From aeeae06a79815dc190061534d47236cec09f9e32 Mon Sep 17 00:00:00 2001 From: ryker <> Date: Mon, 5 Oct 1998 20:13:14 +0000 Subject: Import of SSLeay-0.9.0b with RSA and IDEA stubbed + OpenBSD build functionality for shared libs. Note that routines such as sslv2_init and friends that use RSA will not work due to lack of RSA in this library. Needs documentation and help from ports for easy upgrade to full functionality where legally possible. --- src/lib/libcrypto/asn1/a_bitstr.c | 204 ++++ src/lib/libcrypto/asn1/a_bool.c | 121 +++ src/lib/libcrypto/asn1/a_bytes.c | 346 +++++++ src/lib/libcrypto/asn1/a_d2i_fp.c | 201 ++++ src/lib/libcrypto/asn1/a_digest.c | 91 ++ src/lib/libcrypto/asn1/a_dup.c | 86 ++ src/lib/libcrypto/asn1/a_i2d_fp.c | 119 +++ src/lib/libcrypto/asn1/a_int.c | 305 ++++++ src/lib/libcrypto/asn1/a_object.c | 389 +++++++ src/lib/libcrypto/asn1/a_octet.c | 90 ++ src/lib/libcrypto/asn1/a_print.c | 161 +++ src/lib/libcrypto/asn1/a_set.c | 149 +++ src/lib/libcrypto/asn1/a_sign.c | 147 +++ src/lib/libcrypto/asn1/a_type.c | 325 ++++++ src/lib/libcrypto/asn1/a_verify.c | 121 +++ src/lib/libcrypto/asn1/asn1.h | 859 +++++++++++++++ src/lib/libcrypto/asn1/asn1_err.c | 266 +++++ src/lib/libcrypto/asn1/asn1_lib.c | 444 ++++++++ src/lib/libcrypto/asn1/asn1_mac.h | 321 ++++++ src/lib/libcrypto/asn1/asn1_par.c | 393 +++++++ src/lib/libcrypto/asn1/d2i_pr.c | 117 +++ src/lib/libcrypto/asn1/d2i_pu.c | 117 +++ src/lib/libcrypto/asn1/evp_asn1.c | 193 ++++ src/lib/libcrypto/asn1/f_int.c | 211 ++++ src/lib/libcrypto/asn1/f_string.c | 210 ++++ src/lib/libcrypto/asn1/i2d_pr.c | 86 ++ src/lib/libcrypto/asn1/i2d_pu.c | 84 ++ src/lib/libcrypto/asn1/n_pkey.c | 365 +++++++ src/lib/libcrypto/asn1/t_pkey.c | 392 +++++++ src/lib/libcrypto/asn1/t_req.c | 226 ++++ src/lib/libcrypto/asn1/t_x509.c | 386 +++++++ src/lib/libcrypto/asn1/x_algor.c | 126 +++ src/lib/libcrypto/asn1/x_attrib.c | 152 +++ src/lib/libcrypto/asn1/x_crl.c | 353 +++++++ src/lib/libcrypto/asn1/x_exten.c | 156 +++ src/lib/libcrypto/asn1/x_info.c | 111 ++ src/lib/libcrypto/asn1/x_name.c | 295 ++++++ src/lib/libcrypto/asn1/x_pkey.c | 156 +++ src/lib/libcrypto/asn1/x_pubkey.c | 256 +++++ src/lib/libcrypto/asn1/x_req.c | 247 +++++ src/lib/libcrypto/asn1/x_sig.c | 119 +++ src/lib/libcrypto/asn1/x_spki.c | 181 ++++ src/lib/libcrypto/asn1/x_val.c | 118 +++ src/lib/libcrypto/asn1/x_x509.c | 158 +++ src/lib/libcrypto/bf/COPYRIGHT | 46 + src/lib/libcrypto/bf/INSTALL | 14 + src/lib/libcrypto/bf/README | 8 + src/lib/libcrypto/bf/VERSION | 6 + src/lib/libcrypto/bf/asm/bf-586.pl | 136 +++ src/lib/libcrypto/bf/bf_cbc.c | 148 +++ src/lib/libcrypto/bf/bf_cfb64.c | 127 +++ src/lib/libcrypto/bf/bf_ecb.c | 98 ++ src/lib/libcrypto/bf/bf_enc.c | 241 +++++ src/lib/libcrypto/bf/bf_ofb64.c | 115 +++ src/lib/libcrypto/bf/bf_pi.h | 325 ++++++ src/lib/libcrypto/bf/bf_skey.c | 119 +++ src/lib/libcrypto/bf/blowfish.h | 116 +++ src/lib/libcrypto/bio/b_dump.c | 125 +++ src/lib/libcrypto/bio/b_print.c | 92 ++ src/lib/libcrypto/bio/b_sock.c | 628 +++++++++++ src/lib/libcrypto/bio/bf_buff.c | 512 +++++++++ src/lib/libcrypto/bio/bf_nbio.c | 268 +++++ src/lib/libcrypto/bio/bf_null.c | 196 ++++ src/lib/libcrypto/bio/bio.h | 688 ++++++++++++ src/lib/libcrypto/bio/bio_cb.c | 138 +++ src/lib/libcrypto/bio/bio_err.c | 130 +++ src/lib/libcrypto/bio/bio_lib.c | 519 ++++++++++ src/lib/libcrypto/bio/bss_acpt.c | 500 +++++++++ src/lib/libcrypto/bio/bss_conn.c | 648 ++++++++++++ src/lib/libcrypto/bio/bss_fd.c | 62 ++ src/lib/libcrypto/bio/bss_file.c | 339 ++++++ src/lib/libcrypto/bio/bss_mem.c | 297 ++++++ src/lib/libcrypto/bio/bss_null.c | 177 ++++ src/lib/libcrypto/bio/bss_sock.c | 461 +++++++++ src/lib/libcrypto/bn/asm/bn-586.pl | 314 ++++++ src/lib/libcrypto/bn/asm/pa-risc2.s | 416 ++++++++ src/lib/libcrypto/bn/bn_add.c | 167 +++ src/lib/libcrypto/bn/bn_blind.c | 143 +++ src/lib/libcrypto/bn/bn_div.c | 286 +++++ src/lib/libcrypto/bn/bn_err.c | 111 ++ src/lib/libcrypto/bn/bn_exp.c | 553 ++++++++++ src/lib/libcrypto/bn/bn_gcd.c | 203 ++++ src/lib/libcrypto/bn/bn_lcl.h | 199 ++++ src/lib/libcrypto/bn/bn_lib.c | 611 +++++++++++ src/lib/libcrypto/bn/bn_mod.c | 97 ++ src/lib/libcrypto/bn/bn_mont.c | 306 ++++++ src/lib/libcrypto/bn/bn_mpi.c | 134 +++ src/lib/libcrypto/bn/bn_mul.c | 209 ++++ src/lib/libcrypto/bn/bn_prime.c | 473 +++++++++ src/lib/libcrypto/bn/bn_prime.h | 325 ++++++ src/lib/libcrypto/bn/bn_prime.pl | 56 + src/lib/libcrypto/bn/bn_print.c | 333 ++++++ src/lib/libcrypto/bn/bn_rand.c | 121 +++ src/lib/libcrypto/bn/bn_recp.c | 125 +++ src/lib/libcrypto/bn/bn_shift.c | 210 ++++ src/lib/libcrypto/bn/bn_sqr.c | 122 +++ src/lib/libcrypto/bn/bn_word.c | 204 ++++ src/lib/libcrypto/buffer/buf_err.c | 87 ++ src/lib/libcrypto/buffer/buffer.c | 145 +++ src/lib/libcrypto/buffer/buffer.h | 107 ++ src/lib/libcrypto/cast/asm/cast-586.pl | 167 +++ src/lib/libcrypto/cast/c_cfb64.c | 127 +++ src/lib/libcrypto/cast/c_ecb.c | 82 ++ src/lib/libcrypto/cast/c_enc.c | 210 ++++ src/lib/libcrypto/cast/c_ofb64.c | 115 +++ src/lib/libcrypto/cast/c_skey.c | 165 +++ src/lib/libcrypto/cast/cast.h | 109 ++ src/lib/libcrypto/cast/cast_lcl.h | 224 ++++ src/lib/libcrypto/cast/cast_s.h | 585 +++++++++++ src/lib/libcrypto/conf/conf.h | 114 ++ src/lib/libcrypto/conf/conf_err.c | 96 ++ src/lib/libcrypto/conf/keysets.pl | 61 ++ src/lib/libcrypto/conf/ssleay.cnf | 78 ++ src/lib/libcrypto/cpt_err.c | 86 ++ src/lib/libcrypto/cryptlib.c | 307 ++++++ src/lib/libcrypto/cryptlib.h | 100 ++ src/lib/libcrypto/crypto.h | 319 ++++++ src/lib/libcrypto/cversion.c | 99 ++ src/lib/libcrypto/des/COPYRIGHT | 50 + src/lib/libcrypto/des/asm/crypt586.pl | 204 ++++ src/lib/libcrypto/des/asm/des-586.pl | 251 +++++ src/lib/libcrypto/des/asm/desboth.pl | 79 ++ src/lib/libcrypto/des/cbc_cksm.c | 103 ++ src/lib/libcrypto/des/cbc_enc.c | 135 +++ src/lib/libcrypto/des/cfb64ede.c | 151 +++ src/lib/libcrypto/des/cfb64enc.c | 128 +++ src/lib/libcrypto/des/cfb_enc.c | 171 +++ src/lib/libcrypto/des/des_enc.c | 502 +++++++++ src/lib/libcrypto/des/ecb3_enc.c | 87 ++ src/lib/libcrypto/des/ecb_enc.c | 124 +++ src/lib/libcrypto/des/enc_read.c | 218 ++++ src/lib/libcrypto/des/enc_writ.c | 160 +++ src/lib/libcrypto/des/fcrypt.c | 153 +++ src/lib/libcrypto/des/fcrypt_b.c | 148 +++ src/lib/libcrypto/des/ncbc_enc.c | 130 +++ src/lib/libcrypto/des/ofb64ede.c | 131 +++ src/lib/libcrypto/des/ofb64enc.c | 114 ++ src/lib/libcrypto/des/ofb_enc.c | 139 +++ src/lib/libcrypto/des/pcbc_enc.c | 126 +++ src/lib/libcrypto/des/qud_cksm.c | 144 +++ src/lib/libcrypto/des/rand_key.c | 118 +++ src/lib/libcrypto/des/set_key.c | 246 +++++ src/lib/libcrypto/des/spr.h | 204 ++++ src/lib/libcrypto/des/str2key.c | 171 +++ src/lib/libcrypto/des/xcbc_enc.c | 206 ++++ src/lib/libcrypto/dh/dh.h | 162 +++ src/lib/libcrypto/dh/dh_check.c | 120 +++ src/lib/libcrypto/dh/dh_err.c | 96 ++ src/lib/libcrypto/dh/dh_gen.c | 150 +++ src/lib/libcrypto/dh/dh_key.c | 142 +++ src/lib/libcrypto/dh/dh_lib.c | 100 ++ src/lib/libcrypto/dsa/dsa.h | 194 ++++ src/lib/libcrypto/dsa/dsa_err.c | 99 ++ src/lib/libcrypto/dsa/dsa_gen.c | 328 ++++++ src/lib/libcrypto/dsa/dsa_key.c | 112 ++ src/lib/libcrypto/dsa/dsa_lib.c | 145 +++ src/lib/libcrypto/dsa/dsa_sign.c | 215 ++++ src/lib/libcrypto/dsa/dsa_vrf.c | 152 +++ src/lib/libcrypto/err/err.c | 642 ++++++++++++ src/lib/libcrypto/err/err.h | 287 ++++++ src/lib/libcrypto/err/err_all.c | 116 +++ src/lib/libcrypto/err/err_prn.c | 107 ++ src/lib/libcrypto/evp/bio_b64.c | 547 ++++++++++ src/lib/libcrypto/evp/bio_enc.c | 423 ++++++++ src/lib/libcrypto/evp/bio_md.c | 270 +++++ src/lib/libcrypto/evp/c_all.c | 190 ++++ src/lib/libcrypto/evp/digest.c | 89 ++ src/lib/libcrypto/evp/e_null.c | 109 ++ src/lib/libcrypto/evp/e_rc4.c | 127 +++ src/lib/libcrypto/evp/e_xcbc_d.c | 122 +++ src/lib/libcrypto/evp/encode.c | 438 ++++++++ src/lib/libcrypto/evp/evp.h | 793 ++++++++++++++ src/lib/libcrypto/evp/evp_enc.c | 303 ++++++ src/lib/libcrypto/evp/evp_err.c | 108 ++ src/lib/libcrypto/evp/evp_key.c | 167 +++ src/lib/libcrypto/evp/evp_lib.c | 117 +++ src/lib/libcrypto/evp/m_dss.c | 82 ++ src/lib/libcrypto/evp/m_dss1.c | 81 ++ src/lib/libcrypto/evp/m_md5.c | 81 ++ src/lib/libcrypto/evp/m_null.c | 88 ++ src/lib/libcrypto/evp/m_ripemd.c | 81 ++ src/lib/libcrypto/evp/m_sha1.c | 81 ++ src/lib/libcrypto/evp/names.c | 285 +++++ src/lib/libcrypto/evp/p_dec.c | 84 ++ src/lib/libcrypto/evp/p_enc.c | 83 ++ src/lib/libcrypto/evp/p_lib.c | 294 ++++++ src/lib/libcrypto/evp/p_open.c | 119 +++ src/lib/libcrypto/evp/p_seal.c | 115 +++ src/lib/libcrypto/evp/p_sign.c | 119 +++ src/lib/libcrypto/evp/p_verify.c | 102 ++ src/lib/libcrypto/ex_data.c | 236 +++++ src/lib/libcrypto/hmac/hmac.c | 165 +++ src/lib/libcrypto/hmac/hmac.h | 106 ++ src/lib/libcrypto/lhash/lh_stats.c | 289 ++++++ src/lib/libcrypto/lhash/lhash.c | 489 +++++++++ src/lib/libcrypto/lhash/lhash.h | 155 +++ src/lib/libcrypto/md5/asm/md5-586.pl | 304 ++++++ src/lib/libcrypto/md5/md5.h | 99 ++ src/lib/libcrypto/md5/md5_dgst.c | 440 ++++++++ src/lib/libcrypto/md5/md5_locl.h | 195 ++++ src/lib/libcrypto/md5/md5_one.c | 77 ++ src/lib/libcrypto/objects/obj_dat.c | 578 +++++++++++ src/lib/libcrypto/objects/obj_dat.pl | 269 +++++ src/lib/libcrypto/objects/obj_err.c | 96 ++ src/lib/libcrypto/objects/obj_lib.c | 126 +++ src/lib/libcrypto/objects/objects.h | 724 +++++++++++++ src/lib/libcrypto/objects/objects.txt | 40 + src/lib/libcrypto/pem/message | 16 + src/lib/libcrypto/pem/pem.h | 562 ++++++++++ src/lib/libcrypto/pem/pem_all.c | 488 +++++++++ src/lib/libcrypto/pem/pem_err.c | 122 +++ src/lib/libcrypto/pem/pem_info.c | 365 +++++++ src/lib/libcrypto/pem/pem_lib.c | 762 ++++++++++++++ src/lib/libcrypto/pem/pem_seal.c | 191 ++++ src/lib/libcrypto/pem/pem_sign.c | 109 ++ src/lib/libcrypto/pem/pkcs7.lis | 22 + src/lib/libcrypto/perlasm/cbc.pl | 342 ++++++ src/lib/libcrypto/perlasm/readme | 124 +++ src/lib/libcrypto/perlasm/x86asm.pl | 113 ++ src/lib/libcrypto/pkcs7/pk7_doit.c | 408 ++++++++ src/lib/libcrypto/pkcs7/pk7_lib.c | 449 ++++++++ src/lib/libcrypto/pkcs7/pkcs7.h | 449 ++++++++ src/lib/libcrypto/pkcs7/pkcs7err.c | 110 ++ src/lib/libcrypto/rand/rand.h | 92 ++ src/lib/libcrypto/rand/randfile.c | 166 +++ src/lib/libcrypto/rc2/rc2_cbc.c | 235 +++++ src/lib/libcrypto/rc2/rc2_ecb.c | 90 ++ src/lib/libcrypto/rc2/rc2_locl.h | 156 +++ src/lib/libcrypto/rc2/rc2_skey.c | 142 +++ src/lib/libcrypto/rc2/rc2cfb64.c | 127 +++ src/lib/libcrypto/rc2/rc2ofb64.c | 115 +++ src/lib/libcrypto/rc2/rrc2.doc | 219 ++++ src/lib/libcrypto/rc2/version | 22 + src/lib/libcrypto/rc4/asm/rc4-586.pl | 173 ++++ src/lib/libcrypto/rc4/rc4_enc.c | 135 +++ src/lib/libcrypto/rc4/rc4_skey.c | 119 +++ src/lib/libcrypto/ripemd/README | 15 + src/lib/libcrypto/ripemd/asm/rmd-586.pl | 582 +++++++++++ src/lib/libcrypto/ripemd/ripemd.h | 99 ++ src/lib/libcrypto/ripemd/rmd_dgst.c | 535 ++++++++++ src/lib/libcrypto/ripemd/rmd_locl.h | 226 ++++ src/lib/libcrypto/ripemd/rmd_one.c | 77 ++ src/lib/libcrypto/ripemd/rmdconst.h | 399 +++++++ src/lib/libcrypto/rsa/rsa.h | 324 ++++++ src/lib/libcrypto/rsa/rsa_eay.c | 274 +++++ src/lib/libcrypto/rsa/rsa_err.c | 129 +++ src/lib/libcrypto/rsa/rsa_gen.c | 101 ++ src/lib/libcrypto/rsa/rsa_lib.c | 294 ++++++ src/lib/libcrypto/rsa/rsa_none.c | 109 ++ src/lib/libcrypto/rsa/rsa_pk1.c | 233 +++++ src/lib/libcrypto/rsa/rsa_saos.c | 153 +++ src/lib/libcrypto/rsa/rsa_sign.c | 196 ++++ src/lib/libcrypto/rsa/rsa_ssl.c | 153 +++ src/lib/libcrypto/sha/asm/sha1-586.pl | 491 +++++++++ src/lib/libcrypto/sha/sha.h | 109 ++ src/lib/libcrypto/sha/sha1_one.c | 77 ++ src/lib/libcrypto/sha/sha1dgst.c | 468 +++++++++ src/lib/libcrypto/sha/sha_locl.h | 246 +++++ src/lib/libcrypto/stack/stack.c | 307 ++++++ src/lib/libcrypto/stack/stack.h | 120 +++ src/lib/libcrypto/txt_db/txt_db.c | 394 +++++++ src/lib/libcrypto/txt_db/txt_db.h | 117 +++ src/lib/libcrypto/x509/by_dir.c | 359 +++++++ src/lib/libcrypto/x509/by_file.c | 282 +++++ src/lib/libcrypto/x509/x509.h | 1152 +++++++++++++++++++++ src/lib/libcrypto/x509/x509_cmp.c | 257 +++++ src/lib/libcrypto/x509/x509_d2.c | 110 ++ src/lib/libcrypto/x509/x509_def.c | 83 ++ src/lib/libcrypto/x509/x509_err.c | 130 +++ src/lib/libcrypto/x509/x509_ext.c | 222 ++++ src/lib/libcrypto/x509/x509_lu.c | 446 ++++++++ src/lib/libcrypto/x509/x509_obj.c | 179 ++++ src/lib/libcrypto/x509/x509_r2x.c | 122 +++ src/lib/libcrypto/x509/x509_req.c | 116 +++ src/lib/libcrypto/x509/x509_set.c | 164 +++ src/lib/libcrypto/x509/x509_txt.c | 132 +++ src/lib/libcrypto/x509/x509_v3.c | 409 ++++++++ src/lib/libcrypto/x509/x509_vfy.c | 704 +++++++++++++ src/lib/libcrypto/x509/x509_vfy.h | 378 +++++++ src/lib/libcrypto/x509/x509name.c | 358 +++++++ src/lib/libcrypto/x509/x509rset.c | 89 ++ src/lib/libcrypto/x509/x509type.c | 115 +++ src/lib/libcrypto/x509/x_all.c | 465 +++++++++ src/lib/libcrypto/x509v3/x509v3.h | 87 ++ src/lib/libssl/bio_ssl.c | 585 +++++++++++ src/lib/libssl/s23_clnt.c | 466 +++++++++ src/lib/libssl/s23_lib.c | 233 +++++ src/lib/libssl/s23_pkt.c | 120 +++ src/lib/libssl/s23_srvr.c | 499 +++++++++ src/lib/libssl/s3_both.c | 469 +++++++++ src/lib/libssl/s3_clnt.c | 1678 ++++++++++++++++++++++++++++++ src/lib/libssl/s3_lib.c | 961 +++++++++++++++++ src/lib/libssl/s3_pkt.c | 1061 +++++++++++++++++++ src/lib/libssl/s3_srvr.c | 1675 ++++++++++++++++++++++++++++++ src/lib/libssl/shlib_version | 2 + src/lib/libssl/ssl.h | 1453 ++++++++++++++++++++++++++ src/lib/libssl/ssl2.h | 265 +++++ src/lib/libssl/ssl23.h | 83 ++ src/lib/libssl/ssl3.h | 455 ++++++++ src/lib/libssl/ssl_algs.c | 102 ++ src/lib/libssl/ssl_asn1.c | 313 ++++++ src/lib/libssl/ssl_cert.c | 329 ++++++ src/lib/libssl/ssl_ciph.c | 758 ++++++++++++++ src/lib/libssl/ssl_err.c | 374 +++++++ src/lib/libssl/ssl_err2.c | 70 ++ src/lib/libssl/ssl_lib.c | 1721 +++++++++++++++++++++++++++++++ src/lib/libssl/ssl_locl.h | 558 ++++++++++ src/lib/libssl/ssl_rsa.c | 831 +++++++++++++++ src/lib/libssl/ssl_sess.c | 582 +++++++++++ src/lib/libssl/ssl_stat.c | 458 ++++++++ src/lib/libssl/ssl_txt.c | 152 +++ src/lib/libssl/t1_clnt.c | 90 ++ src/lib/libssl/t1_enc.c | 635 ++++++++++++ src/lib/libssl/t1_lib.c | 151 +++ src/lib/libssl/t1_meth.c | 88 ++ src/lib/libssl/t1_srvr.c | 91 ++ src/lib/libssl/test/CAss.cnf | 25 + src/lib/libssl/test/CAssdh.cnf | 24 + src/lib/libssl/test/CAssdsa.cnf | 23 + src/lib/libssl/test/CAssrsa.cnf | 24 + src/lib/libssl/test/Sssdsa.cnf | 27 + src/lib/libssl/test/Sssrsa.cnf | 26 + src/lib/libssl/test/Uss.cnf | 28 + src/lib/libssl/test/methtest.c | 105 ++ src/lib/libssl/test/pkcs7-1.pem | 15 + src/lib/libssl/test/pkcs7.pem | 54 + src/lib/libssl/test/r160test.c | 57 + src/lib/libssl/test/tcrl | 81 ++ src/lib/libssl/test/test.cnf | 88 ++ src/lib/libssl/test/testca | 44 + src/lib/libssl/test/testcrl.pem | 16 + src/lib/libssl/test/testenc | 62 ++ src/lib/libssl/test/testgen | 30 + src/lib/libssl/test/testp7.pem | 46 + src/lib/libssl/test/testreq2.pem | 7 + src/lib/libssl/test/testrsa.pem | 9 + src/lib/libssl/test/testsid.pem | 12 + src/lib/libssl/test/testss | 89 ++ src/lib/libssl/test/testssl | 40 + src/lib/libssl/test/testx509.pem | 10 + src/lib/libssl/test/times | 113 ++ src/lib/libssl/test/tpkcs7 | 51 + src/lib/libssl/test/tpkcs7d | 44 + src/lib/libssl/test/treq | 81 ++ src/lib/libssl/test/trsa | 81 ++ src/lib/libssl/test/tsid | 81 ++ src/lib/libssl/test/tx509 | 81 ++ src/lib/libssl/test/v3-cert1.pem | 16 + src/lib/libssl/test/v3-cert2.pem | 16 + src/lib/libssl/tls1.h | 115 +++ 350 files changed, 81718 insertions(+) create mode 100644 src/lib/libcrypto/asn1/a_bitstr.c create mode 100644 src/lib/libcrypto/asn1/a_bool.c create mode 100644 src/lib/libcrypto/asn1/a_bytes.c create mode 100644 src/lib/libcrypto/asn1/a_d2i_fp.c create mode 100644 src/lib/libcrypto/asn1/a_digest.c create mode 100644 src/lib/libcrypto/asn1/a_dup.c create mode 100644 src/lib/libcrypto/asn1/a_i2d_fp.c create mode 100644 src/lib/libcrypto/asn1/a_int.c create mode 100644 src/lib/libcrypto/asn1/a_object.c create mode 100644 src/lib/libcrypto/asn1/a_octet.c create mode 100644 src/lib/libcrypto/asn1/a_print.c create mode 100644 src/lib/libcrypto/asn1/a_set.c create mode 100644 src/lib/libcrypto/asn1/a_sign.c create mode 100644 src/lib/libcrypto/asn1/a_type.c create mode 100644 src/lib/libcrypto/asn1/a_verify.c create mode 100644 src/lib/libcrypto/asn1/asn1.h create mode 100644 src/lib/libcrypto/asn1/asn1_err.c create mode 100644 src/lib/libcrypto/asn1/asn1_lib.c create mode 100644 src/lib/libcrypto/asn1/asn1_mac.h create mode 100644 src/lib/libcrypto/asn1/asn1_par.c create mode 100644 src/lib/libcrypto/asn1/d2i_pr.c create mode 100644 src/lib/libcrypto/asn1/d2i_pu.c create mode 100644 src/lib/libcrypto/asn1/evp_asn1.c create mode 100644 src/lib/libcrypto/asn1/f_int.c create mode 100644 src/lib/libcrypto/asn1/f_string.c create mode 100644 src/lib/libcrypto/asn1/i2d_pr.c create mode 100644 src/lib/libcrypto/asn1/i2d_pu.c create mode 100644 src/lib/libcrypto/asn1/n_pkey.c create mode 100644 src/lib/libcrypto/asn1/t_pkey.c create mode 100644 src/lib/libcrypto/asn1/t_req.c create mode 100644 src/lib/libcrypto/asn1/t_x509.c create mode 100644 src/lib/libcrypto/asn1/x_algor.c create mode 100644 src/lib/libcrypto/asn1/x_attrib.c create mode 100644 src/lib/libcrypto/asn1/x_crl.c create mode 100644 src/lib/libcrypto/asn1/x_exten.c create mode 100644 src/lib/libcrypto/asn1/x_info.c create mode 100644 src/lib/libcrypto/asn1/x_name.c create mode 100644 src/lib/libcrypto/asn1/x_pkey.c create mode 100644 src/lib/libcrypto/asn1/x_pubkey.c create mode 100644 src/lib/libcrypto/asn1/x_req.c create mode 100644 src/lib/libcrypto/asn1/x_sig.c create mode 100644 src/lib/libcrypto/asn1/x_spki.c create mode 100644 src/lib/libcrypto/asn1/x_val.c create mode 100644 src/lib/libcrypto/asn1/x_x509.c create mode 100644 src/lib/libcrypto/bf/COPYRIGHT create mode 100644 src/lib/libcrypto/bf/INSTALL create mode 100644 src/lib/libcrypto/bf/README create mode 100644 src/lib/libcrypto/bf/VERSION create mode 100644 src/lib/libcrypto/bf/asm/bf-586.pl create mode 100644 src/lib/libcrypto/bf/bf_cbc.c create mode 100644 src/lib/libcrypto/bf/bf_cfb64.c create mode 100644 src/lib/libcrypto/bf/bf_ecb.c create mode 100644 src/lib/libcrypto/bf/bf_enc.c create mode 100644 src/lib/libcrypto/bf/bf_ofb64.c create mode 100644 src/lib/libcrypto/bf/bf_pi.h create mode 100644 src/lib/libcrypto/bf/bf_skey.c create mode 100644 src/lib/libcrypto/bf/blowfish.h create mode 100644 src/lib/libcrypto/bio/b_dump.c create mode 100644 src/lib/libcrypto/bio/b_print.c create mode 100644 src/lib/libcrypto/bio/b_sock.c create mode 100644 src/lib/libcrypto/bio/bf_buff.c create mode 100644 src/lib/libcrypto/bio/bf_nbio.c create mode 100644 src/lib/libcrypto/bio/bf_null.c create mode 100644 src/lib/libcrypto/bio/bio.h create mode 100644 src/lib/libcrypto/bio/bio_cb.c create mode 100644 src/lib/libcrypto/bio/bio_err.c create mode 100644 src/lib/libcrypto/bio/bio_lib.c create mode 100644 src/lib/libcrypto/bio/bss_acpt.c create mode 100644 src/lib/libcrypto/bio/bss_conn.c create mode 100644 src/lib/libcrypto/bio/bss_fd.c create mode 100644 src/lib/libcrypto/bio/bss_file.c create mode 100644 src/lib/libcrypto/bio/bss_mem.c create mode 100644 src/lib/libcrypto/bio/bss_null.c create mode 100644 src/lib/libcrypto/bio/bss_sock.c create mode 100644 src/lib/libcrypto/bn/asm/bn-586.pl create mode 100644 src/lib/libcrypto/bn/asm/pa-risc2.s create mode 100644 src/lib/libcrypto/bn/bn_add.c create mode 100644 src/lib/libcrypto/bn/bn_blind.c create mode 100644 src/lib/libcrypto/bn/bn_div.c create mode 100644 src/lib/libcrypto/bn/bn_err.c create mode 100644 src/lib/libcrypto/bn/bn_exp.c create mode 100644 src/lib/libcrypto/bn/bn_gcd.c create mode 100644 src/lib/libcrypto/bn/bn_lcl.h create mode 100644 src/lib/libcrypto/bn/bn_lib.c create mode 100644 src/lib/libcrypto/bn/bn_mod.c create mode 100644 src/lib/libcrypto/bn/bn_mont.c create mode 100644 src/lib/libcrypto/bn/bn_mpi.c create mode 100644 