconf.h a_bitstr.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h a_bitstr.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h a_bitstr.o: ../../include/openssl/symhacks.h ../cryptlib.h a_bitstr.c a_bool.o: ../../e_os.h ../../include/openssl/asn1.h a_bool.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h -a_bool.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -a_bool.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h -a_bool.o: ../../include/openssl/err.h ../../include/openssl/lhash.h -a_bool.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -a_bool.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h -a_bool.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -a_bool.o: ../cryptlib.h a_bool.c +a_bool.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h +a_bool.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h +a_bool.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h +a_bool.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +a_bool.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +a_bool.o: ../../include/openssl/symhacks.h ../cryptlib.h a_bool.c a_bytes.o: ../../e_os.h ../../include/openssl/asn1.h -a_bytes.o: ../../include/openssl/bio.h ../../include/openssl/bn.h -a_bytes.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h -a_bytes.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -a_bytes.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h -a_bytes.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -a_bytes.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h -a_bytes.o: ../../include/openssl/symhacks.h ../cryptlib.h a_bytes.c +a_bytes.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h +a_bytes.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h +a_bytes.o: ../../include/openssl/err.h ../../include/openssl/lhash.h +a_bytes.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h +a_bytes.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h +a_bytes.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +a_bytes.o: ../cryptlib.h a_bytes.c a_d2i_fp.o: ../../e_os.h ../../include/openssl/asn1.h a_d2i_fp.o: ../../include/openssl/asn1_mac.h ../../include/openssl/bio.h -a_d2i_fp.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -a_d2i_fp.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h -a_d2i_fp.o: ../../include/openssl/err.h ../../include/openssl/lhash.h -a_d2i_fp.o: ../../include/openssl/opensslconf.h +a_d2i_fp.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h +a_d2i_fp.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h +a_d2i_fp.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h a_d2i_fp.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h a_d2i_fp.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h a_d2i_fp.o: ../../include/openssl/symhacks.h ../cryptlib.h a_d2i_fp.c -a_digest.o: ../../e_os.h ../../include/openssl/aes.h -a_digest.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -a_digest.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -a_digest.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -a_digest.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -a_digest.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -a_digest.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -a_digest.o: ../../include/openssl/err.h ../../include/openssl/evp.h -a_digest.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -a_digest.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -a_digest.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h +a_digest.o: ../../e_os.h ../../include/openssl/asn1.h +a_digest.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h +a_digest.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h +a_digest.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h +a_digest.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h +a_digest.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h a_digest.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h a_digest.o: ../../include/openssl/opensslconf.h a_digest.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -a_digest.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -a_digest.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -a_digest.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -a_digest.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -a_digest.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -a_digest.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -a_digest.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -a_digest.o: ../cryptlib.h a_digest.c +a_digest.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h +a_digest.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +a_digest.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h +a_digest.o: ../../include/openssl/x509_vfy.h ../cryptlib.h a_digest.c a_dup.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h -a_dup.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -a_dup.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h -a_dup.o: ../../include/openssl/err.h ../../include/openssl/lhash.h -a_dup.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -a_dup.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h -a_dup.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -a_dup.o: ../cryptlib.h a_dup.c +a_dup.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h +a_dup.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h +a_dup.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h +a_dup.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +a_dup.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +a_dup.o: ../../include/openssl/symhacks.h ../cryptlib.h a_dup.c a_enum.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h a_enum.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h a_enum.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h @@ -181,27 +166,26 @@ a_enum.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h a_enum.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h a_enum.o: ../cryptlib.h a_enum.c a_gentm.o: ../../e_os.h ../../include/openssl/asn1.h -a_gentm.o: ../../include/openssl/bio.h ../../include/openssl/bn.h -a_gentm.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h -a_gentm.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -a_gentm.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h -a_gentm.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -a_gentm.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h -a_gentm.o: ../../include/openssl/symhacks.h ../cryptlib.h ../o_time.h a_gentm.c +a_gentm.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h +a_gentm.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h +a_gentm.o: ../../include/openssl/err.h ../../include/openssl/lhash.h +a_gentm.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h +a_gentm.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h +a_gentm.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +a_gentm.o: ../cryptlib.h ../o_time.h a_gentm.c a_hdr.o: ../../e_os.h ../../include/openssl/asn1.h a_hdr.o: ../../include/openssl/asn1_mac.h ../../include/openssl/bio.h -a_hdr.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -a_hdr.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h -a_hdr.o: ../../include/openssl/err.h ../../include/openssl/lhash.h -a_hdr.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -a_hdr.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h -a_hdr.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -a_hdr.o: ../cryptlib.h a_hdr.c +a_hdr.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h +a_hdr.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h +a_hdr.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h +a_hdr.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +a_hdr.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +a_hdr.o: ../../include/openssl/symhacks.h ../cryptlib.h a_hdr.c a_i2d_fp.o: ../../e_os.h ../../include/openssl/asn1.h -a_i2d_fp.o: ../../include/openssl/bio.h ../../include/openssl/bn.h -a_i2d_fp.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h -a_i2d_fp.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -a_i2d_fp.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h +a_i2d_fp.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h +a_i2d_fp.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h +a_i2d_fp.o: ../../include/openssl/err.h ../../include/openssl/lhash.h +a_i2d_fp.o: ../../include/openssl/opensslconf.h a_i2d_fp.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h a_i2d_fp.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h a_i2d_fp.o: ../../include/openssl/symhacks.h ../cryptlib.h a_i2d_fp.c @@ -214,21 +198,20 @@ a_int.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h a_int.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h a_int.o: ../cryptlib.h a_int.c a_mbstr.o: ../../e_os.h ../../include/openssl/asn1.h -a_mbstr.o: ../../include/openssl/bio.h ../../include/openssl/bn.h -a_mbstr.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h -a_mbstr.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -a_mbstr.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h -a_mbstr.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -a_mbstr.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h -a_mbstr.o: ../../include/openssl/symhacks.h ../cryptlib.h a_mbstr.c +a_mbstr.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h +a_mbstr.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h +a_mbstr.o: ../../include/openssl/err.h ../../include/openssl/lhash.h +a_mbstr.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h +a_mbstr.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h +a_mbstr.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +a_mbstr.o: ../cryptlib.h a_mbstr.c a_meth.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h -a_meth.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -a_meth.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h -a_meth.o: ../../include/openssl/err.h ../../include/openssl/lhash.h -a_meth.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -a_meth.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h -a_meth.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -a_meth.o: ../cryptlib.h a_meth.c +a_meth.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h +a_meth.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h +a_meth.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h +a_meth.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +a_meth.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +a_meth.o: ../../include/openssl/symhacks.h ../cryptlib.h a_meth.c a_object.o: ../../e_os.h ../../include/openssl/asn1.h a_object.o: ../../include/openssl/bio.h ../../include/openssl/bn.h a_object.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h @@ -239,642 +222,492 @@ a_object.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h a_object.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h a_object.o: ../../include/openssl/symhacks.h ../cryptlib.h a_object.c a_octet.o: ../../e_os.h ../../include/openssl/asn1.h -a_octet.o: ../../include/openssl/bio.h ../../include/openssl/bn.h -a_octet.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h -a_octet.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -a_octet.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h -a_octet.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -a_octet.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h -a_octet.o: ../../include/openssl/symhacks.h ../cryptlib.h a_octet.c +a_octet.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h +a_octet.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h +a_octet.o: ../../include/openssl/err.h ../../include/openssl/lhash.h +a_octet.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h +a_octet.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h +a_octet.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +a_octet.o: ../cryptlib.h a_octet.c a_print.o: ../../e_os.h ../../include/openssl/asn1.h -a_print.o: ../../include/openssl/bio.h ../../include/openssl/bn.h -a_print.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h -a_print.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -a_print.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h -a_print.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -a_print.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h -a_print.o: ../../include/openssl/symhacks.h ../cryptlib.h a_print.c +a_print.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h +a_print.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h +a_print.o: ../../include/openssl/err.h ../../include/openssl/lhash.h +a_print.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h +a_print.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h +a_print.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +a_print.o: ../cryptlib.h a_print.c a_set.o: ../../e_os.h ../../include/openssl/asn1.h a_set.o: ../../include/openssl/asn1_mac.h ../../include/openssl/bio.h -a_set.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -a_set.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h -a_set.o: ../../include/openssl/err.h ../../include/openssl/lhash.h -a_set.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -a_set.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h -a_set.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -a_set.o: ../cryptlib.h a_set.c -a_sign.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h -a_sign.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h +a_set.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h +a_set.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h +a_set.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h +a_set.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +a_set.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +a_set.o: ../../include/openssl/symhacks.h ../cryptlib.h a_set.c +a_sign.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h a_sign.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -a_sign.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h -a_sign.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -a_sign.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -a_sign.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -a_sign.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -a_sign.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -a_sign.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -a_sign.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h -a_sign.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -a_sign.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -a_sign.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -a_sign.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -a_sign.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h +a_sign.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h +a_sign.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h +a_sign.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h +a_sign.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h +a_sign.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h +a_sign.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h +a_sign.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h a_sign.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h a_sign.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -a_sign.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h a_sign.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h a_sign.o: ../cryptlib.h a_sign.c -a_strex.o: ../../e_os.h ../../include/openssl/aes.h -a_strex.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -a_strex.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -a_strex.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -a_strex.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -a_strex.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -a_strex.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -a_strex.o: ../../include/openssl/err.h ../../include/openssl/evp.h -a_strex.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -a_strex.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -a_strex.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h +a_strex.o: ../../e_os.h ../../include/openssl/asn1.h +a_strex.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h +a_strex.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h +a_strex.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h +a_strex.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h +a_strex.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h a_strex.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h a_strex.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h a_strex.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h -a_strex.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -a_strex.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h -a_strex.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -a_strex.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -a_strex.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -a_strex.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h -a_strex.o: ../../include/openssl/x509_vfy.h ../cryptlib.h a_strex.c charmap.h +a_strex.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +a_strex.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +a_strex.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +a_strex.o: ../cryptlib.h a_strex.c charmap.h a_strnid.o: ../../e_os.h ../../include/openssl/asn1.h -a_strnid.o: ../../include/openssl/bio.h ../../include/openssl/bn.h -a_strnid.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h -a_strnid.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -a_strnid.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h -a_strnid.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h +a_strnid.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h +a_strnid.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h +a_strnid.o: ../../include/openssl/err.h ../../include/openssl/lhash.h +a_strnid.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h +a_strnid.o: ../../include/openssl/opensslconf.h a_strnid.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h a_strnid.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h a_strnid.o: ../../include/openssl/symhacks.h ../cryptlib.h a_strnid.c a_time.o: ../../e_os.h ../../include/openssl/asn1.h a_time.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h -a_time.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -a_time.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h -a_time.o: ../../include/openssl/err.h ../../include/openssl/lhash.h -a_time.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -a_time.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h -a_time.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -a_time.o: ../cryptlib.h ../o_time.h a_time.c +a_time.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h +a_time.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h +a_time.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h +a_time.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +a_time.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +a_time.o: ../../include/openssl/symhacks.h ../cryptlib.h ../o_time.h a_time.c a_type.o: ../../e_os.h ../../include/openssl/asn1.h a_type.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h -a_type.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -a_type.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h -a_type.o: ../../include/openssl/err.h ../../include/openssl/lhash.h -a_type.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -a_type.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h -a_type.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -a_type.o: ../cryptlib.h a_type.c +a_type.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h +a_type.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h +a_type.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h +a_type.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h +a_type.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +a_type.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +a_type.o: ../../include/openssl/symhacks.h ../cryptlib.h a_type.c a_utctm.o: ../../e_os.h ../../include/openssl/asn1.h -a_utctm.o: ../../include/openssl/bio.h ../../include/openssl/bn.h -a_utctm.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h -a_utctm.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -a_utctm.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h -a_utctm.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -a_utctm.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h -a_utctm.o: ../../include/openssl/symhacks.h ../cryptlib.h ../o_time.h a_utctm.c +a_utctm.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h +a_utctm.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h +a_utctm.o: ../../include/openssl/err.h ../../include/openssl/lhash.h +a_utctm.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h +a_utctm.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h +a_utctm.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +a_utctm.o: ../cryptlib.h ../o_time.h a_utctm.c a_utf8.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h -a_utf8.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -a_utf8.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h -a_utf8.o: ../../include/openssl/err.h ../../include/openssl/lhash.h -a_utf8.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -a_utf8.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h -a_utf8.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -a_utf8.o: ../cryptlib.h a_utf8.c -a_verify.o: ../../e_os.h ../../include/openssl/aes.h -a_verify.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -a_verify.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -a_verify.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -a_verify.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -a_verify.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -a_verify.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h +a_utf8.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h +a_utf8.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h +a_utf8.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h +a_utf8.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +a_utf8.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +a_utf8.o: ../../include/openssl/symhacks.h ../cryptlib.h a_utf8.c +a_verify.o: ../../e_os.h ../../include/openssl/asn1.h +a_verify.o: ../../include/openssl/bio.h ../../include/openssl/bn.h +a_verify.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h +a_verify.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h +a_verify.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h a_verify.o: ../../include/openssl/err.h ../../include/openssl/evp.h -a_verify.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -a_verify.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -a_verify.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h -a_verify.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -a_verify.o: ../../include/openssl/opensslconf.h +a_verify.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h +a_verify.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h a_verify.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -a_verify.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -a_verify.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -a_verify.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -a_verify.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -a_verify.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -a_verify.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -a_verify.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -a_verify.o: ../cryptlib.h a_verify.c +a_verify.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h +a_verify.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +a_verify.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h +a_verify.o: ../../include/openssl/x509_vfy.h ../cryptlib.h a_verify.c asn1_err.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -asn1_err.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h -asn1_err.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -asn1_err.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h +asn1_err.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h +asn1_err.o: ../../include/openssl/err.h ../../include/openssl/lhash.h +asn1_err.o: ../../include/openssl/opensslconf.h asn1_err.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h asn1_err.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h asn1_err.o: ../../include/openssl/symhacks.h asn1_err.c +asn1_gen.o: ../../e_os.h ../../include/openssl/asn1.h +asn1_gen.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h +asn1_gen.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h +asn1_gen.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h +asn1_gen.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h +asn1_gen.o: ../../include/openssl/err.h ../../include/openssl/evp.h +asn1_gen.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h +asn1_gen.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h +asn1_gen.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +asn1_gen.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h +asn1_gen.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +asn1_gen.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h +asn1_gen.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h +asn1_gen.o: ../cryptlib.h asn1_gen.c asn1_lib.o: ../../e_os.h ../../include/openssl/asn1.h asn1_lib.o: ../../include/openssl/asn1_mac.h ../../include/openssl/bio.h -asn1_lib.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -asn1_lib.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h -asn1_lib.o: ../../include/openssl/err.h ../../include/openssl/lhash.h -asn1_lib.o: ../../include/openssl/opensslconf.h +asn1_lib.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h +asn1_lib.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h +asn1_lib.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h asn1_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h asn1_lib.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h asn1_lib.o: ../../include/openssl/symhacks.h ../cryptlib.h asn1_lib.c asn1_par.o: ../../e_os.h ../../include/openssl/asn1.h -asn1_par.o: ../../include/openssl/bio.h ../../include/openssl/bn.h -asn1_par.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h -asn1_par.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -asn1_par.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h -asn1_par.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h +asn1_par.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h +asn1_par.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h +asn1_par.o: ../../include/openssl/err.h ../../include/openssl/lhash.h +asn1_par.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h +asn1_par.o: ../../include/openssl/opensslconf.h asn1_par.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h asn1_par.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h asn1_par.o: ../../include/openssl/symhacks.h ../cryptlib.h asn1_par.c -asn_moid.o: ../../e_os.h ../../include/openssl/aes.h -asn_moid.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -asn_moid.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -asn_moid.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h +asn_mime.o: ../../e_os.h ../../include/openssl/asn1.h +asn_mime.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h +asn_mime.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h +asn_mime.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h +asn_mime.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h +asn_mime.o: ../../include/openssl/err.h ../../include/openssl/evp.h +asn_mime.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h +asn_mime.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h +asn_mime.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +asn_mime.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h +asn_mime.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +asn_mime.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +asn_mime.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +asn_mime.o: ../cryptlib.h asn_mime.c +asn_moid.o: ../../e_os.h ../../include/openssl/asn1.h +asn_moid.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h asn_moid.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h -asn_moid.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -asn_moid.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h asn_moid.o: ../../include/openssl/dso.h ../../include/openssl/e_os2.h -asn_moid.o: ../../include/openssl/err.h ../../include/openssl/evp.h -asn_moid.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -asn_moid.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -asn_moid.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h +asn_moid.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h +asn_moid.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h +asn_moid.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h asn_moid.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h asn_moid.o: ../../include/openssl/opensslconf.h asn_moid.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -asn_moid.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -asn_moid.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -asn_moid.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -asn_moid.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -asn_moid.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -asn_moid.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -asn_moid.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -asn_moid.o: ../cryptlib.h asn_moid.c +asn_moid.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h +asn_moid.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +asn_moid.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h +asn_moid.o: ../../include/openssl/x509_vfy.h ../cryptlib.h asn_moid.c asn_pack.o: ../../e_os.h ../../include/openssl/asn1.h -asn_pack.o: ../../include/openssl/bio.h ../../include/openssl/bn.h -asn_pack.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h -asn_pack.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -asn_pack.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h +asn_pack.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h +asn_pack.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h +asn_pack.o: ../../include/openssl/err.h ../../include/openssl/lhash.h +asn_pack.o: ../../include/openssl/opensslconf.h asn_pack.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h asn_pack.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h asn_pack.o: ../../include/openssl/symhacks.h ../cryptlib.h asn_pack.c -d2i_pr.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h -d2i_pr.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h +d2i_pr.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h d2i_pr.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -d2i_pr.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h -d2i_pr.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -d2i_pr.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -d2i_pr.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -d2i_pr.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -d2i_pr.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -d2i_pr.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -d2i_pr.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h +d2i_pr.o: ../../include/openssl/crypto.h ../../include/openssl/dsa.h +d2i_pr.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h +d2i_pr.o: ../../include/openssl/err.h ../../include/openssl/evp.h +d2i_pr.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h d2i_pr.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h d2i_pr.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -d2i_pr.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -d2i_pr.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h d2i_pr.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -d2i_pr.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -d2i_pr.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -d2i_pr.o: ../../include/openssl/ui_compat.h ../cryptlib.h d2i_pr.c -d2i_pu.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h -d2i_pu.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h +d2i_pr.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +d2i_pr.o: ../cryptlib.h d2i_pr.c +d2i_pu.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h d2i_pu.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -d2i_pu.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h -d2i_pu.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -d2i_pu.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -d2i_pu.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -d2i_pu.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -d2i_pu.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -d2i_pu.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -d2i_pu.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h +d2i_pu.o: ../../include/openssl/crypto.h ../../include/openssl/dsa.h +d2i_pu.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h +d2i_pu.o: ../../include/openssl/err.h ../../include/openssl/evp.h +d2i_pu.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h d2i_pu.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h d2i_pu.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -d2i_pu.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -d2i_pu.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h d2i_pu.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -d2i_pu.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -d2i_pu.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -d2i_pu.o: ../../include/openssl/ui_compat.h ../cryptlib.h d2i_pu.c +d2i_pu.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +d2i_pu.o: ../cryptlib.h d2i_pu.c evp_asn1.o: ../../e_os.h ../../include/openssl/asn1.h evp_asn1.o: ../../include/openssl/asn1_mac.h ../../include/openssl/bio.h -evp_asn1.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -evp_asn1.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h -evp_asn1.o: ../../include/openssl/err.h ../../include/openssl/lhash.h -evp_asn1.o: ../../include/openssl/opensslconf.h +evp_asn1.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h +evp_asn1.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h +evp_asn1.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h evp_asn1.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h evp_asn1.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h evp_asn1.o: ../../include/openssl/symhacks.h ../cryptlib.h evp_asn1.c f_enum.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h -f_enum.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -f_enum.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h -f_enum.o: ../../include/openssl/err.h ../../include/openssl/lhash.h -f_enum.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -f_enum.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h -f_enum.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -f_enum.o: ../cryptlib.h f_enum.c +f_enum.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h +f_enum.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h +f_enum.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h +f_enum.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +f_enum.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +f_enum.o: ../../include/openssl/symhacks.h ../cryptlib.h f_enum.c f_int.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h -f_int.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -f_int.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h -f_int.o: ../../include/openssl/err.h ../../include/openssl/lhash.h -f_int.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -f_int.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h -f_int.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -f_int.o: ../cryptlib.h f_int.c +f_int.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h +f_int.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h +f_int.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h +f_int.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +f_int.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +f_int.o: ../../include/openssl/symhacks.h ../cryptlib.h f_int.c f_string.o: ../../e_os.h ../../include/openssl/asn1.h -f_string.o: ../../include/openssl/bio.h ../../include/openssl/bn.h -f_string.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h -f_string.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -f_string.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h +f_string.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h +f_string.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h +f_string.o: ../../include/openssl/err.h ../../include/openssl/lhash.h +f_string.o: ../../include/openssl/opensslconf.h f_string.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h f_string.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h f_string.o: ../../include/openssl/symhacks.h ../cryptlib.h f_string.c -i2d_pr.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h -i2d_pr.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h +i2d_pr.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h i2d_pr.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -i2d_pr.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h -i2d_pr.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -i2d_pr.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -i2d_pr.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -i2d_pr.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -i2d_pr.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -i2d_pr.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -i2d_pr.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h +i2d_pr.o: ../../include/openssl/crypto.h ../../include/openssl/dsa.h +i2d_pr.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h +i2d_pr.o: ../../include/openssl/err.h ../../include/openssl/evp.h +i2d_pr.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h i2d_pr.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h i2d_pr.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -i2d_pr.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -i2d_pr.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h i2d_pr.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -i2d_pr.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -i2d_pr.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -i2d_pr.o: ../../include/openssl/ui_compat.h ../cryptlib.h i2d_pr.c -i2d_pu.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h -i2d_pu.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h +i2d_pr.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +i2d_pr.o: ../cryptlib.h i2d_pr.c +i2d_pu.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h i2d_pu.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -i2d_pu.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h -i2d_pu.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -i2d_pu.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -i2d_pu.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -i2d_pu.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -i2d_pu.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -i2d_pu.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -i2d_pu.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h +i2d_pu.o: ../../include/openssl/crypto.h ../../include/openssl/dsa.h +i2d_pu.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h +i2d_pu.o: ../../include/openssl/err.h ../../include/openssl/evp.h +i2d_pu.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h i2d_pu.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h i2d_pu.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -i2d_pu.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -i2d_pu.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h i2d_pu.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -i2d_pu.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -i2d_pu.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -i2d_pu.o: ../../include/openssl/ui_compat.h ../cryptlib.h i2d_pu.c -n_pkey.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h +i2d_pu.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +i2d_pu.o: ../cryptlib.h i2d_pu.c +n_pkey.o: ../../e_os.h ../../include/openssl/asn1.h n_pkey.o: ../../include/openssl/asn1_mac.h ../../include/openssl/asn1t.h -n_pkey.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -n_pkey.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -n_pkey.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h -n_pkey.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -n_pkey.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -n_pkey.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -n_pkey.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -n_pkey.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -n_pkey.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -n_pkey.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h -n_pkey.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -n_pkey.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -n_pkey.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -n_pkey.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -n_pkey.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -n_pkey.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -n_pkey.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -n_pkey.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -n_pkey.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -n_pkey.o: ../cryptlib.h n_pkey.c -nsseq.o: ../../include/openssl/aes.h ../../include/openssl/asn1.h -nsseq.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h -nsseq.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -nsseq.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -nsseq.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -nsseq.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -nsseq.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -nsseq.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -nsseq.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -nsseq.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -nsseq.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h +n_pkey.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h +n_pkey.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h +n_pkey.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h +n_pkey.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h +n_pkey.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h +n_pkey.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h +n_pkey.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h +n_pkey.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h +n_pkey.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h +n_pkey.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +n_pkey.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h +n_pkey.o: ../../include/openssl/x509_vfy.h ../cryptlib.h n_pkey.c +nsseq.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h +nsseq.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h +nsseq.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h +nsseq.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h +nsseq.o: ../../include/openssl/ecdsa.h ../../include/openssl/evp.h +nsseq.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h nsseq.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h nsseq.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -nsseq.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -nsseq.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -nsseq.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -nsseq.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -nsseq.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -nsseq.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -nsseq.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h nsseq.c -p5_pbe.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h +nsseq.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h +nsseq.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +nsseq.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h +nsseq.o: ../../include/openssl/x509_vfy.h nsseq.c +p5_pbe.o: ../../e_os.h ../../include/openssl/asn1.h p5_pbe.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h -p5_pbe.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -p5_pbe.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -p5_pbe.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -p5_pbe.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -p5_pbe.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h +p5_pbe.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h +p5_pbe.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h +p5_pbe.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h p5_pbe.o: ../../include/openssl/err.h ../../include/openssl/evp.h -p5_pbe.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -p5_pbe.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -p5_pbe.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h -p5_pbe.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -p5_pbe.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -p5_pbe.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h -p5_pbe.o: ../../include/openssl/rand.h ../../include/openssl/rc2.h -p5_pbe.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -p5_pbe.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h +p5_pbe.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h +p5_pbe.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h +p5_pbe.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +p5_pbe.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h p5_pbe.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h p5_pbe.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -p5_pbe.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h p5_pbe.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h p5_pbe.o: ../cryptlib.h p5_pbe.c -p5_pbev2.o: ../../e_os.h ../../include/openssl/aes.h -p5_pbev2.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h -p5_pbev2.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -p5_pbev2.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -p5_pbev2.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h -p5_pbev2.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -p5_pbev2.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -p5_pbev2.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -p5_pbev2.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -p5_pbev2.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -p5_pbev2.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -p5_pbev2.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h +p5_pbev2.o: ../../e_os.h ../../include/openssl/asn1.h +p5_pbev2.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h +p5_pbev2.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h +p5_pbev2.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h +p5_pbev2.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h +p5_pbev2.o: ../../include/openssl/err.h ../../include/openssl/evp.h +p5_pbev2.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h p5_pbev2.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h p5_pbev2.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h p5_pbev2.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h -p5_pbev2.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -p5_pbev2.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h -p5_pbev2.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -p5_pbev2.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -p5_pbev2.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -p5_pbev2.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h -p5_pbev2.o: ../../include/openssl/x509_vfy.h ../cryptlib.h p5_pbev2.c -p8_pkey.o: ../../e_os.h ../../include/openssl/aes.h -p8_pkey.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h -p8_pkey.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -p8_pkey.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -p8_pkey.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h -p8_pkey.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -p8_pkey.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -p8_pkey.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -p8_pkey.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -p8_pkey.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -p8_pkey.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -p8_pkey.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h +p5_pbev2.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +p5_pbev2.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +p5_pbev2.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +p5_pbev2.o: ../cryptlib.h p5_pbev2.c +p8_pkey.o: ../../e_os.h ../../include/openssl/asn1.h +p8_pkey.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h +p8_pkey.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h +p8_pkey.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h +p8_pkey.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h +p8_pkey.o: ../../include/openssl/err.h ../../include/openssl/evp.h +p8_pkey.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h p8_pkey.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h p8_pkey.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -p8_pkey.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -p8_pkey.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -p8_pkey.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -p8_pkey.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -p8_pkey.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -p8_pkey.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -p8_pkey.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -p8_pkey.o: ../cryptlib.h p8_pkey.c -t_bitst.o: ../../e_os.h ../../include/openssl/aes.h -t_bitst.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -t_bitst.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -t_bitst.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h +p8_pkey.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h +p8_pkey.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +p8_pkey.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h +p8_pkey.o: ../../include/openssl/x509_vfy.h ../cryptlib.h p8_pkey.c +t_bitst.o: ../../e_os.h ../../include/openssl/asn1.h +t_bitst.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h t_bitst.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h -t_bitst.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -t_bitst.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -t_bitst.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -t_bitst.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -t_bitst.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -t_bitst.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -t_bitst.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h +t_bitst.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h +t_bitst.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h +t_bitst.o: ../../include/openssl/err.h ../../include/openssl/evp.h +t_bitst.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h t_bitst.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h t_bitst.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -t_bitst.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -t_bitst.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -t_bitst.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -t_bitst.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -t_bitst.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -t_bitst.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -t_bitst.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -t_bitst.o: ../../include/openssl/x509v3.h ../cryptlib.h t_bitst.c -t_crl.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h -t_crl.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h +t_bitst.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h +t_bitst.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +t_bitst.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h +t_bitst.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h +t_bitst.o: ../cryptlib.h t_bitst.c +t_crl.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h t_crl.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -t_crl.o: ../../include/openssl/cast.h ../../include/openssl/conf.h -t_crl.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -t_crl.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -t_crl.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h +t_crl.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h +t_crl.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h +t_crl.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h t_crl.o: ../../include/openssl/err.h ../../include/openssl/evp.h -t_crl.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -t_crl.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -t_crl.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h -t_crl.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -t_crl.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -t_crl.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h -t_crl.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -t_crl.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h -t_crl.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h +t_crl.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h +t_crl.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h +t_crl.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +t_crl.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h t_crl.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -t_crl.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -t_crl.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h +t_crl.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h t_crl.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h t_crl.o: ../cryptlib.h t_crl.c t_pkey.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h t_pkey.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h t_pkey.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h t_pkey.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -t_pkey.o: ../../include/openssl/err.h ../../include/openssl/lhash.h -t_pkey.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -t_pkey.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rsa.h -t_pkey.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h -t_pkey.o: ../../include/openssl/symhacks.h ../cryptlib.h t_pkey.c -t_req.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h -t_req.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h +t_pkey.o: ../../include/openssl/ec.h ../../include/openssl/err.h +t_pkey.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h +t_pkey.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h +t_pkey.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +t_pkey.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h +t_pkey.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +t_pkey.o: ../cryptlib.h t_pkey.c +t_req.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h t_req.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -t_req.o: ../../include/openssl/cast.h ../../include/openssl/conf.h -t_req.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -t_req.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h +t_req.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h t_req.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -t_req.o: ../../include/openssl/err.h ../../include/openssl/evp.h -t_req.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -t_req.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -t_req.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h +t_req.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h +t_req.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h +t_req.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h t_req.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h t_req.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h t_req.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h -t_req.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -t_req.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h t_req.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h t_req.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -t_req.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -t_req.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h +t_req.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h t_req.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h t_req.o: ../cryptlib.h t_req.c -t_spki.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h -t_spki.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h +t_spki.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h t_spki.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -t_spki.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h -t_spki.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -t_spki.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -t_spki.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -t_spki.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -t_spki.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -t_spki.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -t_spki.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h +t_spki.o: ../../include/openssl/crypto.h ../../include/openssl/dsa.h +t_spki.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h +t_spki.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h +t_spki.o: ../../include/openssl/err.h ../../include/openssl/evp.h +t_spki.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h t_spki.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h t_spki.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -t_spki.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -t_spki.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -t_spki.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h +t_spki.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h t_spki.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h t_spki.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -t_spki.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h t_spki.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h t_spki.o: ../cryptlib.h t_spki.c -t_x509.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h -t_x509.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h +t_x509.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h t_x509.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -t_x509.o: ../../include/openssl/cast.h ../../include/openssl/conf.h -t_x509.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -t_x509.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h +t_x509.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h t_x509.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -t_x509.o: ../../include/openssl/err.h ../../include/openssl/evp.h -t_x509.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -t_x509.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -t_x509.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h +t_x509.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h +t_x509.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h +t_x509.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h t_x509.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h t_x509.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h t_x509.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h -t_x509.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -t_x509.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h t_x509.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h t_x509.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -t_x509.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -t_x509.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h +t_x509.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h t_x509.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h t_x509.o: ../cryptlib.h t_x509.c -t_x509a.o: ../../e_os.h ../../include/openssl/aes.h -t_x509a.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -t_x509a.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -t_x509a.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -t_x509a.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -t_x509a.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -t_x509a.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -t_x509a.o: ../../include/openssl/err.h ../../include/openssl/evp.h -t_x509a.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -t_x509a.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -t_x509a.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h +t_x509a.o: ../../e_os.h ../../include/openssl/asn1.h +t_x509a.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h +t_x509a.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h +t_x509a.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h +t_x509a.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h +t_x509a.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h t_x509a.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h t_x509a.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h t_x509a.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h -t_x509a.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -t_x509a.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h -t_x509a.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -t_x509a.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -t_x509a.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -t_x509a.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h -t_x509a.o: ../../include/openssl/x509_vfy.h ../cryptlib.h t_x509a.c +t_x509a.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +t_x509a.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +t_x509a.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +t_x509a.o: ../cryptlib.h t_x509a.c tasn_dec.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h -tasn_dec.o: ../../include/openssl/bio.h ../../include/openssl/bn.h -tasn_dec.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h -tasn_dec.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -tasn_dec.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h -tasn_dec.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h +tasn_dec.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h +tasn_dec.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h +tasn_dec.o: ../../include/openssl/err.h ../../include/openssl/lhash.h +tasn_dec.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h +tasn_dec.o: ../../include/openssl/opensslconf.h tasn_dec.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h tasn_dec.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h tasn_dec.o: ../../include/openssl/symhacks.h tasn_dec.c -tasn_enc.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h -tasn_enc.o: ../../include/openssl/bio.h ../../include/openssl/bn.h -tasn_enc.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h -tasn_enc.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -tasn_enc.o: ../../include/openssl/opensslconf.h +tasn_enc.o: ../../e_os.h ../../include/openssl/asn1.h +tasn_enc.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h +tasn_enc.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h +tasn_enc.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h +tasn_enc.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h +tasn_enc.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h tasn_enc.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h tasn_enc.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h -tasn_enc.o: ../../include/openssl/symhacks.h tasn_enc.c +tasn_enc.o: ../../include/openssl/symhacks.h ../cryptlib.h tasn_enc.c tasn_fre.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h -tasn_fre.o: ../../include/openssl/bio.h ../../include/openssl/bn.h -tasn_fre.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h -tasn_fre.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -tasn_fre.o: ../../include/openssl/opensslconf.h +tasn_fre.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h +tasn_fre.o: ../../include/openssl/e_os2.h ../../include/openssl/obj_mac.h +tasn_fre.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h tasn_fre.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h tasn_fre.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h tasn_fre.o: ../../include/openssl/symhacks.h tasn_fre.c tasn_new.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h -tasn_new.o: ../../include/openssl/bio.h ../../include/openssl/bn.h -tasn_new.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h -tasn_new.o: ../../include/openssl/err.h ../../include/openssl/lhash.h -tasn_new.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -tasn_new.o: ../../include/openssl/opensslconf.h +tasn_new.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h +tasn_new.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h +tasn_new.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h +tasn_new.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h tasn_new.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h tasn_new.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h tasn_new.o: ../../include/openssl/symhacks.h tasn_new.c tasn_typ.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h -tasn_typ.o: ../../include/openssl/bio.h ../../include/openssl/bn.h -tasn_typ.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h -tasn_typ.o: ../../include/openssl/opensslconf.h +tasn_typ.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h +tasn_typ.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h tasn_typ.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h tasn_typ.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h tasn_typ.o: ../../include/openssl/symhacks.h tasn_typ.c tasn_utl.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h -tasn_utl.o: ../../include/openssl/bio.h ../../include/openssl/bn.h -tasn_utl.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h -tasn_utl.o: ../../include/openssl/err.h ../../include/openssl/lhash.h -tasn_utl.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -tasn_utl.o: ../../include/openssl/opensslconf.h +tasn_utl.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h +tasn_utl.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h +tasn_utl.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h +tasn_utl.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h tasn_utl.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h tasn_utl.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h tasn_utl.o: ../../include/openssl/symhacks.h tasn_utl.c -x_algor.o: ../../include/openssl/aes.h ../../include/openssl/asn1.h -x_algor.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h -x_algor.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -x_algor.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -x_algor.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -x_algor.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -x_algor.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -x_algor.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -x_algor.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -x_algor.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -x_algor.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h +x_algor.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h +x_algor.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h +x_algor.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h +x_algor.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h +x_algor.o: ../../include/openssl/ecdsa.h ../../include/openssl/evp.h +x_algor.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h x_algor.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h x_algor.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -x_algor.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -x_algor.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -x_algor.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -x_algor.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -x_algor.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -x_algor.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -x_algor.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -x_algor.o: x_algor.c -x_attrib.o: ../../e_os.h ../../include/openssl/aes.h -x_attrib.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h -x_attrib.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -x_attrib.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -x_attrib.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h -x_attrib.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -x_attrib.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -x_attrib.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -x_attrib.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -x_attrib.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -x_attrib.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -x_attrib.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h +x_algor.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h +x_algor.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +x_algor.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h +x_algor.o: ../../include/openssl/x509_vfy.h x_algor.c +x_attrib.o: ../../e_os.h ../../include/openssl/asn1.h +x_attrib.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h +x_attrib.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h +x_attrib.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h +x_attrib.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h +x_attrib.o: ../../include/openssl/err.h ../../include/openssl/evp.h +x_attrib.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h x_attrib.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h x_attrib.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -x_attrib.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -x_attrib.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -x_attrib.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -x_attrib.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -x_attrib.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -x_attrib.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -x_attrib.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -x_attrib.o: ../cryptlib.h x_attrib.c +x_attrib.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h +x_attrib.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +x_attrib.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h +x_attrib.o: ../../include/openssl/x509_vfy.h ../cryptlib.h x_attrib.c x_bignum.o: ../../e_os.h ../../include/openssl/asn1.h x_bignum.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h x_bignum.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h @@ -884,69 +717,43 @@ x_bignum.o: ../../include/openssl/opensslconf.h x_bignum.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h x_bignum.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h x_bignum.o: ../../include/openssl/symhacks.h ../cryptlib.h x_bignum.c -x_crl.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h +x_crl.o: ../../e_os.h ../../include/openssl/asn1.h x_crl.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h -x_crl.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -x_crl.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -x_crl.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -x_crl.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -x_crl.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h +x_crl.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h +x_crl.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h +x_crl.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h x_crl.o: ../../include/openssl/err.h ../../include/openssl/evp.h -x_crl.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -x_crl.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -x_crl.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h -x_crl.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -x_crl.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -x_crl.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h -x_crl.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -x_crl.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h -x_crl.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h +x_crl.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h +x_crl.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h +x_crl.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +x_crl.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h x_crl.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -x_crl.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -x_crl.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h +x_crl.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h x_crl.o: ../../include/openssl/x509_vfy.h ../cryptlib.h x_crl.c -x_exten.o: ../../include/openssl/aes.h ../../include/openssl/asn1.h -x_exten.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h -x_exten.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -x_exten.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -x_exten.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -x_exten.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -x_exten.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -x_exten.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -x_exten.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -x_exten.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -x_exten.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h +x_exten.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h +x_exten.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h +x_exten.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h +x_exten.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h +x_exten.o: ../../include/openssl/ecdsa.h ../../include/openssl/evp.h +x_exten.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h x_exten.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h x_exten.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -x_exten.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -x_exten.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -x_exten.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -x_exten.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -x_exten.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -x_exten.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -x_exten.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -x_exten.o: x_exten.c -x_info.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h -x_info.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -x_info.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -x_info.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h -x_info.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -x_info.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -x_info.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -x_info.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -x_info.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -x_info.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -x_info.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h +x_exten.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h +x_exten.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +x_exten.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h +x_exten.o: ../../include/openssl/x509_vfy.h x_exten.c +x_info.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h +x_info.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h +x_info.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h +x_info.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h +x_info.o: ../../include/openssl/err.h ../../include/openssl/evp.h +x_info.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h x_info.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h x_info.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -x_info.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -x_info.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -x_info.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -x_info.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -x_info.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -x_info.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -x_info.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -x_info.o: ../cryptlib.h x_info.c +x_info.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h +x_info.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +x_info.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h +x_info.o: ../../include/openssl/x509_vfy.h ../cryptlib.h x_info.c x_long.o: ../../e_os.h ../../include/openssl/asn1.h x_long.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h x_long.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h @@ -956,195 +763,123 @@ x_long.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h x_long.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h x_long.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h x_long.o: ../cryptlib.h x_long.c -x_name.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h +x_name.o: ../../e_os.h ../../include/openssl/asn1.h x_name.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h -x_name.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -x_name.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -x_name.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -x_name.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -x_name.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h +x_name.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h +x_name.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h +x_name.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h x_name.o: ../../include/openssl/err.h ../../include/openssl/evp.h -x_name.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -x_name.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -x_name.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h -x_name.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -x_name.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -x_name.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h -x_name.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -x_name.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h -x_name.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h +x_name.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h +x_name.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h +x_name.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +x_name.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h x_name.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -x_name.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -x_name.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h +x_name.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h x_name.o: ../../include/openssl/x509_vfy.h ../cryptlib.h x_name.c -x_pkey.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h +x_pkey.o: ../../e_os.h ../../include/openssl/asn1.h x_pkey.o: ../../include/openssl/asn1_mac.h ../../include/openssl/bio.h -x_pkey.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -x_pkey.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -x_pkey.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -x_pkey.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -x_pkey.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h +x_pkey.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h +x_pkey.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h +x_pkey.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h x_pkey.o: ../../include/openssl/err.h ../../include/openssl/evp.h -x_pkey.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -x_pkey.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -x_pkey.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h -x_pkey.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -x_pkey.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -x_pkey.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h -x_pkey.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -x_pkey.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h -x_pkey.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h +x_pkey.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h +x_pkey.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h +x_pkey.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +x_pkey.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h x_pkey.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -x_pkey.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -x_pkey.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h +x_pkey.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h x_pkey.o: ../../include/openssl/x509_vfy.h ../cryptlib.h x_pkey.c -x_pubkey.o: ../../e_os.h ../../include/openssl/aes.h -x_pubkey.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h -x_pubkey.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -x_pubkey.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -x_pubkey.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h -x_pubkey.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -x_pubkey.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -x_pubkey.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -x_pubkey.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -x_pubkey.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -x_pubkey.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -x_pubkey.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h -x_pubkey.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h +x_pubkey.o: ../../e_os.h ../../include/openssl/asn1.h +x_pubkey.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h +x_pubkey.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h +x_pubkey.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h +x_pubkey.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h +x_pubkey.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h +x_pubkey.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h +x_pubkey.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h +x_pubkey.o: ../../include/openssl/opensslconf.h x_pubkey.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -x_pubkey.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -x_pubkey.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -x_pubkey.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h +x_pubkey.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h x_pubkey.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h x_pubkey.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -x_pubkey.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h x_pubkey.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h x_pubkey.o: ../cryptlib.h x_pubkey.c -x_req.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h +x_req.o: ../../e_os.h ../../include/openssl/asn1.h x_req.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h -x_req.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -x_req.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -x_req.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -x_req.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -x_req.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h +x_req.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h +x_req.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h +x_req.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h x_req.o: ../../include/openssl/err.h ../../include/openssl/evp.h -x_req.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -x_req.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -x_req.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h -x_req.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -x_req.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -x_req.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h -x_req.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -x_req.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h -x_req.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h +x_req.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h +x_req.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h +x_req.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +x_req.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h x_req.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -x_req.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -x_req.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h +x_req.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h x_req.o: ../../include/openssl/x509_vfy.h ../cryptlib.h x_req.c -x_sig.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h +x_sig.o: ../../e_os.h ../../include/openssl/asn1.h x_sig.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h -x_sig.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -x_sig.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -x_sig.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -x_sig.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -x_sig.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h +x_sig.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h +x_sig.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h +x_sig.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h x_sig.o: ../../include/openssl/err.h ../../include/openssl/evp.h -x_sig.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -x_sig.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -x_sig.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h -x_sig.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -x_sig.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -x_sig.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h -x_sig.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -x_sig.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h -x_sig.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h +x_sig.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h +x_sig.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h +x_sig.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +x_sig.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h x_sig.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -x_sig.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -x_sig.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h +x_sig.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h x_sig.o: ../../include/openssl/x509_vfy.h ../cryptlib.h x_sig.c -x_spki.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h +x_spki.o: ../../e_os.h ../../include/openssl/asn1.h x_spki.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h -x_spki.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -x_spki.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -x_spki.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -x_spki.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -x_spki.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h +x_spki.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h +x_spki.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h +x_spki.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h x_spki.o: ../../include/openssl/err.h ../../include/openssl/evp.h -x_spki.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -x_spki.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -x_spki.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h -x_spki.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -x_spki.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -x_spki.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h -x_spki.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -x_spki.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h -x_spki.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h +x_spki.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h +x_spki.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h +x_spki.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +x_spki.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h x_spki.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -x_spki.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -x_spki.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h +x_spki.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h x_spki.o: ../../include/openssl/x509_vfy.h ../cryptlib.h x_spki.c -x_val.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h +x_val.o: ../../e_os.h ../../include/openssl/asn1.h x_val.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h -x_val.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -x_val.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -x_val.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -x_val.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -x_val.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h +x_val.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h +x_val.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h +x_val.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h x_val.o: ../../include/openssl/err.h ../../include/openssl/evp.h -x_val.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -x_val.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -x_val.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h -x_val.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -x_val.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -x_val.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h -x_val.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -x_val.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h -x_val.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h +x_val.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h +x_val.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h +x_val.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +x_val.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h x_val.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -x_val.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -x_val.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h +x_val.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h x_val.o: ../../include/openssl/x509_vfy.h ../cryptlib.h x_val.c -x_x509.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h +x_x509.o: ../../e_os.h ../../include/openssl/asn1.h x_x509.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h -x_x509.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -x_x509.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -x_x509.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h -x_x509.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -x_x509.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -x_x509.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -x_x509.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -x_x509.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -x_x509.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -x_x509.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h -x_x509.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -x_x509.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -x_x509.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -x_x509.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -x_x509.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h +x_x509.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h +x_x509.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h +x_x509.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h +x_x509.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h +x_x509.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h +x_x509.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h +x_x509.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h +x_x509.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h x_x509.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h x_x509.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -x_x509.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h x_x509.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h x_x509.o: ../../include/openssl/x509v3.h ../cryptlib.h x_x509.c -x_x509a.o: ../../e_os.h ../../include/openssl/aes.h -x_x509a.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h -x_x509a.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -x_x509a.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -x_x509a.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h -x_x509a.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -x_x509a.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -x_x509a.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -x_x509a.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -x_x509a.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -x_x509a.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -x_x509a.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h +x_x509a.o: ../../e_os.h ../../include/openssl/asn1.h +x_x509a.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h +x_x509a.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h +x_x509a.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h +x_x509a.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h +x_x509a.o: ../../include/openssl/err.h ../../include/openssl/evp.h +x_x509a.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h x_x509a.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h x_x509a.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -x_x509a.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -x_x509a.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -x_x509a.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -x_x509a.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -x_x509a.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -x_x509a.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -x_x509a.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -x_x509a.o: ../cryptlib.h x_x509a.c +x_x509a.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h +x_x509a.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +x_x509a.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h +x_x509a.o: ../../include/openssl/x509_vfy.h ../cryptlib.h x_x509a.c diff --git a/src/lib/libssl/src/crypto/asn1/a_bitstr.c b/src/lib/libssl/src/crypto/asn1/a_bitstr.c index b81bf4fc81..0fb9ce0c2a 100644 --- a/src/lib/libssl/src/crypto/asn1/a_bitstr.c +++ b/src/lib/libssl/src/crypto/asn1/a_bitstr.c @@ -113,11 +113,12 @@ int i2c_ASN1_BIT_STRING(ASN1_BIT_STRING *a, unsigned char **pp) return(ret); } -ASN1_BIT_STRING *c2i_ASN1_BIT_STRING(ASN1_BIT_STRING **a, unsigned char **pp, - long len) +ASN1_BIT_STRING *c2i_ASN1_BIT_STRING(ASN1_BIT_STRING **a, + const unsigned char **pp, long len) { ASN1_BIT_STRING *ret=NULL; - unsigned char *p,*s; + const unsigned char *p; + unsigned char *s; int i; if (len < 1) @@ -164,7 +165,7 @@ ASN1_BIT_STRING *c2i_ASN1_BIT_STRING(ASN1_BIT_STRING **a, unsigned char **pp, *pp=p; return(ret); err: - ASN1err(ASN1_F_D2I_ASN1_BIT_STRING,i); + ASN1err(ASN1_F_C2I_ASN1_BIT_STRING,i); if ((ret != NULL) && ((a == NULL) || (*a != ret))) M_ASN1_BIT_STRING_free(ret); return(NULL); @@ -182,9 +183,11 @@ int ASN1_BIT_STRING_set_bit(ASN1_BIT_STRING *a, int n, int value) iv= ~v; if (!value) v=0; + if (a == NULL) + return 0; + a->flags&= ~(ASN1_STRING_FLAG_BITS_LEFT|0x07); /* clear, set on write */ - if (a == NULL) return(0); if ((a->length < (w+1)) || (a->data == NULL)) { if (!value) return(1); /* Don't need to set */ diff --git a/src/lib/libssl/src/crypto/asn1/a_bool.c b/src/lib/libssl/src/crypto/asn1/a_bool.c index 24333ea4d5..331acdf053 100644 --- a/src/lib/libssl/src/crypto/asn1/a_bool.c +++ b/src/lib/libssl/src/crypto/asn1/a_bool.c @@ -75,10 +75,10 @@ int i2d_ASN1_BOOLEAN(int a, unsigned char **pp) return(r); } -int d2i_ASN1_BOOLEAN(int *a, unsigned char **pp, long length) +int d2i_ASN1_BOOLEAN(int *a, const unsigned char **pp, long length) { int ret= -1; - unsigned char *p; + const unsigned char *p; long len; int inf,tag,xclass; int i=0; diff --git a/src/lib/libssl/src/crypto/asn1/a_bytes.c b/src/lib/libssl/src/crypto/asn1/a_bytes.c index afd27b80e1..8d13f9c931 100644 --- a/src/lib/libssl/src/crypto/asn1/a_bytes.c +++ b/src/lib/libssl/src/crypto/asn1/a_bytes.c @@ -60,14 +60,15 @@ #include "cryptlib.h" #include -static int asn1_collate_primitive(ASN1_STRING *a, ASN1_CTX *c); +static int asn1_collate_primitive(ASN1_STRING *a, ASN1_const_CTX *c); /* type is a 'bitmap' of acceptable string types. */ -ASN1_STRING *d2i_ASN1_type_bytes(ASN1_STRING **a, unsigned char **pp, +ASN1_STRING *d2i_ASN1_type_bytes(ASN1_STRING **a, const unsigned char **pp, long length, int type) { ASN1_STRING *ret=NULL; - unsigned char *p,*s; + const unsigned char *p; + unsigned char *s; long len; int inf,tag,xclass; int i=0; @@ -153,11 +154,12 @@ int i2d_ASN1_bytes(ASN1_STRING *a, unsigned char **pp, int tag, int xclass) return(r); } -ASN1_STRING *d2i_ASN1_bytes(ASN1_STRING **a, unsigned char **pp, long length, - int Ptag, int Pclass) +ASN1_STRING *d2i_ASN1_bytes(ASN1_STRING **a, const unsigned char **pp, + long length, int Ptag, int Pclass) { ASN1_STRING *ret=NULL; - unsigned char *p,*s; + const unsigned char *p; + unsigned char *s; long len; int inf,tag,xclass; int i=0; @@ -185,7 +187,7 @@ ASN1_STRING *d2i_ASN1_bytes(ASN1_STRING **a, unsigned char **pp, long length, if (inf & V_ASN1_CONSTRUCTED) { - ASN1_CTX c; + ASN1_const_CTX c; c.pp=pp; c.p=p; @@ -247,7 +249,7 @@ err: * them into the one structure that is then returned */ /* There have been a few bug fixes for this function from * Paul Keogh , many thanks to him */ -static int asn1_collate_primitive(ASN1_STRING *a, ASN1_CTX *c) +static int asn1_collate_primitive(ASN1_STRING *a, ASN1_const_CTX *c) { ASN1_STRING *os=NULL; BUF_MEM b; @@ -268,7 +270,7 @@ static int asn1_collate_primitive(ASN1_STRING *a, ASN1_CTX *c) { if (c->inf & 1) { - c->eos=ASN1_check_infinite_end(&c->p, + c->eos=ASN1_const_check_infinite_end(&c->p, (long)(c->max-c->p)); if (c->eos) break; } @@ -296,7 +298,7 @@ static int asn1_collate_primitive(ASN1_STRING *a, ASN1_CTX *c) num+=os->length; } - if (!asn1_Finish(c)) goto err; + if (!asn1_const_Finish(c)) goto err; a->length=num; if (a->data != NULL) OPENSSL_free(a->data); diff --git a/src/lib/libssl/src/crypto/asn1/a_d2i_fp.c b/src/lib/libssl/src/crypto/asn1/a_d2i_fp.c index b67b75e7c2..ece40bc4c0 100644 --- a/src/lib/libssl/src/crypto/asn1/a_d2i_fp.c +++ b/src/lib/libssl/src/crypto/asn1/a_d2i_fp.c @@ -66,11 +66,10 @@ static int asn1_d2i_read_bio(BIO *in, BUF_MEM **pb); #ifndef NO_OLD_ASN1 #ifndef OPENSSL_NO_FP_API -char *ASN1_d2i_fp(char *(*xnew)(), char *(*d2i)(), FILE *in, - unsigned char **x) +void *ASN1_d2i_fp(void *(*xnew)(void), d2i_of_void *d2i, FILE *in, void **x) { BIO *b; - char *ret; + void *ret; if ((b=BIO_new(BIO_s_file())) == NULL) { @@ -84,12 +83,11 @@ char *ASN1_d2i_fp(char *(*xnew)(), char *(*d2i)(), FILE *in, } #endif -char *ASN1_d2i_bio(char *(*xnew)(), char *(*d2i)(), BIO *in, - unsigned char **x) +void *ASN1_d2i_bio(void *(*xnew)(void), d2i_of_void *d2i, BIO *in, void **x) { BUF_MEM *b = NULL; - unsigned char *p; - char *ret=NULL; + const unsigned char *p; + void *ret=NULL; int len; len = asn1_d2i_read_bio(in, &b); @@ -107,14 +105,14 @@ err: void *ASN1_item_d2i_bio(const ASN1_ITEM *it, BIO *in, void *x) { BUF_MEM *b = NULL; - unsigned char *p; + const unsigned char *p; void *ret=NULL; int len; len = asn1_d2i_read_bio(in, &b); if(len < 0) goto err; - p=(unsigned char *)b->data; + p=(const unsigned char *)b->data; ret=ASN1_item_d2i(x,&p,len, it); err: if (b != NULL) BUF_MEM_free(b); @@ -129,7 +127,7 @@ void *ASN1_item_d2i_fp(const ASN1_ITEM *it, FILE *in, void *x) if ((b=BIO_new(BIO_s_file())) == NULL) { - ASN1err(ASN1_F_ASN1_D2I_FP,ERR_R_BUF_LIB); + ASN1err(ASN1_F_ASN1_ITEM_D2I_FP,ERR_R_BUF_LIB); return(NULL); } BIO_set_fp(b,in,BIO_NOCLOSE); @@ -146,7 +144,7 @@ static int asn1_d2i_read_bio(BIO *in, BUF_MEM **pb) unsigned char *p; int i; int ret=-1; - ASN1_CTX c; + ASN1_const_CTX c; int want=HEADER_SIZE; int eos=0; #if defined(__GNUC__) && defined(__ia64) @@ -160,7 +158,7 @@ static int asn1_d2i_read_bio(BIO *in, BUF_MEM **pb) b=BUF_MEM_new(); if (b == NULL) { - ASN1err(ASN1_F_ASN1_D2I_BIO,ERR_R_MALLOC_FAILURE); + ASN1err(ASN1_F_ASN1_D2I_READ_BIO,ERR_R_MALLOC_FAILURE); return -1; } @@ -173,13 +171,13 @@ static int asn1_d2i_read_bio(BIO *in, BUF_MEM **pb) if (!BUF_MEM_grow_clean(b,len+want)) { - ASN1err(ASN1_F_ASN1_D2I_BIO,ERR_R_MALLOC_FAILURE); + ASN1err(ASN1_F_ASN1_D2I_READ_BIO,ERR_R_MALLOC_FAILURE); goto err; } i=BIO_read(in,&(b->data[len]),want); if ((i < 0) && ((len-off) == 0)) { - ASN1err(ASN1_F_ASN1_D2I_BIO,ASN1_R_NOT_ENOUGH_DATA); + ASN1err(ASN1_F_ASN1_D2I_READ_BIO,ASN1_R_NOT_ENOUGH_DATA); goto err; } if (i > 0) @@ -199,7 +197,7 @@ static int asn1_d2i_read_bio(BIO *in, BUF_MEM **pb) if (e != ASN1_R_TOO_LONG) goto err; else - ERR_get_error(); /* clear error */ + ERR_clear_error(); /* clear error */ } i=c.p-p;/* header length */ off+=i; /* end of data */ @@ -228,7 +226,7 @@ static int asn1_d2i_read_bio(BIO *in, BUF_MEM **pb) want-=(len-off); if (!BUF_MEM_grow_clean(b,len+want)) { - ASN1err(ASN1_F_ASN1_D2I_BIO,ERR_R_MALLOC_FAILURE); + ASN1err(ASN1_F_ASN1_D2I_READ_BIO,ERR_R_MALLOC_FAILURE); goto err; } while (want > 0) @@ -236,7 +234,7 @@ static int asn1_d2i_read_bio(BIO *in, BUF_MEM **pb) i=BIO_read(in,&(b->data[len]),want); if (i <= 0) { - ASN1err(ASN1_F_ASN1_D2I_BIO, + ASN1err(ASN1_F_ASN1_D2I_READ_BIO, ASN1_R_NOT_ENOUGH_DATA); goto err; } diff --git a/src/lib/libssl/src/crypto/asn1/a_digest.c b/src/lib/libssl/src/crypto/asn1/a_digest.c index 7182e9fa5d..d00d9e22b1 100644 --- a/src/lib/libssl/src/crypto/asn1/a_digest.c +++ b/src/lib/libssl/src/crypto/asn1/a_digest.c @@ -72,7 +72,7 @@ #ifndef NO_ASN1_OLD -int ASN1_digest(int (*i2d)(), const EVP_MD *type, char *data, +int ASN1_digest(i2d_of_void *i2d, const EVP_MD *type, char *data, unsigned char *md, unsigned int *len) { int i; diff --git a/src/lib/libssl/src/crypto/asn1/a_dup.c b/src/lib/libssl/src/crypto/asn1/a_dup.c index 58a017884c..199d50f521 100644 --- a/src/lib/libssl/src/crypto/asn1/a_dup.c +++ b/src/lib/libssl/src/crypto/asn1/a_dup.c @@ -62,22 +62,23 @@ #ifndef NO_OLD_ASN1 -char *ASN1_dup(int (*i2d)(), char *(*d2i)(), char *x) +void *ASN1_dup(i2d_of_void *i2d, d2i_of_void *d2i, char *x) { unsigned char *b,*p; - long i; + const unsigned char *p2; + int i; char *ret; if (x == NULL) return(NULL); - i=(long)i2d(x,NULL); - b=(unsigned char *)OPENSSL_malloc((unsigned int)i+10); + i=i2d(x,NULL); + b=OPENSSL_malloc(i+10); if (b == NULL) { ASN1err(ASN1_F_ASN1_DUP,ERR_R_MALLOC_FAILURE); return(NULL); } p= b; i=i2d(x,&p); - p= b; - ret=d2i(NULL,&p,i); + p2= b; + ret=d2i(NULL,&p2,i); OPENSSL_free(b); return(ret); } @@ -91,7 +92,8 @@ char *ASN1_dup(int (*i2d)(), char *(*d2i)(), char *x) void *ASN1_item_dup(const ASN1_ITEM *it, void *x) { - unsigned char *b = NULL, *p; + unsigned char *b = NULL; + const unsigned char *p; long i; void *ret; @@ -99,7 +101,7 @@ void *ASN1_item_dup(const ASN1_ITEM *it, void *x) i=ASN1_item_i2d(x,&b,it); if (b == NULL) - { ASN1err(ASN1_F_ASN1_DUP,ERR_R_MALLOC_FAILURE); return(NULL); } + { ASN1err(ASN1_F_ASN1_ITEM_DUP,ERR_R_MALLOC_FAILURE); return(NULL); } p= b; ret=ASN1_item_d2i(NULL,&p,i, it); OPENSSL_free(b); diff --git a/src/lib/libssl/src/crypto/asn1/a_enum.c b/src/lib/libssl/src/crypto/asn1/a_enum.c index 03ede68d1c..fe9aa13b9c 100644 --- a/src/lib/libssl/src/crypto/asn1/a_enum.c +++ b/src/lib/libssl/src/crypto/asn1/a_enum.c @@ -59,6 +59,7 @@ #include #include "cryptlib.h" #include +#include /* * Code for ENUMERATED type: identical to INTEGER apart from a different tag. @@ -67,12 +68,13 @@ int ASN1_ENUMERATED_set(ASN1_ENUMERATED *a, long v) { - int i,j,k; + int j,k; + unsigned int i; unsigned char buf[sizeof(long)+1]; long d; a->type=V_ASN1_ENUMERATED; - if (a->length < (sizeof(long)+1)) + if (a->length < (int)(sizeof(long)+1)) { if (a->data != NULL) OPENSSL_free(a->data); @@ -116,7 +118,7 @@ long ASN1_ENUMERATED_get(ASN1_ENUMERATED *a) else if (i != V_ASN1_ENUMERATED) return -1; - if (a->length > sizeof(long)) + if (a->length > (int)sizeof(long)) { /* hmm... a bit ugly */ return(0xffffffffL); @@ -147,7 +149,7 @@ ASN1_ENUMERATED *BN_to_ASN1_ENUMERATED(BIGNUM *bn, ASN1_ENUMERATED *ai) ASN1err(ASN1_F_BN_TO_ASN1_ENUMERATED,ERR_R_NESTED_ASN1_ERROR); goto err; } - if(bn->neg) ret->type = V_ASN1_NEG_ENUMERATED; + if(BN_is_negative(bn)) ret->type = V_ASN1_NEG_ENUMERATED; else ret->type=V_ASN1_ENUMERATED; j=BN_num_bits(bn); len=((j == 0)?0:((j/8)+1)); @@ -175,6 +177,6 @@ BIGNUM *ASN1_ENUMERATED_to_BN(ASN1_ENUMERATED *ai, BIGNUM *bn) if ((ret=BN_bin2bn(ai->data,ai->length,bn)) == NULL) ASN1err(ASN1_F_ASN1_ENUMERATED_TO_BN,ASN1_R_BN_LIB); - else if(ai->type == V_ASN1_NEG_ENUMERATED) ret->neg = 1; + else if(ai->type == V_ASN1_NEG_ENUMERATED) BN_set_negative(ret,1); return(ret); } diff --git a/src/lib/libssl/src/crypto/asn1/a_gentm.c b/src/lib/libssl/src/crypto/asn1/a_gentm.c index 0dfd576211..def79062a5 100644 --- a/src/lib/libssl/src/crypto/asn1/a_gentm.c +++ b/src/lib/libssl/src/crypto/asn1/a_gentm.c @@ -181,7 +181,7 @@ err: return(0); } -int ASN1_GENERALIZEDTIME_set_string(ASN1_GENERALIZEDTIME *s, char *str) +int ASN1_GENERALIZEDTIME_set_string(ASN1_GENERALIZEDTIME *s, const char *str) { ASN1_GENERALIZEDTIME t; diff --git a/src/lib/libssl/src/crypto/asn1/a_hdr.c b/src/lib/libssl/src/crypto/asn1/a_hdr.c index b1aad81f77..d1c2a7b9e3 100644 --- a/src/lib/libssl/src/crypto/asn1/a_hdr.c +++ b/src/lib/libssl/src/crypto/asn1/a_hdr.c @@ -76,17 +76,17 @@ int i2d_ASN1_HEADER(ASN1_HEADER *a, unsigned char **pp) M_ASN1_I2D_finish(); } -ASN1_HEADER *d2i_ASN1_HEADER(ASN1_HEADER **a, unsigned char **pp, +ASN1_HEADER *d2i_ASN1_HEADER(ASN1_HEADER **a, const unsigned char **pp, long length) { M_ASN1_D2I_vars(a,ASN1_HEADER *,ASN1_HEADER_new); M_ASN1_D2I_Init(); M_ASN1_D2I_start_sequence(); - M_ASN1_D2I_get(ret->header,d2i_ASN1_OCTET_STRING); + M_ASN1_D2I_get_x(ASN1_OCTET_STRING,ret->header,d2i_ASN1_OCTET_STRING); if (ret->meth != NULL) { - M_ASN1_D2I_get(ret->data,ret->meth->d2i); + M_ASN1_D2I_get_x(void,ret->data,ret->meth->d2i); } else { diff --git a/src/lib/libssl/src/crypto/asn1/a_i2d_fp.c b/src/lib/libssl/src/crypto/asn1/a_i2d_fp.c index f4f1b73ebe..a3ad76d356 100644 --- a/src/lib/libssl/src/crypto/asn1/a_i2d_fp.c +++ b/src/lib/libssl/src/crypto/asn1/a_i2d_fp.c @@ -64,7 +64,7 @@ #ifndef NO_OLD_ASN1 #ifndef OPENSSL_NO_FP_API -int ASN1_i2d_fp(int (*i2d)(), FILE *out, unsigned char *x) +int ASN1_i2d_fp(i2d_of_void *i2d, FILE *out, void *x) { BIO *b; int ret; @@ -81,7 +81,7 @@ int ASN1_i2d_fp(int (*i2d)(), FILE *out, unsigned char *x) } #endif -int ASN1_i2d_bio(int (*i2d)(), BIO *out, unsigned char *x) +int ASN1_i2d_bio(i2d_of_void *i2d, BIO *out, unsigned char *x) { char *b; unsigned char *p; @@ -124,7 +124,7 @@ int ASN1_item_i2d_fp(const ASN1_ITEM *it, FILE *out, void *x) if ((b=BIO_new(BIO_s_file())) == NULL) { - ASN1err(ASN1_F_ASN1_I2D_FP,ERR_R_BUF_LIB); + ASN1err(ASN1_F_ASN1_ITEM_I2D_FP,ERR_R_BUF_LIB); return(0); } BIO_set_fp(b,out,BIO_NOCLOSE); @@ -142,7 +142,7 @@ int ASN1_item_i2d_bio(const ASN1_ITEM *it, BIO *out, void *x) n = ASN1_item_i2d(x, &b, it); if (b == NULL) { - ASN1err(ASN1_F_ASN1_I2D_BIO,ERR_R_MALLOC_FAILURE); + ASN1err(ASN1_F_ASN1_ITEM_I2D_BIO,ERR_R_MALLOC_FAILURE); return(0); } diff --git a/src/lib/libssl/src/crypto/asn1/a_int.c b/src/lib/libssl/src/crypto/asn1/a_int.c index 21cc64bb23..f8d198efb1 100644 --- a/src/lib/libssl/src/crypto/asn1/a_int.c +++ b/src/lib/libssl/src/crypto/asn1/a_int.c @@ -59,6 +59,7 @@ #include #include "cryptlib.h" #include +#include ASN1_INTEGER *ASN1_INTEGER_dup(ASN1_INTEGER *x) { return M_ASN1_INTEGER_dup(x);} @@ -174,11 +175,12 @@ int i2c_ASN1_INTEGER(ASN1_INTEGER *a, unsigned char **pp) /* Convert just ASN1 INTEGER content octets to ASN1_INTEGER structure */ -ASN1_INTEGER *c2i_ASN1_INTEGER(ASN1_INTEGER **a, unsigned char **pp, +ASN1_INTEGER *c2i_ASN1_INTEGER(ASN1_INTEGER **a, const unsigned char **pp, long len) { ASN1_INTEGER *ret=NULL; - unsigned char *p,*to,*s, *pend; + const unsigned char *p, *pend; + unsigned char *to,*s; int i; if ((a == NULL) || ((*a) == NULL)) @@ -254,7 +256,7 @@ ASN1_INTEGER *c2i_ASN1_INTEGER(ASN1_INTEGER **a, unsigned char **pp, *pp=pend; return(ret); err: - ASN1err(ASN1_F_D2I_ASN1_INTEGER,i); + ASN1err(ASN1_F_C2I_ASN1_INTEGER,i); if ((ret != NULL) && ((a == NULL) || (*a != ret))) M_ASN1_INTEGER_free(ret); return(NULL); @@ -266,11 +268,12 @@ err: * with its MSB set as negative (it doesn't add a padding zero). */ -ASN1_INTEGER *d2i_ASN1_UINTEGER(ASN1_INTEGER **a, unsigned char **pp, +ASN1_INTEGER *d2i_ASN1_UINTEGER(ASN1_INTEGER **a, const unsigned char **pp, long length) { ASN1_INTEGER *ret=NULL; - unsigned char *p,*to,*s; + const unsigned char *p; + unsigned char *to,*s; long len; int inf,tag,xclass; int i; @@ -332,12 +335,13 @@ err: int ASN1_INTEGER_set(ASN1_INTEGER *a, long v) { - int i,j,k; + int j,k; + unsigned int i; unsigned char buf[sizeof(long)+1]; long d; a->type=V_ASN1_INTEGER; - if (a->length < (sizeof(long)+1)) + if (a->length < (int)(sizeof(long)+1)) { if (a->data != NULL) OPENSSL_free(a->data); @@ -381,7 +385,7 @@ long ASN1_INTEGER_get(ASN1_INTEGER *a) else if (i != V_ASN1_INTEGER) return -1; - if (a->length > sizeof(long)) + if (a->length > (int)sizeof(long)) { /* hmm... a bit ugly */ return(0xffffffffL); @@ -412,7 +416,8 @@ ASN1_INTEGER *BN_to_ASN1_INTEGER(BIGNUM *bn, ASN1_INTEGER *ai) ASN1err(ASN1_F_BN_TO_ASN1_INTEGER,ERR_R_NESTED_ASN1_ERROR); goto err; } - if(bn->neg) ret->type = V_ASN1_NEG_INTEGER; + if (BN_is_negative(bn)) + ret->type = V_ASN1_NEG_INTEGER; else ret->type=V_ASN1_INTEGER; j=BN_num_bits(bn); len=((j == 0)?0:((j/8)+1)); @@ -445,7 +450,8 @@ BIGNUM *ASN1_INTEGER_to_BN(ASN1_INTEGER *ai, BIGNUM *bn) if ((ret=BN_bin2bn(ai->data,ai->length,bn)) == NULL) ASN1err(ASN1_F_ASN1_INTEGER_TO_BN,ASN1_R_BN_LIB); - else if(ai->type == V_ASN1_NEG_INTEGER) ret->neg = 1; + else if(ai->type == V_ASN1_NEG_INTEGER) + BN_set_negative(ret, 1); return(ret); } diff --git a/src/lib/libssl/src/crypto/asn1/a_mbstr.c b/src/lib/libssl/src/crypto/asn1/a_mbstr.c index 208b3ec395..2d4800a22a 100644 --- a/src/lib/libssl/src/crypto/asn1/a_mbstr.c +++ b/src/lib/libssl/src/crypto/asn1/a_mbstr.c @@ -107,7 +107,7 @@ int ASN1_mbstring_ncopy(ASN1_STRING **out, const unsigned char *in, int len, case MBSTRING_BMP: if(len & 1) { - ASN1err(ASN1_F_ASN1_MBSTRING_COPY, + ASN1err(ASN1_F_ASN1_MBSTRING_NCOPY, ASN1_R_INVALID_BMPSTRING_LENGTH); return -1; } @@ -116,7 +116,7 @@ int ASN1_mbstring_ncopy(ASN1_STRING **out, const unsigned char *in, int len, case MBSTRING_UNIV: if(len & 3) { - ASN1err(ASN1_F_ASN1_MBSTRING_COPY, + ASN1err(ASN1_F_ASN1_MBSTRING_NCOPY, ASN1_R_INVALID_UNIVERSALSTRING_LENGTH); return -1; } @@ -128,7 +128,7 @@ int ASN1_mbstring_ncopy(ASN1_STRING **out, const unsigned char *in, int len, /* This counts the characters and does utf8 syntax checking */ ret = traverse_string(in, len, MBSTRING_UTF8, in_utf8, &nchar); if(ret < 0) { - ASN1err(ASN1_F_ASN1_MBSTRING_COPY, + ASN1err(ASN1_F_ASN1_MBSTRING_NCOPY, ASN1_R_INVALID_UTF8STRING); return -1; } @@ -139,19 +139,19 @@ int ASN1_mbstring_ncopy(ASN1_STRING **out, const unsigned char *in, int len, break; default: - ASN1err(ASN1_F_ASN1_MBSTRING_COPY, ASN1_R_UNKNOWN_FORMAT); + ASN1err(ASN1_F_ASN1_MBSTRING_NCOPY, ASN1_R_UNKNOWN_FORMAT); return -1; } if((minsize > 0) && (nchar < minsize)) { - ASN1err(ASN1_F_ASN1_MBSTRING_COPY, ASN1_R_STRING_TOO_SHORT); + ASN1err(ASN1_F_ASN1_MBSTRING_NCOPY, ASN1_R_STRING_TOO_SHORT); BIO_snprintf(strbuf, sizeof strbuf, "%ld", minsize); ERR_add_error_data(2, "minsize=", strbuf); return -1; } if((maxsize > 0) && (nchar > maxsize)) { - ASN1err(ASN1_F_ASN1_MBSTRING_COPY, ASN1_R_STRING_TOO_LONG); + ASN1err(ASN1_F_ASN1_MBSTRING_NCOPY, ASN1_R_STRING_TOO_LONG); BIO_snprintf(strbuf, sizeof strbuf, "%ld", maxsize); ERR_add_error_data(2, "maxsize=", strbuf); return -1; @@ -159,7 +159,7 @@ int ASN1_mbstring_ncopy(ASN1_STRING **out, const unsigned char *in, int len, /* Now work out minimal type (if any) */ if(traverse_string(in, len, inform, type_str, &mask) < 0) { - ASN1err(ASN1_F_ASN1_MBSTRING_COPY, ASN1_R_ILLEGAL_CHARACTERS); + ASN1err(ASN1_F_ASN1_MBSTRING_NCOPY, ASN1_R_ILLEGAL_CHARACTERS); return -1; } @@ -193,7 +193,7 @@ int ASN1_mbstring_ncopy(ASN1_STRING **out, const unsigned char *in, int len, free_out = 1; dest = ASN1_STRING_type_new(str_type); if(!dest) { - ASN1err(ASN1_F_ASN1_MBSTRING_COPY, + ASN1err(ASN1_F_ASN1_MBSTRING_NCOPY, ERR_R_MALLOC_FAILURE); return -1; } @@ -202,7 +202,7 @@ int ASN1_mbstring_ncopy(ASN1_STRING **out, const unsigned char *in, int len, /* If both the same type just copy across */ if(inform == outform) { if(!ASN1_STRING_set(dest, in, len)) { - ASN1err(ASN1_F_ASN1_MBSTRING_COPY,ERR_R_MALLOC_FAILURE); + ASN1err(ASN1_F_ASN1_MBSTRING_NCOPY,ERR_R_MALLOC_FAILURE); return -1; } return str_type; @@ -233,7 +233,7 @@ int ASN1_mbstring_ncopy(ASN1_STRING **out, const unsigned char *in, int len, } if(!(p = OPENSSL_malloc(outlen + 1))) { if(free_out) ASN1_STRING_free(dest); - ASN1err(ASN1_F_ASN1_MBSTRING_COPY,ERR_R_MALLOC_FAILURE); + ASN1err(ASN1_F_ASN1_MBSTRING_NCOPY,ERR_R_MALLOC_FAILURE); return -1; } dest->length = outlen; diff --git a/src/lib/libssl/src/crypto/asn1/a_meth.c b/src/lib/libssl/src/crypto/asn1/a_meth.c index 63158e9cab..50bea917e3 100644 --- a/src/lib/libssl/src/crypto/asn1/a_meth.c +++ b/src/lib/libssl/src/crypto/asn1/a_meth.c @@ -62,16 +62,16 @@ #include static ASN1_METHOD ia5string_meth={ - (int (*)()) i2d_ASN1_IA5STRING, - (char *(*)()) d2i_ASN1_IA5STRING, - (char *(*)()) ASN1_STRING_new, - (void (*)()) ASN1_STRING_free}; + (I2D_OF(void)) i2d_ASN1_IA5STRING, + (D2I_OF(void)) d2i_ASN1_IA5STRING, + (void *(*)(void))ASN1_STRING_new, + (void (*)(void *))ASN1_STRING_free}; static ASN1_METHOD bit_string_meth={ - (int (*)()) i2d_ASN1_BIT_STRING, - (char *(*)()) d2i_ASN1_BIT_STRING, - (char *(*)()) ASN1_STRING_new, - (void (*)()) ASN1_STRING_free}; + (I2D_OF(void)) i2d_ASN1_BIT_STRING, + (D2I_OF(void)) d2i_ASN1_BIT_STRING, + (void *(*)(void))ASN1_STRING_new, + (void (*)(void *))ASN1_STRING_free}; ASN1_METHOD *ASN1_IA5STRING_asn1_meth(void) { diff --git a/src/lib/libssl/src/crypto/asn1/a_object.c b/src/lib/libssl/src/crypto/asn1/a_object.c index 0a8e6c287c..dc980421d0 100644 --- a/src/lib/libssl/src/crypto/asn1/a_object.c +++ b/src/lib/libssl/src/crypto/asn1/a_object.c @@ -57,10 +57,12 @@ */ #include +#include #include "cryptlib.h" #include #include #include +#include int i2d_ASN1_OBJECT(ASN1_OBJECT *a, unsigned char **pp) { @@ -83,10 +85,12 @@ int i2d_ASN1_OBJECT(ASN1_OBJECT *a, unsigned char **pp) int a2d_ASN1_OBJECT(unsigned char *out, int olen, const char *buf, int num) { - int i,first,len=0,c; - char tmp[24]; + int i,first,len=0,c, use_bn; + char ftmp[24], *tmp = ftmp; + int tmpsize = sizeof ftmp; const char *p; unsigned long l; + BIGNUM *bl = NULL; if (num == 0) return(0); @@ -98,7 +102,7 @@ int a2d_ASN1_OBJECT(unsigned char *out, int olen, const char *buf, int num) num--; if ((c >= '0') && (c <= '2')) { - first=(c-'0')*40; + first= c-'0'; } else { @@ -122,6 +126,7 @@ int a2d_ASN1_OBJECT(unsigned char *out, int olen, const char *buf, int num) goto err; } l=0; + use_bn = 0; for (;;) { if (num <= 0) break; @@ -134,7 +139,22 @@ int a2d_ASN1_OBJECT(unsigned char *out, int olen, const char *buf, int num) ASN1err(ASN1_F_A2D_ASN1_OBJECT,ASN1_R_INVALID_DIGIT); goto err; } - l=l*10L+(long)(c-'0'); + if (!use_bn && l > (ULONG_MAX / 10L)) + { + use_bn = 1; + if (!bl) + bl = BN_new(); + if (!bl || !BN_set_word(bl, l)) + goto err; + } + if (use_bn) + { + if (!BN_mul_word(bl, 10L) + || !BN_add_word(bl, c-'0')) + goto err; + } + else + l=l*10L+(long)(c-'0'); } if (len == 0) { @@ -143,14 +163,42 @@ int a2d_ASN1_OBJECT(unsigned char *out, int olen, const char *buf, int num) ASN1err(ASN1_F_A2D_ASN1_OBJECT,ASN1_R_SECOND_NUMBER_TOO_LARGE); goto err; } - l+=(long)first; + if (use_bn) + { + if (!BN_add_word(bl, first * 40)) + goto err; + } + else + l+=(long)first*40; } i=0; - for (;;) + if (use_bn) + { + int blsize; + blsize = BN_num_bits(bl); + blsize = (blsize + 6)/7; + if (blsize > tmpsize) + { + if (tmp != ftmp) + OPENSSL_free(tmp); + tmpsize = blsize + 32; + tmp = OPENSSL_malloc(tmpsize); + if (!tmp) + goto err; + } + while(blsize--) + tmp[i++] = (unsigned char)BN_div_word(bl, 0x80L); + } + else { - tmp[i++]=(unsigned char)l&0x7f; - l>>=7L; - if (l == 0L) break; + + for (;;) + { + tmp[i++]=(unsigned char)l&0x7f; + l>>=7L; + if (l == 0L) break; + } + } if (out != NULL) { @@ -166,8 +214,16 @@ int a2d_ASN1_OBJECT(unsigned char *out, int olen, const char *buf, int num) else len+=i; } + if (tmp != ftmp) + OPENSSL_free(tmp); + if (bl) + BN_free(bl); return(len); err: + if (tmp != ftmp) + OPENSSL_free(tmp); + if (bl) + BN_free(bl); return(0); } @@ -178,21 +234,31 @@ int i2t_ASN1_OBJECT(char *buf, int buf_len, ASN1_OBJECT *a) int i2a_ASN1_OBJECT(BIO *bp, ASN1_OBJECT *a) { - char buf[80]; + char buf[80], *p = buf; int i; if ((a == NULL) || (a->data == NULL)) return(BIO_write(bp,"NULL",4)); i=i2t_ASN1_OBJECT(buf,sizeof buf,a); - if (i > sizeof buf) i=sizeof buf; - BIO_write(bp,buf,i); + if (i > (int)(sizeof(buf) - 1)) + { + p = OPENSSL_malloc(i + 1); + if (!p) + return -1; + i2t_ASN1_OBJECT(p,i + 1,a); + } + if (i <= 0) + return BIO_write(bp, "", 9); + BIO_write(bp,p,i); + if (p != buf) + OPENSSL_free(p); return(i); } -ASN1_OBJECT *d2i_ASN1_OBJECT(ASN1_OBJECT **a, unsigned char **pp, +ASN1_OBJECT *d2i_ASN1_OBJECT(ASN1_OBJECT **a, const unsigned char **pp, long length) { - unsigned char *p; + const unsigned char *p; long len; int tag,xclass; int inf,i; @@ -219,11 +285,11 @@ err: ASN1_OBJECT_free(ret); return(NULL); } -ASN1_OBJECT *c2i_ASN1_OBJECT(ASN1_OBJECT **a, unsigned char **pp, +ASN1_OBJECT *c2i_ASN1_OBJECT(ASN1_OBJECT **a, const unsigned char **pp, long len) { ASN1_OBJECT *ret=NULL; - unsigned char *p; + const unsigned char *p; int i; /* only the ASN1_OBJECTs from the 'table' will have values @@ -255,7 +321,7 @@ ASN1_OBJECT *c2i_ASN1_OBJECT(ASN1_OBJECT **a, unsigned char **pp, *pp=p; return(ret); err: - ASN1err(ASN1_F_D2I_ASN1_OBJECT,i); + ASN1err(ASN1_F_C2I_ASN1_OBJECT,i); if ((ret != NULL) && ((a == NULL) || (*a != ret))) ASN1_OBJECT_free(ret); return(NULL); diff --git a/src/lib/libssl/src/crypto/asn1/a_octet.c b/src/lib/libssl/src/crypto/asn1/a_octet.c index 9690bae0f1..24fd0f8e5a 100644 --- a/src/lib/libssl/src/crypto/asn1/a_octet.c +++ b/src/lib/libssl/src/crypto/asn1/a_octet.c @@ -66,6 +66,6 @@ ASN1_OCTET_STRING *ASN1_OCTET_STRING_dup(ASN1_OCTET_STRING *x) int ASN1_OCTET_STRING_cmp(ASN1_OCTET_STRING *a, ASN1_OCTET_STRING *b) { return M_ASN1_OCTET_STRING_cmp(a, b); } -int ASN1_OCTET_STRING_set(ASN1_OCTET_STRING *x, unsigned char *d, int len) +int ASN1_OCTET_STRING_set(ASN1_OCTET_STRING *x, const unsigned char *d, int len) { return M_ASN1_OCTET_STRING_set(x, d, len); } diff --git a/src/lib/libssl/src/crypto/asn1/a_set.c b/src/lib/libssl/src/crypto/asn1/a_set.c index e24061c545..958558c204 100644 --- a/src/lib/libssl/src/crypto/asn1/a_set.c +++ b/src/lib/libssl/src/crypto/asn1/a_set.c @@ -85,8 +85,8 @@ static int SetBlobCmp(const void *elem1, const void *elem2 ) } /* int is_set: if TRUE, then sort the contents (i.e. it isn't a SEQUENCE) */ -int i2d_ASN1_SET(STACK *a, unsigned char **pp, int (*func)(), int ex_tag, - int ex_class, int is_set) +int i2d_ASN1_SET(STACK *a, unsigned char **pp, i2d_of_void *i2d, int ex_tag, + int ex_class, int is_set) { int ret=0,r; int i; @@ -97,7 +97,7 @@ int i2d_ASN1_SET(STACK *a, unsigned char **pp, int (*func)(), int ex_tag, if (a == NULL) return(0); for (i=sk_num(a)-1; i>=0; i--) - ret+=func(sk_value(a,i),NULL); + ret+=i2d(sk_value(a,i),NULL); r=ASN1_object_size(1,ret,ex_tag); if (pp == NULL) return(r); @@ -111,7 +111,7 @@ int i2d_ASN1_SET(STACK *a, unsigned char **pp, int (*func)(), int ex_tag, if(!is_set || (sk_num(a) < 2)) { for (i=0; ipkey_type == NID_dsaWithSHA1) + if (type->pkey_type == NID_dsaWithSHA1 || + type->pkey_type == NID_ecdsa_with_SHA1) { - /* special case: RFC 2459 tells us to omit 'parameters' - * with id-dsa-with-sha1 */ + /* special case: RFC 3279 tells us to omit 'parameters' + * with id-dsa-with-sha1 and ecdsa-with-SHA1 */ ASN1_TYPE_free(a->parameter); a->parameter = NULL; } @@ -247,12 +248,12 @@ int ASN1_item_sign(const ASN1_ITEM *it, X509_ALGOR *algor1, X509_ALGOR *algor2, a->algorithm=OBJ_nid2obj(type->pkey_type); if (a->algorithm == NULL) { - ASN1err(ASN1_F_ASN1_SIGN,ASN1_R_UNKNOWN_OBJECT_TYPE); + ASN1err(ASN1_F_ASN1_ITEM_SIGN,ASN1_R_UNKNOWN_OBJECT_TYPE); goto err; } if (a->algorithm->length == 0) { - ASN1err(ASN1_F_ASN1_SIGN,ASN1_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD); + ASN1err(ASN1_F_ASN1_ITEM_SIGN,ASN1_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD); goto err; } } @@ -262,7 +263,7 @@ int ASN1_item_sign(const ASN1_ITEM *it, X509_ALGOR *algor1, X509_ALGOR *algor2, if ((buf_in == NULL) || (buf_out == NULL)) { outl=0; - ASN1err(ASN1_F_ASN1_SIGN,ERR_R_MALLOC_FAILURE); + ASN1err(ASN1_F_ASN1_ITEM_SIGN,ERR_R_MALLOC_FAILURE); goto err; } @@ -272,7 +273,7 @@ int ASN1_item_sign(const ASN1_ITEM *it, X509_ALGOR *algor1, X509_ALGOR *algor2, (unsigned int *)&outl,pkey)) { outl=0; - ASN1err(ASN1_F_ASN1_SIGN,ERR_R_EVP_LIB); + ASN1err(ASN1_F_ASN1_ITEM_SIGN,ERR_R_EVP_LIB); goto err; } if (signature->data != NULL) OPENSSL_free(signature->data); diff --git a/src/lib/libssl/src/crypto/asn1/a_strex.c b/src/lib/libssl/src/crypto/asn1/a_strex.c index a07122ba47..c2dbb6f9a5 100644 --- a/src/lib/libssl/src/crypto/asn1/a_strex.c +++ b/src/lib/libssl/src/crypto/asn1/a_strex.c @@ -3,7 +3,7 @@ * project 2000. */ /* ==================================================================== - * Copyright (c) 2000-2004 The OpenSSL Project. All rights reserved. + * Copyright (c) 2000 The OpenSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -58,12 +58,12 @@ #include #include +#include "cryptlib.h" #include #include #include #include "charmap.h" -#include "cryptlib.h" /* ASN1_STRING_print_ex() and X509_NAME_print_ex(). * Enhanced string and name printing routines handling @@ -170,7 +170,7 @@ static int do_buf(unsigned char *buf, int buflen, q = buf + buflen; outlen = 0; while(p != q) { - if(p == buf) orflags = CHARTYPE_FIRST_ESC_2253; + if(p == buf && flags & ASN1_STRFLGS_ESC_2253) orflags = CHARTYPE_FIRST_ESC_2253; else orflags = 0; switch(type & BUF_TYPE_WIDTH_MASK) { case 4: @@ -194,8 +194,10 @@ static int do_buf(unsigned char *buf, int buflen, if(i < 0) return -1; /* Invalid UTF8String */ p += i; break; + default: + return -1; /* invalid width */ } - if (p == q) orflags = CHARTYPE_LAST_ESC_2253; + if (p == q && flags & ASN1_STRFLGS_ESC_2253) orflags = CHARTYPE_LAST_ESC_2253; if(type & BUF_TYPE_CONVUTF8) { unsigned char utfbuf[6]; int utflen; @@ -223,7 +225,7 @@ static int do_buf(unsigned char *buf, int buflen, static int do_hex_dump(char_io *io_ch, void *arg, unsigned char *buf, int buflen) { - const static char hexdig[] = "0123456789ABCDEF"; + static const char hexdig[] = "0123456789ABCDEF"; unsigned char *p, *q; char hextmp[2]; if(arg) { @@ -279,7 +281,7 @@ static int do_dump(unsigned long lflags, char_io *io_ch, void *arg, ASN1_STRING * otherwise it is the number of bytes per character */ -const static signed char tag2nbyte[] = { +static const signed char tag2nbyte[] = { -1, -1, -1, -1, -1, /* 0-4 */ -1, -1, -1, -1, -1, /* 5-9 */ -1, -1, 0, -1, /* 10-13 */ @@ -356,12 +358,13 @@ static int do_print_ex(char_io *io_ch, void *arg, unsigned long lflags, ASN1_STR } len = do_buf(str->data, str->length, type, flags, "es, io_ch, NULL); - if(outlen < 0) return -1; + if(len < 0) return -1; outlen += len; if(quotes) outlen += 2; if(!arg) return outlen; if(quotes && !io_ch(arg, "\"", 1)) return -1; - do_buf(str->data, str->length, type, flags, NULL, io_ch, arg); + if(do_buf(str->data, str->length, type, flags, NULL, io_ch, arg) < 0) + return -1; if(quotes && !io_ch(arg, "\"", 1)) return -1; return outlen; } @@ -513,7 +516,7 @@ int X509_NAME_print_ex(BIO *out, X509_NAME *nm, int indent, unsigned long flags) return do_name_ex(send_bio_chars, out, nm, indent, flags); } - +#ifndef OPENSSL_NO_FP_API int X509_NAME_print_ex_fp(FILE *fp, X509_NAME *nm, int indent, unsigned long flags) { if(flags == XN_FLAG_COMPAT) @@ -528,17 +531,19 @@ int X509_NAME_print_ex_fp(FILE *fp, X509_NAME *nm, int indent, unsigned long fla } return do_name_ex(send_fp_chars, fp, nm, indent, flags); } +#endif int ASN1_STRING_print_ex(BIO *out, ASN1_STRING *str, unsigned long flags) { return do_print_ex(send_bio_chars, out, flags, str); } - +#ifndef OPENSSL_NO_FP_API int ASN1_STRING_print_ex_fp(FILE *fp, ASN1_STRING *str, unsigned long flags) { return do_print_ex(send_fp_chars, fp, flags, str); } +#endif /* Utility function: convert any string type to UTF8, returns number of bytes * in output string or a negative error code @@ -553,12 +558,7 @@ int ASN1_STRING_to_UTF8(unsigned char **out, ASN1_STRING *in) if((type < 0) || (type > 30)) return -1; mbflag = tag2nbyte[type]; if(mbflag == -1) return -1; - if (mbflag == 0) - mbflag = MBSTRING_UTF8; - else if (mbflag == 4) - mbflag = MBSTRING_UNIV; - else - mbflag |= MBSTRING_FLAG; + mbflag |= MBSTRING_FLAG; stmp.data = NULL; ret = ASN1_mbstring_copy(&str, in->data, in->length, mbflag, B_ASN1_UTF8STRING); if(ret < 0) return ret; diff --git a/src/lib/libssl/src/crypto/asn1/a_type.c b/src/lib/libssl/src/crypto/asn1/a_type.c index 2292d49b93..36beceacdb 100644 --- a/src/lib/libssl/src/crypto/asn1/a_type.c +++ b/src/lib/libssl/src/crypto/asn1/a_type.c @@ -57,8 +57,9 @@ */ #include -#include #include "cryptlib.h" +#include +#include int ASN1_TYPE_get(ASN1_TYPE *a) { @@ -79,6 +80,31 @@ void ASN1_TYPE_set(ASN1_TYPE *a, int type, void *value) a->value.ptr=value; } +int ASN1_TYPE_set1(ASN1_TYPE *a, int type, const void *value) + { + if (!value || (type == V_ASN1_BOOLEAN)) + { + void *p = (void *)value; + ASN1_TYPE_set(a, type, p); + } + else if (type == V_ASN1_OBJECT) + { + ASN1_OBJECT *odup; + odup = OBJ_dup(value); + if (!odup) + return 0; + ASN1_TYPE_set(a, type, odup); + } + else + { + ASN1_STRING *sdup; + sdup = ASN1_STRING_dup((ASN1_STRING *)value); + if (!sdup) + return 0; + ASN1_TYPE_set(a, type, sdup); + } + return 1; + } IMPLEMENT_STACK_OF(ASN1_TYPE) IMPLEMENT_ASN1_SET_OF(ASN1_TYPE) diff --git a/src/lib/libssl/src/crypto/asn1/a_utctm.c b/src/lib/libssl/src/crypto/asn1/a_utctm.c index 7b25fed331..d31c028193 100644 --- a/src/lib/libssl/src/crypto/asn1/a_utctm.c +++ b/src/lib/libssl/src/crypto/asn1/a_utctm.c @@ -162,7 +162,7 @@ err: return(0); } -int ASN1_UTCTIME_set_string(ASN1_UTCTIME *s, char *str) +int ASN1_UTCTIME_set_string(ASN1_UTCTIME *s, const char *str) { ASN1_UTCTIME t; diff --git a/src/lib/libssl/src/crypto/asn1/a_verify.c b/src/lib/libssl/src/crypto/asn1/a_verify.c index 18ef0acf00..fdce6e4380 100644 --- a/src/lib/libssl/src/crypto/asn1/a_verify.c +++ b/src/lib/libssl/src/crypto/asn1/a_verify.c @@ -73,8 +73,8 @@ #ifndef NO_ASN1_OLD -int ASN1_verify(int (*i2d)(), X509_ALGOR *a, ASN1_BIT_STRING *signature, - char *data, EVP_PKEY *pkey) +int ASN1_verify(i2d_of_void *i2d, X509_ALGOR *a, ASN1_BIT_STRING *signature, + char *data, EVP_PKEY *pkey) { EVP_MD_CTX ctx; const EVP_MD *type; @@ -138,13 +138,13 @@ int ASN1_item_verify(const ASN1_ITEM *it, X509_ALGOR *a, ASN1_BIT_STRING *signat type=EVP_get_digestbyname(OBJ_nid2sn(i)); if (type == NULL) { - ASN1err(ASN1_F_ASN1_VERIFY,ASN1_R_UNKNOWN_MESSAGE_DIGEST_ALGORITHM); + ASN1err(ASN1_F_ASN1_ITEM_VERIFY,ASN1_R_UNKNOWN_MESSAGE_DIGEST_ALGORITHM); goto err; } if (!EVP_VerifyInit_ex(&ctx,type, NULL)) { - ASN1err(ASN1_F_ASN1_VERIFY,ERR_R_EVP_LIB); + ASN1err(ASN1_F_ASN1_ITEM_VERIFY,ERR_R_EVP_LIB); ret=0; goto err; } @@ -153,7 +153,7 @@ int ASN1_item_verify(const ASN1_ITEM *it, X509_ALGOR *a, ASN1_BIT_STRING *signat if (buf_in == NULL) { - ASN1err(ASN1_F_ASN1_VERIFY,ERR_R_MALLOC_FAILURE); + ASN1err(ASN1_F_ASN1_ITEM_VERIFY,ERR_R_MALLOC_FAILURE); goto err; } @@ -165,7 +165,7 @@ int ASN1_item_verify(const ASN1_ITEM *it, X509_ALGOR *a, ASN1_BIT_STRING *signat if (EVP_VerifyFinal(&ctx,(unsigned char *)signature->data, (unsigned int)signature->length,pkey) <= 0) { - ASN1err(ASN1_F_ASN1_VERIFY,ERR_R_EVP_LIB); + ASN1err(ASN1_F_ASN1_ITEM_VERIFY,ERR_R_EVP_LIB); ret=0; goto err; } diff --git a/src/lib/libssl/src/crypto/asn1/asn1.h b/src/lib/libssl/src/crypto/asn1/asn1.h index 0184b475a7..424cd348bb 100644 --- a/src/lib/libssl/src/crypto/asn1/asn1.h +++ b/src/lib/libssl/src/crypto/asn1/asn1.h @@ -60,17 +60,19 @@ #define HEADER_ASN1_H #include +#include #ifndef OPENSSL_NO_BIO #include #endif -#include -#include #include #include #include #include +#ifndef OPENSSL_NO_DEPRECATED +#include +#endif #ifdef OPENSSL_BUILD_SHLIBCRYPTO # undef OPENSSL_EXTERN @@ -147,19 +149,29 @@ extern "C" { #define B_ASN1_UTF8STRING 0x2000 #define B_ASN1_UTCTIME 0x4000 #define B_ASN1_GENERALIZEDTIME 0x8000 +#define B_ASN1_SEQUENCE 0x10000 /* For use with ASN1_mbstring_copy() */ #define MBSTRING_FLAG 0x1000 +#define MBSTRING_UTF8 (MBSTRING_FLAG) #define MBSTRING_ASC (MBSTRING_FLAG|1) #define MBSTRING_BMP (MBSTRING_FLAG|2) -#define MBSTRING_UNIV (MBSTRING_FLAG|3) -#define MBSTRING_UTF8 (MBSTRING_FLAG|4) +#define MBSTRING_UNIV (MBSTRING_FLAG|4) + +#define SMIME_OLDMIME 0x400 +#define SMIME_CRLFEOL 0x800 +#define SMIME_STREAM 0x1000 struct X509_algor_st; +DECLARE_STACK_OF(X509_ALGOR) #define DECLARE_ASN1_SET_OF(type) /* filled in by mkstack.pl */ #define IMPLEMENT_ASN1_SET_OF(type) /* nothing, no longer needed */ +/* We MUST make sure that, except for constness, asn1_ctx_st and + asn1_const_ctx are exactly the same. Fortunately, as soon as + the old ASN1 parsing macros are gone, we can throw this away + as well... */ typedef struct asn1_ctx_st { unsigned char *p;/* work char pointer */ @@ -175,6 +187,21 @@ typedef struct asn1_ctx_st int line; /* used in error processing */ } ASN1_CTX; +typedef struct asn1_const_ctx_st + { + const unsigned char *p;/* work char pointer */ + int eos; /* end of sequence read for indefinite encoding */ + int error; /* error code to use when returning an error */ + int inf; /* constructed if 0x20, indefinite is 0x21 */ + int tag; /* tag from last 'get object' */ + int xclass; /* class from last 'get object' */ + long slen; /* length of last 'get object' */ + const unsigned char *max; /* largest value of p allowed */ + const unsigned char *q;/* temporary variable */ + const unsigned char **pp;/* variable */ + int line; /* used in error processing */ + } ASN1_const_CTX; + /* These are used internally in the ASN1_OBJECT to keep track of * whether the names and data need to be free()ed */ #define ASN1_OBJECT_FLAG_DYNAMIC 0x01 /* internal use */ @@ -191,6 +218,18 @@ typedef struct asn1_object_st } ASN1_OBJECT; #define ASN1_STRING_FLAG_BITS_LEFT 0x08 /* Set if 0x07 has bits left value */ +/* This indicates that the ASN1_STRING is not a real value but just a place + * holder for the location where indefinite length constructed data should + * be inserted in the memory buffer + */ +#define ASN1_STRING_FLAG_NDEF 0x010 + +/* This flag is used by the CMS code to indicate that a string is not + * complete and is a place holder for content when it had all been + * accessed. The flag will be reset when content has been written to it. + */ +#define ASN1_STRING_FLAG_CONT 0x020 + /* This is the base type that holds just about everything :-) */ typedef struct asn1_string_st { @@ -259,18 +298,19 @@ typedef struct ASN1_VALUE_st ASN1_VALUE; #define DECLARE_ASN1_FUNCTIONS(type) DECLARE_ASN1_FUNCTIONS_name(type, type) +#define DECLARE_ASN1_ALLOC_FUNCTIONS(type) \ + DECLARE_ASN1_ALLOC_FUNCTIONS_name(type, type) + #define DECLARE_ASN1_FUNCTIONS_name(type, name) \ - type *name##_new(void); \ - void name##_free(type *a); \ + DECLARE_ASN1_ALLOC_FUNCTIONS_name(type, name) \ DECLARE_ASN1_ENCODE_FUNCTIONS(type, name, name) #define DECLARE_ASN1_FUNCTIONS_fname(type, itname, name) \ - type *name##_new(void); \ - void name##_free(type *a); \ + DECLARE_ASN1_ALLOC_FUNCTIONS_name(type, name) \ DECLARE_ASN1_ENCODE_FUNCTIONS(type, itname, name) #define DECLARE_ASN1_ENCODE_FUNCTIONS(type, itname, name) \ - type *d2i_##name(type **a, unsigned char **in, long len); \ + type *d2i_##name(type **a, const unsigned char **in, long len); \ int i2d_##name(type *a, unsigned char **out); \ DECLARE_ASN1_ITEM(itname) @@ -279,10 +319,37 @@ typedef struct ASN1_VALUE_st ASN1_VALUE; int i2d_##name(const type *a, unsigned char **out); \ DECLARE_ASN1_ITEM(name) +#define DECLARE_ASN1_NDEF_FUNCTION(name) \ + int i2d_##name##_NDEF(name *a, unsigned char **out); + #define DECLARE_ASN1_FUNCTIONS_const(name) \ - name *name##_new(void); \ - void name##_free(name *a); + DECLARE_ASN1_ALLOC_FUNCTIONS(name) \ + DECLARE_ASN1_ENCODE_FUNCTIONS_const(name, name) +#define DECLARE_ASN1_ALLOC_FUNCTIONS_name(type, name) \ + type *name##_new(void); \ + void name##_free(type *a); + +#define D2I_OF(type) type *(*)(type **,const unsigned char **,long) +#define I2D_OF(type) int (*)(type *,unsigned char **) +#define I2D_OF_const(type) int (*)(const type *,unsigned char **) + +#define CHECKED_D2I_OF(type, d2i) \ + ((d2i_of_void*) (1 ? d2i : ((D2I_OF(type))0))) +#define CHECKED_I2D_OF(type, i2d) \ + ((i2d_of_void*) (1 ? i2d : ((I2D_OF(type))0))) +#define CHECKED_NEW_OF(type, xnew) \ + ((void *(*)(void)) (1 ? xnew : ((type *(*)(void))0))) +#define CHECKED_PTR_OF(type, p) \ + ((void*) (1 ? p : (type*)0)) +#define CHECKED_PPTR_OF(type, p) \ + ((void**) (1 ? p : (type**)0)) + +#define TYPEDEF_D2I_OF(type) typedef type *d2i_of_##type(type **,const unsigned char **,long) +#define TYPEDEF_I2D_OF(type) typedef int i2d_of_##type(type *,unsigned char **) +#define TYPEDEF_D2I2D_OF(type) TYPEDEF_D2I_OF(type); TYPEDEF_I2D_OF(type) + +TYPEDEF_D2I2D_OF(void); /* The following macros and typedefs allow an ASN1_ITEM * to be embedded in a structure and referenced. Since @@ -467,6 +534,7 @@ typedef struct asn1_type_st * contain the set or sequence bytes */ ASN1_STRING * set; ASN1_STRING * sequence; + ASN1_VALUE * asn1_value; } value; } ASN1_TYPE; @@ -475,17 +543,17 @@ DECLARE_ASN1_SET_OF(ASN1_TYPE) typedef struct asn1_method_st { - int (*i2d)(); - char *(*d2i)(); - char *(*create)(); - void (*destroy)(); + i2d_of_void *i2d; + d2i_of_void *d2i; + void *(*create)(void); + void (*destroy)(void *); } ASN1_METHOD; /* This is used when parsing some Netscape objects */ typedef struct asn1_header_st { ASN1_OCTET_STRING *header; - char *data; + void *data; ASN1_METHOD *meth; } ASN1_HEADER; @@ -551,6 +619,7 @@ typedef struct BIT_STRING_BITNAME_st { B_ASN1_UNIVERSALSTRING|\ B_ASN1_BMPSTRING|\ B_ASN1_UTF8STRING|\ + B_ASN1_SEQUENCE|\ B_ASN1_UNKNOWN #define B_ASN1_DIRECTORYSTRING \ @@ -696,13 +765,14 @@ DECLARE_ASN1_FUNCTIONS_fname(ASN1_TYPE, ASN1_ANY, ASN1_TYPE) int ASN1_TYPE_get(ASN1_TYPE *a); void ASN1_TYPE_set(ASN1_TYPE *a, int type, void *value); +int ASN1_TYPE_set1(ASN1_TYPE *a, int type, const void *value); ASN1_OBJECT * ASN1_OBJECT_new(void ); void ASN1_OBJECT_free(ASN1_OBJECT *a); int i2d_ASN1_OBJECT(ASN1_OBJECT *a,unsigned char **pp); -ASN1_OBJECT * c2i_ASN1_OBJECT(ASN1_OBJECT **a,unsigned char **pp, +ASN1_OBJECT * c2i_ASN1_OBJECT(ASN1_OBJECT **a,const unsigned char **pp, long length); -ASN1_OBJECT * d2i_ASN1_OBJECT(ASN1_OBJECT **a,unsigned char **pp, +ASN1_OBJECT * d2i_ASN1_OBJECT(ASN1_OBJECT **a,const unsigned char **pp, long length); DECLARE_ASN1_ITEM(ASN1_OBJECT) @@ -718,6 +788,7 @@ int ASN1_STRING_cmp(ASN1_STRING *a, ASN1_STRING *b); /* Since this is used to store all sorts of things, via macros, for now, make its data void * */ int ASN1_STRING_set(ASN1_STRING *str, const void *data, int len); +void ASN1_STRING_set0(ASN1_STRING *str, void *data, int len); int ASN1_STRING_length(ASN1_STRING *x); void ASN1_STRING_length_set(ASN1_STRING *x, int n); int ASN1_STRING_type(ASN1_STRING *x); @@ -725,7 +796,7 @@ unsigned char * ASN1_STRING_data(ASN1_STRING *x); DECLARE_ASN1_FUNCTIONS(ASN1_BIT_STRING) int i2c_ASN1_BIT_STRING(ASN1_BIT_STRING *a,unsigned char **pp); -ASN1_BIT_STRING *c2i_ASN1_BIT_STRING(ASN1_BIT_STRING **a,unsigned char **pp, +ASN1_BIT_STRING *c2i_ASN1_BIT_STRING(ASN1_BIT_STRING **a,const unsigned char **pp, long length); int ASN1_BIT_STRING_set(ASN1_BIT_STRING *a, unsigned char *d, int length ); @@ -741,13 +812,13 @@ int ASN1_BIT_STRING_set_asc(ASN1_BIT_STRING *bs, char *name, int value, BIT_STRING_BITNAME *tbl); int i2d_ASN1_BOOLEAN(int a,unsigned char **pp); -int d2i_ASN1_BOOLEAN(int *a,unsigned char **pp,long length); +int d2i_ASN1_BOOLEAN(int *a,const unsigned char **pp,long length); DECLARE_ASN1_FUNCTIONS(ASN1_INTEGER) int i2c_ASN1_INTEGER(ASN1_INTEGER *a,unsigned char **pp); -ASN1_INTEGER *c2i_ASN1_INTEGER(ASN1_INTEGER **a,unsigned char **pp, +ASN1_INTEGER *c2i_ASN1_INTEGER(ASN1_INTEGER **a,const unsigned char **pp, long length); -ASN1_INTEGER *d2i_ASN1_UINTEGER(ASN1_INTEGER **a,unsigned char **pp, +ASN1_INTEGER *d2i_ASN1_UINTEGER(ASN1_INTEGER **a,const unsigned char **pp, long length); ASN1_INTEGER * ASN1_INTEGER_dup(ASN1_INTEGER *x); int ASN1_INTEGER_cmp(ASN1_INTEGER *x, ASN1_INTEGER *y); @@ -756,7 +827,7 @@ DECLARE_ASN1_FUNCTIONS(ASN1_ENUMERATED) int ASN1_UTCTIME_check(ASN1_UTCTIME *a); ASN1_UTCTIME *ASN1_UTCTIME_set(ASN1_UTCTIME *s,time_t t); -int ASN1_UTCTIME_set_string(ASN1_UTCTIME *s, char *str); +int ASN1_UTCTIME_set_string(ASN1_UTCTIME *s, const char *str); int ASN1_UTCTIME_cmp_time_t(const ASN1_UTCTIME *s, time_t t); #if 0 time_t ASN1_UTCTIME_get(const ASN1_UTCTIME *s); @@ -764,12 +835,12 @@ time_t ASN1_UTCTIME_get(const ASN1_UTCTIME *s); int ASN1_GENERALIZEDTIME_check(ASN1_GENERALIZEDTIME *a); ASN1_GENERALIZEDTIME *ASN1_GENERALIZEDTIME_set(ASN1_GENERALIZEDTIME *s,time_t t); -int ASN1_GENERALIZEDTIME_set_string(ASN1_GENERALIZEDTIME *s, char *str); +int ASN1_GENERALIZEDTIME_set_string(ASN1_GENERALIZEDTIME *s, const char *str); DECLARE_ASN1_FUNCTIONS(ASN1_OCTET_STRING) ASN1_OCTET_STRING * ASN1_OCTET_STRING_dup(ASN1_OCTET_STRING *a); int ASN1_OCTET_STRING_cmp(ASN1_OCTET_STRING *a, ASN1_OCTET_STRING *b); -int ASN1_OCTET_STRING_set(ASN1_OCTET_STRING *str, unsigned char *data, int len); +int ASN1_OCTET_STRING_set(ASN1_OCTET_STRING *str, const unsigned char *data, int len); DECLARE_ASN1_FUNCTIONS(ASN1_VISIBLESTRING) DECLARE_ASN1_FUNCTIONS(ASN1_UNIVERSALSTRING) @@ -792,15 +863,17 @@ DECLARE_ASN1_FUNCTIONS(ASN1_UTCTIME) DECLARE_ASN1_FUNCTIONS(ASN1_GENERALIZEDTIME) DECLARE_ASN1_FUNCTIONS(ASN1_TIME) +DECLARE_ASN1_ITEM(ASN1_OCTET_STRING_NDEF) + ASN1_TIME *ASN1_TIME_set(ASN1_TIME *s,time_t t); int ASN1_TIME_check(ASN1_TIME *t); ASN1_GENERALIZEDTIME *ASN1_TIME_to_generalizedtime(ASN1_TIME *t, ASN1_GENERALIZEDTIME **out); -int i2d_ASN1_SET(STACK *a, unsigned char **pp, - int (*func)(), int ex_tag, int ex_class, int is_set); -STACK * d2i_ASN1_SET(STACK **a, unsigned char **pp, long length, - char *(*func)(), void (*free_func)(void *), - int ex_tag, int ex_class); +int i2d_ASN1_SET(STACK *a, unsigned char **pp, + i2d_of_void *i2d, int ex_tag, int ex_class, int is_set); +STACK * d2i_ASN1_SET(STACK **a, const unsigned char **pp, long length, + d2i_of_void *d2i, void (*free_func)(void *), + int ex_tag, int ex_class); #ifndef OPENSSL_NO_BIO int i2a_ASN1_INTEGER(BIO *bp, ASN1_INTEGER *a); @@ -832,33 +905,70 @@ BIGNUM *ASN1_ENUMERATED_to_BN(ASN1_ENUMERATED *ai,BIGNUM *bn); int ASN1_PRINTABLE_type(const unsigned char *s, int max); int i2d_ASN1_bytes(ASN1_STRING *a, unsigned char **pp, int tag, int xclass); -ASN1_STRING *d2i_ASN1_bytes(ASN1_STRING **a, unsigned char **pp, +ASN1_STRING *d2i_ASN1_bytes(ASN1_STRING **a, const unsigned char **pp, long length, int Ptag, int Pclass); unsigned long ASN1_tag2bit(int tag); /* type is one or more of the B_ASN1_ values. */ -ASN1_STRING *d2i_ASN1_type_bytes(ASN1_STRING **a,unsigned char **pp, +ASN1_STRING *d2i_ASN1_type_bytes(ASN1_STRING **a,const unsigned char **pp, long length,int type); /* PARSING */ int asn1_Finish(ASN1_CTX *c); +int asn1_const_Finish(ASN1_const_CTX *c); /* SPECIALS */ -int ASN1_get_object(unsigned char **pp, long *plength, int *ptag, +int ASN1_get_object(const unsigned char **pp, long *plength, int *ptag, int *pclass, long omax); int ASN1_check_infinite_end(unsigned char **p,long len); +int ASN1_const_check_infinite_end(const unsigned char **p,long len); void ASN1_put_object(unsigned char **pp, int constructed, int length, int tag, int xclass); +int ASN1_put_eoc(unsigned char **pp); int ASN1_object_size(int constructed, int length, int tag); /* Used to implement other functions */ -char *ASN1_dup(int (*i2d)(),char *(*d2i)(),char *x); +void *ASN1_dup(i2d_of_void *i2d, d2i_of_void *d2i, char *x); + +#define ASN1_dup_of(type,i2d,d2i,x) \ + ((type*)ASN1_dup(CHECKED_I2D_OF(type, i2d), \ + CHECKED_D2I_OF(type, d2i), \ + CHECKED_PTR_OF(type, x))) + +#define ASN1_dup_of_const(type,i2d,d2i,x) \ + ((type*)ASN1_dup(CHECKED_I2D_OF(const type, i2d), \ + CHECKED_D2I_OF(type, d2i), \ + CHECKED_PTR_OF(const type, x))) void *ASN1_item_dup(const ASN1_ITEM *it, void *x); +/* ASN1 alloc/free macros for when a type is only used internally */ + +#define M_ASN1_new_of(type) (type *)ASN1_item_new(ASN1_ITEM_rptr(type)) +#define M_ASN1_free_of(x, type) \ + ASN1_item_free(CHECKED_PTR_OF(type, x), ASN1_ITEM_rptr(type)) + #ifndef OPENSSL_NO_FP_API -char *ASN1_d2i_fp(char *(*xnew)(),char *(*d2i)(),FILE *fp,unsigned char **x); +void *ASN1_d2i_fp(void *(*xnew)(void), d2i_of_void *d2i, FILE *in, void **x); + +#define ASN1_d2i_fp_of(type,xnew,d2i,in,x) \ + ((type*)ASN1_d2i_fp(CHECKED_NEW_OF(type, xnew), \ + CHECKED_D2I_OF(type, d2i), \ + in, \ + CHECKED_PPTR_OF(type, x))) + void *ASN1_item_d2i_fp(const ASN1_ITEM *it, FILE *in, void *x); -int ASN1_i2d_fp(int (*i2d)(),FILE *out,unsigned char *x); +int ASN1_i2d_fp(i2d_of_void *i2d,FILE *out,void *x); + +#define ASN1_i2d_fp_of(type,i2d,out,x) \ + (ASN1_i2d_fp(CHECKED_I2D_OF(type, i2d), \ + out, \ + CHECKED_PTR_OF(type, x))) + +#define ASN1_i2d_fp_of_const(type,i2d,out,x) \ + (ASN1_i2d_fp(CHECKED_I2D_OF(const type, i2d), \ + out, \ + CHECKED_PTR_OF(const type, x))) + int ASN1_item_i2d_fp(const ASN1_ITEM *it, FILE *out, void *x); int ASN1_STRING_print_ex_fp(FILE *fp, ASN1_STRING *str, unsigned long flags); #endif @@ -866,23 +976,41 @@ int ASN1_STRING_print_ex_fp(FILE *fp, ASN1_STRING *str, unsigned long flags); int ASN1_STRING_to_UTF8(unsigned char **out, ASN1_STRING *in); #ifndef OPENSSL_NO_BIO -char *ASN1_d2i_bio(char *(*xnew)(),char *(*d2i)(),BIO *bp,unsigned char **x); +void *ASN1_d2i_bio(void *(*xnew)(void), d2i_of_void *d2i, BIO *in, void **x); + +#define ASN1_d2i_bio_of(type,xnew,d2i,in,x) \ + ((type*)ASN1_d2i_bio( CHECKED_NEW_OF(type, xnew), \ + CHECKED_D2I_OF(type, d2i), \ + in, \ + CHECKED_PPTR_OF(type, x))) + void *ASN1_item_d2i_bio(const ASN1_ITEM *it, BIO *in, void *x); -int ASN1_i2d_bio(int (*i2d)(),BIO *out,unsigned char *x); +int ASN1_i2d_bio(i2d_of_void *i2d,BIO *out, unsigned char *x); + +#define ASN1_i2d_bio_of(type,i2d,out,x) \ + (ASN1_i2d_bio(CHECKED_I2D_OF(type, i2d), \ + out, \ + CHECKED_PTR_OF(type, x))) + +#define ASN1_i2d_bio_of_const(type,i2d,out,x) \ + (ASN1_i2d_bio(CHECKED_I2D_OF(const type, i2d), \ + out, \ + CHECKED_PTR_OF(const type, x))) + int ASN1_item_i2d_bio(const ASN1_ITEM *it, BIO *out, void *x); int ASN1_UTCTIME_print(BIO *fp,ASN1_UTCTIME *a); int ASN1_GENERALIZEDTIME_print(BIO *fp,ASN1_GENERALIZEDTIME *a); int ASN1_TIME_print(BIO *fp,ASN1_TIME *a); int ASN1_STRING_print(BIO *bp,ASN1_STRING *v); int ASN1_STRING_print_ex(BIO *out, ASN1_STRING *str, unsigned long flags); -int ASN1_parse(BIO *bp,unsigned char *pp,long len,int indent); -int ASN1_parse_dump(BIO *bp,unsigned char *pp,long len,int indent,int dump); +int ASN1_parse(BIO *bp,const unsigned char *pp,long len,int indent); +int ASN1_parse_dump(BIO *bp,const unsigned char *pp,long len,int indent,int dump); #endif const char *ASN1_tag2str(int tag); /* Used to load and write netscape format cert/key */ int i2d_ASN1_HEADER(ASN1_HEADER *a,unsigned char **pp); -ASN1_HEADER *d2i_ASN1_HEADER(ASN1_HEADER **a,unsigned char **pp, long length); +ASN1_HEADER *d2i_ASN1_HEADER(ASN1_HEADER **a,const unsigned char **pp, long length); ASN1_HEADER *ASN1_HEADER_new(void ); void ASN1_HEADER_free(ASN1_HEADER *a); @@ -903,13 +1031,20 @@ int ASN1_TYPE_set_int_octetstring(ASN1_TYPE *a, long num, int ASN1_TYPE_get_int_octetstring(ASN1_TYPE *a,long *num, unsigned char *data, int max_len); -STACK *ASN1_seq_unpack(unsigned char *buf, int len, char *(*d2i)(), - void (*free_func)(void *) ); -unsigned char *ASN1_seq_pack(STACK *safes, int (*i2d)(), unsigned char **buf, - int *len ); -void *ASN1_unpack_string(ASN1_STRING *oct, char *(*d2i)()); +STACK *ASN1_seq_unpack(const unsigned char *buf, int len, + d2i_of_void *d2i, void (*free_func)(void *)); +unsigned char *ASN1_seq_pack(STACK *safes, i2d_of_void *i2d, + unsigned char **buf, int *len ); +void *ASN1_unpack_string(ASN1_STRING *oct, d2i_of_void *d2i); void *ASN1_item_unpack(ASN1_STRING *oct, const ASN1_ITEM *it); -ASN1_STRING *ASN1_pack_string(void *obj, int (*i2d)(), ASN1_OCTET_STRING **oct); +ASN1_STRING *ASN1_pack_string(void *obj, i2d_of_void *i2d, + ASN1_OCTET_STRING **oct); + +#define ASN1_pack_string_of(type,obj,i2d,oct) \ + (ASN1_pack_string(CHECKED_PTR_OF(type, obj), \ + CHECKED_I2D_OF(type, i2d), \ + oct)) + ASN1_STRING *ASN1_item_pack(void *obj, const ASN1_ITEM *it, ASN1_OCTET_STRING **oct); void ASN1_STRING_set_default_mask(unsigned long mask); @@ -932,11 +1067,25 @@ void ASN1_STRING_TABLE_cleanup(void); /* Old API compatible functions */ ASN1_VALUE *ASN1_item_new(const ASN1_ITEM *it); void ASN1_item_free(ASN1_VALUE *val, const ASN1_ITEM *it); -ASN1_VALUE * ASN1_item_d2i(ASN1_VALUE **val, unsigned char **in, long len, const ASN1_ITEM *it); +ASN1_VALUE * ASN1_item_d2i(ASN1_VALUE **val, const unsigned char **in, long len, const ASN1_ITEM *it); int ASN1_item_i2d(ASN1_VALUE *val, unsigned char **out, const ASN1_ITEM *it); +int ASN1_item_ndef_i2d(ASN1_VALUE *val, unsigned char **out, const ASN1_ITEM *it); void ASN1_add_oid_module(void); +ASN1_TYPE *ASN1_generate_nconf(char *str, CONF *nconf); +ASN1_TYPE *ASN1_generate_v3(char *str, X509V3_CTX *cnf); + +typedef int asn1_output_data_fn(BIO *out, BIO *data, ASN1_VALUE *val, int flags, + const ASN1_ITEM *it); + +int int_smime_write_ASN1(BIO *bio, ASN1_VALUE *val, BIO *data, int flags, + int ctype_nid, int econt_nid, + STACK_OF(X509_ALGOR) *mdalgs, + asn1_output_data_fn *data_fn, + const ASN1_ITEM *it); +ASN1_VALUE *SMIME_read_ASN1(BIO *bio, BIO **bcont, const ASN1_ITEM *it); + /* BEGIN ERROR CODES */ /* The following lines are auto generated by the script mkerr.pl. Any changes * made after this point may be overwritten when the script is next run. @@ -950,49 +1099,70 @@ void ERR_load_ASN1_strings(void); #define ASN1_F_A2I_ASN1_ENUMERATED 101 #define ASN1_F_A2I_ASN1_INTEGER 102 #define ASN1_F_A2I_ASN1_STRING 103 -#define ASN1_F_ASN1_BIT_STRING_SET_BIT 176 +#define ASN1_F_APPEND_EXP 176 +#define ASN1_F_ASN1_BIT_STRING_SET_BIT 183 +#define ASN1_F_ASN1_CB 177 #define ASN1_F_ASN1_CHECK_TLEN 104 #define ASN1_F_ASN1_COLLATE_PRIMITIVE 105 #define ASN1_F_ASN1_COLLECT 106 -#define ASN1_F_ASN1_D2I_BIO 107 #define ASN1_F_ASN1_D2I_EX_PRIMITIVE 108 #define ASN1_F_ASN1_D2I_FP 109 -#define ASN1_F_ASN1_DIGEST 177 +#define ASN1_F_ASN1_D2I_READ_BIO 107 +#define ASN1_F_ASN1_DIGEST 184 #define ASN1_F_ASN1_DO_ADB 110 #define ASN1_F_ASN1_DUP 111 #define ASN1_F_ASN1_ENUMERATED_SET 112 #define ASN1_F_ASN1_ENUMERATED_TO_BN 113 -#define ASN1_F_ASN1_FIND_END 182 -#define ASN1_F_ASN1_GENERALIZEDTIME_SET 178 +#define ASN1_F_ASN1_EX_C2I 204 +#define ASN1_F_ASN1_FIND_END 190 +#define ASN1_F_ASN1_GENERALIZEDTIME_SET 185 +#define ASN1_F_ASN1_GENERATE_V3 178 #define ASN1_F_ASN1_GET_OBJECT 114 #define ASN1_F_ASN1_HEADER_NEW 115 #define ASN1_F_ASN1_I2D_BIO 116 #define ASN1_F_ASN1_I2D_FP 117 #define ASN1_F_ASN1_INTEGER_SET 118 #define ASN1_F_ASN1_INTEGER_TO_BN 119 +#define ASN1_F_ASN1_ITEM_D2I_FP 206 +#define ASN1_F_ASN1_ITEM_DUP 191 +#define ASN1_F_ASN1_ITEM_EX_COMBINE_NEW 121 #define ASN1_F_ASN1_ITEM_EX_D2I 120 -#define ASN1_F_ASN1_ITEM_NEW 121 -#define ASN1_F_ASN1_MBSTRING_COPY 122 +#define ASN1_F_ASN1_ITEM_I2D_BIO 192 +#define ASN1_F_ASN1_ITEM_I2D_FP 193 +#define ASN1_F_ASN1_ITEM_PACK 198 +#define ASN1_F_ASN1_ITEM_SIGN 195 +#define ASN1_F_ASN1_ITEM_UNPACK 199 +#define ASN1_F_ASN1_ITEM_VERIFY 197 +#define ASN1_F_ASN1_MBSTRING_NCOPY 122 #define ASN1_F_ASN1_OBJECT_NEW 123 +#define ASN1_F_ASN1_OUTPUT_DATA 207 #define ASN1_F_ASN1_PACK_STRING 124 -#define ASN1_F_ASN1_PBE_SET 125 +#define ASN1_F_ASN1_PCTX_NEW 205 +#define ASN1_F_ASN1_PKCS5_PBE_SET 125 #define ASN1_F_ASN1_SEQ_PACK 126 #define ASN1_F_ASN1_SEQ_UNPACK 127 #define ASN1_F_ASN1_SIGN 128 -#define ASN1_F_ASN1_STRING_SET 179 +#define ASN1_F_ASN1_STR2TYPE 179 +#define ASN1_F_ASN1_STRING_SET 186 #define ASN1_F_ASN1_STRING_TABLE_ADD 129 #define ASN1_F_ASN1_STRING_TYPE_NEW 130 -#define ASN1_F_ASN1_TEMPLATE_D2I 131 #define ASN1_F_ASN1_TEMPLATE_EX_D2I 132 #define ASN1_F_ASN1_TEMPLATE_NEW 133 +#define ASN1_F_ASN1_TEMPLATE_NOEXP_D2I 131 #define ASN1_F_ASN1_TIME_SET 175 #define ASN1_F_ASN1_TYPE_GET_INT_OCTETSTRING 134 #define ASN1_F_ASN1_TYPE_GET_OCTETSTRING 135 #define ASN1_F_ASN1_UNPACK_STRING 136 -#define ASN1_F_ASN1_UTCTIME_SET 180 +#define ASN1_F_ASN1_UTCTIME_SET 187 #define ASN1_F_ASN1_VERIFY 137 +#define ASN1_F_B64_READ_ASN1 208 +#define ASN1_F_B64_WRITE_ASN1 209 +#define ASN1_F_BITSTR_CB 180 #define ASN1_F_BN_TO_ASN1_ENUMERATED 138 #define ASN1_F_BN_TO_ASN1_INTEGER 139 +#define ASN1_F_C2I_ASN1_BIT_STRING 189 +#define ASN1_F_C2I_ASN1_INTEGER 194 +#define ASN1_F_C2I_ASN1_OBJECT 196 #define ASN1_F_COLLECT_DATA 140 #define ASN1_F_D2I_ASN1_BIT_STRING 141 #define ASN1_F_D2I_ASN1_BOOLEAN 142 @@ -1009,29 +1179,39 @@ void ERR_load_ASN1_strings(void); #define ASN1_F_D2I_NETSCAPE_RSA_2 153 #define ASN1_F_D2I_PRIVATEKEY 154 #define ASN1_F_D2I_PUBLICKEY 155 +#define ASN1_F_D2I_RSA_NET 200 +#define ASN1_F_D2I_RSA_NET_2 201 #define ASN1_F_D2I_X509 156 #define ASN1_F_D2I_X509_CINF 157 -#define ASN1_F_D2I_X509_NAME 158 #define ASN1_F_D2I_X509_PKEY 159 -#define ASN1_F_I2D_ASN1_SET 181 +#define ASN1_F_I2D_ASN1_SET 188 #define ASN1_F_I2D_ASN1_TIME 160 #define ASN1_F_I2D_DSA_PUBKEY 161 -#define ASN1_F_I2D_NETSCAPE_RSA 162 +#define ASN1_F_I2D_EC_PUBKEY 181 #define ASN1_F_I2D_PRIVATEKEY 163 #define ASN1_F_I2D_PUBLICKEY 164 +#define ASN1_F_I2D_RSA_NET 162 #define ASN1_F_I2D_RSA_PUBKEY 165 #define ASN1_F_LONG_C2I 166 #define ASN1_F_OID_MODULE_INIT 174 +#define ASN1_F_PARSE_TAGGING 182 #define ASN1_F_PKCS5_PBE2_SET 167 +#define ASN1_F_PKCS5_PBE_SET 202 +#define ASN1_F_SMIME_READ_ASN1 210 +#define ASN1_F_SMIME_TEXT 211 #define ASN1_F_X509_CINF_NEW 168 #define ASN1_F_X509_CRL_ADD0_REVOKED 169 #define ASN1_F_X509_INFO_NEW 170 -#define ASN1_F_X509_NAME_NEW 171 +#define ASN1_F_X509_NAME_ENCODE 203 +#define ASN1_F_X509_NAME_EX_D2I 158 +#define ASN1_F_X509_NAME_EX_NEW 171 #define ASN1_F_X509_NEW 172 #define ASN1_F_X509_PKEY_NEW 173 /* Reason codes. */ #define ASN1_R_ADDING_OBJECT 171 +#define ASN1_R_ASN1_PARSE_ERROR 198 +#define ASN1_R_ASN1_SIG_PARSE_ERROR 199 #define ASN1_R_AUX_ERROR 100 #define ASN1_R_BAD_CLASS 101 #define ASN1_R_BAD_OBJECT_HEADER 102 @@ -1044,6 +1224,7 @@ void ERR_load_ASN1_strings(void); #define ASN1_R_DATA_IS_WRONG 109 #define ASN1_R_DECODE_ERROR 110 #define ASN1_R_DECODING_ERROR 111 +#define ASN1_R_DEPTH_EXCEEDED 174 #define ASN1_R_ENCODE_ERROR 112 #define ASN1_R_ERROR_GETTING_TIME 173 #define ASN1_R_ERROR_LOADING_SECTION 172 @@ -1058,39 +1239,68 @@ void ERR_load_ASN1_strings(void); #define ASN1_R_FIELD_MISSING 121 #define ASN1_R_FIRST_NUM_TOO_LARGE 122 #define ASN1_R_HEADER_TOO_LONG 123 +#define ASN1_R_ILLEGAL_BITSTRING_FORMAT 175 +#define ASN1_R_ILLEGAL_BOOLEAN 176 #define ASN1_R_ILLEGAL_CHARACTERS 124 +#define ASN1_R_ILLEGAL_FORMAT 177 +#define ASN1_R_ILLEGAL_HEX 178 +#define ASN1_R_ILLEGAL_IMPLICIT_TAG 179 +#define ASN1_R_ILLEGAL_INTEGER 180 +#define ASN1_R_ILLEGAL_NESTED_TAGGING 181 #define ASN1_R_ILLEGAL_NULL 125 +#define ASN1_R_ILLEGAL_NULL_VALUE 182 +#define ASN1_R_ILLEGAL_OBJECT 183 #define ASN1_R_ILLEGAL_OPTIONAL_ANY 126 #define ASN1_R_ILLEGAL_OPTIONS_ON_ITEM_TEMPLATE 170 #define ASN1_R_ILLEGAL_TAGGED_ANY 127 +#define ASN1_R_ILLEGAL_TIME_VALUE 184 +#define ASN1_R_INTEGER_NOT_ASCII_FORMAT 185 #define ASN1_R_INTEGER_TOO_LARGE_FOR_LONG 128 #define ASN1_R_INVALID_BMPSTRING_LENGTH 129 #define ASN1_R_INVALID_DIGIT 130 +#define ASN1_R_INVALID_MIME_TYPE 200 +#define ASN1_R_INVALID_MODIFIER 186 +#define ASN1_R_INVALID_NUMBER 187 #define ASN1_R_INVALID_SEPARATOR 131 #define ASN1_R_INVALID_TIME_FORMAT 132 #define ASN1_R_INVALID_UNIVERSALSTRING_LENGTH 133 #define ASN1_R_INVALID_UTF8STRING 134 #define ASN1_R_IV_TOO_LARGE 135 #define ASN1_R_LENGTH_ERROR 136 +#define ASN1_R_LIST_ERROR 188 +#define ASN1_R_MIME_NO_CONTENT_TYPE 201 +#define ASN1_R_MIME_PARSE_ERROR 202 +#define ASN1_R_MIME_SIG_PARSE_ERROR 203 #define ASN1_R_MISSING_EOC 137 #define ASN1_R_MISSING_SECOND_NUMBER 138 +#define ASN1_R_MISSING_VALUE 189 #define ASN1_R_MSTRING_NOT_UNIVERSAL 139 #define ASN1_R_MSTRING_WRONG_TAG 140 -#define ASN1_R_NESTED_ASN1_STRING 174 +#define ASN1_R_NESTED_ASN1_STRING 197 #define ASN1_R_NON_HEX_CHARACTERS 141 +#define ASN1_R_NOT_ASCII_FORMAT 190 #define ASN1_R_NOT_ENOUGH_DATA 142 +#define ASN1_R_NO_CONTENT_TYPE 204 #define ASN1_R_NO_MATCHING_CHOICE_TYPE 143 +#define ASN1_R_NO_MULTIPART_BODY_FAILURE 205 +#define ASN1_R_NO_MULTIPART_BOUNDARY 206 +#define ASN1_R_NO_SIG_CONTENT_TYPE 207 #define ASN1_R_NULL_IS_WRONG_LENGTH 144 +#define ASN1_R_OBJECT_NOT_ASCII_FORMAT 191 #define ASN1_R_ODD_NUMBER_OF_CHARS 145 #define ASN1_R_PRIVATE_KEY_HEADER_MISSING 146 #define ASN1_R_SECOND_NUMBER_TOO_LARGE 147 #define ASN1_R_SEQUENCE_LENGTH_MISMATCH 148 #define ASN1_R_SEQUENCE_NOT_CONSTRUCTED 149 +#define ASN1_R_SEQUENCE_OR_SET_NEEDS_CONFIG 192 #define ASN1_R_SHORT_LINE 150 +#define ASN1_R_SIG_INVALID_MIME_TYPE 208 +#define ASN1_R_STREAMING_NOT_SUPPORTED 209 #define ASN1_R_STRING_TOO_LONG 151 #define ASN1_R_STRING_TOO_SHORT 152 #define ASN1_R_TAG_VALUE_TOO_HIGH 153 #define ASN1_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD 154 +#define ASN1_R_TIME_NOT_ASCII_FORMAT 193 #define ASN1_R_TOO_LONG 155 #define ASN1_R_TYPE_NOT_CONSTRUCTED 156 #define ASN1_R_UNABLE_TO_DECODE_RSA_KEY 157 @@ -1100,10 +1310,13 @@ void ERR_load_ASN1_strings(void); #define ASN1_R_UNKNOWN_MESSAGE_DIGEST_ALGORITHM 161 #define ASN1_R_UNKNOWN_OBJECT_TYPE 162 #define ASN1_R_UNKNOWN_PUBLIC_KEY_TYPE 163 +#define ASN1_R_UNKNOWN_TAG 194 +#define ASN1_R_UNKOWN_FORMAT 195 #define ASN1_R_UNSUPPORTED_ANY_DEFINED_BY_TYPE 164 #define ASN1_R_UNSUPPORTED_CIPHER 165 #define ASN1_R_UNSUPPORTED_ENCRYPTION_ALGORITHM 166 #define ASN1_R_UNSUPPORTED_PUBLIC_KEY_TYPE 167 +#define ASN1_R_UNSUPPORTED_TYPE 196 #define ASN1_R_WRONG_TAG 168 #define ASN1_R_WRONG_TYPE 169 diff --git a/src/lib/libssl/src/crypto/asn1/asn1_err.c b/src/lib/libssl/src/crypto/asn1/asn1_err.c index 315d0a0807..f8a3e2e6cd 100644 --- a/src/lib/libssl/src/crypto/asn1/asn1_err.c +++ b/src/lib/libssl/src/crypto/asn1/asn1_err.c @@ -1,6 +1,6 @@ /* crypto/asn1/asn1_err.c */ /* ==================================================================== - * Copyright (c) 1999-2005 The OpenSSL Project. All rights reserved. + * Copyright (c) 1999-2008 The OpenSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -74,49 +74,70 @@ static ERR_STRING_DATA ASN1_str_functs[]= {ERR_FUNC(ASN1_F_A2I_ASN1_ENUMERATED), "a2i_ASN1_ENUMERATED"}, {ERR_FUNC(ASN1_F_A2I_ASN1_INTEGER), "a2i_ASN1_INTEGER"}, {ERR_FUNC(ASN1_F_A2I_ASN1_STRING), "a2i_ASN1_STRING"}, +{ERR_FUNC(ASN1_F_APPEND_EXP), "APPEND_EXP"}, {ERR_FUNC(ASN1_F_ASN1_BIT_STRING_SET_BIT), "ASN1_BIT_STRING_set_bit"}, +{ERR_FUNC(ASN1_F_ASN1_CB), "ASN1_CB"}, {ERR_FUNC(ASN1_F_ASN1_CHECK_TLEN), "ASN1_CHECK_TLEN"}, {ERR_FUNC(ASN1_F_ASN1_COLLATE_PRIMITIVE), "ASN1_COLLATE_PRIMITIVE"}, {ERR_FUNC(ASN1_F_ASN1_COLLECT), "ASN1_COLLECT"}, -{ERR_FUNC(ASN1_F_ASN1_D2I_BIO), "ASN1_d2i_bio"}, {ERR_FUNC(ASN1_F_ASN1_D2I_EX_PRIMITIVE), "ASN1_D2I_EX_PRIMITIVE"}, {ERR_FUNC(ASN1_F_ASN1_D2I_FP), "ASN1_d2i_fp"}, +{ERR_FUNC(ASN1_F_ASN1_D2I_READ_BIO), "ASN1_D2I_READ_BIO"}, {ERR_FUNC(ASN1_F_ASN1_DIGEST), "ASN1_digest"}, {ERR_FUNC(ASN1_F_ASN1_DO_ADB), "ASN1_DO_ADB"}, {ERR_FUNC(ASN1_F_ASN1_DUP), "ASN1_dup"}, {ERR_FUNC(ASN1_F_ASN1_ENUMERATED_SET), "ASN1_ENUMERATED_set"}, {ERR_FUNC(ASN1_F_ASN1_ENUMERATED_TO_BN), "ASN1_ENUMERATED_to_BN"}, +{ERR_FUNC(ASN1_F_ASN1_EX_C2I), "ASN1_EX_C2I"}, {ERR_FUNC(ASN1_F_ASN1_FIND_END), "ASN1_FIND_END"}, {ERR_FUNC(ASN1_F_ASN1_GENERALIZEDTIME_SET), "ASN1_GENERALIZEDTIME_set"}, +{ERR_FUNC(ASN1_F_ASN1_GENERATE_V3), "ASN1_generate_v3"}, {ERR_FUNC(ASN1_F_ASN1_GET_OBJECT), "ASN1_get_object"}, {ERR_FUNC(ASN1_F_ASN1_HEADER_NEW), "ASN1_HEADER_new"}, {ERR_FUNC(ASN1_F_ASN1_I2D_BIO), "ASN1_i2d_bio"}, {ERR_FUNC(ASN1_F_ASN1_I2D_FP), "ASN1_i2d_fp"}, {ERR_FUNC(ASN1_F_ASN1_INTEGER_SET), "ASN1_INTEGER_set"}, {ERR_FUNC(ASN1_F_ASN1_INTEGER_TO_BN), "ASN1_INTEGER_to_BN"}, +{ERR_FUNC(ASN1_F_ASN1_ITEM_D2I_FP), "ASN1_item_d2i_fp"}, +{ERR_FUNC(ASN1_F_ASN1_ITEM_DUP), "ASN1_item_dup"}, +{ERR_FUNC(ASN1_F_ASN1_ITEM_EX_COMBINE_NEW), "ASN1_ITEM_EX_COMBINE_NEW"}, {ERR_FUNC(ASN1_F_ASN1_ITEM_EX_D2I), "ASN1_ITEM_EX_D2I"}, -{ERR_FUNC(ASN1_F_ASN1_ITEM_NEW), "ASN1_item_new"}, -{ERR_FUNC(ASN1_F_ASN1_MBSTRING_COPY), "ASN1_mbstring_copy"}, +{ERR_FUNC(ASN1_F_ASN1_ITEM_I2D_BIO), "ASN1_item_i2d_bio"}, +{ERR_FUNC(ASN1_F_ASN1_ITEM_I2D_FP), "ASN1_item_i2d_fp"}, +{ERR_FUNC(ASN1_F_ASN1_ITEM_PACK), "ASN1_item_pack"}, +{ERR_FUNC(ASN1_F_ASN1_ITEM_SIGN), "ASN1_item_sign"}, +{ERR_FUNC(ASN1_F_ASN1_ITEM_UNPACK), "ASN1_item_unpack"}, +{ERR_FUNC(ASN1_F_ASN1_ITEM_VERIFY), "ASN1_item_verify"}, +{ERR_FUNC(ASN1_F_ASN1_MBSTRING_NCOPY), "ASN1_mbstring_ncopy"}, {ERR_FUNC(ASN1_F_ASN1_OBJECT_NEW), "ASN1_OBJECT_new"}, +{ERR_FUNC(ASN1_F_ASN1_OUTPUT_DATA), "ASN1_OUTPUT_DATA"}, {ERR_FUNC(ASN1_F_ASN1_PACK_STRING), "ASN1_pack_string"}, -{ERR_FUNC(ASN1_F_ASN1_PBE_SET), "ASN1_PBE_SET"}, +{ERR_FUNC(ASN1_F_ASN1_PCTX_NEW), "ASN1_PCTX_NEW"}, +{ERR_FUNC(ASN1_F_ASN1_PKCS5_PBE_SET), "ASN1_PKCS5_PBE_SET"}, {ERR_FUNC(ASN1_F_ASN1_SEQ_PACK), "ASN1_seq_pack"}, {ERR_FUNC(ASN1_F_ASN1_SEQ_UNPACK), "ASN1_seq_unpack"}, {ERR_FUNC(ASN1_F_ASN1_SIGN), "ASN1_sign"}, +{ERR_FUNC(ASN1_F_ASN1_STR2TYPE), "ASN1_STR2TYPE"}, {ERR_FUNC(ASN1_F_ASN1_STRING_SET), "ASN1_STRING_set"}, {ERR_FUNC(ASN1_F_ASN1_STRING_TABLE_ADD), "ASN1_STRING_TABLE_add"}, {ERR_FUNC(ASN1_F_ASN1_STRING_TYPE_NEW), "ASN1_STRING_type_new"}, -{ERR_FUNC(ASN1_F_ASN1_TEMPLATE_D2I), "ASN1_TEMPLATE_D2I"}, {ERR_FUNC(ASN1_F_ASN1_TEMPLATE_EX_D2I), "ASN1_TEMPLATE_EX_D2I"}, {ERR_FUNC(ASN1_F_ASN1_TEMPLATE_NEW), "ASN1_TEMPLATE_NEW"}, +{ERR_FUNC(ASN1_F_ASN1_TEMPLATE_NOEXP_D2I), "ASN1_TEMPLATE_NOEXP_D2I"}, {ERR_FUNC(ASN1_F_ASN1_TIME_SET), "ASN1_TIME_set"}, {ERR_FUNC(ASN1_F_ASN1_TYPE_GET_INT_OCTETSTRING), "ASN1_TYPE_get_int_octetstring"}, {ERR_FUNC(ASN1_F_ASN1_TYPE_GET_OCTETSTRING), "ASN1_TYPE_get_octetstring"}, {ERR_FUNC(ASN1_F_ASN1_UNPACK_STRING), "ASN1_unpack_string"}, {ERR_FUNC(ASN1_F_ASN1_UTCTIME_SET), "ASN1_UTCTIME_set"}, {ERR_FUNC(ASN1_F_ASN1_VERIFY), "ASN1_verify"}, +{ERR_FUNC(ASN1_F_B64_READ_ASN1), "B64_READ_ASN1"}, +{ERR_FUNC(ASN1_F_B64_WRITE_ASN1), "B64_WRITE_ASN1"}, +{ERR_FUNC(ASN1_F_BITSTR_CB), "BITSTR_CB"}, {ERR_FUNC(ASN1_F_BN_TO_ASN1_ENUMERATED), "BN_to_ASN1_ENUMERATED"}, {ERR_FUNC(ASN1_F_BN_TO_ASN1_INTEGER), "BN_to_ASN1_INTEGER"}, +{ERR_FUNC(ASN1_F_C2I_ASN1_BIT_STRING), "c2i_ASN1_BIT_STRING"}, +{ERR_FUNC(ASN1_F_C2I_ASN1_INTEGER), "c2i_ASN1_INTEGER"}, +{ERR_FUNC(ASN1_F_C2I_ASN1_OBJECT), "c2i_ASN1_OBJECT"}, {ERR_FUNC(ASN1_F_COLLECT_DATA), "COLLECT_DATA"}, {ERR_FUNC(ASN1_F_D2I_ASN1_BIT_STRING), "D2I_ASN1_BIT_STRING"}, {ERR_FUNC(ASN1_F_D2I_ASN1_BOOLEAN), "d2i_ASN1_BOOLEAN"}, @@ -133,24 +154,32 @@ static ERR_STRING_DATA ASN1_str_functs[]= {ERR_FUNC(ASN1_F_D2I_NETSCAPE_RSA_2), "D2I_NETSCAPE_RSA_2"}, {ERR_FUNC(ASN1_F_D2I_PRIVATEKEY), "d2i_PrivateKey"}, {ERR_FUNC(ASN1_F_D2I_PUBLICKEY), "d2i_PublicKey"}, +{ERR_FUNC(ASN1_F_D2I_RSA_NET), "d2i_RSA_NET"}, +{ERR_FUNC(ASN1_F_D2I_RSA_NET_2), "D2I_RSA_NET_2"}, {ERR_FUNC(ASN1_F_D2I_X509), "D2I_X509"}, {ERR_FUNC(ASN1_F_D2I_X509_CINF), "D2I_X509_CINF"}, -{ERR_FUNC(ASN1_F_D2I_X509_NAME), "D2I_X509_NAME"}, {ERR_FUNC(ASN1_F_D2I_X509_PKEY), "d2i_X509_PKEY"}, {ERR_FUNC(ASN1_F_I2D_ASN1_SET), "i2d_ASN1_SET"}, {ERR_FUNC(ASN1_F_I2D_ASN1_TIME), "I2D_ASN1_TIME"}, {ERR_FUNC(ASN1_F_I2D_DSA_PUBKEY), "i2d_DSA_PUBKEY"}, -{ERR_FUNC(ASN1_F_I2D_NETSCAPE_RSA), "i2d_Netscape_RSA"}, +{ERR_FUNC(ASN1_F_I2D_EC_PUBKEY), "i2d_EC_PUBKEY"}, {ERR_FUNC(ASN1_F_I2D_PRIVATEKEY), "i2d_PrivateKey"}, {ERR_FUNC(ASN1_F_I2D_PUBLICKEY), "i2d_PublicKey"}, +{ERR_FUNC(ASN1_F_I2D_RSA_NET), "i2d_RSA_NET"}, {ERR_FUNC(ASN1_F_I2D_RSA_PUBKEY), "i2d_RSA_PUBKEY"}, {ERR_FUNC(ASN1_F_LONG_C2I), "LONG_C2I"}, {ERR_FUNC(ASN1_F_OID_MODULE_INIT), "OID_MODULE_INIT"}, +{ERR_FUNC(ASN1_F_PARSE_TAGGING), "PARSE_TAGGING"}, {ERR_FUNC(ASN1_F_PKCS5_PBE2_SET), "PKCS5_pbe2_set"}, +{ERR_FUNC(ASN1_F_PKCS5_PBE_SET), "PKCS5_pbe_set"}, +{ERR_FUNC(ASN1_F_SMIME_READ_ASN1), "SMIME_read_ASN1"}, +{ERR_FUNC(ASN1_F_SMIME_TEXT), "SMIME_text"}, {ERR_FUNC(ASN1_F_X509_CINF_NEW), "X509_CINF_NEW"}, {ERR_FUNC(ASN1_F_X509_CRL_ADD0_REVOKED), "X509_CRL_add0_revoked"}, {ERR_FUNC(ASN1_F_X509_INFO_NEW), "X509_INFO_new"}, -{ERR_FUNC(ASN1_F_X509_NAME_NEW), "X509_NAME_NEW"}, +{ERR_FUNC(ASN1_F_X509_NAME_ENCODE), "X509_NAME_ENCODE"}, +{ERR_FUNC(ASN1_F_X509_NAME_EX_D2I), "X509_NAME_EX_D2I"}, +{ERR_FUNC(ASN1_F_X509_NAME_EX_NEW), "X509_NAME_EX_NEW"}, {ERR_FUNC(ASN1_F_X509_NEW), "X509_NEW"}, {ERR_FUNC(ASN1_F_X509_PKEY_NEW), "X509_PKEY_new"}, {0,NULL} @@ -159,6 +188,8 @@ static ERR_STRING_DATA ASN1_str_functs[]= static ERR_STRING_DATA ASN1_str_reasons[]= { {ERR_REASON(ASN1_R_ADDING_OBJECT) ,"adding object"}, +{ERR_REASON(ASN1_R_ASN1_PARSE_ERROR) ,"asn1 parse error"}, +{ERR_REASON(ASN1_R_ASN1_SIG_PARSE_ERROR) ,"asn1 sig parse error"}, {ERR_REASON(ASN1_R_AUX_ERROR) ,"aux error"}, {ERR_REASON(ASN1_R_BAD_CLASS) ,"bad class"}, {ERR_REASON(ASN1_R_BAD_OBJECT_HEADER) ,"bad object header"}, @@ -171,6 +202,7 @@ static ERR_STRING_DATA ASN1_str_reasons[]= {ERR_REASON(ASN1_R_DATA_IS_WRONG) ,"data is wrong"}, {ERR_REASON(ASN1_R_DECODE_ERROR) ,"decode error"}, {ERR_REASON(ASN1_R_DECODING_ERROR) ,"decoding error"}, +{ERR_REASON(ASN1_R_DEPTH_EXCEEDED) ,"depth exceeded"}, {ERR_REASON(ASN1_R_ENCODE_ERROR) ,"encode error"}, {ERR_REASON(ASN1_R_ERROR_GETTING_TIME) ,"error getting time"}, {ERR_REASON(ASN1_R_ERROR_LOADING_SECTION),"error loading section"}, @@ -185,39 +217,68 @@ static ERR_STRING_DATA ASN1_str_reasons[]= {ERR_REASON(ASN1_R_FIELD_MISSING) ,"field missing"}, {ERR_REASON(ASN1_R_FIRST_NUM_TOO_LARGE) ,"first num too large"}, {ERR_REASON(ASN1_R_HEADER_TOO_LONG) ,"header too long"}, +{ERR_REASON(ASN1_R_ILLEGAL_BITSTRING_FORMAT),"illegal bitstring format"}, +{ERR_REASON(ASN1_R_ILLEGAL_BOOLEAN) ,"illegal boolean"}, {ERR_REASON(ASN1_R_ILLEGAL_CHARACTERS) ,"illegal characters"}, +{ERR_REASON(ASN1_R_ILLEGAL_FORMAT) ,"illegal format"}, +{ERR_REASON(ASN1_R_ILLEGAL_HEX) ,"illegal hex"}, +{ERR_REASON(ASN1_R_ILLEGAL_IMPLICIT_TAG) ,"illegal implicit tag"}, +{ERR_REASON(ASN1_R_ILLEGAL_INTEGER) ,"illegal integer"}, +{ERR_REASON(ASN1_R_ILLEGAL_NESTED_TAGGING),"illegal nested tagging"}, {ERR_REASON(ASN1_R_ILLEGAL_NULL) ,"illegal null"}, +{ERR_REASON(ASN1_R_ILLEGAL_NULL_VALUE) ,"illegal null value"}, +{ERR_REASON(ASN1_R_ILLEGAL_OBJECT) ,"illegal object"}, {ERR_REASON(ASN1_R_ILLEGAL_OPTIONAL_ANY) ,"illegal optional any"}, {ERR_REASON(ASN1_R_ILLEGAL_OPTIONS_ON_ITEM_TEMPLATE),"illegal options on item template"}, {ERR_REASON(ASN1_R_ILLEGAL_TAGGED_ANY) ,"illegal tagged any"}, +{ERR_REASON(ASN1_R_ILLEGAL_TIME_VALUE) ,"illegal time value"}, +{ERR_REASON(ASN1_R_INTEGER_NOT_ASCII_FORMAT),"integer not ascii format"}, {ERR_REASON(ASN1_R_INTEGER_TOO_LARGE_FOR_LONG),"integer too large for long"}, {ERR_REASON(ASN1_R_INVALID_BMPSTRING_LENGTH),"invalid bmpstring length"}, {ERR_REASON(ASN1_R_INVALID_DIGIT) ,"invalid digit"}, +{ERR_REASON(ASN1_R_INVALID_MIME_TYPE) ,"invalid mime type"}, +{ERR_REASON(ASN1_R_INVALID_MODIFIER) ,"invalid modifier"}, +{ERR_REASON(ASN1_R_INVALID_NUMBER) ,"invalid number"}, {ERR_REASON(ASN1_R_INVALID_SEPARATOR) ,"invalid separator"}, {ERR_REASON(ASN1_R_INVALID_TIME_FORMAT) ,"invalid time format"}, {ERR_REASON(ASN1_R_INVALID_UNIVERSALSTRING_LENGTH),"invalid universalstring length"}, {ERR_REASON(ASN1_R_INVALID_UTF8STRING) ,"invalid utf8string"}, {ERR_REASON(ASN1_R_IV_TOO_LARGE) ,"iv too large"}, {ERR_REASON(ASN1_R_LENGTH_ERROR) ,"length error"}, +{ERR_REASON(ASN1_R_LIST_ERROR) ,"list error"}, +{ERR_REASON(ASN1_R_MIME_NO_CONTENT_TYPE) ,"mime no content type"}, +{ERR_REASON(ASN1_R_MIME_PARSE_ERROR) ,"mime parse error"}, +{ERR_REASON(ASN1_R_MIME_SIG_PARSE_ERROR) ,"mime sig parse error"}, {ERR_REASON(ASN1_R_MISSING_EOC) ,"missing eoc"}, {ERR_REASON(ASN1_R_MISSING_SECOND_NUMBER),"missing second number"}, +{ERR_REASON(ASN1_R_MISSING_VALUE) ,"missing value"}, {ERR_REASON(ASN1_R_MSTRING_NOT_UNIVERSAL),"mstring not universal"}, {ERR_REASON(ASN1_R_MSTRING_WRONG_TAG) ,"mstring wrong tag"}, {ERR_REASON(ASN1_R_NESTED_ASN1_STRING) ,"nested asn1 string"}, {ERR_REASON(ASN1_R_NON_HEX_CHARACTERS) ,"non hex characters"}, +{ERR_REASON(ASN1_R_NOT_ASCII_FORMAT) ,"not ascii format"}, {ERR_REASON(ASN1_R_NOT_ENOUGH_DATA) ,"not enough data"}, +{ERR_REASON(ASN1_R_NO_CONTENT_TYPE) ,"no content type"}, {ERR_REASON(ASN1_R_NO_MATCHING_CHOICE_TYPE),"no matching choice type"}, +{ERR_REASON(ASN1_R_NO_MULTIPART_BODY_FAILURE),"no multipart body failure"}, +{ERR_REASON(ASN1_R_NO_MULTIPART_BOUNDARY),"no multipart boundary"}, +{ERR_REASON(ASN1_R_NO_SIG_CONTENT_TYPE) ,"no sig content type"}, {ERR_REASON(ASN1_R_NULL_IS_WRONG_LENGTH) ,"null is wrong length"}, +{ERR_REASON(ASN1_R_OBJECT_NOT_ASCII_FORMAT),"object not ascii format"}, {ERR_REASON(ASN1_R_ODD_NUMBER_OF_CHARS) ,"odd number of chars"}, {ERR_REASON(ASN1_R_PRIVATE_KEY_HEADER_MISSING),"private key header missing"}, {ERR_REASON(ASN1_R_SECOND_NUMBER_TOO_LARGE),"second number too large"}, {ERR_REASON(ASN1_R_SEQUENCE_LENGTH_MISMATCH),"sequence length mismatch"}, {ERR_REASON(ASN1_R_SEQUENCE_NOT_CONSTRUCTED),"sequence not constructed"}, +{ERR_REASON(ASN1_R_SEQUENCE_OR_SET_NEEDS_CONFIG),"sequence or set needs config"}, {ERR_REASON(ASN1_R_SHORT_LINE) ,"short line"}, +{ERR_REASON(ASN1_R_SIG_INVALID_MIME_TYPE),"sig invalid mime type"}, +{ERR_REASON(ASN1_R_STREAMING_NOT_SUPPORTED),"streaming not supported"}, {ERR_REASON(ASN1_R_STRING_TOO_LONG) ,"string too long"}, {ERR_REASON(ASN1_R_STRING_TOO_SHORT) ,"string too short"}, {ERR_REASON(ASN1_R_TAG_VALUE_TOO_HIGH) ,"tag value too high"}, {ERR_REASON(ASN1_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD),"the asn1 object identifier is not known for this md"}, +{ERR_REASON(ASN1_R_TIME_NOT_ASCII_FORMAT),"time not ascii format"}, {ERR_REASON(ASN1_R_TOO_LONG) ,"too long"}, {ERR_REASON(ASN1_R_TYPE_NOT_CONSTRUCTED) ,"type not constructed"}, {ERR_REASON(ASN1_R_UNABLE_TO_DECODE_RSA_KEY),"unable to decode rsa key"}, @@ -227,10 +288,13 @@ static ERR_STRING_DATA ASN1_str_reasons[]= {ERR_REASON(ASN1_R_UNKNOWN_MESSAGE_DIGEST_ALGORITHM),"unknown message digest algorithm"}, {ERR_REASON(ASN1_R_UNKNOWN_OBJECT_TYPE) ,"unknown object type"}, {ERR_REASON(ASN1_R_UNKNOWN_PUBLIC_KEY_TYPE),"unknown public key type"}, +{ERR_REASON(ASN1_R_UNKNOWN_TAG) ,"unknown tag"}, +{ERR_REASON(ASN1_R_UNKOWN_FORMAT) ,"unkown format"}, {ERR_REASON(ASN1_R_UNSUPPORTED_ANY_DEFINED_BY_TYPE),"unsupported any defined by type"}, {ERR_REASON(ASN1_R_UNSUPPORTED_CIPHER) ,"unsupported cipher"}, {ERR_REASON(ASN1_R_UNSUPPORTED_ENCRYPTION_ALGORITHM),"unsupported encryption algorithm"}, {ERR_REASON(ASN1_R_UNSUPPORTED_PUBLIC_KEY_TYPE),"unsupported public key type"}, +{ERR_REASON(ASN1_R_UNSUPPORTED_TYPE) ,"unsupported type"}, {ERR_REASON(ASN1_R_WRONG_TAG) ,"wrong tag"}, {ERR_REASON(ASN1_R_WRONG_TYPE) ,"wrong type"}, {0,NULL} @@ -240,15 +304,12 @@ static ERR_STRING_DATA ASN1_str_reasons[]= void ERR_load_ASN1_strings(void) { - static int init=1; +#ifndef OPENSSL_NO_ERR - if (init) + if (ERR_func_error_string(ASN1_str_functs[0].error) == NULL) { - init=0; -#ifndef OPENSSL_NO_ERR ERR_load_strings(0,ASN1_str_functs); ERR_load_strings(0,ASN1_str_reasons); -#endif - } +#endif } diff --git a/src/lib/libssl/src/crypto/asn1/asn1_lib.c b/src/lib/libssl/src/crypto/asn1/asn1_lib.c index 97b9b35f4b..5af559ef8d 100644 --- a/src/lib/libssl/src/crypto/asn1/asn1_lib.c +++ b/src/lib/libssl/src/crypto/asn1/asn1_lib.c @@ -62,11 +62,11 @@ #include #include -static int asn1_get_length(unsigned char **pp,int *inf,long *rl,int max); +static int asn1_get_length(const unsigned char **pp,int *inf,long *rl,int max); static void asn1_put_length(unsigned char **pp, int length); -const char *ASN1_version="ASN.1" OPENSSL_VERSION_PTEXT; +const char ASN1_version[]="ASN.1" OPENSSL_VERSION_PTEXT; -int ASN1_check_infinite_end(unsigned char **p, long len) +static int _asn1_check_infinite_end(const unsigned char **p, long len) { /* If there is 0 or 1 byte left, the length check should pick * things up */ @@ -80,13 +80,23 @@ int ASN1_check_infinite_end(unsigned char **p, long len) return(0); } +int ASN1_check_infinite_end(unsigned char **p, long len) + { + return _asn1_check_infinite_end((const unsigned char **)p, len); + } -int ASN1_get_object(unsigned char **pp, long *plength, int *ptag, int *pclass, - long omax) +int ASN1_const_check_infinite_end(const unsigned char **p, long len) + { + return _asn1_check_infinite_end(p, len); + } + + +int ASN1_get_object(const unsigned char **pp, long *plength, int *ptag, + int *pclass, long omax) { int i,ret; long l; - unsigned char *p= *pp; + const unsigned char *p= *pp; int tag,xclass,inf; long max=omax; @@ -141,11 +151,11 @@ err: return(0x80); } -static int asn1_get_length(unsigned char **pp, int *inf, long *rl, int max) +static int asn1_get_length(const unsigned char **pp, int *inf, long *rl, int max) { - unsigned char *p= *pp; + const unsigned char *p= *pp; unsigned long ret=0; - int i; + unsigned int i; if (max-- < 1) return(0); if (*p == 0x80) @@ -205,13 +215,22 @@ void ASN1_put_object(unsigned char **pp, int constructed, int length, int tag, } p += ttag; } - if ((constructed == 2) && (length == 0)) - *(p++)=0x80; /* der_put_length would output 0 instead */ + if (constructed == 2) + *(p++)=0x80; else asn1_put_length(&p,length); *pp=p; } +int ASN1_put_eoc(unsigned char **pp) + { + unsigned char *p = *pp; + *p++ = 0; + *p++ = 0; + *pp = p; + return 2; + } + static void asn1_put_length(unsigned char **pp, int length) { unsigned char *p= *pp; @@ -249,8 +268,8 @@ int ASN1_object_size(int constructed, int length, int tag) ret++; } } - if ((length == 0) && (constructed == 2)) - ret+=2; + if (constructed == 2) + return ret + 3; ret++; if (length > 127) { @@ -263,11 +282,11 @@ int ASN1_object_size(int constructed, int length, int tag) return(ret); } -int asn1_Finish(ASN1_CTX *c) +static int _asn1_Finish(ASN1_const_CTX *c) { if ((c->inf == (1|V_ASN1_CONSTRUCTED)) && (!c->eos)) { - if (!ASN1_check_infinite_end(&c->p,c->slen)) + if (!ASN1_const_check_infinite_end(&c->p,c->slen)) { c->error=ERR_R_MISSING_ASN1_EOS; return(0); @@ -282,9 +301,19 @@ int asn1_Finish(ASN1_CTX *c) return(1); } -int asn1_GetSequence(ASN1_CTX *c, long *length) +int asn1_Finish(ASN1_CTX *c) + { + return _asn1_Finish((ASN1_const_CTX *)c); + } + +int asn1_const_Finish(ASN1_const_CTX *c) { - unsigned char *q; + return _asn1_Finish(c); + } + +int asn1_GetSequence(ASN1_const_CTX *c, long *length) + { + const unsigned char *q; q=c->p; c->inf=ASN1_get_object(&(c->p),&(c->slen),&(c->tag),&(c->xclass), @@ -364,6 +393,14 @@ int ASN1_STRING_set(ASN1_STRING *str, const void *_data, int len) return(1); } +void ASN1_STRING_set0(ASN1_STRING *str, void *data, int len) + { + if (str->data) + OPENSSL_free(str->data); + str->data = data; + str->length = len; + } + ASN1_STRING *ASN1_STRING_new(void) { return(ASN1_STRING_type_new(V_ASN1_OCTET_STRING)); @@ -411,7 +448,7 @@ int ASN1_STRING_cmp(ASN1_STRING *a, ASN1_STRING *b) return(i); } -void asn1_add_error(unsigned char *address, int offset) +void asn1_add_error(const unsigned char *address, int offset) { char buf1[DECIMAL_SIZE(address)+1],buf2[DECIMAL_SIZE(offset)+1]; diff --git a/src/lib/libssl/src/crypto/asn1/asn1_mac.h b/src/lib/libssl/src/crypto/asn1/asn1_mac.h index a48649ceeb..d958ca60d9 100644 --- a/src/lib/libssl/src/crypto/asn1/asn1_mac.h +++ b/src/lib/libssl/src/crypto/asn1/asn1_mac.h @@ -73,11 +73,11 @@ extern "C" { ERR_PUT_error(ASN1_MAC_ERR_LIB,(f),(r),__FILE__,(line)) #define M_ASN1_D2I_vars(a,type,func) \ - ASN1_CTX c; \ + ASN1_const_CTX c; \ type ret=NULL; \ \ - c.pp=(unsigned char **)pp; \ - c.q= *(unsigned char **)pp; \ + c.pp=(const unsigned char **)pp; \ + c.q= *(const unsigned char **)pp; \ c.error=ERR_R_NESTED_ASN1_ERROR; \ if ((a == NULL) || ((*a) == NULL)) \ { if ((ret=(type)func()) == NULL) \ @@ -85,13 +85,13 @@ extern "C" { else ret=(*a); #define M_ASN1_D2I_Init() \ - c.p= *(unsigned char **)pp; \ + c.p= *(const unsigned char **)pp; \ c.max=(length == 0)?0:(c.p+length); #define M_ASN1_D2I_Finish_2(a) \ - if (!asn1_Finish(&c)) \ + if (!asn1_const_Finish(&c)) \ { c.line=__LINE__; goto err; } \ - *(unsigned char **)pp=c.p; \ + *(const unsigned char **)pp=c.p; \ if (a != NULL) (*a)=ret; \ return(ret); @@ -99,7 +99,7 @@ extern "C" { M_ASN1_D2I_Finish_2(a); \ err:\ ASN1_MAC_H_err((e),c.error,c.line); \ - asn1_add_error(*(unsigned char **)pp,(int)(c.q- *pp)); \ + asn1_add_error(*(const unsigned char **)pp,(int)(c.q- *pp)); \ if ((ret != NULL) && ((a == NULL) || (*a != ret))) func(ret); \ return(NULL) @@ -123,15 +123,22 @@ err:\ #define M_ASN1_D2I_end_sequence() \ (((c.inf&1) == 0)?(c.slen <= 0): \ - (c.eos=ASN1_check_infinite_end(&c.p,c.slen))) + (c.eos=ASN1_const_check_infinite_end(&c.p,c.slen))) /* Don't use this with d2i_ASN1_BOOLEAN() */ -#define M_ASN1_D2I_get(b,func) \ +#define M_ASN1_D2I_get(b, func) \ c.q=c.p; \ if (func(&(b),&c.p,c.slen) == NULL) \ {c.line=__LINE__; goto err; } \ c.slen-=(c.p-c.q); +/* Don't use this with d2i_ASN1_BOOLEAN() */ +#define M_ASN1_D2I_get_x(type,b,func) \ + c.q=c.p; \ + if (((D2I_OF(type))func)(&(b),&c.p,c.slen) == NULL) \ + {c.line=__LINE__; goto err; } \ + c.slen-=(c.p-c.q); + /* use this instead () */ #define M_ASN1_D2I_get_int(b,func) \ c.q=c.p; \ @@ -278,7 +285,7 @@ err:\ { c.line=__LINE__; goto err; } \ if (Tinf == (V_ASN1_CONSTRUCTED+1)) { \ Tlen = c.slen - (c.p - c.q); \ - if(!ASN1_check_infinite_end(&c.p, Tlen)) \ + if(!ASN1_const_check_infinite_end(&c.p, Tlen)) \ { c.error=ERR_R_MISSING_ASN1_EOS; \ c.line=__LINE__; goto err; } \ }\ @@ -353,8 +360,12 @@ err:\ return(NULL) -#define M_ASN1_next (*c.p) -#define M_ASN1_next_prev (*c.q) +/* BIG UGLY WARNING! This is so damn ugly I wanna puke. Unfortunately, + some macros that use ASN1_const_CTX still insist on writing in the input + stream. ARGH! ARGH! ARGH! Let's get rid of this macro package. + Please? -- Richard Levitte */ +#define M_ASN1_next (*((unsigned char *)(c.p))) +#define M_ASN1_next_prev (*((unsigned char *)(c.q))) /*************************************************/ @@ -551,8 +562,8 @@ err:\ #define M_ASN1_I2D_finish() *pp=p; \ return(r); -int asn1_GetSequence(ASN1_CTX *c, long *length); -void asn1_add_error(unsigned char *address,int offset); +int asn1_GetSequence(ASN1_const_CTX *c, long *length); +void asn1_add_error(const unsigned char *address,int offset); #ifdef __cplusplus } #endif diff --git a/src/lib/libssl/src/crypto/asn1/asn1_par.c b/src/lib/libssl/src/crypto/asn1/asn1_par.c index 676d434f03..501b62a4b1 100644 --- a/src/lib/libssl/src/crypto/asn1/asn1_par.c +++ b/src/lib/libssl/src/crypto/asn1/asn1_par.c @@ -64,7 +64,7 @@ static int asn1_print_info(BIO *bp, int tag, int xclass,int constructed, int indent); -static int asn1_parse2(BIO *bp, unsigned char **pp, long length, +static int asn1_parse2(BIO *bp, const unsigned char **pp, long length, int offset, int depth, int indent, int dump); static int asn1_print_info(BIO *bp, int tag, int xclass, int constructed, int indent) @@ -88,7 +88,10 @@ static int asn1_print_info(BIO *bp, int tag, int xclass, int constructed, BIO_snprintf(str,sizeof str,"cont [ %d ]",tag); else if ((xclass & V_ASN1_APPLICATION) == V_ASN1_APPLICATION) BIO_snprintf(str,sizeof str,"appl [ %d ]",tag); - else p = ASN1_tag2str(tag); + else if (tag > 30) + BIO_snprintf(str,sizeof str,"",tag); + else + p = ASN1_tag2str(tag); if (p2 != NULL) { @@ -103,20 +106,20 @@ err: return(0); } -int ASN1_parse(BIO *bp, unsigned char *pp, long len, int indent) +int ASN1_parse(BIO *bp, const unsigned char *pp, long len, int indent) { return(asn1_parse2(bp,&pp,len,0,0,indent,0)); } -int ASN1_parse_dump(BIO *bp, unsigned char *pp, long len, int indent, int dump) +int ASN1_parse_dump(BIO *bp, const unsigned char *pp, long len, int indent, int dump) { return(asn1_parse2(bp,&pp,len,0,0,indent,dump)); } -static int asn1_parse2(BIO *bp, unsigned char **pp, long length, int offset, +static int asn1_parse2(BIO *bp, const unsigned char **pp, long length, int offset, int depth, int indent, int dump) { - unsigned char *p,*ep,*tot,*op,*opp; + const unsigned char *p,*ep,*tot,*op,*opp; long len; int tag,xclass,ret=0; int nl,hl,j,r; @@ -215,7 +218,7 @@ static int asn1_parse2(BIO *bp, unsigned char **pp, long length, int offset, { if (BIO_write(bp,":",1) <= 0) goto end; if ((len > 0) && - BIO_write(bp,(char *)p,(int)len) + BIO_write(bp,(const char *)p,(int)len) != (int)len) goto end; } @@ -256,9 +259,11 @@ static int asn1_parse2(BIO *bp, unsigned char **pp, long length, int offset, opp=op; os=d2i_ASN1_OCTET_STRING(NULL,&opp,len+hl); - if (os != NULL) + if (os != NULL && os->length > 0) { - opp=os->data; + opp = os->data; + /* testing whether the octet string is + * printable */ for (i=0; ilength; i++) { if (( (opp[i] < ' ') && @@ -271,28 +276,47 @@ static int asn1_parse2(BIO *bp, unsigned char **pp, long length, int offset, break; } } - if (printable && (os->length > 0)) + if (printable) + /* printable string */ { if (BIO_write(bp,":",1) <= 0) goto end; - if (BIO_write(bp,(char *)opp, + if (BIO_write(bp,(const char *)opp, os->length) <= 0) goto end; } - if (!printable && (os->length > 0) - && dump) + else if (!dump) + /* not printable => print octet string + * as hex dump */ + { + if (BIO_write(bp,"[HEX DUMP]:",11) <= 0) + goto end; + for (i=0; ilength; i++) + { + if (BIO_printf(bp,"%02X" + , opp[i]) <= 0) + goto end; + } + } + else + /* print the normal dump */ { if (!nl) { if (BIO_write(bp,"\n",1) <= 0) goto end; } - if (BIO_dump_indent(bp,(char *)opp, - ((dump == -1 || dump > os->length)?os->length:dump), + if (BIO_dump_indent(bp, + (const char *)opp, + ((dump == -1 || dump > + os->length)?os->length:dump), dump_indent) <= 0) goto end; nl=1; } + } + if (os != NULL) + { M_ASN1_OCTET_STRING_free(os); os=NULL; } @@ -368,7 +392,7 @@ static int asn1_parse2(BIO *bp, unsigned char **pp, long length, int offset, if (BIO_write(bp,"\n",1) <= 0) goto end; } - if (BIO_dump_indent(bp,(char *)p, + if (BIO_dump_indent(bp,(const char *)p, ((dump == -1 || dump > len)?len:dump), dump_indent) <= 0) goto end; @@ -398,7 +422,7 @@ end: const char *ASN1_tag2str(int tag) { - const static char *tag2str[] = { + static const char *tag2str[] = { "EOC", "BOOLEAN", "INTEGER", "BIT STRING", "OCTET STRING", /* 0-4 */ "NULL", "OBJECT", "OBJECT DESCRIPTOR", "EXTERNAL", "REAL", /* 5-9 */ "ENUMERATED", "", "UTF8STRING", "", /* 10-13 */ diff --git a/src/lib/libssl/src/crypto/asn1/asn1t.h b/src/lib/libssl/src/crypto/asn1/asn1t.h index ed372f8554..bf315e65ed 100644 --- a/src/lib/libssl/src/crypto/asn1/asn1t.h +++ b/src/lib/libssl/src/crypto/asn1/asn1t.h @@ -99,7 +99,7 @@ extern "C" { #define ASN1_ITEM_start(itname) \ const ASN1_ITEM * itname##_it(void) \ { \ - static const ASN1_ITEM local_it = { \ + static const ASN1_ITEM local_it = { #define ASN1_ITEM_end(itname) \ }; \ @@ -112,7 +112,7 @@ extern "C" { /* Macros to aid ASN1 template writing */ #define ASN1_ITEM_TEMPLATE(tname) \ - const static ASN1_TEMPLATE tname##_item_tt + static const ASN1_TEMPLATE tname##_item_tt #define ASN1_ITEM_TEMPLATE_END(tname) \ ;\ @@ -150,7 +150,7 @@ extern "C" { */ #define ASN1_SEQUENCE(tname) \ - const static ASN1_TEMPLATE tname##_seq_tt[] + static const ASN1_TEMPLATE tname##_seq_tt[] #define ASN1_SEQUENCE_END(stname) ASN1_SEQUENCE_END_name(stname, stname) @@ -166,22 +166,40 @@ extern "C" { #stname \ ASN1_ITEM_end(tname) +#define ASN1_NDEF_SEQUENCE(tname) \ + ASN1_SEQUENCE(tname) + +#define ASN1_NDEF_SEQUENCE_cb(tname, cb) \ + ASN1_SEQUENCE_cb(tname, cb) + #define ASN1_SEQUENCE_cb(tname, cb) \ - const static ASN1_AUX tname##_aux = {NULL, 0, 0, 0, cb, 0}; \ + static const ASN1_AUX tname##_aux = {NULL, 0, 0, 0, cb, 0}; \ ASN1_SEQUENCE(tname) #define ASN1_BROKEN_SEQUENCE(tname) \ - const static ASN1_AUX tname##_aux = {NULL, ASN1_AFLG_BROKEN, 0, 0, 0, 0}; \ + static const ASN1_AUX tname##_aux = {NULL, ASN1_AFLG_BROKEN, 0, 0, 0, 0}; \ ASN1_SEQUENCE(tname) #define ASN1_SEQUENCE_ref(tname, cb, lck) \ - const static ASN1_AUX tname##_aux = {NULL, ASN1_AFLG_REFCOUNT, offsetof(tname, references), lck, cb, 0}; \ + static const ASN1_AUX tname##_aux = {NULL, ASN1_AFLG_REFCOUNT, offsetof(tname, references), lck, cb, 0}; \ ASN1_SEQUENCE(tname) #define ASN1_SEQUENCE_enc(tname, enc, cb) \ - const static ASN1_AUX tname##_aux = {NULL, ASN1_AFLG_ENCODING, 0, 0, cb, offsetof(tname, enc)}; \ + static const ASN1_AUX tname##_aux = {NULL, ASN1_AFLG_ENCODING, 0, 0, cb, offsetof(tname, enc)}; \ ASN1_SEQUENCE(tname) +#define ASN1_NDEF_SEQUENCE_END(tname) \ + ;\ + ASN1_ITEM_start(tname) \ + ASN1_ITYPE_NDEF_SEQUENCE,\ + V_ASN1_SEQUENCE,\ + tname##_seq_tt,\ + sizeof(tname##_seq_tt) / sizeof(ASN1_TEMPLATE),\ + NULL,\ + sizeof(tname),\ + #tname \ + ASN1_ITEM_end(tname) + #define ASN1_BROKEN_SEQUENCE_END(stname) ASN1_SEQUENCE_END_ref(stname, stname) #define ASN1_SEQUENCE_END_enc(stname, tname) ASN1_SEQUENCE_END_ref(stname, tname) @@ -224,10 +242,10 @@ extern "C" { */ #define ASN1_CHOICE(tname) \ - const static ASN1_TEMPLATE tname##_ch_tt[] + static const ASN1_TEMPLATE tname##_ch_tt[] #define ASN1_CHOICE_cb(tname, cb) \ - const static ASN1_AUX tname##_aux = {NULL, 0, 0, 0, cb, 0}; \ + static const ASN1_AUX tname##_aux = {NULL, 0, 0, 0, cb, 0}; \ ASN1_CHOICE(tname) #define ASN1_CHOICE_END(stname) ASN1_CHOICE_END_name(stname, stname) @@ -353,16 +371,24 @@ extern "C" { #define ASN1_EXP_SEQUENCE_OF_OPT(stname, field, type, tag) \ ASN1_EXP_EX(stname, field, type, tag, ASN1_TFLG_SEQUENCE_OF|ASN1_TFLG_OPTIONAL) +/* EXPLICIT using indefinite length constructed form */ +#define ASN1_NDEF_EXP(stname, field, type, tag) \ + ASN1_EXP_EX(stname, field, type, tag, ASN1_TFLG_NDEF) + +/* EXPLICIT OPTIONAL using indefinite length constructed form */ +#define ASN1_NDEF_EXP_OPT(stname, field, type, tag) \ + ASN1_EXP_EX(stname, field, type, tag, ASN1_TFLG_OPTIONAL|ASN1_TFLG_NDEF) + /* Macros for the ASN1_ADB structure */ #define ASN1_ADB(name) \ - const static ASN1_ADB_TABLE name##_adbtbl[] + static const ASN1_ADB_TABLE name##_adbtbl[] #ifndef OPENSSL_EXPORT_VAR_AS_FUNCTION #define ASN1_ADB_END(name, flags, field, app_table, def, none) \ ;\ - const static ASN1_ADB name##_adb = {\ + static const ASN1_ADB name##_adb = {\ flags,\ offsetof(name, field),\ app_table,\ @@ -376,9 +402,9 @@ extern "C" { #define ASN1_ADB_END(name, flags, field, app_table, def, none) \ ;\ - const static ASN1_ITEM *name##_adb(void) \ + static const ASN1_ITEM *name##_adb(void) \ { \ - const static ASN1_ADB internal_adb = \ + static const ASN1_ADB internal_adb = \ {\ flags,\ offsetof(name, field),\ @@ -397,7 +423,7 @@ extern "C" { #define ADB_ENTRY(val, template) {val, template} #define ASN1_ADB_TEMPLATE(name) \ - const static ASN1_TEMPLATE name##_tt + static const ASN1_TEMPLATE name##_tt /* This is the ASN1 template structure that defines * a wrapper round the actual type. It determines the @@ -410,7 +436,7 @@ unsigned long flags; /* Various flags */ long tag; /* tag, not used if no tagging */ unsigned long offset; /* Offset of this field in structure */ #ifndef NO_ASN1_FIELD_NAMES -char *field_name; /* Field name */ +const char *field_name; /* Field name */ #endif ASN1_ITEM_EXP *item; /* Relevant ASN1_ITEM or ASN1_ADB */ }; @@ -518,6 +544,13 @@ struct ASN1_ADB_TABLE_st { #define ASN1_TFLG_COMBINE (0x1<<10) +/* This flag when present in a SEQUENCE OF, SET OF + * or EXPLICIT causes indefinite length constructed + * encoding to be used if required. + */ + +#define ASN1_TFLG_NDEF (0x1<<11) + /* This is the actual ASN1 item itself */ struct ASN1_ITEM_st { @@ -570,19 +603,25 @@ const char *sname; /* Structure name */ * has a special meaning, it is used as a mask * of acceptable types using the B_ASN1 constants. * + * NDEF_SEQUENCE is the same as SEQUENCE except + * that it will use indefinite length constructed + * encoding if requested. + * */ -#define ASN1_ITYPE_PRIMITIVE 0x0 +#define ASN1_ITYPE_PRIMITIVE 0x0 + +#define ASN1_ITYPE_SEQUENCE 0x1 -#define ASN1_ITYPE_SEQUENCE 0x1 +#define ASN1_ITYPE_CHOICE 0x2 -#define ASN1_ITYPE_CHOICE 0x2 +#define ASN1_ITYPE_COMPAT 0x3 -#define ASN1_ITYPE_COMPAT 0x3 +#define ASN1_ITYPE_EXTERN 0x4 -#define ASN1_ITYPE_EXTERN 0x4 +#define ASN1_ITYPE_MSTRING 0x5 -#define ASN1_ITYPE_MSTRING 0x5 +#define ASN1_ITYPE_NDEF_SEQUENCE 0x6 /* Cache for ASN1 tag and length, so we * don't keep re-reading it for things @@ -602,10 +641,10 @@ struct ASN1_TLC_st{ typedef ASN1_VALUE * ASN1_new_func(void); typedef void ASN1_free_func(ASN1_VALUE *a); -typedef ASN1_VALUE * ASN1_d2i_func(ASN1_VALUE **a, unsigned char ** in, long length); +typedef ASN1_VALUE * ASN1_d2i_func(ASN1_VALUE **a, const unsigned char ** in, long length); typedef int ASN1_i2d_func(ASN1_VALUE * a, unsigned char **in); -typedef int ASN1_ex_d2i(ASN1_VALUE **pval, unsigned char **in, long len, const ASN1_ITEM *it, +typedef int ASN1_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len, const ASN1_ITEM *it, int tag, int aclass, char opt, ASN1_TLC *ctx); typedef int ASN1_ex_i2d(ASN1_VALUE **pval, unsigned char **out, const ASN1_ITEM *it, int tag, int aclass); @@ -613,7 +652,7 @@ typedef int ASN1_ex_new_func(ASN1_VALUE **pval, const ASN1_ITEM *it); typedef void ASN1_ex_free_func(ASN1_VALUE **pval, const ASN1_ITEM *it); typedef int ASN1_primitive_i2c(ASN1_VALUE **pval, unsigned char *cont, int *putype, const ASN1_ITEM *it); -typedef int ASN1_primitive_c2i(ASN1_VALUE **pval, unsigned char *cont, int len, int utype, char *free_cont, const ASN1_ITEM *it); +typedef int ASN1_primitive_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len, int utype, char *free_cont, const ASN1_ITEM *it); typedef struct ASN1_COMPAT_FUNCS_st { ASN1_new_func *asn1_new; @@ -743,6 +782,9 @@ typedef struct ASN1_AUX_st { #define IMPLEMENT_ASN1_FUNCTIONS_ENCODE_name(stname, itname) \ IMPLEMENT_ASN1_FUNCTIONS_ENCODE_fname(stname, itname, itname) +#define IMPLEMENT_ASN1_ALLOC_FUNCTIONS(stname) \ + IMPLEMENT_ASN1_ALLOC_FUNCTIONS_fname(stname, stname, stname) + #define IMPLEMENT_ASN1_ALLOC_FUNCTIONS_fname(stname, itname, fname) \ stname *fname##_new(void) \ { \ @@ -758,7 +800,7 @@ typedef struct ASN1_AUX_st { IMPLEMENT_ASN1_ALLOC_FUNCTIONS_fname(stname, itname, fname) #define IMPLEMENT_ASN1_ENCODE_FUNCTIONS_fname(stname, itname, fname) \ - stname *d2i_##fname(stname **a, unsigned char **in, long len) \ + stname *d2i_##fname(stname **a, const unsigned char **in, long len) \ { \ return (stname *)ASN1_item_d2i((ASN1_VALUE **)a, in, len, ASN1_ITEM_rptr(itname));\ } \ @@ -767,13 +809,19 @@ typedef struct ASN1_AUX_st { return ASN1_item_i2d((ASN1_VALUE *)a, out, ASN1_ITEM_rptr(itname));\ } +#define IMPLEMENT_ASN1_NDEF_FUNCTION(stname) \ + int i2d_##stname##_NDEF(stname *a, unsigned char **out) \ + { \ + return ASN1_item_ndef_i2d((ASN1_VALUE *)a, out, ASN1_ITEM_rptr(stname));\ + } + /* This includes evil casts to remove const: they will go away when full * ASN1 constification is done. */ #define IMPLEMENT_ASN1_ENCODE_FUNCTIONS_const_fname(stname, itname, fname) \ stname *d2i_##fname(stname **a, const unsigned char **in, long len) \ { \ - return (stname *)ASN1_item_d2i((ASN1_VALUE **)a, (unsigned char **)in, len, ASN1_ITEM_rptr(itname));\ + return (stname *)ASN1_item_d2i((ASN1_VALUE **)a, in, len, ASN1_ITEM_rptr(itname));\ } \ int i2d_##fname(const stname *a, unsigned char **out) \ { \ @@ -798,7 +846,6 @@ typedef struct ASN1_AUX_st { DECLARE_ASN1_ITEM(ASN1_BOOLEAN) DECLARE_ASN1_ITEM(ASN1_TBOOLEAN) DECLARE_ASN1_ITEM(ASN1_FBOOLEAN) -DECLARE_ASN1_ITEM(ASN1_ANY) DECLARE_ASN1_ITEM(ASN1_SEQUENCE) DECLARE_ASN1_ITEM(CBIGNUM) DECLARE_ASN1_ITEM(BIGNUM) @@ -815,8 +862,8 @@ int ASN1_template_new(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt); int ASN1_primitive_new(ASN1_VALUE **pval, const ASN1_ITEM *it); void ASN1_template_free(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt); -int ASN1_template_d2i(ASN1_VALUE **pval, unsigned char **in, long len, const ASN1_TEMPLATE *tt); -int ASN1_item_ex_d2i(ASN1_VALUE **pval, unsigned char **in, long len, const ASN1_ITEM *it, +int ASN1_template_d2i(ASN1_VALUE **pval, const unsigned char **in, long len, const ASN1_TEMPLATE *tt); +int ASN1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len, const ASN1_ITEM *it, int tag, int aclass, char opt, ASN1_TLC *ctx); int ASN1_item_ex_i2d(ASN1_VALUE **pval, unsigned char **out, const ASN1_ITEM *it, int tag, int aclass); @@ -824,7 +871,7 @@ int ASN1_template_i2d(ASN1_VALUE **pval, unsigned char **out, const ASN1_TEMPLAT void ASN1_primitive_free(ASN1_VALUE **pval, const ASN1_ITEM *it); int asn1_ex_i2c(ASN1_VALUE **pval, unsigned char *cont, int *putype, const ASN1_ITEM *it); -int asn1_ex_c2i(ASN1_VALUE **pval, unsigned char *cont, int len, int utype, char *free_cont, const ASN1_ITEM *it); +int asn1_ex_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len, int utype, char *free_cont, const ASN1_ITEM *it); int asn1_get_choice_selector(ASN1_VALUE **pval, const ASN1_ITEM *it); int asn1_set_choice_selector(ASN1_VALUE **pval, int value, const ASN1_ITEM *it); @@ -838,7 +885,7 @@ int asn1_do_lock(ASN1_VALUE **pval, int op, const ASN1_ITEM *it); void asn1_enc_init(ASN1_VALUE **pval, const ASN1_ITEM *it); void asn1_enc_free(ASN1_VALUE **pval, const ASN1_ITEM *it); int asn1_enc_restore(int *len, unsigned char **out, ASN1_VALUE **pval, const ASN1_ITEM *it); -int asn1_enc_save(ASN1_VALUE **pval, unsigned char *in, int inlen, const ASN1_ITEM *it); +int asn1_enc_save(ASN1_VALUE **pval, const unsigned char *in, int inlen, const ASN1_ITEM *it); #ifdef __cplusplus } diff --git a/src/lib/libssl/src/crypto/asn1/asn_moid.c b/src/lib/libssl/src/crypto/asn1/asn_moid.c index edb44c988f..9132350f10 100644 --- a/src/lib/libssl/src/crypto/asn1/asn_moid.c +++ b/src/lib/libssl/src/crypto/asn1/asn_moid.c @@ -3,7 +3,7 @@ * project 2001. */ /* ==================================================================== - * Copyright (c) 2001 The OpenSSL Project. All rights reserved. + * Copyright (c) 2001-2004 The OpenSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -57,6 +57,7 @@ */ #include +#include #include #include "cryptlib.h" #include @@ -65,6 +66,8 @@ /* Simple ASN1 OID module: add all objects in a given section */ +static int do_create(char *value, char *name); + static int oid_module_init(CONF_IMODULE *md, const CONF *cnf) { int i; @@ -80,7 +83,7 @@ static int oid_module_init(CONF_IMODULE *md, const CONF *cnf) for(i = 0; i < sk_CONF_VALUE_num(sktmp); i++) { oval = sk_CONF_VALUE_value(sktmp, i); - if(OBJ_create(oval->value, oval->name, oval->name) == NID_undef) + if(!do_create(oval->value, oval->name)) { ASN1err(ASN1_F_OID_MODULE_INIT, ASN1_R_ADDING_OBJECT); return 0; @@ -98,3 +101,60 @@ void ASN1_add_oid_module(void) { CONF_module_add("oid_section", oid_module_init, oid_module_finish); } + +/* Create an OID based on a name value pair. Accept two formats. + * shortname = 1.2.3.4 + * shortname = some long name, 1.2.3.4 + */ + + +static int do_create(char *value, char *name) + { + int nid; + ASN1_OBJECT *oid; + char *ln, *ostr, *p, *lntmp; + p = strrchr(value, ','); + if (!p) + { + ln = name; + ostr = value; + } + else + { + ln = NULL; + ostr = p + 1; + if (!*ostr) + return 0; + while(isspace((unsigned char)*ostr)) ostr++; + } + + nid = OBJ_create(ostr, name, ln); + + if (nid == NID_undef) + return 0; + + if (p) + { + ln = value; + while(isspace((unsigned char)*ln)) ln++; + p--; + while(isspace((unsigned char)*p)) + { + if (p == ln) + return 0; + p--; + } + p++; + lntmp = OPENSSL_malloc((p - ln) + 1); + if (lntmp == NULL) + return 0; + memcpy(lntmp, ln, p - ln); + lntmp[p - ln] = 0; + oid = OBJ_nid2obj(nid); + oid->ln = lntmp; + } + + return 1; + } + + diff --git a/src/lib/libssl/src/crypto/asn1/asn_pack.c b/src/lib/libssl/src/crypto/asn1/asn_pack.c index e6051db2dc..e8b671b7b5 100644 --- a/src/lib/libssl/src/crypto/asn1/asn_pack.c +++ b/src/lib/libssl/src/crypto/asn1/asn_pack.c @@ -66,11 +66,11 @@ /* Turn an ASN1 encoded SEQUENCE OF into a STACK of structures */ -STACK *ASN1_seq_unpack(unsigned char *buf, int len, char *(*d2i)(), - void (*free_func)(void *)) +STACK *ASN1_seq_unpack(const unsigned char *buf, int len, + d2i_of_void *d2i,void (*free_func)(void *)) { STACK *sk; - unsigned char *pbuf; + const unsigned char *pbuf; pbuf = buf; if (!(sk = d2i_ASN1_SET(NULL, &pbuf, len, d2i, free_func, V_ASN1_SEQUENCE, V_ASN1_UNIVERSAL))) @@ -82,8 +82,8 @@ STACK *ASN1_seq_unpack(unsigned char *buf, int len, char *(*d2i)(), * OPENSSL_malloc'ed buffer */ -unsigned char *ASN1_seq_pack(STACK *safes, int (*i2d)(), unsigned char **buf, - int *len) +unsigned char *ASN1_seq_pack(STACK *safes, i2d_of_void *i2d, + unsigned char **buf, int *len) { int safelen; unsigned char *safe, *p; @@ -106,9 +106,9 @@ unsigned char *ASN1_seq_pack(STACK *safes, int (*i2d)(), unsigned char **buf, /* Extract an ASN1 object from an ASN1_STRING */ -void *ASN1_unpack_string (ASN1_STRING *oct, char *(*d2i)()) +void *ASN1_unpack_string(ASN1_STRING *oct, d2i_of_void *d2i) { - unsigned char *p; + const unsigned char *p; char *ret; p = oct->data; @@ -119,7 +119,7 @@ void *ASN1_unpack_string (ASN1_STRING *oct, char *(*d2i)()) /* Pack an ASN1 object into an ASN1_STRING */ -ASN1_STRING *ASN1_pack_string(void *obj, int (*i2d)(), ASN1_STRING **oct) +ASN1_STRING *ASN1_pack_string(void *obj, i2d_of_void *i2d, ASN1_STRING **oct) { unsigned char *p; ASN1_STRING *octmp; @@ -155,7 +155,7 @@ ASN1_STRING *ASN1_item_pack(void *obj, const ASN1_ITEM *it, ASN1_STRING **oct) if (!oct || !*oct) { if (!(octmp = ASN1_STRING_new ())) { - ASN1err(ASN1_F_ASN1_PACK_STRING,ERR_R_MALLOC_FAILURE); + ASN1err(ASN1_F_ASN1_ITEM_PACK,ERR_R_MALLOC_FAILURE); return NULL; } if (oct) *oct = octmp; @@ -167,11 +167,11 @@ ASN1_STRING *ASN1_item_pack(void *obj, const ASN1_ITEM *it, ASN1_STRING **oct) } if (!(octmp->length = ASN1_item_i2d(obj, &octmp->data, it))) { - ASN1err(ASN1_F_ASN1_PACK_STRING,ASN1_R_ENCODE_ERROR); + ASN1err(ASN1_F_ASN1_ITEM_PACK,ASN1_R_ENCODE_ERROR); return NULL; } if (!octmp->data) { - ASN1err(ASN1_F_ASN1_PACK_STRING,ERR_R_MALLOC_FAILURE); + ASN1err(ASN1_F_ASN1_ITEM_PACK,ERR_R_MALLOC_FAILURE); return NULL; } return octmp; @@ -181,11 +181,11 @@ ASN1_STRING *ASN1_item_pack(void *obj, const ASN1_ITEM *it, ASN1_STRING **oct) void *ASN1_item_unpack(ASN1_STRING *oct, const ASN1_ITEM *it) { - unsigned char *p; + const unsigned char *p; void *ret; p = oct->data; if(!(ret = ASN1_item_d2i(NULL, &p, oct->length, it))) - ASN1err(ASN1_F_ASN1_UNPACK_STRING,ASN1_R_DECODE_ERROR); + ASN1err(ASN1_F_ASN1_ITEM_UNPACK,ASN1_R_DECODE_ERROR); return ret; } diff --git a/src/lib/libssl/src/crypto/asn1/d2i_pr.c b/src/lib/libssl/src/crypto/asn1/d2i_pr.c index 2e7d96af90..207ccda5ac 100644 --- a/src/lib/libssl/src/crypto/asn1/d2i_pr.c +++ b/src/lib/libssl/src/crypto/asn1/d2i_pr.c @@ -68,8 +68,11 @@ #ifndef OPENSSL_NO_DSA #include #endif +#ifndef OPENSSL_NO_EC +#include +#endif -EVP_PKEY *d2i_PrivateKey(int type, EVP_PKEY **a, unsigned char **pp, +EVP_PKEY *d2i_PrivateKey(int type, EVP_PKEY **a, const unsigned char **pp, long length) { EVP_PKEY *ret; @@ -107,6 +110,16 @@ EVP_PKEY *d2i_PrivateKey(int type, EVP_PKEY **a, unsigned char **pp, goto err; } break; +#endif +#ifndef OPENSSL_NO_EC + case EVP_PKEY_EC: + if ((ret->pkey.ec = d2i_ECPrivateKey(NULL, + (const unsigned char **)pp, length)) == NULL) + { + ASN1err(ASN1_F_D2I_PRIVATEKEY, ERR_R_ASN1_LIB); + goto err; + } + break; #endif default: ASN1err(ASN1_F_D2I_PRIVATEKEY,ASN1_R_UNKNOWN_PUBLIC_KEY_TYPE); @@ -122,11 +135,11 @@ err: /* This works like d2i_PrivateKey() except it automatically works out the type */ -EVP_PKEY *d2i_AutoPrivateKey(EVP_PKEY **a, unsigned char **pp, +EVP_PKEY *d2i_AutoPrivateKey(EVP_PKEY **a, const unsigned char **pp, long length) { STACK_OF(ASN1_TYPE) *inkey; - unsigned char *p; + const unsigned char *p; int keytype; p = *pp; /* Dirty trick: read in the ASN1 data into a STACK_OF(ASN1_TYPE): @@ -138,7 +151,10 @@ EVP_PKEY *d2i_AutoPrivateKey(EVP_PKEY **a, unsigned char **pp, /* Since we only need to discern "traditional format" RSA and DSA * keys we can just count the elements. */ - if(sk_ASN1_TYPE_num(inkey) == 6) keytype = EVP_PKEY_DSA; + if(sk_ASN1_TYPE_num(inkey) == 6) + keytype = EVP_PKEY_DSA; + else if (sk_ASN1_TYPE_num(inkey) == 4) + keytype = EVP_PKEY_EC; else keytype = EVP_PKEY_RSA; sk_ASN1_TYPE_pop_free(inkey, ASN1_TYPE_free); return d2i_PrivateKey(keytype, a, pp, length); diff --git a/src/lib/libssl/src/crypto/asn1/d2i_pu.c b/src/lib/libssl/src/crypto/asn1/d2i_pu.c index 71f2eb361b..3694f51a8c 100644 --- a/src/lib/libssl/src/crypto/asn1/d2i_pu.c +++ b/src/lib/libssl/src/crypto/asn1/d2i_pu.c @@ -68,8 +68,11 @@ #ifndef OPENSSL_NO_DSA #include #endif +#ifndef OPENSSL_NO_EC +#include +#endif -EVP_PKEY *d2i_PublicKey(int type, EVP_PKEY **a, unsigned char **pp, +EVP_PKEY *d2i_PublicKey(int type, EVP_PKEY **a, const unsigned char **pp, long length) { EVP_PKEY *ret; @@ -100,13 +103,23 @@ EVP_PKEY *d2i_PublicKey(int type, EVP_PKEY **a, unsigned char **pp, #endif #ifndef OPENSSL_NO_DSA case EVP_PKEY_DSA: - if ((ret->pkey.dsa=d2i_DSAPublicKey(NULL, - (const unsigned char **)pp,length)) == NULL) /* TMP UGLY CAST */ + if (!d2i_DSAPublicKey(&(ret->pkey.dsa), + (const unsigned char **)pp,length)) /* TMP UGLY CAST */ { ASN1err(ASN1_F_D2I_PUBLICKEY,ERR_R_ASN1_LIB); goto err; } break; +#endif +#ifndef OPENSSL_NO_EC + case EVP_PKEY_EC: + if (!o2i_ECPublicKey(&(ret->pkey.ec), + (const unsigned char **)pp, length)) + { + ASN1err(ASN1_F_D2I_PUBLICKEY, ERR_R_ASN1_LIB); + goto err; + } + break; #endif default: ASN1err(ASN1_F_D2I_PUBLICKEY,ASN1_R_UNKNOWN_PUBLIC_KEY_TYPE); diff --git a/src/lib/libssl/src/crypto/asn1/evp_asn1.c b/src/lib/libssl/src/crypto/asn1/evp_asn1.c index f92ce6cb5d..f3d9804860 100644 --- a/src/lib/libssl/src/crypto/asn1/evp_asn1.c +++ b/src/lib/libssl/src/crypto/asn1/evp_asn1.c @@ -141,9 +141,9 @@ int ASN1_TYPE_get_int_octetstring(ASN1_TYPE *a, long *num, unsigned char *data, int ret= -1,n; ASN1_INTEGER *ai=NULL; ASN1_OCTET_STRING *os=NULL; - unsigned char *p; + const unsigned char *p; long length; - ASN1_CTX c; + ASN1_const_CTX c; if ((a->type != V_ASN1_SEQUENCE) || (a->value.sequence == NULL)) { diff --git a/src/lib/libssl/src/crypto/asn1/i2d_pr.c b/src/lib/libssl/src/crypto/asn1/i2d_pr.c index 1e951ae01d..0be52c5b76 100644 --- a/src/lib/libssl/src/crypto/asn1/i2d_pr.c +++ b/src/lib/libssl/src/crypto/asn1/i2d_pr.c @@ -67,6 +67,9 @@ #ifndef OPENSSL_NO_DSA #include #endif +#ifndef OPENSSL_NO_EC +#include +#endif int i2d_PrivateKey(EVP_PKEY *a, unsigned char **pp) { @@ -83,6 +86,12 @@ int i2d_PrivateKey(EVP_PKEY *a, unsigned char **pp) return(i2d_DSAPrivateKey(a->pkey.dsa,pp)); } #endif +#ifndef OPENSSL_NO_EC + if (a->type == EVP_PKEY_EC) + { + return(i2d_ECPrivateKey(a->pkey.ec, pp)); + } +#endif ASN1err(ASN1_F_I2D_PRIVATEKEY,ASN1_R_UNSUPPORTED_PUBLIC_KEY_TYPE); return(-1); diff --git a/src/lib/libssl/src/crypto/asn1/i2d_pu.c b/src/lib/libssl/src/crypto/asn1/i2d_pu.c index 013d19bbf4..34286dbd35 100644 --- a/src/lib/libssl/src/crypto/asn1/i2d_pu.c +++ b/src/lib/libssl/src/crypto/asn1/i2d_pu.c @@ -67,6 +67,9 @@ #ifndef OPENSSL_NO_DSA #include #endif +#ifndef OPENSSL_NO_EC +#include +#endif int i2d_PublicKey(EVP_PKEY *a, unsigned char **pp) { @@ -79,6 +82,10 @@ int i2d_PublicKey(EVP_PKEY *a, unsigned char **pp) #ifndef OPENSSL_NO_DSA case EVP_PKEY_DSA: return(i2d_DSAPublicKey(a->pkey.dsa,pp)); +#endif +#ifndef OPENSSL_NO_EC + case EVP_PKEY_EC: + return(i2o_ECPublicKey(a->pkey.ec, pp)); #endif default: ASN1err(ASN1_F_I2D_PUBLICKEY,ASN1_R_UNSUPPORTED_PUBLIC_KEY_TYPE); diff --git a/src/lib/libssl/src/crypto/asn1/n_pkey.c b/src/lib/libssl/src/crypto/asn1/n_pkey.c index 766b51c538..60bc437938 100644 --- a/src/lib/libssl/src/crypto/asn1/n_pkey.c +++ b/src/lib/libssl/src/crypto/asn1/n_pkey.c @@ -56,9 +56,9 @@ * [including the GNU Public Licence.] */ -#ifndef OPENSSL_NO_RSA #include #include "cryptlib.h" +#ifndef OPENSSL_NO_RSA #include #include #include @@ -107,14 +107,20 @@ DECLARE_ASN1_ENCODE_FUNCTIONS_const(NETSCAPE_PKEY,NETSCAPE_PKEY) IMPLEMENT_ASN1_FUNCTIONS_const(NETSCAPE_PKEY) static RSA *d2i_RSA_NET_2(RSA **a, ASN1_OCTET_STRING *os, - int (*cb)(), int sgckey); + int (*cb)(char *buf, int len, const char *prompt, + int verify), + int sgckey); -int i2d_Netscape_RSA(const RSA *a, unsigned char **pp, int (*cb)()) +int i2d_Netscape_RSA(const RSA *a, unsigned char **pp, + int (*cb)(char *buf, int len, const char *prompt, + int verify)) { return i2d_RSA_NET(a, pp, cb, 0); } -int i2d_RSA_NET(const RSA *a, unsigned char **pp, int (*cb)(), int sgckey) +int i2d_RSA_NET(const RSA *a, unsigned char **pp, + int (*cb)(char *buf, int len, const char *prompt, int verify), + int sgckey) { int i, j, ret = 0; int rsalen, pkeylen, olen; @@ -164,7 +170,7 @@ int i2d_RSA_NET(const RSA *a, unsigned char **pp, int (*cb)(), int sgckey) /* Since its RC4 encrypted length is actual length */ if ((zz=(unsigned char *)OPENSSL_malloc(rsalen)) == NULL) { - ASN1err(ASN1_F_I2D_NETSCAPE_RSA,ERR_R_MALLOC_FAILURE); + ASN1err(ASN1_F_I2D_RSA_NET,ERR_R_MALLOC_FAILURE); goto err; } @@ -174,13 +180,13 @@ int i2d_RSA_NET(const RSA *a, unsigned char **pp, int (*cb)(), int sgckey) if ((zz=OPENSSL_malloc(pkeylen)) == NULL) { - ASN1err(ASN1_F_I2D_NETSCAPE_RSA,ERR_R_MALLOC_FAILURE); + ASN1err(ASN1_F_I2D_RSA_NET,ERR_R_MALLOC_FAILURE); goto err; } if (!ASN1_STRING_set(enckey->os, "private-key", -1)) { - ASN1err(ASN1_F_I2D_NETSCAPE_RSA,ERR_R_MALLOC_FAILURE); + ASN1err(ASN1_F_I2D_RSA_NET,ERR_R_MALLOC_FAILURE); goto err; } enckey->enckey->digest->data = zz; @@ -191,10 +197,10 @@ int i2d_RSA_NET(const RSA *a, unsigned char **pp, int (*cb)(), int sgckey) if (cb == NULL) cb=EVP_read_pw_string; - i=cb(buf,256,"Enter Private Key password:",1); + i=cb((char *)buf,256,"Enter Private Key password:",1); if (i != 0) { - ASN1err(ASN1_F_I2D_NETSCAPE_RSA,ASN1_R_BAD_PASSWORD_READ); + ASN1err(ASN1_F_I2D_RSA_NET,ASN1_R_BAD_PASSWORD_READ); goto err; } i = strlen((char *)buf); @@ -224,12 +230,16 @@ err: } -RSA *d2i_Netscape_RSA(RSA **a, const unsigned char **pp, long length, int (*cb)()) +RSA *d2i_Netscape_RSA(RSA **a, const unsigned char **pp, long length, + int (*cb)(char *buf, int len, const char *prompt, + int verify)) { return d2i_RSA_NET(a, pp, length, cb, 0); } -RSA *d2i_RSA_NET(RSA **a, const unsigned char **pp, long length, int (*cb)(), int sgckey) +RSA *d2i_RSA_NET(RSA **a, const unsigned char **pp, long length, + int (*cb)(char *buf, int len, const char *prompt, int verify), + int sgckey) { RSA *ret=NULL; const unsigned char *p, *kp; @@ -239,20 +249,20 @@ RSA *d2i_RSA_NET(RSA **a, const unsigned char **pp, long length, int (*cb)(), in enckey = d2i_NETSCAPE_ENCRYPTED_PKEY(NULL, &p, length); if(!enckey) { - ASN1err(ASN1_F_D2I_NETSCAPE_RSA,ASN1_R_DECODING_ERROR); + ASN1err(ASN1_F_D2I_RSA_NET,ASN1_R_DECODING_ERROR); return NULL; } if ((enckey->os->length != 11) || (strncmp("private-key", (char *)enckey->os->data,11) != 0)) { - ASN1err(ASN1_F_D2I_NETSCAPE_RSA,ASN1_R_PRIVATE_KEY_HEADER_MISSING); + ASN1err(ASN1_F_D2I_RSA_NET,ASN1_R_PRIVATE_KEY_HEADER_MISSING); NETSCAPE_ENCRYPTED_PKEY_free(enckey); return NULL; } if (OBJ_obj2nid(enckey->enckey->algor->algorithm) != NID_rc4) { - ASN1err(ASN1_F_D2I_NETSCAPE_RSA_2,ASN1_R_UNSUPPORTED_ENCRYPTION_ALGORITHM); + ASN1err(ASN1_F_D2I_RSA_NET,ASN1_R_UNSUPPORTED_ENCRYPTION_ALGORITHM); goto err; } kp = enckey->enckey->digest->data; @@ -269,7 +279,8 @@ RSA *d2i_RSA_NET(RSA **a, const unsigned char **pp, long length, int (*cb)(), in } static RSA *d2i_RSA_NET_2(RSA **a, ASN1_OCTET_STRING *os, - int (*cb)(), int sgckey) + int (*cb)(char *buf, int len, const char *prompt, + int verify), int sgckey) { NETSCAPE_PKEY *pkey=NULL; RSA *ret=NULL; @@ -279,10 +290,10 @@ static RSA *d2i_RSA_NET_2(RSA **a, ASN1_OCTET_STRING *os, unsigned char key[EVP_MAX_KEY_LENGTH]; EVP_CIPHER_CTX ctx; - i=cb(buf,256,"Enter Private Key password:",0); + i=cb((char *)buf,256,"Enter Private Key password:",0); if (i != 0) { - ASN1err(ASN1_F_D2I_NETSCAPE_RSA_2,ASN1_R_BAD_PASSWORD_READ); + ASN1err(ASN1_F_D2I_RSA_NET_2,ASN1_R_BAD_PASSWORD_READ); goto err; } @@ -307,14 +318,14 @@ static RSA *d2i_RSA_NET_2(RSA **a, ASN1_OCTET_STRING *os, if ((pkey=d2i_NETSCAPE_PKEY(NULL,&zz,os->length)) == NULL) { - ASN1err(ASN1_F_D2I_NETSCAPE_RSA_2,ASN1_R_UNABLE_TO_DECODE_RSA_PRIVATE_KEY); + ASN1err(ASN1_F_D2I_RSA_NET_2,ASN1_R_UNABLE_TO_DECODE_RSA_PRIVATE_KEY); goto err; } zz=pkey->private_key->data; if ((ret=d2i_RSAPrivateKey(a,&zz,pkey->private_key->length)) == NULL) { - ASN1err(ASN1_F_D2I_NETSCAPE_RSA_2,ASN1_R_UNABLE_TO_DECODE_RSA_KEY); + ASN1err(ASN1_F_D2I_RSA_NET_2,ASN1_R_UNABLE_TO_DECODE_RSA_KEY); goto err; } err: diff --git a/src/lib/libssl/src/crypto/asn1/p5_pbe.c b/src/lib/libssl/src/crypto/asn1/p5_pbe.c index ec788267e0..da91170094 100644 --- a/src/lib/libssl/src/crypto/asn1/p5_pbe.c +++ b/src/lib/libssl/src/crypto/asn1/p5_pbe.c @@ -82,17 +82,17 @@ X509_ALGOR *PKCS5_pbe_set(int alg, int iter, unsigned char *salt, ASN1_TYPE *astype=NULL; if (!(pbe = PBEPARAM_new ())) { - ASN1err(ASN1_F_ASN1_PBE_SET,ERR_R_MALLOC_FAILURE); + ASN1err(ASN1_F_PKCS5_PBE_SET,ERR_R_MALLOC_FAILURE); goto err; } if(iter <= 0) iter = PKCS5_DEFAULT_ITER; if (!ASN1_INTEGER_set(pbe->iter, iter)) { - ASN1err(ASN1_F_ASN1_PBE_SET,ERR_R_MALLOC_FAILURE); + ASN1err(ASN1_F_PKCS5_PBE_SET,ERR_R_MALLOC_FAILURE); goto err; } if (!saltlen) saltlen = PKCS5_SALT_LEN; if (!(pbe->salt->data = OPENSSL_malloc (saltlen))) { - ASN1err(ASN1_F_ASN1_PBE_SET,ERR_R_MALLOC_FAILURE); + ASN1err(ASN1_F_PKCS5_PBE_SET,ERR_R_MALLOC_FAILURE); goto err; } pbe->salt->length = saltlen; @@ -101,13 +101,14 @@ X509_ALGOR *PKCS5_pbe_set(int alg, int iter, unsigned char *salt, goto err; if (!(astype = ASN1_TYPE_new())) { - ASN1err(ASN1_F_ASN1_PBE_SET,ERR_R_MALLOC_FAILURE); + ASN1err(ASN1_F_PKCS5_PBE_SET,ERR_R_MALLOC_FAILURE); goto err; } astype->type = V_ASN1_SEQUENCE; - if(!ASN1_pack_string(pbe, i2d_PBEPARAM, &astype->value.sequence)) { - ASN1err(ASN1_F_ASN1_PBE_SET,ERR_R_MALLOC_FAILURE); + if(!ASN1_pack_string_of(PBEPARAM, pbe, i2d_PBEPARAM, + &astype->value.sequence)) { + ASN1err(ASN1_F_PKCS5_PBE_SET,ERR_R_MALLOC_FAILURE); goto err; } PBEPARAM_free (pbe); @@ -115,7 +116,7 @@ X509_ALGOR *PKCS5_pbe_set(int alg, int iter, unsigned char *salt, al = OBJ_nid2obj(alg); /* never need to free al */ if (!(algor = X509_ALGOR_new())) { - ASN1err(ASN1_F_ASN1_PBE_SET,ERR_R_MALLOC_FAILURE); + ASN1err(ASN1_F_PKCS5_PBE_SET,ERR_R_MALLOC_FAILURE); goto err; } ASN1_OBJECT_free(algor->algorithm); diff --git a/src/lib/libssl/src/crypto/asn1/p5_pbev2.c b/src/lib/libssl/src/crypto/asn1/p5_pbev2.c index e0dc0ec4ee..c834a38ddf 100644 --- a/src/lib/libssl/src/crypto/asn1/p5_pbev2.c +++ b/src/lib/libssl/src/crypto/asn1/p5_pbev2.c @@ -115,7 +115,7 @@ X509_ALGOR *PKCS5_pbe2_set(const EVP_CIPHER *cipher, int iter, /* Create random IV */ if (EVP_CIPHER_iv_length(cipher) && RAND_pseudo_bytes(iv, EVP_CIPHER_iv_length(cipher)) < 0) - goto err; + goto err; EVP_CIPHER_CTX_init(&ctx); @@ -164,7 +164,7 @@ X509_ALGOR *PKCS5_pbe2_set(const EVP_CIPHER *cipher, int iter, if(!(pbe2->keyfunc->parameter = ASN1_TYPE_new())) goto merr; - if(!ASN1_pack_string(kdf, i2d_PBKDF2PARAM, + if(!ASN1_pack_string_of(PBKDF2PARAM, kdf, i2d_PBKDF2PARAM, &pbe2->keyfunc->parameter->value.sequence)) goto merr; pbe2->keyfunc->parameter->type = V_ASN1_SEQUENCE; @@ -180,7 +180,7 @@ X509_ALGOR *PKCS5_pbe2_set(const EVP_CIPHER *cipher, int iter, /* Encode PBE2PARAM into parameter */ - if(!ASN1_pack_string(pbe2, i2d_PBE2PARAM, + if(!ASN1_pack_string_of(PBE2PARAM, pbe2, i2d_PBE2PARAM, &ret->parameter->value.sequence)) goto merr; ret->parameter->type = V_ASN1_SEQUENCE; diff --git a/src/lib/libssl/src/crypto/asn1/t_crl.c b/src/lib/libssl/src/crypto/asn1/t_crl.c index 757c148df8..929b3e5904 100644 --- a/src/lib/libssl/src/crypto/asn1/t_crl.c +++ b/src/lib/libssl/src/crypto/asn1/t_crl.c @@ -72,7 +72,7 @@ int X509_CRL_print_fp(FILE *fp, X509_CRL *x) if ((b=BIO_new(BIO_s_file())) == NULL) { - X509err(X509_F_X509_PRINT_FP,ERR_R_BUF_LIB); + X509err(X509_F_X509_CRL_PRINT_FP,ERR_R_BUF_LIB); return(0); } BIO_set_fp(b,fp,BIO_NOCLOSE); @@ -121,7 +121,7 @@ int X509_CRL_print(BIO *out, X509_CRL *x) r = sk_X509_REVOKED_value(rev, i); BIO_printf(out," Serial Number: "); i2a_ASN1_INTEGER(out,r->serialNumber); - BIO_printf(out,"\n Revocation Date: ",""); + BIO_printf(out,"\n Revocation Date: "); ASN1_TIME_print(out,r->revocationDate); BIO_printf(out,"\n"); X509V3_extensions_print(out, "CRL entry extensions", diff --git a/src/lib/libssl/src/crypto/asn1/t_pkey.c b/src/lib/libssl/src/crypto/asn1/t_pkey.c index d15006e654..afb95d6712 100644 --- a/src/lib/libssl/src/crypto/asn1/t_pkey.c +++ b/src/lib/libssl/src/crypto/asn1/t_pkey.c @@ -55,9 +55,15 @@ * copied and put under another distribution licence * [including the GNU Public Licence.] */ +/* ==================================================================== + * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. + * Binary polynomial ECC support in OpenSSL originally developed by + * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project. + */ #include #include "cryptlib.h" +#include #include #include #ifndef OPENSSL_NO_RSA @@ -69,26 +75,33 @@ #ifndef OPENSSL_NO_DSA #include #endif +#ifndef OPENSSL_NO_EC +#include +#endif -static int print(BIO *fp,const char *str,BIGNUM *num, +static int print(BIO *fp,const char *str, const BIGNUM *num, unsigned char *buf,int off); +#ifndef OPENSSL_NO_EC +static int print_bin(BIO *fp, const char *str, const unsigned char *num, + size_t len, int off); +#endif #ifndef OPENSSL_NO_RSA #ifndef OPENSSL_NO_FP_API int RSA_print_fp(FILE *fp, const RSA *x, int off) - { - BIO *b; - int ret; + { + BIO *b; + int ret; - if ((b=BIO_new(BIO_s_file())) == NULL) + if ((b=BIO_new(BIO_s_file())) == NULL) { RSAerr(RSA_F_RSA_PRINT_FP,ERR_R_BUF_LIB); - return(0); + return(0); } - BIO_set_fp(b,fp,BIO_NOCLOSE); - ret=RSA_print(b,x,off); - BIO_free(b); - return(ret); - } + BIO_set_fp(b,fp,BIO_NOCLOSE); + ret=RSA_print(b,x,off); + BIO_free(b); + return(ret); + } #endif int RSA_print(BIO *bp, const RSA *x, int off) @@ -96,7 +109,7 @@ int RSA_print(BIO *bp, const RSA *x, int off) char str[128]; const char *s; unsigned char *m=NULL; - int ret=0; + int ret=0, mod_len = 0; size_t buf_len=0, i; if (x->n) @@ -130,27 +143,37 @@ int RSA_print(BIO *bp, const RSA *x, int off) goto err; } + if (x->n != NULL) + mod_len = BN_num_bits(x->n); + if (x->d != NULL) { if(!BIO_indent(bp,off,128)) goto err; - if (BIO_printf(bp,"Private-Key: (%d bit)\n",BN_num_bits(x->n)) + if (BIO_printf(bp,"Private-Key: (%d bit)\n", mod_len) <= 0) goto err; } if (x->d == NULL) - BIO_snprintf(str,sizeof str,"Modulus (%d bit):",BN_num_bits(x->n)); + BIO_snprintf(str,sizeof str,"Modulus (%d bit):", mod_len); else BUF_strlcpy(str,"modulus:",sizeof str); if (!print(bp,str,x->n,m,off)) goto err; s=(x->d == NULL)?"Exponent:":"publicExponent:"; - if (!print(bp,s,x->e,m,off)) goto err; - if (!print(bp,"privateExponent:",x->d,m,off)) goto err; - if (!print(bp,"prime1:",x->p,m,off)) goto err; - if (!print(bp,"prime2:",x->q,m,off)) goto err; - if (!print(bp,"exponent1:",x->dmp1,m,off)) goto err; - if (!print(bp,"exponent2:",x->dmq1,m,off)) goto err; - if (!print(bp,"coefficient:",x->iqmp,m,off)) goto err; + if ((x->e != NULL) && !print(bp,s,x->e,m,off)) + goto err; + if ((x->d != NULL) && !print(bp,"privateExponent:",x->d,m,off)) + goto err; + if ((x->p != NULL) && !print(bp,"prime1:",x->p,m,off)) + goto err; + if ((x->q != NULL) && !print(bp,"prime2:",x->q,m,off)) + goto err; + if ((x->dmp1 != NULL) && !print(bp,"exponent1:",x->dmp1,m,off)) + goto err; + if ((x->dmq1 != NULL) && !print(bp,"exponent2:",x->dmq1,m,off)) + goto err; + if ((x->iqmp != NULL) && !print(bp,"coefficient:",x->iqmp,m,off)) + goto err; ret=1; err: if (m != NULL) OPENSSL_free(m); @@ -185,6 +208,11 @@ int DSA_print(BIO *bp, const DSA *x, int off) if (x->p) buf_len = (size_t)BN_num_bytes(x->p); + else + { + DSAerr(DSA_F_DSA_PRINT,DSA_R_MISSING_PARAMETERS); + goto err; + } if (x->q) if (buf_len < (i = (size_t)BN_num_bytes(x->q))) buf_len = i; @@ -227,16 +255,334 @@ err: } #endif /* !OPENSSL_NO_DSA */ -static int print(BIO *bp, const char *number, BIGNUM *num, unsigned char *buf, +#ifndef OPENSSL_NO_EC +#ifndef OPENSSL_NO_FP_API +int ECPKParameters_print_fp(FILE *fp, const EC_GROUP *x, int off) + { + BIO *b; + int ret; + + if ((b=BIO_new(BIO_s_file())) == NULL) + { + ECerr(EC_F_ECPKPARAMETERS_PRINT_FP,ERR_R_BUF_LIB); + return(0); + } + BIO_set_fp(b, fp, BIO_NOCLOSE); + ret = ECPKParameters_print(b, x, off); + BIO_free(b); + return(ret); + } + +int EC_KEY_print_fp(FILE *fp, const EC_KEY *x, int off) + { + BIO *b; + int ret; + + if ((b=BIO_new(BIO_s_file())) == NULL) + { + ECerr(EC_F_EC_KEY_PRINT_FP, ERR_R_BIO_LIB); + return(0); + } + BIO_set_fp(b, fp, BIO_NOCLOSE); + ret = EC_KEY_print(b, x, off); + BIO_free(b); + return(ret); + } +#endif + +int ECPKParameters_print(BIO *bp, const EC_GROUP *x, int off) + { + unsigned char *buffer=NULL; + size_t buf_len=0, i; + int ret=0, reason=ERR_R_BIO_LIB; + BN_CTX *ctx=NULL; + const EC_POINT *point=NULL; + BIGNUM *p=NULL, *a=NULL, *b=NULL, *gen=NULL, + *order=NULL, *cofactor=NULL; + const unsigned char *seed; + size_t seed_len=0; + + static const char *gen_compressed = "Generator (compressed):"; + static const char *gen_uncompressed = "Generator (uncompressed):"; + static const char *gen_hybrid = "Generator (hybrid):"; + + if (!x) + { + reason = ERR_R_PASSED_NULL_PARAMETER; + goto err; + } + + if (EC_GROUP_get_asn1_flag(x)) + { + /* the curve parameter are given by an asn1 OID */ + int nid; + + if (!BIO_indent(bp, off, 128)) + goto err; + + nid = EC_GROUP_get_curve_name(x); + if (nid == 0) + goto err; + + if (BIO_printf(bp, "ASN1 OID: %s", OBJ_nid2sn(nid)) <= 0) + goto err; + if (BIO_printf(bp, "\n") <= 0) + goto err; + } + else + { + /* explicit parameters */ + int is_char_two = 0; + point_conversion_form_t form; + int tmp_nid = EC_METHOD_get_field_type(EC_GROUP_method_of(x)); + + if (tmp_nid == NID_X9_62_characteristic_two_field) + is_char_two = 1; + + if ((p = BN_new()) == NULL || (a = BN_new()) == NULL || + (b = BN_new()) == NULL || (order = BN_new()) == NULL || + (cofactor = BN_new()) == NULL) + { + reason = ERR_R_MALLOC_FAILURE; + goto err; + } + + if (is_char_two) + { + if (!EC_GROUP_get_curve_GF2m(x, p, a, b, ctx)) + { + reason = ERR_R_EC_LIB; + goto err; + } + } + else /* prime field */ + { + if (!EC_GROUP_get_curve_GFp(x, p, a, b, ctx)) + { + reason = ERR_R_EC_LIB; + goto err; + } + } + + if ((point = EC_GROUP_get0_generator(x)) == NULL) + { + reason = ERR_R_EC_LIB; + goto err; + } + if (!EC_GROUP_get_order(x, order, NULL) || + !EC_GROUP_get_cofactor(x, cofactor, NULL)) + { + reason = ERR_R_EC_LIB; + goto err; + } + + form = EC_GROUP_get_point_conversion_form(x); + + if ((gen = EC_POINT_point2bn(x, point, + form, NULL, ctx)) == NULL) + { + reason = ERR_R_EC_LIB; + goto err; + } + + buf_len = (size_t)BN_num_bytes(p); + if (buf_len < (i = (size_t)BN_num_bytes(a))) + buf_len = i; + if (buf_len < (i = (size_t)BN_num_bytes(b))) + buf_len = i; + if (buf_len < (i = (size_t)BN_num_bytes(gen))) + buf_len = i; + if (buf_len < (i = (size_t)BN_num_bytes(order))) + buf_len = i; + if (buf_len < (i = (size_t)BN_num_bytes(cofactor))) + buf_len = i; + + if ((seed = EC_GROUP_get0_seed(x)) != NULL) + seed_len = EC_GROUP_get_seed_len(x); + + buf_len += 10; + if ((buffer = OPENSSL_malloc(buf_len)) == NULL) + { + reason = ERR_R_MALLOC_FAILURE; + goto err; + } + + if (!BIO_indent(bp, off, 128)) + goto err; + + /* print the 'short name' of the field type */ + if (BIO_printf(bp, "Field Type: %s\n", OBJ_nid2sn(tmp_nid)) + <= 0) + goto err; + + if (is_char_two) + { + /* print the 'short name' of the base type OID */ + int basis_type = EC_GROUP_get_basis_type(x); + if (basis_type == 0) + goto err; + + if (!BIO_indent(bp, off, 128)) + goto err; + + if (BIO_printf(bp, "Basis Type: %s\n", + OBJ_nid2sn(basis_type)) <= 0) + goto err; + + /* print the polynomial */ + if ((p != NULL) && !print(bp, "Polynomial:", p, buffer, + off)) + goto err; + } + else + { + if ((p != NULL) && !print(bp, "Prime:", p, buffer,off)) + goto err; + } + if ((a != NULL) && !print(bp, "A: ", a, buffer, off)) + goto err; + if ((b != NULL) && !print(bp, "B: ", b, buffer, off)) + goto err; + if (form == POINT_CONVERSION_COMPRESSED) + { + if ((gen != NULL) && !print(bp, gen_compressed, gen, + buffer, off)) + goto err; + } + else if (form == POINT_CONVERSION_UNCOMPRESSED) + { + if ((gen != NULL) && !print(bp, gen_uncompressed, gen, + buffer, off)) + goto err; + } + else /* form == POINT_CONVERSION_HYBRID */ + { + if ((gen != NULL) && !print(bp, gen_hybrid, gen, + buffer, off)) + goto err; + } + if ((order != NULL) && !print(bp, "Order: ", order, + buffer, off)) goto err; + if ((cofactor != NULL) && !print(bp, "Cofactor: ", cofactor, + buffer, off)) goto err; + if (seed && !print_bin(bp, "Seed:", seed, seed_len, off)) + goto err; + } + ret=1; +err: + if (!ret) + ECerr(EC_F_ECPKPARAMETERS_PRINT, reason); + if (p) + BN_free(p); + if (a) + BN_free(a); + if (b) + BN_free(b); + if (gen) + BN_free(gen); + if (order) + BN_free(order); + if (cofactor) + BN_free(cofactor); + if (ctx) + BN_CTX_free(ctx); + if (buffer != NULL) + OPENSSL_free(buffer); + return(ret); + } + +int EC_KEY_print(BIO *bp, const EC_KEY *x, int off) + { + unsigned char *buffer=NULL; + size_t buf_len=0, i; + int ret=0, reason=ERR_R_BIO_LIB; + BIGNUM *pub_key=NULL, *order=NULL; + BN_CTX *ctx=NULL; + const EC_GROUP *group; + const EC_POINT *public_key; + const BIGNUM *priv_key; + + if (x == NULL || (group = EC_KEY_get0_group(x)) == NULL) + { + reason = ERR_R_PASSED_NULL_PARAMETER; + goto err; + } + + public_key = EC_KEY_get0_public_key(x); + if ((pub_key = EC_POINT_point2bn(group, public_key, + EC_KEY_get_conv_form(x), NULL, ctx)) == NULL) + { + reason = ERR_R_EC_LIB; + goto err; + } + + buf_len = (size_t)BN_num_bytes(pub_key); + priv_key = EC_KEY_get0_private_key(x); + if (priv_key != NULL) + { + if ((i = (size_t)BN_num_bytes(priv_key)) > buf_len) + buf_len = i; + } + + buf_len += 10; + if ((buffer = OPENSSL_malloc(buf_len)) == NULL) + { + reason = ERR_R_MALLOC_FAILURE; + goto err; + } + + if (priv_key != NULL) + { + if (!BIO_indent(bp, off, 128)) + goto err; + if ((order = BN_new()) == NULL) + goto err; + if (!EC_GROUP_get_order(group, order, NULL)) + goto err; + if (BIO_printf(bp, "Private-Key: (%d bit)\n", + BN_num_bits(order)) <= 0) goto err; + } + + if ((priv_key != NULL) && !print(bp, "priv:", priv_key, + buffer, off)) + goto err; + if ((pub_key != NULL) && !print(bp, "pub: ", pub_key, + buffer, off)) + goto err; + if (!ECPKParameters_print(bp, group, off)) + goto err; + ret=1; +err: + if (!ret) + ECerr(EC_F_EC_KEY_PRINT, reason); + if (pub_key) + BN_free(pub_key); + if (order) + BN_free(order); + if (ctx) + BN_CTX_free(ctx); + if (buffer != NULL) + OPENSSL_free(buffer); + return(ret); + } +#endif /* OPENSSL_NO_EC */ + +static int print(BIO *bp, const char *number, const BIGNUM *num, unsigned char *buf, int off) { int n,i; const char *neg; if (num == NULL) return(1); - neg=(num->neg)?"-":""; + neg = (BN_is_negative(num))?"-":""; if(!BIO_indent(bp,off,128)) return 0; + if (BN_is_zero(num)) + { + if (BIO_printf(bp, "%s 0\n", number) <= 0) + return 0; + return 1; + } if (BN_num_bytes(num) <= BN_BYTES) { @@ -272,23 +618,63 @@ static int print(BIO *bp, const char *number, BIGNUM *num, unsigned char *buf, return(1); } +#ifndef OPENSSL_NO_EC +static int print_bin(BIO *fp, const char *name, const unsigned char *buf, + size_t len, int off) + { + size_t i; + char str[128]; + + if (buf == NULL) + return 1; + if (off) + { + if (off > 128) + off=128; + memset(str,' ',off); + if (BIO_write(fp, str, off) <= 0) + return 0; + } + + if (BIO_printf(fp,"%s", name) <= 0) + return 0; + + for (i=0; ip) buf_len = (size_t)BN_num_bytes(x->p); + else + { + reason = ERR_R_PASSED_NULL_PARAMETER; + goto err; + } if (x->g) if (buf_len < (i = (size_t)BN_num_bytes(x->g))) buf_len = i; @@ -333,30 +724,35 @@ err: #ifndef OPENSSL_NO_DSA #ifndef OPENSSL_NO_FP_API int DSAparams_print_fp(FILE *fp, const DSA *x) - { - BIO *b; - int ret; + { + BIO *b; + int ret; - if ((b=BIO_new(BIO_s_file())) == NULL) + if ((b=BIO_new(BIO_s_file())) == NULL) { DSAerr(DSA_F_DSAPARAMS_PRINT_FP,ERR_R_BUF_LIB); - return(0); + return(0); } - BIO_set_fp(b,fp,BIO_NOCLOSE); - ret=DSAparams_print(b, x); - BIO_free(b); - return(ret); - } + BIO_set_fp(b,fp,BIO_NOCLOSE); + ret=DSAparams_print(b, x); + BIO_free(b); + return(ret); + } #endif int DSAparams_print(BIO *bp, const DSA *x) { unsigned char *m=NULL; - int reason=ERR_R_BUF_LIB,ret=0; + int ret=0; size_t buf_len=0,i; if (x->p) buf_len = (size_t)BN_num_bytes(x->p); + else + { + DSAerr(DSA_F_DSAPARAMS_PRINT,DSA_R_MISSING_PARAMETERS); + goto err; + } if (x->q) if (buf_len < (i = (size_t)BN_num_bytes(x->q))) buf_len = i; @@ -366,7 +762,7 @@ int DSAparams_print(BIO *bp, const DSA *x) m=(unsigned char *)OPENSSL_malloc(buf_len+10); if (m == NULL) { - reason=ERR_R_MALLOC_FAILURE; + DSAerr(DSA_F_DSAPARAMS_PRINT,ERR_R_MALLOC_FAILURE); goto err; } @@ -374,14 +770,70 @@ int DSAparams_print(BIO *bp, const DSA *x) BN_num_bits(x->p)) <= 0) goto err; if (!print(bp,"p:",x->p,m,4)) goto err; - if (!print(bp,"q:",x->q,m,4)) goto err; - if (!print(bp,"g:",x->g,m,4)) goto err; + if ((x->q != NULL) && !print(bp,"q:",x->q,m,4)) goto err; + if ((x->g != NULL) && !print(bp,"g:",x->g,m,4)) goto err; ret=1; err: if (m != NULL) OPENSSL_free(m); - DSAerr(DSA_F_DSAPARAMS_PRINT,reason); return(ret); } #endif /* !OPENSSL_NO_DSA */ +#ifndef OPENSSL_NO_EC +#ifndef OPENSSL_NO_FP_API +int ECParameters_print_fp(FILE *fp, const EC_KEY *x) + { + BIO *b; + int ret; + + if ((b=BIO_new(BIO_s_file())) == NULL) + { + ECerr(EC_F_ECPARAMETERS_PRINT_FP, ERR_R_BIO_LIB); + return(0); + } + BIO_set_fp(b, fp, BIO_NOCLOSE); + ret = ECParameters_print(b, x); + BIO_free(b); + return(ret); + } +#endif + +int ECParameters_print(BIO *bp, const EC_KEY *x) + { + int reason=ERR_R_EC_LIB, ret=0; + BIGNUM *order=NULL; + const EC_GROUP *group; + + if (x == NULL || (group = EC_KEY_get0_group(x)) == NULL) + { + reason = ERR_R_PASSED_NULL_PARAMETER;; + goto err; + } + + if ((order = BN_new()) == NULL) + { + reason = ERR_R_MALLOC_FAILURE; + goto err; + } + + if (!EC_GROUP_get_order(group, order, NULL)) + { + reason = ERR_R_EC_LIB; + goto err; + } + + if (BIO_printf(bp, "ECDSA-Parameters: (%d bit)\n", + BN_num_bits(order)) <= 0) + goto err; + if (!ECPKParameters_print(bp, group, 4)) + goto err; + ret=1; +err: + if (order) + BN_free(order); + ECerr(EC_F_ECPARAMETERS_PRINT, reason); + return(ret); + } + +#endif diff --git a/src/lib/libssl/src/crypto/asn1/t_req.c b/src/lib/libssl/src/crypto/asn1/t_req.c index 740cee80c0..5557e06584 100644 --- a/src/lib/libssl/src/crypto/asn1/t_req.c +++ b/src/lib/libssl/src/crypto/asn1/t_req.c @@ -63,6 +63,12 @@ #include #include #include +#ifndef OPENSSL_NO_RSA +#include +#endif +#ifndef OPENSSL_NO_DSA +#include +#endif #ifndef OPENSSL_NO_FP_API int X509_REQ_print_fp(FILE *fp, X509_REQ *x) @@ -159,6 +165,14 @@ int X509_REQ_print_ex(BIO *bp, X509_REQ *x, unsigned long nmflags, unsigned long DSA_print(bp,pkey->pkey.dsa,16); } else +#endif +#ifndef OPENSSL_NO_EC + if (pkey->type == EVP_PKEY_EC) + { + BIO_printf(bp, "%12sEC Public Key: \n",""); + EC_KEY_print(bp, pkey->pkey.ec, 16); + } + else #endif BIO_printf(bp,"%12sUnknown Public Key:\n",""); @@ -230,7 +244,7 @@ get_next: } } } - if(!(cflag & X509_FLAG_NO_ATTRIBUTES)) + if(!(cflag & X509_FLAG_NO_EXTENSIONS)) { exts = X509_REQ_get_extensions(x); if(exts) @@ -246,9 +260,9 @@ get_next: obj=X509_EXTENSION_get_object(ex); i2a_ASN1_OBJECT(bp,obj); j=X509_EXTENSION_get_critical(ex); - if (BIO_printf(bp,": %s\n",j?"critical":"","") <= 0) + if (BIO_printf(bp,": %s\n",j?"critical":"") <= 0) goto err; - if(!X509V3_EXT_print(bp, ex, 0, 16)) + if(!X509V3_EXT_print(bp, ex, cflag, 16)) { BIO_printf(bp, "%16s", ""); M_ASN1_OCTET_STRING_print(bp,ex->value); @@ -266,7 +280,7 @@ get_next: return(1); err: - X509err(X509_F_X509_REQ_PRINT,ERR_R_BUF_LIB); + X509err(X509_F_X509_REQ_PRINT_EX,ERR_R_BUF_LIB); return(0); } diff --git a/src/lib/libssl/src/crypto/asn1/t_spki.c b/src/lib/libssl/src/crypto/asn1/t_spki.c index 5abfbc815e..c2a5797dd8 100644 --- a/src/lib/libssl/src/crypto/asn1/t_spki.c +++ b/src/lib/libssl/src/crypto/asn1/t_spki.c @@ -60,6 +60,13 @@ #include "cryptlib.h" #include #include +#ifndef OPENSSL_NO_RSA +#include +#endif +#ifndef OPENSSL_NO_DSA +#include +#endif +#include /* Print out an SPKI */ @@ -93,6 +100,15 @@ int NETSCAPE_SPKI_print(BIO *out, NETSCAPE_SPKI *spki) } else #endif +#ifndef OPENSSL_NO_EC + if (pkey->type == EVP_PKEY_EC) + { + BIO_printf(out, " EC Public Key:\n"); + EC_KEY_print(out, pkey->pkey.ec,2); + } + else +#endif + BIO_printf(out," Unknown Public Key:\n"); EVP_PKEY_free(pkey); } diff --git a/src/lib/libssl/src/crypto/asn1/t_x509.c b/src/lib/libssl/src/crypto/asn1/t_x509.c index d1034c47f8..eb776b7b3b 100644 --- a/src/lib/libssl/src/crypto/asn1/t_x509.c +++ b/src/lib/libssl/src/crypto/asn1/t_x509.c @@ -66,6 +66,9 @@ #ifndef OPENSSL_NO_DSA #include #endif +#ifndef OPENSSL_NO_EC +#include +#endif #include #include #include @@ -83,7 +86,7 @@ int X509_print_ex_fp(FILE *fp, X509 *x, unsigned long nmflag, unsigned long cfla if ((b=BIO_new(BIO_s_file())) == NULL) { - X509err(X509_F_X509_PRINT_FP,ERR_R_BUF_LIB); + X509err(X509_F_X509_PRINT_EX_FP,ERR_R_BUF_LIB); return(0); } BIO_set_fp(b,fp,BIO_NOCLOSE); @@ -228,6 +231,14 @@ int X509_print_ex(BIO *bp, X509 *x, unsigned long nmflags, unsigned long cflag) DSA_print(bp,pkey->pkey.dsa,16); } else +#endif +#ifndef OPENSSL_NO_EC + if (pkey->type == EVP_PKEY_EC) + { + BIO_printf(bp, "%12sEC Public Key:\n",""); + EC_KEY_print(bp, pkey->pkey.ec, 16); + } + else #endif BIO_printf(bp,"%12sUnknown Public Key:\n",""); @@ -434,19 +445,18 @@ err: int X509_NAME_print(BIO *bp, X509_NAME *name, int obase) { char *s,*c,*b; - int ret=0,l,ll,i,first=1; + int ret=0,l,i; - ll=80-2-obase; + l=80-2-obase; - b=s=X509_NAME_oneline(name,NULL,0); - if (!*s) + b=X509_NAME_oneline(name,NULL,0); + if (!*b) { OPENSSL_free(b); return 1; } - s++; /* skip the first slash */ + s=b+1; /* skip the first slash */ - l=ll; c=s; for (;;) { @@ -468,20 +478,9 @@ int X509_NAME_print(BIO *bp, X509_NAME *name, int obase) (*s == '\0')) #endif { - if ((l <= 0) && !first) - { - first=0; - if (BIO_write(bp,"\n",1) != 1) goto err; - for (i=0; i #include -static int asn1_check_eoc(unsigned char **in, long len); -static int asn1_find_end(unsigned char **in, long len, char inf); -static int asn1_collect(BUF_MEM *buf, unsigned char **in, long len, char inf, int tag, int aclass); -static int collect_data(BUF_MEM *buf, unsigned char **p, long plen); -static int asn1_check_tlen(long *olen, int *otag, unsigned char *oclass, char *inf, char *cst, - unsigned char **in, long len, int exptag, int expclass, char opt, ASN1_TLC *ctx); -static int asn1_template_ex_d2i(ASN1_VALUE **pval, unsigned char **in, long len, const ASN1_TEMPLATE *tt, char opt, ASN1_TLC *ctx); -static int asn1_template_noexp_d2i(ASN1_VALUE **val, unsigned char **in, long len, const ASN1_TEMPLATE *tt, char opt, ASN1_TLC *ctx); -static int asn1_d2i_ex_primitive(ASN1_VALUE **pval, unsigned char **in, long len, - const ASN1_ITEM *it, int tag, int aclass, char opt, ASN1_TLC *ctx); +static int asn1_check_eoc(const unsigned char **in, long len); +static int asn1_find_end(const unsigned char **in, long len, char inf); + +static int asn1_collect(BUF_MEM *buf, const unsigned char **in, long len, + char inf, int tag, int aclass); + +static int collect_data(BUF_MEM *buf, const unsigned char **p, long plen); + +static int asn1_check_tlen(long *olen, int *otag, unsigned char *oclass, + char *inf, char *cst, + const unsigned char **in, long len, + int exptag, int expclass, char opt, + ASN1_TLC *ctx); + +static int asn1_template_ex_d2i(ASN1_VALUE **pval, + const unsigned char **in, long len, + const ASN1_TEMPLATE *tt, char opt, + ASN1_TLC *ctx); +static int asn1_template_noexp_d2i(ASN1_VALUE **val, + const unsigned char **in, long len, + const ASN1_TEMPLATE *tt, char opt, + ASN1_TLC *ctx); +static int asn1_d2i_ex_primitive(ASN1_VALUE **pval, + const unsigned char **in, long len, + const ASN1_ITEM *it, + int tag, int aclass, char opt, ASN1_TLC *ctx); /* Table to convert tags to bit values, used for MSTRING type */ -static unsigned long tag2bit[32]={ +static const unsigned long tag2bit[32] = { 0, 0, 0, B_ASN1_BIT_STRING, /* tags 0 - 3 */ B_ASN1_OCTET_STRING, 0, 0, B_ASN1_UNKNOWN,/* tags 4- 7 */ B_ASN1_UNKNOWN, B_ASN1_UNKNOWN, B_ASN1_UNKNOWN, B_ASN1_UNKNOWN,/* tags 8-11 */ B_ASN1_UTF8STRING,B_ASN1_UNKNOWN,B_ASN1_UNKNOWN,B_ASN1_UNKNOWN,/* tags 12-15 */ -0, 0, B_ASN1_NUMERICSTRING,B_ASN1_PRINTABLESTRING, /* tags 16-19 */ +B_ASN1_SEQUENCE,0,B_ASN1_NUMERICSTRING,B_ASN1_PRINTABLESTRING, /* tags 16-19 */ B_ASN1_T61STRING,B_ASN1_VIDEOTEXSTRING,B_ASN1_IA5STRING, /* tags 20-22 */ B_ASN1_UTCTIME, B_ASN1_GENERALIZEDTIME, /* tags 23-24 */ B_ASN1_GRAPHICSTRING,B_ASN1_ISO64STRING,B_ASN1_GENERALSTRING, /* tags 25-27 */ @@ -90,14 +106,14 @@ B_ASN1_UNIVERSALSTRING,B_ASN1_UNKNOWN,B_ASN1_BMPSTRING,B_ASN1_UNKNOWN, /* tags 2 }; unsigned long ASN1_tag2bit(int tag) -{ - if((tag < 0) || (tag > 30)) return 0; + { + if ((tag < 0) || (tag > 30)) return 0; return tag2bit[tag]; -} + } /* Macro to initialize and invalidate the cache */ -#define asn1_tlc_clear(c) if(c) (c)->valid = 0 +#define asn1_tlc_clear(c) if (c) (c)->valid = 0 /* Decode an ASN1 item, this currently behaves just * like a standard 'd2i' function. 'in' points to @@ -107,113 +123,147 @@ unsigned long ASN1_tag2bit(int tag) * case. */ -ASN1_VALUE *ASN1_item_d2i(ASN1_VALUE **pval, unsigned char **in, long len, const ASN1_ITEM *it) -{ +ASN1_VALUE *ASN1_item_d2i(ASN1_VALUE **pval, + const unsigned char **in, long len, const ASN1_ITEM *it) + { ASN1_TLC c; ASN1_VALUE *ptmpval = NULL; - if(!pval) pval = &ptmpval; - asn1_tlc_clear(&c); - if(ASN1_item_ex_d2i(pval, in, len, it, -1, 0, 0, &c) > 0) + if (!pval) + pval = &ptmpval; + c.valid = 0; + if (ASN1_item_ex_d2i(pval, in, len, it, -1, 0, 0, &c) > 0) return *pval; return NULL; -} + } -int ASN1_template_d2i(ASN1_VALUE **pval, unsigned char **in, long len, const ASN1_TEMPLATE *tt) -{ +int ASN1_template_d2i(ASN1_VALUE **pval, + const unsigned char **in, long len, const ASN1_TEMPLATE *tt) + { ASN1_TLC c; - asn1_tlc_clear(&c); + c.valid = 0; return asn1_template_ex_d2i(pval, in, len, tt, 0, &c); -} + } /* Decode an item, taking care of IMPLICIT tagging, if any. * If 'opt' set and tag mismatch return -1 to handle OPTIONAL */ -int ASN1_item_ex_d2i(ASN1_VALUE **pval, unsigned char **in, long len, const ASN1_ITEM *it, - int tag, int aclass, char opt, ASN1_TLC *ctx) -{ +int ASN1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len, + const ASN1_ITEM *it, + int tag, int aclass, char opt, ASN1_TLC *ctx) + { const ASN1_TEMPLATE *tt, *errtt = NULL; const ASN1_COMPAT_FUNCS *cf; const ASN1_EXTERN_FUNCS *ef; const ASN1_AUX *aux = it->funcs; ASN1_aux_cb *asn1_cb; - unsigned char *p, *q, imphack = 0, oclass; + const unsigned char *p = NULL, *q; + unsigned char *wp=NULL; /* BIG FAT WARNING! BREAKS CONST WHERE USED */ + unsigned char imphack = 0, oclass; char seq_eoc, seq_nolen, cst, isopt; long tmplen; int i; int otag; int ret = 0; ASN1_VALUE *pchval, **pchptr, *ptmpval; - if(!pval) return 0; - if(aux && aux->asn1_cb) asn1_cb = aux->asn1_cb; + if (!pval) + return 0; + if (aux && aux->asn1_cb) + asn1_cb = aux->asn1_cb; else asn1_cb = 0; - switch(it->itype) { - + switch(it->itype) + { case ASN1_ITYPE_PRIMITIVE: - if(it->templates) { - /* tagging or OPTIONAL is currently illegal on an item template - * because the flags can't get passed down. In practice this isn't - * a problem: we include the relevant flags from the item template - * in the template itself. + if (it->templates) + { + /* tagging or OPTIONAL is currently illegal on an item + * template because the flags can't get passed down. + * In practice this isn't a problem: we include the + * relevant flags from the item template in the + * template itself. */ - if ((tag != -1) || opt) { - ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ASN1_R_ILLEGAL_OPTIONS_ON_ITEM_TEMPLATE); + if ((tag != -1) || opt) + { + ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, + ASN1_R_ILLEGAL_OPTIONS_ON_ITEM_TEMPLATE); goto err; - } - return asn1_template_ex_d2i(pval, in, len, it->templates, opt, ctx); + } + return asn1_template_ex_d2i(pval, in, len, + it->templates, opt, ctx); } - return asn1_d2i_ex_primitive(pval, in, len, it, tag, aclass, opt, ctx); + return asn1_d2i_ex_primitive(pval, in, len, it, + tag, aclass, opt, ctx); break; case ASN1_ITYPE_MSTRING: p = *in; /* Just read in tag and class */ - ret = asn1_check_tlen(NULL, &otag, &oclass, NULL, NULL, &p, len, -1, 0, 1, ctx); - if(!ret) { - ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ERR_R_NESTED_ASN1_ERROR); + ret = asn1_check_tlen(NULL, &otag, &oclass, NULL, NULL, + &p, len, -1, 0, 1, ctx); + if (!ret) + { + ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, + ERR_R_NESTED_ASN1_ERROR); goto err; - } + } + /* Must be UNIVERSAL class */ - if(oclass != V_ASN1_UNIVERSAL) { + if (oclass != V_ASN1_UNIVERSAL) + { /* If OPTIONAL, assume this is OK */ - if(opt) return -1; - ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ASN1_R_MSTRING_NOT_UNIVERSAL); + if (opt) return -1; + ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, + ASN1_R_MSTRING_NOT_UNIVERSAL); goto err; - } + } /* Check tag matches bit map */ - if(!(ASN1_tag2bit(otag) & it->utype)) { + if (!(ASN1_tag2bit(otag) & it->utype)) + { /* If OPTIONAL, assume this is OK */ - if(opt) return -1; - ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ASN1_R_MSTRING_WRONG_TAG); + if (opt) + return -1; + ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, + ASN1_R_MSTRING_WRONG_TAG); goto err; - } - return asn1_d2i_ex_primitive(pval, in, len, it, otag, 0, 0, ctx); + } + return asn1_d2i_ex_primitive(pval, in, len, + it, otag, 0, 0, ctx); case ASN1_ITYPE_EXTERN: /* Use new style d2i */ ef = it->funcs; - return ef->asn1_ex_d2i(pval, in, len, it, tag, aclass, opt, ctx); + return ef->asn1_ex_d2i(pval, in, len, + it, tag, aclass, opt, ctx); case ASN1_ITYPE_COMPAT: /* we must resort to old style evil hackery */ cf = it->funcs; /* If OPTIONAL see if it is there */ - if(opt) { + if (opt) + { int exptag; p = *in; - if(tag == -1) exptag = it->utype; + if (tag == -1) + exptag = it->utype; else exptag = tag; - /* Don't care about anything other than presence of expected tag */ - ret = asn1_check_tlen(NULL, NULL, NULL, NULL, NULL, &p, len, exptag, aclass, 1, ctx); - if(!ret) { - ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ERR_R_NESTED_ASN1_ERROR); + /* Don't care about anything other than presence + * of expected tag */ + + ret = asn1_check_tlen(NULL, NULL, NULL, NULL, NULL, + &p, len, exptag, aclass, 1, ctx); + if (!ret) + { + ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, + ERR_R_NESTED_ASN1_ERROR); goto err; + } + if (ret == -1) + return -1; } - if(ret == -1) return -1; - } + /* This is the old style evil hack IMPLICIT handling: * since the underlying code is expecting a tag and * class other than the one present we change the @@ -229,245 +279,332 @@ int ASN1_item_ex_d2i(ASN1_VALUE **pval, unsigned char **in, long len, const ASN1 * buffer. */ - if(tag != -1) { - p = *in; - imphack = *p; - *p = (unsigned char)((*p & V_ASN1_CONSTRUCTED) | it->utype); - } + if (tag != -1) + { + wp = *(unsigned char **)in; + imphack = *wp; + if (p == NULL) + { + ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, + ERR_R_NESTED_ASN1_ERROR); + goto err; + } + *wp = (unsigned char)((*p & V_ASN1_CONSTRUCTED) + | it->utype); + } ptmpval = cf->asn1_d2i(pval, in, len); - if(tag != -1) *p = imphack; + if (tag != -1) + *wp = imphack; + + if (ptmpval) + return 1; - if(ptmpval) return 1; ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ERR_R_NESTED_ASN1_ERROR); goto err; case ASN1_ITYPE_CHOICE: - if(asn1_cb && !asn1_cb(ASN1_OP_D2I_PRE, pval, it)) + if (asn1_cb && !asn1_cb(ASN1_OP_D2I_PRE, pval, it)) goto auxerr; /* Allocate structure */ - if(!*pval) { - if(!ASN1_item_ex_new(pval, it)) { - ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ERR_R_NESTED_ASN1_ERROR); - goto err; + if (!*pval && !ASN1_item_ex_new(pval, it)) + { + ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, + ERR_R_NESTED_ASN1_ERROR); + goto err; } - } /* CHOICE type, try each possibility in turn */ pchval = NULL; p = *in; - for(i = 0, tt=it->templates; i < it->tcount; i++, tt++) { + for (i = 0, tt=it->templates; i < it->tcount; i++, tt++) + { pchptr = asn1_get_field_ptr(pval, tt); /* We mark field as OPTIONAL so its absence * can be recognised. */ ret = asn1_template_ex_d2i(pchptr, &p, len, tt, 1, ctx); /* If field not present, try the next one */ - if(ret == -1) continue; + if (ret == -1) + continue; /* If positive return, read OK, break loop */ - if(ret > 0) break; + if (ret > 0) + break; /* Otherwise must be an ASN1 parsing error */ errtt = tt; - ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ERR_R_NESTED_ASN1_ERROR); + ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, + ERR_R_NESTED_ASN1_ERROR); goto err; - } + } + /* Did we fall off the end without reading anything? */ - if(i == it->tcount) { + if (i == it->tcount) + { /* If OPTIONAL, this is OK */ - if(opt) { + if (opt) + { /* Free and zero it */ ASN1_item_ex_free(pval, it); return -1; - } - ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ASN1_R_NO_MATCHING_CHOICE_TYPE); + } + ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, + ASN1_R_NO_MATCHING_CHOICE_TYPE); goto err; - } + } + asn1_set_choice_selector(pval, i, it); *in = p; - if(asn1_cb && !asn1_cb(ASN1_OP_D2I_POST, pval, it)) + if (asn1_cb && !asn1_cb(ASN1_OP_D2I_POST, pval, it)) goto auxerr; return 1; + case ASN1_ITYPE_NDEF_SEQUENCE: case ASN1_ITYPE_SEQUENCE: p = *in; tmplen = len; /* If no IMPLICIT tagging set to SEQUENCE, UNIVERSAL */ - if(tag == -1) { + if (tag == -1) + { tag = V_ASN1_SEQUENCE; aclass = V_ASN1_UNIVERSAL; - } + } /* Get SEQUENCE length and update len, p */ - ret = asn1_check_tlen(&len, NULL, NULL, &seq_eoc, &cst, &p, len, tag, aclass, opt, ctx); - if(!ret) { - ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ERR_R_NESTED_ASN1_ERROR); + ret = asn1_check_tlen(&len, NULL, NULL, &seq_eoc, &cst, + &p, len, tag, aclass, opt, ctx); + if (!ret) + { + ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, + ERR_R_NESTED_ASN1_ERROR); goto err; - } else if(ret == -1) return -1; - if(aux && (aux->flags & ASN1_AFLG_BROKEN)) { + } + else if (ret == -1) + return -1; + if (aux && (aux->flags & ASN1_AFLG_BROKEN)) + { len = tmplen - (p - *in); seq_nolen = 1; - } else seq_nolen = seq_eoc; /* If indefinite we don't do a length check */ - if(!cst) { - ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ASN1_R_SEQUENCE_NOT_CONSTRUCTED); + } + /* If indefinite we don't do a length check */ + else seq_nolen = seq_eoc; + if (!cst) + { + ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, + ASN1_R_SEQUENCE_NOT_CONSTRUCTED); goto err; - } + } - if(!*pval) { - if(!ASN1_item_ex_new(pval, it)) { - ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ERR_R_NESTED_ASN1_ERROR); - goto err; + if (!*pval && !ASN1_item_ex_new(pval, it)) + { + ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, + ERR_R_NESTED_ASN1_ERROR); + goto err; } - } - if(asn1_cb && !asn1_cb(ASN1_OP_D2I_PRE, pval, it)) + + if (asn1_cb && !asn1_cb(ASN1_OP_D2I_PRE, pval, it)) goto auxerr; /* Get each field entry */ - for(i = 0, tt = it->templates; i < it->tcount; i++, tt++) { + for (i = 0, tt = it->templates; i < it->tcount; i++, tt++) + { const ASN1_TEMPLATE *seqtt; ASN1_VALUE **pseqval; seqtt = asn1_do_adb(pval, tt, 1); - if(!seqtt) goto err; + if (!seqtt) + goto err; pseqval = asn1_get_field_ptr(pval, seqtt); /* Have we ran out of data? */ - if(!len) break; + if (!len) + break; q = p; - if(asn1_check_eoc(&p, len)) { - if(!seq_eoc) { - ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ASN1_R_UNEXPECTED_EOC); + if (asn1_check_eoc(&p, len)) + { + if (!seq_eoc) + { + ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, + ASN1_R_UNEXPECTED_EOC); goto err; - } + } len -= p - q; seq_eoc = 0; q = p; break; - } - /* This determines the OPTIONAL flag value. The field cannot - * be omitted if it is the last of a SEQUENCE and there is - * still data to be read. This isn't strictly necessary but - * it increases efficiency in some cases. + } + /* This determines the OPTIONAL flag value. The field + * cannot be omitted if it is the last of a SEQUENCE + * and there is still data to be read. This isn't + * strictly necessary but it increases efficiency in + * some cases. */ - if(i == (it->tcount - 1)) isopt = 0; + if (i == (it->tcount - 1)) + isopt = 0; else isopt = (char)(seqtt->flags & ASN1_TFLG_OPTIONAL); - /* attempt to read in field, allowing each to be OPTIONAL */ - ret = asn1_template_ex_d2i(pseqval, &p, len, seqtt, isopt, ctx); - if(!ret) { + /* attempt to read in field, allowing each to be + * OPTIONAL */ + + ret = asn1_template_ex_d2i(pseqval, &p, len, + seqtt, isopt, ctx); + if (!ret) + { errtt = seqtt; goto err; - } else if(ret == -1) { - /* OPTIONAL component absent. Free and zero the field + } + else if (ret == -1) + { + /* OPTIONAL component absent. + * Free and zero the field. */ ASN1_template_free(pseqval, seqtt); continue; - } + } /* Update length */ len -= p - q; - } + } + /* Check for EOC if expecting one */ - if(seq_eoc && !asn1_check_eoc(&p, len)) { + if (seq_eoc && !asn1_check_eoc(&p, len)) + { ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ASN1_R_MISSING_EOC); goto err; - } + } /* Check all data read */ - if(!seq_nolen && len) { - ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ASN1_R_SEQUENCE_LENGTH_MISMATCH); + if (!seq_nolen && len) + { + ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, + ASN1_R_SEQUENCE_LENGTH_MISMATCH); goto err; - } + } /* If we get here we've got no more data in the SEQUENCE, * however we may not have read all fields so check all * remaining are OPTIONAL and clear any that are. */ - for(; i < it->tcount; tt++, i++) { + for (; i < it->tcount; tt++, i++) + { const ASN1_TEMPLATE *seqtt; seqtt = asn1_do_adb(pval, tt, 1); - if(!seqtt) goto err; - if(seqtt->flags & ASN1_TFLG_OPTIONAL) { + if (!seqtt) + goto err; + if (seqtt->flags & ASN1_TFLG_OPTIONAL) + { ASN1_VALUE **pseqval; pseqval = asn1_get_field_ptr(pval, seqtt); ASN1_template_free(pseqval, seqtt); - } else { + } + else + { errtt = seqtt; - ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ASN1_R_FIELD_MISSING); + ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, + ASN1_R_FIELD_MISSING); goto err; + } } - } /* Save encoding */ - if(!asn1_enc_save(pval, *in, p - *in, it)) goto auxerr; + if (!asn1_enc_save(pval, *in, p - *in, it)) + goto auxerr; *in = p; - if(asn1_cb && !asn1_cb(ASN1_OP_D2I_POST, pval, it)) + if (asn1_cb && !asn1_cb(ASN1_OP_D2I_POST, pval, it)) goto auxerr; return 1; default: return 0; - } + } auxerr: ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ASN1_R_AUX_ERROR); err: ASN1_item_ex_free(pval, it); - if(errtt) ERR_add_error_data(4, "Field=", errtt->field_name, ", Type=", it->sname); - else ERR_add_error_data(2, "Type=", it->sname); + if (errtt) + ERR_add_error_data(4, "Field=", errtt->field_name, + ", Type=", it->sname); + else + ERR_add_error_data(2, "Type=", it->sname); return 0; -} + } -/* Templates are handled with two separate functions. One handles any EXPLICIT tag and the other handles the - * rest. +/* Templates are handled with two separate functions. + * One handles any EXPLICIT tag and the other handles the rest. */ -static int asn1_template_ex_d2i(ASN1_VALUE **val, unsigned char **in, long inlen, const ASN1_TEMPLATE *tt, char opt, ASN1_TLC *ctx) -{ +static int asn1_template_ex_d2i(ASN1_VALUE **val, + const unsigned char **in, long inlen, + const ASN1_TEMPLATE *tt, char opt, + ASN1_TLC *ctx) + { int flags, aclass; int ret; long len; - unsigned char *p, *q; + const unsigned char *p, *q; char exp_eoc; - if(!val) return 0; + if (!val) + return 0; flags = tt->flags; aclass = flags & ASN1_TFLG_TAG_CLASS; p = *in; /* Check if EXPLICIT tag expected */ - if(flags & ASN1_TFLG_EXPTAG) { + if (flags & ASN1_TFLG_EXPTAG) + { char cst; - /* Need to work out amount of data available to the inner content and where it - * starts: so read in EXPLICIT header to get the info. + /* Need to work out amount of data available to the inner + * content and where it starts: so read in EXPLICIT header to + * get the info. */ - ret = asn1_check_tlen(&len, NULL, NULL, &exp_eoc, &cst, &p, inlen, tt->tag, aclass, opt, ctx); + ret = asn1_check_tlen(&len, NULL, NULL, &exp_eoc, &cst, + &p, inlen, tt->tag, aclass, opt, ctx); q = p; - if(!ret) { - ASN1err(ASN1_F_ASN1_TEMPLATE_EX_D2I, ERR_R_NESTED_ASN1_ERROR); + if (!ret) + { + ASN1err(ASN1_F_ASN1_TEMPLATE_EX_D2I, + ERR_R_NESTED_ASN1_ERROR); return 0; - } else if(ret == -1) return -1; - if(!cst) { - ASN1err(ASN1_F_ASN1_TEMPLATE_EX_D2I, ASN1_R_EXPLICIT_TAG_NOT_CONSTRUCTED); + } + else if (ret == -1) + return -1; + if (!cst) + { + ASN1err(ASN1_F_ASN1_TEMPLATE_EX_D2I, + ASN1_R_EXPLICIT_TAG_NOT_CONSTRUCTED); return 0; - } + } /* We've found the field so it can't be OPTIONAL now */ ret = asn1_template_noexp_d2i(val, &p, len, tt, 0, ctx); - if(!ret) { - ASN1err(ASN1_F_ASN1_TEMPLATE_EX_D2I, ERR_R_NESTED_ASN1_ERROR); + if (!ret) + { + ASN1err(ASN1_F_ASN1_TEMPLATE_EX_D2I, + ERR_R_NESTED_ASN1_ERROR); return 0; - } + } /* We read the field in OK so update length */ len -= p - q; - if(exp_eoc) { + if (exp_eoc) + { /* If NDEF we must have an EOC here */ - if(!asn1_check_eoc(&p, len)) { - ASN1err(ASN1_F_ASN1_TEMPLATE_D2I, ASN1_R_MISSING_EOC); + if (!asn1_check_eoc(&p, len)) + { + ASN1err(ASN1_F_ASN1_TEMPLATE_EX_D2I, + ASN1_R_MISSING_EOC); goto err; + } } - } else { - /* Otherwise we must hit the EXPLICIT tag end or its an error */ - if(len) { - ASN1err(ASN1_F_ASN1_TEMPLATE_D2I, ASN1_R_EXPLICIT_LENGTH_MISMATCH); + else + { + /* Otherwise we must hit the EXPLICIT tag end or its + * an error */ + if (len) + { + ASN1err(ASN1_F_ASN1_TEMPLATE_EX_D2I, + ASN1_R_EXPLICIT_LENGTH_MISMATCH); goto err; + } } } - } else - return asn1_template_noexp_d2i(val, in, inlen, tt, opt, ctx); + else + return asn1_template_noexp_d2i(val, in, inlen, + tt, opt, ctx); *in = p; return 1; @@ -476,98 +613,145 @@ static int asn1_template_ex_d2i(ASN1_VALUE **val, unsigned char **in, long inlen ASN1_template_free(val, tt); *val = NULL; return 0; -} + } -static int asn1_template_noexp_d2i(ASN1_VALUE **val, unsigned char **in, long len, const ASN1_TEMPLATE *tt, char opt, ASN1_TLC *ctx) -{ +static int asn1_template_noexp_d2i(ASN1_VALUE **val, + const unsigned char **in, long len, + const ASN1_TEMPLATE *tt, char opt, + ASN1_TLC *ctx) + { int flags, aclass; int ret; - unsigned char *p, *q; - if(!val) return 0; + const unsigned char *p, *q; + if (!val) + return 0; flags = tt->flags; aclass = flags & ASN1_TFLG_TAG_CLASS; p = *in; q = p; - if(flags & ASN1_TFLG_SK_MASK) { + if (flags & ASN1_TFLG_SK_MASK) + { /* SET OF, SEQUENCE OF */ int sktag, skaclass; char sk_eoc; /* First work out expected inner tag value */ - if(flags & ASN1_TFLG_IMPTAG) { + if (flags & ASN1_TFLG_IMPTAG) + { sktag = tt->tag; skaclass = aclass; - } else { + } + else + { skaclass = V_ASN1_UNIVERSAL; - if(flags & ASN1_TFLG_SET_OF) sktag = V_ASN1_SET; - else sktag = V_ASN1_SEQUENCE; - } + if (flags & ASN1_TFLG_SET_OF) + sktag = V_ASN1_SET; + else + sktag = V_ASN1_SEQUENCE; + } /* Get the tag */ - ret = asn1_check_tlen(&len, NULL, NULL, &sk_eoc, NULL, &p, len, sktag, skaclass, opt, ctx); - if(!ret) { - ASN1err(ASN1_F_ASN1_TEMPLATE_EX_D2I, ERR_R_NESTED_ASN1_ERROR); + ret = asn1_check_tlen(&len, NULL, NULL, &sk_eoc, NULL, + &p, len, sktag, skaclass, opt, ctx); + if (!ret) + { + ASN1err(ASN1_F_ASN1_TEMPLATE_NOEXP_D2I, + ERR_R_NESTED_ASN1_ERROR); return 0; - } else if(ret == -1) return -1; - if(!*val) *val = (ASN1_VALUE *)sk_new_null(); - else { + } + else if (ret == -1) + return -1; + if (!*val) + *val = (ASN1_VALUE *)sk_new_null(); + else + { /* We've got a valid STACK: free up any items present */ STACK *sktmp = (STACK *)*val; ASN1_VALUE *vtmp; - while(sk_num(sktmp) > 0) { + while(sk_num(sktmp) > 0) + { vtmp = (ASN1_VALUE *)sk_pop(sktmp); - ASN1_item_ex_free(&vtmp, ASN1_ITEM_ptr(tt->item)); + ASN1_item_ex_free(&vtmp, + ASN1_ITEM_ptr(tt->item)); + } } - } - if(!*val) { - ASN1err(ASN1_F_ASN1_TEMPLATE_EX_D2I, ERR_R_MALLOC_FAILURE); + if (!*val) + { + ASN1err(ASN1_F_ASN1_TEMPLATE_NOEXP_D2I, + ERR_R_MALLOC_FAILURE); goto err; - } + } + /* Read as many items as we can */ - while(len > 0) { + while(len > 0) + { ASN1_VALUE *skfield; q = p; /* See if EOC found */ - if(asn1_check_eoc(&p, len)) { - if(!sk_eoc) { - ASN1err(ASN1_F_ASN1_TEMPLATE_D2I, ASN1_R_UNEXPECTED_EOC); + if (asn1_check_eoc(&p, len)) + { + if (!sk_eoc) + { + ASN1err(ASN1_F_ASN1_TEMPLATE_NOEXP_D2I, + ASN1_R_UNEXPECTED_EOC); goto err; - } + } len -= p - q; sk_eoc = 0; break; - } + } skfield = NULL; - if(!ASN1_item_ex_d2i(&skfield, &p, len, ASN1_ITEM_ptr(tt->item), -1, 0, 0, ctx)) { - ASN1err(ASN1_F_ASN1_TEMPLATE_D2I, ERR_R_NESTED_ASN1_ERROR); + if (!ASN1_item_ex_d2i(&skfield, &p, len, + ASN1_ITEM_ptr(tt->item), + -1, 0, 0, ctx)) + { + ASN1err(ASN1_F_ASN1_TEMPLATE_NOEXP_D2I, + ERR_R_NESTED_ASN1_ERROR); goto err; - } + } len -= p - q; - if(!sk_push((STACK *)*val, (char *)skfield)) { - ASN1err(ASN1_F_ASN1_TEMPLATE_D2I, ERR_R_MALLOC_FAILURE); + if (!sk_push((STACK *)*val, (char *)skfield)) + { + ASN1err(ASN1_F_ASN1_TEMPLATE_NOEXP_D2I, + ERR_R_MALLOC_FAILURE); goto err; + } } - } - if(sk_eoc) { - ASN1err(ASN1_F_ASN1_TEMPLATE_D2I, ASN1_R_MISSING_EOC); + if (sk_eoc) + { + ASN1err(ASN1_F_ASN1_TEMPLATE_NOEXP_D2I, ASN1_R_MISSING_EOC); goto err; + } } - } else if(flags & ASN1_TFLG_IMPTAG) { + else if (flags & ASN1_TFLG_IMPTAG) + { /* IMPLICIT tagging */ - ret = ASN1_item_ex_d2i(val, &p, len, ASN1_ITEM_ptr(tt->item), tt->tag, aclass, opt, ctx); - if(!ret) { - ASN1err(ASN1_F_ASN1_TEMPLATE_D2I, ERR_R_NESTED_ASN1_ERROR); + ret = ASN1_item_ex_d2i(val, &p, len, + ASN1_ITEM_ptr(tt->item), tt->tag, aclass, opt, ctx); + if (!ret) + { + ASN1err(ASN1_F_ASN1_TEMPLATE_NOEXP_D2I, + ERR_R_NESTED_ASN1_ERROR); goto err; - } else if(ret == -1) return -1; - } else { + } + else if (ret == -1) + return -1; + } + else + { /* Nothing special */ - ret = ASN1_item_ex_d2i(val, &p, len, ASN1_ITEM_ptr(tt->item), -1, 0, opt, ctx); - if(!ret) { - ASN1err(ASN1_F_ASN1_TEMPLATE_D2I, ERR_R_NESTED_ASN1_ERROR); + ret = ASN1_item_ex_d2i(val, &p, len, ASN1_ITEM_ptr(tt->item), + -1, 0, opt, ctx); + if (!ret) + { + ASN1err(ASN1_F_ASN1_TEMPLATE_NOEXP_D2I, + ERR_R_NESTED_ASN1_ERROR); goto err; - } else if(ret == -1) return -1; - } + } + else if (ret == -1) + return -1; + } *in = p; return 1; @@ -576,83 +760,115 @@ static int asn1_template_noexp_d2i(ASN1_VALUE **val, unsigned char **in, long le ASN1_template_free(val, tt); *val = NULL; return 0; -} + } -static int asn1_d2i_ex_primitive(ASN1_VALUE **pval, unsigned char **in, long inlen, - const ASN1_ITEM *it, - int tag, int aclass, char opt, ASN1_TLC *ctx) -{ +static int asn1_d2i_ex_primitive(ASN1_VALUE **pval, + const unsigned char **in, long inlen, + const ASN1_ITEM *it, + int tag, int aclass, char opt, ASN1_TLC *ctx) + { int ret = 0, utype; long plen; char cst, inf, free_cont = 0; - unsigned char *p; + const unsigned char *p; BUF_MEM buf; - unsigned char *cont = NULL; + const unsigned char *cont = NULL; long len; - if(!pval) { + if (!pval) + { ASN1err(ASN1_F_ASN1_D2I_EX_PRIMITIVE, ASN1_R_ILLEGAL_NULL); return 0; /* Should never happen */ - } + } - if(it->itype == ASN1_ITYPE_MSTRING) { + if (it->itype == ASN1_ITYPE_MSTRING) + { utype = tag; tag = -1; - } else utype = it->utype; + } + else + utype = it->utype; - if(utype == V_ASN1_ANY) { + if (utype == V_ASN1_ANY) + { /* If type is ANY need to figure out type from tag */ unsigned char oclass; - if(tag >= 0) { - ASN1err(ASN1_F_ASN1_D2I_EX_PRIMITIVE, ASN1_R_ILLEGAL_TAGGED_ANY); + if (tag >= 0) + { + ASN1err(ASN1_F_ASN1_D2I_EX_PRIMITIVE, + ASN1_R_ILLEGAL_TAGGED_ANY); return 0; - } - if(opt) { - ASN1err(ASN1_F_ASN1_D2I_EX_PRIMITIVE, ASN1_R_ILLEGAL_OPTIONAL_ANY); + } + if (opt) + { + ASN1err(ASN1_F_ASN1_D2I_EX_PRIMITIVE, + ASN1_R_ILLEGAL_OPTIONAL_ANY); return 0; - } + } p = *in; - ret = asn1_check_tlen(NULL, &utype, &oclass, NULL, NULL, &p, inlen, -1, 0, 0, ctx); - if(!ret) { - ASN1err(ASN1_F_ASN1_D2I_EX_PRIMITIVE, ERR_R_NESTED_ASN1_ERROR); + ret = asn1_check_tlen(NULL, &utype, &oclass, NULL, NULL, + &p, inlen, -1, 0, 0, ctx); + if (!ret) + { + ASN1err(ASN1_F_ASN1_D2I_EX_PRIMITIVE, + ERR_R_NESTED_ASN1_ERROR); return 0; + } + if (oclass != V_ASN1_UNIVERSAL) + utype = V_ASN1_OTHER; } - if(oclass != V_ASN1_UNIVERSAL) utype = V_ASN1_OTHER; - } - if(tag == -1) { + if (tag == -1) + { tag = utype; aclass = V_ASN1_UNIVERSAL; - } + } p = *in; /* Check header */ - ret = asn1_check_tlen(&plen, NULL, NULL, &inf, &cst, &p, inlen, tag, aclass, opt, ctx); - if(!ret) { + ret = asn1_check_tlen(&plen, NULL, NULL, &inf, &cst, + &p, inlen, tag, aclass, opt, ctx); + if (!ret) + { ASN1err(ASN1_F_ASN1_D2I_EX_PRIMITIVE, ERR_R_NESTED_ASN1_ERROR); return 0; - } else if(ret == -1) return -1; + } + else if (ret == -1) + return -1; + ret = 0; /* SEQUENCE, SET and "OTHER" are left in encoded form */ - if((utype == V_ASN1_SEQUENCE) || (utype == V_ASN1_SET) || (utype == V_ASN1_OTHER)) { - /* Clear context cache for type OTHER because the auto clear when - * we have a exact match wont work + if ((utype == V_ASN1_SEQUENCE) + || (utype == V_ASN1_SET) || (utype == V_ASN1_OTHER)) + { + /* Clear context cache for type OTHER because the auto clear + * when we have a exact match wont work */ - if(utype == V_ASN1_OTHER) { + if (utype == V_ASN1_OTHER) + { asn1_tlc_clear(ctx); + } /* SEQUENCE and SET must be constructed */ - } else if(!cst) { - ASN1err(ASN1_F_ASN1_D2I_EX_PRIMITIVE, ASN1_R_TYPE_NOT_CONSTRUCTED); + else if (!cst) + { + ASN1err(ASN1_F_ASN1_D2I_EX_PRIMITIVE, + ASN1_R_TYPE_NOT_CONSTRUCTED); return 0; - } + } cont = *in; /* If indefinite length constructed find the real end */ - if(inf) { - if(!asn1_find_end(&p, plen, inf)) goto err; + if (inf) + { + if (!asn1_find_end(&p, plen, inf)) + goto err; len = p - cont; - } else { + } + else + { len = p - cont + plen; p += plen; buf.data = NULL; + } } - } else if(cst) { + else if (cst) + { buf.length = 0; buf.max = 0; buf.data = NULL; @@ -662,36 +878,46 @@ static int asn1_d2i_ex_primitive(ASN1_VALUE **pval, unsigned char **in, long inl * internally irrespective of the type. So instead just check * for UNIVERSAL class and ignore the tag. */ - if(!asn1_collect(&buf, &p, plen, inf, -1, V_ASN1_UNIVERSAL)) goto err; + if (!asn1_collect(&buf, &p, plen, inf, -1, V_ASN1_UNIVERSAL)) + { + free_cont = 1; + goto err; + } len = buf.length; /* Append a final null to string */ - if(!BUF_MEM_grow_clean(&buf, len + 1)) { - ASN1err(ASN1_F_ASN1_D2I_EX_PRIMITIVE, ERR_R_MALLOC_FAILURE); + if (!BUF_MEM_grow_clean(&buf, len + 1)) + { + ASN1err(ASN1_F_ASN1_D2I_EX_PRIMITIVE, + ERR_R_MALLOC_FAILURE); return 0; - } + } buf.data[len] = 0; - cont = (unsigned char *)buf.data; + cont = (const unsigned char *)buf.data; free_cont = 1; - } else { + } + else + { cont = p; len = plen; p += plen; - } + } /* We now have content length and type: translate into a structure */ - if(!asn1_ex_c2i(pval, cont, len, utype, &free_cont, it)) goto err; + if (!asn1_ex_c2i(pval, cont, len, utype, &free_cont, it)) + goto err; *in = p; ret = 1; err: - if(free_cont && buf.data) OPENSSL_free(buf.data); + if (free_cont && buf.data) OPENSSL_free(buf.data); return ret; -} + } /* Translate ASN1 content octets into a structure */ -int asn1_ex_c2i(ASN1_VALUE **pval, unsigned char *cont, int len, int utype, char *free_cont, const ASN1_ITEM *it) -{ +int asn1_ex_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len, + int utype, char *free_cont, const ASN1_ITEM *it) + { ASN1_VALUE **opval = NULL; ASN1_STRING *stmp; ASN1_TYPE *typ = NULL; @@ -699,43 +925,62 @@ int asn1_ex_c2i(ASN1_VALUE **pval, unsigned char *cont, int len, int utype, char const ASN1_PRIMITIVE_FUNCS *pf; ASN1_INTEGER **tint; pf = it->funcs; - if(pf && pf->prim_c2i) return pf->prim_c2i(pval, cont, len, utype, free_cont, it); + + if (pf && pf->prim_c2i) + return pf->prim_c2i(pval, cont, len, utype, free_cont, it); /* If ANY type clear type and set pointer to internal value */ - if(it->utype == V_ASN1_ANY) { - if(!*pval) { + if (it->utype == V_ASN1_ANY) + { + if (!*pval) + { typ = ASN1_TYPE_new(); + if (typ == NULL) + goto err; *pval = (ASN1_VALUE *)typ; - } else typ = (ASN1_TYPE *)*pval; - if(utype != typ->type) ASN1_TYPE_set(typ, utype, NULL); + } + else + typ = (ASN1_TYPE *)*pval; + + if (utype != typ->type) + ASN1_TYPE_set(typ, utype, NULL); opval = pval; - pval = (ASN1_VALUE **)&typ->value.ptr; - } - switch(utype) { + pval = &typ->value.asn1_value; + } + switch(utype) + { case V_ASN1_OBJECT: - if(!c2i_ASN1_OBJECT((ASN1_OBJECT **)pval, &cont, len)) goto err; + if (!c2i_ASN1_OBJECT((ASN1_OBJECT **)pval, &cont, len)) + goto err; break; case V_ASN1_NULL: - if(len) { - ASN1err(ASN1_F_ASN1_D2I_EX_PRIMITIVE, ASN1_R_NULL_IS_WRONG_LENGTH); + if (len) + { + ASN1err(ASN1_F_ASN1_EX_C2I, + ASN1_R_NULL_IS_WRONG_LENGTH); goto err; - } + } *pval = (ASN1_VALUE *)1; break; case V_ASN1_BOOLEAN: - if(len != 1) { - ASN1err(ASN1_F_ASN1_D2I_EX_PRIMITIVE, ASN1_R_BOOLEAN_IS_WRONG_LENGTH); + if (len != 1) + { + ASN1err(ASN1_F_ASN1_EX_C2I, + ASN1_R_BOOLEAN_IS_WRONG_LENGTH); goto err; - } else { + } + else + { ASN1_BOOLEAN *tbool; tbool = (ASN1_BOOLEAN *)pval; *tbool = *cont; - } + } break; case V_ASN1_BIT_STRING: - if(!c2i_ASN1_BIT_STRING((ASN1_BIT_STRING **)pval, &cont, len)) goto err; + if (!c2i_ASN1_BIT_STRING((ASN1_BIT_STRING **)pval, &cont, len)) + goto err; break; case V_ASN1_INTEGER: @@ -743,7 +988,8 @@ int asn1_ex_c2i(ASN1_VALUE **pval, unsigned char *cont, int len, int utype, char case V_ASN1_ENUMERATED: case V_ASN1_NEG_ENUMERATED: tint = (ASN1_INTEGER **)pval; - if(!c2i_ASN1_INTEGER(tint, &cont, len)) goto err; + if (!c2i_ASN1_INTEGER(tint, &cont, len)) + goto err; /* Fixup type to match the expected form */ (*tint)->type = utype | ((*tint)->type & V_ASN1_NEG); break; @@ -767,46 +1013,59 @@ int asn1_ex_c2i(ASN1_VALUE **pval, unsigned char *cont, int len, int utype, char case V_ASN1_SEQUENCE: default: /* All based on ASN1_STRING and handled the same */ - if(!*pval) { + if (!*pval) + { stmp = ASN1_STRING_type_new(utype); - if(!stmp) { - ASN1err(ASN1_F_ASN1_D2I_EX_PRIMITIVE, ERR_R_MALLOC_FAILURE); + if (!stmp) + { + ASN1err(ASN1_F_ASN1_EX_C2I, + ERR_R_MALLOC_FAILURE); goto err; - } + } *pval = (ASN1_VALUE *)stmp; - } else { + } + else + { stmp = (ASN1_STRING *)*pval; stmp->type = utype; - } + } /* If we've already allocated a buffer use it */ - if(*free_cont) { - if(stmp->data) OPENSSL_free(stmp->data); - stmp->data = cont; + if (*free_cont) + { + if (stmp->data) + OPENSSL_free(stmp->data); + stmp->data = (unsigned char *)cont; /* UGLY CAST! RL */ stmp->length = len; *free_cont = 0; - } else { - if(!ASN1_STRING_set(stmp, cont, len)) { - ASN1err(ASN1_F_ASN1_D2I_EX_PRIMITIVE, ERR_R_MALLOC_FAILURE); + } + else + { + if (!ASN1_STRING_set(stmp, cont, len)) + { + ASN1err(ASN1_F_ASN1_EX_C2I, + ERR_R_MALLOC_FAILURE); ASN1_STRING_free(stmp); *pval = NULL; goto err; + } } - } break; - } + } /* If ASN1_ANY and NULL type fix up value */ - if(typ && utype==V_ASN1_NULL) typ->value.ptr = NULL; + if (typ && (utype == V_ASN1_NULL)) + typ->value.ptr = NULL; ret = 1; err: - if(!ret) + if (!ret) { ASN1_TYPE_free(typ); if (opval) *opval = NULL; } return ret; -} + } + /* This function finds the end of an ASN1 structure when passed its maximum * length, whether it is indefinite length and a pointer to the content. @@ -814,11 +1073,11 @@ int asn1_ex_c2i(ASN1_VALUE **pval, unsigned char *cont, int len, int utype, char * recurse on each indefinite length header. */ -static int asn1_find_end(unsigned char **in, long len, char inf) +static int asn1_find_end(const unsigned char **in, long len, char inf) { int expected_eoc; long plen; - unsigned char *p = *in, *q; + const unsigned char *p = *in, *q; /* If not indefinite length constructed just add length */ if (inf == 0) { @@ -828,7 +1087,7 @@ static int asn1_find_end(unsigned char **in, long len, char inf) expected_eoc = 1; /* Indefinite length constructed form. Find the end when enough EOCs * are found. If more indefinite length constructed headers - * are encountered increment the expected eoc count otherwise justi + * are encountered increment the expected eoc count otherwise just * skip to the end of the data. */ while (len > 0) @@ -863,38 +1122,55 @@ static int asn1_find_end(unsigned char **in, long len, char inf) *in = p; return 1; } - /* This function collects the asn1 data from a constructred string * type into a buffer. The values of 'in' and 'len' should refer * to the contents of the constructed type and 'inf' should be set * if it is indefinite length. */ -static int asn1_collect(BUF_MEM *buf, unsigned char **in, long len, char inf, int tag, int aclass) -{ - unsigned char *p, *q; +static int asn1_collect(BUF_MEM *buf, const unsigned char **in, long len, + char inf, int tag, int aclass) + { + const unsigned char *p, *q; long plen; char cst, ininf; p = *in; inf &= 1; - while(len > 0) { + /* If no buffer and not indefinite length constructed just pass over + * the encoded data */ + if (!buf && !inf) + { + *in += len; + return 1; + } + while(len > 0) + { q = p; /* Check for EOC */ - if(asn1_check_eoc(&p, len)) { - /* EOC is illegal outside indefinite length constructed form */ - if(!inf) { - ASN1err(ASN1_F_ASN1_COLLECT, ASN1_R_UNEXPECTED_EOC); + if (asn1_check_eoc(&p, len)) + { + /* EOC is illegal outside indefinite length + * constructed form */ + if (!inf) + { + ASN1err(ASN1_F_ASN1_COLLECT, + ASN1_R_UNEXPECTED_EOC); return 0; - } + } inf = 0; break; - } - if(!asn1_check_tlen(&plen, NULL, NULL, &ininf, &cst, &p, len, tag, aclass, 0, NULL)) { + } + + if (!asn1_check_tlen(&plen, NULL, NULL, &ininf, &cst, &p, + len, tag, aclass, 0, NULL)) + { ASN1err(ASN1_F_ASN1_COLLECT, ERR_R_NESTED_ASN1_ERROR); return 0; - } + } + /* If indefinite length constructed update max length */ - if(cst) { + if (cst) + { #ifdef OPENSSL_ALLOW_NESTED_ASN1_STRINGS if (!asn1_collect(buf, &p, plen, ininf, tag, aclass)) return 0; @@ -902,47 +1178,51 @@ static int asn1_collect(BUF_MEM *buf, unsigned char **in, long len, char inf, in ASN1err(ASN1_F_ASN1_COLLECT, ASN1_R_NESTED_ASN1_STRING); return 0; #endif - } else { - if(plen && !collect_data(buf, &p, plen)) return 0; - } + } + else if (plen && !collect_data(buf, &p, plen)) + return 0; len -= p - q; - } - if(inf) { + } + if (inf) + { ASN1err(ASN1_F_ASN1_COLLECT, ASN1_R_MISSING_EOC); return 0; - } + } *in = p; return 1; -} - -static int collect_data(BUF_MEM *buf, unsigned char **p, long plen) -{ - int len; - if(buf) { - len = buf->length; - if(!BUF_MEM_grow_clean(buf, len + plen)) { - ASN1err(ASN1_F_COLLECT_DATA, ERR_R_MALLOC_FAILURE); - return 0; + } + +static int collect_data(BUF_MEM *buf, const unsigned char **p, long plen) + { + int len; + if (buf) + { + len = buf->length; + if (!BUF_MEM_grow_clean(buf, len + plen)) + { + ASN1err(ASN1_F_COLLECT_DATA, ERR_R_MALLOC_FAILURE); + return 0; } - memcpy(buf->data + len, *p, plen); + memcpy(buf->data + len, *p, plen); } - *p += plen; - return 1; -} + *p += plen; + return 1; + } /* Check for ASN1 EOC and swallow it if found */ -static int asn1_check_eoc(unsigned char **in, long len) -{ - unsigned char *p; - if(len < 2) return 0; +static int asn1_check_eoc(const unsigned char **in, long len) + { + const unsigned char *p; + if (len < 2) return 0; p = *in; - if(!p[0] && !p[1]) { + if (!p[0] && !p[1]) + { *in += 2; return 1; - } + } return 0; -} + } /* Check an ASN1 tag and length: a bit like ASN1_get_object * but it sets the length for indefinite length constructed @@ -951,25 +1231,32 @@ static int asn1_check_eoc(unsigned char **in, long len) * header length just read. */ -static int asn1_check_tlen(long *olen, int *otag, unsigned char *oclass, char *inf, char *cst, - unsigned char **in, long len, int exptag, int expclass, char opt, ASN1_TLC *ctx) -{ +static int asn1_check_tlen(long *olen, int *otag, unsigned char *oclass, + char *inf, char *cst, + const unsigned char **in, long len, + int exptag, int expclass, char opt, + ASN1_TLC *ctx) + { int i; int ptag, pclass; long plen; - unsigned char *p, *q; + const unsigned char *p, *q; p = *in; q = p; - if(ctx && ctx->valid) { + if (ctx && ctx->valid) + { i = ctx->ret; plen = ctx->plen; pclass = ctx->pclass; ptag = ctx->ptag; p += ctx->hdrlen; - } else { + } + else + { i = ASN1_get_object(&p, &plen, &ptag, &pclass, len); - if(ctx) { + if (ctx) + { ctx->ret = i; ctx->plen = plen; ctx->pclass = pclass; @@ -979,43 +1266,57 @@ static int asn1_check_tlen(long *olen, int *otag, unsigned char *oclass, char *i /* If definite length, and no error, length + * header can't exceed total amount of data available. */ - if(!(i & 0x81) && ((plen + ctx->hdrlen) > len)) { - ASN1err(ASN1_F_ASN1_CHECK_TLEN, ASN1_R_TOO_LONG); + if (!(i & 0x81) && ((plen + ctx->hdrlen) > len)) + { + ASN1err(ASN1_F_ASN1_CHECK_TLEN, + ASN1_R_TOO_LONG); asn1_tlc_clear(ctx); return 0; + } } } - } - if(i & 0x80) { + if (i & 0x80) + { ASN1err(ASN1_F_ASN1_CHECK_TLEN, ASN1_R_BAD_OBJECT_HEADER); asn1_tlc_clear(ctx); return 0; - } - if(exptag >= 0) { - if((exptag != ptag) || (expclass != pclass)) { - /* If type is OPTIONAL, not an error, but indicate missing - * type. + } + if (exptag >= 0) + { + if ((exptag != ptag) || (expclass != pclass)) + { + /* If type is OPTIONAL, not an error: + * indicate missing type. */ - if(opt) return -1; + if (opt) return -1; asn1_tlc_clear(ctx); ASN1err(ASN1_F_ASN1_CHECK_TLEN, ASN1_R_WRONG_TAG); return 0; - } - /* We have a tag and class match, so assume we are going to do something with it */ + } + /* We have a tag and class match: + * assume we are going to do something with it */ asn1_tlc_clear(ctx); - } + } + + if (i & 1) + plen = len - (p - q); - if(i & 1) plen = len - (p - q); + if (inf) + *inf = i & 1; - if(inf) *inf = i & 1; + if (cst) + *cst = i & V_ASN1_CONSTRUCTED; - if(cst) *cst = i & V_ASN1_CONSTRUCTED; + if (olen) + *olen = plen; - if(olen) *olen = plen; - if(oclass) *oclass = pclass; - if(otag) *otag = ptag; + if (oclass) + *oclass = pclass; + + if (otag) + *otag = ptag; *in = p; return 1; -} + } diff --git a/src/lib/libssl/src/crypto/asn1/tasn_enc.c b/src/lib/libssl/src/crypto/asn1/tasn_enc.c index c675c3c832..be19b36acd 100644 --- a/src/lib/libssl/src/crypto/asn1/tasn_enc.c +++ b/src/lib/libssl/src/crypto/asn1/tasn_enc.c @@ -3,7 +3,7 @@ * project 2000. */ /* ==================================================================== - * Copyright (c) 2000 The OpenSSL Project. All rights reserved. + * Copyright (c) 2000-2004 The OpenSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -59,88 +59,119 @@ #include #include +#include "cryptlib.h" #include #include #include -static int asn1_i2d_ex_primitive(ASN1_VALUE **pval, unsigned char **out, const ASN1_ITEM *it, int tag, int aclass); -static int asn1_set_seq_out(STACK_OF(ASN1_VALUE) *seq, unsigned char **out, int skcontlen, const ASN1_ITEM *item, int isset); +static int asn1_i2d_ex_primitive(ASN1_VALUE **pval, unsigned char **out, + const ASN1_ITEM *it, + int tag, int aclass); +static int asn1_set_seq_out(STACK_OF(ASN1_VALUE) *sk, unsigned char **out, + int skcontlen, const ASN1_ITEM *item, + int do_sort, int iclass); +static int asn1_template_ex_i2d(ASN1_VALUE **pval, unsigned char **out, + const ASN1_TEMPLATE *tt, + int tag, int aclass); +static int asn1_item_flags_i2d(ASN1_VALUE *val, unsigned char **out, + const ASN1_ITEM *it, int flags); + +/* Top level i2d equivalents: the 'ndef' variant instructs the encoder + * to use indefinite length constructed encoding, where appropriate + */ + +int ASN1_item_ndef_i2d(ASN1_VALUE *val, unsigned char **out, + const ASN1_ITEM *it) + { + return asn1_item_flags_i2d(val, out, it, ASN1_TFLG_NDEF); + } + +int ASN1_item_i2d(ASN1_VALUE *val, unsigned char **out, const ASN1_ITEM *it) + { + return asn1_item_flags_i2d(val, out, it, 0); + } -/* Encode an ASN1 item, this is compatible with the +/* Encode an ASN1 item, this is use by the * standard 'i2d' function. 'out' points to - * a buffer to output the data to, in future we will - * have more advanced versions that can output data - * a piece at a time and this will simply be a special - * case. + * a buffer to output the data to. * * The new i2d has one additional feature. If the output * buffer is NULL (i.e. *out == NULL) then a buffer is * allocated and populated with the encoding. */ - -int ASN1_item_i2d(ASN1_VALUE *val, unsigned char **out, const ASN1_ITEM *it) -{ - if(out && !*out) { +static int asn1_item_flags_i2d(ASN1_VALUE *val, unsigned char **out, + const ASN1_ITEM *it, int flags) + { + if (out && !*out) + { unsigned char *p, *buf; int len; - len = ASN1_item_ex_i2d(&val, NULL, it, -1, 0); - if(len <= 0) return len; + len = ASN1_item_ex_i2d(&val, NULL, it, -1, flags); + if (len <= 0) + return len; buf = OPENSSL_malloc(len); - if(!buf) return -1; + if (!buf) + return -1; p = buf; - ASN1_item_ex_i2d(&val, &p, it, -1, 0); + ASN1_item_ex_i2d(&val, &p, it, -1, flags); *out = buf; return len; + } + + return ASN1_item_ex_i2d(&val, out, it, -1, flags); } - - return ASN1_item_ex_i2d(&val, out, it, -1, 0); -} /* Encode an item, taking care of IMPLICIT tagging (if any). * This function performs the normal item handling: it can be * used in external types. */ -int ASN1_item_ex_i2d(ASN1_VALUE **pval, unsigned char **out, const ASN1_ITEM *it, int tag, int aclass) -{ +int ASN1_item_ex_i2d(ASN1_VALUE **pval, unsigned char **out, + const ASN1_ITEM *it, int tag, int aclass) + { const ASN1_TEMPLATE *tt = NULL; unsigned char *p = NULL; - int i, seqcontlen, seqlen; - ASN1_STRING *strtmp; + int i, seqcontlen, seqlen, ndef = 1; const ASN1_COMPAT_FUNCS *cf; const ASN1_EXTERN_FUNCS *ef; const ASN1_AUX *aux = it->funcs; - ASN1_aux_cb *asn1_cb; - if((it->itype != ASN1_ITYPE_PRIMITIVE) && !*pval) return 0; - if(aux && aux->asn1_cb) asn1_cb = aux->asn1_cb; - else asn1_cb = 0; + ASN1_aux_cb *asn1_cb = 0; + + if ((it->itype != ASN1_ITYPE_PRIMITIVE) && !*pval) + return 0; - switch(it->itype) { + if (aux && aux->asn1_cb) + asn1_cb = aux->asn1_cb; + + switch(it->itype) + { case ASN1_ITYPE_PRIMITIVE: - if(it->templates) - return ASN1_template_i2d(pval, out, it->templates); + if (it->templates) + return asn1_template_ex_i2d(pval, out, it->templates, + tag, aclass); return asn1_i2d_ex_primitive(pval, out, it, tag, aclass); break; case ASN1_ITYPE_MSTRING: - strtmp = (ASN1_STRING *)*pval; - return asn1_i2d_ex_primitive(pval, out, it, -1, 0); + return asn1_i2d_ex_primitive(pval, out, it, -1, aclass); case ASN1_ITYPE_CHOICE: - if(asn1_cb && !asn1_cb(ASN1_OP_I2D_PRE, pval, it)) + if (asn1_cb && !asn1_cb(ASN1_OP_I2D_PRE, pval, it)) return 0; i = asn1_get_choice_selector(pval, it); - if((i >= 0) && (i < it->tcount)) { + if ((i >= 0) && (i < it->tcount)) + { ASN1_VALUE **pchval; const ASN1_TEMPLATE *chtt; chtt = it->templates + i; pchval = asn1_get_field_ptr(pval, chtt); - return ASN1_template_i2d(pchval, out, chtt); - } + return asn1_template_ex_i2d(pchval, out, chtt, + -1, aclass); + } /* Fixme: error condition if selector out of range */ - if(asn1_cb && !asn1_cb(ASN1_OP_I2D_POST, pval, it)) + if (asn1_cb && !asn1_cb(ASN1_OP_I2D_POST, pval, it)) return 0; break; @@ -152,136 +183,236 @@ int ASN1_item_ex_i2d(ASN1_VALUE **pval, unsigned char **out, const ASN1_ITEM *it case ASN1_ITYPE_COMPAT: /* old style hackery... */ cf = it->funcs; - if(out) p = *out; + if (out) + p = *out; i = cf->asn1_i2d(*pval, out); /* Fixup for IMPLICIT tag: note this messes up for tags > 30, * but so did the old code. Tags > 30 are very rare anyway. */ - if(out && (tag != -1)) + if (out && (tag != -1)) *p = aclass | tag | (*p & V_ASN1_CONSTRUCTED); return i; + case ASN1_ITYPE_NDEF_SEQUENCE: + /* Use indefinite length constructed if requested */ + if (aclass & ASN1_TFLG_NDEF) ndef = 2; + /* fall through */ + case ASN1_ITYPE_SEQUENCE: i = asn1_enc_restore(&seqcontlen, out, pval, it); /* An error occurred */ - if(i < 0) return 0; + if (i < 0) + return 0; /* We have a valid cached encoding... */ - if(i > 0) return seqcontlen; + if (i > 0) + return seqcontlen; /* Otherwise carry on */ seqcontlen = 0; /* If no IMPLICIT tagging set to SEQUENCE, UNIVERSAL */ - if(tag == -1) { + if (tag == -1) + { tag = V_ASN1_SEQUENCE; - aclass = V_ASN1_UNIVERSAL; - } - if(asn1_cb && !asn1_cb(ASN1_OP_I2D_PRE, pval, it)) + /* Retain any other flags in aclass */ + aclass = (aclass & ~ASN1_TFLG_TAG_CLASS) + | V_ASN1_UNIVERSAL; + } + if (asn1_cb && !asn1_cb(ASN1_OP_I2D_PRE, pval, it)) return 0; /* First work out sequence content length */ - for(i = 0, tt = it->templates; i < it->tcount; tt++, i++) { + for (i = 0, tt = it->templates; i < it->tcount; tt++, i++) + { const ASN1_TEMPLATE *seqtt; ASN1_VALUE **pseqval; seqtt = asn1_do_adb(pval, tt, 1); - if(!seqtt) return 0; + if (!seqtt) + return 0; pseqval = asn1_get_field_ptr(pval, seqtt); /* FIXME: check for errors in enhanced version */ - /* FIXME: special handling of indefinite length encoding */ - seqcontlen += ASN1_template_i2d(pseqval, NULL, seqtt); - } - seqlen = ASN1_object_size(1, seqcontlen, tag); - if(!out) return seqlen; + seqcontlen += asn1_template_ex_i2d(pseqval, NULL, seqtt, + -1, aclass); + } + + seqlen = ASN1_object_size(ndef, seqcontlen, tag); + if (!out) + return seqlen; /* Output SEQUENCE header */ - ASN1_put_object(out, 1, seqcontlen, tag, aclass); - for(i = 0, tt = it->templates; i < it->tcount; tt++, i++) { + ASN1_put_object(out, ndef, seqcontlen, tag, aclass); + for (i = 0, tt = it->templates; i < it->tcount; tt++, i++) + { const ASN1_TEMPLATE *seqtt; ASN1_VALUE **pseqval; seqtt = asn1_do_adb(pval, tt, 1); - if(!seqtt) return 0; + if (!seqtt) + return 0; pseqval = asn1_get_field_ptr(pval, seqtt); /* FIXME: check for errors in enhanced version */ - ASN1_template_i2d(pseqval, out, seqtt); - } - if(asn1_cb && !asn1_cb(ASN1_OP_I2D_POST, pval, it)) + asn1_template_ex_i2d(pseqval, out, seqtt, -1, aclass); + } + if (ndef == 2) + ASN1_put_eoc(out); + if (asn1_cb && !asn1_cb(ASN1_OP_I2D_POST, pval, it)) return 0; return seqlen; default: return 0; - } + + } return 0; -} + } -int ASN1_template_i2d(ASN1_VALUE **pval, unsigned char **out, const ASN1_TEMPLATE *tt) -{ - int i, ret, flags, aclass; +int ASN1_template_i2d(ASN1_VALUE **pval, unsigned char **out, + const ASN1_TEMPLATE *tt) + { + return asn1_template_ex_i2d(pval, out, tt, -1, 0); + } + +static int asn1_template_ex_i2d(ASN1_VALUE **pval, unsigned char **out, + const ASN1_TEMPLATE *tt, int tag, int iclass) + { + int i, ret, flags, ttag, tclass, ndef; flags = tt->flags; - aclass = flags & ASN1_TFLG_TAG_CLASS; - if(flags & ASN1_TFLG_SK_MASK) { + /* Work out tag and class to use: tagging may come + * either from the template or the arguments, not both + * because this would create ambiguity. Additionally + * the iclass argument may contain some additional flags + * which should be noted and passed down to other levels. + */ + if (flags & ASN1_TFLG_TAG_MASK) + { + /* Error if argument and template tagging */ + if (tag != -1) + /* FIXME: error code here */ + return -1; + /* Get tagging from template */ + ttag = tt->tag; + tclass = flags & ASN1_TFLG_TAG_CLASS; + } + else if (tag != -1) + { + /* No template tagging, get from arguments */ + ttag = tag; + tclass = iclass & ASN1_TFLG_TAG_CLASS; + } + else + { + ttag = -1; + tclass = 0; + } + /* + * Remove any class mask from iflag. + */ + iclass &= ~ASN1_TFLG_TAG_CLASS; + + /* At this point 'ttag' contains the outer tag to use, + * 'tclass' is the class and iclass is any flags passed + * to this function. + */ + + /* if template and arguments require ndef, use it */ + if ((flags & ASN1_TFLG_NDEF) && (iclass & ASN1_TFLG_NDEF)) + ndef = 2; + else ndef = 1; + + if (flags & ASN1_TFLG_SK_MASK) + { /* SET OF, SEQUENCE OF */ STACK_OF(ASN1_VALUE) *sk = (STACK_OF(ASN1_VALUE) *)*pval; int isset, sktag, skaclass; int skcontlen, sklen; ASN1_VALUE *skitem; - if(!*pval) return 0; - if(flags & ASN1_TFLG_SET_OF) { + + if (!*pval) + return 0; + + if (flags & ASN1_TFLG_SET_OF) + { isset = 1; /* 2 means we reorder */ - if(flags & ASN1_TFLG_SEQUENCE_OF) isset = 2; - } else isset = 0; - /* First work out inner tag value */ - if(flags & ASN1_TFLG_IMPTAG) { - sktag = tt->tag; - skaclass = aclass; - } else { + if (flags & ASN1_TFLG_SEQUENCE_OF) + isset = 2; + } + else isset = 0; + + /* Work out inner tag value: if EXPLICIT + * or no tagging use underlying type. + */ + if ((ttag != -1) && !(flags & ASN1_TFLG_EXPTAG)) + { + sktag = ttag; + skaclass = tclass; + } + else + { skaclass = V_ASN1_UNIVERSAL; - if(isset) sktag = V_ASN1_SET; + if (isset) + sktag = V_ASN1_SET; else sktag = V_ASN1_SEQUENCE; - } - /* Now work out length of items */ + } + + /* Determine total length of items */ skcontlen = 0; - for(i = 0; i < sk_ASN1_VALUE_num(sk); i++) { + for (i = 0; i < sk_ASN1_VALUE_num(sk); i++) + { skitem = sk_ASN1_VALUE_value(sk, i); - skcontlen += ASN1_item_ex_i2d(&skitem, NULL, ASN1_ITEM_ptr(tt->item), -1, 0); - } - sklen = ASN1_object_size(1, skcontlen, sktag); + skcontlen += ASN1_item_ex_i2d(&skitem, NULL, + ASN1_ITEM_ptr(tt->item), + -1, iclass); + } + sklen = ASN1_object_size(ndef, skcontlen, sktag); /* If EXPLICIT need length of surrounding tag */ - if(flags & ASN1_TFLG_EXPTAG) - ret = ASN1_object_size(1, sklen, tt->tag); + if (flags & ASN1_TFLG_EXPTAG) + ret = ASN1_object_size(ndef, sklen, ttag); else ret = sklen; - if(!out) return ret; + if (!out) + return ret; /* Now encode this lot... */ /* EXPLICIT tag */ - if(flags & ASN1_TFLG_EXPTAG) - ASN1_put_object(out, 1, sklen, tt->tag, aclass); + if (flags & ASN1_TFLG_EXPTAG) + ASN1_put_object(out, ndef, sklen, ttag, tclass); /* SET or SEQUENCE and IMPLICIT tag */ - ASN1_put_object(out, 1, skcontlen, sktag, skaclass); - /* And finally the stuff itself */ - asn1_set_seq_out(sk, out, skcontlen, ASN1_ITEM_ptr(tt->item), isset); + ASN1_put_object(out, ndef, skcontlen, sktag, skaclass); + /* And the stuff itself */ + asn1_set_seq_out(sk, out, skcontlen, ASN1_ITEM_ptr(tt->item), + isset, iclass); + if (ndef == 2) + { + ASN1_put_eoc(out); + if (flags & ASN1_TFLG_EXPTAG) + ASN1_put_eoc(out); + } return ret; - } - - if(flags & ASN1_TFLG_EXPTAG) { + } + + if (flags & ASN1_TFLG_EXPTAG) + { /* EXPLICIT tagging */ /* Find length of tagged item */ - i = ASN1_item_ex_i2d(pval, NULL, ASN1_ITEM_ptr(tt->item), -1, 0); - if(!i) return 0; + i = ASN1_item_ex_i2d(pval, NULL, ASN1_ITEM_ptr(tt->item), + -1, iclass); + if (!i) + return 0; /* Find length of EXPLICIT tag */ - ret = ASN1_object_size(1, i, tt->tag); - if(out) { + ret = ASN1_object_size(ndef, i, ttag); + if (out) + { /* Output tag and item */ - ASN1_put_object(out, 1, i, tt->tag, aclass); - ASN1_item_ex_i2d(pval, out, ASN1_ITEM_ptr(tt->item), -1, 0); - } + ASN1_put_object(out, ndef, i, ttag, tclass); + ASN1_item_ex_i2d(pval, out, ASN1_ITEM_ptr(tt->item), + -1, iclass); + if (ndef == 2) + ASN1_put_eoc(out); + } return ret; - } - if(flags & ASN1_TFLG_IMPTAG) { - /* IMPLICIT tagging */ - return ASN1_item_ex_i2d(pval, out, ASN1_ITEM_ptr(tt->item), tt->tag, aclass); - } - /* Nothing special: treat as normal */ - return ASN1_item_ex_i2d(pval, out, ASN1_ITEM_ptr(tt->item), -1, 0); + } + + /* Either normal or IMPLICIT tagging: combine class and flags */ + return ASN1_item_ex_i2d(pval, out, ASN1_ITEM_ptr(tt->item), + ttag, tclass | iclass); + } /* Temporary structure used to hold DER encoding of items for SET OF */ @@ -293,72 +424,90 @@ typedef struct { } DER_ENC; static int der_cmp(const void *a, const void *b) -{ + { const DER_ENC *d1 = a, *d2 = b; int cmplen, i; cmplen = (d1->length < d2->length) ? d1->length : d2->length; i = memcmp(d1->data, d2->data, cmplen); - if(i) return i; + if (i) + return i; return d1->length - d2->length; -} + } /* Output the content octets of SET OF or SEQUENCE OF */ -static int asn1_set_seq_out(STACK_OF(ASN1_VALUE) *sk, unsigned char **out, int skcontlen, const ASN1_ITEM *item, int do_sort) -{ +static int asn1_set_seq_out(STACK_OF(ASN1_VALUE) *sk, unsigned char **out, + int skcontlen, const ASN1_ITEM *item, + int do_sort, int iclass) + { int i; ASN1_VALUE *skitem; unsigned char *tmpdat = NULL, *p = NULL; DER_ENC *derlst = NULL, *tder; - if(do_sort) { + if (do_sort) + { /* Don't need to sort less than 2 items */ - if(sk_ASN1_VALUE_num(sk) < 2) do_sort = 0; - else { - derlst = OPENSSL_malloc(sk_ASN1_VALUE_num(sk) * sizeof(*derlst)); + if (sk_ASN1_VALUE_num(sk) < 2) + do_sort = 0; + else + { + derlst = OPENSSL_malloc(sk_ASN1_VALUE_num(sk) + * sizeof(*derlst)); tmpdat = OPENSSL_malloc(skcontlen); - if(!derlst || !tmpdat) return 0; + if (!derlst || !tmpdat) + return 0; + } } - } /* If not sorting just output each item */ - if(!do_sort) { - for(i = 0; i < sk_ASN1_VALUE_num(sk); i++) { + if (!do_sort) + { + for (i = 0; i < sk_ASN1_VALUE_num(sk); i++) + { skitem = sk_ASN1_VALUE_value(sk, i); - ASN1_item_i2d(skitem, out, item); - } + ASN1_item_ex_i2d(&skitem, out, item, -1, iclass); + } return 1; - } + } p = tmpdat; + /* Doing sort: build up a list of each member's DER encoding */ - for(i = 0, tder = derlst; i < sk_ASN1_VALUE_num(sk); i++, tder++) { + for (i = 0, tder = derlst; i < sk_ASN1_VALUE_num(sk); i++, tder++) + { skitem = sk_ASN1_VALUE_value(sk, i); tder->data = p; - tder->length = ASN1_item_i2d(skitem, &p, item); + tder->length = ASN1_item_ex_i2d(&skitem, &p, item, -1, iclass); tder->field = skitem; - } + } + /* Now sort them */ qsort(derlst, sk_ASN1_VALUE_num(sk), sizeof(*derlst), der_cmp); /* Output sorted DER encoding */ p = *out; - for(i = 0, tder = derlst; i < sk_ASN1_VALUE_num(sk); i++, tder++) { + for (i = 0, tder = derlst; i < sk_ASN1_VALUE_num(sk); i++, tder++) + { memcpy(p, tder->data, tder->length); p += tder->length; - } + } *out = p; /* If do_sort is 2 then reorder the STACK */ - if(do_sort == 2) { - for(i = 0, tder = derlst; i < sk_ASN1_VALUE_num(sk); i++, tder++) - sk_ASN1_VALUE_set(sk, i, tder->field); - } + if (do_sort == 2) + { + for (i = 0, tder = derlst; i < sk_ASN1_VALUE_num(sk); + i++, tder++) + (void)sk_ASN1_VALUE_set(sk, i, tder->field); + } OPENSSL_free(derlst); OPENSSL_free(tmpdat); return 1; -} + } -static int asn1_i2d_ex_primitive(ASN1_VALUE **pval, unsigned char **out, const ASN1_ITEM *it, int tag, int aclass) -{ +static int asn1_i2d_ex_primitive(ASN1_VALUE **pval, unsigned char **out, + const ASN1_ITEM *it, int tag, int aclass) + { int len; int utype; int usetag; + int ndef = 0; utype = it->utype; @@ -374,33 +523,48 @@ static int asn1_i2d_ex_primitive(ASN1_VALUE **pval, unsigned char **out, const A * because the call to asn1_ex_i2c() could change * utype. */ - if((utype == V_ASN1_SEQUENCE) || (utype == V_ASN1_SET) || + if ((utype == V_ASN1_SEQUENCE) || (utype == V_ASN1_SET) || (utype == V_ASN1_OTHER)) usetag = 0; else usetag = 1; /* -1 means omit type */ - if(len == -1) return 0; + if (len == -1) + return 0; + + /* -2 return is special meaning use ndef */ + if (len == -2) + { + ndef = 2; + len = 0; + } /* If not implicitly tagged get tag from underlying type */ - if(tag == -1) tag = utype; + if (tag == -1) tag = utype; /* Output tag+length followed by content octets */ - if(out) { - if(usetag) ASN1_put_object(out, 0, len, tag, aclass); + if (out) + { + if (usetag) + ASN1_put_object(out, ndef, len, tag, aclass); asn1_ex_i2c(pval, *out, &utype, it); - *out += len; - } + if (ndef) + ASN1_put_eoc(out); + else + *out += len; + } - if(usetag) return ASN1_object_size(0, len, tag); + if (usetag) + return ASN1_object_size(ndef, len, tag); return len; -} + } /* Produce content octets from a structure */ -int asn1_ex_i2c(ASN1_VALUE **pval, unsigned char *cout, int *putype, const ASN1_ITEM *it) -{ +int asn1_ex_i2c(ASN1_VALUE **pval, unsigned char *cout, int *putype, + const ASN1_ITEM *it) + { ASN1_BOOLEAN *tbool = NULL; ASN1_STRING *strtmp; ASN1_OBJECT *otmp; @@ -409,28 +573,36 @@ int asn1_ex_i2c(ASN1_VALUE **pval, unsigned char *cout, int *putype, const ASN1_ int len; const ASN1_PRIMITIVE_FUNCS *pf; pf = it->funcs; - if(pf && pf->prim_i2c) return pf->prim_i2c(pval, cout, putype, it); + if (pf && pf->prim_i2c) + return pf->prim_i2c(pval, cout, putype, it); /* Should type be omitted? */ - if((it->itype != ASN1_ITYPE_PRIMITIVE) || (it->utype != V_ASN1_BOOLEAN)) { - if(!*pval) return -1; - } + if ((it->itype != ASN1_ITYPE_PRIMITIVE) + || (it->utype != V_ASN1_BOOLEAN)) + { + if (!*pval) return -1; + } - if(it->itype == ASN1_ITYPE_MSTRING) { + if (it->itype == ASN1_ITYPE_MSTRING) + { /* If MSTRING type set the underlying type */ strtmp = (ASN1_STRING *)*pval; utype = strtmp->type; *putype = utype; - } else if(it->utype == V_ASN1_ANY) { + } + else if (it->utype == V_ASN1_ANY) + { /* If ANY set type and pointer to value */ ASN1_TYPE *typ; typ = (ASN1_TYPE *)*pval; utype = typ->type; *putype = utype; - pval = (ASN1_VALUE **)&typ->value.ptr; - } else utype = *putype; + pval = &typ->value.asn1_value; + } + else utype = *putype; - switch(utype) { + switch(utype) + { case V_ASN1_OBJECT: otmp = (ASN1_OBJECT *)*pval; cont = otmp->data; @@ -444,12 +616,15 @@ int asn1_ex_i2c(ASN1_VALUE **pval, unsigned char *cout, int *putype, const ASN1_ case V_ASN1_BOOLEAN: tbool = (ASN1_BOOLEAN *)pval; - if(*tbool == -1) return -1; + if (*tbool == -1) + return -1; if (it->utype != V_ASN1_ANY) { /* Default handling if value == size field then omit */ - if(*tbool && (it->size > 0)) return -1; - if(!*tbool && !it->size) return -1; + if (*tbool && (it->size > 0)) + return -1; + if (!*tbool && !it->size) + return -1; } c = (unsigned char)*tbool; cont = &c; @@ -457,7 +632,8 @@ int asn1_ex_i2c(ASN1_VALUE **pval, unsigned char *cout, int *putype, const ASN1_ break; case V_ASN1_BIT_STRING: - return i2c_ASN1_BIT_STRING((ASN1_BIT_STRING *)*pval, cout ? &cout : NULL); + return i2c_ASN1_BIT_STRING((ASN1_BIT_STRING *)*pval, + cout ? &cout : NULL); break; case V_ASN1_INTEGER: @@ -467,7 +643,8 @@ int asn1_ex_i2c(ASN1_VALUE **pval, unsigned char *cout, int *putype, const ASN1_ /* These are all have the same content format * as ASN1_INTEGER */ - return i2c_ASN1_INTEGER((ASN1_INTEGER *)*pval, cout ? &cout : NULL); + return i2c_ASN1_INTEGER((ASN1_INTEGER *)*pval, + cout ? &cout : NULL); break; case V_ASN1_OCTET_STRING: @@ -489,12 +666,25 @@ int asn1_ex_i2c(ASN1_VALUE **pval, unsigned char *cout, int *putype, const ASN1_ default: /* All based on ASN1_STRING and handled the same */ strtmp = (ASN1_STRING *)*pval; + /* Special handling for NDEF */ + if ((it->size == ASN1_TFLG_NDEF) + && (strtmp->flags & ASN1_STRING_FLAG_NDEF)) + { + if (cout) + { + strtmp->data = cout; + strtmp->length = 0; + } + /* Special return code */ + return -2; + } cont = strtmp->data; len = strtmp->length; break; - } - if(cout && len) memcpy(cout, cont, len); + } + if (cout && len) + memcpy(cout, cont, len); return len; -} + } diff --git a/src/lib/libssl/src/crypto/asn1/tasn_fre.c b/src/lib/libssl/src/crypto/asn1/tasn_fre.c index 2dd844159e..bb7c1e2af4 100644 --- a/src/lib/libssl/src/crypto/asn1/tasn_fre.c +++ b/src/lib/libssl/src/crypto/asn1/tasn_fre.c @@ -67,33 +67,40 @@ static void asn1_item_combine_free(ASN1_VALUE **pval, const ASN1_ITEM *it, int c /* Free up an ASN1 structure */ void ASN1_item_free(ASN1_VALUE *val, const ASN1_ITEM *it) -{ + { asn1_item_combine_free(&val, it, 0); -} + } void ASN1_item_ex_free(ASN1_VALUE **pval, const ASN1_ITEM *it) -{ + { asn1_item_combine_free(pval, it, 0); -} + } static void asn1_item_combine_free(ASN1_VALUE **pval, const ASN1_ITEM *it, int combine) -{ + { const ASN1_TEMPLATE *tt = NULL, *seqtt; const ASN1_EXTERN_FUNCS *ef; const ASN1_COMPAT_FUNCS *cf; const ASN1_AUX *aux = it->funcs; ASN1_aux_cb *asn1_cb; int i; - if(!pval) return; - if((it->itype != ASN1_ITYPE_PRIMITIVE) && !*pval) return; - if(aux && aux->asn1_cb) asn1_cb = aux->asn1_cb; - else asn1_cb = 0; + if (!pval) + return; + if ((it->itype != ASN1_ITYPE_PRIMITIVE) && !*pval) + return; + if (aux && aux->asn1_cb) + asn1_cb = aux->asn1_cb; + else + asn1_cb = 0; - switch(it->itype) { + switch(it->itype) + { case ASN1_ITYPE_PRIMITIVE: - if(it->templates) ASN1_template_free(pval, it->templates); - else ASN1_primitive_free(pval, it); + if (it->templates) + ASN1_template_free(pval, it->templates); + else + ASN1_primitive_free(pval, it); break; case ASN1_ITYPE_MSTRING: @@ -101,41 +108,51 @@ static void asn1_item_combine_free(ASN1_VALUE **pval, const ASN1_ITEM *it, int c break; case ASN1_ITYPE_CHOICE: - if(asn1_cb) { + if (asn1_cb) + { i = asn1_cb(ASN1_OP_FREE_PRE, pval, it); - if(i == 2) return; - } + if (i == 2) + return; + } i = asn1_get_choice_selector(pval, it); - if(asn1_cb) asn1_cb(ASN1_OP_FREE_PRE, pval, it); - if((i >= 0) && (i < it->tcount)) { + if ((i >= 0) && (i < it->tcount)) + { ASN1_VALUE **pchval; tt = it->templates + i; pchval = asn1_get_field_ptr(pval, tt); ASN1_template_free(pchval, tt); - } - if(asn1_cb) asn1_cb(ASN1_OP_FREE_POST, pval, it); - if(!combine) { + } + if (asn1_cb) + asn1_cb(ASN1_OP_FREE_POST, pval, it); + if (!combine) + { OPENSSL_free(*pval); *pval = NULL; - } + } break; case ASN1_ITYPE_COMPAT: cf = it->funcs; - if(cf && cf->asn1_free) cf->asn1_free(*pval); + if (cf && cf->asn1_free) + cf->asn1_free(*pval); break; case ASN1_ITYPE_EXTERN: ef = it->funcs; - if(ef && ef->asn1_ex_free) ef->asn1_ex_free(pval, it); + if (ef && ef->asn1_ex_free) + ef->asn1_ex_free(pval, it); break; + case ASN1_ITYPE_NDEF_SEQUENCE: case ASN1_ITYPE_SEQUENCE: - if(asn1_do_lock(pval, -1, it) > 0) return; - if(asn1_cb) { + if (asn1_do_lock(pval, -1, it) > 0) + return; + if (asn1_cb) + { i = asn1_cb(ASN1_OP_FREE_PRE, pval, it); - if(i == 2) return; - } + if (i == 2) + return; + } asn1_enc_free(pval, it); /* If we free up as normal we will invalidate any * ANY DEFINED BY field and we wont be able to @@ -143,64 +160,84 @@ static void asn1_item_combine_free(ASN1_VALUE **pval, const ASN1_ITEM *it, int c * free up in reverse order. */ tt = it->templates + it->tcount - 1; - for(i = 0; i < it->tcount; tt--, i++) { + for (i = 0; i < it->tcount; tt--, i++) + { ASN1_VALUE **pseqval; seqtt = asn1_do_adb(pval, tt, 0); - if(!seqtt) continue; + if (!seqtt) + continue; pseqval = asn1_get_field_ptr(pval, seqtt); ASN1_template_free(pseqval, seqtt); - } - if(asn1_cb) asn1_cb(ASN1_OP_FREE_POST, pval, it); - if(!combine) { + } + if (asn1_cb) + asn1_cb(ASN1_OP_FREE_POST, pval, it); + if (!combine) + { OPENSSL_free(*pval); *pval = NULL; - } + } break; + } } -} void ASN1_template_free(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt) -{ + { int i; - if(tt->flags & ASN1_TFLG_SK_MASK) { + if (tt->flags & ASN1_TFLG_SK_MASK) + { STACK_OF(ASN1_VALUE) *sk = (STACK_OF(ASN1_VALUE) *)*pval; - for(i = 0; i < sk_ASN1_VALUE_num(sk); i++) { + for (i = 0; i < sk_ASN1_VALUE_num(sk); i++) + { ASN1_VALUE *vtmp; vtmp = sk_ASN1_VALUE_value(sk, i); - asn1_item_combine_free(&vtmp, ASN1_ITEM_ptr(tt->item), 0); - } + asn1_item_combine_free(&vtmp, ASN1_ITEM_ptr(tt->item), + 0); + } sk_ASN1_VALUE_free(sk); *pval = NULL; - } else asn1_item_combine_free(pval, ASN1_ITEM_ptr(tt->item), + } + else + asn1_item_combine_free(pval, ASN1_ITEM_ptr(tt->item), tt->flags & ASN1_TFLG_COMBINE); -} + } void ASN1_primitive_free(ASN1_VALUE **pval, const ASN1_ITEM *it) -{ + { int utype; - if(it) { + if (it) + { const ASN1_PRIMITIVE_FUNCS *pf; pf = it->funcs; - if(pf && pf->prim_free) { + if (pf && pf->prim_free) + { pf->prim_free(pval, it); return; + } } - } /* Special case: if 'it' is NULL free contents of ASN1_TYPE */ - if(!it) { + if (!it) + { ASN1_TYPE *typ = (ASN1_TYPE *)*pval; utype = typ->type; - pval = (ASN1_VALUE **)&typ->value.ptr; - if(!*pval) return; - } else if(it->itype == ASN1_ITYPE_MSTRING) { + pval = &typ->value.asn1_value; + if (!*pval) + return; + } + else if (it->itype == ASN1_ITYPE_MSTRING) + { utype = -1; - if(!*pval) return; - } else { + if (!*pval) + return; + } + else + { utype = it->utype; - if((utype != V_ASN1_BOOLEAN) && !*pval) return; - } + if ((utype != V_ASN1_BOOLEAN) && !*pval) + return; + } - switch(utype) { + switch(utype) + { case V_ASN1_OBJECT: ASN1_OBJECT_free((ASN1_OBJECT *)*pval); break; @@ -224,6 +261,6 @@ void ASN1_primitive_free(ASN1_VALUE **pval, const ASN1_ITEM *it) ASN1_STRING_free((ASN1_STRING *)*pval); *pval = NULL; break; - } + } *pval = NULL; -} + } diff --git a/src/lib/libssl/src/crypto/asn1/tasn_new.c b/src/lib/libssl/src/crypto/asn1/tasn_new.c index a0e3db574f..531dad365c 100644 --- a/src/lib/libssl/src/crypto/asn1/tasn_new.c +++ b/src/lib/libssl/src/crypto/asn1/tasn_new.c @@ -3,7 +3,7 @@ * project 2000. */ /* ==================================================================== - * Copyright (c) 2000 The OpenSSL Project. All rights reserved. + * Copyright (c) 2000-2004 The OpenSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -64,27 +64,30 @@ #include #include -static int asn1_item_ex_combine_new(ASN1_VALUE **pval, const ASN1_ITEM *it, int combine); +static int asn1_item_ex_combine_new(ASN1_VALUE **pval, const ASN1_ITEM *it, + int combine); static void asn1_item_clear(ASN1_VALUE **pval, const ASN1_ITEM *it); static void asn1_template_clear(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt); void asn1_primitive_clear(ASN1_VALUE **pval, const ASN1_ITEM *it); ASN1_VALUE *ASN1_item_new(const ASN1_ITEM *it) -{ + { ASN1_VALUE *ret = NULL; - if(ASN1_item_ex_new(&ret, it) > 0) return ret; + if (ASN1_item_ex_new(&ret, it) > 0) + return ret; return NULL; -} + } /* Allocate an ASN1 structure */ int ASN1_item_ex_new(ASN1_VALUE **pval, const ASN1_ITEM *it) -{ + { return asn1_item_ex_combine_new(pval, it, 0); -} + } -static int asn1_item_ex_combine_new(ASN1_VALUE **pval, const ASN1_ITEM *it, int combine) -{ +static int asn1_item_ex_combine_new(ASN1_VALUE **pval, const ASN1_ITEM *it, + int combine) + { const ASN1_TEMPLATE *tt = NULL; const ASN1_COMPAT_FUNCS *cf; const ASN1_EXTERN_FUNCS *ef; @@ -92,133 +95,155 @@ static int asn1_item_ex_combine_new(ASN1_VALUE **pval, const ASN1_ITEM *it, int ASN1_aux_cb *asn1_cb; ASN1_VALUE **pseqval; int i; - if(aux && aux->asn1_cb) asn1_cb = aux->asn1_cb; - else asn1_cb = 0; + if (aux && aux->asn1_cb) + asn1_cb = aux->asn1_cb; + else + asn1_cb = 0; - if(!combine) *pval = NULL; + if (!combine) *pval = NULL; #ifdef CRYPTO_MDEBUG - if(it->sname) CRYPTO_push_info(it->sname); + if (it->sname) + CRYPTO_push_info(it->sname); #endif - switch(it->itype) { + switch(it->itype) + { case ASN1_ITYPE_EXTERN: ef = it->funcs; - if(ef && ef->asn1_ex_new) { - if(!ef->asn1_ex_new(pval, it)) + if (ef && ef->asn1_ex_new) + { + if (!ef->asn1_ex_new(pval, it)) goto memerr; - } + } break; case ASN1_ITYPE_COMPAT: cf = it->funcs; - if(cf && cf->asn1_new) { + if (cf && cf->asn1_new) { *pval = cf->asn1_new(); - if(!*pval) goto memerr; + if (!*pval) + goto memerr; } break; case ASN1_ITYPE_PRIMITIVE: - if(it->templates) { - if(!ASN1_template_new(pval, it->templates)) + if (it->templates) + { + if (!ASN1_template_new(pval, it->templates)) goto memerr; - } else { - if(!ASN1_primitive_new(pval, it)) + } + else if (!ASN1_primitive_new(pval, it)) goto memerr; - } break; case ASN1_ITYPE_MSTRING: - if(!ASN1_primitive_new(pval, it)) + if (!ASN1_primitive_new(pval, it)) goto memerr; break; case ASN1_ITYPE_CHOICE: - if(asn1_cb) { + if (asn1_cb) + { i = asn1_cb(ASN1_OP_NEW_PRE, pval, it); - if(!i) goto auxerr; - if(i==2) { + if (!i) + goto auxerr; + if (i==2) + { #ifdef CRYPTO_MDEBUG - if(it->sname) CRYPTO_pop_info(); + if (it->sname) + CRYPTO_pop_info(); #endif return 1; + } } - } - if(!combine) { + if (!combine) + { *pval = OPENSSL_malloc(it->size); - if(!*pval) goto memerr; + if (!*pval) + goto memerr; memset(*pval, 0, it->size); - } + } asn1_set_choice_selector(pval, -1, it); - if(asn1_cb && !asn1_cb(ASN1_OP_NEW_POST, pval, it)) + if (asn1_cb && !asn1_cb(ASN1_OP_NEW_POST, pval, it)) goto auxerr; break; + case ASN1_ITYPE_NDEF_SEQUENCE: case ASN1_ITYPE_SEQUENCE: - if(asn1_cb) { + if (asn1_cb) + { i = asn1_cb(ASN1_OP_NEW_PRE, pval, it); - if(!i) goto auxerr; - if(i==2) { + if (!i) + goto auxerr; + if (i==2) + { #ifdef CRYPTO_MDEBUG - if(it->sname) CRYPTO_pop_info(); + if (it->sname) + CRYPTO_pop_info(); #endif return 1; + } } - } - if(!combine) { + if (!combine) + { *pval = OPENSSL_malloc(it->size); - if(!*pval) goto memerr; + if (!*pval) + goto memerr; memset(*pval, 0, it->size); asn1_do_lock(pval, 0, it); asn1_enc_init(pval, it); - } - for(i = 0, tt = it->templates; i < it->tcount; tt++, i++) { + } + for (i = 0, tt = it->templates; i < it->tcount; tt++, i++) + { pseqval = asn1_get_field_ptr(pval, tt); - if(!ASN1_template_new(pseqval, tt)) goto memerr; - } - if(asn1_cb && !asn1_cb(ASN1_OP_NEW_POST, pval, it)) + if (!ASN1_template_new(pseqval, tt)) + goto memerr; + } + if (asn1_cb && !asn1_cb(ASN1_OP_NEW_POST, pval, it)) goto auxerr; break; } #ifdef CRYPTO_MDEBUG - if(it->sname) CRYPTO_pop_info(); + if (it->sname) CRYPTO_pop_info(); #endif return 1; memerr: - ASN1err(ASN1_F_ASN1_ITEM_NEW, ERR_R_MALLOC_FAILURE); + ASN1err(ASN1_F_ASN1_ITEM_EX_COMBINE_NEW, ERR_R_MALLOC_FAILURE); #ifdef CRYPTO_MDEBUG - if(it->sname) CRYPTO_pop_info(); + if (it->sname) CRYPTO_pop_info(); #endif return 0; auxerr: - ASN1err(ASN1_F_ASN1_ITEM_NEW, ASN1_R_AUX_ERROR); + ASN1err(ASN1_F_ASN1_ITEM_EX_COMBINE_NEW, ASN1_R_AUX_ERROR); ASN1_item_ex_free(pval, it); #ifdef CRYPTO_MDEBUG - if(it->sname) CRYPTO_pop_info(); + if (it->sname) CRYPTO_pop_info(); #endif return 0; -} + } static void asn1_item_clear(ASN1_VALUE **pval, const ASN1_ITEM *it) -{ + { const ASN1_EXTERN_FUNCS *ef; - switch(it->itype) { + switch(it->itype) + { case ASN1_ITYPE_EXTERN: ef = it->funcs; - if(ef && ef->asn1_ex_clear) + if (ef && ef->asn1_ex_clear) ef->asn1_ex_clear(pval, it); else *pval = NULL; break; case ASN1_ITYPE_PRIMITIVE: - if(it->templates) + if (it->templates) asn1_template_clear(pval, it->templates); else asn1_primitive_clear(pval, it); @@ -231,75 +256,90 @@ static void asn1_item_clear(ASN1_VALUE **pval, const ASN1_ITEM *it) case ASN1_ITYPE_COMPAT: case ASN1_ITYPE_CHOICE: case ASN1_ITYPE_SEQUENCE: + case ASN1_ITYPE_NDEF_SEQUENCE: *pval = NULL; break; + } } -} int ASN1_template_new(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt) -{ + { const ASN1_ITEM *it = ASN1_ITEM_ptr(tt->item); int ret; - if(tt->flags & ASN1_TFLG_OPTIONAL) { + if (tt->flags & ASN1_TFLG_OPTIONAL) + { asn1_template_clear(pval, tt); return 1; - } + } /* If ANY DEFINED BY nothing to do */ - if(tt->flags & ASN1_TFLG_ADB_MASK) { + if (tt->flags & ASN1_TFLG_ADB_MASK) + { *pval = NULL; return 1; - } + } #ifdef CRYPTO_MDEBUG - if(tt->field_name) CRYPTO_push_info(tt->field_name); + if (tt->field_name) + CRYPTO_push_info(tt->field_name); #endif /* If SET OF or SEQUENCE OF, its a STACK */ - if(tt->flags & ASN1_TFLG_SK_MASK) { + if (tt->flags & ASN1_TFLG_SK_MASK) + { STACK_OF(ASN1_VALUE) *skval; skval = sk_ASN1_VALUE_new_null(); - if(!skval) { + if (!skval) + { ASN1err(ASN1_F_ASN1_TEMPLATE_NEW, ERR_R_MALLOC_FAILURE); ret = 0; goto done; - } + } *pval = (ASN1_VALUE *)skval; ret = 1; goto done; - } + } /* Otherwise pass it back to the item routine */ ret = asn1_item_ex_combine_new(pval, it, tt->flags & ASN1_TFLG_COMBINE); done: #ifdef CRYPTO_MDEBUG - if(it->sname) CRYPTO_pop_info(); + if (it->sname) + CRYPTO_pop_info(); #endif return ret; -} + } static void asn1_template_clear(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt) -{ + { /* If ADB or STACK just NULL the field */ - if(tt->flags & (ASN1_TFLG_ADB_MASK|ASN1_TFLG_SK_MASK)) + if (tt->flags & (ASN1_TFLG_ADB_MASK|ASN1_TFLG_SK_MASK)) *pval = NULL; else asn1_item_clear(pval, ASN1_ITEM_ptr(tt->item)); -} + } -/* NB: could probably combine most of the real XXX_new() behaviour and junk all the old - * functions. +/* NB: could probably combine most of the real XXX_new() behaviour and junk + * all the old functions. */ int ASN1_primitive_new(ASN1_VALUE **pval, const ASN1_ITEM *it) -{ + { ASN1_TYPE *typ; int utype; - const ASN1_PRIMITIVE_FUNCS *pf; - pf = it->funcs; - if(pf && pf->prim_new) return pf->prim_new(pval, it); - if(!it || (it->itype == ASN1_ITYPE_MSTRING)) utype = -1; - else utype = it->utype; - switch(utype) { + + if (it && it->funcs) + { + const ASN1_PRIMITIVE_FUNCS *pf = it->funcs; + if (pf->prim_new) + return pf->prim_new(pval, it); + } + + if (!it || (it->itype == ASN1_ITYPE_MSTRING)) + utype = -1; + else + utype = it->utype; + switch(utype) + { case V_ASN1_OBJECT: *pval = (ASN1_VALUE *)OBJ_nid2obj(NID_undef); return 1; @@ -317,7 +357,8 @@ int ASN1_primitive_new(ASN1_VALUE **pval, const ASN1_ITEM *it) case V_ASN1_ANY: typ = OPENSSL_malloc(sizeof(ASN1_TYPE)); - if(!typ) return 0; + if (!typ) + return 0; typ->value.ptr = NULL; typ->type = -1; *pval = (ASN1_VALUE *)typ; @@ -326,26 +367,29 @@ int ASN1_primitive_new(ASN1_VALUE **pval, const ASN1_ITEM *it) default: *pval = (ASN1_VALUE *)ASN1_STRING_type_new(utype); break; - } - if(*pval) return 1; + } + if (*pval) + return 1; return 0; -} + } void asn1_primitive_clear(ASN1_VALUE **pval, const ASN1_ITEM *it) -{ + { int utype; - const ASN1_PRIMITIVE_FUNCS *pf; - pf = it->funcs; - if(pf) { - if(pf->prim_clear) + if (it && it->funcs) + { + const ASN1_PRIMITIVE_FUNCS *pf = it->funcs; + if (pf->prim_clear) pf->prim_clear(pval, it); else *pval = NULL; return; - } - if(!it || (it->itype == ASN1_ITYPE_MSTRING)) utype = -1; - else utype = it->utype; - if(utype == V_ASN1_BOOLEAN) + } + if (!it || (it->itype == ASN1_ITYPE_MSTRING)) + utype = -1; + else + utype = it->utype; + if (utype == V_ASN1_BOOLEAN) *(ASN1_BOOLEAN *)pval = it->size; else *pval = NULL; -} + } diff --git a/src/lib/libssl/src/crypto/asn1/tasn_typ.c b/src/lib/libssl/src/crypto/asn1/tasn_typ.c index 804d2eeba2..6f17f1bec7 100644 --- a/src/lib/libssl/src/crypto/asn1/tasn_typ.c +++ b/src/lib/libssl/src/crypto/asn1/tasn_typ.c @@ -131,3 +131,7 @@ IMPLEMENT_ASN1_FUNCTIONS_name(ASN1_STRING, DIRECTORYSTRING) IMPLEMENT_ASN1_TYPE_ex(ASN1_BOOLEAN, ASN1_BOOLEAN, -1) IMPLEMENT_ASN1_TYPE_ex(ASN1_TBOOLEAN, ASN1_BOOLEAN, 1) IMPLEMENT_ASN1_TYPE_ex(ASN1_FBOOLEAN, ASN1_BOOLEAN, 0) + +/* Special, OCTET STRING with indefinite length constructed support */ + +IMPLEMENT_ASN1_TYPE_ex(ASN1_OCTET_STRING_NDEF, ASN1_OCTET_STRING, ASN1_TFLG_NDEF) diff --git a/src/lib/libssl/src/crypto/asn1/tasn_utl.c b/src/lib/libssl/src/crypto/asn1/tasn_utl.c index 8996ce8c13..34d520b180 100644 --- a/src/lib/libssl/src/crypto/asn1/tasn_utl.c +++ b/src/lib/libssl/src/crypto/asn1/tasn_utl.c @@ -3,7 +3,7 @@ * project 2000. */ /* ==================================================================== - * Copyright (c) 2000 The OpenSSL Project. All rights reserved. + * Copyright (c) 2000-2004 The OpenSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -74,23 +74,23 @@ */ int asn1_get_choice_selector(ASN1_VALUE **pval, const ASN1_ITEM *it) -{ + { int *sel = offset2ptr(*pval, it->utype); return *sel; -} + } /* Given an ASN1_ITEM CHOICE type set * the selector value, return old value. */ int asn1_set_choice_selector(ASN1_VALUE **pval, int value, const ASN1_ITEM *it) -{ + { int *sel, ret; sel = offset2ptr(*pval, it->utype); ret = *sel; *sel = value; return ret; -} + } /* Do reference counting. The value 'op' decides what to do. * if it is +1 then the count is incremented. If op is 0 count is @@ -99,114 +99,134 @@ int asn1_set_choice_selector(ASN1_VALUE **pval, int value, const ASN1_ITEM *it) */ int asn1_do_lock(ASN1_VALUE **pval, int op, const ASN1_ITEM *it) -{ + { const ASN1_AUX *aux; int *lck, ret; - if(it->itype != ASN1_ITYPE_SEQUENCE) return 0; + if ((it->itype != ASN1_ITYPE_SEQUENCE) + && (it->itype != ASN1_ITYPE_NDEF_SEQUENCE)) + return 0; aux = it->funcs; - if(!aux || !(aux->flags & ASN1_AFLG_REFCOUNT)) return 0; + if (!aux || !(aux->flags & ASN1_AFLG_REFCOUNT)) + return 0; lck = offset2ptr(*pval, aux->ref_offset); - if(op == 0) { + if (op == 0) + { *lck = 1; return 1; - } + } ret = CRYPTO_add(lck, op, aux->ref_lock); #ifdef REF_PRINT fprintf(stderr, "%s: Reference Count: %d\n", it->sname, *lck); #endif #ifdef REF_CHECK - if(ret < 0) + if (ret < 0) fprintf(stderr, "%s, bad reference count\n", it->sname); #endif return ret; -} + } static ASN1_ENCODING *asn1_get_enc_ptr(ASN1_VALUE **pval, const ASN1_ITEM *it) -{ + { const ASN1_AUX *aux; - if(!pval || !*pval) return NULL; + if (!pval || !*pval) + return NULL; aux = it->funcs; - if(!aux || !(aux->flags & ASN1_AFLG_ENCODING)) return NULL; + if (!aux || !(aux->flags & ASN1_AFLG_ENCODING)) + return NULL; return offset2ptr(*pval, aux->enc_offset); -} + } void asn1_enc_init(ASN1_VALUE **pval, const ASN1_ITEM *it) -{ + { ASN1_ENCODING *enc; enc = asn1_get_enc_ptr(pval, it); - if(enc) { + if (enc) + { enc->enc = NULL; enc->len = 0; enc->modified = 1; + } } -} void asn1_enc_free(ASN1_VALUE **pval, const ASN1_ITEM *it) -{ + { ASN1_ENCODING *enc; enc = asn1_get_enc_ptr(pval, it); - if(enc) { - if(enc->enc) OPENSSL_free(enc->enc); + if (enc) + { + if (enc->enc) + OPENSSL_free(enc->enc); enc->enc = NULL; enc->len = 0; enc->modified = 1; + } } -} -int asn1_enc_save(ASN1_VALUE **pval, unsigned char *in, int inlen, const ASN1_ITEM *it) -{ +int asn1_enc_save(ASN1_VALUE **pval, const unsigned char *in, int inlen, + const ASN1_ITEM *it) + { ASN1_ENCODING *enc; enc = asn1_get_enc_ptr(pval, it); - if(!enc) return 1; + if (!enc) + return 1; - if(enc->enc) OPENSSL_free(enc->enc); + if (enc->enc) + OPENSSL_free(enc->enc); enc->enc = OPENSSL_malloc(inlen); - if(!enc->enc) return 0; + if (!enc->enc) + return 0; memcpy(enc->enc, in, inlen); enc->len = inlen; enc->modified = 0; return 1; -} + } -int asn1_enc_restore(int *len, unsigned char **out, ASN1_VALUE **pval, const ASN1_ITEM *it) -{ +int asn1_enc_restore(int *len, unsigned char **out, ASN1_VALUE **pval, + const ASN1_ITEM *it) + { ASN1_ENCODING *enc; enc = asn1_get_enc_ptr(pval, it); - if(!enc || enc->modified) return 0; - if(out) { + if (!enc || enc->modified) + return 0; + if (out) + { memcpy(*out, enc->enc, enc->len); *out += enc->len; - } - if(len) *len = enc->len; + } + if (len) + *len = enc->len; return 1; -} + } /* Given an ASN1_TEMPLATE get a pointer to a field */ ASN1_VALUE ** asn1_get_field_ptr(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt) -{ + { ASN1_VALUE **pvaltmp; - if(tt->flags & ASN1_TFLG_COMBINE) return pval; + if (tt->flags & ASN1_TFLG_COMBINE) + return pval; pvaltmp = offset2ptr(*pval, tt->offset); /* NOTE for BOOLEAN types the field is just a plain * int so we can't return int **, so settle for * (int *). */ return pvaltmp; -} + } /* Handle ANY DEFINED BY template, find the selector, look up * the relevant ASN1_TEMPLATE in the table and return it. */ -const ASN1_TEMPLATE *asn1_do_adb(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt, int nullerr) -{ +const ASN1_TEMPLATE *asn1_do_adb(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt, + int nullerr) + { const ASN1_ADB *adb; const ASN1_ADB_TABLE *atbl; long selector; ASN1_VALUE **sfld; int i; - if(!(tt->flags & ASN1_TFLG_ADB_MASK)) return tt; + if (!(tt->flags & ASN1_TFLG_ADB_MASK)) + return tt; /* Else ANY DEFINED BY ... get the table */ adb = ASN1_ADB_ptr(tt->item); @@ -215,16 +235,18 @@ const ASN1_TEMPLATE *asn1_do_adb(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt, int sfld = offset2ptr(*pval, adb->offset); /* Check if NULL */ - if(!sfld) { - if(!adb->null_tt) goto err; + if (!sfld) + { + if (!adb->null_tt) + goto err; return adb->null_tt; - } + } /* Convert type to a long: * NB: don't check for NID_undef here because it * might be a legitimate value in the table */ - if(tt->flags & ASN1_TFLG_ADB_OID) + if (tt->flags & ASN1_TFLG_ADB_OID) selector = OBJ_obj2nid((ASN1_OBJECT *)*sfld); else selector = ASN1_INTEGER_get((ASN1_INTEGER *)*sfld); @@ -237,17 +259,21 @@ const ASN1_TEMPLATE *asn1_do_adb(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt, int * linear search. */ - for(atbl = adb->tbl, i = 0; i < adb->tblcount; i++, atbl++) - if(atbl->value == selector) return &atbl->tt; + for (atbl = adb->tbl, i = 0; i < adb->tblcount; i++, atbl++) + if (atbl->value == selector) + return &atbl->tt; /* FIXME: need to search application table too */ /* No match, return default type */ - if(!adb->default_tt) goto err; + if (!adb->default_tt) + goto err; return adb->default_tt; err: /* FIXME: should log the value or OID of unsupported type */ - if(nullerr) ASN1err(ASN1_F_ASN1_DO_ADB, ASN1_R_UNSUPPORTED_ANY_DEFINED_BY_TYPE); + if (nullerr) + ASN1err(ASN1_F_ASN1_DO_ADB, + ASN1_R_UNSUPPORTED_ANY_DEFINED_BY_TYPE); return NULL; -} + } diff --git a/src/lib/libssl/src/crypto/asn1/x_algor.c b/src/lib/libssl/src/crypto/asn1/x_algor.c index 00b9ea54a1..33533aba86 100644 --- a/src/lib/libssl/src/crypto/asn1/x_algor.c +++ b/src/lib/libssl/src/crypto/asn1/x_algor.c @@ -66,8 +66,65 @@ ASN1_SEQUENCE(X509_ALGOR) = { ASN1_OPT(X509_ALGOR, parameter, ASN1_ANY) } ASN1_SEQUENCE_END(X509_ALGOR) +ASN1_ITEM_TEMPLATE(X509_ALGORS) = + ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SEQUENCE_OF, 0, algorithms, X509_ALGOR) +ASN1_ITEM_TEMPLATE_END(X509_ALGORS) + IMPLEMENT_ASN1_FUNCTIONS(X509_ALGOR) +IMPLEMENT_ASN1_ENCODE_FUNCTIONS_fname(X509_ALGORS, X509_ALGORS, X509_ALGORS) IMPLEMENT_ASN1_DUP_FUNCTION(X509_ALGOR) IMPLEMENT_STACK_OF(X509_ALGOR) IMPLEMENT_ASN1_SET_OF(X509_ALGOR) + +int X509_ALGOR_set0(X509_ALGOR *alg, ASN1_OBJECT *aobj, int ptype, void *pval) + { + if (!alg) + return 0; + if (ptype != V_ASN1_UNDEF) + { + if (alg->parameter == NULL) + alg->parameter = ASN1_TYPE_new(); + if (alg->parameter == NULL) + return 0; + } + if (alg) + { + if (alg->algorithm) + ASN1_OBJECT_free(alg->algorithm); + alg->algorithm = aobj; + } + if (ptype == 0) + return 1; + if (ptype == V_ASN1_UNDEF) + { + if (alg->parameter) + { + ASN1_TYPE_free(alg->parameter); + alg->parameter = NULL; + } + } + else + ASN1_TYPE_set(alg->parameter, ptype, pval); + return 1; + } + +void X509_ALGOR_get0(ASN1_OBJECT **paobj, int *pptype, void **ppval, + X509_ALGOR *algor) + { + if (paobj) + *paobj = algor->algorithm; + if (pptype) + { + if (algor->parameter == NULL) + { + *pptype = V_ASN1_UNDEF; + return; + } + else + *pptype = algor->parameter->type; + if (ppval) + *ppval = algor->parameter->value.ptr; + } + } + diff --git a/src/lib/libssl/src/crypto/asn1/x_bignum.c b/src/lib/libssl/src/crypto/asn1/x_bignum.c index 848c7a0877..869c05d931 100644 --- a/src/lib/libssl/src/crypto/asn1/x_bignum.c +++ b/src/lib/libssl/src/crypto/asn1/x_bignum.c @@ -59,6 +59,7 @@ #include #include "cryptlib.h" #include +#include /* Custom primitive type for BIGNUM handling. This reads in an ASN1_INTEGER as a * BIGNUM directly. Currently it ignores the sign which isn't a problem since all @@ -72,7 +73,7 @@ static int bn_new(ASN1_VALUE **pval, const ASN1_ITEM *it); static void bn_free(ASN1_VALUE **pval, const ASN1_ITEM *it); static int bn_i2c(ASN1_VALUE **pval, unsigned char *cont, int *putype, const ASN1_ITEM *it); -static int bn_c2i(ASN1_VALUE **pval, unsigned char *cont, int len, int utype, char *free_cont, const ASN1_ITEM *it); +static int bn_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len, int utype, char *free_cont, const ASN1_ITEM *it); static ASN1_PRIMITIVE_FUNCS bignum_pf = { NULL, 0, @@ -122,7 +123,8 @@ static int bn_i2c(ASN1_VALUE **pval, unsigned char *cont, int *putype, const ASN return pad + BN_num_bytes(bn); } -static int bn_c2i(ASN1_VALUE **pval, unsigned char *cont, int len, int utype, char *free_cont, const ASN1_ITEM *it) +static int bn_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len, + int utype, char *free_cont, const ASN1_ITEM *it) { BIGNUM *bn; if(!