src/lib/libcrypto/bn/bn_mul.c create mode 100644 src/lib/libcrypto/bn/bn_prime.c create mode 100644 src/lib/libcrypto/bn/bn_prime.h create mode 100644 src/lib/libcrypto/bn/bn_prime.pl create mode 100644 src/lib/libcrypto/bn/bn_print.c create mode 100644 src/lib/libcrypto/bn/bn_rand.c create mode 100644 src/lib/libcrypto/bn/bn_recp.c create mode 100644 src/lib/libcrypto/bn/bn_shift.c create mode 100644 src/lib/libcrypto/bn/bn_sqr.c create mode 100644 src/lib/libcrypto/bn/bn_word.c create mode 100644 src/lib/libcrypto/buffer/buf_err.c create mode 100644 src/lib/libcrypto/buffer/buffer.c create mode 100644 src/lib/libcrypto/buffer/buffer.h create mode 100644 src/lib/libcrypto/cast/asm/cast-586.pl create mode 100644 src/lib/libcrypto/cast/c_cfb64.c create mode 100644 src/lib/libcrypto/cast/c_ecb.c create mode 100644 src/lib/libcrypto/cast/c_enc.c create mode 100644 src/lib/libcrypto/cast/c_ofb64.c create mode 100644 src/lib/libcrypto/cast/c_skey.c create mode 100644 src/lib/libcrypto/cast/cast.h create mode 100644 src/lib/libcrypto/cast/cast_lcl.h create mode 100644 src/lib/libcrypto/cast/cast_s.h create mode 100644 src/lib/libcrypto/conf/conf.h create mode 100644 src/lib/libcrypto/conf/conf_err.c create mode 100644 src/lib/libcrypto/conf/keysets.pl create mode 100644 src/lib/libcrypto/conf/ssleay.cnf create mode 100644 src/lib/libcrypto/cpt_err.c create mode 100644 src/lib/libcrypto/cryptlib.c create mode 100644 src/lib/libcrypto/cryptlib.h create mode 100644 src/lib/libcrypto/crypto.h create mode 100644 src/lib/libcrypto/cversion.c create mode 100644 src/lib/libcrypto/des/COPYRIGHT create mode 100644 src/lib/libcrypto/des/asm/crypt586.pl create mode 100644 src/lib/libcrypto/des/asm/des-586.pl create mode 100644 src/lib/libcrypto/des/asm/desboth.pl create mode 100644 src/lib/libcrypto/des/cbc_cksm.c create mode 100644 src/lib/libcrypto/des/cbc_enc.c create mode 100644 src/lib/libcrypto/des/cfb64ede.c create mode 100644 src/lib/libcrypto/des/cfb64enc.c create mode 100644 src/lib/libcrypto/des/cfb_enc.c create mode 100644 src/lib/libcrypto/des/des_enc.c create mode 100644 src/lib/libcrypto/des/ecb3_enc.c create mode 100644 src/lib/libcrypto/des/ecb_enc.c create mode 100644 src/lib/libcrypto/des/enc_read.c create mode 100644 src/lib/libcrypto/des/enc_writ.c create mode 100644 src/lib/libcrypto/des/fcrypt.c create mode 100644 src/lib/libcrypto/des/fcrypt_b.c create mode 100644 src/lib/libcrypto/des/ncbc_enc.c create mode 100644 src/lib/libcrypto/des/ofb64ede.c create mode 100644 src/lib/libcrypto/des/ofb64enc.c create mode 100644 src/lib/libcrypto/des/ofb_enc.c create mode 100644 src/lib/libcrypto/des/pcbc_enc.c create mode 100644 src/lib/libcrypto/des/qud_cksm.c create mode 100644 src/lib/libcrypto/des/rand_key.c create mode 100644 src/lib/libcrypto/des/set_key.c create mode 100644 src/lib/libcrypto/des/spr.h create mode 100644 src/lib/libcrypto/des/str2key.c create mode 100644 src/lib/libcrypto/des/xcbc_enc.c create mode 100644 src/lib/libcrypto/dh/dh.h create mode 100644 src/lib/libcrypto/dh/dh_check.c create mode 100644 src/lib/libcrypto/dh/dh_err.c create mode 100644 src/lib/libcrypto/dh/dh_gen.c create mode 100644 src/lib/libcrypto/dh/dh_key.c create mode 100644 src/lib/libcrypto/dh/dh_lib.c create mode 100644 src/lib/libcrypto/dsa/dsa.h create mode 100644 src/lib/libcrypto/dsa/dsa_err.c create mode 100644 src/lib/libcrypto/dsa/dsa_gen.c create mode 100644 src/lib/libcrypto/dsa/dsa_key.c create mode 100644 src/lib/libcrypto/dsa/dsa_lib.c create mode 100644 src/lib/libcrypto/dsa/dsa_sign.c create mode 100644 src/lib/libcrypto/dsa/dsa_vrf.c create mode 100644 src/lib/libcrypto/err/err.c create mode 100644 src/lib/libcrypto/err/err.h create mode 100644 src/lib/libcrypto/err/err_all.c create mode 100644 src/lib/libcrypto/err/err_prn.c create mode 100644 src/lib/libcrypto/evp/bio_b64.c create mode 100644 src/lib/libcrypto/evp/bio_enc.c create mode 100644 src/lib/libcrypto/evp/bio_md.c create mode 100644 src/lib/libcrypto/evp/c_all.c create mode 100644 src/lib/libcrypto/evp/digest.c create mode 100644 src/lib/libcrypto/evp/e_null.c create mode 100644 src/lib/libcrypto/evp/e_rc4.c create mode 100644 src/lib/libcrypto/evp/e_xcbc_d.c create mode 100644 src/lib/libcrypto/evp/encode.c create mode 100644 src/lib/libcrypto/evp/evp.h create mode 100644 src/lib/libcrypto/evp/evp_enc.c create mode 100644 src/lib/libcrypto/evp/evp_err.c create mode 100644 src/lib/libcrypto/evp/evp_key.c create mode 100644 src/lib/libcrypto/evp/evp_lib.c create mode 100644 src/lib/libcrypto/evp/m_dss.c create mode 100644 src/lib/libcrypto/evp/m_dss1.c create mode 100644 src/lib/libcrypto/evp/m_md5.c create mode 100644 src/lib/libcrypto/evp/m_null.c create mode 100644 src/lib/libcrypto/evp/m_ripemd.c create mode 100644 src/lib/libcrypto/evp/m_sha1.c create mode 100644 src/lib/libcrypto/evp/names.c create mode 100644 src/lib/libcrypto/evp/p_dec.c create mode 100644 src/lib/libcrypto/evp/p_enc.c create mode 100644 src/lib/libcrypto/evp/p_lib.c create mode 100644 src/lib/libcrypto/evp/p_open.c create mode 100644 src/lib/libcrypto/evp/p_seal.c create mode 100644 src/lib/libcrypto/evp/p_sign.c create mode 100644 src/lib/libcrypto/evp/p_verify.c create mode 100644 src/lib/libcrypto/ex_data.c create mode 100644 src/lib/libcrypto/hmac/hmac.c create mode 100644 src/lib/libcrypto/hmac/hmac.h create mode 100644 src/lib/libcrypto/lhash/lh_stats.c create mode 100644 src/lib/libcrypto/lhash/lhash.c create mode 100644 src/lib/libcrypto/lhash/lhash.h create mode 100644 src/lib/libcrypto/md5/asm/md5-586.pl create mode 100644 src/lib/libcrypto/md5/md5.h create mode 100644 src/lib/libcrypto/md5/md5_dgst.c create mode 100644 src/lib/libcrypto/md5/md5_locl.h create mode 100644 src/lib/libcrypto/md5/md5_one.c create mode 100644 src/lib/libcrypto/objects/obj_dat.c create mode 100644 src/lib/libcrypto/objects/obj_dat.pl create mode 100644 src/lib/libcrypto/objects/obj_err.c create mode 100644 src/lib/libcrypto/objects/obj_lib.c create mode 100644 src/lib/libcrypto/objects/objects.h create mode 100644 src/lib/libcrypto/objects/objects.txt create mode 100644 src/lib/libcrypto/pem/message create mode 100644 src/lib/libcrypto/pem/pem.h create mode 100644 src/lib/libcrypto/pem/pem_all.c create mode 100644 src/lib/libcrypto/pem/pem_err.c create mode 100644 src/lib/libcrypto/pem/pem_info.c create mode 100644 src/lib/libcrypto/pem/pem_lib.c create mode 100644 src/lib/libcrypto/pem/pem_seal.c create mode 100644 src/lib/libcrypto/pem/pem_sign.c create mode 100644 src/lib/libcrypto/pem/pkcs7.lis create mode 100644 src/lib/libcrypto/perlasm/cbc.pl create mode 