*pval) bn_new(pval, it); diff --git a/src/lib/libssl/src/crypto/asn1/x_crl.c b/src/lib/libssl/src/crypto/asn1/x_crl.c index b99f8fc522..70d56a67f2 100644 --- a/src/lib/libssl/src/crypto/asn1/x_crl.c +++ b/src/lib/libssl/src/crypto/asn1/x_crl.c @@ -84,7 +84,7 @@ static int crl_inf_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it) * would affect the output of X509_CRL_print(). */ case ASN1_OP_D2I_POST: - sk_X509_REVOKED_set_cmp_func(a->revoked,X509_REVOKED_cmp); + (void)sk_X509_REVOKED_set_cmp_func(a->revoked,X509_REVOKED_cmp); break; } return 1; diff --git a/src/lib/libssl/src/crypto/asn1/x_exten.c b/src/lib/libssl/src/crypto/asn1/x_exten.c index 702421b6c8..1732e66712 100644 --- a/src/lib/libssl/src/crypto/asn1/x_exten.c +++ b/src/lib/libssl/src/crypto/asn1/x_exten.c @@ -67,5 +67,10 @@ ASN1_SEQUENCE(X509_EXTENSION) = { ASN1_SIMPLE(X509_EXTENSION, value, ASN1_OCTET_STRING) } ASN1_SEQUENCE_END(X509_EXTENSION) +ASN1_ITEM_TEMPLATE(X509_EXTENSIONS) = + ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SEQUENCE_OF, 0, Extension, X509_EXTENSION) +ASN1_ITEM_TEMPLATE_END(X509_EXTENSIONS) + IMPLEMENT_ASN1_FUNCTIONS(X509_EXTENSION) +IMPLEMENT_ASN1_ENCODE_FUNCTIONS_fname(X509_EXTENSIONS, X509_EXTENSIONS, X509_EXTENSIONS) IMPLEMENT_ASN1_DUP_FUNCTION(X509_EXTENSION) diff --git a/src/lib/libssl/src/crypto/asn1/x_long.c b/src/lib/libssl/src/crypto/asn1/x_long.c index c5f25956cb..0db233cb95 100644 --- a/src/lib/libssl/src/crypto/asn1/x_long.c +++ b/src/lib/libssl/src/crypto/asn1/x_long.c @@ -59,6 +59,7 @@ #include #include "cryptlib.h" #include +#include /* Custom primitive type for long handling. This converts between an ASN1_INTEGER * and a long directly. @@ -69,7 +70,7 @@ static int long_new(ASN1_VALUE **pval, const ASN1_ITEM *it); static void long_free(ASN1_VALUE **pval, const ASN1_ITEM *it); static int long_i2c(ASN1_VALUE **pval, unsigned char *cont, int *putype, const ASN1_ITEM *it); -static int long_c2i(ASN1_VALUE **pval, unsigned char *cont, int len, int utype, char *free_cont, const ASN1_ITEM *it); +static int long_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len, int utype, char *free_cont, const ASN1_ITEM *it); static ASN1_PRIMITIVE_FUNCS long_pf = { NULL, 0, @@ -136,13 +137,14 @@ static int long_i2c(ASN1_VALUE **pval, unsigned char *cont, int *putype, const A return clen + pad; } -static int long_c2i(ASN1_VALUE **pval, unsigned char *cont, int len, int utype, char *free_cont, const ASN1_ITEM *it) +static int long_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len, + int utype, char *free_cont, const ASN1_ITEM *it) { int neg, i; long ltmp; unsigned long utmp = 0; char *cp = (char *)pval; - if(len > sizeof(long)) { + if(len > (int)sizeof(long)) { ASN1err(ASN1_F_LONG_C2I, ASN1_R_INTEGER_TOO_LARGE_FOR_LONG); return 0; } diff --git a/src/lib/libssl/src/crypto/asn1/x_name.c b/src/lib/libssl/src/crypto/asn1/x_name.c index 31f3377b64..04380abc3f 100644 --- a/src/lib/libssl/src/crypto/asn1/x_name.c +++ b/src/lib/libssl/src/crypto/asn1/x_name.c @@ -61,7 +61,7 @@ #include #include -static int x509_name_ex_d2i(ASN1_VALUE **val, unsigned char **in, long len, const ASN1_ITEM *it, +static int x509_name_ex_d2i(ASN1_VALUE **val, const unsigned char **in, long len, const ASN1_ITEM *it, int tag, int aclass, char opt, ASN1_TLC *ctx); static int x509_name_ex_i2d(ASN1_VALUE **val, unsigned char **out, const ASN1_ITEM *it, int tag, int aclass); @@ -123,7 +123,7 @@ static int x509_name_ex_new(ASN1_VALUE **val, const ASN1_ITEM *it) return 1; memerr: - ASN1err(ASN1_F_X509_NAME_NEW, ERR_R_MALLOC_FAILURE); + ASN1err(ASN1_F_X509_NAME_EX_NEW, ERR_R_MALLOC_FAILURE); if (ret) { if (ret->entries) @@ -156,48 +156,48 @@ static void sk_internal_free(void *a) sk_free(a); } -static int x509_name_ex_d2i(ASN1_VALUE **val, unsigned char **in, long len, const ASN1_ITEM *it, +static int x509_name_ex_d2i(ASN1_VALUE **val, const unsigned char **in, long len, const ASN1_ITEM *it, int tag, int aclass, char opt, ASN1_TLC *ctx) { - unsigned char *p = *in, *q; - STACK *intname = NULL, **intname_pp = &intname; + const unsigned char *p = *in, *q; + union { STACK *s; ASN1_VALUE *a; } intname = {NULL}; + union { X509_NAME *x; ASN1_VALUE *a; } nm = {NULL}; int i, j, ret; - X509_NAME *nm = NULL, **nm_pp = &nm; STACK_OF(X509_NAME_ENTRY) *entries; X509_NAME_ENTRY *entry; q = p; /* Get internal representation of Name */ - ret = ASN1_item_ex_d2i((ASN1_VALUE **)intname_pp, + ret = ASN1_item_ex_d2i(&intname.a, &p, len, ASN1_ITEM_rptr(X509_NAME_INTERNAL), tag, aclass, opt, ctx); if(ret <= 0) return ret; if(*val) x509_name_ex_free(val, NULL); - if(!x509_name_ex_new((ASN1_VALUE **)nm_pp, NULL)) goto err; + if(!x509_name_ex_new(&nm.a, NULL)) goto err; /* We've decoded it: now cache encoding */ - if(!BUF_MEM_grow(nm->bytes, p - q)) goto err; - memcpy(nm->bytes->data, q, p - q); + if(!BUF_MEM_grow(nm.x->bytes, p - q)) goto err; + memcpy(nm.x->bytes->data, q, p - q); /* Convert internal representation to X509_NAME structure */ - for(i = 0; i < sk_num(intname); i++) { - entries = (STACK_OF(X509_NAME_ENTRY) *)sk_value(intname, i); + for(i = 0; i < sk_num(intname.s); i++) { + entries = (STACK_OF(X509_NAME_ENTRY) *)sk_value(intname.s, i); for(j = 0; j < sk_X509_NAME_ENTRY_num(entries); j++) { entry = sk_X509_NAME_ENTRY_value(entries, j); entry->set = i; - if(!sk_X509_NAME_ENTRY_push(nm->entries, entry)) + if(!sk_X509_NAME_ENTRY_push(nm.x->entries, entry)) goto err; } sk_X509_NAME_ENTRY_free(entries); } - sk_free(intname); - nm->modified = 0; - *val = (ASN1_VALUE *)nm; + sk_free(intname.s); + nm.x->modified = 0; + *val = nm.a; *in = p; return ret; err: - ASN1err(ASN1_F_D2I_X509_NAME, ERR_R_NESTED_ASN1_ERROR); + ASN1err(ASN1_F_X509_NAME_EX_D2I, ERR_R_NESTED_ASN1_ERROR); return 0; } @@ -219,36 +219,36 @@ static int x509_name_ex_i2d(ASN1_VALUE **val, unsigned char **out, const ASN1_IT static int x509_name_encode(X509_NAME *a) { - STACK *intname = NULL, **intname_pp = &intname; + union { STACK *s; ASN1_VALUE *a; } intname = {NULL}; int len; unsigned char *p; STACK_OF(X509_NAME_ENTRY) *entries = NULL; X509_NAME_ENTRY *entry; int i, set = -1; - intname = sk_new_null(); - if(!intname) goto memerr; + intname.s = sk_new_null(); + if(!intname.s) goto memerr; for(i = 0; i < sk_X509_NAME_ENTRY_num(a->entries); i++) { entry = sk_X509_NAME_ENTRY_value(a->entries, i); if(entry->set != set) { entries = sk_X509_NAME_ENTRY_new_null(); if(!entries) goto memerr; - if(!sk_push(intname, (char *)entries)) goto memerr; + if(!sk_push(intname.s, (char *)entries)) goto memerr; set = entry->set; } if(!sk_X509_NAME_ENTRY_push(entries, entry)) goto memerr; } - len = ASN1_item_ex_i2d((ASN1_VALUE **)intname_pp, NULL, + len = ASN1_item_ex_i2d(&intname.a, NULL, ASN1_ITEM_rptr(X509_NAME_INTERNAL), -1, -1); if (!BUF_MEM_grow(a->bytes,len)) goto memerr; p=(unsigned char *)a->bytes->data; - ASN1_item_ex_i2d((ASN1_VALUE **)intname_pp, + ASN1_item_ex_i2d(&intname.a, &p, ASN1_ITEM_rptr(X509_NAME_INTERNAL), -1, -1); - sk_pop_free(intname, sk_internal_free); + sk_pop_free(intname.s, sk_internal_free); a->modified = 0; return len; memerr: - sk_pop_free(intname, sk_internal_free); - ASN1err(ASN1_F_D2I_X509_NAME, ERR_R_MALLOC_FAILURE); + sk_pop_free(intname.s, sk_internal_free); + ASN1err(ASN1_F_X509_NAME_ENCODE, ERR_R_MALLOC_FAILURE); return -1; } diff --git a/src/lib/libssl/src/crypto/asn1/x_pkey.c b/src/lib/libssl/src/crypto/asn1/x_pkey.c index f1c6221ac3..8453618426 100644 --- a/src/lib/libssl/src/crypto/asn1/x_pkey.c +++ b/src/lib/libssl/src/crypto/asn1/x_pkey.c @@ -69,15 +69,15 @@ int i2d_X509_PKEY(X509_PKEY *a, unsigned char **pp) return(0); } -X509_PKEY *d2i_X509_PKEY(X509_PKEY **a, unsigned char **pp, long length) +X509_PKEY *d2i_X509_PKEY(X509_PKEY **a, const unsigned char **pp, long length) { int i; M_ASN1_D2I_vars(a,X509_PKEY *,X509_PKEY_new); M_ASN1_D2I_Init(); M_ASN1_D2I_start_sequence(); - M_ASN1_D2I_get(ret->enc_algor,d2i_X509_ALGOR); - M_ASN1_D2I_get(ret->enc_pkey,d2i_ASN1_OCTET_STRING); + M_ASN1_D2I_get_x(X509_ALGOR,ret->enc_algor,d2i_X509_ALGOR); + M_ASN1_D2I_get_x(ASN1_OCTET_STRING,ret->enc_pkey,d2i_ASN1_OCTET_STRING); ret->cipher.cipher=EVP_get_cipherbyname( OBJ_nid2ln(OBJ_obj2nid(ret->enc_algor->algorithm))); diff --git a/src/lib/libssl/src/crypto/asn1/x_pubkey.c b/src/lib/libssl/src/crypto/asn1/x_pubkey.c index 7d6d71af88..91c2756116 100644 --- a/src/lib/libssl/src/crypto/asn1/x_pubkey.c +++ b/src/lib/libssl/src/crypto/asn1/x_pubkey.c @@ -60,16 +60,23 @@ #include "cryptlib.h" #include #include +#ifndef OPENSSL_NO_RSA +#include +#endif +#ifndef OPENSSL_NO_DSA +#include +#endif /* Minor tweak to operation: free up EVP_PKEY */ static int pubkey_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it) -{ - if(operation == ASN1_OP_FREE_POST) { + { + if (operation == ASN1_OP_FREE_POST) + { X509_PUBKEY *pubkey = (X509_PUBKEY *)*pval; EVP_PKEY_free(pubkey->pkey); - } + } return 1; -} + } ASN1_SEQUENCE_cb(X509_PUBKEY, pubkey_cb) = { ASN1_SIMPLE(X509_PUBKEY, algor, X509_ALGOR), @@ -111,13 +118,12 @@ int X509_PUBKEY_set(X509_PUBKEY **x, EVP_PKEY *pkey) a->parameter->type=V_ASN1_NULL; } } - else #ifndef OPENSSL_NO_DSA - if (pkey->type == EVP_PKEY_DSA) + else if (pkey->type == EVP_PKEY_DSA) { unsigned char *pp; DSA *dsa; - + dsa=pkey->pkey.dsa; dsa->write_params=0; ASN1_TYPE_free(a->parameter); @@ -151,8 +157,64 @@ int X509_PUBKEY_set(X509_PUBKEY **x, EVP_PKEY *pkey) } OPENSSL_free(p); } - else #endif +#ifndef OPENSSL_NO_EC + else if (pkey->type == EVP_PKEY_EC) + { + int nid=0; + unsigned char *pp; + EC_KEY *ec_key; + const EC_GROUP *group; + + ec_key = pkey->pkey.ec; + ASN1_TYPE_free(a->parameter); + + if ((a->parameter = ASN1_TYPE_new()) == NULL) + { + X509err(X509_F_X509_PUBKEY_SET, ERR_R_ASN1_LIB); + goto err; + } + + group = EC_KEY_get0_group(ec_key); + if (EC_GROUP_get_asn1_flag(group) + && (nid = EC_GROUP_get_curve_name(group))) + { + /* just set the OID */ + a->parameter->type = V_ASN1_OBJECT; + a->parameter->value.object = OBJ_nid2obj(nid); + } + else /* explicit parameters */ + { + if ((i = i2d_ECParameters(ec_key, NULL)) == 0) + { + X509err(X509_F_X509_PUBKEY_SET, ERR_R_EC_LIB); + goto err; + } + if ((p = (unsigned char *) OPENSSL_malloc(i)) == NULL) + { + X509err(X509_F_X509_PUBKEY_SET, ERR_R_MALLOC_FAILURE); + goto err; + } + pp = p; + if (!i2d_ECParameters(ec_key, &pp)) + { + X509err(X509_F_X509_PUBKEY_SET, ERR_R_EC_LIB); + OPENSSL_free(p); + goto err; + } + a->parameter->type = V_ASN1_SEQUENCE; + if ((a->parameter->value.sequence = ASN1_STRING_new()) == NULL) + { + X509err(X509_F_X509_PUBKEY_SET, ERR_R_ASN1_LIB); + OPENSSL_free(p); + goto err; + } + ASN1_STRING_set(a->parameter->value.sequence, p, i); + OPENSSL_free(p); + } + } +#endif + else if (1) { X509err(X509_F_X509_PUBKEY_SET,X509_R_UNSUPPORTED_ALGORITHM); goto err; @@ -171,7 +233,7 @@ int X509_PUBKEY_set(X509_PUBKEY **x, EVP_PKEY *pkey) X509err(X509_F_X509_PUBKEY_SET,ERR_R_MALLOC_FAILURE); goto err; } - /* Set number of unused bits to zero */ + /* Set number of unused bits to zero */ pk->public_key->flags&= ~(ASN1_STRING_FLAG_BITS_LEFT|0x07); pk->public_key->flags|=ASN1_STRING_FLAG_BITS_LEFT; @@ -198,8 +260,8 @@ EVP_PKEY *X509_PUBKEY_get(X509_PUBKEY *key) EVP_PKEY *ret=NULL; long j; int type; - unsigned char *p; -#ifndef OPENSSL_NO_DSA + const unsigned char *p; +#if !defined(OPENSSL_NO_DSA) || !defined(OPENSSL_NO_ECDSA) const unsigned char *cp; X509_ALGOR *a; #endif @@ -207,40 +269,106 @@ EVP_PKEY *X509_PUBKEY_get(X509_PUBKEY *key) if (key == NULL) goto err; if (key->pkey != NULL) - { - CRYPTO_add(&key->pkey->references,1,CRYPTO_LOCK_EVP_PKEY); - return(key->pkey); - } + { + CRYPTO_add(&key->pkey->references, 1, CRYPTO_LOCK_EVP_PKEY); + return(key->pkey); + } if (key->public_key == NULL) goto err; type=OBJ_obj2nid(key->algor->algorithm); - p=key->public_key->data; - j=key->public_key->length; - if ((ret=d2i_PublicKey(type,NULL,&p,(long)j)) == NULL) + if ((ret = EVP_PKEY_new()) == NULL) { - X509err(X509_F_X509_PUBKEY_GET,X509_R_ERR_ASN1_LIB); + X509err(X509_F_X509_PUBKEY_GET, ERR_R_MALLOC_FAILURE); goto err; } - ret->save_parameters=0; + ret->type = EVP_PKEY_type(type); -#ifndef OPENSSL_NO_DSA + /* the parameters must be extracted before the public key (ECDSA!) */ + +#if !defined(OPENSSL_NO_DSA) || !defined(OPENSSL_NO_ECDSA) a=key->algor; - if (ret->type == EVP_PKEY_DSA) +#endif + + if (0) + ; +#ifndef OPENSSL_NO_DSA + else if (ret->type == EVP_PKEY_DSA) { if (a->parameter && (a->parameter->type == V_ASN1_SEQUENCE)) { + if ((ret->pkey.dsa = DSA_new()) == NULL) + { + X509err(X509_F_X509_PUBKEY_GET, ERR_R_MALLOC_FAILURE); + goto err; + } ret->pkey.dsa->write_params=0; cp=p=a->parameter->value.sequence->data; j=a->parameter->value.sequence->length; - if (!d2i_DSAparams(&ret->pkey.dsa,&cp,(long)j)) + if (!d2i_DSAparams(&ret->pkey.dsa, &cp, (long)j)) goto err; } ret->save_parameters=1; } #endif - key->pkey=ret; - CRYPTO_add(&ret->references,1,CRYPTO_LOCK_EVP_PKEY); +#ifndef OPENSSL_NO_EC + else if (ret->type == EVP_PKEY_EC) + { + if (a->parameter && (a->parameter->type == V_ASN1_SEQUENCE)) + { + /* type == V_ASN1_SEQUENCE => we have explicit parameters + * (e.g. parameters in the X9_62_EC_PARAMETERS-structure ) + */ + if ((ret->pkey.ec= EC_KEY_new()) == NULL) + { + X509err(X509_F_X509_PUBKEY_GET, + ERR_R_MALLOC_FAILURE); + goto err; + } + cp = p = a->parameter->value.sequence->data; + j = a->parameter->value.sequence->length; + if (!d2i_ECParameters(&ret->pkey.ec, &cp, (long)j)) + { + X509err(X509_F_X509_PUBKEY_GET, ERR_R_EC_LIB); + goto err; + } + } + else if (a->parameter && (a->parameter->type == V_ASN1_OBJECT)) + { + /* type == V_ASN1_OBJECT => the parameters are given + * by an asn1 OID + */ + EC_KEY *ec_key; + EC_GROUP *group; + + if (ret->pkey.ec == NULL) + ret->pkey.ec = EC_KEY_new(); + ec_key = ret->pkey.ec; + if (ec_key == NULL) + goto err; + group = EC_GROUP_new_by_curve_name(OBJ_obj2nid(a->parameter->value.object)); + if (group == NULL) + goto err; + EC_GROUP_set_asn1_flag(group, OPENSSL_EC_NAMED_CURVE); + if (EC_KEY_set_group(ec_key, group) == 0) + goto err; + EC_GROUP_free(group); + } + /* the case implicitlyCA is currently not implemented */ + ret->save_parameters = 1; + } +#endif + + p=key->public_key->data; + j=key->public_key->length; + if (!d2i_PublicKey(type, &ret, &p, (long)j)) + { + X509err(X509_F_X509_PUBKEY_GET, X509_R_ERR_ASN1_LIB); + goto err; + } + + key->pkey = ret; + CRYPTO_add(&ret->references, 1, CRYPTO_LOCK_EVP_PKEY); return(ret); err: if (ret != NULL) @@ -252,9 +380,9 @@ err: * and encode or decode as X509_PUBKEY */ -EVP_PKEY *d2i_PUBKEY(EVP_PKEY **a, unsigned char **pp, +EVP_PKEY *d2i_PUBKEY(EVP_PKEY **a, const unsigned char **pp, long length) -{ + { X509_PUBKEY *xpk; EVP_PKEY *pktmp; xpk = d2i_X509_PUBKEY(NULL, pp, length); @@ -262,15 +390,16 @@ EVP_PKEY *d2i_PUBKEY(EVP_PKEY **a, unsigned char **pp, pktmp = X509_PUBKEY_get(xpk); X509_PUBKEY_free(xpk); if(!pktmp) return NULL; - if(a) { + if(a) + { EVP_PKEY_free(*a); *a = pktmp; - } + } return pktmp; -} + } int i2d_PUBKEY(EVP_PKEY *a, unsigned char **pp) -{ + { X509_PUBKEY *xpk=NULL; int ret; if(!a) return 0; @@ -278,83 +407,125 @@ int i2d_PUBKEY(EVP_PKEY *a, unsigned char **pp) ret = i2d_X509_PUBKEY(xpk, pp); X509_PUBKEY_free(xpk); return ret; -} + } /* The following are equivalents but which return RSA and DSA * keys */ #ifndef OPENSSL_NO_RSA -RSA *d2i_RSA_PUBKEY(RSA **a, unsigned char **pp, +RSA *d2i_RSA_PUBKEY(RSA **a, const unsigned char **pp, long length) -{ + { EVP_PKEY *pkey; RSA *key; - unsigned char *q; + const unsigned char *q; q = *pp; pkey = d2i_PUBKEY(NULL, &q, length); - if(!pkey) return NULL; + if (!pkey) return NULL; key = EVP_PKEY_get1_RSA(pkey); EVP_PKEY_free(pkey); - if(!key) return NULL; + if (!key) return NULL; *pp = q; - if(a) { + if (a) + { RSA_free(*a); *a = key; - } + } return key; -} + } int i2d_RSA_PUBKEY(RSA *a, unsigned char **pp) -{ + { EVP_PKEY *pktmp; int ret; - if(!a) return 0; + if (!a) return 0; pktmp = EVP_PKEY_new(); - if(!pktmp) { + if (!pktmp) + { ASN1err(ASN1_F_I2D_RSA_PUBKEY, ERR_R_MALLOC_FAILURE); return 0; - } + } EVP_PKEY_set1_RSA(pktmp, a); ret = i2d_PUBKEY(pktmp, pp); EVP_PKEY_free(pktmp); return ret; -} + } #endif #ifndef OPENSSL_NO_DSA -DSA *d2i_DSA_PUBKEY(DSA **a, unsigned char **pp, +DSA *d2i_DSA_PUBKEY(DSA **a, const unsigned char **pp, long length) -{ + { EVP_PKEY *pkey; DSA *key; - unsigned char *q; + const unsigned char *q; q = *pp; pkey = d2i_PUBKEY(NULL, &q, length); - if(!pkey) return NULL; + if (!pkey) return NULL; key = EVP_PKEY_get1_DSA(pkey); EVP_PKEY_free(pkey); - if(!key) return NULL; + if (!key) return NULL; *pp = q; - if(a) { + if (a) + { DSA_free(*a); *a = key; - } + } return key; -} + } int i2d_DSA_PUBKEY(DSA *a, unsigned char **pp) -{ + { EVP_PKEY *pktmp; int ret; if(!a) return 0; pktmp = EVP_PKEY_new(); - if(!pktmp) { + if(!pktmp) + { ASN1err(ASN1_F_I2D_DSA_PUBKEY, ERR_R_MALLOC_FAILURE); return 0; - } + } EVP_PKEY_set1_DSA(pktmp, a); ret = i2d_PUBKEY(pktmp, pp); EVP_PKEY_free(pktmp); return ret; -} + } +#endif + +#ifndef OPENSSL_NO_EC +EC_KEY *d2i_EC_PUBKEY(EC_KEY **a, const unsigned char **pp, long length) + { + EVP_PKEY *pkey; + EC_KEY *key; + const unsigned char *q; + q = *pp; + pkey = d2i_PUBKEY(NULL, &q, length); + if (!pkey) return(NULL); + key = EVP_PKEY_get1_EC_KEY(pkey); + EVP_PKEY_free(pkey); + if (!key) return(NULL); + *pp = q; + if (a) + { + EC_KEY_free(*a); + *a = key; + } + return(key); + } + +int i2d_EC_PUBKEY(EC_KEY *a, unsigned char **pp) + { + EVP_PKEY *pktmp; + int ret; + if (!a) return(0); + if ((pktmp = EVP_PKEY_new()) == NULL) + { + ASN1err(ASN1_F_I2D_EC_PUBKEY, ERR_R_MALLOC_FAILURE); + return(0); + } + EVP_PKEY_set1_EC_KEY(pktmp, a); + ret = i2d_PUBKEY(pktmp, pp); + EVP_PKEY_free(pktmp); + return(ret); + } #endif diff --git a/src/lib/libssl/src/crypto/asn1/x_req.c b/src/lib/libssl/src/crypto/asn1/x_req.c index b3f18ebc12..59ca8ce329 100644 --- a/src/lib/libssl/src/crypto/asn1/x_req.c +++ b/src/lib/libssl/src/crypto/asn1/x_req.c @@ -102,7 +102,7 @@ ASN1_SEQUENCE_enc(X509_REQ_INFO, enc, rinf_cb) = { IMPLEMENT_ASN1_FUNCTIONS(X509_REQ_INFO) -ASN1_SEQUENCE_ref(X509_REQ, 0, CRYPTO_LOCK_X509_INFO) = { +ASN1_SEQUENCE_ref(X509_REQ, 0, CRYPTO_LOCK_X509_REQ) = { ASN1_SIMPLE(X509_REQ, req_info, X509_REQ_INFO), ASN1_SIMPLE(X509_REQ, sig_alg, X509_ALGOR), ASN1_SIMPLE(X509_REQ, signature, ASN1_BIT_STRING) diff --git a/src/lib/libssl/src/crypto/asn1/x_x509.c b/src/lib/libssl/src/crypto/asn1/x_x509.c index b50167ce43..e118696625 100644 --- a/src/lib/libssl/src/crypto/asn1/x_x509.c +++ b/src/lib/libssl/src/crypto/asn1/x_x509.c @@ -79,6 +79,8 @@ ASN1_SEQUENCE(X509_CINF) = { IMPLEMENT_ASN1_FUNCTIONS(X509_CINF) /* X509 top level structure needs a bit of customisation */ +extern void policy_cache_free(X509_POLICY_CACHE *cache); + static int x509_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it) { X509 *ret = (X509 *)*pval; @@ -92,6 +94,10 @@ static int x509_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it) ret->ex_pathlen = -1; ret->skid = NULL; ret->akid = NULL; +#ifndef OPENSSL_NO_RFC3779 + ret->rfc3779_addr = NULL; + ret->rfc3779_asid = NULL; +#endif ret->aux = NULL; CRYPTO_new_ex_data(CRYPTO_EX_INDEX_X509, ret, &ret->ex_data); break; @@ -106,6 +112,11 @@ static int x509_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it) X509_CERT_AUX_free(ret->aux); ASN1_OCTET_STRING_free(ret->skid); AUTHORITY_KEYID_free(ret->akid); + policy_cache_free(ret->policy_cache); +#ifndef OPENSSL_NO_RFC3779 + sk_IPAddressFamily_pop_free(ret->rfc3779_addr, IPAddressFamily_free); + ASIdentifiers_free(ret->rfc3779_asid); +#endif if (ret->name != NULL) OPENSSL_free(ret->name); break; @@ -125,11 +136,13 @@ ASN1_SEQUENCE_ref(X509, x509_cb, CRYPTO_LOCK_X509) = { IMPLEMENT_ASN1_FUNCTIONS(X509) IMPLEMENT_ASN1_DUP_FUNCTION(X509) -static ASN1_METHOD meth={ - (int (*)()) i2d_X509, - (char *(*)())d2i_X509, - (char *(*)())X509_new, - (void (*)()) X509_free}; +static ASN1_METHOD meth= + { + (I2D_OF(void)) i2d_X509, + (D2I_OF(void)) d2i_X509, + (void *(*)(void))X509_new, + (void (*)(void *)) X509_free + }; ASN1_METHOD *X509_asn1_meth(void) { @@ -161,9 +174,9 @@ void *X509_get_ex_data(X509 *r, int idx) * */ -X509 *d2i_X509_AUX(X509 **a, unsigned char **pp, long length) +X509 *d2i_X509_AUX(X509 **a, const unsigned char **pp, long length) { - unsigned char *q; + const unsigned char *q; X509 *ret; /* Save start position */ q = *pp; diff --git a/src/lib/libssl/src/crypto/asn1/x_x509a.c b/src/lib/libssl/src/crypto/asn1/x_x509a.c index f244768b7e..13db5fd03f 100644 --- a/src/lib/libssl/src/crypto/asn1/x_x509a.c +++ b/src/lib/libssl/src/crypto/asn1/x_x509a.c @@ -91,6 +91,14 @@ static X509_CERT_AUX *aux_get(X509 *x) int X509_alias_set1(X509 *x, unsigned char *name, int len) { X509_CERT_AUX *aux; + if (!name) + { + if (!x || !x->aux || !x->aux->alias) + return 1; + ASN1_UTF8STRING_free(x->aux->alias); + x->aux->alias = NULL; + return 1; + } if(!(aux = aux_get(x))) return 0; if(!aux->alias && !(aux->alias = ASN1_UTF8STRING_new())) return 0; return ASN1_STRING_set(aux->alias, name, len); @@ -99,6 +107,14 @@ int X509_alias_set1(X509 *x, unsigned char *name, int len) int X509_keyid_set1(X509 *x, unsigned char *id, int len) { X509_CERT_AUX *aux; + if (!id) + { + if (!x || !x->aux || !x->aux->keyid) + return 1; + ASN1_OCTET_STRING_free(x->aux->keyid); + x->aux->keyid = NULL; + return 1; + } if(!(aux = aux_get(x))) return 0; if(!aux->keyid && !(aux->keyid = ASN1_OCTET_STRING_new())) return 0; return ASN1_STRING_set(aux->keyid, id, len); @@ -111,6 +127,13 @@ unsigned char *X509_alias_get0(X509 *x, int *len) return x->aux->alias->data; } +unsigned char *X509_keyid_get0(X509 *x, int *len) +{ + if(!x->aux || !x->aux->keyid) return NULL; + if(len) *len = x->aux->keyid->length; + return x->aux->keyid->data; +} + int X509_add1_trust_object(X509 *x, ASN1_OBJECT *obj) { X509_CERT_AUX *aux; @@ -149,3 +172,9 @@ void X509_reject_clear(X509 *x) } } +ASN1_SEQUENCE(X509_CERT_PAIR) = { + ASN1_EXP_OPT(X509_CERT_PAIR, forward, X509, 0), + ASN1_EXP_OPT(X509_CERT_PAIR, reverse, X509, 1) +} ASN1_SEQUENCE_END(X509_CERT_PAIR) + +IMPLEMENT_ASN1_FUNCTIONS(X509_CERT_PAIR) diff --git a/src/lib/libssl/src/crypto/bf/Makefile b/src/lib/libssl/src/crypto/bf/Makefile index 42e2c050f8..8441954a8d 100644 --- a/src/lib/libssl/src/crypto/bf/Makefile +++ b/src/lib/libssl/src/crypto/bf/Makefile @@ -8,11 +8,6 @@ CC= cc CPP= $(CC) -E INCLUDES= CFLAG=-g -INSTALL_PREFIX= -OPENSSLDIR= /usr/local/ssl -INSTALLTOP=/usr/local/ssl -MAKEDEPPROG= makedepend -MAKEDEPEND= $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG) MAKEFILE= Makefile AR= ar r @@ -22,6 +17,7 @@ BF_ENC= bf_enc.o CFLAGS= $(INCLUDES) $(CFLAG) ASFLAGS= $(INCLUDES) $(ASFLAG) +AFLAGS= $(ASFLAGS) GENERAL=Makefile TEST=bftest.c @@ -48,20 +44,15 @@ lib: $(LIBOBJ) $(RANLIB) $(LIB) || echo Never mind. @touch lib -# elf -asm/bx86-elf.s: asm/bf-586.pl ../perlasm/x86asm.pl ../perlasm/cbc.pl - (cd asm; $(PERL) bf-586.pl elf $(CFLAGS) $(PROCESSOR) > bx86-elf.s) - +# ELF +bx86-elf.s: asm/bf-586.pl ../perlasm/x86asm.pl ../perlasm/cbc.pl + (cd asm; $(PERL) bf-586.pl elf $(CFLAGS) $(PROCESSOR) > ../$@) +# COFF +bx86-cof.s: asm/bf-586.pl ../perlasm/x86asm.pl ../perlasm/cbc.pl + (cd asm; $(PERL) bf-586.pl coff $(CFLAGS) $(PROCESSOR) > ../$@) # a.out -asm/bx86-out.o: asm/bx86unix.cpp - $(CPP) -DOUT asm/bx86unix.cpp | as -o asm/bx86-out.o - -# bsdi -asm/bx86bsdi.o: asm/bx86unix.cpp - $(CPP) -DBSDI asm/bx86unix.cpp | sed 's/ :/:/' | as -o asm/bx86bsdi.o - -asm/bx86unix.cpp: asm/bf-586.pl ../perlasm/x86asm.pl ../perlasm/cbc.pl - (cd asm; $(PERL) bf-586.pl cpp $(PROCESSOR) >bx86unix.cpp) +bx86-out.s: asm/bf-586.pl ../perlasm/x86asm.pl ../perlasm/cbc.pl + (cd asm; $(PERL) bf-586.pl a.out $(CFLAGS) $(PROCESSOR) > ../$@) files: $(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO @@ -71,9 +62,11 @@ links: @$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST) @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS) -install: installs - -installs: +# We need to use force because 'install' matches 'INSTALL' on case +# insensitive systems +FRC.install: +install: FRC.install + @[ -n "$(INSTALLTOP)" ] # should be set by top Makefile... @headerlist="$(EXHEADER)"; for i in $$headerlist ; \ do \ (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \ @@ -89,6 +82,7 @@ lint: lint -DLINT $(INCLUDES) $(SRC)>fluff depend: + @[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile... $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC) dclean: @@ -96,7 +90,7 @@ dclean: mv -f Makefile.new $(MAKEFILE) clean: - rm -f asm/bx86unix.cpp asm/*-elf.* *.o asm/*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff + rm -f *.s *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff # DO NOT DELETE THIS LINE -- make depend depends on it. @@ -109,8 +103,5 @@ bf_enc.o: ../../include/openssl/blowfish.h ../../include/openssl/e_os2.h bf_enc.o: ../../include/openssl/opensslconf.h bf_enc.c bf_locl.h bf_ofb64.o: ../../include/openssl/blowfish.h ../../include/openssl/e_os2.h bf_ofb64.o: ../../include/openssl/opensslconf.h bf_locl.h bf_ofb64.c -bf_skey.o: ../../include/openssl/blowfish.h ../../include/openssl/crypto.h -bf_skey.o: ../../include/openssl/e_os2.h ../../include/openssl/fips.h -bf_skey.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -bf_skey.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h -bf_skey.o: ../../include/openssl/symhacks.h bf_locl.h bf_pi.h bf_skey.c +bf_skey.o: ../../include/openssl/blowfish.h ../../include/openssl/e_os2.h +bf_skey.o: ../../include/openssl/opensslconf.h bf_locl.h bf_pi.h bf_skey.c diff --git a/src/lib/libssl/src/crypto/bf/bf_ecb.c b/src/lib/libssl/src/crypto/bf/bf_ecb.c index 341991636f..1607cefa32 100644 --- a/src/lib/libssl/src/crypto/bf/bf_ecb.c +++ b/src/lib/libssl/src/crypto/bf/bf_ecb.c @@ -65,7 +65,7 @@ * CAMBRIDGE SECURITY WORKSHOP, CAMBRIDGE, U.K., DECEMBER 9-11, 1993) */ -const char *BF_version="Blowfish" OPENSSL_VERSION_PTEXT; +const char BF_version[]="Blowfish" OPENSSL_VERSION_PTEXT; const char *BF_options(void) { diff --git a/src/lib/libssl/src/crypto/bf/bf_enc.c b/src/lib/libssl/src/crypto/bf/bf_enc.c index b380acf959..2d21d09f42 100644 --- a/src/lib/libssl/src/crypto/bf/bf_enc.c +++ b/src/lib/libssl/src/crypto/bf/bf_enc.c @@ -73,7 +73,7 @@ void BF_encrypt(BF_LONG *data, const BF_KEY *key) { #ifndef BF_PTR2 register BF_LONG l,r; - const register BF_LONG *p,*s; + register const BF_LONG *p,*s; p=key->P; s= &(key->S[0]); @@ -150,7 +150,7 @@ void BF_decrypt(BF_LONG *data, const BF_KEY *key) { #ifndef BF_PTR2 register BF_LONG l,r; - const register BF_LONG *p,*s; + register const BF_LONG *p,*s; p=key->P; s= &(key->S[0]); diff --git a/src/lib/libssl/src/crypto/bf/bf_opts.c b/src/lib/libssl/src/crypto/bf/bf_opts.c index 171dada2ca..1721bb99b4 100644 --- a/src/lib/libssl/src/crypto/bf/bf_opts.c +++ b/src/lib/libssl/src/crypto/bf/bf_opts.c @@ -69,7 +69,10 @@ #include OPENSSL_UNISTD_IO OPENSSL_DECLARE_EXIT +#ifndef OPENSSL_SYS_NETWARE #include +#endif + #ifndef _IRIX #include #endif diff --git a/src/lib/libssl/src/crypto/bf/bf_skey.c b/src/lib/libssl/src/crypto/bf/bf_skey.c index 1931aba83f..3673cdee6e 100644 --- a/src/lib/libssl/src/crypto/bf/bf_skey.c +++ b/src/lib/libssl/src/crypto/bf/bf_skey.c @@ -58,13 +58,11 @@ #include #include -#include #include -#include #include "bf_locl.h" #include "bf_pi.h" -FIPS_NON_FIPS_VCIPHER_Init(BF) +void BF_set_key(BF_KEY *key, int len, const unsigned char *data) { int i; BF_LONG *p,ri,in[2]; diff --git a/src/lib/libssl/src/crypto/bf/bfspeed.c b/src/lib/libssl/src/crypto/bf/bfspeed.c index f346af64f3..c41ef3b403 100644 --- a/src/lib/libssl/src/crypto/bf/bfspeed.c +++ b/src/lib/libssl/src/crypto/bf/bfspeed.c @@ -69,7 +69,10 @@ #include OPENSSL_UNISTD_IO OPENSSL_DECLARE_EXIT +#ifndef OPENSSL_SYS_NETWARE #include +#endif + #ifndef _IRIX #include #endif diff --git a/src/lib/libssl/src/crypto/bf/bftest.c b/src/lib/libssl/src/crypto/bf/bftest.c index 24d526b14b..97e6634d37 100644 --- a/src/lib/libssl/src/crypto/bf/bftest.c +++ b/src/lib/libssl/src/crypto/bf/bftest.c @@ -62,6 +62,7 @@ #include #include #include +#include /* To see if OPENSSL_NO_BF is defined */ #include "../e_os.h" @@ -277,6 +278,9 @@ int main(int argc, char *argv[]) else ret=test(); +#ifdef OPENSSL_SYS_NETWARE + if (ret) printf("ERROR: %d\n", ret); +#endif EXIT(ret); return(0); } diff --git a/src/lib/libssl/src/crypto/bf/blowfish.h b/src/lib/libssl/src/crypto/bf/blowfish.h index b4d8774961..cd49e85ab2 100644 --- a/src/lib/libssl/src/crypto/bf/blowfish.h +++ b/src/lib/libssl/src/crypto/bf/blowfish.h @@ -104,10 +104,7 @@ typedef struct bf_key_st BF_LONG S[4*256]; } BF_KEY; - -#ifdef OPENSSL_FIPS -void private_BF_set_key(BF_KEY *key, int len, const unsigned char *data); -#endif + void BF_set_key(BF_KEY *key, int len, const unsigned char *data); void BF_encrypt(BF_LONG *data,const BF_KEY *key); diff --git a/src/lib/libssl/src/crypto/bio/Makefile b/src/lib/libssl/src/crypto/bio/Makefile index a565154499..1ef6c2fb9f 100644 --- a/src/lib/libssl/src/crypto/bio/Makefile +++ b/src/lib/libssl/src/crypto/bio/Makefile @@ -7,11 +7,6 @@ TOP= ../.. CC= cc INCLUDES= -I.. -I$(TOP) -I../../include CFLAG=-g -INSTALL_PREFIX= -OPENSSLDIR= /usr/local/ssl -INSTALLTOP=/usr/local/ssl -MAKEDEPPROG= makedepend -MAKEDEPEND= $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG) MAKEFILE= Makefile AR= ar r @@ -26,19 +21,21 @@ LIBSRC= bio_lib.c bio_cb.c bio_err.c \ bss_mem.c bss_null.c bss_fd.c \ bss_file.c bss_sock.c bss_conn.c \ bf_null.c bf_buff.c b_print.c b_dump.c \ - b_sock.c bss_acpt.c bf_nbio.c bss_log.c bss_bio.c + b_sock.c bss_acpt.c bf_nbio.c bss_log.c bss_bio.c \ + bss_dgram.c # bf_lbuf.c LIBOBJ= bio_lib.o bio_cb.o bio_err.o \ bss_mem.o bss_null.o bss_fd.o \ bss_file.o bss_sock.o bss_conn.o \ bf_null.o bf_buff.o b_print.o b_dump.o \ - b_sock.o bss_acpt.o bf_nbio.o bss_log.o bss_bio.o + b_sock.o bss_acpt.o bf_nbio.o bss_log.o bss_bio.o \ + bss_dgram.o # bf_lbuf.o SRC= $(LIBSRC) EXHEADER= bio.h -HEADER= bss_file.c $(EXHEADER) +HEADER= bio_lcl.h $(EXHEADER) ALL= $(GENERAL) $(SRC) $(HEADER) @@ -61,6 +58,7 @@ links: @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS) install: + @[ -n "$(INSTALLTOP)" ] # should be set by top Makefile... @headerlist="$(EXHEADER)"; for i in $$headerlist; \ do \ (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \ @@ -76,6 +74,7 @@ lint: lint -DLINT $(INCLUDES) $(SRC)>fluff depend: + @[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile... $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC) dclean: @@ -91,30 +90,30 @@ b_dump.o: ../../e_os.h ../../include/openssl/bio.h b_dump.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h b_dump.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h b_dump.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h -b_dump.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h -b_dump.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -b_dump.o: ../cryptlib.h b_dump.c +b_dump.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +b_dump.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +b_dump.o: ../../include/openssl/symhacks.h ../cryptlib.h b_dump.c bio_lcl.h b_print.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h b_print.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h b_print.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h b_print.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h -b_print.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h -b_print.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -b_print.o: ../cryptlib.h b_print.c +b_print.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +b_print.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +b_print.o: ../../include/openssl/symhacks.h ../cryptlib.h b_print.c b_sock.o: ../../e_os.h ../../include/openssl/bio.h b_sock.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h b_sock.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h b_sock.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h -b_sock.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h -b_sock.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -b_sock.o: ../cryptlib.h b_sock.c +b_sock.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +b_sock.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +b_sock.o: ../../include/openssl/symhacks.h ../cryptlib.h b_sock.c bf_buff.o: ../../e_os.h ../../include/openssl/bio.h bf_buff.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h bf_buff.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h bf_buff.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h -bf_buff.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h -bf_buff.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -bf_buff.o: ../cryptlib.h bf_buff.c +bf_buff.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +bf_buff.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +bf_buff.o: ../../include/openssl/symhacks.h ../cryptlib.h bf_buff.c bf_nbio.o: ../../e_os.h ../../include/openssl/bio.h bf_nbio.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h bf_nbio.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h @@ -127,88 +126,96 @@ bf_null.o: ../../e_os.h ../../include/openssl/bio.h bf_null.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h bf_null.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h bf_null.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h -bf_null.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h -bf_null.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -bf_null.o: ../cryptlib.h bf_null.c +bf_null.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +bf_null.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +bf_null.o: ../../include/openssl/symhacks.h ../cryptlib.h bf_null.c bio_cb.o: ../../e_os.h ../../include/openssl/bio.h bio_cb.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h bio_cb.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h bio_cb.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h -bio_cb.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h -bio_cb.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -bio_cb.o: ../cryptlib.h bio_cb.c +bio_cb.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +bio_cb.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +bio_cb.o: ../../include/openssl/symhacks.h ../cryptlib.h bio_cb.c bio_err.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h bio_err.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h bio_err.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h -bio_err.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h -bio_err.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -bio_err.o: bio_err.c +bio_err.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +bio_err.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +bio_err.o: ../../include/openssl/symhacks.h bio_err.c bio_lib.o: ../../e_os.h ../../include/openssl/bio.h bio_lib.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h bio_lib.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h bio_lib.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h -bio_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h -bio_lib.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -bio_lib.o: ../cryptlib.h bio_lib.c +bio_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +bio_lib.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +bio_lib.o: ../../include/openssl/symhacks.h ../cryptlib.h bio_lib.c bss_acpt.o: ../../e_os.h ../../include/openssl/bio.h bss_acpt.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h bss_acpt.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h bss_acpt.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h -bss_acpt.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h -bss_acpt.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -bss_acpt.o: ../cryptlib.h bss_acpt.c +bss_acpt.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +bss_acpt.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +bss_acpt.o: ../../include/openssl/symhacks.h ../cryptlib.h bss_acpt.c bss_bio.o: ../../e_os.h ../../include/openssl/bio.h bss_bio.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h bss_bio.o: ../../include/openssl/err.h ../../include/openssl/lhash.h bss_bio.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -bss_bio.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h -bss_bio.o: ../../include/openssl/symhacks.h bss_bio.c +bss_bio.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h +bss_bio.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +bss_bio.o: bss_bio.c bss_conn.o: ../../e_os.h ../../include/openssl/bio.h bss_conn.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h bss_conn.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h bss_conn.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h -bss_conn.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h -bss_conn.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -bss_conn.o: ../cryptlib.h bss_conn.c +bss_conn.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +bss_conn.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +bss_conn.o: ../../include/openssl/symhacks.h ../cryptlib.h bss_conn.c +bss_dgram.o: ../../e_os.h ../../include/openssl/bio.h +bss_dgram.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h +bss_dgram.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h +bss_dgram.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h +bss_dgram.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +bss_dgram.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +bss_dgram.o: ../../include/openssl/symhacks.h ../cryptlib.h bss_dgram.c bss_fd.o: ../../e_os.h ../../include/openssl/bio.h bss_fd.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h bss_fd.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h bss_fd.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h -bss_fd.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h -bss_fd.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -bss_fd.o: ../cryptlib.h bss_fd.c +bss_fd.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +bss_fd.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +bss_fd.o: ../../include/openssl/symhacks.h ../cryptlib.h bio_lcl.h bss_fd.c bss_file.o: ../../e_os.h ../../include/openssl/bio.h bss_file.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h bss_file.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h bss_file.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h -bss_file.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h -bss_file.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -bss_file.o: ../cryptlib.h bss_file.c +bss_file.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +bss_file.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +bss_file.o: ../../include/openssl/symhacks.h ../cryptlib.h bio_lcl.h bss_file.c bss_log.o: ../../e_os.h ../../include/openssl/bio.h bss_log.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h bss_log.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h bss_log.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h -bss_log.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h -bss_log.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -bss_log.o: ../cryptlib.h bss_log.c +bss_log.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +bss_log.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +bss_log.o: ../../include/openssl/symhacks.h ../cryptlib.h bss_log.c bss_mem.o: ../../e_os.h ../../include/openssl/bio.h bss_mem.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h bss_mem.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h bss_mem.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h -bss_mem.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h -bss_mem.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -bss_mem.o: ../cryptlib.h bss_mem.c +bss_mem.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +bss_mem.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +bss_mem.o: ../../include/openssl/symhacks.h ../cryptlib.h bss_mem.c bss_null.o: ../../e_os.h ../../include/openssl/bio.h bss_null.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h bss_null.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h bss_null.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h -bss_null.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h -bss_null.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -bss_null.o: ../cryptlib.h bss_null.c +bss_null.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +bss_null.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +bss_null.o: ../../include/openssl/symhacks.h ../cryptlib.h bss_null.c bss_sock.o: ../../e_os.h ../../include/openssl/bio.h bss_sock.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h bss_sock.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h bss_sock.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h -bss_sock.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h -bss_sock.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -bss_sock.o: ../cryptlib.h bss_sock.c +bss_sock.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +bss_sock.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +bss_sock.o: ../../include/openssl/symhacks.h ../cryptlib.h bss_sock.c diff --git a/src/lib/libssl/src/crypto/bio/b_dump.c b/src/lib/libssl/src/crypto/bio/b_dump.c index f671e722fa..c80ecc4295 100644 --- a/src/lib/libssl/src/crypto/bio/b_dump.c +++ b/src/lib/libssl/src/crypto/bio/b_dump.c @@ -62,30 +62,32 @@ #include #include "cryptlib.h" -#include +#include "bio_lcl.h" #define TRUNCATE #define DUMP_WIDTH 16 #define DUMP_WIDTH_LESS_INDENT(i) (DUMP_WIDTH-((i-(i>6?6:i)+3)/4)) -int BIO_dump(BIO *bio, const char *s, int len) +int BIO_dump_cb(int (*cb)(const void *data, size_t len, void *u), + void *u, const char *s, int len) { - return BIO_dump_indent(bio, s, len, 0); + return BIO_dump_indent_cb(cb, u, s, len, 0); } -int BIO_dump_indent(BIO *bio, const char *s, int len, int indent) +int BIO_dump_indent_cb(int (*cb)(const void *data, size_t len, void *u), + void *u, const char *s, int len, int indent) { int ret=0; char buf[288+1],tmp[20],str[128+1]; - int i,j,rows,trunc; + int i,j,rows,trc; unsigned char ch; int dump_width; - - trunc=0; - + + trc=0; + #ifdef TRUNCATE - for(; (len > 0) && ((s[len-1] == ' ') || (s[len-1] == '\0')); len--) - trunc++; + for(; (len > 0) && ((s[len-1] == ' ') || (s[len-1] == '\0')); len--) + trc++; #endif if (indent < 0) @@ -96,7 +98,7 @@ int BIO_dump_indent(BIO *bio, const char *s, int len, int indent) memset(str,' ',indent); } str[indent]='\0'; - + dump_width=DUMP_WIDTH_LESS_INDENT(indent); rows=(len/dump_width); if ((rows*dump_width)=' ')&&(ch<='~'))?ch:'.'); + ((ch>=' ')&&(ch<='~'))?ch:'.'); #else BIO_snprintf(tmp,sizeof tmp,"%c", - ((ch>=os_toascii[' '])&&(ch<=os_toascii['~'])) - ? os_toebcdic[ch] - : '.'); + ((ch>=os_toascii[' '])&&(ch<=os_toascii['~'])) + ? os_toebcdic[ch] + : '.'); #endif BUF_strlcat(buf,tmp,sizeof buf); } BUF_strlcat(buf,"\n",sizeof buf); - /* if this is the last call then update the ddt_dump thing so that - * we will move the selection point in the debug window + /* if this is the last call then update the ddt_dump thing so + * that we will move the selection point in the debug window */ - ret+=BIO_write(bio,(char *)buf,strlen(buf)); + ret+=cb((void *)buf,strlen(buf),u); } #ifdef TRUNCATE - if (trunc > 0) + if (trc > 0) { BIO_snprintf(buf,sizeof buf,"%s%04x - \n",str, - len+trunc); - ret+=BIO_write(bio,(char *)buf,strlen(buf)); + len+trc); + ret+=cb((void *)buf,strlen(buf),u); } #endif return(ret); } + +#ifndef OPENSSL_NO_FP_API +static int write_fp(const void *data, size_t len, void *fp) + { + return UP_fwrite(data, len, 1, fp); + } +int BIO_dump_fp(FILE *fp, const char *s, int len) + { + return BIO_dump_cb(write_fp, fp, s, len); + } +int BIO_dump_indent_fp(FILE *fp, const char *s, int len, int indent) + { + return BIO_dump_indent_cb(write_fp, fp, s, len, indent); + } +#endif + +static int write_bio(const void *data, size_t len, void *bp) + { + return BIO_write((BIO *)bp, (const char *)data, len); + } +int BIO_dump(BIO *bp, const char *s, int len) + { + return BIO_dump_cb(write_bio, bp, s, len); + } +int BIO_dump_indent(BIO *bp, const char *s, int len, int indent) + { + return BIO_dump_indent_cb(write_bio, bp, s, len, indent); + } + diff --git a/src/lib/libssl/src/crypto/bio/b_print.c b/src/lib/libssl/src/crypto/bio/b_print.c index 165f046295..3a87b0ec0b 100644 --- a/src/lib/libssl/src/crypto/bio/b_print.c +++ b/src/lib/libssl/src/crypto/bio/b_print.c @@ -79,7 +79,7 @@ #include /* To get BN_LLONG properly defined */ #include -#ifdef BN_LLONG +#if defined(BN_LLONG) || defined(SIXTY_FOUR_BIT) # ifndef HAVE_LONG_LONG # define HAVE_LONG_LONG 1 # endif @@ -117,7 +117,7 @@ #if HAVE_LONG_LONG # if defined(OPENSSL_SYS_WIN32) && !defined(__GNUC__) -# define LLONG _int64 +# define LLONG __int64 # else # define LLONG long long # endif @@ -482,7 +482,7 @@ fmtint( int flags) { int signvalue = 0; - char *prefix = ""; + const char *prefix = ""; unsigned LLONG uvalue; char convert[DECIMAL_SIZE(value)+3]; int place = 0; @@ -513,8 +513,8 @@ fmtint( (caps ? "0123456789ABCDEF" : "0123456789abcdef") [uvalue % (unsigned) base]; uvalue = (uvalue / (unsigned) base); - } while (uvalue && (place < sizeof convert)); - if (place == sizeof convert) + } while (uvalue && (place < (int)sizeof(convert))); + if (place == sizeof(convert)) place--; convert[place] = 0; @@ -619,6 +619,7 @@ fmtfp( int caps = 0; long intpart; long fracpart; + long max10; if (max < 0) max = 6; @@ -639,11 +640,12 @@ fmtfp( /* we "cheat" by converting the fractional part to integer by multiplying by a factor of 10 */ - fracpart = roundv((pow_10(max)) * (ufvalue - intpart)); + max10 = roundv(pow_10(max)); + fracpart = roundv(pow_10(max) * (ufvalue - intpart)); - if (fracpart >= (long)pow_10(max)) { + if (fracpart >= max10) { intpart++; - fracpart -= (long)pow_10(max); + fracpart -= max10; } /* convert integer part */ @@ -652,7 +654,7 @@ fmtfp( (caps ? "0123456789ABCDEF" : "0123456789abcdef")[intpart % 10]; intpart = (intpart / 10); - } while (intpart && (iplace < sizeof iconvert)); + } while (intpart && (iplace < (int)sizeof(iconvert))); if (iplace == sizeof iconvert) iplace--; iconvert[iplace] = 0; diff --git a/src/lib/libssl/src/crypto/bio/b_sock.c b/src/lib/libssl/src/crypto/bio/b_sock.c index c851298d1e..ead477d8a2 100644 --- a/src/lib/libssl/src/crypto/bio/b_sock.c +++ b/src/lib/libssl/src/crypto/bio/b_sock.c @@ -56,14 +56,21 @@ * [including the GNU Public Licence.] */ -#ifndef OPENSSL_NO_SOCK - #include #include #include #define USE_SOCKETS #include "cryptlib.h" #include +#if defined(OPENSSL_SYS_NETWARE) && defined(NETWARE_BSDSOCK) +#include +#if defined(NETWARE_CLIB) +#include +NETDB_DEFINE_CONTEXT +#endif +#endif + +#ifndef OPENSSL_NO_SOCK #ifdef OPENSSL_SYS_WIN16 #define SOCKET_PROTOCOL 0 /* more microsoft stupidity */ @@ -79,7 +86,7 @@ #define MAX_LISTEN 32 #endif -#ifdef OPENSSL_SYS_WINDOWS +#if defined(OPENSSL_SYS_WINDOWS) || (defined(OPENSSL_SYS_NETWARE) && !defined(NETWARE_BSDSOCK)) static int wsa_init_done=0; #endif @@ -175,11 +182,11 @@ int BIO_get_port(const char *str, unsigned short *port_ptr) /* Note: under VMS with SOCKETSHR, it seems like the first * parameter is 'char *', instead of 'const char *' */ - s=getservbyname( #ifndef CONST_STRICT - (char *) + s=getservbyname((char *)str,"tcp"); +#else + s=getservbyname(str,"tcp"); #endif - str,"tcp"); if(s != NULL) *port_ptr=ntohs((unsigned short)s->s_port); CRYPTO_w_unlock(CRYPTO_LOCK_GETSERVBYNAME); @@ -357,7 +364,11 @@ struct hostent *BIO_gethostbyname(const char *name) #if 1 /* Caching gethostbyname() results forever is wrong, * so we have to let the true gethostbyname() worry about this */ +#if (defined(NETWARE_BSDSOCK) && !defined(__NOVELL_LIBC__)) + return gethostbyname((char*)name); +#else return gethostbyname(name); +#endif #else struct hostent *ret; int i,lowi=0,j; @@ -397,11 +408,11 @@ struct hostent *BIO_gethostbyname(const char *name) /* Note: under VMS with SOCKETSHR, it seems like the first * parameter is 'char *', instead of 'const char *' */ - ret=gethostbyname( # ifndef CONST_STRICT - (char *) + ret=gethostbyname((char *)name); +# else + ret=gethostbyname(name); # endif - name); if (ret == NULL) goto end; @@ -453,9 +464,6 @@ int BIO_sock_init(void) { int err; -#ifdef SIGINT - signal(SIGINT,(void (*)(int))BIO_sock_cleanup); -#endif wsa_init_done=1; memset(&wsa_state,0,sizeof(wsa_state)); if (WSAStartup(0x0101,&wsa_state)!=0) @@ -473,6 +481,26 @@ int BIO_sock_init(void) if (sock_init()) return (-1); #endif + +#if defined(OPENSSL_SYS_NETWARE) && !defined(NETWARE_BSDSOCK) + WORD wVerReq; + WSADATA wsaData; + int err; + + if (!wsa_init_done) + { + wsa_init_done=1; + wVerReq = MAKEWORD( 2, 0 ); + err = WSAStartup(wVerReq,&wsaData); + if (err != 0) + { + SYSerr(SYS_F_WSASTARTUP,err); + BIOerr(BIO_F_BIO_SOCK_INIT,BIO_R_WSASTARTUP); + return(-1); + } + } +#endif + return(1); } @@ -483,10 +511,16 @@ void BIO_sock_cleanup(void) { wsa_init_done=0; #ifndef OPENSSL_SYS_WINCE - WSACancelBlockingCall(); + WSACancelBlockingCall(); /* Winsock 1.1 specific */ #endif WSACleanup(); } +#elif defined(OPENSSL_SYS_NETWARE) && !defined(NETWARE_BSDSOCK) + if (wsa_init_done) + { + wsa_init_done=0; + WSACleanup(); + } #endif } diff --git a/src/lib/libssl/src/crypto/bio/bf_nbio.c b/src/lib/libssl/src/crypto/bio/bf_nbio.c index 1ce2bfacc0..c72a23c2e1 100644 --- a/src/lib/libssl/src/crypto/bio/bf_nbio.c +++ b/src/lib/libssl/src/crypto/bio/bf_nbio.c @@ -127,7 +127,7 @@ static int nbiof_read(BIO *b, char *out, int outl) { NBIO_TEST *nt; int ret=0; -#if 0 +#if 1 int num; unsigned char n; #endif @@ -137,7 +137,7 @@ static int nbiof_read(BIO *b, char *out, int outl) nt=(NBIO_TEST *)b->ptr; BIO_clear_retry_flags(b); -#if 0 +#if 1 RAND_pseudo_bytes(&n,1); num=(n&0x07); diff --git a/src/lib/libssl/src/crypto/bio/bio.h b/src/lib/libssl/src/crypto/bio/bio.h index 2eb703830f..cecb6a7207 100644 --- a/src/lib/libssl/src/crypto/bio/bio.h +++ b/src/lib/libssl/src/crypto/bio/bio.h @@ -59,13 +59,14 @@ #ifndef HEADER_BIO_H #define HEADER_BIO_H +#include + #ifndef OPENSSL_NO_FP_API # include #endif #include #include -#include #ifdef __cplusplus extern "C" { @@ -93,6 +94,8 @@ extern "C" { #define BIO_TYPE_BER (18|0x0200) /* BER -> bin filter */ #define BIO_TYPE_BIO (19|0x0400) /* (half a) BIO pair */ #define BIO_TYPE_LINEBUFFER (20|0x0200) /* filter */ +#define BIO_TYPE_DGRAM (21|0x0400|0x0100) +#define BIO_TYPE_COMP (23|0x0200) /* filter */ #define BIO_TYPE_DESCRIPTOR 0x0100 /* socket, fd, connect or accept */ #define BIO_TYPE_FILTER 0x0200 @@ -124,6 +127,38 @@ extern "C" { #define BIO_CTRL_SET_FILENAME 30 /* BIO_s_file special */ +/* dgram BIO stuff */ +#define BIO_CTRL_DGRAM_CONNECT 31 /* BIO dgram special */ +#define BIO_CTRL_DGRAM_SET_CONNECTED 32 /* allow for an externally + * connected socket to be + * passed in */ +#define BIO_CTRL_DGRAM_SET_RECV_TIMEOUT 33 /* setsockopt, essentially */ +#define BIO_CTRL_DGRAM_GET_RECV_TIMEOUT 34 /* getsockopt, essentially */ +#define BIO_CTRL_DGRAM_SET_SEND_TIMEOUT 35 /* setsockopt, essentially */ +#define BIO_CTRL_DGRAM_GET_SEND_TIMEOUT 36 /* getsockopt, essentially */ + +#define BIO_CTRL_DGRAM_GET_RECV_TIMER_EXP 37 /* flag whether the last */ +#define BIO_CTRL_DGRAM_GET_SEND_TIMER_EXP 38 /* I/O operation tiemd out */ + +/* #ifdef IP_MTU_DISCOVER */ +#define BIO_CTRL_DGRAM_MTU_DISCOVER 39 /* set DF bit on egress packets */ +/* #endif */ + +#define BIO_CTRL_DGRAM_QUERY_MTU 40 /* as kernel for current MTU */ +#define BIO_CTRL_DGRAM_GET_MTU 41 /* get cached value for MTU */ +#define BIO_CTRL_DGRAM_SET_MTU 42 /* set cached value for + * MTU. want to use this + * if asking the kernel + * fails */ + +#define BIO_CTRL_DGRAM_MTU_EXCEEDED 43 /* check whether the MTU + * was exceed in the + * previous write + * operation */ + +#define BIO_CTRL_DGRAM_SET_PEER 44 /* Destination for the data */ + + /* modifiers */ #define BIO_FP_READ 0x02 #define BIO_FP_WRITE 0x04 @@ -135,6 +170,11 @@ extern "C" { #define BIO_FLAGS_IO_SPECIAL 0x04 #define BIO_FLAGS_RWS (BIO_FLAGS_READ|BIO_FLAGS_WRITE|BIO_FLAGS_IO_SPECIAL) #define BIO_FLAGS_SHOULD_RETRY 0x08 +#ifndef BIO_FLAGS_UPLINK +/* "UPLINK" flag denotes file descriptors provided by application. + It defaults to 0, as most platforms don't require UPLINK interface. */ +#define BIO_FLAGS_UPLINK 0 +#endif /* Used in BIO_gethostbyname() */ #define BIO_GHBN_CTRL_HITS 1 @@ -157,28 +197,32 @@ extern "C" { */ #define BIO_FLAGS_MEM_RDONLY 0x200 -#define BIO_set_flags(b,f) ((b)->flags|=(f)) -#define BIO_get_flags(b) ((b)->flags) +typedef struct bio_st BIO; + +void BIO_set_flags(BIO *b, int flags); +int BIO_test_flags(const BIO *b, int flags); +void BIO_clear_flags(BIO *b, int flags); + +#define BIO_get_flags(b) BIO_test_flags(b, ~(0x0)) #define BIO_set_retry_special(b) \ - ((b)->flags|=(BIO_FLAGS_IO_SPECIAL|BIO_FLAGS_SHOULD_RETRY)) + BIO_set_flags(b, (BIO_FLAGS_IO_SPECIAL|BIO_FLAGS_SHOULD_RETRY)) #define BIO_set_retry_read(b) \ - ((b)->flags|=(BIO_FLAGS_READ|BIO_FLAGS_SHOULD_RETRY)) + BIO_set_flags(b, (BIO_FLAGS_READ|BIO_FLAGS_SHOULD_RETRY)) #define BIO_set_retry_write(b) \ - ((b)->flags|=(BIO_FLAGS_WRITE|BIO_FLAGS_SHOULD_RETRY)) + BIO_set_flags(b, (BIO_FLAGS_WRITE|BIO_FLAGS_SHOULD_RETRY)) /* These are normally used internally in BIOs */ -#define BIO_clear_flags(b,f) ((b)->flags&= ~(f)) #define BIO_clear_retry_flags(b) \ - ((b)->flags&= ~(BIO_FLAGS_RWS|BIO_FLAGS_SHOULD_RETRY)) + BIO_clear_flags(b, (BIO_FLAGS_RWS|BIO_FLAGS_SHOULD_RETRY)) #define BIO_get_retry_flags(b) \ - ((b)->flags&(BIO_FLAGS_RWS|BIO_FLAGS_SHOULD_RETRY)) + BIO_test_flags(b, (BIO_FLAGS_RWS|BIO_FLAGS_SHOULD_RETRY)) /* These should be used by the application to tell why we should retry */ -#define BIO_should_read(a) ((a)->flags & BIO_FLAGS_READ) -#define BIO_should_write(a) ((a)->flags & BIO_FLAGS_WRITE) -#define BIO_should_io_special(a) ((a)->flags & BIO_FLAGS_IO_SPECIAL) -#define BIO_retry_type(a) ((a)->flags & BIO_FLAGS_RWS) -#define BIO_should_retry(a) ((a)->flags & BIO_FLAGS_SHOULD_RETRY) +#define BIO_should_read(a) BIO_test_flags(a, BIO_FLAGS_READ) +#define BIO_should_write(a) BIO_test_flags(a, BIO_FLAGS_WRITE) +#define BIO_should_io_special(a) BIO_test_flags(a, BIO_FLAGS_IO_SPECIAL) +#define BIO_retry_type(a) BIO_test_flags(a, BIO_FLAGS_RWS) +#define BIO_should_retry(a) BIO_test_flags(a, BIO_FLAGS_SHOULD_RETRY) /* The next three are used in conjunction with the * BIO_should_io_special() condition. After this returns true, @@ -207,14 +251,14 @@ extern "C" { #define BIO_cb_pre(a) (!((a)&BIO_CB_RETURN)) #define BIO_cb_post(a) ((a)&BIO_CB_RETURN) -#define BIO_set_callback(b,cb) ((b)->callback=(cb)) -#define BIO_set_callback_arg(b,arg) ((b)->cb_arg=(char *)(arg)) -#define BIO_get_callback_arg(b) ((b)->cb_arg) -#define BIO_get_callback(b) ((b)->callback) -#define BIO_method_name(b) ((b)->method->name) -#define BIO_method_type(b) ((b)->method->type) +long (*BIO_get_callback(const BIO *b)) (struct bio_st *,int,const char *,int, long,long); +void BIO_set_callback(BIO *b, + long (*callback)(struct bio_st *,int,const char *,int, long,long)); +char *BIO_get_callback_arg(const BIO *b); +void BIO_set_callback_arg(BIO *b, char *arg); -typedef struct bio_st BIO; +const char * BIO_method_name(const BIO *b); +int BIO_method_type(const BIO *b); typedef void bio_info_cb(struct bio_st *, int, const char *, int, long, long); @@ -488,6 +532,18 @@ size_t BIO_ctrl_get_write_guarantee(BIO *b); size_t BIO_ctrl_get_read_request(BIO *b); int BIO_ctrl_reset_read_request(BIO *b); +/* ctrl macros for dgram */ +#define BIO_ctrl_dgram_connect(b,peer) \ + (int)BIO_ctrl(b,BIO_CTRL_DGRAM_CONNECT,0, (char *)peer) +#define BIO_ctrl_set_connected(b, state, peer) \ + (int)BIO_ctrl(b, BIO_CTRL_DGRAM_SET_CONNECTED, state, (char *)peer) +#define BIO_dgram_recv_timedout(b) \ + (int)BIO_ctrl(b, BIO_CTRL_DGRAM_GET_RECV_TIMER_EXP, 0, NULL) +#define BIO_dgram_send_timedout(b) \ + (int)BIO_ctrl(b, BIO_CTRL_DGRAM_GET_SEND_TIMER_EXP, 0, NULL) +#define BIO_dgram_set_peer(b,peer) \ + (int)BIO_ctrl(b, BIO_CTRL_DGRAM_SET_PEER, 0, (char *)peer) + /* These two aren't currently implemented */ /* int BIO_get_ex_num(BIO *bio); */ /* void BIO_set_ex_free_func(BIO *bio,int idx,void (*cb)()); */ @@ -567,15 +623,28 @@ BIO_METHOD *BIO_f_buffer(void); BIO_METHOD *BIO_f_linebuffer(void); #endif BIO_METHOD *BIO_f_nbio_test(void); +#ifndef OPENSSL_NO_DGRAM +BIO_METHOD *BIO_s_datagram(void); +#endif + /* BIO_METHOD *BIO_f_ber(void); */ int BIO_sock_should_retry(int i); int BIO_sock_non_fatal_error(int error); +int BIO_dgram_non_fatal_error(int error); + int BIO_fd_should_retry(int i); int BIO_fd_non_fatal_error(int error); +int BIO_dump_cb(int (*cb)(const void *data, size_t len, void *u), + void *u, const char *s, int len); +int BIO_dump_indent_cb(int (*cb)(const void *data, size_t len, void *u), + void *u, const char *s, int len, int indent); int BIO_dump(BIO *b,const char *bytes,int len); int BIO_dump_indent(BIO *b,const char *bytes,int len,int indent); - +#ifndef OPENSSL_NO_FP_API +int BIO_dump_fp(FILE *fp, const char *s, int len); +int BIO_dump_indent_fp(FILE *fp, const char *s, int len, int indent); +#endif struct hostent *BIO_gethostbyname(const char *name); /* We might want a thread-safe interface too: * struct hostent *BIO_gethostbyname_r(const char *name, @@ -597,6 +666,7 @@ void BIO_sock_cleanup(void); int BIO_set_tcp_ndelay(int sock,int turn_on); BIO *BIO_new_socket(int sock, int close_flag); +BIO *BIO_new_dgram(int fd, int close_flag); BIO *BIO_new_fd(int fd, int close_flag); BIO *BIO_new_connect(char *host_port); BIO *BIO_new_accept(char *host_port); @@ -612,10 +682,20 @@ void BIO_copy_next_retry(BIO *b); /*long BIO_ghbn_ctrl(int cmd,int iarg,char *parg);*/ -int BIO_printf(BIO *bio, const char *format, ...); -int BIO_vprintf(BIO *bio, const char *format, va_list args); -int BIO_snprintf(char *buf, size_t n, const char *format, ...); -int BIO_vsnprintf(char *buf, size_t n, const char *format, va_list args); +#ifdef __GNUC__ +# define __bio_h__attr__ __attribute__ +#else +# define __bio_h__attr__(x) +#endif +int BIO_printf(BIO *bio, const char *format, ...) + __bio_h__attr__((__format__(__printf__,2,3))); +int BIO_vprintf(BIO *bio, const char *format, va_list args) + __bio_h__attr__((__format__(__printf__,2,0))); +int BIO_snprintf(char *buf, size_t n, const char *format, ...) + __bio_h__attr__((__format__(__printf__,3,4))); +int BIO_vsnprintf(char *buf, size_t n, const char *format, va_list args) + __bio_h__attr__((__format__(__printf__,3,0))); +#undef __bio_h__attr__ /* BEGIN ERROR CODES */ /* The following lines are auto generated by the script mkerr.pl. Any changes @@ -629,6 +709,7 @@ void ERR_load_BIO_strings(void); #define BIO_F_ACPT_STATE 100 #define BIO_F_BIO_ACCEPT 101 #define BIO_F_BIO_BER_GET_HEADER 102 +#define BIO_F_BIO_CALLBACK_CTRL 131 #define BIO_F_BIO_CTRL 103 #define BIO_F_BIO_GETHOSTBYNAME 120 #define BIO_F_BIO_GETS 104 diff --git a/src/lib/libssl/src/crypto/bio/bio_err.c b/src/lib/libssl/src/crypto/bio/bio_err.c index 8859a58ae4..6603f1c74d 100644 --- a/src/lib/libssl/src/crypto/bio/bio_err.c +++ b/src/lib/libssl/src/crypto/bio/bio_err.c @@ -73,6 +73,7 @@ static ERR_STRING_DATA BIO_str_functs[]= {ERR_FUNC(BIO_F_ACPT_STATE), "ACPT_STATE"}, {ERR_FUNC(BIO_F_BIO_ACCEPT), "BIO_accept"}, {ERR_FUNC(BIO_F_BIO_BER_GET_HEADER), "BIO_BER_GET_HEADER"}, +{ERR_FUNC(BIO_F_BIO_CALLBACK_CTRL), "BIO_callback_ctrl"}, {ERR_FUNC(BIO_F_BIO_CTRL), "BIO_ctrl"}, {ERR_FUNC(BIO_F_BIO_GETHOSTBYNAME), "BIO_gethostbyname"}, {ERR_FUNC(BIO_F_BIO_GETS), "BIO_gets"}, @@ -142,15 +143,12 @@ static ERR_STRING_DATA BIO_str_reasons[]= void ERR_load_BIO_strings(void) { - static int init=1; +#ifndef OPENSSL_NO_ERR - if (init) + if (ERR_func_error_string(BIO_str_functs[0].error) == NULL) { - init=0; -#ifndef OPENSSL_NO_ERR ERR_load_strings(0,BIO_str_functs); ERR_load_strings(0,BIO_str_reasons); -#endif - } +#endif } diff --git a/src/lib/libssl/src/crypto/bio/bio_lib.c b/src/lib/libssl/src/crypto/bio/bio_lib.c index 692c8fb5c6..3f52ae953c 100644 --- a/src/lib/libssl/src/crypto/bio/bio_lib.c +++ b/src/lib/libssl/src/crypto/bio/bio_lib.c @@ -141,10 +141,56 @@ int BIO_free(BIO *a) void BIO_vfree(BIO *a) { BIO_free(a); } +void BIO_clear_flags(BIO *b, int flags) + { + b->flags &= ~flags; + } + +int BIO_test_flags(const BIO *b, int flags) + { + return (b->flags & flags); + } + +void BIO_set_flags(BIO *b, int flags) + { + b->flags |= flags; + } + +long (*BIO_get_callback(const BIO *b))(struct bio_st *,int,const char *,int, long,long) + { + return b->callback; + } + +void BIO_set_callback(BIO *b, long (*cb)(struct bio_st *,int,const char *,int, long,long)) + { + b->callback = cb; + } + +void BIO_set_callback_arg(BIO *b, char *arg) + { + b->cb_arg = arg; + } + +char * BIO_get_callback_arg(const BIO *b) + { + return b->cb_arg; + } + +const char * BIO_method_name(const BIO *b) + { + return b->method->name; + } + +int BIO_method_type(const BIO *b) + { + return b->method->type; + } + + int BIO_read(BIO *b, void *out, int outl) { int i; - long (*cb)(); + long (*cb)(BIO *,int,const char *,int,long,long); if ((b == NULL) || (b->method == NULL) || (b->method->bread == NULL)) { @@ -176,7 +222,7 @@ int BIO_read(BIO *b, void *out, int outl) int BIO_write(BIO *b, const void *in, int inl) { int i; - long (*cb)(); + long (*cb)(BIO *,int,const char *,int,long,long); if (b == NULL) return(0); @@ -211,7 +257,7 @@ int BIO_write(BIO *b, const void *in, int inl) int BIO_puts(BIO *b, const char *in) { int i; - long (*cb)(); + long (*cb)(BIO *,int,const char *,int,long,long); if ((b == NULL) || (b->method == NULL) || (b->method->bputs == NULL)) { @@ -244,7 +290,7 @@ int BIO_puts(BIO *b, const char *in) int BIO_gets(BIO *b, char *in, int inl) { int i; - long (*cb)(); + long (*cb)(BIO *,int,const char *,int,long,long); if ((b == NULL) || (b->method == NULL) || (b->method->bgets == NULL)) { @@ -305,7 +351,7 @@ char *BIO_ptr_ctrl(BIO *b, int cmd, long larg) long BIO_ctrl(BIO *b, int cmd, long larg, void *parg) { long ret; - long (*cb)(); + long (*cb)(BIO *,int,const char *,int,long,long); if (b == NULL) return(0); @@ -332,13 +378,13 @@ long BIO_ctrl(BIO *b, int cmd, long larg, void *parg) long BIO_callback_ctrl(BIO *b, int cmd, void (*fp)(struct bio_st *, int, const char *, int, long, long)) { long ret; - long (*cb)(); + long (*cb)(BIO *,int,const char *,int,long,long); if (b == NULL) return(0); if ((b->method == NULL) || (b->method->callback_ctrl == NULL)) { - BIOerr(BIO_F_BIO_CTRL,BIO_R_UNSUPPORTED_METHOD); + BIOerr(BIO_F_BIO_CALLBACK_CTRL,BIO_R_UNSUPPORTED_METHOD); return(-2); } diff --git a/src/lib/libssl/src/crypto/bio/bss_acpt.c b/src/lib/libssl/src/crypto/bio/bss_acpt.c index 8ea1db158b..d090b7272f 100644 --- a/src/lib/libssl/src/crypto/bio/bss_acpt.c +++ b/src/lib/libssl/src/crypto/bio/bss_acpt.c @@ -56,14 +56,14 @@ * [including the GNU Public Licence.] */ -#ifndef OPENSSL_NO_SOCK - #include #include #define USE_SOCKETS #include "cryptlib.h" #include +#ifndef OPENSSL_NO_SOCK + #ifdef OPENSSL_SYS_WIN16 #define SOCKET_PROTOCOL 0 /* more microsoft stupidity */ #else diff --git a/src/lib/libssl/src/crypto/bio/bss_conn.c b/src/lib/libssl/src/crypto/bio/bss_conn.c index 216780ed5e..c14727855b 100644 --- a/src/lib/libssl/src/crypto/bio/bss_conn.c +++ b/src/lib/libssl/src/crypto/bio/bss_conn.c @@ -56,14 +56,14 @@ * [including the GNU Public Licence.] */ -#ifndef OPENSSL_NO_SOCK - #include #include #define USE_SOCKETS #include "cryptlib.h" #include +#ifndef OPENSSL_NO_SOCK + #ifdef OPENSSL_SYS_WIN16 #define SOCKET_PROTOCOL 0 /* more microsoft stupidity */ #else @@ -130,7 +130,7 @@ static int conn_state(BIO *b, BIO_CONNECT *c) int ret= -1,i; unsigned long l; char *p,*q; - int (*cb)()=NULL; + int (*cb)(const BIO *,int,int)=NULL; if (c->info_callback != NULL) cb=c->info_callback; @@ -590,9 +590,9 @@ static long conn_ctrl(BIO *b, int cmd, long num, void *ptr) break; case BIO_CTRL_GET_CALLBACK: { - int (**fptr)(); + int (**fptr)(const BIO *bio,int state,int xret); - fptr=(int (**)())ptr; + fptr=(int (**)(const BIO *bio,int state,int xret))ptr; *fptr=data->info_callback; } break; diff --git a/src/lib/libssl/src/crypto/bio/bss_fd.c b/src/lib/libssl/src/crypto/bio/bss_fd.c index 5e3e187de6..4c229bf641 100644 --- a/src/lib/libssl/src/crypto/bio/bss_fd.c +++ b/src/lib/libssl/src/crypto/bio/bss_fd.c @@ -60,7 +60,19 @@ #include #define USE_SOCKETS #include "cryptlib.h" -#include +/* + * As for unconditional usage of "UPLINK" interface in this module. + * Trouble is that unlike Unix file descriptors [which are indexes + * in kernel-side per-process table], corresponding descriptors on + * platforms which require "UPLINK" interface seem to be indexes + * in a user-land, non-global table. Well, in fact they are indexes + * in stdio _iob[], and recall that _iob[] was the very reason why + * "UPLINK" interface was introduced in first place. But one way on + * another. Neither libcrypto or libssl use this BIO meaning that + * file descriptors can only be provided by application. Therefore + * "UPLINK" calls are due... + */ +#include "bio_lcl.h" static int fd_write(BIO *h, const char *buf, int num); static int fd_read(BIO *h, char *buf, int size); @@ -100,9 +112,9 @@ BIO *BIO_new_fd(int fd,int close_flag) static int fd_new(BIO *bi) { bi->init=0; - bi->num=0; + bi->num=-1; bi->ptr=NULL; - bi->flags=0; + bi->flags=BIO_FLAGS_UPLINK; /* essentially redundant */ return(1); } @@ -113,10 +125,10 @@ static int fd_free(BIO *a) { if (a->init) { - close(a->num); + UP_close(a->num); } a->init=0; - a->flags=0; + a->flags=BIO_FLAGS_UPLINK; } return(1); } @@ -128,7 +140,7 @@ static int fd_read(BIO *b, char *out,int outl) if (out != NULL) { clear_sys_error(); - ret=read(b->num,out,outl); + ret=UP_read(b->num,out,outl); BIO_clear_retry_flags(b); if (ret <= 0) { @@ -143,7 +155,7 @@ static int fd_write(BIO *b, const char *in, int inl) { int ret; clear_sys_error(); - ret=write(b->num,in,inl); + ret=UP_write(b->num,in,inl); BIO_clear_retry_flags(b); if (ret <= 0) { @@ -163,11 +175,11 @@ static long fd_ctrl(BIO *b, int cmd, long num, void *ptr) case BIO_CTRL_RESET: num=0; case BIO_C_FILE_SEEK: - ret=(long)lseek(b->num,num,0); + ret=(long)UP_lseek(b->num,num,0); break; case BIO_C_FILE_TELL: case BIO_CTRL_INFO: - ret=(long)lseek(b->num,0,1); + ret=(long)UP_lseek(b->num,0,1); break; case BIO_C_SET_FD: fd_free(b); diff --git a/src/lib/libssl/src/crypto/bio/bss_file.c b/src/lib/libssl/src/crypto/bio/bss_file.c index 8034ac93f9..4df9927c43 100644 --- a/src/lib/libssl/src/crypto/bio/bss_file.c +++ b/src/lib/libssl/src/crypto/bio/bss_file.c @@ -65,12 +65,34 @@ #ifndef HEADER_BSS_FILE_C #define HEADER_BSS_FILE_C +#if defined(__linux) || defined(__sun) || defined(__hpux) +/* Following definition aliases fopen to fopen64 on above mentioned + * platforms. This makes it possible to open and sequentially access + * files larger than 2GB from 32-bit application. It does not allow to + * traverse them beyond 2GB with fseek/ftell, but on the other hand *no* + * 32-bit platform permits that, not with fseek/ftell. Not to mention + * that breaking 2GB limit for seeking would require surgery to *our* + * API. But sequential access suffices for practical cases when you + * can run into large files, such as fingerprinting, so we can let API + * alone. For reference, the list of 32-bit platforms which allow for + * sequential access of large files without extra "magic" comprise *BSD, + * Darwin, IRIX... + */ +#ifndef _FILE_OFFSET_BITS +#define _FILE_OFFSET_BITS 64 +#endif +#endif + #include #include #include "cryptlib.h" -#include +#include "bio_lcl.h" #include +#if defined(OPENSSL_SYS_NETWARE) && defined(NETWARE_CLIB) +#include +#endif + #if !defined(OPENSSL_NO_STDIO) static int MS_CALLBACK file_write(BIO *h, const char *buf, int num); @@ -110,8 +132,12 @@ BIO *BIO_new_file(const char *filename, const char *mode) return(NULL); } if ((ret=BIO_new(BIO_s_file_internal())) == NULL) + { + fclose(file); return(NULL); + } + BIO_clear_flags(ret,BIO_FLAGS_UPLINK); /* we did fopen -> we disengage UPLINK */ BIO_set_fp(ret,file,BIO_CLOSE); return(ret); } @@ -123,6 +149,7 @@ BIO *BIO_new_fp(FILE *stream, int close_flag) if ((ret=BIO_new(BIO_s_file())) == NULL) return(NULL); + BIO_set_flags(ret,BIO_FLAGS_UPLINK); /* redundant, left for documentation puposes */ BIO_set_fp(ret,stream,close_flag); return(ret); } @@ -137,6 +164,7 @@ static int MS_CALLBACK file_new(BIO *bi) bi->init=0; bi->num=0; bi->ptr=NULL; + bi->flags=BIO_FLAGS_UPLINK; /* default to UPLINK */ return(1); } @@ -147,8 +175,12 @@ static int MS_CALLBACK file_free(BIO *a) { if ((a->init) && (a->ptr != NULL)) { - fclose((FILE *)a->ptr); + if (a->flags&BIO_FLAGS_UPLINK) + UP_fclose (a->ptr); + else + fclose (a->ptr); a->ptr=NULL; + a->flags=BIO_FLAGS_UPLINK; } a->init=0; } @@ -161,8 +193,11 @@ static int MS_CALLBACK file_read(BIO *b, char *out, int outl) if (b->init && (out != NULL)) { - ret=fread(out,1,(int)outl,(FILE *)b->ptr); - if(ret == 0 && ferror((FILE *)b->ptr)) + if (b->flags&BIO_FLAGS_UPLINK) + ret=UP_fread(out,1,(int)outl,b->ptr); + else + ret=fread(out,1,(int)outl,(FILE *)b->ptr); + if(ret == 0 && (b->flags&BIO_FLAGS_UPLINK)?UP_ferror((FILE *)b->ptr):ferror((FILE *)b->ptr)) { SYSerr(SYS_F_FREAD,get_last_sys_error()); BIOerr(BIO_F_FILE_READ,ERR_R_SYS_LIB); @@ -178,7 +213,11 @@ static int MS_CALLBACK file_write(BIO *b, const char *in, int inl) if (b->init && (in != NULL)) { - if (fwrite(in,(int)inl,1,(FILE *)b->ptr)) + if (b->flags&BIO_FLAGS_UPLINK) + ret=UP_fwrite(in,(int)inl,1,b->ptr); + else + ret=fwrite(in,(int)inl,1,(FILE *)b->ptr); + if (ret) ret=inl; /* ret=fwrite(in,1,(int)inl,(FILE *)b->ptr); */ /* according to Tim Hudson , the commented @@ -199,20 +238,45 @@ static long MS_CALLBACK file_ctrl(BIO *b, int cmd, long num, void *ptr) { case BIO_C_FILE_SEEK: case BIO_CTRL_RESET: - ret=(long)fseek(fp,num,0); + if (b->flags&BIO_FLAGS_UPLINK) + ret=(long)UP_fseek(b->ptr,num,0); + else + ret=(long)fseek(fp,num,0); break; case BIO_CTRL_EOF: - ret=(long)feof(fp); + if (b->flags&BIO_FLAGS_UPLINK) + ret=(long)UP_feof(fp); + else + ret=(long)feof(fp); break; case BIO_C_FILE_TELL: case BIO_CTRL_INFO: - ret=ftell(fp); + if (b->flags&BIO_FLAGS_UPLINK) + ret=UP_ftell(b->ptr); + else + ret=ftell(fp); break; case BIO_C_SET_FILE_PTR: file_free(b); b->shutdown=(int)num&BIO_CLOSE; - b->ptr=(char *)ptr; + b->ptr=ptr; b->init=1; +#if BIO_FLAGS_UPLINK!=0 +#if defined(__MINGW32__) && defined(__MSVCRT__) && !defined(_IOB_ENTRIES) +#define _IOB_ENTRIES 20 +#endif +#if defined(_IOB_ENTRIES) + /* Safety net to catch purely internal BIO_set_fp calls */ + if ((size_t)ptr >= (size_t)stdin && + (size_t)ptr < (size_t)(stdin+_IOB_ENTRIES)) + BIO_clear_flags(b,BIO_FLAGS_UPLINK); +#endif +#endif +#ifdef UP_fsetmode + if (b->flags&BIO_FLAGS_UPLINK) + UP_fsetmode(b->ptr,num&BIO_FP_TEXT?'t':'b'); + else +#endif { #if defined(OPENSSL_SYS_WINDOWS) int fd = fileno((FILE*)ptr); @@ -220,6 +284,14 @@ static long MS_CALLBACK file_ctrl(BIO *b, int cmd, long num, void *ptr) _setmode(fd,_O_TEXT); else _setmode(fd,_O_BINARY); +#elif defined(OPENSSL_SYS_NETWARE) && defined(NETWARE_CLIB) + int fd = fileno((FILE*)ptr); + /* Under CLib there are differences in file modes + */ + if (num & BIO_FP_TEXT) + setmode(fd,O_TEXT); + else + setmode(fd,O_BINARY); #elif defined(OPENSSL_SYS_MSDOS) int fd = fileno((FILE*)ptr); /* Set correct text/binary mode */ @@ -271,6 +343,12 @@ static long MS_CALLBACK file_ctrl(BIO *b, int cmd, long num, void *ptr) strcat(p,"b"); else strcat(p,"t"); +#endif +#if defined(OPENSSL_SYS_NETWARE) + if (!(num & BIO_FP_TEXT)) + strcat(p,"b"); + else + strcat(p,"t"); #endif fp=fopen(ptr,p); if (fp == NULL) @@ -281,8 +359,9 @@ static long MS_CALLBACK file_ctrl(BIO *b, int cmd, long num, void *ptr) ret=0; break; } - b->ptr=(char *)fp; + b->ptr=fp; b->init=1; + BIO_clear_flags(b,BIO_FLAGS_UPLINK); /* we did fopen -> we disengage UPLINK */ break; case BIO_C_GET_FILE_PTR: /* the ptr parameter is actually a FILE ** in this case. */ @@ -299,7 +378,10 @@ static long MS_CALLBACK file_ctrl(BIO *b, int cmd, long num, void *ptr) b->shutdown=(int)num; break; case BIO_CTRL_FLUSH: - fflush((FILE *)b->ptr); + if (b->flags&BIO_FLAGS_UPLINK) + UP_fflush(b->ptr); + else + fflush((FILE *)b->ptr); break; case BIO_CTRL_DUP: ret=1; @@ -321,7 +403,10 @@ static int MS_CALLBACK file_gets(BIO *bp, char *buf, int size) int ret=0; buf[0]='\0'; - fgets(buf,size,(FILE *)bp->ptr); + if (bp->flags&BIO_FLAGS_UPLINK) + UP_fgets(buf,size,bp->ptr); + else + fgets(buf,size,(FILE *)bp->ptr); if (buf[0] != '\0') ret=strlen(buf); return(ret); diff --git a/src/lib/libssl/src/crypto/bio/bss_log.c b/src/lib/libssl/src/crypto/bio/bss_log.c index 1eb678cac0..6360dbc820 100644 --- a/src/lib/libssl/src/crypto/bio/bss_log.c +++ b/src/lib/libssl/src/crypto/bio/bss_log.c @@ -78,6 +78,8 @@ # include #elif defined(__ultrix) # include +#elif defined(OPENSSL_SYS_NETWARE) +# define NO_SYSLOG #elif (!defined(MSDOS) || defined(WATT32)) && !defined(OPENSSL_SYS_VXWORKS) && !defined(NO_SYSLOG) # include #endif diff --git a/src/lib/libssl/src/crypto/bio/bss_sock.c b/src/lib/libssl/src/crypto/bio/bss_sock.c index 2c1c405ec7..472dd75821 100644 --- a/src/lib/libssl/src/crypto/bio/bss_sock.c +++ b/src/lib/libssl/src/crypto/bio/bss_sock.c @@ -56,8 +56,6 @@ * [including the GNU Public Licence.] */ -#ifndef OPENSSL_NO_SOCK - #include #include #define USE_SOCKETS @@ -248,7 +246,7 @@ int BIO_sock_non_fatal_error(int err) { switch (err) { -#if defined(OPENSSL_SYS_WINDOWS) +#if defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_NETWARE) # if defined(WSAEWOULDBLOCK) case WSAEWOULDBLOCK: # endif @@ -279,7 +277,7 @@ int BIO_sock_non_fatal_error(int err) #endif #ifdef EAGAIN -#if EWOULDBLOCK != EAGAIN +# if EWOULDBLOCK != EAGAIN case EAGAIN: # endif #endif @@ -302,4 +300,3 @@ int BIO_sock_non_fatal_error(int err) } return(0); } -#endif diff --git a/src/lib/libssl/src/crypto/bn/Makefile b/src/lib/libssl/src/crypto/bn/Makefile index 9969d242cc..e97c751390 100644 --- a/src/lib/libssl/src/crypto/bn/Makefile +++ b/src/lib/libssl/src/crypto/bn/Makefile @@ -8,11 +8,6 @@ CC= cc CPP= $(CC) -E INCLUDES= -I.. -I$(TOP) -I../../include CFLAG=-g -INSTALL_PREFIX= -OPENSSLDIR= /usr/local/ssl -INSTALLTOP=/usr/local/ssl -MAKEDEPPROG= makedepend -MAKEDEPEND= $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG) MAKEFILE= Makefile AR= ar r @@ -22,6 +17,7 @@ BN_ASM= bn_asm.o CFLAGS= $(INCLUDES) $(CFLAG) ASFLAGS= $(INCLUDES) $(ASFLAG) +AFLAGS= $(ASFLAGS) GENERAL=Makefile TEST=bntest.c exptest.c @@ -31,12 +27,14 @@ LIB=$(TOP)/libcrypto.a LIBSRC= bn_add.c bn_div.c bn_exp.c bn_lib.c bn_ctx.c bn_mul.c bn_mod.c \ bn_print.c bn_rand.c bn_shift.c bn_word.c bn_blind.c \ bn_kron.c bn_sqrt.c bn_gcd.c bn_prime.c bn_err.c bn_sqr.c bn_asm.c \ - bn_recp.c bn_mont.c bn_mpi.c bn_exp2.c bn_x931p.c + bn_recp.c bn_mont.c bn_mpi.c bn_exp2.c bn_gf2m.c bn_nist.c \ + bn_depr.c bn_const.c LIBOBJ= bn_add.o bn_div.o bn_exp.o bn_lib.o bn_ctx.o bn_mul.o bn_mod.o \ bn_print.o bn_rand.o bn_shift.o bn_word.o bn_blind.o \ bn_kron.o bn_sqrt.o bn_gcd.o bn_prime.o bn_err.o bn_sqr.o $(BN_ASM) \ - bn_recp.o bn_mont.o bn_mpi.o bn_exp2.o bn_x931p.o + bn_recp.o bn_mont.o bn_mpi.o bn_exp2.o bn_gf2m.o bn_nist.o \ + bn_depr.o bn_const.o SRC= $(LIBSRC) @@ -64,70 +62,60 @@ lib: $(LIBOBJ) $(RANLIB) $(LIB) || echo Never mind. @touch lib -# elf -asm/bn86-elf.s: asm/bn-586.pl ../perlasm/x86asm.pl - (cd asm; $(PERL) bn-586.pl elf $(CFLAGS) > bn86-elf.s) - -asm/co86-elf.s: asm/co-586.pl ../perlasm/x86asm.pl - (cd asm; $(PERL) co-586.pl elf $(CFLAGS) > co86-elf.s) - +# ELF +bn86-elf.s: asm/bn-586.pl ../perlasm/x86asm.pl + (cd asm; $(PERL) bn-586.pl elf $(CFLAGS) > ../$@) +co86-elf.s: asm/co-586.pl ../perlasm/x86asm.pl + (cd asm; $(PERL) co-586.pl elf $(CFLAGS) > ../$@) +mo86-elf.s: asm/mo-586.pl ../perlasm/x86asm.pl + (cd asm; $(PERL) mo-586.pl elf $(CFLAGS) > ../$@) +# COFF +bn86-cof.s: asm/bn-586.pl ../perlasm/x86asm.pl + (cd asm; $(PERL) bn-586.pl coff $(CFLAGS) > ../$@) +co86-cof.s: asm/co-586.pl ../perlasm/x86asm.pl + (cd asm; $(PERL) co-586.pl coff $(CFLAGS) > ../$@) +mo86-cof.s: asm/mo-586.pl ../perlasm/x86asm.pl + (cd asm; $(PERL) mo-586.pl coff $(CFLAGS) > ../$@) # a.out -asm/bn86-out.o: asm/bn86unix.cpp - $(CPP) -DOUT asm/bn86unix.cpp | as -o asm/bn86-out.o - -asm/co86-out.o: asm/co86unix.cpp - $(CPP) -DOUT asm/co86unix.cpp | as -o asm/co86-out.o - -# bsdi -asm/bn86bsdi.o: asm/bn86unix.cpp - $(CPP) -DBSDI asm/bn86unix.cpp | sed 's/ :/:/' | as -o asm/bn86bsdi.o - -asm/co86bsdi.o: asm/co86unix.cpp - $(CPP) -DBSDI asm/co86unix.cpp | sed 's/ :/:/' | as -o asm/co86bsdi.o - -asm/bn86unix.cpp: asm/bn-586.pl ../perlasm/x86asm.pl - (cd asm; $(PERL) bn-586.pl cpp >bn86unix.cpp ) - -asm/co86unix.cpp: asm/co-586.pl ../perlasm/x86asm.pl - (cd asm; $(PERL) co-586.pl cpp >co86unix.cpp ) - -asm/sparcv8.o: asm/sparcv8.S - -asm/sparcv8plus.o: asm/sparcv8plus.S - -# Old GNU assembler doesn't understand V9 instructions, so we -# hire /usr/ccs/bin/as to do the job. Note that option is called -# *-gcc27, but even gcc 2>=8 users may experience similar problem -# if they didn't bother to upgrade GNU assembler. Such users should -# not choose this option, but be adviced to *remove* GNU assembler -# or upgrade it. -asm/sparcv8plus-gcc27.o: asm/sparcv8plus.S - $(CC) $(ASFLAGS) -E asm/sparcv8plus.S | \ - /usr/ccs/bin/as -xarch=v8plus - -o asm/sparcv8plus-gcc27.o - - -asm/ia64.o: asm/ia64.S - -# Some compiler drivers (most notably HP-UX and Intel C++) don't -# understand .S extension:-( I wish I could pipe output from cc -E, -# but it's too compiler driver/ABI dependent to cover with a single -# rule... -asm/ia64-cpp.o: asm/ia64.S - $(CC) $(ASFLAGS) -E asm/ia64.S > /tmp/ia64.$$$$.s && \ - $(CC) $(ASFLAGS) -c -o asm/ia64-cpp.o /tmp/ia64.$$$$.s; \ - rm -f /tmp/ia64.$$$$.s - -asm/x86_64-gcc.o: asm/x86_64-gcc.c - $(CC) $(ASFLAGS) -c -o $@ $< - -asm/pa-risc2W.o: asm/pa-risc2W.s - /usr/ccs/bin/as -o asm/pa-risc2W.o asm/pa-risc2W.s - -asm/linux_ppc32.s: asm/ppc.pl; $(PERL) $< $@ -asm/linux_ppc64.s: asm/ppc.pl; $(PERL) $< $@ -asm/aix_ppc32.s: asm/ppc.pl; $(PERL) asm/ppc.pl $@ -asm/aix_ppc64.s: asm/ppc.pl; $(PERL) asm/ppc.pl $@ -asm/osx_ppc32.s: asm/ppc.pl; $(PERL) $< $@ +bn86-out.s: asm/bn-586.pl ../perlasm/x86asm.pl + (cd asm; $(PERL) bn-586.pl a.out $(CFLAGS) > ../$@) +co86-out.s: asm/co-586.pl ../perlasm/x86asm.pl + (cd asm; $(PERL) co-586.pl a.out $(CFLAGS) > ../$@) +mo86-out.s: asm/mo-586.pl ../perlasm/x86asm.pl + (cd asm; $(PERL) mo-586.pl a.out $(CFLAGS) > ../$@) + +sparcv8.o: asm/sparcv8.S + $(CC) $(CFLAGS) -c asm/sparcv8.S +sparcv8plus.o: asm/sparcv8plus.S + $(CC) $(CFLAGS) -c asm/sparcv8plus.S + +bn-mips3.o: asm/mips3.s + @if [ "$(CC)" = "gcc" ]; then \ + ABI=`expr "$(CFLAGS)" : ".*-mabi=\([n3264]*\)"` && \ + as -$$ABI -O -o $@ asm/mips3.s; \ + else $(CC) -c $(CFLAGS) -o $@ asm/mips3.s; fi + +x86_64-gcc.o: asm/x86_64-gcc.c + $(CC) $(CFLAGS) -c -o $@ asm/x86_64-gcc.c +x86_64-mont.s: asm/x86_64-mont.pl + $(PERL) asm/x86_64-mont.pl $@ + +bn-ia64.s: asm/ia64.S + $(CC) $(CFLAGS) -E asm/ia64.S > $@ + +# GNU assembler fails to compile PA-RISC2 modules, insist on calling +# vendor assembler... +pa-risc2W.o: asm/pa-risc2W.s + /usr/ccs/bin/as -o pa-risc2W.o asm/pa-risc2W.s +pa-risc2.o: asm/pa-risc2.s + /usr/ccs/bin/as -o pa-risc2.o asm/pa-risc2.s + +# ppc - AIX, Linux, MacOS X... +linux_ppc32.s: asm/ppc.pl; $(PERL) $< $@ +linux_ppc64.s: asm/ppc.pl; $(PERL) $< $@ +aix_ppc32.s: asm/ppc.pl; $(PERL) asm/ppc.pl $@ +aix_ppc64.s: asm/ppc.pl; $(PERL) asm/ppc.pl $@ +osx_ppc32.s: asm/ppc.pl; $(PERL) $< $@ files: $(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO @@ -138,6 +126,7 @@ links: @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS) install: + @[ -n "$(INSTALLTOP)" ] # should be set by top Makefile... @headerlist="$(EXHEADER)"; for i in $$headerlist ; \ do \ (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \ @@ -161,6 +150,7 @@ lint: lint -DLINT $(INCLUDES) $(SRC)>fluff depend: + @[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile... $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC) dclean: @@ -168,7 +158,7 @@ dclean: mv -f Makefile.new $(MAKEFILE) clean: - rm -f asm/co86unix.cpp asm/bn86unix.cpp asm/*-elf.* *.o */*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff bn_asm.s + rm -f *.s *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff # DO NOT DELETE THIS LINE -- make depend depends on it. @@ -176,101 +166,131 @@ bn_add.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h bn_add.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h bn_add.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h bn_add.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h -bn_add.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h -bn_add.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -bn_add.o: ../cryptlib.h bn_add.c bn_lcl.h +bn_add.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +bn_add.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +bn_add.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_add.c bn_lcl.h bn_asm.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h bn_asm.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h bn_asm.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h bn_asm.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h -bn_asm.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h -bn_asm.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -bn_asm.o: ../cryptlib.h bn_asm.c bn_lcl.h +bn_asm.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +bn_asm.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +bn_asm.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_asm.c bn_lcl.h bn_blind.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h bn_blind.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h bn_blind.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h bn_blind.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h -bn_blind.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h -bn_blind.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -bn_blind.o: ../cryptlib.h bn_blind.c bn_lcl.h +bn_blind.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +bn_blind.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +bn_blind.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_blind.c bn_lcl.h +bn_const.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h +bn_const.o: ../../include/openssl/ossl_typ.h bn.h bn_const.c bn_ctx.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h bn_ctx.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h bn_ctx.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h bn_ctx.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h -bn_ctx.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h -bn_ctx.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -bn_ctx.o: ../cryptlib.h bn_ctx.c bn_lcl.h +bn_ctx.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +bn_ctx.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +bn_ctx.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_ctx.c bn_lcl.h +bn_depr.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h +bn_depr.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h +bn_depr.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h +bn_depr.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h +bn_depr.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +bn_depr.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h +bn_depr.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +bn_depr.o: ../cryptlib.h bn_depr.c bn_lcl.h bn_div.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h bn_div.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h bn_div.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h bn_div.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h -bn_div.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h -bn_div.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -bn_div.o: ../cryptlib.h bn_div.c bn_lcl.h +bn_div.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +bn_div.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +bn_div.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_div.c bn_lcl.h bn_err.o: ../../include/openssl/bio.h ../../include/openssl/bn.h bn_err.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h bn_err.o: ../../include/openssl/err.h ../../include/openssl/lhash.h bn_err.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -bn_err.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h -bn_err.o: ../../include/openssl/symhacks.h bn_err.c +bn_err.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h +bn_err.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +bn_err.o: bn_err.c bn_exp.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h bn_exp.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h bn_exp.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h bn_exp.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h -bn_exp.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h -bn_exp.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -bn_exp.o: ../cryptlib.h bn_exp.c bn_lcl.h +bn_exp.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +bn_exp.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +bn_exp.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_exp.c bn_lcl.h bn_exp2.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h bn_exp2.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h bn_exp2.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h bn_exp2.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h -bn_exp2.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h -bn_exp2.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -bn_exp2.o: ../cryptlib.h bn_exp2.c bn_lcl.h +bn_exp2.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +bn_exp2.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +bn_exp2.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_exp2.c bn_lcl.h bn_gcd.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h bn_gcd.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h bn_gcd.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h bn_gcd.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h -bn_gcd.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h -bn_gcd.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -bn_gcd.o: ../cryptlib.h bn_gcd.c bn_lcl.h -bn_kron.o: ../../include/openssl/bn.h ../../include/openssl/e_os2.h -bn_kron.o: ../../include/openssl/opensslconf.h bn_kron.c bn_lcl.h +bn_gcd.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +bn_gcd.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +bn_gcd.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_gcd.c bn_lcl.h +bn_gf2m.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h +bn_gf2m.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h +bn_gf2m.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h +bn_gf2m.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h +bn_gf2m.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +bn_gf2m.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +bn_gf2m.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_gf2m.c bn_lcl.h +bn_kron.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h +bn_kron.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h +bn_kron.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h +bn_kron.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h +bn_kron.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +bn_kron.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +bn_kron.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_kron.c bn_lcl.h bn_lib.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h bn_lib.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h bn_lib.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h bn_lib.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h -bn_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h -bn_lib.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -bn_lib.o: ../cryptlib.h bn_lcl.h bn_lib.c +bn_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +bn_lib.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +bn_lib.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_lcl.h bn_lib.c bn_mod.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h bn_mod.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h bn_mod.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h bn_mod.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h -bn_mod.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h -bn_mod.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -bn_mod.o: ../cryptlib.h bn_lcl.h bn_mod.c +bn_mod.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +bn_mod.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +bn_mod.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_lcl.h bn_mod.c bn_mont.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h bn_mont.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h bn_mont.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h bn_mont.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h -bn_mont.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h -bn_mont.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -bn_mont.o: ../cryptlib.h bn_lcl.h bn_mont.c +bn_mont.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +bn_mont.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +bn_mont.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_lcl.h bn_mont.c bn_mpi.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h bn_mpi.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h bn_mpi.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h bn_mpi.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h -bn_mpi.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h -bn_mpi.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -bn_mpi.o: ../cryptlib.h bn_lcl.h bn_mpi.c +bn_mpi.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +bn_mpi.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +bn_mpi.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_lcl.h bn_mpi.c bn_mul.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h bn_mul.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h bn_mul.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h bn_mul.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h -bn_mul.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h -bn_mul.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -bn_mul.o: ../cryptlib.h bn_lcl.h bn_mul.c +bn_mul.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +bn_mul.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +bn_mul.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_lcl.h bn_mul.c +bn_nist.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h +bn_nist.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h +bn_nist.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h +bn_nist.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h +bn_nist.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +bn_nist.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +bn_nist.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_lcl.h bn_nist.c bn_prime.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h bn_prime.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h bn_prime.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h @@ -283,9 +303,9 @@ bn_print.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h bn_print.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h bn_print.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h bn_print.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h -bn_print.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h -bn_print.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -bn_print.o: ../cryptlib.h bn_lcl.h bn_print.c +bn_print.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +bn_print.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +bn_print.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_lcl.h bn_print.c bn_rand.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h bn_rand.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h bn_rand.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h @@ -298,36 +318,34 @@ bn_recp.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h bn_recp.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h bn_recp.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h bn_recp.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h -bn_recp.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h -bn_recp.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -bn_recp.o: ../cryptlib.h bn_lcl.h bn_recp.c +bn_recp.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +bn_recp.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +bn_recp.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_lcl.h bn_recp.c bn_shift.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h bn_shift.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h bn_shift.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h bn_shift.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h -bn_shift.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h -bn_shift.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -bn_shift.o: ../cryptlib.h bn_lcl.h bn_shift.c +bn_shift.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +bn_shift.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +bn_shift.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_lcl.h bn_shift.c bn_sqr.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h bn_sqr.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h bn_sqr.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h bn_sqr.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h -bn_sqr.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h -bn_sqr.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -bn_sqr.o: ../cryptlib.h bn_lcl.h bn_sqr.c +bn_sqr.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +bn_sqr.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +bn_sqr.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_lcl.h bn_sqr.c bn_sqrt.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h bn_sqrt.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h bn_sqrt.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h bn_sqrt.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h -bn_sqrt.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h -bn_sqrt.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -bn_sqrt.o: ../cryptlib.h bn_lcl.h bn_sqrt.c +bn_sqrt.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +bn_sqrt.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +bn_sqrt.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_lcl.h bn_sqrt.c bn_word.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h bn_word.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h bn_word.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h bn_word.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h -bn_word.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h -bn_word.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -bn_word.o: ../cryptlib.h bn_lcl.h bn_word.c -bn_x931p.o: ../../include/openssl/bn.h ../../include/openssl/e_os2.h -bn_x931p.o: ../../include/openssl/opensslconf.h bn_x931p.c +bn_word.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +bn_word.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +bn_word.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_lcl.h bn_word.c diff --git a/src/lib/libssl/src/crypto/bn/asm/bn-586.pl b/src/lib/libssl/src/crypto/bn/asm/bn-586.pl index c4de4a2bee..26c2685a72 100644 --- a/src/lib/libssl/src/crypto/bn/asm/bn-586.pl +++ b/src/lib/libssl/src/crypto/bn/asm/bn-586.pl @@ -5,13 +5,18 @@ require "x86asm.pl"; &asm_init($ARGV[0],$0); +$sse2=0; +for (@ARGV) { $sse2=1 if (/-DOPENSSL_IA32_SSE2/); } + +&external_label("OPENSSL_ia32cap_P") if ($sse2); + &bn_mul_add_words("bn_mul_add_words"); &bn_mul_words("bn_mul_words"); &bn_sqr_words("bn_sqr_words"); &bn_div_words("bn_div_words"); &bn_add_words("bn_add_words"); &bn_sub_words("bn_sub_words"); -#&bn_sub_part_words("bn_sub_part_words"); +&bn_sub_part_words("bn_sub_part_words"); &asm_finish(); @@ -19,7 +24,7 @@ sub bn_mul_add_words { local($name)=@_; - &function_begin($name,""); + &function_begin($name,$sse2?"EXTRN\t_OPENSSL_ia32cap_P:DWORD":""); &comment(""); $Low="eax"; @@ -42,6 +47,83 @@ sub bn_mul_add_words &jz(&label("maw_finish")); + if ($sse2) { + &picmeup("eax","OPENSSL_ia32cap_P"); + &bt(&DWP(0,"eax"),26); + &jnc(&label("maw_loop")); + + &movd("mm0",$w); # mm0 = w + &pxor("mm1","mm1"); # mm1 = carry_in + + &set_label("maw_sse2_loop",0); + &movd("mm3",&DWP(0,$r,"",0)); # mm3 = r[0] + &paddq("mm1","mm3"); # mm1 = carry_in + r[0] + &movd("mm2",&DWP(0,$a,"",0)); # mm2 = a[0] + &pmuludq("mm2","mm0"); # mm2 = w*a[0] + &movd("mm4",&DWP(4,$a,"",0)); # mm4 = a[1] + &pmuludq("mm4","mm0"); # mm4 = w*a[1] + &movd("mm6",&DWP(8,$a,"",0)); # mm6 = a[2] + &pmuludq("mm6","mm0"); # mm6 = w*a[2] + &movd("mm7",&DWP(12,$a,"",0)); # mm7 = a[3] + &pmuludq("mm7","mm0"); # mm7 = w*a[3] + &paddq("mm1","mm2"); # mm1 = carry_in + r[0] + w*a[0] + &movd("mm3",&DWP(4,$r,"",0)); # mm3 = r[1] + &paddq("mm3","mm4"); # mm3 = r[1] + w*a[1] + &movd("mm5",&DWP(8,$r,"",0)); # mm5 = r[2] + &paddq("mm5","mm6"); # mm5 = r[2] + w*a[2] + &movd("mm4",&DWP(12,$r,"",0)); # mm4 = r[3] + &paddq("mm7","mm4"); # mm7 = r[3] + w*a[3] + &movd(&DWP(0,$r,"",0),"mm1"); + &movd("mm2",&DWP(16,$a,"",0)); # mm2 = a[4] + &pmuludq("mm2","mm0"); # mm2 = w*a[4] + &psrlq("mm1",32); # mm1 = carry0 + &movd("mm4",&DWP(20,$a,"",0)); # mm4 = a[5] + &pmuludq("mm4","mm0"); # mm4 = w*a[5] + &paddq("mm1","mm3"); # mm1 = carry0 + r[1] + w*a[1] + &movd("mm6",&DWP(24,$a,"",0)); # mm6 = a[6] + &pmuludq("mm6","mm0"); # mm6 = w*a[6] + &movd(&DWP(4,$r,"",0),"mm1"); + &psrlq("mm1",32); # mm1 = carry1 + &movd("mm3",&DWP(28,$a,"",0)); # mm3 = a[7] + &add($a,32); + &pmuludq("mm3","mm0"); # mm3 = w*a[7] + &paddq("mm1","mm5"); # mm1 = carry1 + r[2] + w*a[2] + &movd("mm5",&DWP(16,$r,"",0)); # mm5 = r[4] + &paddq("mm2","mm5"); # mm2 = r[4] + w*a[4] + &movd(&DWP(8,$r,"",0),"mm1"); + &psrlq("mm1",32); # mm1 = carry2 + &paddq("mm1","mm7"); # mm1 = carry2 + r[3] + w*a[3] + &movd("mm5",&DWP(20,$r,"",0)); # mm5 = r[5] + &paddq("mm4","mm5"); # mm4 = r[5] + w*a[5] + &movd(&DWP(12,$r,"",0),"mm1"); + &psrlq("mm1",32); # mm1 = carry3 + &paddq("mm1","mm2"); # mm1 = carry3 + r[4] + w*a[4] + &movd("mm5",&DWP(24,$r,"",0)); # mm5 = r[6] + &paddq("mm6","mm5"); # mm6 = r[6] + w*a[6] + &movd(&DWP(16,$r,"",0),"mm1"); + &psrlq("mm1",32); # mm1 = carry4 + &paddq("mm1","mm4"); # mm1 = carry4 + r[5] + w*a[5] + &movd("mm5",&DWP(28,$r,"",0)); # mm5 = r[7] + &paddq("mm3","mm5"); # mm3 = r[7] + w*a[7] + &movd(&DWP(20,$r,"",0),"mm1"); + &psrlq("mm1",32); # mm1 = carry5 + &paddq("mm1","mm6"); # mm1 = carry5 + r[6] + w*a[6] + &movd(&DWP(24,$r,"",0),"mm1"); + &psrlq("mm1",32); # mm1 = carry6 + &paddq("mm1","mm3"); # mm1 = carry6 + r[7] + w*a[7] + &movd(&DWP(28,$r,"",0),"mm1"); + &add($r,32); + &psrlq("mm1",32); # mm1 = carry_out + + &sub("ecx",8); + &jnz(&label("maw_sse2_loop")); + + &movd($c,"mm1"); # c = carry_out + &emms(); + + &jmp(&label("maw_finish")); + } + &set_label("maw_loop",0); &mov(&swtmp(0),"ecx"); # diff --git a/src/lib/libssl/src/crypto/bn/asm/ia64.S b/src/lib/libssl/src/crypto/bn/asm/ia64.S index 7b82b820e6..951abc53ea 100644 --- a/src/lib/libssl/src/crypto/bn/asm/ia64.S +++ b/src/lib/libssl/src/crypto/bn/asm/ia64.S @@ -171,21 +171,21 @@ .skip 32 // makes the loop body aligned at 64-byte boundary bn_add_words: .prologue - .fframe 0 .save ar.pfs,r2 { .mii; alloc r2=ar.pfs,4,12,0,16 cmp4.le p6,p0=r35,r0 };; { .mfb; mov r8=r0 // return value (p6) br.ret.spnt.many b0 };; - .save ar.lc,r3 { .mib; sub r10=r35,r0,1 + .save ar.lc,r3 mov r3=ar.lc brp.loop.imp .L_bn_add_words_ctop,.L_bn_add_words_cend-16 } - .body { .mib; ADDP r14=0,r32 // rp + .save pr,r9 mov r9=pr };; + .body { .mii; ADDP r15=0,r33 // ap mov ar.lc=r10 mov ar.ec=6 } @@ -224,21 +224,21 @@ bn_add_words: .skip 32 // makes the loop body aligned at 64-byte boundary bn_sub_words: .prologue - .fframe 0 .save ar.pfs,r2 { .mii; alloc r2=ar.pfs,4,12,0,16 cmp4.le p6,p0=r35,r0 };; { .mfb; mov r8=r0 // return value (p6) br.ret.spnt.many b0 };; - .save ar.lc,r3 { .mib; sub r10=r35,r0,1 + .save ar.lc,r3 mov r3=ar.lc brp.loop.imp .L_bn_sub_words_ctop,.L_bn_sub_words_cend-16 } - .body { .mib; ADDP r14=0,r32 // rp + .save pr,r9 mov r9=pr };; + .body { .mii; ADDP r15=0,r33 // ap mov ar.lc=r10 mov ar.ec=6 } @@ -283,7 +283,6 @@ bn_sub_words: .skip 32 // makes the loop body aligned at 64-byte boundary bn_mul_words: .prologue - .fframe 0 .save ar.pfs,r2 #ifdef XMA_TEMPTATION { .mfi; alloc r2=ar.pfs,4,0,0,0 };; @@ -294,9 +293,10 @@ bn_mul_words: cmp4.le p6,p0=r34,r0 (p6) br.ret.spnt.many b0 };; - .save ar.lc,r3 { .mii; sub r10=r34,r0,1 + .save ar.lc,r3 mov r3=ar.lc + .save pr,r9 mov r9=pr };; .body @@ -397,22 +397,21 @@ bn_mul_words: .skip 48 // makes the loop body aligned at 64-byte boundary bn_mul_add_words: .prologue - .fframe 0 .save ar.pfs,r2 - .save ar.lc,r3 - .save pr,r9 { .mmi; alloc r2=ar.pfs,4,4,0,8 cmp4.le p6,p0=r34,r0 + .save ar.lc,r3 mov r3=ar.lc };; { .mib; mov r8=r0 // return value sub r10=r34,r0,1 (p6) br.ret.spnt.many b0 };; - .body { .mib; setf.sig f8=r35 // w + .save pr,r9 mov r9=pr brp.loop.imp .L_bn_mul_add_words_ctop,.L_bn_mul_add_words_cend-16 } + .body { .mmi; ADDP r14=0,r32 // rp ADDP r15=0,r33 // ap mov ar.lc=r10 } @@ -466,7 +465,6 @@ bn_mul_add_words: .skip 32 // makes the loop body aligned at 64-byte boundary bn_sqr_words: .prologue - .fframe 0 .save ar.pfs,r2 { .mii; alloc r2=ar.pfs,3,0,0,0 sxt4 r34=r34 };; @@ -476,9 +474,10 @@ bn_sqr_words: nop.f 0x0 (p6) br.ret.spnt.many b0 };; - .save ar.lc,r3 { .mii; sub r10=r34,r0,1 + .save ar.lc,r3 mov r3=ar.lc + .save pr,r9 mov r9=pr };; .body @@ -545,7 +544,6 @@ bn_sqr_words: .align 64 bn_sqr_comba8: .prologue - .fframe 0 .save ar.pfs,r2 #if defined(_HPUX_SOURCE) && !defined(_LP64) { .mii; alloc r2=ar.pfs,2,1,0,0 @@ -617,7 +615,6 @@ bn_sqr_comba8: .align 64 bn_mul_comba8: .prologue - .fframe 0 .save ar.pfs,r2 #if defined(_HPUX_SOURCE) && !defined(_LP64) { .mii; alloc r2=ar.pfs,3,0,0,0 @@ -1175,7 +1172,6 @@ bn_mul_comba8: .align 64 bn_sqr_comba4: .prologue - .fframe 0 .save ar.pfs,r2 #if defined(_HPUX_SOURCE) && !defined(_LP64) { .mii; alloc r2=ar.pfs,2,1,0,0 @@ -1208,7 +1204,6 @@ bn_sqr_comba4: .align 64 bn_mul_comba4: .prologue - .fframe 0 .save ar.pfs,r2 #if defined(_HPUX_SOURCE) && !defined(_LP64) { .mii; alloc r2=ar.pfs,3,0,0,0 @@ -1411,11 +1406,11 @@ equ=p24 .align 64 bn_div_words: .prologue - .fframe 0 .save ar.pfs,r2 - .save b0,r3 { .mii; alloc r2=ar.pfs,3,5,0,8 + .save b0,r3 mov r3=b0 + .save pr,r10 mov r10=pr };; { .mmb; cmp.eq p6,p0=r34,r0 mov r8=-1 diff --git a/src/lib/libssl/src/crypto/bn/asm/mo-586.pl b/src/lib/libssl/src/crypto/bn/asm/mo-586.pl new file mode 100644 index 0000000000..0982293094 --- /dev/null +++ b/src/lib/libssl/src/crypto/bn/asm/mo-586.pl @@ -0,0 +1,603 @@ +#!/usr/bin/env perl + +# This is crypto/bn/asm/x86-mont.pl (with asciz from crypto/perlasm/x86asm.pl) +# from OpenSSL 0.9.9-dev + +sub ::asciz +{ my @str=unpack("C*",shift); + push @str,0; + while ($#str>15) { + &data_byte(@str[0..15]); + foreach (0..15) { shift @str; } + } + &data_byte(@str) if (@str); +} + +# ==================================================================== +# Written by Andy Polyakov for the OpenSSL +# project. The module is, however, dual licensed under OpenSSL and +# CRYPTOGAMS licenses depending on where you obtain it. For further +# details see http://www.openssl.org/~appro/cryptogams/. +# ==================================================================== + +# October 2005 +# +# This is a "teaser" code, as it can be improved in several ways... +# First of all non-SSE2 path should be implemented (yes, for now it +# performs Montgomery multiplication/convolution only on SSE2-capable +# CPUs such as P4, others fall down to original code). Then inner loop +# can be unrolled and modulo-scheduled to improve ILP and possibly +# moved to 128-bit XMM register bank (though it would require input +# rearrangement and/or increase bus bandwidth utilization). Dedicated +# squaring procedure should give further performance improvement... +# Yet, for being draft, the code improves rsa512 *sign* benchmark by +# 110%(!), rsa1024 one - by 70% and rsa4096 - by 20%:-) + +# December 2006 +# +# Modulo-scheduling SSE2 loops results in further 15-20% improvement. +# Integer-only code [being equipped with dedicated squaring procedure] +# gives ~40% on rsa512 sign benchmark... + +push(@INC,"perlasm","../../perlasm"); +require "x86asm.pl"; + +&asm_init($ARGV[0],$0); + +$sse2=0; +for (@ARGV) { $sse2=1 if (/-DOPENSSL_IA32_SSE2/); } + +&external_label("OPENSSL_ia32cap_P") if ($sse2); + +&function_begin("bn_mul_mont"); + +$i="edx"; +$j="ecx"; +$ap="esi"; $tp="esi"; # overlapping variables!!! +$rp="edi"; $bp="edi"; # overlapping variables!!! +$np="ebp"; +$num="ebx"; + +$_num=&DWP(4*0,"esp"); # stack top layout +$_rp=&DWP(4*1,"esp"); +$_ap=&DWP(4*2,"esp"); +$_bp=&DWP(4*3,"esp"); +$_np=&DWP(4*4,"esp"); +$_n0=&DWP(4*5,"esp"); $_n0q=&QWP(4*5,"esp"); +$_sp=&DWP(4*6,"esp"); +$_bpend=&DWP(4*7,"esp"); +$frame=32; # size of above frame rounded up to 16n + + &xor ("eax","eax"); + &mov ("edi",&wparam(5)); # int num + &cmp ("edi",4); + &jl (&label("just_leave")); + + &lea ("esi",&wparam(0)); # put aside pointer to argument block + &lea ("edx",&wparam(1)); # load ap + &mov ("ebp","esp"); # saved stack pointer! + &add ("edi",2); # extra two words on top of tp + &neg ("edi"); + &lea ("esp",&DWP(-$frame,"esp","edi",4)); # alloca($frame+4*(num+2)) + &neg ("edi"); + + # minimize cache contention by arraning 2K window between stack + # pointer and ap argument [np is also position sensitive vector, + # but it's assumed to be near ap, as it's allocated at ~same + # time]. + &mov ("eax","esp"); + &sub ("eax","edx"); + &and ("eax",2047); + &sub ("esp","eax"); # this aligns sp and ap modulo 2048 + + &xor ("edx","esp"); + &and ("edx",2048); + &xor ("edx",2048); + &sub ("esp","edx"); # this splits them apart modulo 4096 + + &and ("esp",-64); # align to cache line + + ################################# load argument block... + &mov ("eax",&DWP(0*4,"esi"));# BN_ULONG *rp + &mov ("ebx",&DWP(1*4,"esi"));# const BN_ULONG *ap + &mov ("ecx",&DWP(2*4,"esi"));# const BN_ULONG *bp + &mov ("edx",&DWP(3*4,"esi"));# const BN_ULONG *np + &mov ("esi",&DWP(4*4,"esi"));# const BN_ULONG *n0 + #&mov ("edi",&DWP(5*4,"esi"));# int num + + &mov ("esi",&DWP(0,"esi")); # pull n0[0] + &mov ($_rp,"eax"); # ... save a copy of argument block + &mov ($_ap,"ebx"); + &mov ($_bp,"ecx"); + &mov ($_np,"edx"); + &mov ($_n0,"esi"); + &lea ($num,&DWP(-3,"edi")); # num=num-1 to assist modulo-scheduling + #&mov ($_num,$num); # redundant as $num is not reused + &mov ($_sp,"ebp"); # saved stack pointer! + +if($sse2) { +$acc0="mm0"; # mmx register bank layout +$acc1="mm1"; +$car0="mm2"; +$car1="mm3"; +$mul0="mm4"; +$mul1="mm5"; +$temp="mm6"; +$mask="mm7"; + + &picmeup("eax","OPENSSL_ia32cap_P"); + &bt (&DWP(0,"eax"),26); + &jnc (&label("non_sse2")); + + &mov ("eax",-1); + &movd ($mask,"eax"); # mask 32 lower bits + + &mov ($ap,$_ap); # load input pointers + &mov ($bp,$_bp); + &mov ($np,$_np); + + &xor ($i,$i); # i=0 + &xor ($j,$j); # j=0 + + &movd ($mul0,&DWP(0,$bp)); # bp[0] + &movd ($mul1,&DWP(0,$ap)); # ap[0] + &movd ($car1,&DWP(0,$np)); # np[0] + + &pmuludq($mul1,$mul0); # ap[0]*bp[0] + &movq ($car0,$mul1); + &movq ($acc0,$mul1); # I wish movd worked for + &pand ($acc0,$mask); # inter-register transfers + + &pmuludq($mul1,$_n0q); # *=n0 + + &pmuludq($car1,$mul1); # "t[0]"*np[0]*n0 + &paddq ($car1,$acc0); + + &movd ($acc1,&DWP(4,$np)); # np[1] + &movd ($acc0,&DWP(4,$ap)); # ap[1] + + &psrlq ($car0,32); + &psrlq ($car1,32); + + &inc ($j); # j++ +&set_label("1st",16); + &pmuludq($acc0,$mul0); # ap[j]*bp[0] + &pmuludq($acc1,$mul1); # np[j]*m1 + &paddq ($car0,$acc0); # +=c0 + &paddq ($car1,$acc1); # +=c1 + + &movq ($acc0,$car0); + &pand ($acc0,$mask); + &movd ($acc1,&DWP(4,$np,$j,4)); # np[j+1] + &paddq ($car1,$acc0); # +=ap[j]*bp[0]; + &movd ($acc0,&DWP(4,$ap,$j,4)); # ap[j+1] + &psrlq ($car0,32); + &movd (&DWP($frame-4,"esp",$j,4),$car1); # tp[j-1]= + &psrlq ($car1,32); + + &lea ($j,&DWP(1,$j)); + &cmp ($j,$num); + &jl (&label("1st")); + + &pmuludq($acc0,$mul0); # ap[num-1]*bp[0] + &pmuludq($acc1,$mul1); # np[num-1]*m1 + &paddq ($car0,$acc0); # +=c0 + &paddq ($car1,$acc1); # +=c1 + + &movq ($acc0,$car0); + &pand ($acc0,$mask); + &paddq ($car1,$acc0); # +=ap[num-1]*bp[0]; + &movd (&DWP($frame-4,"esp",$j,4),$car1); # tp[num-2]= + + &psrlq ($car0,32); + &psrlq ($car1,32); + + &paddq ($car1,$car0); + &movq (&QWP($frame,"esp",$num,4),$car1); # tp[num].tp[num-1] + + &inc ($i); # i++ +&set_label("outer"); + &xor ($j,$j); # j=0 + + &movd ($mul0,&DWP(0,$bp,$i,4)); # bp[i] + &movd ($mul1,&DWP(0,$ap)); # ap[0] + &movd ($temp,&DWP($frame,"esp")); # tp[0] + &movd ($car1,&DWP(0,$np)); # np[0] + &pmuludq($mul1,$mul0); # ap[0]*bp[i] + + &paddq ($mul1,$temp); # +=tp[0] + &movq ($acc0,$mul1); + &movq ($car0,$mul1); + &pand ($acc0,$mask); + + &pmuludq($mul1,$_n0q); # *=n0 + + &pmuludq($car1,$mul1); + &paddq ($car1,$acc0); + + &movd ($temp,&DWP($frame+4,"esp")); # tp[1] + &movd ($acc1,&DWP(4,$np)); # np[1] + &movd ($acc0,&DWP(4,$ap)); # ap[1] + + &psrlq ($car0,32); + &psrlq ($car1,32); + &paddq ($car0,$temp); # +=tp[1] + + &inc ($j); # j++ + &dec ($num); +&set_label("inner"); + &pmuludq($acc0,$mul0); # ap[j]*bp[i] + &pmuludq($acc1,$mul1); # np[j]*m1 + &paddq ($car0,$acc0); # +=c0 + &paddq ($car1,$acc1); # +=c1 + + &movq ($acc0,$car0); + &movd ($temp,&DWP($frame+4,"esp",$j,4));# tp[j+1] + &pand ($acc0,$mask); + &movd ($acc1,&DWP(4,$np,$j,4)); # np[j+1] + &paddq ($car1,$acc0); # +=ap[j]*bp[i]+tp[j] + &movd ($acc0,&DWP(4,$ap,$j,4)); # ap[j+1] + &psrlq ($car0,32); + &movd (&DWP($frame-4,"esp",$j,4),$car1);# tp[j-1]= + &psrlq ($car1,32); + &paddq ($car0,$temp); # +=tp[j+1] + + &dec ($num); + &lea ($j,&DWP(1,$j)); # j++ + &jnz (&label("inner")); + + &mov ($num,$j); + &pmuludq($acc0,$mul0); # ap[num-1]*bp[i] + &pmuludq($acc1,$mul1); # np[num-1]*m1 + &paddq ($car0,$acc0); # +=c0 + &paddq ($car1,$acc1); # +=c1 + + &movq ($acc0,$car0); + &pand ($acc0,$mask); + &paddq ($car1,$acc0); # +=ap[num-1]*bp[i]+tp[num-1] + &movd (&DWP($frame-4,"esp",$j,4),$car1); # tp[num-2]= + &psrlq ($car0,32); + &psrlq ($car1,32); + + &movd ($temp,&DWP($frame+4,"esp",$num,4)); # += tp[num] + &paddq ($car1,$car0); + &paddq ($car1,$temp); + &movq (&QWP($frame,"esp",$num,4),$car1); # tp[num].tp[num-1] + + &lea ($i,&DWP(1,$i)); # i++ + &cmp ($i,$num); + &jle (&label("outer")); + + &emms (); # done with mmx bank + &jmp (&label("common_tail")); + +&set_label("non_sse2",16); +} + +if (0) { + &mov ("esp",$_sp); + &xor ("eax","eax"); # signal "not fast enough [yet]" + &jmp (&label("just_leave")); + # While the below code provides competitive performance for + # all key lengthes on modern Intel cores, it's still more + # than 10% slower for 4096-bit key elsewhere:-( "Competitive" + # means compared to the original integer-only assembler. + # 512-bit RSA sign is better by ~40%, but that's about all + # one can say about all CPUs... +} else { +$inp="esi"; # integer path uses these registers differently +$word="edi"; +$carry="ebp"; + + &mov ($inp,$_ap); + &lea ($carry,&DWP(1,$num)); + &mov ($word,$_bp); + &xor ($j,$j); # j=0 + &mov ("edx",$inp); + &and ($carry,1); # see if num is even + &sub ("edx",$word); # see if ap==bp + &lea ("eax",&DWP(4,$word,$num,4)); # &bp[num] + &or ($carry,"edx"); + &mov ($word,&DWP(0,$word)); # bp[0] + &jz (&label("bn_sqr_mont")); + &mov ($_bpend,"eax"); + &mov ("eax",&DWP(0,$inp)); + &xor ("edx","edx"); + +&set_label("mull",16); + &mov ($carry,"edx"); + &mul ($word); # ap[j]*bp[0] + &add ($carry,"eax"); + &lea ($j,&DWP(1,$j)); + &adc ("edx",0); + &mov ("eax",&DWP(0,$inp,$j,4)); # ap[j+1] + &cmp ($j,$num); + &mov (&DWP($frame-4,"esp",$j,4),$carry); # tp[j]= + &jl (&label("mull")); + + &mov ($carry,"edx"); + &mul ($word); # ap[num-1]*bp[0] + &mov ($word,$_n0); + &add ("eax",$carry); + &mov ($inp,$_np); + &adc ("edx",0); + &imul ($word,&DWP($frame,"esp")); # n0*tp[0] + + &mov (&DWP($frame,"esp",$num,4),"eax"); # tp[num-1]= + &xor ($j,$j); + &mov (&DWP($frame+4,"esp",$num,4),"edx"); # tp[num]= + &mov (&DWP($frame+8,"esp",$num,4),$j); # tp[num+1]= + + &mov ("eax",&DWP(0,$inp)); # np[0] + &mul ($word); # np[0]*m + &add ("eax",&DWP($frame,"esp")); # +=tp[0] + &mov ("eax",&DWP(4,$inp)); # np[1] + &adc ("edx",0); + &inc ($j); + + &jmp (&label("2ndmadd")); + +&set_label("1stmadd",16); + &mov ($carry,"edx"); + &mul ($word); # ap[j]*bp[i] + &add ($carry,&DWP($frame,"esp",$j,4)); # +=tp[j] + &lea ($j,&DWP(1,$j)); + &adc ("edx",0); + &add ($carry,"eax"); + &mov ("eax",&DWP(0,$inp,$j,4)); # ap[j+1] + &adc ("edx",0); + &cmp ($j,$num); + &mov (&DWP($frame-4,"esp",$j,4),$carry); # tp[j]= + &jl (&label("1stmadd")); + + &mov ($carry,"edx"); + &mul ($word); # ap[num-1]*bp[i] + &add ("eax",&DWP($frame,"esp",$num,4)); # +=tp[num-1] + &mov ($word,$_n0); + &adc ("edx",0); + &mov ($inp,$_np); + &add ($carry,"eax"); + &adc ("edx",0); + &imul ($word,&DWP($frame,"esp")); # n0*tp[0] + + &xor ($j,$j); + &add ("edx",&DWP($frame+4,"esp",$num,4)); # carry+=tp[num] + &mov (&DWP($frame,"esp",$num,4),$carry); # tp[num-1]= + &adc ($j,0); + &mov ("eax",&DWP(0,$inp)); # np[0] + &mov (&DWP($frame+4,"esp",$num,4),"edx"); # tp[num]= + &mov (&DWP($frame+8,"esp",$num,4),$j); # tp[num+1]= + + &mul ($word); # np[0]*m + &add ("eax",&DWP($frame,"esp")); # +=tp[0] + &mov ("eax",&DWP(4,$inp)); # np[1] + &adc ("edx",0); + &mov ($j,1); + +&set_label("2ndmadd",16); + &mov ($carry,"edx"); + &mul ($word); # np[j]*m + &add ($carry,&DWP($frame,"esp",$j,4)); # +=tp[j] + &lea ($j,&DWP(1,$j)); + &adc ("edx",0); + &add ($carry,"eax"); + &mov ("eax",&DWP(0,$inp,$j,4)); # np[j+1] + &adc ("edx",0); + &cmp ($j,$num); + &mov (&DWP($frame-8,"esp",$j,4),$carry); # tp[j-1]= + &jl (&label("2ndmadd")); + + &mov ($carry,"edx"); + &mul ($word); # np[j]*m + &add ($carry,&DWP($frame,"esp",$num,4)); # +=tp[num-1] + &adc ("edx",0); + &add ($carry,"eax"); + &adc ("edx",0); + &mov (&DWP($frame-4,"esp",$num,4),$carry); # tp[num-2]= + + &xor ("eax","eax"); + &mov ($j,$_bp); # &bp[i] + &add ("edx",&DWP($frame+4,"esp",$num,4)); # carry+=tp[num] + &adc ("eax",&DWP($frame+8,"esp",$num,4)); # +=tp[num+1] + &lea ($j,&DWP(4,$j)); + &mov (&DWP($frame,"esp",$num,4),"edx"); # tp[num-1]= + &cmp ($j,$_bpend); + &mov (&DWP($frame+4,"esp",$num,4),"eax"); # tp[num]= + &je (&label("common_tail")); + + &mov ($word,&DWP(0,$j)); # bp[i+1] + &mov ($inp,$_ap); + &mov ($_bp,$j); # &bp[++i] + &xor ($j,$j); + &xor ("edx","edx"); + &mov ("eax",&DWP(0,$inp)); + &jmp (&label("1stmadd")); + +&set_label("bn_sqr_mont",16); +$sbit=$num; + &mov ($_num,$num); + &mov ($_bp,$j); # i=0 + + &mov ("eax",$word); # ap[0] + &mul ($word); # ap[0]*ap[0] + &mov (&DWP($frame,"esp"),"eax"); # tp[0]= + &mov ($sbit,"edx"); + &shr ("edx",1); + &and ($sbit,1); + &inc ($j); +&set_label("sqr",16); + &mov ("eax",&DWP(0,$inp,$j,4)); # ap[j] + &mov ($carry,"edx"); + &mul ($word); # ap[j]*ap[0] + &add ("eax",$carry); + &lea ($j,&DWP(1,$j)); + &adc ("edx",0); + &lea ($carry,&DWP(0,$sbit,"eax",2)); + &shr ("eax",31); + &cmp ($j,$_num); + &mov ($sbit,"eax"); + &mov (&DWP($frame-4,"esp",$j,4),$carry); # tp[j]= + &jl (&label("sqr")); + + &mov ("eax",&DWP(0,$inp,$j,4)); # ap[num-1] + &mov ($carry,"edx"); + &mul ($word); # ap[num-1]*ap[0] + &add ("eax",$carry); + &mov ($word,$_n0); + &adc ("edx",0); + &mov ($inp,$_np); + &lea ($carry,&DWP(0,$sbit,"eax",2)); + &imul ($word,&DWP($frame,"esp")); # n0*tp[0] + &shr ("eax",31); + &mov (&DWP($frame,"esp",$j,4),$carry); # tp[num-1]= + + &lea ($carry,&DWP(0,"eax","edx",2)); + &mov ("eax",&DWP(0,$inp)); # np[0] + &shr ("edx",31); + &mov (&DWP($frame+4,"esp",$j,4),$carry); # tp[num]= + &mov (&DWP($frame+8,"esp",$j,4),"edx"); # tp[num+1]= + + &mul ($word); # np[0]*m + &add ("eax",&DWP($frame,"esp")); # +=tp[0] + &mov ($num,$j); + &adc ("edx",0); + &mov ("eax",&DWP(4,$inp)); # np[1] + &mov ($j,1); + +&set_label("3rdmadd",16); + &mov ($carry,"edx"); + &mul ($word); # np[j]*m + &add ($carry,&DWP($frame,"esp",$j,4)); # +=tp[j] + &adc ("edx",0); + &add ($carry,"eax"); + &mov ("eax",&DWP(4,$inp,$j,4)); # np[j+1] + &adc ("edx",0); + &mov (&DWP($frame-4,"esp",$j,4),$carry); # tp[j-1]= + + &mov ($carry,"edx"); + &mul ($word); # np[j+1]*m + &add ($carry,&DWP($frame+4,"esp",$j,4)); # +=tp[j+1] + &lea ($j,&DWP(2,$j)); + &adc ("edx",0); + &add ($carry,"eax"); + &mov ("eax",&DWP(0,$inp,$j,4)); # np[j+2] + &adc ("edx",0); + &cmp ($j,$num); + &mov (&DWP($frame-8,"esp",$j,4),$carry); # tp[j]= + &jl (&label("3rdmadd")); + + &mov ($carry,"edx"); + &mul ($word); # np[j]*m + &add ($carry,&DWP($frame,"esp",$num,4)); # +=tp[num-1] + &adc ("edx",0); + &add ($carry,"eax"); + &adc ("edx",0); + &mov (&DWP($frame-4,"esp",$num,4),$carry); # tp[num-2]= + + &mov ($j,$_bp); # i + &xor ("eax","eax"); + &mov ($inp,$_ap); + &add ("edx",&DWP($frame+4,"esp",$num,4)); # carry+=tp[num] + &adc ("eax",&DWP($frame+8,"esp",$num,4)); # +=tp[num+1] + &mov (&DWP($frame,"esp",$num,4),"edx"); # tp[num-1]= + &cmp ($j,$num); + &mov (&DWP($frame+4,"esp",$num,4),"eax"); # tp[num]= + &je (&label("common_tail")); + + &mov ($word,&DWP(4,$inp,$j,4)); # ap[i] + &lea ($j,&DWP(1,$j)); + &mov ("eax",$word); + &mov ($_bp,$j); # ++i + &mul ($word); # ap[i]*ap[i] + &add ("eax",&DWP($frame,"esp",$j,4)); # +=tp[i] + &adc ("edx",0); + &mov (&DWP($frame,"esp",$j,4),"eax"); # tp[i]= + &xor ($carry,$carry); + &cmp ($j,$num); + &lea ($j,&DWP(1,$j)); + &je (&label("sqrlast")); + + &mov ($sbit,"edx"); # zaps $num + &shr ("edx",1); + &and ($sbit,1); +&set_label("sqradd",16); + &mov ("eax",&DWP(0,$inp,$j,4)); # ap[j] + &mov ($carry,"edx"); + &mul ($word); # ap[j]*ap[i] + &add ("eax",$carry); + &lea ($carry,&DWP(0,"eax","eax")); + &adc ("edx",0); + &shr ("eax",31); + &add ($carry,&DWP($frame,"esp",$j,4)); # +=tp[j] + &lea ($j,&DWP(1,$j)); + &adc ("eax",0); + &add ($carry,$sbit); + &adc ("eax",0); + &cmp ($j,$_num); + &mov (&DWP($frame-4,"esp",$j,4),$carry); # tp[j]= + &mov ($sbit,"eax"); + &jle (&label("sqradd")); + + &mov ($carry,"edx"); + &lea ("edx",&DWP(0,$sbit,"edx",2)); + &shr ($carry,31); +&set_label("sqrlast"); + &mov ($word,$_n0); + &mov ($inp,$_np); + &imul ($word,&DWP($frame,"esp")); # n0*tp[0] + + &add ("edx",&DWP($frame,"esp",$j,4)); # +=tp[num] + &mov ("eax",&DWP(0,$inp)); # np[0] + &adc ($carry,0); + &mov (&DWP($frame,"esp",$j,4),"edx"); # tp[num]= + &mov (&DWP($frame+4,"esp",$j,4),$carry); # tp[num+1]= + + &mul ($word); # np[0]*m + &add ("eax",&DWP($frame,"esp")); # +=tp[0] + &lea ($num,&DWP(-1,$j)); + &adc ("edx",0); + &mov ($j,1); + &mov ("eax",&DWP(4,$inp)); # np[1] + + &jmp (&label("3rdmadd")); +} + +&set_label("common_tail",16); + &mov ($np,$_np); # load modulus pointer + &mov ($rp,$_rp); # load result pointer + &lea ($tp,&DWP($frame,"esp")); # [$ap and $bp are zapped] + + &mov ("eax",&DWP(0,$tp)); # tp[0] + &mov ($j,$num); # j=num-1 + &xor ($i,$i); # i=0 and clear CF! + +&set_label("sub",16); + &sbb ("eax",&DWP(0,$np,$i,4)); + &mov (&DWP(0,$rp,$i,4),"eax"); # rp[i]=tp[i]-np[i] + &dec ($j); # doesn't affect CF! + &mov ("eax",&DWP(4,$tp,$i,4)); # tp[i+1] + &lea ($i,&DWP(1,$i)); # i++ + &jge (&label("sub")); + + &sbb ("eax",0); # handle upmost overflow bit + &and ($tp,"eax"); + ¬ ("eax"); + &mov ($np,$rp); + &and ($np,"eax"); + &or ($tp,$np); # tp=carry?tp:rp + +&set_label("copy",16); # copy or in-place refresh + &mov ("eax",&DWP(0,$tp,$num,4)); + &mov (&DWP(0,$rp,$num,4),"eax"); # rp[i]=tp[i] + &mov (&DWP($frame,"esp",$num,4),$j); # zap temporary vector + &dec ($num); + &jge (&label("copy")); + + &mov ("esp",$_sp); # pull saved stack pointer + &mov ("eax",1); +&set_label("just_leave"); +&function_end("bn_mul_mont"); + +&asciz("Montgomery Multiplication for x86, CRYPTOGAMS by "); + +&asm_finish(); diff --git a/src/lib/libssl/src/crypto/bn/asm/x86_64-gcc.c b/src/lib/libssl/src/crypto/bn/asm/x86_64-gcc.c index 7378344251..f13f52dd85 100644 --- a/src/lib/libssl/src/crypto/bn/asm/x86_64-gcc.c +++ b/src/lib/libssl/src/crypto/bn/asm/x86_64-gcc.c @@ -1,3 +1,6 @@ +#ifdef __SUNPRO_C +# include "../bn_asm.c" /* kind of dirty hack for Sun Studio */ +#else /* * x86_64 BIGNUM accelerator version 0.1, December 2002. * @@ -591,3 +594,4 @@ void bn_sqr_comba4(BN_ULONG *r, BN_ULONG *a) r[6]=c1; r[7]=c2; } +#endif diff --git a/src/lib/libssl/src/crypto/bn/bn.h b/src/lib/libssl/src/crypto/bn/bn.h index 1251521c54..6d754d5547 100644 --- a/src/lib/libssl/src/crypto/bn/bn.h +++ b/src/lib/libssl/src/crypto/bn/bn.h @@ -55,6 +55,19 @@ * copied and put under another distribution licence * [including the GNU Public Licence.] */ +/* ==================================================================== + * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. + * + * Portions of the attached software ("Contribution") are developed by + * SUN MICROSYSTEMS, INC., and are contributed to the OpenSSL project. + * + * The Contribution is licensed pursuant to the Eric Young open source + * license provided above. + * + * The binary polynomial arithmetic software is originally written by + * Sheueling Chang Shantz and Douglas Stebila of Sun Microsystems Laboratories. + * + */ #ifndef HEADER_BN_H #define HEADER_BN_H @@ -63,14 +76,23 @@ #ifndef OPENSSL_NO_FP_API #include /* FILE */ #endif +#include #ifdef __cplusplus extern "C" { #endif -#ifdef OPENSSL_SYS_VMS -#undef BN_LLONG /* experimental, so far... */ -#endif +/* These preprocessor symbols control various aspects of the bignum headers and + * library code. They're not defined by any "normal" configuration, as they are + * intended for development and testing purposes. NB: defining all three can be + * useful for debugging application code as well as openssl itself. + * + * BN_DEBUG - turn on various debugging alterations to the bignum code + * BN_DEBUG_RAND - uses random poisoning of unused words to trip up + * mismanagement of bignum internals. You must also define BN_DEBUG. + */ +/* #define BN_DEBUG */ +/* #define BN_DEBUG_RAND */ #define BN_MUL_COMBA #define BN_SQR_COMBA @@ -143,10 +165,12 @@ extern "C" { #endif #ifdef THIRTY_TWO_BIT -#if defined(OPENSSL_SYS_WIN32) && !defined(__GNUC__) -#define BN_ULLONG unsigned _int64 -#else -#define BN_ULLONG unsigned long long +#ifdef BN_LLONG +# if defined(OPENSSL_SYS_WIN32) && !defined(__GNUC__) +# define BN_ULLONG unsigned __int64 +# else +# define BN_ULLONG unsigned long long +# endif #endif #define BN_ULONG unsigned long #define BN_LONG long @@ -219,15 +243,23 @@ extern "C" { #define BN_DEFAULT_BITS 1280 -#ifdef BIGNUM -#undef BIGNUM -#endif - #define BN_FLG_MALLOCED 0x01 #define BN_FLG_STATIC_DATA 0x02 -#define BN_FLG_EXP_CONSTTIME 0x04 /* avoid leaking exponent information through timings - * (BN_mod_exp_mont() will call BN_mod_exp_mont_consttime) */ +#define BN_FLG_CONSTTIME 0x04 /* avoid leaking exponent information through timing, + * BN_mod_exp_mont() will call BN_mod_exp_mont_consttime, + * BN_div() will call BN_div_no_branch, + * BN_mod_inverse() will call BN_mod_inverse_no_branch. + */ + +#ifndef OPENSSL_NO_DEPRECATED +#define BN_FLG_EXP_CONSTTIME BN_FLG_CONSTTIME /* deprecated name for the flag */ + /* avoid leaking exponent information through timings + * (BN_mod_exp_mont() will call BN_mod_exp_mont_consttime) */ +#endif + +#ifndef OPENSSL_NO_DEPRECATED #define BN_FLG_FREE 0x8000 /* used for debuging */ +#endif #define BN_set_flags(b,n) ((b)->flags|=(n)) #define BN_get_flags(b,n) ((b)->flags&(n)) @@ -242,7 +274,18 @@ extern "C" { | BN_FLG_STATIC_DATA \ | (n))) -typedef struct bignum_st +/* Already declared in ossl_typ.h */ +#if 0 +typedef struct bignum_st BIGNUM; +/* Used for temp variables (declaration hidden in bn_lcl.h) */ +typedef struct bignum_ctx BN_CTX; +typedef struct bn_blinding_st BN_BLINDING; +typedef struct bn_mont_ctx_st BN_MONT_CTX; +typedef struct bn_recp_ctx_st BN_RECP_CTX; +typedef struct bn_gencb_st BN_GENCB; +#endif + +struct bignum_st { BN_ULONG *d; /* Pointer to an array of 'BN_BITS2' bit chunks. */ int top; /* Index of last used d +1. */ @@ -250,44 +293,64 @@ typedef struct bignum_st int dmax; /* Size of the d array. */ int neg; /* one if the number is negative */ int flags; - } BIGNUM; - -/* Used for temp variables (declaration hidden in bn_lcl.h) */ -typedef struct bignum_ctx BN_CTX; - -typedef struct bn_blinding_st - { - int init; - BIGNUM *A; - BIGNUM *Ai; - BIGNUM *mod; /* just a reference */ - unsigned long thread_id; /* added in OpenSSL 0.9.6j and 0.9.7b; - * used only by crypto/rsa/rsa_eay.c, rsa_lib.c */ - } BN_BLINDING; + }; /* Used for montgomery multiplication */ -typedef struct bn_mont_ctx_st +struct bn_mont_ctx_st { int ri; /* number of bits in R */ BIGNUM RR; /* used to convert to montgomery form */ BIGNUM N; /* The modulus */ BIGNUM Ni; /* R*(1/R mod N) - N*Ni = 1 * (Ni is only stored for bignum algorithm) */ +#if 0 + /* OpenSSL 0.9.9 preview: */ + BN_ULONG n0[2];/* least significant word(s) of Ni */ +#else BN_ULONG n0; /* least significant word of Ni */ +#endif int flags; - } BN_MONT_CTX; + }; /* Used for reciprocal division/mod functions * It cannot be shared between threads */ -typedef struct bn_recp_ctx_st +struct bn_recp_ctx_st { BIGNUM N; /* the divisor */ BIGNUM Nr; /* the reciprocal */ int num_bits; int shift; int flags; - } BN_RECP_CTX; + }; + +/* Used for slow "generation" functions. */ +struct bn_gencb_st + { + unsigned int ver; /* To handle binary (in)compatibility */ + void *arg; /* callback-specific data */ + union + { + /* if(ver==1) - handles old style callbacks */ + void (*cb_1)(int, int, void *); + /* if(ver==2) - new callback style */ + int (*cb_2)(int, int, BN_GENCB *); + } cb; + }; +/* Wrapper function to make using BN_GENCB easier, */ +int BN_GENCB_call(BN_GENCB *cb, int a, int b); +/* Macro to populate a BN_GENCB structure with an "old"-style callback */ +#define BN_GENCB_set_old(gencb, callback, cb_arg) { \ + BN_GENCB *tmp_gencb = (gencb); \ + tmp_gencb->ver = 1; \ + tmp_gencb->arg = (cb_arg); \ + tmp_gencb->cb.cb_1 = (callback); } +/* Macro to populate a BN_GENCB structure with a "new"-style callback */ +#define BN_GENCB_set(gencb, callback, cb_arg) { \ + BN_GENCB *tmp_gencb = (gencb); \ + tmp_gencb->ver = 2; \ + tmp_gencb->arg = (cb_arg); \ + tmp_gencb->cb.cb_2 = (callback); } #define BN_prime_checks 0 /* default: select number of iterations based on the size of the number */ @@ -312,24 +375,33 @@ typedef struct bn_recp_ctx_st #define BN_num_bytes(a) ((BN_num_bits(a)+7)/8) -/* Note that BN_abs_is_word does not work reliably for w == 0 */ -#define BN_abs_is_word(a,w) (((a)->top == 1) && ((a)->d[0] == (BN_ULONG)(w))) -#define BN_is_zero(a) (((a)->top == 0) || BN_abs_is_word(a,0)) +/* Note that BN_abs_is_word didn't work reliably for w == 0 until 0.9.8 */ +#define BN_abs_is_word(a,w) ((((a)->top == 1) && ((a)->d[0] == (BN_ULONG)(w))) || \ + (((w) == 0) && ((a)->top == 0))) +#define BN_is_zero(a) ((a)->top == 0) #define BN_is_one(a) (BN_abs_is_word((a),1) && !(a)->neg) -#define BN_is_word(a,w) ((w) ? BN_abs_is_word((a),(w)) && !(a)->neg : \ - BN_is_zero((a))) +#define BN_is_word(a,w) (BN_abs_is_word((a),(w)) && (!(w) || !(a)->neg)) #define BN_is_odd(a) (((a)->top > 0) && ((a)->d[0] & 1)) #define BN_one(a) (BN_set_word((a),1)) +#define BN_zero_ex(a) \ + do { \ + BIGNUM *_tmp_bn = (a); \ + _tmp_bn->top = 0; \ + _tmp_bn->neg = 0; \ + } while(0) +#ifdef OPENSSL_NO_DEPRECATED +#define BN_zero(a) BN_zero_ex(a) +#else #define BN_zero(a) (BN_set_word((a),0)) - -/*#define BN_ascii2bn(a) BN_hex2bn(a) */ -/*#define BN_bn2ascii(a) BN_bn2hex(a) */ +#endif const BIGNUM *BN_value_one(void); char * BN_options(void); BN_CTX *BN_CTX_new(void); +#ifndef OPENSSL_NO_DEPRECATED void BN_CTX_init(BN_CTX *c); +#endif void BN_CTX_free(BN_CTX *c); void BN_CTX_start(BN_CTX *ctx); BIGNUM *BN_CTX_get(BN_CTX *ctx); @@ -355,6 +427,16 @@ int BN_uadd(BIGNUM *r, const BIGNUM *a, const BIGNUM *b); int BN_add(BIGNUM *r, const BIGNUM *a, const BIGNUM *b); int BN_mul(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx); int BN_sqr(BIGNUM *r, const BIGNUM *a,BN_CTX *ctx); +/** BN_set_negative sets sign of a BIGNUM + * \param b pointer to the BIGNUM object + * \param n 0 if the BIGNUM b should be positive and a value != 0 otherwise + */ +void BN_set_negative(BIGNUM *b, int n); +/** BN_is_negative returns 1 if the BIGNUM is negative + * \param a pointer to the BIGNUM object + * \return 1 if a < 0 and 0 otherwise + */ +#define BN_is_negative(a) ((a)->neg != 0) int BN_div(BIGNUM *dv, BIGNUM *rem, const BIGNUM *m, const BIGNUM *d, BN_CTX *ctx); @@ -428,6 +510,9 @@ BIGNUM *BN_mod_inverse(BIGNUM *ret, const BIGNUM *a, const BIGNUM *n,BN_CTX *ctx); BIGNUM *BN_mod_sqrt(BIGNUM *ret, const BIGNUM *a, const BIGNUM *n,BN_CTX *ctx); + +/* Deprecated versions */ +#ifndef OPENSSL_NO_DEPRECATED BIGNUM *BN_generate_prime(BIGNUM *ret,int bits,int safe, const BIGNUM *add, const BIGNUM *rem, void (*callback)(int,int,void *),void *cb_arg); @@ -437,19 +522,14 @@ int BN_is_prime(const BIGNUM *p,int nchecks, int BN_is_prime_fasttest(const BIGNUM *p,int nchecks, void (*callback)(int,int,void *),BN_CTX *ctx,void *cb_arg, int do_trial_division); +#endif /* !defined(OPENSSL_NO_DEPRECATED) */ -#ifdef OPENSSL_FIPS -int BN_X931_derive_prime(BIGNUM *p, BIGNUM *p1, BIGNUM *p2, - void (*cb)(int, int, void *), void *cb_arg, - const BIGNUM *Xp, const BIGNUM *Xp1, const BIGNUM *Xp2, - const BIGNUM *e, BN_CTX *ctx); -int BN_X931_generate_Xpq(BIGNUM *Xp, BIGNUM *Xq, int nbits, BN_CTX *ctx); -int BN_X931_generate_prime(BIGNUM *p, BIGNUM *p1, BIGNUM *p2, - BIGNUM *Xp1, BIGNUM *Xp2, - const BIGNUM *Xp, - const BIGNUM *e, BN_CTX *ctx, - void (*cb)(int, int, void *), void *cb_arg); -#endif +/* Newer versions */ +int BN_generate_prime_ex(BIGNUM *ret,int bits,int safe, const BIGNUM *add, + const BIGNUM *rem, BN_GENCB *cb); +int BN_is_prime_ex(const BIGNUM *p,int nchecks, BN_CTX *ctx, BN_GENCB *cb); +int BN_is_prime_fasttest_ex(const BIGNUM *p,int nchecks, BN_CTX *ctx, + int do_trial_division, BN_GENCB *cb); BN_MONT_CTX *BN_MONT_CTX_new(void ); void BN_MONT_CTX_init(BN_MONT_CTX *ctx); @@ -465,14 +545,31 @@ BN_MONT_CTX *BN_MONT_CTX_copy(BN_MONT_CTX *to,BN_MONT_CTX *from); BN_MONT_CTX *BN_MONT_CTX_set_locked(BN_MONT_CTX **pmont, int lock, const BIGNUM *mod, BN_CTX *ctx); -BN_BLINDING *BN_BLINDING_new(BIGNUM *A,BIGNUM *Ai,BIGNUM *mod); +/* BN_BLINDING flags */ +#define BN_BLINDING_NO_UPDATE 0x00000001 +#define BN_BLINDING_NO_RECREATE 0x00000002 + +BN_BLINDING *BN_BLINDING_new(const BIGNUM *A, const BIGNUM *Ai, /* const */ BIGNUM *mod); void BN_BLINDING_free(BN_BLINDING *b); int BN_BLINDING_update(BN_BLINDING *b,BN_CTX *ctx); -int BN_BLINDING_convert(BIGNUM *n, BN_BLINDING *r, BN_CTX *ctx); +int BN_BLINDING_convert(BIGNUM *n, BN_BLINDING *b, BN_CTX *ctx); int BN_BLINDING_invert(BIGNUM *n, BN_BLINDING *b, BN_CTX *ctx); - +int BN_BLINDING_convert_ex(BIGNUM *n, BIGNUM *r, BN_BLINDING *b, BN_CTX *); +int BN_BLINDING_invert_ex(BIGNUM *n, const BIGNUM *r, BN_BLINDING *b, BN_CTX *); +unsigned long BN_BLINDING_get_thread_id(const BN_BLINDING *); +void BN_BLINDING_set_thread_id(BN_BLINDING *, unsigned long); +unsigned long BN_BLINDING_get_flags(const BN_BLINDING *); +void BN_BLINDING_set_flags(BN_BLINDING *, unsigned long); +BN_BLINDING *BN_BLINDING_create_param(BN_BLINDING *b, + const BIGNUM *e, /* const */ BIGNUM *m, BN_CTX *ctx, + int (*bn_mod_exp)(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, + const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx), + BN_MONT_CTX *m_ctx); + +#ifndef OPENSSL_NO_DEPRECATED void BN_set_params(int mul,int high,int low,int mont); int BN_get_params(int which); /* 0, mul, 1 high, 2 low, 3 mont */ +#endif void BN_RECP_CTX_init(BN_RECP_CTX *recp); BN_RECP_CTX *BN_RECP_CTX_new(void); @@ -485,15 +582,162 @@ int BN_mod_exp_recp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, int BN_div_recp(BIGNUM *dv, BIGNUM *rem, const BIGNUM *m, BN_RECP_CTX *recp, BN_CTX *ctx); +/* Functions for arithmetic over binary polynomials represented by BIGNUMs. + * + * The BIGNUM::neg property of BIGNUMs representing binary polynomials is + * ignored. + * + * Note that input arguments are not const so that their bit arrays can + * be expanded to the appropriate size if needed. + */ + +int BN_GF2m_add(BIGNUM *r, const BIGNUM *a, const BIGNUM *b); /*r = a + b*/ +#define BN_GF2m_sub(r, a, b) BN_GF2m_add(r, a, b) +int BN_GF2m_mod(BIGNUM *r, const BIGNUM *a, const BIGNUM *p); /*r=a mod p*/ +int BN_GF2m_mod_mul(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, + const BIGNUM *p, BN_CTX *ctx); /* r = (a * b) mod p */ +int BN_GF2m_mod_sqr(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, + BN_CTX *ctx); /* r = (a * a) mod p */ +int BN_GF2m_mod_inv(BIGNUM *r, const BIGNUM *b, const BIGNUM *p, + BN_CTX *ctx); /* r = (1 / b) mod p */ +int BN_GF2m_mod_div(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, + const BIGNUM *p, BN_CTX *ctx); /* r = (a / b) mod p */ +int BN_GF2m_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, + const BIGNUM *p, BN_CTX *ctx); /* r = (a ^ b) mod p */ +int BN_GF2m_mod_sqrt(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, + BN_CTX *ctx); /* r = sqrt(a) mod p */ +int BN_GF2m_mod_solve_quad(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, + BN_CTX *ctx); /* r^2 + r = a mod p */ +#define BN_GF2m_cmp(a, b) BN_ucmp((a), (b)) +/* Some functions allow for representation of the irreducible polynomials + * as an unsigned int[], say p. The irreducible f(t) is then of the form: + * t^p[0] + t^p[1] + ... + t^p[k] + * where m = p[0] > p[1] > ... > p[k] = 0. + */ +int BN_GF2m_mod_arr(BIGNUM *r, const BIGNUM *a, const unsigned int p[]); + /* r = a mod p */ +int BN_GF2m_mod_mul_arr(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, + const unsigned int p[], BN_CTX *ctx); /* r = (a * b) mod p */ +int BN_GF2m_mod_sqr_arr(BIGNUM *r, const BIGNUM *a, const unsigned int p[], + BN_CTX *ctx); /* r = (a * a) mod p */ +int BN_GF2m_mod_inv_arr(BIGNUM *r, const BIGNUM *b, const unsigned int p[], + BN_CTX *ctx); /* r = (1 / b) mod p */ +int BN_GF2m_mod_div_arr(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, + const unsigned int p[], BN_CTX *ctx); /* r = (a / b) mod p */ +int BN_GF2m_mod_exp_arr(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, + const unsigned int p[], BN_CTX *ctx); /* r = (a ^ b) mod p */ +int BN_GF2m_mod_sqrt_arr(BIGNUM *r, const BIGNUM *a, + const unsigned int p[], BN_CTX *ctx); /* r = sqrt(a) mod p */ +int BN_GF2m_mod_solve_quad_arr(BIGNUM *r, const BIGNUM *a, + const unsigned int p[], BN_CTX *ctx); /* r^2 + r = a mod p */ +int BN_GF2m_poly2arr(const BIGNUM *a, unsigned int p[], int max); +int BN_GF2m_arr2poly(const unsigned int p[], BIGNUM *a); + +/* faster mod functions for the 'NIST primes' + * 0 <= a < p^2 */ +int BN_nist_mod_192(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx); +int BN_nist_mod_224(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx); +int BN_nist_mod_256(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx); +int BN_nist_mod_384(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx); +int BN_nist_mod_521(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx); + +const BIGNUM *BN_get0_nist_prime_192(void); +const BIGNUM *BN_get0_nist_prime_224(void); +const BIGNUM *BN_get0_nist_prime_256(void); +const BIGNUM *BN_get0_nist_prime_384(void); +const BIGNUM *BN_get0_nist_prime_521(void); + /* library internal functions */ #define bn_expand(a,bits) ((((((bits+BN_BITS2-1))/BN_BITS2)) <= (a)->dmax)?\ - (a):bn_expand2((a),(bits)/BN_BITS2+1)) + (a):bn_expand2((a),(bits+BN_BITS2-1)/BN_BITS2)) #define bn_wexpand(a,words) (((words) <= (a)->dmax)?(a):bn_expand2((a),(words))) BIGNUM *bn_expand2(BIGNUM *a, int words); -BIGNUM *bn_dup_expand(const BIGNUM *a, int words); +#ifndef OPENSSL_NO_DEPRECATED +BIGNUM *bn_dup_expand(const BIGNUM *a, int words); /* unused */ +#endif + +/* Bignum consistency macros + * There is one "API" macro, bn_fix_top(), for stripping leading zeroes from + * bignum data after direct manipulations on the data. There is also an + * "internal" macro, bn_check_top(), for verifying that there are no leading + * zeroes. Unfortunately, some auditing is required due to the fact that + * bn_fix_top() has become an overabused duct-tape because bignum data is + * occasionally passed around in an inconsistent state. So the following + * changes have been made to sort this out; + * - bn_fix_top()s implementation has been moved to bn_correct_top() + * - if BN_DEBUG isn't defined, bn_fix_top() maps to bn_correct_top(), and + * bn_check_top() is as before. + * - if BN_DEBUG *is* defined; + * - bn_check_top() tries to pollute unused words even if the bignum 'top' is + * consistent. (ed: only if BN_DEBUG_RAND is defined) + * - bn_fix_top() maps to bn_check_top() rather than "fixing" anything. + * The idea is to have debug builds flag up inconsistent bignums when they + * occur. If that occurs in a bn_fix_top(), we examine the code in question; if + * the use of bn_fix_top() was appropriate (ie. it follows directly after code + * that manipulates the bignum) it is converted to bn_correct_top(), and if it + * was not appropriate, we convert it permanently to bn_check_top() and track + * down the cause of the bug. Eventually, no internal code should be using the + * bn_fix_top() macro. External applications and libraries should try this with + * their own code too, both in terms of building against the openssl headers + * with BN_DEBUG defined *and* linking with a version of OpenSSL built with it + * defined. This not only improves external code, it provides more test + * coverage for openssl's own code. + */ + +#ifdef BN_DEBUG -#define bn_fix_top(a) \ +/* We only need assert() when debugging */ +#include + +#ifdef BN_DEBUG_RAND +/* To avoid "make update" cvs wars due to BN_DEBUG, use some tricks */ +#ifndef RAND_pseudo_bytes +int RAND_pseudo_bytes(unsigned char *buf,int num); +#define BN_DEBUG_TRIX +#endif +#define bn_pollute(a) \ + do { \ + const BIGNUM *_bnum1 = (a); \ + if(_bnum1->top < _bnum1->dmax) { \ + unsigned char _tmp_char; \ + /* We cast away const without the compiler knowing, any \ + * *genuinely* constant variables that aren't mutable \ + * wouldn't be constructed with top!=dmax. */ \ + BN_ULONG *_not_const; \ + memcpy(&_not_const, &_bnum1->d, sizeof(BN_ULONG*)); \ + RAND_pseudo_bytes(&_tmp_char, 1); \ + memset((unsigned char *)(_not_const + _bnum1->top), _tmp_char, \ + (_bnum1->dmax - _bnum1->top) * sizeof(BN_ULONG)); \ + } \ + } while(0) +#ifdef BN_DEBUG_TRIX +#undef RAND_pseudo_bytes +#endif +#else +#define bn_pollute(a) +#endif +#define bn_check_top(a) \ + do { \ + const BIGNUM *_bnum2 = (a); \ + if (_bnum2 != NULL) { \ + assert((_bnum2->top == 0) || \ + (_bnum2->d[_bnum2->top - 1] != 0)); \ + bn_pollute(_bnum2); \ + } \ + } while(0) + +#define bn_fix_top(a) bn_check_top(a) + +#else /* !BN_DEBUG */ + +#define bn_pollute(a) +#define bn_check_top(a) +#define bn_fix_top(a) bn_correct_top(a) + +#endif + +#define bn_correct_top(a) \ { \ BN_ULONG *ftl; \ if ((a)->top > 0) \ @@ -501,6 +745,7 @@ BIGNUM *bn_dup_expand(const BIGNUM *a, int words); for (ftl= &((a)->d[(a)->top-1]); (a)->top > 0; (a)->top--) \ if (*(ftl--)) break; \ } \ + bn_pollute(a); \ } BN_ULONG bn_mul_add_words(BN_ULONG *rp, const BN_ULONG *ap, int num, BN_ULONG w); @@ -510,15 +755,17 @@ BN_ULONG bn_div_words(BN_ULONG h, BN_ULONG l, BN_ULONG d); BN_ULONG bn_add_words(BN_ULONG *rp, const BN_ULONG *ap, const BN_ULONG *bp,int num); BN_ULONG bn_sub_words(BN_ULONG *rp, const BN_ULONG *ap, const BN_ULONG *bp,int num); -#ifdef BN_DEBUG -void bn_dump1(FILE *o, const char *a, const BN_ULONG *b,int n); -# define bn_print(a) {fprintf(stderr, #a "="); BN_print_fp(stderr,a); \ - fprintf(stderr,"\n");} -# define bn_dump(a,n) bn_dump1(stderr,#a,a,n); -#else -# define bn_print(a) -# define bn_dump(a,b) -#endif +/* Primes from RFC 2409 */ +BIGNUM *get_rfc2409_prime_768(BIGNUM *bn); +BIGNUM *get_rfc2409_prime_1024(BIGNUM *bn); + +/* Primes from RFC 3526 */ +BIGNUM *get_rfc3526_prime_1536(BIGNUM *bn); +BIGNUM *get_rfc3526_prime_2048(BIGNUM *bn); +BIGNUM *get_rfc3526_prime_3072(BIGNUM *bn); +BIGNUM *get_rfc3526_prime_4096(BIGNUM *bn); +BIGNUM *get_rfc3526_prime_6144(BIGNUM *bn); +BIGNUM *get_rfc3526_prime_8192(BIGNUM *bn); int BN_bntest_rand(BIGNUM *rnd, int bits, int top,int bottom); @@ -531,18 +778,30 @@ void ERR_load_BN_strings(void); /* Error codes for the BN functions. */ /* Function codes. */ -#define BN_F_BN_BLINDING_CONVERT 100 -#define BN_F_BN_BLINDING_INVERT 101 +#define BN_F_BNRAND 127 +#define BN_F_BN_BLINDING_CONVERT_EX 100 +#define BN_F_BN_BLINDING_CREATE_PARAM 128 +#define BN_F_BN_BLINDING_INVERT_EX 101 #define BN_F_BN_BLINDING_NEW 102 #define BN_F_BN_BLINDING_UPDATE 103 #define BN_F_BN_BN2DEC 104 #define BN_F_BN_BN2HEX 105 #define BN_F_BN_CTX_GET 116 #define BN_F_BN_CTX_NEW 106 +#define BN_F_BN_CTX_START 129 #define BN_F_BN_DIV 107 +#define BN_F_BN_DIV_NO_BRANCH 138 +#define BN_F_BN_DIV_RECP 130 #define BN_F_BN_EXP 123 #define BN_F_BN_EXPAND2 108 #define BN_F_BN_EXPAND_INTERNAL 120 +#define BN_F_BN_GF2M_MOD 131 +#define BN_F_BN_GF2M_MOD_EXP 132 +#define BN_F_BN_GF2M_MOD_MUL 133 +#define BN_F_BN_GF2M_MOD_SOLVE_QUAD 134 +#define BN_F_BN_GF2M_MOD_SOLVE_QUAD_ARR 135 +#define BN_F_BN_GF2M_MOD_SQR 136 +#define BN_F_BN_GF2M_MOD_SQRT 137 #define BN_F_BN_MOD_EXP2_MONT 118 #define BN_F_BN_MOD_EXP_MONT 109 #define BN_F_BN_MOD_EXP_MONT_CONSTTIME 124 @@ -550,6 +809,7 @@ void ERR_load_BN_strings(void); #define BN_F_BN_MOD_EXP_RECP 125 #define BN_F_BN_MOD_EXP_SIMPLE 126 #define BN_F_BN_MOD_INVERSE 110 +#define BN_F_BN_MOD_INVERSE_NO_BRANCH 139 #define BN_F_BN_MOD_LSHIFT_QUICK 119 #define BN_F_BN_MOD_MUL_RECIPROCAL 111 #define BN_F_BN_MOD_SQRT 121 @@ -573,6 +833,7 @@ void ERR_load_BN_strings(void); #define BN_R_NOT_A_SQUARE 111 #define BN_R_NOT_INITIALIZED 107 #define BN_R_NO_INVERSE 108 +#define BN_R_NO_SOLUTION 116 #define BN_R_P_IS_NOT_PRIME 112 #define BN_R_TOO_MANY_ITERATIONS 113 #define BN_R_TOO_MANY_TEMPORARY_VARIABLES 109 diff --git a/src/lib/libssl/src/crypto/bn/bn_add.c b/src/lib/libssl/src/crypto/bn/bn_add.c index 6cba07e9f6..9405163706 100644 --- a/src/lib/libssl/src/crypto/bn/bn_add.c +++ b/src/lib/libssl/src/crypto/bn/bn_add.c @@ -64,7 +64,7 @@ int BN_add(BIGNUM *r, const BIGNUM *a, const BIGNUM *b) { const BIGNUM *tmp; - int a_neg = a->neg; + int a_neg = a->neg, ret; bn_check_top(a); bn_check_top(b); @@ -95,20 +95,17 @@ int BN_add(BIGNUM *r, const BIGNUM *a, const BIGNUM *b) return(1); } - if (!BN_uadd(r,a,b)) return(0); - if (a_neg) /* both are neg */ - r->neg=1; - else - r->neg=0; - return(1); + ret = BN_uadd(r,a,b); + r->neg = a_neg; + bn_check_top(r); + return ret; } -/* unsigned add of b to a, r must be large enough */ +/* unsigned add of b to a */ int BN_uadd(BIGNUM *r, const BIGNUM *a, const BIGNUM *b) { - register int i; - int max,min; - BN_ULONG *ap,*bp,*rp,carry,t1; + int max,min,dif; + BN_ULONG *ap,*bp,*rp,carry,t1,t2; const BIGNUM *tmp; bn_check_top(a); @@ -116,11 +113,12 @@ int BN_uadd(BIGNUM *r, const BIGNUM *a, const BIGNUM *b) if (a->top < b->top) { tmp=a; a=b; b=tmp; } - max=a->top; - min=b->top; + max = a->top; + min = b->top; + dif = max - min; if (bn_wexpand(r,max+1) == NULL) - return(0); + return 0; r->top=max; @@ -128,46 +126,46 @@ int BN_uadd(BIGNUM *r, const BIGNUM *a, const BIGNUM *b) ap=a->d; bp=b->d; rp=r->d; - carry=0; carry=bn_add_words(rp,ap,bp,min); rp+=min; ap+=min; bp+=min; - i=min; if (carry) { - while (i < max) + while (dif) { - i++; - t1= *(ap++); - if ((*(rp++)=(t1+1)&BN_MASK2) >= t1) + dif--; + t1 = *(ap++); + t2 = (t1+1) & BN_MASK2; + *(rp++) = t2; + if (t2) { carry=0; break; } } - if ((i >= max) && carry) + if (carry) { - *(rp++)=1; + /* carry != 0 => dif == 0 */ + *rp = 1; r->top++; } } - if (rp != ap) - { - for (; ineg = 0; - return(1); + bn_check_top(r); + return 1; } /* unsigned subtraction of b from a, a must be larger than b. */ int BN_usub(BIGNUM *r, const BIGNUM *a, const BIGNUM *b) { - int max,min; + int max,min,dif; register BN_ULONG t1,t2,*ap,*bp,*rp; int i,carry; #if defined(IRIX_CC_BUG) && !defined(LINT) @@ -177,14 +175,16 @@ int BN_usub(BIGNUM *r, const BIGNUM *a, const BIGNUM *b) bn_check_top(a); bn_check_top(b); - if (a->top < b->top) /* hmm... should not be happening */ + max = a->top; + min = b->top; + dif = max - min; + + if (dif < 0) /* hmm... should not be happening */ { BNerr(BN_F_BN_USUB,BN_R_ARG2_LT_ARG3); return(0); } - max=a->top; - min=b->top; if (bn_wexpand(r,max) == NULL) return(0); ap=a->d; @@ -193,7 +193,7 @@ int BN_usub(BIGNUM *r, const BIGNUM *a, const BIGNUM *b) #if 1 carry=0; - for (i=0; i t2) break; + dif--; + t1 = *(ap++); + t2 = (t1-1)&BN_MASK2; + *(rp++) = t2; + if (t1) + break; } } #if 0 @@ -237,13 +240,13 @@ int BN_usub(BIGNUM *r, const BIGNUM *a, const BIGNUM *b) { for (;;) { - if (i++ >= max) break; + if (!dif--) break; rp[0]=ap[0]; - if (i++ >= max) break; + if (!dif--) break; rp[1]=ap[1]; - if (i++ >= max) break; + if (!dif--) break; rp[2]=ap[2]; - if (i++ >= max) break; + if (!dif--) break; rp[3]=ap[3]; rp+=4; ap+=4; @@ -253,7 +256,7 @@ int BN_usub(BIGNUM *r, const BIGNUM *a, const BIGNUM *b) r->top=max; r->neg=0; - bn_fix_top(r); + bn_correct_top(r); return(1); } @@ -304,6 +307,7 @@ int BN_sub(BIGNUM *r, const BIGNUM *a, const BIGNUM *b) if (!BN_usub(r,a,b)) return(0); r->neg=0; } + bn_check_top(r); return(1); } diff --git a/src/lib/libssl/src/crypto/bn/bn_asm.c b/src/lib/libssl/src/crypto/bn/bn_asm.c index 19978085b2..99bc2de491 100644 --- a/src/lib/libssl/src/crypto/bn/bn_asm.c +++ b/src/lib/libssl/src/crypto/bn/bn_asm.c @@ -459,6 +459,34 @@ BN_ULONG bn_sub_words(BN_ULONG *r, const BN_ULONG *a, const BN_ULONG *b, int n) #define sqr_add_c2(a,i,j,c0,c1,c2) \ mul_add_c2((a)[i],(a)[j],c0,c1,c2) +#elif defined(BN_UMULT_LOHI) + +#define mul_add_c(a,b,c0,c1,c2) { \ + BN_ULONG ta=(a),tb=(b); \ + BN_UMULT_LOHI(t1,t2,ta,tb); \ + c0 += t1; t2 += (c0A=BN_new()) == NULL) goto err; - if ((ret->Ai=BN_new()) == NULL) goto err; - if (!BN_copy(ret->A,A)) goto err; - if (!BN_copy(ret->Ai,Ai)) goto err; - ret->mod=mod; + if (A != NULL) + { + if ((ret->A = BN_dup(A)) == NULL) goto err; + } + if (Ai != NULL) + { + if ((ret->Ai = BN_dup(Ai)) == NULL) goto err; + } + + /* save a copy of mod in the BN_BLINDING structure */ + if ((ret->mod = BN_dup(mod)) == NULL) goto err; + if (BN_get_flags(mod, BN_FLG_CONSTTIME) != 0) + BN_set_flags(ret->mod, BN_FLG_CONSTTIME); + + ret->counter = BN_BLINDING_COUNTER; return(ret); err: if (ret != NULL) BN_BLINDING_free(ret); @@ -91,6 +171,8 @@ void BN_BLINDING_free(BN_BLINDING *r) if (r->A != NULL) BN_free(r->A ); if (r->Ai != NULL) BN_free(r->Ai); + if (r->e != NULL) BN_free(r->e ); + if (r->mod != NULL) BN_free(r->mod); OPENSSL_free(r); } @@ -103,42 +185,181 @@ int BN_BLINDING_update(BN_BLINDING *b, BN_CTX *ctx) BNerr(BN_F_BN_BLINDING_UPDATE,BN_R_NOT_INITIALIZED); goto err; } - - if (!BN_mod_mul(b->A,b->A,b->A,b->mod,ctx)) goto err; - if (!BN_mod_mul(b->Ai,b->Ai,b->Ai,b->mod,ctx)) goto err; + + if (--(b->counter) == 0 && b->e != NULL && + !(b->flags & BN_BLINDING_NO_RECREATE)) + { + /* re-create blinding parameters */ + if (!BN_BLINDING_create_param(b, NULL, NULL, ctx, NULL, NULL)) + goto err; + } + else if (!(b->flags & BN_BLINDING_NO_UPDATE)) + { + if (!BN_mod_mul(b->A,b->A,b->A,b->mod,ctx)) goto err; + if (!BN_mod_mul(b->Ai,b->Ai,b->Ai,b->mod,ctx)) goto err; + } ret=1; err: + if (b->counter == 0) + b->counter = BN_BLINDING_COUNTER; return(ret); } int BN_BLINDING_convert(BIGNUM *n, BN_BLINDING *b, BN_CTX *ctx) { + return BN_BLINDING_convert_ex(n, NULL, b, ctx); + } + +int BN_BLINDING_convert_ex(BIGNUM *n, BIGNUM *r, BN_BLINDING *b, BN_CTX *ctx) + { + int ret = 1; + bn_check_top(n); if ((b->A == NULL) || (b->Ai == NULL)) { - BNerr(BN_F_BN_BLINDING_CONVERT,BN_R_NOT_INITIALIZED); + BNerr(BN_F_BN_BLINDING_CONVERT_EX,BN_R_NOT_INITIALIZED); return(0); } - return(BN_mod_mul(n,n,b->A,b->mod,ctx)); + + if (r != NULL) + { + if (!BN_copy(r, b->Ai)) ret=0; + } + + if (!BN_mod_mul(n,n,b->A,b->mod,ctx)) ret=0; + + return ret; } int BN_BLINDING_invert(BIGNUM *n, BN_BLINDING *b, BN_CTX *ctx) + { + return BN_BLINDING_invert_ex(n, NULL, b, ctx); + } + +int BN_BLINDING_invert_ex(BIGNUM *n, const BIGNUM *r, BN_BLINDING *b, BN_CTX *ctx) { int ret; bn_check_top(n); if ((b->A == NULL) || (b->Ai == NULL)) { - BNerr(BN_F_BN_BLINDING_INVERT,BN_R_NOT_INITIALIZED); + BNerr(BN_F_BN_BLINDING_INVERT_EX,BN_R_NOT_INITIALIZED); return(0); } - if ((ret=BN_mod_mul(n,n,b->Ai,b->mod,ctx)) >= 0) + + if (r != NULL) + ret = BN_mod_mul(n, n, r, b->mod, ctx); + else + ret = BN_mod_mul(n, n, b->Ai, b->mod, ctx); + + if (ret >= 0) { if (!BN_BLINDING_update(b,ctx)) return(0); } + bn_check_top(n); return(ret); } +unsigned long BN_BLINDING_get_thread_id(const BN_BLINDING *b) + { + return b->thread_id; + } + +void BN_BLINDING_set_thread_id(BN_BLINDING *b, unsigned long n) + { + b->thread_id = n; + } + +unsigned long BN_BLINDING_get_flags(const BN_BLINDING *b) + { + return b->flags; + } + +void BN_BLINDING_set_flags(BN_BLINDING *b, unsigned long flags) + { + b->flags = flags; + } + +BN_BLINDING *BN_BLINDING_create_param(BN_BLINDING *b, + const BIGNUM *e, /* const */ BIGNUM *m, BN_CTX *ctx, + int (*bn_mod_exp)(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, + const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx), + BN_MONT_CTX *m_ctx) +{ + int retry_counter = 32; + BN_BLINDING *ret = NULL; + + if (b == NULL) + ret = BN_BLINDING_new(NULL, NULL, m); + else + ret = b; + + if (ret == NULL) + goto err; + + if (ret->A == NULL && (ret->A = BN_new()) == NULL) + goto err; + if (ret->Ai == NULL && (ret->Ai = BN_new()) == NULL) + goto err; + + if (e != NULL) + { + if (ret->e != NULL) + BN_free(ret->e); + ret->e = BN_dup(e); + } + if (ret->e == NULL) + goto err; + + if (bn_mod_exp != NULL) + ret->bn_mod_exp = bn_mod_exp; + if (m_ctx != NULL) + ret->m_ctx = m_ctx; + + do { + if (!BN_rand_range(ret->A, ret->mod)) goto err; + if (BN_mod_inverse(ret->Ai, ret->A, ret->mod, ctx) == NULL) + { + /* this should almost never happen for good RSA keys */ + unsigned long error = ERR_peek_last_error(); + if (ERR_GET_REASON(error) == BN_R_NO_INVERSE) + { + if (retry_counter-- == 0) + { + BNerr(BN_F_BN_BLINDING_CREATE_PARAM, + BN_R_TOO_MANY_ITERATIONS); + goto err; + } + ERR_clear_error(); + } + else + goto err; + } + else + break; + } while (1); + + if (ret->bn_mod_exp != NULL && ret->m_ctx != NULL) + { + if (!ret->bn_mod_exp(ret->A, ret->A, ret->e, ret->mod, ctx, ret->m_ctx)) + goto err; + } + else + { + if (!BN_mod_exp(ret->A, ret->A, ret->e, ret->mod, ctx)) + goto err; + } + + return ret; +err: + if (b == NULL && ret != NULL) + { + BN_BLINDING_free(ret); + ret = NULL; + } + + return ret; +} diff --git a/src/lib/libssl/src/crypto/bn/bn_ctx.c b/src/lib/libssl/src/crypto/bn/bn_ctx.c index 7daf19eb84..b3452f1a91 100644 --- a/src/lib/libssl/src/crypto/bn/bn_ctx.c +++ b/src/lib/libssl/src/crypto/bn/bn_ctx.c @@ -1,7 +1,7 @@ /* crypto/bn/bn_ctx.c */ /* Written by Ulf Moeller for the OpenSSL project. */ /* ==================================================================== - * Copyright (c) 1998-2000 The OpenSSL Project. All rights reserved. + * Copyright (c) 1998-2004 The OpenSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -54,9 +54,10 @@ * */ -#ifndef BN_CTX_DEBUG -# undef NDEBUG /* avoid conflicting definitions */ -# define NDEBUG +#if !defined(BN_CTX_DEBUG) && !defined(BN_DEBUG) +#ifndef NDEBUG +#define NDEBUG +#endif #endif #include @@ -65,91 +66,389 @@ #include "cryptlib.h" #include "bn_lcl.h" +/* TODO list + * + * 1. Check a bunch of "(words+1)" type hacks in various bignum functions and + * check they can be safely removed. + * - Check +1 and other ugliness in BN_from_montgomery() + * + * 2. Consider allowing a BN_new_ex() that, at least, lets you specify an + * appropriate 'block' size that will be honoured by bn_expand_internal() to + * prevent piddly little reallocations. OTOH, profiling bignum expansions in + * BN_CTX doesn't show this to be a big issue. + */ + +/* How many bignums are in each "pool item"; */ +#define BN_CTX_POOL_SIZE 16 +/* The stack frame info is resizing, set a first-time expansion size; */ +#define BN_CTX_START_FRAMES 32 -BN_CTX *BN_CTX_new(void) +/***********/ +/* BN_POOL */ +/***********/ + +/* A bundle of bignums that can be linked with other bundles */ +typedef struct bignum_pool_item + { + /* The bignum values */ + BIGNUM vals[BN_CTX_POOL_SIZE]; + /* Linked-list admin */ + struct bignum_pool_item *prev, *next; + } BN_POOL_ITEM; +/* A linked-list of bignums grouped in bundles */ +typedef struct bignum_pool + { + /* Linked-list admin */ + BN_POOL_ITEM *head, *current, *tail; + /* Stack depth and allocation size */ + unsigned used, size; + } BN_POOL; +static void BN_POOL_init(BN_POOL *); +static void BN_POOL_finish(BN_POOL *); +#ifndef OPENSSL_NO_DEPRECATED +static void BN_POOL_reset(BN_POOL *); +#endif +static BIGNUM * BN_POOL_get(BN_POOL *); +static void BN_POOL_release(BN_POOL *, unsigned int); + +/************/ +/* BN_STACK */ +/************/ + +/* A wrapper to manage the "stack frames" */ +typedef struct bignum_ctx_stack { - BN_CTX *ret; + /* Array of indexes into the bignum stack */ + unsigned int *indexes; + /* Number of stack frames, and the size of the allocated array */ + unsigned int depth, size; + } BN_STACK; +static void BN_STACK_init(BN_STACK *); +static void BN_STACK_finish(BN_STACK *); +#ifndef OPENSSL_NO_DEPRECATED +static void BN_STACK_reset(BN_STACK *); +#endif +static int BN_STACK_push(BN_STACK *, unsigned int); +static unsigned int BN_STACK_pop(BN_STACK *); + +/**********/ +/* BN_CTX */ +/**********/ + +/* The opaque BN_CTX type */ +struct bignum_ctx + { + /* The bignum bundles */ + BN_POOL pool; + /* The "stack frames", if you will */ + BN_STACK stack; + /* The number of bignums currently assigned */ + unsigned int used; + /* Depth of stack overflow */ + int err_stack; + /* Block "gets" until an "end" (compatibility behaviour) */ + int too_many; + }; - ret=(BN_CTX *)OPENSSL_malloc(sizeof(BN_CTX)); - if (ret == NULL) +/* Enable this to find BN_CTX bugs */ +#ifdef BN_CTX_DEBUG +static const char *ctxdbg_cur = NULL; +static void ctxdbg(BN_CTX *ctx) + { + unsigned int bnidx = 0, fpidx = 0; + BN_POOL_ITEM *item = ctx->pool.head; + BN_STACK *stack = &ctx->stack; + fprintf(stderr,"(%08x): ", (unsigned int)ctx); + while(bnidx < ctx->used) { - BNerr(BN_F_BN_CTX_NEW,ERR_R_MALLOC_FAILURE); - return(NULL); + fprintf(stderr,"%02x ", item->vals[bnidx++ % BN_CTX_POOL_SIZE].dmax); + if(!(bnidx % BN_CTX_POOL_SIZE)) + item = item->next; } - - BN_CTX_init(ret); - ret->flags=BN_FLG_MALLOCED; - return(ret); + fprintf(stderr,"\n"); + bnidx = 0; + fprintf(stderr," : "); + while(fpidx < stack->depth) + { + while(bnidx++ < stack->indexes[fpidx]) + fprintf(stderr," "); + fprintf(stderr,"^^ "); + bnidx++; + fpidx++; + } + fprintf(stderr,"\n"); } +#define CTXDBG_ENTRY(str, ctx) do { \ + ctxdbg_cur = (str); \ + fprintf(stderr,"Starting %s\n", ctxdbg_cur); \ + ctxdbg(ctx); \ + } while(0) +#define CTXDBG_EXIT(ctx) do { \ + fprintf(stderr,"Ending %s\n", ctxdbg_cur); \ + ctxdbg(ctx); \ + } while(0) +#define CTXDBG_RET(ctx,ret) +#else +#define CTXDBG_ENTRY(str, ctx) +#define CTXDBG_EXIT(ctx) +#define CTXDBG_RET(ctx,ret) +#endif +/* This function is an evil legacy and should not be used. This implementation + * is WYSIWYG, though I've done my best. */ +#ifndef OPENSSL_NO_DEPRECATED void BN_CTX_init(BN_CTX *ctx) { -#if 0 /* explicit version */ - int i; - ctx->tos = 0; - ctx->flags = 0; - ctx->depth = 0; + /* Assume the caller obtained the context via BN_CTX_new() and so is + * trying to reset it for use. Nothing else makes sense, least of all + * binary compatibility from a time when they could declare a static + * variable. */ + BN_POOL_reset(&ctx->pool); + BN_STACK_reset(&ctx->stack); + ctx->used = 0; + ctx->err_stack = 0; ctx->too_many = 0; - for (i = 0; i < BN_CTX_NUM; i++) - BN_init(&(ctx->bn[i])); -#else - memset(ctx, 0, sizeof *ctx); + } #endif + +BN_CTX *BN_CTX_new(void) + { + BN_CTX *ret = OPENSSL_malloc(sizeof(BN_CTX)); + if(!ret) + { + BNerr(BN_F_BN_CTX_NEW,ERR_R_MALLOC_FAILURE); + return NULL; + } + /* Initialise the structure */ + BN_POOL_init(&ret->pool); + BN_STACK_init(&ret->stack); + ret->used = 0; + ret->err_stack = 0; + ret->too_many = 0; + return ret; } void BN_CTX_free(BN_CTX *ctx) { - int i; - - if (ctx == NULL) return; - assert(ctx->depth == 0); - - for (i=0; i < BN_CTX_NUM; i++) - BN_clear_free(&(ctx->bn[i])); - if (ctx->flags & BN_FLG_MALLOCED) - OPENSSL_free(ctx); + if (ctx == NULL) + return; +#ifdef BN_CTX_DEBUG + { + BN_POOL_ITEM *pool = ctx->pool.head; + fprintf(stderr,"BN_CTX_free, stack-size=%d, pool-bignums=%d\n", + ctx->stack.size, ctx->pool.size); + fprintf(stderr,"dmaxs: "); + while(pool) { + unsigned loop = 0; + while(loop < BN_CTX_POOL_SIZE) + fprintf(stderr,"%02x ", pool->vals[loop++].dmax); + pool = pool->next; + } + fprintf(stderr,"\n"); + } +#endif + BN_STACK_finish(&ctx->stack); + BN_POOL_finish(&ctx->pool); + OPENSSL_free(ctx); } void BN_CTX_start(BN_CTX *ctx) { - if (ctx->depth < BN_CTX_NUM_POS) - ctx->pos[ctx->depth] = ctx->tos; - ctx->depth++; + CTXDBG_ENTRY("BN_CTX_start", ctx); + /* If we're already overflowing ... */ + if(ctx->err_stack || ctx->too_many) + ctx->err_stack++; + /* (Try to) get a new frame pointer */ + else if(!BN_STACK_push(&ctx->stack, ctx->used)) + { + BNerr(BN_F_BN_CTX_START,BN_R_TOO_MANY_TEMPORARY_VARIABLES); + ctx->err_stack++; + } + CTXDBG_EXIT(ctx); } +void BN_CTX_end(BN_CTX *ctx) + { + CTXDBG_ENTRY("BN_CTX_end", ctx); + if(ctx->err_stack) + ctx->err_stack--; + else + { + unsigned int fp = BN_STACK_pop(&ctx->stack); + /* Does this stack frame have anything to release? */ + if(fp < ctx->used) + BN_POOL_release(&ctx->pool, ctx->used - fp); + ctx->used = fp; + /* Unjam "too_many" in case "get" had failed */ + ctx->too_many = 0; + } + CTXDBG_EXIT(ctx); + } BIGNUM *BN_CTX_get(BN_CTX *ctx) { - /* Note: If BN_CTX_get is ever changed to allocate BIGNUMs dynamically, - * make sure that if BN_CTX_get fails once it will return NULL again - * until BN_CTX_end is called. (This is so that callers have to check - * only the last return value.) - */ - if (ctx->depth > BN_CTX_NUM_POS || ctx->tos >= BN_CTX_NUM) + BIGNUM *ret; + CTXDBG_ENTRY("BN_CTX_get", ctx); + if(ctx->err_stack || ctx->too_many) return NULL; + if((ret = BN_POOL_get(&ctx->pool)) == NULL) + { + /* Setting too_many prevents repeated "get" attempts from + * cluttering the error stack. */ + ctx->too_many = 1; + BNerr(BN_F_BN_CTX_GET,BN_R_TOO_MANY_TEMPORARY_VARIABLES); + return NULL; + } + /* OK, make sure the returned bignum is "zero" */ + BN_zero(ret); + ctx->used++; + CTXDBG_RET(ctx, ret); + return ret; + } + +/************/ +/* BN_STACK */ +/************/ + +static void BN_STACK_init(BN_STACK *st) + { + st->indexes = NULL; + st->depth = st->size = 0; + } + +static void BN_STACK_finish(BN_STACK *st) + { + if(st->size) OPENSSL_free(st->indexes); + } + +#ifndef OPENSSL_NO_DEPRECATED +static void BN_STACK_reset(BN_STACK *st) + { + st->depth = 0; + } +#endif + +static int BN_STACK_push(BN_STACK *st, unsigned int idx) + { + if(st->depth == st->size) + /* Need to expand */ + { + unsigned int newsize = (st->size ? + (st->size * 3 / 2) : BN_CTX_START_FRAMES); + unsigned int *newitems = OPENSSL_malloc(newsize * + sizeof(unsigned int)); + if(!newitems) return 0; + if(st->depth) + memcpy(newitems, st->indexes, st->depth * + sizeof(unsigned int)); + if(st->size) OPENSSL_free(st->indexes); + st->indexes = newitems; + st->size = newsize; + } + st->indexes[(st->depth)++] = idx; + return 1; + } + +static unsigned int BN_STACK_pop(BN_STACK *st) + { + return st->indexes[--(st->depth)]; + } + +/***********/ +/* BN_POOL */ +/***********/ + +static void BN_POOL_init(BN_POOL *p) + { + p->head = p->current = p->tail = NULL; + p->used = p->size = 0; + } + +static void BN_POOL_finish(BN_POOL *p) + { + while(p->head) { - if (!ctx->too_many) + unsigned int loop = 0; + BIGNUM *bn = p->head->vals; + while(loop++ < BN_CTX_POOL_SIZE) { - BNerr(BN_F_BN_CTX_GET,BN_R_TOO_MANY_TEMPORARY_VARIABLES); - /* disable error code until BN_CTX_end is called: */ - ctx->too_many = 1; + if(bn->d) BN_clear_free(bn); + bn++; } - return NULL; + p->current = p->head->next; + OPENSSL_free(p->head); + p->head = p->current; } - return (&(ctx->bn[ctx->tos++])); } -void BN_CTX_end(BN_CTX *ctx) +#ifndef OPENSSL_NO_DEPRECATED +static void BN_POOL_reset(BN_POOL *p) { - if (ctx == NULL) return; - assert(ctx->depth > 0); - if (ctx->depth == 0) - /* should never happen, but we can tolerate it if not in - * debug mode (could be a 'goto err' in the calling function - * before BN_CTX_start was reached) */ - BN_CTX_start(ctx); + BN_POOL_ITEM *item = p->head; + while(item) + { + unsigned int loop = 0; + BIGNUM *bn = item->vals; + while(loop++ < BN_CTX_POOL_SIZE) + { + if(bn->d) BN_clear(bn); + bn++; + } + item = item->next; + } + p->current = p->head; + p->used = 0; + } +#endif - ctx->too_many = 0; - ctx->depth--; - if (ctx->depth < BN_CTX_NUM_POS) - ctx->tos = ctx->pos[ctx->depth]; +static BIGNUM *BN_POOL_get(BN_POOL *p) + { + if(p->used == p->size) + { + BIGNUM *bn; + unsigned int loop = 0; + BN_POOL_ITEM *item = OPENSSL_malloc(sizeof(BN_POOL_ITEM)); + if(!item) return NULL; + /* Initialise the structure */ + bn = item->vals; + while(loop++ < BN_CTX_POOL_SIZE) + BN_init(bn++); + item->prev = p->tail; + item->next = NULL; + /* Link it in */ + if(!p->head) + p->head = p->current = p->tail = item; + else + { + p->tail->next = item; + p->tail = item; + p->current = item; + } + p->size += BN_CTX_POOL_SIZE; + p->used++; + /* Return the first bignum from the new pool */ + return item->vals; + } + if(!p->used) + p->current = p->head; + else if((p->used % BN_CTX_POOL_SIZE) == 0) + p->current = p->current->next; + return p->current->vals + ((p->used++) % BN_CTX_POOL_SIZE); + } + +static void BN_POOL_release(BN_POOL *p, unsigned int num) + { + unsigned int offset = (p->used - 1) % BN_CTX_POOL_SIZE; + p->used -= num; + while(num--) + { + bn_check_top(p->current->vals + offset); + if(!offset) + { + offset = BN_CTX_POOL_SIZE - 1; + p->current = p->current->prev; + } + else + offset--; + } } + diff --git a/src/lib/libssl/src/crypto/bn/bn_div.c b/src/lib/libssl/src/crypto/bn/bn_div.c index 580d1201bc..8655eb118e 100644 --- a/src/lib/libssl/src/crypto/bn/bn_div.c +++ b/src/lib/libssl/src/crypto/bn/bn_div.c @@ -169,22 +169,31 @@ int BN_div(BIGNUM *dv, BIGNUM *rem, const BIGNUM *m, const BIGNUM *d, #endif /* OPENSSL_NO_ASM */ -/* BN_div computes dv := num / divisor, rounding towards zero, and sets up - * rm such that dv*divisor + rm = num holds. +/* BN_div[_no_branch] computes dv := num / divisor, rounding towards + * zero, and sets up rm such that dv*divisor + rm = num holds. * Thus: * dv->neg == num->neg ^ divisor->neg (unless the result is zero) * rm->neg == num->neg (unless the remainder is zero) * If 'dv' or 'rm' is NULL, the respective value is not returned. */ +static int BN_div_no_branch(BIGNUM *dv, BIGNUM *rm, const BIGNUM *num, + const BIGNUM *divisor, BN_CTX *ctx); int BN_div(BIGNUM *dv, BIGNUM *rm, const BIGNUM *num, const BIGNUM *divisor, BN_CTX *ctx) { - int norm_shift,i,j,loop; + int norm_shift,i,loop; BIGNUM *tmp,wnum,*snum,*sdiv,*res; BN_ULONG *resp,*wnump; BN_ULONG d0,d1; int num_n,div_n; + if ((BN_get_flags(num, BN_FLG_CONSTTIME) != 0) || (BN_get_flags(divisor, BN_FLG_CONSTTIME) != 0)) + { + return BN_div_no_branch(dv, rm, num, divisor, ctx); + } + + bn_check_top(dv); + bn_check_top(rm); bn_check_top(num); bn_check_top(divisor); @@ -210,7 +219,6 @@ int BN_div(BIGNUM *dv, BIGNUM *rm, const BIGNUM *num, const BIGNUM *divisor, res=BN_CTX_get(ctx); else res=dv; if (sdiv == NULL || res == NULL) goto err; - tmp->neg=0; /* First we normalise the numbers */ norm_shift=BN_BITS2-((BN_num_bits(divisor))%BN_BITS2); @@ -222,17 +230,17 @@ int BN_div(BIGNUM *dv, BIGNUM *rm, const BIGNUM *num, const BIGNUM *divisor, div_n=sdiv->top; num_n=snum->top; loop=num_n-div_n; - /* Lets setup a 'window' into snum * This is the part that corresponds to the current * 'area' being divided */ - BN_init(&wnum); - wnum.d= &(snum->d[loop]); - wnum.top= div_n; - wnum.dmax= snum->dmax+1; /* a bit of a lie */ + wnum.neg = 0; + wnum.d = &(snum->d[loop]); + wnum.top = div_n; + /* only needed when BN_ucmp messes up the values between top and max */ + wnum.dmax = snum->dmax - loop; /* so we don't step out of bounds */ /* Get the top 2 words of sdiv */ - /* i=sdiv->top; */ + /* div_n=sdiv->top; */ d0=sdiv->d[div_n-1]; d1=(div_n == 1)?0:sdiv->d[div_n-2]; @@ -250,19 +258,28 @@ int BN_div(BIGNUM *dv, BIGNUM *rm, const BIGNUM *num, const BIGNUM *divisor, if (BN_ucmp(&wnum,sdiv) >= 0) { - if (!BN_usub(&wnum,&wnum,sdiv)) goto err; + /* If BN_DEBUG_RAND is defined BN_ucmp changes (via + * bn_pollute) the const bignum arguments => + * clean the values between top and max again */ + bn_clear_top2max(&wnum); + bn_sub_words(wnum.d, wnum.d, sdiv->d, div_n); *resp=1; - res->d[res->top-1]=1; } else res->top--; + /* if res->top == 0 then clear the neg value otherwise decrease + * the resp pointer */ if (res->top == 0) res->neg = 0; - resp--; + else + resp--; - for (i=0; i 0x%08X\n", #endif /* !BN_DIV3W */ l0=bn_mul_words(tmp->d,sdiv->d,div_n,q); - wnum.d--; wnum.top++; tmp->d[div_n]=l0; - for (j=div_n+1; j>0; j--) - if (tmp->d[j-1]) break; - tmp->top=j; + wnum.d--; + /* ingore top values of the bignums just sub the two + * BN_ULONG arrays with bn_sub_words */ + if (bn_sub_words(wnum.d, wnum.d, tmp->d, div_n+1)) + { + /* Note: As we have considered only the leading + * two BN_ULONGs in the calculation of q, sdiv * q + * might be greater than wnum (but then (q-1) * sdiv + * is less or equal than wnum) + */ + q--; + if (bn_add_words(wnum.d, wnum.d, sdiv->d, div_n)) + /* we can't have an overflow here (assuming + * that q != 0, but if q == 0 then tmp is + * zero anyway) */ + (*wnump)++; + } + /* store part of the result */ + *resp = q; + } + bn_correct_top(snum); + if (rm != NULL) + { + /* Keep a copy of the neg flag in num because if rm==num + * BN_rshift() will overwrite it. + */ + int neg = num->neg; + BN_rshift(rm,snum,norm_shift); + if (!BN_is_zero(rm)) + rm->neg = neg; + bn_check_top(rm); + } + BN_CTX_end(ctx); + return(1); +err: + bn_check_top(rm); + BN_CTX_end(ctx); + return(0); + } + + +/* BN_div_no_branch is a special version of BN_div. It does not contain + * branches that may leak sensitive information. + */ +static int BN_div_no_branch(BIGNUM *dv, BIGNUM *rm, const BIGNUM *num, + const BIGNUM *divisor, BN_CTX *ctx) + { + int norm_shift,i,loop; + BIGNUM *tmp,wnum,*snum,*sdiv,*res; + BN_ULONG *resp,*wnump; + BN_ULONG d0,d1; + int num_n,div_n; + + bn_check_top(dv); + bn_check_top(rm); + bn_check_top(num); + bn_check_top(divisor); + + if (BN_is_zero(divisor)) + { + BNerr(BN_F_BN_DIV_NO_BRANCH,BN_R_DIV_BY_ZERO); + return(0); + } + + BN_CTX_start(ctx); + tmp=BN_CTX_get(ctx); + snum=BN_CTX_get(ctx); + sdiv=BN_CTX_get(ctx); + if (dv == NULL) + res=BN_CTX_get(ctx); + else res=dv; + if (sdiv == NULL || res == NULL) goto err; + + /* First we normalise the numbers */ + norm_shift=BN_BITS2-((BN_num_bits(divisor))%BN_BITS2); + if (!(BN_lshift(sdiv,divisor,norm_shift))) goto err; + sdiv->neg=0; + norm_shift+=BN_BITS2; + if (!(BN_lshift(snum,num,norm_shift))) goto err; + snum->neg=0; + + /* Since we don't know whether snum is larger than sdiv, + * we pad snum with enough zeroes without changing its + * value. + */ + if (snum->top <= sdiv->top+1) + { + if (bn_wexpand(snum, sdiv->top + 2) == NULL) goto err; + for (i = snum->top; i < sdiv->top + 2; i++) snum->d[i] = 0; + snum->top = sdiv->top + 2; + } + else + { + if (bn_wexpand(snum, snum->top + 1) == NULL) goto err; + snum->d[snum->top] = 0; + snum->top ++; + } + + div_n=sdiv->top; + num_n=snum->top; + loop=num_n-div_n; + /* Lets setup a 'window' into snum + * This is the part that corresponds to the current + * 'area' being divided */ + wnum.neg = 0; + wnum.d = &(snum->d[loop]); + wnum.top = div_n; + /* only needed when BN_ucmp messes up the values between top and max */ + wnum.dmax = snum->dmax - loop; /* so we don't step out of bounds */ + + /* Get the top 2 words of sdiv */ + /* div_n=sdiv->top; */ + d0=sdiv->d[div_n-1]; + d1=(div_n == 1)?0:sdiv->d[div_n-2]; + + /* pointer to the 'top' of snum */ + wnump= &(snum->d[num_n-1]); + + /* Setup to 'res' */ + res->neg= (num->neg^divisor->neg); + if (!bn_wexpand(res,(loop+1))) goto err; + res->top=loop-1; + resp= &(res->d[loop-1]); + + /* space for temp */ + if (!bn_wexpand(tmp,(div_n+1))) goto err; + + /* if res->top == 0 then clear the neg value otherwise decrease + * the resp pointer */ + if (res->top == 0) + res->neg = 0; + else + resp--; + + for (i=0; i 0x%08X\n", + n0, n1, d0, q); +#endif +#endif + +#ifndef REMAINDER_IS_ALREADY_CALCULATED + /* + * rem doesn't have to be BN_ULLONG. The least we + * know it's less that d0, isn't it? + */ + rem=(n1-q*d0)&BN_MASK2; +#endif + t2=(BN_ULLONG)d1*q; + + for (;;) + { + if (t2 <= ((((BN_ULLONG)rem)< 0x%08X\n", + n0, n1, d0, q); +#endif +#ifndef REMAINDER_IS_ALREADY_CALCULATED + rem=(n1-q*d0)&BN_MASK2; +#endif - j=wnum.top; - if (!BN_sub(&wnum,&wnum,tmp)) goto err; +#if defined(BN_UMULT_LOHI) + BN_UMULT_LOHI(t2l,t2h,d1,q); +#elif defined(BN_UMULT_HIGH) + t2l = d1 * q; + t2h = BN_UMULT_HIGH(d1,q); +#else + t2l=LBITS(d1); t2h=HBITS(d1); + ql =LBITS(q); qh =HBITS(q); + mul64(t2l,t2h,ql,qh); /* t2=(BN_ULLONG)d1*q; */ +#endif - snum->top=snum->top+wnum.top-j; + for (;;) + { + if ((t2h < rem) || + ((t2h == rem) && (t2l <= wnump[-2]))) + break; + q--; + rem += d0; + if (rem < d0) break; /* don't let rem overflow */ + if (t2l < d1) t2h--; t2l -= d1; + } +#endif /* !BN_LLONG */ + } +#endif /* !BN_DIV3W */ - if (wnum.neg) + l0=bn_mul_words(tmp->d,sdiv->d,div_n,q); + tmp->d[div_n]=l0; + wnum.d--; + /* ingore top values of the bignums just sub the two + * BN_ULONG arrays with bn_sub_words */ + if (bn_sub_words(wnum.d, wnum.d, tmp->d, div_n+1)) { + /* Note: As we have considered only the leading + * two BN_ULONGs in the calculation of q, sdiv * q + * might be greater than wnum (but then (q-1) * sdiv + * is less or equal than wnum) + */ q--; - j=wnum.top; - if (!BN_add(&wnum,&wnum,sdiv)) goto err; - snum->top+=wnum.top-j; + if (bn_add_words(wnum.d, wnum.d, sdiv->d, div_n)) + /* we can't have an overflow here (assuming + * that q != 0, but if q == 0 then tmp is + * zero anyway) */ + (*wnump)++; } - *(resp--)=q; - wnump--; + /* store part of the result */ + *resp = q; } + bn_correct_top(snum); if (rm != NULL) { /* Keep a copy of the neg flag in num because if rm==num @@ -376,10 +618,13 @@ X) -> 0x%08X\n", BN_rshift(rm,snum,norm_shift); if (!BN_is_zero(rm)) rm->neg = neg; + bn_check_top(rm); } + bn_correct_top(res); BN_CTX_end(ctx); return(1); err: + bn_check_top(rm); BN_CTX_end(ctx); return(0); } diff --git a/src/lib/libssl/src/crypto/bn/bn_err.c b/src/lib/libssl/src/crypto/bn/bn_err.c index 5dfac00c88..cfe2eb94a0 100644 --- a/src/lib/libssl/src/crypto/bn/bn_err.c +++ b/src/lib/libssl/src/crypto/bn/bn_err.c @@ -1,6 +1,6 @@ /* crypto/bn/bn_err.c */ /* ==================================================================== - * Copyright (c) 1999-2005 The OpenSSL Project. All rights reserved. + * Copyright (c) 1999-2007 The OpenSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -70,18 +70,30 @@ static ERR_STRING_DATA BN_str_functs[]= { -{ERR_FUNC(BN_F_BN_BLINDING_CONVERT), "BN_BLINDING_convert"}, -{ERR_FUNC(BN_F_BN_BLINDING_INVERT), "BN_BLINDING_invert"}, +{ERR_FUNC(BN_F_BNRAND), "BNRAND"}, +{ERR_FUNC(BN_F_BN_BLINDING_CONVERT_EX), "BN_BLINDING_convert_ex"}, +{ERR_FUNC(BN_F_BN_BLINDING_CREATE_PARAM), "BN_BLINDING_create_param"}, +{ERR_FUNC(BN_F_BN_BLINDING_INVERT_EX), "BN_BLINDING_invert_ex"}, {ERR_FUNC(BN_F_BN_BLINDING_NEW), "BN_BLINDING_new"}, {ERR_FUNC(BN_F_BN_BLINDING_UPDATE), "BN_BLINDING_update"}, {ERR_FUNC(BN_F_BN_BN2DEC), "BN_bn2dec"}, {ERR_FUNC(BN_F_BN_BN2HEX), "BN_bn2hex"}, {ERR_FUNC(BN_F_BN_CTX_GET), "BN_CTX_get"}, {ERR_FUNC(BN_F_BN_CTX_NEW), "BN_CTX_new"}, +{ERR_FUNC(BN_F_BN_CTX_START), "BN_CTX_start"}, {ERR_FUNC(BN_F_BN_DIV), "BN_div"}, +{ERR_FUNC(BN_F_BN_DIV_NO_BRANCH), "BN_div_no_branch"}, +{ERR_FUNC(BN_F_BN_DIV_RECP), "BN_div_recp"}, {ERR_FUNC(BN_F_BN_EXP), "BN_exp"}, {ERR_FUNC(BN_F_BN_EXPAND2), "bn_expand2"}, {ERR_FUNC(BN_F_BN_EXPAND_INTERNAL), "BN_EXPAND_INTERNAL"}, +{ERR_FUNC(BN_F_BN_GF2M_MOD), "BN_GF2m_mod"}, +{ERR_FUNC(BN_F_BN_GF2M_MOD_EXP), "BN_GF2m_mod_exp"}, +{ERR_FUNC(BN_F_BN_GF2M_MOD_MUL), "BN_GF2m_mod_mul"}, +{ERR_FUNC(BN_F_BN_GF2M_MOD_SOLVE_QUAD), "BN_GF2m_mod_solve_quad"}, +{ERR_FUNC(BN_F_BN_GF2M_MOD_SOLVE_QUAD_ARR), "BN_GF2m_mod_solve_quad_arr"}, +{ERR_FUNC(BN_F_BN_GF2M_MOD_SQR), "BN_GF2m_mod_sqr"}, +{ERR_FUNC(BN_F_BN_GF2M_MOD_SQRT), "BN_GF2m_mod_sqrt"}, {ERR_FUNC(BN_F_BN_MOD_EXP2_MONT), "BN_mod_exp2_mont"}, {ERR_FUNC(BN_F_BN_MOD_EXP_MONT), "BN_mod_exp_mont"}, {ERR_FUNC(BN_F_BN_MOD_EXP_MONT_CONSTTIME), "BN_mod_exp_mont_consttime"}, @@ -89,6 +101,7 @@ static ERR_STRING_DATA BN_str_functs[]= {ERR_FUNC(BN_F_BN_MOD_EXP_RECP), "BN_mod_exp_recp"}, {ERR_FUNC(BN_F_BN_MOD_EXP_SIMPLE), "BN_mod_exp_simple"}, {ERR_FUNC(BN_F_BN_MOD_INVERSE), "BN_mod_inverse"}, +{ERR_FUNC(BN_F_BN_MOD_INVERSE_NO_BRANCH), "BN_mod_inverse_no_branch"}, {ERR_FUNC(BN_F_BN_MOD_LSHIFT_QUICK), "BN_mod_lshift_quick"}, {ERR_FUNC(BN_F_BN_MOD_MUL_RECIPROCAL), "BN_mod_mul_reciprocal"}, {ERR_FUNC(BN_F_BN_MOD_SQRT), "BN_mod_sqrt"}, @@ -115,6 +128,7 @@ static ERR_STRING_DATA BN_str_reasons[]= {ERR_REASON(BN_R_NOT_A_SQUARE) ,"not a square"}, {ERR_REASON(BN_R_NOT_INITIALIZED) ,"not initialized"}, {ERR_REASON(BN_R_NO_INVERSE) ,"no inverse"}, +{ERR_REASON(BN_R_NO_SOLUTION) ,"no solution"}, {ERR_REASON(BN_R_P_IS_NOT_PRIME) ,"p is not prime"}, {ERR_REASON(BN_R_TOO_MANY_ITERATIONS) ,"too many iterations"}, {ERR_REASON(BN_R_TOO_MANY_TEMPORARY_VARIABLES),"too many temporary variables"}, @@ -125,15 +139,12 @@ static ERR_STRING_DATA BN_str_reasons[]= void ERR_load_BN_strings(void) { - static int init=1; +#ifndef OPENSSL_NO_ERR - if (init) + if (ERR_func_error_string(BN_str_functs[0].error) == NULL) { - init=0; -#ifndef OPENSSL_NO_ERR ERR_load_strings(0,BN_str_functs); ERR_load_strings(0,BN_str_reasons); -#endif - } +#endif } diff --git a/src/lib/libssl/src/crypto/bn/bn_exp.c b/src/lib/libssl/src/crypto/bn/bn_exp.c index 9e1e88abe8..70a33f0d93 100644 --- a/src/lib/libssl/src/crypto/bn/bn_exp.c +++ b/src/lib/libssl/src/crypto/bn/bn_exp.c @@ -122,9 +122,9 @@ int BN_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx) int i,bits,ret=0; BIGNUM *v,*rr; - if (BN_get_flags(p, BN_FLG_EXP_CONSTTIME) != 0) + if (BN_get_flags(p, BN_FLG_CONSTTIME) != 0) { - /* BN_FLG_EXP_CONSTTIME only supported by BN_mod_exp_mont() */ + /* BN_FLG_CONSTTIME only supported by BN_mod_exp_mont() */ BNerr(BN_F_BN_EXP,ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); return -1; } @@ -155,6 +155,7 @@ int BN_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx) err: if (r != rr) BN_copy(r,rr); BN_CTX_end(ctx); + bn_check_top(r); return(ret); } @@ -212,7 +213,7 @@ int BN_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, const BIGNUM *m, if (BN_is_odd(m)) { # ifdef MONT_EXP_WORD - if (a->top == 1 && !a->neg && (BN_get_flags(p, BN_FLG_EXP_CONSTTIME) == 0)) + if (a->top == 1 && !a->neg && (BN_get_flags(p, BN_FLG_CONSTTIME) == 0)) { BN_ULONG A = a->d[0]; ret=BN_mod_exp_mont_word(r,A,p,m,ctx,NULL); @@ -229,6 +230,7 @@ int BN_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, const BIGNUM *m, { ret=BN_mod_exp_simple(r,a,p,m,ctx); } #endif + bn_check_top(r); return(ret); } @@ -237,14 +239,15 @@ int BN_mod_exp_recp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx) { int i,j,bits,ret=0,wstart,wend,window,wvalue; - int start=1,ts=0; + int start=1; BIGNUM *aa; - BIGNUM val[TABLE_SIZE]; + /* Table of variables obtained from 'ctx' */ + BIGNUM *val[TABLE_SIZE]; BN_RECP_CTX recp; - if (BN_get_flags(p, BN_FLG_EXP_CONSTTIME) != 0) + if (BN_get_flags(p, BN_FLG_CONSTTIME) != 0) { - /* BN_FLG_EXP_CONSTTIME only supported by BN_mod_exp_mont() */ + /* BN_FLG_CONSTTIME only supported by BN_mod_exp_mont() */ BNerr(BN_F_BN_MOD_EXP_RECP,ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); return -1; } @@ -258,7 +261,9 @@ int BN_mod_exp_recp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, } BN_CTX_start(ctx); - if ((aa = BN_CTX_get(ctx)) == NULL) goto err; + aa = BN_CTX_get(ctx); + val[0] = BN_CTX_get(ctx); + if(!aa || !val[0]) goto err; BN_RECP_CTX_init(&recp); if (m->neg) @@ -273,29 +278,27 @@ int BN_mod_exp_recp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, if (BN_RECP_CTX_set(&recp,m,ctx) <= 0) goto err; } - BN_init(&(val[0])); - ts=1; - - if (!BN_nnmod(&(val[0]),a,m,ctx)) goto err; /* 1 */ - if (BN_is_zero(&(val[0]))) + if (!BN_nnmod(val[0],a,m,ctx)) goto err; /* 1 */ + if (BN_is_zero(val[0])) { - ret = BN_zero(r); + BN_zero(r); + ret = 1; goto err; } window = BN_window_bits_for_exponent_size(bits); if (window > 1) { - if (!BN_mod_mul_reciprocal(aa,&(val[0]),&(val[0]),&recp,ctx)) + if (!BN_mod_mul_reciprocal(aa,val[0],val[0],&recp,ctx)) goto err; /* 2 */ j=1<<(window-1); for (i=1; i>1]),&recp,ctx)) + if (!BN_mod_mul_reciprocal(r,r,val[wvalue>>1],&recp,ctx)) goto err; /* move the 'window' down further */ @@ -359,9 +362,8 @@ int BN_mod_exp_recp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, ret=1; err: BN_CTX_end(ctx); - for (i=0; id[0] & 1)) + if (!BN_is_odd(m)) { BNerr(BN_F_BN_MOD_EXP_MONT,BN_R_CALLED_WITH_EVEN_MODULUS); return(0); @@ -400,7 +403,8 @@ int BN_mod_exp_mont(BIGNUM *rr, const BIGNUM *a, const BIGNUM *p, BN_CTX_start(ctx); d = BN_CTX_get(ctx); r = BN_CTX_get(ctx); - if (d == NULL || r == NULL) goto err; + val[0] = BN_CTX_get(ctx); + if (!d || !r || !val[0]) goto err; /* If this is not done, things will break in the montgomery * part */ @@ -413,35 +417,34 @@ int BN_mod_exp_mont(BIGNUM *rr, const BIGNUM *a, const BIGNUM *p, if (!BN_MONT_CTX_set(mont,m,ctx)) goto err; } - BN_init(&val[0]); - ts=1; if (a->neg || BN_ucmp(a,m) >= 0) { - if (!BN_nnmod(&(val[0]),a,m,ctx)) + if (!BN_nnmod(val[0],a,m,ctx)) goto err; - aa= &(val[0]); + aa= val[0]; } else aa=a; if (BN_is_zero(aa)) { - ret = BN_zero(rr); + BN_zero(rr); + ret = 1; goto err; } - if (!BN_to_montgomery(&(val[0]),aa,mont,ctx)) goto err; /* 1 */ + if (!BN_to_montgomery(val[0],aa,mont,ctx)) goto err; /* 1 */ window = BN_window_bits_for_exponent_size(bits); if (window > 1) { - if (!BN_mod_mul_montgomery(d,&(val[0]),&(val[0]),mont,ctx)) goto err; /* 2 */ + if (!BN_mod_mul_montgomery(d,val[0],val[0],mont,ctx)) goto err; /* 2 */ j=1<<(window-1); for (i=1; i>1]),mont,ctx)) + if (!BN_mod_mul_montgomery(r,r,val[wvalue>>1],mont,ctx)) goto err; /* move the 'window' down further */ @@ -508,8 +511,7 @@ int BN_mod_exp_mont(BIGNUM *rr, const BIGNUM *a, const BIGNUM *p, err: if ((in_mont == NULL) && (mont != NULL)) BN_MONT_CTX_free(mont); BN_CTX_end(ctx); - for (i=0; id)[i]; } - bn_fix_top(b); + bn_correct_top(b); return 1; } @@ -552,7 +554,7 @@ static int MOD_EXP_CTIME_COPY_FROM_PREBUF(BIGNUM *b, int top, unsigned char *buf } b->top = top; - bn_fix_top(b); + bn_correct_top(b); return 1; } @@ -743,9 +745,9 @@ int BN_mod_exp_mont_word(BIGNUM *rr, BN_ULONG a, const BIGNUM *p, #define BN_TO_MONTGOMERY_WORD(r, w, mont) \ (BN_set_word(r, (w)) && BN_to_montgomery(r, r, (mont), ctx)) - if (BN_get_flags(p, BN_FLG_EXP_CONSTTIME) != 0) + if (BN_get_flags(p, BN_FLG_CONSTTIME) != 0) { - /* BN_FLG_EXP_CONSTTIME only supported by BN_mod_exp_mont() */ + /* BN_FLG_CONSTTIME only supported by BN_mod_exp_mont() */ BNerr(BN_F_BN_MOD_EXP_MONT_WORD,ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); return -1; } @@ -753,7 +755,7 @@ int BN_mod_exp_mont_word(BIGNUM *rr, BN_ULONG a, const BIGNUM *p, bn_check_top(p); bn_check_top(m); - if (m->top == 0 || !(m->d[0] & 1)) + if (!BN_is_odd(m)) { BNerr(BN_F_BN_MOD_EXP_MONT_WORD,BN_R_CALLED_WITH_EVEN_MODULUS); return(0); @@ -769,7 +771,8 @@ int BN_mod_exp_mont_word(BIGNUM *rr, BN_ULONG a, const BIGNUM *p, } if (a == 0) { - ret = BN_zero(rr); + BN_zero(rr); + ret = 1; return ret; } @@ -863,23 +866,24 @@ int BN_mod_exp_mont_word(BIGNUM *rr, BN_ULONG a, const BIGNUM *p, err: if ((in_mont == NULL) && (mont != NULL)) BN_MONT_CTX_free(mont); BN_CTX_end(ctx); + bn_check_top(rr); return(ret); } /* The old fallback, simple version :-) */ -int BN_mod_exp_simple(BIGNUM *r, - const BIGNUM *a, const BIGNUM *p, const BIGNUM *m, - BN_CTX *ctx) +int BN_mod_exp_simple(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, + const BIGNUM *m, BN_CTX *ctx) { - int i,j,bits,ret=0,wstart,wend,window,wvalue,ts=0; + int i,j,bits,ret=0,wstart,wend,window,wvalue; int start=1; BIGNUM *d; - BIGNUM val[TABLE_SIZE]; + /* Table of variables obtained from 'ctx' */ + BIGNUM *val[TABLE_SIZE]; - if (BN_get_flags(p, BN_FLG_EXP_CONSTTIME) != 0) + if (BN_get_flags(p, BN_FLG_CONSTTIME) != 0) { - /* BN_FLG_EXP_CONSTTIME only supported by BN_mod_exp_mont() */ + /* BN_FLG_CONSTTIME only supported by BN_mod_exp_mont() */ BNerr(BN_F_BN_MOD_EXP_SIMPLE,ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); return -1; } @@ -893,30 +897,30 @@ int BN_mod_exp_simple(BIGNUM *r, } BN_CTX_start(ctx); - if ((d = BN_CTX_get(ctx)) == NULL) goto err; + d = BN_CTX_get(ctx); + val[0] = BN_CTX_get(ctx); + if(!d || !val[0]) goto err; - BN_init(&(val[0])); - ts=1; - if (!BN_nnmod(&(val[0]),a,m,ctx)) goto err; /* 1 */ - if (BN_is_zero(&(val[0]))) + if (!BN_nnmod(val[0],a,m,ctx)) goto err; /* 1 */ + if (BN_is_zero(val[0])) { - ret = BN_zero(r); + BN_zero(r); + ret = 1; goto err; } window = BN_window_bits_for_exponent_size(bits); if (window > 1) { - if (!BN_mod_mul(d,&(val[0]),&(val[0]),m,ctx)) + if (!BN_mod_mul(d,val[0],val[0],m,ctx)) goto err; /* 2 */ j=1<<(window-1); for (i=1; i>1]),m,ctx)) + if (!BN_mod_mul(r,r,val[wvalue>>1],m,ctx)) goto err; /* move the 'window' down further */ @@ -980,8 +984,7 @@ int BN_mod_exp_simple(BIGNUM *r, ret=1; err: BN_CTX_end(ctx); - for (i=0; ineg || BN_ucmp(a1,m) >= 0) { - if (!BN_mod(&(val1[0]),a1,m,ctx)) + if (!BN_mod(val1[0],a1,m,ctx)) goto err; - a_mod_m = &(val1[0]); + a_mod_m = val1[0]; } else a_mod_m = a1; if (BN_is_zero(a_mod_m)) { - ret = BN_zero(rr); + BN_zero(rr); + ret = 1; goto err; } - if (!BN_to_montgomery(&(val1[0]),a_mod_m,mont,ctx)) goto err; + if (!BN_to_montgomery(val1[0],a_mod_m,mont,ctx)) goto err; if (window1 > 1) { - if (!BN_mod_mul_montgomery(d,&(val1[0]),&(val1[0]),mont,ctx)) goto err; + if (!BN_mod_mul_montgomery(d,val1[0],val1[0],mont,ctx)) goto err; j=1<<(window1-1); for (i=1; ineg || BN_ucmp(a2,m) >= 0) { - if (!BN_mod(&(val2[0]),a2,m,ctx)) + if (!BN_mod(val2[0],a2,m,ctx)) goto err; - a_mod_m = &(val2[0]); + a_mod_m = val2[0]; } else a_mod_m = a2; if (BN_is_zero(a_mod_m)) { - ret = BN_zero(rr); + BN_zero(rr); + ret = 1; goto err; } - if (!BN_to_montgomery(&(val2[0]),a_mod_m,mont,ctx)) goto err; + if (!BN_to_montgomery(val2[0],a_mod_m,mont,ctx)) goto err; if (window2 > 1) { - if (!BN_mod_mul_montgomery(d,&(val2[0]),&(val2[0]),mont,ctx)) goto err; + if (!BN_mod_mul_montgomery(d,val2[0],val2[0],mont,ctx)) goto err; j=1<<(window2-1); for (i=1; i>1]),mont,ctx)) + if (!BN_mod_mul_montgomery(r,r,val1[wvalue1>>1],mont,ctx)) goto err; wvalue1 = 0; r_is_one = 0; @@ -294,7 +295,7 @@ int BN_mod_exp2_mont(BIGNUM *rr, const BIGNUM *a1, const BIGNUM *p1, if (wvalue2 && b == wpos2) { /* wvalue2 is odd and < 2^window2 */ - if (!BN_mod_mul_montgomery(r,r,&(val2[wvalue2>>1]),mont,ctx)) + if (!BN_mod_mul_montgomery(r,r,val2[wvalue2>>1],mont,ctx)) goto err; wvalue2 = 0; r_is_one = 0; @@ -305,9 +306,6 @@ int BN_mod_exp2_mont(BIGNUM *rr, const BIGNUM *a1, const BIGNUM *p1, err: if ((in_mont == NULL) && (mont != NULL)) BN_MONT_CTX_free(mont); BN_CTX_end(ctx); - for (i=0; ineg = 0; + + if (B->neg || (BN_ucmp(B, A) >= 0)) + { + /* Turn BN_FLG_CONSTTIME flag on, so that when BN_div is invoked, + * BN_div_no_branch will be called eventually. + */ + pB = &local_B; + BN_with_flags(pB, B, BN_FLG_CONSTTIME); + if (!BN_nnmod(B, pB, A, ctx)) goto err; + } + sign = -1; + /* From B = a mod |n|, A = |n| it follows that + * + * 0 <= B < A, + * -sign*X*a == B (mod |n|), + * sign*Y*a == A (mod |n|). + */ + + while (!BN_is_zero(B)) + { + BIGNUM *tmp; + + /* + * 0 < B < A, + * (*) -sign*X*a == B (mod |n|), + * sign*Y*a == A (mod |n|) + */ + + /* Turn BN_FLG_CONSTTIME flag on, so that when BN_div is invoked, + * BN_div_no_branch will be called eventually. + */ + pA = &local_A; + BN_with_flags(pA, A, BN_FLG_CONSTTIME); + + /* (D, M) := (A/B, A%B) ... */ + if (!BN_div(D,M,pA,B,ctx)) goto err; + + /* Now + * A = D*B + M; + * thus we have + * (**) sign*Y*a == D*B + M (mod |n|). + */ + + tmp=A; /* keep the BIGNUM object, the value does not matter */ + + /* (A, B) := (B, A mod B) ... */ + A=B; + B=M; + /* ... so we have 0 <= B < A again */ + + /* Since the former M is now B and the former B is now A, + * (**) translates into + * sign*Y*a == D*A + B (mod |n|), + * i.e. + * sign*Y*a - D*A == B (mod |n|). + * Similarly, (*) translates into + * -sign*X*a == A (mod |n|). + * + * Thus, + * sign*Y*a + D*sign*X*a == B (mod |n|), + * i.e. + * sign*(Y + D*X)*a == B (mod |n|). + * + * So if we set (X, Y, sign) := (Y + D*X, X, -sign), we arrive back at + * -sign*X*a == B (mod |n|), + * sign*Y*a == A (mod |n|). + * Note that X and Y stay non-negative all the time. + */ + + if (!BN_mul(tmp,D,X,ctx)) goto err; + if (!BN_add(tmp,tmp,Y)) goto err; + + M=Y; /* keep the BIGNUM object, the value does not matter */ + Y=X; + X=tmp; + sign = -sign; + } + + /* + * The while loop (Euclid's algorithm) ends when + * A == gcd(a,n); + * we have + * sign*Y*a == A (mod |n|), + * where Y is non-negative. + */ + + if (sign < 0) + { + if (!BN_sub(Y,n,Y)) goto err; + } + /* Now Y*a == A (mod |n|). */ + + if (BN_is_one(A)) + { + /* Y*a == 1 (mod |n|) */ + if (!Y->neg && BN_ucmp(Y,n) < 0) + { + if (!BN_copy(R,Y)) goto err; + } + else + { + if (!BN_nnmod(R,Y,n,ctx)) goto err; + } + } + else + { + BNerr(BN_F_BN_MOD_INVERSE_NO_BRANCH,BN_R_NO_INVERSE); + goto err; + } + ret=R; +err: + if ((ret == NULL) && (in == NULL)) BN_free(R); + BN_CTX_end(ctx); + bn_check_top(ret); return(ret); } diff --git a/src/lib/libssl/src/crypto/bn/bn_kron.c b/src/lib/libssl/src/crypto/bn/bn_kron.c index 49f75594ae..740359b752 100644 --- a/src/lib/libssl/src/crypto/bn/bn_kron.c +++ b/src/lib/libssl/src/crypto/bn/bn_kron.c @@ -53,9 +53,9 @@ * */ +#include "cryptlib.h" #include "bn_lcl.h" - /* least significant word */ #define BN_lsw(n) (((n)->top == 0) ? (BN_ULONG) 0 : (n)->d[0]) @@ -74,6 +74,9 @@ int BN_kronecker(const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx) */ static const int tab[8] = {0, 1, 0, -1, 0, -1, 0, 1}; + bn_check_top(a); + bn_check_top(b); + BN_CTX_start(ctx); A = BN_CTX_get(ctx); B = BN_CTX_get(ctx); @@ -172,8 +175,7 @@ int BN_kronecker(const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx) tmp = A; A = B; B = tmp; tmp->neg = 0; } - - end: +end: BN_CTX_end(ctx); if (err) return -2; diff --git a/src/lib/libssl/src/crypto/bn/bn_lcl.h b/src/lib/libssl/src/crypto/bn/bn_lcl.h index a84998f2bd..27ac4397a1 100644 --- a/src/lib/libssl/src/crypto/bn/bn_lcl.h +++ b/src/lib/libssl/src/crypto/bn/bn_lcl.h @@ -119,20 +119,6 @@ extern "C" { #endif -/* Used for temp variables */ -#define BN_CTX_NUM 32 -#define BN_CTX_NUM_POS 12 -struct bignum_ctx - { - int tos; - BIGNUM bn[BN_CTX_NUM]; - int flags; - int depth; - int pos[BN_CTX_NUM_POS]; - int too_many; - } /* BN_CTX */; - - /* * BN_window_bits_for_exponent_size -- macro for sliding window mod_exp functions * @@ -284,6 +270,15 @@ struct bignum_ctx : "a"(a),"g"(b) \ : "cc"); # endif +# elif (defined(_M_AMD64) || defined(_M_X64)) && defined(SIXTY_FOUR_BIT) +# if defined(_MSC_VER) && _MSC_VER>=1400 + unsigned __int64 __umulh (unsigned __int64 a,unsigned __int64 b); + unsigned __int64 _umul128 (unsigned __int64 a,unsigned __int64 b, + unsigned __int64 *h); +# pragma intrinsic(__umulh,_umul128) +# define BN_UMULT_HIGH(a,b) __umulh((a),(b)) +# define BN_UMULT_LOHI(low,high,a,b) ((low)=_umul128((a),(b),&(high))) +# endif # endif /* cpu */ #endif /* OPENSSL_NO_ASM */ @@ -293,44 +288,17 @@ struct bignum_ctx #define Lw(t) (((BN_ULONG)(t))&BN_MASK2) #define Hw(t) (((BN_ULONG)((t)>>BN_BITS2))&BN_MASK2) -/* This is used for internal error checking and is not normally used */ -#ifdef BN_DEBUG -# include -# define bn_check_top(a) assert ((a)->top >= 0 && (a)->top <= (a)->dmax); -#else -# define bn_check_top(a) -#endif - -/* This macro is to add extra stuff for development checking */ -#ifdef BN_DEBUG -#define bn_set_max(r) ((r)->max=(r)->top,BN_set_flags((r),BN_FLG_STATIC_DATA)) -#else -#define bn_set_max(r) -#endif - -/* These macros are used to 'take' a section of a bignum for read only use */ -#define bn_set_low(r,a,n) \ - { \ - (r)->top=((a)->top > (n))?(n):(a)->top; \ - (r)->d=(a)->d; \ - (r)->neg=(a)->neg; \ - (r)->flags|=BN_FLG_STATIC_DATA; \ - bn_set_max(r); \ - } - -#define bn_set_high(r,a,n) \ +#ifdef BN_DEBUG_RAND +#define bn_clear_top2max(a) \ { \ - if ((a)->top > (n)) \ - { \ - (r)->top=(a)->top-n; \ - (r)->d= &((a)->d[n]); \ - } \ - else \ - (r)->top=0; \ - (r)->neg=(a)->neg; \ - (r)->flags|=BN_FLG_STATIC_DATA; \ - bn_set_max(r); \ + int ind = (a)->dmax - (a)->top; \ + BN_ULONG *ftl = &(a)->d[(a)->top-1]; \ + for (; ind != 0; ind--) \ + *(++ftl) = 0x0; \ } +#else +#define bn_clear_top2max(a) +#endif #ifdef BN_LLONG #define mul_add(r,a,w,c) { \ @@ -354,6 +322,33 @@ struct bignum_ctx (r1)=Hw(t); \ } +#elif defined(BN_UMULT_LOHI) +#define mul_add(r,a,w,c) { \ + BN_ULONG high,low,ret,tmp=(a); \ + ret = (r); \ + BN_UMULT_LOHI(low,high,w,tmp); \ + ret += (c); \ + (c) = (ret<(c))?1:0; \ + (c) += high; \ + ret += low; \ + (c) += (ret= 0) { - if (mult > (sizeof(int)*8)-1) + if (mult > (int)(sizeof(int)*8)-1) mult=sizeof(int)*8-1; bn_limit_bits=mult; bn_limit_num=1<= 0) { - if (high > (sizeof(int)*8)-1) + if (high > (int)(sizeof(int)*8)-1) high=sizeof(int)*8-1; bn_limit_bits_high=high; bn_limit_num_high=1<= 0) { - if (low > (sizeof(int)*8)-1) + if (low > (int)(sizeof(int)*8)-1) low=sizeof(int)*8-1; bn_limit_bits_low=low; bn_limit_num_low=1<= 0) { - if (mont > (sizeof(int)*8)-1) + if (mont > (int)(sizeof(int)*8)-1) mont=sizeof(int)*8-1; bn_limit_bits_mont=mont; bn_limit_num_mont=1<top - 1; bn_check_top(a); - if (a->top == 0) return(0); - l=a->d[a->top-1]; - assert(l != 0); - i=(a->top-1)*BN_BITS2; - return(i+BN_num_bits_word(l)); + if (BN_is_zero(a)) return 0; + return ((i*BN_BITS2) + BN_num_bits_word(a->d[i])); } void BN_clear_free(BIGNUM *a) @@ -261,6 +259,7 @@ void BN_clear_free(BIGNUM *a) int i; if (a == NULL) return; + bn_check_top(a); if (a->d != NULL) { OPENSSL_cleanse(a->d,a->dmax*sizeof(a->d[0])); @@ -276,16 +275,24 @@ void BN_clear_free(BIGNUM *a) void BN_free(BIGNUM *a) { if (a == NULL) return; + bn_check_top(a); if ((a->d != NULL) && !(BN_get_flags(a,BN_FLG_STATIC_DATA))) OPENSSL_free(a->d); - a->flags|=BN_FLG_FREE; /* REMOVE? */ if (a->flags & BN_FLG_MALLOCED) OPENSSL_free(a); + else + { +#ifndef OPENSSL_NO_DEPRECATED + a->flags|=BN_FLG_FREE; +#endif + a->d = NULL; + } } void BN_init(BIGNUM *a) { memset(a,0,sizeof(BIGNUM)); + bn_check_top(a); } BIGNUM *BN_new(void) @@ -302,6 +309,7 @@ BIGNUM *BN_new(void) ret->neg=0; ret->dmax=0; ret->d=NULL; + bn_check_top(ret); return(ret); } @@ -313,19 +321,19 @@ static BN_ULONG *bn_expand_internal(const BIGNUM *b, int words) const BN_ULONG *B; int i; + bn_check_top(b); + if (words > (INT_MAX/(4*BN_BITS2))) { BNerr(BN_F_BN_EXPAND_INTERNAL,BN_R_BIGNUM_TOO_LONG); return NULL; } - - bn_check_top(b); if (BN_get_flags(b,BN_FLG_STATIC_DATA)) { BNerr(BN_F_BN_EXPAND_INTERNAL,BN_R_EXPAND_ON_STATIC_BIGNUM_DATA); return(NULL); } - a=A=(BN_ULONG *)OPENSSL_malloc(sizeof(BN_ULONG)*(words+1)); + a=A=(BN_ULONG *)OPENSSL_malloc(sizeof(BN_ULONG)*words); if (A == NULL) { BNerr(BN_F_BN_EXPAND_INTERNAL,ERR_R_MALLOC_FAILURE); @@ -363,19 +371,8 @@ static BN_ULONG *bn_expand_internal(const BIGNUM *b, int words) } } - /* Now need to zero any data between b->top and b->max */ - /* XXX Why? */ - - A= &(a[b->top]); - for (i=(words - b->top)>>3; i>0; i--,A+=8) - { - A[0]=0; A[1]=0; A[2]=0; A[3]=0; - A[4]=0; A[5]=0; A[6]=0; A[7]=0; - } - for (i=(words - b->top)&7; i>0; i--,A++) - A[0]=0; #else - memset(A,0,sizeof(BN_ULONG)*(words+1)); + memset(A,0,sizeof(BN_ULONG)*words); memcpy(A,b->d,sizeof(b->d[0])*b->top); #endif @@ -393,16 +390,19 @@ static BN_ULONG *bn_expand_internal(const BIGNUM *b, int words) * while bn_dup_expand() makes sure allocation is made only once. */ +#ifndef OPENSSL_NO_DEPRECATED BIGNUM *bn_dup_expand(const BIGNUM *b, int words) { BIGNUM *r = NULL; + bn_check_top(b); + /* This function does not work if * words <= b->dmax && top < words * because BN_dup() does not preserve 'dmax'! * (But bn_dup_expand() is not used anywhere yet.) */ - + if (words > b->dmax) { BN_ULONG *a = bn_expand_internal(b, words); @@ -431,48 +431,67 @@ BIGNUM *bn_dup_expand(const BIGNUM *b, int words) r = BN_dup(b); } + bn_check_top(r); return r; } +#endif /* This is an internal function that should not be used in applications. - * It ensures that 'b' has enough room for a 'words' word number number. + * It ensures that 'b' has enough room for a 'words' word number + * and initialises any unused part of b->d with leading zeros. * It is mostly used by the various BIGNUM routines. If there is an error, * NULL is returned. If not, 'b' is returned. */ BIGNUM *bn_expand2(BIGNUM *b, int words) { + bn_check_top(b); + if (words > b->dmax) { BN_ULONG *a = bn_expand_internal(b, words); + if(!a) return NULL; + if(b->d) OPENSSL_free(b->d); + b->d=a; + b->dmax=words; + } - if (a) +/* None of this should be necessary because of what b->top means! */ +#if 0 + /* NB: bn_wexpand() calls this only if the BIGNUM really has to grow */ + if (b->top < b->dmax) + { + int i; + BN_ULONG *A = &(b->d[b->top]); + for (i=(b->dmax - b->top)>>3; i>0; i--,A+=8) { - if (b->d) - OPENSSL_free(b->d); - b->d=a; - b->dmax=words; + A[0]=0; A[1]=0; A[2]=0; A[3]=0; + A[4]=0; A[5]=0; A[6]=0; A[7]=0; } - else - b = NULL; + for (i=(b->dmax - b->top)&7; i>0; i--,A++) + A[0]=0; + assert(A == &(b->d[b->dmax])); } +#endif + bn_check_top(b); return b; } BIGNUM *BN_dup(const BIGNUM *a) { - BIGNUM *r, *t; + BIGNUM *t; if (a == NULL) return NULL; - bn_check_top(a); t = BN_new(); - if (t == NULL) return(NULL); - r = BN_copy(t, a); - /* now r == t || r == NULL */ - if (r == NULL) + if (t == NULL) return NULL; + if(!BN_copy(t, a)) + { BN_free(t); - return r; + return NULL; + } + bn_check_top(t); + return t; } BIGNUM *BN_copy(BIGNUM *a, const BIGNUM *b) @@ -506,11 +525,9 @@ BIGNUM *BN_copy(BIGNUM *a, const BIGNUM *b) memcpy(a->d,b->d,sizeof(b->d[0])*b->top); #endif -/* memset(&(a->d[b->top]),0,sizeof(a->d[0])*(a->max-b->top));*/ a->top=b->top; - if ((a->top == 0) && (a->d != NULL)) - a->d[0]=0; a->neg=b->neg; + bn_check_top(a); return(a); } @@ -520,6 +537,9 @@ void BN_swap(BIGNUM *a, BIGNUM *b) BN_ULONG *tmp_d; int tmp_top, tmp_dmax, tmp_neg; + bn_check_top(a); + bn_check_top(b); + flags_old_a = a->flags; flags_old_b = b->flags; @@ -540,11 +560,13 @@ void BN_swap(BIGNUM *a, BIGNUM *b) a->flags = (flags_old_a & BN_FLG_MALLOCED) | (flags_old_b & BN_FLG_STATIC_DATA); b->flags = (flags_old_b & BN_FLG_MALLOCED) | (flags_old_a & BN_FLG_STATIC_DATA); + bn_check_top(a); + bn_check_top(b); } - void BN_clear(BIGNUM *a) { + bn_check_top(a); if (a->d != NULL) memset(a->d,0,a->dmax*sizeof(a->d[0])); a->top=0; @@ -553,49 +575,22 @@ void BN_clear(BIGNUM *a) BN_ULONG BN_get_word(const BIGNUM *a) { - int i,n; - BN_ULONG ret=0; - - n=BN_num_bytes(a); - if (n > sizeof(BN_ULONG)) - return(BN_MASK2); - for (i=a->top-1; i>=0; i--) - { -#ifndef SIXTY_FOUR_BIT /* the data item > unsigned long */ - ret<<=BN_BITS4; /* stops the compiler complaining */ - ret<<=BN_BITS4; -#else - ret=0; -#endif - ret|=a->d[i]; - } - return(ret); + if (a->top > 1) + return BN_MASK2; + else if (a->top == 1) + return a->d[0]; + /* a->top == 0 */ + return 0; } int BN_set_word(BIGNUM *a, BN_ULONG w) { - int i,n; - if (bn_expand(a,sizeof(BN_ULONG)*8) == NULL) return(0); - - n=sizeof(BN_ULONG)/BN_BYTES; - a->neg=0; - a->top=0; - a->d[0]=(BN_ULONG)w&BN_MASK2; - if (a->d[0] != 0) a->top=1; - for (i=1; i>=BN_BITS2 so compilers don't complain - * on builds where sizeof(long) == BN_TYPES */ -#ifndef SIXTY_FOUR_BIT /* the data item > unsigned long */ - w>>=BN_BITS4; - w>>=BN_BITS4; -#else - w=0; -#endif - a->d[i]=(BN_ULONG)w&BN_MASK2; - if (a->d[i] != 0) a->top=i+1; - } + bn_check_top(a); + if (bn_expand(a,(int)sizeof(BN_ULONG)*8) == NULL) return(0); + a->neg = 0; + a->d[0] = w; + a->top = (w ? 1 : 0); + bn_check_top(a); return(1); } @@ -604,9 +599,12 @@ BIGNUM *BN_bin2bn(const unsigned char *s, int len, BIGNUM *ret) unsigned int i,m; unsigned int n; BN_ULONG l; + BIGNUM *bn = NULL; - if (ret == NULL) ret=BN_new(); + if (ret == NULL) + ret = bn = BN_new(); if (ret == NULL) return(NULL); + bn_check_top(ret); l=0; n=len; if (n == 0) @@ -614,13 +612,16 @@ BIGNUM *BN_bin2bn(const unsigned char *s, int len, BIGNUM *ret) ret->top=0; return(ret); } - if (bn_expand(ret,(int)(n+2)*8) == NULL) - return(NULL); i=((n-1)/BN_BYTES)+1; m=((n-1)%(BN_BYTES)); + if (bn_wexpand(ret, (int)i) == NULL) + { + if (bn) BN_free(bn); + return NULL; + } ret->top=i; ret->neg=0; - while (n-- > 0) + while (n--) { l=(l<<8L)| *(s++); if (m-- == 0) @@ -632,7 +633,7 @@ BIGNUM *BN_bin2bn(const unsigned char *s, int len, BIGNUM *ret) } /* need to call this due to clear byte at top if avoiding * having the top bit set (-ve number) */ - bn_fix_top(ret); + bn_correct_top(ret); return(ret); } @@ -642,8 +643,9 @@ int BN_bn2bin(const BIGNUM *a, unsigned char *to) int n,i; BN_ULONG l; + bn_check_top(a); n=i=BN_num_bytes(a); - while (i-- > 0) + while (i--) { l=a->d[i/BN_BYTES]; *(to++)=(unsigned char)(l>>(8*(i%BN_BYTES)))&0xff; @@ -668,7 +670,7 @@ int BN_ucmp(const BIGNUM *a, const BIGNUM *b) t1= ap[i]; t2= bp[i]; if (t1 != t2) - return(t1 > t2?1:-1); + return((t1 > t2) ? 1 : -1); } return(0); } @@ -718,6 +720,9 @@ int BN_set_bit(BIGNUM *a, int n) { int i,j,k; + if (n < 0) + return 0; + i=n/BN_BITS2; j=n%BN_BITS2; if (a->top <= i) @@ -729,6 +734,7 @@ int BN_set_bit(BIGNUM *a, int n) } a->d[i]|=(((BN_ULONG)1)<top <= i) return(0); a->d[i]&=(~(((BN_ULONG)1)<top <= i) return(0); - return((a->d[i]&(((BN_ULONG)1)<top <= i) return 0; + return(((a->d[i])>>j)&((BN_ULONG)1)); } int BN_mask_bits(BIGNUM *a, int n) { int b,w; + bn_check_top(a); + if (n < 0) return 0; + w=n/BN_BITS2; b=n%BN_BITS2; - if (w >= a->top) return(0); + if (w >= a->top) return 0; if (b == 0) a->top=w; else @@ -770,10 +783,18 @@ int BN_mask_bits(BIGNUM *a, int n) a->top=w+1; a->d[w]&= ~(BN_MASK2<neg = 1; + else + a->neg = 0; + } + int bn_cmp_words(const BN_ULONG *a, const BN_ULONG *b, int n) { int i; diff --git a/src/lib/libssl/src/crypto/bn/bn_mod.c b/src/lib/libssl/src/crypto/bn/bn_mod.c index 5cf82480d7..77d6ddb91a 100644 --- a/src/lib/libssl/src/crypto/bn/bn_mod.c +++ b/src/lib/libssl/src/crypto/bn/bn_mod.c @@ -149,7 +149,7 @@ int BN_mod_add(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, const BIGNUM *m, BN_ * and less than m */ int BN_mod_add_quick(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, const BIGNUM *m) { - if (!BN_add(r, a, b)) return 0; + if (!BN_uadd(r, a, b)) return 0; if (BN_ucmp(r, m) >= 0) return BN_usub(r, r, m); return 1; @@ -192,6 +192,7 @@ int BN_mod_mul(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, const BIGNUM *m, else { if (!BN_mul(t,a,b,ctx)) goto err; } if (!BN_nnmod(r,t,m,ctx)) goto err; + bn_check_top(r); ret=1; err: BN_CTX_end(ctx); @@ -210,6 +211,7 @@ int BN_mod_sqr(BIGNUM *r, const BIGNUM *a, const BIGNUM *m, BN_CTX *ctx) int BN_mod_lshift1(BIGNUM *r, const BIGNUM *a, const BIGNUM *m, BN_CTX *ctx) { if (!BN_lshift1(r, a)) return 0; + bn_check_top(r); return BN_nnmod(r, r, m, ctx); } @@ -219,6 +221,7 @@ int BN_mod_lshift1(BIGNUM *r, const BIGNUM *a, const BIGNUM *m, BN_CTX *ctx) int BN_mod_lshift1_quick(BIGNUM *r, const BIGNUM *a, const BIGNUM *m) { if (!BN_lshift1(r, a)) return 0; + bn_check_top(r); if (BN_cmp(r, m) >= 0) return BN_sub(r, r, m); return 1; @@ -240,6 +243,7 @@ int BN_mod_lshift(BIGNUM *r, const BIGNUM *a, int n, const BIGNUM *m, BN_CTX *ct } ret = BN_mod_lshift_quick(r, r, n, (abs_m ? abs_m : m)); + bn_check_top(r); if (abs_m) BN_free(abs_m); @@ -291,6 +295,7 @@ int BN_mod_lshift_quick(BIGNUM *r, const BIGNUM *a, int n, const BIGNUM *m) if (!BN_sub(r, r, m)) return 0; } } + bn_check_top(r); return 1; } diff --git a/src/lib/libssl/src/crypto/bn/bn_mont.c b/src/lib/libssl/src/crypto/bn/bn_mont.c index 3572e5a690..4799b152dd 100644 --- a/src/lib/libssl/src/crypto/bn/bn_mont.c +++ b/src/lib/libssl/src/crypto/bn/bn_mont.c @@ -55,6 +55,59 @@ * copied and put under another distribution licence * [including the GNU Public Licence.] */ +/* ==================================================================== + * Copyright (c) 1998-2006 The OpenSSL Project. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * 3. All advertising materials mentioning features or use of this + * software must display the following acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" + * + * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to + * endorse or promote products derived from this software without + * prior written permission. For written permission, please contact + * openssl-core@openssl.org. + * + * 5. Products derived from this software may not be called "OpenSSL" + * nor may "OpenSSL" appear in their names without prior written + * permission of the OpenSSL Project. + * + * 6. Redistributions of any form whatsoever must retain the following + * acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit (http://www.openssl.org/)" + * + * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY + * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR + * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * ==================================================================== + * + * This product includes cryptographic software written by Eric Young + * (eay@cryptsoft.com). This product includes software written by Tim + * Hudson (tjh@cryptsoft.com). + * + */ /* * Details about Montgomery multiplication algorithms can be found at @@ -69,11 +122,50 @@ #define MONT_WORD /* use the faster word-based algorithm */ +#if defined(MONT_WORD) && defined(OPENSSL_BN_ASM_MONT) && (BN_BITS2<=32) +/* This condition means we have a specific non-default build: + * In the 0.9.8 branch, OPENSSL_BN_ASM_MONT is normally not set for any + * BN_BITS2<=32 platform; an explicit "enable-montasm" is required. + * I.e., if we are here, the user intentionally deviates from the + * normal stable build to get better Montgomery performance from + * the 0.9.9-dev backport. + * + * In this case only, we also enable BN_from_montgomery_word() + * (another non-stable feature from 0.9.9-dev). + */ +#define MONT_FROM_WORD___NON_DEFAULT_0_9_8_BUILD +#endif + +#ifdef MONT_FROM_WORD___NON_DEFAULT_0_9_8_BUILD +static int BN_from_montgomery_word(BIGNUM *ret, BIGNUM *r, BN_MONT_CTX *mont); +#endif + + + int BN_mod_mul_montgomery(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, BN_MONT_CTX *mont, BN_CTX *ctx) { BIGNUM *tmp; int ret=0; +#if defined(OPENSSL_BN_ASM_MONT) && defined(MONT_WORD) + int num = mont->N.top; + + if (num>1 && a->top==num && b->top==num) + { + if (bn_wexpand(r,num) == NULL) return(0); +#if 0 /* for OpenSSL 0.9.9 mont->n0 */ + if (bn_mul_mont(r->d,a->d,b->d,mont->N.d,mont->n0,num)) +#else + if (bn_mul_mont(r->d,a->d,b->d,mont->N.d,&mont->n0,num)) +#endif + { + r->neg = a->neg^b->neg; + r->top = num; + bn_correct_top(r); + return(1); + } + } +#endif BN_CTX_start(ctx); tmp = BN_CTX_get(ctx); @@ -89,13 +181,162 @@ int BN_mod_mul_montgomery(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, if (!BN_mul(tmp,a,b,ctx)) goto err; } /* reduce from aRR to aR */ +#ifdef MONT_FROM_WORD___NON_DEFAULT_0_9_8_BUILD + if (!BN_from_montgomery_word(r,tmp,mont)) goto err; +#else if (!BN_from_montgomery(r,tmp,mont,ctx)) goto err; +#endif + bn_check_top(r); ret=1; err: BN_CTX_end(ctx); return(ret); } +#ifdef MONT_FROM_WORD___NON_DEFAULT_0_9_8_BUILD +static int BN_from_montgomery_word(BIGNUM *ret, BIGNUM *r, BN_MONT_CTX *mont) + { + BIGNUM *n; + BN_ULONG *ap,*np,*rp,n0,v,*nrp; + int al,nl,max,i,x,ri; + + n= &(mont->N); + /* mont->ri is the size of mont->N in bits (rounded up + to the word size) */ + al=ri=mont->ri/BN_BITS2; + + nl=n->top; + if ((al == 0) || (nl == 0)) { ret->top=0; return(1); } + + max=(nl+al+1); /* allow for overflow (no?) XXX */ + if (bn_wexpand(r,max) == NULL) return(0); + + r->neg^=n->neg; + np=n->d; + rp=r->d; + nrp= &(r->d[nl]); + + /* clear the top words of T */ + for (i=r->top; id[i]=0; + + r->top=max; +#if 0 /* for OpenSSL 0.9.9 mont->n0 */ + n0=mont->n0[0]; +#else + n0=mont->n0; +#endif + +#ifdef BN_COUNT + fprintf(stderr,"word BN_from_montgomery_word %d * %d\n",nl,nl); +#endif + for (i=0; i= v) + continue; + else + { + if (((++nrp[0])&BN_MASK2) != 0) continue; + if (((++nrp[1])&BN_MASK2) != 0) continue; + for (x=2; (((++nrp[x])&BN_MASK2) == 0); x++) ; + } + } + bn_correct_top(r); + + /* mont->ri will be a multiple of the word size and below code + * is kind of BN_rshift(ret,r,mont->ri) equivalent */ + if (r->top <= ri) + { + ret->top=0; + return(1); + } + al=r->top-ri; + + if (bn_wexpand(ret,ri) == NULL) return(0); + x=0-(((al-ri)>>(sizeof(al)*8-1))&1); + ret->top=x=(ri&~x)|(al&x); /* min(ri,al) */ + ret->neg=r->neg; + + rp=ret->d; + ap=&(r->d[ri]); + + { + size_t m1,m2; + + v=bn_sub_words(rp,ap,np,ri); + /* this ----------------^^ works even in alri) nrp=rp; else nrp=ap; */ + /* in other words if subtraction result is real, then + * trick unconditional memcpy below to perform in-place + * "refresh" instead of actual copy. */ + m1=0-(size_t)(((al-ri)>>(sizeof(al)*8-1))&1); /* al>(sizeof(al)*8-1))&1); /* al>ri */ + m1|=m2; /* (al!=ri) */ + m1|=(0-(size_t)v); /* (al!=ri || v) */ + m1&=~m2; /* (al!=ri || v) && !al>ri */ + nrp=(BN_ULONG *)(((size_t)rp&~m1)|((size_t)ap&m1)); + } + + /* 'ineg=a->neg^n->neg; np=n->d; @@ -172,21 +412,74 @@ int BN_from_montgomery(BIGNUM *ret, const BIGNUM *a, BN_MONT_CTX *mont, for (x=2; (((++nrp[x])&BN_MASK2) == 0); x++) ; } } - bn_fix_top(r); + bn_correct_top(r); - /* mont->ri will be a multiple of the word size */ -#if 0 - BN_rshift(ret,r,mont->ri); -#else - ret->neg = r->neg; - x=ri; + /* mont->ri will be a multiple of the word size and below code + * is kind of BN_rshift(ret,r,mont->ri) equivalent */ + if (r->top <= ri) + { + ret->top=0; + retn=1; + goto err; + } + al=r->top-ri; + +# define BRANCH_FREE 1 +# if BRANCH_FREE + if (bn_wexpand(ret,ri) == NULL) goto err; + x=0-(((al-ri)>>(sizeof(al)*8-1))&1); + ret->top=x=(ri&~x)|(al&x); /* min(ri,al) */ + ret->neg=r->neg; + rp=ret->d; - ap= &(r->d[x]); - if (r->top < x) - al=0; - else - al=r->top-x; + ap=&(r->d[ri]); + + { + size_t m1,m2; + + v=bn_sub_words(rp,ap,np,ri); + /* this ----------------^^ works even in alri) nrp=rp; else nrp=ap; */ + /* in other words if subtraction result is real, then + * trick unconditional memcpy below to perform in-place + * "refresh" instead of actual copy. */ + m1=0-(size_t)(((al-ri)>>(sizeof(al)*8-1))&1); /* al>(sizeof(al)*8-1))&1); /* al>ri */ + m1|=m2; /* (al!=ri) */ + m1|=(0-(size_t)v); /* (al!=ri || v) */ + m1&=~m2; /* (al!=ri || v) && !al>ri */ + nrp=(BN_ULONG *)(((size_t)rp&~m1)|((size_t)ap&m1)); + } + + /* 'itop=al; + ret->neg=r->neg; + + rp=ret->d; + ap=&(r->d[ri]); al-=4; for (i=0; iri)) goto err; #endif /* MONT_WORD */ +#if !defined(BRANCH_FREE) || BRANCH_FREE==0 if (BN_ucmp(ret, &(mont->N)) >= 0) { if (!BN_usub(ret,ret,&(mont->N))) goto err; } +#endif retn=1; + bn_check_top(ret); err: BN_CTX_end(ctx); return(retn); } +#endif /* MONT_FROM_WORD___NON_DEFAULT_0_9_8_BUILD */ BN_MONT_CTX *BN_MONT_CTX_new(void) { @@ -252,6 +549,11 @@ void BN_MONT_CTX_init(BN_MONT_CTX *ctx) BN_init(&(ctx->RR)); BN_init(&(ctx->N)); BN_init(&(ctx->Ni)); +#if 0 /* for OpenSSL 0.9.9 mont->n0 */ + ctx->n0[0] = ctx->n0[1] = 0; +#else + ctx->n0 = 0; +#endif ctx->flags=0; } @@ -269,9 +571,11 @@ void BN_MONT_CTX_free(BN_MONT_CTX *mont) int BN_MONT_CTX_set(BN_MONT_CTX *mont, const BIGNUM *mod, BN_CTX *ctx) { - BIGNUM Ri,*R; + int ret = 0; + BIGNUM *Ri,*R; - BN_init(&Ri); + BN_CTX_start(ctx); + if((Ri = BN_CTX_get(ctx)) == NULL) goto err; R= &(mont->RR); /* grab RR as a temp */ if (!BN_copy(&(mont->N),mod)) goto err; /* Set N */ mont->N.neg = 0; @@ -282,57 +586,99 @@ int BN_MONT_CTX_set(BN_MONT_CTX *mont, const BIGNUM *mod, BN_CTX *ctx) BN_ULONG buf[2]; mont->ri=(BN_num_bits(mod)+(BN_BITS2-1))/BN_BITS2*BN_BITS2; - if (!(BN_zero(R))) goto err; + BN_zero(R); +#if 0 /* for OpenSSL 0.9.9 mont->n0, would be "#if defined(OPENSSL_BN_ASM_MONT) && (BN_BITS2<=32)", + only certain BN_BITS2<=32 platforms actually need this */ + if (!(BN_set_bit(R,2*BN_BITS2))) goto err; /* R */ +#else if (!(BN_set_bit(R,BN_BITS2))) goto err; /* R */ +#endif buf[0]=mod->d[0]; /* tmod = N mod word size */ buf[1]=0; + + BN_init(&tmod); tmod.d=buf; - tmod.top=1; + tmod.top = buf[0] != 0 ? 1 : 0; tmod.dmax=2; tmod.neg=0; + +#if 0 /* for OpenSSL 0.9.9 mont->n0, would be "#if defined(OPENSSL_BN_ASM_MONT) && (BN_BITS2<=32)"; + only certain BN_BITS2<=32 platforms actually need this */ + tmod.top=0; + if ((buf[0] = mod->d[0])) tmod.top=1; + if ((buf[1] = mod->top>1 ? mod->d[1] : 0)) tmod.top=2; + + if ((BN_mod_inverse(Ri,R,&tmod,ctx)) == NULL) + goto err; + if (!BN_lshift(Ri,Ri,2*BN_BITS2)) goto err; /* R*Ri */ + if (!BN_is_zero(Ri)) + { + if (!BN_sub_word(Ri,1)) goto err; + } + else /* if N mod word size == 1 */ + { + if (bn_expand(Ri,(int)sizeof(BN_ULONG)*2) == NULL) + goto err; + /* Ri-- (mod double word size) */ + Ri->neg=0; + Ri->d[0]=BN_MASK2; + Ri->d[1]=BN_MASK2; + Ri->top=2; + } + if (!BN_div(Ri,NULL,Ri,&tmod,ctx)) goto err; + /* Ni = (R*Ri-1)/N, + * keep only couple of least significant words: */ + mont->n0[0] = (Ri->top > 0) ? Ri->d[0] : 0; + mont->n0[1] = (Ri->top > 1) ? Ri->d[1] : 0; +#else /* Ri = R^-1 mod N*/ - if ((BN_mod_inverse(&Ri,R,&tmod,ctx)) == NULL) + if ((BN_mod_inverse(Ri,R,&tmod,ctx)) == NULL) goto err; - if (!BN_lshift(&Ri,&Ri,BN_BITS2)) goto err; /* R*Ri */ - if (!BN_is_zero(&Ri)) + if (!BN_lshift(Ri,Ri,BN_BITS2)) goto err; /* R*Ri */ + if (!BN_is_zero(Ri)) { - if (!BN_sub_word(&Ri,1)) goto err; + if (!BN_sub_word(Ri,1)) goto err; } else /* if N mod word size == 1 */ { - if (!BN_set_word(&Ri,BN_MASK2)) goto err; /* Ri-- (mod word size) */ + if (!BN_set_word(Ri,BN_MASK2)) goto err; /* Ri-- (mod word size) */ } - if (!BN_div(&Ri,NULL,&Ri,&tmod,ctx)) goto err; + if (!BN_div(Ri,NULL,Ri,&tmod,ctx)) goto err; /* Ni = (R*Ri-1)/N, * keep only least significant word: */ - mont->n0 = (Ri.top > 0) ? Ri.d[0] : 0; - BN_free(&Ri); +# if 0 /* for OpenSSL 0.9.9 mont->n0 */ + mont->n0[0] = (Ri->top > 0) ? Ri->d[0] : 0; + mont->n0[1] = 0; +# else + mont->n0 = (Ri->top > 0) ? Ri->d[0] : 0; +# endif +#endif } #else /* !MONT_WORD */ { /* bignum version */ mont->ri=BN_num_bits(&mont->N); - if (!BN_zero(R)) goto err; + BN_zero(R); if (!BN_set_bit(R,mont->ri)) goto err; /* R = 2^ri */ /* Ri = R^-1 mod N*/ - if ((BN_mod_inverse(&Ri,R,&mont->N,ctx)) == NULL) + if ((BN_mod_inverse(Ri,R,&mont->N,ctx)) == NULL) goto err; - if (!BN_lshift(&Ri,&Ri,mont->ri)) goto err; /* R*Ri */ - if (!BN_sub_word(&Ri,1)) goto err; + if (!BN_lshift(Ri,Ri,mont->ri)) goto err; /* R*Ri */ + if (!BN_sub_word(Ri,1)) goto err; /* Ni = (R*Ri-1) / N */ - if (!BN_div(&(mont->Ni),NULL,&Ri,&mont->N,ctx)) goto err; - BN_free(&Ri); + if (!BN_div(&(mont->Ni),NULL,Ri,&mont->N,ctx)) goto err; } #endif /* setup RR for conversions */ - if (!BN_zero(&(mont->RR))) goto err; + BN_zero(&(mont->RR)); if (!BN_set_bit(&(mont->RR),mont->ri*2)) goto err; if (!BN_mod(&(mont->RR),&(mont->RR),&(mont->N),ctx)) goto err; - return(1); + ret = 1; err: - return(0); + BN_CTX_end(ctx); + return ret; } BN_MONT_CTX *BN_MONT_CTX_copy(BN_MONT_CTX *to, BN_MONT_CTX *from) @@ -343,27 +689,44 @@ BN_MONT_CTX *BN_MONT_CTX_copy(BN_MONT_CTX *to, BN_MONT_CTX *from) if (!BN_copy(&(to->N),&(from->N))) return NULL; if (!BN_copy(&(to->Ni),&(from->Ni))) return NULL; to->ri=from->ri; +#if 0 /* for OpenSSL 0.9.9 mont->n0 */ + to->n0[0]=from->n0[0]; + to->n0[1]=from->n0[1]; +#else to->n0=from->n0; +#endif return(to); } BN_MONT_CTX *BN_MONT_CTX_set_locked(BN_MONT_CTX **pmont, int lock, const BIGNUM *mod, BN_CTX *ctx) { - if (*pmont) - return *pmont; - CRYPTO_w_lock(lock); + int got_write_lock = 0; + BN_MONT_CTX *ret; + + CRYPTO_r_lock(lock); if (!*pmont) { - *pmont = BN_MONT_CTX_new(); - if (*pmont && !BN_MONT_CTX_set(*pmont, mod, ctx)) + CRYPTO_r_unlock(lock); + CRYPTO_w_lock(lock); + got_write_lock = 1; + + if (!*pmont) { - BN_MONT_CTX_free(*pmont); - *pmont = NULL; + ret = BN_MONT_CTX_new(); + if (ret && !BN_MONT_CTX_set(ret, mod, ctx)) + BN_MONT_CTX_free(ret); + else + *pmont = ret; } } - CRYPTO_w_unlock(lock); - return *pmont; - } + + ret = *pmont; + + if (got_write_lock) + CRYPTO_w_unlock(lock); + else + CRYPTO_r_unlock(lock); - + return ret; + } diff --git a/src/lib/libssl/src/crypto/bn/bn_mpi.c b/src/lib/libssl/src/crypto/bn/bn_mpi.c index 05fa9d1e9a..a054d21aed 100644 --- a/src/lib/libssl/src/crypto/bn/bn_mpi.c +++ b/src/lib/libssl/src/crypto/bn/bn_mpi.c @@ -124,6 +124,7 @@ BIGNUM *BN_mpi2bn(const unsigned char *d, int n, BIGNUM *a) { BN_clear_bit(a,BN_num_bits(a)-1); } + bn_check_top(a); return(a); } diff --git a/src/lib/libssl/src/crypto/bn/bn_mul.c b/src/lib/libssl/src/crypto/bn/bn_mul.c index 3ae3822bc2..b848c8cc60 100644 --- a/src/lib/libssl/src/crypto/bn/bn_mul.c +++ b/src/lib/libssl/src/crypto/bn/bn_mul.c @@ -56,10 +56,325 @@ * [including the GNU Public Licence.] */ +#ifndef BN_DEBUG +# undef NDEBUG /* avoid conflicting definitions */ +# define NDEBUG +#endif + #include +#include #include "cryptlib.h" #include "bn_lcl.h" +#if defined(OPENSSL_NO_ASM) || !defined(OPENSSL_BN_ASM_PART_WORDS) +/* Here follows specialised variants of bn_add_words() and + bn_sub_words(). They have the property performing operations on + arrays of different sizes. The sizes of those arrays is expressed through + cl, which is the common length ( basicall, min(len(a),len(b)) ), and dl, + which is the delta between the two lengths, calculated as len(a)-len(b). + All lengths are the number of BN_ULONGs... For the operations that require + a result array as parameter, it must have the length cl+abs(dl). + These functions should probably end up in bn_asm.c as soon as there are + assembler counterparts for the systems that use assembler files. */ + +BN_ULONG bn_sub_part_words(BN_ULONG *r, + const BN_ULONG *a, const BN_ULONG *b, + int cl, int dl) + { + BN_ULONG c, t; + + assert(cl >= 0); + c = bn_sub_words(r, a, b, cl); + + if (dl == 0) + return c; + + r += cl; + a += cl; + b += cl; + + if (dl < 0) + { +#ifdef BN_COUNT + fprintf(stderr, " bn_sub_part_words %d + %d (dl < 0, c = %d)\n", cl, dl, c); +#endif + for (;;) + { + t = b[0]; + r[0] = (0-t-c)&BN_MASK2; + if (t != 0) c=1; + if (++dl >= 0) break; + + t = b[1]; + r[1] = (0-t-c)&BN_MASK2; + if (t != 0) c=1; + if (++dl >= 0) break; + + t = b[2]; + r[2] = (0-t-c)&BN_MASK2; + if (t != 0) c=1; + if (++dl >= 0) break; + + t = b[3]; + r[3] = (0-t-c)&BN_MASK2; + if (t != 0) c=1; + if (++dl >= 0) break; + + b += 4; + r += 4; + } + } + else + { + int save_dl = dl; +#ifdef BN_COUNT + fprintf(stderr, " bn_sub_part_words %d + %d (dl > 0, c = %d)\n", cl, dl, c); +#endif + while(c) + { + t = a[0]; + r[0] = (t-c)&BN_MASK2; + if (t != 0) c=0; + if (--dl <= 0) break; + + t = a[1]; + r[1] = (t-c)&BN_MASK2; + if (t != 0) c=0; + if (--dl <= 0) break; + + t = a[2]; + r[2] = (t-c)&BN_MASK2; + if (t != 0) c=0; + if (--dl <= 0) break; + + t = a[3]; + r[3] = (t-c)&BN_MASK2; + if (t != 0) c=0; + if (--dl <= 0) break; + + save_dl = dl; + a += 4; + r += 4; + } + if (dl > 0) + { +#ifdef BN_COUNT + fprintf(stderr, " bn_sub_part_words %d + %d (dl > 0, c == 0)\n", cl, dl); +#endif + if (save_dl > dl) + { + switch (save_dl - dl) + { + case 1: + r[1] = a[1]; + if (--dl <= 0) break; + case 2: + r[2] = a[2]; + if (--dl <= 0) break; + case 3: + r[3] = a[3]; + if (--dl <= 0) break; + } + a += 4; + r += 4; + } + } + if (dl > 0) + { +#ifdef BN_COUNT + fprintf(stderr, " bn_sub_part_words %d + %d (dl > 0, copy)\n", cl, dl); +#endif + for(;;) + { + r[0] = a[0]; + if (--dl <= 0) break; + r[1] = a[1]; + if (--dl <= 0) break; + r[2] = a[2]; + if (--dl <= 0) break; + r[3] = a[3]; + if (--dl <= 0) break; + + a += 4; + r += 4; + } + } + } + return c; + } +#endif + +BN_ULONG bn_add_part_words(BN_ULONG *r, + const BN_ULONG *a, const BN_ULONG *b, + int cl, int dl) + { + BN_ULONG c, l, t; + + assert(cl >= 0); + c = bn_add_words(r, a, b, cl); + + if (dl == 0) + return c; + + r += cl; + a += cl; + b += cl; + + if (dl < 0) + { + int save_dl = dl; +#ifdef BN_COUNT + fprintf(stderr, " bn_add_part_words %d + %d (dl < 0, c = %d)\n", cl, dl, c); +#endif + while (c) + { + l=(c+b[0])&BN_MASK2; + c=(l < c); + r[0]=l; + if (++dl >= 0) break; + + l=(c+b[1])&BN_MASK2; + c=(l < c); + r[1]=l; + if (++dl >= 0) break; + + l=(c+b[2])&BN_MASK2; + c=(l < c); + r[2]=l; + if (++dl >= 0) break; + + l=(c+b[3])&BN_MASK2; + c=(l < c); + r[3]=l; + if (++dl >= 0) break; + + save_dl = dl; + b+=4; + r+=4; + } + if (dl < 0) + { +#ifdef BN_COUNT + fprintf(stderr, " bn_add_part_words %d + %d (dl < 0, c == 0)\n", cl, dl); +#endif + if (save_dl < dl) + { + switch (dl - save_dl) + { + case 1: + r[1] = b[1]; + if (++dl >= 0) break; + case 2: + r[2] = b[2]; + if (++dl >= 0) break; + case 3: + r[3] = b[3]; + if (++dl >= 0) break; + } + b += 4; + r += 4; + } + } + if (dl < 0) + { +#ifdef BN_COUNT + fprintf(stderr, " bn_add_part_words %d + %d (dl < 0, copy)\n", cl, dl); +#endif + for(;;) + { + r[0] = b[0]; + if (++dl >= 0) break; + r[1] = b[1]; + if (++dl >= 0) break; + r[2] = b[2]; + if (++dl >= 0) break; + r[3] = b[3]; + if (++dl >= 0) break; + + b += 4; + r += 4; + } + } + } + else + { + int save_dl = dl; +#ifdef BN_COUNT + fprintf(stderr, " bn_add_part_words %d + %d (dl > 0)\n", cl, dl); +#endif + while (c) + { + t=(a[0]+c)&BN_MASK2; + c=(t < c); + r[0]=t; + if (--dl <= 0) break; + + t=(a[1]+c)&BN_MASK2; + c=(t < c); + r[1]=t; + if (--dl <= 0) break; + + t=(a[2]+c)&BN_MASK2; + c=(t < c); + r[2]=t; + if (--dl <= 0) break; + + t=(a[3]+c)&BN_MASK2; + c=(t < c); + r[3]=t; + if (--dl <= 0) break; + + save_dl = dl; + a+=4; + r+=4; + } +#ifdef BN_COUNT + fprintf(stderr, " bn_add_part_words %d + %d (dl > 0, c == 0)\n", cl, dl); +#endif + if (dl > 0) + { + if (save_dl > dl) + { + switch (save_dl - dl) + { + case 1: + r[1] = a[1]; + if (--dl <= 0) break; + case 2: + r[2] = a[2]; + if (--dl <= 0) break; + case 3: + r[3] = a[3]; + if (--dl <= 0) break; + } + a += 4; + r += 4; + } + } + if (dl > 0) + { +#ifdef BN_COUNT + fprintf(stderr, " bn_add_part_words %d + %d (dl > 0, copy)\n", cl, dl); +#endif + for(;;) + { + r[0] = a[0]; + if (--dl <= 0) break; + r[1] = a[1]; + if (--dl <= 0) break; + r[2] = a[2]; + if (--dl <= 0) break; + r[3] = a[3]; + if (--dl <= 0) break; + + a += 4; + r += 4; + } + } + } + return c; + } + #ifdef BN_RECURSION /* Karatsuba recursive multiplication algorithm * (cf. Knuth, The Art of Computer Programming, Vol. 2) */ @@ -74,15 +389,17 @@ * a[0]*b[0]+a[1]*b[1]+(a[0]-a[1])*(b[1]-b[0]) * a[1]*b[1] */ +/* dnX may not be positive, but n2/2+dnX has to be */ void bn_mul_recursive(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n2, - BN_ULONG *t) + int dna, int dnb, BN_ULONG *t) { int n=n2/2,c1,c2; + int tna=n+dna, tnb=n+dnb; unsigned int neg,zero; BN_ULONG ln,lo,*p; # ifdef BN_COUNT - printf(" bn_mul_recursive %d * %d\n",n2,n2); + fprintf(stderr," bn_mul_recursive %d%+d * %d%+d\n",n2,dna,n2,dnb); # endif # ifdef BN_MUL_COMBA # if 0 @@ -92,34 +409,40 @@ void bn_mul_recursive(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n2, return; } # endif - if (n2 == 8) + /* Only call bn_mul_comba 8 if n2 == 8 and the + * two arrays are complete [steve] + */ + if (n2 == 8 && dna == 0 && dnb == 0) { bn_mul_comba8(r,a,b); return; } # endif /* BN_MUL_COMBA */ + /* Else do normal multiply */ if (n2 < BN_MUL_RECURSIVE_SIZE_NORMAL) { - /* This should not happen */ - bn_mul_normal(r,a,n2,b,n2); + bn_mul_normal(r,a,n2+dna,b,n2+dnb); + if ((dna + dnb) < 0) + memset(&r[2*n2 + dna + dnb], 0, + sizeof(BN_ULONG) * -(dna + dnb)); return; } /* r=(a[0]-a[1])*(b[1]-b[0]) */ - c1=bn_cmp_words(a,&(a[n]),n); - c2=bn_cmp_words(&(b[n]),b,n); + c1=bn_cmp_part_words(a,&(a[n]),tna,n-tna); + c2=bn_cmp_part_words(&(b[n]),b,tnb,tnb-n); zero=neg=0; switch (c1*3+c2) { case -4: - bn_sub_words(t, &(a[n]),a, n); /* - */ - bn_sub_words(&(t[n]),b, &(b[n]),n); /* - */ + bn_sub_part_words(t, &(a[n]),a, tna,tna-n); /* - */ + bn_sub_part_words(&(t[n]),b, &(b[n]),tnb,n-tnb); /* - */ break; case -3: zero=1; break; case -2: - bn_sub_words(t, &(a[n]),a, n); /* - */ - bn_sub_words(&(t[n]),&(b[n]),b, n); /* + */ + bn_sub_part_words(t, &(a[n]),a, tna,tna-n); /* - */ + bn_sub_part_words(&(t[n]),&(b[n]),b, tnb,tnb-n); /* + */ neg=1; break; case -1: @@ -128,21 +451,22 @@ void bn_mul_recursive(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n2, zero=1; break; case 2: - bn_sub_words(t, a, &(a[n]),n); /* + */ - bn_sub_words(&(t[n]),b, &(b[n]),n); /* - */ + bn_sub_part_words(t, a, &(a[n]),tna,n-tna); /* + */ + bn_sub_part_words(&(t[n]),b, &(b[n]),tnb,n-tnb); /* - */ neg=1; break; case 3: zero=1; break; case 4: - bn_sub_words(t, a, &(a[n]),n); - bn_sub_words(&(t[n]),&(b[n]),b, n); + bn_sub_part_words(t, a, &(a[n]),tna,n-tna); + bn_sub_part_words(&(t[n]),&(b[n]),b, tnb,tnb-n); break; } # ifdef BN_MUL_COMBA - if (n == 4) + if (n == 4 && dna == 0 && dnb == 0) /* XXX: bn_mul_comba4 could take + extra args to do this well */ { if (!zero) bn_mul_comba4(&(t[n2]),t,&(t[n])); @@ -152,7 +476,9 @@ void bn_mul_recursive(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n2, bn_mul_comba4(r,a,b); bn_mul_comba4(&(r[n2]),&(a[n]),&(b[n])); } - else if (n == 8) + else if (n == 8 && dna == 0 && dnb == 0) /* XXX: bn_mul_comba8 could + take extra args to do this + well */ { if (!zero) bn_mul_comba8(&(t[n2]),t,&(t[n])); @@ -167,11 +493,11 @@ void bn_mul_recursive(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n2, { p= &(t[n2*2]); if (!zero) - bn_mul_recursive(&(t[n2]),t,&(t[n]),n,p); + bn_mul_recursive(&(t[n2]),t,&(t[n]),n,0,0,p); else memset(&(t[n2]),0,n2*sizeof(BN_ULONG)); - bn_mul_recursive(r,a,b,n,p); - bn_mul_recursive(&(r[n2]),&(a[n]),&(b[n]),n,p); + bn_mul_recursive(r,a,b,n,0,0,p); + bn_mul_recursive(&(r[n2]),&(a[n]),&(b[n]),n,dna,dnb,p); } /* t[32] holds (a[0]-a[1])*(b[1]-b[0]), c1 is the sign @@ -220,39 +546,40 @@ void bn_mul_recursive(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n2, /* n+tn is the word length * t needs to be n*4 is size, as does r */ -void bn_mul_part_recursive(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int tn, - int n, BN_ULONG *t) +/* tnX may not be negative but less than n */ +void bn_mul_part_recursive(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n, + int tna, int tnb, BN_ULONG *t) { int i,j,n2=n*2; int c1,c2,neg,zero; BN_ULONG ln,lo,*p; # ifdef BN_COUNT - printf(" bn_mul_part_recursive %d * %d\n",tn+n,tn+n); + fprintf(stderr," bn_mul_part_recursive (%d%+d) * (%d%+d)\n", + n, tna, n, tnb); # endif if (n < 8) { - i=tn+n; - bn_mul_normal(r,a,i,b,i); + bn_mul_normal(r,a,n+tna,b,n+tnb); return; } /* r=(a[0]-a[1])*(b[1]-b[0]) */ - c1=bn_cmp_words(a,&(a[n]),n); - c2=bn_cmp_words(&(b[n]),b,n); + c1=bn_cmp_part_words(a,&(a[n]),tna,n-tna); + c2=bn_cmp_part_words(&(b[n]),b,tnb,tnb-n); zero=neg=0; switch (c1*3+c2) { case -4: - bn_sub_words(t, &(a[n]),a, n); /* - */ - bn_sub_words(&(t[n]),b, &(b[n]),n); /* - */ + bn_sub_part_words(t, &(a[n]),a, tna,tna-n); /* - */ + bn_sub_part_words(&(t[n]),b, &(b[n]),tnb,n-tnb); /* - */ break; case -3: zero=1; /* break; */ case -2: - bn_sub_words(t, &(a[n]),a, n); /* - */ - bn_sub_words(&(t[n]),&(b[n]),b, n); /* + */ + bn_sub_part_words(t, &(a[n]),a, tna,tna-n); /* - */ + bn_sub_part_words(&(t[n]),&(b[n]),b, tnb,tnb-n); /* + */ neg=1; break; case -1: @@ -261,16 +588,16 @@ void bn_mul_part_recursive(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int tn, zero=1; /* break; */ case 2: - bn_sub_words(t, a, &(a[n]),n); /* + */ - bn_sub_words(&(t[n]),b, &(b[n]),n); /* - */ + bn_sub_part_words(t, a, &(a[n]),tna,n-tna); /* + */ + bn_sub_part_words(&(t[n]),b, &(b[n]),tnb,n-tnb); /* - */ neg=1; break; case 3: zero=1; /* break; */ case 4: - bn_sub_words(t, a, &(a[n]),n); - bn_sub_words(&(t[n]),&(b[n]),b, n); + bn_sub_part_words(t, a, &(a[n]),tna,n-tna); + bn_sub_part_words(&(t[n]),&(b[n]),b, tnb,tnb-n); break; } /* The zero case isn't yet implemented here. The speedup @@ -289,54 +616,62 @@ void bn_mul_part_recursive(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int tn, { bn_mul_comba8(&(t[n2]),t,&(t[n])); bn_mul_comba8(r,a,b); - bn_mul_normal(&(r[n2]),&(a[n]),tn,&(b[n]),tn); - memset(&(r[n2+tn*2]),0,sizeof(BN_ULONG)*(n2-tn*2)); + bn_mul_normal(&(r[n2]),&(a[n]),tna,&(b[n]),tnb); + memset(&(r[n2+tna+tnb]),0,sizeof(BN_ULONG)*(n2-tna-tnb)); } else { p= &(t[n2*2]); - bn_mul_recursive(&(t[n2]),t,&(t[n]),n,p); - bn_mul_recursive(r,a,b,n,p); + bn_mul_recursive(&(t[n2]),t,&(t[n]),n,0,0,p); + bn_mul_recursive(r,a,b,n,0,0,p); i=n/2; /* If there is only a bottom half to the number, * just do it */ - j=tn-i; + if (tna > tnb) + j = tna - i; + else + j = tnb - i; if (j == 0) { - bn_mul_recursive(&(r[n2]),&(a[n]),&(b[n]),i,p); + bn_mul_recursive(&(r[n2]),&(a[n]),&(b[n]), + i,tna-i,tnb-i,p); memset(&(r[n2+i*2]),0,sizeof(BN_ULONG)*(n2-i*2)); } else if (j > 0) /* eg, n == 16, i == 8 and tn == 11 */ { bn_mul_part_recursive(&(r[n2]),&(a[n]),&(b[n]), - j,i,p); - memset(&(r[n2+tn*2]),0, - sizeof(BN_ULONG)*(n2-tn*2)); + i,tna-i,tnb-i,p); + memset(&(r[n2+tna+tnb]),0, + sizeof(BN_ULONG)*(n2-tna-tnb)); } else /* (j < 0) eg, n == 16, i == 8 and tn == 5 */ { memset(&(r[n2]),0,sizeof(BN_ULONG)*n2); - if (tn < BN_MUL_RECURSIVE_SIZE_NORMAL) + if (tna < BN_MUL_RECURSIVE_SIZE_NORMAL + && tnb < BN_MUL_RECURSIVE_SIZE_NORMAL) { - bn_mul_normal(&(r[n2]),&(a[n]),tn,&(b[n]),tn); + bn_mul_normal(&(r[n2]),&(a[n]),tna,&(b[n]),tnb); } else { for (;;) { i/=2; - if (i < tn) + /* these simplified conditions work + * exclusively because difference + * between tna and tnb is 1 or 0 */ + if (i < tna || i < tnb) { bn_mul_part_recursive(&(r[n2]), &(a[n]),&(b[n]), - tn-i,i,p); + i,tna-i,tnb-i,p); break; } - else if (i == tn) + else if (i == tna || i == tnb) { bn_mul_recursive(&(r[n2]), &(a[n]),&(b[n]), - i,p); + i,tna-i,tnb-i,p); break; } } @@ -397,10 +732,10 @@ void bn_mul_low_recursive(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n2, int n=n2/2; # ifdef BN_COUNT - printf(" bn_mul_low_recursive %d * %d\n",n2,n2); + fprintf(stderr," bn_mul_low_recursive %d * %d\n",n2,n2); # endif - bn_mul_recursive(r,a,b,n,&(t[0])); + bn_mul_recursive(r,a,b,n,0,0,&(t[0])); if (n >= BN_MUL_LOW_RECURSIVE_SIZE_NORMAL) { bn_mul_low_recursive(&(t[0]),&(a[0]),&(b[n]),n,&(t[n2])); @@ -431,7 +766,7 @@ void bn_mul_high(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, BN_ULONG *l, int n2, BN_ULONG ll,lc,*lp,*mp; # ifdef BN_COUNT - printf(" bn_mul_high %d * %d\n",n2,n2); + fprintf(stderr," bn_mul_high %d * %d\n",n2,n2); # endif n=n2/2; @@ -484,8 +819,8 @@ void bn_mul_high(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, BN_ULONG *l, int n2, else # endif { - bn_mul_recursive(&(t[0]),&(r[0]),&(r[n]),n,&(t[n2])); - bn_mul_recursive(r,&(a[n]),&(b[n]),n,&(t[n2])); + bn_mul_recursive(&(t[0]),&(r[0]),&(r[n]),n,0,0,&(t[n2])); + bn_mul_recursive(r,&(a[n]),&(b[n]),n,0,0,&(t[n2])); } /* s0 == low(al*bl) @@ -610,19 +945,19 @@ void bn_mul_high(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, BN_ULONG *l, int n2, int BN_mul(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx) { + int ret=0; int top,al,bl; BIGNUM *rr; - int ret = 0; #if defined(BN_MUL_COMBA) || defined(BN_RECURSION) int i; #endif #ifdef BN_RECURSION - BIGNUM *t; - int j,k; + BIGNUM *t=NULL; + int j=0,k; #endif #ifdef BN_COUNT - printf("BN_mul %d * %d\n",a->top,b->top); + fprintf(stderr,"BN_mul %d * %d\n",a->top,b->top); #endif bn_check_top(a); @@ -634,7 +969,7 @@ int BN_mul(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx) if ((al == 0) || (bl == 0)) { - if (!BN_zero(r)) goto err; + BN_zero(r); return(1); } top=al+bl; @@ -675,21 +1010,55 @@ int BN_mul(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx) #ifdef BN_RECURSION if ((al >= BN_MULL_SIZE_NORMAL) && (bl >= BN_MULL_SIZE_NORMAL)) { - if (i == 1 && !BN_get_flags(b,BN_FLG_STATIC_DATA) && bldmax) + if (i >= -1 && i <= 1) { -#if 0 /* tribute to const-ification, bldmax above covers for this */ - if (bn_wexpand(b,al) == NULL) goto err; -#endif - b->d[bl]=0; + int sav_j =0; + /* Find out the power of two lower or equal + to the longest of the two numbers */ + if (i >= 0) + { + j = BN_num_bits_word((BN_ULONG)al); + } + if (i == -1) + { + j = BN_num_bits_word((BN_ULONG)bl); + } + sav_j = j; + j = 1<<(j-1); + assert(j <= al || j <= bl); + k = j+j; + t = BN_CTX_get(ctx); + if (al > j || bl > j) + { + bn_wexpand(t,k*4); + bn_wexpand(rr,k*4); + bn_mul_part_recursive(rr->d,a->d,b->d, + j,al-j,bl-j,t->d); + } + else /* al <= j || bl <= j */ + { + bn_wexpand(t,k*2); + bn_wexpand(rr,k*2); + bn_mul_recursive(rr->d,a->d,b->d, + j,al-j,bl-j,t->d); + } + rr->top=top; + goto end; + } +#if 0 + if (i == 1 && !BN_get_flags(b,BN_FLG_STATIC_DATA)) + { + BIGNUM *tmp_bn = (BIGNUM *)b; + if (bn_wexpand(tmp_bn,al) == NULL) goto err; + tmp_bn->d[bl]=0; bl++; i--; } - else if (i == -1 && !BN_get_flags(a,BN_FLG_STATIC_DATA) && aldmax) + else if (i == -1 && !BN_get_flags(a,BN_FLG_STATIC_DATA)) { -#if 0 /* tribute to const-ification, aldmax above covers for this */ - if (bn_wexpand(a,bl) == NULL) goto err; -#endif - a->d[al]=0; + BIGNUM *tmp_bn = (BIGNUM *)a; + if (bn_wexpand(tmp_bn,bl) == NULL) goto err; + tmp_bn->d[al]=0; al++; i++; } @@ -706,26 +1075,17 @@ int BN_mul(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx) if (bn_wexpand(t,k*2) == NULL) goto err; if (bn_wexpand(rr,k*2) == NULL) goto err; bn_mul_recursive(rr->d,a->d,b->d,al,t->d); - rr->top=top; - goto end; } -#if 0 /* tribute to const-ification, rsa/dsa performance is not affected */ else { - if (bn_wexpand(a,k) == NULL ) goto err; - if (bn_wexpand(b,k) == NULL ) goto err; - if (bn_wexpand(t,k*4) == NULL ) goto err; - if (bn_wexpand(rr,k*4) == NULL ) goto err; - for (i=a->top; id[i]=0; - for (i=b->top; id[i]=0; + if (bn_wexpand(t,k*4) == NULL) goto err; + if (bn_wexpand(rr,k*4) == NULL) goto err; bn_mul_part_recursive(rr->d,a->d,b->d,al-j,j,t->d); } rr->top=top; goto end; -#endif } +#endif } #endif /* BN_RECURSION */ if (bn_wexpand(rr,top) == NULL) goto err; @@ -735,10 +1095,11 @@ int BN_mul(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx) #if defined(BN_MUL_COMBA) || defined(BN_RECURSION) end: #endif - bn_fix_top(rr); + bn_correct_top(rr); if (r != rr) BN_copy(r,rr); ret=1; err: + bn_check_top(r); BN_CTX_end(ctx); return(ret); } @@ -748,7 +1109,7 @@ void bn_mul_normal(BN_ULONG *r, BN_ULONG *a, int na, BN_ULONG *b, int nb) BN_ULONG *rr; #ifdef BN_COUNT - printf(" bn_mul_normal %d * %d\n",na,nb); + fprintf(stderr," bn_mul_normal %d * %d\n",na,nb); #endif if (na < nb) @@ -761,7 +1122,13 @@ void bn_mul_normal(BN_ULONG *r, BN_ULONG *a, int na, BN_ULONG *b, int nb) } rr= &(r[na]); - rr[0]=bn_mul_words(r,a,na,b[0]); + if (nb <= 0) + { + (void)bn_mul_words(r,a,na,0); + return; + } + else + rr[0]=bn_mul_words(r,a,na,b[0]); for (;;) { @@ -782,7 +1149,7 @@ void bn_mul_normal(BN_ULONG *r, BN_ULONG *a, int na, BN_ULONG *b, int nb) void bn_mul_low_normal(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n) { #ifdef BN_COUNT - printf(" bn_mul_low_normal %d * %d\n",n,n); + fprintf(stderr," bn_mul_low_normal %d * %d\n",n,n); #endif bn_mul_words(r,a,n,b[0]); diff --git a/src/lib/libssl/src/crypto/bn/bn_prime.c b/src/lib/libssl/src/crypto/bn/bn_prime.c index e072d9255c..7b25979dd1 100644 --- a/src/lib/libssl/src/crypto/bn/bn_prime.c +++ b/src/lib/libssl/src/crypto/bn/bn_prime.c @@ -115,6 +115,11 @@ #include "bn_lcl.h" #include +/* NB: these functions have been "upgraded", the deprecated versions (which are + * compatibility wrappers using these functions) are in bn_depr.c. + * - Geoff + */ + /* The quick sieve algorithm approach to weeding out primes is * Philip Zimmermann's, as implemented in PGP. I have had a read of * his comments and implemented my own version. @@ -129,51 +134,69 @@ static int probable_prime_dh(BIGNUM *rnd, int bits, static int probable_prime_dh_safe(BIGNUM *rnd, int bits, const BIGNUM *add, const BIGNUM *rem, BN_CTX *ctx); -BIGNUM *BN_generate_prime(BIGNUM *ret, int bits, int safe, - const BIGNUM *add, const BIGNUM *rem, - void (*callback)(int,int,void *), void *cb_arg) +int BN_GENCB_call(BN_GENCB *cb, int a, int b) + { + /* No callback means continue */ + if(!cb) return 1; + switch(cb->ver) + { + case 1: + /* Deprecated-style callbacks */ + if(!cb->cb.cb_1) + return 1; + cb->cb.cb_1(a, b, cb->arg); + return 1; + case 2: + /* New-style callbacks */ + return cb->cb.cb_2(a, b, cb); + default: + break; + } + /* Unrecognised callback type */ + return 0; + } + +int BN_generate_prime_ex(BIGNUM *ret, int bits, int safe, + const BIGNUM *add, const BIGNUM *rem, BN_GENCB *cb) { - BIGNUM *rnd=NULL; - BIGNUM t; + BIGNUM *t; int found=0; int i,j,c1=0; BN_CTX *ctx; int checks = BN_prime_checks_for_size(bits); - BN_init(&t); ctx=BN_CTX_new(); if (ctx == NULL) goto err; - if (ret == NULL) - { - if ((rnd=BN_new()) == NULL) goto err; - } - else - rnd=ret; + BN_CTX_start(ctx); + t = BN_CTX_get(ctx); + if(!t) goto err; loop: /* make a random number and set the top and bottom bits */ if (add == NULL) { - if (!probable_prime(rnd,bits)) goto err; + if (!probable_prime(ret,bits)) goto err; } else { if (safe) { - if (!probable_prime_dh_safe(rnd,bits,add,rem,ctx)) + if (!probable_prime_dh_safe(ret,bits,add,rem,ctx)) goto err; } else { - if (!probable_prime_dh(rnd,bits,add,rem,ctx)) + if (!probable_prime_dh(ret,bits,add,rem,ctx)) goto err; } } - /* if (BN_mod_word(rnd,(BN_ULONG)3) == 1) goto loop; */ - if (callback != NULL) callback(0,c1++,cb_arg); + /* if (BN_mod_word(ret,(BN_ULONG)3) == 1) goto loop; */ + if(!BN_GENCB_call(cb, 0, c1++)) + /* aborted */ + goto err; if (!safe) { - i=BN_is_prime_fasttest(rnd,checks,callback,ctx,cb_arg,0); + i=BN_is_prime_fasttest_ex(ret,checks,ctx,0,cb); if (i == -1) goto err; if (i == 0) goto loop; } @@ -183,41 +206,42 @@ loop: * check that (p-1)/2 is prime. * Since a prime is odd, We just * need to divide by 2 */ - if (!BN_rshift1(&t,rnd)) goto err; + if (!BN_rshift1(t,ret)) goto err; for (i=0; i a is prime if and only if a == 2 */ + return BN_is_word(a, 2); if (do_trial_division) { for (i = 1; i < NUMPRIMES; i++) if (BN_mod_word(a, primes[i]) == 0) return 0; - if (callback != NULL) callback(1, -1, cb_arg); + if(!BN_GENCB_call(cb, 1, -1)) + goto err; } if (ctx_passed != NULL) @@ -306,7 +332,8 @@ int BN_is_prime_fasttest(const BIGNUM *a, int checks, ret=0; goto err; } - if (callback != NULL) callback(1,i,cb_arg); + if(!BN_GENCB_call(cb, 1, i)) + goto err; } ret=1; err: @@ -343,20 +370,22 @@ static int witness(BIGNUM *w, const BIGNUM *a, const BIGNUM *a1, } /* If we get here, 'w' is the (a-1)/2-th power of the original 'w', * and it is neither -1 nor +1 -- so 'a' cannot be prime */ + bn_check_top(w); return 1; } static int probable_prime(BIGNUM *rnd, int bits) { int i; - BN_ULONG mods[NUMPRIMES]; - BN_ULONG delta,d; + prime_t mods[NUMPRIMES]; + BN_ULONG delta,maxdelta; again: if (!BN_rand(rnd,bits,1,1)) return(0); /* we now have a random number 'rand' to test. */ for (i=1; i maxdelta) goto again; goto loop; } } if (!BN_add_word(rnd,delta)) return(0); + bn_check_top(rnd); return(1); } @@ -411,6 +437,7 @@ static int probable_prime_dh(BIGNUM *rnd, int bits, ret=1; err: BN_CTX_end(ctx); + bn_check_top(rnd); return(ret); } @@ -462,5 +489,6 @@ static int probable_prime_dh_safe(BIGNUM *p, int bits, const BIGNUM *padd, ret=1; err: BN_CTX_end(ctx); + bn_check_top(p); return(ret); } diff --git a/src/lib/libssl/src/crypto/bn/bn_prime.h b/src/lib/libssl/src/crypto/bn/bn_prime.h index b7cf9a9bfe..51d2194feb 100644 --- a/src/lib/libssl/src/crypto/bn/bn_prime.h +++ b/src/lib/libssl/src/crypto/bn/bn_prime.h @@ -58,10 +58,12 @@ #ifndef EIGHT_BIT #define NUMPRIMES 2048 +typedef unsigned short prime_t; #else #define NUMPRIMES 54 +typedef unsigned char prime_t; #endif -static const unsigned int primes[NUMPRIMES]= +static const prime_t primes[NUMPRIMES]= { 2, 3, 5, 7, 11, 13, 17, 19, 23, 29, 31, 37, 41, 43, 47, 53, diff --git a/src/lib/libssl/src/crypto/bn/bn_prime.pl b/src/lib/libssl/src/crypto/bn/bn_prime.pl index 9fc3765486..3fafb6f3e9 100644 --- a/src/lib/libssl/src/crypto/bn/bn_prime.pl +++ b/src/lib/libssl/src/crypto/bn/bn_prime.pl @@ -11,7 +11,7 @@ loop: while ($#primes < $num-1) $p+=2; $s=int(sqrt($p)); - for ($i=0; $primes[$i]<=$s; $i++) + for ($i=0; defined($primes[$i]) && $primes[$i]<=$s; $i++) { next loop if (($p%$primes[$i]) == 0); } @@ -101,10 +101,12 @@ for ($i=0; $i <= $#primes; $i++) printf "#ifndef EIGHT_BIT\n"; printf "#define NUMPRIMES %d\n",$num; +printf "typedef unsigned short prime_t;\n"; printf "#else\n"; printf "#define NUMPRIMES %d\n",$eight; +printf "typedef unsigned char prime_t;\n"; printf "#endif\n"; -print "static const unsigned int primes[NUMPRIMES]=\n\t{\n\t"; +print "static const prime_t primes[NUMPRIMES]=\n\t{\n\t"; $init=0; for ($i=0; $i <= $#primes; $i++) { diff --git a/src/lib/libssl/src/crypto/bn/bn_print.c b/src/lib/libssl/src/crypto/bn/bn_print.c index 0d942603b1..810dde34e1 100644 --- a/src/lib/libssl/src/crypto/bn/bn_print.c +++ b/src/lib/libssl/src/crypto/bn/bn_print.c @@ -62,7 +62,7 @@ #include #include "bn_lcl.h" -static const char *Hex="0123456789ABCDEF"; +static const char Hex[]="0123456789ABCDEF"; /* Must 'OPENSSL_free' the returned data */ char *BN_bn2hex(const BIGNUM *a) @@ -79,7 +79,7 @@ char *BN_bn2hex(const BIGNUM *a) } p=buf; if (a->neg) *(p++)='-'; - if (a->top == 0) *(p++)='0'; + if (BN_is_zero(a)) *(p++)='0'; for (i=a->top-1; i >=0; i--) { for (j=BN_BITS2-8; j >= 0; j-=8) @@ -102,14 +102,19 @@ err: /* Must 'OPENSSL_free' the returned data */ char *BN_bn2dec(const BIGNUM *a) { - int i=0,num; + int i=0,num, ok = 0; char *buf=NULL; char *p; BIGNUM *t=NULL; BN_ULONG *bn_data=NULL,*lp; + /* get an upper bound for the length of the decimal integer + * num <= (BN_num_bits(a) + 1) * log(2) + * <= 3 * BN_num_bits(a) * 0.1001 + log(2) + 1 (rounding error) + * <= BN_num_bits(a)/10 + BN_num_bits/1000 + 1 + 1 + */ i=BN_num_bits(a)*3; - num=(i/10+i/1000+3)+1; + num=(i/10+i/1000+1)+1; bn_data=(BN_ULONG *)OPENSSL_malloc((num/BN_DEC_NUM+1)*sizeof(BN_ULONG)); buf=(char *)OPENSSL_malloc(num+3); if ((buf == NULL) || (bn_data == NULL)) @@ -122,14 +127,16 @@ char *BN_bn2dec(const BIGNUM *a) #define BUF_REMAIN (num+3 - (size_t)(p - buf)) p=buf; lp=bn_data; - if (t->neg) *(p++)='-'; - if (t->top == 0) + if (BN_is_zero(t)) { *(p++)='0'; *(p++)='\0'; } else { + if (BN_is_negative(t)) + *p++ = '-'; + i=0; while (!BN_is_zero(t)) { @@ -149,9 +156,16 @@ char *BN_bn2dec(const BIGNUM *a) while (*p) p++; } } + ok = 1; err: if (bn_data != NULL) OPENSSL_free(bn_data); if (t != NULL) BN_free(t); + if (!ok && buf) + { + OPENSSL_free(buf); + buf = NULL; + } + return(buf); } @@ -211,10 +225,11 @@ int BN_hex2bn(BIGNUM **bn, const char *a) j-=(BN_BYTES*2); } ret->top=h; - bn_fix_top(ret); + bn_correct_top(ret); ret->neg=neg; *bn=ret; + bn_check_top(ret); return(num); err: if (*bn == NULL) BN_free(ret); @@ -270,8 +285,9 @@ int BN_dec2bn(BIGNUM **bn, const char *a) } ret->neg=neg; - bn_fix_top(ret); + bn_correct_top(ret); *bn=ret; + bn_check_top(ret); return(num); err: if (*bn == NULL) BN_free(ret); @@ -300,7 +316,7 @@ int BN_print(BIO *bp, const BIGNUM *a) int ret=0; if ((a->neg) && (BIO_write(bp,"-",1) != 1)) goto end; - if ((a->top == 0) && (BIO_write(bp,"0",1) != 1)) goto end; + if (BN_is_zero(a) && (BIO_write(bp,"0",1) != 1)) goto end; for (i=a->top-1; i >=0; i--) { for (j=BN_BITS2-4; j >= 0; j-=4) @@ -320,14 +336,3 @@ end: return(ret); } #endif - -#ifdef BN_DEBUG -void bn_dump1(FILE *o, const char *a, const BN_ULONG *b,int n) - { - int i; - fprintf(o, "%s=", a); - for (i=n-1;i>=0;i--) - fprintf(o, "%08lX", b[i]); /* assumes 32-bit BN_ULONG */ - fprintf(o, "\n"); - } -#endif diff --git a/src/lib/libssl/src/crypto/bn/bn_rand.c b/src/lib/libssl/src/crypto/bn/bn_rand.c index 893c9d2af9..f51830b12b 100644 --- a/src/lib/libssl/src/crypto/bn/bn_rand.c +++ b/src/lib/libssl/src/crypto/bn/bn_rand.c @@ -134,13 +134,13 @@ static int bnrand(int pseudorand, BIGNUM *rnd, int bits, int top, int bottom) buf=(unsigned char *)OPENSSL_malloc(bytes); if (buf == NULL) { - BNerr(BN_F_BN_RAND,ERR_R_MALLOC_FAILURE); + BNerr(BN_F_BNRAND,ERR_R_MALLOC_FAILURE); goto err; } /* make a random number and set the top and bottom bits */ time(&tim); - RAND_add(&tim,sizeof(tim),0); + RAND_add(&tim,sizeof(tim),0.0); if (pseudorand) { @@ -204,6 +204,7 @@ err: OPENSSL_cleanse(buf,bytes); OPENSSL_free(buf); } + bn_check_top(rnd); return(ret); } @@ -230,6 +231,7 @@ static int bn_rand_range(int pseudo, BIGNUM *r, BIGNUM *range) { int (*bn_rand)(BIGNUM *, int, int, int) = pseudo ? BN_pseudo_rand : BN_rand; int n; + int count = 100; if (range->neg || BN_is_zero(range)) { @@ -242,9 +244,7 @@ static int bn_rand_range(int pseudo, BIGNUM *r, BIGNUM *range) /* BN_is_bit_set(range, n - 1) always holds */ if (n == 1) - { - if (!BN_zero(r)) return 0; - } + BN_zero(r); else if (!BN_is_bit_set(range, n - 2) && !BN_is_bit_set(range, n - 3)) { /* range = 100..._2, @@ -263,6 +263,13 @@ static int bn_rand_range(int pseudo, BIGNUM *r, BIGNUM *range) if (BN_cmp(r, range) >= 0) if (!BN_sub(r, r, range)) return 0; } + + if (!--count) + { + BNerr(BN_F_BN_RAND_RANGE, BN_R_TOO_MANY_ITERATIONS); + return 0; + } + } while (BN_cmp(r, range) >= 0); } @@ -272,10 +279,17 @@ static int bn_rand_range(int pseudo, BIGNUM *r, BIGNUM *range) { /* range = 11..._2 or range = 101..._2 */ if (!bn_rand(r, n, -1, 0)) return 0; + + if (!--count) + { + BNerr(BN_F_BN_RAND_RANGE, BN_R_TOO_MANY_ITERATIONS); + return 0; + } } while (BN_cmp(r, range) >= 0); } + bn_check_top(r); return 1; } diff --git a/src/lib/libssl/src/crypto/bn/bn_recp.c b/src/lib/libssl/src/crypto/bn/bn_recp.c index ef5fdd4708..2e8efb8dae 100644 --- a/src/lib/libssl/src/crypto/bn/bn_recp.c +++ b/src/lib/libssl/src/crypto/bn/bn_recp.c @@ -94,7 +94,7 @@ void BN_RECP_CTX_free(BN_RECP_CTX *recp) int BN_RECP_CTX_set(BN_RECP_CTX *recp, const BIGNUM *d, BN_CTX *ctx) { if (!BN_copy(&(recp->N),d)) return 0; - if (!BN_zero(&(recp->Nr))) return 0; + BN_zero(&(recp->Nr)); recp->num_bits=BN_num_bits(d); recp->shift=0; return(1); @@ -123,6 +123,7 @@ int BN_mod_mul_reciprocal(BIGNUM *r, const BIGNUM *x, const BIGNUM *y, ret = BN_div_recp(NULL,r,ca,recp,ctx); err: BN_CTX_end(ctx); + bn_check_top(r); return(ret); } @@ -147,7 +148,7 @@ int BN_div_recp(BIGNUM *dv, BIGNUM *rem, const BIGNUM *m, if (BN_ucmp(m,&(recp->N)) < 0) { - if (!BN_zero(d)) return 0; + BN_zero(d); if (!BN_copy(r,m)) return 0; BN_CTX_end(ctx); return(1); @@ -190,7 +191,7 @@ int BN_div_recp(BIGNUM *dv, BIGNUM *rem, const BIGNUM *m, { if (j++ > 2) { - BNerr(BN_F_BN_MOD_MUL_RECIPROCAL,BN_R_BAD_RECIPROCAL); + BNerr(BN_F_BN_DIV_RECP,BN_R_BAD_RECIPROCAL); goto err; } if (!BN_usub(r,r,&(recp->N))) goto err; @@ -203,6 +204,8 @@ int BN_div_recp(BIGNUM *dv, BIGNUM *rem, const BIGNUM *m, ret=1; err: BN_CTX_end(ctx); + bn_check_top(dv); + bn_check_top(rem); return(ret); } @@ -214,17 +217,18 @@ err: int BN_reciprocal(BIGNUM *r, const BIGNUM *m, int len, BN_CTX *ctx) { int ret= -1; - BIGNUM t; + BIGNUM *t; - BN_init(&t); + BN_CTX_start(ctx); + if((t = BN_CTX_get(ctx)) == NULL) goto err; - if (!BN_zero(&t)) goto err; - if (!BN_set_bit(&t,len)) goto err; + if (!BN_set_bit(t,len)) goto err; - if (!BN_div(r,NULL,&t,m,ctx)) goto err; + if (!BN_div(r,NULL,t,m,ctx)) goto err; ret=len; err: - BN_free(&t); + bn_check_top(r); + BN_CTX_end(ctx); return(ret); } diff --git a/src/lib/libssl/src/crypto/bn/bn_shift.c b/src/lib/libssl/src/crypto/bn/bn_shift.c index 70f785ea18..de9312dce2 100644 --- a/src/lib/libssl/src/crypto/bn/bn_shift.c +++ b/src/lib/libssl/src/crypto/bn/bn_shift.c @@ -65,6 +65,9 @@ int BN_lshift1(BIGNUM *r, const BIGNUM *a) register BN_ULONG *ap,*rp,t,c; int i; + bn_check_top(r); + bn_check_top(a); + if (r != a) { r->neg=a->neg; @@ -89,6 +92,7 @@ int BN_lshift1(BIGNUM *r, const BIGNUM *a) *rp=1; r->top++; } + bn_check_top(r); return(1); } @@ -97,6 +101,9 @@ int BN_rshift1(BIGNUM *r, const BIGNUM *a) BN_ULONG *ap,*rp,t,c; int i; + bn_check_top(r); + bn_check_top(a); + if (BN_is_zero(a)) { BN_zero(r); @@ -117,7 +124,8 @@ int BN_rshift1(BIGNUM *r, const BIGNUM *a) rp[i]=((t>>1)&BN_MASK2)|c; c=(t&1)?BN_TBIT:0; } - bn_fix_top(r); + bn_correct_top(r); + bn_check_top(r); return(1); } @@ -127,6 +135,9 @@ int BN_lshift(BIGNUM *r, const BIGNUM *a, int n) BN_ULONG *t,*f; BN_ULONG l; + bn_check_top(r); + bn_check_top(a); + r->neg=a->neg; nw=n/BN_BITS2; if (bn_wexpand(r,a->top+nw+1) == NULL) return(0); @@ -149,7 +160,8 @@ int BN_lshift(BIGNUM *r, const BIGNUM *a, int n) /* for (i=0; itop=a->top+nw+1; - bn_fix_top(r); + bn_correct_top(r); + bn_check_top(r); return(1); } @@ -159,6 +171,9 @@ int BN_rshift(BIGNUM *r, const BIGNUM *a, int n) BN_ULONG *t,*f; BN_ULONG l,tmp; + bn_check_top(r); + bn_check_top(a); + nw=n/BN_BITS2; rb=n%BN_BITS2; lb=BN_BITS2-rb; @@ -185,13 +200,13 @@ int BN_rshift(BIGNUM *r, const BIGNUM *a, int n) if (rb == 0) { - for (i=j+1; i > 0; i--) + for (i=j; i != 0; i--) *(t++)= *(f++); } else { l= *(f++); - for (i=1; i>rb)&BN_MASK2; l= *(f++); @@ -199,7 +214,7 @@ int BN_rshift(BIGNUM *r, const BIGNUM *a, int n) } *(t++) =(l>>rb)&BN_MASK2; } - *t=0; - bn_fix_top(r); + bn_correct_top(r); + bn_check_top(r); return(1); } diff --git a/src/lib/libssl/src/crypto/bn/bn_sqr.c b/src/lib/libssl/src/crypto/bn/bn_sqr.c index c1d0cca438..270d0cd348 100644 --- a/src/lib/libssl/src/crypto/bn/bn_sqr.c +++ b/src/lib/libssl/src/crypto/bn/bn_sqr.c @@ -77,16 +77,16 @@ int BN_sqr(BIGNUM *r, const BIGNUM *a, BN_CTX *ctx) if (al <= 0) { r->top=0; - return(1); + return 1; } BN_CTX_start(ctx); rr=(a != r) ? r : BN_CTX_get(ctx); tmp=BN_CTX_get(ctx); - if (tmp == NULL) goto err; + if (!rr || !tmp) goto err; - max=(al+al); - if (bn_wexpand(rr,max+1) == NULL) goto err; + max = 2 * al; /* Non-zero (from above) */ + if (bn_wexpand(rr,max) == NULL) goto err; if (al == 4) { @@ -138,12 +138,18 @@ int BN_sqr(BIGNUM *r, const BIGNUM *a, BN_CTX *ctx) #endif } - rr->top=max; rr->neg=0; - if ((max > 0) && (rr->d[max-1] == 0)) rr->top--; + /* If the most-significant half of the top word of 'a' is zero, then + * the square of 'a' will max-1 words. */ + if(a->d[al - 1] == (a->d[al - 1] & BN_MASK2l)) + rr->top = max - 1; + else + rr->top = max; if (rr != r) BN_copy(r,rr); ret = 1; err: + bn_check_top(rr); + bn_check_top(tmp); BN_CTX_end(ctx); return(ret); } diff --git a/src/lib/libssl/src/crypto/bn/bn_sqrt.c b/src/lib/libssl/src/crypto/bn/bn_sqrt.c index e2a1105dc8..6beaf9e5e5 100644 --- a/src/lib/libssl/src/crypto/bn/bn_sqrt.c +++ b/src/lib/libssl/src/crypto/bn/bn_sqrt.c @@ -1,4 +1,4 @@ -/* crypto/bn/bn_mod.c */ +/* crypto/bn/bn_sqrt.c */ /* Written by Lenka Fibikova * and Bodo Moeller for the OpenSSL project. */ /* ==================================================================== @@ -65,14 +65,12 @@ BIGNUM *BN_mod_sqrt(BIGNUM *in, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx) * using the Tonelli/Shanks algorithm (cf. Henri Cohen, "A Course * in Algebraic Computational Number Theory", algorithm 1.5.1). * 'p' must be prime! - * If 'a' is not a square, this is not necessarily detected by - * the algorithms; a bogus result must be expected in this case. */ { BIGNUM *ret = in; int err = 1; int r; - BIGNUM *b, *q, *t, *x, *y; + BIGNUM *A, *b, *q, *t, *x, *y; int e, i, j; if (!BN_is_odd(p) || BN_abs_is_word(p, 1)) @@ -85,9 +83,11 @@ BIGNUM *BN_mod_sqrt(BIGNUM *in, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx) goto end; if (!BN_set_word(ret, BN_is_bit_set(a, 0))) { - BN_free(ret); + if (ret != in) + BN_free(ret); return NULL; } + bn_check_top(ret); return ret; } @@ -103,23 +103,16 @@ BIGNUM *BN_mod_sqrt(BIGNUM *in, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx) goto end; if (!BN_set_word(ret, BN_is_one(a))) { - BN_free(ret); + if (ret != in) + BN_free(ret); return NULL; } + bn_check_top(ret); return ret; } -#if 0 /* if BN_mod_sqrt is used with correct input, this just wastes time */ - r = BN_kronecker(a, p, ctx); - if (r < -1) return NULL; - if (r == -1) - { - BNerr(BN_F_BN_MOD_SQRT, BN_R_NOT_A_SQUARE); - return(NULL); - } -#endif - BN_CTX_start(ctx); + A = BN_CTX_get(ctx); b = BN_CTX_get(ctx); q = BN_CTX_get(ctx); t = BN_CTX_get(ctx); @@ -131,6 +124,9 @@ BIGNUM *BN_mod_sqrt(BIGNUM *in, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx) ret = BN_new(); if (ret == NULL) goto end; + /* A = a mod p */ + if (!BN_nnmod(A, a, p, ctx)) goto end; + /* now write |p| - 1 as 2^e*q where q is odd */ e = 1; while (!BN_is_bit_set(p, e)) @@ -149,9 +145,9 @@ BIGNUM *BN_mod_sqrt(BIGNUM *in, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx) if (!BN_rshift(q, p, 2)) goto end; q->neg = 0; if (!BN_add_word(q, 1)) goto end; - if (!BN_mod_exp(ret, a, q, p, ctx)) goto end; + if (!BN_mod_exp(ret, A, q, p, ctx)) goto end; err = 0; - goto end; + goto vrfy; } if (e == 2) @@ -182,15 +178,8 @@ BIGNUM *BN_mod_sqrt(BIGNUM *in, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx) * November 1992.) */ - /* make sure that a is reduced modulo p */ - if (a->neg || BN_ucmp(a, p) >= 0) - { - if (!BN_nnmod(x, a, p, ctx)) goto end; - a = x; /* use x as temporary variable */ - } - /* t := 2*a */ - if (!BN_mod_lshift1_quick(t, a, p)) goto end; + if (!BN_mod_lshift1_quick(t, A, p)) goto end; /* b := (2*a)^((|p|-5)/8) */ if (!BN_rshift(q, p, 3)) goto end; @@ -205,12 +194,12 @@ BIGNUM *BN_mod_sqrt(BIGNUM *in, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx) if (!BN_sub_word(t, 1)) goto end; /* x = a*b*t */ - if (!BN_mod_mul(x, a, b, p, ctx)) goto end; + if (!BN_mod_mul(x, A, b, p, ctx)) goto end; if (!BN_mod_mul(x, x, t, p, ctx)) goto end; if (!BN_copy(ret, x)) goto end; err = 0; - goto end; + goto vrfy; } /* e > 2, so we really have to use the Tonelli/Shanks algorithm. @@ -297,11 +286,11 @@ BIGNUM *BN_mod_sqrt(BIGNUM *in, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx) /* x := a^((q-1)/2) */ if (BN_is_zero(t)) /* special case: p = 2^e + 1 */ { - if (!BN_nnmod(t, a, p, ctx)) goto end; + if (!BN_nnmod(t, A, p, ctx)) goto end; if (BN_is_zero(t)) { /* special case: a == 0 (mod p) */ - if (!BN_zero(ret)) goto end; + BN_zero(ret); err = 0; goto end; } @@ -310,11 +299,11 @@ BIGNUM *BN_mod_sqrt(BIGNUM *in, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx) } else { - if (!BN_mod_exp(x, a, t, p, ctx)) goto end; + if (!BN_mod_exp(x, A, t, p, ctx)) goto end; if (BN_is_zero(x)) { /* special case: a == 0 (mod p) */ - if (!BN_zero(ret)) goto end; + BN_zero(ret); err = 0; goto end; } @@ -322,10 +311,10 @@ BIGNUM *BN_mod_sqrt(BIGNUM *in, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx) /* b := a*x^2 (= a^q) */ if (!BN_mod_sqr(b, x, p, ctx)) goto end; - if (!BN_mod_mul(b, b, a, p, ctx)) goto end; + if (!BN_mod_mul(b, b, A, p, ctx)) goto end; /* x := a*x (= a^((q+1)/2)) */ - if (!BN_mod_mul(x, x, a, p, ctx)) goto end; + if (!BN_mod_mul(x, x, A, p, ctx)) goto end; while (1) { @@ -342,7 +331,7 @@ BIGNUM *BN_mod_sqrt(BIGNUM *in, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx) { if (!BN_copy(ret, x)) goto end; err = 0; - goto end; + goto vrfy; } @@ -373,6 +362,22 @@ BIGNUM *BN_mod_sqrt(BIGNUM *in, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx) e = i; } + vrfy: + if (!err) + { + /* verify the result -- the input might have been not a square + * (test added in 0.9.8) */ + + if (!BN_mod_sqr(x, ret, p, ctx)) + err = 1; + + if (!err && 0 != BN_cmp(x, A)) + { + BNerr(BN_F_BN_MOD_SQRT, BN_R_NOT_A_SQUARE); + err = 1; + } + } + end: if (err) { @@ -383,5 +388,6 @@ BIGNUM *BN_mod_sqrt(BIGNUM *in, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx) ret = NULL; } BN_CTX_end(ctx); + bn_check_top(ret); return ret; } diff --git a/src/lib/libssl/src/crypto/bn/bn_word.c b/src/lib/libssl/src/crypto/bn/bn_word.c index 988e0ca7b3..ee7b87c45c 100644 --- a/src/lib/libssl/src/crypto/bn/bn_word.c +++ b/src/lib/libssl/src/crypto/bn/bn_word.c @@ -69,6 +69,10 @@ BN_ULONG BN_mod_word(const BIGNUM *a, BN_ULONG w) #endif int i; + if (w == 0) + return (BN_ULONG)-1; + + bn_check_top(a); w&=BN_MASK2; for (i=a->top-1; i>=0; i--) { @@ -85,12 +89,24 @@ BN_ULONG BN_mod_word(const BIGNUM *a, BN_ULONG w) BN_ULONG BN_div_word(BIGNUM *a, BN_ULONG w) { - BN_ULONG ret; - int i; + BN_ULONG ret = 0; + int i, j; + + bn_check_top(a); + w &= BN_MASK2; + + if (!w) + /* actually this an error (division by zero) */ + return (BN_ULONG)-1; + if (a->top == 0) + return 0; + + /* normalize input (so bn_div_words doesn't complain) */ + j = BN_BITS2 - BN_num_bits_word(w); + w <<= j; + if (!BN_lshift(a, a, j)) + return (BN_ULONG)-1; - if (a->top == 0) return(0); - ret=0; - w&=BN_MASK2; for (i=a->top-1; i>=0; i--) { BN_ULONG l,d; @@ -102,6 +118,8 @@ BN_ULONG BN_div_word(BIGNUM *a, BN_ULONG w) } if ((a->top > 0) && (a->d[a->top-1] == 0)) a->top--; + ret >>= j; + bn_check_top(a); return(ret); } @@ -110,6 +128,14 @@ int BN_add_word(BIGNUM *a, BN_ULONG w) BN_ULONG l; int i; + bn_check_top(a); + w &= BN_MASK2; + + /* degenerate case: w is zero */ + if (!w) return 1; + /* degenerate case: a is zero */ + if(BN_is_zero(a)) return BN_set_word(a, w); + /* handle 'a' when negative */ if (a->neg) { a->neg=0; @@ -118,15 +144,17 @@ int BN_add_word(BIGNUM *a, BN_ULONG w) a->neg=!(a->neg); return(i); } - w&=BN_MASK2; - if (bn_wexpand(a,a->top+1) == NULL) return(0); + /* Only expand (and risk failing) if it's possibly necessary */ + if (((BN_ULONG)(a->d[a->top - 1] + 1) == 0) && + (bn_wexpand(a,a->top+1) == NULL)) + return(0); i=0; for (;;) { if (i >= a->top) l=w; else - l=(a->d[i]+(BN_ULONG)w)&BN_MASK2; + l=(a->d[i]+w)&BN_MASK2; a->d[i]=l; if (w > l) w=1; @@ -136,6 +164,7 @@ int BN_add_word(BIGNUM *a, BN_ULONG w) } if (i >= a->top) a->top++; + bn_check_top(a); return(1); } @@ -143,7 +172,21 @@ int BN_sub_word(BIGNUM *a, BN_ULONG w) { int i; - if (BN_is_zero(a) || a->neg) + bn_check_top(a); + w &= BN_MASK2; + + /* degenerate case: w is zero */ + if (!w) return 1; + /* degenerate case: a is zero */ + if(BN_is_zero(a)) + { + i = BN_set_word(a,w); + if (i != 0) + BN_set_negative(a, 1); + return i; + } + /* handle 'a' when negative */ + if (a->neg) { a->neg=0; i=BN_add_word(a,w); @@ -151,7 +194,6 @@ int BN_sub_word(BIGNUM *a, BN_ULONG w) return(i); } - w&=BN_MASK2; if ((a->top == 1) && (a->d[0] < w)) { a->d[0]=w-a->d[0]; @@ -175,6 +217,7 @@ int BN_sub_word(BIGNUM *a, BN_ULONG w) } if ((a->d[i] == 0) && (i == (a->top-1))) a->top--; + bn_check_top(a); return(1); } @@ -182,6 +225,7 @@ int BN_mul_word(BIGNUM *a, BN_ULONG w) { BN_ULONG ll; + bn_check_top(a); w&=BN_MASK2; if (a->top) { @@ -197,6 +241,7 @@ int BN_mul_word(BIGNUM *a, BN_ULONG w) } } } + bn_check_top(a); return(1); } diff --git a/src/lib/libssl/src/crypto/bn/bntest.c b/src/lib/libssl/src/crypto/bn/bntest.c index 685007d330..310763eca0 100644 --- a/src/lib/libssl/src/crypto/bn/bntest.c +++ b/src/lib/libssl/src/crypto/bn/bntest.c @@ -55,6 +55,25 @@ * copied and put under another distribution licence * [including the GNU Public Licence.] */ +/* ==================================================================== + * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. + * + * Portions of the attached software ("Contribution") are developed by + * SUN MICROSYSTEMS, INC., and are contributed to the OpenSSL project. + * + * The Contribution is licensed pursuant to the Eric Young open source + * license provided above. + * + * The binary polynomial arithmetic software is originally written by + * Sheueling Chang Shantz and Douglas Stebila of Sun Microsystems Laboratories. + * + */ + +/* Until the key-gen callbacks are modified to use newer prototypes, we allow + * deprecated functions for openssl-internal code */ +#ifdef OPENSSL_NO_DEPRECATED +#undef OPENSSL_NO_DEPRECATED +#endif #include #include @@ -79,6 +98,7 @@ int test_lshift(BIO *bp,BN_CTX *ctx,BIGNUM *a_); int test_rshift1(BIO *bp); int test_rshift(BIO *bp,BN_CTX *ctx); int test_div(BIO *bp,BN_CTX *ctx); +int test_div_word(BIO *bp); int test_div_recp(BIO *bp,BN_CTX *ctx); int test_mul(BIO *bp); int test_sqr(BIO *bp,BN_CTX *ctx); @@ -88,6 +108,15 @@ int test_mod_mul(BIO *bp,BN_CTX *ctx); int test_mod_exp(BIO *bp,BN_CTX *ctx); int test_mod_exp_mont_consttime(BIO *bp,BN_CTX *ctx); int test_exp(BIO *bp,BN_CTX *ctx); +int test_gf2m_add(BIO *bp); +int test_gf2m_mod(BIO *bp); +int test_gf2m_mod_mul(BIO *bp,BN_CTX *ctx); +int test_gf2m_mod_sqr(BIO *bp,BN_CTX *ctx); +int test_gf2m_mod_inv(BIO *bp,BN_CTX *ctx); +int test_gf2m_mod_div(BIO *bp,BN_CTX *ctx); +int test_gf2m_mod_exp(BIO *bp,BN_CTX *ctx); +int test_gf2m_mod_sqrt(BIO *bp,BN_CTX *ctx); +int test_gf2m_mod_solve_quad(BIO *bp,BN_CTX *ctx); int test_kron(BIO *bp,BN_CTX *ctx); int test_sqrt(BIO *bp,BN_CTX *ctx); int rand_neg(void); @@ -155,80 +184,120 @@ int main(int argc, char *argv[]) message(out,"BN_add"); if (!test_add(out)) goto err; - BIO_flush(out); + (void)BIO_flush(out); message(out,"BN_sub"); if (!test_sub(out)) goto err; - BIO_flush(out); + (void)BIO_flush(out); message(out,"BN_lshift1"); if (!test_lshift1(out)) goto err; - BIO_flush(out); + (void)BIO_flush(out); message(out,"BN_lshift (fixed)"); if (!test_lshift(out,ctx,BN_bin2bn(lst,sizeof(lst)-1,NULL))) goto err; - BIO_flush(out); + (void)BIO_flush(out); message(out,"BN_lshift"); if (!test_lshift(out,ctx,NULL)) goto err; - BIO_flush(out); + (void)BIO_flush(out); message(out,"BN_rshift1"); if (!test_rshift1(out)) goto err; - BIO_flush(out); + (void)BIO_flush(out); message(out,"BN_rshift"); if (!test_rshift(out,ctx)) goto err; - BIO_flush(out); + (void)BIO_flush(out); message(out,"BN_sqr"); if (!test_sqr(out,ctx)) goto err; - BIO_flush(out); + (void)BIO_flush(out); message(out,"BN_mul"); if (!test_mul(out)) goto err; - BIO_flush(out); + (void)BIO_flush(out); message(out,"BN_div"); if (!test_div(out,ctx)) goto err; - BIO_flush(out); + (void)BIO_flush(out); + + message(out,"BN_div_word"); + if (!test_div_word(out)) goto err; + (void)BIO_flush(out); message(out,"BN_div_recp"); if (!test_div_recp(out,ctx)) goto err; - BIO_flush(out); + (void)BIO_flush(out); message(out,"BN_mod"); if (!test_mod(out,ctx)) goto err; - BIO_flush(out); + (void)BIO_flush(out); message(out,"BN_mod_mul"); if (!test_mod_mul(out,ctx)) goto err; - BIO_flush(out); + (void)BIO_flush(out); message(out,"BN_mont"); if (!test_mont(out,ctx)) goto err; - BIO_flush(out); + (void)BIO_flush(out); message(out,"BN_mod_exp"); if (!test_mod_exp(out,ctx)) goto err; - BIO_flush(out); + (void)BIO_flush(out); message(out,"BN_mod_exp_mont_consttime"); if (!test_mod_exp_mont_consttime(out,ctx)) goto err; - BIO_flush(out); + (void)BIO_flush(out); message(out,"BN_exp"); if (!test_exp(out,ctx)) goto err; - BIO_flush(out); + (void)BIO_flush(out); message(out,"BN_kronecker"); if (!test_kron(out,ctx)) goto err; - BIO_flush(out); + (void)BIO_flush(out); message(out,"BN_mod_sqrt"); if (!test_sqrt(out,ctx)) goto err; - BIO_flush(out); + (void)BIO_flush(out); + + message(out,"BN_GF2m_add"); + if (!test_gf2m_add(out)) goto err; + (void)BIO_flush(out); + + message(out,"BN_GF2m_mod"); + if (!test_gf2m_mod(out)) goto err; + (void)BIO_flush(out); + + message(out,"BN_GF2m_mod_mul"); + if (!test_gf2m_mod_mul(out,ctx)) goto err; + (void)BIO_flush(out); + + message(out,"BN_GF2m_mod_sqr"); + if (!test_gf2m_mod_sqr(out,ctx)) goto err; + (void)BIO_flush(out); + + message(out,"BN_GF2m_mod_inv"); + if (!test_gf2m_mod_inv(out,ctx)) goto err; + (void)BIO_flush(out); + + message(out,"BN_GF2m_mod_div"); + if (!test_gf2m_mod_div(out,ctx)) goto err; + (void)BIO_flush(out); + + message(out,"BN_GF2m_mod_exp"); + if (!test_gf2m_mod_exp(out,ctx)) goto err; + (void)BIO_flush(out); + + message(out,"BN_GF2m_mod_sqrt"); + if (!test_gf2m_mod_sqrt(out,ctx)) goto err; + (void)BIO_flush(out); + + message(out,"BN_GF2m_mod_solve_quad"); + if (!test_gf2m_mod_solve_quad(out,ctx)) goto err; + (void)BIO_flush(out); BN_CTX_free(ctx); BIO_free(out); @@ -237,8 +306,8 @@ int main(int argc, char *argv[]) EXIT(0); err: BIO_puts(out,"1\n"); /* make sure the Perl script fed by bc notices - * the failure, see test_bn in test/Makefile */ - BIO_flush(out); + * the failure, see test_bn in test/Makefile.ssl*/ + (void)BIO_flush(out); ERR_load_crypto_strings(); ERR_print_errors_fp(stderr); EXIT(1); @@ -404,6 +473,78 @@ int test_div(BIO *bp, BN_CTX *ctx) return(1); } +static void print_word(BIO *bp,BN_ULONG w) + { +#ifdef SIXTY_FOUR_BIT + if (sizeof(w) > sizeof(unsigned long)) + { + unsigned long h=(unsigned long)(w>>32), + l=(unsigned long)(w); + + if (h) BIO_printf(bp,"%lX%08lX",h,l); + else BIO_printf(bp,"%lX",l); + return; + } +#endif + BIO_printf(bp,"%lX",w); + } + +int test_div_word(BIO *bp) + { + BIGNUM a,b; + BN_ULONG r,s; + int i; + + BN_init(&a); + BN_init(&b); + + for (i=0; ineg = rand_neg(); putc('\n', stderr); @@ -1023,6 +1741,7 @@ int test_kron(BIO *bp, BN_CTX *ctx) int test_sqrt(BIO *bp, BN_CTX *ctx) { + BN_GENCB cb; BIGNUM *a,*p,*r; int i, j; int ret = 0; @@ -1031,7 +1750,9 @@ int test_sqrt(BIO *bp, BN_CTX *ctx) p = BN_new(); r = BN_new(); if (a == NULL || p == NULL || r == NULL) goto err; - + + BN_GENCB_set(&cb, genprime_cb, NULL); + for (i = 0; i < 16; i++) { if (i < 8) @@ -1045,7 +1766,7 @@ int test_sqrt(BIO *bp, BN_CTX *ctx) if (!BN_set_word(a, 32)) goto err; if (!BN_set_word(r, 2*i + 1)) goto err; - if (!BN_generate_prime(p, 256, 0, a, r, genprime_cb, NULL)) goto err; + if (!BN_generate_prime_ex(p, 256, 0, a, r, &cb)) goto err; putc('\n', stderr); } p->neg = rand_neg(); diff --git a/src/lib/libssl/src/crypto/bn/exptest.c b/src/lib/libssl/src/crypto/bn/exptest.c index 28aaac2ac1..f598a07cf5 100644 --- a/src/lib/libssl/src/crypto/bn/exptest.c +++ b/src/lib/libssl/src/crypto/bn/exptest.c @@ -195,6 +195,9 @@ int main(int argc, char *argv[]) err: ERR_load_crypto_strings(); ERR_print_errors(out); +#ifdef OPENSSL_SYS_NETWARE + printf("ERROR\n"); +#endif EXIT(1); return(1); } diff --git a/src/lib/libssl/src/crypto/buffer/Makefile b/src/lib/libssl/src/crypto/buffer/Makefile index 4b53c595a3..9f3a88d2d6 100644 --- a/src/lib/libssl/src/crypto/buffer/Makefile +++ b/src/lib/libssl/src/crypto/buffer/Makefile @@ -7,11 +7,6 @@ TOP= ../.. CC= cc INCLUDES= -I.. -I$(TOP) -I../../include CFLAG=-g -INSTALL_PREFIX= -OPENSSLDIR= /usr/local/ssl -INSTALLTOP=/usr/local/ssl -MAKEDEPPROG= makedepend -MAKEDEPEND= $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG) MAKEFILE= Makefile AR= ar r @@ -51,6 +46,7 @@ links: @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS) install: + @[ -n "$(INSTALLTOP)" ] # should be set by top Makefile... @headerlist="$(EXHEADER)"; for i in $$headerlist ; \ do \ (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \ @@ -66,6 +62,7 @@ lint: lint -DLINT $(INCLUDES) $(SRC)>fluff depend: + @[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile... $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC) dclean: @@ -81,12 +78,13 @@ buf_err.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h buf_err.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h buf_err.o: ../../include/openssl/err.h ../../include/openssl/lhash.h buf_err.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -buf_err.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h -buf_err.o: ../../include/openssl/symhacks.h buf_err.c +buf_err.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h +buf_err.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +buf_err.o: buf_err.c buffer.o: ../../e_os.h ../../include/openssl/bio.h buffer.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h buffer.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h buffer.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h -buffer.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h -buffer.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -buffer.o: ../cryptlib.h buffer.c +buffer.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +buffer.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +buffer.o: ../../include/openssl/symhacks.h ../cryptlib.h buffer.c diff --git a/src/lib/libssl/src/crypto/buffer/buf_err.c b/src/lib/libssl/src/crypto/buffer/buf_err.c index 1fc32a6861..3e25bbe879 100644 --- a/src/lib/libssl/src/crypto/buffer/buf_err.c +++ b/src/lib/libssl/src/crypto/buffer/buf_err.c @@ -70,9 +70,12 @@ static ERR_STRING_DATA BUF_str_functs[]= { +{ERR_FUNC(BUF_F_BUF_MEMDUP), "BUF_memdup"}, {ERR_FUNC(BUF_F_BUF_MEM_GROW), "BUF_MEM_grow"}, +{ERR_FUNC(BUF_F_BUF_MEM_GROW_CLEAN), "BUF_MEM_grow_clean"}, {ERR_FUNC(BUF_F_BUF_MEM_NEW), "BUF_MEM_new"}, {ERR_FUNC(BUF_F_BUF_STRDUP), "BUF_strdup"}, +{ERR_FUNC(BUF_F_BUF_STRNDUP), "BUF_strndup"}, {0,NULL} }; @@ -85,15 +88,12 @@ static ERR_STRING_DATA BUF_str_reasons[]= void ERR_load_BUF_strings(void) { - static int init=1; +#ifndef OPENSSL_NO_ERR - if (init) + if (ERR_func_error_string(BUF_str_functs[0].error) == NULL) { - init=0; -#ifndef OPENSSL_NO_ERR ERR_load_strings(0,BUF_str_functs); ERR_load_strings(0,BUF_str_reasons); -#endif - } +#endif } diff --git a/src/lib/libssl/src/crypto/buffer/buffer.c b/src/lib/libssl/src/crypto/buffer/buffer.c index d96487e7db..3bf03c7eff 100644 --- a/src/lib/libssl/src/crypto/buffer/buffer.c +++ b/src/lib/libssl/src/crypto/buffer/buffer.c @@ -149,7 +149,7 @@ int BUF_MEM_grow_clean(BUF_MEM *str, int len) ret=OPENSSL_realloc_clean(str->data,str->max,n); if (ret == NULL) { - BUFerr(BUF_F_BUF_MEM_GROW,ERR_R_MALLOC_FAILURE); + BUFerr(BUF_F_BUF_MEM_GROW_CLEAN,ERR_R_MALLOC_FAILURE); len=0; } else @@ -163,23 +163,42 @@ int BUF_MEM_grow_clean(BUF_MEM *str, int len) } char *BUF_strdup(const char *str) + { + if (str == NULL) return(NULL); + return BUF_strndup(str, strlen(str)); + } + +char *BUF_strndup(const char *str, size_t siz) { char *ret; - int n; if (str == NULL) return(NULL); - n=strlen(str); - ret=OPENSSL_malloc(n+1); + ret=OPENSSL_malloc(siz+1); if (ret == NULL) { - BUFerr(BUF_F_BUF_STRDUP,ERR_R_MALLOC_FAILURE); + BUFerr(BUF_F_BUF_STRNDUP,ERR_R_MALLOC_FAILURE); return(NULL); } - memcpy(ret,str,n+1); + BUF_strlcpy(ret,str,siz+1); return(ret); } +void *BUF_memdup(const void *data, size_t siz) + { + void *ret; + + if (data == NULL) return(NULL); + + ret=OPENSSL_malloc(siz); + if (ret == NULL) + { + BUFerr(BUF_F_BUF_MEMDUP,ERR_R_MALLOC_FAILURE); + return(NULL); + } + return memcpy(ret, data, siz); + } + size_t BUF_strlcpy(char *dst, const char *src, size_t size) { size_t l = 0; diff --git a/src/lib/libssl/src/crypto/buffer/buffer.h b/src/lib/libssl/src/crypto/buffer/buffer.h index 465dc34f3f..1db9607450 100644 --- a/src/lib/libssl/src/crypto/buffer/buffer.h +++ b/src/lib/libssl/src/crypto/buffer/buffer.h @@ -59,25 +59,35 @@ #ifndef HEADER_BUFFER_H #define HEADER_BUFFER_H +#include + #ifdef __cplusplus extern "C" { #endif #include + +#if !defined(NO_SYS_TYPES_H) #include +#endif + +/* Already declared in ossl_typ.h */ +/* typedef struct buf_mem_st BUF_MEM; */ -typedef struct buf_mem_st +struct buf_mem_st { int length; /* current number of bytes */ char *data; int max; /* size of buffer */ - } BUF_MEM; + }; BUF_MEM *BUF_MEM_new(void); void BUF_MEM_free(BUF_MEM *a); int BUF_MEM_grow(BUF_MEM *str, int len); int BUF_MEM_grow_clean(BUF_MEM *str, int len); char * BUF_strdup(const char *str); +char * BUF_strndup(const char *str, size_t siz); +void * BUF_memdup(const void *data, size_t siz); /* safe string functions */ size_t BUF_strlcpy(char *dst,const char *src,size_t siz); @@ -93,9 +103,12 @@ void ERR_load_BUF_strings(void); /* Error codes for the BUF functions. */ /* Function codes. */ +#define BUF_F_BUF_MEMDUP 103 #define BUF_F_BUF_MEM_GROW 100 +#define BUF_F_BUF_MEM_GROW_CLEAN 105 #define BUF_F_BUF_MEM_NEW 101 #define BUF_F_BUF_STRDUP 102 +#define BUF_F_BUF_STRNDUP 104 /* Reason codes. */ diff --git a/src/lib/libssl/src/crypto/cast/Makefile b/src/lib/libssl/src/crypto/cast/Makefile index b388f6271c..149956ee90 100644 --- a/src/lib/libssl/src/crypto/cast/Makefile +++ b/src/lib/libssl/src/crypto/cast/Makefile @@ -8,23 +8,14 @@ CC= cc CPP= $(CC) -E INCLUDES= CFLAG=-g -INSTALL_PREFIX= -OPENSSLDIR= /usr/local/ssl -INSTALLTOP=/usr/local/ssl -MAKEDEPPROG= makedepend -MAKEDEPEND= $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG) MAKEFILE= Makefile AR= ar r CAST_ENC=c_enc.o -# or use -#CAST_ENC=asm/cx86-elf.o -#CAST_ENC=asm/cx86-out.o -#CAST_ENC=asm/cx86-sol.o -#CAST_ENC=asm/cx86bdsi.o CFLAGS= $(INCLUDES) $(CFLAG) ASFLAGS= $(INCLUDES) $(ASFLAG) +AFLAGS= $(ASFLAGS) GENERAL=Makefile TEST=casttest.c @@ -51,20 +42,15 @@ lib: $(LIBOBJ) $(RANLIB) $(LIB) || echo Never mind. @touch lib -# elf -asm/cx86-elf.s: asm/cast-586.pl ../perlasm/x86asm.pl ../perlasm/cbc.pl - (cd asm; $(PERL) cast-586.pl elf $(CLAGS) $(PROCESSOR) > cx86-elf.s) - +# ELF +cx86-elf.s: asm/cast-586.pl ../perlasm/x86asm.pl ../perlasm/cbc.pl + (cd asm; $(PERL) cast-586.pl elf $(CLAGS) $(PROCESSOR) > ../$@) +# COFF +cx86-cof.s: asm/cast-586.pl ../perlasm/x86asm.pl ../perlasm/cbc.pl + (cd asm; $(PERL) cast-586.pl coff $(CLAGS) $(PROCESSOR) > ../$@) # a.out -asm/cx86-out.o: asm/cx86unix.cpp - $(CPP) -DOUT asm/cx86unix.cpp | as -o asm/cx86-out.o - -# bsdi -asm/cx86bsdi.o: asm/cx86unix.cpp - $(CPP) -DBSDI asm/cx86unix.cpp | sed 's/ :/:/' | as -o asm/cx86bsdi.o - -asm/cx86unix.cpp: asm/cast-586.pl ../perlasm/x86asm.pl ../perlasm/cbc.pl - (cd asm; $(PERL) cast-586.pl cpp $(PROCESSOR) >cx86unix.cpp) +cx86-out.s: asm/cast-586.pl ../perlasm/x86asm.pl ../perlasm/cbc.pl + (cd asm; $(PERL) cast-586.pl a.out $(CLAGS) $(PROCESSOR) > ../$@) files: $(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO @@ -75,6 +61,7 @@ links: @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS) install: + @[ -n "$(INSTALLTOP)" ] # should be set by top Makefile... @headerlist="$(EXHEADER)"; for i in $$headerlist ; \ do \ (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \ @@ -90,6 +77,7 @@ lint: lint -DLINT $(INCLUDES) $(SRC)>fluff depend: + @[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile... $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC) dclean: @@ -97,7 +85,7 @@ dclean: mv -f Makefile.new $(MAKEFILE) clean: - rm -f asm/cx86unix.cpp asm/*-elf.* *.o asm/*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff + rm -f *.s *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff # DO NOT DELETE THIS LINE -- make depend depends on it. @@ -114,8 +102,5 @@ c_ofb64.o: ../../e_os.h ../../include/openssl/cast.h c_ofb64.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h c_ofb64.o: c_ofb64.c cast_lcl.h c_skey.o: ../../e_os.h ../../include/openssl/cast.h -c_skey.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h -c_skey.o: ../../include/openssl/fips.h ../../include/openssl/opensslconf.h -c_skey.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h -c_skey.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +c_skey.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h c_skey.o: c_skey.c cast_lcl.h cast_s.h diff --git a/src/lib/libssl/src/crypto/cast/c_ecb.c b/src/lib/libssl/src/crypto/cast/c_ecb.c index 0b3da9ad87..f2dc606226 100644 --- a/src/lib/libssl/src/crypto/cast/c_ecb.c +++ b/src/lib/libssl/src/crypto/cast/c_ecb.c @@ -60,7 +60,7 @@ #include "cast_lcl.h" #include -const char *CAST_version="CAST" OPENSSL_VERSION_PTEXT; +const char CAST_version[]="CAST" OPENSSL_VERSION_PTEXT; void CAST_ecb_encrypt(const unsigned char *in, unsigned char *out, CAST_KEY *ks, int enc) diff --git a/src/lib/libssl/src/crypto/cast/c_skey.c b/src/lib/libssl/src/crypto/cast/c_skey.c index db9b7573e0..76e40005c9 100644 --- a/src/lib/libssl/src/crypto/cast/c_skey.c +++ b/src/lib/libssl/src/crypto/cast/c_skey.c @@ -56,10 +56,7 @@ * [including the GNU Public Licence.] */ -#include -#include #include - #include "cast_lcl.h" #include "cast_s.h" @@ -75,7 +72,7 @@ #define S6 CAST_S_table6 #define S7 CAST_S_table7 -FIPS_NON_FIPS_VCIPHER_Init(CAST) +void CAST_set_key(CAST_KEY *key, int len, const unsigned char *data) { CAST_LONG x[16]; CAST_LONG z[16]; diff --git a/src/lib/libssl/src/crypto/cast/cast.h b/src/lib/libssl/src/crypto/cast/cast.h index 9e300178d9..90b45b950a 100644 --- a/src/lib/libssl/src/crypto/cast/cast.h +++ b/src/lib/libssl/src/crypto/cast/cast.h @@ -63,6 +63,8 @@ extern "C" { #endif +#include + #ifdef OPENSSL_NO_CAST #error CAST is disabled. #endif @@ -81,10 +83,7 @@ typedef struct cast_key_st int short_key; /* Use reduced rounds for short key */ } CAST_KEY; - -#ifdef OPENSSL_FIPS -void private_CAST_set_key(CAST_KEY *key, int len, const unsigned char *data); -#endif + void CAST_set_key(CAST_KEY *key, int len, const unsigned char *data); void CAST_ecb_encrypt(const unsigned char *in,unsigned char *out,CAST_KEY *key, int enc); diff --git a/src/lib/libssl/src/crypto/cast/cast_spd.c b/src/lib/libssl/src/crypto/cast/cast_spd.c index 76abf50d98..d650af475c 100644 --- a/src/lib/libssl/src/crypto/cast/cast_spd.c +++ b/src/lib/libssl/src/crypto/cast/cast_spd.c @@ -69,7 +69,10 @@ #include OPENSSL_UNISTD_IO OPENSSL_DECLARE_EXIT +#ifndef OPENSSL_SYS_NETWARE #include +#endif + #ifndef _IRIX #include #endif diff --git a/src/lib/libssl/src/crypto/cast/castopts.c b/src/lib/libssl/src/crypto/cast/castopts.c index 1b858d153b..33b2c7b06f 100644 --- a/src/lib/libssl/src/crypto/cast/castopts.c +++ b/src/lib/libssl/src/crypto/cast/castopts.c @@ -69,7 +69,10 @@ #include OPENSSL_UNISTD_IO OPENSSL_DECLARE_EXIT +#ifndef OPENSSL_SYS_NETWARE #include +#endif + #ifndef _IRIX #include #endif diff --git a/src/lib/libssl/src/crypto/cast/casttest.c b/src/lib/libssl/src/crypto/cast/casttest.c index 83e5a16c73..0d020d6975 100644 --- a/src/lib/libssl/src/crypto/cast/casttest.c +++ b/src/lib/libssl/src/crypto/cast/casttest.c @@ -59,6 +59,7 @@ #include #include #include +#include /* To see if OPENSSL_NO_CAST is defined */ #include "../e_os.h" diff --git a/src/lib/libssl/src/crypto/comp/Makefile b/src/lib/libssl/src/crypto/comp/Makefile index df1babec5c..efda832dce 100644 --- a/src/lib/libssl/src/crypto/comp/Makefile +++ b/src/lib/libssl/src/crypto/comp/Makefile @@ -7,11 +7,6 @@ TOP= ../.. CC= cc INCLUDES= -I.. -I$(TOP) -I../../include CFLAG=-g -INSTALL_PREFIX= -OPENSSLDIR= /usr/local/ssl -INSTALLTOP=/usr/local/ssl -MAKEDEPPROG= makedepend -MAKEDEPEND= $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG) MAKEFILE= Makefile AR= ar r @@ -54,6 +49,7 @@ links: @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS) install: + @[ -n "$(INSTALLTOP)" ] # should be set by top Makefile... @headerlist="$(EXHEADER)"; for i in $$headerlist ; \ do \ (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \ @@ -69,6 +65,7 @@ lint: lint -DLINT $(INCLUDES) $(SRC)>fluff depend: + @[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile... $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(LIBSRC) dclean: @@ -81,33 +78,31 @@ clean: # DO NOT DELETE THIS LINE -- make depend depends on it. c_rle.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -c_rle.o: ../../include/openssl/bn.h ../../include/openssl/comp.h -c_rle.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h -c_rle.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -c_rle.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -c_rle.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h -c_rle.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h c_rle.c +c_rle.o: ../../include/openssl/comp.h ../../include/openssl/crypto.h +c_rle.o: ../../include/openssl/e_os2.h ../../include/openssl/obj_mac.h +c_rle.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h +c_rle.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +c_rle.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +c_rle.o: ../../include/openssl/symhacks.h c_rle.c c_zlib.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -c_zlib.o: ../../include/openssl/bn.h ../../include/openssl/comp.h -c_zlib.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h -c_zlib.o: ../../include/openssl/err.h ../../include/openssl/lhash.h -c_zlib.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -c_zlib.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -c_zlib.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h -c_zlib.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -c_zlib.o: c_zlib.c +c_zlib.o: ../../include/openssl/comp.h ../../include/openssl/crypto.h +c_zlib.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h +c_zlib.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h +c_zlib.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h +c_zlib.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +c_zlib.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +c_zlib.o: ../../include/openssl/symhacks.h c_zlib.c comp_err.o: ../../include/openssl/bio.h ../../include/openssl/comp.h comp_err.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h comp_err.o: ../../include/openssl/err.h ../../include/openssl/lhash.h comp_err.o: ../../include/openssl/opensslconf.h -comp_err.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h -comp_err.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -comp_err.o: comp_err.c +comp_err.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +comp_err.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +comp_err.o: ../../include/openssl/symhacks.h comp_err.c comp_lib.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -comp_lib.o: ../../include/openssl/bn.h ../../include/openssl/comp.h -comp_lib.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h -comp_lib.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -comp_lib.o: ../../include/openssl/opensslconf.h +comp_lib.o: ../../include/openssl/comp.h ../../include/openssl/crypto.h +comp_lib.o: ../../include/openssl/e_os2.h ../../include/openssl/obj_mac.h +comp_lib.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h comp_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h comp_lib.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h comp_lib.o: ../../include/openssl/symhacks.h comp_lib.c diff --git a/src/lib/libssl/src/crypto/comp/c_zlib.c b/src/lib/libssl/src/crypto/comp/c_zlib.c index 5fcb521ffb..0f34597e70 100644 --- a/src/lib/libssl/src/crypto/comp/c_zlib.c +++ b/src/lib/libssl/src/crypto/comp/c_zlib.c @@ -24,6 +24,32 @@ static COMP_METHOD zlib_method_nozlib={ #include +static int zlib_stateful_init(COMP_CTX *ctx); +static void zlib_stateful_finish(COMP_CTX *ctx); +static int zlib_stateful_compress_block(COMP_CTX *ctx, unsigned char *out, + unsigned int olen, unsigned char *in, unsigned int ilen); +static int zlib_stateful_expand_block(COMP_CTX *ctx, unsigned char *out, + unsigned int olen, unsigned char *in, unsigned int ilen); + + +/* memory allocations functions for zlib intialization */ +static void* zlib_zalloc(void* opaque, unsigned int no, unsigned int size) +{ + void *p; + + p=OPENSSL_malloc(no*size); + if (p) + memset(p, 0, no*size); + return p; +} + + +static void zlib_zfree(void* opaque, void* address) +{ + OPENSSL_free(address); +} + +#if 0 static int zlib_compress_block(COMP_CTX *ctx, unsigned char *out, unsigned int olen, unsigned char *in, unsigned int ilen); static int zlib_expand_block(COMP_CTX *ctx, unsigned char *out, @@ -32,7 +58,7 @@ static int zlib_expand_block(COMP_CTX *ctx, unsigned char *out, static int zz_uncompress(Bytef *dest, uLongf *destLen, const Bytef *source, uLong sourceLen); -static COMP_METHOD zlib_method={ +static COMP_METHOD zlib_stateless_method={ NID_zlib_compression, LN_zlib_compression, NULL, @@ -42,12 +68,24 @@ static COMP_METHOD zlib_method={ NULL, NULL, }; +#endif + +static COMP_METHOD zlib_stateful_method={ + NID_zlib_compression, + LN_zlib_compression, + zlib_stateful_init, + zlib_stateful_finish, + zlib_stateful_compress_block, + zlib_stateful_expand_block, + NULL, + NULL, + }; /* * When OpenSSL is built on Windows, we do not want to require that * the ZLIB.DLL be available in order for the OpenSSL DLLs to * work. Therefore, all ZLIB routines are loaded at run time - * and we do not link to a .LIB file. + * and we do not link to a .LIB file when ZLIB_SHARED is set. */ #if defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_WIN32) # include @@ -63,10 +101,19 @@ typedef int (*inflateEnd_ft)(z_streamp strm); typedef int (*inflate_ft)(z_streamp strm, int flush); typedef int (*inflateInit__ft)(z_streamp strm, const char * version, int stream_size); +typedef int (*deflateEnd_ft)(z_streamp strm); +typedef int (*deflate_ft)(z_streamp strm, int flush); +typedef int (*deflateInit__ft)(z_streamp strm, int level, + const char * version, int stream_size); +typedef const char * (*zError__ft)(int err); static compress_ft p_compress=NULL; static inflateEnd_ft p_inflateEnd=NULL; static inflate_ft p_inflate=NULL; static inflateInit__ft p_inflateInit_=NULL; +static deflateEnd_ft p_deflateEnd=NULL; +static deflate_ft p_deflate=NULL; +static deflateInit__ft p_deflateInit_=NULL; +static zError__ft p_zError=NULL; static int zlib_loaded = 0; /* only attempt to init func pts once */ static DSO *zlib_dso = NULL; @@ -75,10 +122,133 @@ static DSO *zlib_dso = NULL; #define inflateEnd p_inflateEnd #define inflate p_inflate #define inflateInit_ p_inflateInit_ +#define deflateEnd p_deflateEnd +#define deflate p_deflate +#define deflateInit_ p_deflateInit_ +#define zError p_zError #endif /* ZLIB_SHARED */ +struct zlib_state + { + z_stream istream; + z_stream ostream; + }; + +static int zlib_stateful_ex_idx = -1; + +static void zlib_stateful_free_ex_data(void *obj, void *item, + CRYPTO_EX_DATA *ad, int ind,long argl, void *argp) + { + struct zlib_state *state = (struct zlib_state *)item; + inflateEnd(&state->istream); + deflateEnd(&state->ostream); + OPENSSL_free(state); + } + +static int zlib_stateful_init(COMP_CTX *ctx) + { + int err; + struct zlib_state *state = + (struct zlib_state *)OPENSSL_malloc(sizeof(struct zlib_state)); + + if (state == NULL) + goto err; + + state->istream.zalloc = zlib_zalloc; + state->istream.zfree = zlib_zfree; + state->istream.opaque = Z_NULL; + state->istream.next_in = Z_NULL; + state->istream.next_out = Z_NULL; + state->istream.avail_in = 0; + state->istream.avail_out = 0; + err = inflateInit_(&state->istream, + ZLIB_VERSION, sizeof(z_stream)); + if (err != Z_OK) + goto err; + + state->ostream.zalloc = zlib_zalloc; + state->ostream.zfree = zlib_zfree; + state->ostream.opaque = Z_NULL; + state->ostream.next_in = Z_NULL; + state->ostream.next_out = Z_NULL; + state->ostream.avail_in = 0; + state->ostream.avail_out = 0; + err = deflateInit_(&state->ostream,Z_DEFAULT_COMPRESSION, + ZLIB_VERSION, sizeof(z_stream)); + if (err != Z_OK) + goto err; + + CRYPTO_new_ex_data(CRYPTO_EX_INDEX_COMP,ctx,&ctx->ex_data); + CRYPTO_set_ex_data(&ctx->ex_data,zlib_stateful_ex_idx,state); + return 1; + err: + if (state) OPENSSL_free(state); + return 0; + } + +static void zlib_stateful_finish(COMP_CTX *ctx) + { + CRYPTO_free_ex_data(CRYPTO_EX_INDEX_COMP,ctx,&ctx->ex_data); + } + +static int zlib_stateful_compress_block(COMP_CTX *ctx, unsigned char *out, + unsigned int olen, unsigned char *in, unsigned int ilen) + { + int err = Z_OK; + struct zlib_state *state = + (struct zlib_state *)CRYPTO_get_ex_data(&ctx->ex_data, + zlib_stateful_ex_idx); + + if (state == NULL) + return -1; + + state->ostream.next_in = in; + state->ostream.avail_in = ilen; + state->ostream.next_out = out; + state->ostream.avail_out = olen; + if (ilen > 0) + err = deflate(&state->ostream, Z_SYNC_FLUSH); + if (err != Z_OK) + return -1; +#ifdef DEBUG_ZLIB + fprintf(stderr,"compress(%4d)->%4d %s\n", + ilen,olen - state->ostream.avail_out, + (ilen != olen - state->ostream.avail_out)?"zlib":"clear"); +#endif + return olen - state->ostream.avail_out; + } + +static int zlib_stateful_expand_block(COMP_CTX *ctx, unsigned char *out, + unsigned int olen, unsigned char *in, unsigned int ilen) + { + int err = Z_OK; + + struct zlib_state *state = + (struct zlib_state *)CRYPTO_get_ex_data(&ctx->ex_data, + zlib_stateful_ex_idx); + + if (state == NULL) + return 0; + + state->istream.next_in = in; + state->istream.avail_in = ilen; + state->istream.next_out = out; + state->istream.avail_out = olen; + if (ilen > 0) + err = inflate(&state->istream, Z_SYNC_FLUSH); + if (err != Z_OK) + return -1; +#ifdef DEBUG_ZLIB + fprintf(stderr,"expand(%4d)->%4d %s\n", + ilen,olen - state->istream.avail_out, + (ilen != olen - state->istream.avail_out)?"zlib":"clear"); +#endif + return olen - state->istream.avail_out; + } + +#if 0 static int zlib_compress_block(COMP_CTX *ctx, unsigned char *out, - unsigned int olen, unsigned char *in, unsigned int ilen) + unsigned int olen, unsigned char *in, unsigned int ilen) { unsigned long l; int i; @@ -111,7 +281,7 @@ static int zlib_compress_block(COMP_CTX *ctx, unsigned char *out, } static int zlib_expand_block(COMP_CTX *ctx, unsigned char *out, - unsigned int olen, unsigned char *in, unsigned int ilen) + unsigned int olen, unsigned char *in, unsigned int ilen) { unsigned long l; int i; @@ -153,7 +323,8 @@ static int zz_uncompress (Bytef *dest, uLongf *destLen, const Bytef *source, stream.zalloc = (alloc_func)0; stream.zfree = (free_func)0; - err = inflateInit(&stream); + err = inflateInit_(&stream, + ZLIB_VERSION, sizeof(z_stream)); if (err != Z_OK) return err; err = inflate(&stream, Z_FINISH); @@ -166,6 +337,7 @@ static int zz_uncompress (Bytef *dest, uLongf *destLen, const Bytef *source, err = inflateEnd(&stream); return err; } +#endif #endif @@ -195,9 +367,22 @@ COMP_METHOD *COMP_zlib(void) p_inflateInit_ = (inflateInit__ft) DSO_bind_func(zlib_dso, "inflateInit_"); + p_deflateEnd + = (deflateEnd_ft) DSO_bind_func(zlib_dso, + "deflateEnd"); + p_deflate + = (deflate_ft) DSO_bind_func(zlib_dso, + "deflate"); + p_deflateInit_ + = (deflateInit__ft) DSO_bind_func(zlib_dso, + "deflateInit_"); + p_zError + = (zError__ft) DSO_bind_func(zlib_dso, + "zError"); if (p_compress && p_inflateEnd && p_inflate - && p_inflateInit_) + && p_inflateInit_ && p_deflateEnd + && p_deflate && p_deflateInit_ && p_zError) zlib_loaded++; } } @@ -207,9 +392,410 @@ COMP_METHOD *COMP_zlib(void) if (zlib_loaded) #endif #if defined(ZLIB) || defined(ZLIB_SHARED) - meth = &zlib_method; + { + /* init zlib_stateful_ex_idx here so that in a multi-process + * application it's enough to intialize openssl before forking + * (idx will be inherited in all the children) */ + if (zlib_stateful_ex_idx == -1) + { + CRYPTO_w_lock(CRYPTO_LOCK_COMP); + if (zlib_stateful_ex_idx == -1) + zlib_stateful_ex_idx = + CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_COMP, + 0,NULL,NULL,NULL,zlib_stateful_free_ex_data); + CRYPTO_w_unlock(CRYPTO_LOCK_COMP); + if (zlib_stateful_ex_idx == -1) + goto err; + } + + meth = &zlib_stateful_method; + } +err: #endif return(meth); } +void COMP_zlib_cleanup(void) + { +#ifdef ZLIB_SHARED + if (zlib_dso) + DSO_free(zlib_dso); +#endif + } + +#ifdef ZLIB + +/* Zlib based compression/decompression filter BIO */ + +typedef struct + { + unsigned char *ibuf; /* Input buffer */ + int ibufsize; /* Buffer size */ + z_stream zin; /* Input decompress context */ + unsigned char *obuf; /* Output buffer */ + int obufsize; /* Output buffer size */ + unsigned char *optr; /* Position in output buffer */ + int ocount; /* Amount of data in output buffer */ + int odone; /* deflate EOF */ + int comp_level; /* Compression level to use */ + z_stream zout; /* Output compression context */ + } BIO_ZLIB_CTX; + +#define ZLIB_DEFAULT_BUFSIZE 1024 + +static int bio_zlib_new(BIO *bi); +static int bio_zlib_free(BIO *bi); +static int bio_zlib_read(BIO *b, char *out, int outl); +static int bio_zlib_write(BIO *b, const char *in, int inl); +static long bio_zlib_ctrl(BIO *b, int cmd, long num, void *ptr); +static long bio_zlib_callback_ctrl(BIO *b, int cmd, bio_info_cb *fp); + +static BIO_METHOD bio_meth_zlib = + { + BIO_TYPE_COMP, + "zlib", + bio_zlib_write, + bio_zlib_read, + NULL, + NULL, + bio_zlib_ctrl, + bio_zlib_new, + bio_zlib_free, + bio_zlib_callback_ctrl + }; + +BIO_METHOD *BIO_f_zlib(void) + { + return &bio_meth_zlib; + } + + +static int bio_zlib_new(BIO *bi) + { + BIO_ZLIB_CTX *ctx; +#ifdef ZLIB_SHARED + (void)COMP_zlib(); + if (!zlib_loaded) + { + COMPerr(COMP_F_BIO_ZLIB_NEW, COMP_R_ZLIB_NOT_SUPPORTED); + return 0; + } +#endif + ctx = OPENSSL_malloc(sizeof(BIO_ZLIB_CTX)); + if(!ctx) + { + COMPerr(COMP_F_BIO_ZLIB_NEW, ERR_R_MALLOC_FAILURE); + return 0; + } + ctx->ibuf = NULL; + ctx->obuf = NULL; + ctx->ibufsize = ZLIB_DEFAULT_BUFSIZE; + ctx->obufsize = ZLIB_DEFAULT_BUFSIZE; + ctx->zin.zalloc = Z_NULL; + ctx->zin.zfree = Z_NULL; + ctx->zin.next_in = NULL; + ctx->zin.avail_in = 0; + ctx->zin.next_out = NULL; + ctx->zin.avail_out = 0; + ctx->zout.zalloc = Z_NULL; + ctx->zout.zfree = Z_NULL; + ctx->zout.next_in = NULL; + ctx->zout.avail_in = 0; + ctx->zout.next_out = NULL; + ctx->zout.avail_out = 0; + ctx->odone = 0; + ctx->comp_level = Z_DEFAULT_COMPRESSION; + bi->init = 1; + bi->ptr = (char *)ctx; + bi->flags = 0; + return 1; + } + +static int bio_zlib_free(BIO *bi) + { + BIO_ZLIB_CTX *ctx; + if(!bi) return 0; + ctx = (BIO_ZLIB_CTX *)bi->ptr; + if(ctx->ibuf) + { + /* Destroy decompress context */ + inflateEnd(&ctx->zin); + OPENSSL_free(ctx->ibuf); + } + if(ctx->obuf) + { + /* Destroy compress context */ + deflateEnd(&ctx->zout); + OPENSSL_free(ctx->obuf); + } + OPENSSL_free(ctx); + bi->ptr = NULL; + bi->init = 0; + bi->flags = 0; + return 1; + } + +static int bio_zlib_read(BIO *b, char *out, int outl) + { + BIO_ZLIB_CTX *ctx; + int ret; + z_stream *zin; + if(!out || !outl) return 0; + ctx = (BIO_ZLIB_CTX *)b->ptr; + zin = &ctx->zin; + BIO_clear_retry_flags(b); + if(!ctx->ibuf) + { + ctx->ibuf = OPENSSL_malloc(ctx->ibufsize); + if(!ctx->ibuf) + { + COMPerr(COMP_F_BIO_ZLIB_READ, ERR_R_MALLOC_FAILURE); + return 0; + } + inflateInit(zin); + zin->next_in = ctx->ibuf; + zin->avail_in = 0; + } + + /* Copy output data directly to supplied buffer */ + zin->next_out = (unsigned char *)out; + zin->avail_out = (unsigned int)outl; + for(;;) + { + /* Decompress while data available */ + while(zin->avail_in) + { + ret = inflate(zin, 0); + if((ret != Z_OK) && (ret != Z_STREAM_END)) + { + COMPerr(COMP_F_BIO_ZLIB_READ, + COMP_R_ZLIB_INFLATE_ERROR); + ERR_add_error_data(2, "zlib error:", + zError(ret)); + return 0; + } + /* If EOF or we've read everything then return */ + if((ret == Z_STREAM_END) || !zin->avail_out) + return outl - zin->avail_out; + } + + /* No data in input buffer try to read some in, + * if an error then return the total data read. + */ + ret = BIO_read(b->next_bio, ctx->ibuf, ctx->ibufsize); + if(ret <= 0) + { + /* Total data read */ + int tot = outl - zin->avail_out; + BIO_copy_next_retry(b); + if(ret < 0) return (tot > 0) ? tot : ret; + return tot; + } + zin->avail_in = ret; + zin->next_in = ctx->ibuf; + } + } + +static int bio_zlib_write(BIO *b, const char *in, int inl) + { + BIO_ZLIB_CTX *ctx; + int ret; + z_stream *zout; + if(!in || !inl) return 0; + ctx = (BIO_ZLIB_CTX *)b->ptr; + if(ctx->odone) return 0; + zout = &ctx->zout; + BIO_clear_retry_flags(b); + if(!ctx->obuf) + { + ctx->obuf = OPENSSL_malloc(ctx->obufsize); + /* Need error here */ + if(!ctx->obuf) + { + COMPerr(COMP_F_BIO_ZLIB_WRITE, ERR_R_MALLOC_FAILURE); + return 0; + } + ctx->optr = ctx->obuf; + ctx->ocount = 0; + deflateInit(zout, ctx->comp_level); + zout->next_out = ctx->obuf; + zout->avail_out = ctx->obufsize; + } + /* Obtain input data directly from supplied buffer */ + zout->next_in = (void *)in; + zout->avail_in = inl; + for(;;) + { + /* If data in output buffer write it first */ + while(ctx->ocount) { + ret = BIO_write(b->next_bio, ctx->optr, ctx->ocount); + if(ret <= 0) + { + /* Total data written */ + int tot = inl - zout->avail_in; + BIO_copy_next_retry(b); + if(ret < 0) return (tot > 0) ? tot : ret; + return tot; + } + ctx->optr += ret; + ctx->ocount -= ret; + } + + /* Have we consumed all supplied data? */ + if(!zout->avail_in) + return inl; + + /* Compress some more */ + + /* Reset buffer */ + ctx->optr = ctx->obuf; + zout->next_out = ctx->obuf; + zout->avail_out = ctx->obufsize; + /* Compress some more */ + ret = deflate(zout, 0); + if(ret != Z_OK) + { + COMPerr(COMP_F_BIO_ZLIB_WRITE, + COMP_R_ZLIB_DEFLATE_ERROR); + ERR_add_error_data(2, "zlib error:", zError(ret)); + return 0; + } + ctx->ocount = ctx->obufsize - zout->avail_out; + } + } + +static int bio_zlib_flush(BIO *b) + { + BIO_ZLIB_CTX *ctx; + int ret; + z_stream *zout; + ctx = (BIO_ZLIB_CTX *)b->ptr; + /* If no data written or already flush show success */ + if(!ctx->obuf || (ctx->odone && !ctx->ocount)) return 1; + zout = &ctx->zout; + BIO_clear_retry_flags(b); + /* No more input data */ + zout->next_in = NULL; + zout->avail_in = 0; + for(;;) + { + /* If data in output buffer write it first */ + while(ctx->ocount) + { + ret = BIO_write(b->next_bio, ctx->optr, ctx->ocount); + if(ret <= 0) + { + BIO_copy_next_retry(b); + return ret; + } + ctx->optr += ret; + ctx->ocount -= ret; + } + if(ctx->odone) return 1; + + /* Compress some more */ + + /* Reset buffer */ + ctx->optr = ctx->obuf; + zout->next_out = ctx->obuf; + zout->avail_out = ctx->obufsize; + /* Compress some more */ + ret = deflate(zout, Z_FINISH); + if(ret == Z_STREAM_END) ctx->odone = 1; + else if(ret != Z_OK) + { + COMPerr(COMP_F_BIO_ZLIB_FLUSH, + COMP_R_ZLIB_DEFLATE_ERROR); + ERR_add_error_data(2, "zlib error:", zError(ret)); + return 0; + } + ctx->ocount = ctx->obufsize - zout->avail_out; + } + } + +static long bio_zlib_ctrl(BIO *b, int cmd, long num, void *ptr) + { + BIO_ZLIB_CTX *ctx; + int ret, *ip; + int ibs, obs; + if(!b->next_bio) return 0; + ctx = (BIO_ZLIB_CTX *)b->ptr; + switch (cmd) + { + + case BIO_CTRL_RESET: + ctx->ocount = 0; + ctx->odone = 0; + break; + + case BIO_CTRL_FLUSH: + ret = bio_zlib_flush(b); + if (ret > 0) + ret = BIO_flush(b->next_bio); + break; + + case BIO_C_SET_BUFF_SIZE: + ibs = -1; + obs = -1; + if (ptr != NULL) + { + ip = ptr; + if (*ip == 0) + ibs = (int) num; + else + obs = (int) num; + } + else + { + ibs = (int)num; + obs = ibs; + } + + if (ibs != -1) + { + if (ctx->ibuf) + { + OPENSSL_free(ctx->ibuf); + ctx->ibuf = NULL; + } + ctx->ibufsize = ibs; + } + + if (obs != -1) + { + if (ctx->obuf) + { + OPENSSL_free(ctx->obuf); + ctx->obuf = NULL; + } + ctx->obufsize = obs; + } + + break; + + case BIO_C_DO_STATE_MACHINE: + BIO_clear_retry_flags(b); + ret = BIO_ctrl(b->next_bio, cmd, num, ptr); + BIO_copy_next_retry(b); + break; + + default: + ret = BIO_ctrl(b->next_bio, cmd, num, ptr); + break; + + } + + return ret; + } + + +static long bio_zlib_callback_ctrl(BIO *b, int cmd, bio_info_cb *fp) + { + if(!b->next_bio) + return 0; + return + BIO_callback_ctrl(b->next_bio, cmd, fp); + } + +#endif diff --git a/src/lib/libssl/src/crypto/comp/comp.h b/src/lib/libssl/src/crypto/comp/comp.h index ab48b78ae9..4b405c7d49 100644 --- a/src/lib/libssl/src/crypto/comp/comp.h +++ b/src/lib/libssl/src/crypto/comp/comp.h @@ -8,19 +8,26 @@ extern "C" { #endif +typedef struct comp_ctx_st COMP_CTX; + typedef struct comp_method_st { int type; /* NID for compression library */ const char *name; /* A text string to identify the library */ - int (*init)(); - void (*finish)(); - int (*compress)(); - int (*expand)(); - long (*ctrl)(); - long (*callback_ctrl)(); + int (*init)(COMP_CTX *ctx); + void (*finish)(COMP_CTX *ctx); + int (*compress)(COMP_CTX *ctx, + unsigned char *out, unsigned int olen, + unsigned char *in, unsigned int ilen); + int (*expand)(COMP_CTX *ctx, + unsigned char *out, unsigned int olen, + unsigned char *in, unsigned int ilen); + /* The following two do NOTHING, but are kept for backward compatibility */ + long (*ctrl)(void); + long (*callback_ctrl)(void); } COMP_METHOD; -typedef struct comp_ctx_st +struct comp_ctx_st { COMP_METHOD *meth; unsigned long compress_in; @@ -29,7 +36,7 @@ typedef struct comp_ctx_st unsigned long expand_out; CRYPTO_EX_DATA ex_data; - } COMP_CTX; + }; COMP_CTX *COMP_CTX_new(COMP_METHOD *meth); @@ -40,6 +47,13 @@ int COMP_expand_block(COMP_CTX *ctx, unsigned char *out, int olen, unsigned char *in, int ilen); COMP_METHOD *COMP_rle(void ); COMP_METHOD *COMP_zlib(void ); +void COMP_zlib_cleanup(void); + +#ifdef HEADER_BIO_H +#ifdef ZLIB +BIO_METHOD *BIO_f_zlib(void); +#endif +#endif /* BEGIN ERROR CODES */ /* The following lines are auto generated by the script mkerr.pl. Any changes @@ -50,8 +64,15 @@ void ERR_load_COMP_strings(void); /* Error codes for the COMP functions. */ /* Function codes. */ +#define COMP_F_BIO_ZLIB_FLUSH 99 +#define COMP_F_BIO_ZLIB_NEW 100 +#define COMP_F_BIO_ZLIB_READ 101 +#define COMP_F_BIO_ZLIB_WRITE 102 /* Reason codes. */ +#define COMP_R_ZLIB_DEFLATE_ERROR 99 +#define COMP_R_ZLIB_INFLATE_ERROR 100 +#define COMP_R_ZLIB_NOT_SUPPORTED 101 #ifdef __cplusplus } diff --git a/src/lib/libssl/src/crypto/comp/comp_err.c b/src/lib/libssl/src/crypto/comp/comp_err.c index 1652b8c2c4..187d68b725 100644 --- a/src/lib/libssl/src/crypto/comp/comp_err.c +++ b/src/lib/libssl/src/crypto/comp/comp_err.c @@ -1,6 +1,6 @@ /* crypto/comp/comp_err.c */ /* ==================================================================== - * Copyright (c) 1999 The OpenSSL Project. All rights reserved. + * Copyright (c) 1999-2008 The OpenSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -64,13 +64,24 @@ /* BEGIN ERROR CODES */ #ifndef OPENSSL_NO_ERR + +#define ERR_FUNC(func) ERR_PACK(ERR_LIB_COMP,func,0) +#define ERR_REASON(reason) ERR_PACK(ERR_LIB_COMP,0,reason) + static ERR_STRING_DATA COMP_str_functs[]= { +{ERR_FUNC(COMP_F_BIO_ZLIB_FLUSH), "BIO_ZLIB_FLUSH"}, +{ERR_FUNC(COMP_F_BIO_ZLIB_NEW), "BIO_ZLIB_NEW"}, +{ERR_FUNC(COMP_F_BIO_ZLIB_READ), "BIO_ZLIB_READ"}, +{ERR_FUNC(COMP_F_BIO_ZLIB_WRITE), "BIO_ZLIB_WRITE"}, {0,NULL} }; static ERR_STRING_DATA COMP_str_reasons[]= { +{ERR_REASON(COMP_R_ZLIB_DEFLATE_ERROR) ,"zlib deflate error"}, +{ERR_REASON(COMP_R_ZLIB_INFLATE_ERROR) ,"zlib inflate error"}, +{ERR_REASON(COMP_R_ZLIB_NOT_SUPPORTED) ,"zlib not supported"}, {0,NULL} }; @@ -78,15 +89,12 @@ static ERR_STRING_DATA COMP_str_reasons[]= void ERR_load_COMP_strings(void) { - static int init=1; - - if (init) - { - init=0; #ifndef OPENSSL_NO_ERR - ERR_load_strings(ERR_LIB_COMP,COMP_str_functs); - ERR_load_strings(ERR_LIB_COMP,COMP_str_reasons); -#endif + if (ERR_func_error_string(COMP_str_functs[0].error) == NULL) + { + ERR_load_strings(0,COMP_str_functs); + ERR_load_strings(0,COMP_str_reasons); } +#endif } diff --git a/src/lib/libssl/src/crypto/comp/comp_lib.c b/src/lib/libssl/src/crypto/comp/comp_lib.c index beb98ce8cc..b60ae371e8 100644 --- a/src/lib/libssl/src/crypto/comp/comp_lib.c +++ b/src/lib/libssl/src/crypto/comp/comp_lib.c @@ -20,17 +20,11 @@ COMP_CTX *COMP_CTX_new(COMP_METHOD *meth) OPENSSL_free(ret); ret=NULL; } -#if 0 - else - CRYPTO_new_ex_data(rsa_meth,(char *)ret,&ret->ex_data); -#endif return(ret); } void COMP_CTX_free(COMP_CTX *ctx) { - /* CRYPTO_free_ex_data(rsa_meth,(char *)ctx,&ctx->ex_data); */ - if(ctx == NULL) return; diff --git a/src/lib/libssl/src/crypto/conf/Makefile b/src/lib/libssl/src/crypto/conf/Makefile index 403d12b28c..78bb324106 100644 --- a/src/lib/libssl/src/crypto/conf/Makefile +++ b/src/lib/libssl/src/crypto/conf/Makefile @@ -7,11 +7,6 @@ TOP= ../.. CC= cc INCLUDES= -I.. -I$(TOP) -I../../include CFLAG=-g -INSTALL_PREFIX= -OPENSSLDIR= /usr/local/ssl -INSTALLTOP=/usr/local/ssl -MAKEDEPPROG= makedepend -MAKEDEPEND= $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG) MAKEFILE= Makefile AR= ar r @@ -54,6 +49,7 @@ links: @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS) install: + @[ -n "$(INSTALLTOP)" ] # should be set by top Makefile... @headerlist="$(EXHEADER)"; for i in $$headerlist ; \ do \ (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \ @@ -69,6 +65,7 @@ lint: lint -DLINT $(INCLUDES) $(SRC)>fluff depend: + @[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile... $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(LIBSRC) dclean: @@ -84,98 +81,72 @@ conf_api.o: ../../e_os.h ../../include/openssl/bio.h conf_api.o: ../../include/openssl/conf.h ../../include/openssl/conf_api.h conf_api.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h conf_api.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h -conf_api.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h -conf_api.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -conf_api.o: conf_api.c +conf_api.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +conf_api.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +conf_api.o: ../../include/openssl/symhacks.h conf_api.c conf_def.o: ../../e_os.h ../../include/openssl/bio.h conf_def.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h conf_def.o: ../../include/openssl/conf_api.h ../../include/openssl/crypto.h conf_def.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h conf_def.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h -conf_def.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h -conf_def.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -conf_def.o: ../cryptlib.h conf_def.c conf_def.h +conf_def.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +conf_def.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +conf_def.o: ../../include/openssl/symhacks.h ../cryptlib.h conf_def.c +conf_def.o: conf_def.h conf_err.o: ../../include/openssl/bio.h ../../include/openssl/conf.h conf_err.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h conf_err.o: ../../include/openssl/err.h ../../include/openssl/lhash.h conf_err.o: ../../include/openssl/opensslconf.h -conf_err.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h -conf_err.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -conf_err.o: conf_err.c +conf_err.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +conf_err.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +conf_err.o: ../../include/openssl/symhacks.h conf_err.c conf_lib.o: ../../include/openssl/bio.h ../../include/openssl/conf.h conf_lib.o: ../../include/openssl/conf_api.h ../../include/openssl/crypto.h conf_lib.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h conf_lib.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h -conf_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h -conf_lib.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -conf_lib.o: conf_lib.c -conf_mall.o: ../../e_os.h ../../include/openssl/aes.h -conf_mall.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -conf_mall.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -conf_mall.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h +conf_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +conf_lib.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +conf_lib.o: ../../include/openssl/symhacks.h conf_lib.c +conf_mall.o: ../../e_os.h ../../include/openssl/asn1.h +conf_mall.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h conf_mall.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h -conf_mall.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -conf_mall.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h conf_mall.o: ../../include/openssl/dso.h ../../include/openssl/e_os2.h -conf_mall.o: ../../include/openssl/engine.h ../../include/openssl/err.h -conf_mall.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -conf_mall.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -conf_mall.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -conf_mall.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h +conf_mall.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h +conf_mall.o: ../../include/openssl/ecdsa.h ../../include/openssl/engine.h +conf_mall.o: ../../include/openssl/err.h ../../include/openssl/evp.h +conf_mall.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h conf_mall.o: ../../include/openssl/objects.h conf_mall.o: ../../include/openssl/opensslconf.h conf_mall.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -conf_mall.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h -conf_mall.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -conf_mall.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h -conf_mall.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h +conf_mall.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h conf_mall.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -conf_mall.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -conf_mall.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h +conf_mall.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h conf_mall.o: ../../include/openssl/x509_vfy.h ../cryptlib.h conf_mall.c -conf_mod.o: ../../e_os.h ../../include/openssl/aes.h -conf_mod.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -conf_mod.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -conf_mod.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h +conf_mod.o: ../../e_os.h ../../include/openssl/asn1.h +conf_mod.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h conf_mod.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h -conf_mod.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -conf_mod.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h conf_mod.o: ../../include/openssl/dso.h ../../include/openssl/e_os2.h -conf_mod.o: ../../include/openssl/err.h ../../include/openssl/evp.h -conf_mod.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -conf_mod.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -conf_mod.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h +conf_mod.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h +conf_mod.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h +conf_mod.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h conf_mod.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h conf_mod.o: ../../include/openssl/opensslconf.h conf_mod.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -conf_mod.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -conf_mod.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -conf_mod.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -conf_mod.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -conf_mod.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -conf_mod.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -conf_mod.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -conf_mod.o: ../cryptlib.h conf_mod.c -conf_sap.o: ../../e_os.h ../../include/openssl/aes.h -conf_sap.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -conf_sap.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -conf_sap.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h +conf_mod.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h +conf_mod.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +conf_mod.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h +conf_mod.o: ../../include/openssl/x509_vfy.h ../cryptlib.h conf_mod.c +conf_sap.o: ../../e_os.h ../../include/openssl/asn1.h +conf_sap.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h conf_sap.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h -conf_sap.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -conf_sap.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h conf_sap.o: ../../include/openssl/dso.h ../../include/openssl/e_os2.h -conf_sap.o: ../../include/openssl/engine.h ../../include/openssl/err.h -conf_sap.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -conf_sap.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -conf_sap.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -conf_sap.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h +conf_sap.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h +conf_sap.o: ../../include/openssl/ecdsa.h ../../include/openssl/engine.h +conf_sap.o: ../../include/openssl/err.h ../../include/openssl/evp.h +conf_sap.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h conf_sap.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h conf_sap.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -conf_sap.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h -conf_sap.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -conf_sap.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h -conf_sap.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h +conf_sap.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h conf_sap.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -conf_sap.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -conf_sap.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h +conf_sap.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h conf_sap.o: ../../include/openssl/x509_vfy.h ../cryptlib.h conf_sap.c diff --git a/src/lib/libssl/src/crypto/conf/conf.h b/src/lib/libssl/src/crypto/conf/conf.h index f4671442ab..8aa06bc5ec 100644 --- a/src/lib/libssl/src/crypto/conf/conf.h +++ b/src/lib/libssl/src/crypto/conf/conf.h @@ -65,6 +65,8 @@ #include #include +#include + #ifdef __cplusplus extern "C" { #endif @@ -81,7 +83,6 @@ DECLARE_STACK_OF(CONF_MODULE) DECLARE_STACK_OF(CONF_IMODULE) struct conf_st; -typedef struct conf_st CONF; struct conf_method_st; typedef struct conf_method_st CONF_METHOD; @@ -113,6 +114,7 @@ typedef void conf_finish_func(CONF_IMODULE *md); #define CONF_MFLAGS_SILENT 0x4 #define CONF_MFLAGS_NO_DSO 0x8 #define CONF_MFLAGS_IGNORE_MISSING_FILE 0x10 +#define CONF_MFLAGS_DEFAULT_SECTION 0x20 int CONF_set_default_method(CONF_METHOD *meth); void CONF_set_nconf(CONF *conf,LHASH *hash); @@ -212,6 +214,8 @@ void ERR_load_CONF_strings(void); #define CONF_F_CONF_LOAD_BIO 102 #define CONF_F_CONF_LOAD_FP 103 #define CONF_F_CONF_MODULES_LOAD 116 +#define CONF_F_DEF_LOAD 120 +#define CONF_F_DEF_LOAD_BIO 121 #define CONF_F_MODULE_INIT 115 #define CONF_F_MODULE_LOAD_DSO 117 #define CONF_F_MODULE_RUN 118 diff --git a/src/lib/libssl/src/crypto/conf/conf_api.c b/src/lib/libssl/src/crypto/conf/conf_api.c index 0032baa711..909d72b4b8 100644 --- a/src/lib/libssl/src/crypto/conf/conf_api.c +++ b/src/lib/libssl/src/crypto/conf/conf_api.c @@ -121,7 +121,7 @@ int _CONF_add_string(CONF *conf, CONF_VALUE *section, CONF_VALUE *value) v = (CONF_VALUE *)lh_insert(conf->data, value); if (v != NULL) { - sk_CONF_VALUE_delete_ptr(ts,v); + (void)sk_CONF_VALUE_delete_ptr(ts,v); OPENSSL_free(v->name); OPENSSL_free(v->value); OPENSSL_free(v); diff --git a/src/lib/libssl/src/crypto/conf/conf_def.c b/src/lib/libssl/src/crypto/conf/conf_def.c index 2464f8ed90..d8bce8732a 100644 --- a/src/lib/libssl/src/crypto/conf/conf_def.c +++ b/src/lib/libssl/src/crypto/conf/conf_def.c @@ -60,6 +60,7 @@ #include #include +#include "cryptlib.h" #include #include #include @@ -67,7 +68,6 @@ #include "conf_def.h" #include #include -#include "cryptlib.h" static char *eat_ws(CONF *conf, char *p); static char *eat_alpha_numeric(CONF *conf, char *p); @@ -88,7 +88,7 @@ static int def_dump(const CONF *conf, BIO *bp); static int def_is_number(const CONF *conf, char c); static int def_to_int(const CONF *conf, char c); -const char *CONF_def_version="CONF_def" OPENSSL_VERSION_PTEXT; +const char CONF_def_version[]="CONF_def" OPENSSL_VERSION_PTEXT; static CONF_METHOD default_method = { "OpenSSL default", @@ -194,9 +194,9 @@ static int def_load(CONF *conf, const char *name, long *line) if (in == NULL) { if (ERR_GET_REASON(ERR_peek_last_error()) == BIO_R_NO_SUCH_FILE) - CONFerr(CONF_F_CONF_LOAD,CONF_R_NO_SUCH_FILE); + CONFerr(CONF_F_DEF_LOAD,CONF_R_NO_SUCH_FILE); else - CONFerr(CONF_F_CONF_LOAD,ERR_R_SYS_LIB); + CONFerr(CONF_F_DEF_LOAD,ERR_R_SYS_LIB); return 0; } @@ -225,28 +225,28 @@ static int def_load_bio(CONF *conf, BIO *in, long *line) if ((buff=BUF_MEM_new()) == NULL) { - CONFerr(CONF_F_CONF_LOAD_BIO,ERR_R_BUF_LIB); + CONFerr(CONF_F_DEF_LOAD_BIO,ERR_R_BUF_LIB); goto err; } section=(char *)OPENSSL_malloc(10); if (section == NULL) { - CONFerr(CONF_F_CONF_LOAD_BIO,ERR_R_MALLOC_FAILURE); + CONFerr(CONF_F_DEF_LOAD_BIO,ERR_R_MALLOC_FAILURE); goto err; } BUF_strlcpy(section,"default",10); if (_CONF_new_data(conf) == 0) { - CONFerr(CONF_F_CONF_LOAD_BIO,ERR_R_MALLOC_FAILURE); + CONFerr(CONF_F_DEF_LOAD_BIO,ERR_R_MALLOC_FAILURE); goto err; } sv=_CONF_new_section(conf,section); if (sv == NULL) { - CONFerr(CONF_F_CONF_LOAD_BIO, + CONFerr(CONF_F_DEF_LOAD_BIO, CONF_R_UNABLE_TO_CREATE_NEW_SECTION); goto err; } @@ -258,7 +258,7 @@ static int def_load_bio(CONF *conf, BIO *in, long *line) { if (!BUF_MEM_grow(buff,bufnum+CONFBUFSIZE)) { - CONFerr(CONF_F_CONF_LOAD_BIO,ERR_R_BUF_LIB); + CONFerr(CONF_F_DEF_LOAD_BIO,ERR_R_BUF_LIB); goto err; } p= &(buff->data[bufnum]); @@ -329,7 +329,7 @@ again: ss=p; goto again; } - CONFerr(CONF_F_CONF_LOAD_BIO, + CONFerr(CONF_F_DEF_LOAD_BIO, CONF_R_MISSING_CLOSE_SQUARE_BRACKET); goto err; } @@ -339,7 +339,7 @@ again: sv=_CONF_new_section(conf,section); if (sv == NULL) { - CONFerr(CONF_F_CONF_LOAD_BIO, + CONFerr(CONF_F_DEF_LOAD_BIO, CONF_R_UNABLE_TO_CREATE_NEW_SECTION); goto err; } @@ -362,7 +362,7 @@ again: p=eat_ws(conf, end); if (*p != '=') { - CONFerr(CONF_F_CONF_LOAD_BIO, + CONFerr(CONF_F_DEF_LOAD_BIO, CONF_R_MISSING_EQUAL_SIGN); goto err; } @@ -379,7 +379,7 @@ again: if (!(v=(CONF_VALUE *)OPENSSL_malloc(sizeof(CONF_VALUE)))) { - CONFerr(CONF_F_CONF_LOAD_BIO, + CONFerr(CONF_F_DEF_LOAD_BIO, ERR_R_MALLOC_FAILURE); goto err; } @@ -388,7 +388,7 @@ again: v->value=NULL; if (v->name == NULL) { - CONFerr(CONF_F_CONF_LOAD_BIO, + CONFerr(CONF_F_DEF_LOAD_BIO, ERR_R_MALLOC_FAILURE); goto err; } @@ -402,7 +402,7 @@ again: tv=_CONF_new_section(conf,psection); if (tv == NULL) { - CONFerr(CONF_F_CONF_LOAD_BIO, + CONFerr(CONF_F_DEF_LOAD_BIO, CONF_R_UNABLE_TO_CREATE_NEW_SECTION); goto err; } @@ -416,7 +416,7 @@ again: #if 1 if (_CONF_add_string(conf, tv, v) == 0) { - CONFerr(CONF_F_CONF_LOAD_BIO, + CONFerr(CONF_F_DEF_LOAD_BIO, ERR_R_MALLOC_FAILURE); goto err; } @@ -424,7 +424,7 @@ again: v->section=tv->section; if (!sk_CONF_VALUE_push(ts,v)) { - CONFerr(CONF_F_CONF_LOAD_BIO, + CONFerr(CONF_F_DEF_LOAD_BIO, ERR_R_MALLOC_FAILURE); goto err; } @@ -629,7 +629,7 @@ static int str_copy(CONF *conf, char *section, char **pto, char *from) CONFerr(CONF_F_STR_COPY,CONF_R_VARIABLE_HAS_NO_VALUE); goto err; } - BUF_MEM_grow_clean(buf,(strlen(p)+len-(e-from))); + BUF_MEM_grow_clean(buf,(strlen(p)+buf->length-(e-from))); while (*p) buf->data[to++]= *(p++); diff --git a/src/lib/libssl/src/crypto/conf/conf_err.c b/src/lib/libssl/src/crypto/conf/conf_err.c index f5e2ca4bf0..a16a5e0bd4 100644 --- a/src/lib/libssl/src/crypto/conf/conf_err.c +++ b/src/lib/libssl/src/crypto/conf/conf_err.c @@ -75,6 +75,8 @@ static ERR_STRING_DATA CONF_str_functs[]= {ERR_FUNC(CONF_F_CONF_LOAD_BIO), "CONF_load_bio"}, {ERR_FUNC(CONF_F_CONF_LOAD_FP), "CONF_load_fp"}, {ERR_FUNC(CONF_F_CONF_MODULES_LOAD), "CONF_modules_load"}, +{ERR_FUNC(CONF_F_DEF_LOAD), "DEF_LOAD"}, +{ERR_FUNC(CONF_F_DEF_LOAD_BIO), "DEF_LOAD_BIO"}, {ERR_FUNC(CONF_F_MODULE_INIT), "MODULE_INIT"}, {ERR_FUNC(CONF_F_MODULE_LOAD_DSO), "MODULE_LOAD_DSO"}, {ERR_FUNC(CONF_F_MODULE_RUN), "MODULE_RUN"}, @@ -116,15 +118,12 @@ static ERR_STRING_DATA CONF_str_reasons[]= void ERR_load_CONF_strings(void) { - static int init=1; +#ifndef OPENSSL_NO_ERR - if (init) + if (ERR_func_error_string(CONF_str_functs[0].error) == NULL) { - init=0; -#ifndef OPENSSL_NO_ERR ERR_load_strings(0,CONF_str_functs); ERR_load_strings(0,CONF_str_reasons); -#endif - } +#endif } diff --git a/src/lib/libssl/src/crypto/conf/conf_lib.c b/src/lib/libssl/src/crypto/conf/conf_lib.c index 6a3cf109dd..2a3399d269 100644 --- a/src/lib/libssl/src/crypto/conf/conf_lib.c +++ b/src/lib/libssl/src/crypto/conf/conf_lib.c @@ -63,7 +63,7 @@ #include #include -const char *CONF_version="CONF" OPENSSL_VERSION_PTEXT; +const char CONF_version[]="CONF" OPENSSL_VERSION_PTEXT; static CONF_METHOD *default_CONF_method=NULL; @@ -184,7 +184,7 @@ long CONF_get_number(LHASH *conf,const char *group,const char *name) if (status == 0) { /* This function does not believe in errors... */ - ERR_get_error(); + ERR_clear_error(); } return result; } diff --git a/src/lib/libssl/src/crypto/conf/conf_mod.c b/src/lib/libssl/src/crypto/conf/conf_mod.c index d45adea851..628e8333a6 100644 --- a/src/lib/libssl/src/crypto/conf/conf_mod.c +++ b/src/lib/libssl/src/crypto/conf/conf_mod.c @@ -126,17 +126,18 @@ int CONF_modules_load(const CONF *cnf, const char *appname, { STACK_OF(CONF_VALUE) *values; CONF_VALUE *vl; - char *vsection; + char *vsection = NULL; int ret, i; if (!cnf) return 1; - if (appname == NULL) - appname = "openssl_conf"; + if (appname) + vsection = NCONF_get_string(cnf, NULL, appname); - vsection = NCONF_get_string(cnf, NULL, appname); + if (!appname || (!vsection && (flags & CONF_MFLAGS_DEFAULT_SECTION))) + vsection = NCONF_get_string(cnf, NULL, "openssl_conf"); if (!vsection) { @@ -231,7 +232,7 @@ static int module_run(const CONF *cnf, char *name, char *value, if (!(flags & CONF_MFLAGS_SILENT)) { char rcode[DECIMAL_SIZE(ret)+1]; - CONFerr(CONF_F_CONF_MODULES_LOAD, CONF_R_MODULE_INITIALIZATION_ERROR); + CONFerr(CONF_F_MODULE_RUN, CONF_R_MODULE_INITIALIZATION_ERROR); BIO_snprintf(rcode, sizeof rcode, "%-8d", ret); ERR_add_error_data(6, "module=", name, ", value=", value, ", retcode=", rcode); } @@ -254,7 +255,7 @@ static CONF_MODULE *module_load_dso(const CONF *cnf, char *name, char *value, path = NCONF_get_string(cnf, value, "path"); if (!path) { - ERR_get_error(); + ERR_clear_error(); path = name; } dso = DSO_load(NULL, path, NULL, 0); @@ -431,7 +432,7 @@ void CONF_modules_unload(int all) if (((md->links > 0) || !md->dso) && !all) continue; /* Since we're working in reverse this is OK */ - sk_CONF_MODULE_delete(supported_modules, i); + (void)sk_CONF_MODULE_delete(supported_modules, i); module_free(md); } if (sk_CONF_MODULE_num(supported_modules) == 0) diff --git a/src/lib/libssl/src/crypto/conf/conf_sap.c b/src/lib/libssl/src/crypto/conf/conf_sap.c index e15c2e5546..9c53bac1a8 100644 --- a/src/lib/libssl/src/crypto/conf/conf_sap.c +++ b/src/lib/libssl/src/crypto/conf/conf_sap.c @@ -88,8 +88,8 @@ void OPENSSL_config(const char *config_name) ERR_clear_error(); - if (CONF_modules_load_file(NULL, NULL, - CONF_MFLAGS_IGNORE_MISSING_FILE) <= 0) + if (CONF_modules_load_file(NULL, config_name, + CONF_MFLAGS_DEFAULT_SECTION|CONF_MFLAGS_IGNORE_MISSING_FILE) <= 0) { BIO *bio_err; ERR_load_crypto_strings(); diff --git a/src/lib/libssl/src/crypto/cpt_err.c b/src/lib/libssl/src/crypto/cpt_err.c index 06a6109cce..9fd41fff8c 100644 --- a/src/lib/libssl/src/crypto/cpt_err.c +++ b/src/lib/libssl/src/crypto/cpt_err.c @@ -92,15 +92,12 @@ static ERR_STRING_DATA CRYPTO_str_reasons[]= void ERR_load_CRYPTO_strings(void) { - static int init=1; +#ifndef OPENSSL_NO_ERR - if (init) + if (ERR_func_error_string(CRYPTO_str_functs[0].error) == NULL) { - init=0; -#ifndef OPENSSL_NO_ERR ERR_load_strings(0,CRYPTO_str_functs); ERR_load_strings(0,CRYPTO_str_reasons); -#endif - } +#endif } diff --git a/src/lib/libssl/src/crypto/cryptlib.c b/src/lib/libssl/src/crypto/cryptlib.c index e63bbe8dba..8c68623828 100644 --- a/src/lib/libssl/src/crypto/cryptlib.c +++ b/src/lib/libssl/src/crypto/cryptlib.c @@ -1,4 +1,57 @@ /* crypto/cryptlib.c */ +/* ==================================================================== + * Copyright (c) 1998-2003 The OpenSSL Project. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * 3. All advertising materials mentioning features or use of this + * software must display the following acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" + * + * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to + * endorse or promote products derived from this software without + * prior written permission. For written permission, please contact + * openssl-core@openssl.org. + * + * 5. Products derived from this software may not be called "OpenSSL" + * nor may "OpenSSL" appear in their names without prior written + * permission of the OpenSSL Project. + * + * 6. Redistributions of any form whatsoever must retain the following + * acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit (http://www.openssl.org/)" + * + * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY + * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR + * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * ==================================================================== + * + * This product includes cryptographic software written by Eric Young + * (eay@cryptsoft.com). This product includes software written by Tim + * Hudson (tjh@cryptsoft.com). + * + */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -55,11 +108,13 @@ * copied and put under another distribution licence * [including the GNU Public Licence.] */ +/* ==================================================================== + * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. + * ECDH support in OpenSSL originally developed by + * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project. + */ -#include -#include #include "cryptlib.h" -#include #include #if defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_WIN16) @@ -70,7 +125,7 @@ DECLARE_STACK_OF(CRYPTO_dynlock) IMPLEMENT_STACK_OF(CRYPTO_dynlock) /* real #defines in crypto.h, keep these upto date */ -static const char* lock_names[CRYPTO_NUM_LOCKS] = +static const char* const lock_names[CRYPTO_NUM_LOCKS] = { "<>", "err", @@ -104,10 +159,14 @@ static const char* lock_names[CRYPTO_NUM_LOCKS] = "dynlock", "engine", "ui", - "hwcrhk", /* This is a HACK which will disappear in 0.9.8 */ - "fips", - "fips2", -#if CRYPTO_NUM_LOCKS != 35 + "ecdsa", + "ec", + "ecdh", + "bn", + "ec_pre_comp", + "store", + "comp", +#if CRYPTO_NUM_LOCKS != 39 # error "Inconsistency between crypto.h and cryptlib.c" #endif }; @@ -218,7 +277,7 @@ int CRYPTO_get_new_dynlockid(void) else /* If we found a place with a NULL pointer, put our pointer in it. */ - sk_CRYPTO_dynlock_set(dyn_locks,i,pointer); + (void)sk_CRYPTO_dynlock_set(dyn_locks,i,pointer); CRYPTO_w_unlock(CRYPTO_LOCK_DYNLOCK); if (i == -1) @@ -260,7 +319,7 @@ void CRYPTO_destroy_dynlockid(int i) #endif if (pointer->references <= 0) { - sk_CRYPTO_dynlock_set(dyn_locks, i, NULL); + (void)sk_CRYPTO_dynlock_set(dyn_locks, i, NULL); } else pointer = NULL; @@ -480,9 +539,48 @@ const char *CRYPTO_get_lock_name(int type) return(sk_value(app_locks,type-CRYPTO_NUM_LOCKS)); } -int OPENSSL_NONPIC_relocated=0; +#if defined(__i386) || defined(__i386__) || defined(_M_IX86) || \ + defined(__INTEL__) || \ + defined(__x86_64) || defined(__x86_64__) || defined(_M_AMD64) + +unsigned long OPENSSL_ia32cap_P=0; +unsigned long *OPENSSL_ia32cap_loc(void) { return &OPENSSL_ia32cap_P; } + +#if defined(OPENSSL_CPUID_OBJ) && !defined(OPENSSL_NO_ASM) && !defined(I386_ONLY) +#define OPENSSL_CPUID_SETUP +void OPENSSL_cpuid_setup(void) +{ static int trigger=0; + unsigned long OPENSSL_ia32_cpuid(void); + char *env; -#if defined(_WIN32) && defined(_WINDLL) + if (trigger) return; + + trigger=1; + if ((env=getenv("OPENSSL_ia32cap"))) + OPENSSL_ia32cap_P = strtoul(env,NULL,0)|(1<<10); + else + OPENSSL_ia32cap_P = OPENSSL_ia32_cpuid()|(1<<10); + /* + * |(1<<10) sets a reserved bit to signal that variable + * was initialized already... This is to avoid interference + * with cpuid snippets in ELF .init segment. + */ +} +#endif + +#else +unsigned long *OPENSSL_ia32cap_loc(void) { return NULL; } +#endif +int OPENSSL_NONPIC_relocated = 0; +#if !defined(OPENSSL_CPUID_SETUP) +void OPENSSL_cpuid_setup(void) {} +#endif + +#if (defined(_WIN32) || defined(__CYGWIN__)) && defined(_WINDLL) +#ifdef __CYGWIN__ +/* pick DLL_[PROCESS|THREAD]_[ATTACH|DETACH] definitions */ +#include +#endif /* All we really need to do is remove the 'error' state when a thread * detaches */ @@ -493,6 +591,7 @@ BOOL WINAPI DllMain(HINSTANCE hinstDLL, DWORD fdwReason, switch(fdwReason) { case DLL_PROCESS_ATTACH: + OPENSSL_cpuid_setup(); #if defined(_WIN32_WINNT) { IMAGE_DOS_HEADER *dos_header = (IMAGE_DOS_HEADER *)hinstDLL; @@ -521,11 +620,11 @@ BOOL WINAPI DllMain(HINSTANCE hinstDLL, DWORD fdwReason, } #endif -#if defined(_WIN32) +#if defined(_WIN32) && !defined(__CYGWIN__) #include #if defined(_WIN32_WINNT) && _WIN32_WINNT>=0x0333 -static int IsService(void) +int OPENSSL_isservice(void) { HWINSTA h; DWORD len; WCHAR *name; @@ -562,12 +661,15 @@ static int IsService(void) #endif else return 0; } +#else +int OPENSSL_isservice(void) { return 0; } #endif void OPENSSL_showfatal (const char *fmta,...) { va_list ap; TCHAR buf[256]; const TCHAR *fmt; +#ifdef STD_ERROR_HANDLE /* what a dirty trick! */ HANDLE h; if ((h=GetStdHandle(STD_ERROR_HANDLE)) != NULL && @@ -578,6 +680,7 @@ void OPENSSL_showfatal (const char *fmta,...) va_end (ap); return; } +#endif if (sizeof(TCHAR)==sizeof(char)) fmt=(const TCHAR *)fmta; @@ -623,7 +726,7 @@ void OPENSSL_showfatal (const char *fmta,...) #if defined(_WIN32_WINNT) && _WIN32_WINNT>=0x0333 /* this -------------v--- guards NT-specific calls */ - if (GetVersion() < 0x80000000 && IsService()) + if (GetVersion() < 0x80000000 && OPENSSL_isservice()) { HANDLE h = RegisterEventSource(0,_T("OPENSSL")); const TCHAR *pmsg=buf; ReportEvent(h,EVENTLOG_ERROR_TYPE,0,0,0,1,0,&pmsg,0); @@ -631,21 +734,7 @@ void OPENSSL_showfatal (const char *fmta,...) } else #endif - { MSGBOXPARAMS m; - - m.cbSize = sizeof(m); - m.hwndOwner = NULL; - m.lpszCaption = _T("OpenSSL: FATAL"); - m.dwStyle = MB_OK; - m.hInstance = NULL; - m.lpszIcon = IDI_ERROR; - m.dwContextHelpId = 0; - m.lpfnMsgBoxCallback = NULL; - m.dwLanguageId = MAKELANGID(LANG_ENGLISH,SUBLANG_ENGLISH_US); - m.lpszText = buf; - - MessageBoxIndirect (&m); - } + MessageBox (NULL,buf,_T("OpenSSL: FATAL"),MB_OK|MB_ICONSTOP); } #else void OPENSSL_showfatal (const char *fmta,...) @@ -655,6 +744,7 @@ void OPENSSL_showfatal (const char *fmta,...) vfprintf (stderr,fmta,ap); va_end (ap); } +int OPENSSL_isservice (void) { return 0; } #endif void OpenSSLDie(const char *file,int line,const char *assertion) @@ -666,79 +756,3 @@ void OpenSSLDie(const char *file,int line,const char *assertion) } void *OPENSSL_stderr(void) { return stderr; } - -#ifdef OPENSSL_FIPS - -void fips_w_lock(void) { CRYPTO_w_lock(CRYPTO_LOCK_FIPS); } -void fips_w_unlock(void) { CRYPTO_w_unlock(CRYPTO_LOCK_FIPS); } -void fips_r_lock(void) { CRYPTO_r_lock(CRYPTO_LOCK_FIPS); } -void fips_r_unlock(void) { CRYPTO_r_unlock(CRYPTO_LOCK_FIPS); } - -static int fips_started = 0; -static unsigned long fips_thread = 0; - -void fips_set_started(void) - { - fips_started = 1; - } - -int fips_is_started(void) - { - return fips_started; - } - -int fips_is_owning_thread(void) - { - int ret = 0; - - if (fips_is_started()) - { - CRYPTO_r_lock(CRYPTO_LOCK_FIPS2); - if (fips_thread != 0 && fips_thread == CRYPTO_thread_id()) - ret = 1; - CRYPTO_r_unlock(CRYPTO_LOCK_FIPS2); - } - return ret; - } - -int fips_set_owning_thread(void) - { - int ret = 0; - - if (fips_is_started()) - { - CRYPTO_w_lock(CRYPTO_LOCK_FIPS2); - if (fips_thread == 0) - { - fips_thread = CRYPTO_thread_id(); - ret = 1; - } - CRYPTO_w_unlock(CRYPTO_LOCK_FIPS2); - } - return ret; - } - -int fips_clear_owning_thread(void) - { - int ret = 0; - - if (fips_is_started()) - { - CRYPTO_w_lock(CRYPTO_LOCK_FIPS2); - if (fips_thread == CRYPTO_thread_id()) - { - fips_thread = 0; - ret = 1; - } - CRYPTO_w_unlock(CRYPTO_LOCK_FIPS2); - } - return ret; - } - -unsigned char *fips_signature_witness(void) - { - extern unsigned char FIPS_signature[]; - return FIPS_signature; - } -#endif /* OPENSSL_FIPS */ - diff --git a/src/lib/libssl/src/crypto/cryptlib.h b/src/lib/libssl/src/crypto/cryptlib.h index 6f59e08ca6..5ceaa964b5 100644 --- a/src/lib/libssl/src/crypto/cryptlib.h +++ b/src/lib/libssl/src/crypto/cryptlib.h @@ -64,6 +64,11 @@ #include "e_os.h" +#ifdef OPENSSL_USE_APPLINK +#define BIO_FLAGS_UPLINK 0x8000 +#include "ms/uplink.h" +#endif + #include #include #include @@ -93,9 +98,12 @@ extern "C" { #define DECIMAL_SIZE(type) ((sizeof(type)*8+2)/3+1) #define HEX_SIZE(type) (sizeof(type)*2) +void OPENSSL_cpuid_setup(void); +extern unsigned long OPENSSL_ia32cap_P; void OPENSSL_showfatal(const char *,...); void *OPENSSL_stderr(void); extern int OPENSSL_NONPIC_relocated; +int OPENSSL_isservice(void); #ifdef __cplusplus } diff --git a/src/lib/libssl/src/crypto/crypto-lib.com b/src/lib/libssl/src/crypto/crypto-lib.com index 427c321f25..8898f30c1f 100644 --- a/src/lib/libssl/src/crypto/crypto-lib.com +++ b/src/lib/libssl/src/crypto/crypto-lib.com @@ -75,12 +75,15 @@ $ ENDIF $! $! Define The Different Encryption Types. $! -$ ENCRYPT_TYPES = "Basic,MD2,MD4,MD5,SHA,MDC2,HMAC,RIPEMD,"+ - - "DES,RC2,RC4,RC5,IDEA,BF,CAST,"+ - - "BN,EC,RSA,DSA,DH,DSO,ENGINE,AES,"+ - - "BUFFER,BIO,STACK,LHASH,RAND,ERR,OBJECTS,"+ - +$ ENCRYPT_TYPES = "Basic,"+ - + "OBJECTS,"+ - + "MD2,MD4,MD5,SHA,MDC2,HMAC,RIPEMD,"+ - + "DES,RC2,RC4,RC5,IDEA,BF,CAST,CAMELLIA,SEED,"+ - + "BN,EC,RSA,DSA,ECDSA,DH,ECDH,DSO,ENGINE,AES,"+ - + "BUFFER,BIO,STACK,LHASH,RAND,ERR,"+ - "EVP,EVP_2,ASN1,ASN1_2,PEM,X509,X509V3,"+ - - "CONF,TXT_DB,PKCS7,PKCS12,COMP,OCSP,UI,KRB5" + "CONF,TXT_DB,PKCS7,PKCS12,COMP,OCSP,UI,KRB5,"+ - + "STORE,CMS,PQUEUE" $! $! Check To Make Sure We Have Valid Command Line Parameters. $! @@ -158,11 +161,11 @@ $! $ APPS_DES = "DES/DES,CBC3_ENC" $ APPS_PKCS7 = "ENC/ENC;DEC/DEC;SIGN/SIGN;VERIFY/VERIFY,EXAMPLE" $ -$ LIB_ = "cryptlib,mem,mem_clr,mem_dbg,cversion,ex_data,tmdiff,cpt_err,ebcdic,uid,o_time,o_str" +$ LIB_ = "cryptlib,mem,mem_clr,mem_dbg,cversion,ex_data,tmdiff,cpt_err,ebcdic,uid,o_time,o_str,o_dir" $ LIB_MD2 = "md2_dgst,md2_one" $ LIB_MD4 = "md4_dgst,md4_one" $ LIB_MD5 = "md5_dgst,md5_one" -$ LIB_SHA = "sha_dgst,sha1dgst,sha_one,sha1_one" +$ LIB_SHA = "sha_dgst,sha1dgst,sha_one,sha1_one,sha256,sha512" $ LIB_MDC2 = "mdc2dgst,mdc2_one" $ LIB_HMAC = "hmac" $ LIB_RIPEMD = "rmd_dgst,rmd_one" @@ -179,34 +182,43 @@ $ LIB_RC5 = "rc5_skey,rc5_ecb,rc5_enc,rc5cfb64,rc5ofb64" $ LIB_IDEA = "i_cbc,i_cfb64,i_ofb64,i_ecb,i_skey" $ LIB_BF = "bf_skey,bf_ecb,bf_enc,bf_cfb64,bf_ofb64" $ LIB_CAST = "c_skey,c_ecb,c_enc,c_cfb64,c_ofb64" +$ LIB_CAMELLIA = "camellia,cmll_misc,cmll_ecb,cmll_cbc,cmll_ofb,"+ - + "cmll_cfb,cmll_ctr" +$ LIB_SEED = "seed,seed_cbc,seed_ecb,seed_cfb,seed_ofb" $ LIB_BN_ASM = "[.asm]vms.mar,vms-helper" $ IF F$TRNLNM("OPENSSL_NO_ASM").OR.ARCH.EQS."AXP" THEN LIB_BN_ASM = "bn_asm" $ LIB_BN = "bn_add,bn_div,bn_exp,bn_lib,bn_ctx,bn_mul,bn_mod,"+ - "bn_print,bn_rand,bn_shift,bn_word,bn_blind,"+ - "bn_kron,bn_sqrt,bn_gcd,bn_prime,bn_err,bn_sqr,"+LIB_BN_ASM+","+ - - "bn_recp,bn_mont,bn_mpi,bn_exp2,bn_x931p" + "bn_recp,bn_mont,bn_mpi,bn_exp2,bn_gf2m,bn_nist,"+ - + "bn_depr,bn_const" +$ LIB_EC = "ec_lib,ecp_smpl,ecp_mont,ecp_nist,ec_cvt,ec_mult,"+ - + "ec_err,ec_curve,ec_check,ec_print,ec_asn1,ec_key,"+ - + "ec2_smpl,ec2_mult" $ LIB_RSA = "rsa_eay,rsa_gen,rsa_lib,rsa_sign,rsa_saos,rsa_err,"+ - "rsa_pk1,rsa_ssl,rsa_none,rsa_oaep,rsa_chk,rsa_null,"+ - - "rsa_pss,rsa_x931,rsa_asn1" -$ LIB_EC = "ec_lib,ecp_smpl,ecp_mont,ecp_recp,ecp_nist,ec_cvt,ec_mult,"+ - - "ec_err" -$ LIB_DSA = "dsa_gen,dsa_key,dsa_lib,dsa_asn1,dsa_vrf,dsa_sign,dsa_err,dsa_ossl" -$ LIB_DH = "dh_asn1,dh_gen,dh_key,dh_lib,dh_check,dh_err" + "rsa_pss,rsa_x931,rsa_asn1,rsa_depr" +$ LIB_DSA = "dsa_gen,dsa_key,dsa_lib,dsa_asn1,dsa_vrf,dsa_sign,"+ - + "dsa_err,dsa_ossl,dsa_depr" +$ LIB_ECDSA = "ecs_lib,ecs_asn1,ecs_ossl,ecs_sign,ecs_vrf,ecs_err" +$ LIB_DH = "dh_asn1,dh_gen,dh_key,dh_lib,dh_check,dh_err,dh_depr" +$ LIB_ECDH = "ech_lib,ech_ossl,ech_key,ech_err" $ LIB_DSO = "dso_dl,dso_dlfcn,dso_err,dso_lib,dso_null,"+ - "dso_openssl,dso_win32,dso_vms" $ LIB_ENGINE = "eng_err,eng_lib,eng_list,eng_init,eng_ctrl,"+ - "eng_table,eng_pkey,eng_fat,eng_all,"+ - - "tb_rsa,tb_dsa,tb_dh,tb_rand,tb_cipher,tb_digest,"+ - - "eng_openssl,eng_dyn,eng_cnf,"+ - - "hw_atalla,hw_cswift,hw_ncipher,hw_nuron,hw_ubsec,"+ - - "hw_cryptodev,hw_aep,hw_sureware,hw_4758_cca" -$ LIB_AES = "aes_core,aes_misc,aes_ecb,aes_cbc,aes_cfb,aes_ofb,aes_ctr" + "tb_rsa,tb_dsa,tb_ecdsa,tb_dh,tb_ecdh,tb_rand,tb_store,"+ - + "tb_cipher,tb_digest,"+ - + "eng_openssl,eng_dyn,eng_cnf,eng_cryptodev,eng_padlock" +$ LIB_AES = "aes_core,aes_misc,aes_ecb,aes_cbc,aes_cfb,aes_ofb,"+ - + "aes_ctr,aes_ige,aes_wrap" $ LIB_BUFFER = "buffer,buf_err" $ LIB_BIO = "bio_lib,bio_cb,bio_err,"+ - "bss_mem,bss_null,bss_fd,"+ - "bss_file,bss_sock,bss_conn,"+ - "bf_null,bf_buff,b_print,b_dump,"+ - "b_sock,bss_acpt,bf_nbio,bss_rtcp,bss_bio,bss_log,"+ - + "bss_dgram,"+ - "bf_lbuf" $ LIB_STACK = "stack" $ LIB_LHASH = "lhash,lh_stats" @@ -215,11 +227,11 @@ $ LIB_RAND = "md_rand,randfile,rand_lib,rand_err,rand_egd,"+ - $ LIB_ERR = "err,err_all,err_prn" $ LIB_OBJECTS = "o_names,obj_dat,obj_lib,obj_err" $ LIB_EVP = "encode,digest,evp_enc,evp_key,evp_acnf,"+ - - "e_des,e_bf,e_idea,e_des3,"+ - + "e_des,e_bf,e_idea,e_des3,e_camellia,e_seed,"+ - "e_rc4,e_aes,names,"+ - "e_xcbc_d,e_rc2,e_cast,e_rc5" $ LIB_EVP_2 = "m_null,m_md2,m_md4,m_md5,m_sha,m_sha1," + - - "m_dss,m_dss1,m_mdc2,m_ripemd,"+ - + "m_dss,m_dss1,m_mdc2,m_ripemd,m_ecdsa,"+ - "p_open,p_seal,p_sign,p_verify,p_lib,p_enc,p_dec,"+ - "bio_md,bio_b64,bio_enc,evp_err,e_null,"+ - "c_all,c_allc,c_alld,evp_lib,bio_ok,"+- @@ -233,8 +245,8 @@ $ LIB_ASN1 = "a_object,a_bitstr,a_utctm,a_gentm,a_time,a_int,a_octet,"+ - $ LIB_ASN1_2 = "t_req,t_x509,t_x509a,t_crl,t_pkey,t_spki,t_bitst,"+ - "tasn_new,tasn_fre,tasn_enc,tasn_dec,tasn_utl,tasn_typ,"+ - "f_int,f_string,n_pkey,"+ - - "f_enum,a_hdr,x_pkey,a_bool,x_exten,"+ - - "asn1_par,asn1_lib,asn1_err,a_meth,a_bytes,a_strnid,"+ - + "f_enum,a_hdr,x_pkey,a_bool,x_exten,asn_mime,"+ - + "asn1_gen,asn1_par,asn1_lib,asn1_err,a_meth,a_bytes,a_strnid,"+ - "evp_asn1,asn_pack,p5_pbe,p5_pbev2,p8_pkey,asn_moid" $ LIB_PEM = "pem_sign,pem_seal,pem_info,pem_lib,pem_all,pem_err,"+ - "pem_x509,pem_xaux,pem_oth,pem_pk8,pem_pkey" @@ -243,11 +255,13 @@ $ LIB_X509 = "x509_def,x509_d2,x509_r2x,x509_cmp,"+ - "x509_set,x509cset,x509rset,x509_err,"+ - "x509name,x509_v3,x509_ext,x509_att,"+ - "x509type,x509_lu,x_all,x509_txt,"+ - - "x509_trs,by_file,by_dir" + "x509_trs,by_file,by_dir,x509_vpm" $ LIB_X509V3 = "v3_bcons,v3_bitst,v3_conf,v3_extku,v3_ia5,v3_lib,"+ - "v3_prn,v3_utl,v3err,v3_genn,v3_alt,v3_skey,v3_akey,v3_pku,"+ - "v3_int,v3_enum,v3_sxnet,v3_cpols,v3_crld,v3_purp,v3_info,"+ - - "v3_ocsp,v3_akeya,v3_pcia,v3_pci" + "v3_ocsp,v3_akeya,v3_pmaps,v3_pcons,v3_ncons,v3_pcia,v3_pci,"+ - + "pcy_cache,pcy_node,pcy_data,pcy_map,pcy_tree,pcy_lib,"+ - + "v3_asid,v3_addr" $ LIB_CONF = "conf_err,conf_lib,conf_api,conf_def,conf_mod,conf_mall,conf_sap" $ LIB_TXT_DB = "txt_db" $ LIB_PKCS7 = "pk7_asn1,pk7_lib,pkcs7err,pk7_doit,pk7_smime,pk7_attr,"+ - @@ -262,13 +276,17 @@ $ LIB_OCSP = "ocsp_asn,ocsp_ext,ocsp_ht,ocsp_lib,ocsp_cl,"+ - $ LIB_UI_COMPAT = ",ui_compat" $ LIB_UI = "ui_err,ui_lib,ui_openssl,ui_util"+LIB_UI_COMPAT $ LIB_KRB5 = "krb5_asn" +$ LIB_STORE = "str_err,str_lib,str_meth,str_mem" +$ LIB_CMS = "cms_lib,cms_asn1,cms_att,cms_io,cms_smime,cms_err,"+ - + "cms_sd,cms_dd,cms_cd,cms_env,cms_enc,cms_ess" +$ LIB_PQUEUE = "pqueue" $! $! Setup exceptional compilations $! $ ! Add definitions for no threads on OpenVMS 7.1 and higher $ COMPILEWITH_CC3 = ",bss_rtcp," $ ! Disable the DOLLARID warning -$ COMPILEWITH_CC4 = ",a_utctm,bss_log,o_time," +$ COMPILEWITH_CC4 = ",a_utctm,bss_log,o_time,o_dir" $ ! Disable disjoint optimization $ COMPILEWITH_CC5 = ",md2_dgst,md4_dgst,md5_dgst,mdc2dgst," + - "sha_dgst,sha1dgst,rmd_dgst,bf_enc," diff --git a/src/lib/libssl/src/crypto/crypto.h b/src/lib/libssl/src/crypto/crypto.h index 22fd939e65..d2b5ffe332 100644 --- a/src/lib/libssl/src/crypto/crypto.h +++ b/src/lib/libssl/src/crypto/crypto.h @@ -1,4 +1,57 @@ /* crypto/crypto.h */ +/* ==================================================================== + * Copyright (c) 1998-2003 The OpenSSL Project. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * 3. All advertising materials mentioning features or use of this + * software must display the following acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" + * + * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to + * endorse or promote products derived from this software without + * prior written permission. For written permission, please contact + * openssl-core@openssl.org. + * + * 5. Products derived from this software may not be called "OpenSSL" + * nor may "OpenSSL" appear in their names without prior written + * permission of the OpenSSL Project. + * + * 6. Redistributions of any form whatsoever must retain the following + * acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit (http://www.openssl.org/)" + * + * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY + * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR + * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * ==================================================================== + * + * This product includes cryptographic software written by Eric Young + * (eay@cryptsoft.com). This product includes software written by Tim + * Hudson (tjh@cryptsoft.com). + * + */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -55,12 +108,19 @@ * copied and put under another distribution licence * [including the GNU Public Licence.] */ +/* ==================================================================== + * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. + * ECDH support in OpenSSL originally developed by + * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project. + */ #ifndef HEADER_CRYPTO_H #define HEADER_CRYPTO_H #include +#include + #ifndef OPENSSL_NO_FP_API #include #endif @@ -68,6 +128,7 @@ #include #include #include +#include #ifdef CHARSET_EBCDIC #include @@ -92,15 +153,39 @@ extern "C" { #define SSLEAY_PLATFORM 4 #define SSLEAY_DIR 5 +/* Already declared in ossl_typ.h */ +#if 0 +typedef struct crypto_ex_data_st CRYPTO_EX_DATA; +/* Called when a new object is created */ +typedef int CRYPTO_EX_new(void *parent, void *ptr, CRYPTO_EX_DATA *ad, + int idx, long argl, void *argp); +/* Called when an object is free()ed */ +typedef void CRYPTO_EX_free(void *parent, void *ptr, CRYPTO_EX_DATA *ad, + int idx, long argl, void *argp); +/* Called when we need to dup an object */ +typedef int CRYPTO_EX_dup(CRYPTO_EX_DATA *to, CRYPTO_EX_DATA *from, void *from_d, + int idx, long argl, void *argp); +#endif + +/* A generic structure to pass assorted data in a expandable way */ +typedef struct openssl_item_st + { + int code; + void *value; /* Not used for flag attributes */ + size_t value_size; /* Max size of value for output, length for input */ + size_t *value_length; /* Returned length of value for output */ + } OPENSSL_ITEM; + + /* When changing the CRYPTO_LOCK_* list, be sure to maintin the text lock * names in cryptlib.c */ -#define CRYPTO_LOCK_ERR 1 -#define CRYPTO_LOCK_EX_DATA 2 -#define CRYPTO_LOCK_X509 3 -#define CRYPTO_LOCK_X509_INFO 4 -#define CRYPTO_LOCK_X509_PKEY 5 +#define CRYPTO_LOCK_ERR 1 +#define CRYPTO_LOCK_EX_DATA 2 +#define CRYPTO_LOCK_X509 3 +#define CRYPTO_LOCK_X509_INFO 4 +#define CRYPTO_LOCK_X509_PKEY 5 #define CRYPTO_LOCK_X509_CRL 6 #define CRYPTO_LOCK_X509_REQ 7 #define CRYPTO_LOCK_DSA 8 @@ -127,10 +212,14 @@ extern "C" { #define CRYPTO_LOCK_DYNLOCK 29 #define CRYPTO_LOCK_ENGINE 30 #define CRYPTO_LOCK_UI 31 -#define CRYPTO_LOCK_HWCRHK 32 /* This is a HACK which will disappear in 0.9.8 */ -#define CRYPTO_LOCK_FIPS 33 -#define CRYPTO_LOCK_FIPS2 34 -#define CRYPTO_NUM_LOCKS 35 +#define CRYPTO_LOCK_ECDSA 32 +#define CRYPTO_LOCK_EC 33 +#define CRYPTO_LOCK_ECDH 34 +#define CRYPTO_LOCK_BN 35 +#define CRYPTO_LOCK_EC_PRE_COMP 36 +#define CRYPTO_LOCK_STORE 37 +#define CRYPTO_LOCK_COMP 38 +#define CRYPTO_NUM_LOCKS 39 #define CRYPTO_LOCK 1 #define CRYPTO_UNLOCK 2 @@ -191,21 +280,11 @@ typedef struct /* predec of the BIO type */ typedef struct bio_st BIO_dummy; -typedef struct crypto_ex_data_st +struct crypto_ex_data_st { STACK *sk; int dummy; /* gcc is screwing up this data structure :-( */ - } CRYPTO_EX_DATA; - -/* Called when a new object is created */ -typedef int CRYPTO_EX_new(void *parent, void *ptr, CRYPTO_EX_DATA *ad, - int idx, long argl, void *argp); -/* Called when an object is free()ed */ -typedef void CRYPTO_EX_free(void *parent, void *ptr, CRYPTO_EX_DATA *ad, - int idx, long argl, void *argp); -/* Called when we need to dup an object */ -typedef int CRYPTO_EX_dup(CRYPTO_EX_DATA *to, CRYPTO_EX_DATA *from, void *from_d, - int idx, long argl, void *argp); + }; /* This stuff is basically class callback functions * The current classes are SSL_CTX, SSL, SSL_SESSION, and a few more */ @@ -237,6 +316,10 @@ DECLARE_STACK_OF(CRYPTO_EX_DATA_FUNCS) #define CRYPTO_EX_INDEX_ENGINE 9 #define CRYPTO_EX_INDEX_X509 10 #define CRYPTO_EX_INDEX_UI 11 +#define CRYPTO_EX_INDEX_ECDSA 12 +#define CRYPTO_EX_INDEX_ECDH 13 +#define CRYPTO_EX_INDEX_COMP 14 +#define CRYPTO_EX_INDEX_STORE 15 /* Dynamically assigned indexes start from this value (don't use directly, use * via CRYPTO_ex_data_new_class). */ @@ -434,61 +517,10 @@ void CRYPTO_mem_leaks_cb(CRYPTO_MEM_LEAK_CB *cb); /* die if we have to */ void OpenSSLDie(const char *file,int line,const char *assertion); -#define OPENSSL_assert(e) (void)((e) ? 0 : (OpenSSLDie(__FILE__, __LINE__, #e),1)) - -#ifdef OPENSSL_FIPS -#define FIPS_ERROR_IGNORED(alg) OpenSSLDie(__FILE__, __LINE__, \ - alg " previous FIPS forbidden algorithm error ignored"); - -#define FIPS_BAD_ABORT(alg) OpenSSLDie(__FILE__, __LINE__, \ - #alg " Algorithm forbidden in FIPS mode"); - -#ifdef OPENSSL_FIPS_STRICT -#define FIPS_BAD_ALGORITHM(alg) FIPS_BAD_ABORT(alg) -#else -#define FIPS_BAD_ALGORITHM(alg) \ - { \ - FIPSerr(FIPS_F_HASH_FINAL,FIPS_R_NON_FIPS_METHOD); \ - ERR_add_error_data(2, "Algorithm=", #alg); \ - return 0; \ - } -#endif - -/* Low level digest API blocking macro */ - -#define FIPS_NON_FIPS_MD_Init(alg) \ - int alg##_Init(alg##_CTX *c) \ - { \ - if (FIPS_mode()) \ - FIPS_BAD_ALGORITHM(alg) \ - return private_##alg##_Init(c); \ - } \ - int private_##alg##_Init(alg##_CTX *c) - -/* For ciphers the API often varies from cipher to cipher and each needs to - * be treated as a special case. Variable key length ciphers (Blowfish, RC4, - * CAST) however are very similar and can use a blocking macro. - */ - -#define FIPS_NON_FIPS_VCIPHER_Init(alg) \ - void alg##_set_key(alg##_KEY *key, int len, const unsigned char *data) \ - { \ - if (FIPS_mode()) \ - FIPS_BAD_ABORT(alg) \ - private_##alg##_set_key(key, len, data); \ - } \ - void private_##alg##_set_key(alg##_KEY *key, int len, \ - const unsigned char *data) - -#else - -#define FIPS_NON_FIPS_VCIPHER_Init(alg) \ - void alg##_set_key(alg##_KEY *key, int len, const unsigned char *data) - -#define FIPS_NON_FIPS_MD_Init(alg) \ - int alg##_Init(alg##_CTX *c) +#define OPENSSL_assert(e) (void)((e) ? 0 : (OpenSSLDie(__FILE__, __LINE__, #e),1)) -#endif /* def OPENSSL_FIPS */ +unsigned long *OPENSSL_ia32cap_loc(void); +#define OPENSSL_ia32cap (*(OPENSSL_ia32cap_loc())) /* BEGIN ERROR CODES */ /* The following lines are auto generated by the script mkerr.pl. Any changes diff --git a/src/lib/libssl/src/crypto/cversion.c b/src/lib/libssl/src/crypto/cversion.c index beeeb14013..ea9f25fd16 100644 --- a/src/lib/libssl/src/crypto/cversion.c +++ b/src/lib/libssl/src/crypto/cversion.c @@ -56,10 +56,7 @@ * [including the GNU Public Licence.] */ -#include -#include #include "cryptlib.h" -#include #ifndef NO_WINDOWS_BRAINDEATH #include "buildinf.h" diff --git a/src/lib/libssl/src/crypto/des/FILES0 b/src/lib/libssl/src/crypto/des/FILES0 index 1c2e1f75b9..4c7ea2de7a 100644 --- a/src/lib/libssl/src/crypto/des/FILES0 +++ b/src/lib/libssl/src/crypto/des/FILES0 @@ -8,7 +8,7 @@ README - What this package is. VERSION - Which version this is and what was changed. KERBEROS - Kerberos version 4 notes. Makefile.PL - An old makefile to build with perl5, not current. -Makefile - The SSLeay makefile +Makefile.ssl - The SSLeay makefile Makefile.uni - The normal unix makefile. GNUmakefile - The makefile for use with glibc. makefile.bc - A Borland C makefile diff --git a/src/lib/libssl/src/crypto/des/INSTALL b/src/lib/libssl/src/crypto/des/INSTALL index 32457d775c..8aebdfe110 100644 --- a/src/lib/libssl/src/crypto/des/INSTALL +++ b/src/lib/libssl/src/crypto/des/INSTALL @@ -25,7 +25,7 @@ and then you can use the 'DES_PTR' option. The file options.txt has the options listed for best speed on quite a few systems. Look and the options (UNROLL, PTR, RISC2 etc) and then -turn on the relevent option in the Makefile +turn on the relevant option in the Makefile. There are some special Makefile targets that make life easier. make cc - standard cc build diff --git a/src/lib/libssl/src/crypto/des/Makefile b/src/lib/libssl/src/crypto/des/Makefile index 800af0b123..523dfe38f2 100644 --- a/src/lib/libssl/src/crypto/des/Makefile +++ b/src/lib/libssl/src/crypto/des/Makefile @@ -8,11 +8,6 @@ CC= cc CPP= $(CC) -E INCLUDES=-I$(TOP) -I../../include CFLAG=-g -INSTALL_PREFIX= -OPENSSLDIR= /usr/local/ssl -INSTALLTOP=/usr/local/ssl -MAKEDEPPROG= makedepend -MAKEDEPEND= $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG) MAKEFILE= Makefile AR= ar r RANLIB= ranlib @@ -22,6 +17,7 @@ DES_ENC= des_enc.o fcrypt_b.o CFLAGS= $(INCLUDES) $(CFLAG) ASFLAGS= $(INCLUDES) $(ASFLAG) +AFLAGS= $(ASFLAGS) GENERAL=Makefile TEST=destest.c @@ -65,32 +61,24 @@ lib: $(LIBOBJ) des: des.o cbc3_enc.o lib $(CC) $(CFLAGS) -o des des.o cbc3_enc.o $(LIB) -# elf -asm/dx86-elf.s: asm/des-586.pl ../perlasm/x86asm.pl ../perlasm/cbc.pl - (cd asm; $(PERL) des-586.pl elf $(CFLAGS) > dx86-elf.s) - -asm/yx86-elf.s: asm/crypt586.pl ../perlasm/x86asm.pl ../perlasm/cbc.pl - (cd asm; $(PERL) crypt586.pl elf $(CFLAGS) > yx86-elf.s) - +des_enc-sparc.S: asm/des_enc.m4 + m4 -B 8192 asm/des_enc.m4 > des_enc-sparc.S + +# ELF +dx86-elf.s: asm/des-586.pl ../perlasm/x86asm.pl ../perlasm/cbc.pl + (cd asm; $(PERL) des-586.pl elf $(CFLAGS) > ../$@) +yx86-elf.s: asm/crypt586.pl ../perlasm/x86asm.pl ../perlasm/cbc.pl + (cd asm; $(PERL) crypt586.pl elf $(CFLAGS) > ../$@) +# COFF +dx86-cof.s: asm/des-586.pl ../perlasm/x86asm.pl ../perlasm/cbc.pl + (cd asm; $(PERL) des-586.pl coff $(CFLAGS) > ../$@) +yx86-cof.s: asm/crypt586.pl ../perlasm/x86asm.pl ../perlasm/cbc.pl + (cd asm; $(PERL) crypt586.pl coff $(CFLAGS) > ../$@) # a.out -asm/dx86-out.o: asm/dx86unix.cpp - $(CPP) -DOUT asm/dx86unix.cpp | as -o asm/dx86-out.o - -asm/yx86-out.o: asm/yx86unix.cpp - $(CPP) -DOUT asm/yx86unix.cpp | as -o asm/yx86-out.o - -# bsdi -asm/dx86bsdi.o: asm/dx86unix.cpp - $(CPP) -DBSDI asm/dx86unix.cpp | sed 's/ :/:/' | as -o asm/dx86bsdi.o - -asm/yx86bsdi.o: asm/yx86unix.cpp - $(CPP) -DBSDI asm/yx86unix.cpp | sed 's/ :/:/' | as -o asm/yx86bsdi.o - -asm/dx86unix.cpp: asm/des-586.pl ../perlasm/x86asm.pl ../perlasm/cbc.pl - (cd asm; $(PERL) des-586.pl cpp >dx86unix.cpp) - -asm/yx86unix.cpp: asm/crypt586.pl ../perlasm/x86asm.pl - (cd asm; $(PERL) crypt586.pl cpp >yx86unix.cpp) +dx86-out.s: asm/des-586.pl ../perlasm/x86asm.pl ../perlasm/cbc.pl + (cd asm; $(PERL) des-586.pl a.out $(CFLAGS) > ../$@) +yx86-out.s: asm/crypt586.pl ../perlasm/x86asm.pl ../perlasm/cbc.pl + (cd asm; $(PERL) crypt586.pl a.out $(CFLAGS) > ../$@) files: $(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO @@ -100,9 +88,11 @@ links: @$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST) @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS) -install: installs - -installs: +# We need to use force because 'install' matches 'INSTALL' on case +# insensitive systems +FRC.install: +install: FRC.install + @[ -n "$(INSTALLTOP)" ] # should be set by top Makefile... @headerlist="$(EXHEADER)"; for i in $$headerlist ; \ do \ (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \ @@ -118,6 +108,7 @@ lint: lint -DLINT $(INCLUDES) $(SRC)>fluff depend: + @[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile... $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC) dclean: @@ -125,83 +116,77 @@ dclean: mv -f Makefile.new $(MAKEFILE) clean: - rm -f asm/dx86unix.cpp asm/yx86unix.cpp asm/*-elf.* *.o asm/*.o *.obj des lib tags core .pure .nfs* *.old *.bak fluff + rm -f *.s *.o *.obj des lib tags core .pure .nfs* *.old *.bak fluff # DO NOT DELETE THIS LINE -- make depend depends on it. -cbc_cksm.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -cbc_cksm.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h -cbc_cksm.o: ../../include/openssl/opensslconf.h -cbc_cksm.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h +cbc_cksm.o: ../../include/openssl/des.h ../../include/openssl/des_old.h +cbc_cksm.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h +cbc_cksm.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h cbc_cksm.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h cbc_cksm.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h cbc_cksm.o: cbc_cksm.c des_locl.h -cbc_enc.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -cbc_enc.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h -cbc_enc.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -cbc_enc.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h -cbc_enc.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -cbc_enc.o: ../../include/openssl/ui_compat.h cbc_enc.c des_locl.h ncbc_enc.c -cfb64ede.o: ../../e_os.h ../../include/openssl/crypto.h -cfb64ede.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -cfb64ede.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h -cfb64ede.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h +cbc_enc.o: ../../include/openssl/des.h ../../include/openssl/des_old.h +cbc_enc.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h +cbc_enc.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h +cbc_enc.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +cbc_enc.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h +cbc_enc.o: cbc_enc.c des_locl.h ncbc_enc.c +cfb64ede.o: ../../e_os.h ../../include/openssl/des.h +cfb64ede.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h +cfb64ede.o: ../../include/openssl/opensslconf.h +cfb64ede.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h cfb64ede.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h cfb64ede.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h cfb64ede.o: cfb64ede.c des_locl.h -cfb64enc.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -cfb64enc.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h -cfb64enc.o: ../../include/openssl/opensslconf.h -cfb64enc.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h +cfb64enc.o: ../../include/openssl/des.h ../../include/openssl/des_old.h +cfb64enc.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h +cfb64enc.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h cfb64enc.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h cfb64enc.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h cfb64enc.o: cfb64enc.c des_locl.h -cfb_enc.o: ../../e_os.h ../../include/openssl/crypto.h -cfb_enc.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -cfb_enc.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h -cfb_enc.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h -cfb_enc.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -cfb_enc.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -cfb_enc.o: cfb_enc.c des_locl.h -des_enc.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -des_enc.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h -des_enc.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -des_enc.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h -des_enc.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -des_enc.o: ../../include/openssl/ui_compat.h des_enc.c des_locl.h ncbc_enc.c -des_old.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -des_old.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h -des_old.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h +cfb_enc.o: ../../e_os.h ../../include/openssl/des.h +cfb_enc.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h +cfb_enc.o: ../../include/openssl/opensslconf.h ../../include/openssl/ossl_typ.h +cfb_enc.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +cfb_enc.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h +cfb_enc.o: ../../include/openssl/ui_compat.h cfb_enc.c des_locl.h +des_enc.o: ../../include/openssl/des.h ../../include/openssl/des_old.h +des_enc.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h +des_enc.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h +des_enc.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +des_enc.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h +des_enc.o: des_enc.c des_locl.h ncbc_enc.c +des_old.o: ../../include/openssl/des.h ../../include/openssl/des_old.h +des_old.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h des_old.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h des_old.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h des_old.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h des_old.o: ../../include/openssl/ui_compat.h des_old.c -des_old2.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -des_old2.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h -des_old2.o: ../../include/openssl/opensslconf.h -des_old2.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -des_old2.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h -des_old2.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -des_old2.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -des_old2.o: des_old2.c -ecb3_enc.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -ecb3_enc.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h -ecb3_enc.o: ../../include/openssl/opensslconf.h -ecb3_enc.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h +des_old2.o: ../../include/openssl/des.h ../../include/openssl/des_old.h +des_old2.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h +des_old2.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h +des_old2.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +des_old2.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h +des_old2.o: ../../include/openssl/ui_compat.h des_old2.c +ecb3_enc.o: ../../include/openssl/des.h ../../include/openssl/des_old.h +ecb3_enc.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h +ecb3_enc.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h ecb3_enc.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h ecb3_enc.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h ecb3_enc.o: des_locl.h ecb3_enc.c ecb_enc.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h ecb_enc.o: ../../include/openssl/des.h ../../include/openssl/des_old.h ecb_enc.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h -ecb_enc.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h -ecb_enc.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -ecb_enc.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -ecb_enc.o: des_locl.h des_ver.h ecb_enc.c spr.h -ede_cbcm_enc.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -ede_cbcm_enc.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h +ecb_enc.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +ecb_enc.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +ecb_enc.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h +ecb_enc.o: ../../include/openssl/ui_compat.h des_locl.h des_ver.h ecb_enc.c +ecb_enc.o: spr.h +ede_cbcm_enc.o: ../../include/openssl/des.h ../../include/openssl/des_old.h +ede_cbcm_enc.o: ../../include/openssl/e_os2.h ede_cbcm_enc.o: ../../include/openssl/opensslconf.h -ede_cbcm_enc.o: ../../include/openssl/opensslv.h +ede_cbcm_enc.o: ../../include/openssl/ossl_typ.h ede_cbcm_enc.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h ede_cbcm_enc.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h ede_cbcm_enc.o: ../../include/openssl/ui_compat.h des_locl.h ede_cbcm_enc.c @@ -210,10 +195,11 @@ enc_read.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h enc_read.o: ../../include/openssl/des.h ../../include/openssl/des_old.h enc_read.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h enc_read.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h -enc_read.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h -enc_read.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -enc_read.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -enc_read.o: ../cryptlib.h des_locl.h enc_read.c +enc_read.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +enc_read.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +enc_read.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h +enc_read.o: ../../include/openssl/ui_compat.h ../cryptlib.h des_locl.h +enc_read.o: enc_read.c enc_writ.o: ../../e_os.h ../../include/openssl/bio.h enc_writ.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h enc_writ.o: ../../include/openssl/des.h ../../include/openssl/des_old.h @@ -224,91 +210,83 @@ enc_writ.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h enc_writ.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h enc_writ.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h enc_writ.o: ../cryptlib.h des_locl.h enc_writ.c -fcrypt.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -fcrypt.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h -fcrypt.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -fcrypt.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h -fcrypt.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -fcrypt.o: ../../include/openssl/ui_compat.h des_locl.h fcrypt.c -fcrypt_b.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -fcrypt_b.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h -fcrypt_b.o: ../../include/openssl/opensslconf.h -fcrypt_b.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h +fcrypt.o: ../../include/openssl/des.h ../../include/openssl/des_old.h +fcrypt.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h +fcrypt.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h +fcrypt.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +fcrypt.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h +fcrypt.o: des_locl.h fcrypt.c +fcrypt_b.o: ../../include/openssl/des.h ../../include/openssl/des_old.h +fcrypt_b.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h +fcrypt_b.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h fcrypt_b.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h fcrypt_b.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h fcrypt_b.o: des_locl.h fcrypt_b.c -ofb64ede.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -ofb64ede.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h -ofb64ede.o: ../../include/openssl/opensslconf.h -ofb64ede.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h +ofb64ede.o: ../../include/openssl/des.h ../../include/openssl/des_old.h +ofb64ede.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h +ofb64ede.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h ofb64ede.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h ofb64ede.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h ofb64ede.o: des_locl.h ofb64ede.c -ofb64enc.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -ofb64enc.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h -ofb64enc.o: ../../include/openssl/opensslconf.h -ofb64enc.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h +ofb64enc.o: ../../include/openssl/des.h ../../include/openssl/des_old.h +ofb64enc.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h +ofb64enc.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h ofb64enc.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h ofb64enc.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h ofb64enc.o: des_locl.h ofb64enc.c -ofb_enc.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -ofb_enc.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h -ofb_enc.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -ofb_enc.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h -ofb_enc.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -ofb_enc.o: ../../include/openssl/ui_compat.h des_locl.h ofb_enc.c -pcbc_enc.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -pcbc_enc.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h -pcbc_enc.o: ../../include/openssl/opensslconf.h -pcbc_enc.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h +ofb_enc.o: ../../include/openssl/des.h ../../include/openssl/des_old.h +ofb_enc.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h +ofb_enc.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h +ofb_enc.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +ofb_enc.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h +ofb_enc.o: des_locl.h ofb_enc.c +pcbc_enc.o: ../../include/openssl/des.h ../../include/openssl/des_old.h +pcbc_enc.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h +pcbc_enc.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h pcbc_enc.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h pcbc_enc.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h pcbc_enc.o: des_locl.h pcbc_enc.c -qud_cksm.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -qud_cksm.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h -qud_cksm.o: ../../include/openssl/opensslconf.h -qud_cksm.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h +qud_cksm.o: ../../include/openssl/des.h ../../include/openssl/des_old.h +qud_cksm.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h +qud_cksm.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h qud_cksm.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h qud_cksm.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h qud_cksm.o: des_locl.h qud_cksm.c -rand_key.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -rand_key.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h -rand_key.o: ../../include/openssl/opensslconf.h -rand_key.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -rand_key.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h -rand_key.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -rand_key.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -rand_key.o: rand_key.c +rand_key.o: ../../include/openssl/des.h ../../include/openssl/des_old.h +rand_key.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h +rand_key.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h +rand_key.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +rand_key.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h +rand_key.o: ../../include/openssl/ui_compat.h rand_key.c read2pwd.o: ../../include/openssl/crypto.h ../../include/openssl/des.h read2pwd.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h read2pwd.o: ../../include/openssl/opensslconf.h -read2pwd.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h -read2pwd.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -read2pwd.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -read2pwd.o: read2pwd.c -rpc_enc.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -rpc_enc.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h -rpc_enc.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -rpc_enc.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h -rpc_enc.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -rpc_enc.o: ../../include/openssl/ui_compat.h des_locl.h des_ver.h rpc_des.h -rpc_enc.o: rpc_enc.c -set_key.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -set_key.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h -set_key.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -set_key.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h -set_key.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -set_key.o: ../../include/openssl/ui_compat.h des_locl.h set_key.c +read2pwd.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +read2pwd.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +read2pwd.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h +read2pwd.o: ../../include/openssl/ui_compat.h read2pwd.c +rpc_enc.o: ../../include/openssl/des.h ../../include/openssl/des_old.h +rpc_enc.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h +rpc_enc.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h +rpc_enc.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +rpc_enc.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h +rpc_enc.o: des_locl.h des_ver.h rpc_des.h rpc_enc.c +set_key.o: ../../include/openssl/des.h ../../include/openssl/des_old.h +set_key.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h +set_key.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h +set_key.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +set_key.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h +set_key.o: des_locl.h set_key.c str2key.o: ../../include/openssl/crypto.h ../../include/openssl/des.h str2key.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h str2key.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -str2key.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h -str2key.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -str2key.o: ../../include/openssl/ui_compat.h des_locl.h str2key.c -xcbc_enc.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -xcbc_enc.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h -xcbc_enc.o: ../../include/openssl/opensslconf.h -xcbc_enc.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h +str2key.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h +str2key.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +str2key.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h +str2key.o: des_locl.h str2key.c +xcbc_enc.o: ../../include/openssl/des.h ../../include/openssl/des_old.h +xcbc_enc.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h +xcbc_enc.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h xcbc_enc.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h xcbc_enc.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h xcbc_enc.o: des_locl.h xcbc_enc.c diff --git a/src/lib/libssl/src/crypto/des/cfb64ede.c b/src/lib/libssl/src/crypto/des/cfb64ede.c index f3c6018528..de34ecceb9 100644 --- a/src/lib/libssl/src/crypto/des/cfb64ede.c +++ b/src/lib/libssl/src/crypto/des/cfb64ede.c @@ -152,8 +152,8 @@ void DES_ede3_cfb_encrypt(const unsigned char *in,unsigned char *out, DES_cblock *ivec,int enc) { register DES_LONG d0,d1,v0,v1; - register long l=length; - register int num=numbits,n=(numbits+7)/8,i; + register unsigned long l=length,n=((unsigned int)numbits+7)/8; + register int num=numbits,i; DES_LONG ti[2]; unsigned char *iv; unsigned char ovec[16]; diff --git a/src/lib/libssl/src/crypto/des/cfb_enc.c b/src/lib/libssl/src/crypto/des/cfb_enc.c index 03cabb223c..720f29a28e 100644 --- a/src/lib/libssl/src/crypto/des/cfb_enc.c +++ b/src/lib/libssl/src/crypto/des/cfb_enc.c @@ -58,6 +58,7 @@ #include "e_os.h" #include "des_locl.h" +#include /* The input and output are loaded in multiples of 8 bits. * What this means is that if you hame numbits=12 and length=2 @@ -72,19 +73,29 @@ void DES_cfb_encrypt(const unsigned char *in, unsigned char *out, int numbits, int enc) { register DES_LONG d0,d1,v0,v1; - register unsigned long l=length,n=(numbits+7)/8; - register int num=numbits,i; + register unsigned long l=length; + register int num=numbits/8,n=(numbits+7)/8,i,rem=numbits%8; DES_LONG ti[2]; unsigned char *iv; +#ifndef L_ENDIAN unsigned char ovec[16]; +#else + unsigned int sh[4]; + unsigned char *ovec=(unsigned char *)sh; - if (num > 64) return; + /* I kind of count that compiler optimizes away this assertioni,*/ + assert (sizeof(sh[0])==4); /* as this holds true for all, */ + /* but 16-bit platforms... */ + +#endif + + if (numbits<=0 || numbits > 64) return; iv = &(*ivec)[0]; c2l(iv,v0); c2l(iv,v1); if (enc) { - while (l >= n) + while (l >= (unsigned long)n) { l-=n; ti[0]=v0; @@ -98,35 +109,40 @@ void DES_cfb_encrypt(const unsigned char *in, unsigned char *out, int numbits, out+=n; /* 30-08-94 - eay - changed because l>>32 and * l<<32 are bad under gcc :-( */ - if (num == 32) + if (numbits == 32) { v0=v1; v1=d0; } - else if (num == 64) + else if (numbits == 64) { v0=d0; v1=d1; } else { +#ifndef L_ENDIAN iv=&ovec[0]; l2c(v0,iv); l2c(v1,iv); l2c(d0,iv); l2c(d1,iv); - /* shift ovec left most of the bits... */ - memmove(ovec,ovec+num/8,8+(num%8 ? 1 : 0)); - /* now the remaining bits */ - if(num%8 != 0) +#else + sh[0]=v0, sh[1]=v1, sh[2]=d0, sh[3]=d1; +#endif + if (rem==0) + memmove(ovec,ovec+num,8); + else for(i=0 ; i < 8 ; ++i) - { - ovec[i]<<=num%8; - ovec[i]|=ovec[i+1]>>(8-num%8); - } + ovec[i]=ovec[i+num]<>(8-rem); +#ifdef L_ENDIAN + v0=sh[0], v1=sh[1]; +#else iv=&ovec[0]; c2l(iv,v0); c2l(iv,v1); +#endif } } } else { - while (l >= n) + while (l >= (unsigned long)n) { l-=n; ti[0]=v0; @@ -136,29 +152,34 @@ void DES_cfb_encrypt(const unsigned char *in, unsigned char *out, int numbits, in+=n; /* 30-08-94 - eay - changed because l>>32 and * l<<32 are bad under gcc :-( */ - if (num == 32) + if (numbits == 32) { v0=v1; v1=d0; } - else if (num == 64) + else if (numbits == 64) { v0=d0; v1=d1; } else { +#ifndef L_ENDIAN iv=&ovec[0]; l2c(v0,iv); l2c(v1,iv); l2c(d0,iv); l2c(d1,iv); - /* shift ovec left most of the bits... */ - memmove(ovec,ovec+num/8,8+(num%8 ? 1 : 0)); - /* now the remaining bits */ - if(num%8 != 0) +#else + sh[0]=v0, sh[1]=v1, sh[2]=d0, sh[3]=d1; +#endif + if (rem==0) + memmove(ovec,ovec+num,8); + else for(i=0 ; i < 8 ; ++i) - { - ovec[i]<<=num%8; - ovec[i]|=ovec[i+1]>>(8-num%8); - } + ovec[i]=ovec[i+num]<>(8-rem); +#ifdef L_ENDIAN + v0=sh[0], v1=sh[1]; +#else iv=&ovec[0]; c2l(iv,v0); c2l(iv,v1); +#endif } d0^=ti[0]; d1^=ti[1]; diff --git a/src/lib/libssl/src/crypto/des/des.h b/src/lib/libssl/src/crypto/des/des.h index c5df1c9c7b..92b6663599 100644 --- a/src/lib/libssl/src/crypto/des/des.h +++ b/src/lib/libssl/src/crypto/des/des.h @@ -59,13 +59,13 @@ #ifndef HEADER_NEW_DES_H #define HEADER_NEW_DES_H +#include /* OPENSSL_EXTERN, OPENSSL_NO_DES, + DES_LONG (via openssl/opensslconf.h */ + #ifdef OPENSSL_NO_DES #error DES is disabled. #endif -#include /* DES_LONG */ -#include /* OPENSSL_EXTERN */ - #ifdef OPENSSL_BUILD_SHLIBCRYPTO # undef OPENSSL_EXTERN # define OPENSSL_EXTERN OPENSSL_EXPORT @@ -128,7 +128,7 @@ OPENSSL_DECLARE_GLOBAL(int,DES_rw_mode); /* defaults to DES_PCBC_MODE */ #define DES_rw_mode OPENSSL_GLOBAL_REF(DES_rw_mode) const char *DES_options(void); -void DES_ecb3_encrypt(const unsigned char *input, unsigned char *output, +void DES_ecb3_encrypt(const_DES_cblock *input, DES_cblock *output, DES_key_schedule *ks1,DES_key_schedule *ks2, DES_key_schedule *ks3, int enc); DES_LONG DES_cbc_cksum(const unsigned char *input,DES_cblock *output, @@ -195,9 +195,10 @@ void DES_ede3_ofb64_encrypt(const unsigned char *in,unsigned char *out, long length,DES_key_schedule *ks1, DES_key_schedule *ks2,DES_key_schedule *ks3, DES_cblock *ivec,int *num); - +#if 0 void DES_xwhite_in2out(const_DES_cblock *DES_key,const_DES_cblock *in_white, DES_cblock *out_white); +#endif int DES_enc_read(int fd,void *buf,int len,DES_key_schedule *sched, DES_cblock *iv); diff --git a/src/lib/libssl/src/crypto/des/des_enc.c b/src/lib/libssl/src/crypto/des/des_enc.c index 72be2d98d7..1c37ab96d3 100644 --- a/src/lib/libssl/src/crypto/des/des_enc.c +++ b/src/lib/libssl/src/crypto/des/des_enc.c @@ -58,8 +58,6 @@ #include "des_locl.h" -#ifndef OPENSSL_FIPS - void DES_encrypt1(DES_LONG *data, DES_key_schedule *ks, int enc) { register DES_LONG l,r,t,u; @@ -289,12 +287,8 @@ void DES_decrypt3(DES_LONG *data, DES_key_schedule *ks1, data[1]=r; } -#endif /* ndef OPENSSL_FIPS */ - #ifndef DES_DEFAULT_OPTIONS -#if !defined(OPENSSL_FIPS_DES_ASM) - #undef CBC_ENC_C__DONT_UPDATE_IV #include "ncbc_enc.c" /* DES_ncbc_encrypt */ @@ -410,6 +404,4 @@ void DES_ede3_cbc_encrypt(const unsigned char *input, unsigned char *output, tin[0]=tin[1]=0; } -#endif /* !defined(OPENSSL_FIPS_DES_ASM) */ - #endif /* DES_DEFAULT_OPTIONS */ diff --git a/src/lib/libssl/src/crypto/des/des_locl.h b/src/lib/libssl/src/crypto/des/des_locl.h index 8f04b18c50..4b9ecff233 100644 --- a/src/lib/libssl/src/crypto/des/des_locl.h +++ b/src/lib/libssl/src/crypto/des/des_locl.h @@ -160,7 +160,7 @@ } \ } -#if defined(OPENSSL_SYS_WIN32) && defined(_MSC_VER) +#if (defined(OPENSSL_SYS_WIN32) && defined(_MSC_VER)) || defined(__ICC) #define ROTATE(a,n) (_lrotr(a,n)) #elif defined(__GNUC__) && __GNUC__>=2 && !defined(__STRICT_ANSI__) && !defined(OPENSSL_NO_ASM) && !defined(OPENSSL_NO_INLINE_ASM) && !defined(PEDANTIC) # if defined(__i386) || defined(__i386__) || defined(__x86_64) || defined(__x86_64__) diff --git a/src/lib/libssl/src/crypto/des/des_old.c b/src/lib/libssl/src/crypto/des/des_old.c index 88e9802aad..7c33ed7a93 100644 --- a/src/lib/libssl/src/crypto/des/des_old.c +++ b/src/lib/libssl/src/crypto/des/des_old.c @@ -84,7 +84,7 @@ void _ossl_old_des_ecb3_encrypt(_ossl_old_des_cblock *input,_ossl_old_des_cblock des_key_schedule ks1,des_key_schedule ks2, des_key_schedule ks3, int enc) { - DES_ecb3_encrypt((const unsigned char *)input, (unsigned char *)output, + DES_ecb3_encrypt((const_DES_cblock *)input, output, (DES_key_schedule *)ks1, (DES_key_schedule *)ks2, (DES_key_schedule *)ks3, enc); } @@ -169,11 +169,13 @@ void _ossl_old_des_ede3_ofb64_encrypt(unsigned char *in, unsigned char *out, (DES_key_schedule *)ks3, ivec, num); } +#if 0 /* broken code, preserved just in case anyone specifically looks for this */ void _ossl_old_des_xwhite_in2out(_ossl_old_des_cblock (*des_key), _ossl_old_des_cblock (*in_white), _ossl_old_des_cblock (*out_white)) { DES_xwhite_in2out(des_key, in_white, out_white); } +#endif int _ossl_old_des_enc_read(int fd,char *buf,int len,des_key_schedule sched, _ossl_old_des_cblock *iv) diff --git a/src/lib/libssl/src/crypto/des/des_old.h b/src/lib/libssl/src/crypto/des/des_old.h index 1d840b474a..2b2c372354 100644 --- a/src/lib/libssl/src/crypto/des/des_old.h +++ b/src/lib/libssl/src/crypto/des/des_old.h @@ -91,6 +91,8 @@ #ifndef HEADER_DES_H #define HEADER_DES_H +#include /* OPENSSL_EXTERN, OPENSSL_NO_DES, DES_LONG */ + #ifdef OPENSSL_NO_DES #error DES is disabled. #endif @@ -103,8 +105,6 @@ #error replaces . #endif -#include /* DES_LONG */ -#include /* OPENSSL_EXTERN */ #include #ifdef OPENSSL_BUILD_SHLIBCRYPTO @@ -116,6 +116,10 @@ extern "C" { #endif +#ifdef _ +#undef _ +#endif + typedef unsigned char _ossl_old_des_cblock[8]; typedef struct _ossl_old_des_ks_struct { @@ -171,9 +175,9 @@ typedef struct _ossl_old_des_ks_struct DES_enc_write((f),(b),(l),&(k),(iv)) #define des_fcrypt(b,s,r)\ DES_fcrypt((b),(s),(r)) +#if 0 #define des_crypt(b,s)\ DES_crypt((b),(s)) -#if 0 #if !defined(PERL5) && !defined(__FreeBSD__) && !defined(NeXT) && !defined(__OpenBSD__) #define crypt(b,s)\ DES_crypt((b),(s)) @@ -360,9 +364,10 @@ void _ossl_old_des_ede3_cfb64_encrypt(unsigned char *in, unsigned char *out, void _ossl_old_des_ede3_ofb64_encrypt(unsigned char *in, unsigned char *out, long length, _ossl_old_des_key_schedule ks1, _ossl_old_des_key_schedule ks2, _ossl_old_des_key_schedule ks3, _ossl_old_des_cblock *ivec, int *num); - +#if 0 void _ossl_old_des_xwhite_in2out(_ossl_old_des_cblock (*des_key), _ossl_old_des_cblock (*in_white), _ossl_old_des_cblock (*out_white)); +#endif int _ossl_old_des_enc_read(int fd,char *buf,int len,_ossl_old_des_key_schedule sched, _ossl_old_des_cblock *iv); diff --git a/src/lib/libssl/src/crypto/des/des_opts.c b/src/lib/libssl/src/crypto/des/des_opts.c index 79278b920e..2df82962c5 100644 --- a/src/lib/libssl/src/crypto/des/des_opts.c +++ b/src/lib/libssl/src/crypto/des/des_opts.c @@ -71,7 +71,11 @@ #include extern void exit(); #endif + +#ifndef OPENSSL_SYS_NETWARE #include +#endif + #ifndef _IRIX #include #endif diff --git a/src/lib/libssl/src/crypto/des/des_ver.h b/src/lib/libssl/src/crypto/des/des_ver.h index 379bbadda2..d1ada258a6 100644 --- a/src/lib/libssl/src/crypto/des/des_ver.h +++ b/src/lib/libssl/src/crypto/des/des_ver.h @@ -67,5 +67,5 @@ #define DES_version OSSL_DES_version #define libdes_version OSSL_libdes_version -OPENSSL_EXTERN const char *OSSL_DES_version; /* SSLeay version string */ -OPENSSL_EXTERN const char *OSSL_libdes_version; /* old libdes version string */ +OPENSSL_EXTERN const char OSSL_DES_version[]; /* SSLeay version string */ +OPENSSL_EXTERN const char OSSL_libdes_version[]; /* old libdes version string */ diff --git a/src/lib/libssl/src/crypto/des/destest.c b/src/lib/libssl/src/crypto/des/destest.c index e3e9d77f14..64b92a34fe 100644 --- a/src/lib/libssl/src/crypto/des/destest.c +++ b/src/lib/libssl/src/crypto/des/destest.c @@ -84,7 +84,7 @@ int main(int argc, char *argv[]) #else #include -#define crypt(c,s) (des_crypt((c),(s))) +#define crypt(c,s) (DES_crypt((c),(s))) /* tisk tisk - the test keys don't all have odd parity :-( */ /* test data */ @@ -333,7 +333,8 @@ static int cfb64_test(unsigned char *cfb_cipher); static int ede_cfb64_test(unsigned char *cfb_cipher); int main(int argc, char *argv[]) { - int i,j,err=0; + int j,err=0; + unsigned int i; des_cblock in,out,outin,iv3,iv2; des_key_schedule ks,ks2,ks3; unsigned char cbc_in[40]; @@ -391,7 +392,7 @@ int main(int argc, char *argv[]) DES_ede3_cbcm_encrypt(cbc_out,cbc_in,i,&ks,&ks2,&ks3,&iv3,&iv2,DES_DECRYPT); if (memcmp(cbc_in,cbc_data,strlen((char *)cbc_data)+1) != 0) { - int n; + unsigned int n; printf("des_ede3_cbcm_encrypt decrypt error\n"); for(n=0 ; n < i ; ++n) @@ -439,8 +440,8 @@ int main(int argc, char *argv[]) memcpy(in,plain_data[i],8); memset(out,0,8); memset(outin,0,8); - des_ecb2_encrypt(in,out,ks,ks2,DES_ENCRYPT); - des_ecb2_encrypt(out,outin,ks,ks2,DES_DECRYPT); + des_ecb2_encrypt(&in,&out,ks,ks2,DES_ENCRYPT); + des_ecb2_encrypt(&out,&outin,ks,ks2,DES_DECRYPT); if (memcmp(out,cipher_ecb2[i],8) != 0) { @@ -540,7 +541,7 @@ int main(int argc, char *argv[]) if (memcmp(cbc_out,cbc3_ok, (unsigned int)(strlen((char *)cbc_data)+1+7)/8*8) != 0) { - int n; + unsigned int n; printf("des_ede3_cbc_encrypt encrypt error\n"); for(n=0 ; n < i ; ++n) @@ -556,7 +557,7 @@ int main(int argc, char *argv[]) des_ede3_cbc_encrypt(cbc_out,cbc_in,i,ks,ks2,ks3,&iv3,DES_DECRYPT); if (memcmp(cbc_in,cbc_data,strlen((char *)cbc_data)+1) != 0) { - int n; + unsigned int n; printf("des_ede3_cbc_encrypt decrypt error\n"); for(n=0 ; n < i ; ++n) @@ -820,6 +821,9 @@ plain[8+4], plain[8+5], plain[8+6], plain[8+7]); printf("fast crypt error, %s should be yA1Rp/1hZXIJk\n",str); err=1; } +#ifdef OPENSSL_SYS_NETWARE + if (err) printf("ERROR: %d\n", err); +#endif printf("\n"); return(err); } diff --git a/src/lib/libssl/src/crypto/des/ecb3_enc.c b/src/lib/libssl/src/crypto/des/ecb3_enc.c index fa0c9c4d4f..c3437bc606 100644 --- a/src/lib/libssl/src/crypto/des/ecb3_enc.c +++ b/src/lib/libssl/src/crypto/des/ecb3_enc.c @@ -58,13 +58,15 @@ #include "des_locl.h" -void DES_ecb3_encrypt(const unsigned char *in, unsigned char *out, +void DES_ecb3_encrypt(const_DES_cblock *input, DES_cblock *output, DES_key_schedule *ks1, DES_key_schedule *ks2, DES_key_schedule *ks3, int enc) { register DES_LONG l0,l1; DES_LONG ll[2]; + const unsigned char *in = &(*input)[0]; + unsigned char *out = &(*output)[0]; c2l(in,l0); c2l(in,l1); diff --git a/src/lib/libssl/src/crypto/des/ecb_enc.c b/src/lib/libssl/src/crypto/des/ecb_enc.c index 784aa5ba23..00d5b91e8c 100644 --- a/src/lib/libssl/src/crypto/des/ecb_enc.c +++ b/src/lib/libssl/src/crypto/des/ecb_enc.c @@ -62,8 +62,8 @@ #include #include -OPENSSL_GLOBAL const char *libdes_version="libdes" OPENSSL_VERSION_PTEXT; -OPENSSL_GLOBAL const char *DES_version="DES" OPENSSL_VERSION_PTEXT; +OPENSSL_GLOBAL const char libdes_version[]="libdes" OPENSSL_VERSION_PTEXT; +OPENSSL_GLOBAL const char DES_version[]="DES" OPENSSL_VERSION_PTEXT; const char *DES_options(void) { diff --git a/src/lib/libssl/src/crypto/des/ede_cbcm_enc.c b/src/lib/libssl/src/crypto/des/ede_cbcm_enc.c index fa45aa272b..adfcb75cf3 100644 --- a/src/lib/libssl/src/crypto/des/ede_cbcm_enc.c +++ b/src/lib/libssl/src/crypto/des/ede_cbcm_enc.c @@ -68,6 +68,8 @@ http://www.cs.technion.ac.il/users/wwwb/cgi-bin/tr-get.cgi/1998/CS/CS0928.ps.gz */ +#include /* To see if OPENSSL_NO_DESCBCM is defined */ + #ifndef OPENSSL_NO_DESCBCM #include "des_locl.h" diff --git a/src/lib/libssl/src/crypto/des/fcrypt.c b/src/lib/libssl/src/crypto/des/fcrypt.c index 2758c32656..ccbdff250f 100644 --- a/src/lib/libssl/src/crypto/des/fcrypt.c +++ b/src/lib/libssl/src/crypto/des/fcrypt.c @@ -58,9 +58,6 @@ static unsigned const char cov_2char[64]={ 0x73,0x74,0x75,0x76,0x77,0x78,0x79,0x7A }; -void fcrypt_body(DES_LONG *out,DES_key_schedule *ks, - DES_LONG Eswap0, DES_LONG Eswap1); - char *DES_crypt(const char *buf, const char *salt) { static char buff[14]; diff --git a/src/lib/libssl/src/crypto/des/read2pwd.c b/src/lib/libssl/src/crypto/des/read2pwd.c index 3a63c4016c..ee6969f76e 100644 --- a/src/lib/libssl/src/crypto/des/read2pwd.c +++ b/src/lib/libssl/src/crypto/des/read2pwd.c @@ -112,6 +112,7 @@ #include #include #include +#include int DES_read_password(DES_cblock *key, const char *prompt, int verify) { diff --git a/src/lib/libssl/src/crypto/des/set_key.c b/src/lib/libssl/src/crypto/des/set_key.c index 8881d46a7a..a43ef3c881 100644 --- a/src/lib/libssl/src/crypto/des/set_key.c +++ b/src/lib/libssl/src/crypto/des/set_key.c @@ -65,8 +65,6 @@ */ #include "des_locl.h" -#ifndef OPENSSL_FIPS - OPENSSL_IMPLEMENT_GLOBAL(int,DES_check_key); /* defaults to false */ static const unsigned char odd_parity[256]={ @@ -89,7 +87,7 @@ static const unsigned char odd_parity[256]={ void DES_set_odd_parity(DES_cblock *key) { - int i; + unsigned int i; for (i=0; i +#define crypt(c,s) (des_crypt((c),(s))) +#endif + #ifndef _IRIX #include #endif diff --git a/src/lib/libssl/src/crypto/des/str2key.c b/src/lib/libssl/src/crypto/des/str2key.c index 0373db469c..9c2054bda6 100644 --- a/src/lib/libssl/src/crypto/des/str2key.c +++ b/src/lib/libssl/src/crypto/des/str2key.c @@ -57,6 +57,7 @@ */ #include "des_locl.h" +#include void DES_string_to_key(const char *str, DES_cblock *key) { diff --git a/src/lib/libssl/src/crypto/des/xcbc_enc.c b/src/lib/libssl/src/crypto/des/xcbc_enc.c index 47246eb466..dc0c761b71 100644 --- a/src/lib/libssl/src/crypto/des/xcbc_enc.c +++ b/src/lib/libssl/src/crypto/des/xcbc_enc.c @@ -60,6 +60,7 @@ /* RSA's DESX */ +#if 0 /* broken code, preserved just in case anyone specifically looks for this */ static unsigned char desx_white_in2out[256]={ 0xBD,0x56,0xEA,0xF2,0xA2,0xF1,0xAC,0x2A,0xB0,0x93,0xD1,0x9C,0x1B,0x33,0xFD,0xD0, 0x30,0x04,0xB6,0xDC,0x7D,0xDF,0x32,0x4B,0xF7,0xCB,0x45,0x9B,0x31,0xBB,0x21,0x5A, @@ -98,7 +99,7 @@ void DES_xwhite_in2out(const_DES_cblock *des_key, const_DES_cblock *in_white, } out0=out[0]; - out1=out[i]; + out1=out[i]; /* BUG: out-of-bounds read */ for (i=0; i<8; i++) { out[i]=in[i]^desx_white_in2out[out0^out1]; @@ -106,6 +107,7 @@ void DES_xwhite_in2out(const_DES_cblock *des_key, const_DES_cblock *in_white, out1=(int)out[i&0x07]; } } +#endif void DES_xcbc_encrypt(const unsigned char *in, unsigned char *out, long length, DES_key_schedule *schedule, diff --git a/src/lib/libssl/src/crypto/dh/Makefile b/src/lib/libssl/src/crypto/dh/Makefile index 352678b94a..d368e33b4c 100644 --- a/src/lib/libssl/src/crypto/dh/Makefile +++ b/src/lib/libssl/src/crypto/dh/Makefile @@ -7,11 +7,6 @@ TOP= ../.. CC= cc INCLUDES= -I.. -I$(TOP) -I../../include CFLAG=-g -INSTALL_PREFIX= -OPENSSLDIR= /usr/local/ssl -INSTALLTOP=/usr/local/ssl -MAKEDEPPROG= makedepend -MAKEDEPEND= $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG) MAKEFILE= Makefile AR= ar r @@ -22,8 +17,8 @@ TEST= dhtest.c APPS= LIB=$(TOP)/libcrypto.a -LIBSRC= dh_asn1.c dh_gen.c dh_key.c dh_lib.c dh_check.c dh_err.c -LIBOBJ= dh_asn1.o dh_gen.o dh_key.o dh_lib.o dh_check.o dh_err.o +LIBSRC= dh_asn1.c dh_gen.c dh_key.c dh_lib.c dh_check.c dh_err.c dh_depr.c +LIBOBJ= dh_asn1.o dh_gen.o dh_key.o dh_lib.o dh_check.o dh_err.o dh_depr.o SRC= $(LIBSRC) @@ -51,6 +46,7 @@ links: @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS) install: + @[ -n "$(INSTALLTOP)" ] # should be set by top Makefile... @headerlist="$(EXHEADER)"; for i in $$headerlist ; \ do \ (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \ @@ -66,6 +62,7 @@ lint: lint -DLINT $(INCLUDES) $(SRC)>fluff depend: + @[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile... $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC) dclean: @@ -95,13 +92,21 @@ dh_check.o: ../../include/openssl/opensslconf.h dh_check.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h dh_check.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h dh_check.o: ../../include/openssl/symhacks.h ../cryptlib.h dh_check.c -dh_err.o: ../../include/openssl/bio.h ../../include/openssl/bn.h -dh_err.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h -dh_err.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -dh_err.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h -dh_err.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -dh_err.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h -dh_err.o: ../../include/openssl/symhacks.h dh_err.c +dh_depr.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h +dh_depr.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h +dh_depr.o: ../../include/openssl/dh.h ../../include/openssl/e_os2.h +dh_depr.o: ../../include/openssl/err.h ../../include/openssl/lhash.h +dh_depr.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h +dh_depr.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h +dh_depr.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +dh_depr.o: ../cryptlib.h dh_depr.c +dh_err.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h +dh_err.o: ../../include/openssl/dh.h ../../include/openssl/e_os2.h +dh_err.o: ../../include/openssl/err.h ../../include/openssl/lhash.h +dh_err.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h +dh_err.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h +dh_err.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +dh_err.o: dh_err.c dh_gen.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h dh_gen.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h dh_gen.o: ../../include/openssl/dh.h ../../include/openssl/e_os2.h @@ -118,14 +123,11 @@ dh_key.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h dh_key.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h dh_key.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h dh_key.o: ../../include/openssl/symhacks.h ../cryptlib.h dh_key.c -dh_lib.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h -dh_lib.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -dh_lib.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h -dh_lib.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h +dh_lib.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h +dh_lib.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h +dh_lib.o: ../../include/openssl/dh.h ../../include/openssl/e_os2.h dh_lib.o: ../../include/openssl/engine.h ../../include/openssl/err.h dh_lib.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h dh_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -dh_lib.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h dh_lib.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h -dh_lib.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -dh_lib.o: ../cryptlib.h dh_lib.c +dh_lib.o: ../../include/openssl/symhacks.h ../cryptlib.h dh_lib.c diff --git a/src/lib/libssl/src/crypto/dh/dh.h b/src/lib/libssl/src/crypto/dh/dh.h index 92c7481e10..ccdf35ae1c 100644 --- a/src/lib/libssl/src/crypto/dh/dh.h +++ b/src/lib/libssl/src/crypto/dh/dh.h @@ -59,6 +59,8 @@ #ifndef HEADER_DH_H #define HEADER_DH_H +#include + #ifdef OPENSSL_NO_DH #error DH is disabled. #endif @@ -66,10 +68,15 @@ #ifndef OPENSSL_NO_BIO #include #endif -#include -#include #include +#ifndef OPENSSL_NO_DEPRECATED +#include +#endif +#ifndef OPENSSL_DH_MAX_MODULUS_BITS +# define OPENSSL_DH_MAX_MODULUS_BITS 10000 +#endif + #define DH_FLAG_CACHE_MONT_P 0x01 #define DH_FLAG_NO_EXP_CONSTTIME 0x02 /* new with 0.9.7h; the built-in DH * implementation now uses constant time @@ -83,9 +90,12 @@ extern "C" { #endif -typedef struct dh_st DH; +/* Already defined in ossl_typ.h */ +/* typedef struct dh_st DH; */ +/* typedef struct dh_method DH_METHOD; */ -typedef struct dh_method { +struct dh_method + { const char *name; /* Methods here */ int (*generate_key)(DH *dh); @@ -98,7 +108,9 @@ typedef struct dh_method { int (*finish)(DH *dh); int flags; char *app_data; -} DH_METHOD; + /* If this is non-NULL, it will be used to generate parameters */ + int (*generate_params)(DH *dh, int prime_len, int generator, BN_GENCB *cb); + }; struct dh_st { @@ -113,7 +125,7 @@ struct dh_st BIGNUM *priv_key; /* x */ int flags; - char *method_mont_p; + BN_MONT_CTX *method_mont_p; /* Place holders if we want to do X9.42 DH */ BIGNUM *q; BIGNUM *j; @@ -137,25 +149,21 @@ struct dh_st #define DH_UNABLE_TO_CHECK_GENERATOR 0x04 #define DH_NOT_SUITABLE_GENERATOR 0x08 +/* DH_check_pub_key error codes */ +#define DH_CHECK_PUBKEY_TOO_SMALL 0x01 +#define DH_CHECK_PUBKEY_TOO_LARGE 0x02 + /* primes p where (p-1)/2 is prime too are called "safe"; we define this for backward compatibility: */ #define DH_CHECK_P_NOT_STRONG_PRIME DH_CHECK_P_NOT_SAFE_PRIME -#define DHparams_dup(x) (DH *)ASN1_dup((int (*)())i2d_DHparams, \ - (char *(*)())d2i_DHparams,(char *)(x)) +#define DHparams_dup(x) ASN1_dup_of_const(DH,i2d_DHparams,d2i_DHparams,x) #define d2i_DHparams_fp(fp,x) (DH *)ASN1_d2i_fp((char *(*)())DH_new, \ (char *(*)())d2i_DHparams,(fp),(unsigned char **)(x)) #define i2d_DHparams_fp(fp,x) ASN1_i2d_fp(i2d_DHparams,(fp), \ (unsigned char *)(x)) -#define d2i_DHparams_bio(bp,x) (DH *)ASN1_d2i_bio((char *(*)())DH_new, \ - (char *(*)())d2i_DHparams,(bp),(unsigned char **)(x)) -#ifdef __cplusplus -#define i2d_DHparams_bio(bp,x) ASN1_i2d_bio((int (*)())i2d_DHparams,(bp), \ - (unsigned char *)(x)) -#else -#define i2d_DHparams_bio(bp,x) ASN1_i2d_bio(i2d_DHparams,(bp), \ - (unsigned char *)(x)) -#endif +#define d2i_DHparams_bio(bp,x) ASN1_d2i_bio_of(DH,DH_new,d2i_DHparams,bp,x) +#define i2d_DHparams_bio(bp,x) ASN1_i2d_bio_of_const(DH,i2d_DHparams,bp,x) const DH_METHOD *DH_OpenSSL(void); @@ -172,9 +180,18 @@ int DH_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func, CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func); int DH_set_ex_data(DH *d, int idx, void *arg); void *DH_get_ex_data(DH *d, int idx); + +/* Deprecated version */ +#ifndef OPENSSL_NO_DEPRECATED DH * DH_generate_parameters(int prime_len,int generator, void (*callback)(int,int,void *),void *cb_arg); +#endif /* !defined(OPENSSL_NO_DEPRECATED) */ + +/* New version */ +int DH_generate_parameters_ex(DH *dh, int prime_len,int generator, BN_GENCB *cb); + int DH_check(const DH *dh,int *codes); +int DH_check_pub_key(const DH *dh,const BIGNUM *pub_key, int *codes); int DH_generate_key(DH *dh); int DH_compute_key(unsigned char *key,const BIGNUM *pub_key,DH *dh); DH * d2i_DHparams(DH **a,const unsigned char **pp, long length); @@ -197,15 +214,18 @@ void ERR_load_DH_strings(void); /* Error codes for the DH functions. */ /* Function codes. */ +#define DH_F_COMPUTE_KEY 102 #define DH_F_DHPARAMS_PRINT 100 #define DH_F_DHPARAMS_PRINT_FP 101 -#define DH_F_DH_COMPUTE_KEY 102 -#define DH_F_DH_GENERATE_KEY 103 -#define DH_F_DH_GENERATE_PARAMETERS 104 +#define DH_F_DH_BUILTIN_GENPARAMS 106 #define DH_F_DH_NEW_METHOD 105 +#define DH_F_GENERATE_KEY 103 +#define DH_F_GENERATE_PARAMETERS 104 /* Reason codes. */ #define DH_R_BAD_GENERATOR 101 +#define DH_R_INVALID_PUBKEY 102 +#define DH_R_MODULUS_TOO_LARGE 103 #define DH_R_NO_PRIVATE_VALUE 100 #ifdef __cplusplus diff --git a/src/lib/libssl/src/crypto/dh/dh_check.c b/src/lib/libssl/src/crypto/dh/dh_check.c index a7e9920efb..b846913004 100644 --- a/src/lib/libssl/src/crypto/dh/dh_check.c +++ b/src/lib/libssl/src/crypto/dh/dh_check.c @@ -62,7 +62,7 @@ #include /* Check that p is a safe prime and - * if g is 2, 3 or 5, check that is is a suitable generator + * if g is 2, 3 or 5, check that it is a suitable generator * where * for 2, p mod 24 == 11 * for 3, p mod 12 == 5 @@ -70,8 +70,6 @@ * should hold. */ -#ifndef OPENSSL_FIPS - int DH_check(const DH *dh, int *ret) { int ok=0; @@ -106,12 +104,12 @@ int DH_check(const DH *dh, int *ret) else *ret|=DH_UNABLE_TO_CHECK_GENERATOR; - if (!BN_is_prime(dh->p,BN_prime_checks,NULL,ctx,NULL)) + if (!BN_is_prime_ex(dh->p,BN_prime_checks,ctx,NULL)) *ret|=DH_CHECK_P_NOT_PRIME; else { if (!BN_rshift1(q,dh->p)) goto err; - if (!BN_is_prime(q,BN_prime_checks,NULL,ctx,NULL)) + if (!BN_is_prime_ex(q,BN_prime_checks,ctx,NULL)) *ret|=DH_CHECK_P_NOT_SAFE_PRIME; } ok=1; @@ -121,4 +119,24 @@ err: return(ok); } -#endif +int DH_check_pub_key(const DH *dh, const BIGNUM *pub_key, int *ret) + { + int ok=0; + BIGNUM *q=NULL; + + *ret=0; + q=BN_new(); + if (q == NULL) goto err; + BN_set_word(q,1); + if (BN_cmp(pub_key,q) <= 0) + *ret|=DH_CHECK_PUBKEY_TOO_SMALL; + BN_copy(q,dh->p); + BN_sub_word(q,1); + if (BN_cmp(pub_key,q) >= 0) + *ret|=DH_CHECK_PUBKEY_TOO_LARGE; + + ok = 1; +err: + if (q != NULL) BN_free(q); + return(ok); + } diff --git a/src/lib/libssl/src/crypto/dh/dh_err.c b/src/lib/libssl/src/crypto/dh/dh_err.c index 83ccb41221..a2d8196ecb 100644 --- a/src/lib/libssl/src/crypto/dh/dh_err.c +++ b/src/lib/libssl/src/crypto/dh/dh_err.c @@ -70,18 +70,21 @@ static ERR_STRING_DATA DH_str_functs[]= { +{ERR_FUNC(DH_F_COMPUTE_KEY), "COMPUTE_KEY"}, {ERR_FUNC(DH_F_DHPARAMS_PRINT), "DHparams_print"}, {ERR_FUNC(DH_F_DHPARAMS_PRINT_FP), "DHparams_print_fp"}, -{ERR_FUNC(DH_F_DH_COMPUTE_KEY), "DH_compute_key"}, -{ERR_FUNC(DH_F_DH_GENERATE_KEY), "DH_generate_key"}, -{ERR_FUNC(DH_F_DH_GENERATE_PARAMETERS), "DH_generate_parameters"}, +{ERR_FUNC(DH_F_DH_BUILTIN_GENPARAMS), "DH_BUILTIN_GENPARAMS"}, {ERR_FUNC(DH_F_DH_NEW_METHOD), "DH_new_method"}, +{ERR_FUNC(DH_F_GENERATE_KEY), "GENERATE_KEY"}, +{ERR_FUNC(DH_F_GENERATE_PARAMETERS), "GENERATE_PARAMETERS"}, {0,NULL} }; static ERR_STRING_DATA DH_str_reasons[]= { {ERR_REASON(DH_R_BAD_GENERATOR) ,"bad generator"}, +{ERR_REASON(DH_R_INVALID_PUBKEY) ,"invalid public key"}, +{ERR_REASON(DH_R_MODULUS_TOO_LARGE) ,"modulus too large"}, {ERR_REASON(DH_R_NO_PRIVATE_VALUE) ,"no private value"}, {0,NULL} }; @@ -90,15 +93,12 @@ static ERR_STRING_DATA DH_str_reasons[]= void ERR_load_DH_strings(void) { - static int init=1; +#ifndef OPENSSL_NO_ERR - if (init) + if (ERR_func_error_string(DH_str_functs[0].error) == NULL) { - init=0; -#ifndef OPENSSL_NO_ERR ERR_load_strings(0,DH_str_functs); ERR_load_strings(0,DH_str_reasons); -#endif - } +#endif } diff --git a/src/lib/libssl/src/crypto/dh/dh_gen.c b/src/lib/libssl/src/crypto/dh/dh_gen.c index 23777f5a16..cfd5b11868 100644 --- a/src/lib/libssl/src/crypto/dh/dh_gen.c +++ b/src/lib/libssl/src/crypto/dh/dh_gen.c @@ -56,11 +56,25 @@ * [including the GNU Public Licence.] */ +/* NB: These functions have been upgraded - the previous prototypes are in + * dh_depr.c as wrappers to these ones. + * - Geoff + */ + #include #include "cryptlib.h" #include #include +static int dh_builtin_genparams(DH *ret, int prime_len, int generator, BN_GENCB *cb); + +int DH_generate_parameters_ex(DH *ret, int prime_len, int generator, BN_GENCB *cb) + { + if(ret->meth->generate_params) + return ret->meth->generate_params(ret, prime_len, generator, cb); + return dh_builtin_genparams(ret, prime_len, generator, cb); + } + /* We generate DH parameters as follows * find a prime q which is prime_len/2 bits long. * p=(2*q)+1 or (p-1)/2 = q @@ -86,29 +100,26 @@ * It's just as OK (and in some sense better) to use a generator of the * order-q subgroup. */ - -#ifndef OPENSSL_FIPS - -DH *DH_generate_parameters(int prime_len, int generator, - void (*callback)(int,int,void *), void *cb_arg) +static int dh_builtin_genparams(DH *ret, int prime_len, int generator, BN_GENCB *cb) { - BIGNUM *p=NULL,*t1,*t2; - DH *ret=NULL; + BIGNUM *t1,*t2; int g,ok= -1; BN_CTX *ctx=NULL; - ret=DH_new(); - if (ret == NULL) goto err; ctx=BN_CTX_new(); if (ctx == NULL) goto err; BN_CTX_start(ctx); t1 = BN_CTX_get(ctx); t2 = BN_CTX_get(ctx); if (t1 == NULL || t2 == NULL) goto err; + + /* Make sure 'ret' has the necessary elements */ + if(!ret->p && ((ret->p = BN_new()) == NULL)) goto err; + if(!ret->g && ((ret->g = BN_new()) == NULL)) goto err; if (generator <= 1) { - DHerr(DH_F_DH_GENERATE_PARAMETERS, DH_R_BAD_GENERATOR); + DHerr(DH_F_DH_BUILTIN_GENPARAMS, DH_R_BAD_GENERATOR); goto err; } if (generator == DH_GENERATOR_2) @@ -144,18 +155,14 @@ DH *DH_generate_parameters(int prime_len, int generator, g=generator; } - p=BN_generate_prime(NULL,prime_len,1,t1,t2,callback,cb_arg); - if (p == NULL) goto err; - if (callback != NULL) callback(3,0,cb_arg); - ret->p=p; - ret->g=BN_new(); - if (ret->g == NULL) goto err; + if(!BN_generate_prime_ex(ret->p,prime_len,1,t1,t2,cb)) goto err; + if(!BN_GENCB_call(cb, 3, 0)) goto err; if (!BN_set_word(ret->g,g)) goto err; ok=1; err: if (ok == -1) { - DHerr(DH_F_DH_GENERATE_PARAMETERS,ERR_R_BN_LIB); + DHerr(DH_F_DH_BUILTIN_GENPARAMS,ERR_R_BN_LIB); ok=0; } @@ -164,12 +171,5 @@ err: BN_CTX_end(ctx); BN_CTX_free(ctx); } - if (!ok && (ret != NULL)) - { - DH_free(ret); - ret=NULL; - } - return(ret); + return ok; } - -#endif diff --git a/src/lib/libssl/src/crypto/dh/dh_key.c b/src/lib/libssl/src/crypto/dh/dh_key.c index 3a39f7c8ca..e7db440342 100644 --- a/src/lib/libssl/src/crypto/dh/dh_key.c +++ b/src/lib/libssl/src/crypto/dh/dh_key.c @@ -62,8 +62,6 @@ #include #include -#ifndef OPENSSL_FIPS - static int generate_key(DH *dh); static int compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh); static int dh_bn_mod_exp(const DH *dh, BIGNUM *r, @@ -91,6 +89,7 @@ dh_bn_mod_exp, dh_init, dh_finish, 0, +NULL, NULL }; @@ -131,8 +130,7 @@ static int generate_key(DH *dh) if (dh->flags & DH_FLAG_CACHE_MONT_P) { - mont = BN_MONT_CTX_set_locked( - (BN_MONT_CTX **)&dh->method_mont_p, + mont = BN_MONT_CTX_set_locked(&dh->method_mont_p, CRYPTO_LOCK_DH, dh->p, ctx); if (!mont) goto err; @@ -152,7 +150,7 @@ static int generate_key(DH *dh) { BN_init(&local_prk); prk = &local_prk; - BN_with_flags(prk, priv_key, BN_FLG_EXP_CONSTTIME); + BN_with_flags(prk, priv_key, BN_FLG_CONSTTIME); } else prk = priv_key; @@ -165,7 +163,7 @@ static int generate_key(DH *dh) ok=1; err: if (ok != 1) - DHerr(DH_F_DH_GENERATE_KEY,ERR_R_BN_LIB); + DHerr(DH_F_GENERATE_KEY,ERR_R_BN_LIB); if ((pub_key != NULL) && (dh->pub_key == NULL)) BN_free(pub_key); if ((priv_key != NULL) && (dh->priv_key == NULL)) BN_free(priv_key); @@ -175,10 +173,17 @@ err: static int compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh) { - BN_CTX *ctx; + BN_CTX *ctx=NULL; BN_MONT_CTX *mont=NULL; BIGNUM *tmp; int ret= -1; + int check_result; + + if (BN_num_bits(dh->p) > OPENSSL_DH_MAX_MODULUS_BITS) + { + DHerr(DH_F_COMPUTE_KEY,DH_R_MODULUS_TOO_LARGE); + goto err; + } ctx = BN_CTX_new(); if (ctx == NULL) goto err; @@ -187,27 +192,32 @@ static int compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh) if (dh->priv_key == NULL) { - DHerr(DH_F_DH_COMPUTE_KEY,DH_R_NO_PRIVATE_VALUE); + DHerr(DH_F_COMPUTE_KEY,DH_R_NO_PRIVATE_VALUE); goto err; } if (dh->flags & DH_FLAG_CACHE_MONT_P) { - mont = BN_MONT_CTX_set_locked( - (BN_MONT_CTX **)&dh->method_mont_p, + mont = BN_MONT_CTX_set_locked(&dh->method_mont_p, CRYPTO_LOCK_DH, dh->p, ctx); if ((dh->flags & DH_FLAG_NO_EXP_CONSTTIME) == 0) { /* XXX */ - BN_set_flags(dh->priv_key, BN_FLG_EXP_CONSTTIME); + BN_set_flags(dh->priv_key, BN_FLG_CONSTTIME); } if (!mont) goto err; } + if (!DH_check_pub_key(dh, pub_key, &check_result) || check_result) + { + DHerr(DH_F_COMPUTE_KEY,DH_R_INVALID_PUBKEY); + goto err; + } + if (!dh->meth->bn_mod_exp(dh, tmp, pub_key, dh->priv_key,dh->p,ctx,mont)) { - DHerr(DH_F_DH_COMPUTE_KEY,ERR_R_BN_LIB); + DHerr(DH_F_COMPUTE_KEY,ERR_R_BN_LIB); goto err; } @@ -248,8 +258,6 @@ static int dh_init(DH *dh) static int dh_finish(DH *dh) { if(dh->method_mont_p) - BN_MONT_CTX_free((BN_MONT_CTX *)dh->method_mont_p); + BN_MONT_CTX_free(dh->method_mont_p); return(1); } - -#endif diff --git a/src/lib/libssl/src/crypto/dh/dh_lib.c b/src/lib/libssl/src/crypto/dh/dh_lib.c index 09965ee2ea..7aef080e7a 100644 --- a/src/lib/libssl/src/crypto/dh/dh_lib.c +++ b/src/lib/libssl/src/crypto/dh/dh_lib.c @@ -64,7 +64,7 @@ #include #endif -const char *DH_version="Diffie-Hellman" OPENSSL_VERSION_PTEXT; +const char DH_version[]="Diffie-Hellman" OPENSSL_VERSION_PTEXT; static const DH_METHOD *default_DH_method = NULL; diff --git a/src/lib/libssl/src/crypto/dh/dhtest.c b/src/lib/libssl/src/crypto/dh/dhtest.c index b76dede771..882f5c310a 100644 --- a/src/lib/libssl/src/crypto/dh/dhtest.c +++ b/src/lib/libssl/src/crypto/dh/dhtest.c @@ -56,6 +56,12 @@ * [including the GNU Public Licence.] */ +/* Until the key-gen callbacks are modified to use newer prototypes, we allow + * deprecated functions for openssl-internal code */ +#ifdef OPENSSL_NO_DEPRECATED +#undef OPENSSL_NO_DEPRECATED +#endif + #include #include #include @@ -83,12 +89,13 @@ int main(int argc, char *argv[]) #define MS_CALLBACK #endif -static void MS_CALLBACK cb(int p, int n, void *arg); +static int MS_CALLBACK cb(int p, int n, BN_GENCB *arg); static const char rnd_seed[] = "string to make the random number generator think it has entropy"; int main(int argc, char *argv[]) { + BN_GENCB _cb; DH *a; DH *b=NULL; char buf[12]; @@ -110,8 +117,10 @@ int main(int argc, char *argv[]) if (out == NULL) EXIT(1); BIO_set_fp(out,stdout,BIO_NOCLOSE); - a=DH_generate_parameters(64,DH_GENERATOR_5,cb,out); - if (a == NULL) goto err; + BN_GENCB_set(&_cb, &cb, out); + if(((a = DH_new()) == NULL) || !DH_generate_parameters_ex(a, 64, + DH_GENERATOR_5, &_cb)) + goto err; if (!DH_check(a, &i)) goto err; if (i & DH_CHECK_P_NOT_PRIME) @@ -192,14 +201,14 @@ err: if(b != NULL) DH_free(b); if(a != NULL) DH_free(a); BIO_free(out); - CRYPTO_cleanup_all_ex_data(); - ERR_remove_state(0); - CRYPTO_mem_leaks_fp(stderr); +#ifdef OPENSSL_SYS_NETWARE + if (ret) printf("ERROR: %d\n", ret); +#endif EXIT(ret); return(ret); } -static void MS_CALLBACK cb(int p, int n, void *arg) +static int MS_CALLBACK cb(int p, int n, BN_GENCB *arg) { char c='*'; @@ -207,10 +216,11 @@ static void MS_CALLBACK cb(int p, int n, void *arg) if (p == 1) c='+'; if (p == 2) c='*'; if (p == 3) c='\n'; - BIO_write((BIO *)arg,&c,1); - (void)BIO_flush((BIO *)arg); + BIO_write(arg->arg,&c,1); + (void)BIO_flush(arg->arg); #ifdef LINT p=n; #endif + return 1; } #endif diff --git a/src/lib/libssl/src/crypto/dsa/Makefile b/src/lib/libssl/src/crypto/dsa/Makefile index 4f10278039..676baf7d49 100644 --- a/src/lib/libssl/src/crypto/dsa/Makefile +++ b/src/lib/libssl/src/crypto/dsa/Makefile @@ -7,11 +7,6 @@ TOP= ../.. CC= cc INCLUDES= -I.. -I$(TOP) -I../../include CFLAG=-g -INSTALL_PREFIX= -OPENSSLDIR= /usr/local/ssl -INSTALLTOP=/usr/local/ssl -MAKEDEPPROG= makedepend -MAKEDEPEND= $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG) MAKEFILE= Makefile AR= ar r @@ -23,9 +18,9 @@ APPS= LIB=$(TOP)/libcrypto.a LIBSRC= dsa_gen.c dsa_key.c dsa_lib.c dsa_asn1.c dsa_vrf.c dsa_sign.c \ - dsa_err.c dsa_ossl.c + dsa_err.c dsa_ossl.c dsa_depr.c LIBOBJ= dsa_gen.o dsa_key.o dsa_lib.o dsa_asn1.o dsa_vrf.o dsa_sign.o \ - dsa_err.o dsa_ossl.o + dsa_err.o dsa_ossl.o dsa_depr.o SRC= $(LIBSRC) @@ -53,6 +48,7 @@ links: @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS) install: + @[ -n "$(INSTALLTOP)" ] # should be set by top Makefile... @headerlist="$(EXHEADER)"; for i in $$headerlist ; \ do \ (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \ @@ -68,6 +64,7 @@ lint: lint -DLINT $(INCLUDES) $(SRC)>fluff depend: + @[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile... $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC) dclean: @@ -81,51 +78,50 @@ clean: dsa_asn1.o: ../../e_os.h ../../include/openssl/asn1.h dsa_asn1.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h -dsa_asn1.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -dsa_asn1.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h +dsa_asn1.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h dsa_asn1.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h dsa_asn1.o: ../../include/openssl/err.h ../../include/openssl/lhash.h dsa_asn1.o: ../../include/openssl/opensslconf.h dsa_asn1.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h dsa_asn1.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h dsa_asn1.o: ../../include/openssl/symhacks.h ../cryptlib.h dsa_asn1.c -dsa_err.o: ../../include/openssl/bio.h ../../include/openssl/bn.h -dsa_err.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h +dsa_depr.o: ../../e_os.h ../../include/openssl/asn1.h +dsa_depr.o: ../../include/openssl/bio.h ../../include/openssl/bn.h +dsa_depr.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h +dsa_depr.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h +dsa_depr.o: ../../include/openssl/err.h ../../include/openssl/evp.h +dsa_depr.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h +dsa_depr.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h +dsa_depr.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +dsa_depr.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h +dsa_depr.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +dsa_depr.o: ../../include/openssl/symhacks.h ../cryptlib.h dsa_depr.c +dsa_err.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h dsa_err.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h dsa_err.o: ../../include/openssl/err.h ../../include/openssl/lhash.h dsa_err.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h dsa_err.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h dsa_err.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h dsa_err.o: dsa_err.c -dsa_gen.o: ../../e_os.h ../../include/openssl/aes.h -dsa_gen.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -dsa_gen.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -dsa_gen.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -dsa_gen.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -dsa_gen.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h +dsa_gen.o: ../../e_os.h ../../include/openssl/asn1.h +dsa_gen.o: ../../include/openssl/bio.h ../../include/openssl/bn.h +dsa_gen.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h dsa_gen.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h dsa_gen.o: ../../include/openssl/err.h ../../include/openssl/evp.h -dsa_gen.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -dsa_gen.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -dsa_gen.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h -dsa_gen.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -dsa_gen.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -dsa_gen.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h -dsa_gen.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -dsa_gen.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h -dsa_gen.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h +dsa_gen.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h +dsa_gen.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h +dsa_gen.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +dsa_gen.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h dsa_gen.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -dsa_gen.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -dsa_gen.o: ../../include/openssl/ui_compat.h ../cryptlib.h dsa_gen.c +dsa_gen.o: ../../include/openssl/symhacks.h ../cryptlib.h dsa_gen.c dsa_key.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h dsa_key.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h -dsa_key.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -dsa_key.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -dsa_key.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h -dsa_key.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -dsa_key.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h -dsa_key.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -dsa_key.o: ../cryptlib.h dsa_key.c +dsa_key.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h +dsa_key.o: ../../include/openssl/err.h ../../include/openssl/lhash.h +dsa_key.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h +dsa_key.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h +dsa_key.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +dsa_key.o: ../../include/openssl/symhacks.h ../cryptlib.h dsa_key.c dsa_lib.o: ../../e_os.h ../../include/openssl/asn1.h dsa_lib.o: ../../include/openssl/bio.h ../../include/openssl/bn.h dsa_lib.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h @@ -133,16 +129,15 @@ dsa_lib.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h dsa_lib.o: ../../include/openssl/e_os2.h ../../include/openssl/engine.h dsa_lib.o: ../../include/openssl/err.h ../../include/openssl/lhash.h dsa_lib.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -dsa_lib.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h -dsa_lib.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h +dsa_lib.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h dsa_lib.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -dsa_lib.o: ../../include/openssl/ui.h ../cryptlib.h dsa_lib.c +dsa_lib.o: ../cryptlib.h dsa_lib.c dsa_ossl.o: ../../e_os.h ../../include/openssl/asn1.h dsa_ossl.o: ../../include/openssl/bio.h ../../include/openssl/bn.h dsa_ossl.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h -dsa_ossl.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -dsa_ossl.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -dsa_ossl.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h +dsa_ossl.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h +dsa_ossl.o: ../../include/openssl/err.h ../../include/openssl/lhash.h +dsa_ossl.o: ../../include/openssl/opensslconf.h dsa_ossl.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h dsa_ossl.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h dsa_ossl.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h @@ -150,24 +145,20 @@ dsa_ossl.o: ../cryptlib.h dsa_ossl.c dsa_sign.o: ../../e_os.h ../../include/openssl/asn1.h dsa_sign.o: ../../include/openssl/bio.h ../../include/openssl/bn.h dsa_sign.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h -dsa_sign.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -dsa_sign.o: ../../include/openssl/e_os2.h ../../include/openssl/engine.h -dsa_sign.o: ../../include/openssl/err.h ../../include/openssl/fips.h -dsa_sign.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h +dsa_sign.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h +dsa_sign.o: ../../include/openssl/err.h ../../include/openssl/lhash.h +dsa_sign.o: ../../include/openssl/opensslconf.h dsa_sign.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -dsa_sign.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h -dsa_sign.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h -dsa_sign.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h +dsa_sign.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h +dsa_sign.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h dsa_sign.o: ../cryptlib.h dsa_sign.c dsa_vrf.o: ../../e_os.h ../../include/openssl/asn1.h dsa_vrf.o: ../../include/openssl/asn1_mac.h ../../include/openssl/bio.h dsa_vrf.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -dsa_vrf.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h -dsa_vrf.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -dsa_vrf.o: ../../include/openssl/engine.h ../../include/openssl/err.h -dsa_vrf.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h -dsa_vrf.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -dsa_vrf.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h -dsa_vrf.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h +dsa_vrf.o: ../../include/openssl/crypto.h ../../include/openssl/dsa.h +dsa_vrf.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h +dsa_vrf.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h +dsa_vrf.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +dsa_vrf.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h dsa_vrf.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -dsa_vrf.o: ../../include/openssl/ui.h ../cryptlib.h dsa_vrf.c +dsa_vrf.o: ../cryptlib.h dsa_vrf.c diff --git a/src/lib/libssl/src/crypto/dsa/dsa.h b/src/lib/libssl/src/crypto/dsa/dsa.h index 851e3f0445..3a8fe5b56b 100644 --- a/src/lib/libssl/src/crypto/dsa/dsa.h +++ b/src/lib/libssl/src/crypto/dsa/dsa.h @@ -65,6 +65,8 @@ #ifndef HEADER_DSA_H #define HEADER_DSA_H +#include + #ifdef OPENSSL_NO_DSA #error DSA is disabled. #endif @@ -72,12 +74,19 @@ #ifndef OPENSSL_NO_BIO #include #endif -#include #include #include + +#ifndef OPENSSL_NO_DEPRECATED +#include #ifndef OPENSSL_NO_DH # include #endif +#endif + +#ifndef OPENSSL_DSA_MAX_MODULUS_BITS +# define OPENSSL_DSA_MAX_MODULUS_BITS 10000 +#endif #define DSA_FLAG_CACHE_MONT_P 0x01 #define DSA_FLAG_NO_EXP_CONSTTIME 0x02 /* new with 0.9.7h; the built-in DSA @@ -88,22 +97,13 @@ * be used for all exponents. */ -/* If this flag is set external DSA_METHOD callbacks are allowed in FIPS mode - * it is then the applications responsibility to ensure the external method - * is compliant. - */ - -#define DSA_FLAG_FIPS_EXTERNAL_METHOD_ALLOW 0x04 - -#if defined(OPENSSL_FIPS) -#define FIPS_DSA_SIZE_T int -#endif - #ifdef __cplusplus extern "C" { #endif -typedef struct dsa_st DSA; +/* Already defined in ossl_typ.h */ +/* typedef struct dsa_st DSA; */ +/* typedef struct dsa_method DSA_METHOD; */ typedef struct DSA_SIG_st { @@ -111,7 +111,8 @@ typedef struct DSA_SIG_st BIGNUM *s; } DSA_SIG; -typedef struct dsa_method { +struct dsa_method + { const char *name; DSA_SIG * (*dsa_do_sign)(const unsigned char *dgst, int dlen, DSA *dsa); int (*dsa_sign_setup)(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp, @@ -128,7 +129,14 @@ typedef struct dsa_method { int (*finish)(DSA *dsa); int flags; char *app_data; -} DSA_METHOD; + /* If this is non-NULL, it is used to generate DSA parameters */ + int (*dsa_paramgen)(DSA *dsa, int bits, + unsigned char *seed, int seed_len, + int *counter_ret, unsigned long *h_ret, + BN_GENCB *cb); + /* If this is non-NULL, it is used to generate DSA keys */ + int (*dsa_keygen)(DSA *dsa); + }; struct dsa_st { @@ -149,7 +157,7 @@ struct dsa_st int flags; /* Normally used to cache montgomery values */ - char *method_mont_p; + BN_MONT_CTX *method_mont_p; int references; CRYPTO_EX_DATA ex_data; const DSA_METHOD *meth; @@ -157,16 +165,13 @@ struct dsa_st ENGINE *engine; }; -#define DSAparams_dup(x) (DSA *)ASN1_dup((int (*)())i2d_DSAparams, \ - (char *(*)())d2i_DSAparams,(char *)(x)) +#define DSAparams_dup(x) ASN1_dup_of_const(DSA,i2d_DSAparams,d2i_DSAparams,x) #define d2i_DSAparams_fp(fp,x) (DSA *)ASN1_d2i_fp((char *(*)())DSA_new, \ (char *(*)())d2i_DSAparams,(fp),(unsigned char **)(x)) #define i2d_DSAparams_fp(fp,x) ASN1_i2d_fp(i2d_DSAparams,(fp), \ (unsigned char *)(x)) -#define d2i_DSAparams_bio(bp,x) (DSA *)ASN1_d2i_bio((char *(*)())DSA_new, \ - (char *(*)())d2i_DSAparams,(bp),(unsigned char **)(x)) -#define i2d_DSAparams_bio(bp,x) ASN1_i2d_bio(i2d_DSAparams,(bp), \ - (unsigned char *)(x)) +#define d2i_DSAparams_bio(bp,x) ASN1_d2i_bio_of(DSA,DSA_new,d2i_DSAparams,bp,x) +#define i2d_DSAparams_bio(bp,x) ASN1_i2d_bio_of_const(DSA,i2d_DSAparams,bp,x) DSA_SIG * DSA_SIG_new(void); @@ -204,10 +209,20 @@ void *DSA_get_ex_data(DSA *d, int idx); DSA * d2i_DSAPublicKey(DSA **a, const unsigned char **pp, long length); DSA * d2i_DSAPrivateKey(DSA **a, const unsigned char **pp, long length); DSA * d2i_DSAparams(DSA **a, const unsigned char **pp, long length); + +/* Deprecated version */ +#ifndef OPENSSL_NO_DEPRECATED DSA * DSA_generate_parameters(int bits, unsigned char *seed,int seed_len, int *counter_ret, unsigned long *h_ret,void (*callback)(int, int, void *),void *cb_arg); +#endif /* !defined(OPENSSL_NO_DEPRECATED) */ + +/* New version */ +int DSA_generate_parameters_ex(DSA *dsa, int bits, + unsigned char *seed,int seed_len, + int *counter_ret, unsigned long *h_ret, BN_GENCB *cb); + int DSA_generate_key(DSA *a); int i2d_DSAPublicKey(const DSA *a, unsigned char **pp); int i2d_DSAPrivateKey(const DSA *a, unsigned char **pp); @@ -259,8 +274,10 @@ void ERR_load_DSA_strings(void); #define DSA_F_SIG_CB 114 /* Reason codes. */ +#define DSA_R_BAD_Q_VALUE 102 #define DSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE 100 #define DSA_R_MISSING_PARAMETERS 101 +#define DSA_R_MODULUS_TOO_LARGE 103 #ifdef __cplusplus } diff --git a/src/lib/libssl/src/crypto/dsa/dsa_err.c b/src/lib/libssl/src/crypto/dsa/dsa_err.c index fd42053572..768711994b 100644 --- a/src/lib/libssl/src/crypto/dsa/dsa_err.c +++ b/src/lib/libssl/src/crypto/dsa/dsa_err.c @@ -89,8 +89,10 @@ static ERR_STRING_DATA DSA_str_functs[]= static ERR_STRING_DATA DSA_str_reasons[]= { +{ERR_REASON(DSA_R_BAD_Q_VALUE) ,"bad q value"}, {ERR_REASON(DSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE),"data too large for key size"}, {ERR_REASON(DSA_R_MISSING_PARAMETERS) ,"missing parameters"}, +{ERR_REASON(DSA_R_MODULUS_TOO_LARGE) ,"modulus too large"}, {0,NULL} }; @@ -98,15 +100,12 @@ static ERR_STRING_DATA DSA_str_reasons[]= void ERR_load_DSA_strings(void) { - static int init=1; +#ifndef OPENSSL_NO_ERR - if (init) + if (ERR_func_error_string(DSA_str_functs[0].error) == NULL) { - init=0; -#ifndef OPENSSL_NO_ERR ERR_load_strings(0,DSA_str_functs); ERR_load_strings(0,DSA_str_reasons); -#endif - } +#endif } diff --git a/src/lib/libssl/src/crypto/dsa/dsa_gen.c b/src/lib/libssl/src/crypto/dsa/dsa_gen.c index e40afeea51..ca0b86a6cf 100644 --- a/src/lib/libssl/src/crypto/dsa/dsa_gen.c +++ b/src/lib/libssl/src/crypto/dsa/dsa_gen.c @@ -69,6 +69,8 @@ #define HASH EVP_sha1() #endif +#include /* To see if OPENSSL_NO_SHA is defined */ + #ifndef OPENSSL_NO_SHA #include @@ -80,12 +82,24 @@ #include #include -#ifndef OPENSSL_FIPS -DSA *DSA_generate_parameters(int bits, +static int dsa_builtin_paramgen(DSA *ret, int bits, + unsigned char *seed_in, int seed_len, + int *counter_ret, unsigned long *h_ret, BN_GENCB *cb); + +int DSA_generate_parameters_ex(DSA *ret, int bits, + unsigned char *seed_in, int seed_len, + int *counter_ret, unsigned long *h_ret, BN_GENCB *cb) + { + if(ret->meth->dsa_paramgen) + return ret->meth->dsa_paramgen(ret, bits, seed_in, seed_len, + counter_ret, h_ret, cb); + return dsa_builtin_paramgen(ret, bits, seed_in, seed_len, + counter_ret, h_ret, cb); + } + +static int dsa_builtin_paramgen(DSA *ret, int bits, unsigned char *seed_in, int seed_len, - int *counter_ret, unsigned long *h_ret, - void (*callback)(int, int, void *), - void *cb_arg) + int *counter_ret, unsigned long *h_ret, BN_GENCB *cb) { int ok=0; unsigned char seed[SHA_DIGEST_LENGTH]; @@ -97,40 +111,43 @@ DSA *DSA_generate_parameters(int bits, int k,n=0,i,b,m=0; int counter=0; int r=0; - BN_CTX *ctx=NULL,*ctx2=NULL,*ctx3=NULL; + BN_CTX *ctx=NULL; unsigned int h=2; - DSA *ret=NULL; if (bits < 512) bits=512; bits=(bits+63)/64*64; - if (seed_len < 20) + /* NB: seed_len == 0 is special case: copy generated seed to + * seed_in if it is not NULL. + */ + if (seed_len && (seed_len < 20)) seed_in = NULL; /* seed buffer too small -- ignore */ if (seed_len > 20) seed_len = 20; /* App. 2.2 of FIPS PUB 186 allows larger SEED, * but our internal buffers are restricted to 160 bits*/ if ((seed_in != NULL) && (seed_len == 20)) + { memcpy(seed,seed_in,seed_len); + /* set seed_in to NULL to avoid it being copied back */ + seed_in = NULL; + } if ((ctx=BN_CTX_new()) == NULL) goto err; - if ((ctx2=BN_CTX_new()) == NULL) goto err; - if ((ctx3=BN_CTX_new()) == NULL) goto err; - if ((ret=DSA_new()) == NULL) goto err; if ((mont=BN_MONT_CTX_new()) == NULL) goto err; - BN_CTX_start(ctx2); - r0 = BN_CTX_get(ctx2); - g = BN_CTX_get(ctx2); - W = BN_CTX_get(ctx2); - q = BN_CTX_get(ctx2); - X = BN_CTX_get(ctx2); - c = BN_CTX_get(ctx2); - p = BN_CTX_get(ctx2); - test = BN_CTX_get(ctx2); - if (test == NULL) goto err; + BN_CTX_start(ctx); + r0 = BN_CTX_get(ctx); + g = BN_CTX_get(ctx); + W = BN_CTX_get(ctx); + q = BN_CTX_get(ctx); + X = BN_CTX_get(ctx); + c = BN_CTX_get(ctx); + p = BN_CTX_get(ctx); + test = BN_CTX_get(ctx); - if (!BN_lshift(test,BN_value_one(),bits-1)) goto err; + if (!BN_lshift(test,BN_value_one(),bits-1)) + goto err; for (;;) { @@ -139,7 +156,8 @@ DSA *DSA_generate_parameters(int bits, int seed_is_random; /* step 1 */ - if (callback != NULL) callback(0,m++,cb_arg); + if(!BN_GENCB_call(cb, 0, m++)) + goto err; if (!seed_len) { @@ -172,7 +190,8 @@ DSA *DSA_generate_parameters(int bits, if (!BN_bin2bn(md,SHA_DIGEST_LENGTH,q)) goto err; /* step 4 */ - r = BN_is_prime_fasttest(q, DSS_prime_checks, callback, ctx3, cb_arg, seed_is_random); + r = BN_is_prime_fasttest_ex(q, DSS_prime_checks, ctx, + seed_is_random, cb); if (r > 0) break; if (r != 0) @@ -182,8 +201,8 @@ DSA *DSA_generate_parameters(int bits, /* step 5 */ } - if (callback != NULL) callback(2,0,cb_arg); - if (callback != NULL) callback(3,0,cb_arg); + if(!BN_GENCB_call(cb, 2, 0)) goto err; + if(!BN_GENCB_call(cb, 3, 0)) goto err; /* step 6 */ counter=0; @@ -194,11 +213,11 @@ DSA *DSA_generate_parameters(int bits, for (;;) { - if (callback != NULL && counter != 0) - callback(0,counter,cb_arg); + if ((counter != 0) && !BN_GENCB_call(cb, 0, counter)) + goto err; /* step 7 */ - if (!BN_zero(W)) goto err; + BN_zero(W); /* now 'buf' contains "SEED + offset - 1" */ for (k=0; k<=n; k++) { @@ -233,7 +252,8 @@ DSA *DSA_generate_parameters(int bits, if (BN_cmp(p,test) >= 0) { /* step 11 */ - r = BN_is_prime_fasttest(p, DSS_prime_checks, callback, ctx3, cb_arg, 1); + r = BN_is_prime_fasttest_ex(p, DSS_prime_checks, + ctx, 1, cb); if (r > 0) goto end; /* found it */ if (r != 0) @@ -249,7 +269,8 @@ DSA *DSA_generate_parameters(int bits, } } end: - if (callback != NULL) callback(2,1,cb_arg); + if(!BN_GENCB_call(cb, 2, 1)) + goto err; /* We now need to generate g */ /* Set r0=(p-1)/q */ @@ -268,16 +289,16 @@ end: h++; } - if (callback != NULL) callback(3,1,cb_arg); + if(!BN_GENCB_call(cb, 3, 1)) + goto err; ok=1; err: - if (!ok) - { - if (ret != NULL) DSA_free(ret); - } - else + if (ok) { + if(ret->p) BN_free(ret->p); + if(ret->q) BN_free(ret->q); + if(ret->g) BN_free(ret->g); ret->p=BN_dup(p); ret->q=BN_dup(q); ret->g=BN_dup(g); @@ -286,20 +307,16 @@ err: ok=0; goto err; } - if ((m > 1) && (seed_in != NULL)) memcpy(seed_in,seed,20); + if (seed_in != NULL) memcpy(seed_in,seed,20); if (counter_ret != NULL) *counter_ret=counter; if (h_ret != NULL) *h_ret=h; } - if (ctx != NULL) BN_CTX_free(ctx); - if (ctx2 != NULL) + if(ctx) { - BN_CTX_end(ctx2); - BN_CTX_free(ctx2); + BN_CTX_end(ctx); + BN_CTX_free(ctx); } - if (ctx3 != NULL) BN_CTX_free(ctx3); if (mont != NULL) BN_MONT_CTX_free(mont); - return(ok?ret:NULL); + return ok; } -#endif /* ndef OPENSSL_FIPS */ -#endif /* ndef OPENSSL_NO_SHA */ - +#endif diff --git a/src/lib/libssl/src/crypto/dsa/dsa_key.c b/src/lib/libssl/src/crypto/dsa/dsa_key.c index 980b6dc2d3..c4aa86bc6d 100644 --- a/src/lib/libssl/src/crypto/dsa/dsa_key.c +++ b/src/lib/libssl/src/crypto/dsa/dsa_key.c @@ -56,16 +56,24 @@ * [including the GNU Public Licence.] */ -#ifndef OPENSSL_NO_SHA #include #include #include "cryptlib.h" +#ifndef OPENSSL_NO_SHA #include #include #include -#ifndef OPENSSL_FIPS +static int dsa_builtin_keygen(DSA *dsa); + int DSA_generate_key(DSA *dsa) + { + if(dsa->meth->dsa_keygen) + return dsa->meth->dsa_keygen(dsa); + return dsa_builtin_keygen(dsa); + } + +static int dsa_builtin_keygen(DSA *dsa) { int ok=0; BN_CTX *ctx=NULL; @@ -99,7 +107,7 @@ int DSA_generate_key(DSA *dsa) { BN_init(&local_prk); prk = &local_prk; - BN_with_flags(prk, priv_key, BN_FLG_EXP_CONSTTIME); + BN_with_flags(prk, priv_key, BN_FLG_CONSTTIME); } else prk = priv_key; @@ -118,4 +126,3 @@ err: return(ok); } #endif -#endif diff --git a/src/lib/libssl/src/crypto/dsa/dsa_lib.c b/src/lib/libssl/src/crypto/dsa/dsa_lib.c index 4171af24c6..e9b75902db 100644 --- a/src/lib/libssl/src/crypto/dsa/dsa_lib.c +++ b/src/lib/libssl/src/crypto/dsa/dsa_lib.c @@ -66,8 +66,11 @@ #ifndef OPENSSL_NO_ENGINE #include #endif +#ifndef OPENSSL_NO_DH +#include +#endif -const char *DSA_version="DSA" OPENSSL_VERSION_PTEXT; +const char DSA_version[]="DSA" OPENSSL_VERSION_PTEXT; static const DSA_METHOD *default_DSA_method = NULL; diff --git a/src/lib/libssl/src/crypto/dsa/dsa_ossl.c b/src/lib/libssl/src/crypto/dsa/dsa_ossl.c index 12509a7083..75ff7cc4af 100644 --- a/src/lib/libssl/src/crypto/dsa/dsa_ossl.c +++ b/src/lib/libssl/src/crypto/dsa/dsa_ossl.c @@ -65,33 +65,63 @@ #include #include -#ifndef OPENSSL_FIPS static DSA_SIG *dsa_do_sign(const unsigned char *dgst, int dlen, DSA *dsa); static int dsa_sign_setup(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp, BIGNUM **rp); static int dsa_do_verify(const unsigned char *dgst, int dgst_len, DSA_SIG *sig, DSA *dsa); static int dsa_init(DSA *dsa); static int dsa_finish(DSA *dsa); -static int dsa_mod_exp(DSA *dsa, BIGNUM *rr, BIGNUM *a1, BIGNUM *p1, - BIGNUM *a2, BIGNUM *p2, BIGNUM *m, BN_CTX *ctx, - BN_MONT_CTX *in_mont); -static int dsa_bn_mod_exp(DSA *dsa, BIGNUM *r, BIGNUM *a, const BIGNUM *p, - const BIGNUM *m, BN_CTX *ctx, - BN_MONT_CTX *m_ctx); static DSA_METHOD openssl_dsa_meth = { "OpenSSL DSA method", dsa_do_sign, dsa_sign_setup, dsa_do_verify, -dsa_mod_exp, -dsa_bn_mod_exp, +NULL, /* dsa_mod_exp, */ +NULL, /* dsa_bn_mod_exp, */ dsa_init, dsa_finish, 0, +NULL, +NULL, NULL }; +/* These macro wrappers replace attempts to use the dsa_mod_exp() and + * bn_mod_exp() handlers in the DSA_METHOD structure. We avoid the problem of + * having a the macro work as an expression by bundling an "err_instr". So; + * + * if (!dsa->meth->bn_mod_exp(dsa, r,dsa->g,&k,dsa->p,ctx, + * dsa->method_mont_p)) goto err; + * + * can be replaced by; + * + * DSA_BN_MOD_EXP(goto err, dsa, r, dsa->g, &k, dsa->p, ctx, + * dsa->method_mont_p); + */ + +#define DSA_MOD_EXP(err_instr,dsa,rr,a1,p1,a2,p2,m,ctx,in_mont) \ + do { \ + int _tmp_res53; \ + if((dsa)->meth->dsa_mod_exp) \ + _tmp_res53 = (dsa)->meth->dsa_mod_exp((dsa), (rr), (a1), (p1), \ + (a2), (p2), (m), (ctx), (in_mont)); \ + else \ + _tmp_res53 = BN_mod_exp2_mont((rr), (a1), (p1), (a2), (p2), \ + (m), (ctx), (in_mont)); \ + if(!_tmp_res53) err_instr; \ + } while(0) +#define DSA_BN_MOD_EXP(err_instr,dsa,r,a,p,m,ctx,m_ctx) \ + do { \ + int _tmp_res53; \ + if((dsa)->meth->bn_mod_exp) \ + _tmp_res53 = (dsa)->meth->bn_mod_exp((dsa), (r), (a), (p), \ + (m), (ctx), (m_ctx)); \ + else \ + _tmp_res53 = BN_mod_exp_mont((r), (a), (p), (m), (ctx), (m_ctx)); \ + if(!_tmp_res53) err_instr; \ + } while(0) + const DSA_METHOD *DSA_OpenSSL(void) { return &openssl_dsa_meth; @@ -199,12 +229,12 @@ static int dsa_sign_setup(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp, BIGNUM **rp) while (BN_is_zero(&k)); if ((dsa->flags & DSA_FLAG_NO_EXP_CONSTTIME) == 0) { - BN_set_flags(&k, BN_FLG_EXP_CONSTTIME); + BN_set_flags(&k, BN_FLG_CONSTTIME); } if (dsa->flags & DSA_FLAG_CACHE_MONT_P) { - if (!BN_MONT_CTX_set_locked((BN_MONT_CTX **)&dsa->method_mont_p, + if (!BN_MONT_CTX_set_locked(&dsa->method_mont_p, CRYPTO_LOCK_DSA, dsa->p, ctx)) goto err; @@ -234,8 +264,8 @@ static int dsa_sign_setup(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp, BIGNUM **rp) { K = &k; } - if (!dsa->meth->bn_mod_exp(dsa, r,dsa->g,K,dsa->p,ctx, - (BN_MONT_CTX *)dsa->method_mont_p)) goto err; + DSA_BN_MOD_EXP(goto err, dsa, r, dsa->g, K, dsa->p, ctx, + dsa->method_mont_p); if (!BN_mod(r,r,dsa->q,ctx)) goto err; /* Compute part of 's = inv(k) (m + xr) mod q' */ @@ -274,18 +304,32 @@ static int dsa_do_verify(const unsigned char *dgst, int dgst_len, DSA_SIG *sig, return -1; } + if (BN_num_bits(dsa->q) != 160) + { + DSAerr(DSA_F_DSA_DO_VERIFY,DSA_R_BAD_Q_VALUE); + return -1; + } + + if (BN_num_bits(dsa->p) > OPENSSL_DSA_MAX_MODULUS_BITS) + { + DSAerr(DSA_F_DSA_DO_VERIFY,DSA_R_MODULUS_TOO_LARGE); + return -1; + } + BN_init(&u1); BN_init(&u2); BN_init(&t1); if ((ctx=BN_CTX_new()) == NULL) goto err; - if (BN_is_zero(sig->r) || sig->r->neg || BN_ucmp(sig->r, dsa->q) >= 0) + if (BN_is_zero(sig->r) || BN_is_negative(sig->r) || + BN_ucmp(sig->r, dsa->q) >= 0) { ret = 0; goto err; } - if (BN_is_zero(sig->s) || sig->s->neg || BN_ucmp(sig->s, dsa->q) >= 0) + if (BN_is_zero(sig->s) || BN_is_negative(sig->s) || + BN_ucmp(sig->s, dsa->q) >= 0) { ret = 0; goto err; @@ -307,43 +351,25 @@ static int dsa_do_verify(const unsigned char *dgst, int dgst_len, DSA_SIG *sig, if (dsa->flags & DSA_FLAG_CACHE_MONT_P) { - mont = BN_MONT_CTX_set_locked( - (BN_MONT_CTX **)&dsa->method_mont_p, + mont = BN_MONT_CTX_set_locked(&dsa->method_mont_p, CRYPTO_LOCK_DSA, dsa->p, ctx); if (!mont) goto err; } -#if 0 - { - BIGNUM t2; - - BN_init(&t2); - /* v = ( g^u1 * y^u2 mod p ) mod q */ - /* let t1 = g ^ u1 mod p */ - if (!BN_mod_exp_mont(&t1,dsa->g,&u1,dsa->p,ctx,mont)) goto err; - /* let t2 = y ^ u2 mod p */ - if (!BN_mod_exp_mont(&t2,dsa->pub_key,&u2,dsa->p,ctx,mont)) goto err; - /* let u1 = t1 * t2 mod p */ - if (!BN_mod_mul(&u1,&t1,&t2,dsa->p,ctx)) goto err_bn; - BN_free(&t2); - } - /* let u1 = u1 mod q */ - if (!BN_mod(&u1,&u1,dsa->q,ctx)) goto err; -#else - { - if (!dsa->meth->dsa_mod_exp(dsa, &t1,dsa->g,&u1,dsa->pub_key,&u2, - dsa->p,ctx,mont)) goto err; + + DSA_MOD_EXP(goto err, dsa, &t1, dsa->g, &u1, dsa->pub_key, &u2, dsa->p, ctx, mont); /* BN_copy(&u1,&t1); */ /* let u1 = u1 mod q */ if (!BN_mod(&u1,&t1,dsa->q,ctx)) goto err; - } -#endif + /* V is now in u1. If the signature is correct, it will be * equal to R. */ ret=(BN_ucmp(&u1, sig->r) == 0); err: + /* XXX: surely this is wrong - if ret is 0, it just didn't verify; + there is no error in BN. Test should be ret == -1 (Ben) */ if (ret != 1) DSAerr(DSA_F_DSA_DO_VERIFY,ERR_R_BN_LIB); if (ctx != NULL) BN_CTX_free(ctx); BN_free(&u1); @@ -361,21 +387,7 @@ static int dsa_init(DSA *dsa) static int dsa_finish(DSA *dsa) { if(dsa->method_mont_p) - BN_MONT_CTX_free((BN_MONT_CTX *)dsa->method_mont_p); + BN_MONT_CTX_free(dsa->method_mont_p); return(1); } -static int dsa_mod_exp(DSA *dsa, BIGNUM *rr, BIGNUM *a1, BIGNUM *p1, - BIGNUM *a2, BIGNUM *p2, BIGNUM *m, BN_CTX *ctx, - BN_MONT_CTX *in_mont) -{ - return BN_mod_exp2_mont(rr, a1, p1, a2, p2, m, ctx, in_mont); -} - -static int dsa_bn_mod_exp(DSA *dsa, BIGNUM *r, BIGNUM *a, const BIGNUM *p, - const BIGNUM *m, BN_CTX *ctx, - BN_MONT_CTX *m_ctx) -{ - return BN_mod_exp_mont(r, a, p, m, ctx, m_ctx); -} -#endif diff --git a/src/lib/libssl/src/crypto/dsa/dsa_sign.c b/src/lib/libssl/src/crypto/dsa/dsa_sign.c index 37c65efb20..89205026f0 100644 --- a/src/lib/libssl/src/crypto/dsa/dsa_sign.c +++ b/src/lib/libssl/src/crypto/dsa/dsa_sign.c @@ -64,18 +64,9 @@ #include #include #include -#ifndef OPENSSL_NO_ENGINE -#include -#endif -#include DSA_SIG * DSA_do_sign(const unsigned char *dgst, int dlen, DSA *dsa) { -#ifdef OPENSSL_FIPS - if(FIPS_mode() && !(dsa->flags & DSA_FLAG_FIPS_EXTERNAL_METHOD_ALLOW) - && !FIPS_dsa_check(dsa)) - return NULL; -#endif return dsa->meth->dsa_do_sign(dgst, dlen, dsa); } @@ -96,11 +87,6 @@ int DSA_sign(int type, const unsigned char *dgst, int dlen, unsigned char *sig, int DSA_sign_setup(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp, BIGNUM **rp) { -#ifdef OPENSSL_FIPS - if(FIPS_mode() && !(dsa->flags & DSA_FLAG_FIPS_EXTERNAL_METHOD_ALLOW) - && !FIPS_dsa_check(dsa)) - return 0; -#endif return dsa->meth->dsa_sign_setup(dsa, ctx_in, kinvp, rp); } diff --git a/src/lib/libssl/src/crypto/dsa/dsa_vrf.c b/src/lib/libssl/src/crypto/dsa/dsa_vrf.c index c9784bed48..c4aeddd056 100644 --- a/src/lib/libssl/src/crypto/dsa/dsa_vrf.c +++ b/src/lib/libssl/src/crypto/dsa/dsa_vrf.c @@ -65,19 +65,10 @@ #include #include #include -#ifndef OPENSSL_NO_ENGINE -#include -#endif -#include int DSA_do_verify(const unsigned char *dgst, int dgst_len, DSA_SIG *sig, DSA *dsa) { -#ifdef OPENSSL_FIPS - if(FIPS_mode() && !(dsa->flags & DSA_FLAG_FIPS_EXTERNAL_METHOD_ALLOW) - && !FIPS_dsa_check(dsa)) - return -1; -#endif return dsa->meth->dsa_do_verify(dgst, dgst_len, sig, dsa); } diff --git a/src/lib/libssl/src/crypto/dsa/dsatest.c b/src/lib/libssl/src/crypto/dsa/dsatest.c index 55a3756aff..912317bb44 100644 --- a/src/lib/libssl/src/crypto/dsa/dsatest.c +++ b/src/lib/libssl/src/crypto/dsa/dsatest.c @@ -56,6 +56,12 @@ * [including the GNU Public Licence.] */ +/* Until the key-gen callbacks are modified to use newer prototypes, we allow + * deprecated functions for openssl-internal code */ +#ifdef OPENSSL_NO_DEPRECATED +#undef OPENSSL_NO_DEPRECATED +#endif + #include #include #include @@ -68,6 +74,7 @@ #include #include #include +#include #ifdef OPENSSL_NO_DSA int main(int argc, char *argv[]) @@ -84,7 +91,7 @@ int main(int argc, char *argv[]) #define MS_CALLBACK #endif -static void MS_CALLBACK dsa_cb(int p, int n, void *arg); +static int MS_CALLBACK dsa_cb(int p, int n, BN_GENCB *arg); /* seed, out_p, out_q, out_g are taken from the updated Appendix 5 to * FIPS PUB 186 and also appear in Appendix 5 to FIPS PIB 186-1 */ @@ -129,6 +136,7 @@ static BIO *bio_err=NULL; int main(int argc, char **argv) { + BN_GENCB cb; DSA *dsa=NULL; int counter,ret=0,i,j; unsigned char buf[256]; @@ -148,7 +156,10 @@ int main(int argc, char **argv) BIO_printf(bio_err,"test generation of DSA parameters\n"); - dsa=DSA_generate_parameters(512,seed,20,&counter,&h,dsa_cb,bio_err); + BN_GENCB_set(&cb, dsa_cb, bio_err); + if(((dsa = DSA_new()) == NULL) || !DSA_generate_parameters_ex(dsa, 512, + seed, 20, &counter, &h, &cb)) + goto end; BIO_printf(bio_err,"seed\n"); for (i=0; i<20; i+=4) @@ -156,7 +167,7 @@ int main(int argc, char **argv) BIO_printf(bio_err,"%02X%02X%02X%02X ", seed[i],seed[i+1],seed[i+2],seed[i+3]); } - BIO_printf(bio_err,"\ncounter=%d h=%d\n",counter,h); + BIO_printf(bio_err,"\ncounter=%d h=%ld\n",counter,h); if (dsa == NULL) goto end; DSA_print(bio_err,dsa,0); @@ -220,17 +231,14 @@ end: BIO_free(bio_err); bio_err = NULL; } +#ifdef OPENSSL_SYS_NETWARE + if (!ret) printf("ERROR\n"); +#endif EXIT(!ret); return(0); } -static int cb_exit(int ec) - { - EXIT(ec); - return(0); /* To keep some compilers quiet */ - } - -static void MS_CALLBACK dsa_cb(int p, int n, void *arg) +static int MS_CALLBACK dsa_cb(int p, int n, BN_GENCB *arg) { char c='*'; static int ok=0,num=0; @@ -239,13 +247,14 @@ static void MS_CALLBACK dsa_cb(int p, int n, void *arg) if (p == 1) c='+'; if (p == 2) { c='*'; ok++; } if (p == 3) c='\n'; - BIO_write(arg,&c,1); - (void)BIO_flush(arg); + BIO_write(arg->arg,&c,1); + (void)BIO_flush(arg->arg); if (!ok && (p == 0) && (num > 1)) { BIO_printf((BIO *)arg,"error in dsatest\n"); - cb_exit(1); + return 0; } + return 1; } #endif diff --git a/src/lib/libssl/src/crypto/dso/Makefile b/src/lib/libssl/src/crypto/dso/Makefile index c16278c3ff..07f5d8d159 100644 --- a/src/lib/libssl/src/crypto/dso/Makefile +++ b/src/lib/libssl/src/crypto/dso/Makefile @@ -7,11 +7,6 @@ TOP= ../.. CC= cc INCLUDES= -I.. -I$(TOP) -I../../include CFLAG=-g -INSTALL_PREFIX= -OPENSSLDIR= /usr/local/ssl -INSTALLTOP=/usr/local/ssl -MAKEDEPPROG= makedepend -MAKEDEPEND= $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG) MAKEFILE= Makefile AR= ar r @@ -53,6 +48,7 @@ links: @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS) install: + @[ -n "$(INSTALLTOP)" ] # should be set by top Makefile... @headerlist="$(EXHEADER)"; for i in $$headerlist ; \ do \ (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \ @@ -68,6 +64,7 @@ lint: lint -DLINT $(INCLUDES) $(SRC)>fluff depend: + @[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile... $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC) dclean: @@ -84,43 +81,47 @@ dso_dl.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h dso_dl.o: ../../include/openssl/dso.h ../../include/openssl/e_os2.h dso_dl.o: ../../include/openssl/err.h ../../include/openssl/lhash.h dso_dl.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -dso_dl.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h -dso_dl.o: ../../include/openssl/symhacks.h ../cryptlib.h dso_dl.c +dso_dl.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h +dso_dl.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +dso_dl.o: ../cryptlib.h dso_dl.c dso_dlfcn.o: ../../e_os.h ../../include/openssl/bio.h dso_dlfcn.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h dso_dlfcn.o: ../../include/openssl/dso.h ../../include/openssl/e_os2.h dso_dlfcn.o: ../../include/openssl/err.h ../../include/openssl/lhash.h dso_dlfcn.o: ../../include/openssl/opensslconf.h -dso_dlfcn.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h -dso_dlfcn.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -dso_dlfcn.o: ../cryptlib.h dso_dlfcn.c +dso_dlfcn.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +dso_dlfcn.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +dso_dlfcn.o: ../../include/openssl/symhacks.h ../cryptlib.h dso_dlfcn.c dso_err.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h dso_err.o: ../../include/openssl/dso.h ../../include/openssl/e_os2.h dso_err.o: ../../include/openssl/err.h ../../include/openssl/lhash.h dso_err.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -dso_err.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h -dso_err.o: ../../include/openssl/symhacks.h dso_err.c +dso_err.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h +dso_err.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +dso_err.o: dso_err.c dso_lib.o: ../../e_os.h ../../include/openssl/bio.h dso_lib.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h dso_lib.o: ../../include/openssl/dso.h ../../include/openssl/e_os2.h dso_lib.o: ../../include/openssl/err.h ../../include/openssl/lhash.h dso_lib.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -dso_lib.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h -dso_lib.o: ../../include/openssl/symhacks.h ../cryptlib.h dso_lib.c +dso_lib.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h +dso_lib.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +dso_lib.o: ../cryptlib.h dso_lib.c dso_null.o: ../../e_os.h ../../include/openssl/bio.h dso_null.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h dso_null.o: ../../include/openssl/dso.h ../../include/openssl/e_os2.h dso_null.o: ../../include/openssl/err.h ../../include/openssl/lhash.h dso_null.o: ../../include/openssl/opensslconf.h -dso_null.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h -dso_null.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -dso_null.o: ../cryptlib.h dso_null.c +dso_null.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +dso_null.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +dso_null.o: ../../include/openssl/symhacks.h ../cryptlib.h dso_null.c dso_openssl.o: ../../e_os.h ../../include/openssl/bio.h dso_openssl.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h dso_openssl.o: ../../include/openssl/dso.h ../../include/openssl/e_os2.h dso_openssl.o: ../../include/openssl/err.h ../../include/openssl/lhash.h dso_openssl.o: ../../include/openssl/opensslconf.h dso_openssl.o: ../../include/openssl/opensslv.h +dso_openssl.o: ../../include/openssl/ossl_typ.h dso_openssl.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h dso_openssl.o: ../../include/openssl/symhacks.h ../cryptlib.h dso_openssl.c dso_vms.o: ../../e_os.h ../../include/openssl/bio.h @@ -128,13 +129,14 @@ dso_vms.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h dso_vms.o: ../../include/openssl/dso.h ../../include/openssl/e_os2.h dso_vms.o: ../../include/openssl/err.h ../../include/openssl/lhash.h dso_vms.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -dso_vms.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h -dso_vms.o: ../../include/openssl/symhacks.h ../cryptlib.h dso_vms.c +dso_vms.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h +dso_vms.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +dso_vms.o: ../cryptlib.h dso_vms.c dso_win32.o: ../../e_os.h ../../include/openssl/bio.h dso_win32.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h dso_win32.o: ../../include/openssl/dso.h ../../include/openssl/e_os2.h dso_win32.o: ../../include/openssl/err.h ../../include/openssl/lhash.h dso_win32.o: ../../include/openssl/opensslconf.h -dso_win32.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h -dso_win32.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -dso_win32.o: ../cryptlib.h dso_win32.c +dso_win32.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +dso_win32.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +dso_win32.o: ../../include/openssl/symhacks.h ../cryptlib.h dso_win32.c diff --git a/src/lib/libssl/src/crypto/dso/dso.h b/src/lib/libssl/src/crypto/dso/dso.h index aa721f7feb..3e51913a72 100644 --- a/src/lib/libssl/src/crypto/dso/dso.h +++ b/src/lib/libssl/src/crypto/dso/dso.h @@ -1,4 +1,4 @@ -/* dso.h */ +/* dso.h -*- mode:C; c-file-style: "eay" -*- */ /* Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL * project 2000. */ @@ -95,6 +95,13 @@ extern "C" { */ #define DSO_FLAG_UPCASE_SYMBOL 0x10 +/* This flag loads the library with public symbols. + * Meaning: The exported symbols of this library are public + * to all libraries loaded after this library. + * At the moment only implemented in unix. + */ +#define DSO_FLAG_GLOBAL_SYMBOLS 0x20 + typedef void (*DSO_FUNC_TYPE)(void); @@ -107,6 +114,22 @@ typedef struct dso_st DSO; * condition) or a newly allocated string containing the transformed form that * the caller will need to free with OPENSSL_free() when done. */ typedef char* (*DSO_NAME_CONVERTER_FUNC)(DSO *, const char *); +/* The function prototype used for method functions (or caller-provided + * callbacks) that merge two file specifications. They are passed a + * DSO structure pointer (or NULL if they are to be used independantly of + * a DSO object) and two file specifications to merge. They should + * either return NULL (if there is an error condition) or a newly allocated + * string containing the result of merging that the caller will need + * to free with OPENSSL_free() when done. + * Here, merging means that bits and pieces are taken from each of the + * file specifications and added together in whatever fashion that is + * sensible for the DSO method in question. The only rule that really + * applies is that if the two specification contain pieces of the same + * type, the copy from the first string takes priority. One could see + * it as the first specification is the one given by the user and the + * second being a bunch of defaults to add on if they're missing in the + * first. */ +typedef char* (*DSO_MERGER_FUNC)(DSO *, const char *, const char *); typedef struct dso_meth_st { @@ -140,6 +163,9 @@ typedef struct dso_meth_st /* The default DSO_METHOD-specific function for converting filenames to * a canonical native form. */ DSO_NAME_CONVERTER_FUNC dso_name_converter; + /* The default DSO_METHOD-specific function for converting filenames to + * a canonical native form. */ + DSO_MERGER_FUNC dso_merger; /* [De]Initialisation handlers. */ int (*init)(DSO *dso); @@ -164,9 +190,13 @@ struct dso_st * don't touch meth_data! */ CRYPTO_EX_DATA ex_data; /* If this callback function pointer is set to non-NULL, then it will - * be used on DSO_load() in place of meth->dso_name_converter. NB: This + * be used in DSO_load() in place of meth->dso_name_converter. NB: This * should normally set using DSO_set_name_converter(). */ DSO_NAME_CONVERTER_FUNC name_converter; + /* If this callback function pointer is set to non-NULL, then it will + * be used in DSO_load() in place of meth->dso_merger. NB: This + * should normally set using DSO_set_merger(). */ + DSO_MERGER_FUNC merger; /* This is populated with (a copy of) the platform-independant * filename used for this DSO. */ char *filename; @@ -209,6 +239,11 @@ int DSO_set_filename(DSO *dso, const char *filename); * caller-created DSO_METHODs can do the same thing. A non-NULL return value * will need to be OPENSSL_free()'d. */ char *DSO_convert_filename(DSO *dso, const char *filename); +/* This function will invoke the DSO's merger callback to merge two file + * specifications, or if the callback isn't set it will instead use the + * DSO_METHOD's merger. A non-NULL return value will need to be + * OPENSSL_free()'d. */ +char *DSO_merge(DSO *dso, const char *filespec1, const char *filespec2); /* If the DSO is currently loaded, this returns the filename that it was loaded * under, otherwise it returns NULL. So it is also useful as a test as to * whether the DSO is currently loaded. NB: This will not necessarily return @@ -273,11 +308,13 @@ void ERR_load_DSO_strings(void); #define DSO_F_DLFCN_BIND_FUNC 100 #define DSO_F_DLFCN_BIND_VAR 101 #define DSO_F_DLFCN_LOAD 102 +#define DSO_F_DLFCN_MERGER 130 #define DSO_F_DLFCN_NAME_CONVERTER 123 #define DSO_F_DLFCN_UNLOAD 103 #define DSO_F_DL_BIND_FUNC 104 #define DSO_F_DL_BIND_VAR 105 #define DSO_F_DL_LOAD 106 +#define DSO_F_DL_MERGER 131 #define DSO_F_DL_NAME_CONVERTER 124 #define DSO_F_DL_UNLOAD 107 #define DSO_F_DSO_BIND_FUNC 108 @@ -288,27 +325,36 @@ void ERR_load_DSO_strings(void); #define DSO_F_DSO_GET_FILENAME 127 #define DSO_F_DSO_GET_LOADED_FILENAME 128 #define DSO_F_DSO_LOAD 112 +#define DSO_F_DSO_MERGE 132 #define DSO_F_DSO_NEW_METHOD 113 #define DSO_F_DSO_SET_FILENAME 129 #define DSO_F_DSO_SET_NAME_CONVERTER 122 #define DSO_F_DSO_UP_REF 114 -#define DSO_F_VMS_BIND_VAR 115 +#define DSO_F_VMS_BIND_SYM 115 #define DSO_F_VMS_LOAD 116 +#define DSO_F_VMS_MERGER 133 #define DSO_F_VMS_UNLOAD 117 #define DSO_F_WIN32_BIND_FUNC 118 #define DSO_F_WIN32_BIND_VAR 119 +#define DSO_F_WIN32_JOINER 135 #define DSO_F_WIN32_LOAD 120 +#define DSO_F_WIN32_MERGER 134 #define DSO_F_WIN32_NAME_CONVERTER 125 +#define DSO_F_WIN32_SPLITTER 136 #define DSO_F_WIN32_UNLOAD 121 /* Reason codes. */ #define DSO_R_CTRL_FAILED 100 #define DSO_R_DSO_ALREADY_LOADED 110 +#define DSO_R_EMPTY_FILE_STRUCTURE 113 +#define DSO_R_FAILURE 114 #define DSO_R_FILENAME_TOO_BIG 101 #define DSO_R_FINISH_FAILED 102 +#define DSO_R_INCORRECT_FILE_SYNTAX 115 #define DSO_R_LOAD_FAILED 103 #define DSO_R_NAME_TRANSLATION_FAILED 109 #define DSO_R_NO_FILENAME 111 +#define DSO_R_NO_FILE_SPECIFICATION 116 #define DSO_R_NULL_HANDLE 104 #define DSO_R_SET_FILENAME_FAILED 112 #define DSO_R_STACK_ERROR 105 diff --git a/src/lib/libssl/src/crypto/dso/dso_dl.c b/src/lib/libssl/src/crypto/dso/dso_dl.c index f7b4dfc0c3..417abb6ea9 100644 --- a/src/lib/libssl/src/crypto/dso/dso_dl.c +++ b/src/lib/libssl/src/crypto/dso/dso_dl.c @@ -1,4 +1,4 @@ -/* dso_dl.c */ +/* dso_dl.c -*- mode:C; c-file-style: "eay" -*- */ /* Written by Richard Levitte (richard@levitte.org) for the OpenSSL * project 2000. */ @@ -84,6 +84,7 @@ static int dl_finish(DSO *dso); static int dl_ctrl(DSO *dso, int cmd, long larg, void *parg); #endif static char *dl_name_converter(DSO *dso, const char *filename); +static char *dl_merger(DSO *dso, const char *filespec1, const char *filespec2); static DSO_METHOD dso_meth_dl = { "OpenSSL 'dl' shared library method", @@ -98,6 +99,7 @@ static DSO_METHOD dso_meth_dl = { #endif NULL, /* ctrl */ dl_name_converter, + dl_merger, NULL, /* init */ NULL /* finish */ }; @@ -239,6 +241,72 @@ static DSO_FUNC_TYPE dl_bind_func(DSO *dso, const char *symname) return((DSO_FUNC_TYPE)sym); } +static char *dl_merger(DSO *dso, const char *filespec1, const char *filespec2) + { + char *merged; + + if(!filespec1 && !filespec2) + { + DSOerr(DSO_F_DL_MERGER, + ERR_R_PASSED_NULL_PARAMETER); + return(NULL); + } + /* If the first file specification is a rooted path, it rules. + same goes if the second file specification is missing. */ + if (!filespec2 || filespec1[0] == '/') + { + merged = OPENSSL_malloc(strlen(filespec1) + 1); + if(!merged) + { + DSOerr(DSO_F_DL_MERGER, + ERR_R_MALLOC_FAILURE); + return(NULL); + } + strcpy(merged, filespec1); + } + /* If the first file specification is missing, the second one rules. */ + else if (!filespec1) + { + merged = OPENSSL_malloc(strlen(filespec2) + 1); + if(!merged) + { + DSOerr(DSO_F_DL_MERGER, + ERR_R_MALLOC_FAILURE); + return(NULL); + } + strcpy(merged, filespec2); + } + else + /* This part isn't as trivial as it looks. It assumes that + the second file specification really is a directory, and + makes no checks whatsoever. Therefore, the result becomes + the concatenation of filespec2 followed by a slash followed + by filespec1. */ + { + int spec2len, len; + + spec2len = (filespec2 ? strlen(filespec2) : 0); + len = spec2len + (filespec1 ? strlen(filespec1) : 0); + + if(filespec2 && filespec2[spec2len - 1] == '/') + { + spec2len--; + len--; + } + merged = OPENSSL_malloc(len + 2); + if(!merged) + { + DSOerr(DSO_F_DL_MERGER, + ERR_R_MALLOC_FAILURE); + return(NULL); + } + strcpy(merged, filespec2); + merged[spec2len] = '/'; + strcpy(&merged[spec2len + 1], filespec1); + } + return(merged); + } + /* This function is identical to the one in dso_dlfcn.c, but as it is highly * unlikely that both the "dl" *and* "dlfcn" variants are being compiled at the * same time, there's no great duplicating the code. Figuring out an elegant @@ -282,36 +350,4 @@ static char *dl_name_converter(DSO *dso, const char *filename) return(translated); } -#ifdef OPENSSL_FIPS -static void dl_ref_point(){} - -int DSO_pathbyaddr(void *addr,char *path,int sz) - { - struct shl_descriptor inf; - int i,len; - - if (addr == NULL) - { - union { void(*f)(); void *p; } t = { dl_ref_point }; - addr = t.p; - } - - for (i=-1;shl_get_r(i,&inf)==0;i++) - { - if (((size_t)addr >= inf.tstart && (size_t)addr < inf.tend) || - ((size_t)addr >= inf.dstart && (size_t)addr < inf.dend)) - { - len = (int)strlen(inf.filename); - if (sz <= 0) return len+1; - if (len >= sz) len=sz-1; - memcpy(path,inf.filename,len); - path[len++] = 0; - return len; - } - } - - return -1; - } -#endif - #endif /* DSO_DL */ diff --git a/src/lib/libssl/src/crypto/dso/dso_dlfcn.c b/src/lib/libssl/src/crypto/dso/dso_dlfcn.c index 0422a4859a..1fd10104c5 100644 --- a/src/lib/libssl/src/crypto/dso/dso_dlfcn.c +++ b/src/lib/libssl/src/crypto/dso/dso_dlfcn.c @@ -1,4 +1,4 @@ -/* dso_dlfcn.c */ +/* dso_dlfcn.c -*- mode:C; c-file-style: "eay" -*- */ /* Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL * project 2000. */ @@ -56,10 +56,6 @@ * */ -#ifdef __linux -#define _GNU_SOURCE -#endif - #include #include "cryptlib.h" #include @@ -89,6 +85,8 @@ static int dlfcn_finish(DSO *dso); static long dlfcn_ctrl(DSO *dso, int cmd, long larg, void *parg); #endif static char *dlfcn_name_converter(DSO *dso, const char *filename); +static char *dlfcn_merger(DSO *dso, const char *filespec1, + const char *filespec2); static DSO_METHOD dso_meth_dlfcn = { "OpenSSL 'dlfcn' shared library method", @@ -103,6 +101,7 @@ static DSO_METHOD dso_meth_dlfcn = { #endif NULL, /* ctrl */ dlfcn_name_converter, + dlfcn_merger, NULL, /* init */ NULL /* finish */ }; @@ -145,13 +144,19 @@ static int dlfcn_load(DSO *dso) void *ptr = NULL; /* See applicable comments in dso_dl.c */ char *filename = DSO_convert_filename(dso, NULL); + int flags = DLOPEN_FLAG; if(filename == NULL) { DSOerr(DSO_F_DLFCN_LOAD,DSO_R_NO_FILENAME); goto err; } - ptr = dlopen(filename, DLOPEN_FLAG); + +#ifdef RTLD_GLOBAL + if (dso->flags & DSO_FLAG_GLOBAL_SYMBOLS) + flags |= RTLD_GLOBAL; +#endif + ptr = dlopen(filename, flags); if(ptr == NULL) { DSOerr(DSO_F_DLFCN_LOAD,DSO_R_LOAD_FAILED); @@ -250,7 +255,7 @@ static DSO_FUNC_TYPE dlfcn_bind_func(DSO *dso, const char *symname) DSOerr(DSO_F_DLFCN_BIND_FUNC,DSO_R_NULL_HANDLE); return(NULL); } - *(void**)(tsym) = dlsym(ptr, symname); + *(void **)(tsym) = dlsym(ptr, symname); if(sym == NULL) { DSOerr(DSO_F_DLFCN_BIND_FUNC,DSO_R_SYM_FAILURE); @@ -260,6 +265,73 @@ static DSO_FUNC_TYPE dlfcn_bind_func(DSO *dso, const char *symname) return(sym); } +static char *dlfcn_merger(DSO *dso, const char *filespec1, + const char *filespec2) + { + char *merged; + + if(!filespec1 && !filespec2) + { + DSOerr(DSO_F_DLFCN_MERGER, + ERR_R_PASSED_NULL_PARAMETER); + return(NULL); + } + /* If the first file specification is a rooted path, it rules. + same goes if the second file specification is missing. */ + if (!filespec2 || filespec1[0] == '/') + { + merged = OPENSSL_malloc(strlen(filespec1) + 1); + if(!merged) + { + DSOerr(DSO_F_DLFCN_MERGER, + ERR_R_MALLOC_FAILURE); + return(NULL); + } + strcpy(merged, filespec1); + } + /* If the first file specification is missing, the second one rules. */ + else if (!filespec1) + { + merged = OPENSSL_malloc(strlen(filespec2) + 1); + if(!merged) + { + DSOerr(DSO_F_DLFCN_MERGER, + ERR_R_MALLOC_FAILURE); + return(NULL); + } + strcpy(merged, filespec2); + } + else + /* This part isn't as trivial as it looks. It assumes that + the second file specification really is a directory, and + makes no checks whatsoever. Therefore, the result becomes + the concatenation of filespec2 followed by a slash followed + by filespec1. */ + { + int spec2len, len; + + spec2len = (filespec2 ? strlen(filespec2) : 0); + len = spec2len + (filespec1 ? strlen(filespec1) : 0); + + if(filespec2 && filespec2[spec2len - 1] == '/') + { + spec2len--; + len--; + } + merged = OPENSSL_malloc(len + 2); + if(!merged) + { + DSOerr(DSO_F_DLFCN_MERGER, + ERR_R_MALLOC_FAILURE); + return(NULL); + } + strcpy(merged, filespec2); + merged[spec2len] = '/'; + strcpy(&merged[spec2len + 1], filespec1); + } + return(merged); + } + static char *dlfcn_name_converter(DSO *dso, const char *filename) { char *translated; @@ -294,32 +366,4 @@ static char *dlfcn_name_converter(DSO *dso, const char *filename) return(translated); } -#ifdef OPENSSL_FIPS -static void dlfcn_ref_point(){} - -int DSO_pathbyaddr(void *addr,char *path,int sz) - { - Dl_info dli; - int len; - - if (addr == NULL) - { - union { void(*f)(void); void *p; } t = { dlfcn_ref_point }; - addr = t.p; - } - - if (dladdr(addr,&dli)) - { - len = (int)strlen(dli.dli_fname); - if (sz <= 0) return len+1; - if (len >= sz) len=sz-1; - memcpy(path,dli.dli_fname,len); - path[len++]=0; - return len; - } - - ERR_add_error_data(4, "dlfcn_pathbyaddr(): ", dlerror()); - return -1; - } -#endif #endif /* DSO_DLFCN */ diff --git a/src/lib/libssl/src/crypto/dso/dso_err.c b/src/lib/libssl/src/crypto/dso/dso_err.c index 581677cc36..a8b0a210de 100644 --- a/src/lib/libssl/src/crypto/dso/dso_err.c +++ b/src/lib/libssl/src/crypto/dso/dso_err.c @@ -73,11 +73,13 @@ static ERR_STRING_DATA DSO_str_functs[]= {ERR_FUNC(DSO_F_DLFCN_BIND_FUNC), "DLFCN_BIND_FUNC"}, {ERR_FUNC(DSO_F_DLFCN_BIND_VAR), "DLFCN_BIND_VAR"}, {ERR_FUNC(DSO_F_DLFCN_LOAD), "DLFCN_LOAD"}, +{ERR_FUNC(DSO_F_DLFCN_MERGER), "DLFCN_MERGER"}, {ERR_FUNC(DSO_F_DLFCN_NAME_CONVERTER), "DLFCN_NAME_CONVERTER"}, {ERR_FUNC(DSO_F_DLFCN_UNLOAD), "DLFCN_UNLOAD"}, {ERR_FUNC(DSO_F_DL_BIND_FUNC), "DL_BIND_FUNC"}, {ERR_FUNC(DSO_F_DL_BIND_VAR), "DL_BIND_VAR"}, {ERR_FUNC(DSO_F_DL_LOAD), "DL_LOAD"}, +{ERR_FUNC(DSO_F_DL_MERGER), "DL_MERGER"}, {ERR_FUNC(DSO_F_DL_NAME_CONVERTER), "DL_NAME_CONVERTER"}, {ERR_FUNC(DSO_F_DL_UNLOAD), "DL_UNLOAD"}, {ERR_FUNC(DSO_F_DSO_BIND_FUNC), "DSO_bind_func"}, @@ -88,17 +90,22 @@ static ERR_STRING_DATA DSO_str_functs[]= {ERR_FUNC(DSO_F_DSO_GET_FILENAME), "DSO_get_filename"}, {ERR_FUNC(DSO_F_DSO_GET_LOADED_FILENAME), "DSO_get_loaded_filename"}, {ERR_FUNC(DSO_F_DSO_LOAD), "DSO_load"}, +{ERR_FUNC(DSO_F_DSO_MERGE), "DSO_merge"}, {ERR_FUNC(DSO_F_DSO_NEW_METHOD), "DSO_new_method"}, {ERR_FUNC(DSO_F_DSO_SET_FILENAME), "DSO_set_filename"}, {ERR_FUNC(DSO_F_DSO_SET_NAME_CONVERTER), "DSO_set_name_converter"}, {ERR_FUNC(DSO_F_DSO_UP_REF), "DSO_up_ref"}, -{ERR_FUNC(DSO_F_VMS_BIND_VAR), "VMS_BIND_VAR"}, +{ERR_FUNC(DSO_F_VMS_BIND_SYM), "VMS_BIND_SYM"}, {ERR_FUNC(DSO_F_VMS_LOAD), "VMS_LOAD"}, +{ERR_FUNC(DSO_F_VMS_MERGER), "VMS_MERGER"}, {ERR_FUNC(DSO_F_VMS_UNLOAD), "VMS_UNLOAD"}, {ERR_FUNC(DSO_F_WIN32_BIND_FUNC), "WIN32_BIND_FUNC"}, {ERR_FUNC(DSO_F_WIN32_BIND_VAR), "WIN32_BIND_VAR"}, +{ERR_FUNC(DSO_F_WIN32_JOINER), "WIN32_JOINER"}, {ERR_FUNC(DSO_F_WIN32_LOAD), "WIN32_LOAD"}, +{ERR_FUNC(DSO_F_WIN32_MERGER), "WIN32_MERGER"}, {ERR_FUNC(DSO_F_WIN32_NAME_CONVERTER), "WIN32_NAME_CONVERTER"}, +{ERR_FUNC(DSO_F_WIN32_SPLITTER), "WIN32_SPLITTER"}, {ERR_FUNC(DSO_F_WIN32_UNLOAD), "WIN32_UNLOAD"}, {0,NULL} }; @@ -107,11 +114,15 @@ static ERR_STRING_DATA DSO_str_reasons[]= { {ERR_REASON(DSO_R_CTRL_FAILED) ,"control command failed"}, {ERR_REASON(DSO_R_DSO_ALREADY_LOADED) ,"dso already loaded"}, +{ERR_REASON(DSO_R_EMPTY_FILE_STRUCTURE) ,"empty file structure"}, +{ERR_REASON(DSO_R_FAILURE) ,"failure"}, {ERR_REASON(DSO_R_FILENAME_TOO_BIG) ,"filename too big"}, {ERR_REASON(DSO_R_FINISH_FAILED) ,"cleanup method function failed"}, +{ERR_REASON(DSO_R_INCORRECT_FILE_SYNTAX) ,"incorrect file syntax"}, {ERR_REASON(DSO_R_LOAD_FAILED) ,"could not load the shared library"}, {ERR_REASON(DSO_R_NAME_TRANSLATION_FAILED),"name translation failed"}, {ERR_REASON(DSO_R_NO_FILENAME) ,"no filename"}, +{ERR_REASON(DSO_R_NO_FILE_SPECIFICATION) ,"no file specification"}, {ERR_REASON(DSO_R_NULL_HANDLE) ,"a null shared library handle was used"}, {ERR_REASON(DSO_R_SET_FILENAME_FAILED) ,"set filename failed"}, {ERR_REASON(DSO_R_STACK_ERROR) ,"the meth_data stack is corrupt"}, @@ -125,15 +136,12 @@ static ERR_STRING_DATA DSO_str_reasons[]= void ERR_load_DSO_strings(void) { - static int init=1; +#ifndef OPENSSL_NO_ERR - if (init) + if (ERR_func_error_string(DSO_str_functs[0].error) == NULL) { - init=0; -#ifndef OPENSSL_NO_ERR ERR_load_strings(0,DSO_str_functs); ERR_load_strings(0,DSO_str_reasons); -#endif - } +#endif } diff --git a/src/lib/libssl/src/crypto/dso/dso_lib.c b/src/lib/libssl/src/crypto/dso/dso_lib.c index 48d9fdb25e..49bdd71309 100644 --- a/src/lib/libssl/src/crypto/dso/dso_lib.c +++ b/src/lib/libssl/src/crypto/dso/dso_lib.c @@ -1,4 +1,4 @@ -/* dso_lib.c */ +/* dso_lib.c -*- mode:C; c-file-style: "eay" -*- */ /* Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL * project 2000. */ @@ -390,6 +390,33 @@ int DSO_set_filename(DSO *dso, const char *filename) return(1); } +char *DSO_merge(DSO *dso, const char *filespec1, const char *filespec2) + { + char *result = NULL; + + if(dso == NULL || filespec1 == NULL) + { + DSOerr(DSO_F_DSO_MERGE,ERR_R_PASSED_NULL_PARAMETER); + return(NULL); + } + if(filespec1 == NULL) + filespec1 = dso->filename; + if(filespec1 == NULL) + { + DSOerr(DSO_F_DSO_MERGE,DSO_R_NO_FILE_SPECIFICATION); + return(NULL); + } + if((dso->flags & DSO_FLAG_NO_NAME_TRANSLATION) == 0) + { + if(dso->merger != NULL) + result = dso->merger(dso, filespec1, filespec2); + else if(dso->meth->dso_merger != NULL) + result = dso->meth->dso_merger(dso, + filespec1, filespec2); + } + return(result); + } + char *DSO_convert_filename(DSO *dso, const char *filename) { char *result = NULL; diff --git a/src/lib/libssl/src/crypto/dso/dso_null.c b/src/lib/libssl/src/crypto/dso/dso_null.c index fa13a7cb0f..4972984651 100644 --- a/src/lib/libssl/src/crypto/dso/dso_null.c +++ b/src/lib/libssl/src/crypto/dso/dso_null.c @@ -75,6 +75,8 @@ static DSO_METHOD dso_meth_null = { NULL, /* unbind_func */ #endif NULL, /* ctrl */ + NULL, /* dso_name_converter */ + NULL, /* dso_merger */ NULL, /* init */ NULL /* finish */ }; diff --git a/src/lib/libssl/src/crypto/dso/dso_vms.c b/src/lib/libssl/src/crypto/dso/dso_vms.c index 1674619d17..2c434ee8a6 100644 --- a/src/lib/libssl/src/crypto/dso/dso_vms.c +++ b/src/lib/libssl/src/crypto/dso/dso_vms.c @@ -1,4 +1,4 @@ -/* dso_vms.c */ +/* dso_vms.c -*- mode:C; c-file-style: "eay" -*- */ /* Written by Richard Levitte (richard@levitte.org) for the OpenSSL * project 2000. */ @@ -63,6 +63,7 @@ #include #ifdef OPENSSL_SYS_VMS #pragma message disable DOLLARID +#include #include #include #include @@ -89,6 +90,8 @@ static int vms_finish(DSO *dso); static long vms_ctrl(DSO *dso, int cmd, long larg, void *parg); #endif static char *vms_name_converter(DSO *dso, const char *filename); +static char *vms_merger(DSO *dso, const char *filespec1, + const char *filespec2); static DSO_METHOD dso_meth_vms = { "OpenSSL 'VMS' shared library method", @@ -103,6 +106,7 @@ static DSO_METHOD dso_meth_vms = { #endif NULL, /* ctrl */ vms_name_converter, + vms_merger, NULL, /* init */ NULL /* finish */ }; @@ -140,7 +144,7 @@ static int vms_load(DSO *dso) if(filename == NULL) { - DSOerr(DSO_F_DLFCN_LOAD,DSO_R_NO_FILENAME); + DSOerr(DSO_F_VMS_LOAD,DSO_R_NO_FILENAME); goto err; } @@ -295,19 +299,19 @@ void vms_bind_sym(DSO *dso, const char *symname, void **sym) if((dso == NULL) || (symname == NULL)) { - DSOerr(DSO_F_VMS_BIND_VAR,ERR_R_PASSED_NULL_PARAMETER); + DSOerr(DSO_F_VMS_BIND_SYM,ERR_R_PASSED_NULL_PARAMETER); return; } if(sk_num(dso->meth_data) < 1) { - DSOerr(DSO_F_VMS_BIND_VAR,DSO_R_STACK_ERROR); + DSOerr(DSO_F_VMS_BIND_SYM,DSO_R_STACK_ERROR); return; } ptr = (DSO_VMS_INTERNAL *)sk_value(dso->meth_data, sk_num(dso->meth_data) - 1); if(ptr == NULL) { - DSOerr(DSO_F_VMS_BIND_VAR,DSO_R_NULL_HANDLE); + DSOerr(DSO_F_VMS_BIND_SYM,DSO_R_NULL_HANDLE); return; } @@ -336,7 +340,7 @@ void vms_bind_sym(DSO *dso, const char *symname, void **sym) { errstring[length] = '\0'; - DSOerr(DSO_F_VMS_BIND_VAR,DSO_R_SYM_FAILURE); + DSOerr(DSO_F_VMS_BIND_SYM,DSO_R_SYM_FAILURE); if (ptr->imagename_dsc.dsc$w_length) ERR_add_error_data(9, "Symbol ", symname, @@ -368,6 +372,127 @@ static DSO_FUNC_TYPE vms_bind_func(DSO *dso, const char *symname) return sym; } +static char *vms_merger(DSO *dso, const char *filespec1, const char *filespec2) + { + int status; + int filespec1len, filespec2len; + struct FAB fab; +#ifdef NAML$C_MAXRSS + struct NAML nam; + char esa[NAML$C_MAXRSS]; +#else + struct NAM nam; + char esa[NAM$C_MAXRSS]; +#endif + char *merged; + + if (!filespec1) filespec1 = ""; + if (!filespec2) filespec2 = ""; + filespec1len = strlen(filespec1); + filespec2len = strlen(filespec2); + + fab = cc$rms_fab; +#ifdef NAML$C_MAXRSS + nam = cc$rms_naml; +#else + nam = cc$rms_nam; +#endif + + fab.fab$l_fna = (char *)filespec1; + fab.fab$b_fns = filespec1len; + fab.fab$l_dna = (char *)filespec2; + fab.fab$b_dns = filespec2len; +#ifdef NAML$C_MAXRSS + if (filespec1len > NAM$C_MAXRSS) + { + fab.fab$l_fna = 0; + fab.fab$b_fns = 0; + nam.naml$l_long_filename = (char *)filespec1; + nam.naml$l_long_filename_size = filespec1len; + } + if (filespec2len > NAM$C_MAXRSS) + { + fab.fab$l_dna = 0; + fab.fab$b_dns = 0; + nam.naml$l_long_defname = (char *)filespec2; + nam.naml$l_long_defname_size = filespec2len; + } + nam.naml$l_esa = esa; + nam.naml$b_ess = NAM$C_MAXRSS; + nam.naml$l_long_expand = esa; + nam.naml$l_long_expand_alloc = sizeof(esa); + nam.naml$b_nop = NAM$M_SYNCHK | NAM$M_PWD; + nam.naml$v_no_short_upcase = 1; + fab.fab$l_naml = &nam; +#else + nam.nam$l_esa = esa; + nam.nam$b_ess = NAM$C_MAXRSS; + nam.nam$b_nop = NAM$M_SYNCHK | NAM$M_PWD; + fab.fab$l_nam = &nam; +#endif + + status = sys$parse(&fab, 0, 0); + + if(!$VMS_STATUS_SUCCESS(status)) + { + unsigned short length; + char errstring[257]; + struct dsc$descriptor_s errstring_dsc; + + errstring_dsc.dsc$w_length = sizeof(errstring); + errstring_dsc.dsc$b_dtype = DSC$K_DTYPE_T; + errstring_dsc.dsc$b_class = DSC$K_CLASS_S; + errstring_dsc.dsc$a_pointer = errstring; + + status = sys$getmsg(status, &length, &errstring_dsc, 1, 0); + + if (!$VMS_STATUS_SUCCESS(status)) + lib$signal(status); /* This is really bad. Abort! */ + else + { + errstring[length] = '\0'; + + DSOerr(DSO_F_VMS_MERGER,DSO_R_FAILURE); + ERR_add_error_data(7, + "filespec \"", filespec1, "\", ", + "defaults \"", filespec2, "\": ", + errstring); + } + return(NULL); + } +#ifdef NAML$C_MAXRSS + if (nam.naml$l_long_expand_size) + { + merged = OPENSSL_malloc(nam.naml$l_long_expand_size + 1); + if(!merged) + goto malloc_err; + strncpy(merged, nam.naml$l_long_expand, + nam.naml$l_long_expand_size); + merged[nam.naml$l_long_expand_size] = '\0'; + } + else + { + merged = OPENSSL_malloc(nam.naml$b_esl + 1); + if(!merged) + goto malloc_err; + strncpy(merged, nam.naml$l_esa, + nam.naml$b_esl); + merged[nam.naml$b_esl] = '\0'; + } +#else + merged = OPENSSL_malloc(nam.nam$b_esl + 1); + if(!merged) + goto malloc_err; + strncpy(merged, nam.nam$l_esa, + nam.nam$b_esl); + merged[nam.nam$b_esl] = '\0'; +#endif + return(merged); + malloc_err: + DSOerr(DSO_F_VMS_MERGER, + ERR_R_MALLOC_FAILURE); + } + static char *vms_name_converter(DSO *dso, const char *filename) { int len = strlen(filename); diff --git a/src/lib/libssl/src/crypto/dso/dso_win32.c b/src/lib/libssl/src/crypto/dso/dso_win32.c index cc4ac68696..fd3dd6a7fe 100644 --- a/src/lib/libssl/src/crypto/dso/dso_win32.c +++ b/src/lib/libssl/src/crypto/dso/dso_win32.c @@ -1,4 +1,4 @@ -/* dso_win32.c */ +/* dso_win32.c -*- mode:C; c-file-style: "eay" -*- */ /* Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL * project 2000. */ @@ -85,6 +85,26 @@ static FARPROC GetProcAddressA(HMODULE hModule,LPCSTR lpProcName) # endif # undef GetProcAddress # define GetProcAddress GetProcAddressA + +static HINSTANCE LoadLibraryA(LPCSTR lpLibFileName) + { + WCHAR *fnamw; + size_t len_0=strlen(lpLibFileName)+1,i; + +#ifdef _MSC_VER + fnamw = (WCHAR *)_alloca (len_0*sizeof(WCHAR)); +#else + fnamw = (WCHAR *)alloca (len_0*sizeof(WCHAR)); +#endif + if (fnamw == NULL) return NULL; + +#if defined(_WIN32_WCE) && _WIN32_WCE>=101 + if (!MultiByteToWideChar(CP_ACP,0,lpLibFileName,len_0,fnamw,len_0)) +#endif + for (i=0;inode = start; + } + + do + { + last = filename[0]; + switch(last) + { + case ':': + if(position != IN_DEVICE) + { + DSOerr(DSO_F_WIN32_SPLITTER, + DSO_R_INCORRECT_FILE_SYNTAX); + /*goto err;*/ + return(NULL); + } + result->device = start; + result->devicelen = filename - start; + position = IN_FILE; + start = ++filename; + result->dir = start; + break; + case '\\': + case '/': + if(position == IN_NODE) + { + result->nodelen = filename - start; + position = IN_FILE; + start = ++filename; + result->dir = start; + } + else if(position == IN_DEVICE) + { + position = IN_FILE; + filename++; + result->dir = start; + result->dirlen = filename - start; + start = filename; + } + else + { + filename++; + result->dirlen += filename - start; + start = filename; + } + break; + case '\0': + if(position == IN_NODE) + { + result->nodelen = filename - start; + } + else + { + if(filename - start > 0) + { + if (assume_last_is_dir) + { + if (position == IN_DEVICE) + { + result->dir = start; + result->dirlen = 0; + } + result->dirlen += + filename - start; + } + else + { + result->file = start; + result->filelen = + filename - start; + } + } + } + break; + default: + filename++; + break; + } + } + while(last); + + if(!result->nodelen) result->node = NULL; + if(!result->devicelen) result->device = NULL; + if(!result->dirlen) result->dir = NULL; + if(!result->filelen) result->file = NULL; + + return(result); + } + +static char *win32_joiner(DSO *dso, const struct file_st *file_split) + { + int len = 0, offset = 0; + char *result = NULL; + const char *start; + + if(!file_split) + { + DSOerr(DSO_F_WIN32_JOINER, + ERR_R_PASSED_NULL_PARAMETER); + return(NULL); + } + if(file_split->node) + { + len += 2 + file_split->nodelen; /* 2 for starting \\ */ + if(file_split->predir || file_split->dir || file_split->file) + len++; /* 1 for ending \ */ + } + else if(file_split->device) + { + len += file_split->devicelen + 1; /* 1 for ending : */ + } + len += file_split->predirlen; + if(file_split->predir && (file_split->dir || file_split->file)) + { + len++; /* 1 for ending \ */ + } + len += file_split->dirlen; + if(file_split->dir && file_split->file) + { + len++; /* 1 for ending \ */ + } + len += file_split->filelen; + + if(!len) + { + DSOerr(DSO_F_WIN32_JOINER, DSO_R_EMPTY_FILE_STRUCTURE); + return(NULL); + } + + result = OPENSSL_malloc(len + 1); + if (!result) + { + DSOerr(DSO_F_WIN32_JOINER, + ERR_R_MALLOC_FAILURE); + return(NULL); + } + + if(file_split->node) + { + strcpy(&result[offset], "\\\\"); offset += 2; + strncpy(&result[offset], file_split->node, + file_split->nodelen); offset += file_split->nodelen; + if(file_split->predir || file_split->dir || file_split->file) + { + result[offset] = '\\'; offset++; + } + } + else if(file_split->device) + { + strncpy(&result[offset], file_split->device, + file_split->devicelen); offset += file_split->devicelen; + result[offset] = ':'; offset++; + } + start = file_split->predir; + while(file_split->predirlen > (start - file_split->predir)) + { + const char *end = openssl_strnchr(start, '/', + file_split->predirlen - (start - file_split->predir)); + if(!end) + end = start + + file_split->predirlen + - (start - file_split->predir); + strncpy(&result[offset], start, + end - start); offset += end - start; + result[offset] = '\\'; offset++; + start = end + 1; + } +#if 0 /* Not needed, since the directory converter above already appeneded + a backslash */ + if(file_split->predir && (file_split->dir || file_split->file)) + { + result[offset] = '\\'; offset++; + } +#endif + start = file_split->dir; + while(file_split->dirlen > (start - file_split->dir)) + { + const char *end = openssl_strnchr(start, '/', + file_split->dirlen - (start - file_split->dir)); + if(!end) + end = start + + file_split->dirlen + - (start - file_split->dir); + strncpy(&result[offset], start, + end - start); offset += end - start; + result[offset] = '\\'; offset++; + start = end + 1; + } +#if 0 /* Not needed, since the directory converter above already appeneded + a backslash */ + if(file_split->dir && file_split->file) + { + result[offset] = '\\'; offset++; + } +#endif + strncpy(&result[offset], file_split->file, + file_split->filelen); offset += file_split->filelen; + result[offset] = '\0'; + return(result); + } + +static char *win32_merger(DSO *dso, const char *filespec1, const char *filespec2) + { + char *merged = NULL; + struct file_st *filespec1_split = NULL; + struct file_st *filespec2_split = NULL; + + if(!filespec1 && !filespec2) + { + DSOerr(DSO_F_WIN32_MERGER, + ERR_R_PASSED_NULL_PARAMETER); + return(NULL); + } + if (!filespec2) + { + merged = OPENSSL_malloc(strlen(filespec1) + 1); + if(!merged) + { + DSOerr(DSO_F_WIN32_MERGER, + ERR_R_MALLOC_FAILURE); + return(NULL); + } + strcpy(merged, filespec1); + } + else if (!filespec1) + { + merged = OPENSSL_malloc(strlen(filespec2) + 1); + if(!merged) + { + DSOerr(DSO_F_WIN32_MERGER, + ERR_R_MALLOC_FAILURE); + return(NULL); + } + strcpy(merged, filespec2); + } + else + { + filespec1_split = win32_splitter(dso, filespec1, 0); + if (!filespec1_split) + { + DSOerr(DSO_F_WIN32_MERGER, + ERR_R_MALLOC_FAILURE); + return(NULL); + } + filespec2_split = win32_splitter(dso, filespec2, 1); + if (!filespec2_split) + { + DSOerr(DSO_F_WIN32_MERGER, + ERR_R_MALLOC_FAILURE); + OPENSSL_free(filespec1_split); + return(NULL); + } + + /* Fill in into filespec1_split */ + if (!filespec1_split->node && !filespec1_split->device) + { + filespec1_split->node = filespec2_split->node; + filespec1_split->nodelen = filespec2_split->nodelen; + filespec1_split->device = filespec2_split->device; + filespec1_split->devicelen = filespec2_split->devicelen; + } + if (!filespec1_split->dir) + { + filespec1_split->dir = filespec2_split->dir; + filespec1_split->dirlen = filespec2_split->dirlen; + } + else if (filespec1_split->dir[0] != '\\' + && filespec1_split->dir[0] != '/') + { + filespec1_split->predir = filespec2_split->dir; + filespec1_split->predirlen = filespec2_split->dirlen; + } + if (!filespec1_split->file) + { + filespec1_split->file = filespec2_split->file; + filespec1_split->filelen = filespec2_split->filelen; + } + + merged = win32_joiner(dso, filespec1_split); + } + return(merged); + } + static char *win32_name_converter(DSO *dso, const char *filename) { char *translated; @@ -295,4 +644,17 @@ static char *win32_name_converter(DSO *dso, const char *filename) return(translated); } +static const char *openssl_strnchr(const char *string, int c, size_t len) + { + size_t i; + const char *p; + for (i = 0, p = string; i < len && *p; i++, p++) + { + if (*p == c) + return p; + } + return NULL; + } + + #endif /* OPENSSL_SYS_WIN32 */ diff --git a/src/lib/libssl/src/crypto/ebcdic.c b/src/lib/libssl/src/crypto/ebcdic.c index d1bece87f7..43e53bcaf7 100644 --- a/src/lib/libssl/src/crypto/ebcdic.c +++ b/src/lib/libssl/src/crypto/ebcdic.c @@ -1,6 +1,14 @@ /* crypto/ebcdic.c */ -#ifdef CHARSET_EBCDIC +#ifndef CHARSET_EBCDIC + +#include +#if defined(PEDANTIC) || defined(__DECC) || defined(OPENSSL_SYS_MACOSX) +static void *dummy=&dummy; +#endif + +#else /*CHARSET_EBCDIC*/ + #include "ebcdic.h" /* Initial Port for Apache-1.3 by * Adapted for OpenSSL-0.9.4 by @@ -210,9 +218,4 @@ ascii2ebcdic(void *dest, const void *srce, size_t count) return dest; } -#else /*CHARSET_EBCDIC*/ -#include -#if defined(PEDANTIC) || defined(__DECC) || defined(OPENSSL_SYS_MACOSX) -static void *dummy=&dummy; -#endif #endif diff --git a/src/lib/libssl/src/crypto/ec/Makefile b/src/lib/libssl/src/crypto/ec/Makefile index 8f03658ad4..42f7bb7fc8 100644 --- a/src/lib/libssl/src/crypto/ec/Makefile +++ b/src/lib/libssl/src/crypto/ec/Makefile @@ -7,11 +7,6 @@ TOP= ../.. CC= cc INCLUDES= -I.. -I$(TOP) -I../../include CFLAG=-g -INSTALL_PREFIX= -OPENSSLDIR= /usr/local/ssl -INSTALLTOP=/usr/local/ssl -MAKEDEPPROG= makedepend -MAKEDEPEND= $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG) MAKEFILE= Makefile AR= ar r @@ -22,11 +17,13 @@ TEST=ectest.c APPS= LIB=$(TOP)/libcrypto.a -LIBSRC= ec_lib.c ecp_smpl.c ecp_mont.c ecp_recp.c ecp_nist.c ec_cvt.c ec_mult.c \ - ec_err.c +LIBSRC= ec_lib.c ecp_smpl.c ecp_mont.c ecp_nist.c ec_cvt.c ec_mult.c\ + ec_err.c ec_curve.c ec_check.c ec_print.c ec_asn1.c ec_key.c\ + ec2_smpl.c ec2_smpt.c ec2_mult.c -LIBOBJ= ec_lib.o ecp_smpl.o ecp_mont.o ecp_recp.o ecp_nist.o ec_cvt.o ec_mult.o \ - ec_err.o +LIBOBJ= ec_lib.o ecp_smpl.o ecp_mont.o ecp_nist.o ec_cvt.o ec_mult.o\ + ec_err.o ec_curve.o ec_check.o ec_print.o ec_asn1.o ec_key.o\ + ec2_smpl.o ec2_mult.o SRC= $(LIBSRC) @@ -54,6 +51,7 @@ links: @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS) install: + @[ -n "$(INSTALLTOP)" ] # should be set by top Makefile... @headerlist="$(EXHEADER)"; for i in $$headerlist ; \ do \ (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \ @@ -69,6 +67,7 @@ lint: lint -DLINT $(INCLUDES) $(SRC)>fluff depend: + @[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile... $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC) dclean: @@ -80,47 +79,115 @@ clean: # DO NOT DELETE THIS LINE -- make depend depends on it. -ec_cvt.o: ../../include/openssl/bn.h ../../include/openssl/e_os2.h -ec_cvt.o: ../../include/openssl/ec.h ../../include/openssl/opensslconf.h +ec2_mult.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h +ec2_mult.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h +ec2_mult.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h +ec2_mult.o: ../../include/openssl/err.h ../../include/openssl/lhash.h +ec2_mult.o: ../../include/openssl/obj_mac.h ../../include/openssl/opensslconf.h +ec2_mult.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +ec2_mult.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +ec2_mult.o: ../../include/openssl/symhacks.h ec2_mult.c ec_lcl.h +ec2_smpl.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h +ec2_smpl.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h +ec2_smpl.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h +ec2_smpl.o: ../../include/openssl/err.h ../../include/openssl/lhash.h +ec2_smpl.o: ../../include/openssl/obj_mac.h ../../include/openssl/opensslconf.h +ec2_smpl.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +ec2_smpl.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +ec2_smpl.o: ../../include/openssl/symhacks.h ec2_smpl.c ec2_smpt.c ec_lcl.h +ec2_smpt.o: ec2_smpt.c +ec_asn1.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h +ec_asn1.o: ../../include/openssl/bio.h ../../include/openssl/bn.h +ec_asn1.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h +ec_asn1.o: ../../include/openssl/ec.h ../../include/openssl/err.h +ec_asn1.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h +ec_asn1.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h +ec_asn1.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +ec_asn1.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +ec_asn1.o: ../../include/openssl/symhacks.h ec_asn1.c ec_lcl.h +ec_check.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h +ec_check.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h +ec_check.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h +ec_check.o: ../../include/openssl/err.h ../../include/openssl/lhash.h +ec_check.o: ../../include/openssl/obj_mac.h ../../include/openssl/opensslconf.h +ec_check.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +ec_check.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +ec_check.o: ../../include/openssl/symhacks.h ec_check.c ec_lcl.h +ec_curve.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h +ec_curve.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h +ec_curve.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h +ec_curve.o: ../../include/openssl/err.h ../../include/openssl/lhash.h +ec_curve.o: ../../include/openssl/obj_mac.h ../../include/openssl/opensslconf.h +ec_curve.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +ec_curve.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +ec_curve.o: ../../include/openssl/symhacks.h ec_curve.c ec_lcl.h +ec_cvt.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h +ec_cvt.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h +ec_cvt.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h +ec_cvt.o: ../../include/openssl/err.h ../../include/openssl/lhash.h +ec_cvt.o: ../../include/openssl/obj_mac.h ../../include/openssl/opensslconf.h +ec_cvt.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +ec_cvt.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h ec_cvt.o: ../../include/openssl/symhacks.h ec_cvt.c ec_lcl.h -ec_err.o: ../../include/openssl/bio.h ../../include/openssl/bn.h +ec_err.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h ec_err.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h ec_err.o: ../../include/openssl/ec.h ../../include/openssl/err.h ec_err.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h -ec_err.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h -ec_err.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -ec_err.o: ec_err.c -ec_lib.o: ../../include/openssl/bio.h ../../include/openssl/bn.h -ec_lib.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h -ec_lib.o: ../../include/openssl/ec.h ../../include/openssl/err.h -ec_lib.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h -ec_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h -ec_lib.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -ec_lib.o: ec_lcl.h ec_lib.c -ec_mult.o: ../../include/openssl/bio.h ../../include/openssl/bn.h -ec_mult.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h -ec_mult.o: ../../include/openssl/ec.h ../../include/openssl/err.h -ec_mult.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h -ec_mult.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h -ec_mult.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -ec_mult.o: ec_lcl.h ec_mult.c -ecp_mont.o: ../../include/openssl/bio.h ../../include/openssl/bn.h -ecp_mont.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h -ecp_mont.o: ../../include/openssl/ec.h ../../include/openssl/err.h -ecp_mont.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h -ecp_mont.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h -ecp_mont.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -ecp_mont.o: ec_lcl.h ecp_mont.c -ecp_nist.o: ../../include/openssl/bn.h ../../include/openssl/e_os2.h -ecp_nist.o: ../../include/openssl/ec.h ../../include/openssl/opensslconf.h +ec_err.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +ec_err.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +ec_err.o: ../../include/openssl/symhacks.h ec_err.c +ec_key.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h +ec_key.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h +ec_key.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h +ec_key.o: ../../include/openssl/err.h ../../include/openssl/lhash.h +ec_key.o: ../../include/openssl/obj_mac.h ../../include/openssl/opensslconf.h +ec_key.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +ec_key.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +ec_key.o: ../../include/openssl/symhacks.h ec_key.c ec_lcl.h +ec_lib.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h +ec_lib.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h +ec_lib.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h +ec_lib.o: ../../include/openssl/err.h ../../include/openssl/lhash.h +ec_lib.o: ../../include/openssl/obj_mac.h ../../include/openssl/opensslconf.h +ec_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +ec_lib.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +ec_lib.o: ../../include/openssl/symhacks.h ec_lcl.h ec_lib.c +ec_mult.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h +ec_mult.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h +ec_mult.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h +ec_mult.o: ../../include/openssl/err.h ../../include/openssl/lhash.h +ec_mult.o: ../../include/openssl/obj_mac.h ../../include/openssl/opensslconf.h +ec_mult.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +ec_mult.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +ec_mult.o: ../../include/openssl/symhacks.h ec_lcl.h ec_mult.c +ec_print.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h +ec_print.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h +ec_print.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h +ec_print.o: ../../include/openssl/obj_mac.h ../../include/openssl/opensslconf.h +ec_print.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +ec_print.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +ec_print.o: ../../include/openssl/symhacks.h ec_lcl.h ec_print.c +ecp_mont.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h +ecp_mont.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h +ecp_mont.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h +ecp_mont.o: ../../include/openssl/err.h ../../include/openssl/lhash.h +ecp_mont.o: ../../include/openssl/obj_mac.h ../../include/openssl/opensslconf.h +ecp_mont.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +ecp_mont.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +ecp_mont.o: ../../include/openssl/symhacks.h ec_lcl.h ecp_mont.c +ecp_nist.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h +ecp_nist.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h +ecp_nist.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h +ecp_nist.o: ../../include/openssl/err.h ../../include/openssl/lhash.h +ecp_nist.o: ../../include/openssl/obj_mac.h ../../include/openssl/opensslconf.h +ecp_nist.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +ecp_nist.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h ecp_nist.o: ../../include/openssl/symhacks.h ec_lcl.h ecp_nist.c -ecp_recp.o: ../../include/openssl/bn.h ../../include/openssl/e_os2.h -ecp_recp.o: ../../include/openssl/ec.h ../../include/openssl/opensslconf.h -ecp_recp.o: ../../include/openssl/symhacks.h ec_lcl.h ecp_recp.c -ecp_smpl.o: ../../include/openssl/bio.h ../../include/openssl/bn.h -ecp_smpl.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h -ecp_smpl.o: ../../include/openssl/ec.h ../../include/openssl/err.h -ecp_smpl.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h -ecp_smpl.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h -ecp_smpl.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -ecp_smpl.o: ec_lcl.h ecp_smpl.c +ecp_smpl.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h +ecp_smpl.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h +ecp_smpl.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h +ecp_smpl.o: ../../include/openssl/err.h ../../include/openssl/lhash.h +ecp_smpl.o: ../../include/openssl/obj_mac.h ../../include/openssl/opensslconf.h +ecp_smpl.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +ecp_smpl.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +ecp_smpl.o: ../../include/openssl/symhacks.h ec_lcl.h ecp_smpl.c diff --git a/src/lib/libssl/src/crypto/ec/ec.h b/src/lib/libssl/src/crypto/ec/ec.h index 6d6a9b7127..8bc2a235b1 100644 --- a/src/lib/libssl/src/crypto/ec/ec.h +++ b/src/lib/libssl/src/crypto/ec/ec.h @@ -1,6 +1,9 @@ /* crypto/ec/ec.h */ +/* + * Originally written by Bodo Moeller for the OpenSSL project. + */ /* ==================================================================== - * Copyright (c) 1998-2001 The OpenSSL Project. All rights reserved. + * Copyright (c) 1998-2003 The OpenSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -52,22 +55,48 @@ * Hudson (tjh@cryptsoft.com). * */ +/* ==================================================================== + * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. + * + * Portions of the attached software ("Contribution") are developed by + * SUN MICROSYSTEMS, INC., and are contributed to the OpenSSL project. + * + * The Contribution is licensed pursuant to the OpenSSL open source + * license provided above. + * + * The elliptic curve binary polynomial software is originally written by + * Sheueling Chang Shantz and Douglas Stebila of Sun Microsystems Laboratories. + * + */ #ifndef HEADER_EC_H #define HEADER_EC_H +#include + #ifdef OPENSSL_NO_EC #error EC is disabled. #endif -#include +#include #include +#ifndef OPENSSL_NO_DEPRECATED +#include +#endif #ifdef __cplusplus extern "C" { +#elif defined(__SUNPRO_C) +# if __SUNPRO_C >= 0x520 +# pragma error_messages (off,E_ARRAY_OF_INCOMPLETE_NONAME,E_ARRAY_OF_INCOMPLETE) +# endif #endif +#ifndef OPENSSL_ECC_MAX_FIELD_BITS +# define OPENSSL_ECC_MAX_FIELD_BITS 661 +#endif + typedef enum { /* values as defined in X9.62 (ECDSA) and elsewhere */ POINT_CONVERSION_COMPRESSED = 2, @@ -84,7 +113,8 @@ typedef struct ec_group_st -- field definition -- curve coefficients -- optional generator with associated information (order, cofactor) - -- optional extra data (TODO: precomputed table for fast computation of multiples of generator) + -- optional extra data (precomputed table for fast computation of multiples of generator) + -- ASN1 stuff */ EC_GROUP; @@ -96,40 +126,84 @@ typedef struct ec_point_st EC_POINT; */ const EC_METHOD *EC_GFp_simple_method(void); const EC_METHOD *EC_GFp_mont_method(void); -#if 0 -const EC_METHOD *EC_GFp_recp_method(void); /* TODO */ -const EC_METHOD *EC_GFp_nist_method(void); /* TODO */ -#endif +const EC_METHOD *EC_GFp_nist_method(void); + +/* EC_METHOD for curves over GF(2^m). + */ +const EC_METHOD *EC_GF2m_simple_method(void); EC_GROUP *EC_GROUP_new(const EC_METHOD *); void EC_GROUP_free(EC_GROUP *); void EC_GROUP_clear_free(EC_GROUP *); int EC_GROUP_copy(EC_GROUP *, const EC_GROUP *); +EC_GROUP *EC_GROUP_dup(const EC_GROUP *); const EC_METHOD *EC_GROUP_method_of(const EC_GROUP *); - +int EC_METHOD_get_field_type(const EC_METHOD *); + +int EC_GROUP_set_generator(EC_GROUP *, const EC_POINT *generator, const BIGNUM *order, const BIGNUM *cofactor); +const EC_POINT *EC_GROUP_get0_generator(const EC_GROUP *); +int EC_GROUP_get_order(const EC_GROUP *, BIGNUM *order, BN_CTX *); +int EC_GROUP_get_cofactor(const EC_GROUP *, BIGNUM *cofactor, BN_CTX *); + +void EC_GROUP_set_curve_name(EC_GROUP *, int nid); +int EC_GROUP_get_curve_name(const EC_GROUP *); + +void EC_GROUP_set_asn1_flag(EC_GROUP *, int flag); +int EC_GROUP_get_asn1_flag(const EC_GROUP *); + +void EC_GROUP_set_point_conversion_form(EC_GROUP *, point_conversion_form_t); +point_conversion_form_t EC_GROUP_get_point_conversion_form(const EC_GROUP *); + +unsigned char *EC_GROUP_get0_seed(const EC_GROUP *); +size_t EC_GROUP_get_seed_len(const EC_GROUP *); +size_t EC_GROUP_set_seed(EC_GROUP *, const unsigned char *, size_t len); -/* We don't have types for field specifications and field elements in general. - * Otherwise we could declare - * int EC_GROUP_set_curve(EC_GROUP *, .....); - */ int EC_GROUP_set_curve_GFp(EC_GROUP *, const BIGNUM *p, const BIGNUM *a, const BIGNUM *b, BN_CTX *); int EC_GROUP_get_curve_GFp(const EC_GROUP *, BIGNUM *p, BIGNUM *a, BIGNUM *b, BN_CTX *); +int EC_GROUP_set_curve_GF2m(EC_GROUP *, const BIGNUM *p, const BIGNUM *a, const BIGNUM *b, BN_CTX *); +int EC_GROUP_get_curve_GF2m(const EC_GROUP *, BIGNUM *p, BIGNUM *a, BIGNUM *b, BN_CTX *); + +/* returns the number of bits needed to represent a field element */ +int EC_GROUP_get_degree(const EC_GROUP *); + +/* EC_GROUP_check() returns 1 if 'group' defines a valid group, 0 otherwise */ +int EC_GROUP_check(const EC_GROUP *group, BN_CTX *ctx); +/* EC_GROUP_check_discriminant() returns 1 if the discriminant of the + * elliptic curve is not zero, 0 otherwise */ +int EC_GROUP_check_discriminant(const EC_GROUP *, BN_CTX *); -/* EC_GROUP_new_GFp() calls EC_GROUP_new() and EC_GROUP_set_GFp() +/* EC_GROUP_cmp() returns 0 if both groups are equal and 1 otherwise */ +int EC_GROUP_cmp(const EC_GROUP *, const EC_GROUP *, BN_CTX *); + +/* EC_GROUP_new_GF*() calls EC_GROUP_new() and EC_GROUP_set_GF*() * after choosing an appropriate EC_METHOD */ EC_GROUP *EC_GROUP_new_curve_GFp(const BIGNUM *p, const BIGNUM *a, const BIGNUM *b, BN_CTX *); +EC_GROUP *EC_GROUP_new_curve_GF2m(const BIGNUM *p, const BIGNUM *a, const BIGNUM *b, BN_CTX *); -int EC_GROUP_set_generator(EC_GROUP *, const EC_POINT *generator, const BIGNUM *order, const BIGNUM *cofactor); -EC_POINT *EC_GROUP_get0_generator(const EC_GROUP *); -int EC_GROUP_get_order(const EC_GROUP *, BIGNUM *order, BN_CTX *); -int EC_GROUP_get_cofactor(const EC_GROUP *, BIGNUM *cofactor, BN_CTX *); +/* EC_GROUP_new_by_curve_name() creates a EC_GROUP structure + * specified by a curve name (in form of a NID) */ +EC_GROUP *EC_GROUP_new_by_curve_name(int nid); +/* handling of internal curves */ +typedef struct { + int nid; + const char *comment; + } EC_builtin_curve; +/* EC_builtin_curves(EC_builtin_curve *r, size_t size) returns number + * of all available curves or zero if a error occurred. + * In case r ist not zero nitems EC_builtin_curve structures + * are filled with the data of the first nitems internal groups */ +size_t EC_get_builtin_curves(EC_builtin_curve *r, size_t nitems); + + +/* EC_POINT functions */ EC_POINT *EC_POINT_new(const EC_GROUP *); void EC_POINT_free(EC_POINT *); void EC_POINT_clear_free(EC_POINT *); int EC_POINT_copy(EC_POINT *, const EC_POINT *); +EC_POINT *EC_POINT_dup(const EC_POINT *, const EC_GROUP *); const EC_METHOD *EC_POINT_method_of(const EC_POINT *); @@ -145,11 +219,28 @@ int EC_POINT_get_affine_coordinates_GFp(const EC_GROUP *, const EC_POINT *, int EC_POINT_set_compressed_coordinates_GFp(const EC_GROUP *, EC_POINT *, const BIGNUM *x, int y_bit, BN_CTX *); +int EC_POINT_set_affine_coordinates_GF2m(const EC_GROUP *, EC_POINT *, + const BIGNUM *x, const BIGNUM *y, BN_CTX *); +int EC_POINT_get_affine_coordinates_GF2m(const EC_GROUP *, const EC_POINT *, + BIGNUM *x, BIGNUM *y, BN_CTX *); +int EC_POINT_set_compressed_coordinates_GF2m(const EC_GROUP *, EC_POINT *, + const BIGNUM *x, int y_bit, BN_CTX *); + size_t EC_POINT_point2oct(const EC_GROUP *, const EC_POINT *, point_conversion_form_t form, unsigned char *buf, size_t len, BN_CTX *); int EC_POINT_oct2point(const EC_GROUP *, EC_POINT *, const unsigned char *buf, size_t len, BN_CTX *); +/* other interfaces to point2oct/oct2point: */ +BIGNUM *EC_POINT_point2bn(const EC_GROUP *, const EC_POINT *, + point_conversion_form_t form, BIGNUM *, BN_CTX *); +EC_POINT *EC_POINT_bn2point(const EC_GROUP *, const BIGNUM *, + EC_POINT *, BN_CTX *); +char *EC_POINT_point2hex(const EC_GROUP *, const EC_POINT *, + point_conversion_form_t form, BN_CTX *); +EC_POINT *EC_POINT_hex2point(const EC_GROUP *, const char *, + EC_POINT *, BN_CTX *); + int EC_POINT_add(const EC_GROUP *, EC_POINT *r, const EC_POINT *a, const EC_POINT *b, BN_CTX *); int EC_POINT_dbl(const EC_GROUP *, EC_POINT *r, const EC_POINT *a, BN_CTX *); int EC_POINT_invert(const EC_GROUP *, EC_POINT *, BN_CTX *); @@ -164,9 +255,112 @@ int EC_POINTs_make_affine(const EC_GROUP *, size_t num, EC_POINT *[], BN_CTX *); int EC_POINTs_mul(const EC_GROUP *, EC_POINT *r, const BIGNUM *, size_t num, const EC_POINT *[], const BIGNUM *[], BN_CTX *); int EC_POINT_mul(const EC_GROUP *, EC_POINT *r, const BIGNUM *, const EC_POINT *, const BIGNUM *, BN_CTX *); + +/* EC_GROUP_precompute_mult() stores multiples of generator for faster point multiplication */ int EC_GROUP_precompute_mult(EC_GROUP *, BN_CTX *); +/* EC_GROUP_have_precompute_mult() reports whether such precomputation has been done */ +int EC_GROUP_have_precompute_mult(const EC_GROUP *); + + +/* ASN1 stuff */ +/* EC_GROUP_get_basis_type() returns the NID of the basis type + * used to represent the field elements */ +int EC_GROUP_get_basis_type(const EC_GROUP *); +int EC_GROUP_get_trinomial_basis(const EC_GROUP *, unsigned int *k); +int EC_GROUP_get_pentanomial_basis(const EC_GROUP *, unsigned int *k1, + unsigned int *k2, unsigned int *k3); + +#define OPENSSL_EC_NAMED_CURVE 0x001 + +typedef struct ecpk_parameters_st ECPKPARAMETERS; + +EC_GROUP *d2i_ECPKParameters(EC_GROUP **, const unsigned char **in, long len); +int i2d_ECPKParameters(const EC_GROUP *, unsigned char **out); + +#define d2i_ECPKParameters_bio(bp,x) ASN1_d2i_bio_of(EC_GROUP,NULL,d2i_ECPKParameters,bp,x) +#define i2d_ECPKParameters_bio(bp,x) ASN1_i2d_bio_of_const(EC_GROUP,i2d_ECPKParameters,bp,x) +#define d2i_ECPKParameters_fp(fp,x) (EC_GROUP *)ASN1_d2i_fp(NULL, \ + (char *(*)())d2i_ECPKParameters,(fp),(unsigned char **)(x)) +#define i2d_ECPKParameters_fp(fp,x) ASN1_i2d_fp(i2d_ECPKParameters,(fp), \ + (unsigned char *)(x)) + +#ifndef OPENSSL_NO_BIO +int ECPKParameters_print(BIO *bp, const EC_GROUP *x, int off); +#endif +#ifndef OPENSSL_NO_FP_API +int ECPKParameters_print_fp(FILE *fp, const EC_GROUP *x, int off); +#endif + +/* the EC_KEY stuff */ +typedef struct ec_key_st EC_KEY; + +/* some values for the encoding_flag */ +#define EC_PKEY_NO_PARAMETERS 0x001 +#define EC_PKEY_NO_PUBKEY 0x002 + +EC_KEY *EC_KEY_new(void); +EC_KEY *EC_KEY_new_by_curve_name(int nid); +void EC_KEY_free(EC_KEY *); +EC_KEY *EC_KEY_copy(EC_KEY *, const EC_KEY *); +EC_KEY *EC_KEY_dup(const EC_KEY *); + +int EC_KEY_up_ref(EC_KEY *); + +const EC_GROUP *EC_KEY_get0_group(const EC_KEY *); +int EC_KEY_set_group(EC_KEY *, const EC_GROUP *); +const BIGNUM *EC_KEY_get0_private_key(const EC_KEY *); +int EC_KEY_set_private_key(EC_KEY *, const BIGNUM *); +const EC_POINT *EC_KEY_get0_public_key(const EC_KEY *); +int EC_KEY_set_public_key(EC_KEY *, const EC_POINT *); +unsigned EC_KEY_get_enc_flags(const EC_KEY *); +void EC_KEY_set_enc_flags(EC_KEY *, unsigned int); +point_conversion_form_t EC_KEY_get_conv_form(const EC_KEY *); +void EC_KEY_set_conv_form(EC_KEY *, point_conversion_form_t); +/* functions to set/get method specific data */ +void *EC_KEY_get_key_method_data(EC_KEY *, + void *(*dup_func)(void *), void (*free_func)(void *), void (*clear_free_func)(void *)); +void EC_KEY_insert_key_method_data(EC_KEY *, void *data, + void *(*dup_func)(void *), void (*free_func)(void *), void (*clear_free_func)(void *)); +/* wrapper functions for the underlying EC_GROUP object */ +void EC_KEY_set_asn1_flag(EC_KEY *, int); +int EC_KEY_precompute_mult(EC_KEY *, BN_CTX *ctx); + +/* EC_KEY_generate_key() creates a ec private (public) key */ +int EC_KEY_generate_key(EC_KEY *); +/* EC_KEY_check_key() */ +int EC_KEY_check_key(const EC_KEY *); + +/* de- and encoding functions for SEC1 ECPrivateKey */ +EC_KEY *d2i_ECPrivateKey(EC_KEY **a, const unsigned char **in, long len); +int i2d_ECPrivateKey(EC_KEY *a, unsigned char **out); +/* de- and encoding functions for EC parameters */ +EC_KEY *d2i_ECParameters(EC_KEY **a, const unsigned char **in, long len); +int i2d_ECParameters(EC_KEY *a, unsigned char **out); +/* de- and encoding functions for EC public key + * (octet string, not DER -- hence 'o2i' and 'i2o') */ +EC_KEY *o2i_ECPublicKey(EC_KEY **a, const unsigned char **in, long len); +int i2o_ECPublicKey(EC_KEY *a, unsigned char **out); + +#ifndef OPENSSL_NO_BIO +int ECParameters_print(BIO *bp, const EC_KEY *x); +int EC_KEY_print(BIO *bp, const EC_KEY *x, int off); +#endif +#ifndef OPENSSL_NO_FP_API +int ECParameters_print_fp(FILE *fp, const EC_KEY *x); +int EC_KEY_print_fp(FILE *fp, const EC_KEY *x, int off); +#endif + +#define ECParameters_dup(x) ASN1_dup_of(EC_KEY,i2d_ECParameters,d2i_ECParameters,x) + +#ifndef __cplusplus +#if defined(__SUNPRO_C) +# if __SUNPRO_C >= 0x520 +# pragma error_messages (default,E_ARRAY_OF_INCOMPLETE_NONAME,E_ARRAY_OF_INCOMPLETE) +# endif +# endif +#endif /* BEGIN ERROR CODES */ /* The following lines are auto generated by the script mkerr.pl. Any changes @@ -178,51 +372,124 @@ void ERR_load_EC_strings(void); /* Function codes. */ #define EC_F_COMPUTE_WNAF 143 +#define EC_F_D2I_ECPARAMETERS 144 +#define EC_F_D2I_ECPKPARAMETERS 145 +#define EC_F_D2I_ECPRIVATEKEY 146 +#define EC_F_ECPARAMETERS_PRINT 147 +#define EC_F_ECPARAMETERS_PRINT_FP 148 +#define EC_F_ECPKPARAMETERS_PRINT 149 +#define EC_F_ECPKPARAMETERS_PRINT_FP 150 +#define EC_F_ECP_NIST_MOD_192 203 +#define EC_F_ECP_NIST_MOD_224 204 +#define EC_F_ECP_NIST_MOD_256 205 +#define EC_F_ECP_NIST_MOD_521 206 +#define EC_F_EC_ASN1_GROUP2CURVE 153 +#define EC_F_EC_ASN1_GROUP2FIELDID 154 +#define EC_F_EC_ASN1_GROUP2PARAMETERS 155 +#define EC_F_EC_ASN1_GROUP2PKPARAMETERS 156 +#define EC_F_EC_ASN1_PARAMETERS2GROUP 157 +#define EC_F_EC_ASN1_PKPARAMETERS2GROUP 158 +#define EC_F_EC_EX_DATA_SET_DATA 211 +#define EC_F_EC_GF2M_MONTGOMERY_POINT_MULTIPLY 208 +#define EC_F_EC_GF2M_SIMPLE_GROUP_CHECK_DISCRIMINANT 159 +#define EC_F_EC_GF2M_SIMPLE_GROUP_SET_CURVE 195 +#define EC_F_EC_GF2M_SIMPLE_OCT2POINT 160 +#define EC_F_EC_GF2M_SIMPLE_POINT2OCT 161 +#define EC_F_EC_GF2M_SIMPLE_POINT_GET_AFFINE_COORDINATES 162 +#define EC_F_EC_GF2M_SIMPLE_POINT_SET_AFFINE_COORDINATES 163 +#define EC_F_EC_GF2M_SIMPLE_SET_COMPRESSED_COORDINATES 164 #define EC_F_EC_GFP_MONT_FIELD_DECODE 133 #define EC_F_EC_GFP_MONT_FIELD_ENCODE 134 #define EC_F_EC_GFP_MONT_FIELD_MUL 131 +#define EC_F_EC_GFP_MONT_FIELD_SET_TO_ONE 209 #define EC_F_EC_GFP_MONT_FIELD_SQR 132 +#define EC_F_EC_GFP_MONT_GROUP_SET_CURVE 189 +#define EC_F_EC_GFP_MONT_GROUP_SET_CURVE_GFP 135 +#define EC_F_EC_GFP_NIST_FIELD_MUL 200 +#define EC_F_EC_GFP_NIST_FIELD_SQR 201 +#define EC_F_EC_GFP_NIST_GROUP_SET_CURVE 202 +#define EC_F_EC_GFP_SIMPLE_GROUP_CHECK_DISCRIMINANT 165 +#define EC_F_EC_GFP_SIMPLE_GROUP_SET_CURVE 166 #define EC_F_EC_GFP_SIMPLE_GROUP_SET_CURVE_GFP 100 #define EC_F_EC_GFP_SIMPLE_GROUP_SET_GENERATOR 101 #define EC_F_EC_GFP_SIMPLE_MAKE_AFFINE 102 #define EC_F_EC_GFP_SIMPLE_OCT2POINT 103 #define EC_F_EC_GFP_SIMPLE_POINT2OCT 104 #define EC_F_EC_GFP_SIMPLE_POINTS_MAKE_AFFINE 137 +#define EC_F_EC_GFP_SIMPLE_POINT_GET_AFFINE_COORDINATES 167 #define EC_F_EC_GFP_SIMPLE_POINT_GET_AFFINE_COORDINATES_GFP 105 +#define EC_F_EC_GFP_SIMPLE_POINT_SET_AFFINE_COORDINATES 168 #define EC_F_EC_GFP_SIMPLE_POINT_SET_AFFINE_COORDINATES_GFP 128 +#define EC_F_EC_GFP_SIMPLE_SET_COMPRESSED_COORDINATES 169 #define EC_F_EC_GFP_SIMPLE_SET_COMPRESSED_COORDINATES_GFP 129 +#define EC_F_EC_GROUP_CHECK 170 +#define EC_F_EC_GROUP_CHECK_DISCRIMINANT 171 #define EC_F_EC_GROUP_COPY 106 #define EC_F_EC_GROUP_GET0_GENERATOR 139 #define EC_F_EC_GROUP_GET_COFACTOR 140 +#define EC_F_EC_GROUP_GET_CURVE_GF2M 172 #define EC_F_EC_GROUP_GET_CURVE_GFP 130 +#define EC_F_EC_GROUP_GET_DEGREE 173 #define EC_F_EC_GROUP_GET_ORDER 141 +#define EC_F_EC_GROUP_GET_PENTANOMIAL_BASIS 193 +#define EC_F_EC_GROUP_GET_TRINOMIAL_BASIS 194 #define EC_F_EC_GROUP_NEW 108 +#define EC_F_EC_GROUP_NEW_BY_CURVE_NAME 174 +#define EC_F_EC_GROUP_NEW_FROM_DATA 175 #define EC_F_EC_GROUP_PRECOMPUTE_MULT 142 +#define EC_F_EC_GROUP_SET_CURVE_GF2M 176 #define EC_F_EC_GROUP_SET_CURVE_GFP 109 #define EC_F_EC_GROUP_SET_EXTRA_DATA 110 #define EC_F_EC_GROUP_SET_GENERATOR 111 +#define EC_F_EC_KEY_CHECK_KEY 177 +#define EC_F_EC_KEY_COPY 178 +#define EC_F_EC_KEY_GENERATE_KEY 179 +#define EC_F_EC_KEY_NEW 182 +#define EC_F_EC_KEY_PRINT 180 +#define EC_F_EC_KEY_PRINT_FP 181 #define EC_F_EC_POINTS_MAKE_AFFINE 136 #define EC_F_EC_POINTS_MUL 138 #define EC_F_EC_POINT_ADD 112 #define EC_F_EC_POINT_CMP 113 #define EC_F_EC_POINT_COPY 114 #define EC_F_EC_POINT_DBL 115 +#define EC_F_EC_POINT_GET_AFFINE_COORDINATES_GF2M 183 #define EC_F_EC_POINT_GET_AFFINE_COORDINATES_GFP 116 #define EC_F_EC_POINT_GET_JPROJECTIVE_COORDINATES_GFP 117 +#define EC_F_EC_POINT_INVERT 210 #define EC_F_EC_POINT_IS_AT_INFINITY 118 #define EC_F_EC_POINT_IS_ON_CURVE 119 #define EC_F_EC_POINT_MAKE_AFFINE 120 +#define EC_F_EC_POINT_MUL 184 #define EC_F_EC_POINT_NEW 121 #define EC_F_EC_POINT_OCT2POINT 122 #define EC_F_EC_POINT_POINT2OCT 123 +#define EC_F_EC_POINT_SET_AFFINE_COORDINATES_GF2M 185 #define EC_F_EC_POINT_SET_AFFINE_COORDINATES_GFP 124 +#define EC_F_EC_POINT_SET_COMPRESSED_COORDINATES_GF2M 186 #define EC_F_EC_POINT_SET_COMPRESSED_COORDINATES_GFP 125 #define EC_F_EC_POINT_SET_JPROJECTIVE_COORDINATES_GFP 126 #define EC_F_EC_POINT_SET_TO_INFINITY 127 -#define EC_F_GFP_MONT_GROUP_SET_CURVE_GFP 135 +#define EC_F_EC_PRE_COMP_DUP 207 +#define EC_F_EC_PRE_COMP_NEW 196 +#define EC_F_EC_WNAF_MUL 187 +#define EC_F_EC_WNAF_PRECOMPUTE_MULT 188 +#define EC_F_I2D_ECPARAMETERS 190 +#define EC_F_I2D_ECPKPARAMETERS 191 +#define EC_F_I2D_ECPRIVATEKEY 192 +#define EC_F_I2O_ECPUBLICKEY 151 +#define EC_F_O2I_ECPUBLICKEY 152 /* Reason codes. */ +#define EC_R_ASN1_ERROR 115 +#define EC_R_ASN1_UNKNOWN_FIELD 116 #define EC_R_BUFFER_TOO_SMALL 100 +#define EC_R_D2I_ECPKPARAMETERS_FAILURE 117 +#define EC_R_DISCRIMINANT_IS_ZERO 118 +#define EC_R_EC_GROUP_NEW_BY_NAME_FAILURE 119 +#define EC_R_FIELD_TOO_LARGE 138 +#define EC_R_GROUP2PKPARAMETERS_FAILURE 120 +#define EC_R_I2D_ECPKPARAMETERS_FAILURE 121 #define EC_R_INCOMPATIBLE_OBJECTS 101 #define EC_R_INVALID_ARGUMENT 112 #define EC_R_INVALID_COMPRESSED_POINT 110 @@ -230,12 +497,28 @@ void ERR_load_EC_strings(void); #define EC_R_INVALID_ENCODING 102 #define EC_R_INVALID_FIELD 103 #define EC_R_INVALID_FORM 104 +#define EC_R_INVALID_GROUP_ORDER 122 +#define EC_R_INVALID_PENTANOMIAL_BASIS 132 +#define EC_R_INVALID_PRIVATE_KEY 123 +#define EC_R_INVALID_TRINOMIAL_BASIS 137 +#define EC_R_MISSING_PARAMETERS 124 +#define EC_R_MISSING_PRIVATE_KEY 125 +#define EC_R_NOT_A_NIST_PRIME 135 +#define EC_R_NOT_A_SUPPORTED_NIST_PRIME 136 +#define EC_R_NOT_IMPLEMENTED 126 #define EC_R_NOT_INITIALIZED 111 +#define EC_R_NO_FIELD_MOD 133 +#define EC_R_PASSED_NULL_PARAMETER 134 +#define EC_R_PKPARAMETERS2GROUP_FAILURE 127 #define EC_R_POINT_AT_INFINITY 106 #define EC_R_POINT_IS_NOT_ON_CURVE 107 #define EC_R_SLOT_FULL 108 #define EC_R_UNDEFINED_GENERATOR 113 +#define EC_R_UNDEFINED_ORDER 128 +#define EC_R_UNKNOWN_GROUP 129 #define EC_R_UNKNOWN_ORDER 114 +#define EC_R_UNSUPPORTED_FIELD 131 +#define EC_R_WRONG_ORDER 130 #ifdef __cplusplus } diff --git a/src/lib/libssl/src/crypto/ec/ec2_smpt.c b/src/lib/libssl/src/crypto/ec/ec2_smpt.c new file mode 100644 index 0000000000..59d52bf663 --- /dev/null +++ b/src/lib/libssl/src/crypto/ec/ec2_smpt.c @@ -0,0 +1,74 @@ +/* crypto/ec/ec2_smpt.c */ +/* This code was originally written by Douglas Stebila + * for the OpenSSL project. + */ +/* ==================================================================== + * Copyright (c) 1998-2002 The OpenSSL Project. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * 3. All advertising materials mentioning features or use of this + * software must display the following acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" + * + * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to + * endorse or promote products derived from this software without + * prior written permission. For written permission, please contact + * openssl-core@openssl.org. + * + * 5. Products derived from this software may not be called "OpenSSL" + * nor may "OpenSSL" appear in their names without prior written + * permission of the OpenSSL Project. + * + * 6. Redistributions of any form whatsoever must retain the following + * acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit (http://www.openssl.org/)" + * + * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY + * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR + * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * ==================================================================== + * + * This product includes cryptographic software written by Eric Young + * (eay@cryptsoft.com). This product includes software written by Tim + * Hudson (tjh@cryptsoft.com). + * + */ + + +/* Calaculates and sets the affine coordinates of an EC_POINT from the given + * compressed coordinates. Uses algorithm 2.3.4 of SEC 1. + * Note that the simple implementation only uses affine coordinates. + * + * This algorithm is patented by Certicom Corp. under US Patent 6,141,420 + * (for licensing information, contact licensing@certicom.com). + * This function is disabled by default and can be enabled by defining the + * preprocessor macro OPENSSL_EC_BIN_PT_COMP at Configure-time. + */ +int ec_GF2m_simple_set_compressed_coordinates(const EC_GROUP *group, EC_POINT *point, + const BIGNUM *x_, int y_bit, BN_CTX *ctx) + { + ECerr(EC_F_EC_GF2M_SIMPLE_SET_COMPRESSED_COORDINATES, ERR_R_DISABLED); + return 0; + } diff --git a/src/lib/libssl/src/crypto/ec/ec_cvt.c b/src/lib/libssl/src/crypto/ec/ec_cvt.c index 45b0ec33a0..d45640bab9 100644 --- a/src/lib/libssl/src/crypto/ec/ec_cvt.c +++ b/src/lib/libssl/src/crypto/ec/ec_cvt.c @@ -1,6 +1,9 @@ /* crypto/ec/ec_cvt.c */ +/* + * Originally written by Bodo Moeller for the OpenSSL project. + */ /* ==================================================================== - * Copyright (c) 1998-2001 The OpenSSL Project. All rights reserved. + * Copyright (c) 1998-2002 The OpenSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -52,7 +55,21 @@ * Hudson (tjh@cryptsoft.com). * */ +/* ==================================================================== + * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. + * + * Portions of the attached software ("Contribution") are developed by + * SUN MICROSYSTEMS, INC., and are contributed to the OpenSSL project. + * + * The Contribution is licensed pursuant to the OpenSSL open source + * license provided above. + * + * The elliptic curve binary polynomial software is originally written by + * Sheueling Chang Shantz and Douglas Stebila of Sun Microsystems Laboratories. + * + */ +#include #include "ec_lcl.h" @@ -60,17 +77,64 @@ EC_GROUP *EC_GROUP_new_curve_GFp(const BIGNUM *p, const BIGNUM *a, const BIGNUM { const EC_METHOD *meth; EC_GROUP *ret; - - /* Finally, this will use EC_GFp_nist_method if 'p' is a special - * prime with optimized modular arithmetics (for NIST curves) - */ - meth = EC_GFp_mont_method(); + + meth = EC_GFp_nist_method(); ret = EC_GROUP_new(meth); if (ret == NULL) return NULL; if (!EC_GROUP_set_curve_GFp(ret, p, a, b, ctx)) + { + unsigned long err; + + err = ERR_peek_last_error(); + + if (!(ERR_GET_LIB(err) == ERR_LIB_EC && + ((ERR_GET_REASON(err) == EC_R_NOT_A_NIST_PRIME) || + (ERR_GET_REASON(err) == EC_R_NOT_A_SUPPORTED_NIST_PRIME)))) + { + /* real error */ + + EC_GROUP_clear_free(ret); + return NULL; + } + + + /* not an actual error, we just cannot use EC_GFp_nist_method */ + + ERR_clear_error(); + + EC_GROUP_clear_free(ret); + meth = EC_GFp_mont_method(); + + ret = EC_GROUP_new(meth); + if (ret == NULL) + return NULL; + + if (!EC_GROUP_set_curve_GFp(ret, p, a, b, ctx)) + { + EC_GROUP_clear_free(ret); + return NULL; + } + } + + return ret; + } + + +EC_GROUP *EC_GROUP_new_curve_GF2m(const BIGNUM *p, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx) + { + const EC_METHOD *meth; + EC_GROUP *ret; + + meth = EC_GF2m_simple_method(); + + ret = EC_GROUP_new(meth); + if (ret == NULL) + return NULL; + + if (!EC_GROUP_set_curve_GF2m(ret, p, a, b, ctx)) { EC_GROUP_clear_free(ret); return NULL; diff --git a/src/lib/libssl/src/crypto/ec/ec_err.c b/src/lib/libssl/src/crypto/ec/ec_err.c index 5b70f94382..d04c895560 100644 --- a/src/lib/libssl/src/crypto/ec/ec_err.c +++ b/src/lib/libssl/src/crypto/ec/ec_err.c @@ -1,6 +1,6 @@ /* crypto/ec/ec_err.c */ /* ==================================================================== - * Copyright (c) 1999-2005 The OpenSSL Project. All rights reserved. + * Copyright (c) 1999-2007 The OpenSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -71,54 +71,127 @@ static ERR_STRING_DATA EC_str_functs[]= { {ERR_FUNC(EC_F_COMPUTE_WNAF), "COMPUTE_WNAF"}, +{ERR_FUNC(EC_F_D2I_ECPARAMETERS), "d2i_ECParameters"}, +{ERR_FUNC(EC_F_D2I_ECPKPARAMETERS), "d2i_ECPKParameters"}, +{ERR_FUNC(EC_F_D2I_ECPRIVATEKEY), "d2i_ECPrivateKey"}, +{ERR_FUNC(EC_F_ECPARAMETERS_PRINT), "ECParameters_print"}, +{ERR_FUNC(EC_F_ECPARAMETERS_PRINT_FP), "ECParameters_print_fp"}, +{ERR_FUNC(EC_F_ECPKPARAMETERS_PRINT), "ECPKParameters_print"}, +{ERR_FUNC(EC_F_ECPKPARAMETERS_PRINT_FP), "ECPKParameters_print_fp"}, +{ERR_FUNC(EC_F_ECP_NIST_MOD_192), "ECP_NIST_MOD_192"}, +{ERR_FUNC(EC_F_ECP_NIST_MOD_224), "ECP_NIST_MOD_224"}, +{ERR_FUNC(EC_F_ECP_NIST_MOD_256), "ECP_NIST_MOD_256"}, +{ERR_FUNC(EC_F_ECP_NIST_MOD_521), "ECP_NIST_MOD_521"}, +{ERR_FUNC(EC_F_EC_ASN1_GROUP2CURVE), "EC_ASN1_GROUP2CURVE"}, +{ERR_FUNC(EC_F_EC_ASN1_GROUP2FIELDID), "EC_ASN1_GROUP2FIELDID"}, +{ERR_FUNC(EC_F_EC_ASN1_GROUP2PARAMETERS), "EC_ASN1_GROUP2PARAMETERS"}, +{ERR_FUNC(EC_F_EC_ASN1_GROUP2PKPARAMETERS), "EC_ASN1_GROUP2PKPARAMETERS"}, +{ERR_FUNC(EC_F_EC_ASN1_PARAMETERS2GROUP), "EC_ASN1_PARAMETERS2GROUP"}, +{ERR_FUNC(EC_F_EC_ASN1_PKPARAMETERS2GROUP), "EC_ASN1_PKPARAMETERS2GROUP"}, +{ERR_FUNC(EC_F_EC_EX_DATA_SET_DATA), "EC_EX_DATA_set_data"}, +{ERR_FUNC(EC_F_EC_GF2M_MONTGOMERY_POINT_MULTIPLY), "EC_GF2M_MONTGOMERY_POINT_MULTIPLY"}, +{ERR_FUNC(EC_F_EC_GF2M_SIMPLE_GROUP_CHECK_DISCRIMINANT), "ec_GF2m_simple_group_check_discriminant"}, +{ERR_FUNC(EC_F_EC_GF2M_SIMPLE_GROUP_SET_CURVE), "ec_GF2m_simple_group_set_curve"}, +{ERR_FUNC(EC_F_EC_GF2M_SIMPLE_OCT2POINT), "ec_GF2m_simple_oct2point"}, +{ERR_FUNC(EC_F_EC_GF2M_SIMPLE_POINT2OCT), "ec_GF2m_simple_point2oct"}, +{ERR_FUNC(EC_F_EC_GF2M_SIMPLE_POINT_GET_AFFINE_COORDINATES), "ec_GF2m_simple_point_get_affine_coordinates"}, +{ERR_FUNC(EC_F_EC_GF2M_SIMPLE_POINT_SET_AFFINE_COORDINATES), "ec_GF2m_simple_point_set_affine_coordinates"}, +{ERR_FUNC(EC_F_EC_GF2M_SIMPLE_SET_COMPRESSED_COORDINATES), "ec_GF2m_simple_set_compressed_coordinates"}, {ERR_FUNC(EC_F_EC_GFP_MONT_FIELD_DECODE), "ec_GFp_mont_field_decode"}, {ERR_FUNC(EC_F_EC_GFP_MONT_FIELD_ENCODE), "ec_GFp_mont_field_encode"}, {ERR_FUNC(EC_F_EC_GFP_MONT_FIELD_MUL), "ec_GFp_mont_field_mul"}, +{ERR_FUNC(EC_F_EC_GFP_MONT_FIELD_SET_TO_ONE), "ec_GFp_mont_field_set_to_one"}, {ERR_FUNC(EC_F_EC_GFP_MONT_FIELD_SQR), "ec_GFp_mont_field_sqr"}, -{ERR_FUNC(EC_F_EC_GFP_SIMPLE_GROUP_SET_CURVE_GFP), "ec_GFp_simple_group_set_curve_GFp"}, -{ERR_FUNC(EC_F_EC_GFP_SIMPLE_GROUP_SET_GENERATOR), "ec_GFp_simple_group_set_generator"}, +{ERR_FUNC(EC_F_EC_GFP_MONT_GROUP_SET_CURVE), "ec_GFp_mont_group_set_curve"}, +{ERR_FUNC(EC_F_EC_GFP_MONT_GROUP_SET_CURVE_GFP), "EC_GFP_MONT_GROUP_SET_CURVE_GFP"}, +{ERR_FUNC(EC_F_EC_GFP_NIST_FIELD_MUL), "ec_GFp_nist_field_mul"}, +{ERR_FUNC(EC_F_EC_GFP_NIST_FIELD_SQR), "ec_GFp_nist_field_sqr"}, +{ERR_FUNC(EC_F_EC_GFP_NIST_GROUP_SET_CURVE), "ec_GFp_nist_group_set_curve"}, +{ERR_FUNC(EC_F_EC_GFP_SIMPLE_GROUP_CHECK_DISCRIMINANT), "ec_GFp_simple_group_check_discriminant"}, +{ERR_FUNC(EC_F_EC_GFP_SIMPLE_GROUP_SET_CURVE), "ec_GFp_simple_group_set_curve"}, +{ERR_FUNC(EC_F_EC_GFP_SIMPLE_GROUP_SET_CURVE_GFP), "EC_GFP_SIMPLE_GROUP_SET_CURVE_GFP"}, +{ERR_FUNC(EC_F_EC_GFP_SIMPLE_GROUP_SET_GENERATOR), "EC_GFP_SIMPLE_GROUP_SET_GENERATOR"}, {ERR_FUNC(EC_F_EC_GFP_SIMPLE_MAKE_AFFINE), "ec_GFp_simple_make_affine"}, {ERR_FUNC(EC_F_EC_GFP_SIMPLE_OCT2POINT), "ec_GFp_simple_oct2point"}, {ERR_FUNC(EC_F_EC_GFP_SIMPLE_POINT2OCT), "ec_GFp_simple_point2oct"}, {ERR_FUNC(EC_F_EC_GFP_SIMPLE_POINTS_MAKE_AFFINE), "ec_GFp_simple_points_make_affine"}, -{ERR_FUNC(EC_F_EC_GFP_SIMPLE_POINT_GET_AFFINE_COORDINATES_GFP), "ec_GFp_simple_point_get_affine_coordinates_GFp"}, -{ERR_FUNC(EC_F_EC_GFP_SIMPLE_POINT_SET_AFFINE_COORDINATES_GFP), "ec_GFp_simple_point_set_affine_coordinates_GFp"}, -{ERR_FUNC(EC_F_EC_GFP_SIMPLE_SET_COMPRESSED_COORDINATES_GFP), "ec_GFp_simple_set_compressed_coordinates_GFp"}, +{ERR_FUNC(EC_F_EC_GFP_SIMPLE_POINT_GET_AFFINE_COORDINATES), "ec_GFp_simple_point_get_affine_coordinates"}, +{ERR_FUNC(EC_F_EC_GFP_SIMPLE_POINT_GET_AFFINE_COORDINATES_GFP), "EC_GFP_SIMPLE_POINT_GET_AFFINE_COORDINATES_GFP"}, +{ERR_FUNC(EC_F_EC_GFP_SIMPLE_POINT_SET_AFFINE_COORDINATES), "ec_GFp_simple_point_set_affine_coordinates"}, +{ERR_FUNC(EC_F_EC_GFP_SIMPLE_POINT_SET_AFFINE_COORDINATES_GFP), "EC_GFP_SIMPLE_POINT_SET_AFFINE_COORDINATES_GFP"}, +{ERR_FUNC(EC_F_EC_GFP_SIMPLE_SET_COMPRESSED_COORDINATES), "ec_GFp_simple_set_compressed_coordinates"}, +{ERR_FUNC(EC_F_EC_GFP_SIMPLE_SET_COMPRESSED_COORDINATES_GFP), "EC_GFP_SIMPLE_SET_COMPRESSED_COORDINATES_GFP"}, +{ERR_FUNC(EC_F_EC_GROUP_CHECK), "EC_GROUP_check"}, +{ERR_FUNC(EC_F_EC_GROUP_CHECK_DISCRIMINANT), "EC_GROUP_check_discriminant"}, {ERR_FUNC(EC_F_EC_GROUP_COPY), "EC_GROUP_copy"}, {ERR_FUNC(EC_F_EC_GROUP_GET0_GENERATOR), "EC_GROUP_get0_generator"}, {ERR_FUNC(EC_F_EC_GROUP_GET_COFACTOR), "EC_GROUP_get_cofactor"}, +{ERR_FUNC(EC_F_EC_GROUP_GET_CURVE_GF2M), "EC_GROUP_get_curve_GF2m"}, {ERR_FUNC(EC_F_EC_GROUP_GET_CURVE_GFP), "EC_GROUP_get_curve_GFp"}, +{ERR_FUNC(EC_F_EC_GROUP_GET_DEGREE), "EC_GROUP_get_degree"}, {ERR_FUNC(EC_F_EC_GROUP_GET_ORDER), "EC_GROUP_get_order"}, +{ERR_FUNC(EC_F_EC_GROUP_GET_PENTANOMIAL_BASIS), "EC_GROUP_get_pentanomial_basis"}, +{ERR_FUNC(EC_F_EC_GROUP_GET_TRINOMIAL_BASIS), "EC_GROUP_get_trinomial_basis"}, {ERR_FUNC(EC_F_EC_GROUP_NEW), "EC_GROUP_new"}, +{ERR_FUNC(EC_F_EC_GROUP_NEW_BY_CURVE_NAME), "EC_GROUP_new_by_curve_name"}, +{ERR_FUNC(EC_F_EC_GROUP_NEW_FROM_DATA), "EC_GROUP_NEW_FROM_DATA"}, {ERR_FUNC(EC_F_EC_GROUP_PRECOMPUTE_MULT), "EC_GROUP_precompute_mult"}, +{ERR_FUNC(EC_F_EC_GROUP_SET_CURVE_GF2M), "EC_GROUP_set_curve_GF2m"}, {ERR_FUNC(EC_F_EC_GROUP_SET_CURVE_GFP), "EC_GROUP_set_curve_GFp"}, -{ERR_FUNC(EC_F_EC_GROUP_SET_EXTRA_DATA), "EC_GROUP_set_extra_data"}, +{ERR_FUNC(EC_F_EC_GROUP_SET_EXTRA_DATA), "EC_GROUP_SET_EXTRA_DATA"}, {ERR_FUNC(EC_F_EC_GROUP_SET_GENERATOR), "EC_GROUP_set_generator"}, +{ERR_FUNC(EC_F_EC_KEY_CHECK_KEY), "EC_KEY_check_key"}, +{ERR_FUNC(EC_F_EC_KEY_COPY), "EC_KEY_copy"}, +{ERR_FUNC(EC_F_EC_KEY_GENERATE_KEY), "EC_KEY_generate_key"}, +{ERR_FUNC(EC_F_EC_KEY_NEW), "EC_KEY_new"}, +{ERR_FUNC(EC_F_EC_KEY_PRINT), "EC_KEY_print"}, +{ERR_FUNC(EC_F_EC_KEY_PRINT_FP), "EC_KEY_print_fp"}, {ERR_FUNC(EC_F_EC_POINTS_MAKE_AFFINE), "EC_POINTs_make_affine"}, {ERR_FUNC(EC_F_EC_POINTS_MUL), "EC_POINTs_mul"}, {ERR_FUNC(EC_F_EC_POINT_ADD), "EC_POINT_add"}, {ERR_FUNC(EC_F_EC_POINT_CMP), "EC_POINT_cmp"}, {ERR_FUNC(EC_F_EC_POINT_COPY), "EC_POINT_copy"}, {ERR_FUNC(EC_F_EC_POINT_DBL), "EC_POINT_dbl"}, +{ERR_FUNC(EC_F_EC_POINT_GET_AFFINE_COORDINATES_GF2M), "EC_POINT_get_affine_coordinates_GF2m"}, {ERR_FUNC(EC_F_EC_POINT_GET_AFFINE_COORDINATES_GFP), "EC_POINT_get_affine_coordinates_GFp"}, {ERR_FUNC(EC_F_EC_POINT_GET_JPROJECTIVE_COORDINATES_GFP), "EC_POINT_get_Jprojective_coordinates_GFp"}, +{ERR_FUNC(EC_F_EC_POINT_INVERT), "EC_POINT_invert"}, {ERR_FUNC(EC_F_EC_POINT_IS_AT_INFINITY), "EC_POINT_is_at_infinity"}, {ERR_FUNC(EC_F_EC_POINT_IS_ON_CURVE), "EC_POINT_is_on_curve"}, {ERR_FUNC(EC_F_EC_POINT_MAKE_AFFINE), "EC_POINT_make_affine"}, +{ERR_FUNC(EC_F_EC_POINT_MUL), "EC_POINT_mul"}, {ERR_FUNC(EC_F_EC_POINT_NEW), "EC_POINT_new"}, {ERR_FUNC(EC_F_EC_POINT_OCT2POINT), "EC_POINT_oct2point"}, {ERR_FUNC(EC_F_EC_POINT_POINT2OCT), "EC_POINT_point2oct"}, +{ERR_FUNC(EC_F_EC_POINT_SET_AFFINE_COORDINATES_GF2M), "EC_POINT_set_affine_coordinates_GF2m"}, {ERR_FUNC(EC_F_EC_POINT_SET_AFFINE_COORDINATES_GFP), "EC_POINT_set_affine_coordinates_GFp"}, +{ERR_FUNC(EC_F_EC_POINT_SET_COMPRESSED_COORDINATES_GF2M), "EC_POINT_set_compressed_coordinates_GF2m"}, {ERR_FUNC(EC_F_EC_POINT_SET_COMPRESSED_COORDINATES_GFP), "EC_POINT_set_compressed_coordinates_GFp"}, {ERR_FUNC(EC_F_EC_POINT_SET_JPROJECTIVE_COORDINATES_GFP), "EC_POINT_set_Jprojective_coordinates_GFp"}, {ERR_FUNC(EC_F_EC_POINT_SET_TO_INFINITY), "EC_POINT_set_to_infinity"}, -{ERR_FUNC(EC_F_GFP_MONT_GROUP_SET_CURVE_GFP), "GFP_MONT_GROUP_SET_CURVE_GFP"}, +{ERR_FUNC(EC_F_EC_PRE_COMP_DUP), "EC_PRE_COMP_DUP"}, +{ERR_FUNC(EC_F_EC_PRE_COMP_NEW), "EC_PRE_COMP_NEW"}, +{ERR_FUNC(EC_F_EC_WNAF_MUL), "ec_wNAF_mul"}, +{ERR_FUNC(EC_F_EC_WNAF_PRECOMPUTE_MULT), "ec_wNAF_precompute_mult"}, +{ERR_FUNC(EC_F_I2D_ECPARAMETERS), "i2d_ECParameters"}, +{ERR_FUNC(EC_F_I2D_ECPKPARAMETERS), "i2d_ECPKParameters"}, +{ERR_FUNC(EC_F_I2D_ECPRIVATEKEY), "i2d_ECPrivateKey"}, +{ERR_FUNC(EC_F_I2O_ECPUBLICKEY), "i2o_ECPublicKey"}, +{ERR_FUNC(EC_F_O2I_ECPUBLICKEY), "o2i_ECPublicKey"}, {0,NULL} }; static ERR_STRING_DATA EC_str_reasons[]= { +{ERR_REASON(EC_R_ASN1_ERROR) ,"asn1 error"}, +{ERR_REASON(EC_R_ASN1_UNKNOWN_FIELD) ,"asn1 unknown field"}, {ERR_REASON(EC_R_BUFFER_TOO_SMALL) ,"buffer too small"}, +{ERR_REASON(EC_R_D2I_ECPKPARAMETERS_FAILURE),"d2i ecpkparameters failure"}, +{ERR_REASON(EC_R_DISCRIMINANT_IS_ZERO) ,"discriminant is zero"}, +{ERR_REASON(EC_R_EC_GROUP_NEW_BY_NAME_FAILURE),"ec group new by name failure"}, +{ERR_REASON(EC_R_FIELD_TOO_LARGE) ,"field too large"}, +{ERR_REASON(EC_R_GROUP2PKPARAMETERS_FAILURE),"group2pkparameters failure"}, +{ERR_REASON(EC_R_I2D_ECPKPARAMETERS_FAILURE),"i2d ecpkparameters failure"}, {ERR_REASON(EC_R_INCOMPATIBLE_OBJECTS) ,"incompatible objects"}, {ERR_REASON(EC_R_INVALID_ARGUMENT) ,"invalid argument"}, {ERR_REASON(EC_R_INVALID_COMPRESSED_POINT),"invalid compressed point"}, @@ -126,12 +199,28 @@ static ERR_STRING_DATA EC_str_reasons[]= {ERR_REASON(EC_R_INVALID_ENCODING) ,"invalid encoding"}, {ERR_REASON(EC_R_INVALID_FIELD) ,"invalid field"}, {ERR_REASON(EC_R_INVALID_FORM) ,"invalid form"}, +{ERR_REASON(EC_R_INVALID_GROUP_ORDER) ,"invalid group order"}, +{ERR_REASON(EC_R_INVALID_PENTANOMIAL_BASIS),"invalid pentanomial basis"}, +{ERR_REASON(EC_R_INVALID_PRIVATE_KEY) ,"invalid private key"}, +{ERR_REASON(EC_R_INVALID_TRINOMIAL_BASIS),"invalid trinomial basis"}, +{ERR_REASON(EC_R_MISSING_PARAMETERS) ,"missing parameters"}, +{ERR_REASON(EC_R_MISSING_PRIVATE_KEY) ,"missing private key"}, +{ERR_REASON(EC_R_NOT_A_NIST_PRIME) ,"not a NIST prime"}, +{ERR_REASON(EC_R_NOT_A_SUPPORTED_NIST_PRIME),"not a supported NIST prime"}, +{ERR_REASON(EC_R_NOT_IMPLEMENTED) ,"not implemented"}, {ERR_REASON(EC_R_NOT_INITIALIZED) ,"not initialized"}, +{ERR_REASON(EC_R_NO_FIELD_MOD) ,"no field mod"}, +{ERR_REASON(EC_R_PASSED_NULL_PARAMETER) ,"passed null parameter"}, +{ERR_REASON(EC_R_PKPARAMETERS2GROUP_FAILURE),"pkparameters2group failure"}, {ERR_REASON(EC_R_POINT_AT_INFINITY) ,"point at infinity"}, {ERR_REASON(EC_R_POINT_IS_NOT_ON_CURVE) ,"point is not on curve"}, {ERR_REASON(EC_R_SLOT_FULL) ,"slot full"}, {ERR_REASON(EC_R_UNDEFINED_GENERATOR) ,"undefined generator"}, +{ERR_REASON(EC_R_UNDEFINED_ORDER) ,"undefined order"}, +{ERR_REASON(EC_R_UNKNOWN_GROUP) ,"unknown group"}, {ERR_REASON(EC_R_UNKNOWN_ORDER) ,"unknown order"}, +{ERR_REASON(EC_R_UNSUPPORTED_FIELD) ,"unsupported field"}, +{ERR_REASON(EC_R_WRONG_ORDER) ,"wrong order"}, {0,NULL} }; @@ -139,15 +228,12 @@ static ERR_STRING_DATA EC_str_reasons[]= void ERR_load_EC_strings(void) { - static int init=1; +#ifndef OPENSSL_NO_ERR - if (init) + if (ERR_func_error_string(EC_str_functs[0].error) == NULL) { - init=0; -#ifndef OPENSSL_NO_ERR ERR_load_strings(0,EC_str_functs); ERR_load_strings(0,EC_str_reasons); -#endif - } +#endif } diff --git a/src/lib/libssl/src/crypto/ec/ec_lcl.h b/src/lib/libssl/src/crypto/ec/ec_lcl.h index cc4cf27755..fdd7aa2755 100644 --- a/src/lib/libssl/src/crypto/ec/ec_lcl.h +++ b/src/lib/libssl/src/crypto/ec/ec_lcl.h @@ -1,6 +1,9 @@ /* crypto/ec/ec_lcl.h */ +/* + * Originally written by Bodo Moeller for the OpenSSL project. + */ /* ==================================================================== - * Copyright (c) 1998-2001 The OpenSSL Project. All rights reserved. + * Copyright (c) 1998-2003 The OpenSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -52,35 +55,56 @@ * Hudson (tjh@cryptsoft.com). * */ +/* ==================================================================== + * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. + * + * Portions of the attached software ("Contribution") are developed by + * SUN MICROSYSTEMS, INC., and are contributed to the OpenSSL project. + * + * The Contribution is licensed pursuant to the OpenSSL open source + * license provided above. + * + * The elliptic curve binary polynomial software is originally written by + * Sheueling Chang Shantz and Douglas Stebila of Sun Microsystems Laboratories. + * + */ #include +#include #include +#include +#if defined(__SUNPRO_C) +# if __SUNPRO_C >= 0x520 +# pragma error_messages (off,E_ARRAY_OF_INCOMPLETE_NONAME,E_ARRAY_OF_INCOMPLETE) +# endif +#endif /* Structure details are not part of the exported interface, * so all this may change in future versions. */ struct ec_method_st { + /* used by EC_METHOD_get_field_type: */ + int field_type; /* a NID */ + /* used by EC_GROUP_new, EC_GROUP_free, EC_GROUP_clear_free, EC_GROUP_copy: */ int (*group_init)(EC_GROUP *); void (*group_finish)(EC_GROUP *); void (*group_clear_finish)(EC_GROUP *); int (*group_copy)(EC_GROUP *, const EC_GROUP *); - /* used by EC_GROUP_set_curve_GFp and EC_GROUP_get_curve_GFp: */ - int (*group_set_curve_GFp)(EC_GROUP *, const BIGNUM *p, const BIGNUM *a, const BIGNUM *b, BN_CTX *); - int (*group_get_curve_GFp)(const EC_GROUP *, BIGNUM *p, BIGNUM *a, BIGNUM *b, BN_CTX *); + /* used by EC_GROUP_set_curve_GFp, EC_GROUP_get_curve_GFp, */ + /* EC_GROUP_set_curve_GF2m, and EC_GROUP_get_curve_GF2m: */ + int (*group_set_curve)(EC_GROUP *, const BIGNUM *p, const BIGNUM *a, const BIGNUM *b, BN_CTX *); + int (*group_get_curve)(const EC_GROUP *, BIGNUM *p, BIGNUM *a, BIGNUM *b, BN_CTX *); - /* used by EC_GROUP_set_generator, EC_GROUP_get0_generator, - * EC_GROUP_get_order, EC_GROUP_get_cofactor: - */ - int (*group_set_generator)(EC_GROUP *, const EC_POINT *generator, - const BIGNUM *order, const BIGNUM *cofactor); - EC_POINT *(*group_get0_generator)(const EC_GROUP *); - int (*group_get_order)(const EC_GROUP *, BIGNUM *order, BN_CTX *); - int (*group_get_cofactor)(const EC_GROUP *, BIGNUM *cofactor, BN_CTX *); + /* used by EC_GROUP_get_degree: */ + int (*group_get_degree)(const EC_GROUP *); + + /* used by EC_GROUP_check: */ + int (*group_check_discriminant)(const EC_GROUP *, BN_CTX *); /* used by EC_POINT_new, EC_POINT_free, EC_POINT_clear_free, EC_POINT_copy: */ int (*point_init)(EC_POINT *); @@ -89,20 +113,22 @@ struct ec_method_st { int (*point_copy)(EC_POINT *, const EC_POINT *); /* used by EC_POINT_set_to_infinity, - * EC_POINT_set_Jprojective_coordinates_GFp, EC_POINT_get_Jprojective_coordinates_GFp, - * EC_POINT_set_affine_coordinates_GFp, EC_POINT_get_affine_coordinates_GFp, - * EC_POINT_set_compressed_coordinates_GFp: + * EC_POINT_set_Jprojective_coordinates_GFp, + * EC_POINT_get_Jprojective_coordinates_GFp, + * EC_POINT_set_affine_coordinates_GFp, ..._GF2m, + * EC_POINT_get_affine_coordinates_GFp, ..._GF2m, + * EC_POINT_set_compressed_coordinates_GFp, ..._GF2m: */ int (*point_set_to_infinity)(const EC_GROUP *, EC_POINT *); int (*point_set_Jprojective_coordinates_GFp)(const EC_GROUP *, EC_POINT *, const BIGNUM *x, const BIGNUM *y, const BIGNUM *z, BN_CTX *); int (*point_get_Jprojective_coordinates_GFp)(const EC_GROUP *, const EC_POINT *, BIGNUM *x, BIGNUM *y, BIGNUM *z, BN_CTX *); - int (*point_set_affine_coordinates_GFp)(const EC_GROUP *, EC_POINT *, + int (*point_set_affine_coordinates)(const EC_GROUP *, EC_POINT *, const BIGNUM *x, const BIGNUM *y, BN_CTX *); - int (*point_get_affine_coordinates_GFp)(const EC_GROUP *, const EC_POINT *, + int (*point_get_affine_coordinates)(const EC_GROUP *, const EC_POINT *, BIGNUM *x, BIGNUM *y, BN_CTX *); - int (*point_set_compressed_coordinates_GFp)(const EC_GROUP *, EC_POINT *, + int (*point_set_compressed_coordinates)(const EC_GROUP *, EC_POINT *, const BIGNUM *x, int y_bit, BN_CTX *); /* used by EC_POINT_point2oct, EC_POINT_oct2point: */ @@ -125,34 +151,65 @@ struct ec_method_st { int (*make_affine)(const EC_GROUP *, EC_POINT *, BN_CTX *); int (*points_make_affine)(const EC_GROUP *, size_t num, EC_POINT *[], BN_CTX *); + /* used by EC_POINTs_mul, EC_POINT_mul, EC_POINT_precompute_mult, EC_POINT_have_precompute_mult + * (default implementations are used if the 'mul' pointer is 0): */ + int (*mul)(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar, + size_t num, const EC_POINT *points[], const BIGNUM *scalars[], BN_CTX *); + int (*precompute_mult)(EC_GROUP *group, BN_CTX *); + int (*have_precompute_mult)(const EC_GROUP *group); + /* internal functions */ - /* 'field_mul' and 'field_sqr' can be used by 'add' and 'dbl' so that + /* 'field_mul', 'field_sqr', and 'field_div' can be used by 'add' and 'dbl' so that * the same implementations of point operations can be used with different * optimized implementations of expensive field operations: */ int (*field_mul)(const EC_GROUP *, BIGNUM *r, const BIGNUM *a, const BIGNUM *b, BN_CTX *); int (*field_sqr)(const EC_GROUP *, BIGNUM *r, const BIGNUM *a, BN_CTX *); + int (*field_div)(const EC_GROUP *, BIGNUM *r, const BIGNUM *a, const BIGNUM *b, BN_CTX *); int (*field_encode)(const EC_GROUP *, BIGNUM *r, const BIGNUM *a, BN_CTX *); /* e.g. to Montgomery */ int (*field_decode)(const EC_GROUP *, BIGNUM *r, const BIGNUM *a, BN_CTX *); /* e.g. from Montgomery */ int (*field_set_to_one)(const EC_GROUP *, BIGNUM *r, BN_CTX *); } /* EC_METHOD */; +typedef struct ec_extra_data_st { + struct ec_extra_data_st *next; + void *data; + void *(*dup_func)(void *); + void (*free_func)(void *); + void (*clear_free_func)(void *); +} EC_EXTRA_DATA; /* used in EC_GROUP */ struct ec_group_st { const EC_METHOD *meth; - void *extra_data; - void *(*extra_data_dup_func)(void *); - void (*extra_data_free_func)(void *); - void (*extra_data_clear_free_func)(void *); + EC_POINT *generator; /* optional */ + BIGNUM order, cofactor; + + int curve_name;/* optional NID for named curve */ + int asn1_flag; /* flag to control the asn1 encoding */ + point_conversion_form_t asn1_form; + + unsigned char *seed; /* optional seed for parameters (appears in ASN1) */ + size_t seed_len; - /* All members except 'meth' and 'extra_data...' are handled by - * the method functions, even if they appear generic */ + EC_EXTRA_DATA *extra_data; /* linked list */ + + /* The following members are handled by the method functions, + * even if they appear generic */ BIGNUM field; /* Field specification. - * For curves over GF(p), this is the modulus. */ + * For curves over GF(p), this is the modulus; + * for curves over GF(2^m), this is the + * irreducible polynomial defining the field. + */ + + unsigned int poly[5]; /* Field specification for curves over GF(2^m). + * The irreducible f(t) is then of the form: + * t^poly[0] + t^poly[1] + ... + t^poly[k] + * where m = poly[0] > poly[1] > ... > poly[k] = 0. + */ BIGNUM a, b; /* Curve coefficients. * (Here the assumption is that BIGNUMs can be used @@ -160,29 +217,49 @@ struct ec_group_st { * For characteristic > 3, the curve is defined * by a Weierstrass equation of the form * y^2 = x^3 + a*x + b. + * For characteristic 2, the curve is defined by + * an equation of the form + * y^2 + x*y = x^3 + a*x^2 + b. */ - int a_is_minus3; /* enable optimized point arithmetics for special case */ - EC_POINT *generator; /* optional */ - BIGNUM order, cofactor; + int a_is_minus3; /* enable optimized point arithmetics for special case */ void *field_data1; /* method-specific (e.g., Montgomery structure) */ void *field_data2; /* method-specific */ + int (*field_mod_func)(BIGNUM *, const BIGNUM *, const BIGNUM *, BN_CTX *); /* method-specific */ } /* EC_GROUP */; +struct ec_key_st { + int version; + + EC_GROUP *group; + + EC_POINT *pub_key; + BIGNUM *priv_key; + + unsigned int enc_flag; + point_conversion_form_t conv_form; -/* Basically a 'mixin' for extra data, but available for EC_GROUPs only + int references; + + EC_EXTRA_DATA *method_data; +} /* EC_KEY */; + +/* Basically a 'mixin' for extra data, but available for EC_GROUPs/EC_KEYs only * (with visibility limited to 'package' level for now). * We use the function pointers as index for retrieval; this obviates * global ex_data-style index tables. - * (Currently, we have one slot only, but is is possible to extend this - * if necessary.) */ -int EC_GROUP_set_extra_data(EC_GROUP *, void *extra_data, void *(*extra_data_dup_func)(void *), - void (*extra_data_free_func)(void *), void (*extra_data_clear_free_func)(void *)); -void *EC_GROUP_get_extra_data(const EC_GROUP *, void *(*extra_data_dup_func)(void *), - void (*extra_data_free_func)(void *), void (*extra_data_clear_free_func)(void *)); -void EC_GROUP_free_extra_data(EC_GROUP *); -void EC_GROUP_clear_free_extra_data(EC_GROUP *); + */ +int EC_EX_DATA_set_data(EC_EXTRA_DATA **, void *data, + void *(*dup_func)(void *), void (*free_func)(void *), void (*clear_free_func)(void *)); +void *EC_EX_DATA_get_data(const EC_EXTRA_DATA *, + void *(*dup_func)(void *), void (*free_func)(void *), void (*clear_free_func)(void *)); +void EC_EX_DATA_free_data(EC_EXTRA_DATA **, + void *(*dup_func)(void *), void (*free_func)(void *), void (*clear_free_func)(void *)); +void EC_EX_DATA_clear_free_data(EC_EXTRA_DATA **, + void *(*dup_func)(void *), void (*free_func)(void *), void (*clear_free_func)(void *)); +void EC_EX_DATA_free_all_data(EC_EXTRA_DATA **); +void EC_EX_DATA_clear_free_all_data(EC_EXTRA_DATA **); @@ -201,18 +278,23 @@ struct ec_point_st { +/* method functions in ec_mult.c + * (ec_lib.c uses these as defaults if group->method->mul is 0) */ +int ec_wNAF_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar, + size_t num, const EC_POINT *points[], const BIGNUM *scalars[], BN_CTX *); +int ec_wNAF_precompute_mult(EC_GROUP *group, BN_CTX *); +int ec_wNAF_have_precompute_mult(const EC_GROUP *group); + + /* method functions in ecp_smpl.c */ int ec_GFp_simple_group_init(EC_GROUP *); void ec_GFp_simple_group_finish(EC_GROUP *); void ec_GFp_simple_group_clear_finish(EC_GROUP *); int ec_GFp_simple_group_copy(EC_GROUP *, const EC_GROUP *); -int ec_GFp_simple_group_set_curve_GFp(EC_GROUP *, const BIGNUM *p, const BIGNUM *a, const BIGNUM *b, BN_CTX *); -int ec_GFp_simple_group_get_curve_GFp(const EC_GROUP *, BIGNUM *p, BIGNUM *a, BIGNUM *b, BN_CTX *); -int ec_GFp_simple_group_set_generator(EC_GROUP *, const EC_POINT *generator, - const BIGNUM *order, const BIGNUM *cofactor); -EC_POINT *ec_GFp_simple_group_get0_generator(const EC_GROUP *); -int ec_GFp_simple_group_get_order(const EC_GROUP *, BIGNUM *order, BN_CTX *); -int ec_GFp_simple_group_get_cofactor(const EC_GROUP *, BIGNUM *cofactor, BN_CTX *); +int ec_GFp_simple_group_set_curve(EC_GROUP *, const BIGNUM *p, const BIGNUM *a, const BIGNUM *b, BN_CTX *); +int ec_GFp_simple_group_get_curve(const EC_GROUP *, BIGNUM *p, BIGNUM *a, BIGNUM *b, BN_CTX *); +int ec_GFp_simple_group_get_degree(const EC_GROUP *); +int ec_GFp_simple_group_check_discriminant(const EC_GROUP *, BN_CTX *); int ec_GFp_simple_point_init(EC_POINT *); void ec_GFp_simple_point_finish(EC_POINT *); void ec_GFp_simple_point_clear_finish(EC_POINT *); @@ -222,11 +304,11 @@ int ec_GFp_simple_set_Jprojective_coordinates_GFp(const EC_GROUP *, EC_POINT *, const BIGNUM *x, const BIGNUM *y, const BIGNUM *z, BN_CTX *); int ec_GFp_simple_get_Jprojective_coordinates_GFp(const EC_GROUP *, const EC_POINT *, BIGNUM *x, BIGNUM *y, BIGNUM *z, BN_CTX *); -int ec_GFp_simple_point_set_affine_coordinates_GFp(const EC_GROUP *, EC_POINT *, +int ec_GFp_simple_point_set_affine_coordinates(const EC_GROUP *, EC_POINT *, const BIGNUM *x, const BIGNUM *y, BN_CTX *); -int ec_GFp_simple_point_get_affine_coordinates_GFp(const EC_GROUP *, const EC_POINT *, +int ec_GFp_simple_point_get_affine_coordinates(const EC_GROUP *, const EC_POINT *, BIGNUM *x, BIGNUM *y, BN_CTX *); -int ec_GFp_simple_set_compressed_coordinates_GFp(const EC_GROUP *, EC_POINT *, +int ec_GFp_simple_set_compressed_coordinates(const EC_GROUP *, EC_POINT *, const BIGNUM *x, int y_bit, BN_CTX *); size_t ec_GFp_simple_point2oct(const EC_GROUP *, const EC_POINT *, point_conversion_form_t form, unsigned char *buf, size_t len, BN_CTX *); @@ -246,7 +328,7 @@ int ec_GFp_simple_field_sqr(const EC_GROUP *, BIGNUM *r, const BIGNUM *a, BN_CTX /* method functions in ecp_mont.c */ int ec_GFp_mont_group_init(EC_GROUP *); -int ec_GFp_mont_group_set_curve_GFp(EC_GROUP *, const BIGNUM *p, const BIGNUM *a, const BIGNUM *b, BN_CTX *); +int ec_GFp_mont_group_set_curve(EC_GROUP *, const BIGNUM *p, const BIGNUM *a, const BIGNUM *b, BN_CTX *); void ec_GFp_mont_group_finish(EC_GROUP *); void ec_GFp_mont_group_clear_finish(EC_GROUP *); int ec_GFp_mont_group_copy(EC_GROUP *, const EC_GROUP *); @@ -257,21 +339,52 @@ int ec_GFp_mont_field_decode(const EC_GROUP *, BIGNUM *r, const BIGNUM *a, BN_CT int ec_GFp_mont_field_set_to_one(const EC_GROUP *, BIGNUM *r, BN_CTX *); -/* method functions in ecp_recp.c */ -int ec_GFp_recp_group_init(EC_GROUP *); -int ec_GFp_recp_group_set_curve_GFp(EC_GROUP *, const BIGNUM *p, const BIGNUM *a, const BIGNUM *b, BN_CTX *); -void ec_GFp_recp_group_finish(EC_GROUP *); -void ec_GFp_recp_group_clear_finish(EC_GROUP *); -int ec_GFp_recp_group_copy(EC_GROUP *, const EC_GROUP *); -int ec_GFp_recp_field_mul(const EC_GROUP *, BIGNUM *r, const BIGNUM *a, const BIGNUM *b, BN_CTX *); -int ec_GFp_recp_field_sqr(const EC_GROUP *, BIGNUM *r, const BIGNUM *a, BN_CTX *); - - /* method functions in ecp_nist.c */ -int ec_GFp_nist_group_init(EC_GROUP *); -int ec_GFp_nist_group_set_curve_GFp(EC_GROUP *, const BIGNUM *p, const BIGNUM *a, const BIGNUM *b, BN_CTX *); -void ec_GFp_nist_group_finish(EC_GROUP *); -void ec_GFp_nist_group_clear_finish(EC_GROUP *); -int ec_GFp_nist_group_copy(EC_GROUP *, const EC_GROUP *); +int ec_GFp_nist_group_copy(EC_GROUP *dest, const EC_GROUP *src); +int ec_GFp_nist_group_set_curve(EC_GROUP *, const BIGNUM *p, const BIGNUM *a, const BIGNUM *b, BN_CTX *); int ec_GFp_nist_field_mul(const EC_GROUP *, BIGNUM *r, const BIGNUM *a, const BIGNUM *b, BN_CTX *); int ec_GFp_nist_field_sqr(const EC_GROUP *, BIGNUM *r, const BIGNUM *a, BN_CTX *); + + +/* method functions in ec2_smpl.c */ +int ec_GF2m_simple_group_init(EC_GROUP *); +void ec_GF2m_simple_group_finish(EC_GROUP *); +void ec_GF2m_simple_group_clear_finish(EC_GROUP *); +int ec_GF2m_simple_group_copy(EC_GROUP *, const EC_GROUP *); +int ec_GF2m_simple_group_set_curve(EC_GROUP *, const BIGNUM *p, const BIGNUM *a, const BIGNUM *b, BN_CTX *); +int ec_GF2m_simple_group_get_curve(const EC_GROUP *, BIGNUM *p, BIGNUM *a, BIGNUM *b, BN_CTX *); +int ec_GF2m_simple_group_get_degree(const EC_GROUP *); +int ec_GF2m_simple_group_check_discriminant(const EC_GROUP *, BN_CTX *); +int ec_GF2m_simple_point_init(EC_POINT *); +void ec_GF2m_simple_point_finish(EC_POINT *); +void ec_GF2m_simple_point_clear_finish(EC_POINT *); +int ec_GF2m_simple_point_copy(EC_POINT *, const EC_POINT *); +int ec_GF2m_simple_point_set_to_infinity(const EC_GROUP *, EC_POINT *); +int ec_GF2m_simple_point_set_affine_coordinates(const EC_GROUP *, EC_POINT *, + const BIGNUM *x, const BIGNUM *y, BN_CTX *); +int ec_GF2m_simple_point_get_affine_coordinates(const EC_GROUP *, const EC_POINT *, + BIGNUM *x, BIGNUM *y, BN_CTX *); +int ec_GF2m_simple_set_compressed_coordinates(const EC_GROUP *, EC_POINT *, + const BIGNUM *x, int y_bit, BN_CTX *); +size_t ec_GF2m_simple_point2oct(const EC_GROUP *, const EC_POINT *, point_conversion_form_t form, + unsigned char *buf, size_t len, BN_CTX *); +int ec_GF2m_simple_oct2point(const EC_GROUP *, EC_POINT *, + const unsigned char *buf, size_t len, BN_CTX *); +int ec_GF2m_simple_add(const EC_GROUP *, EC_POINT *r, const EC_POINT *a, const EC_POINT *b, BN_CTX *); +int ec_GF2m_simple_dbl(const EC_GROUP *, EC_POINT *r, const EC_POINT *a, BN_CTX *); +int ec_GF2m_simple_invert(const EC_GROUP *, EC_POINT *, BN_CTX *); +int ec_GF2m_simple_is_at_infinity(const EC_GROUP *, const EC_POINT *); +int ec_GF2m_simple_is_on_curve(const EC_GROUP *, const EC_POINT *, BN_CTX *); +int ec_GF2m_simple_cmp(const EC_GROUP *, const EC_POINT *a, const EC_POINT *b, BN_CTX *); +int ec_GF2m_simple_make_affine(const EC_GROUP *, EC_POINT *, BN_CTX *); +int ec_GF2m_simple_points_make_affine(const EC_GROUP *, size_t num, EC_POINT *[], BN_CTX *); +int ec_GF2m_simple_field_mul(const EC_GROUP *, BIGNUM *r, const BIGNUM *a, const BIGNUM *b, BN_CTX *); +int ec_GF2m_simple_field_sqr(const EC_GROUP *, BIGNUM *r, const BIGNUM *a, BN_CTX *); +int ec_GF2m_simple_field_div(const EC_GROUP *, BIGNUM *r, const BIGNUM *a, const BIGNUM *b, BN_CTX *); + + +/* method functions in ec2_mult.c */ +int ec_GF2m_simple_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar, + size_t num, const EC_POINT *points[], const BIGNUM *scalars[], BN_CTX *); +int ec_GF2m_precompute_mult(EC_GROUP *group, BN_CTX *ctx); +int ec_GF2m_have_precompute_mult(const EC_GROUP *group); diff --git a/src/lib/libssl/src/crypto/ec/ec_lib.c b/src/lib/libssl/src/crypto/ec/ec_lib.c index deb522060f..5af84376c6 100644 --- a/src/lib/libssl/src/crypto/ec/ec_lib.c +++ b/src/lib/libssl/src/crypto/ec/ec_lib.c @@ -1,6 +1,9 @@ /* crypto/ec/ec_lib.c */ +/* + * Originally written by Bodo Moeller for the OpenSSL project. + */ /* ==================================================================== - * Copyright (c) 1998-2001 The OpenSSL Project. All rights reserved. + * Copyright (c) 1998-2003 The OpenSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -52,6 +55,11 @@ * Hudson (tjh@cryptsoft.com). * */ +/* ==================================================================== + * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. + * Binary polynomial ECC support in OpenSSL originally developed by + * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project. + */ #include @@ -90,10 +98,18 @@ EC_GROUP *EC_GROUP_new(const EC_METHOD *meth) ret->meth = meth; ret->extra_data = NULL; - ret->extra_data_dup_func = 0; - ret->extra_data_free_func = 0; - ret->extra_data_clear_free_func = 0; - + + ret->generator = NULL; + BN_init(&ret->order); + BN_init(&ret->cofactor); + + ret->curve_name = 0; + ret->asn1_flag = 0; + ret->asn1_form = POINT_CONVERSION_UNCOMPRESSED; + + ret->seed = NULL; + ret->seed_len = 0; + if (!meth->group_init(ret)) { OPENSSL_free(ret); @@ -111,7 +127,15 @@ void EC_GROUP_free(EC_GROUP *group) if (group->meth->group_finish != 0) group->meth->group_finish(group); - EC_GROUP_free_extra_data(group); + EC_EX_DATA_free_all_data(&group->extra_data); + + if (group->generator != NULL) + EC_POINT_free(group->generator); + BN_free(&group->order); + BN_free(&group->cofactor); + + if (group->seed) + OPENSSL_free(group->seed); OPENSSL_free(group); } @@ -123,10 +147,21 @@ void EC_GROUP_clear_free(EC_GROUP *group) if (group->meth->group_clear_finish != 0) group->meth->group_clear_finish(group); - else if (group->meth != NULL && group->meth->group_finish != 0) + else if (group->meth->group_finish != 0) group->meth->group_finish(group); - EC_GROUP_clear_free_extra_data(group); + EC_EX_DATA_clear_free_all_data(&group->extra_data); + + if (group->generator != NULL) + EC_POINT_clear_free(group->generator); + BN_clear_free(&group->order); + BN_clear_free(&group->cofactor); + + if (group->seed) + { + OPENSSL_cleanse(group->seed, group->seed_len); + OPENSSL_free(group->seed); + } OPENSSL_cleanse(group, sizeof *group); OPENSSL_free(group); @@ -135,6 +170,8 @@ void EC_GROUP_clear_free(EC_GROUP *group) int EC_GROUP_copy(EC_GROUP *dest, const EC_GROUP *src) { + EC_EXTRA_DATA *d; + if (dest->meth->group_copy == 0) { ECerr(EC_F_EC_GROUP_COPY, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); @@ -148,161 +185,507 @@ int EC_GROUP_copy(EC_GROUP *dest, const EC_GROUP *src) if (dest == src) return 1; - EC_GROUP_clear_free_extra_data(dest); - if (src->extra_data_dup_func) + EC_EX_DATA_free_all_data(&dest->extra_data); + + for (d = src->extra_data; d != NULL; d = d->next) { - if (src->extra_data != NULL) + void *t = d->dup_func(d->data); + + if (t == NULL) + return 0; + if (!EC_EX_DATA_set_data(&dest->extra_data, t, d->dup_func, d->free_func, d->clear_free_func)) + return 0; + } + + if (src->generator != NULL) + { + if (dest->generator == NULL) + { + dest->generator = EC_POINT_new(dest); + if (dest->generator == NULL) return 0; + } + if (!EC_POINT_copy(dest->generator, src->generator)) return 0; + } + else + { + /* src->generator == NULL */ + if (dest->generator != NULL) { - dest->extra_data = src->extra_data_dup_func(src->extra_data); - if (dest->extra_data == NULL) - return 0; + EC_POINT_clear_free(dest->generator); + dest->generator = NULL; } + } + + if (!BN_copy(&dest->order, &src->order)) return 0; + if (!BN_copy(&dest->cofactor, &src->cofactor)) return 0; - dest->extra_data_dup_func = src->extra_data_dup_func; - dest->extra_data_free_func = src->extra_data_free_func; - dest->extra_data_clear_free_func = src->extra_data_clear_free_func; + dest->curve_name = src->curve_name; + dest->asn1_flag = src->asn1_flag; + dest->asn1_form = src->asn1_form; + + if (src->seed) + { + if (dest->seed) + OPENSSL_free(dest->seed); + dest->seed = OPENSSL_malloc(src->seed_len); + if (dest->seed == NULL) + return 0; + if (!memcpy(dest->seed, src->seed, src->seed_len)) + return 0; + dest->seed_len = src->seed_len; + } + else + { + if (dest->seed) + OPENSSL_free(dest->seed); + dest->seed = NULL; + dest->seed_len = 0; } + return dest->meth->group_copy(dest, src); } +EC_GROUP *EC_GROUP_dup(const EC_GROUP *a) + { + EC_GROUP *t = NULL; + int ok = 0; + + if (a == NULL) return NULL; + + if ((t = EC_GROUP_new(a->meth)) == NULL) return(NULL); + if (!EC_GROUP_copy(t, a)) goto err; + + ok = 1; + + err: + if (!ok) + { + if (t) EC_GROUP_free(t); + return NULL; + } + else return t; + } + + const EC_METHOD *EC_GROUP_method_of(const EC_GROUP *group) { return group->meth; } +int EC_METHOD_get_field_type(const EC_METHOD *meth) + { + return meth->field_type; + } + + +int EC_GROUP_set_generator(EC_GROUP *group, const EC_POINT *generator, const BIGNUM *order, const BIGNUM *cofactor) + { + if (generator == NULL) + { + ECerr(EC_F_EC_GROUP_SET_GENERATOR, ERR_R_PASSED_NULL_PARAMETER); + return 0 ; + } + + if (group->generator == NULL) + { + group->generator = EC_POINT_new(group); + if (group->generator == NULL) return 0; + } + if (!EC_POINT_copy(group->generator, generator)) return 0; + + if (order != NULL) + { if (!BN_copy(&group->order, order)) return 0; } + else + BN_zero(&group->order); + + if (cofactor != NULL) + { if (!BN_copy(&group->cofactor, cofactor)) return 0; } + else + BN_zero(&group->cofactor); + + return 1; + } + + +const EC_POINT *EC_GROUP_get0_generator(const EC_GROUP *group) + { + return group->generator; + } + + +int EC_GROUP_get_order(const EC_GROUP *group, BIGNUM *order, BN_CTX *ctx) + { + if (!BN_copy(order, &group->order)) + return 0; + + return !BN_is_zero(order); + } + + +int EC_GROUP_get_cofactor(const EC_GROUP *group, BIGNUM *cofactor, BN_CTX *ctx) + { + if (!BN_copy(cofactor, &group->cofactor)) + return 0; + + return !BN_is_zero(&group->cofactor); + } + + +void EC_GROUP_set_curve_name(EC_GROUP *group, int nid) + { + group->curve_name = nid; + } + + +int EC_GROUP_get_curve_name(const EC_GROUP *group) + { + return group->curve_name; + } + + +void EC_GROUP_set_asn1_flag(EC_GROUP *group, int flag) + { + group->asn1_flag = flag; + } + + +int EC_GROUP_get_asn1_flag(const EC_GROUP *group) + { + return group->asn1_flag; + } + + +void EC_GROUP_set_point_conversion_form(EC_GROUP *group, + point_conversion_form_t form) + { + group->asn1_form = form; + } + + +point_conversion_form_t EC_GROUP_get_point_conversion_form(const EC_GROUP *group) + { + return group->asn1_form; + } + + +size_t EC_GROUP_set_seed(EC_GROUP *group, const unsigned char *p, size_t len) + { + if (group->seed) + { + OPENSSL_free(group->seed); + group->seed = NULL; + group->seed_len = 0; + } + + if (!len || !p) + return 1; + + if ((group->seed = OPENSSL_malloc(len)) == NULL) + return 0; + memcpy(group->seed, p, len); + group->seed_len = len; + + return len; + } + + +unsigned char *EC_GROUP_get0_seed(const EC_GROUP *group) + { + return group->seed; + } + + +size_t EC_GROUP_get_seed_len(const EC_GROUP *group) + { + return group->seed_len; + } + + int EC_GROUP_set_curve_GFp(EC_GROUP *group, const BIGNUM *p, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx) { - if (group->meth->group_set_curve_GFp == 0) + if (group->meth->group_set_curve == 0) { ECerr(EC_F_EC_GROUP_SET_CURVE_GFP, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); return 0; } - return group->meth->group_set_curve_GFp(group, p, a, b, ctx); + return group->meth->group_set_curve(group, p, a, b, ctx); } int EC_GROUP_get_curve_GFp(const EC_GROUP *group, BIGNUM *p, BIGNUM *a, BIGNUM *b, BN_CTX *ctx) { - if (group->meth->group_get_curve_GFp == 0) + if (group->meth->group_get_curve == 0) { ECerr(EC_F_EC_GROUP_GET_CURVE_GFP, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); return 0; } - return group->meth->group_get_curve_GFp(group, p, a, b, ctx); + return group->meth->group_get_curve(group, p, a, b, ctx); } -int EC_GROUP_set_generator(EC_GROUP *group, const EC_POINT *generator, const BIGNUM *order, const BIGNUM *cofactor) +int EC_GROUP_set_curve_GF2m(EC_GROUP *group, const BIGNUM *p, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx) { - if (group->meth->group_set_generator == 0) + if (group->meth->group_set_curve == 0) { - ECerr(EC_F_EC_GROUP_SET_GENERATOR, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); + ECerr(EC_F_EC_GROUP_SET_CURVE_GF2M, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); return 0; } - return group->meth->group_set_generator(group, generator, order, cofactor); + return group->meth->group_set_curve(group, p, a, b, ctx); } -EC_POINT *EC_GROUP_get0_generator(const EC_GROUP *group) +int EC_GROUP_get_curve_GF2m(const EC_GROUP *group, BIGNUM *p, BIGNUM *a, BIGNUM *b, BN_CTX *ctx) { - if (group->meth->group_get0_generator == 0) + if (group->meth->group_get_curve == 0) { - ECerr(EC_F_EC_GROUP_GET0_GENERATOR, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); + ECerr(EC_F_EC_GROUP_GET_CURVE_GF2M, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); return 0; } - return group->meth->group_get0_generator(group); + return group->meth->group_get_curve(group, p, a, b, ctx); } -int EC_GROUP_get_order(const EC_GROUP *group, BIGNUM *order, BN_CTX *ctx) +int EC_GROUP_get_degree(const EC_GROUP *group) { - if (group->meth->group_get_order == 0) + if (group->meth->group_get_degree == 0) { - ECerr(EC_F_EC_GROUP_GET_ORDER, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); + ECerr(EC_F_EC_GROUP_GET_DEGREE, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); return 0; } - return group->meth->group_get_order(group, order, ctx); + return group->meth->group_get_degree(group); } -int EC_GROUP_get_cofactor(const EC_GROUP *group, BIGNUM *cofactor, BN_CTX *ctx) +int EC_GROUP_check_discriminant(const EC_GROUP *group, BN_CTX *ctx) { - if (group->meth->group_get_cofactor == 0) + if (group->meth->group_check_discriminant == 0) { - ECerr(EC_F_EC_GROUP_GET_COFACTOR, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); + ECerr(EC_F_EC_GROUP_CHECK_DISCRIMINANT, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); return 0; } - return group->meth->group_get_cofactor(group, cofactor, ctx); + return group->meth->group_check_discriminant(group, ctx); } -/* this has 'package' visibility */ -int EC_GROUP_set_extra_data(EC_GROUP *group, void *extra_data, void *(*extra_data_dup_func)(void *), - void (*extra_data_free_func)(void *), void (*extra_data_clear_free_func)(void *)) +int EC_GROUP_cmp(const EC_GROUP *a, const EC_GROUP *b, BN_CTX *ctx) { - if ((group->extra_data != NULL) - || (group->extra_data_dup_func != 0) - || (group->extra_data_free_func != 0) - || (group->extra_data_clear_free_func != 0)) - { - ECerr(EC_F_EC_GROUP_SET_EXTRA_DATA, EC_R_SLOT_FULL); + int r = 0; + BIGNUM *a1, *a2, *a3, *b1, *b2, *b3; + BN_CTX *ctx_new = NULL; + + /* compare the field types*/ + if (EC_METHOD_get_field_type(EC_GROUP_method_of(a)) != + EC_METHOD_get_field_type(EC_GROUP_method_of(b))) + return 1; + /* compare the curve name (if present) */ + if (EC_GROUP_get_curve_name(a) && EC_GROUP_get_curve_name(b) && + EC_GROUP_get_curve_name(a) == EC_GROUP_get_curve_name(b)) return 0; + + if (!ctx) + ctx_new = ctx = BN_CTX_new(); + if (!ctx) + return -1; + + BN_CTX_start(ctx); + a1 = BN_CTX_get(ctx); + a2 = BN_CTX_get(ctx); + a3 = BN_CTX_get(ctx); + b1 = BN_CTX_get(ctx); + b2 = BN_CTX_get(ctx); + b3 = BN_CTX_get(ctx); + if (!b3) + { + BN_CTX_end(ctx); + if (ctx_new) + BN_CTX_free(ctx); + return -1; } - group->extra_data = extra_data; - group->extra_data_dup_func = extra_data_dup_func; - group->extra_data_free_func = extra_data_free_func; - group->extra_data_clear_free_func = extra_data_clear_free_func; - return 1; + /* XXX This approach assumes that the external representation + * of curves over the same field type is the same. + */ + if (!a->meth->group_get_curve(a, a1, a2, a3, ctx) || + !b->meth->group_get_curve(b, b1, b2, b3, ctx)) + r = 1; + + if (r || BN_cmp(a1, b1) || BN_cmp(a2, b2) || BN_cmp(a3, b3)) + r = 1; + + /* XXX EC_POINT_cmp() assumes that the methods are equal */ + if (r || EC_POINT_cmp(a, EC_GROUP_get0_generator(a), + EC_GROUP_get0_generator(b), ctx)) + r = 1; + + if (!r) + { + /* compare the order and cofactor */ + if (!EC_GROUP_get_order(a, a1, ctx) || + !EC_GROUP_get_order(b, b1, ctx) || + !EC_GROUP_get_cofactor(a, a2, ctx) || + !EC_GROUP_get_cofactor(b, b2, ctx)) + { + BN_CTX_end(ctx); + if (ctx_new) + BN_CTX_free(ctx); + return -1; + } + if (BN_cmp(a1, b1) || BN_cmp(a2, b2)) + r = 1; + } + + BN_CTX_end(ctx); + if (ctx_new) + BN_CTX_free(ctx); + + return r; } /* this has 'package' visibility */ -void *EC_GROUP_get_extra_data(const EC_GROUP *group, void *(*extra_data_dup_func)(void *), - void (*extra_data_free_func)(void *), void (*extra_data_clear_free_func)(void *)) +int EC_EX_DATA_set_data(EC_EXTRA_DATA **ex_data, void *data, + void *(*dup_func)(void *), void (*free_func)(void *), void (*clear_free_func)(void *)) { - if ((group->extra_data_dup_func != extra_data_dup_func) - || (group->extra_data_free_func != extra_data_free_func) - || (group->extra_data_clear_free_func != extra_data_clear_free_func)) + EC_EXTRA_DATA *d; + + if (ex_data == NULL) + return 0; + + for (d = *ex_data; d != NULL; d = d->next) { -#if 0 /* this was an error in 0.9.7, but that does not make a lot of sense */ - ECerr(..._F_EC_GROUP_GET_EXTRA_DATA, ..._R_NO_SUCH_EXTRA_DATA); -#endif - return NULL; + if (d->dup_func == dup_func && d->free_func == free_func && d->clear_free_func == clear_free_func) + { + ECerr(EC_F_EC_EX_DATA_SET_DATA, EC_R_SLOT_FULL); + return 0; + } } - return group->extra_data; + if (data == NULL) + /* no explicit entry needed */ + return 1; + + d = OPENSSL_malloc(sizeof *d); + if (d == NULL) + return 0; + + d->data = data; + d->dup_func = dup_func; + d->free_func = free_func; + d->clear_free_func = clear_free_func; + + d->next = *ex_data; + *ex_data = d; + + return 1; } +/* this has 'package' visibility */ +void *EC_EX_DATA_get_data(const EC_EXTRA_DATA *ex_data, + void *(*dup_func)(void *), void (*free_func)(void *), void (*clear_free_func)(void *)) + { + const EC_EXTRA_DATA *d; + + for (d = ex_data; d != NULL; d = d->next) + { + if (d->dup_func == dup_func && d->free_func == free_func && d->clear_free_func == clear_free_func) + return d->data; + } + + return NULL; + } /* this has 'package' visibility */ -void EC_GROUP_free_extra_data(EC_GROUP *group) +void EC_EX_DATA_free_data(EC_EXTRA_DATA **ex_data, + void *(*dup_func)(void *), void (*free_func)(void *), void (*clear_free_func)(void *)) { - if (group->extra_data_free_func) - group->extra_data_free_func(group->extra_data); - group->extra_data = NULL; - group->extra_data_dup_func = 0; - group->extra_data_free_func = 0; - group->extra_data_clear_free_func = 0; + EC_EXTRA_DATA **p; + + if (ex_data == NULL) + return; + + for (p = ex_data; *p != NULL; p = &((*p)->next)) + { + if ((*p)->dup_func == dup_func && (*p)->free_func == free_func && (*p)->clear_free_func == clear_free_func) + { + EC_EXTRA_DATA *next = (*p)->next; + + (*p)->free_func((*p)->data); + OPENSSL_free(*p); + + *p = next; + return; + } + } } +/* this has 'package' visibility */ +void EC_EX_DATA_clear_free_data(EC_EXTRA_DATA **ex_data, + void *(*dup_func)(void *), void (*free_func)(void *), void (*clear_free_func)(void *)) + { + EC_EXTRA_DATA **p; + + if (ex_data == NULL) + return; + + for (p = ex_data; *p != NULL; p = &((*p)->next)) + { + if ((*p)->dup_func == dup_func && (*p)->free_func == free_func && (*p)->clear_free_func == clear_free_func) + { + EC_EXTRA_DATA *next = (*p)->next; + + (*p)->clear_free_func((*p)->data); + OPENSSL_free(*p); + + *p = next; + return; + } + } + } /* this has 'package' visibility */ -void EC_GROUP_clear_free_extra_data(EC_GROUP *group) +void EC_EX_DATA_free_all_data(EC_EXTRA_DATA **ex_data) { - if (group->extra_data_clear_free_func) - group->extra_data_clear_free_func(group->extra_data); - else if (group->extra_data_free_func) - group->extra_data_free_func(group->extra_data); - group->extra_data = NULL; - group->extra_data_dup_func = 0; - group->extra_data_free_func = 0; - group->extra_data_clear_free_func = 0; + EC_EXTRA_DATA *d; + + if (ex_data == NULL) + return; + + d = *ex_data; + while (d) + { + EC_EXTRA_DATA *next = d->next; + + d->free_func(d->data); + OPENSSL_free(d); + + d = next; + } + *ex_data = NULL; } +/* this has 'package' visibility */ +void EC_EX_DATA_clear_free_all_data(EC_EXTRA_DATA **ex_data) + { + EC_EXTRA_DATA *d; + + if (ex_data == NULL) + return; + + d = *ex_data; + while (d) + { + EC_EXTRA_DATA *next = d->next; + + d->clear_free_func(d->data); + OPENSSL_free(d); + + d = next; + } + *ex_data = NULL; + } /* functions for EC_POINT objects */ @@ -382,6 +765,25 @@ int EC_POINT_copy(EC_POINT *dest, const EC_POINT *src) } +EC_POINT *EC_POINT_dup(const EC_POINT *a, const EC_GROUP *group) + { + EC_POINT *t; + int r; + + if (a == NULL) return NULL; + + t = EC_POINT_new(group); + if (t == NULL) return(NULL); + r = EC_POINT_copy(t, a); + if (!r) + { + EC_POINT_free(t); + return NULL; + } + else return t; + } + + const EC_METHOD *EC_POINT_method_of(const EC_POINT *point) { return point->meth; @@ -441,7 +843,7 @@ int EC_POINT_get_Jprojective_coordinates_GFp(const EC_GROUP *group, const EC_POI int EC_POINT_set_affine_coordinates_GFp(const EC_GROUP *group, EC_POINT *point, const BIGNUM *x, const BIGNUM *y, BN_CTX *ctx) { - if (group->meth->point_set_affine_coordinates_GFp == 0) + if (group->meth->point_set_affine_coordinates == 0) { ECerr(EC_F_EC_POINT_SET_AFFINE_COORDINATES_GFP, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); return 0; @@ -451,14 +853,31 @@ int EC_POINT_set_affine_coordinates_GFp(const EC_GROUP *group, EC_POINT *point, ECerr(EC_F_EC_POINT_SET_AFFINE_COORDINATES_GFP, EC_R_INCOMPATIBLE_OBJECTS); return 0; } - return group->meth->point_set_affine_coordinates_GFp(group, point, x, y, ctx); + return group->meth->point_set_affine_coordinates(group, point, x, y, ctx); + } + + +int EC_POINT_set_affine_coordinates_GF2m(const EC_GROUP *group, EC_POINT *point, + const BIGNUM *x, const BIGNUM *y, BN_CTX *ctx) + { + if (group->meth->point_set_affine_coordinates == 0) + { + ECerr(EC_F_EC_POINT_SET_AFFINE_COORDINATES_GF2M, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); + return 0; + } + if (group->meth != point->meth) + { + ECerr(EC_F_EC_POINT_SET_AFFINE_COORDINATES_GF2M, EC_R_INCOMPATIBLE_OBJECTS); + return 0; + } + return group->meth->point_set_affine_coordinates(group, point, x, y, ctx); } int EC_POINT_get_affine_coordinates_GFp(const EC_GROUP *group, const EC_POINT *point, BIGNUM *x, BIGNUM *y, BN_CTX *ctx) { - if (group->meth->point_get_affine_coordinates_GFp == 0) + if (group->meth->point_get_affine_coordinates == 0) { ECerr(EC_F_EC_POINT_GET_AFFINE_COORDINATES_GFP, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); return 0; @@ -468,14 +887,31 @@ int EC_POINT_get_affine_coordinates_GFp(const EC_GROUP *group, const EC_POINT *p ECerr(EC_F_EC_POINT_GET_AFFINE_COORDINATES_GFP, EC_R_INCOMPATIBLE_OBJECTS); return 0; } - return group->meth->point_get_affine_coordinates_GFp(group, point, x, y, ctx); + return group->meth->point_get_affine_coordinates(group, point, x, y, ctx); + } + + +int EC_POINT_get_affine_coordinates_GF2m(const EC_GROUP *group, const EC_POINT *point, + BIGNUM *x, BIGNUM *y, BN_CTX *ctx) + { + if (group->meth->point_get_affine_coordinates == 0) + { + ECerr(EC_F_EC_POINT_GET_AFFINE_COORDINATES_GF2M, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); + return 0; + } + if (group->meth != point->meth) + { + ECerr(EC_F_EC_POINT_GET_AFFINE_COORDINATES_GF2M, EC_R_INCOMPATIBLE_OBJECTS); + return 0; + } + return group->meth->point_get_affine_coordinates(group, point, x, y, ctx); } int EC_POINT_set_compressed_coordinates_GFp(const EC_GROUP *group, EC_POINT *point, const BIGNUM *x, int y_bit, BN_CTX *ctx) { - if (group->meth->point_set_compressed_coordinates_GFp == 0) + if (group->meth->point_set_compressed_coordinates == 0) { ECerr(EC_F_EC_POINT_SET_COMPRESSED_COORDINATES_GFP, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); return 0; @@ -485,7 +921,24 @@ int EC_POINT_set_compressed_coordinates_GFp(const EC_GROUP *group, EC_POINT *poi ECerr(EC_F_EC_POINT_SET_COMPRESSED_COORDINATES_GFP, EC_R_INCOMPATIBLE_OBJECTS); return 0; } - return group->meth->point_set_compressed_coordinates_GFp(group, point, x, y_bit, ctx); + return group->meth->point_set_compressed_coordinates(group, point, x, y_bit, ctx); + } + + +int EC_POINT_set_compressed_coordinates_GF2m(const EC_GROUP *group, EC_POINT *point, + const BIGNUM *x, int y_bit, BN_CTX *ctx) + { + if (group->meth->point_set_compressed_coordinates == 0) + { + ECerr(EC_F_EC_POINT_SET_COMPRESSED_COORDINATES_GF2M, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); + return 0; + } + if (group->meth != point->meth) + { + ECerr(EC_F_EC_POINT_SET_COMPRESSED_COORDINATES_GF2M, EC_R_INCOMPATIBLE_OBJECTS); + return 0; + } + return group->meth->point_set_compressed_coordinates(group, point, x, y_bit, ctx); } @@ -559,12 +1012,12 @@ int EC_POINT_invert(const EC_GROUP *group, EC_POINT *a, BN_CTX *ctx) { if (group->meth->dbl == 0) { - ECerr(EC_F_EC_POINT_DBL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); + ECerr(EC_F_EC_POINT_INVERT, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); return 0; } if (group->meth != a->meth) { - ECerr(EC_F_EC_POINT_DBL, EC_R_INCOMPATIBLE_OBJECTS); + ECerr(EC_F_EC_POINT_INVERT, EC_R_INCOMPATIBLE_OBJECTS); return 0; } return group->meth->invert(group, a, ctx); @@ -654,3 +1107,58 @@ int EC_POINTs_make_affine(const EC_GROUP *group, size_t num, EC_POINT *points[], } return group->meth->points_make_affine(group, num, points, ctx); } + + +/* Functions for point multiplication. + * + * If group->meth->mul is 0, we use the wNAF-based implementations in ec_mult.c; + * otherwise we dispatch through methods. + */ + +int EC_POINTs_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar, + size_t num, const EC_POINT *points[], const BIGNUM *scalars[], BN_CTX *ctx) + { + if (group->meth->mul == 0) + /* use default */ + return ec_wNAF_mul(group, r, scalar, num, points, scalars, ctx); + + return group->meth->mul(group, r, scalar, num, points, scalars, ctx); + } + +int EC_POINT_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *g_scalar, + const EC_POINT *point, const BIGNUM *p_scalar, BN_CTX *ctx) + { + /* just a convenient interface to EC_POINTs_mul() */ + + const EC_POINT *points[1]; + const BIGNUM *scalars[1]; + + points[0] = point; + scalars[0] = p_scalar; + + return EC_POINTs_mul(group, r, g_scalar, (point != NULL && p_scalar != NULL), points, scalars, ctx); + } + +int EC_GROUP_precompute_mult(EC_GROUP *group, BN_CTX *ctx) + { + if (group->meth->mul == 0) + /* use default */ + return ec_wNAF_precompute_mult(group, ctx); + + if (group->meth->precompute_mult != 0) + return group->meth->precompute_mult(group, ctx); + else + return 1; /* nothing to do, so report success */ + } + +int EC_GROUP_have_precompute_mult(const EC_GROUP *group) + { + if (group->meth->mul == 0) + /* use default */ + return ec_wNAF_have_precompute_mult(group); + + if (group->meth->have_precompute_mult != 0) + return group->meth->have_precompute_mult(group); + else + return 0; /* cannot tell whether precomputation has been performed */ + } diff --git a/src/lib/libssl/src/crypto/ec/ec_mult.c b/src/lib/libssl/src/crypto/ec/ec_mult.c index 16822a73cf..2ba173ef36 100644 --- a/src/lib/libssl/src/crypto/ec/ec_mult.c +++ b/src/lib/libssl/src/crypto/ec/ec_mult.c @@ -1,6 +1,9 @@ /* crypto/ec/ec_mult.c */ +/* + * Originally written by Bodo Moeller and Nils Larsch for the OpenSSL project. + */ /* ==================================================================== - * Copyright (c) 1998-2001 The OpenSSL Project. All rights reserved. + * Copyright (c) 1998-2007 The OpenSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -52,41 +55,161 @@ * Hudson (tjh@cryptsoft.com). * */ +/* ==================================================================== + * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. + * Portions of this software developed by SUN MICROSYSTEMS, INC., + * and contributed to the OpenSSL project. + */ + +#include #include #include "ec_lcl.h" -/* TODO: optional precomputation of multiples of the generator */ +/* + * This file implements the wNAF-based interleaving multi-exponentation method + * (); + * for multiplication with precomputation, we use wNAF splitting + * (). + */ -/* - * wNAF-based interleaving multi-exponentation method - * () - */ + +/* structure for precomputed multiples of the generator */ +typedef struct ec_pre_comp_st { + const EC_GROUP *group; /* parent EC_GROUP object */ + size_t blocksize; /* block size for wNAF splitting */ + size_t numblocks; /* max. number of blocks for which we have precomputation */ + size_t w; /* window size */ + EC_POINT **points; /* array with pre-calculated multiples of generator: + * 'num' pointers to EC_POINT objects followed by a NULL */ + size_t num; /* numblocks * 2^(w-1) */ + int references; +} EC_PRE_COMP; + +/* functions to manage EC_PRE_COMP within the EC_GROUP extra_data framework */ +static void *ec_pre_comp_dup(void *); +static void ec_pre_comp_free(void *); +static void ec_pre_comp_clear_free(void *); + +static EC_PRE_COMP *ec_pre_comp_new(const EC_GROUP *group) + { + EC_PRE_COMP *ret = NULL; + + if (!group) + return NULL; + + ret = (EC_PRE_COMP *)OPENSSL_malloc(sizeof(EC_PRE_COMP)); + if (!ret) + { + ECerr(EC_F_EC_PRE_COMP_NEW, ERR_R_MALLOC_FAILURE); + return ret; + } + ret->group = group; + ret->blocksize = 8; /* default */ + ret->numblocks = 0; + ret->w = 4; /* default */ + ret->points = NULL; + ret->num = 0; + ret->references = 1; + return ret; + } + +static void *ec_pre_comp_dup(void *src_) + { + EC_PRE_COMP *src = src_; + + /* no need to actually copy, these objects never change! */ + + CRYPTO_add(&src->references, 1, CRYPTO_LOCK_EC_PRE_COMP); + + return src_; + } + +static void ec_pre_comp_free(void *pre_) + { + int i; + EC_PRE_COMP *pre = pre_; + + if (!pre) + return; + + i = CRYPTO_add(&pre->references, -1, CRYPTO_LOCK_EC_PRE_COMP); + if (i > 0) + return; + + if (pre->points) + { + EC_POINT **p; + + for (p = pre->points; *p != NULL; p++) + EC_POINT_free(*p); + OPENSSL_free(pre->points); + } + OPENSSL_free(pre); + } + +static void ec_pre_comp_clear_free(void *pre_) + { + int i; + EC_PRE_COMP *pre = pre_; + + if (!pre) + return; + + i = CRYPTO_add(&pre->references, -1, CRYPTO_LOCK_EC_PRE_COMP); + if (i > 0) + return; + + if (pre->points) + { + EC_POINT **p; + + for (p = pre->points; *p != NULL; p++) + EC_POINT_clear_free(*p); + OPENSSL_cleanse(pre->points, sizeof pre->points); + OPENSSL_free(pre->points); + } + OPENSSL_cleanse(pre, sizeof pre); + OPENSSL_free(pre); + } + -/* Determine the width-(w+1) Non-Adjacent Form (wNAF) of 'scalar'. + +/* Determine the modified width-(w+1) Non-Adjacent Form (wNAF) of 'scalar'. * This is an array r[] of values that are either zero or odd with an * absolute value less than 2^w satisfying * scalar = \sum_j r[j]*2^j - * where at most one of any w+1 consecutive digits is non-zero. + * where at most one of any w+1 consecutive digits is non-zero + * with the exception that the most significant digit may be only + * w-1 zeros away from that next non-zero digit. */ -static signed char *compute_wNAF(const BIGNUM *scalar, int w, size_t *ret_len, BN_CTX *ctx) +static signed char *compute_wNAF(const BIGNUM *scalar, int w, size_t *ret_len) { - BIGNUM *c; + int window_val; int ok = 0; signed char *r = NULL; int sign = 1; int bit, next_bit, mask; size_t len = 0, j; - BN_CTX_start(ctx); - c = BN_CTX_get(ctx); - if (c == NULL) goto err; - + if (BN_is_zero(scalar)) + { + r = OPENSSL_malloc(1); + if (!r) + { + ECerr(EC_F_COMPUTE_WNAF, ERR_R_MALLOC_FAILURE); + goto err; + } + r[0] = 0; + *ret_len = 1; + return r; + } + if (w <= 0 || w > 7) /* 'signed char' can represent integers with absolute values less than 2^7 */ { ECerr(EC_F_COMPUTE_WNAF, ERR_R_INTERNAL_ERROR); @@ -96,60 +219,90 @@ static signed char *compute_wNAF(const BIGNUM *scalar, int w, size_t *ret_len, B next_bit = bit << 1; /* at most 256 */ mask = next_bit - 1; /* at most 255 */ - if (!BN_copy(c, scalar)) goto err; - if (c->neg) + if (BN_is_negative(scalar)) { sign = -1; - c->neg = 0; } - len = BN_num_bits(c) + 1; /* wNAF may be one digit longer than binary representation */ - r = OPENSSL_malloc(len); - if (r == NULL) goto err; + len = BN_num_bits(scalar); + r = OPENSSL_malloc(len + 1); /* modified wNAF may be one digit longer than binary representation + * (*ret_len will be set to the actual length, i.e. at most + * BN_num_bits(scalar) + 1) */ + if (r == NULL) + { + ECerr(EC_F_COMPUTE_WNAF, ERR_R_MALLOC_FAILURE); + goto err; + } + if (scalar->d == NULL || scalar->top == 0) + { + ECerr(EC_F_COMPUTE_WNAF, ERR_R_INTERNAL_ERROR); + goto err; + } + window_val = scalar->d[0] & mask; j = 0; - while (!BN_is_zero(c)) + while ((window_val != 0) || (j + w + 1 < len)) /* if j+w+1 >= len, window_val will not increase */ { - int u = 0; + int digit = 0; - if (BN_is_odd(c)) + /* 0 <= window_val <= 2^(w+1) */ + + if (window_val & 1) { - if (c->d == NULL || c->top == 0) + /* 0 < window_val < 2^(w+1) */ + + if (window_val & bit) { - ECerr(EC_F_COMPUTE_WNAF, ERR_R_INTERNAL_ERROR); - goto err; + digit = window_val - next_bit; /* -2^w < digit < 0 */ + +#if 1 /* modified wNAF */ + if (j + w + 1 >= len) + { + /* special case for generating modified wNAFs: + * no new bits will be added into window_val, + * so using a positive digit here will decrease + * the total length of the representation */ + + digit = window_val & (mask >> 1); /* 0 < digit < 2^w */ + } +#endif } - u = c->d[0] & mask; - if (u & bit) + else { - u -= next_bit; - /* u < 0 */ - if (!BN_add_word(c, -u)) goto err; + digit = window_val; /* 0 < digit < 2^w */ } - else + + if (digit <= -bit || digit >= bit || !(digit & 1)) { - /* u > 0 */ - if (!BN_sub_word(c, u)) goto err; + ECerr(EC_F_COMPUTE_WNAF, ERR_R_INTERNAL_ERROR); + goto err; } - if (u <= -bit || u >= bit || !(u & 1) || c->neg) + window_val -= digit; + + /* now window_val is 0 or 2^(w+1) in standard wNAF generation; + * for modified window NAFs, it may also be 2^w + */ + if (window_val != 0 && window_val != next_bit && window_val != bit) { ECerr(EC_F_COMPUTE_WNAF, ERR_R_INTERNAL_ERROR); goto err; } } - r[j++] = sign * u; - - if (BN_is_odd(c)) + r[j++] = sign * digit; + + window_val >>= 1; + window_val += bit * BN_is_bit_set(scalar, j + w); + + if (window_val > next_bit) { ECerr(EC_F_COMPUTE_WNAF, ERR_R_INTERNAL_ERROR); goto err; } - if (!BN_rshift1(c, c)) goto err; } - if (j > len) + if (j > len + 1) { ECerr(EC_F_COMPUTE_WNAF, ERR_R_INTERNAL_ERROR); goto err; @@ -158,7 +311,6 @@ static signed char *compute_wNAF(const BIGNUM *scalar, int w, size_t *ret_len, B ok = 1; err: - BN_CTX_end(ctx); if (!ok) { OPENSSL_free(r); @@ -181,7 +333,7 @@ static signed char *compute_wNAF(const BIGNUM *scalar, int w, size_t *ret_len, B (b) >= 300 ? 4 : \ (b) >= 70 ? 3 : \ (b) >= 20 ? 2 : \ - 1)) + 1)) /* Compute * \sum scalars[i]*points[i], @@ -189,13 +341,15 @@ static signed char *compute_wNAF(const BIGNUM *scalar, int w, size_t *ret_len, B * scalar*generator * in the addition if scalar != NULL */ -int EC_POINTs_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar, +int ec_wNAF_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar, size_t num, const EC_POINT *points[], const BIGNUM *scalars[], BN_CTX *ctx) { BN_CTX *new_ctx = NULL; - EC_POINT *generator = NULL; + const EC_POINT *generator = NULL; EC_POINT *tmp = NULL; size_t totalnum; + size_t blocksize = 0, numblocks = 0; /* for wNAF splitting */ + size_t pre_points_per_block = 0; size_t i, j; int k; int r_is_inverted = 0; @@ -207,12 +361,15 @@ int EC_POINTs_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar, size_t num_val; EC_POINT **val = NULL; /* precomputation */ EC_POINT **v; - EC_POINT ***val_sub = NULL; /* pointers to sub-arrays of 'val' */ + EC_POINT ***val_sub = NULL; /* pointers to sub-arrays of 'val' or 'pre_comp->points' */ + const EC_PRE_COMP *pre_comp = NULL; + int num_scalar = 0; /* flag: will be set to 1 if 'scalar' must be treated like other scalars, + * i.e. precomputation is not available */ int ret = 0; if (group->meth != r->meth) { - ECerr(EC_F_EC_POINTS_MUL, EC_R_INCOMPATIBLE_OBJECTS); + ECerr(EC_F_EC_WNAF_MUL, EC_R_INCOMPATIBLE_OBJECTS); return 0; } @@ -221,59 +378,226 @@ int EC_POINTs_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar, return EC_POINT_set_to_infinity(group, r); } - if (scalar != NULL) + for (i = 0; i < num; i++) { - generator = EC_GROUP_get0_generator(group); - if (generator == NULL) + if (group->meth != points[i]->meth) { - ECerr(EC_F_EC_POINTS_MUL, EC_R_UNDEFINED_GENERATOR); + ECerr(EC_F_EC_WNAF_MUL, EC_R_INCOMPATIBLE_OBJECTS); return 0; } } - - for (i = 0; i < num; i++) + + if (ctx == NULL) { - if (group->meth != points[i]->meth) + ctx = new_ctx = BN_CTX_new(); + if (ctx == NULL) + goto err; + } + + if (scalar != NULL) + { + generator = EC_GROUP_get0_generator(group); + if (generator == NULL) { - ECerr(EC_F_EC_POINTS_MUL, EC_R_INCOMPATIBLE_OBJECTS); - return 0; + ECerr(EC_F_EC_WNAF_MUL, EC_R_UNDEFINED_GENERATOR); + goto err; } - } + + /* look if we can use precomputed multiples of generator */ + + pre_comp = EC_EX_DATA_get_data(group->extra_data, ec_pre_comp_dup, ec_pre_comp_free, ec_pre_comp_clear_free); + + if (pre_comp && pre_comp->numblocks && (EC_POINT_cmp(group, generator, pre_comp->points[0], ctx) == 0)) + { + blocksize = pre_comp->blocksize; - totalnum = num + (scalar != NULL); + /* determine maximum number of blocks that wNAF splitting may yield + * (NB: maximum wNAF length is bit length plus one) */ + numblocks = (BN_num_bits(scalar) / blocksize) + 1; - wsize = OPENSSL_malloc(totalnum * sizeof wsize[0]); + /* we cannot use more blocks than we have precomputation for */ + if (numblocks > pre_comp->numblocks) + numblocks = pre_comp->numblocks; + + pre_points_per_block = 1u << (pre_comp->w - 1); + + /* check that pre_comp looks sane */ + if (pre_comp->num != (pre_comp->numblocks * pre_points_per_block)) + { + ECerr(EC_F_EC_WNAF_MUL, ERR_R_INTERNAL_ERROR); + goto err; + } + } + else + { + /* can't use precomputation */ + pre_comp = NULL; + numblocks = 1; + num_scalar = 1; /* treat 'scalar' like 'num'-th element of 'scalars' */ + } + } + + totalnum = num + numblocks; + + wsize = OPENSSL_malloc(totalnum * sizeof wsize[0]); wNAF_len = OPENSSL_malloc(totalnum * sizeof wNAF_len[0]); - wNAF = OPENSSL_malloc((totalnum + 1) * sizeof wNAF[0]); - if (wNAF != NULL) + wNAF = OPENSSL_malloc((totalnum + 1) * sizeof wNAF[0]); /* includes space for pivot */ + val_sub = OPENSSL_malloc(totalnum * sizeof val_sub[0]); + + if (!wsize || !wNAF_len || !wNAF || !val_sub) { - wNAF[0] = NULL; /* preliminary pivot */ + ECerr(EC_F_EC_WNAF_MUL, ERR_R_MALLOC_FAILURE); + goto err; } - if (wsize == NULL || wNAF_len == NULL || wNAF == NULL) goto err; - /* num_val := total number of points to precompute */ + wNAF[0] = NULL; /* preliminary pivot */ + + /* num_val will be the total number of temporarily precomputed points */ num_val = 0; - for (i = 0; i < totalnum; i++) + + for (i = 0; i < num + num_scalar; i++) { size_t bits; bits = i < num ? BN_num_bits(scalars[i]) : BN_num_bits(scalar); wsize[i] = EC_window_bits_for_scalar_size(bits); num_val += 1u << (wsize[i] - 1); + wNAF[i + 1] = NULL; /* make sure we always have a pivot */ + wNAF[i] = compute_wNAF((i < num ? scalars[i] : scalar), wsize[i], &wNAF_len[i]); + if (wNAF[i] == NULL) + goto err; + if (wNAF_len[i] > max_len) + max_len = wNAF_len[i]; + } + + if (numblocks) + { + /* we go here iff scalar != NULL */ + + if (pre_comp == NULL) + { + if (num_scalar != 1) + { + ECerr(EC_F_EC_WNAF_MUL, ERR_R_INTERNAL_ERROR); + goto err; + } + /* we have already generated a wNAF for 'scalar' */ + } + else + { + signed char *tmp_wNAF = NULL; + size_t tmp_len = 0; + + if (num_scalar != 0) + { + ECerr(EC_F_EC_WNAF_MUL, ERR_R_INTERNAL_ERROR); + goto err; + } + + /* use the window size for which we have precomputation */ + wsize[num] = pre_comp->w; + tmp_wNAF = compute_wNAF(scalar, wsize[num], &tmp_len); + if (!tmp_wNAF) + goto err; + + if (tmp_len <= max_len) + { + /* One of the other wNAFs is at least as long + * as the wNAF belonging to the generator, + * so wNAF splitting will not buy us anything. */ + + numblocks = 1; + totalnum = num + 1; /* don't use wNAF splitting */ + wNAF[num] = tmp_wNAF; + wNAF[num + 1] = NULL; + wNAF_len[num] = tmp_len; + if (tmp_len > max_len) + max_len = tmp_len; + /* pre_comp->points starts with the points that we need here: */ + val_sub[num] = pre_comp->points; + } + else + { + /* don't include tmp_wNAF directly into wNAF array + * - use wNAF splitting and include the blocks */ + + signed char *pp; + EC_POINT **tmp_points; + + if (tmp_len < numblocks * blocksize) + { + /* possibly we can do with fewer blocks than estimated */ + numblocks = (tmp_len + blocksize - 1) / blocksize; + if (numblocks > pre_comp->numblocks) + { + ECerr(EC_F_EC_WNAF_MUL, ERR_R_INTERNAL_ERROR); + goto err; + } + totalnum = num + numblocks; + } + + /* split wNAF in 'numblocks' parts */ + pp = tmp_wNAF; + tmp_points = pre_comp->points; + + for (i = num; i < totalnum; i++) + { + if (i < totalnum - 1) + { + wNAF_len[i] = blocksize; + if (tmp_len < blocksize) + { + ECerr(EC_F_EC_WNAF_MUL, ERR_R_INTERNAL_ERROR); + goto err; + } + tmp_len -= blocksize; + } + else + /* last block gets whatever is left + * (this could be more or less than 'blocksize'!) */ + wNAF_len[i] = tmp_len; + + wNAF[i + 1] = NULL; + wNAF[i] = OPENSSL_malloc(wNAF_len[i]); + if (wNAF[i] == NULL) + { + ECerr(EC_F_EC_WNAF_MUL, ERR_R_MALLOC_FAILURE); + OPENSSL_free(tmp_wNAF); + goto err; + } + memcpy(wNAF[i], pp, wNAF_len[i]); + if (wNAF_len[i] > max_len) + max_len = wNAF_len[i]; + + if (*tmp_points == NULL) + { + ECerr(EC_F_EC_WNAF_MUL, ERR_R_INTERNAL_ERROR); + OPENSSL_free(tmp_wNAF); + goto err; + } + val_sub[i] = tmp_points; + tmp_points += pre_points_per_block; + pp += blocksize; + } + OPENSSL_free(tmp_wNAF); + } + } } - /* all precomputed points go into a single array 'val', - * 'val_sub[i]' is a pointer to the subarray for the i-th point */ + /* All points we precompute now go into a single array 'val'. + * 'val_sub[i]' is a pointer to the subarray for the i-th point, + * or to a subarray of 'pre_comp->points' if we already have precomputation. */ val = OPENSSL_malloc((num_val + 1) * sizeof val[0]); - if (val == NULL) goto err; + if (val == NULL) + { + ECerr(EC_F_EC_WNAF_MUL, ERR_R_MALLOC_FAILURE); + goto err; + } val[num_val] = NULL; /* pivot element */ - val_sub = OPENSSL_malloc(totalnum * sizeof val_sub[0]); - if (val_sub == NULL) goto err; - /* allocate points for precomputation */ v = val; - for (i = 0; i < totalnum; i++) + for (i = 0; i < num + num_scalar; i++) { val_sub[i] = v; for (j = 0; j < (1u << (wsize[i] - 1)); j++) @@ -285,19 +609,12 @@ int EC_POINTs_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar, } if (!(v == val + num_val)) { - ECerr(EC_F_EC_POINTS_MUL, ERR_R_INTERNAL_ERROR); + ECerr(EC_F_EC_WNAF_MUL, ERR_R_INTERNAL_ERROR); goto err; } - if (ctx == NULL) - { - ctx = new_ctx = BN_CTX_new(); - if (ctx == NULL) - goto err; - } - - tmp = EC_POINT_new(group); - if (tmp == NULL) goto err; + if (!(tmp = EC_POINT_new(group))) + goto err; /* prepare precomputed values: * val_sub[i][0] := points[i] @@ -305,7 +622,7 @@ int EC_POINTs_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar, * val_sub[i][2] := 5 * points[i] * ... */ - for (i = 0; i < totalnum; i++) + for (i = 0; i < num + num_scalar; i++) { if (i < num) { @@ -324,16 +641,11 @@ int EC_POINTs_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar, if (!EC_POINT_add(group, val_sub[i][j], val_sub[i][j - 1], tmp, ctx)) goto err; } } - - wNAF[i + 1] = NULL; /* make sure we always have a pivot */ - wNAF[i] = compute_wNAF((i < num ? scalars[i] : scalar), wsize[i], &wNAF_len[i], ctx); - if (wNAF[i] == NULL) goto err; - if (wNAF_len[i] > max_len) - max_len = wNAF_len[i]; } #if 1 /* optional; EC_window_bits_for_scalar_size assumes we do this step */ - if (!EC_POINTs_make_affine(group, num_val, val, ctx)) goto err; + if (!EC_POINTs_make_affine(group, num_val, val, ctx)) + goto err; #endif r_is_at_infinity = 1; @@ -429,57 +741,198 @@ int EC_POINTs_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar, } -int EC_POINT_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *g_scalar, const EC_POINT *point, const BIGNUM *p_scalar, BN_CTX *ctx) - { - const EC_POINT *points[1]; - const BIGNUM *scalars[1]; - - points[0] = point; - scalars[0] = p_scalar; - - return EC_POINTs_mul(group, r, g_scalar, (point != NULL && p_scalar != NULL), points, scalars, ctx); - } - - -int EC_GROUP_precompute_mult(EC_GROUP *group, BN_CTX *ctx) +/* ec_wNAF_precompute_mult() + * creates an EC_PRE_COMP object with preprecomputed multiples of the generator + * for use with wNAF splitting as implemented in ec_wNAF_mul(). + * + * 'pre_comp->points' is an array of multiples of the generator + * of the following form: + * points[0] = generator; + * points[1] = 3 * generator; + * ... + * points[2^(w-1)-1] = (2^(w-1)-1) * generator; + * points[2^(w-1)] = 2^blocksize * generator; + * points[2^(w-1)+1] = 3 * 2^blocksize * generator; + * ... + * points[2^(w-1)*(numblocks-1)-1] = (2^(w-1)) * 2^(blocksize*(numblocks-2)) * generator + * points[2^(w-1)*(numblocks-1)] = 2^(blocksize*(numblocks-1)) * generator + * ... + * points[2^(w-1)*numblocks-1] = (2^(w-1)) * 2^(blocksize*(numblocks-1)) * generator + * points[2^(w-1)*numblocks] = NULL + */ +int ec_wNAF_precompute_mult(EC_GROUP *group, BN_CTX *ctx) { const EC_POINT *generator; + EC_POINT *tmp_point = NULL, *base = NULL, **var; BN_CTX *new_ctx = NULL; BIGNUM *order; + size_t i, bits, w, pre_points_per_block, blocksize, numblocks, num; + EC_POINT **points = NULL; + EC_PRE_COMP *pre_comp; int ret = 0; + /* if there is an old EC_PRE_COMP object, throw it away */ + EC_EX_DATA_free_data(&group->extra_data, ec_pre_comp_dup, ec_pre_comp_free, ec_pre_comp_clear_free); + + if ((pre_comp = ec_pre_comp_new(group)) == NULL) + return 0; + generator = EC_GROUP_get0_generator(group); if (generator == NULL) { - ECerr(EC_F_EC_GROUP_PRECOMPUTE_MULT, EC_R_UNDEFINED_GENERATOR); - return 0; + ECerr(EC_F_EC_WNAF_PRECOMPUTE_MULT, EC_R_UNDEFINED_GENERATOR); + goto err; } if (ctx == NULL) { ctx = new_ctx = BN_CTX_new(); if (ctx == NULL) - return 0; + goto err; } BN_CTX_start(ctx); order = BN_CTX_get(ctx); if (order == NULL) goto err; - if (!EC_GROUP_get_order(group, order, ctx)) return 0; + if (!EC_GROUP_get_order(group, order, ctx)) goto err; if (BN_is_zero(order)) { - ECerr(EC_F_EC_GROUP_PRECOMPUTE_MULT, EC_R_UNKNOWN_ORDER); + ECerr(EC_F_EC_WNAF_PRECOMPUTE_MULT, EC_R_UNKNOWN_ORDER); goto err; } - /* TODO */ + bits = BN_num_bits(order); + /* The following parameters mean we precompute (approximately) + * one point per bit. + * + * TBD: The combination 8, 4 is perfect for 160 bits; for other + * bit lengths, other parameter combinations might provide better + * efficiency. + */ + blocksize = 8; + w = 4; + if (EC_window_bits_for_scalar_size(bits) > w) + { + /* let's not make the window too small ... */ + w = EC_window_bits_for_scalar_size(bits); + } + + numblocks = (bits + blocksize - 1) / blocksize; /* max. number of blocks to use for wNAF splitting */ + + pre_points_per_block = 1u << (w - 1); + num = pre_points_per_block * numblocks; /* number of points to compute and store */ - ret = 1; + points = OPENSSL_malloc(sizeof (EC_POINT*)*(num + 1)); + if (!points) + { + ECerr(EC_F_EC_WNAF_PRECOMPUTE_MULT, ERR_R_MALLOC_FAILURE); + goto err; + } + + var = points; + var[num] = NULL; /* pivot */ + for (i = 0; i < num; i++) + { + if ((var[i] = EC_POINT_new(group)) == NULL) + { + ECerr(EC_F_EC_WNAF_PRECOMPUTE_MULT, ERR_R_MALLOC_FAILURE); + goto err; + } + } + + if (!(tmp_point = EC_POINT_new(group)) || !(base = EC_POINT_new(group))) + { + ECerr(EC_F_EC_WNAF_PRECOMPUTE_MULT, ERR_R_MALLOC_FAILURE); + goto err; + } + + if (!EC_POINT_copy(base, generator)) + goto err; + + /* do the precomputation */ + for (i = 0; i < numblocks; i++) + { + size_t j; + + if (!EC_POINT_dbl(group, tmp_point, base, ctx)) + goto err; + + if (!EC_POINT_copy(*var++, base)) + goto err; + + for (j = 1; j < pre_points_per_block; j++, var++) + { + /* calculate odd multiples of the current base point */ + if (!EC_POINT_add(group, *var, tmp_point, *(var - 1), ctx)) + goto err; + } + + if (i < numblocks - 1) + { + /* get the next base (multiply current one by 2^blocksize) */ + size_t k; + + if (blocksize <= 2) + { + ECerr(EC_F_EC_WNAF_PRECOMPUTE_MULT, ERR_R_INTERNAL_ERROR); + goto err; + } + + if (!EC_POINT_dbl(group, base, tmp_point, ctx)) + goto err; + for (k = 2; k < blocksize; k++) + { + if (!EC_POINT_dbl(group,base,base,ctx)) + goto err; + } + } + } + + if (!EC_POINTs_make_affine(group, num, points, ctx)) + goto err; + pre_comp->group = group; + pre_comp->blocksize = blocksize; + pre_comp->numblocks = numblocks; + pre_comp->w = w; + pre_comp->points = points; + points = NULL; + pre_comp->num = num; + + if (!EC_EX_DATA_set_data(&group->extra_data, pre_comp, + ec_pre_comp_dup, ec_pre_comp_free, ec_pre_comp_clear_free)) + goto err; + pre_comp = NULL; + + ret = 1; err: - BN_CTX_end(ctx); + if (ctx != NULL) + BN_CTX_end(ctx); if (new_ctx != NULL) BN_CTX_free(new_ctx); + if (pre_comp) + ec_pre_comp_free(pre_comp); + if (points) + { + EC_POINT **p; + + for (p = points; *p != NULL; p++) + EC_POINT_free(*p); + OPENSSL_free(points); + } + if (tmp_point) + EC_POINT_free(tmp_point); + if (base) + EC_POINT_free(base); return ret; } + + +int ec_wNAF_have_precompute_mult(const EC_GROUP *group) + { + if (EC_EX_DATA_get_data(group->extra_data, ec_pre_comp_dup, ec_pre_comp_free, ec_pre_comp_clear_free) != NULL) + return 1; + else + return 0; + } diff --git a/src/lib/libssl/src/crypto/ec/ecp_mont.c b/src/lib/libssl/src/crypto/ec/ecp_mont.c index 7b30d4c38a..9fc4a466a5 100644 --- a/src/lib/libssl/src/crypto/ec/ecp_mont.c +++ b/src/lib/libssl/src/crypto/ec/ecp_mont.c @@ -1,4 +1,7 @@ /* crypto/ec/ecp_mont.c */ +/* + * Originally written by Bodo Moeller for the OpenSSL project. + */ /* ==================================================================== * Copyright (c) 1998-2001 The OpenSSL Project. All rights reserved. * @@ -52,6 +55,11 @@ * Hudson (tjh@cryptsoft.com). * */ +/* ==================================================================== + * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. + * Portions of this software developed by SUN MICROSYSTEMS, INC., + * and contributed to the OpenSSL project. + */ #include @@ -61,16 +69,15 @@ const EC_METHOD *EC_GFp_mont_method(void) { static const EC_METHOD ret = { + NID_X9_62_prime_field, ec_GFp_mont_group_init, ec_GFp_mont_group_finish, ec_GFp_mont_group_clear_finish, ec_GFp_mont_group_copy, - ec_GFp_mont_group_set_curve_GFp, - ec_GFp_simple_group_get_curve_GFp, - ec_GFp_simple_group_set_generator, - ec_GFp_simple_group_get0_generator, - ec_GFp_simple_group_get_order, - ec_GFp_simple_group_get_cofactor, + ec_GFp_mont_group_set_curve, + ec_GFp_simple_group_get_curve, + ec_GFp_simple_group_get_degree, + ec_GFp_simple_group_check_discriminant, ec_GFp_simple_point_init, ec_GFp_simple_point_finish, ec_GFp_simple_point_clear_finish, @@ -78,9 +85,9 @@ const EC_METHOD *EC_GFp_mont_method(void) ec_GFp_simple_point_set_to_infinity, ec_GFp_simple_set_Jprojective_coordinates_GFp, ec_GFp_simple_get_Jprojective_coordinates_GFp, - ec_GFp_simple_point_set_affine_coordinates_GFp, - ec_GFp_simple_point_get_affine_coordinates_GFp, - ec_GFp_simple_set_compressed_coordinates_GFp, + ec_GFp_simple_point_set_affine_coordinates, + ec_GFp_simple_point_get_affine_coordinates, + ec_GFp_simple_set_compressed_coordinates, ec_GFp_simple_point2oct, ec_GFp_simple_oct2point, ec_GFp_simple_add, @@ -91,8 +98,12 @@ const EC_METHOD *EC_GFp_mont_method(void) ec_GFp_simple_cmp, ec_GFp_simple_make_affine, ec_GFp_simple_points_make_affine, + 0 /* mul */, + 0 /* precompute_mult */, + 0 /* have_precompute_mult */, ec_GFp_mont_field_mul, ec_GFp_mont_field_sqr, + 0 /* field_div */, ec_GFp_mont_field_encode, ec_GFp_mont_field_decode, ec_GFp_mont_field_set_to_one }; @@ -112,66 +123,6 @@ int ec_GFp_mont_group_init(EC_GROUP *group) } -int ec_GFp_mont_group_set_curve_GFp(EC_GROUP *group, const BIGNUM *p, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx) - { - BN_CTX *new_ctx = NULL; - BN_MONT_CTX *mont = NULL; - BIGNUM *one = NULL; - int ret = 0; - - if (group->field_data1 != NULL) - { - BN_MONT_CTX_free(group->field_data1); - group->field_data1 = NULL; - } - if (group->field_data2 != NULL) - { - BN_free(group->field_data2); - group->field_data2 = NULL; - } - - if (ctx == NULL) - { - ctx = new_ctx = BN_CTX_new(); - if (ctx == NULL) - return 0; - } - - mont = BN_MONT_CTX_new(); - if (mont == NULL) goto err; - if (!BN_MONT_CTX_set(mont, p, ctx)) - { - ECerr(EC_F_GFP_MONT_GROUP_SET_CURVE_GFP, ERR_R_BN_LIB); - goto err; - } - one = BN_new(); - if (one == NULL) goto err; - if (!BN_to_montgomery(one, BN_value_one(), mont, ctx)) goto err; - - group->field_data1 = mont; - mont = NULL; - group->field_data2 = one; - one = NULL; - - ret = ec_GFp_simple_group_set_curve_GFp(group, p, a, b, ctx); - - if (!ret) - { - BN_MONT_CTX_free(group->field_data1); - group->field_data1 = NULL; - BN_free(group->field_data2); - group->field_data2 = NULL; - } - - err: - if (new_ctx != NULL) - BN_CTX_free(new_ctx); - if (mont != NULL) - BN_MONT_CTX_free(mont); - return ret; - } - - void ec_GFp_mont_group_finish(EC_GROUP *group) { if (group->field_data1 != NULL) @@ -243,6 +194,66 @@ int ec_GFp_mont_group_copy(EC_GROUP *dest, const EC_GROUP *src) } +int ec_GFp_mont_group_set_curve(EC_GROUP *group, const BIGNUM *p, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx) + { + BN_CTX *new_ctx = NULL; + BN_MONT_CTX *mont = NULL; + BIGNUM *one = NULL; + int ret = 0; + + if (group->field_data1 != NULL) + { + BN_MONT_CTX_free(group->field_data1); + group->field_data1 = NULL; + } + if (group->field_data2 != NULL) + { + BN_free(group->field_data2); + group->field_data2 = NULL; + } + + if (ctx == NULL) + { + ctx = new_ctx = BN_CTX_new(); + if (ctx == NULL) + return 0; + } + + mont = BN_MONT_CTX_new(); + if (mont == NULL) goto err; + if (!BN_MONT_CTX_set(mont, p, ctx)) + { + ECerr(EC_F_EC_GFP_MONT_GROUP_SET_CURVE, ERR_R_BN_LIB); + goto err; + } + one = BN_new(); + if (one == NULL) goto err; + if (!BN_to_montgomery(one, BN_value_one(), mont, ctx)) goto err; + + group->field_data1 = mont; + mont = NULL; + group->field_data2 = one; + one = NULL; + + ret = ec_GFp_simple_group_set_curve(group, p, a, b, ctx); + + if (!ret) + { + BN_MONT_CTX_free(group->field_data1); + group->field_data1 = NULL; + BN_free(group->field_data2); + group->field_data2 = NULL; + } + + err: + if (new_ctx != NULL) + BN_CTX_free(new_ctx); + if (mont != NULL) + BN_MONT_CTX_free(mont); + return ret; + } + + int ec_GFp_mont_field_mul(const EC_GROUP *group, BIGNUM *r, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx) { if (group->field_data1 == NULL) @@ -295,7 +306,7 @@ int ec_GFp_mont_field_set_to_one(const EC_GROUP *group, BIGNUM *r, BN_CTX *ctx) { if (group->field_data2 == NULL) { - ECerr(EC_F_EC_GFP_MONT_FIELD_DECODE, EC_R_NOT_INITIALIZED); + ECerr(EC_F_EC_GFP_MONT_FIELD_SET_TO_ONE, EC_R_NOT_INITIALIZED); return 0; } diff --git a/src/lib/libssl/src/crypto/ec/ecp_nist.c b/src/lib/libssl/src/crypto/ec/ecp_nist.c index ed07748675..71893d5eab 100644 --- a/src/lib/libssl/src/crypto/ec/ecp_nist.c +++ b/src/lib/libssl/src/crypto/ec/ecp_nist.c @@ -1,6 +1,9 @@ /* crypto/ec/ecp_nist.c */ +/* + * Written by Nils Larsch for the OpenSSL project. + */ /* ==================================================================== - * Copyright (c) 1998-2001 The OpenSSL Project. All rights reserved. + * Copyright (c) 1998-2003 The OpenSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -52,23 +55,30 @@ * Hudson (tjh@cryptsoft.com). * */ +/* ==================================================================== + * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. + * Portions of this software developed by SUN MICROSYSTEMS, INC., + * and contributed to the OpenSSL project. + */ +#include + +#include +#include #include "ec_lcl.h" -#if 0 const EC_METHOD *EC_GFp_nist_method(void) { static const EC_METHOD ret = { - ec_GFp_nist_group_init, - ec_GFp_nist_group_finish, - ec_GFp_nist_group_clear_finish, + NID_X9_62_prime_field, + ec_GFp_simple_group_init, + ec_GFp_simple_group_finish, + ec_GFp_simple_group_clear_finish, ec_GFp_nist_group_copy, - ec_GFp_nist_group_set_curve_GFp, - ec_GFp_simple_group_get_curve_GFp, - ec_GFp_simple_group_set_generator, - ec_GFp_simple_group_get0_generator, - ec_GFp_simple_group_get_order, - ec_GFp_simple_group_get_cofactor, + ec_GFp_nist_group_set_curve, + ec_GFp_simple_group_get_curve, + ec_GFp_simple_group_get_degree, + ec_GFp_simple_group_check_discriminant, ec_GFp_simple_point_init, ec_GFp_simple_point_finish, ec_GFp_simple_point_clear_finish, @@ -76,9 +86,9 @@ const EC_METHOD *EC_GFp_nist_method(void) ec_GFp_simple_point_set_to_infinity, ec_GFp_simple_set_Jprojective_coordinates_GFp, ec_GFp_simple_get_Jprojective_coordinates_GFp, - ec_GFp_simple_point_set_affine_coordinates_GFp, - ec_GFp_simple_point_get_affine_coordinates_GFp, - ec_GFp_simple_set_compressed_coordinates_GFp, + ec_GFp_simple_point_set_affine_coordinates, + ec_GFp_simple_point_get_affine_coordinates, + ec_GFp_simple_set_compressed_coordinates, ec_GFp_simple_point2oct, ec_GFp_simple_oct2point, ec_GFp_simple_add, @@ -89,46 +99,138 @@ const EC_METHOD *EC_GFp_nist_method(void) ec_GFp_simple_cmp, ec_GFp_simple_make_affine, ec_GFp_simple_points_make_affine, + 0 /* mul */, + 0 /* precompute_mult */, + 0 /* have_precompute_mult */, ec_GFp_nist_field_mul, ec_GFp_nist_field_sqr, + 0 /* field_div */, 0 /* field_encode */, 0 /* field_decode */, 0 /* field_set_to_one */ }; return &ret; } -#endif +#if BN_BITS2 == 64 +#define NO_32_BIT_TYPE +#endif -int ec_GFp_nist_group_init(EC_GROUP *group) +int ec_GFp_nist_group_copy(EC_GROUP *dest, const EC_GROUP *src) { - int ok; + dest->field_mod_func = src->field_mod_func; - ok = ec_GFp_simple_group_init(group); - group->field_data1 = NULL; - return ok; + return ec_GFp_simple_group_copy(dest, src); } - -int ec_GFp_nist_group_set_curve_GFp(EC_GROUP *group, const BIGNUM *p, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx); -/* TODO */ - - -void ec_GFp_nist_group_finish(EC_GROUP *group); -/* TODO */ - - -void ec_GFp_nist_group_clear_finish(EC_GROUP *group); -/* TODO */ - - -int ec_GFp_nist_group_copy(EC_GROUP *dest, const EC_GROUP *src); -/* TODO */ +int ec_GFp_nist_group_set_curve(EC_GROUP *group, const BIGNUM *p, + const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx) + { + int ret = 0; + BN_CTX *new_ctx = NULL; + BIGNUM *tmp_bn; + + if (ctx == NULL) + if ((ctx = new_ctx = BN_CTX_new()) == NULL) return 0; + + BN_CTX_start(ctx); + if ((tmp_bn = BN_CTX_get(ctx)) == NULL) goto err; + + if (BN_ucmp(BN_get0_nist_prime_192(), p) == 0) + group->field_mod_func = BN_nist_mod_192; + else if (BN_ucmp(BN_get0_nist_prime_224(), p) == 0) + { +#ifndef NO_32_BIT_TYPE + group->field_mod_func = BN_nist_mod_224; +#else + ECerr(EC_F_EC_GFP_NIST_GROUP_SET_CURVE, EC_R_NOT_A_SUPPORTED_NIST_PRIME); + goto err; +#endif + } + else if (BN_ucmp(BN_get0_nist_prime_256(), p) == 0) + { +#ifndef NO_32_BIT_TYPE + group->field_mod_func = BN_nist_mod_256; +#else + ECerr(EC_F_EC_GFP_NIST_GROUP_SET_CURVE, EC_R_NOT_A_SUPPORTED_NIST_PRIME); + goto err; +#endif + } + else if (BN_ucmp(BN_get0_nist_prime_384(), p) == 0) + { +#ifndef NO_32_BIT_TYPE + group->field_mod_func = BN_nist_mod_384; +#else + ECerr(EC_F_EC_GFP_NIST_GROUP_SET_CURVE, EC_R_NOT_A_SUPPORTED_NIST_PRIME); + goto err; +#endif + } + else if (BN_ucmp(BN_get0_nist_prime_521(), p) == 0) + /* this one works in the NO_32_BIT_TYPE case */ + group->field_mod_func = BN_nist_mod_521; + else + { + ECerr(EC_F_EC_GFP_NIST_GROUP_SET_CURVE, EC_R_NOT_A_NIST_PRIME); + goto err; + } + + ret = ec_GFp_simple_group_set_curve(group, p, a, b, ctx); + + err: + BN_CTX_end(ctx); + if (new_ctx != NULL) + BN_CTX_free(new_ctx); + return ret; + } -int ec_GFp_nist_field_mul(const EC_GROUP *group, BIGNUM *r, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx); -/* TODO */ +int ec_GFp_nist_field_mul(const EC_GROUP *group, BIGNUM *r, const BIGNUM *a, + const BIGNUM *b, BN_CTX *ctx) + { + int ret=0; + BN_CTX *ctx_new=NULL; + + if (!group || !r || !a || !b) + { + ECerr(EC_F_EC_GFP_NIST_FIELD_MUL, ERR_R_PASSED_NULL_PARAMETER); + goto err; + } + if (!ctx) + if ((ctx_new = ctx = BN_CTX_new()) == NULL) goto err; + + if (!BN_mul(r, a, b, ctx)) goto err; + if (!group->field_mod_func(r, r, &group->field, ctx)) + goto err; + + ret=1; +err: + if (ctx_new) + BN_CTX_free(ctx_new); + return ret; + } -int ec_GFp_nist_field_sqr(const EC_GROUP *group, BIGNUM *r, const BIGNUM *a, BN_CTX *ctx); -/* TODO */ +int ec_GFp_nist_field_sqr(const EC_GROUP *group, BIGNUM *r, const BIGNUM *a, + BN_CTX *ctx) + { + int ret=0; + BN_CTX *ctx_new=NULL; + + if (!group || !r || !a) + { + ECerr(EC_F_EC_GFP_NIST_FIELD_SQR, EC_R_PASSED_NULL_PARAMETER); + goto err; + } + if (!ctx) + if ((ctx_new = ctx = BN_CTX_new()) == NULL) goto err; + + if (!BN_sqr(r, a, ctx)) goto err; + if (!group->field_mod_func(r, r, &group->field, ctx)) + goto err; + + ret=1; +err: + if (ctx_new) + BN_CTX_free(ctx_new); + return ret; + } diff --git a/src/lib/libssl/src/crypto/ec/ecp_smpl.c b/src/lib/libssl/src/crypto/ec/ecp_smpl.c index e9a51fb87a..4d26f8bdf6 100644 --- a/src/lib/libssl/src/crypto/ec/ecp_smpl.c +++ b/src/lib/libssl/src/crypto/ec/ecp_smpl.c @@ -1,8 +1,10 @@ /* crypto/ec/ecp_smpl.c */ /* Includes code written by Lenka Fibikova - * for the OpenSSL project. */ + * for the OpenSSL project. + * Includes code written by Bodo Moeller for the OpenSSL project. +*/ /* ==================================================================== - * Copyright (c) 1998-2001 The OpenSSL Project. All rights reserved. + * Copyright (c) 1998-2002 The OpenSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -54,25 +56,29 @@ * Hudson (tjh@cryptsoft.com). * */ +/* ==================================================================== + * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. + * Portions of this software developed by SUN MICROSYSTEMS, INC., + * and contributed to the OpenSSL project. + */ #include +#include #include "ec_lcl.h" - const EC_METHOD *EC_GFp_simple_method(void) { static const EC_METHOD ret = { + NID_X9_62_prime_field, ec_GFp_simple_group_init, ec_GFp_simple_group_finish, ec_GFp_simple_group_clear_finish, ec_GFp_simple_group_copy, - ec_GFp_simple_group_set_curve_GFp, - ec_GFp_simple_group_get_curve_GFp, - ec_GFp_simple_group_set_generator, - ec_GFp_simple_group_get0_generator, - ec_GFp_simple_group_get_order, - ec_GFp_simple_group_get_cofactor, + ec_GFp_simple_group_set_curve, + ec_GFp_simple_group_get_curve, + ec_GFp_simple_group_get_degree, + ec_GFp_simple_group_check_discriminant, ec_GFp_simple_point_init, ec_GFp_simple_point_finish, ec_GFp_simple_point_clear_finish, @@ -80,9 +86,9 @@ const EC_METHOD *EC_GFp_simple_method(void) ec_GFp_simple_point_set_to_infinity, ec_GFp_simple_set_Jprojective_coordinates_GFp, ec_GFp_simple_get_Jprojective_coordinates_GFp, - ec_GFp_simple_point_set_affine_coordinates_GFp, - ec_GFp_simple_point_get_affine_coordinates_GFp, - ec_GFp_simple_set_compressed_coordinates_GFp, + ec_GFp_simple_point_set_affine_coordinates, + ec_GFp_simple_point_get_affine_coordinates, + ec_GFp_simple_set_compressed_coordinates, ec_GFp_simple_point2oct, ec_GFp_simple_oct2point, ec_GFp_simple_add, @@ -93,8 +99,12 @@ const EC_METHOD *EC_GFp_simple_method(void) ec_GFp_simple_cmp, ec_GFp_simple_make_affine, ec_GFp_simple_points_make_affine, + 0 /* mul */, + 0 /* precompute_mult */, + 0 /* have_precompute_mult */, ec_GFp_simple_field_mul, ec_GFp_simple_field_sqr, + 0 /* field_div */, 0 /* field_encode */, 0 /* field_decode */, 0 /* field_set_to_one */ }; @@ -103,15 +113,26 @@ const EC_METHOD *EC_GFp_simple_method(void) } +/* Most method functions in this file are designed to work with + * non-trivial representations of field elements if necessary + * (see ecp_mont.c): while standard modular addition and subtraction + * are used, the field_mul and field_sqr methods will be used for + * multiplication, and field_encode and field_decode (if defined) + * will be used for converting between representations. + + * Functions ec_GFp_simple_points_make_affine() and + * ec_GFp_simple_point_get_affine_coordinates() specifically assume + * that if a non-trivial representation is used, it is a Montgomery + * representation (i.e. 'encoding' means multiplying by some factor R). + */ + + int ec_GFp_simple_group_init(EC_GROUP *group) { BN_init(&group->field); BN_init(&group->a); BN_init(&group->b); group->a_is_minus3 = 0; - group->generator = NULL; - BN_init(&group->order); - BN_init(&group->cofactor); return 1; } @@ -121,10 +142,6 @@ void ec_GFp_simple_group_finish(EC_GROUP *group) BN_free(&group->field); BN_free(&group->a); BN_free(&group->b); - if (group->generator != NULL) - EC_POINT_free(group->generator); - BN_free(&group->order); - BN_free(&group->cofactor); } @@ -133,13 +150,6 @@ void ec_GFp_simple_group_clear_finish(EC_GROUP *group) BN_clear_free(&group->field); BN_clear_free(&group->a); BN_clear_free(&group->b); - if (group->generator != NULL) - { - EC_POINT_clear_free(group->generator); - group->generator = NULL; - } - BN_clear_free(&group->order); - BN_clear_free(&group->cofactor); } @@ -151,33 +161,11 @@ int ec_GFp_simple_group_copy(EC_GROUP *dest, const EC_GROUP *src) dest->a_is_minus3 = src->a_is_minus3; - if (src->generator != NULL) - { - if (dest->generator == NULL) - { - dest->generator = EC_POINT_new(dest); - if (dest->generator == NULL) return 0; - } - if (!EC_POINT_copy(dest->generator, src->generator)) return 0; - } - else - { - /* src->generator == NULL */ - if (dest->generator != NULL) - { - EC_POINT_clear_free(dest->generator); - dest->generator = NULL; - } - } - - if (!BN_copy(&dest->order, &src->order)) return 0; - if (!BN_copy(&dest->cofactor, &src->cofactor)) return 0; - return 1; } -int ec_GFp_simple_group_set_curve_GFp(EC_GROUP *group, +int ec_GFp_simple_group_set_curve(EC_GROUP *group, const BIGNUM *p, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx) { int ret = 0; @@ -187,7 +175,7 @@ int ec_GFp_simple_group_set_curve_GFp(EC_GROUP *group, /* p must be a prime > 3 */ if (BN_num_bits(p) <= 2 || !BN_is_odd(p)) { - ECerr(EC_F_EC_GFP_SIMPLE_GROUP_SET_CURVE_GFP, EC_R_INVALID_FIELD); + ECerr(EC_F_EC_GFP_SIMPLE_GROUP_SET_CURVE, EC_R_INVALID_FIELD); return 0; } @@ -204,7 +192,7 @@ int ec_GFp_simple_group_set_curve_GFp(EC_GROUP *group, /* group->field */ if (!BN_copy(&group->field, p)) goto err; - group->field.neg = 0; + BN_set_negative(&group->field, 0); /* group->a */ if (!BN_nnmod(tmp_a, a, p, ctx)) goto err; @@ -232,7 +220,7 @@ int ec_GFp_simple_group_set_curve_GFp(EC_GROUP *group, } -int ec_GFp_simple_group_get_curve_GFp(const EC_GROUP *group, BIGNUM *p, BIGNUM *a, BIGNUM *b, BN_CTX *ctx) +int ec_GFp_simple_group_get_curve(const EC_GROUP *group, BIGNUM *p, BIGNUM *a, BIGNUM *b, BN_CTX *ctx) { int ret = 0; BN_CTX *new_ctx = NULL; @@ -283,58 +271,76 @@ int ec_GFp_simple_group_get_curve_GFp(const EC_GROUP *group, BIGNUM *p, BIGNUM * } +int ec_GFp_simple_group_get_degree(const EC_GROUP *group) + { + return BN_num_bits(&group->field); + } + -int ec_GFp_simple_group_set_generator(EC_GROUP *group, const EC_POINT *generator, - const BIGNUM *order, const BIGNUM *cofactor) +int ec_GFp_simple_group_check_discriminant(const EC_GROUP *group, BN_CTX *ctx) { - if (generator == NULL) + int ret = 0; + BIGNUM *a,*b,*order,*tmp_1,*tmp_2; + const BIGNUM *p = &group->field; + BN_CTX *new_ctx = NULL; + + if (ctx == NULL) { - ECerr(EC_F_EC_GFP_SIMPLE_GROUP_SET_GENERATOR, ERR_R_PASSED_NULL_PARAMETER); - return 0 ; + ctx = new_ctx = BN_CTX_new(); + if (ctx == NULL) + { + ECerr(EC_F_EC_GFP_SIMPLE_GROUP_CHECK_DISCRIMINANT, ERR_R_MALLOC_FAILURE); + goto err; + } } + BN_CTX_start(ctx); + a = BN_CTX_get(ctx); + b = BN_CTX_get(ctx); + tmp_1 = BN_CTX_get(ctx); + tmp_2 = BN_CTX_get(ctx); + order = BN_CTX_get(ctx); + if (order == NULL) goto err; - if (group->generator == NULL) + if (group->meth->field_decode) { - group->generator = EC_POINT_new(group); - if (group->generator == NULL) return 0; + if (!group->meth->field_decode(group, a, &group->a, ctx)) goto err; + if (!group->meth->field_decode(group, b, &group->b, ctx)) goto err; } - if (!EC_POINT_copy(group->generator, generator)) return 0; - - if (order != NULL) - { if (!BN_copy(&group->order, order)) return 0; } - else - { if (!BN_zero(&group->order)) return 0; } - - if (cofactor != NULL) - { if (!BN_copy(&group->cofactor, cofactor)) return 0; } else - { if (!BN_zero(&group->cofactor)) return 0; } - - return 1; - } - - -EC_POINT *ec_GFp_simple_group_get0_generator(const EC_GROUP *group) - { - return group->generator; - } - - -int ec_GFp_simple_group_get_order(const EC_GROUP *group, BIGNUM *order, BN_CTX *ctx) - { - if (!BN_copy(order, &group->order)) - return 0; - - return !BN_is_zero(&group->order); - } + { + if (!BN_copy(a, &group->a)) goto err; + if (!BN_copy(b, &group->b)) goto err; + } + + /* check the discriminant: + * y^2 = x^3 + a*x + b is an elliptic curve <=> 4*a^3 + 27*b^2 != 0 (mod p) + * 0 =< a, b < p */ + if (BN_is_zero(a)) + { + if (BN_is_zero(b)) goto err; + } + else if (!BN_is_zero(b)) + { + if (!BN_mod_sqr(tmp_1, a, p, ctx)) goto err; + if (!BN_mod_mul(tmp_2, tmp_1, a, p, ctx)) goto err; + if (!BN_lshift(tmp_1, tmp_2, 2)) goto err; + /* tmp_1 = 4*a^3 */ + if (!BN_mod_sqr(tmp_2, b, p, ctx)) goto err; + if (!BN_mul_word(tmp_2, 27)) goto err; + /* tmp_2 = 27*b^2 */ -int ec_GFp_simple_group_get_cofactor(const EC_GROUP *group, BIGNUM *cofactor, BN_CTX *ctx) - { - if (!BN_copy(cofactor, &group->cofactor)) - return 0; + if (!BN_mod_add(a, tmp_1, tmp_2, p, ctx)) goto err; + if (BN_is_zero(a)) goto err; + } + ret = 1; - return !BN_is_zero(&group->cofactor); +err: + if (ctx != NULL) + BN_CTX_end(ctx); + if (new_ctx != NULL) + BN_CTX_free(new_ctx); + return ret; } @@ -380,7 +386,8 @@ int ec_GFp_simple_point_copy(EC_POINT *dest, const EC_POINT *src) int ec_GFp_simple_point_set_to_infinity(const EC_GROUP *group, EC_POINT *point) { point->Z_is_one = 0; - return (BN_zero(&point->Z)); + BN_zero(&point->Z); + return 1; } @@ -497,13 +504,13 @@ int ec_GFp_simple_get_Jprojective_coordinates_GFp(const EC_GROUP *group, const E } -int ec_GFp_simple_point_set_affine_coordinates_GFp(const EC_GROUP *group, EC_POINT *point, +int ec_GFp_simple_point_set_affine_coordinates(const EC_GROUP *group, EC_POINT *point, const BIGNUM *x, const BIGNUM *y, BN_CTX *ctx) { if (x == NULL || y == NULL) { /* unlike for projective coordinates, we do not tolerate this */ - ECerr(EC_F_EC_GFP_SIMPLE_POINT_SET_AFFINE_COORDINATES_GFP, ERR_R_PASSED_NULL_PARAMETER); + ECerr(EC_F_EC_GFP_SIMPLE_POINT_SET_AFFINE_COORDINATES, ERR_R_PASSED_NULL_PARAMETER); return 0; } @@ -511,17 +518,17 @@ int ec_GFp_simple_point_set_affine_coordinates_GFp(const EC_GROUP *group, EC_POI } -int ec_GFp_simple_point_get_affine_coordinates_GFp(const EC_GROUP *group, const EC_POINT *point, +int ec_GFp_simple_point_get_affine_coordinates(const EC_GROUP *group, const EC_POINT *point, BIGNUM *x, BIGNUM *y, BN_CTX *ctx) { BN_CTX *new_ctx = NULL; - BIGNUM *X, *Y, *Z, *Z_1, *Z_2, *Z_3; - const BIGNUM *X_, *Y_, *Z_; + BIGNUM *Z, *Z_1, *Z_2, *Z_3; + const BIGNUM *Z_; int ret = 0; if (EC_POINT_is_at_infinity(group, point)) { - ECerr(EC_F_EC_GFP_SIMPLE_POINT_GET_AFFINE_COORDINATES_GFP, EC_R_POINT_AT_INFINITY); + ECerr(EC_F_EC_GFP_SIMPLE_POINT_GET_AFFINE_COORDINATES, EC_R_POINT_AT_INFINITY); return 0; } @@ -533,8 +540,6 @@ int ec_GFp_simple_point_get_affine_coordinates_GFp(const EC_GROUP *group, const } BN_CTX_start(ctx); - X = BN_CTX_get(ctx); - Y = BN_CTX_get(ctx); Z = BN_CTX_get(ctx); Z_1 = BN_CTX_get(ctx); Z_2 = BN_CTX_get(ctx); @@ -545,34 +550,44 @@ int ec_GFp_simple_point_get_affine_coordinates_GFp(const EC_GROUP *group, const if (group->meth->field_decode) { - if (!group->meth->field_decode(group, X, &point->X, ctx)) goto err; - if (!group->meth->field_decode(group, Y, &point->Y, ctx)) goto err; if (!group->meth->field_decode(group, Z, &point->Z, ctx)) goto err; - X_ = X; Y_ = Y; Z_ = Z; + Z_ = Z; } else { - X_ = &point->X; - Y_ = &point->Y; Z_ = &point->Z; } if (BN_is_one(Z_)) { - if (x != NULL) + if (group->meth->field_decode) { - if (!BN_copy(x, X_)) goto err; + if (x != NULL) + { + if (!group->meth->field_decode(group, x, &point->X, ctx)) goto err; + } + if (y != NULL) + { + if (!group->meth->field_decode(group, y, &point->Y, ctx)) goto err; + } } - if (y != NULL) + else { - if (!BN_copy(y, Y_)) goto err; + if (x != NULL) + { + if (!BN_copy(x, &point->X)) goto err; + } + if (y != NULL) + { + if (!BN_copy(y, &point->Y)) goto err; + } } } else { if (!BN_mod_inverse(Z_1, Z_, &group->field, ctx)) { - ECerr(EC_F_EC_GFP_SIMPLE_POINT_GET_AFFINE_COORDINATES_GFP, ERR_R_BN_LIB); + ECerr(EC_F_EC_GFP_SIMPLE_POINT_GET_AFFINE_COORDINATES, ERR_R_BN_LIB); goto err; } @@ -588,15 +603,8 @@ int ec_GFp_simple_point_get_affine_coordinates_GFp(const EC_GROUP *group, const if (x != NULL) { - if (group->meth->field_encode == 0) - { - /* field_mul works on standard representation */ - if (!group->meth->field_mul(group, x, X_, Z_2, ctx)) goto err; - } - else - { - if (!BN_mod_mul(x, X_, Z_2, &group->field, ctx)) goto err; - } + /* in the Montgomery case, field_mul will cancel out Montgomery factor in X: */ + if (!group->meth->field_mul(group, x, &point->X, Z_2, ctx)) goto err; } if (y != NULL) @@ -605,14 +613,14 @@ int ec_GFp_simple_point_get_affine_coordinates_GFp(const EC_GROUP *group, const { /* field_mul works on standard representation */ if (!group->meth->field_mul(group, Z_3, Z_2, Z_1, ctx)) goto err; - if (!group->meth->field_mul(group, y, Y_, Z_3, ctx)) goto err; - } else { if (!BN_mod_mul(Z_3, Z_2, Z_1, &group->field, ctx)) goto err; - if (!BN_mod_mul(y, Y_, Z_3, &group->field, ctx)) goto err; } + + /* in the Montgomery case, field_mul will cancel out Montgomery factor in Y: */ + if (!group->meth->field_mul(group, y, &point->Y, Z_3, ctx)) goto err; } } @@ -626,13 +634,16 @@ int ec_GFp_simple_point_get_affine_coordinates_GFp(const EC_GROUP *group, const } -int ec_GFp_simple_set_compressed_coordinates_GFp(const EC_GROUP *group, EC_POINT *point, +int ec_GFp_simple_set_compressed_coordinates(const EC_GROUP *group, EC_POINT *point, const BIGNUM *x_, int y_bit, BN_CTX *ctx) { BN_CTX *new_ctx = NULL; BIGNUM *tmp1, *tmp2, *x, *y; int ret = 0; + /* clear error queue*/ + ERR_clear_error(); + if (ctx == NULL) { ctx = new_ctx = BN_CTX_new(); @@ -704,19 +715,17 @@ int ec_GFp_simple_set_compressed_coordinates_GFp(const EC_GROUP *group, EC_POINT if (!BN_mod_sqrt(y, tmp1, &group->field, ctx)) { - unsigned long err = ERR_peek_error(); + unsigned long err = ERR_peek_last_error(); if (ERR_GET_LIB(err) == ERR_LIB_BN && ERR_GET_REASON(err) == BN_R_NOT_A_SQUARE) { - (void)ERR_get_error(); - ECerr(EC_F_EC_GFP_SIMPLE_SET_COMPRESSED_COORDINATES_GFP, EC_R_INVALID_COMPRESSED_POINT); + ERR_clear_error(); + ECerr(EC_F_EC_GFP_SIMPLE_SET_COMPRESSED_COORDINATES, EC_R_INVALID_COMPRESSED_POINT); } else - ECerr(EC_F_EC_GFP_SIMPLE_SET_COMPRESSED_COORDINATES_GFP, ERR_R_BN_LIB); + ECerr(EC_F_EC_GFP_SIMPLE_SET_COMPRESSED_COORDINATES, ERR_R_BN_LIB); goto err; } - /* If tmp1 is not a square (i.e. there is no point on the curve with - * our x), then y now is a nonsense value too */ if (y_bit != BN_is_odd(y)) { @@ -728,16 +737,17 @@ int ec_GFp_simple_set_compressed_coordinates_GFp(const EC_GROUP *group, EC_POINT if (kron == -2) goto err; if (kron == 1) - ECerr(EC_F_EC_GFP_SIMPLE_SET_COMPRESSED_COORDINATES_GFP, EC_R_INVALID_COMPRESSION_BIT); + ECerr(EC_F_EC_GFP_SIMPLE_SET_COMPRESSED_COORDINATES, EC_R_INVALID_COMPRESSION_BIT); else - ECerr(EC_F_EC_GFP_SIMPLE_SET_COMPRESSED_COORDINATES_GFP, EC_R_INVALID_COMPRESSED_POINT); + /* BN_mod_sqrt() should have cought this error (not a square) */ + ECerr(EC_F_EC_GFP_SIMPLE_SET_COMPRESSED_COORDINATES, EC_R_INVALID_COMPRESSED_POINT); goto err; } if (!BN_usub(y, &group->field, y)) goto err; } if (y_bit != BN_is_odd(y)) { - ECerr(EC_F_EC_GFP_SIMPLE_SET_COMPRESSED_COORDINATES_GFP, ERR_R_INTERNAL_ERROR); + ECerr(EC_F_EC_GFP_SIMPLE_SET_COMPRESSED_COORDINATES, ERR_R_INTERNAL_ERROR); goto err; } @@ -1088,7 +1098,7 @@ int ec_GFp_simple_add(const EC_GROUP *group, EC_POINT *r, const EC_POINT *a, con else { /* a is the inverse of b */ - if (!BN_zero(&r->Z)) goto end; + BN_zero(&r->Z); r->Z_is_one = 0; ret = 1; goto end; @@ -1164,7 +1174,7 @@ int ec_GFp_simple_dbl(const EC_GROUP *group, EC_POINT *r, const EC_POINT *a, BN_ if (EC_POINT_is_at_infinity(group, a)) { - if (!BN_zero(&r->Z)) return 0; + BN_zero(&r->Z); r->Z_is_one = 0; return 1; } @@ -1292,7 +1302,7 @@ int ec_GFp_simple_is_on_curve(const EC_GROUP *group, const EC_POINT *point, BN_C int (*field_sqr)(const EC_GROUP *, BIGNUM *, const BIGNUM *, BN_CTX *); const BIGNUM *p; BN_CTX *new_ctx = NULL; - BIGNUM *rh, *tmp1, *tmp2, *Z4, *Z6; + BIGNUM *rh, *tmp, *Z4, *Z6; int ret = -1; if (EC_POINT_is_at_infinity(group, point)) @@ -1311,8 +1321,7 @@ int ec_GFp_simple_is_on_curve(const EC_GROUP *group, const EC_POINT *point, BN_C BN_CTX_start(ctx); rh = BN_CTX_get(ctx); - tmp1 = BN_CTX_get(ctx); - tmp2 = BN_CTX_get(ctx); + tmp = BN_CTX_get(ctx); Z4 = BN_CTX_get(ctx); Z6 = BN_CTX_get(ctx); if (Z6 == NULL) goto err; @@ -1326,59 +1335,49 @@ int ec_GFp_simple_is_on_curve(const EC_GROUP *group, const EC_POINT *point, BN_C * To test this, we add up the right-hand side in 'rh'. */ - /* rh := X^3 */ + /* rh := X^2 */ if (!field_sqr(group, rh, &point->X, ctx)) goto err; - if (!field_mul(group, rh, rh, &point->X, ctx)) goto err; if (!point->Z_is_one) { - if (!field_sqr(group, tmp1, &point->Z, ctx)) goto err; - if (!field_sqr(group, Z4, tmp1, ctx)) goto err; - if (!field_mul(group, Z6, Z4, tmp1, ctx)) goto err; + if (!field_sqr(group, tmp, &point->Z, ctx)) goto err; + if (!field_sqr(group, Z4, tmp, ctx)) goto err; + if (!field_mul(group, Z6, Z4, tmp, ctx)) goto err; - /* rh := rh + a*X*Z^4 */ - if (!field_mul(group, tmp1, &point->X, Z4, ctx)) goto err; + /* rh := (rh + a*Z^4)*X */ if (group->a_is_minus3) { - if (!BN_mod_lshift1_quick(tmp2, tmp1, p)) goto err; - if (!BN_mod_add_quick(tmp2, tmp2, tmp1, p)) goto err; - if (!BN_mod_sub_quick(rh, rh, tmp2, p)) goto err; + if (!BN_mod_lshift1_quick(tmp, Z4, p)) goto err; + if (!BN_mod_add_quick(tmp, tmp, Z4, p)) goto err; + if (!BN_mod_sub_quick(rh, rh, tmp, p)) goto err; + if (!field_mul(group, rh, rh, &point->X, ctx)) goto err; } else { - if (!field_mul(group, tmp2, tmp1, &group->a, ctx)) goto err; - if (!BN_mod_add_quick(rh, rh, tmp2, p)) goto err; + if (!field_mul(group, tmp, Z4, &group->a, ctx)) goto err; + if (!BN_mod_add_quick(rh, rh, tmp, p)) goto err; + if (!field_mul(group, rh, rh, &point->X, ctx)) goto err; } /* rh := rh + b*Z^6 */ - if (!field_mul(group, tmp1, &group->b, Z6, ctx)) goto err; - if (!BN_mod_add_quick(rh, rh, tmp1, p)) goto err; + if (!field_mul(group, tmp, &group->b, Z6, ctx)) goto err; + if (!BN_mod_add_quick(rh, rh, tmp, p)) goto err; } else { /* point->Z_is_one */ - /* rh := rh + a*X */ - if (group->a_is_minus3) - { - if (!BN_mod_lshift1_quick(tmp2, &point->X, p)) goto err; - if (!BN_mod_add_quick(tmp2, tmp2, &point->X, p)) goto err; - if (!BN_mod_sub_quick(rh, rh, tmp2, p)) goto err; - } - else - { - if (!field_mul(group, tmp2, &point->X, &group->a, ctx)) goto err; - if (!BN_mod_add_quick(rh, rh, tmp2, p)) goto err; - } - + /* rh := (rh + a)*X */ + if (!BN_mod_add_quick(rh, rh, &group->a, p)) goto err; + if (!field_mul(group, rh, rh, &point->X, ctx)) goto err; /* rh := rh + b */ if (!BN_mod_add_quick(rh, rh, &group->b, p)) goto err; } /* 'lh' := Y^2 */ - if (!field_sqr(group, tmp1, &point->Y, ctx)) goto err; + if (!field_sqr(group, tmp, &point->Y, ctx)) goto err; - ret = (0 == BN_cmp(tmp1, rh)); + ret = (0 == BN_ucmp(tmp, rh)); err: BN_CTX_end(ctx); diff --git a/src/lib/libssl/src/crypto/ec/ectest.c b/src/lib/libssl/src/crypto/ec/ectest.c index 345d3e4289..6148d553f9 100644 --- a/src/lib/libssl/src/crypto/ec/ectest.c +++ b/src/lib/libssl/src/crypto/ec/ectest.c @@ -1,4 +1,7 @@ /* crypto/ec/ectest.c */ +/* + * Originally written by Bodo Moeller for the OpenSSL project. + */ /* ==================================================================== * Copyright (c) 1998-2001 The OpenSSL Project. All rights reserved. * @@ -52,6 +55,19 @@ * Hudson (tjh@cryptsoft.com). * */ +/* ==================================================================== + * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. + * + * Portions of the attached software ("Contribution") are developed by + * SUN MICROSYSTEMS, INC., and are contributed to the OpenSSL project. + * + * The Contribution is licensed pursuant to the OpenSSL open source + * license provided above. + * + * The elliptic curve binary polynomial software is originally written by + * Sheueling Chang Shantz and Douglas Stebila of Sun Microsystems Laboratories. + * + */ #include #include @@ -74,6 +90,15 @@ int main(int argc, char * argv[]) { puts("Elliptic curves are disabled."); retur #include #endif #include +#include +#include +#include +#include + +#if defined(_MSC_VER) && defined(_MIPS_) && (_MSC_VER/100==12) +/* suppress "too big too optimize" warning */ +#pragma warning(disable:4959) +#endif #define ABORT do { \ fflush(stdout); \ @@ -82,47 +107,59 @@ int main(int argc, char * argv[]) { puts("Elliptic curves are disabled."); retur EXIT(1); \ } while (0) +void prime_field_tests(void); +void char2_field_tests(void); +void internal_curve_test(void); + +#define TIMING_BASE_PT 0 +#define TIMING_RAND_PT 1 +#define TIMING_SIMUL 2 + #if 0 -static void timings(EC_GROUP *group, int multi, BN_CTX *ctx) +static void timings(EC_GROUP *group, int type, BN_CTX *ctx) { clock_t clck; int i, j; - BIGNUM *s, *s0; + BIGNUM *s; + BIGNUM *r[10], *r0[10]; EC_POINT *P; s = BN_new(); - s0 = BN_new(); - if (s == NULL || s0 == NULL) ABORT; + if (s == NULL) ABORT; - if (!EC_GROUP_get_curve_GFp(group, s, NULL, NULL, ctx)) ABORT; - fprintf(stdout, "Timings for %d bit prime, ", (int)BN_num_bits(s)); + fprintf(stdout, "Timings for %d-bit field, ", EC_GROUP_get_degree(group)); if (!EC_GROUP_get_order(group, s, ctx)) ABORT; - fprintf(stdout, "%d bit scalars ", (int)BN_num_bits(s)); + fprintf(stdout, "%d-bit scalars ", (int)BN_num_bits(s)); fflush(stdout); P = EC_POINT_new(group); if (P == NULL) ABORT; EC_POINT_copy(P, EC_GROUP_get0_generator(group)); - clck = clock(); for (i = 0; i < 10; i++) { - if (!BN_pseudo_rand(s, BN_num_bits(s), 0, 0)) ABORT; - if (multi) + if ((r[i] = BN_new()) == NULL) ABORT; + if (!BN_pseudo_rand(r[i], BN_num_bits(s), 0, 0)) ABORT; + if (type != TIMING_BASE_PT) { - if (!BN_pseudo_rand(s0, BN_num_bits(s), 0, 0)) ABORT; + if ((r0[i] = BN_new()) == NULL) ABORT; + if (!BN_pseudo_rand(r0[i], BN_num_bits(s), 0, 0)) ABORT; } + } + + clck = clock(); + for (i = 0; i < 10; i++) + { for (j = 0; j < 10; j++) { - if (!EC_POINT_mul(group, P, s, multi ? P : NULL, multi ? s0 : NULL, ctx)) ABORT; + if (!EC_POINT_mul(group, P, (type != TIMING_RAND_PT) ? r[i] : NULL, + (type != TIMING_BASE_PT) ? P : NULL, (type != TIMING_BASE_PT) ? r0[i] : NULL, ctx)) ABORT; } - fprintf(stdout, "."); - fflush(stdout); } - fprintf(stdout, "\n"); - clck = clock() - clck; + fprintf(stdout, "\n"); + #ifdef CLOCKS_PER_SEC /* "To determine the time in seconds, the value returned * by the clock function should be divided by the value @@ -136,43 +173,40 @@ static void timings(EC_GROUP *group, int multi, BN_CTX *ctx) # define CLOCKS_PER_SEC 1 #endif - fprintf(stdout, "%i %s in %.2f " UNIT "\n", i*j, - multi ? "s*P+t*Q operations" : "point multiplications", - (double)clck/CLOCKS_PER_SEC); + if (type == TIMING_BASE_PT) { + fprintf(stdout, "%i %s in %.2f " UNIT "\n", i*j, + "base point multiplications", (double)clck/CLOCKS_PER_SEC); + } else if (type == TIMING_RAND_PT) { + fprintf(stdout, "%i %s in %.2f " UNIT "\n", i*j, + "random point multiplications", (double)clck/CLOCKS_PER_SEC); + } else if (type == TIMING_SIMUL) { + fprintf(stdout, "%i %s in %.2f " UNIT "\n", i*j, + "s*P+t*Q operations", (double)clck/CLOCKS_PER_SEC); + } fprintf(stdout, "average: %.4f " UNIT "\n", (double)clck/(CLOCKS_PER_SEC*i*j)); EC_POINT_free(P); BN_free(s); - BN_free(s0); + for (i = 0; i < 10; i++) + { + BN_free(r[i]); + if (type != TIMING_BASE_PT) BN_free(r0[i]); + } } #endif -int main(int argc, char *argv[]) +void prime_field_tests() { BN_CTX *ctx = NULL; BIGNUM *p, *a, *b; EC_GROUP *group; - EC_GROUP *P_192 = NULL, *P_224 = NULL, *P_256 = NULL, *P_384 = NULL, *P_521 = NULL; + EC_GROUP *P_160 = NULL, *P_192 = NULL, *P_224 = NULL, *P_256 = NULL, *P_384 = NULL, *P_521 = NULL; EC_POINT *P, *Q, *R; BIGNUM *x, *y, *z; unsigned char buf[100]; size_t i, len; int k; - /* enable memory leak checking unless explicitly disabled */ - if (!((getenv("OPENSSL_DEBUG_MEMORY") != NULL) && (0 == strcmp(getenv("OPENSSL_DEBUG_MEMORY"), "off")))) - { - CRYPTO_malloc_debug_init(); - CRYPTO_set_mem_debug_options(V_CRYPTO_MDEBUG_ALL); - } - else - { - /* OPENSSL_DEBUG_MEMORY=off */ - CRYPTO_set_mem_debug_functions(0, 0, 0, 0, 0); - } - CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON); - ERR_load_crypto_strings(); - #if 1 /* optional */ ctx = BN_CTX_new(); if (!ctx) ABORT; @@ -197,7 +231,7 @@ int main(int argc, char *argv[]) EC_GROUP *tmp; tmp = EC_GROUP_new(EC_GROUP_method_of(group)); if (!tmp) ABORT; - if (!EC_GROUP_copy(tmp, group)); + if (!EC_GROUP_copy(tmp, group)) ABORT; EC_GROUP_free(group); group = tmp; } @@ -317,10 +351,56 @@ int main(int argc, char *argv[]) if (0 != EC_POINT_cmp(group, P, R, ctx)) ABORT; + /* Curve secp160r1 (Certicom Research SEC 2 Version 1.0, section 2.4.2, 2000) + * -- not a NIST curve, but commonly used */ + + if (!BN_hex2bn(&p, "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF7FFFFFFF")) ABORT; + if (1 != BN_is_prime_ex(p, BN_prime_checks, ctx, NULL)) ABORT; + if (!BN_hex2bn(&a, "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF7FFFFFFC")) ABORT; + if (!BN_hex2bn(&b, "1C97BEFC54BD7A8B65ACF89F81D4D4ADC565FA45")) ABORT; + if (!EC_GROUP_set_curve_GFp(group, p, a, b, ctx)) ABORT; + + if (!BN_hex2bn(&x, "4A96B5688EF573284664698968C38BB913CBFC82")) ABORT; + if (!BN_hex2bn(&y, "23a628553168947d59dcc912042351377ac5fb32")) ABORT; + if (!EC_POINT_set_affine_coordinates_GFp(group, P, x, y, ctx)) ABORT; + if (!EC_POINT_is_on_curve(group, P, ctx)) ABORT; + if (!BN_hex2bn(&z, "0100000000000000000001F4C8F927AED3CA752257")) ABORT; + if (!EC_GROUP_set_generator(group, P, z, BN_value_one())) ABORT; + + if (!EC_POINT_get_affine_coordinates_GFp(group, P, x, y, ctx)) ABORT; + fprintf(stdout, "\nSEC2 curve secp160r1 -- Generator:\n x = 0x"); + BN_print_fp(stdout, x); + fprintf(stdout, "\n y = 0x"); + BN_print_fp(stdout, y); + fprintf(stdout, "\n"); + /* G_y value taken from the standard: */ + if (!BN_hex2bn(&z, "23a628553168947d59dcc912042351377ac5fb32")) ABORT; + if (0 != BN_cmp(y, z)) ABORT; + + fprintf(stdout, "verify degree ..."); + if (EC_GROUP_get_degree(group) != 160) ABORT; + fprintf(stdout, " ok\n"); + + fprintf(stdout, "verify group order ..."); + fflush(stdout); + if (!EC_GROUP_get_order(group, z, ctx)) ABORT; + if (!EC_POINT_mul(group, Q, z, NULL, NULL, ctx)) ABORT; + if (!EC_POINT_is_at_infinity(group, Q)) ABORT; + fprintf(stdout, "."); + fflush(stdout); + if (!EC_GROUP_precompute_mult(group, ctx)) ABORT; + if (!EC_POINT_mul(group, Q, z, NULL, NULL, ctx)) ABORT; + if (!EC_POINT_is_at_infinity(group, Q)) ABORT; + fprintf(stdout, " ok\n"); + + if (!(P_160 = EC_GROUP_new(EC_GROUP_method_of(group)))) ABORT; + if (!EC_GROUP_copy(P_160, group)) ABORT; + + /* Curve P-192 (FIPS PUB 186-2, App. 6) */ if (!BN_hex2bn(&p, "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFFFFFFFFFF")) ABORT; - if (1 != BN_is_prime(p, BN_prime_checks, 0, ctx, NULL)) ABORT; + if (1 != BN_is_prime_ex(p, BN_prime_checks, ctx, NULL)) ABORT; if (!BN_hex2bn(&a, "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFFFFFFFFFC")) ABORT; if (!BN_hex2bn(&b, "64210519E59C80E70FA7E9AB72243049FEB8DEECC146B9B1")) ABORT; if (!EC_GROUP_set_curve_GFp(group, p, a, b, ctx)) ABORT; @@ -340,6 +420,10 @@ int main(int argc, char *argv[]) /* G_y value taken from the standard: */ if (!BN_hex2bn(&z, "07192B95FFC8DA78631011ED6B24CDD573F977A11E794811")) ABORT; if (0 != BN_cmp(y, z)) ABORT; + + fprintf(stdout, "verify degree ..."); + if (EC_GROUP_get_degree(group) != 192) ABORT; + fprintf(stdout, " ok\n"); fprintf(stdout, "verify group order ..."); fflush(stdout); @@ -348,7 +432,9 @@ int main(int argc, char *argv[]) if (!EC_POINT_is_at_infinity(group, Q)) ABORT; fprintf(stdout, "."); fflush(stdout); +#if 0 if (!EC_GROUP_precompute_mult(group, ctx)) ABORT; +#endif if (!EC_POINT_mul(group, Q, z, NULL, NULL, ctx)) ABORT; if (!EC_POINT_is_at_infinity(group, Q)) ABORT; fprintf(stdout, " ok\n"); @@ -360,7 +446,7 @@ int main(int argc, char *argv[]) /* Curve P-224 (FIPS PUB 186-2, App. 6) */ if (!BN_hex2bn(&p, "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF000000000000000000000001")) ABORT; - if (1 != BN_is_prime(p, BN_prime_checks, 0, ctx, NULL)) ABORT; + if (1 != BN_is_prime_ex(p, BN_prime_checks, ctx, NULL)) ABORT; if (!BN_hex2bn(&a, "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFFFFFFFFFFFFFFFFFE")) ABORT; if (!BN_hex2bn(&b, "B4050A850C04B3ABF54132565044B0B7D7BFD8BA270B39432355FFB4")) ABORT; if (!EC_GROUP_set_curve_GFp(group, p, a, b, ctx)) ABORT; @@ -381,6 +467,10 @@ int main(int argc, char *argv[]) if (!BN_hex2bn(&z, "BD376388B5F723FB4C22DFE6CD4375A05A07476444D5819985007E34")) ABORT; if (0 != BN_cmp(y, z)) ABORT; + fprintf(stdout, "verify degree ..."); + if (EC_GROUP_get_degree(group) != 224) ABORT; + fprintf(stdout, " ok\n"); + fprintf(stdout, "verify group order ..."); fflush(stdout); if (!EC_GROUP_get_order(group, z, ctx)) ABORT; @@ -388,7 +478,9 @@ int main(int argc, char *argv[]) if (!EC_POINT_is_at_infinity(group, Q)) ABORT; fprintf(stdout, "."); fflush(stdout); +#if 0 if (!EC_GROUP_precompute_mult(group, ctx)) ABORT; +#endif if (!EC_POINT_mul(group, Q, z, NULL, NULL, ctx)) ABORT; if (!EC_POINT_is_at_infinity(group, Q)) ABORT; fprintf(stdout, " ok\n"); @@ -400,7 +492,7 @@ int main(int argc, char *argv[]) /* Curve P-256 (FIPS PUB 186-2, App. 6) */ if (!BN_hex2bn(&p, "FFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF")) ABORT; - if (1 != BN_is_prime(p, BN_prime_checks, 0, ctx, NULL)) ABORT; + if (1 != BN_is_prime_ex(p, BN_prime_checks, ctx, NULL)) ABORT; if (!BN_hex2bn(&a, "FFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFC")) ABORT; if (!BN_hex2bn(&b, "5AC635D8AA3A93E7B3EBBD55769886BC651D06B0CC53B0F63BCE3C3E27D2604B")) ABORT; if (!EC_GROUP_set_curve_GFp(group, p, a, b, ctx)) ABORT; @@ -422,6 +514,10 @@ int main(int argc, char *argv[]) if (!BN_hex2bn(&z, "4FE342E2FE1A7F9B8EE7EB4A7C0F9E162BCE33576B315ECECBB6406837BF51F5")) ABORT; if (0 != BN_cmp(y, z)) ABORT; + fprintf(stdout, "verify degree ..."); + if (EC_GROUP_get_degree(group) != 256) ABORT; + fprintf(stdout, " ok\n"); + fprintf(stdout, "verify group order ..."); fflush(stdout); if (!EC_GROUP_get_order(group, z, ctx)) ABORT; @@ -429,7 +525,9 @@ int main(int argc, char *argv[]) if (!EC_POINT_is_at_infinity(group, Q)) ABORT; fprintf(stdout, "."); fflush(stdout); +#if 0 if (!EC_GROUP_precompute_mult(group, ctx)) ABORT; +#endif if (!EC_POINT_mul(group, Q, z, NULL, NULL, ctx)) ABORT; if (!EC_POINT_is_at_infinity(group, Q)) ABORT; fprintf(stdout, " ok\n"); @@ -442,7 +540,7 @@ int main(int argc, char *argv[]) if (!BN_hex2bn(&p, "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF" "FFFFFFFFFFFFFFFFFEFFFFFFFF0000000000000000FFFFFFFF")) ABORT; - if (1 != BN_is_prime(p, BN_prime_checks, 0, ctx, NULL)) ABORT; + if (1 != BN_is_prime_ex(p, BN_prime_checks, ctx, NULL)) ABORT; if (!BN_hex2bn(&a, "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF" "FFFFFFFFFFFFFFFFFEFFFFFFFF0000000000000000FFFFFFFC")) ABORT; if (!BN_hex2bn(&b, "B3312FA7E23EE7E4988E056BE3F82D19181D9C6EFE8141" @@ -468,6 +566,10 @@ int main(int argc, char *argv[]) "7CE9DA3113B5F0B8C00A60B1CE1D7E819D7A431D7C90EA0E5F")) ABORT; if (0 != BN_cmp(y, z)) ABORT; + fprintf(stdout, "verify degree ..."); + if (EC_GROUP_get_degree(group) != 384) ABORT; + fprintf(stdout, " ok\n"); + fprintf(stdout, "verify group order ..."); fflush(stdout); if (!EC_GROUP_get_order(group, z, ctx)) ABORT; @@ -475,7 +577,9 @@ int main(int argc, char *argv[]) if (!EC_POINT_is_at_infinity(group, Q)) ABORT; fprintf(stdout, "."); fflush(stdout); +#if 0 if (!EC_GROUP_precompute_mult(group, ctx)) ABORT; +#endif if (!EC_POINT_mul(group, Q, z, NULL, NULL, ctx)) ABORT; if (!EC_POINT_is_at_infinity(group, Q)) ABORT; fprintf(stdout, " ok\n"); @@ -489,7 +593,7 @@ int main(int argc, char *argv[]) if (!BN_hex2bn(&p, "1FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF" "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF" "FFFFFFFFFFFFFFFFFFFFFFFFFFFF")) ABORT; - if (1 != BN_is_prime(p, BN_prime_checks, 0, ctx, NULL)) ABORT; + if (1 != BN_is_prime_ex(p, BN_prime_checks, ctx, NULL)) ABORT; if (!BN_hex2bn(&a, "1FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF" "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF" "FFFFFFFFFFFFFFFFFFFFFFFFFFFC")) ABORT; @@ -520,6 +624,10 @@ int main(int argc, char *argv[]) "7086A272C24088BE94769FD16650")) ABORT; if (0 != BN_cmp(y, z)) ABORT; + fprintf(stdout, "verify degree ..."); + if (EC_GROUP_get_degree(group) != 521) ABORT; + fprintf(stdout, " ok\n"); + fprintf(stdout, "verify group order ..."); fflush(stdout); if (!EC_GROUP_get_order(group, z, ctx)) ABORT; @@ -527,7 +635,9 @@ int main(int argc, char *argv[]) if (!EC_POINT_is_at_infinity(group, Q)) ABORT; fprintf(stdout, "."); fflush(stdout); +#if 0 if (!EC_GROUP_precompute_mult(group, ctx)) ABORT; +#endif if (!EC_POINT_mul(group, Q, z, NULL, NULL, ctx)) ABORT; if (!EC_POINT_is_at_infinity(group, Q)) ABORT; fprintf(stdout, " ok\n"); @@ -549,13 +659,15 @@ int main(int argc, char *argv[]) if (!EC_POINT_is_at_infinity(group, R)) ABORT; /* R = P + 2Q */ { - const EC_POINT *points[3]; - const BIGNUM *scalars[3]; + const EC_POINT *points[4]; + const BIGNUM *scalars[4]; + BIGNUM scalar3; if (EC_POINT_is_at_infinity(group, Q)) ABORT; points[0] = Q; points[1] = Q; points[2] = Q; + points[3] = Q; if (!BN_add(y, z, BN_value_one())) ABORT; if (BN_is_odd(y)) ABORT; @@ -577,7 +689,7 @@ int main(int argc, char *argv[]) if (!BN_pseudo_rand(y, BN_num_bits(y), 0, 0)) ABORT; if (!BN_add(z, z, y)) ABORT; - z->neg = 1; + BN_set_negative(z, 1); scalars[0] = y; scalars[1] = z; /* z = -(order + y) */ @@ -589,29 +701,43 @@ int main(int argc, char *argv[]) if (!BN_pseudo_rand(x, BN_num_bits(y) - 1, 0, 0)) ABORT; if (!BN_add(z, x, y)) ABORT; - z->neg = 1; + BN_set_negative(z, 1); scalars[0] = x; scalars[1] = y; scalars[2] = z; /* z = -(x+y) */ - if (!EC_POINTs_mul(group, P, NULL, 3, points, scalars, ctx)) ABORT; + BN_init(&scalar3); + BN_zero(&scalar3); + scalars[3] = &scalar3; + + if (!EC_POINTs_mul(group, P, NULL, 4, points, scalars, ctx)) ABORT; if (!EC_POINT_is_at_infinity(group, P)) ABORT; fprintf(stdout, " ok\n\n"); + + BN_free(&scalar3); } #if 0 - timings(P_192, 0, ctx); - timings(P_192, 1, ctx); - timings(P_224, 0, ctx); - timings(P_224, 1, ctx); - timings(P_256, 0, ctx); - timings(P_256, 1, ctx); - timings(P_384, 0, ctx); - timings(P_384, 1, ctx); - timings(P_521, 0, ctx); - timings(P_521, 1, ctx); + timings(P_160, TIMING_BASE_PT, ctx); + timings(P_160, TIMING_RAND_PT, ctx); + timings(P_160, TIMING_SIMUL, ctx); + timings(P_192, TIMING_BASE_PT, ctx); + timings(P_192, TIMING_RAND_PT, ctx); + timings(P_192, TIMING_SIMUL, ctx); + timings(P_224, TIMING_BASE_PT, ctx); + timings(P_224, TIMING_RAND_PT, ctx); + timings(P_224, TIMING_SIMUL, ctx); + timings(P_256, TIMING_BASE_PT, ctx); + timings(P_256, TIMING_RAND_PT, ctx); + timings(P_256, TIMING_SIMUL, ctx); + timings(P_384, TIMING_BASE_PT, ctx); + timings(P_384, TIMING_RAND_PT, ctx); + timings(P_384, TIMING_SIMUL, ctx); + timings(P_521, TIMING_BASE_PT, ctx); + timings(P_521, TIMING_RAND_PT, ctx); + timings(P_521, TIMING_SIMUL, ctx); #endif @@ -624,12 +750,587 @@ int main(int argc, char *argv[]) EC_POINT_free(R); BN_free(x); BN_free(y); BN_free(z); + if (P_160) EC_GROUP_free(P_160); if (P_192) EC_GROUP_free(P_192); if (P_224) EC_GROUP_free(P_224); if (P_256) EC_GROUP_free(P_256); if (P_384) EC_GROUP_free(P_384); if (P_521) EC_GROUP_free(P_521); + } + +/* Change test based on whether binary point compression is enabled or not. */ +#ifdef OPENSSL_EC_BIN_PT_COMP +#define CHAR2_CURVE_TEST_INTERNAL(_name, _p, _a, _b, _x, _y, _y_bit, _order, _cof, _degree, _variable) \ + if (!BN_hex2bn(&x, _x)) ABORT; \ + if (!EC_POINT_set_compressed_coordinates_GF2m(group, P, x, _y_bit, ctx)) ABORT; \ + if (!EC_POINT_is_on_curve(group, P, ctx)) ABORT; \ + if (!BN_hex2bn(&z, _order)) ABORT; \ + if (!BN_hex2bn(&cof, _cof)) ABORT; \ + if (!EC_GROUP_set_generator(group, P, z, cof)) ABORT; \ + if (!EC_POINT_get_affine_coordinates_GF2m(group, P, x, y, ctx)) ABORT; \ + fprintf(stdout, "\n%s -- Generator:\n x = 0x", _name); \ + BN_print_fp(stdout, x); \ + fprintf(stdout, "\n y = 0x"); \ + BN_print_fp(stdout, y); \ + fprintf(stdout, "\n"); \ + /* G_y value taken from the standard: */ \ + if (!BN_hex2bn(&z, _y)) ABORT; \ + if (0 != BN_cmp(y, z)) ABORT; +#else +#define CHAR2_CURVE_TEST_INTERNAL(_name, _p, _a, _b, _x, _y, _y_bit, _order, _cof, _degree, _variable) \ + if (!BN_hex2bn(&x, _x)) ABORT; \ + if (!BN_hex2bn(&y, _y)) ABORT; \ + if (!EC_POINT_set_affine_coordinates_GF2m(group, P, x, y, ctx)) ABORT; \ + if (!EC_POINT_is_on_curve(group, P, ctx)) ABORT; \ + if (!BN_hex2bn(&z, _order)) ABORT; \ + if (!BN_hex2bn(&cof, _cof)) ABORT; \ + if (!EC_GROUP_set_generator(group, P, z, cof)) ABORT; \ + fprintf(stdout, "\n%s -- Generator:\n x = 0x", _name); \ + BN_print_fp(stdout, x); \ + fprintf(stdout, "\n y = 0x"); \ + BN_print_fp(stdout, y); \ + fprintf(stdout, "\n"); +#endif + +#define CHAR2_CURVE_TEST(_name, _p, _a, _b, _x, _y, _y_bit, _order, _cof, _degree, _variable) \ + if (!BN_hex2bn(&p, _p)) ABORT; \ + if (!BN_hex2bn(&a, _a)) ABORT; \ + if (!BN_hex2bn(&b, _b)) ABORT; \ + if (!EC_GROUP_set_curve_GF2m(group, p, a, b, ctx)) ABORT; \ + CHAR2_CURVE_TEST_INTERNAL(_name, _p, _a, _b, _x, _y, _y_bit, _order, _cof, _degree, _variable) \ + fprintf(stdout, "verify degree ..."); \ + if (EC_GROUP_get_degree(group) != _degree) ABORT; \ + fprintf(stdout, " ok\n"); \ + fprintf(stdout, "verify group order ..."); \ + fflush(stdout); \ + if (!EC_GROUP_get_order(group, z, ctx)) ABORT; \ + if (!EC_POINT_mul(group, Q, z, NULL, NULL, ctx)) ABORT; \ + if (!EC_POINT_is_at_infinity(group, Q)) ABORT; \ + fprintf(stdout, "."); \ + fflush(stdout); \ + /* if (!EC_GROUP_precompute_mult(group, ctx)) ABORT; */ \ + if (!EC_POINT_mul(group, Q, z, NULL, NULL, ctx)) ABORT; \ + if (!EC_POINT_is_at_infinity(group, Q)) ABORT; \ + fprintf(stdout, " ok\n"); \ + if (!(_variable = EC_GROUP_new(EC_GROUP_method_of(group)))) ABORT; \ + if (!EC_GROUP_copy(_variable, group)) ABORT; + +void char2_field_tests() + { + BN_CTX *ctx = NULL; + BIGNUM *p, *a, *b; + EC_GROUP *group; + EC_GROUP *C2_K163 = NULL, *C2_K233 = NULL, *C2_K283 = NULL, *C2_K409 = NULL, *C2_K571 = NULL; + EC_GROUP *C2_B163 = NULL, *C2_B233 = NULL, *C2_B283 = NULL, *C2_B409 = NULL, *C2_B571 = NULL; + EC_POINT *P, *Q, *R; + BIGNUM *x, *y, *z, *cof; + unsigned char buf[100]; + size_t i, len; + int k; + +#if 1 /* optional */ + ctx = BN_CTX_new(); + if (!ctx) ABORT; +#endif + + p = BN_new(); + a = BN_new(); + b = BN_new(); + if (!p || !a || !b) ABORT; + + if (!BN_hex2bn(&p, "13")) ABORT; + if (!BN_hex2bn(&a, "3")) ABORT; + if (!BN_hex2bn(&b, "1")) ABORT; + + group = EC_GROUP_new(EC_GF2m_simple_method()); /* applications should use EC_GROUP_new_curve_GF2m + * so that the library gets to choose the EC_METHOD */ + if (!group) ABORT; + if (!EC_GROUP_set_curve_GF2m(group, p, a, b, ctx)) ABORT; + + { + EC_GROUP *tmp; + tmp = EC_GROUP_new(EC_GROUP_method_of(group)); + if (!tmp) ABORT; + if (!EC_GROUP_copy(tmp, group)) ABORT; + EC_GROUP_free(group); + group = tmp; + } + + if (!EC_GROUP_get_curve_GF2m(group, p, a, b, ctx)) ABORT; + + fprintf(stdout, "Curve defined by Weierstrass equation\n y^2 + x*y = x^3 + a*x^2 + b (mod 0x"); + BN_print_fp(stdout, p); + fprintf(stdout, ")\n a = 0x"); + BN_print_fp(stdout, a); + fprintf(stdout, "\n b = 0x"); + BN_print_fp(stdout, b); + fprintf(stdout, "\n(0x... means binary polynomial)\n"); + + P = EC_POINT_new(group); + Q = EC_POINT_new(group); + R = EC_POINT_new(group); + if (!P || !Q || !R) ABORT; + + if (!EC_POINT_set_to_infinity(group, P)) ABORT; + if (!EC_POINT_is_at_infinity(group, P)) ABORT; + + buf[0] = 0; + if (!EC_POINT_oct2point(group, Q, buf, 1, ctx)) ABORT; + + if (!EC_POINT_add(group, P, P, Q, ctx)) ABORT; + if (!EC_POINT_is_at_infinity(group, P)) ABORT; + + x = BN_new(); + y = BN_new(); + z = BN_new(); + cof = BN_new(); + if (!x || !y || !z || !cof) ABORT; + + if (!BN_hex2bn(&x, "6")) ABORT; +/* Change test based on whether binary point compression is enabled or not. */ +#ifdef OPENSSL_EC_BIN_PT_COMP + if (!EC_POINT_set_compressed_coordinates_GF2m(group, Q, x, 1, ctx)) ABORT; +#else + if (!BN_hex2bn(&y, "8")) ABORT; + if (!EC_POINT_set_affine_coordinates_GF2m(group, Q, x, y, ctx)) ABORT; +#endif + if (!EC_POINT_is_on_curve(group, Q, ctx)) + { +/* Change test based on whether binary point compression is enabled or not. */ +#ifdef OPENSSL_EC_BIN_PT_COMP + if (!EC_POINT_get_affine_coordinates_GF2m(group, Q, x, y, ctx)) ABORT; +#endif + fprintf(stderr, "Point is not on curve: x = 0x"); + BN_print_fp(stderr, x); + fprintf(stderr, ", y = 0x"); + BN_print_fp(stderr, y); + fprintf(stderr, "\n"); + ABORT; + } + + fprintf(stdout, "A cyclic subgroup:\n"); + k = 100; + do + { + if (k-- == 0) ABORT; + + if (EC_POINT_is_at_infinity(group, P)) + fprintf(stdout, " point at infinity\n"); + else + { + if (!EC_POINT_get_affine_coordinates_GF2m(group, P, x, y, ctx)) ABORT; + + fprintf(stdout, " x = 0x"); + BN_print_fp(stdout, x); + fprintf(stdout, ", y = 0x"); + BN_print_fp(stdout, y); + fprintf(stdout, "\n"); + } + + if (!EC_POINT_copy(R, P)) ABORT; + if (!EC_POINT_add(group, P, P, Q, ctx)) ABORT; + } + while (!EC_POINT_is_at_infinity(group, P)); + + if (!EC_POINT_add(group, P, Q, R, ctx)) ABORT; + if (!EC_POINT_is_at_infinity(group, P)) ABORT; + +/* Change test based on whether binary point compression is enabled or not. */ +#ifdef OPENSSL_EC_BIN_PT_COMP + len = EC_POINT_point2oct(group, Q, POINT_CONVERSION_COMPRESSED, buf, sizeof buf, ctx); + if (len == 0) ABORT; + if (!EC_POINT_oct2point(group, P, buf, len, ctx)) ABORT; + if (0 != EC_POINT_cmp(group, P, Q, ctx)) ABORT; + fprintf(stdout, "Generator as octet string, compressed form:\n "); + for (i = 0; i < len; i++) fprintf(stdout, "%02X", buf[i]); +#endif + + len = EC_POINT_point2oct(group, Q, POINT_CONVERSION_UNCOMPRESSED, buf, sizeof buf, ctx); + if (len == 0) ABORT; + if (!EC_POINT_oct2point(group, P, buf, len, ctx)) ABORT; + if (0 != EC_POINT_cmp(group, P, Q, ctx)) ABORT; + fprintf(stdout, "\nGenerator as octet string, uncompressed form:\n "); + for (i = 0; i < len; i++) fprintf(stdout, "%02X", buf[i]); + +/* Change test based on whether binary point compression is enabled or not. */ +#ifdef OPENSSL_EC_BIN_PT_COMP + len = EC_POINT_point2oct(group, Q, POINT_CONVERSION_HYBRID, buf, sizeof buf, ctx); + if (len == 0) ABORT; + if (!EC_POINT_oct2point(group, P, buf, len, ctx)) ABORT; + if (0 != EC_POINT_cmp(group, P, Q, ctx)) ABORT; + fprintf(stdout, "\nGenerator as octet string, hybrid form:\n "); + for (i = 0; i < len; i++) fprintf(stdout, "%02X", buf[i]); +#endif + + fprintf(stdout, "\n"); + + if (!EC_POINT_invert(group, P, ctx)) ABORT; + if (0 != EC_POINT_cmp(group, P, R, ctx)) ABORT; + + + /* Curve K-163 (FIPS PUB 186-2, App. 6) */ + CHAR2_CURVE_TEST + ( + "NIST curve K-163", + "0800000000000000000000000000000000000000C9", + "1", + "1", + "02FE13C0537BBC11ACAA07D793DE4E6D5E5C94EEE8", + "0289070FB05D38FF58321F2E800536D538CCDAA3D9", + 1, + "04000000000000000000020108A2E0CC0D99F8A5EF", + "2", + 163, + C2_K163 + ); + + /* Curve B-163 (FIPS PUB 186-2, App. 6) */ + CHAR2_CURVE_TEST + ( + "NIST curve B-163", + "0800000000000000000000000000000000000000C9", + "1", + "020A601907B8C953CA1481EB10512F78744A3205FD", + "03F0EBA16286A2D57EA0991168D4994637E8343E36", + "00D51FBC6C71A0094FA2CDD545B11C5C0C797324F1", + 1, + "040000000000000000000292FE77E70C12A4234C33", + "2", + 163, + C2_B163 + ); + + /* Curve K-233 (FIPS PUB 186-2, App. 6) */ + CHAR2_CURVE_TEST + ( + "NIST curve K-233", + "020000000000000000000000000000000000000004000000000000000001", + "0", + "1", + "017232BA853A7E731AF129F22FF4149563A419C26BF50A4C9D6EEFAD6126", + "01DB537DECE819B7F70F555A67C427A8CD9BF18AEB9B56E0C11056FAE6A3", + 0, + "008000000000000000000000000000069D5BB915BCD46EFB1AD5F173ABDF", + "4", + 233, + C2_K233 + ); + + /* Curve B-233 (FIPS PUB 186-2, App. 6) */ + CHAR2_CURVE_TEST + ( + "NIST curve B-233", + "020000000000000000000000000000000000000004000000000000000001", + "000000000000000000000000000000000000000000000000000000000001", + "0066647EDE6C332C7F8C0923BB58213B333B20E9CE4281FE115F7D8F90AD", + "00FAC9DFCBAC8313BB2139F1BB755FEF65BC391F8B36F8F8EB7371FD558B", + "01006A08A41903350678E58528BEBF8A0BEFF867A7CA36716F7E01F81052", + 1, + "01000000000000000000000000000013E974E72F8A6922031D2603CFE0D7", + "2", + 233, + C2_B233 + ); + + /* Curve K-283 (FIPS PUB 186-2, App. 6) */ + CHAR2_CURVE_TEST + ( + "NIST curve K-283", + "0800000000000000000000000000000000000000000000000000000000000000000010A1", + "0", + "1", + "0503213F78CA44883F1A3B8162F188E553CD265F23C1567A16876913B0C2AC2458492836", + "01CCDA380F1C9E318D90F95D07E5426FE87E45C0E8184698E45962364E34116177DD2259", + 0, + "01FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFE9AE2ED07577265DFF7F94451E061E163C61", + "4", + 283, + C2_K283 + ); + + /* Curve B-283 (FIPS PUB 186-2, App. 6) */ + CHAR2_CURVE_TEST + ( + "NIST curve B-283", + "0800000000000000000000000000000000000000000000000000000000000000000010A1", + "000000000000000000000000000000000000000000000000000000000000000000000001", + "027B680AC8B8596DA5A4AF8A19A0303FCA97FD7645309FA2A581485AF6263E313B79A2F5", + "05F939258DB7DD90E1934F8C70B0DFEC2EED25B8557EAC9C80E2E198F8CDBECD86B12053", + "03676854FE24141CB98FE6D4B20D02B4516FF702350EDDB0826779C813F0DF45BE8112F4", + 1, + "03FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEF90399660FC938A90165B042A7CEFADB307", + "2", + 283, + C2_B283 + ); + + /* Curve K-409 (FIPS PUB 186-2, App. 6) */ + CHAR2_CURVE_TEST + ( + "NIST curve K-409", + "02000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000001", + "0", + "1", + "0060F05F658F49C1AD3AB1890F7184210EFD0987E307C84C27ACCFB8F9F67CC2C460189EB5AAAA62EE222EB1B35540CFE9023746", + "01E369050B7C4E42ACBA1DACBF04299C3460782F918EA427E6325165E9EA10E3DA5F6C42E9C55215AA9CA27A5863EC48D8E0286B", + 1, + "007FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFE5F83B2D4EA20400EC4557D5ED3E3E7CA5B4B5C83B8E01E5FCF", + "4", + 409, + C2_K409 + ); + + /* Curve B-409 (FIPS PUB 186-2, App. 6) */ + CHAR2_CURVE_TEST + ( + "NIST curve B-409", + "02000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000001", + "00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001", + "0021A5C2C8EE9FEB5C4B9A753B7B476B7FD6422EF1F3DD674761FA99D6AC27C8A9A197B272822F6CD57A55AA4F50AE317B13545F", + "015D4860D088DDB3496B0C6064756260441CDE4AF1771D4DB01FFE5B34E59703DC255A868A1180515603AEAB60794E54BB7996A7", + "0061B1CFAB6BE5F32BBFA78324ED106A7636B9C5A7BD198D0158AA4F5488D08F38514F1FDF4B4F40D2181B3681C364BA0273C706", + 1, + "010000000000000000000000000000000000000000000000000001E2AAD6A612F33307BE5FA47C3C9E052F838164CD37D9A21173", + "2", + 409, + C2_B409 + ); + + /* Curve K-571 (FIPS PUB 186-2, App. 6) */ + CHAR2_CURVE_TEST + ( + "NIST curve K-571", + "80000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000425", + "0", + "1", + "026EB7A859923FBC82189631F8103FE4AC9CA2970012D5D46024804801841CA44370958493B205E647DA304DB4CEB08CBBD1BA39494776FB988B47174DCA88C7E2945283A01C8972", + "0349DC807F4FBF374F4AEADE3BCA95314DD58CEC9F307A54FFC61EFC006D8A2C9D4979C0AC44AEA74FBEBBB9F772AEDCB620B01A7BA7AF1B320430C8591984F601CD4C143EF1C7A3", + 0, + "020000000000000000000000000000000000000000000000000000000000000000000000131850E1F19A63E4B391A8DB917F4138B630D84BE5D639381E91DEB45CFE778F637C1001", + "4", + 571, + C2_K571 + ); + + /* Curve B-571 (FIPS PUB 186-2, App. 6) */ + CHAR2_CURVE_TEST + ( + "NIST curve B-571", + "80000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000425", + "000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001", + "02F40E7E2221F295DE297117B7F3D62F5C6A97FFCB8CEFF1CD6BA8CE4A9A18AD84FFABBD8EFA59332BE7AD6756A66E294AFD185A78FF12AA520E4DE739BACA0C7FFEFF7F2955727A", + "0303001D34B856296C16C0D40D3CD7750A93D1D2955FA80AA5F40FC8DB7B2ABDBDE53950F4C0D293CDD711A35B67FB1499AE60038614F1394ABFA3B4C850D927E1E7769C8EEC2D19", + "037BF27342DA639B6DCCFFFEB73D69D78C6C27A6009CBBCA1980F8533921E8A684423E43BAB08A576291AF8F461BB2A8B3531D2F0485C19B16E2F1516E23DD3C1A4827AF1B8AC15B", + 1, + "03FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFE661CE18FF55987308059B186823851EC7DD9CA1161DE93D5174D66E8382E9BB2FE84E47", + "2", + 571, + C2_B571 + ); + + /* more tests using the last curve */ + + if (!EC_POINT_copy(Q, P)) ABORT; + if (EC_POINT_is_at_infinity(group, Q)) ABORT; + if (!EC_POINT_dbl(group, P, P, ctx)) ABORT; + if (!EC_POINT_is_on_curve(group, P, ctx)) ABORT; + if (!EC_POINT_invert(group, Q, ctx)) ABORT; /* P = -2Q */ + + if (!EC_POINT_add(group, R, P, Q, ctx)) ABORT; + if (!EC_POINT_add(group, R, R, Q, ctx)) ABORT; + if (!EC_POINT_is_at_infinity(group, R)) ABORT; /* R = P + 2Q */ + + { + const EC_POINT *points[3]; + const BIGNUM *scalars[3]; + + if (EC_POINT_is_at_infinity(group, Q)) ABORT; + points[0] = Q; + points[1] = Q; + points[2] = Q; + + if (!BN_add(y, z, BN_value_one())) ABORT; + if (BN_is_odd(y)) ABORT; + if (!BN_rshift1(y, y)) ABORT; + scalars[0] = y; /* (group order + 1)/2, so y*Q + y*Q = Q */ + scalars[1] = y; + + fprintf(stdout, "combined multiplication ..."); + fflush(stdout); + + /* z is still the group order */ + if (!EC_POINTs_mul(group, P, NULL, 2, points, scalars, ctx)) ABORT; + if (!EC_POINTs_mul(group, R, z, 2, points, scalars, ctx)) ABORT; + if (0 != EC_POINT_cmp(group, P, R, ctx)) ABORT; + if (0 != EC_POINT_cmp(group, R, Q, ctx)) ABORT; + + fprintf(stdout, "."); + fflush(stdout); + + if (!BN_pseudo_rand(y, BN_num_bits(y), 0, 0)) ABORT; + if (!BN_add(z, z, y)) ABORT; + BN_set_negative(z, 1); + scalars[0] = y; + scalars[1] = z; /* z = -(order + y) */ + + if (!EC_POINTs_mul(group, P, NULL, 2, points, scalars, ctx)) ABORT; + if (!EC_POINT_is_at_infinity(group, P)) ABORT; + + fprintf(stdout, "."); + fflush(stdout); + + if (!BN_pseudo_rand(x, BN_num_bits(y) - 1, 0, 0)) ABORT; + if (!BN_add(z, x, y)) ABORT; + BN_set_negative(z, 1); + scalars[0] = x; + scalars[1] = y; + scalars[2] = z; /* z = -(x+y) */ + + if (!EC_POINTs_mul(group, P, NULL, 3, points, scalars, ctx)) ABORT; + if (!EC_POINT_is_at_infinity(group, P)) ABORT; + + fprintf(stdout, " ok\n\n"); + } + + +#if 0 + timings(C2_K163, TIMING_BASE_PT, ctx); + timings(C2_K163, TIMING_RAND_PT, ctx); + timings(C2_K163, TIMING_SIMUL, ctx); + timings(C2_B163, TIMING_BASE_PT, ctx); + timings(C2_B163, TIMING_RAND_PT, ctx); + timings(C2_B163, TIMING_SIMUL, ctx); + timings(C2_K233, TIMING_BASE_PT, ctx); + timings(C2_K233, TIMING_RAND_PT, ctx); + timings(C2_K233, TIMING_SIMUL, ctx); + timings(C2_B233, TIMING_BASE_PT, ctx); + timings(C2_B233, TIMING_RAND_PT, ctx); + timings(C2_B233, TIMING_SIMUL, ctx); + timings(C2_K283, TIMING_BASE_PT, ctx); + timings(C2_K283, TIMING_RAND_PT, ctx); + timings(C2_K283, TIMING_SIMUL, ctx); + timings(C2_B283, TIMING_BASE_PT, ctx); + timings(C2_B283, TIMING_RAND_PT, ctx); + timings(C2_B283, TIMING_SIMUL, ctx); + timings(C2_K409, TIMING_BASE_PT, ctx); + timings(C2_K409, TIMING_RAND_PT, ctx); + timings(C2_K409, TIMING_SIMUL, ctx); + timings(C2_B409, TIMING_BASE_PT, ctx); + timings(C2_B409, TIMING_RAND_PT, ctx); + timings(C2_B409, TIMING_SIMUL, ctx); + timings(C2_K571, TIMING_BASE_PT, ctx); + timings(C2_K571, TIMING_RAND_PT, ctx); + timings(C2_K571, TIMING_SIMUL, ctx); + timings(C2_B571, TIMING_BASE_PT, ctx); + timings(C2_B571, TIMING_RAND_PT, ctx); + timings(C2_B571, TIMING_SIMUL, ctx); +#endif + + + if (ctx) + BN_CTX_free(ctx); + BN_free(p); BN_free(a); BN_free(b); + EC_GROUP_free(group); + EC_POINT_free(P); + EC_POINT_free(Q); + EC_POINT_free(R); + BN_free(x); BN_free(y); BN_free(z); BN_free(cof); + + if (C2_K163) EC_GROUP_free(C2_K163); + if (C2_B163) EC_GROUP_free(C2_B163); + if (C2_K233) EC_GROUP_free(C2_K233); + if (C2_B233) EC_GROUP_free(C2_B233); + if (C2_K283) EC_GROUP_free(C2_K283); + if (C2_B283) EC_GROUP_free(C2_B283); + if (C2_K409) EC_GROUP_free(C2_K409); + if (C2_B409) EC_GROUP_free(C2_B409); + if (C2_K571) EC_GROUP_free(C2_K571); + if (C2_B571) EC_GROUP_free(C2_B571); + + } + +void internal_curve_test(void) + { + EC_builtin_curve *curves = NULL; + size_t crv_len = 0, n = 0; + int ok = 1; + + crv_len = EC_get_builtin_curves(NULL, 0); + + curves = OPENSSL_malloc(sizeof(EC_builtin_curve) * crv_len); + + if (curves == NULL) + return; + + if (!EC_get_builtin_curves(curves, crv_len)) + { + OPENSSL_free(curves); + return; + } + + fprintf(stdout, "testing internal curves: "); + + for (n = 0; n < crv_len; n++) + { + EC_GROUP *group = NULL; + int nid = curves[n].nid; + if ((group = EC_GROUP_new_by_curve_name(nid)) == NULL) + { + ok = 0; + fprintf(stdout, "\nEC_GROUP_new_curve_name() failed with" + " curve %s\n", OBJ_nid2sn(nid)); + /* try next curve */ + continue; + } + if (!EC_GROUP_check(group, NULL)) + { + ok = 0; + fprintf(stdout, "\nEC_GROUP_check() failed with" + " curve %s\n", OBJ_nid2sn(nid)); + EC_GROUP_free(group); + /* try the next curve */ + continue; + } + fprintf(stdout, "."); + fflush(stdout); + EC_GROUP_free(group); + } + if (ok) + fprintf(stdout, " ok\n"); + else + fprintf(stdout, " failed\n"); + OPENSSL_free(curves); + return; + } + +static const char rnd_seed[] = "string to make the random number generator think it has entropy"; + +int main(int argc, char *argv[]) + { + + /* enable memory leak checking unless explicitly disabled */ + if (!((getenv("OPENSSL_DEBUG_MEMORY") != NULL) && (0 == strcmp(getenv("OPENSSL_DEBUG_MEMORY"), "off")))) + { + CRYPTO_malloc_debug_init(); + CRYPTO_set_mem_debug_options(V_CRYPTO_MDEBUG_ALL); + } + else + { + /* OPENSSL_DEBUG_MEMORY=off */ + CRYPTO_set_mem_debug_functions(0, 0, 0, 0, 0); + } + CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON); + ERR_load_crypto_strings(); + + RAND_seed(rnd_seed, sizeof rnd_seed); /* or BN_generate_prime may fail */ + + prime_field_tests(); + puts(""); + char2_field_tests(); + /* test the internal curves */ + internal_curve_test(); + #ifndef OPENSSL_NO_ENGINE ENGINE_cleanup(); #endif diff --git a/src/lib/libssl/src/crypto/engine/Makefile b/src/lib/libssl/src/crypto/engine/Makefile index 38f83f1654..13f211a0ae 100644 --- a/src/lib/libssl/src/crypto/engine/Makefile +++ b/src/lib/libssl/src/crypto/engine/Makefile @@ -7,11 +7,6 @@ TOP= ../.. CC= cc INCLUDES= -I.. -I$(TOP) -I../../include CFLAG=-g -INSTALL_PREFIX= -OPENSSLDIR= /usr/local/ssl -INSTALLTOP=/usr/local/ssl -MAKEDEPPROG= makedepend -MAKEDEPEND= $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG) MAKEFILE= Makefile AR= ar r @@ -24,16 +19,14 @@ APPS= LIB=$(TOP)/libcrypto.a LIBSRC= eng_err.c eng_lib.c eng_list.c eng_init.c eng_ctrl.c \ eng_table.c eng_pkey.c eng_fat.c eng_all.c \ - tb_rsa.c tb_dsa.c tb_dh.c tb_rand.c tb_cipher.c tb_digest.c \ - eng_openssl.c eng_dyn.c eng_cnf.c \ - hw_atalla.c hw_cswift.c hw_ncipher.c hw_nuron.c hw_ubsec.c \ - hw_cryptodev.c hw_aep.c hw_sureware.c hw_4758_cca.c + tb_rsa.c tb_dsa.c tb_ecdsa.c tb_dh.c tb_ecdh.c tb_rand.c tb_store.c \ + tb_cipher.c tb_digest.c \ + eng_openssl.c eng_cnf.c eng_dyn.c eng_cryptodev.c eng_padlock.c LIBOBJ= eng_err.o eng_lib.o eng_list.o eng_init.o eng_ctrl.o \ eng_table.o eng_pkey.o eng_fat.o eng_all.o \ - tb_rsa.o tb_dsa.o tb_dh.o tb_rand.o tb_cipher.o tb_digest.o \ - eng_openssl.o eng_dyn.o eng_cnf.o \ - hw_atalla.o hw_cswift.o hw_ncipher.o hw_nuron.o hw_ubsec.o \ - hw_cryptodev.o hw_aep.o hw_sureware.o hw_4758_cca.o + tb_rsa.o tb_dsa.o tb_ecdsa.o tb_dh.o tb_ecdh.o tb_rand.o tb_store.o \ + tb_cipher.o tb_digest.o \ + eng_openssl.o eng_cnf.o eng_dyn.o eng_cryptodev.o eng_padlock.o SRC= $(LIBSRC) @@ -61,6 +54,7 @@ links: @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS) install: + @[ -n "$(INSTALLTOP)" ] # should be set by top Makefile... @headerlist="$(EXHEADER)"; for i in $$headerlist ; \ do \ (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \ @@ -70,16 +64,13 @@ install: tags: ctags $(SRC) -errors: - $(PERL) $(TOP)/util/mkerr.pl -conf hw.ec \ - -nostatic -staticloader -write hw_*.c - tests: lint: lint -DLINT $(INCLUDES) $(SRC)>fluff depend: + @[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile... $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC) dclean: @@ -91,446 +82,207 @@ clean: # DO NOT DELETE THIS LINE -- make depend depends on it. -eng_all.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -eng_all.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h -eng_all.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h +eng_all.o: ../../e_os.h ../../include/openssl/bio.h +eng_all.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h eng_all.o: ../../include/openssl/e_os2.h ../../include/openssl/engine.h eng_all.o: ../../include/openssl/err.h ../../include/openssl/lhash.h eng_all.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -eng_all.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h -eng_all.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h +eng_all.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h eng_all.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -eng_all.o: ../../include/openssl/ui.h eng_all.c eng_int.h -eng_cnf.o: ../../e_os.h ../../include/openssl/asn1.h -eng_cnf.o: ../../include/openssl/bio.h ../../include/openssl/bn.h +eng_all.o: ../cryptlib.h eng_all.c eng_int.h +eng_cnf.o: ../../e_os.h ../../include/openssl/bio.h eng_cnf.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h -eng_cnf.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h -eng_cnf.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h +eng_cnf.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h eng_cnf.o: ../../include/openssl/engine.h ../../include/openssl/err.h eng_cnf.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h eng_cnf.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -eng_cnf.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h eng_cnf.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h -eng_cnf.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -eng_cnf.o: ../cryptlib.h eng_cnf.c -eng_ctrl.o: ../../e_os.h ../../include/openssl/asn1.h -eng_ctrl.o: ../../include/openssl/bio.h ../../include/openssl/bn.h +eng_cnf.o: ../../include/openssl/symhacks.h ../cryptlib.h eng_cnf.c eng_int.h +eng_cryptodev.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h +eng_cryptodev.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h +eng_cryptodev.o: ../../include/openssl/e_os2.h ../../include/openssl/engine.h +eng_cryptodev.o: ../../include/openssl/evp.h ../../include/openssl/obj_mac.h +eng_cryptodev.o: ../../include/openssl/objects.h +eng_cryptodev.o: ../../include/openssl/opensslconf.h +eng_cryptodev.o: ../../include/openssl/opensslv.h +eng_cryptodev.o: ../../include/openssl/ossl_typ.h +eng_cryptodev.o: ../../include/openssl/safestack.h +eng_cryptodev.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +eng_cryptodev.o: eng_cryptodev.c +eng_ctrl.o: ../../e_os.h ../../include/openssl/bio.h eng_ctrl.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h -eng_ctrl.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h eng_ctrl.o: ../../include/openssl/e_os2.h ../../include/openssl/engine.h eng_ctrl.o: ../../include/openssl/err.h ../../include/openssl/lhash.h eng_ctrl.o: ../../include/openssl/opensslconf.h eng_ctrl.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -eng_ctrl.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h eng_ctrl.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h -eng_ctrl.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -eng_ctrl.o: ../cryptlib.h eng_ctrl.c eng_int.h -eng_dyn.o: ../../e_os.h ../../include/openssl/asn1.h -eng_dyn.o: ../../include/openssl/bio.h ../../include/openssl/bn.h +eng_ctrl.o: ../../include/openssl/symhacks.h ../cryptlib.h eng_ctrl.c eng_int.h +eng_dyn.o: ../../e_os.h ../../include/openssl/bio.h eng_dyn.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h -eng_dyn.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h eng_dyn.o: ../../include/openssl/dso.h ../../include/openssl/e_os2.h eng_dyn.o: ../../include/openssl/engine.h ../../include/openssl/err.h eng_dyn.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h eng_dyn.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -eng_dyn.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h eng_dyn.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h -eng_dyn.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -eng_dyn.o: ../cryptlib.h eng_dyn.c eng_int.h -eng_err.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -eng_err.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h -eng_err.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h +eng_dyn.o: ../../include/openssl/symhacks.h ../cryptlib.h eng_dyn.c eng_int.h +eng_err.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h eng_err.o: ../../include/openssl/e_os2.h ../../include/openssl/engine.h eng_err.o: ../../include/openssl/err.h ../../include/openssl/lhash.h eng_err.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -eng_err.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h -eng_err.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h +eng_err.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h eng_err.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -eng_err.o: ../../include/openssl/ui.h eng_err.c -eng_fat.o: ../../e_os.h ../../include/openssl/asn1.h -eng_fat.o: ../../include/openssl/bio.h ../../include/openssl/bn.h +eng_err.o: eng_err.c +eng_fat.o: ../../e_os.h ../../include/openssl/bio.h eng_fat.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h -eng_fat.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h -eng_fat.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h +eng_fat.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h eng_fat.o: ../../include/openssl/engine.h ../../include/openssl/err.h eng_fat.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h eng_fat.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -eng_fat.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h eng_fat.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h -eng_fat.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -eng_fat.o: ../cryptlib.h eng_fat.c eng_int.h -eng_init.o: ../../e_os.h ../../include/openssl/asn1.h -eng_init.o: ../../include/openssl/bio.h ../../include/openssl/bn.h +eng_fat.o: ../../include/openssl/symhacks.h ../cryptlib.h eng_fat.c eng_int.h +eng_init.o: ../../e_os.h ../../include/openssl/bio.h eng_init.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h -eng_init.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h eng_init.o: ../../include/openssl/e_os2.h ../../include/openssl/engine.h eng_init.o: ../../include/openssl/err.h ../../include/openssl/lhash.h eng_init.o: ../../include/openssl/opensslconf.h eng_init.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -eng_init.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h eng_init.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h -eng_init.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -eng_init.o: ../cryptlib.h eng_init.c eng_int.h -eng_lib.o: ../../e_os.h ../../include/openssl/asn1.h -eng_lib.o: ../../include/openssl/bio.h ../../include/openssl/bn.h +eng_init.o: ../../include/openssl/symhacks.h ../cryptlib.h eng_init.c eng_int.h +eng_lib.o: ../../e_os.h ../../include/openssl/bio.h eng_lib.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h -eng_lib.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h eng_lib.o: ../../include/openssl/e_os2.h ../../include/openssl/engine.h eng_lib.o: ../../include/openssl/err.h ../../include/openssl/lhash.h eng_lib.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h eng_lib.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h -eng_lib.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -eng_lib.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -eng_lib.o: ../../include/openssl/ui.h ../cryptlib.h eng_int.h eng_lib.c -eng_list.o: ../../e_os.h ../../include/openssl/asn1.h -eng_list.o: ../../include/openssl/bio.h ../../include/openssl/bn.h +eng_lib.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +eng_lib.o: ../../include/openssl/symhacks.h ../cryptlib.h eng_int.h eng_lib.c +eng_list.o: ../../e_os.h ../../include/openssl/bio.h eng_list.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h -eng_list.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h eng_list.o: ../../include/openssl/e_os2.h ../../include/openssl/engine.h eng_list.o: ../../include/openssl/err.h ../../include/openssl/lhash.h eng_list.o: ../../include/openssl/opensslconf.h eng_list.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -eng_list.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h eng_list.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h -eng_list.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -eng_list.o: ../cryptlib.h eng_int.h eng_list.c -eng_openssl.o: ../../e_os.h ../../include/openssl/aes.h -eng_openssl.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -eng_openssl.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -eng_openssl.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -eng_openssl.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -eng_openssl.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h +eng_list.o: ../../include/openssl/symhacks.h ../cryptlib.h eng_int.h eng_list.c +eng_openssl.o: ../../e_os.h ../../include/openssl/asn1.h +eng_openssl.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h +eng_openssl.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h eng_openssl.o: ../../include/openssl/dsa.h ../../include/openssl/dso.h -eng_openssl.o: ../../include/openssl/e_os2.h ../../include/openssl/engine.h -eng_openssl.o: ../../include/openssl/err.h ../../include/openssl/evp.h -eng_openssl.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -eng_openssl.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -eng_openssl.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h +eng_openssl.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h +eng_openssl.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h +eng_openssl.o: ../../include/openssl/engine.h ../../include/openssl/err.h +eng_openssl.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h eng_openssl.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h eng_openssl.o: ../../include/openssl/opensslconf.h eng_openssl.o: ../../include/openssl/opensslv.h eng_openssl.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pem.h eng_openssl.o: ../../include/openssl/pem2.h ../../include/openssl/pkcs7.h -eng_openssl.o: ../../include/openssl/rand.h ../../include/openssl/rc2.h -eng_openssl.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -eng_openssl.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -eng_openssl.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -eng_openssl.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -eng_openssl.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -eng_openssl.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -eng_openssl.o: ../cryptlib.h eng_openssl.c -eng_pkey.o: ../../e_os.h ../../include/openssl/asn1.h -eng_pkey.o: ../../include/openssl/bio.h ../../include/openssl/bn.h +eng_openssl.o: ../../include/openssl/rand.h ../../include/openssl/rc4.h +eng_openssl.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h +eng_openssl.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +eng_openssl.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h +eng_openssl.o: ../../include/openssl/x509_vfy.h ../cryptlib.h eng_openssl.c +eng_padlock.o: ../../include/openssl/aes.h ../../include/openssl/asn1.h +eng_padlock.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h +eng_padlock.o: ../../include/openssl/dso.h ../../include/openssl/e_os2.h +eng_padlock.o: ../../include/openssl/engine.h ../../include/openssl/err.h +eng_padlock.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h +eng_padlock.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h +eng_padlock.o: ../../include/openssl/opensslconf.h +eng_padlock.o: ../../include/openssl/opensslv.h +eng_padlock.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h +eng_padlock.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +eng_padlock.o: ../../include/openssl/symhacks.h eng_padlock.c +eng_pkey.o: ../../e_os.h ../../include/openssl/bio.h eng_pkey.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h -eng_pkey.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h eng_pkey.o: ../../include/openssl/e_os2.h ../../include/openssl/engine.h eng_pkey.o: ../../include/openssl/err.h ../../include/openssl/lhash.h eng_pkey.o: ../../include/openssl/opensslconf.h eng_pkey.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -eng_pkey.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h eng_pkey.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h -eng_pkey.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -eng_pkey.o: ../cryptlib.h eng_int.h eng_pkey.c -eng_table.o: ../../include/openssl/aes.h ../../include/openssl/asn1.h -eng_table.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -eng_table.o: ../../include/openssl/bn.h ../../include/openssl/cast.h -eng_table.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -eng_table.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -eng_table.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h +eng_pkey.o: ../../include/openssl/symhacks.h ../cryptlib.h eng_int.h eng_pkey.c +eng_table.o: ../../e_os.h ../../include/openssl/asn1.h +eng_table.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h +eng_table.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h eng_table.o: ../../include/openssl/engine.h ../../include/openssl/err.h -eng_table.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -eng_table.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -eng_table.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -eng_table.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h -eng_table.o: ../../include/openssl/objects.h +eng_table.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h +eng_table.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h eng_table.o: ../../include/openssl/opensslconf.h eng_table.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -eng_table.o: ../../include/openssl/rand.h ../../include/openssl/rc2.h -eng_table.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -eng_table.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -eng_table.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -eng_table.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -eng_table.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -eng_table.o: eng_int.h eng_table.c -hw_4758_cca.o: ../../e_os.h ../../include/openssl/aes.h -hw_4758_cca.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -hw_4758_cca.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -hw_4758_cca.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -hw_4758_cca.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -hw_4758_cca.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -hw_4758_cca.o: ../../include/openssl/dsa.h ../../include/openssl/dso.h -hw_4758_cca.o: ../../include/openssl/e_os2.h ../../include/openssl/engine.h -hw_4758_cca.o: ../../include/openssl/err.h ../../include/openssl/evp.h -hw_4758_cca.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -hw_4758_cca.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -hw_4758_cca.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h -hw_4758_cca.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -hw_4758_cca.o: ../../include/openssl/opensslconf.h -hw_4758_cca.o: ../../include/openssl/opensslv.h -hw_4758_cca.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h -hw_4758_cca.o: ../../include/openssl/rand.h ../../include/openssl/rc2.h -hw_4758_cca.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -hw_4758_cca.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -hw_4758_cca.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -hw_4758_cca.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -hw_4758_cca.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -hw_4758_cca.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -hw_4758_cca.o: ../cryptlib.h hw_4758_cca.c hw_4758_cca_err.c hw_4758_cca_err.h -hw_4758_cca.o: vendor_defns/hw_4758_cca.h -hw_aep.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -hw_aep.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -hw_aep.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h -hw_aep.o: ../../include/openssl/dsa.h ../../include/openssl/dso.h -hw_aep.o: ../../include/openssl/e_os2.h ../../include/openssl/engine.h -hw_aep.o: ../../include/openssl/err.h ../../include/openssl/lhash.h -hw_aep.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -hw_aep.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h -hw_aep.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -hw_aep.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -hw_aep.o: ../../include/openssl/ui.h hw_aep.c hw_aep_err.c hw_aep_err.h -hw_aep.o: vendor_defns/aep.h -hw_atalla.o: ../../e_os.h ../../include/openssl/asn1.h -hw_atalla.o: ../../include/openssl/bio.h ../../include/openssl/bn.h -hw_atalla.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h -hw_atalla.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -hw_atalla.o: ../../include/openssl/dso.h ../../include/openssl/e_os2.h -hw_atalla.o: ../../include/openssl/engine.h ../../include/openssl/err.h -hw_atalla.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h -hw_atalla.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -hw_atalla.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h -hw_atalla.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h -hw_atalla.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -hw_atalla.o: ../cryptlib.h hw_atalla.c hw_atalla_err.c hw_atalla_err.h -hw_atalla.o: vendor_defns/atalla.h -hw_cryptodev.o: ../../include/openssl/aes.h ../../include/openssl/asn1.h -hw_cryptodev.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -hw_cryptodev.o: ../../include/openssl/bn.h ../../include/openssl/cast.h -hw_cryptodev.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -hw_cryptodev.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -hw_cryptodev.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -hw_cryptodev.o: ../../include/openssl/engine.h ../../include/openssl/err.h -hw_cryptodev.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -hw_cryptodev.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -hw_cryptodev.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -hw_cryptodev.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h -hw_cryptodev.o: ../../include/openssl/objects.h -hw_cryptodev.o: ../../include/openssl/opensslconf.h -hw_cryptodev.o: ../../include/openssl/opensslv.h -hw_cryptodev.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h -hw_cryptodev.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -hw_cryptodev.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h -hw_cryptodev.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -hw_cryptodev.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -hw_cryptodev.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -hw_cryptodev.o: ../../include/openssl/ui_compat.h hw_cryptodev.c -hw_cswift.o: ../../e_os.h ../../include/openssl/asn1.h -hw_cswift.o: ../../include/openssl/bio.h ../../include/openssl/bn.h -hw_cswift.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h -hw_cswift.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -hw_cswift.o: ../../include/openssl/dso.h ../../include/openssl/e_os2.h -hw_cswift.o: ../../include/openssl/engine.h ../../include/openssl/err.h -hw_cswift.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h -hw_cswift.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -hw_cswift.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h -hw_cswift.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h -hw_cswift.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -hw_cswift.o: ../cryptlib.h hw_cswift.c hw_cswift_err.c hw_cswift_err.h -hw_cswift.o: vendor_defns/cswift.h -hw_ncipher.o: ../../e_os.h ../../include/openssl/aes.h -hw_ncipher.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -hw_ncipher.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -hw_ncipher.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -hw_ncipher.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -hw_ncipher.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -hw_ncipher.o: ../../include/openssl/dsa.h ../../include/openssl/dso.h -hw_ncipher.o: ../../include/openssl/e_os2.h ../../include/openssl/engine.h -hw_ncipher.o: ../../include/openssl/err.h ../../include/openssl/evp.h -hw_ncipher.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -hw_ncipher.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -hw_ncipher.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h -hw_ncipher.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -hw_ncipher.o: ../../include/openssl/opensslconf.h -hw_ncipher.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -hw_ncipher.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h -hw_ncipher.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h -hw_ncipher.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -hw_ncipher.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h -hw_ncipher.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -hw_ncipher.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -hw_ncipher.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -hw_ncipher.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h -hw_ncipher.o: ../../include/openssl/x509_vfy.h ../cryptlib.h hw_ncipher.c -hw_ncipher.o: hw_ncipher_err.c hw_ncipher_err.h vendor_defns/hwcryptohook.h -hw_nuron.o: ../../e_os.h ../../include/openssl/asn1.h -hw_nuron.o: ../../include/openssl/bio.h ../../include/openssl/bn.h -hw_nuron.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h -hw_nuron.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -hw_nuron.o: ../../include/openssl/dso.h ../../include/openssl/e_os2.h -hw_nuron.o: ../../include/openssl/engine.h ../../include/openssl/err.h -hw_nuron.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h -hw_nuron.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -hw_nuron.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h -hw_nuron.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h -hw_nuron.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -hw_nuron.o: ../cryptlib.h hw_nuron.c hw_nuron_err.c hw_nuron_err.h -hw_sureware.o: ../../e_os.h ../../include/openssl/aes.h -hw_sureware.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -hw_sureware.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -hw_sureware.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -hw_sureware.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -hw_sureware.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -hw_sureware.o: ../../include/openssl/dsa.h ../../include/openssl/dso.h -hw_sureware.o: ../../include/openssl/e_os2.h ../../include/openssl/engine.h -hw_sureware.o: ../../include/openssl/err.h ../../include/openssl/evp.h -hw_sureware.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -hw_sureware.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -hw_sureware.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h -hw_sureware.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -hw_sureware.o: ../../include/openssl/opensslconf.h -hw_sureware.o: ../../include/openssl/opensslv.h -hw_sureware.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pem.h -hw_sureware.o: ../../include/openssl/pem2.h ../../include/openssl/pkcs7.h -hw_sureware.o: ../../include/openssl/rand.h ../../include/openssl/rc2.h -hw_sureware.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -hw_sureware.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -hw_sureware.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -hw_sureware.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -hw_sureware.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -hw_sureware.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -hw_sureware.o: ../cryptlib.h eng_int.h engine.h hw_sureware.c hw_sureware_err.c -hw_sureware.o: hw_sureware_err.h vendor_defns/sureware.h -hw_ubsec.o: ../../e_os.h ../../include/openssl/asn1.h -hw_ubsec.o: ../../include/openssl/bio.h ../../include/openssl/bn.h -hw_ubsec.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h -hw_ubsec.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -hw_ubsec.o: ../../include/openssl/dso.h ../../include/openssl/e_os2.h -hw_ubsec.o: ../../include/openssl/engine.h ../../include/openssl/err.h -hw_ubsec.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h -hw_ubsec.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -hw_ubsec.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h -hw_ubsec.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h -hw_ubsec.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -hw_ubsec.o: ../cryptlib.h hw_ubsec.c hw_ubsec_err.c hw_ubsec_err.h -hw_ubsec.o: vendor_defns/hw_ubsec.h -tb_cipher.o: ../../include/openssl/aes.h ../../include/openssl/asn1.h -tb_cipher.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -tb_cipher.o: ../../include/openssl/bn.h ../../include/openssl/cast.h -tb_cipher.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -tb_cipher.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -tb_cipher.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -tb_cipher.o: ../../include/openssl/engine.h ../../include/openssl/err.h -tb_cipher.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -tb_cipher.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -tb_cipher.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -tb_cipher.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h -tb_cipher.o: ../../include/openssl/objects.h +eng_table.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +eng_table.o: ../../include/openssl/symhacks.h ../cryptlib.h eng_int.h +eng_table.o: eng_table.c +tb_cipher.o: ../../e_os.h ../../include/openssl/bio.h +tb_cipher.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h +tb_cipher.o: ../../include/openssl/e_os2.h ../../include/openssl/engine.h +tb_cipher.o: ../../include/openssl/err.h ../../include/openssl/lhash.h tb_cipher.o: ../../include/openssl/opensslconf.h tb_cipher.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -tb_cipher.o: ../../include/openssl/rand.h ../../include/openssl/rc2.h -tb_cipher.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -tb_cipher.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -tb_cipher.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -tb_cipher.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -tb_cipher.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -tb_cipher.o: eng_int.h tb_cipher.c -tb_dh.o: ../../include/openssl/aes.h ../../include/openssl/asn1.h -tb_dh.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -tb_dh.o: ../../include/openssl/bn.h ../../include/openssl/cast.h -tb_dh.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -tb_dh.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -tb_dh.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -tb_dh.o: ../../include/openssl/engine.h ../../include/openssl/err.h -tb_dh.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -tb_dh.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -tb_dh.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -tb_dh.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h -tb_dh.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -tb_dh.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -tb_dh.o: ../../include/openssl/rand.h ../../include/openssl/rc2.h -tb_dh.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -tb_dh.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -tb_dh.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +tb_cipher.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +tb_cipher.o: ../../include/openssl/symhacks.h ../cryptlib.h eng_int.h +tb_cipher.o: tb_cipher.c +tb_dh.o: ../../e_os.h ../../include/openssl/bio.h +tb_dh.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h +tb_dh.o: ../../include/openssl/e_os2.h ../../include/openssl/engine.h +tb_dh.o: ../../include/openssl/err.h ../../include/openssl/lhash.h +tb_dh.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h +tb_dh.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h tb_dh.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -tb_dh.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h eng_int.h -tb_dh.o: tb_dh.c -tb_digest.o: ../../include/openssl/aes.h ../../include/openssl/asn1.h -tb_digest.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -tb_digest.o: ../../include/openssl/bn.h ../../include/openssl/cast.h -tb_digest.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -tb_digest.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -tb_digest.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -tb_digest.o: ../../include/openssl/engine.h ../../include/openssl/err.h -tb_digest.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -tb_digest.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -tb_digest.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -tb_digest.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h -tb_digest.o: ../../include/openssl/objects.h +tb_dh.o: ../cryptlib.h eng_int.h tb_dh.c +tb_digest.o: ../../e_os.h ../../include/openssl/bio.h +tb_digest.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h +tb_digest.o: ../../include/openssl/e_os2.h ../../include/openssl/engine.h +tb_digest.o: ../../include/openssl/err.h ../../include/openssl/lhash.h tb_digest.o: ../../include/openssl/opensslconf.h tb_digest.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -tb_digest.o: ../../include/openssl/rand.h ../../include/openssl/rc2.h -tb_digest.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -tb_digest.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -tb_digest.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -tb_digest.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -tb_digest.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -tb_digest.o: eng_int.h tb_digest.c -tb_dsa.o: ../../include/openssl/aes.h ../../include/openssl/asn1.h -tb_dsa.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -tb_dsa.o: ../../include/openssl/bn.h ../../include/openssl/cast.h -tb_dsa.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -tb_dsa.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -tb_dsa.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -tb_dsa.o: ../../include/openssl/engine.h ../../include/openssl/err.h -tb_dsa.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -tb_dsa.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -tb_dsa.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -tb_dsa.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h -tb_dsa.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -tb_dsa.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -tb_dsa.o: ../../include/openssl/rand.h ../../include/openssl/rc2.h -tb_dsa.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -tb_dsa.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -tb_dsa.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +tb_digest.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +tb_digest.o: ../../include/openssl/symhacks.h ../cryptlib.h eng_int.h +tb_digest.o: tb_digest.c +tb_dsa.o: ../../e_os.h ../../include/openssl/bio.h +tb_dsa.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h +tb_dsa.o: ../../include/openssl/e_os2.h ../../include/openssl/engine.h +tb_dsa.o: ../../include/openssl/err.h ../../include/openssl/lhash.h +tb_dsa.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h +tb_dsa.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h tb_dsa.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -tb_dsa.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -tb_dsa.o: eng_int.h tb_dsa.c -tb_rand.o: ../../include/openssl/aes.h ../../include/openssl/asn1.h -tb_rand.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -tb_rand.o: ../../include/openssl/bn.h ../../include/openssl/cast.h -tb_rand.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -tb_rand.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -tb_rand.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -tb_rand.o: ../../include/openssl/engine.h ../../include/openssl/err.h -tb_rand.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -tb_rand.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -tb_rand.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -tb_rand.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h -tb_rand.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -tb_rand.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -tb_rand.o: ../../include/openssl/rand.h ../../include/openssl/rc2.h -tb_rand.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -tb_rand.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -tb_rand.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +tb_dsa.o: ../cryptlib.h eng_int.h tb_dsa.c +tb_ecdh.o: ../../e_os.h ../../include/openssl/bio.h +tb_ecdh.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h +tb_ecdh.o: ../../include/openssl/e_os2.h ../../include/openssl/engine.h +tb_ecdh.o: ../../include/openssl/err.h ../../include/openssl/lhash.h +tb_ecdh.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h +tb_ecdh.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h +tb_ecdh.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +tb_ecdh.o: ../cryptlib.h eng_int.h tb_ecdh.c +tb_ecdsa.o: ../../e_os.h ../../include/openssl/bio.h +tb_ecdsa.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h +tb_ecdsa.o: ../../include/openssl/e_os2.h ../../include/openssl/engine.h +tb_ecdsa.o: ../../include/openssl/err.h ../../include/openssl/lhash.h +tb_ecdsa.o: ../../include/openssl/opensslconf.h +tb_ecdsa.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +tb_ecdsa.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +tb_ecdsa.o: ../../include/openssl/symhacks.h ../cryptlib.h eng_int.h tb_ecdsa.c +tb_rand.o: ../../e_os.h ../../include/openssl/bio.h +tb_rand.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h +tb_rand.o: ../../include/openssl/e_os2.h ../../include/openssl/engine.h +tb_rand.o: ../../include/openssl/err.h ../../include/openssl/lhash.h +tb_rand.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h +tb_rand.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h tb_rand.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -tb_rand.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -tb_rand.o: eng_int.h tb_rand.c -tb_rsa.o: ../../include/openssl/aes.h ../../include/openssl/asn1.h -tb_rsa.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -tb_rsa.o: ../../include/openssl/bn.h ../../include/openssl/cast.h -tb_rsa.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -tb_rsa.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -tb_rsa.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -tb_rsa.o: ../../include/openssl/engine.h ../../include/openssl/err.h -tb_rsa.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -tb_rsa.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -tb_rsa.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -tb_rsa.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h -tb_rsa.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -tb_rsa.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -tb_rsa.o: ../../include/openssl/rand.h ../../include/openssl/rc2.h -tb_rsa.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -tb_rsa.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -tb_rsa.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +tb_rand.o: ../cryptlib.h eng_int.h tb_rand.c +tb_rsa.o: ../../e_os.h ../../include/openssl/bio.h +tb_rsa.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h +tb_rsa.o: ../../include/openssl/e_os2.h ../../include/openssl/engine.h +tb_rsa.o: ../../include/openssl/err.h ../../include/openssl/lhash.h +tb_rsa.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h +tb_rsa.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h tb_rsa.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -tb_rsa.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -tb_rsa.o: eng_int.h tb_rsa.c +tb_rsa.o: ../cryptlib.h eng_int.h tb_rsa.c +tb_store.o: ../../e_os.h ../../include/openssl/bio.h +tb_store.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h +tb_store.o: ../../include/openssl/e_os2.h ../../include/openssl/engine.h +tb_store.o: ../../include/openssl/err.h ../../include/openssl/lhash.h +tb_store.o: ../../include/openssl/opensslconf.h +tb_store.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +tb_store.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +tb_store.o: ../../include/openssl/symhacks.h ../cryptlib.h eng_int.h tb_store.c diff --git a/src/lib/libssl/src/crypto/engine/eng_all.c b/src/lib/libssl/src/crypto/engine/eng_all.c index 0f6992a40d..8599046717 100644 --- a/src/lib/libssl/src/crypto/engine/eng_all.c +++ b/src/lib/libssl/src/crypto/engine/eng_all.c @@ -56,8 +56,7 @@ * */ -#include -#include +#include "cryptlib.h" #include "eng_int.h" void ENGINE_load_builtin_engines(void) @@ -68,33 +67,43 @@ void ENGINE_load_builtin_engines(void) * *no* builtin implementations). */ #if 0 ENGINE_load_openssl(); +#endif +#if !defined(OPENSSL_NO_HW) && !defined(OPENSSL_NO_HW_PADLOCK) + ENGINE_load_padlock(); #endif ENGINE_load_dynamic(); +#ifndef OPENSSL_NO_STATIC_ENGINE #ifndef OPENSSL_NO_HW +#ifndef OPENSSL_NO_HW_4758_CCA + ENGINE_load_4758cca(); +#endif +#ifndef OPENSSL_NO_HW_AEP + ENGINE_load_aep(); +#endif +#ifndef OPENSSL_NO_HW_ATALLA + ENGINE_load_atalla(); +#endif #ifndef OPENSSL_NO_HW_CSWIFT ENGINE_load_cswift(); #endif #ifndef OPENSSL_NO_HW_NCIPHER ENGINE_load_chil(); #endif -#ifndef OPENSSL_NO_HW_ATALLA - ENGINE_load_atalla(); -#endif #ifndef OPENSSL_NO_HW_NURON ENGINE_load_nuron(); #endif +#ifndef OPENSSL_NO_HW_SUREWARE + ENGINE_load_sureware(); +#endif #ifndef OPENSSL_NO_HW_UBSEC ENGINE_load_ubsec(); #endif -#ifndef OPENSSL_NO_HW_AEP - ENGINE_load_aep(); #endif -#ifndef OPENSSL_NO_HW_SUREWARE - ENGINE_load_sureware(); +#if !defined(OPENSSL_NO_GMP) && !defined(OPENSSL_NO_HW_GMP) + ENGINE_load_gmp(); #endif -#ifndef OPENSSL_NO_HW_4758_CCA - ENGINE_load_4758cca(); #endif +#ifndef OPENSSL_NO_HW #if defined(__OpenBSD__) || defined(__FreeBSD__) ENGINE_load_cryptodev(); #endif diff --git a/src/lib/libssl/src/crypto/engine/eng_cnf.c b/src/lib/libssl/src/crypto/engine/eng_cnf.c index 4225760af1..a97e01e619 100644 --- a/src/lib/libssl/src/crypto/engine/eng_cnf.c +++ b/src/lib/libssl/src/crypto/engine/eng_cnf.c @@ -56,11 +56,8 @@ * */ -#include -#include -#include "cryptlib.h" +#include "eng_int.h" #include -#include /* #define ENGINE_CONF_DEBUG */ @@ -210,7 +207,7 @@ static int int_engine_module_init(CONF_IMODULE *md, const CONF *cnf) if (!elist) { - ENGINEerr(ENGINE_F_ENGINE_MODULE_INIT, ENGINE_R_ENGINES_SECTION_ERROR); + ENGINEerr(ENGINE_F_INT_ENGINE_MODULE_INIT, ENGINE_R_ENGINES_SECTION_ERROR); return 0; } diff --git a/src/lib/libssl/src/crypto/engine/eng_cryptodev.c b/src/lib/libssl/src/crypto/engine/eng_cryptodev.c new file mode 100644 index 0000000000..ab38cd52f0 --- /dev/null +++ b/src/lib/libssl/src/crypto/engine/eng_cryptodev.c @@ -0,0 +1,1133 @@ +/* + * Copyright (c) 2002 Bob Beck + * Copyright (c) 2002 Theo de Raadt + * Copyright (c) 2002 Markus Friedl + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND ANY + * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED + * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE + * DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE FOR ANY + * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES + * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND + * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT + * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF + * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + * + */ + +#include +#include +#include +#include + +#if (defined(__unix__) || defined(unix)) && !defined(USG) && \ + (defined(OpenBSD) || defined(__FreeBSD_version)) +#include +# if (OpenBSD >= 200112) || ((__FreeBSD_version >= 470101 && __FreeBSD_version < 500000) || __FreeBSD_version >= 500041) +# define HAVE_CRYPTODEV +# endif +# if (OpenBSD >= 200110) +# define HAVE_SYSLOG_R +# endif +#endif + +#ifndef HAVE_CRYPTODEV + +void +ENGINE_load_cryptodev(void) +{ + /* This is a NOP on platforms without /dev/crypto */ + return; +} + +#else + +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include + +struct dev_crypto_state { + struct session_op d_sess; + int d_fd; +}; + +static u_int32_t cryptodev_asymfeat = 0; + +static int get_asym_dev_crypto(void); +static int open_dev_crypto(void); +static int get_dev_crypto(void); +static int cryptodev_max_iv(int cipher); +static int cryptodev_key_length_valid(int cipher, int len); +static int cipher_nid_to_cryptodev(int nid); +static int get_cryptodev_ciphers(const int **cnids); +static int get_cryptodev_digests(const int **cnids); +static int cryptodev_usable_ciphers(const int **nids); +static int cryptodev_usable_digests(const int **nids); +static int cryptodev_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, + const unsigned char *in, unsigned int inl); +static int cryptodev_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, + const unsigned char *iv, int enc); +static int cryptodev_cleanup(EVP_CIPHER_CTX *ctx); +static int cryptodev_engine_ciphers(ENGINE *e, const EVP_CIPHER **cipher, + const int **nids, int nid); +static int cryptodev_engine_digests(ENGINE *e, const EVP_MD **digest, + const int **nids, int nid); +static int bn2crparam(const BIGNUM *a, struct crparam *crp); +static int crparam2bn(struct crparam *crp, BIGNUM *a); +static void zapparams(struct crypt_kop *kop); +static int cryptodev_asym(struct crypt_kop *kop, int rlen, BIGNUM *r, + int slen, BIGNUM *s); + +static int cryptodev_bn_mod_exp(BIGNUM *r, const BIGNUM *a, + const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx); +static int cryptodev_rsa_nocrt_mod_exp(BIGNUM *r0, const BIGNUM *I, + RSA *rsa); +static int cryptodev_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa, BN_CTX *ctx); +static int cryptodev_dsa_bn_mod_exp(DSA *dsa, BIGNUM *r, BIGNUM *a, + const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx); +static int cryptodev_dsa_dsa_mod_exp(DSA *dsa, BIGNUM *t1, BIGNUM *g, + BIGNUM *u1, BIGNUM *pub_key, BIGNUM *u2, BIGNUM *p, + BN_CTX *ctx, BN_MONT_CTX *mont); +static DSA_SIG *cryptodev_dsa_do_sign(const unsigned char *dgst, + int dlen, DSA *dsa); +static int cryptodev_dsa_verify(const unsigned char *dgst, int dgst_len, + DSA_SIG *sig, DSA *dsa); +static int cryptodev_mod_exp_dh(const DH *dh, BIGNUM *r, const BIGNUM *a, + const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx, + BN_MONT_CTX *m_ctx); +static int cryptodev_dh_compute_key(unsigned char *key, + const BIGNUM *pub_key, DH *dh); +static int cryptodev_ctrl(ENGINE *e, int cmd, long i, void *p, + void (*f)()); +void ENGINE_load_cryptodev(void); + +static const ENGINE_CMD_DEFN cryptodev_defns[] = { + { 0, NULL, NULL, 0 } +}; + +static struct { + int id; + int nid; + int ivmax; + int keylen; +} ciphers[] = { + { CRYPTO_DES_CBC, NID_des_cbc, 8, 8, }, + { CRYPTO_3DES_CBC, NID_des_ede3_cbc, 8, 24, }, + { CRYPTO_AES_CBC, NID_aes_128_cbc, 16, 16, }, + { CRYPTO_BLF_CBC, NID_bf_cbc, 8, 16, }, + { CRYPTO_CAST_CBC, NID_cast5_cbc, 8, 16, }, + { CRYPTO_SKIPJACK_CBC, NID_undef, 0, 0, }, + { 0, NID_undef, 0, 0, }, +}; + +static struct { + int id; + int nid; +} digests[] = { + { CRYPTO_SHA1_HMAC, NID_hmacWithSHA1, }, + { CRYPTO_RIPEMD160_HMAC, NID_ripemd160, }, + { CRYPTO_MD5_KPDK, NID_undef, }, + { CRYPTO_SHA1_KPDK, NID_undef, }, + { CRYPTO_MD5, NID_md5, }, + { CRYPTO_SHA1, NID_undef, }, + { 0, NID_undef, }, +}; + +/* + * Return a fd if /dev/crypto seems usable, 0 otherwise. + */ +static int +open_dev_crypto(void) +{ + static int fd = -1; + + if (fd == -1) { + if ((fd = open("/dev/crypto", O_RDWR, 0)) == -1) + return (-1); + /* close on exec */ + if (fcntl(fd, F_SETFD, 1) == -1) { + close(fd); + fd = -1; + return (-1); + } + } + return (fd); +} + +static int +get_dev_crypto(void) +{ + int fd, retfd; + + if ((fd = open_dev_crypto()) == -1) + return (-1); + if (ioctl(fd, CRIOGET, &retfd) == -1) + return (-1); + + /* close on exec */ + if (fcntl(retfd, F_SETFD, 1) == -1) { + close(retfd); + return (-1); + } + return (retfd); +} + +/* Caching version for asym operations */ +static int +get_asym_dev_crypto(void) +{ + static int fd = -1; + + if (fd == -1) + fd = get_dev_crypto(); + return fd; +} + +/* + * XXXX this needs to be set for each alg - and determined from + * a running card. + */ +static int +cryptodev_max_iv(int cipher) +{ + int i; + + for (i = 0; ciphers[i].id; i++) + if (ciphers[i].id == cipher) + return (ciphers[i].ivmax); + return (0); +} + +/* + * XXXX this needs to be set for each alg - and determined from + * a running card. For now, fake it out - but most of these + * for real devices should return 1 for the supported key + * sizes the device can handle. + */ +static int +cryptodev_key_length_valid(int cipher, int len) +{ + int i; + + for (i = 0; ciphers[i].id; i++) + if (ciphers[i].id == cipher) + return (ciphers[i].keylen == len); + return (0); +} + +/* convert libcrypto nids to cryptodev */ +static int +cipher_nid_to_cryptodev(int nid) +{ + int i; + + for (i = 0; ciphers[i].id; i++) + if (ciphers[i].nid == nid) + return (ciphers[i].id); + return (0); +} + +/* + * Find out what ciphers /dev/crypto will let us have a session for. + * XXX note, that some of these openssl doesn't deal with yet! + * returning them here is harmless, as long as we return NULL + * when asked for a handler in the cryptodev_engine_ciphers routine + */ +static int +get_cryptodev_ciphers(const int **cnids) +{ + static int nids[CRYPTO_ALGORITHM_MAX]; + struct session_op sess; + int fd, i, count = 0; + + if ((fd = get_dev_crypto()) < 0) { + *cnids = NULL; + return (0); + } + memset(&sess, 0, sizeof(sess)); + sess.key = (caddr_t)"123456781234567812345678"; + + for (i = 0; ciphers[i].id && count < CRYPTO_ALGORITHM_MAX; i++) { + if (ciphers[i].nid == NID_undef) + continue; + sess.cipher = ciphers[i].id; + sess.keylen = ciphers[i].keylen; + sess.mac = 0; + if (ioctl(fd, CIOCGSESSION, &sess) != -1 && + ioctl(fd, CIOCFSESSION, &sess.ses) != -1) + nids[count++] = ciphers[i].nid; + } + close(fd); + + if (count > 0) + *cnids = nids; + else + *cnids = NULL; + return (count); +} + +/* + * Find out what digests /dev/crypto will let us have a session for. + * XXX note, that some of these openssl doesn't deal with yet! + * returning them here is harmless, as long as we return NULL + * when asked for a handler in the cryptodev_engine_digests routine + */ +static int +get_cryptodev_digests(const int **cnids) +{ + static int nids[CRYPTO_ALGORITHM_MAX]; + struct session_op sess; + int fd, i, count = 0; + + if ((fd = get_dev_crypto()) < 0) { + *cnids = NULL; + return (0); + } + memset(&sess, 0, sizeof(sess)); + for (i = 0; digests[i].id && count < CRYPTO_ALGORITHM_MAX; i++) { + if (digests[i].nid == NID_undef) + continue; + sess.mac = digests[i].id; + sess.cipher = 0; + if (ioctl(fd, CIOCGSESSION, &sess) != -1 && + ioctl(fd, CIOCFSESSION, &sess.ses) != -1) + nids[count++] = digests[i].nid; + } + close(fd); + + if (count > 0) + *cnids = nids; + else + *cnids = NULL; + return (count); +} + +/* + * Find the useable ciphers|digests from dev/crypto - this is the first + * thing called by the engine init crud which determines what it + * can use for ciphers from this engine. We want to return + * only what we can do, anythine else is handled by software. + * + * If we can't initialize the device to do anything useful for + * any reason, we want to return a NULL array, and 0 length, + * which forces everything to be done is software. By putting + * the initalization of the device in here, we ensure we can + * use this engine as the default, and if for whatever reason + * /dev/crypto won't do what we want it will just be done in + * software + * + * This can (should) be greatly expanded to perhaps take into + * account speed of the device, and what we want to do. + * (although the disabling of particular alg's could be controlled + * by the device driver with sysctl's.) - this is where we + * want most of the decisions made about what we actually want + * to use from /dev/crypto. + */ +static int +cryptodev_usable_ciphers(const int **nids) +{ + return (get_cryptodev_ciphers(nids)); +} + +static int +cryptodev_usable_digests(const int **nids) +{ + /* + * XXXX just disable all digests for now, because it sucks. + * we need a better way to decide this - i.e. I may not + * want digests on slow cards like hifn on fast machines, + * but might want them on slow or loaded machines, etc. + * will also want them when using crypto cards that don't + * suck moose gonads - would be nice to be able to decide something + * as reasonable default without having hackery that's card dependent. + * of course, the default should probably be just do everything, + * with perhaps a sysctl to turn algoritms off (or have them off + * by default) on cards that generally suck like the hifn. + */ + *nids = NULL; + return (0); +} + +static int +cryptodev_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, + const unsigned char *in, unsigned int inl) +{ + struct crypt_op cryp; + struct dev_crypto_state *state = ctx->cipher_data; + struct session_op *sess = &state->d_sess; + void *iiv; + unsigned char save_iv[EVP_MAX_IV_LENGTH]; + + if (state->d_fd < 0) + return (0); + if (!inl) + return (1); + if ((inl % ctx->cipher->block_size) != 0) + return (0); + + memset(&cryp, 0, sizeof(cryp)); + + cryp.ses = sess->ses; + cryp.flags = 0; + cryp.len = inl; + cryp.src = (caddr_t) in; + cryp.dst = (caddr_t) out; + cryp.mac = 0; + + cryp.op = ctx->encrypt ? COP_ENCRYPT : COP_DECRYPT; + + if (ctx->cipher->iv_len) { + cryp.iv = (caddr_t) ctx->iv; + if (!ctx->encrypt) { + iiv = (void *) in + inl - ctx->cipher->iv_len; + memcpy(save_iv, iiv, ctx->cipher->iv_len); + } + } else + cryp.iv = NULL; + + if (ioctl(state->d_fd, CIOCCRYPT, &cryp) == -1) { + /* XXX need better errror handling + * this can fail for a number of different reasons. + */ + return (0); + } + + if (ctx->cipher->iv_len) { + if (ctx->encrypt) + iiv = (void *) out + inl - ctx->cipher->iv_len; + else + iiv = save_iv; + memcpy(ctx->iv, iiv, ctx->cipher->iv_len); + } + return (1); +} + +static int +cryptodev_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, + const unsigned char *iv, int enc) +{ + struct dev_crypto_state *state = ctx->cipher_data; + struct session_op *sess = &state->d_sess; + int cipher; + + if ((cipher = cipher_nid_to_cryptodev(ctx->cipher->nid)) == NID_undef) + return (0); + + if (ctx->cipher->iv_len > cryptodev_max_iv(cipher)) + return (0); + + if (!cryptodev_key_length_valid(cipher, ctx->key_len)) + return (0); + + memset(sess, 0, sizeof(struct session_op)); + + if ((state->d_fd = get_dev_crypto()) < 0) + return (0); + + sess->key = (unsigned char *)key; + sess->keylen = ctx->key_len; + sess->cipher = cipher; + + if (ioctl(state->d_fd, CIOCGSESSION, sess) == -1) { + close(state->d_fd); + state->d_fd = -1; + return (0); + } + return (1); +} + +/* + * free anything we allocated earlier when initting a + * session, and close the session. + */ +static int +cryptodev_cleanup(EVP_CIPHER_CTX *ctx) +{ + int ret = 0; + struct dev_crypto_state *state = ctx->cipher_data; + struct session_op *sess = &state->d_sess; + + if (state->d_fd < 0) + return (0); + + /* XXX if this ioctl fails, someting's wrong. the invoker + * may have called us with a bogus ctx, or we could + * have a device that for whatever reason just doesn't + * want to play ball - it's not clear what's right + * here - should this be an error? should it just + * increase a counter, hmm. For right now, we return + * 0 - I don't believe that to be "right". we could + * call the gorpy openssl lib error handlers that + * print messages to users of the library. hmm.. + */ + + if (ioctl(state->d_fd, CIOCFSESSION, &sess->ses) == -1) { + ret = 0; + } else { + ret = 1; + } + close(state->d_fd); + state->d_fd = -1; + + return (ret); +} + +/* + * libcrypto EVP stuff - this is how we get wired to EVP so the engine + * gets called when libcrypto requests a cipher NID. + */ + +/* DES CBC EVP */ +const EVP_CIPHER cryptodev_des_cbc = { + NID_des_cbc, + 8, 8, 8, + EVP_CIPH_CBC_MODE, + cryptodev_init_key, + cryptodev_cipher, + cryptodev_cleanup, + sizeof(struct dev_crypto_state), + EVP_CIPHER_set_asn1_iv, + EVP_CIPHER_get_asn1_iv, + NULL +}; + +/* 3DES CBC EVP */ +const EVP_CIPHER cryptodev_3des_cbc = { + NID_des_ede3_cbc, + 8, 24, 8, + EVP_CIPH_CBC_MODE, + cryptodev_init_key, + cryptodev_cipher, + cryptodev_cleanup, + sizeof(struct dev_crypto_state), + EVP_CIPHER_set_asn1_iv, + EVP_CIPHER_get_asn1_iv, + NULL +}; + +const EVP_CIPHER cryptodev_bf_cbc = { + NID_bf_cbc, + 8, 16, 8, + EVP_CIPH_CBC_MODE, + cryptodev_init_key, + cryptodev_cipher, + cryptodev_cleanup, + sizeof(struct dev_crypto_state), + EVP_CIPHER_set_asn1_iv, + EVP_CIPHER_get_asn1_iv, + NULL +}; + +const EVP_CIPHER cryptodev_cast_cbc = { + NID_cast5_cbc, + 8, 16, 8, + EVP_CIPH_CBC_MODE, + cryptodev_init_key, + cryptodev_cipher, + cryptodev_cleanup, + sizeof(struct dev_crypto_state), + EVP_CIPHER_set_asn1_iv, + EVP_CIPHER_get_asn1_iv, + NULL +}; + +const EVP_CIPHER cryptodev_aes_cbc = { + NID_aes_128_cbc, + 16, 16, 16, + EVP_CIPH_CBC_MODE, + cryptodev_init_key, + cryptodev_cipher, + cryptodev_cleanup, + sizeof(struct dev_crypto_state), + EVP_CIPHER_set_asn1_iv, + EVP_CIPHER_get_asn1_iv, + NULL +}; + +/* + * Registered by the ENGINE when used to find out how to deal with + * a particular NID in the ENGINE. this says what we'll do at the + * top level - note, that list is restricted by what we answer with + */ +static int +cryptodev_engine_ciphers(ENGINE *e, const EVP_CIPHER **cipher, + const int **nids, int nid) +{ + if (!cipher) + return (cryptodev_usable_ciphers(nids)); + + switch (nid) { + case NID_des_ede3_cbc: + *cipher = &cryptodev_3des_cbc; + break; + case NID_des_cbc: + *cipher = &cryptodev_des_cbc; + break; + case NID_bf_cbc: + *cipher = &cryptodev_bf_cbc; + break; + case NID_cast5_cbc: + *cipher = &cryptodev_cast_cbc; + break; + case NID_aes_128_cbc: + *cipher = &cryptodev_aes_cbc; + break; + default: + *cipher = NULL; + break; + } + return (*cipher != NULL); +} + +static int +cryptodev_engine_digests(ENGINE *e, const EVP_MD **digest, + const int **nids, int nid) +{ + if (!digest) + return (cryptodev_usable_digests(nids)); + + switch (nid) { + case NID_md5: + *digest = NULL; /* need to make a clean md5 critter */ + break; + default: + *digest = NULL; + break; + } + return (*digest != NULL); +} + +/* + * Convert a BIGNUM to the representation that /dev/crypto needs. + * Upon completion of use, the caller is responsible for freeing + * crp->crp_p. + */ +static int +bn2crparam(const BIGNUM *a, struct crparam *crp) +{ + int i, j, k; + ssize_t words, bytes, bits; + u_char *b; + + crp->crp_p = NULL; + crp->crp_nbits = 0; + + bits = BN_num_bits(a); + bytes = (bits + 7) / 8; + + b = malloc(bytes); + if (b == NULL) + return (1); + + crp->crp_p = b; + crp->crp_nbits = bits; + + for (i = 0, j = 0; i < a->top; i++) { + for (k = 0; k < BN_BITS2 / 8; k++) { + if ((j + k) >= bytes) + return (0); + b[j + k] = a->d[i] >> (k * 8); + } + j += BN_BITS2 / 8; + } + return (0); +} + +/* Convert a /dev/crypto parameter to a BIGNUM */ +static int +crparam2bn(struct crparam *crp, BIGNUM *a) +{ + u_int8_t *pd; + int i, bytes; + + bytes = (crp->crp_nbits + 7) / 8; + + if (bytes == 0) + return (-1); + + if ((pd = (u_int8_t *) malloc(bytes)) == NULL) + return (-1); + + for (i = 0; i < bytes; i++) + pd[i] = crp->crp_p[bytes - i - 1]; + + BN_bin2bn(pd, bytes, a); + free(pd); + + return (0); +} + +static void +zapparams(struct crypt_kop *kop) +{ + int i; + + for (i = 0; i <= kop->crk_iparams + kop->crk_oparams; i++) { + if (kop->crk_param[i].crp_p) + free(kop->crk_param[i].crp_p); + kop->crk_param[i].crp_p = NULL; + kop->crk_param[i].crp_nbits = 0; + } +} + +static int +cryptodev_asym(struct crypt_kop *kop, int rlen, BIGNUM *r, int slen, BIGNUM *s) +{ + int fd, ret = -1; + + if ((fd = get_asym_dev_crypto()) < 0) + return (ret); + + if (r) { + kop->crk_param[kop->crk_iparams].crp_p = calloc(rlen, sizeof(char)); + kop->crk_param[kop->crk_iparams].crp_nbits = rlen * 8; + kop->crk_oparams++; + } + if (s) { + kop->crk_param[kop->crk_iparams+1].crp_p = calloc(slen, sizeof(char)); + kop->crk_param[kop->crk_iparams+1].crp_nbits = slen * 8; + kop->crk_oparams++; + } + + if (ioctl(fd, CIOCKEY, kop) == 0) { + if (r) + crparam2bn(&kop->crk_param[kop->crk_iparams], r); + if (s) + crparam2bn(&kop->crk_param[kop->crk_iparams+1], s); + ret = 0; + } + + return (ret); +} + +static int +cryptodev_bn_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, + const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *in_mont) +{ + struct crypt_kop kop; + int ret = 1; + + /* Currently, we know we can do mod exp iff we can do any + * asymmetric operations at all. + */ + if (cryptodev_asymfeat == 0) { + ret = BN_mod_exp(r, a, p, m, ctx); + return (ret); + } + + memset(&kop, 0, sizeof kop); + kop.crk_op = CRK_MOD_EXP; + + /* inputs: a^p % m */ + if (bn2crparam(a, &kop.crk_param[0])) + goto err; + if (bn2crparam(p, &kop.crk_param[1])) + goto err; + if (bn2crparam(m, &kop.crk_param[2])) + goto err; + kop.crk_iparams = 3; + + if (cryptodev_asym(&kop, BN_num_bytes(m), r, 0, NULL) == -1) { + const RSA_METHOD *meth = RSA_PKCS1_SSLeay(); + ret = meth->bn_mod_exp(r, a, p, m, ctx, in_mont); + } +err: + zapparams(&kop); + return (ret); +} + +static int +cryptodev_rsa_nocrt_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa) +{ + int r; + BN_CTX *ctx; + + ctx = BN_CTX_new(); + r = cryptodev_bn_mod_exp(r0, I, rsa->d, rsa->n, ctx, NULL); + BN_CTX_free(ctx); + return (r); +} + +static int +cryptodev_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa, BN_CTX *ctx) +{ + struct crypt_kop kop; + int ret = 1; + + if (!rsa->p || !rsa->q || !rsa->dmp1 || !rsa->dmq1 || !rsa->iqmp) { + /* XXX 0 means failure?? */ + return (0); + } + + memset(&kop, 0, sizeof kop); + kop.crk_op = CRK_MOD_EXP_CRT; + /* inputs: rsa->p rsa->q I rsa->dmp1 rsa->dmq1 rsa->iqmp */ + if (bn2crparam(rsa->p, &kop.crk_param[0])) + goto err; + if (bn2crparam(rsa->q, &kop.crk_param[1])) + goto err; + if (bn2crparam(I, &kop.crk_param[2])) + goto err; + if (bn2crparam(rsa->dmp1, &kop.crk_param[3])) + goto err; + if (bn2crparam(rsa->dmq1, &kop.crk_param[4])) + goto err; + if (bn2crparam(rsa->iqmp, &kop.crk_param[5])) + goto err; + kop.crk_iparams = 6; + + if (cryptodev_asym(&kop, BN_num_bytes(rsa->n), r0, 0, NULL) == -1) { + const RSA_METHOD *meth = RSA_PKCS1_SSLeay(); + ret = (*meth->rsa_mod_exp)(r0, I, rsa, ctx); + } +err: + zapparams(&kop); + return (ret); +} + +static RSA_METHOD cryptodev_rsa = { + "cryptodev RSA method", + NULL, /* rsa_pub_enc */ + NULL, /* rsa_pub_dec */ + NULL, /* rsa_priv_enc */ + NULL, /* rsa_priv_dec */ + NULL, + NULL, + NULL, /* init */ + NULL, /* finish */ + 0, /* flags */ + NULL, /* app_data */ + NULL, /* rsa_sign */ + NULL /* rsa_verify */ +}; + +static int +cryptodev_dsa_bn_mod_exp(DSA *dsa, BIGNUM *r, BIGNUM *a, const BIGNUM *p, + const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx) +{ + return (cryptodev_bn_mod_exp(r, a, p, m, ctx, m_ctx)); +} + +static int +cryptodev_dsa_dsa_mod_exp(DSA *dsa, BIGNUM *t1, BIGNUM *g, + BIGNUM *u1, BIGNUM *pub_key, BIGNUM *u2, BIGNUM *p, + BN_CTX *ctx, BN_MONT_CTX *mont) +{ + BIGNUM t2; + int ret = 0; + + BN_init(&t2); + + /* v = ( g^u1 * y^u2 mod p ) mod q */ + /* let t1 = g ^ u1 mod p */ + ret = 0; + + if (!dsa->meth->bn_mod_exp(dsa,t1,dsa->g,u1,dsa->p,ctx,mont)) + goto err; + + /* let t2 = y ^ u2 mod p */ + if (!dsa->meth->bn_mod_exp(dsa,&t2,dsa->pub_key,u2,dsa->p,ctx,mont)) + goto err; + /* let u1 = t1 * t2 mod p */ + if (!BN_mod_mul(u1,t1,&t2,dsa->p,ctx)) + goto err; + + BN_copy(t1,u1); + + ret = 1; +err: + BN_free(&t2); + return(ret); +} + +static DSA_SIG * +cryptodev_dsa_do_sign(const unsigned char *dgst, int dlen, DSA *dsa) +{ + struct crypt_kop kop; + BIGNUM *r = NULL, *s = NULL; + DSA_SIG *dsaret = NULL; + + if ((r = BN_new()) == NULL) + goto err; + if ((s = BN_new()) == NULL) { + BN_free(r); + goto err; + } + + memset(&kop, 0, sizeof kop); + kop.crk_op = CRK_DSA_SIGN; + + /* inputs: dgst dsa->p dsa->q dsa->g dsa->priv_key */ + kop.crk_param[0].crp_p = (caddr_t)dgst; + kop.crk_param[0].crp_nbits = dlen * 8; + if (bn2crparam(dsa->p, &kop.crk_param[1])) + goto err; + if (bn2crparam(dsa->q, &kop.crk_param[2])) + goto err; + if (bn2crparam(dsa->g, &kop.crk_param[3])) + goto err; + if (bn2crparam(dsa->priv_key, &kop.crk_param[4])) + goto err; + kop.crk_iparams = 5; + + if (cryptodev_asym(&kop, BN_num_bytes(dsa->q), r, + BN_num_bytes(dsa->q), s) == 0) { + dsaret = DSA_SIG_new(); + dsaret->r = r; + dsaret->s = s; + } else { + const DSA_METHOD *meth = DSA_OpenSSL(); + BN_free(r); + BN_free(s); + dsaret = (meth->dsa_do_sign)(dgst, dlen, dsa); + } +err: + kop.crk_param[0].crp_p = NULL; + zapparams(&kop); + return (dsaret); +} + +static int +cryptodev_dsa_verify(const unsigned char *dgst, int dlen, + DSA_SIG *sig, DSA *dsa) +{ + struct crypt_kop kop; + int dsaret = 1; + + memset(&kop, 0, sizeof kop); + kop.crk_op = CRK_DSA_VERIFY; + + /* inputs: dgst dsa->p dsa->q dsa->g dsa->pub_key sig->r sig->s */ + kop.crk_param[0].crp_p = (caddr_t)dgst; + kop.crk_param[0].crp_nbits = dlen * 8; + if (bn2crparam(dsa->p, &kop.crk_param[1])) + goto err; + if (bn2crparam(dsa->q, &kop.crk_param[2])) + goto err; + if (bn2crparam(dsa->g, &kop.crk_param[3])) + goto err; + if (bn2crparam(dsa->pub_key, &kop.crk_param[4])) + goto err; + if (bn2crparam(sig->r, &kop.crk_param[5])) + goto err; + if (bn2crparam(sig->s, &kop.crk_param[6])) + goto err; + kop.crk_iparams = 7; + + if (cryptodev_asym(&kop, 0, NULL, 0, NULL) == 0) { + dsaret = kop.crk_status; + } else { + const DSA_METHOD *meth = DSA_OpenSSL(); + + dsaret = (meth->dsa_do_verify)(dgst, dlen, sig, dsa); + } +err: + kop.crk_param[0].crp_p = NULL; + zapparams(&kop); + return (dsaret); +} + +static DSA_METHOD cryptodev_dsa = { + "cryptodev DSA method", + NULL, + NULL, /* dsa_sign_setup */ + NULL, + NULL, /* dsa_mod_exp */ + NULL, + NULL, /* init */ + NULL, /* finish */ + 0, /* flags */ + NULL /* app_data */ +}; + +static int +cryptodev_mod_exp_dh(const DH *dh, BIGNUM *r, const BIGNUM *a, + const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx, + BN_MONT_CTX *m_ctx) +{ + return (cryptodev_bn_mod_exp(r, a, p, m, ctx, m_ctx)); +} + +static int +cryptodev_dh_compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh) +{ + struct crypt_kop kop; + int dhret = 1; + int fd, keylen; + + if ((fd = get_asym_dev_crypto()) < 0) { + const DH_METHOD *meth = DH_OpenSSL(); + + return ((meth->compute_key)(key, pub_key, dh)); + } + + keylen = BN_num_bits(dh->p); + + memset(&kop, 0, sizeof kop); + kop.crk_op = CRK_DH_COMPUTE_KEY; + + /* inputs: dh->priv_key pub_key dh->p key */ + if (bn2crparam(dh->priv_key, &kop.crk_param[0])) + goto err; + if (bn2crparam(pub_key, &kop.crk_param[1])) + goto err; + if (bn2crparam(dh->p, &kop.crk_param[2])) + goto err; + kop.crk_iparams = 3; + + kop.crk_param[3].crp_p = key; + kop.crk_param[3].crp_nbits = keylen * 8; + kop.crk_oparams = 1; + + if (ioctl(fd, CIOCKEY, &kop) == -1) { + const DH_METHOD *meth = DH_OpenSSL(); + + dhret = (meth->compute_key)(key, pub_key, dh); + } +err: + kop.crk_param[3].crp_p = NULL; + zapparams(&kop); + return (dhret); +} + +static DH_METHOD cryptodev_dh = { + "cryptodev DH method", + NULL, /* cryptodev_dh_generate_key */ + NULL, + NULL, + NULL, + NULL, + 0, /* flags */ + NULL /* app_data */ +}; + +/* + * ctrl right now is just a wrapper that doesn't do much + * but I expect we'll want some options soon. + */ +static int +cryptodev_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)()) +{ +#ifdef HAVE_SYSLOG_R + struct syslog_data sd = SYSLOG_DATA_INIT; +#endif + + switch (cmd) { + default: +#ifdef HAVE_SYSLOG_R + syslog_r(LOG_ERR, &sd, + "cryptodev_ctrl: unknown command %d", cmd); +#else + syslog(LOG_ERR, "cryptodev_ctrl: unknown command %d", cmd); +#endif + break; + } + return (1); +} + +void +ENGINE_load_cryptodev(void) +{ + ENGINE *engine = ENGINE_new(); + int fd; + + if (engine == NULL) + return; + if ((fd = get_dev_crypto()) < 0) { + ENGINE_free(engine); + return; + } + + /* + * find out what asymmetric crypto algorithms we support + */ + if (ioctl(fd, CIOCASYMFEAT, &cryptodev_asymfeat) == -1) { + close(fd); + ENGINE_free(engine); + return; + } + close(fd); + + if (!ENGINE_set_id(engine, "cryptodev") || + !ENGINE_set_name(engine, "BSD cryptodev engine") || + !ENGINE_set_ciphers(engine, cryptodev_engine_ciphers) || + !ENGINE_set_digests(engine, cryptodev_engine_digests) || + !ENGINE_set_ctrl_function(engine, cryptodev_ctrl) || + !ENGINE_set_cmd_defns(engine, cryptodev_defns)) { + ENGINE_free(engine); + return; + } + + if (ENGINE_set_RSA(engine, &cryptodev_rsa)) { + const RSA_METHOD *rsa_meth = RSA_PKCS1_SSLeay(); + + cryptodev_rsa.bn_mod_exp = rsa_meth->bn_mod_exp; + cryptodev_rsa.rsa_mod_exp = rsa_meth->rsa_mod_exp; + cryptodev_rsa.rsa_pub_enc = rsa_meth->rsa_pub_enc; + cryptodev_rsa.rsa_pub_dec = rsa_meth->rsa_pub_dec; + cryptodev_rsa.rsa_priv_enc = rsa_meth->rsa_priv_enc; + cryptodev_rsa.rsa_priv_dec = rsa_meth->rsa_priv_dec; + if (cryptodev_asymfeat & CRF_MOD_EXP) { + cryptodev_rsa.bn_mod_exp = cryptodev_bn_mod_exp; + if (cryptodev_asymfeat & CRF_MOD_EXP_CRT) + cryptodev_rsa.rsa_mod_exp = + cryptodev_rsa_mod_exp; + else + cryptodev_rsa.rsa_mod_exp = + cryptodev_rsa_nocrt_mod_exp; + } + } + + if (ENGINE_set_DSA(engine, &cryptodev_dsa)) { + const DSA_METHOD *meth = DSA_OpenSSL(); + + memcpy(&cryptodev_dsa, meth, sizeof(DSA_METHOD)); + if (cryptodev_asymfeat & CRF_DSA_SIGN) + cryptodev_dsa.dsa_do_sign = cryptodev_dsa_do_sign; + if (cryptodev_asymfeat & CRF_MOD_EXP) { + cryptodev_dsa.bn_mod_exp = cryptodev_dsa_bn_mod_exp; + cryptodev_dsa.dsa_mod_exp = cryptodev_dsa_dsa_mod_exp; + } + if (cryptodev_asymfeat & CRF_DSA_VERIFY) + cryptodev_dsa.dsa_do_verify = cryptodev_dsa_verify; + } + + if (ENGINE_set_DH(engine, &cryptodev_dh)){ + const DH_METHOD *dh_meth = DH_OpenSSL(); + + cryptodev_dh.generate_key = dh_meth->generate_key; + cryptodev_dh.compute_key = dh_meth->compute_key; + cryptodev_dh.bn_mod_exp = dh_meth->bn_mod_exp; + if (cryptodev_asymfeat & CRF_MOD_EXP) { + cryptodev_dh.bn_mod_exp = cryptodev_mod_exp_dh; + if (cryptodev_asymfeat & CRF_DH_COMPUTE_KEY) + cryptodev_dh.compute_key = + cryptodev_dh_compute_key; + } + } + + ENGINE_add(engine); + ENGINE_free(engine); + ERR_clear_error(); +} + +#endif /* HAVE_CRYPTODEV */ diff --git a/src/lib/libssl/src/crypto/engine/eng_ctrl.c b/src/lib/libssl/src/crypto/engine/eng_ctrl.c index 412c73fb0f..95b6b455aa 100644 --- a/src/lib/libssl/src/crypto/engine/eng_ctrl.c +++ b/src/lib/libssl/src/crypto/engine/eng_ctrl.c @@ -53,10 +53,7 @@ * */ -#include -#include "cryptlib.h" #include "eng_int.h" -#include /* When querying a ENGINE-specific control command's 'description', this string * is used if the ENGINE_CMD_DEFN has cmd_desc set to NULL. */ @@ -103,7 +100,8 @@ static int int_ctrl_cmd_by_num(const ENGINE_CMD_DEFN *defn, unsigned int num) return -1; } -static int int_ctrl_helper(ENGINE *e, int cmd, long i, void *p, void (*f)()) +static int int_ctrl_helper(ENGINE *e, int cmd, long i, void *p, + void (*f)(void)) { int idx; char *s = (char *)p; @@ -181,7 +179,7 @@ static int int_ctrl_helper(ENGINE *e, int cmd, long i, void *p, void (*f)()) return -1; } -int ENGINE_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)()) +int ENGINE_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)(void)) { int ctrl_exists, ref_exists; if(e == NULL) @@ -251,13 +249,13 @@ int ENGINE_cmd_is_executable(ENGINE *e, int cmd) } int ENGINE_ctrl_cmd(ENGINE *e, const char *cmd_name, - long i, void *p, void (*f)(), int cmd_optional) + long i, void *p, void (*f)(void), int cmd_optional) { int num; if((e == NULL) || (cmd_name == NULL)) { - ENGINEerr(ENGINE_F_ENGINE_CTRL_CMD_STRING, + ENGINEerr(ENGINE_F_ENGINE_CTRL_CMD, ERR_R_PASSED_NULL_PARAMETER); return 0; } diff --git a/src/lib/libssl/src/crypto/engine/eng_dyn.c b/src/lib/libssl/src/crypto/engine/eng_dyn.c index 4139a16e76..acb30c34d8 100644 --- a/src/lib/libssl/src/crypto/engine/eng_dyn.c +++ b/src/lib/libssl/src/crypto/engine/eng_dyn.c @@ -57,11 +57,7 @@ */ -#include -#include -#include "cryptlib.h" #include "eng_int.h" -#include #include /* Shared libraries implementing ENGINEs for use by the "dynamic" ENGINE loader @@ -70,7 +66,7 @@ /* Our ENGINE handlers */ static int dynamic_init(ENGINE *e); static int dynamic_finish(ENGINE *e); -static int dynamic_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)()); +static int dynamic_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)(void)); /* Predeclare our context type */ typedef struct st_dynamic_data_ctx dynamic_data_ctx; /* The implementation for the important control command */ @@ -80,7 +76,9 @@ static int dynamic_load(ENGINE *e, dynamic_data_ctx *ctx); #define DYNAMIC_CMD_NO_VCHECK (ENGINE_CMD_BASE + 1) #define DYNAMIC_CMD_ID (ENGINE_CMD_BASE + 2) #define DYNAMIC_CMD_LIST_ADD (ENGINE_CMD_BASE + 3) -#define DYNAMIC_CMD_LOAD (ENGINE_CMD_BASE + 4) +#define DYNAMIC_CMD_DIR_LOAD (ENGINE_CMD_BASE + 4) +#define DYNAMIC_CMD_DIR_ADD (ENGINE_CMD_BASE + 5) +#define DYNAMIC_CMD_LOAD (ENGINE_CMD_BASE + 6) /* The constants used when creating the ENGINE */ static const char *engine_dynamic_id = "dynamic"; @@ -102,6 +100,14 @@ static const ENGINE_CMD_DEFN dynamic_cmd_defns[] = { "LIST_ADD", "Whether to add a loaded ENGINE to the internal list (0=no,1=yes,2=mandatory)", ENGINE_CMD_FLAG_NUMERIC}, + {DYNAMIC_CMD_DIR_LOAD, + "DIR_LOAD", + "Specifies whether to load from 'DIR_ADD' directories (0=no,1=yes,2=mandatory)", + ENGINE_CMD_FLAG_NUMERIC}, + {DYNAMIC_CMD_DIR_ADD, + "DIR_ADD", + "Adds a directory from which ENGINEs can be loaded", + ENGINE_CMD_FLAG_STRING}, {DYNAMIC_CMD_LOAD, "LOAD", "Load up the ENGINE specified by other settings", @@ -136,12 +142,18 @@ struct st_dynamic_data_ctx const char *DYNAMIC_F1; /* The symbol name for the "initialise ENGINE structure" function */ const char *DYNAMIC_F2; + /* Whether to never use 'dirs', use 'dirs' as a fallback, or only use + * 'dirs' for loading. Default is to use 'dirs' as a fallback. */ + int dir_load; + /* A stack of directories from which ENGINEs could be loaded */ + STACK *dirs; }; /* This is the "ex_data" index we obtain and reserve for use with our context * structure. */ static int dynamic_ex_data_idx = -1; +static void int_free_str(void *s) { OPENSSL_free(s); } /* Because our ex_data element may or may not get allocated depending on whether * a "first-use" occurs before the ENGINE is freed, we have a memory leak * problem to solve. We can't declare a "new" handler for the ex_data as we @@ -161,6 +173,8 @@ static void dynamic_data_ctx_free_func(void *parent, void *ptr, OPENSSL_free((void*)ctx->DYNAMIC_LIBNAME); if(ctx->engine_id) OPENSSL_free((void*)ctx->engine_id); + if(ctx->dirs) + sk_pop_free(ctx->dirs, int_free_str); OPENSSL_free(ctx); } } @@ -175,7 +189,7 @@ static int dynamic_set_data_ctx(ENGINE *e, dynamic_data_ctx **ctx) c = OPENSSL_malloc(sizeof(dynamic_data_ctx)); if(!c) { - ENGINEerr(ENGINE_F_SET_DATA_CTX,ERR_R_MALLOC_FAILURE); + ENGINEerr(ENGINE_F_DYNAMIC_SET_DATA_CTX,ERR_R_MALLOC_FAILURE); return 0; } memset(c, 0, sizeof(dynamic_data_ctx)); @@ -188,6 +202,14 @@ static int dynamic_set_data_ctx(ENGINE *e, dynamic_data_ctx **ctx) c->list_add_value = 0; c->DYNAMIC_F1 = "v_check"; c->DYNAMIC_F2 = "bind_engine"; + c->dir_load = 1; + c->dirs = sk_new_null(); + if(!c->dirs) + { + ENGINEerr(ENGINE_F_DYNAMIC_SET_DATA_CTX,ERR_R_MALLOC_FAILURE); + OPENSSL_free(c); + return 0; + } CRYPTO_w_lock(CRYPTO_LOCK_ENGINE); if((*ctx = (dynamic_data_ctx *)ENGINE_get_ex_data(e, dynamic_ex_data_idx)) == NULL) @@ -290,7 +312,7 @@ static int dynamic_finish(ENGINE *e) return 0; } -static int dynamic_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)()) +static int dynamic_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)(void)) { dynamic_data_ctx *ctx = dynamic_get_data_ctx(e); int initialised; @@ -346,6 +368,34 @@ static int dynamic_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)()) return 1; case DYNAMIC_CMD_LOAD: return dynamic_load(e, ctx); + case DYNAMIC_CMD_DIR_LOAD: + if((i < 0) || (i > 2)) + { + ENGINEerr(ENGINE_F_DYNAMIC_CTRL, + ENGINE_R_INVALID_ARGUMENT); + return 0; + } + ctx->dir_load = (int)i; + return 1; + case DYNAMIC_CMD_DIR_ADD: + /* a NULL 'p' or a string of zero-length is the same thing */ + if(!p || (strlen((const char *)p) < 1)) + { + ENGINEerr(ENGINE_F_DYNAMIC_CTRL, + ENGINE_R_INVALID_ARGUMENT); + return 0; + } + { + char *tmp_str = BUF_strdup(p); + if(!tmp_str) + { + ENGINEerr(ENGINE_F_DYNAMIC_CTRL, + ERR_R_MALLOC_FAILURE); + return 0; + } + sk_insert(ctx->dirs, tmp_str, -1); + } + return 1; default: break; } @@ -353,16 +403,53 @@ static int dynamic_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)()) return 0; } +static int int_load(dynamic_data_ctx *ctx) + { + int num, loop; + /* Unless told not to, try a direct load */ + if((ctx->dir_load != 2) && (DSO_load(ctx->dynamic_dso, + ctx->DYNAMIC_LIBNAME, NULL, 0)) != NULL) + return 1; + /* If we're not allowed to use 'dirs' or we have none, fail */ + if(!ctx->dir_load || ((num = sk_num(ctx->dirs)) < 1)) + return 0; + for(loop = 0; loop < num; loop++) + { + const char *s = sk_value(ctx->dirs, loop); + char *merge = DSO_merge(ctx->dynamic_dso, ctx->DYNAMIC_LIBNAME, s); + if(!merge) + return 0; + if(DSO_load(ctx->dynamic_dso, merge, NULL, 0)) + { + /* Found what we're looking for */ + OPENSSL_free(merge); + return 1; + } + OPENSSL_free(merge); + } + return 0; + } + static int dynamic_load(ENGINE *e, dynamic_data_ctx *ctx) { ENGINE cpy; dynamic_fns fns; - if(!ctx->DYNAMIC_LIBNAME || ((ctx->dynamic_dso = DSO_load(NULL, - ctx->DYNAMIC_LIBNAME, NULL, 0)) == NULL)) + if(!ctx->dynamic_dso) + ctx->dynamic_dso = DSO_new(); + if(!ctx->DYNAMIC_LIBNAME) + { + if(!ctx->engine_id) + return 0; + ctx->DYNAMIC_LIBNAME = + DSO_convert_filename(ctx->dynamic_dso, ctx->engine_id); + } + if(!int_load(ctx)) { ENGINEerr(ENGINE_F_DYNAMIC_LOAD, ENGINE_R_DSO_NOT_FOUND); + DSO_free(ctx->dynamic_dso); + ctx->dynamic_dso = NULL; return 0; } /* We have to find a bind function otherwise it'll always end badly */ @@ -409,6 +496,7 @@ static int dynamic_load(ENGINE *e, dynamic_data_ctx *ctx) * engine.h, much of this would be simplified if each area of code * provided its own "summary" structure of all related callbacks. It * would also increase opaqueness. */ + fns.static_state = ENGINE_get_static_state(); fns.err_fns = ERR_get_implementation(); fns.ex_data_fns = CRYPTO_get_ex_data_implementation(); CRYPTO_get_mem_functions(&fns.mem_fns.malloc_cb, diff --git a/src/lib/libssl/src/crypto/engine/eng_err.c b/src/lib/libssl/src/crypto/engine/eng_err.c index fdc0e7be0f..369f2e22d3 100644 --- a/src/lib/libssl/src/crypto/engine/eng_err.c +++ b/src/lib/libssl/src/crypto/engine/eng_err.c @@ -73,6 +73,7 @@ static ERR_STRING_DATA ENGINE_str_functs[]= {ERR_FUNC(ENGINE_F_DYNAMIC_CTRL), "DYNAMIC_CTRL"}, {ERR_FUNC(ENGINE_F_DYNAMIC_GET_DATA_CTX), "DYNAMIC_GET_DATA_CTX"}, {ERR_FUNC(ENGINE_F_DYNAMIC_LOAD), "DYNAMIC_LOAD"}, +{ERR_FUNC(ENGINE_F_DYNAMIC_SET_DATA_CTX), "DYNAMIC_SET_DATA_CTX"}, {ERR_FUNC(ENGINE_F_ENGINE_ADD), "ENGINE_add"}, {ERR_FUNC(ENGINE_F_ENGINE_BY_ID), "ENGINE_by_id"}, {ERR_FUNC(ENGINE_F_ENGINE_CMD_IS_EXECUTABLE), "ENGINE_cmd_is_executable"}, @@ -80,7 +81,7 @@ static ERR_STRING_DATA ENGINE_str_functs[]= {ERR_FUNC(ENGINE_F_ENGINE_CTRL_CMD), "ENGINE_ctrl_cmd"}, {ERR_FUNC(ENGINE_F_ENGINE_CTRL_CMD_STRING), "ENGINE_ctrl_cmd_string"}, {ERR_FUNC(ENGINE_F_ENGINE_FINISH), "ENGINE_finish"}, -{ERR_FUNC(ENGINE_F_ENGINE_FREE), "ENGINE_free"}, +{ERR_FUNC(ENGINE_F_ENGINE_FREE_UTIL), "ENGINE_FREE_UTIL"}, {ERR_FUNC(ENGINE_F_ENGINE_GET_CIPHER), "ENGINE_get_cipher"}, {ERR_FUNC(ENGINE_F_ENGINE_GET_DEFAULT_TYPE), "ENGINE_GET_DEFAULT_TYPE"}, {ERR_FUNC(ENGINE_F_ENGINE_GET_DIGEST), "ENGINE_get_digest"}, @@ -91,7 +92,6 @@ static ERR_STRING_DATA ENGINE_str_functs[]= {ERR_FUNC(ENGINE_F_ENGINE_LIST_REMOVE), "ENGINE_LIST_REMOVE"}, {ERR_FUNC(ENGINE_F_ENGINE_LOAD_PRIVATE_KEY), "ENGINE_load_private_key"}, {ERR_FUNC(ENGINE_F_ENGINE_LOAD_PUBLIC_KEY), "ENGINE_load_public_key"}, -{ERR_FUNC(ENGINE_F_ENGINE_MODULE_INIT), "ENGINE_MODULE_INIT"}, {ERR_FUNC(ENGINE_F_ENGINE_NEW), "ENGINE_new"}, {ERR_FUNC(ENGINE_F_ENGINE_REMOVE), "ENGINE_remove"}, {ERR_FUNC(ENGINE_F_ENGINE_SET_DEFAULT_STRING), "ENGINE_set_default_string"}, @@ -100,11 +100,12 @@ static ERR_STRING_DATA ENGINE_str_functs[]= {ERR_FUNC(ENGINE_F_ENGINE_SET_NAME), "ENGINE_set_name"}, {ERR_FUNC(ENGINE_F_ENGINE_TABLE_REGISTER), "ENGINE_TABLE_REGISTER"}, {ERR_FUNC(ENGINE_F_ENGINE_UNLOAD_KEY), "ENGINE_UNLOAD_KEY"}, +{ERR_FUNC(ENGINE_F_ENGINE_UNLOCKED_FINISH), "ENGINE_UNLOCKED_FINISH"}, {ERR_FUNC(ENGINE_F_ENGINE_UP_REF), "ENGINE_up_ref"}, {ERR_FUNC(ENGINE_F_INT_CTRL_HELPER), "INT_CTRL_HELPER"}, {ERR_FUNC(ENGINE_F_INT_ENGINE_CONFIGURE), "INT_ENGINE_CONFIGURE"}, +{ERR_FUNC(ENGINE_F_INT_ENGINE_MODULE_INIT), "INT_ENGINE_MODULE_INIT"}, {ERR_FUNC(ENGINE_F_LOG_MESSAGE), "LOG_MESSAGE"}, -{ERR_FUNC(ENGINE_F_SET_DATA_CTX), "SET_DATA_CTX"}, {0,NULL} }; @@ -156,15 +157,12 @@ static ERR_STRING_DATA ENGINE_str_reasons[]= void ERR_load_ENGINE_strings(void) { - static int init=1; +#ifndef OPENSSL_NO_ERR - if (init) + if (ERR_func_error_string(ENGINE_str_functs[0].error) == NULL) { - init=0; -#ifndef OPENSSL_NO_ERR ERR_load_strings(0,ENGINE_str_functs); ERR_load_strings(0,ENGINE_str_reasons); -#endif - } +#endif } diff --git a/src/lib/libssl/src/crypto/engine/eng_fat.c b/src/lib/libssl/src/crypto/engine/eng_fat.c index 7ccf7022ee..27c1662f62 100644 --- a/src/lib/libssl/src/crypto/engine/eng_fat.c +++ b/src/lib/libssl/src/crypto/engine/eng_fat.c @@ -52,11 +52,13 @@ * Hudson (tjh@cryptsoft.com). * */ +/* ==================================================================== + * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. + * ECDH support in OpenSSL originally developed by + * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project. + */ -#include -#include "cryptlib.h" #include "eng_int.h" -#include #include int ENGINE_set_default(ENGINE *e, unsigned int flags) @@ -76,6 +78,14 @@ int ENGINE_set_default(ENGINE *e, unsigned int flags) #ifndef OPENSSL_NO_DH if((flags & ENGINE_METHOD_DH) && !ENGINE_set_default_DH(e)) return 0; +#endif +#ifndef OPENSSL_NO_ECDH + if((flags & ENGINE_METHOD_ECDH) && !ENGINE_set_default_ECDH(e)) + return 0; +#endif +#ifndef OPENSSL_NO_ECDSA + if((flags & ENGINE_METHOD_ECDSA) && !ENGINE_set_default_ECDSA(e)) + return 0; #endif if((flags & ENGINE_METHOD_RAND) && !ENGINE_set_default_RAND(e)) return 0; @@ -93,6 +103,10 @@ static int int_def_cb(const char *alg, int len, void *arg) *pflags |= ENGINE_METHOD_RSA; else if (!strncmp(alg, "DSA", len)) *pflags |= ENGINE_METHOD_DSA; + else if (!strncmp(alg, "ECDH", len)) + *pflags |= ENGINE_METHOD_ECDH; + else if (!strncmp(alg, "ECDSA", len)) + *pflags |= ENGINE_METHOD_ECDSA; else if (!strncmp(alg, "DH", len)) *pflags |= ENGINE_METHOD_DH; else if (!strncmp(alg, "RAND", len)) @@ -132,6 +146,12 @@ int ENGINE_register_complete(ENGINE *e) #endif #ifndef OPENSSL_NO_DH ENGINE_register_DH(e); +#endif +#ifndef OPENSSL_NO_ECDH + ENGINE_register_ECDH(e); +#endif +#ifndef OPENSSL_NO_ECDSA + ENGINE_register_ECDSA(e); #endif ENGINE_register_RAND(e); return 1; diff --git a/src/lib/libssl/src/crypto/engine/eng_init.c b/src/lib/libssl/src/crypto/engine/eng_init.c index 170c1791b3..7633cf5f1d 100644 --- a/src/lib/libssl/src/crypto/engine/eng_init.c +++ b/src/lib/libssl/src/crypto/engine/eng_init.c @@ -53,10 +53,7 @@ * */ -#include -#include "cryptlib.h" #include "eng_int.h" -#include /* Initialise a engine type for use (or up its functional reference count * if it's already in use). This version is only used internally. */ @@ -114,7 +111,7 @@ int engine_unlocked_finish(ENGINE *e, int unlock_for_handlers) /* Release the structural reference too */ if(!engine_free_util(e, 0)) { - ENGINEerr(ENGINE_F_ENGINE_FINISH,ENGINE_R_FINISH_FAILED); + ENGINEerr(ENGINE_F_ENGINE_UNLOCKED_FINISH,ENGINE_R_FINISH_FAILED); return 0; } return to_return; diff --git a/src/lib/libssl/src/crypto/engine/eng_int.h b/src/lib/libssl/src/crypto/engine/eng_int.h index 38335f99cd..a5b1edebf4 100644 --- a/src/lib/libssl/src/crypto/engine/eng_int.h +++ b/src/lib/libssl/src/crypto/engine/eng_int.h @@ -55,10 +55,16 @@ * Hudson (tjh@cryptsoft.com). * */ +/* ==================================================================== + * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. + * ECDH support in OpenSSL originally developed by + * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project. + */ #ifndef HEADER_ENGINE_INT_H #define HEADER_ENGINE_INT_H +#include "cryptlib.h" /* Take public definitions from engine.h */ #include @@ -146,7 +152,10 @@ struct engine_st const RSA_METHOD *rsa_meth; const DSA_METHOD *dsa_meth; const DH_METHOD *dh_meth; + const ECDH_METHOD *ecdh_meth; + const ECDSA_METHOD *ecdsa_meth; const RAND_METHOD *rand_meth; + const STORE_METHOD *store_meth; /* Cipher handling is via this callback */ ENGINE_CIPHERS_PTR ciphers; /* Digest handling is via this callback */ diff --git a/src/lib/libssl/src/crypto/engine/eng_lib.c b/src/lib/libssl/src/crypto/engine/eng_lib.c index a66d0f08af..5815b867f4 100644 --- a/src/lib/libssl/src/crypto/engine/eng_lib.c +++ b/src/lib/libssl/src/crypto/engine/eng_lib.c @@ -56,11 +56,8 @@ * */ -#include -#include "cryptlib.h" #include "eng_int.h" -#include /* FIXME: This shouldn't be needed */ -#include +#include /* The "new"/"free" stuff first */ @@ -92,6 +89,7 @@ void engine_set_all_null(ENGINE *e) e->dsa_meth = NULL; e->dh_meth = NULL; e->rand_meth = NULL; + e->store_meth = NULL; e->ciphers = NULL; e->digests = NULL; e->destroy = NULL; @@ -110,7 +108,7 @@ int engine_free_util(ENGINE *e, int locked) if(e == NULL) { - ENGINEerr(ENGINE_F_ENGINE_FREE, + ENGINEerr(ENGINE_F_ENGINE_FREE_UTIL, ERR_R_PASSED_NULL_PARAMETER); return 0; } @@ -319,3 +317,13 @@ const ENGINE_CMD_DEFN *ENGINE_get_cmd_defns(const ENGINE *e) { return e->cmd_defns; } + +/* eng_lib.o is pretty much linked into anything that touches ENGINE already, so + * put the "static_state" hack here. */ + +static int internal_static_hack = 0; + +void *ENGINE_get_static_state(void) + { + return &internal_static_hack; + } diff --git a/src/lib/libssl/src/crypto/engine/eng_list.c b/src/lib/libssl/src/crypto/engine/eng_list.c index 1cc3217f4c..bd511944ba 100644 --- a/src/lib/libssl/src/crypto/engine/eng_list.c +++ b/src/lib/libssl/src/crypto/engine/eng_list.c @@ -55,11 +55,13 @@ * Hudson (tjh@cryptsoft.com). * */ +/* ==================================================================== + * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. + * ECDH support in OpenSSL originally developed by + * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project. + */ -#include -#include "cryptlib.h" #include "eng_int.h" -#include /* The linked-list of pointers to engine types. engine_list_head * incorporates an implicit structural reference but engine_list_tail @@ -323,8 +325,15 @@ static void engine_cpy(ENGINE *dest, const ENGINE *src) #endif #ifndef OPENSSL_NO_DH dest->dh_meth = src->dh_meth; +#endif +#ifndef OPENSSL_NO_ECDH + dest->ecdh_meth = src->ecdh_meth; +#endif +#ifndef OPENSSL_NO_ECDSA + dest->ecdsa_meth = src->ecdsa_meth; #endif dest->rand_meth = src->rand_meth; + dest->store_meth = src->store_meth; dest->ciphers = src->ciphers; dest->digests = src->digests; dest->destroy = src->destroy; @@ -340,6 +349,7 @@ static void engine_cpy(ENGINE *dest, const ENGINE *src) ENGINE *ENGINE_by_id(const char *id) { ENGINE *iterator; + char *load_dir = NULL; if(id == NULL) { ENGINEerr(ENGINE_F_ENGINE_BY_ID, @@ -373,6 +383,7 @@ ENGINE *ENGINE_by_id(const char *id) } } CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE); +#if 0 if(iterator == NULL) { ENGINEerr(ENGINE_F_ENGINE_BY_ID, @@ -380,6 +391,32 @@ ENGINE *ENGINE_by_id(const char *id) ERR_add_error_data(2, "id=", id); } return iterator; +#else + /* EEK! Experimental code starts */ + if(iterator) return iterator; + /* Prevent infinite recusrion if we're looking for the dynamic engine. */ + if (strcmp(id, "dynamic")) + { +#ifdef OPENSSL_SYS_VMS + if((load_dir = getenv("OPENSSL_ENGINES")) == 0) load_dir = "SSLROOT:[ENGINES]"; +#else + if((load_dir = getenv("OPENSSL_ENGINES")) == 0) load_dir = ENGINESDIR; +#endif + iterator = ENGINE_by_id("dynamic"); + if(!iterator || !ENGINE_ctrl_cmd_string(iterator, "ID", id, 0) || + !ENGINE_ctrl_cmd_string(iterator, "DIR_LOAD", "2", 0) || + !ENGINE_ctrl_cmd_string(iterator, "DIR_ADD", + load_dir, 0) || + !ENGINE_ctrl_cmd_string(iterator, "LOAD", NULL, 0)) + goto notfound; + return iterator; + } +notfound: + ENGINEerr(ENGINE_F_ENGINE_BY_ID,ENGINE_R_NO_SUCH_ENGINE); + ERR_add_error_data(2, "id=", id); + return NULL; + /* EEK! Experimental code ends */ +#endif } int ENGINE_up_ref(ENGINE *e) diff --git a/src/lib/libssl/src/crypto/engine/eng_openssl.c b/src/lib/libssl/src/crypto/engine/eng_openssl.c index 54579eea2e..7c139ae2ef 100644 --- a/src/lib/libssl/src/crypto/engine/eng_openssl.c +++ b/src/lib/libssl/src/crypto/engine/eng_openssl.c @@ -55,6 +55,11 @@ * Hudson (tjh@cryptsoft.com). * */ +/* ==================================================================== + * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. + * ECDH support in OpenSSL originally developed by + * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project. + */ #include @@ -64,6 +69,16 @@ #include #include #include +#include +#ifndef OPENSSL_NO_RSA +#include +#endif +#ifndef OPENSSL_NO_DSA +#include +#endif +#ifndef OPENSSL_NO_DH +#include +#endif /* This testing gunk is implemented (and explained) lower down. It also assumes * the application explicitly calls "ENGINE_load_openssl()" because this is no @@ -125,6 +140,12 @@ static int bind_helper(ENGINE *e) #ifndef OPENSSL_NO_DSA || !ENGINE_set_DSA(e, DSA_get_default_method()) #endif +#ifndef OPENSSL_NO_ECDH + || !ENGINE_set_ECDH(e, ECDH_OpenSSL()) +#endif +#ifndef OPENSSL_NO_ECDSA + || !ENGINE_set_ECDSA(e, ECDSA_OpenSSL()) +#endif #ifndef OPENSSL_NO_DH || !ENGINE_set_DH(e, DH_get_default_method()) #endif @@ -236,6 +257,7 @@ static const EVP_CIPHER test_r4_cipher= sizeof(TEST_RC4_KEY), NULL, NULL, + NULL, NULL }; static const EVP_CIPHER test_r4_40_cipher= @@ -249,6 +271,7 @@ static const EVP_CIPHER test_r4_40_cipher= sizeof(TEST_RC4_KEY), NULL, NULL, + NULL, NULL }; static int openssl_ciphers(ENGINE *e, const EVP_CIPHER **cipher, @@ -290,7 +313,7 @@ static int test_sha1_init(EVP_MD_CTX *ctx) #endif return SHA1_Init(ctx->md_data); } -static int test_sha1_update(EVP_MD_CTX *ctx,const void *data,unsigned long count) +static int test_sha1_update(EVP_MD_CTX *ctx,const void *data,size_t count) { #ifdef TEST_ENG_OPENSSL_SHA_P_UPDATE fprintf(stderr, "(TEST_ENG_OPENSSL_SHA) test_sha1_update() called\n"); diff --git a/src/lib/libssl/src/crypto/engine/eng_padlock.c b/src/lib/libssl/src/crypto/engine/eng_padlock.c new file mode 100644 index 0000000000..1ba9d85db4 --- /dev/null +++ b/src/lib/libssl/src/crypto/engine/eng_padlock.c @@ -0,0 +1,1219 @@ +/* + * Support for VIA PadLock Advanced Cryptography Engine (ACE) + * Written by Michal Ludvig + * http://www.logix.cz/michal + * + * Big thanks to Andy Polyakov for a help with optimization, + * assembler fixes, port to MS Windows and a lot of other + * valuable work on this engine! + */ + +/* ==================================================================== + * Copyright (c) 1999-2001 The OpenSSL Project. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * 3. All advertising materials mentioning features or use of this + * software must display the following acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" + * + * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to + * endorse or promote products derived from this software without + * prior written permission. For written permission, please contact + * licensing@OpenSSL.org. + * + * 5. Products derived from this software may not be called "OpenSSL" + * nor may "OpenSSL" appear in their names without prior written + * permission of the OpenSSL Project. + * + * 6. Redistributions of any form whatsoever must retain the following + * acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" + * + * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY + * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR + * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * ==================================================================== + * + * This product includes cryptographic software written by Eric Young + * (eay@cryptsoft.com). This product includes software written by Tim + * Hudson (tjh@cryptsoft.com). + * + */ + + +#include +#include + +#include +#include +#include +#include +#include +#ifndef OPENSSL_NO_AES +#include +#endif +#include +#include + +#ifndef OPENSSL_NO_HW +#ifndef OPENSSL_NO_HW_PADLOCK + +/* Attempt to have a single source for both 0.9.7 and 0.9.8 :-) */ +#if (OPENSSL_VERSION_NUMBER >= 0x00908000L) +# ifndef OPENSSL_NO_DYNAMIC_ENGINE +# define DYNAMIC_ENGINE +# endif +#elif (OPENSSL_VERSION_NUMBER >= 0x00907000L) +# ifdef ENGINE_DYNAMIC_SUPPORT +# define DYNAMIC_ENGINE +# endif +#else +# error "Only OpenSSL >= 0.9.7 is supported" +#endif + +/* VIA PadLock AES is available *ONLY* on some x86 CPUs. + Not only that it doesn't exist elsewhere, but it + even can't be compiled on other platforms! + + In addition, because of the heavy use of inline assembler, + compiler choice is limited to GCC and Microsoft C. */ +#undef COMPILE_HW_PADLOCK +#if !defined(I386_ONLY) && !defined(OPENSSL_NO_INLINE_ASM) +# if (defined(__GNUC__) && (defined(__i386__) || defined(__i386))) || \ + (defined(_MSC_VER) && defined(_M_IX86)) +# define COMPILE_HW_PADLOCK +static ENGINE *ENGINE_padlock (void); +# endif +#endif + +void ENGINE_load_padlock (void) +{ +/* On non-x86 CPUs it just returns. */ +#ifdef COMPILE_HW_PADLOCK + ENGINE *toadd = ENGINE_padlock (); + if (!toadd) return; + ENGINE_add (toadd); + ENGINE_free (toadd); + ERR_clear_error (); +#endif +} + +#ifdef COMPILE_HW_PADLOCK +/* We do these includes here to avoid header problems on platforms that + do not have the VIA padlock anyway... */ +#ifdef _MSC_VER +# include +# define alloca _alloca +#elif defined(NETWARE_CLIB) && defined(__GNUC__) + void *alloca(size_t); +# define alloca(s) __builtin_alloca(s) +#else +# include +#endif + +/* Function for ENGINE detection and control */ +static int padlock_available(void); +static int padlock_init(ENGINE *e); + +/* RNG Stuff */ +static RAND_METHOD padlock_rand; + +/* Cipher Stuff */ +#ifndef OPENSSL_NO_AES +static int padlock_ciphers(ENGINE *e, const EVP_CIPHER **cipher, const int **nids, int nid); +#endif + +/* Engine names */ +static const char *padlock_id = "padlock"; +static char padlock_name[100]; + +/* Available features */ +static int padlock_use_ace = 0; /* Advanced Cryptography Engine */ +static int padlock_use_rng = 0; /* Random Number Generator */ +#ifndef OPENSSL_NO_AES +static int padlock_aes_align_required = 1; +#endif + +/* ===== Engine "management" functions ===== */ + +/* Prepare the ENGINE structure for registration */ +static int +padlock_bind_helper(ENGINE *e) +{ + /* Check available features */ + padlock_available(); + +#if 1 /* disable RNG for now, see commentary in vicinity of RNG code */ + padlock_use_rng=0; +#endif + + /* Generate a nice engine name with available features */ + BIO_snprintf(padlock_name, sizeof(padlock_name), + "VIA PadLock (%s, %s)", + padlock_use_rng ? "RNG" : "no-RNG", + padlock_use_ace ? "ACE" : "no-ACE"); + + /* Register everything or return with an error */ + if (!ENGINE_set_id(e, padlock_id) || + !ENGINE_set_name(e, padlock_name) || + + !ENGINE_set_init_function(e, padlock_init) || +#ifndef OPENSSL_NO_AES + (padlock_use_ace && !ENGINE_set_ciphers (e, padlock_ciphers)) || +#endif + (padlock_use_rng && !ENGINE_set_RAND (e, &padlock_rand))) { + return 0; + } + + /* Everything looks good */ + return 1; +} + +/* Constructor */ +static ENGINE * +ENGINE_padlock(void) +{ + ENGINE *eng = ENGINE_new(); + + if (!eng) { + return NULL; + } + + if (!padlock_bind_helper(eng)) { + ENGINE_free(eng); + return NULL; + } + + return eng; +} + +/* Check availability of the engine */ +static int +padlock_init(ENGINE *e) +{ + return (padlock_use_rng || padlock_use_ace); +} + +/* This stuff is needed if this ENGINE is being compiled into a self-contained + * shared-library. + */ +#ifdef DYNAMIC_ENGINE +static int +padlock_bind_fn(ENGINE *e, const char *id) +{ + if (id && (strcmp(id, padlock_id) != 0)) { + return 0; + } + + if (!padlock_bind_helper(e)) { + return 0; + } + + return 1; +} + +IMPLEMENT_DYNAMIC_CHECK_FN (); +IMPLEMENT_DYNAMIC_BIND_FN (padlock_bind_fn); +#endif /* DYNAMIC_ENGINE */ + +/* ===== Here comes the "real" engine ===== */ + +#ifndef OPENSSL_NO_AES +/* Some AES-related constants */ +#define AES_BLOCK_SIZE 16 +#define AES_KEY_SIZE_128 16 +#define AES_KEY_SIZE_192 24 +#define AES_KEY_SIZE_256 32 + +/* Here we store the status information relevant to the + current context. */ +/* BIG FAT WARNING: + * Inline assembler in PADLOCK_XCRYPT_ASM() + * depends on the order of items in this structure. + * Don't blindly modify, reorder, etc! + */ +struct padlock_cipher_data +{ + unsigned char iv[AES_BLOCK_SIZE]; /* Initialization vector */ + union { unsigned int pad[4]; + struct { + int rounds:4; + int dgst:1; /* n/a in C3 */ + int align:1; /* n/a in C3 */ + int ciphr:1; /* n/a in C3 */ + unsigned int keygen:1; + int interm:1; + unsigned int encdec:1; + int ksize:2; + } b; + } cword; /* Control word */ + AES_KEY ks; /* Encryption key */ +}; + +/* + * Essentially this variable belongs in thread local storage. + * Having this variable global on the other hand can only cause + * few bogus key reloads [if any at all on single-CPU system], + * so we accept the penatly... + */ +static volatile struct padlock_cipher_data *padlock_saved_context; +#endif + +/* + * ======================================================= + * Inline assembler section(s). + * ======================================================= + * Order of arguments is chosen to facilitate Windows port + * using __fastcall calling convention. If you wish to add + * more routines, keep in mind that first __fastcall + * argument is passed in %ecx and second - in %edx. + * ======================================================= + */ +#if defined(__GNUC__) && __GNUC__>=2 +/* + * As for excessive "push %ebx"/"pop %ebx" found all over. + * When generating position-independent code GCC won't let + * us use "b" in assembler templates nor even respect "ebx" + * in "clobber description." Therefore the trouble... + */ + +/* Helper function - check if a CPUID instruction + is available on this CPU */ +static int +padlock_insn_cpuid_available(void) +{ + int result = -1; + + /* We're checking if the bit #21 of EFLAGS + can be toggled. If yes = CPUID is available. */ + asm volatile ( + "pushf\n" + "popl %%eax\n" + "xorl $0x200000, %%eax\n" + "movl %%eax, %%ecx\n" + "andl $0x200000, %%ecx\n" + "pushl %%eax\n" + "popf\n" + "pushf\n" + "popl %%eax\n" + "andl $0x200000, %%eax\n" + "xorl %%eax, %%ecx\n" + "movl %%ecx, %0\n" + : "=r" (result) : : "eax", "ecx"); + + return (result == 0); +} + +/* Load supported features of the CPU to see if + the PadLock is available. */ +static int +padlock_available(void) +{ + char vendor_string[16]; + unsigned int eax, edx; + + /* First check if the CPUID instruction is available at all... */ + if (! padlock_insn_cpuid_available()) + return 0; + + /* Are we running on the Centaur (VIA) CPU? */ + eax = 0x00000000; + vendor_string[12] = 0; + asm volatile ( + "pushl %%ebx\n" + "cpuid\n" + "movl %%ebx,(%%edi)\n" + "movl %%edx,4(%%edi)\n" + "movl %%ecx,8(%%edi)\n" + "popl %%ebx" + : "+a"(eax) : "D"(vendor_string) : "ecx", "edx"); + if (strcmp(vendor_string, "CentaurHauls") != 0) + return 0; + + /* Check for Centaur Extended Feature Flags presence */ + eax = 0xC0000000; + asm volatile ("pushl %%ebx; cpuid; popl %%ebx" + : "+a"(eax) : : "ecx", "edx"); + if (eax < 0xC0000001) + return 0; + + /* Read the Centaur Extended Feature Flags */ + eax = 0xC0000001; + asm volatile ("pushl %%ebx; cpuid; popl %%ebx" + : "+a"(eax), "=d"(edx) : : "ecx"); + + /* Fill up some flags */ + padlock_use_ace = ((edx & (0x3<<6)) == (0x3<<6)); + padlock_use_rng = ((edx & (0x3<<2)) == (0x3<<2)); + + return padlock_use_ace + padlock_use_rng; +} + +#ifndef OPENSSL_NO_AES +/* Our own htonl()/ntohl() */ +static inline void +padlock_bswapl(AES_KEY *ks) +{ + size_t i = sizeof(ks->rd_key)/sizeof(ks->rd_key[0]); + unsigned int *key = ks->rd_key; + + while (i--) { + asm volatile ("bswapl %0" : "+r"(*key)); + key++; + } +} +#endif + +/* Force key reload from memory to the CPU microcode. + Loading EFLAGS from the stack clears EFLAGS[30] + which does the trick. */ +static inline void +padlock_reload_key(void) +{ + asm volatile ("pushfl; popfl"); +} + +#ifndef OPENSSL_NO_AES +/* + * This is heuristic key context tracing. At first one + * believes that one should use atomic swap instructions, + * but it's not actually necessary. Point is that if + * padlock_saved_context was changed by another thread + * after we've read it and before we compare it with cdata, + * our key *shall* be reloaded upon thread context switch + * and we are therefore set in either case... + */ +static inline void +padlock_verify_context(struct padlock_cipher_data *cdata) +{ + asm volatile ( + "pushfl\n" +" btl $30,(%%esp)\n" +" jnc 1f\n" +" cmpl %2,%1\n" +" je 1f\n" +" popfl\n" +" subl $4,%%esp\n" +"1: addl $4,%%esp\n" +" movl %2,%0" + :"+m"(padlock_saved_context) + : "r"(padlock_saved_context), "r"(cdata) : "cc"); +} + +/* Template for padlock_xcrypt_* modes */ +/* BIG FAT WARNING: + * The offsets used with 'leal' instructions + * describe items of the 'padlock_cipher_data' + * structure. + */ +#define PADLOCK_XCRYPT_ASM(name,rep_xcrypt) \ +static inline void *name(size_t cnt, \ + struct padlock_cipher_data *cdata, \ + void *out, const void *inp) \ +{ void *iv; \ + asm volatile ( "pushl %%ebx\n" \ + " leal 16(%0),%%edx\n" \ + " leal 32(%0),%%ebx\n" \ + rep_xcrypt "\n" \ + " popl %%ebx" \ + : "=a"(iv), "=c"(cnt), "=D"(out), "=S"(inp) \ + : "0"(cdata), "1"(cnt), "2"(out), "3"(inp) \ + : "edx", "cc", "memory"); \ + return iv; \ +} + +/* Generate all functions with appropriate opcodes */ +PADLOCK_XCRYPT_ASM(padlock_xcrypt_ecb, ".byte 0xf3,0x0f,0xa7,0xc8") /* rep xcryptecb */ +PADLOCK_XCRYPT_ASM(padlock_xcrypt_cbc, ".byte 0xf3,0x0f,0xa7,0xd0") /* rep xcryptcbc */ +PADLOCK_XCRYPT_ASM(padlock_xcrypt_cfb, ".byte 0xf3,0x0f,0xa7,0xe0") /* rep xcryptcfb */ +PADLOCK_XCRYPT_ASM(padlock_xcrypt_ofb, ".byte 0xf3,0x0f,0xa7,0xe8") /* rep xcryptofb */ +#endif + +/* The RNG call itself */ +static inline unsigned int +padlock_xstore(void *addr, unsigned int edx_in) +{ + unsigned int eax_out; + + asm volatile (".byte 0x0f,0xa7,0xc0" /* xstore */ + : "=a"(eax_out),"=m"(*(unsigned *)addr) + : "D"(addr), "d" (edx_in) + ); + + return eax_out; +} + +/* Why not inline 'rep movsd'? I failed to find information on what + * value in Direction Flag one can expect and consequently have to + * apply "better-safe-than-sorry" approach and assume "undefined." + * I could explicitly clear it and restore the original value upon + * return from padlock_aes_cipher, but it's presumably too much + * trouble for too little gain... + * + * In case you wonder 'rep xcrypt*' instructions above are *not* + * affected by the Direction Flag and pointers advance toward + * larger addresses unconditionally. + */ +static inline unsigned char * +padlock_memcpy(void *dst,const void *src,size_t n) +{ + long *d=dst; + const long *s=src; + + n /= sizeof(*d); + do { *d++ = *s++; } while (--n); + + return dst; +} + +#elif defined(_MSC_VER) +/* + * Unlike GCC these are real functions. In order to minimize impact + * on performance we adhere to __fastcall calling convention in + * order to get two first arguments passed through %ecx and %edx. + * Which kind of suits very well, as instructions in question use + * both %ecx and %edx as input:-) + */ +#define REP_XCRYPT(code) \ + _asm _emit 0xf3 \ + _asm _emit 0x0f _asm _emit 0xa7 \ + _asm _emit code + +/* BIG FAT WARNING: + * The offsets used with 'lea' instructions + * describe items of the 'padlock_cipher_data' + * structure. + */ +#define PADLOCK_XCRYPT_ASM(name,code) \ +static void * __fastcall \ + name (size_t cnt, void *cdata, \ + void *outp, const void *inp) \ +{ _asm mov eax,edx \ + _asm lea edx,[eax+16] \ + _asm lea ebx,[eax+32] \ + _asm mov edi,outp \ + _asm mov esi,inp \ + REP_XCRYPT(code) \ +} + +PADLOCK_XCRYPT_ASM(padlock_xcrypt_ecb,0xc8) +PADLOCK_XCRYPT_ASM(padlock_xcrypt_cbc,0xd0) +PADLOCK_XCRYPT_ASM(padlock_xcrypt_cfb,0xe0) +PADLOCK_XCRYPT_ASM(padlock_xcrypt_ofb,0xe8) + +static int __fastcall +padlock_xstore(void *outp,unsigned int code) +{ _asm mov edi,ecx + _asm _emit 0x0f _asm _emit 0xa7 _asm _emit 0xc0 +} + +static void __fastcall +padlock_reload_key(void) +{ _asm pushfd _asm popfd } + +static void __fastcall +padlock_verify_context(void *cdata) +{ _asm { + pushfd + bt DWORD PTR[esp],30 + jnc skip + cmp ecx,padlock_saved_context + je skip + popfd + sub esp,4 + skip: add esp,4 + mov padlock_saved_context,ecx + } +} + +static int +padlock_available(void) +{ _asm { + pushfd + pop eax + mov ecx,eax + xor eax,1<<21 + push eax + popfd + pushfd + pop eax + xor eax,ecx + bt eax,21 + jnc noluck + mov eax,0 + cpuid + xor eax,eax + cmp ebx,'tneC' + jne noluck + cmp edx,'Hrua' + jne noluck + cmp ecx,'slua' + jne noluck + mov eax,0xC0000000 + cpuid + mov edx,eax + xor eax,eax + cmp edx,0xC0000001 + jb noluck + mov eax,0xC0000001 + cpuid + xor eax,eax + bt edx,6 + jnc skip_a + bt edx,7 + jnc skip_a + mov padlock_use_ace,1 + inc eax + skip_a: bt edx,2 + jnc skip_r + bt edx,3 + jnc skip_r + mov padlock_use_rng,1 + inc eax + skip_r: + noluck: + } +} + +static void __fastcall +padlock_bswapl(void *key) +{ _asm { + pushfd + cld + mov esi,ecx + mov edi,ecx + mov ecx,60 + up: lodsd + bswap eax + stosd + loop up + popfd + } +} + +/* MS actually specifies status of Direction Flag and compiler even + * manages to compile following as 'rep movsd' all by itself... + */ +#define padlock_memcpy(o,i,n) ((unsigned char *)memcpy((o),(i),(n)&~3U)) +#endif + +/* ===== AES encryption/decryption ===== */ +#ifndef OPENSSL_NO_AES + +#if defined(NID_aes_128_cfb128) && ! defined (NID_aes_128_cfb) +#define NID_aes_128_cfb NID_aes_128_cfb128 +#endif + +#if defined(NID_aes_128_ofb128) && ! defined (NID_aes_128_ofb) +#define NID_aes_128_ofb NID_aes_128_ofb128 +#endif + +#if defined(NID_aes_192_cfb128) && ! defined (NID_aes_192_cfb) +#define NID_aes_192_cfb NID_aes_192_cfb128 +#endif + +#if defined(NID_aes_192_ofb128) && ! defined (NID_aes_192_ofb) +#define NID_aes_192_ofb NID_aes_192_ofb128 +#endif + +#if defined(NID_aes_256_cfb128) && ! defined (NID_aes_256_cfb) +#define NID_aes_256_cfb NID_aes_256_cfb128 +#endif + +#if defined(NID_aes_256_ofb128) && ! defined (NID_aes_256_ofb) +#define NID_aes_256_ofb NID_aes_256_ofb128 +#endif + +/* List of supported ciphers. */ +static int padlock_cipher_nids[] = { + NID_aes_128_ecb, + NID_aes_128_cbc, + NID_aes_128_cfb, + NID_aes_128_ofb, + + NID_aes_192_ecb, + NID_aes_192_cbc, + NID_aes_192_cfb, + NID_aes_192_ofb, + + NID_aes_256_ecb, + NID_aes_256_cbc, + NID_aes_256_cfb, + NID_aes_256_ofb, +}; +static int padlock_cipher_nids_num = (sizeof(padlock_cipher_nids)/ + sizeof(padlock_cipher_nids[0])); + +/* Function prototypes ... */ +static int padlock_aes_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, + const unsigned char *iv, int enc); +static int padlock_aes_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, + const unsigned char *in, size_t nbytes); + +#define NEAREST_ALIGNED(ptr) ( (unsigned char *)(ptr) + \ + ( (0x10 - ((size_t)(ptr) & 0x0F)) & 0x0F ) ) +#define ALIGNED_CIPHER_DATA(ctx) ((struct padlock_cipher_data *)\ + NEAREST_ALIGNED(ctx->cipher_data)) + +#define EVP_CIPHER_block_size_ECB AES_BLOCK_SIZE +#define EVP_CIPHER_block_size_CBC AES_BLOCK_SIZE +#define EVP_CIPHER_block_size_OFB 1 +#define EVP_CIPHER_block_size_CFB 1 + +/* Declaring so many ciphers by hand would be a pain. + Instead introduce a bit of preprocessor magic :-) */ +#define DECLARE_AES_EVP(ksize,lmode,umode) \ +static const EVP_CIPHER padlock_aes_##ksize##_##lmode = { \ + NID_aes_##ksize##_##lmode, \ + EVP_CIPHER_block_size_##umode, \ + AES_KEY_SIZE_##ksize, \ + AES_BLOCK_SIZE, \ + 0 | EVP_CIPH_##umode##_MODE, \ + padlock_aes_init_key, \ + padlock_aes_cipher, \ + NULL, \ + sizeof(struct padlock_cipher_data) + 16, \ + EVP_CIPHER_set_asn1_iv, \ + EVP_CIPHER_get_asn1_iv, \ + NULL, \ + NULL \ +} + +DECLARE_AES_EVP(128,ecb,ECB); +DECLARE_AES_EVP(128,cbc,CBC); +DECLARE_AES_EVP(128,cfb,CFB); +DECLARE_AES_EVP(128,ofb,OFB); + +DECLARE_AES_EVP(192,ecb,ECB); +DECLARE_AES_EVP(192,cbc,CBC); +DECLARE_AES_EVP(192,cfb,CFB); +DECLARE_AES_EVP(192,ofb,OFB); + +DECLARE_AES_EVP(256,ecb,ECB); +DECLARE_AES_EVP(256,cbc,CBC); +DECLARE_AES_EVP(256,cfb,CFB); +DECLARE_AES_EVP(256,ofb,OFB); + +static int +padlock_ciphers (ENGINE *e, const EVP_CIPHER **cipher, const int **nids, int nid) +{ + /* No specific cipher => return a list of supported nids ... */ + if (!cipher) { + *nids = padlock_cipher_nids; + return padlock_cipher_nids_num; + } + + /* ... or the requested "cipher" otherwise */ + switch (nid) { + case NID_aes_128_ecb: + *cipher = &padlock_aes_128_ecb; + break; + case NID_aes_128_cbc: + *cipher = &padlock_aes_128_cbc; + break; + case NID_aes_128_cfb: + *cipher = &padlock_aes_128_cfb; + break; + case NID_aes_128_ofb: + *cipher = &padlock_aes_128_ofb; + break; + + case NID_aes_192_ecb: + *cipher = &padlock_aes_192_ecb; + break; + case NID_aes_192_cbc: + *cipher = &padlock_aes_192_cbc; + break; + case NID_aes_192_cfb: + *cipher = &padlock_aes_192_cfb; + break; + case NID_aes_192_ofb: + *cipher = &padlock_aes_192_ofb; + break; + + case NID_aes_256_ecb: + *cipher = &padlock_aes_256_ecb; + break; + case NID_aes_256_cbc: + *cipher = &padlock_aes_256_cbc; + break; + case NID_aes_256_cfb: + *cipher = &padlock_aes_256_cfb; + break; + case NID_aes_256_ofb: + *cipher = &padlock_aes_256_ofb; + break; + + default: + /* Sorry, we don't support this NID */ + *cipher = NULL; + return 0; + } + + return 1; +} + +/* Prepare the encryption key for PadLock usage */ +static int +padlock_aes_init_key (EVP_CIPHER_CTX *ctx, const unsigned char *key, + const unsigned char *iv, int enc) +{ + struct padlock_cipher_data *cdata; + int key_len = EVP_CIPHER_CTX_key_length(ctx) * 8; + + if (key==NULL) return 0; /* ERROR */ + + cdata = ALIGNED_CIPHER_DATA(ctx); + memset(cdata, 0, sizeof(struct padlock_cipher_data)); + + /* Prepare Control word. */ + if (EVP_CIPHER_CTX_mode(ctx) == EVP_CIPH_OFB_MODE) + cdata->cword.b.encdec = 0; + else + cdata->cword.b.encdec = (ctx->encrypt == 0); + cdata->cword.b.rounds = 10 + (key_len - 128) / 32; + cdata->cword.b.ksize = (key_len - 128) / 64; + + switch(key_len) { + case 128: + /* PadLock can generate an extended key for + AES128 in hardware */ + memcpy(cdata->ks.rd_key, key, AES_KEY_SIZE_128); + cdata->cword.b.keygen = 0; + break; + + case 192: + case 256: + /* Generate an extended AES key in software. + Needed for AES192/AES256 */ + /* Well, the above applies to Stepping 8 CPUs + and is listed as hardware errata. They most + likely will fix it at some point and then + a check for stepping would be due here. */ + if (EVP_CIPHER_CTX_mode(ctx) == EVP_CIPH_CFB_MODE || + EVP_CIPHER_CTX_mode(ctx) == EVP_CIPH_OFB_MODE || + enc) + AES_set_encrypt_key(key, key_len, &cdata->ks); + else + AES_set_decrypt_key(key, key_len, &cdata->ks); +#ifndef AES_ASM + /* OpenSSL C functions use byte-swapped extended key. */ + padlock_bswapl(&cdata->ks); +#endif + cdata->cword.b.keygen = 1; + break; + + default: + /* ERROR */ + return 0; + } + + /* + * This is done to cover for cases when user reuses the + * context for new key. The catch is that if we don't do + * this, padlock_eas_cipher might proceed with old key... + */ + padlock_reload_key (); + + return 1; +} + +/* + * Simplified version of padlock_aes_cipher() used when + * 1) both input and output buffers are at aligned addresses. + * or when + * 2) running on a newer CPU that doesn't require aligned buffers. + */ +static int +padlock_aes_cipher_omnivorous(EVP_CIPHER_CTX *ctx, unsigned char *out_arg, + const unsigned char *in_arg, size_t nbytes) +{ + struct padlock_cipher_data *cdata; + void *iv; + + cdata = ALIGNED_CIPHER_DATA(ctx); + padlock_verify_context(cdata); + + switch (EVP_CIPHER_CTX_mode(ctx)) { + case EVP_CIPH_ECB_MODE: + padlock_xcrypt_ecb(nbytes/AES_BLOCK_SIZE, cdata, out_arg, in_arg); + break; + + case EVP_CIPH_CBC_MODE: + memcpy(cdata->iv, ctx->iv, AES_BLOCK_SIZE); + iv = padlock_xcrypt_cbc(nbytes/AES_BLOCK_SIZE, cdata, out_arg, in_arg); + memcpy(ctx->iv, iv, AES_BLOCK_SIZE); + break; + + case EVP_CIPH_CFB_MODE: + memcpy(cdata->iv, ctx->iv, AES_BLOCK_SIZE); + iv = padlock_xcrypt_cfb(nbytes/AES_BLOCK_SIZE, cdata, out_arg, in_arg); + memcpy(ctx->iv, iv, AES_BLOCK_SIZE); + break; + + case EVP_CIPH_OFB_MODE: + memcpy(cdata->iv, ctx->iv, AES_BLOCK_SIZE); + padlock_xcrypt_ofb(nbytes/AES_BLOCK_SIZE, cdata, out_arg, in_arg); + memcpy(ctx->iv, cdata->iv, AES_BLOCK_SIZE); + break; + + default: + return 0; + } + + memset(cdata->iv, 0, AES_BLOCK_SIZE); + + return 1; +} + +#ifndef PADLOCK_CHUNK +# define PADLOCK_CHUNK 512 /* Must be a power of 2 larger than 16 */ +#endif +#if PADLOCK_CHUNK<16 || PADLOCK_CHUNK&(PADLOCK_CHUNK-1) +# error "insane PADLOCK_CHUNK..." +#endif + +/* Re-align the arguments to 16-Bytes boundaries and run the + encryption function itself. This function is not AES-specific. */ +static int +padlock_aes_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out_arg, + const unsigned char *in_arg, size_t nbytes) +{ + struct padlock_cipher_data *cdata; + const void *inp; + unsigned char *out; + void *iv; + int inp_misaligned, out_misaligned, realign_in_loop; + size_t chunk, allocated=0; + + /* ctx->num is maintained in byte-oriented modes, + such as CFB and OFB... */ + if ((chunk = ctx->num)) { /* borrow chunk variable */ + unsigned char *ivp=ctx->iv; + + switch (EVP_CIPHER_CTX_mode(ctx)) { + case EVP_CIPH_CFB_MODE: + if (chunk >= AES_BLOCK_SIZE) + return 0; /* bogus value */ + + if (ctx->encrypt) + while (chunknum = chunk%AES_BLOCK_SIZE; + break; + case EVP_CIPH_OFB_MODE: + if (chunk >= AES_BLOCK_SIZE) + return 0; /* bogus value */ + + while (chunknum = chunk%AES_BLOCK_SIZE; + break; + } + } + + if (nbytes == 0) + return 1; +#if 0 + if (nbytes % AES_BLOCK_SIZE) + return 0; /* are we expected to do tail processing? */ +#else + /* nbytes is always multiple of AES_BLOCK_SIZE in ECB and CBC + modes and arbitrary value in byte-oriented modes, such as + CFB and OFB... */ +#endif + + /* VIA promises CPUs that won't require alignment in the future. + For now padlock_aes_align_required is initialized to 1 and + the condition is never met... */ + /* C7 core is capable to manage unaligned input in non-ECB[!] + mode, but performance penalties appear to be approximately + same as for software alignment below or ~3x. They promise to + improve it in the future, but for now we can just as well + pretend that it can only handle aligned input... */ + if (!padlock_aes_align_required && (nbytes%AES_BLOCK_SIZE)==0) + return padlock_aes_cipher_omnivorous(ctx, out_arg, in_arg, nbytes); + + inp_misaligned = (((size_t)in_arg) & 0x0F); + out_misaligned = (((size_t)out_arg) & 0x0F); + + /* Note that even if output is aligned and input not, + * I still prefer to loop instead of copy the whole + * input and then encrypt in one stroke. This is done + * in order to improve L1 cache utilization... */ + realign_in_loop = out_misaligned|inp_misaligned; + + if (!realign_in_loop && (nbytes%AES_BLOCK_SIZE)==0) + return padlock_aes_cipher_omnivorous(ctx, out_arg, in_arg, nbytes); + + /* this takes one "if" out of the loops */ + chunk = nbytes; + chunk %= PADLOCK_CHUNK; + if (chunk==0) chunk = PADLOCK_CHUNK; + + if (out_misaligned) { + /* optmize for small input */ + allocated = (chunkiv, ctx->iv, AES_BLOCK_SIZE); + goto cbc_shortcut; + do { + if (iv != cdata->iv) + memcpy(cdata->iv, iv, AES_BLOCK_SIZE); + chunk = PADLOCK_CHUNK; + cbc_shortcut: /* optimize for small input */ + if (inp_misaligned) + inp = padlock_memcpy(out, in_arg, chunk); + else + inp = in_arg; + in_arg += chunk; + + iv = padlock_xcrypt_cbc(chunk/AES_BLOCK_SIZE, cdata, out, inp); + + if (out_misaligned) + out_arg = padlock_memcpy(out_arg, out, chunk) + chunk; + else + out = out_arg+=chunk; + + } while (nbytes -= chunk); + memcpy(ctx->iv, iv, AES_BLOCK_SIZE); + break; + + case EVP_CIPH_CFB_MODE: + memcpy (iv = cdata->iv, ctx->iv, AES_BLOCK_SIZE); + chunk &= ~(AES_BLOCK_SIZE-1); + if (chunk) goto cfb_shortcut; + else goto cfb_skiploop; + do { + if (iv != cdata->iv) + memcpy(cdata->iv, iv, AES_BLOCK_SIZE); + chunk = PADLOCK_CHUNK; + cfb_shortcut: /* optimize for small input */ + if (inp_misaligned) + inp = padlock_memcpy(out, in_arg, chunk); + else + inp = in_arg; + in_arg += chunk; + + iv = padlock_xcrypt_cfb(chunk/AES_BLOCK_SIZE, cdata, out, inp); + + if (out_misaligned) + out_arg = padlock_memcpy(out_arg, out, chunk) + chunk; + else + out = out_arg+=chunk; + + nbytes -= chunk; + } while (nbytes >= AES_BLOCK_SIZE); + + cfb_skiploop: + if (nbytes) { + unsigned char *ivp = cdata->iv; + + if (iv != ivp) { + memcpy(ivp, iv, AES_BLOCK_SIZE); + iv = ivp; + } + ctx->num = nbytes; + if (cdata->cword.b.encdec) { + cdata->cword.b.encdec=0; + padlock_reload_key(); + padlock_xcrypt_ecb(1,cdata,ivp,ivp); + cdata->cword.b.encdec=1; + padlock_reload_key(); + while(nbytes) { + unsigned char c = *(in_arg++); + *(out_arg++) = c ^ *ivp; + *(ivp++) = c, nbytes--; + } + } + else { padlock_reload_key(); + padlock_xcrypt_ecb(1,cdata,ivp,ivp); + padlock_reload_key(); + while (nbytes) { + *ivp = *(out_arg++) = *(in_arg++) ^ *ivp; + ivp++, nbytes--; + } + } + } + + memcpy(ctx->iv, iv, AES_BLOCK_SIZE); + break; + + case EVP_CIPH_OFB_MODE: + memcpy(cdata->iv, ctx->iv, AES_BLOCK_SIZE); + chunk &= ~(AES_BLOCK_SIZE-1); + if (chunk) do { + if (inp_misaligned) + inp = padlock_memcpy(out, in_arg, chunk); + else + inp = in_arg; + in_arg += chunk; + + padlock_xcrypt_ofb(chunk/AES_BLOCK_SIZE, cdata, out, inp); + + if (out_misaligned) + out_arg = padlock_memcpy(out_arg, out, chunk) + chunk; + else + out = out_arg+=chunk; + + nbytes -= chunk; + chunk = PADLOCK_CHUNK; + } while (nbytes >= AES_BLOCK_SIZE); + + if (nbytes) { + unsigned char *ivp = cdata->iv; + + ctx->num = nbytes; + padlock_reload_key(); /* empirically found */ + padlock_xcrypt_ecb(1,cdata,ivp,ivp); + padlock_reload_key(); /* empirically found */ + while (nbytes) { + *(out_arg++) = *(in_arg++) ^ *ivp; + ivp++, nbytes--; + } + } + + memcpy(ctx->iv, cdata->iv, AES_BLOCK_SIZE); + break; + + default: + return 0; + } + + /* Clean the realign buffer if it was used */ + if (out_misaligned) { + volatile unsigned long *p=(void *)out; + size_t n = allocated/sizeof(*p); + while (n--) *p++=0; + } + + memset(cdata->iv, 0, AES_BLOCK_SIZE); + + return 1; +} + +#endif /* OPENSSL_NO_AES */ + +/* ===== Random Number Generator ===== */ +/* + * This code is not engaged. The reason is that it does not comply + * with recommendations for VIA RNG usage for secure applications + * (posted at http://www.via.com.tw/en/viac3/c3.jsp) nor does it + * provide meaningful error control... + */ +/* Wrapper that provides an interface between the API and + the raw PadLock RNG */ +static int +padlock_rand_bytes(unsigned char *output, int count) +{ + unsigned int eax, buf; + + while (count >= 8) { + eax = padlock_xstore(output, 0); + if (!(eax&(1<<6))) return 0; /* RNG disabled */ + /* this ---vv--- covers DC bias, Raw Bits and String Filter */ + if (eax&(0x1F<<10)) return 0; + if ((eax&0x1F)==0) continue; /* no data, retry... */ + if ((eax&0x1F)!=8) return 0; /* fatal failure... */ + output += 8; + count -= 8; + } + while (count > 0) { + eax = padlock_xstore(&buf, 3); + if (!(eax&(1<<6))) return 0; /* RNG disabled */ + /* this ---vv--- covers DC bias, Raw Bits and String Filter */ + if (eax&(0x1F<<10)) return 0; + if ((eax&0x1F)==0) continue; /* no data, retry... */ + if ((eax&0x1F)!=1) return 0; /* fatal failure... */ + *output++ = (unsigned char)buf; + count--; + } + *(volatile unsigned int *)&buf=0; + + return 1; +} + +/* Dummy but necessary function */ +static int +padlock_rand_status(void) +{ + return 1; +} + +/* Prepare structure for registration */ +static RAND_METHOD padlock_rand = { + NULL, /* seed */ + padlock_rand_bytes, /* bytes */ + NULL, /* cleanup */ + NULL, /* add */ + padlock_rand_bytes, /* pseudorand */ + padlock_rand_status, /* rand status */ +}; + +#endif /* COMPILE_HW_PADLOCK */ + +#endif /* !OPENSSL_NO_HW_PADLOCK */ +#endif /* !OPENSSL_NO_HW */ diff --git a/src/lib/libssl/src/crypto/engine/eng_pkey.c b/src/lib/libssl/src/crypto/engine/eng_pkey.c index 8c69171511..bc8b21abec 100644 --- a/src/lib/libssl/src/crypto/engine/eng_pkey.c +++ b/src/lib/libssl/src/crypto/engine/eng_pkey.c @@ -53,10 +53,7 @@ * */ -#include -#include "cryptlib.h" #include "eng_int.h" -#include /* Basic get/set stuff */ diff --git a/src/lib/libssl/src/crypto/engine/eng_table.c b/src/lib/libssl/src/crypto/engine/eng_table.c index c69a84a8bf..8879a267d1 100644 --- a/src/lib/libssl/src/crypto/engine/eng_table.c +++ b/src/lib/libssl/src/crypto/engine/eng_table.c @@ -52,49 +52,31 @@ * */ +#include "cryptlib.h" #include -#include +#include #include "eng_int.h" -/* This is the type of item in the 'implementation' table. Each 'nid' hashes to - * a (potentially NULL) ENGINE_PILE structure which contains a stack of ENGINE* - * pointers. These pointers aren't references, because they're inserted and - * removed during ENGINE creation and ENGINE destruction. They point to ENGINEs - * that *exist* (ie. have a structural reference count greater than zero) rather - * than ENGINEs that are *functional*. Each pointer in those stacks are to - * ENGINEs that implements the algorithm corresponding to each 'nid'. */ - /* The type of the items in the table */ typedef struct st_engine_pile { - /* The 'nid' of the algorithm/mode this ENGINE_PILE structure represents - * */ + /* The 'nid' of this algorithm/mode */ int nid; - /* A stack of ENGINE pointers for ENGINEs that support this - * algorithm/mode. In the event that 'funct' is NULL, the first entry in - * this stack that initialises will be set as 'funct' and assumed as the - * default for operations of this type. */ + /* ENGINEs that implement this algorithm/mode. */ STACK_OF(ENGINE) *sk; /* The default ENGINE to perform this algorithm/mode. */ ENGINE *funct; - /* This value optimises engine_table_select(). If it is called it sets - * this value to 1. Any changes to this ENGINE_PILE resets it to zero. - * As such, no ENGINE_init() thrashing is done unless ENGINEs - * continually register (and/or unregister). */ + /* Zero if 'sk' is newer than the cached 'funct', non-zero otherwise */ int uptodate; } ENGINE_PILE; -/* The type of the hash table of ENGINE_PILE structures such that each are - * unique and keyed by the 'nid' value. */ +/* The type exposed in eng_int.h */ struct st_engine_table { LHASH piles; }; /* ENGINE_TABLE */ -/* This value stores global options controlling behaviour of (mostly) the - * engine_table_select() function. It's a bitmask of flag values of the form - * ENGINE_TABLE_FLAG_*** (as defined in engine.h) and is controlled by the - * ENGINE_[get|set]_table_flags() function. */ +/* Global flags (ENGINE_TABLE_FLAG_***). */ static unsigned int table_flags = 0; /* API function manipulating 'table_flags' */ @@ -121,10 +103,8 @@ static IMPLEMENT_LHASH_COMP_FN(engine_pile_cmp, const ENGINE_PILE *) static int int_table_check(ENGINE_TABLE **t, int create) { LHASH *lh; - if(*t) - return 1; - if(!create) - return 0; + if(*t) return 1; + if(!create) return 0; if((lh = lh_new(LHASH_HASH_FN(engine_pile_hash), LHASH_COMP_FN(engine_pile_cmp))) == NULL) return 0; @@ -154,8 +134,7 @@ int engine_table_register(ENGINE_TABLE **table, ENGINE_CLEANUP_CB *cleanup, if(!fnd) { fnd = OPENSSL_malloc(sizeof(ENGINE_PILE)); - if(!fnd) - goto end; + if(!fnd) goto end; fnd->uptodate = 1; fnd->nid = *nids; fnd->sk = sk_ENGINE_new_null(); @@ -164,11 +143,11 @@ int engine_table_register(ENGINE_TABLE **table, ENGINE_CLEANUP_CB *cleanup, OPENSSL_free(fnd); goto end; } - fnd->funct= NULL; + fnd->funct = NULL; lh_insert(&(*table)->piles, fnd); } /* A registration shouldn't add duplciate entries */ - sk_ENGINE_delete_ptr(fnd->sk, e); + (void)sk_ENGINE_delete_ptr(fnd->sk, e); /* if 'setdefault', this ENGINE goes to the head of the list */ if(!sk_ENGINE_push(fnd->sk, e)) goto end; @@ -185,6 +164,7 @@ int engine_table_register(ENGINE_TABLE **table, ENGINE_CLEANUP_CB *cleanup, if(fnd->funct) engine_unlocked_finish(fnd->funct, 0); fnd->funct = e; + fnd->uptodate = 1; } nids++; } @@ -199,8 +179,7 @@ static void int_unregister_cb(ENGINE_PILE *pile, ENGINE *e) /* Iterate the 'c->sk' stack removing any occurance of 'e' */ while((n = sk_ENGINE_find(pile->sk, e)) >= 0) { - sk_ENGINE_delete(pile->sk, n); - /* "touch" this ENGINE_CIPHER */ + (void)sk_ENGINE_delete(pile->sk, n); pile->uptodate = 0; } if(pile->funct == e) @@ -239,9 +218,7 @@ void engine_table_cleanup(ENGINE_TABLE **table) CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE); } -/* Exposed API function to get a functional reference from the implementation - * table (ie. try to get a functional reference from the tabled structural - * references) for a given cipher 'nid' */ +/* return a functional reference for a given 'nid' */ #ifndef ENGINE_TABLE_DEBUG ENGINE *engine_table_select(ENGINE_TABLE **table, int nid) #else @@ -252,25 +229,21 @@ ENGINE *engine_table_select_tmp(ENGINE_TABLE **table, int nid, const char *f, in ENGINE_PILE tmplate, *fnd=NULL; int initres, loop = 0; - /* If 'engine_ciphers' is NULL, then it's absolutely *sure* that no - * ENGINEs have registered any implementations! */ if(!(*table)) { #ifdef ENGINE_TABLE_DEBUG - fprintf(stderr, "engine_table_dbg: %s:%d, nid=%d, no " - "registered for anything!\n", f, l, nid); + fprintf(stderr, "engine_table_dbg: %s:%d, nid=%d, nothing " + "registered!\n", f, l, nid); #endif return NULL; } CRYPTO_w_lock(CRYPTO_LOCK_ENGINE); /* Check again inside the lock otherwise we could race against cleanup * operations. But don't worry about a fprintf(stderr). */ - if(!int_table_check(table, 0)) - goto end; + if(!int_table_check(table, 0)) goto end; tmplate.nid = nid; fnd = lh_retrieve(&(*table)->piles, &tmplate); - if(!fnd) - goto end; + if(!fnd) goto end; if(fnd->funct && engine_unlocked_init(fnd->funct)) { #ifdef ENGINE_TABLE_DEBUG @@ -296,34 +269,19 @@ trynext: #endif goto end; } -#if 0 - /* Don't need to get a reference if we hold the lock. If the locking has - * to change in future, that would be different ... */ - ret->struct_ref++; engine_ref_debug(ret, 0, 1) -#endif - /* Try and initialise the ENGINE if it's already functional *or* if the - * ENGINE_TABLE_FLAG_NOINIT flag is not set. */ + /* Try to initialise the ENGINE? */ if((ret->funct_ref > 0) || !(table_flags & ENGINE_TABLE_FLAG_NOINIT)) initres = engine_unlocked_init(ret); else initres = 0; -#if 0 - /* Release the structural reference */ - ret->struct_ref--; engine_ref_debug(ret, 0, -1); -#endif if(initres) { - /* If we didn't have a default (functional reference) for this - * 'nid' (or we had one but for whatever reason we're now - * initialising a different one), use this opportunity to set - * 'funct'. */ + /* Update 'funct' */ if((fnd->funct != ret) && engine_unlocked_init(ret)) { /* If there was a previous default we release it. */ if(fnd->funct) engine_unlocked_finish(fnd->funct, 0); - /* We got an extra functional reference for the - * per-'nid' default */ fnd->funct = ret; #ifdef ENGINE_TABLE_DEBUG fprintf(stderr, "engine_table_dbg: %s:%d, nid=%d, " @@ -338,13 +296,9 @@ trynext: } goto trynext; end: - /* Whatever happened - we should "untouch" our uptodate file seeing as - * we have tried our best to find a functional reference for 'nid'. If - * it failed, it is unlikely to succeed again until some future - * registrations (or unregistrations) have taken place that affect that - * 'nid'. */ - if(fnd) - fnd->uptodate = 1; + /* If it failed, it is unlikely to succeed again until some future + * registrations have taken place. In all cases, we cache. */ + if(fnd) fnd->uptodate = 1; #ifdef ENGINE_TABLE_DEBUG if(ret) fprintf(stderr, "engine_table_dbg: %s:%d, nid=%d, caching " diff --git a/src/lib/libssl/src/crypto/engine/engine.h b/src/lib/libssl/src/crypto/engine/engine.h index 900f75ce8d..3ec59338ff 100644 --- a/src/lib/libssl/src/crypto/engine/engine.h +++ b/src/lib/libssl/src/crypto/engine/engine.h @@ -3,7 +3,7 @@ * project 2000. */ /* ==================================================================== - * Copyright (c) 1999-2001 The OpenSSL Project. All rights reserved. + * Copyright (c) 1999-2004 The OpenSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -55,6 +55,11 @@ * Hudson (tjh@cryptsoft.com). * */ +/* ==================================================================== + * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. + * ECDH support in OpenSSL originally developed by + * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project. + */ #ifndef HEADER_ENGINE_H #define HEADER_ENGINE_H @@ -65,7 +70,7 @@ #error ENGINE is disabled. #endif -#include +#ifndef OPENSSL_NO_DEPRECATED #include #ifndef OPENSSL_NO_RSA #include @@ -76,34 +81,36 @@ #ifndef OPENSSL_NO_DH #include #endif +#ifndef OPENSSL_NO_ECDH +#include +#endif +#ifndef OPENSSL_NO_ECDSA +#include +#endif #include +#include #include -#include #include +#endif + +#include +#include #ifdef __cplusplus extern "C" { #endif -/* Fixups for missing algorithms */ -#ifdef OPENSSL_NO_RSA -typedef void RSA_METHOD; -#endif -#ifdef OPENSSL_NO_DSA -typedef void DSA_METHOD; -#endif -#ifdef OPENSSL_NO_DH -typedef void DH_METHOD; -#endif - /* These flags are used to control combinations of algorithm (methods) * by bitwise "OR"ing. */ #define ENGINE_METHOD_RSA (unsigned int)0x0001 #define ENGINE_METHOD_DSA (unsigned int)0x0002 #define ENGINE_METHOD_DH (unsigned int)0x0004 #define ENGINE_METHOD_RAND (unsigned int)0x0008 +#define ENGINE_METHOD_ECDH (unsigned int)0x0010 +#define ENGINE_METHOD_ECDSA (unsigned int)0x0020 #define ENGINE_METHOD_CIPHERS (unsigned int)0x0040 #define ENGINE_METHOD_DIGESTS (unsigned int)0x0080 +#define ENGINE_METHOD_STORE (unsigned int)0x0100 /* Obvious all-or-nothing cases. */ #define ENGINE_METHOD_ALL (unsigned int)0xFFFF #define ENGINE_METHOD_NONE (unsigned int)0x0000 @@ -173,9 +180,15 @@ typedef void DH_METHOD; handles/connections etc. */ #define ENGINE_CTRL_SET_USER_INTERFACE 4 /* Alternative to callback */ #define ENGINE_CTRL_SET_CALLBACK_DATA 5 /* User-specific data, used - when calling the password - callback and the user - interface */ + when calling the password + callback and the user + interface */ +#define ENGINE_CTRL_LOAD_CONFIGURATION 6 /* Load a configuration, given + a string that represents a + file name or so */ +#define ENGINE_CTRL_LOAD_SECTION 7 /* Load data from a given + section in the already loaded + configuration */ /* These control commands allow an application to deal with an arbitrary engine * in a dynamic way. Warn: Negative return values indicate errors FOR THESE @@ -222,7 +235,7 @@ typedef void DH_METHOD; /* ENGINE implementations should start the numbering of their own control * commands from this value. (ie. ENGINE_CMD_BASE, ENGINE_CMD_BASE + 1, etc). */ -#define ENGINE_CMD_BASE 200 +#define ENGINE_CMD_BASE 200 /* NB: These 2 nCipher "chil" control commands are deprecated, and their * functionality is now available through ENGINE-specific control commands @@ -257,11 +270,11 @@ typedef struct ENGINE_CMD_DEFN_st } ENGINE_CMD_DEFN; /* Generic function pointer */ -typedef int (*ENGINE_GEN_FUNC_PTR)(); +typedef int (*ENGINE_GEN_FUNC_PTR)(void); /* Generic function pointer taking no arguments */ typedef int (*ENGINE_GEN_INT_FUNC_PTR)(ENGINE *); /* Specific control function pointer */ -typedef int (*ENGINE_CTRL_FUNC_PTR)(ENGINE *, int, long, void *, void (*f)()); +typedef int (*ENGINE_CTRL_FUNC_PTR)(ENGINE *, int, long, void *, void (*f)(void)); /* Generic load_key function pointer */ typedef EVP_PKEY * (*ENGINE_LOAD_KEY_PTR)(ENGINE *, const char *, UI_METHOD *ui_method, void *callback_data); @@ -305,15 +318,21 @@ ENGINE *ENGINE_by_id(const char *id); /* Add all the built-in engines. */ void ENGINE_load_openssl(void); void ENGINE_load_dynamic(void); -void ENGINE_load_cswift(void); -void ENGINE_load_chil(void); +#ifndef OPENSSL_NO_STATIC_ENGINE +void ENGINE_load_4758cca(void); +void ENGINE_load_aep(void); void ENGINE_load_atalla(void); +void ENGINE_load_chil(void); +void ENGINE_load_cswift(void); +#ifndef OPENSSL_NO_GMP +void ENGINE_load_gmp(void); +#endif void ENGINE_load_nuron(void); -void ENGINE_load_ubsec(void); -void ENGINE_load_aep(void); void ENGINE_load_sureware(void); -void ENGINE_load_4758cca(void); +void ENGINE_load_ubsec(void); +#endif void ENGINE_load_cryptodev(void); +void ENGINE_load_padlock(void); void ENGINE_load_builtin_engines(void); /* Get and set global flags (ENGINE_TABLE_FLAG_***) for the implementation @@ -337,6 +356,14 @@ int ENGINE_register_DSA(ENGINE *e); void ENGINE_unregister_DSA(ENGINE *e); void ENGINE_register_all_DSA(void); +int ENGINE_register_ECDH(ENGINE *e); +void ENGINE_unregister_ECDH(ENGINE *e); +void ENGINE_register_all_ECDH(void); + +int ENGINE_register_ECDSA(ENGINE *e); +void ENGINE_unregister_ECDSA(ENGINE *e); +void ENGINE_register_all_ECDSA(void); + int ENGINE_register_DH(ENGINE *e); void ENGINE_unregister_DH(ENGINE *e); void ENGINE_register_all_DH(void); @@ -345,6 +372,10 @@ int ENGINE_register_RAND(ENGINE *e); void ENGINE_unregister_RAND(ENGINE *e); void ENGINE_register_all_RAND(void); +int ENGINE_register_STORE(ENGINE *e); +void ENGINE_unregister_STORE(ENGINE *e); +void ENGINE_register_all_STORE(void); + int ENGINE_register_ciphers(ENGINE *e); void ENGINE_unregister_ciphers(ENGINE *e); void ENGINE_register_all_ciphers(void); @@ -367,7 +398,7 @@ int ENGINE_register_all_complete(void); * reference to an engine, but many control commands may require the engine be * functional. The caller should be aware of trying commands that require an * operational ENGINE, and only use functional references in such situations. */ -int ENGINE_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)()); +int ENGINE_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)(void)); /* This function tests if an ENGINE-specific command is usable as a "setting". * Eg. in an application's config file that gets processed through @@ -380,7 +411,7 @@ int ENGINE_cmd_is_executable(ENGINE *e, int cmd); * See the comment on ENGINE_ctrl_cmd_string() for an explanation on how to * use the cmd_name and cmd_optional. */ int ENGINE_ctrl_cmd(ENGINE *e, const char *cmd_name, - long i, void *p, void (*f)(), int cmd_optional); + long i, void *p, void (*f)(void), int cmd_optional); /* This function passes a command-name and argument to an ENGINE. The cmd_name * is converted to a command number and the control command is called using @@ -417,8 +448,11 @@ int ENGINE_set_id(ENGINE *e, const char *id); int ENGINE_set_name(ENGINE *e, const char *name); int ENGINE_set_RSA(ENGINE *e, const RSA_METHOD *rsa_meth); int ENGINE_set_DSA(ENGINE *e, const DSA_METHOD *dsa_meth); +int ENGINE_set_ECDH(ENGINE *e, const ECDH_METHOD *ecdh_meth); +int ENGINE_set_ECDSA(ENGINE *e, const ECDSA_METHOD *ecdsa_meth); int ENGINE_set_DH(ENGINE *e, const DH_METHOD *dh_meth); int ENGINE_set_RAND(ENGINE *e, const RAND_METHOD *rand_meth); +int ENGINE_set_STORE(ENGINE *e, const STORE_METHOD *store_meth); int ENGINE_set_destroy_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR destroy_f); int ENGINE_set_init_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR init_f); int ENGINE_set_finish_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR finish_f); @@ -429,11 +463,11 @@ int ENGINE_set_ciphers(ENGINE *e, ENGINE_CIPHERS_PTR f); int ENGINE_set_digests(ENGINE *e, ENGINE_DIGESTS_PTR f); int ENGINE_set_flags(ENGINE *e, int flags); int ENGINE_set_cmd_defns(ENGINE *e, const ENGINE_CMD_DEFN *defns); -/* These functions (and the "get" function lower down) allow control over any - * per-structure ENGINE data. */ +/* These functions allow control over any per-structure ENGINE data. */ int ENGINE_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func, CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func); int ENGINE_set_ex_data(ENGINE *e, int idx, void *arg); +void *ENGINE_get_ex_data(const ENGINE *e, int idx); /* This function cleans up anything that needs it. Eg. the ENGINE_add() function * automatically ensures the list cleanup function is registered to be called @@ -449,8 +483,11 @@ const char *ENGINE_get_id(const ENGINE *e); const char *ENGINE_get_name(const ENGINE *e); const RSA_METHOD *ENGINE_get_RSA(const ENGINE *e); const DSA_METHOD *ENGINE_get_DSA(const ENGINE *e); +const ECDH_METHOD *ENGINE_get_ECDH(const ENGINE *e); +const ECDSA_METHOD *ENGINE_get_ECDSA(const ENGINE *e); const DH_METHOD *ENGINE_get_DH(const ENGINE *e); const RAND_METHOD *ENGINE_get_RAND(const ENGINE *e); +const STORE_METHOD *ENGINE_get_STORE(const ENGINE *e); ENGINE_GEN_INT_FUNC_PTR ENGINE_get_destroy_function(const ENGINE *e); ENGINE_GEN_INT_FUNC_PTR ENGINE_get_init_function(const ENGINE *e); ENGINE_GEN_INT_FUNC_PTR ENGINE_get_finish_function(const ENGINE *e); @@ -463,7 +500,6 @@ const EVP_CIPHER *ENGINE_get_cipher(ENGINE *e, int nid); const EVP_MD *ENGINE_get_digest(ENGINE *e, int nid); const ENGINE_CMD_DEFN *ENGINE_get_cmd_defns(const ENGINE *e); int ENGINE_get_flags(const ENGINE *e); -void *ENGINE_get_ex_data(const ENGINE *e, int idx); /* FUNCTIONAL functions. These functions deal with ENGINE structures * that have (or will) be initialised for use. Broadly speaking, the @@ -501,6 +537,8 @@ EVP_PKEY *ENGINE_load_public_key(ENGINE *e, const char *key_id, ENGINE *ENGINE_get_default_RSA(void); /* Same for the other "methods" */ ENGINE *ENGINE_get_default_DSA(void); +ENGINE *ENGINE_get_default_ECDH(void); +ENGINE *ENGINE_get_default_ECDSA(void); ENGINE *ENGINE_get_default_DH(void); ENGINE *ENGINE_get_default_RAND(void); /* These functions can be used to get a functional reference to perform @@ -516,6 +554,8 @@ int ENGINE_set_default_RSA(ENGINE *e); int ENGINE_set_default_string(ENGINE *e, const char *def_list); /* Same for the other "methods" */ int ENGINE_set_default_DSA(ENGINE *e); +int ENGINE_set_default_ECDH(ENGINE *e); +int ENGINE_set_default_ECDSA(ENGINE *e); int ENGINE_set_default_DH(ENGINE *e); int ENGINE_set_default_RAND(ENGINE *e); int ENGINE_set_default_ciphers(ENGINE *e); @@ -538,17 +578,20 @@ void ENGINE_add_conf_module(void); /**************************/ /* Binary/behaviour compatibility levels */ -#define OSSL_DYNAMIC_VERSION (unsigned long)0x00010200 +#define OSSL_DYNAMIC_VERSION (unsigned long)0x00020000 /* Binary versions older than this are too old for us (whether we're a loader or * a loadee) */ -#define OSSL_DYNAMIC_OLDEST (unsigned long)0x00010200 +#define OSSL_DYNAMIC_OLDEST (unsigned long)0x00020000 /* When compiling an ENGINE entirely as an external shared library, loadable by * the "dynamic" ENGINE, these types are needed. The 'dynamic_fns' structure * type provides the calling application's (or library's) error functionality * and memory management function pointers to the loaded library. These should * be used/set in the loaded library code so that the loading application's - * 'state' will be used/changed in all operations. */ + * 'state' will be used/changed in all operations. The 'static_state' pointer + * allows the loaded library to know if it shares the same static data as the + * calling application (or library), and thus whether these callbacks need to be + * set or not. */ typedef void *(*dyn_MEM_malloc_cb)(size_t); typedef void *(*dyn_MEM_realloc_cb)(void *, size_t); typedef void (*dyn_MEM_free_cb)(void *); @@ -576,6 +619,7 @@ typedef struct st_dynamic_LOCK_fns { } dynamic_LOCK_fns; /* The top-level structure */ typedef struct st_dynamic_fns { + void *static_state; const ERR_FNS *err_fns; const CRYPTO_EX_DATA_IMPL *ex_data_fns; dynamic_MEM_fns mem_fns; @@ -593,7 +637,7 @@ typedef struct st_dynamic_fns { * can be fully instantiated with IMPLEMENT_DYNAMIC_CHECK_FN(). */ typedef unsigned long (*dynamic_v_check_fn)(unsigned long ossl_version); #define IMPLEMENT_DYNAMIC_CHECK_FN() \ - unsigned long v_check(unsigned long v) { \ + OPENSSL_EXPORT unsigned long v_check(unsigned long v) { \ if(v >= OSSL_DYNAMIC_OLDEST) return OSSL_DYNAMIC_VERSION; \ return 0; } @@ -615,24 +659,35 @@ typedef unsigned long (*dynamic_v_check_fn)(unsigned long ossl_version); typedef int (*dynamic_bind_engine)(ENGINE *e, const char *id, const dynamic_fns *fns); #define IMPLEMENT_DYNAMIC_BIND_FN(fn) \ + OPENSSL_EXPORT \ int bind_engine(ENGINE *e, const char *id, const dynamic_fns *fns) { \ - if (ERR_get_implementation() != fns->err_fns) \ - { \ - if(!CRYPTO_set_mem_functions(fns->mem_fns.malloc_cb, \ - fns->mem_fns.realloc_cb, fns->mem_fns.free_cb)) \ - return 0; \ - CRYPTO_set_locking_callback(fns->lock_fns.lock_locking_cb); \ - CRYPTO_set_add_lock_callback(fns->lock_fns.lock_add_lock_cb); \ - CRYPTO_set_dynlock_create_callback(fns->lock_fns.dynlock_create_cb); \ - CRYPTO_set_dynlock_lock_callback(fns->lock_fns.dynlock_lock_cb); \ - CRYPTO_set_dynlock_destroy_callback(fns->lock_fns.dynlock_destroy_cb); \ - if(!CRYPTO_set_ex_data_implementation(fns->ex_data_fns)) \ - return 0; \ - if(!ERR_set_implementation(fns->err_fns)) return 0; \ - } \ + if(ENGINE_get_static_state() == fns->static_state) goto skip_cbs; \ + if(!CRYPTO_set_mem_functions(fns->mem_fns.malloc_cb, \ + fns->mem_fns.realloc_cb, fns->mem_fns.free_cb)) \ + return 0; \ + CRYPTO_set_locking_callback(fns->lock_fns.lock_locking_cb); \ + CRYPTO_set_add_lock_callback(fns->lock_fns.lock_add_lock_cb); \ + CRYPTO_set_dynlock_create_callback(fns->lock_fns.dynlock_create_cb); \ + CRYPTO_set_dynlock_lock_callback(fns->lock_fns.dynlock_lock_cb); \ + CRYPTO_set_dynlock_destroy_callback(fns->lock_fns.dynlock_destroy_cb); \ + if(!CRYPTO_set_ex_data_implementation(fns->ex_data_fns)) \ + return 0; \ + if(!ERR_set_implementation(fns->err_fns)) return 0; \ + skip_cbs: \ if(!fn(e,id)) return 0; \ return 1; } +/* If the loading application (or library) and the loaded ENGINE library share + * the same static data (eg. they're both dynamically linked to the same + * libcrypto.so) we need a way to avoid trying to set system callbacks - this + * would fail, and for the same reason that it's unnecessary to try. If the + * loaded ENGINE has (or gets from through the loader) its own copy of the + * libcrypto static data, we will need to set the callbacks. The easiest way to + * detect this is to have a function that returns a pointer to some static data + * and let the loading application and loaded ENGINE compare their respective + * values. */ +void *ENGINE_get_static_state(void); + #if defined(__OpenBSD__) || defined(__FreeBSD__) void ENGINE_setup_bsd_cryptodev(void); #endif @@ -649,6 +704,7 @@ void ERR_load_ENGINE_strings(void); #define ENGINE_F_DYNAMIC_CTRL 180 #define ENGINE_F_DYNAMIC_GET_DATA_CTX 181 #define ENGINE_F_DYNAMIC_LOAD 182 +#define ENGINE_F_DYNAMIC_SET_DATA_CTX 183 #define ENGINE_F_ENGINE_ADD 105 #define ENGINE_F_ENGINE_BY_ID 106 #define ENGINE_F_ENGINE_CMD_IS_EXECUTABLE 170 @@ -656,7 +712,7 @@ void ERR_load_ENGINE_strings(void); #define ENGINE_F_ENGINE_CTRL_CMD 178 #define ENGINE_F_ENGINE_CTRL_CMD_STRING 171 #define ENGINE_F_ENGINE_FINISH 107 -#define ENGINE_F_ENGINE_FREE 108 +#define ENGINE_F_ENGINE_FREE_UTIL 108 #define ENGINE_F_ENGINE_GET_CIPHER 185 #define ENGINE_F_ENGINE_GET_DEFAULT_TYPE 177 #define ENGINE_F_ENGINE_GET_DIGEST 186 @@ -667,7 +723,6 @@ void ERR_load_ENGINE_strings(void); #define ENGINE_F_ENGINE_LIST_REMOVE 121 #define ENGINE_F_ENGINE_LOAD_PRIVATE_KEY 150 #define ENGINE_F_ENGINE_LOAD_PUBLIC_KEY 151 -#define ENGINE_F_ENGINE_MODULE_INIT 187 #define ENGINE_F_ENGINE_NEW 122 #define ENGINE_F_ENGINE_REMOVE 123 #define ENGINE_F_ENGINE_SET_DEFAULT_STRING 189 @@ -676,11 +731,12 @@ void ERR_load_ENGINE_strings(void); #define ENGINE_F_ENGINE_SET_NAME 130 #define ENGINE_F_ENGINE_TABLE_REGISTER 184 #define ENGINE_F_ENGINE_UNLOAD_KEY 152 +#define ENGINE_F_ENGINE_UNLOCKED_FINISH 191 #define ENGINE_F_ENGINE_UP_REF 190 #define ENGINE_F_INT_CTRL_HELPER 172 #define ENGINE_F_INT_ENGINE_CONFIGURE 188 +#define ENGINE_F_INT_ENGINE_MODULE_INIT 187 #define ENGINE_F_LOG_MESSAGE 141 -#define ENGINE_F_SET_DATA_CTX 183 /* Reason codes. */ #define ENGINE_R_ALREADY_LOADED 100 diff --git a/src/lib/libssl/src/crypto/engine/enginetest.c b/src/lib/libssl/src/crypto/engine/enginetest.c index c2d0297392..cf82f490db 100644 --- a/src/lib/libssl/src/crypto/engine/enginetest.c +++ b/src/lib/libssl/src/crypto/engine/enginetest.c @@ -72,7 +72,7 @@ int main(int argc, char *argv[]) #include #include -static void display_engine_list() +static void display_engine_list(void) { ENGINE *h; int loop; diff --git a/src/lib/libssl/src/crypto/engine/tb_cipher.c b/src/lib/libssl/src/crypto/engine/tb_cipher.c index 50b3cec1fa..177fc1fb73 100644 --- a/src/lib/libssl/src/crypto/engine/tb_cipher.c +++ b/src/lib/libssl/src/crypto/engine/tb_cipher.c @@ -52,8 +52,6 @@ * */ -#include -#include #include "eng_int.h" /* If this symbol is defined then ENGINE_get_cipher_engine(), the function that diff --git a/src/lib/libssl/src/crypto/engine/tb_dh.c b/src/lib/libssl/src/crypto/engine/tb_dh.c index e290e1702b..6e9d428761 100644 --- a/src/lib/libssl/src/crypto/engine/tb_dh.c +++ b/src/lib/libssl/src/crypto/engine/tb_dh.c @@ -52,8 +52,6 @@ * */ -#include -#include #include "eng_int.h" /* If this symbol is defined then ENGINE_get_default_DH(), the function that is diff --git a/src/lib/libssl/src/crypto/engine/tb_digest.c b/src/lib/libssl/src/crypto/engine/tb_digest.c index e82d2a17c9..d3f4bb2747 100644 --- a/src/lib/libssl/src/crypto/engine/tb_digest.c +++ b/src/lib/libssl/src/crypto/engine/tb_digest.c @@ -52,8 +52,6 @@ * */ -#include -#include #include "eng_int.h" /* If this symbol is defined then ENGINE_get_digest_engine(), the function that diff --git a/src/lib/libssl/src/crypto/engine/tb_dsa.c b/src/lib/libssl/src/crypto/engine/tb_dsa.c index 7efe181927..e4674f5f07 100644 --- a/src/lib/libssl/src/crypto/engine/tb_dsa.c +++ b/src/lib/libssl/src/crypto/engine/tb_dsa.c @@ -52,8 +52,6 @@ * */ -#include -#include #include "eng_int.h" /* If this symbol is defined then ENGINE_get_default_DSA(), the function that is diff --git a/src/lib/libssl/src/crypto/engine/tb_rand.c b/src/lib/libssl/src/crypto/engine/tb_rand.c index 69b67111bc..f36f67c0f6 100644 --- a/src/lib/libssl/src/crypto/engine/tb_rand.c +++ b/src/lib/libssl/src/crypto/engine/tb_rand.c @@ -52,8 +52,6 @@ * */ -#include -#include #include "eng_int.h" /* If this symbol is defined then ENGINE_get_default_RAND(), the function that is diff --git a/src/lib/libssl/src/crypto/engine/tb_rsa.c b/src/lib/libssl/src/crypto/engine/tb_rsa.c index fee4867f52..fbc707fd26 100644 --- a/src/lib/libssl/src/crypto/engine/tb_rsa.c +++ b/src/lib/libssl/src/crypto/engine/tb_rsa.c @@ -52,8 +52,6 @@ * */ -#include -#include #include "eng_int.h" /* If this symbol is defined then ENGINE_get_default_RSA(), the function that is diff --git a/src/lib/libssl/src/crypto/err/Makefile b/src/lib/libssl/src/crypto/err/Makefile index 4adec55302..23e38409c8 100644 --- a/src/lib/libssl/src/crypto/err/Makefile +++ b/src/lib/libssl/src/crypto/err/Makefile @@ -7,11 +7,6 @@ TOP= ../.. CC= cc INCLUDES= -I.. -I$(TOP) -I../../include CFLAG=-g -INSTALL_PREFIX= -OPENSSLDIR= /usr/local/ssl -INSTALLTOP=/usr/local/ssl -MAKEDEPPROG= makedepend -MAKEDEPEND= $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG) MAKEFILE= Makefile AR= ar r @@ -51,6 +46,7 @@ links: @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS) install: + @[ -n "$(INSTALLTOP)" ] # should be set by top Makefile... @headerlist="$(EXHEADER)"; for i in $$headerlist ; \ do \ (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \ @@ -66,6 +62,7 @@ lint: lint -DLINT $(INCLUDES) $(SRC)>fluff depend: + @[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile... $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC) dclean: @@ -81,38 +78,32 @@ err.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/buffer.h err.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h err.o: ../../include/openssl/err.h ../../include/openssl/lhash.h err.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -err.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h -err.o: ../../include/openssl/symhacks.h ../cryptlib.h err.c -err_all.o: ../../include/openssl/aes.h ../../include/openssl/asn1.h -err_all.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h +err.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h +err.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +err.o: ../cryptlib.h err.c +err_all.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h err_all.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -err_all.o: ../../include/openssl/cast.h ../../include/openssl/conf.h -err_all.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -err_all.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -err_all.o: ../../include/openssl/dsa.h ../../include/openssl/dso.h -err_all.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h -err_all.o: ../../include/openssl/engine.h ../../include/openssl/err.h -err_all.o: ../../include/openssl/evp.h ../../include/openssl/fips.h -err_all.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -err_all.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -err_all.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h -err_all.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -err_all.o: ../../include/openssl/ocsp.h ../../include/openssl/opensslconf.h -err_all.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -err_all.o: ../../include/openssl/pem2.h ../../include/openssl/pkcs12.h -err_all.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h -err_all.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -err_all.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h -err_all.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -err_all.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -err_all.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -err_all.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h +err_all.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h +err_all.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h +err_all.o: ../../include/openssl/dso.h ../../include/openssl/e_os2.h +err_all.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h +err_all.o: ../../include/openssl/ecdsa.h ../../include/openssl/engine.h +err_all.o: ../../include/openssl/err.h ../../include/openssl/evp.h +err_all.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h +err_all.o: ../../include/openssl/objects.h ../../include/openssl/ocsp.h +err_all.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h +err_all.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pem2.h +err_all.o: ../../include/openssl/pkcs12.h ../../include/openssl/pkcs7.h +err_all.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h +err_all.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +err_all.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +err_all.o: ../../include/openssl/ui.h ../../include/openssl/x509.h err_all.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h err_all.o: err_all.c err_prn.o: ../../e_os.h ../../include/openssl/bio.h err_prn.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h err_prn.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h err_prn.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h -err_prn.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h -err_prn.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -err_prn.o: ../cryptlib.h err_prn.c +err_prn.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +err_prn.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +err_prn.o: ../../include/openssl/symhacks.h ../cryptlib.h err_prn.c diff --git a/src/lib/libssl/src/crypto/err/err.c b/src/lib/libssl/src/crypto/err/err.c index 53687d79ab..b6ff070e8f 100644 --- a/src/lib/libssl/src/crypto/err/err.c +++ b/src/lib/libssl/src/crypto/err/err.c @@ -112,9 +112,9 @@ #include #include #include +#include "cryptlib.h" #include #include -#include "cryptlib.h" #include #include #include @@ -149,7 +149,7 @@ static ERR_STRING_DATA ERR_str_libraries[]= {ERR_PACK(ERR_LIB_DSO,0,0) ,"DSO support routines"}, {ERR_PACK(ERR_LIB_ENGINE,0,0) ,"engine routines"}, {ERR_PACK(ERR_LIB_OCSP,0,0) ,"OCSP routines"}, -{ERR_PACK(ERR_LIB_FIPS,0,0) ,"FIPS routines"}, +{ERR_PACK(ERR_LIB_CMS,0,0) ,"CMS routines"}, {0,NULL}, }; @@ -168,7 +168,6 @@ static ERR_STRING_DATA ERR_str_functs[]= #endif {ERR_PACK(0,SYS_F_OPENDIR,0), "opendir"}, {ERR_PACK(0,SYS_F_FREAD,0), "fread"}, - {ERR_PACK(0,SYS_F_GETADDRINFO,0), "getaddrinfo"}, {0,NULL}, }; @@ -210,6 +209,7 @@ static ERR_STRING_DATA ERR_str_reasons[]= {ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED ,"called a function you should not call"}, {ERR_R_PASSED_NULL_PARAMETER ,"passed a null parameter"}, {ERR_R_INTERNAL_ERROR ,"internal error"}, +{ERR_R_DISABLED ,"called a function that was disabled at compile-time"}, {0,NULL}, }; @@ -542,16 +542,27 @@ static ERR_STRING_DATA SYS_str_reasons[NUM_SYS_STR_REASONS + 1]; * will be returned for SYSerr(), which always gets an errno * value and never one of those 'standard' reason codes. */ -static void build_SYS_str_reasons() +static void build_SYS_str_reasons(void) { /* OPENSSL_malloc cannot be used here, use static storage instead */ static char strerror_tab[NUM_SYS_STR_REASONS][LEN_SYS_STR_REASON]; int i; static int init = 1; - if (!init) return; - + CRYPTO_r_lock(CRYPTO_LOCK_ERR); + if (!init) + { + CRYPTO_r_unlock(CRYPTO_LOCK_ERR); + return; + } + + CRYPTO_r_unlock(CRYPTO_LOCK_ERR); CRYPTO_w_lock(CRYPTO_LOCK_ERR); + if (!init) + { + CRYPTO_w_unlock(CRYPTO_LOCK_ERR); + return; + } for (i = 1; i <= NUM_SYS_STR_REASONS; i++) { @@ -583,13 +594,24 @@ static void build_SYS_str_reasons() #endif #define err_clear_data(p,i) \ + do { \ if (((p)->err_data[i] != NULL) && \ (p)->err_data_flags[i] & ERR_TXT_MALLOCED) \ { \ OPENSSL_free((p)->err_data[i]); \ (p)->err_data[i]=NULL; \ } \ - (p)->err_data_flags[i]=0; + (p)->err_data_flags[i]=0; \ + } while(0) + +#define err_clear(p,i) \ + do { \ + (p)->err_flags[i]=0; \ + (p)->err_buffer[i]=0; \ + err_clear_data(p,i); \ + (p)->err_file[i]=NULL; \ + (p)->err_line[i]= -1; \ + } while(0) static void ERR_STATE_free(ERR_STATE *s) { @@ -682,6 +704,7 @@ void ERR_put_error(int lib, int func, int reason, const char *file, es->top=(es->top+1)%ERR_NUM_ERRORS; if (es->top == es->bottom) es->bottom=(es->bottom+1)%ERR_NUM_ERRORS; + es->err_flags[es->top]=0; es->err_buffer[es->top]=ERR_PACK(lib,func,reason); es->err_file[es->top]=file; es->err_line[es->top]=line; @@ -697,10 +720,7 @@ void ERR_clear_error(void) for (i=0; ierr_buffer[i]=0; - err_clear_data(es,i); - es->err_file[i]=NULL; - es->err_line[i]= -1; + err_clear(es,i); } es->top=es->bottom=0; } @@ -937,7 +957,7 @@ static unsigned long err_hash(const void *a_void) { unsigned long ret,l; - l=((ERR_STRING_DATA *)a_void)->error; + l=((const ERR_STRING_DATA *)a_void)->error; ret=l^ERR_GET_LIB(l)^ERR_GET_FUNC(l); return(ret^ret%19*13); } @@ -945,21 +965,21 @@ static unsigned long err_hash(const void *a_void) /* static int err_cmp(ERR_STRING_DATA *a, ERR_STRING_DATA *b) */ static int err_cmp(const void *a_void, const void *b_void) { - return((int)(((ERR_STRING_DATA *)a_void)->error - - ((ERR_STRING_DATA *)b_void)->error)); + return((int)(((const ERR_STRING_DATA *)a_void)->error - + ((const ERR_STRING_DATA *)b_void)->error)); } /* static unsigned long pid_hash(ERR_STATE *a) */ static unsigned long pid_hash(const void *a_void) { - return(((ERR_STATE *)a_void)->pid*13); + return(((const ERR_STATE *)a_void)->pid*13); } /* static int pid_cmp(ERR_STATE *a, ERR_STATE *b) */ static int pid_cmp(const void *a_void, const void *b_void) { - return((int)((long)((ERR_STATE *)a_void)->pid - - (long)((ERR_STATE *)b_void)->pid)); + return((int)((long)((const ERR_STATE *)a_void)->pid - + (long)((const ERR_STATE *)b_void)->pid)); } void ERR_remove_state(unsigned long pid) @@ -1069,7 +1089,7 @@ void ERR_add_error_data(int num, ...) else str=p; } - BUF_strlcat(str,a,s+1); + BUF_strlcat(str,a,(size_t)s+1); } } ERR_set_error_data(str,ERR_TXT_MALLOCED|ERR_TXT_STRING); @@ -1077,3 +1097,33 @@ void ERR_add_error_data(int num, ...) err: va_end(args); } + +int ERR_set_mark(void) + { + ERR_STATE *es; + + es=ERR_get_state(); + + if (es->bottom == es->top) return 0; + es->err_flags[es->top]|=ERR_FLAG_MARK; + return 1; + } + +int ERR_pop_to_mark(void) + { + ERR_STATE *es; + + es=ERR_get_state(); + + while(es->bottom != es->top + && (es->err_flags[es->top] & ERR_FLAG_MARK) == 0) + { + err_clear(es,es->top); + es->top-=1; + if (es->top == -1) es->top=ERR_NUM_ERRORS-1; + } + + if (es->bottom == es->top) return 0; + es->err_flags[es->top]&=~ERR_FLAG_MARK; + return 1; + } diff --git a/src/lib/libssl/src/crypto/err/err.h b/src/lib/libssl/src/crypto/err/err.h index 2efa18866a..bf28fce492 100644 --- a/src/lib/libssl/src/crypto/err/err.h +++ b/src/lib/libssl/src/crypto/err/err.h @@ -59,11 +59,14 @@ #ifndef HEADER_ERR_H #define HEADER_ERR_H +#include + #ifndef OPENSSL_NO_FP_API #include #include #endif +#include #ifndef OPENSSL_NO_BIO #include #endif @@ -86,10 +89,13 @@ extern "C" { #define ERR_TXT_MALLOCED 0x01 #define ERR_TXT_STRING 0x02 +#define ERR_FLAG_MARK 0x01 + #define ERR_NUM_ERRORS 16 typedef struct err_state_st { unsigned long pid; + int err_flags[ERR_NUM_ERRORS]; unsigned long err_buffer[ERR_NUM_ERRORS]; char *err_data[ERR_NUM_ERRORS]; int err_data_flags[ERR_NUM_ERRORS]; @@ -131,7 +137,10 @@ typedef struct err_state_st #define ERR_LIB_OCSP 39 #define ERR_LIB_UI 40 #define ERR_LIB_COMP 41 -#define ERR_LIB_FIPS 42 +#define ERR_LIB_ECDSA 42 +#define ERR_LIB_ECDH 43 +#define ERR_LIB_STORE 44 +#define ERR_LIB_CMS 45 #define ERR_LIB_USER 128 @@ -160,7 +169,10 @@ typedef struct err_state_st #define OCSPerr(f,r) ERR_PUT_error(ERR_LIB_OCSP,(f),(r),__FILE__,__LINE__) #define UIerr(f,r) ERR_PUT_error(ERR_LIB_UI,(f),(r),__FILE__,__LINE__) #define COMPerr(f,r) ERR_PUT_error(ERR_LIB_COMP,(f),(r),__FILE__,__LINE__) -#define FIPSerr(f,r) ERR_PUT_error(ERR_LIB_FIPS,(f),(r),__FILE__,__LINE__) +#define ECDSAerr(f,r) ERR_PUT_error(ERR_LIB_ECDSA,(f),(r),__FILE__,__LINE__) +#define ECDHerr(f,r) ERR_PUT_error(ERR_LIB_ECDH,(f),(r),__FILE__,__LINE__) +#define STOREerr(f,r) ERR_PUT_error(ERR_LIB_STORE,(f),(r),__FILE__,__LINE__) +#define CMSerr(f,r) ERR_PUT_error(ERR_LIB_CMS,(f),(r),__FILE__,__LINE__) /* Borland C seems too stupid to be able to shift and do longs in * the pre-processor :-( */ @@ -185,7 +197,6 @@ typedef struct err_state_st #define SYS_F_WSASTARTUP 9 /* Winsock stuff */ #define SYS_F_OPENDIR 10 #define SYS_F_FREAD 11 -#define SYS_F_GETADDRINFO 12 /* reasons */ @@ -214,6 +225,9 @@ typedef struct err_state_st #define ERR_R_OCSP_LIB ERR_LIB_OCSP /* 39 */ #define ERR_R_UI_LIB ERR_LIB_UI /* 40 */ #define ERR_R_COMP_LIB ERR_LIB_COMP /* 41 */ +#define ERR_R_ECDSA_LIB ERR_LIB_ECDSA /* 42 */ +#define ERR_R_ECDH_LIB ERR_LIB_ECDH /* 43 */ +#define ERR_R_STORE_LIB ERR_LIB_STORE /* 44 */ #define ERR_R_NESTED_ASN1_ERROR 58 #define ERR_R_BAD_ASN1_OBJECT_HEADER 59 @@ -228,6 +242,7 @@ typedef struct err_state_st #define ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED (2|ERR_R_FATAL) #define ERR_R_PASSED_NULL_PARAMETER (3|ERR_R_FATAL) #define ERR_R_INTERNAL_ERROR (4|ERR_R_FATAL) +#define ERR_R_DISABLED (5|ERR_R_FATAL) /* 99 is the maximum possible ERR_R_... code, higher values * are reserved for the individual libraries */ @@ -286,8 +301,11 @@ void ERR_release_err_state_table(LHASH **hash); int ERR_get_next_error_library(void); -/* This opaque type encapsulates the low-level error-state functions */ -typedef struct st_ERR_FNS ERR_FNS; +int ERR_set_mark(void); +int ERR_pop_to_mark(void); + +/* Already defined in ossl_typ.h */ +/* typedef struct st_ERR_FNS ERR_FNS; */ /* An application can use this function and provide the return value to loaded * modules that should use the application's ERR state/functionality */ const ERR_FNS *ERR_get_implementation(void); diff --git a/src/lib/libssl/src/crypto/err/err_all.c b/src/lib/libssl/src/crypto/err/err_all.c index 4dc9300892..5813060ce2 100644 --- a/src/lib/libssl/src/crypto/err/err_all.c +++ b/src/lib/libssl/src/crypto/err/err_all.c @@ -73,6 +73,12 @@ #ifndef OPENSSL_NO_DSA #include #endif +#ifndef OPENSSL_NO_ECDSA +#include +#endif +#ifndef OPENSSL_NO_ECDH +#include +#endif #include #include #include @@ -85,16 +91,15 @@ #ifndef OPENSSL_NO_ENGINE #include #endif +#include #include #include -#include +#ifndef OPENSSL_NO_CMS +#include +#endif void ERR_load_crypto_strings(void) { - static int done=0; - - if (done) return; - done=1; #ifndef OPENSSL_NO_ERR ERR_load_ERR_strings(); /* include error strings for SYSerr */ ERR_load_BN_strings(); @@ -117,6 +122,12 @@ void ERR_load_crypto_strings(void) ERR_load_CRYPTO_strings(); #ifndef OPENSSL_NO_EC ERR_load_EC_strings(); +#endif +#ifndef OPENSSL_NO_ECDSA + ERR_load_ECDSA_strings(); +#endif +#ifndef OPENSSL_NO_ECDH + ERR_load_ECDH_strings(); #endif /* skip ERR_load_SSL_strings() because it is not in this library */ ERR_load_BIO_strings(); @@ -130,8 +141,8 @@ void ERR_load_crypto_strings(void) #endif ERR_load_OCSP_strings(); ERR_load_UI_strings(); +#ifndef OPENSSL_NO_CMS + ERR_load_CMS_strings(); #endif -#ifdef OPENSSL_FIPS - ERR_load_FIPS_strings(); #endif } diff --git a/src/lib/libssl/src/crypto/err/err_prn.c b/src/lib/libssl/src/crypto/err/err_prn.c index 81e34bd6ce..2224a901e5 100644 --- a/src/lib/libssl/src/crypto/err/err_prn.c +++ b/src/lib/libssl/src/crypto/err/err_prn.c @@ -57,9 +57,9 @@ */ #include +#include "cryptlib.h" #include #include -#include "cryptlib.h" #include #include @@ -86,7 +86,12 @@ void ERR_print_errors_cb(int (*cb)(const char *str, size_t len, void *u), #ifndef OPENSSL_NO_FP_API static int print_fp(const char *str, size_t len, void *fp) { - return fprintf((FILE *)fp, "%s", str); + BIO bio; + + BIO_set(&bio,BIO_s_file()); + BIO_set_fp(&bio,fp,BIO_NOCLOSE); + + return BIO_printf(&bio, "%s", str); } void ERR_print_errors_fp(FILE *fp) { diff --git a/src/lib/libssl/src/crypto/err/openssl.ec b/src/lib/libssl/src/crypto/err/openssl.ec index f8cd6937e7..1938f081ac 100644 --- a/src/lib/libssl/src/crypto/err/openssl.ec +++ b/src/lib/libssl/src/crypto/err/openssl.ec @@ -27,11 +27,16 @@ L DSO crypto/dso/dso.h crypto/dso/dso_err.c L ENGINE crypto/engine/engine.h crypto/engine/eng_err.c L OCSP crypto/ocsp/ocsp.h crypto/ocsp/ocsp_err.c L UI crypto/ui/ui.h crypto/ui/ui_err.c -L FIPS fips-1.0/fips.h fips-1.0/fips_err.h +L COMP crypto/comp/comp.h crypto/comp/comp_err.c +L ECDSA crypto/ecdsa/ecdsa.h crypto/ecdsa/ecs_err.c +L ECDH crypto/ecdh/ecdh.h crypto/ecdh/ech_err.c +L STORE crypto/store/store.h crypto/store/str_err.c +L CMS crypto/cms/cms.h crypto/cms/cms_err.c # additional header files to be scanned for function names L NONE crypto/x509/x509_vfy.h NONE L NONE crypto/ec/ec_lcl.h NONE +L NONE crypto/cms/cms_lcl.h NONE F RSAREF_F_RSA_BN2BIN diff --git a/src/lib/libssl/src/crypto/evp/Makefile b/src/lib/libssl/src/crypto/evp/Makefile index d1c2a272bb..8f2555c7e5 100644 --- a/src/lib/libssl/src/crypto/evp/Makefile +++ b/src/lib/libssl/src/crypto/evp/Makefile @@ -7,11 +7,6 @@ TOP= ../.. CC= cc INCLUDES= -I.. -I$(TOP) -I../../include CFLAG=-g -INSTALL_PREFIX= -OPENSSLDIR= /usr/local/ssl -INSTALLTOP=/usr/local/ssl -MAKEDEPPROG= makedepend -MAKEDEPEND= $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG) MAKEFILE= Makefile AR= ar r @@ -24,11 +19,11 @@ APPS= LIB=$(TOP)/libcrypto.a LIBSRC= encode.c digest.c evp_enc.c evp_key.c evp_acnf.c \ - e_des.c e_bf.c e_idea.c e_des3.c \ - e_rc4.c e_aes.c names.c \ + e_des.c e_bf.c e_idea.c e_des3.c e_camellia.c\ + e_rc4.c e_aes.c names.c e_seed.c \ e_xcbc_d.c e_rc2.c e_cast.c e_rc5.c \ m_null.c m_md2.c m_md4.c m_md5.c m_sha.c m_sha1.c \ - m_dss.c m_dss1.c m_mdc2.c m_ripemd.c \ + m_dss.c m_dss1.c m_mdc2.c m_ripemd.c m_ecdsa.c\ p_open.c p_seal.c p_sign.c p_verify.c p_lib.c p_enc.c p_dec.c \ bio_md.c bio_b64.c bio_enc.c evp_err.c e_null.c \ c_all.c c_allc.c c_alld.c evp_lib.c bio_ok.c \ @@ -36,11 +31,11 @@ LIBSRC= encode.c digest.c evp_enc.c evp_key.c evp_acnf.c \ e_old.c LIBOBJ= encode.o digest.o evp_enc.o evp_key.o evp_acnf.o \ - e_des.o e_bf.o e_idea.o e_des3.o \ - e_rc4.o e_aes.o names.o \ + e_des.o e_bf.o e_idea.o e_des3.o e_camellia.o\ + e_rc4.o e_aes.o names.o e_seed.o \ e_xcbc_d.o e_rc2.o e_cast.o e_rc5.o \ m_null.o m_md2.o m_md4.o m_md5.o m_sha.o m_sha1.o \ - m_dss.o m_dss1.o m_mdc2.o m_ripemd.o \ + m_dss.o m_dss1.o m_mdc2.o m_ripemd.o m_ecdsa.o\ p_open.o p_seal.o p_sign.o p_verify.o p_lib.o p_enc.o p_dec.o \ bio_md.o bio_b64.o bio_enc.o evp_err.o e_null.o \ c_all.o c_allc.o c_alld.o evp_lib.o bio_ok.o \ @@ -74,6 +69,7 @@ links: @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS) install: + @[ -n "$(INSTALLTOP)" ] # should be set by top Makefile... @headerlist="$(EXHEADER)"; for i in $$headerlist ; \ do \ (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \ @@ -89,6 +85,7 @@ lint: lint -DLINT $(INCLUDES) $(SRC)>fluff depend: + @[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile... $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(LIBSRC) dclean: @@ -100,977 +97,550 @@ clean: # DO NOT DELETE THIS LINE -- make depend depends on it. -bio_b64.o: ../../e_os.h ../../include/openssl/aes.h -bio_b64.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -bio_b64.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -bio_b64.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -bio_b64.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -bio_b64.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -bio_b64.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h +bio_b64.o: ../../e_os.h ../../include/openssl/asn1.h +bio_b64.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h +bio_b64.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h bio_b64.o: ../../include/openssl/err.h ../../include/openssl/evp.h -bio_b64.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -bio_b64.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -bio_b64.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h -bio_b64.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -bio_b64.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -bio_b64.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rc2.h -bio_b64.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -bio_b64.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -bio_b64.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -bio_b64.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -bio_b64.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -bio_b64.o: ../cryptlib.h bio_b64.c -bio_enc.o: ../../e_os.h ../../include/openssl/aes.h -bio_enc.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -bio_enc.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -bio_enc.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -bio_enc.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -bio_enc.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -bio_enc.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h +bio_b64.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h +bio_b64.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h +bio_b64.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +bio_b64.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +bio_b64.o: ../../include/openssl/symhacks.h ../cryptlib.h bio_b64.c +bio_enc.o: ../../e_os.h ../../include/openssl/asn1.h +bio_enc.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h +bio_enc.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h bio_enc.o: ../../include/openssl/err.h ../../include/openssl/evp.h -bio_enc.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -bio_enc.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -bio_enc.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h -bio_enc.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -bio_enc.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -bio_enc.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rc2.h -bio_enc.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -bio_enc.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -bio_enc.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -bio_enc.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -bio_enc.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -bio_enc.o: ../cryptlib.h bio_enc.c -bio_md.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h -bio_md.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -bio_md.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -bio_md.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h -bio_md.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -bio_md.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h +bio_enc.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h +bio_enc.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h +bio_enc.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +bio_enc.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +bio_enc.o: ../../include/openssl/symhacks.h ../cryptlib.h bio_enc.c +bio_md.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h +bio_md.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h bio_md.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -bio_md.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -bio_md.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -bio_md.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -bio_md.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h -bio_md.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -bio_md.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -bio_md.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -bio_md.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h -bio_md.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -bio_md.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -bio_md.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -bio_md.o: ../../include/openssl/ui_compat.h ../cryptlib.h bio_md.c -bio_ok.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h -bio_ok.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -bio_ok.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -bio_ok.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h -bio_ok.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -bio_ok.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h +bio_md.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h +bio_md.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h +bio_md.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h +bio_md.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h +bio_md.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +bio_md.o: ../cryptlib.h bio_md.c +bio_ok.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h +bio_ok.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h bio_ok.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -bio_ok.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -bio_ok.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -bio_ok.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -bio_ok.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h -bio_ok.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -bio_ok.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -bio_ok.o: ../../include/openssl/rand.h ../../include/openssl/rc2.h -bio_ok.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -bio_ok.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -bio_ok.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -bio_ok.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -bio_ok.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -bio_ok.o: ../cryptlib.h bio_ok.c -c_all.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h -c_all.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -c_all.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -c_all.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h -c_all.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -c_all.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h +bio_ok.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h +bio_ok.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h +bio_ok.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h +bio_ok.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h +bio_ok.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +bio_ok.o: ../../include/openssl/symhacks.h ../cryptlib.h bio_ok.c +c_all.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h +c_all.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h c_all.o: ../../include/openssl/e_os2.h ../../include/openssl/engine.h c_all.o: ../../include/openssl/err.h ../../include/openssl/evp.h -c_all.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -c_all.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -c_all.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h -c_all.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -c_all.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -c_all.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h -c_all.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -c_all.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h -c_all.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -c_all.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -c_all.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -c_all.o: ../../include/openssl/ui_compat.h ../cryptlib.h c_all.c -c_allc.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h -c_allc.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -c_allc.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -c_allc.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h -c_allc.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -c_allc.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -c_allc.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -c_allc.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -c_allc.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -c_allc.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -c_allc.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h +c_all.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h +c_all.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h +c_all.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +c_all.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +c_all.o: ../../include/openssl/symhacks.h ../cryptlib.h c_all.c +c_allc.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h +c_allc.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h +c_allc.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h +c_allc.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h +c_allc.o: ../../include/openssl/err.h ../../include/openssl/evp.h +c_allc.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h c_allc.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h c_allc.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h c_allc.o: ../../include/openssl/pkcs12.h ../../include/openssl/pkcs7.h -c_allc.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -c_allc.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h -c_allc.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -c_allc.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -c_allc.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -c_allc.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h -c_allc.o: ../../include/openssl/x509_vfy.h ../cryptlib.h c_allc.c -c_alld.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h -c_alld.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -c_alld.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -c_alld.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h -c_alld.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -c_alld.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -c_alld.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -c_alld.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -c_alld.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -c_alld.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -c_alld.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h +c_allc.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +c_allc.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +c_allc.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +c_allc.o: ../cryptlib.h c_allc.c +c_alld.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h +c_alld.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h +c_alld.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h +c_alld.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h +c_alld.o: ../../include/openssl/err.h ../../include/openssl/evp.h +c_alld.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h c_alld.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h c_alld.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h c_alld.o: ../../include/openssl/pkcs12.h ../../include/openssl/pkcs7.h -c_alld.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -c_alld.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h -c_alld.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -c_alld.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -c_alld.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -c_alld.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h -c_alld.o: ../../include/openssl/x509_vfy.h ../cryptlib.h c_alld.c -digest.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h -digest.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -digest.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -digest.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h -digest.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -digest.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h +c_alld.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +c_alld.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +c_alld.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +c_alld.o: ../cryptlib.h c_alld.c +digest.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h +digest.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h digest.o: ../../include/openssl/e_os2.h ../../include/openssl/engine.h digest.o: ../../include/openssl/err.h ../../include/openssl/evp.h -digest.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -digest.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -digest.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h -digest.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -digest.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -digest.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h -digest.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -digest.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h -digest.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -digest.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -digest.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -digest.o: ../../include/openssl/ui_compat.h ../cryptlib.h digest.c +digest.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h +digest.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h +digest.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +digest.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +digest.o: ../../include/openssl/symhacks.h ../cryptlib.h digest.c e_aes.o: ../../include/openssl/aes.h ../../include/openssl/asn1.h -e_aes.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -e_aes.o: ../../include/openssl/bn.h ../../include/openssl/cast.h -e_aes.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -e_aes.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -e_aes.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -e_aes.o: ../../include/openssl/err.h ../../include/openssl/evp.h -e_aes.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -e_aes.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -e_aes.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h +e_aes.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h +e_aes.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h +e_aes.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h e_aes.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h e_aes.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -e_aes.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rc2.h -e_aes.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -e_aes.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -e_aes.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -e_aes.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -e_aes.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h e_aes.c +e_aes.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h +e_aes.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h e_aes.c e_aes.o: evp_locl.h -e_bf.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h -e_bf.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -e_bf.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -e_bf.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h -e_bf.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -e_bf.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -e_bf.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -e_bf.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -e_bf.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -e_bf.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -e_bf.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h +e_bf.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h +e_bf.o: ../../include/openssl/blowfish.h ../../include/openssl/buffer.h +e_bf.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h +e_bf.o: ../../include/openssl/err.h ../../include/openssl/evp.h +e_bf.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h e_bf.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h e_bf.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -e_bf.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -e_bf.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h -e_bf.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -e_bf.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -e_bf.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -e_bf.o: ../../include/openssl/ui_compat.h ../cryptlib.h e_bf.c evp_locl.h -e_cast.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h -e_cast.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -e_cast.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -e_cast.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h -e_cast.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -e_cast.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -e_cast.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -e_cast.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -e_cast.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -e_cast.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -e_cast.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h +e_bf.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +e_bf.o: ../../include/openssl/symhacks.h ../cryptlib.h e_bf.c evp_locl.h +e_camellia.o: ../../include/openssl/opensslconf.h e_camellia.c +e_cast.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h +e_cast.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h +e_cast.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h +e_cast.o: ../../include/openssl/err.h ../../include/openssl/evp.h +e_cast.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h e_cast.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h e_cast.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -e_cast.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -e_cast.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h -e_cast.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -e_cast.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -e_cast.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -e_cast.o: ../../include/openssl/ui_compat.h ../cryptlib.h e_cast.c evp_locl.h -e_des.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h -e_des.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -e_des.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -e_des.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h +e_cast.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +e_cast.o: ../../include/openssl/symhacks.h ../cryptlib.h e_cast.c evp_locl.h +e_des.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h +e_des.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h e_des.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -e_des.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h e_des.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -e_des.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -e_des.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -e_des.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -e_des.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h -e_des.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -e_des.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -e_des.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -e_des.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h -e_des.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -e_des.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +e_des.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h +e_des.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h +e_des.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h +e_des.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h +e_des.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h e_des.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h e_des.o: ../../include/openssl/ui_compat.h ../cryptlib.h e_des.c evp_locl.h -e_des3.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h -e_des3.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -e_des3.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -e_des3.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h +e_des3.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h +e_des3.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h e_des3.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -e_des3.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h e_des3.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -e_des3.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -e_des3.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -e_des3.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -e_des3.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h -e_des3.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -e_des3.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -e_des3.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -e_des3.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h -e_des3.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -e_des3.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +e_des3.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h +e_des3.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h +e_des3.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h +e_des3.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h +e_des3.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h e_des3.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h e_des3.o: ../../include/openssl/ui_compat.h ../cryptlib.h e_des3.c evp_locl.h -e_idea.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h -e_idea.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -e_idea.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -e_idea.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h -e_idea.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -e_idea.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h +e_idea.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h +e_idea.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h e_idea.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h e_idea.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -e_idea.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -e_idea.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -e_idea.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h +e_idea.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h e_idea.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h e_idea.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -e_idea.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -e_idea.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h -e_idea.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -e_idea.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -e_idea.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -e_idea.o: ../../include/openssl/ui_compat.h ../cryptlib.h e_idea.c evp_locl.h -e_null.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h -e_null.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -e_null.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -e_null.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h -e_null.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -e_null.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h +e_idea.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +e_idea.o: ../../include/openssl/symhacks.h ../cryptlib.h e_idea.c evp_locl.h +e_null.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h +e_null.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h e_null.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -e_null.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -e_null.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -e_null.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -e_null.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h -e_null.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -e_null.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -e_null.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -e_null.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h -e_null.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -e_null.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -e_null.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -e_null.o: ../../include/openssl/ui_compat.h ../cryptlib.h e_null.c -e_old.o: ../../include/openssl/aes.h ../../include/openssl/asn1.h -e_old.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -e_old.o: ../../include/openssl/bn.h ../../include/openssl/cast.h -e_old.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -e_old.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -e_old.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -e_old.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -e_old.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -e_old.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h -e_old.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -e_old.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -e_old.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rc2.h -e_old.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -e_old.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -e_old.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -e_old.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -e_old.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h e_old.c -e_rc2.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h -e_rc2.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -e_rc2.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -e_rc2.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h -e_rc2.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -e_rc2.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h +e_null.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h +e_null.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h +e_null.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h +e_null.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h +e_null.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +e_null.o: ../cryptlib.h e_null.c +e_old.o: e_old.c +e_rc2.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h +e_rc2.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h e_rc2.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -e_rc2.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -e_rc2.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -e_rc2.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -e_rc2.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h -e_rc2.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -e_rc2.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -e_rc2.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -e_rc2.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h -e_rc2.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -e_rc2.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -e_rc2.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -e_rc2.o: ../../include/openssl/ui_compat.h ../cryptlib.h e_rc2.c evp_locl.h -e_rc4.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h -e_rc4.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -e_rc4.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -e_rc4.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h -e_rc4.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -e_rc4.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h +e_rc2.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h +e_rc2.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h +e_rc2.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h +e_rc2.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rc2.h +e_rc2.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +e_rc2.o: ../../include/openssl/symhacks.h ../cryptlib.h e_rc2.c evp_locl.h +e_rc4.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h +e_rc4.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h e_rc4.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -e_rc4.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -e_rc4.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -e_rc4.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -e_rc4.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h -e_rc4.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -e_rc4.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -e_rc4.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -e_rc4.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h -e_rc4.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -e_rc4.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -e_rc4.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -e_rc4.o: ../../include/openssl/ui_compat.h ../cryptlib.h e_rc4.c evp_locl.h -e_rc5.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h -e_rc5.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -e_rc5.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -e_rc5.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h -e_rc5.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -e_rc5.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h +e_rc4.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h +e_rc4.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h +e_rc4.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h +e_rc4.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rc4.h +e_rc4.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +e_rc4.o: ../../include/openssl/symhacks.h ../cryptlib.h e_rc4.c +e_rc5.o: ../../e_os.h ../../include/openssl/bio.h +e_rc5.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h e_rc5.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -e_rc5.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -e_rc5.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -e_rc5.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -e_rc5.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h -e_rc5.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h +e_rc5.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h e_rc5.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -e_rc5.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -e_rc5.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h -e_rc5.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -e_rc5.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -e_rc5.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -e_rc5.o: ../../include/openssl/ui_compat.h ../cryptlib.h e_rc5.c evp_locl.h -e_xcbc_d.o: ../../e_os.h ../../include/openssl/aes.h -e_xcbc_d.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -e_xcbc_d.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -e_xcbc_d.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h +e_rc5.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +e_rc5.o: ../../include/openssl/symhacks.h ../cryptlib.h e_rc5.c +e_seed.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h +e_seed.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h +e_seed.o: ../../include/openssl/err.h ../../include/openssl/evp.h +e_seed.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h +e_seed.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h +e_seed.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +e_seed.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +e_seed.o: ../../include/openssl/symhacks.h e_seed.c +e_xcbc_d.o: ../../e_os.h ../../include/openssl/asn1.h +e_xcbc_d.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h e_xcbc_d.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -e_xcbc_d.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -e_xcbc_d.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h +e_xcbc_d.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h e_xcbc_d.o: ../../include/openssl/err.h ../../include/openssl/evp.h -e_xcbc_d.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -e_xcbc_d.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -e_xcbc_d.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h -e_xcbc_d.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -e_xcbc_d.o: ../../include/openssl/opensslconf.h +e_xcbc_d.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h +e_xcbc_d.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h e_xcbc_d.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -e_xcbc_d.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -e_xcbc_d.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h -e_xcbc_d.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -e_xcbc_d.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +e_xcbc_d.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h e_xcbc_d.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h e_xcbc_d.o: ../../include/openssl/ui_compat.h ../cryptlib.h e_xcbc_d.c -encode.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h -encode.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -encode.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -encode.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h -encode.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -encode.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h +encode.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h +encode.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h encode.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -encode.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -encode.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -encode.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -encode.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h -encode.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -encode.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -encode.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -encode.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h -encode.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -encode.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -encode.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -encode.o: ../../include/openssl/ui_compat.h ../cryptlib.h encode.c -evp_acnf.o: ../../e_os.h ../../include/openssl/aes.h -evp_acnf.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -evp_acnf.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -evp_acnf.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h +encode.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h +encode.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h +encode.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h +encode.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h +encode.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +encode.o: ../cryptlib.h encode.c +evp_acnf.o: ../../e_os.h ../../include/openssl/asn1.h +evp_acnf.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h evp_acnf.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h -evp_acnf.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -evp_acnf.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h evp_acnf.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -evp_acnf.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -evp_acnf.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -evp_acnf.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -evp_acnf.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h -evp_acnf.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h +evp_acnf.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h +evp_acnf.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h +evp_acnf.o: ../../include/openssl/opensslconf.h evp_acnf.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -evp_acnf.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -evp_acnf.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h -evp_acnf.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -evp_acnf.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -evp_acnf.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -evp_acnf.o: ../../include/openssl/ui_compat.h ../cryptlib.h evp_acnf.c -evp_enc.o: ../../e_os.h ../../include/openssl/aes.h -evp_enc.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -evp_enc.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -evp_enc.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -evp_enc.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -evp_enc.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -evp_enc.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h +evp_acnf.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +evp_acnf.o: ../../include/openssl/symhacks.h ../cryptlib.h evp_acnf.c +evp_enc.o: ../../e_os.h ../../include/openssl/asn1.h +evp_enc.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h +evp_enc.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h evp_enc.o: ../../include/openssl/engine.h ../../include/openssl/err.h -evp_enc.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -evp_enc.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -evp_enc.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -evp_enc.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h -evp_enc.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -evp_enc.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -evp_enc.o: ../../include/openssl/rand.h ../../include/openssl/rc2.h -evp_enc.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -evp_enc.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -evp_enc.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -evp_enc.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -evp_enc.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -evp_enc.o: ../cryptlib.h evp_enc.c evp_locl.h -evp_err.o: ../../include/openssl/aes.h ../../include/openssl/asn1.h -evp_err.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -evp_err.o: ../../include/openssl/bn.h ../../include/openssl/cast.h -evp_err.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -evp_err.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -evp_err.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h +evp_enc.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h +evp_enc.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h +evp_enc.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h +evp_enc.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h +evp_enc.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +evp_enc.o: ../../include/openssl/symhacks.h ../cryptlib.h evp_enc.c evp_locl.h +evp_err.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h +evp_err.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h evp_err.o: ../../include/openssl/err.h ../../include/openssl/evp.h -evp_err.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -evp_err.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -evp_err.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h -evp_err.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -evp_err.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -evp_err.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rc2.h -evp_err.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -evp_err.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -evp_err.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -evp_err.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -evp_err.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -evp_err.o: evp_err.c -evp_key.o: ../../e_os.h ../../include/openssl/aes.h -evp_key.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -evp_key.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -evp_key.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -evp_key.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -evp_key.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -evp_key.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -evp_key.o: ../../include/openssl/err.h ../../include/openssl/evp.h -evp_key.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -evp_key.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -evp_key.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h +evp_err.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h +evp_err.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h +evp_err.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +evp_err.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +evp_err.o: ../../include/openssl/symhacks.h evp_err.c +evp_key.o: ../../e_os.h ../../include/openssl/asn1.h +evp_key.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h +evp_key.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h +evp_key.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h +evp_key.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h +evp_key.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h evp_key.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h evp_key.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h evp_key.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h -evp_key.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -evp_key.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h -evp_key.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -evp_key.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -evp_key.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -evp_key.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h +evp_key.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +evp_key.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +evp_key.o: ../../include/openssl/ui.h ../../include/openssl/x509.h evp_key.o: ../../include/openssl/x509_vfy.h ../cryptlib.h evp_key.c -evp_lib.o: ../../e_os.h ../../include/openssl/aes.h -evp_lib.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -evp_lib.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -evp_lib.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -evp_lib.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -evp_lib.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -evp_lib.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h +evp_lib.o: ../../e_os.h ../../include/openssl/asn1.h +evp_lib.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h +evp_lib.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h evp_lib.o: ../../include/openssl/err.h ../../include/openssl/evp.h -evp_lib.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -evp_lib.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -evp_lib.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h -evp_lib.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -evp_lib.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -evp_lib.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rc2.h -evp_lib.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -evp_lib.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -evp_lib.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -evp_lib.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -evp_lib.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -evp_lib.o: ../cryptlib.h evp_lib.c -evp_pbe.o: ../../e_os.h ../../include/openssl/aes.h -evp_pbe.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -evp_pbe.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -evp_pbe.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -evp_pbe.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -evp_pbe.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -evp_pbe.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -evp_pbe.o: ../../include/openssl/err.h ../../include/openssl/evp.h -evp_pbe.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -evp_pbe.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -evp_pbe.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h +evp_lib.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h +evp_lib.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h +evp_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +evp_lib.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +evp_lib.o: ../../include/openssl/symhacks.h ../cryptlib.h evp_lib.c +evp_pbe.o: ../../e_os.h ../../include/openssl/asn1.h +evp_pbe.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h +evp_pbe.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h +evp_pbe.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h +evp_pbe.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h +evp_pbe.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h evp_pbe.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h evp_pbe.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h evp_pbe.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h -evp_pbe.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -evp_pbe.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h -evp_pbe.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -evp_pbe.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -evp_pbe.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -evp_pbe.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h -evp_pbe.o: ../../include/openssl/x509_vfy.h ../cryptlib.h evp_pbe.c -evp_pkey.o: ../../e_os.h ../../include/openssl/aes.h -evp_pkey.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -evp_pkey.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -evp_pkey.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -evp_pkey.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -evp_pkey.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h +evp_pbe.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +evp_pbe.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +evp_pbe.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +evp_pbe.o: ../cryptlib.h evp_pbe.c +evp_pkey.o: ../../e_os.h ../../include/openssl/asn1.h +evp_pkey.o: ../../include/openssl/bio.h ../../include/openssl/bn.h +evp_pkey.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h evp_pkey.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -evp_pkey.o: ../../include/openssl/err.h ../../include/openssl/evp.h -evp_pkey.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -evp_pkey.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -evp_pkey.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h +evp_pkey.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h +evp_pkey.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h +evp_pkey.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h evp_pkey.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h evp_pkey.o: ../../include/openssl/opensslconf.h evp_pkey.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h evp_pkey.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h -evp_pkey.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -evp_pkey.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h evp_pkey.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h evp_pkey.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -evp_pkey.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -evp_pkey.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h +evp_pkey.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h evp_pkey.o: ../../include/openssl/x509_vfy.h ../cryptlib.h evp_pkey.c -m_dss.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h -m_dss.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -m_dss.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -m_dss.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h -m_dss.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -m_dss.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -m_dss.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -m_dss.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -m_dss.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -m_dss.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -m_dss.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h -m_dss.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -m_dss.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -m_dss.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -m_dss.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -m_dss.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h +m_dss.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h +m_dss.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h +m_dss.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h +m_dss.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h +m_dss.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h +m_dss.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h +m_dss.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h +m_dss.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h +m_dss.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h m_dss.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h m_dss.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -m_dss.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h m_dss.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h m_dss.o: ../cryptlib.h m_dss.c -m_dss1.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h -m_dss1.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -m_dss1.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -m_dss1.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h -m_dss1.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -m_dss1.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -m_dss1.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -m_dss1.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -m_dss1.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -m_dss1.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -m_dss1.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h -m_dss1.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -m_dss1.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -m_dss1.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -m_dss1.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -m_dss1.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h +m_dss1.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h +m_dss1.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h +m_dss1.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h +m_dss1.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h +m_dss1.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h +m_dss1.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h +m_dss1.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h +m_dss1.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h +m_dss1.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h m_dss1.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h m_dss1.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -m_dss1.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h m_dss1.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h m_dss1.o: ../cryptlib.h m_dss1.c -m_md2.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h -m_md2.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -m_md2.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -m_md2.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h -m_md2.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -m_md2.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -m_md2.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -m_md2.o: ../../include/openssl/evp.h ../../include/openssl/idea.h +m_ecdsa.o: ../../e_os.h ../../include/openssl/asn1.h +m_ecdsa.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h +m_ecdsa.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h +m_ecdsa.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h +m_ecdsa.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h +m_ecdsa.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h +m_ecdsa.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h +m_ecdsa.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h +m_ecdsa.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h +m_ecdsa.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +m_ecdsa.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +m_ecdsa.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +m_ecdsa.o: ../cryptlib.h m_ecdsa.c +m_md2.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h +m_md2.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h +m_md2.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h +m_md2.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h +m_md2.o: ../../include/openssl/err.h ../../include/openssl/evp.h m_md2.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -m_md2.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -m_md2.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h -m_md2.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -m_md2.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -m_md2.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -m_md2.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -m_md2.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -m_md2.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -m_md2.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -m_md2.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -m_md2.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -m_md2.o: ../cryptlib.h evp_locl.h m_md2.c -m_md4.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h -m_md4.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -m_md4.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -m_md4.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h -m_md4.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -m_md4.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -m_md4.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -m_md4.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -m_md4.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -m_md4.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -m_md4.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h -m_md4.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -m_md4.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -m_md4.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -m_md4.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -m_md4.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -m_md4.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -m_md4.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -m_md4.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -m_md4.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -m_md4.o: ../cryptlib.h evp_locl.h m_md4.c -m_md5.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h -m_md5.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -m_md5.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -m_md5.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h -m_md5.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -m_md5.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -m_md5.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -m_md5.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -m_md5.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -m_md5.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -m_md5.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h -m_md5.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -m_md5.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -m_md5.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -m_md5.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -m_md5.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -m_md5.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -m_md5.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -m_md5.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -m_md5.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -m_md5.o: ../cryptlib.h evp_locl.h m_md5.c -m_mdc2.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h -m_mdc2.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -m_mdc2.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -m_mdc2.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h -m_mdc2.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -m_mdc2.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h +m_md2.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h +m_md2.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h +m_md2.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h +m_md2.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h +m_md2.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +m_md2.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h +m_md2.o: ../../include/openssl/x509_vfy.h ../cryptlib.h m_md2.c +m_md4.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h +m_md4.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h +m_md4.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h +m_md4.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h +m_md4.o: ../../include/openssl/err.h ../../include/openssl/evp.h +m_md4.o: ../../include/openssl/lhash.h ../../include/openssl/md4.h +m_md4.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h +m_md4.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h +m_md4.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h +m_md4.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h +m_md4.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +m_md4.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h +m_md4.o: ../../include/openssl/x509_vfy.h ../cryptlib.h m_md4.c +m_md5.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h +m_md5.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h +m_md5.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h +m_md5.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h +m_md5.o: ../../include/openssl/err.h ../../include/openssl/evp.h +m_md5.o: ../../include/openssl/lhash.h ../../include/openssl/md5.h +m_md5.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h +m_md5.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h +m_md5.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h +m_md5.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h +m_md5.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +m_md5.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h +m_md5.o: ../../include/openssl/x509_vfy.h ../cryptlib.h m_md5.c +m_mdc2.o: ../../e_os.h ../../include/openssl/bio.h +m_mdc2.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h m_mdc2.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -m_mdc2.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -m_mdc2.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -m_mdc2.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -m_mdc2.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h -m_mdc2.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h +m_mdc2.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h m_mdc2.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -m_mdc2.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -m_mdc2.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -m_mdc2.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -m_mdc2.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -m_mdc2.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -m_mdc2.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -m_mdc2.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -m_mdc2.o: ../cryptlib.h evp_locl.h m_mdc2.c -m_null.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h -m_null.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -m_null.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -m_null.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h -m_null.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -m_null.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -m_null.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -m_null.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -m_null.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -m_null.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -m_null.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h +m_mdc2.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +m_mdc2.o: ../../include/openssl/symhacks.h ../cryptlib.h m_mdc2.c +m_null.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h +m_null.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h +m_null.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h +m_null.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h +m_null.o: ../../include/openssl/err.h ../../include/openssl/evp.h +m_null.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h m_null.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h m_null.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -m_null.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -m_null.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -m_null.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -m_null.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -m_null.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -m_null.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -m_null.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -m_null.o: ../cryptlib.h m_null.c -m_ripemd.o: ../../e_os.h ../../include/openssl/aes.h -m_ripemd.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -m_ripemd.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -m_ripemd.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -m_ripemd.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -m_ripemd.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -m_ripemd.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -m_ripemd.o: ../../include/openssl/err.h ../../include/openssl/evp.h -m_ripemd.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -m_ripemd.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -m_ripemd.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h +m_null.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h +m_null.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +m_null.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h +m_null.o: ../../include/openssl/x509_vfy.h ../cryptlib.h m_null.c +m_ripemd.o: ../../e_os.h ../../include/openssl/asn1.h +m_ripemd.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h +m_ripemd.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h +m_ripemd.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h +m_ripemd.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h +m_ripemd.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h m_ripemd.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h m_ripemd.o: ../../include/openssl/opensslconf.h m_ripemd.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -m_ripemd.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -m_ripemd.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -m_ripemd.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -m_ripemd.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -m_ripemd.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -m_ripemd.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -m_ripemd.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -m_ripemd.o: ../cryptlib.h m_ripemd.c -m_sha.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h -m_sha.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -m_sha.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -m_sha.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h -m_sha.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -m_sha.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -m_sha.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -m_sha.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -m_sha.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -m_sha.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -m_sha.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h +m_ripemd.o: ../../include/openssl/pkcs7.h ../../include/openssl/ripemd.h +m_ripemd.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h +m_ripemd.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +m_ripemd.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h +m_ripemd.o: ../../include/openssl/x509_vfy.h ../cryptlib.h m_ripemd.c +m_sha.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h +m_sha.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h +m_sha.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h +m_sha.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h +m_sha.o: ../../include/openssl/err.h ../../include/openssl/evp.h +m_sha.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h m_sha.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h m_sha.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -m_sha.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -m_sha.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -m_sha.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h +m_sha.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h m_sha.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h m_sha.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -m_sha.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h m_sha.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -m_sha.o: ../cryptlib.h evp_locl.h m_sha.c -m_sha1.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h -m_sha1.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -m_sha1.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -m_sha1.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h -m_sha1.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -m_sha1.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -m_sha1.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -m_sha1.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -m_sha1.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -m_sha1.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -m_sha1.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h +m_sha.o: ../cryptlib.h m_sha.c +m_sha1.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h +m_sha1.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h +m_sha1.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h +m_sha1.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h +m_sha1.o: ../../include/openssl/err.h ../../include/openssl/evp.h +m_sha1.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h m_sha1.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h m_sha1.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -m_sha1.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -m_sha1.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -m_sha1.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h +m_sha1.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h m_sha1.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h m_sha1.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -m_sha1.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h m_sha1.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h m_sha1.o: ../cryptlib.h m_sha1.c -names.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h -names.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -names.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -names.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h -names.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -names.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -names.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -names.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -names.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -names.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -names.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h +names.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h +names.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h +names.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h +names.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h +names.o: ../../include/openssl/err.h ../../include/openssl/evp.h +names.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h names.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h names.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -names.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -names.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -names.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -names.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -names.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -names.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -names.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -names.o: ../cryptlib.h names.c -p5_crpt.o: ../../e_os.h ../../include/openssl/aes.h -p5_crpt.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -p5_crpt.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -p5_crpt.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -p5_crpt.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -p5_crpt.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -p5_crpt.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -p5_crpt.o: ../../include/openssl/err.h ../../include/openssl/evp.h -p5_crpt.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -p5_crpt.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -p5_crpt.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h +names.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h +names.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +names.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h +names.o: ../../include/openssl/x509_vfy.h ../cryptlib.h names.c +p5_crpt.o: ../../e_os.h ../../include/openssl/asn1.h +p5_crpt.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h +p5_crpt.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h +p5_crpt.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h +p5_crpt.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h +p5_crpt.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h p5_crpt.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h p5_crpt.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h p5_crpt.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h -p5_crpt.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -p5_crpt.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h -p5_crpt.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -p5_crpt.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -p5_crpt.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -p5_crpt.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h -p5_crpt.o: ../../include/openssl/x509_vfy.h ../cryptlib.h p5_crpt.c -p5_crpt2.o: ../../e_os.h ../../include/openssl/aes.h -p5_crpt2.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -p5_crpt2.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -p5_crpt2.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -p5_crpt2.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -p5_crpt2.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -p5_crpt2.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -p5_crpt2.o: ../../include/openssl/err.h ../../include/openssl/evp.h -p5_crpt2.o: ../../include/openssl/hmac.h ../../include/openssl/idea.h -p5_crpt2.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -p5_crpt2.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -p5_crpt2.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h +p5_crpt.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +p5_crpt.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +p5_crpt.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +p5_crpt.o: ../cryptlib.h p5_crpt.c +p5_crpt2.o: ../../e_os.h ../../include/openssl/asn1.h +p5_crpt2.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h +p5_crpt2.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h +p5_crpt2.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h +p5_crpt2.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h +p5_crpt2.o: ../../include/openssl/evp.h ../../include/openssl/hmac.h +p5_crpt2.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h p5_crpt2.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h p5_crpt2.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -p5_crpt2.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -p5_crpt2.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -p5_crpt2.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -p5_crpt2.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -p5_crpt2.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -p5_crpt2.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -p5_crpt2.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -p5_crpt2.o: ../cryptlib.h p5_crpt2.c -p_dec.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h -p_dec.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -p_dec.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -p_dec.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h -p_dec.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -p_dec.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -p_dec.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -p_dec.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -p_dec.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -p_dec.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -p_dec.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h +p5_crpt2.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h +p5_crpt2.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +p5_crpt2.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h +p5_crpt2.o: ../../include/openssl/x509_vfy.h ../cryptlib.h p5_crpt2.c +p_dec.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h +p_dec.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h +p_dec.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h +p_dec.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h +p_dec.o: ../../include/openssl/err.h ../../include/openssl/evp.h +p_dec.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h p_dec.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h p_dec.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h p_dec.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h -p_dec.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -p_dec.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h p_dec.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h p_dec.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -p_dec.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -p_dec.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h +p_dec.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h p_dec.o: ../../include/openssl/x509_vfy.h ../cryptlib.h p_dec.c -p_enc.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h -p_enc.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -p_enc.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -p_enc.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h -p_enc.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -p_enc.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -p_enc.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -p_enc.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -p_enc.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -p_enc.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -p_enc.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h +p_enc.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h +p_enc.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h +p_enc.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h +p_enc.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h +p_enc.o: ../../include/openssl/err.h ../../include/openssl/evp.h +p_enc.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h p_enc.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h p_enc.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h p_enc.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h -p_enc.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -p_enc.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h p_enc.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h p_enc.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -p_enc.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -p_enc.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h +p_enc.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h p_enc.o: ../../include/openssl/x509_vfy.h ../cryptlib.h p_enc.c -p_lib.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h +p_lib.o: ../../e_os.h ../../include/openssl/asn1.h p_lib.o: ../../include/openssl/asn1_mac.h ../../include/openssl/bio.h -p_lib.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -p_lib.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -p_lib.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -p_lib.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h +p_lib.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h +p_lib.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h p_lib.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -p_lib.o: ../../include/openssl/err.h ../../include/openssl/evp.h -p_lib.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -p_lib.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -p_lib.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h +p_lib.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h +p_lib.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h +p_lib.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h p_lib.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h p_lib.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h p_lib.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h -p_lib.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -p_lib.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h p_lib.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h p_lib.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -p_lib.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -p_lib.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h +p_lib.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h p_lib.o: ../../include/openssl/x509_vfy.h ../cryptlib.h p_lib.c -p_open.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h -p_open.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -p_open.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -p_open.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h -p_open.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -p_open.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -p_open.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -p_open.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -p_open.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -p_open.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -p_open.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h +p_open.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h +p_open.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h +p_open.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h +p_open.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h +p_open.o: ../../include/openssl/err.h ../../include/openssl/evp.h +p_open.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h p_open.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h p_open.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -p_open.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -p_open.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -p_open.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h +p_open.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h p_open.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h p_open.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -p_open.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h p_open.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h p_open.o: ../cryptlib.h p_open.c -p_seal.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h -p_seal.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -p_seal.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -p_seal.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h -p_seal.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -p_seal.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -p_seal.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -p_seal.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -p_seal.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -p_seal.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -p_seal.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h +p_seal.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h +p_seal.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h +p_seal.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h +p_seal.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h +p_seal.o: ../../include/openssl/err.h ../../include/openssl/evp.h +p_seal.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h p_seal.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h p_seal.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h p_seal.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h -p_seal.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -p_seal.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h p_seal.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h p_seal.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -p_seal.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -p_seal.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h +p_seal.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h p_seal.o: ../../include/openssl/x509_vfy.h ../cryptlib.h p_seal.c -p_sign.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h -p_sign.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -p_sign.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -p_sign.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h -p_sign.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -p_sign.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -p_sign.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -p_sign.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -p_sign.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -p_sign.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -p_sign.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h +p_sign.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h +p_sign.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h +p_sign.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h +p_sign.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h +p_sign.o: ../../include/openssl/err.h ../../include/openssl/evp.h +p_sign.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h p_sign.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h p_sign.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -p_sign.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -p_sign.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -p_sign.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -p_sign.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -p_sign.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -p_sign.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -p_sign.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -p_sign.o: ../cryptlib.h p_sign.c -p_verify.o: ../../e_os.h ../../include/openssl/aes.h -p_verify.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -p_verify.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -p_verify.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -p_verify.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -p_verify.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -p_verify.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -p_verify.o: ../../include/openssl/err.h ../../include/openssl/evp.h -p_verify.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -p_verify.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -p_verify.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h +p_sign.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h +p_sign.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +p_sign.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h +p_sign.o: ../../include/openssl/x509_vfy.h ../cryptlib.h p_sign.c +p_verify.o: ../../e_os.h ../../include/openssl/asn1.h +p_verify.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h +p_verify.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h +p_verify.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h +p_verify.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h +p_verify.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h p_verify.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h p_verify.o: ../../include/openssl/opensslconf.h p_verify.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -p_verify.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -p_verify.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -p_verify.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -p_verify.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -p_verify.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -p_verify.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -p_verify.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -p_verify.o: ../cryptlib.h p_verify.c +p_verify.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h +p_verify.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +p_verify.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h +p_verify.o: ../../include/openssl/x509_vfy.h ../cryptlib.h p_verify.c diff --git a/src/lib/libssl/src/crypto/evp/bio_b64.c b/src/lib/libssl/src/crypto/evp/bio_b64.c index 33349c2f98..fa5cbc7eb1 100644 --- a/src/lib/libssl/src/crypto/evp/bio_b64.c +++ b/src/lib/libssl/src/crypto/evp/bio_b64.c @@ -165,7 +165,7 @@ static int b64_read(BIO *b, char *out, int outl) { i=ctx->buf_len-ctx->buf_off; if (i > outl) i=outl; - OPENSSL_assert(ctx->buf_off+i < sizeof ctx->buf); + OPENSSL_assert(ctx->buf_off+i < (int)sizeof(ctx->buf)); memcpy(out,&(ctx->buf[ctx->buf_off]),i); ret=i; out+=i; diff --git a/src/lib/libssl/src/crypto/evp/bio_enc.c b/src/lib/libssl/src/crypto/evp/bio_enc.c index b8cda1a9f0..f6ac94c6e1 100644 --- a/src/lib/libssl/src/crypto/evp/bio_enc.c +++ b/src/lib/libssl/src/crypto/evp/bio_enc.c @@ -405,8 +405,8 @@ EVP_CIPHER_ctx *c; } */ -void BIO_set_cipher(BIO *b, const EVP_CIPHER *c, unsigned char *k, - unsigned char *i, int e) +void BIO_set_cipher(BIO *b, const EVP_CIPHER *c, const unsigned char *k, + const unsigned char *i, int e) { BIO_ENC_CTX *ctx; diff --git a/src/lib/libssl/src/crypto/evp/bio_md.c b/src/lib/libssl/src/crypto/evp/bio_md.c index f4aa41ac4b..d648ac6da6 100644 --- a/src/lib/libssl/src/crypto/evp/bio_md.c +++ b/src/lib/libssl/src/crypto/evp/bio_md.c @@ -153,7 +153,7 @@ static int md_write(BIO *b, const char *in, int inl) { if (ret > 0) { - EVP_DigestUpdate(ctx,(unsigned char *)in, + EVP_DigestUpdate(ctx,(const unsigned char *)in, (unsigned int)ret); } } @@ -192,8 +192,13 @@ static long md_ctrl(BIO *b, int cmd, long num, void *ptr) ret=0; break; case BIO_C_GET_MD_CTX: - pctx=ptr; - *pctx=ctx; + if (b->init) + { + pctx=ptr; + *pctx=ctx; + } + else + ret=0; break; case BIO_C_SET_MD_CTX: if (b->init) diff --git a/src/lib/libssl/src/crypto/evp/bio_ok.c b/src/lib/libssl/src/crypto/evp/bio_ok.c index 4e3f10141b..98bc1ab409 100644 --- a/src/lib/libssl/src/crypto/evp/bio_ok.c +++ b/src/lib/libssl/src/crypto/evp/bio_ok.c @@ -119,6 +119,7 @@ #include #include +#include #include "cryptlib.h" #include #include @@ -141,22 +142,12 @@ static void block_in(BIO* b); #define IOBS (OK_BLOCK_SIZE+ OK_BLOCK_BLOCK+ 3*EVP_MAX_MD_SIZE) #define WELLKNOWN "The quick brown fox jumped over the lazy dog's back." -#ifndef L_ENDIAN -#define swapem(x) \ - ((unsigned long int)((((unsigned long int)(x) & 0x000000ffU) << 24) | \ - (((unsigned long int)(x) & 0x0000ff00U) << 8) | \ - (((unsigned long int)(x) & 0x00ff0000U) >> 8) | \ - (((unsigned long int)(x) & 0xff000000U) >> 24))) -#else -#define swapem(x) (x) -#endif - typedef struct ok_struct { - int buf_len; - int buf_off; - int buf_len_save; - int buf_off_save; + size_t buf_len; + size_t buf_off; + size_t buf_len_save; + size_t buf_off_save; int cont; /* <= 0 when finished */ int finished; EVP_MD_CTX md; @@ -295,6 +286,8 @@ static int ok_write(BIO *b, const char *in, int inl) int ret=0,n,i; BIO_OK_CTX *ctx; + if (inl <= 0) return inl; + ctx=(BIO_OK_CTX *)b->ptr; ret=inl; @@ -330,7 +323,7 @@ static int ok_write(BIO *b, const char *in, int inl) if ((in == NULL) || (inl <= 0)) return(0); n= (inl+ ctx->buf_len > OK_BLOCK_SIZE+ OK_BLOCK_BLOCK) ? - OK_BLOCK_SIZE+ OK_BLOCK_BLOCK- ctx->buf_len : inl; + (int)(OK_BLOCK_SIZE+OK_BLOCK_BLOCK-ctx->buf_len) : inl; memcpy((unsigned char *)(&(ctx->buf[ctx->buf_len])),(unsigned char *)in,n); ctx->buf_len+= n; @@ -448,16 +441,18 @@ static long ok_callback_ctrl(BIO *b, int cmd, bio_info_cb *fp) return(ret); } -static void longswap(void *_ptr, int len) -{ -#ifndef L_ENDIAN - int i; - char *ptr=_ptr; +static void longswap(void *_ptr, size_t len) +{ const union { long one; char little; } is_endian = {1}; - for(i= 0;i < len;i+= 4){ - *((unsigned long *)&(ptr[i]))= swapem(*((unsigned long *)&(ptr[i]))); + if (is_endian.little) { + size_t i; + unsigned char *p=_ptr,c; + + for(i= 0;i < len;i+= 4) { + c=p[0],p[0]=p[3],p[3]=c; + c=p[1],p[1]=p[2],p[2]=c; + } } -#endif } static void sig_out(BIO* b) @@ -496,7 +491,7 @@ static void sig_in(BIO* b) ctx=b->ptr; md=&ctx->md; - if(ctx->buf_len- ctx->buf_off < 2* md->digest->md_size) return; + if((int)(ctx->buf_len-ctx->buf_off) < 2*md->digest->md_size) return; EVP_DigestInit_ex(md, md->digest, NULL); memcpy(md->md_data, &(ctx->buf[ctx->buf_off]), md->digest->md_size); @@ -533,9 +528,10 @@ static void block_out(BIO* b) md=&ctx->md; tl= ctx->buf_len- OK_BLOCK_BLOCK; - tl= swapem(tl); - memcpy(ctx->buf, &tl, OK_BLOCK_BLOCK); - tl= swapem(tl); + ctx->buf[0]=(unsigned char)(tl>>24); + ctx->buf[1]=(unsigned char)(tl>>16); + ctx->buf[2]=(unsigned char)(tl>>8); + ctx->buf[3]=(unsigned char)(tl); EVP_DigestUpdate(md, (unsigned char*) &(ctx->buf[OK_BLOCK_BLOCK]), tl); EVP_DigestFinal_ex(md, &(ctx->buf[ctx->buf_len]), NULL); ctx->buf_len+= md->digest->md_size; @@ -546,14 +542,18 @@ static void block_in(BIO* b) { BIO_OK_CTX *ctx; EVP_MD_CTX *md; - long tl= 0; + unsigned long tl= 0; unsigned char tmp[EVP_MAX_MD_SIZE]; ctx=b->ptr; md=&ctx->md; - memcpy(&tl, ctx->buf, OK_BLOCK_BLOCK); - tl= swapem(tl); + assert(sizeof(tl)>=OK_BLOCK_BLOCK); /* always true */ + tl =ctx->buf[0]; tl<<=8; + tl|=ctx->buf[1]; tl<<=8; + tl|=ctx->buf[2]; tl<<=8; + tl|=ctx->buf[3]; + if (ctx->buf_len < tl+ OK_BLOCK_BLOCK+ md->digest->md_size) return; EVP_DigestUpdate(md, (unsigned char*) &(ctx->buf[OK_BLOCK_BLOCK]), tl); diff --git a/src/lib/libssl/src/crypto/evp/c_all.c b/src/lib/libssl/src/crypto/evp/c_all.c index fa60a73ead..a5da52e62d 100644 --- a/src/lib/libssl/src/crypto/evp/c_all.c +++ b/src/lib/libssl/src/crypto/evp/c_all.c @@ -74,6 +74,12 @@ void OpenSSL_add_all_algorithms(void) void OPENSSL_add_all_algorithms_noconf(void) { + /* + * For the moment OPENSSL_cpuid_setup does something + * only on IA-32, but we reserve the option for all + * platforms... + */ + OPENSSL_cpuid_setup(); OpenSSL_add_all_ciphers(); OpenSSL_add_all_digests(); #ifndef OPENSSL_NO_ENGINE diff --git a/src/lib/libssl/src/crypto/evp/c_allc.c b/src/lib/libssl/src/crypto/evp/c_allc.c index fc96812365..7054d8125d 100644 --- a/src/lib/libssl/src/crypto/evp/c_allc.c +++ b/src/lib/libssl/src/crypto/evp/c_allc.c @@ -107,6 +107,15 @@ void OpenSSL_add_all_ciphers(void) EVP_add_cipher_alias(SN_idea_cbc,"idea"); #endif +#ifndef OPENSSL_NO_SEED + EVP_add_cipher(EVP_seed_ecb()); + EVP_add_cipher(EVP_seed_cfb()); + EVP_add_cipher(EVP_seed_ofb()); + EVP_add_cipher(EVP_seed_cbc()); + EVP_add_cipher_alias(SN_seed_cbc,"SEED"); + EVP_add_cipher_alias(SN_seed_cbc,"seed"); +#endif + #ifndef OPENSSL_NO_RC2 EVP_add_cipher(EVP_rc2_ecb()); EVP_add_cipher(EVP_rc2_cfb()); @@ -183,6 +192,34 @@ void OpenSSL_add_all_ciphers(void) EVP_add_cipher_alias(SN_aes_256_cbc,"AES256"); EVP_add_cipher_alias(SN_aes_256_cbc,"aes256"); #endif + +#ifndef OPENSSL_NO_CAMELLIA + EVP_add_cipher(EVP_camellia_128_ecb()); + EVP_add_cipher(EVP_camellia_128_cbc()); + EVP_add_cipher(EVP_camellia_128_cfb()); + EVP_add_cipher(EVP_camellia_128_cfb1()); + EVP_add_cipher(EVP_camellia_128_cfb8()); + EVP_add_cipher(EVP_camellia_128_ofb()); + EVP_add_cipher_alias(SN_camellia_128_cbc,"CAMELLIA128"); + EVP_add_cipher_alias(SN_camellia_128_cbc,"camellia128"); + EVP_add_cipher(EVP_camellia_192_ecb()); + EVP_add_cipher(EVP_camellia_192_cbc()); + EVP_add_cipher(EVP_camellia_192_cfb()); + EVP_add_cipher(EVP_camellia_192_cfb1()); + EVP_add_cipher(EVP_camellia_192_cfb8()); + EVP_add_cipher(EVP_camellia_192_ofb()); + EVP_add_cipher_alias(SN_camellia_192_cbc,"CAMELLIA192"); + EVP_add_cipher_alias(SN_camellia_192_cbc,"camellia192"); + EVP_add_cipher(EVP_camellia_256_ecb()); + EVP_add_cipher(EVP_camellia_256_cbc()); + EVP_add_cipher(EVP_camellia_256_cfb()); + EVP_add_cipher(EVP_camellia_256_cfb1()); + EVP_add_cipher(EVP_camellia_256_cfb8()); + EVP_add_cipher(EVP_camellia_256_ofb()); + EVP_add_cipher_alias(SN_camellia_256_cbc,"CAMELLIA256"); + EVP_add_cipher_alias(SN_camellia_256_cbc,"camellia256"); +#endif + PKCS12_PBE_add(); PKCS5_PBE_add(); } diff --git a/src/lib/libssl/src/crypto/evp/c_alld.c b/src/lib/libssl/src/crypto/evp/c_alld.c index 929ea56a3e..d270b0ee03 100644 --- a/src/lib/libssl/src/crypto/evp/c_alld.c +++ b/src/lib/libssl/src/crypto/evp/c_alld.c @@ -91,6 +91,9 @@ void OpenSSL_add_all_digests(void) EVP_add_digest_alias(SN_dsaWithSHA1,"DSS1"); EVP_add_digest_alias(SN_dsaWithSHA1,"dss1"); #endif +#ifndef OPENSSL_NO_ECDSA + EVP_add_digest(EVP_ecdsa()); +#endif #endif #if !defined(OPENSSL_NO_MDC2) && !defined(OPENSSL_NO_DES) EVP_add_digest(EVP_mdc2()); @@ -100,7 +103,6 @@ void OpenSSL_add_all_digests(void) EVP_add_digest_alias(SN_ripemd160,"ripemd"); EVP_add_digest_alias(SN_ripemd160,"rmd160"); #endif -#ifdef OPENSSL_FIPS #ifndef OPENSSL_NO_SHA256 EVP_add_digest(EVP_sha224()); EVP_add_digest(EVP_sha256()); @@ -108,6 +110,5 @@ void OpenSSL_add_all_digests(void) #ifndef OPENSSL_NO_SHA512 EVP_add_digest(EVP_sha384()); EVP_add_digest(EVP_sha512()); -#endif #endif } diff --git a/src/lib/libssl/src/crypto/evp/digest.c b/src/lib/libssl/src/crypto/evp/digest.c index f21c63842c..762e6d3450 100644 --- a/src/lib/libssl/src/crypto/evp/digest.c +++ b/src/lib/libssl/src/crypto/evp/digest.c @@ -137,39 +137,6 @@ int EVP_DigestInit(EVP_MD_CTX *ctx, const EVP_MD *type) return EVP_DigestInit_ex(ctx, type, NULL); } -#ifdef OPENSSL_FIPS - -/* The purpose of these is to trap programs that attempt to use non FIPS - * algorithms in FIPS mode and ignore the errors. - */ - -static int bad_init(EVP_MD_CTX *ctx) - { FIPS_ERROR_IGNORED("Digest init"); return 0;} - -static int bad_update(EVP_MD_CTX *ctx,const void *data,unsigned long count) - { FIPS_ERROR_IGNORED("Digest update"); return 0;} - -static int bad_final(EVP_MD_CTX *ctx,unsigned char *md) - { FIPS_ERROR_IGNORED("Digest Final"); return 0;} - -static const EVP_MD bad_md = - { - 0, - 0, - 0, - 0, - bad_init, - bad_update, - bad_final, - NULL, - NULL, - NULL, - 0, - {0,0,0,0}, - }; - -#endif - int EVP_DigestInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl) { EVP_MD_CTX_clear_flags(ctx,EVP_MD_CTX_FLAG_CLEANED); @@ -192,7 +159,7 @@ int EVP_DigestInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl) { if (!ENGINE_init(impl)) { - EVPerr(EVP_F_EVP_DIGESTINIT, EVP_R_INITIALIZATION_ERROR); + EVPerr(EVP_F_EVP_DIGESTINIT_EX,EVP_R_INITIALIZATION_ERROR); return 0; } } @@ -206,7 +173,7 @@ int EVP_DigestInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl) if(!d) { /* Same comment from evp_enc.c */ - EVPerr(EVP_F_EVP_DIGESTINIT, EVP_R_INITIALIZATION_ERROR); + EVPerr(EVP_F_EVP_DIGESTINIT_EX,EVP_R_INITIALIZATION_ERROR); return 0; } /* We'll use the ENGINE's private digest definition */ @@ -222,24 +189,12 @@ int EVP_DigestInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl) else if(!ctx->digest) { - EVPerr(EVP_F_EVP_DIGESTINIT, EVP_R_NO_DIGEST_SET); + EVPerr(EVP_F_EVP_DIGESTINIT_EX,EVP_R_NO_DIGEST_SET); return 0; } #endif if (ctx->digest != type) { -#ifdef OPENSSL_FIPS - if (FIPS_mode()) - { - if (!(type->flags & EVP_MD_FLAG_FIPS) - && !(ctx->flags & EVP_MD_CTX_FLAG_NON_FIPS_ALLOW)) - { - EVPerr(EVP_F_EVP_DIGESTINIT, EVP_R_DISABLED_FOR_FIPS); - ctx->digest = &bad_md; - return 0; - } - } -#endif if (ctx->digest && ctx->digest->ctx_size) OPENSSL_free(ctx->md_data); ctx->digest=type; @@ -253,9 +208,9 @@ skip_to_init: } int EVP_DigestUpdate(EVP_MD_CTX *ctx, const void *data, - unsigned int count) + size_t count) { - return ctx->digest->update(ctx,data,(unsigned long)count); + return ctx->digest->update(ctx,data,count); } /* The caller can assume that this removes any secret data from the context */ @@ -296,14 +251,14 @@ int EVP_MD_CTX_copy_ex(EVP_MD_CTX *out, const EVP_MD_CTX *in) unsigned char *tmp_buf; if ((in == NULL) || (in->digest == NULL)) { - EVPerr(EVP_F_EVP_MD_CTX_COPY,EVP_R_INPUT_NOT_INITIALIZED); + EVPerr(EVP_F_EVP_MD_CTX_COPY_EX,EVP_R_INPUT_NOT_INITIALIZED); return 0; } #ifndef OPENSSL_NO_ENGINE /* Make sure it's safe to copy a digest context using an ENGINE */ if (in->engine && !ENGINE_init(in->engine)) { - EVPerr(EVP_F_EVP_MD_CTX_COPY,ERR_R_ENGINE_LIB); + EVPerr(EVP_F_EVP_MD_CTX_COPY_EX,ERR_R_ENGINE_LIB); return 0; } #endif @@ -330,7 +285,7 @@ int EVP_MD_CTX_copy_ex(EVP_MD_CTX *out, const EVP_MD_CTX *in) return 1; } -int EVP_Digest(void *data, unsigned int count, +int EVP_Digest(const void *data, size_t count, unsigned char *md, unsigned int *size, const EVP_MD *type, ENGINE *impl) { EVP_MD_CTX ctx; diff --git a/src/lib/libssl/src/crypto/evp/e_aes.c b/src/lib/libssl/src/crypto/evp/e_aes.c index 7b67984fa1..bd6c0a3a62 100644 --- a/src/lib/libssl/src/crypto/evp/e_aes.c +++ b/src/lib/libssl/src/crypto/evp/e_aes.c @@ -48,10 +48,12 @@ * */ +#include #ifndef OPENSSL_NO_AES #include #include #include +#include #include #include "evp_locl.h" @@ -67,32 +69,32 @@ typedef struct IMPLEMENT_BLOCK_CIPHER(aes_128, ks, AES, EVP_AES_KEY, NID_aes_128, 16, 16, 16, 128, - EVP_CIPH_FLAG_FIPS, aes_init_key, NULL, + 0, aes_init_key, NULL, EVP_CIPHER_set_asn1_iv, EVP_CIPHER_get_asn1_iv, NULL) IMPLEMENT_BLOCK_CIPHER(aes_192, ks, AES, EVP_AES_KEY, NID_aes_192, 16, 24, 16, 128, - EVP_CIPH_FLAG_FIPS, aes_init_key, NULL, + 0, aes_init_key, NULL, EVP_CIPHER_set_asn1_iv, EVP_CIPHER_get_asn1_iv, NULL) IMPLEMENT_BLOCK_CIPHER(aes_256, ks, AES, EVP_AES_KEY, NID_aes_256, 16, 32, 16, 128, - EVP_CIPH_FLAG_FIPS, aes_init_key, NULL, + 0, aes_init_key, NULL, EVP_CIPHER_set_asn1_iv, EVP_CIPHER_get_asn1_iv, NULL) -#define IMPLEMENT_AES_CFBR(ksize,cbits,flags) IMPLEMENT_CFBR(aes,AES,EVP_AES_KEY,ks,ksize,cbits,16,flags) +#define IMPLEMENT_AES_CFBR(ksize,cbits) IMPLEMENT_CFBR(aes,AES,EVP_AES_KEY,ks,ksize,cbits,16) -IMPLEMENT_AES_CFBR(128,1,EVP_CIPH_FLAG_FIPS) -IMPLEMENT_AES_CFBR(192,1,EVP_CIPH_FLAG_FIPS) -IMPLEMENT_AES_CFBR(256,1,EVP_CIPH_FLAG_FIPS) +IMPLEMENT_AES_CFBR(128,1) +IMPLEMENT_AES_CFBR(192,1) +IMPLEMENT_AES_CFBR(256,1) -IMPLEMENT_AES_CFBR(128,8,EVP_CIPH_FLAG_FIPS) -IMPLEMENT_AES_CFBR(192,8,EVP_CIPH_FLAG_FIPS) -IMPLEMENT_AES_CFBR(256,8,EVP_CIPH_FLAG_FIPS) +IMPLEMENT_AES_CFBR(128,8) +IMPLEMENT_AES_CFBR(192,8) +IMPLEMENT_AES_CFBR(256,8) static int aes_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, const unsigned char *iv, int enc) diff --git a/src/lib/libssl/src/crypto/evp/e_bf.c b/src/lib/libssl/src/crypto/evp/e_bf.c index e74337567b..cc224e5363 100644 --- a/src/lib/libssl/src/crypto/evp/e_bf.c +++ b/src/lib/libssl/src/crypto/evp/e_bf.c @@ -56,9 +56,9 @@ * [including the GNU Public Licence.] */ -#ifndef OPENSSL_NO_BF #include #include "cryptlib.h" +#ifndef OPENSSL_NO_BF #include #include "evp_locl.h" #include diff --git a/src/lib/libssl/src/crypto/evp/e_cast.c b/src/lib/libssl/src/crypto/evp/e_cast.c index 3400fef187..d77bcd9298 100644 --- a/src/lib/libssl/src/crypto/evp/e_cast.c +++ b/src/lib/libssl/src/crypto/evp/e_cast.c @@ -56,10 +56,10 @@ * [including the GNU Public Licence.] */ -#ifndef OPENSSL_NO_CAST - #include #include "cryptlib.h" + +#ifndef OPENSSL_NO_CAST #include #include #include "evp_locl.h" diff --git a/src/lib/libssl/src/crypto/evp/e_des.c b/src/lib/libssl/src/crypto/evp/e_des.c index 46e2899825..856323648c 100644 --- a/src/lib/libssl/src/crypto/evp/e_des.c +++ b/src/lib/libssl/src/crypto/evp/e_des.c @@ -63,9 +63,11 @@ #include #include "evp_locl.h" #include +#include static int des_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, const unsigned char *iv, int enc); +static int des_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr); /* Because of various casts and different names can't use IMPLEMENT_BLOCK_CIPHER */ @@ -127,28 +129,48 @@ static int des_cfb8_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, } BLOCK_CIPHER_defs(des, DES_key_schedule, NID_des, 8, 8, 8, 64, - EVP_CIPH_FLAG_FIPS, des_init_key, NULL, + EVP_CIPH_RAND_KEY, des_init_key, NULL, EVP_CIPHER_set_asn1_iv, EVP_CIPHER_get_asn1_iv, - NULL) + des_ctrl) BLOCK_CIPHER_def_cfb(des,DES_key_schedule,NID_des,8,8,1, - EVP_CIPH_FLAG_FIPS,des_init_key,NULL, + EVP_CIPH_RAND_KEY, des_init_key,NULL, EVP_CIPHER_set_asn1_iv, - EVP_CIPHER_get_asn1_iv,NULL) + EVP_CIPHER_get_asn1_iv,des_ctrl) BLOCK_CIPHER_def_cfb(des,DES_key_schedule,NID_des,8,8,8, - EVP_CIPH_FLAG_FIPS,des_init_key,NULL, + EVP_CIPH_RAND_KEY,des_init_key,NULL, EVP_CIPHER_set_asn1_iv, - EVP_CIPHER_get_asn1_iv,NULL) + EVP_CIPHER_get_asn1_iv,des_ctrl) static int des_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, const unsigned char *iv, int enc) { DES_cblock *deskey = (DES_cblock *)key; - +#ifdef EVP_CHECK_DES_KEY + if(DES_set_key_checked(deskey,ctx->cipher_data) != 0) + return 0; +#else DES_set_key_unchecked(deskey,ctx->cipher_data); +#endif return 1; } +static int des_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr) + { + + switch(type) + { + case EVP_CTRL_RAND_KEY: + if (RAND_bytes(ptr, 8) <= 0) + return 0; + DES_set_odd_parity((DES_cblock *)ptr); + return 1; + + default: + return -1; + } + } + #endif diff --git a/src/lib/libssl/src/crypto/evp/e_des3.c b/src/lib/libssl/src/crypto/evp/e_des3.c index 677322bf02..ac148efab2 100644 --- a/src/lib/libssl/src/crypto/evp/e_des3.c +++ b/src/lib/libssl/src/crypto/evp/e_des3.c @@ -63,6 +63,7 @@ #include #include "evp_locl.h" #include +#include static int des_ede_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, const unsigned char *iv,int enc); @@ -70,6 +71,8 @@ static int des_ede_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, static int des_ede3_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, const unsigned char *iv,int enc); +static int des3_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr); + typedef struct { DES_key_schedule ks1;/* key schedule */ @@ -85,7 +88,8 @@ static int des_ede_ecb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, unsigned int inl) { BLOCK_CIPHER_ecb_loop() - DES_ecb3_encrypt(in + i,out + i, + DES_ecb3_encrypt((const_DES_cblock *)(in + i), + (DES_cblock *)(out + i), &data(ctx)->ks1, &data(ctx)->ks2, &data(ctx)->ks3, ctx->encrypt); @@ -160,10 +164,10 @@ static int des_ede3_cfb8_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, } BLOCK_CIPHER_defs(des_ede, DES_EDE_KEY, NID_des_ede, 8, 16, 8, 64, - EVP_CIPH_FLAG_FIPS, des_ede_init_key, NULL, + EVP_CIPH_RAND_KEY, des_ede_init_key, NULL, EVP_CIPHER_set_asn1_iv, EVP_CIPHER_get_asn1_iv, - NULL) + des3_ctrl) #define des_ede3_cfb64_cipher des_ede_cfb64_cipher #define des_ede3_ofb_cipher des_ede_ofb_cipher @@ -171,28 +175,35 @@ BLOCK_CIPHER_defs(des_ede, DES_EDE_KEY, NID_des_ede, 8, 16, 8, 64, #define des_ede3_ecb_cipher des_ede_ecb_cipher BLOCK_CIPHER_defs(des_ede3, DES_EDE_KEY, NID_des_ede3, 8, 24, 8, 64, - EVP_CIPH_FLAG_FIPS, des_ede3_init_key, NULL, + EVP_CIPH_RAND_KEY, des_ede3_init_key, NULL, EVP_CIPHER_set_asn1_iv, EVP_CIPHER_get_asn1_iv, - NULL) + des3_ctrl) BLOCK_CIPHER_def_cfb(des_ede3,DES_EDE_KEY,NID_des_ede3,24,8,1, - EVP_CIPH_FLAG_FIPS, des_ede3_init_key,NULL, + EVP_CIPH_RAND_KEY, des_ede3_init_key,NULL, EVP_CIPHER_set_asn1_iv, - EVP_CIPHER_get_asn1_iv,NULL) + EVP_CIPHER_get_asn1_iv, + des3_ctrl) BLOCK_CIPHER_def_cfb(des_ede3,DES_EDE_KEY,NID_des_ede3,24,8,8, - EVP_CIPH_FLAG_FIPS, des_ede3_init_key,NULL, + EVP_CIPH_RAND_KEY, des_ede3_init_key,NULL, EVP_CIPHER_set_asn1_iv, - EVP_CIPHER_get_asn1_iv,NULL) + EVP_CIPHER_get_asn1_iv, + des3_ctrl) static int des_ede_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, const unsigned char *iv, int enc) { DES_cblock *deskey = (DES_cblock *)key; - +#ifdef EVP_CHECK_DES_KEY + if (DES_set_key_checked(&deskey[0],&data(ctx)->ks1) + !! DES_set_key_checked(&deskey[1],&data(ctx)->ks2)) + return 0; +#else DES_set_key_unchecked(&deskey[0],&data(ctx)->ks1); DES_set_key_unchecked(&deskey[1],&data(ctx)->ks2); +#endif memcpy(&data(ctx)->ks3,&data(ctx)->ks1, sizeof(data(ctx)->ks1)); return 1; @@ -213,13 +224,41 @@ static int des_ede3_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, } #endif /* KSSL_DEBUG */ +#ifdef EVP_CHECK_DES_KEY + if (DES_set_key_checked(&deskey[0],&data(ctx)->ks1) + || DES_set_key_checked(&deskey[1],&data(ctx)->ks2) + || DES_set_key_checked(&deskey[2],&data(ctx)->ks3)) + return 0; +#else DES_set_key_unchecked(&deskey[0],&data(ctx)->ks1); DES_set_key_unchecked(&deskey[1],&data(ctx)->ks2); DES_set_key_unchecked(&deskey[2],&data(ctx)->ks3); - +#endif return 1; } +static int des3_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr) + { + + DES_cblock *deskey = ptr; + + switch(type) + { + case EVP_CTRL_RAND_KEY: + if (RAND_bytes(ptr, c->key_len) <= 0) + return 0; + DES_set_odd_parity(deskey); + if (c->key_len >= 16) + DES_set_odd_parity(deskey + 1); + if (c->key_len >= 24) + DES_set_odd_parity(deskey + 2); + return 1; + + default: + return -1; + } + } + const EVP_CIPHER *EVP_des_ede(void) { return &des_ede_ecb; diff --git a/src/lib/libssl/src/crypto/evp/e_idea.c b/src/lib/libssl/src/crypto/evp/e_idea.c index b9efa75ae7..48c33a774a 100644 --- a/src/lib/libssl/src/crypto/evp/e_idea.c +++ b/src/lib/libssl/src/crypto/evp/e_idea.c @@ -56,10 +56,10 @@ * [including the GNU Public Licence.] */ -#ifndef OPENSSL_NO_IDEA - #include #include "cryptlib.h" + +#ifndef OPENSSL_NO_IDEA #include #include #include "evp_locl.h" diff --git a/src/lib/libssl/src/crypto/evp/e_null.c b/src/lib/libssl/src/crypto/evp/e_null.c index a84b0f14b1..5205259f18 100644 --- a/src/lib/libssl/src/crypto/evp/e_null.c +++ b/src/lib/libssl/src/crypto/evp/e_null.c @@ -69,13 +69,14 @@ static const EVP_CIPHER n_cipher= { NID_undef, 1,0,0, - EVP_CIPH_FLAG_FIPS, + 0, null_init_key, null_cipher, NULL, 0, NULL, NULL, + NULL, NULL }; @@ -95,7 +96,7 @@ static int null_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, unsigned int inl) { if (in != out) - memcpy((char *)out,(char *)in,(int)inl); + memcpy((char *)out,(const char *)in,(size_t)inl); return 1; } diff --git a/src/lib/libssl/src/crypto/evp/e_old.c b/src/lib/libssl/src/crypto/evp/e_old.c index 92dc498945..1642af4869 100644 --- a/src/lib/libssl/src/crypto/evp/e_old.c +++ b/src/lib/libssl/src/crypto/evp/e_old.c @@ -56,6 +56,10 @@ * */ +#ifdef OPENSSL_NO_DEPRECATED +static void *dummy = &dummy; +#else + #include /* Define some deprecated functions, so older programs @@ -66,43 +70,56 @@ #ifndef OPENSSL_NO_BF #undef EVP_bf_cfb +const EVP_CIPHER *EVP_bf_cfb(void); const EVP_CIPHER *EVP_bf_cfb(void) { return EVP_bf_cfb64(); } #endif #ifndef OPENSSL_NO_DES #undef EVP_des_cfb +const EVP_CIPHER *EVP_des_cfb(void); const EVP_CIPHER *EVP_des_cfb(void) { return EVP_des_cfb64(); } #undef EVP_des_ede3_cfb +const EVP_CIPHER *EVP_des_ede3_cfb(void); const EVP_CIPHER *EVP_des_ede3_cfb(void) { return EVP_des_ede3_cfb64(); } #undef EVP_des_ede_cfb +const EVP_CIPHER *EVP_des_ede_cfb(void); const EVP_CIPHER *EVP_des_ede_cfb(void) { return EVP_des_ede_cfb64(); } #endif #ifndef OPENSSL_NO_IDEA #undef EVP_idea_cfb +const EVP_CIPHER *EVP_idea_cfb(void); const EVP_CIPHER *EVP_idea_cfb(void) { return EVP_idea_cfb64(); } #endif #ifndef OPENSSL_NO_RC2 #undef EVP_rc2_cfb +const EVP_CIPHER *EVP_rc2_cfb(void); const EVP_CIPHER *EVP_rc2_cfb(void) { return EVP_rc2_cfb64(); } #endif #ifndef OPENSSL_NO_CAST #undef EVP_cast5_cfb +const EVP_CIPHER *EVP_cast5_cfb(void); const EVP_CIPHER *EVP_cast5_cfb(void) { return EVP_cast5_cfb64(); } #endif #ifndef OPENSSL_NO_RC5 #undef EVP_rc5_32_12_16_cfb +const EVP_CIPHER *EVP_rc5_32_12_16_cfb(void); const EVP_CIPHER *EVP_rc5_32_12_16_cfb(void) { return EVP_rc5_32_12_16_cfb64(); } #endif #ifndef OPENSSL_NO_AES #undef EVP_aes_128_cfb +const EVP_CIPHER *EVP_aes_128_cfb(void); const EVP_CIPHER *EVP_aes_128_cfb(void) { return EVP_aes_128_cfb128(); } #undef EVP_aes_192_cfb +const EVP_CIPHER *EVP_aes_192_cfb(void); const EVP_CIPHER *EVP_aes_192_cfb(void) { return EVP_aes_192_cfb128(); } #undef EVP_aes_256_cfb +const EVP_CIPHER *EVP_aes_256_cfb(void); const EVP_CIPHER *EVP_aes_256_cfb(void) { return EVP_aes_256_cfb128(); } #endif + +#endif diff --git a/src/lib/libssl/src/crypto/evp/e_rc2.c b/src/lib/libssl/src/crypto/evp/e_rc2.c index d42cbfd17e..d37726ffae 100644 --- a/src/lib/libssl/src/crypto/evp/e_rc2.c +++ b/src/lib/libssl/src/crypto/evp/e_rc2.c @@ -56,10 +56,11 @@ * [including the GNU Public Licence.] */ -#ifndef OPENSSL_NO_RC2 - #include #include "cryptlib.h" + +#ifndef OPENSSL_NO_RC2 + #include #include #include "evp_locl.h" @@ -167,16 +168,17 @@ static int rc2_magic_to_meth(int i) static int rc2_get_asn1_type_and_iv(EVP_CIPHER_CTX *c, ASN1_TYPE *type) { long num=0; - int i=0,l; + int i=0; int key_bits; + unsigned int l; unsigned char iv[EVP_MAX_IV_LENGTH]; if (type != NULL) { l=EVP_CIPHER_CTX_iv_length(c); - OPENSSL_assert(l <= sizeof iv); + OPENSSL_assert(l <= sizeof(iv)); i=ASN1_TYPE_get_int_octetstring(type,&num,iv,l); - if (i != l) + if (i != (int)l) return(-1); key_bits =rc2_magic_to_meth((int)num); if (!key_bits) diff --git a/src/lib/libssl/src/crypto/evp/e_rc4.c b/src/lib/libssl/src/crypto/evp/e_rc4.c index 8aa70585b9..67af850bea 100644 --- a/src/lib/libssl/src/crypto/evp/e_rc4.c +++ b/src/lib/libssl/src/crypto/evp/e_rc4.c @@ -56,13 +56,13 @@ * [including the GNU Public Licence.] */ -#ifndef OPENSSL_NO_RC4 - #include #include "cryptlib.h" + +#ifndef OPENSSL_NO_RC4 + #include #include -#include "evp_locl.h" #include /* FIXME: surely this is available elsewhere? */ @@ -90,6 +90,7 @@ static const EVP_CIPHER r4_cipher= sizeof(EVP_RC4_KEY), NULL, NULL, + NULL, NULL }; @@ -104,6 +105,7 @@ static const EVP_CIPHER r4_40_cipher= sizeof(EVP_RC4_KEY), NULL, NULL, + NULL, NULL }; diff --git a/src/lib/libssl/src/crypto/evp/e_rc5.c b/src/lib/libssl/src/crypto/evp/e_rc5.c index 3c7713b181..19a10c6402 100644 --- a/src/lib/libssl/src/crypto/evp/e_rc5.c +++ b/src/lib/libssl/src/crypto/evp/e_rc5.c @@ -56,10 +56,11 @@ * [including the GNU Public Licence.] */ -#ifndef OPENSSL_NO_RC5 - #include #include "cryptlib.h" + +#ifndef OPENSSL_NO_RC5 + #include #include #include "evp_locl.h" diff --git a/src/lib/libssl/src/crypto/evp/e_xcbc_d.c b/src/lib/libssl/src/crypto/evp/e_xcbc_d.c index a6f849e93d..8832da2433 100644 --- a/src/lib/libssl/src/crypto/evp/e_xcbc_d.c +++ b/src/lib/libssl/src/crypto/evp/e_xcbc_d.c @@ -56,9 +56,11 @@ * [including the GNU Public Licence.] */ -#ifndef OPENSSL_NO_DES #include #include "cryptlib.h" + +#ifndef OPENSSL_NO_DES + #include #include #include @@ -89,6 +91,7 @@ static const EVP_CIPHER d_xcbc_cipher= sizeof(DESX_CBC_KEY), EVP_CIPHER_set_asn1_iv, EVP_CIPHER_get_asn1_iv, + NULL, NULL }; diff --git a/src/lib/libssl/src/crypto/evp/encode.c b/src/lib/libssl/src/crypto/evp/encode.c index 33e540087d..5921f0d710 100644 --- a/src/lib/libssl/src/crypto/evp/encode.c +++ b/src/lib/libssl/src/crypto/evp/encode.c @@ -129,14 +129,14 @@ void EVP_EncodeInit(EVP_ENCODE_CTX *ctx) } void EVP_EncodeUpdate(EVP_ENCODE_CTX *ctx, unsigned char *out, int *outl, - unsigned char *in, int inl) + const unsigned char *in, int inl) { int i,j; unsigned int total=0; *outl=0; if (inl == 0) return; - OPENSSL_assert(ctx->length <= sizeof ctx->enc_data); + OPENSSL_assert(ctx->length <= (int)sizeof(ctx->enc_data)); if ((ctx->num+inl) < ctx->length) { memcpy(&(ctx->enc_data[ctx->num]),in,inl); @@ -233,7 +233,7 @@ void EVP_DecodeInit(EVP_ENCODE_CTX *ctx) * 1 for full line */ int EVP_DecodeUpdate(EVP_ENCODE_CTX *ctx, unsigned char *out, int *outl, - unsigned char *in, int inl) + const unsigned char *in, int inl) { int seof= -1,eof=0,rv= -1,ret=0,i,v,tmp,n,ln,tmp2,exp_nl; unsigned char *d; @@ -259,7 +259,7 @@ int EVP_DecodeUpdate(EVP_ENCODE_CTX *ctx, unsigned char *out, int *outl, /* only save the good data :-) */ if (!B64_NOT_BASE64(v)) { - OPENSSL_assert(n < sizeof ctx->enc_data); + OPENSSL_assert(n < (int)sizeof(ctx->enc_data)); d[n++]=tmp; ln++; } @@ -323,8 +323,8 @@ int EVP_DecodeUpdate(EVP_ENCODE_CTX *ctx, unsigned char *out, int *outl, if (n > 0) { v=EVP_DecodeBlock(out,d,n); - if (v < 0) { rv=0; goto end; } n=0; + if (v < 0) { rv=0; goto end; } ret+=(v-eof); } else diff --git a/src/lib/libssl/src/crypto/evp/evp.h b/src/lib/libssl/src/crypto/evp/evp.h index 56eec23fef..bdd3b7ecaa 100644 --- a/src/lib/libssl/src/crypto/evp/evp.h +++ b/src/lib/libssl/src/crypto/evp/evp.h @@ -74,56 +74,6 @@ #ifndef OPENSSL_NO_BIO #include #endif -#ifndef OPENSSL_NO_MD2 -#include -#endif -#ifndef OPENSSL_NO_MD4 -#include -#endif -#ifndef OPENSSL_NO_MD5 -#include -#endif -#ifndef OPENSSL_NO_SHA -#ifndef OPENSSL_FIPS -#include -#else -#include -#endif -#endif -#ifndef OPENSSL_NO_RIPEMD -#include -#endif -#ifndef OPENSSL_NO_DES -#include -#endif -#ifndef OPENSSL_NO_RC4 -#include -#endif -#ifndef OPENSSL_NO_RC2 -#include -#endif -#ifndef OPENSSL_NO_RC5 -#include -#endif -#ifndef OPENSSL_NO_BF -#include -#endif -#ifndef OPENSSL_NO_CAST -#include -#endif -#ifndef OPENSSL_NO_IDEA -#include -#endif -#ifndef OPENSSL_NO_MDC2 -#include -#endif -#ifndef OPENSSL_NO_AES -#include -#endif - -#ifdef OPENSSL_FIPS -#include -#endif /* #define EVP_RC2_KEY_SIZE 16 @@ -132,11 +82,7 @@ #define EVP_CAST5_KEY_SIZE 16 #define EVP_RC5_32_12_16_KEY_SIZE 16 */ -#ifdef OPENSSL_FIPS -#define EVP_MAX_MD_SIZE 64 /* longest known SHA512 */ -#else -#define EVP_MAX_MD_SIZE (16+20) /* The SSLv3 md5+sha1 type */ -#endif +#define EVP_MAX_MD_SIZE 64 /* longest known is SHA512 */ #define EVP_MAX_KEY_LENGTH 32 #define EVP_MAX_IV_LENGTH 16 #define EVP_MAX_BLOCK_LENGTH 32 @@ -145,28 +91,18 @@ /* Default PKCS#5 iteration count */ #define PKCS5_DEFAULT_ITER 2048 -#ifndef OPENSSL_NO_RSA -#include -#endif - -#ifndef OPENSSL_NO_DSA -#include -#endif - -#ifndef OPENSSL_NO_DH -#include -#endif - #include #define EVP_PK_RSA 0x0001 #define EVP_PK_DSA 0x0002 #define EVP_PK_DH 0x0004 +#define EVP_PK_EC 0x0008 #define EVP_PKT_SIGN 0x0010 #define EVP_PKT_ENC 0x0020 #define EVP_PKT_EXCH 0x0040 #define EVP_PKS_RSA 0x0100 #define EVP_PKS_DSA 0x0200 +#define EVP_PKS_EC 0x0400 #define EVP_PKT_EXP 0x1000 /* <= 512 bit key */ #define EVP_PKEY_NONE NID_undef @@ -178,6 +114,7 @@ #define EVP_PKEY_DSA3 NID_dsaWithSHA1 #define EVP_PKEY_DSA4 NID_dsaWithSHA1_2 #define EVP_PKEY_DH NID_dhKeyAgreement +#define EVP_PKEY_EC NID_X9_62_id_ecPublicKey #ifdef __cplusplus extern "C" { @@ -201,6 +138,9 @@ struct evp_pkey_st #endif #ifndef OPENSSL_NO_DH struct dh_st *dh; /* DH */ +#endif +#ifndef OPENSSL_NO_EC + struct ec_key_st *ec; /* ECC */ #endif } pkey; int save_parameters; @@ -287,39 +227,58 @@ struct env_md_st int md_size; unsigned long flags; int (*init)(EVP_MD_CTX *ctx); - int (*update)(EVP_MD_CTX *ctx,const void *data,unsigned long count); + int (*update)(EVP_MD_CTX *ctx,const void *data,size_t count); int (*final)(EVP_MD_CTX *ctx,unsigned char *md); int (*copy)(EVP_MD_CTX *to,const EVP_MD_CTX *from); int (*cleanup)(EVP_MD_CTX *ctx); /* FIXME: prototype these some day */ - int (*sign)(); - int (*verify)(); + int (*sign)(int type, const unsigned char *m, unsigned int m_length, + unsigned char *sigret, unsigned int *siglen, void *key); + int (*verify)(int type, const unsigned char *m, unsigned int m_length, + const unsigned char *sigbuf, unsigned int siglen, + void *key); int required_pkey_type[5]; /*EVP_PKEY_xxx */ int block_size; int ctx_size; /* how big does the ctx->md_data need to be */ } /* EVP_MD */; +typedef int evp_sign_method(int type,const unsigned char *m, + unsigned int m_length,unsigned char *sigret, + unsigned int *siglen, void *key); +typedef int evp_verify_method(int type,const unsigned char *m, + unsigned int m_length,const unsigned char *sigbuf, + unsigned int siglen, void *key); + #define EVP_MD_FLAG_ONESHOT 0x0001 /* digest can only handle a single * block */ -#define EVP_MD_FLAG_FIPS 0x0400 /* Note if suitable for use in FIPS mode */ #define EVP_PKEY_NULL_method NULL,NULL,{0,0,0,0} #ifndef OPENSSL_NO_DSA -#define EVP_PKEY_DSA_method DSA_sign,DSA_verify, \ +#define EVP_PKEY_DSA_method (evp_sign_method *)DSA_sign, \ + (evp_verify_method *)DSA_verify, \ {EVP_PKEY_DSA,EVP_PKEY_DSA2,EVP_PKEY_DSA3, \ EVP_PKEY_DSA4,0} #else #define EVP_PKEY_DSA_method EVP_PKEY_NULL_method #endif +#ifndef OPENSSL_NO_ECDSA +#define EVP_PKEY_ECDSA_method (evp_sign_method *)ECDSA_sign, \ + (evp_verify_method *)ECDSA_verify, \ + {EVP_PKEY_EC,0,0,0} +#else +#define EVP_PKEY_ECDSA_method EVP_PKEY_NULL_method +#endif + #ifndef OPENSSL_NO_RSA -#define EVP_PKEY_RSA_method RSA_sign,RSA_verify, \ +#define EVP_PKEY_RSA_method (evp_sign_method *)RSA_sign, \ + (evp_verify_method *)RSA_verify, \ {EVP_PKEY_RSA,EVP_PKEY_RSA2,0,0} #define EVP_PKEY_RSA_ASN1_OCTET_STRING_method \ - RSA_sign_ASN1_OCTET_STRING, \ - RSA_verify_ASN1_OCTET_STRING, \ + (evp_sign_method *)RSA_sign_ASN1_OCTET_STRING, \ + (evp_verify_method *)RSA_verify_ASN1_OCTET_STRING, \ {EVP_PKEY_RSA,EVP_PKEY_RSA2,0,0} #else #define EVP_PKEY_RSA_method EVP_PKEY_NULL_method @@ -345,9 +304,6 @@ struct env_md_ctx_st #define EVP_MD_CTX_FLAG_REUSE 0x0004 /* Don't free up ctx->md_data * in EVP_MD_CTX_cleanup */ -#define EVP_MD_CTX_FLAG_NON_FIPS_ALLOW 0x0008 /* Allow use of non FIPS digest - * in FIPS mode */ - struct evp_cipher_st { int nid; @@ -389,10 +345,8 @@ struct evp_cipher_st #define EVP_CIPH_CUSTOM_KEY_LENGTH 0x80 /* Don't use standard block padding */ #define EVP_CIPH_NO_PADDING 0x100 -/* Note if suitable for use in FIPS mode */ -#define EVP_CIPH_FLAG_FIPS 0x400 -/* Allow non FIPS cipher in FIPS mode */ -#define EVP_CIPH_FLAG_NON_FIPS_ALLOW 0x800 +/* cipher handles random key generation */ +#define EVP_CIPH_RAND_KEY 0x200 /* ctrl() values */ @@ -402,6 +356,7 @@ struct evp_cipher_st #define EVP_CTRL_SET_RC2_KEY_BITS 0x3 #define EVP_CTRL_GET_RC5_ROUNDS 0x4 #define EVP_CTRL_SET_RC5_ROUNDS 0x5 +#define EVP_CTRL_RAND_KEY 0x6 typedef struct evp_cipher_info_st { @@ -463,45 +418,47 @@ typedef int (EVP_PBE_KEYGEN)(EVP_CIPHER_CTX *ctx, const char *pass, int passlen, (char *)(dh)) #endif +#ifndef OPENSSL_NO_EC +#define EVP_PKEY_assign_EC_KEY(pkey,eckey) EVP_PKEY_assign((pkey),EVP_PKEY_EC,\ + (char *)(eckey)) +#endif + /* Add some extra combinations */ #define EVP_get_digestbynid(a) EVP_get_digestbyname(OBJ_nid2sn(a)) #define EVP_get_digestbyobj(a) EVP_get_digestbynid(OBJ_obj2nid(a)) #define EVP_get_cipherbynid(a) EVP_get_cipherbyname(OBJ_nid2sn(a)) #define EVP_get_cipherbyobj(a) EVP_get_cipherbynid(OBJ_obj2nid(a)) -#define EVP_MD_type(e) ((e)->type) +int EVP_MD_type(const EVP_MD *md); #define EVP_MD_nid(e) EVP_MD_type(e) #define EVP_MD_name(e) OBJ_nid2sn(EVP_MD_nid(e)) -#define EVP_MD_pkey_type(e) ((e)->pkey_type) -#define EVP_MD_size(e) ((e)->md_size) -#define EVP_MD_block_size(e) ((e)->block_size) +int EVP_MD_pkey_type(const EVP_MD *md); +int EVP_MD_size(const EVP_MD *md); +int EVP_MD_block_size(const EVP_MD *md); -#define EVP_MD_CTX_md(e) ((e)->digest) -#define EVP_MD_CTX_size(e) EVP_MD_size((e)->digest) -#define EVP_MD_CTX_block_size(e) EVP_MD_block_size((e)->digest) -#define EVP_MD_CTX_type(e) EVP_MD_type((e)->digest) +const EVP_MD * EVP_MD_CTX_md(const EVP_MD_CTX *ctx); +#define EVP_MD_CTX_size(e) EVP_MD_size(EVP_MD_CTX_md(e)) +#define EVP_MD_CTX_block_size(e) EVP_MD_block_size(EVP_MD_CTX_md(e)) +#define EVP_MD_CTX_type(e) EVP_MD_type(EVP_MD_CTX_md(e)) -#define EVP_CIPHER_nid(e) ((e)->nid) +int EVP_CIPHER_nid(const EVP_CIPHER *cipher); #define EVP_CIPHER_name(e) OBJ_nid2sn(EVP_CIPHER_nid(e)) -#define EVP_CIPHER_block_size(e) ((e)->block_size) -#define EVP_CIPHER_key_length(e) ((e)->key_len) -#define EVP_CIPHER_iv_length(e) ((e)->iv_len) -#define EVP_CIPHER_flags(e) ((e)->flags) -#define EVP_CIPHER_mode(e) (((e)->flags) & EVP_CIPH_MODE) - -#define EVP_CIPHER_CTX_cipher(e) ((e)->cipher) -#define EVP_CIPHER_CTX_nid(e) ((e)->cipher->nid) -#define EVP_CIPHER_CTX_block_size(e) ((e)->cipher->block_size) -#define EVP_CIPHER_CTX_key_length(e) ((e)->key_len) -#define EVP_CIPHER_CTX_iv_length(e) ((e)->cipher->iv_len) -#define EVP_CIPHER_CTX_get_app_data(e) ((e)->app_data) -#define EVP_CIPHER_CTX_set_app_data(e,d) ((e)->app_data=(char *)(d)) +int EVP_CIPHER_block_size(const EVP_CIPHER *cipher); +int EVP_CIPHER_key_length(const EVP_CIPHER *cipher); +int EVP_CIPHER_iv_length(const EVP_CIPHER *cipher); +unsigned long EVP_CIPHER_flags(const EVP_CIPHER *cipher); +#define EVP_CIPHER_mode(e) (EVP_CIPHER_flags(e) & EVP_CIPH_MODE) + +const EVP_CIPHER * EVP_CIPHER_CTX_cipher(const EVP_CIPHER_CTX *ctx); +int EVP_CIPHER_CTX_nid(const EVP_CIPHER_CTX *ctx); +int EVP_CIPHER_CTX_block_size(const EVP_CIPHER_CTX *ctx); +int EVP_CIPHER_CTX_key_length(const EVP_CIPHER_CTX *ctx); +int EVP_CIPHER_CTX_iv_length(const EVP_CIPHER_CTX *ctx); +void * EVP_CIPHER_CTX_get_app_data(const EVP_CIPHER_CTX *ctx); +void EVP_CIPHER_CTX_set_app_data(EVP_CIPHER_CTX *ctx, void *data); #define EVP_CIPHER_CTX_type(c) EVP_CIPHER_type(EVP_CIPHER_CTX_cipher(c)) -#define EVP_CIPHER_CTX_flags(e) ((e)->cipher->flags) -#define EVP_CIPHER_CTX_set_flags(ctx,flgs) ((ctx)->flags|=(flgs)) -#define EVP_CIPHER_CTX_clear_flags(ctx,flgs) ((ctx)->flags&=~(flgs)) -#define EVP_CIPHER_CTX_test_flags(ctx,flgs) ((ctx)->flags&(flgs)) -#define EVP_CIPHER_CTX_mode(e) ((e)->cipher->flags & EVP_CIPH_MODE) +unsigned long EVP_CIPHER_CTX_flags(const EVP_CIPHER_CTX *ctx); +#define EVP_CIPHER_CTX_mode(e) (EVP_CIPHER_CTX_flags(e) & EVP_CIPH_MODE) #define EVP_ENCODE_LENGTH(l) (((l+2)/3*4)+(l/48+1)*2+80) #define EVP_DECODE_LENGTH(l) ((l+3)/4*3+80) @@ -526,7 +483,10 @@ void BIO_set_md(BIO *,const EVP_MD *md); #define BIO_get_cipher_status(b) BIO_ctrl(b,BIO_C_GET_CIPHER_STATUS,0,NULL) #define BIO_get_cipher_ctx(b,c_pp) BIO_ctrl(b,BIO_C_GET_CIPHER_CTX,0,(char *)c_pp) -#define EVP_Cipher(c,o,i,l) (c)->cipher->do_cipher((c),(o),(i),(l)) +int EVP_Cipher(EVP_CIPHER_CTX *c, + unsigned char *out, + const unsigned char *in, + unsigned int inl); #define EVP_add_cipher_alias(n,alias) \ OBJ_NAME_add((alias),OBJ_NAME_TYPE_CIPHER_METH|OBJ_NAME_ALIAS,(n)) @@ -542,14 +502,14 @@ int EVP_MD_CTX_cleanup(EVP_MD_CTX *ctx); EVP_MD_CTX *EVP_MD_CTX_create(void); void EVP_MD_CTX_destroy(EVP_MD_CTX *ctx); int EVP_MD_CTX_copy_ex(EVP_MD_CTX *out,const EVP_MD_CTX *in); -#define EVP_MD_CTX_set_flags(ctx,flgs) ((ctx)->flags|=(flgs)) -#define EVP_MD_CTX_clear_flags(ctx,flgs) ((ctx)->flags&=~(flgs)) -#define EVP_MD_CTX_test_flags(ctx,flgs) ((ctx)->flags&(flgs)) +void EVP_MD_CTX_set_flags(EVP_MD_CTX *ctx, int flags); +void EVP_MD_CTX_clear_flags(EVP_MD_CTX *ctx, int flags); +int EVP_MD_CTX_test_flags(const EVP_MD_CTX *ctx,int flags); int EVP_DigestInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl); int EVP_DigestUpdate(EVP_MD_CTX *ctx,const void *d, - unsigned int cnt); + size_t cnt); int EVP_DigestFinal_ex(EVP_MD_CTX *ctx,unsigned char *md,unsigned int *s); -int EVP_Digest(void *data, unsigned int count, +int EVP_Digest(const void *data, size_t count, unsigned char *md, unsigned int *size, const EVP_MD *type, ENGINE *impl); int EVP_MD_CTX_copy(EVP_MD_CTX *out,const EVP_MD_CTX *in); @@ -557,7 +517,7 @@ int EVP_DigestInit(EVP_MD_CTX *ctx, const EVP_MD *type); int EVP_DigestFinal(EVP_MD_CTX *ctx,unsigned char *md,unsigned int *s); int EVP_read_pw_string(char *buf,int length,const char *prompt,int verify); -void EVP_set_pw_prompt(char *prompt); +void EVP_set_pw_prompt(const char *prompt); char * EVP_get_pw_prompt(void); int EVP_BytesToKey(const EVP_CIPHER *type,const EVP_MD *md, @@ -596,43 +556,48 @@ int EVP_CipherFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl); int EVP_SignFinal(EVP_MD_CTX *ctx,unsigned char *md,unsigned int *s, EVP_PKEY *pkey); -int EVP_VerifyFinal(EVP_MD_CTX *ctx,unsigned char *sigbuf, +int EVP_VerifyFinal(EVP_MD_CTX *ctx,const unsigned char *sigbuf, unsigned int siglen,EVP_PKEY *pkey); -int EVP_OpenInit(EVP_CIPHER_CTX *ctx,const EVP_CIPHER *type,unsigned char *ek, - int ekl,unsigned char *iv,EVP_PKEY *priv); +int EVP_OpenInit(EVP_CIPHER_CTX *ctx,const EVP_CIPHER *type, + const unsigned char *ek, int ekl, const unsigned char *iv, + EVP_PKEY *priv); int EVP_OpenFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl); -int EVP_SealInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type, unsigned char **ek, - int *ekl, unsigned char *iv,EVP_PKEY **pubk, int npubk); +int EVP_SealInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type, + unsigned char **ek, int *ekl, unsigned char *iv, + EVP_PKEY **pubk, int npubk); int EVP_SealFinal(EVP_CIPHER_CTX *ctx,unsigned char *out,int *outl); void EVP_EncodeInit(EVP_ENCODE_CTX *ctx); -void EVP_EncodeUpdate(EVP_ENCODE_CTX *ctx,unsigned char *out, - int *outl,unsigned char *in,int inl); +void EVP_EncodeUpdate(EVP_ENCODE_CTX *ctx,unsigned char *out,int *outl, + const unsigned char *in,int inl); void EVP_EncodeFinal(EVP_ENCODE_CTX *ctx,unsigned char *out,int *outl); int EVP_EncodeBlock(unsigned char *t, const unsigned char *f, int n); void EVP_DecodeInit(EVP_ENCODE_CTX *ctx); int EVP_DecodeUpdate(EVP_ENCODE_CTX *ctx,unsigned char *out,int *outl, - unsigned char *in, int inl); + const unsigned char *in, int inl); int EVP_DecodeFinal(EVP_ENCODE_CTX *ctx, unsigned char *out, int *outl); int EVP_DecodeBlock(unsigned char *t, const unsigned char *f, int n); void EVP_CIPHER_CTX_init(EVP_CIPHER_CTX *a); int EVP_CIPHER_CTX_cleanup(EVP_CIPHER_CTX *a); +EVP_CIPHER_CTX *EVP_CIPHER_CTX_new(void); +void EVP_CIPHER_CTX_free(EVP_CIPHER_CTX *a); int EVP_CIPHER_CTX_set_key_length(EVP_CIPHER_CTX *x, int keylen); int EVP_CIPHER_CTX_set_padding(EVP_CIPHER_CTX *c, int pad); int EVP_CIPHER_CTX_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr); +int EVP_CIPHER_CTX_rand_key(EVP_CIPHER_CTX *ctx, unsigned char *key); #ifndef OPENSSL_NO_BIO BIO_METHOD *BIO_f_md(void); BIO_METHOD *BIO_f_base64(void); BIO_METHOD *BIO_f_cipher(void); BIO_METHOD *BIO_f_reliable(void); -void BIO_set_cipher(BIO *b,const EVP_CIPHER *c,unsigned char *k, - unsigned char *i, int enc); +void BIO_set_cipher(BIO *b,const EVP_CIPHER *c,const unsigned char *k, + const unsigned char *i, int enc); #endif const EVP_MD *EVP_md_null(void); @@ -650,7 +615,8 @@ const EVP_MD *EVP_sha(void); const EVP_MD *EVP_sha1(void); const EVP_MD *EVP_dss(void); const EVP_MD *EVP_dss1(void); -#ifdef OPENSSL_FIPS +const EVP_MD *EVP_ecdsa(void); +#endif #ifndef OPENSSL_NO_SHA256 const EVP_MD *EVP_sha224(void); const EVP_MD *EVP_sha256(void); @@ -659,8 +625,6 @@ const EVP_MD *EVP_sha256(void); const EVP_MD *EVP_sha384(void); const EVP_MD *EVP_sha512(void); #endif -#endif -#endif #ifndef OPENSSL_NO_MDC2 const EVP_MD *EVP_mdc2(void); #endif @@ -778,6 +742,37 @@ const EVP_CIPHER *EVP_aes_256_ofb(void); const EVP_CIPHER *EVP_aes_256_ctr(void); #endif #endif +#ifndef OPENSSL_NO_CAMELLIA +const EVP_CIPHER *EVP_camellia_128_ecb(void); +const EVP_CIPHER *EVP_camellia_128_cbc(void); +const EVP_CIPHER *EVP_camellia_128_cfb1(void); +const EVP_CIPHER *EVP_camellia_128_cfb8(void); +const EVP_CIPHER *EVP_camellia_128_cfb128(void); +# define EVP_camellia_128_cfb EVP_camellia_128_cfb128 +const EVP_CIPHER *EVP_camellia_128_ofb(void); +const EVP_CIPHER *EVP_camellia_192_ecb(void); +const EVP_CIPHER *EVP_camellia_192_cbc(void); +const EVP_CIPHER *EVP_camellia_192_cfb1(void); +const EVP_CIPHER *EVP_camellia_192_cfb8(void); +const EVP_CIPHER *EVP_camellia_192_cfb128(void); +# define EVP_camellia_192_cfb EVP_camellia_192_cfb128 +const EVP_CIPHER *EVP_camellia_192_ofb(void); +const EVP_CIPHER *EVP_camellia_256_ecb(void); +const EVP_CIPHER *EVP_camellia_256_cbc(void); +const EVP_CIPHER *EVP_camellia_256_cfb1(void); +const EVP_CIPHER *EVP_camellia_256_cfb8(void); +const EVP_CIPHER *EVP_camellia_256_cfb128(void); +# define EVP_camellia_256_cfb EVP_camellia_256_cfb128 +const EVP_CIPHER *EVP_camellia_256_ofb(void); +#endif + +#ifndef OPENSSL_NO_SEED +const EVP_CIPHER *EVP_seed_ecb(void); +const EVP_CIPHER *EVP_seed_cbc(void); +const EVP_CIPHER *EVP_seed_cfb128(void); +# define EVP_seed_cfb EVP_seed_cfb128 +const EVP_CIPHER *EVP_seed_ofb(void); +#endif void OPENSSL_add_all_algorithms_noconf(void); void OPENSSL_add_all_algorithms_conf(void); @@ -803,10 +798,12 @@ const EVP_CIPHER *EVP_get_cipherbyname(const char *name); const EVP_MD *EVP_get_digestbyname(const char *name); void EVP_cleanup(void); -int EVP_PKEY_decrypt(unsigned char *dec_key,unsigned char *enc_key, - int enc_key_len,EVP_PKEY *private_key); +int EVP_PKEY_decrypt(unsigned char *dec_key, + const unsigned char *enc_key,int enc_key_len, + EVP_PKEY *private_key); int EVP_PKEY_encrypt(unsigned char *enc_key, - unsigned char *key,int key_len,EVP_PKEY *pub_key); + const unsigned char *key,int key_len, + EVP_PKEY *pub_key); int EVP_PKEY_type(int type); int EVP_PKEY_bits(EVP_PKEY *pkey); int EVP_PKEY_size(EVP_PKEY *pkey); @@ -827,24 +824,31 @@ struct dh_st; int EVP_PKEY_set1_DH(EVP_PKEY *pkey,struct dh_st *key); struct dh_st *EVP_PKEY_get1_DH(EVP_PKEY *pkey); #endif - +#ifndef OPENSSL_NO_EC +struct ec_key_st; +int EVP_PKEY_set1_EC_KEY(EVP_PKEY *pkey,struct ec_key_st *key); +struct ec_key_st *EVP_PKEY_get1_EC_KEY(EVP_PKEY *pkey); +#endif EVP_PKEY * EVP_PKEY_new(void); void EVP_PKEY_free(EVP_PKEY *pkey); -EVP_PKEY * d2i_PublicKey(int type,EVP_PKEY **a, unsigned char **pp, + +EVP_PKEY * d2i_PublicKey(int type,EVP_PKEY **a, const unsigned char **pp, long length); int i2d_PublicKey(EVP_PKEY *a, unsigned char **pp); -EVP_PKEY * d2i_PrivateKey(int type,EVP_PKEY **a, unsigned char **pp, +EVP_PKEY * d2i_PrivateKey(int type,EVP_PKEY **a, const unsigned char **pp, long length); -EVP_PKEY * d2i_AutoPrivateKey(EVP_PKEY **a, unsigned char **pp, +EVP_PKEY * d2i_AutoPrivateKey(EVP_PKEY **a, const unsigned char **pp, long length); int i2d_PrivateKey(EVP_PKEY *a, unsigned char **pp); -int EVP_PKEY_copy_parameters(EVP_PKEY *to,EVP_PKEY *from); -int EVP_PKEY_missing_parameters(EVP_PKEY *pkey); +int EVP_PKEY_copy_parameters(EVP_PKEY *to, const EVP_PKEY *from); +int EVP_PKEY_missing_parameters(const EVP_PKEY *pkey); int EVP_PKEY_save_parameters(EVP_PKEY *pkey,int mode); -int EVP_PKEY_cmp_parameters(EVP_PKEY *a,EVP_PKEY *b); +int EVP_PKEY_cmp_parameters(const EVP_PKEY *a, const EVP_PKEY *b); + +int EVP_PKEY_cmp(const EVP_PKEY *a, const EVP_PKEY *b); int EVP_CIPHER_type(const EVP_CIPHER *ctx); @@ -861,7 +865,7 @@ int PKCS5_PBE_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen, ASN1_TYPE *param, const EVP_CIPHER *cipher, const EVP_MD *md, int en_de); int PKCS5_PBKDF2_HMAC_SHA1(const char *pass, int passlen, - unsigned char *salt, int saltlen, int iter, + const unsigned char *salt, int saltlen, int iter, int keylen, unsigned char *out); int PKCS5_v2_PBE_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen, ASN1_TYPE *param, const EVP_CIPHER *cipher, const EVP_MD *md, @@ -884,30 +888,32 @@ void ERR_load_EVP_strings(void); /* Error codes for the EVP functions. */ /* Function codes. */ -#define EVP_F_AES_INIT_KEY 129 +#define EVP_F_AES_INIT_KEY 133 +#define EVP_F_CAMELLIA_INIT_KEY 159 #define EVP_F_D2I_PKEY 100 -#define EVP_F_EVP_ADD_CIPHER 130 -#define EVP_F_EVP_ADD_DIGEST 131 -#define EVP_F_EVP_CIPHERINIT 123 +#define EVP_F_DSAPKEY2PKCS8 134 +#define EVP_F_DSA_PKEY2PKCS8 135 +#define EVP_F_ECDSA_PKEY2PKCS8 129 +#define EVP_F_ECKEY_PKEY2PKCS8 132 +#define EVP_F_EVP_CIPHERINIT_EX 123 #define EVP_F_EVP_CIPHER_CTX_CTRL 124 #define EVP_F_EVP_CIPHER_CTX_SET_KEY_LENGTH 122 -#define EVP_F_EVP_DECRYPTFINAL 101 -#define EVP_F_EVP_DIGESTINIT 128 -#define EVP_F_EVP_ENCRYPTFINAL 127 -#define EVP_F_EVP_GET_CIPHERBYNAME 132 -#define EVP_F_EVP_GET_DIGESTBYNAME 133 -#define EVP_F_EVP_MD_CTX_COPY 110 +#define EVP_F_EVP_DECRYPTFINAL_EX 101 +#define EVP_F_EVP_DIGESTINIT_EX 128 +#define EVP_F_EVP_ENCRYPTFINAL_EX 127 +#define EVP_F_EVP_MD_CTX_COPY_EX 110 #define EVP_F_EVP_OPENINIT 102 #define EVP_F_EVP_PBE_ALG_ADD 115 #define EVP_F_EVP_PBE_CIPHERINIT 116 #define EVP_F_EVP_PKCS82PKEY 111 -#define EVP_F_EVP_PKCS8_SET_BROKEN 112 -#define EVP_F_EVP_PKEY2PKCS8 113 +#define EVP_F_EVP_PKEY2PKCS8_BROKEN 113 #define EVP_F_EVP_PKEY_COPY_PARAMETERS 103 #define EVP_F_EVP_PKEY_DECRYPT 104 #define EVP_F_EVP_PKEY_ENCRYPT 105 #define EVP_F_EVP_PKEY_GET1_DH 119 #define EVP_F_EVP_PKEY_GET1_DSA 120 +#define EVP_F_EVP_PKEY_GET1_ECDSA 130 +#define EVP_F_EVP_PKEY_GET1_EC_KEY 131 #define EVP_F_EVP_PKEY_GET1_RSA 121 #define EVP_F_EVP_PKEY_NEW 106 #define EVP_F_EVP_RIJNDAEL 126 @@ -915,28 +921,32 @@ void ERR_load_EVP_strings(void); #define EVP_F_EVP_VERIFYFINAL 108 #define EVP_F_PKCS5_PBE_KEYIVGEN 117 #define EVP_F_PKCS5_V2_PBE_KEYIVGEN 118 +#define EVP_F_PKCS8_SET_BROKEN 112 #define EVP_F_RC2_MAGIC_TO_METH 109 #define EVP_F_RC5_CTRL 125 /* Reason codes. */ -#define EVP_R_AES_KEY_SETUP_FAILED 140 +#define EVP_R_AES_KEY_SETUP_FAILED 143 +#define EVP_R_ASN1_LIB 140 #define EVP_R_BAD_BLOCK_LENGTH 136 #define EVP_R_BAD_DECRYPT 100 #define EVP_R_BAD_KEY_LENGTH 137 #define EVP_R_BN_DECODE_ERROR 112 #define EVP_R_BN_PUBKEY_ERROR 113 +#define EVP_R_CAMELLIA_KEY_SETUP_FAILED 157 #define EVP_R_CIPHER_PARAMETER_ERROR 122 #define EVP_R_CTRL_NOT_IMPLEMENTED 132 #define EVP_R_CTRL_OPERATION_NOT_IMPLEMENTED 133 #define EVP_R_DATA_NOT_MULTIPLE_OF_BLOCK_LENGTH 138 #define EVP_R_DECODE_ERROR 114 #define EVP_R_DIFFERENT_KEY_TYPES 101 -#define EVP_R_DISABLED_FOR_FIPS 141 #define EVP_R_ENCODE_ERROR 115 #define EVP_R_EVP_PBE_CIPHERINIT_ERROR 119 #define EVP_R_EXPECTING_AN_RSA_KEY 127 #define EVP_R_EXPECTING_A_DH_KEY 128 #define EVP_R_EXPECTING_A_DSA_KEY 129 +#define EVP_R_EXPECTING_A_ECDSA_KEY 141 +#define EVP_R_EXPECTING_A_EC_KEY 142 #define EVP_R_INITIALIZATION_ERROR 134 #define EVP_R_INPUT_NOT_INITIALIZED 111 #define EVP_R_INVALID_KEY_LENGTH 130 @@ -961,6 +971,7 @@ void ERR_load_EVP_strings(void); #define EVP_R_UNSUPPORTED_SALT_TYPE 126 #define EVP_R_WRONG_FINAL_BLOCK_LENGTH 109 #define EVP_R_WRONG_PUBLIC_KEY_TYPE 110 +#define EVP_R_SEED_KEY_SETUP_FAILED 162 #ifdef __cplusplus } diff --git a/src/lib/libssl/src/crypto/evp/evp_enc.c b/src/lib/libssl/src/crypto/evp/evp_enc.c index f549eeb437..a1904993bf 100644 --- a/src/lib/libssl/src/crypto/evp/evp_enc.c +++ b/src/lib/libssl/src/crypto/evp/evp_enc.c @@ -60,12 +60,13 @@ #include "cryptlib.h" #include #include +#include #ifndef OPENSSL_NO_ENGINE #include #endif #include "evp_locl.h" -const char *EVP_version="EVP" OPENSSL_VERSION_PTEXT; +const char EVP_version[]="EVP" OPENSSL_VERSION_PTEXT; void EVP_CIPHER_CTX_init(EVP_CIPHER_CTX *ctx) { @@ -73,6 +74,13 @@ void EVP_CIPHER_CTX_init(EVP_CIPHER_CTX *ctx) /* ctx->cipher=NULL; */ } +EVP_CIPHER_CTX *EVP_CIPHER_CTX_new(void) + { + EVP_CIPHER_CTX *ctx=OPENSSL_malloc(sizeof *ctx); + if (ctx) + EVP_CIPHER_CTX_init(ctx); + return ctx; + } int EVP_CipherInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher, const unsigned char *key, const unsigned char *iv, int enc) @@ -82,48 +90,6 @@ int EVP_CipherInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher, return EVP_CipherInit_ex(ctx,cipher,NULL,key,iv,enc); } -#ifdef OPENSSL_FIPS - -/* The purpose of these is to trap programs that attempt to use non FIPS - * algorithms in FIPS mode and ignore the errors. - */ - -int bad_init(EVP_CIPHER_CTX *ctx, const unsigned char *key, - const unsigned char *iv, int enc) - { FIPS_ERROR_IGNORED("Cipher init"); return 0;} - -int bad_do_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, - const unsigned char *in, unsigned int inl) - { FIPS_ERROR_IGNORED("Cipher update"); return 0;} - -/* NB: no cleanup because it is allowed after failed init */ - -int bad_set_asn1(EVP_CIPHER_CTX *ctx, ASN1_TYPE *typ) - { FIPS_ERROR_IGNORED("Cipher set_asn1"); return 0;} -int bad_get_asn1(EVP_CIPHER_CTX *ctx, ASN1_TYPE *typ) - { FIPS_ERROR_IGNORED("Cipher get_asn1"); return 0;} -int bad_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr) - { FIPS_ERROR_IGNORED("Cipher ctrl"); return 0;} - -static const EVP_CIPHER bad_cipher = - { - 0, - 0, - 0, - 0, - 0, - bad_init, - bad_do_cipher, - NULL, - 0, - bad_set_asn1, - bad_get_asn1, - bad_ctrl, - NULL - }; - -#endif - int EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher, ENGINE *impl, const unsigned char *key, const unsigned char *iv, int enc) { @@ -158,7 +124,7 @@ int EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher, ENGINE *imp { if (!ENGINE_init(impl)) { - EVPerr(EVP_F_EVP_CIPHERINIT, EVP_R_INITIALIZATION_ERROR); + EVPerr(EVP_F_EVP_CIPHERINIT_EX, EVP_R_INITIALIZATION_ERROR); return 0; } } @@ -175,7 +141,7 @@ int EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher, ENGINE *imp * control history, is that we should at least * be able to avoid using US mispellings of * "initialisation"? */ - EVPerr(EVP_F_EVP_CIPHERINIT, EVP_R_INITIALIZATION_ERROR); + EVPerr(EVP_F_EVP_CIPHERINIT_EX, EVP_R_INITIALIZATION_ERROR); return 0; } /* We'll use the ENGINE's private cipher definition */ @@ -188,13 +154,14 @@ int EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher, ENGINE *imp else ctx->engine = NULL; #endif + ctx->cipher=cipher; if (ctx->cipher->ctx_size) { ctx->cipher_data=OPENSSL_malloc(ctx->cipher->ctx_size); if (!ctx->cipher_data) { - EVPerr(EVP_F_EVP_CIPHERINIT, ERR_R_MALLOC_FAILURE); + EVPerr(EVP_F_EVP_CIPHERINIT_EX, ERR_R_MALLOC_FAILURE); return 0; } } @@ -208,14 +175,14 @@ int EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher, ENGINE *imp { if(!EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_INIT, 0, NULL)) { - EVPerr(EVP_F_EVP_CIPHERINIT, EVP_R_INITIALIZATION_ERROR); + EVPerr(EVP_F_EVP_CIPHERINIT_EX, EVP_R_INITIALIZATION_ERROR); return 0; } } } else if(!ctx->cipher) { - EVPerr(EVP_F_EVP_CIPHERINIT, EVP_R_NO_CIPHER_SET); + EVPerr(EVP_F_EVP_CIPHERINIT_EX, EVP_R_NO_CIPHER_SET); return 0; } #ifndef OPENSSL_NO_ENGINE @@ -240,7 +207,8 @@ skip_to_init: case EVP_CIPH_CBC_MODE: - OPENSSL_assert(EVP_CIPHER_CTX_iv_length(ctx) <= sizeof ctx->iv); + OPENSSL_assert(EVP_CIPHER_CTX_iv_length(ctx) <= + (int)sizeof(ctx->iv)); if(iv) memcpy(ctx->oiv, iv, EVP_CIPHER_CTX_iv_length(ctx)); memcpy(ctx->iv, ctx->oiv, EVP_CIPHER_CTX_iv_length(ctx)); break; @@ -251,24 +219,6 @@ skip_to_init: } } -#ifdef OPENSSL_FIPS - /* After 'key' is set no further parameters changes are permissible. - * So only check for non FIPS enabling at this point. - */ - if (key && FIPS_mode()) - { - if (!(ctx->cipher->flags & EVP_CIPH_FLAG_FIPS) - & !