100644 src/lib/libcrypto/perlasm/readme create mode 100644 src/lib/libcrypto/perlasm/x86asm.pl create mode 100644 src/lib/libcrypto/pkcs7/pk7_doit.c create mode 100644 src/lib/libcrypto/pkcs7/pk7_lib.c create mode 100644 src/lib/libcrypto/pkcs7/pkcs7.h create mode 100644 src/lib/libcrypto/pkcs7/pkcs7err.c create mode 100644 src/lib/libcrypto/rand/rand.h create mode 100644 src/lib/libcrypto/rand/randfile.c create mode 100644 src/lib/libcrypto/rc2/rc2_cbc.c create mode 100644 src/lib/libcrypto/rc2/rc2_ecb.c create mode 100644 src/lib/libcrypto/rc2/rc2_locl.h create mode 100644 src/lib/libcrypto/rc2/rc2_skey.c create mode 100644 src/lib/libcrypto/rc2/rc2cfb64.c create mode 100644 src/lib/libcrypto/rc2/rc2ofb64.c create mode 100644 src/lib/libcrypto/rc2/rrc2.doc create mode 100644 src/lib/libcrypto/rc2/version create mode 100644 src/lib/libcrypto/rc4/asm/rc4-586.pl create mode 100644 src/lib/libcrypto/rc4/rc4_enc.c create mode 100644 src/lib/libcrypto/rc4/rc4_skey.c create mode 100644 src/lib/libcrypto/ripemd/README create mode 100644 src/lib/libcrypto/ripemd/asm/rmd-586.pl create mode 100644 src/lib/libcrypto/ripemd/ripemd.h create mode 100644 src/lib/libcrypto/ripemd/rmd_dgst.c create mode 100644 src/lib/libcrypto/ripemd/rmd_locl.h create mode 100644 src/lib/libcrypto/ripemd/rmd_one.c create mode 100644 src/lib/libcrypto/ripemd/rmdconst.h create mode 100644 src/lib/libcrypto/rsa/rsa.h create mode 100644 src/lib/libcrypto/rsa/rsa_eay.c create mode 100644 src/lib/libcrypto/rsa/rsa_err.c create mode 100644 src/lib/libcrypto/rsa/rsa_gen.c create mode 100644 src/lib/libcrypto/rsa/rsa_lib.c create mode 100644 src/lib/libcrypto/rsa/rsa_none.c create mode 100644 src/lib/libcrypto/rsa/rsa_pk1.c create mode 100644 src/lib/libcrypto/rsa/rsa_saos.c create mode 100644 src/lib/libcrypto/rsa/rsa_sign.c create mode 100644 src/lib/libcrypto/rsa/rsa_ssl.c create mode 100644 src/lib/libcrypto/sha/asm/sha1-586.pl create mode 100644 src/lib/libcrypto/sha/sha.h create mode 100644 src/lib/libcrypto/sha/sha1_one.c create mode 100644 src/lib/libcrypto/sha/sha1dgst.c create mode 100644 src/lib/libcrypto/sha/sha_locl.h create mode 100644 src/lib/libcrypto/stack/stack.c create mode 100644 src/lib/libcrypto/stack/stack.h create mode 100644 src/lib/libcrypto/txt_db/txt_db.c create mode 100644 src/lib/libcrypto/txt_db/txt_db.h create mode 100644 src/lib/libcrypto/x509/by_dir.c create mode 100644 src/lib/libcrypto/x509/by_file.c create mode 100644 src/lib/libcrypto/x509/x509.h create mode 100644 src/lib/libcrypto/x509/x509_cmp.c create mode 100644 src/lib/libcrypto/x509/x509_d2.c create mode 100644 src/lib/libcrypto/x509/x509_def.c create mode 100644 src/lib/libcrypto/x509/x509_err.c create mode 100644 src/lib/libcrypto/x509/x509_ext.c create mode 100644 src/lib/libcrypto/x509/x509_lu.c create mode 100644 src/lib/libcrypto/x509/x509_obj.c create mode 100644 src/lib/libcrypto/x509/x509_r2x.c create mode 100644 src/lib/libcrypto/x509/x509_req.c create mode 100644 src/lib/libcrypto/x509/x509_set.c create mode 100644 src/lib/libcrypto/x509/x509_txt.c create mode 100644 src/lib/libcrypto/x509/x509_v3.c create mode 100644 src/lib/libcrypto/x509/x509_vfy.c create mode 100644 src/lib/libcrypto/x509/x509_vfy.h create mode 100644 src/lib/libcrypto/x509/x509name.c create mode 100644 src/lib/libcrypto/x509/x509rset.c create mode 100644 src/lib/libcrypto/x509/x509type.c create mode 100644 src/lib/libcrypto/x509/x_all.c create mode 100644 src/lib/libcrypto/x509v3/x509v3.h create mode 100644 src/lib/libssl/bio_ssl.c create mode 100644 src/lib/libssl/s23_clnt.c create mode 100644 src/lib/libssl/s23_lib.c create mode 100644 src/lib/libssl/s23_pkt.c create mode 100644 src/lib/libssl/s23_srvr.c create mode 100644 src/lib/libssl/s3_both.c create mode 100644 src/lib/libssl/s3_clnt.c create mode 100644 src/lib/libssl/s3_lib.c create mode 100644 src/lib/libssl/s3_pkt.c create mode 100644 src/lib/libssl/s3_srvr.c create mode 100644 src/lib/libssl/shlib_version create mode 100644 src/lib/libssl/ssl.h create mode 100644 src/lib/libssl/ssl2.h create mode 100644 src/lib/libssl/ssl23.h create mode 100644 src/lib/libssl/ssl3.h create mode 100644 src/lib/libssl/ssl_algs.c create mode 100644 src/lib/libssl/ssl_asn1.c create mode 100644 src/lib/libssl/ssl_cert.c create mode 100644 src/lib/libssl/ssl_ciph.c create mode 100644 src/lib/libssl/ssl_err.c create mode 100644 src/lib/libssl/ssl_err2.c create mode 100644 src/lib/libssl/ssl_lib.c create mode 100644 src/lib/libssl/ssl_locl.h create mode 100644 src/lib/libssl/ssl_rsa.c create mode 100644 src/lib/libssl/ssl_sess.c create mode 100644 src/lib/libssl/ssl_stat.c create mode 100644 src/lib/libssl/ssl_txt.c create mode 100644 src/lib/libssl/t1_clnt.c create mode 100644 src/lib/libssl/t1_enc.c create mode 100644 src/lib/libssl/t1_lib.c create mode 100644 src/lib/libssl/t1_meth.c create mode 100644 src/lib/libssl/t1_srvr.c create mode 100644 src/lib/libssl/test/CAss.cnf create mode 100644 src/lib/libssl/test/CAssdh.cnf create mode 100644 src/lib/libssl/test/CAssdsa.cnf create mode 100644 src/lib/libssl/test/CAssrsa.cnf create mode 100644 src/lib/libssl/test/Sssdsa.cnf create mode 100644 src/lib/libssl/test/Sssrsa.cnf create mode 100644 src/lib/libssl/test/Uss.cnf create mode 100644 src/lib/libssl/test/methtest.c create mode 100644 src/lib/libssl/test/pkcs7-1.pem create mode 100644 src/lib/libssl/test/pkcs7.pem create mode 100644 src/lib/libssl/test/r160test.c create mode 100644 src/lib/libssl/test/tcrl create mode 100644 src/lib/libssl/test/test.cnf create mode 100644 src/lib/libssl/test/testca create mode 100644 src/lib/libssl/test/testcrl.pem create mode 100644 src/lib/libssl/test/testenc create mode 100644 src/lib/libssl/test/testgen create mode 100644 src/lib/libssl/test/testp7.pem create mode 100644 src/lib/libssl/test/testreq2.pem create mode 100644 src/lib/libssl/test/testrsa.pem create mode 100644 src/lib/libssl/test/testsid.pem create mode 100644 src/lib/libssl/test/testss create mode 100644 src/lib/libssl/test/testssl create mode 100644 src/lib/libssl/test/testx509.pem create mode 100644 src/lib/libssl/test/times create mode 100644 src/lib/libssl/test/tpkcs7 create mode 100644 src/lib/libssl/test/tpkcs7d create mode 100644 src/lib/libssl/test/treq create mode 100644 src/lib/libssl/test/trsa create mode 100644 src/lib/libssl/test/tsid create mode 100644 src/lib/libssl/test/tx509 create mode 100644 src/lib/libssl/test/v3-cert1.pem create mode 100644 src/lib/libssl/test/v3-cert2.pem create mode 100644 src/lib/libssl/tls1.h diff --git a/src/lib/libcrypto/asn1/a_bitstr.c b/src/lib/libcrypto/asn1/a_bitstr.c new file mode 100644 index 0000000000..2c10120651 --- /dev/null +++ b/src/lib/libcrypto/asn1/a_bitstr.c @@ -0,0 +1,204 @@ +/* crypto/asn1/a_bitstr.