(ctx->flags & EVP_CIPH_FLAG_NON_FIPS_ALLOW)) - { - EVPerr(EVP_F_EVP_CIPHERINIT, EVP_R_DISABLED_FOR_FIPS); - ERR_add_error_data(2, "cipher=", - EVP_CIPHER_name(ctx->cipher)); - ctx->cipher = &bad_cipher; - return 0; - } - } -#endif - if(key || (ctx->cipher->flags & EVP_CIPH_ALWAYS_CALL_INIT)) { if(!ctx->cipher->init(ctx,key,iv,enc)) return 0; } @@ -345,7 +295,7 @@ int EVP_EncryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl, } i=ctx->buf_len; bl=ctx->cipher->block_size; - OPENSSL_assert(bl <= sizeof ctx->buf); + OPENSSL_assert(bl <= (int)sizeof(ctx->buf)); if (i != 0) { if (i+inl < bl) @@ -391,7 +341,8 @@ int EVP_EncryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl) int EVP_EncryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl) { - int i,n,b,bl,ret; + int n,ret; + unsigned int i, b, bl; b=ctx->cipher->block_size; OPENSSL_assert(b <= sizeof ctx->buf); @@ -405,7 +356,7 @@ int EVP_EncryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl) { if(bl) { - EVPerr(EVP_F_EVP_ENCRYPTFINAL,EVP_R_DATA_NOT_MULTIPLE_OF_BLOCK_LENGTH); + EVPerr(EVP_F_EVP_ENCRYPTFINAL_EX,EVP_R_DATA_NOT_MULTIPLE_OF_BLOCK_LENGTH); return 0; } *outl = 0; @@ -427,7 +378,8 @@ int EVP_EncryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl) int EVP_DecryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl, const unsigned char *in, int inl) { - int b, fix_len; + int fix_len; + unsigned int b; if (inl == 0) { @@ -480,8 +432,8 @@ int EVP_DecryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl) int EVP_DecryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl) { - int i,b; - int n; + int i,n; + unsigned int b; *outl=0; b=ctx->cipher->block_size; @@ -489,7 +441,7 @@ int EVP_DecryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl) { if(ctx->buf_len) { - EVPerr(EVP_F_EVP_DECRYPTFINAL,EVP_R_DATA_NOT_MULTIPLE_OF_BLOCK_LENGTH); + EVPerr(EVP_F_EVP_DECRYPTFINAL_EX,EVP_R_DATA_NOT_MULTIPLE_OF_BLOCK_LENGTH); return 0; } *outl = 0; @@ -499,21 +451,21 @@ int EVP_DecryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl) { if (ctx->buf_len || !ctx->final_used) { - EVPerr(EVP_F_EVP_DECRYPTFINAL,EVP_R_WRONG_FINAL_BLOCK_LENGTH); + EVPerr(EVP_F_EVP_DECRYPTFINAL_EX,EVP_R_WRONG_FINAL_BLOCK_LENGTH); return(0); } OPENSSL_assert(b <= sizeof ctx->final); n=ctx->final[b-1]; - if (n > b) + if (n == 0 || n > (int)b) { - EVPerr(EVP_F_EVP_DECRYPTFINAL,EVP_R_BAD_DECRYPT); + EVPerr(EVP_F_EVP_DECRYPTFINAL_EX,EVP_R_BAD_DECRYPT); return(0); } for (i=0; ifinal[--b] != n) { - EVPerr(EVP_F_EVP_DECRYPTFINAL,EVP_R_BAD_DECRYPT); + EVPerr(EVP_F_EVP_DECRYPTFINAL_EX,EVP_R_BAD_DECRYPT); return(0); } } @@ -527,6 +479,15 @@ int EVP_DecryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl) return(1); } +void EVP_CIPHER_CTX_free(EVP_CIPHER_CTX *ctx) + { + if (ctx) + { + EVP_CIPHER_CTX_cleanup(ctx); + OPENSSL_free(ctx); + } + } + int EVP_CIPHER_CTX_cleanup(EVP_CIPHER_CTX *c) { if (c->cipher != NULL) @@ -590,3 +551,13 @@ int EVP_CIPHER_CTX_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr) } return ret; } + +int EVP_CIPHER_CTX_rand_key(EVP_CIPHER_CTX *ctx, unsigned char *key) + { + if (ctx->cipher->flags & EVP_CIPH_RAND_KEY) + return EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_RAND_KEY, 0, key); + if (RAND_bytes(key, ctx->key_len) <= 0) + return 0; + return 1; + } + diff --git a/src/lib/libssl/src/crypto/evp/evp_err.c b/src/lib/libssl/src/crypto/evp/evp_err.c index 77eee070d3..e8c9e8de9c 100644 --- a/src/lib/libssl/src/crypto/evp/evp_err.c +++ b/src/lib/libssl/src/crypto/evp/evp_err.c @@ -71,29 +71,31 @@ static ERR_STRING_DATA EVP_str_functs[]= { {ERR_FUNC(EVP_F_AES_INIT_KEY), "AES_INIT_KEY"}, +{ERR_FUNC(EVP_F_CAMELLIA_INIT_KEY), "CAMELLIA_INIT_KEY"}, {ERR_FUNC(EVP_F_D2I_PKEY), "D2I_PKEY"}, -{ERR_FUNC(EVP_F_EVP_ADD_CIPHER), "EVP_add_cipher"}, -{ERR_FUNC(EVP_F_EVP_ADD_DIGEST), "EVP_add_digest"}, -{ERR_FUNC(EVP_F_EVP_CIPHERINIT), "EVP_CipherInit"}, +{ERR_FUNC(EVP_F_DSAPKEY2PKCS8), "DSAPKEY2PKCS8"}, +{ERR_FUNC(EVP_F_DSA_PKEY2PKCS8), "DSA_PKEY2PKCS8"}, +{ERR_FUNC(EVP_F_ECDSA_PKEY2PKCS8), "ECDSA_PKEY2PKCS8"}, +{ERR_FUNC(EVP_F_ECKEY_PKEY2PKCS8), "ECKEY_PKEY2PKCS8"}, +{ERR_FUNC(EVP_F_EVP_CIPHERINIT_EX), "EVP_CipherInit_ex"}, {ERR_FUNC(EVP_F_EVP_CIPHER_CTX_CTRL), "EVP_CIPHER_CTX_ctrl"}, {ERR_FUNC(EVP_F_EVP_CIPHER_CTX_SET_KEY_LENGTH), "EVP_CIPHER_CTX_set_key_length"}, -{ERR_FUNC(EVP_F_EVP_DECRYPTFINAL), "EVP_DecryptFinal"}, -{ERR_FUNC(EVP_F_EVP_DIGESTINIT), "EVP_DigestInit"}, -{ERR_FUNC(EVP_F_EVP_ENCRYPTFINAL), "EVP_EncryptFinal"}, -{ERR_FUNC(EVP_F_EVP_GET_CIPHERBYNAME), "EVP_get_cipherbyname"}, -{ERR_FUNC(EVP_F_EVP_GET_DIGESTBYNAME), "EVP_get_digestbyname"}, -{ERR_FUNC(EVP_F_EVP_MD_CTX_COPY), "EVP_MD_CTX_copy"}, +{ERR_FUNC(EVP_F_EVP_DECRYPTFINAL_EX), "EVP_DecryptFinal_ex"}, +{ERR_FUNC(EVP_F_EVP_DIGESTINIT_EX), "EVP_DigestInit_ex"}, +{ERR_FUNC(EVP_F_EVP_ENCRYPTFINAL_EX), "EVP_EncryptFinal_ex"}, +{ERR_FUNC(EVP_F_EVP_MD_CTX_COPY_EX), "EVP_MD_CTX_copy_ex"}, {ERR_FUNC(EVP_F_EVP_OPENINIT), "EVP_OpenInit"}, {ERR_FUNC(EVP_F_EVP_PBE_ALG_ADD), "EVP_PBE_alg_add"}, {ERR_FUNC(EVP_F_EVP_PBE_CIPHERINIT), "EVP_PBE_CipherInit"}, {ERR_FUNC(EVP_F_EVP_PKCS82PKEY), "EVP_PKCS82PKEY"}, -{ERR_FUNC(EVP_F_EVP_PKCS8_SET_BROKEN), "EVP_PKCS8_SET_BROKEN"}, -{ERR_FUNC(EVP_F_EVP_PKEY2PKCS8), "EVP_PKEY2PKCS8"}, +{ERR_FUNC(EVP_F_EVP_PKEY2PKCS8_BROKEN), "EVP_PKEY2PKCS8_broken"}, {ERR_FUNC(EVP_F_EVP_PKEY_COPY_PARAMETERS), "EVP_PKEY_copy_parameters"}, {ERR_FUNC(EVP_F_EVP_PKEY_DECRYPT), "EVP_PKEY_decrypt"}, {ERR_FUNC(EVP_F_EVP_PKEY_ENCRYPT), "EVP_PKEY_encrypt"}, {ERR_FUNC(EVP_F_EVP_PKEY_GET1_DH), "EVP_PKEY_get1_DH"}, {ERR_FUNC(EVP_F_EVP_PKEY_GET1_DSA), "EVP_PKEY_get1_DSA"}, +{ERR_FUNC(EVP_F_EVP_PKEY_GET1_ECDSA), "EVP_PKEY_GET1_ECDSA"}, +{ERR_FUNC(EVP_F_EVP_PKEY_GET1_EC_KEY), "EVP_PKEY_get1_EC_KEY"}, {ERR_FUNC(EVP_F_EVP_PKEY_GET1_RSA), "EVP_PKEY_get1_RSA"}, {ERR_FUNC(EVP_F_EVP_PKEY_NEW), "EVP_PKEY_new"}, {ERR_FUNC(EVP_F_EVP_RIJNDAEL), "EVP_RIJNDAEL"}, @@ -101,6 +103,7 @@ static ERR_STRING_DATA EVP_str_functs[]= {ERR_FUNC(EVP_F_EVP_VERIFYFINAL), "EVP_VerifyFinal"}, {ERR_FUNC(EVP_F_PKCS5_PBE_KEYIVGEN), "PKCS5_PBE_keyivgen"}, {ERR_FUNC(EVP_F_PKCS5_V2_PBE_KEYIVGEN), "PKCS5_v2_PBE_keyivgen"}, +{ERR_FUNC(EVP_F_PKCS8_SET_BROKEN), "PKCS8_set_broken"}, {ERR_FUNC(EVP_F_RC2_MAGIC_TO_METH), "RC2_MAGIC_TO_METH"}, {ERR_FUNC(EVP_F_RC5_CTRL), "RC5_CTRL"}, {0,NULL} @@ -109,23 +112,26 @@ static ERR_STRING_DATA EVP_str_functs[]= static ERR_STRING_DATA EVP_str_reasons[]= { {ERR_REASON(EVP_R_AES_KEY_SETUP_FAILED) ,"aes key setup failed"}, +{ERR_REASON(EVP_R_ASN1_LIB) ,"asn1 lib"}, {ERR_REASON(EVP_R_BAD_BLOCK_LENGTH) ,"bad block length"}, {ERR_REASON(EVP_R_BAD_DECRYPT) ,"bad decrypt"}, {ERR_REASON(EVP_R_BAD_KEY_LENGTH) ,"bad key length"}, {ERR_REASON(EVP_R_BN_DECODE_ERROR) ,"bn decode error"}, {ERR_REASON(EVP_R_BN_PUBKEY_ERROR) ,"bn pubkey error"}, +{ERR_REASON(EVP_R_CAMELLIA_KEY_SETUP_FAILED),"camellia key setup failed"}, {ERR_REASON(EVP_R_CIPHER_PARAMETER_ERROR),"cipher parameter error"}, {ERR_REASON(EVP_R_CTRL_NOT_IMPLEMENTED) ,"ctrl not implemented"}, {ERR_REASON(EVP_R_CTRL_OPERATION_NOT_IMPLEMENTED),"ctrl operation not implemented"}, {ERR_REASON(EVP_R_DATA_NOT_MULTIPLE_OF_BLOCK_LENGTH),"data not multiple of block length"}, {ERR_REASON(EVP_R_DECODE_ERROR) ,"decode error"}, {ERR_REASON(EVP_R_DIFFERENT_KEY_TYPES) ,"different key types"}, -{ERR_REASON(EVP_R_DISABLED_FOR_FIPS) ,"disabled for fips"}, {ERR_REASON(EVP_R_ENCODE_ERROR) ,"encode error"}, {ERR_REASON(EVP_R_EVP_PBE_CIPHERINIT_ERROR),"evp pbe cipherinit error"}, {ERR_REASON(EVP_R_EXPECTING_AN_RSA_KEY) ,"expecting an rsa key"}, {ERR_REASON(EVP_R_EXPECTING_A_DH_KEY) ,"expecting a dh key"}, {ERR_REASON(EVP_R_EXPECTING_A_DSA_KEY) ,"expecting a dsa key"}, +{ERR_REASON(EVP_R_EXPECTING_A_ECDSA_KEY) ,"expecting a ecdsa key"}, +{ERR_REASON(EVP_R_EXPECTING_A_EC_KEY) ,"expecting a ec key"}, {ERR_REASON(EVP_R_INITIALIZATION_ERROR) ,"initialization error"}, {ERR_REASON(EVP_R_INPUT_NOT_INITIALIZED) ,"input not initialized"}, {ERR_REASON(EVP_R_INVALID_KEY_LENGTH) ,"invalid key length"}, @@ -157,15 +163,12 @@ static ERR_STRING_DATA EVP_str_reasons[]= void ERR_load_EVP_strings(void) { - static int init=1; +#ifndef OPENSSL_NO_ERR - if (init) + if (ERR_func_error_string(EVP_str_functs[0].error) == NULL) { - init=0; -#ifndef OPENSSL_NO_ERR ERR_load_strings(0,EVP_str_functs); ERR_load_strings(0,EVP_str_reasons); -#endif - } +#endif } diff --git a/src/lib/libssl/src/crypto/evp/evp_key.c b/src/lib/libssl/src/crypto/evp/evp_key.c index f8650d5df6..361ea69ab6 100644 --- a/src/lib/libssl/src/crypto/evp/evp_key.c +++ b/src/lib/libssl/src/crypto/evp/evp_key.c @@ -66,7 +66,7 @@ /* should be init to zeros. */ static char prompt_string[80]; -void EVP_set_pw_prompt(char *prompt) +void EVP_set_pw_prompt(const char *prompt) { if (prompt == NULL) prompt_string[0]='\0'; diff --git a/src/lib/libssl/src/crypto/evp/evp_lib.c b/src/lib/libssl/src/crypto/evp/evp_lib.c index a63ba19317..edb28ef38e 100644 --- a/src/lib/libssl/src/crypto/evp/evp_lib.c +++ b/src/lib/libssl/src/crypto/evp/evp_lib.c @@ -68,7 +68,7 @@ int EVP_CIPHER_param_to_asn1(EVP_CIPHER_CTX *c, ASN1_TYPE *type) if (c->cipher->set_asn1_parameters != NULL) ret=c->cipher->set_asn1_parameters(c,type); else - return -1; + ret=-1; return(ret); } @@ -79,20 +79,21 @@ int EVP_CIPHER_asn1_to_param(EVP_CIPHER_CTX *c, ASN1_TYPE *type) if (c->cipher->get_asn1_parameters != NULL) ret=c->cipher->get_asn1_parameters(c,type); else - return -1; + ret=-1; return(ret); } int EVP_CIPHER_get_asn1_iv(EVP_CIPHER_CTX *c, ASN1_TYPE *type) { - int i=0,l; + int i=0; + unsigned int l; if (type != NULL) { l=EVP_CIPHER_CTX_iv_length(c); - OPENSSL_assert(l <= sizeof c->iv); + OPENSSL_assert(l <= sizeof(c->iv)); i=ASN1_TYPE_get_octetstring(type,c->oiv,l); - if (i != l) + if (i != (int)l) return(-1); else if (i > 0) memcpy(c->iv,c->oiv,l); @@ -102,12 +103,13 @@ int EVP_CIPHER_get_asn1_iv(EVP_CIPHER_CTX *c, ASN1_TYPE *type) int EVP_CIPHER_set_asn1_iv(EVP_CIPHER_CTX *c, ASN1_TYPE *type) { - int i=0,j; + int i=0; + unsigned int j; if (type != NULL) { j=EVP_CIPHER_CTX_iv_length(c); - OPENSSL_assert(j <= sizeof c->iv); + OPENSSL_assert(j <= sizeof(c->iv)); i=ASN1_TYPE_set_octetstring(type,c->oiv,j); } return(i); @@ -166,3 +168,112 @@ int EVP_CIPHER_type(const EVP_CIPHER *ctx) } } +int EVP_CIPHER_block_size(const EVP_CIPHER *e) + { + return e->block_size; + } + +int EVP_CIPHER_CTX_block_size(const EVP_CIPHER_CTX *ctx) + { + return ctx->cipher->block_size; + } + +int EVP_Cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, unsigned int inl) + { + return ctx->cipher->do_cipher(ctx,out,in,inl); + } + +const EVP_CIPHER *EVP_CIPHER_CTX_cipher(const EVP_CIPHER_CTX *ctx) + { + return ctx->cipher; + } + +unsigned long EVP_CIPHER_flags(const EVP_CIPHER *cipher) + { + return cipher->flags; + } + +unsigned long EVP_CIPHER_CTX_flags(const EVP_CIPHER_CTX *ctx) + { + return ctx->cipher->flags; + } + +void *EVP_CIPHER_CTX_get_app_data(const EVP_CIPHER_CTX *ctx) + { + return ctx->app_data; + } + +void EVP_CIPHER_CTX_set_app_data(EVP_CIPHER_CTX *ctx, void *data) + { + ctx->app_data = data; + } + +int EVP_CIPHER_iv_length(const EVP_CIPHER *cipher) + { + return cipher->iv_len; + } + +int EVP_CIPHER_CTX_iv_length(const EVP_CIPHER_CTX *ctx) + { + return ctx->cipher->iv_len; + } + +int EVP_CIPHER_key_length(const EVP_CIPHER *cipher) + { + return cipher->key_len; + } + +int EVP_CIPHER_CTX_key_length(const EVP_CIPHER_CTX *ctx) + { + return ctx->key_len; + } + +int EVP_CIPHER_nid(const EVP_CIPHER *cipher) + { + return cipher->nid; + } + +int EVP_CIPHER_CTX_nid(const EVP_CIPHER_CTX *ctx) + { + return ctx->cipher->nid; + } + +int EVP_MD_block_size(const EVP_MD *md) + { + return md->block_size; + } + +int EVP_MD_type(const EVP_MD *md) + { + return md->type; + } + +int EVP_MD_pkey_type(const EVP_MD *md) + { + return md->pkey_type; + } + +int EVP_MD_size(const EVP_MD *md) + { + return md->md_size; + } + +const EVP_MD * EVP_MD_CTX_md(const EVP_MD_CTX *ctx) + { + return ctx->digest; + } + +void EVP_MD_CTX_set_flags(EVP_MD_CTX *ctx, int flags) + { + ctx->flags |= flags; + } + +void EVP_MD_CTX_clear_flags(EVP_MD_CTX *ctx, int flags) + { + ctx->flags &= ~flags; + } + +int EVP_MD_CTX_test_flags(const EVP_MD_CTX *ctx, int flags) + { + return (ctx->flags & flags); + } diff --git a/src/lib/libssl/src/crypto/evp/evp_locl.h b/src/lib/libssl/src/crypto/evp/evp_locl.h index f8c5343620..073b0adcff 100644 --- a/src/lib/libssl/src/crypto/evp/evp_locl.h +++ b/src/lib/libssl/src/crypto/evp/evp_locl.h @@ -65,7 +65,7 @@ bl = ctx->cipher->block_size;\ if(inl < bl) return 1;\ inl -= bl; \ - for(i=0; i <= inl; i+=bl) \ + for(i=0; i <= inl; i+=bl) #define BLOCK_CIPHER_func_ecb(cname, cprefix, kstruct, ksched) \ static int cname##_ecb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, unsigned int inl) \ @@ -92,7 +92,7 @@ static int cname##_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const uns #define BLOCK_CIPHER_func_cfb(cname, cprefix, cbits, kstruct, ksched) \ static int cname##_cfb##cbits##_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, unsigned int inl) \ {\ - cprefix##_cfb##cbits##_encrypt(in, out, (long)inl, &((kstruct *)ctx->cipher_data)->ksched, ctx->iv, &ctx->num, ctx->encrypt);\ + cprefix##_cfb##cbits##_encrypt(in, out, (long)(cbits==1?inl*8:inl), &((kstruct *)ctx->cipher_data)->ksched, ctx->iv, &ctx->num, ctx->encrypt);\ return 1;\ } @@ -226,27 +226,11 @@ const EVP_CIPHER *EVP_##cname##_ecb(void) { return &cname##_ecb; } #define EVP_C_DATA(kstruct, ctx) ((kstruct *)(ctx)->cipher_data) -#define IMPLEMENT_CFBR(cipher,cprefix,kstruct,ksched,keysize,cbits,iv_len,flags) \ +#define IMPLEMENT_CFBR(cipher,cprefix,kstruct,ksched,keysize,cbits,iv_len) \ BLOCK_CIPHER_func_cfb(cipher##_##keysize,cprefix,cbits,kstruct,ksched) \ BLOCK_CIPHER_def_cfb(cipher##_##keysize,kstruct, \ NID_##cipher##_##keysize, keysize/8, iv_len, cbits, \ - flags, cipher##_init_key, NULL, \ + 0, cipher##_init_key, NULL, \ EVP_CIPHER_set_asn1_iv, \ EVP_CIPHER_get_asn1_iv, \ NULL) - -#ifdef OPENSSL_FIPS -#define RC2_set_key private_RC2_set_key -#define RC4_set_key private_RC4_set_key -#define CAST_set_key private_CAST_set_key -#define RC5_32_set_key private_RC5_32_set_key -#define BF_set_key private_BF_set_key -#define idea_set_encrypt_key private_idea_set_encrypt_key - -#define MD5_Init private_MD5_Init -#define MD4_Init private_MD4_Init -#define MD2_Init private_MD2_Init -#define MDC2_Init private_MDC2_Init -#define SHA_Init private_SHA_Init - -#endif diff --git a/src/lib/libssl/src/crypto/evp/evp_pbe.c b/src/lib/libssl/src/crypto/evp/evp_pbe.c index 91e545a141..c26d2de0f3 100644 --- a/src/lib/libssl/src/crypto/evp/evp_pbe.c +++ b/src/lib/libssl/src/crypto/evp/evp_pbe.c @@ -74,7 +74,7 @@ const EVP_MD *md; EVP_PBE_KEYGEN *keygen; } EVP_PBE_CTL; -int EVP_PBE_CipherInit (ASN1_OBJECT *pbe_obj, const char *pass, int passlen, +int EVP_PBE_CipherInit(ASN1_OBJECT *pbe_obj, const char *pass, int passlen, ASN1_TYPE *param, EVP_CIPHER_CTX *ctx, int en_de) { @@ -106,7 +106,8 @@ int EVP_PBE_CipherInit (ASN1_OBJECT *pbe_obj, const char *pass, int passlen, static int pbe_cmp(const char * const *a, const char * const *b) { - EVP_PBE_CTL **pbe1 = (EVP_PBE_CTL **) a, **pbe2 = (EVP_PBE_CTL **)b; + const EVP_PBE_CTL * const *pbe1 = (const EVP_PBE_CTL * const *) a, + * const *pbe2 = (const EVP_PBE_CTL * const *)b; return ((*pbe1)->pbe_nid - (*pbe2)->pbe_nid); } diff --git a/src/lib/libssl/src/crypto/evp/evp_pkey.c b/src/lib/libssl/src/crypto/evp/evp_pkey.c index 47a69932a5..0147f3e02a 100644 --- a/src/lib/libssl/src/crypto/evp/evp_pkey.c +++ b/src/lib/libssl/src/crypto/evp/evp_pkey.c @@ -3,7 +3,7 @@ * project 1999. */ /* ==================================================================== - * Copyright (c) 1999 The OpenSSL Project. All rights reserved. + * Copyright (c) 1999-2002 The OpenSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -61,14 +61,24 @@ #include "cryptlib.h" #include #include +#ifndef OPENSSL_NO_RSA +#include +#endif +#ifndef OPENSSL_NO_DSA +#include +#endif +#include #ifndef OPENSSL_NO_DSA static int dsa_pkey2pkcs8(PKCS8_PRIV_KEY_INFO *p8inf, EVP_PKEY *pkey); #endif +#ifndef OPENSSL_NO_EC +static int eckey_pkey2pkcs8(PKCS8_PRIV_KEY_INFO *p8inf, EVP_PKEY *pkey); +#endif /* Extract a private key from a PKCS8 structure */ -EVP_PKEY *EVP_PKCS82PKEY (PKCS8_PRIV_KEY_INFO *p8) +EVP_PKEY *EVP_PKCS82PKEY(PKCS8_PRIV_KEY_INFO *p8) { EVP_PKEY *pkey = NULL; #ifndef OPENSSL_NO_RSA @@ -76,16 +86,24 @@ EVP_PKEY *EVP_PKCS82PKEY (PKCS8_PRIV_KEY_INFO *p8) #endif #ifndef OPENSSL_NO_DSA DSA *dsa = NULL; + ASN1_TYPE *t1, *t2; ASN1_INTEGER *privkey; - ASN1_TYPE *t1, *t2, *param = NULL; STACK_OF(ASN1_TYPE) *ndsa = NULL; +#endif +#ifndef OPENSSL_NO_EC + EC_KEY *eckey = NULL; + const unsigned char *p_tmp; +#endif +#if !defined(OPENSSL_NO_DSA) || !defined(OPENSSL_NO_EC) + ASN1_TYPE *param = NULL; BN_CTX *ctx = NULL; int plen; #endif X509_ALGOR *a; - unsigned char *p; + const unsigned char *p; const unsigned char *cp; int pkeylen; + int nid; char obj_tmp[80]; if(p8->pkey->type == V_ASN1_OCTET_STRING) { @@ -102,7 +120,8 @@ EVP_PKEY *EVP_PKCS82PKEY (PKCS8_PRIV_KEY_INFO *p8) return NULL; } a = p8->pkeyalg; - switch (OBJ_obj2nid(a->algorithm)) + nid = OBJ_obj2nid(a->algorithm); + switch(nid) { #ifndef OPENSSL_NO_RSA case NID_rsaEncryption: @@ -207,6 +226,112 @@ EVP_PKEY *EVP_PKCS82PKEY (PKCS8_PRIV_KEY_INFO *p8) EVP_PKEY_free(pkey); return NULL; break; +#endif +#ifndef OPENSSL_NO_EC + case NID_X9_62_id_ecPublicKey: + p_tmp = p; + /* extract the ec parameters */ + param = p8->pkeyalg->parameter; + + if (!param || ((param->type != V_ASN1_SEQUENCE) && + (param->type != V_ASN1_OBJECT))) + { + EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_DECODE_ERROR); + goto ecerr; + } + + if (param->type == V_ASN1_SEQUENCE) + { + cp = p = param->value.sequence->data; + plen = param->value.sequence->length; + + if (!(eckey = d2i_ECParameters(NULL, &cp, plen))) + { + EVPerr(EVP_F_EVP_PKCS82PKEY, + EVP_R_DECODE_ERROR); + goto ecerr; + } + } + else + { + EC_GROUP *group; + cp = p = param->value.object->data; + plen = param->value.object->length; + + /* type == V_ASN1_OBJECT => the parameters are given + * by an asn1 OID + */ + if ((eckey = EC_KEY_new()) == NULL) + { + EVPerr(EVP_F_EVP_PKCS82PKEY, + ERR_R_MALLOC_FAILURE); + goto ecerr; + } + group = EC_GROUP_new_by_curve_name(OBJ_obj2nid(a->parameter->value.object)); + if (group == NULL) + goto ecerr; + EC_GROUP_set_asn1_flag(group, OPENSSL_EC_NAMED_CURVE); + if (EC_KEY_set_group(eckey, group) == 0) + goto ecerr; + EC_GROUP_free(group); + } + + /* We have parameters now set private key */ + if (!d2i_ECPrivateKey(&eckey, &p_tmp, pkeylen)) + { + EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_DECODE_ERROR); + goto ecerr; + } + + /* calculate public key (if necessary) */ + if (EC_KEY_get0_public_key(eckey) == NULL) + { + const BIGNUM *priv_key; + const EC_GROUP *group; + EC_POINT *pub_key; + /* the public key was not included in the SEC1 private + * key => calculate the public key */ + group = EC_KEY_get0_group(eckey); + pub_key = EC_POINT_new(group); + if (pub_key == NULL) + { + EVPerr(EVP_F_EVP_PKCS82PKEY, ERR_R_EC_LIB); + goto ecerr; + } + if (!EC_POINT_copy(pub_key, EC_GROUP_get0_generator(group))) + { + EC_POINT_free(pub_key); + EVPerr(EVP_F_EVP_PKCS82PKEY, ERR_R_EC_LIB); + goto ecerr; + } + priv_key = EC_KEY_get0_private_key(eckey); + if (!EC_POINT_mul(group, pub_key, priv_key, NULL, NULL, ctx)) + { + EC_POINT_free(pub_key); + EVPerr(EVP_F_EVP_PKCS82PKEY, ERR_R_EC_LIB); + goto ecerr; + } + if (EC_KEY_set_public_key(eckey, pub_key) == 0) + { + EC_POINT_free(pub_key); + EVPerr(EVP_F_EVP_PKCS82PKEY, ERR_R_EC_LIB); + goto ecerr; + } + EC_POINT_free(pub_key); + } + + EVP_PKEY_assign_EC_KEY(pkey, eckey); + if (ctx) + BN_CTX_free(ctx); + break; +ecerr: + if (ctx) + BN_CTX_free(ctx); + if (eckey) + EC_KEY_free(eckey); + if (pkey) + EVP_PKEY_free(pkey); + return NULL; #endif default: EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_UNSUPPORTED_PRIVATE_KEY_ALGORITHM); @@ -231,17 +356,17 @@ PKCS8_PRIV_KEY_INFO *EVP_PKEY2PKCS8_broken(EVP_PKEY *pkey, int broken) PKCS8_PRIV_KEY_INFO *p8; if (!(p8 = PKCS8_PRIV_KEY_INFO_new())) { - EVPerr(EVP_F_EVP_PKEY2PKCS8,ERR_R_MALLOC_FAILURE); + EVPerr(EVP_F_EVP_PKEY2PKCS8_BROKEN,ERR_R_MALLOC_FAILURE); return NULL; } p8->broken = broken; if (!ASN1_INTEGER_set(p8->version, 0)) { - EVPerr(EVP_F_EVP_PKEY2PKCS8,ERR_R_MALLOC_FAILURE); + EVPerr(EVP_F_EVP_PKEY2PKCS8_BROKEN,ERR_R_MALLOC_FAILURE); PKCS8_PRIV_KEY_INFO_free (p8); return NULL; } if (!(p8->pkeyalg->parameter = ASN1_TYPE_new ())) { - EVPerr(EVP_F_EVP_PKEY2PKCS8,ERR_R_MALLOC_FAILURE); + EVPerr(EVP_F_EVP_PKEY2PKCS8_BROKEN,ERR_R_MALLOC_FAILURE); PKCS8_PRIV_KEY_INFO_free (p8); return NULL; } @@ -254,9 +379,9 @@ PKCS8_PRIV_KEY_INFO *EVP_PKEY2PKCS8_broken(EVP_PKEY *pkey, int broken) p8->pkeyalg->algorithm = OBJ_nid2obj(NID_rsaEncryption); p8->pkeyalg->parameter->type = V_ASN1_NULL; - if (!ASN1_pack_string ((char *)pkey, i2d_PrivateKey, + if (!ASN1_pack_string_of (EVP_PKEY,pkey, i2d_PrivateKey, &p8->pkey->value.octet_string)) { - EVPerr(EVP_F_EVP_PKEY2PKCS8,ERR_R_MALLOC_FAILURE); + EVPerr(EVP_F_EVP_PKEY2PKCS8_BROKEN,ERR_R_MALLOC_FAILURE); PKCS8_PRIV_KEY_INFO_free (p8); return NULL; } @@ -271,13 +396,22 @@ PKCS8_PRIV_KEY_INFO *EVP_PKEY2PKCS8_broken(EVP_PKEY *pkey, int broken) break; #endif +#ifndef OPENSSL_NO_EC + case EVP_PKEY_EC: + if (!eckey_pkey2pkcs8(p8, pkey)) + { + PKCS8_PRIV_KEY_INFO_free(p8); + return(NULL); + } + break; +#endif default: - EVPerr(EVP_F_EVP_PKEY2PKCS8, EVP_R_UNSUPPORTED_PRIVATE_KEY_ALGORITHM); + EVPerr(EVP_F_EVP_PKEY2PKCS8_BROKEN, EVP_R_UNSUPPORTED_PRIVATE_KEY_ALGORITHM); PKCS8_PRIV_KEY_INFO_free (p8); return NULL; } RAND_add(p8->pkey->value.octet_string->data, - p8->pkey->value.octet_string->length, 0); + p8->pkey->value.octet_string->length, 0.0); return p8; } @@ -297,10 +431,8 @@ PKCS8_PRIV_KEY_INFO *PKCS8_set_broken(PKCS8_PRIV_KEY_INFO *p8, int broken) break; default: - EVPerr(EVP_F_EVP_PKCS8_SET_BROKEN,EVP_R_PKCS8_UNKNOWN_BROKEN_TYPE); + EVPerr(EVP_F_PKCS8_SET_BROKEN,EVP_R_PKCS8_UNKNOWN_BROKEN_TYPE); return NULL; - break; - } } @@ -317,24 +449,24 @@ static int dsa_pkey2pkcs8(PKCS8_PRIV_KEY_INFO *p8, EVP_PKEY *pkey) p8->pkeyalg->algorithm = OBJ_nid2obj(NID_dsa); len = i2d_DSAparams (pkey->pkey.dsa, NULL); if (!(p = OPENSSL_malloc(len))) { - EVPerr(EVP_F_EVP_PKEY2PKCS8,ERR_R_MALLOC_FAILURE); + EVPerr(EVP_F_DSA_PKEY2PKCS8,ERR_R_MALLOC_FAILURE); goto err; } q = p; i2d_DSAparams (pkey->pkey.dsa, &q); if (!(params = ASN1_STRING_new())) { - EVPerr(EVP_F_EVP_PKEY2PKCS8,ERR_R_MALLOC_FAILURE); + EVPerr(EVP_F_DSA_PKEY2PKCS8,ERR_R_MALLOC_FAILURE); goto err; } if (!ASN1_STRING_set(params, p, len)) { - EVPerr(EVP_F_EVP_PKEY2PKCS8,ERR_R_MALLOC_FAILURE); + EVPerr(EVP_F_DSA_PKEY2PKCS8,ERR_R_MALLOC_FAILURE); goto err; } OPENSSL_free(p); p = NULL; /* Get private key into integer */ if (!(prkey = BN_to_ASN1_INTEGER (pkey->pkey.dsa->priv_key, NULL))) { - EVPerr(EVP_F_EVP_PKEY2PKCS8,EVP_R_ENCODE_ERROR); + EVPerr(EVP_F_DSA_PKEY2PKCS8,EVP_R_ENCODE_ERROR); goto err; } @@ -343,9 +475,9 @@ static int dsa_pkey2pkcs8(PKCS8_PRIV_KEY_INFO *p8, EVP_PKEY *pkey) case PKCS8_OK: case PKCS8_NO_OCTET: - if (!ASN1_pack_string((char *)prkey, i2d_ASN1_INTEGER, + if (!ASN1_pack_string_of(ASN1_INTEGER,prkey, i2d_ASN1_INTEGER, &p8->pkey->value.octet_string)) { - EVPerr(EVP_F_EVP_PKEY2PKCS8,ERR_R_MALLOC_FAILURE); + EVPerr(EVP_F_DSA_PKEY2PKCS8,ERR_R_MALLOC_FAILURE); goto err; } @@ -363,39 +495,39 @@ static int dsa_pkey2pkcs8(PKCS8_PRIV_KEY_INFO *p8, EVP_PKEY *pkey) params = NULL; p8->pkeyalg->parameter->type = V_ASN1_SEQUENCE; if (!(ndsa = sk_ASN1_TYPE_new_null())) { - EVPerr(EVP_F_EVP_PKEY2PKCS8,ERR_R_MALLOC_FAILURE); + EVPerr(EVP_F_DSA_PKEY2PKCS8,ERR_R_MALLOC_FAILURE); goto err; } if (!(ttmp = ASN1_TYPE_new())) { - EVPerr(EVP_F_EVP_PKEY2PKCS8,ERR_R_MALLOC_FAILURE); + EVPerr(EVP_F_DSA_PKEY2PKCS8,ERR_R_MALLOC_FAILURE); goto err; } if (!(ttmp->value.integer = BN_to_ASN1_INTEGER(pkey->pkey.dsa->pub_key, NULL))) { - EVPerr(EVP_F_EVP_PKEY2PKCS8,EVP_R_ENCODE_ERROR); + EVPerr(EVP_F_DSA_PKEY2PKCS8,EVP_R_ENCODE_ERROR); goto err; } ttmp->type = V_ASN1_INTEGER; if (!sk_ASN1_TYPE_push(ndsa, ttmp)) { - EVPerr(EVP_F_EVP_PKEY2PKCS8,ERR_R_MALLOC_FAILURE); + EVPerr(EVP_F_DSA_PKEY2PKCS8,ERR_R_MALLOC_FAILURE); goto err; } if (!(ttmp = ASN1_TYPE_new())) { - EVPerr(EVP_F_EVP_PKEY2PKCS8,ERR_R_MALLOC_FAILURE); + EVPerr(EVP_F_DSA_PKEY2PKCS8,ERR_R_MALLOC_FAILURE); goto err; } ttmp->value.integer = prkey; prkey = NULL; ttmp->type = V_ASN1_INTEGER; if (!sk_ASN1_TYPE_push(ndsa, ttmp)) { - EVPerr(EVP_F_EVP_PKEY2PKCS8,ERR_R_MALLOC_FAILURE); + EVPerr(EVP_F_DSA_PKEY2PKCS8,ERR_R_MALLOC_FAILURE); goto err; } ttmp = NULL; if (!(p8->pkey->value.octet_string = ASN1_OCTET_STRING_new())) { - EVPerr(EVP_F_EVP_PKEY2PKCS8,ERR_R_MALLOC_FAILURE); + EVPerr(EVP_F_DSA_PKEY2PKCS8,ERR_R_MALLOC_FAILURE); goto err; } @@ -403,7 +535,7 @@ static int dsa_pkey2pkcs8(PKCS8_PRIV_KEY_INFO *p8, EVP_PKEY *pkey) &p8->pkey->value.octet_string->data, &p8->pkey->value.octet_string->length)) { - EVPerr(EVP_F_EVP_PKEY2PKCS8,ERR_R_MALLOC_FAILURE); + EVPerr(EVP_F_DSA_PKEY2PKCS8,ERR_R_MALLOC_FAILURE); goto err; } sk_ASN1_TYPE_pop_free(ndsa, ASN1_TYPE_free); @@ -413,36 +545,36 @@ static int dsa_pkey2pkcs8(PKCS8_PRIV_KEY_INFO *p8, EVP_PKEY *pkey) p8->pkeyalg->parameter->type = V_ASN1_NULL; if (!(ndsa = sk_ASN1_TYPE_new_null())) { - EVPerr(EVP_F_EVP_PKEY2PKCS8,ERR_R_MALLOC_FAILURE); + EVPerr(EVP_F_DSA_PKEY2PKCS8,ERR_R_MALLOC_FAILURE); goto err; } if (!(ttmp = ASN1_TYPE_new())) { - EVPerr(EVP_F_EVP_PKEY2PKCS8,ERR_R_MALLOC_FAILURE); + EVPerr(EVP_F_DSA_PKEY2PKCS8,ERR_R_MALLOC_FAILURE); goto err; } ttmp->value.sequence = params; params = NULL; ttmp->type = V_ASN1_SEQUENCE; if (!sk_ASN1_TYPE_push(ndsa, ttmp)) { - EVPerr(EVP_F_EVP_PKEY2PKCS8,ERR_R_MALLOC_FAILURE); + EVPerr(EVP_F_DSA_PKEY2PKCS8,ERR_R_MALLOC_FAILURE); goto err; } if (!(ttmp = ASN1_TYPE_new())) { - EVPerr(EVP_F_EVP_PKEY2PKCS8,ERR_R_MALLOC_FAILURE); + EVPerr(EVP_F_DSA_PKEY2PKCS8,ERR_R_MALLOC_FAILURE); goto err; } ttmp->value.integer = prkey; prkey = NULL; ttmp->type = V_ASN1_INTEGER; if (!sk_ASN1_TYPE_push(ndsa, ttmp)) { - EVPerr(EVP_F_EVP_PKEY2PKCS8,ERR_R_MALLOC_FAILURE); + EVPerr(EVP_F_DSA_PKEY2PKCS8,ERR_R_MALLOC_FAILURE); goto err; } ttmp = NULL; if (!(p8->pkey->value.octet_string = ASN1_OCTET_STRING_new())) { - EVPerr(EVP_F_EVP_PKEY2PKCS8,ERR_R_MALLOC_FAILURE); + EVPerr(EVP_F_DSA_PKEY2PKCS8,ERR_R_MALLOC_FAILURE); goto err; } @@ -450,7 +582,7 @@ static int dsa_pkey2pkcs8(PKCS8_PRIV_KEY_INFO *p8, EVP_PKEY *pkey) &p8->pkey->value.octet_string->data, &p8->pkey->value.octet_string->length)) { - EVPerr(EVP_F_EVP_PKEY2PKCS8,ERR_R_MALLOC_FAILURE); + EVPerr(EVP_F_DSA_PKEY2PKCS8,ERR_R_MALLOC_FAILURE); goto err; } sk_ASN1_TYPE_pop_free(ndsa, ASN1_TYPE_free); @@ -466,3 +598,197 @@ err: return 0; } #endif + +#ifndef OPENSSL_NO_EC +static int eckey_pkey2pkcs8(PKCS8_PRIV_KEY_INFO *p8, EVP_PKEY *pkey) +{ + EC_KEY *ec_key; + const EC_GROUP *group; + unsigned char *p, *pp; + int nid, i, ret = 0; + unsigned int tmp_flags, old_flags; + + ec_key = pkey->pkey.ec; + if (ec_key == NULL || (group = EC_KEY_get0_group(ec_key)) == NULL) + { + EVPerr(EVP_F_ECKEY_PKEY2PKCS8, EVP_R_MISSING_PARAMETERS); + return 0; + } + + /* set the ec parameters OID */ + if (p8->pkeyalg->algorithm) + ASN1_OBJECT_free(p8->pkeyalg->algorithm); + + p8->pkeyalg->algorithm = OBJ_nid2obj(NID_X9_62_id_ecPublicKey); + + /* set the ec parameters */ + + if (p8->pkeyalg->parameter) + { + ASN1_TYPE_free(p8->pkeyalg->parameter); + p8->pkeyalg->parameter = NULL; + } + + if ((p8->pkeyalg->parameter = ASN1_TYPE_new()) == NULL) + { + EVPerr(EVP_F_ECKEY_PKEY2PKCS8, ERR_R_MALLOC_FAILURE); + return 0; + } + + if (EC_GROUP_get_asn1_flag(group) + && (nid = EC_GROUP_get_curve_name(group))) + { + /* we have a 'named curve' => just set the OID */ + p8->pkeyalg->parameter->type = V_ASN1_OBJECT; + p8->pkeyalg->parameter->value.object = OBJ_nid2obj(nid); + } + else /* explicit parameters */ + { + if ((i = i2d_ECParameters(ec_key, NULL)) == 0) + { + EVPerr(EVP_F_ECKEY_PKEY2PKCS8, ERR_R_EC_LIB); + return 0; + } + if ((p = (unsigned char *) OPENSSL_malloc(i)) == NULL) + { + EVPerr(EVP_F_ECKEY_PKEY2PKCS8, ERR_R_MALLOC_FAILURE); + return 0; + } + pp = p; + if (!i2d_ECParameters(ec_key, &pp)) + { + EVPerr(EVP_F_ECKEY_PKEY2PKCS8, ERR_R_EC_LIB); + OPENSSL_free(p); + return 0; + } + p8->pkeyalg->parameter->type = V_ASN1_SEQUENCE; + if ((p8->pkeyalg->parameter->value.sequence + = ASN1_STRING_new()) == NULL) + { + EVPerr(EVP_F_ECKEY_PKEY2PKCS8, ERR_R_ASN1_LIB); + OPENSSL_free(p); + return 0; + } + ASN1_STRING_set(p8->pkeyalg->parameter->value.sequence, p, i); + OPENSSL_free(p); + } + + /* set the private key */ + + /* do not include the parameters in the SEC1 private key + * see PKCS#11 12.11 */ + old_flags = EC_KEY_get_enc_flags(pkey->pkey.ec); + tmp_flags = old_flags | EC_PKEY_NO_PARAMETERS; + EC_KEY_set_enc_flags(pkey->pkey.ec, tmp_flags); + i = i2d_ECPrivateKey(pkey->pkey.ec, NULL); + if (!i) + { + EC_KEY_set_enc_flags(pkey->pkey.ec, old_flags); + EVPerr(EVP_F_ECKEY_PKEY2PKCS8, ERR_R_EC_LIB); + return 0; + } + p = (unsigned char *) OPENSSL_malloc(i); + if (!p) + { + EC_KEY_set_enc_flags(pkey->pkey.ec, old_flags); + EVPerr(EVP_F_ECKEY_PKEY2PKCS8, ERR_R_MALLOC_FAILURE); + return 0; + } + pp = p; + if (!i2d_ECPrivateKey(pkey->pkey.ec, &pp)) + { + EC_KEY_set_enc_flags(pkey->pkey.ec, old_flags); + EVPerr(EVP_F_ECKEY_PKEY2PKCS8, ERR_R_EC_LIB); + OPENSSL_free(p); + return 0; + } + /* restore old encoding flags */ + EC_KEY_set_enc_flags(pkey->pkey.ec, old_flags); + + switch(p8->broken) { + + case PKCS8_OK: + p8->pkey->value.octet_string = ASN1_OCTET_STRING_new(); + if (!p8->pkey->value.octet_string || + !M_ASN1_OCTET_STRING_set(p8->pkey->value.octet_string, + (const void *)p, i)) + + { + EVPerr(EVP_F_ECKEY_PKEY2PKCS8, ERR_R_MALLOC_FAILURE); + } + else + ret = 1; + break; + case PKCS8_NO_OCTET: /* RSA specific */ + case PKCS8_NS_DB: /* DSA specific */ + case PKCS8_EMBEDDED_PARAM: /* DSA specific */ + default: + EVPerr(EVP_F_ECKEY_PKEY2PKCS8,EVP_R_ENCODE_ERROR); + } + OPENSSL_cleanse(p, (size_t)i); + OPENSSL_free(p); + return ret; +} +#endif + +/* EVP_PKEY attribute functions */ + +int EVP_PKEY_get_attr_count(const EVP_PKEY *key) +{ + return X509at_get_attr_count(key->attributes); +} + +int EVP_PKEY_get_attr_by_NID(const EVP_PKEY *key, int nid, + int lastpos) +{ + return X509at_get_attr_by_NID(key->attributes, nid, lastpos); +} + +int EVP_PKEY_get_attr_by_OBJ(const EVP_PKEY *key, ASN1_OBJECT *obj, + int lastpos) +{ + return X509at_get_attr_by_OBJ(key->attributes, obj, lastpos); +} + +X509_ATTRIBUTE *EVP_PKEY_get_attr(const EVP_PKEY *key, int loc) +{ + return X509at_get_attr(key->attributes, loc); +} + +X509_ATTRIBUTE *EVP_PKEY_delete_attr(EVP_PKEY *key, int loc) +{ + return X509at_delete_attr(key->attributes, loc); +} + +int EVP_PKEY_add1_attr(EVP_PKEY *key, X509_ATTRIBUTE *attr) +{ + if(X509at_add1_attr(&key->attributes, attr)) return 1; + return 0; +} + +int EVP_PKEY_add1_attr_by_OBJ(EVP_PKEY *key, + const ASN1_OBJECT *obj, int type, + const unsigned char *bytes, int len) +{ + if(X509at_add1_attr_by_OBJ(&key->attributes, obj, + type, bytes, len)) return 1; + return 0; +} + +int EVP_PKEY_add1_attr_by_NID(EVP_PKEY *key, + int nid, int type, + const unsigned char *bytes, int len) +{ + if(X509at_add1_attr_by_NID(&key->attributes, nid, + type, bytes, len)) return 1; + return 0; +} + +int EVP_PKEY_add1_attr_by_txt(EVP_PKEY *key, + const char *attrname, int type, + const unsigned char *bytes, int len) +{ + if(X509at_add1_attr_by_txt(&key->attributes, attrname, + type, bytes, len)) return 1; + return 0; +} diff --git a/src/lib/libssl/src/crypto/evp/evp_test.c b/src/lib/libssl/src/crypto/evp/evp_test.c index a624cfd248..bb6f02c2e9 100644 --- a/src/lib/libssl/src/crypto/evp/evp_test.c +++ b/src/lib/libssl/src/crypto/evp/evp_test.c @@ -52,6 +52,7 @@ #include "../e_os.h" +#include #include #ifndef OPENSSL_NO_ENGINE #include @@ -136,7 +137,7 @@ static void test1(const EVP_CIPHER *c,const unsigned char *key,int kn, const unsigned char *iv,int in, const unsigned char *plaintext,int pn, const unsigned char *ciphertext,int cn, - int encdec,int multiplier) + int encdec) { EVP_CIPHER_CTX ctx; unsigned char out[4096]; @@ -167,7 +168,7 @@ static void test1(const EVP_CIPHER *c,const unsigned char *key,int kn, } EVP_CIPHER_CTX_set_padding(&ctx,0); - if(!EVP_EncryptUpdate(&ctx,out,&outl,plaintext,pn*multiplier)) + if(!EVP_EncryptUpdate(&ctx,out,&outl,plaintext,pn)) { fprintf(stderr,"Encrypt failed\n"); ERR_print_errors_fp(stderr); @@ -180,7 +181,7 @@ static void test1(const EVP_CIPHER *c,const unsigned char *key,int kn, test1_exit(7); } - if(outl+outl2 != cn*multiplier) + if(outl+outl2 != cn) { fprintf(stderr,"Ciphertext length mismatch got %d expected %d\n", outl+outl2,cn); @@ -206,7 +207,7 @@ static void test1(const EVP_CIPHER *c,const unsigned char *key,int kn, } EVP_CIPHER_CTX_set_padding(&ctx,0); - if(!EVP_DecryptUpdate(&ctx,out,&outl,ciphertext,cn*multiplier)) + if(!EVP_DecryptUpdate(&ctx,out,&outl,ciphertext,cn)) { fprintf(stderr,"Decrypt failed\n"); ERR_print_errors_fp(stderr); @@ -219,7 +220,7 @@ static void test1(const EVP_CIPHER *c,const unsigned char *key,int kn, test1_exit(7); } - if(outl+outl2 != cn*multiplier) + if(outl+outl2 != cn) { fprintf(stderr,"Plaintext length mismatch got %d expected %d\n", outl+outl2,cn); @@ -244,7 +245,7 @@ static int test_cipher(const char *cipher,const unsigned char *key,int kn, const unsigned char *iv,int in, const unsigned char *plaintext,int pn, const unsigned char *ciphertext,int cn, - int encdec,int multiplier) + int encdec) { const EVP_CIPHER *c; @@ -252,7 +253,7 @@ static int test_cipher(const char *cipher,const unsigned char *key,int kn, if(!c) return 0; - test1(c,key,kn,iv,in,plaintext,pn,ciphertext,cn,encdec,multiplier); + test1(c,key,kn,iv,in,plaintext,pn,ciphertext,cn,encdec); return 1; } @@ -368,7 +369,6 @@ int main(int argc,char **argv) unsigned char *iv,*key,*plaintext,*ciphertext; int encdec; int kn,in,pn,cn; - int multiplier=1; if(!fgets((char *)line,sizeof line,f)) break; @@ -393,17 +393,44 @@ int main(int argc,char **argv) pn=convert(plaintext); cn=convert(ciphertext); - if(strchr(cipher,'*')) - { - p=cipher; - sstrsep(&p,"*"); - multiplier=atoi(sstrsep(&p,"*")); - } - - if(!test_cipher(cipher,key,kn,iv,in,plaintext,pn,ciphertext,cn,encdec, - multiplier) + if(!test_cipher(cipher,key,kn,iv,in,plaintext,pn,ciphertext,cn,encdec) && !test_digest(cipher,plaintext,pn,ciphertext,cn)) { +#ifdef OPENSSL_NO_AES + if (strstr(cipher, "AES") == cipher) + { + fprintf(stdout, "Cipher disabled, skipping %s\n", cipher); + continue; + } +#endif +#ifdef OPENSSL_NO_DES + if (strstr(cipher, "DES") == cipher) + { + fprintf(stdout, "Cipher disabled, skipping %s\n", cipher); + continue; + } +#endif +#ifdef OPENSSL_NO_RC4 + if (strstr(cipher, "RC4") == cipher) + { + fprintf(stdout, "Cipher disabled, skipping %s\n", cipher); + continue; + } +#endif +#ifdef OPENSSL_NO_CAMELLIA + if (strstr(cipher, "CAMELLIA") == cipher) + { + fprintf(stdout, "Cipher disabled, skipping %s\n", cipher); + continue; + } +#endif +#ifdef OPENSSL_NO_SEED + if (strstr(cipher, "SEED") == cipher) + { + fprintf(stdout, "Cipher disabled, skipping %s\n", cipher); + continue; + } +#endif fprintf(stderr,"Can't find %s\n",cipher); EXIT(3); } diff --git a/src/lib/libssl/src/crypto/evp/evptests.txt b/src/lib/libssl/src/crypto/evp/evptests.txt index dfe91a5bc0..beb12144b6 100644 --- a/src/lib/libssl/src/crypto/evp/evptests.txt +++ b/src/lib/libssl/src/crypto/evp/evptests.txt @@ -92,102 +92,7 @@ AES-256-CBC:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:000 AES-256-CBC:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:F58C4C04D6E5F1BA779EABFB5F7BFBD6:AE2D8A571E03AC9C9EB76FAC45AF8E51:9CFC4E967EDB808D679F777BC6702C7D AES-256-CBC:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:9CFC4E967EDB808D679F777BC6702C7D:30C81C46A35CE411E5FBC1191A0A52EF:39F23369A9D9BACFA530E26304231461 AES-256-CBC:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:39F23369A9D9BACFA530E26304231461:F69F2445DF4F9B17AD2B417BE66C3710:B2EB05E2C39BE9FCDA6C19078C6A9D1B - -# CFB1-AES128.Encrypt - -AES-128-CFB1:2b7e151628aed2a6abf7158809cf4f3c:000102030405060708090a0b0c0d0e0f:00:00:1 -AES-128-CFB1:2b7e151628aed2a6abf7158809cf4f3c:00020406080a0c0e10121416181a1c1e:80:80:1 -AES-128-CFB1:2b7e151628aed2a6abf7158809cf4f3c:0004080c1014181c2024282c3034383d:80:80:1 -AES-128-CFB1:2b7e151628aed2a6abf7158809cf4f3c:0008101820283038404850586068707b:00:00:1 -AES-128-CFB1:2b7e151628aed2a6abf7158809cf4f3c:00102030405060708090a0b0c0d0e0f6:80:80:1 -AES-128-CFB1:2b7e151628aed2a6abf7158809cf4f3c:0020406080a0c0e10121416181a1c1ed:00:00:1 -AES-128-CFB1:2b7e151628aed2a6abf7158809cf4f3c:004080c1014181c2024282c3034383da:80:00:1 -AES-128-CFB1:2b7e151628aed2a6abf7158809cf4f3c:008101820283038404850586068707b4:80:00:1 -AES-128-CFB1:2b7e151628aed2a6abf7158809cf4f3c:0102030405060708090a0b0c0d0e0f68:80:80:1 -AES-128-CFB1:2b7e151628aed2a6abf7158809cf4f3c:020406080a0c0e10121416181a1c1ed1:80:00:1 -AES-128-CFB1:2b7e151628aed2a6abf7158809cf4f3c:04080c1014181c2024282c3034383da2:00:80:1 -AES-128-CFB1:2b7e151628aed2a6abf7158809cf4f3c:08101820283038404850586068707b45:00:80:1 -AES-128-CFB1:2b7e151628aed2a6abf7158809cf4f3c:102030405060708090a0b0c0d0e0f68b:00:00:1 -AES-128-CFB1:2b7e151628aed2a6abf7158809cf4f3c:20406080a0c0e10121416181a1c1ed16:00:00:1 -AES-128-CFB1:2b7e151628aed2a6abf7158809cf4f3c:4080c1014181c2024282c3034383da2c:00:80:1 -AES-128-CFB1:2b7e151628aed2a6abf7158809cf4f3c:8101820283038404850586068707b459:80:80:1 -# all of the above packed into one... -# in: 0110 1011 1100 0001 = 6bc1 -# out: 0110 1000 1011 0011 = 68b3 -AES-128-CFB1*8:2b7e151628aed2a6abf7158809cf4f3c:000102030405060708090a0b0c0d0e0f:6bc1:68b3:1 - -# CFB1-AES128.Decrypt -AES-128-CFB1:2b7e151628aed2a6abf7158809cf4f3c:000102030405060708090a0b0c0d0e0f:00:00:0 -AES-128-CFB1:2b7e151628aed2a6abf7158809cf4f3c:00020406080a0c0e10121416181a1c1e:80:80:0 -AES-128-CFB1:2b7e151628aed2a6abf7158809cf4f3c:0004080c1014181c2024282c3034383d:80:80:0 -AES-128-CFB1:2b7e151628aed2a6abf7158809cf4f3c:0008101820283038404850586068707b:00:00:0 -AES-128-CFB1:2b7e151628aed2a6abf7158809cf4f3c:00102030405060708090a0b0c0d0e0f6:80:80:0 -AES-128-CFB1:2b7e151628aed2a6abf7158809cf4f3c:0020406080a0c0e10121416181a1c1ed:00:00:0 -AES-128-CFB1:2b7e151628aed2a6abf7158809cf4f3c:004080c1014181c2024282c3034383da:80:00:0 -AES-128-CFB1:2b7e151628aed2a6abf7158809cf4f3c:008101820283038404850586068707b4:80:00:0 -AES-128-CFB1:2b7e151628aed2a6abf7158809cf4f3c:0102030405060708090a0b0c0d0e0f68:80:80:0 -AES-128-CFB1:2b7e151628aed2a6abf7158809cf4f3c:020406080a0c0e10121416181a1c1ed1:80:00:0 -AES-128-CFB1:2b7e151628aed2a6abf7158809cf4f3c:04080c1014181c2024282c3034383da2:00:80:0 -AES-128-CFB1:2b7e151628aed2a6abf7158809cf4f3c:08101820283038404850586068707b45:00:80:0 -AES-128-CFB1:2b7e151628aed2a6abf7158809cf4f3c:102030405060708090a0b0c0d0e0f68b:00:00:0 -AES-128-CFB1:2b7e151628aed2a6abf7158809cf4f3c:20406080a0c0e10121416181a1c1ed16:00:00:0 -AES-128-CFB1:2b7e151628aed2a6abf7158809cf4f3c:4080c1014181c2024282c3034383da2c:00:80:0 -AES-128-CFB1:2b7e151628aed2a6abf7158809cf4f3c:8101820283038404850586068707b459:80:80:0 -# all of the above packed into one... -# in: 0110 1000 1011 0011 = 68b3 -# out: 0110 1011 1100 0001 = 6bc1 -AES-128-CFB1*8:2b7e151628aed2a6abf7158809cf4f3c:000102030405060708090a0b0c0d0e0f:6bc1:68b3:0 - -# TODO: CFB1-AES192 and 256 - -# CFB8-AES128.Encrypt - -AES-128-CFB8:2b7e151628aed2a6abf7158809cf4f3c:000102030405060708090a0b0c0d0e0f:6b:3b:1 -AES-128-CFB8:2b7e151628aed2a6abf7158809cf4f3c:0102030405060708090a0b0c0d0e0f3b:c1:79:1 -AES-128-CFB8:2b7e151628aed2a6abf7158809cf4f3c:02030405060708090a0b0c0d0e0f3b79:be:42:1 -AES-128-CFB8:2b7e151628aed2a6abf7158809cf4f3c:030405060708090a0b0c0d0e0f3b7942:e2:4c:1 -AES-128-CFB8:2b7e151628aed2a6abf7158809cf4f3c:0405060708090a0b0c0d0e0f3b79424c:2e:9c:1 -AES-128-CFB8:2b7e151628aed2a6abf7158809cf4f3c:05060708090a0b0c0d0e0f3b79424c9c:40:0d:1 -AES-128-CFB8:2b7e151628aed2a6abf7158809cf4f3c:060708090a0b0c0d0e0f3b79424c9c0d:9f:d4:1 -AES-128-CFB8:2b7e151628aed2a6abf7158809cf4f3c:0708090a0b0c0d0e0f3b79424c9c0dd4:96:36:1 -AES-128-CFB8:2b7e151628aed2a6abf7158809cf4f3c:08090a0b0c0d0e0f3b79424c9c0dd436:e9:ba:1 -AES-128-CFB8:2b7e151628aed2a6abf7158809cf4f3c:090a0b0c0d0e0f3b79424c9c0dd436ba:3d:ce:1 -AES-128-CFB8:2b7e151628aed2a6abf7158809cf4f3c:0a0b0c0d0e0f3b79424c9c0dd436bace:7e:9e:1 -AES-128-CFB8:2b7e151628aed2a6abf7158809cf4f3c:0b0c0d0e0f3b79424c9c0dd436bace9e:11:0e:1 -AES-128-CFB8:2b7e151628aed2a6abf7158809cf4f3c:0c0d0e0f3b79424c9c0dd436bace9e0e:73:d4:1 -AES-128-CFB8:2b7e151628aed2a6abf7158809cf4f3c:0d0e0f3b79424c9c0dd436bace9e0ed4:93:58:1 -AES-128-CFB8:2b7e151628aed2a6abf7158809cf4f3c:0e0f3b79424c9c0dd436bace9e0ed458:17:6a:1 -AES-128-CFB8:2b7e151628aed2a6abf7158809cf4f3c:0f3b79424c9c0dd436bace9e0ed4586a:2a:4f:1 -AES-128-CFB8:2b7e151628aed2a6abf7158809cf4f3c:3b79424c9c0dd436bace9e0ed4586a4f:ae:32:1 -AES-128-CFB8:2b7e151628aed2a6abf7158809cf4f3c:79424c9c0dd436bace9e0ed4586a4f32:2d:b9:1 -# all of the above packed into one -AES-128-CFB8:2b7e151628aed2a6abf7158809cf4f3c:000102030405060708090a0b0c0d0e0f:6bc1bee22e409f96e93d7e117393172aae2d:3b79424c9c0dd436bace9e0ed4586a4f32b9:1 - -# CFB8-AES128.Decrypt - -AES-128-CFB8:2b7e151628aed2a6abf7158809cf4f3c:000102030405060708090a0b0c0d0e0f:6b:3b:0 -AES-128-CFB8:2b7e151628aed2a6abf7158809cf4f3c:0102030405060708090a0b0c0d0e0f3b:c1:79:0 -AES-128-CFB8:2b7e151628aed2a6abf7158809cf4f3c:02030405060708090a0b0c0d0e0f3b79:be:42:0 -AES-128-CFB8:2b7e151628aed2a6abf7158809cf4f3c:030405060708090a0b0c0d0e0f3b7942:e2:4c:0 -AES-128-CFB8:2b7e151628aed2a6abf7158809cf4f3c:0405060708090a0b0c0d0e0f3b79424c:2e:9c:0 -AES-128-CFB8:2b7e151628aed2a6abf7158809cf4f3c:05060708090a0b0c0d0e0f3b79424c9c:40:0d:0 -AES-128-CFB8:2b7e151628aed2a6abf7158809cf4f3c:060708090a0b0c0d0e0f3b79424c9c0d:9f:d4:0 -AES-128-CFB8:2b7e151628aed2a6abf7158809cf4f3c:0708090a0b0c0d0e0f3b79424c9c0dd4:96:36:0 -AES-128-CFB8:2b7e151628aed2a6abf7158809cf4f3c:08090a0b0c0d0e0f3b79424c9c0dd436:e9:ba:0 -AES-128-CFB8:2b7e151628aed2a6abf7158809cf4f3c:090a0b0c0d0e0f3b79424c9c0dd436ba:3d:ce:0 -AES-128-CFB8:2b7e151628aed2a6abf7158809cf4f3c:0a0b0c0d0e0f3b79424c9c0dd436bace:7e:9e:0 -AES-128-CFB8:2b7e151628aed2a6abf7158809cf4f3c:0b0c0d0e0f3b79424c9c0dd436bace9e:11:0e:0 -AES-128-CFB8:2b7e151628aed2a6abf7158809cf4f3c:0c0d0e0f3b79424c9c0dd436bace9e0e:73:d4:0 -AES-128-CFB8:2b7e151628aed2a6abf7158809cf4f3c:0d0e0f3b79424c9c0dd436bace9e0ed4:93:58:0 -AES-128-CFB8:2b7e151628aed2a6abf7158809cf4f3c:0e0f3b79424c9c0dd436bace9e0ed458:17:6a:0 -AES-128-CFB8:2b7e151628aed2a6abf7158809cf4f3c:0f3b79424c9c0dd436bace9e0ed4586a:2a:4f:0 -AES-128-CFB8:2b7e151628aed2a6abf7158809cf4f3c:3b79424c9c0dd436bace9e0ed4586a4f:ae:32:0 -AES-128-CFB8:2b7e151628aed2a6abf7158809cf4f3c:79424c9c0dd436bace9e0ed4586a4f32:2d:b9:0 -# all of the above packed into one -AES-128-CFB8:2b7e151628aed2a6abf7158809cf4f3c:000102030405060708090a0b0c0d0e0f:6bc1bee22e409f96e93d7e117393172aae2d:3b79424c9c0dd436bace9e0ed4586a4f32b9:0 - -# TODO: 192 and 256 bit keys - +# We don't support CFB{1,8}-AESxxx.{En,De}crypt # For all CFB128 encrypts and decrypts, the transformed sequence is # AES-bits-CFB:key:IV/ciphertext':plaintext:ciphertext:encdec # CFB128-AES128.Encrypt @@ -269,16 +174,6 @@ DESX-CBC:0123456789abcdeff1e0d3c2b5a49786fedcba9876543210:fedcba9876543210:37363 # DES EDE3 CBC tests (from destest) DES-EDE3-CBC:0123456789abcdeff1e0d3c2b5a49786fedcba9876543210:fedcba9876543210:37363534333231204E6F77206973207468652074696D6520666F722000000000:3FE301C962AC01D02213763C1CBD4CDC799657C064ECF5D41C673812CFDE9675 -# DES CFB1 from FIPS 81 -# plaintext: 0100 1110 0110 1111 0111 0111 = 4e6f77 -# ciphertext: 1100 1101 0001 1110 1100 1001 = cd1ec9 - -DES-CFB1*8:0123456789abcdef:1234567890abcdef:4e6f77:cd1ec9 - -# DES CFB8 from FIPS 81 - -DES-CFB8:0123456789abcdef:1234567890abcdef:4e6f7720697320746865:f31fda07011462ee187f - # RC4 tests (from rc4test) RC4:0123456789abcdef0123456789abcdef::0123456789abcdef:75b7878099e0c596 RC4:0123456789abcdef0123456789abcdef::0000000000000000:7494c2e7104b0879 @@ -286,3 +181,141 @@ RC4:00000000000000000000000000000000::0000000000000000:de188941a3375d3a RC4:ef012345ef012345ef012345ef012345::0000000000000000000000000000000000000000:d6a141a7ec3c38dfbd615a1162e1c7ba36b67858 RC4:0123456789abcdef0123456789abcdef::123456789ABCDEF0123456789ABCDEF0123456789ABCDEF012345678:66a0949f8af7d6891f7f832ba833c00c892ebe30143ce28740011ecf RC4:ef012345ef012345ef012345ef012345::00000000000000000000:d6a141a7ec3c38dfbd61 + + +# Camellia tests from RFC3713 +# For all ECB encrypts and decrypts, the transformed sequence is +# CAMELLIA-bits-ECB:key::plaintext:ciphertext:encdec +CAMELLIA-128-ECB:0123456789abcdeffedcba9876543210::0123456789abcdeffedcba9876543210:67673138549669730857065648eabe43 +CAMELLIA-192-ECB:0123456789abcdeffedcba98765432100011223344556677::0123456789abcdeffedcba9876543210:b4993401b3e996f84ee5cee7d79b09b9 +CAMELLIA-256-ECB:0123456789abcdeffedcba987654321000112233445566778899aabbccddeeff::0123456789abcdeffedcba9876543210:9acc237dff16d76c20ef7c919e3a7509 + +# ECB-CAMELLIA128.Encrypt +CAMELLIA-128-ECB:000102030405060708090A0B0C0D0E0F::00112233445566778899AABBCCDDEEFF:77CF412067AF8270613529149919546F:1 +CAMELLIA-192-ECB:000102030405060708090A0B0C0D0E0F1011121314151617::00112233445566778899AABBCCDDEEFF:B22F3C36B72D31329EEE8ADDC2906C68:1 +CAMELLIA-256-ECB:000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F::00112233445566778899AABBCCDDEEFF:2EDF1F3418D53B88841FC8985FB1ECF2:1 + +# ECB-CAMELLIA128.Encrypt and ECB-CAMELLIA128.Decrypt +CAMELLIA-128-ECB:2B7E151628AED2A6ABF7158809CF4F3C::6BC1BEE22E409F96E93D7E117393172A:432FC5DCD628115B7C388D770B270C96 +CAMELLIA-128-ECB:2B7E151628AED2A6ABF7158809CF4F3C::AE2D8A571E03AC9C9EB76FAC45AF8E51:0BE1F14023782A22E8384C5ABB7FAB2B +CAMELLIA-128-ECB:2B7E151628AED2A6ABF7158809CF4F3C::30C81C46A35CE411E5FBC1191A0A52EF:A0A1ABCD1893AB6FE0FE5B65DF5F8636 +CAMELLIA-128-ECB:2B7E151628AED2A6ABF7158809CF4F3C::F69F2445DF4F9B17AD2B417BE66C3710:E61925E0D5DFAA9BB29F815B3076E51A + +# ECB-CAMELLIA192.Encrypt and ECB-CAMELLIA192.Decrypt +CAMELLIA-192-ECB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B::6BC1BEE22E409F96E93D7E117393172A:CCCC6C4E138B45848514D48D0D3439D3 +CAMELLIA-192-ECB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B::AE2D8A571E03AC9C9EB76FAC45AF8E51:5713C62C14B2EC0F8393B6AFD6F5785A +CAMELLIA-192-ECB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B::30C81C46A35CE411E5FBC1191A0A52EF:B40ED2B60EB54D09D030CF511FEEF366 +CAMELLIA-192-ECB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B::F69F2445DF4F9B17AD2B417BE66C3710:909DBD95799096748CB27357E73E1D26 + +# ECB-CAMELLIA256.Encrypt and ECB-CAMELLIA256.Decrypt +CAMELLIA-256-ECB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4::6BC1BEE22E409F96E93D7E117393172A:BEFD219B112FA00098919CD101C9CCFA +CAMELLIA-256-ECB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4::AE2D8A571E03AC9C9EB76FAC45AF8E51:C91D3A8F1AEA08A9386CF4B66C0169EA +CAMELLIA-256-ECB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4::30C81C46A35CE411E5FBC1191A0A52EF:A623D711DC5F25A51BB8A80D56397D28 +CAMELLIA-256-ECB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4::F69F2445DF4F9B17AD2B417BE66C3710:7960109FB6DC42947FCFE59EA3C5EB6B + +# For all CBC encrypts and decrypts, the transformed sequence is +# CAMELLIA-bits-CBC:key:IV/ciphertext':plaintext:ciphertext:encdec +# CBC-CAMELLIA128.Encrypt and CBC-CAMELLIA128.Decrypt +CAMELLIA-128-CBC:2B7E151628AED2A6ABF7158809CF4F3C:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:1607CF494B36BBF00DAEB0B503C831AB +CAMELLIA-128-CBC:2B7E151628AED2A6ABF7158809CF4F3C:1607CF494B36BBF00DAEB0B503C831AB:AE2D8A571E03AC9C9EB76FAC45AF8E51:A2F2CF671629EF7840C5A5DFB5074887 +CAMELLIA-128-CBC:2B7E151628AED2A6ABF7158809CF4F3C:A2F2CF671629EF7840C5A5DFB5074887:30C81C46A35CE411E5FBC1191A0A52EF:0F06165008CF8B8B5A63586362543E54 +CAMELLIA-128-CBC:2B7E151628AED2A6ABF7158809CF4F3C:36A84CDAFD5F9A85ADA0F0A993D6D577:F69F2445DF4F9B17AD2B417BE66C3710:74C64268CDB8B8FAF5B34E8AF3732980 + +# CBC-CAMELLIA192.Encrypt and CBC-CAMELLIA192.Decrypt +CAMELLIA-192-CBC:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:2A4830AB5AC4A1A2405955FD2195CF93 +CAMELLIA-192-CBC:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:2A4830AB5AC4A1A2405955FD2195CF93:AE2D8A571E03AC9C9EB76FAC45AF8E51:5D5A869BD14CE54264F892A6DD2EC3D5 +CAMELLIA-192-CBC:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:5D5A869BD14CE54264F892A6DD2EC3D5:30C81C46A35CE411E5FBC1191A0A52EF:37D359C3349836D884E310ADDF68C449 +CAMELLIA-192-CBC:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:37D359C3349836D884E310ADDF68C449:F69F2445DF4F9B17AD2B417BE66C3710:01FAAA930B4AB9916E9668E1428C6B08 + +# CBC-CAMELLIA256.Encrypt and CBC-CAMELLIA256.Decrypt +CAMELLIA-256-CBC:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:E6CFA35FC02B134A4D2C0B6737AC3EDA +CAMELLIA-256-CBC:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:E6CFA35FC02B134A4D2C0B6737AC3EDA:AE2D8A571E03AC9C9EB76FAC45AF8E51:36CBEB73BD504B4070B1B7DE2B21EB50 +CAMELLIA-256-CBC:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:36CBEB73BD504B4070B1B7DE2B21EB50:30C81C46A35CE411E5FBC1191A0A52EF:E31A6055297D96CA3330CDF1B1860A83 +CAMELLIA-256-CBC:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:E31A6055297D96CA3330CDF1B1860A83:F69F2445DF4F9B17AD2B417BE66C3710:5D563F6D1CCCF236051C0C5C1C58F28F + +# We don't support CFB{1,8}-CAMELLIAxxx.{En,De}crypt +# For all CFB128 encrypts and decrypts, the transformed sequence is +# CAMELLIA-bits-CFB:key:IV/ciphertext':plaintext:ciphertext:encdec +# CFB128-CAMELLIA128.Encrypt +CAMELLIA-128-CFB:2B7E151628AED2A6ABF7158809CF4F3C:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:14F7646187817EB586599146B82BD719:1 +CAMELLIA-128-CFB:2B7E151628AED2A6ABF7158809CF4F3C:14F7646187817EB586599146B82BD719:AE2D8A571E03AC9C9EB76FAC45AF8E51:A53D28BB82DF741103EA4F921A44880B:1 +CAMELLIA-128-CFB:2B7E151628AED2A6ABF7158809CF4F3C:A53D28BB82DF741103EA4F921A44880B:30C81C46A35CE411E5FBC1191A0A52EF:9C2157A664626D1DEF9EA420FDE69B96:1 +CAMELLIA-128-CFB:2B7E151628AED2A6ABF7158809CF4F3C:9C2157A664626D1DEF9EA420FDE69B96:F69F2445DF4F9B17AD2B417BE66C3710:742A25F0542340C7BAEF24CA8482BB09:1 + +# CFB128-CAMELLIA128.Decrypt +CAMELLIA-128-CFB:2B7E151628AED2A6ABF7158809CF4F3C:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:14F7646187817EB586599146B82BD719:0 +CAMELLIA-128-CFB:2B7E151628AED2A6ABF7158809CF4F3C:14F7646187817EB586599146B82BD719:AE2D8A571E03AC9C9EB76FAC45AF8E51:A53D28BB82DF741103EA4F921A44880B:0 +CAMELLIA-128-CFB:2B7E151628AED2A6ABF7158809CF4F3C:A53D28BB82DF741103EA4F921A44880B:30C81C46A35CE411E5FBC1191A0A52EF:9C2157A664626D1DEF9EA420FDE69B96:0 +CAMELLIA-128-CFB:2B7E151628AED2A6ABF7158809CF4F3C:9C2157A664626D1DEF9EA420FDE69B96:F69F2445DF4F9B17AD2B417BE66C3710:742A25F0542340C7BAEF24CA8482BB09:0 + +# CFB128-CAMELLIA192.Encrypt +CAMELLIA-192-CFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:C832BB9780677DAA82D9B6860DCD565E:1 +CAMELLIA-192-CFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:C832BB9780677DAA82D9B6860DCD565E:AE2D8A571E03AC9C9EB76FAC45AF8E51:86F8491627906D780C7A6D46EA331F98:1 +CAMELLIA-192-CFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:86F8491627906D780C7A6D46EA331F98:30C81C46A35CE411E5FBC1191A0A52EF:69511CCE594CF710CB98BB63D7221F01:1 +CAMELLIA-192-CFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:69511CCE594CF710CB98BB63D7221F01:F69F2445DF4F9B17AD2B417BE66C3710:D5B5378A3ABED55803F25565D8907B84:1 + +# CFB128-CAMELLIA192.Decrypt +CAMELLIA-192-CFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:C832BB9780677DAA82D9B6860DCD565E:0 +CAMELLIA-192-CFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:C832BB9780677DAA82D9B6860DCD565E:AE2D8A571E03AC9C9EB76FAC45AF8E51:86F8491627906D780C7A6D46EA331F98:0 +CAMELLIA-192-CFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:86F8491627906D780C7A6D46EA331F98:30C81C46A35CE411E5FBC1191A0A52EF:69511CCE594CF710CB98BB63D7221F01:0 +CAMELLIA-192-CFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:69511CCE594CF710CB98BB63D7221F01:F69F2445DF4F9B17AD2B417BE66C3710:D5B5378A3ABED55803F25565D8907B84:0 + +# CFB128-CAMELLIA256.Encrypt +CAMELLIA-256-CFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:CF6107BB0CEA7D7FB1BD31F5E7B06C93:1 +CAMELLIA-256-CFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:CF6107BB0CEA7D7FB1BD31F5E7B06C93:AE2D8A571E03AC9C9EB76FAC45AF8E51:89BEDB4CCDD864EA11BA4CBE849B5E2B:1 +CAMELLIA-256-CFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:89BEDB4CCDD864EA11BA4CBE849B5E2B:30C81C46A35CE411E5FBC1191A0A52EF:555FC3F34BDD2D54C62D9E3BF338C1C4:1 +CAMELLIA-256-CFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:555FC3F34BDD2D54C62D9E3BF338C1C4:F69F2445DF4F9B17AD2B417BE66C3710:5953ADCE14DB8C7F39F1BD39F359BFFA:1 + +# CFB128-CAMELLIA256.Decrypt +CAMELLIA-256-CFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:CF6107BB0CEA7D7FB1BD31F5E7B06C93:0 +CAMELLIA-256-CFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:CF6107BB0CEA7D7FB1BD31F5E7B06C93:AE2D8A571E03AC9C9EB76FAC45AF8E51:89BEDB4CCDD864EA11BA4CBE849B5E2B:0 +CAMELLIA-256-CFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:89BEDB4CCDD864EA11BA4CBE849B5E2B:30C81C46A35CE411E5FBC1191A0A52EF:555FC3F34BDD2D54C62D9E3BF338C1C4:0 +CAMELLIA-256-CFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:555FC3F34BDD2D54C62D9E3BF338C1C4:F69F2445DF4F9B17AD2B417BE66C3710:5953ADCE14DB8C7F39F1BD39F359BFFA:0 + +# For all OFB encrypts and decrypts, the transformed sequence is +# CAMELLIA-bits-OFB:key:IV/output':plaintext:ciphertext:encdec +# OFB-CAMELLIA128.Encrypt +CAMELLIA-128-OFB:2B7E151628AED2A6ABF7158809CF4F3C:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:14F7646187817EB586599146B82BD719:1 +CAMELLIA-128-OFB:2B7E151628AED2A6ABF7158809CF4F3C:50FE67CC996D32B6DA0937E99BAFEC60:AE2D8A571E03AC9C9EB76FAC45AF8E51:25623DB569CA51E01482649977E28D84:1 +CAMELLIA-128-OFB:2B7E151628AED2A6ABF7158809CF4F3C:D9A4DADA0892239F6B8B3D7680E15674:30C81C46A35CE411E5FBC1191A0A52EF:C776634A60729DC657D12B9FCA801E98:1 +CAMELLIA-128-OFB:2B7E151628AED2A6ABF7158809CF4F3C:A78819583F0308E7A6BF36B1386ABF23:F69F2445DF4F9B17AD2B417BE66C3710:D776379BE0E50825E681DA1A4C980E8E:1 + +# OFB-CAMELLIA128.Decrypt +CAMELLIA-128-OFB:2B7E151628AED2A6ABF7158809CF4F3C:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:14F7646187817EB586599146B82BD719:0 +CAMELLIA-128-OFB:2B7E151628AED2A6ABF7158809CF4F3C:50FE67CC996D32B6DA0937E99BAFEC60:AE2D8A571E03AC9C9EB76FAC45AF8E51:25623DB569CA51E01482649977E28D84:0 +CAMELLIA-128-OFB:2B7E151628AED2A6ABF7158809CF4F3C:D9A4DADA0892239F6B8B3D7680E15674:30C81C46A35CE411E5FBC1191A0A52EF:C776634A60729DC657D12B9FCA801E98:0 +CAMELLIA-128-OFB:2B7E151628AED2A6ABF7158809CF4F3C:A78819583F0308E7A6BF36B1386ABF23:F69F2445DF4F9B17AD2B417BE66C3710:D776379BE0E50825E681DA1A4C980E8E:0 + +# OFB-CAMELLIA192.Encrypt +CAMELLIA-192-OFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:C832BB9780677DAA82D9B6860DCD565E:1 +CAMELLIA-192-OFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:A609B38DF3B1133DDDFF2718BA09565E:AE2D8A571E03AC9C9EB76FAC45AF8E51:8ECEB7D0350D72C7F78562AEBDF99339:1 +CAMELLIA-192-OFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:52EF01DA52602FE0975F78AC84BF8A50:30C81C46A35CE411E5FBC1191A0A52EF:BDD62DBBB9700846C53B507F544696F0:1 +CAMELLIA-192-OFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:BD5286AC63AABD7EB067AC54B553F71D:F69F2445DF4F9B17AD2B417BE66C3710:E28014E046B802F385C4C2E13EAD4A72:1 + +# OFB-CAMELLIA192.Decrypt +CAMELLIA-192-OFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:C832BB9780677DAA82D9B6860DCD565E:0 +CAMELLIA-192-OFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:A609B38DF3B1133DDDFF2718BA09565E:AE2D8A571E03AC9C9EB76FAC45AF8E51:8ECEB7D0350D72C7F78562AEBDF99339:0 +CAMELLIA-192-OFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:52EF01DA52602FE0975F78AC84BF8A50:30C81C46A35CE411E5FBC1191A0A52EF:BDD62DBBB9700846C53B507F544696F0:0 +CAMELLIA-192-OFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:BD5286AC63AABD7EB067AC54B553F71D:F69F2445DF4F9B17AD2B417BE66C3710:E28014E046B802F385C4C2E13EAD4A72:0 + +# OFB-CAMELLIA256.Encrypt +CAMELLIA-256-OFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:CF6107BB0CEA7D7FB1BD31F5E7B06C93:1 +CAMELLIA-256-OFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:B7BF3A5DF43989DD97F0FA97EBCE2F4A:AE2D8A571E03AC9C9EB76FAC45AF8E51:127AD97E8E3994E4820027D7BA109368:1 +CAMELLIA-256-OFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:E1C656305ED1A7A6563805746FE03EDC:30C81C46A35CE411E5FBC1191A0A52EF:6BFF6265A6A6B7A535BC65A80B17214E:1 +CAMELLIA-256-OFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:41635BE625B48AFC1666DD42A09D96E7:F69F2445DF4F9B17AD2B417BE66C3710:0A4A0404E26AA78A27CB271E8BF3CF20:1 + +# OFB-CAMELLIA256.Decrypt +CAMELLIA-256-OFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:CF6107BB0CEA7D7FB1BD31F5E7B06C93:0 +CAMELLIA-256-OFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:B7BF3A5DF43989DD97F0FA97EBCE2F4A:AE2D8A571E03AC9C9EB76FAC45AF8E51:127AD97E8E3994E4820027D7BA109368:0 +CAMELLIA-256-OFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:E1C656305ED1A7A6563805746FE03EDC:30C81C46A35CE411E5FBC1191A0A52EF:6BFF6265A6A6B7A535BC65A80B17214E:0 +CAMELLIA-256-OFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:41635BE625B48AFC1666DD42A09D96E7:F69F2445DF4F9B17AD2B417BE66C3710:0A4A0404E26AA78A27CB271E8BF3CF20:0 + +# SEED test vectors from RFC4269 +SEED-ECB:00000000000000000000000000000000::000102030405060708090A0B0C0D0E0F:5EBAC6E0054E166819AFF1CC6D346CDB:0 +SEED-ECB:000102030405060708090A0B0C0D0E0F::00000000000000000000000000000000:C11F22F20140505084483597E4370F43:0 +SEED-ECB:4706480851E61BE85D74BFB3FD956185::83A2F8A288641FB9A4E9A5CC2F131C7D:EE54D13EBCAE706D226BC3142CD40D4A:0 +SEED-ECB:28DBC3BC49FFD87DCFA509B11D422BE7::B41E6BE2EBA84A148E2EED84593C5EC7:9B9B7BFCD1813CB95D0B3618F40F5122:0 +SEED-ECB:00000000000000000000000000000000::000102030405060708090A0B0C0D0E0F:5EBAC6E0054E166819AFF1CC6D346CDB:1 +SEED-ECB:000102030405060708090A0B0C0D0E0F::00000000000000000000000000000000:C11F22F20140505084483597E4370F43:1 +SEED-ECB:4706480851E61BE85D74BFB3FD956185::83A2F8A288641FB9A4E9A5CC2F131C7D:EE54D13EBCAE706D226BC3142CD40D4A:1 +SEED-ECB:28DBC3BC49FFD87DCFA509B11D422BE7::B41E6BE2EBA84A148E2EED84593C5EC7:9B9B7BFCD1813CB95D0B3618F40F5122:1 diff --git a/src/lib/libssl/src/crypto/evp/m_dss.c b/src/lib/libssl/src/crypto/evp/m_dss.c index d393eb3400..a948c77fa4 100644 --- a/src/lib/libssl/src/crypto/evp/m_dss.c +++ b/src/lib/libssl/src/crypto/evp/m_dss.c @@ -61,12 +61,16 @@ #include #include #include +#ifndef OPENSSL_NO_DSA +#include +#endif #ifndef OPENSSL_NO_SHA + static int init(EVP_MD_CTX *ctx) { return SHA1_Init(ctx->md_data); } -static int update(EVP_MD_CTX *ctx,const void *data,unsigned long count) +static int update(EVP_MD_CTX *ctx,const void *data,size_t count) { return SHA1_Update(ctx->md_data,data,count); } static int final(EVP_MD_CTX *ctx,unsigned char *md) @@ -77,7 +81,7 @@ static const EVP_MD dsa_md= NID_dsaWithSHA, NID_dsaWithSHA, SHA_DIGEST_LENGTH, - EVP_MD_FLAG_FIPS, + 0, init, update, final, diff --git a/src/lib/libssl/src/crypto/evp/m_dss1.c b/src/lib/libssl/src/crypto/evp/m_dss1.c index 23b90d0538..c12e13972b 100644 --- a/src/lib/libssl/src/crypto/evp/m_dss1.c +++ b/src/lib/libssl/src/crypto/evp/m_dss1.c @@ -56,25 +56,23 @@ * [including the GNU Public Licence.] */ -#ifndef OPENSSL_NO_SHA #include #include "cryptlib.h" + +#ifndef OPENSSL_NO_SHA + #include #include #include +#ifndef OPENSSL_NO_DSA +#include +#endif static int init(EVP_MD_CTX *ctx) { return SHA1_Init(ctx->md_data); } -static int update(EVP_MD_CTX *ctx,const void *data,unsigned long count) -#ifndef OPENSSL_FIPS +static int update(EVP_MD_CTX *ctx,const void *data,size_t count) { return SHA1_Update(ctx->md_data,data,count); } -#else - { - OPENSSL_assert(sizeof(count)<=sizeof(size_t)); - return SHA1_Update(ctx->md_data,data,count); - } -#endif static int final(EVP_MD_CTX *ctx,unsigned char *md) { return SHA1_Final(md,ctx->md_data); } @@ -84,7 +82,7 @@ static const EVP_MD dss1_md= NID_dsa, NID_dsaWithSHA1, SHA_DIGEST_LENGTH, - EVP_MD_FLAG_FIPS, + 0, init, update, final, diff --git a/src/lib/libssl/src/crypto/evp/m_md2.c b/src/lib/libssl/src/crypto/evp/m_md2.c index 0df48e5199..5ce849f161 100644 --- a/src/lib/libssl/src/crypto/evp/m_md2.c +++ b/src/lib/libssl/src/crypto/evp/m_md2.c @@ -56,19 +56,23 @@ * [including the GNU Public Licence.] */ -#ifndef OPENSSL_NO_MD2 #include #include "cryptlib.h" + +#ifndef OPENSSL_NO_MD2 + #include -#include "evp_locl.h" #include #include #include +#ifndef OPENSSL_NO_RSA +#include +#endif static int init(EVP_MD_CTX *ctx) { return MD2_Init(ctx->md_data); } -static int update(EVP_MD_CTX *ctx,const void *data,unsigned long count) +static int update(EVP_MD_CTX *ctx,const void *data,size_t count) { return MD2_Update(ctx->md_data,data,count); } static int final(EVP_MD_CTX *ctx,unsigned char *md) diff --git a/src/lib/libssl/src/crypto/evp/m_md4.c b/src/lib/libssl/src/crypto/evp/m_md4.c index 0605e4b707..1e0b7c5b42 100644 --- a/src/lib/libssl/src/crypto/evp/m_md4.c +++ b/src/lib/libssl/src/crypto/evp/m_md4.c @@ -56,19 +56,23 @@ * [including the GNU Public Licence.] */ -#ifndef OPENSSL_NO_MD4 #include #include "cryptlib.h" + +#ifndef OPENSSL_NO_MD4 + #include -#include "evp_locl.h" #include #include #include +#ifndef OPENSSL_NO_RSA +#include +#endif static int init(EVP_MD_CTX *ctx) { return MD4_Init(ctx->md_data); } -static int update(EVP_MD_CTX *ctx,const void *data,unsigned long count) +static int update(EVP_MD_CTX *ctx,const void *data,size_t count) { return MD4_Update(ctx->md_data,data,count); } static int final(EVP_MD_CTX *ctx,unsigned char *md) diff --git a/src/lib/libssl/src/crypto/evp/m_md5.c b/src/lib/libssl/src/crypto/evp/m_md5.c index 752615d473..63c142119e 100644 --- a/src/lib/libssl/src/crypto/evp/m_md5.c +++ b/src/lib/libssl/src/crypto/evp/m_md5.c @@ -56,19 +56,23 @@ * [including the GNU Public Licence.] */ -#ifndef OPENSSL_NO_MD5 #include #include "cryptlib.h" + +#ifndef OPENSSL_NO_MD5 + #include -#include "evp_locl.h" #include #include #include +#ifndef OPENSSL_NO_RSA +#include +#endif static int init(EVP_MD_CTX *ctx) { return MD5_Init(ctx->md_data); } -static int update(EVP_MD_CTX *ctx,const void *data,unsigned long count) +static int update(EVP_MD_CTX *ctx,const void *data,size_t count) { return MD5_Update(ctx->md_data,data,count); } static int final(EVP_MD_CTX *ctx,unsigned char *md) diff --git a/src/lib/libssl/src/crypto/evp/m_mdc2.c b/src/lib/libssl/src/crypto/evp/m_mdc2.c index 62de1336b8..36c4e9b134 100644 --- a/src/lib/libssl/src/crypto/evp/m_mdc2.c +++ b/src/lib/libssl/src/crypto/evp/m_mdc2.c @@ -56,19 +56,21 @@ * [including the GNU Public Licence.] */ -#ifndef OPENSSL_NO_MDC2 #include #include "cryptlib.h" + +#ifndef OPENSSL_NO_MDC2 + #include -#include "evp_locl.h" #include #include #include +#include static int init(EVP_MD_CTX *ctx) { return MDC2_Init(ctx->md_data); } -static int update(EVP_MD_CTX *ctx,const void *data,unsigned long count) +static int update(EVP_MD_CTX *ctx,const void *data,size_t count) { return MDC2_Update(ctx->md_data,data,count); } static int final(EVP_MD_CTX *ctx,unsigned char *md) diff --git a/src/lib/libssl/src/crypto/evp/m_null.c b/src/lib/libssl/src/crypto/evp/m_null.c index f6f0a1d2c0..cb0721699d 100644 --- a/src/lib/libssl/src/crypto/evp/m_null.c +++ b/src/lib/libssl/src/crypto/evp/m_null.c @@ -65,7 +65,7 @@ static int init(EVP_MD_CTX *ctx) { return 1; } -static int update(EVP_MD_CTX *ctx,const void *data,unsigned long count) +static int update(EVP_MD_CTX *ctx,const void *data,size_t count) { return 1; } static int final(EVP_MD_CTX *ctx,unsigned char *md) diff --git a/src/lib/libssl/src/crypto/evp/m_ripemd.c b/src/lib/libssl/src/crypto/evp/m_ripemd.c index 64725528dc..a1d60ee78d 100644 --- a/src/lib/libssl/src/crypto/evp/m_ripemd.c +++ b/src/lib/libssl/src/crypto/evp/m_ripemd.c @@ -56,18 +56,23 @@ * [including the GNU Public Licence.] */ -#ifndef OPENSSL_NO_RIPEMD #include #include "cryptlib.h" + +#ifndef OPENSSL_NO_RIPEMD + #include #include #include #include +#ifndef OPENSSL_NO_RSA +#include +#endif static int init(EVP_MD_CTX *ctx) { return RIPEMD160_Init(ctx->md_data); } -static int update(EVP_MD_CTX *ctx,const void *data,unsigned long count) +static int update(EVP_MD_CTX *ctx,const void *data,size_t count) { return RIPEMD160_Update(ctx->md_data,data,count); } static int final(EVP_MD_CTX *ctx,unsigned char *md) diff --git a/src/lib/libssl/src/crypto/evp/m_sha.c b/src/lib/libssl/src/crypto/evp/m_sha.c index ed54909b16..acccc8f92d 100644 --- a/src/lib/libssl/src/crypto/evp/m_sha.c +++ b/src/lib/libssl/src/crypto/evp/m_sha.c @@ -56,21 +56,22 @@ * [including the GNU Public Licence.] */ -#if !defined(OPENSSL_NO_SHA) && !defined(OPENSSL_NO_SHA0) #include #include "cryptlib.h" -/* Including sha.h prior evp.h masks FIPS SHA declarations, but that's - * exactly what we want to achieve here... */ -#include + +#if !defined(OPENSSL_NO_SHA) && !defined(OPENSSL_NO_SHA0) + #include -#include "evp_locl.h" #include #include +#ifndef OPENSSL_NO_RSA +#include +#endif static int init(EVP_MD_CTX *ctx) { return SHA_Init(ctx->md_data); } -static int update(EVP_MD_CTX *ctx,const void *data,unsigned long count) +static int update(EVP_MD_CTX *ctx,const void *data,size_t count) { return SHA_Update(ctx->md_data,data,count); } static int final(EVP_MD_CTX *ctx,unsigned char *md) diff --git a/src/lib/libssl/src/crypto/evp/m_sha1.c b/src/lib/libssl/src/crypto/evp/m_sha1.c index 60da93873c..4679b1c463 100644 --- a/src/lib/libssl/src/crypto/evp/m_sha1.c +++ b/src/lib/libssl/src/crypto/evp/m_sha1.c @@ -56,25 +56,23 @@ * [including the GNU Public Licence.] */ -#ifndef OPENSSL_NO_SHA #include #include "cryptlib.h" + +#ifndef OPENSSL_NO_SHA + #include #include #include +#ifndef OPENSSL_NO_RSA +#include +#endif static int init(EVP_MD_CTX *ctx) { return SHA1_Init(ctx->md_data); } -static int update(EVP_MD_CTX *ctx,const void *data,unsigned long count) -#ifndef OPENSSL_FIPS +static int update(EVP_MD_CTX *ctx,const void *data,size_t count) { return SHA1_Update(ctx->md_data,data,count); } -#else - { - OPENSSL_assert(sizeof(count)<=sizeof(size_t)); - return SHA1_Update(ctx->md_data,data,count); - } -#endif static int final(EVP_MD_CTX *ctx,unsigned char *md) { return SHA1_Final(md,ctx->md_data); } @@ -84,7 +82,7 @@ static const EVP_MD sha1_md= NID_sha1, NID_sha1WithRSAEncryption, SHA_DIGEST_LENGTH, - EVP_MD_FLAG_FIPS, + 0, init, update, final, @@ -101,7 +99,6 @@ const EVP_MD *EVP_sha1(void) } #endif -#ifdef OPENSSL_FIPS #ifndef OPENSSL_NO_SHA256 static int init224(EVP_MD_CTX *ctx) { return SHA224_Init(ctx->md_data); } @@ -112,11 +109,8 @@ static int init256(EVP_MD_CTX *ctx) * SHA256 functions even in SHA224 context. This is what happens * there anyway, so we can spare few CPU cycles:-) */ -static int update256(EVP_MD_CTX *ctx,const void *data,unsigned long count) - { - OPENSSL_assert(sizeof(count)<=sizeof(size_t)); - return SHA256_Update(ctx->md_data,data,count); - } +static int update256(EVP_MD_CTX *ctx,const void *data,size_t count) + { return SHA256_Update(ctx->md_data,data,count); } static int final256(EVP_MD_CTX *ctx,unsigned char *md) { return SHA256_Final(md,ctx->md_data); } @@ -125,7 +119,7 @@ static const EVP_MD sha224_md= NID_sha224, NID_sha224WithRSAEncryption, SHA224_DIGEST_LENGTH, - EVP_MD_FLAG_FIPS, + 0, init224, update256, final256, @@ -144,7 +138,7 @@ static const EVP_MD sha256_md= NID_sha256, NID_sha256WithRSAEncryption, SHA256_DIGEST_LENGTH, - EVP_MD_FLAG_FIPS, + 0, init256, update256, final256, @@ -157,7 +151,7 @@ static const EVP_MD sha256_md= const EVP_MD *EVP_sha256(void) { return(&sha256_md); } -#endif /* ifndef OPENSSL_NO_SHA256 */ +#endif /* ifndef OPENSSL_NO_SHA256 */ #ifndef OPENSSL_NO_SHA512 static int init384(EVP_MD_CTX *ctx) @@ -165,11 +159,8 @@ static int init384(EVP_MD_CTX *ctx) static int init512(EVP_MD_CTX *ctx) { return SHA512_Init(ctx->md_data); } /* See comment in SHA224/256 section */ -static int update512(EVP_MD_CTX *ctx,const void *data,unsigned long count) - { - OPENSSL_assert(sizeof(count)<=sizeof(size_t)); - return SHA512_Update(ctx->md_data,data,count); - } +static int update512(EVP_MD_CTX *ctx,const void *data,size_t count) + { return SHA512_Update(ctx->md_data,data,count); } static int final512(EVP_MD_CTX *ctx,unsigned char *md) { return SHA512_Final(md,ctx->md_data); } @@ -178,7 +169,7 @@ static const EVP_MD sha384_md= NID_sha384, NID_sha384WithRSAEncryption, SHA384_DIGEST_LENGTH, - EVP_MD_FLAG_FIPS, + 0, init384, update512, final512, @@ -197,7 +188,7 @@ static const EVP_MD sha512_md= NID_sha512, NID_sha512WithRSAEncryption, SHA512_DIGEST_LENGTH, - EVP_MD_FLAG_FIPS, + 0, init512, update512, final512, @@ -210,5 +201,4 @@ static const EVP_MD sha512_md= const EVP_MD *EVP_sha512(void) { return(&sha512_md); } -#endif /* ifndef OPENSSL_NO_SHA512 */ -#endif /* ifdef OPENSSL_FIPS */ +#endif /* ifndef OPENSSL_NO_SHA512 */ diff --git a/src/lib/libssl/src/crypto/evp/names.c b/src/lib/libssl/src/crypto/evp/names.c index 7712453046..88c1e780dd 100644 --- a/src/lib/libssl/src/crypto/evp/names.c +++ b/src/lib/libssl/src/crypto/evp/names.c @@ -61,17 +61,14 @@ #include #include #include -#ifdef OPENSSL_FIPS -#include -#endif int EVP_add_cipher(const EVP_CIPHER *c) { int r; - r=OBJ_NAME_add(OBJ_nid2sn(c->nid),OBJ_NAME_TYPE_CIPHER_METH,(char *)c); + r=OBJ_NAME_add(OBJ_nid2sn(c->nid),OBJ_NAME_TYPE_CIPHER_METH,(const char *)c); if (r == 0) return(0); - r=OBJ_NAME_add(OBJ_nid2ln(c->nid),OBJ_NAME_TYPE_CIPHER_METH,(char *)c); + r=OBJ_NAME_add(OBJ_nid2ln(c->nid),OBJ_NAME_TYPE_CIPHER_METH,(const char *)c); return(r); } @@ -81,9 +78,9 @@ int EVP_add_digest(const EVP_MD *md) const char *name; name=OBJ_nid2sn(md->type); - r=OBJ_NAME_add(name,OBJ_NAME_TYPE_MD_METH,(char *)md); + r=OBJ_NAME_add(name,OBJ_NAME_TYPE_MD_METH,(const char *)md); if (r == 0) return(0); - r=OBJ_NAME_add(OBJ_nid2ln(md->type),OBJ_NAME_TYPE_MD_METH,(char *)md); + r=OBJ_NAME_add(OBJ_nid2ln(md->type),OBJ_NAME_TYPE_MD_METH,(const char *)md); if (r == 0) return(0); if (md->type != md->pkey_type) diff --git a/src/lib/libssl/src/crypto/evp/p5_crpt.c b/src/lib/libssl/src/crypto/evp/p5_crpt.c index a1874e83b2..48d50014a0 100644 --- a/src/lib/libssl/src/crypto/evp/p5_crpt.c +++ b/src/lib/libssl/src/crypto/evp/p5_crpt.c @@ -110,12 +110,18 @@ int PKCS5_PBE_keyivgen(EVP_CIPHER_CTX *cctx, const char *pass, int passlen, int i; PBEPARAM *pbe; int saltlen, iter; - unsigned char *salt, *pbuf; + unsigned char *salt; + const unsigned char *pbuf; /* Extract useful info from parameter */ + if (param == NULL || param->type != V_ASN1_SEQUENCE || + param->value.sequence == NULL) { + EVPerr(EVP_F_PKCS5_PBE_KEYIVGEN,EVP_R_DECODE_ERROR); + return 0; + } + pbuf = param->value.sequence->data; - if (!param || (param->type != V_ASN1_SEQUENCE) || - !(pbe = d2i_PBEPARAM (NULL, &pbuf, param->value.sequence->length))) { + if (!(pbe = d2i_PBEPARAM(NULL, &pbuf, param->value.sequence->length))) { EVPerr(EVP_F_PKCS5_PBE_KEYIVGEN,EVP_R_DECODE_ERROR); return 0; } @@ -140,7 +146,7 @@ int PKCS5_PBE_keyivgen(EVP_CIPHER_CTX *cctx, const char *pass, int passlen, EVP_DigestFinal_ex (&ctx, md_tmp, NULL); } EVP_MD_CTX_cleanup(&ctx); - OPENSSL_assert(EVP_CIPHER_key_length(cipher) <= sizeof md_tmp); + OPENSSL_assert(EVP_CIPHER_key_length(cipher) <= (int)sizeof(md_tmp)); memcpy(key, md_tmp, EVP_CIPHER_key_length(cipher)); OPENSSL_assert(EVP_CIPHER_iv_length(cipher) <= 16); memcpy(iv, md_tmp + (16 - EVP_CIPHER_iv_length(cipher)), diff --git a/src/lib/libssl/src/crypto/evp/p5_crpt2.c b/src/lib/libssl/src/crypto/evp/p5_crpt2.c index 1d5fabc4b2..c969d5a206 100644 --- a/src/lib/libssl/src/crypto/evp/p5_crpt2.c +++ b/src/lib/libssl/src/crypto/evp/p5_crpt2.c @@ -55,10 +55,10 @@ * Hudson (tjh@cryptsoft.com). * */ -#if !defined(OPENSSL_NO_HMAC) && !defined(OPENSSL_NO_SHA) #include #include #include "cryptlib.h" +#if !defined(OPENSSL_NO_HMAC) && !defined(OPENSSL_NO_SHA) #include #include #include @@ -77,7 +77,7 @@ */ int PKCS5_PBKDF2_HMAC_SHA1(const char *pass, int passlen, - unsigned char *salt, int saltlen, int iter, + const unsigned char *salt, int saltlen, int iter, int keylen, unsigned char *out) { unsigned char digtmp[SHA_DIGEST_LENGTH], *p, itmp[4]; @@ -148,16 +148,23 @@ int PKCS5_v2_PBE_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen, ASN1_TYPE *param, const EVP_CIPHER *c, const EVP_MD *md, int en_de) { - unsigned char *pbuf, *salt, key[EVP_MAX_KEY_LENGTH]; - int saltlen, keylen, iter, plen; + unsigned char *salt, key[EVP_MAX_KEY_LENGTH]; + const unsigned char *pbuf; + int saltlen, iter, plen; + unsigned int keylen; PBE2PARAM *pbe2 = NULL; const EVP_CIPHER *cipher; PBKDF2PARAM *kdf = NULL; + if (param == NULL || param->type != V_ASN1_SEQUENCE || + param->value.sequence == NULL) { + EVPerr(EVP_F_PKCS5_V2_PBE_KEYIVGEN,EVP_R_DECODE_ERROR); + return 0; + } + pbuf = param->value.sequence->data; plen = param->value.sequence->length; - if(!param || (param->type != V_ASN1_SEQUENCE) || - !(pbe2 = d2i_PBE2PARAM(NULL, &pbuf, plen))) { + if(!(pbe2 = d2i_PBE2PARAM(NULL, &pbuf, plen))) { EVPerr(EVP_F_PKCS5_V2_PBE_KEYIVGEN,EVP_R_DECODE_ERROR); return 0; } @@ -213,7 +220,7 @@ int PKCS5_v2_PBE_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen, /* Now check the parameters of the kdf */ - if(kdf->keylength && (ASN1_INTEGER_get(kdf->keylength) != keylen)){ + if(kdf->keylength && (ASN1_INTEGER_get(kdf->keylength) != (int)keylen)){ EVPerr(EVP_F_PKCS5_V2_PBE_KEYIVGEN, EVP_R_UNSUPPORTED_KEYLENGTH); goto err; diff --git a/src/lib/libssl/src/crypto/evp/p_dec.c b/src/lib/libssl/src/crypto/evp/p_dec.c index 8af620400e..f64901f653 100644 --- a/src/lib/libssl/src/crypto/evp/p_dec.c +++ b/src/lib/libssl/src/crypto/evp/p_dec.c @@ -66,7 +66,7 @@ #include #include -int EVP_PKEY_decrypt(unsigned char *key, unsigned char *ek, int ekl, +int EVP_PKEY_decrypt(unsigned char *key, const unsigned char *ek, int ekl, EVP_PKEY *priv) { int ret= -1; diff --git a/src/lib/libssl/src/crypto/evp/p_enc.c b/src/lib/libssl/src/crypto/evp/p_enc.c index 656883b996..c2dfdc52ad 100644 --- a/src/lib/libssl/src/crypto/evp/p_enc.c +++ b/src/lib/libssl/src/crypto/evp/p_enc.c @@ -66,7 +66,7 @@ #include #include -int EVP_PKEY_encrypt(unsigned char *ek, unsigned char *key, int key_len, +int EVP_PKEY_encrypt(unsigned char *ek, const unsigned char *key, int key_len, EVP_PKEY *pubk) { int ret=0; diff --git a/src/lib/libssl/src/crypto/evp/p_lib.c b/src/lib/libssl/src/crypto/evp/p_lib.c index 215b94292a..22155ecf62 100644 --- a/src/lib/libssl/src/crypto/evp/p_lib.c +++ b/src/lib/libssl/src/crypto/evp/p_lib.c @@ -58,23 +58,59 @@ #include #include "cryptlib.h" +#include +#include #include #include #include #include +#ifndef OPENSSL_NO_RSA +#include +#endif +#ifndef OPENSSL_NO_DSA +#include +#endif +#ifndef OPENSSL_NO_DH +#include +#endif static void EVP_PKEY_free_it(EVP_PKEY *x); int EVP_PKEY_bits(EVP_PKEY *pkey) { + if (0) + return 0; #ifndef OPENSSL_NO_RSA - if (pkey->type == EVP_PKEY_RSA) + else if (pkey->type == EVP_PKEY_RSA) return(BN_num_bits(pkey->pkey.rsa->n)); - else #endif #ifndef OPENSSL_NO_DSA - if (pkey->type == EVP_PKEY_DSA) + else if (pkey->type == EVP_PKEY_DSA) return(BN_num_bits(pkey->pkey.dsa->p)); +#endif +#ifndef OPENSSL_NO_EC + else if (pkey->type == EVP_PKEY_EC) + { + BIGNUM *order = BN_new(); + const EC_GROUP *group; + int ret; + + if (!order) + { + ERR_clear_error(); + return 0; + } + group = EC_KEY_get0_group(pkey->pkey.ec); + if (!EC_GROUP_get_order(group, order, NULL)) + { + ERR_clear_error(); + return 0; + } + + ret = BN_num_bits(order); + BN_free(order); + return ret; + } #endif return(0); } @@ -92,6 +128,11 @@ int EVP_PKEY_size(EVP_PKEY *pkey) if (pkey->type == EVP_PKEY_DSA) return(DSA_size(pkey->pkey.dsa)); #endif +#ifndef OPENSSL_NO_ECDSA + if (pkey->type == EVP_PKEY_EC) + return(ECDSA_size(pkey->pkey.ec)); +#endif + return(0); } @@ -106,11 +147,21 @@ int EVP_PKEY_save_parameters(EVP_PKEY *pkey, int mode) pkey->save_parameters=mode; return(ret); } +#endif +#ifndef OPENSSL_NO_EC + if (pkey->type == EVP_PKEY_EC) + { + int ret = pkey->save_parameters; + + if (mode >= 0) + pkey->save_parameters = mode; + return(ret); + } #endif return(0); } -int EVP_PKEY_copy_parameters(EVP_PKEY *to, EVP_PKEY *from) +int EVP_PKEY_copy_parameters(EVP_PKEY *to, const EVP_PKEY *from) { if (to->type != from->type) { @@ -140,13 +191,24 @@ int EVP_PKEY_copy_parameters(EVP_PKEY *to, EVP_PKEY *from) if (to->pkey.dsa->g != NULL) BN_free(to->pkey.dsa->g); to->pkey.dsa->g=a; } +#endif +#ifndef OPENSSL_NO_EC + if (to->type == EVP_PKEY_EC) + { + EC_GROUP *group = EC_GROUP_dup(EC_KEY_get0_group(from->pkey.ec)); + if (group == NULL) + goto err; + if (EC_KEY_set_group(to->pkey.ec, group) == 0) + goto err; + EC_GROUP_free(group); + } #endif return(1); err: return(0); } -int EVP_PKEY_missing_parameters(EVP_PKEY *pkey) +int EVP_PKEY_missing_parameters(const EVP_PKEY *pkey) { #ifndef OPENSSL_NO_DSA if (pkey->type == EVP_PKEY_DSA) @@ -158,10 +220,18 @@ int EVP_PKEY_missing_parameters(EVP_PKEY *pkey) return(1); } #endif +#ifndef OPENSSL_NO_EC + if (pkey->type == EVP_PKEY_EC) + { + if (EC_KEY_get0_group(pkey->pkey.ec) == NULL) + return(1); + } +#endif + return(0); } -int EVP_PKEY_cmp_parameters(EVP_PKEY *a, EVP_PKEY *b) +int EVP_PKEY_cmp_parameters(const EVP_PKEY *a, const EVP_PKEY *b) { #ifndef OPENSSL_NO_DSA if ((a->type == EVP_PKEY_DSA) && (b->type == EVP_PKEY_DSA)) @@ -173,10 +243,73 @@ int EVP_PKEY_cmp_parameters(EVP_PKEY *a, EVP_PKEY *b) else return(1); } +#endif +#ifndef OPENSSL_NO_EC + if (a->type == EVP_PKEY_EC && b->type == EVP_PKEY_EC) + { + const EC_GROUP *group_a = EC_KEY_get0_group(a->pkey.ec), + *group_b = EC_KEY_get0_group(b->pkey.ec); + if (EC_GROUP_cmp(group_a, group_b, NULL)) + return 0; + else + return 1; + } #endif return(-1); } +int EVP_PKEY_cmp(const EVP_PKEY *a, const EVP_PKEY *b) + { + if (a->type != b->type) + return -1; + + if (EVP_PKEY_cmp_parameters(a, b) == 0) + return 0; + + switch (a->type) + { +#ifndef OPENSSL_NO_RSA + case EVP_PKEY_RSA: + if (BN_cmp(b->pkey.rsa->n,a->pkey.rsa->n) != 0 + || BN_cmp(b->pkey.rsa->e,a->pkey.rsa->e) != 0) + return 0; + break; +#endif +#ifndef OPENSSL_NO_DSA + case EVP_PKEY_DSA: + if (BN_cmp(b->pkey.dsa->pub_key,a->pkey.dsa->pub_key) != 0) + return 0; + break; +#endif +#ifndef OPENSSL_NO_EC + case EVP_PKEY_EC: + { + int r; + const EC_GROUP *group = EC_KEY_get0_group(b->pkey.ec); + const EC_POINT *pa = EC_KEY_get0_public_key(a->pkey.ec), + *pb = EC_KEY_get0_public_key(b->pkey.ec); + r = EC_POINT_cmp(group, pa, pb, NULL); + if (r != 0) + { + if (r == 1) + return 0; + else + return -2; + } + } + break; +#endif +#ifndef OPENSSL_NO_DH + case EVP_PKEY_DH: + return -2; +#endif + default: + return -2; + } + + return 1; + } + EVP_PKEY *EVP_PKEY_new(void) { EVP_PKEY *ret; @@ -246,6 +379,29 @@ DSA *EVP_PKEY_get1_DSA(EVP_PKEY *pkey) } #endif +#ifndef OPENSSL_NO_EC + +int EVP_PKEY_set1_EC_KEY(EVP_PKEY *pkey, EC_KEY *key) +{ + int ret = EVP_PKEY_assign_EC_KEY(pkey,key); + if (ret) + EC_KEY_up_ref(key); + return ret; +} + +EC_KEY *EVP_PKEY_get1_EC_KEY(EVP_PKEY *pkey) +{ + if (pkey->type != EVP_PKEY_EC) + { + EVPerr(EVP_F_EVP_PKEY_GET1_EC_KEY, EVP_R_EXPECTING_A_EC_KEY); + return NULL; + } + EC_KEY_up_ref(pkey->pkey.ec); + return pkey->pkey.ec; +} +#endif + + #ifndef OPENSSL_NO_DH int EVP_PKEY_set1_DH(EVP_PKEY *pkey, DH *key) @@ -282,6 +438,8 @@ int EVP_PKEY_type(int type) return(EVP_PKEY_DSA); case EVP_PKEY_DH: return(EVP_PKEY_DH); + case EVP_PKEY_EC: + return(EVP_PKEY_EC); default: return(NID_undef); } @@ -306,6 +464,8 @@ void EVP_PKEY_free(EVP_PKEY *x) } #endif EVP_PKEY_free_it(x); + if (x->attributes) + sk_X509_ATTRIBUTE_pop_free(x->attributes, X509_ATTRIBUTE_free); OPENSSL_free(x); } @@ -327,6 +487,11 @@ static void EVP_PKEY_free_it(EVP_PKEY *x) DSA_free(x->pkey.dsa); break; #endif +#ifndef OPENSSL_NO_EC + case EVP_PKEY_EC: + EC_KEY_free(x->pkey.ec); + break; +#endif #ifndef OPENSSL_NO_DH case EVP_PKEY_DH: DH_free(x->pkey.dh); diff --git a/src/lib/libssl/src/crypto/evp/p_open.c b/src/lib/libssl/src/crypto/evp/p_open.c index 5a933d1cda..9935206d0f 100644 --- a/src/lib/libssl/src/crypto/evp/p_open.c +++ b/src/lib/libssl/src/crypto/evp/p_open.c @@ -56,15 +56,19 @@ * [including the GNU Public Licence.] */ -#ifndef OPENSSL_NO_RSA #include #include "cryptlib.h" + +#ifndef OPENSSL_NO_RSA + #include #include #include +#include -int EVP_OpenInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type, unsigned char *ek, - int ekl, unsigned char *iv, EVP_PKEY *priv) +int EVP_OpenInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type, + const unsigned char *ek, int ekl, const unsigned char *iv, + EVP_PKEY *priv) { unsigned char *key=NULL; int i,size=0,ret=0; diff --git a/src/lib/libssl/src/crypto/evp/p_seal.c b/src/lib/libssl/src/crypto/evp/p_seal.c index 37e547fe72..8cc8fcb0bd 100644 --- a/src/lib/libssl/src/crypto/evp/p_seal.c +++ b/src/lib/libssl/src/crypto/evp/p_seal.c @@ -78,7 +78,7 @@ int EVP_SealInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type, unsigned char **ek } if ((npubk <= 0) || !pubk) return 1; - if (RAND_bytes(key,EVP_MAX_KEY_LENGTH) <= 0) + if (EVP_CIPHER_CTX_rand_key(ctx, key) <= 0) return 0; if (EVP_CIPHER_CTX_iv_length(ctx)) RAND_pseudo_bytes(iv,EVP_CIPHER_CTX_iv_length(ctx)); diff --git a/src/lib/libssl/src/crypto/evp/p_verify.c b/src/lib/libssl/src/crypto/evp/p_verify.c index d854d743a5..21a40a375e 100644 --- a/src/lib/libssl/src/crypto/evp/p_verify.c +++ b/src/lib/libssl/src/crypto/evp/p_verify.c @@ -62,7 +62,7 @@ #include #include -int EVP_VerifyFinal(EVP_MD_CTX *ctx, unsigned char *sigbuf, +int EVP_VerifyFinal(EVP_MD_CTX *ctx, const unsigned char *sigbuf, unsigned int siglen, EVP_PKEY *pkey) { unsigned char m[EVP_MAX_MD_SIZE]; diff --git a/src/lib/libssl/src/crypto/ex_data.c b/src/lib/libssl/src/crypto/ex_data.c index 5b2e345c27..3b11e7a556 100644 --- a/src/lib/libssl/src/crypto/ex_data.c +++ b/src/lib/libssl/src/crypto/ex_data.c @@ -138,12 +138,8 @@ * */ -#include -#include -#include -#include -#include #include "cryptlib.h" +#include /* What an "implementation of ex_data functionality" looks like */ struct st_CRYPTO_EX_DATA_IMPL @@ -287,7 +283,7 @@ static void def_cleanup_util_cb(CRYPTO_EX_DATA_FUNCS *funcs) /* This callback is used in lh_doall to destroy all EX_CLASS_ITEM values from * "ex_data" prior to the ex_data hash table being itself destroyed. Doesn't do * any locking. */ -static void def_cleanup_cb(const void *a_void) +static void def_cleanup_cb(void *a_void) { EX_CLASS_ITEM *item = (EX_CLASS_ITEM *)a_void; sk_CRYPTO_EX_DATA_FUNCS_pop_free(item->meth, def_cleanup_util_cb); @@ -358,7 +354,7 @@ static int def_add_index(EX_CLASS_ITEM *item, long argl, void *argp, } } toret = item->meth_num++; - sk_CRYPTO_EX_DATA_FUNCS_set(item->meth, toret, a); + (void)sk_CRYPTO_EX_DATA_FUNCS_set(item->meth, toret, a); err: CRYPTO_w_unlock(CRYPTO_LOCK_EX_DATA); return toret; diff --git a/src/lib/libssl/src/crypto/hmac/Makefile b/src/lib/libssl/src/crypto/hmac/Makefile index 3d53d8240f..01f10c396f 100644 --- a/src/lib/libssl/src/crypto/hmac/Makefile +++ b/src/lib/libssl/src/crypto/hmac/Makefile @@ -7,11 +7,6 @@ TOP= ../.. CC= cc INCLUDES= CFLAG=-g -INSTALL_PREFIX= -OPENSSLDIR= /usr/local/ssl -INSTALLTOP=/usr/local/ssl -MAKEDEPPROG= makedepend -MAKEDEPEND= $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG) MAKEFILE= Makefile AR= ar r @@ -51,6 +46,7 @@ links: @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS) install: + @[ -n "$(INSTALLTOP)" ] # should be set by top Makefile... @headerlist="$(EXHEADER)"; for i in $$headerlist ; \ do \ (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \ @@ -66,6 +62,7 @@ lint: lint -DLINT $(INCLUDES) $(SRC)>fluff depend: + @[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile... $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC) dclean: @@ -77,23 +74,12 @@ clean: # DO NOT DELETE THIS LINE -- make depend depends on it. -hmac.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h -hmac.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -hmac.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -hmac.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h -hmac.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -hmac.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h +hmac.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h +hmac.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h hmac.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h hmac.o: ../../include/openssl/evp.h ../../include/openssl/hmac.h -hmac.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -hmac.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -hmac.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h -hmac.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -hmac.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -hmac.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rc2.h -hmac.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -hmac.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -hmac.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -hmac.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -hmac.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -hmac.o: ../cryptlib.h hmac.c +hmac.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h +hmac.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h +hmac.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +hmac.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +hmac.o: ../../include/openssl/symhacks.h ../cryptlib.h hmac.c diff --git a/src/lib/libssl/src/crypto/hmac/hmac.c b/src/lib/libssl/src/crypto/hmac/hmac.c index 6c110bd52b..c45e001492 100644 --- a/src/lib/libssl/src/crypto/hmac/hmac.c +++ b/src/lib/libssl/src/crypto/hmac/hmac.c @@ -58,10 +58,8 @@ #include #include #include -#include #include "cryptlib.h" - -#ifndef OPENSSL_FIPS +#include void HMAC_Init_ex(HMAC_CTX *ctx, const void *key, int len, const EVP_MD *md, ENGINE *impl) @@ -81,7 +79,7 @@ void HMAC_Init_ex(HMAC_CTX *ctx, const void *key, int len, { reset=1; j=EVP_MD_block_size(md); - OPENSSL_assert(j <= sizeof ctx->key); + OPENSSL_assert(j <= (int)sizeof(ctx->key)); if (j < len) { EVP_DigestInit_ex(&ctx->md_ctx,md, impl); @@ -91,7 +89,7 @@ void HMAC_Init_ex(HMAC_CTX *ctx, const void *key, int len, } else { - OPENSSL_assert(len <= sizeof ctx->key); + OPENSSL_assert(len>=0 && len<=(int)sizeof(ctx->key)); memcpy(ctx->key,key,len); ctx->key_length=len; } @@ -123,7 +121,7 @@ void HMAC_Init(HMAC_CTX *ctx, const void *key, int len, HMAC_Init_ex(ctx,key,len,md, NULL); } -void HMAC_Update(HMAC_CTX *ctx, const unsigned char *data, int len) +void HMAC_Update(HMAC_CTX *ctx, const unsigned char *data, size_t len) { EVP_DigestUpdate(&ctx->md_ctx,data,len); } @@ -158,7 +156,7 @@ void HMAC_CTX_cleanup(HMAC_CTX *ctx) } unsigned char *HMAC(const EVP_MD *evp_md, const void *key, int key_len, - const unsigned char *d, int n, unsigned char *md, + const unsigned char *d, size_t n, unsigned char *md, unsigned int *md_len) { HMAC_CTX c; @@ -173,11 +171,3 @@ unsigned char *HMAC(const EVP_MD *evp_md, const void *key, int key_len, return(md); } -void HMAC_CTX_set_flags(HMAC_CTX *ctx, unsigned long flags) - { - EVP_MD_CTX_set_flags(&ctx->i_ctx, flags); - EVP_MD_CTX_set_flags(&ctx->o_ctx, flags); - EVP_MD_CTX_set_flags(&ctx->md_ctx, flags); - } - -#endif diff --git a/src/lib/libssl/src/crypto/hmac/hmac.h b/src/lib/libssl/src/crypto/hmac/hmac.h index c6489c04c8..719fc408ac 100644 --- a/src/lib/libssl/src/crypto/hmac/hmac.h +++ b/src/lib/libssl/src/crypto/hmac/hmac.h @@ -58,17 +58,15 @@ #ifndef HEADER_HMAC_H #define HEADER_HMAC_H +#include + #ifdef OPENSSL_NO_HMAC #error HMAC is disabled. #endif #include -#ifdef OPENSSL_FIPS -#define HMAC_MAX_MD_CBLOCK 128 -#else -#define HMAC_MAX_MD_CBLOCK 64 -#endif +#define HMAC_MAX_MD_CBLOCK 128 /* largest known is SHA512 */ #ifdef __cplusplus extern "C" { @@ -96,13 +94,12 @@ void HMAC_Init(HMAC_CTX *ctx, const void *key, int len, const EVP_MD *md); /* deprecated */ void HMAC_Init_ex(HMAC_CTX *ctx, const void *key, int len, const EVP_MD *md, ENGINE *impl); -void HMAC_Update(HMAC_CTX *ctx, const unsigned char *data, int len); +void HMAC_Update(HMAC_CTX *ctx, const unsigned char *data, size_t len); void HMAC_Final(HMAC_CTX *ctx, unsigned char *md, unsigned int *len); unsigned char *HMAC(const EVP_MD *evp_md, const void *key, int key_len, - const unsigned char *d, int n, unsigned char *md, + const unsigned char *d, size_t n, unsigned char *md, unsigned int *md_len); -void HMAC_CTX_set_flags(HMAC_CTX *ctx, unsigned long flags); #ifdef __cplusplus } diff --git a/src/lib/libssl/src/crypto/idea/Makefile b/src/lib/libssl/src/crypto/idea/Makefile index 6b8e530d9d..b2e7add666 100644 --- a/src/lib/libssl/src/crypto/idea/Makefile +++ b/src/lib/libssl/src/crypto/idea/Makefile @@ -7,11 +7,6 @@ TOP= ../.. CC= cc INCLUDES= CFLAG=-g -INSTALL_PREFIX= -OPENSSLDIR= /usr/local/ssl -INSTALLTOP=/usr/local/ssl -MAKEDEPPROG= makedepend -MAKEDEPEND= $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG) MAKEFILE= Makefile AR= ar r @@ -51,6 +46,7 @@ links: @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS) install: + @[ -n "$(INSTALLTOP)" ] # should be set by top Makefile... @headerlist="$(EXHEADER)"; for i in $$headerlist ; \ do \ (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \ @@ -66,6 +62,7 @@ lint: lint -DLINT $(INCLUDES) $(SRC)>fluff depend: + @[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile... $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC) dclean: @@ -85,8 +82,5 @@ i_ecb.o: ../../include/openssl/idea.h ../../include/openssl/opensslconf.h i_ecb.o: ../../include/openssl/opensslv.h i_ecb.c idea_lcl.h i_ofb64.o: ../../include/openssl/idea.h ../../include/openssl/opensslconf.h i_ofb64.o: i_ofb64.c idea_lcl.h -i_skey.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h -i_skey.o: ../../include/openssl/fips.h ../../include/openssl/idea.h -i_skey.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -i_skey.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h -i_skey.o: ../../include/openssl/symhacks.h i_skey.c idea_lcl.h +i_skey.o: ../../include/openssl/idea.h ../../include/openssl/opensslconf.h +i_skey.o: i_skey.c idea_lcl.h diff --git a/src/lib/libssl/src/crypto/idea/idea.h b/src/lib/libssl/src/crypto/idea/idea.h index bf41844fd7..bf97a37e39 100644 --- a/src/lib/libssl/src/crypto/idea/idea.h +++ b/src/lib/libssl/src/crypto/idea/idea.h @@ -59,6 +59,8 @@ #ifndef HEADER_IDEA_H #define HEADER_IDEA_H +#include /* IDEA_INT, OPENSSL_NO_IDEA */ + #ifdef OPENSSL_NO_IDEA #error IDEA is disabled. #endif @@ -66,7 +68,6 @@ #define IDEA_ENCRYPT 1 #define IDEA_DECRYPT 0 -#include /* IDEA_INT */ #define IDEA_BLOCK 8 #define IDEA_KEY_LENGTH 16 @@ -82,12 +83,8 @@ typedef struct idea_key_st const char *idea_options(void); void idea_ecb_encrypt(const unsigned char *in, unsigned char *out, IDEA_KEY_SCHEDULE *ks); -#ifdef OPENSSL_FIPS -void private_idea_set_encrypt_key(const unsigned char *key, - IDEA_KEY_SCHEDULE *ks); -#endif void idea_set_encrypt_key(const unsigned char *key, IDEA_KEY_SCHEDULE *ks); -void idea_set_decrypt_key(IDEA_KEY_SCHEDULE *ek, IDEA_KEY_SCHEDULE *dk); +void idea_set_decrypt_key(const IDEA_KEY_SCHEDULE *ek, IDEA_KEY_SCHEDULE *dk); void idea_cbc_encrypt(const unsigned char *in, unsigned char *out, long length, IDEA_KEY_SCHEDULE *ks, unsigned char *iv,int enc); void idea_cfb64_encrypt(const unsigned char *in, unsigned char *out, diff --git a/src/lib/libssl/src/crypto/idea/ideatest.c b/src/lib/libssl/src/crypto/idea/ideatest.c index 98f805d72a..e6ffc7025e 100644 --- a/src/lib/libssl/src/crypto/idea/ideatest.c +++ b/src/lib/libssl/src/crypto/idea/ideatest.c @@ -169,6 +169,9 @@ int main(int argc, char *argv[]) else printf("ok\n"); +#ifdef OPENSSL_SYS_NETWARE + if (err) printf("ERROR: %d\n", err); +#endif EXIT(err); return(err); } diff --git a/src/lib/libssl/src/crypto/install.com b/src/lib/libssl/src/crypto/install.com index b3d155e964..58a4fecdaa 100644 --- a/src/lib/libssl/src/crypto/install.com +++ b/src/lib/libssl/src/crypto/install.com @@ -32,14 +32,18 @@ $ IF F$PARSE("WRK_SSLALIB:") .EQS. "" THEN - $ IF F$PARSE("WRK_SSLINCLUDE:") .EQS. "" THEN - CREATE/DIR/LOG WRK_SSLINCLUDE: $ -$ SDIRS := ,MD2,MD4,MD5,SHA,MDC2,HMAC,RIPEMD,- - DES,RC2,RC4,RC5,IDEA,BF,CAST,- - BN,EC,RSA,DSA,DH,DSO,ENGINE,AES,- - BUFFER,BIO,STACK,LHASH,RAND,ERR,OBJECTS,- +$ SDIRS := ,- + OBJECTS,- + MD2,MD4,MD5,SHA,MDC2,HMAC,RIPEMD,- + DES,RC2,RC4,RC5,IDEA,BF,CAST,CAMELLIA,SEED,- + BN,EC,RSA,DSA,ECDSA,DH,ECDH,DSO,ENGINE,AES,- + BUFFER,BIO,STACK,LHASH,RAND,ERR,- EVP,ASN1,PEM,X509,X509V3,CONF,TXT_DB,PKCS7,PKCS12,COMP,OCSP,- - UI,KRB5 + UI,KRB5,- + STORE,CMS,PQUEUE $ EXHEADER_ := crypto.h,tmdiff.h,opensslv.h,opensslconf.h,ebcdic.h,- symhacks.h,ossl_typ.h +$ EXHEADER_OBJECTS := objects.h,obj_mac.h $ EXHEADER_MD2 := md2.h $ EXHEADER_MD4 := md4.h $ EXHEADER_MD5 := md5.h @@ -54,11 +58,15 @@ $ EXHEADER_RC5 := rc5.h $ EXHEADER_IDEA := idea.h $ EXHEADER_BF := blowfish.h $ EXHEADER_CAST := cast.h +$ EXHEADER_CAMELLIA := camellia.h +$ EXHEADER_SEED := seed.h $ EXHEADER_BN := bn.h $ EXHEADER_EC := ec.h $ EXHEADER_RSA := rsa.h $ EXHEADER_DSA := dsa.h +$ EXHEADER_ECDSA := ecdsa.h $ EXHEADER_DH := dh.h +$ EXHEADER_ECDH := ecdh.h $ EXHEADER_DSO := dso.h $ EXHEADER_ENGINE := engine.h $ EXHEADER_AES := aes.h @@ -68,7 +76,6 @@ $ EXHEADER_STACK := stack.h,safestack.h $ EXHEADER_LHASH := lhash.h $ EXHEADER_RAND := rand.h $ EXHEADER_ERR := err.h -$ EXHEADER_OBJECTS := objects.h,obj_mac.h $ EXHEADER_EVP := evp.h $ EXHEADER_ASN1 := asn1.h,asn1_mac.h,asn1t.h $ EXHEADER_PEM := pem.h,pem2.h @@ -82,6 +89,10 @@ $ EXHEADER_COMP := comp.h $ EXHEADER_OCSP := ocsp.h $ EXHEADER_UI := ui.h,ui_compat.h $ EXHEADER_KRB5 := krb5_asn.h +$! EXHEADER_STORE := store.h,str_compat.h +$ EXHEADER_STORE := store.h +$ EXHEADER_PQUEUE := pqueue.h,pq_compat.h +$ EXHEADER_CMS := cms.h $ LIBS := LIBCRYPTO $ $ VEXE_DIR := [-.VAX.EXE.CRYPTO] diff --git a/src/lib/libssl/src/crypto/krb5/Makefile b/src/lib/libssl/src/crypto/krb5/Makefile index 25cc695e8d..14077390d6 100644 --- a/src/lib/libssl/src/crypto/krb5/Makefile +++ b/src/lib/libssl/src/crypto/krb5/Makefile @@ -7,11 +7,6 @@ TOP= ../.. CC= cc INCLUDES= -I.. -I$(TOP) -I../../include CFLAG=-g -INSTALL_PREFIX= -OPENSSLDIR= /usr/local/ssl -INSTALLTOP=/usr/local/ssl -MAKEDEPPROG= makedepend -MAKEDEPEND= $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG) MAKEFILE= Makefile AR= ar r @@ -52,6 +47,7 @@ links: @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS) install: + @[ -n "$(INSTALLTOP)" ] # should be set by top Makefile... @headerlist="$(EXHEADER)"; for i in $$headerlist ; \ do \ (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \ @@ -67,6 +63,7 @@ lint: lint -DLINT $(INCLUDES) $(SRC)>fluff depend: + @[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile... $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(LIBSRC) dclean: @@ -79,9 +76,8 @@ clean: # DO NOT DELETE THIS LINE -- make depend depends on it. krb5_asn.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h -krb5_asn.o: ../../include/openssl/bio.h ../../include/openssl/bn.h -krb5_asn.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h -krb5_asn.o: ../../include/openssl/krb5_asn.h +krb5_asn.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h +krb5_asn.o: ../../include/openssl/e_os2.h ../../include/openssl/krb5_asn.h krb5_asn.o: ../../include/openssl/opensslconf.h krb5_asn.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h krb5_asn.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h diff --git a/src/lib/libssl/src/crypto/krb5/krb5_asn.h b/src/lib/libssl/src/crypto/krb5/krb5_asn.h index 3329477b07..41725d0dc4 100644 --- a/src/lib/libssl/src/crypto/krb5/krb5_asn.h +++ b/src/lib/libssl/src/crypto/krb5/krb5_asn.h @@ -225,7 +225,7 @@ DECLARE_STACK_OF(KRB5_AUTHENTBODY) ** void name##_free(type *a); ** DECLARE_ASN1_ENCODE_FUNCTIONS(type, name, name) = ** DECLARE_ASN1_ENCODE_FUNCTIONS(type, itname, name) = -** type *d2i_##name(type **a, unsigned char **in, long len); +** type *d2i_##name(type **a, const unsigned char **in, long len); ** int i2d_##name(type *a, unsigned char **out); ** DECLARE_ASN1_ITEM(itname) = OPENSSL_EXTERN const ASN1_ITEM itname##_it */ diff --git a/src/lib/libssl/src/crypto/lhash/Makefile b/src/lib/libssl/src/crypto/lhash/Makefile index cdb0e77fad..82bddac474 100644 --- a/src/lib/libssl/src/crypto/lhash/Makefile +++ b/src/lib/libssl/src/crypto/lhash/Makefile @@ -7,11 +7,6 @@ TOP= ../.. CC= cc INCLUDES= CFLAG=-g -INSTALL_PREFIX= -OPENSSLDIR= /usr/local/ssl -INSTALLTOP=/usr/local/ssl -MAKEDEPPROG= makedepend -MAKEDEPEND= $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG) MAKEFILE= Makefile AR= ar r @@ -51,6 +46,7 @@ links: @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS) install: + @[ -n "$(INSTALLTOP)" ] # should be set by top Makefile... @headerlist="$(EXHEADER)"; for i in $$headerlist ; \ do \ (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \ @@ -66,6 +62,7 @@ lint: lint -DLINT $(INCLUDES) $(SRC)>fluff depend: + @[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile... $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC) dclean: @@ -81,11 +78,11 @@ lh_stats.o: ../../e_os.h ../../include/openssl/bio.h lh_stats.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h lh_stats.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h lh_stats.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h -lh_stats.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h -lh_stats.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -lh_stats.o: ../cryptlib.h lh_stats.c +lh_stats.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +lh_stats.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +lh_stats.o: ../../include/openssl/symhacks.h ../cryptlib.h lh_stats.c lhash.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h lhash.o: ../../include/openssl/e_os2.h ../../include/openssl/lhash.h lhash.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -lhash.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h -lhash.o: ../../include/openssl/symhacks.h lhash.c +lhash.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h +lhash.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h lhash.c diff --git a/src/lib/libssl/src/crypto/lhash/lhash.c b/src/lib/libssl/src/crypto/lhash/lhash.c index 0a16fcf27d..04ea80203c 100644 --- a/src/lib/libssl/src/crypto/lhash/lhash.c +++ b/src/lib/libssl/src/crypto/lhash/lhash.c @@ -100,7 +100,7 @@ #include #include -const char *lh_version="lhash" OPENSSL_VERSION_PTEXT; +const char lh_version[]="lhash" OPENSSL_VERSION_PTEXT; #undef MIN_NODES #define MIN_NODES 16 @@ -176,11 +176,11 @@ void lh_free(LHASH *lh) OPENSSL_free(lh); } -void *lh_insert(LHASH *lh, const void *data) +void *lh_insert(LHASH *lh, void *data) { unsigned long hash; LHASH_NODE *nn,**rn; - const void *ret; + void *ret; lh->error=0; if (lh->up_load <= (lh->num_items*LH_LOAD_MULT/lh->num_nodes)) @@ -211,14 +211,14 @@ void *lh_insert(LHASH *lh, const void *data) (*rn)->data=data; lh->num_replace++; } - return((void *)ret); + return(ret); } void *lh_delete(LHASH *lh, const void *data) { unsigned long hash; LHASH_NODE *nn,**rn; - const void *ret; + void *ret; lh->error=0; rn=getrn(lh,data,&hash); @@ -242,14 +242,14 @@ void *lh_delete(LHASH *lh, const void *data) (lh->down_load >= (lh->num_items*LH_LOAD_MULT/lh->num_nodes))) contract(lh); - return((void *)ret); + return(ret); } void *lh_retrieve(LHASH *lh, const void *data) { unsigned long hash; LHASH_NODE **rn; - const void *ret; + void *ret; lh->error=0; rn=getrn(lh,data,&hash); @@ -264,7 +264,7 @@ void *lh_retrieve(LHASH *lh, const void *data) ret= (*rn)->data; lh->num_retrieve++; } - return((void *)ret); + return(ret); } static void doall_util_fn(LHASH *lh, int use_arg, LHASH_DOALL_FN_TYPE func, @@ -339,7 +339,7 @@ static void expand(LHASH *lh) { j=(int)lh->num_alloc_nodes*2; n=(LHASH_NODE **)OPENSSL_realloc(lh->b, - (unsigned int)sizeof(LHASH_NODE *)*j); + (int)(sizeof(LHASH_NODE *)*j)); if (n == NULL) { /* fputs("realloc error in lhash",stderr); */ @@ -401,7 +401,7 @@ static LHASH_NODE **getrn(LHASH *lh, const void *data, unsigned long *rhash) { LHASH_NODE **ret,*n1; unsigned long hash,nn; - int (*cf)(); + LHASH_COMP_FN_TYPE cf; hash=(*(lh->hash))(data); lh->num_hash_calls++; diff --git a/src/lib/libssl/src/crypto/lhash/lhash.h b/src/lib/libssl/src/crypto/lhash/lhash.h index dee8207333..d392d0cd80 100644 --- a/src/lib/libssl/src/crypto/lhash/lhash.h +++ b/src/lib/libssl/src/crypto/lhash/lhash.h @@ -63,6 +63,7 @@ #ifndef HEADER_LHASH_H #define HEADER_LHASH_H +#include #ifndef OPENSSL_NO_FP_API #include #endif @@ -77,7 +78,7 @@ extern "C" { typedef struct lhash_node_st { - const void *data; + void *data; struct lhash_node_st *next; #ifndef OPENSSL_NO_HASH_COMP unsigned long hash; @@ -86,8 +87,8 @@ typedef struct lhash_node_st typedef int (*LHASH_COMP_FN_TYPE)(const void *, const void *); typedef unsigned long (*LHASH_HASH_FN_TYPE)(const void *); -typedef void (*LHASH_DOALL_FN_TYPE)(const void *); -typedef void (*LHASH_DOALL_ARG_FN_TYPE)(const void *, void *); +typedef void (*LHASH_DOALL_FN_TYPE)(void *); +typedef void (*LHASH_DOALL_ARG_FN_TYPE)(void *, void *); /* Macros for declaring and implementing type-safe wrappers for LHASH callbacks. * This way, callbacks can be provided to LHASH structures without function @@ -117,18 +118,18 @@ typedef void (*LHASH_DOALL_ARG_FN_TYPE)(const void *, void *); /* Third: "doall" functions */ #define DECLARE_LHASH_DOALL_FN(f_name,o_type) \ - void f_name##_LHASH_DOALL(const void *); + void f_name##_LHASH_DOALL(void *); #define IMPLEMENT_LHASH_DOALL_FN(f_name,o_type) \ - void f_name##_LHASH_DOALL(const void *arg) { \ + void f_name##_LHASH_DOALL(void *arg) { \ o_type a = (o_type)arg; \ f_name(a); } #define LHASH_DOALL_FN(f_name) f_name##_LHASH_DOALL /* Fourth: "doall_arg" functions */ #define DECLARE_LHASH_DOALL_ARG_FN(f_name,o_type,a_type) \ - void f_name##_LHASH_DOALL_ARG(const void *, void *); + void f_name##_LHASH_DOALL_ARG(void *, void *); #define IMPLEMENT_LHASH_DOALL_ARG_FN(f_name,o_type,a_type) \ - void f_name##_LHASH_DOALL_ARG(const void *arg1, void *arg2) { \ + void f_name##_LHASH_DOALL_ARG(void *arg1, void *arg2) { \ o_type a = (o_type)arg1; \ a_type b = (a_type)arg2; \ f_name(a,b); } @@ -172,7 +173,7 @@ typedef struct lhash_st LHASH *lh_new(LHASH_HASH_FN_TYPE h, LHASH_COMP_FN_TYPE c); void lh_free(LHASH *lh); -void *lh_insert(LHASH *lh, const void *data); +void *lh_insert(LHASH *lh, void *data); void *lh_delete(LHASH *lh, const void *data); void *lh_retrieve(LHASH *lh, const void *data); void lh_doall(LHASH *lh, LHASH_DOALL_FN_TYPE func); diff --git a/src/lib/libssl/src/crypto/md2/Makefile b/src/lib/libssl/src/crypto/md2/Makefile index 9d0351bb2f..17f878aeb7 100644 --- a/src/lib/libssl/src/crypto/md2/Makefile +++ b/src/lib/libssl/src/crypto/md2/Makefile @@ -7,11 +7,6 @@ TOP= ../.. CC= cc INCLUDES= CFLAG=-g -INSTALL_PREFIX= -OPENSSLDIR= /usr/local/ssl -INSTALLTOP=/usr/local/ssl -MAKEDEPPROG= makedepend -MAKEDEPEND= $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG) MAKEFILE= Makefile AR= ar r @@ -51,6 +46,7 @@ links: @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS) install: + @[ -n "$(INSTALLTOP)" ] # should be set by top Makefile... @headerlist="$(EXHEADER)"; for i in $$headerlist ; \ do \ (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \ @@ -66,6 +62,7 @@ lint: lint -DLINT $(INCLUDES) $(SRC)>fluff depend: + @[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile... $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC) dclean: @@ -77,17 +74,16 @@ clean: # DO NOT DELETE THIS LINE -- make depend depends on it. -md2_dgst.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h -md2_dgst.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -md2_dgst.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h +md2_dgst.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h md2_dgst.o: ../../include/openssl/md2.h ../../include/openssl/opensslconf.h -md2_dgst.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h -md2_dgst.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -md2_dgst.o: md2_dgst.c +md2_dgst.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +md2_dgst.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +md2_dgst.o: ../../include/openssl/symhacks.h md2_dgst.c md2_one.o: ../../e_os.h ../../include/openssl/bio.h md2_one.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h md2_one.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h md2_one.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h md2_one.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -md2_one.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h -md2_one.o: ../../include/openssl/symhacks.h ../cryptlib.h md2_one.c +md2_one.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h +md2_one.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +md2_one.o: ../cryptlib.h md2_one.c diff --git a/src/lib/libssl/src/crypto/md2/md2.h b/src/lib/libssl/src/crypto/md2/md2.h index d0ef9da08e..a46120e7d4 100644 --- a/src/lib/libssl/src/crypto/md2/md2.h +++ b/src/lib/libssl/src/crypto/md2/md2.h @@ -59,13 +59,14 @@ #ifndef HEADER_MD2_H #define HEADER_MD2_H +#include /* OPENSSL_NO_MD2, MD2_INT */ #ifdef OPENSSL_NO_MD2 #error MD2 is disabled. #endif +#include #define MD2_DIGEST_LENGTH 16 #define MD2_BLOCK 16 -#include /* MD2_INT */ #ifdef __cplusplus extern "C" { @@ -73,20 +74,17 @@ extern "C" { typedef struct MD2state_st { - int num; + unsigned int num; unsigned char data[MD2_BLOCK]; MD2_INT cksm[MD2_BLOCK]; MD2_INT state[MD2_BLOCK]; } MD2_CTX; const char *MD2_options(void); -#ifdef OPENSSL_FIPS -int private_MD2_Init(MD2_CTX *c); -#endif int MD2_Init(MD2_CTX *c); -int MD2_Update(MD2_CTX *c, const unsigned char *data, unsigned long len); +int MD2_Update(MD2_CTX *c, const unsigned char *data, size_t len); int MD2_Final(unsigned char *md, MD2_CTX *c); -unsigned char *MD2(const unsigned char *d, unsigned long n,unsigned char *md); +unsigned char *MD2(const unsigned char *d, size_t n,unsigned char *md); #ifdef __cplusplus } #endif diff --git a/src/lib/libssl/src/crypto/md2/md2_dgst.c b/src/lib/libssl/src/crypto/md2/md2_dgst.c index 8124acd687..6f68b25c6a 100644 --- a/src/lib/libssl/src/crypto/md2/md2_dgst.c +++ b/src/lib/libssl/src/crypto/md2/md2_dgst.c @@ -62,10 +62,8 @@ #include #include #include -#include -#include -const char *MD2_version="MD2" OPENSSL_VERSION_PTEXT; +const char MD2_version[]="MD2" OPENSSL_VERSION_PTEXT; /* Implemented from RFC1319 The MD2 Message-Digest Algorithm */ @@ -118,7 +116,7 @@ const char *MD2_options(void) return("md2(int)"); } -FIPS_NON_FIPS_MD_Init(MD2) +int MD2_Init(MD2_CTX *c) { c->num=0; memset(c->state,0,sizeof c->state); @@ -127,7 +125,7 @@ FIPS_NON_FIPS_MD_Init(MD2) return 1; } -int MD2_Update(MD2_CTX *c, const unsigned char *data, unsigned long len) +int MD2_Update(MD2_CTX *c, const unsigned char *data, size_t len) { register UCHAR *p; @@ -147,7 +145,7 @@ int MD2_Update(MD2_CTX *c, const unsigned char *data, unsigned long len) } else { - memcpy(&(p[c->num]),data,(int)len); + memcpy(&(p[c->num]),data,len); /* data+=len; */ c->num+=(int)len; return 1; @@ -161,7 +159,7 @@ int MD2_Update(MD2_CTX *c, const unsigned char *data, unsigned long len) data+=MD2_BLOCK; len-=MD2_BLOCK; } - memcpy(p,data,(int)len); + memcpy(p,data,len); c->num=(int)len; return 1; } diff --git a/src/lib/libssl/src/crypto/md2/md2_one.c b/src/lib/libssl/src/crypto/md2/md2_one.c index 8c36ba5779..f7fef5cc0a 100644 --- a/src/lib/libssl/src/crypto/md2/md2_one.c +++ b/src/lib/libssl/src/crypto/md2/md2_one.c @@ -63,7 +63,7 @@ /* This is a separate file so that #defines in cryptlib.h can * map my MD functions to different names */ -unsigned char *MD2(const unsigned char *d, unsigned long n, unsigned char *md) +unsigned char *MD2(const unsigned char *d, size_t n, unsigned char *md) { MD2_CTX c; static unsigned char m[MD2_DIGEST_LENGTH]; diff --git a/src/lib/libssl/src/crypto/md2/md2test.c b/src/lib/libssl/src/crypto/md2/md2test.c index 9c1e28b6ce..db5f5bc6d2 100644 --- a/src/lib/libssl/src/crypto/md2/md2test.c +++ b/src/lib/libssl/src/crypto/md2/md2test.c @@ -110,7 +110,7 @@ int main(int argc, char *argv[]) i=1; while (*P != NULL) { - EVP_Digest((unsigned char *)*P,(unsigned long)strlen(*P),md,NULL,EVP_md2(), NULL); + EVP_Digest((unsigned char *)*P,strlen(*P),md,NULL,EVP_md2(), NULL); p=pt(md); if (strcmp(p,*R) != 0) { @@ -124,7 +124,11 @@ int main(int argc, char *argv[]) R++; P++; } +#ifdef OPENSSL_SYS_NETWARE + if (err) printf("ERROR: %d\n", err); +#endif EXIT(err); + return err; } static char *pt(unsigned char *md) diff --git a/src/lib/libssl/src/crypto/md32_common.h b/src/lib/libssl/src/crypto/md32_common.h index 733da6acaf..089c450290 100644 --- a/src/lib/libssl/src/crypto/md32_common.h +++ b/src/lib/libssl/src/crypto/md32_common.h @@ -1,6 +1,6 @@ /* crypto/md32_common.h */ /* ==================================================================== - * Copyright (c) 1999-2002 The OpenSSL Project. All rights reserved. + * Copyright (c) 1999-2007 The OpenSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -47,10 +47,6 @@ * OF THE POSSIBILITY OF SUCH DAMAGE. * ==================================================================== * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * */ /* @@ -76,40 +72,27 @@ * typedef struct { * ... * HASH_LONG Nl,Nh; + * either { * HASH_LONG data[HASH_LBLOCK]; - * int num; + * unsigned char data[HASH_CBLOCK]; + * }; + * unsigned int num; * ... * } HASH_CTX; + * data[] vector is expected to be zeroed upon first call to + * HASH_UPDATE. * HASH_UPDATE * name of "Update" function, implemented here. * HASH_TRANSFORM * name of "Transform" function, implemented here. * HASH_FINAL * name of "Final" function, implemented here. - * HASH_BLOCK_HOST_ORDER - * name of "block" function treating *aligned* input message - * in host byte order, implemented externally. * HASH_BLOCK_DATA_ORDER - * name of "block" function treating *unaligned* input message - * in original (data) byte order, implemented externally (it - * actually is optional if data and host are of the same - * "endianess"). + * name of "block" function capable of treating *unaligned* input + * message in original (data) byte order, implemented externally. * HASH_MAKE_STRING * macro convering context variables to an ASCII hash string. * - * Optional macros: - * - * B_ENDIAN or L_ENDIAN - * defines host byte-order. - * HASH_LONG_LOG2 - * defaults to 2 if not states otherwise. - * HASH_LBLOCK - * assumed to be HASH_CBLOCK/4 if not stated otherwise. - * HASH_BLOCK_DATA_ORDER_ALIGNED - * alternative "block" function capable of treating - * aligned input message in original (data) order, - * implemented externally. - * * MD5 example: * * #define DATA_ORDER_IS_LITTLE_ENDIAN @@ -118,20 +101,14 @@ * #define HASH_LONG_LOG2 MD5_LONG_LOG2 * #define HASH_CTX MD5_CTX * #define HASH_CBLOCK MD5_CBLOCK - * #define HASH_LBLOCK MD5_LBLOCK * #define HASH_UPDATE MD5_Update * #define HASH_TRANSFORM MD5_Transform * #define HASH_FINAL MD5_Final - * #define HASH_BLOCK_HOST_ORDER md5_block_host_order * #define HASH_BLOCK_DATA_ORDER md5_block_data_order * * */ -#include -#include -#include - #if !defined(DATA_ORDER_IS_BIG_ENDIAN) && !defined(DATA_ORDER_IS_LITTLE_ENDIAN) #error "DATA_ORDER must be defined!" #endif @@ -156,34 +133,16 @@ #error "HASH_FINAL must be defined!" #endif -#ifndef HASH_BLOCK_HOST_ORDER -#error "HASH_BLOCK_HOST_ORDER must be defined!" -#endif - -#if 0 -/* - * Moved below as it's required only if HASH_BLOCK_DATA_ORDER_ALIGNED - * isn't defined. - */ #ifndef HASH_BLOCK_DATA_ORDER #error "HASH_BLOCK_DATA_ORDER must be defined!" #endif -#endif - -#ifndef HASH_LBLOCK -#define HASH_LBLOCK (HASH_CBLOCK/4) -#endif - -#ifndef HASH_LONG_LOG2 -#define HASH_LONG_LOG2 2 -#endif /* * Engage compiler specific rotate intrinsic function if available. */ #undef ROTATE #ifndef PEDANTIC -# if 0 /* defined(_MSC_VER) */ +# if defined(_MSC_VER) || defined(__ICC) # define ROTATE(a,n) _lrotl(a,n) # elif defined(__MWERKS__) # if defined(__POWERPC__) @@ -199,7 +158,6 @@ * Some GNU C inline assembler templates. Note that these are * rotates by *constant* number of bits! But that's exactly * what we need here... - * * */ # if defined(__i386) || defined(__i386__) || defined(__x86_64) || defined(__x86_64__) @@ -211,7 +169,8 @@ : "cc"); \ ret; \ }) -# elif defined(__powerpc) || defined(__ppc__) || defined(__powerpc64__) +# elif defined(_ARCH_PPC) || defined(_ARCH_PPC64) || \ + defined(__powerpc) || defined(__ppc__) || defined(__powerpc64__) # define ROTATE(a,n) ({ register unsigned int ret; \ asm ( \ "rlwinm %0,%1,%2,0,31" \ @@ -219,194 +178,100 @@ : "r"(a), "I"(n)); \ ret; \ }) -# endif -# endif - -/* - * Engage compiler specific "fetch in reverse byte order" - * intrinsic function if available. - */ -# if defined(__GNUC__) && __GNUC__>=2 && !defined(OPENSSL_NO_ASM) && !defined(OPENSSL_NO_INLINE_ASM) - /* some GNU C inline assembler templates by */ -# if (defined(__i386) || defined(__i386__) || defined(__x86_64) || defined(__x86_64__)) && !defined(I386_ONLY) -# define BE_FETCH32(a) ({ register unsigned int l=(a);\ - asm ( \ - "bswapl %0" \ - : "=r"(l) : "0"(l)); \ - l; \ - }) -# elif defined(__powerpc) -# define LE_FETCH32(a) ({ register unsigned int l; \ - asm ( \ - "lwbrx %0,0,%1" \ - : "=r"(l) \ - : "r"(a)); \ - l; \ - }) - -# elif defined(__sparc) && defined(OPENSSL_SYS_ULTRASPARC) -# define LE_FETCH32(a) ({ register unsigned int l; \ - asm ( \ - "lda [%1]#ASI_PRIMARY_LITTLE,%0"\ - : "=r"(l) \ - : "r"(a)); \ - l; \ +# elif defined(__s390x__) +# define ROTATE(a,n) ({ register unsigned int ret; \ + asm ("rll %0,%1,%2" \ + : "=r"(ret) \ + : "r"(a), "I"(n)); \ + ret; \ }) # endif # endif #endif /* PEDANTIC */ -#if HASH_LONG_LOG2==2 /* Engage only if sizeof(HASH_LONG)== 4 */ -/* A nice byte order reversal from Wei Dai */ -#ifdef ROTATE -/* 5 instructions with rotate instruction, else 9 */ -#define REVERSE_FETCH32(a,l) ( \ - l=*(const HASH_LONG *)(a), \ - ((ROTATE(l,8)&0x00FF00FF)|(ROTATE((l&0x00FF00FF),24))) \ - ) -#else -/* 6 instructions with rotate instruction, else 8 */ -#define REVERSE_FETCH32(a,l) ( \ - l=*(const HASH_LONG *)(a), \ - l=(((l>>8)&0x00FF00FF)|((l&0x00FF00FF)<<8)), \ - ROTATE(l,16) \ - ) -/* - * Originally the middle line started with l=(((l&0xFF00FF00)>>8)|... - * It's rewritten as above for two reasons: - * - RISCs aren't good at long constants and have to explicitely - * compose 'em with several (well, usually 2) instructions in a - * register before performing the actual operation and (as you - * already realized:-) having same constant should inspire the - * compiler to permanently allocate the only register for it; - * - most modern CPUs have two ALUs, but usually only one has - * circuitry for shifts:-( this minor tweak inspires compiler - * to schedule shift instructions in a better way... - * - * - */ -#endif -#endif - #ifndef ROTATE #define ROTATE(a,n) (((a)<<(n))|(((a)&0xffffffff)>>(32-(n)))) #endif -/* - * Make some obvious choices. E.g., HASH_BLOCK_DATA_ORDER_ALIGNED - * and HASH_BLOCK_HOST_ORDER ought to be the same if input data - * and host are of the same "endianess". It's possible to mask - * this with blank #define HASH_BLOCK_DATA_ORDER though... - * - * - */ -#if defined(B_ENDIAN) -# if defined(DATA_ORDER_IS_BIG_ENDIAN) -# if !defined(HASH_BLOCK_DATA_ORDER_ALIGNED) && HASH_LONG_LOG2==2 -# define HASH_BLOCK_DATA_ORDER_ALIGNED HASH_BLOCK_HOST_ORDER -# endif -# elif defined(DATA_ORDER_IS_LITTLE_ENDIAN) -# ifndef HOST_FETCH32 -# ifdef LE_FETCH32 -# define HOST_FETCH32(p,l) LE_FETCH32(p) -# elif defined(REVERSE_FETCH32) -# define HOST_FETCH32(p,l) REVERSE_FETCH32(p,l) -# endif -# endif -# endif -#elif defined(L_ENDIAN) -# if defined(DATA_ORDER_IS_LITTLE_ENDIAN) -# if !defined(HASH_BLOCK_DATA_ORDER_ALIGNED) && HASH_LONG_LOG2==2 -# define HASH_BLOCK_DATA_ORDER_ALIGNED HASH_BLOCK_HOST_ORDER -# endif -# elif defined(DATA_ORDER_IS_BIG_ENDIAN) -# ifndef HOST_FETCH32 -# ifdef BE_FETCH32 -# define HOST_FETCH32(p,l) BE_FETCH32(p) -# elif defined(REVERSE_FETCH32) -# define HOST_FETCH32(p,l) REVERSE_FETCH32(p,l) -# endif -# endif -# endif -#endif +#if defined(DATA_ORDER_IS_BIG_ENDIAN) -#if !defined(HASH_BLOCK_DATA_ORDER_ALIGNED) -#ifndef HASH_BLOCK_DATA_ORDER -#error "HASH_BLOCK_DATA_ORDER must be defined!" +#ifndef PEDANTIC +# if defined(__GNUC__) && __GNUC__>=2 && !defined(OPENSSL_NO_ASM) && !defined(OPENSSL_NO_INLINE_ASM) +# if ((defined(__i386) || defined(__i386__)) && !defined(I386_ONLY)) || \ + (defined(__x86_64) || defined(__x86_64__)) +# if !defined(B_ENDIAN) + /* + * This gives ~30-40% performance improvement in SHA-256 compiled + * with gcc [on P4]. Well, first macro to be frank. We can pull + * this trick on x86* platforms only, because these CPUs can fetch + * unaligned data without raising an exception. + */ +# define HOST_c2l(c,l) ({ unsigned int r=*((const unsigned int *)(c)); \ + asm ("bswapl %0":"=r"(r):"0"(r)); \ + (c)+=4; (l)=r; }) +# define HOST_l2c(l,c) ({ unsigned int r=(l); \ + asm ("bswapl %0":"=r"(r):"0"(r)); \ + *((unsigned int *)(c))=r; (c)+=4; r; }) +# endif +# endif +# endif #endif +#if defined(__s390__) || defined(__s390x__) +# define HOST_c2l(c,l) ((l)=*((const unsigned int *)(c)), (c)+=4, (l)) +# define HOST_l2c(l,c) (*((unsigned int *)(c))=(l), (c)+=4, (l)) #endif -#if defined(DATA_ORDER_IS_BIG_ENDIAN) - +#ifndef HOST_c2l #define HOST_c2l(c,l) (l =(((unsigned long)(*((c)++)))<<24), \ l|=(((unsigned long)(*((c)++)))<<16), \ l|=(((unsigned long)(*((c)++)))<< 8), \ l|=(((unsigned long)(*((c)++))) ), \ l) -#define HOST_p_c2l(c,l,n) { \ - switch (n) { \ - case 0: l =((unsigned long)(*((c)++)))<<24; \ - case 1: l|=((unsigned long)(*((c)++)))<<16; \ - case 2: l|=((unsigned long)(*((c)++)))<< 8; \ - case 3: l|=((unsigned long)(*((c)++))); \ - } } -#define HOST_p_c2l_p(c,l,sc,len) { \ - switch (sc) { \ - case 0: l =((unsigned long)(*((c)++)))<<24; \ - if (--len == 0) break; \ - case 1: l|=((unsigned long)(*((c)++)))<<16; \ - if (--len == 0) break; \ - case 2: l|=((unsigned long)(*((c)++)))<< 8; \ - } } -/* NOTE the pointer is not incremented at the end of this */ -#define HOST_c2l_p(c,l,n) { \ - l=0; (c)+=n; \ - switch (n) { \ - case 3: l =((unsigned long)(*(--(c))))<< 8; \ - case 2: l|=((unsigned long)(*(--(c))))<<16; \ - case 1: l|=((unsigned long)(*(--(c))))<<24; \ - } } +#endif +#ifndef HOST_l2c #define HOST_l2c(l,c) (*((c)++)=(unsigned char)(((l)>>24)&0xff), \ *((c)++)=(unsigned char)(((l)>>16)&0xff), \ *((c)++)=(unsigned char)(((l)>> 8)&0xff), \ *((c)++)=(unsigned char)(((l) )&0xff), \ l) +#endif #elif defined(DATA_ORDER_IS_LITTLE_ENDIAN) +#ifndef PEDANTIC +# if defined(__GNUC__) && __GNUC__>=2 && !defined(OPENSSL_NO_ASM) && !defined(OPENSSL_NO_INLINE_ASM) +# if defined(__s390x__) +# define HOST_c2l(c,l) ({ asm ("lrv %0,0(%1)" \ + :"=r"(l) : "r"(c)); \ + (c)+=4; (l); }) +# define HOST_l2c(l,c) ({ asm ("strv %0,0(%1)" \ + : : "r"(l),"r"(c) : "memory"); \ + (c)+=4; (l); }) +# endif +# endif +#endif +#if defined(__i386) || defined(__i386__) || defined(__x86_64) || defined(__x86_64__) +# ifndef B_ENDIAN + /* See comment in DATA_ORDER_IS_BIG_ENDIAN section. */ +# define HOST_c2l(c,l) ((l)=*((const unsigned int *)(c)), (c)+=4, l) +# define HOST_l2c(l,c) (*((unsigned int *)(c))=(l), (c)+=4, l) +# endif +#endif + +#ifndef HOST_c2l #define HOST_c2l(c,l) (l =(((unsigned long)(*((c)++))) ), \ l|=(((unsigned long)(*((c)++)))<< 8), \ l|=(((unsigned long)(*((c)++)))<<16), \ l|=(((unsigned long)(*((c)++)))<<24), \ l) -#define HOST_p_c2l(c,l,n) { \ - switch (n) { \ - case 0: l =((unsigned long)(*((c)++))); \ - case 1: l|=((unsigned long)(*((c)++)))<< 8; \ - case 2: l|=((unsigned long)(*((c)++)))<<16; \ - case 3: l|=((unsigned long)(*((c)++)))<<24; \ - } } -#define HOST_p_c2l_p(c,l,sc,len) { \ - switch (sc) { \ - case 0: l =((unsigned long)(*((c)++))); \ - if (--len == 0) break; \ - case 1: l|=((unsigned long)(*((c)++)))<< 8; \ - if (--len == 0) break; \ - case 2: l|=((unsigned long)(*((c)++)))<<16; \ - } } -/* NOTE the pointer is not incremented at the end of this */ -#define HOST_c2l_p(c,l,n) { \ - l=0; (c)+=n; \ - switch (n) { \ - case 3: l =((unsigned long)(*(--(c))))<<16; \ - case 2: l|=((unsigned long)(*(--(c))))<< 8; \ - case 1: l|=((unsigned long)(*(--(c)))); \ - } } +#endif +#ifndef HOST_l2c #define HOST_l2c(l,c) (*((c)++)=(unsigned char)(((l) )&0xff), \ *((c)++)=(unsigned char)(((l)>> 8)&0xff), \ *((c)++)=(unsigned char)(((l)>>16)&0xff), \ *((c)++)=(unsigned char)(((l)>>24)&0xff), \ l) +#endif #endif @@ -414,118 +279,60 @@ * Time for some action:-) */ -int HASH_UPDATE (HASH_CTX *c, const void *data_, unsigned long len) +int HASH_UPDATE (HASH_CTX *c, const void *data_, size_t len) { const unsigned char *data=data_; - register HASH_LONG * p; - register unsigned long l; - int sw,sc,ew,ec; + unsigned char *p; + HASH_LONG l; + size_t n; if (len==0) return 1; - l=(c->Nl+(len<<3))&0xffffffffL; + l=(c->Nl+(((HASH_LONG)len)<<3))&0xffffffffUL; /* 95-05-24 eay Fixed a bug with the overflow handling, thanks to * Wei Dai for pointing it out. */ if (l < c->Nl) /* overflow */ c->Nh++; - c->Nh+=(len>>29); + c->Nh+=(len>>29); /* might cause compiler warning on 16-bit */ c->Nl=l; - if (c->num != 0) + n = c->num; + if (n != 0) { - p=c->data; - sw=c->num>>2; - sc=c->num&0x03; + p=(unsigned char *)c->data; - if ((c->num+len) >= HASH_CBLOCK) + if ((n+len) >= HASH_CBLOCK) { - l=p[sw]; HOST_p_c2l(data,l,sc); p[sw++]=l; - for (; swnum); - c->num=0; - /* drop through and do the rest */ + memcpy (p+n,data,HASH_CBLOCK-n); + HASH_BLOCK_DATA_ORDER (c,p,1); + n = HASH_CBLOCK-n; + data += n; + len -= n; + c->num = 0; + memset (p,0,HASH_CBLOCK); /* keep it zeroed */ } else { - c->num+=len; - if ((sc+len) < 4) /* ugly, add char's to a word */ - { - l=p[sw]; HOST_p_c2l_p(data,l,sc,len); p[sw]=l; - } - else - { - ew=(c->num>>2); - ec=(c->num&0x03); - if (sc) - l=p[sw]; - HOST_p_c2l(data,l,sc); - p[sw++]=l; - for (; sw < ew; sw++) - { - HOST_c2l(data,l); p[sw]=l; - } - if (ec) - { - HOST_c2l_p(data,l,ec); p[sw]=l; - } - } + memcpy (p+n,data,len); + c->num += (unsigned int)len; return 1; } } - sw=len/HASH_CBLOCK; - if (sw > 0) + n = len/HASH_CBLOCK; + if (n > 0) { -#if defined(HASH_BLOCK_DATA_ORDER_ALIGNED) - /* - * Note that HASH_BLOCK_DATA_ORDER_ALIGNED gets defined - * only if sizeof(HASH_LONG)==4. - */ - if ((((unsigned long)data)%4) == 0) - { - /* data is properly aligned so that we can cast it: */ - HASH_BLOCK_DATA_ORDER_ALIGNED (c,(HASH_LONG *)data,sw); - sw*=HASH_CBLOCK; - data+=sw; - len-=sw; - } - else -#if !defined(HASH_BLOCK_DATA_ORDER) - while (sw--) - { - memcpy (p=c->data,data,HASH_CBLOCK); - HASH_BLOCK_DATA_ORDER_ALIGNED(c,p,1); - data+=HASH_CBLOCK; - len-=HASH_CBLOCK; - } -#endif -#endif -#if defined(HASH_BLOCK_DATA_ORDER) - { - HASH_BLOCK_DATA_ORDER(c,data,sw); - sw*=HASH_CBLOCK; - data+=sw; - len-=sw; - } -#endif + HASH_BLOCK_DATA_ORDER (c,data,n); + n *= HASH_CBLOCK; + data += n; + len -= n; } - if (len!=0) + if (len != 0) { - p = c->data; + p = (unsigned char *)c->data; c->num = len; - ew=len>>2; /* words to copy */ - ec=len&0x03; - for (; ew; ew--,p++) - { - HOST_c2l(data,l); *p=l; - } - HOST_c2l_p(data,l,ec); - *p=l; + memcpy (p,data,len); } return 1; } @@ -533,81 +340,38 @@ int HASH_UPDATE (HASH_CTX *c, const void *data_, unsigned long len) void HASH_TRANSFORM (HASH_CTX *c, const unsigned char *data) { -#if defined(HASH_BLOCK_DATA_ORDER_ALIGNED) - if ((((unsigned long)data)%4) == 0) - /* data is properly aligned so that we can cast it: */ - HASH_BLOCK_DATA_ORDER_ALIGNED (c,(HASH_LONG *)data,1); - else -#if !defined(HASH_BLOCK_DATA_ORDER) - { - memcpy (c->data,data,HASH_CBLOCK); - HASH_BLOCK_DATA_ORDER_ALIGNED (c,c->data,1); - } -#endif -#endif -#if defined(HASH_BLOCK_DATA_ORDER) HASH_BLOCK_DATA_ORDER (c,data,1); -#endif } int HASH_FINAL (unsigned char *md, HASH_CTX *c) { - register HASH_LONG *p; - register unsigned long l; - register int i,j; - static const unsigned char end[4]={0x80,0x00,0x00,0x00}; - const unsigned char *cp=end; - -#if 0 - if(FIPS_mode() && !FIPS_md5_allowed()) - { - FIPSerr(FIPS_F_HASH_FINAL,FIPS_R_NON_FIPS_METHOD); - return 0; - } -#endif + unsigned char *p = (unsigned char *)c->data; + size_t n = c->num; - /* c->num should definitly have room for at least one more byte. */ - p=c->data; - i=c->num>>2; - j=c->num&0x03; - -#if 0 - /* purify often complains about the following line as an - * Uninitialized Memory Read. While this can be true, the - * following p_c2l macro will reset l when that case is true. - * This is because j&0x03 contains the number of 'valid' bytes - * already in p[i]. If and only if j&0x03 == 0, the UMR will - * occur but this is also the only time p_c2l will do - * l= *(cp++) instead of l|= *(cp++) - * Many thanks to Alex Tang for pickup this - * 'potential bug' */ -#ifdef PURIFY - if (j==0) p[i]=0; /* Yeah, but that's not the way to fix it:-) */ -#endif - l=p[i]; -#else - l = (j==0) ? 0 : p[i]; -#endif - HOST_p_c2l(cp,l,j); p[i++]=l; /* i is the next 'undefined word' */ + p[n] = 0x80; /* there is always room for one */ + n++; - if (i>(HASH_LBLOCK-2)) /* save room for Nl and Nh */ + if (n > (HASH_CBLOCK-8)) { - if (iNh; - p[HASH_LBLOCK-1]=c->Nl; + (void)HOST_l2c(c->Nh,p); + (void)HOST_l2c(c->Nl,p); #elif defined(DATA_ORDER_IS_LITTLE_ENDIAN) - p[HASH_LBLOCK-2]=c->Nl; - p[HASH_LBLOCK-1]=c->Nh; + (void)HOST_l2c(c->Nl,p); + (void)HOST_l2c(c->Nh,p); #endif - HASH_BLOCK_HOST_ORDER (c,p,1); + p -= HASH_CBLOCK; + HASH_BLOCK_DATA_ORDER (c,p,1); + c->num=0; + memset (p,0,HASH_CBLOCK); #ifndef HASH_MAKE_STRING #error "HASH_MAKE_STRING must be defined!" @@ -615,11 +379,6 @@ int HASH_FINAL (unsigned char *md, HASH_CTX *c) HASH_MAKE_STRING(c,md); #endif - c->num=0; - /* clear stuff, HASH_BLOCK may be leaving some stuff on the stack - * but I'm not worried :-) - OPENSSL_cleanse((void *)c,sizeof(HASH_CTX)); - */ return 1; } diff --git a/src/lib/libssl/src/crypto/md4/Makefile b/src/lib/libssl/src/crypto/md4/Makefile index eeb457f20f..ef97bb0cbe 100644 --- a/src/lib/libssl/src/crypto/md4/Makefile +++ b/src/lib/libssl/src/crypto/md4/Makefile @@ -8,11 +8,6 @@ CC= cc CPP= $(CC) -E INCLUDES= CFLAG=-g -INSTALL_PREFIX= -OPENSSLDIR= /usr/local/ssl -INSTALLTOP=/usr/local/ssl -MAKEDEPPROG= makedepend -MAKEDEPEND= $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG) MAKEFILE= Makefile AR= ar r @@ -52,6 +47,7 @@ links: @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS) install: + @[ -n "$(INSTALLTOP)" ] # should be set by top Makefile... @headerlist="$(EXHEADER)"; for i in $$headerlist ; \ do \ (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \ @@ -67,6 +63,7 @@ lint: lint -DLINT $(INCLUDES) $(SRC)>fluff depend: + @[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile... $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC) dclean: @@ -78,15 +75,12 @@ clean: # DO NOT DELETE THIS LINE -- make depend depends on it. -md4_dgst.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h -md4_dgst.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -md4_dgst.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h -md4_dgst.o: ../../include/openssl/md4.h ../../include/openssl/opensslconf.h -md4_dgst.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h -md4_dgst.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -md4_dgst.o: ../md32_common.h md4_dgst.c md4_locl.h +md4_dgst.o: ../../include/openssl/e_os2.h ../../include/openssl/md4.h +md4_dgst.o: ../../include/openssl/opensslconf.h +md4_dgst.o: ../../include/openssl/opensslv.h ../md32_common.h md4_dgst.c +md4_dgst.o: md4_locl.h md4_one.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h md4_one.o: ../../include/openssl/md4.h ../../include/openssl/opensslconf.h -md4_one.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h -md4_one.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -md4_one.o: md4_one.c +md4_one.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +md4_one.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +md4_one.o: ../../include/openssl/symhacks.h md4_one.c diff --git a/src/lib/libssl/src/crypto/md4/md4.h b/src/lib/libssl/src/crypto/md4/md4.h index 7e761efb62..5598c93a4f 100644 --- a/src/lib/libssl/src/crypto/md4/md4.h +++ b/src/lib/libssl/src/crypto/md4/md4.h @@ -60,6 +60,7 @@ #define HEADER_MD4_H #include +#include #ifdef __cplusplus extern "C" { @@ -101,16 +102,13 @@ typedef struct MD4state_st MD4_LONG A,B,C,D; MD4_LONG Nl,Nh; MD4_LONG data[MD4_LBLOCK]; - int num; + unsigned int num; } MD4_CTX; -#ifdef OPENSSL_FIPS -int private_MD4_Init(MD4_CTX *c); -#endif int MD4_Init(MD4_CTX *c); -int MD4_Update(MD4_CTX *c, const void *data, unsigned long len); +int MD4_Update(MD4_CTX *c, const void *data, size_t len); int MD4_Final(unsigned char *md, MD4_CTX *c); -unsigned char *MD4(const unsigned char *d, unsigned long n, unsigned char *md); +unsigned char *MD4(const unsigned char *d, size_t n, unsigned char *md); void MD4_Transform(MD4_CTX *c, const unsigned char *b); #ifdef __cplusplus } diff --git a/src/lib/libssl/src/crypto/md4/md4_dgst.c b/src/lib/libssl/src/crypto/md4/md4_dgst.c index ee7cc72262..cfef94af39 100644 --- a/src/lib/libssl/src/crypto/md4/md4_dgst.c +++ b/src/lib/libssl/src/crypto/md4/md4_dgst.c @@ -60,7 +60,7 @@ #include "md4_locl.h" #include -const char *MD4_version="MD4" OPENSSL_VERSION_PTEXT; +const char MD4_version[]="MD4" OPENSSL_VERSION_PTEXT; /* Implemented from RFC1186 The MD4 Message-Digest Algorithm */ @@ -70,7 +70,7 @@ const char *MD4_version="MD4" OPENSSL_VERSION_PTEXT; #define INIT_DATA_C (unsigned long)0x98badcfeL #define INIT_DATA_D (unsigned long)0x10325476L -FIPS_NON_FIPS_MD_Init(MD4) +int MD4_Init(MD4_CTX *c) { c->A=INIT_DATA_A; c->B=INIT_DATA_B; @@ -82,84 +82,11 @@ FIPS_NON_FIPS_MD_Init(MD4) return 1; } -#ifndef md4_block_host_order -void md4_block_host_order (MD4_CTX *c, const void *data, int num) - { - const MD4_LONG *X=data; - register unsigned MD32_REG_T A,B,C,D; - - A=c->A; - B=c->B; - C=c->C; - D=c->D; - - for (;num--;X+=HASH_LBLOCK) - { - /* Round 0 */ - R0(A,B,C,D,X[ 0], 3,0); - R0(D,A,B,C,X[ 1], 7,0); - R0(C,D,A,B,X[ 2],11,0); - R0(B,C,D,A,X[ 3],19,0); - R0(A,B,C,D,X[ 4], 3,0); - R0(D,A,B,C,X[ 5], 7,0); - R0(C,D,A,B,X[ 6],11,0); - R0(B,C,D,A,X[ 7],19,0); - R0(A,B,C,D,X[ 8], 3,0); - R0(D,A,B,C,X[ 9], 7,0); - R0(C,D,A,B,X[10],11,0); - R0(B,C,D,A,X[11],19,0); - R0(A,B,C,D,X[12], 3,0); - R0(D,A,B,C,X[13], 7,0); - R0(C,D,A,B,X[14],11,0); - R0(B,C,D,A,X[15],19,0); - /* Round 1 */ - R1(A,B,C,D,X[ 0], 3,0x5A827999L); - R1(D,A,B,C,X[ 4], 5,0x5A827999L); - R1(C,D,A,B,X[ 8], 9,0x5A827999L); - R1(B,C,D,A,X[12],13,0x5A827999L); - R1(A,B,C,D,X[ 1], 3,0x5A827999L); - R1(D,A,B,C,X[ 5], 5,0x5A827999L); - R1(C,D,A,B,X[ 9], 9,0x5A827999L); - R1(B,C,D,A,X[13],13,0x5A827999L); - R1(A,B,C,D,X[ 2], 3,0x5A827999L); - R1(D,A,B,C,X[ 6], 5,0x5A827999L); - R1(C,D,A,B,X[10], 9,0x5A827999L); - R1(B,C,D,A,X[14],13,0x5A827999L); - R1(A,B,C,D,X[ 3], 3,0x5A827999L); - R1(D,A,B,C,X[ 7], 5,0x5A827999L); - R1(C,D,A,B,X[11], 9,0x5A827999L); - R1(B,C,D,A,X[15],13,0x5A827999L); - /* Round 2 */ - R2(A,B,C,D,X[ 0], 3,0x6ED9EBA1); - R2(D,A,B,C,X[ 8], 9,0x6ED9EBA1); - R2(C,D,A,B,X[ 4],11,0x6ED9EBA1); - R2(B,C,D,A,X[12],15,0x6ED9EBA1); - R2(A,B,C,D,X[ 2], 3,0x6ED9EBA1); - R2(D,A,B,C,X[10], 9,0x6ED9EBA1); - R2(C,D,A,B,X[ 6],11,0x6ED9EBA1); - R2(B,C,D,A,X[14],15,0x6ED9EBA1); - R2(A,B,C,D,X[ 1], 3,0x6ED9EBA1); - R2(D,A,B,C,X[ 9], 9,0x6ED9EBA1); - R2(C,D,A,B,X[ 5],11,0x6ED9EBA1); - R2(B,C,D,A,X[13],15,0x6ED9EBA1); - R2(A,B,C,D,X[ 3], 3,0x6ED9EBA1); - R2(D,A,B,C,X[11], 9,0x6ED9EBA1); - R2(C,D,A,B,X[ 7],11,0x6ED9EBA1); - R2(B,C,D,A,X[15],15,0x6ED9EBA1); - - A = c->A += A; - B = c->B += B; - C = c->C += C; - D = c->D += D; - } - } -#endif - #ifndef md4_block_data_order #ifdef X #undef X #endif -void md4_block_data_order (MD4_CTX *c, const void *data_, int num) +void md4_block_data_order (MD4_CTX *c, const void *data_, size_t num) { const unsigned char *data=data_; register unsigned MD32_REG_T A,B,C,D,l; @@ -240,19 +167,3 @@ void md4_block_data_order (MD4_CTX *c, const void *data_, int num) } } #endif - -#ifdef undef -int printit(unsigned long *l) - { - int i,ii; - - for (i=0; i<2; i++) - { - for (ii=0; ii<8; ii++) - { - fprintf(stderr,"%08lx ",l[i*8+ii]); - } - fprintf(stderr,"\n"); - } - } -#endif diff --git a/src/lib/libssl/src/crypto/md4/md4_locl.h b/src/lib/libssl/src/crypto/md4/md4_locl.h index a8d31d7a73..c8085b0ead 100644 --- a/src/lib/libssl/src/crypto/md4/md4_locl.h +++ b/src/lib/libssl/src/crypto/md4/md4_locl.h @@ -65,41 +65,13 @@ #define MD4_LONG_LOG2 2 /* default to 32 bits */ #endif -void md4_block_host_order (MD4_CTX *c, const void *p,int num); -void md4_block_data_order (MD4_CTX *c, const void *p,int num); - -#if defined(__i386) || defined(__i386__) || defined(_M_IX86) || defined(__INTEL__) -/* - * *_block_host_order is expected to handle aligned data while - * *_block_data_order - unaligned. As algorithm and host (x86) - * are in this case of the same "endianness" these two are - * otherwise indistinguishable. But normally you don't want to - * call the same function because unaligned access in places - * where alignment is expected is usually a "Bad Thing". Indeed, - * on RISCs you get punished with BUS ERROR signal or *severe* - * performance degradation. Intel CPUs are in turn perfectly - * capable of loading unaligned data without such drastic side - * effect. Yes, they say it's slower than aligned load, but no - * exception is generated and therefore performance degradation - * is *incomparable* with RISCs. What we should weight here is - * costs of unaligned access against costs of aligning data. - * According to my measurements allowing unaligned access results - * in ~9% performance improvement on Pentium II operating at - * 266MHz. I won't be surprised if the difference will be higher - * on faster systems:-) - * - * - */ -#define md4_block_data_order md4_block_host_order -#endif +void md4_block_data_order (MD4_CTX *c, const void *p,size_t num); #define DATA_ORDER_IS_LITTLE_ENDIAN #define HASH_LONG MD4_LONG -#define HASH_LONG_LOG2 MD4_LONG_LOG2 #define HASH_CTX MD4_CTX #define HASH_CBLOCK MD4_CBLOCK -#define HASH_LBLOCK MD4_LBLOCK #define HASH_UPDATE MD4_Update #define HASH_TRANSFORM MD4_Transform #define HASH_FINAL MD4_Final @@ -110,21 +82,7 @@ void md4_block_data_order (MD4_CTX *c, const void *p,int num); ll=(c)->C; HOST_l2c(ll,(s)); \ ll=(c)->D; HOST_l2c(ll,(s)); \ } while (0) -#define HASH_BLOCK_HOST_ORDER md4_block_host_order -#if !defined(L_ENDIAN) || defined(md4_block_data_order) #define HASH_BLOCK_DATA_ORDER md4_block_data_order -/* - * Little-endians (Intel and Alpha) feel better without this. - * It looks like memcpy does better job than generic - * md4_block_data_order on copying-n-aligning input data. - * But frankly speaking I didn't expect such result on Alpha. - * On the other hand I've got this with egcs-1.0.2 and if - * program is compiled with another (better?) compiler it - * might turn out other way around. - * - * - */ -#endif #include "md32_common.h" diff --git a/src/lib/libssl/src/crypto/md4/md4_one.c b/src/lib/libssl/src/crypto/md4/md4_one.c index 50f79352f6..bb64362638 100644 --- a/src/lib/libssl/src/crypto/md4/md4_one.c +++ b/src/lib/libssl/src/crypto/md4/md4_one.c @@ -65,7 +65,7 @@ #include #endif -unsigned char *MD4(const unsigned char *d, unsigned long n, unsigned char *md) +unsigned char *MD4(const unsigned char *d, size_t n, unsigned char *md) { MD4_CTX c; static unsigned char m[MD4_DIGEST_LENGTH]; diff --git a/src/lib/libssl/src/crypto/md4/md4test.c b/src/lib/libssl/src/crypto/md4/md4test.c index 21a77d96f7..56591728a1 100644 --- a/src/lib/libssl/src/crypto/md4/md4test.c +++ b/src/lib/libssl/src/crypto/md4/md4test.c @@ -97,16 +97,16 @@ static char *pt(unsigned char *md); int main(int argc, char *argv[]) { int i,err=0; - unsigned char **P,**R; + char **P,**R; char *p; unsigned char md[MD4_DIGEST_LENGTH]; - P=(unsigned char **)test; - R=(unsigned char **)ret; + P=test; + R=ret; i=1; while (*P != NULL) { - EVP_Digest(&(P[0][0]),(unsigned long)strlen((char *)*P),md,NULL,EVP_md4(), NULL); + EVP_Digest(&(P[0][0]),strlen((char *)*P),md,NULL,EVP_md4(), NULL); p=pt(md); if (strcmp(p,(char *)*R) != 0) { diff --git a/src/lib/libssl/src/crypto/md5/Makefile b/src/lib/libssl/src/crypto/md5/Makefile index 1ed018526f..ceb00e8956 100644 --- a/src/lib/libssl/src/crypto/md5/Makefile +++ b/src/lib/libssl/src/crypto/md5/Makefile @@ -8,11 +8,6 @@ CC= cc CPP= $(CC) -E INCLUDES=-I.. -I$(TOP) -I../../include CFLAG=-g -INSTALL_PREFIX= -OPENSSLDIR= /usr/local/ssl -INSTALLTOP=/usr/local/ssl -MAKEDEPPROG= makedepend -MAKEDEPEND= $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG) MAKEFILE= Makefile AR= ar r @@ -20,6 +15,7 @@ MD5_ASM_OBJ= CFLAGS= $(INCLUDES) $(CFLAG) ASFLAGS= $(INCLUDES) $(ASFLAG) +AFLAGS= $(ASFLAGS) GENERAL=Makefile TEST=md5test.c @@ -46,38 +42,17 @@ lib: $(LIBOBJ) $(RANLIB) $(LIB) || echo Never mind. @touch lib -# elf -asm/mx86-elf.s: asm/md5-586.pl ../perlasm/x86asm.pl - (cd asm; $(PERL) md5-586.pl elf $(CFLAGS) > mx86-elf.s) - +# ELF +mx86-elf.s: asm/md5-586.pl ../perlasm/x86asm.pl + (cd asm; $(PERL) md5-586.pl elf $(CFLAGS) > ../$@) +# COFF +mx86-cof.s: asm/md5-586.pl ../perlasm/x86asm.pl + (cd asm; $(PERL) md5-586.pl coff $(CFLAGS) > ../$@) # a.out -asm/mx86-out.o: asm/mx86unix.cpp - $(CPP) -DOUT asm/mx86unix.cpp | as -o asm/mx86-out.o - -# bsdi -asm/mx86bsdi.o: asm/mx86unix.cpp - $(CPP) -DBSDI asm/mx86unix.cpp | sed 's/ :/:/' | as -o asm/mx86bsdi.o - -asm/mx86unix.cpp: asm/md5-586.pl ../perlasm/x86asm.pl - (cd asm; $(PERL) md5-586.pl cpp >mx86unix.cpp) - -asm/md5-sparcv8plus.o: asm/md5-sparcv9.S - $(CC) $(ASFLAGS) -DMD5_BLOCK_DATA_ORDER -c \ - -o asm/md5-sparcv8plus.o asm/md5-sparcv9.S - -# Old GNU assembler doesn't understand V9 instructions, so we -# hire /usr/ccs/bin/as to do the job. Note that option is called -# *-gcc27, but even gcc 2>=8 users may experience similar problem -# if they didn't bother to upgrade GNU assembler. Such users should -# not choose this option, but be adviced to *remove* GNU assembler -# or upgrade it. -asm/md5-sparcv8plus-gcc27.o: asm/md5-sparcv9.S - $(CC) $(ASFLAGS) -DMD5_BLOCK_DATA_ORDER -E asm/md5-sparcv9.S | \ - /usr/ccs/bin/as -xarch=v8plus - -o asm/md5-sparcv8plus-gcc27.o - -asm/md5-sparcv9.o: asm/md5-sparcv9.S - $(CC) $(ASFLAGS) -DMD5_BLOCK_DATA_ORDER -c \ - -o asm/md5-sparcv9.o asm/md5-sparcv9.S +mx86-out.s: asm/md5-586.pl ../perlasm/x86asm.pl + (cd asm; $(PERL) md5-586.pl a.out $(CFLAGS) > ../$@) + +md5-x86_64.s: asm/md5-x86_64.pl; $(PERL) asm/md5-x86_64.pl $@ files: $(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO @@ -88,6 +63,7 @@ links: @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS) install: + @[ -n "$(INSTALLTOP)" ] # should be set by top Makefile... @headerlist="$(EXHEADER)"; for i in $$headerlist ; \ do \ (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \ @@ -103,6 +79,7 @@ lint: lint -DLINT $(INCLUDES) $(SRC)>fluff depend: + @[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile... $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC) dclean: @@ -110,19 +87,16 @@ dclean: mv -f Makefile.new $(MAKEFILE) clean: - rm -f asm/mx86unix.cpp asm/*-elf.* *.o asm/*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff + rm -f *.s *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff # DO NOT DELETE THIS LINE -- make depend depends on it. -md5_dgst.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h -md5_dgst.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -md5_dgst.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h -md5_dgst.o: ../../include/openssl/md5.h ../../include/openssl/opensslconf.h -md5_dgst.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h -md5_dgst.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -md5_dgst.o: ../md32_common.h md5_dgst.c md5_locl.h +md5_dgst.o: ../../include/openssl/e_os2.h ../../include/openssl/md5.h +md5_dgst.o: ../../include/openssl/opensslconf.h +md5_dgst.o: ../../include/openssl/opensslv.h ../md32_common.h md5_dgst.c +md5_dgst.o: md5_locl.h md5_one.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h md5_one.o: ../../include/openssl/md5.h ../../include/openssl/opensslconf.h -md5_one.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h -md5_one.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -md5_one.o: md5_one.c +md5_one.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +md5_one.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +md5_one.o: ../../include/openssl/symhacks.h md5_one.c diff --git a/src/lib/libssl/src/crypto/md5/asm/md5-586.pl b/src/lib/libssl/src/crypto/md5/asm/md5-586.pl index fa3fa3bed5..76ac235f7d 100644 --- a/src/lib/libssl/src/crypto/md5/asm/md5-586.pl +++ b/src/lib/libssl/src/crypto/md5/asm/md5-586.pl @@ -29,7 +29,7 @@ $X="esi"; 0, 7, 14, 5, 12, 3, 10, 1, 8, 15, 6, 13, 4, 11, 2, 9, # R3 ); -&md5_block("md5_block_asm_host_order"); +&md5_block("md5_block_asm_data_order"); &asm_finish(); sub Np diff --git a/src/lib/libssl/src/crypto/md5/md5.h b/src/lib/libssl/src/crypto/md5/md5.h index c663dd1816..dbdc0e1abc 100644 --- a/src/lib/libssl/src/crypto/md5/md5.h +++ b/src/lib/libssl/src/crypto/md5/md5.h @@ -60,6 +60,7 @@ #define HEADER_MD5_H #include +#include #ifdef __cplusplus extern "C" { @@ -101,16 +102,13 @@ typedef struct MD5state_st MD5_LONG A,B,C,D; MD5_LONG Nl,Nh; MD5_LONG data[MD5_LBLOCK]; - int num; + unsigned int num; } MD5_CTX; -#ifdef OPENSSL_FIPS -int private_MD5_Init(MD5_CTX *c); -#endif int MD5_Init(MD5_CTX *c); -int MD5_Update(MD5_CTX *c, const void *data, unsigned long len); +int MD5_Update(MD5_CTX *c, const void *data, size_t len); int MD5_Final(unsigned char *md, MD5_CTX *c); -unsigned char *MD5(const unsigned char *d, unsigned long n, unsigned char *md); +unsigned char *MD5(const unsigned char *d, size_t n, unsigned char *md); void MD5_Transform(MD5_CTX *c, const unsigned char *b); #ifdef __cplusplus } diff --git a/src/lib/libssl/src/crypto/md5/md5_dgst.c b/src/lib/libssl/src/crypto/md5/md5_dgst.c index 54b33c6509..b96e332ba4 100644 --- a/src/lib/libssl/src/crypto/md5/md5_dgst.c +++ b/src/lib/libssl/src/crypto/md5/md5_dgst.c @@ -60,7 +60,7 @@ #include "md5_locl.h" #include -const char *MD5_version="MD5" OPENSSL_VERSION_PTEXT; +const char MD5_version[]="MD5" OPENSSL_VERSION_PTEXT; /* Implemented from RFC1321 The MD5 Message-Digest Algorithm */ @@ -70,7 +70,7 @@ const char *MD5_version="MD5" OPENSSL_VERSION_PTEXT; #define INIT_DATA_C (unsigned long)0x98badcfeL #define INIT_DATA_D (unsigned long)0x10325476L -FIPS_NON_FIPS_MD_Init(MD5) +int MD5_Init(MD5_CTX *c) { c->A=INIT_DATA_A; c->B=INIT_DATA_B; @@ -82,101 +82,11 @@ FIPS_NON_FIPS_MD_Init(MD5) return 1; } -#ifndef md5_block_host_order -void md5_block_host_order (MD5_CTX *c, const void *data, int num) - { - const MD5_LONG *X=data; - register unsigned MD32_REG_T A,B,C,D; - - A=c->A; - B=c->B; - C=c->C; - D=c->D; - - for (;num--;X+=HASH_LBLOCK) - { - /* Round 0 */ - R0(A,B,C,D,X[ 0], 7,0xd76aa478L); - R0(D,A,B,C,X[ 1],12,0xe8c7b756L); - R0(C,D,A,B,X[ 2],17,0x242070dbL); - R0(B,C,D,A,X[ 3],22,0xc1bdceeeL); - R0(A,B,C,D,X[ 4], 7,0xf57c0fafL); - R0(D,A,B,C,X[ 5],12,0x4787c62aL); - R0(C,D,A,B,X[ 6],17,0xa8304613L); - R0(B,C,D,A,X[ 7],22,0xfd469501L); - R0(A,B,C,D,X[ 8], 7,0x698098d8L); - R0(D,A,B,C,X[ 9],12,0x8b44f7afL); - R0(C,D,A,B,X[10],17,0xffff5bb1L); - R0(B,C,D,A,X[11],22,0x895cd7beL); - R0(A,B,C,D,X[12], 7,0x6b901122L); - R0(D,A,B,C,X[13],12,0xfd987193L); - R0(C,D,A,B,X[14],17,0xa679438eL); - R0(B,C,D,A,X[15],22,0x49b40821L); - /* Round 1 */ - R1(A,B,C,D,X[ 1], 5,0xf61e2562L); - R1(D,A,B,C,X[ 6], 9,0xc040b340L); - R1(C,D,A,B,X[11],14,0x265e5a51L); - R1(B,C,D,A,X[ 0],20,0xe9b6c7aaL); - R1(A,B,C,D,X[ 5], 5,0xd62f105dL); - R1(D,A,B,C,X[10], 9,0x02441453L); - R1(C,D,A,B,X[15],14,0xd8a1e681L); - R1(B,C,D,A,X[ 4],20,0xe7d3fbc8L); - R1(A,B,C,D,X[ 9], 5,0x21e1cde6L); - R1(D,A,B,C,X[14], 9,0xc33707d6L); - R1(C,D,A,B,X[ 3],14,0xf4d50d87L); - R1(B,C,D,A,X[ 8],20,0x455a14edL); - R1(A,B,C,D,X[13], 5,0xa9e3e905L); - R1(D,A,B,C,X[ 2], 9,0xfcefa3f8L); - R1(C,D,A,B,X[ 7],14,0x676f02d9L); - R1(B,C,D,A,X[12],20,0x8d2a4c8aL); - /* Round 2 */ - R2(A,B,C,D,X[ 5], 4,0xfffa3942L); - R2(D,A,B,C,X[ 8],11,0x8771f681L); - R2(C,D,A,B,X[11],16,0x6d9d6122L); - R2(B,C,D,A,X[14],23,0xfde5380cL); - R2(A,B,C,D,X[ 1], 4,0xa4beea44L); - R2(D,A,B,C,X[ 4],11,0x4bdecfa9L); - R2(C,D,A,B,X[ 7],16,0xf6bb4b60L); - R2(B,C,D,A,X[10],23,0xbebfbc70L); - R2(A,B,C,D,X[13], 4,0x289b7ec6L); - R2(D,A,B,C,X[ 0],11,0xeaa127faL); - R2(C,D,A,B,X[ 3],16,0xd4ef3085L); - R2(B,C,D,A,X[ 6],23,0x04881d05L); - R2(A,B,C,D,X[ 9], 4,0xd9d4d039L); - R2(D,A,B,C,X[12],11,0xe6db99e5L); - R2(C,D,A,B,X[15],16,0x1fa27cf8L); - R2(B,C,D,A,X[ 2],23,0xc4ac5665L); - /* Round 3 */ - R3(A,B,C,D,X[ 0], 6,0xf4292244L); - R3(D,A,B,C,X[ 7],10,0x432aff97L); - R3(C,D,A,B,X[14],15,0xab9423a7L); - R3(B,C,D,A,X[ 5],21,0xfc93a039L); - R3(A,B,C,D,X[12], 6,0x655b59c3L); - R3(D,A,B,C,X[ 3],10,0x8f0ccc92L); - R3(C,D,A,B,X[10],15,0xffeff47dL); - R3(B,C,D,A,X[ 1],21,0x85845dd1L); - R3(A,B,C,D,X[ 8], 6,0x6fa87e4fL); - R3(D,A,B,C,X[15],10,0xfe2ce6e0L); - R3(C,D,A,B,X[ 6],15,0xa3014314L); - R3(B,C,D,A,X[13],21,0x4e0811a1L); - R3(A,B,C,D,X[ 4], 6,0xf7537e82L); - R3(D,A,B,C,X[11],10,0xbd3af235L); - R3(C,D,A,B,X[ 2],15,0x2ad7d2bbL); - R3(B,C,D,A,X[ 9],21,0xeb86d391L); - - A = c->A += A; - B = c->B += B; - C = c->C += C; - D = c->D += D; - } - } -#endif - #ifndef md5_block_data_order #ifdef X #undef X #endif -void md5_block_data_order (MD5_CTX *c, const void *data_, int num) +void md5_block_data_order (MD5_CTX *c, const void *data_, size_t num) { const unsigned char *data=data_; register unsigned MD32_REG_T A,B,C,D,l; @@ -274,19 +184,3 @@ void md5_block_data_order (MD5_CTX *c, const void *data_, int num) } } #endif - -#ifdef undef -int printit(unsigned long *l) - { - int i,ii; - - for (i=0; i<2; i++) - { - for (ii=0; ii<8; ii++) - { - fprintf(stderr,"%08lx ",l[i*8+ii]); - } - fprintf(stderr,"\n"); - } - } -#endif diff --git a/src/lib/libssl/src/crypto/md5/md5_locl.h b/src/lib/libssl/src/crypto/md5/md5_locl.h index 9e360da732..84e81b960d 100644 --- a/src/lib/libssl/src/crypto/md5/md5_locl.h +++ b/src/lib/libssl/src/crypto/md5/md5_locl.h @@ -66,49 +66,19 @@ #endif #ifdef MD5_ASM -# if defined(__i386) || defined(__i386__) || defined(_M_IX86) || defined(__INTEL__) -# define md5_block_host_order md5_block_asm_host_order -# elif defined(__sparc) && defined(OPENSSL_SYS_ULTRASPARC) - void md5_block_asm_data_order_aligned (MD5_CTX *c, const MD5_LONG *p,int num); -# define HASH_BLOCK_DATA_ORDER_ALIGNED md5_block_asm_data_order_aligned +# if defined(__i386) || defined(__i386__) || defined(_M_IX86) || defined(__INTEL__) || \ + defined(__x86_64) || defined(__x86_64__) || defined(_M_AMD64) || defined(_M_X64) +# define md5_block_data_order md5_block_asm_data_order # endif #endif -void md5_block_host_order (MD5_CTX *c, const void *p,int num); -void md5_block_data_order (MD5_CTX *c, const void *p,int num); - -#if defined(__i386) || defined(__i386__) || defined(_M_IX86) || defined(__INTEL__) -/* - * *_block_host_order is expected to handle aligned data while - * *_block_data_order - unaligned. As algorithm and host (x86) - * are in this case of the same "endianness" these two are - * otherwise indistinguishable. But normally you don't want to - * call the same function because unaligned access in places - * where alignment is expected is usually a "Bad Thing". Indeed, - * on RISCs you get punished with BUS ERROR signal or *severe* - * performance degradation. Intel CPUs are in turn perfectly - * capable of loading unaligned data without such drastic side - * effect. Yes, they say it's slower than aligned load, but no - * exception is generated and therefore performance degradation - * is *incomparable* with RISCs. What we should weight here is - * costs of unaligned access against costs of aligning data. - * According to my measurements allowing unaligned access results - * in ~9% performance improvement on Pentium II operating at - * 266MHz. I won't be surprised if the difference will be higher - * on faster systems:-) - * - * - */ -#define md5_block_data_order md5_block_host_order -#endif +void md5_block_data_order (MD5_CTX *c, const void *p,size_t num); #define DATA_ORDER_IS_LITTLE_ENDIAN #define HASH_LONG MD5_LONG -#define HASH_LONG_LOG2 MD5_LONG_LOG2 #define HASH_CTX MD5_CTX #define HASH_CBLOCK MD5_CBLOCK -#define HASH_LBLOCK MD5_LBLOCK #define HASH_UPDATE MD5_Update #define HASH_TRANSFORM MD5_Transform #define HASH_FINAL MD5_Final @@ -119,21 +89,7 @@ void md5_block_data_order (MD5_CTX *c, const void *p,int num); ll=(c)->C; HOST_l2c(ll,(s)); \ ll=(c)->D; HOST_l2c(ll,(s)); \ } while (0) -#define HASH_BLOCK_HOST_ORDER md5_block_host_order -#if !defined(L_ENDIAN) || defined(md5_block_data_order) #define HASH_BLOCK_DATA_ORDER md5_block_data_order -/* - * Little-endians (Intel and Alpha) feel better without this. - * It looks like memcpy does better job than generic - * md5_block_data_order on copying-n-aligning input data. - * But frankly speaking I didn't expect such result on Alpha. - * On the other hand I've got this with egcs-1.0.2 and if - * program is compiled with another (better?) compiler it - * might turn out other way around. - * - * - */ -#endif #include "md32_common.h" diff --git a/src/lib/libssl/src/crypto/md5/md5_one.c b/src/lib/libssl/src/crypto/md5/md5_one.c index 44c6c455d1..43fee89379 100644 --- a/src/lib/libssl/src/crypto/md5/md5_one.c +++ b/src/lib/libssl/src/crypto/md5/md5_one.c @@ -65,7 +65,7 @@ #include #endif -unsigned char *MD5(const unsigned char *d, unsigned long n, unsigned char *md) +unsigned char *MD5(const unsigned char *d, size_t n, unsigned char *md) { MD5_CTX c; static unsigned char m[MD5_DIGEST_LENGTH]; diff --git a/src/lib/libssl/src/crypto/md5/md5test.c b/src/lib/libssl/src/crypto/md5/md5test.c index bfd62629ed..2b37190e32 100644 --- a/src/lib/libssl/src/crypto/md5/md5test.c +++ b/src/lib/libssl/src/crypto/md5/md5test.c @@ -97,16 +97,16 @@ static char *pt(unsigned char *md); int main(int argc, char *argv[]) { int i,err=0; - unsigned char **P,**R; + char **P,**R; char *p; unsigned char md[MD5_DIGEST_LENGTH]; - P=(unsigned char **)test; - R=(unsigned char **)ret; + P=test; + R=ret; i=1; while (*P != NULL) { - EVP_Digest(&(P[0][0]),(unsigned long)strlen((char *)*P),md,NULL,EVP_md5(), NULL); + EVP_Digest(&(P[0][0]),strlen((char *)*P),md,NULL,EVP_md5(), NULL); p=pt(md); if (strcmp(p,(char *)*R) != 0) { @@ -120,6 +120,10 @@ int main(int argc, char *argv[]) R++; P++; } + +#ifdef OPENSSL_SYS_NETWARE + if (err) printf("ERROR: %d\n", err); +#endif EXIT(err); return(0); } diff --git a/src/lib/libssl/src/crypto/mdc2/Makefile b/src/lib/libssl/src/crypto/mdc2/Makefile index b8e9a9a4fa..1d064f17a6 100644 --- a/src/lib/libssl/src/crypto/mdc2/Makefile +++ b/src/lib/libssl/src/crypto/mdc2/Makefile @@ -7,11 +7,6 @@ TOP= ../.. CC= cc INCLUDES= CFLAG=-g -INSTALL_PREFIX= -OPENSSLDIR= /usr/local/ssl -INSTALLTOP=/usr/local/ssl -MAKEDEPPROG= makedepend -MAKEDEPEND= $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG) MAKEFILE= Makefile AR= ar r @@ -51,6 +46,7 @@ links: @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS) install: + @[ -n "$(INSTALLTOP)" ] # should be set by top Makefile... @headerlist="$(EXHEADER)"; for i in $$headerlist ; \ do \ (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \ @@ -66,6 +62,7 @@ lint: lint -DLINT $(INCLUDES) $(SRC)>fluff depend: + @[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile... $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC) dclean: @@ -83,16 +80,14 @@ mdc2_one.o: ../../include/openssl/des.h ../../include/openssl/des_old.h mdc2_one.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h mdc2_one.o: ../../include/openssl/lhash.h ../../include/openssl/mdc2.h mdc2_one.o: ../../include/openssl/opensslconf.h -mdc2_one.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h -mdc2_one.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -mdc2_one.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -mdc2_one.o: ../cryptlib.h mdc2_one.c -mdc2dgst.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h +mdc2_one.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +mdc2_one.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +mdc2_one.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h +mdc2_one.o: ../../include/openssl/ui_compat.h ../cryptlib.h mdc2_one.c mdc2dgst.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -mdc2dgst.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -mdc2dgst.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h -mdc2dgst.o: ../../include/openssl/mdc2.h ../../include/openssl/opensslconf.h -mdc2dgst.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h +mdc2dgst.o: ../../include/openssl/e_os2.h ../../include/openssl/mdc2.h +mdc2dgst.o: ../../include/openssl/opensslconf.h +mdc2dgst.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h mdc2dgst.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h mdc2dgst.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h mdc2dgst.o: mdc2dgst.c diff --git a/src/lib/libssl/src/crypto/mdc2/mdc2.h b/src/lib/libssl/src/crypto/mdc2/mdc2.h index 4cba101f37..72778a5212 100644 --- a/src/lib/libssl/src/crypto/mdc2/mdc2.h +++ b/src/lib/libssl/src/crypto/mdc2/mdc2.h @@ -74,19 +74,17 @@ extern "C" { typedef struct mdc2_ctx_st { - int num; + unsigned int num; unsigned char data[MDC2_BLOCK]; DES_cblock h,hh; int pad_type; /* either 1 or 2, default 1 */ } MDC2_CTX; -#ifdef OPENSSL_FIPS -int private_MDC2_Init(MDC2_CTX *c); -#endif + int MDC2_Init(MDC2_CTX *c); -int MDC2_Update(MDC2_CTX *c, const unsigned char *data, unsigned long len); +int MDC2_Update(MDC2_CTX *c, const unsigned char *data, size_t len); int MDC2_Final(unsigned char *md, MDC2_CTX *c); -unsigned char *MDC2(const unsigned char *d, unsigned long n, +unsigned char *MDC2(const unsigned char *d, size_t n, unsigned char *md); #ifdef __cplusplus diff --git a/src/lib/libssl/src/crypto/mdc2/mdc2test.c b/src/lib/libssl/src/crypto/mdc2/mdc2test.c index c9abe99d92..017b31add2 100644 --- a/src/lib/libssl/src/crypto/mdc2/mdc2test.c +++ b/src/lib/libssl/src/crypto/mdc2/mdc2test.c @@ -140,6 +140,9 @@ int main(int argc, char *argv[]) printf("pad2 - ok\n"); EVP_MD_CTX_cleanup(&c); +#ifdef OPENSSL_SYS_NETWARE + if (ret) printf("ERROR: %d\n", ret); +#endif EXIT(ret); return(ret); } diff --git a/src/lib/libssl/src/crypto/mem.c b/src/lib/libssl/src/crypto/mem.c index dd86733b77..6635167228 100644 --- a/src/lib/libssl/src/crypto/mem.c +++ b/src/lib/libssl/src/crypto/mem.c @@ -324,8 +324,8 @@ void *CRYPTO_realloc(void *str, int num, const char *file, int line) if (str == NULL) return CRYPTO_malloc(num, file, line); - if (num <= 0) return NULL; - + if (num <= 0) return NULL; + if (realloc_debug_func != NULL) realloc_debug_func(str, NULL, num, file, line, 0); ret = realloc_ex_func(str,num,file,line); @@ -345,9 +345,9 @@ void *CRYPTO_realloc_clean(void *str, int old_len, int num, const char *file, if (str == NULL) return CRYPTO_malloc(num, file, line); - - if (num <= 0) return NULL; - + + if (num <= 0) return NULL; + if (realloc_debug_func != NULL) realloc_debug_func(str, NULL, num, file, line, 0); ret=malloc_ex_func(num,file,line); diff --git a/src/lib/libssl/src/crypto/mem_clr.c b/src/lib/libssl/src/crypto/mem_clr.c index e4b7f540b0..add1f78020 100644 --- a/src/lib/libssl/src/crypto/mem_clr.c +++ b/src/lib/libssl/src/crypto/mem_clr.c @@ -64,12 +64,14 @@ unsigned char cleanse_ctr = 0; void OPENSSL_cleanse(void *ptr, size_t len) { unsigned char *p = ptr; - size_t loop = len; + size_t loop = len, ctr = cleanse_ctr; while(loop--) { - *(p++) = cleanse_ctr; - cleanse_ctr += (17 + (unsigned char)((int)p & 0xF)); + *(p++) = (unsigned char)ctr; + ctr += (17 + ((size_t)p & 0xF)); } - if(memchr(ptr, cleanse_ctr, len)) - cleanse_ctr += 63; + p=memchr(ptr, (unsigned char)ctr, len); + if(p) + ctr += (63 + (size_t)p); + cleanse_ctr = (unsigned char)ctr; } diff --git a/src/lib/libssl/src/crypto/mem_dbg.c b/src/lib/libssl/src/crypto/mem_dbg.c index e212de27e4..8316485217 100644 --- a/src/lib/libssl/src/crypto/mem_dbg.c +++ b/src/lib/libssl/src/crypto/mem_dbg.c @@ -59,11 +59,11 @@ #include #include #include +#include "cryptlib.h" #include #include #include #include -#include "cryptlib.h" static int mh_mode=CRYPTO_MEM_CHECK_OFF; /* The state changes to CRYPTO_MEM_CHECK_ON | CRYPTO_MEM_CHECK_ENABLE @@ -252,8 +252,16 @@ long CRYPTO_dbg_get_options(void) /* static int mem_cmp(MEM *a, MEM *b) */ static int mem_cmp(const void *a_void, const void *b_void) { +#ifdef _WIN64 + const char *a=(const char *)((const MEM *)a_void)->addr, + *b=(const char *)((const MEM *)b_void)->addr; + if (a==b) return 0; + else if (a>b) return 1; + else return -1; +#else return((const char *)((const MEM *)a_void)->addr - (const char *)((const MEM *)b_void)->addr); +#endif } /* static unsigned long mem_hash(MEM *a) */ diff --git a/src/lib/libssl/src/crypto/o_str.c b/src/lib/libssl/src/crypto/o_str.c index da8860491d..59cc25094b 100644 --- a/src/lib/libssl/src/crypto/o_str.c +++ b/src/lib/libssl/src/crypto/o_str.c @@ -60,6 +60,10 @@ #include #include "o_str.h" +#if !defined(OPENSSL_IMPLEMENTS_strncasecmp) && !defined(OPENSSL_SYSNAME_WIN32) +# include +#endif + int OPENSSL_strncasecmp(const char *str1, const char *str2, size_t n) { #if defined(OPENSSL_IMPLEMENTS_strncasecmp) @@ -94,3 +98,12 @@ int OPENSSL_strcasecmp(const char *str1, const char *str2) #endif } +int OPENSSL_memcmp(const void *v1,const void *v2,size_t n) + { + const unsigned char *c1=v1,*c2=v2; + int ret=0; + + while(n && (ret=*c1-*c2)==0) n--,c1++,c2++; + + return ret; + } diff --git a/src/lib/libssl/src/crypto/o_str.h b/src/lib/libssl/src/crypto/o_str.h index 4a70a9e00b..dfc98494c6 100644 --- a/src/lib/libssl/src/crypto/o_str.h +++ b/src/lib/libssl/src/crypto/o_str.h @@ -63,5 +63,6 @@ int OPENSSL_strcasecmp(const char *str1, const char *str2); int OPENSSL_strncasecmp(const char *str1, const char *str2, size_t n); +int OPENSSL_memcmp(const void *p1,const void *p2,size_t n); #endif diff --git a/src/lib/libssl/src/crypto/objects/Makefile b/src/lib/libssl/src/crypto/objects/Makefile index 23b2a69e6d..9c5615099c 100644 --- a/src/lib/libssl/src/crypto/objects/Makefile +++ b/src/lib/libssl/src/crypto/objects/Makefile @@ -7,11 +7,6 @@ TOP= ../.. CC= cc INCLUDES= -I.. -I$(TOP) -I../../include CFLAG=-g -INSTALL_PREFIX= -OPENSSLDIR= /usr/local/ssl -INSTALLTOP=/usr/local/ssl -MAKEDEPPROG= makedepend -MAKEDEPEND= $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG) MAKEFILE= Makefile AR= ar r PERL= perl @@ -60,6 +55,7 @@ links: @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS) install: + @[ -n "$(INSTALLTOP)" ] # should be set by top Makefile... @headerlist="$(EXHEADER)"; for i in $$headerlist ; \ do \ (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \ @@ -75,6 +71,7 @@ lint: lint -DLINT $(INCLUDES) $(SRC)>fluff depend: + @[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile... $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC) dclean: @@ -87,13 +84,13 @@ clean: # DO NOT DELETE THIS LINE -- make depend depends on it. o_names.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -o_names.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h -o_names.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -o_names.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h -o_names.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -o_names.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -o_names.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h -o_names.o: ../../include/openssl/symhacks.h o_names.c +o_names.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h +o_names.o: ../../include/openssl/err.h ../../include/openssl/lhash.h +o_names.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h +o_names.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h +o_names.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h +o_names.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +o_names.o: o_names.c obj_dat.o: ../../e_os.h ../../include/openssl/asn1.h obj_dat.o: ../../include/openssl/bio.h ../../include/openssl/bn.h obj_dat.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h @@ -104,19 +101,19 @@ obj_dat.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h obj_dat.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h obj_dat.o: ../../include/openssl/symhacks.h ../cryptlib.h obj_dat.c obj_dat.h obj_err.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -obj_err.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h -obj_err.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -obj_err.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h -obj_err.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -obj_err.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -obj_err.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h -obj_err.o: ../../include/openssl/symhacks.h obj_err.c +obj_err.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h +obj_err.o: ../../include/openssl/err.h ../../include/openssl/lhash.h +obj_err.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h +obj_err.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h +obj_err.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h +obj_err.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +obj_err.o: obj_err.c obj_lib.o: ../../e_os.h ../../include/openssl/asn1.h -obj_lib.o: ../../include/openssl/bio.h ../../include/openssl/bn.h -obj_lib.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h -obj_lib.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -obj_lib.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h -obj_lib.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -obj_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -obj_lib.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h -obj_lib.o: ../../include/openssl/symhacks.h ../cryptlib.h obj_lib.c +obj_lib.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h +obj_lib.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h +obj_lib.o: ../../include/openssl/err.h ../../include/openssl/lhash.h +obj_lib.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h +obj_lib.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h +obj_lib.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h +obj_lib.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +obj_lib.o: ../cryptlib.h obj_lib.c diff --git a/src/lib/libssl/src/crypto/objects/o_names.c b/src/lib/libssl/src/crypto/objects/o_names.c index 28c9370ca3..adb5731f76 100644 --- a/src/lib/libssl/src/crypto/objects/o_names.c +++ b/src/lib/libssl/src/crypto/objects/o_names.c @@ -111,8 +111,8 @@ int OBJ_NAME_new_index(unsigned long (*hash_func)(const char *), static int obj_name_cmp(const void *a_void, const void *b_void) { int ret; - OBJ_NAME *a = (OBJ_NAME *)a_void; - OBJ_NAME *b = (OBJ_NAME *)b_void; + const OBJ_NAME *a = (const OBJ_NAME *)a_void; + const OBJ_NAME *b = (const OBJ_NAME *)b_void; ret=a->type-b->type; if (ret == 0) @@ -133,7 +133,7 @@ static int obj_name_cmp(const void *a_void, const void *b_void) static unsigned long obj_name_hash(const void *a_void) { unsigned long ret; - OBJ_NAME *a = (OBJ_NAME *)a_void; + const OBJ_NAME *a = (const OBJ_NAME *)a_void; if ((name_funcs_stack != NULL) && (sk_NAME_FUNCS_num(name_funcs_stack) > a->type)) { diff --git a/src/lib/libssl/src/crypto/objects/obj_dat.c b/src/lib/libssl/src/crypto/objects/obj_dat.c index f549d078ef..7fd7433241 100644 --- a/src/lib/libssl/src/crypto/objects/obj_dat.c +++ b/src/lib/libssl/src/crypto/objects/obj_dat.c @@ -58,10 +58,12 @@ #include #include +#include #include "cryptlib.h" #include #include #include +#include /* obj_dat.h is generated from objects.h by obj_dat.pl */ #ifndef OPENSSL_NO_OBJECT @@ -115,7 +117,7 @@ static unsigned long add_hash(const void *ca_void) int i; unsigned long ret=0; unsigned char *p; - ADDED_OBJ *ca = (ADDED_OBJ *)ca_void; + const ADDED_OBJ *ca = (const ADDED_OBJ *)ca_void; a=ca->obj; switch (ca->type) @@ -149,8 +151,8 @@ static int add_cmp(const void *ca_void, const void *cb_void) { ASN1_OBJECT *a,*b; int i; - ADDED_OBJ *ca = (ADDED_OBJ *)ca_void; - ADDED_OBJ *cb = (ADDED_OBJ *)cb_void; + const ADDED_OBJ *ca = (const ADDED_OBJ *)ca_void; + const ADDED_OBJ *cb = (const ADDED_OBJ *)cb_void; i=ca->type-cb->type; if (i) return(i); @@ -161,7 +163,7 @@ static int add_cmp(const void *ca_void, const void *cb_void) case ADDED_DATA: i=(a->length - b->length); if (i) return(i); - return(memcmp(a->data,b->data,a->length)); + return(memcmp(a->data,b->data,(size_t)a->length)); case ADDED_SNAME: if (a->sn == NULL) return(-1); else if (b->sn == NULL) return(1); @@ -382,8 +384,8 @@ int OBJ_obj2nid(const ASN1_OBJECT *a) adp=(ADDED_OBJ *)lh_retrieve(added,&ad); if (adp != NULL) return (adp->obj->nid); } - op=(ASN1_OBJECT **)OBJ_bsearch((char *)&a,(char *)obj_objs,NUM_OBJ, - sizeof(ASN1_OBJECT *),obj_cmp); + op=(ASN1_OBJECT **)OBJ_bsearch((const char *)&a,(const char *)obj_objs, + NUM_OBJ, sizeof(ASN1_OBJECT *),obj_cmp); if (op == NULL) return(NID_undef); return((*op)->nid); @@ -399,7 +401,9 @@ ASN1_OBJECT *OBJ_txt2obj(const char *s, int no_name) { int nid = NID_undef; ASN1_OBJECT *op=NULL; - unsigned char *buf,*p; + unsigned char *buf; + unsigned char *p; + const unsigned char *cp; int i, j; if(!no_name) { @@ -411,8 +415,8 @@ ASN1_OBJECT *OBJ_txt2obj(const char *s, int no_name) /* Work out size of content octets */ i=a2d_ASN1_OBJECT(NULL,0,s,-1); if (i <= 0) { - /* Clear the error */ - ERR_get_error(); + /* Don't clear the error */ + /*ERR_clear_error();*/ return NULL; } /* Work out total size */ @@ -425,75 +429,170 @@ ASN1_OBJECT *OBJ_txt2obj(const char *s, int no_name) ASN1_put_object(&p,0,i,V_ASN1_OBJECT,V_ASN1_UNIVERSAL); /* Write out contents */ a2d_ASN1_OBJECT(p,i,s,-1); - - p=buf; - op=d2i_ASN1_OBJECT(NULL,&p,j); + + cp=buf; + op=d2i_ASN1_OBJECT(NULL,&cp,j); OPENSSL_free(buf); return op; } int OBJ_obj2txt(char *buf, int buf_len, const ASN1_OBJECT *a, int no_name) { - int i,idx=0,n=0,len,nid; + int i,n=0,len,nid, first, use_bn; + BIGNUM *bl; unsigned long l; unsigned char *p; - const char *s; char tbuf[DECIMAL_SIZE(i)+DECIMAL_SIZE(l)+2]; - if (buf_len <= 0) return(0); - if ((a == NULL) || (a->data == NULL)) { buf[0]='\0'; return(0); } - if (no_name || (nid=OBJ_obj2nid(a)) == NID_undef) { - len=a->length; - p=a->data; - idx=0; - l=0; - while (idx < a->length) { - l|=(p[idx]&0x7f); - if (!(p[idx] & 0x80)) break; - l<<=7L; - idx++; + if (!no_name && (nid=OBJ_obj2nid(a)) != NID_undef) + { + const char *s; + s=OBJ_nid2ln(nid); + if (s == NULL) + s=OBJ_nid2sn(nid); + if (buf) + BUF_strlcpy(buf,s,buf_len); + n=strlen(s); + return n; } - idx++; - i=(int)(l/40); - if (i > 2) i=2; - l-=(long)(i*40); - - BIO_snprintf(tbuf,sizeof tbuf,"%d.%lu",i,l); - i=strlen(tbuf); - BUF_strlcpy(buf,tbuf,buf_len); - buf_len-=i; - buf+=i; - n+=i; + + len=a->length; + p=a->data; + + first = 1; + bl = NULL; + + while (len > 0) + { l=0; - for (; idx (ULONG_MAX >> 7L))) + { + if (!bl && !(bl = BN_new())) + goto err; + if (!BN_set_word(bl, l)) + goto err; + use_bn = 1; + } + if (use_bn) + { + if (!BN_lshift(bl, bl, 7)) + goto err; + } + else + l<<=7L; + } + + if (first) + { + first = 0; + if (l >= 80) + { + i = 2; + if (use_bn) + { + if (!BN_sub_word(bl, 80)) + goto err; + } + else + l -= 80; + } + else + { + i=(int)(l/40); + l-=(long)(i*40); + } + if (buf && (buf_len > 0)) + { + *buf++ = i + '0'; + buf_len--; + } + n++; + } + + if (use_bn) + { + char *bndec; + bndec = BN_bn2dec(bl); + if (!bndec) + goto err; + i = strlen(bndec); + if (buf) + { if (buf_len > 0) - BUF_strlcpy(buf,tbuf,buf_len); - buf_len-=i; - buf+=i; - n+=i; - l=0; + { + *buf++ = '.'; + buf_len--; + } + BUF_strlcpy(buf,bndec,buf_len); + if (i > buf_len) + { + buf += buf_len; + buf_len = 0; + } + else + { + buf+=i; + buf_len-=i; + } + } + n++; + n += i; + OPENSSL_free(bndec); + } + else + { + BIO_snprintf(tbuf,sizeof tbuf,".%lu",l); + i=strlen(tbuf); + if (buf && (buf_len > 0)) + { + BUF_strlcpy(buf,tbuf,buf_len); + if (i > buf_len) + { + buf += buf_len; + buf_len = 0; + } + else + { + buf+=i; + buf_len-=i; + } + } + n+=i; + l=0; } - l<<=7L; } - } else { - s=OBJ_nid2ln(nid); - if (s == NULL) - s=OBJ_nid2sn(nid); - BUF_strlcpy(buf,s,buf_len); - n=strlen(s); - } - return(n); + + if (bl) + BN_free(bl); + return n; + + err: + if (bl) + BN_free(bl); + return -1; } int OBJ_txt2nid(const char *s) @@ -519,7 +618,7 @@ int OBJ_ln2nid(const char *s) adp=(ADDED_OBJ *)lh_retrieve(added,&ad); if (adp != NULL) return (adp->obj->nid); } - op=(ASN1_OBJECT **)OBJ_bsearch((char *)&oo,(char *)ln_objs,NUM_LN, + op=(ASN1_OBJECT **)OBJ_bsearch((char *)&oo,(char *)ln_objs, NUM_LN, sizeof(ASN1_OBJECT *),ln_cmp); if (op == NULL) return(NID_undef); return((*op)->nid); @@ -547,8 +646,8 @@ int OBJ_sn2nid(const char *s) static int obj_cmp(const void *ap, const void *bp) { int j; - ASN1_OBJECT *a= *(ASN1_OBJECT **)ap; - ASN1_OBJECT *b= *(ASN1_OBJECT **)bp; + const ASN1_OBJECT *a= *(ASN1_OBJECT * const *)ap; + const ASN1_OBJECT *b= *(ASN1_OBJECT * const *)bp; j=(a->length - b->length); if (j) return(j); @@ -558,8 +657,14 @@ static int obj_cmp(const void *ap, const void *bp) const char *OBJ_bsearch(const char *key, const char *base, int num, int size, int (*cmp)(const void *, const void *)) { - int l,h,i,c; - const char *p; + return OBJ_bsearch_ex(key, base, num, size, cmp, 0); + } + +const char *OBJ_bsearch_ex(const char *key, const char *base, int num, + int size, int (*cmp)(const void *, const void *), int flags) + { + int l,h,i=0,c=0; + const char *p = NULL; if (num == 0) return(NULL); l=0; @@ -574,20 +679,33 @@ const char *OBJ_bsearch(const char *key, const char *base, int num, int size, else if (c > 0) l=i+1; else - return(p); + break; } #ifdef CHARSET_EBCDIC /* THIS IS A KLUDGE - Because the *_obj is sorted in ASCII order, and * I don't have perl (yet), we revert to a *LINEAR* search * when the object wasn't found in the binary search. */ - for (i=0; i 0 && (*cmp)(key,&(base[(i-1)*size])) == 0) + i--; + p = &(base[i*size]); + } + return(p); } int OBJ_create_objects(BIO *in) diff --git a/src/lib/libssl/src/crypto/objects/obj_dat.h b/src/lib/libssl/src/crypto/objects/obj_dat.h index cc22152682..99acf131f8 100644 --- a/src/lib/libssl/src/crypto/objects/obj_dat.h +++ b/src/lib/libssl/src/crypto/objects/obj_dat.h @@ -62,12 +62,12 @@ * [including the GNU Public Licence.] */ -#define NUM_NID 676 -#define NUM_SN 669 -#define NUM_LN 669 -#define NUM_OBJ 633 +#define NUM_NID 791 +#define NUM_SN 784 +#define NUM_LN 784 +#define NUM_OBJ 740 -static unsigned char lvalues[4575]={ +static unsigned char lvalues[5258]={ 0x00, /* [ 0] OBJ_undef */ 0x2A,0x86,0x48,0x86,0xF7,0x0D, /* [ 1] OBJ_rsadsi */ 0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01, /* [ 7] OBJ_pkcs */ @@ -166,541 +166,648 @@ static unsigned char lvalues[4575]={ 0x2B,0x24,0x03,0x03,0x01,0x02, /* [603] OBJ_ripemd160WithRSA */ 0x2A,0x86,0x48,0x86,0xF7,0x0D,0x03,0x08, /* [609] OBJ_rc5_cbc */ 0x29,0x01,0x01,0x85,0x1A,0x01, /* [617] OBJ_rle_compression */ -0x29,0x01,0x01,0x85,0x1A,0x02, /* [623] OBJ_zlib_compression */ -0x55,0x1D,0x25, /* [629] OBJ_ext_key_usage */ -0x2B,0x06,0x01,0x05,0x05,0x07, /* [632] OBJ_id_pkix */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x03, /* [638] OBJ_id_kp */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x01, /* [645] OBJ_server_auth */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x02, /* [653] OBJ_client_auth */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x03, /* [661] OBJ_code_sign */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x04, /* [669] OBJ_email_protect */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x08, /* [677] OBJ_time_stamp */ -0x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x02,0x01,0x15,/* [685] OBJ_ms_code_ind */ -0x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x02,0x01,0x16,/* [695] OBJ_ms_code_com */ -0x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x0A,0x03,0x01,/* [705] OBJ_ms_ctl_sign */ -0x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x0A,0x03,0x03,/* [715] OBJ_ms_sgc */ -0x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x0A,0x03,0x04,/* [725] OBJ_ms_efs */ -0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x04,0x01,/* [735] OBJ_ns_sgc */ -0x55,0x1D,0x1B, /* [744] OBJ_delta_crl */ -0x55,0x1D,0x15, /* [747] OBJ_crl_reason */ -0x55,0x1D,0x18, /* [750] OBJ_invalidity_date */ -0x2B,0x65,0x01,0x04,0x01, /* [753] OBJ_sxnet */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x01,0x01,/* [758] OBJ_pbe_WithSHA1And128BitRC4 */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x01,0x02,/* [768] OBJ_pbe_WithSHA1And40BitRC4 */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x01,0x03,/* [778] OBJ_pbe_WithSHA1And3_Key_TripleDES_CBC */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x01,0x04,/* [788] OBJ_pbe_WithSHA1And2_Key_TripleDES_CBC */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x01,0x05,/* [798] OBJ_pbe_WithSHA1And128BitRC2_CBC */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x01,0x06,/* [808] OBJ_pbe_WithSHA1And40BitRC2_CBC */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x0A,0x01,0x01,/* [818] OBJ_keyBag */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x0A,0x01,0x02,/* [829] OBJ_pkcs8ShroudedKeyBag */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x0A,0x01,0x03,/* [840] OBJ_certBag */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x0A,0x01,0x04,/* [851] OBJ_crlBag */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x0A,0x01,0x05,/* [862] OBJ_secretBag */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x0A,0x01,0x06,/* [873] OBJ_safeContentsBag */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x14,/* [884] OBJ_friendlyName */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x15,/* [893] OBJ_localKeyID */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x16,0x01,/* [902] OBJ_x509Certificate */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x16,0x02,/* [912] OBJ_sdsiCertificate */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x17,0x01,/* [922] OBJ_x509Crl */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x05,0x0D,/* [932] OBJ_pbes2 */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x05,0x0E,/* [941] OBJ_pbmac1 */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x02,0x07, /* [950] OBJ_hmacWithSHA1 */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x02,0x01, /* [958] OBJ_id_qt_cps */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x02,0x02, /* [966] OBJ_id_qt_unotice */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x0F,/* [974] OBJ_SMIMECapabilities */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x05,0x04,/* [983] OBJ_pbeWithMD2AndRC2_CBC */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x05,0x06,/* [992] OBJ_pbeWithMD5AndRC2_CBC */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x05,0x0A,/* [1001] OBJ_pbeWithSHA1AndDES_CBC */ -0x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x02,0x01,0x0E,/* [1010] OBJ_ms_ext_req */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x0E,/* [1020] OBJ_ext_req */ -0x55,0x04,0x29, /* [1029] OBJ_name */ -0x55,0x04,0x2E, /* [1032] OBJ_dnQualifier */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x01, /* [1035] OBJ_id_pe */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x30, /* [1042] OBJ_id_ad */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x01, /* [1049] OBJ_info_access */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01, /* [1057] OBJ_ad_OCSP */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x02, /* [1065] OBJ_ad_ca_issuers */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x09, /* [1073] OBJ_OCSP_sign */ -0x28, /* [1081] OBJ_iso */ -0x2A, /* [1082] OBJ_member_body */ -0x2A,0x86,0x48, /* [1083] OBJ_ISO_US */ -0x2A,0x86,0x48,0xCE,0x38, /* [1086] OBJ_X9_57 */ -0x2A,0x86,0x48,0xCE,0x38,0x04, /* [1091] OBJ_X9cm */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01, /* [1097] OBJ_pkcs1 */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x05, /* [1105] OBJ_pkcs5 */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,/* [1113] OBJ_SMIME */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x00,/* [1122] OBJ_id_smime_mod */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x01,/* [1132] OBJ_id_smime_ct */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,/* [1142] OBJ_id_smime_aa */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x03,/* [1152] OBJ_id_smime_alg */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x04,/* [1162] OBJ_id_smime_cd */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x05,/* [1172] OBJ_id_smime_spq */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x06,/* [1182] OBJ_id_smime_cti */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x00,0x01,/* [1192] OBJ_id_smime_mod_cms */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x00,0x02,/* [1203] OBJ_id_smime_mod_ess */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x00,0x03,/* [1214] OBJ_id_smime_mod_oid */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x00,0x04,/* [1225] OBJ_id_smime_mod_msg_v3 */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x00,0x05,/* [1236] OBJ_id_smime_mod_ets_eSignature_88 */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x00,0x06,/* [1247] OBJ_id_smime_mod_ets_eSignature_97 */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x00,0x07,/* [1258] OBJ_id_smime_mod_ets_eSigPolicy_88 */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x00,0x08,/* [1269] OBJ_id_smime_mod_ets_eSigPolicy_97 */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x01,0x01,/* [1280] OBJ_id_smime_ct_receipt */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x01,0x02,/* [1291] OBJ_id_smime_ct_authData */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x01,0x03,/* [1302] OBJ_id_smime_ct_publishCert */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x01,0x04,/* [1313] OBJ_id_smime_ct_TSTInfo */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x01,0x05,/* [1324] OBJ_id_smime_ct_TDTInfo */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x01,0x06,/* [1335] OBJ_id_smime_ct_contentInfo */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x01,0x07,/* [1346] OBJ_id_smime_ct_DVCSRequestData */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x01,0x08,/* [1357] OBJ_id_smime_ct_DVCSResponseData */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x01,/* [1368] OBJ_id_smime_aa_receiptRequest */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x02,/* [1379] OBJ_id_smime_aa_securityLabel */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x03,/* [1390] OBJ_id_smime_aa_mlExpandHistory */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x04,/* [1401] OBJ_id_smime_aa_contentHint */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x05,/* [1412] OBJ_id_smime_aa_msgSigDigest */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x06,/* [1423] OBJ_id_smime_aa_encapContentType */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x07,/* [1434] OBJ_id_smime_aa_contentIdentifier */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x08,/* [1445] OBJ_id_smime_aa_macValue */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x09,/* [1456] OBJ_id_smime_aa_equivalentLabels */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x0A,/* [1467] OBJ_id_smime_aa_contentReference */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x0B,/* [1478] OBJ_id_smime_aa_encrypKeyPref */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x0C,/* [1489] OBJ_id_smime_aa_signingCertificate */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x0D,/* [1500] OBJ_id_smime_aa_smimeEncryptCerts */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x0E,/* [1511] OBJ_id_smime_aa_timeStampToken */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x0F,/* [1522] OBJ_id_smime_aa_ets_sigPolicyId */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x10,/* [1533] OBJ_id_smime_aa_ets_commitmentType */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x11,/* [1544] OBJ_id_smime_aa_ets_signerLocation */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x12,/* [1555] OBJ_id_smime_aa_ets_signerAttr */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x13,/* [1566] OBJ_id_smime_aa_ets_otherSigCert */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x14,/* [1577] OBJ_id_smime_aa_ets_contentTimestamp */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x15,/* [1588] OBJ_id_smime_aa_ets_CertificateRefs */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x16,/* [1599] OBJ_id_smime_aa_ets_RevocationRefs */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x17,/* [1610] OBJ_id_smime_aa_ets_certValues */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x18,/* [1621] OBJ_id_smime_aa_ets_revocationValues */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x19,/* [1632] OBJ_id_smime_aa_ets_escTimeStamp */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x1A,/* [1643] OBJ_id_smime_aa_ets_certCRLTimestamp */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x1B,/* [1654] OBJ_id_smime_aa_ets_archiveTimeStamp */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x1C,/* [1665] OBJ_id_smime_aa_signatureType */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x1D,/* [1676] OBJ_id_smime_aa_dvcs_dvc */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x03,0x01,/* [1687] OBJ_id_smime_alg_ESDHwith3DES */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x03,0x02,/* [1698] OBJ_id_smime_alg_ESDHwithRC2 */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x03,0x03,/* [1709] OBJ_id_smime_alg_3DESwrap */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x03,0x04,/* [1720] OBJ_id_smime_alg_RC2wrap */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x03,0x05,/* [1731] OBJ_id_smime_alg_ESDH */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x03,0x06,/* [1742] OBJ_id_smime_alg_CMS3DESwrap */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x03,0x07,/* [1753] OBJ_id_smime_alg_CMSRC2wrap */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x04,0x01,/* [1764] OBJ_id_smime_cd_ldap */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x05,0x01,/* [1775] OBJ_id_smime_spq_ets_sqt_uri */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x05,0x02,/* [1786] OBJ_id_smime_spq_ets_sqt_unotice */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x06,0x01,/* [1797] OBJ_id_smime_cti_ets_proofOfOrigin */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x06,0x02,/* [1808] OBJ_id_smime_cti_ets_proofOfReceipt */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x06,0x03,/* [1819] OBJ_id_smime_cti_ets_proofOfDelivery */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x06,0x04,/* [1830] OBJ_id_smime_cti_ets_proofOfSender */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x06,0x05,/* [1841] OBJ_id_smime_cti_ets_proofOfApproval */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x06,0x06,/* [1852] OBJ_id_smime_cti_ets_proofOfCreation */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x02,0x04, /* [1863] OBJ_md4 */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x00, /* [1871] OBJ_id_pkix_mod */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x02, /* [1878] OBJ_id_qt */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x04, /* [1885] OBJ_id_it */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x05, /* [1892] OBJ_id_pkip */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x06, /* [1899] OBJ_id_alg */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x07, /* [1906] OBJ_id_cmc */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x08, /* [1913] OBJ_id_on */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x09, /* [1920] OBJ_id_pda */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x0A, /* [1927] OBJ_id_aca */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x0B, /* [1934] OBJ_id_qcs */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x0C, /* [1941] OBJ_id_cct */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x01, /* [1948] OBJ_id_pkix1_explicit_88 */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x02, /* [1956] OBJ_id_pkix1_implicit_88 */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x03, /* [1964] OBJ_id_pkix1_explicit_93 */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x04, /* [1972] OBJ_id_pkix1_implicit_93 */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x05, /* [1980] OBJ_id_mod_crmf */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x06, /* [1988] OBJ_id_mod_cmc */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x07, /* [1996] OBJ_id_mod_kea_profile_88 */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x08, /* [2004] OBJ_id_mod_kea_profile_93 */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x09, /* [2012] OBJ_id_mod_cmp */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x0A, /* [2020] OBJ_id_mod_qualified_cert_88 */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x0B, /* [2028] OBJ_id_mod_qualified_cert_93 */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x0C, /* [2036] OBJ_id_mod_attribute_cert */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x0D, /* [2044] OBJ_id_mod_timestamp_protocol */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x0E, /* [2052] OBJ_id_mod_ocsp */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x0F, /* [2060] OBJ_id_mod_dvcs */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x10, /* [2068] OBJ_id_mod_cmp2000 */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x02, /* [2076] OBJ_biometricInfo */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x03, /* [2084] OBJ_qcStatements */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x04, /* [2092] OBJ_ac_auditEntity */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x05, /* [2100] OBJ_ac_targeting */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x06, /* [2108] OBJ_aaControls */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x07, /* [2116] OBJ_sbgp_ipAddrBlock */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x08, /* [2124] OBJ_sbgp_autonomousSysNum */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x09, /* [2132] OBJ_sbgp_routerIdentifier */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x02,0x03, /* [2140] OBJ_textNotice */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x05, /* [2148] OBJ_ipsecEndSystem */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x06, /* [2156] OBJ_ipsecTunnel */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x07, /* [2164] OBJ_ipsecUser */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x0A, /* [2172] OBJ_dvcs */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x01, /* [2180] OBJ_id_it_caProtEncCert */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x02, /* [2188] OBJ_id_it_signKeyPairTypes */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x03, /* [2196] OBJ_id_it_encKeyPairTypes */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x04, /* [2204] OBJ_id_it_preferredSymmAlg */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x05, /* [2212] OBJ_id_it_caKeyUpdateInfo */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x06, /* [2220] OBJ_id_it_currentCRL */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x07, /* [2228] OBJ_id_it_unsupportedOIDs */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x08, /* [2236] OBJ_id_it_subscriptionRequest */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x09, /* [2244] OBJ_id_it_subscriptionResponse */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x0A, /* [2252] OBJ_id_it_keyPairParamReq */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x0B, /* [2260] OBJ_id_it_keyPairParamRep */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x0C, /* [2268] OBJ_id_it_revPassphrase */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x0D, /* [2276] OBJ_id_it_implicitConfirm */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x0E, /* [2284] OBJ_id_it_confirmWaitTime */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x0F, /* [2292] OBJ_id_it_origPKIMessage */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x05,0x01, /* [2300] OBJ_id_regCtrl */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x05,0x02, /* [2308] OBJ_id_regInfo */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x05,0x01,0x01,/* [2316] OBJ_id_regCtrl_regToken */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x05,0x01,0x02,/* [2325] OBJ_id_regCtrl_authenticator */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x05,0x01,0x03,/* [2334] OBJ_id_regCtrl_pkiPublicationInfo */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x05,0x01,0x04,/* [2343] OBJ_id_regCtrl_pkiArchiveOptions */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x05,0x01,0x05,/* [2352] OBJ_id_regCtrl_oldCertID */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x05,0x01,0x06,/* [2361] OBJ_id_regCtrl_protocolEncrKey */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x05,0x02,0x01,/* [2370] OBJ_id_regInfo_utf8Pairs */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x05,0x02,0x02,/* [2379] OBJ_id_regInfo_certReq */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x06,0x01, /* [2388] OBJ_id_alg_des40 */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x06,0x02, /* [2396] OBJ_id_alg_noSignature */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x06,0x03, /* [2404] OBJ_id_alg_dh_sig_hmac_sha1 */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x06,0x04, /* [2412] OBJ_id_alg_dh_pop */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x01, /* [2420] OBJ_id_cmc_statusInfo */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x02, /* [2428] OBJ_id_cmc_identification */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x03, /* [2436] OBJ_id_cmc_identityProof */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x04, /* [2444] OBJ_id_cmc_dataReturn */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x05, /* [2452] OBJ_id_cmc_transactionId */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x06, /* [2460] OBJ_id_cmc_senderNonce */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x07, /* [2468] OBJ_id_cmc_recipientNonce */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x08, /* [2476] OBJ_id_cmc_addExtensions */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x09, /* [2484] OBJ_id_cmc_encryptedPOP */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x0A, /* [2492] OBJ_id_cmc_decryptedPOP */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x0B, /* [2500] OBJ_id_cmc_lraPOPWitness */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x0F, /* [2508] OBJ_id_cmc_getCert */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x10, /* [2516] OBJ_id_cmc_getCRL */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x11, /* [2524] OBJ_id_cmc_revokeRequest */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x12, /* [2532] OBJ_id_cmc_regInfo */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x13, /* [2540] OBJ_id_cmc_responseInfo */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x15, /* [2548] OBJ_id_cmc_queryPending */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x16, /* [2556] OBJ_id_cmc_popLinkRandom */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x17, /* [2564] OBJ_id_cmc_popLinkWitness */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x18, /* [2572] OBJ_id_cmc_confirmCertAcceptance */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x08,0x01, /* [2580] OBJ_id_on_personalData */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x09,0x01, /* [2588] OBJ_id_pda_dateOfBirth */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x09,0x02, /* [2596] OBJ_id_pda_placeOfBirth */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x09,0x03, /* [2604] OBJ_id_pda_gender */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x09,0x04, /* [2612] OBJ_id_pda_countryOfCitizenship */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x09,0x05, /* [2620] OBJ_id_pda_countryOfResidence */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x0A,0x01, /* [2628] OBJ_id_aca_authenticationInfo */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x0A,0x02, /* [2636] OBJ_id_aca_accessIdentity */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x0A,0x03, /* [2644] OBJ_id_aca_chargingIdentity */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x0A,0x04, /* [2652] OBJ_id_aca_group */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x0A,0x05, /* [2660] OBJ_id_aca_role */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x0B,0x01, /* [2668] OBJ_id_qcs_pkixQCSyntax_v1 */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x0C,0x01, /* [2676] OBJ_id_cct_crs */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x0C,0x02, /* [2684] OBJ_id_cct_PKIData */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x0C,0x03, /* [2692] OBJ_id_cct_PKIResponse */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x03, /* [2700] OBJ_ad_timeStamping */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x04, /* [2708] OBJ_ad_dvcs */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,0x01,/* [2716] OBJ_id_pkix_OCSP_basic */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,0x02,/* [2725] OBJ_id_pkix_OCSP_Nonce */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,0x03,/* [2734] OBJ_id_pkix_OCSP_CrlID */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,0x04,/* [2743] OBJ_id_pkix_OCSP_acceptableResponses */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,0x05,/* [2752] OBJ_id_pkix_OCSP_noCheck */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,0x06,/* [2761] OBJ_id_pkix_OCSP_archiveCutoff */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,0x07,/* [2770] OBJ_id_pkix_OCSP_serviceLocator */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,0x08,/* [2779] OBJ_id_pkix_OCSP_extendedStatus */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,0x09,/* [2788] OBJ_id_pkix_OCSP_valid */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,0x0A,/* [2797] OBJ_id_pkix_OCSP_path */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,0x0B,/* [2806] OBJ_id_pkix_OCSP_trustRoot */ -0x2B,0x0E,0x03,0x02, /* [2815] OBJ_algorithm */ -0x2B,0x0E,0x03,0x02,0x0B, /* [2819] OBJ_rsaSignature */ -0x55,0x08, /* [2824] OBJ_X500algorithms */ -0x2B, /* [2826] OBJ_org */ -0x2B,0x06, /* [2827] OBJ_dod */ -0x2B,0x06,0x01, /* [2829] OBJ_iana */ -0x2B,0x06,0x01,0x01, /* [2832] OBJ_Directory */ -0x2B,0x06,0x01,0x02, /* [2836] OBJ_Management */ -0x2B,0x06,0x01,0x03, /* [2840] OBJ_Experimental */ -0x2B,0x06,0x01,0x04, /* [2844] OBJ_Private */ -0x2B,0x06,0x01,0x05, /* [2848] OBJ_Security */ -0x2B,0x06,0x01,0x06, /* [2852] OBJ_SNMPv2 */ -0x2B,0x06,0x01,0x07, /* [2856] OBJ_Mail */ -0x2B,0x06,0x01,0x04,0x01, /* [2860] OBJ_Enterprises */ -0x2B,0x06,0x01,0x04,0x01,0x8B,0x3A,0x82,0x58,/* [2865] OBJ_dcObject */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x19,/* [2874] OBJ_domainComponent */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x0D,/* [2884] OBJ_Domain */ -0x50, /* [2894] OBJ_joint_iso_ccitt */ -0x55,0x01,0x05, /* [2895] OBJ_selected_attribute_types */ -0x55,0x01,0x05,0x37, /* [2898] OBJ_clearance */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x03,/* [2902] OBJ_md4WithRSAEncryption */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x0A, /* [2911] OBJ_ac_proxying */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x0B, /* [2919] OBJ_sinfo_access */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x0A,0x06, /* [2927] OBJ_id_aca_encAttrs */ -0x55,0x04,0x48, /* [2935] OBJ_role */ -0x55,0x1D,0x24, /* [2938] OBJ_policy_constraints */ -0x55,0x1D,0x37, /* [2941] OBJ_target_information */ -0x55,0x1D,0x38, /* [2944] OBJ_no_rev_avail */ -0x00, /* [2947] OBJ_ccitt */ -0x2A,0x86,0x48,0xCE,0x3D, /* [2948] OBJ_ansi_X9_62 */ -0x2A,0x86,0x48,0xCE,0x3D,0x01,0x01, /* [2953] OBJ_X9_62_prime_field */ -0x2A,0x86,0x48,0xCE,0x3D,0x01,0x02, /* [2960] OBJ_X9_62_characteristic_two_field */ -0x2A,0x86,0x48,0xCE,0x3D,0x02,0x01, /* [2967] OBJ_X9_62_id_ecPublicKey */ -0x2A,0x86,0x48,0xCE,0x3D,0x03,0x01,0x01, /* [2974] OBJ_X9_62_prime192v1 */ -0x2A,0x86,0x48,0xCE,0x3D,0x03,0x01,0x02, /* [2982] OBJ_X9_62_prime192v2 */ -0x2A,0x86,0x48,0xCE,0x3D,0x03,0x01,0x03, /* [2990] OBJ_X9_62_prime192v3 */ -0x2A,0x86,0x48,0xCE,0x3D,0x03,0x01,0x04, /* [2998] OBJ_X9_62_prime239v1 */ -0x2A,0x86,0x48,0xCE,0x3D,0x03,0x01,0x05, /* [3006] OBJ_X9_62_prime239v2 */ -0x2A,0x86,0x48,0xCE,0x3D,0x03,0x01,0x06, /* [3014] OBJ_X9_62_prime239v3 */ -0x2A,0x86,0x48,0xCE,0x3D,0x03,0x01,0x07, /* [3022] OBJ_X9_62_prime256v1 */ -0x2A,0x86,0x48,0xCE,0x3D,0x04,0x01, /* [3030] OBJ_ecdsa_with_SHA1 */ -0x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x11,0x01,/* [3037] OBJ_ms_csp_name */ -0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x01,/* [3046] OBJ_aes_128_ecb */ -0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x02,/* [3055] OBJ_aes_128_cbc */ -0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x03,/* [3064] OBJ_aes_128_ofb128 */ -0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x04,/* [3073] OBJ_aes_128_cfb128 */ -0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x15,/* [3082] OBJ_aes_192_ecb */ -0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x16,/* [3091] OBJ_aes_192_cbc */ -0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x17,/* [3100] OBJ_aes_192_ofb128 */ -0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x18,/* [3109] OBJ_aes_192_cfb128 */ -0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x29,/* [3118] OBJ_aes_256_ecb */ -0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x2A,/* [3127] OBJ_aes_256_cbc */ -0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x2B,/* [3136] OBJ_aes_256_ofb128 */ -0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x2C,/* [3145] OBJ_aes_256_cfb128 */ -0x55,0x1D,0x17, /* [3154] OBJ_hold_instruction_code */ -0x2A,0x86,0x48,0xCE,0x38,0x02,0x01, /* [3157] OBJ_hold_instruction_none */ -0x2A,0x86,0x48,0xCE,0x38,0x02,0x02, /* [3164] OBJ_hold_instruction_call_issuer */ -0x2A,0x86,0x48,0xCE,0x38,0x02,0x03, /* [3171] OBJ_hold_instruction_reject */ -0x09, /* [3178] OBJ_data */ -0x09,0x92,0x26, /* [3179] OBJ_pss */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C, /* [3182] OBJ_ucl */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64, /* [3189] OBJ_pilot */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,/* [3197] OBJ_pilotAttributeType */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x03,/* [3206] OBJ_pilotAttributeSyntax */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,/* [3215] OBJ_pilotObjectClass */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x0A,/* [3224] OBJ_pilotGroups */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x03,0x04,/* [3233] OBJ_iA5StringSyntax */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x03,0x05,/* [3243] OBJ_caseIgnoreIA5StringSyntax */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x03,/* [3253] OBJ_pilotObject */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x04,/* [3263] OBJ_pilotPerson */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x05,/* [3273] OBJ_account */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x06,/* [3283] OBJ_document */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x07,/* [3293] OBJ_room */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x09,/* [3303] OBJ_documentSeries */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x0E,/* [3313] OBJ_rFC822localPart */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x0F,/* [3323] OBJ_dNSDomain */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x11,/* [3333] OBJ_domainRelatedObject */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x12,/* [3343] OBJ_friendlyCountry */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x13,/* [3353] OBJ_simpleSecurityObject */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x14,/* [3363] OBJ_pilotOrganization */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x15,/* [3373] OBJ_pilotDSA */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x16,/* [3383] OBJ_qualityLabelledData */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x01,/* [3393] OBJ_userId */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x02,/* [3403] OBJ_textEncodedORAddress */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x03,/* [3413] OBJ_rfc822Mailbox */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x04,/* [3423] OBJ_info */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x05,/* [3433] OBJ_favouriteDrink */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x06,/* [3443] OBJ_roomNumber */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x07,/* [3453] OBJ_photo */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x08,/* [3463] OBJ_userClass */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x09,/* [3473] OBJ_host */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x0A,/* [3483] OBJ_manager */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x0B,/* [3493] OBJ_documentIdentifier */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x0C,/* [3503] OBJ_documentTitle */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x0D,/* [3513] OBJ_documentVersion */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x0E,/* [3523] OBJ_documentAuthor */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x0F,/* [3533] OBJ_documentLocation */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x14,/* [3543] OBJ_homeTelephoneNumber */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x15,/* [3553] OBJ_secretary */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x16,/* [3563] OBJ_otherMailbox */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x17,/* [3573] OBJ_lastModifiedTime */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x18,/* [3583] OBJ_lastModifiedBy */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x1A,/* [3593] OBJ_aRecord */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x1B,/* [3603] OBJ_pilotAttributeType27 */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x1C,/* [3613] OBJ_mXRecord */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x1D,/* [3623] OBJ_nSRecord */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x1E,/* [3633] OBJ_sOARecord */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x1F,/* [3643] OBJ_cNAMERecord */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x25,/* [3653] OBJ_associatedDomain */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x26,/* [3663] OBJ_associatedName */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x27,/* [3673] OBJ_homePostalAddress */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x28,/* [3683] OBJ_personalTitle */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x29,/* [3693] OBJ_mobileTelephoneNumber */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x2A,/* [3703] OBJ_pagerTelephoneNumber */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x2B,/* [3713] OBJ_friendlyCountryName */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x2D,/* [3723] OBJ_organizationalStatus */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x2E,/* [3733] OBJ_janetMailbox */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x2F,/* [3743] OBJ_mailPreferenceOption */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x30,/* [3753] OBJ_buildingName */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x31,/* [3763] OBJ_dSAQuality */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x32,/* [3773] OBJ_singleLevelQuality */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x33,/* [3783] OBJ_subtreeMinimumQuality */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x34,/* [3793] OBJ_subtreeMaximumQuality */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x35,/* [3803] OBJ_personalSignature */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x36,/* [3813] OBJ_dITRedirect */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x37,/* [3823] OBJ_audio */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x38,/* [3833] OBJ_documentPublisher */ -0x55,0x04,0x2D, /* [3843] OBJ_x500UniqueIdentifier */ -0x2B,0x06,0x01,0x07,0x01, /* [3846] OBJ_mime_mhs */ -0x2B,0x06,0x01,0x07,0x01,0x01, /* [3851] OBJ_mime_mhs_headings */ -0x2B,0x06,0x01,0x07,0x01,0x02, /* [3857] OBJ_mime_mhs_bodies */ -0x2B,0x06,0x01,0x07,0x01,0x01,0x01, /* [3863] OBJ_id_hex_partial_message */ -0x2B,0x06,0x01,0x07,0x01,0x01,0x02, /* [3870] OBJ_id_hex_multipart_message */ -0x55,0x04,0x2C, /* [3877] OBJ_generationQualifier */ -0x55,0x04,0x41, /* [3880] OBJ_pseudonym */ -0x67,0x2A, /* [3883] OBJ_id_set */ -0x67,0x2A,0x00, /* [3885] OBJ_set_ctype */ -0x67,0x2A,0x01, /* [3888] OBJ_set_msgExt */ -0x67,0x2A,0x03, /* [3891] OBJ_set_attr */ -0x67,0x2A,0x05, /* [3894] OBJ_set_policy */ -0x67,0x2A,0x07, /* [3897] OBJ_set_certExt */ -0x67,0x2A,0x08, /* [3900] OBJ_set_brand */ -0x67,0x2A,0x00,0x00, /* [3903] OBJ_setct_PANData */ -0x67,0x2A,0x00,0x01, /* [3907] OBJ_setct_PANToken */ -0x67,0x2A,0x00,0x02, /* [3911] OBJ_setct_PANOnly */ -0x67,0x2A,0x00,0x03, /* [3915] OBJ_setct_OIData */ -0x67,0x2A,0x00,0x04, /* [3919] OBJ_setct_PI */ -0x67,0x2A,0x00,0x05, /* [3923] OBJ_setct_PIData */ -0x67,0x2A,0x00,0x06, /* [3927] OBJ_setct_PIDataUnsigned */ -0x67,0x2A,0x00,0x07, /* [3931] OBJ_setct_HODInput */ -0x67,0x2A,0x00,0x08, /* [3935] OBJ_setct_AuthResBaggage */ -0x67,0x2A,0x00,0x09, /* [3939] OBJ_setct_AuthRevReqBaggage */ -0x67,0x2A,0x00,0x0A, /* [3943] OBJ_setct_AuthRevResBaggage */ -0x67,0x2A,0x00,0x0B, /* [3947] OBJ_setct_CapTokenSeq */ -0x67,0x2A,0x00,0x0C, /* [3951] OBJ_setct_PInitResData */ -0x67,0x2A,0x00,0x0D, /* [3955] OBJ_setct_PI_TBS */ -0x67,0x2A,0x00,0x0E, /* [3959] OBJ_setct_PResData */ -0x67,0x2A,0x00,0x10, /* [3963] OBJ_setct_AuthReqTBS */ -0x67,0x2A,0x00,0x11, /* [3967] OBJ_setct_AuthResTBS */ -0x67,0x2A,0x00,0x12, /* [3971] OBJ_setct_AuthResTBSX */ -0x67,0x2A,0x00,0x13, /* [3975] OBJ_setct_AuthTokenTBS */ -0x67,0x2A,0x00,0x14, /* [3979] OBJ_setct_CapTokenData */ -0x67,0x2A,0x00,0x15, /* [3983] OBJ_setct_CapTokenTBS */ -0x67,0x2A,0x00,0x16, /* [3987] OBJ_setct_AcqCardCodeMsg */ -0x67,0x2A,0x00,0x17, /* [3991] OBJ_setct_AuthRevReqTBS */ -0x67,0x2A,0x00,0x18, /* [3995] OBJ_setct_AuthRevResData */ -0x67,0x2A,0x00,0x19, /* [3999] OBJ_setct_AuthRevResTBS */ -0x67,0x2A,0x00,0x1A, /* [4003] OBJ_setct_CapReqTBS */ -0x67,0x2A,0x00,0x1B, /* [4007] OBJ_setct_CapReqTBSX */ -0x67,0x2A,0x00,0x1C, /* [4011] OBJ_setct_CapResData */ -0x67,0x2A,0x00,0x1D, /* [4015] OBJ_setct_CapRevReqTBS */ -0x67,0x2A,0x00,0x1E, /* [4019] OBJ_setct_CapRevReqTBSX */ -0x67,0x2A,0x00,0x1F, /* [4023] OBJ_setct_CapRevResData */ -0x67,0x2A,0x00,0x20, /* [4027] OBJ_setct_CredReqTBS */ -0x67,0x2A,0x00,0x21, /* [4031] OBJ_setct_CredReqTBSX */ -0x67,0x2A,0x00,0x22, /* [4035] OBJ_setct_CredResData */ -0x67,0x2A,0x00,0x23, /* [4039] OBJ_setct_CredRevReqTBS */ -0x67,0x2A,0x00,0x24, /* [4043] OBJ_setct_CredRevReqTBSX */ -0x67,0x2A,0x00,0x25, /* [4047] OBJ_setct_CredRevResData */ -0x67,0x2A,0x00,0x26, /* [4051] OBJ_setct_PCertReqData */ -0x67,0x2A,0x00,0x27, /* [4055] OBJ_setct_PCertResTBS */ -0x67,0x2A,0x00,0x28, /* [4059] OBJ_setct_BatchAdminReqData */ -0x67,0x2A,0x00,0x29, /* [4063] OBJ_setct_BatchAdminResData */ -0x67,0x2A,0x00,0x2A, /* [4067] OBJ_setct_CardCInitResTBS */ -0x67,0x2A,0x00,0x2B, /* [4071] OBJ_setct_MeAqCInitResTBS */ -0x67,0x2A,0x00,0x2C, /* [4075] OBJ_setct_RegFormResTBS */ -0x67,0x2A,0x00,0x2D, /* [4079] OBJ_setct_CertReqData */ -0x67,0x2A,0x00,0x2E, /* [4083] OBJ_setct_CertReqTBS */ -0x67,0x2A,0x00,0x2F, /* [4087] OBJ_setct_CertResData */ -0x67,0x2A,0x00,0x30, /* [4091] OBJ_setct_CertInqReqTBS */ -0x67,0x2A,0x00,0x31, /* [4095] OBJ_setct_ErrorTBS */ -0x67,0x2A,0x00,0x32, /* [4099] OBJ_setct_PIDualSignedTBE */ -0x67,0x2A,0x00,0x33, /* [4103] OBJ_setct_PIUnsignedTBE */ -0x67,0x2A,0x00,0x34, /* [4107] OBJ_setct_AuthReqTBE */ -0x67,0x2A,0x00,0x35, /* [4111] OBJ_setct_AuthResTBE */ -0x67,0x2A,0x00,0x36, /* [4115] OBJ_setct_AuthResTBEX */ -0x67,0x2A,0x00,0x37, /* [4119] OBJ_setct_AuthTokenTBE */ -0x67,0x2A,0x00,0x38, /* [4123] OBJ_setct_CapTokenTBE */ -0x67,0x2A,0x00,0x39, /* [4127] OBJ_setct_CapTokenTBEX */ -0x67,0x2A,0x00,0x3A, /* [4131] OBJ_setct_AcqCardCodeMsgTBE */ -0x67,0x2A,0x00,0x3B, /* [4135] OBJ_setct_AuthRevReqTBE */ -0x67,0x2A,0x00,0x3C, /* [4139] OBJ_setct_AuthRevResTBE */ -0x67,0x2A,0x00,0x3D, /* [4143] OBJ_setct_AuthRevResTBEB */ -0x67,0x2A,0x00,0x3E, /* [4147] OBJ_setct_CapReqTBE */ -0x67,0x2A,0x00,0x3F, /* [4151] OBJ_setct_CapReqTBEX */ -0x67,0x2A,0x00,0x40, /* [4155] OBJ_setct_CapResTBE */ -0x67,0x2A,0x00,0x41, /* [4159] OBJ_setct_CapRevReqTBE */ -0x67,0x2A,0x00,0x42, /* [4163] OBJ_setct_CapRevReqTBEX */ -0x67,0x2A,0x00,0x43, /* [4167] OBJ_setct_CapRevResTBE */ -0x67,0x2A,0x00,0x44, /* [4171] OBJ_setct_CredReqTBE */ -0x67,0x2A,0x00,0x45, /* [4175] OBJ_setct_CredReqTBEX */ -0x67,0x2A,0x00,0x46, /* [4179] OBJ_setct_CredResTBE */ -0x67,0x2A,0x00,0x47, /* [4183] OBJ_setct_CredRevReqTBE */ -0x67,0x2A,0x00,0x48, /* [4187] OBJ_setct_CredRevReqTBEX */ -0x67,0x2A,0x00,0x49, /* [4191] OBJ_setct_CredRevResTBE */ -0x67,0x2A,0x00,0x4A, /* [4195] OBJ_setct_BatchAdminReqTBE */ -0x67,0x2A,0x00,0x4B, /* [4199] OBJ_setct_BatchAdminResTBE */ -0x67,0x2A,0x00,0x4C, /* [4203] OBJ_setct_RegFormReqTBE */ -0x67,0x2A,0x00,0x4D, /* [4207] OBJ_setct_CertReqTBE */ -0x67,0x2A,0x00,0x4E, /* [4211] OBJ_setct_CertReqTBEX */ -0x67,0x2A,0x00,0x4F, /* [4215] OBJ_setct_CertResTBE */ -0x67,0x2A,0x00,0x50, /* [4219] OBJ_setct_CRLNotificationTBS */ -0x67,0x2A,0x00,0x51, /* [4223] OBJ_setct_CRLNotificationResTBS */ -0x67,0x2A,0x00,0x52, /* [4227] OBJ_setct_BCIDistributionTBS */ -0x67,0x2A,0x01,0x01, /* [4231] OBJ_setext_genCrypt */ -0x67,0x2A,0x01,0x03, /* [4235] OBJ_setext_miAuth */ -0x67,0x2A,0x01,0x04, /* [4239] OBJ_setext_pinSecure */ -0x67,0x2A,0x01,0x05, /* [4243] OBJ_setext_pinAny */ -0x67,0x2A,0x01,0x07, /* [4247] OBJ_setext_track2 */ -0x67,0x2A,0x01,0x08, /* [4251] OBJ_setext_cv */ -0x67,0x2A,0x05,0x00, /* [4255] OBJ_set_policy_root */ -0x67,0x2A,0x07,0x00, /* [4259] OBJ_setCext_hashedRoot */ -0x67,0x2A,0x07,0x01, /* [4263] OBJ_setCext_certType */ -0x67,0x2A,0x07,0x02, /* [4267] OBJ_setCext_merchData */ -0x67,0x2A,0x07,0x03, /* [4271] OBJ_setCext_cCertRequired */ -0x67,0x2A,0x07,0x04, /* [4275] OBJ_setCext_tunneling */ -0x67,0x2A,0x07,0x05, /* [4279] OBJ_setCext_setExt */ -0x67,0x2A,0x07,0x06, /* [4283] OBJ_setCext_setQualf */ -0x67,0x2A,0x07,0x07, /* [4287] OBJ_setCext_PGWYcapabilities */ -0x67,0x2A,0x07,0x08, /* [4291] OBJ_setCext_TokenIdentifier */ -0x67,0x2A,0x07,0x09, /* [4295] OBJ_setCext_Track2Data */ -0x67,0x2A,0x07,0x0A, /* [4299] OBJ_setCext_TokenType */ -0x67,0x2A,0x07,0x0B, /* [4303] OBJ_setCext_IssuerCapabilities */ -0x67,0x2A,0x03,0x00, /* [4307] OBJ_setAttr_Cert */ -0x67,0x2A,0x03,0x01, /* [4311] OBJ_setAttr_PGWYcap */ -0x67,0x2A,0x03,0x02, /* [4315] OBJ_setAttr_TokenType */ -0x67,0x2A,0x03,0x03, /* [4319] OBJ_setAttr_IssCap */ -0x67,0x2A,0x03,0x00,0x00, /* [4323] OBJ_set_rootKeyThumb */ -0x67,0x2A,0x03,0x00,0x01, /* [4328] OBJ_set_addPolicy */ -0x67,0x2A,0x03,0x02,0x01, /* [4333] OBJ_setAttr_Token_EMV */ -0x67,0x2A,0x03,0x02,0x02, /* [4338] OBJ_setAttr_Token_B0Prime */ -0x67,0x2A,0x03,0x03,0x03, /* [4343] OBJ_setAttr_IssCap_CVM */ -0x67,0x2A,0x03,0x03,0x04, /* [4348] OBJ_setAttr_IssCap_T2 */ -0x67,0x2A,0x03,0x03,0x05, /* [4353] OBJ_setAttr_IssCap_Sig */ -0x67,0x2A,0x03,0x03,0x03,0x01, /* [4358] OBJ_setAttr_GenCryptgrm */ -0x67,0x2A,0x03,0x03,0x04,0x01, /* [4364] OBJ_setAttr_T2Enc */ -0x67,0x2A,0x03,0x03,0x04,0x02, /* [4370] OBJ_setAttr_T2cleartxt */ -0x67,0x2A,0x03,0x03,0x05,0x01, /* [4376] OBJ_setAttr_TokICCsig */ -0x67,0x2A,0x03,0x03,0x05,0x02, /* [4382] OBJ_setAttr_SecDevSig */ -0x67,0x2A,0x08,0x01, /* [4388] OBJ_set_brand_IATA_ATA */ -0x67,0x2A,0x08,0x1E, /* [4392] OBJ_set_brand_Diners */ -0x67,0x2A,0x08,0x22, /* [4396] OBJ_set_brand_AmericanExpress */ -0x67,0x2A,0x08,0x23, /* [4400] OBJ_set_brand_JCB */ -0x67,0x2A,0x08,0x04, /* [4404] OBJ_set_brand_Visa */ -0x67,0x2A,0x08,0x05, /* [4408] OBJ_set_brand_MasterCard */ -0x67,0x2A,0x08,0xAE,0x7B, /* [4412] OBJ_set_brand_Novus */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x03,0x0A, /* [4417] OBJ_des_cdmf */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x06,/* [4425] OBJ_rsaOAEPEncryptionSET */ -0x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x14,0x02,0x02,/* [4434] OBJ_ms_smartcard_login */ -0x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x14,0x02,0x03,/* [4444] OBJ_ms_upn */ -0x55,0x04,0x09, /* [4454] OBJ_streetAddress */ -0x55,0x04,0x11, /* [4457] OBJ_postalCode */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x15, /* [4460] OBJ_id_ppl */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x0E, /* [4467] OBJ_proxyCertInfo */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x15,0x00, /* [4475] OBJ_id_ppl_anyLanguage */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x15,0x01, /* [4483] OBJ_id_ppl_inheritAll */ -0x55,0x1D,0x1E, /* [4491] OBJ_name_constraints */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x15,0x02, /* [4494] OBJ_Independent */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x0B,/* [4502] OBJ_sha256WithRSAEncryption */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x0C,/* [4511] OBJ_sha384WithRSAEncryption */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x0D,/* [4520] OBJ_sha512WithRSAEncryption */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x0E,/* [4529] OBJ_sha224WithRSAEncryption */ -0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x02,0x01,/* [4538] OBJ_sha256 */ -0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x02,0x02,/* [4547] OBJ_sha384 */ -0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x02,0x03,/* [4556] OBJ_sha512 */ -0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x02,0x04,/* [4565] OBJ_sha224 */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x03,0x08,/* [623] OBJ_zlib_compression */ +0x55,0x1D,0x25, /* [634] OBJ_ext_key_usage */ +0x2B,0x06,0x01,0x05,0x05,0x07, /* [637] OBJ_id_pkix */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x03, /* [643] OBJ_id_kp */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x01, /* [650] OBJ_server_auth */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x02, /* [658] OBJ_client_auth */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x03, /* [666] OBJ_code_sign */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x04, /* [674] OBJ_email_protect */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x08, /* [682] OBJ_time_stamp */ +0x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x02,0x01,0x15,/* [690] OBJ_ms_code_ind */ +0x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x02,0x01,0x16,/* [700] OBJ_ms_code_com */ +0x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x0A,0x03,0x01,/* [710] OBJ_ms_ctl_sign */ +0x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x0A,0x03,0x03,/* [720] OBJ_ms_sgc */ +0x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x0A,0x03,0x04,/* [730] OBJ_ms_efs */ +0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x04,0x01,/* [740] OBJ_ns_sgc */ +0x55,0x1D,0x1B, /* [749] OBJ_delta_crl */ +0x55,0x1D,0x15, /* [752] OBJ_crl_reason */ +0x55,0x1D,0x18, /* [755] OBJ_invalidity_date */ +0x2B,0x65,0x01,0x04,0x01, /* [758] OBJ_sxnet */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x01,0x01,/* [763] OBJ_pbe_WithSHA1And128BitRC4 */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x01,0x02,/* [773] OBJ_pbe_WithSHA1And40BitRC4 */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x01,0x03,/* [783] OBJ_pbe_WithSHA1And3_Key_TripleDES_CBC */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x01,0x04,/* [793] OBJ_pbe_WithSHA1And2_Key_TripleDES_CBC */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x01,0x05,/* [803] OBJ_pbe_WithSHA1And128BitRC2_CBC */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x01,0x06,/* [813] OBJ_pbe_WithSHA1And40BitRC2_CBC */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x0A,0x01,0x01,/* [823] OBJ_keyBag */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x0A,0x01,0x02,/* [834] OBJ_pkcs8ShroudedKeyBag */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x0A,0x01,0x03,/* [845] OBJ_certBag */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x0A,0x01,0x04,/* [856] OBJ_crlBag */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x0A,0x01,0x05,/* [867] OBJ_secretBag */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x0A,0x01,0x06,/* [878] OBJ_safeContentsBag */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x14,/* [889] OBJ_friendlyName */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x15,/* [898] OBJ_localKeyID */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x16,0x01,/* [907] OBJ_x509Certificate */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x16,0x02,/* [917] OBJ_sdsiCertificate */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x17,0x01,/* [927] OBJ_x509Crl */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x05,0x0D,/* [937] OBJ_pbes2 */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x05,0x0E,/* [946] OBJ_pbmac1 */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x02,0x07, /* [955] OBJ_hmacWithSHA1 */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x02,0x01, /* [963] OBJ_id_qt_cps */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x02,0x02, /* [971] OBJ_id_qt_unotice */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x0F,/* [979] OBJ_SMIMECapabilities */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x05,0x04,/* [988] OBJ_pbeWithMD2AndRC2_CBC */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x05,0x06,/* [997] OBJ_pbeWithMD5AndRC2_CBC */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x05,0x0A,/* [1006] OBJ_pbeWithSHA1AndDES_CBC */ +0x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x02,0x01,0x0E,/* [1015] OBJ_ms_ext_req */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x0E,/* [1025] OBJ_ext_req */ +0x55,0x04,0x29, /* [1034] OBJ_name */ +0x55,0x04,0x2E, /* [1037] OBJ_dnQualifier */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x01, /* [1040] OBJ_id_pe */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x30, /* [1047] OBJ_id_ad */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x01, /* [1054] OBJ_info_access */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01, /* [1062] OBJ_ad_OCSP */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x02, /* [1070] OBJ_ad_ca_issuers */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x09, /* [1078] OBJ_OCSP_sign */ +0x28, /* [1086] OBJ_iso */ +0x2A, /* [1087] OBJ_member_body */ +0x2A,0x86,0x48, /* [1088] OBJ_ISO_US */ +0x2A,0x86,0x48,0xCE,0x38, /* [1091] OBJ_X9_57 */ +0x2A,0x86,0x48,0xCE,0x38,0x04, /* [1096] OBJ_X9cm */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01, /* [1102] OBJ_pkcs1 */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x05, /* [1110] OBJ_pkcs5 */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,/* [1118] OBJ_SMIME */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x00,/* [1127] OBJ_id_smime_mod */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x01,/* [1137] OBJ_id_smime_ct */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,/* [1147] OBJ_id_smime_aa */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x03,/* [1157] OBJ_id_smime_alg */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x04,/* [1167] OBJ_id_smime_cd */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x05,/* [1177] OBJ_id_smime_spq */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x06,/* [1187] OBJ_id_smime_cti */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x00,0x01,/* [1197] OBJ_id_smime_mod_cms */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x00,0x02,/* [1208] OBJ_id_smime_mod_ess */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x00,0x03,/* [1219] OBJ_id_smime_mod_oid */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x00,0x04,/* [1230] OBJ_id_smime_mod_msg_v3 */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x00,0x05,/* [1241] OBJ_id_smime_mod_ets_eSignature_88 */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x00,0x06,/* [1252] OBJ_id_smime_mod_ets_eSignature_97 */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x00,0x07,/* [1263] OBJ_id_smime_mod_ets_eSigPolicy_88 */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x00,0x08,/* [1274] OBJ_id_smime_mod_ets_eSigPolicy_97 */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x01,0x01,/* [1285] OBJ_id_smime_ct_receipt */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x01,0x02,/* [1296] OBJ_id_smime_ct_authData */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x01,0x03,/* [1307] OBJ_id_smime_ct_publishCert */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x01,0x04,/* [1318] OBJ_id_smime_ct_TSTInfo */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x01,0x05,/* [1329] OBJ_id_smime_ct_TDTInfo */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x01,0x06,/* [1340] OBJ_id_smime_ct_contentInfo */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x01,0x07,/* [1351] OBJ_id_smime_ct_DVCSRequestData */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x01,0x08,/* [1362] OBJ_id_smime_ct_DVCSResponseData */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x01,/* [1373] OBJ_id_smime_aa_receiptRequest */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x02,/* [1384] OBJ_id_smime_aa_securityLabel */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x03,/* [1395] OBJ_id_smime_aa_mlExpandHistory */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x04,/* [1406] OBJ_id_smime_aa_contentHint */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x05,/* [1417] OBJ_id_smime_aa_msgSigDigest */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x06,/* [1428] OBJ_id_smime_aa_encapContentType */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x07,/* [1439] OBJ_id_smime_aa_contentIdentifier */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x08,/* [1450] OBJ_id_smime_aa_macValue */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x09,/* [1461] OBJ_id_smime_aa_equivalentLabels */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x0A,/* [1472] OBJ_id_smime_aa_contentReference */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x0B,/* [1483] OBJ_id_smime_aa_encrypKeyPref */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x0C,/* [1494] OBJ_id_smime_aa_signingCertificate */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x0D,/* [1505] OBJ_id_smime_aa_smimeEncryptCerts */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x0E,/* [1516] OBJ_id_smime_aa_timeStampToken */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x0F,/* [1527] OBJ_id_smime_aa_ets_sigPolicyId */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x10,/* [1538] OBJ_id_smime_aa_ets_commitmentType */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x11,/* [1549] OBJ_id_smime_aa_ets_signerLocation */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x12,/* [1560] OBJ_id_smime_aa_ets_signerAttr */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x13,/* [1571] OBJ_id_smime_aa_ets_otherSigCert */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x14,/* [1582] OBJ_id_smime_aa_ets_contentTimestamp */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x15,/* [1593] OBJ_id_smime_aa_ets_CertificateRefs */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x16,/* [1604] OBJ_id_smime_aa_ets_RevocationRefs */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x17,/* [1615] OBJ_id_smime_aa_ets_certValues */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x18,/* [1626] OBJ_id_smime_aa_ets_revocationValues */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x19,/* [1637] OBJ_id_smime_aa_ets_escTimeStamp */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x1A,/* [1648] OBJ_id_smime_aa_ets_certCRLTimestamp */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x1B,/* [1659] OBJ_id_smime_aa_ets_archiveTimeStamp */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x1C,/* [1670] OBJ_id_smime_aa_signatureType */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x1D,/* [1681] OBJ_id_smime_aa_dvcs_dvc */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x03,0x01,/* [1692] OBJ_id_smime_alg_ESDHwith3DES */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x03,0x02,/* [1703] OBJ_id_smime_alg_ESDHwithRC2 */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x03,0x03,/* [1714] OBJ_id_smime_alg_3DESwrap */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x03,0x04,/* [1725] OBJ_id_smime_alg_RC2wrap */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x03,0x05,/* [1736] OBJ_id_smime_alg_ESDH */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x03,0x06,/* [1747] OBJ_id_smime_alg_CMS3DESwrap */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x03,0x07,/* [1758] OBJ_id_smime_alg_CMSRC2wrap */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x04,0x01,/* [1769] OBJ_id_smime_cd_ldap */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x05,0x01,/* [1780] OBJ_id_smime_spq_ets_sqt_uri */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x05,0x02,/* [1791] OBJ_id_smime_spq_ets_sqt_unotice */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x06,0x01,/* [1802] OBJ_id_smime_cti_ets_proofOfOrigin */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x06,0x02,/* [1813] OBJ_id_smime_cti_ets_proofOfReceipt */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x06,0x03,/* [1824] OBJ_id_smime_cti_ets_proofOfDelivery */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x06,0x04,/* [1835] OBJ_id_smime_cti_ets_proofOfSender */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x06,0x05,/* [1846] OBJ_id_smime_cti_ets_proofOfApproval */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x06,0x06,/* [1857] OBJ_id_smime_cti_ets_proofOfCreation */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x02,0x04, /* [1868] OBJ_md4 */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x00, /* [1876] OBJ_id_pkix_mod */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x02, /* [1883] OBJ_id_qt */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x04, /* [1890] OBJ_id_it */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x05, /* [1897] OBJ_id_pkip */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x06, /* [1904] OBJ_id_alg */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x07, /* [1911] OBJ_id_cmc */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x08, /* [1918] OBJ_id_on */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x09, /* [1925] OBJ_id_pda */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x0A, /* [1932] OBJ_id_aca */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x0B, /* [1939] OBJ_id_qcs */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x0C, /* [1946] OBJ_id_cct */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x01, /* [1953] OBJ_id_pkix1_explicit_88 */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x02, /* [1961] OBJ_id_pkix1_implicit_88 */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x03, /* [1969] OBJ_id_pkix1_explicit_93 */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x04, /* [1977] OBJ_id_pkix1_implicit_93 */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x05, /* [1985] OBJ_id_mod_crmf */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x06, /* [1993] OBJ_id_mod_cmc */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x07, /* [2001] OBJ_id_mod_kea_profile_88 */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x08, /* [2009] OBJ_id_mod_kea_profile_93 */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x09, /* [2017] OBJ_id_mod_cmp */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x0A, /* [2025] OBJ_id_mod_qualified_cert_88 */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x0B, /* [2033] OBJ_id_mod_qualified_cert_93 */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x0C, /* [2041] OBJ_id_mod_attribute_cert */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x0D, /* [2049] OBJ_id_mod_timestamp_protocol */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x0E, /* [2057] OBJ_id_mod_ocsp */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x0F, /* [2065] OBJ_id_mod_dvcs */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x10, /* [2073] OBJ_id_mod_cmp2000 */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x02, /* [2081] OBJ_biometricInfo */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x03, /* [2089] OBJ_qcStatements */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x04, /* [2097] OBJ_ac_auditEntity */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x05, /* [2105] OBJ_ac_targeting */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x06, /* [2113] OBJ_aaControls */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x07, /* [2121] OBJ_sbgp_ipAddrBlock */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x08, /* [2129] OBJ_sbgp_autonomousSysNum */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x09, /* [2137] OBJ_sbgp_routerIdentifier */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x02,0x03, /* [2145] OBJ_textNotice */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x05, /* [2153] OBJ_ipsecEndSystem */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x06, /* [2161] OBJ_ipsecTunnel */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x07, /* [2169] OBJ_ipsecUser */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x0A, /* [2177] OBJ_dvcs */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x01, /* [2185] OBJ_id_it_caProtEncCert */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x02, /* [2193] OBJ_id_it_signKeyPairTypes */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x03, /* [2201] OBJ_id_it_encKeyPairTypes */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x04, /* [2209] OBJ_id_it_preferredSymmAlg */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x05, /* [2217] OBJ_id_it_caKeyUpdateInfo */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x06, /* [2225] OBJ_id_it_currentCRL */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x07, /* [2233] OBJ_id_it_unsupportedOIDs */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x08, /* [2241] OBJ_id_it_subscriptionRequest */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x09, /* [2249] OBJ_id_it_subscriptionResponse */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x0A, /* [2257] OBJ_id_it_keyPairParamReq */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x0B, /* [2265] OBJ_id_it_keyPairParamRep */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x0C, /* [2273] OBJ_id_it_revPassphrase */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x0D, /* [2281] OBJ_id_it_implicitConfirm */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x0E, /* [2289] OBJ_id_it_confirmWaitTime */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x0F, /* [2297] OBJ_id_it_origPKIMessage */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x05,0x01, /* [2305] OBJ_id_regCtrl */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x05,0x02, /* [2313] OBJ_id_regInfo */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x05,0x01,0x01,/* [2321] OBJ_id_regCtrl_regToken */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x05,0x01,0x02,/* [2330] OBJ_id_regCtrl_authenticator */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x05,0x01,0x03,/* [2339] OBJ_id_regCtrl_pkiPublicationInfo */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x05,0x01,0x04,/* [2348] OBJ_id_regCtrl_pkiArchiveOptions */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x05,0x01,0x05,/* [2357] OBJ_id_regCtrl_oldCertID */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x05,0x01,0x06,/* [2366] OBJ_id_regCtrl_protocolEncrKey */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x05,0x02,0x01,/* [2375] OBJ_id_regInfo_utf8Pairs */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x05,0x02,0x02,/* [2384] OBJ_id_regInfo_certReq */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x06,0x01, /* [2393] OBJ_id_alg_des40 */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x06,0x02, /* [2401] OBJ_id_alg_noSignature */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x06,0x03, /* [2409] OBJ_id_alg_dh_sig_hmac_sha1 */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x06,0x04, /* [2417] OBJ_id_alg_dh_pop */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x01, /* [2425] OBJ_id_cmc_statusInfo */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x02, /* [2433] OBJ_id_cmc_identification */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x03, /* [2441] OBJ_id_cmc_identityProof */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x04, /* [2449] OBJ_id_cmc_dataReturn */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x05, /* [2457] OBJ_id_cmc_transactionId */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x06, /* [2465] OBJ_id_cmc_senderNonce */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x07, /* [2473] OBJ_id_cmc_recipientNonce */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x08, /* [2481] OBJ_id_cmc_addExtensions */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x09, /* [2489] OBJ_id_cmc_encryptedPOP */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x0A, /* [2497] OBJ_id_cmc_decryptedPOP */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x0B, /* [2505] OBJ_id_cmc_lraPOPWitness */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x0F, /* [2513] OBJ_id_cmc_getCert */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x10, /* [2521] OBJ_id_cmc_getCRL */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x11, /* [2529] OBJ_id_cmc_revokeRequest */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x12, /* [2537] OBJ_id_cmc_regInfo */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x13, /* [2545] OBJ_id_cmc_responseInfo */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x15, /* [2553] OBJ_id_cmc_queryPending */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x16, /* [2561] OBJ_id_cmc_popLinkRandom */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x17, /* [2569] OBJ_id_cmc_popLinkWitness */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x18, /* [2577] OBJ_id_cmc_confirmCertAcceptance */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x08,0x01, /* [2585] OBJ_id_on_personalData */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x09,0x01, /* [2593] OBJ_id_pda_dateOfBirth */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x09,0x02, /* [2601] OBJ_id_pda_placeOfBirth */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x09,0x03, /* [2609] OBJ_id_pda_gender */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x09,0x04, /* [2617] OBJ_id_pda_countryOfCitizenship */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x09,0x05, /* [2625] OBJ_id_pda_countryOfResidence */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x0A,0x01, /* [2633] OBJ_id_aca_authenticationInfo */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x0A,0x02, /* [2641] OBJ_id_aca_accessIdentity */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x0A,0x03, /* [2649] OBJ_id_aca_chargingIdentity */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x0A,0x04, /* [2657] OBJ_id_aca_group */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x0A,0x05, /* [2665] OBJ_id_aca_role */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x0B,0x01, /* [2673] OBJ_id_qcs_pkixQCSyntax_v1 */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x0C,0x01, /* [2681] OBJ_id_cct_crs */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x0C,0x02, /* [2689] OBJ_id_cct_PKIData */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x0C,0x03, /* [2697] OBJ_id_cct_PKIResponse */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x03, /* [2705] OBJ_ad_timeStamping */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x04, /* [2713] OBJ_ad_dvcs */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,0x01,/* [2721] OBJ_id_pkix_OCSP_basic */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,0x02,/* [2730] OBJ_id_pkix_OCSP_Nonce */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,0x03,/* [2739] OBJ_id_pkix_OCSP_CrlID */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,0x04,/* [2748] OBJ_id_pkix_OCSP_acceptableResponses */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,0x05,/* [2757] OBJ_id_pkix_OCSP_noCheck */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,0x06,/* [2766] OBJ_id_pkix_OCSP_archiveCutoff */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,0x07,/* [2775] OBJ_id_pkix_OCSP_serviceLocator */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,0x08,/* [2784] OBJ_id_pkix_OCSP_extendedStatus */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,0x09,/* [2793] OBJ_id_pkix_OCSP_valid */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,0x0A,/* [2802] OBJ_id_pkix_OCSP_path */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,0x0B,/* [2811] OBJ_id_pkix_OCSP_trustRoot */ +0x2B,0x0E,0x03,0x02, /* [2820] OBJ_algorithm */ +0x2B,0x0E,0x03,0x02,0x0B, /* [2824] OBJ_rsaSignature */ +0x55,0x08, /* [2829] OBJ_X500algorithms */ +0x2B, /* [2831] OBJ_org */ +0x2B,0x06, /* [2832] OBJ_dod */ +0x2B,0x06,0x01, /* [2834] OBJ_iana */ +0x2B,0x06,0x01,0x01, /* [2837] OBJ_Directory */ +0x2B,0x06,0x01,0x02, /* [2841] OBJ_Management */ +0x2B,0x06,0x01,0x03, /* [2845] OBJ_Experimental */ +0x2B,0x06,0x01,0x04, /* [2849] OBJ_Private */ +0x2B,0x06,0x01,0x05, /* [2853] OBJ_Security */ +0x2B,0x06,0x01,0x06, /* [2857] OBJ_SNMPv2 */ +0x2B,0x06,0x01,0x07, /* [2861] OBJ_Mail */ +0x2B,0x06,0x01,0x04,0x01, /* [2865] OBJ_Enterprises */ +0x2B,0x06,0x01,0x04,0x01,0x8B,0x3A,0x82,0x58,/* [2870] OBJ_dcObject */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x19,/* [2879] OBJ_domainComponent */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x0D,/* [2889] OBJ_Domain */ +0x00, /* [2899] OBJ_joint_iso_ccitt */ +0x55,0x01,0x05, /* [2900] OBJ_selected_attribute_types */ +0x55,0x01,0x05,0x37, /* [2903] OBJ_clearance */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x03,/* [2907] OBJ_md4WithRSAEncryption */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x0A, /* [2916] OBJ_ac_proxying */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x0B, /* [2924] OBJ_sinfo_access */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x0A,0x06, /* [2932] OBJ_id_aca_encAttrs */ +0x55,0x04,0x48, /* [2940] OBJ_role */ +0x55,0x1D,0x24, /* [2943] OBJ_policy_constraints */ +0x55,0x1D,0x37, /* [2946] OBJ_target_information */ +0x55,0x1D,0x38, /* [2949] OBJ_no_rev_avail */ +0x00, /* [2952] OBJ_ccitt */ +0x2A,0x86,0x48,0xCE,0x3D, /* [2953] OBJ_ansi_X9_62 */ +0x2A,0x86,0x48,0xCE,0x3D,0x01,0x01, /* [2958] OBJ_X9_62_prime_field */ +0x2A,0x86,0x48,0xCE,0x3D,0x01,0x02, /* [2965] OBJ_X9_62_characteristic_two_field */ +0x2A,0x86,0x48,0xCE,0x3D,0x02,0x01, /* [2972] OBJ_X9_62_id_ecPublicKey */ +0x2A,0x86,0x48,0xCE,0x3D,0x03,0x01,0x01, /* [2979] OBJ_X9_62_prime192v1 */ +0x2A,0x86,0x48,0xCE,0x3D,0x03,0x01,0x02, /* [2987] OBJ_X9_62_prime192v2 */ +0x2A,0x86,0x48,0xCE,0x3D,0x03,0x01,0x03, /* [2995] OBJ_X9_62_prime192v3 */ +0x2A,0x86,0x48,0xCE,0x3D,0x03,0x01,0x04, /* [3003] OBJ_X9_62_prime239v1 */ +0x2A,0x86,0x48,0xCE,0x3D,0x03,0x01,0x05, /* [3011] OBJ_X9_62_prime239v2 */ +0x2A,0x86,0x48,0xCE,0x3D,0x03,0x01,0x06, /* [3019] OBJ_X9_62_prime239v3 */ +0x2A,0x86,0x48,0xCE,0x3D,0x03,0x01,0x07, /* [3027] OBJ_X9_62_prime256v1 */ +0x2A,0x86,0x48,0xCE,0x3D,0x04,0x01, /* [3035] OBJ_ecdsa_with_SHA1 */ +0x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x11,0x01,/* [3042] OBJ_ms_csp_name */ +0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x01,/* [3051] OBJ_aes_128_ecb */ +0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x02,/* [3060] OBJ_aes_128_cbc */ +0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x03,/* [3069] OBJ_aes_128_ofb128 */ +0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x04,/* [3078] OBJ_aes_128_cfb128 */ +0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x15,/* [3087] OBJ_aes_192_ecb */ +0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x16,/* [3096] OBJ_aes_192_cbc */ +0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x17,/* [3105] OBJ_aes_192_ofb128 */ +0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x18,/* [3114] OBJ_aes_192_cfb128 */ +0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x29,/* [3123] OBJ_aes_256_ecb */ +0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x2A,/* [3132] OBJ_aes_256_cbc */ +0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x2B,/* [3141] OBJ_aes_256_ofb128 */ +0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x2C,/* [3150] OBJ_aes_256_cfb128 */ +0x55,0x1D,0x17, /* [3159] OBJ_hold_instruction_code */ +0x2A,0x86,0x48,0xCE,0x38,0x02,0x01, /* [3162] OBJ_hold_instruction_none */ +0x2A,0x86,0x48,0xCE,0x38,0x02,0x02, /* [3169] OBJ_hold_instruction_call_issuer */ +0x2A,0x86,0x48,0xCE,0x38,0x02,0x03, /* [3176] OBJ_hold_instruction_reject */ +0x09, /* [3183] OBJ_data */ +0x09,0x92,0x26, /* [3184] OBJ_pss */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C, /* [3187] OBJ_ucl */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64, /* [3194] OBJ_pilot */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,/* [3202] OBJ_pilotAttributeType */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x03,/* [3211] OBJ_pilotAttributeSyntax */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,/* [3220] OBJ_pilotObjectClass */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x0A,/* [3229] OBJ_pilotGroups */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x03,0x04,/* [3238] OBJ_iA5StringSyntax */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x03,0x05,/* [3248] OBJ_caseIgnoreIA5StringSyntax */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x03,/* [3258] OBJ_pilotObject */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x04,/* [3268] OBJ_pilotPerson */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x05,/* [3278] OBJ_account */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x06,/* [3288] OBJ_document */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x07,/* [3298] OBJ_room */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x09,/* [3308] OBJ_documentSeries */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x0E,/* [3318] OBJ_rFC822localPart */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x0F,/* [3328] OBJ_dNSDomain */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x11,/* [3338] OBJ_domainRelatedObject */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x12,/* [3348] OBJ_friendlyCountry */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x13,/* [3358] OBJ_simpleSecurityObject */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x14,/* [3368] OBJ_pilotOrganization */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x15,/* [3378] OBJ_pilotDSA */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x16,/* [3388] OBJ_qualityLabelledData */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x01,/* [3398] OBJ_userId */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x02,/* [3408] OBJ_textEncodedORAddress */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x03,/* [3418] OBJ_rfc822Mailbox */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x04,/* [3428] OBJ_info */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x05,/* [3438] OBJ_favouriteDrink */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x06,/* [3448] OBJ_roomNumber */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x07,/* [3458] OBJ_photo */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x08,/* [3468] OBJ_userClass */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x09,/* [3478] OBJ_host */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x0A,/* [3488] OBJ_manager */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x0B,/* [3498] OBJ_documentIdentifier */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x0C,/* [3508] OBJ_documentTitle */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x0D,/* [3518] OBJ_documentVersion */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x0E,/* [3528] OBJ_documentAuthor */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x0F,/* [3538] OBJ_documentLocation */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x14,/* [3548] OBJ_homeTelephoneNumber */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x15,/* [3558] OBJ_secretary */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x16,/* [3568] OBJ_otherMailbox */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x17,/* [3578] OBJ_lastModifiedTime */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x18,/* [3588] OBJ_lastModifiedBy */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x1A,/* [3598] OBJ_aRecord */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x1B,/* [3608] OBJ_pilotAttributeType27 */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x1C,/* [3618] OBJ_mXRecord */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x1D,/* [3628] OBJ_nSRecord */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x1E,/* [3638] OBJ_sOARecord */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x1F,/* [3648] OBJ_cNAMERecord */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x25,/* [3658] OBJ_associatedDomain */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x26,/* [3668] OBJ_associatedName */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x27,/* [3678] OBJ_homePostalAddress */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x28,/* [3688] OBJ_personalTitle */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x29,/* [3698] OBJ_mobileTelephoneNumber */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x2A,/* [3708] OBJ_pagerTelephoneNumber */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x2B,/* [3718] OBJ_friendlyCountryName */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x2D,/* [3728] OBJ_organizationalStatus */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x2E,/* [3738] OBJ_janetMailbox */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x2F,/* [3748] OBJ_mailPreferenceOption */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x30,/* [3758] OBJ_buildingName */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x31,/* [3768] OBJ_dSAQuality */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x32,/* [3778] OBJ_singleLevelQuality */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x33,/* [3788] OBJ_subtreeMinimumQuality */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x34,/* [3798] OBJ_subtreeMaximumQuality */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x35,/* [3808] OBJ_personalSignature */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x36,/* [3818] OBJ_dITRedirect */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x37,/* [3828] OBJ_audio */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x38,/* [3838] OBJ_documentPublisher */ +0x55,0x04,0x2D, /* [3848] OBJ_x500UniqueIdentifier */ +0x2B,0x06,0x01,0x07,0x01, /* [3851] OBJ_mime_mhs */ +0x2B,0x06,0x01,0x07,0x01,0x01, /* [3856] OBJ_mime_mhs_headings */ +0x2B,0x06,0x01,0x07,0x01,0x02, /* [3862] OBJ_mime_mhs_bodies */ +0x2B,0x06,0x01,0x07,0x01,0x01,0x01, /* [3868] OBJ_id_hex_partial_message */ +0x2B,0x06,0x01,0x07,0x01,0x01,0x02, /* [3875] OBJ_id_hex_multipart_message */ +0x55,0x04,0x2C, /* [3882] OBJ_generationQualifier */ +0x55,0x04,0x41, /* [3885] OBJ_pseudonym */ +0x67,0x2A, /* [3888] OBJ_id_set */ +0x67,0x2A,0x00, /* [3890] OBJ_set_ctype */ +0x67,0x2A,0x01, /* [3893] OBJ_set_msgExt */ +0x67,0x2A,0x03, /* [3896] OBJ_set_attr */ +0x67,0x2A,0x05, /* [3899] OBJ_set_policy */ +0x67,0x2A,0x07, /* [3902] OBJ_set_certExt */ +0x67,0x2A,0x08, /* [3905] OBJ_set_brand */ +0x67,0x2A,0x00,0x00, /* [3908] OBJ_setct_PANData */ +0x67,0x2A,0x00,0x01, /* [3912] OBJ_setct_PANToken */ +0x67,0x2A,0x00,0x02, /* [3916] OBJ_setct_PANOnly */ +0x67,0x2A,0x00,0x03, /* [3920] OBJ_setct_OIData */ +0x67,0x2A,0x00,0x04, /* [3924] OBJ_setct_PI */ +0x67,0x2A,0x00,0x05, /* [3928] OBJ_setct_PIData */ +0x67,0x2A,0x00,0x06, /* [3932] OBJ_setct_PIDataUnsigned */ +0x67,0x2A,0x00,0x07, /* [3936] OBJ_setct_HODInput */ +0x67,0x2A,0x00,0x08, /* [3940] OBJ_setct_AuthResBaggage */ +0x67,0x2A,0x00,0x09, /* [3944] OBJ_setct_AuthRevReqBaggage */ +0x67,0x2A,0x00,0x0A, /* [3948] OBJ_setct_AuthRevResBaggage */ +0x67,0x2A,0x00,0x0B, /* [3952] OBJ_setct_CapTokenSeq */ +0x67,0x2A,0x00,0x0C, /* [3956] OBJ_setct_PInitResData */ +0x67,0x2A,0x00,0x0D, /* [3960] OBJ_setct_PI_TBS */ +0x67,0x2A,0x00,0x0E, /* [3964] OBJ_setct_PResData */ +0x67,0x2A,0x00,0x10, /* [3968] OBJ_setct_AuthReqTBS */ +0x67,0x2A,0x00,0x11, /* [3972] OBJ_setct_AuthResTBS */ +0x67,0x2A,0x00,0x12, /* [3976] OBJ_setct_AuthResTBSX */ +0x67,0x2A,0x00,0x13, /* [3980] OBJ_setct_AuthTokenTBS */ +0x67,0x2A,0x00,0x14, /* [3984] OBJ_setct_CapTokenData */ +0x67,0x2A,0x00,0x15, /* [3988] OBJ_setct_CapTokenTBS */ +0x67,0x2A,0x00,0x16, /* [3992] OBJ_setct_AcqCardCodeMsg */ +0x67,0x2A,0x00,0x17, /* [3996] OBJ_setct_AuthRevReqTBS */ +0x67,0x2A,0x00,0x18, /* [4000] OBJ_setct_AuthRevResData */ +0x67,0x2A,0x00,0x19, /* [4004] OBJ_setct_AuthRevResTBS */ +0x67,0x2A,0x00,0x1A, /* [4008] OBJ_setct_CapReqTBS */ +0x67,0x2A,0x00,0x1B, /* [4012] OBJ_setct_CapReqTBSX */ +0x67,0x2A,0x00,0x1C, /* [4016] OBJ_setct_CapResData */ +0x67,0x2A,0x00,0x1D, /* [4020] OBJ_setct_CapRevReqTBS */ +0x67,0x2A,0x00,0x1E, /* [4024] OBJ_setct_CapRevReqTBSX */ +0x67,0x2A,0x00,0x1F, /* [4028] OBJ_setct_CapRevResData */ +0x67,0x2A,0x00,0x20, /* [4032] OBJ_setct_CredReqTBS */ +0x67,0x2A,0x00,0x21, /* [4036] OBJ_setct_CredReqTBSX */ +0x67,0x2A,0x00,0x22, /* [4040] OBJ_setct_CredResData */ +0x67,0x2A,0x00,0x23, /* [4044] OBJ_setct_CredRevReqTBS */ +0x67,0x2A,0x00,0x24, /* [4048] OBJ_setct_CredRevReqTBSX */ +0x67,0x2A,0x00,0x25, /* [4052] OBJ_setct_CredRevResData */ +0x67,0x2A,0x00,0x26, /* [4056] OBJ_setct_PCertReqData */ +0x67,0x2A,0x00,0x27, /* [4060] OBJ_setct_PCertResTBS */ +0x67,0x2A,0x00,0x28, /* [4064] OBJ_setct_BatchAdminReqData */ +0x67,0x2A,0x00,0x29, /* [4068] OBJ_setct_BatchAdminResData */ +0x67,0x2A,0x00,0x2A, /* [4072] OBJ_setct_CardCInitResTBS */ +0x67,0x2A,0x00,0x2B, /* [4076] OBJ_setct_MeAqCInitResTBS */ +0x67,0x2A,0x00,0x2C, /* [4080] OBJ_setct_RegFormResTBS */ +0x67,0x2A,0x00,0x2D, /* [4084] OBJ_setct_CertReqData */ +0x67,0x2A,0x00,0x2E, /* [4088] OBJ_setct_CertReqTBS */ +0x67,0x2A,0x00,0x2F, /* [4092] OBJ_setct_CertResData */ +0x67,0x2A,0x00,0x30, /* [4096] OBJ_setct_CertInqReqTBS */ +0x67,0x2A,0x00,0x31, /* [4100] OBJ_setct_ErrorTBS */ +0x67,0x2A,0x00,0x32, /* [4104] OBJ_setct_PIDualSignedTBE */ +0x67,0x2A,0x00,0x33, /* [4108] OBJ_setct_PIUnsignedTBE */ +0x67,0x2A,0x00,0x34, /* [4112] OBJ_setct_AuthReqTBE */ +0x67,0x2A,0x00,0x35, /* [4116] OBJ_setct_AuthResTBE */ +0x67,0x2A,0x00,0x36, /* [4120] OBJ_setct_AuthResTBEX */ +0x67,0x2A,0x00,0x37, /* [4124] OBJ_setct_AuthTokenTBE */ +0x67,0x2A,0x00,0x38, /* [4128] OBJ_setct_CapTokenTBE */ +0x67,0x2A,0x00,0x39, /* [4132] OBJ_setct_CapTokenTBEX */ +0x67,0x2A,0x00,0x3A, /* [4136] OBJ_setct_AcqCardCodeMsgTBE */ +0x67,0x2A,0x00,0x3B, /* [4140] OBJ_setct_AuthRevReqTBE */ +0x67,0x2A,0x00,0x3C, /* [4144] OBJ_setct_AuthRevResTBE */ +0x67,0x2A,0x00,0x3D, /* [4148] OBJ_setct_AuthRevResTBEB */ +0x67,0x2A,0x00,0x3E, /* [4152] OBJ_setct_CapReqTBE */ +0x67,0x2A,0x00,0x3F, /* [4156] OBJ_setct_CapReqTBEX */ +0x67,0x2A,0x00,0x40, /* [4160] OBJ_setct_CapResTBE */ +0x67,0x2A,0x00,0x41, /* [4164] OBJ_setct_CapRevReqTBE */ +0x67,0x2A,0x00,0x42, /* [4168] OBJ_setct_CapRevReqTBEX */ +0x67,0x2A,0x00,0x43, /* [4172] OBJ_setct_CapRevResTBE */ +0x67,0x2A,0x00,0x44, /* [4176] OBJ_setct_CredReqTBE */ +0x67,0x2A,0x00,0x45, /* [4180] OBJ_setct_CredReqTBEX */ +0x67,0x2A,0x00,0x46, /* [4184] OBJ_setct_CredResTBE */ +0x67,0x2A,0x00,0x47, /* [4188] OBJ_setct_CredRevReqTBE */ +0x67,0x2A,0x00,0x48, /* [4192] OBJ_setct_CredRevReqTBEX */ +0x67,0x2A,0x00,0x49, /* [4196] OBJ_setct_CredRevResTBE */ +0x67,0x2A,0x00,0x4A, /* [4200] OBJ_setct_BatchAdminReqTBE */ +0x67,0x2A,0x00,0x4B, /* [4204] OBJ_setct_BatchAdminResTBE */ +0x67,0x2A,0x00,0x4C, /* [4208] OBJ_setct_RegFormReqTBE */ +0x67,0x2A,0x00,0x4D, /* [4212] OBJ_setct_CertReqTBE */ +0x67,0x2A,0x00,0x4E, /* [4216] OBJ_setct_CertReqTBEX */ +0x67,0x2A,0x00,0x4F, /* [4220] OBJ_setct_CertResTBE */ +0x67,0x2A,0x00,0x50, /* [4224] OBJ_setct_CRLNotificationTBS */ +0x67,0x2A,0x00,0x51, /* [4228] OBJ_setct_CRLNotificationResTBS */ +0x67,0x2A,0x00,0x52, /* [4232] OBJ_setct_BCIDistributionTBS */ +0x67,0x2A,0x01,0x01, /* [4236] OBJ_setext_genCrypt */ +0x67,0x2A,0x01,0x03, /* [4240] OBJ_setext_miAuth */ +0x67,0x2A,0x01,0x04, /* [4244] OBJ_setext_pinSecure */ +0x67,0x2A,0x01,0x05, /* [4248] OBJ_setext_pinAny */ +0x67,0x2A,0x01,0x07, /* [4252] OBJ_setext_track2 */ +0x67,0x2A,0x01,0x08, /* [4256] OBJ_setext_cv */ +0x67,0x2A,0x05,0x00, /* [4260] OBJ_set_policy_root */ +0x67,0x2A,0x07,0x00, /* [4264] OBJ_setCext_hashedRoot */ +0x67,0x2A,0x07,0x01, /* [4268] OBJ_setCext_certType */ +0x67,0x2A,0x07,0x02, /* [4272] OBJ_setCext_merchData */ +0x67,0x2A,0x07,0x03, /* [4276] OBJ_setCext_cCertRequired */ +0x67,0x2A,0x07,0x04, /* [4280] OBJ_setCext_tunneling */ +0x67,0x2A,0x07,0x05, /* [4284] OBJ_setCext_setExt */ +0x67,0x2A,0x07,0x06, /* [4288] OBJ_setCext_setQualf */ +0x67,0x2A,0x07,0x07, /* [4292] OBJ_setCext_PGWYcapabilities */ +0x67,0x2A,0x07,0x08, /* [4296] OBJ_setCext_TokenIdentifier */ +0x67,0x2A,0x07,0x09, /* [4300] OBJ_setCext_Track2Data */ +0x67,0x2A,0x07,0x0A, /* [4304] OBJ_setCext_TokenType */ +0x67,0x2A,0x07,0x0B, /* [4308] OBJ_setCext_IssuerCapabilities */ +0x67,0x2A,0x03,0x00, /* [4312] OBJ_setAttr_Cert */ +0x67,0x2A,0x03,0x01, /* [4316] OBJ_setAttr_PGWYcap */ +0x67,0x2A,0x03,0x02, /* [4320] OBJ_setAttr_TokenType */ +0x67,0x2A,0x03,0x03, /* [4324] OBJ_setAttr_IssCap */ +0x67,0x2A,0x03,0x00,0x00, /* [4328] OBJ_set_rootKeyThumb */ +0x67,0x2A,0x03,0x00,0x01, /* [4333] OBJ_set_addPolicy */ +0x67,0x2A,0x03,0x02,0x01, /* [4338] OBJ_setAttr_Token_EMV */ +0x67,0x2A,0x03,0x02,0x02, /* [4343] OBJ_setAttr_Token_B0Prime */ +0x67,0x2A,0x03,0x03,0x03, /* [4348] OBJ_setAttr_IssCap_CVM */ +0x67,0x2A,0x03,0x03,0x04, /* [4353] OBJ_setAttr_IssCap_T2 */ +0x67,0x2A,0x03,0x03,0x05, /* [4358] OBJ_setAttr_IssCap_Sig */ +0x67,0x2A,0x03,0x03,0x03,0x01, /* [4363] OBJ_setAttr_GenCryptgrm */ +0x67,0x2A,0x03,0x03,0x04,0x01, /* [4369] OBJ_setAttr_T2Enc */ +0x67,0x2A,0x03,0x03,0x04,0x02, /* [4375] OBJ_setAttr_T2cleartxt */ +0x67,0x2A,0x03,0x03,0x05,0x01, /* [4381] OBJ_setAttr_TokICCsig */ +0x67,0x2A,0x03,0x03,0x05,0x02, /* [4387] OBJ_setAttr_SecDevSig */ +0x67,0x2A,0x08,0x01, /* [4393] OBJ_set_brand_IATA_ATA */ +0x67,0x2A,0x08,0x1E, /* [4397] OBJ_set_brand_Diners */ +0x67,0x2A,0x08,0x22, /* [4401] OBJ_set_brand_AmericanExpress */ +0x67,0x2A,0x08,0x23, /* [4405] OBJ_set_brand_JCB */ +0x67,0x2A,0x08,0x04, /* [4409] OBJ_set_brand_Visa */ +0x67,0x2A,0x08,0x05, /* [4413] OBJ_set_brand_MasterCard */ +0x67,0x2A,0x08,0xAE,0x7B, /* [4417] OBJ_set_brand_Novus */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x03,0x0A, /* [4422] OBJ_des_cdmf */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x06,/* [4430] OBJ_rsaOAEPEncryptionSET */ +0x00, /* [4439] OBJ_itu_t */ +0x50, /* [4440] OBJ_joint_iso_itu_t */ +0x67, /* [4441] OBJ_international_organizations */ +0x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x14,0x02,0x02,/* [4442] OBJ_ms_smartcard_login */ +0x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x14,0x02,0x03,/* [4452] OBJ_ms_upn */ +0x55,0x04,0x09, /* [4462] OBJ_streetAddress */ +0x55,0x04,0x11, /* [4465] OBJ_postalCode */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x15, /* [4468] OBJ_id_ppl */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x0E, /* [4475] OBJ_proxyCertInfo */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x15,0x00, /* [4483] OBJ_id_ppl_anyLanguage */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x15,0x01, /* [4491] OBJ_id_ppl_inheritAll */ +0x55,0x1D,0x1E, /* [4499] OBJ_name_constraints */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x15,0x02, /* [4502] OBJ_Independent */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x0B,/* [4510] OBJ_sha256WithRSAEncryption */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x0C,/* [4519] OBJ_sha384WithRSAEncryption */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x0D,/* [4528] OBJ_sha512WithRSAEncryption */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x0E,/* [4537] OBJ_sha224WithRSAEncryption */ +0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x02,0x01,/* [4546] OBJ_sha256 */ +0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x02,0x02,/* [4555] OBJ_sha384 */ +0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x02,0x03,/* [4564] OBJ_sha512 */ +0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x02,0x04,/* [4573] OBJ_sha224 */ +0x2B, /* [4582] OBJ_identified_organization */ +0x2B,0x81,0x04, /* [4583] OBJ_certicom_arc */ +0x67,0x2B, /* [4586] OBJ_wap */ +0x67,0x2B,0x0D, /* [4588] OBJ_wap_wsg */ +0x2A,0x86,0x48,0xCE,0x3D,0x01,0x02,0x03, /* [4591] OBJ_X9_62_id_characteristic_two_basis */ +0x2A,0x86,0x48,0xCE,0x3D,0x01,0x02,0x03,0x01,/* [4599] OBJ_X9_62_onBasis */ +0x2A,0x86,0x48,0xCE,0x3D,0x01,0x02,0x03,0x02,/* [4608] OBJ_X9_62_tpBasis */ +0x2A,0x86,0x48,0xCE,0x3D,0x01,0x02,0x03,0x03,/* [4617] OBJ_X9_62_ppBasis */ +0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x01, /* [4626] OBJ_X9_62_c2pnb163v1 */ +0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x02, /* [4634] OBJ_X9_62_c2pnb163v2 */ +0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x03, /* [4642] OBJ_X9_62_c2pnb163v3 */ +0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x04, /* [4650] OBJ_X9_62_c2pnb176v1 */ +0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x05, /* [4658] OBJ_X9_62_c2tnb191v1 */ +0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x06, /* [4666] OBJ_X9_62_c2tnb191v2 */ +0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x07, /* [4674] OBJ_X9_62_c2tnb191v3 */ +0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x08, /* [4682] OBJ_X9_62_c2onb191v4 */ +0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x09, /* [4690] OBJ_X9_62_c2onb191v5 */ +0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x0A, /* [4698] OBJ_X9_62_c2pnb208w1 */ +0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x0B, /* [4706] OBJ_X9_62_c2tnb239v1 */ +0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x0C, /* [4714] OBJ_X9_62_c2tnb239v2 */ +0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x0D, /* [4722] OBJ_X9_62_c2tnb239v3 */ +0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x0E, /* [4730] OBJ_X9_62_c2onb239v4 */ +0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x0F, /* [4738] OBJ_X9_62_c2onb239v5 */ +0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x10, /* [4746] OBJ_X9_62_c2pnb272w1 */ +0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x11, /* [4754] OBJ_X9_62_c2pnb304w1 */ +0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x12, /* [4762] OBJ_X9_62_c2tnb359v1 */ +0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x13, /* [4770] OBJ_X9_62_c2pnb368w1 */ +0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x14, /* [4778] OBJ_X9_62_c2tnb431r1 */ +0x2B,0x81,0x04,0x00,0x06, /* [4786] OBJ_secp112r1 */ +0x2B,0x81,0x04,0x00,0x07, /* [4791] OBJ_secp112r2 */ +0x2B,0x81,0x04,0x00,0x1C, /* [4796] OBJ_secp128r1 */ +0x2B,0x81,0x04,0x00,0x1D, /* [4801] OBJ_secp128r2 */ +0x2B,0x81,0x04,0x00,0x09, /* [4806] OBJ_secp160k1 */ +0x2B,0x81,0x04,0x00,0x08, /* [4811] OBJ_secp160r1 */ +0x2B,0x81,0x04,0x00,0x1E, /* [4816] OBJ_secp160r2 */ +0x2B,0x81,0x04,0x00,0x1F, /* [4821] OBJ_secp192k1 */ +0x2B,0x81,0x04,0x00,0x20, /* [4826] OBJ_secp224k1 */ +0x2B,0x81,0x04,0x00,0x21, /* [4831] OBJ_secp224r1 */ +0x2B,0x81,0x04,0x00,0x0A, /* [4836] OBJ_secp256k1 */ +0x2B,0x81,0x04,0x00,0x22, /* [4841] OBJ_secp384r1 */ +0x2B,0x81,0x04,0x00,0x23, /* [4846] OBJ_secp521r1 */ +0x2B,0x81,0x04,0x00,0x04, /* [4851] OBJ_sect113r1 */ +0x2B,0x81,0x04,0x00,0x05, /* [4856] OBJ_sect113r2 */ +0x2B,0x81,0x04,0x00,0x16, /* [4861] OBJ_sect131r1 */ +0x2B,0x81,0x04,0x00,0x17, /* [4866] OBJ_sect131r2 */ +0x2B,0x81,0x04,0x00,0x01, /* [4871] OBJ_sect163k1 */ +0x2B,0x81,0x04,0x00,0x02, /* [4876] OBJ_sect163r1 */ +0x2B,0x81,0x04,0x00,0x0F, /* [4881] OBJ_sect163r2 */ +0x2B,0x81,0x04,0x00,0x18, /* [4886] OBJ_sect193r1 */ +0x2B,0x81,0x04,0x00,0x19, /* [4891] OBJ_sect193r2 */ +0x2B,0x81,0x04,0x00,0x1A, /* [4896] OBJ_sect233k1 */ +0x2B,0x81,0x04,0x00,0x1B, /* [4901] OBJ_sect233r1 */ +0x2B,0x81,0x04,0x00,0x03, /* [4906] OBJ_sect239k1 */ +0x2B,0x81,0x04,0x00,0x10, /* [4911] OBJ_sect283k1 */ +0x2B,0x81,0x04,0x00,0x11, /* [4916] OBJ_sect283r1 */ +0x2B,0x81,0x04,0x00,0x24, /* [4921] OBJ_sect409k1 */ +0x2B,0x81,0x04,0x00,0x25, /* [4926] OBJ_sect409r1 */ +0x2B,0x81,0x04,0x00,0x26, /* [4931] OBJ_sect571k1 */ +0x2B,0x81,0x04,0x00,0x27, /* [4936] OBJ_sect571r1 */ +0x67,0x2B,0x0D,0x04,0x01, /* [4941] OBJ_wap_wsg_idm_ecid_wtls1 */ +0x67,0x2B,0x0D,0x04,0x03, /* [4946] OBJ_wap_wsg_idm_ecid_wtls3 */ +0x67,0x2B,0x0D,0x04,0x04, /* [4951] OBJ_wap_wsg_idm_ecid_wtls4 */ +0x67,0x2B,0x0D,0x04,0x05, /* [4956] OBJ_wap_wsg_idm_ecid_wtls5 */ +0x67,0x2B,0x0D,0x04,0x06, /* [4961] OBJ_wap_wsg_idm_ecid_wtls6 */ +0x67,0x2B,0x0D,0x04,0x07, /* [4966] OBJ_wap_wsg_idm_ecid_wtls7 */ +0x67,0x2B,0x0D,0x04,0x08, /* [4971] OBJ_wap_wsg_idm_ecid_wtls8 */ +0x67,0x2B,0x0D,0x04,0x09, /* [4976] OBJ_wap_wsg_idm_ecid_wtls9 */ +0x67,0x2B,0x0D,0x04,0x0A, /* [4981] OBJ_wap_wsg_idm_ecid_wtls10 */ +0x67,0x2B,0x0D,0x04,0x0B, /* [4986] OBJ_wap_wsg_idm_ecid_wtls11 */ +0x67,0x2B,0x0D,0x04,0x0C, /* [4991] OBJ_wap_wsg_idm_ecid_wtls12 */ +0x55,0x1D,0x20,0x00, /* [4996] OBJ_any_policy */ +0x55,0x1D,0x21, /* [5000] OBJ_policy_mappings */ +0x55,0x1D,0x36, /* [5003] OBJ_inhibit_any_policy */ +0x2A,0x83,0x08,0x8C,0x9A,0x4B,0x3D,0x01,0x01,0x01,0x02,/* [5006] OBJ_camellia_128_cbc */ +0x2A,0x83,0x08,0x8C,0x9A,0x4B,0x3D,0x01,0x01,0x01,0x03,/* [5017] OBJ_camellia_192_cbc */ +0x2A,0x83,0x08,0x8C,0x9A,0x4B,0x3D,0x01,0x01,0x01,0x04,/* [5028] OBJ_camellia_256_cbc */ +0x03,0xA2,0x31,0x05,0x03,0x01,0x09,0x01, /* [5039] OBJ_camellia_128_ecb */ +0x03,0xA2,0x31,0x05,0x03,0x01,0x09,0x15, /* [5047] OBJ_camellia_192_ecb */ +0x03,0xA2,0x31,0x05,0x03,0x01,0x09,0x29, /* [5055] OBJ_camellia_256_ecb */ +0x03,0xA2,0x31,0x05,0x03,0x01,0x09,0x04, /* [5063] OBJ_camellia_128_cfb128 */ +0x03,0xA2,0x31,0x05,0x03,0x01,0x09,0x18, /* [5071] OBJ_camellia_192_cfb128 */ +0x03,0xA2,0x31,0x05,0x03,0x01,0x09,0x2C, /* [5079] OBJ_camellia_256_cfb128 */ +0x03,0xA2,0x31,0x05,0x03,0x01,0x09,0x03, /* [5087] OBJ_camellia_128_ofb128 */ +0x03,0xA2,0x31,0x05,0x03,0x01,0x09,0x17, /* [5095] OBJ_camellia_192_ofb128 */ +0x03,0xA2,0x31,0x05,0x03,0x01,0x09,0x2B, /* [5103] OBJ_camellia_256_ofb128 */ +0x55,0x1D,0x09, /* [5111] OBJ_subject_directory_attributes */ +0x55,0x1D,0x1C, /* [5114] OBJ_issuing_distribution_point */ +0x55,0x1D,0x1D, /* [5117] OBJ_certificate_issuer */ +0x2A,0x83,0x1A,0x8C,0x9A,0x44, /* [5120] OBJ_kisa */ +0x2A,0x83,0x1A,0x8C,0x9A,0x44,0x01,0x03, /* [5126] OBJ_seed_ecb */ +0x2A,0x83,0x1A,0x8C,0x9A,0x44,0x01,0x04, /* [5134] OBJ_seed_cbc */ +0x2A,0x83,0x1A,0x8C,0x9A,0x44,0x01,0x06, /* [5142] OBJ_seed_ofb128 */ +0x2A,0x83,0x1A,0x8C,0x9A,0x44,0x01,0x05, /* [5150] OBJ_seed_cfb128 */ +0x2B,0x06,0x01,0x05,0x05,0x08,0x01,0x01, /* [5158] OBJ_hmac_md5 */ +0x2B,0x06,0x01,0x05,0x05,0x08,0x01,0x02, /* [5166] OBJ_hmac_sha1 */ +0x2A,0x86,0x48,0x86,0xF6,0x7D,0x07,0x42,0x0D,/* [5174] OBJ_id_PasswordBasedMAC */ +0x2A,0x86,0x48,0x86,0xF6,0x7D,0x07,0x42,0x1E,/* [5183] OBJ_id_DHBasedMac */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x10, /* [5192] OBJ_id_it_suppLangTags */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x05, /* [5200] OBJ_caRepository */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x01,0x09,/* [5208] OBJ_id_smime_ct_compressedData */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x01,0x1B,/* [5219] OBJ_id_ct_asciiTextWithCRLF */ +0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x05,/* [5230] OBJ_id_aes128_wrap */ +0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x19,/* [5239] OBJ_id_aes192_wrap */ +0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x2D,/* [5248] OBJ_id_aes256_wrap */ }; static ASN1_OBJECT nid_objs[NUM_NID]={ @@ -748,21 +855,21 @@ static ASN1_OBJECT nid_objs[NUM_NID]={ {"DES-CFB","des-cfb",NID_des_cfb64,5,&(lvalues[192]),0}, {"DES-CBC","des-cbc",NID_des_cbc,5,&(lvalues[197]),0}, {"DES-EDE","des-ede",NID_des_ede_ecb,5,&(lvalues[202]),0}, -{"DES-EDE3","des-ede3",NID_des_ede3_ecb,0,NULL}, +{"DES-EDE3","des-ede3",NID_des_ede3_ecb,0,NULL,0}, {"IDEA-CBC","idea-cbc",NID_idea_cbc,11,&(lvalues[207]),0}, -{"IDEA-CFB","idea-cfb",NID_idea_cfb64,0,NULL}, -{"IDEA-ECB","idea-ecb",NID_idea_ecb,0,NULL}, +{"IDEA-CFB","idea-cfb",NID_idea_cfb64,0,NULL,0}, +{"IDEA-ECB","idea-ecb",NID_idea_ecb,0,NULL,0}, {"RC2-CBC","rc2-cbc",NID_rc2_cbc,8,&(lvalues[218]),0}, -{"RC2-ECB","rc2-ecb",NID_rc2_ecb,0,NULL}, -{"RC2-CFB","rc2-cfb",NID_rc2_cfb64,0,NULL}, -{"RC2-OFB","rc2-ofb",NID_rc2_ofb64,0,NULL}, +{"RC2-ECB","rc2-ecb",NID_rc2_ecb,0,NULL,0}, +{"RC2-CFB","rc2-cfb",NID_rc2_cfb64,0,NULL,0}, +{"RC2-OFB","rc2-ofb",NID_rc2_ofb64,0,NULL,0}, {"SHA","sha",NID_sha,5,&(lvalues[226]),0}, {"RSA-SHA","shaWithRSAEncryption",NID_shaWithRSAEncryption,5, &(lvalues[231]),0}, -{"DES-EDE-CBC","des-ede-cbc",NID_des_ede_cbc,0,NULL}, +{"DES-EDE-CBC","des-ede-cbc",NID_des_ede_cbc,0,NULL,0}, {"DES-EDE3-CBC","des-ede3-cbc",NID_des_ede3_cbc,8,&(lvalues[236]),0}, {"DES-OFB","des-ofb",NID_des_ofb64,5,&(lvalues[244]),0}, -{"IDEA-OFB","idea-ofb",NID_idea_ofb64,0,NULL}, +{"IDEA-OFB","idea-ofb",NID_idea_ofb64,0,NULL,0}, {"pkcs9","pkcs9",NID_pkcs9,8,&(lvalues[249]),0}, {"emailAddress","emailAddress",NID_pkcs9_emailAddress,9, &(lvalues[257]),0}, @@ -786,10 +893,10 @@ static ASN1_OBJECT nid_objs[NUM_NID]={ NID_netscape_cert_extension,8,&(lvalues[345]),0}, {"nsDataType","Netscape Data Type",NID_netscape_data_type,8, &(lvalues[353]),0}, -{"DES-EDE-CFB","des-ede-cfb",NID_des_ede_cfb64,0,NULL}, -{"DES-EDE3-CFB","des-ede3-cfb",NID_des_ede3_cfb64,0,NULL}, -{"DES-EDE-OFB","des-ede-ofb",NID_des_ede_ofb64,0,NULL}, -{"DES-EDE3-OFB","des-ede3-ofb",NID_des_ede3_ofb64,0,NULL}, +{"DES-EDE-CFB","des-ede-cfb",NID_des_ede_cfb64,0,NULL,0}, +{"DES-EDE3-CFB","des-ede3-cfb",NID_des_ede3_cfb64,0,NULL,0}, +{"DES-EDE-OFB","des-ede-ofb",NID_des_ede_ofb64,0,NULL,0}, +{"DES-EDE3-OFB","des-ede3-ofb",NID_des_ede3_ofb64,0,NULL,0}, {"SHA1","sha1",NID_sha1,5,&(lvalues[361]),0}, {"RSA-SHA1","sha1WithRSAEncryption",NID_sha1WithRSAEncryption,9, &(lvalues[366]),0}, @@ -816,7 +923,7 @@ static ASN1_OBJECT nid_objs[NUM_NID]={ {"nsComment","Netscape Comment",NID_netscape_comment,9,&(lvalues[471]),0}, {"nsCertSequence","Netscape Certificate Sequence", NID_netscape_cert_sequence,9,&(lvalues[480]),0}, -{"DESX-CBC","desx-cbc",NID_desx_cbc,0,NULL}, +{"DESX-CBC","desx-cbc",NID_desx_cbc,0,NULL,0}, {"id-ce","id-ce",NID_id_ce,2,&(lvalues[489]),0}, {"subjectKeyIdentifier","X509v3 Subject Key Identifier", NID_subject_key_identifier,3,&(lvalues[491]),0}, @@ -835,17 +942,17 @@ static ASN1_OBJECT nid_objs[NUM_NID]={ {"authorityKeyIdentifier","X509v3 Authority Key Identifier", NID_authority_key_identifier,3,&(lvalues[515]),0}, {"BF-CBC","bf-cbc",NID_bf_cbc,9,&(lvalues[518]),0}, -{"BF-ECB","bf-ecb",NID_bf_ecb,0,NULL}, -{"BF-CFB","bf-cfb",NID_bf_cfb64,0,NULL}, -{"BF-OFB","bf-ofb",NID_bf_ofb64,0,NULL}, +{"BF-ECB","bf-ecb",NID_bf_ecb,0,NULL,0}, +{"BF-CFB","bf-cfb",NID_bf_cfb64,0,NULL,0}, +{"BF-OFB","bf-ofb",NID_bf_ofb64,0,NULL,0}, {"MDC2","mdc2",NID_mdc2,4,&(lvalues[527]),0}, {"RSA-MDC2","mdc2WithRSA",NID_mdc2WithRSA,4,&(lvalues[531]),0}, -{"RC4-40","rc4-40",NID_rc4_40,0,NULL}, -{"RC2-40-CBC","rc2-40-cbc",NID_rc2_40_cbc,0,NULL}, +{"RC4-40","rc4-40",NID_rc4_40,0,NULL,0}, +{"RC2-40-CBC","rc2-40-cbc",NID_rc2_40_cbc,0,NULL,0}, {"GN","givenName",NID_givenName,3,&(lvalues[535]),0}, {"SN","surname",NID_surname,3,&(lvalues[538]),0}, {"initials","initials",NID_initials,3,&(lvalues[541]),0}, -{NULL,NULL,NID_undef,0,NULL}, +{NULL,NULL,NID_undef,0,NULL,0}, {"crlDistributionPoints","X509v3 CRL Distribution Points", NID_crl_distribution_points,3,&(lvalues[544]),0}, {"RSA-NP-MD5","md5WithRSA",NID_md5WithRSA,5,&(lvalues[547]),0}, @@ -853,931 +960,1085 @@ static ASN1_OBJECT nid_objs[NUM_NID]={ {"title","title",NID_title,3,&(lvalues[555]),0}, {"description","description",NID_description,3,&(lvalues[558]),0}, {"CAST5-CBC","cast5-cbc",NID_cast5_cbc,9,&(lvalues[561]),0}, -{"CAST5-ECB","cast5-ecb",NID_cast5_ecb,0,NULL}, -{"CAST5-CFB","cast5-cfb",NID_cast5_cfb64,0,NULL}, -{"CAST5-OFB","cast5-ofb",NID_cast5_ofb64,0,NULL}, +{"CAST5-ECB","cast5-ecb",NID_cast5_ecb,0,NULL,0}, +{"CAST5-CFB","cast5-cfb",NID_cast5_cfb64,0,NULL,0}, +{"CAST5-OFB","cast5-ofb",NID_cast5_ofb64,0,NULL,0}, {"pbeWithMD5AndCast5CBC","pbeWithMD5AndCast5CBC", NID_pbeWithMD5AndCast5_CBC,9,&(lvalues[570]),0}, {"DSA-SHA1","dsaWithSHA1",NID_dsaWithSHA1,7,&(lvalues[579]),0}, -{"MD5-SHA1","md5-sha1",NID_md5_sha1,0,NULL}, +{"MD5-SHA1","md5-sha1",NID_md5_sha1,0,NULL,0}, {"RSA-SHA1-2","sha1WithRSA",NID_sha1WithRSA,5,&(lvalues[586]),0}, {"DSA","dsaEncryption",NID_dsa,7,&(lvalues[591]),0}, {"RIPEMD160","ripemd160",NID_ripemd160,5,&(lvalues[598]),0}, -{NULL,NULL,NID_undef,0,NULL}, +{NULL,NULL,NID_undef,0,NULL,0}, {"RSA-RIPEMD160","ripemd160WithRSA",NID_ripemd160WithRSA,6, &(lvalues[603]),0}, {"RC5-CBC","rc5-cbc",NID_rc5_cbc,8,&(lvalues[609]),0}, -{"RC5-ECB","rc5-ecb",NID_rc5_ecb,0,NULL}, -{"RC5-CFB","rc5-cfb",NID_rc5_cfb64,0,NULL}, -{"RC5-OFB","rc5-ofb",NID_rc5_ofb64,0,NULL}, +{"RC5-ECB","rc5-ecb",NID_rc5_ecb,0,NULL,0}, +{"RC5-CFB","rc5-cfb",NID_rc5_cfb64,0,NULL,0}, +{"RC5-OFB","rc5-ofb",NID_rc5_ofb64,0,NULL,0}, {"RLE","run length compression",NID_rle_compression,6,&(lvalues[617]),0}, -{"ZLIB","zlib compression",NID_zlib_compression,6,&(lvalues[623]),0}, +{"ZLIB","zlib compression",NID_zlib_compression,11,&(lvalues[623]),0}, {"extendedKeyUsage","X509v3 Extended Key Usage",NID_ext_key_usage,3, - &(lvalues[629]),0}, -{"PKIX","PKIX",NID_id_pkix,6,&(lvalues[632]),0}, -{"id-kp","id-kp",NID_id_kp,7,&(lvalues[638]),0}, + &(lvalues[634]),0}, +{"PKIX","PKIX",NID_id_pkix,6,&(lvalues[637]),0}, +{"id-kp","id-kp",NID_id_kp,7,&(lvalues[643]),0}, {"serverAuth","TLS Web Server Authentication",NID_server_auth,8, - &(lvalues[645]),0}, + &(lvalues[650]),0}, {"clientAuth","TLS Web Client Authentication",NID_client_auth,8, - &(lvalues[653]),0}, -{"codeSigning","Code Signing",NID_code_sign,8,&(lvalues[661]),0}, + &(lvalues[658]),0}, +{"codeSigning","Code Signing",NID_code_sign,8,&(lvalues[666]),0}, {"emailProtection","E-mail Protection",NID_email_protect,8, - &(lvalues[669]),0}, -{"timeStamping","Time Stamping",NID_time_stamp,8,&(lvalues[677]),0}, + &(lvalues[674]),0}, +{"timeStamping","Time Stamping",NID_time_stamp,8,&(lvalues[682]),0}, {"msCodeInd","Microsoft Individual Code Signing",NID_ms_code_ind,10, - &(lvalues[685]),0}, + &(lvalues[690]),0}, {"msCodeCom","Microsoft Commercial Code Signing",NID_ms_code_com,10, - &(lvalues[695]),0}, + &(lvalues[700]),0}, {"msCTLSign","Microsoft Trust List Signing",NID_ms_ctl_sign,10, - &(lvalues[705]),0}, -{"msSGC","Microsoft Server Gated Crypto",NID_ms_sgc,10,&(lvalues[715]),0}, + &(lvalues[710]),0}, +{"msSGC","Microsoft Server Gated Crypto",NID_ms_sgc,10,&(lvalues[720]),0}, {"msEFS","Microsoft Encrypted File System",NID_ms_efs,10, - &(lvalues[725]),0}, -{"nsSGC","Netscape Server Gated Crypto",NID_ns_sgc,9,&(lvalues[735]),0}, + &(lvalues[730]),0}, +{"nsSGC","Netscape Server Gated Crypto",NID_ns_sgc,9,&(lvalues[740]),0}, {"deltaCRL","X509v3 Delta CRL Indicator",NID_delta_crl,3, - &(lvalues[744]),0}, -{"CRLReason","X509v3 CRL Reason Code",NID_crl_reason,3,&(lvalues[747]),0}, + &(lvalues[749]),0}, +{"CRLReason","X509v3 CRL Reason Code",NID_crl_reason,3,&(lvalues[752]),0}, {"invalidityDate","Invalidity Date",NID_invalidity_date,3, - &(lvalues[750]),0}, -{"SXNetID","Strong Extranet ID",NID_sxnet,5,&(lvalues[753]),0}, + &(lvalues[755]),0}, +{"SXNetID","Strong Extranet ID",NID_sxnet,5,&(lvalues[758]),0}, {"PBE-SHA1-RC4-128","pbeWithSHA1And128BitRC4", - NID_pbe_WithSHA1And128BitRC4,10,&(lvalues[758]),0}, + NID_pbe_WithSHA1And128BitRC4,10,&(lvalues[763]),0}, {"PBE-SHA1-RC4-40","pbeWithSHA1And40BitRC4", - NID_pbe_WithSHA1And40BitRC4,10,&(lvalues[768]),0}, + NID_pbe_WithSHA1And40BitRC4,10,&(lvalues[773]),0}, {"PBE-SHA1-3DES","pbeWithSHA1And3-KeyTripleDES-CBC", - NID_pbe_WithSHA1And3_Key_TripleDES_CBC,10,&(lvalues[778]),0}, + NID_pbe_WithSHA1And3_Key_TripleDES_CBC,10,&(lvalues[783]),0}, {"PBE-SHA1-2DES","pbeWithSHA1And2-KeyTripleDES-CBC", - NID_pbe_WithSHA1And2_Key_TripleDES_CBC,10,&(lvalues[788]),0}, + NID_pbe_WithSHA1And2_Key_TripleDES_CBC,10,&(lvalues[793]),0}, {"PBE-SHA1-RC2-128","pbeWithSHA1And128BitRC2-CBC", - NID_pbe_WithSHA1And128BitRC2_CBC,10,&(lvalues[798]),0}, + NID_pbe_WithSHA1And128BitRC2_CBC,10,&(lvalues[803]),0}, {"PBE-SHA1-RC2-40","pbeWithSHA1And40BitRC2-CBC", - NID_pbe_WithSHA1And40BitRC2_CBC,10,&(lvalues[808]),0}, -{"keyBag","keyBag",NID_keyBag,11,&(lvalues[818]),0}, + NID_pbe_WithSHA1And40BitRC2_CBC,10,&(lvalues[813]),0}, +{"keyBag","keyBag",NID_keyBag,11,&(lvalues[823]),0}, {"pkcs8ShroudedKeyBag","pkcs8ShroudedKeyBag",NID_pkcs8ShroudedKeyBag, - 11,&(lvalues[829]),0}, -{"certBag","certBag",NID_certBag,11,&(lvalues[840]),0}, -{"crlBag","crlBag",NID_crlBag,11,&(lvalues[851]),0}, -{"secretBag","secretBag",NID_secretBag,11,&(lvalues[862]),0}, + 11,&(lvalues[834]),0}, +{"certBag","certBag",NID_certBag,11,&(lvalues[845]),0}, +{"crlBag","crlBag",NID_crlBag,11,&(lvalues[856]),0}, +{"secretBag","secretBag",NID_secretBag,11,&(lvalues[867]),0}, {"safeContentsBag","safeContentsBag",NID_safeContentsBag,11, - &(lvalues[873]),0}, -{"friendlyName","friendlyName",NID_friendlyName,9,&(lvalues[884]),0}, -{"localKeyID","localKeyID",NID_localKeyID,9,&(lvalues[893]),0}, + &(lvalues[878]),0}, +{"friendlyName","friendlyName",NID_friendlyName,9,&(lvalues[889]),0}, +{"localKeyID","localKeyID",NID_localKeyID,9,&(lvalues[898]),0}, {"x509Certificate","x509Certificate",NID_x509Certificate,10, - &(lvalues[902]),0}, + &(lvalues[907]),0}, {"sdsiCertificate","sdsiCertificate",NID_sdsiCertificate,10, - &(lvalues[912]),0}, -{"x509Crl","x509Crl",NID_x509Crl,10,&(lvalues[922]),0}, -{"PBES2","PBES2",NID_pbes2,9,&(lvalues[932]),0}, -{"PBMAC1","PBMAC1",NID_pbmac1,9,&(lvalues[941]),0}, -{"hmacWithSHA1","hmacWithSHA1",NID_hmacWithSHA1,8,&(lvalues[950]),0}, -{"id-qt-cps","Policy Qualifier CPS",NID_id_qt_cps,8,&(lvalues[958]),0}, + &(lvalues[917]),0}, +{"x509Crl","x509Crl",NID_x509Crl,10,&(lvalues[927]),0}, +{"PBES2","PBES2",NID_pbes2,9,&(lvalues[937]),0}, +{"PBMAC1","PBMAC1",NID_pbmac1,9,&(lvalues[946]),0}, +{"hmacWithSHA1","hmacWithSHA1",NID_hmacWithSHA1,8,&(lvalues[955]),0}, +{"id-qt-cps","Policy Qualifier CPS",NID_id_qt_cps,8,&(lvalues[963]),0}, {"id-qt-unotice","Policy Qualifier User Notice",NID_id_qt_unotice,8, - &(lvalues[966]),0}, -{"RC2-64-CBC","rc2-64-cbc",NID_rc2_64_cbc,0,NULL}, + &(lvalues[971]),0}, +{"RC2-64-CBC","rc2-64-cbc",NID_rc2_64_cbc,0,NULL,0}, {"SMIME-CAPS","S/MIME Capabilities",NID_SMIMECapabilities,9, - &(lvalues[974]),0}, + &(lvalues[979]),0}, {"PBE-MD2-RC2-64","pbeWithMD2AndRC2-CBC",NID_pbeWithMD2AndRC2_CBC,9, - &(lvalues[983]),0}, + &(lvalues[988]),0}, {"PBE-MD5-RC2-64","pbeWithMD5AndRC2-CBC",NID_pbeWithMD5AndRC2_CBC,9, - &(lvalues[992]),0}, + &(lvalues[997]),0}, {"PBE-SHA1-DES","pbeWithSHA1AndDES-CBC",NID_pbeWithSHA1AndDES_CBC,9, - &(lvalues[1001]),0}, + &(lvalues[1006]),0}, {"msExtReq","Microsoft Extension Request",NID_ms_ext_req,10, - &(lvalues[1010]),0}, -{"extReq","Extension Request",NID_ext_req,9,&(lvalues[1020]),0}, -{"name","name",NID_name,3,&(lvalues[1029]),0}, -{"dnQualifier","dnQualifier",NID_dnQualifier,3,&(lvalues[1032]),0}, -{"id-pe","id-pe",NID_id_pe,7,&(lvalues[1035]),0}, -{"id-ad","id-ad",NID_id_ad,7,&(lvalues[1042]),0}, + &(lvalues[1015]),0}, +{"extReq","Extension Request",NID_ext_req,9,&(lvalues[1025]),0}, +{"name","name",NID_name,3,&(lvalues[1034]),0}, +{"dnQualifier","dnQualifier",NID_dnQualifier,3,&(lvalues[1037]),0}, +{"id-pe","id-pe",NID_id_pe,7,&(lvalues[1040]),0}, +{"id-ad","id-ad",NID_id_ad,7,&(lvalues[1047]),0}, {"authorityInfoAccess","Authority Information Access",NID_info_access, - 8,&(lvalues[1049]),0}, -{"OCSP","OCSP",NID_ad_OCSP,8,&(lvalues[1057]),0}, -{"caIssuers","CA Issuers",NID_ad_ca_issuers,8,&(lvalues[1065]),0}, -{"OCSPSigning","OCSP Signing",NID_OCSP_sign,8,&(lvalues[1073]),0}, -{"ISO","iso",NID_iso,1,&(lvalues[1081]),0}, -{"member-body","ISO Member Body",NID_member_body,1,&(lvalues[1082]),0}, -{"ISO-US","ISO US Member Body",NID_ISO_US,3,&(lvalues[1083]),0}, -{"X9-57","X9.57",NID_X9_57,5,&(lvalues[1086]),0}, -{"X9cm","X9.57 CM ?",NID_X9cm,6,&(lvalues[1091]),0}, -{"pkcs1","pkcs1",NID_pkcs1,8,&(lvalues[1097]),0}, -{"pkcs5","pkcs5",NID_pkcs5,8,&(lvalues[1105]),0}, -{"SMIME","S/MIME",NID_SMIME,9,&(lvalues[1113]),0}, -{"id-smime-mod","id-smime-mod",NID_id_smime_mod,10,&(lvalues[1122]),0}, -{"id-smime-ct","id-smime-ct",NID_id_smime_ct,10,&(lvalues[1132]),0}, -{"id-smime-aa","id-smime-aa",NID_id_smime_aa,10,&(lvalues[1142]),0}, -{"id-smime-alg","id-smime-alg",NID_id_smime_alg,10,&(lvalues[1152]),0}, -{"id-smime-cd","id-smime-cd",NID_id_smime_cd,10,&(lvalues[1162]),0}, -{"id-smime-spq","id-smime-spq",NID_id_smime_spq,10,&(lvalues[1172]),0}, -{"id-smime-cti","id-smime-cti",NID_id_smime_cti,10,&(lvalues[1182]),0}, + 8,&(lvalues[1054]),0}, +{"OCSP","OCSP",NID_ad_OCSP,8,&(lvalues[1062]),0}, +{"caIssuers","CA Issuers",NID_ad_ca_issuers,8,&(lvalues[1070]),0}, +{"OCSPSigning","OCSP Signing",NID_OCSP_sign,8,&(lvalues[1078]),0}, +{"ISO","iso",NID_iso,1,&(lvalues[1086]),0}, +{"member-body","ISO Member Body",NID_member_body,1,&(lvalues[1087]),0}, +{"ISO-US","ISO US Member Body",NID_ISO_US,3,&(lvalues[1088]),0}, +{"X9-57","X9.57",NID_X9_57,5,&(lvalues[1091]),0}, +{"X9cm","X9.57 CM ?",NID_X9cm,6,&(lvalues[1096]),0}, +{"pkcs1","pkcs1",NID_pkcs1,8,&(lvalues[1102]),0}, +{"pkcs5","pkcs5",NID_pkcs5,8,&(lvalues[1110]),0}, +{"SMIME","S/MIME",NID_SMIME,9,&(lvalues[1118]),0}, +{"id-smime-mod","id-smime-mod",NID_id_smime_mod,10,&(lvalues[1127]),0}, +{"id-smime-ct","id-smime-ct",NID_id_smime_ct,10,&(lvalues[1137]),0}, +{"id-smime-aa","id-smime-aa",NID_id_smime_aa,10,&(lvalues[1147]),0}, +{"id-smime-alg","id-smime-alg",NID_id_smime_alg,10,&(lvalues[1157]),0}, +{"id-smime-cd","id-smime-cd",NID_id_smime_cd,10,&(lvalues[1167]),0}, +{"id-smime-spq","id-smime-spq",NID_id_smime_spq,10,&(lvalues[1177]),0}, +{"id-smime-cti","id-smime-cti",NID_id_smime_cti,10,&(lvalues[1187]),0}, {"id-smime-mod-cms","id-smime-mod-cms",NID_id_smime_mod_cms,11, - &(lvalues[1192]),0}, + &(lvalues[1197]),0}, {"id-smime-mod-ess","id-smime-mod-ess",NID_id_smime_mod_ess,11, - &(lvalues[1203]),0}, + &(lvalues[1208]),0}, {"id-smime-mod-oid","id-smime-mod-oid",NID_id_smime_mod_oid,11, - &(lvalues[1214]),0}, + &(lvalues[1219]),0}, {"id-smime-mod-msg-v3","id-smime-mod-msg-v3",NID_id_smime_mod_msg_v3, - 11,&(lvalues[1225]),0}, + 11,&(lvalues[1230]),0}, {"id-smime-mod-ets-eSignature-88","id-smime-mod-ets-eSignature-88", - NID_id_smime_mod_ets_eSignature_88,11,&(lvalues[1236]),0}, + NID_id_smime_mod_ets_eSignature_88,11,&(lvalues[1241]),0}, {"id-smime-mod-ets-eSignature-97","id-smime-mod-ets-eSignature-97", - NID_id_smime_mod_ets_eSignature_97,11,&(lvalues[1247]),0}, + NID_id_smime_mod_ets_eSignature_97,11,&(lvalues[1252]),0}, {"id-smime-mod-ets-eSigPolicy-88","id-smime-mod-ets-eSigPolicy-88", - NID_id_smime_mod_ets_eSigPolicy_88,11,&(lvalues[1258]),0}, + NID_id_smime_mod_ets_eSigPolicy_88,11,&(lvalues[1263]),0}, {"id-smime-mod-ets-eSigPolicy-97","id-smime-mod-ets-eSigPolicy-97", - NID_id_smime_mod_ets_eSigPolicy_97,11,&(lvalues[1269]),0}, + NID_id_smime_mod_ets_eSigPolicy_97,11,&(lvalues[1274]),0}, {"id-smime-ct-receipt","id-smime-ct-receipt",NID_id_smime_ct_receipt, - 11,&(lvalues[1280]),0}, + 11,&(lvalues[1285]),0}, {"id-smime-ct-authData","id-smime-ct-authData", - NID_id_smime_ct_authData,11,&(lvalues[1291]),0}, + NID_id_smime_ct_authData,11,&(lvalues[1296]),0}, {"id-smime-ct-publishCert","id-smime-ct-publishCert", - NID_id_smime_ct_publishCert,11,&(lvalues[1302]),0}, + NID_id_smime_ct_publishCert,11,&(lvalues[1307]),0}, {"id-smime-ct-TSTInfo","id-smime-ct-TSTInfo",NID_id_smime_ct_TSTInfo, - 11,&(lvalues[1313]),0}, + 11,&(lvalues[1318]),0}, {"id-smime-ct-TDTInfo","id-smime-ct-TDTInfo",NID_id_smime_ct_TDTInfo, - 11,&(lvalues[1324]),0}, + 11,&(lvalues[1329]),0}, {"id-smime-ct-contentInfo","id-smime-ct-contentInfo", - NID_id_smime_ct_contentInfo,11,&(lvalues[1335]),0}, + NID_id_smime_ct_contentInfo,11,&(lvalues[1340]),0}, {"id-smime-ct-DVCSRequestData","id-smime-ct-DVCSRequestData", - NID_id_smime_ct_DVCSRequestData,11,&(lvalues[1346]),0}, + NID_id_smime_ct_DVCSRequestData,11,&(lvalues[1351]),0}, {"id-smime-ct-DVCSResponseData","id-smime-ct-DVCSResponseData", - NID_id_smime_ct_DVCSResponseData,11,&(lvalues[1357]),0}, + NID_id_smime_ct_DVCSResponseData,11,&(lvalues[1362]),0}, {"id-smime-aa-receiptRequest","id-smime-aa-receiptRequest", - NID_id_smime_aa_receiptRequest,11,&(lvalues[1368]),0}, + NID_id_smime_aa_receiptRequest,11,&(lvalues[1373]),0}, {"id-smime-aa-securityLabel","id-smime-aa-securityLabel", - NID_id_smime_aa_securityLabel,11,&(lvalues[1379]),0}, + NID_id_smime_aa_securityLabel,11,&(lvalues[1384]),0}, {"id-smime-aa-mlExpandHistory","id-smime-aa-mlExpandHistory", - NID_id_smime_aa_mlExpandHistory,11,&(lvalues[1390]),0}, + NID_id_smime_aa_mlExpandHistory,11,&(lvalues[1395]),0}, {"id-smime-aa-contentHint","id-smime-aa-contentHint", - NID_id_smime_aa_contentHint,11,&(lvalues[1401]),0}, + NID_id_smime_aa_contentHint,11,&(lvalues[1406]),0}, {"id-smime-aa-msgSigDigest","id-smime-aa-msgSigDigest", - NID_id_smime_aa_msgSigDigest,11,&(lvalues[1412]),0}, + NID_id_smime_aa_msgSigDigest,11,&(lvalues[1417]),0}, {"id-smime-aa-encapContentType","id-smime-aa-encapContentType", - NID_id_smime_aa_encapContentType,11,&(lvalues[1423]),0}, + NID_id_smime_aa_encapContentType,11,&(lvalues[1428]),0}, {"id-smime-aa-contentIdentifier","id-smime-aa-contentIdentifier", - NID_id_smime_aa_contentIdentifier,11,&(lvalues[1434]),0}, + NID_id_smime_aa_contentIdentifier,11,&(lvalues[1439]),0}, {"id-smime-aa-macValue","id-smime-aa-macValue", - NID_id_smime_aa_macValue,11,&(lvalues[1445]),0}, + NID_id_smime_aa_macValue,11,&(lvalues[1450]),0}, {"id-smime-aa-equivalentLabels","id-smime-aa-equivalentLabels", - NID_id_smime_aa_equivalentLabels,11,&(lvalues[1456]),0}, + NID_id_smime_aa_equivalentLabels,11,&(lvalues[1461]),0}, {"id-smime-aa-contentReference","id-smime-aa-contentReference", - NID_id_smime_aa_contentReference,11,&(lvalues[1467]),0}, + NID_id_smime_aa_contentReference,11,&(lvalues[1472]),0}, {"id-smime-aa-encrypKeyPref","id-smime-aa-encrypKeyPref", - NID_id_smime_aa_encrypKeyPref,11,&(lvalues[1478]),0}, + NID_id_smime_aa_encrypKeyPref,11,&(lvalues[1483]),0}, {"id-smime-aa-signingCertificate","id-smime-aa-signingCertificate", - NID_id_smime_aa_signingCertificate,11,&(lvalues[1489]),0}, + NID_id_smime_aa_signingCertificate,11,&(lvalues[1494]),0}, {"id-smime-aa-smimeEncryptCerts","id-smime-aa-smimeEncryptCerts", - NID_id_smime_aa_smimeEncryptCerts,11,&(lvalues[1500]),0}, + NID_id_smime_aa_smimeEncryptCerts,11,&(lvalues[1505]),0}, {"id-smime-aa-timeStampToken","id-smime-aa-timeStampToken", - NID_id_smime_aa_timeStampToken,11,&(lvalues[1511]),0}, + NID_id_smime_aa_timeStampToken,11,&(lvalues[1516]),0}, {"id-smime-aa-ets-sigPolicyId","id-smime-aa-ets-sigPolicyId", - NID_id_smime_aa_ets_sigPolicyId,11,&(lvalues[1522]),0}, + NID_id_smime_aa_ets_sigPolicyId,11,&(lvalues[1527]),0}, {"id-smime-aa-ets-commitmentType","id-smime-aa-ets-commitmentType", - NID_id_smime_aa_ets_commitmentType,11,&(lvalues[1533]),0}, + NID_id_smime_aa_ets_commitmentType,11,&(lvalues[1538]),0}, {"id-smime-aa-ets-signerLocation","id-smime-aa-ets-signerLocation", - NID_id_smime_aa_ets_signerLocation,11,&(lvalues[1544]),0}, + NID_id_smime_aa_ets_signerLocation,11,&(lvalues[1549]),0}, {"id-smime-aa-ets-signerAttr","id-smime-aa-ets-signerAttr", - NID_id_smime_aa_ets_signerAttr,11,&(lvalues[1555]),0}, + NID_id_smime_aa_ets_signerAttr,11,&(lvalues[1560]),0}, {"id-smime-aa-ets-otherSigCert","id-smime-aa-ets-otherSigCert", - NID_id_smime_aa_ets_otherSigCert,11,&(lvalues[1566]),0}, + NID_id_smime_aa_ets_otherSigCert,11,&(lvalues[1571]),0}, {"id-smime-aa-ets-contentTimestamp", "id-smime-aa-ets-contentTimestamp", - NID_id_smime_aa_ets_contentTimestamp,11,&(lvalues[1577]),0}, + NID_id_smime_aa_ets_contentTimestamp,11,&(lvalues[1582]),0}, {"id-smime-aa-ets-CertificateRefs","id-smime-aa-ets-CertificateRefs", - NID_id_smime_aa_ets_CertificateRefs,11,&(lvalues[1588]),0}, + NID_id_smime_aa_ets_CertificateRefs,11,&(lvalues[1593]),0}, {"id-smime-aa-ets-RevocationRefs","id-smime-aa-ets-RevocationRefs", - NID_id_smime_aa_ets_RevocationRefs,11,&(lvalues[1599]),0}, + NID_id_smime_aa_ets_RevocationRefs,11,&(lvalues[1604]),0}, {"id-smime-aa-ets-certValues","id-smime-aa-ets-certValues", - NID_id_smime_aa_ets_certValues,11,&(lvalues[1610]),0}, + NID_id_smime_aa_ets_certValues,11,&(lvalues[1615]),0}, {"id-smime-aa-ets-revocationValues", "id-smime-aa-ets-revocationValues", - NID_id_smime_aa_ets_revocationValues,11,&(lvalues[1621]),0}, + NID_id_smime_aa_ets_revocationValues,11,&(lvalues[1626]),0}, {"id-smime-aa-ets-escTimeStamp","id-smime-aa-ets-escTimeStamp", - NID_id_smime_aa_ets_escTimeStamp,11,&(lvalues[1632]),0}, + NID_id_smime_aa_ets_escTimeStamp,11,&(lvalues[1637]),0}, {"id-smime-aa-ets-certCRLTimestamp", "id-smime-aa-ets-certCRLTimestamp", - NID_id_smime_aa_ets_certCRLTimestamp,11,&(lvalues[1643]),0}, + NID_id_smime_aa_ets_certCRLTimestamp,11,&(lvalues[1648]),0}, {"id-smime-aa-ets-archiveTimeStamp", "id-smime-aa-ets-archiveTimeStamp", - NID_id_smime_aa_ets_archiveTimeStamp,11,&(lvalues[1654]),0}, + NID_id_smime_aa_ets_archiveTimeStamp,11,&(lvalues[1659]),0}, {"id-smime-aa-signatureType","id-smime-aa-signatureType", - NID_id_smime_aa_signatureType,11,&(lvalues[1665]),0}, + NID_id_smime_aa_signatureType,11,&(lvalues[1670]),0}, {"id-smime-aa-dvcs-dvc","id-smime-aa-dvcs-dvc", - NID_id_smime_aa_dvcs_dvc,11,&(lvalues[1676]),0}, + NID_id_smime_aa_dvcs_dvc,11,&(lvalues[1681]),0}, {"id-smime-alg-ESDHwith3DES","id-smime-alg-ESDHwith3DES", - NID_id_smime_alg_ESDHwith3DES,11,&(lvalues[1687]),0}, + NID_id_smime_alg_ESDHwith3DES,11,&(lvalues[1692]),0}, {"id-smime-alg-ESDHwithRC2","id-smime-alg-ESDHwithRC2", - NID_id_smime_alg_ESDHwithRC2,11,&(lvalues[1698]),0}, + NID_id_smime_alg_ESDHwithRC2,11,&(lvalues[1703]),0}, {"id-smime-alg-3DESwrap","id-smime-alg-3DESwrap", - NID_id_smime_alg_3DESwrap,11,&(lvalues[1709]),0}, + NID_id_smime_alg_3DESwrap,11,&(lvalues[1714]),0}, {"id-smime-alg-RC2wrap","id-smime-alg-RC2wrap", - NID_id_smime_alg_RC2wrap,11,&(lvalues[1720]),0}, + NID_id_smime_alg_RC2wrap,11,&(lvalues[1725]),0}, {"id-smime-alg-ESDH","id-smime-alg-ESDH",NID_id_smime_alg_ESDH,11, - &(lvalues[1731]),0}, + &(lvalues[1736]),0}, {"id-smime-alg-CMS3DESwrap","id-smime-alg-CMS3DESwrap", - NID_id_smime_alg_CMS3DESwrap,11,&(lvalues[1742]),0}, + NID_id_smime_alg_CMS3DESwrap,11,&(lvalues[1747]),0}, {"id-smime-alg-CMSRC2wrap","id-smime-alg-CMSRC2wrap", - NID_id_smime_alg_CMSRC2wrap,11,&(lvalues[1753]),0}, + NID_id_smime_alg_CMSRC2wrap,11,&(lvalues[1758]),0}, {"id-smime-cd-ldap","id-smime-cd-ldap",NID_id_smime_cd_ldap,11, - &(lvalues[1764]),0}, + &(lvalues[1769]),0}, {"id-smime-spq-ets-sqt-uri","id-smime-spq-ets-sqt-uri", - NID_id_smime_spq_ets_sqt_uri,11,&(lvalues[1775]),0}, + NID_id_smime_spq_ets_sqt_uri,11,&(lvalues[1780]),0}, {"id-smime-spq-ets-sqt-unotice","id-smime-spq-ets-sqt-unotice", - NID_id_smime_spq_ets_sqt_unotice,11,&(lvalues[1786]),0}, + NID_id_smime_spq_ets_sqt_unotice,11,&(lvalues[1791]),0}, {"id-smime-cti-ets-proofOfOrigin","id-smime-cti-ets-proofOfOrigin", - NID_id_smime_cti_ets_proofOfOrigin,11,&(lvalues[1797]),0}, + NID_id_smime_cti_ets_proofOfOrigin,11,&(lvalues[1802]),0}, {"id-smime-cti-ets-proofOfReceipt","id-smime-cti-ets-proofOfReceipt", - NID_id_smime_cti_ets_proofOfReceipt,11,&(lvalues[1808]),0}, + NID_id_smime_cti_ets_proofOfReceipt,11,&(lvalues[1813]),0}, {"id-smime-cti-ets-proofOfDelivery", "id-smime-cti-ets-proofOfDelivery", - NID_id_smime_cti_ets_proofOfDelivery,11,&(lvalues[1819]),0}, + NID_id_smime_cti_ets_proofOfDelivery,11,&(lvalues[1824]),0}, {"id-smime-cti-ets-proofOfSender","id-smime-cti-ets-proofOfSender", - NID_id_smime_cti_ets_proofOfSender,11,&(lvalues[1830]),0}, + NID_id_smime_cti_ets_proofOfSender,11,&(lvalues[1835]),0}, {"id-smime-cti-ets-proofOfApproval", "id-smime-cti-ets-proofOfApproval", - NID_id_smime_cti_ets_proofOfApproval,11,&(lvalues[1841]),0}, + NID_id_smime_cti_ets_proofOfApproval,11,&(lvalues[1846]),0}, {"id-smime-cti-ets-proofOfCreation", "id-smime-cti-ets-proofOfCreation", - NID_id_smime_cti_ets_proofOfCreation,11,&(lvalues[1852]),0}, -{"MD4","md4",NID_md4,8,&(lvalues[1863]),0}, -{"id-pkix-mod","id-pkix-mod",NID_id_pkix_mod,7,&(lvalues[1871]),0}, -{"id-qt","id-qt",NID_id_qt,7,&(lvalues[1878]),0}, -{"id-it","id-it",NID_id_it,7,&(lvalues[1885]),0}, -{"id-pkip","id-pkip",NID_id_pkip,7,&(lvalues[1892]),0}, -{"id-alg","id-alg",NID_id_alg,7,&(lvalues[1899]),0}, -{"id-cmc","id-cmc",NID_id_cmc,7,&(lvalues[1906]),0}, -{"id-on","id-on",NID_id_on,7,&(lvalues[1913]),0}, -{"id-pda","id-pda",NID_id_pda,7,&(lvalues[1920]),0}, -{"id-aca","id-aca",NID_id_aca,7,&(lvalues[1927]),0}, -{"id-qcs","id-qcs",NID_id_qcs,7,&(lvalues[1934]),0}, -{"id-cct","id-cct",NID_id_cct,7,&(lvalues[1941]),0}, + NID_id_smime_cti_ets_proofOfCreation,11,&(lvalues[1857]),0}, +{"MD4","md4",NID_md4,8,&(lvalues[1868]),0}, +{"id-pkix-mod","id-pkix-mod",NID_id_pkix_mod,7,&(lvalues[1876]),0}, +{"id-qt","id-qt",NID_id_qt,7,&(lvalues[1883]),0}, +{"id-it","id-it",NID_id_it,7,&(lvalues[1890]),0}, +{"id-pkip","id-pkip",NID_id_pkip,7,&(lvalues[1897]),0}, +{"id-alg","id-alg",NID_id_alg,7,&(lvalues[1904]),0}, +{"id-cmc","id-cmc",NID_id_cmc,7,&(lvalues[1911]),0}, +{"id-on","id-on",NID_id_on,7,&(lvalues[1918]),0}, +{"id-pda","id-pda",NID_id_pda,7,&(lvalues[1925]),0}, +{"id-aca","id-aca",NID_id_aca,7,&(lvalues[1932]),0}, +{"id-qcs","id-qcs",NID_id_qcs,7,&(lvalues[1939]),0}, +{"id-cct","id-cct",NID_id_cct,7,&(lvalues[1946]),0}, {"id-pkix1-explicit-88","id-pkix1-explicit-88", - NID_id_pkix1_explicit_88,8,&(lvalues[1948]),0}, + NID_id_pkix1_explicit_88,8,&(lvalues[1953]),0}, {"id-pkix1-implicit-88","id-pkix1-implicit-88", - NID_id_pkix1_implicit_88,8,&(lvalues[1956]),0}, + NID_id_pkix1_implicit_88,8,&(lvalues[1961]),0}, {"id-pkix1-explicit-93","id-pkix1-explicit-93", - NID_id_pkix1_explicit_93,8,&(lvalues[1964]),0}, + NID_id_pkix1_explicit_93,8,&(lvalues[1969]),0}, {"id-pkix1-implicit-93","id-pkix1-implicit-93", - NID_id_pkix1_implicit_93,8,&(lvalues[1972]),0}, -{"id-mod-crmf","id-mod-crmf",NID_id_mod_crmf,8,&(lvalues[1980]),0}, -{"id-mod-cmc","id-mod-cmc",NID_id_mod_cmc,8,&(lvalues[1988]),0}, + NID_id_pkix1_implicit_93,8,&(lvalues[1977]),0}, +{"id-mod-crmf","id-mod-crmf",NID_id_mod_crmf,8,&(lvalues[1985]),0}, +{"id-mod-cmc","id-mod-cmc",NID_id_mod_cmc,8,&(lvalues[1993]),0}, {"id-mod-kea-profile-88","id-mod-kea-profile-88", - NID_id_mod_kea_profile_88,8,&(lvalues[1996]),0}, + NID_id_mod_kea_profile_88,8,&(lvalues[2001]),0}, {"id-mod-kea-profile-93","id-mod-kea-profile-93", - NID_id_mod_kea_profile_93,8,&(lvalues[2004]),0}, -{"id-mod-cmp","id-mod-cmp",NID_id_mod_cmp,8,&(lvalues[2012]),0}, + NID_id_mod_kea_profile_93,8,&(lvalues[2009]),0}, +{"id-mod-cmp","id-mod-cmp",NID_id_mod_cmp,8,&(lvalues[2017]),0}, {"id-mod-qualified-cert-88","id-mod-qualified-cert-88", - NID_id_mod_qualified_cert_88,8,&(lvalues[2020]),0}, + NID_id_mod_qualified_cert_88,8,&(lvalues[2025]),0}, {"id-mod-qualified-cert-93","id-mod-qualified-cert-93", - NID_id_mod_qualified_cert_93,8,&(lvalues[2028]),0}, + NID_id_mod_qualified_cert_93,8,&(lvalues[2033]),0}, {"id-mod-attribute-cert","id-mod-attribute-cert", - NID_id_mod_attribute_cert,8,&(lvalues[2036]),0}, + NID_id_mod_attribute_cert,8,&(lvalues[2041]),0}, {"id-mod-timestamp-protocol","id-mod-timestamp-protocol", - NID_id_mod_timestamp_protocol,8,&(lvalues[2044]),0}, -{"id-mod-ocsp","id-mod-ocsp",NID_id_mod_ocsp,8,&(lvalues[2052]),0}, -{"id-mod-dvcs","id-mod-dvcs",NID_id_mod_dvcs,8,&(lvalues[2060]),0}, + NID_id_mod_timestamp_protocol,8,&(lvalues[2049]),0}, +{"id-mod-ocsp","id-mod-ocsp",NID_id_mod_ocsp,8,&(lvalues[2057]),0}, +{"id-mod-dvcs","id-mod-dvcs",NID_id_mod_dvcs,8,&(lvalues[2065]),0}, {"id-mod-cmp2000","id-mod-cmp2000",NID_id_mod_cmp2000,8, - &(lvalues[2068]),0}, -{"biometricInfo","Biometric Info",NID_biometricInfo,8,&(lvalues[2076]),0}, -{"qcStatements","qcStatements",NID_qcStatements,8,&(lvalues[2084]),0}, + &(lvalues[2073]),0}, +{"biometricInfo","Biometric Info",NID_biometricInfo,8,&(lvalues[2081]),0}, +{"qcStatements","qcStatements",NID_qcStatements,8,&(lvalues[2089]),0}, {"ac-auditEntity","ac-auditEntity",NID_ac_auditEntity,8, - &(lvalues[2092]),0}, -{"ac-targeting","ac-targeting",NID_ac_targeting,8,&(lvalues[2100]),0}, -{"aaControls","aaControls",NID_aaControls,8,&(lvalues[2108]),0}, + &(lvalues[2097]),0}, +{"ac-targeting","ac-targeting",NID_ac_targeting,8,&(lvalues[2105]),0}, +{"aaControls","aaControls",NID_aaControls,8,&(lvalues[2113]),0}, {"sbgp-ipAddrBlock","sbgp-ipAddrBlock",NID_sbgp_ipAddrBlock,8, - &(lvalues[2116]),0}, + &(lvalues[2121]),0}, {"sbgp-autonomousSysNum","sbgp-autonomousSysNum", - NID_sbgp_autonomousSysNum,8,&(lvalues[2124]),0}, + NID_sbgp_autonomousSysNum,8,&(lvalues[2129]),0}, {"sbgp-routerIdentifier","sbgp-routerIdentifier", - NID_sbgp_routerIdentifier,8,&(lvalues[2132]),0}, -{"textNotice","textNotice",NID_textNotice,8,&(lvalues[2140]),0}, + NID_sbgp_routerIdentifier,8,&(lvalues[2137]),0}, +{"textNotice","textNotice",NID_textNotice,8,&(lvalues[2145]),0}, {"ipsecEndSystem","IPSec End System",NID_ipsecEndSystem,8, - &(lvalues[2148]),0}, -{"ipsecTunnel","IPSec Tunnel",NID_ipsecTunnel,8,&(lvalues[2156]),0}, -{"ipsecUser","IPSec User",NID_ipsecUser,8,&(lvalues[2164]),0}, -{"DVCS","dvcs",NID_dvcs,8,&(lvalues[2172]),0}, + &(lvalues[2153]),0}, +{"ipsecTunnel","IPSec Tunnel",NID_ipsecTunnel,8,&(lvalues[2161]),0}, +{"ipsecUser","IPSec User",NID_ipsecUser,8,&(lvalues[2169]),0}, +{"DVCS","dvcs",NID_dvcs,8,&(lvalues[2177]),0}, {"id-it-caProtEncCert","id-it-caProtEncCert",NID_id_it_caProtEncCert, - 8,&(lvalues[2180]),0}, + 8,&(lvalues[2185]),0}, {"id-it-signKeyPairTypes","id-it-signKeyPairTypes", - NID_id_it_signKeyPairTypes,8,&(lvalues[2188]),0}, + NID_id_it_signKeyPairTypes,8,&(lvalues[2193]),0}, {"id-it-encKeyPairTypes","id-it-encKeyPairTypes", - NID_id_it_encKeyPairTypes,8,&(lvalues[2196]),0}, + NID_id_it_encKeyPairTypes,8,&(lvalues[2201]),0}, {"id-it-preferredSymmAlg","id-it-preferredSymmAlg", - NID_id_it_preferredSymmAlg,8,&(lvalues[2204]),0}, + NID_id_it_preferredSymmAlg,8,&(lvalues[2209]),0}, {"id-it-caKeyUpdateInfo","id-it-caKeyUpdateInfo", - NID_id_it_caKeyUpdateInfo,8,&(lvalues[2212]),0}, + NID_id_it_caKeyUpdateInfo,8,&(lvalues[2217]),0}, {"id-it-currentCRL","id-it-currentCRL",NID_id_it_currentCRL,8, - &(lvalues[2220]),0}, + &(lvalues[2225]),0}, {"id-it-unsupportedOIDs","id-it-unsupportedOIDs", - NID_id_it_unsupportedOIDs,8,&(lvalues[2228]),0}, + NID_id_it_unsupportedOIDs,8,&(lvalues[2233]),0}, {"id-it-subscriptionRequest","id-it-subscriptionRequest", - NID_id_it_subscriptionRequest,8,&(lvalues[2236]),0}, + NID_id_it_subscriptionRequest,8,&(lvalues[2241]),0}, {"id-it-subscriptionResponse","id-it-subscriptionResponse", - NID_id_it_subscriptionResponse,8,&(lvalues[2244]),0}, + NID_id_it_subscriptionResponse,8,&(lvalues[2249]),0}, {"id-it-keyPairParamReq","id-it-keyPairParamReq", - NID_id_it_keyPairParamReq,8,&(lvalues[2252]),0}, + NID_id_it_keyPairParamReq,8,&(lvalues[2257]),0}, {"id-it-keyPairParamRep","id-it-keyPairParamRep", - NID_id_it_keyPairParamRep,8,&(lvalues[2260]),0}, + NID_id_it_keyPairParamRep,8,&(lvalues[2265]),0}, {"id-it-revPassphrase","id-it-revPassphrase",NID_id_it_revPassphrase, - 8,&(lvalues[2268]),0}, + 8,&(lvalues[2273]),0}, {"id-it-implicitConfirm","id-it-implicitConfirm", - NID_id_it_implicitConfirm,8,&(lvalues[2276]),0}, + NID_id_it_implicitConfirm,8,&(lvalues[2281]),0}, {"id-it-confirmWaitTime","id-it-confirmWaitTime", - NID_id_it_confirmWaitTime,8,&(lvalues[2284]),0}, + NID_id_it_confirmWaitTime,8,&(lvalues[2289]),0}, {"id-it-origPKIMessage","id-it-origPKIMessage", - NID_id_it_origPKIMessage,8,&(lvalues[2292]),0}, -{"id-regCtrl","id-regCtrl",NID_id_regCtrl,8,&(lvalues[2300]),0}, -{"id-regInfo","id-regInfo",NID_id_regInfo,8,&(lvalues[2308]),0}, + NID_id_it_origPKIMessage,8,&(lvalues[2297]),0}, +{"id-regCtrl","id-regCtrl",NID_id_regCtrl,8,&(lvalues[2305]),0}, +{"id-regInfo","id-regInfo",NID_id_regInfo,8,&(lvalues[2313]),0}, {"id-regCtrl-regToken","id-regCtrl-regToken",NID_id_regCtrl_regToken, - 9,&(lvalues[2316]),0}, + 9,&(lvalues[2321]),0}, {"id-regCtrl-authenticator","id-regCtrl-authenticator", - NID_id_regCtrl_authenticator,9,&(lvalues[2325]),0}, + NID_id_regCtrl_authenticator,9,&(lvalues[2330]),0}, {"id-regCtrl-pkiPublicationInfo","id-regCtrl-pkiPublicationInfo", - NID_id_regCtrl_pkiPublicationInfo,9,&(lvalues[2334]),0}, + NID_id_regCtrl_pkiPublicationInfo,9,&(lvalues[2339]),0}, {"id-regCtrl-pkiArchiveOptions","id-regCtrl-pkiArchiveOptions", - NID_id_regCtrl_pkiArchiveOptions,9,&(lvalues[2343]),0}, + NID_id_regCtrl_pkiArchiveOptions,9,&(lvalues[2348]),0}, {"id-regCtrl-oldCertID","id-regCtrl-oldCertID", - NID_id_regCtrl_oldCertID,9,&(lvalues[2352]),0}, + NID_id_regCtrl_oldCertID,9,&(lvalues[2357]),0}, {"id-regCtrl-protocolEncrKey","id-regCtrl-protocolEncrKey", - NID_id_regCtrl_protocolEncrKey,9,&(lvalues[2361]),0}, + NID_id_regCtrl_protocolEncrKey,9,&(lvalues[2366]),0}, {"id-regInfo-utf8Pairs","id-regInfo-utf8Pairs", - NID_id_regInfo_utf8Pairs,9,&(lvalues[2370]),0}, + NID_id_regInfo_utf8Pairs,9,&(lvalues[2375]),0}, {"id-regInfo-certReq","id-regInfo-certReq",NID_id_regInfo_certReq,9, - &(lvalues[2379]),0}, -{"id-alg-des40","id-alg-des40",NID_id_alg_des40,8,&(lvalues[2388]),0}, + &(lvalues[2384]),0}, +{"id-alg-des40","id-alg-des40",NID_id_alg_des40,8,&(lvalues[2393]),0}, {"id-alg-noSignature","id-alg-noSignature",NID_id_alg_noSignature,8, - &(lvalues[2396]),0}, + &(lvalues[2401]),0}, {"id-alg-dh-sig-hmac-sha1","id-alg-dh-sig-hmac-sha1", - NID_id_alg_dh_sig_hmac_sha1,8,&(lvalues[2404]),0}, -{"id-alg-dh-pop","id-alg-dh-pop",NID_id_alg_dh_pop,8,&(lvalues[2412]),0}, + NID_id_alg_dh_sig_hmac_sha1,8,&(lvalues[2409]),0}, +{"id-alg-dh-pop","id-alg-dh-pop",NID_id_alg_dh_pop,8,&(lvalues[2417]),0}, {"id-cmc-statusInfo","id-cmc-statusInfo",NID_id_cmc_statusInfo,8, - &(lvalues[2420]),0}, + &(lvalues[2425]),0}, {"id-cmc-identification","id-cmc-identification", - NID_id_cmc_identification,8,&(lvalues[2428]),0}, + NID_id_cmc_identification,8,&(lvalues[2433]),0}, {"id-cmc-identityProof","id-cmc-identityProof", - NID_id_cmc_identityProof,8,&(lvalues[2436]),0}, + NID_id_cmc_identityProof,8,&(lvalues[2441]),0}, {"id-cmc-dataReturn","id-cmc-dataReturn",NID_id_cmc_dataReturn,8, - &(lvalues[2444]),0}, + &(lvalues[2449]),0}, {"id-cmc-transactionId","id-cmc-transactionId", - NID_id_cmc_transactionId,8,&(lvalues[2452]),0}, + NID_id_cmc_transactionId,8,&(lvalues[2457]),0}, {"id-cmc-senderNonce","id-cmc-senderNonce",NID_id_cmc_senderNonce,8, - &(lvalues[2460]),0}, + &(lvalues[2465]),0}, {"id-cmc-recipientNonce","id-cmc-recipientNonce", - NID_id_cmc_recipientNonce,8,&(lvalues[2468]),0}, + NID_id_cmc_recipientNonce,8,&(lvalues[2473]),0}, {"id-cmc-addExtensions","id-cmc-addExtensions", - NID_id_cmc_addExtensions,8,&(lvalues[2476]),0}, + NID_id_cmc_addExtensions,8,&(lvalues[2481]),0}, {"id-cmc-encryptedPOP","id-cmc-encryptedPOP",NID_id_cmc_encryptedPOP, - 8,&(lvalues[2484]),0}, + 8,&(lvalues[2489]),0}, {"id-cmc-decryptedPOP","id-cmc-decryptedPOP",NID_id_cmc_decryptedPOP, - 8,&(lvalues[2492]),0}, + 8,&(lvalues[2497]),0}, {"id-cmc-lraPOPWitness","id-cmc-lraPOPWitness", - NID_id_cmc_lraPOPWitness,8,&(lvalues[2500]),0}, + NID_id_cmc_lraPOPWitness,8,&(lvalues[2505]),0}, {"id-cmc-getCert","id-cmc-getCert",NID_id_cmc_getCert,8, - &(lvalues[2508]),0}, -{"id-cmc-getCRL","id-cmc-getCRL",NID_id_cmc_getCRL,8,&(lvalues[2516]),0}, + &(lvalues[2513]),0}, +{"id-cmc-getCRL","id-cmc-getCRL",NID_id_cmc_getCRL,8,&(lvalues[2521]),0}, {"id-cmc-revokeRequest","id-cmc-revokeRequest", - NID_id_cmc_revokeRequest,8,&(lvalues[2524]),0}, + NID_id_cmc_revokeRequest,8,&(lvalues[2529]),0}, {"id-cmc-regInfo","id-cmc-regInfo",NID_id_cmc_regInfo,8, - &(lvalues[2532]),0}, + &(lvalues[2537]),0}, {"id-cmc-responseInfo","id-cmc-responseInfo",NID_id_cmc_responseInfo, - 8,&(lvalues[2540]),0}, + 8,&(lvalues[2545]),0}, {"id-cmc-queryPending","id-cmc-queryPending",NID_id_cmc_queryPending, - 8,&(lvalues[2548]),0}, + 8,&(lvalues[2553]),0}, {"id-cmc-popLinkRandom","id-cmc-popLinkRandom", - NID_id_cmc_popLinkRandom,8,&(lvalues[2556]),0}, + NID_id_cmc_popLinkRandom,8,&(lvalues[2561]),0}, {"id-cmc-popLinkWitness","id-cmc-popLinkWitness", - NID_id_cmc_popLinkWitness,8,&(lvalues[2564]),0}, + NID_id_cmc_popLinkWitness,8,&(lvalues[2569]),0}, {"id-cmc-confirmCertAcceptance","id-cmc-confirmCertAcceptance", - NID_id_cmc_confirmCertAcceptance,8,&(lvalues[2572]),0}, + NID_id_cmc_confirmCertAcceptance,8,&(lvalues[2577]),0}, {"id-on-personalData","id-on-personalData",NID_id_on_personalData,8, - &(lvalues[2580]),0}, + &(lvalues[2585]),0}, {"id-pda-dateOfBirth","id-pda-dateOfBirth",NID_id_pda_dateOfBirth,8, - &(lvalues[2588]),0}, + &(lvalues[2593]),0}, {"id-pda-placeOfBirth","id-pda-placeOfBirth",NID_id_pda_placeOfBirth, - 8,&(lvalues[2596]),0}, -{NULL,NULL,NID_undef,0,NULL}, -{"id-pda-gender","id-pda-gender",NID_id_pda_gender,8,&(lvalues[2604]),0}, + 8,&(lvalues[2601]),0}, +{NULL,NULL,NID_undef,0,NULL,0}, +{"id-pda-gender","id-pda-gender",NID_id_pda_gender,8,&(lvalues[2609]),0}, {"id-pda-countryOfCitizenship","id-pda-countryOfCitizenship", - NID_id_pda_countryOfCitizenship,8,&(lvalues[2612]),0}, + NID_id_pda_countryOfCitizenship,8,&(lvalues[2617]),0}, {"id-pda-countryOfResidence","id-pda-countryOfResidence", - NID_id_pda_countryOfResidence,8,&(lvalues[2620]),0}, + NID_id_pda_countryOfResidence,8,&(lvalues[2625]),0}, {"id-aca-authenticationInfo","id-aca-authenticationInfo", - NID_id_aca_authenticationInfo,8,&(lvalues[2628]),0}, + NID_id_aca_authenticationInfo,8,&(lvalues[2633]),0}, {"id-aca-accessIdentity","id-aca-accessIdentity", - NID_id_aca_accessIdentity,8,&(lvalues[2636]),0}, + NID_id_aca_accessIdentity,8,&(lvalues[2641]),0}, {"id-aca-chargingIdentity","id-aca-chargingIdentity", - NID_id_aca_chargingIdentity,8,&(lvalues[2644]),0}, -{"id-aca-group","id-aca-group",NID_id_aca_group,8,&(lvalues[2652]),0}, -{"id-aca-role","id-aca-role",NID_id_aca_role,8,&(lvalues[2660]),0}, + NID_id_aca_chargingIdentity,8,&(lvalues[2649]),0}, +{"id-aca-group","id-aca-group",NID_id_aca_group,8,&(lvalues[2657]),0}, +{"id-aca-role","id-aca-role",NID_id_aca_role,8,&(lvalues[2665]),0}, {"id-qcs-pkixQCSyntax-v1","id-qcs-pkixQCSyntax-v1", - NID_id_qcs_pkixQCSyntax_v1,8,&(lvalues[2668]),0}, -{"id-cct-crs","id-cct-crs",NID_id_cct_crs,8,&(lvalues[2676]),0}, + NID_id_qcs_pkixQCSyntax_v1,8,&(lvalues[2673]),0}, +{"id-cct-crs","id-cct-crs",NID_id_cct_crs,8,&(lvalues[2681]),0}, {"id-cct-PKIData","id-cct-PKIData",NID_id_cct_PKIData,8, - &(lvalues[2684]),0}, + &(lvalues[2689]),0}, {"id-cct-PKIResponse","id-cct-PKIResponse",NID_id_cct_PKIResponse,8, - &(lvalues[2692]),0}, + &(lvalues[2697]),0}, {"ad_timestamping","AD Time Stamping",NID_ad_timeStamping,8, - &(lvalues[2700]),0}, -{"AD_DVCS","ad dvcs",NID_ad_dvcs,8,&(lvalues[2708]),0}, + &(lvalues[2705]),0}, +{"AD_DVCS","ad dvcs",NID_ad_dvcs,8,&(lvalues[2713]),0}, {"basicOCSPResponse","Basic OCSP Response",NID_id_pkix_OCSP_basic,9, - &(lvalues[2716]),0}, -{"Nonce","OCSP Nonce",NID_id_pkix_OCSP_Nonce,9,&(lvalues[2725]),0}, -{"CrlID","OCSP CRL ID",NID_id_pkix_OCSP_CrlID,9,&(lvalues[2734]),0}, + &(lvalues[2721]),0}, +{"Nonce","OCSP Nonce",NID_id_pkix_OCSP_Nonce,9,&(lvalues[2730]),0}, +{"CrlID","OCSP CRL ID",NID_id_pkix_OCSP_CrlID,9,&(lvalues[2739]),0}, {"acceptableResponses","Acceptable OCSP Responses", - NID_id_pkix_OCSP_acceptableResponses,9,&(lvalues[2743]),0}, -{"noCheck","OCSP No Check",NID_id_pkix_OCSP_noCheck,9,&(lvalues[2752]),0}, + NID_id_pkix_OCSP_acceptableResponses,9,&(lvalues[2748]),0}, +{"noCheck","OCSP No Check",NID_id_pkix_OCSP_noCheck,9,&(lvalues[2757]),0}, {"archiveCutoff","OCSP Archive Cutoff",NID_id_pkix_OCSP_archiveCutoff, - 9,&(lvalues[2761]),0}, + 9,&(lvalues[2766]),0}, {"serviceLocator","OCSP Service Locator", - NID_id_pkix_OCSP_serviceLocator,9,&(lvalues[2770]),0}, + NID_id_pkix_OCSP_serviceLocator,9,&(lvalues[2775]),0}, {"extendedStatus","Extended OCSP Status", - NID_id_pkix_OCSP_extendedStatus,9,&(lvalues[2779]),0}, -{"valid","valid",NID_id_pkix_OCSP_valid,9,&(lvalues[2788]),0}, -{"path","path",NID_id_pkix_OCSP_path,9,&(lvalues[2797]),0}, + NID_id_pkix_OCSP_extendedStatus,9,&(lvalues[2784]),0}, +{"valid","valid",NID_id_pkix_OCSP_valid,9,&(lvalues[2793]),0}, +{"path","path",NID_id_pkix_OCSP_path,9,&(lvalues[2802]),0}, {"trustRoot","Trust Root",NID_id_pkix_OCSP_trustRoot,9, - &(lvalues[2806]),0}, -{"algorithm","algorithm",NID_algorithm,4,&(lvalues[2815]),0}, -{"rsaSignature","rsaSignature",NID_rsaSignature,5,&(lvalues[2819]),0}, + &(lvalues[2811]),0}, +{"algorithm","algorithm",NID_algorithm,4,&(lvalues[2820]),0}, +{"rsaSignature","rsaSignature",NID_rsaSignature,5,&(lvalues[2824]),0}, {"X500algorithms","directory services - algorithms", - NID_X500algorithms,2,&(lvalues[2824]),0}, -{"ORG","org",NID_org,1,&(lvalues[2826]),0}, -{"DOD","dod",NID_dod,2,&(lvalues[2827]),0}, -{"IANA","iana",NID_iana,3,&(lvalues[2829]),0}, -{"directory","Directory",NID_Directory,4,&(lvalues[2832]),0}, -{"mgmt","Management",NID_Management,4,&(lvalues[2836]),0}, -{"experimental","Experimental",NID_Experimental,4,&(lvalues[2840]),0}, -{"private","Private",NID_Private,4,&(lvalues[2844]),0}, -{"security","Security",NID_Security,4,&(lvalues[2848]),0}, -{"snmpv2","SNMPv2",NID_SNMPv2,4,&(lvalues[2852]),0}, -{"Mail","Mail",NID_Mail,4,&(lvalues[2856]),0}, -{"enterprises","Enterprises",NID_Enterprises,5,&(lvalues[2860]),0}, -{"dcobject","dcObject",NID_dcObject,9,&(lvalues[2865]),0}, -{"DC","domainComponent",NID_domainComponent,10,&(lvalues[2874]),0}, -{"domain","Domain",NID_Domain,10,&(lvalues[2884]),0}, -{"JOINT-ISO-CCITT","joint-iso-ccitt",NID_joint_iso_ccitt,1, - &(lvalues[2894]),0}, + NID_X500algorithms,2,&(lvalues[2829]),0}, +{"ORG","org",NID_org,1,&(lvalues[2831]),0}, +{"DOD","dod",NID_dod,2,&(lvalues[2832]),0}, +{"IANA","iana",NID_iana,3,&(lvalues[2834]),0}, +{"directory","Directory",NID_Directory,4,&(lvalues[2837]),0}, +{"mgmt","Management",NID_Management,4,&(lvalues[2841]),0}, +{"experimental","Experimental",NID_Experimental,4,&(lvalues[2845]),0}, +{"private","Private",NID_Private,4,&(lvalues[2849]),0}, +{"security","Security",NID_Security,4,&(lvalues[2853]),0}, +{"snmpv2","SNMPv2",NID_SNMPv2,4,&(lvalues[2857]),0}, +{"Mail","Mail",NID_Mail,4,&(lvalues[2861]),0}, +{"enterprises","Enterprises",NID_Enterprises,5,&(lvalues[2865]),0}, +{"dcobject","dcObject",NID_dcObject,9,&(lvalues[2870]),0}, +{"DC","domainComponent",NID_domainComponent,10,&(lvalues[2879]),0}, +{"domain","Domain",NID_Domain,10,&(lvalues[2889]),0}, +{"NULL","NULL",NID_joint_iso_ccitt,1,&(lvalues[2899]),0}, {"selected-attribute-types","Selected Attribute Types", - NID_selected_attribute_types,3,&(lvalues[2895]),0}, -{"clearance","clearance",NID_clearance,4,&(lvalues[2898]),0}, + NID_selected_attribute_types,3,&(lvalues[2900]),0}, +{"clearance","clearance",NID_clearance,4,&(lvalues[2903]),0}, {"RSA-MD4","md4WithRSAEncryption",NID_md4WithRSAEncryption,9, - &(lvalues[2902]),0}, -{"ac-proxying","ac-proxying",NID_ac_proxying,8,&(lvalues[2911]),0}, + &(lvalues[2907]),0}, +{"ac-proxying","ac-proxying",NID_ac_proxying,8,&(lvalues[2916]),0}, {"subjectInfoAccess","Subject Information Access",NID_sinfo_access,8, - &(lvalues[2919]),0}, + &(lvalues[2924]),0}, {"id-aca-encAttrs","id-aca-encAttrs",NID_id_aca_encAttrs,8, - &(lvalues[2927]),0}, -{"role","role",NID_role,3,&(lvalues[2935]),0}, + &(lvalues[2932]),0}, +{"role","role",NID_role,3,&(lvalues[2940]),0}, {"policyConstraints","X509v3 Policy Constraints", - NID_policy_constraints,3,&(lvalues[2938]),0}, + NID_policy_constraints,3,&(lvalues[2943]),0}, {"targetInformation","X509v3 AC Targeting",NID_target_information,3, - &(lvalues[2941]),0}, + &(lvalues[2946]),0}, {"noRevAvail","X509v3 No Revocation Available",NID_no_rev_avail,3, - &(lvalues[2944]),0}, -{"CCITT","ccitt",NID_ccitt,1,&(lvalues[2947]),0}, -{"ansi-X9-62","ANSI X9.62",NID_ansi_X9_62,5,&(lvalues[2948]),0}, -{"prime-field","prime-field",NID_X9_62_prime_field,7,&(lvalues[2953]),0}, + &(lvalues[2949]),0}, +{"NULL","NULL",NID_ccitt,1,&(lvalues[2952]),0}, +{"ansi-X9-62","ANSI X9.62",NID_ansi_X9_62,5,&(lvalues[2953]),0}, +{"prime-field","prime-field",NID_X9_62_prime_field,7,&(lvalues[2958]),0}, {"characteristic-two-field","characteristic-two-field", - NID_X9_62_characteristic_two_field,7,&(lvalues[2960]),0}, + NID_X9_62_characteristic_two_field,7,&(lvalues[2965]),0}, {"id-ecPublicKey","id-ecPublicKey",NID_X9_62_id_ecPublicKey,7, - &(lvalues[2967]),0}, -{"prime192v1","prime192v1",NID_X9_62_prime192v1,8,&(lvalues[2974]),0}, -{"prime192v2","prime192v2",NID_X9_62_prime192v2,8,&(lvalues[2982]),0}, -{"prime192v3","prime192v3",NID_X9_62_prime192v3,8,&(lvalues[2990]),0}, -{"prime239v1","prime239v1",NID_X9_62_prime239v1,8,&(lvalues[2998]),0}, -{"prime239v2","prime239v2",NID_X9_62_prime239v2,8,&(lvalues[3006]),0}, -{"prime239v3","prime239v3",NID_X9_62_prime239v3,8,&(lvalues[3014]),0}, -{"prime256v1","prime256v1",NID_X9_62_prime256v1,8,&(lvalues[3022]),0}, + &(lvalues[2972]),0}, +{"prime192v1","prime192v1",NID_X9_62_prime192v1,8,&(lvalues[2979]),0}, +{"prime192v2","prime192v2",NID_X9_62_prime192v2,8,&(lvalues[2987]),0}, +{"prime192v3","prime192v3",NID_X9_62_prime192v3,8,&(lvalues[2995]),0}, +{"prime239v1","prime239v1",NID_X9_62_prime239v1,8,&(lvalues[3003]),0}, +{"prime239v2","prime239v2",NID_X9_62_prime239v2,8,&(lvalues[3011]),0}, +{"prime239v3","prime239v3",NID_X9_62_prime239v3,8,&(lvalues[3019]),0}, +{"prime256v1","prime256v1",NID_X9_62_prime256v1,8,&(lvalues[3027]),0}, {"ecdsa-with-SHA1","ecdsa-with-SHA1",NID_ecdsa_with_SHA1,7, - &(lvalues[3030]),0}, -{"CSPName","Microsoft CSP Name",NID_ms_csp_name,9,&(lvalues[3037]),0}, -{"AES-128-ECB","aes-128-ecb",NID_aes_128_ecb,9,&(lvalues[3046]),0}, -{"AES-128-CBC","aes-128-cbc",NID_aes_128_cbc,9,&(lvalues[3055]),0}, -{"AES-128-OFB","aes-128-ofb",NID_aes_128_ofb128,9,&(lvalues[3064]),0}, -{"AES-128-CFB","aes-128-cfb",NID_aes_128_cfb128,9,&(lvalues[3073]),0}, -{"AES-192-ECB","aes-192-ecb",NID_aes_192_ecb,9,&(lvalues[3082]),0}, -{"AES-192-CBC","aes-192-cbc",NID_aes_192_cbc,9,&(lvalues[3091]),0}, -{"AES-192-OFB","aes-192-ofb",NID_aes_192_ofb128,9,&(lvalues[3100]),0}, -{"AES-192-CFB","aes-192-cfb",NID_aes_192_cfb128,9,&(lvalues[3109]),0}, -{"AES-256-ECB","aes-256-ecb",NID_aes_256_ecb,9,&(lvalues[3118]),0}, -{"AES-256-CBC","aes-256-cbc",NID_aes_256_cbc,9,&(lvalues[3127]),0}, -{"AES-256-OFB","aes-256-ofb",NID_aes_256_ofb128,9,&(lvalues[3136]),0}, -{"AES-256-CFB","aes-256-cfb",NID_aes_256_cfb128,9,&(lvalues[3145]),0}, + &(lvalues[3035]),0}, +{"CSPName","Microsoft CSP Name",NID_ms_csp_name,9,&(lvalues[3042]),0}, +{"AES-128-ECB","aes-128-ecb",NID_aes_128_ecb,9,&(lvalues[3051]),0}, +{"AES-128-CBC","aes-128-cbc",NID_aes_128_cbc,9,&(lvalues[3060]),0}, +{"AES-128-OFB","aes-128-ofb",NID_aes_128_ofb128,9,&(lvalues[3069]),0}, +{"AES-128-CFB","aes-128-cfb",NID_aes_128_cfb128,9,&(lvalues[3078]),0}, +{"AES-192-ECB","aes-192-ecb",NID_aes_192_ecb,9,&(lvalues[3087]),0}, +{"AES-192-CBC","aes-192-cbc",NID_aes_192_cbc,9,&(lvalues[3096]),0}, +{"AES-192-OFB","aes-192-ofb",NID_aes_192_ofb128,9,&(lvalues[3105]),0}, +{"AES-192-CFB","aes-192-cfb",NID_aes_192_cfb128,9,&(lvalues[3114]),0}, +{"AES-256-ECB","aes-256-ecb",NID_aes_256_ecb,9,&(lvalues[3123]),0}, +{"AES-256-CBC","aes-256-cbc",NID_aes_256_cbc,9,&(lvalues[3132]),0}, +{"AES-256-OFB","aes-256-ofb",NID_aes_256_ofb128,9,&(lvalues[3141]),0}, +{"AES-256-CFB","aes-256-cfb",NID_aes_256_cfb128,9,&(lvalues[3150]),0}, {"holdInstructionCode","Hold Instruction Code", - NID_hold_instruction_code,3,&(lvalues[3154]),0}, + NID_hold_instruction_code,3,&(lvalues[3159]),0}, {"holdInstructionNone","Hold Instruction None", - NID_hold_instruction_none,7,&(lvalues[3157]),0}, + NID_hold_instruction_none,7,&(lvalues[3162]),0}, {"holdInstructionCallIssuer","Hold Instruction Call Issuer", - NID_hold_instruction_call_issuer,7,&(lvalues[3164]),0}, + NID_hold_instruction_call_issuer,7,&(lvalues[3169]),0}, {"holdInstructionReject","Hold Instruction Reject", - NID_hold_instruction_reject,7,&(lvalues[3171]),0}, -{"data","data",NID_data,1,&(lvalues[3178]),0}, -{"pss","pss",NID_pss,3,&(lvalues[3179]),0}, -{"ucl","ucl",NID_ucl,7,&(lvalues[3182]),0}, -{"pilot","pilot",NID_pilot,8,&(lvalues[3189]),0}, + NID_hold_instruction_reject,7,&(lvalues[3176]),0}, +{"data","data",NID_data,1,&(lvalues[3183]),0}, +{"pss","pss",NID_pss,3,&(lvalues[3184]),0}, +{"ucl","ucl",NID_ucl,7,&(lvalues[3187]),0}, +{"pilot","pilot",NID_pilot,8,&(lvalues[3194]),0}, {"pilotAttributeType","pilotAttributeType",NID_pilotAttributeType,9, - &(lvalues[3197]),0}, + &(lvalues[3202]),0}, {"pilotAttributeSyntax","pilotAttributeSyntax", - NID_pilotAttributeSyntax,9,&(lvalues[3206]),0}, + NID_pilotAttributeSyntax,9,&(lvalues[3211]),0}, {"pilotObjectClass","pilotObjectClass",NID_pilotObjectClass,9, - &(lvalues[3215]),0}, -{"pilotGroups","pilotGroups",NID_pilotGroups,9,&(lvalues[3224]),0}, + &(lvalues[3220]),0}, +{"pilotGroups","pilotGroups",NID_pilotGroups,9,&(lvalues[3229]),0}, {"iA5StringSyntax","iA5StringSyntax",NID_iA5StringSyntax,10, - &(lvalues[3233]),0}, + &(lvalues[3238]),0}, {"caseIgnoreIA5StringSyntax","caseIgnoreIA5StringSyntax", - NID_caseIgnoreIA5StringSyntax,10,&(lvalues[3243]),0}, -{"pilotObject","pilotObject",NID_pilotObject,10,&(lvalues[3253]),0}, -{"pilotPerson","pilotPerson",NID_pilotPerson,10,&(lvalues[3263]),0}, -{"account","account",NID_account,10,&(lvalues[3273]),0}, -{"document","document",NID_document,10,&(lvalues[3283]),0}, -{"room","room",NID_room,10,&(lvalues[3293]),0}, + NID_caseIgnoreIA5StringSyntax,10,&(lvalues[3248]),0}, +{"pilotObject","pilotObject",NID_pilotObject,10,&(lvalues[3258]),0}, +{"pilotPerson","pilotPerson",NID_pilotPerson,10,&(lvalues[3268]),0}, +{"account","account",NID_account,10,&(lvalues[3278]),0}, +{"document","document",NID_document,10,&(lvalues[3288]),0}, +{"room","room",NID_room,10,&(lvalues[3298]),0}, {"documentSeries","documentSeries",NID_documentSeries,10, - &(lvalues[3303]),0}, + &(lvalues[3308]),0}, {"rFC822localPart","rFC822localPart",NID_rFC822localPart,10, - &(lvalues[3313]),0}, -{"dNSDomain","dNSDomain",NID_dNSDomain,10,&(lvalues[3323]),0}, + &(lvalues[3318]),0}, +{"dNSDomain","dNSDomain",NID_dNSDomain,10,&(lvalues[3328]),0}, {"domainRelatedObject","domainRelatedObject",NID_domainRelatedObject, - 10,&(lvalues[3333]),0}, + 10,&(lvalues[3338]),0}, {"friendlyCountry","friendlyCountry",NID_friendlyCountry,10, - &(lvalues[3343]),0}, + &(lvalues[3348]),0}, {"simpleSecurityObject","simpleSecurityObject", - NID_simpleSecurityObject,10,&(lvalues[3353]),0}, + NID_simpleSecurityObject,10,&(lvalues[3358]),0}, {"pilotOrganization","pilotOrganization",NID_pilotOrganization,10, - &(lvalues[3363]),0}, -{"pilotDSA","pilotDSA",NID_pilotDSA,10,&(lvalues[3373]),0}, + &(lvalues[3368]),0}, +{"pilotDSA","pilotDSA",NID_pilotDSA,10,&(lvalues[3378]),0}, {"qualityLabelledData","qualityLabelledData",NID_qualityLabelledData, - 10,&(lvalues[3383]),0}, -{"UID","userId",NID_userId,10,&(lvalues[3393]),0}, + 10,&(lvalues[3388]),0}, +{"UID","userId",NID_userId,10,&(lvalues[3398]),0}, {"textEncodedORAddress","textEncodedORAddress", - NID_textEncodedORAddress,10,&(lvalues[3403]),0}, -{"mail","rfc822Mailbox",NID_rfc822Mailbox,10,&(lvalues[3413]),0}, -{"info","info",NID_info,10,&(lvalues[3423]),0}, + NID_textEncodedORAddress,10,&(lvalues[3408]),0}, +{"mail","rfc822Mailbox",NID_rfc822Mailbox,10,&(lvalues[3418]),0}, +{"info","info",NID_info,10,&(lvalues[3428]),0}, {"favouriteDrink","favouriteDrink",NID_favouriteDrink,10, - &(lvalues[3433]),0}, -{"roomNumber","roomNumber",NID_roomNumber,10,&(lvalues[3443]),0}, -{"photo","photo",NID_photo,10,&(lvalues[3453]),0}, -{"userClass","userClass",NID_userClass,10,&(lvalues[3463]),0}, -{"host","host",NID_host,10,&(lvalues[3473]),0}, -{"manager","manager",NID_manager,10,&(lvalues[3483]),0}, + &(lvalues[3438]),0}, +{"roomNumber","roomNumber",NID_roomNumber,10,&(lvalues[3448]),0}, +{"photo","photo",NID_photo,10,&(lvalues[3458]),0}, +{"userClass","userClass",NID_userClass,10,&(lvalues[3468]),0}, +{"host","host",NID_host,10,&(lvalues[3478]),0}, +{"manager","manager",NID_manager,10,&(lvalues[3488]),0}, {"documentIdentifier","documentIdentifier",NID_documentIdentifier,10, - &(lvalues[3493]),0}, -{"documentTitle","documentTitle",NID_documentTitle,10,&(lvalues[3503]),0}, + &(lvalues[3498]),0}, +{"documentTitle","documentTitle",NID_documentTitle,10,&(lvalues[3508]),0}, {"documentVersion","documentVersion",NID_documentVersion,10, - &(lvalues[3513]),0}, + &(lvalues[3518]),0}, {"documentAuthor","documentAuthor",NID_documentAuthor,10, - &(lvalues[3523]),0}, + &(lvalues[3528]),0}, {"documentLocation","documentLocation",NID_documentLocation,10, - &(lvalues[3533]),0}, + &(lvalues[3538]),0}, {"homeTelephoneNumber","homeTelephoneNumber",NID_homeTelephoneNumber, - 10,&(lvalues[3543]),0}, -{"secretary","secretary",NID_secretary,10,&(lvalues[3553]),0}, -{"otherMailbox","otherMailbox",NID_otherMailbox,10,&(lvalues[3563]),0}, + 10,&(lvalues[3548]),0}, +{"secretary","secretary",NID_secretary,10,&(lvalues[3558]),0}, +{"otherMailbox","otherMailbox",NID_otherMailbox,10,&(lvalues[3568]),0}, {"lastModifiedTime","lastModifiedTime",NID_lastModifiedTime,10, - &(lvalues[3573]),0}, + &(lvalues[3578]),0}, {"lastModifiedBy","lastModifiedBy",NID_lastModifiedBy,10, - &(lvalues[3583]),0}, -{"aRecord","aRecord",NID_aRecord,10,&(lvalues[3593]),0}, + &(lvalues[3588]),0}, +{"aRecord","aRecord",NID_aRecord,10,&(lvalues[3598]),0}, {"pilotAttributeType27","pilotAttributeType27", - NID_pilotAttributeType27,10,&(lvalues[3603]),0}, -{"mXRecord","mXRecord",NID_mXRecord,10,&(lvalues[3613]),0}, -{"nSRecord","nSRecord",NID_nSRecord,10,&(lvalues[3623]),0}, -{"sOARecord","sOARecord",NID_sOARecord,10,&(lvalues[3633]),0}, -{"cNAMERecord","cNAMERecord",NID_cNAMERecord,10,&(lvalues[3643]),0}, + NID_pilotAttributeType27,10,&(lvalues[3608]),0}, +{"mXRecord","mXRecord",NID_mXRecord,10,&(lvalues[3618]),0}, +{"nSRecord","nSRecord",NID_nSRecord,10,&(lvalues[3628]),0}, +{"sOARecord","sOARecord",NID_sOARecord,10,&(lvalues[3638]),0}, +{"cNAMERecord","cNAMERecord",NID_cNAMERecord,10,&(lvalues[3648]),0}, {"associatedDomain","associatedDomain",NID_associatedDomain,10, - &(lvalues[3653]),0}, + &(lvalues[3658]),0}, {"associatedName","associatedName",NID_associatedName,10, - &(lvalues[3663]),0}, + &(lvalues[3668]),0}, {"homePostalAddress","homePostalAddress",NID_homePostalAddress,10, - &(lvalues[3673]),0}, -{"personalTitle","personalTitle",NID_personalTitle,10,&(lvalues[3683]),0}, + &(lvalues[3678]),0}, +{"personalTitle","personalTitle",NID_personalTitle,10,&(lvalues[3688]),0}, {"mobileTelephoneNumber","mobileTelephoneNumber", - NID_mobileTelephoneNumber,10,&(lvalues[3693]),0}, + NID_mobileTelephoneNumber,10,&(lvalues[3698]),0}, {"pagerTelephoneNumber","pagerTelephoneNumber", - NID_pagerTelephoneNumber,10,&(lvalues[3703]),0}, + NID_pagerTelephoneNumber,10,&(lvalues[3708]),0}, {"friendlyCountryName","friendlyCountryName",NID_friendlyCountryName, - 10,&(lvalues[3713]),0}, + 10,&(lvalues[3718]),0}, {"organizationalStatus","organizationalStatus", - NID_organizationalStatus,10,&(lvalues[3723]),0}, -{"janetMailbox","janetMailbox",NID_janetMailbox,10,&(lvalues[3733]),0}, + NID_organizationalStatus,10,&(lvalues[3728]),0}, +{"janetMailbox","janetMailbox",NID_janetMailbox,10,&(lvalues[3738]),0}, {"mailPreferenceOption","mailPreferenceOption", - NID_mailPreferenceOption,10,&(lvalues[3743]),0}, -{"buildingName","buildingName",NID_buildingName,10,&(lvalues[3753]),0}, -{"dSAQuality","dSAQuality",NID_dSAQuality,10,&(lvalues[3763]),0}, + NID_mailPreferenceOption,10,&(lvalues[3748]),0}, +{"buildingName","buildingName",NID_buildingName,10,&(lvalues[3758]),0}, +{"dSAQuality","dSAQuality",NID_dSAQuality,10,&(lvalues[3768]),0}, {"singleLevelQuality","singleLevelQuality",NID_singleLevelQuality,10, - &(lvalues[3773]),0}, + &(lvalues[3778]),0}, {"subtreeMinimumQuality","subtreeMinimumQuality", - NID_subtreeMinimumQuality,10,&(lvalues[3783]),0}, + NID_subtreeMinimumQuality,10,&(lvalues[3788]),0}, {"subtreeMaximumQuality","subtreeMaximumQuality", - NID_subtreeMaximumQuality,10,&(lvalues[3793]),0}, + NID_subtreeMaximumQuality,10,&(lvalues[3798]),0}, {"personalSignature","personalSignature",NID_personalSignature,10, - &(lvalues[3803]),0}, -{"dITRedirect","dITRedirect",NID_dITRedirect,10,&(lvalues[3813]),0}, -{"audio","audio",NID_audio,10,&(lvalues[3823]),0}, + &(lvalues[3808]),0}, +{"dITRedirect","dITRedirect",NID_dITRedirect,10,&(lvalues[3818]),0}, +{"audio","audio",NID_audio,10,&(lvalues[3828]),0}, {"documentPublisher","documentPublisher",NID_documentPublisher,10, - &(lvalues[3833]),0}, + &(lvalues[3838]),0}, {"x500UniqueIdentifier","x500UniqueIdentifier", - NID_x500UniqueIdentifier,3,&(lvalues[3843]),0}, -{"mime-mhs","MIME MHS",NID_mime_mhs,5,&(lvalues[3846]),0}, + NID_x500UniqueIdentifier,3,&(lvalues[3848]),0}, +{"mime-mhs","MIME MHS",NID_mime_mhs,5,&(lvalues[3851]),0}, {"mime-mhs-headings","mime-mhs-headings",NID_mime_mhs_headings,6, - &(lvalues[3851]),0}, + &(lvalues[3856]),0}, {"mime-mhs-bodies","mime-mhs-bodies",NID_mime_mhs_bodies,6, - &(lvalues[3857]),0}, + &(lvalues[3862]),0}, {"id-hex-partial-message","id-hex-partial-message", - NID_id_hex_partial_message,7,&(lvalues[3863]),0}, + NID_id_hex_partial_message,7,&(lvalues[3868]),0}, {"id-hex-multipart-message","id-hex-multipart-message", - NID_id_hex_multipart_message,7,&(lvalues[3870]),0}, + NID_id_hex_multipart_message,7,&(lvalues[3875]),0}, {"generationQualifier","generationQualifier",NID_generationQualifier, - 3,&(lvalues[3877]),0}, -{"pseudonym","pseudonym",NID_pseudonym,3,&(lvalues[3880]),0}, -{NULL,NULL,NID_undef,0,NULL}, + 3,&(lvalues[3882]),0}, +{"pseudonym","pseudonym",NID_pseudonym,3,&(lvalues[3885]),0}, +{NULL,NULL,NID_undef,0,NULL,0}, {"id-set","Secure Electronic Transactions",NID_id_set,2, - &(lvalues[3883]),0}, -{"set-ctype","content types",NID_set_ctype,3,&(lvalues[3885]),0}, -{"set-msgExt","message extensions",NID_set_msgExt,3,&(lvalues[3888]),0}, -{"set-attr","set-attr",NID_set_attr,3,&(lvalues[3891]),0}, -{"set-policy","set-policy",NID_set_policy,3,&(lvalues[3894]),0}, + &(lvalues[3888]),0}, +{"set-ctype","content types",NID_set_ctype,3,&(lvalues[3890]),0}, +{"set-msgExt","message extensions",NID_set_msgExt,3,&(lvalues[3893]),0}, +{"set-attr","set-attr",NID_set_attr,3,&(lvalues[3896]),0}, +{"set-policy","set-policy",NID_set_policy,3,&(lvalues[3899]),0}, {"set-certExt","certificate extensions",NID_set_certExt,3, - &(lvalues[3897]),0}, -{"set-brand","set-brand",NID_set_brand,3,&(lvalues[3900]),0}, -{"setct-PANData","setct-PANData",NID_setct_PANData,4,&(lvalues[3903]),0}, + &(lvalues[3902]),0}, +{"set-brand","set-brand",NID_set_brand,3,&(lvalues[3905]),0}, +{"setct-PANData","setct-PANData",NID_setct_PANData,4,&(lvalues[3908]),0}, {"setct-PANToken","setct-PANToken",NID_setct_PANToken,4, - &(lvalues[3907]),0}, -{"setct-PANOnly","setct-PANOnly",NID_setct_PANOnly,4,&(lvalues[3911]),0}, -{"setct-OIData","setct-OIData",NID_setct_OIData,4,&(lvalues[3915]),0}, -{"setct-PI","setct-PI",NID_setct_PI,4,&(lvalues[3919]),0}, -{"setct-PIData","setct-PIData",NID_setct_PIData,4,&(lvalues[3923]),0}, + &(lvalues[3912]),0}, +{"setct-PANOnly","setct-PANOnly",NID_setct_PANOnly,4,&(lvalues[3916]),0}, +{"setct-OIData","setct-OIData",NID_setct_OIData,4,&(lvalues[3920]),0}, +{"setct-PI","setct-PI",NID_setct_PI,4,&(lvalues[3924]),0}, +{"setct-PIData","setct-PIData",NID_setct_PIData,4,&(lvalues[3928]),0}, {"setct-PIDataUnsigned","setct-PIDataUnsigned", - NID_setct_PIDataUnsigned,4,&(lvalues[3927]),0}, + NID_setct_PIDataUnsigned,4,&(lvalues[3932]),0}, {"setct-HODInput","setct-HODInput",NID_setct_HODInput,4, - &(lvalues[3931]),0}, + &(lvalues[3936]),0}, {"setct-AuthResBaggage","setct-AuthResBaggage", - NID_setct_AuthResBaggage,4,&(lvalues[3935]),0}, + NID_setct_AuthResBaggage,4,&(lvalues[3940]),0}, {"setct-AuthRevReqBaggage","setct-AuthRevReqBaggage", - NID_setct_AuthRevReqBaggage,4,&(lvalues[3939]),0}, + NID_setct_AuthRevReqBaggage,4,&(lvalues[3944]),0}, {"setct-AuthRevResBaggage","setct-AuthRevResBaggage", - NID_setct_AuthRevResBaggage,4,&(lvalues[3943]),0}, + NID_setct_AuthRevResBaggage,4,&(lvalues[3948]),0}, {"setct-CapTokenSeq","setct-CapTokenSeq",NID_setct_CapTokenSeq,4, - &(lvalues[3947]),0}, + &(lvalues[3952]),0}, {"setct-PInitResData","setct-PInitResData",NID_setct_PInitResData,4, - &(lvalues[3951]),0}, -{"setct-PI-TBS","setct-PI-TBS",NID_setct_PI_TBS,4,&(lvalues[3955]),0}, + &(lvalues[3956]),0}, +{"setct-PI-TBS","setct-PI-TBS",NID_setct_PI_TBS,4,&(lvalues[3960]),0}, {"setct-PResData","setct-PResData",NID_setct_PResData,4, - &(lvalues[3959]),0}, + &(lvalues[3964]),0}, {"setct-AuthReqTBS","setct-AuthReqTBS",NID_setct_AuthReqTBS,4, - &(lvalues[3963]),0}, + &(lvalues[3968]),0}, {"setct-AuthResTBS","setct-AuthResTBS",NID_setct_AuthResTBS,4, - &(lvalues[3967]),0}, + &(lvalues[3972]),0}, {"setct-AuthResTBSX","setct-AuthResTBSX",NID_setct_AuthResTBSX,4, - &(lvalues[3971]),0}, + &(lvalues[3976]),0}, {"setct-AuthTokenTBS","setct-AuthTokenTBS",NID_setct_AuthTokenTBS,4, - &(lvalues[3975]),0}, + &(lvalues[3980]),0}, {"setct-CapTokenData","setct-CapTokenData",NID_setct_CapTokenData,4, - &(lvalues[3979]),0}, + &(lvalues[3984]),0}, {"setct-CapTokenTBS","setct-CapTokenTBS",NID_setct_CapTokenTBS,4, - &(lvalues[3983]),0}, + &(lvalues[3988]),0}, {"setct-AcqCardCodeMsg","setct-AcqCardCodeMsg", - NID_setct_AcqCardCodeMsg,4,&(lvalues[3987]),0}, + NID_setct_AcqCardCodeMsg,4,&(lvalues[3992]),0}, {"setct-AuthRevReqTBS","setct-AuthRevReqTBS",NID_setct_AuthRevReqTBS, - 4,&(lvalues[3991]),0}, + 4,&(lvalues[3996]),0}, {"setct-AuthRevResData","setct-AuthRevResData", - NID_setct_AuthRevResData,4,&(lvalues[3995]),0}, + NID_setct_AuthRevResData,4,&(lvalues[4000]),0}, {"setct-AuthRevResTBS","setct-AuthRevResTBS",NID_setct_AuthRevResTBS, - 4,&(lvalues[3999]),0}, + 4,&(lvalues[4004]),0}, {"setct-CapReqTBS","setct-CapReqTBS",NID_setct_CapReqTBS,4, - &(lvalues[4003]),0}, + &(lvalues[4008]),0}, {"setct-CapReqTBSX","setct-CapReqTBSX",NID_setct_CapReqTBSX,4, - &(lvalues[4007]),0}, + &(lvalues[4012]),0}, {"setct-CapResData","setct-CapResData",NID_setct_CapResData,4, - &(lvalues[4011]),0}, + &(lvalues[4016]),0}, {"setct-CapRevReqTBS","setct-CapRevReqTBS",NID_setct_CapRevReqTBS,4, - &(lvalues[4015]),0}, + &(lvalues[4020]),0}, {"setct-CapRevReqTBSX","setct-CapRevReqTBSX",NID_setct_CapRevReqTBSX, - 4,&(lvalues[4019]),0}, + 4,&(lvalues[4024]),0}, {"setct-CapRevResData","setct-CapRevResData",NID_setct_CapRevResData, - 4,&(lvalues[4023]),0}, + 4,&(lvalues[4028]),0}, {"setct-CredReqTBS","setct-CredReqTBS",NID_setct_CredReqTBS,4, - &(lvalues[4027]),0}, + &(lvalues[4032]),0}, {"setct-CredReqTBSX","setct-CredReqTBSX",NID_setct_CredReqTBSX,4, - &(lvalues[4031]),0}, + &(lvalues[4036]),0}, {"setct-CredResData","setct-CredResData",NID_setct_CredResData,4, - &(lvalues[4035]),0}, + &(lvalues[4040]),0}, {"setct-CredRevReqTBS","setct-CredRevReqTBS",NID_setct_CredRevReqTBS, - 4,&(lvalues[4039]),0}, + 4,&(lvalues[4044]),0}, {"setct-CredRevReqTBSX","setct-CredRevReqTBSX", - NID_setct_CredRevReqTBSX,4,&(lvalues[4043]),0}, + NID_setct_CredRevReqTBSX,4,&(lvalues[4048]),0}, {"setct-CredRevResData","setct-CredRevResData", - NID_setct_CredRevResData,4,&(lvalues[4047]),0}, + NID_setct_CredRevResData,4,&(lvalues[4052]),0}, {"setct-PCertReqData","setct-PCertReqData",NID_setct_PCertReqData,4, - &(lvalues[4051]),0}, + &(lvalues[4056]),0}, {"setct-PCertResTBS","setct-PCertResTBS",NID_setct_PCertResTBS,4, - &(lvalues[4055]),0}, + &(lvalues[4060]),0}, {"setct-BatchAdminReqData","setct-BatchAdminReqData", - NID_setct_BatchAdminReqData,4,&(lvalues[4059]),0}, + NID_setct_BatchAdminReqData,4,&(lvalues[4064]),0}, {"setct-BatchAdminResData","setct-BatchAdminResData", - NID_setct_BatchAdminResData,4,&(lvalues[4063]),0}, + NID_setct_BatchAdminResData,4,&(lvalues[4068]),0}, {"setct-CardCInitResTBS","setct-CardCInitResTBS", - NID_setct_CardCInitResTBS,4,&(lvalues[4067]),0}, + NID_setct_CardCInitResTBS,4,&(lvalues[4072]),0}, {"setct-MeAqCInitResTBS","setct-MeAqCInitResTBS", - NID_setct_MeAqCInitResTBS,4,&(lvalues[4071]),0}, + NID_setct_MeAqCInitResTBS,4,&(lvalues[4076]),0}, {"setct-RegFormResTBS","setct-RegFormResTBS",NID_setct_RegFormResTBS, - 4,&(lvalues[4075]),0}, + 4,&(lvalues[4080]),0}, {"setct-CertReqData","setct-CertReqData",NID_setct_CertReqData,4, - &(lvalues[4079]),0}, + &(lvalues[4084]),0}, {"setct-CertReqTBS","setct-CertReqTBS",NID_setct_CertReqTBS,4, - &(lvalues[4083]),0}, + &(lvalues[4088]),0}, {"setct-CertResData","setct-CertResData",NID_setct_CertResData,4, - &(lvalues[4087]),0}, + &(lvalues[4092]),0}, {"setct-CertInqReqTBS","setct-CertInqReqTBS",NID_setct_CertInqReqTBS, - 4,&(lvalues[4091]),0}, + 4,&(lvalues[4096]),0}, {"setct-ErrorTBS","setct-ErrorTBS",NID_setct_ErrorTBS,4, - &(lvalues[4095]),0}, + &(lvalues[4100]),0}, {"setct-PIDualSignedTBE","setct-PIDualSignedTBE", - NID_setct_PIDualSignedTBE,4,&(lvalues[4099]),0}, + NID_setct_PIDualSignedTBE,4,&(lvalues[4104]),0}, {"setct-PIUnsignedTBE","setct-PIUnsignedTBE",NID_setct_PIUnsignedTBE, - 4,&(lvalues[4103]),0}, + 4,&(lvalues[4108]),0}, {"setct-AuthReqTBE","setct-AuthReqTBE",NID_setct_AuthReqTBE,4, - &(lvalues[4107]),0}, + &(lvalues[4112]),0}, {"setct-AuthResTBE","setct-AuthResTBE",NID_setct_AuthResTBE,4, - &(lvalues[4111]),0}, + &(lvalues[4116]),0}, {"setct-AuthResTBEX","setct-AuthResTBEX",NID_setct_AuthResTBEX,4, - &(lvalues[4115]),0}, + &(lvalues[4120]),0}, {"setct-AuthTokenTBE","setct-AuthTokenTBE",NID_setct_AuthTokenTBE,4, - &(lvalues[4119]),0}, + &(lvalues[4124]),0}, {"setct-CapTokenTBE","setct-CapTokenTBE",NID_setct_CapTokenTBE,4, - &(lvalues[4123]),0}, + &(lvalues[4128]),0}, {"setct-CapTokenTBEX","setct-CapTokenTBEX",NID_setct_CapTokenTBEX,4, - &(lvalues[4127]),0}, + &(lvalues[4132]),0}, {"setct-AcqCardCodeMsgTBE","setct-AcqCardCodeMsgTBE", - NID_setct_AcqCardCodeMsgTBE,4,&(lvalues[4131]),0}, + NID_setct_AcqCardCodeMsgTBE,4,&(lvalues[4136]),0}, {"setct-AuthRevReqTBE","setct-AuthRevReqTBE",NID_setct_AuthRevReqTBE, - 4,&(lvalues[4135]),0}, + 4,&(lvalues[4140]),0}, {"setct-AuthRevResTBE","setct-AuthRevResTBE",NID_setct_AuthRevResTBE, - 4,&(lvalues[4139]),0}, + 4,&(lvalues[4144]),0}, {"setct-AuthRevResTBEB","setct-AuthRevResTBEB", - NID_setct_AuthRevResTBEB,4,&(lvalues[4143]),0}, + NID_setct_AuthRevResTBEB,4,&(lvalues[4148]),0}, {"setct-CapReqTBE","setct-CapReqTBE",NID_setct_CapReqTBE,4, - &(lvalues[4147]),0}, + &(lvalues[4152]),0}, {"setct-CapReqTBEX","setct-CapReqTBEX",NID_setct_CapReqTBEX,4, - &(lvalues[4151]),0}, + &(lvalues[4156]),0}, {"setct-CapResTBE","setct-CapResTBE",NID_setct_CapResTBE,4, - &(lvalues[4155]),0}, + &(lvalues[4160]),0}, {"setct-CapRevReqTBE","setct-CapRevReqTBE",NID_setct_CapRevReqTBE,4, - &(lvalues[4159]),0}, + &(lvalues[4164]),0}, {"setct-CapRevReqTBEX","setct-CapRevReqTBEX",NID_setct_CapRevReqTBEX, - 4,&(lvalues[4163]),0}, + 4,&(lvalues[4168]),0}, {"setct-CapRevResTBE","setct-CapRevResTBE",NID_setct_CapRevResTBE,4, - &(lvalues[4167]),0}, + &(lvalues[4172]),0}, {"setct-CredReqTBE","setct-CredReqTBE",NID_setct_CredReqTBE,4, - &(lvalues[4171]),0}, + &(lvalues[4176]),0}, {"setct-CredReqTBEX","setct-CredReqTBEX",NID_setct_CredReqTBEX,4, - &(lvalues[4175]),0}, + &(lvalues[4180]),0}, {"setct-CredResTBE","setct-CredResTBE",NID_setct_CredResTBE,4, - &(lvalues[4179]),0}, + &(lvalues[4184]),0}, {"setct-CredRevReqTBE","setct-CredRevReqTBE",NID_setct_CredRevReqTBE, - 4,&(lvalues[4183]),0}, + 4,&(lvalues[4188]),0}, {"setct-CredRevReqTBEX","setct-CredRevReqTBEX", - NID_setct_CredRevReqTBEX,4,&(lvalues[4187]),0}, + NID_setct_CredRevReqTBEX,4,&(lvalues[4192]),0}, {"setct-CredRevResTBE","setct-CredRevResTBE",NID_setct_CredRevResTBE, - 4,&(lvalues[4191]),0}, + 4,&(lvalues[4196]),0}, {"setct-BatchAdminReqTBE","setct-BatchAdminReqTBE", - NID_setct_BatchAdminReqTBE,4,&(lvalues[4195]),0}, + NID_setct_BatchAdminReqTBE,4,&(lvalues[4200]),0}, {"setct-BatchAdminResTBE","setct-BatchAdminResTBE", - NID_setct_BatchAdminResTBE,4,&(lvalues[4199]),0}, + NID_setct_BatchAdminResTBE,4,&(lvalues[4204]),0}, {"setct-RegFormReqTBE","setct-RegFormReqTBE",NID_setct_RegFormReqTBE, - 4,&(lvalues[4203]),0}, + 4,&(lvalues[4208]),0}, {"setct-CertReqTBE","setct-CertReqTBE",NID_setct_CertReqTBE,4, - &(lvalues[4207]),0}, + &(lvalues[4212]),0}, {"setct-CertReqTBEX","setct-CertReqTBEX",NID_setct_CertReqTBEX,4, - &(lvalues[4211]),0}, + &(lvalues[4216]),0}, {"setct-CertResTBE","setct-CertResTBE",NID_setct_CertResTBE,4, - &(lvalues[4215]),0}, + &(lvalues[4220]),0}, {"setct-CRLNotificationTBS","setct-CRLNotificationTBS", - NID_setct_CRLNotificationTBS,4,&(lvalues[4219]),0}, + NID_setct_CRLNotificationTBS,4,&(lvalues[4224]),0}, {"setct-CRLNotificationResTBS","setct-CRLNotificationResTBS", - NID_setct_CRLNotificationResTBS,4,&(lvalues[4223]),0}, + NID_setct_CRLNotificationResTBS,4,&(lvalues[4228]),0}, {"setct-BCIDistributionTBS","setct-BCIDistributionTBS", - NID_setct_BCIDistributionTBS,4,&(lvalues[4227]),0}, + NID_setct_BCIDistributionTBS,4,&(lvalues[4232]),0}, {"setext-genCrypt","generic cryptogram",NID_setext_genCrypt,4, - &(lvalues[4231]),0}, + &(lvalues[4236]),0}, {"setext-miAuth","merchant initiated auth",NID_setext_miAuth,4, - &(lvalues[4235]),0}, + &(lvalues[4240]),0}, {"setext-pinSecure","setext-pinSecure",NID_setext_pinSecure,4, - &(lvalues[4239]),0}, -{"setext-pinAny","setext-pinAny",NID_setext_pinAny,4,&(lvalues[4243]),0}, -{"setext-track2","setext-track2",NID_setext_track2,4,&(lvalues[4247]),0}, + &(lvalues[4244]),0}, +{"setext-pinAny","setext-pinAny",NID_setext_pinAny,4,&(lvalues[4248]),0}, +{"setext-track2","setext-track2",NID_setext_track2,4,&(lvalues[4252]),0}, {"setext-cv","additional verification",NID_setext_cv,4, - &(lvalues[4251]),0}, + &(lvalues[4256]),0}, {"set-policy-root","set-policy-root",NID_set_policy_root,4, - &(lvalues[4255]),0}, + &(lvalues[4260]),0}, {"setCext-hashedRoot","setCext-hashedRoot",NID_setCext_hashedRoot,4, - &(lvalues[4259]),0}, + &(lvalues[4264]),0}, {"setCext-certType","setCext-certType",NID_setCext_certType,4, - &(lvalues[4263]),0}, + &(lvalues[4268]),0}, {"setCext-merchData","setCext-merchData",NID_setCext_merchData,4, - &(lvalues[4267]),0}, + &(lvalues[4272]),0}, {"setCext-cCertRequired","setCext-cCertRequired", - NID_setCext_cCertRequired,4,&(lvalues[4271]),0}, + NID_setCext_cCertRequired,4,&(lvalues[4276]),0}, {"setCext-tunneling","setCext-tunneling",NID_setCext_tunneling,4, - &(lvalues[4275]),0}, + &(lvalues[4280]),0}, {"setCext-setExt","setCext-setExt",NID_setCext_setExt,4, - &(lvalues[4279]),0}, + &(lvalues[4284]),0}, {"setCext-setQualf","setCext-setQualf",NID_setCext_setQualf,4, - &(lvalues[4283]),0}, + &(lvalues[4288]),0}, {"setCext-PGWYcapabilities","setCext-PGWYcapabilities", - NID_setCext_PGWYcapabilities,4,&(lvalues[4287]),0}, + NID_setCext_PGWYcapabilities,4,&(lvalues[4292]),0}, {"setCext-TokenIdentifier","setCext-TokenIdentifier", - NID_setCext_TokenIdentifier,4,&(lvalues[4291]),0}, + NID_setCext_TokenIdentifier,4,&(lvalues[4296]),0}, {"setCext-Track2Data","setCext-Track2Data",NID_setCext_Track2Data,4, - &(lvalues[4295]),0}, + &(lvalues[4300]),0}, {"setCext-TokenType","setCext-TokenType",NID_setCext_TokenType,4, - &(lvalues[4299]),0}, + &(lvalues[4304]),0}, {"setCext-IssuerCapabilities","setCext-IssuerCapabilities", - NID_setCext_IssuerCapabilities,4,&(lvalues[4303]),0}, -{"setAttr-Cert","setAttr-Cert",NID_setAttr_Cert,4,&(lvalues[4307]),0}, + NID_setCext_IssuerCapabilities,4,&(lvalues[4308]),0}, +{"setAttr-Cert","setAttr-Cert",NID_setAttr_Cert,4,&(lvalues[4312]),0}, {"setAttr-PGWYcap","payment gateway capabilities",NID_setAttr_PGWYcap, - 4,&(lvalues[4311]),0}, + 4,&(lvalues[4316]),0}, {"setAttr-TokenType","setAttr-TokenType",NID_setAttr_TokenType,4, - &(lvalues[4315]),0}, + &(lvalues[4320]),0}, {"setAttr-IssCap","issuer capabilities",NID_setAttr_IssCap,4, - &(lvalues[4319]),0}, + &(lvalues[4324]),0}, {"set-rootKeyThumb","set-rootKeyThumb",NID_set_rootKeyThumb,5, - &(lvalues[4323]),0}, -{"set-addPolicy","set-addPolicy",NID_set_addPolicy,5,&(lvalues[4328]),0}, + &(lvalues[4328]),0}, +{"set-addPolicy","set-addPolicy",NID_set_addPolicy,5,&(lvalues[4333]),0}, {"setAttr-Token-EMV","setAttr-Token-EMV",NID_setAttr_Token_EMV,5, - &(lvalues[4333]),0}, + &(lvalues[4338]),0}, {"setAttr-Token-B0Prime","setAttr-Token-B0Prime", - NID_setAttr_Token_B0Prime,5,&(lvalues[4338]),0}, + NID_setAttr_Token_B0Prime,5,&(lvalues[4343]),0}, {"setAttr-IssCap-CVM","setAttr-IssCap-CVM",NID_setAttr_IssCap_CVM,5, - &(lvalues[4343]),0}, -{"setAttr-IssCap-T2","setAttr-IssCap-T2",NID_setAttr_IssCap_T2,5, &(lvalues[4348]),0}, -{"setAttr-IssCap-Sig","setAttr-IssCap-Sig",NID_setAttr_IssCap_Sig,5, +{"setAttr-IssCap-T2","setAttr-IssCap-T2",NID_setAttr_IssCap_T2,5, &(lvalues[4353]),0}, +{"setAttr-IssCap-Sig","setAttr-IssCap-Sig",NID_setAttr_IssCap_Sig,5, + &(lvalues[4358]),0}, {"setAttr-GenCryptgrm","generate cryptogram",NID_setAttr_GenCryptgrm, - 6,&(lvalues[4358]),0}, + 6,&(lvalues[4363]),0}, {"setAttr-T2Enc","encrypted track 2",NID_setAttr_T2Enc,6, - &(lvalues[4364]),0}, + &(lvalues[4369]),0}, {"setAttr-T2cleartxt","cleartext track 2",NID_setAttr_T2cleartxt,6, - &(lvalues[4370]),0}, + &(lvalues[4375]),0}, {"setAttr-TokICCsig","ICC or token signature",NID_setAttr_TokICCsig,6, - &(lvalues[4376]),0}, + &(lvalues[4381]),0}, {"setAttr-SecDevSig","secure device signature",NID_setAttr_SecDevSig, - 6,&(lvalues[4382]),0}, + 6,&(lvalues[4387]),0}, {"set-brand-IATA-ATA","set-brand-IATA-ATA",NID_set_brand_IATA_ATA,4, - &(lvalues[4388]),0}, + &(lvalues[4393]),0}, {"set-brand-Diners","set-brand-Diners",NID_set_brand_Diners,4, - &(lvalues[4392]),0}, + &(lvalues[4397]),0}, {"set-brand-AmericanExpress","set-brand-AmericanExpress", - NID_set_brand_AmericanExpress,4,&(lvalues[4396]),0}, -{"set-brand-JCB","set-brand-JCB",NID_set_brand_JCB,4,&(lvalues[4400]),0}, + NID_set_brand_AmericanExpress,4,&(lvalues[4401]),0}, +{"set-brand-JCB","set-brand-JCB",NID_set_brand_JCB,4,&(lvalues[4405]),0}, {"set-brand-Visa","set-brand-Visa",NID_set_brand_Visa,4, - &(lvalues[4404]),0}, + &(lvalues[4409]),0}, {"set-brand-MasterCard","set-brand-MasterCard", - NID_set_brand_MasterCard,4,&(lvalues[4408]),0}, + NID_set_brand_MasterCard,4,&(lvalues[4413]),0}, {"set-brand-Novus","set-brand-Novus",NID_set_brand_Novus,5, - &(lvalues[4412]),0}, -{"DES-CDMF","des-cdmf",NID_des_cdmf,8,&(lvalues[4417]),0}, + &(lvalues[4417]),0}, +{"DES-CDMF","des-cdmf",NID_des_cdmf,8,&(lvalues[4422]),0}, {"rsaOAEPEncryptionSET","rsaOAEPEncryptionSET", - NID_rsaOAEPEncryptionSET,9,&(lvalues[4425]),0}, -{NULL,NULL,NID_undef,0,NULL}, -{NULL,NULL,NID_undef,0,NULL}, -{NULL,NULL,NID_undef,0,NULL}, + NID_rsaOAEPEncryptionSET,9,&(lvalues[4430]),0}, +{"ITU-T","itu-t",NID_itu_t,1,&(lvalues[4439]),0}, +{"JOINT-ISO-ITU-T","joint-iso-itu-t",NID_joint_iso_itu_t,1, + &(lvalues[4440]),0}, +{"international-organizations","International Organizations", + NID_international_organizations,1,&(lvalues[4441]),0}, {"msSmartcardLogin","Microsoft Smartcardlogin",NID_ms_smartcard_login, - 10,&(lvalues[4434]),0}, + 10,&(lvalues[4442]),0}, {"msUPN","Microsoft Universal Principal Name",NID_ms_upn,10, - &(lvalues[4444]),0}, -{"AES-128-CFB1","aes-128-cfb1",NID_aes_128_cfb1,0,NULL}, -{"AES-192-CFB1","aes-192-cfb1",NID_aes_192_cfb1,0,NULL}, -{"AES-256-CFB1","aes-256-cfb1",NID_aes_256_cfb1,0,NULL}, -{"AES-128-CFB8","aes-128-cfb8",NID_aes_128_cfb8,0,NULL}, -{"AES-192-CFB8","aes-192-cfb8",NID_aes_192_cfb8,0,NULL}, -{"AES-256-CFB8","aes-256-cfb8",NID_aes_256_cfb8,0,NULL}, -{"DES-CFB1","des-cfb1",NID_des_cfb1,0,NULL}, -{"DES-CFB8","des-cfb8",NID_des_cfb8,0,NULL}, -{"DES-EDE3-CFB1","des-ede3-cfb1",NID_des_ede3_cfb1,0,NULL}, -{"DES-EDE3-CFB8","des-ede3-cfb8",NID_des_ede3_cfb8,0,NULL}, -{"streetAddress","streetAddress",NID_streetAddress,3,&(lvalues[4454]),0}, -{"postalCode","postalCode",NID_postalCode,3,&(lvalues[4457]),0}, -{"id-ppl","id-ppl",NID_id_ppl,7,&(lvalues[4460]),0}, + &(lvalues[4452]),0}, +{"AES-128-CFB1","aes-128-cfb1",NID_aes_128_cfb1,0,NULL,0}, +{"AES-192-CFB1","aes-192-cfb1",NID_aes_192_cfb1,0,NULL,0}, +{"AES-256-CFB1","aes-256-cfb1",NID_aes_256_cfb1,0,NULL,0}, +{"AES-128-CFB8","aes-128-cfb8",NID_aes_128_cfb8,0,NULL,0}, +{"AES-192-CFB8","aes-192-cfb8",NID_aes_192_cfb8,0,NULL,0}, +{"AES-256-CFB8","aes-256-cfb8",NID_aes_256_cfb8,0,NULL,0}, +{"DES-CFB1","des-cfb1",NID_des_cfb1,0,NULL,0}, +{"DES-CFB8","des-cfb8",NID_des_cfb8,0,NULL,0}, +{"DES-EDE3-CFB1","des-ede3-cfb1",NID_des_ede3_cfb1,0,NULL,0}, +{"DES-EDE3-CFB8","des-ede3-cfb8",NID_des_ede3_cfb8,0,NULL,0}, +{"streetAddress","streetAddress",NID_streetAddress,3,&(lvalues[4462]),0}, +{"postalCode","postalCode",NID_postalCode,3,&(lvalues[4465]),0}, +{"id-ppl","id-ppl",NID_id_ppl,7,&(lvalues[4468]),0}, {"proxyCertInfo","Proxy Certificate Information",NID_proxyCertInfo,8, - &(lvalues[4467]),0}, -{"id-ppl-anyLanguage","Any language",NID_id_ppl_anyLanguage,8, &(lvalues[4475]),0}, -{"id-ppl-inheritAll","Inherit all",NID_id_ppl_inheritAll,8, +{"id-ppl-anyLanguage","Any language",NID_id_ppl_anyLanguage,8, &(lvalues[4483]),0}, -{"nameConstraints","X509v3 Name Constraints",NID_name_constraints,3, +{"id-ppl-inheritAll","Inherit all",NID_id_ppl_inheritAll,8, &(lvalues[4491]),0}, -{"id-ppl-independent","Independent",NID_Independent,8,&(lvalues[4494]),0}, +{"nameConstraints","X509v3 Name Constraints",NID_name_constraints,3, + &(lvalues[4499]),0}, +{"id-ppl-independent","Independent",NID_Independent,8,&(lvalues[4502]),0}, {"RSA-SHA256","sha256WithRSAEncryption",NID_sha256WithRSAEncryption,9, - &(lvalues[4502]),0}, + &(lvalues[4510]),0}, {"RSA-SHA384","sha384WithRSAEncryption",NID_sha384WithRSAEncryption,9, - &(lvalues[4511]),0}, + &(lvalues[4519]),0}, {"RSA-SHA512","sha512WithRSAEncryption",NID_sha512WithRSAEncryption,9, - &(lvalues[4520]),0}, + &(lvalues[4528]),0}, {"RSA-SHA224","sha224WithRSAEncryption",NID_sha224WithRSAEncryption,9, - &(lvalues[4529]),0}, -{"SHA256","sha256",NID_sha256,9,&(lvalues[4538]),0}, -{"SHA384","sha384",NID_sha384,9,&(lvalues[4547]),0}, -{"SHA512","sha512",NID_sha512,9,&(lvalues[4556]),0}, -{"SHA224","sha224",NID_sha224,9,&(lvalues[4565]),0}, + &(lvalues[4537]),0}, +{"SHA256","sha256",NID_sha256,9,&(lvalues[4546]),0}, +{"SHA384","sha384",NID_sha384,9,&(lvalues[4555]),0}, +{"SHA512","sha512",NID_sha512,9,&(lvalues[4564]),0}, +{"SHA224","sha224",NID_sha224,9,&(lvalues[4573]),0}, +{"identified-organization","identified-organization", + NID_identified_organization,1,&(lvalues[4582]),0}, +{"certicom-arc","certicom-arc",NID_certicom_arc,3,&(lvalues[4583]),0}, +{"wap","wap",NID_wap,2,&(lvalues[4586]),0}, +{"wap-wsg","wap-wsg",NID_wap_wsg,3,&(lvalues[4588]),0}, +{"id-characteristic-two-basis","id-characteristic-two-basis", + NID_X9_62_id_characteristic_two_basis,8,&(lvalues[4591]),0}, +{"onBasis","onBasis",NID_X9_62_onBasis,9,&(lvalues[4599]),0}, +{"tpBasis","tpBasis",NID_X9_62_tpBasis,9,&(lvalues[4608]),0}, +{"ppBasis","ppBasis",NID_X9_62_ppBasis,9,&(lvalues[4617]),0}, +{"c2pnb163v1","c2pnb163v1",NID_X9_62_c2pnb163v1,8,&(lvalues[4626]),0}, +{"c2pnb163v2","c2pnb163v2",NID_X9_62_c2pnb163v2,8,&(lvalues[4634]),0}, +{"c2pnb163v3","c2pnb163v3",NID_X9_62_c2pnb163v3,8,&(lvalues[4642]),0}, +{"c2pnb176v1","c2pnb176v1",NID_X9_62_c2pnb176v1,8,&(lvalues[4650]),0}, +{"c2tnb191v1","c2tnb191v1",NID_X9_62_c2tnb191v1,8,&(lvalues[4658]),0}, +{"c2tnb191v2","c2tnb191v2",NID_X9_62_c2tnb191v2,8,&(lvalues[4666]),0}, +{"c2tnb191v3","c2tnb191v3",NID_X9_62_c2tnb191v3,8,&(lvalues[4674]),0}, +{"c2onb191v4","c2onb191v4",NID_X9_62_c2onb191v4,8,&(lvalues[4682]),0}, +{"c2onb191v5","c2onb191v5",NID_X9_62_c2onb191v5,8,&(lvalues[4690]),0}, +{"c2pnb208w1","c2pnb208w1",NID_X9_62_c2pnb208w1,8,&(lvalues[4698]),0}, +{"c2tnb239v1","c2tnb239v1",NID_X9_62_c2tnb239v1,8,&(lvalues[4706]),0}, +{"c2tnb239v2","c2tnb239v2",NID_X9_62_c2tnb239v2,8,&(lvalues[4714]),0}, +{"c2tnb239v3","c2tnb239v3",NID_X9_62_c2tnb239v3,8,&(lvalues[4722]),0}, +{"c2onb239v4","c2onb239v4",NID_X9_62_c2onb239v4,8,&(lvalues[4730]),0}, +{"c2onb239v5","c2onb239v5",NID_X9_62_c2onb239v5,8,&(lvalues[4738]),0}, +{"c2pnb272w1","c2pnb272w1",NID_X9_62_c2pnb272w1,8,&(lvalues[4746]),0}, +{"c2pnb304w1","c2pnb304w1",NID_X9_62_c2pnb304w1,8,&(lvalues[4754]),0}, +{"c2tnb359v1","c2tnb359v1",NID_X9_62_c2tnb359v1,8,&(lvalues[4762]),0}, +{"c2pnb368w1","c2pnb368w1",NID_X9_62_c2pnb368w1,8,&(lvalues[4770]),0}, +{"c2tnb431r1","c2tnb431r1",NID_X9_62_c2tnb431r1,8,&(lvalues[4778]),0}, +{"secp112r1","secp112r1",NID_secp112r1,5,&(lvalues[4786]),0}, +{"secp112r2","secp112r2",NID_secp112r2,5,&(lvalues[4791]),0}, +{"secp128r1","secp128r1",NID_secp128r1,5,&(lvalues[4796]),0}, +{"secp128r2","secp128r2",NID_secp128r2,5,&(lvalues[4801]),0}, +{"secp160k1","secp160k1",NID_secp160k1,5,&(lvalues[4806]),0}, +{"secp160r1","secp160r1",NID_secp160r1,5,&(lvalues[4811]),0}, +{"secp160r2","secp160r2",NID_secp160r2,5,&(lvalues[4816]),0}, +{"secp192k1","secp192k1",NID_secp192k1,5,&(lvalues[4821]),0}, +{"secp224k1","secp224k1",NID_secp224k1,5,&(lvalues[4826]),0}, +{"secp224r1","secp224r1",NID_secp224r1,5,&(lvalues[4831]),0}, +{"secp256k1","secp256k1",NID_secp256k1,5,&(lvalues[4836]),0}, +{"secp384r1","secp384r1",NID_secp384r1,5,&(lvalues[4841]),0}, +{"secp521r1","secp521r1",NID_secp521r1,5,&(lvalues[4846]),0}, +{"sect113r1","sect113r1",NID_sect113r1,5,&(lvalues[4851]),0}, +{"sect113r2","sect113r2",NID_sect113r2,5,&(lvalues[4856]),0}, +{"sect131r1","sect131r1",NID_sect131r1,5,&(lvalues[4861]),0}, +{"sect131r2","sect131r2",NID_sect131r2,5,&(lvalues[4866]),0}, +{"sect163k1","sect163k1",NID_sect163k1,5,&(lvalues[4871]),0}, +{"sect163r1","sect163r1",NID_sect163r1,5,&(lvalues[4876]),0}, +{"sect163r2","sect163r2",NID_sect163r2,5,&(lvalues[4881]),0}, +{"sect193r1","sect193r1",NID_sect193r1,5,&(lvalues[4886]),0}, +{"sect193r2","sect193r2",NID_sect193r2,5,&(lvalues[4891]),0}, +{"sect233k1","sect233k1",NID_sect233k1,5,&(lvalues[4896]),0}, +{"sect233r1","sect233r1",NID_sect233r1,5,&(lvalues[4901]),0}, +{"sect239k1","sect239k1",NID_sect239k1,5,&(lvalues[4906]),0}, +{"sect283k1","sect283k1",NID_sect283k1,5,&(lvalues[4911]),0}, +{"sect283r1","sect283r1",NID_sect283r1,5,&(lvalues[4916]),0}, +{"sect409k1","sect409k1",NID_sect409k1,5,&(lvalues[4921]),0}, +{"sect409r1","sect409r1",NID_sect409r1,5,&(lvalues[4926]),0}, +{"sect571k1","sect571k1",NID_sect571k1,5,&(lvalues[4931]),0}, +{"sect571r1","sect571r1",NID_sect571r1,5,&(lvalues[4936]),0}, +{"wap-wsg-idm-ecid-wtls1","wap-wsg-idm-ecid-wtls1", + NID_wap_wsg_idm_ecid_wtls1,5,&(lvalues[4941]),0}, +{"wap-wsg-idm-ecid-wtls3","wap-wsg-idm-ecid-wtls3", + NID_wap_wsg_idm_ecid_wtls3,5,&(lvalues[4946]),0}, +{"wap-wsg-idm-ecid-wtls4","wap-wsg-idm-ecid-wtls4", + NID_wap_wsg_idm_ecid_wtls4,5,&(lvalues[4951]),0}, +{"wap-wsg-idm-ecid-wtls5","wap-wsg-idm-ecid-wtls5", + NID_wap_wsg_idm_ecid_wtls5,5,&(lvalues[4956]),0}, +{"wap-wsg-idm-ecid-wtls6","wap-wsg-idm-ecid-wtls6", + NID_wap_wsg_idm_ecid_wtls6,5,&(lvalues[4961]),0}, +{"wap-wsg-idm-ecid-wtls7","wap-wsg-idm-ecid-wtls7", + NID_wap_wsg_idm_ecid_wtls7,5,&(lvalues[4966]),0}, +{"wap-wsg-idm-ecid-wtls8","wap-wsg-idm-ecid-wtls8", + NID_wap_wsg_idm_ecid_wtls8,5,&(lvalues[4971]),0}, +{"wap-wsg-idm-ecid-wtls9","wap-wsg-idm-ecid-wtls9", + NID_wap_wsg_idm_ecid_wtls9,5,&(lvalues[4976]),0}, +{"wap-wsg-idm-ecid-wtls10","wap-wsg-idm-ecid-wtls10", + NID_wap_wsg_idm_ecid_wtls10,5,&(lvalues[4981]),0}, +{"wap-wsg-idm-ecid-wtls11","wap-wsg-idm-ecid-wtls11", + NID_wap_wsg_idm_ecid_wtls11,5,&(lvalues[4986]),0}, +{"wap-wsg-idm-ecid-wtls12","wap-wsg-idm-ecid-wtls12", + NID_wap_wsg_idm_ecid_wtls12,5,&(lvalues[4991]),0}, +{"anyPolicy","X509v3 Any Policy",NID_any_policy,4,&(lvalues[4996]),0}, +{"policyMappings","X509v3 Policy Mappings",NID_policy_mappings,3, + &(lvalues[5000]),0}, +{"inhibitAnyPolicy","X509v3 Inhibit Any Policy", + NID_inhibit_any_policy,3,&(lvalues[5003]),0}, +{"Oakley-EC2N-3","ipsec3",NID_ipsec3,0,NULL,0}, +{"Oakley-EC2N-4","ipsec4",NID_ipsec4,0,NULL,0}, +{"CAMELLIA-128-CBC","camellia-128-cbc",NID_camellia_128_cbc,11, + &(lvalues[5006]),0}, +{"CAMELLIA-192-CBC","camellia-192-cbc",NID_camellia_192_cbc,11, + &(lvalues[5017]),0}, +{"CAMELLIA-256-CBC","camellia-256-cbc",NID_camellia_256_cbc,11, + &(lvalues[5028]),0}, +{"CAMELLIA-128-ECB","camellia-128-ecb",NID_camellia_128_ecb,8, + &(lvalues[5039]),0}, +{"CAMELLIA-192-ECB","camellia-192-ecb",NID_camellia_192_ecb,8, + &(lvalues[5047]),0}, +{"CAMELLIA-256-ECB","camellia-256-ecb",NID_camellia_256_ecb,8, + &(lvalues[5055]),0}, +{"CAMELLIA-128-CFB","camellia-128-cfb",NID_camellia_128_cfb128,8, + &(lvalues[5063]),0}, +{"CAMELLIA-192-CFB","camellia-192-cfb",NID_camellia_192_cfb128,8, + &(lvalues[5071]),0}, +{"CAMELLIA-256-CFB","camellia-256-cfb",NID_camellia_256_cfb128,8, + &(lvalues[5079]),0}, +{"CAMELLIA-128-CFB1","camellia-128-cfb1",NID_camellia_128_cfb1,0,NULL,0}, +{"CAMELLIA-192-CFB1","camellia-192-cfb1",NID_camellia_192_cfb1,0,NULL,0}, +{"CAMELLIA-256-CFB1","camellia-256-cfb1",NID_camellia_256_cfb1,0,NULL,0}, +{"CAMELLIA-128-CFB8","camellia-128-cfb8",NID_camellia_128_cfb8,0,NULL,0}, +{"CAMELLIA-192-CFB8","camellia-192-cfb8",NID_camellia_192_cfb8,0,NULL,0}, +{"CAMELLIA-256-CFB8","camellia-256-cfb8",NID_camellia_256_cfb8,0,NULL,0}, +{"CAMELLIA-128-OFB","camellia-128-ofb",NID_camellia_128_ofb128,8, + &(lvalues[5087]),0}, +{"CAMELLIA-192-OFB","camellia-192-ofb",NID_camellia_192_ofb128,8, + &(lvalues[5095]),0}, +{"CAMELLIA-256-OFB","camellia-256-ofb",NID_camellia_256_ofb128,8, + &(lvalues[5103]),0}, +{"subjectDirectoryAttributes","X509v3 Subject Directory Attributes", + NID_subject_directory_attributes,3,&(lvalues[5111]),0}, +{"issuingDistributionPoint","X509v3 Issuing Distrubution Point", + NID_issuing_distribution_point,3,&(lvalues[5114]),0}, +{"certificateIssuer","X509v3 Certificate Issuer", + NID_certificate_issuer,3,&(lvalues[5117]),0}, +{NULL,NULL,NID_undef,0,NULL,0}, +{"KISA","kisa",NID_kisa,6,&(lvalues[5120]),0}, +{NULL,NULL,NID_undef,0,NULL,0}, +{NULL,NULL,NID_undef,0,NULL,0}, +{"SEED-ECB","seed-ecb",NID_seed_ecb,8,&(lvalues[5126]),0}, +{"SEED-CBC","seed-cbc",NID_seed_cbc,8,&(lvalues[5134]),0}, +{"SEED-OFB","seed-ofb",NID_seed_ofb128,8,&(lvalues[5142]),0}, +{"SEED-CFB","seed-cfb",NID_seed_cfb128,8,&(lvalues[5150]),0}, +{"HMAC-MD5","hmac-md5",NID_hmac_md5,8,&(lvalues[5158]),0}, +{"HMAC-SHA1","hmac-sha1",NID_hmac_sha1,8,&(lvalues[5166]),0}, +{"id-PasswordBasedMAC","password based MAC",NID_id_PasswordBasedMAC,9, + &(lvalues[5174]),0}, +{"id-DHBasedMac","Diffie-Hellman based MAC",NID_id_DHBasedMac,9, + &(lvalues[5183]),0}, +{"id-it-suppLangTags","id-it-suppLangTags",NID_id_it_suppLangTags,8, + &(lvalues[5192]),0}, +{"caRepository","CA Repository",NID_caRepository,8,&(lvalues[5200]),0}, +{"id-smime-ct-compressedData","id-smime-ct-compressedData", + NID_id_smime_ct_compressedData,11,&(lvalues[5208]),0}, +{"id-ct-asciiTextWithCRLF","id-ct-asciiTextWithCRLF", + NID_id_ct_asciiTextWithCRLF,11,&(lvalues[5219]),0}, +{"id-aes128-wrap","id-aes128-wrap",NID_id_aes128_wrap,9, + &(lvalues[5230]),0}, +{"id-aes192-wrap","id-aes192-wrap",NID_id_aes192_wrap,9, + &(lvalues[5239]),0}, +{"id-aes256-wrap","id-aes256-wrap",NID_id_aes256_wrap,9, + &(lvalues[5248]),0}, }; static ASN1_OBJECT *sn_objs[NUM_SN]={ @@ -1805,11 +2066,28 @@ static ASN1_OBJECT *sn_objs[NUM_SN]={ &(nid_objs[92]),/* "BF-ECB" */ &(nid_objs[94]),/* "BF-OFB" */ &(nid_objs[14]),/* "C" */ +&(nid_objs[751]),/* "CAMELLIA-128-CBC" */ +&(nid_objs[757]),/* "CAMELLIA-128-CFB" */ +&(nid_objs[760]),/* "CAMELLIA-128-CFB1" */ +&(nid_objs[763]),/* "CAMELLIA-128-CFB8" */ +&(nid_objs[754]),/* "CAMELLIA-128-ECB" */ +&(nid_objs[766]),/* "CAMELLIA-128-OFB" */ +&(nid_objs[752]),/* "CAMELLIA-192-CBC" */ +&(nid_objs[758]),/* "CAMELLIA-192-CFB" */ +&(nid_objs[761]),/* "CAMELLIA-192-CFB1" */ +&(nid_objs[764]),/* "CAMELLIA-192-CFB8" */ +&(nid_objs[755]),/* "CAMELLIA-192-ECB" */ +&(nid_objs[767]),/* "CAMELLIA-192-OFB" */ +&(nid_objs[753]),/* "CAMELLIA-256-CBC" */ +&(nid_objs[759]),/* "CAMELLIA-256-CFB" */ +&(nid_objs[762]),/* "CAMELLIA-256-CFB1" */ +&(nid_objs[765]),/* "CAMELLIA-256-CFB8" */ +&(nid_objs[756]),/* "CAMELLIA-256-ECB" */ +&(nid_objs[768]),/* "CAMELLIA-256-OFB" */ &(nid_objs[108]),/* "CAST5-CBC" */ &(nid_objs[110]),/* "CAST5-CFB" */ &(nid_objs[109]),/* "CAST5-ECB" */ &(nid_objs[111]),/* "CAST5-OFB" */ -&(nid_objs[404]),/* "CCITT" */ &(nid_objs[13]),/* "CN" */ &(nid_objs[141]),/* "CRLReason" */ &(nid_objs[417]),/* "CSPName" */ @@ -1841,6 +2119,8 @@ static ASN1_OBJECT *sn_objs[NUM_SN]={ &(nid_objs[67]),/* "DSA-old" */ &(nid_objs[297]),/* "DVCS" */ &(nid_objs[99]),/* "GN" */ +&(nid_objs[780]),/* "HMAC-MD5" */ +&(nid_objs[781]),/* "HMAC-SHA1" */ &(nid_objs[381]),/* "IANA" */ &(nid_objs[34]),/* "IDEA-CBC" */ &(nid_objs[35]),/* "IDEA-CFB" */ @@ -1848,7 +2128,9 @@ static ASN1_OBJECT *sn_objs[NUM_SN]={ &(nid_objs[46]),/* "IDEA-OFB" */ &(nid_objs[181]),/* "ISO" */ &(nid_objs[183]),/* "ISO-US" */ -&(nid_objs[393]),/* "JOINT-ISO-CCITT" */ +&(nid_objs[645]),/* "ITU-T" */ +&(nid_objs[646]),/* "JOINT-ISO-ITU-T" */ +&(nid_objs[773]),/* "KISA" */ &(nid_objs[15]),/* "L" */ &(nid_objs[ 3]),/* "MD2" */ &(nid_objs[257]),/* "MD4" */ @@ -1856,6 +2138,8 @@ static ASN1_OBJECT *sn_objs[NUM_SN]={ &(nid_objs[114]),/* "MD5-SHA1" */ &(nid_objs[95]),/* "MDC2" */ &(nid_objs[388]),/* "Mail" */ +&(nid_objs[393]),/* "NULL" */ +&(nid_objs[404]),/* "NULL" */ &(nid_objs[57]),/* "Netscape" */ &(nid_objs[366]),/* "Nonce" */ &(nid_objs[17]),/* "O" */ @@ -1863,6 +2147,8 @@ static ASN1_OBJECT *sn_objs[NUM_SN]={ &(nid_objs[180]),/* "OCSPSigning" */ &(nid_objs[379]),/* "ORG" */ &(nid_objs[18]),/* "OU" */ +&(nid_objs[749]),/* "Oakley-EC2N-3" */ +&(nid_objs[750]),/* "Oakley-EC2N-4" */ &(nid_objs[ 9]),/* "PBE-MD2-DES" */ &(nid_objs[168]),/* "PBE-MD2-RC2-64" */ &(nid_objs[10]),/* "PBE-MD5-DES" */ @@ -1907,6 +2193,10 @@ static ASN1_OBJECT *sn_objs[NUM_SN]={ &(nid_objs[668]),/* "RSA-SHA256" */ &(nid_objs[669]),/* "RSA-SHA384" */ &(nid_objs[670]),/* "RSA-SHA512" */ +&(nid_objs[777]),/* "SEED-CBC" */ +&(nid_objs[779]),/* "SEED-CFB" */ +&(nid_objs[776]),/* "SEED-ECB" */ +&(nid_objs[778]),/* "SEED-OFB" */ &(nid_objs[41]),/* "SHA" */ &(nid_objs[64]),/* "SHA1" */ &(nid_objs[675]),/* "SHA224" */ @@ -1936,6 +2226,7 @@ static ASN1_OBJECT *sn_objs[NUM_SN]={ &(nid_objs[363]),/* "ad_timestamping" */ &(nid_objs[376]),/* "algorithm" */ &(nid_objs[405]),/* "ansi-X9-62" */ +&(nid_objs[746]),/* "anyPolicy" */ &(nid_objs[370]),/* "archiveCutoff" */ &(nid_objs[484]),/* "associatedDomain" */ &(nid_objs[485]),/* "associatedName" */ @@ -1946,10 +2237,33 @@ static ASN1_OBJECT *sn_objs[NUM_SN]={ &(nid_objs[365]),/* "basicOCSPResponse" */ &(nid_objs[285]),/* "biometricInfo" */ &(nid_objs[494]),/* "buildingName" */ +&(nid_objs[691]),/* "c2onb191v4" */ +&(nid_objs[692]),/* "c2onb191v5" */ +&(nid_objs[697]),/* "c2onb239v4" */ +&(nid_objs[698]),/* "c2onb239v5" */ +&(nid_objs[684]),/* "c2pnb163v1" */ +&(nid_objs[685]),/* "c2pnb163v2" */ +&(nid_objs[686]),/* "c2pnb163v3" */ +&(nid_objs[687]),/* "c2pnb176v1" */ +&(nid_objs[693]),/* "c2pnb208w1" */ +&(nid_objs[699]),/* "c2pnb272w1" */ +&(nid_objs[700]),/* "c2pnb304w1" */ +&(nid_objs[702]),/* "c2pnb368w1" */ +&(nid_objs[688]),/* "c2tnb191v1" */ +&(nid_objs[689]),/* "c2tnb191v2" */ +&(nid_objs[690]),/* "c2tnb191v3" */ +&(nid_objs[694]),/* "c2tnb239v1" */ +&(nid_objs[695]),/* "c2tnb239v2" */ +&(nid_objs[696]),/* "c2tnb239v3" */ +&(nid_objs[701]),/* "c2tnb359v1" */ +&(nid_objs[703]),/* "c2tnb431r1" */ &(nid_objs[483]),/* "cNAMERecord" */ &(nid_objs[179]),/* "caIssuers" */ +&(nid_objs[785]),/* "caRepository" */ &(nid_objs[443]),/* "caseIgnoreIA5StringSyntax" */ &(nid_objs[152]),/* "certBag" */ +&(nid_objs[677]),/* "certicom-arc" */ +&(nid_objs[771]),/* "certificateIssuer" */ &(nid_objs[89]),/* "certificatePolicies" */ &(nid_objs[54]),/* "challengePassword" */ &(nid_objs[407]),/* "characteristic-two-field" */ @@ -2004,6 +2318,8 @@ static ASN1_OBJECT *sn_objs[NUM_SN]={ &(nid_objs[473]),/* "homeTelephoneNumber" */ &(nid_objs[466]),/* "host" */ &(nid_objs[442]),/* "iA5StringSyntax" */ +&(nid_objs[783]),/* "id-DHBasedMac" */ +&(nid_objs[782]),/* "id-PasswordBasedMAC" */ &(nid_objs[266]),/* "id-aca" */ &(nid_objs[355]),/* "id-aca-accessIdentity" */ &(nid_objs[354]),/* "id-aca-authenticationInfo" */ @@ -2012,6 +2328,9 @@ static ASN1_OBJECT *sn_objs[NUM_SN]={ &(nid_objs[357]),/* "id-aca-group" */ &(nid_objs[358]),/* "id-aca-role" */ &(nid_objs[176]),/* "id-ad" */ +&(nid_objs[788]),/* "id-aes128-wrap" */ +&(nid_objs[789]),/* "id-aes192-wrap" */ +&(nid_objs[790]),/* "id-aes256-wrap" */ &(nid_objs[262]),/* "id-alg" */ &(nid_objs[323]),/* "id-alg-des40" */ &(nid_objs[326]),/* "id-alg-dh-pop" */ @@ -2022,6 +2341,7 @@ static ASN1_OBJECT *sn_objs[NUM_SN]={ &(nid_objs[362]),/* "id-cct-PKIResponse" */ &(nid_objs[360]),/* "id-cct-crs" */ &(nid_objs[81]),/* "id-ce" */ +&(nid_objs[680]),/* "id-characteristic-two-basis" */ &(nid_objs[263]),/* "id-cmc" */ &(nid_objs[334]),/* "id-cmc-addExtensions" */ &(nid_objs[346]),/* "id-cmc-confirmCertAcceptance" */ @@ -2043,6 +2363,7 @@ static ASN1_OBJECT *sn_objs[NUM_SN]={ &(nid_objs[332]),/* "id-cmc-senderNonce" */ &(nid_objs[327]),/* "id-cmc-statusInfo" */ &(nid_objs[331]),/* "id-cmc-transactionId" */ +&(nid_objs[787]),/* "id-ct-asciiTextWithCRLF" */ &(nid_objs[408]),/* "id-ecPublicKey" */ &(nid_objs[508]),/* "id-hex-multipart-message" */ &(nid_objs[507]),/* "id-hex-partial-message" */ @@ -2061,6 +2382,7 @@ static ASN1_OBJECT *sn_objs[NUM_SN]={ &(nid_objs[299]),/* "id-it-signKeyPairTypes" */ &(nid_objs[305]),/* "id-it-subscriptionRequest" */ &(nid_objs[306]),/* "id-it-subscriptionResponse" */ +&(nid_objs[784]),/* "id-it-suppLangTags" */ &(nid_objs[304]),/* "id-it-unsupportedOIDs" */ &(nid_objs[128]),/* "id-kp" */ &(nid_objs[280]),/* "id-mod-attribute-cert" */ @@ -2156,6 +2478,7 @@ static ASN1_OBJECT *sn_objs[NUM_SN]={ &(nid_objs[208]),/* "id-smime-ct-TDTInfo" */ &(nid_objs[207]),/* "id-smime-ct-TSTInfo" */ &(nid_objs[205]),/* "id-smime-ct-authData" */ +&(nid_objs[786]),/* "id-smime-ct-compressedData" */ &(nid_objs[209]),/* "id-smime-ct-contentInfo" */ &(nid_objs[206]),/* "id-smime-ct-publishCert" */ &(nid_objs[204]),/* "id-smime-ct-receipt" */ @@ -2178,13 +2501,17 @@ static ASN1_OBJECT *sn_objs[NUM_SN]={ &(nid_objs[194]),/* "id-smime-spq" */ &(nid_objs[250]),/* "id-smime-spq-ets-sqt-unotice" */ &(nid_objs[249]),/* "id-smime-spq-ets-sqt-uri" */ +&(nid_objs[676]),/* "identified-organization" */ &(nid_objs[461]),/* "info" */ +&(nid_objs[748]),/* "inhibitAnyPolicy" */ &(nid_objs[101]),/* "initials" */ +&(nid_objs[647]),/* "international-organizations" */ &(nid_objs[142]),/* "invalidityDate" */ &(nid_objs[294]),/* "ipsecEndSystem" */ &(nid_objs[295]),/* "ipsecTunnel" */ &(nid_objs[296]),/* "ipsecUser" */ &(nid_objs[86]),/* "issuerAltName" */ +&(nid_objs[770]),/* "issuingDistributionPoint" */ &(nid_objs[492]),/* "janetMailbox" */ &(nid_objs[150]),/* "keyBag" */ &(nid_objs[83]),/* "keyUsage" */ @@ -2227,6 +2554,7 @@ static ASN1_OBJECT *sn_objs[NUM_SN]={ &(nid_objs[73]),/* "nsRevocationUrl" */ &(nid_objs[139]),/* "nsSGC" */ &(nid_objs[77]),/* "nsSslServerName" */ +&(nid_objs[681]),/* "onBasis" */ &(nid_objs[491]),/* "organizationalStatus" */ &(nid_objs[475]),/* "otherMailbox" */ &(nid_objs[489]),/* "pagerTelephoneNumber" */ @@ -2259,7 +2587,9 @@ static ASN1_OBJECT *sn_objs[NUM_SN]={ &(nid_objs[151]),/* "pkcs8ShroudedKeyBag" */ &(nid_objs[47]),/* "pkcs9" */ &(nid_objs[401]),/* "policyConstraints" */ +&(nid_objs[747]),/* "policyMappings" */ &(nid_objs[661]),/* "postalCode" */ +&(nid_objs[683]),/* "ppBasis" */ &(nid_objs[406]),/* "prime-field" */ &(nid_objs[409]),/* "prime192v1" */ &(nid_objs[410]),/* "prime192v2" */ @@ -2289,8 +2619,39 @@ static ASN1_OBJECT *sn_objs[NUM_SN]={ &(nid_objs[290]),/* "sbgp-ipAddrBlock" */ &(nid_objs[292]),/* "sbgp-routerIdentifier" */ &(nid_objs[159]),/* "sdsiCertificate" */ +&(nid_objs[704]),/* "secp112r1" */ +&(nid_objs[705]),/* "secp112r2" */ +&(nid_objs[706]),/* "secp128r1" */ +&(nid_objs[707]),/* "secp128r2" */ +&(nid_objs[708]),/* "secp160k1" */ +&(nid_objs[709]),/* "secp160r1" */ +&(nid_objs[710]),/* "secp160r2" */ +&(nid_objs[711]),/* "secp192k1" */ +&(nid_objs[712]),/* "secp224k1" */ +&(nid_objs[713]),/* "secp224r1" */ +&(nid_objs[714]),/* "secp256k1" */ +&(nid_objs[715]),/* "secp384r1" */ +&(nid_objs[716]),/* "secp521r1" */ &(nid_objs[154]),/* "secretBag" */ &(nid_objs[474]),/* "secretary" */ +&(nid_objs[717]),/* "sect113r1" */ +&(nid_objs[718]),/* "sect113r2" */ +&(nid_objs[719]),/* "sect131r1" */ +&(nid_objs[720]),/* "sect131r2" */ +&(nid_objs[721]),/* "sect163k1" */ +&(nid_objs[722]),/* "sect163r1" */ +&(nid_objs[723]),/* "sect163r2" */ +&(nid_objs[724]),/* "sect193r1" */ +&(nid_objs[725]),/* "sect193r2" */ +&(nid_objs[726]),/* "sect233k1" */ +&(nid_objs[727]),/* "sect233r1" */ +&(nid_objs[728]),/* "sect239k1" */ +&(nid_objs[729]),/* "sect283k1" */ +&(nid_objs[730]),/* "sect283r1" */ +&(nid_objs[731]),/* "sect409k1" */ +&(nid_objs[732]),/* "sect409r1" */ +&(nid_objs[733]),/* "sect571k1" */ +&(nid_objs[734]),/* "sect571r1" */ &(nid_objs[386]),/* "security" */ &(nid_objs[394]),/* "selected-attribute-types" */ &(nid_objs[105]),/* "serialNumber" */ @@ -2432,6 +2793,7 @@ static ASN1_OBJECT *sn_objs[NUM_SN]={ &(nid_objs[387]),/* "snmpv2" */ &(nid_objs[660]),/* "streetAddress" */ &(nid_objs[85]),/* "subjectAltName" */ +&(nid_objs[769]),/* "subjectDirectoryAttributes" */ &(nid_objs[398]),/* "subjectInfoAccess" */ &(nid_objs[82]),/* "subjectKeyIdentifier" */ &(nid_objs[498]),/* "subtreeMaximumQuality" */ @@ -2441,12 +2803,26 @@ static ASN1_OBJECT *sn_objs[NUM_SN]={ &(nid_objs[293]),/* "textNotice" */ &(nid_objs[133]),/* "timeStamping" */ &(nid_objs[106]),/* "title" */ +&(nid_objs[682]),/* "tpBasis" */ &(nid_objs[375]),/* "trustRoot" */ &(nid_objs[436]),/* "ucl" */ &(nid_objs[55]),/* "unstructuredAddress" */ &(nid_objs[49]),/* "unstructuredName" */ &(nid_objs[465]),/* "userClass" */ &(nid_objs[373]),/* "valid" */ +&(nid_objs[678]),/* "wap" */ +&(nid_objs[679]),/* "wap-wsg" */ +&(nid_objs[735]),/* "wap-wsg-idm-ecid-wtls1" */ +&(nid_objs[743]),/* "wap-wsg-idm-ecid-wtls10" */ +&(nid_objs[744]),/* "wap-wsg-idm-ecid-wtls11" */ +&(nid_objs[745]),/* "wap-wsg-idm-ecid-wtls12" */ +&(nid_objs[736]),/* "wap-wsg-idm-ecid-wtls3" */ +&(nid_objs[737]),/* "wap-wsg-idm-ecid-wtls4" */ +&(nid_objs[738]),/* "wap-wsg-idm-ecid-wtls5" */ +&(nid_objs[739]),/* "wap-wsg-idm-ecid-wtls6" */ +&(nid_objs[740]),/* "wap-wsg-idm-ecid-wtls7" */ +&(nid_objs[741]),/* "wap-wsg-idm-ecid-wtls8" */ +&(nid_objs[742]),/* "wap-wsg-idm-ecid-wtls9" */ &(nid_objs[503]),/* "x500UniqueIdentifier" */ &(nid_objs[158]),/* "x509Certificate" */ &(nid_objs[160]),/* "x509Crl" */ @@ -2461,7 +2837,9 @@ static ASN1_OBJECT *ln_objs[NUM_LN]={ &(nid_objs[365]),/* "Basic OCSP Response" */ &(nid_objs[285]),/* "Biometric Info" */ &(nid_objs[179]),/* "CA Issuers" */ +&(nid_objs[785]),/* "CA Repository" */ &(nid_objs[131]),/* "Code Signing" */ +&(nid_objs[783]),/* "Diffie-Hellman based MAC" */ &(nid_objs[382]),/* "Directory" */ &(nid_objs[392]),/* "Domain" */ &(nid_objs[132]),/* "E-mail Protection" */ @@ -2481,6 +2859,7 @@ static ASN1_OBJECT *ln_objs[NUM_LN]={ &(nid_objs[183]),/* "ISO US Member Body" */ &(nid_objs[667]),/* "Independent" */ &(nid_objs[665]),/* "Inherit all" */ +&(nid_objs[647]),/* "International Organizations" */ &(nid_objs[142]),/* "Invalidity Date" */ &(nid_objs[504]),/* "MIME MHS" */ &(nid_objs[388]),/* "Mail" */ @@ -2494,6 +2873,8 @@ static ASN1_OBJECT *ln_objs[NUM_LN]={ &(nid_objs[648]),/* "Microsoft Smartcardlogin" */ &(nid_objs[136]),/* "Microsoft Trust List Signing" */ &(nid_objs[649]),/* "Microsoft Universal Principal Name" */ +&(nid_objs[393]),/* "NULL" */ +&(nid_objs[404]),/* "NULL" */ &(nid_objs[72]),/* "Netscape Base Url" */ &(nid_objs[76]),/* "Netscape CA Policy Url" */ &(nid_objs[74]),/* "Netscape CA Revocation Url" */ @@ -2538,21 +2919,27 @@ static ASN1_OBJECT *ln_objs[NUM_LN]={ &(nid_objs[375]),/* "Trust Root" */ &(nid_objs[12]),/* "X509" */ &(nid_objs[402]),/* "X509v3 AC Targeting" */ +&(nid_objs[746]),/* "X509v3 Any Policy" */ &(nid_objs[90]),/* "X509v3 Authority Key Identifier" */ &(nid_objs[87]),/* "X509v3 Basic Constraints" */ &(nid_objs[103]),/* "X509v3 CRL Distribution Points" */ &(nid_objs[88]),/* "X509v3 CRL Number" */ &(nid_objs[141]),/* "X509v3 CRL Reason Code" */ +&(nid_objs[771]),/* "X509v3 Certificate Issuer" */ &(nid_objs[89]),/* "X509v3 Certificate Policies" */ &(nid_objs[140]),/* "X509v3 Delta CRL Indicator" */ &(nid_objs[126]),/* "X509v3 Extended Key Usage" */ +&(nid_objs[748]),/* "X509v3 Inhibit Any Policy" */ &(nid_objs[86]),/* "X509v3 Issuer Alternative Name" */ +&(nid_objs[770]),/* "X509v3 Issuing Distrubution Point" */ &(nid_objs[83]),/* "X509v3 Key Usage" */ &(nid_objs[666]),/* "X509v3 Name Constraints" */ &(nid_objs[403]),/* "X509v3 No Revocation Available" */ &(nid_objs[401]),/* "X509v3 Policy Constraints" */ +&(nid_objs[747]),/* "X509v3 Policy Mappings" */ &(nid_objs[84]),/* "X509v3 Private Key Usage Period" */ &(nid_objs[85]),/* "X509v3 Subject Alternative Name" */ +&(nid_objs[769]),/* "X509v3 Subject Directory Attributes" */ &(nid_objs[82]),/* "X509v3 Subject Key Identifier" */ &(nid_objs[184]),/* "X9.57" */ &(nid_objs[185]),/* "X9.57 CM ?" */ @@ -2591,14 +2978,52 @@ static ASN1_OBJECT *ln_objs[NUM_LN]={ &(nid_objs[92]),/* "bf-ecb" */ &(nid_objs[94]),/* "bf-ofb" */ &(nid_objs[494]),/* "buildingName" */ +&(nid_objs[691]),/* "c2onb191v4" */ +&(nid_objs[692]),/* "c2onb191v5" */ +&(nid_objs[697]),/* "c2onb239v4" */ +&(nid_objs[698]),/* "c2onb239v5" */ +&(nid_objs[684]),/* "c2pnb163v1" */ +&(nid_objs[685]),/* "c2pnb163v2" */ +&(nid_objs[686]),/* "c2pnb163v3" */ +&(nid_objs[687]),/* "c2pnb176v1" */ +&(nid_objs[693]),/* "c2pnb208w1" */ +&(nid_objs[699]),/* "c2pnb272w1" */ +&(nid_objs[700]),/* "c2pnb304w1" */ +&(nid_objs[702]),/* "c2pnb368w1" */ +&(nid_objs[688]),/* "c2tnb191v1" */ +&(nid_objs[689]),/* "c2tnb191v2" */ +&(nid_objs[690]),/* "c2tnb191v3" */ +&(nid_objs[694]),/* "c2tnb239v1" */ +&(nid_objs[695]),/* "c2tnb239v2" */ +&(nid_objs[696]),/* "c2tnb239v3" */ +&(nid_objs[701]),/* "c2tnb359v1" */ +&(nid_objs[703]),/* "c2tnb431r1" */ &(nid_objs[483]),/* "cNAMERecord" */ +&(nid_objs[751]),/* "camellia-128-cbc" */ +&(nid_objs[757]),/* "camellia-128-cfb" */ +&(nid_objs[760]),/* "camellia-128-cfb1" */ +&(nid_objs[763]),/* "camellia-128-cfb8" */ +&(nid_objs[754]),/* "camellia-128-ecb" */ +&(nid_objs[766]),/* "camellia-128-ofb" */ +&(nid_objs[752]),/* "camellia-192-cbc" */ +&(nid_objs[758]),/* "camellia-192-cfb" */ +&(nid_objs[761]),/* "camellia-192-cfb1" */ +&(nid_objs[764]),/* "camellia-192-cfb8" */ +&(nid_objs[755]),/* "camellia-192-ecb" */ +&(nid_objs[767]),/* "camellia-192-ofb" */ +&(nid_objs[753]),/* "camellia-256-cbc" */ +&(nid_objs[759]),/* "camellia-256-cfb" */ +&(nid_objs[762]),/* "camellia-256-cfb1" */ +&(nid_objs[765]),/* "camellia-256-cfb8" */ +&(nid_objs[756]),/* "camellia-256-ecb" */ +&(nid_objs[768]),/* "camellia-256-ofb" */ &(nid_objs[443]),/* "caseIgnoreIA5StringSyntax" */ &(nid_objs[108]),/* "cast5-cbc" */ &(nid_objs[110]),/* "cast5-cfb" */ &(nid_objs[109]),/* "cast5-ecb" */ &(nid_objs[111]),/* "cast5-ofb" */ -&(nid_objs[404]),/* "ccitt" */ &(nid_objs[152]),/* "certBag" */ +&(nid_objs[677]),/* "certicom-arc" */ &(nid_objs[517]),/* "certificate extensions" */ &(nid_objs[54]),/* "challengePassword" */ &(nid_objs[407]),/* "characteristic-two-field" */ @@ -2667,6 +3092,8 @@ static ASN1_OBJECT *ln_objs[NUM_LN]={ &(nid_objs[509]),/* "generationQualifier" */ &(nid_objs[601]),/* "generic cryptogram" */ &(nid_objs[99]),/* "givenName" */ +&(nid_objs[780]),/* "hmac-md5" */ +&(nid_objs[781]),/* "hmac-sha1" */ &(nid_objs[163]),/* "hmacWithSHA1" */ &(nid_objs[486]),/* "homePostalAddress" */ &(nid_objs[473]),/* "homeTelephoneNumber" */ @@ -2681,6 +3108,9 @@ static ASN1_OBJECT *ln_objs[NUM_LN]={ &(nid_objs[357]),/* "id-aca-group" */ &(nid_objs[358]),/* "id-aca-role" */ &(nid_objs[176]),/* "id-ad" */ +&(nid_objs[788]),/* "id-aes128-wrap" */ +&(nid_objs[789]),/* "id-aes192-wrap" */ +&(nid_objs[790]),/* "id-aes256-wrap" */ &(nid_objs[262]),/* "id-alg" */ &(nid_objs[323]),/* "id-alg-des40" */ &(nid_objs[326]),/* "id-alg-dh-pop" */ @@ -2691,6 +3121,7 @@ static ASN1_OBJECT *ln_objs[NUM_LN]={ &(nid_objs[362]),/* "id-cct-PKIResponse" */ &(nid_objs[360]),/* "id-cct-crs" */ &(nid_objs[81]),/* "id-ce" */ +&(nid_objs[680]),/* "id-characteristic-two-basis" */ &(nid_objs[263]),/* "id-cmc" */ &(nid_objs[334]),/* "id-cmc-addExtensions" */ &(nid_objs[346]),/* "id-cmc-confirmCertAcceptance" */ @@ -2712,6 +3143,7 @@ static ASN1_OBJECT *ln_objs[NUM_LN]={ &(nid_objs[332]),/* "id-cmc-senderNonce" */ &(nid_objs[327]),/* "id-cmc-statusInfo" */ &(nid_objs[331]),/* "id-cmc-transactionId" */ +&(nid_objs[787]),/* "id-ct-asciiTextWithCRLF" */ &(nid_objs[408]),/* "id-ecPublicKey" */ &(nid_objs[508]),/* "id-hex-multipart-message" */ &(nid_objs[507]),/* "id-hex-partial-message" */ @@ -2730,6 +3162,7 @@ static ASN1_OBJECT *ln_objs[NUM_LN]={ &(nid_objs[299]),/* "id-it-signKeyPairTypes" */ &(nid_objs[305]),/* "id-it-subscriptionRequest" */ &(nid_objs[306]),/* "id-it-subscriptionResponse" */ +&(nid_objs[784]),/* "id-it-suppLangTags" */ &(nid_objs[304]),/* "id-it-unsupportedOIDs" */ &(nid_objs[128]),/* "id-kp" */ &(nid_objs[280]),/* "id-mod-attribute-cert" */ @@ -2819,6 +3252,7 @@ static ASN1_OBJECT *ln_objs[NUM_LN]={ &(nid_objs[208]),/* "id-smime-ct-TDTInfo" */ &(nid_objs[207]),/* "id-smime-ct-TSTInfo" */ &(nid_objs[205]),/* "id-smime-ct-authData" */ +&(nid_objs[786]),/* "id-smime-ct-compressedData" */ &(nid_objs[209]),/* "id-smime-ct-contentInfo" */ &(nid_objs[206]),/* "id-smime-ct-publishCert" */ &(nid_objs[204]),/* "id-smime-ct-receipt" */ @@ -2845,13 +3279,18 @@ static ASN1_OBJECT *ln_objs[NUM_LN]={ &(nid_objs[35]),/* "idea-cfb" */ &(nid_objs[36]),/* "idea-ecb" */ &(nid_objs[46]),/* "idea-ofb" */ +&(nid_objs[676]),/* "identified-organization" */ &(nid_objs[461]),/* "info" */ &(nid_objs[101]),/* "initials" */ +&(nid_objs[749]),/* "ipsec3" */ +&(nid_objs[750]),/* "ipsec4" */ &(nid_objs[181]),/* "iso" */ &(nid_objs[623]),/* "issuer capabilities" */ +&(nid_objs[645]),/* "itu-t" */ &(nid_objs[492]),/* "janetMailbox" */ -&(nid_objs[393]),/* "joint-iso-ccitt" */ +&(nid_objs[646]),/* "joint-iso-itu-t" */ &(nid_objs[150]),/* "keyBag" */ +&(nid_objs[773]),/* "kisa" */ &(nid_objs[477]),/* "lastModifiedBy" */ &(nid_objs[476]),/* "lastModifiedTime" */ &(nid_objs[157]),/* "localKeyID" */ @@ -2877,12 +3316,14 @@ static ASN1_OBJECT *ln_objs[NUM_LN]={ &(nid_objs[488]),/* "mobileTelephoneNumber" */ &(nid_objs[481]),/* "nSRecord" */ &(nid_objs[173]),/* "name" */ +&(nid_objs[681]),/* "onBasis" */ &(nid_objs[379]),/* "org" */ &(nid_objs[17]),/* "organizationName" */ &(nid_objs[491]),/* "organizationalStatus" */ &(nid_objs[18]),/* "organizationalUnitName" */ &(nid_objs[475]),/* "otherMailbox" */ &(nid_objs[489]),/* "pagerTelephoneNumber" */ +&(nid_objs[782]),/* "password based MAC" */ &(nid_objs[374]),/* "path" */ &(nid_objs[621]),/* "payment gateway capabilities" */ &(nid_objs[ 9]),/* "pbeWithMD2AndDES-CBC" */ @@ -2924,6 +3365,7 @@ static ASN1_OBJECT *ln_objs[NUM_LN]={ &(nid_objs[151]),/* "pkcs8ShroudedKeyBag" */ &(nid_objs[47]),/* "pkcs9" */ &(nid_objs[661]),/* "postalCode" */ +&(nid_objs[683]),/* "ppBasis" */ &(nid_objs[406]),/* "prime-field" */ &(nid_objs[409]),/* "prime192v1" */ &(nid_objs[410]),/* "prime192v2" */ @@ -2966,9 +3408,44 @@ static ASN1_OBJECT *ln_objs[NUM_LN]={ &(nid_objs[290]),/* "sbgp-ipAddrBlock" */ &(nid_objs[292]),/* "sbgp-routerIdentifier" */ &(nid_objs[159]),/* "sdsiCertificate" */ +&(nid_objs[704]),/* "secp112r1" */ +&(nid_objs[705]),/* "secp112r2" */ +&(nid_objs[706]),/* "secp128r1" */ +&(nid_objs[707]),/* "secp128r2" */ +&(nid_objs[708]),/* "secp160k1" */ +&(nid_objs[709]),/* "secp160r1" */ +&(nid_objs[710]),/* "secp160r2" */ +&(nid_objs[711]),/* "secp192k1" */ +&(nid_objs[712]),/* "secp224k1" */ +&(nid_objs[713]),/* "secp224r1" */ +&(nid_objs[714]),/* "secp256k1" */ +&(nid_objs[715]),/* "secp384r1" */ +&(nid_objs[716]),/* "secp521r1" */ &(nid_objs[154]),/* "secretBag" */ &(nid_objs[474]),/* "secretary" */ +&(nid_objs[717]),/* "sect113r1" */ +&(nid_objs[718]),/* "sect113r2" */ +&(nid_objs[719]),/* "sect131r1" */ +&(nid_objs[720]),/* "sect131r2" */ +&(nid_objs[721]),/* "sect163k1" */ +&(nid_objs[722]),/* "sect163r1" */ +&(nid_objs[723]),/* "sect163r2" */ +&(nid_objs[724]),/* "sect193r1" */ +&(nid_objs[725]),/* "sect193r2" */ +&(nid_objs[726]),/* "sect233k1" */ +&(nid_objs[727]),/* "sect233r1" */ +&(nid_objs[728]),/* "sect239k1" */ +&(nid_objs[729]),/* "sect283k1" */ +&(nid_objs[730]),/* "sect283r1" */ +&(nid_objs[731]),/* "sect409k1" */ +&(nid_objs[732]),/* "sect409r1" */ +&(nid_objs[733]),/* "sect571k1" */ +&(nid_objs[734]),/* "sect571r1" */ &(nid_objs[635]),/* "secure device signature" */ +&(nid_objs[777]),/* "seed-cbc" */ +&(nid_objs[779]),/* "seed-cfb" */ +&(nid_objs[776]),/* "seed-ecb" */ +&(nid_objs[778]),/* "seed-ofb" */ &(nid_objs[105]),/* "serialNumber" */ &(nid_objs[625]),/* "set-addPolicy" */ &(nid_objs[515]),/* "set-attr" */ @@ -3111,6 +3588,7 @@ static ASN1_OBJECT *ln_objs[NUM_LN]={ &(nid_objs[459]),/* "textEncodedORAddress" */ &(nid_objs[293]),/* "textNotice" */ &(nid_objs[106]),/* "title" */ +&(nid_objs[682]),/* "tpBasis" */ &(nid_objs[436]),/* "ucl" */ &(nid_objs[ 0]),/* "undefined" */ &(nid_objs[55]),/* "unstructuredAddress" */ @@ -3118,6 +3596,19 @@ static ASN1_OBJECT *ln_objs[NUM_LN]={ &(nid_objs[465]),/* "userClass" */ &(nid_objs[458]),/* "userId" */ &(nid_objs[373]),/* "valid" */ +&(nid_objs[678]),/* "wap" */ +&(nid_objs[679]),/* "wap-wsg" */ +&(nid_objs[735]),/* "wap-wsg-idm-ecid-wtls1" */ +&(nid_objs[743]),/* "wap-wsg-idm-ecid-wtls10" */ +&(nid_objs[744]),/* "wap-wsg-idm-ecid-wtls11" */ +&(nid_objs[745]),/* "wap-wsg-idm-ecid-wtls12" */ +&(nid_objs[736]),/* "wap-wsg-idm-ecid-wtls3" */ +&(nid_objs[737]),/* "wap-wsg-idm-ecid-wtls4" */ +&(nid_objs[738]),/* "wap-wsg-idm-ecid-wtls5" */ +&(nid_objs[739]),/* "wap-wsg-idm-ecid-wtls6" */ +&(nid_objs[740]),/* "wap-wsg-idm-ecid-wtls7" */ +&(nid_objs[741]),/* "wap-wsg-idm-ecid-wtls8" */ +&(nid_objs[742]),/* "wap-wsg-idm-ecid-wtls9" */ &(nid_objs[503]),/* "x500UniqueIdentifier" */ &(nid_objs[158]),/* "x509Certificate" */ &(nid_objs[160]),/* "x509Crl" */ @@ -3126,21 +3617,27 @@ static ASN1_OBJECT *ln_objs[NUM_LN]={ static ASN1_OBJECT *obj_objs[NUM_OBJ]={ &(nid_objs[ 0]),/* OBJ_undef 0 */ -&(nid_objs[404]),/* OBJ_ccitt 0 */ +&(nid_objs[393]),/* OBJ_joint_iso_ccitt OBJ_joint_iso_itu_t */ +&(nid_objs[404]),/* OBJ_ccitt OBJ_itu_t */ +&(nid_objs[645]),/* OBJ_itu_t 0 */ &(nid_objs[434]),/* OBJ_data 0 9 */ &(nid_objs[181]),/* OBJ_iso 1 */ &(nid_objs[182]),/* OBJ_member_body 1 2 */ &(nid_objs[379]),/* OBJ_org 1 3 */ -&(nid_objs[393]),/* OBJ_joint_iso_ccitt 2 */ +&(nid_objs[676]),/* OBJ_identified_organization 1 3 */ +&(nid_objs[646]),/* OBJ_joint_iso_itu_t 2 */ &(nid_objs[11]),/* OBJ_X500 2 5 */ +&(nid_objs[647]),/* OBJ_international_organizations 2 23 */ &(nid_objs[380]),/* OBJ_dod 1 3 6 */ &(nid_objs[12]),/* OBJ_X509 2 5 4 */ &(nid_objs[378]),/* OBJ_X500algorithms 2 5 8 */ &(nid_objs[81]),/* OBJ_id_ce 2 5 29 */ &(nid_objs[512]),/* OBJ_id_set 2 23 42 */ +&(nid_objs[678]),/* OBJ_wap 2 23 43 */ &(nid_objs[435]),/* OBJ_pss 0 9 2342 */ &(nid_objs[183]),/* OBJ_ISO_US 1 2 840 */ &(nid_objs[381]),/* OBJ_iana 1 3 6 1 */ +&(nid_objs[677]),/* OBJ_certicom_arc 1 3 132 */ &(nid_objs[394]),/* OBJ_selected_attribute_types 2 5 1 5 */ &(nid_objs[13]),/* OBJ_commonName 2 5 4 3 */ &(nid_objs[100]),/* OBJ_surname 2 5 4 4 */ @@ -3162,6 +3659,7 @@ static ASN1_OBJECT *obj_objs[NUM_OBJ]={ &(nid_objs[174]),/* OBJ_dnQualifier 2 5 4 46 */ &(nid_objs[510]),/* OBJ_pseudonym 2 5 4 65 */ &(nid_objs[400]),/* OBJ_role 2 5 4 72 */ +&(nid_objs[769]),/* OBJ_subject_directory_attributes 2 5 29 9 */ &(nid_objs[82]),/* OBJ_subject_key_identifier 2 5 29 14 */ &(nid_objs[83]),/* OBJ_key_usage 2 5 29 15 */ &(nid_objs[84]),/* OBJ_private_key_usage_period 2 5 29 16 */ @@ -3173,12 +3671,16 @@ static ASN1_OBJECT *obj_objs[NUM_OBJ]={ &(nid_objs[430]),/* OBJ_hold_instruction_code 2 5 29 23 */ &(nid_objs[142]),/* OBJ_invalidity_date 2 5 29 24 */ &(nid_objs[140]),/* OBJ_delta_crl 2 5 29 27 */ +&(nid_objs[770]),/* OBJ_issuing_distribution_point 2 5 29 28 */ +&(nid_objs[771]),/* OBJ_certificate_issuer 2 5 29 29 */ &(nid_objs[666]),/* OBJ_name_constraints 2 5 29 30 */ &(nid_objs[103]),/* OBJ_crl_distribution_points 2 5 29 31 */ &(nid_objs[89]),/* OBJ_certificate_policies 2 5 29 32 */ +&(nid_objs[747]),/* OBJ_policy_mappings 2 5 29 33 */ &(nid_objs[90]),/* OBJ_authority_key_identifier 2 5 29 35 */ &(nid_objs[401]),/* OBJ_policy_constraints 2 5 29 36 */ &(nid_objs[126]),/* OBJ_ext_key_usage 2 5 29 37 */ +&(nid_objs[748]),/* OBJ_inhibit_any_policy 2 5 29 54 */ &(nid_objs[402]),/* OBJ_target_information 2 5 29 55 */ &(nid_objs[403]),/* OBJ_no_rev_avail 2 5 29 56 */ &(nid_objs[513]),/* OBJ_set_ctype 2 23 42 0 */ @@ -3187,6 +3689,7 @@ static ASN1_OBJECT *obj_objs[NUM_OBJ]={ &(nid_objs[516]),/* OBJ_set_policy 2 23 42 5 */ &(nid_objs[517]),/* OBJ_set_certExt 2 23 42 7 */ &(nid_objs[518]),/* OBJ_set_brand 2 23 42 8 */ +&(nid_objs[679]),/* OBJ_wap_wsg 2 23 43 13 */ &(nid_objs[382]),/* OBJ_Directory 1 3 6 1 1 */ &(nid_objs[383]),/* OBJ_Management 1 3 6 1 2 */ &(nid_objs[384]),/* OBJ_Experimental 1 3 6 1 3 */ @@ -3199,6 +3702,7 @@ static ASN1_OBJECT *obj_objs[NUM_OBJ]={ &(nid_objs[19]),/* OBJ_rsa 2 5 8 1 1 */ &(nid_objs[96]),/* OBJ_mdc2WithRSA 2 5 8 3 100 */ &(nid_objs[95]),/* OBJ_mdc2 2 5 8 3 101 */ +&(nid_objs[746]),/* OBJ_any_policy 2 5 29 32 0 */ &(nid_objs[519]),/* OBJ_setct_PANData 2 23 42 0 0 */ &(nid_objs[520]),/* OBJ_setct_PANToken 2 23 42 0 1 */ &(nid_objs[521]),/* OBJ_setct_PANOnly 2 23 42 0 2 */ @@ -3330,6 +3834,37 @@ static ASN1_OBJECT *obj_objs[NUM_OBJ]={ &(nid_objs[115]),/* OBJ_sha1WithRSA 1 3 14 3 2 29 */ &(nid_objs[117]),/* OBJ_ripemd160 1 3 36 3 2 1 */ &(nid_objs[143]),/* OBJ_sxnet 1 3 101 1 4 1 */ +&(nid_objs[721]),/* OBJ_sect163k1 1 3 132 0 1 */ +&(nid_objs[722]),/* OBJ_sect163r1 1 3 132 0 2 */ +&(nid_objs[728]),/* OBJ_sect239k1 1 3 132 0 3 */ +&(nid_objs[717]),/* OBJ_sect113r1 1 3 132 0 4 */ +&(nid_objs[718]),/* OBJ_sect113r2 1 3 132 0 5 */ +&(nid_objs[704]),/* OBJ_secp112r1 1 3 132 0 6 */ +&(nid_objs[705]),/* OBJ_secp112r2 1 3 132 0 7 */ +&(nid_objs[709]),/* OBJ_secp160r1 1 3 132 0 8 */ +&(nid_objs[708]),/* OBJ_secp160k1 1 3 132 0 9 */ +&(nid_objs[714]),/* OBJ_secp256k1 1 3 132 0 10 */ +&(nid_objs[723]),/* OBJ_sect163r2 1 3 132 0 15 */ +&(nid_objs[729]),/* OBJ_sect283k1 1 3 132 0 16 */ +&(nid_objs[730]),/* OBJ_sect283r1 1 3 132 0 17 */ +&(nid_objs[719]),/* OBJ_sect131r1 1 3 132 0 22 */ +&(nid_objs[720]),/* OBJ_sect131r2 1 3 132 0 23 */ +&(nid_objs[724]),/* OBJ_sect193r1 1 3 132 0 24 */ +&(nid_objs[725]),/* OBJ_sect193r2 1 3 132 0 25 */ +&(nid_objs[726]),/* OBJ_sect233k1 1 3 132 0 26 */ +&(nid_objs[727]),/* OBJ_sect233r1 1 3 132 0 27 */ +&(nid_objs[706]),/* OBJ_secp128r1 1 3 132 0 28 */ +&(nid_objs[707]),/* OBJ_secp128r2 1 3 132 0 29 */ +&(nid_objs[710]),/* OBJ_secp160r2 1 3 132 0 30 */ +&(nid_objs[711]),/* OBJ_secp192k1 1 3 132 0 31 */ +&(nid_objs[712]),/* OBJ_secp224k1 1 3 132 0 32 */ +&(nid_objs[713]),/* OBJ_secp224r1 1 3 132 0 33 */ +&(nid_objs[715]),/* OBJ_secp384r1 1 3 132 0 34 */ +&(nid_objs[716]),/* OBJ_secp521r1 1 3 132 0 35 */ +&(nid_objs[731]),/* OBJ_sect409k1 1 3 132 0 36 */ +&(nid_objs[732]),/* OBJ_sect409r1 1 3 132 0 37 */ +&(nid_objs[733]),/* OBJ_sect571k1 1 3 132 0 38 */ +&(nid_objs[734]),/* OBJ_sect571r1 1 3 132 0 39 */ &(nid_objs[624]),/* OBJ_set_rootKeyThumb 2 23 42 3 0 0 */ &(nid_objs[625]),/* OBJ_set_addPolicy 2 23 42 3 0 1 */ &(nid_objs[626]),/* OBJ_setAttr_Token_EMV 2 23 42 3 2 1 */ @@ -3338,8 +3873,19 @@ static ASN1_OBJECT *obj_objs[NUM_OBJ]={ &(nid_objs[629]),/* OBJ_setAttr_IssCap_T2 2 23 42 3 3 4 */ &(nid_objs[630]),/* OBJ_setAttr_IssCap_Sig 2 23 42 3 3 5 */ &(nid_objs[642]),/* OBJ_set_brand_Novus 2 23 42 8 6011 */ +&(nid_objs[735]),/* OBJ_wap_wsg_idm_ecid_wtls1 2 23 43 13 4 1 */ +&(nid_objs[736]),/* OBJ_wap_wsg_idm_ecid_wtls3 2 23 43 13 4 3 */ +&(nid_objs[737]),/* OBJ_wap_wsg_idm_ecid_wtls4 2 23 43 13 4 4 */ +&(nid_objs[738]),/* OBJ_wap_wsg_idm_ecid_wtls5 2 23 43 13 4 5 */ +&(nid_objs[739]),/* OBJ_wap_wsg_idm_ecid_wtls6 2 23 43 13 4 6 */ +&(nid_objs[740]),/* OBJ_wap_wsg_idm_ecid_wtls7 2 23 43 13 4 7 */ +&(nid_objs[741]),/* OBJ_wap_wsg_idm_ecid_wtls8 2 23 43 13 4 8 */ +&(nid_objs[742]),/* OBJ_wap_wsg_idm_ecid_wtls9 2 23 43 13 4 9 */ +&(nid_objs[743]),/* OBJ_wap_wsg_idm_ecid_wtls10 2 23 43 13 4 10 */ +&(nid_objs[744]),/* OBJ_wap_wsg_idm_ecid_wtls11 2 23 43 13 4 11 */ +&(nid_objs[745]),/* OBJ_wap_wsg_idm_ecid_wtls12 2 23 43 13 4 12 */ &(nid_objs[124]),/* OBJ_rle_compression 1 1 1 1 666 1 */ -&(nid_objs[125]),/* OBJ_zlib_compression 1 1 1 1 666 2 */ +&(nid_objs[773]),/* OBJ_kisa 1 2 410 200004 */ &(nid_objs[ 1]),/* OBJ_rsadsi 1 2 840 113549 */ &(nid_objs[185]),/* OBJ_X9cm 1 2 840 10040 4 */ &(nid_objs[127]),/* OBJ_id_pkix 1 3 6 1 5 5 7 */ @@ -3380,7 +3926,20 @@ static ASN1_OBJECT *obj_objs[NUM_OBJ]={ &(nid_objs[507]),/* OBJ_id_hex_partial_message 1 3 6 1 7 1 1 1 */ &(nid_objs[508]),/* OBJ_id_hex_multipart_message 1 3 6 1 7 1 1 2 */ &(nid_objs[57]),/* OBJ_netscape 2 16 840 1 113730 */ +&(nid_objs[754]),/* OBJ_camellia_128_ecb 0 3 4401 5 3 1 9 1 */ +&(nid_objs[766]),/* OBJ_camellia_128_ofb128 0 3 4401 5 3 1 9 3 */ +&(nid_objs[757]),/* OBJ_camellia_128_cfb128 0 3 4401 5 3 1 9 4 */ +&(nid_objs[755]),/* OBJ_camellia_192_ecb 0 3 4401 5 3 1 9 21 */ +&(nid_objs[767]),/* OBJ_camellia_192_ofb128 0 3 4401 5 3 1 9 23 */ +&(nid_objs[758]),/* OBJ_camellia_192_cfb128 0 3 4401 5 3 1 9 24 */ +&(nid_objs[756]),/* OBJ_camellia_256_ecb 0 3 4401 5 3 1 9 41 */ +&(nid_objs[768]),/* OBJ_camellia_256_ofb128 0 3 4401 5 3 1 9 43 */ +&(nid_objs[759]),/* OBJ_camellia_256_cfb128 0 3 4401 5 3 1 9 44 */ &(nid_objs[437]),/* OBJ_pilot 0 9 2342 19200300 100 */ +&(nid_objs[776]),/* OBJ_seed_ecb 1 2 410 200004 1 3 */ +&(nid_objs[777]),/* OBJ_seed_cbc 1 2 410 200004 1 4 */ +&(nid_objs[779]),/* OBJ_seed_cfb128 1 2 410 200004 1 5 */ +&(nid_objs[778]),/* OBJ_seed_ofb128 1 2 410 200004 1 6 */ &(nid_objs[186]),/* OBJ_pkcs1 1 2 840 113549 1 1 */ &(nid_objs[27]),/* OBJ_pkcs3 1 2 840 113549 1 3 */ &(nid_objs[187]),/* OBJ_pkcs5 1 2 840 113549 1 5 */ @@ -3395,6 +3954,27 @@ static ASN1_OBJECT *obj_objs[NUM_OBJ]={ &(nid_objs[44]),/* OBJ_des_ede3_cbc 1 2 840 113549 3 7 */ &(nid_objs[120]),/* OBJ_rc5_cbc 1 2 840 113549 3 8 */ &(nid_objs[643]),/* OBJ_des_cdmf 1 2 840 113549 3 10 */ +&(nid_objs[680]),/* OBJ_X9_62_id_characteristic_two_basis 1 2 840 10045 1 2 3 */ +&(nid_objs[684]),/* OBJ_X9_62_c2pnb163v1 1 2 840 10045 3 0 1 */ +&(nid_objs[685]),/* OBJ_X9_62_c2pnb163v2 1 2 840 10045 3 0 2 */ +&(nid_objs[686]),/* OBJ_X9_62_c2pnb163v3 1 2 840 10045 3 0 3 */ +&(nid_objs[687]),/* OBJ_X9_62_c2pnb176v1 1 2 840 10045 3 0 4 */ +&(nid_objs[688]),/* OBJ_X9_62_c2tnb191v1 1 2 840 10045 3 0 5 */ +&(nid_objs[689]),/* OBJ_X9_62_c2tnb191v2 1 2 840 10045 3 0 6 */ +&(nid_objs[690]),/* OBJ_X9_62_c2tnb191v3 1 2 840 10045 3 0 7 */ +&(nid_objs[691]),/* OBJ_X9_62_c2onb191v4 1 2 840 10045 3 0 8 */ +&(nid_objs[692]),/* OBJ_X9_62_c2onb191v5 1 2 840 10045 3 0 9 */ +&(nid_objs[693]),/* OBJ_X9_62_c2pnb208w1 1 2 840 10045 3 0 10 */ +&(nid_objs[694]),/* OBJ_X9_62_c2tnb239v1 1 2 840 10045 3 0 11 */ +&(nid_objs[695]),/* OBJ_X9_62_c2tnb239v2 1 2 840 10045 3 0 12 */ +&(nid_objs[696]),/* OBJ_X9_62_c2tnb239v3 1 2 840 10045 3 0 13 */ +&(nid_objs[697]),/* OBJ_X9_62_c2onb239v4 1 2 840 10045 3 0 14 */ +&(nid_objs[698]),/* OBJ_X9_62_c2onb239v5 1 2 840 10045 3 0 15 */ +&(nid_objs[699]),/* OBJ_X9_62_c2pnb272w1 1 2 840 10045 3 0 16 */ +&(nid_objs[700]),/* OBJ_X9_62_c2pnb304w1 1 2 840 10045 3 0 17 */ +&(nid_objs[701]),/* OBJ_X9_62_c2tnb359v1 1 2 840 10045 3 0 18 */ +&(nid_objs[702]),/* OBJ_X9_62_c2pnb368w1 1 2 840 10045 3 0 19 */ +&(nid_objs[703]),/* OBJ_X9_62_c2tnb431r1 1 2 840 10045 3 0 20 */ &(nid_objs[409]),/* OBJ_X9_62_prime192v1 1 2 840 10045 3 1 1 */ &(nid_objs[410]),/* OBJ_X9_62_prime192v2 1 2 840 10045 3 1 2 */ &(nid_objs[411]),/* OBJ_X9_62_prime192v3 1 2 840 10045 3 1 3 */ @@ -3458,6 +4038,7 @@ static ASN1_OBJECT *obj_objs[NUM_OBJ]={ &(nid_objs[310]),/* OBJ_id_it_implicitConfirm 1 3 6 1 5 5 7 4 13 */ &(nid_objs[311]),/* OBJ_id_it_confirmWaitTime 1 3 6 1 5 5 7 4 14 */ &(nid_objs[312]),/* OBJ_id_it_origPKIMessage 1 3 6 1 5 5 7 4 15 */ +&(nid_objs[784]),/* OBJ_id_it_suppLangTags 1 3 6 1 5 5 7 4 16 */ &(nid_objs[313]),/* OBJ_id_regCtrl 1 3 6 1 5 5 7 5 1 */ &(nid_objs[314]),/* OBJ_id_regInfo 1 3 6 1 5 5 7 5 2 */ &(nid_objs[323]),/* OBJ_id_alg_des40 1 3 6 1 5 5 7 6 1 */ @@ -3507,6 +4088,9 @@ static ASN1_OBJECT *obj_objs[NUM_OBJ]={ &(nid_objs[179]),/* OBJ_ad_ca_issuers 1 3 6 1 5 5 7 48 2 */ &(nid_objs[363]),/* OBJ_ad_timeStamping 1 3 6 1 5 5 7 48 3 */ &(nid_objs[364]),/* OBJ_ad_dvcs 1 3 6 1 5 5 7 48 4 */ +&(nid_objs[785]),/* OBJ_caRepository 1 3 6 1 5 5 7 48 5 */ +&(nid_objs[780]),/* OBJ_hmac_md5 1 3 6 1 5 5 8 1 1 */ +&(nid_objs[781]),/* OBJ_hmac_sha1 1 3 6 1 5 5 8 1 2 */ &(nid_objs[58]),/* OBJ_netscape_cert_extension 2 16 840 1 113730 1 */ &(nid_objs[59]),/* OBJ_netscape_data_type 2 16 840 1 113730 2 */ &(nid_objs[438]),/* OBJ_pilotAttributeType 0 9 2342 19200300 100 1 */ @@ -3515,6 +4099,8 @@ static ASN1_OBJECT *obj_objs[NUM_OBJ]={ &(nid_objs[441]),/* OBJ_pilotGroups 0 9 2342 19200300 100 10 */ &(nid_objs[108]),/* OBJ_cast5_cbc 1 2 840 113533 7 66 10 */ &(nid_objs[112]),/* OBJ_pbeWithMD5AndCast5_CBC 1 2 840 113533 7 66 12 */ +&(nid_objs[782]),/* OBJ_id_PasswordBasedMAC 1 2 840 113533 7 66 13 */ +&(nid_objs[783]),/* OBJ_id_DHBasedMac 1 2 840 113533 7 66 30 */ &(nid_objs[ 6]),/* OBJ_rsaEncryption 1 2 840 113549 1 1 1 */ &(nid_objs[ 7]),/* OBJ_md2WithRSAEncryption 1 2 840 113549 1 1 2 */ &(nid_objs[396]),/* OBJ_md4WithRSAEncryption 1 2 840 113549 1 1 3 */ @@ -3555,6 +4141,9 @@ static ASN1_OBJECT *obj_objs[NUM_OBJ]={ &(nid_objs[188]),/* OBJ_SMIME 1 2 840 113549 1 9 16 */ &(nid_objs[156]),/* OBJ_friendlyName 1 2 840 113549 1 9 20 */ &(nid_objs[157]),/* OBJ_localKeyID 1 2 840 113549 1 9 21 */ +&(nid_objs[681]),/* OBJ_X9_62_onBasis 1 2 840 10045 1 2 3 1 */ +&(nid_objs[682]),/* OBJ_X9_62_tpBasis 1 2 840 10045 1 2 3 2 */ +&(nid_objs[683]),/* OBJ_X9_62_ppBasis 1 2 840 10045 1 2 3 3 */ &(nid_objs[417]),/* OBJ_ms_csp_name 1 3 6 1 4 1 311 17 1 */ &(nid_objs[390]),/* OBJ_dcObject 1 3 6 1 4 1 1466 344 */ &(nid_objs[91]),/* OBJ_bf_cbc 1 3 6 1 4 1 3029 1 2 */ @@ -3581,14 +4170,17 @@ static ASN1_OBJECT *obj_objs[NUM_OBJ]={ &(nid_objs[419]),/* OBJ_aes_128_cbc 2 16 840 1 101 3 4 1 2 */ &(nid_objs[420]),/* OBJ_aes_128_ofb128 2 16 840 1 101 3 4 1 3 */ &(nid_objs[421]),/* OBJ_aes_128_cfb128 2 16 840 1 101 3 4 1 4 */ +&(nid_objs[788]),/* OBJ_id_aes128_wrap 2 16 840 1 101 3 4 1 5 */ &(nid_objs[422]),/* OBJ_aes_192_ecb 2 16 840 1 101 3 4 1 21 */ &(nid_objs[423]),/* OBJ_aes_192_cbc 2 16 840 1 101 3 4 1 22 */ &(nid_objs[424]),/* OBJ_aes_192_ofb128 2 16 840 1 101 3 4 1 23 */ &(nid_objs[425]),/* OBJ_aes_192_cfb128 2 16 840 1 101 3 4 1 24 */ +&(nid_objs[789]),/* OBJ_id_aes192_wrap 2 16 840 1 101 3 4 1 25 */ &(nid_objs[426]),/* OBJ_aes_256_ecb 2 16 840 1 101 3 4 1 41 */ &(nid_objs[427]),/* OBJ_aes_256_cbc 2 16 840 1 101 3 4 1 42 */ &(nid_objs[428]),/* OBJ_aes_256_ofb128 2 16 840 1 101 3 4 1 43 */ &(nid_objs[429]),/* OBJ_aes_256_cfb128 2 16 840 1 101 3 4 1 44 */ +&(nid_objs[790]),/* OBJ_id_aes256_wrap 2 16 840 1 101 3 4 1 45 */ &(nid_objs[672]),/* OBJ_sha256 2 16 840 1 101 3 4 2 1 */ &(nid_objs[673]),/* OBJ_sha384 2 16 840 1 101 3 4 2 2 */ &(nid_objs[674]),/* OBJ_sha512 2 16 840 1 101 3 4 2 3 */ @@ -3690,6 +4282,9 @@ static ASN1_OBJECT *obj_objs[NUM_OBJ]={ &(nid_objs[138]),/* OBJ_ms_efs 1 3 6 1 4 1 311 10 3 4 */ &(nid_objs[648]),/* OBJ_ms_smartcard_login 1 3 6 1 4 1 311 20 2 2 */ &(nid_objs[649]),/* OBJ_ms_upn 1 3 6 1 4 1 311 20 2 3 */ +&(nid_objs[751]),/* OBJ_camellia_128_cbc 1 2 392 200011 61 1 1 1 2 */ +&(nid_objs[752]),/* OBJ_camellia_192_cbc 1 2 392 200011 61 1 1 1 3 */ +&(nid_objs[753]),/* OBJ_camellia_256_cbc 1 2 392 200011 61 1 1 1 4 */ &(nid_objs[196]),/* OBJ_id_smime_mod_cms 1 2 840 113549 1 9 16 0 1 */ &(nid_objs[197]),/* OBJ_id_smime_mod_ess 1 2 840 113549 1 9 16 0 2 */ &(nid_objs[198]),/* OBJ_id_smime_mod_oid 1 2 840 113549 1 9 16 0 3 */ @@ -3706,6 +4301,8 @@ static ASN1_OBJECT *obj_objs[NUM_OBJ]={ &(nid_objs[209]),/* OBJ_id_smime_ct_contentInfo 1 2 840 113549 1 9 16 1 6 */ &(nid_objs[210]),/* OBJ_id_smime_ct_DVCSRequestData 1 2 840 113549 1 9 16 1 7 */ &(nid_objs[211]),/* OBJ_id_smime_ct_DVCSResponseData 1 2 840 113549 1 9 16 1 8 */ +&(nid_objs[786]),/* OBJ_id_smime_ct_compressedData 1 2 840 113549 1 9 16 1 9 */ +&(nid_objs[787]),/* OBJ_id_ct_asciiTextWithCRLF 1 2 840 113549 1 9 16 1 27 */ &(nid_objs[212]),/* OBJ_id_smime_aa_receiptRequest 1 2 840 113549 1 9 16 2 1 */ &(nid_objs[213]),/* OBJ_id_smime_aa_securityLabel 1 2 840 113549 1 9 16 2 2 */ &(nid_objs[214]),/* OBJ_id_smime_aa_mlExpandHistory 1 2 840 113549 1 9 16 2 3 */ @@ -3742,6 +4339,7 @@ static ASN1_OBJECT *obj_objs[NUM_OBJ]={ &(nid_objs[245]),/* OBJ_id_smime_alg_ESDH 1 2 840 113549 1 9 16 3 5 */ &(nid_objs[246]),/* OBJ_id_smime_alg_CMS3DESwrap 1 2 840 113549 1 9 16 3 6 */ &(nid_objs[247]),/* OBJ_id_smime_alg_CMSRC2wrap 1 2 840 113549 1 9 16 3 7 */ +&(nid_objs[125]),/* OBJ_zlib_compression 1 2 840 113549 1 9 16 3 8 */ &(nid_objs[248]),/* OBJ_id_smime_cd_ldap 1 2 840 113549 1 9 16 4 1 */ &(nid_objs[249]),/* OBJ_id_smime_spq_ets_sqt_uri 1 2 840 113549 1 9 16 5 1 */ &(nid_objs[250]),/* OBJ_id_smime_spq_ets_sqt_unotice 1 2 840 113549 1 9 16 5 2 */ diff --git a/src/lib/libssl/src/crypto/objects/obj_dat.pl b/src/lib/libssl/src/crypto/objects/obj_dat.pl index d0371661f9..8a09a46ee6 100644 --- a/src/lib/libssl/src/crypto/objects/obj_dat.pl +++ b/src/lib/libssl/src/crypto/objects/obj_dat.pl @@ -94,7 +94,7 @@ for ($i=0; $i<$n; $i++) { if (!defined($nid{$i})) { - push(@out,"{NULL,NULL,NID_undef,0,NULL},\n"); + push(@out,"{NULL,NULL,NID_undef,0,NULL,0},\n"); } else { @@ -138,7 +138,7 @@ for ($i=0; $i<$n; $i++) } else { - $out.="0,NULL"; + $out.="0,NULL,0"; } $out.="},\n"; push(@out,$out); diff --git a/src/lib/libssl/src/crypto/objects/obj_err.c b/src/lib/libssl/src/crypto/objects/obj_err.c index 0682979b38..12b48850c6 100644 --- a/src/lib/libssl/src/crypto/objects/obj_err.c +++ b/src/lib/libssl/src/crypto/objects/obj_err.c @@ -91,15 +91,12 @@ static ERR_STRING_DATA OBJ_str_reasons[]= void ERR_load_OBJ_strings(void) { - static int init=1; +#ifndef OPENSSL_NO_ERR - if (init) + if (ERR_func_error_string(OBJ_str_functs[0].error) == NULL) { - init=0; -#ifndef OPENSSL_NO_ERR ERR_load_strings(0,OBJ_str_functs); ERR_load_strings(0,OBJ_str_reasons); -#endif - } +#endif } diff --git a/src/lib/libssl/src/crypto/objects/obj_lib.c b/src/lib/libssl/src/crypto/objects/obj_lib.c index b0b0f2ff24..706fa0b0e7 100644 --- a/src/lib/libssl/src/crypto/objects/obj_lib.c +++ b/src/lib/libssl/src/crypto/objects/obj_lib.c @@ -82,7 +82,8 @@ ASN1_OBJECT *OBJ_dup(const ASN1_OBJECT *o) r->data=OPENSSL_malloc(o->length); if (r->data == NULL) goto err; - memcpy(r->data,o->data,o->length); + if (o->data != NULL) + memcpy(r->data,o->data,o->length); r->length=o->length; r->nid=o->nid; r->ln=r->sn=NULL; diff --git a/src/lib/libssl/src/crypto/objects/obj_mac.h b/src/lib/libssl/src/crypto/objects/obj_mac.h index 51bb50047f..76d5ec9c0b 100644 --- a/src/lib/libssl/src/crypto/objects/obj_mac.h +++ b/src/lib/libssl/src/crypto/objects/obj_mac.h @@ -67,30 +67,67 @@ #define NID_undef 0 #define OBJ_undef 0L -#define SN_ccitt "CCITT" -#define LN_ccitt "ccitt" +#define SN_itu_t "ITU-T" +#define LN_itu_t "itu-t" +#define NID_itu_t 645 +#define OBJ_itu_t 0L + #define NID_ccitt 404 -#define OBJ_ccitt 0L +#define OBJ_ccitt OBJ_itu_t #define SN_iso "ISO" #define LN_iso "iso" #define NID_iso 181 #define OBJ_iso 1L -#define SN_joint_iso_ccitt "JOINT-ISO-CCITT" -#define LN_joint_iso_ccitt "joint-iso-ccitt" +#define SN_joint_iso_itu_t "JOINT-ISO-ITU-T" +#define LN_joint_iso_itu_t "joint-iso-itu-t" +#define NID_joint_iso_itu_t 646 +#define OBJ_joint_iso_itu_t 2L + #define NID_joint_iso_ccitt 393 -#define OBJ_joint_iso_ccitt 2L +#define OBJ_joint_iso_ccitt OBJ_joint_iso_itu_t #define SN_member_body "member-body" #define LN_member_body "ISO Member Body" #define NID_member_body 182 #define OBJ_member_body OBJ_iso,2L +#define SN_identified_organization "identified-organization" +#define NID_identified_organization 676 +#define OBJ_identified_organization OBJ_iso,3L + +#define SN_hmac_md5 "HMAC-MD5" +#define LN_hmac_md5 "hmac-md5" +#define NID_hmac_md5 780 +#define OBJ_hmac_md5 OBJ_identified_organization,6L,1L,5L,5L,8L,1L,1L + +#define SN_hmac_sha1 "HMAC-SHA1" +#define LN_hmac_sha1 "hmac-sha1" +#define NID_hmac_sha1 781 +#define OBJ_hmac_sha1 OBJ_identified_organization,6L,1L,5L,5L,8L,1L,2L + +#define SN_certicom_arc "certicom-arc" +#define NID_certicom_arc 677 +#define OBJ_certicom_arc OBJ_identified_organization,132L + +#define SN_international_organizations "international-organizations" +#define LN_international_organizations "International Organizations" +#define NID_international_organizations 647 +#define OBJ_international_organizations OBJ_joint_iso_itu_t,23L + +#define SN_wap "wap" +#define NID_wap 678 +#define OBJ_wap OBJ_international_organizations,43L + +#define SN_wap_wsg "wap-wsg" +#define NID_wap_wsg 679 +#define OBJ_wap_wsg OBJ_wap,13L + #define SN_selected_attribute_types "selected-attribute-types" #define LN_selected_attribute_types "Selected Attribute Types" #define NID_selected_attribute_types 394 -#define OBJ_selected_attribute_types OBJ_joint_iso_ccitt,5L,1L,5L +#define OBJ_selected_attribute_types OBJ_joint_iso_itu_t,5L,1L,5L #define SN_clearance "clearance" #define NID_clearance 395 @@ -136,6 +173,22 @@ #define NID_X9_62_characteristic_two_field 407 #define OBJ_X9_62_characteristic_two_field OBJ_X9_62_id_fieldType,2L +#define SN_X9_62_id_characteristic_two_basis "id-characteristic-two-basis" +#define NID_X9_62_id_characteristic_two_basis 680 +#define OBJ_X9_62_id_characteristic_two_basis OBJ_X9_62_characteristic_two_field,3L + +#define SN_X9_62_onBasis "onBasis" +#define NID_X9_62_onBasis 681 +#define OBJ_X9_62_onBasis OBJ_X9_62_id_characteristic_two_basis,1L + +#define SN_X9_62_tpBasis "tpBasis" +#define NID_X9_62_tpBasis 682 +#define OBJ_X9_62_tpBasis OBJ_X9_62_id_characteristic_two_basis,2L + +#define SN_X9_62_ppBasis "ppBasis" +#define NID_X9_62_ppBasis 683 +#define OBJ_X9_62_ppBasis OBJ_X9_62_id_characteristic_two_basis,3L + #define OBJ_X9_62_id_publicKeyType OBJ_ansi_X9_62,2L #define SN_X9_62_id_ecPublicKey "id-ecPublicKey" @@ -146,6 +199,86 @@ #define OBJ_X9_62_c_TwoCurve OBJ_X9_62_ellipticCurve,0L +#define SN_X9_62_c2pnb163v1 "c2pnb163v1" +#define NID_X9_62_c2pnb163v1 684 +#define OBJ_X9_62_c2pnb163v1 OBJ_X9_62_c_TwoCurve,1L + +#define SN_X9_62_c2pnb163v2 "c2pnb163v2" +#define NID_X9_62_c2pnb163v2 685 +#define OBJ_X9_62_c2pnb163v2 OBJ_X9_62_c_TwoCurve,2L + +#define SN_X9_62_c2pnb163v3 "c2pnb163v3" +#define NID_X9_62_c2pnb163v3 686 +#define OBJ_X9_62_c2pnb163v3 OBJ_X9_62_c_TwoCurve,3L + +#define SN_X9_62_c2pnb176v1 "c2pnb176v1" +#define NID_X9_62_c2pnb176v1 687 +#define OBJ_X9_62_c2pnb176v1 OBJ_X9_62_c_TwoCurve,4L + +#define SN_X9_62_c2tnb191v1 "c2tnb191v1" +#define NID_X9_62_c2tnb191v1 688 +#define OBJ_X9_62_c2tnb191v1 OBJ_X9_62_c_TwoCurve,5L + +#define SN_X9_62_c2tnb191v2 "c2tnb191v2" +#define NID_X9_62_c2tnb191v2 689 +#define OBJ_X9_62_c2tnb191v2 OBJ_X9_62_c_TwoCurve,6L + +#define SN_X9_62_c2tnb191v3 "c2tnb191v3" +#define NID_X9_62_c2tnb191v3 690 +#define OBJ_X9_62_c2tnb191v3 OBJ_X9_62_c_TwoCurve,7L + +#define SN_X9_62_c2onb191v4 "c2onb191v4" +#define NID_X9_62_c2onb191v4 691 +#define OBJ_X9_62_c2onb191v4 OBJ_X9_62_c_TwoCurve,8L + +#define SN_X9_62_c2onb191v5 "c2onb191v5" +#define NID_X9_62_c2onb191v5 692 +#define OBJ_X9_62_c2onb191v5 OBJ_X9_62_c_TwoCurve,9L + +#define SN_X9_62_c2pnb208w1 "c2pnb208w1" +#define NID_X9_62_c2pnb208w1 693 +#define OBJ_X9_62_c2pnb208w1 OBJ_X9_62_c_TwoCurve,10L + +#define SN_X9_62_c2tnb239v1 "c2tnb239v1" +#define NID_X9_62_c2tnb239v1 694 +#define OBJ_X9_62_c2tnb239v1 OBJ_X9_62_c_TwoCurve,11L + +#define SN_X9_62_c2tnb239v2 "c2tnb239v2" +#define NID_X9_62_c2tnb239v2 695 +#define OBJ_X9_62_c2tnb239v2 OBJ_X9_62_c_TwoCurve,12L + +#define SN_X9_62_c2tnb239v3 "c2tnb239v3" +#define NID_X9_62_c2tnb239v3 696 +#define OBJ_X9_62_c2tnb239v3 OBJ_X9_62_c_TwoCurve,13L + +#define SN_X9_62_c2onb239v4 "c2onb239v4" +#define NID_X9_62_c2onb239v4 697 +#define OBJ_X9_62_c2onb239v4 OBJ_X9_62_c_TwoCurve,14L + +#define SN_X9_62_c2onb239v5 "c2onb239v5" +#define NID_X9_62_c2onb239v5 698 +#define OBJ_X9_62_c2onb239v5 OBJ_X9_62_c_TwoCurve,15L + +#define SN_X9_62_c2pnb272w1 "c2pnb272w1" +#define NID_X9_62_c2pnb272w1 699 +#define OBJ_X9_62_c2pnb272w1 OBJ_X9_62_c_TwoCurve,16L + +#define SN_X9_62_c2pnb304w1 "c2pnb304w1" +#define NID_X9_62_c2pnb304w1 700 +#define OBJ_X9_62_c2pnb304w1 OBJ_X9_62_c_TwoCurve,17L + +#define SN_X9_62_c2tnb359v1 "c2tnb359v1" +#define NID_X9_62_c2tnb359v1 701 +#define OBJ_X9_62_c2tnb359v1 OBJ_X9_62_c_TwoCurve,18L + +#define SN_X9_62_c2pnb368w1 "c2pnb368w1" +#define NID_X9_62_c2pnb368w1 702 +#define OBJ_X9_62_c2pnb368w1 OBJ_X9_62_c_TwoCurve,19L + +#define SN_X9_62_c2tnb431r1 "c2tnb431r1" +#define NID_X9_62_c2tnb431r1 703 +#define OBJ_X9_62_c2tnb431r1 OBJ_X9_62_c_TwoCurve,20L + #define OBJ_X9_62_primeCurve OBJ_X9_62_ellipticCurve,1L #define SN_X9_62_prime192v1 "prime192v1" @@ -182,6 +315,178 @@ #define NID_ecdsa_with_SHA1 416 #define OBJ_ecdsa_with_SHA1 OBJ_X9_62_id_ecSigType,1L +#define OBJ_secg_ellipticCurve OBJ_certicom_arc,0L + +#define SN_secp112r1 "secp112r1" +#define NID_secp112r1 704 +#define OBJ_secp112r1 OBJ_secg_ellipticCurve,6L + +#define SN_secp112r2 "secp112r2" +#define NID_secp112r2 705 +#define OBJ_secp112r2 OBJ_secg_ellipticCurve,7L + +#define SN_secp128r1 "secp128r1" +#define NID_secp128r1 706 +#define OBJ_secp128r1 OBJ_secg_ellipticCurve,28L + +#define SN_secp128r2 "secp128r2" +#define NID_secp128r2 707 +#define OBJ_secp128r2 OBJ_secg_ellipticCurve,29L + +#define SN_secp160k1 "secp160k1" +#define NID_secp160k1 708 +#define OBJ_secp160k1 OBJ_secg_ellipticCurve,9L + +#define SN_secp160r1 "secp160r1" +#define NID_secp160r1 709 +#define OBJ_secp160r1 OBJ_secg_ellipticCurve,8L + +#define SN_secp160r2 "secp160r2" +#define NID_secp160r2 710 +#define OBJ_secp160r2 OBJ_secg_ellipticCurve,30L + +#define SN_secp192k1 "secp192k1" +#define NID_secp192k1 711 +#define OBJ_secp192k1 OBJ_secg_ellipticCurve,31L + +#define SN_secp224k1 "secp224k1" +#define NID_secp224k1 712 +#define OBJ_secp224k1 OBJ_secg_ellipticCurve,32L + +#define SN_secp224r1 "secp224r1" +#define NID_secp224r1 713 +#define OBJ_secp224r1 OBJ_secg_ellipticCurve,33L + +#define SN_secp256k1 "secp256k1" +#define NID_secp256k1 714 +#define OBJ_secp256k1 OBJ_secg_ellipticCurve,10L + +#define SN_secp384r1 "secp384r1" +#define NID_secp384r1 715 +#define OBJ_secp384r1 OBJ_secg_ellipticCurve,34L + +#define SN_secp521r1 "secp521r1" +#define NID_secp521r1 716 +#define OBJ_secp521r1 OBJ_secg_ellipticCurve,35L + +#define SN_sect113r1 "sect113r1" +#define NID_sect113r1 717 +#define OBJ_sect113r1 OBJ_secg_ellipticCurve,4L + +#define SN_sect113r2 "sect113r2" +#define NID_sect113r2 718 +#define OBJ_sect113r2 OBJ_secg_ellipticCurve,5L + +#define SN_sect131r1 "sect131r1" +#define NID_sect131r1 719 +#define OBJ_sect131r1 OBJ_secg_ellipticCurve,22L + +#define SN_sect131r2 "sect131r2" +#define NID_sect131r2 720 +#define OBJ_sect131r2 OBJ_secg_ellipticCurve,23L + +#define SN_sect163k1 "sect163k1" +#define NID_sect163k1 721 +#define OBJ_sect163k1 OBJ_secg_ellipticCurve,1L + +#define SN_sect163r1 "sect163r1" +#define NID_sect163r1 722 +#define OBJ_sect163r1 OBJ_secg_ellipticCurve,2L + +#define SN_sect163r2 "sect163r2" +#define NID_sect163r2 723 +#define OBJ_sect163r2 OBJ_secg_ellipticCurve,15L + +#define SN_sect193r1 "sect193r1" +#define NID_sect193r1 724 +#define OBJ_sect193r1 OBJ_secg_ellipticCurve,24L + +#define SN_sect193r2 "sect193r2" +#define NID_sect193r2 725 +#define OBJ_sect193r2 OBJ_secg_ellipticCurve,25L + +#define SN_sect233k1 "sect233k1" +#define NID_sect233k1 726 +#define OBJ_sect233k1 OBJ_secg_ellipticCurve,26L + +#define SN_sect233r1 "sect233r1" +#define NID_sect233r1 727 +#define OBJ_sect233r1 OBJ_secg_ellipticCurve,27L + +#define SN_sect239k1 "sect239k1" +#define NID_sect239k1 728 +#define OBJ_sect239k1 OBJ_secg_ellipticCurve,3L + +#define SN_sect283k1 "sect283k1" +#define NID_sect283k1 729 +#define OBJ_sect283k1 OBJ_secg_ellipticCurve,16L + +#define SN_sect283r1 "sect283r1" +#define NID_sect283r1 730 +#define OBJ_sect283r1 OBJ_secg_ellipticCurve,17L + +#define SN_sect409k1 "sect409k1" +#define NID_sect409k1 731 +#define OBJ_sect409k1 OBJ_secg_ellipticCurve,36L + +#define SN_sect409r1 "sect409r1" +#define NID_sect409r1 732 +#define OBJ_sect409r1 OBJ_secg_ellipticCurve,37L + +#define SN_sect571k1 "sect571k1" +#define NID_sect571k1 733 +#define OBJ_sect571k1 OBJ_secg_ellipticCurve,38L + +#define SN_sect571r1 "sect571r1" +#define NID_sect571r1 734 +#define OBJ_sect571r1 OBJ_secg_ellipticCurve,39L + +#define OBJ_wap_wsg_idm_ecid OBJ_wap_wsg,4L + +#define SN_wap_wsg_idm_ecid_wtls1 "wap-wsg-idm-ecid-wtls1" +#define NID_wap_wsg_idm_ecid_wtls1 735 +#define OBJ_wap_wsg_idm_ecid_wtls1 OBJ_wap_wsg_idm_ecid,1L + +#define SN_wap_wsg_idm_ecid_wtls3 "wap-wsg-idm-ecid-wtls3" +#define NID_wap_wsg_idm_ecid_wtls3 736 +#define OBJ_wap_wsg_idm_ecid_wtls3 OBJ_wap_wsg_idm_ecid,3L + +#define SN_wap_wsg_idm_ecid_wtls4 "wap-wsg-idm-ecid-wtls4" +#define NID_wap_wsg_idm_ecid_wtls4 737 +#define OBJ_wap_wsg_idm_ecid_wtls4 OBJ_wap_wsg_idm_ecid,4L + +#define SN_wap_wsg_idm_ecid_wtls5 "wap-wsg-idm-ecid-wtls5" +#define NID_wap_wsg_idm_ecid_wtls5 738 +#define OBJ_wap_wsg_idm_ecid_wtls5 OBJ_wap_wsg_idm_ecid,5L + +#define SN_wap_wsg_idm_ecid_wtls6 "wap-wsg-idm-ecid-wtls6" +#define NID_wap_wsg_idm_ecid_wtls6 739 +#define OBJ_wap_wsg_idm_ecid_wtls6 OBJ_wap_wsg_idm_ecid,6L + +#define SN_wap_wsg_idm_ecid_wtls7 "wap-wsg-idm-ecid-wtls7" +#define NID_wap_wsg_idm_ecid_wtls7 740 +#define OBJ_wap_wsg_idm_ecid_wtls7 OBJ_wap_wsg_idm_ecid,7L + +#define SN_wap_wsg_idm_ecid_wtls8 "wap-wsg-idm-ecid-wtls8" +#define NID_wap_wsg_idm_ecid_wtls8 741 +#define OBJ_wap_wsg_idm_ecid_wtls8 OBJ_wap_wsg_idm_ecid,8L + +#define SN_wap_wsg_idm_ecid_wtls9 "wap-wsg-idm-ecid-wtls9" +#define NID_wap_wsg_idm_ecid_wtls9 742 +#define OBJ_wap_wsg_idm_ecid_wtls9 OBJ_wap_wsg_idm_ecid,9L + +#define SN_wap_wsg_idm_ecid_wtls10 "wap-wsg-idm-ecid-wtls10" +#define NID_wap_wsg_idm_ecid_wtls10 743 +#define OBJ_wap_wsg_idm_ecid_wtls10 OBJ_wap_wsg_idm_ecid,10L + +#define SN_wap_wsg_idm_ecid_wtls11 "wap-wsg-idm-ecid-wtls11" +#define NID_wap_wsg_idm_ecid_wtls11 744 +#define OBJ_wap_wsg_idm_ecid_wtls11 OBJ_wap_wsg_idm_ecid,11L + +#define SN_wap_wsg_idm_ecid_wtls12 "wap-wsg-idm-ecid-wtls12" +#define NID_wap_wsg_idm_ecid_wtls12 745 +#define OBJ_wap_wsg_idm_ecid_wtls12 OBJ_wap_wsg_idm_ecid,12L + #define SN_cast5_cbc "CAST5-CBC" #define LN_cast5_cbc "cast5-cbc" #define NID_cast5_cbc 108 @@ -203,6 +508,16 @@ #define NID_pbeWithMD5AndCast5_CBC 112 #define OBJ_pbeWithMD5AndCast5_CBC OBJ_ISO_US,113533L,7L,66L,12L +#define SN_id_PasswordBasedMAC "id-PasswordBasedMAC" +#define LN_id_PasswordBasedMAC "password based MAC" +#define NID_id_PasswordBasedMAC 782 +#define OBJ_id_PasswordBasedMAC OBJ_ISO_US,113533L,7L,66L,13L + +#define SN_id_DHBasedMac "id-DHBasedMac" +#define LN_id_DHBasedMac "Diffie-Hellman based MAC" +#define NID_id_DHBasedMac 783 +#define OBJ_id_DHBasedMac OBJ_ISO_US,113533L,7L,66L,30L + #define SN_rsadsi "rsadsi" #define LN_rsadsi "RSA Data Security, Inc." #define NID_rsadsi 1 @@ -490,6 +805,14 @@ #define NID_id_smime_ct_DVCSResponseData 211 #define OBJ_id_smime_ct_DVCSResponseData OBJ_id_smime_ct,8L +#define SN_id_smime_ct_compressedData "id-smime-ct-compressedData" +#define NID_id_smime_ct_compressedData 786 +#define OBJ_id_smime_ct_compressedData OBJ_id_smime_ct,9L + +#define SN_id_ct_asciiTextWithCRLF "id-ct-asciiTextWithCRLF" +#define NID_id_ct_asciiTextWithCRLF 787 +#define OBJ_id_ct_asciiTextWithCRLF OBJ_id_smime_ct,27L + #define SN_id_smime_aa_receiptRequest "id-smime-aa-receiptRequest" #define NID_id_smime_aa_receiptRequest 212 #define OBJ_id_smime_aa_receiptRequest OBJ_id_smime_aa,1L @@ -1218,6 +1541,10 @@ #define NID_id_it_origPKIMessage 312 #define OBJ_id_it_origPKIMessage OBJ_id_it,15L +#define SN_id_it_suppLangTags "id-it-suppLangTags" +#define NID_id_it_suppLangTags 784 +#define OBJ_id_it_suppLangTags OBJ_id_it,16L + #define SN_id_regCtrl "id-regCtrl" #define NID_id_regCtrl 313 #define OBJ_id_regCtrl OBJ_id_pkip,1L @@ -1453,6 +1780,11 @@ #define NID_ad_dvcs 364 #define OBJ_ad_dvcs OBJ_id_ad,4L +#define SN_caRepository "caRepository" +#define LN_caRepository "CA Repository" +#define NID_caRepository 785 +#define OBJ_caRepository OBJ_id_ad,5L + #define OBJ_id_pkix_OCSP OBJ_ad_OCSP #define SN_id_pkix_OCSP_basic "basicOCSPResponse" @@ -1749,6 +2081,11 @@ #define NID_id_ce 81 #define OBJ_id_ce OBJ_X500,29L +#define SN_subject_directory_attributes "subjectDirectoryAttributes" +#define LN_subject_directory_attributes "X509v3 Subject Directory Attributes" +#define NID_subject_directory_attributes 769 +#define OBJ_subject_directory_attributes OBJ_id_ce,9L + #define SN_subject_key_identifier "subjectKeyIdentifier" #define LN_subject_key_identifier "X509v3 Subject Key Identifier" #define NID_subject_key_identifier 82 @@ -1799,6 +2136,16 @@ #define NID_delta_crl 140 #define OBJ_delta_crl OBJ_id_ce,27L +#define SN_issuing_distribution_point "issuingDistributionPoint" +#define LN_issuing_distribution_point "X509v3 Issuing Distrubution Point" +#define NID_issuing_distribution_point 770 +#define OBJ_issuing_distribution_point OBJ_id_ce,28L + +#define SN_certificate_issuer "certificateIssuer" +#define LN_certificate_issuer "X509v3 Certificate Issuer" +#define NID_certificate_issuer 771 +#define OBJ_certificate_issuer OBJ_id_ce,29L + #define SN_name_constraints "nameConstraints" #define LN_name_constraints "X509v3 Name Constraints" #define NID_name_constraints 666 @@ -1814,6 +2161,16 @@ #define NID_certificate_policies 89 #define OBJ_certificate_policies OBJ_id_ce,32L +#define SN_any_policy "anyPolicy" +#define LN_any_policy "X509v3 Any Policy" +#define NID_any_policy 746 +#define OBJ_any_policy OBJ_certificate_policies,0L + +#define SN_policy_mappings "policyMappings" +#define LN_policy_mappings "X509v3 Policy Mappings" +#define NID_policy_mappings 747 +#define OBJ_policy_mappings OBJ_id_ce,33L + #define SN_authority_key_identifier "authorityKeyIdentifier" #define LN_authority_key_identifier "X509v3 Authority Key Identifier" #define NID_authority_key_identifier 90 @@ -1829,6 +2186,11 @@ #define NID_ext_key_usage 126 #define OBJ_ext_key_usage OBJ_id_ce,37L +#define SN_inhibit_any_policy "inhibitAnyPolicy" +#define LN_inhibit_any_policy "X509v3 Inhibit Any Policy" +#define NID_inhibit_any_policy 748 +#define OBJ_inhibit_any_policy OBJ_id_ce,54L + #define SN_target_information "targetInformation" #define LN_target_information "X509v3 AC Targeting" #define NID_target_information 402 @@ -1998,7 +2360,7 @@ #define SN_zlib_compression "ZLIB" #define LN_zlib_compression "zlib compression" #define NID_zlib_compression 125 -#define OBJ_zlib_compression 1L,1L,1L,1L,666L,2L +#define OBJ_zlib_compression OBJ_id_smime_alg,8L #define OBJ_csor 2L,16L,840L,1L,101L,3L @@ -2106,6 +2468,18 @@ #define LN_des_ede3_cfb8 "des-ede3-cfb8" #define NID_des_ede3_cfb8 659 +#define SN_id_aes128_wrap "id-aes128-wrap" +#define NID_id_aes128_wrap 788 +#define OBJ_id_aes128_wrap OBJ_aes,5L + +#define SN_id_aes192_wrap "id-aes192-wrap" +#define NID_id_aes192_wrap 789 +#define OBJ_id_aes192_wrap OBJ_aes,25L + +#define SN_id_aes256_wrap "id-aes256-wrap" +#define NID_id_aes256_wrap 790 +#define OBJ_id_aes256_wrap OBJ_aes,45L + #define OBJ_nist_hashalgs OBJ_nistAlgorithms,2L #define SN_sha256 "SHA256" @@ -2152,7 +2526,7 @@ #define SN_data "data" #define NID_data 434 -#define OBJ_data OBJ_ccitt,9L +#define OBJ_data OBJ_itu_t,9L #define SN_pss "pss" #define NID_pss 435 @@ -2441,7 +2815,7 @@ #define SN_id_set "id-set" #define LN_id_set "Secure Electronic Transactions" #define NID_id_set 512 -#define OBJ_id_set 2L,23L,42L +#define OBJ_id_set OBJ_international_organizations,42L #define SN_set_ctype "set-ctype" #define LN_set_ctype "content types" @@ -2985,3 +3359,124 @@ #define NID_rsaOAEPEncryptionSET 644 #define OBJ_rsaOAEPEncryptionSET OBJ_rsadsi,1L,1L,6L +#define SN_ipsec3 "Oakley-EC2N-3" +#define LN_ipsec3 "ipsec3" +#define NID_ipsec3 749 + +#define SN_ipsec4 "Oakley-EC2N-4" +#define LN_ipsec4 "ipsec4" +#define NID_ipsec4 750 + +#define SN_camellia_128_cbc "CAMELLIA-128-CBC" +#define LN_camellia_128_cbc "camellia-128-cbc" +#define NID_camellia_128_cbc 751 +#define OBJ_camellia_128_cbc 1L,2L,392L,200011L,61L,1L,1L,1L,2L + +#define SN_camellia_192_cbc "CAMELLIA-192-CBC" +#define LN_camellia_192_cbc "camellia-192-cbc" +#define NID_camellia_192_cbc 752 +#define OBJ_camellia_192_cbc 1L,2L,392L,200011L,61L,1L,1L,1L,3L + +#define SN_camellia_256_cbc "CAMELLIA-256-CBC" +#define LN_camellia_256_cbc "camellia-256-cbc" +#define NID_camellia_256_cbc 753 +#define OBJ_camellia_256_cbc 1L,2L,392L,200011L,61L,1L,1L,1L,4L + +#define OBJ_ntt_ds 0L,3L,4401L,5L + +#define OBJ_camellia OBJ_ntt_ds,3L,1L,9L + +#define SN_camellia_128_ecb "CAMELLIA-128-ECB" +#define LN_camellia_128_ecb "camellia-128-ecb" +#define NID_camellia_128_ecb 754 +#define OBJ_camellia_128_ecb OBJ_camellia,1L + +#define SN_camellia_128_ofb128 "CAMELLIA-128-OFB" +#define LN_camellia_128_ofb128 "camellia-128-ofb" +#define NID_camellia_128_ofb128 766 +#define OBJ_camellia_128_ofb128 OBJ_camellia,3L + +#define SN_camellia_128_cfb128 "CAMELLIA-128-CFB" +#define LN_camellia_128_cfb128 "camellia-128-cfb" +#define NID_camellia_128_cfb128 757 +#define OBJ_camellia_128_cfb128 OBJ_camellia,4L + +#define SN_camellia_192_ecb "CAMELLIA-192-ECB" +#define LN_camellia_192_ecb "camellia-192-ecb" +#define NID_camellia_192_ecb 755 +#define OBJ_camellia_192_ecb OBJ_camellia,21L + +#define SN_camellia_192_ofb128 "CAMELLIA-192-OFB" +#define LN_camellia_192_ofb128 "camellia-192-ofb" +#define NID_camellia_192_ofb128 767 +#define OBJ_camellia_192_ofb128 OBJ_camellia,23L + +#define SN_camellia_192_cfb128 "CAMELLIA-192-CFB" +#define LN_camellia_192_cfb128 "camellia-192-cfb" +#define NID_camellia_192_cfb128 758 +#define OBJ_camellia_192_cfb128 OBJ_camellia,24L + +#define SN_camellia_256_ecb "CAMELLIA-256-ECB" +#define LN_camellia_256_ecb "camellia-256-ecb" +#define NID_camellia_256_ecb 756 +#define OBJ_camellia_256_ecb OBJ_camellia,41L + +#define SN_camellia_256_ofb128 "CAMELLIA-256-OFB" +#define LN_camellia_256_ofb128 "camellia-256-ofb" +#define NID_camellia_256_ofb128 768 +#define OBJ_camellia_256_ofb128 OBJ_camellia,43L + +#define SN_camellia_256_cfb128 "CAMELLIA-256-CFB" +#define LN_camellia_256_cfb128 "camellia-256-cfb" +#define NID_camellia_256_cfb128 759 +#define OBJ_camellia_256_cfb128 OBJ_camellia,44L + +#define SN_camellia_128_cfb1 "CAMELLIA-128-CFB1" +#define LN_camellia_128_cfb1 "camellia-128-cfb1" +#define NID_camellia_128_cfb1 760 + +#define SN_camellia_192_cfb1 "CAMELLIA-192-CFB1" +#define LN_camellia_192_cfb1 "camellia-192-cfb1" +#define NID_camellia_192_cfb1 761 + +#define SN_camellia_256_cfb1 "CAMELLIA-256-CFB1" +#define LN_camellia_256_cfb1 "camellia-256-cfb1" +#define NID_camellia_256_cfb1 762 + +#define SN_camellia_128_cfb8 "CAMELLIA-128-CFB8" +#define LN_camellia_128_cfb8 "camellia-128-cfb8" +#define NID_camellia_128_cfb8 763 + +#define SN_camellia_192_cfb8 "CAMELLIA-192-CFB8" +#define LN_camellia_192_cfb8 "camellia-192-cfb8" +#define NID_camellia_192_cfb8 764 + +#define SN_camellia_256_cfb8 "CAMELLIA-256-CFB8" +#define LN_camellia_256_cfb8 "camellia-256-cfb8" +#define NID_camellia_256_cfb8 765 + +#define SN_kisa "KISA" +#define LN_kisa "kisa" +#define NID_kisa 773 +#define OBJ_kisa OBJ_member_body,410L,200004L + +#define SN_seed_ecb "SEED-ECB" +#define LN_seed_ecb "seed-ecb" +#define NID_seed_ecb 776 +#define OBJ_seed_ecb OBJ_kisa,1L,3L + +#define SN_seed_cbc "SEED-CBC" +#define LN_seed_cbc "seed-cbc" +#define NID_seed_cbc 777 +#define OBJ_seed_cbc OBJ_kisa,1L,4L + +#define SN_seed_cfb128 "SEED-CFB" +#define LN_seed_cfb128 "seed-cfb" +#define NID_seed_cfb128 779 +#define OBJ_seed_cfb128 OBJ_kisa,1L,5L + +#define SN_seed_ofb128 "SEED-OFB" +#define LN_seed_ofb128 "seed-ofb" +#define NID_seed_ofb128 778 +#define OBJ_seed_ofb128 OBJ_kisa,1L,6L + diff --git a/src/lib/libssl/src/crypto/objects/obj_mac.num b/src/lib/libssl/src/crypto/objects/obj_mac.num index 84555d936e..47815b1e4e 100644 --- a/src/lib/libssl/src/crypto/objects/obj_mac.num +++ b/src/lib/libssl/src/crypto/objects/obj_mac.num @@ -673,3 +673,118 @@ sha256 672 sha384 673 sha512 674 sha224 675 +identified_organization 676 +certicom_arc 677 +wap 678 +wap_wsg 679 +X9_62_id_characteristic_two_basis 680 +X9_62_onBasis 681 +X9_62_tpBasis 682 +X9_62_ppBasis 683 +X9_62_c2pnb163v1 684 +X9_62_c2pnb163v2 685 +X9_62_c2pnb163v3 686 +X9_62_c2pnb176v1 687 +X9_62_c2tnb191v1 688 +X9_62_c2tnb191v2 689 +X9_62_c2tnb191v3 690 +X9_62_c2onb191v4 691 +X9_62_c2onb191v5 692 +X9_62_c2pnb208w1 693 +X9_62_c2tnb239v1 694 +X9_62_c2tnb239v2 695 +X9_62_c2tnb239v3 696 +X9_62_c2onb239v4 697 +X9_62_c2onb239v5 698 +X9_62_c2pnb272w1 699 +X9_62_c2pnb304w1 700 +X9_62_c2tnb359v1 701 +X9_62_c2pnb368w1 702 +X9_62_c2tnb431r1 703 +secp112r1 704 +secp112r2 705 +secp128r1 706 +secp128r2 707 +secp160k1 708 +secp160r1 709 +secp160r2 710 +secp192k1 711 +secp224k1 712 +secp224r1 713 +secp256k1 714 +secp384r1 715 +secp521r1 716 +sect113r1 717 +sect113r2 718 +sect131r1 719 +sect131r2 720 +sect163k1 721 +sect163r1 722 +sect163r2 723 +sect193r1 724 +sect193r2 725 +sect233k1 726 +sect233r1 727 +sect239k1 728 +sect283k1 729 +sect283r1 730 +sect409k1 731 +sect409r1 732 +sect571k1 733 +sect571r1 734 +wap_wsg_idm_ecid_wtls1 735 +wap_wsg_idm_ecid_wtls3 736 +wap_wsg_idm_ecid_wtls4 737 +wap_wsg_idm_ecid_wtls5 738 +wap_wsg_idm_ecid_wtls6 739 +wap_wsg_idm_ecid_wtls7 740 +wap_wsg_idm_ecid_wtls8 741 +wap_wsg_idm_ecid_wtls9 742 +wap_wsg_idm_ecid_wtls10 743 +wap_wsg_idm_ecid_wtls11 744 +wap_wsg_idm_ecid_wtls12 745 +any_policy 746 +policy_mappings 747 +inhibit_any_policy 748 +ipsec3 749 +ipsec4 750 +camellia_128_cbc 751 +camellia_192_cbc 752 +camellia_256_cbc 753 +camellia_128_ecb 754 +camellia_192_ecb 755 +camellia_256_ecb 756 +camellia_128_cfb128 757 +camellia_192_cfb128 758 +camellia_256_cfb128 759 +camellia_128_cfb1 760 +camellia_192_cfb1 761 +camellia_256_cfb1 762 +camellia_128_cfb8 763 +camellia_192_cfb8 764 +camellia_256_cfb8 765 +camellia_128_ofb128 766 +camellia_192_ofb128 767 +camellia_256_ofb128 768 +subject_directory_attributes 769 +issuing_distribution_point 770 +certificate_issuer 771 +korea 772 +kisa 773 +kftc 774 +npki_alg 775 +seed_ecb 776 +seed_cbc 777 +seed_ofb128 778 +seed_cfb128 779 +hmac_md5 780 +hmac_sha1 781 +id_PasswordBasedMAC 782 +id_DHBasedMac 783 +id_it_suppLangTags 784 +caRepository 785 +id_smime_ct_compressedData 786 +id_ct_asciiTextWithCRLF 787 +id_aes128_wrap 788 +id_aes192_wrap 789 +id_aes256_wrap 790 diff --git a/src/lib/libssl/src/crypto/objects/objects.h b/src/lib/libssl/src/crypto/objects/objects.h index f859d859b8..7242f76fb0 100644 --- a/src/lib/libssl/src/crypto/objects/objects.h +++ b/src/lib/libssl/src/crypto/objects/objects.h @@ -966,7 +966,10 @@ #define OBJ_NAME_TYPE_COMP_METH 0x04 #define OBJ_NAME_TYPE_NUM 0x05 -#define OBJ_NAME_ALIAS 0x8000 +#define OBJ_NAME_ALIAS 0x8000 + +#define OBJ_BSEARCH_VALUE_ON_NOMATCH 0x01 +#define OBJ_BSEARCH_FIRST_VALUE_ON_MATCH 0x02 #ifdef __cplusplus @@ -1010,6 +1013,8 @@ int OBJ_sn2nid(const char *s); int OBJ_cmp(const ASN1_OBJECT *a,const ASN1_OBJECT *b); const char * OBJ_bsearch(const char *key,const char *base,int num,int size, int (*cmp)(const void *, const void *)); +const char * OBJ_bsearch_ex(const char *key,const char *base,int num, + int size, int (*cmp)(const void *, const void *), int flags); int OBJ_new_nid(int num); int OBJ_add_object(const ASN1_OBJECT *obj); diff --git a/src/lib/libssl/src/crypto/objects/objects.txt b/src/lib/libssl/src/crypto/objects/objects.txt index 2635c4e667..34c8d1d647 100644 --- a/src/lib/libssl/src/crypto/objects/objects.txt +++ b/src/lib/libssl/src/crypto/objects/objects.txt @@ -1,12 +1,28 @@ -0 : CCITT : ccitt +# CCITT was renamed to ITU-T quite some time ago +0 : ITU-T : itu-t +!Alias ccitt itu-t 1 : ISO : iso -2 : JOINT-ISO-CCITT : joint-iso-ccitt +2 : JOINT-ISO-ITU-T : joint-iso-itu-t +!Alias joint-iso-ccitt joint-iso-itu-t iso 2 : member-body : ISO Member Body -joint-iso-ccitt 5 1 5 : selected-attribute-types : Selected Attribute Types +iso 3 : identified-organization + +# HMAC OIDs +identified-organization 6 1 5 5 8 1 1 : HMAC-MD5 : hmac-md5 +identified-organization 6 1 5 5 8 1 2 : HMAC-SHA1 : hmac-sha1 + +identified-organization 132 : certicom-arc + +joint-iso-itu-t 23 : international-organizations : International Organizations + +international-organizations 43 : wap +wap 13 : wap-wsg + +joint-iso-itu-t 5 1 5 : selected-attribute-types : Selected Attribute Types selected-attribute-types 55 : clearance @@ -24,12 +40,34 @@ ISO-US 10045 : ansi-X9-62 : ANSI X9.62 !Alias id-fieldType ansi-X9-62 1 X9-62_id-fieldType 1 : prime-field X9-62_id-fieldType 2 : characteristic-two-field -# ... characteristic-two-field OID subtree +X9-62_characteristic-two-field 3 : id-characteristic-two-basis +X9-62_id-characteristic-two-basis 1 : onBasis +X9-62_id-characteristic-two-basis 2 : tpBasis +X9-62_id-characteristic-two-basis 3 : ppBasis !Alias id-publicKeyType ansi-X9-62 2 X9-62_id-publicKeyType 1 : id-ecPublicKey !Alias ellipticCurve ansi-X9-62 3 !Alias c-TwoCurve X9-62_ellipticCurve 0 -# ... characteristic 2 curve OIDs +X9-62_c-TwoCurve 1 : c2pnb163v1 +X9-62_c-TwoCurve 2 : c2pnb163v2 +X9-62_c-TwoCurve 3 : c2pnb163v3 +X9-62_c-TwoCurve 4 : c2pnb176v1 +X9-62_c-TwoCurve 5 : c2tnb191v1 +X9-62_c-TwoCurve 6 : c2tnb191v2 +X9-62_c-TwoCurve 7 : c2tnb191v3 +X9-62_c-TwoCurve 8 : c2onb191v4 +X9-62_c-TwoCurve 9 : c2onb191v5 +X9-62_c-TwoCurve 10 : c2pnb208w1 +X9-62_c-TwoCurve 11 : c2tnb239v1 +X9-62_c-TwoCurve 12 : c2tnb239v2 +X9-62_c-TwoCurve 13 : c2tnb239v3 +X9-62_c-TwoCurve 14 : c2onb239v4 +X9-62_c-TwoCurve 15 : c2onb239v5 +X9-62_c-TwoCurve 16 : c2pnb272w1 +X9-62_c-TwoCurve 17 : c2pnb304w1 +X9-62_c-TwoCurve 18 : c2tnb359v1 +X9-62_c-TwoCurve 19 : c2pnb368w1 +X9-62_c-TwoCurve 20 : c2tnb431r1 !Alias primeCurve X9-62_ellipticCurve 1 X9-62_primeCurve 1 : prime192v1 X9-62_primeCurve 2 : prime192v2 @@ -42,6 +80,60 @@ X9-62_primeCurve 7 : prime256v1 !global X9-62_id-ecSigType 1 : ecdsa-with-SHA1 +# SECG curve OIDs from "SEC 2: Recommended Elliptic Curve Domain Parameters" +# (http://www.secg.org/) +!Alias secg_ellipticCurve certicom-arc 0 +# SECG prime curves OIDs +secg-ellipticCurve 6 : secp112r1 +secg-ellipticCurve 7 : secp112r2 +secg-ellipticCurve 28 : secp128r1 +secg-ellipticCurve 29 : secp128r2 +secg-ellipticCurve 9 : secp160k1 +secg-ellipticCurve 8 : secp160r1 +secg-ellipticCurve 30 : secp160r2 +secg-ellipticCurve 31 : secp192k1 +# NOTE: the curve secp192r1 is the same as prime192v1 defined above +# and is therefore omitted +secg-ellipticCurve 32 : secp224k1 +secg-ellipticCurve 33 : secp224r1 +secg-ellipticCurve 10 : secp256k1 +# NOTE: the curve secp256r1 is the same as prime256v1 defined above +# and is therefore omitted +secg-ellipticCurve 34 : secp384r1 +secg-ellipticCurve 35 : secp521r1 +# SECG characteristic two curves OIDs +secg-ellipticCurve 4 : sect113r1 +secg-ellipticCurve 5 : sect113r2 +secg-ellipticCurve 22 : sect131r1 +secg-ellipticCurve 23 : sect131r2 +secg-ellipticCurve 1 : sect163k1 +secg-ellipticCurve 2 : sect163r1 +secg-ellipticCurve 15 : sect163r2 +secg-ellipticCurve 24 : sect193r1 +secg-ellipticCurve 25 : sect193r2 +secg-ellipticCurve 26 : sect233k1 +secg-ellipticCurve 27 : sect233r1 +secg-ellipticCurve 3 : sect239k1 +secg-ellipticCurve 16 : sect283k1 +secg-ellipticCurve 17 : sect283r1 +secg-ellipticCurve 36 : sect409k1 +secg-ellipticCurve 37 : sect409r1 +secg-ellipticCurve 38 : sect571k1 +secg-ellipticCurve 39 : sect571r1 + +# WAP/TLS curve OIDs (http://www.wapforum.org/) +!Alias wap-wsg-idm-ecid wap-wsg 4 +wap-wsg-idm-ecid 1 : wap-wsg-idm-ecid-wtls1 +wap-wsg-idm-ecid 3 : wap-wsg-idm-ecid-wtls3 +wap-wsg-idm-ecid 4 : wap-wsg-idm-ecid-wtls4 +wap-wsg-idm-ecid 5 : wap-wsg-idm-ecid-wtls5 +wap-wsg-idm-ecid 6 : wap-wsg-idm-ecid-wtls6 +wap-wsg-idm-ecid 7 : wap-wsg-idm-ecid-wtls7 +wap-wsg-idm-ecid 8 : wap-wsg-idm-ecid-wtls8 +wap-wsg-idm-ecid 9 : wap-wsg-idm-ecid-wtls9 +wap-wsg-idm-ecid 10 : wap-wsg-idm-ecid-wtls10 +wap-wsg-idm-ecid 11 : wap-wsg-idm-ecid-wtls11 +wap-wsg-idm-ecid 12 : wap-wsg-idm-ecid-wtls12 ISO-US 113533 7 66 10 : CAST5-CBC : cast5-cbc @@ -53,6 +145,10 @@ ISO-US 113533 7 66 10 : CAST5-CBC : cast5-cbc !Cname pbeWithMD5AndCast5-CBC ISO-US 113533 7 66 12 : : pbeWithMD5AndCast5CBC +# Macs for CMP and CRMF +ISO-US 113533 7 66 13 : id-PasswordBasedMAC : password based MAC +ISO-US 113533 7 66 30 : id-DHBasedMac : Diffie-Hellman based MAC + ISO-US 113549 : rsadsi : RSA Data Security, Inc. rsadsi 1 : pkcs : RSA Data Security, Inc. PKCS @@ -149,6 +245,8 @@ id-smime-ct 5 : id-smime-ct-TDTInfo id-smime-ct 6 : id-smime-ct-contentInfo id-smime-ct 7 : id-smime-ct-DVCSRequestData id-smime-ct 8 : id-smime-ct-DVCSResponseData +id-smime-ct 9 : id-smime-ct-compressedData +id-smime-ct 27 : id-ct-asciiTextWithCRLF # S/MIME Attributes id-smime-aa 1 : id-smime-aa-receiptRequest @@ -396,6 +494,7 @@ id-it 12 : id-it-revPassphrase id-it 13 : id-it-implicitConfirm id-it 14 : id-it-confirmWaitTime id-it 15 : id-it-origPKIMessage +id-it 16 : id-it-suppLangTags # CRMF registration id-pkip 1 : id-regCtrl @@ -482,6 +581,7 @@ id-ad 2 : caIssuers : CA Issuers id-ad 3 : ad_timestamping : AD Time Stamping !Cname ad-dvcs id-ad 4 : AD_DVCS : ad dvcs +id-ad 5 : caRepository : CA Repository !Alias id-pkix-OCSP ad-OCSP @@ -569,6 +669,8 @@ X500algorithms 3 100 : RSA-MDC2 : mdc2WithRSA X500algorithms 3 101 : MDC2 : mdc2 X500 29 : id-ce +!Cname subject-directory-attributes +id-ce 9 : subjectDirectoryAttributes : X509v3 Subject Directory Attributes !Cname subject-key-identifier id-ce 14 : subjectKeyIdentifier : X509v3 Subject Key Identifier !Cname key-usage @@ -589,18 +691,28 @@ id-ce 21 : CRLReason : X509v3 CRL Reason Code id-ce 24 : invalidityDate : Invalidity Date !Cname delta-crl id-ce 27 : deltaCRL : X509v3 Delta CRL Indicator +!Cname issuing-distribution-point +id-ce 28 : issuingDistributionPoint : X509v3 Issuing Distrubution Point +!Cname certificate-issuer +id-ce 29 : certificateIssuer : X509v3 Certificate Issuer !Cname name-constraints id-ce 30 : nameConstraints : X509v3 Name Constraints !Cname crl-distribution-points id-ce 31 : crlDistributionPoints : X509v3 CRL Distribution Points !Cname certificate-policies id-ce 32 : certificatePolicies : X509v3 Certificate Policies +!Cname any-policy +certificate-policies 0 : anyPolicy : X509v3 Any Policy +!Cname policy-mappings +id-ce 33 : policyMappings : X509v3 Policy Mappings !Cname authority-key-identifier id-ce 35 : authorityKeyIdentifier : X509v3 Authority Key Identifier !Cname policy-constraints id-ce 36 : policyConstraints : X509v3 Policy Constraints !Cname ext-key-usage id-ce 37 : extendedKeyUsage : X509v3 Extended Key Usage +!Cname inhibit-any-policy +id-ce 54 : inhibitAnyPolicy : X509v3 Inhibit Any Policy !Cname target-information id-ce 55 : targetInformation : X509v3 AC Targeting !Cname no-rev-avail @@ -668,7 +780,7 @@ mime-mhs-headings 2 : id-hex-multipart-message : id-hex-multipart-message !Cname rle-compression 1 1 1 1 666 1 : RLE : run length compression !Cname zlib-compression -1 1 1 1 666 2 : ZLIB : zlib compression +id-smime-alg 8 : ZLIB : zlib compression # AES aka Rijndael @@ -710,6 +822,10 @@ aes 44 : AES-256-CFB : aes-256-cfb : DES-EDE3-CFB1 : des-ede3-cfb1 : DES-EDE3-CFB8 : des-ede3-cfb8 +aes 5 : id-aes128-wrap +aes 25 : id-aes192-wrap +aes 45 : id-aes256-wrap + # OIDs for SHA224, SHA256, SHA385 and SHA512, according to x9.84. !Alias nist_hashalgs nistAlgorithms 2 nist_hashalgs 1 : SHA256 : sha256 @@ -728,9 +844,9 @@ holdInstruction 2 : holdInstructionCallIssuer : Hold Instruction Call Issuer !Cname hold-instruction-reject holdInstruction 3 : holdInstructionReject : Hold Instruction Reject -# OID's from CCITT. Most of this is defined in RFC 1274. A couple of +# OID's from ITU-T. Most of this is defined in RFC 1274. A couple of # them are also mentioned in RFC 2247 -ccitt 9 : data +itu-t 9 : data data 2342 : pss pss 19200300 : ucl ucl 100 : pilot @@ -804,7 +920,7 @@ pilotAttributeType 54 : : dITRedirect pilotAttributeType 55 : audio pilotAttributeType 56 : : documentPublisher -2 23 42 : id-set : Secure Electronic Transactions +international-organizations 42 : id-set : Secure Electronic Transactions id-set 0 : set-ctype : content types id-set 1 : set-msgExt : message extensions @@ -950,3 +1066,54 @@ set-brand 6011 : set-brand-Novus rsadsi 3 10 : DES-CDMF : des-cdmf rsadsi 1 1 6 : rsaOAEPEncryptionSET + + : Oakley-EC2N-3 : ipsec3 + : Oakley-EC2N-4 : ipsec4 + + +# Definitions for Camellia cipher - CBC MODE +1 2 392 200011 61 1 1 1 2 : CAMELLIA-128-CBC : camellia-128-cbc +1 2 392 200011 61 1 1 1 3 : CAMELLIA-192-CBC : camellia-192-cbc +1 2 392 200011 61 1 1 1 4 : CAMELLIA-256-CBC : camellia-256-cbc + +# Definitions for Camellia cipher - ECB, CFB, OFB MODE +!Alias ntt-ds 0 3 4401 5 +!Alias camellia ntt-ds 3 1 9 + +camellia 1 : CAMELLIA-128-ECB : camellia-128-ecb +!Cname camellia-128-ofb128 +camellia 3 : CAMELLIA-128-OFB : camellia-128-ofb +!Cname camellia-128-cfb128 +camellia 4 : CAMELLIA-128-CFB : camellia-128-cfb + +camellia 21 : CAMELLIA-192-ECB : camellia-192-ecb +!Cname camellia-192-ofb128 +camellia 23 : CAMELLIA-192-OFB : camellia-192-ofb +!Cname camellia-192-cfb128 +camellia 24 : CAMELLIA-192-CFB : camellia-192-cfb + +camellia 41 : CAMELLIA-256-ECB : camellia-256-ecb +!Cname camellia-256-ofb128 +camellia 43 : CAMELLIA-256-OFB : camellia-256-ofb +!Cname camellia-256-cfb128 +camellia 44 : CAMELLIA-256-CFB : camellia-256-cfb + +# There are no OIDs for these modes... + + : CAMELLIA-128-CFB1 : camellia-128-cfb1 + : CAMELLIA-192-CFB1 : camellia-192-cfb1 + : CAMELLIA-256-CFB1 : camellia-256-cfb1 + : CAMELLIA-128-CFB8 : camellia-128-cfb8 + : CAMELLIA-192-CFB8 : camellia-192-cfb8 + : CAMELLIA-256-CFB8 : camellia-256-cfb8 + + +# Definitions for SEED cipher - ECB, CBC, OFB mode + +member-body 410 200004 : KISA : kisa +kisa 1 3 : SEED-ECB : seed-ecb +kisa 1 4 : SEED-CBC : seed-cbc +!Cname seed-cfb128 +kisa 1 5 : SEED-CFB : seed-cfb +!Cname seed-ofb128 +kisa 1 6 : SEED-OFB : seed-ofb diff --git a/src/lib/libssl/src/crypto/ocsp/Makefile b/src/lib/libssl/src/crypto/ocsp/Makefile index 59f7098d9e..0fe028960e 100644 --- a/src/lib/libssl/src/crypto/ocsp/Makefile +++ b/src/lib/libssl/src/crypto/ocsp/Makefile @@ -7,11 +7,6 @@ TOP= ../.. CC= cc INCLUDES= -I.. -I$(TOP) -I../../include CFLAG=-g -INSTALL_PREFIX= -OPENSSLDIR= /usr/local/ssl -INSTALLTOP=/usr/local/ssl -MAKEDEPPROG= makedepend -MAKEDEPEND= $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG) MAKEFILE= Makefile AR= ar r @@ -54,6 +49,7 @@ links: @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS) install: + @[ -n "$(INSTALLTOP)" ] # should be set by top Makefile... @headerlist="$(EXHEADER)"; for i in $$headerlist ; \ do \ (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \ @@ -69,6 +65,7 @@ lint: lint -DLINT $(INCLUDES) $(SRC)>fluff depend: + @[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile... $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(LIBSRC) dclean: @@ -80,212 +77,137 @@ clean: # DO NOT DELETE THIS LINE -- make depend depends on it. -ocsp_asn.o: ../../include/openssl/aes.h ../../include/openssl/asn1.h -ocsp_asn.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h -ocsp_asn.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -ocsp_asn.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h +ocsp_asn.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h +ocsp_asn.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h ocsp_asn.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h -ocsp_asn.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -ocsp_asn.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -ocsp_asn.o: ../../include/openssl/e_os2.h ../../include/openssl/evp.h -ocsp_asn.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -ocsp_asn.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -ocsp_asn.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h +ocsp_asn.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h +ocsp_asn.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h +ocsp_asn.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h ocsp_asn.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h ocsp_asn.o: ../../include/openssl/ocsp.h ../../include/openssl/opensslconf.h ocsp_asn.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -ocsp_asn.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -ocsp_asn.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -ocsp_asn.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -ocsp_asn.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -ocsp_asn.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -ocsp_asn.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -ocsp_asn.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -ocsp_asn.o: ../../include/openssl/x509v3.h ocsp_asn.c -ocsp_cl.o: ../../e_os.h ../../include/openssl/aes.h -ocsp_cl.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -ocsp_cl.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -ocsp_cl.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h +ocsp_asn.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h +ocsp_asn.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +ocsp_asn.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h +ocsp_asn.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h +ocsp_asn.o: ocsp_asn.c +ocsp_cl.o: ../../e_os.h ../../include/openssl/asn1.h +ocsp_cl.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h ocsp_cl.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h -ocsp_cl.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -ocsp_cl.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -ocsp_cl.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -ocsp_cl.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -ocsp_cl.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -ocsp_cl.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -ocsp_cl.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h +ocsp_cl.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h +ocsp_cl.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h +ocsp_cl.o: ../../include/openssl/err.h ../../include/openssl/evp.h +ocsp_cl.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h ocsp_cl.o: ../../include/openssl/objects.h ../../include/openssl/ocsp.h ocsp_cl.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h ocsp_cl.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pem.h ocsp_cl.o: ../../include/openssl/pem2.h ../../include/openssl/pkcs7.h -ocsp_cl.o: ../../include/openssl/rand.h ../../include/openssl/rc2.h -ocsp_cl.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -ocsp_cl.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -ocsp_cl.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -ocsp_cl.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -ocsp_cl.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -ocsp_cl.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -ocsp_cl.o: ../../include/openssl/x509v3.h ../cryptlib.h ocsp_cl.c -ocsp_err.o: ../../include/openssl/aes.h ../../include/openssl/asn1.h -ocsp_err.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -ocsp_err.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -ocsp_err.o: ../../include/openssl/cast.h ../../include/openssl/conf.h -ocsp_err.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -ocsp_err.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -ocsp_err.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -ocsp_err.o: ../../include/openssl/err.h ../../include/openssl/evp.h -ocsp_err.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -ocsp_err.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -ocsp_err.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h +ocsp_cl.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h +ocsp_cl.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +ocsp_cl.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h +ocsp_cl.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h +ocsp_cl.o: ../cryptlib.h ocsp_cl.c +ocsp_err.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h +ocsp_err.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h +ocsp_err.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h +ocsp_err.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h +ocsp_err.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h +ocsp_err.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h ocsp_err.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h ocsp_err.o: ../../include/openssl/ocsp.h ../../include/openssl/opensslconf.h ocsp_err.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -ocsp_err.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -ocsp_err.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -ocsp_err.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -ocsp_err.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -ocsp_err.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -ocsp_err.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -ocsp_err.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -ocsp_err.o: ../../include/openssl/x509v3.h ocsp_err.c -ocsp_ext.o: ../../e_os.h ../../include/openssl/aes.h -ocsp_ext.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -ocsp_ext.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -ocsp_ext.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h +ocsp_err.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h +ocsp_err.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +ocsp_err.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h +ocsp_err.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h +ocsp_err.o: ocsp_err.c +ocsp_ext.o: ../../e_os.h ../../include/openssl/asn1.h +ocsp_ext.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h ocsp_ext.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h -ocsp_ext.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -ocsp_ext.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -ocsp_ext.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -ocsp_ext.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -ocsp_ext.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -ocsp_ext.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -ocsp_ext.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h +ocsp_ext.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h +ocsp_ext.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h +ocsp_ext.o: ../../include/openssl/err.h ../../include/openssl/evp.h +ocsp_ext.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h ocsp_ext.o: ../../include/openssl/objects.h ../../include/openssl/ocsp.h ocsp_ext.o: ../../include/openssl/opensslconf.h ocsp_ext.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h ocsp_ext.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h -ocsp_ext.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -ocsp_ext.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h -ocsp_ext.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -ocsp_ext.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -ocsp_ext.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -ocsp_ext.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h -ocsp_ext.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h -ocsp_ext.o: ../cryptlib.h ocsp_ext.c -ocsp_ht.o: ../../include/openssl/aes.h ../../include/openssl/asn1.h -ocsp_ht.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -ocsp_ht.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -ocsp_ht.o: ../../include/openssl/cast.h ../../include/openssl/conf.h -ocsp_ht.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -ocsp_ht.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -ocsp_ht.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -ocsp_ht.o: ../../include/openssl/err.h ../../include/openssl/evp.h -ocsp_ht.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -ocsp_ht.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -ocsp_ht.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h +ocsp_ext.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +ocsp_ext.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +ocsp_ext.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +ocsp_ext.o: ../../include/openssl/x509v3.h ../cryptlib.h ocsp_ext.c +ocsp_ht.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h +ocsp_ht.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h +ocsp_ht.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h +ocsp_ht.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h +ocsp_ht.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h +ocsp_ht.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h ocsp_ht.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h ocsp_ht.o: ../../include/openssl/ocsp.h ../../include/openssl/opensslconf.h ocsp_ht.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -ocsp_ht.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -ocsp_ht.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -ocsp_ht.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -ocsp_ht.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -ocsp_ht.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -ocsp_ht.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -ocsp_ht.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -ocsp_ht.o: ../../include/openssl/x509v3.h ocsp_ht.c -ocsp_lib.o: ../../e_os.h ../../include/openssl/aes.h -ocsp_lib.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -ocsp_lib.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -ocsp_lib.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h +ocsp_ht.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h +ocsp_ht.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +ocsp_ht.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h +ocsp_ht.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h +ocsp_ht.o: ocsp_ht.c +ocsp_lib.o: ../../e_os.h ../../include/openssl/asn1.h +ocsp_lib.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h ocsp_lib.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h -ocsp_lib.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -ocsp_lib.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -ocsp_lib.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -ocsp_lib.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -ocsp_lib.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -ocsp_lib.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -ocsp_lib.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h +ocsp_lib.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h +ocsp_lib.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h +ocsp_lib.o: ../../include/openssl/err.h ../../include/openssl/evp.h +ocsp_lib.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h ocsp_lib.o: ../../include/openssl/objects.h ../../include/openssl/ocsp.h ocsp_lib.o: ../../include/openssl/opensslconf.h ocsp_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h ocsp_lib.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h ocsp_lib.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h -ocsp_lib.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -ocsp_lib.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h -ocsp_lib.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -ocsp_lib.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -ocsp_lib.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -ocsp_lib.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h -ocsp_lib.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h -ocsp_lib.o: ../cryptlib.h ocsp_lib.c -ocsp_prn.o: ../../include/openssl/aes.h ../../include/openssl/asn1.h -ocsp_prn.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -ocsp_prn.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -ocsp_prn.o: ../../include/openssl/cast.h ../../include/openssl/conf.h -ocsp_prn.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -ocsp_prn.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -ocsp_prn.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -ocsp_prn.o: ../../include/openssl/err.h ../../include/openssl/evp.h -ocsp_prn.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -ocsp_prn.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -ocsp_prn.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h +ocsp_lib.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +ocsp_lib.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +ocsp_lib.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +ocsp_lib.o: ../../include/openssl/x509v3.h ../cryptlib.h ocsp_lib.c +ocsp_prn.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h +ocsp_prn.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h +ocsp_prn.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h +ocsp_prn.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h +ocsp_prn.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h +ocsp_prn.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h ocsp_prn.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h ocsp_prn.o: ../../include/openssl/ocsp.h ../../include/openssl/opensslconf.h ocsp_prn.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h ocsp_prn.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h -ocsp_prn.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -ocsp_prn.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -ocsp_prn.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -ocsp_prn.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -ocsp_prn.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -ocsp_prn.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -ocsp_prn.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -ocsp_prn.o: ../../include/openssl/x509v3.h ocsp_prn.c -ocsp_srv.o: ../../e_os.h ../../include/openssl/aes.h -ocsp_srv.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -ocsp_srv.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -ocsp_srv.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h +ocsp_prn.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h +ocsp_prn.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +ocsp_prn.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h +ocsp_prn.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h +ocsp_prn.o: ocsp_prn.c +ocsp_srv.o: ../../e_os.h ../../include/openssl/asn1.h +ocsp_srv.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h ocsp_srv.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h -ocsp_srv.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -ocsp_srv.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -ocsp_srv.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -ocsp_srv.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -ocsp_srv.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -ocsp_srv.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -ocsp_srv.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h +ocsp_srv.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h +ocsp_srv.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h +ocsp_srv.o: ../../include/openssl/err.h ../../include/openssl/evp.h +ocsp_srv.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h ocsp_srv.o: ../../include/openssl/objects.h ../../include/openssl/ocsp.h ocsp_srv.o: ../../include/openssl/opensslconf.h ocsp_srv.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h ocsp_srv.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h ocsp_srv.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h -ocsp_srv.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -ocsp_srv.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h -ocsp_srv.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -ocsp_srv.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -ocsp_srv.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -ocsp_srv.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h -ocsp_srv.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h -ocsp_srv.o: ../cryptlib.h ocsp_srv.c -ocsp_vfy.o: ../../include/openssl/aes.h ../../include/openssl/asn1.h -ocsp_vfy.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -ocsp_vfy.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -ocsp_vfy.o: ../../include/openssl/cast.h ../../include/openssl/conf.h -ocsp_vfy.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -ocsp_vfy.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -ocsp_vfy.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -ocsp_vfy.o: ../../include/openssl/err.h ../../include/openssl/evp.h -ocsp_vfy.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -ocsp_vfy.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -ocsp_vfy.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h +ocsp_srv.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +ocsp_srv.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +ocsp_srv.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +ocsp_srv.o: ../../include/openssl/x509v3.h ../cryptlib.h ocsp_srv.c +ocsp_vfy.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h +ocsp_vfy.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h +ocsp_vfy.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h +ocsp_vfy.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h +ocsp_vfy.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h +ocsp_vfy.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h ocsp_vfy.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h ocsp_vfy.o: ../../include/openssl/ocsp.h ../../include/openssl/opensslconf.h ocsp_vfy.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -ocsp_vfy.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -ocsp_vfy.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -ocsp_vfy.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -ocsp_vfy.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -ocsp_vfy.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -ocsp_vfy.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -ocsp_vfy.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -ocsp_vfy.o: ../../include/openssl/x509v3.h ocsp_vfy.c +ocsp_vfy.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h +ocsp_vfy.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +ocsp_vfy.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h +ocsp_vfy.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h +ocsp_vfy.o: ocsp_vfy.c diff --git a/src/lib/libssl/src/crypto/ocsp/ocsp.h b/src/lib/libssl/src/crypto/ocsp/ocsp.h index fab3c03182..a0577a717e 100644 --- a/src/lib/libssl/src/crypto/ocsp/ocsp.h +++ b/src/lib/libssl/src/crypto/ocsp/ocsp.h @@ -186,11 +186,11 @@ typedef struct ocsp_resp_bytes_st * responseStatus OCSPResponseStatus, * responseBytes [0] EXPLICIT ResponseBytes OPTIONAL } */ -typedef struct ocsp_response_st +struct ocsp_response_st { ASN1_ENUMERATED *responseStatus; OCSP_RESPBYTES *responseBytes; - } OCSP_RESPONSE; + }; /* ResponderID ::= CHOICE { * byName [1] Name, @@ -198,14 +198,18 @@ typedef struct ocsp_response_st */ #define V_OCSP_RESPID_NAME 0 #define V_OCSP_RESPID_KEY 1 -typedef struct ocsp_responder_id_st +struct ocsp_responder_id_st { int type; union { X509_NAME* byName; ASN1_OCTET_STRING *byKey; } value; - } OCSP_RESPID; + }; + +DECLARE_STACK_OF(OCSP_RESPID) +DECLARE_ASN1_FUNCTIONS(OCSP_RESPID) + /* KeyHash ::= OCTET STRING --SHA-1 hash of responder's public key * --(excluding the tag and length fields) */ @@ -349,13 +353,9 @@ typedef struct ocsp_service_locator_st #define PEM_STRING_OCSP_REQUEST "OCSP REQUEST" #define PEM_STRING_OCSP_RESPONSE "OCSP RESPONSE" -#define d2i_OCSP_REQUEST_bio(bp,p) (OCSP_REQUEST*)ASN1_d2i_bio((char*(*)()) \ - OCSP_REQUEST_new,(char *(*)())d2i_OCSP_REQUEST, (bp),\ - (unsigned char **)(p)) +#define d2i_OCSP_REQUEST_bio(bp,p) ASN1_d2i_bio_of(OCSP_REQUEST,OCSP_REQUEST_new,d2i_OCSP_REQUEST,bp,p) -#define d2i_OCSP_RESPONSE_bio(bp,p) (OCSP_RESPONSE*)ASN1_d2i_bio((char*(*)())\ - OCSP_REQUEST_new,(char *(*)())d2i_OCSP_RESPONSE, (bp),\ - (unsigned char **)(p)) +#define d2i_OCSP_RESPONSE_bio(bp,p) ASN1_d2i_bio_of(OCSP_RESPONSE,OCSP_RESPONSE_new,d2i_OCSP_RESPONSE,bp,p) #define PEM_read_bio_OCSP_REQUEST(bp,x,cb) (OCSP_REQUEST *)PEM_ASN1_read_bio( \ (char *(*)())d2i_OCSP_REQUEST,PEM_STRING_OCSP_REQUEST,bp,(char **)x,cb,NULL) @@ -371,11 +371,9 @@ typedef struct ocsp_service_locator_st PEM_ASN1_write_bio((int (*)())i2d_OCSP_RESPONSE,PEM_STRING_OCSP_RESPONSE,\ bp,(char *)o, NULL,NULL,0,NULL,NULL) -#define i2d_OCSP_RESPONSE_bio(bp,o) ASN1_i2d_bio(i2d_OCSP_RESPONSE,bp,\ - (unsigned char *)o) +#define i2d_OCSP_RESPONSE_bio(bp,o) ASN1_i2d_bio_of(OCSP_RESPONSE,i2d_OCSP_RESPONSE,bp,o) -#define i2d_OCSP_REQUEST_bio(bp,o) ASN1_i2d_bio(i2d_OCSP_REQUEST,bp,\ - (unsigned char *)o) +#define i2d_OCSP_REQUEST_bio(bp,o) ASN1_i2d_bio_of(OCSP_REQUEST,i2d_OCSP_REQUEST,bp,o) #define OCSP_REQUEST_sign(o,pkey,md) \ ASN1_item_sign(ASN1_ITEM_rptr(OCSP_REQINFO),\ @@ -396,14 +394,17 @@ typedef struct ocsp_service_locator_st #define ASN1_BIT_STRING_digest(data,type,md,len) \ ASN1_item_digest(ASN1_ITEM_rptr(ASN1_BIT_STRING),type,data,md,len) -#define OCSP_CERTID_dup(cid) (OCSP_CERTID*)ASN1_dup((int(*)())i2d_OCSP_CERTID,\ - (char *(*)())d2i_OCSP_CERTID,(char *)(cid)) +#define OCSP_CERTID_dup(cid) ASN1_dup_of(OCSP_CERTID,i2d_OCSP_CERTID,d2i_OCSP_CERTID,cid) #define OCSP_CERTSTATUS_dup(cs)\ (OCSP_CERTSTATUS*)ASN1_dup((int(*)())i2d_OCSP_CERTSTATUS,\ (char *(*)())d2i_OCSP_CERTSTATUS,(char *)(cs)) OCSP_RESPONSE *OCSP_sendreq_bio(BIO *b, char *path, OCSP_REQUEST *req); +OCSP_REQ_CTX *OCSP_sendreq_new(BIO *io, char *path, OCSP_REQUEST *req, + int maxline); +int OCSP_sendreq_nbio(OCSP_RESPONSE **presp, OCSP_REQ_CTX *rctx); +void OCSP_REQ_CTX_free(OCSP_REQ_CTX *rctx); OCSP_CERTID *OCSP_cert_to_id(const EVP_MD *dgst, X509 *subject, X509 *issuer); @@ -473,8 +474,10 @@ int OCSP_basic_sign(OCSP_BASICRESP *brsp, X509 *signer, EVP_PKEY *key, const EVP_MD *dgst, STACK_OF(X509) *certs, unsigned long flags); -ASN1_STRING *ASN1_STRING_encode(ASN1_STRING *s, int (*i2d)(), - char *data, STACK_OF(ASN1_OBJECT) *sk); +ASN1_STRING *ASN1_STRING_encode(ASN1_STRING *s, i2d_of_void *i2d, + void *data, STACK_OF(ASN1_OBJECT) *sk); +#define ASN1_STRING_encode_of(type,s,i2d,data,sk) \ + ASN1_STRING_encode(s, CHECKED_I2D_OF(type, i2d), data, sk) X509_EXTENSION *OCSP_crlID_new(char *url, long *n, char *tim); @@ -564,11 +567,11 @@ void ERR_load_OCSP_strings(void); /* Function codes. */ #define OCSP_F_ASN1_STRING_ENCODE 100 -#define OCSP_F_CERT_ID_NEW 101 #define OCSP_F_D2I_OCSP_NONCE 102 #define OCSP_F_OCSP_BASIC_ADD1_STATUS 103 #define OCSP_F_OCSP_BASIC_SIGN 104 #define OCSP_F_OCSP_BASIC_VERIFY 105 +#define OCSP_F_OCSP_CERT_ID_NEW 101 #define OCSP_F_OCSP_CHECK_DELEGATED 106 #define OCSP_F_OCSP_CHECK_IDS 107 #define OCSP_F_OCSP_CHECK_ISSUER 108 @@ -579,6 +582,7 @@ void ERR_load_OCSP_strings(void); #define OCSP_F_OCSP_REQUEST_VERIFY 116 #define OCSP_F_OCSP_RESPONSE_GET1_BASIC 111 #define OCSP_F_OCSP_SENDREQ_BIO 112 +#define OCSP_F_PARSE_HTTP_LINE1 117 #define OCSP_F_REQUEST_VERIFY 113 /* Reason codes. */ diff --git a/src/lib/libssl/src/crypto/ocsp/ocsp_asn.c b/src/lib/libssl/src/crypto/ocsp/ocsp_asn.c index 6a3a360d54..39b7a1c568 100644 --- a/src/lib/libssl/src/crypto/ocsp/ocsp_asn.c +++ b/src/lib/libssl/src/crypto/ocsp/ocsp_asn.c @@ -62,7 +62,7 @@ ASN1_SEQUENCE(OCSP_SIGNATURE) = { ASN1_SIMPLE(OCSP_SIGNATURE, signatureAlgorithm, X509_ALGOR), ASN1_SIMPLE(OCSP_SIGNATURE, signature, ASN1_BIT_STRING), - ASN1_EXP_SEQUENCE_OF(OCSP_SIGNATURE, certs, X509, 0) + ASN1_EXP_SEQUENCE_OF_OPT(OCSP_SIGNATURE, certs, X509, 0) } ASN1_SEQUENCE_END(OCSP_SIGNATURE) IMPLEMENT_ASN1_FUNCTIONS(OCSP_SIGNATURE) diff --git a/src/lib/libssl/src/crypto/ocsp/ocsp_cl.c b/src/lib/libssl/src/crypto/ocsp/ocsp_cl.c index 9b3e6dd8ca..17bab5fc59 100644 --- a/src/lib/libssl/src/crypto/ocsp/ocsp_cl.c +++ b/src/lib/libssl/src/crypto/ocsp/ocsp_cl.c @@ -101,6 +101,8 @@ int OCSP_request_set1_name(OCSP_REQUEST *req, X509_NAME *nm) { GENERAL_NAME *gen; gen = GENERAL_NAME_new(); + if (gen == NULL) + return 0; if (!X509_NAME_set(&gen->d.directoryName, nm)) { GENERAL_NAME_free(gen); diff --git a/src/lib/libssl/src/crypto/ocsp/ocsp_err.c b/src/lib/libssl/src/crypto/ocsp/ocsp_err.c index 65e6093fbc..d2f2e79f44 100644 --- a/src/lib/libssl/src/crypto/ocsp/ocsp_err.c +++ b/src/lib/libssl/src/crypto/ocsp/ocsp_err.c @@ -1,6 +1,6 @@ /* crypto/ocsp/ocsp_err.c */ /* ==================================================================== - * Copyright (c) 1999-2005 The OpenSSL Project. All rights reserved. + * Copyright (c) 1999-2007 The OpenSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -71,11 +71,11 @@ static ERR_STRING_DATA OCSP_str_functs[]= { {ERR_FUNC(OCSP_F_ASN1_STRING_ENCODE), "ASN1_STRING_encode"}, -{ERR_FUNC(OCSP_F_CERT_ID_NEW), "CERT_ID_NEW"}, {ERR_FUNC(OCSP_F_D2I_OCSP_NONCE), "D2I_OCSP_NONCE"}, {ERR_FUNC(OCSP_F_OCSP_BASIC_ADD1_STATUS), "OCSP_basic_add1_status"}, {ERR_FUNC(OCSP_F_OCSP_BASIC_SIGN), "OCSP_basic_sign"}, {ERR_FUNC(OCSP_F_OCSP_BASIC_VERIFY), "OCSP_basic_verify"}, +{ERR_FUNC(OCSP_F_OCSP_CERT_ID_NEW), "OCSP_cert_id_new"}, {ERR_FUNC(OCSP_F_OCSP_CHECK_DELEGATED), "OCSP_CHECK_DELEGATED"}, {ERR_FUNC(OCSP_F_OCSP_CHECK_IDS), "OCSP_CHECK_IDS"}, {ERR_FUNC(OCSP_F_OCSP_CHECK_ISSUER), "OCSP_CHECK_ISSUER"}, @@ -86,6 +86,7 @@ static ERR_STRING_DATA OCSP_str_functs[]= {ERR_FUNC(OCSP_F_OCSP_REQUEST_VERIFY), "OCSP_request_verify"}, {ERR_FUNC(OCSP_F_OCSP_RESPONSE_GET1_BASIC), "OCSP_response_get1_basic"}, {ERR_FUNC(OCSP_F_OCSP_SENDREQ_BIO), "OCSP_sendreq_bio"}, +{ERR_FUNC(OCSP_F_PARSE_HTTP_LINE1), "PARSE_HTTP_LINE1"}, {ERR_FUNC(OCSP_F_REQUEST_VERIFY), "REQUEST_VERIFY"}, {0,NULL} }; @@ -129,15 +130,12 @@ static ERR_STRING_DATA OCSP_str_reasons[]= void ERR_load_OCSP_strings(void) { - static int init=1; +#ifndef OPENSSL_NO_ERR - if (init) + if (ERR_func_error_string(OCSP_str_functs[0].error) == NULL) { - init=0; -#ifndef OPENSSL_NO_ERR ERR_load_strings(0,OCSP_str_functs); ERR_load_strings(0,OCSP_str_reasons); -#endif - } +#endif } diff --git a/src/lib/libssl/src/crypto/ocsp/ocsp_ext.c b/src/lib/libssl/src/crypto/ocsp/ocsp_ext.c index 57399433fc..815cc29d58 100644 --- a/src/lib/libssl/src/crypto/ocsp/ocsp_ext.c +++ b/src/lib/libssl/src/crypto/ocsp/ocsp_ext.c @@ -265,8 +265,8 @@ int OCSP_SINGLERESP_add_ext(OCSP_SINGLERESP *x, X509_EXTENSION *ex, int loc) /* also CRL Entry Extensions */ -ASN1_STRING *ASN1_STRING_encode(ASN1_STRING *s, int (*i2d)(), - char *data, STACK_OF(ASN1_OBJECT) *sk) +ASN1_STRING *ASN1_STRING_encode(ASN1_STRING *s, i2d_of_void *i2d, + void *data, STACK_OF(ASN1_OBJECT) *sk) { int i; unsigned char *p, *b = NULL; @@ -274,18 +274,23 @@ ASN1_STRING *ASN1_STRING_encode(ASN1_STRING *s, int (*i2d)(), if (data) { if ((i=i2d(data,NULL)) <= 0) goto err; - if (!(b=p=(unsigned char*)OPENSSL_malloc((unsigned int)i))) + if (!(b=p=OPENSSL_malloc((unsigned int)i))) goto err; if (i2d(data, &p) <= 0) goto err; } else if (sk) { - if ((i=i2d_ASN1_SET_OF_ASN1_OBJECT(sk,NULL,i2d,V_ASN1_SEQUENCE, - V_ASN1_UNIVERSAL,IS_SEQUENCE))<=0) goto err; - if (!(b=p=(unsigned char*)OPENSSL_malloc((unsigned int)i))) + if ((i=i2d_ASN1_SET_OF_ASN1_OBJECT(sk,NULL, + (I2D_OF(ASN1_OBJECT))i2d, + V_ASN1_SEQUENCE, + V_ASN1_UNIVERSAL, + IS_SEQUENCE))<=0) goto err; + if (!(b=p=OPENSSL_malloc((unsigned int)i))) goto err; - if (i2d_ASN1_SET_OF_ASN1_OBJECT(sk,&p,i2d,V_ASN1_SEQUENCE, - V_ASN1_UNIVERSAL,IS_SEQUENCE)<=0) goto err; + if (i2d_ASN1_SET_OF_ASN1_OBJECT(sk,&p,(I2D_OF(ASN1_OBJECT))i2d, + V_ASN1_SEQUENCE, + V_ASN1_UNIVERSAL, + IS_SEQUENCE)<=0) goto err; } else { @@ -439,7 +444,8 @@ X509_EXTENSION *OCSP_crlID_new(char *url, long *n, char *tim) } if (!(x = X509_EXTENSION_new())) goto err; if (!(x->object = OBJ_nid2obj(NID_id_pkix_OCSP_CrlID))) goto err; - if (!(ASN1_STRING_encode(x->value,i2d_OCSP_CRLID,(char*)cid,NULL))) + if (!(ASN1_STRING_encode_of(OCSP_CRLID,x->value,i2d_OCSP_CRLID,cid, + NULL))) goto err; OCSP_CRLID_free(cid); return x; @@ -467,7 +473,8 @@ X509_EXTENSION *OCSP_accept_responses_new(char **oids) if (!(x = X509_EXTENSION_new())) goto err; if (!(x->object = OBJ_nid2obj(NID_id_pkix_OCSP_acceptableResponses))) goto err; - if (!(ASN1_STRING_encode(x->value,i2d_ASN1_OBJECT,NULL,sk))) + if (!(ASN1_STRING_encode_of(ASN1_OBJECT,x->value,i2d_ASN1_OBJECT,NULL, + sk))) goto err; sk_ASN1_OBJECT_pop_free(sk, ASN1_OBJECT_free); return x; @@ -487,8 +494,8 @@ X509_EXTENSION *OCSP_archive_cutoff_new(char* tim) if (!(ASN1_GENERALIZEDTIME_set_string(gt, tim))) goto err; if (!(x = X509_EXTENSION_new())) goto err; if (!(x->object=OBJ_nid2obj(NID_id_pkix_OCSP_archiveCutoff)))goto err; - if (!(ASN1_STRING_encode(x->value,i2d_ASN1_GENERALIZEDTIME, - (char*)gt,NULL))) goto err; + if (!(ASN1_STRING_encode_of(ASN1_GENERALIZEDTIME,x->value, + i2d_ASN1_GENERALIZEDTIME,gt,NULL))) goto err; ASN1_GENERALIZEDTIME_free(gt); return x; err: @@ -526,8 +533,8 @@ X509_EXTENSION *OCSP_url_svcloc_new(X509_NAME* issuer, char **urls) if (!(x = X509_EXTENSION_new())) goto err; if (!(x->object = OBJ_nid2obj(NID_id_pkix_OCSP_serviceLocator))) goto err; - if (!(ASN1_STRING_encode(x->value, i2d_OCSP_SERVICELOC, - (char*)sloc, NULL))) goto err; + if (!(ASN1_STRING_encode_of(OCSP_SERVICELOC,x->value, + i2d_OCSP_SERVICELOC,sloc,NULL))) goto err; OCSP_SERVICELOC_free(sloc); return x; err: diff --git a/src/lib/libssl/src/crypto/ocsp/ocsp_ht.c b/src/lib/libssl/src/crypto/ocsp/ocsp_ht.c index 9213e58ae4..a8e569b74a 100644 --- a/src/lib/libssl/src/crypto/ocsp/ocsp_ht.c +++ b/src/lib/libssl/src/crypto/ocsp/ocsp_ht.c @@ -1,9 +1,9 @@ /* ocsp_ht.c */ /* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL - * project 2000. + * project 2006. */ /* ==================================================================== - * Copyright (c) 2000 The OpenSSL Project. All rights reserved. + * Copyright (c) 2006 The OpenSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -68,106 +68,404 @@ #define strtoul (unsigned long)strtol #endif /* OPENSSL_SYS_SUNOS */ -/* Quick and dirty HTTP OCSP request handler. - * Could make this a bit cleverer by adding - * support for non blocking BIOs and a few - * other refinements. - */ +/* Stateful OCSP request code, supporting non-blocking I/O */ -OCSP_RESPONSE *OCSP_sendreq_bio(BIO *b, char *path, OCSP_REQUEST *req) -{ - BIO *mem = NULL; - char tmpbuf[1024]; - OCSP_RESPONSE *resp = NULL; - char *p, *q, *r; - int len, retcode; - static char req_txt[] = -"POST %s HTTP/1.0\r\n\ -Content-Type: application/ocsp-request\r\n\ -Content-Length: %d\r\n\r\n"; - - len = i2d_OCSP_REQUEST(req, NULL); - if(BIO_printf(b, req_txt, path, len) < 0) { - OCSPerr(OCSP_F_OCSP_SENDREQ_BIO,OCSP_R_SERVER_WRITE_ERROR); - goto err; - } - if(i2d_OCSP_REQUEST_bio(b, req) <= 0) { - OCSPerr(OCSP_F_OCSP_SENDREQ_BIO,OCSP_R_SERVER_WRITE_ERROR); - goto err; +/* Opaque OCSP request status structure */ + +struct ocsp_req_ctx_st { + int state; /* Current I/O state */ + unsigned char *iobuf; /* Line buffer */ + int iobuflen; /* Line buffer length */ + BIO *io; /* BIO to perform I/O with */ + BIO *mem; /* Memory BIO response is built into */ + unsigned long asn1_len; /* ASN1 length of response */ + }; + +#define OCSP_MAX_REQUEST_LENGTH (100 * 1024) +#define OCSP_MAX_LINE_LEN 4096; + +/* OCSP states */ + +/* If set no reading should be performed */ +#define OHS_NOREAD 0x1000 +/* Error condition */ +#define OHS_ERROR (0 | OHS_NOREAD) +/* First line being read */ +#define OHS_FIRSTLINE 1 +/* MIME headers being read */ +#define OHS_HEADERS 2 +/* OCSP initial header (tag + length) being read */ +#define OHS_ASN1_HEADER 3 +/* OCSP content octets being read */ +#define OHS_ASN1_CONTENT 4 +/* Request being sent */ +#define OHS_ASN1_WRITE (6 | OHS_NOREAD) +/* Request being flushed */ +#define OHS_ASN1_FLUSH (7 | OHS_NOREAD) +/* Completed */ +#define OHS_DONE (8 | OHS_NOREAD) + + +static int parse_http_line1(char *line); + +void OCSP_REQ_CTX_free(OCSP_REQ_CTX *rctx) + { + if (rctx->mem) + BIO_free(rctx->mem); + if (rctx->iobuf) + OPENSSL_free(rctx->iobuf); + OPENSSL_free(rctx); } - if(!(mem = BIO_new(BIO_s_mem()))) goto err; - /* Copy response to a memory BIO: socket bios can't do gets! */ - while ((len = BIO_read(b, tmpbuf, sizeof tmpbuf))) { - if(len < 0) { - OCSPerr(OCSP_F_OCSP_SENDREQ_BIO,OCSP_R_SERVER_READ_ERROR); - goto err; + +OCSP_REQ_CTX *OCSP_sendreq_new(BIO *io, char *path, OCSP_REQUEST *req, + int maxline) + { + static char post_hdr[] = "POST %s HTTP/1.0\r\n" + "Content-Type: application/ocsp-request\r\n" + "Content-Length: %d\r\n\r\n"; + + OCSP_REQ_CTX *rctx; + rctx = OPENSSL_malloc(sizeof(OCSP_REQ_CTX)); + rctx->state = OHS_FIRSTLINE; + rctx->mem = BIO_new(BIO_s_mem()); + rctx->io = io; + if (maxline > 0) + rctx->iobuflen = maxline; + else + rctx->iobuflen = OCSP_MAX_LINE_LEN; + rctx->iobuf = OPENSSL_malloc(rctx->iobuflen); + if (!path) + path = "/"; + + if (BIO_printf(rctx->mem, post_hdr, path, + i2d_OCSP_REQUEST(req, NULL)) <= 0) + { + rctx->state = OHS_ERROR; + return 0; } - BIO_write(mem, tmpbuf, len); - } - if(BIO_gets(mem, tmpbuf, 512) <= 0) { - OCSPerr(OCSP_F_OCSP_SENDREQ_BIO,OCSP_R_SERVER_RESPONSE_PARSE_ERROR); - goto err; + if (i2d_OCSP_REQUEST_bio(rctx->mem, req) <= 0) + { + rctx->state = OHS_ERROR; + return 0; + } + rctx->state = OHS_ASN1_WRITE; + rctx->asn1_len = BIO_get_mem_data(rctx->mem, NULL); + + return rctx; } - /* Parse the HTTP response. This will look like this: - * "HTTP/1.0 200 OK". We need to obtain the numeric code and - * (optional) informational message. - */ +/* Parse the HTTP response. This will look like this: + * "HTTP/1.0 200 OK". We need to obtain the numeric code and + * (optional) informational message. + */ + +static int parse_http_line1(char *line) + { + int retcode; + char *p, *q, *r; /* Skip to first white space (passed protocol info) */ - for(p = tmpbuf; *p && !isspace((unsigned char)*p); p++) continue; - if(!*p) { - OCSPerr(OCSP_F_OCSP_SENDREQ_BIO,OCSP_R_SERVER_RESPONSE_PARSE_ERROR); - goto err; - } + + for(p = line; *p && !isspace((unsigned char)*p); p++) + continue; + if(!*p) + { + OCSPerr(OCSP_F_PARSE_HTTP_LINE1, + OCSP_R_SERVER_RESPONSE_PARSE_ERROR); + return 0; + } + /* Skip past white space to start of response code */ - while(*p && isspace((unsigned char)*p)) p++; - if(!*p) { - OCSPerr(OCSP_F_OCSP_SENDREQ_BIO,OCSP_R_SERVER_RESPONSE_PARSE_ERROR); - goto err; - } + while(*p && isspace((unsigned char)*p)) + p++; + + if(!*p) + { + OCSPerr(OCSP_F_PARSE_HTTP_LINE1, + OCSP_R_SERVER_RESPONSE_PARSE_ERROR); + return 0; + } + /* Find end of response code: first whitespace after start of code */ - for(q = p; *q && !isspace((unsigned char)*q); q++) continue; - if(!*q) { - OCSPerr(OCSP_F_OCSP_SENDREQ_BIO,OCSP_R_SERVER_RESPONSE_PARSE_ERROR); - goto err; - } + for(q = p; *q && !isspace((unsigned char)*q); q++) + continue; + + if(!*q) + { + OCSPerr(OCSP_F_PARSE_HTTP_LINE1, + OCSP_R_SERVER_RESPONSE_PARSE_ERROR); + return 0; + } + /* Set end of response code and start of message */ *q++ = 0; + /* Attempt to parse numeric code */ retcode = strtoul(p, &r, 10); - if(*r) goto err; + + if(*r) + return 0; + /* Skip over any leading white space in message */ - while(*q && isspace((unsigned char)*q)) q++; - if(*q) { - /* Finally zap any trailing white space in message (include CRLF) */ - /* We know q has a non white space character so this is OK */ - for(r = q + strlen(q) - 1; isspace((unsigned char)*r); r--) *r = 0; - } - if(retcode != 200) { - OCSPerr(OCSP_F_OCSP_SENDREQ_BIO,OCSP_R_SERVER_RESPONSE_ERROR); - if(!*q) { - ERR_add_error_data(2, "Code=", p); + while(*q && isspace((unsigned char)*q)) + q++; + + if(*q) + { + /* Finally zap any trailing white space in message (include + * CRLF) */ + + /* We know q has a non white space character so this is OK */ + for(r = q + strlen(q) - 1; isspace((unsigned char)*r); r--) + *r = 0; } - else { + if(retcode != 200) + { + OCSPerr(OCSP_F_PARSE_HTTP_LINE1, OCSP_R_SERVER_RESPONSE_ERROR); + if(!*q) + ERR_add_error_data(2, "Code=", p); + else ERR_add_error_data(4, "Code=", p, ",Reason=", q); + return 0; } - goto err; + + + return 1; + } - /* Find blank line marking beginning of content */ - while(BIO_gets(mem, tmpbuf, 512) > 0) + +int OCSP_sendreq_nbio(OCSP_RESPONSE **presp, OCSP_REQ_CTX *rctx) { - for(p = tmpbuf; *p && isspace((unsigned char)*p); p++) continue; - if(!*p) break; - } - if(*p) { - OCSPerr(OCSP_F_OCSP_SENDREQ_BIO,OCSP_R_NO_CONTENT); - goto err; + int i, n; + const unsigned char *p; + next_io: + if (!(rctx->state & OHS_NOREAD)) + { + n = BIO_read(rctx->io, rctx->iobuf, rctx->iobuflen); + + if (n <= 0) + { + if (BIO_should_retry(rctx->io)) + return -1; + return 0; + } + + /* Write data to memory BIO */ + + if (BIO_write(rctx->mem, rctx->iobuf, n) != n) + return 0; + } + + switch(rctx->state) + { + + case OHS_ASN1_WRITE: + n = BIO_get_mem_data(rctx->mem, &p); + + i = BIO_write(rctx->io, + p + (n - rctx->asn1_len), rctx->asn1_len); + + if (i <= 0) + { + if (BIO_should_retry(rctx->io)) + return -1; + rctx->state = OHS_ERROR; + return 0; + } + + rctx->asn1_len -= i; + + if (rctx->asn1_len > 0) + goto next_io; + + rctx->state = OHS_ASN1_FLUSH; + + (void)BIO_reset(rctx->mem); + + case OHS_ASN1_FLUSH: + + i = BIO_flush(rctx->io); + + if (i > 0) + { + rctx->state = OHS_FIRSTLINE; + goto next_io; + } + + if (BIO_should_retry(rctx->io)) + return -1; + + rctx->state = OHS_ERROR; + return 0; + + case OHS_ERROR: + return 0; + + case OHS_FIRSTLINE: + case OHS_HEADERS: + + /* Attempt to read a line in */ + + next_line: + /* Due to &%^*$" memory BIO behaviour with BIO_gets we + * have to check there's a complete line in there before + * calling BIO_gets or we'll just get a partial read. + */ + n = BIO_get_mem_data(rctx->mem, &p); + if ((n <= 0) || !memchr(p, '\n', n)) + { + if (n >= rctx->iobuflen) + { + rctx->state = OHS_ERROR; + return 0; + } + goto next_io; + } + n = BIO_gets(rctx->mem, (char *)rctx->iobuf, rctx->iobuflen); + + if (n <= 0) + { + if (BIO_should_retry(rctx->mem)) + goto next_io; + rctx->state = OHS_ERROR; + return 0; + } + + /* Don't allow excessive lines */ + if (n == rctx->iobuflen) + { + rctx->state = OHS_ERROR; + return 0; + } + + /* First line */ + if (rctx->state == OHS_FIRSTLINE) + { + if (parse_http_line1((char *)rctx->iobuf)) + { + rctx->state = OHS_HEADERS; + goto next_line; + } + else + { + rctx->state = OHS_ERROR; + return 0; + } + } + else + { + /* Look for blank line: end of headers */ + for (p = rctx->iobuf; *p; p++) + { + if ((*p != '\r') && (*p != '\n')) + break; + } + if (*p) + goto next_line; + + rctx->state = OHS_ASN1_HEADER; + + } + + /* Fall thru */ + + + case OHS_ASN1_HEADER: + /* Now reading ASN1 header: can read at least 6 bytes which + * is more than enough for any valid ASN1 SEQUENCE header + */ + n = BIO_get_mem_data(rctx->mem, &p); + if (n < 6) + goto next_io; + + /* Check it is an ASN1 SEQUENCE */ + if (*p++ != (V_ASN1_SEQUENCE|V_ASN1_CONSTRUCTED)) + { + rctx->state = OHS_ERROR; + return 0; + } + + /* Check out length field */ + if (*p & 0x80) + { + n = *p & 0x7F; + /* Not NDEF or excessive length */ + if (!n || (n > 4)) + { + rctx->state = OHS_ERROR; + return 0; + } + p++; + rctx->asn1_len = 0; + for (i = 0; i < n; i++) + { + rctx->asn1_len <<= 8; + rctx->asn1_len |= *p++; + } + + if (rctx->asn1_len > OCSP_MAX_REQUEST_LENGTH) + { + rctx->state = OHS_ERROR; + return 0; + } + + rctx->asn1_len += n + 2; + } + else + rctx->asn1_len = *p + 2; + + rctx->state = OHS_ASN1_CONTENT; + + /* Fall thru */ + + case OHS_ASN1_CONTENT: + n = BIO_get_mem_data(rctx->mem, &p); + if (n < (int)rctx->asn1_len) + goto next_io; + + + *presp = d2i_OCSP_RESPONSE(NULL, &p, rctx->asn1_len); + if (*presp) + { + rctx->state = OHS_DONE; + return 1; + } + + rctx->state = OHS_ERROR; + return 0; + + break; + + case OHS_DONE: + return 1; + + } + + + + return 0; + + } - if(!(resp = d2i_OCSP_RESPONSE_bio(mem, NULL))) { - OCSPerr(OCSP_F_OCSP_SENDREQ_BIO,ERR_R_NESTED_ASN1_ERROR); - goto err; + +/* Blocking OCSP request handler: now a special case of non-blocking I/O */ + +OCSP_RESPONSE *OCSP_sendreq_bio(BIO *b, char *path, OCSP_REQUEST *req) + { + OCSP_RESPONSE *resp = NULL; + OCSP_REQ_CTX *ctx; + int rv; + + ctx = OCSP_sendreq_new(b, path, req, -1); + + do + { + rv = OCSP_sendreq_nbio(&resp, ctx); + } while ((rv == -1) && BIO_should_retry(b)); + + OCSP_REQ_CTX_free(ctx); + + if (rv) + return resp; + + return NULL; } - err: - BIO_free(mem); - return resp; -} diff --git a/src/lib/libssl/src/crypto/ocsp/ocsp_lib.c b/src/lib/libssl/src/crypto/ocsp/ocsp_lib.c index 9e87fc7895..27450811d7 100644 --- a/src/lib/libssl/src/crypto/ocsp/ocsp_lib.c +++ b/src/lib/libssl/src/crypto/ocsp/ocsp_lib.c @@ -112,7 +112,7 @@ OCSP_CERTID *OCSP_cert_id_new(const EVP_MD *dgst, if (alg->algorithm != NULL) ASN1_OBJECT_free(alg->algorithm); if ((nid = EVP_MD_type(dgst)) == NID_undef) { - OCSPerr(OCSP_F_CERT_ID_NEW,OCSP_R_UNKNOWN_NID); + OCSPerr(OCSP_F_OCSP_CERT_ID_NEW,OCSP_R_UNKNOWN_NID); goto err; } if (!(alg->algorithm=OBJ_nid2obj(nid))) goto err; @@ -134,7 +134,7 @@ OCSP_CERTID *OCSP_cert_id_new(const EVP_MD *dgst, } return cid; digerr: - OCSPerr(OCSP_F_CERT_ID_NEW,OCSP_R_DIGEST_ERR); + OCSPerr(OCSP_F_OCSP_CERT_ID_NEW,OCSP_R_DIGEST_ERR); err: if (cid) OCSP_CERTID_free(cid); return NULL; diff --git a/src/lib/libssl/src/crypto/ocsp/ocsp_prn.c b/src/lib/libssl/src/crypto/ocsp/ocsp_prn.c index 4b7bc28769..3dfb51c1e4 100644 --- a/src/lib/libssl/src/crypto/ocsp/ocsp_prn.c +++ b/src/lib/libssl/src/crypto/ocsp/ocsp_prn.c @@ -194,7 +194,7 @@ int OCSP_RESPONSE_print(BIO *bp, OCSP_RESPONSE* o, unsigned long flags) if (BIO_puts(bp,"OCSP Response Data:\n") <= 0) goto err; l=ASN1_ENUMERATED_get(o->responseStatus); - if (BIO_printf(bp," OCSP Response Status: %s (0x%x)\n", + if (BIO_printf(bp," OCSP Response Status: %s (0x%lx)\n", OCSP_response_status_str(l), l) <= 0) goto err; if (rb == NULL) return 1; if (BIO_puts(bp," Response Type: ") <= 0) @@ -252,7 +252,7 @@ int OCSP_RESPONSE_print(BIO *bp, OCSP_RESPONSE* o, unsigned long flags) { l=ASN1_ENUMERATED_get(rev->revocationReason); if (BIO_printf(bp, - "\n Revocation Reason: %s (0x%x)", + "\n Revocation Reason: %s (0x%lx)", OCSP_crl_reason_str(l), l) <= 0) goto err; } diff --git a/src/lib/libssl/src/crypto/ocsp/ocsp_vfy.c b/src/lib/libssl/src/crypto/ocsp/ocsp_vfy.c index 3d58dfb06c..23ea41c847 100644 --- a/src/lib/libssl/src/crypto/ocsp/ocsp_vfy.c +++ b/src/lib/libssl/src/crypto/ocsp/ocsp_vfy.c @@ -367,7 +367,7 @@ int OCSP_request_verify(OCSP_REQUEST *req, STACK_OF(X509) *certs, X509_STORE *st return 0; } gen = req->tbsRequest->requestorName; - if (gen->type != GEN_DIRNAME) + if (!gen || gen->type != GEN_DIRNAME) { OCSPerr(OCSP_F_OCSP_REQUEST_VERIFY, OCSP_R_UNSUPPORTED_REQUESTORNAME_TYPE); return 0; diff --git a/src/lib/libssl/src/crypto/opensslconf.h b/src/lib/libssl/src/crypto/opensslconf.h index 492041bc7c..0850d4a693 100644 --- a/src/lib/libssl/src/crypto/opensslconf.h +++ b/src/lib/libssl/src/crypto/opensslconf.h @@ -4,20 +4,71 @@ /* OpenSSL was configured with the following options: */ #ifndef OPENSSL_DOING_MAKEDEPEND +#ifndef OPENSSL_NO_CAMELLIA +# define OPENSSL_NO_CAMELLIA +#endif +#ifndef OPENSSL_NO_CMS +# define OPENSSL_NO_CMS +#endif +#ifndef OPENSSL_NO_GMP +# define OPENSSL_NO_GMP +#endif #ifndef OPENSSL_NO_KRB5 # define OPENSSL_NO_KRB5 #endif +#ifndef OPENSSL_NO_MDC2 +# define OPENSSL_NO_MDC2 +#endif +#ifndef OPENSSL_NO_RC5 +# define OPENSSL_NO_RC5 +#endif +#ifndef OPENSSL_NO_RFC3779 +# define OPENSSL_NO_RFC3779 +#endif +#ifndef OPENSSL_NO_SEED +# define OPENSSL_NO_SEED +#endif +#ifndef OPENSSL_NO_TLSEXT +# define OPENSSL_NO_TLSEXT +#endif #endif /* OPENSSL_DOING_MAKEDEPEND */ +#ifndef OPENSSL_NO_DYNAMIC_ENGINE +# define OPENSSL_NO_DYNAMIC_ENGINE +#endif /* The OPENSSL_NO_* macros are also defined as NO_* if the application asks for it. This is a transient feature that is provided for those who haven't had the time to do the appropriate changes in their applications. */ #ifdef OPENSSL_ALGORITHM_DEFINES +# if defined(OPENSSL_NO_CAMELLIA) && !defined(NO_CAMELLIA) +# define NO_CAMELLIA +# endif +# if defined(OPENSSL_NO_CMS) && !defined(NO_CMS) +# define NO_CMS +# endif +# if defined(OPENSSL_NO_GMP) && !defined(NO_GMP) +# define NO_GMP +# endif # if defined(OPENSSL_NO_KRB5) && !defined(NO_KRB5) # define NO_KRB5 # endif +# if defined(OPENSSL_NO_MDC2) && !defined(NO_MDC2) +# define NO_MDC2 +# endif +# if defined(OPENSSL_NO_RC5) && !defined(NO_RC5) +# define NO_RC5 +# endif +# if defined(OPENSSL_NO_RFC3779) && !defined(NO_RFC3779) +# define NO_RFC3779 +# endif +# if defined(OPENSSL_NO_SEED) && !defined(NO_SEED) +# define NO_SEED +# endif +# if defined(OPENSSL_NO_TLSEXT) && !defined(NO_TLSEXT) +# define NO_TLSEXT +# endif #endif /* crypto/opensslconf.h.in */ @@ -27,6 +78,7 @@ #if !(defined(VMS) || defined(__VMS)) /* VMS uses logical names instead */ #if defined(HEADER_CRYPTLIB_H) && !defined(OPENSSLDIR) +#define ENGINESDIR "/usr/local/ssl/lib/engines" #define OPENSSLDIR "/usr/local/ssl" #endif #endif diff --git a/src/lib/libssl/src/crypto/opensslconf.h.in b/src/lib/libssl/src/crypto/opensslconf.h.in index 685e83b7a3..cee83acf98 100644 --- a/src/lib/libssl/src/crypto/opensslconf.h.in +++ b/src/lib/libssl/src/crypto/opensslconf.h.in @@ -5,6 +5,7 @@ #if !(defined(VMS) || defined(__VMS)) /* VMS uses logical names instead */ #if defined(HEADER_CRYPTLIB_H) && !defined(OPENSSLDIR) +#define ENGINESDIR "/usr/local/lib/engines" #define OPENSSLDIR "/usr/local/ssl" #endif #endif diff --git a/src/lib/libssl/src/crypto/opensslv.h b/src/lib/libssl/src/crypto/opensslv.h index e50c1baf00..b308894f18 100644 --- a/src/lib/libssl/src/crypto/opensslv.h +++ b/src/lib/libssl/src/crypto/opensslv.h @@ -12,7 +12,7 @@ * 0.9.3-beta2 0x00903002 (same as ...beta2-dev) * 0.9.3 0x0090300f * 0.9.3a 0x0090301f - * 0.9.4 0x0090400f + * 0.9.4 0x0090400f * 1.2.3z 0x102031af * * For continuity reasons (because 0.9.5 is already out, and is coded @@ -25,11 +25,11 @@ * (Prior to 0.9.5a beta1, a different scheme was used: MMNNFFRBB for * major minor fix final patch/beta) */ -#define OPENSSL_VERSION_NUMBER 0x009070afL +#define OPENSSL_VERSION_NUMBER 0x0090808fL #ifdef OPENSSL_FIPS -#define OPENSSL_VERSION_TEXT "OpenSSL 0.9.7j-fips 04 May 2006" +#define OPENSSL_VERSION_TEXT "OpenSSL 0.9.8h-fips 28 May 2008" #else -#define OPENSSL_VERSION_TEXT "OpenSSL 0.9.7j 04 May 2006" +#define OPENSSL_VERSION_TEXT "OpenSSL 0.9.8h 28 May 2008" #endif #define OPENSSL_VERSION_PTEXT " part of " OPENSSL_VERSION_TEXT @@ -83,7 +83,7 @@ * should only keep the versions that are binary compatible with the current. */ #define SHLIB_VERSION_HISTORY "" -#define SHLIB_VERSION_NUMBER "0.9.7" +#define SHLIB_VERSION_NUMBER "0.9.8" #endif /* HEADER_OPENSSLV_H */ diff --git a/src/lib/libssl/src/crypto/ossl_typ.h b/src/lib/libssl/src/crypto/ossl_typ.h index 285fd0b1d9..345fb1dc4d 100644 --- a/src/lib/libssl/src/crypto/ossl_typ.h +++ b/src/lib/libssl/src/crypto/ossl_typ.h @@ -97,15 +97,43 @@ typedef int ASN1_NULL; #ifdef OPENSSL_SYS_WIN32 #undef X509_NAME +#undef X509_EXTENSIONS +#undef X509_CERT_PAIR #undef PKCS7_ISSUER_AND_SERIAL #endif +#ifdef BIGNUM +#undef BIGNUM +#endif +typedef struct bignum_st BIGNUM; +typedef struct bignum_ctx BN_CTX; +typedef struct bn_blinding_st BN_BLINDING; +typedef struct bn_mont_ctx_st BN_MONT_CTX; +typedef struct bn_recp_ctx_st BN_RECP_CTX; +typedef struct bn_gencb_st BN_GENCB; + +typedef struct buf_mem_st BUF_MEM; + typedef struct evp_cipher_st EVP_CIPHER; typedef struct evp_cipher_ctx_st EVP_CIPHER_CTX; typedef struct env_md_st EVP_MD; typedef struct env_md_ctx_st EVP_MD_CTX; typedef struct evp_pkey_st EVP_PKEY; +typedef struct dh_st DH; +typedef struct dh_method DH_METHOD; + +typedef struct dsa_st DSA; +typedef struct dsa_method DSA_METHOD; + +typedef struct rsa_st RSA; +typedef struct rsa_meth_st RSA_METHOD; + +typedef struct rand_meth_st RAND_METHOD; + +typedef struct ecdh_method ECDH_METHOD; +typedef struct ecdsa_method ECDSA_METHOD; + typedef struct x509_st X509; typedef struct X509_algor_st X509_ALGOR; typedef struct X509_crl_st X509_CRL; @@ -113,10 +141,39 @@ typedef struct X509_name_st X509_NAME; typedef struct x509_store_st X509_STORE; typedef struct x509_store_ctx_st X509_STORE_CTX; +typedef struct v3_ext_ctx X509V3_CTX; +typedef struct conf_st CONF; + +typedef struct store_st STORE; +typedef struct store_method_st STORE_METHOD; + +typedef struct ui_st UI; +typedef struct ui_method_st UI_METHOD; + +typedef struct st_ERR_FNS ERR_FNS; + typedef struct engine_st ENGINE; +typedef struct X509_POLICY_NODE_st X509_POLICY_NODE; +typedef struct X509_POLICY_LEVEL_st X509_POLICY_LEVEL; +typedef struct X509_POLICY_TREE_st X509_POLICY_TREE; +typedef struct X509_POLICY_CACHE_st X509_POLICY_CACHE; + /* If placed in pkcs12.h, we end up with a circular depency with pkcs7.h */ #define DECLARE_PKCS12_STACK_OF(type) /* Nothing */ #define IMPLEMENT_PKCS12_STACK_OF(type) /* Nothing */ +typedef struct crypto_ex_data_st CRYPTO_EX_DATA; +/* Callback types for crypto.h */ +typedef int CRYPTO_EX_new(void *parent, void *ptr, CRYPTO_EX_DATA *ad, + int idx, long argl, void *argp); +typedef void CRYPTO_EX_free(void *parent, void *ptr, CRYPTO_EX_DATA *ad, + int idx, long argl, void *argp); +typedef int CRYPTO_EX_dup(CRYPTO_EX_DATA *to, CRYPTO_EX_DATA *from, void *from_d, + int idx, long argl, void *argp); + +typedef struct ocsp_req_ctx_st OCSP_REQ_CTX; +typedef struct ocsp_response_st OCSP_RESPONSE; +typedef struct ocsp_responder_id_st OCSP_RESPID; + #endif /* def HEADER_OPENSSL_TYPES_H */ diff --git a/src/lib/libssl/src/crypto/pem/Makefile b/src/lib/libssl/src/crypto/pem/Makefile index fbc2b5d056..742194fd24 100644 --- a/src/lib/libssl/src/crypto/pem/Makefile +++ b/src/lib/libssl/src/crypto/pem/Makefile @@ -7,11 +7,6 @@ TOP= ../.. CC= cc INCLUDES= -I.. -I$(TOP) -I../../include CFLAG=-g -INSTALL_PREFIX= -OPENSSLDIR= /usr/local/ssl -INSTALLTOP=/usr/local/ssl -MAKEDEPPROG= makedepend -MAKEDEPEND= $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG) MAKEFILE= Makefile AR= ar r @@ -54,6 +49,7 @@ links: $(EXHEADER) @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS) install: + @[ -n "$(INSTALLTOP)" ] # should be set by top Makefile... @headerlist="$(EXHEADER)"; for i in $$headerlist ; \ do \ (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \ @@ -69,6 +65,7 @@ lint: lint -DLINT $(INCLUDES) $(SRC)>fluff depend: + @[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile... $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(LIBSRC) dclean: @@ -80,256 +77,165 @@ clean: # DO NOT DELETE THIS LINE -- make depend depends on it. -pem_all.o: ../../e_os.h ../../include/openssl/aes.h -pem_all.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -pem_all.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -pem_all.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -pem_all.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -pem_all.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h +pem_all.o: ../../e_os.h ../../include/openssl/asn1.h +pem_all.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h +pem_all.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h pem_all.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -pem_all.o: ../../include/openssl/err.h ../../include/openssl/evp.h -pem_all.o: ../../include/openssl/fips.h ../../include/openssl/idea.h -pem_all.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -pem_all.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -pem_all.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h -pem_all.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -pem_all.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -pem_all.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h -pem_all.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -pem_all.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -pem_all.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -pem_all.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -pem_all.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -pem_all.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -pem_all.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -pem_all.o: ../cryptlib.h pem_all.c -pem_err.o: ../../include/openssl/aes.h ../../include/openssl/asn1.h -pem_err.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -pem_err.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -pem_err.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h -pem_err.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -pem_err.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -pem_err.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -pem_err.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -pem_err.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -pem_err.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -pem_err.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h +pem_all.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h +pem_all.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h +pem_all.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h +pem_all.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h +pem_all.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h +pem_all.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pem.h +pem_all.o: ../../include/openssl/pem2.h ../../include/openssl/pkcs7.h +pem_all.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h +pem_all.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +pem_all.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h +pem_all.o: ../../include/openssl/x509_vfy.h ../cryptlib.h pem_all.c +pem_err.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h +pem_err.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h +pem_err.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h +pem_err.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h +pem_err.o: ../../include/openssl/err.h ../../include/openssl/evp.h +pem_err.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h pem_err.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h pem_err.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h pem_err.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h -pem_err.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -pem_err.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -pem_err.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -pem_err.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -pem_err.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -pem_err.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -pem_err.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -pem_err.o: pem_err.c -pem_info.o: ../../e_os.h ../../include/openssl/aes.h -pem_info.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -pem_info.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -pem_info.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -pem_info.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -pem_info.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -pem_info.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h +pem_err.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h +pem_err.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +pem_err.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h +pem_err.o: ../../include/openssl/x509_vfy.h pem_err.c +pem_info.o: ../../e_os.h ../../include/openssl/asn1.h +pem_info.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h +pem_info.o: ../../include/openssl/crypto.h ../../include/openssl/dsa.h +pem_info.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h +pem_info.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h pem_info.o: ../../include/openssl/err.h ../../include/openssl/evp.h -pem_info.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -pem_info.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -pem_info.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h -pem_info.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -pem_info.o: ../../include/openssl/opensslconf.h +pem_info.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h +pem_info.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h pem_info.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h pem_info.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h -pem_info.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -pem_info.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -pem_info.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h +pem_info.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h pem_info.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h pem_info.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -pem_info.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h pem_info.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h pem_info.o: ../cryptlib.h pem_info.c -pem_lib.o: ../../e_os.h ../../include/openssl/aes.h -pem_lib.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -pem_lib.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -pem_lib.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h +pem_lib.o: ../../e_os.h ../../include/openssl/asn1.h +pem_lib.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h pem_lib.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -pem_lib.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -pem_lib.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -pem_lib.o: ../../include/openssl/err.h ../../include/openssl/evp.h -pem_lib.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -pem_lib.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -pem_lib.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h +pem_lib.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h +pem_lib.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h +pem_lib.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h +pem_lib.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h pem_lib.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h pem_lib.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h pem_lib.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pem.h pem_lib.o: ../../include/openssl/pem2.h ../../include/openssl/pkcs12.h pem_lib.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h -pem_lib.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -pem_lib.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h -pem_lib.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -pem_lib.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -pem_lib.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -pem_lib.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h -pem_lib.o: ../../include/openssl/x509_vfy.h ../cryptlib.h pem_lib.c -pem_oth.o: ../../e_os.h ../../include/openssl/aes.h -pem_oth.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -pem_oth.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -pem_oth.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -pem_oth.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -pem_oth.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -pem_oth.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -pem_oth.o: ../../include/openssl/err.h ../../include/openssl/evp.h -pem_oth.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -pem_oth.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -pem_oth.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h +pem_lib.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +pem_lib.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +pem_lib.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h +pem_lib.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +pem_lib.o: ../cryptlib.h pem_lib.c +pem_oth.o: ../../e_os.h ../../include/openssl/asn1.h +pem_oth.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h +pem_oth.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h +pem_oth.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h +pem_oth.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h +pem_oth.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h pem_oth.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h pem_oth.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h pem_oth.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pem.h pem_oth.o: ../../include/openssl/pem2.h ../../include/openssl/pkcs7.h -pem_oth.o: ../../include/openssl/rand.h ../../include/openssl/rc2.h -pem_oth.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -pem_oth.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -pem_oth.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -pem_oth.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -pem_oth.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -pem_oth.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -pem_oth.o: ../cryptlib.h pem_oth.c -pem_pk8.o: ../../e_os.h ../../include/openssl/aes.h -pem_pk8.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -pem_pk8.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -pem_pk8.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -pem_pk8.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -pem_pk8.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -pem_pk8.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -pem_pk8.o: ../../include/openssl/err.h ../../include/openssl/evp.h -pem_pk8.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -pem_pk8.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -pem_pk8.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h +pem_oth.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h +pem_oth.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +pem_oth.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h +pem_oth.o: ../../include/openssl/x509_vfy.h ../cryptlib.h pem_oth.c +pem_pk8.o: ../../e_os.h ../../include/openssl/asn1.h +pem_pk8.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h +pem_pk8.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h +pem_pk8.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h +pem_pk8.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h +pem_pk8.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h pem_pk8.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h pem_pk8.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h pem_pk8.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pem.h pem_pk8.o: ../../include/openssl/pem2.h ../../include/openssl/pkcs12.h pem_pk8.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h -pem_pk8.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -pem_pk8.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h -pem_pk8.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -pem_pk8.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -pem_pk8.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -pem_pk8.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h -pem_pk8.o: ../../include/openssl/x509_vfy.h ../cryptlib.h pem_pk8.c -pem_pkey.o: ../../e_os.h ../../include/openssl/aes.h -pem_pkey.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -pem_pkey.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -pem_pkey.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -pem_pkey.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -pem_pkey.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -pem_pkey.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -pem_pkey.o: ../../include/openssl/err.h ../../include/openssl/evp.h -pem_pkey.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -pem_pkey.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -pem_pkey.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h +pem_pk8.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +pem_pk8.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +pem_pk8.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +pem_pk8.o: ../cryptlib.h pem_pk8.c +pem_pkey.o: ../../e_os.h ../../include/openssl/asn1.h +pem_pkey.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h +pem_pkey.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h +pem_pkey.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h +pem_pkey.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h +pem_pkey.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h pem_pkey.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h pem_pkey.o: ../../include/openssl/opensslconf.h pem_pkey.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h pem_pkey.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h pem_pkey.o: ../../include/openssl/pkcs12.h ../../include/openssl/pkcs7.h -pem_pkey.o: ../../include/openssl/rand.h ../../include/openssl/rc2.h -pem_pkey.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -pem_pkey.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -pem_pkey.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -pem_pkey.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -pem_pkey.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -pem_pkey.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -pem_pkey.o: ../cryptlib.h pem_pkey.c -pem_seal.o: ../../e_os.h ../../include/openssl/aes.h -pem_seal.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -pem_seal.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -pem_seal.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -pem_seal.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -pem_seal.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -pem_seal.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -pem_seal.o: ../../include/openssl/err.h ../../include/openssl/evp.h -pem_seal.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -pem_seal.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -pem_seal.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h +pem_pkey.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h +pem_pkey.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +pem_pkey.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h +pem_pkey.o: ../../include/openssl/x509_vfy.h ../cryptlib.h pem_pkey.c +pem_seal.o: ../../e_os.h ../../include/openssl/asn1.h +pem_seal.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h +pem_seal.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h +pem_seal.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h +pem_seal.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h +pem_seal.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h pem_seal.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h pem_seal.o: ../../include/openssl/opensslconf.h pem_seal.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h pem_seal.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h pem_seal.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h -pem_seal.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -pem_seal.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h pem_seal.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h pem_seal.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -pem_seal.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -pem_seal.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h +pem_seal.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h pem_seal.o: ../../include/openssl/x509_vfy.h ../cryptlib.h pem_seal.c -pem_sign.o: ../../e_os.h ../../include/openssl/aes.h -pem_sign.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -pem_sign.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -pem_sign.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -pem_sign.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -pem_sign.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -pem_sign.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -pem_sign.o: ../../include/openssl/err.h ../../include/openssl/evp.h -pem_sign.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -pem_sign.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -pem_sign.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h +pem_sign.o: ../../e_os.h ../../include/openssl/asn1.h +pem_sign.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h +pem_sign.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h +pem_sign.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h +pem_sign.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h +pem_sign.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h pem_sign.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h pem_sign.o: ../../include/openssl/opensslconf.h pem_sign.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h pem_sign.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h pem_sign.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h -pem_sign.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -pem_sign.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h -pem_sign.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -pem_sign.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -pem_sign.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -pem_sign.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h -pem_sign.o: ../../include/openssl/x509_vfy.h ../cryptlib.h pem_sign.c -pem_x509.o: ../../e_os.h ../../include/openssl/aes.h -pem_x509.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -pem_x509.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -pem_x509.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -pem_x509.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -pem_x509.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -pem_x509.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -pem_x509.o: ../../include/openssl/err.h ../../include/openssl/evp.h -pem_x509.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -pem_x509.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -pem_x509.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h +pem_sign.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +pem_sign.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +pem_sign.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +pem_sign.o: ../cryptlib.h pem_sign.c +pem_x509.o: ../../e_os.h ../../include/openssl/asn1.h +pem_x509.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h +pem_x509.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h +pem_x509.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h +pem_x509.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h +pem_x509.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h pem_x509.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h pem_x509.o: ../../include/openssl/opensslconf.h pem_x509.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h pem_x509.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h -pem_x509.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -pem_x509.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -pem_x509.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -pem_x509.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -pem_x509.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -pem_x509.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -pem_x509.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -pem_x509.o: ../cryptlib.h pem_x509.c -pem_xaux.o: ../../e_os.h ../../include/openssl/aes.h -pem_xaux.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -pem_xaux.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -pem_xaux.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -pem_xaux.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -pem_xaux.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -pem_xaux.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -pem_xaux.o: ../../include/openssl/err.h ../../include/openssl/evp.h -pem_xaux.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -pem_xaux.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -pem_xaux.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h +pem_x509.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h +pem_x509.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +pem_x509.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h +pem_x509.o: ../../include/openssl/x509_vfy.h ../cryptlib.h pem_x509.c +pem_xaux.o: ../../e_os.h ../../include/openssl/asn1.h +pem_xaux.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h +pem_xaux.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h +pem_xaux.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h +pem_xaux.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h +pem_xaux.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h pem_xaux.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h pem_xaux.o: ../../include/openssl/opensslconf.h pem_xaux.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h pem_xaux.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h -pem_xaux.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -pem_xaux.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -pem_xaux.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -pem_xaux.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -pem_xaux.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -pem_xaux.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -pem_xaux.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -pem_xaux.o: ../cryptlib.h pem_xaux.c +pem_xaux.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h +pem_xaux.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +pem_xaux.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h +pem_xaux.o: ../../include/openssl/x509_vfy.h ../cryptlib.h pem_xaux.c diff --git a/src/lib/libssl/src/crypto/pem/pem.h b/src/lib/libssl/src/crypto/pem/pem.h index d330cbf9a3..670afa670b 100644 --- a/src/lib/libssl/src/crypto/pem/pem.h +++ b/src/lib/libssl/src/crypto/pem/pem.h @@ -59,6 +59,7 @@ #ifndef HEADER_PEM_H #define HEADER_PEM_H +#include #ifndef OPENSSL_NO_BIO #include #endif @@ -68,7 +69,6 @@ #include #include #include -#include #ifdef __cplusplus extern "C" { @@ -91,6 +91,9 @@ extern "C" { #define PEM_OBJ_DHPARAMS 17 #define PEM_OBJ_DSAPARAMS 18 #define PEM_OBJ_PRIV_RSA_PUBLIC 19 +#define PEM_OBJ_PRIV_ECDSA 20 +#define PEM_OBJ_PUB_ECDSA 21 +#define PEM_OBJ_ECPARAMETERS 22 #define PEM_ERROR 30 #define PEM_DEK_DES_CBC 40 @@ -110,6 +113,7 @@ extern "C" { #define PEM_STRING_X509_OLD "X509 CERTIFICATE" #define PEM_STRING_X509 "CERTIFICATE" +#define PEM_STRING_X509_PAIR "CERTIFICATE PAIR" #define PEM_STRING_X509_TRUSTED "TRUSTED CERTIFICATE" #define PEM_STRING_X509_REQ_OLD "NEW CERTIFICATE REQUEST" #define PEM_STRING_X509_REQ "CERTIFICATE REQUEST" @@ -126,6 +130,10 @@ extern "C" { #define PEM_STRING_DHPARAMS "DH PARAMETERS" #define PEM_STRING_SSL_SESSION "SSL SESSION PARAMETERS" #define PEM_STRING_DSAPARAMS "DSA PARAMETERS" +#define PEM_STRING_ECDSA_PUBLIC "ECDSA PUBLIC KEY" +#define PEM_STRING_ECPARAMETERS "EC PARAMETERS" +#define PEM_STRING_ECPRIVATEKEY "EC PRIVATE KEY" +#define PEM_STRING_CMS "CMS" /* Note that this structure is initialised by PEM_SealInit and cleaned up by PEM_SealFinal (at least for now) */ @@ -213,24 +221,50 @@ typedef struct pem_ctx_st #define IMPLEMENT_PEM_read_fp(name, type, str, asn1) \ type *PEM_read_##name(FILE *fp, type **x, pem_password_cb *cb, void *u)\ { \ -return((type *)PEM_ASN1_read((char *(*)())d2i_##asn1, str,fp,(char **)x,\ - cb,u)); \ -} \ + return (type*)PEM_ASN1_read(CHECKED_D2I_OF(type, d2i_##asn1), \ + str, fp, \ + CHECKED_PPTR_OF(type, x), \ + cb, u); \ +} #define IMPLEMENT_PEM_write_fp(name, type, str, asn1) \ int PEM_write_##name(FILE *fp, type *x) \ { \ -return(PEM_ASN1_write((int (*)())i2d_##asn1,str,fp, (char *)x, \ - NULL,NULL,0,NULL,NULL)); \ -} + return PEM_ASN1_write(CHECKED_I2D_OF(type, i2d_##asn1), \ + str, fp, \ + CHECKED_PTR_OF(type, x), \ + NULL, NULL, 0, NULL, NULL); \ +} + +#define IMPLEMENT_PEM_write_fp_const(name, type, str, asn1) \ +int PEM_write_##name(FILE *fp, const type *x) \ +{ \ + return PEM_ASN1_write(CHECKED_I2D_OF(const type, i2d_##asn1), \ + str, fp, \ + CHECKED_PTR_OF(const type, x), \ + NULL, NULL, 0, NULL, NULL); \ +} #define IMPLEMENT_PEM_write_cb_fp(name, type, str, asn1) \ int PEM_write_##name(FILE *fp, type *x, const EVP_CIPHER *enc, \ unsigned char *kstr, int klen, pem_password_cb *cb, \ void *u) \ { \ - return(PEM_ASN1_write((int (*)())i2d_##asn1,str,fp, \ - (char *)x,enc,kstr,klen,cb,u)); \ + return PEM_ASN1_write(CHECKED_I2D_OF(type, i2d_##asn1), \ + str, fp, \ + CHECKED_PTR_OF(type, x), \ + enc, kstr, klen, cb, u); \ + } + +#define IMPLEMENT_PEM_write_cb_fp_const(name, type, str, asn1) \ +int PEM_write_##name(FILE *fp, type *x, const EVP_CIPHER *enc, \ + unsigned char *kstr, int klen, pem_password_cb *cb, \ + void *u) \ + { \ + return PEM_ASN1_write(CHECKED_I2D_OF(const type, i2d_##asn1), \ + str, fp, \ + CHECKED_PTR_OF(const type, x), \ + enc, kstr, klen, cb, u); \ } #endif @@ -238,33 +272,66 @@ int PEM_write_##name(FILE *fp, type *x, const EVP_CIPHER *enc, \ #define IMPLEMENT_PEM_read_bio(name, type, str, asn1) \ type *PEM_read_bio_##name(BIO *bp, type **x, pem_password_cb *cb, void *u)\ { \ -return((type *)PEM_ASN1_read_bio((char *(*)())d2i_##asn1, str,bp,\ - (char **)x,cb,u)); \ + return (type*)PEM_ASN1_read_bio(CHECKED_D2I_OF(type, d2i_##asn1), \ + str, bp, \ + CHECKED_PPTR_OF(type, x), \ + cb, u); \ } #define IMPLEMENT_PEM_write_bio(name, type, str, asn1) \ int PEM_write_bio_##name(BIO *bp, type *x) \ { \ -return(PEM_ASN1_write_bio((int (*)())i2d_##asn1,str,bp, (char *)x, \ - NULL,NULL,0,NULL,NULL)); \ + return PEM_ASN1_write_bio(CHECKED_I2D_OF(type, i2d_##asn1), \ + str, bp, \ + CHECKED_PTR_OF(type, x), \ + NULL, NULL, 0, NULL, NULL); \ +} + +#define IMPLEMENT_PEM_write_bio_const(name, type, str, asn1) \ +int PEM_write_bio_##name(BIO *bp, const type *x) \ +{ \ + return PEM_ASN1_write_bio(CHECKED_I2D_OF(const type, i2d_##asn1), \ + str, bp, \ + CHECKED_PTR_OF(const type, x), \ + NULL, NULL, 0, NULL, NULL); \ } #define IMPLEMENT_PEM_write_cb_bio(name, type, str, asn1) \ int PEM_write_bio_##name(BIO *bp, type *x, const EVP_CIPHER *enc, \ unsigned char *kstr, int klen, pem_password_cb *cb, void *u) \ { \ - return(PEM_ASN1_write_bio((int (*)())i2d_##asn1,str,bp, \ - (char *)x,enc,kstr,klen,cb,u)); \ + return PEM_ASN1_write_bio(CHECKED_I2D_OF(type, i2d_##asn1), \ + str, bp, \ + CHECKED_PTR_OF(type, x), \ + enc, kstr, klen, cb, u); \ + } + +#define IMPLEMENT_PEM_write_cb_bio_const(name, type, str, asn1) \ +int PEM_write_bio_##name(BIO *bp, type *x, const EVP_CIPHER *enc, \ + unsigned char *kstr, int klen, pem_password_cb *cb, void *u) \ + { \ + return PEM_ASN1_write_bio(CHECKED_I2D_OF(const type, i2d_##asn1), \ + str, bp, \ + CHECKED_PTR_OF(const type, x), \ + enc, kstr, klen, cb, u); \ } #define IMPLEMENT_PEM_write(name, type, str, asn1) \ IMPLEMENT_PEM_write_bio(name, type, str, asn1) \ IMPLEMENT_PEM_write_fp(name, type, str, asn1) +#define IMPLEMENT_PEM_write_const(name, type, str, asn1) \ + IMPLEMENT_PEM_write_bio_const(name, type, str, asn1) \ + IMPLEMENT_PEM_write_fp_const(name, type, str, asn1) + #define IMPLEMENT_PEM_write_cb(name, type, str, asn1) \ IMPLEMENT_PEM_write_cb_bio(name, type, str, asn1) \ IMPLEMENT_PEM_write_cb_fp(name, type, str, asn1) +#define IMPLEMENT_PEM_write_cb_const(name, type, str, asn1) \ + IMPLEMENT_PEM_write_cb_bio_const(name, type, str, asn1) \ + IMPLEMENT_PEM_write_cb_fp_const(name, type, str, asn1) + #define IMPLEMENT_PEM_read(name, type, str, asn1) \ IMPLEMENT_PEM_read_bio(name, type, str, asn1) \ IMPLEMENT_PEM_read_fp(name, type, str, asn1) @@ -273,6 +340,10 @@ int PEM_write_bio_##name(BIO *bp, type *x, const EVP_CIPHER *enc, \ IMPLEMENT_PEM_read(name, type, str, asn1) \ IMPLEMENT_PEM_write(name, type, str, asn1) +#define IMPLEMENT_PEM_rw_const(name, type, str, asn1) \ + IMPLEMENT_PEM_read(name, type, str, asn1) \ + IMPLEMENT_PEM_write_const(name, type, str, asn1) + #define IMPLEMENT_PEM_rw_cb(name, type, str, asn1) \ IMPLEMENT_PEM_read(name, type, str, asn1) \ IMPLEMENT_PEM_write_cb(name, type, str, asn1) @@ -293,6 +364,9 @@ int PEM_write_bio_##name(BIO *bp, type *x, const EVP_CIPHER *enc, \ #define DECLARE_PEM_write_fp(name, type) \ int PEM_write_##name(FILE *fp, type *x); +#define DECLARE_PEM_write_fp_const(name, type) \ + int PEM_write_##name(FILE *fp, const type *x); + #define DECLARE_PEM_write_cb_fp(name, type) \ int PEM_write_##name(FILE *fp, type *x, const EVP_CIPHER *enc, \ unsigned char *kstr, int klen, pem_password_cb *cb, void *u); @@ -306,6 +380,9 @@ int PEM_write_bio_##name(BIO *bp, type *x, const EVP_CIPHER *enc, \ #define DECLARE_PEM_write_bio(name, type) \ int PEM_write_bio_##name(BIO *bp, type *x); +#define DECLARE_PEM_write_bio_const(name, type) \ + int PEM_write_bio_##name(BIO *bp, const type *x); + #define DECLARE_PEM_write_cb_bio(name, type) \ int PEM_write_bio_##name(BIO *bp, type *x, const EVP_CIPHER *enc, \ unsigned char *kstr, int klen, pem_password_cb *cb, void *u); @@ -322,6 +399,10 @@ int PEM_write_bio_##name(BIO *bp, type *x, const EVP_CIPHER *enc, \ DECLARE_PEM_write_bio(name, type) \ DECLARE_PEM_write_fp(name, type) +#define DECLARE_PEM_write_const(name, type) \ + DECLARE_PEM_write_bio_const(name, type) \ + DECLARE_PEM_write_fp_const(name, type) + #define DECLARE_PEM_write_cb(name, type) \ DECLARE_PEM_write_cb_bio(name, type) \ DECLARE_PEM_write_cb_fp(name, type) @@ -334,6 +415,10 @@ int PEM_write_bio_##name(BIO *bp, type *x, const EVP_CIPHER *enc, \ DECLARE_PEM_read(name, type) \ DECLARE_PEM_write(name, type) +#define DECLARE_PEM_rw_const(name, type) \ + DECLARE_PEM_read(name, type) \ + DECLARE_PEM_write_const(name, type) + #define DECLARE_PEM_rw_cb(name, type) \ DECLARE_PEM_read(name, type) \ DECLARE_PEM_write_cb(name, type) @@ -403,9 +488,6 @@ int PEM_write_bio_##name(BIO *bp, type *x, const EVP_CIPHER *enc, \ (char *(*)())d2i_NETSCAPE_CERT_SEQUENCE,PEM_STRING_X509,fp,\ (char **)x,cb,u) -#define PEM_write_bio_SSL_SESSION(bp,x) \ - PEM_ASN1_write_bio((int (*)())i2d_SSL_SESSION, \ - PEM_STRING_SSL_SESSION,bp, (char *)x, NULL,NULL,0,NULL,NULL) #define PEM_write_bio_X509(bp,x) \ PEM_ASN1_write_bio((int (*)())i2d_X509,PEM_STRING_X509,bp, \ (char *)x, NULL,NULL,0,NULL,NULL) @@ -444,8 +526,6 @@ int PEM_write_bio_##name(BIO *bp, type *x, const EVP_CIPHER *enc, \ PEM_STRING_X509,bp, \ (char *)x, NULL,NULL,0,NULL,NULL) -#define PEM_read_bio_SSL_SESSION(bp,x,cb,u) (SSL_SESSION *)PEM_ASN1_read_bio( \ - (char *(*)())d2i_SSL_SESSION,PEM_STRING_SSL_SESSION,bp,(char **)x,cb,u) #define PEM_read_bio_X509(bp,x,cb,u) (X509 *)PEM_ASN1_read_bio( \ (char *(*)())d2i_X509,PEM_STRING_X509,bp,(char **)x,cb,u) #define PEM_read_bio_X509_REQ(bp,x,cb,u) (X509_REQ *)PEM_ASN1_read_bio( \ @@ -494,11 +574,25 @@ int PEM_write_bio(BIO *bp,const char *name,char *hdr,unsigned char *data, long len); int PEM_bytes_read_bio(unsigned char **pdata, long *plen, char **pnm, const char *name, BIO *bp, pem_password_cb *cb, void *u); -char * PEM_ASN1_read_bio(char *(*d2i)(),const char *name,BIO *bp,char **x, - pem_password_cb *cb, void *u); -int PEM_ASN1_write_bio(int (*i2d)(),const char *name,BIO *bp,char *x, +void * PEM_ASN1_read_bio(d2i_of_void *d2i, const char *name, BIO *bp, + void **x, pem_password_cb *cb, void *u); + +#define PEM_ASN1_read_bio_of(type,d2i,name,bp,x,cb,u) \ + ((type*)PEM_ASN1_read_bio(CHECKED_D2I_OF(type, d2i), \ + name, bp, \ + CHECKED_PPTR_OF(type, x), \ + cb, u)) + +int PEM_ASN1_write_bio(i2d_of_void *i2d,const char *name,BIO *bp,char *x, const EVP_CIPHER *enc,unsigned char *kstr,int klen, pem_password_cb *cb, void *u); + +#define PEM_ASN1_write_bio_of(type,i2d,name,bp,x,enc,kstr,klen,cb,u) \ + (PEM_ASN1_write_bio(CHECKED_I2D_OF(type, i2d), \ + name, bp, \ + CHECKED_PTR_OF(type, x), \ + enc, kstr, klen, cb, u)) + STACK_OF(X509_INFO) * PEM_X509_INFO_read_bio(BIO *bp, STACK_OF(X509_INFO) *sk, pem_password_cb *cb, void *u); int PEM_X509_INFO_write_bio(BIO *bp,X509_INFO *xi, EVP_CIPHER *enc, unsigned char *kstr, int klen, pem_password_cb *cd, void *u); @@ -508,11 +602,11 @@ int PEM_X509_INFO_write_bio(BIO *bp,X509_INFO *xi, EVP_CIPHER *enc, int PEM_read(FILE *fp, char **name, char **header, unsigned char **data,long *len); int PEM_write(FILE *fp,char *name,char *hdr,unsigned char *data,long len); -char * PEM_ASN1_read(char *(*d2i)(),const char *name,FILE *fp,char **x, - pem_password_cb *cb, void *u); -int PEM_ASN1_write(int (*i2d)(),const char *name,FILE *fp,char *x, - const EVP_CIPHER *enc,unsigned char *kstr,int klen, - pem_password_cb *callback, void *u); +void * PEM_ASN1_read(d2i_of_void *d2i, const char *name, FILE *fp, void **x, + pem_password_cb *cb, void *u); +int PEM_ASN1_write(i2d_of_void *i2d,const char *name,FILE *fp, + char *x,const EVP_CIPHER *enc,unsigned char *kstr, + int klen,pem_password_cb *callback, void *u); STACK_OF(X509_INFO) * PEM_X509_INFO_read(FILE *fp, STACK_OF(X509_INFO) *sk, pem_password_cb *cb, void *u); #endif @@ -542,6 +636,8 @@ DECLARE_PEM_rw(X509, X509) DECLARE_PEM_rw(X509_AUX, X509) +DECLARE_PEM_rw(X509_CERT_PAIR, X509_CERT_PAIR) + DECLARE_PEM_rw(X509_REQ, X509_REQ) DECLARE_PEM_write(X509_REQ_NEW, X509_REQ) @@ -559,7 +655,7 @@ DECLARE_PEM_rw(PKCS8_PRIV_KEY_INFO, PKCS8_PRIV_KEY_INFO) DECLARE_PEM_rw_cb(RSAPrivateKey, RSA) -DECLARE_PEM_rw(RSAPublicKey, RSA) +DECLARE_PEM_rw_const(RSAPublicKey, RSA) DECLARE_PEM_rw(RSA_PUBKEY, RSA) #endif @@ -570,13 +666,19 @@ DECLARE_PEM_rw_cb(DSAPrivateKey, DSA) DECLARE_PEM_rw(DSA_PUBKEY, DSA) -DECLARE_PEM_rw(DSAparams, DSA) +DECLARE_PEM_rw_const(DSAparams, DSA) + +#endif +#ifndef OPENSSL_NO_EC +DECLARE_PEM_rw_const(ECPKParameters, EC_GROUP) +DECLARE_PEM_rw_cb(ECPrivateKey, EC_KEY) +DECLARE_PEM_rw(EC_PUBKEY, EC_KEY) #endif #ifndef OPENSSL_NO_DH -DECLARE_PEM_rw(DHparams, DH) +DECLARE_PEM_rw_const(DHparams, DH) #endif @@ -626,24 +728,27 @@ void ERR_load_PEM_strings(void); /* Function codes. */ #define PEM_F_D2I_PKCS8PRIVATEKEY_BIO 120 #define PEM_F_D2I_PKCS8PRIVATEKEY_FP 121 -#define PEM_F_DEF_CALLBACK 100 +#define PEM_F_DO_PK8PKEY 126 +#define PEM_F_DO_PK8PKEY_FP 125 #define PEM_F_LOAD_IV 101 #define PEM_F_PEM_ASN1_READ 102 #define PEM_F_PEM_ASN1_READ_BIO 103 #define PEM_F_PEM_ASN1_WRITE 104 #define PEM_F_PEM_ASN1_WRITE_BIO 105 +#define PEM_F_PEM_DEF_CALLBACK 100 #define PEM_F_PEM_DO_HEADER 106 -#define PEM_F_PEM_F_DO_PK8KEY_FP 122 #define PEM_F_PEM_F_PEM_WRITE_PKCS8PRIVATEKEY 118 #define PEM_F_PEM_GET_EVP_CIPHER_INFO 107 +#define PEM_F_PEM_PK8PKEY 119 #define PEM_F_PEM_READ 108 #define PEM_F_PEM_READ_BIO 109 +#define PEM_F_PEM_READ_BIO_PRIVATEKEY 123 +#define PEM_F_PEM_READ_PRIVATEKEY 124 #define PEM_F_PEM_SEALFINAL 110 #define PEM_F_PEM_SEALINIT 111 #define PEM_F_PEM_SIGNFINAL 112 #define PEM_F_PEM_WRITE 113 #define PEM_F_PEM_WRITE_BIO 114 -#define PEM_F_PEM_WRITE_BIO_PKCS8PRIVATEKEY 119 #define PEM_F_PEM_X509_INFO_READ 115 #define PEM_F_PEM_X509_INFO_READ_BIO 116 #define PEM_F_PEM_X509_INFO_WRITE_BIO 117 diff --git a/src/lib/libssl/src/crypto/pem/pem_all.c b/src/lib/libssl/src/crypto/pem/pem_all.c index 07963314c9..66cbc7eb82 100644 --- a/src/lib/libssl/src/crypto/pem/pem_all.c +++ b/src/lib/libssl/src/crypto/pem/pem_all.c @@ -55,6 +55,59 @@ * copied and put under another distribution licence * [including the GNU Public Licence.] */ +/* ==================================================================== + * Copyright (c) 1998-2002 The OpenSSL Project. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * 3. All advertising materials mentioning features or use of this + * software must display the following acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" + * + * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to + * endorse or promote products derived from this software without + * prior written permission. For written permission, please contact + * openssl-core@openssl.org. + * + * 5. Products derived from this software may not be called "OpenSSL" + * nor may "OpenSSL" appear in their names without prior written + * permission of the OpenSSL Project. + * + * 6. Redistributions of any form whatsoever must retain the following + * acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit (http://www.openssl.org/)" + * + * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY + * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR + * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * ==================================================================== + * + * This product includes cryptographic software written by Eric Young + * (eay@cryptsoft.com). This product includes software written by Tim + * Hudson (tjh@cryptsoft.com). + * + */ #include #undef SSLEAY_MACROS @@ -64,7 +117,15 @@ #include #include #include -#include +#ifndef OPENSSL_NO_RSA +#include +#endif +#ifndef OPENSSL_NO_DSA +#include +#endif +#ifndef OPENSSL_NO_DH +#include +#endif #ifndef OPENSSL_NO_RSA static RSA *pkey_get_rsa(EVP_PKEY *key, RSA **rsa); @@ -73,6 +134,10 @@ static RSA *pkey_get_rsa(EVP_PKEY *key, RSA **rsa); static DSA *pkey_get_dsa(EVP_PKEY *key, DSA **dsa); #endif +#ifndef OPENSSL_NO_EC +static EC_KEY *pkey_get_eckey(EVP_PKEY *key, EC_KEY **eckey); +#endif + IMPLEMENT_PEM_rw(X509_REQ, X509_REQ, PEM_STRING_X509_REQ, X509_REQ) IMPLEMENT_PEM_write(X509_REQ_NEW, X509_REQ, PEM_STRING_X509_REQ_OLD, X509_REQ) @@ -129,50 +194,8 @@ RSA *PEM_read_RSAPrivateKey(FILE *fp, RSA **rsa, pem_password_cb *cb, #endif -#ifdef OPENSSL_FIPS - -int PEM_write_bio_RSAPrivateKey(BIO *bp, RSA *x, const EVP_CIPHER *enc, - unsigned char *kstr, int klen, - pem_password_cb *cb, void *u) -{ - EVP_PKEY *k; - int ret; - k = EVP_PKEY_new(); - if (!k) - return 0; - EVP_PKEY_set1_RSA(k, x); - - ret = PEM_write_bio_PrivateKey(bp, k, enc, kstr, klen, cb, u); - EVP_PKEY_free(k); - return ret; -} - -#ifndef OPENSSL_NO_FP_API -int PEM_write_RSAPrivateKey(FILE *fp, RSA *x, const EVP_CIPHER *enc, - unsigned char *kstr, int klen, - pem_password_cb *cb, void *u) -{ - EVP_PKEY *k; - int ret; - k = EVP_PKEY_new(); - if (!k) - return 0; - - EVP_PKEY_set1_RSA(k, x); - - ret = PEM_write_PrivateKey(fp, k, enc, kstr, klen, cb, u); - EVP_PKEY_free(k); - return ret; -} -#endif - -#else - -IMPLEMENT_PEM_write_cb(RSAPrivateKey, RSA, PEM_STRING_RSA, RSAPrivateKey) - -#endif - -IMPLEMENT_PEM_rw(RSAPublicKey, RSA, PEM_STRING_RSA_PUBLIC, RSAPublicKey) +IMPLEMENT_PEM_write_cb_const(RSAPrivateKey, RSA, PEM_STRING_RSA, RSAPrivateKey) +IMPLEMENT_PEM_rw_const(RSAPublicKey, RSA, PEM_STRING_RSA_PUBLIC, RSAPublicKey) IMPLEMENT_PEM_rw(RSA_PUBKEY, RSA, PEM_STRING_PUBLIC, RSA_PUBKEY) #endif @@ -201,69 +224,73 @@ DSA *PEM_read_bio_DSAPrivateKey(BIO *bp, DSA **dsa, pem_password_cb *cb, return pkey_get_dsa(pktmp, dsa); } +IMPLEMENT_PEM_write_cb_const(DSAPrivateKey, DSA, PEM_STRING_DSA, DSAPrivateKey) +IMPLEMENT_PEM_rw(DSA_PUBKEY, DSA, PEM_STRING_PUBLIC, DSA_PUBKEY) -#ifdef OPENSSL_FIPS +#ifndef OPENSSL_NO_FP_API -int PEM_write_bio_DSAPrivateKey(BIO *bp, DSA *x, const EVP_CIPHER *enc, - unsigned char *kstr, int klen, - pem_password_cb *cb, void *u) +DSA *PEM_read_DSAPrivateKey(FILE *fp, DSA **dsa, pem_password_cb *cb, + void *u) { - EVP_PKEY *k; - int ret; - k = EVP_PKEY_new(); - if (!k) - return 0; - EVP_PKEY_set1_DSA(k, x); - - ret = PEM_write_bio_PrivateKey(bp, k, enc, kstr, klen, cb, u); - EVP_PKEY_free(k); - return ret; + EVP_PKEY *pktmp; + pktmp = PEM_read_PrivateKey(fp, NULL, cb, u); + return pkey_get_dsa(pktmp, dsa); } -#ifndef OPENSSL_NO_FP_API -int PEM_write_DSAPrivateKey(FILE *fp, DSA *x, const EVP_CIPHER *enc, - unsigned char *kstr, int klen, - pem_password_cb *cb, void *u) +#endif + +IMPLEMENT_PEM_rw_const(DSAparams, DSA, PEM_STRING_DSAPARAMS, DSAparams) + +#endif + + +#ifndef OPENSSL_NO_EC +static EC_KEY *pkey_get_eckey(EVP_PKEY *key, EC_KEY **eckey) { - EVP_PKEY *k; - int ret; - k = EVP_PKEY_new(); - if (!k) - return 0; - EVP_PKEY_set1_DSA(k, x); - ret = PEM_write_PrivateKey(fp, k, enc, kstr, klen, cb, u); - EVP_PKEY_free(k); - return ret; + EC_KEY *dtmp; + if(!key) return NULL; + dtmp = EVP_PKEY_get1_EC_KEY(key); + EVP_PKEY_free(key); + if(!dtmp) return NULL; + if(eckey) + { + EC_KEY_free(*eckey); + *eckey = dtmp; + } + return dtmp; } -#endif -#else +EC_KEY *PEM_read_bio_ECPrivateKey(BIO *bp, EC_KEY **key, pem_password_cb *cb, + void *u) +{ + EVP_PKEY *pktmp; + pktmp = PEM_read_bio_PrivateKey(bp, NULL, cb, u); + return pkey_get_eckey(pktmp, key); +} -IMPLEMENT_PEM_write_cb(DSAPrivateKey, DSA, PEM_STRING_DSA, DSAPrivateKey) +IMPLEMENT_PEM_rw_const(ECPKParameters, EC_GROUP, PEM_STRING_ECPARAMETERS, ECPKParameters) -#endif +IMPLEMENT_PEM_write_cb(ECPrivateKey, EC_KEY, PEM_STRING_ECPRIVATEKEY, ECPrivateKey) -IMPLEMENT_PEM_rw(DSA_PUBKEY, DSA, PEM_STRING_PUBLIC, DSA_PUBKEY) +IMPLEMENT_PEM_rw(EC_PUBKEY, EC_KEY, PEM_STRING_PUBLIC, EC_PUBKEY) #ifndef OPENSSL_NO_FP_API - -DSA *PEM_read_DSAPrivateKey(FILE *fp, DSA **dsa, pem_password_cb *cb, - void *u) + +EC_KEY *PEM_read_ECPrivateKey(FILE *fp, EC_KEY **eckey, pem_password_cb *cb, + void *u) { EVP_PKEY *pktmp; pktmp = PEM_read_PrivateKey(fp, NULL, cb, u); - return pkey_get_dsa(pktmp, dsa); + return pkey_get_eckey(pktmp, eckey); } #endif -IMPLEMENT_PEM_rw(DSAparams, DSA, PEM_STRING_DSAPARAMS, DSAparams) - #endif #ifndef OPENSSL_NO_DH -IMPLEMENT_PEM_rw(DHparams, DH, PEM_STRING_DHPARAMS, DHparams) +IMPLEMENT_PEM_rw_const(DHparams, DH, PEM_STRING_DHPARAMS, DHparams) #endif @@ -274,42 +301,8 @@ IMPLEMENT_PEM_rw(DHparams, DH, PEM_STRING_DHPARAMS, DHparams) * (When reading, parameter PEM_STRING_EVP_PKEY is a wildcard for anything * appropriate.) */ - -#ifdef OPENSSL_FIPS - -int PEM_write_bio_PrivateKey(BIO *bp, EVP_PKEY *x, const EVP_CIPHER *enc, - unsigned char *kstr, int klen, - pem_password_cb *cb, void *u) - { - if (FIPS_mode()) - return PEM_write_bio_PKCS8PrivateKey(bp, x, enc, - (char *)kstr, klen, cb, u); - else - return PEM_ASN1_write_bio((int (*)())i2d_PrivateKey, - (((x)->type == EVP_PKEY_DSA)?PEM_STRING_DSA:PEM_STRING_RSA), - bp,(char *)x,enc,kstr,klen,cb,u); - } - -#ifndef OPENSSL_NO_FP_API -int PEM_write_PrivateKey(FILE *fp, EVP_PKEY *x, const EVP_CIPHER *enc, - unsigned char *kstr, int klen, - pem_password_cb *cb, void *u) - { - if (FIPS_mode()) - return PEM_write_PKCS8PrivateKey(fp, x, enc, - (char *)kstr, klen, cb, u); - else - return PEM_ASN1_write((int (*)())i2d_PrivateKey, - (((x)->type == EVP_PKEY_DSA)?PEM_STRING_DSA:PEM_STRING_RSA), - fp,(char *)x,enc,kstr,klen,cb,u); - } -#endif - -#else - -IMPLEMENT_PEM_write_cb(PrivateKey, EVP_PKEY, ((x->type == EVP_PKEY_DSA)?PEM_STRING_DSA:PEM_STRING_RSA), PrivateKey) - -#endif +IMPLEMENT_PEM_write_cb(PrivateKey, EVP_PKEY, ((x->type == EVP_PKEY_DSA)?PEM_STRING_DSA:\ + (x->type == EVP_PKEY_RSA)?PEM_STRING_RSA:PEM_STRING_ECPRIVATEKEY), PrivateKey) IMPLEMENT_PEM_rw(PUBKEY, EVP_PKEY, PEM_STRING_PUBLIC, PUBKEY) diff --git a/src/lib/libssl/src/crypto/pem/pem_err.c b/src/lib/libssl/src/crypto/pem/pem_err.c index 8527028ebc..3133563d77 100644 --- a/src/lib/libssl/src/crypto/pem/pem_err.c +++ b/src/lib/libssl/src/crypto/pem/pem_err.c @@ -72,24 +72,27 @@ static ERR_STRING_DATA PEM_str_functs[]= { {ERR_FUNC(PEM_F_D2I_PKCS8PRIVATEKEY_BIO), "d2i_PKCS8PrivateKey_bio"}, {ERR_FUNC(PEM_F_D2I_PKCS8PRIVATEKEY_FP), "d2i_PKCS8PrivateKey_fp"}, -{ERR_FUNC(PEM_F_DEF_CALLBACK), "DEF_CALLBACK"}, +{ERR_FUNC(PEM_F_DO_PK8PKEY), "DO_PK8PKEY"}, +{ERR_FUNC(PEM_F_DO_PK8PKEY_FP), "DO_PK8PKEY_FP"}, {ERR_FUNC(PEM_F_LOAD_IV), "LOAD_IV"}, {ERR_FUNC(PEM_F_PEM_ASN1_READ), "PEM_ASN1_read"}, {ERR_FUNC(PEM_F_PEM_ASN1_READ_BIO), "PEM_ASN1_read_bio"}, {ERR_FUNC(PEM_F_PEM_ASN1_WRITE), "PEM_ASN1_write"}, {ERR_FUNC(PEM_F_PEM_ASN1_WRITE_BIO), "PEM_ASN1_write_bio"}, +{ERR_FUNC(PEM_F_PEM_DEF_CALLBACK), "PEM_def_callback"}, {ERR_FUNC(PEM_F_PEM_DO_HEADER), "PEM_do_header"}, -{ERR_FUNC(PEM_F_PEM_F_DO_PK8KEY_FP), "PEM_F_DO_PK8KEY_FP"}, {ERR_FUNC(PEM_F_PEM_F_PEM_WRITE_PKCS8PRIVATEKEY), "PEM_F_PEM_WRITE_PKCS8PRIVATEKEY"}, {ERR_FUNC(PEM_F_PEM_GET_EVP_CIPHER_INFO), "PEM_get_EVP_CIPHER_INFO"}, +{ERR_FUNC(PEM_F_PEM_PK8PKEY), "PEM_PK8PKEY"}, {ERR_FUNC(PEM_F_PEM_READ), "PEM_read"}, {ERR_FUNC(PEM_F_PEM_READ_BIO), "PEM_read_bio"}, +{ERR_FUNC(PEM_F_PEM_READ_BIO_PRIVATEKEY), "PEM_READ_BIO_PRIVATEKEY"}, +{ERR_FUNC(PEM_F_PEM_READ_PRIVATEKEY), "PEM_READ_PRIVATEKEY"}, {ERR_FUNC(PEM_F_PEM_SEALFINAL), "PEM_SealFinal"}, {ERR_FUNC(PEM_F_PEM_SEALINIT), "PEM_SealInit"}, {ERR_FUNC(PEM_F_PEM_SIGNFINAL), "PEM_SignFinal"}, {ERR_FUNC(PEM_F_PEM_WRITE), "PEM_write"}, {ERR_FUNC(PEM_F_PEM_WRITE_BIO), "PEM_write_bio"}, -{ERR_FUNC(PEM_F_PEM_WRITE_BIO_PKCS8PRIVATEKEY), "PEM_write_bio_PKCS8PrivateKey"}, {ERR_FUNC(PEM_F_PEM_X509_INFO_READ), "PEM_X509_INFO_read"}, {ERR_FUNC(PEM_F_PEM_X509_INFO_READ_BIO), "PEM_X509_INFO_read_bio"}, {ERR_FUNC(PEM_F_PEM_X509_INFO_WRITE_BIO), "PEM_X509_INFO_write_bio"}, @@ -121,15 +124,12 @@ static ERR_STRING_DATA PEM_str_reasons[]= void ERR_load_PEM_strings(void) { - static int init=1; +#ifndef OPENSSL_NO_ERR - if (init) + if (ERR_func_error_string(PEM_str_functs[0].error) == NULL) { - init=0; -#ifndef OPENSSL_NO_ERR ERR_load_strings(0,PEM_str_functs); ERR_load_strings(0,PEM_str_reasons); -#endif - } +#endif } diff --git a/src/lib/libssl/src/crypto/pem/pem_info.c b/src/lib/libssl/src/crypto/pem/pem_info.c index 9e4af29c95..3a273f6f70 100644 --- a/src/lib/libssl/src/crypto/pem/pem_info.c +++ b/src/lib/libssl/src/crypto/pem/pem_info.c @@ -63,6 +63,12 @@ #include #include #include +#ifndef OPENSSL_NO_RSA +#include +#endif +#ifndef OPENSSL_NO_DSA +#include +#endif #ifndef OPENSSL_NO_FP_API STACK_OF(X509_INFO) *PEM_X509_INFO_read(FILE *fp, STACK_OF(X509_INFO) *sk, pem_password_cb *cb, void *u) @@ -85,13 +91,15 @@ STACK_OF(X509_INFO) *PEM_X509_INFO_read(FILE *fp, STACK_OF(X509_INFO) *sk, pem_p STACK_OF(X509_INFO) *PEM_X509_INFO_read_bio(BIO *bp, STACK_OF(X509_INFO) *sk, pem_password_cb *cb, void *u) { X509_INFO *xi=NULL; - char *name=NULL,*header=NULL,**pp; - unsigned char *data=NULL,*p; + char *name=NULL,*header=NULL; + void *pp; + unsigned char *data=NULL; + const unsigned char *p; long len,error=0; int ok=0; STACK_OF(X509_INFO) *ret=NULL; unsigned int i,raw; - char *(*d2i)(); + d2i_of_void *d2i; if (sk == NULL) { @@ -123,42 +131,42 @@ start: if ( (strcmp(name,PEM_STRING_X509) == 0) || (strcmp(name,PEM_STRING_X509_OLD) == 0)) { - d2i=(char *(*)())d2i_X509; + d2i=(D2I_OF(void))d2i_X509; if (xi->x509 != NULL) { if (!sk_X509_INFO_push(ret,xi)) goto err; if ((xi=X509_INFO_new()) == NULL) goto err; goto start; } - pp=(char **)&(xi->x509); + pp=&(xi->x509); } else if ((strcmp(name,PEM_STRING_X509_TRUSTED) == 0)) { - d2i=(char *(*)())d2i_X509_AUX; + d2i=(D2I_OF(void))d2i_X509_AUX; if (xi->x509 != NULL) { if (!sk_X509_INFO_push(ret,xi)) goto err; if ((xi=X509_INFO_new()) == NULL) goto err; goto start; } - pp=(char **)&(xi->x509); + pp=&(xi->x509); } else if (strcmp(name,PEM_STRING_X509_CRL) == 0) { - d2i=(char *(*)())d2i_X509_CRL; + d2i=(D2I_OF(void))d2i_X509_CRL; if (xi->crl != NULL) { if (!sk_X509_INFO_push(ret,xi)) goto err; if ((xi=X509_INFO_new()) == NULL) goto err; goto start; } - pp=(char **)&(xi->crl); + pp=&(xi->crl); } else #ifndef OPENSSL_NO_RSA if (strcmp(name,PEM_STRING_RSA) == 0) { - d2i=(char *(*)())d2i_RSAPrivateKey; + d2i=(D2I_OF(void))d2i_RSAPrivateKey; if (xi->x_pkey != NULL) { if (!sk_X509_INFO_push(ret,xi)) goto err; @@ -173,7 +181,7 @@ start: if ((xi->x_pkey->dec_pkey=EVP_PKEY_new()) == NULL) goto err; xi->x_pkey->dec_pkey->type=EVP_PKEY_RSA; - pp=(char **)&(xi->x_pkey->dec_pkey->pkey.rsa); + pp=&(xi->x_pkey->dec_pkey->pkey.rsa); if ((int)strlen(header) > 10) /* assume encrypted */ raw=1; } @@ -182,7 +190,7 @@ start: #ifndef OPENSSL_NO_DSA if (strcmp(name,PEM_STRING_DSA) == 0) { - d2i=(char *(*)())d2i_DSAPrivateKey; + d2i=(D2I_OF(void))d2i_DSAPrivateKey; if (xi->x_pkey != NULL) { if (!sk_X509_INFO_push(ret,xi)) goto err; @@ -197,11 +205,35 @@ start: if ((xi->x_pkey->dec_pkey=EVP_PKEY_new()) == NULL) goto err; xi->x_pkey->dec_pkey->type=EVP_PKEY_DSA; - pp=(char **)&(xi->x_pkey->dec_pkey->pkey.dsa); + pp=&xi->x_pkey->dec_pkey->pkey.dsa; if ((int)strlen(header) > 10) /* assume encrypted */ raw=1; } else +#endif +#ifndef OPENSSL_NO_EC + if (strcmp(name,PEM_STRING_ECPRIVATEKEY) == 0) + { + d2i=(D2I_OF(void))d2i_ECPrivateKey; + if (xi->x_pkey != NULL) + { + if (!sk_X509_INFO_push(ret,xi)) goto err; + if ((xi=X509_INFO_new()) == NULL) goto err; + goto start; + } + + xi->enc_data=NULL; + xi->enc_len=0; + + xi->x_pkey=X509_PKEY_new(); + if ((xi->x_pkey->dec_pkey=EVP_PKEY_new()) == NULL) + goto err; + xi->x_pkey->dec_pkey->type=EVP_PKEY_EC; + pp=&(xi->x_pkey->dec_pkey->pkey.ec); + if ((int)strlen(header) > 10) /* assume encrypted */ + raw=1; + } + else #endif { d2i=NULL; diff --git a/src/lib/libssl/src/crypto/pem/pem_lib.c b/src/lib/libssl/src/crypto/pem/pem_lib.c index 82815067b3..9bae4c8850 100644 --- a/src/lib/libssl/src/crypto/pem/pem_lib.c +++ b/src/lib/libssl/src/crypto/pem/pem_lib.c @@ -69,7 +69,7 @@ #include #endif -const char *PEM_version="PEM" OPENSSL_VERSION_PTEXT; +const char PEM_version[]="PEM" OPENSSL_VERSION_PTEXT; #define MIN_LENGTH 4 @@ -81,7 +81,7 @@ int PEM_def_callback(char *buf, int num, int w, void *key) #ifdef OPENSSL_NO_FP_API /* We should not ever call the default callback routine from * windows. */ - PEMerr(PEM_F_DEF_CALLBACK,ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); + PEMerr(PEM_F_PEM_DEF_CALLBACK,ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); return(-1); #else int i,j; @@ -102,7 +102,7 @@ int PEM_def_callback(char *buf, int num, int w, void *key) i=EVP_read_pw_string(buf,num,prompt,w); if (i != 0) { - PEMerr(PEM_F_DEF_CALLBACK,PEM_R_PROBLEMS_GETTING_PASSWORD); + PEMerr(PEM_F_PEM_DEF_CALLBACK,PEM_R_PROBLEMS_GETTING_PASSWORD); memset(buf,0,(unsigned int)num); return(-1); } @@ -158,11 +158,11 @@ void PEM_dek_info(char *buf, const char *type, int len, char *str) } #ifndef OPENSSL_NO_FP_API -char *PEM_ASN1_read(char *(*d2i)(), const char *name, FILE *fp, char **x, - pem_password_cb *cb, void *u) +void *PEM_ASN1_read(d2i_of_void *d2i, const char *name, FILE *fp, void **x, + pem_password_cb *cb, void *u) { BIO *b; - char *ret; + void *ret; if ((b=BIO_new(BIO_s_file())) == NULL) { @@ -195,6 +195,8 @@ static int check_pem(const char *nm, const char *name) if(!strcmp(nm,PEM_STRING_DSA) && !strcmp(name,PEM_STRING_EVP_PKEY)) return 1; + if(!strcmp(nm,PEM_STRING_ECPRIVATEKEY) && + !strcmp(name,PEM_STRING_EVP_PKEY)) return 1; /* Permit older strings */ if(!strcmp(nm,PEM_STRING_X509_OLD) && @@ -258,9 +260,9 @@ err: } #ifndef OPENSSL_NO_FP_API -int PEM_ASN1_write(int (*i2d)(), const char *name, FILE *fp, char *x, - const EVP_CIPHER *enc, unsigned char *kstr, int klen, - pem_password_cb *callback, void *u) +int PEM_ASN1_write(i2d_of_void *i2d, const char *name, FILE *fp, + char *x, const EVP_CIPHER *enc, unsigned char *kstr, + int klen, pem_password_cb *callback, void *u) { BIO *b; int ret; @@ -277,9 +279,9 @@ int PEM_ASN1_write(int (*i2d)(), const char *name, FILE *fp, char *x, } #endif -int PEM_ASN1_write_bio(int (*i2d)(), const char *name, BIO *bp, char *x, - const EVP_CIPHER *enc, unsigned char *kstr, int klen, - pem_password_cb *callback, void *u) +int PEM_ASN1_write_bio(i2d_of_void *i2d, const char *name, BIO *bp, + char *x, const EVP_CIPHER *enc, unsigned char *kstr, + int klen, pem_password_cb *callback, void *u) { EVP_CIPHER_CTX ctx; int dsize=0,i,j,ret=0; @@ -336,7 +338,7 @@ int PEM_ASN1_write_bio(int (*i2d)(), const char *name, BIO *bp, char *x, kstr=(unsigned char *)buf; } RAND_add(data,i,0);/* put in the RSA key. */ - OPENSSL_assert(enc->iv_len <= sizeof iv); + OPENSSL_assert(enc->iv_len <= (int)sizeof(iv)); if (RAND_pseudo_bytes(iv,enc->iv_len) < 0) /* Generate a salt */ goto err; /* The 'iv' is used as the iv and as a salt. It is @@ -577,6 +579,7 @@ int PEM_write_bio(BIO *bp, const char *name, char *header, unsigned char *data, } EVP_EncodeFinal(&ctx,buf,&outl); if ((outl > 0) && (BIO_write(bp,(char *)buf,outl) != outl)) goto err; + OPENSSL_cleanse(buf, PEM_BUFSIZE*8); OPENSSL_free(buf); buf = NULL; if ( (BIO_write(bp,"-----END ",9) != 9) || @@ -585,8 +588,10 @@ int PEM_write_bio(BIO *bp, const char *name, char *header, unsigned char *data, goto err; return(i+outl); err: - if (buf) + if (buf) { + OPENSSL_cleanse(buf, PEM_BUFSIZE*8); OPENSSL_free(buf); + } PEMerr(PEM_F_PEM_WRITE_BIO,reason); return(0); } diff --git a/src/lib/libssl/src/crypto/pem/pem_oth.c b/src/lib/libssl/src/crypto/pem/pem_oth.c index 8d9064ea7c..b33868d25a 100644 --- a/src/lib/libssl/src/crypto/pem/pem_oth.c +++ b/src/lib/libssl/src/crypto/pem/pem_oth.c @@ -67,10 +67,11 @@ /* Handle 'other' PEMs: not private keys */ -char *PEM_ASN1_read_bio(char *(*d2i)(), const char *name, BIO *bp, char **x, - pem_password_cb *cb, void *u) +void *PEM_ASN1_read_bio(d2i_of_void *d2i, const char *name, BIO *bp, void **x, + pem_password_cb *cb, void *u) { - unsigned char *p=NULL,*data=NULL; + const unsigned char *p=NULL; + unsigned char *data=NULL; long len; char *ret=NULL; diff --git a/src/lib/libssl/src/crypto/pem/pem_pk8.c b/src/lib/libssl/src/crypto/pem/pem_pk8.c index db38a2a79d..6deab8c338 100644 --- a/src/lib/libssl/src/crypto/pem/pem_pk8.c +++ b/src/lib/libssl/src/crypto/pem/pem_pk8.c @@ -118,7 +118,7 @@ static int do_pk8pkey(BIO *bp, EVP_PKEY *x, int isder, int nid, const EVP_CIPHER char buf[PEM_BUFSIZE]; int ret; if(!(p8inf = EVP_PKEY2PKCS8(x))) { - PEMerr(PEM_F_PEM_WRITE_BIO_PKCS8PRIVATEKEY, + PEMerr(PEM_F_DO_PK8PKEY, PEM_R_ERROR_CONVERTING_PRIVATE_KEY); return 0; } @@ -127,8 +127,7 @@ static int do_pk8pkey(BIO *bp, EVP_PKEY *x, int isder, int nid, const EVP_CIPHER if(!cb) klen = PEM_def_callback(buf, PEM_BUFSIZE, 1, u); else klen = cb(buf, PEM_BUFSIZE, 1, u); if(klen <= 0) { - PEMerr(PEM_F_PEM_WRITE_BIO_PKCS8PRIVATEKEY, - PEM_R_READ_KEY); + PEMerr(PEM_F_DO_PK8PKEY,PEM_R_READ_KEY); PKCS8_PRIV_KEY_INFO_free(p8inf); return 0; } @@ -215,7 +214,7 @@ static int do_pk8pkey_fp(FILE *fp, EVP_PKEY *x, int isder, int nid, const EVP_CI BIO *bp; int ret; if(!(bp = BIO_new_fp(fp, BIO_NOCLOSE))) { - PEMerr(PEM_F_PEM_F_DO_PK8KEY_FP,ERR_R_BUF_LIB); + PEMerr(PEM_F_DO_PK8PKEY_FP,ERR_R_BUF_LIB); return(0); } ret = do_pk8pkey(bp, x, isder, nid, enc, kstr, klen, cb, u); diff --git a/src/lib/libssl/src/crypto/pem/pem_pkey.c b/src/lib/libssl/src/crypto/pem/pem_pkey.c index 9ecdbd5419..4da4c31ce5 100644 --- a/src/lib/libssl/src/crypto/pem/pem_pkey.c +++ b/src/lib/libssl/src/crypto/pem/pem_pkey.c @@ -70,7 +70,8 @@ EVP_PKEY *PEM_read_bio_PrivateKey(BIO *bp, EVP_PKEY **x, pem_password_cb *cb, void *u) { char *nm=NULL; - unsigned char *p=NULL,*data=NULL; + const unsigned char *p=NULL; + unsigned char *data=NULL; long len; EVP_PKEY *ret=NULL; @@ -82,6 +83,8 @@ EVP_PKEY *PEM_read_bio_PrivateKey(BIO *bp, EVP_PKEY **x, pem_password_cb *cb, vo ret=d2i_PrivateKey(EVP_PKEY_RSA,x,&p,len); else if (strcmp(nm,PEM_STRING_DSA) == 0) ret=d2i_PrivateKey(EVP_PKEY_DSA,x,&p,len); + else if (strcmp(nm,PEM_STRING_ECPRIVATEKEY) == 0) + ret=d2i_PrivateKey(EVP_PKEY_EC,x,&p,len); else if (strcmp(nm,PEM_STRING_PKCS8INF) == 0) { PKCS8_PRIV_KEY_INFO *p8inf; p8inf=d2i_PKCS8_PRIV_KEY_INFO(NULL, &p, len); @@ -102,7 +105,7 @@ EVP_PKEY *PEM_read_bio_PrivateKey(BIO *bp, EVP_PKEY **x, pem_password_cb *cb, vo if (cb) klen=cb(psbuf,PEM_BUFSIZE,0,u); else klen=PEM_def_callback(psbuf,PEM_BUFSIZE,0,u); if (klen <= 0) { - PEMerr(PEM_F_PEM_ASN1_READ_BIO, + PEMerr(PEM_F_PEM_READ_BIO_PRIVATEKEY, PEM_R_BAD_PASSWORD_READ); X509_SIG_free(p8); goto err; @@ -119,9 +122,10 @@ EVP_PKEY *PEM_read_bio_PrivateKey(BIO *bp, EVP_PKEY **x, pem_password_cb *cb, vo } p8err: if (ret == NULL) - PEMerr(PEM_F_PEM_ASN1_READ_BIO,ERR_R_ASN1_LIB); + PEMerr(PEM_F_PEM_READ_BIO_PRIVATEKEY,ERR_R_ASN1_LIB); err: OPENSSL_free(nm); + OPENSSL_cleanse(data, len); OPENSSL_free(data); return(ret); } @@ -134,7 +138,7 @@ EVP_PKEY *PEM_read_PrivateKey(FILE *fp, EVP_PKEY **x, pem_password_cb *cb, void if ((b=BIO_new(BIO_s_file())) == NULL) { - PEMerr(PEM_F_PEM_ASN1_READ,ERR_R_BUF_LIB); + PEMerr(PEM_F_PEM_READ_PRIVATEKEY,ERR_R_BUF_LIB); return(0); } BIO_set_fp(b,fp,BIO_NOCLOSE); diff --git a/src/lib/libssl/src/crypto/pem/pem_seal.c b/src/lib/libssl/src/crypto/pem/pem_seal.c index 56e08abd70..4e554e5481 100644 --- a/src/lib/libssl/src/crypto/pem/pem_seal.c +++ b/src/lib/libssl/src/crypto/pem/pem_seal.c @@ -56,6 +56,7 @@ * [including the GNU Public Licence.] */ +#include /* for OPENSSL_NO_RSA */ #ifndef OPENSSL_NO_RSA #include #include "cryptlib.h" @@ -64,6 +65,7 @@ #include #include #include +#include int PEM_SealInit(PEM_ENCODE_SEAL_CTX *ctx, EVP_CIPHER *type, EVP_MD *md_type, unsigned char **ek, int *ekl, unsigned char *iv, EVP_PKEY **pubk, diff --git a/src/lib/libssl/src/crypto/pem/pem_xaux.c b/src/lib/libssl/src/crypto/pem/pem_xaux.c index 2f579b5421..63ce660cf1 100644 --- a/src/lib/libssl/src/crypto/pem/pem_xaux.c +++ b/src/lib/libssl/src/crypto/pem/pem_xaux.c @@ -66,3 +66,4 @@ #include IMPLEMENT_PEM_rw(X509_AUX, X509, PEM_STRING_X509_TRUSTED, X509_AUX) +IMPLEMENT_PEM_rw(X509_CERT_PAIR, X509_CERT_PAIR, PEM_STRING_X509_PAIR, X509_CERT_PAIR) diff --git a/src/lib/libssl/src/crypto/perlasm/cbc.pl b/src/lib/libssl/src/crypto/perlasm/cbc.pl index 22149c680e..e43dc9ae15 100644 --- a/src/lib/libssl/src/crypto/perlasm/cbc.pl +++ b/src/lib/libssl/src/crypto/perlasm/cbc.pl @@ -322,7 +322,8 @@ sub cbc &function_end_A($name); - &set_label("cbc_enc_jmp_table",1); + &align(64); + &set_label("cbc_enc_jmp_table"); &data_word("0"); &data_word(&label("ej1")."-".&label("PIC_point")); &data_word(&label("ej2")."-".&label("PIC_point")); @@ -341,6 +342,7 @@ sub cbc #&data_word(&label("dj5")."-".&label("PIC_point")); #&data_word(&label("dj6")."-".&label("PIC_point")); #&data_word(&label("dj7")."-".&label("PIC_point")); + &align(64); &function_end_B($name); diff --git a/src/lib/libssl/src/crypto/perlasm/x86asm.pl b/src/lib/libssl/src/crypto/perlasm/x86asm.pl index ea54a1edc5..5979122158 100644 --- a/src/lib/libssl/src/crypto/perlasm/x86asm.pl +++ b/src/lib/libssl/src/crypto/perlasm/x86asm.pl @@ -18,31 +18,34 @@ sub main'asm_init ($type,$fn,$i386)=@_; $filename=$fn; - $elf=$cpp=$sol=$aout=$win32=$gaswin=0; + $elf=$cpp=$coff=$aout=$win32=$netware=$mwerks=0; if ( ($type eq "elf")) { $elf=1; require "x86unix.pl"; } elsif ( ($type eq "a.out")) { $aout=1; require "x86unix.pl"; } - elsif ( ($type eq "gaswin")) - { $gaswin=1; $aout=1; require "x86unix.pl"; } - elsif ( ($type eq "sol")) - { $sol=1; require "x86unix.pl"; } + elsif ( ($type eq "coff" or $type eq "gaswin")) + { $coff=1; require "x86unix.pl"; } elsif ( ($type eq "cpp")) { $cpp=1; require "x86unix.pl"; } elsif ( ($type eq "win32")) { $win32=1; require "x86ms.pl"; } elsif ( ($type eq "win32n")) { $win32=1; require "x86nasm.pl"; } + elsif ( ($type eq "nw-nasm")) + { $netware=1; require "x86nasm.pl"; } + elsif ( ($type eq "nw-mwasm")) + { $netware=1; $mwerks=1; require "x86nasm.pl"; } else { print STDERR <<"EOF"; Pick one target type from - elf - linux, FreeBSD etc - a.out - old linux - sol - x86 solaris - cpp - format so x86unix.cpp can be used + elf - Linux, FreeBSD, Solaris x86, etc. + a.out - OpenBSD, DJGPP, etc. + coff - GAS/COFF such as Win32 targets win32 - Windows 95/Windows NT win32n - Windows 95/Windows NT NASM format + nw-nasm - NetWare NASM format + nw-mwasm- NetWare Metrowerks Assembler EOF exit(1); } @@ -55,7 +58,7 @@ EOF &comment("Don't even think of reading this code"); &comment("It was automatically generated by $filename"); &comment("Which is a perl program used to generate the x86 assember for"); -&comment("any of elf, a.out, BSDI, Win32, gaswin (for GNU as on Win32) or Solaris"); +&comment("any of ELF, a.out, COFF, Win32, ..."); &comment("eric "); &comment(""); @@ -90,7 +93,7 @@ $tmp #ifdef OUT #define OK 1 #define ALIGN 4 -#if defined(__CYGWIN__) || defined(__DJGPP__) || defined(__MINGW32__) +#if defined(__CYGWIN__) || defined(__DJGPP__) || (__MINGW32__) #undef SIZE #undef TYPE #define SIZE(a,b) @@ -124,6 +127,4 @@ BSDI - a.out with a very primative version of as. EOF } -sub main'align() {} # swallow align statements in 0.9.7 context - 1; diff --git a/src/lib/libssl/src/crypto/perlasm/x86ms.pl b/src/lib/libssl/src/crypto/perlasm/x86ms.pl index b6bd744057..a0be2934c2 100644 --- a/src/lib/libssl/src/crypto/perlasm/x86ms.pl +++ b/src/lib/libssl/src/crypto/perlasm/x86ms.pl @@ -27,7 +27,13 @@ $label="L000"; sub main'asm_init_output { @out=(); } sub main'asm_get_output { return(@out); } sub main'get_labels { return(@labels); } -sub main'external_label { push(@labels,@_); } +sub main'external_label +{ + push(@labels,@_); + foreach (@_) { + push(@out, "EXTRN\t_$_:DWORD\n"); + } +} sub main'LB { @@ -51,6 +57,11 @@ sub main'DWP &get_mem("DWORD",@_); } +sub main'QWP + { + &get_mem("QWORD",@_); + } + sub main'BC { return @_; @@ -87,7 +98,7 @@ sub get_mem $reg2=&conv($1); $addr="_$2"; } - elsif ($addr =~ /^[_a-zA-Z]/) + elsif ($addr =~ /^[_a-z][_a-z0-9]*$/i) { $addr="_$addr"; } @@ -128,12 +139,14 @@ sub main'xorb { &out2("xor",@_); } sub main'add { &out2("add",@_); } sub main'adc { &out2("adc",@_); } sub main'sub { &out2("sub",@_); } +sub main'sbb { &out2("sbb",@_); } sub main'rotl { &out2("rol",@_); } sub main'rotr { &out2("ror",@_); } sub main'exch { &out2("xchg",@_); } sub main'cmp { &out2("cmp",@_); } sub main'lea { &out2("lea",@_); } sub main'mul { &out1("mul",@_); } +sub main'imul { &out2("imul",@_); } sub main'div { &out1("div",@_); } sub main'dec { &out1("dec",@_); } sub main'inc { &out1("inc",@_); } @@ -155,26 +168,54 @@ sub main'jne { &out1("jne",@_); } sub main'jno { &out1("jno",@_); } sub main'push { &out1("push",@_); $stack+=4; } sub main'pop { &out1("pop",@_); $stack-=4; } +sub main'pushf { &out0("pushfd"); $stack+=4; } +sub main'popf { &out0("popfd"); $stack-=4; } sub main'bswap { &out1("bswap",@_); &using486(); } sub main'not { &out1("not",@_); } sub main'call { &out1("call",($_[0]=~/^\$L/?'':'_').$_[0]); } +sub main'call_ptr { &out1p("call",@_); } sub main'ret { &out0("ret"); } sub main'nop { &out0("nop"); } +sub main'test { &out2("test",@_); } +sub main'bt { &out2("bt",@_); } +sub main'leave { &out0("leave"); } +sub main'cpuid { &out0("DW\t0A20Fh"); } +sub main'rdtsc { &out0("DW\t0310Fh"); } +sub main'halt { &out0("hlt"); } sub main'movz { &out2("movzx",@_); } +sub main'neg { &out1("neg",@_); } +sub main'cld { &out0("cld"); } + +# SSE2 +sub main'emms { &out0("emms"); } +sub main'movd { &out2("movd",@_); } +sub main'movq { &out2("movq",@_); } +sub main'movdqu { &out2("movdqu",@_); } +sub main'movdqa { &out2("movdqa",@_); } +sub main'movdq2q{ &out2("movdq2q",@_); } +sub main'movq2dq{ &out2("movq2dq",@_); } +sub main'paddq { &out2("paddq",@_); } +sub main'pmuludq{ &out2("pmuludq",@_); } +sub main'psrlq { &out2("psrlq",@_); } +sub main'psllq { &out2("psllq",@_); } +sub main'pxor { &out2("pxor",@_); } +sub main'por { &out2("por",@_); } +sub main'pand { &out2("pand",@_); } sub out2 { local($name,$p1,$p2)=@_; - local($l,$t); + local($l,$t,$line); - push(@out,"\t$name\t"); + $line="\t$name\t"; $t=&conv($p1).","; $l=length($t); - push(@out,$t); + $line.="$t"; $l=4-($l+9)/8; - push(@out,"\t" x $l); - push(@out,&conv($p2)); - push(@out,"\n"); + $line.="\t" x $l; + $line.=&conv($p2); + if ($line=~/\bxmm[0-7]\b/i) { $line=~s/\b[A-Z]+WORD\s+PTR/XMMWORD PTR/i; } + push(@out,$line."\n"); } sub out0 @@ -214,7 +255,9 @@ sub main'file local($tmp)=<<"EOF"; TITLE $file.asm .386 -.model FLAT +.model FLAT +_TEXT\$ SEGMENT PAGE 'CODE' + EOF push(@out,$tmp); } @@ -226,7 +269,6 @@ sub main'function_begin push(@labels,$func); local($tmp)=<<"EOF"; -_TEXT SEGMENT PUBLIC _$func $extra _$func PROC NEAR @@ -244,7 +286,6 @@ sub main'function_begin_B local($func,$extra)=@_; local($tmp)=<<"EOF"; -_TEXT SEGMENT PUBLIC _$func $extra _$func PROC NEAR @@ -264,7 +305,6 @@ sub main'function_end pop ebp ret _$func ENDP -_TEXT ENDS EOF push(@out,$tmp); $stack=0; @@ -277,7 +317,6 @@ sub main'function_end_B local($tmp)=<<"EOF"; _$func ENDP -_TEXT ENDS EOF push(@out,$tmp); $stack=0; @@ -300,6 +339,20 @@ EOF sub main'file_end { + # try to detect if SSE2 or MMX extensions were used... + my $xmmheader=<<___; +.686 +.XMM +IF \@Version LT 800 +XMMWORD STRUCT 16 + DQ 2 dup (?) +XMMWORD ENDS +ENDIF +___ + if (grep {/\b[x]?mm[0-7]\b/i} @out) { + grep {s/\.[3-7]86/$xmmheader/} @out; + } + push(@out,"_TEXT\$ ENDS\n"); push(@out,"END\n"); } @@ -331,6 +384,12 @@ sub main'comment } } +sub main'public_label + { + $label{$_[0]}="_$_[0]" if (!defined($label{$_[0]})); + push(@out,"PUBLIC\t$label{$_[0]}\n"); + } + sub main'label { if (!defined($label{$_[0]})) @@ -348,19 +407,37 @@ sub main'set_label $label{$_[0]}="\$${label}${_[0]}"; $label++; } + if ($_[1]!=0 && $_[1]>1) + { + main'align($_[1]); + } if((defined $_[2]) && ($_[2] == 1)) { push(@out,"$label{$_[0]}::\n"); } + elsif ($label{$_[0]} !~ /^\$/) + { + push(@out,"$label{$_[0]}\tLABEL PTR\n"); + } else { push(@out,"$label{$_[0]}:\n"); } } +sub main'data_byte + { + push(@out,"\tDB\t".join(',',@_)."\n"); + } + sub main'data_word { - push(@out,"\tDD\t$_[0]\n"); + push(@out,"\tDD\t".join(',',@_)."\n"); + } + +sub main'align + { + push(@out,"\tALIGN\t$_[0]\n"); } sub out1p @@ -368,7 +445,7 @@ sub out1p local($name,$p1)=@_; local($l,$t); - push(@out,"\t$name\t ".&conv($p1)."\n"); + push(@out,"\t$name\t".&conv($p1)."\n"); } sub main'picmeup @@ -378,3 +455,18 @@ sub main'picmeup } sub main'blindpop { &out1("pop",@_); } + +sub main'initseg + { + local($f)=@_; + local($tmp)=<<___; +OPTION DOTNAME +.CRT\$XCU SEGMENT DWORD PUBLIC 'DATA' +EXTRN _$f:NEAR +DD _$f +.CRT\$XCU ENDS +___ + push(@out,$tmp); + } + +1; diff --git a/src/lib/libssl/src/crypto/perlasm/x86nasm.pl b/src/lib/libssl/src/crypto/perlasm/x86nasm.pl index 4bdb3fe180..fa38f89c09 100644 --- a/src/lib/libssl/src/crypto/perlasm/x86nasm.pl +++ b/src/lib/libssl/src/crypto/perlasm/x86nasm.pl @@ -3,6 +3,7 @@ package x86nasm; $label="L000"; +$under=($main'netware)?'':'_'; %lb=( 'eax', 'al', 'ebx', 'bl', @@ -32,7 +33,8 @@ sub main'external_label { push(@labels,@_); foreach (@_) { - push(@out, "extern\t_$_\n"); + push(@out,".") if ($main'mwerks); + push(@out, "extern\t${under}$_\n"); } } @@ -58,14 +60,19 @@ sub main'DWP &get_mem("DWORD",@_); } +sub main'QWP + { + &get_mem("",@_); + } + sub main'BC { - return "BYTE @_"; + return (($main'mwerks)?"":"BYTE ")."@_"; } sub main'DWC { - return "DWORD @_"; + return (($main'mwerks)?"":"DWORD ")."@_"; } sub main'stack_push @@ -86,16 +93,22 @@ sub get_mem { my($size,$addr,$reg1,$reg2,$idx)=@_; my($t,$post); - my($ret)="$size ["; + my($ret)=$size; + if ($ret ne "") + { + $ret .= " PTR" if ($main'mwerks); + $ret .= " "; + } + $ret .= "["; $addr =~ s/^\s+//; if ($addr =~ /^(.+)\+(.+)$/) { $reg2=&conv($1); - $addr="_$2"; + $addr="$under$2"; } - elsif ($addr =~ /^[_a-zA-Z]/) + elsif ($addr =~ /^[_a-z][_a-z0-9]*$/i) { - $addr="_$addr"; + $addr="$under$addr"; } if ($addr =~ /^.+\-.+$/) { $addr="($addr)"; } @@ -134,12 +147,14 @@ sub main'xorb { &out2("xor",@_); } sub main'add { &out2("add",@_); } sub main'adc { &out2("adc",@_); } sub main'sub { &out2("sub",@_); } +sub main'sbb { &out2("sbb",@_); } sub main'rotl { &out2("rol",@_); } sub main'rotr { &out2("ror",@_); } sub main'exch { &out2("xchg",@_); } sub main'cmp { &out2("cmp",@_); } sub main'lea { &out2("lea",@_); } sub main'mul { &out1("mul",@_); } +sub main'imul { &out2("imul",@_); } sub main'div { &out1("div",@_); } sub main'dec { &out1("dec",@_); } sub main'inc { &out1("inc",@_); } @@ -147,29 +162,57 @@ sub main'jmp { &out1("jmp",@_); } sub main'jmp_ptr { &out1p("jmp",@_); } # This is a bit of a kludge: declare all branches as NEAR. -sub main'je { &out1("je NEAR",@_); } -sub main'jle { &out1("jle NEAR",@_); } -sub main'jz { &out1("jz NEAR",@_); } -sub main'jge { &out1("jge NEAR",@_); } -sub main'jl { &out1("jl NEAR",@_); } -sub main'ja { &out1("ja NEAR",@_); } -sub main'jae { &out1("jae NEAR",@_); } -sub main'jb { &out1("jb NEAR",@_); } -sub main'jbe { &out1("jbe NEAR",@_); } -sub main'jc { &out1("jc NEAR",@_); } -sub main'jnc { &out1("jnc NEAR",@_); } -sub main'jnz { &out1("jnz NEAR",@_); } -sub main'jne { &out1("jne NEAR",@_); } -sub main'jno { &out1("jno NEAR",@_); } +$near=($main'mwerks)?'':'NEAR'; +sub main'je { &out1("je $near",@_); } +sub main'jle { &out1("jle $near",@_); } +sub main'jz { &out1("jz $near",@_); } +sub main'jge { &out1("jge $near",@_); } +sub main'jl { &out1("jl $near",@_); } +sub main'ja { &out1("ja $near",@_); } +sub main'jae { &out1("jae $near",@_); } +sub main'jb { &out1("jb $near",@_); } +sub main'jbe { &out1("jbe $near",@_); } +sub main'jc { &out1("jc $near",@_); } +sub main'jnc { &out1("jnc $near",@_); } +sub main'jnz { &out1("jnz $near",@_); } +sub main'jne { &out1("jne $near",@_); } +sub main'jno { &out1("jno $near",@_); } sub main'push { &out1("push",@_); $stack+=4; } sub main'pop { &out1("pop",@_); $stack-=4; } +sub main'pushf { &out0("pushfd"); $stack+=4; } +sub main'popf { &out0("popfd"); $stack-=4; } sub main'bswap { &out1("bswap",@_); &using486(); } sub main'not { &out1("not",@_); } -sub main'call { &out1("call",($_[0]=~/^\$L/?'':'_').$_[0]); } +sub main'call { &out1("call",($_[0]=~/^\@L/?'':$under).$_[0]); } +sub main'call_ptr { &out1p("call",@_); } sub main'ret { &out0("ret"); } sub main'nop { &out0("nop"); } +sub main'test { &out2("test",@_); } +sub main'bt { &out2("bt",@_); } +sub main'leave { &out0("leave"); } +sub main'cpuid { &out0("cpuid"); } +sub main'rdtsc { &out0("rdtsc"); } +sub main'halt { &out0("hlt"); } sub main'movz { &out2("movzx",@_); } +sub main'neg { &out1("neg",@_); } +sub main'cld { &out0("cld"); } + +# SSE2 +sub main'emms { &out0("emms"); } +sub main'movd { &out2("movd",@_); } +sub main'movq { &out2("movq",@_); } +sub main'movdqu { &out2("movdqu",@_); } +sub main'movdqa { &out2("movdqa",@_); } +sub main'movdq2q{ &out2("movdq2q",@_); } +sub main'movq2dq{ &out2("movq2dq",@_); } +sub main'paddq { &out2("paddq",@_); } +sub main'pmuludq{ &out2("pmuludq",@_); } +sub main'psrlq { &out2("psrlq",@_); } +sub main'psllq { &out2("psllq",@_); } +sub main'pxor { &out2("pxor",@_); } +sub main'por { &out2("por",@_); } +sub main'pand { &out2("pand",@_); } sub out2 { @@ -177,7 +220,7 @@ sub out2 my($l,$t); push(@out,"\t$name\t"); - if ($name eq "lea") + if (!$main'mwerks and $name eq "lea") { $p1 =~ s/^[^\[]*\[/\[/; $p2 =~ s/^[^\[]*\[/\[/; @@ -221,15 +264,17 @@ sub using486 sub main'file { - local $tmp; - $tmp=<<___; + if ($main'mwerks) { push(@out,".section\t.text\n"); } + else { + local $tmp=<<___; %ifdef __omf__ section code use32 class=code %else section .text %endif ___ - push(@out,$tmp); + push(@out,$tmp); + } } sub main'function_begin @@ -237,9 +282,10 @@ sub main'function_begin my($func,$extra)=@_; push(@labels,$func); + push(@out,".") if ($main'mwerks); my($tmp)=<<"EOF"; -global _$func -_$func: +global $under$func +$under$func: push ebp push ebx push esi @@ -252,9 +298,10 @@ EOF sub main'function_begin_B { my($func,$extra)=@_; + push(@out,".") if ($main'mwerks); my($tmp)=<<"EOF"; -global _$func -_$func: +global $under$func +$under$func: EOF push(@out,$tmp); $stack=4; @@ -328,11 +375,18 @@ sub main'comment } } +sub main'public_label + { + $label{$_[0]}="${under}${_[0]}" if (!defined($label{$_[0]})); + push(@out,".") if ($main'mwerks); + push(@out,"global\t$label{$_[0]}\n"); + } + sub main'label { if (!defined($label{$_[0]})) { - $label{$_[0]}="\$${label}${_[0]}"; + $label{$_[0]}="\@${label}${_[0]}"; $label++; } return($label{$_[0]}); @@ -342,15 +396,30 @@ sub main'set_label { if (!defined($label{$_[0]})) { - $label{$_[0]}="\$${label}${_[0]}"; + $label{$_[0]}="\@${label}${_[0]}"; $label++; } + if ($_[1]!=0 && $_[1]>1) + { + main'align($_[1]); + } push(@out,"$label{$_[0]}:\n"); } +sub main'data_byte + { + push(@out,(($main'mwerks)?".byte\t":"DB\t").join(',',@_)."\n"); + } + sub main'data_word { - push(@out,"\tDD\t$_[0]\n"); + push(@out,(($main'mwerks)?".long\t":"DD\t").join(',',@_)."\n"); + } + +sub main'align + { + push(@out,".") if ($main'mwerks); + push(@out,"align\t$_[0]\n"); } sub out1p @@ -358,7 +427,7 @@ sub out1p my($name,$p1)=@_; my($l,$t); - push(@out,"\t$name\t ".&conv($p1)."\n"); + push(@out,"\t$name\t".&conv($p1)."\n"); } sub main'picmeup @@ -368,3 +437,19 @@ sub main'picmeup } sub main'blindpop { &out1("pop",@_); } + +sub main'initseg + { + local($f)=@_; + if ($main'win32) + { + local($tmp)=<<___; +segment .CRT\$XCU data +extern $under$f +DD $under$f +___ + push(@out,$tmp); + } + } + +1; diff --git a/src/lib/libssl/src/crypto/perlasm/x86unix.pl b/src/lib/libssl/src/crypto/perlasm/x86unix.pl index a31a25c12b..a4c947165e 100644 --- a/src/lib/libssl/src/crypto/perlasm/x86unix.pl +++ b/src/lib/libssl/src/crypto/perlasm/x86unix.pl @@ -1,14 +1,15 @@ #!/usr/local/bin/perl -package x86unix; +package x86unix; # GAS actually... $label="L000"; $const=""; $constl=0; $align=($main'aout)?"4":"16"; -$under=($main'aout)?"_":""; -$com_start=($main'sol)?"/":"#"; +$under=($main'aout or $main'coff)?"_":""; +$dot=($main'aout)?"":"."; +$com_start="#" if ($main'aout or $main'coff); sub main'asm_init_output { @out=(); } sub main'asm_get_output { return(@out); } @@ -51,6 +52,24 @@ if ($main'cpp) 'edi', '%edi', 'ebp', '%ebp', 'esp', '%esp', + + 'mm0', '%mm0', + 'mm1', '%mm1', + 'mm2', '%mm2', + 'mm3', '%mm3', + 'mm4', '%mm4', + 'mm5', '%mm5', + 'mm6', '%mm6', + 'mm7', '%mm7', + + 'xmm0', '%xmm0', + 'xmm1', '%xmm1', + 'xmm2', '%xmm2', + 'xmm3', '%xmm3', + 'xmm4', '%xmm4', + 'xmm5', '%xmm5', + 'xmm6', '%xmm6', + 'xmm7', '%xmm7', ); %reg_val=( @@ -97,6 +116,11 @@ sub main'DWP return($ret); } +sub main'QWP + { + return(&main'DWP(@_)); + } + sub main'BP { return(&main'DWP(@_)); @@ -140,12 +164,14 @@ sub main'xorb { &out2("xorb",@_); } sub main'add { &out2($_[0]=~/%[a-d][lh]/?"addb":"addl",@_); } sub main'adc { &out2("adcl",@_); } sub main'sub { &out2("subl",@_); } +sub main'sbb { &out2("sbbl",@_); } sub main'rotl { &out2("roll",@_); } sub main'rotr { &out2("rorl",@_); } sub main'exch { &out2($_[0]=~/%[a-d][lh]/?"xchgb":"xchgl",@_); } sub main'cmp { &out2("cmpl",@_); } sub main'lea { &out2("leal",@_); } sub main'mul { &out1("mull",@_); } +sub main'imul { &out2("imull",@_); } sub main'div { &out1("divl",@_); } sub main'jmp { &out1("jmp",@_); } sub main'jmp_ptr { &out1p("jmp",@_); } @@ -167,13 +193,48 @@ sub main'dec { &out1("decl",@_); } sub main'inc { &out1($_[0]=~/%[a-d][hl]/?"incb":"incl",@_); } sub main'push { &out1("pushl",@_); $stack+=4; } sub main'pop { &out1("popl",@_); $stack-=4; } -sub main'pushf { &out0("pushf"); $stack+=4; } -sub main'popf { &out0("popf"); $stack-=4; } +sub main'pushf { &out0("pushfl"); $stack+=4; } +sub main'popf { &out0("popfl"); $stack-=4; } sub main'not { &out1("notl",@_); } -sub main'call { &out1("call",($_[0]=~/^\.L/?'':$under).$_[0]); } +sub main'call { my $pre=$under; + foreach $i (%label) + { if ($label{$i} eq $_[0]) { $pre=''; last; } } + &out1("call",$pre.$_[0]); + } +sub main'call_ptr { &out1p("call",@_); } sub main'ret { &out0("ret"); } sub main'nop { &out0("nop"); } +sub main'test { &out2("testl",@_); } +sub main'bt { &out2("btl",@_); } +sub main'leave { &out0("leave"); } +sub main'cpuid { &out0(".byte\t0x0f,0xa2"); } +sub main'rdtsc { &out0(".byte\t0x0f,0x31"); } +sub main'halt { &out0("hlt"); } sub main'movz { &out2("movzbl",@_); } +sub main'neg { &out1("negl",@_); } +sub main'cld { &out0("cld"); } + +# SSE2 +sub main'emms { &out0("emms"); } +sub main'movd { &out2("movd",@_); } +sub main'movdqu { &out2("movdqu",@_); } +sub main'movdqa { &out2("movdqa",@_); } +sub main'movdq2q{ &out2("movdq2q",@_); } +sub main'movq2dq{ &out2("movq2dq",@_); } +sub main'paddq { &out2("paddq",@_); } +sub main'pmuludq{ &out2("pmuludq",@_); } +sub main'psrlq { &out2("psrlq",@_); } +sub main'psllq { &out2("psllq",@_); } +sub main'pxor { &out2("pxor",@_); } +sub main'por { &out2("por",@_); } +sub main'pand { &out2("pand",@_); } +sub main'movq { + local($p1,$p2,$optimize)=@_; + if ($optimize && $p1=~/^mm[0-7]$/ && $p2=~/^mm[0-7]$/) + # movq between mmx registers can sink Intel CPUs + { push(@out,"\tpshufw\t\$0xe4,%$p2,%$p1\n"); } + else { &out2("movq",@_); } + } # The bswapl instruction is new for the 486. Emulate if i386. sub main'bswap @@ -279,8 +340,6 @@ sub main'file local($tmp)=<<"EOF"; .file "$file.s" - .version "01.01" -gcc2_compiled.: EOF push(@out,$tmp); } @@ -294,15 +353,17 @@ sub main'function_begin local($tmp)=<<"EOF"; .text - .align $align -.globl $func +.globl $func EOF push(@out,$tmp); if ($main'cpp) - { $tmp=push(@out,"\tTYPE($func,\@function)\n"); } - elsif ($main'gaswin) - { $tmp=push(@out,"\t.def\t$func;\t.scl\t2;\t.type\t32;\t.endef\n"); } - else { $tmp=push(@out,"\t.type\t$func,\@function\n"); } + { $tmp=push(@out,"TYPE($func,\@function)\n"); } + elsif ($main'coff) + { $tmp=push(@out,".def\t$func;\t.scl\t2;\t.type\t32;\t.endef\n"); } + elsif ($main'aout and !$main'pic) + { } + else { $tmp=push(@out,".type\t$func,\@function\n"); } + push(@out,".align\t$align\n"); push(@out,"$func:\n"); $tmp=<<"EOF"; pushl %ebp @@ -324,15 +385,17 @@ sub main'function_begin_B local($tmp)=<<"EOF"; .text - .align $align -.globl $func +.globl $func EOF push(@out,$tmp); if ($main'cpp) - { push(@out,"\tTYPE($func,\@function)\n"); } - elsif ($main'gaswin) - { $tmp=push(@out,"\t.def\t$func;\t.scl\t2;\t.type\t32;\t.endef\n"); } - else { push(@out,"\t.type $func,\@function\n"); } + { push(@out,"TYPE($func,\@function)\n"); } + elsif ($main'coff) + { $tmp=push(@out,".def\t$func;\t.scl\t2;\t.type\t32;\t.endef\n"); } + elsif ($main'aout and !$main'pic) + { } + else { push(@out,".type $func,\@function\n"); } + push(@out,".align\t$align\n"); push(@out,"$func:\n"); $stack=4; } @@ -349,15 +412,15 @@ sub main'function_end popl %ebx popl %ebp ret -.L_${func}_end: +${dot}L_${func}_end: EOF push(@out,$tmp); if ($main'cpp) - { push(@out,"\tSIZE($func,.L_${func}_end-$func)\n"); } - elsif ($main'gaswin) - { $tmp=push(@out,"\t.align 4\n"); } - else { push(@out,"\t.size\t$func,.L_${func}_end-$func\n"); } + { push(@out,"SIZE($func,${dot}L_${func}_end-$func)\n"); } + elsif ($main'coff or $main'aout) + { } + else { push(@out,".size\t$func,${dot}L_${func}_end-$func\n"); } push(@out,".ident \"$func\"\n"); $stack=0; %label=(); @@ -383,13 +446,13 @@ sub main'function_end_B $func=$under.$func; - push(@out,".L_${func}_end:\n"); + push(@out,"${dot}L_${func}_end:\n"); if ($main'cpp) - { push(@out,"\tSIZE($func,.L_${func}_end-$func)\n"); } - elsif ($main'gaswin) - { push(@out,"\t.align 4\n"); } - else { push(@out,"\t.size\t$func,.L_${func}_end-$func\n"); } - push(@out,".ident \"desasm.pl\"\n"); + { push(@out,"SIZE($func,${dot}L_${func}_end-$func)\n"); } + elsif ($main'coff or $main'aout) + { } + else { push(@out,".size\t$func,${dot}L_${func}_end-$func\n"); } + push(@out,".ident \"$func\"\n"); $stack=0; %label=(); } @@ -430,9 +493,10 @@ sub main'swtmp sub main'comment { - if ($main'elf) # GNU and SVR4 as'es use different comment delimiters, - { # so we just skip comments... - push(@out,"\n"); + if (!defined($com_start) or $main'elf) + { # Regarding $main'elf above... + # GNU and SVR4 as'es use different comment delimiters, + push(@out,"\n"); # so we just skip ELF comments... return; } foreach (@_) @@ -444,11 +508,17 @@ sub main'comment } } +sub main'public_label + { + $label{$_[0]}="${under}${_[0]}" if (!defined($label{$_[0]})); + push(@out,".globl\t$label{$_[0]}\n"); + } + sub main'label { if (!defined($label{$_[0]})) { - $label{$_[0]}=".${label}${_[0]}"; + $label{$_[0]}="${dot}${label}${_[0]}"; $label++; } return($label{$_[0]}); @@ -458,15 +528,29 @@ sub main'set_label { if (!defined($label{$_[0]})) { - $label{$_[0]}=".${label}${_[0]}"; + $label{$_[0]}="${dot}${label}${_[0]}"; $label++; } - push(@out,".align $align\n") if ($_[1] != 0); + if ($_[1]!=0) + { + if ($_[1]>1) { main'align($_[1]); } + else { push(@out,".align $align\n"); } + } push(@out,"$label{$_[0]}:\n"); } sub main'file_end { + # try to detect if SSE2 or MMX extensions were used on ELF platform... + if ($main'elf && grep {/\b%[x]*mm[0-7]\b|OPENSSL_ia32cap_P\b/i} @out) { + local($tmp); + + push (@out,"\n.section\t.bss\n"); + push (@out,".comm\t${under}OPENSSL_ia32cap_P,4,4\n"); + + return; + } + if ($const ne "") { push(@out,".section .rodata\n"); @@ -475,9 +559,25 @@ sub main'file_end } } +sub main'data_byte + { + push(@out,"\t.byte\t".join(',',@_)."\n"); + } + sub main'data_word { - push(@out,"\t.long $_[0]\n"); + push(@out,"\t.long\t".join(',',@_)."\n"); + } + +sub main'align + { + my $val=$_[0],$p2,$i; + if ($main'aout) { + for ($p2=0;$val!=0;$val>>=1) { $p2++; } + $val=$p2-1; + $val.=",0x90"; + } + push(@out,".align\t$val\n"); } # debug output functions: puts, putx, printf @@ -559,7 +659,6 @@ sub main'picmeup { local($tmp)=<<___; #if (defined(ELF) || defined(SOL)) && defined(PIC) - .align 8 call 1f 1: popl $regs{$dst} addl \$_GLOBAL_OFFSET_TABLE_+[.-1b],$regs{$dst} @@ -572,13 +671,12 @@ ___ } elsif ($main'pic && ($main'elf || $main'aout)) { - push(@out,"\t.align\t8\n"); &main'call(&main'label("PIC_me_up")); &main'set_label("PIC_me_up"); &main'blindpop($dst); - &main'add($dst,"\$$under"."_GLOBAL_OFFSET_TABLE_+[.-". + &main'add($dst,"\$${under}_GLOBAL_OFFSET_TABLE_+[.-". &main'label("PIC_me_up") . "]"); - &main'mov($dst,&main'DWP($sym."\@GOT",$dst)); + &main'mov($dst,&main'DWP($under.$sym."\@GOT",$dst)); } else { @@ -587,3 +685,41 @@ ___ } sub main'blindpop { &out1("popl",@_); } + +sub main'initseg + { + local($f)=@_; + local($tmp); + if ($main'elf) + { + $tmp=<<___; +.section .init + call $under$f + jmp .Linitalign +.align $align +.Linitalign: +___ + } + elsif ($main'coff) + { + $tmp=<<___; # applies to both Cygwin and Mingw +.section .ctors +.long $under$f +___ + } + elsif ($main'aout) + { + local($ctor)="${under}_GLOBAL_\$I\$$f"; + $tmp=".text\n"; + $tmp.=".type $ctor,\@function\n" if ($main'pic); + $tmp.=<<___; # OpenBSD way... +.globl $ctor +.align 2 +$ctor: + jmp $under$f +___ + } + push(@out,$tmp) if ($tmp); + } + +1; diff --git a/src/lib/libssl/src/crypto/pkcs12/Makefile b/src/lib/libssl/src/crypto/pkcs12/Makefile index bef4f27912..3a7498fe7a 100644 --- a/src/lib/libssl/src/crypto/pkcs12/Makefile +++ b/src/lib/libssl/src/crypto/pkcs12/Makefile @@ -7,11 +7,6 @@ TOP= ../.. CC= cc INCLUDES= -I.. -I$(TOP) -I../../include CFLAG=-g -INSTALL_PREFIX= -OPENSSLDIR= /usr/local/ssl -INSTALLTOP=/usr/local/ssl -MAKEDEPPROG= makedepend -MAKEDEPEND= $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG) MAKEFILE= Makefile AR= ar r @@ -57,6 +52,7 @@ links: @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS) install: + @[ -n "$(INSTALLTOP)" ] # should be set by top Makefile... @headerlist="$(EXHEADER)"; for i in $$headerlist ; \ do \ (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \ @@ -72,6 +68,7 @@ lint: lint -DLINT $(INCLUDES) $(SRC)>fluff depend: + @[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile... $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC) dclean: @@ -83,333 +80,207 @@ clean: # DO NOT DELETE THIS LINE -- make depend depends on it. -p12_add.o: ../../e_os.h ../../include/openssl/aes.h -p12_add.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -p12_add.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -p12_add.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -p12_add.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -p12_add.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -p12_add.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -p12_add.o: ../../include/openssl/err.h ../../include/openssl/evp.h -p12_add.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -p12_add.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -p12_add.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h +p12_add.o: ../../e_os.h ../../include/openssl/asn1.h +p12_add.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h +p12_add.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h +p12_add.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h +p12_add.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h +p12_add.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h p12_add.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h p12_add.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h p12_add.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs12.h -p12_add.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -p12_add.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -p12_add.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -p12_add.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -p12_add.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -p12_add.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -p12_add.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -p12_add.o: ../cryptlib.h p12_add.c -p12_asn.o: ../../e_os.h ../../include/openssl/aes.h -p12_asn.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h -p12_asn.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -p12_asn.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -p12_asn.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h -p12_asn.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -p12_asn.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -p12_asn.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -p12_asn.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -p12_asn.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -p12_asn.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -p12_asn.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h +p12_add.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h +p12_add.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +p12_add.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h +p12_add.o: ../../include/openssl/x509_vfy.h ../cryptlib.h p12_add.c +p12_asn.o: ../../e_os.h ../../include/openssl/asn1.h +p12_asn.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h +p12_asn.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h +p12_asn.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h +p12_asn.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h +p12_asn.o: ../../include/openssl/err.h ../../include/openssl/evp.h +p12_asn.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h p12_asn.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h p12_asn.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h p12_asn.o: ../../include/openssl/pkcs12.h ../../include/openssl/pkcs7.h -p12_asn.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -p12_asn.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h -p12_asn.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -p12_asn.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -p12_asn.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -p12_asn.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h -p12_asn.o: ../../include/openssl/x509_vfy.h ../cryptlib.h p12_asn.c -p12_attr.o: ../../e_os.h ../../include/openssl/aes.h -p12_attr.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -p12_attr.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -p12_attr.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -p12_attr.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -p12_attr.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -p12_attr.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -p12_attr.o: ../../include/openssl/err.h ../../include/openssl/evp.h -p12_attr.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -p12_attr.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -p12_attr.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h +p12_asn.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +p12_asn.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +p12_asn.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +p12_asn.o: ../cryptlib.h p12_asn.c +p12_attr.o: ../../e_os.h ../../include/openssl/asn1.h +p12_attr.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h +p12_attr.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h +p12_attr.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h +p12_attr.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h +p12_attr.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h p12_attr.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h p12_attr.o: ../../include/openssl/opensslconf.h p12_attr.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h p12_attr.o: ../../include/openssl/pkcs12.h ../../include/openssl/pkcs7.h -p12_attr.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -p12_attr.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h -p12_attr.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -p12_attr.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -p12_attr.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -p12_attr.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h -p12_attr.o: ../../include/openssl/x509_vfy.h ../cryptlib.h p12_attr.c -p12_crpt.o: ../../e_os.h ../../include/openssl/aes.h -p12_crpt.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -p12_crpt.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -p12_crpt.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -p12_crpt.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -p12_crpt.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -p12_crpt.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -p12_crpt.o: ../../include/openssl/err.h ../../include/openssl/evp.h -p12_crpt.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -p12_crpt.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -p12_crpt.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h +p12_attr.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +p12_attr.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +p12_attr.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +p12_attr.o: ../cryptlib.h p12_attr.c +p12_crpt.o: ../../e_os.h ../../include/openssl/asn1.h +p12_crpt.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h +p12_crpt.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h +p12_crpt.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h +p12_crpt.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h +p12_crpt.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h p12_crpt.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h p12_crpt.o: ../../include/openssl/opensslconf.h p12_crpt.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h p12_crpt.o: ../../include/openssl/pkcs12.h ../../include/openssl/pkcs7.h -p12_crpt.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -p12_crpt.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h -p12_crpt.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -p12_crpt.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -p12_crpt.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -p12_crpt.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h -p12_crpt.o: ../../include/openssl/x509_vfy.h ../cryptlib.h p12_crpt.c -p12_crt.o: ../../e_os.h ../../include/openssl/aes.h -p12_crt.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -p12_crt.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -p12_crt.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -p12_crt.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -p12_crt.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -p12_crt.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -p12_crt.o: ../../include/openssl/err.h ../../include/openssl/evp.h -p12_crt.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -p12_crt.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -p12_crt.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h +p12_crpt.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +p12_crpt.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +p12_crpt.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +p12_crpt.o: ../cryptlib.h p12_crpt.c +p12_crt.o: ../../e_os.h ../../include/openssl/asn1.h +p12_crt.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h +p12_crt.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h +p12_crt.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h +p12_crt.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h +p12_crt.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h p12_crt.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h p12_crt.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h p12_crt.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs12.h -p12_crt.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -p12_crt.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -p12_crt.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -p12_crt.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -p12_crt.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -p12_crt.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -p12_crt.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -p12_crt.o: ../cryptlib.h p12_crt.c -p12_decr.o: ../../e_os.h ../../include/openssl/aes.h -p12_decr.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -p12_decr.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -p12_decr.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -p12_decr.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -p12_decr.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -p12_decr.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -p12_decr.o: ../../include/openssl/err.h ../../include/openssl/evp.h -p12_decr.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -p12_decr.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -p12_decr.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h +p12_crt.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h +p12_crt.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +p12_crt.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h +p12_crt.o: ../../include/openssl/x509_vfy.h ../cryptlib.h p12_crt.c +p12_decr.o: ../../e_os.h ../../include/openssl/asn1.h +p12_decr.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h +p12_decr.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h +p12_decr.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h +p12_decr.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h +p12_decr.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h p12_decr.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h p12_decr.o: ../../include/openssl/opensslconf.h p12_decr.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h p12_decr.o: ../../include/openssl/pkcs12.h ../../include/openssl/pkcs7.h -p12_decr.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -p12_decr.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h -p12_decr.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -p12_decr.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -p12_decr.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -p12_decr.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h -p12_decr.o: ../../include/openssl/x509_vfy.h ../cryptlib.h p12_decr.c -p12_init.o: ../../e_os.h ../../include/openssl/aes.h -p12_init.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -p12_init.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -p12_init.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -p12_init.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -p12_init.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -p12_init.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -p12_init.o: ../../include/openssl/err.h ../../include/openssl/evp.h -p12_init.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -p12_init.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -p12_init.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h +p12_decr.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +p12_decr.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +p12_decr.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +p12_decr.o: ../cryptlib.h p12_decr.c +p12_init.o: ../../e_os.h ../../include/openssl/asn1.h +p12_init.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h +p12_init.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h +p12_init.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h +p12_init.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h +p12_init.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h p12_init.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h p12_init.o: ../../include/openssl/opensslconf.h p12_init.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h p12_init.o: ../../include/openssl/pkcs12.h ../../include/openssl/pkcs7.h -p12_init.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -p12_init.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h -p12_init.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -p12_init.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -p12_init.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -p12_init.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h -p12_init.o: ../../include/openssl/x509_vfy.h ../cryptlib.h p12_init.c -p12_key.o: ../../e_os.h ../../include/openssl/aes.h -p12_key.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -p12_key.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -p12_key.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -p12_key.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -p12_key.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -p12_key.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h +p12_init.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +p12_init.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +p12_init.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +p12_init.o: ../cryptlib.h p12_init.c +p12_key.o: ../../e_os.h ../../include/openssl/asn1.h +p12_key.o: ../../include/openssl/bio.h ../../include/openssl/bn.h +p12_key.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h +p12_key.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h +p12_key.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h p12_key.o: ../../include/openssl/err.h ../../include/openssl/evp.h -p12_key.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -p12_key.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -p12_key.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h -p12_key.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -p12_key.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -p12_key.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs12.h -p12_key.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -p12_key.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -p12_key.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h +p12_key.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h +p12_key.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h +p12_key.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +p12_key.o: ../../include/openssl/pkcs12.h ../../include/openssl/pkcs7.h p12_key.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h p12_key.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -p12_key.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h p12_key.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h p12_key.o: ../cryptlib.h p12_key.c -p12_kiss.o: ../../e_os.h ../../include/openssl/aes.h -p12_kiss.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -p12_kiss.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -p12_kiss.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -p12_kiss.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -p12_kiss.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -p12_kiss.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -p12_kiss.o: ../../include/openssl/err.h ../../include/openssl/evp.h -p12_kiss.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -p12_kiss.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -p12_kiss.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h +p12_kiss.o: ../../e_os.h ../../include/openssl/asn1.h +p12_kiss.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h +p12_kiss.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h +p12_kiss.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h +p12_kiss.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h +p12_kiss.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h p12_kiss.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h p12_kiss.o: ../../include/openssl/opensslconf.h p12_kiss.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h p12_kiss.o: ../../include/openssl/pkcs12.h ../../include/openssl/pkcs7.h -p12_kiss.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -p12_kiss.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h -p12_kiss.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -p12_kiss.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -p12_kiss.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -p12_kiss.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h -p12_kiss.o: ../../include/openssl/x509_vfy.h ../cryptlib.h p12_kiss.c -p12_mutl.o: ../../e_os.h ../../include/openssl/aes.h -p12_mutl.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -p12_mutl.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -p12_mutl.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -p12_mutl.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -p12_mutl.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -p12_mutl.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -p12_mutl.o: ../../include/openssl/err.h ../../include/openssl/evp.h -p12_mutl.o: ../../include/openssl/hmac.h ../../include/openssl/idea.h -p12_mutl.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -p12_mutl.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -p12_mutl.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h +p12_kiss.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +p12_kiss.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +p12_kiss.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +p12_kiss.o: ../cryptlib.h p12_kiss.c +p12_mutl.o: ../../e_os.h ../../include/openssl/asn1.h +p12_mutl.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h +p12_mutl.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h +p12_mutl.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h +p12_mutl.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h +p12_mutl.o: ../../include/openssl/evp.h ../../include/openssl/hmac.h +p12_mutl.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h p12_mutl.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h p12_mutl.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h p12_mutl.o: ../../include/openssl/pkcs12.h ../../include/openssl/pkcs7.h -p12_mutl.o: ../../include/openssl/rand.h ../../include/openssl/rc2.h -p12_mutl.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -p12_mutl.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -p12_mutl.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -p12_mutl.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -p12_mutl.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -p12_mutl.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -p12_mutl.o: ../cryptlib.h p12_mutl.c -p12_npas.o: ../../include/openssl/aes.h ../../include/openssl/asn1.h -p12_npas.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -p12_npas.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -p12_npas.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h -p12_npas.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -p12_npas.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -p12_npas.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -p12_npas.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -p12_npas.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -p12_npas.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -p12_npas.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h +p12_mutl.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h +p12_mutl.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +p12_mutl.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h +p12_mutl.o: ../../include/openssl/x509_vfy.h ../cryptlib.h p12_mutl.c +p12_npas.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h +p12_npas.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h +p12_npas.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h +p12_npas.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h +p12_npas.o: ../../include/openssl/err.h ../../include/openssl/evp.h +p12_npas.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h p12_npas.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h p12_npas.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h p12_npas.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h p12_npas.o: ../../include/openssl/pkcs12.h ../../include/openssl/pkcs7.h -p12_npas.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -p12_npas.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h -p12_npas.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -p12_npas.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -p12_npas.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -p12_npas.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h -p12_npas.o: ../../include/openssl/x509_vfy.h p12_npas.c -p12_p8d.o: ../../e_os.h ../../include/openssl/aes.h -p12_p8d.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -p12_p8d.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -p12_p8d.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -p12_p8d.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -p12_p8d.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -p12_p8d.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -p12_p8d.o: ../../include/openssl/err.h ../../include/openssl/evp.h -p12_p8d.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -p12_p8d.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -p12_p8d.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h +p12_npas.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +p12_npas.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +p12_npas.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +p12_npas.o: p12_npas.c +p12_p8d.o: ../../e_os.h ../../include/openssl/asn1.h +p12_p8d.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h +p12_p8d.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h +p12_p8d.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h +p12_p8d.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h +p12_p8d.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h p12_p8d.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h p12_p8d.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h p12_p8d.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs12.h -p12_p8d.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -p12_p8d.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -p12_p8d.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -p12_p8d.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -p12_p8d.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -p12_p8d.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -p12_p8d.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -p12_p8d.o: ../cryptlib.h p12_p8d.c -p12_p8e.o: ../../e_os.h ../../include/openssl/aes.h -p12_p8e.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -p12_p8e.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -p12_p8e.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -p12_p8e.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -p12_p8e.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -p12_p8e.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -p12_p8e.o: ../../include/openssl/err.h ../../include/openssl/evp.h -p12_p8e.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -p12_p8e.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -p12_p8e.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h +p12_p8d.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h +p12_p8d.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +p12_p8d.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h +p12_p8d.o: ../../include/openssl/x509_vfy.h ../cryptlib.h p12_p8d.c +p12_p8e.o: ../../e_os.h ../../include/openssl/asn1.h +p12_p8e.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h +p12_p8e.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h +p12_p8e.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h +p12_p8e.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h +p12_p8e.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h p12_p8e.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h p12_p8e.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h p12_p8e.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs12.h -p12_p8e.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -p12_p8e.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -p12_p8e.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -p12_p8e.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -p12_p8e.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -p12_p8e.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -p12_p8e.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -p12_p8e.o: ../cryptlib.h p12_p8e.c -p12_utl.o: ../../e_os.h ../../include/openssl/aes.h -p12_utl.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -p12_utl.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -p12_utl.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -p12_utl.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -p12_utl.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -p12_utl.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -p12_utl.o: ../../include/openssl/err.h ../../include/openssl/evp.h -p12_utl.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -p12_utl.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -p12_utl.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h +p12_p8e.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h +p12_p8e.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +p12_p8e.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h +p12_p8e.o: ../../include/openssl/x509_vfy.h ../cryptlib.h p12_p8e.c +p12_utl.o: ../../e_os.h ../../include/openssl/asn1.h +p12_utl.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h +p12_utl.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h +p12_utl.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h +p12_utl.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h +p12_utl.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h p12_utl.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h p12_utl.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h p12_utl.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs12.h -p12_utl.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -p12_utl.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -p12_utl.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -p12_utl.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -p12_utl.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -p12_utl.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -p12_utl.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -p12_utl.o: ../cryptlib.h p12_utl.c -pk12err.o: ../../include/openssl/aes.h ../../include/openssl/asn1.h -pk12err.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -pk12err.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -pk12err.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h -pk12err.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -pk12err.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -pk12err.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -pk12err.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -pk12err.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -pk12err.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -pk12err.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h +p12_utl.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h +p12_utl.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +p12_utl.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h +p12_utl.o: ../../include/openssl/x509_vfy.h ../cryptlib.h p12_utl.c +pk12err.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h +pk12err.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h +pk12err.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h +pk12err.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h +pk12err.o: ../../include/openssl/err.h ../../include/openssl/evp.h +pk12err.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h pk12err.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h pk12err.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h pk12err.o: ../../include/openssl/pkcs12.h ../../include/openssl/pkcs7.h -pk12err.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -pk12err.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h -pk12err.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -pk12err.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -pk12err.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -pk12err.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h -pk12err.o: ../../include/openssl/x509_vfy.h pk12err.c +pk12err.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +pk12err.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +pk12err.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +pk12err.o: pk12err.c diff --git a/src/lib/libssl/src/crypto/pkcs12/p12_add.c b/src/lib/libssl/src/crypto/pkcs12/p12_add.c index 27015dd8c3..41bdc00551 100644 --- a/src/lib/libssl/src/crypto/pkcs12/p12_add.c +++ b/src/lib/libssl/src/crypto/pkcs12/p12_add.c @@ -68,16 +68,16 @@ PKCS12_SAFEBAG *PKCS12_item_pack_safebag(void *obj, const ASN1_ITEM *it, int nid PKCS12_BAGS *bag; PKCS12_SAFEBAG *safebag; if (!(bag = PKCS12_BAGS_new())) { - PKCS12err(PKCS12_F_PKCS12_PACK_SAFEBAG, ERR_R_MALLOC_FAILURE); + PKCS12err(PKCS12_F_PKCS12_ITEM_PACK_SAFEBAG, ERR_R_MALLOC_FAILURE); return NULL; } bag->type = OBJ_nid2obj(nid1); if (!ASN1_item_pack(obj, it, &bag->value.octet)) { - PKCS12err(PKCS12_F_PKCS12_PACK_SAFEBAG, ERR_R_MALLOC_FAILURE); + PKCS12err(PKCS12_F_PKCS12_ITEM_PACK_SAFEBAG, ERR_R_MALLOC_FAILURE); return NULL; } if (!(safebag = PKCS12_SAFEBAG_new())) { - PKCS12err(PKCS12_F_PKCS12_PACK_SAFEBAG, ERR_R_MALLOC_FAILURE); + PKCS12err(PKCS12_F_PKCS12_ITEM_PACK_SAFEBAG, ERR_R_MALLOC_FAILURE); return NULL; } safebag->value.bag = bag; diff --git a/src/lib/libssl/src/crypto/pkcs12/p12_crpt.c b/src/lib/libssl/src/crypto/pkcs12/p12_crpt.c index 003ec7a33e..3ad33c49d8 100644 --- a/src/lib/libssl/src/crypto/pkcs12/p12_crpt.c +++ b/src/lib/libssl/src/crypto/pkcs12/p12_crpt.c @@ -84,19 +84,25 @@ EVP_PBE_alg_add(NID_pbe_WithSHA1And40BitRC2_CBC, EVP_rc2_40_cbc(), #endif } -int PKCS12_PBE_keyivgen (EVP_CIPHER_CTX *ctx, const char *pass, int passlen, +int PKCS12_PBE_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen, ASN1_TYPE *param, const EVP_CIPHER *cipher, const EVP_MD *md, int en_de) { PBEPARAM *pbe; int saltlen, iter, ret; - unsigned char *salt, *pbuf; + unsigned char *salt; + const unsigned char *pbuf; unsigned char key[EVP_MAX_KEY_LENGTH], iv[EVP_MAX_IV_LENGTH]; /* Extract useful info from parameter */ + if (param == NULL || param->type != V_ASN1_SEQUENCE || + param->value.sequence == NULL) { + PKCS12err(PKCS12_F_PKCS12_PBE_KEYIVGEN,PKCS12_R_DECODE_ERROR); + return 0; + } + pbuf = param->value.sequence->data; - if (!param || (param->type != V_ASN1_SEQUENCE) || - !(pbe = d2i_PBEPARAM (NULL, &pbuf, param->value.sequence->length))) { - EVPerr(PKCS12_F_PKCS12_PBE_KEYIVGEN,EVP_R_DECODE_ERROR); + if (!(pbe = d2i_PBEPARAM(NULL, &pbuf, param->value.sequence->length))) { + PKCS12err(PKCS12_F_PKCS12_PBE_KEYIVGEN,PKCS12_R_DECODE_ERROR); return 0; } diff --git a/src/lib/libssl/src/crypto/pkcs12/p12_crt.c b/src/lib/libssl/src/crypto/pkcs12/p12_crt.c index 40340a7bef..dbafda17b6 100644 --- a/src/lib/libssl/src/crypto/pkcs12/p12_crt.c +++ b/src/lib/libssl/src/crypto/pkcs12/p12_crt.c @@ -1,9 +1,9 @@ /* p12_crt.c */ /* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL - * project 1999. + * project. */ /* ==================================================================== - * Copyright (c) 1999 The OpenSSL Project. All rights reserved. + * Copyright (c) 1999-2002 The OpenSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -60,113 +60,289 @@ #include "cryptlib.h" #include + +static int pkcs12_add_bag(STACK_OF(PKCS12_SAFEBAG) **pbags, PKCS12_SAFEBAG *bag); + PKCS12 *PKCS12_create(char *pass, char *name, EVP_PKEY *pkey, X509 *cert, STACK_OF(X509) *ca, int nid_key, int nid_cert, int iter, int mac_iter, int keytype) { - PKCS12 *p12; - STACK_OF(PKCS12_SAFEBAG) *bags; - STACK_OF(PKCS7) *safes; - PKCS12_SAFEBAG *bag; - PKCS8_PRIV_KEY_INFO *p8; - PKCS7 *authsafe; - X509 *tcert; + PKCS12 *p12 = NULL; + STACK_OF(PKCS7) *safes = NULL; + STACK_OF(PKCS12_SAFEBAG) *bags = NULL; + PKCS12_SAFEBAG *bag = NULL; int i; unsigned char keyid[EVP_MAX_MD_SIZE]; - unsigned int keyidlen; + unsigned int keyidlen = 0; /* Set defaults */ - if(!nid_cert) - { -#ifdef OPENSSL_FIPS - if (FIPS_mode()) - nid_cert = NID_pbe_WithSHA1And3_Key_TripleDES_CBC; - else -#endif - nid_cert = NID_pbe_WithSHA1And40BitRC2_CBC; - } - if(!nid_key) nid_key = NID_pbe_WithSHA1And3_Key_TripleDES_CBC; - if(!iter) iter = PKCS12_DEFAULT_ITER; - if(!mac_iter) mac_iter = 1; + if (!nid_cert) + nid_cert = NID_pbe_WithSHA1And40BitRC2_CBC; + if (!nid_key) + nid_key = NID_pbe_WithSHA1And3_Key_TripleDES_CBC; + if (!iter) + iter = PKCS12_DEFAULT_ITER; + if (!mac_iter) + mac_iter = 1; - if(!pkey || !cert) { + if(!pkey && !cert && !ca) + { PKCS12err(PKCS12_F_PKCS12_CREATE,PKCS12_R_INVALID_NULL_ARGUMENT); return NULL; - } - - if(!X509_check_private_key(cert, pkey)) return NULL; + } - if(!(bags = sk_PKCS12_SAFEBAG_new_null ())) { - PKCS12err(PKCS12_F_PKCS12_CREATE,ERR_R_MALLOC_FAILURE); - return NULL; - } + if (pkey && cert) + { + if(!X509_check_private_key(cert, pkey)) + return NULL; + X509_digest(cert, EVP_sha1(), keyid, &keyidlen); + } - /* Add user certificate */ - if(!(bag = PKCS12_x5092certbag(cert))) return NULL; - if(name && !PKCS12_add_friendlyname(bag, name, -1)) return NULL; - X509_digest(cert, EVP_sha1(), keyid, &keyidlen); - if(!PKCS12_add_localkeyid(bag, keyid, keyidlen)) return NULL; + if (cert) + { + bag = PKCS12_add_cert(&bags, cert); + if(name && !PKCS12_add_friendlyname(bag, name, -1)) + goto err; + if(keyidlen && !PKCS12_add_localkeyid(bag, keyid, keyidlen)) + goto err; + } - if(!sk_PKCS12_SAFEBAG_push(bags, bag)) { - PKCS12err(PKCS12_F_PKCS12_CREATE,ERR_R_MALLOC_FAILURE); - return NULL; - } - /* Add all other certificates */ - if(ca) { - for(i = 0; i < sk_X509_num(ca); i++) { - tcert = sk_X509_value(ca, i); - if(!(bag = PKCS12_x5092certbag(tcert))) return NULL; - if(!sk_PKCS12_SAFEBAG_push(bags, bag)) { - PKCS12err(PKCS12_F_PKCS12_CREATE,ERR_R_MALLOC_FAILURE); - return NULL; + for(i = 0; i < sk_X509_num(ca); i++) + { + if (!PKCS12_add_cert(&bags, sk_X509_value(ca, i))) + goto err; + } + + if (bags && !PKCS12_add_safe(&safes, bags, nid_cert, iter, pass)) + goto err; + + sk_PKCS12_SAFEBAG_pop_free(bags, PKCS12_SAFEBAG_free); + bags = NULL; + + if (pkey) + { + int cspidx; + bag = PKCS12_add_key(&bags, pkey, keytype, iter, nid_key, pass); + + if (!bag) + goto err; + + cspidx = EVP_PKEY_get_attr_by_NID(pkey, NID_ms_csp_name, -1); + if (cspidx >= 0) + { + X509_ATTRIBUTE *cspattr; + cspattr = EVP_PKEY_get_attr(pkey, cspidx); + if (!X509at_add1_attr(&bag->attrib, cspattr)) + goto err; } + + if(name && !PKCS12_add_friendlyname(bag, name, -1)) + goto err; + if(keyidlen && !PKCS12_add_localkeyid(bag, keyid, keyidlen)) + goto err; } - } - /* Turn certbags into encrypted authsafe */ - authsafe = PKCS12_pack_p7encdata (nid_cert, pass, -1, NULL, 0, - iter, bags); + if (bags && !PKCS12_add_safe(&safes, bags, -1, 0, NULL)) + goto err; + sk_PKCS12_SAFEBAG_pop_free(bags, PKCS12_SAFEBAG_free); + bags = NULL; - if (!authsafe) return NULL; + p12 = PKCS12_add_safes(safes, 0); + + sk_PKCS7_pop_free(safes, PKCS7_free); + + safes = NULL; + + if ((mac_iter != -1) && + !PKCS12_set_mac(p12, pass, -1, NULL, 0, mac_iter, NULL)) + goto err; + + return p12; + + err: + + if (p12) + PKCS12_free(p12); + if (safes) + sk_PKCS7_pop_free(safes, PKCS7_free); + if (bags) + sk_PKCS12_SAFEBAG_pop_free(bags, PKCS12_SAFEBAG_free); + return NULL; + +} + +PKCS12_SAFEBAG *PKCS12_add_cert(STACK_OF(PKCS12_SAFEBAG) **pbags, X509 *cert) + { + PKCS12_SAFEBAG *bag = NULL; + char *name; + int namelen = -1; + unsigned char *keyid; + int keyidlen = -1; + + /* Add user certificate */ + if(!(bag = PKCS12_x5092certbag(cert))) + goto err; + + /* Use friendlyName and localKeyID in certificate. + * (if present) + */ + + name = (char *)X509_alias_get0(cert, &namelen); + + if(name && !PKCS12_add_friendlyname(bag, name, namelen)) + goto err; + + keyid = X509_keyid_get0(cert, &keyidlen); + + if(keyid && !PKCS12_add_localkeyid(bag, keyid, keyidlen)) + goto err; + + if (!pkcs12_add_bag(pbags, bag)) + goto err; + + return bag; + + err: + + if (bag) + PKCS12_SAFEBAG_free(bag); + + return NULL; - if(!(safes = sk_PKCS7_new_null ()) - || !sk_PKCS7_push(safes, authsafe)) { - PKCS12err(PKCS12_F_PKCS12_CREATE,ERR_R_MALLOC_FAILURE); - return NULL; } - /* Make a shrouded key bag */ - if(!(p8 = EVP_PKEY2PKCS8 (pkey))) return NULL; - if(keytype && !PKCS8_add_keyusage(p8, keytype)) return NULL; - bag = PKCS12_MAKE_SHKEYBAG (nid_key, pass, -1, NULL, 0, iter, p8); - if(!bag) return NULL; - PKCS8_PRIV_KEY_INFO_free(p8); - if (name && !PKCS12_add_friendlyname (bag, name, -1)) return NULL; - if(!PKCS12_add_localkeyid (bag, keyid, keyidlen)) return NULL; - if(!(bags = sk_PKCS12_SAFEBAG_new_null()) - || !sk_PKCS12_SAFEBAG_push (bags, bag)) { - PKCS12err(PKCS12_F_PKCS12_CREATE,ERR_R_MALLOC_FAILURE); - return NULL; +PKCS12_SAFEBAG *PKCS12_add_key(STACK_OF(PKCS12_SAFEBAG) **pbags, EVP_PKEY *key, + int key_usage, int iter, + int nid_key, char *pass) + { + + PKCS12_SAFEBAG *bag = NULL; + PKCS8_PRIV_KEY_INFO *p8 = NULL; + + /* Make a PKCS#8 structure */ + if(!(p8 = EVP_PKEY2PKCS8(key))) + goto err; + if(key_usage && !PKCS8_add_keyusage(p8, key_usage)) + goto err; + if (nid_key != -1) + { + bag = PKCS12_MAKE_SHKEYBAG(nid_key, pass, -1, NULL, 0, iter, p8); + PKCS8_PRIV_KEY_INFO_free(p8); + } + else + bag = PKCS12_MAKE_KEYBAG(p8); + + if(!bag) + goto err; + + if (!pkcs12_add_bag(pbags, bag)) + goto err; + + return bag; + + err: + + if (bag) + PKCS12_SAFEBAG_free(bag); + + return NULL; + } - /* Turn it into unencrypted safe bag */ - if(!(authsafe = PKCS12_pack_p7data (bags))) return NULL; - sk_PKCS12_SAFEBAG_pop_free(bags, PKCS12_SAFEBAG_free); - if(!sk_PKCS7_push(safes, authsafe)) { - PKCS12err(PKCS12_F_PKCS12_CREATE,ERR_R_MALLOC_FAILURE); - return NULL; + +int PKCS12_add_safe(STACK_OF(PKCS7) **psafes, STACK_OF(PKCS12_SAFEBAG) *bags, + int nid_safe, int iter, char *pass) + { + PKCS7 *p7 = NULL; + int free_safes = 0; + + if (!*psafes) + { + *psafes = sk_PKCS7_new_null(); + if (!*psafes) + return 0; + free_safes = 1; + } + else + free_safes = 0; + + if (nid_safe == 0) + nid_safe = NID_pbe_WithSHA1And40BitRC2_CBC; + + if (nid_safe == -1) + p7 = PKCS12_pack_p7data(bags); + else + p7 = PKCS12_pack_p7encdata(nid_safe, pass, -1, NULL, 0, + iter, bags); + if (!p7) + goto err; + + if (!sk_PKCS7_push(*psafes, p7)) + goto err; + + return 1; + + err: + if (free_safes) + { + sk_PKCS7_free(*psafes); + *psafes = NULL; + } + + if (p7) + PKCS7_free(p7); + + return 0; + } - if(!(p12 = PKCS12_init (NID_pkcs7_data))) return NULL; +static int pkcs12_add_bag(STACK_OF(PKCS12_SAFEBAG) **pbags, PKCS12_SAFEBAG *bag) + { + int free_bags; + if (!pbags) + return 1; + if (!*pbags) + { + *pbags = sk_PKCS12_SAFEBAG_new_null(); + if (!*pbags) + return 0; + free_bags = 1; + } + else + free_bags = 0; - if(!PKCS12_pack_authsafes (p12, safes)) return NULL; + if (!sk_PKCS12_SAFEBAG_push(*pbags, bag)) + { + if (free_bags) + { + sk_PKCS12_SAFEBAG_free(*pbags); + *pbags = NULL; + } + return 0; + } - sk_PKCS7_pop_free(safes, PKCS7_free); + return 1; + + } + + +PKCS12 *PKCS12_add_safes(STACK_OF(PKCS7) *safes, int nid_p7) + { + PKCS12 *p12; + if (nid_p7 <= 0) + nid_p7 = NID_pkcs7_data; + p12 = PKCS12_init(nid_p7); + + if (!p12) + return NULL; - if(!PKCS12_set_mac (p12, pass, -1, NULL, 0, mac_iter, NULL)) - return NULL; + if(!PKCS12_pack_authsafes(p12, safes)) + { + PKCS12_free(p12); + return NULL; + } return p12; -} + } diff --git a/src/lib/libssl/src/crypto/pkcs12/p12_decr.c b/src/lib/libssl/src/crypto/pkcs12/p12_decr.c index b5684a83ba..74c961a92b 100644 --- a/src/lib/libssl/src/crypto/pkcs12/p12_decr.c +++ b/src/lib/libssl/src/crypto/pkcs12/p12_decr.c @@ -113,13 +113,14 @@ unsigned char * PKCS12_pbe_crypt(X509_ALGOR *algor, const char *pass, void * PKCS12_item_decrypt_d2i(X509_ALGOR *algor, const ASN1_ITEM *it, const char *pass, int passlen, ASN1_OCTET_STRING *oct, int zbuf) { - unsigned char *out, *p; + unsigned char *out; + const unsigned char *p; void *ret; int outlen; if (!PKCS12_pbe_crypt(algor, pass, passlen, oct->data, oct->length, &out, &outlen, 0)) { - PKCS12err(PKCS12_F_PKCS12_DECRYPT_D2I,PKCS12_R_PKCS12_PBE_CRYPT_ERROR); + PKCS12err(PKCS12_F_PKCS12_ITEM_DECRYPT_D2I,PKCS12_R_PKCS12_PBE_CRYPT_ERROR); return NULL; } p = out; @@ -137,7 +138,7 @@ void * PKCS12_item_decrypt_d2i(X509_ALGOR *algor, const ASN1_ITEM *it, #endif ret = ASN1_item_d2i(NULL, &p, outlen, it); if (zbuf) OPENSSL_cleanse(out, outlen); - if(!ret) PKCS12err(PKCS12_F_PKCS12_DECRYPT_D2I,PKCS12_R_DECODE_ERROR); + if(!ret) PKCS12err(PKCS12_F_PKCS12_ITEM_DECRYPT_D2I,PKCS12_R_DECODE_ERROR); OPENSSL_free(out); return ret; } @@ -154,17 +155,17 @@ ASN1_OCTET_STRING *PKCS12_item_i2d_encrypt(X509_ALGOR *algor, const ASN1_ITEM *i unsigned char *in = NULL; int inlen; if (!(oct = M_ASN1_OCTET_STRING_new ())) { - PKCS12err(PKCS12_F_PKCS12_I2D_ENCRYPT,ERR_R_MALLOC_FAILURE); + PKCS12err(PKCS12_F_PKCS12_ITEM_I2D_ENCRYPT,ERR_R_MALLOC_FAILURE); return NULL; } inlen = ASN1_item_i2d(obj, &in, it); if (!in) { - PKCS12err(PKCS12_F_PKCS12_I2D_ENCRYPT,PKCS12_R_ENCODE_ERROR); + PKCS12err(PKCS12_F_PKCS12_ITEM_I2D_ENCRYPT,PKCS12_R_ENCODE_ERROR); return NULL; } if (!PKCS12_pbe_crypt(algor, pass, passlen, in, inlen, &oct->data, &oct->length, 1)) { - PKCS12err(PKCS12_F_PKCS12_I2D_ENCRYPT,PKCS12_R_ENCRYPT_ERROR); + PKCS12err(PKCS12_F_PKCS12_ITEM_I2D_ENCRYPT,PKCS12_R_ENCRYPT_ERROR); OPENSSL_free(in); return NULL; } diff --git a/src/lib/libssl/src/crypto/pkcs12/p12_init.c b/src/lib/libssl/src/crypto/pkcs12/p12_init.c index 5276b12669..6bdc132631 100644 --- a/src/lib/libssl/src/crypto/pkcs12/p12_init.c +++ b/src/lib/libssl/src/crypto/pkcs12/p12_init.c @@ -62,7 +62,7 @@ /* Initialise a PKCS12 structure to take data */ -PKCS12 *PKCS12_init (int mode) +PKCS12 *PKCS12_init(int mode) { PKCS12 *pkcs12; if (!(pkcs12 = PKCS12_new())) { diff --git a/src/lib/libssl/src/crypto/pkcs12/p12_key.c b/src/lib/libssl/src/crypto/pkcs12/p12_key.c index 9196a34b4a..18e72d0a1b 100644 --- a/src/lib/libssl/src/crypto/pkcs12/p12_key.c +++ b/src/lib/libssl/src/crypto/pkcs12/p12_key.c @@ -59,7 +59,7 @@ #include #include "cryptlib.h" #include - +#include /* Uncomment out this line to get debugging info about key generation */ /*#define DEBUG_KEYGEN*/ diff --git a/src/lib/libssl/src/crypto/pkcs12/p12_kiss.c b/src/lib/libssl/src/crypto/pkcs12/p12_kiss.c index 2b31999e11..c2ee2cc6f3 100644 --- a/src/lib/libssl/src/crypto/pkcs12/p12_kiss.c +++ b/src/lib/libssl/src/crypto/pkcs12/p12_kiss.c @@ -80,7 +80,7 @@ static int parse_bag( PKCS12_SAFEBAG *bag, const char *pass, int passlen, * passed unitialised. */ -int PKCS12_parse (PKCS12 *p12, const char *pass, EVP_PKEY **pkey, X509 **cert, +int PKCS12_parse(PKCS12 *p12, const char *pass, EVP_PKEY **pkey, X509 **cert, STACK_OF(X509) **ca) { @@ -141,7 +141,7 @@ int PKCS12_parse (PKCS12 *p12, const char *pass, EVP_PKEY **pkey, X509 **cert, /* Parse the outer PKCS#12 structure */ -static int parse_pk12 (PKCS12 *p12, const char *pass, int passlen, +static int parse_pk12(PKCS12 *p12, const char *pass, int passlen, EVP_PKEY **pkey, X509 **cert, STACK_OF(X509) **ca) { STACK_OF(PKCS7) *asafes; @@ -178,10 +178,10 @@ static int parse_pk12 (PKCS12 *p12, const char *pass, int passlen, } -static int parse_bags (STACK_OF(PKCS12_SAFEBAG) *bags, const char *pass, - int passlen, EVP_PKEY **pkey, X509 **cert, - STACK_OF(X509) **ca, ASN1_OCTET_STRING **keyid, - char *keymatch) +static int parse_bags(STACK_OF(PKCS12_SAFEBAG) *bags, const char *pass, + int passlen, EVP_PKEY **pkey, X509 **cert, + STACK_OF(X509) **ca, ASN1_OCTET_STRING **keyid, + char *keymatch) { int i; for (i = 0; i < sk_PKCS12_SAFEBAG_num(bags); i++) { @@ -197,9 +197,9 @@ static int parse_bags (STACK_OF(PKCS12_SAFEBAG) *bags, const char *pass, #define MATCH_ALL 0x3 static int parse_bag(PKCS12_SAFEBAG *bag, const char *pass, int passlen, - EVP_PKEY **pkey, X509 **cert, STACK_OF(X509) **ca, - ASN1_OCTET_STRING **keyid, - char *keymatch) + EVP_PKEY **pkey, X509 **cert, STACK_OF(X509) **ca, + ASN1_OCTET_STRING **keyid, + char *keymatch) { PKCS8_PRIV_KEY_INFO *p8; X509 *x509; @@ -221,7 +221,7 @@ static int parse_bag(PKCS12_SAFEBAG *bag, const char *pass, int passlen, if (M_ASN1_OCTET_STRING_cmp(*keyid, lkey)) lkey = NULL; } else { if (!(*keyid = M_ASN1_OCTET_STRING_dup(lkey))) { - PKCS12err(PKCS12_F_PARSE_BAGS,ERR_R_MALLOC_FAILURE); + PKCS12err(PKCS12_F_PARSE_BAG,ERR_R_MALLOC_FAILURE); return 0; } } diff --git a/src/lib/libssl/src/crypto/pkcs12/p12_mutl.c b/src/lib/libssl/src/crypto/pkcs12/p12_mutl.c index 140d21155e..c408cc8ab8 100644 --- a/src/lib/libssl/src/crypto/pkcs12/p12_mutl.c +++ b/src/lib/libssl/src/crypto/pkcs12/p12_mutl.c @@ -64,12 +64,12 @@ #include /* Generate a MAC */ -int PKCS12_gen_mac (PKCS12 *p12, const char *pass, int passlen, - unsigned char *mac, unsigned int *maclen) +int PKCS12_gen_mac(PKCS12 *p12, const char *pass, int passlen, + unsigned char *mac, unsigned int *maclen) { const EVP_MD *md_type; HMAC_CTX hmac; - unsigned char key[PKCS12_MAC_KEY_LENGTH], *salt; + unsigned char key[EVP_MAX_MD_SIZE], *salt; int saltlen, iter; if (!PKCS7_type_is_data(p12->authsafes)) @@ -88,12 +88,12 @@ int PKCS12_gen_mac (PKCS12 *p12, const char *pass, int passlen, return 0; } if(!PKCS12_key_gen (pass, passlen, salt, saltlen, PKCS12_MAC_ID, iter, - PKCS12_MAC_KEY_LENGTH, key, md_type)) { + EVP_MD_size(md_type), key, md_type)) { PKCS12err(PKCS12_F_PKCS12_GEN_MAC,PKCS12_R_KEY_GEN_ERROR); return 0; } HMAC_CTX_init(&hmac); - HMAC_Init_ex(&hmac, key, PKCS12_MAC_KEY_LENGTH, md_type, NULL); + HMAC_Init_ex(&hmac, key, EVP_MD_size(md_type), md_type, NULL); HMAC_Update(&hmac, p12->authsafes->d.data->data, p12->authsafes->d.data->length); HMAC_Final(&hmac, mac, maclen); @@ -102,16 +102,16 @@ int PKCS12_gen_mac (PKCS12 *p12, const char *pass, int passlen, } /* Verify the mac */ -int PKCS12_verify_mac (PKCS12 *p12, const char *pass, int passlen) +int PKCS12_verify_mac(PKCS12 *p12, const char *pass, int passlen) { unsigned char mac[EVP_MAX_MD_SIZE]; unsigned int maclen; if(p12->mac == NULL) { - PKCS12err(PKCS12_F_VERIFY_MAC,PKCS12_R_MAC_ABSENT); + PKCS12err(PKCS12_F_PKCS12_VERIFY_MAC,PKCS12_R_MAC_ABSENT); return 0; } if (!PKCS12_gen_mac (p12, pass, passlen, mac, &maclen)) { - PKCS12err(PKCS12_F_VERIFY_MAC,PKCS12_R_MAC_GENERATION_ERROR); + PKCS12err(PKCS12_F_PKCS12_VERIFY_MAC,PKCS12_R_MAC_GENERATION_ERROR); return 0; } if ((maclen != (unsigned int)p12->mac->dinfo->digest->length) @@ -121,7 +121,7 @@ int PKCS12_verify_mac (PKCS12 *p12, const char *pass, int passlen) /* Set a mac */ -int PKCS12_set_mac (PKCS12 *p12, const char *pass, int passlen, +int PKCS12_set_mac(PKCS12 *p12, const char *pass, int passlen, unsigned char *salt, int saltlen, int iter, const EVP_MD *md_type) { unsigned char mac[EVP_MAX_MD_SIZE]; @@ -145,7 +145,7 @@ int PKCS12_set_mac (PKCS12 *p12, const char *pass, int passlen, } /* Set up a mac structure */ -int PKCS12_setup_mac (PKCS12 *p12, int iter, unsigned char *salt, int saltlen, +int PKCS12_setup_mac(PKCS12 *p12, int iter, unsigned char *salt, int saltlen, const EVP_MD *md_type) { if (!(p12->mac = PKCS12_MAC_DATA_new())) return PKCS12_ERROR; diff --git a/src/lib/libssl/src/crypto/pkcs12/p12_npas.c b/src/lib/libssl/src/crypto/pkcs12/p12_npas.c index af708a2743..48eacc5c49 100644 --- a/src/lib/libssl/src/crypto/pkcs12/p12_npas.c +++ b/src/lib/libssl/src/crypto/pkcs12/p12_npas.c @@ -77,28 +77,26 @@ static int alg_get(X509_ALGOR *alg, int *pnid, int *piter, int *psaltlen); int PKCS12_newpass(PKCS12 *p12, char *oldpass, char *newpass) { + /* Check for NULL PKCS12 structure */ -/* Check for NULL PKCS12 structure */ - -if(!p12) { - PKCS12err(PKCS12_F_PKCS12_NEWPASS,PKCS12_R_INVALID_NULL_PKCS12_POINTER); - return 0; -} - -/* Check the mac */ - -if (!PKCS12_verify_mac(p12, oldpass, -1)) { - PKCS12err(PKCS12_F_PKCS12_NEWPASS,PKCS12_R_MAC_VERIFY_FAILURE); - return 0; -} + if(!p12) { + PKCS12err(PKCS12_F_PKCS12_NEWPASS,PKCS12_R_INVALID_NULL_PKCS12_POINTER); + return 0; + } -if (!newpass_p12(p12, oldpass, newpass)) { - PKCS12err(PKCS12_F_PKCS12_NEWPASS,PKCS12_R_PARSE_ERROR); - return 0; -} + /* Check the mac */ + + if (!PKCS12_verify_mac(p12, oldpass, -1)) { + PKCS12err(PKCS12_F_PKCS12_NEWPASS,PKCS12_R_MAC_VERIFY_FAILURE); + return 0; + } -return 1; + if (!newpass_p12(p12, oldpass, newpass)) { + PKCS12err(PKCS12_F_PKCS12_NEWPASS,PKCS12_R_PARSE_ERROR); + return 0; + } + return 1; } /* Parse the outer PKCS#12 structure */ @@ -206,7 +204,8 @@ static int newpass_bag(PKCS12_SAFEBAG *bag, char *oldpass, char *newpass) static int alg_get(X509_ALGOR *alg, int *pnid, int *piter, int *psaltlen) { PBEPARAM *pbe; - unsigned char *p; + const unsigned char *p; + p = alg->parameter->value.sequence->data; pbe = d2i_PBEPARAM(NULL, &p, alg->parameter->value.sequence->length); *pnid = OBJ_obj2nid(alg->algorithm); diff --git a/src/lib/libssl/src/crypto/pkcs12/pk12err.c b/src/lib/libssl/src/crypto/pkcs12/pk12err.c index a33b37b1c7..07a1fb6907 100644 --- a/src/lib/libssl/src/crypto/pkcs12/pk12err.c +++ b/src/lib/libssl/src/crypto/pkcs12/pk12err.c @@ -70,16 +70,18 @@ static ERR_STRING_DATA PKCS12_str_functs[]= { +{ERR_FUNC(PKCS12_F_PARSE_BAG), "PARSE_BAG"}, {ERR_FUNC(PKCS12_F_PARSE_BAGS), "PARSE_BAGS"}, {ERR_FUNC(PKCS12_F_PKCS12_ADD_FRIENDLYNAME), "PKCS12_ADD_FRIENDLYNAME"}, {ERR_FUNC(PKCS12_F_PKCS12_ADD_FRIENDLYNAME_ASC), "PKCS12_add_friendlyname_asc"}, {ERR_FUNC(PKCS12_F_PKCS12_ADD_FRIENDLYNAME_UNI), "PKCS12_add_friendlyname_uni"}, {ERR_FUNC(PKCS12_F_PKCS12_ADD_LOCALKEYID), "PKCS12_add_localkeyid"}, {ERR_FUNC(PKCS12_F_PKCS12_CREATE), "PKCS12_create"}, -{ERR_FUNC(PKCS12_F_PKCS12_DECRYPT_D2I), "PKCS12_DECRYPT_D2I"}, {ERR_FUNC(PKCS12_F_PKCS12_GEN_MAC), "PKCS12_gen_mac"}, -{ERR_FUNC(PKCS12_F_PKCS12_I2D_ENCRYPT), "PKCS12_I2D_ENCRYPT"}, {ERR_FUNC(PKCS12_F_PKCS12_INIT), "PKCS12_init"}, +{ERR_FUNC(PKCS12_F_PKCS12_ITEM_DECRYPT_D2I), "PKCS12_item_decrypt_d2i"}, +{ERR_FUNC(PKCS12_F_PKCS12_ITEM_I2D_ENCRYPT), "PKCS12_item_i2d_encrypt"}, +{ERR_FUNC(PKCS12_F_PKCS12_ITEM_PACK_SAFEBAG), "PKCS12_item_pack_safebag"}, {ERR_FUNC(PKCS12_F_PKCS12_KEY_GEN_ASC), "PKCS12_key_gen_asc"}, {ERR_FUNC(PKCS12_F_PKCS12_KEY_GEN_UNI), "PKCS12_key_gen_uni"}, {ERR_FUNC(PKCS12_F_PKCS12_MAKE_KEYBAG), "PKCS12_MAKE_KEYBAG"}, @@ -87,7 +89,6 @@ static ERR_STRING_DATA PKCS12_str_functs[]= {ERR_FUNC(PKCS12_F_PKCS12_NEWPASS), "PKCS12_newpass"}, {ERR_FUNC(PKCS12_F_PKCS12_PACK_P7DATA), "PKCS12_pack_p7data"}, {ERR_FUNC(PKCS12_F_PKCS12_PACK_P7ENCDATA), "PKCS12_pack_p7encdata"}, -{ERR_FUNC(PKCS12_F_PKCS12_PACK_SAFEBAG), "PKCS12_PACK_SAFEBAG"}, {ERR_FUNC(PKCS12_F_PKCS12_PARSE), "PKCS12_parse"}, {ERR_FUNC(PKCS12_F_PKCS12_PBE_CRYPT), "PKCS12_pbe_crypt"}, {ERR_FUNC(PKCS12_F_PKCS12_PBE_KEYIVGEN), "PKCS12_PBE_keyivgen"}, @@ -95,9 +96,9 @@ static ERR_STRING_DATA PKCS12_str_functs[]= {ERR_FUNC(PKCS12_F_PKCS12_SET_MAC), "PKCS12_set_mac"}, {ERR_FUNC(PKCS12_F_PKCS12_UNPACK_AUTHSAFES), "PKCS12_unpack_authsafes"}, {ERR_FUNC(PKCS12_F_PKCS12_UNPACK_P7DATA), "PKCS12_unpack_p7data"}, +{ERR_FUNC(PKCS12_F_PKCS12_VERIFY_MAC), "PKCS12_verify_mac"}, {ERR_FUNC(PKCS12_F_PKCS8_ADD_KEYUSAGE), "PKCS8_add_keyusage"}, {ERR_FUNC(PKCS12_F_PKCS8_ENCRYPT), "PKCS8_encrypt"}, -{ERR_FUNC(PKCS12_F_VERIFY_MAC), "VERIFY_MAC"}, {0,NULL} }; @@ -132,15 +133,12 @@ static ERR_STRING_DATA PKCS12_str_reasons[]= void ERR_load_PKCS12_strings(void) { - static int init=1; +#ifndef OPENSSL_NO_ERR - if (init) + if (ERR_func_error_string(PKCS12_str_functs[0].error) == NULL) { - init=0; -#ifndef OPENSSL_NO_ERR ERR_load_strings(0,PKCS12_str_functs); ERR_load_strings(0,PKCS12_str_reasons); -#endif - } +#endif } diff --git a/src/lib/libssl/src/crypto/pkcs12/pkcs12.h b/src/lib/libssl/src/crypto/pkcs12/pkcs12.h index fb8af82d4f..a2d7e359a0 100644 --- a/src/lib/libssl/src/crypto/pkcs12/pkcs12.h +++ b/src/lib/libssl/src/crypto/pkcs12/pkcs12.h @@ -249,6 +249,15 @@ int PKCS12_parse(PKCS12 *p12, const char *pass, EVP_PKEY **pkey, X509 **cert, PKCS12 *PKCS12_create(char *pass, char *name, EVP_PKEY *pkey, X509 *cert, STACK_OF(X509) *ca, int nid_key, int nid_cert, int iter, int mac_iter, int keytype); + +PKCS12_SAFEBAG *PKCS12_add_cert(STACK_OF(PKCS12_SAFEBAG) **pbags, X509 *cert); +PKCS12_SAFEBAG *PKCS12_add_key(STACK_OF(PKCS12_SAFEBAG) **pbags, EVP_PKEY *key, + int key_usage, int iter, + int key_nid, char *pass); +int PKCS12_add_safe(STACK_OF(PKCS7) **psafes, STACK_OF(PKCS12_SAFEBAG) *bags, + int safe_nid, int iter, char *pass); +PKCS12 *PKCS12_add_safes(STACK_OF(PKCS7) *safes, int p7_nid); + int i2d_PKCS12_bio(BIO *bp, PKCS12 *p12); int i2d_PKCS12_fp(FILE *fp, PKCS12 *p12); PKCS12 *d2i_PKCS12_bio(BIO *bp, PKCS12 **p12); @@ -264,16 +273,18 @@ void ERR_load_PKCS12_strings(void); /* Error codes for the PKCS12 functions. */ /* Function codes. */ +#define PKCS12_F_PARSE_BAG 129 #define PKCS12_F_PARSE_BAGS 103 #define PKCS12_F_PKCS12_ADD_FRIENDLYNAME 100 #define PKCS12_F_PKCS12_ADD_FRIENDLYNAME_ASC 127 #define PKCS12_F_PKCS12_ADD_FRIENDLYNAME_UNI 102 #define PKCS12_F_PKCS12_ADD_LOCALKEYID 104 #define PKCS12_F_PKCS12_CREATE 105 -#define PKCS12_F_PKCS12_DECRYPT_D2I 106 #define PKCS12_F_PKCS12_GEN_MAC 107 -#define PKCS12_F_PKCS12_I2D_ENCRYPT 108 #define PKCS12_F_PKCS12_INIT 109 +#define PKCS12_F_PKCS12_ITEM_DECRYPT_D2I 106 +#define PKCS12_F_PKCS12_ITEM_I2D_ENCRYPT 108 +#define PKCS12_F_PKCS12_ITEM_PACK_SAFEBAG 117 #define PKCS12_F_PKCS12_KEY_GEN_ASC 110 #define PKCS12_F_PKCS12_KEY_GEN_UNI 111 #define PKCS12_F_PKCS12_MAKE_KEYBAG 112 @@ -281,17 +292,16 @@ void ERR_load_PKCS12_strings(void); #define PKCS12_F_PKCS12_NEWPASS 128 #define PKCS12_F_PKCS12_PACK_P7DATA 114 #define PKCS12_F_PKCS12_PACK_P7ENCDATA 115 -#define PKCS12_F_PKCS12_PACK_SAFEBAG 117 #define PKCS12_F_PKCS12_PARSE 118 #define PKCS12_F_PKCS12_PBE_CRYPT 119 #define PKCS12_F_PKCS12_PBE_KEYIVGEN 120 #define PKCS12_F_PKCS12_SETUP_MAC 122 #define PKCS12_F_PKCS12_SET_MAC 123 -#define PKCS12_F_PKCS12_UNPACK_AUTHSAFES 129 -#define PKCS12_F_PKCS12_UNPACK_P7DATA 130 +#define PKCS12_F_PKCS12_UNPACK_AUTHSAFES 130 +#define PKCS12_F_PKCS12_UNPACK_P7DATA 131 +#define PKCS12_F_PKCS12_VERIFY_MAC 126 #define PKCS12_F_PKCS8_ADD_KEYUSAGE 124 #define PKCS12_F_PKCS8_ENCRYPT 125 -#define PKCS12_F_VERIFY_MAC 126 /* Reason codes. */ #define PKCS12_R_CANT_PACK_STRUCTURE 100 diff --git a/src/lib/libssl/src/crypto/pkcs7/Makefile b/src/lib/libssl/src/crypto/pkcs7/Makefile index a213ae2227..3f7e88b40f 100644 --- a/src/lib/libssl/src/crypto/pkcs7/Makefile +++ b/src/lib/libssl/src/crypto/pkcs7/Makefile @@ -7,11 +7,6 @@ TOP= ../.. CC= cc INCLUDES= -I.. -I$(TOP) -I../../include CFLAG=-g -INSTALL_PREFIX= -OPENSSLDIR= /usr/local/ssl -INSTALLTOP=/usr/local/ssl -MAKEDEPPROG= makedepend -MAKEDEPEND= $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG) MAKEFILE= Makefile AR= ar r @@ -72,6 +67,7 @@ links: @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS) install: + @[ -n "$(INSTALLTOP)" ] # should be set by top Makefile... @headerlist="$(EXHEADER)"; for i in $$headerlist ; \ do \ (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \ @@ -87,6 +83,7 @@ lint: lint -DLINT $(INCLUDES) $(SRC)>fluff depend: + @[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile... $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC) dclean: @@ -98,143 +95,92 @@ clean: # DO NOT DELETE THIS LINE -- make depend depends on it. -pk7_asn1.o: ../../e_os.h ../../include/openssl/aes.h -pk7_asn1.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h -pk7_asn1.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -pk7_asn1.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -pk7_asn1.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h -pk7_asn1.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -pk7_asn1.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -pk7_asn1.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -pk7_asn1.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -pk7_asn1.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -pk7_asn1.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -pk7_asn1.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h +pk7_asn1.o: ../../e_os.h ../../include/openssl/asn1.h +pk7_asn1.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h +pk7_asn1.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h +pk7_asn1.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h +pk7_asn1.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h +pk7_asn1.o: ../../include/openssl/err.h ../../include/openssl/evp.h +pk7_asn1.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h pk7_asn1.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h pk7_asn1.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -pk7_asn1.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -pk7_asn1.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -pk7_asn1.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -pk7_asn1.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -pk7_asn1.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -pk7_asn1.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -pk7_asn1.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -pk7_asn1.o: ../cryptlib.h pk7_asn1.c -pk7_attr.o: ../../include/openssl/aes.h ../../include/openssl/asn1.h -pk7_attr.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -pk7_attr.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -pk7_attr.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h -pk7_attr.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -pk7_attr.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -pk7_attr.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -pk7_attr.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -pk7_attr.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -pk7_attr.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -pk7_attr.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h +pk7_asn1.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h +pk7_asn1.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +pk7_asn1.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h +pk7_asn1.o: ../../include/openssl/x509_vfy.h ../cryptlib.h pk7_asn1.c +pk7_attr.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h +pk7_attr.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h +pk7_attr.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h +pk7_attr.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h +pk7_attr.o: ../../include/openssl/err.h ../../include/openssl/evp.h +pk7_attr.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h pk7_attr.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h pk7_attr.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h pk7_attr.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h -pk7_attr.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -pk7_attr.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -pk7_attr.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -pk7_attr.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -pk7_attr.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -pk7_attr.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -pk7_attr.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -pk7_attr.o: pk7_attr.c -pk7_doit.o: ../../e_os.h ../../include/openssl/aes.h -pk7_doit.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -pk7_doit.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -pk7_doit.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h +pk7_attr.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h +pk7_attr.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +pk7_attr.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h +pk7_attr.o: ../../include/openssl/x509_vfy.h pk7_attr.c +pk7_doit.o: ../../e_os.h ../../include/openssl/asn1.h +pk7_doit.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h pk7_doit.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h -pk7_doit.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -pk7_doit.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -pk7_doit.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -pk7_doit.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -pk7_doit.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -pk7_doit.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -pk7_doit.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h +pk7_doit.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h +pk7_doit.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h +pk7_doit.o: ../../include/openssl/err.h ../../include/openssl/evp.h +pk7_doit.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h pk7_doit.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h pk7_doit.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h pk7_doit.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h -pk7_doit.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -pk7_doit.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h -pk7_doit.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -pk7_doit.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -pk7_doit.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -pk7_doit.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h -pk7_doit.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h -pk7_doit.o: ../cryptlib.h pk7_doit.c -pk7_lib.o: ../../e_os.h ../../include/openssl/aes.h -pk7_lib.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -pk7_lib.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -pk7_lib.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -pk7_lib.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -pk7_lib.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -pk7_lib.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -pk7_lib.o: ../../include/openssl/err.h ../../include/openssl/evp.h -pk7_lib.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -pk7_lib.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -pk7_lib.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h +pk7_doit.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +pk7_doit.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +pk7_doit.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +pk7_doit.o: ../../include/openssl/x509v3.h ../cryptlib.h pk7_doit.c +pk7_lib.o: ../../e_os.h ../../include/openssl/asn1.h +pk7_lib.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h +pk7_lib.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h +pk7_lib.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h +pk7_lib.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h +pk7_lib.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h pk7_lib.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h pk7_lib.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h pk7_lib.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h -pk7_lib.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -pk7_lib.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h -pk7_lib.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -pk7_lib.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -pk7_lib.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -pk7_lib.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h -pk7_lib.o: ../../include/openssl/x509_vfy.h ../cryptlib.h pk7_lib.c -pk7_mime.o: ../../e_os.h ../../include/openssl/aes.h -pk7_mime.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -pk7_mime.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -pk7_mime.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -pk7_mime.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -pk7_mime.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -pk7_mime.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -pk7_mime.o: ../../include/openssl/err.h ../../include/openssl/evp.h -pk7_mime.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -pk7_mime.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -pk7_mime.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h +pk7_lib.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +pk7_lib.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +pk7_lib.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +pk7_lib.o: ../cryptlib.h pk7_lib.c +pk7_mime.o: ../../e_os.h ../../include/openssl/asn1.h +pk7_mime.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h +pk7_mime.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h +pk7_mime.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h +pk7_mime.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h +pk7_mime.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h pk7_mime.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h pk7_mime.o: ../../include/openssl/opensslconf.h pk7_mime.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h pk7_mime.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h -pk7_mime.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -pk7_mime.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h -pk7_mime.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -pk7_mime.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -pk7_mime.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -pk7_mime.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h -pk7_mime.o: ../../include/openssl/x509_vfy.h ../cryptlib.h pk7_mime.c -pk7_smime.o: ../../e_os.h ../../include/openssl/aes.h -pk7_smime.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -pk7_smime.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -pk7_smime.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h +pk7_mime.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +pk7_mime.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +pk7_mime.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +pk7_mime.o: ../cryptlib.h pk7_mime.c +pk7_smime.o: ../../e_os.h ../../include/openssl/asn1.h +pk7_smime.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h pk7_smime.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h -pk7_smime.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -pk7_smime.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -pk7_smime.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -pk7_smime.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -pk7_smime.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -pk7_smime.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -pk7_smime.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h +pk7_smime.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h +pk7_smime.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h +pk7_smime.o: ../../include/openssl/err.h ../../include/openssl/evp.h +pk7_smime.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h pk7_smime.o: ../../include/openssl/objects.h pk7_smime.o: ../../include/openssl/opensslconf.h pk7_smime.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -pk7_smime.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -pk7_smime.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -pk7_smime.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -pk7_smime.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -pk7_smime.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -pk7_smime.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -pk7_smime.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -pk7_smime.o: ../../include/openssl/x509v3.h ../cryptlib.h pk7_smime.c +pk7_smime.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h +pk7_smime.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +pk7_smime.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h +pk7_smime.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h +pk7_smime.o: ../cryptlib.h pk7_smime.c pkcs7err.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -pkcs7err.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h -pkcs7err.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -pkcs7err.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h +pkcs7err.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h +pkcs7err.o: ../../include/openssl/err.h ../../include/openssl/lhash.h +pkcs7err.o: ../../include/openssl/opensslconf.h pkcs7err.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h pkcs7err.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h pkcs7err.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h diff --git a/src/lib/libssl/src/crypto/pkcs7/bio_ber.c b/src/lib/libssl/src/crypto/pkcs7/bio_ber.c index 895a91177b..31973fcd1f 100644 --- a/src/lib/libssl/src/crypto/pkcs7/bio_ber.c +++ b/src/lib/libssl/src/crypto/pkcs7/bio_ber.c @@ -204,7 +204,7 @@ int bio_ber_get_header(BIO *bio, BIO_BER_CTX *ctx) if ((ctx->buf_len < BER_BUF_SIZE) && (ERR_GET_REASON(ERR_peek_error()) == ASN1_R_TOO_LONG)) { - ERR_get_error(); /* clear the error */ + ERR_clear_error(); /* clear the error */ BIO_set_retry_read(b); } return(-1); diff --git a/src/lib/libssl/src/crypto/pkcs7/example.c b/src/lib/libssl/src/crypto/pkcs7/example.c index c993947cc3..2953d04b5c 100644 --- a/src/lib/libssl/src/crypto/pkcs7/example.c +++ b/src/lib/libssl/src/crypto/pkcs7/example.c @@ -123,7 +123,7 @@ int get_signed_seq2string(PKCS7_SIGNER_INFO *si, char **str1, char **str2) so=PKCS7_get_signed_attribute(si,signed_seq2string_nid); if (so && (so->type == V_ASN1_SEQUENCE)) { - ASN1_CTX c; + ASN1_const_CTX c; ASN1_STRING *s; long length; ASN1_OCTET_STRING *os1,*os2; @@ -144,7 +144,7 @@ int get_signed_seq2string(PKCS7_SIGNER_INFO *si, char **str1, char **str2) goto err; c.slen-=(c.p-c.q); - if (!asn1_Finish(&c)) goto err; + if (!asn1_const_Finish(&c)) goto err; *str1=malloc(os1->length+1); *str2=malloc(os2->length+1); memcpy(*str1,os1->data,os1->length); @@ -290,7 +290,7 @@ int sk_get_seq2string(STACK_OF(X509_ATTRIBUTE) *sk, char **str1, char **str2) so=PKCS7_get_signed_attribute(&si,signed_seq2string_nid); if (so->type == V_ASN1_SEQUENCE) { - ASN1_CTX c; + ASN1_const_CTX c; ASN1_STRING *s; long length; ASN1_OCTET_STRING *os1,*os2; @@ -311,7 +311,7 @@ int sk_get_seq2string(STACK_OF(X509_ATTRIBUTE) *sk, char **str1, char **str2) goto err; c.slen-=(c.p-c.q); - if (!asn1_Finish(&c)) goto err; + if (!asn1_const_Finish(&c)) goto err; *str1=malloc(os1->length+1); *str2=malloc(os2->length+1); memcpy(*str1,os1->data,os1->length); diff --git a/src/lib/libssl/src/crypto/pkcs7/pk7_asn1.c b/src/lib/libssl/src/crypto/pkcs7/pk7_asn1.c index 46f0fc9375..77931feeb4 100644 --- a/src/lib/libssl/src/crypto/pkcs7/pk7_asn1.c +++ b/src/lib/libssl/src/crypto/pkcs7/pk7_asn1.c @@ -69,30 +69,31 @@ ASN1_ADB_TEMPLATE(p7default) = ASN1_EXP_OPT(PKCS7, d.other, ASN1_ANY, 0); ASN1_ADB(PKCS7) = { - ADB_ENTRY(NID_pkcs7_data, ASN1_EXP_OPT(PKCS7, d.data, ASN1_OCTET_STRING, 0)), - ADB_ENTRY(NID_pkcs7_signed, ASN1_EXP_OPT(PKCS7, d.sign, PKCS7_SIGNED, 0)), - ADB_ENTRY(NID_pkcs7_enveloped, ASN1_EXP_OPT(PKCS7, d.enveloped, PKCS7_ENVELOPE, 0)), - ADB_ENTRY(NID_pkcs7_signedAndEnveloped, ASN1_EXP_OPT(PKCS7, d.signed_and_enveloped, PKCS7_SIGN_ENVELOPE, 0)), - ADB_ENTRY(NID_pkcs7_digest, ASN1_EXP_OPT(PKCS7, d.digest, PKCS7_DIGEST, 0)), - ADB_ENTRY(NID_pkcs7_encrypted, ASN1_EXP_OPT(PKCS7, d.encrypted, PKCS7_ENCRYPT, 0)) + ADB_ENTRY(NID_pkcs7_data, ASN1_NDEF_EXP_OPT(PKCS7, d.data, ASN1_OCTET_STRING_NDEF, 0)), + ADB_ENTRY(NID_pkcs7_signed, ASN1_NDEF_EXP_OPT(PKCS7, d.sign, PKCS7_SIGNED, 0)), + ADB_ENTRY(NID_pkcs7_enveloped, ASN1_NDEF_EXP_OPT(PKCS7, d.enveloped, PKCS7_ENVELOPE, 0)), + ADB_ENTRY(NID_pkcs7_signedAndEnveloped, ASN1_NDEF_EXP_OPT(PKCS7, d.signed_and_enveloped, PKCS7_SIGN_ENVELOPE, 0)), + ADB_ENTRY(NID_pkcs7_digest, ASN1_NDEF_EXP_OPT(PKCS7, d.digest, PKCS7_DIGEST, 0)), + ADB_ENTRY(NID_pkcs7_encrypted, ASN1_NDEF_EXP_OPT(PKCS7, d.encrypted, PKCS7_ENCRYPT, 0)) } ASN1_ADB_END(PKCS7, 0, type, 0, &p7default_tt, NULL); -ASN1_SEQUENCE(PKCS7) = { +ASN1_NDEF_SEQUENCE(PKCS7) = { ASN1_SIMPLE(PKCS7, type, ASN1_OBJECT), ASN1_ADB_OBJECT(PKCS7) -}ASN1_SEQUENCE_END(PKCS7) +}ASN1_NDEF_SEQUENCE_END(PKCS7) IMPLEMENT_ASN1_FUNCTIONS(PKCS7) +IMPLEMENT_ASN1_NDEF_FUNCTION(PKCS7) IMPLEMENT_ASN1_DUP_FUNCTION(PKCS7) -ASN1_SEQUENCE(PKCS7_SIGNED) = { +ASN1_NDEF_SEQUENCE(PKCS7_SIGNED) = { ASN1_SIMPLE(PKCS7_SIGNED, version, ASN1_INTEGER), ASN1_SET_OF(PKCS7_SIGNED, md_algs, X509_ALGOR), ASN1_SIMPLE(PKCS7_SIGNED, contents, PKCS7), ASN1_IMP_SEQUENCE_OF_OPT(PKCS7_SIGNED, cert, X509, 0), ASN1_IMP_SET_OF_OPT(PKCS7_SIGNED, crl, X509_CRL, 1), ASN1_SET_OF(PKCS7_SIGNED, signer_info, PKCS7_SIGNER_INFO) -} ASN1_SEQUENCE_END(PKCS7_SIGNED) +} ASN1_NDEF_SEQUENCE_END(PKCS7_SIGNED) IMPLEMENT_ASN1_FUNCTIONS(PKCS7_SIGNED) @@ -130,11 +131,11 @@ ASN1_SEQUENCE(PKCS7_ISSUER_AND_SERIAL) = { IMPLEMENT_ASN1_FUNCTIONS(PKCS7_ISSUER_AND_SERIAL) -ASN1_SEQUENCE(PKCS7_ENVELOPE) = { +ASN1_NDEF_SEQUENCE(PKCS7_ENVELOPE) = { ASN1_SIMPLE(PKCS7_ENVELOPE, version, ASN1_INTEGER), ASN1_SET_OF(PKCS7_ENVELOPE, recipientinfo, PKCS7_RECIP_INFO), ASN1_SIMPLE(PKCS7_ENVELOPE, enc_data, PKCS7_ENC_CONTENT) -} ASN1_SEQUENCE_END(PKCS7_ENVELOPE) +} ASN1_NDEF_SEQUENCE_END(PKCS7_ENVELOPE) IMPLEMENT_ASN1_FUNCTIONS(PKCS7_ENVELOPE) @@ -157,15 +158,15 @@ ASN1_SEQUENCE_cb(PKCS7_RECIP_INFO, ri_cb) = { IMPLEMENT_ASN1_FUNCTIONS(PKCS7_RECIP_INFO) -ASN1_SEQUENCE(PKCS7_ENC_CONTENT) = { +ASN1_NDEF_SEQUENCE(PKCS7_ENC_CONTENT) = { ASN1_SIMPLE(PKCS7_ENC_CONTENT, content_type, ASN1_OBJECT), ASN1_SIMPLE(PKCS7_ENC_CONTENT, algorithm, X509_ALGOR), ASN1_IMP_OPT(PKCS7_ENC_CONTENT, enc_data, ASN1_OCTET_STRING, 0) -} ASN1_SEQUENCE_END(PKCS7_ENC_CONTENT) +} ASN1_NDEF_SEQUENCE_END(PKCS7_ENC_CONTENT) IMPLEMENT_ASN1_FUNCTIONS(PKCS7_ENC_CONTENT) -ASN1_SEQUENCE(PKCS7_SIGN_ENVELOPE) = { +ASN1_NDEF_SEQUENCE(PKCS7_SIGN_ENVELOPE) = { ASN1_SIMPLE(PKCS7_SIGN_ENVELOPE, version, ASN1_INTEGER), ASN1_SET_OF(PKCS7_SIGN_ENVELOPE, recipientinfo, PKCS7_RECIP_INFO), ASN1_SET_OF(PKCS7_SIGN_ENVELOPE, md_algs, X509_ALGOR), @@ -173,23 +174,23 @@ ASN1_SEQUENCE(PKCS7_SIGN_ENVELOPE) = { ASN1_IMP_SET_OF_OPT(PKCS7_SIGN_ENVELOPE, cert, X509, 0), ASN1_IMP_SET_OF_OPT(PKCS7_SIGN_ENVELOPE, crl, X509_CRL, 1), ASN1_SET_OF(PKCS7_SIGN_ENVELOPE, signer_info, PKCS7_SIGNER_INFO) -} ASN1_SEQUENCE_END(PKCS7_SIGN_ENVELOPE) +} ASN1_NDEF_SEQUENCE_END(PKCS7_SIGN_ENVELOPE) IMPLEMENT_ASN1_FUNCTIONS(PKCS7_SIGN_ENVELOPE) -ASN1_SEQUENCE(PKCS7_ENCRYPT) = { +ASN1_NDEF_SEQUENCE(PKCS7_ENCRYPT) = { ASN1_SIMPLE(PKCS7_ENCRYPT, version, ASN1_INTEGER), ASN1_SIMPLE(PKCS7_ENCRYPT, enc_data, PKCS7_ENC_CONTENT) -} ASN1_SEQUENCE_END(PKCS7_ENCRYPT) +} ASN1_NDEF_SEQUENCE_END(PKCS7_ENCRYPT) IMPLEMENT_ASN1_FUNCTIONS(PKCS7_ENCRYPT) -ASN1_SEQUENCE(PKCS7_DIGEST) = { +ASN1_NDEF_SEQUENCE(PKCS7_DIGEST) = { ASN1_SIMPLE(PKCS7_DIGEST, version, ASN1_INTEGER), ASN1_SIMPLE(PKCS7_DIGEST, md, X509_ALGOR), ASN1_SIMPLE(PKCS7_DIGEST, contents, PKCS7), ASN1_SIMPLE(PKCS7_DIGEST, digest, ASN1_OCTET_STRING) -} ASN1_SEQUENCE_END(PKCS7_DIGEST) +} ASN1_NDEF_SEQUENCE_END(PKCS7_DIGEST) IMPLEMENT_ASN1_FUNCTIONS(PKCS7_DIGEST) diff --git a/src/lib/libssl/src/crypto/pkcs7/pk7_attr.c b/src/lib/libssl/src/crypto/pkcs7/pk7_attr.c index 039141027a..735c8800e1 100644 --- a/src/lib/libssl/src/crypto/pkcs7/pk7_attr.c +++ b/src/lib/libssl/src/crypto/pkcs7/pk7_attr.c @@ -96,7 +96,8 @@ int PKCS7_add_attrib_smimecap(PKCS7_SIGNER_INFO *si, STACK_OF(X509_ALGOR) *cap) STACK_OF(X509_ALGOR) *PKCS7_get_smimecap(PKCS7_SIGNER_INFO *si) { ASN1_TYPE *cap; - unsigned char *p; + const unsigned char *p; + cap = PKCS7_get_signed_attribute(si, NID_SMIMECapabilities); if (!cap || (cap->type != V_ASN1_SEQUENCE)) return NULL; diff --git a/src/lib/libssl/src/crypto/pkcs7/pk7_doit.c b/src/lib/libssl/src/crypto/pkcs7/pk7_doit.c index 4ac29ae14d..a03d7ebedf 100644 --- a/src/lib/libssl/src/crypto/pkcs7/pk7_doit.c +++ b/src/lib/libssl/src/crypto/pkcs7/pk7_doit.c @@ -62,6 +62,7 @@ #include #include #include +#include static int add_attribute(STACK_OF(X509_ATTRIBUTE) **sk, int nid, int atrtype, void *value); @@ -101,18 +102,54 @@ static ASN1_OCTET_STRING *PKCS7_get_octet_string(PKCS7 *p7) return NULL; } +static int PKCS7_bio_add_digest(BIO **pbio, X509_ALGOR *alg) + { + BIO *btmp; + const EVP_MD *md; + if ((btmp=BIO_new(BIO_f_md())) == NULL) + { + PKCS7err(PKCS7_F_PKCS7_BIO_ADD_DIGEST,ERR_R_BIO_LIB); + goto err; + } + + md=EVP_get_digestbyobj(alg->algorithm); + if (md == NULL) + { + PKCS7err(PKCS7_F_PKCS7_BIO_ADD_DIGEST,PKCS7_R_UNKNOWN_DIGEST_TYPE); + goto err; + } + + BIO_set_md(btmp,md); + if (*pbio == NULL) + *pbio=btmp; + else if (!BIO_push(*pbio,btmp)) + { + PKCS7err(PKCS7_F_PKCS7_BIO_ADD_DIGEST,ERR_R_BIO_LIB); + goto err; + } + btmp=NULL; + + return 1; + + err: + if (btmp) + BIO_free(btmp); + return 0; + + } + BIO *PKCS7_dataInit(PKCS7 *p7, BIO *bio) { int i; BIO *out=NULL,*btmp=NULL; - X509_ALGOR *xa; - const EVP_MD *evp_md; + X509_ALGOR *xa = NULL; const EVP_CIPHER *evp_cipher=NULL; STACK_OF(X509_ALGOR) *md_sk=NULL; STACK_OF(PKCS7_RECIP_INFO) *rsk=NULL; X509_ALGOR *xalg=NULL; PKCS7_RECIP_INFO *ri=NULL; EVP_PKEY *pkey; + ASN1_OCTET_STRING *os=NULL; i=OBJ_obj2nid(p7->type); p7->state=PKCS7_S_HEADER; @@ -121,6 +158,7 @@ BIO *PKCS7_dataInit(PKCS7 *p7, BIO *bio) { case NID_pkcs7_signed: md_sk=p7->d.sign->md_algs; + os = PKCS7_get_octet_string(p7->d.sign->contents); break; case NID_pkcs7_signedAndEnveloped: rsk=p7->d.signed_and_enveloped->recipientinfo; @@ -145,37 +183,21 @@ BIO *PKCS7_dataInit(PKCS7 *p7, BIO *bio) goto err; } break; + case NID_pkcs7_digest: + xa = p7->d.digest->md; + os = PKCS7_get_octet_string(p7->d.digest->contents); + break; default: PKCS7err(PKCS7_F_PKCS7_DATAINIT,PKCS7_R_UNSUPPORTED_CONTENT_TYPE); goto err; } - if (md_sk != NULL) - { - for (i=0; ialgorithm); - if (evp_md == NULL) - { - PKCS7err(PKCS7_F_PKCS7_DATAINIT,PKCS7_R_UNKNOWN_DIGEST_TYPE); - goto err; - } + for (i=0; ialgorithm = OBJ_nid2obj(EVP_CIPHER_type(evp_cipher)); - if (ivlen > 0) RAND_pseudo_bytes(iv,ivlen); - EVP_CipherInit_ex(ctx, evp_cipher, NULL, key, iv, 1); + if (ivlen > 0) + if (RAND_pseudo_bytes(iv,ivlen) <= 0) + goto err; + if (EVP_CipherInit_ex(ctx, evp_cipher, NULL, NULL, NULL, 1)<=0) + goto err; + if (EVP_CIPHER_CTX_rand_key(ctx, key) <= 0) + goto err; + if (EVP_CipherInit_ex(ctx, NULL, NULL, key, iv, 1) <= 0) + goto err; if (ivlen > 0) { - if (xalg->parameter == NULL) - xalg->parameter=ASN1_TYPE_new(); + if (xalg->parameter == NULL) { + xalg->parameter = ASN1_TYPE_new(); + if (xalg->parameter == NULL) + goto err; + } if(EVP_CIPHER_param_to_asn1(ctx, xalg->parameter) < 0) - goto err; + goto err; } /* Lets do the pub key stuff :-) */ @@ -217,7 +247,8 @@ BIO *PKCS7_dataInit(PKCS7 *p7, BIO *bio) PKCS7err(PKCS7_F_PKCS7_DATAINIT,PKCS7_R_MISSING_CERIPEND_INFO); goto err; } - pkey=X509_get_pubkey(ri->cert); + if ((pkey=X509_get_pubkey(ri->cert)) == NULL) + goto err; jj=EVP_PKEY_size(pkey); EVP_PKEY_free(pkey); if (max < jj) max=jj; @@ -230,7 +261,8 @@ BIO *PKCS7_dataInit(PKCS7 *p7, BIO *bio) for (i=0; icert); + if ((pkey=X509_get_pubkey(ri->cert)) == NULL) + goto err; jj=EVP_PKEY_encrypt(tmp,key,keylen,pkey); EVP_PKEY_free(pkey); if (jj <= 0) @@ -261,24 +293,16 @@ BIO *PKCS7_dataInit(PKCS7 *p7, BIO *bio) { if (PKCS7_is_detached(p7)) bio=BIO_new(BIO_s_null()); - else + else if (os && os->length > 0) + bio = BIO_new_mem_buf(os->data, os->length); + if(bio == NULL) { - if (PKCS7_type_is_signed(p7)) - { - ASN1_OCTET_STRING *os; - os = PKCS7_get_octet_string( - p7->d.sign->contents); - if (os && os->length > 0) - bio = BIO_new_mem_buf(os->data, - os->length); - } - if(bio == NULL) - { - bio=BIO_new(BIO_s_mem()); - BIO_set_mem_eof_return(bio,0); - } + bio=BIO_new(BIO_s_mem()); + if (bio == NULL) + goto err; + BIO_set_mem_eof_return(bio,0); } - } + } BIO_push(out,bio); bio=NULL; if (0) @@ -293,6 +317,17 @@ err: return(out); } +static int pkcs7_cmp_ri(PKCS7_RECIP_INFO *ri, X509 *pcert) + { + int ret; + ret = X509_NAME_cmp(ri->issuer_and_serial->issuer, + pcert->cert_info->issuer); + if (ret) + return ret; + return M_ASN1_INTEGER_cmp(pcert->cert_info->serialNumber, + ri->issuer_and_serial->serial); + } + /* int */ BIO *PKCS7_dataDecode(PKCS7 *p7, EVP_PKEY *pkey, BIO *in_bio, X509 *pcert) { @@ -403,18 +438,18 @@ BIO *PKCS7_dataDecode(PKCS7 *p7, EVP_PKEY *pkey, BIO *in_bio, X509 *pcert) * (if any) */ - for (i=0; iissuer_and_serial->issuer, - pcert->cert_info->issuer) && - !M_ASN1_INTEGER_cmp(pcert->cert_info->serialNumber, - ri->issuer_and_serial->serial)) break; - ri=NULL; - } - if (ri == NULL) { - PKCS7err(PKCS7_F_PKCS7_DATADECODE, - PKCS7_R_NO_RECIPIENT_MATCHES_CERTIFICATE); - goto err; + if (pcert) { + for (i=0; ienc_key), - M_ASN1_STRING_length(ri->enc_key), pkey); - if (jj <= 0) + /* If we haven't got a certificate try each ri in turn */ + + if (pcert == NULL) { - PKCS7err(PKCS7_F_PKCS7_DATADECODE,ERR_R_EVP_LIB); - goto err; + for (i=0; ienc_key), + M_ASN1_STRING_length(ri->enc_key), + pkey); + if (jj > 0) + break; + ERR_clear_error(); + ri = NULL; + } + if (ri == NULL) + { + PKCS7err(PKCS7_F_PKCS7_DATADECODE, + PKCS7_R_NO_RECIPIENT_MATCHES_KEY); + goto err; + } + } + else + { + jj=EVP_PKEY_decrypt(tmp, + M_ASN1_STRING_data(ri->enc_key), + M_ASN1_STRING_length(ri->enc_key), pkey); + if (jj <= 0) + { + PKCS7err(PKCS7_F_PKCS7_DATADECODE, + ERR_R_EVP_LIB); + goto err; + } } evp_ctx=NULL; BIO_get_cipher_ctx(etmp,&evp_ctx); - EVP_CipherInit_ex(evp_ctx,evp_cipher,NULL,NULL,NULL,0); + if (EVP_CipherInit_ex(evp_ctx,evp_cipher,NULL,NULL,NULL,0) <= 0) + goto err; if (EVP_CIPHER_asn1_to_param(evp_ctx,enc_alg->parameter) < 0) goto err; @@ -451,7 +515,8 @@ BIO *PKCS7_dataDecode(PKCS7 *p7, EVP_PKEY *pkey, BIO *in_bio, X509 *pcert) goto err; } } - EVP_CipherInit_ex(evp_ctx,NULL,NULL,tmp,NULL,0); + if (EVP_CipherInit_ex(evp_ctx,NULL,NULL,tmp,NULL,0) <= 0) + goto err; OPENSSL_cleanse(tmp,jj); @@ -485,6 +550,8 @@ BIO *PKCS7_dataDecode(PKCS7 *p7, EVP_PKEY *pkey, BIO *in_bio, X509 *pcert) bio=BIO_new(BIO_s_mem()); BIO_set_mem_eof_return(bio,0); } + if (bio == NULL) + goto err; #endif } BIO_push(out,bio); @@ -504,6 +571,29 @@ err: return(out); } +static BIO *PKCS7_find_digest(EVP_MD_CTX **pmd, BIO *bio, int nid) + { + for (;;) + { + bio=BIO_find_type(bio,BIO_TYPE_MD); + if (bio == NULL) + { + PKCS7err(PKCS7_F_PKCS7_FIND_DIGEST,PKCS7_R_UNABLE_TO_FIND_MESSAGE_DIGEST); + return NULL; + } + BIO_get_md_ctx(bio,pmd); + if (*pmd == NULL) + { + PKCS7err(PKCS7_F_PKCS7_FIND_DIGEST,ERR_R_INTERNAL_ERROR); + return NULL; + } + if (EVP_MD_CTX_type(*pmd) == nid) + return bio; + bio=BIO_next(bio); + } + return NULL; + } + int PKCS7_dataFinal(PKCS7 *p7, BIO *bio) { int ret=0; @@ -528,7 +618,7 @@ int PKCS7_dataFinal(PKCS7 *p7, BIO *bio) si_sk=p7->d.signed_and_enveloped->signer_info; if (!