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include +#include "cryptlib.h" +#include "asn1.h" + +/* ASN1err(ASN1_F_ASN1_STRING_NEW,ASN1_R_STRING_TOO_SHORT); + * ASN1err(ASN1_F_D2I_ASN1_BIT_STRING,ASN1_R_EXPECTING_A_BIT_STRING); + */ + +int i2d_ASN1_BIT_STRING(a,pp) +ASN1_BIT_STRING *a; +unsigned char **pp; + { + int ret,j,r,bits; + unsigned char *p,*d; + + if (a == NULL) return(0); + + /* our bit strings are always a multiple of 8 :-) */ + bits=0; + ret=1+a->length; + r=ASN1_object_size(0,ret,V_ASN1_BIT_STRING); + if (pp == NULL) return(r); + p= *pp; + + ASN1_put_object(&p,0,ret,V_ASN1_BIT_STRING,V_ASN1_UNIVERSAL); + if (bits == 0) + j=0; + else j=8-bits; + *(p++)=(unsigned char)j; + d=a->data; + memcpy(p,d,a->length); + p+=a->length; + if (a->length > 0) p[-1]&=(0xff< 1) /* using one because of the bits left byte */ + { + s=(unsigned char *)Malloc((int)len); + if (s == NULL) + { + i=ERR_R_MALLOC_FAILURE; + goto err; + } + memcpy(s,p,(int)len); + s[len-1]&=(0xff<length=(int)len; + if (ret->data != NULL) Free((char *)ret->data); + ret->data=s; + ret->type=V_ASN1_BIT_STRING; + if (a != NULL) (*a)=ret; + *pp=p; + return(ret); +err: + ASN1err(ASN1_F_D2I_ASN1_BIT_STRING,i); + if ((ret != NULL) && ((a == NULL) || (*a != ret))) + ASN1_BIT_STRING_free(ret); + return(NULL); + } + +/* These next 2 functions from Goetz Babin-Ebell + */ +int ASN1_BIT_STRING_set_bit(a,n,value) +ASN1_BIT_STRING *a; +int n; +int value; + { + int w,v,iv; + unsigned char *c; + + w=n/8; + v=1<<(7-(n&0x07)); + iv= ~v; + + if (a == NULL) return(0); + if ((a->length < (w+1)) || (a->data == NULL)) + { + if (!value) return(1); /* Don't need to set */ + if (a->data == NULL) + c=(unsigned char *)Malloc(w+1); + else + c=(unsigned char *)Realloc(a->data,w+1); + if (c == NULL) return(0); + a->data=c; + a->length=w+1; + c[w]=0; + } + a->data[w]=((a->data[w])&iv)|v; + while ((a->length > 0) && (a->data[a->length-1] == 0)) + a->length--; + return(1); + } + +int ASN1_BIT_STRING_get_bit(a,n) +ASN1_BIT_STRING *a; +int n; + { + int w,v; + + w=n/8; + v=1<<(7-(n&0x07)); + if ((a == NULL) || (a->length < (w+1)) || (a->data == NULL)) + return(0); + return((a->data[w]&v) != 0); + } + diff --git a/src/lib/libcrypto/asn1/a_bool.c b/src/lib/libcrypto/asn1/a_bool.c new file mode 100644 index 0000000000..41a95aa278 --- /dev/null +++ b/src/lib/libcrypto/asn1/a_bool.c @@ -0,0 +1,121 @@ +/* crypto/asn1/a_bool.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include +#include "cryptlib.h" +#include "asn1.h" + +/* ASN1err(ASN1_F_D2I_ASN1_BOOLEAN,ASN1_R_EXPECTING_A_BOOLEAN); + * ASN1err(ASN1_F_D2I_ASN1_BOOLEAN,ASN1_R_BOOLEAN_IS_WRONG_LENGTH); + */ + +int i2d_ASN1_BOOLEAN(a,pp) +int a; +unsigned char **pp; + { + int r; + unsigned char *p; + + r=ASN1_object_size(0,1,V_ASN1_BOOLEAN); + if (pp == NULL) return(r); + p= *pp; + + ASN1_put_object(&p,0,1,V_ASN1_BOOLEAN,V_ASN1_UNIVERSAL); + *(p++)= (unsigned char)a; + *pp=p; + return(r); + } + +int d2i_ASN1_BOOLEAN(a, pp, length) +int *a; +unsigned char **pp; +long length; + { + int ret= -1; + unsigned char *p; + long len; + int inf,tag,xclass; + int i=0; + + p= *pp; + inf=ASN1_get_object(&p,&len,&tag,&xclass,length); + if (inf & 0x80) + { + i=ASN1_R_BAD_OBJECT_HEADER; + goto err; + } + + if (tag != V_ASN1_BOOLEAN) + { + i=ASN1_R_EXPECTING_A_BOOLEAN; + goto err; + } + + if (len != 1) + { + i=ASN1_R_BOOLEAN_IS_WRONG_LENGTH; + goto err; + } + ret= (int)*(p++); + if (a != NULL) (*a)=ret; + *pp=p; + return(ret); +err: + ASN1err(ASN1_F_D2I_ASN1_BOOLEAN,i); + return(ret); + } diff --git a/src/lib/libcrypto/asn1/a_bytes.c b/src/lib/libcrypto/asn1/a_bytes.c new file mode 100644 index 0000000000..14168d61ad --- /dev/null +++ b/src/lib/libcrypto/asn1/a_bytes.c @@ -0,0 +1,346 @@ +/* crypto/asn1/a_bytes.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include +#include "cryptlib.h" +#include "asn1_mac.h" + +/* ASN1err(ASN1_F_ASN1_TYPE_NEW,ASN1_R_ERROR_STACK); + * ASN1err(ASN1_F_D2I_ASN1_TYPE_BYTES,ASN1_R_ERROR_STACK); + * ASN1err(ASN1_F_D2I_ASN1_TYPE_BYTES,ASN1_R_WRONG_TYPE); + * ASN1err(ASN1_F_ASN1_COLLATE_PRIMATIVE,ASN1_R_WRONG_TAG); + */ + +static unsigned long tag2bit[32]={ +0, 0, 0, B_ASN1_BIT_STRING, /* tags 0 - 3 */ +B_ASN1_OCTET_STRING, 0, 0, B_ASN1_UNKNOWN,/* tags 4- 7 */ +B_ASN1_UNKNOWN, B_ASN1_UNKNOWN, B_ASN1_UNKNOWN, B_ASN1_UNKNOWN,/* tags 8-11 */ +B_ASN1_UNKNOWN, B_ASN1_UNKNOWN, B_ASN1_UNKNOWN, B_ASN1_UNKNOWN,/* tags 12-15 */ +0, 0, B_ASN1_NUMERICSTRING,B_ASN1_PRINTABLESTRING, +B_ASN1_T61STRING,B_ASN1_VIDEOTEXSTRING,B_ASN1_IA5STRING,0, +0,B_ASN1_GRAPHICSTRING,B_ASN1_ISO64STRING,B_ASN1_GENERALSTRING, +B_ASN1_UNIVERSALSTRING,B_ASN1_UNKNOWN,B_ASN1_BMPSTRING,B_ASN1_UNKNOWN, + }; + +#ifndef NOPROTO +static int asn1_collate_primative(ASN1_STRING *a, ASN1_CTX *c); +#else +static int asn1_collate_primative(); +#endif + +/* type is a 'bitmap' of acceptable string types to be accepted. + */ +ASN1_STRING *d2i_ASN1_type_bytes(a, pp, length, type) +ASN1_STRING **a; +unsigned char **pp; +long length; +int type; + { + ASN1_STRING *ret=NULL; + unsigned char *p,*s; + long len; + int inf,tag,xclass; + int i=0; + + p= *pp; + inf=ASN1_get_object(&p,&len,&tag,&xclass,length); + if (inf & 0x80) goto err; + + if (tag >= 32) + { + i=ASN1_R_TAG_VALUE_TOO_HIGH;; + goto err; + } + if (!(tag2bit[tag] & type)) + { + i=ASN1_R_WRONG_TYPE; + goto err; + } + + /* If a bit-string, exit early */ + if (tag == V_ASN1_BIT_STRING) + return(d2i_ASN1_BIT_STRING(a,pp,length)); + + if ((a == NULL) || ((*a) == NULL)) + { + if ((ret=ASN1_STRING_new()) == NULL) return(NULL); + } + else + ret=(*a); + + if (len != 0) + { + s=(unsigned char *)Malloc((int)len+1); + if (s == NULL) + { + i=ERR_R_MALLOC_FAILURE; + goto err; + } + memcpy(s,p,(int)len); + s[len]='\0'; + p+=len; + } + else + s=NULL; + + if (ret->data != NULL) Free((char *)ret->data); + ret->length=(int)len; + ret->data=s; + ret->type=tag; + if (a != NULL) (*a)=ret; + *pp=p; + return(ret); +err: + ASN1err(ASN1_F_D2I_ASN1_TYPE_BYTES,i); + if ((ret != NULL) && ((a == NULL) || (*a != ret))) + ASN1_STRING_free(ret); + return(NULL); + } + +int i2d_ASN1_bytes(a, pp, tag, xclass) +ASN1_STRING *a; +unsigned char **pp; +int tag; +int xclass; + { + int ret,r,constructed; + unsigned char *p; + + if (a == NULL) return(0); + + if (tag == V_ASN1_BIT_STRING) + return(i2d_ASN1_BIT_STRING(a,pp)); + + ret=a->length; + r=ASN1_object_size(0,ret,tag); + if (pp == NULL) return(r); + p= *pp; + + if ((tag == V_ASN1_SEQUENCE) || (tag == V_ASN1_SET)) + constructed=1; + else + constructed=0; + ASN1_put_object(&p,constructed,ret,tag,xclass); + memcpy(p,a->data,a->length); + p+=a->length; + *pp= p; + return(r); + } + +ASN1_STRING *d2i_ASN1_bytes(a, pp, length, Ptag, Pclass) +ASN1_STRING **a; +unsigned char **pp; +long length; +int Ptag; +int Pclass; + { + ASN1_STRING *ret=NULL; + unsigned char *p,*s; + long len; + int inf,tag,xclass; + int i=0; + + if ((a == NULL) || ((*a) == NULL)) + { + if ((ret=ASN1_STRING_new()) == NULL) return(NULL); + } + else + ret=(*a); + + p= *pp; + inf=ASN1_get_object(&p,&len,&tag,&xclass,length); + if (inf & 0x80) + { + i=ASN1_R_BAD_OBJECT_HEADER; + goto err; + } + + if (tag != Ptag) + { + i=ASN1_R_WRONG_TAG; + goto err; + } + + if (inf & V_ASN1_CONSTRUCTED) + { + ASN1_CTX c; + + c.pp=pp; + c.p=p; + c.inf=inf; + c.slen=len; + c.tag=Ptag; + c.xclass=Pclass; + c.max=(length == 0)?0:(p+length); + if (!asn1_collate_primative(ret,&c)) + goto err; + else + { + p=c.p; + } + } + else + { + if (len != 0) + { + if ((ret->length < len) || (ret->data == NULL)) + { + if (ret->data != NULL) Free((char *)ret->data); + s=(unsigned char *)Malloc((int)len); + if (s == NULL) + { + i=ERR_R_MALLOC_FAILURE; + goto err; + } + } + else + s=ret->data; + memcpy(s,p,(int)len); + p+=len; + } + else + { + s=NULL; + if (ret->data != NULL) Free((char *)ret->data); + } + + ret->length=(int)len; + ret->data=s; + ret->type=Ptag; + } + + if (a != NULL) (*a)=ret; + *pp=p; + return(ret); +err: + if ((ret != NULL) && ((a == NULL) || (*a != ret))) + ASN1_STRING_free(ret); + ASN1err(ASN1_F_D2I_ASN1_BYTES,i); + return(NULL); + } + + +/* We are about to parse 0..n d2i_ASN1_bytes objects, we are to collapes + * them into the one struture that is then returned */ +/* There have been a few bug fixes for this function from + * Paul Keogh , many thanks to him */ +static int asn1_collate_primative(a,c) +ASN1_STRING *a; +ASN1_CTX *c; + { + ASN1_STRING *os=NULL; + BUF_MEM b; + int num; + + b.length=0; + b.max=0; + b.data=NULL; + + if (a == NULL) + { + c->error=ERR_R_PASSED_NULL_PARAMETER; + goto err; + } + + num=0; + for (;;) + { + if (c->inf & 1) + { + c->eos=ASN1_check_infinite_end(&c->p, + (long)(c->max-c->p)); + if (c->eos) break; + } + else + { + if (c->slen <= 0) break; + } + + c->q=c->p; + if (d2i_ASN1_bytes(&os,&c->p,c->max-c->p,c->tag,c->xclass) + == NULL) + { + c->error=ERR_R_ASN1_LIB; + goto err; + } + + if (!BUF_MEM_grow(&b,num+os->length)) + { + c->error=ERR_R_BUF_LIB; + goto err; + } + memcpy(&(b.data[num]),os->data,os->length); + if (!(c->inf & 1)) + c->slen-=(c->p-c->q); + num+=os->length; + } + + if (!asn1_Finish(c)) goto err; + + a->length=num; + if (a->data != NULL) Free(a->data); + a->data=(unsigned char *)b.data; + if (os != NULL) ASN1_STRING_free(os); + return(1); +err: + ASN1err(ASN1_F_ASN1_COLLATE_PRIMATIVE,c->error); + if (os != NULL) ASN1_STRING_free(os); + if (b.data != NULL) Free(b.data); + return(0); + } + diff --git a/src/lib/libcrypto/asn1/a_d2i_fp.c b/src/lib/libcrypto/asn1/a_d2i_fp.c new file mode 100644 index 0000000000..d952836a91 --- /dev/null +++ b/src/lib/libcrypto/asn1/a_d2i_fp.c @@ -0,0 +1,201 @@ +/* crypto/asn1/a_d2i_fp.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include +#include "cryptlib.h" +#include "buffer.h" +#include "asn1_mac.h" + +#define HEADER_SIZE 8 + +#ifndef NO_FP_API +char *ASN1_d2i_fp(xnew,d2i,in,x) +char *(*xnew)(); +char *(*d2i)(); +FILE *in; +unsigned char **x; + { + BIO *b; + char *ret; + + if ((b=BIO_new(BIO_s_file())) == NULL) + { + ASN1err(ASN1_F_ASN1_D2I_FP,ERR_R_BUF_LIB); + return(NULL); + } + BIO_set_fp(b,in,BIO_NOCLOSE); + ret=ASN1_d2i_bio(xnew,d2i,b,x); + BIO_free(b); + return(ret); + } +#endif + +char *ASN1_d2i_bio(xnew,d2i,in,x) +char *(*xnew)(); +char *(*d2i)(); +BIO *in; +unsigned char **x; + { + BUF_MEM *b; + unsigned char *p; + int i; + char *ret=NULL; + ASN1_CTX c; + int want=HEADER_SIZE; + int eos=0; + int off=0; + int len=0; + + b=BUF_MEM_new(); + if (b == NULL) + { + ASN1err(ASN1_F_ASN1_D2I_BIO,ERR_R_MALLOC_FAILURE); + return(NULL); + } + + ERR_clear_error(); + for (;;) + { + if (want >= (len-off)) + { + want-=(len-off); + + if (!BUF_MEM_grow(b,len+want)) + { + ASN1err(ASN1_F_ASN1_D2I_BIO,ERR_R_MALLOC_FAILURE); + goto err; + } + i=BIO_read(in,&(b->data[len]),want); + if ((i < 0) && ((len-off) == 0)) + { + ASN1err(ASN1_F_ASN1_D2I_BIO,ASN1_R_NOT_ENOUGH_DATA); + goto err; + } + if (i > 0) + len+=i; + } + /* else data already loaded */ + + p=(unsigned char *)&(b->data[off]); + c.p=p; + c.inf=ASN1_get_object(&(c.p),&(c.slen),&(c.tag),&(c.xclass), + len-off); + if (c.inf & 0x80) + { + unsigned long e; + + e=ERR_GET_REASON(ERR_peek_error()); + if (e != ASN1_R_TOO_LONG) + goto err; + else + ERR_get_error(); /* clear error */ + } + i=c.p-p;/* header length */ + off+=i; /* end of data */ + + if (c.inf & 1) + { + /* no data body so go round again */ + eos++; + want=HEADER_SIZE; + } + else if (eos && (c.slen == 0) && (c.tag == V_ASN1_EOC)) + { + /* eos value, so go back and read another header */ + eos--; + if (eos <= 0) + break; + else + want=HEADER_SIZE; + } + else + { + /* suck in c.slen bytes of data */ + want=(int)c.slen; + if (want > (len-off)) + { + want-=(len-off); + if (!BUF_MEM_grow(b,len+want)) + { + ASN1err(ASN1_F_ASN1_D2I_BIO,ERR_R_MALLOC_FAILURE); + goto err; + } + i=BIO_read(in,&(b->data[len]),want); + if (i <= 0) + { + ASN1err(ASN1_F_ASN1_D2I_BIO,ASN1_R_NOT_ENOUGH_DATA); + goto err; + } + len+=i; + } + off+=(int)c.slen; + if (eos <= 0) + { + break; + } + else + want=HEADER_SIZE; + } + } + + p=(unsigned char *)b->data; + ret=d2i(x,&p,off); +err: + if (b != NULL) BUF_MEM_free(b); + return(ret); + } diff --git a/src/lib/libcrypto/asn1/a_digest.c b/src/lib/libcrypto/asn1/a_digest.c new file mode 100644 index 0000000000..8ddb65b0dc --- /dev/null +++ b/src/lib/libcrypto/asn1/a_digest.c @@ -0,0 +1,91 @@ +/* crypto/asn1/a_digest.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include +#include +#include +#include + +#include "cryptlib.h" +#include "evp.h" +#include "x509.h" +#include "buffer.h" + +int ASN1_digest(i2d,type,data,md,len) +int (*i2d)(); +EVP_MD *type; +char *data; +unsigned char *md; +unsigned int *len; + { + EVP_MD_CTX ctx; + int i; + unsigned char *str,*p; + + i=i2d(data,NULL); + if ((str=(unsigned char *)Malloc(i)) == NULL) return(0); + p=str; + i2d(data,&p); + + EVP_DigestInit(&ctx,type); + EVP_DigestUpdate(&ctx,str,i); + EVP_DigestFinal(&ctx,md,len); + Free(str); + return(1); + } + diff --git a/src/lib/libcrypto/asn1/a_dup.c b/src/lib/libcrypto/asn1/a_dup.c new file mode 100644 index 0000000000..961b4cb069 --- /dev/null +++ b/src/lib/libcrypto/asn1/a_dup.c @@ -0,0 +1,86 @@ +/* crypto/asn1/a_dup.