(os=M_ASN1_OCTET_STRING_new())) { - PKCS7err(PKCS7_F_PKCS7_DATASIGN,ERR_R_MALLOC_FAILURE); + PKCS7err(PKCS7_F_PKCS7_DATAFINAL,ERR_R_MALLOC_FAILURE); goto err; } p7->d.signed_and_enveloped->enc_data->enc_data=os; @@ -537,7 +627,7 @@ int PKCS7_dataFinal(PKCS7 *p7, BIO *bio) /* XXXXXXXXXXXXXXXX */ if (!(os=M_ASN1_OCTET_STRING_new())) { - PKCS7err(PKCS7_F_PKCS7_DATASIGN,ERR_R_MALLOC_FAILURE); + PKCS7err(PKCS7_F_PKCS7_DATAFINAL,ERR_R_MALLOC_FAILURE); goto err; } p7->d.enveloped->enc_data->enc_data=os; @@ -551,13 +641,24 @@ int PKCS7_dataFinal(PKCS7 *p7, BIO *bio) p7->d.sign->contents->d.data = NULL; } break; + + case NID_pkcs7_digest: + os=PKCS7_get_octet_string(p7->d.digest->contents); + /* If detached data then the content is excluded */ + if(PKCS7_type_is_data(p7->d.digest->contents) && p7->detached) + { + M_ASN1_OCTET_STRING_free(os); + p7->d.digest->contents->d.data = NULL; + } + break; + } if (si_sk != NULL) { if ((buf=BUF_MEM_new()) == NULL) { - PKCS7err(PKCS7_F_PKCS7_DATASIGN,ERR_R_BIO_LIB); + PKCS7err(PKCS7_F_PKCS7_DATAFINAL,ERR_R_BIO_LIB); goto err; } for (i=0; idigest_alg->algorithm); btmp=bio; - for (;;) - { - if ((btmp=BIO_find_type(btmp,BIO_TYPE_MD)) - == NULL) - { - PKCS7err(PKCS7_F_PKCS7_DATASIGN,PKCS7_R_UNABLE_TO_FIND_MESSAGE_DIGEST); - goto err; - } - BIO_get_md_ctx(btmp,&mdc); - if (mdc == NULL) - { - PKCS7err(PKCS7_F_PKCS7_DATASIGN,ERR_R_INTERNAL_ERROR); - goto err; - } - if (EVP_MD_CTX_type(mdc) == j) - break; - else - btmp=BIO_next(btmp); - } - + + btmp = PKCS7_find_digest(&mdc, btmp, j); + + if (btmp == NULL) + goto err; + /* We now have the EVP_MD_CTX, lets do the * signing. */ EVP_MD_CTX_copy_ex(&ctx_tmp,mdc); if (!BUF_MEM_grow_clean(buf,EVP_PKEY_size(si->pkey))) { - PKCS7err(PKCS7_F_PKCS7_DATASIGN,ERR_R_BIO_LIB); + PKCS7err(PKCS7_F_PKCS7_DATAFINAL,ERR_R_BIO_LIB); goto err; } @@ -615,13 +702,17 @@ int PKCS7_dataFinal(PKCS7 *p7, BIO *bio) { if (!(sign_time=X509_gmtime_adj(NULL,0))) { - PKCS7err(PKCS7_F_PKCS7_DATASIGN, + PKCS7err(PKCS7_F_PKCS7_DATAFINAL, ERR_R_MALLOC_FAILURE); goto err; } - PKCS7_add_signed_attribute(si, + if (!PKCS7_add_signed_attribute(si, NID_pkcs9_signingTime, - V_ASN1_UTCTIME,sign_time); + V_ASN1_UTCTIME,sign_time)) + { + M_ASN1_UTCTIME_free(sign_time); + goto err; + } } /* Add digest */ @@ -629,20 +720,25 @@ int PKCS7_dataFinal(PKCS7 *p7, BIO *bio) EVP_DigestFinal_ex(&ctx_tmp,md_data,&md_len); if (!(digest=M_ASN1_OCTET_STRING_new())) { - PKCS7err(PKCS7_F_PKCS7_DATASIGN, + PKCS7err(PKCS7_F_PKCS7_DATAFINAL, ERR_R_MALLOC_FAILURE); goto err; } if (!M_ASN1_OCTET_STRING_set(digest,md_data, md_len)) { - PKCS7err(PKCS7_F_PKCS7_DATASIGN, + PKCS7err(PKCS7_F_PKCS7_DATAFINAL, ERR_R_MALLOC_FAILURE); + M_ASN1_OCTET_STRING_free(digest); goto err; } - PKCS7_add_signed_attribute(si, + if (!PKCS7_add_signed_attribute(si, NID_pkcs9_messageDigest, - V_ASN1_OCTET_STRING,digest); + V_ASN1_OCTET_STRING,digest)) + { + M_ASN1_OCTET_STRING_free(digest); + goto err; + } /* Now sign the attributes */ EVP_SignInit_ex(&ctx_tmp,md_tmp,NULL); @@ -657,28 +753,42 @@ int PKCS7_dataFinal(PKCS7 *p7, BIO *bio) if (si->pkey->type == EVP_PKEY_DSA) ctx_tmp.digest=EVP_dss1(); #endif +#ifndef OPENSSL_NO_ECDSA + if (si->pkey->type == EVP_PKEY_EC) + ctx_tmp.digest=EVP_ecdsa(); +#endif if (!EVP_SignFinal(&ctx_tmp,(unsigned char *)buf->data, (unsigned int *)&buf->length,si->pkey)) { - PKCS7err(PKCS7_F_PKCS7_DATASIGN,ERR_R_EVP_LIB); + PKCS7err(PKCS7_F_PKCS7_DATAFINAL,ERR_R_EVP_LIB); goto err; } if (!ASN1_STRING_set(si->enc_digest, (unsigned char *)buf->data,buf->length)) { - PKCS7err(PKCS7_F_PKCS7_DATASIGN,ERR_R_ASN1_LIB); + PKCS7err(PKCS7_F_PKCS7_DATAFINAL,ERR_R_ASN1_LIB); goto err; } } } + else if (i == NID_pkcs7_digest) + { + unsigned char md_data[EVP_MAX_MD_SIZE]; + unsigned int md_len; + if (!PKCS7_find_digest(&mdc, bio, + OBJ_obj2nid(p7->d.digest->md->algorithm))) + goto err; + EVP_DigestFinal_ex(mdc,md_data,&md_len); + M_ASN1_OCTET_STRING_set(p7->d.digest->digest, md_data, md_len); + } if (!PKCS7_is_detached(p7)) { btmp=BIO_find_type(bio,BIO_TYPE_MEM); if (btmp == NULL) { - PKCS7err(PKCS7_F_PKCS7_DATASIGN,PKCS7_R_UNABLE_TO_FIND_MEM_BIO); + PKCS7err(PKCS7_F_PKCS7_DATAFINAL,PKCS7_R_UNABLE_TO_FIND_MEM_BIO); goto err; } BIO_get_mem_ptr(btmp,&buf_mem); @@ -859,6 +969,9 @@ for (ii=0; iitype == EVP_PKEY_DSA) mdc_tmp.digest=EVP_dss1(); #endif +#ifndef OPENSSL_NO_ECDSA + if (pkey->type == EVP_PKEY_EC) mdc_tmp.digest=EVP_ecdsa(); +#endif i=EVP_VerifyFinal(&mdc_tmp,os->data,os->length, pkey); EVP_PKEY_free(pkey); @@ -883,8 +996,13 @@ PKCS7_ISSUER_AND_SERIAL *PKCS7_get_issuer_and_serial(PKCS7 *p7, int idx) int i; i=OBJ_obj2nid(p7->type); - if (i != NID_pkcs7_signedAndEnveloped) return(NULL); + if (i != NID_pkcs7_signedAndEnveloped) + return NULL; + if (p7->d.signed_and_enveloped == NULL) + return NULL; rsk=p7->d.signed_and_enveloped->recipientinfo; + if (rsk == NULL) + return NULL; ri=sk_PKCS7_RECIP_INFO_value(rsk,0); if (sk_PKCS7_RECIP_INFO_num(rsk) <= idx) return(NULL); ri=sk_PKCS7_RECIP_INFO_value(rsk,idx); @@ -938,6 +1056,8 @@ int PKCS7_set_signed_attributes(PKCS7_SIGNER_INFO *p7si, if (p7si->auth_attr != NULL) sk_X509_ATTRIBUTE_pop_free(p7si->auth_attr,X509_ATTRIBUTE_free); p7si->auth_attr=sk_X509_ATTRIBUTE_dup(sk); + if (p7si->auth_attr == NULL) + return 0; for (i=0; iauth_attr,i, @@ -956,6 +1076,8 @@ int PKCS7_set_attributes(PKCS7_SIGNER_INFO *p7si, STACK_OF(X509_ATTRIBUTE) *sk) sk_X509_ATTRIBUTE_pop_free(p7si->unauth_attr, X509_ATTRIBUTE_free); p7si->unauth_attr=sk_X509_ATTRIBUTE_dup(sk); + if (p7si->unauth_attr == NULL) + return 0; for (i=0; iunauth_attr,i, @@ -985,10 +1107,16 @@ static int add_attribute(STACK_OF(X509_ATTRIBUTE) **sk, int nid, int atrtype, if (*sk == NULL) { - *sk = sk_X509_ATTRIBUTE_new_null(); + if (!(*sk = sk_X509_ATTRIBUTE_new_null())) + return 0; new_attrib: - attr=X509_ATTRIBUTE_create(nid,atrtype,value); - sk_X509_ATTRIBUTE_push(*sk,attr); + if (!(attr=X509_ATTRIBUTE_create(nid,atrtype,value))) + return 0; + if (!sk_X509_ATTRIBUTE_push(*sk,attr)) + { + X509_ATTRIBUTE_free(attr); + return 0; + } } else { @@ -1001,7 +1129,13 @@ new_attrib: { X509_ATTRIBUTE_free(attr); attr=X509_ATTRIBUTE_create(nid,atrtype,value); - sk_X509_ATTRIBUTE_set(*sk,i,attr); + if (attr == NULL) + return 0; + if (!sk_X509_ATTRIBUTE_set(*sk,i,attr)) + { + X509_ATTRIBUTE_free(attr); + return 0; + } goto end; } } diff --git a/src/lib/libssl/src/crypto/pkcs7/pk7_lib.c b/src/lib/libssl/src/crypto/pkcs7/pk7_lib.c index ee1817c7af..f2490941a3 100644 --- a/src/lib/libssl/src/crypto/pkcs7/pk7_lib.c +++ b/src/lib/libssl/src/crypto/pkcs7/pk7_lib.c @@ -138,6 +138,10 @@ int PKCS7_set_content(PKCS7 *p7, PKCS7 *p7_data) p7->d.sign->contents=p7_data; break; case NID_pkcs7_digest: + if (p7->d.digest->contents != NULL) + PKCS7_free(p7->d.digest->contents); + p7->d.digest->contents=p7_data; + break; case NID_pkcs7_data: case NID_pkcs7_enveloped: case NID_pkcs7_signedAndEnveloped: @@ -206,6 +210,12 @@ int PKCS7_set_type(PKCS7 *p7, int type) break; case NID_pkcs7_digest: + p7->type=obj; + if ((p7->d.digest=PKCS7_DIGEST_new()) + == NULL) goto err; + if (!ASN1_INTEGER_set(p7->d.digest->version,0)) + goto err; + break; default: PKCS7err(PKCS7_F_PKCS7_SET_TYPE,PKCS7_R_UNSUPPORTED_CONTENT_TYPE); goto err; @@ -215,6 +225,13 @@ err: return(0); } +int PKCS7_set0_type_other(PKCS7 *p7, int type, ASN1_TYPE *other) + { + p7->type = OBJ_nid2obj(type); + p7->d.other = other; + return 1; + } + int PKCS7_add_signer(PKCS7 *p7, PKCS7_SIGNER_INFO *psi) { int i,j,nid; @@ -254,16 +271,23 @@ int PKCS7_add_signer(PKCS7 *p7, PKCS7_SIGNER_INFO *psi) if (!j) /* we need to add another algorithm */ { if(!(alg=X509_ALGOR_new()) - || !(alg->parameter = ASN1_TYPE_new())) { + || !(alg->parameter = ASN1_TYPE_new())) + { + X509_ALGOR_free(alg); PKCS7err(PKCS7_F_PKCS7_ADD_SIGNER,ERR_R_MALLOC_FAILURE); return(0); - } + } alg->algorithm=OBJ_nid2obj(nid); alg->parameter->type = V_ASN1_NULL; - sk_X509_ALGOR_push(md_sk,alg); + if (!sk_X509_ALGOR_push(md_sk,alg)) + { + X509_ALGOR_free(alg); + return 0; + } } - sk_PKCS7_SIGNER_INFO_push(signer_sk,psi); + if (!sk_PKCS7_SIGNER_INFO_push(signer_sk,psi)) + return 0; return(1); } @@ -288,8 +312,17 @@ int PKCS7_add_certificate(PKCS7 *p7, X509 *x509) if (*sk == NULL) *sk=sk_X509_new_null(); + if (*sk == NULL) + { + PKCS7err(PKCS7_F_PKCS7_ADD_CERTIFICATE,ERR_R_MALLOC_FAILURE); + return 0; + } CRYPTO_add(&x509->references,1,CRYPTO_LOCK_X509); - sk_X509_push(*sk,x509); + if (!sk_X509_push(*sk,x509)) + { + X509_free(x509); + return 0; + } return(1); } @@ -314,18 +347,31 @@ int PKCS7_add_crl(PKCS7 *p7, X509_CRL *crl) if (*sk == NULL) *sk=sk_X509_CRL_new_null(); + if (*sk == NULL) + { + PKCS7err(PKCS7_F_PKCS7_ADD_CRL,ERR_R_MALLOC_FAILURE); + return 0; + } CRYPTO_add(&crl->references,1,CRYPTO_LOCK_X509_CRL); - sk_X509_CRL_push(*sk,crl); + if (!sk_X509_CRL_push(*sk,crl)) + { + X509_CRL_free(crl); + return 0; + } return(1); } int PKCS7_SIGNER_INFO_set(PKCS7_SIGNER_INFO *p7i, X509 *x509, EVP_PKEY *pkey, const EVP_MD *dgst) { + int nid; char is_dsa; - if (pkey->type == EVP_PKEY_DSA) is_dsa = 1; - else is_dsa = 0; + + if (pkey->type == EVP_PKEY_DSA || pkey->type == EVP_PKEY_EC) + is_dsa = 1; + else + is_dsa = 0; /* We now need to add another PKCS7_SIGNER_INFO entry */ if (!ASN1_INTEGER_set(p7i->version,1)) goto err; @@ -355,16 +401,38 @@ int PKCS7_SIGNER_INFO_set(PKCS7_SIGNER_INFO *p7i, X509 *x509, EVP_PKEY *pkey, goto err; p7i->digest_alg->parameter->type=V_ASN1_NULL; - p7i->digest_enc_alg->algorithm=OBJ_nid2obj(EVP_PKEY_type(pkey->type)); - if (p7i->digest_enc_alg->parameter != NULL) ASN1_TYPE_free(p7i->digest_enc_alg->parameter); - if(is_dsa) p7i->digest_enc_alg->parameter = NULL; - else { + nid = EVP_PKEY_type(pkey->type); + if (nid == EVP_PKEY_RSA) + { + p7i->digest_enc_alg->algorithm=OBJ_nid2obj(NID_rsaEncryption); if (!(p7i->digest_enc_alg->parameter=ASN1_TYPE_new())) goto err; p7i->digest_enc_alg->parameter->type=V_ASN1_NULL; - } + } + else if (nid == EVP_PKEY_DSA) + { +#if 1 + /* use 'dsaEncryption' OID for compatibility with other software + * (PKCS #7 v1.5 does specify how to handle DSA) ... */ + p7i->digest_enc_alg->algorithm=OBJ_nid2obj(NID_dsa); +#else + /* ... although the 'dsaWithSHA1' OID (as required by RFC 2630 for CMS) + * would make more sense. */ + p7i->digest_enc_alg->algorithm=OBJ_nid2obj(NID_dsaWithSHA1); +#endif + p7i->digest_enc_alg->parameter = NULL; /* special case for DSA: omit 'parameter'! */ + } + else if (nid == EVP_PKEY_EC) + { + p7i->digest_enc_alg->algorithm=OBJ_nid2obj(NID_ecdsa_with_SHA1); + if (!(p7i->digest_enc_alg->parameter=ASN1_TYPE_new())) + goto err; + p7i->digest_enc_alg->parameter->type=V_ASN1_NULL; + } + else + return(0); return(1); err: @@ -381,9 +449,28 @@ PKCS7_SIGNER_INFO *PKCS7_add_signature(PKCS7 *p7, X509 *x509, EVP_PKEY *pkey, if (!PKCS7_add_signer(p7,si)) goto err; return(si); err: + PKCS7_SIGNER_INFO_free(si); return(NULL); } +int PKCS7_set_digest(PKCS7 *p7, const EVP_MD *md) + { + if (PKCS7_type_is_digest(p7)) + { + if(!(p7->d.digest->md->parameter = ASN1_TYPE_new())) + { + PKCS7err(PKCS7_F_PKCS7_SET_DIGEST,ERR_R_MALLOC_FAILURE); + return 0; + } + p7->d.digest->md->parameter->type = V_ASN1_NULL; + p7->d.digest->md->algorithm = OBJ_nid2obj(EVP_MD_nid(md)); + return 1; + } + + PKCS7err(PKCS7_F_PKCS7_SET_DIGEST,PKCS7_R_WRONG_CONTENT_TYPE); + return 1; + } + STACK_OF(PKCS7_SIGNER_INFO) *PKCS7_get_signer_info(PKCS7 *p7) { if (PKCS7_type_is_signed(p7)) @@ -407,6 +494,7 @@ PKCS7_RECIP_INFO *PKCS7_add_recipient(PKCS7 *p7, X509 *x509) if (!PKCS7_add_recipient_info(p7,ri)) goto err; return(ri); err: + PKCS7_RECIP_INFO_free(ri); return(NULL); } @@ -429,7 +517,8 @@ int PKCS7_add_recipient_info(PKCS7 *p7, PKCS7_RECIP_INFO *ri) return(0); } - sk_PKCS7_RECIP_INFO_push(sk,ri); + if (!sk_PKCS7_RECIP_INFO_push(sk,ri)) + return 0; return(1); } diff --git a/src/lib/libssl/src/crypto/pkcs7/pk7_mime.c b/src/lib/libssl/src/crypto/pkcs7/pk7_mime.c index 927b88c3e7..17b68992f7 100644 --- a/src/lib/libssl/src/crypto/pkcs7/pk7_mime.c +++ b/src/lib/libssl/src/crypto/pkcs7/pk7_mime.c @@ -1,6 +1,6 @@ /* pk7_mime.c */ /* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL - * project 1999. + * project. */ /* ==================================================================== * Copyright (c) 1999-2005 The OpenSSL Project. All rights reserved. @@ -86,6 +86,7 @@ STACK_OF(MIME_PARAM) *params; /* Zero or more parameters */ DECLARE_STACK_OF(MIME_HEADER) IMPLEMENT_STACK_OF(MIME_HEADER) +static int pkcs7_output_data(BIO *bio, BIO *data, PKCS7 *p7, int flags); static int B64_write_PKCS7(BIO *bio, PKCS7 *p7); static PKCS7 *B64_read_PKCS7(BIO *bio); static char * strip_ends(char *name); @@ -109,9 +110,6 @@ static void mime_hdr_free(MIME_HEADER *hdr); #define MAX_SMLEN 1024 #define mime_debug(x) /* x */ - -typedef void (*stkfree)(); - /* Base 64 read and write of PKCS#7 structure */ static int B64_write_PKCS7(BIO *bio, PKCS7 *p7) @@ -123,7 +121,7 @@ static int B64_write_PKCS7(BIO *bio, PKCS7 *p7) } bio = BIO_push(b64, bio); i2d_PKCS7_bio(bio, p7); - BIO_flush(bio); + (void)BIO_flush(bio); bio = BIO_pop(bio); BIO_free(b64); return 1; @@ -140,7 +138,7 @@ static PKCS7 *B64_read_PKCS7(BIO *bio) bio = BIO_push(b64, bio); if(!(p7 = d2i_PKCS7_bio(bio, NULL))) PKCS7err(PKCS7_F_B64_READ_PKCS7,PKCS7_R_DECODE_ERROR); - BIO_flush(bio); + (void)BIO_flush(bio); bio = BIO_pop(bio); BIO_free(b64); return p7; @@ -182,7 +180,7 @@ int SMIME_write_PKCS7(BIO *bio, PKCS7 *p7, BIO *data, int flags) mime_eol, mime_eol); /* Now write out the first part */ BIO_printf(bio, "------%s%s", bound, mime_eol); - SMIME_crlf_copy(data, bio, flags); + pkcs7_output_data(bio, data, p7, flags); BIO_printf(bio, "%s------%s%s", mime_eol, bound, mime_eol); /* Headers for signature */ @@ -196,7 +194,7 @@ int SMIME_write_PKCS7(BIO *bio, PKCS7 *p7, BIO *data, int flags) mime_eol, mime_eol); B64_write_PKCS7(bio, p7); BIO_printf(bio,"%s------%s--%s%s", mime_eol, bound, - mime_eol, mime_eol); + mime_eol, mime_eol); return 1; } @@ -231,6 +229,46 @@ int SMIME_write_PKCS7(BIO *bio, PKCS7 *p7, BIO *data, int flags) return 1; } +/* Handle output of PKCS#7 data */ + + +static int pkcs7_output_data(BIO *out, BIO *data, PKCS7 *p7, int flags) + { + BIO *tmpbio, *p7bio; + + if (!(flags & PKCS7_STREAM)) + { + SMIME_crlf_copy(data, out, flags); + return 1; + } + + /* Partial sign operation */ + + /* Initialize sign operation */ + p7bio = PKCS7_dataInit(p7, out); + + /* Copy data across, computing digests etc */ + SMIME_crlf_copy(data, p7bio, flags); + + /* Must be detached */ + PKCS7_set_detached(p7, 1); + + /* Finalize signatures */ + PKCS7_dataFinal(p7, p7bio); + + /* Now remove any digests prepended to the BIO */ + + while (p7bio != out) + { + tmpbio = BIO_pop(p7bio); + BIO_free(p7bio); + p7bio = tmpbio; + } + + return 1; + + } + /* SMIME reader: handle multipart/signed and opaque signing. * in multipart case the content is placed in a memory BIO * pointed to by "bcont". In opaque this is set to NULL @@ -339,56 +377,6 @@ PKCS7 *SMIME_read_PKCS7(BIO *bio, BIO **bcont) } -/* Copy text from one BIO to another making the output CRLF at EOL */ -int SMIME_crlf_copy(BIO *in, BIO *out, int flags) -{ - char eol; - int len; - char linebuf[MAX_SMLEN]; - if(flags & PKCS7_BINARY) { - while((len = BIO_read(in, linebuf, MAX_SMLEN)) > 0) - BIO_write(out, linebuf, len); - return 1; - } - if(flags & PKCS7_TEXT) BIO_printf(out, "Content-Type: text/plain\r\n\r\n"); - while ((len = BIO_gets(in, linebuf, MAX_SMLEN)) > 0) { - eol = strip_eol(linebuf, &len); - if (len) - BIO_write(out, linebuf, len); - if(eol) BIO_write(out, "\r\n", 2); - } - return 1; -} - -/* Strip off headers if they are text/plain */ -int SMIME_text(BIO *in, BIO *out) -{ - char iobuf[4096]; - int len; - STACK_OF(MIME_HEADER) *headers; - MIME_HEADER *hdr; - - if (!(headers = mime_parse_hdr(in))) { - PKCS7err(PKCS7_F_SMIME_TEXT,PKCS7_R_MIME_PARSE_ERROR); - return 0; - } - if(!(hdr = mime_hdr_find(headers, "content-type")) || !hdr->value) { - PKCS7err(PKCS7_F_SMIME_TEXT,PKCS7_R_MIME_NO_CONTENT_TYPE); - sk_MIME_HEADER_pop_free(headers, mime_hdr_free); - return 0; - } - if (strcmp (hdr->value, "text/plain")) { - PKCS7err(PKCS7_F_SMIME_TEXT,PKCS7_R_INVALID_MIME_TYPE); - ERR_add_error_data(2, "type: ", hdr->value); - sk_MIME_HEADER_pop_free(headers, mime_hdr_free); - return 0; - } - sk_MIME_HEADER_pop_free(headers, mime_hdr_free); - while ((len = BIO_read(in, iobuf, sizeof(iobuf))) > 0) - BIO_write(out, iobuf, len); - return 1; -} - /* Split a multipart/XXX message body into component parts: result is * canonical parts in a STACK of bios */ diff --git a/src/lib/libssl/src/crypto/pkcs7/pk7_smime.c b/src/lib/libssl/src/crypto/pkcs7/pk7_smime.c index 99a0d63f38..5c6b0fe24b 100644 --- a/src/lib/libssl/src/crypto/pkcs7/pk7_smime.c +++ b/src/lib/libssl/src/crypto/pkcs7/pk7_smime.c @@ -1,9 +1,9 @@ /* pk7_smime.c */ /* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL - * project 1999. + * project. */ /* ==================================================================== - * Copyright (c) 1999-2003 The OpenSSL Project. All rights reserved. + * Copyright (c) 1999-2004 The OpenSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -66,10 +66,10 @@ PKCS7 *PKCS7_sign(X509 *signcert, EVP_PKEY *pkey, STACK_OF(X509) *certs, BIO *data, int flags) { - PKCS7 *p7; + PKCS7 *p7 = NULL; PKCS7_SIGNER_INFO *si; - BIO *p7bio; - STACK_OF(X509_ALGOR) *smcap; + BIO *p7bio = NULL; + STACK_OF(X509_ALGOR) *smcap = NULL; int i; if(!X509_check_private_key(signcert, pkey)) { @@ -82,66 +82,87 @@ PKCS7 *PKCS7_sign(X509 *signcert, EVP_PKEY *pkey, STACK_OF(X509) *certs, return NULL; } - PKCS7_set_type(p7, NID_pkcs7_signed); + if (!PKCS7_set_type(p7, NID_pkcs7_signed)) + goto err; - PKCS7_content_new(p7, NID_pkcs7_data); + if (!PKCS7_content_new(p7, NID_pkcs7_data)) + goto err; - if (!(si = PKCS7_add_signature(p7,signcert,pkey,EVP_sha1()))) { + if (!(si = PKCS7_add_signature(p7,signcert,pkey,EVP_sha1()))) { PKCS7err(PKCS7_F_PKCS7_SIGN,PKCS7_R_PKCS7_ADD_SIGNATURE_ERROR); - return NULL; + goto err; } if(!(flags & PKCS7_NOCERTS)) { - PKCS7_add_certificate(p7, signcert); + if (!PKCS7_add_certificate(p7, signcert)) + goto err; if(certs) for(i = 0; i < sk_X509_num(certs); i++) - PKCS7_add_certificate(p7, sk_X509_value(certs, i)); - } - - if(!(p7bio = PKCS7_dataInit(p7, NULL))) { - PKCS7err(PKCS7_F_PKCS7_SIGN,ERR_R_MALLOC_FAILURE); - return NULL; + if (!PKCS7_add_certificate(p7, sk_X509_value(certs, i))) + goto err; } - - SMIME_crlf_copy(data, p7bio, flags); - if(!(flags & PKCS7_NOATTR)) { - PKCS7_add_signed_attribute(si, NID_pkcs9_contentType, - V_ASN1_OBJECT, OBJ_nid2obj(NID_pkcs7_data)); + if (!PKCS7_add_signed_attribute(si, NID_pkcs9_contentType, + V_ASN1_OBJECT, OBJ_nid2obj(NID_pkcs7_data))) + goto err; /* Add SMIMECapabilities */ if(!(flags & PKCS7_NOSMIMECAP)) { if(!(smcap = sk_X509_ALGOR_new_null())) { PKCS7err(PKCS7_F_PKCS7_SIGN,ERR_R_MALLOC_FAILURE); - return NULL; + goto err; } #ifndef OPENSSL_NO_DES - PKCS7_simple_smimecap (smcap, NID_des_ede3_cbc, -1); + if (!PKCS7_simple_smimecap (smcap, NID_des_ede3_cbc, -1)) + goto err; #endif #ifndef OPENSSL_NO_RC2 - PKCS7_simple_smimecap (smcap, NID_rc2_cbc, 128); - PKCS7_simple_smimecap (smcap, NID_rc2_cbc, 64); + if (!PKCS7_simple_smimecap (smcap, NID_rc2_cbc, 128)) + goto err; + if (!PKCS7_simple_smimecap (smcap, NID_rc2_cbc, 64)) + goto err; #endif #ifndef OPENSSL_NO_DES - PKCS7_simple_smimecap (smcap, NID_des_cbc, -1); + if (!PKCS7_simple_smimecap (smcap, NID_des_cbc, -1)) + goto err; #endif #ifndef OPENSSL_NO_RC2 - PKCS7_simple_smimecap (smcap, NID_rc2_cbc, 40); + if (!PKCS7_simple_smimecap (smcap, NID_rc2_cbc, 40)) + goto err; #endif - PKCS7_add_attrib_smimecap (si, smcap); + if (!PKCS7_add_attrib_smimecap (si, smcap)) + goto err; sk_X509_ALGOR_pop_free(smcap, X509_ALGOR_free); + smcap = NULL; } } if(flags & PKCS7_DETACHED)PKCS7_set_detached(p7, 1); - if (!PKCS7_dataFinal(p7,p7bio)) { + if (flags & PKCS7_STREAM) + return p7; + + + if (!(p7bio = PKCS7_dataInit(p7, NULL))) { + PKCS7err(PKCS7_F_PKCS7_SIGN,ERR_R_MALLOC_FAILURE); + goto err; + } + + SMIME_crlf_copy(data, p7bio, flags); + + + if (!PKCS7_dataFinal(p7,p7bio)) { PKCS7err(PKCS7_F_PKCS7_SIGN,PKCS7_R_PKCS7_DATASIGN); - return NULL; + goto err; } - BIO_free_all(p7bio); + BIO_free_all(p7bio); return p7; +err: + sk_X509_ALGOR_pop_free(smcap, X509_ALGOR_free); + BIO_free_all(p7bio); + PKCS7_free(p7); + return NULL; } int PKCS7_verify(PKCS7 *p7, STACK_OF(X509) *certs, X509_STORE *store, @@ -215,6 +236,8 @@ int PKCS7_verify(PKCS7 *p7, STACK_OF(X509) *certs, X509_STORE *store, sk_X509_free(signers); return 0; } + if (!(flags & PKCS7_NOCRL)) + X509_STORE_CTX_set0_crls(&cert_ctx, p7->d.sign->crl); i = X509_verify_cert(&cert_ctx); if (i <= 0) j = X509_STORE_CTX_get_error(&cert_ctx); X509_STORE_CTX_cleanup(&cert_ctx); @@ -251,7 +274,8 @@ int PKCS7_verify(PKCS7 *p7, STACK_OF(X509) *certs, X509_STORE *store, tmpin = indata; - p7bio=PKCS7_dataInit(p7,tmpin); + if (!(p7bio=PKCS7_dataInit(p7,tmpin))) + goto err; if(flags & PKCS7_TEXT) { if(!(tmpout = BIO_new(BIO_s_mem()))) { @@ -330,7 +354,7 @@ STACK_OF(X509) *PKCS7_get0_signers(PKCS7 *p7, STACK_OF(X509) *certs, int flags) if(sk_PKCS7_SIGNER_INFO_num(sinfos) <= 0) { PKCS7err(PKCS7_F_PKCS7_GET0_SIGNERS,PKCS7_R_NO_SIGNERS); - return 0; + return NULL; } if(!(signers = sk_X509_new_null())) { @@ -353,10 +377,13 @@ STACK_OF(X509) *PKCS7_get0_signers(PKCS7 *p7, STACK_OF(X509) *certs, int flags) if (!signer) { PKCS7err(PKCS7_F_PKCS7_GET0_SIGNERS,PKCS7_R_SIGNER_CERTIFICATE_NOT_FOUND); sk_X509_free(signers); - return 0; + return NULL; } - sk_X509_push(signers, signer); + if (!sk_X509_push(signers, signer)) { + sk_X509_free(signers); + return NULL; + } } return signers; } @@ -376,7 +403,8 @@ PKCS7 *PKCS7_encrypt(STACK_OF(X509) *certs, BIO *in, const EVP_CIPHER *cipher, return NULL; } - PKCS7_set_type(p7, NID_pkcs7_enveloped); + if (!PKCS7_set_type(p7, NID_pkcs7_enveloped)) + goto err; if(!PKCS7_set_cipher(p7, cipher)) { PKCS7err(PKCS7_F_PKCS7_ENCRYPT,PKCS7_R_ERROR_SETTING_CIPHER); goto err; @@ -398,7 +426,7 @@ PKCS7 *PKCS7_encrypt(STACK_OF(X509) *certs, BIO *in, const EVP_CIPHER *cipher, SMIME_crlf_copy(in, p7bio, flags); - BIO_flush(p7bio); + (void)BIO_flush(p7bio); if (!PKCS7_dataFinal(p7,p7bio)) { PKCS7err(PKCS7_F_PKCS7_ENCRYPT,PKCS7_R_PKCS7_DATAFINAL_ERROR); @@ -410,7 +438,7 @@ PKCS7 *PKCS7_encrypt(STACK_OF(X509) *certs, BIO *in, const EVP_CIPHER *cipher, err: - BIO_free(p7bio); + BIO_free_all(p7bio); PKCS7_free(p7); return NULL; @@ -432,7 +460,7 @@ int PKCS7_decrypt(PKCS7 *p7, EVP_PKEY *pkey, X509 *cert, BIO *data, int flags) return 0; } - if(!X509_check_private_key(cert, pkey)) { + if(cert && !X509_check_private_key(cert, pkey)) { PKCS7err(PKCS7_F_PKCS7_DECRYPT, PKCS7_R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE); return 0; @@ -448,10 +476,13 @@ int PKCS7_decrypt(PKCS7 *p7, EVP_PKEY *pkey, X509 *cert, BIO *data, int flags) /* Encrypt BIOs can't do BIO_gets() so add a buffer BIO */ if(!(tmpbuf = BIO_new(BIO_f_buffer()))) { PKCS7err(PKCS7_F_PKCS7_DECRYPT, ERR_R_MALLOC_FAILURE); + BIO_free_all(tmpmem); return 0; } if(!(bread = BIO_push(tmpbuf, tmpmem))) { PKCS7err(PKCS7_F_PKCS7_DECRYPT, ERR_R_MALLOC_FAILURE); + BIO_free_all(tmpbuf); + BIO_free_all(tmpmem); return 0; } ret = SMIME_text(bread, data); diff --git a/src/lib/libssl/src/crypto/pkcs7/pkcs7.h b/src/lib/libssl/src/crypto/pkcs7/pkcs7.h index 15372e18f8..cc092d262d 100644 --- a/src/lib/libssl/src/crypto/pkcs7/pkcs7.h +++ b/src/lib/libssl/src/crypto/pkcs7/pkcs7.h @@ -233,6 +233,8 @@ DECLARE_PKCS12_STACK_OF(PKCS7) (OBJ_obj2nid((a)->type) == NID_pkcs7_signedAndEnveloped) #define PKCS7_type_is_data(a) (OBJ_obj2nid((a)->type) == NID_pkcs7_data) +#define PKCS7_type_is_digest(a) (OBJ_obj2nid((a)->type) == NID_pkcs7_digest) + #define PKCS7_set_detached(p,v) \ PKCS7_ctrl(p,PKCS7_OP_SET_DETACHED_SIGNATURE,v,NULL) #define PKCS7_get_detached(p) \ @@ -262,6 +264,8 @@ DECLARE_PKCS12_STACK_OF(PKCS7) #define PKCS7_NOSMIMECAP 0x200 #define PKCS7_NOOLDMIMETYPE 0x400 #define PKCS7_CRLFEOL 0x800 +#define PKCS7_STREAM 0x1000 +#define PKCS7_NOCRL 0x2000 /* Flags: for compatibility with older code */ @@ -302,10 +306,12 @@ DECLARE_ASN1_FUNCTIONS(PKCS7) DECLARE_ASN1_ITEM(PKCS7_ATTR_SIGN) DECLARE_ASN1_ITEM(PKCS7_ATTR_VERIFY) +DECLARE_ASN1_NDEF_FUNCTION(PKCS7) long PKCS7_ctrl(PKCS7 *p7, int cmd, long larg, char *parg); int PKCS7_set_type(PKCS7 *p7, int type); +int PKCS7_set0_type_other(PKCS7 *p7, int type, ASN1_TYPE *other); int PKCS7_set_content(PKCS7 *p7, PKCS7 *p7_data); int PKCS7_SIGNER_INFO_set(PKCS7_SIGNER_INFO *p7i, X509 *x509, EVP_PKEY *pkey, const EVP_MD *dgst); @@ -326,6 +332,7 @@ BIO *PKCS7_dataDecode(PKCS7 *p7, EVP_PKEY *pkey, BIO *in_bio, X509 *pcert); PKCS7_SIGNER_INFO *PKCS7_add_signature(PKCS7 *p7, X509 *x509, EVP_PKEY *pkey, const EVP_MD *dgst); X509 *PKCS7_cert_from_signer_info(PKCS7 *p7, PKCS7_SIGNER_INFO *si); +int PKCS7_set_digest(PKCS7 *p7, const EVP_MD *md); STACK_OF(PKCS7_SIGNER_INFO) *PKCS7_get_signer_info(PKCS7 *p7); PKCS7_RECIP_INFO *PKCS7_add_recipient(PKCS7 *p7, X509 *x509); @@ -381,16 +388,20 @@ void ERR_load_PKCS7_strings(void); #define PKCS7_F_PKCS7_ADD_CRL 101 #define PKCS7_F_PKCS7_ADD_RECIPIENT_INFO 102 #define PKCS7_F_PKCS7_ADD_SIGNER 103 +#define PKCS7_F_PKCS7_BIO_ADD_DIGEST 125 #define PKCS7_F_PKCS7_CTRL 104 #define PKCS7_F_PKCS7_DATADECODE 112 +#define PKCS7_F_PKCS7_DATAFINAL 128 #define PKCS7_F_PKCS7_DATAINIT 105 #define PKCS7_F_PKCS7_DATASIGN 106 #define PKCS7_F_PKCS7_DATAVERIFY 107 #define PKCS7_F_PKCS7_DECRYPT 114 #define PKCS7_F_PKCS7_ENCRYPT 115 +#define PKCS7_F_PKCS7_FIND_DIGEST 127 #define PKCS7_F_PKCS7_GET0_SIGNERS 124 #define PKCS7_F_PKCS7_SET_CIPHER 108 #define PKCS7_F_PKCS7_SET_CONTENT 109 +#define PKCS7_F_PKCS7_SET_DIGEST 126 #define PKCS7_F_PKCS7_SET_TYPE 110 #define PKCS7_F_PKCS7_SIGN 116 #define PKCS7_F_PKCS7_SIGNATUREVERIFY 113 @@ -421,13 +432,15 @@ void ERR_load_PKCS7_strings(void); #define PKCS7_R_NO_MULTIPART_BODY_FAILURE 136 #define PKCS7_R_NO_MULTIPART_BOUNDARY 137 #define PKCS7_R_NO_RECIPIENT_MATCHES_CERTIFICATE 115 +#define PKCS7_R_NO_RECIPIENT_MATCHES_KEY 146 #define PKCS7_R_NO_SIGNATURES_ON_DATA 123 #define PKCS7_R_NO_SIGNERS 142 #define PKCS7_R_NO_SIG_CONTENT_TYPE 138 #define PKCS7_R_OPERATION_NOT_SUPPORTED_ON_THIS_TYPE 104 #define PKCS7_R_PKCS7_ADD_SIGNATURE_ERROR 124 +#define PKCS7_R_PKCS7_DATAFINAL 126 #define PKCS7_R_PKCS7_DATAFINAL_ERROR 125 -#define PKCS7_R_PKCS7_DATASIGN 126 +#define PKCS7_R_PKCS7_DATASIGN 145 #define PKCS7_R_PKCS7_PARSE_ERROR 139 #define PKCS7_R_PKCS7_SIG_PARSE_ERROR 140 #define PKCS7_R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE 127 diff --git a/src/lib/libssl/src/crypto/pkcs7/pkcs7err.c b/src/lib/libssl/src/crypto/pkcs7/pkcs7err.c index 19894c80a4..c0e3d4cd33 100644 --- a/src/lib/libssl/src/crypto/pkcs7/pkcs7err.c +++ b/src/lib/libssl/src/crypto/pkcs7/pkcs7err.c @@ -77,16 +77,20 @@ static ERR_STRING_DATA PKCS7_str_functs[]= {ERR_FUNC(PKCS7_F_PKCS7_ADD_CRL), "PKCS7_add_crl"}, {ERR_FUNC(PKCS7_F_PKCS7_ADD_RECIPIENT_INFO), "PKCS7_add_recipient_info"}, {ERR_FUNC(PKCS7_F_PKCS7_ADD_SIGNER), "PKCS7_add_signer"}, +{ERR_FUNC(PKCS7_F_PKCS7_BIO_ADD_DIGEST), "PKCS7_BIO_ADD_DIGEST"}, {ERR_FUNC(PKCS7_F_PKCS7_CTRL), "PKCS7_ctrl"}, {ERR_FUNC(PKCS7_F_PKCS7_DATADECODE), "PKCS7_dataDecode"}, +{ERR_FUNC(PKCS7_F_PKCS7_DATAFINAL), "PKCS7_dataFinal"}, {ERR_FUNC(PKCS7_F_PKCS7_DATAINIT), "PKCS7_dataInit"}, {ERR_FUNC(PKCS7_F_PKCS7_DATASIGN), "PKCS7_DATASIGN"}, {ERR_FUNC(PKCS7_F_PKCS7_DATAVERIFY), "PKCS7_dataVerify"}, {ERR_FUNC(PKCS7_F_PKCS7_DECRYPT), "PKCS7_decrypt"}, {ERR_FUNC(PKCS7_F_PKCS7_ENCRYPT), "PKCS7_encrypt"}, +{ERR_FUNC(PKCS7_F_PKCS7_FIND_DIGEST), "PKCS7_FIND_DIGEST"}, {ERR_FUNC(PKCS7_F_PKCS7_GET0_SIGNERS), "PKCS7_get0_signers"}, {ERR_FUNC(PKCS7_F_PKCS7_SET_CIPHER), "PKCS7_set_cipher"}, {ERR_FUNC(PKCS7_F_PKCS7_SET_CONTENT), "PKCS7_set_content"}, +{ERR_FUNC(PKCS7_F_PKCS7_SET_DIGEST), "PKCS7_set_digest"}, {ERR_FUNC(PKCS7_F_PKCS7_SET_TYPE), "PKCS7_set_type"}, {ERR_FUNC(PKCS7_F_PKCS7_SIGN), "PKCS7_sign"}, {ERR_FUNC(PKCS7_F_PKCS7_SIGNATUREVERIFY), "PKCS7_signatureVerify"}, @@ -120,11 +124,13 @@ static ERR_STRING_DATA PKCS7_str_reasons[]= {ERR_REASON(PKCS7_R_NO_MULTIPART_BODY_FAILURE),"no multipart body failure"}, {ERR_REASON(PKCS7_R_NO_MULTIPART_BOUNDARY),"no multipart boundary"}, {ERR_REASON(PKCS7_R_NO_RECIPIENT_MATCHES_CERTIFICATE),"no recipient matches certificate"}, +{ERR_REASON(PKCS7_R_NO_RECIPIENT_MATCHES_KEY),"no recipient matches key"}, {ERR_REASON(PKCS7_R_NO_SIGNATURES_ON_DATA),"no signatures on data"}, {ERR_REASON(PKCS7_R_NO_SIGNERS) ,"no signers"}, {ERR_REASON(PKCS7_R_NO_SIG_CONTENT_TYPE) ,"no sig content type"}, {ERR_REASON(PKCS7_R_OPERATION_NOT_SUPPORTED_ON_THIS_TYPE),"operation not supported on this type"}, {ERR_REASON(PKCS7_R_PKCS7_ADD_SIGNATURE_ERROR),"pkcs7 add signature error"}, +{ERR_REASON(PKCS7_R_PKCS7_DATAFINAL) ,"pkcs7 datafinal"}, {ERR_REASON(PKCS7_R_PKCS7_DATAFINAL_ERROR),"pkcs7 datafinal error"}, {ERR_REASON(PKCS7_R_PKCS7_DATASIGN) ,"pkcs7 datasign"}, {ERR_REASON(PKCS7_R_PKCS7_PARSE_ERROR) ,"pkcs7 parse error"}, @@ -150,15 +156,12 @@ static ERR_STRING_DATA PKCS7_str_reasons[]= void ERR_load_PKCS7_strings(void) { - static int init=1; +#ifndef OPENSSL_NO_ERR - if (init) + if (ERR_func_error_string(PKCS7_str_functs[0].error) == NULL) { - init=0; -#ifndef OPENSSL_NO_ERR ERR_load_strings(0,PKCS7_str_functs); ERR_load_strings(0,PKCS7_str_reasons); -#endif - } +#endif } diff --git a/src/lib/libssl/src/crypto/pqueue/pq_compat.h b/src/lib/libssl/src/crypto/pqueue/pq_compat.h new file mode 100644 index 0000000000..fd36578882 --- /dev/null +++ b/src/lib/libssl/src/crypto/pqueue/pq_compat.h @@ -0,0 +1,147 @@ +/* crypto/pqueue/pqueue_compat.h */ +/* + * DTLS implementation written by Nagendra Modadugu + * (nagendra@cs.stanford.edu) for the OpenSSL project 2005. + */ +/* ==================================================================== + * Copyright (c) 1999-2005 The OpenSSL Project. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * 3. All advertising materials mentioning features or use of this + * software must display the following acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" + * + * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to + * endorse or promote products derived from this software without + * prior written permission. For written permission, please contact + * openssl-core@OpenSSL.org. + * + * 5. Products derived from this software may not be called "OpenSSL" + * nor may "OpenSSL" appear in their names without prior written + * permission of the OpenSSL Project. + * + * 6. Redistributions of any form whatsoever must retain the following + * acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" + * + * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY + * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR + * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * ==================================================================== + * + * This product includes cryptographic software written by Eric Young + * (eay@cryptsoft.com). This product includes software written by Tim + * Hudson (tjh@cryptsoft.com). + * + */ + +#include +#include + +/* + * The purpose of this header file is for supporting 64-bit integer + * manipulation on 32-bit (and lower) machines. Currently the only + * such environment is VMS, Utrix and those with smaller default integer + * sizes than 32 bits. For all such environment, we fall back to using + * BIGNUM. We may need to fine tune the conditions for systems that + * are incorrectly configured. + * + * The only clients of this code are (1) pqueue for priority, and + * (2) DTLS, for sequence number manipulation. + */ + +#if (defined(THIRTY_TWO_BIT) && !defined(BN_LLONG)) || defined(SIXTEEN_BIT) || defined(EIGHT_BIT) + +#define PQ_64BIT_IS_INTEGER 0 +#define PQ_64BIT_IS_BIGNUM 1 + +#define PQ_64BIT BIGNUM +#define PQ_64BIT_CTX BN_CTX + +#define pq_64bit_init(x) BN_init(x) +#define pq_64bit_free(x) BN_free(x) + +#define pq_64bit_ctx_new(ctx) BN_CTX_new() +#define pq_64bit_ctx_free(x) BN_CTX_free(x) + +#define pq_64bit_assign(x, y) BN_copy(x, y) +#define pq_64bit_assign_word(x, y) BN_set_word(x, y) +#define pq_64bit_gt(x, y) BN_ucmp(x, y) >= 1 ? 1 : 0 +#define pq_64bit_eq(x, y) BN_ucmp(x, y) == 0 ? 1 : 0 +#define pq_64bit_add_word(x, w) BN_add_word(x, w) +#define pq_64bit_sub(r, x, y) BN_sub(r, x, y) +#define pq_64bit_sub_word(x, w) BN_sub_word(x, w) +#define pq_64bit_mod(r, x, n, ctx) BN_mod(r, x, n, ctx) + +#define pq_64bit_bin2num(bn, bytes, len) BN_bin2bn(bytes, len, bn) +#define pq_64bit_num2bin(bn, bytes) BN_bn2bin(bn, bytes) +#define pq_64bit_get_word(x) BN_get_word(x) +#define pq_64bit_is_bit_set(x, offset) BN_is_bit_set(x, offset) +#define pq_64bit_lshift(r, x, shift) BN_lshift(r, x, shift) +#define pq_64bit_set_bit(x, num) BN_set_bit(x, num) +#define pq_64bit_get_length(x) BN_num_bits((x)) + +#else + +#define PQ_64BIT_IS_INTEGER 1 +#define PQ_64BIT_IS_BIGNUM 0 + +#if defined(SIXTY_FOUR_BIT) +#define PQ_64BIT BN_ULONG +#define PQ_64BIT_PRINT "%lld" +#elif defined(SIXTY_FOUR_BIT_LONG) +#define PQ_64BIT BN_ULONG +#define PQ_64BIT_PRINT "%ld" +#elif defined(THIRTY_TWO_BIT) +#define PQ_64BIT BN_ULLONG +#define PQ_64BIT_PRINT "%lld" +#endif + +#define PQ_64BIT_CTX void + +#define pq_64bit_init(x) +#define pq_64bit_free(x) +#define pq_64bit_ctx_new(ctx) (ctx) +#define pq_64bit_ctx_free(x) + +#define pq_64bit_assign(x, y) (*(x) = *(y)) +#define pq_64bit_assign_word(x, y) (*(x) = y) +#define pq_64bit_gt(x, y) (*(x) > *(y)) +#define pq_64bit_eq(x, y) (*(x) == *(y)) +#define pq_64bit_add_word(x, w) (*(x) = (*(x) + (w))) +#define pq_64bit_sub(r, x, y) (*(r) = (*(x) - *(y))) +#define pq_64bit_sub_word(x, w) (*(x) = (*(x) - (w))) +#define pq_64bit_mod(r, x, n, ctx) + +#define pq_64bit_bin2num(num, bytes, len) bytes_to_long_long(bytes, num) +#define pq_64bit_num2bin(num, bytes) long_long_to_bytes(num, bytes) +#define pq_64bit_get_word(x) *(x) +#define pq_64bit_lshift(r, x, shift) (*(r) = (*(x) << (shift))) +#define pq_64bit_set_bit(x, num) do { \ + PQ_64BIT mask = 1; \ + mask = mask << (num); \ + *(x) |= mask; \ + } while(0) +#endif /* OPENSSL_SYS_VMS */ diff --git a/src/lib/libssl/src/crypto/rand/Makefile b/src/lib/libssl/src/crypto/rand/Makefile index b1d1a75f98..3c1ab5bbae 100644 --- a/src/lib/libssl/src/crypto/rand/Makefile +++ b/src/lib/libssl/src/crypto/rand/Makefile @@ -7,11 +7,6 @@ TOP= ../.. CC= cc INCLUDES= CFLAG=-g -INSTALL_PREFIX= -OPENSSLDIR= /usr/local/ssl -INSTALLTOP=/usr/local/ssl -MAKEDEPPROG= makedepend -MAKEDEPEND= $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG) MAKEFILE= Makefile AR= ar r @@ -23,9 +18,9 @@ APPS= LIB=$(TOP)/libcrypto.a LIBSRC=md_rand.c randfile.c rand_lib.c rand_err.c rand_egd.c \ - rand_win.c rand_unix.c rand_os2.c + rand_win.c rand_unix.c rand_os2.c rand_nw.c LIBOBJ=md_rand.o randfile.o rand_lib.o rand_err.o rand_egd.o \ - rand_win.o rand_unix.o rand_os2.o + rand_win.o rand_unix.o rand_os2.o rand_nw.o SRC= $(LIBSRC) @@ -53,6 +48,7 @@ links: @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS) install: + @[ -n "$(INSTALLTOP)" ] # should be set by top Makefile... @headerlist="$(EXHEADER)"; for i in $$headerlist ; \ do \ (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \ @@ -68,6 +64,7 @@ lint: lint -DLINT $(INCLUDES) $(SRC)>fluff depend: + @[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile... $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC) dclean: @@ -79,26 +76,16 @@ clean: # DO NOT DELETE THIS LINE -- make depend depends on it. -md_rand.o: ../../e_os.h ../../include/openssl/aes.h -md_rand.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -md_rand.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -md_rand.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h -md_rand.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -md_rand.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h +md_rand.o: ../../e_os.h ../../include/openssl/asn1.h +md_rand.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h md_rand.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -md_rand.o: ../../include/openssl/evp.h ../../include/openssl/fips.h -md_rand.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -md_rand.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -md_rand.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h +md_rand.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h md_rand.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h md_rand.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h md_rand.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h -md_rand.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -md_rand.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h -md_rand.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -md_rand.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -md_rand.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -md_rand.o: ../../include/openssl/ui_compat.h md_rand.c rand_lcl.h +md_rand.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +md_rand.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +md_rand.o: md_rand.c rand_lcl.h rand_egd.o: ../../include/openssl/buffer.h ../../include/openssl/e_os2.h rand_egd.o: ../../include/openssl/opensslconf.h rand_egd.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h @@ -110,83 +97,59 @@ rand_err.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h rand_err.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h rand_err.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h rand_err.o: rand_err.c -rand_lib.o: ../../e_os.h ../../include/openssl/asn1.h -rand_lib.o: ../../include/openssl/bio.h ../../include/openssl/bn.h +rand_lib.o: ../../e_os.h ../../include/openssl/bio.h rand_lib.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h -rand_lib.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -rand_lib.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h rand_lib.o: ../../include/openssl/e_os2.h ../../include/openssl/engine.h -rand_lib.o: ../../include/openssl/err.h ../../include/openssl/fips.h -rand_lib.o: ../../include/openssl/fips_rand.h ../../include/openssl/lhash.h +rand_lib.o: ../../include/openssl/err.h ../../include/openssl/lhash.h rand_lib.o: ../../include/openssl/opensslconf.h rand_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -rand_lib.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h -rand_lib.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h -rand_lib.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -rand_lib.o: ../../include/openssl/ui_compat.h ../cryptlib.h rand_lib.c -rand_os2.o: ../../e_os.h ../../include/openssl/aes.h -rand_os2.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -rand_os2.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -rand_os2.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -rand_os2.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -rand_os2.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -rand_os2.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h +rand_lib.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h +rand_lib.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +rand_lib.o: ../cryptlib.h rand_lib.c +rand_nw.o: ../../e_os.h ../../include/openssl/asn1.h +rand_nw.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h +rand_nw.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h +rand_nw.o: ../../include/openssl/err.h ../../include/openssl/evp.h +rand_nw.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h +rand_nw.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h +rand_nw.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +rand_nw.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h +rand_nw.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +rand_nw.o: ../../include/openssl/symhacks.h ../cryptlib.h rand_lcl.h rand_nw.c +rand_os2.o: ../../e_os.h ../../include/openssl/asn1.h +rand_os2.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h +rand_os2.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h rand_os2.o: ../../include/openssl/err.h ../../include/openssl/evp.h -rand_os2.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -rand_os2.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -rand_os2.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h -rand_os2.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -rand_os2.o: ../../include/openssl/opensslconf.h +rand_os2.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h +rand_os2.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h rand_os2.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -rand_os2.o: ../../include/openssl/rand.h ../../include/openssl/rc2.h -rand_os2.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -rand_os2.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -rand_os2.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -rand_os2.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -rand_os2.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -rand_os2.o: ../cryptlib.h rand_lcl.h rand_os2.c -rand_unix.o: ../../e_os.h ../../include/openssl/aes.h -rand_unix.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -rand_unix.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -rand_unix.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -rand_unix.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -rand_unix.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -rand_unix.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h +rand_os2.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h +rand_os2.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +rand_os2.o: ../../include/openssl/symhacks.h ../cryptlib.h rand_lcl.h +rand_os2.o: rand_os2.c +rand_unix.o: ../../e_os.h ../../include/openssl/asn1.h +rand_unix.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h +rand_unix.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h rand_unix.o: ../../include/openssl/err.h ../../include/openssl/evp.h -rand_unix.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -rand_unix.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -rand_unix.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h -rand_unix.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h +rand_unix.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h +rand_unix.o: ../../include/openssl/objects.h rand_unix.o: ../../include/openssl/opensslconf.h rand_unix.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -rand_unix.o: ../../include/openssl/rand.h ../../include/openssl/rc2.h -rand_unix.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -rand_unix.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -rand_unix.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -rand_unix.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -rand_unix.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -rand_unix.o: ../cryptlib.h rand_lcl.h rand_unix.c -rand_win.o: ../../e_os.h ../../include/openssl/aes.h -rand_win.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -rand_win.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -rand_win.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -rand_win.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -rand_win.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -rand_win.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h +rand_unix.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h +rand_unix.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +rand_unix.o: ../../include/openssl/symhacks.h ../cryptlib.h rand_lcl.h +rand_unix.o: rand_unix.c +rand_win.o: ../../e_os.h ../../include/openssl/asn1.h +rand_win.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h +rand_win.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h rand_win.o: ../../include/openssl/err.h ../../include/openssl/evp.h -rand_win.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -rand_win.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -rand_win.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h -rand_win.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -rand_win.o: ../../include/openssl/opensslconf.h +rand_win.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h +rand_win.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h rand_win.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -rand_win.o: ../../include/openssl/rand.h ../../include/openssl/rc2.h -rand_win.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -rand_win.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -rand_win.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -rand_win.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -rand_win.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -rand_win.o: ../cryptlib.h rand_lcl.h rand_win.c +rand_win.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h +rand_win.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +rand_win.o: ../../include/openssl/symhacks.h ../cryptlib.h rand_lcl.h +rand_win.o: rand_win.c randfile.o: ../../e_os.h ../../include/openssl/buffer.h randfile.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h randfile.o: ../../include/openssl/opensslconf.h diff --git a/src/lib/libssl/src/crypto/rand/md_rand.c b/src/lib/libssl/src/crypto/rand/md_rand.c index c84968df88..9783d0c23e 100644 --- a/src/lib/libssl/src/crypto/rand/md_rand.c +++ b/src/lib/libssl/src/crypto/rand/md_rand.c @@ -126,7 +126,6 @@ #include #include -#include #ifdef BN_DEBUG # define PREDICT @@ -153,7 +152,7 @@ static unsigned long locking_thread = 0; /* valid iff crypto_lock_rand is set */ int rand_predictable=0; #endif -const char *RAND_version="RAND" OPENSSL_VERSION_PTEXT; +const char RAND_version[]="RAND" OPENSSL_VERSION_PTEXT; static void ssleay_rand_cleanup(void); static void ssleay_rand_seed(const void *buf, int num); @@ -301,7 +300,7 @@ static void ssleay_rand_add(const void *buf, int num, double add) * other thread's seeding remains without effect (except for * the incremented counter). By XORing it we keep at least as * much entropy as fits into md. */ - for (k = 0; k < sizeof md; k++) + for (k = 0; k < (int)sizeof(md); k++) { md[k] ^= local_md[k]; } @@ -316,7 +315,7 @@ static void ssleay_rand_add(const void *buf, int num, double add) static void ssleay_rand_seed(const void *buf, int num) { - ssleay_rand_add(buf, num, num); + ssleay_rand_add(buf, num, (double)num); } static int ssleay_rand_bytes(unsigned char *buf, int num) @@ -333,14 +332,6 @@ static int ssleay_rand_bytes(unsigned char *buf, int num) #endif int do_stir_pool = 0; -#ifdef OPENSSL_FIPS - if(FIPS_mode()) - { - FIPSerr(FIPS_F_SSLEAY_RAND_BYTES,FIPS_R_NON_FIPS_METHOD); - return 0; - } -#endif - #ifdef PREDICT if (rand_predictable) { @@ -529,7 +520,7 @@ static int ssleay_rand_pseudo_bytes(unsigned char *buf, int num) err = ERR_peek_error(); if (ERR_GET_LIB(err) == ERR_LIB_RAND && ERR_GET_REASON(err) == RAND_R_PRNG_NOT_SEEDED) - (void)ERR_get_error(); + ERR_clear_error(); } return (ret); } diff --git a/src/lib/libssl/src/crypto/rand/rand.h b/src/lib/libssl/src/crypto/rand/rand.h index 604df9be6c..ac6c021763 100644 --- a/src/lib/libssl/src/crypto/rand/rand.h +++ b/src/lib/libssl/src/crypto/rand/rand.h @@ -72,10 +72,13 @@ extern "C" { #endif #if defined(OPENSSL_FIPS) -#define FIPS_RAND_SIZE_T int +#define FIPS_RAND_SIZE_T size_t #endif -typedef struct rand_meth_st +/* Already defined in ossl_typ.h */ +/* typedef struct rand_meth_st RAND_METHOD; */ + +struct rand_meth_st { void (*seed)(const void *buf, int num); int (*bytes)(unsigned char *buf, int num); @@ -83,7 +86,7 @@ typedef struct rand_meth_st void (*add)(const void *buf, int num, double entropy); int (*pseudorand)(unsigned char *buf, int num); int (*status)(void); - } RAND_METHOD; + }; #ifdef BN_DEBUG extern int rand_predictable; @@ -125,17 +128,11 @@ void ERR_load_RAND_strings(void); /* Error codes for the RAND functions. */ /* Function codes. */ -#define RAND_F_FIPS_RAND_BYTES 102 #define RAND_F_RAND_GET_RAND_METHOD 101 #define RAND_F_SSLEAY_RAND_BYTES 100 /* Reason codes. */ -#define RAND_R_NON_FIPS_METHOD 101 -#define RAND_R_PRNG_ASKING_FOR_TOO_MUCH 105 -#define RAND_R_PRNG_NOT_REKEYED 103 -#define RAND_R_PRNG_NOT_RESEEDED 104 #define RAND_R_PRNG_NOT_SEEDED 100 -#define RAND_R_PRNG_STUCK 102 #ifdef __cplusplus } diff --git a/src/lib/libssl/src/crypto/rand/rand_egd.c b/src/lib/libssl/src/crypto/rand/rand_egd.c index cd666abfcb..50bce6caba 100644 --- a/src/lib/libssl/src/crypto/rand/rand_egd.c +++ b/src/lib/libssl/src/crypto/rand/rand_egd.c @@ -95,7 +95,7 @@ * RAND_egd() is a wrapper for RAND_egd_bytes() with numbytes=255. */ -#if defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_VMS) || defined(OPENSSL_SYS_MSDOS) || defined(OPENSSL_SYS_VXWORKS) || defined(OPENSSL_SYS_VOS) +#if defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_VMS) || defined(OPENSSL_SYS_MSDOS) || defined(OPENSSL_SYS_VXWORKS) || defined(OPENSSL_SYS_NETWARE) || defined(OPENSSL_SYS_VOS) int RAND_query_egd_bytes(const char *path, unsigned char *buf, int bytes) { return(-1); diff --git a/src/lib/libssl/src/crypto/rand/rand_err.c b/src/lib/libssl/src/crypto/rand/rand_err.c index 97f96e1aee..386934dcd1 100644 --- a/src/lib/libssl/src/crypto/rand/rand_err.c +++ b/src/lib/libssl/src/crypto/rand/rand_err.c @@ -70,7 +70,6 @@ static ERR_STRING_DATA RAND_str_functs[]= { -{ERR_FUNC(RAND_F_FIPS_RAND_BYTES), "FIPS_RAND_BYTES"}, {ERR_FUNC(RAND_F_RAND_GET_RAND_METHOD), "RAND_get_rand_method"}, {ERR_FUNC(RAND_F_SSLEAY_RAND_BYTES), "SSLEAY_RAND_BYTES"}, {0,NULL} @@ -78,12 +77,7 @@ static ERR_STRING_DATA RAND_str_functs[]= static ERR_STRING_DATA RAND_str_reasons[]= { -{ERR_REASON(RAND_R_NON_FIPS_METHOD) ,"non fips method"}, -{ERR_REASON(RAND_R_PRNG_ASKING_FOR_TOO_MUCH),"prng asking for too much"}, -{ERR_REASON(RAND_R_PRNG_NOT_REKEYED) ,"prng not rekeyed"}, -{ERR_REASON(RAND_R_PRNG_NOT_RESEEDED) ,"prng not reseeded"}, {ERR_REASON(RAND_R_PRNG_NOT_SEEDED) ,"PRNG not seeded"}, -{ERR_REASON(RAND_R_PRNG_STUCK) ,"prng stuck"}, {0,NULL} }; @@ -91,15 +85,12 @@ static ERR_STRING_DATA RAND_str_reasons[]= void ERR_load_RAND_strings(void) { - static int init=1; +#ifndef OPENSSL_NO_ERR - if (init) + if (ERR_func_error_string(RAND_str_functs[0].error) == NULL) { - init=0; -#ifndef OPENSSL_NO_ERR ERR_load_strings(0,RAND_str_functs); ERR_load_strings(0,RAND_str_reasons); -#endif - } +#endif } diff --git a/src/lib/libssl/src/crypto/rand/rand_lib.c b/src/lib/libssl/src/crypto/rand/rand_lib.c index a21bde79de..513e338985 100644 --- a/src/lib/libssl/src/crypto/rand/rand_lib.c +++ b/src/lib/libssl/src/crypto/rand/rand_lib.c @@ -63,8 +63,6 @@ #ifndef OPENSSL_NO_ENGINE #include #endif -#include -#include #ifndef OPENSSL_NO_ENGINE /* non-NULL if default_RAND_meth is ENGINE-provided */ @@ -104,22 +102,8 @@ const RAND_METHOD *RAND_get_rand_method(void) funct_ref = e; else #endif -#ifdef OPENSSL_FIPS - if(FIPS_mode()) - default_RAND_meth=FIPS_rand_method(); - else -#endif - default_RAND_meth = RAND_SSLeay(); + default_RAND_meth = RAND_SSLeay(); } - -#ifdef OPENSSL_FIPS - if(FIPS_mode() - && default_RAND_meth != FIPS_rand_check()) - { - RANDerr(RAND_F_RAND_GET_RAND_METHOD,RAND_R_NON_FIPS_METHOD); - return 0; - } -#endif return default_RAND_meth; } diff --git a/src/lib/libssl/src/crypto/rand/rand_unix.c b/src/lib/libssl/src/crypto/rand/rand_unix.c index 9376554fae..6c2be5cb96 100644 --- a/src/lib/libssl/src/crypto/rand/rand_unix.c +++ b/src/lib/libssl/src/crypto/rand/rand_unix.c @@ -56,7 +56,7 @@ * [including the GNU Public Licence.] */ /* ==================================================================== - * Copyright (c) 1998-2000 The OpenSSL Project. All rights reserved. + * Copyright (c) 1998-2006 The OpenSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -108,6 +108,7 @@ * Hudson (tjh@cryptsoft.com). * */ +#include #define USE_SOCKETS #include "e_os.h" @@ -115,7 +116,7 @@ #include #include "rand_lcl.h" -#if !(defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_VMS) || defined(OPENSSL_SYS_OS2) || defined(OPENSSL_SYS_VXWORKS)) +#if !(defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_VMS) || defined(OPENSSL_SYS_OS2) || defined(OPENSSL_SYS_VXWORKS) || defined(OPENSSL_SYS_NETWARE)) #include #include @@ -124,6 +125,13 @@ #include #include #include +#if defined(OPENSSL_SYS_LINUX) /* should actually be available virtually everywhere */ +# include +#endif +#include +#ifndef FD_SETSIZE +# define FD_SETSIZE (8*sizeof(fd_set)) +#endif #ifdef __OpenBSD__ int RAND_poll(void) @@ -142,7 +150,7 @@ int RAND_poll(void) return 1; } -#else +#else /* !defined(__OpenBSD__) */ int RAND_poll(void) { unsigned long l; @@ -154,7 +162,8 @@ int RAND_poll(void) #ifdef DEVRANDOM static const char *randomfiles[] = { DEVRANDOM }; struct stat randomstats[sizeof(randomfiles)/sizeof(randomfiles[0])]; - int fd,i; + int fd; + size_t i; #endif #ifdef DEVRANDOM_EGD static const char *egdsockets[] = { DEVRANDOM_EGD, NULL }; @@ -182,10 +191,9 @@ int RAND_poll(void) #endif )) >= 0) { - struct timeval t = { 0, 10*1000 }; /* Spend 10ms on - each file. */ - int r,j; - fd_set fset; + int usec = 10*1000; /* spend 10ms on each file */ + int r; + size_t j; struct stat *st=&randomstats[i]; /* Avoid using same input... Used to be O_NOFOLLOW @@ -201,35 +209,75 @@ int RAND_poll(void) do { - FD_ZERO(&fset); - FD_SET(fd, &fset); - r = -1; + int try_read = 0; - if (select(fd+1,&fset,NULL,NULL,&t) < 0) - t.tv_usec=0; - else if (FD_ISSET(fd, &fset)) +#if defined(OPENSSL_SYS_LINUX) + /* use poll() */ + struct pollfd pset; + + pset.fd = fd; + pset.events = POLLIN; + pset.revents = 0; + + if (poll(&pset, 1, usec / 1000) < 0) + usec = 0; + else + try_read = (pset.revents & POLLIN) != 0; + +#else + /* use select() */ + fd_set fset; + struct timeval t; + + t.tv_sec = 0; + t.tv_usec = usec; + + if (FD_SETSIZE > 0 && fd >= FD_SETSIZE) + { + /* can't use select, so just try to read once anyway */ + try_read = 1; + } + else + { + FD_ZERO(&fset); + FD_SET(fd, &fset); + + if (select(fd+1,&fset,NULL,NULL,&t) >= 0) + { + usec = t.tv_usec; + if (FD_ISSET(fd, &fset)) + try_read = 1; + } + else + usec = 0; + } +#endif + + if (try_read) { - r=read(fd,(unsigned char *)tmpbuf+n, - ENTROPY_NEEDED-n); + r = read(fd,(unsigned char *)tmpbuf+n, ENTROPY_NEEDED-n); if (r > 0) n += r; } - - /* Some Unixen will update t, some - won't. For those who won't, give - up here, otherwise, we will do + else + r = -1; + + /* Some Unixen will update t in select(), some + won't. For those who won't, or if we + didn't use select() in the first place, + give up here, otherwise, we will do this once again for the remaining time. */ - if (t.tv_usec == 10*1000) - t.tv_usec=0; + if (usec == 10*1000) + usec = 0; } - while ((r > 0 || (errno == EINTR || errno == EAGAIN)) - && t.tv_usec != 0 && n < ENTROPY_NEEDED); + while ((r > 0 || + (errno == EINTR || errno == EAGAIN)) && usec != 0 && n < ENTROPY_NEEDED); close(fd); } } -#endif +#endif /* defined(DEVRANDOM) */ #ifdef DEVRANDOM_EGD /* Use an EGD socket to read entropy from an EGD or PRNGD entropy @@ -244,24 +292,24 @@ int RAND_poll(void) if (r > 0) n += r; } -#endif +#endif /* defined(DEVRANDOM_EGD) */ #if defined(DEVRANDOM) || defined(DEVRANDOM_EGD) if (n > 0) { - RAND_add(tmpbuf,sizeof tmpbuf,n); + RAND_add(tmpbuf,sizeof tmpbuf,(double)n); OPENSSL_cleanse(tmpbuf,n); } #endif /* put in some default random data, we need more than just this */ l=curr_pid; - RAND_add(&l,sizeof(l),0); + RAND_add(&l,sizeof(l),0.0); l=getuid(); - RAND_add(&l,sizeof(l),0); + RAND_add(&l,sizeof(l),0.0); l=time(NULL); - RAND_add(&l,sizeof(l),0); + RAND_add(&l,sizeof(l),0.0); #if defined(DEVRANDOM) || defined(DEVRANDOM_EGD) return 1; @@ -270,12 +318,13 @@ int RAND_poll(void) #endif } -#endif -#endif +#endif /* defined(__OpenBSD__) */ +#endif /* !(defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_VMS) || defined(OPENSSL_SYS_OS2) || defined(OPENSSL_SYS_VXWORKS) || defined(OPENSSL_SYS_NETWARE)) */ + #if defined(OPENSSL_SYS_VXWORKS) int RAND_poll(void) -{ - return 0; -} + { + return 0; + } #endif diff --git a/src/lib/libssl/src/crypto/rand/rand_win.c b/src/lib/libssl/src/crypto/rand/rand_win.c index 30c69161ef..00dbe4232c 100644 --- a/src/lib/libssl/src/crypto/rand/rand_win.c +++ b/src/lib/libssl/src/crypto/rand/rand_win.c @@ -121,6 +121,10 @@ #include #include +/* Limit the time spent walking through the heap, processes, threads and modules to + a maximum of 1000 miliseconds each, unless CryptoGenRandom failed */ +#define MAXDELAY 1000 + /* Intel hardware RNG CSP -- available from * http://developer.intel.com/design/security/rng/redist_license.htm */ @@ -152,6 +156,7 @@ typedef struct tagCURSORINFO #define CURSOR_SHOWING 0x00000001 #endif /* CURSOR_SHOWING */ +#if !defined(OPENSSL_SYS_WINCE) typedef BOOL (WINAPI *CRYPTACQUIRECONTEXTW)(HCRYPTPROV *, LPCWSTR, LPCWSTR, DWORD, DWORD); typedef BOOL (WINAPI *CRYPTGENRANDOM)(HCRYPTPROV, DWORD, BYTE *); @@ -163,7 +168,7 @@ typedef DWORD (WINAPI *GETQUEUESTATUS)(UINT); typedef HANDLE (WINAPI *CREATETOOLHELP32SNAPSHOT)(DWORD, DWORD); typedef BOOL (WINAPI *CLOSETOOLHELP32SNAPSHOT)(HANDLE); -typedef BOOL (WINAPI *HEAP32FIRST)(LPHEAPENTRY32, DWORD, DWORD); +typedef BOOL (WINAPI *HEAP32FIRST)(LPHEAPENTRY32, DWORD, size_t); typedef BOOL (WINAPI *HEAP32NEXT)(LPHEAPENTRY32); typedef BOOL (WINAPI *HEAP32LIST)(HANDLE, LPHEAPLIST32); typedef BOOL (WINAPI *PROCESS32)(HANDLE, LPPROCESSENTRY32); @@ -171,9 +176,7 @@ typedef BOOL (WINAPI *THREAD32)(HANDLE, LPTHREADENTRY32); typedef BOOL (WINAPI *MODULE32)(HANDLE, LPMODULEENTRY32); #include -#ifndef OPENSSL_SYS_WINCE #include -#endif #if 1 /* The NET API is Unicode only. It requires the use of the UNICODE * macro. When UNICODE is defined LPTSTR becomes LPWSTR. LMSTR was * was added to the Platform SDK to allow the NET API to be used in @@ -184,26 +187,14 @@ typedef NET_API_STATUS (NET_API_FUNCTION * NETSTATGET) (LPWSTR, LPWSTR, DWORD, DWORD, LPBYTE*); typedef NET_API_STATUS (NET_API_FUNCTION * NETFREE)(LPBYTE); #endif /* 1 */ +#endif /* !OPENSSL_SYS_WINCE */ int RAND_poll(void) { MEMORYSTATUS m; HCRYPTPROV hProvider = 0; - BYTE buf[64]; DWORD w; - HWND h; - - HMODULE advapi, kernel, user, netapi; - CRYPTACQUIRECONTEXTW acquire = 0; - CRYPTGENRANDOM gen = 0; - CRYPTRELEASECONTEXT release = 0; -#if 1 /* There was previously a problem with NETSTATGET. Currently, this - * section is still experimental, but if all goes well, this conditional - * will be removed - */ - NETSTATGET netstatget = 0; - NETFREE netfree = 0; -#endif /* 1 */ + int good = 0; /* Determine the OS version we are on so we can turn off things * that do not work properly. @@ -212,21 +203,24 @@ int RAND_poll(void) osverinfo.dwOSVersionInfoSize = sizeof(OSVERSIONINFO) ; GetVersionEx( &osverinfo ) ; -#if defined(OPENSSL_SYS_WINCE) && WCEPLATFORM!=MS_HPC_PRO -#ifndef CryptAcquireContext -#define CryptAcquireContext CryptAcquireContextW -#endif +#if defined(OPENSSL_SYS_WINCE) +# if defined(_WIN32_WCE) && _WIN32_WCE>=300 +/* Even though MSDN says _WIN32_WCE>=210, it doesn't seem to be available + * in commonly available implementations prior 300... */ + { + BYTE buf[64]; /* poll the CryptoAPI PRNG */ /* The CryptoAPI returns sizeof(buf) bytes of randomness */ - if (CryptAcquireContext(&hProvider, 0, 0, PROV_RSA_FULL, CRYPT_VERIFYCONTEXT)) + if (CryptAcquireContextW(&hProvider, NULL, NULL, PROV_RSA_FULL, + CRYPT_VERIFYCONTEXT)) { if (CryptGenRandom(hProvider, sizeof(buf), buf)) RAND_add(buf, sizeof(buf), sizeof(buf)); CryptReleaseContext(hProvider, 0); } -#endif - -#ifndef OPENSSL_SYS_WINCE + } +# endif +#else /* OPENSSL_SYS_WINCE */ /* * None of below libraries are present on Windows CE, which is * why we #ifndef the whole section. This also excuses us from @@ -240,17 +234,19 @@ int RAND_poll(void) * implement own shim routine, which would accept ANSI argument * and expand it to Unicode. */ - + { /* load functions dynamically - not available on all systems */ - advapi = LoadLibrary(TEXT("ADVAPI32.DLL")); - kernel = LoadLibrary(TEXT("KERNEL32.DLL")); - user = LoadLibrary(TEXT("USER32.DLL")); - netapi = LoadLibrary(TEXT("NETAPI32.DLL")); - -#if 1 /* There was previously a problem with NETSTATGET. Currently, this - * section is still experimental, but if all goes well, this conditional - * will be removed - */ + HMODULE advapi = LoadLibrary(TEXT("ADVAPI32.DLL")); + HMODULE kernel = LoadLibrary(TEXT("KERNEL32.DLL")); + HMODULE user = NULL; + HMODULE netapi = LoadLibrary(TEXT("NETAPI32.DLL")); + CRYPTACQUIRECONTEXTW acquire = NULL; + CRYPTGENRANDOM gen = NULL; + CRYPTRELEASECONTEXT release = NULL; + NETSTATGET netstatget = NULL; + NETFREE netfree = NULL; + BYTE buf[64]; + if (netapi) { netstatget = (NETSTATGET) GetProcAddress(netapi,"NetStatisticsGet"); @@ -280,7 +276,6 @@ int RAND_poll(void) if (netapi) FreeLibrary(netapi); -#endif /* 1 */ /* It appears like this can cause an exception deep within ADVAPI32.DLL * at random times on Windows 2000. Reported by Jeffrey Altman. @@ -356,12 +351,13 @@ int RAND_poll(void) { /* poll the CryptoAPI PRNG */ /* The CryptoAPI returns sizeof(buf) bytes of randomness */ - if (acquire(&hProvider, 0, 0, PROV_RSA_FULL, + if (acquire(&hProvider, NULL, NULL, PROV_RSA_FULL, CRYPT_VERIFYCONTEXT)) { if (gen(hProvider, sizeof(buf), buf) != 0) { RAND_add(buf, sizeof(buf), 0); + good = 1; #if 0 printf("randomness from PROV_RSA_FULL\n"); #endif @@ -375,6 +371,7 @@ int RAND_poll(void) if (gen(hProvider, sizeof(buf), buf) != 0) { RAND_add(buf, sizeof(buf), sizeof(buf)); + good = 1; #if 0 printf("randomness from PROV_INTEL_SEC\n"); #endif @@ -386,7 +383,9 @@ int RAND_poll(void) if (advapi) FreeLibrary(advapi); - if (user) + if ((osverinfo.dwPlatformId != VER_PLATFORM_WIN32_NT || + !OPENSSL_isservice()) && + (user = LoadLibrary(TEXT("USER32.DLL")))) { GETCURSORINFO cursor; GETFOREGROUNDWINDOW win; @@ -399,7 +398,7 @@ int RAND_poll(void) if (win) { /* window handle */ - h = win(); + HWND h = win(); RAND_add(&h, sizeof(h), 0); } if (cursor) @@ -464,6 +463,7 @@ int RAND_poll(void) PROCESSENTRY32 p; THREADENTRY32 t; MODULEENTRY32 m; + DWORD stoptime = 0; snap = (CREATETOOLHELP32SNAPSHOT) GetProcAddress(kernel, "CreateToolhelp32Snapshot"); @@ -495,6 +495,7 @@ int RAND_poll(void) * of entropy. */ hlist.dwSize = sizeof(HEAPLIST32); + if (good) stoptime = GetTickCount() + MAXDELAY; if (heaplist_first(handle, &hlist)) do { @@ -512,18 +513,20 @@ int RAND_poll(void) && --entrycnt > 0); } } while (heaplist_next(handle, - &hlist)); - + &hlist) && GetTickCount() < stoptime); + /* process walking */ /* PROCESSENTRY32 contains 9 fields that will change * with each entry. Consider each field a source of * 1 byte of entropy. */ p.dwSize = sizeof(PROCESSENTRY32); + + if (good) stoptime = GetTickCount() + MAXDELAY; if (process_first(handle, &p)) do RAND_add(&p, p.dwSize, 9); - while (process_next(handle, &p)); + while (process_next(handle, &p) && GetTickCount() < stoptime); /* thread walking */ /* THREADENTRY32 contains 6 fields that will change @@ -531,10 +534,11 @@ int RAND_poll(void) * 1 byte of entropy. */ t.dwSize = sizeof(THREADENTRY32); + if (good) stoptime = GetTickCount() + MAXDELAY; if (thread_first(handle, &t)) do RAND_add(&t, t.dwSize, 6); - while (thread_next(handle, &t)); + while (thread_next(handle, &t) && GetTickCount() < stoptime); /* module walking */ /* MODULEENTRY32 contains 9 fields that will change @@ -542,18 +546,22 @@ int RAND_poll(void) * 1 byte of entropy. */ m.dwSize = sizeof(MODULEENTRY32); + if (good) stoptime = GetTickCount() + MAXDELAY; if (module_first(handle, &m)) do RAND_add(&m, m.dwSize, 9); - while (module_next(handle, &m)); + while (module_next(handle, &m) + && (GetTickCount() < stoptime)); if (close_snap) close_snap(handle); else CloseHandle(handle); + } FreeLibrary(kernel); } + } #endif /* !OPENSSL_SYS_WINCE */ /* timer data */ @@ -693,6 +701,9 @@ static void readscreen(void) int y; /* y-coordinate of screen lines to grab */ int n = 16; /* number of screen lines to grab at a time */ + if (GetVersion() >= 0x80000000 || !OPENSSL_isservice()) + return; + /* Create a screen DC and a memory DC compatible to screen DC */ hScrDC = CreateDC(TEXT("DISPLAY"), NULL, NULL, NULL); hMemDC = CreateCompatibleDC(hScrDC); diff --git a/src/lib/libssl/src/crypto/rand/randfile.c b/src/lib/libssl/src/crypto/rand/randfile.c index 7183fa32e4..6c0ec9a41c 100644 --- a/src/lib/libssl/src/crypto/rand/randfile.c +++ b/src/lib/libssl/src/crypto/rand/randfile.c @@ -102,10 +102,8 @@ int RAND_load_file(const char *file, long bytes) if (file == NULL) return(0); - i=stat(file,&sb); - /* If the state fails, put some crap in anyway */ - RAND_add(&sb,sizeof(sb),0); - if (i < 0) return(0); + if (stat(file,&sb) < 0) return(0); + RAND_add(&sb,sizeof(sb),0.0); if (bytes == 0) return(ret); in=fopen(file,"rb"); @@ -128,8 +126,12 @@ int RAND_load_file(const char *file, long bytes) n = BUFSIZE; i=fread(buf,1,n,in); if (i <= 0) break; +#ifdef PURIFY + RAND_add(buf,i,(double)i); +#else /* even if n != i, use the full array */ - RAND_add(buf,n,i); + RAND_add(buf,n,(double)i); +#endif ret+=i; if (bytes > 0) { diff --git a/src/lib/libssl/src/crypto/rand/randtest.c b/src/lib/libssl/src/crypto/rand/randtest.c index 701932e6ee..9e92a70b03 100644 --- a/src/lib/libssl/src/crypto/rand/randtest.c +++ b/src/lib/libssl/src/crypto/rand/randtest.c @@ -65,7 +65,7 @@ /* some FIPS 140-1 random number test */ /* some simple tests */ -int main() +int main(int argc,char **argv) { unsigned char buf[2500]; int i,j,k,s,sign,nsign,err=0; @@ -211,6 +211,9 @@ int main() printf("test 4 done\n"); err: err=((err)?1:0); +#ifdef OPENSSL_SYS_NETWARE + if (err) printf("ERROR: %d\n", err); +#endif EXIT(err); return(err); } diff --git a/src/lib/libssl/src/crypto/rc2/Makefile b/src/lib/libssl/src/crypto/rc2/Makefile index 34080ab741..73eac347e7 100644 --- a/src/lib/libssl/src/crypto/rc2/Makefile +++ b/src/lib/libssl/src/crypto/rc2/Makefile @@ -7,11 +7,6 @@ TOP= ../.. CC= cc INCLUDES= CFLAG=-g -INSTALL_PREFIX= -OPENSSLDIR= /usr/local/ssl -INSTALLTOP=/usr/local/ssl -MAKEDEPPROG= makedepend -MAKEDEPEND= $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG) MAKEFILE= Makefile AR= ar r @@ -51,6 +46,7 @@ links: @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS) install: + @[ -n "$(INSTALLTOP)" ] # should be set by top Makefile... @headerlist="$(EXHEADER)"; for i in $$headerlist ; \ do \ (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \ @@ -66,6 +62,7 @@ lint: lint -DLINT $(INCLUDES) $(SRC)>fluff depend: + @[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile... $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC) dclean: @@ -81,11 +78,8 @@ rc2_cbc.o: ../../include/openssl/opensslconf.h ../../include/openssl/rc2.h rc2_cbc.o: rc2_cbc.c rc2_locl.h rc2_ecb.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h rc2_ecb.o: ../../include/openssl/rc2.h rc2_ecb.c rc2_locl.h -rc2_skey.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h -rc2_skey.o: ../../include/openssl/fips.h ../../include/openssl/opensslconf.h -rc2_skey.o: ../../include/openssl/opensslv.h ../../include/openssl/rc2.h -rc2_skey.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h -rc2_skey.o: ../../include/openssl/symhacks.h rc2_locl.h rc2_skey.c +rc2_skey.o: ../../include/openssl/opensslconf.h ../../include/openssl/rc2.h +rc2_skey.o: rc2_locl.h rc2_skey.c rc2cfb64.o: ../../include/openssl/opensslconf.h ../../include/openssl/rc2.h rc2cfb64.o: rc2_locl.h rc2cfb64.c rc2ofb64.o: ../../include/openssl/opensslconf.h ../../include/openssl/rc2.h diff --git a/src/lib/libssl/src/crypto/rc2/rc2.h b/src/lib/libssl/src/crypto/rc2/rc2.h index 71788158d8..34c8362317 100644 --- a/src/lib/libssl/src/crypto/rc2/rc2.h +++ b/src/lib/libssl/src/crypto/rc2/rc2.h @@ -59,6 +59,7 @@ #ifndef HEADER_RC2_H #define HEADER_RC2_H +#include /* OPENSSL_NO_RC2, RC2_INT */ #ifdef OPENSSL_NO_RC2 #error RC2 is disabled. #endif @@ -66,7 +67,6 @@ #define RC2_ENCRYPT 1 #define RC2_DECRYPT 0 -#include /* RC2_INT */ #define RC2_BLOCK 8 #define RC2_KEY_LENGTH 16 @@ -79,10 +79,7 @@ typedef struct rc2_key_st RC2_INT data[64]; } RC2_KEY; -#ifdef OPENSSL_FIPS -void private_RC2_set_key(RC2_KEY *key, int len, const unsigned char *data, - int bits); -#endif + void RC2_set_key(RC2_KEY *key, int len, const unsigned char *data,int bits); void RC2_ecb_encrypt(const unsigned char *in,unsigned char *out,RC2_KEY *key, int enc); diff --git a/src/lib/libssl/src/crypto/rc2/rc2_ecb.c b/src/lib/libssl/src/crypto/rc2/rc2_ecb.c index d3e8c2718a..fff86c7af8 100644 --- a/src/lib/libssl/src/crypto/rc2/rc2_ecb.c +++ b/src/lib/libssl/src/crypto/rc2/rc2_ecb.c @@ -60,7 +60,7 @@ #include "rc2_locl.h" #include -const char *RC2_version="RC2" OPENSSL_VERSION_PTEXT; +const char RC2_version[]="RC2" OPENSSL_VERSION_PTEXT; /* RC2 as implemented frm a posting from * Newsgroups: sci.crypt diff --git a/src/lib/libssl/src/crypto/rc2/rc2_skey.c b/src/lib/libssl/src/crypto/rc2/rc2_skey.c index 9652865188..4953642056 100644 --- a/src/lib/libssl/src/crypto/rc2/rc2_skey.c +++ b/src/lib/libssl/src/crypto/rc2/rc2_skey.c @@ -57,8 +57,6 @@ */ #include -#include -#include #include "rc2_locl.h" static unsigned char key_table[256]={ @@ -86,25 +84,17 @@ static unsigned char key_table[256]={ 0xfe,0x7f,0xc1,0xad, }; +#if defined(_MSC_VER) && defined(_ARM_) +#pragma optimize("g",off) +#endif + /* It has come to my attention that there are 2 versions of the RC2 * key schedule. One which is normal, and anther which has a hook to * use a reduced key length. * BSAFE uses the 'retarded' version. What I previously shipped is * the same as specifying 1024 for the 'bits' parameter. Bsafe uses * a version where the bits parameter is the same as len*8 */ - -#ifdef OPENSSL_FIPS -void RC2_set_key(RC2_KEY *key, int len, const unsigned char *data, int bits) - { - if (FIPS_mode()) - FIPS_BAD_ABORT(RC2) - private_RC2_set_key(key, len, data, bits); - } -void private_RC2_set_key(RC2_KEY *key, int len, const unsigned char *data, - int bits) -#else void RC2_set_key(RC2_KEY *key, int len, const unsigned char *data, int bits) -#endif { int i,j; unsigned char *k; @@ -150,3 +140,6 @@ void RC2_set_key(RC2_KEY *key, int len, const unsigned char *data, int bits) *(ki--)=((k[i]<<8)|k[i-1])&0xffff; } +#if defined(_MSC_VER) +#pragma optimize("",on) +#endif diff --git a/src/lib/libssl/src/crypto/rc2/rc2speed.c b/src/lib/libssl/src/crypto/rc2/rc2speed.c index 4d0e1242ea..85cf6f65bf 100644 --- a/src/lib/libssl/src/crypto/rc2/rc2speed.c +++ b/src/lib/libssl/src/crypto/rc2/rc2speed.c @@ -69,7 +69,10 @@ #include OPENSSL_UNISTD_IO OPENSSL_DECLARE_EXIT +#ifndef OPENSSL_SYS_NETWARE #include +#endif + #ifndef _IRIX #include #endif diff --git a/src/lib/libssl/src/crypto/rc2/rc2test.c b/src/lib/libssl/src/crypto/rc2/rc2test.c index b67bafb49f..0e117436bb 100644 --- a/src/lib/libssl/src/crypto/rc2/rc2test.c +++ b/src/lib/libssl/src/crypto/rc2/rc2test.c @@ -205,6 +205,9 @@ int main(int argc, char *argv[]) printf("ok\n"); #endif +#ifdef OPENSSL_SYS_NETWARE + if (err) printf("ERROR: %d\n", err); +#endif EXIT(err); return(err); } diff --git a/src/lib/libssl/src/crypto/rc4/Makefile b/src/lib/libssl/src/crypto/rc4/Makefile index 20d078ec87..187ed5c668 100644 --- a/src/lib/libssl/src/crypto/rc4/Makefile +++ b/src/lib/libssl/src/crypto/rc4/Makefile @@ -8,23 +8,13 @@ CC= cc CPP= $(CC) -E INCLUDES= CFLAG=-g -INSTALL_PREFIX= -OPENSSLDIR= /usr/local/ssl -INSTALLTOP=/usr/local/ssl -MAKEDEPPROG= makedepend -MAKEDEPEND= $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG) -MAKEFILE= Makefile AR= ar r -RC4_ENC=rc4_enc.o -# or use -#RC4_ENC=asm/rx86-elf.o -#RC4_ENC=asm/rx86-out.o -#RC4_ENC=asm/rx86-sol.o -#RC4_ENC=asm/rx86bdsi.o +RC4_ENC=rc4_enc.o rc4_skey.o CFLAGS= $(INCLUDES) $(CFLAG) ASFLAGS= $(INCLUDES) $(ASFLAG) +AFLAGS= $(ASFLAGS) GENERAL=Makefile TEST=rc4test.c @@ -32,7 +22,7 @@ APPS= LIB=$(TOP)/libcrypto.a LIBSRC=rc4_skey.c rc4_enc.c -LIBOBJ=rc4_skey.o $(RC4_ENC) +LIBOBJ=$(RC4_ENC) SRC= $(LIBSRC) @@ -51,24 +41,19 @@ lib: $(LIBOBJ) $(RANLIB) $(LIB) || echo Never mind. @touch lib -# elf -asm/rx86-elf.s: asm/rc4-586.pl ../perlasm/x86asm.pl - (cd asm; $(PERL) rc4-586.pl elf $(CFLAGS) > rx86-elf.s) - +# ELF +rx86-elf.s: asm/rc4-586.pl ../perlasm/x86asm.pl + (cd asm; $(PERL) rc4-586.pl elf $(CFLAGS) > ../$@) +# COFF +rx86-cof.s: asm/rc4-586.pl ../perlasm/x86asm.pl + (cd asm; $(PERL) rc4-586.pl coff $(CFLAGS) > ../$@) # a.out -asm/rx86-out.o: asm/rx86unix.cpp - $(CPP) -DOUT asm/rx86unix.cpp | as -o asm/rx86-out.o - -# bsdi -asm/rx86bsdi.o: asm/rx86unix.cpp - $(CPP) -DBSDI asm/rx86unix.cpp | sed 's/ :/:/' | as -o asm/rx86bsdi.o - -asm/rx86unix.cpp: asm/rc4-586.pl ../perlasm/x86asm.pl - (cd asm; $(PERL) rc4-586.pl cpp >rx86unix.cpp) +rx86-out.s: asm/rc4-586.pl ../perlasm/x86asm.pl + (cd asm; $(PERL) rc4-586.pl a.out $(CFLAGS) > ../$@) -asm/rc4-x86_64.s: asm/rc4-x86_64.pl; $(PERL) asm/rc4-x86_64.pl $@ +rc4-x86_64.s: asm/rc4-x86_64.pl; $(PERL) asm/rc4-x86_64.pl $@ -asm/rc4-ia64.s: asm/rc4-ia64.S +rc4-ia64.s: asm/rc4-ia64.S @case `awk '/^#define RC4_INT/{print$$NF}' $(TOP)/include/openssl/opensslconf.h` in \ int) set -x; $(CC) $(CFLAGS) -DSZ=4 -E asm/rc4-ia64.S > $@ ;; \ char) set -x; $(CC) $(CFLAGS) -DSZ=1 -E asm/rc4-ia64.S > $@ ;; \ @@ -84,6 +69,7 @@ links: @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS) install: + @[ -n "$(INSTALLTOP)" ] # should be set by top Makefile... @headerlist="$(EXHEADER)"; for i in $$headerlist ; \ do \ (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \ @@ -99,6 +85,7 @@ lint: lint -DLINT $(INCLUDES) $(SRC)>fluff depend: + @[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile... $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC) dclean: @@ -106,7 +93,7 @@ dclean: mv -f Makefile.new $(MAKEFILE) clean: - rm -f asm/rx86unix.cpp asm/*-elf.* *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff asm/*.o + rm -f *.s *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff # DO NOT DELETE THIS LINE -- make depend depends on it. @@ -114,15 +101,15 @@ rc4_enc.o: ../../e_os.h ../../include/openssl/bio.h rc4_enc.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h rc4_enc.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h rc4_enc.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h -rc4_enc.o: ../../include/openssl/opensslv.h ../../include/openssl/rc4.h -rc4_enc.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h -rc4_enc.o: ../../include/openssl/symhacks.h ../cryptlib.h rc4_enc.c rc4_locl.h +rc4_enc.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +rc4_enc.o: ../../include/openssl/rc4.h ../../include/openssl/safestack.h +rc4_enc.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +rc4_enc.o: ../cryptlib.h rc4_enc.c rc4_locl.h rc4_skey.o: ../../e_os.h ../../include/openssl/bio.h rc4_skey.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h rc4_skey.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -rc4_skey.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h -rc4_skey.o: ../../include/openssl/opensslconf.h -rc4_skey.o: ../../include/openssl/opensslv.h ../../include/openssl/rc4.h -rc4_skey.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h -rc4_skey.o: ../../include/openssl/symhacks.h ../cryptlib.h rc4_locl.h -rc4_skey.o: rc4_skey.c +rc4_skey.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h +rc4_skey.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +rc4_skey.o: ../../include/openssl/rc4.h ../../include/openssl/safestack.h +rc4_skey.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +rc4_skey.o: ../cryptlib.h rc4_locl.h rc4_skey.c diff --git a/src/lib/libssl/src/crypto/rc4/asm/rc4-586.pl b/src/lib/libssl/src/crypto/rc4/asm/rc4-586.pl index d6e98f0811..ef7eee766c 100644 --- a/src/lib/libssl/src/crypto/rc4/asm/rc4-586.pl +++ b/src/lib/libssl/src/crypto/rc4/asm/rc4-586.pl @@ -200,22 +200,23 @@ sub RC4 &lea ($ty,&DWP(0,$in,$ty)); &mov (&swtmp(2),$ty); + &movz ($tx,&BP(0,$d,$x)); # strangely enough unrolled loop performs over 20% slower... &set_label("RC4_CHAR_loop"); - &movz ($tx,&BP(0,$d,$x)); &add (&LB($y),&LB($tx)); &movz ($ty,&BP(0,$d,$y)); &movb (&BP(0,$d,$y),&LB($tx)); &movb (&BP(0,$d,$x),&LB($ty)); &add (&LB($ty),&LB($tx)); &movz ($ty,&BP(0,$d,$ty)); + &add (&LB($x),1); &xorb (&LB($ty),&BP(0,$in)); - &movb (&BP(0,$out),&LB($ty)); - &inc (&LB($x)); - &inc ($in); - &inc ($out); + &lea ($in,&DWP(1,$in)); + &movz ($tx,&BP(0,$d,$x)); &cmp ($in,&swtmp(2)); + &movb (&BP(0,$out),&LB($ty)); + &lea ($out,&DWP(1,$out)); &jb (&label("RC4_CHAR_loop")); &set_label("finished"); diff --git a/src/lib/libssl/src/crypto/rc4/asm/rc4-ia64.S b/src/lib/libssl/src/crypto/rc4/asm/rc4-ia64.S index a322d0c718..8210c47d04 100644 --- a/src/lib/libssl/src/crypto/rc4/asm/rc4-ia64.S +++ b/src/lib/libssl/src/crypto/rc4/asm/rc4-ia64.S @@ -75,14 +75,13 @@ yy=r31; .skip 16 RC4: .prologue - .fframe 0 .save ar.pfs,r2 - .save ar.lc,r3 - .save pr,prsave { .mii; alloc r2=ar.pfs,4,12,0,16 + .save pr,prsave mov prsave=pr ADDP key=0,in0 };; { .mib; cmp.eq p6,p0=0,in1 // len==0? + .save ar.lc,r3 mov r3=ar.lc (p6) br.ret.spnt.many b0 };; // emergency exit diff --git a/src/lib/libssl/src/crypto/rc4/rc4.c b/src/lib/libssl/src/crypto/rc4/rc4.c index b39c070292..c900b26055 100644 --- a/src/lib/libssl/src/crypto/rc4/rc4.c +++ b/src/lib/libssl/src/crypto/rc4/rc4.c @@ -60,6 +60,7 @@ #include #include #include +#include char *usage[]={ "usage: rc4 args\n", @@ -162,7 +163,7 @@ bad: keystr=buf; } - EVP_Digest((unsigned char *)keystr,(unsigned long)strlen(keystr),md,NULL,EVP_md5()); + EVP_Digest((unsigned char *)keystr,strlen(keystr),md,NULL,EVP_md5(),NULL); OPENSSL_cleanse(keystr,strlen(keystr)); RC4_set_key(&key,MD5_DIGEST_LENGTH,md); diff --git a/src/lib/libssl/src/crypto/rc4/rc4.h b/src/lib/libssl/src/crypto/rc4/rc4.h index ae0cea75b8..7aec04fe93 100644 --- a/src/lib/libssl/src/crypto/rc4/rc4.h +++ b/src/lib/libssl/src/crypto/rc4/rc4.h @@ -59,12 +59,11 @@ #ifndef HEADER_RC4_H #define HEADER_RC4_H +#include /* OPENSSL_NO_RC4, RC4_INT */ #ifdef OPENSSL_NO_RC4 #error RC4 is disabled. #endif -#include /* RC4_INT */ - #ifdef __cplusplus extern "C" { #endif @@ -77,9 +76,6 @@ typedef struct rc4_key_st const char *RC4_options(void); -#ifdef OPENSSL_FIPS -void private_RC4_set_key(RC4_KEY *key, int len, const unsigned char *data); -#endif void RC4_set_key(RC4_KEY *key, int len, const unsigned char *data); void RC4(RC4_KEY *key, unsigned long len, const unsigned char *indata, unsigned char *outdata); diff --git a/src/lib/libssl/src/crypto/rc4/rc4_enc.c b/src/lib/libssl/src/crypto/rc4/rc4_enc.c index d5f18a3a70..0660ea60a2 100644 --- a/src/lib/libssl/src/crypto/rc4/rc4_enc.c +++ b/src/lib/libssl/src/crypto/rc4/rc4_enc.c @@ -157,7 +157,7 @@ void RC4(RC4_KEY *key, unsigned long len, const unsigned char *indata, if (!is_endian.little) { /* BIG-ENDIAN CASE */ # define BESHFT(c) (((sizeof(RC4_CHUNK)-(c)-1)*8)&(sizeof(RC4_CHUNK)*8-1)) - for (;len&-sizeof(RC4_CHUNK);len-=sizeof(RC4_CHUNK)) + for (;len&~(sizeof(RC4_CHUNK)-1);len-=sizeof(RC4_CHUNK)) { ichunk = *(RC4_CHUNK *)indata; otp = RC4_STEP< -#include -#include #include "rc4_locl.h" #include -const char *RC4_version="RC4" OPENSSL_VERSION_PTEXT; +const char RC4_version[]="RC4" OPENSSL_VERSION_PTEXT; const char *RC4_options(void) { @@ -87,7 +85,7 @@ const char *RC4_options(void) * Date: Wed, 14 Sep 1994 06:35:31 GMT */ -FIPS_NON_FIPS_VCIPHER_Init(RC4) +void RC4_set_key(RC4_KEY *key, int len, const unsigned char *data) { register RC4_INT tmp; register int id1,id2; @@ -95,26 +93,59 @@ FIPS_NON_FIPS_VCIPHER_Init(RC4) unsigned int i; d= &(key->data[0]); - - for (i=0; i<256; i++) - d[i]=i; key->x = 0; key->y = 0; id1=id2=0; -#define SK_LOOP(n) { \ +#define SK_LOOP(d,n) { \ tmp=d[(n)]; \ id2 = (data[id1] + tmp + id2) & 0xff; \ if (++id1 == len) id1=0; \ d[(n)]=d[id2]; \ d[id2]=tmp; } +#if defined(OPENSSL_CPUID_OBJ) && !defined(OPENSSL_NO_ASM) +# if defined(__i386) || defined(__i386__) || defined(_M_IX86) || \ + defined(__INTEL__) || \ + defined(__x86_64) || defined(__x86_64__) || defined(_M_AMD64) + if (sizeof(RC4_INT) > 1) { + /* + * Unlike all other x86 [and x86_64] implementations, + * Intel P4 core [including EM64T] was found to perform + * poorly with wider RC4_INT. Performance improvement + * for IA-32 hand-coded assembler turned out to be 2.8x + * if re-coded for RC4_CHAR! It's however inappropriate + * to just switch to RC4_CHAR for x86[_64], as non-P4 + * implementations suffer from significant performance + * losses then, e.g. PIII exhibits >2x deterioration, + * and so does Opteron. In order to assure optimal + * all-round performance, we detect P4 at run-time by + * checking upon reserved bit 20 in CPU capability + * vector and set up compressed key schedule, which is + * recognized by correspondingly updated assembler + * module... Bit 20 is set up by OPENSSL_ia32_cpuid. + * + * + */ + if (OPENSSL_ia32cap_P & (1<<20)) { + unsigned char *cp=(unsigned char *)d; + + for (i=0;i<256;i++) cp[i]=i; + for (i=0;i<256;i++) SK_LOOP(cp,i); + /* mark schedule as compressed! */ + d[256/sizeof(RC4_INT)]=-1; + return; + } + } +# endif +#endif + for (i=0; i < 256; i++) d[i]=i; for (i=0; i < 256; i+=4) { - SK_LOOP(i+0); - SK_LOOP(i+1); - SK_LOOP(i+2); - SK_LOOP(i+3); + SK_LOOP(d,i+0); + SK_LOOP(d,i+1); + SK_LOOP(d,i+2); + SK_LOOP(d,i+3); } } diff --git a/src/lib/libssl/src/crypto/rc4/rc4speed.c b/src/lib/libssl/src/crypto/rc4/rc4speed.c index ced98c52df..0ebd38123d 100644 --- a/src/lib/libssl/src/crypto/rc4/rc4speed.c +++ b/src/lib/libssl/src/crypto/rc4/rc4speed.c @@ -69,7 +69,10 @@ #include OPENSSL_UNISTD_IO OPENSSL_DECLARE_EXIT +#ifndef OPENSSL_SYS_NETWARE #include +#endif + #ifndef _IRIX #include #endif diff --git a/src/lib/libssl/src/crypto/rc4/rc4test.c b/src/lib/libssl/src/crypto/rc4/rc4test.c index b9d8f20975..54b597fa26 100644 --- a/src/lib/libssl/src/crypto/rc4/rc4test.c +++ b/src/lib/libssl/src/crypto/rc4/rc4test.c @@ -70,6 +70,7 @@ int main(int argc, char *argv[]) } #else #include +#include static unsigned char keys[7][30]={ {8,0x01,0x23,0x45,0x67,0x89,0xab,0xcd,0xef}, @@ -113,13 +114,11 @@ static unsigned char output[7][30]={ int main(int argc, char *argv[]) { - int i,err=0; - int j; + int err=0; + unsigned int i, j; unsigned char *p; RC4_KEY key; - unsigned char buf[512],obuf[512]; - - for (i=0; i<512; i++) buf[i]=0x01; + unsigned char obuf[512]; for (i=0; i<6; i++) { @@ -130,12 +129,12 @@ int main(int argc, char *argv[]) { printf("error calculating RC4\n"); printf("output:"); - for (j=0; j r586-elf.s) - +# ELF +r586-elf.s: asm/rc5-586.pl ../perlasm/x86asm.pl ../perlasm/cbc.pl + (cd asm; $(PERL) rc5-586.pl elf $(CFLAGS) > ../$@) +# COFF +r586-cof.s: asm/rc5-586.pl ../perlasm/x86asm.pl ../perlasm/cbc.pl + (cd asm; $(PERL) rc5-586.pl coff $(CFLAGS) > ../$@) # a.out -asm/r586-out.o: asm/r586unix.cpp - $(CPP) -DOUT asm/r586unix.cpp | as -o asm/r586-out.o - -# bsdi -asm/r586bsdi.o: asm/r586unix.cpp - $(CPP) -DBSDI asm/r586unix.cpp | sed 's/ :/:/' | as -o asm/r586bsdi.o - -asm/r586unix.cpp: asm/rc5-586.pl ../perlasm/x86asm.pl ../perlasm/cbc.pl - (cd asm; $(PERL) rc5-586.pl cpp >r586unix.cpp) +r586-out.s: asm/rc5-586.pl ../perlasm/x86asm.pl ../perlasm/cbc.pl + (cd asm; $(PERL) rc5-586.pl a.out $(CFLAGS) > ../$@) files: $(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO @@ -72,6 +63,7 @@ links: @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS) install: + @[ -n "$(INSTALLTOP)" ] # should be set by top Makefile... @headerlist="$(EXHEADER)"; for i in $$headerlist ; \ do \ (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \ @@ -87,6 +79,7 @@ lint: lint -DLINT $(INCLUDES) $(SRC)>fluff depend: + @[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile... $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC) dclean: @@ -94,17 +87,17 @@ dclean: mv -f Makefile.new $(MAKEFILE) clean: - rm -f asm/r586unix.cpp asm/*-elf.* *.o asm/*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff + rm -f *.s *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff # DO NOT DELETE THIS LINE -- make depend depends on it. -rc5_ecb.o: ../../include/openssl/opensslv.h ../../include/openssl/rc5.h -rc5_ecb.o: rc5_ecb.c rc5_locl.h -rc5_enc.o: ../../include/openssl/rc5.h rc5_enc.c rc5_locl.h -rc5_skey.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h -rc5_skey.o: ../../include/openssl/fips.h ../../include/openssl/opensslconf.h -rc5_skey.o: ../../include/openssl/opensslv.h ../../include/openssl/rc5.h -rc5_skey.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h -rc5_skey.o: ../../include/openssl/symhacks.h rc5_locl.h rc5_skey.c -rc5cfb64.o: ../../include/openssl/rc5.h rc5_locl.h rc5cfb64.c -rc5ofb64.o: ../../include/openssl/rc5.h rc5_locl.h rc5ofb64.c +rc5_ecb.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h +rc5_ecb.o: ../../include/openssl/rc5.h rc5_ecb.c rc5_locl.h +rc5_enc.o: ../../include/openssl/opensslconf.h ../../include/openssl/rc5.h +rc5_enc.o: rc5_enc.c rc5_locl.h +rc5_skey.o: ../../include/openssl/opensslconf.h ../../include/openssl/rc5.h +rc5_skey.o: rc5_locl.h rc5_skey.c +rc5cfb64.o: ../../include/openssl/opensslconf.h ../../include/openssl/rc5.h +rc5cfb64.o: rc5_locl.h rc5cfb64.c +rc5ofb64.o: ../../include/openssl/opensslconf.h ../../include/openssl/rc5.h +rc5ofb64.o: rc5_locl.h rc5ofb64.c diff --git a/src/lib/libssl/src/crypto/rc5/rc5.h b/src/lib/libssl/src/crypto/rc5/rc5.h index aa3f26920b..4b3c153b50 100644 --- a/src/lib/libssl/src/crypto/rc5/rc5.h +++ b/src/lib/libssl/src/crypto/rc5/rc5.h @@ -59,6 +59,8 @@ #ifndef HEADER_RC5_H #define HEADER_RC5_H +#include /* OPENSSL_NO_RC5 */ + #ifdef __cplusplus extern "C" { #endif @@ -92,10 +94,7 @@ typedef struct rc5_key_st RC5_32_INT data[2*(RC5_16_ROUNDS+1)]; } RC5_32_KEY; -#ifdef OPENSSL_FIPS -void private_RC5_32_set_key(RC5_32_KEY *key, int len, const unsigned char *data, - int rounds); -#endif + void RC5_32_set_key(RC5_32_KEY *key, int len, const unsigned char *data, int rounds); void RC5_32_ecb_encrypt(const unsigned char *in,unsigned char *out,RC5_32_KEY *key, diff --git a/src/lib/libssl/src/crypto/rc5/rc5_locl.h b/src/lib/libssl/src/crypto/rc5/rc5_locl.h index f4ebc23004..282dd38822 100644 --- a/src/lib/libssl/src/crypto/rc5/rc5_locl.h +++ b/src/lib/libssl/src/crypto/rc5/rc5_locl.h @@ -146,7 +146,7 @@ *((c)++)=(unsigned char)(((l)>> 8L)&0xff), \ *((c)++)=(unsigned char)(((l) )&0xff)) -#if defined(OPENSSL_SYS_WIN32) && defined(_MSC_VER) +#if (defined(OPENSSL_SYS_WIN32) && defined(_MSC_VER)) || defined(__ICC) #define ROTATE_l32(a,n) _lrotl(a,n) #define ROTATE_r32(a,n) _lrotr(a,n) #elif defined(__GNUC__) && __GNUC__>=2 && !defined(__STRICT_ANSI__) && !defined(OPENSSL_NO_ASM) && !defined(OPENSSL_NO_INLINE_ASM) && !defined(PEDANTIC) diff --git a/src/lib/libssl/src/crypto/ripemd/Makefile b/src/lib/libssl/src/crypto/ripemd/Makefile index 20c8b4d8db..d55875c20c 100644 --- a/src/lib/libssl/src/crypto/ripemd/Makefile +++ b/src/lib/libssl/src/crypto/ripemd/Makefile @@ -8,11 +8,6 @@ CC= cc CPP= $(CC) -E INCLUDES= CFLAG=-g -INSTALL_PREFIX= -OPENSSLDIR= /usr/local/ssl -INSTALLTOP=/usr/local/ssl -MAKEDEPPROG= makedepend -MAKEDEPEND= $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG) MAKEFILE= Makefile AR= ar r @@ -20,6 +15,7 @@ RIP_ASM_OBJ= CFLAGS= $(INCLUDES) $(CFLAG) ASFLAGS= $(INCLUDES) $(ASFLAG) +AFLAGS= $(ASFLAGS) GENERAL=Makefile TEST=rmdtest.c @@ -46,20 +42,15 @@ lib: $(LIBOBJ) $(RANLIB) $(LIB) || echo Never mind. @touch lib -# elf -asm/rm86-elf.s: asm/rmd-586.pl ../perlasm/x86asm.pl - (cd asm; $(PERL) rmd-586.pl elf $(CFLAGS) > rm86-elf.s) - +# ELF +rm86-elf.s: asm/rmd-586.pl ../perlasm/x86asm.pl + (cd asm; $(PERL) rmd-586.pl elf $(CFLAGS) > ../$@) +# COFF +rm86-cof.s: asm/rmd-586.pl ../perlasm/x86asm.pl + (cd asm; $(PERL) rmd-586.pl coff $(CFLAGS) > ../$@) # a.out -asm/rm86-out.o: asm/rm86unix.cpp - $(CPP) -DOUT asm/rm86unix.cpp | as -o asm/rm86-out.o - -# bsdi -asm/rm86bsdi.o: asm/rm86unix.cpp - $(CPP) -DBSDI asm/rm86unix.cpp | sed 's/ :/:/' | as -o asm/rm86bsdi.o - -asm/rm86unix.cpp: asm/rmd-586.pl ../perlasm/x86asm.pl - (cd asm; $(PERL) rmd-586.pl cpp >rm86unix.cpp) +rm86-out.s: asm/rmd-586.pl ../perlasm/x86asm.pl + (cd asm; $(PERL) rmd-586.pl a.out $(CFLAGS) > ../$@) files: $(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO @@ -70,6 +61,7 @@ links: @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS) install: + @[ -n "$(INSTALLTOP)" ] # should be set by top Makefile... @headerlist="$(EXHEADER)"; for i in $$headerlist ; \ do \ (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \ @@ -85,6 +77,7 @@ lint: lint -DLINT $(INCLUDES) $(SRC)>fluff depend: + @[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile... $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC) dclean: @@ -92,20 +85,15 @@ dclean: mv -f Makefile.new $(MAKEFILE) clean: - rm -f asm/rm86unix.cpp asm/*-elf.* *.o asm/*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff + rm -f *.s *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff # DO NOT DELETE THIS LINE -- make depend depends on it. -rmd_dgst.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h -rmd_dgst.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -rmd_dgst.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h -rmd_dgst.o: ../../include/openssl/opensslconf.h +rmd_dgst.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h rmd_dgst.o: ../../include/openssl/opensslv.h ../../include/openssl/ripemd.h -rmd_dgst.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h -rmd_dgst.o: ../../include/openssl/symhacks.h ../md32_common.h rmd_dgst.c -rmd_dgst.o: rmd_locl.h rmdconst.h +rmd_dgst.o: ../md32_common.h rmd_dgst.c rmd_locl.h rmdconst.h rmd_one.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h rmd_one.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -rmd_one.o: ../../include/openssl/ripemd.h ../../include/openssl/safestack.h -rmd_one.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -rmd_one.o: rmd_one.c +rmd_one.o: ../../include/openssl/ossl_typ.h ../../include/openssl/ripemd.h +rmd_one.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +rmd_one.o: ../../include/openssl/symhacks.h rmd_one.c diff --git a/src/lib/libssl/src/crypto/ripemd/asm/rmd-586.pl b/src/lib/libssl/src/crypto/ripemd/asm/rmd-586.pl index 0ab6f76bff..4f3c4c967f 100644 --- a/src/lib/libssl/src/crypto/ripemd/asm/rmd-586.pl +++ b/src/lib/libssl/src/crypto/ripemd/asm/rmd-586.pl @@ -1,7 +1,7 @@ #!/usr/local/bin/perl # Normal is the -# ripemd160_block_asm_host_order(RIPEMD160_CTX *c, ULONG *X,int blocks); +# ripemd160_block_asm_data_order(RIPEMD160_CTX *c, ULONG *X,int blocks); $normal=0; @@ -56,7 +56,7 @@ $KR3=0x7A6D76E9; 8, 5,12, 9,12, 5,14, 6, 8,13, 6, 5,15,13,11,11, ); -&ripemd160_block("ripemd160_block_asm_host_order"); +&ripemd160_block("ripemd160_block_asm_data_order"); &asm_finish(); sub Xv diff --git a/src/lib/libssl/src/crypto/ripemd/ripemd.h b/src/lib/libssl/src/crypto/ripemd/ripemd.h index 7d0d998189..033a5965b5 100644 --- a/src/lib/libssl/src/crypto/ripemd/ripemd.h +++ b/src/lib/libssl/src/crypto/ripemd/ripemd.h @@ -60,6 +60,7 @@ #define HEADER_RIPEMD_H #include +#include #ifdef __cplusplus extern "C" { @@ -87,16 +88,13 @@ typedef struct RIPEMD160state_st RIPEMD160_LONG A,B,C,D,E; RIPEMD160_LONG Nl,Nh; RIPEMD160_LONG data[RIPEMD160_LBLOCK]; - int num; + unsigned int num; } RIPEMD160_CTX; -#ifdef OPENSSL_FIPS -int private_RIPEMD160_Init(RIPEMD160_CTX *c); -#endif int RIPEMD160_Init(RIPEMD160_CTX *c); -int RIPEMD160_Update(RIPEMD160_CTX *c, const void *data, unsigned long len); +int RIPEMD160_Update(RIPEMD160_CTX *c, const void *data, size_t len); int RIPEMD160_Final(unsigned char *md, RIPEMD160_CTX *c); -unsigned char *RIPEMD160(const unsigned char *d, unsigned long n, +unsigned char *RIPEMD160(const unsigned char *d, size_t n, unsigned char *md); void RIPEMD160_Transform(RIPEMD160_CTX *c, const unsigned char *b); #ifdef __cplusplus diff --git a/src/lib/libssl/src/crypto/ripemd/rmd_dgst.c b/src/lib/libssl/src/crypto/ripemd/rmd_dgst.c index 5dff6bafa1..61626284b8 100644 --- a/src/lib/libssl/src/crypto/ripemd/rmd_dgst.c +++ b/src/lib/libssl/src/crypto/ripemd/rmd_dgst.c @@ -58,19 +58,18 @@ #include #include "rmd_locl.h" -#include #include -const char *RMD160_version="RIPE-MD160" OPENSSL_VERSION_PTEXT; +const char RMD160_version[]="RIPE-MD160" OPENSSL_VERSION_PTEXT; # ifdef RMD160_ASM - void ripemd160_block_x86(RIPEMD160_CTX *c, unsigned long *p,int num); + void ripemd160_block_x86(RIPEMD160_CTX *c, unsigned long *p,size_t num); # define ripemd160_block ripemd160_block_x86 # else - void ripemd160_block(RIPEMD160_CTX *c, unsigned long *p,int num); + void ripemd160_block(RIPEMD160_CTX *c, unsigned long *p,size_t num); # endif -FIPS_NON_FIPS_MD_Init(RIPEMD160) +int RIPEMD160_Init(RIPEMD160_CTX *c) { c->A=RIPEMD160_A; c->B=RIPEMD160_B; @@ -83,212 +82,11 @@ FIPS_NON_FIPS_MD_Init(RIPEMD160) return 1; } -#ifndef ripemd160_block_host_order -#ifdef X -#undef X -#endif -#define X(i) XX[i] -void ripemd160_block_host_order (RIPEMD160_CTX *ctx, const void *p, int num) - { - const RIPEMD160_LONG *XX=p; - register unsigned MD32_REG_T A,B,C,D,E; - register unsigned MD32_REG_T a,b,c,d,e; - - for (;num--;XX+=HASH_LBLOCK) - { - - A=ctx->A; B=ctx->B; C=ctx->C; D=ctx->D; E=ctx->E; - - RIP1(A,B,C,D,E,WL00,SL00); - RIP1(E,A,B,C,D,WL01,SL01); - RIP1(D,E,A,B,C,WL02,SL02); - RIP1(C,D,E,A,B,WL03,SL03); - RIP1(B,C,D,E,A,WL04,SL04); - RIP1(A,B,C,D,E,WL05,SL05); - RIP1(E,A,B,C,D,WL06,SL06); - RIP1(D,E,A,B,C,WL07,SL07); - RIP1(C,D,E,A,B,WL08,SL08); - RIP1(B,C,D,E,A,WL09,SL09); - RIP1(A,B,C,D,E,WL10,SL10); - RIP1(E,A,B,C,D,WL11,SL11); - RIP1(D,E,A,B,C,WL12,SL12); - RIP1(C,D,E,A,B,WL13,SL13); - RIP1(B,C,D,E,A,WL14,SL14); - RIP1(A,B,C,D,E,WL15,SL15); - - RIP2(E,A,B,C,D,WL16,SL16,KL1); - RIP2(D,E,A,B,C,WL17,SL17,KL1); - RIP2(C,D,E,A,B,WL18,SL18,KL1); - RIP2(B,C,D,E,A,WL19,SL19,KL1); - RIP2(A,B,C,D,E,WL20,SL20,KL1); - RIP2(E,A,B,C,D,WL21,SL21,KL1); - RIP2(D,E,A,B,C,WL22,SL22,KL1); - RIP2(C,D,E,A,B,WL23,SL23,KL1); - RIP2(B,C,D,E,A,WL24,SL24,KL1); - RIP2(A,B,C,D,E,WL25,SL25,KL1); - RIP2(E,A,B,C,D,WL26,SL26,KL1); - RIP2(D,E,A,B,C,WL27,SL27,KL1); - RIP2(C,D,E,A,B,WL28,SL28,KL1); - RIP2(B,C,D,E,A,WL29,SL29,KL1); - RIP2(A,B,C,D,E,WL30,SL30,KL1); - RIP2(E,A,B,C,D,WL31,SL31,KL1); - - RIP3(D,E,A,B,C,WL32,SL32,KL2); - RIP3(C,D,E,A,B,WL33,SL33,KL2); - RIP3(B,C,D,E,A,WL34,SL34,KL2); - RIP3(A,B,C,D,E,WL35,SL35,KL2); - RIP3(E,A,B,C,D,WL36,SL36,KL2); - RIP3(D,E,A,B,C,WL37,SL37,KL2); - RIP3(C,D,E,A,B,WL38,SL38,KL2); - RIP3(B,C,D,E,A,WL39,SL39,KL2); - RIP3(A,B,C,D,E,WL40,SL40,KL2); - RIP3(E,A,B,C,D,WL41,SL41,KL2); - RIP3(D,E,A,B,C,WL42,SL42,KL2); - RIP3(C,D,E,A,B,WL43,SL43,KL2); - RIP3(B,C,D,E,A,WL44,SL44,KL2); - RIP3(A,B,C,D,E,WL45,SL45,KL2); - RIP3(E,A,B,C,D,WL46,SL46,KL2); - RIP3(D,E,A,B,C,WL47,SL47,KL2); - - RIP4(C,D,E,A,B,WL48,SL48,KL3); - RIP4(B,C,D,E,A,WL49,SL49,KL3); - RIP4(A,B,C,D,E,WL50,SL50,KL3); - RIP4(E,A,B,C,D,WL51,SL51,KL3); - RIP4(D,E,A,B,C,WL52,SL52,KL3); - RIP4(C,D,E,A,B,WL53,SL53,KL3); - RIP4(B,C,D,E,A,WL54,SL54,KL3); - RIP4(A,B,C,D,E,WL55,SL55,KL3); - RIP4(E,A,B,C,D,WL56,SL56,KL3); - RIP4(D,E,A,B,C,WL57,SL57,KL3); - RIP4(C,D,E,A,B,WL58,SL58,KL3); - RIP4(B,C,D,E,A,WL59,SL59,KL3); - RIP4(A,B,C,D,E,WL60,SL60,KL3); - RIP4(E,A,B,C,D,WL61,SL61,KL3); - RIP4(D,E,A,B,C,WL62,SL62,KL3); - RIP4(C,D,E,A,B,WL63,SL63,KL3); - - RIP5(B,C,D,E,A,WL64,SL64,KL4); - RIP5(A,B,C,D,E,WL65,SL65,KL4); - RIP5(E,A,B,C,D,WL66,SL66,KL4); - RIP5(D,E,A,B,C,WL67,SL67,KL4); - RIP5(C,D,E,A,B,WL68,SL68,KL4); - RIP5(B,C,D,E,A,WL69,SL69,KL4); - RIP5(A,B,C,D,E,WL70,SL70,KL4); - RIP5(E,A,B,C,D,WL71,SL71,KL4); - RIP5(D,E,A,B,C,WL72,SL72,KL4); - RIP5(C,D,E,A,B,WL73,SL73,KL4); - RIP5(B,C,D,E,A,WL74,SL74,KL4); - RIP5(A,B,C,D,E,WL75,SL75,KL4); - RIP5(E,A,B,C,D,WL76,SL76,KL4); - RIP5(D,E,A,B,C,WL77,SL77,KL4); - RIP5(C,D,E,A,B,WL78,SL78,KL4); - RIP5(B,C,D,E,A,WL79,SL79,KL4); - - a=A; b=B; c=C; d=D; e=E; - /* Do other half */ - A=ctx->A; B=ctx->B; C=ctx->C; D=ctx->D; E=ctx->E; - - RIP5(A,B,C,D,E,WR00,SR00,KR0); - RIP5(E,A,B,C,D,WR01,SR01,KR0); - RIP5(D,E,A,B,C,WR02,SR02,KR0); - RIP5(C,D,E,A,B,WR03,SR03,KR0); - RIP5(B,C,D,E,A,WR04,SR04,KR0); - RIP5(A,B,C,D,E,WR05,SR05,KR0); - RIP5(E,A,B,C,D,WR06,SR06,KR0); - RIP5(D,E,A,B,C,WR07,SR07,KR0); - RIP5(C,D,E,A,B,WR08,SR08,KR0); - RIP5(B,C,D,E,A,WR09,SR09,KR0); - RIP5(A,B,C,D,E,WR10,SR10,KR0); - RIP5(E,A,B,C,D,WR11,SR11,KR0); - RIP5(D,E,A,B,C,WR12,SR12,KR0); - RIP5(C,D,E,A,B,WR13,SR13,KR0); - RIP5(B,C,D,E,A,WR14,SR14,KR0); - RIP5(A,B,C,D,E,WR15,SR15,KR0); - - RIP4(E,A,B,C,D,WR16,SR16,KR1); - RIP4(D,E,A,B,C,WR17,SR17,KR1); - RIP4(C,D,E,A,B,WR18,SR18,KR1); - RIP4(B,C,D,E,A,WR19,SR19,KR1); - RIP4(A,B,C,D,E,WR20,SR20,KR1); - RIP4(E,A,B,C,D,WR21,SR21,KR1); - RIP4(D,E,A,B,C,WR22,SR22,KR1); - RIP4(C,D,E,A,B,WR23,SR23,KR1); - RIP4(B,C,D,E,A,WR24,SR24,KR1); - RIP4(A,B,C,D,E,WR25,SR25,KR1); - RIP4(E,A,B,C,D,WR26,SR26,KR1); - RIP4(D,E,A,B,C,WR27,SR27,KR1); - RIP4(C,D,E,A,B,WR28,SR28,KR1); - RIP4(B,C,D,E,A,WR29,SR29,KR1); - RIP4(A,B,C,D,E,WR30,SR30,KR1); - RIP4(E,A,B,C,D,WR31,SR31,KR1); - - RIP3(D,E,A,B,C,WR32,SR32,KR2); - RIP3(C,D,E,A,B,WR33,SR33,KR2); - RIP3(B,C,D,E,A,WR34,SR34,KR2); - RIP3(A,B,C,D,E,WR35,SR35,KR2); - RIP3(E,A,B,C,D,WR36,SR36,KR2); - RIP3(D,E,A,B,C,WR37,SR37,KR2); - RIP3(C,D,E,A,B,WR38,SR38,KR2); - RIP3(B,C,D,E,A,WR39,SR39,KR2); - RIP3(A,B,C,D,E,WR40,SR40,KR2); - RIP3(E,A,B,C,D,WR41,SR41,KR2); - RIP3(D,E,A,B,C,WR42,SR42,KR2); - RIP3(C,D,E,A,B,WR43,SR43,KR2); - RIP3(B,C,D,E,A,WR44,SR44,KR2); - RIP3(A,B,C,D,E,WR45,SR45,KR2); - RIP3(E,A,B,C,D,WR46,SR46,KR2); - RIP3(D,E,A,B,C,WR47,SR47,KR2); - - RIP2(C,D,E,A,B,WR48,SR48,KR3); - RIP2(B,C,D,E,A,WR49,SR49,KR3); - RIP2(A,B,C,D,E,WR50,SR50,KR3); - RIP2(E,A,B,C,D,WR51,SR51,KR3); - RIP2(D,E,A,B,C,WR52,SR52,KR3); - RIP2(C,D,E,A,B,WR53,SR53,KR3); - RIP2(B,C,D,E,A,WR54,SR54,KR3); - RIP2(A,B,C,D,E,WR55,SR55,KR3); - RIP2(E,A,B,C,D,WR56,SR56,KR3); - RIP2(D,E,A,B,C,WR57,SR57,KR3); - RIP2(C,D,E,A,B,WR58,SR58,KR3); - RIP2(B,C,D,E,A,WR59,SR59,KR3); - RIP2(A,B,C,D,E,WR60,SR60,KR3); - RIP2(E,A,B,C,D,WR61,SR61,KR3); - RIP2(D,E,A,B,C,WR62,SR62,KR3); - RIP2(C,D,E,A,B,WR63,SR63,KR3); - - RIP1(B,C,D,E,A,WR64,SR64); - RIP1(A,B,C,D,E,WR65,SR65); - RIP1(E,A,B,C,D,WR66,SR66); - RIP1(D,E,A,B,C,WR67,SR67); - RIP1(C,D,E,A,B,WR68,SR68); - RIP1(B,C,D,E,A,WR69,SR69); - RIP1(A,B,C,D,E,WR70,SR70); - RIP1(E,A,B,C,D,WR71,SR71); - RIP1(D,E,A,B,C,WR72,SR72); - RIP1(C,D,E,A,B,WR73,SR73); - RIP1(B,C,D,E,A,WR74,SR74); - RIP1(A,B,C,D,E,WR75,SR75); - RIP1(E,A,B,C,D,WR76,SR76); - RIP1(D,E,A,B,C,WR77,SR77); - RIP1(C,D,E,A,B,WR78,SR78); - RIP1(B,C,D,E,A,WR79,SR79); - - D =ctx->B+c+D; - ctx->B=ctx->C+d+E; - ctx->C=ctx->D+e+A; - ctx->D=ctx->E+a+B; - ctx->E=ctx->A+b+C; - ctx->A=D; - - } - } -#endif - #ifndef ripemd160_block_data_order #ifdef X #undef X #endif -void ripemd160_block_data_order (RIPEMD160_CTX *ctx, const void *p, int num) +void ripemd160_block_data_order (RIPEMD160_CTX *ctx, const void *p, size_t num) { const unsigned char *data=p; register unsigned MD32_REG_T A,B,C,D,E; diff --git a/src/lib/libssl/src/crypto/ripemd/rmd_locl.h b/src/lib/libssl/src/crypto/ripemd/rmd_locl.h index 7b835dfbd4..f14b346e66 100644 --- a/src/lib/libssl/src/crypto/ripemd/rmd_locl.h +++ b/src/lib/libssl/src/crypto/ripemd/rmd_locl.h @@ -72,28 +72,20 @@ */ #ifdef RMD160_ASM # if defined(__i386) || defined(__i386__) || defined(_M_IX86) || defined(__INTEL__) -# define ripemd160_block_host_order ripemd160_block_asm_host_order +# define ripemd160_block_data_order ripemd160_block_asm_data_order # endif #endif -void ripemd160_block_host_order (RIPEMD160_CTX *c, const void *p,int num); -void ripemd160_block_data_order (RIPEMD160_CTX *c, const void *p,int num); - -#if defined(__i386) || defined(__i386__) || defined(_M_IX86) || defined(__INTEL__) -#define ripemd160_block_data_order ripemd160_block_host_order -#endif +void ripemd160_block_data_order (RIPEMD160_CTX *c, const void *p,size_t num); #define DATA_ORDER_IS_LITTLE_ENDIAN #define HASH_LONG RIPEMD160_LONG -#define HASH_LONG_LOG2 RIPEMD160_LONG_LOG2 #define HASH_CTX RIPEMD160_CTX #define HASH_CBLOCK RIPEMD160_CBLOCK -#define HASH_LBLOCK RIPEMD160_LBLOCK #define HASH_UPDATE RIPEMD160_Update #define HASH_TRANSFORM RIPEMD160_Transform #define HASH_FINAL RIPEMD160_Final -#define HASH_BLOCK_HOST_ORDER ripemd160_block_host_order #define HASH_MAKE_STRING(c,s) do { \ unsigned long ll; \ ll=(c)->A; HOST_l2c(ll,(s)); \ @@ -102,9 +94,7 @@ void ripemd160_block_data_order (RIPEMD160_CTX *c, const void *p,int num); ll=(c)->D; HOST_l2c(ll,(s)); \ ll=(c)->E; HOST_l2c(ll,(s)); \ } while (0) -#if !defined(L_ENDIAN) || defined(ripemd160_block_data_order) #define HASH_BLOCK_DATA_ORDER ripemd160_block_data_order -#endif #include "md32_common.h" diff --git a/src/lib/libssl/src/crypto/ripemd/rmd_one.c b/src/lib/libssl/src/crypto/ripemd/rmd_one.c index b88446b267..3efb13758f 100644 --- a/src/lib/libssl/src/crypto/ripemd/rmd_one.c +++ b/src/lib/libssl/src/crypto/ripemd/rmd_one.c @@ -61,7 +61,7 @@ #include #include -unsigned char *RIPEMD160(const unsigned char *d, unsigned long n, +unsigned char *RIPEMD160(const unsigned char *d, size_t n, unsigned char *md) { RIPEMD160_CTX c; diff --git a/src/lib/libssl/src/crypto/ripemd/rmdtest.c b/src/lib/libssl/src/crypto/ripemd/rmdtest.c index d4c709e646..fb34e0e836 100644 --- a/src/lib/libssl/src/crypto/ripemd/rmdtest.c +++ b/src/lib/libssl/src/crypto/ripemd/rmdtest.c @@ -103,19 +103,19 @@ static char *pt(unsigned char *md); int main(int argc, char *argv[]) { int i,err=0; - unsigned char **P,**R; + char **P,**R; char *p; unsigned char md[RIPEMD160_DIGEST_LENGTH]; - P=(unsigned char **)test; - R=(unsigned char **)ret; + P=test; + R=ret; i=1; while (*P != NULL) { #ifdef CHARSET_EBCDIC ebcdic2ascii((char *)*P, (char *)*P, strlen((char *)*P)); #endif - EVP_Digest(&(P[0][0]),(unsigned long)strlen((char *)*P),md,NULL,EVP_ripemd160(), NULL); + EVP_Digest(&(P[0][0]),strlen((char *)*P),md,NULL,EVP_ripemd160(), NULL); p=pt(md); if (strcmp(p,(char *)*R) != 0) { diff --git a/src/lib/libssl/src/crypto/rsa/Makefile b/src/lib/libssl/src/crypto/rsa/Makefile index 8851825250..13900812ac 100644 --- a/src/lib/libssl/src/crypto/rsa/Makefile +++ b/src/lib/libssl/src/crypto/rsa/Makefile @@ -7,11 +7,6 @@ TOP= ../.. CC= cc INCLUDES= -I.. -I$(TOP) -I../../include CFLAG=-g -INSTALL_PREFIX= -OPENSSLDIR= /usr/local/ssl -INSTALLTOP=/usr/local/ssl -MAKEDEPPROG= makedepend -MAKEDEPEND= $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG) MAKEFILE= Makefile AR= ar r @@ -24,10 +19,10 @@ APPS= LIB=$(TOP)/libcrypto.a LIBSRC= rsa_eay.c rsa_gen.c rsa_lib.c rsa_sign.c rsa_saos.c rsa_err.c \ rsa_pk1.c rsa_ssl.c rsa_none.c rsa_oaep.c rsa_chk.c rsa_null.c \ - rsa_pss.c rsa_x931.c rsa_asn1.c + rsa_pss.c rsa_x931.c rsa_asn1.c rsa_depr.c LIBOBJ= rsa_eay.o rsa_gen.o rsa_lib.o rsa_sign.o rsa_saos.o rsa_err.o \ rsa_pk1.o rsa_ssl.o rsa_none.o rsa_oaep.o rsa_chk.o rsa_null.o \ - rsa_pss.o rsa_x931.o rsa_asn1.o + rsa_pss.o rsa_x931.o rsa_asn1.o rsa_depr.o SRC= $(LIBSRC) @@ -55,6 +50,7 @@ links: @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS) install: + @[ -n "$(INSTALLTOP)" ] # should be set by top Makefile... @headerlist="$(EXHEADER)"; for i in $$headerlist ; \ do \ (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \ @@ -70,6 +66,7 @@ lint: lint -DLINT $(INCLUDES) $(SRC)>fluff depend: + @[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile... $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC) dclean: @@ -99,6 +96,15 @@ rsa_chk.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h rsa_chk.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h rsa_chk.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h rsa_chk.o: rsa_chk.c +rsa_depr.o: ../../e_os.h ../../include/openssl/asn1.h +rsa_depr.o: ../../include/openssl/bio.h ../../include/openssl/bn.h +rsa_depr.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h +rsa_depr.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h +rsa_depr.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h +rsa_depr.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +rsa_depr.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h +rsa_depr.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +rsa_depr.o: ../cryptlib.h rsa_depr.c rsa_eay.o: ../../e_os.h ../../include/openssl/asn1.h rsa_eay.o: ../../include/openssl/bio.h ../../include/openssl/bn.h rsa_eay.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h @@ -109,13 +115,12 @@ rsa_eay.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h rsa_eay.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h rsa_eay.o: ../../include/openssl/symhacks.h ../cryptlib.h rsa_eay.c rsa_err.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -rsa_err.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h -rsa_err.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -rsa_err.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h -rsa_err.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -rsa_err.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -rsa_err.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -rsa_err.o: rsa_err.c +rsa_err.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h +rsa_err.o: ../../include/openssl/err.h ../../include/openssl/lhash.h +rsa_err.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h +rsa_err.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rsa.h +rsa_err.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +rsa_err.o: ../../include/openssl/symhacks.h rsa_err.c rsa_gen.o: ../../e_os.h ../../include/openssl/asn1.h rsa_gen.o: ../../include/openssl/bio.h ../../include/openssl/bn.h rsa_gen.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h @@ -128,14 +133,13 @@ rsa_gen.o: ../cryptlib.h rsa_gen.c rsa_lib.o: ../../e_os.h ../../include/openssl/asn1.h rsa_lib.o: ../../include/openssl/bio.h ../../include/openssl/bn.h rsa_lib.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h -rsa_lib.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h rsa_lib.o: ../../include/openssl/e_os2.h ../../include/openssl/engine.h rsa_lib.o: ../../include/openssl/err.h ../../include/openssl/lhash.h rsa_lib.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h rsa_lib.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h rsa_lib.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h rsa_lib.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -rsa_lib.o: ../../include/openssl/ui.h ../cryptlib.h rsa_lib.c +rsa_lib.o: ../cryptlib.h rsa_lib.c rsa_none.o: ../../e_os.h ../../include/openssl/asn1.h rsa_none.o: ../../include/openssl/bio.h ../../include/openssl/bn.h rsa_none.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h @@ -154,26 +158,17 @@ rsa_null.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h rsa_null.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h rsa_null.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h rsa_null.o: ../../include/openssl/symhacks.h ../cryptlib.h rsa_null.c -rsa_oaep.o: ../../e_os.h ../../include/openssl/aes.h -rsa_oaep.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -rsa_oaep.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -rsa_oaep.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -rsa_oaep.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -rsa_oaep.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -rsa_oaep.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -rsa_oaep.o: ../../include/openssl/err.h ../../include/openssl/evp.h -rsa_oaep.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -rsa_oaep.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -rsa_oaep.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h +rsa_oaep.o: ../../e_os.h ../../include/openssl/asn1.h +rsa_oaep.o: ../../include/openssl/bio.h ../../include/openssl/bn.h +rsa_oaep.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h +rsa_oaep.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h +rsa_oaep.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h rsa_oaep.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h rsa_oaep.o: ../../include/openssl/opensslconf.h rsa_oaep.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -rsa_oaep.o: ../../include/openssl/rand.h ../../include/openssl/rc2.h -rsa_oaep.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -rsa_oaep.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h +rsa_oaep.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h rsa_oaep.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h rsa_oaep.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -rsa_oaep.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h rsa_oaep.o: ../cryptlib.h rsa_oaep.c rsa_pk1.o: ../../e_os.h ../../include/openssl/asn1.h rsa_pk1.o: ../../include/openssl/bio.h ../../include/openssl/bn.h @@ -184,68 +179,43 @@ rsa_pk1.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h rsa_pk1.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h rsa_pk1.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h rsa_pk1.o: ../../include/openssl/symhacks.h ../cryptlib.h rsa_pk1.c -rsa_pss.o: ../../e_os.h ../../include/openssl/aes.h -rsa_pss.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -rsa_pss.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -rsa_pss.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -rsa_pss.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -rsa_pss.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -rsa_pss.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -rsa_pss.o: ../../include/openssl/err.h ../../include/openssl/evp.h -rsa_pss.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -rsa_pss.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -rsa_pss.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h +rsa_pss.o: ../../e_os.h ../../include/openssl/asn1.h +rsa_pss.o: ../../include/openssl/bio.h ../../include/openssl/bn.h +rsa_pss.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h +rsa_pss.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h +rsa_pss.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h rsa_pss.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h rsa_pss.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h rsa_pss.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h -rsa_pss.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -rsa_pss.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h rsa_pss.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h rsa_pss.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -rsa_pss.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -rsa_pss.o: ../../include/openssl/ui_compat.h ../cryptlib.h rsa_pss.c -rsa_saos.o: ../../e_os.h ../../include/openssl/aes.h -rsa_saos.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -rsa_saos.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -rsa_saos.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -rsa_saos.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -rsa_saos.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -rsa_saos.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h +rsa_pss.o: ../../include/openssl/symhacks.h ../cryptlib.h rsa_pss.c +rsa_saos.o: ../../e_os.h ../../include/openssl/asn1.h +rsa_saos.o: ../../include/openssl/bio.h ../../include/openssl/bn.h +rsa_saos.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h +rsa_saos.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h +rsa_saos.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h rsa_saos.o: ../../include/openssl/err.h ../../include/openssl/evp.h -rsa_saos.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -rsa_saos.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -rsa_saos.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h -rsa_saos.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -rsa_saos.o: ../../include/openssl/opensslconf.h +rsa_saos.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h +rsa_saos.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h rsa_saos.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -rsa_saos.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -rsa_saos.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -rsa_saos.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h +rsa_saos.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h rsa_saos.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h rsa_saos.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -rsa_saos.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h rsa_saos.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h rsa_saos.o: ../cryptlib.h rsa_saos.c -rsa_sign.o: ../../e_os.h ../../include/openssl/aes.h -rsa_sign.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -rsa_sign.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -rsa_sign.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -rsa_sign.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -rsa_sign.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -rsa_sign.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h +rsa_sign.o: ../../e_os.h ../../include/openssl/asn1.h +rsa_sign.o: ../../include/openssl/bio.h ../../include/openssl/bn.h +rsa_sign.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h +rsa_sign.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h +rsa_sign.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h rsa_sign.o: ../../include/openssl/err.h ../../include/openssl/evp.h -rsa_sign.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -rsa_sign.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -rsa_sign.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h -rsa_sign.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -rsa_sign.o: ../../include/openssl/opensslconf.h +rsa_sign.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h +rsa_sign.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h rsa_sign.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -rsa_sign.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -rsa_sign.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -rsa_sign.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h +rsa_sign.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h rsa_sign.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h rsa_sign.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -rsa_sign.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h rsa_sign.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h rsa_sign.o: ../cryptlib.h rsa_sign.c rsa_ssl.o: ../../e_os.h ../../include/openssl/asn1.h diff --git a/src/lib/libssl/src/crypto/rsa/rsa.h b/src/lib/libssl/src/crypto/rsa/rsa.h index 0b639cd37f..6b5e4f8a9a 100644 --- a/src/lib/libssl/src/crypto/rsa/rsa.h +++ b/src/lib/libssl/src/crypto/rsa/rsa.h @@ -64,25 +64,25 @@ #ifndef OPENSSL_NO_BIO #include #endif -#include #include #include +#ifndef OPENSSL_NO_DEPRECATED +#include +#endif #ifdef OPENSSL_NO_RSA #error RSA is disabled. #endif -#if defined(OPENSSL_FIPS) -#define FIPS_RSA_SIZE_T int -#endif - #ifdef __cplusplus extern "C" { #endif -typedef struct rsa_st RSA; +/* Declared already in ossl_typ.h */ +/* typedef struct rsa_st RSA; */ +/* typedef struct rsa_meth_st RSA_METHOD; */ -typedef struct rsa_meth_st +struct rsa_meth_st { const char *name; int (*rsa_pub_enc)(int flen,const unsigned char *from, @@ -97,7 +97,7 @@ typedef struct rsa_meth_st int (*rsa_priv_dec)(int flen,const unsigned char *from, unsigned char *to, RSA *rsa,int padding); - int (*rsa_mod_exp)(BIGNUM *r0,const BIGNUM *I,RSA *rsa); /* Can be null */ + int (*rsa_mod_exp)(BIGNUM *r0,const BIGNUM *I,RSA *rsa,BN_CTX *ctx); /* Can be null */ int (*bn_mod_exp)(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx); /* Can be null */ @@ -118,8 +118,12 @@ typedef struct rsa_meth_st int (*rsa_verify)(int dtype, const unsigned char *m, unsigned int m_length, unsigned char *sigbuf, unsigned int siglen, const RSA *rsa); - - } RSA_METHOD; +/* If this callback is NULL, the builtin software RSA key-gen will be used. This + * is for behavioural compatibility whilst the code gets rewired, but one day + * it would be nice to assume there are no such things as "builtin software" + * implementations. */ + int (*rsa_keygen)(RSA *rsa, int bits, BIGNUM *e, BN_GENCB *cb); + }; struct rsa_st { @@ -152,8 +156,20 @@ struct rsa_st * NULL */ char *bignum_data; BN_BLINDING *blinding; + BN_BLINDING *mt_blinding; }; +#ifndef OPENSSL_RSA_MAX_MODULUS_BITS +# define OPENSSL_RSA_MAX_MODULUS_BITS 16384 +#endif + +#ifndef OPENSSL_RSA_SMALL_MODULUS_BITS +# define OPENSSL_RSA_SMALL_MODULUS_BITS 3072 +#endif +#ifndef OPENSSL_RSA_MAX_PUBEXP_BITS +# define OPENSSL_RSA_MAX_PUBEXP_BITS 64 /* exponent limit enforced for "large" modulus only */ +#endif + #define RSA_3 0x3L #define RSA_F4 0x10001L @@ -179,13 +195,27 @@ struct rsa_st * default (ignoring RSA_FLAG_BLINDING), * but other engines might not need it */ -#define RSA_FLAG_NO_EXP_CONSTTIME 0x0100 /* new with 0.9.7h; the built-in RSA +#define RSA_FLAG_NO_CONSTTIME 0x0100 /* new with 0.9.8f; the built-in RSA + * implementation now uses constant time + * operations by default in private key operations, + * e.g., constant time modular exponentiation, + * modular inverse without leaking branches, + * division without leaking branches. This + * flag disables these constant time + * operations and results in faster RSA + * private key operations. + */ +#ifndef OPENSSL_NO_DEPRECATED +#define RSA_FLAG_NO_EXP_CONSTTIME RSA_FLAG_NO_CONSTTIME /* deprecated name for the flag*/ + /* new with 0.9.7h; the built-in RSA * implementation now uses constant time * modular exponentiation for secret exponents * by default. This flag causes the * faster variable sliding window method to * be used for all exponents. */ +#endif + #define RSA_PKCS1_PADDING 1 #define RSA_SSLV23_PADDING 2 @@ -201,18 +231,17 @@ struct rsa_st RSA * RSA_new(void); RSA * RSA_new_method(ENGINE *engine); int RSA_size(const RSA *); + +/* Deprecated version */ +#ifndef OPENSSL_NO_DEPRECATED RSA * RSA_generate_key(int bits, unsigned long e,void (*callback)(int,int,void *),void *cb_arg); +#endif /* !defined(OPENSSL_NO_DEPRECATED) */ + +/* New version */ +int RSA_generate_key_ex(RSA *rsa, int bits, BIGNUM *e, BN_GENCB *cb); + int RSA_check_key(const RSA *); -#ifdef OPENSSL_FIPS -int RSA_X931_derive(RSA *rsa, BIGNUM *p1, BIGNUM *p2, BIGNUM *q1, BIGNUM *q2, - void (*cb)(int, int, void *), void *cb_arg, - const BIGNUM *Xp1, const BIGNUM *Xp2, const BIGNUM *Xp, - const BIGNUM *Xq1, const BIGNUM *Xq2, const BIGNUM *Xq, - const BIGNUM *e); -RSA *RSA_X931_generate_key(int bits, const BIGNUM *e, - void (*cb)(int,int,void *), void *cb_arg); -#endif /* next 4 return -1 on error */ int RSA_public_encrypt(int flen, const unsigned char *from, unsigned char *to, RSA *rsa,int padding); @@ -252,11 +281,19 @@ int RSA_print_fp(FILE *fp, const RSA *r,int offset); int RSA_print(BIO *bp, const RSA *r,int offset); #endif -int i2d_RSA_NET(const RSA *a, unsigned char **pp, int (*cb)(), int sgckey); -RSA *d2i_RSA_NET(RSA **a, const unsigned char **pp, long length, int (*cb)(), int sgckey); +int i2d_RSA_NET(const RSA *a, unsigned char **pp, + int (*cb)(char *buf, int len, const char *prompt, int verify), + int sgckey); +RSA *d2i_RSA_NET(RSA **a, const unsigned char **pp, long length, + int (*cb)(char *buf, int len, const char *prompt, int verify), + int sgckey); -int i2d_Netscape_RSA(const RSA *a, unsigned char **pp, int (*cb)()); -RSA *d2i_Netscape_RSA(RSA **a, const unsigned char **pp, long length, int (*cb)()); +int i2d_Netscape_RSA(const RSA *a, unsigned char **pp, + int (*cb)(char *buf, int len, const char *prompt, + int verify)); +RSA *d2i_Netscape_RSA(RSA **a, const unsigned char **pp, long length, + int (*cb)(char *buf, int len, const char *prompt, + int verify)); /* The following 2 functions sign and verify a X509_SIG ASN1 object * inside PKCS#1 padded RSA encryption */ @@ -276,6 +313,7 @@ int RSA_verify_ASN1_OCTET_STRING(int type, int RSA_blinding_on(RSA *rsa, BN_CTX *ctx); void RSA_blinding_off(RSA *rsa); +BN_BLINDING *RSA_setup_blinding(RSA *rsa, BN_CTX *ctx); int RSA_padding_add_PKCS1_type_1(unsigned char *to,int tlen, const unsigned char *f,int fl); @@ -331,14 +369,21 @@ void ERR_load_RSA_strings(void); /* Function codes. */ #define RSA_F_MEMORY_LOCK 100 +#define RSA_F_RSA_BUILTIN_KEYGEN 129 #define RSA_F_RSA_CHECK_KEY 123 #define RSA_F_RSA_EAY_PRIVATE_DECRYPT 101 #define RSA_F_RSA_EAY_PRIVATE_ENCRYPT 102 #define RSA_F_RSA_EAY_PUBLIC_DECRYPT 103 #define RSA_F_RSA_EAY_PUBLIC_ENCRYPT 104 #define RSA_F_RSA_GENERATE_KEY 105 +#define RSA_F_RSA_MEMORY_LOCK 130 #define RSA_F_RSA_NEW_METHOD 106 #define RSA_F_RSA_NULL 124 +#define RSA_F_RSA_NULL_MOD_EXP 131 +#define RSA_F_RSA_NULL_PRIVATE_DECRYPT 132 +#define RSA_F_RSA_NULL_PRIVATE_ENCRYPT 133 +#define RSA_F_RSA_NULL_PUBLIC_DECRYPT 134 +#define RSA_F_RSA_NULL_PUBLIC_ENCRYPT 135 #define RSA_F_RSA_PADDING_ADD_NONE 107 #define RSA_F_RSA_PADDING_ADD_PKCS1_OAEP 121 #define RSA_F_RSA_PADDING_ADD_PKCS1_PSS 125 @@ -354,6 +399,7 @@ void ERR_load_RSA_strings(void); #define RSA_F_RSA_PADDING_CHECK_X931 128 #define RSA_F_RSA_PRINT 115 #define RSA_F_RSA_PRINT_FP 116 +#define RSA_F_RSA_SETUP_BLINDING 136 #define RSA_F_RSA_SIGN 117 #define RSA_F_RSA_SIGN_ASN1_OCTET_STRING 118 #define RSA_F_RSA_VERIFY 119 @@ -386,6 +432,8 @@ void ERR_load_RSA_strings(void); #define RSA_R_IQMP_NOT_INVERSE_OF_Q 126 #define RSA_R_KEY_SIZE_TOO_SMALL 120 #define RSA_R_LAST_OCTET_INVALID 134 +#define RSA_R_MODULUS_TOO_LARGE 105 +#define RSA_R_NO_PUBLIC_EXPONENT 140 #define RSA_R_NULL_BEFORE_BLOCK_MISSING 113 #define RSA_R_N_DOES_NOT_EQUAL_P_Q 127 #define RSA_R_OAEP_DECODING_ERROR 121 diff --git a/src/lib/libssl/src/crypto/rsa/rsa_asn1.c b/src/lib/libssl/src/crypto/rsa/rsa_asn1.c index 1455a7e0e4..bbbf26d50e 100644 --- a/src/lib/libssl/src/crypto/rsa/rsa_asn1.c +++ b/src/lib/libssl/src/crypto/rsa/rsa_asn1.c @@ -63,10 +63,10 @@ #include static ASN1_METHOD method={ - (int (*)()) i2d_RSAPrivateKey, - (char *(*)())d2i_RSAPrivateKey, - (char *(*)())RSA_new, - (void (*)()) RSA_free}; + (I2D_OF(void)) i2d_RSAPrivateKey, + (D2I_OF(void)) d2i_RSAPrivateKey, + (void *(*)(void)) RSA_new, + (void (*)(void *)) RSA_free}; ASN1_METHOD *RSAPrivateKey_asn1_meth(void) { diff --git a/src/lib/libssl/src/crypto/rsa/rsa_chk.c b/src/lib/libssl/src/crypto/rsa/rsa_chk.c index 002f2cb487..9d848db8c6 100644 --- a/src/lib/libssl/src/crypto/rsa/rsa_chk.c +++ b/src/lib/libssl/src/crypto/rsa/rsa_chk.c @@ -75,7 +75,7 @@ int RSA_check_key(const RSA *key) } /* p prime? */ - r = BN_is_prime(key->p, BN_prime_checks, NULL, NULL, NULL); + r = BN_is_prime_ex(key->p, BN_prime_checks, NULL, NULL); if (r != 1) { ret = r; @@ -85,7 +85,7 @@ int RSA_check_key(const RSA *key) } /* q prime? */ - r = BN_is_prime(key->q, BN_prime_checks, NULL, NULL, NULL); + r = BN_is_prime_ex(key->q, BN_prime_checks, NULL, NULL); if (r != 1) { ret = r; diff --git a/src/lib/libssl/src/crypto/rsa/rsa_eay.c b/src/lib/libssl/src/crypto/rsa/rsa_eay.c index be4ac96ce3..ffadaab9a4 100644 --- a/src/lib/libssl/src/crypto/rsa/rsa_eay.c +++ b/src/lib/libssl/src/crypto/rsa/rsa_eay.c @@ -56,7 +56,7 @@ * [including the GNU Public Licence.] */ /* ==================================================================== - * Copyright (c) 1998-2005 The OpenSSL Project. All rights reserved. + * Copyright (c) 1998-2006 The OpenSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -115,7 +115,7 @@ #include #include -#if !defined(RSA_NULL) && !defined(OPENSSL_FIPS) +#ifndef RSA_NULL static int RSA_eay_public_encrypt(int flen, const unsigned char *from, unsigned char *to, RSA *rsa,int padding); @@ -125,7 +125,7 @@ static int RSA_eay_public_decrypt(int flen, const unsigned char *from, unsigned char *to, RSA *rsa,int padding); static int RSA_eay_private_decrypt(int flen, const unsigned char *from, unsigned char *to, RSA *rsa,int padding); -static int RSA_eay_mod_exp(BIGNUM *r0, const BIGNUM *i, RSA *rsa); +static int RSA_eay_mod_exp(BIGNUM *r0, const BIGNUM *i, RSA *rsa, BN_CTX *ctx); static int RSA_eay_init(RSA *rsa); static int RSA_eay_finish(RSA *rsa); static RSA_METHOD rsa_pkcs1_eay_meth={ @@ -141,7 +141,8 @@ static RSA_METHOD rsa_pkcs1_eay_meth={ 0, /* flags */ NULL, 0, /* rsa_sign */ - 0 /* rsa_verify */ + 0, /* rsa_verify */ + NULL /* rsa_keygen */ }; const RSA_METHOD *RSA_PKCS1_SSLeay(void) @@ -149,19 +150,53 @@ const RSA_METHOD *RSA_PKCS1_SSLeay(void) return(&rsa_pkcs1_eay_meth); } +/* Usage example; + * MONT_HELPER(rsa->_method_mod_p, bn_ctx, rsa->p, rsa->flags & RSA_FLAG_CACHE_PRIVATE, goto err); + */ +#define MONT_HELPER(method_mod, ctx, m, pre_cond, err_instr) \ + if ((pre_cond) && ((method_mod) == NULL) && \ + !BN_MONT_CTX_set_locked(&(method_mod), \ + CRYPTO_LOCK_RSA, \ + (m), (ctx))) \ + err_instr + static int RSA_eay_public_encrypt(int flen, const unsigned char *from, unsigned char *to, RSA *rsa, int padding) { - BIGNUM f,ret; + BIGNUM *f,*ret; int i,j,k,num=0,r= -1; unsigned char *buf=NULL; BN_CTX *ctx=NULL; - BN_init(&f); - BN_init(&ret); + if (BN_num_bits(rsa->n) > OPENSSL_RSA_MAX_MODULUS_BITS) + { + RSAerr(RSA_F_RSA_EAY_PUBLIC_ENCRYPT, RSA_R_MODULUS_TOO_LARGE); + return -1; + } + + if (BN_ucmp(rsa->n, rsa->e) <= 0) + { + RSAerr(RSA_F_RSA_EAY_PUBLIC_ENCRYPT, RSA_R_BAD_E_VALUE); + return -1; + } + + /* for large moduli, enforce exponent limit */ + if (BN_num_bits(rsa->n) > OPENSSL_RSA_SMALL_MODULUS_BITS) + { + if (BN_num_bits(rsa->e) > OPENSSL_RSA_MAX_PUBEXP_BITS) + { + RSAerr(RSA_F_RSA_EAY_PUBLIC_ENCRYPT, RSA_R_BAD_E_VALUE); + return -1; + } + } + if ((ctx=BN_CTX_new()) == NULL) goto err; + BN_CTX_start(ctx); + f = BN_CTX_get(ctx); + ret = BN_CTX_get(ctx); num=BN_num_bytes(rsa->n); - if ((buf=(unsigned char *)OPENSSL_malloc(num)) == NULL) + buf = OPENSSL_malloc(num); + if (!f || !ret || !buf) { RSAerr(RSA_F_RSA_EAY_PUBLIC_ENCRYPT,ERR_R_MALLOC_FAILURE); goto err; @@ -189,37 +224,34 @@ static int RSA_eay_public_encrypt(int flen, const unsigned char *from, } if (i <= 0) goto err; - if (BN_bin2bn(buf,num,&f) == NULL) goto err; + if (BN_bin2bn(buf,num,f) == NULL) goto err; - if (BN_ucmp(&f, rsa->n) >= 0) - { + if (BN_ucmp(f, rsa->n) >= 0) + { /* usually the padding functions would catch this */ RSAerr(RSA_F_RSA_EAY_PUBLIC_ENCRYPT,RSA_R_DATA_TOO_LARGE_FOR_MODULUS); goto err; } - if (rsa->flags & RSA_FLAG_CACHE_PUBLIC) - { - if (!BN_MONT_CTX_set_locked(&rsa->_method_mod_n, - CRYPTO_LOCK_RSA, rsa->n, ctx)) - goto err; - } + MONT_HELPER(rsa->_method_mod_n, ctx, rsa->n, rsa->flags & RSA_FLAG_CACHE_PUBLIC, goto err); - if (!rsa->meth->bn_mod_exp(&ret,&f,rsa->e,rsa->n,ctx, + if (!rsa->meth->bn_mod_exp(ret,f,rsa->e,rsa->n,ctx, rsa->_method_mod_n)) goto err; /* put in leading 0 bytes if the number is less than the * length of the modulus */ - j=BN_num_bytes(&ret); - i=BN_bn2bin(&ret,&(to[num-j])); + j=BN_num_bytes(ret); + i=BN_bn2bin(ret,&(to[num-j])); for (k=0; k<(num-i); k++) to[k]=0; r=num; err: - if (ctx != NULL) BN_CTX_free(ctx); - BN_clear_free(&f); - BN_clear_free(&ret); + if (ctx != NULL) + { + BN_CTX_end(ctx); + BN_CTX_free(ctx); + } if (buf != NULL) { OPENSSL_cleanse(buf,num); @@ -228,76 +260,115 @@ err: return(r); } -static int rsa_eay_blinding(RSA *rsa, BN_CTX *ctx) - { - int ret = 1; - CRYPTO_w_lock(CRYPTO_LOCK_RSA); - /* Check again inside the lock - the macro's check is racey */ - if(rsa->blinding == NULL) - ret = RSA_blinding_on(rsa, ctx); - CRYPTO_w_unlock(CRYPTO_LOCK_RSA); - return ret; - } +static BN_BLINDING *rsa_get_blinding(RSA *rsa, int *local, BN_CTX *ctx) +{ + BN_BLINDING *ret; + int got_write_lock = 0; -#define BLINDING_HELPER(rsa, ctx, err_instr) \ - do { \ - if((!((rsa)->flags & RSA_FLAG_NO_BLINDING)) && \ - ((rsa)->blinding == NULL) && \ - !rsa_eay_blinding(rsa, ctx)) \ - err_instr \ - } while(0) + CRYPTO_r_lock(CRYPTO_LOCK_RSA); -static BN_BLINDING *setup_blinding(RSA *rsa, BN_CTX *ctx) - { - BIGNUM *A, *Ai; - BN_BLINDING *ret = NULL; + if (rsa->blinding == NULL) + { + CRYPTO_r_unlock(CRYPTO_LOCK_RSA); + CRYPTO_w_lock(CRYPTO_LOCK_RSA); + got_write_lock = 1; - /* added in OpenSSL 0.9.6j and 0.9.7b */ + if (rsa->blinding == NULL) + rsa->blinding = RSA_setup_blinding(rsa, ctx); + } - /* NB: similar code appears in RSA_blinding_on (rsa_lib.c); - * this should be placed in a new function of its own, but for reasons - * of binary compatibility can't */ + ret = rsa->blinding; + if (ret == NULL) + goto err; - BN_CTX_start(ctx); - A = BN_CTX_get(ctx); - if ((RAND_status() == 0) && rsa->d != NULL && rsa->d->d != NULL) + if (BN_BLINDING_get_thread_id(ret) == CRYPTO_thread_id()) { - /* if PRNG is not properly seeded, resort to secret exponent as unpredictable seed */ - RAND_add(rsa->d->d, rsa->d->dmax * sizeof rsa->d->d[0], 0); - if (!BN_pseudo_rand_range(A,rsa->n)) goto err; + /* rsa->blinding is ours! */ + + *local = 1; } else { - if (!BN_rand_range(A,rsa->n)) goto err; + /* resort to rsa->mt_blinding instead */ + + *local = 0; /* instructs rsa_blinding_convert(), rsa_blinding_invert() + * that the BN_BLINDING is shared, meaning that accesses + * require locks, and that the blinding factor must be + * stored outside the BN_BLINDING + */ + + if (rsa->mt_blinding == NULL) + { + if (!got_write_lock) + { + CRYPTO_r_unlock(CRYPTO_LOCK_RSA); + CRYPTO_w_lock(CRYPTO_LOCK_RSA); + got_write_lock = 1; + } + + if (rsa->mt_blinding == NULL) + rsa->mt_blinding = RSA_setup_blinding(rsa, ctx); + } + ret = rsa->mt_blinding; } - if ((Ai=BN_mod_inverse(NULL,A,rsa->n,ctx)) == NULL) goto err; - if (!rsa->meth->bn_mod_exp(A,A,rsa->e,rsa->n,ctx,rsa->_method_mod_n)) - goto err; - ret = BN_BLINDING_new(A,Ai,rsa->n); - BN_free(Ai); -err: - BN_CTX_end(ctx); + err: + if (got_write_lock) + CRYPTO_w_unlock(CRYPTO_LOCK_RSA); + else + CRYPTO_r_unlock(CRYPTO_LOCK_RSA); return ret; - } +} + +static int rsa_blinding_convert(BN_BLINDING *b, int local, BIGNUM *f, + BIGNUM *r, BN_CTX *ctx) +{ + if (local) + return BN_BLINDING_convert_ex(f, NULL, b, ctx); + else + { + int ret; + CRYPTO_r_lock(CRYPTO_LOCK_RSA_BLINDING); + ret = BN_BLINDING_convert_ex(f, r, b, ctx); + CRYPTO_r_unlock(CRYPTO_LOCK_RSA_BLINDING); + return ret; + } +} + +static int rsa_blinding_invert(BN_BLINDING *b, int local, BIGNUM *f, + BIGNUM *r, BN_CTX *ctx) +{ + if (local) + return BN_BLINDING_invert_ex(f, NULL, b, ctx); + else + { + int ret; + CRYPTO_w_lock(CRYPTO_LOCK_RSA_BLINDING); + ret = BN_BLINDING_invert_ex(f, r, b, ctx); + CRYPTO_w_unlock(CRYPTO_LOCK_RSA_BLINDING); + return ret; + } +} /* signing */ static int RSA_eay_private_encrypt(int flen, const unsigned char *from, unsigned char *to, RSA *rsa, int padding) { - BIGNUM f,ret, *res; + BIGNUM *f, *ret, *br, *res; int i,j,k,num=0,r= -1; unsigned char *buf=NULL; BN_CTX *ctx=NULL; int local_blinding = 0; BN_BLINDING *blinding = NULL; - BN_init(&f); - BN_init(&ret); - if ((ctx=BN_CTX_new()) == NULL) goto err; - num=BN_num_bytes(rsa->n); - if ((buf=(unsigned char *)OPENSSL_malloc(num)) == NULL) + BN_CTX_start(ctx); + f = BN_CTX_get(ctx); + br = BN_CTX_get(ctx); + ret = BN_CTX_get(ctx); + num = BN_num_bytes(rsa->n); + buf = OPENSSL_malloc(num); + if(!f || !ret || !buf) { RSAerr(RSA_F_RSA_EAY_PRIVATE_ENCRYPT,ERR_R_MALLOC_FAILURE); goto err; @@ -308,6 +379,9 @@ static int RSA_eay_private_encrypt(int flen, const unsigned char *from, case RSA_PKCS1_PADDING: i=RSA_padding_add_PKCS1_type_1(buf,num,from,flen); break; + case RSA_X931_PADDING: + i=RSA_padding_add_X931(buf,num,from,flen); + break; case RSA_NO_PADDING: i=RSA_padding_add_none(buf,num,from,flen); break; @@ -318,26 +392,18 @@ static int RSA_eay_private_encrypt(int flen, const unsigned char *from, } if (i <= 0) goto err; - if (BN_bin2bn(buf,num,&f) == NULL) goto err; + if (BN_bin2bn(buf,num,f) == NULL) goto err; - if (BN_ucmp(&f, rsa->n) >= 0) + if (BN_ucmp(f, rsa->n) >= 0) { /* usually the padding functions would catch this */ RSAerr(RSA_F_RSA_EAY_PRIVATE_ENCRYPT,RSA_R_DATA_TOO_LARGE_FOR_MODULUS); goto err; } - BLINDING_HELPER(rsa, ctx, goto err;); - blinding = rsa->blinding; - - /* Now unless blinding is disabled, 'blinding' is non-NULL. - * But the BN_BLINDING object may be owned by some other thread - * (we don't want to keep it constant and we don't want to use - * lots of locking to avoid race conditions, so only a single - * thread can use it; other threads have to use local blinding - * factors) */ if (!(rsa->flags & RSA_FLAG_NO_BLINDING)) { + blinding = rsa_get_blinding(rsa, &local_blinding, ctx); if (blinding == NULL) { RSAerr(RSA_F_RSA_EAY_PRIVATE_ENCRYPT, ERR_R_INTERNAL_ERROR); @@ -346,20 +412,8 @@ static int RSA_eay_private_encrypt(int flen, const unsigned char *from, } if (blinding != NULL) - { - if (blinding->thread_id != CRYPTO_thread_id()) - { - /* we need a local one-time blinding factor */ - - blinding = setup_blinding(rsa, ctx); - if (blinding == NULL) - goto err; - local_blinding = 1; - } - } - - if (blinding) - if (!BN_BLINDING_convert(&f, blinding, ctx)) goto err; + if (!rsa_blinding_convert(blinding, local_blinding, f, br, ctx)) + goto err; if ( (rsa->flags & RSA_FLAG_EXT_PKEY) || ((rsa->p != NULL) && @@ -368,37 +422,42 @@ static int RSA_eay_private_encrypt(int flen, const unsigned char *from, (rsa->dmq1 != NULL) && (rsa->iqmp != NULL)) ) { - if (!rsa->meth->rsa_mod_exp(&ret,&f,rsa)) goto err; + if (!rsa->meth->rsa_mod_exp(ret, f, rsa, ctx)) goto err; } else { BIGNUM local_d; BIGNUM *d = NULL; - if (!(rsa->flags & RSA_FLAG_NO_EXP_CONSTTIME)) + if (!(rsa->flags & RSA_FLAG_NO_CONSTTIME)) { BN_init(&local_d); d = &local_d; - BN_with_flags(d, rsa->d, BN_FLG_EXP_CONSTTIME); + BN_with_flags(d, rsa->d, BN_FLG_CONSTTIME); } else - d = rsa->d; - if (!rsa->meth->bn_mod_exp(&ret,&f,d,rsa->n,ctx,NULL)) goto err; + d= rsa->d; + + MONT_HELPER(rsa->_method_mod_n, ctx, rsa->n, rsa->flags & RSA_FLAG_CACHE_PUBLIC, goto err); + + if (!rsa->meth->bn_mod_exp(ret,f,d,rsa->n,ctx, + rsa->_method_mod_n)) goto err; } if (blinding) - if (!BN_BLINDING_invert(&ret, blinding, ctx)) goto err; + if (!rsa_blinding_invert(blinding, local_blinding, ret, br, ctx)) + goto err; if (padding == RSA_X931_PADDING) { - BN_sub(&f, rsa->n, &ret); - if (BN_cmp(&ret, &f)) - res = &f; + BN_sub(f, rsa->n, ret); + if (BN_cmp(ret, f)) + res = f; else - res = &ret; + res = ret; } else - res = &ret; + res = ret; /* put in leading 0 bytes if the number is less than the * length of the modulus */ @@ -409,11 +468,11 @@ static int RSA_eay_private_encrypt(int flen, const unsigned char *from, r=num; err: - if (ctx != NULL) BN_CTX_free(ctx); - BN_clear_free(&ret); - BN_clear_free(&f); - if (local_blinding) - BN_BLINDING_free(blinding); + if (ctx != NULL) + { + BN_CTX_end(ctx); + BN_CTX_free(ctx); + } if (buf != NULL) { OPENSSL_cleanse(buf,num); @@ -425,7 +484,7 @@ err: static int RSA_eay_private_decrypt(int flen, const unsigned char *from, unsigned char *to, RSA *rsa, int padding) { - BIGNUM f,ret; + BIGNUM *f, *ret, *br; int j,num=0,r= -1; unsigned char *p; unsigned char *buf=NULL; @@ -433,14 +492,14 @@ static int RSA_eay_private_decrypt(int flen, const unsigned char *from, int local_blinding = 0; BN_BLINDING *blinding = NULL; - BN_init(&f); - BN_init(&ret); - ctx=BN_CTX_new(); - if (ctx == NULL) goto err; - - num=BN_num_bytes(rsa->n); - - if ((buf=(unsigned char *)OPENSSL_malloc(num)) == NULL) + if((ctx = BN_CTX_new()) == NULL) goto err; + BN_CTX_start(ctx); + f = BN_CTX_get(ctx); + br = BN_CTX_get(ctx); + ret = BN_CTX_get(ctx); + num = BN_num_bytes(rsa->n); + buf = OPENSSL_malloc(num); + if(!f || !ret || !buf) { RSAerr(RSA_F_RSA_EAY_PRIVATE_DECRYPT,ERR_R_MALLOC_FAILURE); goto err; @@ -455,25 +514,17 @@ static int RSA_eay_private_decrypt(int flen, const unsigned char *from, } /* make data into a big number */ - if (BN_bin2bn(from,(int)flen,&f) == NULL) goto err; + if (BN_bin2bn(from,(int)flen,f) == NULL) goto err; - if (BN_ucmp(&f, rsa->n) >= 0) + if (BN_ucmp(f, rsa->n) >= 0) { RSAerr(RSA_F_RSA_EAY_PRIVATE_DECRYPT,RSA_R_DATA_TOO_LARGE_FOR_MODULUS); goto err; } - BLINDING_HELPER(rsa, ctx, goto err;); - blinding = rsa->blinding; - - /* Now unless blinding is disabled, 'blinding' is non-NULL. - * But the BN_BLINDING object may be owned by some other thread - * (we don't want to keep it constant and we don't want to use - * lots of locking to avoid race conditions, so only a single - * thread can use it; other threads have to use local blinding - * factors) */ if (!(rsa->flags & RSA_FLAG_NO_BLINDING)) { + blinding = rsa_get_blinding(rsa, &local_blinding, ctx); if (blinding == NULL) { RSAerr(RSA_F_RSA_EAY_PRIVATE_DECRYPT, ERR_R_INTERNAL_ERROR); @@ -482,20 +533,8 @@ static int RSA_eay_private_decrypt(int flen, const unsigned char *from, } if (blinding != NULL) - { - if (blinding->thread_id != CRYPTO_thread_id()) - { - /* we need a local one-time blinding factor */ - - blinding = setup_blinding(rsa, ctx); - if (blinding == NULL) - goto err; - local_blinding = 1; - } - } - - if (blinding) - if (!BN_BLINDING_convert(&f, blinding, ctx)) goto err; + if (!rsa_blinding_convert(blinding, local_blinding, f, br, ctx)) + goto err; /* do the decrypt */ if ( (rsa->flags & RSA_FLAG_EXT_PKEY) || @@ -505,29 +544,33 @@ static int RSA_eay_private_decrypt(int flen, const unsigned char *from, (rsa->dmq1 != NULL) && (rsa->iqmp != NULL)) ) { - if (!rsa->meth->rsa_mod_exp(&ret,&f,rsa)) goto err; + if (!rsa->meth->rsa_mod_exp(ret, f, rsa, ctx)) goto err; } else { BIGNUM local_d; BIGNUM *d = NULL; - if (!(rsa->flags & RSA_FLAG_NO_EXP_CONSTTIME)) + if (!(rsa->flags & RSA_FLAG_NO_CONSTTIME)) { d = &local_d; - BN_with_flags(d, rsa->d, BN_FLG_EXP_CONSTTIME); + BN_with_flags(d, rsa->d, BN_FLG_CONSTTIME); } else d = rsa->d; - if (!rsa->meth->bn_mod_exp(&ret,&f,d,rsa->n,ctx,NULL)) - goto err; + + MONT_HELPER(rsa->_method_mod_n, ctx, rsa->n, rsa->flags & RSA_FLAG_CACHE_PUBLIC, goto err); + if (!rsa->meth->bn_mod_exp(ret,f,d,rsa->n,ctx, + rsa->_method_mod_n)) + goto err; } if (blinding) - if (!BN_BLINDING_invert(&ret, blinding, ctx)) goto err; + if (!rsa_blinding_invert(blinding, local_blinding, ret, br, ctx)) + goto err; p=buf; - j=BN_bn2bin(&ret,p); /* j is only used with no-padding mode */ + j=BN_bn2bin(ret,p); /* j is only used with no-padding mode */ switch (padding) { @@ -553,11 +596,11 @@ static int RSA_eay_private_decrypt(int flen, const unsigned char *from, RSAerr(RSA_F_RSA_EAY_PRIVATE_DECRYPT,RSA_R_PADDING_CHECK_FAILED); err: - if (ctx != NULL) BN_CTX_free(ctx); - BN_clear_free(&f); - BN_clear_free(&ret); - if (local_blinding) - BN_BLINDING_free(blinding); + if (ctx != NULL) + { + BN_CTX_end(ctx); + BN_CTX_free(ctx); + } if (buf != NULL) { OPENSSL_cleanse(buf,num); @@ -570,20 +613,41 @@ err: static int RSA_eay_public_decrypt(int flen, const unsigned char *from, unsigned char *to, RSA *rsa, int padding) { - BIGNUM f,ret; + BIGNUM *f,*ret; int i,num=0,r= -1; unsigned char *p; unsigned char *buf=NULL; BN_CTX *ctx=NULL; - BN_init(&f); - BN_init(&ret); - ctx=BN_CTX_new(); - if (ctx == NULL) goto err; + if (BN_num_bits(rsa->n) > OPENSSL_RSA_MAX_MODULUS_BITS) + { + RSAerr(RSA_F_RSA_EAY_PUBLIC_DECRYPT, RSA_R_MODULUS_TOO_LARGE); + return -1; + } + if (BN_ucmp(rsa->n, rsa->e) <= 0) + { + RSAerr(RSA_F_RSA_EAY_PUBLIC_DECRYPT, RSA_R_BAD_E_VALUE); + return -1; + } + + /* for large moduli, enforce exponent limit */ + if (BN_num_bits(rsa->n) > OPENSSL_RSA_SMALL_MODULUS_BITS) + { + if (BN_num_bits(rsa->e) > OPENSSL_RSA_MAX_PUBEXP_BITS) + { + RSAerr(RSA_F_RSA_EAY_PUBLIC_DECRYPT, RSA_R_BAD_E_VALUE); + return -1; + } + } + + if((ctx = BN_CTX_new()) == NULL) goto err; + BN_CTX_start(ctx); + f = BN_CTX_get(ctx); + ret = BN_CTX_get(ctx); num=BN_num_bytes(rsa->n); - buf=(unsigned char *)OPENSSL_malloc(num); - if (buf == NULL) + buf = OPENSSL_malloc(num); + if(!f || !ret || !buf) { RSAerr(RSA_F_RSA_EAY_PUBLIC_DECRYPT,ERR_R_MALLOC_FAILURE); goto err; @@ -597,37 +661,33 @@ static int RSA_eay_public_decrypt(int flen, const unsigned char *from, goto err; } - if (BN_bin2bn(from,flen,&f) == NULL) goto err; + if (BN_bin2bn(from,flen,f) == NULL) goto err; - if (BN_ucmp(&f, rsa->n) >= 0) + if (BN_ucmp(f, rsa->n) >= 0) { RSAerr(RSA_F_RSA_EAY_PUBLIC_DECRYPT,RSA_R_DATA_TOO_LARGE_FOR_MODULUS); goto err; } - /* do the decrypt */ - - if (rsa->flags & RSA_FLAG_CACHE_PUBLIC) - { - if (!BN_MONT_CTX_set_locked(&rsa->_method_mod_n, - CRYPTO_LOCK_RSA, rsa->n, ctx)) - goto err; - } + MONT_HELPER(rsa->_method_mod_n, ctx, rsa->n, rsa->flags & RSA_FLAG_CACHE_PUBLIC, goto err); - if (!rsa->meth->bn_mod_exp(&ret,&f,rsa->e,rsa->n,ctx, + if (!rsa->meth->bn_mod_exp(ret,f,rsa->e,rsa->n,ctx, rsa->_method_mod_n)) goto err; - if ((padding == RSA_X931_PADDING) && ((ret.d[0] & 0xf) != 12)) - BN_sub(&ret, rsa->n, &ret); + if ((padding == RSA_X931_PADDING) && ((ret->d[0] & 0xf) != 12)) + BN_sub(ret, rsa->n, ret); p=buf; - i=BN_bn2bin(&ret,p); + i=BN_bn2bin(ret,p); switch (padding) { case RSA_PKCS1_PADDING: r=RSA_padding_check_PKCS1_type_1(to,num,buf,i,num); break; + case RSA_X931_PADDING: + r=RSA_padding_check_X931(to,num,buf,i,num); + break; case RSA_NO_PADDING: r=RSA_padding_check_none(to,num,buf,i,num); break; @@ -639,9 +699,11 @@ static int RSA_eay_public_decrypt(int flen, const unsigned char *from, RSAerr(RSA_F_RSA_EAY_PUBLIC_DECRYPT,RSA_R_PADDING_CHECK_FAILED); err: - if (ctx != NULL) BN_CTX_free(ctx); - BN_clear_free(&f); - BN_clear_free(&ret); + if (ctx != NULL) + { + BN_CTX_end(ctx); + BN_CTX_free(ctx); + } if (buf != NULL) { OPENSSL_cleanse(buf,num); @@ -650,59 +712,111 @@ err: return(r); } -static int RSA_eay_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa) +static int RSA_eay_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa, BN_CTX *ctx) { - BIGNUM r1,m1,vrfy; - BIGNUM local_dmp1, local_dmq1; - BIGNUM *dmp1, *dmq1; + BIGNUM *r1,*m1,*vrfy; + BIGNUM local_dmp1,local_dmq1,local_c,local_r1; + BIGNUM *dmp1,*dmq1,*c,*pr1; int ret=0; - BN_CTX *ctx; - BN_init(&m1); - BN_init(&r1); - BN_init(&vrfy); - if ((ctx=BN_CTX_new()) == NULL) goto err; + BN_CTX_start(ctx); + r1 = BN_CTX_get(ctx); + m1 = BN_CTX_get(ctx); + vrfy = BN_CTX_get(ctx); + + { + BIGNUM local_p, local_q; + BIGNUM *p = NULL, *q = NULL; + + /* Make sure BN_mod_inverse in Montgomery intialization uses the + * BN_FLG_CONSTTIME flag (unless RSA_FLAG_NO_CONSTTIME is set) + */ + if (!(rsa->flags & RSA_FLAG_NO_CONSTTIME)) + { + BN_init(&local_p); + p = &local_p; + BN_with_flags(p, rsa->p, BN_FLG_CONSTTIME); + + BN_init(&local_q); + q = &local_q; + BN_with_flags(q, rsa->q, BN_FLG_CONSTTIME); + } + else + { + p = rsa->p; + q = rsa->q; + } + + MONT_HELPER(rsa->_method_mod_p, ctx, p, rsa->flags & RSA_FLAG_CACHE_PRIVATE, goto err); + MONT_HELPER(rsa->_method_mod_q, ctx, q, rsa->flags & RSA_FLAG_CACHE_PRIVATE, goto err); + } + + MONT_HELPER(rsa->_method_mod_n, ctx, rsa->n, rsa->flags & RSA_FLAG_CACHE_PUBLIC, goto err); - if (rsa->flags & RSA_FLAG_CACHE_PRIVATE) + /* compute I mod q */ + if (!(rsa->flags & RSA_FLAG_NO_CONSTTIME)) { - if (!BN_MONT_CTX_set_locked(&rsa->_method_mod_p, - CRYPTO_LOCK_RSA, rsa->p, ctx)) - goto err; - if (!BN_MONT_CTX_set_locked(&rsa->_method_mod_q, - CRYPTO_LOCK_RSA, rsa->q, ctx)) - goto err; + c = &local_c; + BN_with_flags(c, I, BN_FLG_CONSTTIME); + if (!BN_mod(r1,c,rsa->q,ctx)) goto err; + } + else + { + if (!BN_mod(r1,I,rsa->q,ctx)) goto err; } - if (!BN_mod(&r1,I,rsa->q,ctx)) goto err; - if (!(rsa->flags & RSA_FLAG_NO_EXP_CONSTTIME)) + /* compute r1^dmq1 mod q */ + if (!(rsa->flags & RSA_FLAG_NO_CONSTTIME)) { dmq1 = &local_dmq1; - BN_with_flags(dmq1, rsa->dmq1, BN_FLG_EXP_CONSTTIME); + BN_with_flags(dmq1, rsa->dmq1, BN_FLG_CONSTTIME); } else dmq1 = rsa->dmq1; - if (!rsa->meth->bn_mod_exp(&m1,&r1,dmq1,rsa->q,ctx, + if (!rsa->meth->bn_mod_exp(m1,r1,dmq1,rsa->q,ctx, rsa->_method_mod_q)) goto err; - if (!BN_mod(&r1,I,rsa->p,ctx)) goto err; - if (!(rsa->flags & RSA_FLAG_NO_EXP_CONSTTIME)) + /* compute I mod p */ + if (!(rsa->flags & RSA_FLAG_NO_CONSTTIME)) + { + c = &local_c; + BN_with_flags(c, I, BN_FLG_CONSTTIME); + if (!BN_mod(r1,c,rsa->p,ctx)) goto err; + } + else + { + if (!BN_mod(r1,I,rsa->p,ctx)) goto err; + } + + /* compute r1^dmp1 mod p */ + if (!(rsa->flags & RSA_FLAG_NO_CONSTTIME)) { dmp1 = &local_dmp1; - BN_with_flags(dmp1, rsa->dmp1, BN_FLG_EXP_CONSTTIME); + BN_with_flags(dmp1, rsa->dmp1, BN_FLG_CONSTTIME); } else dmp1 = rsa->dmp1; - if (!rsa->meth->bn_mod_exp(r0,&r1,dmp1,rsa->p,ctx, + if (!rsa->meth->bn_mod_exp(r0,r1,dmp1,rsa->p,ctx, rsa->_method_mod_p)) goto err; - if (!BN_sub(r0,r0,&m1)) goto err; + if (!BN_sub(r0,r0,m1)) goto err; /* This will help stop the size of r0 increasing, which does * affect the multiply if it optimised for a power of 2 size */ - if (r0->neg) + if (BN_is_negative(r0)) if (!BN_add(r0,r0,rsa->p)) goto err; - if (!BN_mul(&r1,r0,rsa->iqmp,ctx)) goto err; - if (!BN_mod(r0,&r1,rsa->p,ctx)) goto err; + if (!BN_mul(r1,r0,rsa->iqmp,ctx)) goto err; + + /* Turn BN_FLG_CONSTTIME flag on before division operation */ + if (!(rsa->flags & RSA_FLAG_NO_CONSTTIME)) + { + pr1 = &local_r1; + BN_with_flags(pr1, r1, BN_FLG_CONSTTIME); + } + else + pr1 = r1; + if (!BN_mod(r0,pr1,rsa->p,ctx)) goto err; + /* If p < q it is occasionally possible for the correction of * adding 'p' if r0 is negative above to leave the result still * negative. This can break the private key operations: the following @@ -710,23 +824,23 @@ static int RSA_eay_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa) * This will *never* happen with OpenSSL generated keys because * they ensure p > q [steve] */ - if (r0->neg) + if (BN_is_negative(r0)) if (!BN_add(r0,r0,rsa->p)) goto err; - if (!BN_mul(&r1,r0,rsa->q,ctx)) goto err; - if (!BN_add(r0,&r1,&m1)) goto err; + if (!BN_mul(r1,r0,rsa->q,ctx)) goto err; + if (!BN_add(r0,r1,m1)) goto err; if (rsa->e && rsa->n) { - if (!rsa->meth->bn_mod_exp(&vrfy,r0,rsa->e,rsa->n,ctx,NULL)) goto err; + if (!rsa->meth->bn_mod_exp(vrfy,r0,rsa->e,rsa->n,ctx,rsa->_method_mod_n)) goto err; /* If 'I' was greater than (or equal to) rsa->n, the operation * will be equivalent to using 'I mod n'. However, the result of * the verify will *always* be less than 'n' so we don't check * for absolute equality, just congruency. */ - if (!BN_sub(&vrfy, &vrfy, I)) goto err; - if (!BN_mod(&vrfy, &vrfy, rsa->n, ctx)) goto err; - if (vrfy.neg) - if (!BN_add(&vrfy, &vrfy, rsa->n)) goto err; - if (!BN_is_zero(&vrfy)) + if (!BN_sub(vrfy, vrfy, I)) goto err; + if (!BN_mod(vrfy, vrfy, rsa->n, ctx)) goto err; + if (BN_is_negative(vrfy)) + if (!BN_add(vrfy, vrfy, rsa->n)) goto err; + if (!BN_is_zero(vrfy)) { /* 'I' and 'vrfy' aren't congruent mod n. Don't leak * miscalculated CRT output, just do a raw (slower) @@ -735,22 +849,20 @@ static int RSA_eay_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa) BIGNUM local_d; BIGNUM *d = NULL; - if (!(rsa->flags & RSA_FLAG_NO_EXP_CONSTTIME)) + if (!(rsa->flags & RSA_FLAG_NO_CONSTTIME)) { d = &local_d; - BN_with_flags(d, rsa->d, BN_FLG_EXP_CONSTTIME); + BN_with_flags(d, rsa->d, BN_FLG_CONSTTIME); } else d = rsa->d; - if (!rsa->meth->bn_mod_exp(r0,I,d,rsa->n,ctx,NULL)) goto err; + if (!rsa->meth->bn_mod_exp(r0,I,d,rsa->n,ctx, + rsa->_method_mod_n)) goto err; } } ret=1; err: - BN_clear_free(&m1); - BN_clear_free(&r1); - BN_clear_free(&vrfy); - BN_CTX_free(ctx); + BN_CTX_end(ctx); return(ret); } diff --git a/src/lib/libssl/src/crypto/rsa/rsa_err.c b/src/lib/libssl/src/crypto/rsa/rsa_err.c index 2ec4b30ff7..fe3ba1b44b 100644 --- a/src/lib/libssl/src/crypto/rsa/rsa_err.c +++ b/src/lib/libssl/src/crypto/rsa/rsa_err.c @@ -71,14 +71,21 @@ static ERR_STRING_DATA RSA_str_functs[]= { {ERR_FUNC(RSA_F_MEMORY_LOCK), "MEMORY_LOCK"}, +{ERR_FUNC(RSA_F_RSA_BUILTIN_KEYGEN), "RSA_BUILTIN_KEYGEN"}, {ERR_FUNC(RSA_F_RSA_CHECK_KEY), "RSA_check_key"}, {ERR_FUNC(RSA_F_RSA_EAY_PRIVATE_DECRYPT), "RSA_EAY_PRIVATE_DECRYPT"}, {ERR_FUNC(RSA_F_RSA_EAY_PRIVATE_ENCRYPT), "RSA_EAY_PRIVATE_ENCRYPT"}, {ERR_FUNC(RSA_F_RSA_EAY_PUBLIC_DECRYPT), "RSA_EAY_PUBLIC_DECRYPT"}, {ERR_FUNC(RSA_F_RSA_EAY_PUBLIC_ENCRYPT), "RSA_EAY_PUBLIC_ENCRYPT"}, {ERR_FUNC(RSA_F_RSA_GENERATE_KEY), "RSA_generate_key"}, +{ERR_FUNC(RSA_F_RSA_MEMORY_LOCK), "RSA_memory_lock"}, {ERR_FUNC(RSA_F_RSA_NEW_METHOD), "RSA_new_method"}, {ERR_FUNC(RSA_F_RSA_NULL), "RSA_NULL"}, +{ERR_FUNC(RSA_F_RSA_NULL_MOD_EXP), "RSA_NULL_MOD_EXP"}, +{ERR_FUNC(RSA_F_RSA_NULL_PRIVATE_DECRYPT), "RSA_NULL_PRIVATE_DECRYPT"}, +{ERR_FUNC(RSA_F_RSA_NULL_PRIVATE_ENCRYPT), "RSA_NULL_PRIVATE_ENCRYPT"}, +{ERR_FUNC(RSA_F_RSA_NULL_PUBLIC_DECRYPT), "RSA_NULL_PUBLIC_DECRYPT"}, +{ERR_FUNC(RSA_F_RSA_NULL_PUBLIC_ENCRYPT), "RSA_NULL_PUBLIC_ENCRYPT"}, {ERR_FUNC(RSA_F_RSA_PADDING_ADD_NONE), "RSA_padding_add_none"}, {ERR_FUNC(RSA_F_RSA_PADDING_ADD_PKCS1_OAEP), "RSA_padding_add_PKCS1_OAEP"}, {ERR_FUNC(RSA_F_RSA_PADDING_ADD_PKCS1_PSS), "RSA_padding_add_PKCS1_PSS"}, @@ -94,6 +101,7 @@ static ERR_STRING_DATA RSA_str_functs[]= {ERR_FUNC(RSA_F_RSA_PADDING_CHECK_X931), "RSA_padding_check_X931"}, {ERR_FUNC(RSA_F_RSA_PRINT), "RSA_print"}, {ERR_FUNC(RSA_F_RSA_PRINT_FP), "RSA_print_fp"}, +{ERR_FUNC(RSA_F_RSA_SETUP_BLINDING), "RSA_setup_blinding"}, {ERR_FUNC(RSA_F_RSA_SIGN), "RSA_sign"}, {ERR_FUNC(RSA_F_RSA_SIGN_ASN1_OCTET_STRING), "RSA_sign_ASN1_OCTET_STRING"}, {ERR_FUNC(RSA_F_RSA_VERIFY), "RSA_verify"}, @@ -129,20 +137,22 @@ static ERR_STRING_DATA RSA_str_reasons[]= {ERR_REASON(RSA_R_IQMP_NOT_INVERSE_OF_Q) ,"iqmp not inverse of q"}, {ERR_REASON(RSA_R_KEY_SIZE_TOO_SMALL) ,"key size too small"}, {ERR_REASON(RSA_R_LAST_OCTET_INVALID) ,"last octet invalid"}, +{ERR_REASON(RSA_R_MODULUS_TOO_LARGE) ,"modulus too large"}, +{ERR_REASON(RSA_R_NO_PUBLIC_EXPONENT) ,"no public exponent"}, {ERR_REASON(RSA_R_NULL_BEFORE_BLOCK_MISSING),"null before block missing"}, {ERR_REASON(RSA_R_N_DOES_NOT_EQUAL_P_Q) ,"n does not equal p q"}, {ERR_REASON(RSA_R_OAEP_DECODING_ERROR) ,"oaep decoding error"}, -{ERR_REASON(RSA_R_SLEN_RECOVERY_FAILED) ,"salt length recovery failed"}, {ERR_REASON(RSA_R_PADDING_CHECK_FAILED) ,"padding check failed"}, {ERR_REASON(RSA_R_P_NOT_PRIME) ,"p not prime"}, {ERR_REASON(RSA_R_Q_NOT_PRIME) ,"q not prime"}, {ERR_REASON(RSA_R_RSA_OPERATIONS_NOT_SUPPORTED),"rsa operations not supported"}, +{ERR_REASON(RSA_R_SLEN_CHECK_FAILED) ,"salt length check failed"}, +{ERR_REASON(RSA_R_SLEN_RECOVERY_FAILED) ,"salt length recovery failed"}, {ERR_REASON(RSA_R_SSLV3_ROLLBACK_ATTACK) ,"sslv3 rollback attack"}, {ERR_REASON(RSA_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD),"the asn1 object identifier is not known for this md"}, {ERR_REASON(RSA_R_UNKNOWN_ALGORITHM_TYPE),"unknown algorithm type"}, {ERR_REASON(RSA_R_UNKNOWN_PADDING_TYPE) ,"unknown padding type"}, {ERR_REASON(RSA_R_WRONG_SIGNATURE_LENGTH),"wrong signature length"}, -{ERR_REASON(RSA_R_SLEN_CHECK_FAILED) ,"salt length check failed"}, {0,NULL} }; @@ -150,15 +160,12 @@ static ERR_STRING_DATA RSA_str_reasons[]= void ERR_load_RSA_strings(void) { - static int init=1; +#ifndef OPENSSL_NO_ERR - if (init) + if (ERR_func_error_string(RSA_str_functs[0].error) == NULL) { - init=0; -#ifndef OPENSSL_NO_ERR ERR_load_strings(0,RSA_str_functs); ERR_load_strings(0,RSA_str_reasons); -#endif - } +#endif } diff --git a/src/lib/libssl/src/crypto/rsa/rsa_gen.c b/src/lib/libssl/src/crypto/rsa/rsa_gen.c index dd1422cc98..767f7ab682 100644 --- a/src/lib/libssl/src/crypto/rsa/rsa_gen.c +++ b/src/lib/libssl/src/crypto/rsa/rsa_gen.c @@ -56,26 +56,42 @@ * [including the GNU Public Licence.] */ + +/* NB: these functions have been "upgraded", the deprecated versions (which are + * compatibility wrappers using these functions) are in rsa_depr.c. + * - Geoff + */ + #include #include #include "cryptlib.h" #include #include -#ifndef OPENSSL_FIPS +static int rsa_builtin_keygen(RSA *rsa, int bits, BIGNUM *e_value, BN_GENCB *cb); -RSA *RSA_generate_key(int bits, unsigned long e_value, - void (*callback)(int,int,void *), void *cb_arg) +/* NB: this wrapper would normally be placed in rsa_lib.c and the static + * implementation would probably be in rsa_eay.c. Nonetheless, is kept here so + * that we don't introduce a new linker dependency. Eg. any application that + * wasn't previously linking object code related to key-generation won't have to + * now just because key-generation is part of RSA_METHOD. */ +int RSA_generate_key_ex(RSA *rsa, int bits, BIGNUM *e_value, BN_GENCB *cb) + { + if(rsa->meth->rsa_keygen) + return rsa->meth->rsa_keygen(rsa, bits, e_value, cb); + return rsa_builtin_keygen(rsa, bits, e_value, cb); + } + +static int rsa_builtin_keygen(RSA *rsa, int bits, BIGNUM *e_value, BN_GENCB *cb) { - RSA *rsa=NULL; BIGNUM *r0=NULL,*r1=NULL,*r2=NULL,*r3=NULL,*tmp; - int bitsp,bitsq,ok= -1,n=0,i; - BN_CTX *ctx=NULL,*ctx2=NULL; + BIGNUM local_r0,local_d,local_p; + BIGNUM *pr0,*d,*p; + int bitsp,bitsq,ok= -1,n=0; + BN_CTX *ctx=NULL; ctx=BN_CTX_new(); if (ctx == NULL) goto err; - ctx2=BN_CTX_new(); - if (ctx2 == NULL) goto err; BN_CTX_start(ctx); r0 = BN_CTX_get(ctx); r1 = BN_CTX_get(ctx); @@ -85,49 +101,58 @@ RSA *RSA_generate_key(int bits, unsigned long e_value, bitsp=(bits+1)/2; bitsq=bits-bitsp; - rsa=RSA_new(); - if (rsa == NULL) goto err; - /* set e */ - rsa->e=BN_new(); - if (rsa->e == NULL) goto err; + /* We need the RSA components non-NULL */ + if(!rsa->n && ((rsa->n=BN_new()) == NULL)) goto err; + if(!rsa->d && ((rsa->d=BN_new()) == NULL)) goto err; + if(!rsa->e && ((rsa->e=BN_new()) == NULL)) goto err; + if(!rsa->p && ((rsa->p=BN_new()) == NULL)) goto err; + if(!rsa->q && ((rsa->q=BN_new()) == NULL)) goto err; + if(!rsa->dmp1 && ((rsa->dmp1=BN_new()) == NULL)) goto err; + if(!rsa->dmq1 && ((rsa->dmq1=BN_new()) == NULL)) goto err; + if(!rsa->iqmp && ((rsa->iqmp=BN_new()) == NULL)) goto err; -#if 1 - /* The problem is when building with 8, 16, or 32 BN_ULONG, - * unsigned long can be larger */ - for (i=0; ie,i); - } -#else - if (!BN_set_word(rsa->e,e_value)) goto err; -#endif + BN_copy(rsa->e, e_value); /* generate p and q */ for (;;) { - rsa->p=BN_generate_prime(NULL,bitsp,0,NULL,NULL,callback,cb_arg); - if (rsa->p == NULL) goto err; + if(!BN_generate_prime_ex(rsa->p, bitsp, 0, NULL, NULL, cb)) + goto err; if (!BN_sub(r2,rsa->p,BN_value_one())) goto err; if (!BN_gcd(r1,r2,rsa->e,ctx)) goto err; if (BN_is_one(r1)) break; - if (callback != NULL) callback(2,n++,cb_arg); - BN_free(rsa->p); + if(!BN_GENCB_call(cb, 2, n++)) + goto err; } - if (callback != NULL) callback(3,0,cb_arg); + if(!BN_GENCB_call(cb, 3, 0)) + goto err; for (;;) { - rsa->q=BN_generate_prime(NULL,bitsq,0,NULL,NULL,callback,cb_arg); - if (rsa->q == NULL) goto err; + /* When generating ridiculously small keys, we can get stuck + * continually regenerating the same prime values. Check for + * this and bail if it happens 3 times. */ + unsigned int degenerate = 0; + do + { + if(!BN_generate_prime_ex(rsa->q, bitsq, 0, NULL, NULL, cb)) + goto err; + } while((BN_cmp(rsa->p, rsa->q) == 0) && (++degenerate < 3)); + if(degenerate == 3) + { + ok = 0; /* we set our own err */ + RSAerr(RSA_F_RSA_BUILTIN_KEYGEN,RSA_R_KEY_SIZE_TOO_SMALL); + goto err; + } if (!BN_sub(r2,rsa->q,BN_value_one())) goto err; if (!BN_gcd(r1,r2,rsa->e,ctx)) goto err; - if (BN_is_one(r1) && (BN_cmp(rsa->p,rsa->q) != 0)) + if (BN_is_one(r1)) break; - if (callback != NULL) callback(2,n++,cb_arg); - BN_free(rsa->q); + if(!BN_GENCB_call(cb, 2, n++)) + goto err; } - if (callback != NULL) callback(3,1,cb_arg); + if(!BN_GENCB_call(cb, 3, 1)) + goto err; if (BN_cmp(rsa->p,rsa->q) < 0) { tmp=rsa->p; @@ -136,66 +161,59 @@ RSA *RSA_generate_key(int bits, unsigned long e_value, } /* calculate n */ - rsa->n=BN_new(); - if (rsa->n == NULL) goto err; if (!BN_mul(rsa->n,rsa->p,rsa->q,ctx)) goto err; /* calculate d */ if (!BN_sub(r1,rsa->p,BN_value_one())) goto err; /* p-1 */ if (!BN_sub(r2,rsa->q,BN_value_one())) goto err; /* q-1 */ if (!BN_mul(r0,r1,r2,ctx)) goto err; /* (p-1)(q-1) */ - -/* should not be needed, since gcd(p-1,e) == 1 and gcd(q-1,e) == 1 */ -/* for (;;) + if (!(rsa->flags & RSA_FLAG_NO_CONSTTIME)) { - if (!BN_gcd(r3,r0,rsa->e,ctx)) goto err; - if (BN_is_one(r3)) break; + pr0 = &local_r0; + BN_with_flags(pr0, r0, BN_FLG_CONSTTIME); + } + else + pr0 = r0; + if (!BN_mod_inverse(rsa->d,rsa->e,pr0,ctx)) goto err; /* d */ - if (1) - { - if (!BN_add_word(rsa->e,2L)) goto err; - continue; - } - RSAerr(RSA_F_RSA_GENERATE_KEY,RSA_R_BAD_E_VALUE); - goto err; + /* set up d for correct BN_FLG_CONSTTIME flag */ + if (!(rsa->flags & RSA_FLAG_NO_CONSTTIME)) + { + d = &local_d; + BN_with_flags(d, rsa->d, BN_FLG_CONSTTIME); } -*/ - rsa->d=BN_mod_inverse(NULL,rsa->e,r0,ctx2); /* d */ - if (rsa->d == NULL) goto err; + else + d = rsa->d; /* calculate d mod (p-1) */ - rsa->dmp1=BN_new(); - if (rsa->dmp1 == NULL) goto err; - if (!BN_mod(rsa->dmp1,rsa->d,r1,ctx)) goto err; + if (!BN_mod(rsa->dmp1,d,r1,ctx)) goto err; /* calculate d mod (q-1) */ - rsa->dmq1=BN_new(); - if (rsa->dmq1 == NULL) goto err; - if (!BN_mod(rsa->dmq1,rsa->d,r2,ctx)) goto err; + if (!BN_mod(rsa->dmq1,d,r2,ctx)) goto err; /* calculate inverse of q mod p */ - rsa->iqmp=BN_mod_inverse(NULL,rsa->q,rsa->p,ctx2); - if (rsa->iqmp == NULL) goto err; + if (!(rsa->flags & RSA_FLAG_NO_CONSTTIME)) + { + p = &local_p; + BN_with_flags(p, rsa->p, BN_FLG_CONSTTIME); + } + else + p = rsa->p; + if (!BN_mod_inverse(rsa->iqmp,rsa->q,p,ctx)) goto err; ok=1; err: if (ok == -1) { - RSAerr(RSA_F_RSA_GENERATE_KEY,ERR_LIB_BN); + RSAerr(RSA_F_RSA_BUILTIN_KEYGEN,ERR_LIB_BN); ok=0; } if (ctx != NULL) - BN_CTX_end(ctx); - BN_CTX_free(ctx); - BN_CTX_free(ctx2); - - if (!ok) { - if (rsa != NULL) RSA_free(rsa); - return(NULL); + BN_CTX_end(ctx); + BN_CTX_free(ctx); } - else - return(rsa); + + return ok; } -#endif diff --git a/src/lib/libssl/src/crypto/rsa/rsa_lib.c b/src/lib/libssl/src/crypto/rsa/rsa_lib.c index e4d622851e..104aa4c1f2 100644 --- a/src/lib/libssl/src/crypto/rsa/rsa_lib.c +++ b/src/lib/libssl/src/crypto/rsa/rsa_lib.c @@ -67,7 +67,7 @@ #include #endif -const char *RSA_version="RSA" OPENSSL_VERSION_PTEXT; +const char RSA_version[]="RSA" OPENSSL_VERSION_PTEXT; static const RSA_METHOD *default_RSA_meth=NULL; @@ -179,6 +179,7 @@ RSA *RSA_new_method(ENGINE *engine) ret->_method_mod_p=NULL; ret->_method_mod_q=NULL; ret->blinding=NULL; + ret->mt_blinding=NULL; ret->bignum_data=NULL; ret->flags=ret->meth->flags; CRYPTO_new_ex_data(CRYPTO_EX_INDEX_RSA, ret, &ret->ex_data); @@ -232,6 +233,7 @@ void RSA_free(RSA *r) if (r->dmq1 != NULL) BN_clear_free(r->dmq1); if (r->iqmp != NULL) BN_clear_free(r->iqmp); if (r->blinding != NULL) BN_BLINDING_free(r->blinding); + if (r->mt_blinding != NULL) BN_BLINDING_free(r->mt_blinding); if (r->bignum_data != NULL) OPENSSL_free_locked(r->bignum_data); OPENSSL_free(r); } @@ -314,59 +316,117 @@ void RSA_blinding_off(RSA *rsa) rsa->flags |= RSA_FLAG_NO_BLINDING; } -int RSA_blinding_on(RSA *rsa, BN_CTX *p_ctx) +int RSA_blinding_on(RSA *rsa, BN_CTX *ctx) { - BIGNUM *A,*Ai = NULL; - BN_CTX *ctx; int ret=0; - if (p_ctx == NULL) + if (rsa->blinding != NULL) + RSA_blinding_off(rsa); + + rsa->blinding = RSA_setup_blinding(rsa, ctx); + if (rsa->blinding == NULL) + goto err; + + rsa->flags |= RSA_FLAG_BLINDING; + rsa->flags &= ~RSA_FLAG_NO_BLINDING; + ret=1; +err: + return(ret); + } + +static BIGNUM *rsa_get_public_exp(const BIGNUM *d, const BIGNUM *p, + const BIGNUM *q, BN_CTX *ctx) +{ + BIGNUM *ret = NULL, *r0, *r1, *r2; + + if (d == NULL || p == NULL || q == NULL) + return NULL; + + BN_CTX_start(ctx); + r0 = BN_CTX_get(ctx); + r1 = BN_CTX_get(ctx); + r2 = BN_CTX_get(ctx); + if (r2 == NULL) + goto err; + + if (!BN_sub(r1, p, BN_value_one())) goto err; + if (!BN_sub(r2, q, BN_value_one())) goto err; + if (!BN_mul(r0, r1, r2, ctx)) goto err; + + ret = BN_mod_inverse(NULL, d, r0, ctx); +err: + BN_CTX_end(ctx); + return ret; +} + +BN_BLINDING *RSA_setup_blinding(RSA *rsa, BN_CTX *in_ctx) +{ + BIGNUM local_n; + BIGNUM *e,*n; + BN_CTX *ctx; + BN_BLINDING *ret = NULL; + + if (in_ctx == NULL) { - if ((ctx=BN_CTX_new()) == NULL) goto err; + if ((ctx = BN_CTX_new()) == NULL) return 0; } else - ctx=p_ctx; + ctx = in_ctx; - /* XXXXX: Shouldn't this be RSA_blinding_off(rsa)? */ - if (rsa->blinding != NULL) + BN_CTX_start(ctx); + e = BN_CTX_get(ctx); + if (e == NULL) { - BN_BLINDING_free(rsa->blinding); - rsa->blinding = NULL; + RSAerr(RSA_F_RSA_SETUP_BLINDING, ERR_R_MALLOC_FAILURE); + goto err; } - /* NB: similar code appears in setup_blinding (rsa_eay.c); - * this should be placed in a new function of its own, but for reasons - * of binary compatibility can't */ + if (rsa->e == NULL) + { + e = rsa_get_public_exp(rsa->d, rsa->p, rsa->q, ctx); + if (e == NULL) + { + RSAerr(RSA_F_RSA_SETUP_BLINDING, RSA_R_NO_PUBLIC_EXPONENT); + goto err; + } + } + else + e = rsa->e; - BN_CTX_start(ctx); - A = BN_CTX_get(ctx); + if ((RAND_status() == 0) && rsa->d != NULL && rsa->d->d != NULL) { - /* if PRNG is not properly seeded, resort to secret exponent as unpredictable seed */ - RAND_add(rsa->d->d, rsa->d->dmax * sizeof rsa->d->d[0], 0); - if (!BN_pseudo_rand_range(A,rsa->n)) goto err; + /* if PRNG is not properly seeded, resort to secret + * exponent as unpredictable seed */ + RAND_add(rsa->d->d, rsa->d->dmax * sizeof rsa->d->d[0], 0.0); } - else + + if (!(rsa->flags & RSA_FLAG_NO_CONSTTIME)) { - if (!BN_rand_range(A,rsa->n)) goto err; + /* Set BN_FLG_CONSTTIME flag */ + n = &local_n; + BN_with_flags(n, rsa->n, BN_FLG_CONSTTIME); } - if ((Ai=BN_mod_inverse(NULL,A,rsa->n,ctx)) == NULL) goto err; + else + n = rsa->n; - if (!rsa->meth->bn_mod_exp(A,A,rsa->e,rsa->n,ctx,rsa->_method_mod_n)) + ret = BN_BLINDING_create_param(NULL, e, n, ctx, + rsa->meth->bn_mod_exp, rsa->_method_mod_n); + if (ret == NULL) + { + RSAerr(RSA_F_RSA_SETUP_BLINDING, ERR_R_BN_LIB); goto err; - if ((rsa->blinding=BN_BLINDING_new(A,Ai,rsa->n)) == NULL) goto err; - /* to make things thread-safe without excessive locking, - * rsa->blinding will be used just by the current thread: */ - rsa->blinding->thread_id = CRYPTO_thread_id(); - rsa->flags |= RSA_FLAG_BLINDING; - rsa->flags &= ~RSA_FLAG_NO_BLINDING; - ret=1; + } + BN_BLINDING_set_thread_id(ret, CRYPTO_thread_id()); err: - if (Ai != NULL) BN_free(Ai); BN_CTX_end(ctx); - if (ctx != p_ctx) BN_CTX_free(ctx); - return(ret); - } + if (in_ctx == NULL) + BN_CTX_free(ctx); + if(rsa->e == NULL) + BN_free(e); + + return ret; +} int RSA_memory_lock(RSA *r) { @@ -389,7 +449,7 @@ int RSA_memory_lock(RSA *r) j+= (*t[i])->top; if ((p=OPENSSL_malloc_locked((off+j)*sizeof(BN_ULONG))) == NULL) { - RSAerr(RSA_F_MEMORY_LOCK,ERR_R_MALLOC_FAILURE); + RSAerr(RSA_F_RSA_MEMORY_LOCK,ERR_R_MALLOC_FAILURE); return(0); } bn=(BIGNUM *)p; diff --git a/src/lib/libssl/src/crypto/rsa/rsa_null.c b/src/lib/libssl/src/crypto/rsa/rsa_null.c index 64057fbdcf..491572c82b 100644 --- a/src/lib/libssl/src/crypto/rsa/rsa_null.c +++ b/src/lib/libssl/src/crypto/rsa/rsa_null.c @@ -94,6 +94,9 @@ static RSA_METHOD rsa_null_meth={ RSA_null_finish, 0, NULL, + NULL, + NULL, + NULL }; const RSA_METHOD *RSA_null_method(void) @@ -104,35 +107,35 @@ const RSA_METHOD *RSA_null_method(void) static int RSA_null_public_encrypt(int flen, const unsigned char *from, unsigned char *to, RSA *rsa, int padding) { - RSAerr(RSA_F_RSA_NULL, RSA_R_RSA_OPERATIONS_NOT_SUPPORTED); + RSAerr(RSA_F_RSA_NULL_PUBLIC_ENCRYPT, RSA_R_RSA_OPERATIONS_NOT_SUPPORTED); return -1; } static int RSA_null_private_encrypt(int flen, const unsigned char *from, unsigned char *to, RSA *rsa, int padding) { - RSAerr(RSA_F_RSA_NULL, RSA_R_RSA_OPERATIONS_NOT_SUPPORTED); + RSAerr(RSA_F_RSA_NULL_PRIVATE_ENCRYPT, RSA_R_RSA_OPERATIONS_NOT_SUPPORTED); return -1; } static int RSA_null_private_decrypt(int flen, const unsigned char *from, unsigned char *to, RSA *rsa, int padding) { - RSAerr(RSA_F_RSA_NULL, RSA_R_RSA_OPERATIONS_NOT_SUPPORTED); + RSAerr(RSA_F_RSA_NULL_PRIVATE_DECRYPT, RSA_R_RSA_OPERATIONS_NOT_SUPPORTED); return -1; } static int RSA_null_public_decrypt(int flen, const unsigned char *from, unsigned char *to, RSA *rsa, int padding) { - RSAerr(RSA_F_RSA_NULL, RSA_R_RSA_OPERATIONS_NOT_SUPPORTED); + RSAerr(RSA_F_RSA_NULL_PUBLIC_DECRYPT, RSA_R_RSA_OPERATIONS_NOT_SUPPORTED); return -1; } #if 0 /* not currently used */ static int RSA_null_mod_exp(BIGNUM *r0, BIGNUM *I, RSA *rsa) { - RSAerr(RSA_F_RSA_NULL, RSA_R_RSA_OPERATIONS_NOT_SUPPORTED); + ...err(RSA_F_RSA_NULL_MOD_EXP, RSA_R_RSA_OPERATIONS_NOT_SUPPORTED); return -1; } #endif @@ -146,5 +149,3 @@ static int RSA_null_finish(RSA *rsa) { return(1); } - - diff --git a/src/lib/libssl/src/crypto/rsa/rsa_oaep.c b/src/lib/libssl/src/crypto/rsa/rsa_oaep.c index d43ecaca63..3652677a99 100644 --- a/src/lib/libssl/src/crypto/rsa/rsa_oaep.c +++ b/src/lib/libssl/src/crypto/rsa/rsa_oaep.c @@ -28,6 +28,9 @@ #include #include +int MGF1(unsigned char *mask, long len, + const unsigned char *seed, long seedlen); + int RSA_padding_add_PKCS1_OAEP(unsigned char *to, int tlen, const unsigned char *from, int flen, const unsigned char *param, int plen) @@ -73,13 +76,11 @@ int RSA_padding_add_PKCS1_OAEP(unsigned char *to, int tlen, 20); #endif - PKCS1_MGF1(dbmask, emlen - SHA_DIGEST_LENGTH, seed, SHA_DIGEST_LENGTH, - EVP_sha1()); + MGF1(dbmask, emlen - SHA_DIGEST_LENGTH, seed, SHA_DIGEST_LENGTH); for (i = 0; i < emlen - SHA_DIGEST_LENGTH; i++) db[i] ^= dbmask[i]; - PKCS1_MGF1(seedmask, SHA_DIGEST_LENGTH, db, emlen - SHA_DIGEST_LENGTH, - EVP_sha1()); + MGF1(seedmask, SHA_DIGEST_LENGTH, db, emlen - SHA_DIGEST_LENGTH); for (i = 0; i < SHA_DIGEST_LENGTH; i++) seed[i] ^= seedmask[i]; @@ -95,6 +96,7 @@ int RSA_padding_check_PKCS1_OAEP(unsigned char *to, int tlen, const unsigned char *maskeddb; int lzero; unsigned char *db = NULL, seed[SHA_DIGEST_LENGTH], phash[SHA_DIGEST_LENGTH]; + unsigned char *padded_from; int bad = 0; if (--num < 2 * SHA_DIGEST_LENGTH + 1) @@ -105,8 +107,6 @@ int RSA_padding_check_PKCS1_OAEP(unsigned char *to, int tlen, lzero = num - flen; if (lzero < 0) { - /* lzero == -1 */ - /* signalling this error immediately after detection might allow * for side-channel attacks (e.g. timing if 'plen' is huge * -- cf. James H. Manger, "A Chosen Ciphertext Attack on RSA Optimal @@ -114,22 +114,30 @@ int RSA_padding_check_PKCS1_OAEP(unsigned char *to, int tlen, * so we use a 'bad' flag */ bad = 1; lzero = 0; + flen = num; /* don't overflow the memcpy to padded_from */ } - maskeddb = from - lzero + SHA_DIGEST_LENGTH; dblen = num - SHA_DIGEST_LENGTH; - db = OPENSSL_malloc(dblen); + db = OPENSSL_malloc(dblen + num); if (db == NULL) { - RSAerr(RSA_F_RSA_PADDING_ADD_PKCS1_OAEP, ERR_R_MALLOC_FAILURE); + RSAerr(RSA_F_RSA_PADDING_CHECK_PKCS1_OAEP, ERR_R_MALLOC_FAILURE); return -1; } - PKCS1_MGF1(seed, SHA_DIGEST_LENGTH, maskeddb, dblen, EVP_sha1()); - for (i = lzero; i < SHA_DIGEST_LENGTH; i++) - seed[i] ^= from[i - lzero]; + /* Always do this zero-padding copy (even when lzero == 0) + * to avoid leaking timing info about the value of lzero. */ + padded_from = db + dblen; + memset(padded_from, 0, lzero); + memcpy(padded_from + lzero, from, flen); + + maskeddb = padded_from + SHA_DIGEST_LENGTH; + + MGF1(seed, SHA_DIGEST_LENGTH, maskeddb, dblen); + for (i = 0; i < SHA_DIGEST_LENGTH; i++) + seed[i] ^= padded_from[i]; - PKCS1_MGF1(db, dblen, seed, SHA_DIGEST_LENGTH, EVP_sha1()); + MGF1(db, dblen, seed, SHA_DIGEST_LENGTH); for (i = 0; i < dblen; i++) db[i] ^= maskeddb[i]; @@ -142,13 +150,13 @@ int RSA_padding_check_PKCS1_OAEP(unsigned char *to, int tlen, for (i = SHA_DIGEST_LENGTH; i < dblen; i++) if (db[i] != 0x00) break; - if (db[i] != 0x01 || i++ >= dblen) + if (i == dblen || db[i] != 0x01) goto decoding_err; else { /* everything looks OK */ - mlen = dblen - i; + mlen = dblen - ++i; if (tlen < mlen) { RSAerr(RSA_F_RSA_PADDING_CHECK_PKCS1_OAEP, RSA_R_DATA_TOO_LARGE); diff --git a/src/lib/libssl/src/crypto/rsa/rsa_saos.c b/src/lib/libssl/src/crypto/rsa/rsa_saos.c index 24fc94835e..f98e0a80a6 100644 --- a/src/lib/libssl/src/crypto/rsa/rsa_saos.c +++ b/src/lib/libssl/src/crypto/rsa/rsa_saos.c @@ -107,7 +107,8 @@ int RSA_verify_ASN1_OCTET_STRING(int dtype, RSA *rsa) { int i,ret=0; - unsigned char *p,*s; + unsigned char *s; + const unsigned char *p; ASN1_OCTET_STRING *sig=NULL; if (siglen != (unsigned int)RSA_size(rsa)) diff --git a/src/lib/libssl/src/crypto/rsa/rsa_sign.c b/src/lib/libssl/src/crypto/rsa/rsa_sign.c index cee09eccb1..71aabeea1b 100644 --- a/src/lib/libssl/src/crypto/rsa/rsa_sign.c +++ b/src/lib/libssl/src/crypto/rsa/rsa_sign.c @@ -146,7 +146,7 @@ int RSA_verify(int dtype, const unsigned char *m, unsigned int m_len, unsigned char *sigbuf, unsigned int siglen, RSA *rsa) { int i,ret=0,sigtype; - unsigned char *p,*s; + unsigned char *s; X509_SIG *sig=NULL; if (siglen != (unsigned int)RSA_size(rsa)) @@ -181,10 +181,27 @@ int RSA_verify(int dtype, const unsigned char *m, unsigned int m_len, RSAerr(RSA_F_RSA_VERIFY,RSA_R_BAD_SIGNATURE); else ret = 1; } else { - p=s; + const unsigned char *p=s; sig=d2i_X509_SIG(NULL,&p,(long)i); if (sig == NULL) goto err; + + /* Excess data can be used to create forgeries */ + if(p != s+i) + { + RSAerr(RSA_F_RSA_VERIFY,RSA_R_BAD_SIGNATURE); + goto err; + } + + /* Parameters to the signature algorithm can also be used to + create forgeries */ + if(sig->algor->parameter + && ASN1_TYPE_get(sig->algor->parameter) != V_ASN1_NULL) + { + RSAerr(RSA_F_RSA_VERIFY,RSA_R_BAD_SIGNATURE); + goto err; + } + sigtype=OBJ_obj2nid(sig->algor->algorithm); diff --git a/src/lib/libssl/src/crypto/rsa/rsa_test.c b/src/lib/libssl/src/crypto/rsa/rsa_test.c index 218bb2a39b..4080de8bcf 100644 --- a/src/lib/libssl/src/crypto/rsa/rsa_test.c +++ b/src/lib/libssl/src/crypto/rsa/rsa_test.c @@ -8,6 +8,7 @@ #include #include #include +#include #ifdef OPENSSL_NO_RSA int main(int argc, char *argv[]) { @@ -218,6 +219,7 @@ int main(int argc, char *argv[]) int plen; int clen = 0; int num; + int n; CRYPTO_malloc_debug_init(); CRYPTO_dbg_set_options(V_CRYPTO_MDEBUG_ALL); @@ -241,7 +243,7 @@ int main(int argc, char *argv[]) clen = key3(key, ctext_ex); break; } - if (v/3 > 1) key->flags |= RSA_FLAG_NO_EXP_CONSTTIME; + if (v/3 >= 1) key->flags |= RSA_FLAG_NO_CONSTTIME; num = RSA_public_encrypt(plen, ptext_ex, ctext, key, RSA_PKCS1_PADDING); @@ -277,7 +279,7 @@ int main(int argc, char *argv[]) err=1; goto next; } - + num = RSA_private_decrypt(num, ctext, ptext, key, RSA_PKCS1_OAEP_PADDING); if (num != plen || memcmp(ptext, ptext_ex, num) != 0) @@ -286,10 +288,7 @@ int main(int argc, char *argv[]) err=1; } else if (memcmp(ctext, ctext_ex, num) == 0) - { printf("OAEP test vector %d passed!\n", v); - goto next; - } /* Different ciphertexts (rsa_oaep.c without -DPKCS_TESTVECT). Try decrypting ctext_ex */ @@ -304,6 +303,26 @@ int main(int argc, char *argv[]) } else printf("OAEP encryption/decryption ok\n"); + + /* Try decrypting corrupted ciphertexts */ + for(n = 0 ; n < clen ; ++n) + { + int b; + unsigned char saved = ctext[n]; + for(b = 0 ; b < 256 ; ++b) + { + if(b == saved) + continue; + ctext[n] = b; + num = RSA_private_decrypt(num, ctext, ptext, key, + RSA_PKCS1_OAEP_PADDING); + if(num > 0) + { + printf("Corrupt data decrypted!\n"); + err = 1; + } + } + } next: RSA_free(key); } @@ -313,6 +332,9 @@ int main(int argc, char *argv[]) CRYPTO_mem_leaks_fp(stderr); +#ifdef OPENSSL_SYS_NETWARE + if (err) printf("ERROR: %d\n", err); +#endif return err; } #endif diff --git a/src/lib/libssl/src/crypto/sha/Makefile b/src/lib/libssl/src/crypto/sha/Makefile index 46103bbc83..ac64fb61d3 100644 --- a/src/lib/libssl/src/crypto/sha/Makefile +++ b/src/lib/libssl/src/crypto/sha/Makefile @@ -8,11 +8,6 @@ CC= cc CPP= $(CC) -E INCLUDES= CFLAG=-g -INSTALL_PREFIX= -OPENSSLDIR= /usr/local/ssl -INSTALLTOP=/usr/local/ssl -MAKEDEPPROG= makedepend -MAKEDEPEND= $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG) MAKEFILE= Makefile AR= ar r @@ -20,14 +15,15 @@ SHA1_ASM_OBJ= CFLAGS= $(INCLUDES) $(CFLAG) ASFLAGS= $(INCLUDES) $(ASFLAG) +AFLAGS= $(ASFLAGS) GENERAL=Makefile -TEST=shatest.c sha1test.c +TEST=shatest.c sha1test.c sha256t.c sha512t.c APPS= LIB=$(TOP)/libcrypto.a -LIBSRC=sha_dgst.c sha1dgst.c sha_one.c sha1_one.c -LIBOBJ=sha_dgst.o sha1dgst.o sha_one.o sha1_one.o $(SHA1_ASM_OBJ) +LIBSRC=sha_dgst.c sha1dgst.c sha_one.c sha1_one.c sha256.c sha512.c +LIBOBJ=sha_dgst.o sha1dgst.o sha_one.o sha1_one.o sha256.o sha512.o $(SHA1_ASM_OBJ) SRC= $(LIBSRC) @@ -46,23 +42,33 @@ lib: $(LIBOBJ) $(RANLIB) $(LIB) || echo Never mind. @touch lib -# elf -asm/sx86-elf.s: asm/sha1-586.pl ../perlasm/x86asm.pl - (cd asm; $(PERL) sha1-586.pl elf $(CFLAGS) $(PROCESSOR) > sx86-elf.s) - +# ELF +sx86-elf.s: asm/sha1-586.pl ../perlasm/x86asm.pl + (cd asm; $(PERL) sha1-586.pl elf $(CFLAGS) $(PROCESSOR) > ../$@) +s512sse2-elf.s: asm/sha512-sse2.pl ../perlasm/x86asm.pl + (cd asm; $(PERL) sha512-sse2.pl elf $(CFLAGS) $(PROCESSOR) > ../$@) +# COFF +sx86-cof.s: asm/sha1-586.pl ../perlasm/x86asm.pl + (cd asm; $(PERL) sha1-586.pl coff $(CFLAGS) $(PROCESSOR) > ../$@) +s512sse2-cof.s: asm/sha512-sse2.pl ../perlasm/x86asm.pl + (cd asm; $(PERL) sha512-sse2.pl coff $(CFLAGS) $(PROCESSOR) > ../$@) # a.out -asm/sx86-out.o: asm/sx86unix.cpp - $(CPP) -DOUT asm/sx86unix.cpp | as -o asm/sx86-out.o - -# bsdi -asm/sx86bsdi.o: asm/sx86unix.cpp - $(CPP) -DBSDI asm/sx86unix.cpp | sed 's/ :/:/' | as -o asm/sx86bsdi.o +sx86-out.s: asm/sha1-586.pl ../perlasm/x86asm.pl + (cd asm; $(PERL) sha1-586.pl a.out $(CFLAGS) $(PROCESSOR) > ../$@) +s512sse2-out.s: asm/sha512-sse2.pl ../perlasm/x86asm.pl + (cd asm; $(PERL) sha512-sse2.pl a.out $(CFLAGS) $(PROCESSOR) > ../$@) -asm/sx86unix.cpp: asm/sha1-586.pl ../perlasm/x86asm.pl - (cd asm; $(PERL) sha1-586.pl cpp $(PROCESSOR) >sx86unix.cpp) - -asm/sha1-ia64.s: asm/sha1-ia64.pl +sha1-ia64.s: asm/sha1-ia64.pl (cd asm; $(PERL) sha1-ia64.pl $(CFLAGS) ) > $@ +sha256-ia64.s: asm/sha512-ia64.pl + (cd asm; $(PERL) sha512-ia64.pl ../$@ $(CFLAGS)) +sha512-ia64.s: asm/sha512-ia64.pl + (cd asm; $(PERL) sha512-ia64.pl ../$@ $(CFLAGS)) + +# Solaris make has to be explicitly told +sha1-x86_64.s: asm/sha1-x86_64.pl; $(PERL) asm/sha1-x86_64.pl $@ +sha256-x86_64.s:asm/sha512-x86_64.pl; $(PERL) asm/sha512-x86_64.pl $@ +sha512-x86_64.s:asm/sha512-x86_64.pl; $(PERL) asm/sha512-x86_64.pl $@ files: $(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO @@ -73,6 +79,7 @@ links: @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS) install: + @[ -n "$(INSTALLTOP)" ] # should be set by top Makefile... @headerlist="$(EXHEADER)"; for i in $$headerlist ; \ do \ (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \ @@ -88,6 +95,7 @@ lint: lint -DLINT $(INCLUDES) $(SRC)>fluff depend: + @[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile... $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC) dclean: @@ -95,33 +103,37 @@ dclean: mv -f Makefile.new $(MAKEFILE) clean: - rm -f asm/sx86unix.cpp asm/*-elf.* *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff asm/*.o + rm -f *.s *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff # DO NOT DELETE THIS LINE -- make depend depends on it. sha1_one.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h sha1_one.o: ../../include/openssl/opensslconf.h -sha1_one.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h -sha1_one.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -sha1_one.o: ../../include/openssl/symhacks.h sha1_one.c -sha1dgst.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h -sha1dgst.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -sha1dgst.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h -sha1dgst.o: ../../include/openssl/opensslconf.h -sha1dgst.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h -sha1dgst.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -sha1dgst.o: ../../include/openssl/symhacks.h ../md32_common.h sha1dgst.c -sha1dgst.o: sha_locl.h -sha_dgst.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h -sha_dgst.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -sha_dgst.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h -sha_dgst.o: ../../include/openssl/opensslconf.h -sha_dgst.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h -sha_dgst.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -sha_dgst.o: ../../include/openssl/symhacks.h ../md32_common.h sha_dgst.c -sha_dgst.o: sha_locl.h +sha1_one.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +sha1_one.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +sha1_one.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +sha1_one.o: sha1_one.c +sha1dgst.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h +sha1dgst.o: ../../include/openssl/opensslv.h ../../include/openssl/sha.h +sha1dgst.o: ../md32_common.h sha1dgst.c sha_locl.h +sha256.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h +sha256.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h +sha256.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h +sha256.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +sha256.o: ../../include/openssl/symhacks.h ../md32_common.h sha256.c +sha512.o: ../../e_os.h ../../include/openssl/bio.h +sha512.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h +sha512.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h +sha512.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h +sha512.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +sha512.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +sha512.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +sha512.o: ../cryptlib.h sha512.c +sha_dgst.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h +sha_dgst.o: ../../include/openssl/opensslv.h ../../include/openssl/sha.h +sha_dgst.o: ../md32_common.h sha_dgst.c sha_locl.h sha_one.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h sha_one.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -sha_one.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -sha_one.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -sha_one.o: sha_one.c +sha_one.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h +sha_one.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +sha_one.o: ../../include/openssl/symhacks.h sha_one.c diff --git a/src/lib/libssl/src/crypto/sha/asm/sha1-586.pl b/src/lib/libssl/src/crypto/sha/asm/sha1-586.pl index 041acc0348..0b4dab2bd5 100644 --- a/src/lib/libssl/src/crypto/sha/asm/sha1-586.pl +++ b/src/lib/libssl/src/crypto/sha/asm/sha1-586.pl @@ -1,4 +1,16 @@ -#!/usr/local/bin/perl +#!/usr/bin/env perl + +# ==================================================================== +# [Re]written by Andy Polyakov for the OpenSSL +# project. The module is, however, dual licensed under OpenSSL and +# CRYPTOGAMS licenses depending on where you obtain it. For further +# details see http://www.openssl.org/~appro/cryptogams/. +# ==================================================================== + +# "[Re]written" was achieved in two major overhauls. In 2004 BODY_* +# functions were re-implemented to address P4 performance issue [see +# commentary below], and in 2006 the rest was rewritten in order to +# gain freedom to liberate licensing terms. # It was noted that Intel IA-32 C compiler generates code which # performs ~30% *faster* on P4 CPU than original *hand-coded* @@ -9,7 +21,7 @@ # # compared with original compared with Intel cc # assembler impl. generated code -# Pentium -25% +37% +# Pentium -16% +48% # PIII/AMD +8% +16% # P4 +85%(!) +45% # @@ -17,174 +29,115 @@ # improvement on P4 outweights the loss and incorporate this # re-tuned code to 0.9.7 and later. # ---------------------------------------------------------------- -# Those who for any particular reason absolutely must score on -# Pentium can replace this module with one from 0.9.6 distribution. -# This "offer" shall be revoked the moment programming interface to -# this module is changed, in which case this paragraph should be -# removed. -# ---------------------------------------------------------------- # -$normal=0; - -push(@INC,"perlasm","../../perlasm"); +$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1; +push(@INC,"${dir}","${dir}../../perlasm"); require "x86asm.pl"; &asm_init($ARGV[0],"sha1-586.pl",$ARGV[$#ARGV] eq "386"); $A="eax"; -$B="ecx"; -$C="ebx"; +$B="ebx"; +$C="ecx"; $D="edx"; $E="edi"; $T="esi"; $tmp1="ebp"; -$off=9*4; - -@K=(0x5a827999,0x6ed9eba1,0x8f1bbcdc,0xca62c1d6); - -&sha1_block_data("sha1_block_asm_data_order"); - -&asm_finish(); - -sub Nn - { - local($p)=@_; - local(%n)=($A,$T,$B,$A,$C,$B,$D,$C,$E,$D,$T,$E); - return($n{$p}); - } - -sub Np - { - local($p)=@_; - local(%n)=($A,$T,$B,$A,$C,$B,$D,$C,$E,$D,$T,$E); - local(%n)=($A,$B,$B,$C,$C,$D,$D,$E,$E,$T,$T,$A); - return($n{$p}); - } - -sub Na - { - local($n)=@_; - return( (($n )&0x0f), - (($n+ 2)&0x0f), - (($n+ 8)&0x0f), - (($n+13)&0x0f), - (($n+ 1)&0x0f)); - } - -sub X_expand - { - local($in)=@_; - - &comment("First, load the words onto the stack in network byte order"); - for ($i=0; $i<16; $i+=2) - { - &mov($A,&DWP(($i+0)*4,$in,"",0));# unless $i == 0; - &mov($B,&DWP(($i+1)*4,$in,"",0)); - &bswap($A); - &bswap($B); - &mov(&swtmp($i+0),$A); - &mov(&swtmp($i+1),$B); - } - - &comment("We now have the X array on the stack"); - &comment("starting at sp-4"); - } - -# Rules of engagement -# F is always trashable at the start, the running total. -# E becomes the next F so it can be trashed after it has been 'accumulated' -# F becomes A in the next round. We don't need to access it much. -# During the X update part, the result ends up in $X[$n0]. +@V=($A,$B,$C,$D,$E,$T); sub BODY_00_15 { - local($pos,$K,$X,$n,$a,$b,$c,$d,$e,$f)=@_; + local($n,$a,$b,$c,$d,$e,$f)=@_; &comment("00_15 $n"); - &mov($tmp1,$a); - &mov($f,$c); # f to hold F_00_19(b,c,d) + &mov($f,$c); # f to hold F_00_19(b,c,d) + if ($n==0) { &mov($tmp1,$a); } + else { &mov($a,$tmp1); } &rotl($tmp1,5); # tmp1=ROTATE(a,5) &xor($f,$d); - &and($f,$b); - &rotr($b,2); # b=ROTATE(b,30) &add($tmp1,$e); # tmp1+=e; - &mov($e,&swtmp($n)); # e becomes volatile and - # is loaded with xi - &xor($f,$d); # f holds F_00_19(b,c,d) - &lea($tmp1,&DWP($K,$tmp1,$e,1));# tmp1+=K_00_19+xi - - &add($f,$tmp1); # f+=tmp1 + &and($f,$b); + &mov($e,&swtmp($n%16)); # e becomes volatile and is loaded + # with xi, also note that e becomes + # f in next round... + &xor($f,$d); # f holds F_00_19(b,c,d) + &rotr($b,2); # b=ROTATE(b,30) + &lea($tmp1,&DWP(0x5a827999,$tmp1,$e)); # tmp1+=K_00_19+xi + + if ($n==15) { &add($f,$tmp1); } # f+=tmp1 + else { &add($tmp1,$f); } # f becomes a in next round } sub BODY_16_19 { - local($pos,$K,$X,$n,$a,$b,$c,$d,$e,$f)=@_; - local($n0,$n1,$n2,$n3,$np)=&Na($n); + local($n,$a,$b,$c,$d,$e,$f)=@_; &comment("16_19 $n"); - &mov($f,&swtmp($n1)); # f to hold Xupdate(xi,xa,xb,xc,xd) + &mov($f,&swtmp($n%16)); # f to hold Xupdate(xi,xa,xb,xc,xd) &mov($tmp1,$c); # tmp1 to hold F_00_19(b,c,d) - &xor($f,&swtmp($n0)); + &xor($f,&swtmp(($n+2)%16)); &xor($tmp1,$d); - &xor($f,&swtmp($n2)); + &xor($f,&swtmp(($n+8)%16)); &and($tmp1,$b); # tmp1 holds F_00_19(b,c,d) - &xor($f,&swtmp($n3)); # f holds xa^xb^xc^xd - &rotr($b,2); # b=ROTATE(b,30) - &xor($tmp1,$d); # tmp1=F_00_19(b,c,d) - &rotl($f,1); # f=ROATE(f,1) - &mov(&swtmp($n0),$f); # xi=f - &lea($f,&DWP($K,$f,$e,1)); # f+=K_00_19+e + &rotr($b,2); # b=ROTATE(b,30) + &xor($f,&swtmp(($n+13)%16)); # f holds xa^xb^xc^xd + &rotl($f,1); # f=ROTATE(f,1) + &xor($tmp1,$d); # tmp1=F_00_19(b,c,d) + &mov(&swtmp($n%16),$f); # xi=f + &lea($f,&DWP(0x5a827999,$f,$e));# f+=K_00_19+e &mov($e,$a); # e becomes volatile - &add($f,$tmp1); # f+=F_00_19(b,c,d) - &rotl($e,5); # e=ROTATE(a,5) + &rotl($e,5); # e=ROTATE(a,5) + &add($f,$tmp1); # f+=F_00_19(b,c,d) &add($f,$e); # f+=ROTATE(a,5) } sub BODY_20_39 { - local($pos,$K,$X,$n,$a,$b,$c,$d,$e,$f)=@_; + local($n,$a,$b,$c,$d,$e,$f)=@_; + local $K=($n<40)?0x6ed9eba1:0xca62c1d6; &comment("20_39 $n"); - local($n0,$n1,$n2,$n3,$np)=&Na($n); - &mov($f,&swtmp($n0)); # f to hold Xupdate(xi,xa,xb,xc,xd) - &mov($tmp1,$b); # tmp1 to hold F_20_39(b,c,d) - &xor($f,&swtmp($n1)); - &rotr($b,2); # b=ROTATE(b,30) - &xor($f,&swtmp($n2)); - &xor($tmp1,$c); - &xor($f,&swtmp($n3)); # f holds xa^xb^xc^xd - &xor($tmp1,$d); # tmp1 holds F_20_39(b,c,d) + &mov($tmp1,$b); # tmp1 to hold F_20_39(b,c,d) + &mov($f,&swtmp($n%16)); # f to hold Xupdate(xi,xa,xb,xc,xd) + &rotr($b,2); # b=ROTATE(b,30) + &xor($f,&swtmp(($n+2)%16)); + &xor($tmp1,$c); + &xor($f,&swtmp(($n+8)%16)); + &xor($tmp1,$d); # tmp1 holds F_20_39(b,c,d) + &xor($f,&swtmp(($n+13)%16)); # f holds xa^xb^xc^xd &rotl($f,1); # f=ROTATE(f,1) - &mov(&swtmp($n0),$f); # xi=f - &lea($f,&DWP($K,$f,$e,1)); # f+=K_20_39+e + &add($tmp1,$e); + &mov(&swtmp($n%16),$f); # xi=f &mov($e,$a); # e becomes volatile &rotl($e,5); # e=ROTATE(a,5) - &add($f,$tmp1); # f+=F_20_39(b,c,d) + &lea($f,&DWP($K,$f,$tmp1)); # f+=K_20_39+e &add($f,$e); # f+=ROTATE(a,5) } sub BODY_40_59 { - local($pos,$K,$X,$n,$a,$b,$c,$d,$e,$f)=@_; + local($n,$a,$b,$c,$d,$e,$f)=@_; &comment("40_59 $n"); - local($n0,$n1,$n2,$n3,$np)=&Na($n); - &mov($f,&swtmp($n0)); # f to hold Xupdate(xi,xa,xb,xc,xd) + &mov($f,&swtmp($n%16)); # f to hold Xupdate(xi,xa,xb,xc,xd) + &mov($tmp1,&swtmp(($n+2)%16)); + &xor($f,$tmp1); + &mov($tmp1,&swtmp(($n+8)%16)); + &xor($f,$tmp1); + &mov($tmp1,&swtmp(($n+13)%16)); + &xor($f,$tmp1); # f holds xa^xb^xc^xd &mov($tmp1,$b); # tmp1 to hold F_40_59(b,c,d) - &xor($f,&swtmp($n1)); + &rotl($f,1); # f=ROTATE(f,1) &or($tmp1,$c); - &xor($f,&swtmp($n2)); + &mov(&swtmp($n%16),$f); # xi=f &and($tmp1,$d); - &xor($f,&swtmp($n3)); # f holds xa^xb^xc^xd - &rotl($f,1); # f=ROTATE(f,1) - &mov(&swtmp($n0),$f); # xi=f - &lea($f,&DWP($K,$f,$e,1)); # f+=K_40_59+e + &lea($f,&DWP(0x8f1bbcdc,$f,$e));# f+=K_40_59+e &mov($e,$b); # e becomes volatile and is used # to calculate F_40_59(b,c,d) &rotr($b,2); # b=ROTATE(b,30) @@ -192,234 +145,75 @@ sub BODY_40_59 &or($tmp1,$e); # tmp1 holds F_40_59(b,c,d) &mov($e,$a); &rotl($e,5); # e=ROTATE(a,5) - &add($tmp1,$e); # tmp1+=ROTATE(a,5) - &add($f,$tmp1); # f+=tmp1; - } - -sub BODY_60_79 - { - &BODY_20_39(@_); + &add($f,$tmp1); # f+=tmp1; + &add($f,$e); # f+=ROTATE(a,5) } -sub sha1_block_host - { - local($name, $sclabel)=@_; +&function_begin("sha1_block_data_order",16); + &mov($tmp1,&wparam(0)); # SHA_CTX *c + &mov($T,&wparam(1)); # const void *input + &mov($A,&wparam(2)); # size_t num + &stack_push(16); # allocate X[16] + &shl($A,6); + &add($A,$T); + &mov(&wparam(2),$A); # pointer beyond the end of input + &mov($E,&DWP(16,$tmp1));# pre-load E - &function_begin_B($name,""); + &set_label("loop",16); - # parameter 1 is the MD5_CTX structure. - # A 0 - # B 4 - # C 8 - # D 12 - # E 16 - - &mov("ecx", &wparam(2)); - &push("esi"); - &shl("ecx",6); - &mov("esi", &wparam(1)); - &push("ebp"); - &add("ecx","esi"); # offset to leave on - &push("ebx"); - &mov("ebp", &wparam(0)); - &push("edi"); - &mov($D, &DWP(12,"ebp","",0)); - &stack_push(18+9); - &mov($E, &DWP(16,"ebp","",0)); - &mov($C, &DWP( 8,"ebp","",0)); - &mov(&swtmp(17),"ecx"); - - &comment("First we need to setup the X array"); - - for ($i=0; $i<16; $i+=2) + # copy input chunk to X, but reversing byte order! + for ($i=0; $i<16; $i+=4) { - &mov($A,&DWP(($i+0)*4,"esi","",0));# unless $i == 0; - &mov($B,&DWP(($i+1)*4,"esi","",0)); + &mov($A,&DWP(4*($i+0),$T)); + &mov($B,&DWP(4*($i+1),$T)); + &mov($C,&DWP(4*($i+2),$T)); + &mov($D,&DWP(4*($i+3),$T)); + &bswap($A); + &bswap($B); + &bswap($C); + &bswap($D); &mov(&swtmp($i+0),$A); - &mov(&swtmp($i+1),$B); + &mov(&swtmp($i+1),$B); + &mov(&swtmp($i+2),$C); + &mov(&swtmp($i+3),$D); } - &jmp($sclabel); - &function_end_B($name); - } - - -sub sha1_block_data - { - local($name)=@_; - - &function_begin_B($name,""); - - # parameter 1 is the MD5_CTX structure. - # A 0 - # B 4 - # C 8 - # D 12 - # E 16 - - &mov("ecx", &wparam(2)); - &push("esi"); - &shl("ecx",6); - &mov("esi", &wparam(1)); - &push("ebp"); - &add("ecx","esi"); # offset to leave on - &push("ebx"); - &mov("ebp", &wparam(0)); - &push("edi"); - &mov($D, &DWP(12,"ebp","",0)); - &stack_push(18+9); - &mov($E, &DWP(16,"ebp","",0)); - &mov($C, &DWP( 8,"ebp","",0)); - &mov(&swtmp(17),"ecx"); - - &comment("First we need to setup the X array"); - - &set_label("start") unless $normal; - - &X_expand("esi"); - &mov(&wparam(1),"esi"); - - &set_label("shortcut", 0, 1); - &comment(""); - &comment("Start processing"); - - # odd start - &mov($A, &DWP( 0,"ebp","",0)); - &mov($B, &DWP( 4,"ebp","",0)); - $X="esp"; - &BODY_00_15(-2,$K[0],$X, 0,$A,$B,$C,$D,$E,$T); - &BODY_00_15( 0,$K[0],$X, 1,$T,$A,$B,$C,$D,$E); - &BODY_00_15( 0,$K[0],$X, 2,$E,$T,$A,$B,$C,$D); - &BODY_00_15( 0,$K[0],$X, 3,$D,$E,$T,$A,$B,$C); - &BODY_00_15( 0,$K[0],$X, 4,$C,$D,$E,$T,$A,$B); - &BODY_00_15( 0,$K[0],$X, 5,$B,$C,$D,$E,$T,$A); - &BODY_00_15( 0,$K[0],$X, 6,$A,$B,$C,$D,$E,$T); - &BODY_00_15( 0,$K[0],$X, 7,$T,$A,$B,$C,$D,$E); - &BODY_00_15( 0,$K[0],$X, 8,$E,$T,$A,$B,$C,$D); - &BODY_00_15( 0,$K[0],$X, 9,$D,$E,$T,$A,$B,$C); - &BODY_00_15( 0,$K[0],$X,10,$C,$D,$E,$T,$A,$B); - &BODY_00_15( 0,$K[0],$X,11,$B,$C,$D,$E,$T,$A); - &BODY_00_15( 0,$K[0],$X,12,$A,$B,$C,$D,$E,$T); - &BODY_00_15( 0,$K[0],$X,13,$T,$A,$B,$C,$D,$E); - &BODY_00_15( 0,$K[0],$X,14,$E,$T,$A,$B,$C,$D); - &BODY_00_15( 1,$K[0],$X,15,$D,$E,$T,$A,$B,$C); - &BODY_16_19(-1,$K[0],$X,16,$C,$D,$E,$T,$A,$B); - &BODY_16_19( 0,$K[0],$X,17,$B,$C,$D,$E,$T,$A); - &BODY_16_19( 0,$K[0],$X,18,$A,$B,$C,$D,$E,$T); - &BODY_16_19( 1,$K[0],$X,19,$T,$A,$B,$C,$D,$E); - - &BODY_20_39(-1,$K[1],$X,20,$E,$T,$A,$B,$C,$D); - &BODY_20_39( 0,$K[1],$X,21,$D,$E,$T,$A,$B,$C); - &BODY_20_39( 0,$K[1],$X,22,$C,$D,$E,$T,$A,$B); - &BODY_20_39( 0,$K[1],$X,23,$B,$C,$D,$E,$T,$A); - &BODY_20_39( 0,$K[1],$X,24,$A,$B,$C,$D,$E,$T); - &BODY_20_39( 0,$K[1],$X,25,$T,$A,$B,$C,$D,$E); - &BODY_20_39( 0,$K[1],$X,26,$E,$T,$A,$B,$C,$D); - &BODY_20_39( 0,$K[1],$X,27,$D,$E,$T,$A,$B,$C); - &BODY_20_39( 0,$K[1],$X,28,$C,$D,$E,$T,$A,$B); - &BODY_20_39( 0,$K[1],$X,29,$B,$C,$D,$E,$T,$A); - &BODY_20_39( 0,$K[1],$X,30,$A,$B,$C,$D,$E,$T); - &BODY_20_39( 0,$K[1],$X,31,$T,$A,$B,$C,$D,$E); - &BODY_20_39( 0,$K[1],$X,32,$E,$T,$A,$B,$C,$D); - &BODY_20_39( 0,$K[1],$X,33,$D,$E,$T,$A,$B,$C); - &BODY_20_39( 0,$K[1],$X,34,$C,$D,$E,$T,$A,$B); - &BODY_20_39( 0,$K[1],$X,35,$B,$C,$D,$E,$T,$A); - &BODY_20_39( 0,$K[1],$X,36,$A,$B,$C,$D,$E,$T); - &BODY_20_39( 0,$K[1],$X,37,$T,$A,$B,$C,$D,$E); - &BODY_20_39( 0,$K[1],$X,38,$E,$T,$A,$B,$C,$D); - &BODY_20_39( 1,$K[1],$X,39,$D,$E,$T,$A,$B,$C); - - &BODY_40_59(-1,$K[2],$X,40,$C,$D,$E,$T,$A,$B); - &BODY_40_59( 0,$K[2],$X,41,$B,$C,$D,$E,$T,$A); - &BODY_40_59( 0,$K[2],$X,42,$A,$B,$C,$D,$E,$T); - &BODY_40_59( 0,$K[2],$X,43,$T,$A,$B,$C,$D,$E); - &BODY_40_59( 0,$K[2],$X,44,$E,$T,$A,$B,$C,$D); - &BODY_40_59( 0,$K[2],$X,45,$D,$E,$T,$A,$B,$C); - &BODY_40_59( 0,$K[2],$X,46,$C,$D,$E,$T,$A,$B); - &BODY_40_59( 0,$K[2],$X,47,$B,$C,$D,$E,$T,$A); - &BODY_40_59( 0,$K[2],$X,48,$A,$B,$C,$D,$E,$T); - &BODY_40_59( 0,$K[2],$X,49,$T,$A,$B,$C,$D,$E); - &BODY_40_59( 0,$K[2],$X,50,$E,$T,$A,$B,$C,$D); - &BODY_40_59( 0,$K[2],$X,51,$D,$E,$T,$A,$B,$C); - &BODY_40_59( 0,$K[2],$X,52,$C,$D,$E,$T,$A,$B); - &BODY_40_59( 0,$K[2],$X,53,$B,$C,$D,$E,$T,$A); - &BODY_40_59( 0,$K[2],$X,54,$A,$B,$C,$D,$E,$T); - &BODY_40_59( 0,$K[2],$X,55,$T,$A,$B,$C,$D,$E); - &BODY_40_59( 0,$K[2],$X,56,$E,$T,$A,$B,$C,$D); - &BODY_40_59( 0,$K[2],$X,57,$D,$E,$T,$A,$B,$C); - &BODY_40_59( 0,$K[2],$X,58,$C,$D,$E,$T,$A,$B); - &BODY_40_59( 1,$K[2],$X,59,$B,$C,$D,$E,$T,$A); - - &BODY_60_79(-1,$K[3],$X,60,$A,$B,$C,$D,$E,$T); - &BODY_60_79( 0,$K[3],$X,61,$T,$A,$B,$C,$D,$E); - &BODY_60_79( 0,$K[3],$X,62,$E,$T,$A,$B,$C,$D); - &BODY_60_79( 0,$K[3],$X,63,$D,$E,$T,$A,$B,$C); - &BODY_60_79( 0,$K[3],$X,64,$C,$D,$E,$T,$A,$B); - &BODY_60_79( 0,$K[3],$X,65,$B,$C,$D,$E,$T,$A); - &BODY_60_79( 0,$K[3],$X,66,$A,$B,$C,$D,$E,$T); - &BODY_60_79( 0,$K[3],$X,67,$T,$A,$B,$C,$D,$E); - &BODY_60_79( 0,$K[3],$X,68,$E,$T,$A,$B,$C,$D); - &BODY_60_79( 0,$K[3],$X,69,$D,$E,$T,$A,$B,$C); - &BODY_60_79( 0,$K[3],$X,70,$C,$D,$E,$T,$A,$B); - &BODY_60_79( 0,$K[3],$X,71,$B,$C,$D,$E,$T,$A); - &BODY_60_79( 0,$K[3],$X,72,$A,$B,$C,$D,$E,$T); - &BODY_60_79( 0,$K[3],$X,73,$T,$A,$B,$C,$D,$E); - &BODY_60_79( 0,$K[3],$X,74,$E,$T,$A,$B,$C,$D); - &BODY_60_79( 0,$K[3],$X,75,$D,$E,$T,$A,$B,$C); - &BODY_60_79( 0,$K[3],$X,76,$C,$D,$E,$T,$A,$B); - &BODY_60_79( 0,$K[3],$X,77,$B,$C,$D,$E,$T,$A); - &BODY_60_79( 0,$K[3],$X,78,$A,$B,$C,$D,$E,$T); - &BODY_60_79( 2,$K[3],$X,79,$T,$A,$B,$C,$D,$E); - - &comment("End processing"); - &comment(""); - # D is the tmp value - - # E -> A - # T -> B - # A -> C - # B -> D - # C -> E - # D -> T - - &mov($tmp1,&wparam(0)); - - &mov($D, &DWP(12,$tmp1,"",0)); - &add($D,$B); - &mov($B, &DWP( 4,$tmp1,"",0)); - &add($B,$T); - &mov($T, $A); - &mov($A, &DWP( 0,$tmp1,"",0)); - &mov(&DWP(12,$tmp1,"",0),$D); - - &add($A,$E); - &mov($E, &DWP(16,$tmp1,"",0)); - &add($E,$C); - &mov($C, &DWP( 8,$tmp1,"",0)); - &add($C,$T); - - &mov(&DWP( 0,$tmp1,"",0),$A); - &mov("esi",&wparam(1)); - &mov(&DWP( 8,$tmp1,"",0),$C); - &add("esi",64); - &mov("eax",&swtmp(17)); - &mov(&DWP(16,$tmp1,"",0),$E); - &cmp("esi","eax"); - &mov(&DWP( 4,$tmp1,"",0),$B); - &jb(&label("start")); - - &stack_pop(18+9); - &pop("edi"); - &pop("ebx"); - &pop("ebp"); - &pop("esi"); - &ret(); - - # keep a note of shortcut label so it can be used outside - # block. - my $sclabel = &label("shortcut"); - - &function_end_B($name); - # Putting this here avoids problems with MASM in debugging mode - &sha1_block_host("sha1_block_asm_host_order", $sclabel); - } + &mov(&wparam(1),$T); # redundant in 1st spin + + &mov($A,&DWP(0,$tmp1)); # load SHA_CTX + &mov($B,&DWP(4,$tmp1)); + &mov($C,&DWP(8,$tmp1)); + &mov($D,&DWP(12,$tmp1)); + # E is pre-loaded + + for($i=0;$i<16;$i++) { &BODY_00_15($i,@V); unshift(@V,pop(@V)); } + for(;$i<20;$i++) { &BODY_16_19($i,@V); unshift(@V,pop(@V)); } + for(;$i<40;$i++) { &BODY_20_39($i,@V); unshift(@V,pop(@V)); } + for(;$i<60;$i++) { &BODY_40_59($i,@V); unshift(@V,pop(@V)); } + for(;$i<80;$i++) { &BODY_20_39($i,@V); unshift(@V,pop(@V)); } + + (($V[5] eq $D) and ($V[0] eq $E)) or die; # double-check + + &mov($tmp1,&wparam(0)); # re-load SHA_CTX* + &mov($D,&wparam(1)); # D is last "T" and is discarded + + &add($E,&DWP(0,$tmp1)); # E is last "A"... + &add($T,&DWP(4,$tmp1)); + &add($A,&DWP(8,$tmp1)); + &add($B,&DWP(12,$tmp1)); + &add($C,&DWP(16,$tmp1)); + + &mov(&DWP(0,$tmp1),$E); # update SHA_CTX + &add($D,64); # advance input pointer + &mov(&DWP(4,$tmp1),$T); + &cmp($D,&wparam(2)); # have we reached the end yet? + &mov(&DWP(8,$tmp1),$A); + &mov($E,$C); # C is last "E" which needs to be "pre-loaded" + &mov(&DWP(12,$tmp1),$B); + &mov($T,$D); # input pointer + &mov(&DWP(16,$tmp1),$C); + &jb(&label("loop")); + + &stack_pop(16); +&function_end("sha1_block_data_order"); +&asm_finish(); diff --git a/src/lib/libssl/src/crypto/sha/asm/sha1-ia64.pl b/src/lib/libssl/src/crypto/sha/asm/sha1-ia64.pl index cb9dfad124..aa18c1089b 100644 --- a/src/lib/libssl/src/crypto/sha/asm/sha1-ia64.pl +++ b/src/lib/libssl/src/crypto/sha/asm/sha1-ia64.pl @@ -2,8 +2,9 @@ # # ==================================================================== # Written by Andy Polyakov for the OpenSSL -# project. Rights for redistribution and usage in source and binary -# forms are granted according to the OpenSSL license. +# project. The module is, however, dual licensed under OpenSSL and +# CRYPTOGAMS licenses depending on where you obtain it. For further +# details see http://www.openssl.org/~appro/cryptogams/. # ==================================================================== # # Eternal question is what's wrong with compiler generated code? The @@ -11,15 +12,10 @@ # to perform rotations by maintaining copy of 32-bit value in upper # bits of 64-bit register. Just follow mux2 and shrp instructions... # Performance under big-endian OS such as HP-UX is 179MBps*1GHz, which -# is >50% better than HP C and >2x better than gcc. As of this moment -# performance under little-endian OS such as Linux and Windows will be -# a bit lower, because data has to be picked in reverse byte-order. -# It's possible to resolve this issue by implementing third function, -# sha1_block_asm_data_order_aligned, which would temporarily flip -# BE field in User Mask register... +# is >50% better than HP C and >2x better than gcc. $code=<<___; -.ident \"sha1-ia64.s, version 1.0\" +.ident \"sha1-ia64.s, version 1.2\" .ident \"IA-64 ISA artwork by Andy Polyakov \" .explicit @@ -55,63 +51,55 @@ else { sub BODY_00_15 { local *code=shift; -local ($i,$a,$b,$c,$d,$e,$f,$unaligned)=@_; +local ($i,$a,$b,$c,$d,$e,$f)=@_; -if ($unaligned) { - $code.=<<___; -{ .mmi; ld1 tmp0=[inp],2 // MSB - ld1 tmp1=[tmp3],2 };; -{ .mmi; ld1 tmp2=[inp],2 - ld1 $X[$i&0xf]=[tmp3],2 // LSB - dep tmp1=tmp0,tmp1,8,8 };; -{ .mii; cmp.ne p16,p0=r0,r0 // no misaligned prefetch - dep $X[$i&0xf]=tmp2,$X[$i&0xf],8,8;; - dep $X[$i&0xf]=tmp1,$X[$i&0xf],16,16 };; -{ .mmi; nop.m 0 -___ - } -elsif ($i<15) { - $code.=<<___; -{ .mmi; ld4 $X[($i+1)&0xf]=[inp],4 // prefetch -___ - } -else { - $code.=<<___; -{ .mmi; nop.m 0 +$code.=<<___ if ($i==0); +{ .mmi; ld1 $X[$i&0xf]=[inp],2 // MSB + ld1 tmp2=[tmp3],2 };; +{ .mmi; ld1 tmp0=[inp],2 + ld1 tmp4=[tmp3],2 // LSB + dep $X[$i&0xf]=$X[$i&0xf],tmp2,8,8 };; ___ - } if ($i<15) { $code.=<<___; - and tmp0=$c,$b - dep.z tmp5=$a,5,27 } // a<<5 +{ .mmi; ld1 $X[($i+1)&0xf]=[inp],2 // +1 + dep tmp1=tmp0,tmp4,8,8 };; +{ .mmi; ld1 tmp2=[tmp3],2 // +1 + and tmp4=$c,$b + dep $X[$i&0xf]=$X[$i&0xf],tmp1,16,16 } //;; { .mmi; andcm tmp1=$d,$b - add tmp4=$e,$K_00_19 };; -{ .mmi; or tmp0=tmp0,tmp1 // F_00_19(b,c,d)=(b&c)|(~b&d) - add $f=tmp4,$X[$i&0xf] // f=xi+e+K_00_19 + add tmp0=$e,$K_00_19 + dep.z tmp5=$a,5,27 };; // a<<5 +{ .mmi; or tmp4=tmp4,tmp1 // F_00_19(b,c,d)=(b&c)|(~b&d) + add $f=tmp0,$X[$i&0xf] // f=xi+e+K_00_19 extr.u tmp1=$a,27,5 };; // a>>27 -{ .mib; add $f=$f,tmp0 // f+=F_00_19(b,c,d) +{ .mmi; ld1 tmp0=[inp],2 // +1 + add $f=$f,tmp4 // f+=F_00_19(b,c,d) shrp $b=tmp6,tmp6,2 } // b=ROTATE(b,30) -{ .mib; or tmp1=tmp1,tmp5 // ROTATE(a,5) +{ .mmi; ld1 tmp4=[tmp3],2 // +1 + or tmp5=tmp1,tmp5 // ROTATE(a,5) mux2 tmp6=$a,0x44 };; // see b in next iteration -{ .mii; add $f=$f,tmp1 // f+=ROTATE(a,5) - mux2 $X[$i&0xf]=$X[$i&0xf],0x44 - nop.i 0 };; +{ .mii; add $f=$f,tmp5 // f+=ROTATE(a,5) + dep $X[($i+1)&0xf]=$X[($i+1)&0xf],tmp2,8,8 // +1 + mux2 $X[$i&0xf]=$X[$i&0xf],0x44 } //;; ___ } else { $code.=<<___; - and tmp0=$c,$b - dep.z tmp5=$a,5,27 } // a<<5 ;;? +{ .mii; and tmp3=$c,$b + dep tmp1=tmp0,tmp4,8,8;; + dep $X[$i&0xf]=$X[$i&0xf],tmp1,16,16 } //;; { .mmi; andcm tmp1=$d,$b - add tmp4=$e,$K_00_19 };; -{ .mmi; or tmp0=tmp0,tmp1 // F_00_19(b,c,d)=(b&c)|(~b&d) - add $f=tmp4,$X[$i&0xf] // f=xi+e+K_00_19 + add tmp0=$e,$K_00_19 + dep.z tmp5=$a,5,27 };; // a<<5 +{ .mmi; or tmp4=tmp3,tmp1 // F_00_19(b,c,d)=(b&c)|(~b&d) + add $f=tmp0,$X[$i&0xf] // f=xi+e+K_00_19 extr.u tmp1=$a,27,5 } // a>>27 { .mmi; xor tmp2=$X[($i+0+1)&0xf],$X[($i+2+1)&0xf] // +1 xor tmp3=$X[($i+8+1)&0xf],$X[($i+13+1)&0xf] // +1 nop.i 0 };; -{ .mmi; add $f=$f,tmp0 // f+=F_00_19(b,c,d) +{ .mmi; add $f=$f,tmp4 // f+=F_00_19(b,c,d) xor tmp2=tmp2,tmp3 // +1 shrp $b=tmp6,tmp6,2 } // b=ROTATE(b,30) { .mmi; or tmp1=tmp1,tmp5 // ROTATE(a,5) @@ -190,9 +178,7 @@ $code.=<<___; extr.u tmp1=$a,27,5 } // a>>27 { .mib; add $f=$f,tmp4 // f+=e+K_20_39 add $h1=$h1,$a };; // wrap up -{ .mmi; -(p16) ld4.s $X[0]=[inp],4 // non-faulting prefetch - add $f=$f,tmp0 // f+=F_20_39(b,c,d) +{ .mmi; add $f=$f,tmp0 // f+=F_20_39(b,c,d) shrp $b=tmp6,tmp6,2 } // b=ROTATE(b,30) ;;? { .mmi; or tmp1=tmp1,tmp5 // ROTATE(a,5) add $h3=$h3,$c };; // wrap up @@ -245,172 +231,15 @@ tmp3=r11; ctx=r32; // in0 inp=r33; // in1 -// void sha1_block_asm_host_order(SHA_CTX *c,const void *p,size_t num); -.global sha1_block_asm_host_order# -.proc sha1_block_asm_host_order# +// void sha1_block_data_order(SHA_CTX *c,const void *p,size_t num); +.global sha1_block_data_order# +.proc sha1_block_data_order# .align 32 -sha1_block_asm_host_order: +sha1_block_data_order: .prologue - .fframe 0 - .save ar.pfs,r0 - .save ar.lc,r3 { .mmi; alloc tmp1=ar.pfs,3,15,0,0 $ADDP tmp0=4,ctx - mov r3=ar.lc } -{ .mmi; $ADDP ctx=0,ctx - $ADDP inp=0,inp - mov r2=pr };; -tmp4=in2; -tmp5=loc13; -tmp6=loc14; - .body -{ .mlx; ld4 $h0=[ctx],8 - movl $K_00_19=0x5a827999 } -{ .mlx; ld4 $h1=[tmp0],8 - movl $K_20_39=0x6ed9eba1 };; -{ .mlx; ld4 $h2=[ctx],8 - movl $K_40_59=0x8f1bbcdc } -{ .mlx; ld4 $h3=[tmp0] - movl $K_60_79=0xca62c1d6 };; -{ .mmi; ld4 $h4=[ctx],-16 - add in2=-1,in2 // adjust num for ar.lc - mov ar.ec=1 };; -{ .mmi; ld4 $X[0]=[inp],4 // prefetch - cmp.ne p16,p0=r0,in2 // prefecth at loop end - mov ar.lc=in2 };; // brp.loop.imp: too far - -.Lhtop: -{ .mmi; mov $A=$h0 - mov $B=$h1 - mux2 tmp6=$h1,0x44 } -{ .mmi; mov $C=$h2 - mov $D=$h3 - mov $E=$h4 };; - -___ - - &BODY_00_15(\$code, 0,$A,$B,$C,$D,$E,$T); - &BODY_00_15(\$code, 1,$T,$A,$B,$C,$D,$E); - &BODY_00_15(\$code, 2,$E,$T,$A,$B,$C,$D); - &BODY_00_15(\$code, 3,$D,$E,$T,$A,$B,$C); - &BODY_00_15(\$code, 4,$C,$D,$E,$T,$A,$B); - &BODY_00_15(\$code, 5,$B,$C,$D,$E,$T,$A); - &BODY_00_15(\$code, 6,$A,$B,$C,$D,$E,$T); - &BODY_00_15(\$code, 7,$T,$A,$B,$C,$D,$E); - &BODY_00_15(\$code, 8,$E,$T,$A,$B,$C,$D); - &BODY_00_15(\$code, 9,$D,$E,$T,$A,$B,$C); - &BODY_00_15(\$code,10,$C,$D,$E,$T,$A,$B); - &BODY_00_15(\$code,11,$B,$C,$D,$E,$T,$A); - &BODY_00_15(\$code,12,$A,$B,$C,$D,$E,$T); - &BODY_00_15(\$code,13,$T,$A,$B,$C,$D,$E); - &BODY_00_15(\$code,14,$E,$T,$A,$B,$C,$D); - &BODY_00_15(\$code,15,$D,$E,$T,$A,$B,$C); - - &BODY_16_19(\$code,16,$C,$D,$E,$T,$A,$B); - &BODY_16_19(\$code,17,$B,$C,$D,$E,$T,$A); - &BODY_16_19(\$code,18,$A,$B,$C,$D,$E,$T); - &BODY_16_19(\$code,19,$T,$A,$B,$C,$D,$E); - - &BODY_20_39(\$code,20,$E,$T,$A,$B,$C,$D); - &BODY_20_39(\$code,21,$D,$E,$T,$A,$B,$C); - &BODY_20_39(\$code,22,$C,$D,$E,$T,$A,$B); - &BODY_20_39(\$code,23,$B,$C,$D,$E,$T,$A); - &BODY_20_39(\$code,24,$A,$B,$C,$D,$E,$T); - &BODY_20_39(\$code,25,$T,$A,$B,$C,$D,$E); - &BODY_20_39(\$code,26,$E,$T,$A,$B,$C,$D); - &BODY_20_39(\$code,27,$D,$E,$T,$A,$B,$C); - &BODY_20_39(\$code,28,$C,$D,$E,$T,$A,$B); - &BODY_20_39(\$code,29,$B,$C,$D,$E,$T,$A); - &BODY_20_39(\$code,30,$A,$B,$C,$D,$E,$T); - &BODY_20_39(\$code,31,$T,$A,$B,$C,$D,$E); - &BODY_20_39(\$code,32,$E,$T,$A,$B,$C,$D); - &BODY_20_39(\$code,33,$D,$E,$T,$A,$B,$C); - &BODY_20_39(\$code,34,$C,$D,$E,$T,$A,$B); - &BODY_20_39(\$code,35,$B,$C,$D,$E,$T,$A); - &BODY_20_39(\$code,36,$A,$B,$C,$D,$E,$T); - &BODY_20_39(\$code,37,$T,$A,$B,$C,$D,$E); - &BODY_20_39(\$code,38,$E,$T,$A,$B,$C,$D); - &BODY_20_39(\$code,39,$D,$E,$T,$A,$B,$C); - - &BODY_40_59(\$code,40,$C,$D,$E,$T,$A,$B); - &BODY_40_59(\$code,41,$B,$C,$D,$E,$T,$A); - &BODY_40_59(\$code,42,$A,$B,$C,$D,$E,$T); - &BODY_40_59(\$code,43,$T,$A,$B,$C,$D,$E); - &BODY_40_59(\$code,44,$E,$T,$A,$B,$C,$D); - &BODY_40_59(\$code,45,$D,$E,$T,$A,$B,$C); - &BODY_40_59(\$code,46,$C,$D,$E,$T,$A,$B); - &BODY_40_59(\$code,47,$B,$C,$D,$E,$T,$A); - &BODY_40_59(\$code,48,$A,$B,$C,$D,$E,$T); - &BODY_40_59(\$code,49,$T,$A,$B,$C,$D,$E); - &BODY_40_59(\$code,50,$E,$T,$A,$B,$C,$D); - &BODY_40_59(\$code,51,$D,$E,$T,$A,$B,$C); - &BODY_40_59(\$code,52,$C,$D,$E,$T,$A,$B); - &BODY_40_59(\$code,53,$B,$C,$D,$E,$T,$A); - &BODY_40_59(\$code,54,$A,$B,$C,$D,$E,$T); - &BODY_40_59(\$code,55,$T,$A,$B,$C,$D,$E); - &BODY_40_59(\$code,56,$E,$T,$A,$B,$C,$D); - &BODY_40_59(\$code,57,$D,$E,$T,$A,$B,$C); - &BODY_40_59(\$code,58,$C,$D,$E,$T,$A,$B); - &BODY_40_59(\$code,59,$B,$C,$D,$E,$T,$A); - - &BODY_60_79(\$code,60,$A,$B,$C,$D,$E,$T); - &BODY_60_79(\$code,61,$T,$A,$B,$C,$D,$E); - &BODY_60_79(\$code,62,$E,$T,$A,$B,$C,$D); - &BODY_60_79(\$code,63,$D,$E,$T,$A,$B,$C); - &BODY_60_79(\$code,64,$C,$D,$E,$T,$A,$B); - &BODY_60_79(\$code,65,$B,$C,$D,$E,$T,$A); - &BODY_60_79(\$code,66,$A,$B,$C,$D,$E,$T); - &BODY_60_79(\$code,67,$T,$A,$B,$C,$D,$E); - &BODY_60_79(\$code,68,$E,$T,$A,$B,$C,$D); - &BODY_60_79(\$code,69,$D,$E,$T,$A,$B,$C); - &BODY_60_79(\$code,70,$C,$D,$E,$T,$A,$B); - &BODY_60_79(\$code,71,$B,$C,$D,$E,$T,$A); - &BODY_60_79(\$code,72,$A,$B,$C,$D,$E,$T); - &BODY_60_79(\$code,73,$T,$A,$B,$C,$D,$E); - &BODY_60_79(\$code,74,$E,$T,$A,$B,$C,$D); - &BODY_60_79(\$code,75,$D,$E,$T,$A,$B,$C); - &BODY_60_79(\$code,76,$C,$D,$E,$T,$A,$B); - &BODY_60_79(\$code,77,$B,$C,$D,$E,$T,$A); - &BODY_60_79(\$code,78,$A,$B,$C,$D,$E,$T); - &BODY_60_79(\$code,79,$T,$A,$B,$C,$D,$E); - -$code.=<<___; -{ .mmb; add $h0=$h0,$E - nop.m 0 - br.ctop.dptk.many .Lhtop };; -.Lhend: -{ .mmi; add tmp0=4,ctx - mov ar.lc=r3 };; -{ .mmi; st4 [ctx]=$h0,8 - st4 [tmp0]=$h1,8 };; -{ .mmi; st4 [ctx]=$h2,8 - st4 [tmp0]=$h3 };; -{ .mib; st4 [ctx]=$h4,-16 - mov pr=r2,0x1ffff - br.ret.sptk.many b0 };; -.endp sha1_block_asm_host_order# -___ - - -$code.=<<___; -// void sha1_block_asm_data_order(SHA_CTX *c,const void *p,size_t num); -.global sha1_block_asm_data_order# -.proc sha1_block_asm_data_order# -.align 32 -sha1_block_asm_data_order: -___ -$code.=<<___ if ($big_endian); -{ .mmi; and r2=3,inp };; -{ .mib; cmp.eq p6,p0=r0,r2 -(p6) br.dptk.many sha1_block_asm_host_order };; -___ -$code.=<<___; - .prologue - .fframe 0 - .save ar.pfs,r0 .save ar.lc,r3 -{ .mmi; alloc tmp1=ar.pfs,3,15,0,0 - $ADDP tmp0=4,ctx mov r3=ar.lc } { .mmi; $ADDP ctx=0,ctx $ADDP inp=0,inp @@ -444,90 +273,16 @@ tmp6=loc14; ___ - &BODY_00_15(\$code, 0,$A,$B,$C,$D,$E,$T,1); - &BODY_00_15(\$code, 1,$T,$A,$B,$C,$D,$E,1); - &BODY_00_15(\$code, 2,$E,$T,$A,$B,$C,$D,1); - &BODY_00_15(\$code, 3,$D,$E,$T,$A,$B,$C,1); - &BODY_00_15(\$code, 4,$C,$D,$E,$T,$A,$B,1); - &BODY_00_15(\$code, 5,$B,$C,$D,$E,$T,$A,1); - &BODY_00_15(\$code, 6,$A,$B,$C,$D,$E,$T,1); - &BODY_00_15(\$code, 7,$T,$A,$B,$C,$D,$E,1); - &BODY_00_15(\$code, 8,$E,$T,$A,$B,$C,$D,1); - &BODY_00_15(\$code, 9,$D,$E,$T,$A,$B,$C,1); - &BODY_00_15(\$code,10,$C,$D,$E,$T,$A,$B,1); - &BODY_00_15(\$code,11,$B,$C,$D,$E,$T,$A,1); - &BODY_00_15(\$code,12,$A,$B,$C,$D,$E,$T,1); - &BODY_00_15(\$code,13,$T,$A,$B,$C,$D,$E,1); - &BODY_00_15(\$code,14,$E,$T,$A,$B,$C,$D,1); - &BODY_00_15(\$code,15,$D,$E,$T,$A,$B,$C,1); - - &BODY_16_19(\$code,16,$C,$D,$E,$T,$A,$B); - &BODY_16_19(\$code,17,$B,$C,$D,$E,$T,$A); - &BODY_16_19(\$code,18,$A,$B,$C,$D,$E,$T); - &BODY_16_19(\$code,19,$T,$A,$B,$C,$D,$E); +{ my $i,@V=($A,$B,$C,$D,$E,$T); - &BODY_20_39(\$code,20,$E,$T,$A,$B,$C,$D); - &BODY_20_39(\$code,21,$D,$E,$T,$A,$B,$C); - &BODY_20_39(\$code,22,$C,$D,$E,$T,$A,$B); - &BODY_20_39(\$code,23,$B,$C,$D,$E,$T,$A); - &BODY_20_39(\$code,24,$A,$B,$C,$D,$E,$T); - &BODY_20_39(\$code,25,$T,$A,$B,$C,$D,$E); - &BODY_20_39(\$code,26,$E,$T,$A,$B,$C,$D); - &BODY_20_39(\$code,27,$D,$E,$T,$A,$B,$C); - &BODY_20_39(\$code,28,$C,$D,$E,$T,$A,$B); - &BODY_20_39(\$code,29,$B,$C,$D,$E,$T,$A); - &BODY_20_39(\$code,30,$A,$B,$C,$D,$E,$T); - &BODY_20_39(\$code,31,$T,$A,$B,$C,$D,$E); - &BODY_20_39(\$code,32,$E,$T,$A,$B,$C,$D); - &BODY_20_39(\$code,33,$D,$E,$T,$A,$B,$C); - &BODY_20_39(\$code,34,$C,$D,$E,$T,$A,$B); - &BODY_20_39(\$code,35,$B,$C,$D,$E,$T,$A); - &BODY_20_39(\$code,36,$A,$B,$C,$D,$E,$T); - &BODY_20_39(\$code,37,$T,$A,$B,$C,$D,$E); - &BODY_20_39(\$code,38,$E,$T,$A,$B,$C,$D); - &BODY_20_39(\$code,39,$D,$E,$T,$A,$B,$C); + for($i=0;$i<16;$i++) { &BODY_00_15(\$code,$i,@V); unshift(@V,pop(@V)); } + for(;$i<20;$i++) { &BODY_16_19(\$code,$i,@V); unshift(@V,pop(@V)); } + for(;$i<40;$i++) { &BODY_20_39(\$code,$i,@V); unshift(@V,pop(@V)); } + for(;$i<60;$i++) { &BODY_40_59(\$code,$i,@V); unshift(@V,pop(@V)); } + for(;$i<80;$i++) { &BODY_60_79(\$code,$i,@V); unshift(@V,pop(@V)); } - &BODY_40_59(\$code,40,$C,$D,$E,$T,$A,$B); - &BODY_40_59(\$code,41,$B,$C,$D,$E,$T,$A); - &BODY_40_59(\$code,42,$A,$B,$C,$D,$E,$T); - &BODY_40_59(\$code,43,$T,$A,$B,$C,$D,$E); - &BODY_40_59(\$code,44,$E,$T,$A,$B,$C,$D); - &BODY_40_59(\$code,45,$D,$E,$T,$A,$B,$C); - &BODY_40_59(\$code,46,$C,$D,$E,$T,$A,$B); - &BODY_40_59(\$code,47,$B,$C,$D,$E,$T,$A); - &BODY_40_59(\$code,48,$A,$B,$C,$D,$E,$T); - &BODY_40_59(\$code,49,$T,$A,$B,$C,$D,$E); - &BODY_40_59(\$code,50,$E,$T,$A,$B,$C,$D); - &BODY_40_59(\$code,51,$D,$E,$T,$A,$B,$C); - &BODY_40_59(\$code,52,$C,$D,$E,$T,$A,$B); - &BODY_40_59(\$code,53,$B,$C,$D,$E,$T,$A); - &BODY_40_59(\$code,54,$A,$B,$C,$D,$E,$T); - &BODY_40_59(\$code,55,$T,$A,$B,$C,$D,$E); - &BODY_40_59(\$code,56,$E,$T,$A,$B,$C,$D); - &BODY_40_59(\$code,57,$D,$E,$T,$A,$B,$C); - &BODY_40_59(\$code,58,$C,$D,$E,$T,$A,$B); - &BODY_40_59(\$code,59,$B,$C,$D,$E,$T,$A); - - &BODY_60_79(\$code,60,$A,$B,$C,$D,$E,$T); - &BODY_60_79(\$code,61,$T,$A,$B,$C,$D,$E); - &BODY_60_79(\$code,62,$E,$T,$A,$B,$C,$D); - &BODY_60_79(\$code,63,$D,$E,$T,$A,$B,$C); - &BODY_60_79(\$code,64,$C,$D,$E,$T,$A,$B); - &BODY_60_79(\$code,65,$B,$C,$D,$E,$T,$A); - &BODY_60_79(\$code,66,$A,$B,$C,$D,$E,$T); - &BODY_60_79(\$code,67,$T,$A,$B,$C,$D,$E); - &BODY_60_79(\$code,68,$E,$T,$A,$B,$C,$D); - &BODY_60_79(\$code,69,$D,$E,$T,$A,$B,$C); - &BODY_60_79(\$code,70,$C,$D,$E,$T,$A,$B); - &BODY_60_79(\$code,71,$B,$C,$D,$E,$T,$A); - &BODY_60_79(\$code,72,$A,$B,$C,$D,$E,$T); - &BODY_60_79(\$code,73,$T,$A,$B,$C,$D,$E); - &BODY_60_79(\$code,74,$E,$T,$A,$B,$C,$D); - &BODY_60_79(\$code,75,$D,$E,$T,$A,$B,$C); - &BODY_60_79(\$code,76,$C,$D,$E,$T,$A,$B); - &BODY_60_79(\$code,77,$B,$C,$D,$E,$T,$A); - &BODY_60_79(\$code,78,$A,$B,$C,$D,$E,$T); - &BODY_60_79(\$code,79,$T,$A,$B,$C,$D,$E); + (($V[5] eq $D) and ($V[0] eq $E)) or die; # double-check +} $code.=<<___; { .mmb; add $h0=$h0,$E @@ -543,7 +298,8 @@ $code.=<<___; { .mib; st4 [ctx]=$h4,-16 mov pr=r2,0x1ffff br.ret.sptk.many b0 };; -.endp sha1_block_asm_data_order# +.endp sha1_block_data_order# +stringz "SHA1 block transform for IA64, CRYPTOGAMS by " ___ print $code; diff --git a/src/lib/libssl/src/crypto/sha/asm/sha512-sse2.pl b/src/lib/libssl/src/crypto/sha/asm/sha512-sse2.pl new file mode 100644 index 0000000000..10902bf673 --- /dev/null +++ b/src/lib/libssl/src/crypto/sha/asm/sha512-sse2.pl @@ -0,0 +1,404 @@ +#!/usr/bin/env perl +# +# ==================================================================== +# Written by Andy Polyakov for the OpenSSL +# project. Rights for redistribution and usage in source and binary +# forms are granted according to the OpenSSL license. +# ==================================================================== +# +# SHA512_Transform_SSE2. +# +# As the name suggests, this is an IA-32 SSE2 implementation of +# SHA512_Transform. Motivating factor for the undertaken effort was that +# SHA512 was observed to *consistently* perform *significantly* poorer +# than SHA256 [2x and slower is common] on 32-bit platforms. On 64-bit +# platforms on the other hand SHA512 tend to outperform SHA256 [~50% +# seem to be common improvement factor]. All this is perfectly natural, +# as SHA512 is a 64-bit algorithm. But isn't IA-32 SSE2 essentially +# a 64-bit instruction set? Is it rich enough to implement SHA512? +# If answer was "no," then you wouldn't have been reading this... +# +# Throughput performance in MBps (larger is better): +# +# 2.4GHz P4 1.4GHz AMD32 1.4GHz AMD64(*) +# SHA256/gcc(*) 54 43 59 +# SHA512/gcc 17 23 92 +# SHA512/sse2 61(**) 57(**) +# SHA512/icc 26 28 +# SHA256/icc(*) 65 54 +# +# (*) AMD64 and SHA256 numbers are presented mostly for amusement or +# reference purposes. +# (**) I.e. it gives ~2-3x speed-up if compared with compiler generated +# code. One can argue that hand-coded *non*-SSE2 implementation +# would perform better than compiler generated one as well, and +# that comparison is therefore not exactly fair. Well, as SHA512 +# puts enormous pressure on IA-32 GP register bank, I reckon that +# hand-coded version wouldn't perform significantly better than +# one compiled with icc, ~20% perhaps... So that this code would +# still outperform it with distinguishing marginal. But feel free +# to prove me wrong:-) +# +push(@INC,"perlasm","../../perlasm"); +require "x86asm.pl"; + +&asm_init($ARGV[0],"sha512-sse2.pl",$ARGV[$#ARGV] eq "386"); + +$K512="esi"; # K512[80] table, found at the end... +#$W512="esp"; # $W512 is not just W512[16]: it comprises *two* copies + # of W512[16] and a copy of A-H variables... +$W512_SZ=8*(16+16+8); # see above... +#$Kidx="ebx"; # index in K512 table, advances from 0 to 80... +$Widx="edx"; # index in W512, wraps around at 16... +$data="edi"; # 16 qwords of input data... +$A="mm0"; # B-D and +$E="mm1"; # F-H are allocated dynamically... +$Aoff=256+0; # A-H offsets relative to $W512... +$Boff=256+8; +$Coff=256+16; +$Doff=256+24; +$Eoff=256+32; +$Foff=256+40; +$Goff=256+48; +$Hoff=256+56; + +sub SHA2_ROUND() +{ local ($kidx,$widx)=@_; + + # One can argue that one could reorder instructions for better + # performance. Well, I tried and it doesn't seem to make any + # noticeable difference. Modern out-of-order execution cores + # reorder instructions to their liking in either case and they + # apparently do decent job. So we can keep the code more + # readable/regular/comprehensible:-) + + # I adhere to 64-bit %mmX registers in order to avoid/not care + # about #GP exceptions on misaligned 128-bit access, most + # notably in paddq with memory operand. Not to mention that + # SSE2 intructions operating on %mmX can be scheduled every + # cycle [and not every second one if operating on %xmmN]. + + &movq ("mm4",&QWP($Foff,$W512)); # load f + &movq ("mm5",&QWP($Goff,$W512)); # load g + &movq ("mm6",&QWP($Hoff,$W512)); # load h + + &movq ("mm2",$E); # %mm2 is sliding right + &movq ("mm3",$E); # %mm3 is sliding left + &psrlq ("mm2",14); + &psllq ("mm3",23); + &movq ("mm7","mm2"); # %mm7 is T1 + &pxor ("mm7","mm3"); + &psrlq ("mm2",4); + &psllq ("mm3",23); + &pxor ("mm7","mm2"); + &pxor ("mm7","mm3"); + &psrlq ("mm2",23); + &psllq ("mm3",4); + &pxor ("mm7","mm2"); + &pxor ("mm7","mm3"); # T1=Sigma1_512(e) + + &movq (&QWP($Foff,$W512),$E); # f = e + &movq (&QWP($Goff,$W512),"mm4"); # g = f + &movq (&QWP($Hoff,$W512),"mm5"); # h = g + + &pxor ("mm4","mm5"); # f^=g + &pand ("mm4",$E); # f&=e + &pxor ("mm4","mm5"); # f^=g + &paddq ("mm7","mm4"); # T1+=Ch(e,f,g) + + &movq ("mm2",&QWP($Boff,$W512)); # load b + &movq ("mm3",&QWP($Coff,$W512)); # load c + &movq ($E,&QWP($Doff,$W512)); # e = d + + &paddq ("mm7","mm6"); # T1+=h + &paddq ("mm7",&QWP(0,$K512,$kidx,8)); # T1+=K512[i] + &paddq ("mm7",&QWP(0,$W512,$widx,8)); # T1+=W512[i] + &paddq ($E,"mm7"); # e += T1 + + &movq ("mm4",$A); # %mm4 is sliding right + &movq ("mm5",$A); # %mm5 is sliding left + &psrlq ("mm4",28); + &psllq ("mm5",25); + &movq ("mm6","mm4"); # %mm6 is T2 + &pxor ("mm6","mm5"); + &psrlq ("mm4",6); + &psllq ("mm5",5); + &pxor ("mm6","mm4"); + &pxor ("mm6","mm5"); + &psrlq ("mm4",5); + &psllq ("mm5",6); + &pxor ("mm6","mm4"); + &pxor ("mm6","mm5"); # T2=Sigma0_512(a) + + &movq (&QWP($Boff,$W512),$A); # b = a + &movq (&QWP($Coff,$W512),"mm2"); # c = b + &movq (&QWP($Doff,$W512),"mm3"); # d = c + + &movq ("mm4",$A); # %mm4=a + &por ($A,"mm3"); # a=a|c + &pand ("mm4","mm3"); # %mm4=a&c + &pand ($A,"mm2"); # a=(a|c)&b + &por ("mm4",$A); # %mm4=(a&c)|((a|c)&b) + &paddq ("mm6","mm4"); # T2+=Maj(a,b,c) + + &movq ($A,"mm7"); # a=T1 + &paddq ($A,"mm6"); # a+=T2 +} + +$func="sha512_block_sse2"; + +&function_begin_B($func); + if (0) {# Caller is expected to check if it's appropriate to + # call this routine. Below 3 lines are retained for + # debugging purposes... + &picmeup("eax","OPENSSL_ia32cap"); + &bt (&DWP(0,"eax"),26); + &jnc ("SHA512_Transform"); + } + + &push ("ebp"); + &mov ("ebp","esp"); + &push ("ebx"); + &push ("esi"); + &push ("edi"); + + &mov ($Widx,&DWP(8,"ebp")); # A-H state, 1st arg + &mov ($data,&DWP(12,"ebp")); # input data, 2nd arg + &call (&label("pic_point")); # make it PIC! +&set_label("pic_point"); + &blindpop($K512); + &lea ($K512,&DWP(&label("K512")."-".&label("pic_point"),$K512)); + + $W512 = "esp"; # start using %esp as W512 + &sub ($W512,$W512_SZ); + &and ($W512,-16); # ensure 128-bit alignment + + # make private copy of A-H + # v assume the worst and stick to unaligned load + &movdqu ("xmm0",&QWP(0,$Widx)); + &movdqu ("xmm1",&QWP(16,$Widx)); + &movdqu ("xmm2",&QWP(32,$Widx)); + &movdqu ("xmm3",&QWP(48,$Widx)); + +&align(8); +&set_label("_chunk_loop"); + + &movdqa (&QWP($Aoff,$W512),"xmm0"); # a,b + &movdqa (&QWP($Coff,$W512),"xmm1"); # c,d + &movdqa (&QWP($Eoff,$W512),"xmm2"); # e,f + &movdqa (&QWP($Goff,$W512),"xmm3"); # g,h + + &xor ($Widx,$Widx); + + &movdq2q($A,"xmm0"); # load a + &movdq2q($E,"xmm2"); # load e + + # Why aren't loops unrolled? It makes sense to unroll if + # execution time for loop body is comparable with branch + # penalties and/or if whole data-set resides in register bank. + # Neither is case here... Well, it would be possible to + # eliminate few store operations, but it would hardly affect + # so to say stop-watch performance, as there is a lot of + # available memory slots to fill. It will only relieve some + # pressure off memory bus... + + # flip input stream byte order... + &mov ("eax",&DWP(0,$data,$Widx,8)); + &mov ("ebx",&DWP(4,$data,$Widx,8)); + &bswap ("eax"); + &bswap ("ebx"); + &mov (&DWP(0,$W512,$Widx,8),"ebx"); # W512[i] + &mov (&DWP(4,$W512,$Widx,8),"eax"); + &mov (&DWP(128+0,$W512,$Widx,8),"ebx"); # copy of W512[i] + &mov (&DWP(128+4,$W512,$Widx,8),"eax"); + +&align(8); +&set_label("_1st_loop"); # 0-15 + # flip input stream byte order... + &mov ("eax",&DWP(0+8,$data,$Widx,8)); + &mov ("ebx",&DWP(4+8,$data,$Widx,8)); + &bswap ("eax"); + &bswap ("ebx"); + &mov (&DWP(0+8,$W512,$Widx,8),"ebx"); # W512[i] + &mov (&DWP(4+8,$W512,$Widx,8),"eax"); + &mov (&DWP(128+0+8,$W512,$Widx,8),"ebx"); # copy of W512[i] + &mov (&DWP(128+4+8,$W512,$Widx,8),"eax"); +&set_label("_1st_looplet"); + &SHA2_ROUND($Widx,$Widx); &inc($Widx); + +&cmp ($Widx,15) +&jl (&label("_1st_loop")); +&je (&label("_1st_looplet")); # playing similar trick on 2nd loop + # does not improve performance... + + $Kidx = "ebx"; # start using %ebx as Kidx + &mov ($Kidx,$Widx); + +&align(8); +&set_label("_2nd_loop"); # 16-79 + &and($Widx,0xf); + + # 128-bit fragment! I update W512[i] and W512[i+1] in + # parallel:-) Note that I refer to W512[(i&0xf)+N] and not to + # W512[(i+N)&0xf]! This is exactly what I maintain the second + # copy of W512[16] for... + &movdqu ("xmm0",&QWP(8*1,$W512,$Widx,8)); # s0=W512[i+1] + &movdqa ("xmm2","xmm0"); # %xmm2 is sliding right + &movdqa ("xmm3","xmm0"); # %xmm3 is sliding left + &psrlq ("xmm2",1); + &psllq ("xmm3",56); + &movdqa ("xmm0","xmm2"); + &pxor ("xmm0","xmm3"); + &psrlq ("xmm2",6); + &psllq ("xmm3",7); + &pxor ("xmm0","xmm2"); + &pxor ("xmm0","xmm3"); + &psrlq ("xmm2",1); + &pxor ("xmm0","xmm2"); # s0 = sigma0_512(s0); + + &movdqa ("xmm1",&QWP(8*14,$W512,$Widx,8)); # s1=W512[i+14] + &movdqa ("xmm4","xmm1"); # %xmm4 is sliding right + &movdqa ("xmm5","xmm1"); # %xmm5 is sliding left + &psrlq ("xmm4",6); + &psllq ("xmm5",3); + &movdqa ("xmm1","xmm4"); + &pxor ("xmm1","xmm5"); + &psrlq ("xmm4",13); + &psllq ("xmm5",42); + &pxor ("xmm1","xmm4"); + &pxor ("xmm1","xmm5"); + &psrlq ("xmm4",42); + &pxor ("xmm1","xmm4"); # s1 = sigma1_512(s1); + + # + have to explictly load W512[i+9] as it's not 128-bit + # v aligned and paddq would throw an exception... + &movdqu ("xmm6",&QWP(8*9,$W512,$Widx,8)); + &paddq ("xmm0","xmm1"); # s0 += s1 + &paddq ("xmm0","xmm6"); # s0 += W512[i+9] + &paddq ("xmm0",&QWP(0,$W512,$Widx,8)); # s0 += W512[i] + + &movdqa (&QWP(0,$W512,$Widx,8),"xmm0"); # W512[i] = s0 + &movdqa (&QWP(16*8,$W512,$Widx,8),"xmm0"); # copy of W512[i] + + # as the above fragment was 128-bit, we "owe" 2 rounds... + &SHA2_ROUND($Kidx,$Widx); &inc($Kidx); &inc($Widx); + &SHA2_ROUND($Kidx,$Widx); &inc($Kidx); &inc($Widx); + +&cmp ($Kidx,80); +&jl (&label("_2nd_loop")); + + # update A-H state + &mov ($Widx,&DWP(8,"ebp")); # A-H state, 1st arg + &movq (&QWP($Aoff,$W512),$A); # write out a + &movq (&QWP($Eoff,$W512),$E); # write out e + &movdqu ("xmm0",&QWP(0,$Widx)); + &movdqu ("xmm1",&QWP(16,$Widx)); + &movdqu ("xmm2",&QWP(32,$Widx)); + &movdqu ("xmm3",&QWP(48,$Widx)); + &paddq ("xmm0",&QWP($Aoff,$W512)); # 128-bit additions... + &paddq ("xmm1",&QWP($Coff,$W512)); + &paddq ("xmm2",&QWP($Eoff,$W512)); + &paddq ("xmm3",&QWP($Goff,$W512)); + &movdqu (&QWP(0,$Widx),"xmm0"); + &movdqu (&QWP(16,$Widx),"xmm1"); + &movdqu (&QWP(32,$Widx),"xmm2"); + &movdqu (&QWP(48,$Widx),"xmm3"); + +&add ($data,16*8); # advance input data pointer +&dec (&DWP(16,"ebp")); # decrement 3rd arg +&jnz (&label("_chunk_loop")); + + # epilogue + &emms (); # required for at least ELF and Win32 ABIs + &mov ("edi",&DWP(-12,"ebp")); + &mov ("esi",&DWP(-8,"ebp")); + &mov ("ebx",&DWP(-4,"ebp")); + &leave (); +&ret (); + +&align(64); +&set_label("K512"); # Yes! I keep it in the code segment! + &data_word(0xd728ae22,0x428a2f98); # u64 + &data_word(0x23ef65cd,0x71374491); # u64 + &data_word(0xec4d3b2f,0xb5c0fbcf); # u64 + &data_word(0x8189dbbc,0xe9b5dba5); # u64 + &data_word(0xf348b538,0x3956c25b); # u64 + &data_word(0xb605d019,0x59f111f1); # u64 + &data_word(0xaf194f9b,0x923f82a4); # u64 + &data_word(0xda6d8118,0xab1c5ed5); # u64 + &data_word(0xa3030242,0xd807aa98); # u64 + &data_word(0x45706fbe,0x12835b01); # u64 + &data_word(0x4ee4b28c,0x243185be); # u64 + &data_word(0xd5ffb4e2,0x550c7dc3); # u64 + &data_word(0xf27b896f,0x72be5d74); # u64 + &data_word(0x3b1696b1,0x80deb1fe); # u64 + &data_word(0x25c71235,0x9bdc06a7); # u64 + &data_word(0xcf692694,0xc19bf174); # u64 + &data_word(0x9ef14ad2,0xe49b69c1); # u64 + &data_word(0x384f25e3,0xefbe4786); # u64 + &data_word(0x8b8cd5b5,0x0fc19dc6); # u64 + &data_word(0x77ac9c65,0x240ca1cc); # u64 + &data_word(0x592b0275,0x2de92c6f); # u64 + &data_word(0x6ea6e483,0x4a7484aa); # u64 + &data_word(0xbd41fbd4,0x5cb0a9dc); # u64 + &data_word(0x831153b5,0x76f988da); # u64 + &data_word(0xee66dfab,0x983e5152); # u64 + &data_word(0x2db43210,0xa831c66d); # u64 + &data_word(0x98fb213f,0xb00327c8); # u64 + &data_word(0xbeef0ee4,0xbf597fc7); # u64 + &data_word(0x3da88fc2,0xc6e00bf3); # u64 + &data_word(0x930aa725,0xd5a79147); # u64 + &data_word(0xe003826f,0x06ca6351); # u64 + &data_word(0x0a0e6e70,0x14292967); # u64 + &data_word(0x46d22ffc,0x27b70a85); # u64 + &data_word(0x5c26c926,0x2e1b2138); # u64 + &data_word(0x5ac42aed,0x4d2c6dfc); # u64 + &data_word(0x9d95b3df,0x53380d13); # u64 + &data_word(0x8baf63de,0x650a7354); # u64 + &data_word(0x3c77b2a8,0x766a0abb); # u64 + &data_word(0x47edaee6,0x81c2c92e); # u64 + &data_word(0x1482353b,0x92722c85); # u64 + &data_word(0x4cf10364,0xa2bfe8a1); # u64 + &data_word(0xbc423001,0xa81a664b); # u64 + &data_word(0xd0f89791,0xc24b8b70); # u64 + &data_word(0x0654be30,0xc76c51a3); # u64 + &data_word(0xd6ef5218,0xd192e819); # u64 + &data_word(0x5565a910,0xd6990624); # u64 + &data_word(0x5771202a,0xf40e3585); # u64 + &data_word(0x32bbd1b8,0x106aa070); # u64 + &data_word(0xb8d2d0c8,0x19a4c116); # u64 + &data_word(0x5141ab53,0x1e376c08); # u64 + &data_word(0xdf8eeb99,0x2748774c); # u64 + &data_word(0xe19b48a8,0x34b0bcb5); # u64 + &data_word(0xc5c95a63,0x391c0cb3); # u64 + &data_word(0xe3418acb,0x4ed8aa4a); # u64 + &data_word(0x7763e373,0x5b9cca4f); # u64 + &data_word(0xd6b2b8a3,0x682e6ff3); # u64 + &data_word(0x5defb2fc,0x748f82ee); # u64 + &data_word(0x43172f60,0x78a5636f); # u64 + &data_word(0xa1f0ab72,0x84c87814); # u64 + &data_word(0x1a6439ec,0x8cc70208); # u64 + &data_word(0x23631e28,0x90befffa); # u64 + &data_word(0xde82bde9,0xa4506ceb); # u64 + &data_word(0xb2c67915,0xbef9a3f7); # u64 + &data_word(0xe372532b,0xc67178f2); # u64 + &data_word(0xea26619c,0xca273ece); # u64 + &data_word(0x21c0c207,0xd186b8c7); # u64 + &data_word(0xcde0eb1e,0xeada7dd6); # u64 + &data_word(0xee6ed178,0xf57d4f7f); # u64 + &data_word(0x72176fba,0x06f067aa); # u64 + &data_word(0xa2c898a6,0x0a637dc5); # u64 + &data_word(0xbef90dae,0x113f9804); # u64 + &data_word(0x131c471b,0x1b710b35); # u64 + &data_word(0x23047d84,0x28db77f5); # u64 + &data_word(0x40c72493,0x32caab7b); # u64 + &data_word(0x15c9bebc,0x3c9ebe0a); # u64 + &data_word(0x9c100d4c,0x431d67c4); # u64 + &data_word(0xcb3e42b6,0x4cc5d4be); # u64 + &data_word(0xfc657e2a,0x597f299c); # u64 + &data_word(0x3ad6faec,0x5fcb6fab); # u64 + &data_word(0x4a475817,0x6c44198c); # u64 + +&function_end_B($func); + +&asm_finish(); diff --git a/src/lib/libssl/src/crypto/sha/sha.h b/src/lib/libssl/src/crypto/sha/sha.h index 79c07b0fd1..eed44d7f94 100644 --- a/src/lib/libssl/src/crypto/sha/sha.h +++ b/src/lib/libssl/src/crypto/sha/sha.h @@ -60,6 +60,7 @@ #define HEADER_SHA_H #include +#include #ifdef __cplusplus extern "C" { @@ -70,7 +71,7 @@ extern "C" { #endif #if defined(OPENSSL_FIPS) -#define FIPS_SHA_SIZE_T unsigned long +#define FIPS_SHA_SIZE_T size_t #endif /* @@ -101,26 +102,97 @@ typedef struct SHAstate_st SHA_LONG h0,h1,h2,h3,h4; SHA_LONG Nl,Nh; SHA_LONG data[SHA_LBLOCK]; - int num; + unsigned int num; } SHA_CTX; #ifndef OPENSSL_NO_SHA0 -#ifdef OPENSSL_FIPS -int private_SHA_Init(SHA_CTX *c); -#endif int SHA_Init(SHA_CTX *c); -int SHA_Update(SHA_CTX *c, const void *data, unsigned long len); +int SHA_Update(SHA_CTX *c, const void *data, size_t len); int SHA_Final(unsigned char *md, SHA_CTX *c); -unsigned char *SHA(const unsigned char *d, unsigned long n,unsigned char *md); +unsigned char *SHA(const unsigned char *d, size_t n, unsigned char *md); void SHA_Transform(SHA_CTX *c, const unsigned char *data); #endif #ifndef OPENSSL_NO_SHA1 int SHA1_Init(SHA_CTX *c); -int SHA1_Update(SHA_CTX *c, const void *data, unsigned long len); +int SHA1_Update(SHA_CTX *c, const void *data, size_t len); int SHA1_Final(unsigned char *md, SHA_CTX *c); -unsigned char *SHA1(const unsigned char *d, unsigned long n,unsigned char *md); +unsigned char *SHA1(const unsigned char *d, size_t n, unsigned char *md); void SHA1_Transform(SHA_CTX *c, const unsigned char *data); #endif + +#define SHA256_CBLOCK (SHA_LBLOCK*4) /* SHA-256 treats input data as a + * contiguous array of 32 bit + * wide big-endian values. */ +#define SHA224_DIGEST_LENGTH 28 +#define SHA256_DIGEST_LENGTH 32 + +typedef struct SHA256state_st + { + SHA_LONG h[8]; + SHA_LONG Nl,Nh; + SHA_LONG data[SHA_LBLOCK]; + unsigned int num,md_len; + } SHA256_CTX; + +#ifndef OPENSSL_NO_SHA256 +int SHA224_Init(SHA256_CTX *c); +int SHA224_Update(SHA256_CTX *c, const void *data, size_t len); +int SHA224_Final(unsigned char *md, SHA256_CTX *c); +unsigned char *SHA224(const unsigned char *d, size_t n,unsigned char *md); +int SHA256_Init(SHA256_CTX *c); +int SHA256_Update(SHA256_CTX *c, const void *data, size_t len); +int SHA256_Final(unsigned char *md, SHA256_CTX *c); +unsigned char *SHA256(const unsigned char *d, size_t n,unsigned char *md); +void SHA256_Transform(SHA256_CTX *c, const unsigned char *data); +#endif + +#define SHA384_DIGEST_LENGTH 48 +#define SHA512_DIGEST_LENGTH 64 + +#ifndef OPENSSL_NO_SHA512 +/* + * Unlike 32-bit digest algorithms, SHA-512 *relies* on SHA_LONG64 + * being exactly 64-bit wide. See Implementation Notes in sha512.c + * for further details. + */ +#define SHA512_CBLOCK (SHA_LBLOCK*8) /* SHA-512 treats input data as a + * contiguous array of 64 bit + * wide big-endian values. */ +#if (defined(_WIN32) || defined(_WIN64)) && !defined(__MINGW32__) +#define SHA_LONG64 unsigned __int64 +#define U64(C) C##UI64 +#elif defined(__arch64__) +#define SHA_LONG64 unsigned long +#define U64(C) C##UL +#else +#define SHA_LONG64 unsigned long long +#define U64(C) C##ULL +#endif + +typedef struct SHA512state_st + { + SHA_LONG64 h[8]; + SHA_LONG64 Nl,Nh; + union { + SHA_LONG64 d[SHA_LBLOCK]; + unsigned char p[SHA512_CBLOCK]; + } u; + unsigned int num,md_len; + } SHA512_CTX; +#endif + +#ifndef OPENSSL_NO_SHA512 +int SHA384_Init(SHA512_CTX *c); +int SHA384_Update(SHA512_CTX *c, const void *data, size_t len); +int SHA384_Final(unsigned char *md, SHA512_CTX *c); +unsigned char *SHA384(const unsigned char *d, size_t n,unsigned char *md); +int SHA512_Init(SHA512_CTX *c); +int SHA512_Update(SHA512_CTX *c, const void *data, size_t len); +int SHA512_Final(unsigned char *md, SHA512_CTX *c); +unsigned char *SHA512(const unsigned char *d, size_t n,unsigned char *md); +void SHA512_Transform(SHA512_CTX *c, const unsigned char *data); +#endif + #ifdef __cplusplus } #endif diff --git a/src/lib/libssl/src/crypto/sha/sha1_one.c b/src/lib/libssl/src/crypto/sha/sha1_one.c index f4694b701b..7c65b60276 100644 --- a/src/lib/libssl/src/crypto/sha/sha1_one.c +++ b/src/lib/libssl/src/crypto/sha/sha1_one.c @@ -61,8 +61,8 @@ #include #include -#if !defined(OPENSSL_NO_SHA1) && !defined(OPENSSL_FIPS) -unsigned char *SHA1(const unsigned char *d, unsigned long n, unsigned char *md) +#ifndef OPENSSL_NO_SHA1 +unsigned char *SHA1(const unsigned char *d, size_t n, unsigned char *md) { SHA_CTX c; static unsigned char m[SHA_DIGEST_LENGTH]; diff --git a/src/lib/libssl/src/crypto/sha/sha1dgst.c b/src/lib/libssl/src/crypto/sha/sha1dgst.c index 1e2009b760..50d1925cde 100644 --- a/src/lib/libssl/src/crypto/sha/sha1dgst.c +++ b/src/lib/libssl/src/crypto/sha/sha1dgst.c @@ -56,26 +56,19 @@ * [including the GNU Public Licence.] */ +#include #if !defined(OPENSSL_NO_SHA1) && !defined(OPENSSL_NO_SHA) #undef SHA_0 #define SHA_1 #include -#include -#ifndef OPENSSL_FIPS -const char *SHA1_version="SHA1" OPENSSL_VERSION_PTEXT; +const char SHA1_version[]="SHA1" OPENSSL_VERSION_PTEXT; /* The implementation is in ../md32_common.h */ #include "sha_locl.h" -#else /* ndef OPENSSL_FIPS */ - -static void *dummy=&dummy; - -#endif /* ndef OPENSSL_FIPS */ - #endif diff --git a/src/lib/libssl/src/crypto/sha/sha1test.c b/src/lib/libssl/src/crypto/sha/sha1test.c index 4f2e4ada2d..6feb3964c7 100644 --- a/src/lib/libssl/src/crypto/sha/sha1test.c +++ b/src/lib/libssl/src/crypto/sha/sha1test.c @@ -106,7 +106,7 @@ static char *pt(unsigned char *md); int main(int argc, char *argv[]) { int i,err=0; - unsigned char **P,**R; + char **P,**R; static unsigned char buf[1000]; char *p,*r; EVP_MD_CTX c; @@ -118,12 +118,12 @@ int main(int argc, char *argv[]) #endif EVP_MD_CTX_init(&c); - P=(unsigned char **)test; - R=(unsigned char **)ret; + P=test; + R=ret; i=1; while (*P != NULL) { - EVP_Digest(*P,(unsigned long)strlen((char *)*P),md,NULL,EVP_sha1(), NULL); + EVP_Digest(*P,strlen((char *)*P),md,NULL,EVP_sha1(), NULL); p=pt(md); if (strcmp(p,(char *)*R) != 0) { @@ -157,6 +157,10 @@ int main(int argc, char *argv[]) } else printf("test 3 ok\n"); + +#ifdef OPENSSL_SYS_NETWARE + if (err) printf("ERROR: %d\n", err); +#endif EXIT(err); EVP_MD_CTX_cleanup(&c); return(0); diff --git a/src/lib/libssl/src/crypto/sha/sha_dgst.c b/src/lib/libssl/src/crypto/sha/sha_dgst.c index 5a4b3ab204..70eb56032c 100644 --- a/src/lib/libssl/src/crypto/sha/sha_dgst.c +++ b/src/lib/libssl/src/crypto/sha/sha_dgst.c @@ -56,6 +56,7 @@ * [including the GNU Public Licence.] */ +#include #if !defined(OPENSSL_NO_SHA0) && !defined(OPENSSL_NO_SHA) #undef SHA_1 @@ -63,7 +64,7 @@ #include -const char *SHA_version="SHA" OPENSSL_VERSION_PTEXT; +const char SHA_version[]="SHA" OPENSSL_VERSION_PTEXT; /* The implementation is in ../md32_common.h */ diff --git a/src/lib/libssl/src/crypto/sha/sha_locl.h b/src/lib/libssl/src/crypto/sha/sha_locl.h index a3623f72da..e37e5726e3 100644 --- a/src/lib/libssl/src/crypto/sha/sha_locl.h +++ b/src/lib/libssl/src/crypto/sha/sha_locl.h @@ -62,17 +62,11 @@ #include #include -#ifndef SHA_LONG_LOG2 -#define SHA_LONG_LOG2 2 /* default to 32 bits */ -#endif - #define DATA_ORDER_IS_BIG_ENDIAN #define HASH_LONG SHA_LONG -#define HASH_LONG_LOG2 SHA_LONG_LOG2 #define HASH_CTX SHA_CTX #define HASH_CBLOCK SHA_CBLOCK -#define HASH_LBLOCK SHA_LBLOCK #define HASH_MAKE_STRING(c,s) do { \ unsigned long ll; \ ll=(c)->h0; HOST_l2c(ll,(s)); \ @@ -88,12 +82,10 @@ # define HASH_TRANSFORM SHA_Transform # define HASH_FINAL SHA_Final # define HASH_INIT SHA_Init -# define HASH_BLOCK_HOST_ORDER sha_block_host_order # define HASH_BLOCK_DATA_ORDER sha_block_data_order # define Xupdate(a,ix,ia,ib,ic,id) (ix=(a)=(ia^ib^ic^id)) - void sha_block_host_order (SHA_CTX *c, const void *p,int num); - void sha_block_data_order (SHA_CTX *c, const void *p,int num); +static void sha_block_data_order (SHA_CTX *c, const void *p,size_t num); #elif defined(SHA_1) @@ -101,7 +93,6 @@ # define HASH_TRANSFORM SHA1_Transform # define HASH_FINAL SHA1_Final # define HASH_INIT SHA1_Init -# define HASH_BLOCK_HOST_ORDER sha1_block_host_order # define HASH_BLOCK_DATA_ORDER sha1_block_data_order # if defined(__MWERKS__) && defined(__MC68K__) /* Metrowerks for Motorola fails otherwise:-( */ @@ -114,22 +105,10 @@ ) # endif -# ifdef SHA1_ASM -# if defined(__i386) || defined(__i386__) || defined(_M_IX86) || defined(__INTEL__) -# define sha1_block_host_order sha1_block_asm_host_order -# define DONT_IMPLEMENT_BLOCK_HOST_ORDER -# define sha1_block_data_order sha1_block_asm_data_order -# define DONT_IMPLEMENT_BLOCK_DATA_ORDER -# define HASH_BLOCK_DATA_ORDER_ALIGNED sha1_block_asm_data_order -# elif defined(__ia64) || defined(__ia64__) || defined(_M_IA64) -# define sha1_block_host_order sha1_block_asm_host_order -# define DONT_IMPLEMENT_BLOCK_HOST_ORDER -# define sha1_block_data_order sha1_block_asm_data_order -# define DONT_IMPLEMENT_BLOCK_DATA_ORDER -# endif -# endif - void sha1_block_host_order (SHA_CTX *c, const void *p,int num); - void sha1_block_data_order (SHA_CTX *c, const void *p,int num); +#ifndef SHA1_ASM +static +#endif +void sha1_block_data_order (SHA_CTX *c, const void *p,size_t num); #else # error "Either SHA_0 or SHA_1 must be defined." @@ -143,11 +122,7 @@ #define INIT_DATA_h3 0x10325476UL #define INIT_DATA_h4 0xc3d2e1f0UL -#if defined(SHA_0) && defined(OPENSSL_FIPS) -FIPS_NON_FIPS_MD_Init(SHA) -#else int HASH_INIT (SHA_CTX *c) -#endif { c->h0=INIT_DATA_h0; c->h1=INIT_DATA_h1; @@ -177,6 +152,8 @@ int HASH_INIT (SHA_CTX *c) #define F_40_59(b,c,d) (((b) & (c)) | (((b)|(c)) & (d))) #define F_60_79(b,c,d) F_20_39(b,c,d) +#ifndef OPENSSL_SMALL_FOOTPRINT + #define BODY_00_15(i,a,b,c,d,e,f,xi) \ (f)=xi+(e)+K_00_19+ROTATE((a),5)+F_00_19((b),(c),(d)); \ (b)=ROTATE((b),30); @@ -229,11 +206,11 @@ int HASH_INIT (SHA_CTX *c) # define X(i) XX[i] #endif -#ifndef DONT_IMPLEMENT_BLOCK_HOST_ORDER -void HASH_BLOCK_HOST_ORDER (SHA_CTX *c, const void *d, int num) +#if !defined(SHA_1) || !defined(SHA1_ASM) +static void HASH_BLOCK_DATA_ORDER (SHA_CTX *c, const void *p, size_t num) { - const SHA_LONG *W=d; - register unsigned MD32_REG_T A,B,C,D,E,T; + const unsigned char *data=p; + register unsigned MD32_REG_T A,B,C,D,E,T,l; #ifndef MD32_XARRAY unsigned MD32_REG_T XX0, XX1, XX2, XX3, XX4, XX5, XX6, XX7, XX8, XX9,XX10,XX11,XX12,XX13,XX14,XX15; @@ -248,41 +225,71 @@ void HASH_BLOCK_HOST_ORDER (SHA_CTX *c, const void *d, int num) E=c->h4; for (;;) + { + const union { long one; char little; } is_endian = {1}; + + if (!is_endian.little && sizeof(SHA_LONG)==4 && ((size_t)p%4)==0) + { + const SHA_LONG *W=(const SHA_LONG *)data; + + X( 0) = W[0]; X( 1) = W[ 1]; + BODY_00_15( 0,A,B,C,D,E,T,X( 0)); X( 2) = W[ 2]; + BODY_00_15( 1,T,A,B,C,D,E,X( 1)); X( 3) = W[ 3]; + BODY_00_15( 2,E,T,A,B,C,D,X( 2)); X( 4) = W[ 4]; + BODY_00_15( 3,D,E,T,A,B,C,X( 3)); X( 5) = W[ 5]; + BODY_00_15( 4,C,D,E,T,A,B,X( 4)); X( 6) = W[ 6]; + BODY_00_15( 5,B,C,D,E,T,A,X( 5)); X( 7) = W[ 7]; + BODY_00_15( 6,A,B,C,D,E,T,X( 6)); X( 8) = W[ 8]; + BODY_00_15( 7,T,A,B,C,D,E,X( 7)); X( 9) = W[ 9]; + BODY_00_15( 8,E,T,A,B,C,D,X( 8)); X(10) = W[10]; + BODY_00_15( 9,D,E,T,A,B,C,X( 9)); X(11) = W[11]; + BODY_00_15(10,C,D,E,T,A,B,X(10)); X(12) = W[12]; + BODY_00_15(11,B,C,D,E,T,A,X(11)); X(13) = W[13]; + BODY_00_15(12,A,B,C,D,E,T,X(12)); X(14) = W[14]; + BODY_00_15(13,T,A,B,C,D,E,X(13)); X(15) = W[15]; + BODY_00_15(14,E,T,A,B,C,D,X(14)); + BODY_00_15(15,D,E,T,A,B,C,X(15)); + + data += SHA_CBLOCK; + } + else { - BODY_00_15( 0,A,B,C,D,E,T,W[ 0]); - BODY_00_15( 1,T,A,B,C,D,E,W[ 1]); - BODY_00_15( 2,E,T,A,B,C,D,W[ 2]); - BODY_00_15( 3,D,E,T,A,B,C,W[ 3]); - BODY_00_15( 4,C,D,E,T,A,B,W[ 4]); - BODY_00_15( 5,B,C,D,E,T,A,W[ 5]); - BODY_00_15( 6,A,B,C,D,E,T,W[ 6]); - BODY_00_15( 7,T,A,B,C,D,E,W[ 7]); - BODY_00_15( 8,E,T,A,B,C,D,W[ 8]); - BODY_00_15( 9,D,E,T,A,B,C,W[ 9]); - BODY_00_15(10,C,D,E,T,A,B,W[10]); - BODY_00_15(11,B,C,D,E,T,A,W[11]); - BODY_00_15(12,A,B,C,D,E,T,W[12]); - BODY_00_15(13,T,A,B,C,D,E,W[13]); - BODY_00_15(14,E,T,A,B,C,D,W[14]); - BODY_00_15(15,D,E,T,A,B,C,W[15]); - - BODY_16_19(16,C,D,E,T,A,B,X( 0),W[ 0],W[ 2],W[ 8],W[13]); - BODY_16_19(17,B,C,D,E,T,A,X( 1),W[ 1],W[ 3],W[ 9],W[14]); - BODY_16_19(18,A,B,C,D,E,T,X( 2),W[ 2],W[ 4],W[10],W[15]); - BODY_16_19(19,T,A,B,C,D,E,X( 3),W[ 3],W[ 5],W[11],X( 0)); - - BODY_20_31(20,E,T,A,B,C,D,X( 4),W[ 4],W[ 6],W[12],X( 1)); - BODY_20_31(21,D,E,T,A,B,C,X( 5),W[ 5],W[ 7],W[13],X( 2)); - BODY_20_31(22,C,D,E,T,A,B,X( 6),W[ 6],W[ 8],W[14],X( 3)); - BODY_20_31(23,B,C,D,E,T,A,X( 7),W[ 7],W[ 9],W[15],X( 4)); - BODY_20_31(24,A,B,C,D,E,T,X( 8),W[ 8],W[10],X( 0),X( 5)); - BODY_20_31(25,T,A,B,C,D,E,X( 9),W[ 9],W[11],X( 1),X( 6)); - BODY_20_31(26,E,T,A,B,C,D,X(10),W[10],W[12],X( 2),X( 7)); - BODY_20_31(27,D,E,T,A,B,C,X(11),W[11],W[13],X( 3),X( 8)); - BODY_20_31(28,C,D,E,T,A,B,X(12),W[12],W[14],X( 4),X( 9)); - BODY_20_31(29,B,C,D,E,T,A,X(13),W[13],W[15],X( 5),X(10)); - BODY_20_31(30,A,B,C,D,E,T,X(14),W[14],X( 0),X( 6),X(11)); - BODY_20_31(31,T,A,B,C,D,E,X(15),W[15],X( 1),X( 7),X(12)); + HOST_c2l(data,l); X( 0)=l; HOST_c2l(data,l); X( 1)=l; + BODY_00_15( 0,A,B,C,D,E,T,X( 0)); HOST_c2l(data,l); X( 2)=l; + BODY_00_15( 1,T,A,B,C,D,E,X( 1)); HOST_c2l(data,l); X( 3)=l; + BODY_00_15( 2,E,T,A,B,C,D,X( 2)); HOST_c2l(data,l); X( 4)=l; + BODY_00_15( 3,D,E,T,A,B,C,X( 3)); HOST_c2l(data,l); X( 5)=l; + BODY_00_15( 4,C,D,E,T,A,B,X( 4)); HOST_c2l(data,l); X( 6)=l; + BODY_00_15( 5,B,C,D,E,T,A,X( 5)); HOST_c2l(data,l); X( 7)=l; + BODY_00_15( 6,A,B,C,D,E,T,X( 6)); HOST_c2l(data,l); X( 8)=l; + BODY_00_15( 7,T,A,B,C,D,E,X( 7)); HOST_c2l(data,l); X( 9)=l; + BODY_00_15( 8,E,T,A,B,C,D,X( 8)); HOST_c2l(data,l); X(10)=l; + BODY_00_15( 9,D,E,T,A,B,C,X( 9)); HOST_c2l(data,l); X(11)=l; + BODY_00_15(10,C,D,E,T,A,B,X(10)); HOST_c2l(data,l); X(12)=l; + BODY_00_15(11,B,C,D,E,T,A,X(11)); HOST_c2l(data,l); X(13)=l; + BODY_00_15(12,A,B,C,D,E,T,X(12)); HOST_c2l(data,l); X(14)=l; + BODY_00_15(13,T,A,B,C,D,E,X(13)); HOST_c2l(data,l); X(15)=l; + BODY_00_15(14,E,T,A,B,C,D,X(14)); + BODY_00_15(15,D,E,T,A,B,C,X(15)); + } + + BODY_16_19(16,C,D,E,T,A,B,X( 0),X( 0),X( 2),X( 8),X(13)); + BODY_16_19(17,B,C,D,E,T,A,X( 1),X( 1),X( 3),X( 9),X(14)); + BODY_16_19(18,A,B,C,D,E,T,X( 2),X( 2),X( 4),X(10),X(15)); + BODY_16_19(19,T,A,B,C,D,E,X( 3),X( 3),X( 5),X(11),X( 0)); + + BODY_20_31(20,E,T,A,B,C,D,X( 4),X( 4),X( 6),X(12),X( 1)); + BODY_20_31(21,D,E,T,A,B,C,X( 5),X( 5),X( 7),X(13),X( 2)); + BODY_20_31(22,C,D,E,T,A,B,X( 6),X( 6),X( 8),X(14),X( 3)); + BODY_20_31(23,B,C,D,E,T,A,X( 7),X( 7),X( 9),X(15),X( 4)); + BODY_20_31(24,A,B,C,D,E,T,X( 8),X( 8),X(10),X( 0),X( 5)); + BODY_20_31(25,T,A,B,C,D,E,X( 9),X( 9),X(11),X( 1),X( 6)); + BODY_20_31(26,E,T,A,B,C,D,X(10),X(10),X(12),X( 2),X( 7)); + BODY_20_31(27,D,E,T,A,B,C,X(11),X(11),X(13),X( 3),X( 8)); + BODY_20_31(28,C,D,E,T,A,B,X(12),X(12),X(14),X( 4),X( 9)); + BODY_20_31(29,B,C,D,E,T,A,X(13),X(13),X(15),X( 5),X(10)); + BODY_20_31(30,A,B,C,D,E,T,X(14),X(14),X( 0),X( 6),X(11)); + BODY_20_31(31,T,A,B,C,D,E,X(15),X(15),X( 1),X( 7),X(12)); BODY_32_39(32,E,T,A,B,C,D,X( 0),X( 2),X( 8),X(13)); BODY_32_39(33,D,E,T,A,B,C,X( 1),X( 3),X( 9),X(14)); @@ -341,7 +348,7 @@ void HASH_BLOCK_HOST_ORDER (SHA_CTX *c, const void *d, int num) c->h3=(c->h3+B)&0xffffffffL; c->h4=(c->h4+C)&0xffffffffL; - if (--num <= 0) break; + if (--num == 0) break; A=c->h0; B=c->h1; @@ -349,22 +356,48 @@ void HASH_BLOCK_HOST_ORDER (SHA_CTX *c, const void *d, int num) D=c->h3; E=c->h4; - W+=SHA_LBLOCK; - } + } } #endif -#ifndef DONT_IMPLEMENT_BLOCK_DATA_ORDER -void HASH_BLOCK_DATA_ORDER (SHA_CTX *c, const void *p, int num) +#else /* OPENSSL_SMALL_FOOTPRINT */ + +#define BODY_00_15(xi) do { \ + T=E+K_00_19+F_00_19(B,C,D); \ + E=D, D=C, C=ROTATE(B,30), B=A; \ + A=ROTATE(A,5)+T+xi; } while(0) + +#define BODY_16_19(xa,xb,xc,xd) do { \ + Xupdate(T,xa,xa,xb,xc,xd); \ + T+=E+K_00_19+F_00_19(B,C,D); \ + E=D, D=C, C=ROTATE(B,30), B=A; \ + A=ROTATE(A,5)+T; } while(0) + +#define BODY_20_39(xa,xb,xc,xd) do { \ + Xupdate(T,xa,xa,xb,xc,xd); \ + T+=E+K_20_39+F_20_39(B,C,D); \ + E=D, D=C, C=ROTATE(B,30), B=A; \ + A=ROTATE(A,5)+T; } while(0) + +#define BODY_40_59(xa,xb,xc,xd) do { \ + Xupdate(T,xa,xa,xb,xc,xd); \ + T+=E+K_40_59+F_40_59(B,C,D); \ + E=D, D=C, C=ROTATE(B,30), B=A; \ + A=ROTATE(A,5)+T; } while(0) + +#define BODY_60_79(xa,xb,xc,xd) do { \ + Xupdate(T,xa,xa,xb,xc,xd); \ + T=E+K_60_79+F_60_79(B,C,D); \ + E=D, D=C, C=ROTATE(B,30), B=A; \ + A=ROTATE(A,5)+T+xa; } while(0) + +#if !defined(SHA_1) || !defined(SHA1_ASM) +static void HASH_BLOCK_DATA_ORDER (SHA_CTX *c, const void *p, size_t num) { const unsigned char *data=p; register unsigned MD32_REG_T A,B,C,D,E,T,l; -#ifndef MD32_XARRAY - unsigned MD32_REG_T XX0, XX1, XX2, XX3, XX4, XX5, XX6, XX7, - XX8, XX9,XX10,XX11,XX12,XX13,XX14,XX15; -#else - SHA_LONG XX[16]; -#endif + int i; + SHA_LONG X[16]; A=c->h0; B=c->h1; @@ -374,101 +407,24 @@ void HASH_BLOCK_DATA_ORDER (SHA_CTX *c, const void *p, int num) for (;;) { - - HOST_c2l(data,l); X( 0)=l; HOST_c2l(data,l); X( 1)=l; - BODY_00_15( 0,A,B,C,D,E,T,X( 0)); HOST_c2l(data,l); X( 2)=l; - BODY_00_15( 1,T,A,B,C,D,E,X( 1)); HOST_c2l(data,l); X( 3)=l; - BODY_00_15( 2,E,T,A,B,C,D,X( 2)); HOST_c2l(data,l); X( 4)=l; - BODY_00_15( 3,D,E,T,A,B,C,X( 3)); HOST_c2l(data,l); X( 5)=l; - BODY_00_15( 4,C,D,E,T,A,B,X( 4)); HOST_c2l(data,l); X( 6)=l; - BODY_00_15( 5,B,C,D,E,T,A,X( 5)); HOST_c2l(data,l); X( 7)=l; - BODY_00_15( 6,A,B,C,D,E,T,X( 6)); HOST_c2l(data,l); X( 8)=l; - BODY_00_15( 7,T,A,B,C,D,E,X( 7)); HOST_c2l(data,l); X( 9)=l; - BODY_00_15( 8,E,T,A,B,C,D,X( 8)); HOST_c2l(data,l); X(10)=l; - BODY_00_15( 9,D,E,T,A,B,C,X( 9)); HOST_c2l(data,l); X(11)=l; - BODY_00_15(10,C,D,E,T,A,B,X(10)); HOST_c2l(data,l); X(12)=l; - BODY_00_15(11,B,C,D,E,T,A,X(11)); HOST_c2l(data,l); X(13)=l; - BODY_00_15(12,A,B,C,D,E,T,X(12)); HOST_c2l(data,l); X(14)=l; - BODY_00_15(13,T,A,B,C,D,E,X(13)); HOST_c2l(data,l); X(15)=l; - BODY_00_15(14,E,T,A,B,C,D,X(14)); - BODY_00_15(15,D,E,T,A,B,C,X(15)); - - BODY_16_19(16,C,D,E,T,A,B,X( 0),X( 0),X( 2),X( 8),X(13)); - BODY_16_19(17,B,C,D,E,T,A,X( 1),X( 1),X( 3),X( 9),X(14)); - BODY_16_19(18,A,B,C,D,E,T,X( 2),X( 2),X( 4),X(10),X(15)); - BODY_16_19(19,T,A,B,C,D,E,X( 3),X( 3),X( 5),X(11),X( 0)); - - BODY_20_31(20,E,T,A,B,C,D,X( 4),X( 4),X( 6),X(12),X( 1)); - BODY_20_31(21,D,E,T,A,B,C,X( 5),X( 5),X( 7),X(13),X( 2)); - BODY_20_31(22,C,D,E,T,A,B,X( 6),X( 6),X( 8),X(14),X( 3)); - BODY_20_31(23,B,C,D,E,T,A,X( 7),X( 7),X( 9),X(15),X( 4)); - BODY_20_31(24,A,B,C,D,E,T,X( 8),X( 8),X(10),X( 0),X( 5)); - BODY_20_31(25,T,A,B,C,D,E,X( 9),X( 9),X(11),X( 1),X( 6)); - BODY_20_31(26,E,T,A,B,C,D,X(10),X(10),X(12),X( 2),X( 7)); - BODY_20_31(27,D,E,T,A,B,C,X(11),X(11),X(13),X( 3),X( 8)); - BODY_20_31(28,C,D,E,T,A,B,X(12),X(12),X(14),X( 4),X( 9)); - BODY_20_31(29,B,C,D,E,T,A,X(13),X(13),X(15),X( 5),X(10)); - BODY_20_31(30,A,B,C,D,E,T,X(14),X(14),X( 0),X( 6),X(11)); - BODY_20_31(31,T,A,B,C,D,E,X(15),X(15),X( 1),X( 7),X(12)); - - BODY_32_39(32,E,T,A,B,C,D,X( 0),X( 2),X( 8),X(13)); - BODY_32_39(33,D,E,T,A,B,C,X( 1),X( 3),X( 9),X(14)); - BODY_32_39(34,C,D,E,T,A,B,X( 2),X( 4),X(10),X(15)); - BODY_32_39(35,B,C,D,E,T,A,X( 3),X( 5),X(11),X( 0)); - BODY_32_39(36,A,B,C,D,E,T,X( 4),X( 6),X(12),X( 1)); - BODY_32_39(37,T,A,B,C,D,E,X( 5),X( 7),X(13),X( 2)); - BODY_32_39(38,E,T,A,B,C,D,X( 6),X( 8),X(14),X( 3)); - BODY_32_39(39,D,E,T,A,B,C,X( 7),X( 9),X(15),X( 4)); - - BODY_40_59(40,C,D,E,T,A,B,X( 8),X(10),X( 0),X( 5)); - BODY_40_59(41,B,C,D,E,T,A,X( 9),X(11),X( 1),X( 6)); - BODY_40_59(42,A,B,C,D,E,T,X(10),X(12),X( 2),X( 7)); - BODY_40_59(43,T,A,B,C,D,E,X(11),X(13),X( 3),X( 8)); - BODY_40_59(44,E,T,A,B,C,D,X(12),X(14),X( 4),X( 9)); - BODY_40_59(45,D,E,T,A,B,C,X(13),X(15),X( 5),X(10)); - BODY_40_59(46,C,D,E,T,A,B,X(14),X( 0),X( 6),X(11)); - BODY_40_59(47,B,C,D,E,T,A,X(15),X( 1),X( 7),X(12)); - BODY_40_59(48,A,B,C,D,E,T,X( 0),X( 2),X( 8),X(13)); - BODY_40_59(49,T,A,B,C,D,E,X( 1),X( 3),X( 9),X(14)); - BODY_40_59(50,E,T,A,B,C,D,X( 2),X( 4),X(10),X(15)); - BODY_40_59(51,D,E,T,A,B,C,X( 3),X( 5),X(11),X( 0)); - BODY_40_59(52,C,D,E,T,A,B,X( 4),X( 6),X(12),X( 1)); - BODY_40_59(53,B,C,D,E,T,A,X( 5),X( 7),X(13),X( 2)); - BODY_40_59(54,A,B,C,D,E,T,X( 6),X( 8),X(14),X( 3)); - BODY_40_59(55,T,A,B,C,D,E,X( 7),X( 9),X(15),X( 4)); - BODY_40_59(56,E,T,A,B,C,D,X( 8),X(10),X( 0),X( 5)); - BODY_40_59(57,D,E,T,A,B,C,X( 9),X(11),X( 1),X( 6)); - BODY_40_59(58,C,D,E,T,A,B,X(10),X(12),X( 2),X( 7)); - BODY_40_59(59,B,C,D,E,T,A,X(11),X(13),X( 3),X( 8)); - - BODY_60_79(60,A,B,C,D,E,T,X(12),X(14),X( 4),X( 9)); - BODY_60_79(61,T,A,B,C,D,E,X(13),X(15),X( 5),X(10)); - BODY_60_79(62,E,T,A,B,C,D,X(14),X( 0),X( 6),X(11)); - BODY_60_79(63,D,E,T,A,B,C,X(15),X( 1),X( 7),X(12)); - BODY_60_79(64,C,D,E,T,A,B,X( 0),X( 2),X( 8),X(13)); - BODY_60_79(65,B,C,D,E,T,A,X( 1),X( 3),X( 9),X(14)); - BODY_60_79(66,A,B,C,D,E,T,X( 2),X( 4),X(10),X(15)); - BODY_60_79(67,T,A,B,C,D,E,X( 3),X( 5),X(11),X( 0)); - BODY_60_79(68,E,T,A,B,C,D,X( 4),X( 6),X(12),X( 1)); - BODY_60_79(69,D,E,T,A,B,C,X( 5),X( 7),X(13),X( 2)); - BODY_60_79(70,C,D,E,T,A,B,X( 6),X( 8),X(14),X( 3)); - BODY_60_79(71,B,C,D,E,T,A,X( 7),X( 9),X(15),X( 4)); - BODY_60_79(72,A,B,C,D,E,T,X( 8),X(10),X( 0),X( 5)); - BODY_60_79(73,T,A,B,C,D,E,X( 9),X(11),X( 1),X( 6)); - BODY_60_79(74,E,T,A,B,C,D,X(10),X(12),X( 2),X( 7)); - BODY_60_79(75,D,E,T,A,B,C,X(11),X(13),X( 3),X( 8)); - BODY_60_79(76,C,D,E,T,A,B,X(12),X(14),X( 4),X( 9)); - BODY_60_79(77,B,C,D,E,T,A,X(13),X(15),X( 5),X(10)); - BODY_60_79(78,A,B,C,D,E,T,X(14),X( 0),X( 6),X(11)); - BODY_60_79(79,T,A,B,C,D,E,X(15),X( 1),X( 7),X(12)); - - c->h0=(c->h0+E)&0xffffffffL; - c->h1=(c->h1+T)&0xffffffffL; - c->h2=(c->h2+A)&0xffffffffL; - c->h3=(c->h3+B)&0xffffffffL; - c->h4=(c->h4+C)&0xffffffffL; - - if (--num <= 0) break; + for (i=0;i<16;i++) + { HOST_c2l(data,l); X[i]=l; BODY_00_15(X[i]); } + for (i=0;i<4;i++) + { BODY_16_19(X[i], X[i+2], X[i+8], X[(i+13)&15]); } + for (;i<24;i++) + { BODY_20_39(X[i&15], X[(i+2)&15], X[(i+8)&15],X[(i+13)&15]); } + for (i=0;i<20;i++) + { BODY_40_59(X[(i+8)&15],X[(i+10)&15],X[i&15], X[(i+5)&15]); } + for (i=4;i<24;i++) + { BODY_60_79(X[(i+8)&15],X[(i+10)&15],X[i&15], X[(i+5)&15]); } + + c->h0=(c->h0+A)&0xffffffffL; + c->h1=(c->h1+B)&0xffffffffL; + c->h2=(c->h2+C)&0xffffffffL; + c->h3=(c->h3+D)&0xffffffffL; + c->h4=(c->h4+E)&0xffffffffL; + + if (--num == 0) break; A=c->h0; B=c->h1; @@ -479,3 +435,5 @@ void HASH_BLOCK_DATA_ORDER (SHA_CTX *c, const void *p, int num) } } #endif + +#endif diff --git a/src/lib/libssl/src/crypto/sha/sha_one.c b/src/lib/libssl/src/crypto/sha/sha_one.c index d4f4d344df..3bae623ce8 100644 --- a/src/lib/libssl/src/crypto/sha/sha_one.c +++ b/src/lib/libssl/src/crypto/sha/sha_one.c @@ -62,7 +62,7 @@ #include #ifndef OPENSSL_NO_SHA0 -unsigned char *SHA(const unsigned char *d, unsigned long n, unsigned char *md) +unsigned char *SHA(const unsigned char *d, size_t n, unsigned char *md) { SHA_CTX c; static unsigned char m[SHA_DIGEST_LENGTH]; diff --git a/src/lib/libssl/src/crypto/sha/shatest.c b/src/lib/libssl/src/crypto/sha/shatest.c index ff702aa53e..ed0fe06a7b 100644 --- a/src/lib/libssl/src/crypto/sha/shatest.c +++ b/src/lib/libssl/src/crypto/sha/shatest.c @@ -106,7 +106,7 @@ static char *pt(unsigned char *md); int main(int argc, char *argv[]) { int i,err=0; - unsigned char **P,**R; + char **P,**R; static unsigned char buf[1000]; char *p,*r; EVP_MD_CTX c; @@ -118,12 +118,12 @@ int main(int argc, char *argv[]) #endif EVP_MD_CTX_init(&c); - P=(unsigned char **)test; - R=(unsigned char **)ret; + P=test; + R=ret; i=1; while (*P != NULL) { - EVP_Digest(*P,(unsigned long)strlen((char *)*P),md,NULL,EVP_sha(), NULL); + EVP_Digest(*P,strlen((char *)*P),md,NULL,EVP_sha(), NULL); p=pt(md); if (strcmp(p,(char *)*R) != 0) { @@ -157,6 +157,10 @@ int main(int argc, char *argv[]) } else printf("test 3 ok\n"); + +#ifdef OPENSSL_SYS_NETWARE + if (err) printf("ERROR: %d\n", err); +#endif EVP_MD_CTX_cleanup(&c); EXIT(err); return(0); diff --git a/src/lib/libssl/src/crypto/stack/Makefile b/src/lib/libssl/src/crypto/stack/Makefile index 711b16832a..5327692ac8 100644 --- a/src/lib/libssl/src/crypto/stack/Makefile +++ b/src/lib/libssl/src/crypto/stack/Makefile @@ -7,11 +7,6 @@ TOP= ../.. CC= cc INCLUDES= CFLAG=-g -INSTALL_PREFIX= -OPENSSLDIR= /usr/local/ssl -INSTALLTOP=/usr/local/ssl -MAKEDEPPROG= makedepend -MAKEDEPEND= $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG) MAKEFILE= Makefile AR= ar r @@ -51,6 +46,7 @@ links: @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS) install: + @[ -n "$(INSTALLTOP)" ] # should be set by top Makefile... @headerlist="$(EXHEADER)"; for i in $$headerlist ; \ do \ (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \ @@ -66,6 +62,7 @@ lint: lint -DLINT $(INCLUDES) $(SRC)>fluff depend: + @[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile... $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC) dclean: @@ -77,10 +74,11 @@ clean: # DO NOT DELETE THIS LINE -- make depend depends on it. -stack.o: ../../e_os.h ../../include/openssl/bio.h +stack.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h stack.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h stack.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -stack.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h -stack.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h -stack.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -stack.o: ../cryptlib.h stack.c +stack.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h +stack.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h +stack.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +stack.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +stack.o: ../../include/openssl/symhacks.h ../cryptlib.h stack.c diff --git a/src/lib/libssl/src/crypto/stack/safestack.h b/src/lib/libssl/src/crypto/stack/safestack.h index 6010b7f122..78cc485e6d 100644 --- a/src/lib/libssl/src/crypto/stack/safestack.h +++ b/src/lib/libssl/src/crypto/stack/safestack.h @@ -55,13 +55,22 @@ #ifndef HEADER_SAFESTACK_H #define HEADER_SAFESTACK_H -typedef void (*openssl_fptr)(void); -#define openssl_fcast(f) ((openssl_fptr)f) - #include #ifdef DEBUG_SAFESTACK +#ifndef CHECKED_PTR_OF +#define CHECKED_PTR_OF(type, p) \ + ((void*) (1 ? p : (type*)0)) +#endif + +#define CHECKED_SK_FREE_FUNC(type, p) \ + ((void (*)(void *)) ((1 ? p : (void (*)(type *))0))) + +#define CHECKED_SK_CMP_FUNC(type, p) \ + ((int (*)(const char * const *, const char * const *)) \ + ((1 ? p : (int (*)(const type * const *, const type * const *))0))) + #define STACK_OF(type) struct stack_st_##type #define PREDECLARE_STACK_OF(type) STACK_OF(type); @@ -76,75 +85,71 @@ STACK_OF(type) \ /* SKM_sk_... stack macros are internal to safestack.h: * never use them directly, use sk__... instead */ #define SKM_sk_new(type, cmp) \ - ((STACK_OF(type) * (*)(int (*)(const type * const *, const type * const *)))openssl_fcast(sk_new))(cmp) + ((STACK_OF(type) *)sk_new(CHECKED_SK_CMP_FUNC(type, cmp))) #define SKM_sk_new_null(type) \ - ((STACK_OF(type) * (*)(void))openssl_fcast(sk_new_null))() + ((STACK_OF(type) *)sk_new_null()) #define SKM_sk_free(type, st) \ - ((void (*)(STACK_OF(type) *))openssl_fcast(sk_free))(st) + sk_free(CHECKED_PTR_OF(STACK_OF(type), st)) #define SKM_sk_num(type, st) \ - ((int (*)(const STACK_OF(type) *))openssl_fcast(sk_num))(st) + sk_num(CHECKED_PTR_OF(STACK_OF(type), st)) #define SKM_sk_value(type, st,i) \ - ((type * (*)(const STACK_OF(type) *, int))openssl_fcast(sk_value))(st, i) + ((type *)sk_value(CHECKED_PTR_OF(STACK_OF(type), st), i)) #define SKM_sk_set(type, st,i,val) \ - ((type * (*)(STACK_OF(type) *, int, type *))openssl_fcast(sk_set))(st, i, val) + sk_set(CHECKED_PTR_OF(STACK_OF(type), st), i, CHECKED_PTR_OF(type, val)) #define SKM_sk_zero(type, st) \ - ((void (*)(STACK_OF(type) *))openssl_fcast(sk_zero))(st) + sk_zero(CHECKED_PTR_OF(STACK_OF(type), st)) #define SKM_sk_push(type, st,val) \ - ((int (*)(STACK_OF(type) *, type *))openssl_fcast(sk_push))(st, val) + sk_push(CHECKED_PTR_OF(STACK_OF(type), st), CHECKED_PTR_OF(type, val)) #define SKM_sk_unshift(type, st,val) \ - ((int (*)(STACK_OF(type) *, type *))openssl_fcast(sk_unshift))(st, val) + sk_unshift(CHECKED_PTR_OF(STACK_OF(type), st), CHECKED_PTR_OF(type, val)) #define SKM_sk_find(type, st,val) \ - ((int (*)(STACK_OF(type) *, type *))openssl_fcast(sk_find))(st, val) + sk_find(CHECKED_PTR_OF(STACK_OF(type), st), CHECKED_PTR_OF(type, val)) #define SKM_sk_delete(type, st,i) \ - ((type * (*)(STACK_OF(type) *, int))openssl_fcast(sk_delete))(st, i) + (type *)sk_delete(CHECKED_PTR_OF(STACK_OF(type), st), i) #define SKM_sk_delete_ptr(type, st,ptr) \ - ((type * (*)(STACK_OF(type) *, type *))openssl_fcast(sk_delete_ptr))(st, ptr) + (type *)sk_delete_ptr(CHECKED_PTR_OF(STACK_OF(type), st), CHECKED_PTR_OF(type, ptr)) #define SKM_sk_insert(type, st,val,i) \ - ((int (*)(STACK_OF(type) *, type *, int))openssl_fcast(sk_insert))(st, val, i) + sk_insert(CHECKED_PTR_OF(STACK_OF(type), st), CHECKED_PTR_OF(type, val), i) #define SKM_sk_set_cmp_func(type, st,cmp) \ - ((int (*(*)(STACK_OF(type) *, int (*)(const type * const *, const type * const *))) \ - (const type * const *, const type * const *))openssl_fcast(sk_set_cmp_func))\ - (st, cmp) + ((int (*)(const type * const *,const type * const *)) \ + sk_set_cmp_func(CHECKED_PTR_OF(STACK_OF(type), st), CHECKED_SK_CMP_FUNC(type, cmp))) #define SKM_sk_dup(type, st) \ - ((STACK_OF(type) *(*)(STACK_OF(type) *))openssl_fcast(sk_dup))(st) + (STACK_OF(type) *)sk_dup(CHECKED_PTR_OF(STACK_OF(type), st)) #define SKM_sk_pop_free(type, st,free_func) \ - ((void (*)(STACK_OF(type) *, void (*)(type *)))openssl_fcast(sk_pop_free))\ - (st, free_func) + sk_pop_free(CHECKED_PTR_OF(STACK_OF(type), st), CHECKED_SK_FREE_FUNC(type, free_func)) #define SKM_sk_shift(type, st) \ - ((type * (*)(STACK_OF(type) *))openssl_fcast(sk_shift))(st) + (type *)sk_shift(CHECKED_PTR_OF(STACK_OF(type), st)) #define SKM_sk_pop(type, st) \ - ((type * (*)(STACK_OF(type) *))openssl_fcast(sk_pop))(st) + (type *)sk_pop(CHECKED_PTR_OF(STACK_OF(type), st)) #define SKM_sk_sort(type, st) \ - ((void (*)(STACK_OF(type) *))openssl_fcast(sk_sort))(st) + sk_sort(CHECKED_PTR_OF(STACK_OF(type), st)) #define SKM_sk_is_sorted(type, st) \ - ((int (*)(const STACK_OF(type) *))openssl_fcast(sk_is_sorted))(st) + sk_is_sorted(CHECKED_PTR_OF(STACK_OF(type), st)) #define SKM_ASN1_SET_OF_d2i(type, st, pp, length, d2i_func, free_func, ex_tag, ex_class) \ - ((STACK_OF(type) * (*) (STACK_OF(type) **,unsigned char **, long , \ - type *(*)(type **, unsigned char **,long), \ - void (*)(type *), int ,int )) openssl_fcast(d2i_ASN1_SET)) \ - (st,pp,length, d2i_func, free_func, ex_tag,ex_class) + (STACK_OF(type) *)d2i_ASN1_SET(CHECKED_PTR_OF(STACK_OF(type), st), \ + pp, length, \ + CHECKED_D2I_OF(type, d2i_func), \ + CHECKED_SK_FREE_FUNC(type, free_func), \ + ex_tag, ex_class) + #define SKM_ASN1_SET_OF_i2d(type, st, pp, i2d_func, ex_tag, ex_class, is_set) \ - ((int (*)(STACK_OF(type) *,unsigned char **, \ - int (*)(type *,unsigned char **), int , int , int)) openssl_fcast(i2d_ASN1_SET)) \ - (st,pp,i2d_func,ex_tag,ex_class,is_set) + i2d_ASN1_SET(CHECKED_PTR_OF(STACK_OF(type), st), pp, \ + CHECKED_I2D_OF(type, i2d_func), \ + ex_tag, ex_class, is_set) #define SKM_ASN1_seq_pack(type, st, i2d_func, buf, len) \ - ((unsigned char *(*)(STACK_OF(type) *, \ - int (*)(type *,unsigned char **), unsigned char **,int *)) openssl_fcast(ASN1_seq_pack)) \ - (st, i2d_func, buf, len) + ASN1_seq_pack(CHECKED_PTR_OF(STACK_OF(type), st), \ + CHECKED_I2D_OF(type, i2d_func), buf, len) + #define SKM_ASN1_seq_unpack(type, buf, len, d2i_func, free_func) \ - ((STACK_OF(type) * (*)(unsigned char *,int, \ - type *(*)(type **,unsigned char **, long), \ - void (*)(type *)))openssl_fcast(ASN1_seq_unpack)) \ - (buf,len,d2i_func, free_func) + (STACK_OF(type) *)ASN1_seq_unpack(buf, len, CHECKED_D2I_OF(type, d2i_func), CHECKED_SK_FREE_FUNC(type, free_func)) #define SKM_PKCS12_decrypt_d2i(type, algor, d2i_func, free_func, pass, passlen, oct, seq) \ - ((STACK_OF(type) * (*)(X509_ALGOR *, \ - type *(*)(type **, unsigned char **, long), void (*)(type *), \ - const char *, int, \ - ASN1_STRING *, int))openssl_fcast(PKCS12_decrypt_d2i)) \ - (algor,d2i_func,free_func,pass,passlen,oct,seq) + (STACK_OF(type) *)PKCS12_decrypt_d2i(algor, \ + CHECKED_D2I_OF(type, d2i_func), \ + CHECKED_SK_FREE_FUNC(type, free_func), \ + pass, passlen, oct, seq) #else @@ -170,7 +175,7 @@ STACK_OF(type) \ #define SKM_sk_push(type, st,val) \ sk_push(st, (char *)val) #define SKM_sk_unshift(type, st,val) \ - sk_unshift(st, val) + sk_unshift(st, (char *)val) #define SKM_sk_find(type, st,val) \ sk_find(st, (char *)val) #define SKM_sk_delete(type, st,i) \ @@ -196,14 +201,14 @@ STACK_OF(type) \ sk_is_sorted(st) #define SKM_ASN1_SET_OF_d2i(type, st, pp, length, d2i_func, free_func, ex_tag, ex_class) \ - d2i_ASN1_SET(st,pp,length, (char *(*)())d2i_func, (void (*)(void *))free_func, ex_tag,ex_class) + d2i_ASN1_SET(st,pp,length, (void *(*)(void ** ,const unsigned char ** ,long))d2i_func, (void (*)(void *))free_func, ex_tag,ex_class) #define SKM_ASN1_SET_OF_i2d(type, st, pp, i2d_func, ex_tag, ex_class, is_set) \ - i2d_ASN1_SET(st,pp,i2d_func,ex_tag,ex_class,is_set) + i2d_ASN1_SET(st,pp,(int (*)(void *, unsigned char **))i2d_func,ex_tag,ex_class,is_set) #define SKM_ASN1_seq_pack(type, st, i2d_func, buf, len) \ - ASN1_seq_pack(st, i2d_func, buf, len) + ASN1_seq_pack(st, (int (*)(void *, unsigned char **))i2d_func, buf, len) #define SKM_ASN1_seq_unpack(type, buf, len, d2i_func, free_func) \ - ASN1_seq_unpack(buf,len,(char *(*)())d2i_func, (void(*)(void *))free_func) + ASN1_seq_unpack(buf,len,(void *(*)(void **,const unsigned char **,long))d2i_func, (void(*)(void *))free_func) #define SKM_PKCS12_decrypt_d2i(type, algor, d2i_func, free_func, pass, passlen, oct, seq) \ ((STACK *)PKCS12_decrypt_d2i(algor,(char *(*)())d2i_func, (void(*)(void *))free_func,pass,passlen,oct,seq)) @@ -221,6 +226,7 @@ STACK_OF(type) \ #define sk_ACCESS_DESCRIPTION_push(st, val) SKM_sk_push(ACCESS_DESCRIPTION, (st), (val)) #define sk_ACCESS_DESCRIPTION_unshift(st, val) SKM_sk_unshift(ACCESS_DESCRIPTION, (st), (val)) #define sk_ACCESS_DESCRIPTION_find(st, val) SKM_sk_find(ACCESS_DESCRIPTION, (st), (val)) +#define sk_ACCESS_DESCRIPTION_find_ex(st, val) SKM_sk_find_ex(ACCESS_DESCRIPTION, (st), (val)) #define sk_ACCESS_DESCRIPTION_delete(st, i) SKM_sk_delete(ACCESS_DESCRIPTION, (st), (i)) #define sk_ACCESS_DESCRIPTION_delete_ptr(st, ptr) SKM_sk_delete_ptr(ACCESS_DESCRIPTION, (st), (ptr)) #define sk_ACCESS_DESCRIPTION_insert(st, val, i) SKM_sk_insert(ACCESS_DESCRIPTION, (st), (val), (i)) @@ -232,6 +238,28 @@ STACK_OF(type) \ #define sk_ACCESS_DESCRIPTION_sort(st) SKM_sk_sort(ACCESS_DESCRIPTION, (st)) #define sk_ACCESS_DESCRIPTION_is_sorted(st) SKM_sk_is_sorted(ACCESS_DESCRIPTION, (st)) +#define sk_ASIdOrRange_new(st) SKM_sk_new(ASIdOrRange, (st)) +#define sk_ASIdOrRange_new_null() SKM_sk_new_null(ASIdOrRange) +#define sk_ASIdOrRange_free(st) SKM_sk_free(ASIdOrRange, (st)) +#define sk_ASIdOrRange_num(st) SKM_sk_num(ASIdOrRange, (st)) +#define sk_ASIdOrRange_value(st, i) SKM_sk_value(ASIdOrRange, (st), (i)) +#define sk_ASIdOrRange_set(st, i, val) SKM_sk_set(ASIdOrRange, (st), (i), (val)) +#define sk_ASIdOrRange_zero(st) SKM_sk_zero(ASIdOrRange, (st)) +#define sk_ASIdOrRange_push(st, val) SKM_sk_push(ASIdOrRange, (st), (val)) +#define sk_ASIdOrRange_unshift(st, val) SKM_sk_unshift(ASIdOrRange, (st), (val)) +#define sk_ASIdOrRange_find(st, val) SKM_sk_find(ASIdOrRange, (st), (val)) +#define sk_ASIdOrRange_find_ex(st, val) SKM_sk_find_ex(ASIdOrRange, (st), (val)) +#define sk_ASIdOrRange_delete(st, i) SKM_sk_delete(ASIdOrRange, (st), (i)) +#define sk_ASIdOrRange_delete_ptr(st, ptr) SKM_sk_delete_ptr(ASIdOrRange, (st), (ptr)) +#define sk_ASIdOrRange_insert(st, val, i) SKM_sk_insert(ASIdOrRange, (st), (val), (i)) +#define sk_ASIdOrRange_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(ASIdOrRange, (st), (cmp)) +#define sk_ASIdOrRange_dup(st) SKM_sk_dup(ASIdOrRange, st) +#define sk_ASIdOrRange_pop_free(st, free_func) SKM_sk_pop_free(ASIdOrRange, (st), (free_func)) +#define sk_ASIdOrRange_shift(st) SKM_sk_shift(ASIdOrRange, (st)) +#define sk_ASIdOrRange_pop(st) SKM_sk_pop(ASIdOrRange, (st)) +#define sk_ASIdOrRange_sort(st) SKM_sk_sort(ASIdOrRange, (st)) +#define sk_ASIdOrRange_is_sorted(st) SKM_sk_is_sorted(ASIdOrRange, (st)) + #define sk_ASN1_GENERALSTRING_new(st) SKM_sk_new(ASN1_GENERALSTRING, (st)) #define sk_ASN1_GENERALSTRING_new_null() SKM_sk_new_null(ASN1_GENERALSTRING) #define sk_ASN1_GENERALSTRING_free(st) SKM_sk_free(ASN1_GENERALSTRING, (st)) @@ -242,6 +270,7 @@ STACK_OF(type) \ #define sk_ASN1_GENERALSTRING_push(st, val) SKM_sk_push(ASN1_GENERALSTRING, (st), (val)) #define sk_ASN1_GENERALSTRING_unshift(st, val) SKM_sk_unshift(ASN1_GENERALSTRING, (st), (val)) #define sk_ASN1_GENERALSTRING_find(st, val) SKM_sk_find(ASN1_GENERALSTRING, (st), (val)) +#define sk_ASN1_GENERALSTRING_find_ex(st, val) SKM_sk_find_ex(ASN1_GENERALSTRING, (st), (val)) #define sk_ASN1_GENERALSTRING_delete(st, i) SKM_sk_delete(ASN1_GENERALSTRING, (st), (i)) #define sk_ASN1_GENERALSTRING_delete_ptr(st, ptr) SKM_sk_delete_ptr(ASN1_GENERALSTRING, (st), (ptr)) #define sk_ASN1_GENERALSTRING_insert(st, val, i) SKM_sk_insert(ASN1_GENERALSTRING, (st), (val), (i)) @@ -263,6 +292,7 @@ STACK_OF(type) \ #define sk_ASN1_INTEGER_push(st, val) SKM_sk_push(ASN1_INTEGER, (st), (val)) #define sk_ASN1_INTEGER_unshift(st, val) SKM_sk_unshift(ASN1_INTEGER, (st), (val)) #define sk_ASN1_INTEGER_find(st, val) SKM_sk_find(ASN1_INTEGER, (st), (val)) +#define sk_ASN1_INTEGER_find_ex(st, val) SKM_sk_find_ex(ASN1_INTEGER, (st), (val)) #define sk_ASN1_INTEGER_delete(st, i) SKM_sk_delete(ASN1_INTEGER, (st), (i)) #define sk_ASN1_INTEGER_delete_ptr(st, ptr) SKM_sk_delete_ptr(ASN1_INTEGER, (st), (ptr)) #define sk_ASN1_INTEGER_insert(st, val, i) SKM_sk_insert(ASN1_INTEGER, (st), (val), (i)) @@ -284,6 +314,7 @@ STACK_OF(type) \ #define sk_ASN1_OBJECT_push(st, val) SKM_sk_push(ASN1_OBJECT, (st), (val)) #define sk_ASN1_OBJECT_unshift(st, val) SKM_sk_unshift(ASN1_OBJECT, (st), (val)) #define sk_ASN1_OBJECT_find(st, val) SKM_sk_find(ASN1_OBJECT, (st), (val)) +#define sk_ASN1_OBJECT_find_ex(st, val) SKM_sk_find_ex(ASN1_OBJECT, (st), (val)) #define sk_ASN1_OBJECT_delete(st, i) SKM_sk_delete(ASN1_OBJECT, (st), (i)) #define sk_ASN1_OBJECT_delete_ptr(st, ptr) SKM_sk_delete_ptr(ASN1_OBJECT, (st), (ptr)) #define sk_ASN1_OBJECT_insert(st, val, i) SKM_sk_insert(ASN1_OBJECT, (st), (val), (i)) @@ -305,6 +336,7 @@ STACK_OF(type) \ #define sk_ASN1_STRING_TABLE_push(st, val) SKM_sk_push(ASN1_STRING_TABLE, (st), (val)) #define sk_ASN1_STRING_TABLE_unshift(st, val) SKM_sk_unshift(ASN1_STRING_TABLE, (st), (val)) #define sk_ASN1_STRING_TABLE_find(st, val) SKM_sk_find(ASN1_STRING_TABLE, (st), (val)) +#define sk_ASN1_STRING_TABLE_find_ex(st, val) SKM_sk_find_ex(ASN1_STRING_TABLE, (st), (val)) #define sk_ASN1_STRING_TABLE_delete(st, i) SKM_sk_delete(ASN1_STRING_TABLE, (st), (i)) #define sk_ASN1_STRING_TABLE_delete_ptr(st, ptr) SKM_sk_delete_ptr(ASN1_STRING_TABLE, (st), (ptr)) #define sk_ASN1_STRING_TABLE_insert(st, val, i) SKM_sk_insert(ASN1_STRING_TABLE, (st), (val), (i)) @@ -326,6 +358,7 @@ STACK_OF(type) \ #define sk_ASN1_TYPE_push(st, val) SKM_sk_push(ASN1_TYPE, (st), (val)) #define sk_ASN1_TYPE_unshift(st, val) SKM_sk_unshift(ASN1_TYPE, (st), (val)) #define sk_ASN1_TYPE_find(st, val) SKM_sk_find(ASN1_TYPE, (st), (val)) +#define sk_ASN1_TYPE_find_ex(st, val) SKM_sk_find_ex(ASN1_TYPE, (st), (val)) #define sk_ASN1_TYPE_delete(st, i) SKM_sk_delete(ASN1_TYPE, (st), (i)) #define sk_ASN1_TYPE_delete_ptr(st, ptr) SKM_sk_delete_ptr(ASN1_TYPE, (st), (ptr)) #define sk_ASN1_TYPE_insert(st, val, i) SKM_sk_insert(ASN1_TYPE, (st), (val), (i)) @@ -347,6 +380,7 @@ STACK_OF(type) \ #define sk_ASN1_VALUE_push(st, val) SKM_sk_push(ASN1_VALUE, (st), (val)) #define sk_ASN1_VALUE_unshift(st, val) SKM_sk_unshift(ASN1_VALUE, (st), (val)) #define sk_ASN1_VALUE_find(st, val) SKM_sk_find(ASN1_VALUE, (st), (val)) +#define sk_ASN1_VALUE_find_ex(st, val) SKM_sk_find_ex(ASN1_VALUE, (st), (val)) #define sk_ASN1_VALUE_delete(st, i) SKM_sk_delete(ASN1_VALUE, (st), (i)) #define sk_ASN1_VALUE_delete_ptr(st, ptr) SKM_sk_delete_ptr(ASN1_VALUE, (st), (ptr)) #define sk_ASN1_VALUE_insert(st, val, i) SKM_sk_insert(ASN1_VALUE, (st), (val), (i)) @@ -368,6 +402,7 @@ STACK_OF(type) \ #define sk_BIO_push(st, val) SKM_sk_push(BIO, (st), (val)) #define sk_BIO_unshift(st, val) SKM_sk_unshift(BIO, (st), (val)) #define sk_BIO_find(st, val) SKM_sk_find(BIO, (st), (val)) +#define sk_BIO_find_ex(st, val) SKM_sk_find_ex(BIO, (st), (val)) #define sk_BIO_delete(st, i) SKM_sk_delete(BIO, (st), (i)) #define sk_BIO_delete_ptr(st, ptr) SKM_sk_delete_ptr(BIO, (st), (ptr)) #define sk_BIO_insert(st, val, i) SKM_sk_insert(BIO, (st), (val), (i)) @@ -379,6 +414,94 @@ STACK_OF(type) \ #define sk_BIO_sort(st) SKM_sk_sort(BIO, (st)) #define sk_BIO_is_sorted(st) SKM_sk_is_sorted(BIO, (st)) +#define sk_CMS_CertificateChoices_new(st) SKM_sk_new(CMS_CertificateChoices, (st)) +#define sk_CMS_CertificateChoices_new_null() SKM_sk_new_null(CMS_CertificateChoices) +#define sk_CMS_CertificateChoices_free(st) SKM_sk_free(CMS_CertificateChoices, (st)) +#define sk_CMS_CertificateChoices_num(st) SKM_sk_num(CMS_CertificateChoices, (st)) +#define sk_CMS_CertificateChoices_value(st, i) SKM_sk_value(CMS_CertificateChoices, (st), (i)) +#define sk_CMS_CertificateChoices_set(st, i, val) SKM_sk_set(CMS_CertificateChoices, (st), (i), (val)) +#define sk_CMS_CertificateChoices_zero(st) SKM_sk_zero(CMS_CertificateChoices, (st)) +#define sk_CMS_CertificateChoices_push(st, val) SKM_sk_push(CMS_CertificateChoices, (st), (val)) +#define sk_CMS_CertificateChoices_unshift(st, val) SKM_sk_unshift(CMS_CertificateChoices, (st), (val)) +#define sk_CMS_CertificateChoices_find(st, val) SKM_sk_find(CMS_CertificateChoices, (st), (val)) +#define sk_CMS_CertificateChoices_find_ex(st, val) SKM_sk_find_ex(CMS_CertificateChoices, (st), (val)) +#define sk_CMS_CertificateChoices_delete(st, i) SKM_sk_delete(CMS_CertificateChoices, (st), (i)) +#define sk_CMS_CertificateChoices_delete_ptr(st, ptr) SKM_sk_delete_ptr(CMS_CertificateChoices, (st), (ptr)) +#define sk_CMS_CertificateChoices_insert(st, val, i) SKM_sk_insert(CMS_CertificateChoices, (st), (val), (i)) +#define sk_CMS_CertificateChoices_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(CMS_CertificateChoices, (st), (cmp)) +#define sk_CMS_CertificateChoices_dup(st) SKM_sk_dup(CMS_CertificateChoices, st) +#define sk_CMS_CertificateChoices_pop_free(st, free_func) SKM_sk_pop_free(CMS_CertificateChoices, (st), (free_func)) +#define sk_CMS_CertificateChoices_shift(st) SKM_sk_shift(CMS_CertificateChoices, (st)) +#define sk_CMS_CertificateChoices_pop(st) SKM_sk_pop(CMS_CertificateChoices, (st)) +#define sk_CMS_CertificateChoices_sort(st) SKM_sk_sort(CMS_CertificateChoices, (st)) +#define sk_CMS_CertificateChoices_is_sorted(st) SKM_sk_is_sorted(CMS_CertificateChoices, (st)) + +#define sk_CMS_RecipientInfo_new(st) SKM_sk_new(CMS_RecipientInfo, (st)) +#define sk_CMS_RecipientInfo_new_null() SKM_sk_new_null(CMS_RecipientInfo) +#define sk_CMS_RecipientInfo_free(st) SKM_sk_free(CMS_RecipientInfo, (st)) +#define sk_CMS_RecipientInfo_num(st) SKM_sk_num(CMS_RecipientInfo, (st)) +#define sk_CMS_RecipientInfo_value(st, i) SKM_sk_value(CMS_RecipientInfo, (st), (i)) +#define sk_CMS_RecipientInfo_set(st, i, val) SKM_sk_set(CMS_RecipientInfo, (st), (i), (val)) +#define sk_CMS_RecipientInfo_zero(st) SKM_sk_zero(CMS_RecipientInfo, (st)) +#define sk_CMS_RecipientInfo_push(st, val) SKM_sk_push(CMS_RecipientInfo, (st), (val)) +#define sk_CMS_RecipientInfo_unshift(st, val) SKM_sk_unshift(CMS_RecipientInfo, (st), (val)) +#define sk_CMS_RecipientInfo_find(st, val) SKM_sk_find(CMS_RecipientInfo, (st), (val)) +#define sk_CMS_RecipientInfo_find_ex(st, val) SKM_sk_find_ex(CMS_RecipientInfo, (st), (val)) +#define sk_CMS_RecipientInfo_delete(st, i) SKM_sk_delete(CMS_RecipientInfo, (st), (i)) +#define sk_CMS_RecipientInfo_delete_ptr(st, ptr) SKM_sk_delete_ptr(CMS_RecipientInfo, (st), (ptr)) +#define sk_CMS_RecipientInfo_insert(st, val, i) SKM_sk_insert(CMS_RecipientInfo, (st), (val), (i)) +#define sk_CMS_RecipientInfo_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(CMS_RecipientInfo, (st), (cmp)) +#define sk_CMS_RecipientInfo_dup(st) SKM_sk_dup(CMS_RecipientInfo, st) +#define sk_CMS_RecipientInfo_pop_free(st, free_func) SKM_sk_pop_free(CMS_RecipientInfo, (st), (free_func)) +#define sk_CMS_RecipientInfo_shift(st) SKM_sk_shift(CMS_RecipientInfo, (st)) +#define sk_CMS_RecipientInfo_pop(st) SKM_sk_pop(CMS_RecipientInfo, (st)) +#define sk_CMS_RecipientInfo_sort(st) SKM_sk_sort(CMS_RecipientInfo, (st)) +#define sk_CMS_RecipientInfo_is_sorted(st) SKM_sk_is_sorted(CMS_RecipientInfo, (st)) + +#define sk_CMS_RevocationInfoChoice_new(st) SKM_sk_new(CMS_RevocationInfoChoice, (st)) +#define sk_CMS_RevocationInfoChoice_new_null() SKM_sk_new_null(CMS_RevocationInfoChoice) +#define sk_CMS_RevocationInfoChoice_free(st) SKM_sk_free(CMS_RevocationInfoChoice, (st)) +#define sk_CMS_RevocationInfoChoice_num(st) SKM_sk_num(CMS_RevocationInfoChoice, (st)) +#define sk_CMS_RevocationInfoChoice_value(st, i) SKM_sk_value(CMS_RevocationInfoChoice, (st), (i)) +#define sk_CMS_RevocationInfoChoice_set(st, i, val) SKM_sk_set(CMS_RevocationInfoChoice, (st), (i), (val)) +#define sk_CMS_RevocationInfoChoice_zero(st) SKM_sk_zero(CMS_RevocationInfoChoice, (st)) +#define sk_CMS_RevocationInfoChoice_push(st, val) SKM_sk_push(CMS_RevocationInfoChoice, (st), (val)) +#define sk_CMS_RevocationInfoChoice_unshift(st, val) SKM_sk_unshift(CMS_RevocationInfoChoice, (st), (val)) +#define sk_CMS_RevocationInfoChoice_find(st, val) SKM_sk_find(CMS_RevocationInfoChoice, (st), (val)) +#define sk_CMS_RevocationInfoChoice_find_ex(st, val) SKM_sk_find_ex(CMS_RevocationInfoChoice, (st), (val)) +#define sk_CMS_RevocationInfoChoice_delete(st, i) SKM_sk_delete(CMS_RevocationInfoChoice, (st), (i)) +#define sk_CMS_RevocationInfoChoice_delete_ptr(st, ptr) SKM_sk_delete_ptr(CMS_RevocationInfoChoice, (st), (ptr)) +#define sk_CMS_RevocationInfoChoice_insert(st, val, i) SKM_sk_insert(CMS_RevocationInfoChoice, (st), (val), (i)) +#define sk_CMS_RevocationInfoChoice_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(CMS_RevocationInfoChoice, (st), (cmp)) +#define sk_CMS_RevocationInfoChoice_dup(st) SKM_sk_dup(CMS_RevocationInfoChoice, st) +#define sk_CMS_RevocationInfoChoice_pop_free(st, free_func) SKM_sk_pop_free(CMS_RevocationInfoChoice, (st), (free_func)) +#define sk_CMS_RevocationInfoChoice_shift(st) SKM_sk_shift(CMS_RevocationInfoChoice, (st)) +#define sk_CMS_RevocationInfoChoice_pop(st) SKM_sk_pop(CMS_RevocationInfoChoice, (st)) +#define sk_CMS_RevocationInfoChoice_sort(st) SKM_sk_sort(CMS_RevocationInfoChoice, (st)) +#define sk_CMS_RevocationInfoChoice_is_sorted(st) SKM_sk_is_sorted(CMS_RevocationInfoChoice, (st)) + +#define sk_CMS_SignerInfo_new(st) SKM_sk_new(CMS_SignerInfo, (st)) +#define sk_CMS_SignerInfo_new_null() SKM_sk_new_null(CMS_SignerInfo) +#define sk_CMS_SignerInfo_free(st) SKM_sk_free(CMS_SignerInfo, (st)) +#define sk_CMS_SignerInfo_num(st) SKM_sk_num(CMS_SignerInfo, (st)) +#define sk_CMS_SignerInfo_value(st, i) SKM_sk_value(CMS_SignerInfo, (st), (i)) +#define sk_CMS_SignerInfo_set(st, i, val) SKM_sk_set(CMS_SignerInfo, (st), (i), (val)) +#define sk_CMS_SignerInfo_zero(st) SKM_sk_zero(CMS_SignerInfo, (st)) +#define sk_CMS_SignerInfo_push(st, val) SKM_sk_push(CMS_SignerInfo, (st), (val)) +#define sk_CMS_SignerInfo_unshift(st, val) SKM_sk_unshift(CMS_SignerInfo, (st), (val)) +#define sk_CMS_SignerInfo_find(st, val) SKM_sk_find(CMS_SignerInfo, (st), (val)) +#define sk_CMS_SignerInfo_find_ex(st, val) SKM_sk_find_ex(CMS_SignerInfo, (st), (val)) +#define sk_CMS_SignerInfo_delete(st, i) SKM_sk_delete(CMS_SignerInfo, (st), (i)) +#define sk_CMS_SignerInfo_delete_ptr(st, ptr) SKM_sk_delete_ptr(CMS_SignerInfo, (st), (ptr)) +#define sk_CMS_SignerInfo_insert(st, val, i) SKM_sk_insert(CMS_SignerInfo, (st), (val), (i)) +#define sk_CMS_SignerInfo_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(CMS_SignerInfo, (st), (cmp)) +#define sk_CMS_SignerInfo_dup(st) SKM_sk_dup(CMS_SignerInfo, st) +#define sk_CMS_SignerInfo_pop_free(st, free_func) SKM_sk_pop_free(CMS_SignerInfo, (st), (free_func)) +#define sk_CMS_SignerInfo_shift(st) SKM_sk_shift(CMS_SignerInfo, (st)) +#define sk_CMS_SignerInfo_pop(st) SKM_sk_pop(CMS_SignerInfo, (st)) +#define sk_CMS_SignerInfo_sort(st) SKM_sk_sort(CMS_SignerInfo, (st)) +#define sk_CMS_SignerInfo_is_sorted(st) SKM_sk_is_sorted(CMS_SignerInfo, (st)) + #define sk_CONF_IMODULE_new(st) SKM_sk_new(CONF_IMODULE, (st)) #define sk_CONF_IMODULE_new_null() SKM_sk_new_null(CONF_IMODULE) #define sk_CONF_IMODULE_free(st) SKM_sk_free(CONF_IMODULE, (st)) @@ -389,6 +512,7 @@ STACK_OF(type) \ #define sk_CONF_IMODULE_push(st, val) SKM_sk_push(CONF_IMODULE, (st), (val)) #define sk_CONF_IMODULE_unshift(st, val) SKM_sk_unshift(CONF_IMODULE, (st), (val)) #define sk_CONF_IMODULE_find(st, val) SKM_sk_find(CONF_IMODULE, (st), (val)) +#define sk_CONF_IMODULE_find_ex(st, val) SKM_sk_find_ex(CONF_IMODULE, (st), (val)) #define sk_CONF_IMODULE_delete(st, i) SKM_sk_delete(CONF_IMODULE, (st), (i)) #define sk_CONF_IMODULE_delete_ptr(st, ptr) SKM_sk_delete_ptr(CONF_IMODULE, (st), (ptr)) #define sk_CONF_IMODULE_insert(st, val, i) SKM_sk_insert(CONF_IMODULE, (st), (val), (i)) @@ -410,6 +534,7 @@ STACK_OF(type) \ #define sk_CONF_MODULE_push(st, val) SKM_sk_push(CONF_MODULE, (st), (val)) #define sk_CONF_MODULE_unshift(st, val) SKM_sk_unshift(CONF_MODULE, (st), (val)) #define sk_CONF_MODULE_find(st, val) SKM_sk_find(CONF_MODULE, (st), (val)) +#define sk_CONF_MODULE_find_ex(st, val) SKM_sk_find_ex(CONF_MODULE, (st), (val)) #define sk_CONF_MODULE_delete(st, i) SKM_sk_delete(CONF_MODULE, (st), (i)) #define sk_CONF_MODULE_delete_ptr(st, ptr) SKM_sk_delete_ptr(CONF_MODULE, (st), (ptr)) #define sk_CONF_MODULE_insert(st, val, i) SKM_sk_insert(CONF_MODULE, (st), (val), (i)) @@ -431,6 +556,7 @@ STACK_OF(type) \ #define sk_CONF_VALUE_push(st, val) SKM_sk_push(CONF_VALUE, (st), (val)) #define sk_CONF_VALUE_unshift(st, val) SKM_sk_unshift(CONF_VALUE, (st), (val)) #define sk_CONF_VALUE_find(st, val) SKM_sk_find(CONF_VALUE, (st), (val)) +#define sk_CONF_VALUE_find_ex(st, val) SKM_sk_find_ex(CONF_VALUE, (st), (val)) #define sk_CONF_VALUE_delete(st, i) SKM_sk_delete(CONF_VALUE, (st), (i)) #define sk_CONF_VALUE_delete_ptr(st, ptr) SKM_sk_delete_ptr(CONF_VALUE, (st), (ptr)) #define sk_CONF_VALUE_insert(st, val, i) SKM_sk_insert(CONF_VALUE, (st), (val), (i)) @@ -452,6 +578,7 @@ STACK_OF(type) \ #define sk_CRYPTO_EX_DATA_FUNCS_push(st, val) SKM_sk_push(CRYPTO_EX_DATA_FUNCS, (st), (val)) #define sk_CRYPTO_EX_DATA_FUNCS_unshift(st, val) SKM_sk_unshift(CRYPTO_EX_DATA_FUNCS, (st), (val)) #define sk_CRYPTO_EX_DATA_FUNCS_find(st, val) SKM_sk_find(CRYPTO_EX_DATA_FUNCS, (st), (val)) +#define sk_CRYPTO_EX_DATA_FUNCS_find_ex(st, val) SKM_sk_find_ex(CRYPTO_EX_DATA_FUNCS, (st), (val)) #define sk_CRYPTO_EX_DATA_FUNCS_delete(st, i) SKM_sk_delete(CRYPTO_EX_DATA_FUNCS, (st), (i)) #define sk_CRYPTO_EX_DATA_FUNCS_delete_ptr(st, ptr) SKM_sk_delete_ptr(CRYPTO_EX_DATA_FUNCS, (st), (ptr)) #define sk_CRYPTO_EX_DATA_FUNCS_insert(st, val, i) SKM_sk_insert(CRYPTO_EX_DATA_FUNCS, (st), (val), (i)) @@ -473,6 +600,7 @@ STACK_OF(type) \ #define sk_CRYPTO_dynlock_push(st, val) SKM_sk_push(CRYPTO_dynlock, (st), (val)) #define sk_CRYPTO_dynlock_unshift(st, val) SKM_sk_unshift(CRYPTO_dynlock, (st), (val)) #define sk_CRYPTO_dynlock_find(st, val) SKM_sk_find(CRYPTO_dynlock, (st), (val)) +#define sk_CRYPTO_dynlock_find_ex(st, val) SKM_sk_find_ex(CRYPTO_dynlock, (st), (val)) #define sk_CRYPTO_dynlock_delete(st, i) SKM_sk_delete(CRYPTO_dynlock, (st), (i)) #define sk_CRYPTO_dynlock_delete_ptr(st, ptr) SKM_sk_delete_ptr(CRYPTO_dynlock, (st), (ptr)) #define sk_CRYPTO_dynlock_insert(st, val, i) SKM_sk_insert(CRYPTO_dynlock, (st), (val), (i)) @@ -494,6 +622,7 @@ STACK_OF(type) \ #define sk_DIST_POINT_push(st, val) SKM_sk_push(DIST_POINT, (st), (val)) #define sk_DIST_POINT_unshift(st, val) SKM_sk_unshift(DIST_POINT, (st), (val)) #define sk_DIST_POINT_find(st, val) SKM_sk_find(DIST_POINT, (st), (val)) +#define sk_DIST_POINT_find_ex(st, val) SKM_sk_find_ex(DIST_POINT, (st), (val)) #define sk_DIST_POINT_delete(st, i) SKM_sk_delete(DIST_POINT, (st), (i)) #define sk_DIST_POINT_delete_ptr(st, ptr) SKM_sk_delete_ptr(DIST_POINT, (st), (ptr)) #define sk_DIST_POINT_insert(st, val, i) SKM_sk_insert(DIST_POINT, (st), (val), (i)) @@ -515,6 +644,7 @@ STACK_OF(type) \ #define sk_ENGINE_push(st, val) SKM_sk_push(ENGINE, (st), (val)) #define sk_ENGINE_unshift(st, val) SKM_sk_unshift(ENGINE, (st), (val)) #define sk_ENGINE_find(st, val) SKM_sk_find(ENGINE, (st), (val)) +#define sk_ENGINE_find_ex(st, val) SKM_sk_find_ex(ENGINE, (st), (val)) #define sk_ENGINE_delete(st, i) SKM_sk_delete(ENGINE, (st), (i)) #define sk_ENGINE_delete_ptr(st, ptr) SKM_sk_delete_ptr(ENGINE, (st), (ptr)) #define sk_ENGINE_insert(st, val, i) SKM_sk_insert(ENGINE, (st), (val), (i)) @@ -536,6 +666,7 @@ STACK_OF(type) \ #define sk_ENGINE_CLEANUP_ITEM_push(st, val) SKM_sk_push(ENGINE_CLEANUP_ITEM, (st), (val)) #define sk_ENGINE_CLEANUP_ITEM_unshift(st, val) SKM_sk_unshift(ENGINE_CLEANUP_ITEM, (st), (val)) #define sk_ENGINE_CLEANUP_ITEM_find(st, val) SKM_sk_find(ENGINE_CLEANUP_ITEM, (st), (val)) +#define sk_ENGINE_CLEANUP_ITEM_find_ex(st, val) SKM_sk_find_ex(ENGINE_CLEANUP_ITEM, (st), (val)) #define sk_ENGINE_CLEANUP_ITEM_delete(st, i) SKM_sk_delete(ENGINE_CLEANUP_ITEM, (st), (i)) #define sk_ENGINE_CLEANUP_ITEM_delete_ptr(st, ptr) SKM_sk_delete_ptr(ENGINE_CLEANUP_ITEM, (st), (ptr)) #define sk_ENGINE_CLEANUP_ITEM_insert(st, val, i) SKM_sk_insert(ENGINE_CLEANUP_ITEM, (st), (val), (i)) @@ -557,6 +688,7 @@ STACK_OF(type) \ #define sk_GENERAL_NAME_push(st, val) SKM_sk_push(GENERAL_NAME, (st), (val)) #define sk_GENERAL_NAME_unshift(st, val) SKM_sk_unshift(GENERAL_NAME, (st), (val)) #define sk_GENERAL_NAME_find(st, val) SKM_sk_find(GENERAL_NAME, (st), (val)) +#define sk_GENERAL_NAME_find_ex(st, val) SKM_sk_find_ex(GENERAL_NAME, (st), (val)) #define sk_GENERAL_NAME_delete(st, i) SKM_sk_delete(GENERAL_NAME, (st), (i)) #define sk_GENERAL_NAME_delete_ptr(st, ptr) SKM_sk_delete_ptr(GENERAL_NAME, (st), (ptr)) #define sk_GENERAL_NAME_insert(st, val, i) SKM_sk_insert(GENERAL_NAME, (st), (val), (i)) @@ -568,6 +700,94 @@ STACK_OF(type) \ #define sk_GENERAL_NAME_sort(st) SKM_sk_sort(GENERAL_NAME, (st)) #define sk_GENERAL_NAME_is_sorted(st) SKM_sk_is_sorted(GENERAL_NAME, (st)) +#define sk_GENERAL_NAMES_new(st) SKM_sk_new(GENERAL_NAMES, (st)) +#define sk_GENERAL_NAMES_new_null() SKM_sk_new_null(GENERAL_NAMES) +#define sk_GENERAL_NAMES_free(st) SKM_sk_free(GENERAL_NAMES, (st)) +#define sk_GENERAL_NAMES_num(st) SKM_sk_num(GENERAL_NAMES, (st)) +#define sk_GENERAL_NAMES_value(st, i) SKM_sk_value(GENERAL_NAMES, (st), (i)) +#define sk_GENERAL_NAMES_set(st, i, val) SKM_sk_set(GENERAL_NAMES, (st), (i), (val)) +#define sk_GENERAL_NAMES_zero(st) SKM_sk_zero(GENERAL_NAMES, (st)) +#define sk_GENERAL_NAMES_push(st, val) SKM_sk_push(GENERAL_NAMES, (st), (val)) +#define sk_GENERAL_NAMES_unshift(st, val) SKM_sk_unshift(GENERAL_NAMES, (st), (val)) +#define sk_GENERAL_NAMES_find(st, val) SKM_sk_find(GENERAL_NAMES, (st), (val)) +#define sk_GENERAL_NAMES_find_ex(st, val) SKM_sk_find_ex(GENERAL_NAMES, (st), (val)) +#define sk_GENERAL_NAMES_delete(st, i) SKM_sk_delete(GENERAL_NAMES, (st), (i)) +#define sk_GENERAL_NAMES_delete_ptr(st, ptr) SKM_sk_delete_ptr(GENERAL_NAMES, (st), (ptr)) +#define sk_GENERAL_NAMES_insert(st, val, i) SKM_sk_insert(GENERAL_NAMES, (st), (val), (i)) +#define sk_GENERAL_NAMES_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(GENERAL_NAMES, (st), (cmp)) +#define sk_GENERAL_NAMES_dup(st) SKM_sk_dup(GENERAL_NAMES, st) +#define sk_GENERAL_NAMES_pop_free(st, free_func) SKM_sk_pop_free(GENERAL_NAMES, (st), (free_func)) +#define sk_GENERAL_NAMES_shift(st) SKM_sk_shift(GENERAL_NAMES, (st)) +#define sk_GENERAL_NAMES_pop(st) SKM_sk_pop(GENERAL_NAMES, (st)) +#define sk_GENERAL_NAMES_sort(st) SKM_sk_sort(GENERAL_NAMES, (st)) +#define sk_GENERAL_NAMES_is_sorted(st) SKM_sk_is_sorted(GENERAL_NAMES, (st)) + +#define sk_GENERAL_SUBTREE_new(st) SKM_sk_new(GENERAL_SUBTREE, (st)) +#define sk_GENERAL_SUBTREE_new_null() SKM_sk_new_null(GENERAL_SUBTREE) +#define sk_GENERAL_SUBTREE_free(st) SKM_sk_free(GENERAL_SUBTREE, (st)) +#define sk_GENERAL_SUBTREE_num(st) SKM_sk_num(GENERAL_SUBTREE, (st)) +#define sk_GENERAL_SUBTREE_value(st, i) SKM_sk_value(GENERAL_SUBTREE, (st), (i)) +#define sk_GENERAL_SUBTREE_set(st, i, val) SKM_sk_set(GENERAL_SUBTREE, (st), (i), (val)) +#define sk_GENERAL_SUBTREE_zero(st) SKM_sk_zero(GENERAL_SUBTREE, (st)) +#define sk_GENERAL_SUBTREE_push(st, val) SKM_sk_push(GENERAL_SUBTREE, (st), (val)) +#define sk_GENERAL_SUBTREE_unshift(st, val) SKM_sk_unshift(GENERAL_SUBTREE, (st), (val)) +#define sk_GENERAL_SUBTREE_find(st, val) SKM_sk_find(GENERAL_SUBTREE, (st), (val)) +#define sk_GENERAL_SUBTREE_find_ex(st, val) SKM_sk_find_ex(GENERAL_SUBTREE, (st), (val)) +#define sk_GENERAL_SUBTREE_delete(st, i) SKM_sk_delete(GENERAL_SUBTREE, (st), (i)) +#define sk_GENERAL_SUBTREE_delete_ptr(st, ptr) SKM_sk_delete_ptr(GENERAL_SUBTREE, (st), (ptr)) +#define sk_GENERAL_SUBTREE_insert(st, val, i) SKM_sk_insert(GENERAL_SUBTREE, (st), (val), (i)) +#define sk_GENERAL_SUBTREE_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(GENERAL_SUBTREE, (st), (cmp)) +#define sk_GENERAL_SUBTREE_dup(st) SKM_sk_dup(GENERAL_SUBTREE, st) +#define sk_GENERAL_SUBTREE_pop_free(st, free_func) SKM_sk_pop_free(GENERAL_SUBTREE, (st), (free_func)) +#define sk_GENERAL_SUBTREE_shift(st) SKM_sk_shift(GENERAL_SUBTREE, (st)) +#define sk_GENERAL_SUBTREE_pop(st) SKM_sk_pop(GENERAL_SUBTREE, (st)) +#define sk_GENERAL_SUBTREE_sort(st) SKM_sk_sort(GENERAL_SUBTREE, (st)) +#define sk_GENERAL_SUBTREE_is_sorted(st) SKM_sk_is_sorted(GENERAL_SUBTREE, (st)) + +#define sk_IPAddressFamily_new(st) SKM_sk_new(IPAddressFamily, (st)) +#define sk_IPAddressFamily_new_null() SKM_sk_new_null(IPAddressFamily) +#define sk_IPAddressFamily_free(st) SKM_sk_free(IPAddressFamily, (st)) +#define sk_IPAddressFamily_num(st) SKM_sk_num(IPAddressFamily, (st)) +#define sk_IPAddressFamily_value(st, i) SKM_sk_value(IPAddressFamily, (st), (i)) +#define sk_IPAddressFamily_set(st, i, val) SKM_sk_set(IPAddressFamily, (st), (i), (val)) +#define sk_IPAddressFamily_zero(st) SKM_sk_zero(IPAddressFamily, (st)) +#define sk_IPAddressFamily_push(st, val) SKM_sk_push(IPAddressFamily, (st), (val)) +#define sk_IPAddressFamily_unshift(st, val) SKM_sk_unshift(IPAddressFamily, (st), (val)) +#define sk_IPAddressFamily_find(st, val) SKM_sk_find(IPAddressFamily, (st), (val)) +#define sk_IPAddressFamily_find_ex(st, val) SKM_sk_find_ex(IPAddressFamily, (st), (val)) +#define sk_IPAddressFamily_delete(st, i) SKM_sk_delete(IPAddressFamily, (st), (i)) +#define sk_IPAddressFamily_delete_ptr(st, ptr) SKM_sk_delete_ptr(IPAddressFamily, (st), (ptr)) +#define sk_IPAddressFamily_insert(st, val, i) SKM_sk_insert(IPAddressFamily, (st), (val), (i)) +#define sk_IPAddressFamily_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(IPAddressFamily, (st), (cmp)) +#define sk_IPAddressFamily_dup(st) SKM_sk_dup(IPAddressFamily, st) +#define sk_IPAddressFamily_pop_free(st, free_func) SKM_sk_pop_free(IPAddressFamily, (st), (free_func)) +#define sk_IPAddressFamily_shift(st) SKM_sk_shift(IPAddressFamily, (st)) +#define sk_IPAddressFamily_pop(st) SKM_sk_pop(IPAddressFamily, (st)) +#define sk_IPAddressFamily_sort(st) SKM_sk_sort(IPAddressFamily, (st)) +#define sk_IPAddressFamily_is_sorted(st) SKM_sk_is_sorted(IPAddressFamily, (st)) + +#define sk_IPAddressOrRange_new(st) SKM_sk_new(IPAddressOrRange, (st)) +#define sk_IPAddressOrRange_new_null() SKM_sk_new_null(IPAddressOrRange) +#define sk_IPAddressOrRange_free(st) SKM_sk_free(IPAddressOrRange, (st)) +#define sk_IPAddressOrRange_num(st) SKM_sk_num(IPAddressOrRange, (st)) +#define sk_IPAddressOrRange_value(st, i) SKM_sk_value(IPAddressOrRange, (st), (i)) +#define sk_IPAddressOrRange_set(st, i, val) SKM_sk_set(IPAddressOrRange, (st), (i), (val)) +#define sk_IPAddressOrRange_zero(st) SKM_sk_zero(IPAddressOrRange, (st)) +#define sk_IPAddressOrRange_push(st, val) SKM_sk_push(IPAddressOrRange, (st), (val)) +#define sk_IPAddressOrRange_unshift(st, val) SKM_sk_unshift(IPAddressOrRange, (st), (val)) +#define sk_IPAddressOrRange_find(st, val) SKM_sk_find(IPAddressOrRange, (st), (val)) +#define sk_IPAddressOrRange_find_ex(st, val) SKM_sk_find_ex(IPAddressOrRange, (st), (val)) +#define sk_IPAddressOrRange_delete(st, i) SKM_sk_delete(IPAddressOrRange, (st), (i)) +#define sk_IPAddressOrRange_delete_ptr(st, ptr) SKM_sk_delete_ptr(IPAddressOrRange, (st), (ptr)) +#define sk_IPAddressOrRange_insert(st, val, i) SKM_sk_insert(IPAddressOrRange, (st), (val), (i)) +#define sk_IPAddressOrRange_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(IPAddressOrRange, (st), (cmp)) +#define sk_IPAddressOrRange_dup(st) SKM_sk_dup(IPAddressOrRange, st) +#define sk_IPAddressOrRange_pop_free(st, free_func) SKM_sk_pop_free(IPAddressOrRange, (st), (free_func)) +#define sk_IPAddressOrRange_shift(st) SKM_sk_shift(IPAddressOrRange, (st)) +#define sk_IPAddressOrRange_pop(st) SKM_sk_pop(IPAddressOrRange, (st)) +#define sk_IPAddressOrRange_sort(st) SKM_sk_sort(IPAddressOrRange, (st)) +#define sk_IPAddressOrRange_is_sorted(st) SKM_sk_is_sorted(IPAddressOrRange, (st)) + #define sk_KRB5_APREQBODY_new(st) SKM_sk_new(KRB5_APREQBODY, (st)) #define sk_KRB5_APREQBODY_new_null() SKM_sk_new_null(KRB5_APREQBODY) #define sk_KRB5_APREQBODY_free(st) SKM_sk_free(KRB5_APREQBODY, (st)) @@ -578,6 +798,7 @@ STACK_OF(type) \ #define sk_KRB5_APREQBODY_push(st, val) SKM_sk_push(KRB5_APREQBODY, (st), (val)) #define sk_KRB5_APREQBODY_unshift(st, val) SKM_sk_unshift(KRB5_APREQBODY, (st), (val)) #define sk_KRB5_APREQBODY_find(st, val) SKM_sk_find(KRB5_APREQBODY, (st), (val)) +#define sk_KRB5_APREQBODY_find_ex(st, val) SKM_sk_find_ex(KRB5_APREQBODY, (st), (val)) #define sk_KRB5_APREQBODY_delete(st, i) SKM_sk_delete(KRB5_APREQBODY, (st), (i)) #define sk_KRB5_APREQBODY_delete_ptr(st, ptr) SKM_sk_delete_ptr(KRB5_APREQBODY, (st), (ptr)) #define sk_KRB5_APREQBODY_insert(st, val, i) SKM_sk_insert(KRB5_APREQBODY, (st), (val), (i)) @@ -599,6 +820,7 @@ STACK_OF(type) \ #define sk_KRB5_AUTHDATA_push(st, val) SKM_sk_push(KRB5_AUTHDATA, (st), (val)) #define sk_KRB5_AUTHDATA_unshift(st, val) SKM_sk_unshift(KRB5_AUTHDATA, (st), (val)) #define sk_KRB5_AUTHDATA_find(st, val) SKM_sk_find(KRB5_AUTHDATA, (st), (val)) +#define sk_KRB5_AUTHDATA_find_ex(st, val) SKM_sk_find_ex(KRB5_AUTHDATA, (st), (val)) #define sk_KRB5_AUTHDATA_delete(st, i) SKM_sk_delete(KRB5_AUTHDATA, (st), (i)) #define sk_KRB5_AUTHDATA_delete_ptr(st, ptr) SKM_sk_delete_ptr(KRB5_AUTHDATA, (st), (ptr)) #define sk_KRB5_AUTHDATA_insert(st, val, i) SKM_sk_insert(KRB5_AUTHDATA, (st), (val), (i)) @@ -620,6 +842,7 @@ STACK_OF(type) \ #define sk_KRB5_AUTHENTBODY_push(st, val) SKM_sk_push(KRB5_AUTHENTBODY, (st), (val)) #define sk_KRB5_AUTHENTBODY_unshift(st, val) SKM_sk_unshift(KRB5_AUTHENTBODY, (st), (val)) #define sk_KRB5_AUTHENTBODY_find(st, val) SKM_sk_find(KRB5_AUTHENTBODY, (st), (val)) +#define sk_KRB5_AUTHENTBODY_find_ex(st, val) SKM_sk_find_ex(KRB5_AUTHENTBODY, (st), (val)) #define sk_KRB5_AUTHENTBODY_delete(st, i) SKM_sk_delete(KRB5_AUTHENTBODY, (st), (i)) #define sk_KRB5_AUTHENTBODY_delete_ptr(st, ptr) SKM_sk_delete_ptr(KRB5_AUTHENTBODY, (st), (ptr)) #define sk_KRB5_AUTHENTBODY_insert(st, val, i) SKM_sk_insert(KRB5_AUTHENTBODY, (st), (val), (i)) @@ -641,6 +864,7 @@ STACK_OF(type) \ #define sk_KRB5_CHECKSUM_push(st, val) SKM_sk_push(KRB5_CHECKSUM, (st), (val)) #define sk_KRB5_CHECKSUM_unshift(st, val) SKM_sk_unshift(KRB5_CHECKSUM, (st), (val)) #define sk_KRB5_CHECKSUM_find(st, val) SKM_sk_find(KRB5_CHECKSUM, (st), (val)) +#define sk_KRB5_CHECKSUM_find_ex(st, val) SKM_sk_find_ex(KRB5_CHECKSUM, (st), (val)) #define sk_KRB5_CHECKSUM_delete(st, i) SKM_sk_delete(KRB5_CHECKSUM, (st), (i)) #define sk_KRB5_CHECKSUM_delete_ptr(st, ptr) SKM_sk_delete_ptr(KRB5_CHECKSUM, (st), (ptr)) #define sk_KRB5_CHECKSUM_insert(st, val, i) SKM_sk_insert(KRB5_CHECKSUM, (st), (val), (i)) @@ -662,6 +886,7 @@ STACK_OF(type) \ #define sk_KRB5_ENCDATA_push(st, val) SKM_sk_push(KRB5_ENCDATA, (st), (val)) #define sk_KRB5_ENCDATA_unshift(st, val) SKM_sk_unshift(KRB5_ENCDATA, (st), (val)) #define sk_KRB5_ENCDATA_find(st, val) SKM_sk_find(KRB5_ENCDATA, (st), (val)) +#define sk_KRB5_ENCDATA_find_ex(st, val) SKM_sk_find_ex(KRB5_ENCDATA, (st), (val)) #define sk_KRB5_ENCDATA_delete(st, i) SKM_sk_delete(KRB5_ENCDATA, (st), (i)) #define sk_KRB5_ENCDATA_delete_ptr(st, ptr) SKM_sk_delete_ptr(KRB5_ENCDATA, (st), (ptr)) #define sk_KRB5_ENCDATA_insert(st, val, i) SKM_sk_insert(KRB5_ENCDATA, (st), (val), (i)) @@ -683,6 +908,7 @@ STACK_OF(type) \ #define sk_KRB5_ENCKEY_push(st, val) SKM_sk_push(KRB5_ENCKEY, (st), (val)) #define sk_KRB5_ENCKEY_unshift(st, val) SKM_sk_unshift(KRB5_ENCKEY, (st), (val)) #define sk_KRB5_ENCKEY_find(st, val) SKM_sk_find(KRB5_ENCKEY, (st), (val)) +#define sk_KRB5_ENCKEY_find_ex(st, val) SKM_sk_find_ex(KRB5_ENCKEY, (st), (val)) #define sk_KRB5_ENCKEY_delete(st, i) SKM_sk_delete(KRB5_ENCKEY, (st), (i)) #define sk_KRB5_ENCKEY_delete_ptr(st, ptr) SKM_sk_delete_ptr(KRB5_ENCKEY, (st), (ptr)) #define sk_KRB5_ENCKEY_insert(st, val, i) SKM_sk_insert(KRB5_ENCKEY, (st), (val), (i)) @@ -704,6 +930,7 @@ STACK_OF(type) \ #define sk_KRB5_PRINCNAME_push(st, val) SKM_sk_push(KRB5_PRINCNAME, (st), (val)) #define sk_KRB5_PRINCNAME_unshift(st, val) SKM_sk_unshift(KRB5_PRINCNAME, (st), (val)) #define sk_KRB5_PRINCNAME_find(st, val) SKM_sk_find(KRB5_PRINCNAME, (st), (val)) +#define sk_KRB5_PRINCNAME_find_ex(st, val) SKM_sk_find_ex(KRB5_PRINCNAME, (st), (val)) #define sk_KRB5_PRINCNAME_delete(st, i) SKM_sk_delete(KRB5_PRINCNAME, (st), (i)) #define sk_KRB5_PRINCNAME_delete_ptr(st, ptr) SKM_sk_delete_ptr(KRB5_PRINCNAME, (st), (ptr)) #define sk_KRB5_PRINCNAME_insert(st, val, i) SKM_sk_insert(KRB5_PRINCNAME, (st), (val), (i)) @@ -725,6 +952,7 @@ STACK_OF(type) \ #define sk_KRB5_TKTBODY_push(st, val) SKM_sk_push(KRB5_TKTBODY, (st), (val)) #define sk_KRB5_TKTBODY_unshift(st, val) SKM_sk_unshift(KRB5_TKTBODY, (st), (val)) #define sk_KRB5_TKTBODY_find(st, val) SKM_sk_find(KRB5_TKTBODY, (st), (val)) +#define sk_KRB5_TKTBODY_find_ex(st, val) SKM_sk_find_ex(KRB5_TKTBODY, (st), (val)) #define sk_KRB5_TKTBODY_delete(st, i) SKM_sk_delete(KRB5_TKTBODY, (st), (i)) #define sk_KRB5_TKTBODY_delete_ptr(st, ptr) SKM_sk_delete_ptr(KRB5_TKTBODY, (st), (ptr)) #define sk_KRB5_TKTBODY_insert(st, val, i) SKM_sk_insert(KRB5_TKTBODY, (st), (val), (i)) @@ -746,6 +974,7 @@ STACK_OF(type) \ #define sk_MIME_HEADER_push(st, val) SKM_sk_push(MIME_HEADER, (st), (val)) #define sk_MIME_HEADER_unshift(st, val) SKM_sk_unshift(MIME_HEADER, (st), (val)) #define sk_MIME_HEADER_find(st, val) SKM_sk_find(MIME_HEADER, (st), (val)) +#define sk_MIME_HEADER_find_ex(st, val) SKM_sk_find_ex(MIME_HEADER, (st), (val)) #define sk_MIME_HEADER_delete(st, i) SKM_sk_delete(MIME_HEADER, (st), (i)) #define sk_MIME_HEADER_delete_ptr(st, ptr) SKM_sk_delete_ptr(MIME_HEADER, (st), (ptr)) #define sk_MIME_HEADER_insert(st, val, i) SKM_sk_insert(MIME_HEADER, (st), (val), (i)) @@ -767,6 +996,7 @@ STACK_OF(type) \ #define sk_MIME_PARAM_push(st, val) SKM_sk_push(MIME_PARAM, (st), (val)) #define sk_MIME_PARAM_unshift(st, val) SKM_sk_unshift(MIME_PARAM, (st), (val)) #define sk_MIME_PARAM_find(st, val) SKM_sk_find(MIME_PARAM, (st), (val)) +#define sk_MIME_PARAM_find_ex(st, val) SKM_sk_find_ex(MIME_PARAM, (st), (val)) #define sk_MIME_PARAM_delete(st, i) SKM_sk_delete(MIME_PARAM, (st), (i)) #define sk_MIME_PARAM_delete_ptr(st, ptr) SKM_sk_delete_ptr(MIME_PARAM, (st), (ptr)) #define sk_MIME_PARAM_insert(st, val, i) SKM_sk_insert(MIME_PARAM, (st), (val), (i)) @@ -788,6 +1018,7 @@ STACK_OF(type) \ #define sk_NAME_FUNCS_push(st, val) SKM_sk_push(NAME_FUNCS, (st), (val)) #define sk_NAME_FUNCS_unshift(st, val) SKM_sk_unshift(NAME_FUNCS, (st), (val)) #define sk_NAME_FUNCS_find(st, val) SKM_sk_find(NAME_FUNCS, (st), (val)) +#define sk_NAME_FUNCS_find_ex(st, val) SKM_sk_find_ex(NAME_FUNCS, (st), (val)) #define sk_NAME_FUNCS_delete(st, i) SKM_sk_delete(NAME_FUNCS, (st), (i)) #define sk_NAME_FUNCS_delete_ptr(st, ptr) SKM_sk_delete_ptr(NAME_FUNCS, (st), (ptr)) #define sk_NAME_FUNCS_insert(st, val, i) SKM_sk_insert(NAME_FUNCS, (st), (val), (i)) @@ -809,6 +1040,7 @@ STACK_OF(type) \ #define sk_OCSP_CERTID_push(st, val) SKM_sk_push(OCSP_CERTID, (st), (val)) #define sk_OCSP_CERTID_unshift(st, val) SKM_sk_unshift(OCSP_CERTID, (st), (val)) #define sk_OCSP_CERTID_find(st, val) SKM_sk_find(OCSP_CERTID, (st), (val)) +#define sk_OCSP_CERTID_find_ex(st, val) SKM_sk_find_ex(OCSP_CERTID, (st), (val)) #define sk_OCSP_CERTID_delete(st, i) SKM_sk_delete(OCSP_CERTID, (st), (i)) #define sk_OCSP_CERTID_delete_ptr(st, ptr) SKM_sk_delete_ptr(OCSP_CERTID, (st), (ptr)) #define sk_OCSP_CERTID_insert(st, val, i) SKM_sk_insert(OCSP_CERTID, (st), (val), (i)) @@ -830,6 +1062,7 @@ STACK_OF(type) \ #define sk_OCSP_ONEREQ_push(st, val) SKM_sk_push(OCSP_ONEREQ, (st), (val)) #define sk_OCSP_ONEREQ_unshift(st, val) SKM_sk_unshift(OCSP_ONEREQ, (st), (val)) #define sk_OCSP_ONEREQ_find(st, val) SKM_sk_find(OCSP_ONEREQ, (st), (val)) +#define sk_OCSP_ONEREQ_find_ex(st, val) SKM_sk_find_ex(OCSP_ONEREQ, (st), (val)) #define sk_OCSP_ONEREQ_delete(st, i) SKM_sk_delete(OCSP_ONEREQ, (st), (i)) #define sk_OCSP_ONEREQ_delete_ptr(st, ptr) SKM_sk_delete_ptr(OCSP_ONEREQ, (st), (ptr)) #define sk_OCSP_ONEREQ_insert(st, val, i) SKM_sk_insert(OCSP_ONEREQ, (st), (val), (i)) @@ -841,6 +1074,28 @@ STACK_OF(type) \ #define sk_OCSP_ONEREQ_sort(st) SKM_sk_sort(OCSP_ONEREQ, (st)) #define sk_OCSP_ONEREQ_is_sorted(st) SKM_sk_is_sorted(OCSP_ONEREQ, (st)) +#define sk_OCSP_RESPID_new(st) SKM_sk_new(OCSP_RESPID, (st)) +#define sk_OCSP_RESPID_new_null() SKM_sk_new_null(OCSP_RESPID) +#define sk_OCSP_RESPID_free(st) SKM_sk_free(OCSP_RESPID, (st)) +#define sk_OCSP_RESPID_num(st) SKM_sk_num(OCSP_RESPID, (st)) +#define sk_OCSP_RESPID_value(st, i) SKM_sk_value(OCSP_RESPID, (st), (i)) +#define sk_OCSP_RESPID_set(st, i, val) SKM_sk_set(OCSP_RESPID, (st), (i), (val)) +#define sk_OCSP_RESPID_zero(st) SKM_sk_zero(OCSP_RESPID, (st)) +#define sk_OCSP_RESPID_push(st, val) SKM_sk_push(OCSP_RESPID, (st), (val)) +#define sk_OCSP_RESPID_unshift(st, val) SKM_sk_unshift(OCSP_RESPID, (st), (val)) +#define sk_OCSP_RESPID_find(st, val) SKM_sk_find(OCSP_RESPID, (st), (val)) +#define sk_OCSP_RESPID_find_ex(st, val) SKM_sk_find_ex(OCSP_RESPID, (st), (val)) +#define sk_OCSP_RESPID_delete(st, i) SKM_sk_delete(OCSP_RESPID, (st), (i)) +#define sk_OCSP_RESPID_delete_ptr(st, ptr) SKM_sk_delete_ptr(OCSP_RESPID, (st), (ptr)) +#define sk_OCSP_RESPID_insert(st, val, i) SKM_sk_insert(OCSP_RESPID, (st), (val), (i)) +#define sk_OCSP_RESPID_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(OCSP_RESPID, (st), (cmp)) +#define sk_OCSP_RESPID_dup(st) SKM_sk_dup(OCSP_RESPID, st) +#define sk_OCSP_RESPID_pop_free(st, free_func) SKM_sk_pop_free(OCSP_RESPID, (st), (free_func)) +#define sk_OCSP_RESPID_shift(st) SKM_sk_shift(OCSP_RESPID, (st)) +#define sk_OCSP_RESPID_pop(st) SKM_sk_pop(OCSP_RESPID, (st)) +#define sk_OCSP_RESPID_sort(st) SKM_sk_sort(OCSP_RESPID, (st)) +#define sk_OCSP_RESPID_is_sorted(st) SKM_sk_is_sorted(OCSP_RESPID, (st)) + #define sk_OCSP_SINGLERESP_new(st) SKM_sk_new(OCSP_SINGLERESP, (st)) #define sk_OCSP_SINGLERESP_new_null() SKM_sk_new_null(OCSP_SINGLERESP) #define sk_OCSP_SINGLERESP_free(st) SKM_sk_free(OCSP_SINGLERESP, (st)) @@ -851,6 +1106,7 @@ STACK_OF(type) \ #define sk_OCSP_SINGLERESP_push(st, val) SKM_sk_push(OCSP_SINGLERESP, (st), (val)) #define sk_OCSP_SINGLERESP_unshift(st, val) SKM_sk_unshift(OCSP_SINGLERESP, (st), (val)) #define sk_OCSP_SINGLERESP_find(st, val) SKM_sk_find(OCSP_SINGLERESP, (st), (val)) +#define sk_OCSP_SINGLERESP_find_ex(st, val) SKM_sk_find_ex(OCSP_SINGLERESP, (st), (val)) #define sk_OCSP_SINGLERESP_delete(st, i) SKM_sk_delete(OCSP_SINGLERESP, (st), (i)) #define sk_OCSP_SINGLERESP_delete_ptr(st, ptr) SKM_sk_delete_ptr(OCSP_SINGLERESP, (st), (ptr)) #define sk_OCSP_SINGLERESP_insert(st, val, i) SKM_sk_insert(OCSP_SINGLERESP, (st), (val), (i)) @@ -872,6 +1128,7 @@ STACK_OF(type) \ #define sk_PKCS12_SAFEBAG_push(st, val) SKM_sk_push(PKCS12_SAFEBAG, (st), (val)) #define sk_PKCS12_SAFEBAG_unshift(st, val) SKM_sk_unshift(PKCS12_SAFEBAG, (st), (val)) #define sk_PKCS12_SAFEBAG_find(st, val) SKM_sk_find(PKCS12_SAFEBAG, (st), (val)) +#define sk_PKCS12_SAFEBAG_find_ex(st, val) SKM_sk_find_ex(PKCS12_SAFEBAG, (st), (val)) #define sk_PKCS12_SAFEBAG_delete(st, i) SKM_sk_delete(PKCS12_SAFEBAG, (st), (i)) #define sk_PKCS12_SAFEBAG_delete_ptr(st, ptr) SKM_sk_delete_ptr(PKCS12_SAFEBAG, (st), (ptr)) #define sk_PKCS12_SAFEBAG_insert(st, val, i) SKM_sk_insert(PKCS12_SAFEBAG, (st), (val), (i)) @@ -893,6 +1150,7 @@ STACK_OF(type) \ #define sk_PKCS7_push(st, val) SKM_sk_push(PKCS7, (st), (val)) #define sk_PKCS7_unshift(st, val) SKM_sk_unshift(PKCS7, (st), (val)) #define sk_PKCS7_find(st, val) SKM_sk_find(PKCS7, (st), (val)) +#define sk_PKCS7_find_ex(st, val) SKM_sk_find_ex(PKCS7, (st), (val)) #define sk_PKCS7_delete(st, i) SKM_sk_delete(PKCS7, (st), (i)) #define sk_PKCS7_delete_ptr(st, ptr) SKM_sk_delete_ptr(PKCS7, (st), (ptr)) #define sk_PKCS7_insert(st, val, i) SKM_sk_insert(PKCS7, (st), (val), (i)) @@ -914,6 +1172,7 @@ STACK_OF(type) \ #define sk_PKCS7_RECIP_INFO_push(st, val) SKM_sk_push(PKCS7_RECIP_INFO, (st), (val)) #define sk_PKCS7_RECIP_INFO_unshift(st, val) SKM_sk_unshift(PKCS7_RECIP_INFO, (st), (val)) #define sk_PKCS7_RECIP_INFO_find(st, val) SKM_sk_find(PKCS7_RECIP_INFO, (st), (val)) +#define sk_PKCS7_RECIP_INFO_find_ex(st, val) SKM_sk_find_ex(PKCS7_RECIP_INFO, (st), (val)) #define sk_PKCS7_RECIP_INFO_delete(st, i) SKM_sk_delete(PKCS7_RECIP_INFO, (st), (i)) #define sk_PKCS7_RECIP_INFO_delete_ptr(st, ptr) SKM_sk_delete_ptr(PKCS7_RECIP_INFO, (st), (ptr)) #define sk_PKCS7_RECIP_INFO_insert(st, val, i) SKM_sk_insert(PKCS7_RECIP_INFO, (st), (val), (i)) @@ -935,6 +1194,7 @@ STACK_OF(type) \ #define sk_PKCS7_SIGNER_INFO_push(st, val) SKM_sk_push(PKCS7_SIGNER_INFO, (st), (val)) #define sk_PKCS7_SIGNER_INFO_unshift(st, val) SKM_sk_unshift(PKCS7_SIGNER_INFO, (st), (val)) #define sk_PKCS7_SIGNER_INFO_find(st, val) SKM_sk_find(PKCS7_SIGNER_INFO, (st), (val)) +#define sk_PKCS7_SIGNER_INFO_find_ex(st, val) SKM_sk_find_ex(PKCS7_SIGNER_INFO, (st), (val)) #define sk_PKCS7_SIGNER_INFO_delete(st, i) SKM_sk_delete(PKCS7_SIGNER_INFO, (st), (i)) #define sk_PKCS7_SIGNER_INFO_delete_ptr(st, ptr) SKM_sk_delete_ptr(PKCS7_SIGNER_INFO, (st), (ptr)) #define sk_PKCS7_SIGNER_INFO_insert(st, val, i) SKM_sk_insert(PKCS7_SIGNER_INFO, (st), (val), (i)) @@ -956,6 +1216,7 @@ STACK_OF(type) \ #define sk_POLICYINFO_push(st, val) SKM_sk_push(POLICYINFO, (st), (val)) #define sk_POLICYINFO_unshift(st, val) SKM_sk_unshift(POLICYINFO, (st), (val)) #define sk_POLICYINFO_find(st, val) SKM_sk_find(POLICYINFO, (st), (val)) +#define sk_POLICYINFO_find_ex(st, val) SKM_sk_find_ex(POLICYINFO, (st), (val)) #define sk_POLICYINFO_delete(st, i) SKM_sk_delete(POLICYINFO, (st), (i)) #define sk_POLICYINFO_delete_ptr(st, ptr) SKM_sk_delete_ptr(POLICYINFO, (st), (ptr)) #define sk_POLICYINFO_insert(st, val, i) SKM_sk_insert(POLICYINFO, (st), (val), (i)) @@ -977,6 +1238,7 @@ STACK_OF(type) \ #define sk_POLICYQUALINFO_push(st, val) SKM_sk_push(POLICYQUALINFO, (st), (val)) #define sk_POLICYQUALINFO_unshift(st, val) SKM_sk_unshift(POLICYQUALINFO, (st), (val)) #define sk_POLICYQUALINFO_find(st, val) SKM_sk_find(POLICYQUALINFO, (st), (val)) +#define sk_POLICYQUALINFO_find_ex(st, val) SKM_sk_find_ex(POLICYQUALINFO, (st), (val)) #define sk_POLICYQUALINFO_delete(st, i) SKM_sk_delete(POLICYQUALINFO, (st), (i)) #define sk_POLICYQUALINFO_delete_ptr(st, ptr) SKM_sk_delete_ptr(POLICYQUALINFO, (st), (ptr)) #define sk_POLICYQUALINFO_insert(st, val, i) SKM_sk_insert(POLICYQUALINFO, (st), (val), (i)) @@ -988,6 +1250,28 @@ STACK_OF(type) \ #define sk_POLICYQUALINFO_sort(st) SKM_sk_sort(POLICYQUALINFO, (st)) #define sk_POLICYQUALINFO_is_sorted(st) SKM_sk_is_sorted(POLICYQUALINFO, (st)) +#define sk_POLICY_MAPPING_new(st) SKM_sk_new(POLICY_MAPPING, (st)) +#define sk_POLICY_MAPPING_new_null() SKM_sk_new_null(POLICY_MAPPING) +#define sk_POLICY_MAPPING_free(st) SKM_sk_free(POLICY_MAPPING, (st)) +#define sk_POLICY_MAPPING_num(st) SKM_sk_num(POLICY_MAPPING, (st)) +#define sk_POLICY_MAPPING_value(st, i) SKM_sk_value(POLICY_MAPPING, (st), (i)) +#define sk_POLICY_MAPPING_set(st, i, val) SKM_sk_set(POLICY_MAPPING, (st), (i), (val)) +#define sk_POLICY_MAPPING_zero(st) SKM_sk_zero(POLICY_MAPPING, (st)) +#define sk_POLICY_MAPPING_push(st, val) SKM_sk_push(POLICY_MAPPING, (st), (val)) +#define sk_POLICY_MAPPING_unshift(st, val) SKM_sk_unshift(POLICY_MAPPING, (st), (val)) +#define sk_POLICY_MAPPING_find(st, val) SKM_sk_find(POLICY_MAPPING, (st), (val)) +#define sk_POLICY_MAPPING_find_ex(st, val) SKM_sk_find_ex(POLICY_MAPPING, (st), (val)) +#define sk_POLICY_MAPPING_delete(st, i) SKM_sk_delete(POLICY_MAPPING, (st), (i)) +#define sk_POLICY_MAPPING_delete_ptr(st, ptr) SKM_sk_delete_ptr(POLICY_MAPPING, (st), (ptr)) +#define sk_POLICY_MAPPING_insert(st, val, i) SKM_sk_insert(POLICY_MAPPING, (st), (val), (i)) +#define sk_POLICY_MAPPING_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(POLICY_MAPPING, (st), (cmp)) +#define sk_POLICY_MAPPING_dup(st) SKM_sk_dup(POLICY_MAPPING, st) +#define sk_POLICY_MAPPING_pop_free(st, free_func) SKM_sk_pop_free(POLICY_MAPPING, (st), (free_func)) +#define sk_POLICY_MAPPING_shift(st) SKM_sk_shift(POLICY_MAPPING, (st)) +#define sk_POLICY_MAPPING_pop(st) SKM_sk_pop(POLICY_MAPPING, (st)) +#define sk_POLICY_MAPPING_sort(st) SKM_sk_sort(POLICY_MAPPING, (st)) +#define sk_POLICY_MAPPING_is_sorted(st) SKM_sk_is_sorted(POLICY_MAPPING, (st)) + #define sk_SSL_CIPHER_new(st) SKM_sk_new(SSL_CIPHER, (st)) #define sk_SSL_CIPHER_new_null() SKM_sk_new_null(SSL_CIPHER) #define sk_SSL_CIPHER_free(st) SKM_sk_free(SSL_CIPHER, (st)) @@ -998,6 +1282,7 @@ STACK_OF(type) \ #define sk_SSL_CIPHER_push(st, val) SKM_sk_push(SSL_CIPHER, (st), (val)) #define sk_SSL_CIPHER_unshift(st, val) SKM_sk_unshift(SSL_CIPHER, (st), (val)) #define sk_SSL_CIPHER_find(st, val) SKM_sk_find(SSL_CIPHER, (st), (val)) +#define sk_SSL_CIPHER_find_ex(st, val) SKM_sk_find_ex(SSL_CIPHER, (st), (val)) #define sk_SSL_CIPHER_delete(st, i) SKM_sk_delete(SSL_CIPHER, (st), (i)) #define sk_SSL_CIPHER_delete_ptr(st, ptr) SKM_sk_delete_ptr(SSL_CIPHER, (st), (ptr)) #define sk_SSL_CIPHER_insert(st, val, i) SKM_sk_insert(SSL_CIPHER, (st), (val), (i)) @@ -1019,6 +1304,7 @@ STACK_OF(type) \ #define sk_SSL_COMP_push(st, val) SKM_sk_push(SSL_COMP, (st), (val)) #define sk_SSL_COMP_unshift(st, val) SKM_sk_unshift(SSL_COMP, (st), (val)) #define sk_SSL_COMP_find(st, val) SKM_sk_find(SSL_COMP, (st), (val)) +#define sk_SSL_COMP_find_ex(st, val) SKM_sk_find_ex(SSL_COMP, (st), (val)) #define sk_SSL_COMP_delete(st, i) SKM_sk_delete(SSL_COMP, (st), (i)) #define sk_SSL_COMP_delete_ptr(st, ptr) SKM_sk_delete_ptr(SSL_COMP, (st), (ptr)) #define sk_SSL_COMP_insert(st, val, i) SKM_sk_insert(SSL_COMP, (st), (val), (i)) @@ -1030,6 +1316,28 @@ STACK_OF(type) \ #define sk_SSL_COMP_sort(st) SKM_sk_sort(SSL_COMP, (st)) #define sk_SSL_COMP_is_sorted(st) SKM_sk_is_sorted(SSL_COMP, (st)) +#define sk_STORE_OBJECT_new(st) SKM_sk_new(STORE_OBJECT, (st)) +#define sk_STORE_OBJECT_new_null() SKM_sk_new_null(STORE_OBJECT) +#define sk_STORE_OBJECT_free(st) SKM_sk_free(STORE_OBJECT, (st)) +#define sk_STORE_OBJECT_num(st) SKM_sk_num(STORE_OBJECT, (st)) +#define sk_STORE_OBJECT_value(st, i) SKM_sk_value(STORE_OBJECT, (st), (i)) +#define sk_STORE_OBJECT_set(st, i, val) SKM_sk_set(STORE_OBJECT, (st), (i), (val)) +#define sk_STORE_OBJECT_zero(st) SKM_sk_zero(STORE_OBJECT, (st)) +#define sk_STORE_OBJECT_push(st, val) SKM_sk_push(STORE_OBJECT, (st), (val)) +#define sk_STORE_OBJECT_unshift(st, val) SKM_sk_unshift(STORE_OBJECT, (st), (val)) +#define sk_STORE_OBJECT_find(st, val) SKM_sk_find(STORE_OBJECT, (st), (val)) +#define sk_STORE_OBJECT_find_ex(st, val) SKM_sk_find_ex(STORE_OBJECT, (st), (val)) +#define sk_STORE_OBJECT_delete(st, i) SKM_sk_delete(STORE_OBJECT, (st), (i)) +#define sk_STORE_OBJECT_delete_ptr(st, ptr) SKM_sk_delete_ptr(STORE_OBJECT, (st), (ptr)) +#define sk_STORE_OBJECT_insert(st, val, i) SKM_sk_insert(STORE_OBJECT, (st), (val), (i)) +#define sk_STORE_OBJECT_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(STORE_OBJECT, (st), (cmp)) +#define sk_STORE_OBJECT_dup(st) SKM_sk_dup(STORE_OBJECT, st) +#define sk_STORE_OBJECT_pop_free(st, free_func) SKM_sk_pop_free(STORE_OBJECT, (st), (free_func)) +#define sk_STORE_OBJECT_shift(st) SKM_sk_shift(STORE_OBJECT, (st)) +#define sk_STORE_OBJECT_pop(st) SKM_sk_pop(STORE_OBJECT, (st)) +#define sk_STORE_OBJECT_sort(st) SKM_sk_sort(STORE_OBJECT, (st)) +#define sk_STORE_OBJECT_is_sorted(st) SKM_sk_is_sorted(STORE_OBJECT, (st)) + #define sk_SXNETID_new(st) SKM_sk_new(SXNETID, (st)) #define sk_SXNETID_new_null() SKM_sk_new_null(SXNETID) #define sk_SXNETID_free(st) SKM_sk_free(SXNETID, (st)) @@ -1040,6 +1348,7 @@ STACK_OF(type) \ #define sk_SXNETID_push(st, val) SKM_sk_push(SXNETID, (st), (val)) #define sk_SXNETID_unshift(st, val) SKM_sk_unshift(SXNETID, (st), (val)) #define sk_SXNETID_find(st, val) SKM_sk_find(SXNETID, (st), (val)) +#define sk_SXNETID_find_ex(st, val) SKM_sk_find_ex(SXNETID, (st), (val)) #define sk_SXNETID_delete(st, i) SKM_sk_delete(SXNETID, (st), (i)) #define sk_SXNETID_delete_ptr(st, ptr) SKM_sk_delete_ptr(SXNETID, (st), (ptr)) #define sk_SXNETID_insert(st, val, i) SKM_sk_insert(SXNETID, (st), (val), (i)) @@ -1061,6 +1370,7 @@ STACK_OF(type) \ #define sk_UI_STRING_push(st, val) SKM_sk_push(UI_STRING, (st), (val)) #define sk_UI_STRING_unshift(st, val) SKM_sk_unshift(UI_STRING, (st), (val)) #define sk_UI_STRING_find(st, val) SKM_sk_find(UI_STRING, (st), (val)) +#define sk_UI_STRING_find_ex(st, val) SKM_sk_find_ex(UI_STRING, (st), (val)) #define sk_UI_STRING_delete(st, i) SKM_sk_delete(UI_STRING, (st), (i)) #define sk_UI_STRING_delete_ptr(st, ptr) SKM_sk_delete_ptr(UI_STRING, (st), (ptr)) #define sk_UI_STRING_insert(st, val, i) SKM_sk_insert(UI_STRING, (st), (val), (i)) @@ -1082,6 +1392,7 @@ STACK_OF(type) \ #define sk_X509_push(st, val) SKM_sk_push(X509, (st), (val)) #define sk_X509_unshift(st, val) SKM_sk_unshift(X509, (st), (val)) #define sk_X509_find(st, val) SKM_sk_find(X509, (st), (val)) +#define sk_X509_find_ex(st, val) SKM_sk_find_ex(X509, (st), (val)) #define sk_X509_delete(st, i) SKM_sk_delete(X509, (st), (i)) #define sk_X509_delete_ptr(st, ptr) SKM_sk_delete_ptr(X509, (st), (ptr)) #define sk_X509_insert(st, val, i) SKM_sk_insert(X509, (st), (val), (i)) @@ -1103,6 +1414,7 @@ STACK_OF(type) \ #define sk_X509V3_EXT_METHOD_push(st, val) SKM_sk_push(X509V3_EXT_METHOD, (st), (val)) #define sk_X509V3_EXT_METHOD_unshift(st, val) SKM_sk_unshift(X509V3_EXT_METHOD, (st), (val)) #define sk_X509V3_EXT_METHOD_find(st, val) SKM_sk_find(X509V3_EXT_METHOD, (st), (val)) +#define sk_X509V3_EXT_METHOD_find_ex(st, val) SKM_sk_find_ex(X509V3_EXT_METHOD, (st), (val)) #define sk_X509V3_EXT_METHOD_delete(st, i) SKM_sk_delete(X509V3_EXT_METHOD, (st), (i)) #define sk_X509V3_EXT_METHOD_delete_ptr(st, ptr) SKM_sk_delete_ptr(X509V3_EXT_METHOD, (st), (ptr)) #define sk_X509V3_EXT_METHOD_insert(st, val, i) SKM_sk_insert(X509V3_EXT_METHOD, (st), (val), (i)) @@ -1124,6 +1436,7 @@ STACK_OF(type) \ #define sk_X509_ALGOR_push(st, val) SKM_sk_push(X509_ALGOR, (st), (val)) #define sk_X509_ALGOR_unshift(st, val) SKM_sk_unshift(X509_ALGOR, (st), (val)) #define sk_X509_ALGOR_find(st, val) SKM_sk_find(X509_ALGOR, (st), (val)) +#define sk_X509_ALGOR_find_ex(st, val) SKM_sk_find_ex(X509_ALGOR, (st), (val)) #define sk_X509_ALGOR_delete(st, i) SKM_sk_delete(X509_ALGOR, (st), (i)) #define sk_X509_ALGOR_delete_ptr(st, ptr) SKM_sk_delete_ptr(X509_ALGOR, (st), (ptr)) #define sk_X509_ALGOR_insert(st, val, i) SKM_sk_insert(X509_ALGOR, (st), (val), (i)) @@ -1145,6 +1458,7 @@ STACK_OF(type) \ #define sk_X509_ATTRIBUTE_push(st, val) SKM_sk_push(X509_ATTRIBUTE, (st), (val)) #define sk_X509_ATTRIBUTE_unshift(st, val) SKM_sk_unshift(X509_ATTRIBUTE, (st), (val)) #define sk_X509_ATTRIBUTE_find(st, val) SKM_sk_find(X509_ATTRIBUTE, (st), (val)) +#define sk_X509_ATTRIBUTE_find_ex(st, val) SKM_sk_find_ex(X509_ATTRIBUTE, (st), (val)) #define sk_X509_ATTRIBUTE_delete(st, i) SKM_sk_delete(X509_ATTRIBUTE, (st), (i)) #define sk_X509_ATTRIBUTE_delete_ptr(st, ptr) SKM_sk_delete_ptr(X509_ATTRIBUTE, (st), (ptr)) #define sk_X509_ATTRIBUTE_insert(st, val, i) SKM_sk_insert(X509_ATTRIBUTE, (st), (val), (i)) @@ -1166,6 +1480,7 @@ STACK_OF(type) \ #define sk_X509_CRL_push(st, val) SKM_sk_push(X509_CRL, (st), (val)) #define sk_X509_CRL_unshift(st, val) SKM_sk_unshift(X509_CRL, (st), (val)) #define sk_X509_CRL_find(st, val) SKM_sk_find(X509_CRL, (st), (val)) +#define sk_X509_CRL_find_ex(st, val) SKM_sk_find_ex(X509_CRL, (st), (val)) #define sk_X509_CRL_delete(st, i) SKM_sk_delete(X509_CRL, (st), (i)) #define sk_X509_CRL_delete_ptr(st, ptr) SKM_sk_delete_ptr(X509_CRL, (st), (ptr)) #define sk_X509_CRL_insert(st, val, i) SKM_sk_insert(X509_CRL, (st), (val), (i)) @@ -1187,6 +1502,7 @@ STACK_OF(type) \ #define sk_X509_EXTENSION_push(st, val) SKM_sk_push(X509_EXTENSION, (st), (val)) #define sk_X509_EXTENSION_unshift(st, val) SKM_sk_unshift(X509_EXTENSION, (st), (val)) #define sk_X509_EXTENSION_find(st, val) SKM_sk_find(X509_EXTENSION, (st), (val)) +#define sk_X509_EXTENSION_find_ex(st, val) SKM_sk_find_ex(X509_EXTENSION, (st), (val)) #define sk_X509_EXTENSION_delete(st, i) SKM_sk_delete(X509_EXTENSION, (st), (i)) #define sk_X509_EXTENSION_delete_ptr(st, ptr) SKM_sk_delete_ptr(X509_EXTENSION, (st), (ptr)) #define sk_X509_EXTENSION_insert(st, val, i) SKM_sk_insert(X509_EXTENSION, (st), (val), (i)) @@ -1208,6 +1524,7 @@ STACK_OF(type) \ #define sk_X509_INFO_push(st, val) SKM_sk_push(X509_INFO, (st), (val)) #define sk_X509_INFO_unshift(st, val) SKM_sk_unshift(X509_INFO, (st), (val)) #define sk_X509_INFO_find(st, val) SKM_sk_find(X509_INFO, (st), (val)) +#define sk_X509_INFO_find_ex(st, val) SKM_sk_find_ex(X509_INFO, (st), (val)) #define sk_X509_INFO_delete(st, i) SKM_sk_delete(X509_INFO, (st), (i)) #define sk_X509_INFO_delete_ptr(st, ptr) SKM_sk_delete_ptr(X509_INFO, (st), (ptr)) #define sk_X509_INFO_insert(st, val, i) SKM_sk_insert(X509_INFO, (st), (val), (i)) @@ -1229,6 +1546,7 @@ STACK_OF(type) \ #define sk_X509_LOOKUP_push(st, val) SKM_sk_push(X509_LOOKUP, (st), (val)) #define sk_X509_LOOKUP_unshift(st, val) SKM_sk_unshift(X509_LOOKUP, (st), (val)) #define sk_X509_LOOKUP_find(st, val) SKM_sk_find(X509_LOOKUP, (st), (val)) +#define sk_X509_LOOKUP_find_ex(st, val) SKM_sk_find_ex(X509_LOOKUP, (st), (val)) #define sk_X509_LOOKUP_delete(st, i) SKM_sk_delete(X509_LOOKUP, (st), (i)) #define sk_X509_LOOKUP_delete_ptr(st, ptr) SKM_sk_delete_ptr(X509_LOOKUP, (st), (ptr)) #define sk_X509_LOOKUP_insert(st, val, i) SKM_sk_insert(X509_LOOKUP, (st), (val), (i)) @@ -1250,6 +1568,7 @@ STACK_OF(type) \ #define sk_X509_NAME_push(st, val) SKM_sk_push(X509_NAME, (st), (val)) #define sk_X509_NAME_unshift(st, val) SKM_sk_unshift(X509_NAME, (st), (val)) #define sk_X509_NAME_find(st, val) SKM_sk_find(X509_NAME, (st), (val)) +#define sk_X509_NAME_find_ex(st, val) SKM_sk_find_ex(X509_NAME, (st), (val)) #define sk_X509_NAME_delete(st, i) SKM_sk_delete(X509_NAME, (st), (i)) #define sk_X509_NAME_delete_ptr(st, ptr) SKM_sk_delete_ptr(X509_NAME, (st), (ptr)) #define sk_X509_NAME_insert(st, val, i) SKM_sk_insert(X509_NAME, (st), (val), (i)) @@ -1271,6 +1590,7 @@ STACK_OF(type) \ #define sk_X509_NAME_ENTRY_push(st, val) SKM_sk_push(X509_NAME_ENTRY, (st), (val)) #define sk_X509_NAME_ENTRY_unshift(st, val) SKM_sk_unshift(X509_NAME_ENTRY, (st), (val)) #define sk_X509_NAME_ENTRY_find(st, val) SKM_sk_find(X509_NAME_ENTRY, (st), (val)) +#define sk_X509_NAME_ENTRY_find_ex(st, val) SKM_sk_find_ex(X509_NAME_ENTRY, (st), (val)) #define sk_X509_NAME_ENTRY_delete(st, i) SKM_sk_delete(X509_NAME_ENTRY, (st), (i)) #define sk_X509_NAME_ENTRY_delete_ptr(st, ptr) SKM_sk_delete_ptr(X509_NAME_ENTRY, (st), (ptr)) #define sk_X509_NAME_ENTRY_insert(st, val, i) SKM_sk_insert(X509_NAME_ENTRY, (st), (val), (i)) @@ -1292,6 +1612,7 @@ STACK_OF(type) \ #define sk_X509_OBJECT_push(st, val) SKM_sk_push(X509_OBJECT, (st), (val)) #define sk_X509_OBJECT_unshift(st, val) SKM_sk_unshift(X509_OBJECT, (st), (val)) #define sk_X509_OBJECT_find(st, val) SKM_sk_find(X509_OBJECT, (st), (val)) +#define sk_X509_OBJECT_find_ex(st, val) SKM_sk_find_ex(X509_OBJECT, (st), (val)) #define sk_X509_OBJECT_delete(st, i) SKM_sk_delete(X509_OBJECT, (st), (i)) #define sk_X509_OBJECT_delete_ptr(st, ptr) SKM_sk_delete_ptr(X509_OBJECT, (st), (ptr)) #define sk_X509_OBJECT_insert(st, val, i) SKM_sk_insert(X509_OBJECT, (st), (val), (i)) @@ -1303,6 +1624,72 @@ STACK_OF(type) \ #define sk_X509_OBJECT_sort(st) SKM_sk_sort(X509_OBJECT, (st)) #define sk_X509_OBJECT_is_sorted(st) SKM_sk_is_sorted(X509_OBJECT, (st)) +#define sk_X509_POLICY_DATA_new(st) SKM_sk_new(X509_POLICY_DATA, (st)) +#define sk_X509_POLICY_DATA_new_null() SKM_sk_new_null(X509_POLICY_DATA) +#define sk_X509_POLICY_DATA_free(st) SKM_sk_free(X509_POLICY_DATA, (st)) +#define sk_X509_POLICY_DATA_num(st) SKM_sk_num(X509_POLICY_DATA, (st)) +#define sk_X509_POLICY_DATA_value(st, i) SKM_sk_value(X509_POLICY_DATA, (st), (i)) +#define sk_X509_POLICY_DATA_set(st, i, val) SKM_sk_set(X509_POLICY_DATA, (st), (i), (val)) +#define sk_X509_POLICY_DATA_zero(st) SKM_sk_zero(X509_POLICY_DATA, (st)) +#define sk_X509_POLICY_DATA_push(st, val) SKM_sk_push(X509_POLICY_DATA, (st), (val)) +#define sk_X509_POLICY_DATA_unshift(st, val) SKM_sk_unshift(X509_POLICY_DATA, (st), (val)) +#define sk_X509_POLICY_DATA_find(st, val) SKM_sk_find(X509_POLICY_DATA, (st), (val)) +#define sk_X509_POLICY_DATA_find_ex(st, val) SKM_sk_find_ex(X509_POLICY_DATA, (st), (val)) +#define sk_X509_POLICY_DATA_delete(st, i) SKM_sk_delete(X509_POLICY_DATA, (st), (i)) +#define sk_X509_POLICY_DATA_delete_ptr(st, ptr) SKM_sk_delete_ptr(X509_POLICY_DATA, (st), (ptr)) +#define sk_X509_POLICY_DATA_insert(st, val, i) SKM_sk_insert(X509_POLICY_DATA, (st), (val), (i)) +#define sk_X509_POLICY_DATA_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(X509_POLICY_DATA, (st), (cmp)) +#define sk_X509_POLICY_DATA_dup(st) SKM_sk_dup(X509_POLICY_DATA, st) +#define sk_X509_POLICY_DATA_pop_free(st, free_func) SKM_sk_pop_free(X509_POLICY_DATA, (st), (free_func)) +#define sk_X509_POLICY_DATA_shift(st) SKM_sk_shift(X509_POLICY_DATA, (st)) +#define sk_X509_POLICY_DATA_pop(st) SKM_sk_pop(X509_POLICY_DATA, (st)) +#define sk_X509_POLICY_DATA_sort(st) SKM_sk_sort(X509_POLICY_DATA, (st)) +#define sk_X509_POLICY_DATA_is_sorted(st) SKM_sk_is_sorted(X509_POLICY_DATA, (st)) + +#define sk_X509_POLICY_NODE_new(st) SKM_sk_new(X509_POLICY_NODE, (st)) +#define sk_X509_POLICY_NODE_new_null() SKM_sk_new_null(X509_POLICY_NODE) +#define sk_X509_POLICY_NODE_free(st) SKM_sk_free(X509_POLICY_NODE, (st)) +#define sk_X509_POLICY_NODE_num(st) SKM_sk_num(X509_POLICY_NODE, (st)) +#define sk_X509_POLICY_NODE_value(st, i) SKM_sk_value(X509_POLICY_NODE, (st), (i)) +#define sk_X509_POLICY_NODE_set(st, i, val) SKM_sk_set(X509_POLICY_NODE, (st), (i), (val)) +#define sk_X509_POLICY_NODE_zero(st) SKM_sk_zero(X509_POLICY_NODE, (st)) +#define sk_X509_POLICY_NODE_push(st, val) SKM_sk_push(X509_POLICY_NODE, (st), (val)) +#define sk_X509_POLICY_NODE_unshift(st, val) SKM_sk_unshift(X509_POLICY_NODE, (st), (val)) +#define sk_X509_POLICY_NODE_find(st, val) SKM_sk_find(X509_POLICY_NODE, (st), (val)) +#define sk_X509_POLICY_NODE_find_ex(st, val) SKM_sk_find_ex(X509_POLICY_NODE, (st), (val)) +#define sk_X509_POLICY_NODE_delete(st, i) SKM_sk_delete(X509_POLICY_NODE, (st), (i)) +#define sk_X509_POLICY_NODE_delete_ptr(st, ptr) SKM_sk_delete_ptr(X509_POLICY_NODE, (st), (ptr)) +#define sk_X509_POLICY_NODE_insert(st, val, i) SKM_sk_insert(X509_POLICY_NODE, (st), (val), (i)) +#define sk_X509_POLICY_NODE_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(X509_POLICY_NODE, (st), (cmp)) +#define sk_X509_POLICY_NODE_dup(st) SKM_sk_dup(X509_POLICY_NODE, st) +#define sk_X509_POLICY_NODE_pop_free(st, free_func) SKM_sk_pop_free(X509_POLICY_NODE, (st), (free_func)) +#define sk_X509_POLICY_NODE_shift(st) SKM_sk_shift(X509_POLICY_NODE, (st)) +#define sk_X509_POLICY_NODE_pop(st) SKM_sk_pop(X509_POLICY_NODE, (st)) +#define sk_X509_POLICY_NODE_sort(st) SKM_sk_sort(X509_POLICY_NODE, (st)) +#define sk_X509_POLICY_NODE_is_sorted(st) SKM_sk_is_sorted(X509_POLICY_NODE, (st)) + +#define sk_X509_POLICY_REF_new(st) SKM_sk_new(X509_POLICY_REF, (st)) +#define sk_X509_POLICY_REF_new_null() SKM_sk_new_null(X509_POLICY_REF) +#define sk_X509_POLICY_REF_free(st) SKM_sk_free(X509_POLICY_REF, (st)) +#define sk_X509_POLICY_REF_num(st) SKM_sk_num(X509_POLICY_REF, (st)) +#define sk_X509_POLICY_REF_value(st, i) SKM_sk_value(X509_POLICY_REF, (st), (i)) +#define sk_X509_POLICY_REF_set(st, i, val) SKM_sk_set(X509_POLICY_REF, (st), (i), (val)) +#define sk_X509_POLICY_REF_zero(st) SKM_sk_zero(X509_POLICY_REF, (st)) +#define sk_X509_POLICY_REF_push(st, val) SKM_sk_push(X509_POLICY_REF, (st), (val)) +#define sk_X509_POLICY_REF_unshift(st, val) SKM_sk_unshift(X509_POLICY_REF, (st), (val)) +#define sk_X509_POLICY_REF_find(st, val) SKM_sk_find(X509_POLICY_REF, (st), (val)) +#define sk_X509_POLICY_REF_find_ex(st, val) SKM_sk_find_ex(X509_POLICY_REF, (st), (val)) +#define sk_X509_POLICY_REF_delete(st, i) SKM_sk_delete(X509_POLICY_REF, (st), (i)) +#define sk_X509_POLICY_REF_delete_ptr(st, ptr) SKM_sk_delete_ptr(X509_POLICY_REF, (st), (ptr)) +#define sk_X509_POLICY_REF_insert(st, val, i) SKM_sk_insert(X509_POLICY_REF, (st), (val), (i)) +#define sk_X509_POLICY_REF_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(X509_POLICY_REF, (st), (cmp)) +#define sk_X509_POLICY_REF_dup(st) SKM_sk_dup(X509_POLICY_REF, st) +#define sk_X509_POLICY_REF_pop_free(st, free_func) SKM_sk_pop_free(X509_POLICY_REF, (st), (free_func)) +#define sk_X509_POLICY_REF_shift(st) SKM_sk_shift(X509_POLICY_REF, (st)) +#define sk_X509_POLICY_REF_pop(st) SKM_sk_pop(X509_POLICY_REF, (st)) +#define sk_X509_POLICY_REF_sort(st) SKM_sk_sort(X509_POLICY_REF, (st)) +#define sk_X509_POLICY_REF_is_sorted(st) SKM_sk_is_sorted(X509_POLICY_REF, (st)) + #define sk_X509_PURPOSE_new(st) SKM_sk_new(X509_PURPOSE, (st)) #define sk_X509_PURPOSE_new_null() SKM_sk_new_null(X509_PURPOSE) #define sk_X509_PURPOSE_free(st) SKM_sk_free(X509_PURPOSE, (st)) @@ -1313,6 +1700,7 @@ STACK_OF(type) \ #define sk_X509_PURPOSE_push(st, val) SKM_sk_push(X509_PURPOSE, (st), (val)) #define sk_X509_PURPOSE_unshift(st, val) SKM_sk_unshift(X509_PURPOSE, (st), (val)) #define sk_X509_PURPOSE_find(st, val) SKM_sk_find(X509_PURPOSE, (st), (val)) +#define sk_X509_PURPOSE_find_ex(st, val) SKM_sk_find_ex(X509_PURPOSE, (st), (val)) #define sk_X509_PURPOSE_delete(st, i) SKM_sk_delete(X509_PURPOSE, (st), (i)) #define sk_X509_PURPOSE_delete_ptr(st, ptr) SKM_sk_delete_ptr(X509_PURPOSE, (st), (ptr)) #define sk_X509_PURPOSE_insert(st, val, i) SKM_sk_insert(X509_PURPOSE, (st), (val), (i)) @@ -1334,6 +1722,7 @@ STACK_OF(type) \ #define sk_X509_REVOKED_push(st, val) SKM_sk_push(X509_REVOKED, (st), (val)) #define sk_X509_REVOKED_unshift(st, val) SKM_sk_unshift(X509_REVOKED, (st), (val)) #define sk_X509_REVOKED_find(st, val) SKM_sk_find(X509_REVOKED, (st), (val)) +#define sk_X509_REVOKED_find_ex(st, val) SKM_sk_find_ex(X509_REVOKED, (st), (val)) #define sk_X509_REVOKED_delete(st, i) SKM_sk_delete(X509_REVOKED, (st), (i)) #define sk_X509_REVOKED_delete_ptr(st, ptr) SKM_sk_delete_ptr(X509_REVOKED, (st), (ptr)) #define sk_X509_REVOKED_insert(st, val, i) SKM_sk_insert(X509_REVOKED, (st), (val), (i)) @@ -1355,6 +1744,7 @@ STACK_OF(type) \ #define sk_X509_TRUST_push(st, val) SKM_sk_push(X509_TRUST, (st), (val)) #define sk_X509_TRUST_unshift(st, val) SKM_sk_unshift(X509_TRUST, (st), (val)) #define sk_X509_TRUST_find(st, val) SKM_sk_find(X509_TRUST, (st), (val)) +#define sk_X509_TRUST_find_ex(st, val) SKM_sk_find_ex(X509_TRUST, (st), (val)) #define sk_X509_TRUST_delete(st, i) SKM_sk_delete(X509_TRUST, (st), (i)) #define sk_X509_TRUST_delete_ptr(st, ptr) SKM_sk_delete_ptr(X509_TRUST, (st), (ptr)) #define sk_X509_TRUST_insert(st, val, i) SKM_sk_insert(X509_TRUST, (st), (val), (i)) @@ -1366,6 +1756,28 @@ STACK_OF(type) \ #define sk_X509_TRUST_sort(st) SKM_sk_sort(X509_TRUST, (st)) #define sk_X509_TRUST_is_sorted(st) SKM_sk_is_sorted(X509_TRUST, (st)) +#define sk_X509_VERIFY_PARAM_new(st) SKM_sk_new(X509_VERIFY_PARAM, (st)) +#define sk_X509_VERIFY_PARAM_new_null() SKM_sk_new_null(X509_VERIFY_PARAM) +#define sk_X509_VERIFY_PARAM_free(st) SKM_sk_free(X509_VERIFY_PARAM, (st)) +#define sk_X509_VERIFY_PARAM_num(st) SKM_sk_num(X509_VERIFY_PARAM, (st)) +#define sk_X509_VERIFY_PARAM_value(st, i) SKM_sk_value(X509_VERIFY_PARAM, (st), (i)) +#define sk_X509_VERIFY_PARAM_set(st, i, val) SKM_sk_set(X509_VERIFY_PARAM, (st), (i), (val)) +#define sk_X509_VERIFY_PARAM_zero(st) SKM_sk_zero(X509_VERIFY_PARAM, (st)) +#define sk_X509_VERIFY_PARAM_push(st, val) SKM_sk_push(X509_VERIFY_PARAM, (st), (val)) +#define sk_X509_VERIFY_PARAM_unshift(st, val) SKM_sk_unshift(X509_VERIFY_PARAM, (st), (val)) +#define sk_X509_VERIFY_PARAM_find(st, val) SKM_sk_find(X509_VERIFY_PARAM, (st), (val)) +#define sk_X509_VERIFY_PARAM_find_ex(st, val) SKM_sk_find_ex(X509_VERIFY_PARAM, (st), (val)) +#define sk_X509_VERIFY_PARAM_delete(st, i) SKM_sk_delete(X509_VERIFY_PARAM, (st), (i)) +#define sk_X509_VERIFY_PARAM_delete_ptr(st, ptr) SKM_sk_delete_ptr(X509_VERIFY_PARAM, (st), (ptr)) +#define sk_X509_VERIFY_PARAM_insert(st, val, i) SKM_sk_insert(X509_VERIFY_PARAM, (st), (val), (i)) +#define sk_X509_VERIFY_PARAM_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(X509_VERIFY_PARAM, (st), (cmp)) +#define sk_X509_VERIFY_PARAM_dup(st) SKM_sk_dup(X509_VERIFY_PARAM, st) +#define sk_X509_VERIFY_PARAM_pop_free(st, free_func) SKM_sk_pop_free(X509_VERIFY_PARAM, (st), (free_func)) +#define sk_X509_VERIFY_PARAM_shift(st) SKM_sk_shift(X509_VERIFY_PARAM, (st)) +#define sk_X509_VERIFY_PARAM_pop(st) SKM_sk_pop(X509_VERIFY_PARAM, (st)) +#define sk_X509_VERIFY_PARAM_sort(st) SKM_sk_sort(X509_VERIFY_PARAM, (st)) +#define sk_X509_VERIFY_PARAM_is_sorted(st) SKM_sk_is_sorted(X509_VERIFY_PARAM, (st)) + #define d2i_ASN1_SET_OF_ACCESS_DESCRIPTION(st, pp, length, d2i_func, free_func, ex_tag, ex_class) \ SKM_ASN1_SET_OF_d2i(ACCESS_DESCRIPTION, (st), (pp), (length), (d2i_func), (free_func), (ex_tag), (ex_class)) #define i2d_ASN1_SET_OF_ACCESS_DESCRIPTION(st, pp, i2d_func, ex_tag, ex_class, is_set) \ diff --git a/src/lib/libssl/src/crypto/stack/stack.c b/src/lib/libssl/src/crypto/stack/stack.c index c7173eb6ab..378bd7c796 100644 --- a/src/lib/libssl/src/crypto/stack/stack.c +++ b/src/lib/libssl/src/crypto/stack/stack.c @@ -68,11 +68,12 @@ #include #include "cryptlib.h" #include +#include #undef MIN_NODES #define MIN_NODES 4 -const char *STACK_version="Stack" OPENSSL_VERSION_PTEXT; +const char STACK_version[]="Stack" OPENSSL_VERSION_PTEXT; #include @@ -209,7 +210,7 @@ char *sk_delete(STACK *st, int loc) return(ret); } -int sk_find(STACK *st, char *data) +static int internal_find(STACK *st, char *data, int ret_val_options) { char **r; int i; @@ -232,19 +233,19 @@ int sk_find(STACK *st, char *data) * not (type *) pointers, but the *pointers* to (type *) pointers, * so we get our extra level of pointer dereferencing that way. */ comp_func=(int (*)(const void *,const void *))(st->comp); - r=(char **)bsearch(&data,(char *)st->data, - st->num,sizeof(char *), comp_func); + r=(char **)OBJ_bsearch_ex((char *)&data,(char *)st->data, + st->num,sizeof(char *),comp_func,ret_val_options); if (r == NULL) return(-1); - i=(int)(r-st->data); - for ( ; i>0; i--) - /* This needs a cast because the type being pointed to from - * the "&" expressions are (char *) rather than (const char *). - * For an explanation, read: - * http://www.eskimo.com/~scs/C-faq/q11.10.html :-) */ - if ((*st->comp)((const char * const *)&(st->data[i-1]), - (const char * const *)&data) < 0) - break; - return(i); + return((int)(r-st->data)); + } + +int sk_find(STACK *st, char *data) + { + return internal_find(st, data, OBJ_BSEARCH_FIRST_VALUE_ON_MATCH); + } +int sk_find_ex(STACK *st, char *data) + { + return internal_find(st, data, OBJ_BSEARCH_VALUE_ON_NOMATCH); } int sk_push(STACK *st, char *data) diff --git a/src/lib/libssl/src/crypto/stack/stack.h b/src/lib/libssl/src/crypto/stack/stack.h index 7570b85fe8..5cbb116a8b 100644 --- a/src/lib/libssl/src/crypto/stack/stack.h +++ b/src/lib/libssl/src/crypto/stack/stack.h @@ -89,6 +89,7 @@ int sk_insert(STACK *sk,char *data,int where); char *sk_delete(STACK *st,int loc); char *sk_delete_ptr(STACK *st, char *p); int sk_find(STACK *st,char *data); +int sk_find_ex(STACK *st,char *data); int sk_push(STACK *st,char *data); int sk_unshift(STACK *st,char *data); char *sk_shift(STACK *st); diff --git a/src/lib/libssl/src/crypto/symhacks.h b/src/lib/libssl/src/crypto/symhacks.h index 774162fec9..64528ad5c2 100644 --- a/src/lib/libssl/src/crypto/symhacks.h +++ b/src/lib/libssl/src/crypto/symhacks.h @@ -127,6 +127,12 @@ /* Hack some long X509 names */ #undef X509_REVOKED_get_ext_by_critical #define X509_REVOKED_get_ext_by_critical X509_REVOKED_get_ext_by_critic +#undef X509_policy_tree_get0_user_policies +#define X509_policy_tree_get0_user_policies X509_pcy_tree_get0_usr_policies +#undef X509_policy_node_get0_qualifiers +#define X509_policy_node_get0_qualifiers X509_pcy_node_get0_qualifiers +#undef X509_STORE_CTX_get_explicit_policy +#define X509_STORE_CTX_get_explicit_policy X509_STORE_CTX_get_expl_policy /* Hack some long CRYPTO names */ #undef CRYPTO_set_dynlock_destroy_callback @@ -153,16 +159,16 @@ #define SSL_get_ex_data_X509_STORE_CTX_idx SSL_get_ex_d_X509_STORE_CTX_idx #undef SSL_add_file_cert_subjects_to_stack #define SSL_add_file_cert_subjects_to_stack SSL_add_file_cert_subjs_to_stk -#if 0 /* This function is not defined i VMS. */ #undef SSL_add_dir_cert_subjects_to_stack #define SSL_add_dir_cert_subjects_to_stack SSL_add_dir_cert_subjs_to_stk -#endif #undef SSL_CTX_use_certificate_chain_file #define SSL_CTX_use_certificate_chain_file SSL_CTX_use_cert_chain_file #undef SSL_CTX_set_cert_verify_callback #define SSL_CTX_set_cert_verify_callback SSL_CTX_set_cert_verify_cb #undef SSL_CTX_set_default_passwd_cb_userdata #define SSL_CTX_set_default_passwd_cb_userdata SSL_CTX_set_def_passwd_cb_ud +#undef SSL_COMP_get_compression_methods +#define SSL_COMP_get_compression_methods SSL_COMP_get_compress_methods /* Hack some long ENGINE names */ #undef ENGINE_get_default_BN_mod_exp_crt @@ -195,6 +201,12 @@ #define OPENSSL_add_all_algorithms_conf OPENSSL_add_all_algo_conf /* Hack some long EC names */ +#undef EC_GROUP_set_point_conversion_form +#define EC_GROUP_set_point_conversion_form EC_GROUP_set_point_conv_form +#undef EC_GROUP_get_point_conversion_form +#define EC_GROUP_get_point_conversion_form EC_GROUP_get_point_conv_form +#undef EC_GROUP_clear_free_all_extra_data +#define EC_GROUP_clear_free_all_extra_data EC_GROUP_clr_free_all_xtra_data #undef EC_POINT_set_Jprojective_coordinates_GFp #define EC_POINT_set_Jprojective_coordinates_GFp \ EC_POINT_set_Jproj_coords_GFp @@ -207,6 +219,32 @@ #define EC_POINT_get_affine_coordinates_GFp EC_POINT_get_affine_coords_GFp #undef EC_POINT_set_compressed_coordinates_GFp #define EC_POINT_set_compressed_coordinates_GFp EC_POINT_set_compr_coords_GFp +#undef EC_POINT_set_affine_coordinates_GF2m +#define EC_POINT_set_affine_coordinates_GF2m EC_POINT_set_affine_coords_GF2m +#undef EC_POINT_get_affine_coordinates_GF2m +#define EC_POINT_get_affine_coordinates_GF2m EC_POINT_get_affine_coords_GF2m +#undef EC_POINT_set_compressed_coordinates_GF2m +#define EC_POINT_set_compressed_coordinates_GF2m \ + EC_POINT_set_compr_coords_GF2m +#undef ec_GF2m_simple_group_clear_finish +#define ec_GF2m_simple_group_clear_finish ec_GF2m_simple_grp_clr_finish +#undef ec_GF2m_simple_group_check_discriminant +#define ec_GF2m_simple_group_check_discriminant ec_GF2m_simple_grp_chk_discrim +#undef ec_GF2m_simple_point_clear_finish +#define ec_GF2m_simple_point_clear_finish ec_GF2m_simple_pt_clr_finish +#undef ec_GF2m_simple_point_set_to_infinity +#define ec_GF2m_simple_point_set_to_infinity ec_GF2m_simple_pt_set_to_inf +#undef ec_GF2m_simple_points_make_affine +#define ec_GF2m_simple_points_make_affine ec_GF2m_simple_pts_make_affine +#undef ec_GF2m_simple_point_set_affine_coordinates +#define ec_GF2m_simple_point_set_affine_coordinates \ + ec_GF2m_smp_pt_set_af_coords +#undef ec_GF2m_simple_point_get_affine_coordinates +#define ec_GF2m_simple_point_get_affine_coordinates \ + ec_GF2m_smp_pt_get_af_coords +#undef ec_GF2m_simple_set_compressed_coordinates +#define ec_GF2m_simple_set_compressed_coordinates \ + ec_GF2m_smp_set_compr_coords #undef ec_GFp_simple_group_set_curve_GFp #define ec_GFp_simple_group_set_curve_GFp ec_GFp_simple_grp_set_curve_GFp #undef ec_GFp_simple_group_get_curve_GFp @@ -242,6 +280,81 @@ #undef ec_GFp_simple_set_compressed_coordinates_GFp #define ec_GFp_simple_set_compressed_coordinates_GFp \ ec_GFp_smp_set_compr_coords_GFp +#undef ec_GFp_simple_point_set_affine_coordinates +#define ec_GFp_simple_point_set_affine_coordinates \ + ec_GFp_smp_pt_set_af_coords +#undef ec_GFp_simple_point_get_affine_coordinates +#define ec_GFp_simple_point_get_affine_coordinates \ + ec_GFp_smp_pt_get_af_coords +#undef ec_GFp_simple_set_compressed_coordinates +#define ec_GFp_simple_set_compressed_coordinates \ + ec_GFp_smp_set_compr_coords +#undef ec_GFp_simple_group_check_discriminant +#define ec_GFp_simple_group_check_discriminant ec_GFp_simple_grp_chk_discrim + +/* Hack som long STORE names */ +#undef STORE_method_set_initialise_function +#define STORE_method_set_initialise_function STORE_meth_set_initialise_fn +#undef STORE_method_set_cleanup_function +#define STORE_method_set_cleanup_function STORE_meth_set_cleanup_fn +#undef STORE_method_set_generate_function +#define STORE_method_set_generate_function STORE_meth_set_generate_fn +#undef STORE_method_set_modify_function +#define STORE_method_set_modify_function STORE_meth_set_modify_fn +#undef STORE_method_set_revoke_function +#define STORE_method_set_revoke_function STORE_meth_set_revoke_fn +#undef STORE_method_set_delete_function +#define STORE_method_set_delete_function STORE_meth_set_delete_fn +#undef STORE_method_set_list_start_function +#define STORE_method_set_list_start_function STORE_meth_set_list_start_fn +#undef STORE_method_set_list_next_function +#define STORE_method_set_list_next_function STORE_meth_set_list_next_fn +#undef STORE_method_set_list_end_function +#define STORE_method_set_list_end_function STORE_meth_set_list_end_fn +#undef STORE_method_set_update_store_function +#define STORE_method_set_update_store_function STORE_meth_set_update_store_fn +#undef STORE_method_set_lock_store_function +#define STORE_method_set_lock_store_function STORE_meth_set_lock_store_fn +#undef STORE_method_set_unlock_store_function +#define STORE_method_set_unlock_store_function STORE_meth_set_unlock_store_fn +#undef STORE_method_get_initialise_function +#define STORE_method_get_initialise_function STORE_meth_get_initialise_fn +#undef STORE_method_get_cleanup_function +#define STORE_method_get_cleanup_function STORE_meth_get_cleanup_fn +#undef STORE_method_get_generate_function +#define STORE_method_get_generate_function STORE_meth_get_generate_fn +#undef STORE_method_get_modify_function +#define STORE_method_get_modify_function STORE_meth_get_modify_fn +#undef STORE_method_get_revoke_function +#define STORE_method_get_revoke_function STORE_meth_get_revoke_fn +#undef STORE_method_get_delete_function +#define STORE_method_get_delete_function STORE_meth_get_delete_fn +#undef STORE_method_get_list_start_function +#define STORE_method_get_list_start_function STORE_meth_get_list_start_fn +#undef STORE_method_get_list_next_function +#define STORE_method_get_list_next_function STORE_meth_get_list_next_fn +#undef STORE_method_get_list_end_function +#define STORE_method_get_list_end_function STORE_meth_get_list_end_fn +#undef STORE_method_get_update_store_function +#define STORE_method_get_update_store_function STORE_meth_get_update_store_fn +#undef STORE_method_get_lock_store_function +#define STORE_method_get_lock_store_function STORE_meth_get_lock_store_fn +#undef STORE_method_get_unlock_store_function +#define STORE_method_get_unlock_store_function STORE_meth_get_unlock_store_fn + +/* Hack some long CMS names */ +#undef CMS_RecipientInfo_ktri_get0_algs +#define CMS_RecipientInfo_ktri_get0_algs CMS_RecipInfo_ktri_get0_algs +#undef CMS_RecipientInfo_ktri_get0_signer_id +#define CMS_RecipientInfo_ktri_get0_signer_id CMS_RecipInfo_ktri_get0_sigr_id +#undef CMS_OtherRevocationInfoFormat_it +#define CMS_OtherRevocationInfoFormat_it CMS_OtherRevocInfoFormat_it +#undef CMS_KeyAgreeRecipientIdentifier_it +#define CMS_KeyAgreeRecipientIdentifier_it CMS_KeyAgreeRecipIdentifier_it +#undef CMS_OriginatorIdentifierOrKey_it +#define CMS_OriginatorIdentifierOrKey_it CMS_OriginatorIdOrKey_it +#undef cms_SignerIdentifier_get0_signer_id +#define cms_SignerIdentifier_get0_signer_id cms_SignerId_get0_signer_id #endif /* defined OPENSSL_SYS_VMS */ @@ -253,6 +366,15 @@ #undef OCSP_crlID_new #define OCSP_crlID_new OCSP_crlID2_new +#undef d2i_ECPARAMETERS +#define d2i_ECPARAMETERS d2i_UC_ECPARAMETERS +#undef i2d_ECPARAMETERS +#define i2d_ECPARAMETERS i2d_UC_ECPARAMETERS +#undef d2i_ECPKPARAMETERS +#define d2i_ECPKPARAMETERS d2i_UC_ECPKPARAMETERS +#undef i2d_ECPKPARAMETERS +#define i2d_ECPKPARAMETERS i2d_UC_ECPKPARAMETERS + /* These functions do not seem to exist! However, I'm paranoid... Original command in x509v3.h: These functions are being redefined in another directory, @@ -273,3 +395,6 @@ #endif /* ! defined HEADER_VMS_IDHACKS_H */ +/* This one clashes with CMS_data_create */ +#undef cms_Data_create +#define cms_Data_create priv_cms_Data_create diff --git a/src/lib/libssl/src/crypto/threads/mttest.c b/src/lib/libssl/src/crypto/threads/mttest.c index 7588966cb2..f6f3df4b6a 100644 --- a/src/lib/libssl/src/crypto/threads/mttest.c +++ b/src/lib/libssl/src/crypto/threads/mttest.c @@ -77,6 +77,12 @@ #ifdef PTHREADS #include #endif +#ifdef OPENSSL_SYS_NETWARE +#if !defined __int64 +# define __int64 long long +#endif +#include +#endif #include #include #include @@ -86,8 +92,18 @@ #include #include +#ifdef OPENSSL_NO_FP_API +#define APPS_WIN16 +#include "../buffer/bss_file.c" +#endif + +#ifdef OPENSSL_SYS_NETWARE +#define TEST_SERVER_CERT "/openssl/apps/server.pem" +#define TEST_CLIENT_CERT "/openssl/apps/client.pem" +#else #define TEST_SERVER_CERT "../../apps/server.pem" #define TEST_CLIENT_CERT "../../apps/client.pem" +#endif #define MAX_THREAD_NUMBER 100 @@ -100,10 +116,18 @@ void irix_locking_callback(int mode,int type,char *file,int line); void solaris_locking_callback(int mode,int type,char *file,int line); void win32_locking_callback(int mode,int type,char *file,int line); void pthreads_locking_callback(int mode,int type,char *file,int line); +void netware_locking_callback(int mode,int type,char *file,int line); unsigned long irix_thread_id(void ); unsigned long solaris_thread_id(void ); unsigned long pthreads_thread_id(void ); +unsigned long netware_thread_id(void ); + +#if defined(OPENSSL_SYS_NETWARE) +static MPKMutex *lock_cs; +static MPKSema ThreadSem; +static long *lock_count; +#endif BIO *bio_err=NULL; BIO *bio_stdout=NULL; @@ -384,6 +408,9 @@ int ndoit(SSL_CTX *ssl_ctx[2]) SSL_free((SSL *)ctx[2]); SSL_free((SSL *)ctx[3]); } +# ifdef OPENSSL_SYS_NETWARE + MPKSemaphoreSignal(ThreadSem); +# endif return(0); } @@ -627,6 +654,9 @@ int doit(char *ctx[4]) } if ((done & S_DONE) && (done & C_DONE)) break; +# if defined(OPENSSL_SYS_NETWARE) + ThreadSwitchWithDelay(); +# endif } SSL_set_shutdown(c_ssl,SSL_SENT_SHUTDOWN|SSL_RECEIVED_SHUTDOWN); @@ -1094,3 +1124,88 @@ unsigned long pthreads_thread_id(void) +#ifdef OPENSSL_SYS_NETWARE + +void thread_setup(void) +{ + int i; + + lock_cs=OPENSSL_malloc(CRYPTO_num_locks() * sizeof(MPKMutex)); + lock_count=OPENSSL_malloc(CRYPTO_num_locks() * sizeof(long)); + for (i=0; ireferences,c_ctx->references); +} + +unsigned long netware_thread_id(void) +{ + unsigned long ret; + + ret=(unsigned long)GetThreadID(); + return(ret); +} +#endif /* NETWARE */ diff --git a/src/lib/libssl/src/crypto/threads/th-lock.c b/src/lib/libssl/src/crypto/threads/th-lock.c index a6a79b9f45..14aae5f912 100644 --- a/src/lib/libssl/src/crypto/threads/th-lock.c +++ b/src/lib/libssl/src/crypto/threads/th-lock.c @@ -80,7 +80,7 @@ #include #include #include -#include +#include "../../e_os.h" #include #include #include diff --git a/src/lib/libssl/src/crypto/tmdiff.c b/src/lib/libssl/src/crypto/tmdiff.c index 307523ebba..1c6e052ac9 100644 --- a/src/lib/libssl/src/crypto/tmdiff.c +++ b/src/lib/libssl/src/crypto/tmdiff.c @@ -72,7 +72,11 @@ # define TIMES #endif -#ifndef _IRIX +#ifdef OPENSSL_SYS_NETWARE +#undef TIMES +#endif + +#if !defined(_IRIX) || defined (OPENSSL_SYS_NETWARE) # include #endif #ifdef TIMES @@ -94,7 +98,7 @@ #include #endif -#if !defined(TIMES) && !defined(OPENSSL_SYS_VXWORKS) +#if !defined(TIMES) && !defined(OPENSSL_SYS_VXWORKS) && !defined(OPENSSL_SYS_NETWARE) #include #endif @@ -106,7 +110,8 @@ #ifndef HZ # if defined(_SC_CLK_TCK) \ && (!defined(OPENSSL_SYS_VMS) || __CTRL_VER >= 70000000) -# define HZ ((double)sysconf(_SC_CLK_TCK)) +/* # define HZ ((double)sysconf(_SC_CLK_TCK)) */ +# define HZ sysconf(_SC_CLK_TCK) # else # ifndef CLK_TCK # ifndef _BSD_CLK_TCK_ /* FreeBSD hack */ @@ -120,7 +125,7 @@ # endif #endif -typedef struct ms_tm +struct ms_tm { #ifdef TIMES struct tms ms_tms; @@ -128,6 +133,8 @@ typedef struct ms_tm # ifdef OPENSSL_SYS_WIN32 HANDLE thread_id; FILETIME ms_win32; +# elif defined (OPENSSL_SYS_NETWARE) + clock_t ms_clock; # else # ifdef OPENSSL_SYS_VXWORKS unsigned long ticks; @@ -136,9 +143,9 @@ typedef struct ms_tm # endif # endif #endif - } MS_TM; + }; -char *ms_time_new(void) +MS_TM *ms_time_new(void) { MS_TM *ret; @@ -149,18 +156,17 @@ char *ms_time_new(void) #ifdef OPENSSL_SYS_WIN32 ret->thread_id=GetCurrentThread(); #endif - return((char *)ret); + return ret; } -void ms_time_free(char *a) +void ms_time_free(MS_TM *a) { if (a != NULL) OPENSSL_free(a); } -void ms_time_get(char *a) +void ms_time_get(MS_TM *tm) { - MS_TM *tm=(MS_TM *)a; #ifdef OPENSSL_SYS_WIN32 FILETIME tmpa,tmpb,tmpc; #endif @@ -170,6 +176,8 @@ void ms_time_get(char *a) #else # ifdef OPENSSL_SYS_WIN32 GetThreadTimes(tm->thread_id,&tmpa,&tmpb,&tmpc,&(tm->ms_win32)); +# elif defined (OPENSSL_SYS_NETWARE) + tm->ms_clock = clock(); # else # ifdef OPENSSL_SYS_VXWORKS tm->ticks = tickGet(); @@ -180,14 +188,13 @@ void ms_time_get(char *a) #endif } -double ms_time_diff(char *ap, char *bp) +double ms_time_diff(MS_TM *a, MS_TM *b) { - MS_TM *a=(MS_TM *)ap; - MS_TM *b=(MS_TM *)bp; double ret; #ifdef TIMES - ret=(b->ms_tms.tms_utime-a->ms_tms.tms_utime)/HZ; + ret = HZ; + ret = (b->ms_tms.tms_utime-a->ms_tms.tms_utime) / ret; #else # ifdef OPENSSL_SYS_WIN32 { @@ -204,6 +211,8 @@ double ms_time_diff(char *ap, char *bp) lb+=b->ms_win32.dwLowDateTime; ret=((double)(lb-la))/1e7; } +# elif defined (OPENSSL_SYS_NETWARE) + ret= (double)(b->ms_clock - a->ms_clock); # else # ifdef OPENSSL_SYS_VXWORKS ret = (double)(b->ticks - a->ticks) / (double)sysClkRateGet(); @@ -217,18 +226,20 @@ double ms_time_diff(char *ap, char *bp) return((ret < 0.0000001)?0.0000001:ret); } -int ms_time_cmp(char *ap, char *bp) +int ms_time_cmp(const MS_TM *a, const MS_TM *b) { - MS_TM *a=(MS_TM *)ap,*b=(MS_TM *)bp; double d; int ret; #ifdef TIMES - d=(b->ms_tms.tms_utime-a->ms_tms.tms_utime)/HZ; + d = HZ; + d = (b->ms_tms.tms_utime-a->ms_tms.tms_utime) / d; #else # ifdef OPENSSL_SYS_WIN32 d =(b->ms_win32.dwHighDateTime&0x000fffff)*10+b->ms_win32.dwLowDateTime/1e7; d-=(a->ms_win32.dwHighDateTime&0x000fffff)*10+a->ms_win32.dwLowDateTime/1e7; +# elif defined (OPENSSL_SYS_NETWARE) + d= (double)(b->ms_clock - a->ms_clock); # else # ifdef OPENSSL_SYS_VXWORKS d = (b->ticks - a->ticks); diff --git a/src/lib/libssl/src/crypto/tmdiff.h b/src/lib/libssl/src/crypto/tmdiff.h index 41a8a1e0e0..af5c41c649 100644 --- a/src/lib/libssl/src/crypto/tmdiff.h +++ b/src/lib/libssl/src/crypto/tmdiff.h @@ -59,6 +59,16 @@ /* Header for dynamic hash table routines * Author - Eric Young */ +/* ... erm yeah, "dynamic hash tables" you say? + * + * And what would dynamic hash tables have to do with any of this code *now*? + * AFAICS, this code is only referenced by crypto/bn/exp.c which is an unused + * file that I doubt compiles any more. speed.c is the only thing that could + * use this (and it has nothing to do with hash tables), yet it instead has its + * own duplication of all this stuff and looks, if anything, more complete. See + * the corresponding note in apps/speed.c. + * The Bemused - Geoff + */ #ifndef HEADER_TMDIFF_H #define HEADER_TMDIFF_H @@ -67,11 +77,13 @@ extern "C" { #endif -char *ms_time_new(void ); -void ms_time_free(char *a); -void ms_time_get(char *a); -double ms_time_diff(char *start,char *end); -int ms_time_cmp(char *ap,char *bp); +typedef struct ms_tm MS_TM; + +MS_TM *ms_time_new(void ); +void ms_time_free(MS_TM *a); +void ms_time_get(MS_TM *a); +double ms_time_diff(MS_TM *start, MS_TM *end); +int ms_time_cmp(const MS_TM *ap, const MS_TM *bp); #ifdef __cplusplus } diff --git a/src/lib/libssl/src/crypto/txt_db/Makefile b/src/lib/libssl/src/crypto/txt_db/Makefile index 3cb550a795..e6f30331d8 100644 --- a/src/lib/libssl/src/crypto/txt_db/Makefile +++ b/src/lib/libssl/src/crypto/txt_db/Makefile @@ -7,11 +7,6 @@ TOP= ../.. CC= cc INCLUDES= CFLAG=-g -INSTALL_PREFIX= -OPENSSLDIR= /usr/local/ssl -INSTALLTOP=/usr/local/ssl -MAKEDEPPROG= makedepend -MAKEDEPEND= $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG) MAKEFILE= Makefile AR= ar r @@ -51,6 +46,7 @@ links: @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS) install: + @[ -n "$(INSTALLTOP)" ] # should be set by top Makefile... @headerlist="$(EXHEADER)"; for i in $$headerlist ; \ do \ (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \ @@ -66,6 +62,7 @@ lint: lint -DLINT $(INCLUDES) $(SRC)>fluff depend: + @[ -n "$(MAKEDEPEND)" ] # should be set by top Makefile... $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC) dclean: @@ -81,6 +78,7 @@ txt_db.o: ../../e_os.h ../../include/openssl/bio.h txt_db.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h txt_db.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h txt_db.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h -txt_db.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h -txt_db.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -txt_db.o: ../../include/openssl/txt_db.h ../cryptlib.h txt_db.c +txt_db.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +txt_db.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +txt_db.o: ../../include/openssl/symhacks.h ../../include/openssl/txt_db.h +txt_db.o: ../cryptlib.h txt_db.c diff --git a/src/lib/libssl/src/crypto/txt_db/txt_db.c b/src/lib/libssl/src/crypto/txt_db/txt_db.c index 58b300b00b..3ed5f72ee9 100644 --- a/src/lib/libssl/src/crypto/txt_db/txt_db.c +++ b/src/lib/libssl/src/crypto/txt_db/txt_db.c @@ -66,7 +66,7 @@ #undef BUFSIZE #define BUFSIZE 512 -const char *TXT_DB_version="TXT_DB" OPENSSL_VERSION_PTEXT; +const char TXT_DB_version[]="TXT_DB" OPENSSL_VERSION_PTEXT; TXT_DB *TXT_DB_read(BIO *in, int num) { @@ -92,7 +92,7 @@ TXT_DB *TXT_DB_read(BIO *in, int num) goto err; if ((ret->index=(LHASH **)OPENSSL_malloc(sizeof(LHASH *)*num)) == NULL) goto err; - if ((ret->qual=(int (**)())OPENSSL_malloc(sizeof(int (**)())*num)) == NULL) + if ((ret->qual=(int (**)(char **))OPENSSL_malloc(sizeof(int (**)(char **))*num)) == NULL) goto err; for (i=0; idata != NULL) sk_free(ret->data); - if (ret->index != NULL) OPENSSL_free(ret->index); - if (ret->qual != NULL) OPENSSL_free(ret->qual); - if (ret != NULL) OPENSSL_free(ret); + if (ret != NULL) + { + if (ret->data != NULL) sk_free(ret->data); + if (ret->index != NULL) OPENSSL_free(ret->index); + if (ret->qual != NULL) OPENSSL_free(ret->qual); + if (ret != NULL) OPENSSL_free(ret); + } return(NULL); } else @@ -210,11 +213,11 @@ char **TXT_DB_get_by_index(TXT_DB *db, int idx, char **value) return(ret); } -int TXT_DB_create_index(TXT_DB *db, int field, int (*qual)(), +int TXT_DB_create_index(TXT_DB *db, int field, int (*qual)(char **), LHASH_HASH_FN_TYPE hash, LHASH_COMP_FN_TYPE cmp) { LHASH *idx; - char *r; + char **r; int i,n; if (field >= db->num_fields) @@ -230,12 +233,12 @@ int TXT_DB_create_index(TXT_DB *db, int field, int (*qual)(), n=sk_num(db->data); for (i=0; idata,i); + r=(char **)sk_value(db->data,i); if ((qual != NULL) && (qual(r) == 0)) continue; if ((r=lh_insert(idx,r)) != NULL) { db->error=DB_ERROR_INDEX_CLASH; - db->arg1=sk_find(db->data,r); + db->arg1=sk_find(db->data,(char *)r); db->arg2=i; lh_free(idx); return(0); diff --git a/src/lib/libssl/src/crypto/txt_db/txt_db.h b/src/lib/libssl/src/crypto/txt_db/txt_db.h index 563392aeff..307e1ba23f 100644 --- a/src/lib/libssl/src/crypto/txt_db/txt_db.h +++ b/src/lib/libssl/src/crypto/txt_db/txt_db.h @@ -59,6 +59,7 @@ #ifndef HEADER_TXT_DB_H #define HEADER_TXT_DB_H +#include #ifndef OPENSSL_NO_BIO #include #endif @@ -81,7 +82,7 @@ typedef struct txt_db_st int num_fields; STACK /* char ** */ *data; LHASH **index; - int (**qual)(); + int (**qual)(char **); long error; long arg1; long arg2; @@ -95,7 +96,7 @@ long TXT_DB_write(BIO *out, TXT_DB *db); TXT_DB *TXT_DB_read(char *in, int num); long TXT_DB_write(char *out, TXT_DB *db); #endif -int TXT_DB_create_index(TXT_DB *db,int field,int (*qual)(), +int TXT_DB_create_index(TXT_DB *db,int field,int (*qual)(char **), LHASH_HASH_FN_TYPE hash, LHASH_COMP_FN_TYPE cmp); void TXT_DB_free(TXT_DB *db); char **TXT_DB_get_by_index(TXT_DB *db, int idx, char **value); diff --git a/src/lib/libssl/src/crypto/ui/Makefile b/src/lib/libssl/src/crypto/ui/Makefile index fcb2a66a39..a685659fb4 100644 --- a/src/lib/libssl/src/crypto/ui/Makefile +++ b/src/lib/libssl/src/crypto/ui/Makefile @@ -7,11 +7,6 @@ TOP= ../.. CC= cc INCLUDES= -I.. -I$(TOP) -I../../include CFLAG=-g -INSTALL_PREFIX= -OPENSSLDIR= /usr/local/ssl -INSTALLTOP=/usr/local/ssl -MAKEDEPPROG= makedepend -MAKEDEPEND= $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG) MAKEFILE= Makefile AR= ar r @@ -55,6 +50,7 @@ links: @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS) install: + @[ -n "$(INSTALLTOP)" ] # should be set by top Makefile... @headerlist="$(EXHEADER)"; for i in $$headerlist ; \ do \ (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \ @@ -70,6 +66,7 @@ lint: lint -DLINT $(INCLUDES) $(SRC)>fluff depend: + @[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile... $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC) dclean: @@ -81,35 +78,34 @@ clean: # DO NOT DELETE THIS LINE -- make depend depends on it. -ui_compat.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h -ui_compat.o: ../../include/openssl/opensslconf.h -ui_compat.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h -ui_compat.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -ui_compat.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -ui_compat.o: ui_compat.c +ui_compat.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h +ui_compat.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h +ui_compat.o: ../../include/openssl/stack.h ../../include/openssl/ui.h +ui_compat.o: ../../include/openssl/ui_compat.h ui_compat.c ui_err.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h ui_err.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h ui_err.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h -ui_err.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h -ui_err.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -ui_err.o: ../../include/openssl/ui.h ui_err.c +ui_err.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +ui_err.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +ui_err.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h ui_err.c ui_lib.o: ../../e_os.h ../../include/openssl/bio.h ui_lib.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h ui_lib.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h ui_lib.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h -ui_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h -ui_lib.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -ui_lib.o: ../../include/openssl/ui.h ../cryptlib.h ui_lib.c ui_locl.h +ui_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +ui_lib.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +ui_lib.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h +ui_lib.o: ../cryptlib.h ui_lib.c ui_locl.h ui_openssl.o: ../../e_os.h ../../include/openssl/bio.h ui_openssl.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h ui_openssl.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h ui_openssl.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h -ui_openssl.o: ../../include/openssl/opensslv.h +ui_openssl.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h ui_openssl.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h ui_openssl.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h ui_openssl.o: ../cryptlib.h ui_locl.h ui_openssl.c ui_util.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h ui_util.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -ui_util.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h -ui_util.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -ui_util.o: ui_util.c +ui_util.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h +ui_util.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +ui_util.o: ../../include/openssl/ui.h ui_locl.h ui_util.c diff --git a/src/lib/libssl/src/crypto/ui/ui.h b/src/lib/libssl/src/crypto/ui/ui.h index 735a2d988e..018296412b 100644 --- a/src/lib/libssl/src/crypto/ui/ui.h +++ b/src/lib/libssl/src/crypto/ui/ui.h @@ -59,25 +59,19 @@ #ifndef HEADER_UI_H #define HEADER_UI_H +#ifndef OPENSSL_NO_DEPRECATED #include +#endif #include +#include #ifdef __cplusplus extern "C" { #endif -/* The UI type is a holder for a specific user interface session. It can - contain an illimited number of informational or error strings as well - as things to prompt for, both passwords (noecho mode) and others (echo - mode), and verification of the same. All of these are called strings, - and are further described below. */ -typedef struct ui_st UI; - -/* All instances of UI have a reference to a method structure, which is a - ordered vector of functions that implement the lower level things to do. - There is an instruction on the implementation further down, in the section - for method implementors. */ -typedef struct ui_method_st UI_METHOD; +/* Declared already in ossl_typ.h */ +/* typedef struct ui_st UI; */ +/* typedef struct ui_method_st UI_METHOD; */ /* All the following functions return -1 or NULL on error and in some cases @@ -217,7 +211,7 @@ int UI_process(UI *ui); /* Give a user interface parametrised control commands. This can be used to send down an integer, a data pointer or a function pointer, as well as be used to get information from a UI. */ -int UI_ctrl(UI *ui, int cmd, long i, void *p, void (*f)()); +int UI_ctrl(UI *ui, int cmd, long i, void *p, void (*f)(void)); /* The commands */ /* Use UI_CONTROL_PRINT_ERRORS with the value 1 to have UI_process print the diff --git a/src/lib/libssl/src/crypto/ui/ui_err.c b/src/lib/libssl/src/crypto/ui/ui_err.c index d983cdd66f..786bd0dbc3 100644 --- a/src/lib/libssl/src/crypto/ui/ui_err.c +++ b/src/lib/libssl/src/crypto/ui/ui_err.c @@ -101,15 +101,12 @@ static ERR_STRING_DATA UI_str_reasons[]= void ERR_load_UI_strings(void) { - static int init=1; +#ifndef OPENSSL_NO_ERR - if (init) + if (ERR_func_error_string(UI_str_functs[0].error) == NULL) { - init=0; -#ifndef OPENSSL_NO_ERR ERR_load_strings(0,UI_str_functs); ERR_load_strings(0,UI_str_reasons); -#endif - } +#endif } diff --git a/src/lib/libssl/src/crypto/ui/ui_lib.c b/src/lib/libssl/src/crypto/ui/ui_lib.c index dbc9711a2d..7ab249c3be 100644 --- a/src/lib/libssl/src/crypto/ui/ui_lib.c +++ b/src/lib/libssl/src/crypto/ui/ui_lib.c @@ -57,12 +57,12 @@ */ #include +#include "cryptlib.h" #include #include #include #include #include "ui_locl.h" -#include "cryptlib.h" IMPLEMENT_STACK_OF(UI_STRING_ST) @@ -545,7 +545,7 @@ int UI_process(UI *ui) return ok; } -int UI_ctrl(UI *ui, int cmd, long i, void *p, void (*f)()) +int UI_ctrl(UI *ui, int cmd, long i, void *p, void (*f)(void)) { if (ui == NULL) { @@ -620,8 +620,10 @@ UI_METHOD *UI_create_method(char *name) UI_METHOD *ui_method = (UI_METHOD *)OPENSSL_malloc(sizeof(UI_METHOD)); if (ui_method) + { memset(ui_method, 0, sizeof(*ui_method)); - ui_method->name = BUF_strdup(name); + ui_method->name = BUF_strdup(name); + } return ui_method; } diff --git a/src/lib/libssl/src/crypto/ui/ui_locl.h b/src/lib/libssl/src/crypto/ui/ui_locl.h index 7d3a75a619..aa4a55637d 100644 --- a/src/lib/libssl/src/crypto/ui/ui_locl.h +++ b/src/lib/libssl/src/crypto/ui/ui_locl.h @@ -60,6 +60,11 @@ #define HEADER_UI_LOCL_H #include +#include + +#ifdef _ +#undef _ +#endif struct ui_method_st { diff --git a/src/lib/libssl/src/crypto/ui/ui_openssl.c b/src/lib/libssl/src/crypto/ui/ui_openssl.c index 75318d48a1..1f23a45a33 100644 --- a/src/lib/libssl/src/crypto/ui/ui_openssl.c +++ b/src/lib/libssl/src/crypto/ui/ui_openssl.c @@ -117,6 +117,17 @@ #include +/* need for #define _POSIX_C_SOURCE arises whenever you pass -ansi to gcc + * [maybe others?], because it masks interfaces not discussed in standard, + * sigaction and fileno included. -pedantic would be more appropriate for + * the intended purposes, but we can't prevent users from adding -ansi. + */ +#define _POSIX_C_SOURCE 1 +#include +#include +#include +#include + #if !defined(OPENSSL_SYS_MSDOS) && !defined(OPENSSL_SYS_VMS) # ifdef OPENSSL_UNISTD # include OPENSSL_UNISTD @@ -145,10 +156,6 @@ /* 06-Apr-92 Luke Brennan Support for VMS */ #include "ui_locl.h" #include "cryptlib.h" -#include -#include -#include -#include #ifdef OPENSSL_SYS_VMS /* prototypes for sys$whatever */ # include @@ -199,6 +206,12 @@ #undef SGTTY #endif +#if defined(OPENSSL_SYS_NETWARE) +#undef TERMIOS +#undef TERMIO +#undef SGTTY +#endif + #ifdef TERMIOS # include # define TTY_STRUCT struct termios @@ -247,7 +260,7 @@ struct IOSB { typedef int sig_atomic_t; #endif -#if defined(OPENSSL_SYS_MACINTOSH_CLASSIC) || defined(MAC_OS_GUSI_SOURCE) +#if defined(OPENSSL_SYS_MACINTOSH_CLASSIC) || defined(MAC_OS_GUSI_SOURCE) || defined(OPENSSL_SYS_NETWARE) /* * This one needs work. As a matter of fact the code is unoperational * and this is only a trick to get it compiled. @@ -460,7 +473,7 @@ static int open_console(UI *ui) CRYPTO_w_lock(CRYPTO_LOCK_UI); is_a_tty = 1; -#if defined(OPENSSL_SYS_MACINTOSH_CLASSIC) || defined(OPENSSL_SYS_VXWORKS) +#if defined(OPENSSL_SYS_MACINTOSH_CLASSIC) || defined(OPENSSL_SYS_VXWORKS) || defined(OPENSSL_SYS_NETWARE) tty_in=stdin; tty_out=stderr; #else @@ -476,7 +489,7 @@ static int open_console(UI *ui) #endif #if defined(TTY_get) && !defined(OPENSSL_SYS_VMS) - if (TTY_get(fileno(tty_in),&tty_orig) == -1) + if (TTY_get(fileno(tty_in),&tty_orig) == -1) { #ifdef ENOTTY if (errno == ENOTTY) @@ -565,7 +578,9 @@ static int close_console(UI *ui) /* Internal functions to handle signals and act on them */ static void pushsig(void) { +#ifndef OPENSSL_SYS_WIN32 int i; +#endif #ifdef SIGACTION struct sigaction sa; @@ -573,6 +588,14 @@ static void pushsig(void) sa.sa_handler=recsig; #endif +#ifdef OPENSSL_SYS_WIN32 + savsig[SIGABRT]=signal(SIGABRT,recsig); + savsig[SIGFPE]=signal(SIGFPE,recsig); + savsig[SIGILL]=signal(SIGILL,recsig); + savsig[SIGINT]=signal(SIGINT,recsig); + savsig[SIGSEGV]=signal(SIGSEGV,recsig); + savsig[SIGTERM]=signal(SIGTERM,recsig); +#else for (i=1; i -#include +#include "ui_locl.h" int UI_UTIL_read_pw_string(char *buf,int length,const char *prompt,int verify) { diff --git a/src/lib/libssl/src/crypto/uid.c b/src/lib/libssl/src/crypto/uid.c index 73205a4baa..b1fd52bada 100644 --- a/src/lib/libssl/src/crypto/uid.c +++ b/src/lib/libssl/src/crypto/uid.c @@ -65,7 +65,7 @@ int OPENSSL_issetugid(void) return issetugid(); } -#elif defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_VXWORKS) +#elif defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_VXWORKS) || defined(OPENSSL_SYS_NETWARE) int OPENSSL_issetugid(void) { diff --git a/src/lib/libssl/src/crypto/x509/Makefile b/src/lib/libssl/src/crypto/x509/Makefile index ee3f8a4a23..ddcc3124a7 100644 --- a/src/lib/libssl/src/crypto/x509/Makefile +++ b/src/lib/libssl/src/crypto/x509/Makefile @@ -7,11 +7,6 @@ TOP= ../.. CC= cc INCLUDES= -I.. -I$(TOP) -I../../include CFLAG=-g -INSTALL_PREFIX= -OPENSSLDIR= /usr/local/ssl -INSTALLTOP=/usr/local/ssl -MAKEDEPPROG= makedepend -MAKEDEPEND= $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG) MAKEFILE= Makefile AR= ar r @@ -27,13 +22,13 @@ LIBSRC= x509_def.c x509_d2.c x509_r2x.c x509_cmp.c \ x509_set.c x509cset.c x509rset.c x509_err.c \ x509name.c x509_v3.c x509_ext.c x509_att.c \ x509type.c x509_lu.c x_all.c x509_txt.c \ - x509_trs.c by_file.c by_dir.c + x509_trs.c by_file.c by_dir.c x509_vpm.c LIBOBJ= x509_def.o x509_d2.o x509_r2x.o x509_cmp.o \ x509_obj.o x509_req.o x509spki.o x509_vfy.o \ x509_set.o x509cset.o x509rset.o x509_err.o \ x509name.o x509_v3.o x509_ext.o x509_att.o \ x509type.o x509_lu.o x_all.o x509_txt.o \ - x509_trs.o by_file.o by_dir.o + x509_trs.o by_file.o by_dir.o x509_vpm.o SRC= $(LIBSRC) @@ -53,7 +48,7 @@ lib: $(LIBOBJ) @touch lib files: - $(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO + $(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO links: @$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER) @@ -61,6 +56,7 @@ links: @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS) install: + @[ -n "$(INSTALLTOP)" ] # should be set by top Makefile... @headerlist="$(EXHEADER)"; for i in $$headerlist ; \ do \ (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \ @@ -76,6 +72,7 @@ lint: lint -DLINT $(INCLUDES) $(SRC)>fluff depend: + @[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile... $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC) dclean: @@ -87,506 +84,323 @@ clean: # DO NOT DELETE THIS LINE -- make depend depends on it. -by_dir.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h -by_dir.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -by_dir.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -by_dir.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h -by_dir.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -by_dir.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -by_dir.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -by_dir.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -by_dir.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -by_dir.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -by_dir.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h +by_dir.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h +by_dir.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h +by_dir.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h +by_dir.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h +by_dir.o: ../../include/openssl/err.h ../../include/openssl/evp.h +by_dir.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h by_dir.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h by_dir.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -by_dir.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -by_dir.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -by_dir.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -by_dir.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -by_dir.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -by_dir.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -by_dir.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -by_dir.o: ../cryptlib.h by_dir.c -by_file.o: ../../e_os.h ../../include/openssl/aes.h -by_file.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -by_file.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -by_file.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -by_file.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -by_file.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -by_file.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -by_file.o: ../../include/openssl/err.h ../../include/openssl/evp.h -by_file.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -by_file.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -by_file.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h +by_dir.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h +by_dir.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +by_dir.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h +by_dir.o: ../../include/openssl/x509_vfy.h ../cryptlib.h by_dir.c +by_file.o: ../../e_os.h ../../include/openssl/asn1.h +by_file.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h +by_file.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h +by_file.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h +by_file.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h +by_file.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h by_file.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h by_file.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h by_file.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pem.h by_file.o: ../../include/openssl/pem2.h ../../include/openssl/pkcs7.h -by_file.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -by_file.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h -by_file.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -by_file.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -by_file.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -by_file.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h -by_file.o: ../../include/openssl/x509_vfy.h ../cryptlib.h by_file.c -x509_att.o: ../../e_os.h ../../include/openssl/aes.h -x509_att.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -x509_att.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -x509_att.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h +by_file.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +by_file.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +by_file.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +by_file.o: ../cryptlib.h by_file.c +x509_att.o: ../../e_os.h ../../include/openssl/asn1.h +x509_att.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h x509_att.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h -x509_att.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -x509_att.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -x509_att.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -x509_att.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -x509_att.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -x509_att.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -x509_att.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h +x509_att.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h +x509_att.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h +x509_att.o: ../../include/openssl/err.h ../../include/openssl/evp.h +x509_att.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h x509_att.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h x509_att.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -x509_att.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -x509_att.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -x509_att.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -x509_att.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -x509_att.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -x509_att.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -x509_att.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -x509_att.o: ../../include/openssl/x509v3.h ../cryptlib.h x509_att.c -x509_cmp.o: ../../e_os.h ../../include/openssl/aes.h -x509_cmp.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -x509_cmp.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -x509_cmp.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h +x509_att.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h +x509_att.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +x509_att.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h +x509_att.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h +x509_att.o: ../cryptlib.h x509_att.c +x509_cmp.o: ../../e_os.h ../../include/openssl/asn1.h +x509_cmp.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h x509_cmp.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h -x509_cmp.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -x509_cmp.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -x509_cmp.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -x509_cmp.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -x509_cmp.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -x509_cmp.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -x509_cmp.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h +x509_cmp.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h +x509_cmp.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h +x509_cmp.o: ../../include/openssl/err.h ../../include/openssl/evp.h +x509_cmp.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h x509_cmp.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h x509_cmp.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -x509_cmp.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -x509_cmp.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -x509_cmp.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -x509_cmp.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -x509_cmp.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -x509_cmp.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -x509_cmp.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -x509_cmp.o: ../../include/openssl/x509v3.h ../cryptlib.h x509_cmp.c -x509_d2.o: ../../e_os.h ../../include/openssl/aes.h -x509_d2.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -x509_d2.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -x509_d2.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -x509_d2.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -x509_d2.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -x509_d2.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -x509_d2.o: ../../include/openssl/err.h ../../include/openssl/evp.h -x509_d2.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -x509_d2.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -x509_d2.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h +x509_cmp.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h +x509_cmp.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +x509_cmp.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h +x509_cmp.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h +x509_cmp.o: ../cryptlib.h x509_cmp.c +x509_d2.o: ../../e_os.h ../../include/openssl/asn1.h +x509_d2.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h +x509_d2.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h +x509_d2.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h +x509_d2.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h +x509_d2.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h x509_d2.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h x509_d2.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h x509_d2.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h -x509_d2.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -x509_d2.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h -x509_d2.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -x509_d2.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -x509_d2.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -x509_d2.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h -x509_d2.o: ../../include/openssl/x509_vfy.h ../cryptlib.h x509_d2.c -x509_def.o: ../../e_os.h ../../include/openssl/aes.h -x509_def.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -x509_def.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -x509_def.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -x509_def.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -x509_def.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -x509_def.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -x509_def.o: ../../include/openssl/err.h ../../include/openssl/evp.h -x509_def.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -x509_def.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -x509_def.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h +x509_d2.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +x509_d2.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +x509_d2.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +x509_d2.o: ../cryptlib.h x509_d2.c +x509_def.o: ../../e_os.h ../../include/openssl/asn1.h +x509_def.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h +x509_def.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h +x509_def.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h +x509_def.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h +x509_def.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h x509_def.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h x509_def.o: ../../include/openssl/opensslconf.h x509_def.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -x509_def.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -x509_def.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -x509_def.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -x509_def.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -x509_def.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -x509_def.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -x509_def.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -x509_def.o: ../cryptlib.h x509_def.c -x509_err.o: ../../include/openssl/aes.h ../../include/openssl/asn1.h -x509_err.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -x509_err.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -x509_err.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h -x509_err.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -x509_err.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -x509_err.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -x509_err.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -x509_err.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -x509_err.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -x509_err.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h +x509_def.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h +x509_def.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +x509_def.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h +x509_def.o: ../../include/openssl/x509_vfy.h ../cryptlib.h x509_def.c +x509_err.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h +x509_err.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h +x509_err.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h +x509_err.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h +x509_err.o: ../../include/openssl/err.h ../../include/openssl/evp.h +x509_err.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h x509_err.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h x509_err.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -x509_err.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -x509_err.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -x509_err.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -x509_err.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -x509_err.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -x509_err.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -x509_err.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -x509_err.o: x509_err.c -x509_ext.o: ../../e_os.h ../../include/openssl/aes.h -x509_ext.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -x509_ext.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -x509_ext.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h +x509_err.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h +x509_err.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +x509_err.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h +x509_err.o: ../../include/openssl/x509_vfy.h x509_err.c +x509_ext.o: ../../e_os.h ../../include/openssl/asn1.h +x509_ext.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h x509_ext.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h -x509_ext.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -x509_ext.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -x509_ext.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -x509_ext.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -x509_ext.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -x509_ext.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -x509_ext.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h +x509_ext.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h +x509_ext.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h +x509_ext.o: ../../include/openssl/err.h ../../include/openssl/evp.h +x509_ext.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h x509_ext.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h x509_ext.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -x509_ext.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -x509_ext.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -x509_ext.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -x509_ext.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -x509_ext.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -x509_ext.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -x509_ext.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -x509_ext.o: ../../include/openssl/x509v3.h ../cryptlib.h x509_ext.c -x509_lu.o: ../../e_os.h ../../include/openssl/aes.h -x509_lu.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -x509_lu.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -x509_lu.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h +x509_ext.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h +x509_ext.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +x509_ext.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h +x509_ext.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h +x509_ext.o: ../cryptlib.h x509_ext.c +x509_lu.o: ../../e_os.h ../../include/openssl/asn1.h +x509_lu.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h x509_lu.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h -x509_lu.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -x509_lu.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -x509_lu.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -x509_lu.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -x509_lu.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -x509_lu.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -x509_lu.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h +x509_lu.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h +x509_lu.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h +x509_lu.o: ../../include/openssl/err.h ../../include/openssl/evp.h +x509_lu.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h x509_lu.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h x509_lu.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -x509_lu.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -x509_lu.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -x509_lu.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -x509_lu.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -x509_lu.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -x509_lu.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -x509_lu.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -x509_lu.o: ../../include/openssl/x509v3.h ../cryptlib.h x509_lu.c -x509_obj.o: ../../e_os.h ../../include/openssl/aes.h -x509_obj.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -x509_obj.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -x509_obj.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -x509_obj.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -x509_obj.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -x509_obj.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -x509_obj.o: ../../include/openssl/err.h ../../include/openssl/evp.h -x509_obj.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -x509_obj.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -x509_obj.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h +x509_lu.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h +x509_lu.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +x509_lu.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h +x509_lu.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h +x509_lu.o: ../cryptlib.h x509_lu.c +x509_obj.o: ../../e_os.h ../../include/openssl/asn1.h +x509_obj.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h +x509_obj.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h +x509_obj.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h +x509_obj.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h +x509_obj.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h x509_obj.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h x509_obj.o: ../../include/openssl/opensslconf.h x509_obj.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -x509_obj.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -x509_obj.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -x509_obj.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -x509_obj.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -x509_obj.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -x509_obj.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -x509_obj.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -x509_obj.o: ../cryptlib.h x509_obj.c -x509_r2x.o: ../../e_os.h ../../include/openssl/aes.h -x509_r2x.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -x509_r2x.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -x509_r2x.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -x509_r2x.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -x509_r2x.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -x509_r2x.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h +x509_obj.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h +x509_obj.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +x509_obj.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h +x509_obj.o: ../../include/openssl/x509_vfy.h ../cryptlib.h x509_obj.c +x509_r2x.o: ../../e_os.h ../../include/openssl/asn1.h +x509_r2x.o: ../../include/openssl/bio.h ../../include/openssl/bn.h +x509_r2x.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h +x509_r2x.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h +x509_r2x.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h x509_r2x.o: ../../include/openssl/err.h ../../include/openssl/evp.h -x509_r2x.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -x509_r2x.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -x509_r2x.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h -x509_r2x.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -x509_r2x.o: ../../include/openssl/opensslconf.h +x509_r2x.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h +x509_r2x.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h x509_r2x.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -x509_r2x.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -x509_r2x.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -x509_r2x.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -x509_r2x.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -x509_r2x.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -x509_r2x.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -x509_r2x.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -x509_r2x.o: ../cryptlib.h x509_r2x.c -x509_req.o: ../../e_os.h ../../include/openssl/aes.h -x509_req.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -x509_req.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -x509_req.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -x509_req.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -x509_req.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -x509_req.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h +x509_r2x.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h +x509_r2x.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +x509_r2x.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h +x509_r2x.o: ../../include/openssl/x509_vfy.h ../cryptlib.h x509_r2x.c +x509_req.o: ../../e_os.h ../../include/openssl/asn1.h +x509_req.o: ../../include/openssl/bio.h ../../include/openssl/bn.h +x509_req.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h +x509_req.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h +x509_req.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h x509_req.o: ../../include/openssl/err.h ../../include/openssl/evp.h -x509_req.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -x509_req.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -x509_req.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h -x509_req.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -x509_req.o: ../../include/openssl/opensslconf.h +x509_req.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h +x509_req.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h x509_req.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h x509_req.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h -x509_req.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -x509_req.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -x509_req.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -x509_req.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -x509_req.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -x509_req.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -x509_req.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -x509_req.o: ../cryptlib.h x509_req.c -x509_set.o: ../../e_os.h ../../include/openssl/aes.h -x509_set.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -x509_set.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -x509_set.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -x509_set.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -x509_set.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -x509_set.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -x509_set.o: ../../include/openssl/err.h ../../include/openssl/evp.h -x509_set.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -x509_set.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -x509_set.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h +x509_req.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h +x509_req.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +x509_req.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h +x509_req.o: ../../include/openssl/x509_vfy.h ../cryptlib.h x509_req.c +x509_set.o: ../../e_os.h ../../include/openssl/asn1.h +x509_set.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h +x509_set.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h +x509_set.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h +x509_set.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h +x509_set.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h x509_set.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h x509_set.o: ../../include/openssl/opensslconf.h x509_set.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -x509_set.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -x509_set.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -x509_set.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -x509_set.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -x509_set.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -x509_set.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -x509_set.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -x509_set.o: ../cryptlib.h x509_set.c -x509_trs.o: ../../e_os.h ../../include/openssl/aes.h -x509_trs.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -x509_trs.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -x509_trs.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h +x509_set.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h +x509_set.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +x509_set.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h +x509_set.o: ../../include/openssl/x509_vfy.h ../cryptlib.h x509_set.c +x509_trs.o: ../../e_os.h ../../include/openssl/asn1.h +x509_trs.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h x509_trs.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h -x509_trs.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -x509_trs.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -x509_trs.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -x509_trs.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -x509_trs.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -x509_trs.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -x509_trs.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h +x509_trs.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h +x509_trs.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h +x509_trs.o: ../../include/openssl/err.h ../../include/openssl/evp.h +x509_trs.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h x509_trs.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h x509_trs.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -x509_trs.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -x509_trs.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -x509_trs.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -x509_trs.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -x509_trs.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -x509_trs.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -x509_trs.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -x509_trs.o: ../../include/openssl/x509v3.h ../cryptlib.h x509_trs.c -x509_txt.o: ../../e_os.h ../../include/openssl/aes.h -x509_txt.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -x509_txt.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -x509_txt.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -x509_txt.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -x509_txt.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -x509_txt.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -x509_txt.o: ../../include/openssl/err.h ../../include/openssl/evp.h -x509_txt.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -x509_txt.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -x509_txt.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h +x509_trs.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h +x509_trs.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +x509_trs.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h +x509_trs.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h +x509_trs.o: ../cryptlib.h x509_trs.c +x509_txt.o: ../../e_os.h ../../include/openssl/asn1.h +x509_txt.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h +x509_txt.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h +x509_txt.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h +x509_txt.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h +x509_txt.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h x509_txt.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h x509_txt.o: ../../include/openssl/opensslconf.h x509_txt.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -x509_txt.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -x509_txt.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -x509_txt.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -x509_txt.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -x509_txt.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -x509_txt.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -x509_txt.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -x509_txt.o: ../cryptlib.h x509_txt.c -x509_v3.o: ../../e_os.h ../../include/openssl/aes.h -x509_v3.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -x509_v3.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -x509_v3.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h +x509_txt.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h +x509_txt.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +x509_txt.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h +x509_txt.o: ../../include/openssl/x509_vfy.h ../cryptlib.h x509_txt.c +x509_v3.o: ../../e_os.h ../../include/openssl/asn1.h +x509_v3.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h x509_v3.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h -x509_v3.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -x509_v3.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -x509_v3.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -x509_v3.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -x509_v3.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -x509_v3.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -x509_v3.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h +x509_v3.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h +x509_v3.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h +x509_v3.o: ../../include/openssl/err.h ../../include/openssl/evp.h +x509_v3.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h x509_v3.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h x509_v3.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -x509_v3.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -x509_v3.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -x509_v3.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -x509_v3.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -x509_v3.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -x509_v3.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -x509_v3.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -x509_v3.o: ../../include/openssl/x509v3.h ../cryptlib.h x509_v3.c -x509_vfy.o: ../../e_os.h ../../include/openssl/aes.h -x509_vfy.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -x509_vfy.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -x509_vfy.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h +x509_v3.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h +x509_v3.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +x509_v3.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h +x509_v3.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h +x509_v3.o: ../cryptlib.h x509_v3.c +x509_vfy.o: ../../e_os.h ../../include/openssl/asn1.h +x509_vfy.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h x509_vfy.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h -x509_vfy.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -x509_vfy.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -x509_vfy.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -x509_vfy.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -x509_vfy.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -x509_vfy.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -x509_vfy.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h +x509_vfy.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h +x509_vfy.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h +x509_vfy.o: ../../include/openssl/err.h ../../include/openssl/evp.h +x509_vfy.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h x509_vfy.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h x509_vfy.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -x509_vfy.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -x509_vfy.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -x509_vfy.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -x509_vfy.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -x509_vfy.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -x509_vfy.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -x509_vfy.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -x509_vfy.o: ../../include/openssl/x509v3.h ../cryptlib.h x509_vfy.c -x509cset.o: ../../e_os.h ../../include/openssl/aes.h -x509cset.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -x509cset.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -x509cset.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -x509cset.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -x509cset.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -x509cset.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -x509cset.o: ../../include/openssl/err.h ../../include/openssl/evp.h -x509cset.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -x509cset.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -x509cset.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h +x509_vfy.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h +x509_vfy.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +x509_vfy.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h +x509_vfy.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h +x509_vfy.o: ../cryptlib.h x509_vfy.c +x509_vpm.o: ../../e_os.h ../../include/openssl/asn1.h +x509_vpm.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h +x509_vpm.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h +x509_vpm.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h +x509_vpm.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h +x509_vpm.o: ../../include/openssl/err.h ../../include/openssl/evp.h +x509_vpm.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h +x509_vpm.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h +x509_vpm.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +x509_vpm.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h +x509_vpm.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +x509_vpm.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h +x509_vpm.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h +x509_vpm.o: ../cryptlib.h x509_vpm.c +x509cset.o: ../../e_os.h ../../include/openssl/asn1.h +x509cset.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h +x509cset.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h +x509cset.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h +x509cset.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h +x509cset.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h x509cset.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h x509cset.o: ../../include/openssl/opensslconf.h x509cset.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -x509cset.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -x509cset.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -x509cset.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -x509cset.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -x509cset.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -x509cset.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -x509cset.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -x509cset.o: ../cryptlib.h x509cset.c -x509name.o: ../../e_os.h ../../include/openssl/aes.h -x509name.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -x509name.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -x509name.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -x509name.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -x509name.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -x509name.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -x509name.o: ../../include/openssl/err.h ../../include/openssl/evp.h -x509name.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -x509name.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -x509name.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h +x509cset.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h +x509cset.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +x509cset.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h +x509cset.o: ../../include/openssl/x509_vfy.h ../cryptlib.h x509cset.c +x509name.o: ../../e_os.h ../../include/openssl/asn1.h +x509name.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h +x509name.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h +x509name.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h +x509name.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h +x509name.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h x509name.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h x509name.o: ../../include/openssl/opensslconf.h x509name.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -x509name.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -x509name.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -x509name.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -x509name.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -x509name.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -x509name.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -x509name.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -x509name.o: ../cryptlib.h x509name.c -x509rset.o: ../../e_os.h ../../include/openssl/aes.h -x509rset.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -x509rset.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -x509rset.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -x509rset.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -x509rset.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -x509rset.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -x509rset.o: ../../include/openssl/err.h ../../include/openssl/evp.h -x509rset.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -x509rset.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -x509rset.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h +x509name.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h +x509name.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +x509name.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h +x509name.o: ../../include/openssl/x509_vfy.h ../cryptlib.h x509name.c +x509rset.o: ../../e_os.h ../../include/openssl/asn1.h +x509rset.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h +x509rset.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h +x509rset.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h +x509rset.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h +x509rset.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h x509rset.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h x509rset.o: ../../include/openssl/opensslconf.h x509rset.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -x509rset.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -x509rset.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -x509rset.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -x509rset.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -x509rset.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -x509rset.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -x509rset.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -x509rset.o: ../cryptlib.h x509rset.c -x509spki.o: ../../e_os.h ../../include/openssl/aes.h -x509spki.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -x509spki.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -x509spki.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -x509spki.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -x509spki.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -x509spki.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -x509spki.o: ../../include/openssl/err.h ../../include/openssl/evp.h -x509spki.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -x509spki.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -x509spki.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h +x509rset.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h +x509rset.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +x509rset.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h +x509rset.o: ../../include/openssl/x509_vfy.h ../cryptlib.h x509rset.c +x509spki.o: ../../e_os.h ../../include/openssl/asn1.h +x509spki.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h +x509spki.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h +x509spki.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h +x509spki.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h +x509spki.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h x509spki.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h x509spki.o: ../../include/openssl/opensslconf.h x509spki.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -x509spki.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -x509spki.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -x509spki.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -x509spki.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -x509spki.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -x509spki.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -x509spki.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -x509spki.o: ../cryptlib.h x509spki.c -x509type.o: ../../e_os.h ../../include/openssl/aes.h -x509type.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -x509type.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -x509type.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -x509type.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -x509type.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -x509type.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -x509type.o: ../../include/openssl/err.h ../../include/openssl/evp.h -x509type.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -x509type.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -x509type.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h +x509spki.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h +x509spki.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +x509spki.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h +x509spki.o: ../../include/openssl/x509_vfy.h ../cryptlib.h x509spki.c +x509type.o: ../../e_os.h ../../include/openssl/asn1.h +x509type.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h +x509type.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h +x509type.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h +x509type.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h +x509type.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h x509type.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h x509type.o: ../../include/openssl/opensslconf.h x509type.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -x509type.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -x509type.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -x509type.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -x509type.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -x509type.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -x509type.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -x509type.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -x509type.o: ../cryptlib.h x509type.c -x_all.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h -x_all.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -x_all.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -x_all.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h -x_all.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -x_all.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -x_all.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -x_all.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -x_all.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -x_all.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -x_all.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h -x_all.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -x_all.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -x_all.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -x_all.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -x_all.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -x_all.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -x_all.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -x_all.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -x_all.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -x_all.o: ../cryptlib.h x_all.c +x509type.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h +x509type.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +x509type.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h +x509type.o: ../../include/openssl/x509_vfy.h ../cryptlib.h x509type.c +x_all.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h +x_all.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h +x_all.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h +x_all.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h +x_all.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h +x_all.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h +x_all.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h +x_all.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h +x_all.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h +x_all.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h +x_all.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +x_all.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h +x_all.o: ../../include/openssl/x509_vfy.h ../cryptlib.h x_all.c diff --git a/src/lib/libssl/src/crypto/x509/by_dir.c b/src/lib/libssl/src/crypto/x509/by_dir.c index ea689aed1a..37f9a48206 100644 --- a/src/lib/libssl/src/crypto/x509/by_dir.c +++ b/src/lib/libssl/src/crypto/x509/by_dir.c @@ -189,7 +189,7 @@ static int add_cert_dir(BY_DIR *ctx, const char *dir, int type) s=dir; p=s; - for (;;) + for (;;p++) { if ((*p == LIST_SEPARATOR_CHAR) || (*p == '\0')) { @@ -198,8 +198,11 @@ static int add_cert_dir(BY_DIR *ctx, const char *dir, int type) len=(int)(p-ss); if (len == 0) continue; for (j=0; jnum_dirs; j++) - if (strncmp(ctx->dirs[j],ss,(unsigned int)len) == 0) - continue; + if (strlen(ctx->dirs[j]) == (size_t)len && + strncmp(ctx->dirs[j],ss,(unsigned int)len) == 0) + break; + if (jnum_dirs) + continue; if (ctx->num_dirs_alloced < (ctx->num_dirs+1)) { ctx->num_dirs_alloced+=10; @@ -231,7 +234,6 @@ static int add_cert_dir(BY_DIR *ctx, const char *dir, int type) ctx->num_dirs++; } if (*p == '\0') break; - p++; } return(1); } diff --git a/src/lib/libssl/src/crypto/x509/x509.h b/src/lib/libssl/src/crypto/x509/x509.h index e8c1a59cf2..e71b5257e5 100644 --- a/src/lib/libssl/src/crypto/x509/x509.h +++ b/src/lib/libssl/src/crypto/x509/x509.h @@ -55,10 +55,16 @@ * copied and put under another distribution licence * [including the GNU Public Licence.] */ +/* ==================================================================== + * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. + * ECDH support in OpenSSL originally developed by + * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project. + */ #ifndef HEADER_X509_H #define HEADER_X509_H +#include #include #ifndef OPENSSL_NO_BUFFER #include @@ -73,21 +79,33 @@ #include #include +#ifndef OPENSSL_NO_EC +#include +#endif + +#ifndef OPENSSL_NO_ECDSA +#include +#endif + +#ifndef OPENSSL_NO_ECDH +#include +#endif + +#ifndef OPENSSL_NO_DEPRECATED #ifndef OPENSSL_NO_RSA #include #endif - #ifndef OPENSSL_NO_DSA #include #endif - #ifndef OPENSSL_NO_DH #include #endif +#endif + #ifndef OPENSSL_NO_SHA #include #endif -#include #include #ifdef __cplusplus @@ -95,8 +113,9 @@ extern "C" { #endif #ifdef OPENSSL_SYS_WIN32 -/* Under Win32 this is defined in wincrypt.h */ +/* Under Win32 these are defined in wincrypt.h */ #undef X509_NAME +#undef X509_CERT_PAIR #endif #define X509_FILETYPE_PEM 1 @@ -117,8 +136,8 @@ extern "C" { typedef struct X509_objects_st { int nid; - int (*a2i)(); - int (*i2a)(); + int (*a2i)(void); + int (*i2a)(void); } X509_OBJECTS; struct X509_algor_st @@ -127,9 +146,10 @@ struct X509_algor_st ASN1_TYPE *parameter; } /* X509_ALGOR */; -DECLARE_STACK_OF(X509_ALGOR) DECLARE_ASN1_SET_OF(X509_ALGOR) +typedef STACK_OF(X509_ALGOR) X509_ALGORS; + typedef struct X509_val_st { ASN1_TIME *notBefore; @@ -184,6 +204,8 @@ typedef struct X509_extension_st ASN1_OCTET_STRING *value; } X509_EXTENSION; +typedef STACK_OF(X509_EXTENSION) X509_EXTENSIONS; + DECLARE_STACK_OF(X509_EXTENSION) DECLARE_ASN1_SET_OF(X509_EXTENSION) @@ -261,12 +283,18 @@ struct x509_st CRYPTO_EX_DATA ex_data; /* These contain copies of various extension values */ long ex_pathlen; + long ex_pcpathlen; unsigned long ex_flags; unsigned long ex_kusage; unsigned long ex_xkusage; unsigned long ex_nscert; ASN1_OCTET_STRING *skid; struct AUTHORITY_KEYID_st *akid; + X509_POLICY_CACHE *policy_cache; +#ifndef OPENSSL_NO_RFC3779 + STACK_OF(IPAddressFamily) *rfc3779_addr; + struct ASIdentifiers_st *rfc3779_asid; +#endif #ifndef OPENSSL_NO_SHA unsigned char sha1_hash[SHA_DIGEST_LENGTH]; #endif @@ -289,6 +317,11 @@ typedef struct x509_trust_st { DECLARE_STACK_OF(X509_TRUST) +typedef struct x509_cert_pair_st { + X509 *forward; + X509 *reverse; +} X509_CERT_PAIR; + /* standard trust ids */ #define X509_TRUST_DEFAULT -1 /* Only valid in purpose settings */ @@ -655,6 +688,17 @@ extern "C" { #define i2d_DSAPrivateKey_bio(bp,dsa) ASN1_i2d_bio(i2d_DSAPrivateKey,bp, \ (unsigned char *)dsa) +#define d2i_ECPrivateKey_fp(fp,ecdsa) (EC_KEY *)ASN1_d2i_fp((char *(*)())\ + EC_KEY_new,(char *(*)())d2i_ECPrivateKey, (fp), \ + (unsigned char **)(ecdsa)) +#define i2d_ECPrivateKey_fp(fp,ecdsa) ASN1_i2d_fp(i2d_ECPrivateKey,fp, \ + (unsigned char *)ecdsa) +#define d2i_ECPrivateKey_bio(bp,ecdsa) (EC_KEY *)ASN1_d2i_bio((char *(*)())\ + EC_KEY_new,(char *(*)())d2i_ECPrivateKey, (bp), \ + (unsigned char **)(ecdsa)) +#define i2d_ECPrivateKey_bio(bp,ecdsa) ASN1_i2d_bio(i2d_ECPrivateKey,bp, \ + (unsigned char *)ecdsa) + #define X509_ALGOR_dup(xn) (X509_ALGOR *)ASN1_dup((int (*)())i2d_X509_ALGOR,\ (char *(*)())d2i_X509_ALGOR,(char *)xn) @@ -758,6 +802,12 @@ int i2d_DSA_PUBKEY_fp(FILE *fp, DSA *dsa); DSA *d2i_DSAPrivateKey_fp(FILE *fp, DSA **dsa); int i2d_DSAPrivateKey_fp(FILE *fp, DSA *dsa); #endif +#ifndef OPENSSL_NO_EC +EC_KEY *d2i_EC_PUBKEY_fp(FILE *fp, EC_KEY **eckey); +int i2d_EC_PUBKEY_fp(FILE *fp, EC_KEY *eckey); +EC_KEY *d2i_ECPrivateKey_fp(FILE *fp, EC_KEY **eckey); +int i2d_ECPrivateKey_fp(FILE *fp, EC_KEY *eckey); +#endif X509_SIG *d2i_PKCS8_fp(FILE *fp,X509_SIG **p8); int i2d_PKCS8_fp(FILE *fp,X509_SIG *p8); PKCS8_PRIV_KEY_INFO *d2i_PKCS8_PRIV_KEY_INFO_fp(FILE *fp, @@ -791,6 +841,12 @@ int i2d_DSA_PUBKEY_bio(BIO *bp, DSA *dsa); DSA *d2i_DSAPrivateKey_bio(BIO *bp, DSA **dsa); int i2d_DSAPrivateKey_bio(BIO *bp, DSA *dsa); #endif +#ifndef OPENSSL_NO_EC +EC_KEY *d2i_EC_PUBKEY_bio(BIO *bp, EC_KEY **eckey); +int i2d_EC_PUBKEY_bio(BIO *bp, EC_KEY *eckey); +EC_KEY *d2i_ECPrivateKey_bio(BIO *bp, EC_KEY **eckey); +int i2d_ECPrivateKey_bio(BIO *bp, EC_KEY *eckey); +#endif X509_SIG *d2i_PKCS8_bio(BIO *bp,X509_SIG **p8); int i2d_PKCS8_bio(BIO *bp,X509_SIG *p8); PKCS8_PRIV_KEY_INFO *d2i_PKCS8_PRIV_KEY_INFO_bio(BIO *bp, @@ -809,6 +865,10 @@ X509_EXTENSION *X509_EXTENSION_dup(X509_EXTENSION *ex); X509_CRL *X509_CRL_dup(X509_CRL *crl); X509_REQ *X509_REQ_dup(X509_REQ *req); X509_ALGOR *X509_ALGOR_dup(X509_ALGOR *xn); +int X509_ALGOR_set0(X509_ALGOR *alg, ASN1_OBJECT *aobj, int ptype, void *pval); +void X509_ALGOR_get0(ASN1_OBJECT **paobj, int *pptype, void **ppval, + X509_ALGOR *algor); + X509_NAME *X509_NAME_dup(X509_NAME *xn); X509_NAME_ENTRY *X509_NAME_ENTRY_dup(X509_NAME_ENTRY *ne); @@ -830,6 +890,7 @@ X509_REQ * X509_to_X509_REQ(X509 *x, EVP_PKEY *pkey, const EVP_MD *md); X509 * X509_REQ_to_X509(X509_REQ *r, int days,EVP_PKEY *pkey); DECLARE_ASN1_FUNCTIONS(X509_ALGOR) +DECLARE_ASN1_ENCODE_FUNCTIONS(X509_ALGORS, X509_ALGORS, X509_ALGORS) DECLARE_ASN1_FUNCTIONS(X509_VAL) DECLARE_ASN1_FUNCTIONS(X509_PUBKEY) @@ -839,16 +900,21 @@ EVP_PKEY * X509_PUBKEY_get(X509_PUBKEY *key); int X509_get_pubkey_parameters(EVP_PKEY *pkey, STACK_OF(X509) *chain); int i2d_PUBKEY(EVP_PKEY *a,unsigned char **pp); -EVP_PKEY * d2i_PUBKEY(EVP_PKEY **a,unsigned char **pp, +EVP_PKEY * d2i_PUBKEY(EVP_PKEY **a,const unsigned char **pp, long length); #ifndef OPENSSL_NO_RSA int i2d_RSA_PUBKEY(RSA *a,unsigned char **pp); -RSA * d2i_RSA_PUBKEY(RSA **a,unsigned char **pp, +RSA * d2i_RSA_PUBKEY(RSA **a,const unsigned char **pp, long length); #endif #ifndef OPENSSL_NO_DSA int i2d_DSA_PUBKEY(DSA *a,unsigned char **pp); -DSA * d2i_DSA_PUBKEY(DSA **a,unsigned char **pp, +DSA * d2i_DSA_PUBKEY(DSA **a,const unsigned char **pp, + long length); +#endif +#ifndef OPENSSL_NO_EC +int i2d_EC_PUBKEY(EC_KEY *a, unsigned char **pp); +EC_KEY *d2i_EC_PUBKEY(EC_KEY **a, const unsigned char **pp, long length); #endif @@ -860,6 +926,7 @@ DECLARE_ASN1_FUNCTIONS(X509_ATTRIBUTE) X509_ATTRIBUTE *X509_ATTRIBUTE_create(int nid, int atrtype, void *value); DECLARE_ASN1_FUNCTIONS(X509_EXTENSION) +DECLARE_ASN1_ENCODE_FUNCTIONS(X509_EXTENSIONS, X509_EXTENSIONS, X509_EXTENSIONS) DECLARE_ASN1_FUNCTIONS(X509_NAME_ENTRY) @@ -872,16 +939,19 @@ DECLARE_ASN1_FUNCTIONS(X509_CINF) DECLARE_ASN1_FUNCTIONS(X509) DECLARE_ASN1_FUNCTIONS(X509_CERT_AUX) +DECLARE_ASN1_FUNCTIONS(X509_CERT_PAIR) + int X509_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func, CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func); int X509_set_ex_data(X509 *r, int idx, void *arg); void *X509_get_ex_data(X509 *r, int idx); int i2d_X509_AUX(X509 *a,unsigned char **pp); -X509 * d2i_X509_AUX(X509 **a,unsigned char **pp,long length); +X509 * d2i_X509_AUX(X509 **a,const unsigned char **pp,long length); int X509_alias_set1(X509 *x, unsigned char *name, int len); int X509_keyid_set1(X509 *x, unsigned char *id, int len); unsigned char * X509_alias_get0(X509 *x, int *len); +unsigned char * X509_keyid_get0(X509 *x, int *len); int (*X509_TRUST_set_default(int (*trust)(int , X509 *, int)))(int, X509 *, int); int X509_TRUST_set(int *t, int trust); int X509_add1_trust_object(X509 *x, ASN1_OBJECT *obj); @@ -898,7 +968,7 @@ int X509_CRL_add0_revoked(X509_CRL *crl, X509_REVOKED *rev); X509_PKEY * X509_PKEY_new(void ); void X509_PKEY_free(X509_PKEY *a); int i2d_X509_PKEY(X509_PKEY *a,unsigned char **pp); -X509_PKEY * d2i_X509_PKEY(X509_PKEY **a,unsigned char **pp,long length); +X509_PKEY * d2i_X509_PKEY(X509_PKEY **a,const unsigned char **pp,long length); DECLARE_ASN1_FUNCTIONS(NETSCAPE_SPKI) DECLARE_ASN1_FUNCTIONS(NETSCAPE_SPKAC) @@ -909,15 +979,15 @@ X509_INFO * X509_INFO_new(void); void X509_INFO_free(X509_INFO *a); char * X509_NAME_oneline(X509_NAME *a,char *buf,int size); -int ASN1_verify(int (*i2d)(), X509_ALGOR *algor1, - ASN1_BIT_STRING *signature,char *data,EVP_PKEY *pkey); +int ASN1_verify(i2d_of_void *i2d, X509_ALGOR *algor1, + ASN1_BIT_STRING *signature,char *data,EVP_PKEY *pkey); -int ASN1_digest(int (*i2d)(),const EVP_MD *type,char *data, - unsigned char *md,unsigned int *len); +int ASN1_digest(i2d_of_void *i2d,const EVP_MD *type,char *data, + unsigned char *md,unsigned int *len); -int ASN1_sign(int (*i2d)(), X509_ALGOR *algor1, X509_ALGOR *algor2, - ASN1_BIT_STRING *signature, - char *data,EVP_PKEY *pkey, const EVP_MD *type); +int ASN1_sign(i2d_of_void *i2d, X509_ALGOR *algor1, + X509_ALGOR *algor2, ASN1_BIT_STRING *signature, + char *data,EVP_PKEY *pkey, const EVP_MD *type); int ASN1_item_digest(const ASN1_ITEM *it,const EVP_MD *type,void *data, unsigned char *md,unsigned int *len); @@ -982,6 +1052,8 @@ int X509_CRL_sort(X509_CRL *crl); int X509_REVOKED_set_serialNumber(X509_REVOKED *x, ASN1_INTEGER *serial); int X509_REVOKED_set_revocationDate(X509_REVOKED *r, ASN1_TIME *tm); +int X509_REQ_check_private_key(X509_REQ *x509,EVP_PKEY *pkey); + int X509_check_private_key(X509 *x509,EVP_PKEY *pkey); int X509_issuer_and_serial_cmp(const X509 *a, const X509 *b); @@ -1128,6 +1200,8 @@ STACK_OF(X509_ATTRIBUTE) *X509at_add1_attr_by_NID(STACK_OF(X509_ATTRIBUTE) **x, STACK_OF(X509_ATTRIBUTE) *X509at_add1_attr_by_txt(STACK_OF(X509_ATTRIBUTE) **x, const char *attrname, int type, const unsigned char *bytes, int len); +void *X509at_get0_data_by_OBJ(STACK_OF(X509_ATTRIBUTE) *x, + ASN1_OBJECT *obj, int lastpos, int type); X509_ATTRIBUTE *X509_ATTRIBUTE_create_by_NID(X509_ATTRIBUTE **attr, int nid, int atrtype, const void *data, int len); X509_ATTRIBUTE *X509_ATTRIBUTE_create_by_OBJ(X509_ATTRIBUTE **attr, @@ -1142,6 +1216,24 @@ int X509_ATTRIBUTE_count(X509_ATTRIBUTE *attr); ASN1_OBJECT *X509_ATTRIBUTE_get0_object(X509_ATTRIBUTE *attr); ASN1_TYPE *X509_ATTRIBUTE_get0_type(X509_ATTRIBUTE *attr, int idx); +int EVP_PKEY_get_attr_count(const EVP_PKEY *key); +int EVP_PKEY_get_attr_by_NID(const EVP_PKEY *key, int nid, + int lastpos); +int EVP_PKEY_get_attr_by_OBJ(const EVP_PKEY *key, ASN1_OBJECT *obj, + int lastpos); +X509_ATTRIBUTE *EVP_PKEY_get_attr(const EVP_PKEY *key, int loc); +X509_ATTRIBUTE *EVP_PKEY_delete_attr(EVP_PKEY *key, int loc); +int EVP_PKEY_add1_attr(EVP_PKEY *key, X509_ATTRIBUTE *attr); +int EVP_PKEY_add1_attr_by_OBJ(EVP_PKEY *key, + const ASN1_OBJECT *obj, int type, + const unsigned char *bytes, int len); +int EVP_PKEY_add1_attr_by_NID(EVP_PKEY *key, + int nid, int type, + const unsigned char *bytes, int len); +int EVP_PKEY_add1_attr_by_txt(EVP_PKEY *key, + const char *attrname, int type, + const unsigned char *bytes, int len); + int X509_verify_cert(X509_STORE_CTX *ctx); /* lookup a cert from a X509 STACK */ @@ -1188,18 +1280,20 @@ void ERR_load_X509_strings(void); /* Function codes. */ #define X509_F_ADD_CERT_DIR 100 #define X509_F_BY_FILE_CTRL 101 +#define X509_F_CHECK_POLICY 145 #define X509_F_DIR_CTRL 102 #define X509_F_GET_CERT_BY_SUBJECT 103 #define X509_F_NETSCAPE_SPKI_B64_DECODE 129 #define X509_F_NETSCAPE_SPKI_B64_ENCODE 130 +#define X509_F_X509AT_ADD1_ATTR 135 #define X509_F_X509V3_ADD_EXT 104 -#define X509_F_X509_ADD_ATTR 135 #define X509_F_X509_ATTRIBUTE_CREATE_BY_NID 136 #define X509_F_X509_ATTRIBUTE_CREATE_BY_OBJ 137 #define X509_F_X509_ATTRIBUTE_CREATE_BY_TXT 140 #define X509_F_X509_ATTRIBUTE_GET0_DATA 139 #define X509_F_X509_ATTRIBUTE_SET1_DATA 138 #define X509_F_X509_CHECK_PRIVATE_KEY 128 +#define X509_F_X509_CRL_PRINT_FP 147 #define X509_F_X509_EXTENSION_CREATE_BY_NID 108 #define X509_F_X509_EXTENSION_CREATE_BY_OBJ 109 #define X509_F_X509_GET_PUBKEY_PARAMETERS 110 @@ -1212,14 +1306,16 @@ void ERR_load_X509_strings(void); #define X509_F_X509_NAME_ENTRY_SET_OBJECT 115 #define X509_F_X509_NAME_ONELINE 116 #define X509_F_X509_NAME_PRINT 117 -#define X509_F_X509_PRINT_FP 118 +#define X509_F_X509_PRINT_EX_FP 118 #define X509_F_X509_PUBKEY_GET 119 #define X509_F_X509_PUBKEY_SET 120 -#define X509_F_X509_REQ_PRINT 121 +#define X509_F_X509_REQ_CHECK_PRIVATE_KEY 144 +#define X509_F_X509_REQ_PRINT_EX 121 #define X509_F_X509_REQ_PRINT_FP 122 #define X509_F_X509_REQ_TO_X509 123 #define X509_F_X509_STORE_ADD_CERT 124 #define X509_F_X509_STORE_ADD_CRL 125 +#define X509_F_X509_STORE_CTX_GET1_ISSUER 146 #define X509_F_X509_STORE_CTX_INIT 143 #define X509_F_X509_STORE_CTX_NEW 142 #define X509_F_X509_STORE_CTX_PURPOSE_INHERIT 134 diff --git a/src/lib/libssl/src/crypto/x509/x509_att.c b/src/lib/libssl/src/crypto/x509/x509_att.c index 0bae3d32a1..511b49d589 100644 --- a/src/lib/libssl/src/crypto/x509/x509_att.c +++ b/src/lib/libssl/src/crypto/x509/x509_att.c @@ -67,8 +67,7 @@ int X509at_get_attr_count(const STACK_OF(X509_ATTRIBUTE) *x) { - if (!x) return 0; - return(sk_X509_ATTRIBUTE_num(x)); + return sk_X509_ATTRIBUTE_num(x); } int X509at_get_attr_by_NID(const STACK_OF(X509_ATTRIBUTE) *x, int nid, @@ -125,7 +124,13 @@ STACK_OF(X509_ATTRIBUTE) *X509at_add1_attr(STACK_OF(X509_ATTRIBUTE) **x, X509_ATTRIBUTE *new_attr=NULL; STACK_OF(X509_ATTRIBUTE) *sk=NULL; - if ((x != NULL) && (*x == NULL)) + if (x == NULL) + { + X509err(X509_F_X509AT_ADD1_ATTR, ERR_R_PASSED_NULL_PARAMETER); + goto err2; + } + + if (*x == NULL) { if ((sk=sk_X509_ATTRIBUTE_new_null()) == NULL) goto err; @@ -137,11 +142,11 @@ STACK_OF(X509_ATTRIBUTE) *X509at_add1_attr(STACK_OF(X509_ATTRIBUTE) **x, goto err2; if (!sk_X509_ATTRIBUTE_push(sk,new_attr)) goto err; - if ((x != NULL) && (*x == NULL)) + if (*x == NULL) *x=sk; return(sk); err: - X509err(X509_F_X509_ADD_ATTR,ERR_R_MALLOC_FAILURE); + X509err(X509_F_X509AT_ADD1_ATTR,ERR_R_MALLOC_FAILURE); err2: if (new_attr != NULL) X509_ATTRIBUTE_free(new_attr); if (sk != NULL) sk_X509_ATTRIBUTE_free(sk); @@ -187,6 +192,22 @@ STACK_OF(X509_ATTRIBUTE) *X509at_add1_attr_by_txt(STACK_OF(X509_ATTRIBUTE) **x, return ret; } +void *X509at_get0_data_by_OBJ(STACK_OF(X509_ATTRIBUTE) *x, + ASN1_OBJECT *obj, int lastpos, int type) +{ + int i; + X509_ATTRIBUTE *at; + i = X509at_get_attr_by_OBJ(x, obj, lastpos); + if (i == -1) + return NULL; + if ((lastpos <= -2) && (X509at_get_attr_by_OBJ(x, obj, i) != -1)) + return NULL; + at = X509at_get_attr(x, i); + if (lastpos <= -3 && (X509_ATTRIBUTE_count(at) != 1)) + return NULL; + return X509_ATTRIBUTE_get0_data(at, 0, type, NULL); +} + X509_ATTRIBUTE *X509_ATTRIBUTE_create_by_NID(X509_ATTRIBUTE **attr, int nid, int atrtype, const void *data, int len) { @@ -264,8 +285,8 @@ int X509_ATTRIBUTE_set1_object(X509_ATTRIBUTE *attr, const ASN1_OBJECT *obj) int X509_ATTRIBUTE_set1_data(X509_ATTRIBUTE *attr, int attrtype, const void *data, int len) { ASN1_TYPE *ttmp; - ASN1_STRING *stmp; - int atype; + ASN1_STRING *stmp = NULL; + int atype = 0; if (!attr) return 0; if(attrtype & MBSTRING_FLAG) { stmp = ASN1_STRING_set_by_NID(NULL, data, len, attrtype, @@ -275,16 +296,22 @@ int X509_ATTRIBUTE_set1_data(X509_ATTRIBUTE *attr, int attrtype, const void *dat return 0; } atype = stmp->type; - } else { + } else if (len != -1){ if(!(stmp = ASN1_STRING_type_new(attrtype))) goto err; if(!ASN1_STRING_set(stmp, data, len)) goto err; atype = attrtype; } if(!(attr->value.set = sk_ASN1_TYPE_new_null())) goto err; if(!(ttmp = ASN1_TYPE_new())) goto err; + if (len == -1) + { + if (!ASN1_TYPE_set1(ttmp, attrtype, data)) + goto err; + } + else + ASN1_TYPE_set(ttmp, atype, stmp); if(!sk_ASN1_TYPE_push(attr->value.set, ttmp)) goto err; attr->single = 0; - ASN1_TYPE_set(ttmp, atype, stmp); return 1; err: X509err(X509_F_X509_ATTRIBUTE_SET1_DATA, ERR_R_MALLOC_FAILURE); diff --git a/src/lib/libssl/src/crypto/x509/x509_cmp.c b/src/lib/libssl/src/crypto/x509/x509_cmp.c index 030d0966fc..0d6bc653b2 100644 --- a/src/lib/libssl/src/crypto/x509/x509_cmp.c +++ b/src/lib/libssl/src/crypto/x509/x509_cmp.c @@ -322,16 +322,10 @@ unsigned long X509_NAME_hash(X509_NAME *x) { unsigned long ret=0; unsigned char md[16]; - EVP_MD_CTX md_ctx; /* Make sure X509_NAME structure contains valid cached encoding */ i2d_X509_NAME(x,NULL); - EVP_MD_CTX_init(&md_ctx); - EVP_MD_CTX_set_flags(&md_ctx, EVP_MD_CTX_FLAG_NON_FIPS_ALLOW); - EVP_DigestInit_ex(&md_ctx, EVP_md5(), NULL); - EVP_DigestUpdate(&md_ctx, x->bytes->data, x->bytes->length); - EVP_DigestFinal_ex(&md_ctx,md,NULL); - EVP_MD_CTX_cleanup(&md_ctx); + EVP_Digest(x->bytes->data, x->bytes->length, md, NULL, EVP_md5(), NULL); ret=( ((unsigned long)md[0] )|((unsigned long)md[1]<<8L)| ((unsigned long)md[2]<<16L)|((unsigned long)md[3]<<24L) @@ -396,45 +390,36 @@ int X509_check_private_key(X509 *x, EVP_PKEY *k) int ok=0; xk=X509_get_pubkey(x); - if (xk->type != k->type) - { - X509err(X509_F_X509_CHECK_PRIVATE_KEY,X509_R_KEY_TYPE_MISMATCH); - goto err; - } - switch (k->type) + switch (EVP_PKEY_cmp(xk, k)) { -#ifndef OPENSSL_NO_RSA - case EVP_PKEY_RSA: - if (BN_cmp(xk->pkey.rsa->n,k->pkey.rsa->n) != 0 - || BN_cmp(xk->pkey.rsa->e,k->pkey.rsa->e) != 0) - { - X509err(X509_F_X509_CHECK_PRIVATE_KEY,X509_R_KEY_VALUES_MISMATCH); - goto err; - } + case 1: + ok=1; break; -#endif -#ifndef OPENSSL_NO_DSA - case EVP_PKEY_DSA: - if (BN_cmp(xk->pkey.dsa->pub_key,k->pkey.dsa->pub_key) != 0) - { - X509err(X509_F_X509_CHECK_PRIVATE_KEY,X509_R_KEY_VALUES_MISMATCH); - goto err; - } + case 0: + X509err(X509_F_X509_CHECK_PRIVATE_KEY,X509_R_KEY_VALUES_MISMATCH); + break; + case -1: + X509err(X509_F_X509_CHECK_PRIVATE_KEY,X509_R_KEY_TYPE_MISMATCH); break; + case -2: +#ifndef OPENSSL_NO_EC + if (k->type == EVP_PKEY_EC) + { + X509err(X509_F_X509_CHECK_PRIVATE_KEY, ERR_R_EC_LIB); + break; + } #endif #ifndef OPENSSL_NO_DH - case EVP_PKEY_DH: - /* No idea */ - X509err(X509_F_X509_CHECK_PRIVATE_KEY,X509_R_CANT_CHECK_DH_KEY); - goto err; + if (k->type == EVP_PKEY_DH) + { + /* No idea */ + X509err(X509_F_X509_CHECK_PRIVATE_KEY,X509_R_CANT_CHECK_DH_KEY); + break; + } #endif - default: X509err(X509_F_X509_CHECK_PRIVATE_KEY,X509_R_UNKNOWN_KEY_TYPE); - goto err; } - ok=1; -err: EVP_PKEY_free(xk); return(ok); } diff --git a/src/lib/libssl/src/crypto/x509/x509_err.c b/src/lib/libssl/src/crypto/x509/x509_err.c index d44d046027..fb377292da 100644 --- a/src/lib/libssl/src/crypto/x509/x509_err.c +++ b/src/lib/libssl/src/crypto/x509/x509_err.c @@ -72,18 +72,20 @@ static ERR_STRING_DATA X509_str_functs[]= { {ERR_FUNC(X509_F_ADD_CERT_DIR), "ADD_CERT_DIR"}, {ERR_FUNC(X509_F_BY_FILE_CTRL), "BY_FILE_CTRL"}, +{ERR_FUNC(X509_F_CHECK_POLICY), "CHECK_POLICY"}, {ERR_FUNC(X509_F_DIR_CTRL), "DIR_CTRL"}, {ERR_FUNC(X509_F_GET_CERT_BY_SUBJECT), "GET_CERT_BY_SUBJECT"}, {ERR_FUNC(X509_F_NETSCAPE_SPKI_B64_DECODE), "NETSCAPE_SPKI_b64_decode"}, {ERR_FUNC(X509_F_NETSCAPE_SPKI_B64_ENCODE), "NETSCAPE_SPKI_b64_encode"}, +{ERR_FUNC(X509_F_X509AT_ADD1_ATTR), "X509at_add1_attr"}, {ERR_FUNC(X509_F_X509V3_ADD_EXT), "X509v3_add_ext"}, -{ERR_FUNC(X509_F_X509_ADD_ATTR), "X509_ADD_ATTR"}, {ERR_FUNC(X509_F_X509_ATTRIBUTE_CREATE_BY_NID), "X509_ATTRIBUTE_create_by_NID"}, {ERR_FUNC(X509_F_X509_ATTRIBUTE_CREATE_BY_OBJ), "X509_ATTRIBUTE_create_by_OBJ"}, {ERR_FUNC(X509_F_X509_ATTRIBUTE_CREATE_BY_TXT), "X509_ATTRIBUTE_create_by_txt"}, {ERR_FUNC(X509_F_X509_ATTRIBUTE_GET0_DATA), "X509_ATTRIBUTE_get0_data"}, {ERR_FUNC(X509_F_X509_ATTRIBUTE_SET1_DATA), "X509_ATTRIBUTE_set1_data"}, {ERR_FUNC(X509_F_X509_CHECK_PRIVATE_KEY), "X509_check_private_key"}, +{ERR_FUNC(X509_F_X509_CRL_PRINT_FP), "X509_CRL_print_fp"}, {ERR_FUNC(X509_F_X509_EXTENSION_CREATE_BY_NID), "X509_EXTENSION_create_by_NID"}, {ERR_FUNC(X509_F_X509_EXTENSION_CREATE_BY_OBJ), "X509_EXTENSION_create_by_OBJ"}, {ERR_FUNC(X509_F_X509_GET_PUBKEY_PARAMETERS), "X509_get_pubkey_parameters"}, @@ -96,14 +98,16 @@ static ERR_STRING_DATA X509_str_functs[]= {ERR_FUNC(X509_F_X509_NAME_ENTRY_SET_OBJECT), "X509_NAME_ENTRY_set_object"}, {ERR_FUNC(X509_F_X509_NAME_ONELINE), "X509_NAME_oneline"}, {ERR_FUNC(X509_F_X509_NAME_PRINT), "X509_NAME_print"}, -{ERR_FUNC(X509_F_X509_PRINT_FP), "X509_print_fp"}, +{ERR_FUNC(X509_F_X509_PRINT_EX_FP), "X509_print_ex_fp"}, {ERR_FUNC(X509_F_X509_PUBKEY_GET), "X509_PUBKEY_get"}, {ERR_FUNC(X509_F_X509_PUBKEY_SET), "X509_PUBKEY_set"}, -{ERR_FUNC(X509_F_X509_REQ_PRINT), "X509_REQ_print"}, +{ERR_FUNC(X509_F_X509_REQ_CHECK_PRIVATE_KEY), "X509_REQ_check_private_key"}, +{ERR_FUNC(X509_F_X509_REQ_PRINT_EX), "X509_REQ_print_ex"}, {ERR_FUNC(X509_F_X509_REQ_PRINT_FP), "X509_REQ_print_fp"}, {ERR_FUNC(X509_F_X509_REQ_TO_X509), "X509_REQ_to_X509"}, {ERR_FUNC(X509_F_X509_STORE_ADD_CERT), "X509_STORE_add_cert"}, {ERR_FUNC(X509_F_X509_STORE_ADD_CRL), "X509_STORE_add_crl"}, +{ERR_FUNC(X509_F_X509_STORE_CTX_GET1_ISSUER), "X509_STORE_CTX_get1_issuer"}, {ERR_FUNC(X509_F_X509_STORE_CTX_INIT), "X509_STORE_CTX_init"}, {ERR_FUNC(X509_F_X509_STORE_CTX_NEW), "X509_STORE_CTX_new"}, {ERR_FUNC(X509_F_X509_STORE_CTX_PURPOSE_INHERIT), "X509_STORE_CTX_purpose_inherit"}, @@ -146,15 +150,12 @@ static ERR_STRING_DATA X509_str_reasons[]= void ERR_load_X509_strings(void) { - static int init=1; +#ifndef OPENSSL_NO_ERR - if (init) + if (ERR_func_error_string(X509_str_functs[0].error) == NULL) { - init=0; -#ifndef OPENSSL_NO_ERR ERR_load_strings(0,X509_str_functs); ERR_load_strings(0,X509_str_reasons); -#endif - } +#endif } diff --git a/src/lib/libssl/src/crypto/x509/x509_lu.c b/src/lib/libssl/src/crypto/x509/x509_lu.c index b780dae5e2..cd2cfb6d85 100644 --- a/src/lib/libssl/src/crypto/x509/x509_lu.c +++ b/src/lib/libssl/src/crypto/x509/x509_lu.c @@ -187,10 +187,8 @@ X509_STORE *X509_STORE_new(void) ret->verify=0; ret->verify_cb=0; - ret->purpose = 0; - ret->trust = 0; - - ret->flags = 0; + if ((ret->param = X509_VERIFY_PARAM_new()) == NULL) + return NULL; ret->get_issuer = 0; ret->check_issued = 0; @@ -202,7 +200,6 @@ X509_STORE *X509_STORE_new(void) CRYPTO_new_ex_data(CRYPTO_EX_INDEX_X509_STORE, ret, &ret->ex_data); ret->references=1; - ret->depth=0; return ret; } @@ -244,6 +241,8 @@ void X509_STORE_free(X509_STORE *vfy) sk_X509_OBJECT_pop_free(vfy->objs, cleanup); CRYPTO_free_ex_data(CRYPTO_EX_INDEX_X509_STORE, vfy, &vfy->ex_data); + if (vfy->param) + X509_VERIFY_PARAM_free(vfy->param); OPENSSL_free(vfy); } @@ -498,7 +497,7 @@ int X509_STORE_CTX_get1_issuer(X509 **issuer, X509_STORE_CTX *ctx, X509 *x) if (ok == X509_LU_RETRY) { X509_OBJECT_free_contents(&obj); - X509err(X509_F_X509_VERIFY_CERT,X509_R_SHOULD_RETRY); + X509err(X509_F_X509_STORE_CTX_GET1_ISSUER,X509_R_SHOULD_RETRY); return -1; } else if (ok != X509_LU_FAIL) @@ -538,19 +537,30 @@ int X509_STORE_CTX_get1_issuer(X509 **issuer, X509_STORE_CTX *ctx, X509 *x) return 0; } -void X509_STORE_set_flags(X509_STORE *ctx, long flags) +int X509_STORE_set_flags(X509_STORE *ctx, unsigned long flags) { - ctx->flags |= flags; + return X509_VERIFY_PARAM_set_flags(ctx->param, flags); + } + +int X509_STORE_set_depth(X509_STORE *ctx, int depth) + { + X509_VERIFY_PARAM_set_depth(ctx->param, depth); + return 1; } int X509_STORE_set_purpose(X509_STORE *ctx, int purpose) { - return X509_PURPOSE_set(&ctx->purpose, purpose); + return X509_VERIFY_PARAM_set_purpose(ctx->param, purpose); } int X509_STORE_set_trust(X509_STORE *ctx, int trust) { - return X509_TRUST_set(&ctx->trust, trust); + return X509_VERIFY_PARAM_set_trust(ctx->param, trust); + } + +int X509_STORE_set1_param(X509_STORE *ctx, X509_VERIFY_PARAM *param) + { + return X509_VERIFY_PARAM_set1(ctx->param, param); } IMPLEMENT_STACK_OF(X509_LOOKUP) diff --git a/src/lib/libssl/src/crypto/x509/x509_r2x.c b/src/lib/libssl/src/crypto/x509/x509_r2x.c index fb8a78dabe..254a14693d 100644 --- a/src/lib/libssl/src/crypto/x509/x509_r2x.c +++ b/src/lib/libssl/src/crypto/x509/x509_r2x.c @@ -89,8 +89,10 @@ X509 *X509_REQ_to_X509(X509_REQ *r, int days, EVP_PKEY *pkey) } xn=X509_REQ_get_subject_name(r); - X509_set_subject_name(ret,X509_NAME_dup(xn)); - X509_set_issuer_name(ret,X509_NAME_dup(xn)); + if (X509_set_subject_name(ret,X509_NAME_dup(xn)) == 0) + goto err; + if (X509_set_issuer_name(ret,X509_NAME_dup(xn)) == 0) + goto err; if (X509_gmtime_adj(xi->validity->notBefore,0) == NULL) goto err; diff --git a/src/lib/libssl/src/crypto/x509/x509_req.c b/src/lib/libssl/src/crypto/x509/x509_req.c index 59fc6ca548..3872e1fb64 100644 --- a/src/lib/libssl/src/crypto/x509/x509_req.c +++ b/src/lib/libssl/src/crypto/x509/x509_req.c @@ -113,6 +113,46 @@ EVP_PKEY *X509_REQ_get_pubkey(X509_REQ *req) return(X509_PUBKEY_get(req->req_info->pubkey)); } +int X509_REQ_check_private_key(X509_REQ *x, EVP_PKEY *k) + { + EVP_PKEY *xk=NULL; + int ok=0; + + xk=X509_REQ_get_pubkey(x); + switch (EVP_PKEY_cmp(xk, k)) + { + case 1: + ok=1; + break; + case 0: + X509err(X509_F_X509_REQ_CHECK_PRIVATE_KEY,X509_R_KEY_VALUES_MISMATCH); + break; + case -1: + X509err(X509_F_X509_REQ_CHECK_PRIVATE_KEY,X509_R_KEY_TYPE_MISMATCH); + break; + case -2: +#ifndef OPENSSL_NO_EC + if (k->type == EVP_PKEY_EC) + { + X509err(X509_F_X509_REQ_CHECK_PRIVATE_KEY, ERR_R_EC_LIB); + break; + } +#endif +#ifndef OPENSSL_NO_DH + if (k->type == EVP_PKEY_DH) + { + /* No idea */ + X509err(X509_F_X509_REQ_CHECK_PRIVATE_KEY,X509_R_CANT_CHECK_DH_KEY); + break; + } +#endif + X509err(X509_F_X509_REQ_CHECK_PRIVATE_KEY,X509_R_UNKNOWN_KEY_TYPE); + } + + EVP_PKEY_free(xk); + return(ok); + } + /* It seems several organisations had the same idea of including a list of * extensions in a certificate request. There are at least two OIDs that are * used and there may be more: so the list is configurable. @@ -147,7 +187,7 @@ STACK_OF(X509_EXTENSION) *X509_REQ_get_extensions(X509_REQ *req) X509_ATTRIBUTE *attr; ASN1_TYPE *ext = NULL; int idx, *pnid; - unsigned char *p; + const unsigned char *p; if ((req == NULL) || (req->req_info == NULL) || !ext_nids) return(NULL); @@ -169,7 +209,7 @@ STACK_OF(X509_EXTENSION) *X509_REQ_get_extensions(X509_REQ *req) ext->value.sequence->length, d2i_X509_EXTENSION, X509_EXTENSION_free, V_ASN1_SEQUENCE, V_ASN1_UNIVERSAL); - } +} /* Add a STACK_OF extensions to a certificate request: allow alternative OIDs * in case we want to create a non standard one. @@ -202,6 +242,11 @@ int X509_REQ_add_extensions_nid(X509_REQ *req, STACK_OF(X509_EXTENSION) *exts, at = NULL; attr->single = 0; attr->object = OBJ_nid2obj(nid); + if (!req->req_info->attributes) + { + if (!(req->req_info->attributes = sk_X509_ATTRIBUTE_new_null())) + goto err; + } if(!sk_X509_ATTRIBUTE_push(req->req_info->attributes, attr)) goto err; return 1; err: diff --git a/src/lib/libssl/src/crypto/x509/x509_trs.c b/src/lib/libssl/src/crypto/x509/x509_trs.c index 881252608d..9c84a59d52 100644 --- a/src/lib/libssl/src/crypto/x509/x509_trs.c +++ b/src/lib/libssl/src/crypto/x509/x509_trs.c @@ -128,7 +128,7 @@ int X509_TRUST_get_count(void) X509_TRUST * X509_TRUST_get0(int idx) { if(idx < 0) return NULL; - if(idx < X509_TRUST_COUNT) return trstandard + idx; + if(idx < (int)X509_TRUST_COUNT) return trstandard + idx; return sk_X509_TRUST_value(trtable, idx - X509_TRUST_COUNT); } @@ -219,7 +219,7 @@ static void trtable_free(X509_TRUST *p) void X509_TRUST_cleanup(void) { - int i; + unsigned int i; for(i = 0; i < X509_TRUST_COUNT; i++) trtable_free(trstandard + i); sk_X509_TRUST_pop_free(trtable, trtable_free); trtable = NULL; diff --git a/src/lib/libssl/src/crypto/x509/x509_txt.c b/src/lib/libssl/src/crypto/x509/x509_txt.c index f19e66a238..73a8ec726f 100644 --- a/src/lib/libssl/src/crypto/x509/x509_txt.c +++ b/src/lib/libssl/src/crypto/x509/x509_txt.c @@ -129,7 +129,7 @@ const char *X509_verify_cert_error_string(long n) case X509_V_ERR_PROXY_PATH_LENGTH_EXCEEDED: return("proxy path length constraint exceeded"); case X509_V_ERR_PROXY_CERTIFICATES_NOT_ALLOWED: - return("proxy cerificates not allowed, please set the appropriate flag"); + return("proxy certificates not allowed, please set the appropriate flag"); case X509_V_ERR_INVALID_PURPOSE: return ("unsupported certificate purpose"); case X509_V_ERR_CERT_UNTRUSTED: @@ -156,6 +156,14 @@ const char *X509_verify_cert_error_string(long n) return("key usage does not include digital signature"); case X509_V_ERR_UNHANDLED_CRITICAL_CRL_EXTENSION: return("unhandled critical CRL extension"); + case X509_V_ERR_INVALID_EXTENSION: + return("invalid or inconsistent certificate extension"); + case X509_V_ERR_INVALID_POLICY_EXTENSION: + return("invalid or inconsistent certificate policy extension"); + case X509_V_ERR_NO_EXPLICIT_POLICY: + return("no explicit policy"); + case X509_V_ERR_UNNESTED_RESOURCE: + return("RFC 3779 resource not subset of parent's resources"); default: BIO_snprintf(buf,sizeof buf,"error number %ld",n); return(buf); diff --git a/src/lib/libssl/src/crypto/x509/x509_v3.c b/src/lib/libssl/src/crypto/x509/x509_v3.c index 67b1796a92..42e6f0ab05 100644 --- a/src/lib/libssl/src/crypto/x509/x509_v3.c +++ b/src/lib/libssl/src/crypto/x509/x509_v3.c @@ -147,7 +147,13 @@ STACK_OF(X509_EXTENSION) *X509v3_add_ext(STACK_OF(X509_EXTENSION) **x, int n; STACK_OF(X509_EXTENSION) *sk=NULL; - if ((x != NULL) && (*x == NULL)) + if (x == NULL) + { + X509err(X509_F_X509V3_ADD_EXT,ERR_R_PASSED_NULL_PARAMETER); + goto err2; + } + + if (*x == NULL) { if ((sk=sk_X509_EXTENSION_new_null()) == NULL) goto err; @@ -163,7 +169,7 @@ STACK_OF(X509_EXTENSION) *X509v3_add_ext(STACK_OF(X509_EXTENSION) **x, goto err2; if (!sk_X509_EXTENSION_insert(sk,new_ex,loc)) goto err; - if ((x != NULL) && (*x == NULL)) + if (*x == NULL) *x=sk; return(sk); err: diff --git a/src/lib/libssl/src/crypto/x509/x509_vfy.c b/src/lib/libssl/src/crypto/x509/x509_vfy.c index 383e082aba..9a62ebcf67 100644 --- a/src/lib/libssl/src/crypto/x509/x509_vfy.c +++ b/src/lib/libssl/src/crypto/x509/x509_vfy.c @@ -77,8 +77,9 @@ static int check_chain_extensions(X509_STORE_CTX *ctx); static int check_trust(X509_STORE_CTX *ctx); static int check_revocation(X509_STORE_CTX *ctx); static int check_cert(X509_STORE_CTX *ctx); +static int check_policy(X509_STORE_CTX *ctx); static int internal_verify(X509_STORE_CTX *ctx); -const char *X509_version="X.509" OPENSSL_VERSION_PTEXT; +const char X509_version[]="X.509" OPENSSL_VERSION_PTEXT; static int null_callback(int ok, X509_STORE_CTX *e) @@ -97,11 +98,12 @@ int X509_verify_cert(X509_STORE_CTX *ctx) { X509 *x,*xtmp,*chain_ss=NULL; X509_NAME *xn; + int bad_chain = 0; + X509_VERIFY_PARAM *param = ctx->param; int depth,i,ok=0; int num; - int (*cb)(); + int (*cb)(int xok,X509_STORE_CTX *xctx); STACK_OF(X509) *sktmp=NULL; - if (ctx->cert == NULL) { X509err(X509_F_X509_VERIFY_CERT,X509_R_NO_CERT_SET_FOR_US_TO_VERIFY); @@ -134,7 +136,7 @@ int X509_verify_cert(X509_STORE_CTX *ctx) num=sk_X509_num(ctx->chain); x=sk_X509_value(ctx->chain,num-1); - depth=ctx->depth; + depth=param->depth; for (;;) @@ -162,7 +164,7 @@ int X509_verify_cert(X509_STORE_CTX *ctx) goto end; } CRYPTO_add(&xtmp->references,1,CRYPTO_LOCK_X509); - sk_X509_delete_ptr(sktmp,xtmp); + (void)sk_X509_delete_ptr(sktmp,xtmp); ctx->last_untrusted++; x=xtmp; num++; @@ -201,6 +203,7 @@ int X509_verify_cert(X509_STORE_CTX *ctx) ctx->current_cert=x; ctx->error_depth=i-1; if (ok == 1) X509_free(xtmp); + bad_chain = 1; ok=cb(0,ctx); if (!ok) goto end; } @@ -211,7 +214,7 @@ int X509_verify_cert(X509_STORE_CTX *ctx) */ X509_free(x); x = xtmp; - sk_X509_set(ctx->chain, i - 1, x); + (void)sk_X509_set(ctx->chain, i - 1, x); ctx->last_untrusted=0; } } @@ -276,6 +279,7 @@ int X509_verify_cert(X509_STORE_CTX *ctx) } ctx->error_depth=num-1; + bad_chain = 1; ok=cb(0,ctx); if (!ok) goto end; } @@ -287,7 +291,7 @@ int X509_verify_cert(X509_STORE_CTX *ctx) /* The chain extensions are OK: check trust */ - if (ctx->trust > 0) ok = check_trust(ctx); + if (param->trust > 0) ok = check_trust(ctx); if (!ok) goto end; @@ -301,11 +305,25 @@ int X509_verify_cert(X509_STORE_CTX *ctx) ok = ctx->check_revocation(ctx); if(!ok) goto end; - /* At this point, we have a chain and just need to verify it */ + /* At this point, we have a chain and need to verify it */ if (ctx->verify != NULL) ok=ctx->verify(ctx); else ok=internal_verify(ctx); + if(!ok) goto end; + +#ifndef OPENSSL_NO_RFC3779 + /* RFC 3779 path validation, now that CRL check has been done */ + ok = v3_asid_validate_path(ctx); + if (!ok) goto end; + ok = v3_addr_validate_path(ctx); + if (!ok) goto end; +#endif + + /* If we get this far evaluate policies */ + if (!bad_chain && (ctx->param->flags & X509_V_FLAG_POLICY_CHECK)) + ok = ctx->check_policy(ctx); + if(!ok) goto end; if (0) { end: @@ -342,7 +360,7 @@ static int check_issued(X509_STORE_CTX *ctx, X509 *x, X509 *issuer) if (ret == X509_V_OK) return 1; /* If we haven't asked for issuer errors don't set ctx */ - if (!(ctx->flags & X509_V_FLAG_CB_ISSUER_CHECK)) + if (!(ctx->param->flags & X509_V_FLAG_CB_ISSUER_CHECK)) return 0; ctx->error = ret; @@ -365,7 +383,7 @@ static int get_issuer_sk(X509 **issuer, X509_STORE_CTX *ctx, X509 *x) else return 0; } - + /* Check a certificate chains extensions for consistency * with the supplied purpose @@ -378,9 +396,10 @@ static int check_chain_extensions(X509_STORE_CTX *ctx) #else int i, ok=0, must_be_ca; X509 *x; - int (*cb)(); + int (*cb)(int xok,X509_STORE_CTX *xctx); int proxy_path_length = 0; - int allow_proxy_certs = !!(ctx->flags & X509_V_FLAG_ALLOW_PROXY_CERTS); + int allow_proxy_certs = + !!(ctx->param->flags & X509_V_FLAG_ALLOW_PROXY_CERTS); cb=ctx->verify_cb; /* must_be_ca can have 1 of 3 values: @@ -403,7 +422,7 @@ static int check_chain_extensions(X509_STORE_CTX *ctx) { int ret; x = sk_X509_value(ctx->chain, i); - if (!(ctx->flags & X509_V_FLAG_IGNORE_CRITICAL) + if (!(ctx->param->flags & X509_V_FLAG_IGNORE_CRITICAL) && (x->ex_flags & EXFLAG_CRITICAL)) { ctx->error = X509_V_ERR_UNHANDLED_CRITICAL_EXTENSION; @@ -424,7 +443,7 @@ static int check_chain_extensions(X509_STORE_CTX *ctx) switch(must_be_ca) { case -1: - if ((ctx->flags & X509_V_FLAG_X509_STRICT) + if ((ctx->param->flags & X509_V_FLAG_X509_STRICT) && (ret != 1) && (ret != 0)) { ret = 0; @@ -444,7 +463,7 @@ static int check_chain_extensions(X509_STORE_CTX *ctx) break; default: if ((ret == 0) - || ((ctx->flags & X509_V_FLAG_X509_STRICT) + || ((ctx->param->flags & X509_V_FLAG_X509_STRICT) && (ret != 1))) { ret = 0; @@ -461,12 +480,12 @@ static int check_chain_extensions(X509_STORE_CTX *ctx) ok=cb(0,ctx); if (!ok) goto end; } - if (ctx->purpose > 0) + if (ctx->param->purpose > 0) { - ret = X509_check_purpose(x, ctx->purpose, + ret = X509_check_purpose(x, ctx->param->purpose, must_be_ca > 0); if ((ret == 0) - || ((ctx->flags & X509_V_FLAG_X509_STRICT) + || ((ctx->param->flags & X509_V_FLAG_X509_STRICT) && (ret != 1))) { ctx->error = X509_V_ERR_INVALID_PURPOSE; @@ -492,21 +511,15 @@ static int check_chain_extensions(X509_STORE_CTX *ctx) CA certificate. */ if (x->ex_flags & EXFLAG_PROXY) { - PROXY_CERT_INFO_EXTENSION *pci = - X509_get_ext_d2i(x, NID_proxyCertInfo, - NULL, NULL); - if (pci->pcPathLengthConstraint && - ASN1_INTEGER_get(pci->pcPathLengthConstraint) - < i) + if (x->ex_pcpathlen != -1 && i > x->ex_pcpathlen) { - PROXY_CERT_INFO_EXTENSION_free(pci); - ctx->error = X509_V_ERR_PROXY_PATH_LENGTH_EXCEEDED; + ctx->error = + X509_V_ERR_PROXY_PATH_LENGTH_EXCEEDED; ctx->error_depth = i; ctx->current_cert = x; ok=cb(0,ctx); if (!ok) goto end; } - PROXY_CERT_INFO_EXTENSION_free(pci); proxy_path_length++; must_be_ca = 0; } @@ -526,12 +539,12 @@ static int check_trust(X509_STORE_CTX *ctx) #else int i, ok; X509 *x; - int (*cb)(); + int (*cb)(int xok,X509_STORE_CTX *xctx); cb=ctx->verify_cb; /* For now just check the last certificate in the chain */ i = sk_X509_num(ctx->chain) - 1; x = sk_X509_value(ctx->chain, i); - ok = X509_check_trust(x, ctx->trust, 0); + ok = X509_check_trust(x, ctx->param->trust, 0); if (ok == X509_TRUST_TRUSTED) return 1; ctx->error_depth = i; @@ -548,9 +561,9 @@ static int check_trust(X509_STORE_CTX *ctx) static int check_revocation(X509_STORE_CTX *ctx) { int i, last, ok; - if (!(ctx->flags & X509_V_FLAG_CRL_CHECK)) + if (!(ctx->param->flags & X509_V_FLAG_CRL_CHECK)) return 1; - if (ctx->flags & X509_V_FLAG_CRL_CHECK_ALL) + if (ctx->param->flags & X509_V_FLAG_CRL_CHECK_ALL) last = sk_X509_num(ctx->chain) - 1; else last = 0; @@ -593,17 +606,124 @@ static int check_cert(X509_STORE_CTX *ctx) } +/* Check CRL times against values in X509_STORE_CTX */ + +static int check_crl_time(X509_STORE_CTX *ctx, X509_CRL *crl, int notify) + { + time_t *ptime; + int i; + ctx->current_crl = crl; + if (ctx->param->flags & X509_V_FLAG_USE_CHECK_TIME) + ptime = &ctx->param->check_time; + else + ptime = NULL; + + i=X509_cmp_time(X509_CRL_get_lastUpdate(crl), ptime); + if (i == 0) + { + ctx->error=X509_V_ERR_ERROR_IN_CRL_LAST_UPDATE_FIELD; + if (!notify || !ctx->verify_cb(0, ctx)) + return 0; + } + + if (i > 0) + { + ctx->error=X509_V_ERR_CRL_NOT_YET_VALID; + if (!notify || !ctx->verify_cb(0, ctx)) + return 0; + } + + if(X509_CRL_get_nextUpdate(crl)) + { + i=X509_cmp_time(X509_CRL_get_nextUpdate(crl), ptime); + + if (i == 0) + { + ctx->error=X509_V_ERR_ERROR_IN_CRL_NEXT_UPDATE_FIELD; + if (!notify || !ctx->verify_cb(0, ctx)) + return 0; + } + + if (i < 0) + { + ctx->error=X509_V_ERR_CRL_HAS_EXPIRED; + if (!notify || !ctx->verify_cb(0, ctx)) + return 0; + } + } + + ctx->current_crl = NULL; + + return 1; + } + +/* Lookup CRLs from the supplied list. Look for matching isser name + * and validity. If we can't find a valid CRL return the last one + * with matching name. This gives more meaningful error codes. Otherwise + * we'd get a CRL not found error if a CRL existed with matching name but + * was invalid. + */ + +static int get_crl_sk(X509_STORE_CTX *ctx, X509_CRL **pcrl, + X509_NAME *nm, STACK_OF(X509_CRL) *crls) + { + int i; + X509_CRL *crl, *best_crl = NULL; + for (i = 0; i < sk_X509_CRL_num(crls); i++) + { + crl = sk_X509_CRL_value(crls, i); + if (X509_NAME_cmp(nm, X509_CRL_get_issuer(crl))) + continue; + if (check_crl_time(ctx, crl, 0)) + { + *pcrl = crl; + CRYPTO_add(&crl->references, 1, CRYPTO_LOCK_X509); + return 1; + } + best_crl = crl; + } + if (best_crl) + { + *pcrl = best_crl; + CRYPTO_add(&best_crl->references, 1, CRYPTO_LOCK_X509); + } + + return 0; + } + /* Retrieve CRL corresponding to certificate: currently just a * subject lookup: maybe use AKID later... - * Also might look up any included CRLs too (e.g PKCS#7 signedData). */ -static int get_crl(X509_STORE_CTX *ctx, X509_CRL **crl, X509 *x) +static int get_crl(X509_STORE_CTX *ctx, X509_CRL **pcrl, X509 *x) { int ok; + X509_CRL *crl = NULL; X509_OBJECT xobj; - ok = X509_STORE_get_by_subject(ctx, X509_LU_CRL, X509_get_issuer_name(x), &xobj); - if (!ok) return 0; - *crl = xobj.data.crl; + X509_NAME *nm; + nm = X509_get_issuer_name(x); + ok = get_crl_sk(ctx, &crl, nm, ctx->crls); + if (ok) + { + *pcrl = crl; + return 1; + } + + ok = X509_STORE_get_by_subject(ctx, X509_LU_CRL, nm, &xobj); + + if (!ok) + { + /* If we got a near match from get_crl_sk use that */ + if (crl) + { + *pcrl = crl; + return 1; + } + return 0; + } + + *pcrl = xobj.data.crl; + if (crl) + X509_CRL_free(crl); return 1; } @@ -612,8 +732,7 @@ static int check_crl(X509_STORE_CTX *ctx, X509_CRL *crl) { X509 *issuer = NULL; EVP_PKEY *ikey = NULL; - int ok = 0, chnum, cnum, i; - time_t *ptime; + int ok = 0, chnum, cnum; cnum = ctx->error_depth; chnum = sk_X509_num(ctx->chain) - 1; /* Find CRL issuer: if not last certificate then issuer @@ -665,45 +784,9 @@ static int check_crl(X509_STORE_CTX *ctx, X509_CRL *crl) } } - /* OK, CRL signature valid check times */ - if (ctx->flags & X509_V_FLAG_USE_CHECK_TIME) - ptime = &ctx->check_time; - else - ptime = NULL; - - i=X509_cmp_time(X509_CRL_get_lastUpdate(crl), ptime); - if (i == 0) - { - ctx->error=X509_V_ERR_ERROR_IN_CRL_LAST_UPDATE_FIELD; - ok = ctx->verify_cb(0, ctx); - if (!ok) goto err; - } - - if (i > 0) - { - ctx->error=X509_V_ERR_CRL_NOT_YET_VALID; - ok = ctx->verify_cb(0, ctx); - if (!ok) goto err; - } - - if(X509_CRL_get_nextUpdate(crl)) - { - i=X509_cmp_time(X509_CRL_get_nextUpdate(crl), ptime); - - if (i == 0) - { - ctx->error=X509_V_ERR_ERROR_IN_CRL_NEXT_UPDATE_FIELD; - ok = ctx->verify_cb(0, ctx); - if (!ok) goto err; - } - - if (i < 0) - { - ctx->error=X509_V_ERR_CRL_HAS_EXPIRED; - ok = ctx->verify_cb(0, ctx); - if (!ok) goto err; - } - } + ok = check_crl_time(ctx, crl, 1); + if (!ok) + goto err; ok = 1; @@ -741,7 +824,7 @@ static int cert_crl(X509_STORE_CTX *ctx, X509_CRL *crl, X509 *x) if (!ok) return 0; } - if (ctx->flags & X509_V_FLAG_IGNORE_CRITICAL) + if (ctx->param->flags & X509_V_FLAG_IGNORE_CRITICAL) return 1; /* See if we have any critical CRL extensions: since we @@ -768,13 +851,106 @@ static int cert_crl(X509_STORE_CTX *ctx, X509_CRL *crl, X509 *x) return 1; } +static int check_policy(X509_STORE_CTX *ctx) + { + int ret; + ret = X509_policy_check(&ctx->tree, &ctx->explicit_policy, ctx->chain, + ctx->param->policies, ctx->param->flags); + if (ret == 0) + { + X509err(X509_F_CHECK_POLICY,ERR_R_MALLOC_FAILURE); + return 0; + } + /* Invalid or inconsistent extensions */ + if (ret == -1) + { + /* Locate certificates with bad extensions and notify + * callback. + */ + X509 *x; + int i; + for (i = 1; i < sk_X509_num(ctx->chain); i++) + { + x = sk_X509_value(ctx->chain, i); + if (!(x->ex_flags & EXFLAG_INVALID_POLICY)) + continue; + ctx->current_cert = x; + ctx->error = X509_V_ERR_INVALID_POLICY_EXTENSION; + ret = ctx->verify_cb(0, ctx); + } + return 1; + } + if (ret == -2) + { + ctx->current_cert = NULL; + ctx->error = X509_V_ERR_NO_EXPLICIT_POLICY; + return ctx->verify_cb(0, ctx); + } + + if (ctx->param->flags & X509_V_FLAG_NOTIFY_POLICY) + { + ctx->current_cert = NULL; + ctx->error = X509_V_OK; + if (!ctx->verify_cb(2, ctx)) + return 0; + } + + return 1; + } + +static int check_cert_time(X509_STORE_CTX *ctx, X509 *x) + { + time_t *ptime; + int i; + + if (ctx->param->flags & X509_V_FLAG_USE_CHECK_TIME) + ptime = &ctx->param->check_time; + else + ptime = NULL; + + i=X509_cmp_time(X509_get_notBefore(x), ptime); + if (i == 0) + { + ctx->error=X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD; + ctx->current_cert=x; + if (!ctx->verify_cb(0, ctx)) + return 0; + } + + if (i > 0) + { + ctx->error=X509_V_ERR_CERT_NOT_YET_VALID; + ctx->current_cert=x; + if (!ctx->verify_cb(0, ctx)) + return 0; + } + + i=X509_cmp_time(X509_get_notAfter(x), ptime); + if (i == 0) + { + ctx->error=X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD; + ctx->current_cert=x; + if (!ctx->verify_cb(0, ctx)) + return 0; + } + + if (i < 0) + { + ctx->error=X509_V_ERR_CERT_HAS_EXPIRED; + ctx->current_cert=x; + if (!ctx->verify_cb(0, ctx)) + return 0; + } + + return 1; + } + static int internal_verify(X509_STORE_CTX *ctx) { - int i,ok=0,n; + int ok=0,n; X509 *xs,*xi; EVP_PKEY *pkey=NULL; - time_t *ptime; - int (*cb)(); + int (*cb)(int xok,X509_STORE_CTX *xctx); cb=ctx->verify_cb; @@ -782,10 +958,7 @@ static int internal_verify(X509_STORE_CTX *ctx) ctx->error_depth=n-1; n--; xi=sk_X509_value(ctx->chain,n); - if (ctx->flags & X509_V_FLAG_USE_CHECK_TIME) - ptime = &ctx->check_time; - else - ptime = NULL; + if (ctx->check_issued(ctx, xi, xi)) xs=xi; else @@ -838,41 +1011,13 @@ static int internal_verify(X509_STORE_CTX *ctx) } EVP_PKEY_free(pkey); pkey=NULL; - - i=X509_cmp_time(X509_get_notBefore(xs), ptime); - if (i == 0) - { - ctx->error=X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD; - ctx->current_cert=xs; - ok=(*cb)(0,ctx); - if (!ok) goto end; - } - if (i > 0) - { - ctx->error=X509_V_ERR_CERT_NOT_YET_VALID; - ctx->current_cert=xs; - ok=(*cb)(0,ctx); - if (!ok) goto end; - } - xs->valid=1; } - i=X509_cmp_time(X509_get_notAfter(xs), ptime); - if (i == 0) - { - ctx->error=X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD; - ctx->current_cert=xs; - ok=(*cb)(0,ctx); - if (!ok) goto end; - } + xs->valid = 1; - if (i < 0) - { - ctx->error=X509_V_ERR_CERT_HAS_EXPIRED; - ctx->current_cert=xs; - ok=(*cb)(0,ctx); - if (!ok) goto end; - } + ok = check_cert_time(ctx, xs); + if (!ok) + goto end; /* The last error (if any) is still in the error value */ ctx->current_issuer=xi; @@ -1105,6 +1250,11 @@ void X509_STORE_CTX_set_chain(X509_STORE_CTX *ctx, STACK_OF(X509) *sk) ctx->untrusted=sk; } +void X509_STORE_CTX_set0_crls(X509_STORE_CTX *ctx, STACK_OF(X509_CRL) *sk) + { + ctx->crls=sk; + } + int X509_STORE_CTX_set_purpose(X509_STORE_CTX *ctx, int purpose) { return X509_STORE_CTX_purpose_inherit(ctx, 0, purpose, 0); @@ -1168,8 +1318,8 @@ int X509_STORE_CTX_purpose_inherit(X509_STORE_CTX *ctx, int def_purpose, } } - if (purpose && !ctx->purpose) ctx->purpose = purpose; - if (trust && !ctx->trust) ctx->trust = trust; + if (purpose && !ctx->param->purpose) ctx->param->purpose = purpose; + if (trust && !ctx->param->trust) ctx->param->trust = trust; return 1; } @@ -1195,39 +1345,57 @@ void X509_STORE_CTX_free(X509_STORE_CTX *ctx) int X509_STORE_CTX_init(X509_STORE_CTX *ctx, X509_STORE *store, X509 *x509, STACK_OF(X509) *chain) { + int ret = 1; ctx->ctx=store; ctx->current_method=0; ctx->cert=x509; ctx->untrusted=chain; + ctx->crls = NULL; ctx->last_untrusted=0; - ctx->check_time=0; ctx->other_ctx=NULL; ctx->valid=0; ctx->chain=NULL; - ctx->depth=9; ctx->error=0; + ctx->explicit_policy=0; ctx->error_depth=0; ctx->current_cert=NULL; ctx->current_issuer=NULL; + ctx->tree = NULL; + + ctx->param = X509_VERIFY_PARAM_new(); + + if (!ctx->param) + { + X509err(X509_F_X509_STORE_CTX_INIT,ERR_R_MALLOC_FAILURE); + return 0; + } /* Inherit callbacks and flags from X509_STORE if not set * use defaults. */ + if (store) + ret = X509_VERIFY_PARAM_inherit(ctx->param, store->param); + else + ctx->param->flags |= X509_VP_FLAG_DEFAULT|X509_VP_FLAG_ONCE; + if (store) { - ctx->purpose=store->purpose; - ctx->trust=store->trust; - ctx->flags = store->flags; + ctx->verify_cb = store->verify_cb; ctx->cleanup = store->cleanup; } else - { - ctx->purpose = 0; - ctx->trust = 0; - ctx->flags = 0; ctx->cleanup = 0; + + if (ret) + ret = X509_VERIFY_PARAM_inherit(ctx->param, + X509_VERIFY_PARAM_lookup("default")); + + if (ret == 0) + { + X509err(X509_F_X509_STORE_CTX_INIT,ERR_R_MALLOC_FAILURE); + return 0; } if (store && store->check_issued) @@ -1270,6 +1438,8 @@ int X509_STORE_CTX_init(X509_STORE_CTX *ctx, X509_STORE *store, X509 *x509, else ctx->cert_crl = cert_crl; + ctx->check_policy = check_policy; + /* This memset() can't make any sense anyway, so it's removed. As * X509_STORE_CTX_cleanup does a proper "free" on the ex_data, we put a @@ -1298,6 +1468,16 @@ void X509_STORE_CTX_trusted_stack(X509_STORE_CTX *ctx, STACK_OF(X509) *sk) void X509_STORE_CTX_cleanup(X509_STORE_CTX *ctx) { if (ctx->cleanup) ctx->cleanup(ctx); + if (ctx->param != NULL) + { + X509_VERIFY_PARAM_free(ctx->param); + ctx->param=NULL; + } + if (ctx->tree != NULL) + { + X509_policy_tree_free(ctx->tree); + ctx->tree=NULL; + } if (ctx->chain != NULL) { sk_X509_pop_free(ctx->chain,X509_free); @@ -1307,15 +1487,19 @@ void X509_STORE_CTX_cleanup(X509_STORE_CTX *ctx) memset(&ctx->ex_data,0,sizeof(CRYPTO_EX_DATA)); } -void X509_STORE_CTX_set_flags(X509_STORE_CTX *ctx, long flags) +void X509_STORE_CTX_set_depth(X509_STORE_CTX *ctx, int depth) { - ctx->flags |= flags; + X509_VERIFY_PARAM_set_depth(ctx->param, depth); } -void X509_STORE_CTX_set_time(X509_STORE_CTX *ctx, long flags, time_t t) +void X509_STORE_CTX_set_flags(X509_STORE_CTX *ctx, unsigned long flags) { - ctx->check_time = t; - ctx->flags |= X509_V_FLAG_USE_CHECK_TIME; + X509_VERIFY_PARAM_set_flags(ctx->param, flags); + } + +void X509_STORE_CTX_set_time(X509_STORE_CTX *ctx, unsigned long flags, time_t t) + { + X509_VERIFY_PARAM_set_time(ctx->param, t); } void X509_STORE_CTX_set_verify_cb(X509_STORE_CTX *ctx, @@ -1324,6 +1508,37 @@ void X509_STORE_CTX_set_verify_cb(X509_STORE_CTX *ctx, ctx->verify_cb=verify_cb; } +X509_POLICY_TREE *X509_STORE_CTX_get0_policy_tree(X509_STORE_CTX *ctx) + { + return ctx->tree; + } + +int X509_STORE_CTX_get_explicit_policy(X509_STORE_CTX *ctx) + { + return ctx->explicit_policy; + } + +int X509_STORE_CTX_set_default(X509_STORE_CTX *ctx, const char *name) + { + const X509_VERIFY_PARAM *param; + param = X509_VERIFY_PARAM_lookup(name); + if (!param) + return 0; + return X509_VERIFY_PARAM_inherit(ctx->param, param); + } + +X509_VERIFY_PARAM *X509_STORE_CTX_get0_param(X509_STORE_CTX *ctx) + { + return ctx->param; + } + +void X509_STORE_CTX_set0_param(X509_STORE_CTX *ctx, X509_VERIFY_PARAM *param) + { + if (ctx->param) + X509_VERIFY_PARAM_free(ctx->param); + ctx->param = param; + } + IMPLEMENT_STACK_OF(X509) IMPLEMENT_ASN1_SET_OF(X509) diff --git a/src/lib/libssl/src/crypto/x509/x509_vfy.h b/src/lib/libssl/src/crypto/x509/x509_vfy.h index 7fd1f0bc4d..76c76e1719 100644 --- a/src/lib/libssl/src/crypto/x509/x509_vfy.h +++ b/src/lib/libssl/src/crypto/x509/x509_vfy.h @@ -65,6 +65,7 @@ #ifndef HEADER_X509_VFY_H #define HEADER_X509_VFY_H +#include #ifndef OPENSSL_NO_LHASH #include #endif @@ -155,6 +156,25 @@ typedef struct x509_lookup_method_st X509_OBJECT *ret); } X509_LOOKUP_METHOD; +/* This structure hold all parameters associated with a verify operation + * by including an X509_VERIFY_PARAM structure in related structures the + * parameters used can be customized + */ + +typedef struct X509_VERIFY_PARAM_st + { + char *name; + time_t check_time; /* Time to use */ + unsigned long inh_flags; /* Inheritance flags */ + unsigned long flags; /* Various verify flags */ + int purpose; /* purpose to check untrusted certificates */ + int trust; /* trust setting to check */ + int depth; /* Verify depth */ + STACK_OF(ASN1_OBJECT) *policies; /* Permissible policies */ + } X509_VERIFY_PARAM; + +DECLARE_STACK_OF(X509_VERIFY_PARAM) + /* This is used to hold everything. It is used for all certificate * validation. Once we have a certificate chain, the 'verify' * function is then called to actually check the cert chain. */ @@ -167,13 +187,8 @@ struct x509_store_st /* These are external lookup methods */ STACK_OF(X509_LOOKUP) *get_cert_methods; - /* The following fields are not used by X509_STORE but are - * inherited by X509_STORE_CTX when it is initialised. - */ + X509_VERIFY_PARAM *param; - unsigned long flags; /* Various verify flags */ - int purpose; - int trust; /* Callbacks for various operations */ int (*verify)(X509_STORE_CTX *ctx); /* called to verify a certificate */ int (*verify_cb)(int ok,X509_STORE_CTX *ctx); /* error callback */ @@ -187,10 +202,9 @@ struct x509_store_st CRYPTO_EX_DATA ex_data; int references; - int depth; /* how deep to look (still unused -- X509_STORE_CTX's depth is used) */ } /* X509_STORE */; -#define X509_STORE_set_depth(ctx,d) ((ctx)->depth=(d)) +int X509_STORE_set_depth(X509_STORE *store, int depth); #define X509_STORE_set_verify_cb_func(ctx,func) ((ctx)->verify_cb=(func)) #define X509_STORE_set_verify_func(ctx,func) ((ctx)->verify=(func)) @@ -217,10 +231,9 @@ struct x509_store_ctx_st /* X509_STORE_CTX */ /* The following are set by the caller */ X509 *cert; /* The cert to check */ STACK_OF(X509) *untrusted; /* chain of X509s - untrusted - passed in */ - int purpose; /* purpose to check untrusted certificates */ - int trust; /* trust setting to check */ - time_t check_time; /* time to make verify at */ - unsigned long flags; /* Various verify flags */ + STACK_OF(X509_CRL) *crls; /* set of CRLs passed in */ + + X509_VERIFY_PARAM *param; void *other_ctx; /* Other info for use with get_issuer() */ /* Callbacks for various operations */ @@ -232,13 +245,16 @@ struct x509_store_ctx_st /* X509_STORE_CTX */ int (*get_crl)(X509_STORE_CTX *ctx, X509_CRL **crl, X509 *x); /* retrieve CRL */ int (*check_crl)(X509_STORE_CTX *ctx, X509_CRL *crl); /* Check CRL validity */ int (*cert_crl)(X509_STORE_CTX *ctx, X509_CRL *crl, X509 *x); /* Check certificate against CRL */ + int (*check_policy)(X509_STORE_CTX *ctx); int (*cleanup)(X509_STORE_CTX *ctx); /* The following is built up */ - int depth; /* how far to go looking up certs */ int valid; /* if 0, rebuild chain */ int last_untrusted; /* index of last untrusted cert */ STACK_OF(X509) *chain; /* chain of X509s - built up and trusted */ + X509_POLICY_TREE *tree; /* Valid policy tree */ + + int explicit_policy; /* Require explicit policy value */ /* When something goes wrong, this is why */ int error_depth; @@ -250,7 +266,7 @@ struct x509_store_ctx_st /* X509_STORE_CTX */ CRYPTO_EX_DATA ex_data; } /* X509_STORE_CTX */; -#define X509_STORE_CTX_set_depth(ctx,d) ((ctx)->depth=(d)) +void X509_STORE_CTX_set_depth(X509_STORE_CTX *ctx, int depth); #define X509_STORE_CTX_set_app_data(ctx,data) \ X509_STORE_CTX_set_ex_data(ctx,0,data) @@ -311,6 +327,12 @@ struct x509_store_ctx_st /* X509_STORE_CTX */ #define X509_V_ERR_KEYUSAGE_NO_DIGITAL_SIGNATURE 39 #define X509_V_ERR_PROXY_CERTIFICATES_NOT_ALLOWED 40 +#define X509_V_ERR_INVALID_EXTENSION 41 +#define X509_V_ERR_INVALID_POLICY_EXTENSION 42 +#define X509_V_ERR_NO_EXPLICIT_POLICY 43 + +#define X509_V_ERR_UNNESTED_RESOURCE 44 + /* The application is not happy */ #define X509_V_ERR_APPLICATION_VERIFICATION 50 @@ -330,6 +352,28 @@ struct x509_store_ctx_st /* X509_STORE_CTX */ #define X509_V_FLAG_X509_STRICT 0x20 /* Enable proxy certificate validation */ #define X509_V_FLAG_ALLOW_PROXY_CERTS 0x40 +/* Enable policy checking */ +#define X509_V_FLAG_POLICY_CHECK 0x80 +/* Policy variable require-explicit-policy */ +#define X509_V_FLAG_EXPLICIT_POLICY 0x100 +/* Policy variable inhibit-any-policy */ +#define X509_V_FLAG_INHIBIT_ANY 0x200 +/* Policy variable inhibit-policy-mapping */ +#define X509_V_FLAG_INHIBIT_MAP 0x400 +/* Notify callback that policy is OK */ +#define X509_V_FLAG_NOTIFY_POLICY 0x800 + +#define X509_VP_FLAG_DEFAULT 0x1 +#define X509_VP_FLAG_OVERWRITE 0x2 +#define X509_VP_FLAG_RESET_FLAGS 0x4 +#define X509_VP_FLAG_LOCKED 0x8 +#define X509_VP_FLAG_ONCE 0x10 + +/* Internal use: mask of policy related options */ +#define X509_V_FLAG_POLICY_MASK (X509_V_FLAG_POLICY_CHECK \ + | X509_V_FLAG_EXPLICIT_POLICY \ + | X509_V_FLAG_INHIBIT_ANY \ + | X509_V_FLAG_INHIBIT_MAP) int X509_OBJECT_idx_by_subject(STACK_OF(X509_OBJECT) *h, int type, X509_NAME *name); @@ -340,9 +384,10 @@ void X509_OBJECT_free_contents(X509_OBJECT *a); X509_STORE *X509_STORE_new(void ); void X509_STORE_free(X509_STORE *v); -void X509_STORE_set_flags(X509_STORE *ctx, long flags); +int X509_STORE_set_flags(X509_STORE *ctx, unsigned long flags); int X509_STORE_set_purpose(X509_STORE *ctx, int purpose); int X509_STORE_set_trust(X509_STORE *ctx, int trust); +int X509_STORE_set1_param(X509_STORE *ctx, X509_VERIFY_PARAM *pm); X509_STORE_CTX *X509_STORE_CTX_new(void); @@ -406,14 +451,78 @@ STACK_OF(X509) *X509_STORE_CTX_get_chain(X509_STORE_CTX *ctx); STACK_OF(X509) *X509_STORE_CTX_get1_chain(X509_STORE_CTX *ctx); void X509_STORE_CTX_set_cert(X509_STORE_CTX *c,X509 *x); void X509_STORE_CTX_set_chain(X509_STORE_CTX *c,STACK_OF(X509) *sk); +void X509_STORE_CTX_set0_crls(X509_STORE_CTX *c,STACK_OF(X509_CRL) *sk); int X509_STORE_CTX_set_purpose(X509_STORE_CTX *ctx, int purpose); int X509_STORE_CTX_set_trust(X509_STORE_CTX *ctx, int trust); int X509_STORE_CTX_purpose_inherit(X509_STORE_CTX *ctx, int def_purpose, int purpose, int trust); -void X509_STORE_CTX_set_flags(X509_STORE_CTX *ctx, long flags); -void X509_STORE_CTX_set_time(X509_STORE_CTX *ctx, long flags, time_t t); +void X509_STORE_CTX_set_flags(X509_STORE_CTX *ctx, unsigned long flags); +void X509_STORE_CTX_set_time(X509_STORE_CTX *ctx, unsigned long flags, + time_t t); void X509_STORE_CTX_set_verify_cb(X509_STORE_CTX *ctx, int (*verify_cb)(int, X509_STORE_CTX *)); + +X509_POLICY_TREE *X509_STORE_CTX_get0_policy_tree(X509_STORE_CTX *ctx); +int X509_STORE_CTX_get_explicit_policy(X509_STORE_CTX *ctx); + +X509_VERIFY_PARAM *X509_STORE_CTX_get0_param(X509_STORE_CTX *ctx); +void X509_STORE_CTX_set0_param(X509_STORE_CTX *ctx, X509_VERIFY_PARAM *param); +int X509_STORE_CTX_set_default(X509_STORE_CTX *ctx, const char *name); + +/* X509_VERIFY_PARAM functions */ + +X509_VERIFY_PARAM *X509_VERIFY_PARAM_new(void); +void X509_VERIFY_PARAM_free(X509_VERIFY_PARAM *param); +int X509_VERIFY_PARAM_inherit(X509_VERIFY_PARAM *to, + const X509_VERIFY_PARAM *from); +int X509_VERIFY_PARAM_set1(X509_VERIFY_PARAM *to, + const X509_VERIFY_PARAM *from); +int X509_VERIFY_PARAM_set1_name(X509_VERIFY_PARAM *param, const char *name); +int X509_VERIFY_PARAM_set_flags(X509_VERIFY_PARAM *param, unsigned long flags); +int X509_VERIFY_PARAM_clear_flags(X509_VERIFY_PARAM *param, + unsigned long flags); +unsigned long X509_VERIFY_PARAM_get_flags(X509_VERIFY_PARAM *param); +int X509_VERIFY_PARAM_set_purpose(X509_VERIFY_PARAM *param, int purpose); +int X509_VERIFY_PARAM_set_trust(X509_VERIFY_PARAM *param, int trust); +void X509_VERIFY_PARAM_set_depth(X509_VERIFY_PARAM *param, int depth); +void X509_VERIFY_PARAM_set_time(X509_VERIFY_PARAM *param, time_t t); +int X509_VERIFY_PARAM_add0_policy(X509_VERIFY_PARAM *param, + ASN1_OBJECT *policy); +int X509_VERIFY_PARAM_set1_policies(X509_VERIFY_PARAM *param, + STACK_OF(ASN1_OBJECT) *policies); +int X509_VERIFY_PARAM_get_depth(const X509_VERIFY_PARAM *param); + +int X509_VERIFY_PARAM_add0_table(X509_VERIFY_PARAM *param); +const X509_VERIFY_PARAM *X509_VERIFY_PARAM_lookup(const char *name); +void X509_VERIFY_PARAM_table_cleanup(void); + +int X509_policy_check(X509_POLICY_TREE **ptree, int *pexplicit_policy, + STACK_OF(X509) *certs, + STACK_OF(ASN1_OBJECT) *policy_oids, + unsigned int flags); + +void X509_policy_tree_free(X509_POLICY_TREE *tree); + +int X509_policy_tree_level_count(const X509_POLICY_TREE *tree); +X509_POLICY_LEVEL * + X509_policy_tree_get0_level(const X509_POLICY_TREE *tree, int i); + +STACK_OF(X509_POLICY_NODE) * + X509_policy_tree_get0_policies(const X509_POLICY_TREE *tree); + +STACK_OF(X509_POLICY_NODE) * + X509_policy_tree_get0_user_policies(const X509_POLICY_TREE *tree); + +int X509_policy_level_node_count(X509_POLICY_LEVEL *level); + +X509_POLICY_NODE *X509_policy_level_get0_node(X509_POLICY_LEVEL *level, int i); + +const ASN1_OBJECT *X509_policy_node_get0_policy(const X509_POLICY_NODE *node); + +STACK_OF(POLICYQUALINFO) * + X509_policy_node_get0_qualifiers(const X509_POLICY_NODE *node); +const X509_POLICY_NODE * + X509_policy_node_get0_parent(const X509_POLICY_NODE *node); #ifdef __cplusplus } diff --git a/src/lib/libssl/src/crypto/x509/x509spki.c b/src/lib/libssl/src/crypto/x509/x509spki.c index 4c3af946ec..ed868b838e 100644 --- a/src/lib/libssl/src/crypto/x509/x509spki.c +++ b/src/lib/libssl/src/crypto/x509/x509spki.c @@ -77,7 +77,8 @@ EVP_PKEY *NETSCAPE_SPKI_get_pubkey(NETSCAPE_SPKI *x) NETSCAPE_SPKI * NETSCAPE_SPKI_b64_decode(const char *str, int len) { - unsigned char *spki_der, *p; + unsigned char *spki_der; + const unsigned char *p; int spki_len; NETSCAPE_SPKI *spki; if(len <= 0) len = strlen(str); diff --git a/src/lib/libssl/src/crypto/x509/x509type.c b/src/lib/libssl/src/crypto/x509/x509type.c index c25959a742..2cd994c5b0 100644 --- a/src/lib/libssl/src/crypto/x509/x509type.c +++ b/src/lib/libssl/src/crypto/x509/x509type.c @@ -86,6 +86,9 @@ int X509_certificate_type(X509 *x, EVP_PKEY *pkey) case EVP_PKEY_DSA: ret=EVP_PK_DSA|EVP_PKT_SIGN; break; + case EVP_PKEY_EC: + ret=EVP_PK_EC|EVP_PKT_SIGN|EVP_PKT_EXCH; + break; case EVP_PKEY_DH: ret=EVP_PK_DH|EVP_PKT_EXCH; break; @@ -102,6 +105,9 @@ int X509_certificate_type(X509 *x, EVP_PKEY *pkey) case EVP_PKEY_DSA: ret|=EVP_PKS_DSA; break; + case EVP_PKEY_EC: + ret|=EVP_PKS_EC; + break; default: break; } diff --git a/src/lib/libssl/src/crypto/x509/x_all.c b/src/lib/libssl/src/crypto/x509/x_all.c index ac6dea493a..9039caad60 100644 --- a/src/lib/libssl/src/crypto/x509/x_all.c +++ b/src/lib/libssl/src/crypto/x509/x_all.c @@ -64,6 +64,12 @@ #include #include #include +#ifndef OPENSSL_NO_RSA +#include +#endif +#ifndef OPENSSL_NO_DSA +#include +#endif int X509_verify(X509 *a, EVP_PKEY *r) { @@ -223,9 +229,9 @@ RSA *d2i_RSAPublicKey_fp(FILE *fp, RSA **rsa) RSA *d2i_RSA_PUBKEY_fp(FILE *fp, RSA **rsa) { - return((RSA *)ASN1_d2i_fp((char *(*)()) - RSA_new,(char *(*)())d2i_RSA_PUBKEY, (fp), - (unsigned char **)(rsa))); + return ASN1_d2i_fp((void *(*)(void)) + RSA_new,(D2I_OF(void))d2i_RSA_PUBKEY, fp, + (void **)rsa); } int i2d_RSAPublicKey_fp(FILE *fp, RSA *rsa) @@ -235,7 +241,7 @@ int i2d_RSAPublicKey_fp(FILE *fp, RSA *rsa) int i2d_RSA_PUBKEY_fp(FILE *fp, RSA *rsa) { - return(ASN1_i2d_fp(i2d_RSA_PUBKEY,fp,(unsigned char *)rsa)); + return ASN1_i2d_fp((I2D_OF(void))i2d_RSA_PUBKEY,fp,rsa); } #endif @@ -257,9 +263,7 @@ RSA *d2i_RSAPublicKey_bio(BIO *bp, RSA **rsa) RSA *d2i_RSA_PUBKEY_bio(BIO *bp, RSA **rsa) { - return((RSA *)ASN1_d2i_bio((char *(*)()) - RSA_new,(char *(*)())d2i_RSA_PUBKEY, (bp), - (unsigned char **)(rsa))); + return ASN1_d2i_bio_of(RSA,RSA_new,d2i_RSA_PUBKEY,bp,rsa); } int i2d_RSAPublicKey_bio(BIO *bp, RSA *rsa) @@ -269,7 +273,7 @@ int i2d_RSAPublicKey_bio(BIO *bp, RSA *rsa) int i2d_RSA_PUBKEY_bio(BIO *bp, RSA *rsa) { - return(ASN1_i2d_bio(i2d_RSA_PUBKEY,bp,(unsigned char *)rsa)); + return ASN1_i2d_bio_of(RSA,i2d_RSA_PUBKEY,bp,rsa); } #endif @@ -277,55 +281,92 @@ int i2d_RSA_PUBKEY_bio(BIO *bp, RSA *rsa) #ifndef OPENSSL_NO_FP_API DSA *d2i_DSAPrivateKey_fp(FILE *fp, DSA **dsa) { - return((DSA *)ASN1_d2i_fp((char *(*)()) - DSA_new,(char *(*)())d2i_DSAPrivateKey, (fp), - (unsigned char **)(dsa))); + return ASN1_d2i_fp_of(DSA,DSA_new,d2i_DSAPrivateKey,fp,dsa); } int i2d_DSAPrivateKey_fp(FILE *fp, DSA *dsa) { - return(ASN1_i2d_fp(i2d_DSAPrivateKey,fp,(unsigned char *)dsa)); + return ASN1_i2d_fp_of_const(DSA,i2d_DSAPrivateKey,fp,dsa); } DSA *d2i_DSA_PUBKEY_fp(FILE *fp, DSA **dsa) { - return((DSA *)ASN1_d2i_fp((char *(*)()) - DSA_new,(char *(*)())d2i_DSA_PUBKEY, (fp), - (unsigned char **)(dsa))); + return ASN1_d2i_fp_of(DSA,DSA_new,d2i_DSA_PUBKEY,fp,dsa); } int i2d_DSA_PUBKEY_fp(FILE *fp, DSA *dsa) { - return(ASN1_i2d_fp(i2d_DSA_PUBKEY,fp,(unsigned char *)dsa)); + return ASN1_i2d_fp_of(DSA,i2d_DSA_PUBKEY,fp,dsa); } #endif DSA *d2i_DSAPrivateKey_bio(BIO *bp, DSA **dsa) { - return((DSA *)ASN1_d2i_bio((char *(*)()) - DSA_new,(char *(*)())d2i_DSAPrivateKey, (bp), - (unsigned char **)(dsa))); + return ASN1_d2i_bio_of(DSA,DSA_new,d2i_DSAPrivateKey,bp,dsa +); } int i2d_DSAPrivateKey_bio(BIO *bp, DSA *dsa) { - return(ASN1_i2d_bio(i2d_DSAPrivateKey,bp,(unsigned char *)dsa)); + return ASN1_i2d_bio_of_const(DSA,i2d_DSAPrivateKey,bp,dsa); } DSA *d2i_DSA_PUBKEY_bio(BIO *bp, DSA **dsa) { - return((DSA *)ASN1_d2i_bio((char *(*)()) - DSA_new,(char *(*)())d2i_DSA_PUBKEY, (bp), - (unsigned char **)(dsa))); + return ASN1_d2i_bio_of(DSA,DSA_new,d2i_DSA_PUBKEY,bp,dsa); } int i2d_DSA_PUBKEY_bio(BIO *bp, DSA *dsa) { - return(ASN1_i2d_bio(i2d_DSA_PUBKEY,bp,(unsigned char *)dsa)); + return ASN1_i2d_bio_of(DSA,i2d_DSA_PUBKEY,bp,dsa); } #endif +#ifndef OPENSSL_NO_EC +#ifndef OPENSSL_NO_FP_API +EC_KEY *d2i_EC_PUBKEY_fp(FILE *fp, EC_KEY **eckey) + { + return ASN1_d2i_fp_of(EC_KEY,EC_KEY_new,d2i_EC_PUBKEY,fp,eckey); + } + +int i2d_EC_PUBKEY_fp(FILE *fp, EC_KEY *eckey) + { + return ASN1_i2d_fp_of(EC_KEY,i2d_EC_PUBKEY,fp,eckey); + } + +EC_KEY *d2i_ECPrivateKey_fp(FILE *fp, EC_KEY **eckey) + { + return ASN1_d2i_fp_of(EC_KEY,EC_KEY_new,d2i_ECPrivateKey,fp,eckey); + } + +int i2d_ECPrivateKey_fp(FILE *fp, EC_KEY *eckey) + { + return ASN1_i2d_fp_of(EC_KEY,i2d_ECPrivateKey,fp,eckey); + } +#endif +EC_KEY *d2i_EC_PUBKEY_bio(BIO *bp, EC_KEY **eckey) + { + return ASN1_d2i_bio_of(EC_KEY,EC_KEY_new,d2i_EC_PUBKEY,bp,eckey); + } + +int i2d_EC_PUBKEY_bio(BIO *bp, EC_KEY *ecdsa) + { + return ASN1_i2d_bio_of(EC_KEY,i2d_EC_PUBKEY,bp,ecdsa); + } + +EC_KEY *d2i_ECPrivateKey_bio(BIO *bp, EC_KEY **eckey) + { + return ASN1_d2i_bio_of(EC_KEY,EC_KEY_new,d2i_ECPrivateKey,bp,eckey); + } + +int i2d_ECPrivateKey_bio(BIO *bp, EC_KEY *eckey) + { + return ASN1_i2d_bio_of(EC_KEY,i2d_ECPrivateKey,bp,eckey); + } +#endif + + int X509_pubkey_digest(const X509 *data, const EVP_MD *type, unsigned char *md, unsigned int *len) { @@ -370,40 +411,37 @@ int PKCS7_ISSUER_AND_SERIAL_digest(PKCS7_ISSUER_AND_SERIAL *data, const EVP_MD * #ifndef OPENSSL_NO_FP_API X509_SIG *d2i_PKCS8_fp(FILE *fp, X509_SIG **p8) { - return((X509_SIG *)ASN1_d2i_fp((char *(*)())X509_SIG_new, - (char *(*)())d2i_X509_SIG, (fp),(unsigned char **)(p8))); + return ASN1_d2i_fp_of(X509_SIG,X509_SIG_new,d2i_X509_SIG,fp,p8); } int i2d_PKCS8_fp(FILE *fp, X509_SIG *p8) { - return(ASN1_i2d_fp(i2d_X509_SIG,fp,(unsigned char *)p8)); + return ASN1_i2d_fp_of(X509_SIG,i2d_X509_SIG,fp,p8); } #endif X509_SIG *d2i_PKCS8_bio(BIO *bp, X509_SIG **p8) { - return((X509_SIG *)ASN1_d2i_bio((char *(*)())X509_SIG_new, - (char *(*)())d2i_X509_SIG, (bp),(unsigned char **)(p8))); + return ASN1_d2i_bio_of(X509_SIG,X509_SIG_new,d2i_X509_SIG,bp,p8); } int i2d_PKCS8_bio(BIO *bp, X509_SIG *p8) { - return(ASN1_i2d_bio(i2d_X509_SIG,bp,(unsigned char *)p8)); + return ASN1_i2d_bio_of(X509_SIG,i2d_X509_SIG,bp,p8); } #ifndef OPENSSL_NO_FP_API PKCS8_PRIV_KEY_INFO *d2i_PKCS8_PRIV_KEY_INFO_fp(FILE *fp, PKCS8_PRIV_KEY_INFO **p8inf) { - return((PKCS8_PRIV_KEY_INFO *)ASN1_d2i_fp( - (char *(*)())PKCS8_PRIV_KEY_INFO_new, - (char *(*)())d2i_PKCS8_PRIV_KEY_INFO, (fp), - (unsigned char **)(p8inf))); + return ASN1_d2i_fp_of(PKCS8_PRIV_KEY_INFO,PKCS8_PRIV_KEY_INFO_new, + d2i_PKCS8_PRIV_KEY_INFO,fp,p8inf); } int i2d_PKCS8_PRIV_KEY_INFO_fp(FILE *fp, PKCS8_PRIV_KEY_INFO *p8inf) { - return(ASN1_i2d_fp(i2d_PKCS8_PRIV_KEY_INFO,fp,(unsigned char *)p8inf)); + return ASN1_i2d_fp_of(PKCS8_PRIV_KEY_INFO,i2d_PKCS8_PRIV_KEY_INFO,fp, + p8inf); } int i2d_PKCS8PrivateKeyInfo_fp(FILE *fp, EVP_PKEY *key) @@ -419,24 +457,22 @@ int i2d_PKCS8PrivateKeyInfo_fp(FILE *fp, EVP_PKEY *key) int i2d_PrivateKey_fp(FILE *fp, EVP_PKEY *pkey) { - return(ASN1_i2d_fp(i2d_PrivateKey,fp,(unsigned char *)pkey)); + return ASN1_i2d_fp_of(EVP_PKEY,i2d_PrivateKey,fp,pkey); } EVP_PKEY *d2i_PrivateKey_fp(FILE *fp, EVP_PKEY **a) { - return((EVP_PKEY *)ASN1_d2i_fp((char *(*)())EVP_PKEY_new, - (char *(*)())d2i_AutoPrivateKey, (fp),(unsigned char **)(a))); + return ASN1_d2i_fp_of(EVP_PKEY,EVP_PKEY_new,d2i_AutoPrivateKey,fp,a); } int i2d_PUBKEY_fp(FILE *fp, EVP_PKEY *pkey) { - return(ASN1_i2d_fp(i2d_PUBKEY,fp,(unsigned char *)pkey)); + return ASN1_i2d_fp_of(EVP_PKEY,i2d_PUBKEY,fp,pkey); } EVP_PKEY *d2i_PUBKEY_fp(FILE *fp, EVP_PKEY **a) { - return((EVP_PKEY *)ASN1_d2i_fp((char *(*)())EVP_PKEY_new, - (char *(*)())d2i_PUBKEY, (fp),(unsigned char **)(a))); + return ASN1_d2i_fp_of(EVP_PKEY,EVP_PKEY_new,d2i_PUBKEY,fp,a); } #endif @@ -444,15 +480,14 @@ EVP_PKEY *d2i_PUBKEY_fp(FILE *fp, EVP_PKEY **a) PKCS8_PRIV_KEY_INFO *d2i_PKCS8_PRIV_KEY_INFO_bio(BIO *bp, PKCS8_PRIV_KEY_INFO **p8inf) { - return((PKCS8_PRIV_KEY_INFO *)ASN1_d2i_bio( - (char *(*)())PKCS8_PRIV_KEY_INFO_new, - (char *(*)())d2i_PKCS8_PRIV_KEY_INFO, (bp), - (unsigned char **)(p8inf))); + return ASN1_d2i_bio_of(PKCS8_PRIV_KEY_INFO,PKCS8_PRIV_KEY_INFO_new, + d2i_PKCS8_PRIV_KEY_INFO,bp,p8inf); } int i2d_PKCS8_PRIV_KEY_INFO_bio(BIO *bp, PKCS8_PRIV_KEY_INFO *p8inf) { - return(ASN1_i2d_bio(i2d_PKCS8_PRIV_KEY_INFO,bp,(unsigned char *)p8inf)); + return ASN1_i2d_bio_of(PKCS8_PRIV_KEY_INFO,i2d_PKCS8_PRIV_KEY_INFO,bp, + p8inf); } int i2d_PKCS8PrivateKeyInfo_bio(BIO *bp, EVP_PKEY *key) @@ -468,22 +503,20 @@ int i2d_PKCS8PrivateKeyInfo_bio(BIO *bp, EVP_PKEY *key) int i2d_PrivateKey_bio(BIO *bp, EVP_PKEY *pkey) { - return(ASN1_i2d_bio(i2d_PrivateKey,bp,(unsigned char *)pkey)); + return ASN1_i2d_bio_of(EVP_PKEY,i2d_PrivateKey,bp,pkey); } EVP_PKEY *d2i_PrivateKey_bio(BIO *bp, EVP_PKEY **a) { - return((EVP_PKEY *)ASN1_d2i_bio((char *(*)())EVP_PKEY_new, - (char *(*)())d2i_AutoPrivateKey, (bp),(unsigned char **)(a))); + return ASN1_d2i_bio_of(EVP_PKEY,EVP_PKEY_new,d2i_AutoPrivateKey,bp,a); } int i2d_PUBKEY_bio(BIO *bp, EVP_PKEY *pkey) { - return(ASN1_i2d_bio(i2d_PUBKEY,bp,(unsigned char *)pkey)); + return ASN1_i2d_bio_of(EVP_PKEY,i2d_PUBKEY,bp,pkey); } EVP_PKEY *d2i_PUBKEY_bio(BIO *bp, EVP_PKEY **a) { - return((EVP_PKEY *)ASN1_d2i_bio((char *(*)())EVP_PKEY_new, - (char *(*)())d2i_PUBKEY, (bp),(unsigned char **)(a))); + return ASN1_d2i_bio_of(EVP_PKEY,EVP_PKEY_new,d2i_PUBKEY,bp,a); } diff --git a/src/lib/libssl/src/crypto/x509v3/Makefile b/src/lib/libssl/src/crypto/x509v3/Makefile index 49423f39f7..556ef351bf 100644 --- a/src/lib/libssl/src/crypto/x509v3/Makefile +++ b/src/lib/libssl/src/crypto/x509v3/Makefile @@ -7,11 +7,6 @@ TOP= ../.. CC= cc INCLUDES= -I.. -I$(TOP) -I../../include CFLAG=-g -INSTALL_PREFIX= -OPENSSLDIR= /usr/local/ssl -INSTALLTOP=/usr/local/ssl -MAKEDEPPROG= makedepend -MAKEDEPEND= $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG) MAKEFILE= Makefile AR= ar r @@ -25,16 +20,20 @@ LIB=$(TOP)/libcrypto.a LIBSRC= v3_bcons.c v3_bitst.c v3_conf.c v3_extku.c v3_ia5.c v3_lib.c \ v3_prn.c v3_utl.c v3err.c v3_genn.c v3_alt.c v3_skey.c v3_akey.c v3_pku.c \ v3_int.c v3_enum.c v3_sxnet.c v3_cpols.c v3_crld.c v3_purp.c v3_info.c \ -v3_ocsp.c v3_akeya.c v3_pcia.c v3_pci.c +v3_ocsp.c v3_akeya.c v3_pmaps.c v3_pcons.c v3_ncons.c v3_pcia.c v3_pci.c \ +pcy_cache.c pcy_node.c pcy_data.c pcy_map.c pcy_tree.c pcy_lib.c \ +v3_asid.c v3_addr.c LIBOBJ= v3_bcons.o v3_bitst.o v3_conf.o v3_extku.o v3_ia5.o v3_lib.o \ v3_prn.o v3_utl.o v3err.o v3_genn.o v3_alt.o v3_skey.o v3_akey.o v3_pku.o \ v3_int.o v3_enum.o v3_sxnet.o v3_cpols.o v3_crld.o v3_purp.o v3_info.o \ -v3_ocsp.o v3_akeya.o v3_pcia.o v3_pci.o +v3_ocsp.o v3_akeya.o v3_pmaps.o v3_pcons.o v3_ncons.o v3_pcia.o v3_pci.o \ +pcy_cache.o pcy_node.o pcy_data.o pcy_map.o pcy_tree.o pcy_lib.o \ +v3_asid.o v3_addr.o SRC= $(LIBSRC) EXHEADER= x509v3.h -HEADER= $(EXHEADER) +HEADER= $(EXHEADER) pcy_int.h ALL= $(GENERAL) $(SRC) $(HEADER) @@ -57,6 +56,7 @@ links: @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS) install: + @[ -n "$(INSTALLTOP)" ] # should be set by top Makefile... @headerlist="$(EXHEADER)"; for i in $$headerlist ; \ do \ (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \ @@ -72,6 +72,7 @@ lint: lint -DLINT $(INCLUDES) $(SRC)>fluff depend: + @[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile... $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC) dclean: @@ -83,563 +84,508 @@ clean: # DO NOT DELETE THIS LINE -- make depend depends on it. -v3_akey.o: ../../e_os.h ../../include/openssl/aes.h -v3_akey.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h -v3_akey.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -v3_akey.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -v3_akey.o: ../../include/openssl/cast.h ../../include/openssl/conf.h -v3_akey.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -v3_akey.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -v3_akey.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -v3_akey.o: ../../include/openssl/err.h ../../include/openssl/evp.h -v3_akey.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -v3_akey.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -v3_akey.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h +pcy_cache.o: ../../e_os.h ../../include/openssl/asn1.h +pcy_cache.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h +pcy_cache.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h +pcy_cache.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h +pcy_cache.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h +pcy_cache.o: ../../include/openssl/err.h ../../include/openssl/evp.h +pcy_cache.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h +pcy_cache.o: ../../include/openssl/objects.h +pcy_cache.o: ../../include/openssl/opensslconf.h +pcy_cache.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +pcy_cache.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h +pcy_cache.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +pcy_cache.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h +pcy_cache.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h +pcy_cache.o: ../cryptlib.h pcy_cache.c pcy_int.h +pcy_data.o: ../../e_os.h ../../include/openssl/asn1.h +pcy_data.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h +pcy_data.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h +pcy_data.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h +pcy_data.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h +pcy_data.o: ../../include/openssl/err.h ../../include/openssl/evp.h +pcy_data.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h +pcy_data.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h +pcy_data.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +pcy_data.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h +pcy_data.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +pcy_data.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h +pcy_data.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h +pcy_data.o: ../cryptlib.h pcy_data.c pcy_int.h +pcy_lib.o: ../../e_os.h ../../include/openssl/asn1.h +pcy_lib.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h +pcy_lib.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h +pcy_lib.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h +pcy_lib.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h +pcy_lib.o: ../../include/openssl/err.h ../../include/openssl/evp.h +pcy_lib.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h +pcy_lib.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h +pcy_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +pcy_lib.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h +pcy_lib.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +pcy_lib.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h +pcy_lib.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h +pcy_lib.o: ../cryptlib.h pcy_int.h pcy_lib.c +pcy_map.o: ../../e_os.h ../../include/openssl/asn1.h +pcy_map.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h +pcy_map.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h +pcy_map.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h +pcy_map.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h +pcy_map.o: ../../include/openssl/err.h ../../include/openssl/evp.h +pcy_map.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h +pcy_map.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h +pcy_map.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +pcy_map.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h +pcy_map.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +pcy_map.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h +pcy_map.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h +pcy_map.o: ../cryptlib.h pcy_int.h pcy_map.c +pcy_node.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h +pcy_node.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h +pcy_node.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h +pcy_node.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h +pcy_node.o: ../../include/openssl/ecdsa.h ../../include/openssl/evp.h +pcy_node.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h +pcy_node.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h +pcy_node.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +pcy_node.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h +pcy_node.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +pcy_node.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h +pcy_node.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h +pcy_node.o: pcy_int.h pcy_node.c +pcy_tree.o: ../../e_os.h ../../include/openssl/asn1.h +pcy_tree.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h +pcy_tree.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h +pcy_tree.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h +pcy_tree.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h +pcy_tree.o: ../../include/openssl/err.h ../../include/openssl/evp.h +pcy_tree.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h +pcy_tree.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h +pcy_tree.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +pcy_tree.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h +pcy_tree.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +pcy_tree.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h +pcy_tree.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h +pcy_tree.o: ../cryptlib.h pcy_int.h pcy_tree.c +v3_addr.o: ../../e_os.h ../../include/openssl/asn1.h +v3_addr.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h +v3_addr.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h +v3_addr.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h +v3_addr.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h +v3_addr.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h +v3_addr.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h +v3_addr.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h +v3_addr.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h +v3_addr.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h +v3_addr.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +v3_addr.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +v3_addr.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +v3_addr.o: ../../include/openssl/x509v3.h ../cryptlib.h v3_addr.c +v3_akey.o: ../../e_os.h ../../include/openssl/asn1.h +v3_akey.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h +v3_akey.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h +v3_akey.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h +v3_akey.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h +v3_akey.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h +v3_akey.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h v3_akey.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h v3_akey.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h v3_akey.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h -v3_akey.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -v3_akey.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h -v3_akey.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -v3_akey.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -v3_akey.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -v3_akey.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h -v3_akey.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h -v3_akey.o: ../cryptlib.h v3_akey.c -v3_akeya.o: ../../e_os.h ../../include/openssl/aes.h -v3_akeya.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h -v3_akeya.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -v3_akeya.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -v3_akeya.o: ../../include/openssl/cast.h ../../include/openssl/conf.h -v3_akeya.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -v3_akeya.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -v3_akeya.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -v3_akeya.o: ../../include/openssl/err.h ../../include/openssl/evp.h -v3_akeya.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -v3_akeya.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -v3_akeya.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h +v3_akey.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +v3_akey.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +v3_akey.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +v3_akey.o: ../../include/openssl/x509v3.h ../cryptlib.h v3_akey.c +v3_akeya.o: ../../e_os.h ../../include/openssl/asn1.h +v3_akeya.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h +v3_akeya.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h +v3_akeya.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h +v3_akeya.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h +v3_akeya.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h +v3_akeya.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h v3_akeya.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h v3_akeya.o: ../../include/openssl/opensslconf.h v3_akeya.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -v3_akeya.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -v3_akeya.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -v3_akeya.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -v3_akeya.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -v3_akeya.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -v3_akeya.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -v3_akeya.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -v3_akeya.o: ../../include/openssl/x509v3.h ../cryptlib.h v3_akeya.c -v3_alt.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h -v3_alt.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -v3_alt.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -v3_alt.o: ../../include/openssl/cast.h ../../include/openssl/conf.h -v3_alt.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -v3_alt.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -v3_alt.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -v3_alt.o: ../../include/openssl/err.h ../../include/openssl/evp.h -v3_alt.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -v3_alt.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -v3_alt.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h +v3_akeya.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h +v3_akeya.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +v3_akeya.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h +v3_akeya.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h +v3_akeya.o: ../cryptlib.h v3_akeya.c +v3_alt.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h +v3_alt.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h +v3_alt.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h +v3_alt.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h +v3_alt.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h +v3_alt.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h v3_alt.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h v3_alt.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h v3_alt.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h -v3_alt.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -v3_alt.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h -v3_alt.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -v3_alt.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -v3_alt.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -v3_alt.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h -v3_alt.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h -v3_alt.o: ../cryptlib.h v3_alt.c -v3_bcons.o: ../../e_os.h ../../include/openssl/aes.h -v3_bcons.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h -v3_bcons.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -v3_bcons.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -v3_bcons.o: ../../include/openssl/cast.h ../../include/openssl/conf.h -v3_bcons.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -v3_bcons.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -v3_bcons.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -v3_bcons.o: ../../include/openssl/err.h ../../include/openssl/evp.h -v3_bcons.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -v3_bcons.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -v3_bcons.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h +v3_alt.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +v3_alt.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +v3_alt.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +v3_alt.o: ../../include/openssl/x509v3.h ../cryptlib.h v3_alt.c +v3_asid.o: ../../e_os.h ../../include/openssl/asn1.h +v3_asid.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h +v3_asid.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h +v3_asid.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h +v3_asid.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h +v3_asid.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h +v3_asid.o: ../../include/openssl/err.h ../../include/openssl/evp.h +v3_asid.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h +v3_asid.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h +v3_asid.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +v3_asid.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h +v3_asid.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +v3_asid.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h +v3_asid.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h +v3_asid.o: ../cryptlib.h v3_asid.c +v3_bcons.o: ../../e_os.h ../../include/openssl/asn1.h +v3_bcons.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h +v3_bcons.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h +v3_bcons.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h +v3_bcons.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h +v3_bcons.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h +v3_bcons.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h v3_bcons.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h v3_bcons.o: ../../include/openssl/opensslconf.h v3_bcons.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -v3_bcons.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -v3_bcons.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -v3_bcons.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -v3_bcons.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -v3_bcons.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -v3_bcons.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -v3_bcons.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -v3_bcons.o: ../../include/openssl/x509v3.h ../cryptlib.h v3_bcons.c -v3_bitst.o: ../../e_os.h ../../include/openssl/aes.h -v3_bitst.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -v3_bitst.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -v3_bitst.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h +v3_bcons.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h +v3_bcons.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +v3_bcons.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h +v3_bcons.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h +v3_bcons.o: ../cryptlib.h v3_bcons.c +v3_bitst.o: ../../e_os.h ../../include/openssl/asn1.h +v3_bitst.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h v3_bitst.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h -v3_bitst.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -v3_bitst.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -v3_bitst.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -v3_bitst.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -v3_bitst.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -v3_bitst.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -v3_bitst.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h +v3_bitst.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h +v3_bitst.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h +v3_bitst.o: ../../include/openssl/err.h ../../include/openssl/evp.h +v3_bitst.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h v3_bitst.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h v3_bitst.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -v3_bitst.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -v3_bitst.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -v3_bitst.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -v3_bitst.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -v3_bitst.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -v3_bitst.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -v3_bitst.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -v3_bitst.o: ../../include/openssl/x509v3.h ../cryptlib.h v3_bitst.c -v3_conf.o: ../../e_os.h ../../include/openssl/aes.h -v3_conf.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -v3_conf.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -v3_conf.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h +v3_bitst.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h +v3_bitst.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +v3_bitst.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h +v3_bitst.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h +v3_bitst.o: ../cryptlib.h v3_bitst.c +v3_conf.o: ../../e_os.h ../../include/openssl/asn1.h +v3_conf.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h v3_conf.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h -v3_conf.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -v3_conf.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -v3_conf.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -v3_conf.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -v3_conf.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -v3_conf.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -v3_conf.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h +v3_conf.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h +v3_conf.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h +v3_conf.o: ../../include/openssl/err.h ../../include/openssl/evp.h +v3_conf.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h v3_conf.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h v3_conf.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -v3_conf.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -v3_conf.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -v3_conf.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -v3_conf.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -v3_conf.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -v3_conf.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -v3_conf.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -v3_conf.o: ../../include/openssl/x509v3.h ../cryptlib.h v3_conf.c -v3_cpols.o: ../../e_os.h ../../include/openssl/aes.h -v3_cpols.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h -v3_cpols.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -v3_cpols.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -v3_cpols.o: ../../include/openssl/cast.h ../../include/openssl/conf.h -v3_cpols.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -v3_cpols.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -v3_cpols.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -v3_cpols.o: ../../include/openssl/err.h ../../include/openssl/evp.h -v3_cpols.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -v3_cpols.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -v3_cpols.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h +v3_conf.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h +v3_conf.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +v3_conf.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h +v3_conf.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h +v3_conf.o: ../cryptlib.h v3_conf.c +v3_cpols.o: ../../e_os.h ../../include/openssl/asn1.h +v3_cpols.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h +v3_cpols.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h +v3_cpols.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h +v3_cpols.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h +v3_cpols.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h +v3_cpols.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h v3_cpols.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h v3_cpols.o: ../../include/openssl/opensslconf.h v3_cpols.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -v3_cpols.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -v3_cpols.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -v3_cpols.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -v3_cpols.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -v3_cpols.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -v3_cpols.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -v3_cpols.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -v3_cpols.o: ../../include/openssl/x509v3.h ../cryptlib.h v3_cpols.c -v3_crld.o: ../../e_os.h ../../include/openssl/aes.h -v3_crld.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h -v3_crld.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -v3_crld.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -v3_crld.o: ../../include/openssl/cast.h ../../include/openssl/conf.h -v3_crld.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -v3_crld.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -v3_crld.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -v3_crld.o: ../../include/openssl/err.h ../../include/openssl/evp.h -v3_crld.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -v3_crld.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -v3_crld.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h +v3_cpols.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h +v3_cpols.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +v3_cpols.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h +v3_cpols.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h +v3_cpols.o: ../cryptlib.h pcy_int.h v3_cpols.c +v3_crld.o: ../../e_os.h ../../include/openssl/asn1.h +v3_crld.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h +v3_crld.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h +v3_crld.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h +v3_crld.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h +v3_crld.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h +v3_crld.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h v3_crld.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h v3_crld.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h v3_crld.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h -v3_crld.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -v3_crld.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h -v3_crld.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -v3_crld.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -v3_crld.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -v3_crld.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h -v3_crld.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h -v3_crld.o: ../cryptlib.h v3_crld.c -v3_enum.o: ../../e_os.h ../../include/openssl/aes.h -v3_enum.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -v3_enum.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -v3_enum.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h +v3_crld.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +v3_crld.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +v3_crld.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +v3_crld.o: ../../include/openssl/x509v3.h ../cryptlib.h v3_crld.c +v3_enum.o: ../../e_os.h ../../include/openssl/asn1.h +v3_enum.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h v3_enum.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h -v3_enum.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -v3_enum.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -v3_enum.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -v3_enum.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -v3_enum.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -v3_enum.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -v3_enum.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h +v3_enum.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h +v3_enum.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h +v3_enum.o: ../../include/openssl/err.h ../../include/openssl/evp.h +v3_enum.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h v3_enum.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h v3_enum.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -v3_enum.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -v3_enum.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -v3_enum.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -v3_enum.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -v3_enum.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -v3_enum.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -v3_enum.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -v3_enum.o: ../../include/openssl/x509v3.h ../cryptlib.h v3_enum.c -v3_extku.o: ../../e_os.h ../../include/openssl/aes.h -v3_extku.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h -v3_extku.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -v3_extku.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -v3_extku.o: ../../include/openssl/cast.h ../../include/openssl/conf.h -v3_extku.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -v3_extku.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -v3_extku.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -v3_extku.o: ../../include/openssl/err.h ../../include/openssl/evp.h -v3_extku.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -v3_extku.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -v3_extku.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h +v3_enum.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h +v3_enum.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +v3_enum.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h +v3_enum.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h +v3_enum.o: ../cryptlib.h v3_enum.c +v3_extku.o: ../../e_os.h ../../include/openssl/asn1.h +v3_extku.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h +v3_extku.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h +v3_extku.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h +v3_extku.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h +v3_extku.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h +v3_extku.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h v3_extku.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h v3_extku.o: ../../include/openssl/opensslconf.h v3_extku.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -v3_extku.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -v3_extku.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -v3_extku.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -v3_extku.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -v3_extku.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -v3_extku.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -v3_extku.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -v3_extku.o: ../../include/openssl/x509v3.h ../cryptlib.h v3_extku.c -v3_genn.o: ../../e_os.h ../../include/openssl/aes.h -v3_genn.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h -v3_genn.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -v3_genn.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -v3_genn.o: ../../include/openssl/cast.h ../../include/openssl/conf.h -v3_genn.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -v3_genn.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -v3_genn.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -v3_genn.o: ../../include/openssl/err.h ../../include/openssl/evp.h -v3_genn.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -v3_genn.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -v3_genn.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h +v3_extku.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h +v3_extku.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +v3_extku.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h +v3_extku.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h +v3_extku.o: ../cryptlib.h v3_extku.c +v3_genn.o: ../../e_os.h ../../include/openssl/asn1.h +v3_genn.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h +v3_genn.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h +v3_genn.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h +v3_genn.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h +v3_genn.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h +v3_genn.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h v3_genn.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h v3_genn.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h v3_genn.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h -v3_genn.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -v3_genn.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h -v3_genn.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -v3_genn.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -v3_genn.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -v3_genn.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h -v3_genn.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h -v3_genn.o: ../cryptlib.h v3_genn.c -v3_ia5.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h -v3_ia5.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -v3_ia5.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -v3_ia5.o: ../../include/openssl/cast.h ../../include/openssl/conf.h -v3_ia5.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -v3_ia5.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -v3_ia5.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -v3_ia5.o: ../../include/openssl/err.h ../../include/openssl/evp.h -v3_ia5.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -v3_ia5.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -v3_ia5.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h +v3_genn.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +v3_genn.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +v3_genn.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +v3_genn.o: ../../include/openssl/x509v3.h ../cryptlib.h v3_genn.c +v3_ia5.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h +v3_ia5.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h +v3_ia5.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h +v3_ia5.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h +v3_ia5.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h +v3_ia5.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h v3_ia5.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h v3_ia5.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h v3_ia5.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h -v3_ia5.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -v3_ia5.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h -v3_ia5.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -v3_ia5.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -v3_ia5.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -v3_ia5.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h -v3_ia5.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h -v3_ia5.o: ../cryptlib.h v3_ia5.c -v3_info.o: ../../e_os.h ../../include/openssl/aes.h -v3_info.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h -v3_info.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -v3_info.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -v3_info.o: ../../include/openssl/cast.h ../../include/openssl/conf.h -v3_info.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -v3_info.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -v3_info.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -v3_info.o: ../../include/openssl/err.h ../../include/openssl/evp.h -v3_info.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -v3_info.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -v3_info.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h +v3_ia5.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +v3_ia5.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +v3_ia5.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +v3_ia5.o: ../../include/openssl/x509v3.h ../cryptlib.h v3_ia5.c +v3_info.o: ../../e_os.h ../../include/openssl/asn1.h +v3_info.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h +v3_info.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h +v3_info.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h +v3_info.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h +v3_info.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h +v3_info.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h v3_info.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h v3_info.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h v3_info.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h -v3_info.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -v3_info.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h -v3_info.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -v3_info.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -v3_info.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -v3_info.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h -v3_info.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h -v3_info.o: ../cryptlib.h v3_info.c -v3_int.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h -v3_int.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -v3_int.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -v3_int.o: ../../include/openssl/cast.h ../../include/openssl/conf.h -v3_int.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -v3_int.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -v3_int.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -v3_int.o: ../../include/openssl/err.h ../../include/openssl/evp.h -v3_int.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -v3_int.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -v3_int.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h +v3_info.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +v3_info.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +v3_info.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +v3_info.o: ../../include/openssl/x509v3.h ../cryptlib.h v3_info.c +v3_int.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h +v3_int.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h +v3_int.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h +v3_int.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h +v3_int.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h +v3_int.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h v3_int.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h v3_int.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h v3_int.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h -v3_int.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -v3_int.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h -v3_int.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -v3_int.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -v3_int.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -v3_int.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h -v3_int.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h -v3_int.o: ../cryptlib.h v3_int.c -v3_lib.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h -v3_lib.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -v3_lib.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -v3_lib.o: ../../include/openssl/cast.h ../../include/openssl/conf.h -v3_lib.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -v3_lib.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -v3_lib.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -v3_lib.o: ../../include/openssl/err.h ../../include/openssl/evp.h -v3_lib.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -v3_lib.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -v3_lib.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h +v3_int.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +v3_int.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +v3_int.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +v3_int.o: ../../include/openssl/x509v3.h ../cryptlib.h v3_int.c +v3_lib.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h +v3_lib.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h +v3_lib.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h +v3_lib.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h +v3_lib.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h +v3_lib.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h v3_lib.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h v3_lib.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h v3_lib.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h -v3_lib.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -v3_lib.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h -v3_lib.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -v3_lib.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -v3_lib.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -v3_lib.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h -v3_lib.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h -v3_lib.o: ../cryptlib.h ext_dat.h v3_lib.c -v3_ocsp.o: ../../e_os.h ../../include/openssl/aes.h -v3_ocsp.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -v3_ocsp.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -v3_ocsp.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h +v3_lib.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +v3_lib.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +v3_lib.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +v3_lib.o: ../../include/openssl/x509v3.h ../cryptlib.h ext_dat.h v3_lib.c +v3_ncons.o: ../../e_os.h ../../include/openssl/asn1.h +v3_ncons.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h +v3_ncons.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h +v3_ncons.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h +v3_ncons.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h +v3_ncons.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h +v3_ncons.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h +v3_ncons.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h +v3_ncons.o: ../../include/openssl/opensslconf.h +v3_ncons.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +v3_ncons.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h +v3_ncons.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +v3_ncons.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h +v3_ncons.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h +v3_ncons.o: ../cryptlib.h v3_ncons.c +v3_ocsp.o: ../../e_os.h ../../include/openssl/asn1.h +v3_ocsp.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h v3_ocsp.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h -v3_ocsp.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -v3_ocsp.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -v3_ocsp.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -v3_ocsp.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -v3_ocsp.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -v3_ocsp.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -v3_ocsp.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h +v3_ocsp.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h +v3_ocsp.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h +v3_ocsp.o: ../../include/openssl/err.h ../../include/openssl/evp.h +v3_ocsp.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h v3_ocsp.o: ../../include/openssl/objects.h ../../include/openssl/ocsp.h v3_ocsp.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h v3_ocsp.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h -v3_ocsp.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -v3_ocsp.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h -v3_ocsp.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -v3_ocsp.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -v3_ocsp.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -v3_ocsp.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h -v3_ocsp.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h -v3_ocsp.o: ../cryptlib.h v3_ocsp.c -v3_pci.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h -v3_pci.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -v3_pci.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -v3_pci.o: ../../include/openssl/cast.h ../../include/openssl/conf.h -v3_pci.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -v3_pci.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -v3_pci.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -v3_pci.o: ../../include/openssl/err.h ../../include/openssl/evp.h -v3_pci.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -v3_pci.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -v3_pci.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h +v3_ocsp.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +v3_ocsp.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +v3_ocsp.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +v3_ocsp.o: ../../include/openssl/x509v3.h ../cryptlib.h v3_ocsp.c +v3_pci.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h +v3_pci.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h +v3_pci.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h +v3_pci.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h +v3_pci.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h +v3_pci.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h v3_pci.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h v3_pci.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h v3_pci.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h -v3_pci.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -v3_pci.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h -v3_pci.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -v3_pci.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -v3_pci.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -v3_pci.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h -v3_pci.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h -v3_pci.o: ../cryptlib.h v3_pci.c -v3_pcia.o: ../../include/openssl/aes.h ../../include/openssl/asn1.h -v3_pcia.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h -v3_pcia.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -v3_pcia.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h +v3_pci.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +v3_pci.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +v3_pci.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +v3_pci.o: ../../include/openssl/x509v3.h ../cryptlib.h v3_pci.c +v3_pcia.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h +v3_pcia.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h v3_pcia.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h -v3_pcia.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -v3_pcia.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -v3_pcia.o: ../../include/openssl/e_os2.h ../../include/openssl/evp.h -v3_pcia.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -v3_pcia.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -v3_pcia.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h +v3_pcia.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h +v3_pcia.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h +v3_pcia.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h v3_pcia.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h v3_pcia.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h v3_pcia.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h -v3_pcia.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -v3_pcia.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h -v3_pcia.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -v3_pcia.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -v3_pcia.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -v3_pcia.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h -v3_pcia.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h -v3_pcia.o: v3_pcia.c -v3_pku.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h +v3_pcia.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +v3_pcia.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +v3_pcia.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +v3_pcia.o: ../../include/openssl/x509v3.h v3_pcia.c +v3_pcons.o: ../../e_os.h ../../include/openssl/asn1.h +v3_pcons.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h +v3_pcons.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h +v3_pcons.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h +v3_pcons.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h +v3_pcons.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h +v3_pcons.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h +v3_pcons.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h +v3_pcons.o: ../../include/openssl/opensslconf.h +v3_pcons.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +v3_pcons.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h +v3_pcons.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +v3_pcons.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h +v3_pcons.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h +v3_pcons.o: ../cryptlib.h v3_pcons.c +v3_pku.o: ../../e_os.h ../../include/openssl/asn1.h v3_pku.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h -v3_pku.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -v3_pku.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -v3_pku.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h -v3_pku.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -v3_pku.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -v3_pku.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -v3_pku.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -v3_pku.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -v3_pku.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -v3_pku.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h -v3_pku.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -v3_pku.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -v3_pku.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -v3_pku.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -v3_pku.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h +v3_pku.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h +v3_pku.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h +v3_pku.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h +v3_pku.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h +v3_pku.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h +v3_pku.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h +v3_pku.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h +v3_pku.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h v3_pku.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h v3_pku.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -v3_pku.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h v3_pku.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h v3_pku.o: ../../include/openssl/x509v3.h ../cryptlib.h v3_pku.c -v3_prn.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h -v3_prn.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -v3_prn.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -v3_prn.o: ../../include/openssl/cast.h ../../include/openssl/conf.h -v3_prn.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -v3_prn.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -v3_prn.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -v3_prn.o: ../../include/openssl/err.h ../../include/openssl/evp.h -v3_prn.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -v3_prn.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -v3_prn.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h +v3_pmaps.o: ../../e_os.h ../../include/openssl/asn1.h +v3_pmaps.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h +v3_pmaps.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h +v3_pmaps.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h +v3_pmaps.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h +v3_pmaps.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h +v3_pmaps.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h +v3_pmaps.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h +v3_pmaps.o: ../../include/openssl/opensslconf.h +v3_pmaps.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +v3_pmaps.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h +v3_pmaps.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +v3_pmaps.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h +v3_pmaps.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h +v3_pmaps.o: ../cryptlib.h v3_pmaps.c +v3_prn.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h +v3_prn.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h +v3_prn.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h +v3_prn.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h +v3_prn.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h +v3_prn.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h v3_prn.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h v3_prn.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h v3_prn.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h -v3_prn.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -v3_prn.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h -v3_prn.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -v3_prn.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -v3_prn.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -v3_prn.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h -v3_prn.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h -v3_prn.o: ../cryptlib.h v3_prn.c -v3_purp.o: ../../e_os.h ../../include/openssl/aes.h -v3_purp.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -v3_purp.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -v3_purp.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h +v3_prn.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +v3_prn.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +v3_prn.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +v3_prn.o: ../../include/openssl/x509v3.h ../cryptlib.h v3_prn.c +v3_purp.o: ../../e_os.h ../../include/openssl/asn1.h +v3_purp.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h v3_purp.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h -v3_purp.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -v3_purp.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -v3_purp.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -v3_purp.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -v3_purp.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -v3_purp.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -v3_purp.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h +v3_purp.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h +v3_purp.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h +v3_purp.o: ../../include/openssl/err.h ../../include/openssl/evp.h +v3_purp.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h v3_purp.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h v3_purp.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -v3_purp.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -v3_purp.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -v3_purp.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -v3_purp.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -v3_purp.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -v3_purp.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -v3_purp.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -v3_purp.o: ../../include/openssl/x509v3.h ../cryptlib.h v3_purp.c -v3_skey.o: ../../e_os.h ../../include/openssl/aes.h -v3_skey.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -v3_skey.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -v3_skey.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h +v3_purp.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h +v3_purp.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +v3_purp.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h +v3_purp.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h +v3_purp.o: ../cryptlib.h v3_purp.c +v3_skey.o: ../../e_os.h ../../include/openssl/asn1.h +v3_skey.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h v3_skey.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h -v3_skey.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -v3_skey.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -v3_skey.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -v3_skey.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -v3_skey.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -v3_skey.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -v3_skey.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h +v3_skey.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h +v3_skey.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h +v3_skey.o: ../../include/openssl/err.h ../../include/openssl/evp.h +v3_skey.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h v3_skey.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h v3_skey.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -v3_skey.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -v3_skey.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -v3_skey.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -v3_skey.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -v3_skey.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -v3_skey.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -v3_skey.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -v3_skey.o: ../../include/openssl/x509v3.h ../cryptlib.h v3_skey.c -v3_sxnet.o: ../../e_os.h ../../include/openssl/aes.h -v3_sxnet.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h -v3_sxnet.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -v3_sxnet.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -v3_sxnet.o: ../../include/openssl/cast.h ../../include/openssl/conf.h -v3_sxnet.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -v3_sxnet.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -v3_sxnet.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -v3_sxnet.o: ../../include/openssl/err.h ../../include/openssl/evp.h -v3_sxnet.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -v3_sxnet.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -v3_sxnet.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h +v3_skey.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h +v3_skey.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +v3_skey.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h +v3_skey.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h +v3_skey.o: ../cryptlib.h v3_skey.c +v3_sxnet.o: ../../e_os.h ../../include/openssl/asn1.h +v3_sxnet.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h +v3_sxnet.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h +v3_sxnet.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h +v3_sxnet.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h +v3_sxnet.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h +v3_sxnet.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h v3_sxnet.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h v3_sxnet.o: ../../include/openssl/opensslconf.h v3_sxnet.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -v3_sxnet.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -v3_sxnet.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -v3_sxnet.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -v3_sxnet.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -v3_sxnet.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -v3_sxnet.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -v3_sxnet.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -v3_sxnet.o: ../../include/openssl/x509v3.h ../cryptlib.h v3_sxnet.c -v3_utl.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h -v3_utl.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h +v3_sxnet.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h +v3_sxnet.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +v3_sxnet.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h +v3_sxnet.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h +v3_sxnet.o: ../cryptlib.h v3_sxnet.c +v3_utl.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h v3_utl.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -v3_utl.o: ../../include/openssl/cast.h ../../include/openssl/conf.h -v3_utl.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -v3_utl.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -v3_utl.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h +v3_utl.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h +v3_utl.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h +v3_utl.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h v3_utl.o: ../../include/openssl/err.h ../../include/openssl/evp.h -v3_utl.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -v3_utl.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -v3_utl.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h -v3_utl.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -v3_utl.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -v3_utl.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h -v3_utl.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -v3_utl.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h -v3_utl.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h +v3_utl.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h +v3_utl.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h +v3_utl.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +v3_utl.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h v3_utl.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -v3_utl.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -v3_utl.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h +v3_utl.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h v3_utl.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h v3_utl.o: ../cryptlib.h v3_utl.c -v3err.o: ../../include/openssl/aes.h ../../include/openssl/asn1.h -v3err.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -v3err.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -v3err.o: ../../include/openssl/cast.h ../../include/openssl/conf.h -v3err.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -v3err.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -v3err.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -v3err.o: ../../include/openssl/err.h ../../include/openssl/evp.h -v3err.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -v3err.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -v3err.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h +v3err.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h +v3err.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h +v3err.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h +v3err.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h +v3err.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h +v3err.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h v3err.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h v3err.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h v3err.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h -v3err.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -v3err.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h -v3err.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -v3err.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -v3err.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -v3err.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h -v3err.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h -v3err.o: v3err.c +v3err.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +v3err.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +v3err.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +v3err.o: ../../include/openssl/x509v3.h v3err.c diff --git a/src/lib/libssl/src/crypto/x509v3/ext_dat.h b/src/lib/libssl/src/crypto/x509v3/ext_dat.h index d8328ac468..5c063ac65d 100644 --- a/src/lib/libssl/src/crypto/x509v3/ext_dat.h +++ b/src/lib/libssl/src/crypto/x509v3/ext_dat.h @@ -65,6 +65,11 @@ extern X509V3_EXT_METHOD v3_delta_crl, v3_cpols, v3_crld; extern X509V3_EXT_METHOD v3_ocsp_nonce, v3_ocsp_accresp, v3_ocsp_acutoff; extern X509V3_EXT_METHOD v3_ocsp_crlid, v3_ocsp_nocheck, v3_ocsp_serviceloc; extern X509V3_EXT_METHOD v3_crl_hold, v3_pci; +extern X509V3_EXT_METHOD v3_policy_mappings, v3_policy_constraints; +extern X509V3_EXT_METHOD v3_name_constraints, v3_inhibit_anyp; +#ifndef OPENSSL_NO_RFC3779 +extern X509V3_EXT_METHOD v3_addr, v3_asid; +#endif /* This table will be searched using OBJ_bsearch so it *must* kept in * order of the ext_nid values. @@ -97,6 +102,10 @@ static X509V3_EXT_METHOD *standard_exts[] = { #endif &v3_sxnet, &v3_info, +#ifndef OPENSSL_NO_RFC3779 +&v3_addr, +&v3_asid, +#endif #ifndef OPENSSL_NO_OCSP &v3_ocsp_nonce, &v3_ocsp_crlid, @@ -106,10 +115,14 @@ static X509V3_EXT_METHOD *standard_exts[] = { &v3_ocsp_serviceloc, #endif &v3_sinfo, +&v3_policy_constraints, #ifndef OPENSSL_NO_OCSP &v3_crl_hold, #endif &v3_pci, +&v3_name_constraints, +&v3_policy_mappings, +&v3_inhibit_anyp }; /* Number of standard extensions */ diff --git a/src/lib/libssl/src/crypto/x509v3/v3_akey.c b/src/lib/libssl/src/crypto/x509v3/v3_akey.c index 97e686f97a..ac0548b775 100644 --- a/src/lib/libssl/src/crypto/x509v3/v3_akey.c +++ b/src/lib/libssl/src/crypto/x509v3/v3_akey.c @@ -68,15 +68,17 @@ static STACK_OF(CONF_VALUE) *i2v_AUTHORITY_KEYID(X509V3_EXT_METHOD *method, static AUTHORITY_KEYID *v2i_AUTHORITY_KEYID(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *values); -X509V3_EXT_METHOD v3_akey_id = { -NID_authority_key_identifier, X509V3_EXT_MULTILINE, ASN1_ITEM_ref(AUTHORITY_KEYID), -0,0,0,0, -0,0, -(X509V3_EXT_I2V)i2v_AUTHORITY_KEYID, -(X509V3_EXT_V2I)v2i_AUTHORITY_KEYID, -0,0, -NULL -}; +const X509V3_EXT_METHOD v3_akey_id = + { + NID_authority_key_identifier, + X509V3_EXT_MULTILINE, ASN1_ITEM_ref(AUTHORITY_KEYID), + 0,0,0,0, + 0,0, + (X509V3_EXT_I2V)i2v_AUTHORITY_KEYID, + (X509V3_EXT_V2I)v2i_AUTHORITY_KEYID, + 0,0, + NULL + }; static STACK_OF(CONF_VALUE) *i2v_AUTHORITY_KEYID(X509V3_EXT_METHOD *method, AUTHORITY_KEYID *akeyid, STACK_OF(CONF_VALUE) *extlist) @@ -108,83 +110,99 @@ static STACK_OF(CONF_VALUE) *i2v_AUTHORITY_KEYID(X509V3_EXT_METHOD *method, static AUTHORITY_KEYID *v2i_AUTHORITY_KEYID(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *values) -{ -char keyid=0, issuer=0; -int i; -CONF_VALUE *cnf; -ASN1_OCTET_STRING *ikeyid = NULL; -X509_NAME *isname = NULL; -GENERAL_NAMES * gens = NULL; -GENERAL_NAME *gen = NULL; -ASN1_INTEGER *serial = NULL; -X509_EXTENSION *ext; -X509 *cert; -AUTHORITY_KEYID *akeyid; -for(i = 0; i < sk_CONF_VALUE_num(values); i++) { - cnf = sk_CONF_VALUE_value(values, i); - if(!strcmp(cnf->name, "keyid")) { - keyid = 1; - if(cnf->value && !strcmp(cnf->value, "always")) keyid = 2; - } else if(!strcmp(cnf->name, "issuer")) { - issuer = 1; - if(cnf->value && !strcmp(cnf->value, "always")) issuer = 2; - } else { - X509V3err(X509V3_F_V2I_AUTHORITY_KEYID,X509V3_R_UNKNOWN_OPTION); - ERR_add_error_data(2, "name=", cnf->name); + { + char keyid=0, issuer=0; + int i; + CONF_VALUE *cnf; + ASN1_OCTET_STRING *ikeyid = NULL; + X509_NAME *isname = NULL; + GENERAL_NAMES * gens = NULL; + GENERAL_NAME *gen = NULL; + ASN1_INTEGER *serial = NULL; + X509_EXTENSION *ext; + X509 *cert; + AUTHORITY_KEYID *akeyid; + + for(i = 0; i < sk_CONF_VALUE_num(values); i++) + { + cnf = sk_CONF_VALUE_value(values, i); + if(!strcmp(cnf->name, "keyid")) + { + keyid = 1; + if(cnf->value && !strcmp(cnf->value, "always")) + keyid = 2; + } + else if(!strcmp(cnf->name, "issuer")) + { + issuer = 1; + if(cnf->value && !strcmp(cnf->value, "always")) + issuer = 2; + } + else + { + X509V3err(X509V3_F_V2I_AUTHORITY_KEYID,X509V3_R_UNKNOWN_OPTION); + ERR_add_error_data(2, "name=", cnf->name); + return NULL; + } + } + + if(!ctx || !ctx->issuer_cert) + { + if(ctx && (ctx->flags==CTX_TEST)) + return AUTHORITY_KEYID_new(); + X509V3err(X509V3_F_V2I_AUTHORITY_KEYID,X509V3_R_NO_ISSUER_CERTIFICATE); return NULL; - } -} - -if(!ctx || !ctx->issuer_cert) { - if(ctx && (ctx->flags==CTX_TEST)) return AUTHORITY_KEYID_new(); - X509V3err(X509V3_F_V2I_AUTHORITY_KEYID,X509V3_R_NO_ISSUER_CERTIFICATE); + } + + cert = ctx->issuer_cert; + + if(keyid) + { + i = X509_get_ext_by_NID(cert, NID_subject_key_identifier, -1); + if((i >= 0) && (ext = X509_get_ext(cert, i))) + ikeyid = X509V3_EXT_d2i(ext); + if(keyid==2 && !ikeyid) + { + X509V3err(X509V3_F_V2I_AUTHORITY_KEYID,X509V3_R_UNABLE_TO_GET_ISSUER_KEYID); + return NULL; + } + } + + if((issuer && !ikeyid) || (issuer == 2)) + { + isname = X509_NAME_dup(X509_get_issuer_name(cert)); + serial = M_ASN1_INTEGER_dup(X509_get_serialNumber(cert)); + if(!isname || !serial) + { + X509V3err(X509V3_F_V2I_AUTHORITY_KEYID,X509V3_R_UNABLE_TO_GET_ISSUER_DETAILS); + goto err; + } + } + + if(!(akeyid = AUTHORITY_KEYID_new())) goto err; + + if(isname) + { + if(!(gens = sk_GENERAL_NAME_new_null()) + || !(gen = GENERAL_NAME_new()) + || !sk_GENERAL_NAME_push(gens, gen)) + { + X509V3err(X509V3_F_V2I_AUTHORITY_KEYID,ERR_R_MALLOC_FAILURE); + goto err; + } + gen->type = GEN_DIRNAME; + gen->d.dirn = isname; + } + + akeyid->issuer = gens; + akeyid->serial = serial; + akeyid->keyid = ikeyid; + + return akeyid; + + err: + X509_NAME_free(isname); + M_ASN1_INTEGER_free(serial); + M_ASN1_OCTET_STRING_free(ikeyid); return NULL; -} - -cert = ctx->issuer_cert; - -if(keyid) { - i = X509_get_ext_by_NID(cert, NID_subject_key_identifier, -1); - if((i >= 0) && (ext = X509_get_ext(cert, i))) - ikeyid = X509V3_EXT_d2i(ext); - if(keyid==2 && !ikeyid) { - X509V3err(X509V3_F_V2I_AUTHORITY_KEYID,X509V3_R_UNABLE_TO_GET_ISSUER_KEYID); - return NULL; - } -} - -if((issuer && !ikeyid) || (issuer == 2)) { - isname = X509_NAME_dup(X509_get_issuer_name(cert)); - serial = M_ASN1_INTEGER_dup(X509_get_serialNumber(cert)); - if(!isname || !serial) { - X509V3err(X509V3_F_V2I_AUTHORITY_KEYID,X509V3_R_UNABLE_TO_GET_ISSUER_DETAILS); - goto err; } -} - -if(!(akeyid = AUTHORITY_KEYID_new())) goto err; - -if(isname) { - if(!(gens = sk_GENERAL_NAME_new_null()) || !(gen = GENERAL_NAME_new()) - || !sk_GENERAL_NAME_push(gens, gen)) { - X509V3err(X509V3_F_V2I_AUTHORITY_KEYID,ERR_R_MALLOC_FAILURE); - goto err; - } - gen->type = GEN_DIRNAME; - gen->d.dirn = isname; -} - -akeyid->issuer = gens; -akeyid->serial = serial; -akeyid->keyid = ikeyid; - -return akeyid; - -err: -X509_NAME_free(isname); -M_ASN1_INTEGER_free(serial); -M_ASN1_OCTET_STRING_free(ikeyid); -return NULL; - -} - diff --git a/src/lib/libssl/src/crypto/x509v3/v3_alt.c b/src/lib/libssl/src/crypto/x509v3/v3_alt.c index 58b935a3b6..bb2f5bc54e 100644 --- a/src/lib/libssl/src/crypto/x509v3/v3_alt.c +++ b/src/lib/libssl/src/crypto/x509v3/v3_alt.c @@ -1,9 +1,9 @@ /* v3_alt.c */ /* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL - * project 1999. + * project. */ /* ==================================================================== - * Copyright (c) 1999 The OpenSSL Project. All rights reserved. + * Copyright (c) 1999-2003 The OpenSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -65,7 +65,10 @@ static GENERAL_NAMES *v2i_subject_alt(X509V3_EXT_METHOD *method, X509V3_CTX *ctx static GENERAL_NAMES *v2i_issuer_alt(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval); static int copy_email(X509V3_CTX *ctx, GENERAL_NAMES *gens, int move_p); static int copy_issuer(X509V3_CTX *ctx, GENERAL_NAMES *gens); -X509V3_EXT_METHOD v3_alt[] = { +static int do_othername(GENERAL_NAME *gen, char *value, X509V3_CTX *ctx); +static int do_dirname(GENERAL_NAME *gen, char *value, X509V3_CTX *ctx); + +const X509V3_EXT_METHOD v3_alt[] = { { NID_subject_alt_name, 0, ASN1_ITEM_ref(GENERAL_NAMES), 0,0,0,0, 0,0, @@ -98,7 +101,8 @@ STACK_OF(CONF_VALUE) *i2v_GENERAL_NAME(X509V3_EXT_METHOD *method, GENERAL_NAME *gen, STACK_OF(CONF_VALUE) *ret) { unsigned char *p; - char oline[256]; + char oline[256], htmp[5]; + int i; switch (gen->type) { case GEN_OTHERNAME: @@ -132,13 +136,27 @@ STACK_OF(CONF_VALUE) *i2v_GENERAL_NAME(X509V3_EXT_METHOD *method, case GEN_IPADD: p = gen->d.ip->data; - /* BUG: doesn't support IPV6 */ - if(gen->d.ip->length != 4) { + if(gen->d.ip->length == 4) + BIO_snprintf(oline, sizeof oline, + "%d.%d.%d.%d", p[0], p[1], p[2], p[3]); + else if(gen->d.ip->length == 16) + { + oline[0] = 0; + for (i = 0; i < 8; i++) + { + BIO_snprintf(htmp, sizeof htmp, + "%X", p[0] << 8 | p[1]); + p += 2; + strcat(oline, htmp); + if (i != 7) + strcat(oline, ":"); + } + } + else + { X509V3_add_value("IP Address","", &ret); break; - } - BIO_snprintf(oline, sizeof oline, - "%d.%d.%d.%d", p[0], p[1], p[2], p[3]); + } X509V3_add_value("IP Address",oline, &ret); break; @@ -153,6 +171,7 @@ STACK_OF(CONF_VALUE) *i2v_GENERAL_NAME(X509V3_EXT_METHOD *method, int GENERAL_NAME_print(BIO *out, GENERAL_NAME *gen) { unsigned char *p; + int i; switch (gen->type) { case GEN_OTHERNAME: @@ -187,12 +206,24 @@ int GENERAL_NAME_print(BIO *out, GENERAL_NAME *gen) case GEN_IPADD: p = gen->d.ip->data; - /* BUG: doesn't support IPV6 */ - if(gen->d.ip->length != 4) { + if(gen->d.ip->length == 4) + BIO_printf(out, "IP Address:%d.%d.%d.%d", + p[0], p[1], p[2], p[3]); + else if(gen->d.ip->length == 16) + { + BIO_printf(out, "IP Address"); + for (i = 0; i < 8; i++) + { + BIO_printf(out, ":%X", p[0] << 8 | p[1]); + p += 2; + } + BIO_puts(out, "\n"); + } + else + { BIO_printf(out,"IP Address:"); break; - } - BIO_printf(out, "IP Address:%d.%d.%d.%d", p[0], p[1], p[2], p[3]); + } break; case GEN_RID: @@ -210,7 +241,7 @@ static GENERAL_NAMES *v2i_issuer_alt(X509V3_EXT_METHOD *method, CONF_VALUE *cnf; int i; if(!(gens = sk_GENERAL_NAME_new_null())) { - X509V3err(X509V3_F_V2I_GENERAL_NAMES,ERR_R_MALLOC_FAILURE); + X509V3err(X509V3_F_V2I_ISSUER_ALT,ERR_R_MALLOC_FAILURE); return NULL; } for(i = 0; i < sk_CONF_VALUE_num(nval); i++) { @@ -275,7 +306,7 @@ static GENERAL_NAMES *v2i_subject_alt(X509V3_EXT_METHOD *method, CONF_VALUE *cnf; int i; if(!(gens = sk_GENERAL_NAME_new_null())) { - X509V3err(X509V3_F_V2I_GENERAL_NAMES,ERR_R_MALLOC_FAILURE); + X509V3err(X509V3_F_V2I_SUBJECT_ALT,ERR_R_MALLOC_FAILURE); return NULL; } for(i = 0; i < sk_CONF_VALUE_num(nval); i++) { @@ -310,7 +341,8 @@ static int copy_email(X509V3_CTX *ctx, GENERAL_NAMES *gens, int move_p) X509_NAME_ENTRY *ne; GENERAL_NAME *gen = NULL; int i; - if(ctx->flags == CTX_TEST) return 1; + if(ctx != NULL && ctx->flags == CTX_TEST) + return 1; if(!ctx || (!ctx->subject_cert && !ctx->subject_req)) { X509V3err(X509V3_F_COPY_EMAIL,X509V3_R_NO_SUBJECT_DETAILS); goto err; @@ -378,81 +410,172 @@ GENERAL_NAMES *v2i_GENERAL_NAMES(X509V3_EXT_METHOD *method, GENERAL_NAME *v2i_GENERAL_NAME(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, CONF_VALUE *cnf) -{ -char is_string = 0; -int type; -GENERAL_NAME *gen = NULL; + { + return v2i_GENERAL_NAME_ex(NULL, method, ctx, cnf, 0); + } -char *name, *value; +GENERAL_NAME *v2i_GENERAL_NAME_ex(GENERAL_NAME *out, + X509V3_EXT_METHOD *method, X509V3_CTX *ctx, + CONF_VALUE *cnf, int is_nc) + { + char is_string = 0; + int type; + GENERAL_NAME *gen = NULL; -name = cnf->name; -value = cnf->value; + char *name, *value; -if(!value) { - X509V3err(X509V3_F_V2I_GENERAL_NAME,X509V3_R_MISSING_VALUE); - return NULL; -} + name = cnf->name; + value = cnf->value; -if(!(gen = GENERAL_NAME_new())) { - X509V3err(X509V3_F_V2I_GENERAL_NAME,ERR_R_MALLOC_FAILURE); - return NULL; -} + if(!value) + { + X509V3err(X509V3_F_V2I_GENERAL_NAME_EX,X509V3_R_MISSING_VALUE); + return NULL; + } -if(!name_cmp(name, "email")) { - is_string = 1; - type = GEN_EMAIL; -} else if(!name_cmp(name, "URI")) { - is_string = 1; - type = GEN_URI; -} else if(!name_cmp(name, "DNS")) { - is_string = 1; - type = GEN_DNS; -} else if(!name_cmp(name, "RID")) { - ASN1_OBJECT *obj; - if(!(obj = OBJ_txt2obj(value,0))) { - X509V3err(X509V3_F_V2I_GENERAL_NAME,X509V3_R_BAD_OBJECT); - ERR_add_error_data(2, "value=", value); - goto err; - } - gen->d.rid = obj; - type = GEN_RID; -} else if(!name_cmp(name, "IP")) { - int i1,i2,i3,i4; - unsigned char ip[4]; - if((sscanf(value, "%d.%d.%d.%d",&i1,&i2,&i3,&i4) != 4) || - (i1 < 0) || (i1 > 255) || (i2 < 0) || (i2 > 255) || - (i3 < 0) || (i3 > 255) || (i4 < 0) || (i4 > 255) ) { - X509V3err(X509V3_F_V2I_GENERAL_NAME,X509V3_R_BAD_IP_ADDRESS); - ERR_add_error_data(2, "value=", value); + if (out) + gen = out; + else + { + gen = GENERAL_NAME_new(); + if(gen == NULL) + { + X509V3err(X509V3_F_V2I_GENERAL_NAME_EX,ERR_R_MALLOC_FAILURE); + return NULL; + } + } + + if(!name_cmp(name, "email")) + { + is_string = 1; + type = GEN_EMAIL; + } + else if(!name_cmp(name, "URI")) + { + is_string = 1; + type = GEN_URI; + } + else if(!name_cmp(name, "DNS")) + { + is_string = 1; + type = GEN_DNS; + } + else if(!name_cmp(name, "RID")) + { + ASN1_OBJECT *obj; + if(!(obj = OBJ_txt2obj(value,0))) + { + X509V3err(X509V3_F_V2I_GENERAL_NAME_EX,X509V3_R_BAD_OBJECT); + ERR_add_error_data(2, "value=", value); + goto err; + } + gen->d.rid = obj; + type = GEN_RID; + } + else if(!name_cmp(name, "IP")) + { + if (is_nc) + gen->d.ip = a2i_IPADDRESS_NC(value); + else + gen->d.ip = a2i_IPADDRESS(value); + if(gen->d.ip == NULL) + { + X509V3err(X509V3_F_V2I_GENERAL_NAME_EX,X509V3_R_BAD_IP_ADDRESS); + ERR_add_error_data(2, "value=", value); + goto err; + } + type = GEN_IPADD; + } + else if(!name_cmp(name, "dirName")) + { + type = GEN_DIRNAME; + if (!do_dirname(gen, value, ctx)) + { + X509V3err(X509V3_F_V2I_GENERAL_NAME_EX,X509V3_R_DIRNAME_ERROR); + goto err; + } + } + else if(!name_cmp(name, "otherName")) + { + if (!do_othername(gen, value, ctx)) + { + X509V3err(X509V3_F_V2I_GENERAL_NAME_EX,X509V3_R_OTHERNAME_ERROR); + goto err; + } + type = GEN_OTHERNAME; + } + else + { + X509V3err(X509V3_F_V2I_GENERAL_NAME_EX,X509V3_R_UNSUPPORTED_OPTION); + ERR_add_error_data(2, "name=", name); goto err; - } - ip[0] = i1; ip[1] = i2 ; ip[2] = i3 ; ip[3] = i4; - if(!(gen->d.ip = M_ASN1_OCTET_STRING_new()) || - !ASN1_STRING_set(gen->d.ip, ip, 4)) { - X509V3err(X509V3_F_V2I_GENERAL_NAME,ERR_R_MALLOC_FAILURE); + } + + if(is_string) + { + if(!(gen->d.ia5 = M_ASN1_IA5STRING_new()) || + !ASN1_STRING_set(gen->d.ia5, (unsigned char*)value, + strlen(value))) + { + X509V3err(X509V3_F_V2I_GENERAL_NAME_EX,ERR_R_MALLOC_FAILURE); goto err; - } - type = GEN_IPADD; -} else { - X509V3err(X509V3_F_V2I_GENERAL_NAME,X509V3_R_UNSUPPORTED_OPTION); - ERR_add_error_data(2, "name=", name); - goto err; -} + } + } -if(is_string) { - if(!(gen->d.ia5 = M_ASN1_IA5STRING_new()) || - !ASN1_STRING_set(gen->d.ia5, (unsigned char*)value, - strlen(value))) { - X509V3err(X509V3_F_V2I_GENERAL_NAME,ERR_R_MALLOC_FAILURE); - goto err; - } -} + gen->type = type; + + return gen; -gen->type = type; + err: + GENERAL_NAME_free(gen); + return NULL; + } -return gen; +static int do_othername(GENERAL_NAME *gen, char *value, X509V3_CTX *ctx) + { + char *objtmp = NULL, *p; + int objlen; + if (!(p = strchr(value, ';'))) + return 0; + if (!(gen->d.otherName = OTHERNAME_new())) + return 0; + /* Free this up because we will overwrite it. + * no need to free type_id because it is static + */ + ASN1_TYPE_free(gen->d.otherName->value); + if (!(gen->d.otherName->value = ASN1_generate_v3(p + 1, ctx))) + return 0; + objlen = p - value; + objtmp = OPENSSL_malloc(objlen + 1); + strncpy(objtmp, value, objlen); + objtmp[objlen] = 0; + gen->d.otherName->type_id = OBJ_txt2obj(objtmp, 0); + OPENSSL_free(objtmp); + if (!gen->d.otherName->type_id) + return 0; + return 1; + } -err: -GENERAL_NAME_free(gen); -return NULL; -} +static int do_dirname(GENERAL_NAME *gen, char *value, X509V3_CTX *ctx) + { + int ret; + STACK_OF(CONF_VALUE) *sk; + X509_NAME *nm; + if (!(nm = X509_NAME_new())) + return 0; + sk = X509V3_get_section(ctx, value); + if (!sk) + { + X509V3err(X509V3_F_DO_DIRNAME,X509V3_R_SECTION_NOT_FOUND); + ERR_add_error_data(2, "section=", value); + X509_NAME_free(nm); + return 0; + } + /* FIXME: should allow other character types... */ + ret = X509V3_NAME_from_section(nm, sk, MBSTRING_ASC); + if (!ret) + X509_NAME_free(nm); + gen->d.dirn = nm; + + return ret; + } diff --git a/src/lib/libssl/src/crypto/x509v3/v3_bcons.c b/src/lib/libssl/src/crypto/x509v3/v3_bcons.c index cbb012715e..74b1233071 100644 --- a/src/lib/libssl/src/crypto/x509v3/v3_bcons.c +++ b/src/lib/libssl/src/crypto/x509v3/v3_bcons.c @@ -67,7 +67,7 @@ static STACK_OF(CONF_VALUE) *i2v_BASIC_CONSTRAINTS(X509V3_EXT_METHOD *method, BASIC_CONSTRAINTS *bcons, STACK_OF(CONF_VALUE) *extlist); static BASIC_CONSTRAINTS *v2i_BASIC_CONSTRAINTS(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *values); -X509V3_EXT_METHOD v3_bcons = { +const X509V3_EXT_METHOD v3_bcons = { NID_basic_constraints, 0, ASN1_ITEM_ref(BASIC_CONSTRAINTS), 0,0,0,0, diff --git a/src/lib/libssl/src/crypto/x509v3/v3_bitst.c b/src/lib/libssl/src/crypto/x509v3/v3_bitst.c index 274965306d..cf31f0816e 100644 --- a/src/lib/libssl/src/crypto/x509v3/v3_bitst.c +++ b/src/lib/libssl/src/crypto/x509v3/v3_bitst.c @@ -61,12 +61,6 @@ #include #include -static ASN1_BIT_STRING *v2i_ASN1_BIT_STRING(X509V3_EXT_METHOD *method, - X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval); -static STACK_OF(CONF_VALUE) *i2v_ASN1_BIT_STRING(X509V3_EXT_METHOD *method, - ASN1_BIT_STRING *bits, - STACK_OF(CONF_VALUE) *extlist); - static BIT_STRING_BITNAME ns_cert_type_table[] = { {0, "SSL Client", "client"}, {1, "SSL Server", "server"}, @@ -94,10 +88,10 @@ static BIT_STRING_BITNAME key_usage_type_table[] = { -X509V3_EXT_METHOD v3_nscert = EXT_BITSTRING(NID_netscape_cert_type, ns_cert_type_table); -X509V3_EXT_METHOD v3_key_usage = EXT_BITSTRING(NID_key_usage, key_usage_type_table); +const X509V3_EXT_METHOD v3_nscert = EXT_BITSTRING(NID_netscape_cert_type, ns_cert_type_table); +const X509V3_EXT_METHOD v3_key_usage = EXT_BITSTRING(NID_key_usage, key_usage_type_table); -static STACK_OF(CONF_VALUE) *i2v_ASN1_BIT_STRING(X509V3_EXT_METHOD *method, +STACK_OF(CONF_VALUE) *i2v_ASN1_BIT_STRING(X509V3_EXT_METHOD *method, ASN1_BIT_STRING *bits, STACK_OF(CONF_VALUE) *ret) { BIT_STRING_BITNAME *bnam; @@ -108,7 +102,7 @@ static STACK_OF(CONF_VALUE) *i2v_ASN1_BIT_STRING(X509V3_EXT_METHOD *method, return ret; } -static ASN1_BIT_STRING *v2i_ASN1_BIT_STRING(X509V3_EXT_METHOD *method, +ASN1_BIT_STRING *v2i_ASN1_BIT_STRING(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval) { CONF_VALUE *val; diff --git a/src/lib/libssl/src/crypto/x509v3/v3_conf.c b/src/lib/libssl/src/crypto/x509v3/v3_conf.c index 1284d5aaa5..2b867305fb 100644 --- a/src/lib/libssl/src/crypto/x509v3/v3_conf.c +++ b/src/lib/libssl/src/crypto/x509v3/v3_conf.c @@ -3,7 +3,7 @@ * project 1999. */ /* ==================================================================== - * Copyright (c) 1999 The OpenSSL Project. All rights reserved. + * Copyright (c) 1999-2002 The OpenSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -69,11 +69,12 @@ static int v3_check_critical(char **value); static int v3_check_generic(char **value); static X509_EXTENSION *do_ext_nconf(CONF *conf, X509V3_CTX *ctx, int ext_nid, int crit, char *value); -static X509_EXTENSION *v3_generic_extension(const char *ext, char *value, int crit, int type); +static X509_EXTENSION *v3_generic_extension(const char *ext, char *value, int crit, int type, X509V3_CTX *ctx); static char *conf_lhash_get_string(void *db, char *section, char *value); static STACK_OF(CONF_VALUE) *conf_lhash_get_section(void *db, char *section); static X509_EXTENSION *do_ext_i2d(X509V3_EXT_METHOD *method, int ext_nid, int crit, void *ext_struc); +static unsigned char *generic_asn1(char *value, X509V3_CTX *ctx, long *ext_len); /* CONF *conf: Config file */ /* char *name: Name */ /* char *value: Value */ @@ -85,11 +86,11 @@ X509_EXTENSION *X509V3_EXT_nconf(CONF *conf, X509V3_CTX *ctx, char *name, X509_EXTENSION *ret; crit = v3_check_critical(&value); if ((ext_type = v3_check_generic(&value))) - return v3_generic_extension(name, value, crit, ext_type); + return v3_generic_extension(name, value, crit, ext_type, ctx); ret = do_ext_nconf(conf, ctx, OBJ_sn2nid(name), crit, value); if (!ret) { - X509V3err(X509V3_F_X509V3_EXT_CONF,X509V3_R_ERROR_IN_EXTENSION); + X509V3err(X509V3_F_X509V3_EXT_NCONF,X509V3_R_ERROR_IN_EXTENSION); ERR_add_error_data(4,"name=", name, ", value=", value); } return ret; @@ -105,7 +106,7 @@ X509_EXTENSION *X509V3_EXT_nconf_nid(CONF *conf, X509V3_CTX *ctx, int ext_nid, crit = v3_check_critical(&value); if ((ext_type = v3_check_generic(&value))) return v3_generic_extension(OBJ_nid2sn(ext_nid), - value, crit, ext_type); + value, crit, ext_type, ctx); return do_ext_nconf(conf, ctx, ext_nid, crit, value); } @@ -120,12 +121,12 @@ static X509_EXTENSION *do_ext_nconf(CONF *conf, X509V3_CTX *ctx, int ext_nid, void *ext_struc; if (ext_nid == NID_undef) { - X509V3err(X509V3_F_DO_EXT_CONF,X509V3_R_UNKNOWN_EXTENSION_NAME); + X509V3err(X509V3_F_DO_EXT_NCONF,X509V3_R_UNKNOWN_EXTENSION_NAME); return NULL; } if (!(method = X509V3_EXT_get_nid(ext_nid))) { - X509V3err(X509V3_F_DO_EXT_CONF,X509V3_R_UNKNOWN_EXTENSION); + X509V3err(X509V3_F_DO_EXT_NCONF,X509V3_R_UNKNOWN_EXTENSION); return NULL; } /* Now get internal extension representation based on type */ @@ -133,9 +134,9 @@ static X509_EXTENSION *do_ext_nconf(CONF *conf, X509V3_CTX *ctx, int ext_nid, { if(*value == '@') nval = NCONF_get_section(conf, value + 1); else nval = X509V3_parse_list(value); - if(!nval) + if(sk_CONF_VALUE_num(nval) <= 0) { - X509V3err(X509V3_F_X509V3_EXT_CONF,X509V3_R_INVALID_EXTENSION_STRING); + X509V3err(X509V3_F_DO_EXT_NCONF,X509V3_R_INVALID_EXTENSION_STRING); ERR_add_error_data(4, "name=", OBJ_nid2sn(ext_nid), ",section=", value); return NULL; } @@ -150,16 +151,16 @@ static X509_EXTENSION *do_ext_nconf(CONF *conf, X509V3_CTX *ctx, int ext_nid, } else if(method->r2i) { - if(!ctx->db) + if(!ctx->db || !ctx->db_meth) { - X509V3err(X509V3_F_X509V3_EXT_CONF,X509V3_R_NO_CONFIG_DATABASE); + X509V3err(X509V3_F_DO_EXT_NCONF,X509V3_R_NO_CONFIG_DATABASE); return NULL; } if(!(ext_struc = method->r2i(method, ctx, value))) return NULL; } else { - X509V3err(X509V3_F_X509V3_EXT_CONF,X509V3_R_EXTENSION_SETTING_NOT_SUPPORTED); + X509V3err(X509V3_F_DO_EXT_NCONF,X509V3_R_EXTENSION_SETTING_NOT_SUPPORTED); ERR_add_error_data(2, "name=", OBJ_nid2sn(ext_nid)); return NULL; } @@ -235,17 +236,29 @@ static int v3_check_critical(char **value) /* Check extension string for generic extension and return the type */ static int v3_check_generic(char **value) { + int gen_type = 0; char *p = *value; - if ((strlen(p) < 4) || strncmp(p, "DER:", 4)) return 0; - p+=4; + if ((strlen(p) >= 4) && !strncmp(p, "DER:", 4)) + { + p+=4; + gen_type = 1; + } + else if ((strlen(p) >= 5) && !strncmp(p, "ASN1:", 5)) + { + p+=5; + gen_type = 2; + } + else + return 0; + while (isspace((unsigned char)*p)) p++; *value = p; - return 1; + return gen_type; } /* Create a generic extension: for now just handle DER type */ static X509_EXTENSION *v3_generic_extension(const char *ext, char *value, - int crit, int type) + int crit, int gen_type, X509V3_CTX *ctx) { unsigned char *ext_der=NULL; long ext_len; @@ -259,7 +272,12 @@ static X509_EXTENSION *v3_generic_extension(const char *ext, char *value, goto err; } - if (!(ext_der = string_to_hex(value, &ext_len))) + if (gen_type == 1) + ext_der = string_to_hex(value, &ext_len); + else if (gen_type == 2) + ext_der = generic_asn1(value, ctx, &ext_len); + + if (ext_der == NULL) { X509V3err(X509V3_F_V3_GENERIC_EXTENSION,X509V3_R_EXTENSION_VALUE_ERROR); ERR_add_error_data(2, "value=", value); @@ -286,6 +304,17 @@ static X509_EXTENSION *v3_generic_extension(const char *ext, char *value, } +static unsigned char *generic_asn1(char *value, X509V3_CTX *ctx, long *ext_len) + { + ASN1_TYPE *typ; + unsigned char *ext_der = NULL; + typ = ASN1_generate_v3(value, ctx); + if (typ == NULL) + return NULL; + *ext_len = i2d_ASN1_TYPE(typ, &ext_der); + ASN1_TYPE_free(typ); + return ext_der; + } /* This is the main function: add a bunch of extensions based on a config file * section to an extension STACK. @@ -354,6 +383,11 @@ int X509V3_EXT_REQ_add_nconf(CONF *conf, X509V3_CTX *ctx, char *section, char * X509V3_get_string(X509V3_CTX *ctx, char *name, char *section) { + if(!ctx->db || !ctx->db_meth || !ctx->db_meth->get_string) + { + X509V3err(X509V3_F_X509V3_GET_STRING,X509V3_R_OPERATION_NOT_DEFINED); + return NULL; + } if (ctx->db_meth->get_string) return ctx->db_meth->get_string(ctx->db, name, section); return NULL; @@ -361,6 +395,11 @@ char * X509V3_get_string(X509V3_CTX *ctx, char *name, char *section) STACK_OF(CONF_VALUE) * X509V3_get_section(X509V3_CTX *ctx, char *section) { + if(!ctx->db || !ctx->db_meth || !ctx->db_meth->get_section) + { + X509V3err(X509V3_F_X509V3_GET_SECTION,X509V3_R_OPERATION_NOT_DEFINED); + return NULL; + } if (ctx->db_meth->get_section) return ctx->db_meth->get_section(ctx->db, section); return NULL; diff --git a/src/lib/libssl/src/crypto/x509v3/v3_cpols.c b/src/lib/libssl/src/crypto/x509v3/v3_cpols.c index 867525f336..a40f490aa9 100644 --- a/src/lib/libssl/src/crypto/x509v3/v3_cpols.c +++ b/src/lib/libssl/src/crypto/x509v3/v3_cpols.c @@ -3,7 +3,7 @@ * project 1999. */ /* ==================================================================== - * Copyright (c) 1999 The OpenSSL Project. All rights reserved. + * Copyright (c) 1999-2004 The OpenSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -63,6 +63,8 @@ #include #include +#include "pcy_int.h" + /* Certificate policies extension support: this one is a bit complex... */ static int i2r_certpol(X509V3_EXT_METHOD *method, STACK_OF(POLICYINFO) *pol, BIO *out, int indent); @@ -75,7 +77,7 @@ static POLICYQUALINFO *notice_section(X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *unot, int ia5org); static int nref_nos(STACK_OF(ASN1_INTEGER) *nnums, STACK_OF(CONF_VALUE) *nos); -X509V3_EXT_METHOD v3_cpols = { +const X509V3_EXT_METHOD v3_cpols = { NID_certificate_policies, 0,ASN1_ITEM_ref(CERTIFICATEPOLICIES), 0,0,0,0, 0,0, @@ -348,7 +350,7 @@ static int nref_nos(STACK_OF(ASN1_INTEGER) *nnums, STACK_OF(CONF_VALUE) *nos) return 1; merr: - X509V3err(X509V3_F_NOTICE_SECTION,ERR_R_MALLOC_FAILURE); + X509V3err(X509V3_F_NREF_NOS,ERR_R_MALLOC_FAILURE); err: sk_ASN1_INTEGER_pop_free(nnums, ASN1_STRING_free); @@ -429,3 +431,19 @@ static void print_notice(BIO *out, USERNOTICE *notice, int indent) notice->exptext->data); } +void X509_POLICY_NODE_print(BIO *out, X509_POLICY_NODE *node, int indent) + { + const X509_POLICY_DATA *dat = node->data; + + BIO_printf(out, "%*sPolicy: ", indent, ""); + + i2a_ASN1_OBJECT(out, dat->valid_policy); + BIO_puts(out, "\n"); + BIO_printf(out, "%*s%s\n", indent + 2, "", + node_data_critical(dat) ? "Critical" : "Non Critical"); + if (dat->qualifier_set) + print_qualifiers(out, dat->qualifier_set, indent + 2); + else + BIO_printf(out, "%*sNo Qualifiers\n", indent + 2, ""); + } + diff --git a/src/lib/libssl/src/crypto/x509v3/v3_crld.c b/src/lib/libssl/src/crypto/x509v3/v3_crld.c index f90829c574..c6e3ebae7b 100644 --- a/src/lib/libssl/src/crypto/x509v3/v3_crld.c +++ b/src/lib/libssl/src/crypto/x509v3/v3_crld.c @@ -68,7 +68,7 @@ static STACK_OF(CONF_VALUE) *i2v_crld(X509V3_EXT_METHOD *method, static STACK_OF(DIST_POINT) *v2i_crld(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval); -X509V3_EXT_METHOD v3_crld = { +const X509V3_EXT_METHOD v3_crld = { NID_crl_distribution_points, X509V3_EXT_MULTILINE, ASN1_ITEM_ref(CRL_DIST_POINTS), 0,0,0,0, 0,0, diff --git a/src/lib/libssl/src/crypto/x509v3/v3_enum.c b/src/lib/libssl/src/crypto/x509v3/v3_enum.c index 010c9d6260..a236cb22e1 100644 --- a/src/lib/libssl/src/crypto/x509v3/v3_enum.c +++ b/src/lib/libssl/src/crypto/x509v3/v3_enum.c @@ -72,7 +72,7 @@ static ENUMERATED_NAMES crl_reasons[] = { {-1, NULL, NULL} }; -X509V3_EXT_METHOD v3_crl_reason = { +const X509V3_EXT_METHOD v3_crl_reason = { NID_crl_reason, 0, ASN1_ITEM_ref(ASN1_ENUMERATED), 0,0,0,0, (X509V3_EXT_I2S)i2s_ASN1_ENUMERATED_TABLE, diff --git a/src/lib/libssl/src/crypto/x509v3/v3_extku.c b/src/lib/libssl/src/crypto/x509v3/v3_extku.c index b1cfaba1aa..a4efe0031e 100644 --- a/src/lib/libssl/src/crypto/x509v3/v3_extku.c +++ b/src/lib/libssl/src/crypto/x509v3/v3_extku.c @@ -68,7 +68,7 @@ static void *v2i_EXTENDED_KEY_USAGE(X509V3_EXT_METHOD *method, static STACK_OF(CONF_VALUE) *i2v_EXTENDED_KEY_USAGE(X509V3_EXT_METHOD *method, void *eku, STACK_OF(CONF_VALUE) *extlist); -X509V3_EXT_METHOD v3_ext_ku = { +const X509V3_EXT_METHOD v3_ext_ku = { NID_ext_key_usage, 0, ASN1_ITEM_ref(EXTENDED_KEY_USAGE), 0,0,0,0, @@ -80,7 +80,7 @@ X509V3_EXT_METHOD v3_ext_ku = { }; /* NB OCSP acceptable responses also is a SEQUENCE OF OBJECT */ -X509V3_EXT_METHOD v3_ocsp_accresp = { +const X509V3_EXT_METHOD v3_ocsp_accresp = { NID_id_pkix_OCSP_acceptableResponses, 0, ASN1_ITEM_ref(EXTENDED_KEY_USAGE), 0,0,0,0, @@ -122,7 +122,7 @@ static void *v2i_EXTENDED_KEY_USAGE(X509V3_EXT_METHOD *method, int i; if(!(extku = sk_ASN1_OBJECT_new_null())) { - X509V3err(X509V3_F_V2I_EXT_KU,ERR_R_MALLOC_FAILURE); + X509V3err(X509V3_F_V2I_EXTENDED_KEY_USAGE,ERR_R_MALLOC_FAILURE); return NULL; } @@ -132,7 +132,7 @@ static void *v2i_EXTENDED_KEY_USAGE(X509V3_EXT_METHOD *method, else extval = val->name; if(!(objtmp = OBJ_txt2obj(extval, 0))) { sk_ASN1_OBJECT_pop_free(extku, ASN1_OBJECT_free); - X509V3err(X509V3_F_V2I_EXT_KU,X509V3_R_INVALID_OBJECT_IDENTIFIER); + X509V3err(X509V3_F_V2I_EXTENDED_KEY_USAGE,X509V3_R_INVALID_OBJECT_IDENTIFIER); X509V3_conf_err(val); return NULL; } diff --git a/src/lib/libssl/src/crypto/x509v3/v3_ia5.c b/src/lib/libssl/src/crypto/x509v3/v3_ia5.c index 9683afa47c..b739ccd036 100644 --- a/src/lib/libssl/src/crypto/x509v3/v3_ia5.c +++ b/src/lib/libssl/src/crypto/x509v3/v3_ia5.c @@ -65,7 +65,7 @@ static char *i2s_ASN1_IA5STRING(X509V3_EXT_METHOD *method, ASN1_IA5STRING *ia5); static ASN1_IA5STRING *s2i_ASN1_IA5STRING(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, char *str); -X509V3_EXT_METHOD v3_ns_ia5_list[] = { +const X509V3_EXT_METHOD v3_ns_ia5_list[] = { EXT_IA5STRING(NID_netscape_base_url), EXT_IA5STRING(NID_netscape_revocation_url), EXT_IA5STRING(NID_netscape_ca_revocation_url), diff --git a/src/lib/libssl/src/crypto/x509v3/v3_info.c b/src/lib/libssl/src/crypto/x509v3/v3_info.c index 53e3f48859..e0ef69de42 100644 --- a/src/lib/libssl/src/crypto/x509v3/v3_info.c +++ b/src/lib/libssl/src/crypto/x509v3/v3_info.c @@ -69,7 +69,7 @@ static STACK_OF(CONF_VALUE) *i2v_AUTHORITY_INFO_ACCESS(X509V3_EXT_METHOD *method static AUTHORITY_INFO_ACCESS *v2i_AUTHORITY_INFO_ACCESS(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval); -X509V3_EXT_METHOD v3_info = +const X509V3_EXT_METHOD v3_info = { NID_info_access, X509V3_EXT_MULTILINE, ASN1_ITEM_ref(AUTHORITY_INFO_ACCESS), 0,0,0,0, 0,0, @@ -78,7 +78,7 @@ X509V3_EXT_METHOD v3_info = 0,0, NULL}; -X509V3_EXT_METHOD v3_sinfo = +const X509V3_EXT_METHOD v3_sinfo = { NID_sinfo_access, X509V3_EXT_MULTILINE, ASN1_ITEM_ref(AUTHORITY_INFO_ACCESS), 0,0,0,0, 0,0, @@ -141,36 +141,35 @@ static AUTHORITY_INFO_ACCESS *v2i_AUTHORITY_INFO_ACCESS(X509V3_EXT_METHOD *metho int i, objlen; char *objtmp, *ptmp; if(!(ainfo = sk_ACCESS_DESCRIPTION_new_null())) { - X509V3err(X509V3_F_V2I_ACCESS_DESCRIPTION,ERR_R_MALLOC_FAILURE); + X509V3err(X509V3_F_V2I_AUTHORITY_INFO_ACCESS,ERR_R_MALLOC_FAILURE); return NULL; } for(i = 0; i < sk_CONF_VALUE_num(nval); i++) { cnf = sk_CONF_VALUE_value(nval, i); if(!(acc = ACCESS_DESCRIPTION_new()) || !sk_ACCESS_DESCRIPTION_push(ainfo, acc)) { - X509V3err(X509V3_F_V2I_ACCESS_DESCRIPTION,ERR_R_MALLOC_FAILURE); + X509V3err(X509V3_F_V2I_AUTHORITY_INFO_ACCESS,ERR_R_MALLOC_FAILURE); goto err; } ptmp = strchr(cnf->name, ';'); if(!ptmp) { - X509V3err(X509V3_F_V2I_ACCESS_DESCRIPTION,X509V3_R_INVALID_SYNTAX); + X509V3err(X509V3_F_V2I_AUTHORITY_INFO_ACCESS,X509V3_R_INVALID_SYNTAX); goto err; } objlen = ptmp - cnf->name; ctmp.name = ptmp + 1; ctmp.value = cnf->value; - GENERAL_NAME_free(acc->location); - if(!(acc->location = v2i_GENERAL_NAME(method, ctx, &ctmp))) + if(!v2i_GENERAL_NAME_ex(acc->location, method, ctx, &ctmp, 0)) goto err; if(!(objtmp = OPENSSL_malloc(objlen + 1))) { - X509V3err(X509V3_F_V2I_ACCESS_DESCRIPTION,ERR_R_MALLOC_FAILURE); + X509V3err(X509V3_F_V2I_AUTHORITY_INFO_ACCESS,ERR_R_MALLOC_FAILURE); goto err; } strncpy(objtmp, cnf->name, objlen); objtmp[objlen] = 0; acc->method = OBJ_txt2obj(objtmp, 0); if(!acc->method) { - X509V3err(X509V3_F_V2I_ACCESS_DESCRIPTION,X509V3_R_BAD_OBJECT); + X509V3err(X509V3_F_V2I_AUTHORITY_INFO_ACCESS,X509V3_R_BAD_OBJECT); ERR_add_error_data(2, "value=", objtmp); OPENSSL_free(objtmp); goto err; diff --git a/src/lib/libssl/src/crypto/x509v3/v3_int.c b/src/lib/libssl/src/crypto/x509v3/v3_int.c index 7a43b4717b..9a48dc1508 100644 --- a/src/lib/libssl/src/crypto/x509v3/v3_int.c +++ b/src/lib/libssl/src/crypto/x509v3/v3_int.c @@ -60,17 +60,30 @@ #include "cryptlib.h" #include -X509V3_EXT_METHOD v3_crl_num = { +const X509V3_EXT_METHOD v3_crl_num = { NID_crl_number, 0, ASN1_ITEM_ref(ASN1_INTEGER), 0,0,0,0, (X509V3_EXT_I2S)i2s_ASN1_INTEGER, 0, 0,0,0,0, NULL}; -X509V3_EXT_METHOD v3_delta_crl = { +const X509V3_EXT_METHOD v3_delta_crl = { NID_delta_crl, 0, ASN1_ITEM_ref(ASN1_INTEGER), 0,0,0,0, (X509V3_EXT_I2S)i2s_ASN1_INTEGER, 0, 0,0,0,0, NULL}; +static void * s2i_asn1_int(X509V3_EXT_METHOD *meth, X509V3_CTX *ctx, char *value) + { + return s2i_ASN1_INTEGER(meth, value); + } + +const X509V3_EXT_METHOD v3_inhibit_anyp = { + NID_inhibit_any_policy, 0, ASN1_ITEM_ref(ASN1_INTEGER), + 0,0,0,0, + (X509V3_EXT_I2S)i2s_ASN1_INTEGER, + (X509V3_EXT_S2I)s2i_asn1_int, + 0,0,0,0, NULL}; + + diff --git a/src/lib/libssl/src/crypto/x509v3/v3_lib.c b/src/lib/libssl/src/crypto/x509v3/v3_lib.c index ca5a4a4a57..f3015ea610 100644 --- a/src/lib/libssl/src/crypto/x509v3/v3_lib.c +++ b/src/lib/libssl/src/crypto/x509v3/v3_lib.c @@ -162,7 +162,8 @@ int X509V3_add_standard_extensions(void) void *X509V3_EXT_d2i(X509_EXTENSION *ext) { X509V3_EXT_METHOD *method; - unsigned char *p; + const unsigned char *p; + if(!(method = X509V3_EXT_get(ext))) return NULL; p = ext->value->data; if(method->it) return ASN1_item_d2i(NULL, &p, ext->value->length, ASN1_ITEM_ptr(method->it)); @@ -276,7 +277,7 @@ int X509V3_add1_i2d(STACK_OF(X509_EXTENSION) **x, int nid, void *value, ext = X509V3_EXT_i2d(nid, crit, value); if(!ext) { - X509V3err(X509V3_F_X509V3_ADD_I2D, X509V3_R_ERROR_CREATING_EXTENSION); + X509V3err(X509V3_F_X509V3_ADD1_I2D, X509V3_R_ERROR_CREATING_EXTENSION); return 0; } @@ -295,7 +296,7 @@ int X509V3_add1_i2d(STACK_OF(X509_EXTENSION) **x, int nid, void *value, err: if(!(flags & X509V3_ADD_SILENT)) - X509V3err(X509V3_F_X509V3_ADD_I2D, errcode); + X509V3err(X509V3_F_X509V3_ADD1_I2D, errcode); return 0; } diff --git a/src/lib/libssl/src/crypto/x509v3/v3_ocsp.c b/src/lib/libssl/src/crypto/x509v3/v3_ocsp.c index 21badc13f9..62aac06335 100644 --- a/src/lib/libssl/src/crypto/x509v3/v3_ocsp.c +++ b/src/lib/libssl/src/crypto/x509v3/v3_ocsp.c @@ -74,15 +74,15 @@ static int i2r_object(X509V3_EXT_METHOD *method, void *obj, BIO *out, int indent static void *ocsp_nonce_new(void); static int i2d_ocsp_nonce(void *a, unsigned char **pp); -static void *d2i_ocsp_nonce(void *a, unsigned char **pp, long length); +static void *d2i_ocsp_nonce(void *a, const unsigned char **pp, long length); static void ocsp_nonce_free(void *a); static int i2r_ocsp_nonce(X509V3_EXT_METHOD *method, void *nonce, BIO *out, int indent); static int i2r_ocsp_nocheck(X509V3_EXT_METHOD *method, void *nocheck, BIO *out, int indent); -static void *s2i_ocsp_nocheck(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, char *str); +static void *s2i_ocsp_nocheck(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, const char *str); static int i2r_ocsp_serviceloc(X509V3_EXT_METHOD *method, void *in, BIO *bp, int ind); -X509V3_EXT_METHOD v3_ocsp_crlid = { +const X509V3_EXT_METHOD v3_ocsp_crlid = { NID_id_pkix_OCSP_CrlID, 0, ASN1_ITEM_ref(OCSP_CRLID), 0,0,0,0, 0,0, @@ -91,7 +91,7 @@ X509V3_EXT_METHOD v3_ocsp_crlid = { NULL }; -X509V3_EXT_METHOD v3_ocsp_acutoff = { +const X509V3_EXT_METHOD v3_ocsp_acutoff = { NID_id_pkix_OCSP_archiveCutoff, 0, ASN1_ITEM_ref(ASN1_GENERALIZEDTIME), 0,0,0,0, 0,0, @@ -100,7 +100,7 @@ X509V3_EXT_METHOD v3_ocsp_acutoff = { NULL }; -X509V3_EXT_METHOD v3_crl_invdate = { +const X509V3_EXT_METHOD v3_crl_invdate = { NID_invalidity_date, 0, ASN1_ITEM_ref(ASN1_GENERALIZEDTIME), 0,0,0,0, 0,0, @@ -109,7 +109,7 @@ X509V3_EXT_METHOD v3_crl_invdate = { NULL }; -X509V3_EXT_METHOD v3_crl_hold = { +const X509V3_EXT_METHOD v3_crl_hold = { NID_hold_instruction_code, 0, ASN1_ITEM_ref(ASN1_OBJECT), 0,0,0,0, 0,0, @@ -118,7 +118,7 @@ X509V3_EXT_METHOD v3_crl_hold = { NULL }; -X509V3_EXT_METHOD v3_ocsp_nonce = { +const X509V3_EXT_METHOD v3_ocsp_nonce = { NID_id_pkix_OCSP_Nonce, 0, NULL, ocsp_nonce_new, ocsp_nonce_free, @@ -130,7 +130,7 @@ X509V3_EXT_METHOD v3_ocsp_nonce = { NULL }; -X509V3_EXT_METHOD v3_ocsp_nocheck = { +const X509V3_EXT_METHOD v3_ocsp_nocheck = { NID_id_pkix_OCSP_noCheck, 0, ASN1_ITEM_ref(ASN1_NULL), 0,0,0,0, 0,s2i_ocsp_nocheck, @@ -139,7 +139,7 @@ X509V3_EXT_METHOD v3_ocsp_nocheck = { NULL }; -X509V3_EXT_METHOD v3_ocsp_serviceloc = { +const X509V3_EXT_METHOD v3_ocsp_serviceloc = { NID_id_pkix_OCSP_serviceLocator, 0, ASN1_ITEM_ref(OCSP_SERVICELOC), 0,0,0,0, 0,0, @@ -208,7 +208,7 @@ static int i2d_ocsp_nonce(void *a, unsigned char **pp) return os->length; } -static void *d2i_ocsp_nonce(void *a, unsigned char **pp, long length) +static void *d2i_ocsp_nonce(void *a, const unsigned char **pp, long length) { ASN1_OCTET_STRING *os, **pos; pos = a; @@ -246,7 +246,7 @@ static int i2r_ocsp_nocheck(X509V3_EXT_METHOD *method, void *nocheck, BIO *out, return 1; } -static void *s2i_ocsp_nocheck(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, char *str) +static void *s2i_ocsp_nocheck(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, const char *str) { return ASN1_NULL_new(); } diff --git a/src/lib/libssl/src/crypto/x509v3/v3_pci.c b/src/lib/libssl/src/crypto/x509v3/v3_pci.c index b32d968619..601211f416 100644 --- a/src/lib/libssl/src/crypto/x509v3/v3_pci.c +++ b/src/lib/libssl/src/crypto/x509v3/v3_pci.c @@ -44,7 +44,7 @@ static int i2r_pci(X509V3_EXT_METHOD *method, PROXY_CERT_INFO_EXTENSION *ext, static PROXY_CERT_INFO_EXTENSION *r2i_pci(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, char *str); -X509V3_EXT_METHOD v3_pci = +const X509V3_EXT_METHOD v3_pci = { NID_proxyCertInfo, 0, ASN1_ITEM_ref(PROXY_CERT_INFO_EXTENSION), 0,0,0,0, 0,0, @@ -82,13 +82,13 @@ static int process_pci_value(CONF_VALUE *val, { if (*language) { - X509V3err(X509V3_F_R2I_PCI,X509V3_R_POLICY_LANGUAGE_ALREADTY_DEFINED); + X509V3err(X509V3_F_PROCESS_PCI_VALUE,X509V3_R_POLICY_LANGUAGE_ALREADTY_DEFINED); X509V3_conf_err(val); return 0; } if (!(*language = OBJ_txt2obj(val->value, 0))) { - X509V3err(X509V3_F_R2I_PCI,X509V3_R_INVALID_OBJECT_IDENTIFIER); + X509V3err(X509V3_F_PROCESS_PCI_VALUE,X509V3_R_INVALID_OBJECT_IDENTIFIER); X509V3_conf_err(val); return 0; } @@ -97,13 +97,13 @@ static int process_pci_value(CONF_VALUE *val, { if (*pathlen) { - X509V3err(X509V3_F_R2I_PCI,X509V3_R_POLICY_PATH_LENGTH_ALREADTY_DEFINED); + X509V3err(X509V3_F_PROCESS_PCI_VALUE,X509V3_R_POLICY_PATH_LENGTH_ALREADTY_DEFINED); X509V3_conf_err(val); return 0; } if (!X509V3_get_value_int(val, pathlen)) { - X509V3err(X509V3_F_R2I_PCI,X509V3_R_POLICY_PATH_LENGTH); + X509V3err(X509V3_F_PROCESS_PCI_VALUE,X509V3_R_POLICY_PATH_LENGTH); X509V3_conf_err(val); return 0; } @@ -117,7 +117,7 @@ static int process_pci_value(CONF_VALUE *val, *policy = ASN1_OCTET_STRING_new(); if (!*policy) { - X509V3err(X509V3_F_R2I_PCI,ERR_R_MALLOC_FAILURE); + X509V3err(X509V3_F_PROCESS_PCI_VALUE,ERR_R_MALLOC_FAILURE); X509V3_conf_err(val); return 0; } @@ -148,7 +148,7 @@ static int process_pci_value(CONF_VALUE *val, BIO *b = BIO_new_file(val->value + 5, "r"); if (!b) { - X509V3err(X509V3_F_R2I_PCI,ERR_R_BIO_LIB); + X509V3err(X509V3_F_PROCESS_PCI_VALUE,ERR_R_BIO_LIB); X509V3_conf_err(val); goto err; } @@ -172,7 +172,7 @@ static int process_pci_value(CONF_VALUE *val, if (n < 0) { - X509V3err(X509V3_F_R2I_PCI,ERR_R_BIO_LIB); + X509V3err(X509V3_F_PROCESS_PCI_VALUE,ERR_R_BIO_LIB); X509V3_conf_err(val); goto err; } @@ -193,13 +193,13 @@ static int process_pci_value(CONF_VALUE *val, } else { - X509V3err(X509V3_F_R2I_PCI,X509V3_R_INCORRECT_POLICY_SYNTAX_TAG); + X509V3err(X509V3_F_PROCESS_PCI_VALUE,X509V3_R_INCORRECT_POLICY_SYNTAX_TAG); X509V3_conf_err(val); goto err; } if (!tmp_data) { - X509V3err(X509V3_F_R2I_PCI,ERR_R_MALLOC_FAILURE); + X509V3err(X509V3_F_PROCESS_PCI_VALUE,ERR_R_MALLOC_FAILURE); X509V3_conf_err(val); goto err; } @@ -286,12 +286,6 @@ static PROXY_CERT_INFO_EXTENSION *r2i_pci(X509V3_EXT_METHOD *method, X509V3err(X509V3_F_R2I_PCI,ERR_R_MALLOC_FAILURE); goto err; } - pci->proxyPolicy = PROXY_POLICY_new(); - if (!pci->proxyPolicy) - { - X509V3err(X509V3_F_R2I_PCI,ERR_R_MALLOC_FAILURE); - goto err; - } pci->proxyPolicy->policyLanguage = language; language = NULL; pci->proxyPolicy->policy = policy; policy = NULL; @@ -301,11 +295,6 @@ err: if (language) { ASN1_OBJECT_free(language); language = NULL; } if (pathlen) { ASN1_INTEGER_free(pathlen); pathlen = NULL; } if (policy) { ASN1_OCTET_STRING_free(policy); policy = NULL; } - if (pci && pci->proxyPolicy) - { - PROXY_POLICY_free(pci->proxyPolicy); - pci->proxyPolicy = NULL; - } if (pci) { PROXY_CERT_INFO_EXTENSION_free(pci); pci = NULL; } end: sk_CONF_VALUE_pop_free(vals, X509V3_conf_free); diff --git a/src/lib/libssl/src/crypto/x509v3/v3_pku.c b/src/lib/libssl/src/crypto/x509v3/v3_pku.c index 49a2e4697a..5c4626e89b 100644 --- a/src/lib/libssl/src/crypto/x509v3/v3_pku.c +++ b/src/lib/libssl/src/crypto/x509v3/v3_pku.c @@ -66,7 +66,7 @@ static int i2r_PKEY_USAGE_PERIOD(X509V3_EXT_METHOD *method, PKEY_USAGE_PERIOD *u /* static PKEY_USAGE_PERIOD *v2i_PKEY_USAGE_PERIOD(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *values); */ -X509V3_EXT_METHOD v3_pkey_usage_period = { +const X509V3_EXT_METHOD v3_pkey_usage_period = { NID_private_key_usage_period, 0, ASN1_ITEM_ref(PKEY_USAGE_PERIOD), 0,0,0,0, 0,0,0,0, diff --git a/src/lib/libssl/src/crypto/x509v3/v3_prn.c b/src/lib/libssl/src/crypto/x509v3/v3_prn.c index 5d268eb768..20bd9bda19 100644 --- a/src/lib/libssl/src/crypto/x509v3/v3_prn.c +++ b/src/lib/libssl/src/crypto/x509v3/v3_prn.c @@ -109,10 +109,11 @@ int X509V3_EXT_print(BIO *out, X509_EXTENSION *ext, unsigned long flag, int inde { void *ext_str = NULL; char *value = NULL; - unsigned char *p; + const unsigned char *p; X509V3_EXT_METHOD *method; STACK_OF(CONF_VALUE) *nval = NULL; int ok = 1; + if(!(method = X509V3_EXT_get(ext))) return unknown_ext_print(out, ext, flag, indent, 0); p = ext->value->data; @@ -182,7 +183,7 @@ int X509V3_extensions_print(BIO *bp, char *title, STACK_OF(X509_EXTENSION) *exts obj=X509_EXTENSION_get_object(ex); i2a_ASN1_OBJECT(bp,obj); j=X509_EXTENSION_get_critical(ex); - if (BIO_printf(bp,": %s\n",j?"critical":"","") <= 0) + if (BIO_printf(bp,": %s\n",j?"critical":"") <= 0) return 0; if(!X509V3_EXT_print(bp, ex, flag, indent + 4)) { diff --git a/src/lib/libssl/src/crypto/x509v3/v3_purp.c b/src/lib/libssl/src/crypto/x509v3/v3_purp.c index bbdf6da493..b2f5cdfa05 100644 --- a/src/lib/libssl/src/crypto/x509v3/v3_purp.c +++ b/src/lib/libssl/src/crypto/x509v3/v3_purp.c @@ -139,7 +139,7 @@ int X509_PURPOSE_get_count(void) X509_PURPOSE * X509_PURPOSE_get0(int idx) { if(idx < 0) return NULL; - if(idx < X509_PURPOSE_COUNT) return xstandard + idx; + if(idx < (int)X509_PURPOSE_COUNT) return xstandard + idx; return sk_X509_PURPOSE_value(xptable, idx - X509_PURPOSE_COUNT); } @@ -239,7 +239,7 @@ static void xptable_free(X509_PURPOSE *p) void X509_PURPOSE_cleanup(void) { - int i; + unsigned int i; sk_X509_PURPOSE_pop_free(xptable, xptable_free); for(i = 0; i < X509_PURPOSE_COUNT; i++) xptable_free(xstandard + i); xptable = NULL; @@ -285,7 +285,12 @@ int X509_supported_extension(X509_EXTENSION *ex) NID_key_usage, /* 83 */ NID_subject_alt_name, /* 85 */ NID_basic_constraints, /* 87 */ + NID_certificate_policies, /* 89 */ NID_ext_key_usage, /* 126 */ +#ifndef OPENSSL_NO_RFC3779 + NID_sbgp_ipAddrBlock, /* 290 */ + NID_sbgp_autonomousSysNum, /* 291 */ +#endif NID_proxyCertInfo /* 661 */ }; @@ -343,6 +348,10 @@ static void x509v3_cache_extensions(X509 *x) || X509_get_ext_by_NID(x, NID_issuer_alt_name, 0) >= 0) { x->ex_flags |= EXFLAG_INVALID; } + if (pci->pcPathLengthConstraint) { + x->ex_pcpathlen = + ASN1_INTEGER_get(pci->pcPathLengthConstraint); + } else x->ex_pcpathlen = -1; PROXY_CERT_INFO_EXTENSION_free(pci); x->ex_flags |= EXFLAG_PROXY; } @@ -406,6 +415,11 @@ static void x509v3_cache_extensions(X509 *x) } x->skid =X509_get_ext_d2i(x, NID_subject_key_identifier, NULL, NULL); x->akid =X509_get_ext_d2i(x, NID_authority_key_identifier, NULL, NULL); +#ifndef OPENSSL_NO_RFC3779 + x->rfc3779_addr =X509_get_ext_d2i(x, NID_sbgp_ipAddrBlock, NULL, NULL); + x->rfc3779_asid =X509_get_ext_d2i(x, NID_sbgp_autonomousSysNum, + NULL, NULL); +#endif for (i = 0; i < X509_get_ext_count(x); i++) { ex = X509_get_ext(x, i); diff --git a/src/lib/libssl/src/crypto/x509v3/v3_skey.c b/src/lib/libssl/src/crypto/x509v3/v3_skey.c index c0f044ac1b..da0a3558f6 100644 --- a/src/lib/libssl/src/crypto/x509v3/v3_skey.c +++ b/src/lib/libssl/src/crypto/x509v3/v3_skey.c @@ -62,7 +62,7 @@ #include static ASN1_OCTET_STRING *s2i_skey_id(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, char *str); -X509V3_EXT_METHOD v3_skey_id = { +const X509V3_EXT_METHOD v3_skey_id = { NID_subject_key_identifier, 0, ASN1_ITEM_ref(ASN1_OCTET_STRING), 0,0,0,0, (X509V3_EXT_I2S)i2s_ASN1_OCTET_STRING, @@ -109,14 +109,14 @@ static ASN1_OCTET_STRING *s2i_skey_id(X509V3_EXT_METHOD *method, if(strcmp(str, "hash")) return s2i_ASN1_OCTET_STRING(method, ctx, str); if(!(oct = M_ASN1_OCTET_STRING_new())) { - X509V3err(X509V3_F_S2I_S2I_SKEY_ID,ERR_R_MALLOC_FAILURE); + X509V3err(X509V3_F_S2I_SKEY_ID,ERR_R_MALLOC_FAILURE); return NULL; } if(ctx && (ctx->flags == CTX_TEST)) return oct; if(!ctx || (!ctx->subject_req && !ctx->subject_cert)) { - X509V3err(X509V3_F_S2I_ASN1_SKEY_ID,X509V3_R_NO_PUBLIC_KEY); + X509V3err(X509V3_F_S2I_SKEY_ID,X509V3_R_NO_PUBLIC_KEY); goto err; } @@ -125,14 +125,14 @@ static ASN1_OCTET_STRING *s2i_skey_id(X509V3_EXT_METHOD *method, else pk = ctx->subject_cert->cert_info->key->public_key; if(!pk) { - X509V3err(X509V3_F_S2I_ASN1_SKEY_ID,X509V3_R_NO_PUBLIC_KEY); + X509V3err(X509V3_F_S2I_SKEY_ID,X509V3_R_NO_PUBLIC_KEY); goto err; } EVP_Digest(pk->data, pk->length, pkey_dig, &diglen, EVP_sha1(), NULL); if(!M_ASN1_OCTET_STRING_set(oct, pkey_dig, diglen)) { - X509V3err(X509V3_F_S2I_S2I_SKEY_ID,ERR_R_MALLOC_FAILURE); + X509V3err(X509V3_F_S2I_SKEY_ID,ERR_R_MALLOC_FAILURE); goto err; } diff --git a/src/lib/libssl/src/crypto/x509v3/v3_sxnet.c b/src/lib/libssl/src/crypto/x509v3/v3_sxnet.c index d3f4ba3a72..eaea9ea01b 100644 --- a/src/lib/libssl/src/crypto/x509v3/v3_sxnet.c +++ b/src/lib/libssl/src/crypto/x509v3/v3_sxnet.c @@ -72,7 +72,7 @@ static int sxnet_i2r(X509V3_EXT_METHOD *method, SXNET *sx, BIO *out, int indent) static SXNET * sxnet_v2i(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval); #endif -X509V3_EXT_METHOD v3_sxnet = { +const X509V3_EXT_METHOD v3_sxnet = { NID_sxnet, X509V3_EXT_MULTILINE, ASN1_ITEM_ref(SXNET), 0,0,0,0, 0,0, @@ -109,7 +109,7 @@ static int sxnet_i2r(X509V3_EXT_METHOD *method, SXNET *sx, BIO *out, SXNETID *id; int i; v = ASN1_INTEGER_get(sx->version); - BIO_printf(out, "%*sVersion: %d (0x%X)", indent, "", v + 1, v); + BIO_printf(out, "%*sVersion: %ld (0x%lX)", indent, "", v + 1, v); for(i = 0; i < sk_SXNETID_num(sx->ids); i++) { id = sk_SXNETID_value(sx->ids, i); tmp = i2s_ASN1_INTEGER(NULL, id->zone); @@ -154,7 +154,7 @@ int SXNET_add_id_asc(SXNET **psx, char *zone, char *user, { ASN1_INTEGER *izone = NULL; if(!(izone = s2i_ASN1_INTEGER(NULL, zone))) { - X509V3err(X509V3_F_SXNET_ADD_ASC,X509V3_R_ERROR_CONVERTING_ZONE); + X509V3err(X509V3_F_SXNET_ADD_ID_ASC,X509V3_R_ERROR_CONVERTING_ZONE); return 0; } return SXNET_add_id_INTEGER(psx, izone, user, userlen); diff --git a/src/lib/libssl/src/crypto/x509v3/v3_utl.c b/src/lib/libssl/src/crypto/x509v3/v3_utl.c index 34ac2998de..ac171ca940 100644 --- a/src/lib/libssl/src/crypto/x509v3/v3_utl.c +++ b/src/lib/libssl/src/crypto/x509v3/v3_utl.c @@ -1,9 +1,9 @@ /* v3_utl.c */ /* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL - * project 1999. + * project. */ /* ==================================================================== - * Copyright (c) 1999 The OpenSSL Project. All rights reserved. + * Copyright (c) 1999-2003 The OpenSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -63,6 +63,7 @@ #include "cryptlib.h" #include #include +#include static char *strip_spaces(char *name); static int sk_strcmp(const char * const *a, const char * const *b); @@ -70,6 +71,11 @@ static STACK *get_email(X509_NAME *name, GENERAL_NAMES *gens); static void str_free(void *str); static int append_ia5(STACK **sk, ASN1_IA5STRING *email); +static int ipv4_from_asc(unsigned char *v4, const char *in); +static int ipv6_from_asc(unsigned char *v6, const char *in); +static int ipv6_cb(const char *elem, int len, void *usr); +static int ipv6_hex(unsigned char *out, const char *in, int inlen); + /* Add a CONF_VALUE name value pair to stack */ int X509V3_add_value(const char *name, const char *value, @@ -156,11 +162,11 @@ ASN1_INTEGER *s2i_ASN1_INTEGER(X509V3_EXT_METHOD *method, char *value) ASN1_INTEGER *aint; int isneg, ishex; int ret; - bn = BN_new(); if (!value) { X509V3err(X509V3_F_S2I_ASN1_INTEGER,X509V3_R_INVALID_NULL_VALUE); return 0; } + bn = BN_new(); if (value[0] == '-') { value++; isneg = 1; @@ -174,7 +180,8 @@ ASN1_INTEGER *s2i_ASN1_INTEGER(X509V3_EXT_METHOD *method, char *value) if (ishex) ret = BN_hex2bn(&bn, value); else ret = BN_dec2bn(&bn, value); - if (!ret) { + if (!ret || value[ret]) { + BN_free(bn); X509V3err(X509V3_F_S2I_ASN1_INTEGER,X509V3_R_BN_DEC2BN_ERROR); return 0; } @@ -358,7 +365,7 @@ char *hex_to_string(unsigned char *buffer, long len) char *tmp, *q; unsigned char *p; int i; - static char hexdig[] = "0123456789ABCDEF"; + const static char hexdig[] = "0123456789ABCDEF"; if(!buffer || !len) return NULL; if(!(tmp = OPENSSL_malloc(len * 3 + 1))) { X509V3err(X509V3_F_HEX_TO_STRING,ERR_R_MALLOC_FAILURE); @@ -466,6 +473,30 @@ STACK *X509_get1_email(X509 *x) return ret; } +STACK *X509_get1_ocsp(X509 *x) +{ + AUTHORITY_INFO_ACCESS *info; + STACK *ret = NULL; + int i; + info = X509_get_ext_d2i(x, NID_info_access, NULL, NULL); + if (!info) + return NULL; + for (i = 0; i < sk_ACCESS_DESCRIPTION_num(info); i++) + { + ACCESS_DESCRIPTION *ad = sk_ACCESS_DESCRIPTION_value(info, i); + if (OBJ_obj2nid(ad->method) == NID_ad_OCSP) + { + if (ad->location->type == GEN_URI) + { + if (!append_ia5(&ret, ad->location->d.uniformResourceIdentifier)) + break; + } + } + } + AUTHORITY_INFO_ACCESS_free(info); + return ret; +} + STACK *X509_REQ_get1_email(X509_REQ *x) { GENERAL_NAMES *gens; @@ -533,3 +564,305 @@ void X509_email_free(STACK *sk) { sk_pop_free(sk, str_free); } + +/* Convert IP addresses both IPv4 and IPv6 into an + * OCTET STRING compatible with RFC3280. + */ + +ASN1_OCTET_STRING *a2i_IPADDRESS(const char *ipasc) + { + unsigned char ipout[16]; + ASN1_OCTET_STRING *ret; + int iplen; + + /* If string contains a ':' assume IPv6 */ + + iplen = a2i_ipadd(ipout, ipasc); + + if (!iplen) + return NULL; + + ret = ASN1_OCTET_STRING_new(); + if (!ret) + return NULL; + if (!ASN1_OCTET_STRING_set(ret, ipout, iplen)) + { + ASN1_OCTET_STRING_free(ret); + return NULL; + } + return ret; + } + +ASN1_OCTET_STRING *a2i_IPADDRESS_NC(const char *ipasc) + { + ASN1_OCTET_STRING *ret = NULL; + unsigned char ipout[32]; + char *iptmp = NULL, *p; + int iplen1, iplen2; + p = strchr(ipasc,'/'); + if (!p) + return NULL; + iptmp = BUF_strdup(ipasc); + if (!iptmp) + return NULL; + p = iptmp + (p - ipasc); + *p++ = 0; + + iplen1 = a2i_ipadd(ipout, iptmp); + + if (!iplen1) + goto err; + + iplen2 = a2i_ipadd(ipout + iplen1, p); + + OPENSSL_free(iptmp); + iptmp = NULL; + + if (!iplen2 || (iplen1 != iplen2)) + goto err; + + ret = ASN1_OCTET_STRING_new(); + if (!ret) + goto err; + if (!ASN1_OCTET_STRING_set(ret, ipout, iplen1 + iplen2)) + goto err; + + return ret; + + err: + if (iptmp) + OPENSSL_free(iptmp); + if (ret) + ASN1_OCTET_STRING_free(ret); + return NULL; + } + + +int a2i_ipadd(unsigned char *ipout, const char *ipasc) + { + /* If string contains a ':' assume IPv6 */ + + if (strchr(ipasc, ':')) + { + if (!ipv6_from_asc(ipout, ipasc)) + return 0; + return 16; + } + else + { + if (!ipv4_from_asc(ipout, ipasc)) + return 0; + return 4; + } + } + +static int ipv4_from_asc(unsigned char *v4, const char *in) + { + int a0, a1, a2, a3; + if (sscanf(in, "%d.%d.%d.%d", &a0, &a1, &a2, &a3) != 4) + return 0; + if ((a0 < 0) || (a0 > 255) || (a1 < 0) || (a1 > 255) + || (a2 < 0) || (a2 > 255) || (a3 < 0) || (a3 > 255)) + return 0; + v4[0] = a0; + v4[1] = a1; + v4[2] = a2; + v4[3] = a3; + return 1; + } + +typedef struct { + /* Temporary store for IPV6 output */ + unsigned char tmp[16]; + /* Total number of bytes in tmp */ + int total; + /* The position of a zero (corresponding to '::') */ + int zero_pos; + /* Number of zeroes */ + int zero_cnt; + } IPV6_STAT; + + +static int ipv6_from_asc(unsigned char *v6, const char *in) + { + IPV6_STAT v6stat; + v6stat.total = 0; + v6stat.zero_pos = -1; + v6stat.zero_cnt = 0; + /* Treat the IPv6 representation as a list of values + * separated by ':'. The presence of a '::' will parse + * as one, two or three zero length elements. + */ + if (!CONF_parse_list(in, ':', 0, ipv6_cb, &v6stat)) + return 0; + + /* Now for some sanity checks */ + + if (v6stat.zero_pos == -1) + { + /* If no '::' must have exactly 16 bytes */ + if (v6stat.total != 16) + return 0; + } + else + { + /* If '::' must have less than 16 bytes */ + if (v6stat.total == 16) + return 0; + /* More than three zeroes is an error */ + if (v6stat.zero_cnt > 3) + return 0; + /* Can only have three zeroes if nothing else present */ + else if (v6stat.zero_cnt == 3) + { + if (v6stat.total > 0) + return 0; + } + /* Can only have two zeroes if at start or end */ + else if (v6stat.zero_cnt == 2) + { + if ((v6stat.zero_pos != 0) + && (v6stat.zero_pos != v6stat.total)) + return 0; + } + else + /* Can only have one zero if *not* start or end */ + { + if ((v6stat.zero_pos == 0) + || (v6stat.zero_pos == v6stat.total)) + return 0; + } + } + + /* Format result */ + + /* Copy initial part */ + if (v6stat.zero_pos > 0) + memcpy(v6, v6stat.tmp, v6stat.zero_pos); + /* Zero middle */ + if (v6stat.total != 16) + memset(v6 + v6stat.zero_pos, 0, 16 - v6stat.total); + /* Copy final part */ + if (v6stat.total != v6stat.zero_pos) + memcpy(v6 + v6stat.zero_pos + 16 - v6stat.total, + v6stat.tmp + v6stat.zero_pos, + v6stat.total - v6stat.zero_pos); + + return 1; + } + +static int ipv6_cb(const char *elem, int len, void *usr) + { + IPV6_STAT *s = usr; + /* Error if 16 bytes written */ + if (s->total == 16) + return 0; + if (len == 0) + { + /* Zero length element, corresponds to '::' */ + if (s->zero_pos == -1) + s->zero_pos = s->total; + /* If we've already got a :: its an error */ + else if (s->zero_pos != s->total) + return 0; + s->zero_cnt++; + } + else + { + /* If more than 4 characters could be final a.b.c.d form */ + if (len > 4) + { + /* Need at least 4 bytes left */ + if (s->total > 12) + return 0; + /* Must be end of string */ + if (elem[len]) + return 0; + if (!ipv4_from_asc(s->tmp + s->total, elem)) + return 0; + s->total += 4; + } + else + { + if (!ipv6_hex(s->tmp + s->total, elem, len)) + return 0; + s->total += 2; + } + } + return 1; + } + +/* Convert a string of up to 4 hex digits into the corresponding + * IPv6 form. + */ + +static int ipv6_hex(unsigned char *out, const char *in, int inlen) + { + unsigned char c; + unsigned int num = 0; + if (inlen > 4) + return 0; + while(inlen--) + { + c = *in++; + num <<= 4; + if ((c >= '0') && (c <= '9')) + num |= c - '0'; + else if ((c >= 'A') && (c <= 'F')) + num |= c - 'A' + 10; + else if ((c >= 'a') && (c <= 'f')) + num |= c - 'a' + 10; + else + return 0; + } + out[0] = num >> 8; + out[1] = num & 0xff; + return 1; + } + + +int X509V3_NAME_from_section(X509_NAME *nm, STACK_OF(CONF_VALUE)*dn_sk, + unsigned long chtype) + { + CONF_VALUE *v; + int i, mval; + char *p, *type; + if (!nm) + return 0; + + for (i = 0; i < sk_CONF_VALUE_num(dn_sk); i++) + { + v=sk_CONF_VALUE_value(dn_sk,i); + type=v->name; + /* Skip past any leading X. X: X, etc to allow for + * multiple instances + */ + for(p = type; *p ; p++) +#ifndef CHARSET_EBCDIC + if ((*p == ':') || (*p == ',') || (*p == '.')) +#else + if ((*p == os_toascii[':']) || (*p == os_toascii[',']) || (*p == os_toascii['.'])) +#endif + { + p++; + if(*p) type = p; + break; + } +#ifndef CHARSET_EBCDIC + if (*type == '+') +#else + if (*type == os_toascii['+']) +#endif + { + mval = -1; + type++; + } + else + mval = 0; + if (!X509_NAME_add_entry_by_txt(nm,type, chtype, + (unsigned char *) v->value,-1,-1,mval)) + return 0; + + } + return 1; + } diff --git a/src/lib/libssl/src/crypto/x509v3/v3err.c b/src/lib/libssl/src/crypto/x509v3/v3err.c index e1edaf5248..d538ad8b80 100644 --- a/src/lib/libssl/src/crypto/x509v3/v3err.c +++ b/src/lib/libssl/src/crypto/x509v3/v3err.c @@ -70,10 +70,15 @@ static ERR_STRING_DATA X509V3_str_functs[]= { +{ERR_FUNC(X509V3_F_ASIDENTIFIERCHOICE_CANONIZE), "ASIDENTIFIERCHOICE_CANONIZE"}, +{ERR_FUNC(X509V3_F_ASIDENTIFIERCHOICE_IS_CANONICAL), "ASIDENTIFIERCHOICE_IS_CANONICAL"}, {ERR_FUNC(X509V3_F_COPY_EMAIL), "COPY_EMAIL"}, {ERR_FUNC(X509V3_F_COPY_ISSUER), "COPY_ISSUER"}, +{ERR_FUNC(X509V3_F_DO_DIRNAME), "DO_DIRNAME"}, {ERR_FUNC(X509V3_F_DO_EXT_CONF), "DO_EXT_CONF"}, {ERR_FUNC(X509V3_F_DO_EXT_I2D), "DO_EXT_I2D"}, +{ERR_FUNC(X509V3_F_DO_EXT_NCONF), "DO_EXT_NCONF"}, +{ERR_FUNC(X509V3_F_DO_I2V_NAME_CONSTRAINTS), "DO_I2V_NAME_CONSTRAINTS"}, {ERR_FUNC(X509V3_F_HEX_TO_STRING), "hex_to_string"}, {ERR_FUNC(X509V3_F_I2S_ASN1_ENUMERATED), "i2s_ASN1_ENUMERATED"}, {ERR_FUNC(X509V3_F_I2S_ASN1_IA5STRING), "I2S_ASN1_IA5STRING"}, @@ -82,34 +87,46 @@ static ERR_STRING_DATA X509V3_str_functs[]= {ERR_FUNC(X509V3_F_NOTICE_SECTION), "NOTICE_SECTION"}, {ERR_FUNC(X509V3_F_NREF_NOS), "NREF_NOS"}, {ERR_FUNC(X509V3_F_POLICY_SECTION), "POLICY_SECTION"}, +{ERR_FUNC(X509V3_F_PROCESS_PCI_VALUE), "PROCESS_PCI_VALUE"}, {ERR_FUNC(X509V3_F_R2I_CERTPOL), "R2I_CERTPOL"}, {ERR_FUNC(X509V3_F_R2I_PCI), "R2I_PCI"}, {ERR_FUNC(X509V3_F_S2I_ASN1_IA5STRING), "S2I_ASN1_IA5STRING"}, {ERR_FUNC(X509V3_F_S2I_ASN1_INTEGER), "s2i_ASN1_INTEGER"}, {ERR_FUNC(X509V3_F_S2I_ASN1_OCTET_STRING), "s2i_ASN1_OCTET_STRING"}, {ERR_FUNC(X509V3_F_S2I_ASN1_SKEY_ID), "S2I_ASN1_SKEY_ID"}, -{ERR_FUNC(X509V3_F_S2I_S2I_SKEY_ID), "S2I_S2I_SKEY_ID"}, +{ERR_FUNC(X509V3_F_S2I_SKEY_ID), "S2I_SKEY_ID"}, {ERR_FUNC(X509V3_F_STRING_TO_HEX), "string_to_hex"}, -{ERR_FUNC(X509V3_F_SXNET_ADD_ASC), "SXNET_ADD_ASC"}, +{ERR_FUNC(X509V3_F_SXNET_ADD_ID_ASC), "SXNET_add_id_asc"}, {ERR_FUNC(X509V3_F_SXNET_ADD_ID_INTEGER), "SXNET_add_id_INTEGER"}, {ERR_FUNC(X509V3_F_SXNET_ADD_ID_ULONG), "SXNET_add_id_ulong"}, {ERR_FUNC(X509V3_F_SXNET_GET_ID_ASC), "SXNET_get_id_asc"}, {ERR_FUNC(X509V3_F_SXNET_GET_ID_ULONG), "SXNET_get_id_ulong"}, -{ERR_FUNC(X509V3_F_V2I_ACCESS_DESCRIPTION), "V2I_ACCESS_DESCRIPTION"}, -{ERR_FUNC(X509V3_F_V2I_ASN1_BIT_STRING), "V2I_ASN1_BIT_STRING"}, +{ERR_FUNC(X509V3_F_V2I_ASIDENTIFIERS), "V2I_ASIDENTIFIERS"}, +{ERR_FUNC(X509V3_F_V2I_ASN1_BIT_STRING), "v2i_ASN1_BIT_STRING"}, +{ERR_FUNC(X509V3_F_V2I_AUTHORITY_INFO_ACCESS), "V2I_AUTHORITY_INFO_ACCESS"}, {ERR_FUNC(X509V3_F_V2I_AUTHORITY_KEYID), "V2I_AUTHORITY_KEYID"}, {ERR_FUNC(X509V3_F_V2I_BASIC_CONSTRAINTS), "V2I_BASIC_CONSTRAINTS"}, {ERR_FUNC(X509V3_F_V2I_CRLD), "V2I_CRLD"}, -{ERR_FUNC(X509V3_F_V2I_EXT_KU), "V2I_EXT_KU"}, -{ERR_FUNC(X509V3_F_V2I_GENERAL_NAME), "v2i_GENERAL_NAME"}, +{ERR_FUNC(X509V3_F_V2I_EXTENDED_KEY_USAGE), "V2I_EXTENDED_KEY_USAGE"}, {ERR_FUNC(X509V3_F_V2I_GENERAL_NAMES), "v2i_GENERAL_NAMES"}, +{ERR_FUNC(X509V3_F_V2I_GENERAL_NAME_EX), "v2i_GENERAL_NAME_ex"}, +{ERR_FUNC(X509V3_F_V2I_IPADDRBLOCKS), "V2I_IPADDRBLOCKS"}, +{ERR_FUNC(X509V3_F_V2I_ISSUER_ALT), "V2I_ISSUER_ALT"}, +{ERR_FUNC(X509V3_F_V2I_NAME_CONSTRAINTS), "V2I_NAME_CONSTRAINTS"}, +{ERR_FUNC(X509V3_F_V2I_POLICY_CONSTRAINTS), "V2I_POLICY_CONSTRAINTS"}, +{ERR_FUNC(X509V3_F_V2I_POLICY_MAPPINGS), "V2I_POLICY_MAPPINGS"}, +{ERR_FUNC(X509V3_F_V2I_SUBJECT_ALT), "V2I_SUBJECT_ALT"}, +{ERR_FUNC(X509V3_F_V3_ADDR_VALIDATE_PATH_INTERNAL), "V3_ADDR_VALIDATE_PATH_INTERNAL"}, {ERR_FUNC(X509V3_F_V3_GENERIC_EXTENSION), "V3_GENERIC_EXTENSION"}, -{ERR_FUNC(X509V3_F_X509V3_ADD_I2D), "X509V3_ADD_I2D"}, +{ERR_FUNC(X509V3_F_X509V3_ADD1_I2D), "X509V3_add1_i2d"}, {ERR_FUNC(X509V3_F_X509V3_ADD_VALUE), "X509V3_add_value"}, {ERR_FUNC(X509V3_F_X509V3_EXT_ADD), "X509V3_EXT_add"}, {ERR_FUNC(X509V3_F_X509V3_EXT_ADD_ALIAS), "X509V3_EXT_add_alias"}, {ERR_FUNC(X509V3_F_X509V3_EXT_CONF), "X509V3_EXT_conf"}, {ERR_FUNC(X509V3_F_X509V3_EXT_I2D), "X509V3_EXT_i2d"}, +{ERR_FUNC(X509V3_F_X509V3_EXT_NCONF), "X509V3_EXT_nconf"}, +{ERR_FUNC(X509V3_F_X509V3_GET_SECTION), "X509V3_get_section"}, +{ERR_FUNC(X509V3_F_X509V3_GET_STRING), "X509V3_get_string"}, {ERR_FUNC(X509V3_F_X509V3_GET_VALUE_BOOL), "X509V3_get_value_bool"}, {ERR_FUNC(X509V3_F_X509V3_PARSE_LIST), "X509V3_parse_list"}, {ERR_FUNC(X509V3_F_X509_PURPOSE_ADD), "X509_PURPOSE_add"}, @@ -123,6 +140,7 @@ static ERR_STRING_DATA X509V3_str_reasons[]= {ERR_REASON(X509V3_R_BAD_OBJECT) ,"bad object"}, {ERR_REASON(X509V3_R_BN_DEC2BN_ERROR) ,"bn dec2bn error"}, {ERR_REASON(X509V3_R_BN_TO_ASN1_INTEGER_ERROR),"bn to asn1 integer error"}, +{ERR_REASON(X509V3_R_DIRNAME_ERROR) ,"dirname error"}, {ERR_REASON(X509V3_R_DUPLICATE_ZONE_ID) ,"duplicate zone id"}, {ERR_REASON(X509V3_R_ERROR_CONVERTING_ZONE),"error converting zone"}, {ERR_REASON(X509V3_R_ERROR_CREATING_EXTENSION),"error creating extension"}, @@ -133,10 +151,15 @@ static ERR_STRING_DATA X509V3_str_reasons[]= {ERR_REASON(X509V3_R_EXTENSION_NOT_FOUND),"extension not found"}, {ERR_REASON(X509V3_R_EXTENSION_SETTING_NOT_SUPPORTED),"extension setting not supported"}, {ERR_REASON(X509V3_R_EXTENSION_VALUE_ERROR),"extension value error"}, +{ERR_REASON(X509V3_R_ILLEGAL_EMPTY_EXTENSION),"illegal empty extension"}, {ERR_REASON(X509V3_R_ILLEGAL_HEX_DIGIT) ,"illegal hex digit"}, {ERR_REASON(X509V3_R_INCORRECT_POLICY_SYNTAX_TAG),"incorrect policy syntax tag"}, +{ERR_REASON(X509V3_R_INVALID_ASNUMBER) ,"invalid asnumber"}, +{ERR_REASON(X509V3_R_INVALID_ASRANGE) ,"invalid asrange"}, {ERR_REASON(X509V3_R_INVALID_BOOLEAN_STRING),"invalid boolean string"}, {ERR_REASON(X509V3_R_INVALID_EXTENSION_STRING),"invalid extension string"}, +{ERR_REASON(X509V3_R_INVALID_INHERITANCE),"invalid inheritance"}, +{ERR_REASON(X509V3_R_INVALID_IPADDRESS) ,"invalid ipaddress"}, {ERR_REASON(X509V3_R_INVALID_NAME) ,"invalid name"}, {ERR_REASON(X509V3_R_INVALID_NULL_ARGUMENT),"invalid null argument"}, {ERR_REASON(X509V3_R_INVALID_NULL_NAME) ,"invalid null name"}, @@ -146,9 +169,9 @@ static ERR_STRING_DATA X509V3_str_reasons[]= {ERR_REASON(X509V3_R_INVALID_OBJECT_IDENTIFIER),"invalid object identifier"}, {ERR_REASON(X509V3_R_INVALID_OPTION) ,"invalid option"}, {ERR_REASON(X509V3_R_INVALID_POLICY_IDENTIFIER),"invalid policy identifier"}, -{ERR_REASON(X509V3_R_INVALID_PROXY_POLICY_IDENTIFIER),"invalid proxy policy identifier"}, {ERR_REASON(X509V3_R_INVALID_PROXY_POLICY_SETTING),"invalid proxy policy setting"}, {ERR_REASON(X509V3_R_INVALID_PURPOSE) ,"invalid purpose"}, +{ERR_REASON(X509V3_R_INVALID_SAFI) ,"invalid safi"}, {ERR_REASON(X509V3_R_INVALID_SECTION) ,"invalid section"}, {ERR_REASON(X509V3_R_INVALID_SYNTAX) ,"invalid syntax"}, {ERR_REASON(X509V3_R_ISSUER_DECODE_ERROR),"issuer decode error"}, @@ -162,12 +185,14 @@ static ERR_STRING_DATA X509V3_str_reasons[]= {ERR_REASON(X509V3_R_NO_PUBLIC_KEY) ,"no public key"}, {ERR_REASON(X509V3_R_NO_SUBJECT_DETAILS) ,"no subject details"}, {ERR_REASON(X509V3_R_ODD_NUMBER_OF_DIGITS),"odd number of digits"}, +{ERR_REASON(X509V3_R_OPERATION_NOT_DEFINED),"operation not defined"}, +{ERR_REASON(X509V3_R_OTHERNAME_ERROR) ,"othername error"}, {ERR_REASON(X509V3_R_POLICY_LANGUAGE_ALREADTY_DEFINED),"policy language alreadty defined"}, {ERR_REASON(X509V3_R_POLICY_PATH_LENGTH) ,"policy path length"}, {ERR_REASON(X509V3_R_POLICY_PATH_LENGTH_ALREADTY_DEFINED),"policy path length alreadty defined"}, -{ERR_REASON(X509V3_R_POLICY_SYNTAX_NOT) ,"policy syntax not"}, {ERR_REASON(X509V3_R_POLICY_SYNTAX_NOT_CURRENTLY_SUPPORTED),"policy syntax not currently supported"}, {ERR_REASON(X509V3_R_POLICY_WHEN_PROXY_LANGUAGE_REQUIRES_NO_POLICY),"policy when proxy language requires no policy"}, +{ERR_REASON(X509V3_R_SECTION_NOT_FOUND) ,"section not found"}, {ERR_REASON(X509V3_R_UNABLE_TO_GET_ISSUER_DETAILS),"unable to get issuer details"}, {ERR_REASON(X509V3_R_UNABLE_TO_GET_ISSUER_KEYID),"unable to get issuer keyid"}, {ERR_REASON(X509V3_R_UNKNOWN_BIT_STRING_ARGUMENT),"unknown bit string argument"}, @@ -183,15 +208,12 @@ static ERR_STRING_DATA X509V3_str_reasons[]= void ERR_load_X509V3_strings(void) { - static int init=1; +#ifndef OPENSSL_NO_ERR - if (init) + if (ERR_func_error_string(X509V3_str_functs[0].error) == NULL) { - init=0; -#ifndef OPENSSL_NO_ERR ERR_load_strings(0,X509V3_str_functs); ERR_load_strings(0,X509V3_str_reasons); -#endif - } +#endif } diff --git a/src/lib/libssl/src/crypto/x509v3/x509v3.h b/src/lib/libssl/src/crypto/x509v3/x509v3.h index e6d91251c2..db2b0482c1 100644 --- a/src/lib/libssl/src/crypto/x509v3/x509v3.h +++ b/src/lib/libssl/src/crypto/x509v3/x509v3.h @@ -3,7 +3,7 @@ * project 1999. */ /* ==================================================================== - * Copyright (c) 1999 The OpenSSL Project. All rights reserved. + * Copyright (c) 1999-2004 The OpenSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -74,14 +74,14 @@ struct v3_ext_ctx; typedef void * (*X509V3_EXT_NEW)(void); typedef void (*X509V3_EXT_FREE)(void *); -typedef void * (*X509V3_EXT_D2I)(void *, unsigned char ** , long); +typedef void * (*X509V3_EXT_D2I)(void *, const unsigned char ** , long); typedef int (*X509V3_EXT_I2D)(void *, unsigned char **); typedef STACK_OF(CONF_VALUE) * (*X509V3_EXT_I2V)(struct v3_ext_method *method, void *ext, STACK_OF(CONF_VALUE) *extlist); typedef void * (*X509V3_EXT_V2I)(struct v3_ext_method *method, struct v3_ext_ctx *ctx, STACK_OF(CONF_VALUE) *values); typedef char * (*X509V3_EXT_I2S)(struct v3_ext_method *method, void *ext); -typedef void * (*X509V3_EXT_S2I)(struct v3_ext_method *method, struct v3_ext_ctx *ctx, char *str); +typedef void * (*X509V3_EXT_S2I)(struct v3_ext_method *method, struct v3_ext_ctx *ctx, const char *str); typedef int (*X509V3_EXT_I2R)(struct v3_ext_method *method, void *ext, BIO *out, int indent); -typedef void * (*X509V3_EXT_R2I)(struct v3_ext_method *method, struct v3_ext_ctx *ctx, char *str); +typedef void * (*X509V3_EXT_R2I)(struct v3_ext_method *method, struct v3_ext_ctx *ctx, const char *str); /* V3 extension structure */ @@ -132,7 +132,6 @@ void *db; }; typedef struct v3_ext_method X509V3_EXT_METHOD; -typedef struct v3_ext_ctx X509V3_CTX; DECLARE_STACK_OF(X509V3_EXT_METHOD) @@ -287,6 +286,33 @@ typedef STACK_OF(POLICYINFO) CERTIFICATEPOLICIES; DECLARE_STACK_OF(POLICYINFO) DECLARE_ASN1_SET_OF(POLICYINFO) +typedef struct POLICY_MAPPING_st { + ASN1_OBJECT *issuerDomainPolicy; + ASN1_OBJECT *subjectDomainPolicy; +} POLICY_MAPPING; + +DECLARE_STACK_OF(POLICY_MAPPING) + +typedef STACK_OF(POLICY_MAPPING) POLICY_MAPPINGS; + +typedef struct GENERAL_SUBTREE_st { + GENERAL_NAME *base; + ASN1_INTEGER *minimum; + ASN1_INTEGER *maximum; +} GENERAL_SUBTREE; + +DECLARE_STACK_OF(GENERAL_SUBTREE) + +typedef struct NAME_CONSTRAINTS_st { + STACK_OF(GENERAL_SUBTREE) *permittedSubtrees; + STACK_OF(GENERAL_SUBTREE) *excludedSubtrees; +} NAME_CONSTRAINTS; + +typedef struct POLICY_CONSTRAINTS_st { + ASN1_INTEGER *requireExplicitPolicy; + ASN1_INTEGER *inhibitPolicyMapping; +} POLICY_CONSTRAINTS; + /* Proxy certificate structures, see RFC 3820 */ typedef struct PROXY_POLICY_st { @@ -344,6 +370,8 @@ DECLARE_ASN1_FUNCTIONS(PROXY_CERT_INFO_EXTENSION) #define EXFLAG_CRITICAL 0x200 #define EXFLAG_PROXY 0x400 +#define EXFLAG_INVALID_POLICY 0x400 + #define KU_DIGITAL_SIGNATURE 0x0080 #define KU_NON_REPUDIATION 0x0040 #define KU_KEY_ENCIPHERMENT 0x0020 @@ -442,6 +470,13 @@ DECLARE_ASN1_FUNCTIONS(PKEY_USAGE_PERIOD) DECLARE_ASN1_FUNCTIONS(GENERAL_NAME) + +ASN1_BIT_STRING *v2i_ASN1_BIT_STRING(X509V3_EXT_METHOD *method, + X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval); +STACK_OF(CONF_VALUE) *i2v_ASN1_BIT_STRING(X509V3_EXT_METHOD *method, + ASN1_BIT_STRING *bits, + STACK_OF(CONF_VALUE) *extlist); + STACK_OF(CONF_VALUE) *i2v_GENERAL_NAME(X509V3_EXT_METHOD *method, GENERAL_NAME *gen, STACK_OF(CONF_VALUE) *ret); int GENERAL_NAME_print(BIO *out, GENERAL_NAME *gen); @@ -474,8 +509,24 @@ DECLARE_ASN1_FUNCTIONS(DIST_POINT_NAME) DECLARE_ASN1_FUNCTIONS(ACCESS_DESCRIPTION) DECLARE_ASN1_FUNCTIONS(AUTHORITY_INFO_ACCESS) +DECLARE_ASN1_ITEM(POLICY_MAPPING) +DECLARE_ASN1_ALLOC_FUNCTIONS(POLICY_MAPPING) +DECLARE_ASN1_ITEM(POLICY_MAPPINGS) + +DECLARE_ASN1_ITEM(GENERAL_SUBTREE) +DECLARE_ASN1_ALLOC_FUNCTIONS(GENERAL_SUBTREE) + +DECLARE_ASN1_ITEM(NAME_CONSTRAINTS) +DECLARE_ASN1_ALLOC_FUNCTIONS(NAME_CONSTRAINTS) + +DECLARE_ASN1_ALLOC_FUNCTIONS(POLICY_CONSTRAINTS) +DECLARE_ASN1_ITEM(POLICY_CONSTRAINTS) + #ifdef HEADER_CONF_H -GENERAL_NAME *v2i_GENERAL_NAME(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, CONF_VALUE *cnf); +GENERAL_NAME *v2i_GENERAL_NAME(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, + CONF_VALUE *cnf); +GENERAL_NAME *v2i_GENERAL_NAME_ex(GENERAL_NAME *out, X509V3_EXT_METHOD *method, + X509V3_CTX *ctx, CONF_VALUE *cnf, int is_nc); void X509V3_conf_free(CONF_VALUE *val); X509_EXTENSION *X509V3_EXT_nconf_nid(CONF *conf, X509V3_CTX *ctx, int ext_nid, char *value); @@ -566,7 +617,164 @@ int X509_PURPOSE_get_id(X509_PURPOSE *); STACK *X509_get1_email(X509 *x); STACK *X509_REQ_get1_email(X509_REQ *x); void X509_email_free(STACK *sk); +STACK *X509_get1_ocsp(X509 *x); + +ASN1_OCTET_STRING *a2i_IPADDRESS(const char *ipasc); +ASN1_OCTET_STRING *a2i_IPADDRESS_NC(const char *ipasc); +int a2i_ipadd(unsigned char *ipout, const char *ipasc); +int X509V3_NAME_from_section(X509_NAME *nm, STACK_OF(CONF_VALUE)*dn_sk, + unsigned long chtype); + +void X509_POLICY_NODE_print(BIO *out, X509_POLICY_NODE *node, int indent); + +#ifndef OPENSSL_NO_RFC3779 + +typedef struct ASRange_st { + ASN1_INTEGER *min, *max; +} ASRange; + +#define ASIdOrRange_id 0 +#define ASIdOrRange_range 1 + +typedef struct ASIdOrRange_st { + int type; + union { + ASN1_INTEGER *id; + ASRange *range; + } u; +} ASIdOrRange; + +typedef STACK_OF(ASIdOrRange) ASIdOrRanges; +DECLARE_STACK_OF(ASIdOrRange) + +#define ASIdentifierChoice_inherit 0 +#define ASIdentifierChoice_asIdsOrRanges 1 + +typedef struct ASIdentifierChoice_st { + int type; + union { + ASN1_NULL *inherit; + ASIdOrRanges *asIdsOrRanges; + } u; +} ASIdentifierChoice; + +typedef struct ASIdentifiers_st { + ASIdentifierChoice *asnum, *rdi; +} ASIdentifiers; + +DECLARE_ASN1_FUNCTIONS(ASRange) +DECLARE_ASN1_FUNCTIONS(ASIdOrRange) +DECLARE_ASN1_FUNCTIONS(ASIdentifierChoice) +DECLARE_ASN1_FUNCTIONS(ASIdentifiers) + + +typedef struct IPAddressRange_st { + ASN1_BIT_STRING *min, *max; +} IPAddressRange; + +#define IPAddressOrRange_addressPrefix 0 +#define IPAddressOrRange_addressRange 1 + +typedef struct IPAddressOrRange_st { + int type; + union { + ASN1_BIT_STRING *addressPrefix; + IPAddressRange *addressRange; + } u; +} IPAddressOrRange; + +typedef STACK_OF(IPAddressOrRange) IPAddressOrRanges; +DECLARE_STACK_OF(IPAddressOrRange) + +#define IPAddressChoice_inherit 0 +#define IPAddressChoice_addressesOrRanges 1 + +typedef struct IPAddressChoice_st { + int type; + union { + ASN1_NULL *inherit; + IPAddressOrRanges *addressesOrRanges; + } u; +} IPAddressChoice; + +typedef struct IPAddressFamily_st { + ASN1_OCTET_STRING *addressFamily; + IPAddressChoice *ipAddressChoice; +} IPAddressFamily; + +typedef STACK_OF(IPAddressFamily) IPAddrBlocks; +DECLARE_STACK_OF(IPAddressFamily) + +DECLARE_ASN1_FUNCTIONS(IPAddressRange) +DECLARE_ASN1_FUNCTIONS(IPAddressOrRange) +DECLARE_ASN1_FUNCTIONS(IPAddressChoice) +DECLARE_ASN1_FUNCTIONS(IPAddressFamily) + +/* + * API tag for elements of the ASIdentifer SEQUENCE. + */ +#define V3_ASID_ASNUM 0 +#define V3_ASID_RDI 1 + +/* + * AFI values, assigned by IANA. It'd be nice to make the AFI + * handling code totally generic, but there are too many little things + * that would need to be defined for other address families for it to + * be worth the trouble. + */ +#define IANA_AFI_IPV4 1 +#define IANA_AFI_IPV6 2 + +/* + * Utilities to construct and extract values from RFC3779 extensions, + * since some of the encodings (particularly for IP address prefixes + * and ranges) are a bit tedious to work with directly. + */ +int v3_asid_add_inherit(ASIdentifiers *asid, int which); +int v3_asid_add_id_or_range(ASIdentifiers *asid, int which, + ASN1_INTEGER *min, ASN1_INTEGER *max); +int v3_addr_add_inherit(IPAddrBlocks *addr, + const unsigned afi, const unsigned *safi); +int v3_addr_add_prefix(IPAddrBlocks *addr, + const unsigned afi, const unsigned *safi, + unsigned char *a, const int prefixlen); +int v3_addr_add_range(IPAddrBlocks *addr, + const unsigned afi, const unsigned *safi, + unsigned char *min, unsigned char *max); +unsigned v3_addr_get_afi(const IPAddressFamily *f); +int v3_addr_get_range(IPAddressOrRange *aor, const unsigned afi, + unsigned char *min, unsigned char *max, + const int length); + +/* + * Canonical forms. + */ +int v3_asid_is_canonical(ASIdentifiers *asid); +int v3_addr_is_canonical(IPAddrBlocks *addr); +int v3_asid_canonize(ASIdentifiers *asid); +int v3_addr_canonize(IPAddrBlocks *addr); + +/* + * Tests for inheritance and containment. + */ +int v3_asid_inherits(ASIdentifiers *asid); +int v3_addr_inherits(IPAddrBlocks *addr); +int v3_asid_subset(ASIdentifiers *a, ASIdentifiers *b); +int v3_addr_subset(IPAddrBlocks *a, IPAddrBlocks *b); + +/* + * Check whether RFC 3779 extensions nest properly in chains. + */ +int v3_asid_validate_path(X509_STORE_CTX *); +int v3_addr_validate_path(X509_STORE_CTX *); +int v3_asid_validate_resource_set(STACK_OF(X509) *chain, + ASIdentifiers *ext, + int allow_inheritance); +int v3_addr_validate_resource_set(STACK_OF(X509) *chain, + IPAddrBlocks *ext, + int allow_inheritance); +#endif /* OPENSSL_NO_RFC3779 */ /* BEGIN ERROR CODES */ /* The following lines are auto generated by the script mkerr.pl. Any changes @@ -577,46 +785,63 @@ void ERR_load_X509V3_strings(void); /* Error codes for the X509V3 functions. */ /* Function codes. */ +#define X509V3_F_ASIDENTIFIERCHOICE_CANONIZE 156 +#define X509V3_F_ASIDENTIFIERCHOICE_IS_CANONICAL 157 #define X509V3_F_COPY_EMAIL 122 #define X509V3_F_COPY_ISSUER 123 +#define X509V3_F_DO_DIRNAME 144 #define X509V3_F_DO_EXT_CONF 124 #define X509V3_F_DO_EXT_I2D 135 +#define X509V3_F_DO_EXT_NCONF 151 +#define X509V3_F_DO_I2V_NAME_CONSTRAINTS 148 #define X509V3_F_HEX_TO_STRING 111 #define X509V3_F_I2S_ASN1_ENUMERATED 121 -#define X509V3_F_I2S_ASN1_IA5STRING 142 +#define X509V3_F_I2S_ASN1_IA5STRING 149 #define X509V3_F_I2S_ASN1_INTEGER 120 #define X509V3_F_I2V_AUTHORITY_INFO_ACCESS 138 #define X509V3_F_NOTICE_SECTION 132 #define X509V3_F_NREF_NOS 133 #define X509V3_F_POLICY_SECTION 131 +#define X509V3_F_PROCESS_PCI_VALUE 150 #define X509V3_F_R2I_CERTPOL 130 -#define X509V3_F_R2I_PCI 142 +#define X509V3_F_R2I_PCI 155 #define X509V3_F_S2I_ASN1_IA5STRING 100 #define X509V3_F_S2I_ASN1_INTEGER 108 #define X509V3_F_S2I_ASN1_OCTET_STRING 112 #define X509V3_F_S2I_ASN1_SKEY_ID 114 -#define X509V3_F_S2I_S2I_SKEY_ID 115 +#define X509V3_F_S2I_SKEY_ID 115 #define X509V3_F_STRING_TO_HEX 113 -#define X509V3_F_SXNET_ADD_ASC 125 +#define X509V3_F_SXNET_ADD_ID_ASC 125 #define X509V3_F_SXNET_ADD_ID_INTEGER 126 #define X509V3_F_SXNET_ADD_ID_ULONG 127 #define X509V3_F_SXNET_GET_ID_ASC 128 #define X509V3_F_SXNET_GET_ID_ULONG 129 -#define X509V3_F_V2I_ACCESS_DESCRIPTION 139 +#define X509V3_F_V2I_ASIDENTIFIERS 158 #define X509V3_F_V2I_ASN1_BIT_STRING 101 +#define X509V3_F_V2I_AUTHORITY_INFO_ACCESS 139 #define X509V3_F_V2I_AUTHORITY_KEYID 119 #define X509V3_F_V2I_BASIC_CONSTRAINTS 102 #define X509V3_F_V2I_CRLD 134 -#define X509V3_F_V2I_EXT_KU 103 -#define X509V3_F_V2I_GENERAL_NAME 117 +#define X509V3_F_V2I_EXTENDED_KEY_USAGE 103 #define X509V3_F_V2I_GENERAL_NAMES 118 +#define X509V3_F_V2I_GENERAL_NAME_EX 117 +#define X509V3_F_V2I_IPADDRBLOCKS 159 +#define X509V3_F_V2I_ISSUER_ALT 153 +#define X509V3_F_V2I_NAME_CONSTRAINTS 147 +#define X509V3_F_V2I_POLICY_CONSTRAINTS 146 +#define X509V3_F_V2I_POLICY_MAPPINGS 145 +#define X509V3_F_V2I_SUBJECT_ALT 154 +#define X509V3_F_V3_ADDR_VALIDATE_PATH_INTERNAL 160 #define X509V3_F_V3_GENERIC_EXTENSION 116 -#define X509V3_F_X509V3_ADD_I2D 140 +#define X509V3_F_X509V3_ADD1_I2D 140 #define X509V3_F_X509V3_ADD_VALUE 105 #define X509V3_F_X509V3_EXT_ADD 104 #define X509V3_F_X509V3_EXT_ADD_ALIAS 106 #define X509V3_F_X509V3_EXT_CONF 107 #define X509V3_F_X509V3_EXT_I2D 136 +#define X509V3_F_X509V3_EXT_NCONF 152 +#define X509V3_F_X509V3_GET_SECTION 142 +#define X509V3_F_X509V3_GET_STRING 143 #define X509V3_F_X509V3_GET_VALUE_BOOL 110 #define X509V3_F_X509V3_PARSE_LIST 109 #define X509V3_F_X509_PURPOSE_ADD 137 @@ -627,6 +852,7 @@ void ERR_load_X509V3_strings(void); #define X509V3_R_BAD_OBJECT 119 #define X509V3_R_BN_DEC2BN_ERROR 100 #define X509V3_R_BN_TO_ASN1_INTEGER_ERROR 101 +#define X509V3_R_DIRNAME_ERROR 149 #define X509V3_R_DUPLICATE_ZONE_ID 133 #define X509V3_R_ERROR_CONVERTING_ZONE 131 #define X509V3_R_ERROR_CREATING_EXTENSION 144 @@ -637,10 +863,15 @@ void ERR_load_X509V3_strings(void); #define X509V3_R_EXTENSION_NOT_FOUND 102 #define X509V3_R_EXTENSION_SETTING_NOT_SUPPORTED 103 #define X509V3_R_EXTENSION_VALUE_ERROR 116 +#define X509V3_R_ILLEGAL_EMPTY_EXTENSION 151 #define X509V3_R_ILLEGAL_HEX_DIGIT 113 -#define X509V3_R_INCORRECT_POLICY_SYNTAX_TAG 153 +#define X509V3_R_INCORRECT_POLICY_SYNTAX_TAG 152 +#define X509V3_R_INVALID_ASNUMBER 160 +#define X509V3_R_INVALID_ASRANGE 161 #define X509V3_R_INVALID_BOOLEAN_STRING 104 #define X509V3_R_INVALID_EXTENSION_STRING 105 +#define X509V3_R_INVALID_INHERITANCE 162 +#define X509V3_R_INVALID_IPADDRESS 163 #define X509V3_R_INVALID_NAME 106 #define X509V3_R_INVALID_NULL_ARGUMENT 107 #define X509V3_R_INVALID_NULL_NAME 108 @@ -650,9 +881,9 @@ void ERR_load_X509V3_strings(void); #define X509V3_R_INVALID_OBJECT_IDENTIFIER 110 #define X509V3_R_INVALID_OPTION 138 #define X509V3_R_INVALID_POLICY_IDENTIFIER 134 -#define X509V3_R_INVALID_PROXY_POLICY_IDENTIFIER 147 -#define X509V3_R_INVALID_PROXY_POLICY_SETTING 151 +#define X509V3_R_INVALID_PROXY_POLICY_SETTING 153 #define X509V3_R_INVALID_PURPOSE 146 +#define X509V3_R_INVALID_SAFI 164 #define X509V3_R_INVALID_SECTION 135 #define X509V3_R_INVALID_SYNTAX 143 #define X509V3_R_ISSUER_DECODE_ERROR 126 @@ -662,16 +893,18 @@ void ERR_load_X509V3_strings(void); #define X509V3_R_NO_ISSUER_CERTIFICATE 121 #define X509V3_R_NO_ISSUER_DETAILS 127 #define X509V3_R_NO_POLICY_IDENTIFIER 139 -#define X509V3_R_NO_PROXY_CERT_POLICY_LANGUAGE_DEFINED 148 +#define X509V3_R_NO_PROXY_CERT_POLICY_LANGUAGE_DEFINED 154 #define X509V3_R_NO_PUBLIC_KEY 114 #define X509V3_R_NO_SUBJECT_DETAILS 125 #define X509V3_R_ODD_NUMBER_OF_DIGITS 112 -#define X509V3_R_POLICY_LANGUAGE_ALREADTY_DEFINED 149 -#define X509V3_R_POLICY_PATH_LENGTH 152 -#define X509V3_R_POLICY_PATH_LENGTH_ALREADTY_DEFINED 150 -#define X509V3_R_POLICY_SYNTAX_NOT 154 -#define X509V3_R_POLICY_SYNTAX_NOT_CURRENTLY_SUPPORTED 155 -#define X509V3_R_POLICY_WHEN_PROXY_LANGUAGE_REQUIRES_NO_POLICY 156 +#define X509V3_R_OPERATION_NOT_DEFINED 148 +#define X509V3_R_OTHERNAME_ERROR 147 +#define X509V3_R_POLICY_LANGUAGE_ALREADTY_DEFINED 155 +#define X509V3_R_POLICY_PATH_LENGTH 156 +#define X509V3_R_POLICY_PATH_LENGTH_ALREADTY_DEFINED 157 +#define X509V3_R_POLICY_SYNTAX_NOT_CURRENTLY_SUPPORTED 158 +#define X509V3_R_POLICY_WHEN_PROXY_LANGUAGE_REQUIRES_NO_POLICY 159 +#define X509V3_R_SECTION_NOT_FOUND 150 #define X509V3_R_UNABLE_TO_GET_ISSUER_DETAILS 122 #define X509V3_R_UNABLE_TO_GET_ISSUER_KEYID 123 #define X509V3_R_UNKNOWN_BIT_STRING_ARGUMENT 111 diff --git a/src/lib/libssl/src/demos/easy_tls/easy-tls.c b/src/lib/libssl/src/demos/easy_tls/easy-tls.c index 66fac1f1e6..e4899d9ac5 100644 --- a/src/lib/libssl/src/demos/easy_tls/easy-tls.c +++ b/src/lib/libssl/src/demos/easy_tls/easy-tls.c @@ -1,7 +1,7 @@ /* -*- Mode: C; c-file-style: "bsd" -*- */ /* * easy-tls.c -- generic TLS proxy. - * $Id: easy-tls.c,v 1.1.1.1 2002/09/05 12:51:06 markus Exp $ + * $Id: easy-tls.c,v 1.1.1.2 2008/09/06 12:15:48 djm Exp $ */ /* (c) Copyright 1999 Bodo Moeller. All rights reserved. @@ -73,7 +73,7 @@ */ static char const rcsid[] = -"$Id: easy-tls.c,v 1.1.1.1 2002/09/05 12:51:06 markus Exp $"; +"$Id: easy-tls.c,v 1.1.1.2 2008/09/06 12:15:48 djm Exp $"; #include #include diff --git a/src/lib/libssl/src/demos/engines/cluster_labs/hw_cluster_labs_err.h b/src/lib/libssl/src/demos/engines/cluster_labs/hw_cluster_labs_err.h index afc175b133..f548a3b668 100644 --- a/src/lib/libssl/src/demos/engines/cluster_labs/hw_cluster_labs_err.h +++ b/src/lib/libssl/src/demos/engines/cluster_labs/hw_cluster_labs_err.h @@ -55,6 +55,10 @@ #ifndef HEADER_CL_ERR_H #define HEADER_CL_ERR_H +#ifdef __cplusplus +extern "C" { +#endif + /* BEGIN ERROR CODES */ /* The following lines are auto generated by the script mkerr.pl. Any changes * made after this point may be overwritten when the script is next run. diff --git a/src/lib/libssl/src/demos/engines/ibmca/hw_ibmca_err.h b/src/lib/libssl/src/demos/engines/ibmca/hw_ibmca_err.h index da64bde5f2..2070f95799 100644 --- a/src/lib/libssl/src/demos/engines/ibmca/hw_ibmca_err.h +++ b/src/lib/libssl/src/demos/engines/ibmca/hw_ibmca_err.h @@ -55,6 +55,10 @@ #ifndef HEADER_IBMCA_ERR_H #define HEADER_IBMCA_ERR_H +#ifdef __cplusplus +extern "C" { +#endif + /* BEGIN ERROR CODES */ /* The following lines are auto generated by the script mkerr.pl. Any changes * made after this point may be overwritten when the script is next run. diff --git a/src/lib/libssl/src/demos/engines/zencod/hw_zencod.c b/src/lib/libssl/src/demos/engines/zencod/hw_zencod.c index 29206b4a29..4234b93cbe 100644 --- a/src/lib/libssl/src/demos/engines/zencod/hw_zencod.c +++ b/src/lib/libssl/src/demos/engines/zencod/hw_zencod.c @@ -1233,7 +1233,7 @@ static const EVP_MD engine_sha1_md = SHA_CBLOCK, /* sizeof ( EVP_MD * ) + sizeof ( SHA_CTX ) */ sizeof ( ZEN_MD_DATA ) - /* sizeof ( MD_CTX_DATA ) The message digest data stucture ... */ + /* sizeof ( MD_CTX_DATA ) The message digest data structure ... */ } ; /* The one for MD5 ... */ @@ -1254,7 +1254,7 @@ static const EVP_MD engine_md5_md = MD5_CBLOCK, /* sizeof ( EVP_MD * ) + sizeof ( MD5_CTX ) */ sizeof ( ZEN_MD_DATA ) - /* sizeof ( MD_CTX_DATA ) The message digest data stucture ... */ + /* sizeof ( MD_CTX_DATA ) The message digest data structure ... */ } ; diff --git a/src/lib/libssl/src/demos/engines/zencod/hw_zencod_err.h b/src/lib/libssl/src/demos/engines/zencod/hw_zencod_err.h index 1b5dcb5685..60e923fd88 100644 --- a/src/lib/libssl/src/demos/engines/zencod/hw_zencod_err.h +++ b/src/lib/libssl/src/demos/engines/zencod/hw_zencod_err.h @@ -55,6 +55,10 @@ #ifndef HEADER_ZENCOD_ERR_H #define HEADER_ZENCOD_ERR_H +#ifdef __cplusplus +extern "C" { +#endif + /* BEGIN ERROR CODES */ /* The following lines are auto generated by the script mkerr.pl. Any changes * made after this point may be overwritten when the script is next run. diff --git a/src/lib/libssl/src/demos/tunala/autoungunk.sh b/src/lib/libssl/src/demos/tunala/autoungunk.sh index 14d10790fd..0c9123b6cf 100644 --- a/src/lib/libssl/src/demos/tunala/autoungunk.sh +++ b/src/lib/libssl/src/demos/tunala/autoungunk.sh @@ -4,13 +4,13 @@ # mess has been left in the directory thanks to autoconf, automake, and their # friends. -if test -f Makefile; then - make distclean - rm -f Makefile -fi - if test -f Makefile.plain; then + if test -f Makefile; then + make distclean + fi mv Makefile.plain Makefile +else + make clean fi rm -f aclocal.m4 config.* configure install-sh \ diff --git a/src/lib/libssl/src/demos/tunala/cb.c b/src/lib/libssl/src/demos/tunala/cb.c index cd32f74c70..e64983896e 100644 --- a/src/lib/libssl/src/demos/tunala/cb.c +++ b/src/lib/libssl/src/demos/tunala/cb.c @@ -129,5 +129,15 @@ void cb_ssl_verify_set_level(unsigned int level) cb_ssl_verify_level = level; } +RSA *cb_generate_tmp_rsa(SSL *s, int is_export, int keylength) +{ + /* TODO: Perhaps make it so our global key can be generated on-the-fly + * after certain intervals? */ + static RSA *rsa_tmp = NULL; + if(!rsa_tmp) + rsa_tmp = RSA_generate_key(keylength, RSA_F4, NULL, NULL); + return rsa_tmp; +} + #endif /* !defined(NO_OPENSSL) */ diff --git a/src/lib/libssl/src/demos/tunala/configure.in b/src/lib/libssl/src/demos/tunala/configure.in index b2a6ffc756..590cdbfd26 100644 --- a/src/lib/libssl/src/demos/tunala/configure.in +++ b/src/lib/libssl/src/demos/tunala/configure.in @@ -10,6 +10,7 @@ dnl AM_PROG_LIBTOOL dnl Checks for libraries. AC_CHECK_LIB(dl, dlopen) +AC_CHECK_LIB(z, inflate) AC_CHECK_LIB(socket, socket) AC_CHECK_LIB(nsl, gethostbyname) diff --git a/src/lib/libssl/src/demos/tunala/tunala.c b/src/lib/libssl/src/demos/tunala/tunala.c index e802a6209f..e918cba2ce 100644 --- a/src/lib/libssl/src/demos/tunala/tunala.c +++ b/src/lib/libssl/src/demos/tunala/tunala.c @@ -69,8 +69,8 @@ typedef struct _tunala_world_t { static SSL_CTX *initialise_ssl_ctx(int server_mode, const char *engine_id, const char *CAfile, const char *cert, const char *key, const char *dcert, const char *dkey, const char *cipher_list, - const char *dh_file, const char *dh_special, int ctx_options, - int out_state, int out_verify, int verify_mode, + const char *dh_file, const char *dh_special, int tmp_rsa, + int ctx_options, int out_state, int out_verify, int verify_mode, unsigned int verify_depth); static void selector_init(tunala_selector_t *selector); static void selector_add_listener(tunala_selector_t *selector, int fd); @@ -102,6 +102,7 @@ static int def_flipped = 0; static const char *def_cipher_list = NULL; static const char *def_dh_file = NULL; static const char *def_dh_special = NULL; +static int def_tmp_rsa = 1; static int def_ctx_options = 0; static int def_verify_mode = 0; static unsigned int def_verify_depth = 10; @@ -127,6 +128,7 @@ static const char *helpstring = " -cipher (specifies cipher list to use)\n" " -dh_file (a PEM file containing DH parameters to use)\n" " -dh_special (see below: def=NULL)\n" +" -no_tmp_rsa (don't generate temporary RSA keys)\n" " -no_ssl2 (disable SSLv2)\n" " -no_ssl3 (disable SSLv3)\n" " -no_tls1 (disable TLSv1)\n" @@ -306,6 +308,7 @@ int main(int argc, char *argv[]) const char *cipher_list = def_cipher_list; const char *dh_file = def_dh_file; const char *dh_special = def_dh_special; + int tmp_rsa = def_tmp_rsa; int ctx_options = def_ctx_options; int verify_mode = def_verify_mode; unsigned int verify_depth = def_verify_depth; @@ -427,6 +430,9 @@ next_arg: if(!parse_dh_special(*argv, &dh_special)) return 1; goto next_arg; + } else if(strcmp(*argv, "-no_tmp_rsa") == 0) { + tmp_rsa = 0; + goto next_arg; } else if(strcmp(*argv, "-no_ssl2") == 0) { ctx_options |= SSL_OP_NO_SSLv2; goto next_arg; @@ -487,7 +493,7 @@ next_arg: /* Create the SSL_CTX */ if((world.ssl_ctx = initialise_ssl_ctx(server_mode, engine_id, cacert, cert, key, dcert, dkey, cipher_list, dh_file, - dh_special, ctx_options, out_state, out_verify, + dh_special, tmp_rsa, ctx_options, out_state, out_verify, verify_mode, verify_depth)) == NULL) return err_str1("initialise_ssl_ctx(engine_id=%s) failed", (engine_id == NULL) ? "NULL" : engine_id); @@ -522,8 +528,13 @@ main_loop: /* Now do the select */ switch(selector_select(&world.selector)) { case -1: - fprintf(stderr, "selector_select returned a badness error.\n"); - goto shouldnt_happen; + if(errno != EINTR) { + fprintf(stderr, "selector_select returned a " + "badness error.\n"); + goto shouldnt_happen; + } + fprintf(stderr, "Warn, selector interrupted by a signal\n"); + goto main_loop; case 0: fprintf(stderr, "Warn, selector_select returned 0 - signal?""?\n"); goto main_loop; @@ -717,8 +728,8 @@ do_it: static SSL_CTX *initialise_ssl_ctx(int server_mode, const char *engine_id, const char *CAfile, const char *cert, const char *key, const char *dcert, const char *dkey, const char *cipher_list, - const char *dh_file, const char *dh_special, int ctx_options, - int out_state, int out_verify, int verify_mode, + const char *dh_file, const char *dh_special, int tmp_rsa, + int ctx_options, int out_state, int out_verify, int verify_mode, unsigned int verify_depth) { SSL_CTX *ctx = NULL, *ret = NULL; @@ -770,6 +781,9 @@ static SSL_CTX *initialise_ssl_ctx(int server_mode, const char *engine_id, /* dcert and dkey */ if((dcert || dkey) && !ctx_set_cert(ctx, dcert, dkey)) goto err; + /* temporary RSA key generation */ + if(tmp_rsa) + SSL_CTX_set_tmp_rsa_callback(ctx, cb_generate_tmp_rsa); /* cipher_list */ if(cipher_list) { diff --git a/src/lib/libssl/src/demos/tunala/tunala.h b/src/lib/libssl/src/demos/tunala/tunala.h index b4c8ec78d8..3a752f259a 100644 --- a/src/lib/libssl/src/demos/tunala/tunala.h +++ b/src/lib/libssl/src/demos/tunala/tunala.h @@ -149,6 +149,7 @@ int cb_ssl_verify(int ok, X509_STORE_CTX *ctx); void cb_ssl_verify_set_output(FILE *fp); void cb_ssl_verify_set_depth(unsigned int verify_depth); void cb_ssl_verify_set_level(unsigned int level); +RSA *cb_generate_tmp_rsa(SSL *s, int is_export, int keylength); #endif /* !defined(NO_OPENSSL) */ #endif /* !defined(OPENSSL_NO_BUFFER) */ diff --git a/src/lib/libssl/src/doc/HOWTO/certificates.txt b/src/lib/libssl/src/doc/HOWTO/certificates.txt index d3a62545ad..a8a34c7abc 100644 --- a/src/lib/libssl/src/doc/HOWTO/certificates.txt +++ b/src/lib/libssl/src/doc/HOWTO/certificates.txt @@ -66,14 +66,13 @@ Section 5 will tell you more on how to handle the certificate you received. -4. Creating a self-signed certificate +4. Creating a self-signed test certificate If you don't want to deal with another certificate authority, or just -want to create a test certificate for yourself, or are setting up a -certificate authority of your own, you may want to make the requested -certificate a self-signed one. This is similar to creating a -certificate request, but creates a certificate instead of a -certificate request (1095 is 3 years): +want to create a test certificate for yourself. This is similar to +creating a certificate request, but creates a certificate instead of +a certificate request. This is NOT the recommended way to create a +CA certificate, see ca.txt. openssl req -new -x509 -key privkey.pem -out cacert.pem -days 1095 diff --git a/src/lib/libssl/src/doc/apps/asn1parse.pod b/src/lib/libssl/src/doc/apps/asn1parse.pod index 69ee4dfee6..542d969066 100644 --- a/src/lib/libssl/src/doc/apps/asn1parse.pod +++ b/src/lib/libssl/src/doc/apps/asn1parse.pod @@ -16,6 +16,8 @@ B B [B<-i>] [B<-oid filename>] [B<-strparse offset>] +[B<-genstr string>] +[B<-genconf file>] =head1 DESCRIPTION @@ -67,6 +69,14 @@ file is described in the NOTES section below. parse the contents octets of the ASN.1 object starting at B. This option can be used multiple times to "drill down" into a nested structure. +=item B<-genstr string>, B<-genconf file> + +generate encoded data based on B, B or both using +ASN1_generate_nconf() format. If B only is present then the string +is obtained from the default section using the name B. The encoded +data is passed through the ASN1 parser and printed out as though it came +from a file, the contents can thus be examined and written to a file +using the B option. =back @@ -121,6 +131,38 @@ by white space. The final column is the rest of the line and is the C<1.2.3.4 shortName A long name> +=head1 EXAMPLES + +Parse a file: + + openssl asn1parse -in file.pem + +Parse a DER file: + + openssl asn1parse -inform DER -in file.der + +Generate a simple UTF8String: + + openssl asn1parse -genstr 'UTF8:Hello World' + +Generate and write out a UTF8String, don't print parsed output: + + openssl asn1parse -genstr 'UTF8:Hello World' -noout -out utf8.der + +Generate using a config file: + + openssl asn1parse -genconf asn1.cnf -noout -out asn1.der + +Example config file: + + asn1=SEQUENCE:seq_sect + + [seq_sect] + + field1=BOOL:TRUE + field2=EXP:0, UTF8:some random string + + =head1 BUGS There should be options to change the format of output lines. The output of some diff --git a/src/lib/libssl/src/doc/apps/ca.pod b/src/lib/libssl/src/doc/apps/ca.pod index f15df49d4f..5618c2dc9d 100644 --- a/src/lib/libssl/src/doc/apps/ca.pod +++ b/src/lib/libssl/src/doc/apps/ca.pod @@ -17,7 +17,6 @@ B B [B<-crl_hold instruction>] [B<-crl_compromise time>] [B<-crl_CA_compromise time>] -[B<-subj arg>] [B<-crldays days>] [B<-crlhours hours>] [B<-crlexts section>] @@ -30,6 +29,7 @@ B B [B<-key arg>] [B<-passin arg>] [B<-cert file>] +[B<-selfsign>] [B<-in file>] [B<-out file>] [B<-notext>] @@ -44,6 +44,9 @@ B B [B<-extensions section>] [B<-extfile section>] [B<-engine id>] +[B<-subj arg>] +[B<-utf8>] +[B<-multivalue-rdn>] =head1 DESCRIPTION @@ -113,6 +116,20 @@ the password used to encrypt the private key. Since on some systems the command line arguments are visible (e.g. Unix with the 'ps' utility) this option should be used with caution. +=item B<-selfsign> + +indicates the issued certificates are to be signed with the key +the certificate requests were signed with (given with B<-keyfile>). +Cerificate requests signed with a different key are ignored. If +B<-spkac>, B<-ss_cert> or B<-gencrl> are given, B<-selfsign> is +ignored. + +A consequence of using B<-selfsign> is that the self-signed +certificate appears among the entries in the certificate database +(see the configuration option B), and uses the same +serial number counter as all other certificates sign with the +self-signed certificate. + =item B<-passin arg> the key password source. For more information about the format of B @@ -203,6 +220,28 @@ to attempt to obtain a functional reference to the specified engine, thus initialising it if needed. The engine will then be set as the default for all available algorithms. +=item B<-subj arg> + +supersedes subject name given in the request. +The arg must be formatted as I, +characters may be escaped by \ (backslash), no spaces are skipped. + +=item B<-utf8> + +this option causes field values to be interpreted as UTF8 strings, by +default they are interpreted as ASCII. This means that the field +values, whether prompted from a terminal or obtained from a +configuration file, must be valid UTF8 strings. + +=item B<-multivalue-rdn> + +this option causes the -subj argument to be interpretedt with full +support for multivalued RDNs. Example: + +I + +If -multi-rdn is not used then the UID value is I<123456+CN=John Doe>. + =back =head1 CRL OPTIONS @@ -253,12 +292,6 @@ B