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include +#include "cryptlib.h" +#include "asn1_mac.h" + +#define READ_CHUNK 2048 + +char *ASN1_dup(i2d,d2i,x) +int (*i2d)(); +char *(*d2i)(); +char *x; + { + unsigned char *b,*p; + long i; + char *ret; + + if (x == NULL) return(NULL); + + i=(long)i2d(x,NULL); + b=(unsigned char *)Malloc((unsigned int)i+10); + if (b == NULL) + { ASN1err(ASN1_F_ASN1_DUP,ERR_R_MALLOC_FAILURE); return(NULL); } + p= b; + i=i2d(x,&p); + p= b; + ret=d2i(NULL,&p,i); + Free((char *)b); + return(ret); + } diff --git a/src/lib/libcrypto/asn1/a_i2d_fp.c b/src/lib/libcrypto/asn1/a_i2d_fp.c new file mode 100644 index 0000000000..66c3df68d5 --- /dev/null +++ b/src/lib/libcrypto/asn1/a_i2d_fp.c @@ -0,0 +1,119 @@ +/* crypto/asn1/a_i2d_fp.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include +#include "cryptlib.h" +#include "buffer.h" +#include "asn1_mac.h" + +#ifndef NO_FP_API +int ASN1_i2d_fp(i2d,out,x) +int (*i2d)(); +FILE *out; +unsigned char *x; + { + BIO *b; + int ret; + + if ((b=BIO_new(BIO_s_file())) == NULL) + { + ASN1err(ASN1_F_ASN1_I2D_FP,ERR_R_BUF_LIB); + return(0); + } + BIO_set_fp(b,out,BIO_NOCLOSE); + ret=ASN1_i2d_bio(i2d,b,x); + BIO_free(b); + return(ret); + } +#endif + +int ASN1_i2d_bio(i2d,out,x) +int (*i2d)(); +BIO *out; +unsigned char *x; + { + char *b; + unsigned char *p; + int i,j=0,n,ret=1; + + n=i2d(x,NULL); + b=(char *)Malloc(n); + if (b == NULL) + { + ASN1err(ASN1_F_ASN1_I2D_BIO,ERR_R_MALLOC_FAILURE); + return(0); + } + + p=(unsigned char *)b; + i2d(x,&p); + + for (;;) + { + i=BIO_write(out,&(b[j]),n); + if (i == n) break; + if (i <= 0) + { + ret=0; + break; + } + j+=i; + n-=i; + } + Free((char *)b); + return(ret); + } diff --git a/src/lib/libcrypto/asn1/a_int.c b/src/lib/libcrypto/asn1/a_int.c new file mode 100644 index 0000000000..df79cf99bb --- /dev/null +++ b/src/lib/libcrypto/asn1/a_int.c @@ -0,0 +1,305 @@ +/* crypto/asn1/a_int.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include +#include "cryptlib.h" +#include "asn1.h" + +/* ASN1err(ASN1_F_D2I_ASN1_INTEGER,ASN1_R_EXPECTING_AN_INTEGER); + */ + +int i2d_ASN1_INTEGER(a,pp) +ASN1_INTEGER *a; +unsigned char **pp; + { + int pad=0,ret,r,i,t; + unsigned char *p,*pt,*n,pb=0; + + if ((a == NULL) || (a->data == NULL)) return(0); + t=a->type; + if (a->length == 0) + ret=1; + else + { + ret=a->length; + i=a->data[0]; + if ((t == V_ASN1_INTEGER) && (i > 127)) + { + pad=1; + pb=0; + } + else if ((t == V_ASN1_NEG_INTEGER) && (i>128)) + { + pad=1; + pb=0xFF; + } + ret+=pad; + } + r=ASN1_object_size(0,ret,V_ASN1_INTEGER); + if (pp == NULL) return(r); + p= *pp; + + ASN1_put_object(&p,0,ret,V_ASN1_INTEGER,V_ASN1_UNIVERSAL); + if (pad) *(p++)=pb; + if (a->length == 0) + *(p++)=0; + else if (t == V_ASN1_INTEGER) + { + memcpy(p,a->data,(unsigned int)a->length); + p+=a->length; + } + else + { + n=a->data; + pt=p; + for (i=a->length; i>0; i--) + *(p++)= (*(n++)^0xFF)+1; + if (!pad) *pt|=0x80; + } + + *pp=p; + return(r); + } + +ASN1_INTEGER *d2i_ASN1_INTEGER(a, pp, length) +ASN1_INTEGER **a; +unsigned char **pp; +long length; + { + ASN1_INTEGER *ret=NULL; + unsigned char *p,*to,*s; + long len; + int inf,tag,xclass; + int i; + + if ((a == NULL) || ((*a) == NULL)) + { + if ((ret=ASN1_INTEGER_new()) == NULL) return(NULL); + ret->type=V_ASN1_INTEGER; + } + else + ret=(*a); + + p= *pp; + inf=ASN1_get_object(&p,&len,&tag,&xclass,length); + if (inf & 0x80) + { + i=ASN1_R_BAD_OBJECT_HEADER; + goto err; + } + + if (tag != V_ASN1_INTEGER) + { + i=ASN1_R_EXPECTING_AN_INTEGER; + goto err; + } + + /* We must Malloc stuff, even for 0 bytes otherwise it + * signifies a missing NULL parameter. */ + s=(unsigned char *)Malloc((int)len+1); + if (s == NULL) + { + i=ERR_R_MALLOC_FAILURE; + goto err; + } + to=s; + if (*p & 0x80) /* a negative number */ + { + ret->type=V_ASN1_NEG_INTEGER; + if (*p == 0xff) + { + p++; + len--; + } + for (i=(int)len; i>0; i--) + *(to++)= (*(p++)^0xFF)+1; + } + else + { + ret->type=V_ASN1_INTEGER; + if ((*p == 0) && (len != 1)) + { + p++; + len--; + } + memcpy(s,p,(int)len); + p+=len; + } + + if (ret->data != NULL) Free((char *)ret->data); + ret->data=s; + ret->length=(int)len; + if (a != NULL) (*a)=ret; + *pp=p; + return(ret); +err: + ASN1err(ASN1_F_D2I_ASN1_INTEGER,i); + if ((ret != NULL) && ((a == NULL) || (*a != ret))) + ASN1_INTEGER_free(ret); + return(NULL); + } + +int ASN1_INTEGER_set(a,v) +ASN1_INTEGER *a; +long v; + { + int i,j,k; + unsigned char buf[sizeof(long)+1]; + long d; + + a->type=V_ASN1_INTEGER; + if (a->length < (sizeof(long)+1)) + { + if (a->data != NULL) + Free((char *)a->data); + if ((a->data=(unsigned char *)Malloc(sizeof(long)+1)) != NULL) + memset((char *)a->data,0,sizeof(long)+1); + } + if (a->data == NULL) + { + ASN1err(ASN1_F_ASN1_INTEGER_SET,ERR_R_MALLOC_FAILURE); + return(0); + } + d=v; + if (d < 0) + { + d= -d; + a->type=V_ASN1_NEG_INTEGER; + } + + for (i=0; i>=8; + } + j=0; + if (v < 0) a->data[j++]=0; + for (k=i-1; k >=0; k--) + a->data[j++]=buf[k]; + a->length=j; + return(1); + } + +long ASN1_INTEGER_get(a) +ASN1_INTEGER *a; + { + int neg=0,i; + long r=0; + + if (a == NULL) return(0L); + i=a->type; + if (i == V_ASN1_NEG_INTEGER) + neg=1; + else if (i != V_ASN1_INTEGER) + return(0); + + if (a->length > sizeof(long)) + { + /* hmm... a bit ugly */ + return(0xffffffffL); + } + if (a->data == NULL) + return(0); + + for (i=0; ilength; i++) + { + r<<=8; + r|=(unsigned char)a->data[i]; + } + if (neg) r= -r; + return(r); + } + +ASN1_INTEGER *BN_to_ASN1_INTEGER(bn,ai) +BIGNUM *bn; +ASN1_INTEGER *ai; + { + ASN1_INTEGER *ret; + int len,j; + + if (ai == NULL) + ret=ASN1_INTEGER_new(); + else + ret=ai; + if (ret == NULL) + { + ASN1err(ASN1_F_BN_TO_ASN1_INTEGER,ASN1_R_ERROR_STACK); + goto err; + } + ret->type=V_ASN1_INTEGER; + j=BN_num_bits(bn); + len=((j == 0)?0:((j/8)+1)); + ret->data=(unsigned char *)Malloc(len+4); + ret->length=BN_bn2bin(bn,ret->data); + return(ret); +err: + if (ret != ai) ASN1_INTEGER_free(ret); + return(NULL); + } + +BIGNUM *ASN1_INTEGER_to_BN(ai,bn) +ASN1_INTEGER *ai; +BIGNUM *bn; + { + BIGNUM *ret; + + if ((ret=BN_bin2bn(ai->data,ai->length,bn)) == NULL) + ASN1err(ASN1_F_ASN1_INTEGER_TO_BN,ASN1_R_BN_LIB); + return(ret); + } diff --git a/src/lib/libcrypto/asn1/a_object.c b/src/lib/libcrypto/asn1/a_object.c new file mode 100644 index 0000000000..5a7eeef8d8 --- /dev/null +++ b/src/lib/libcrypto/asn1/a_object.c @@ -0,0 +1,389 @@ +/* crypto/asn1/a_object.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include +#include "cryptlib.h" +#include "buffer.h" +#include "asn1.h" +#include "objects.h" + +/* ASN1err(ASN1_F_ASN1_OBJECT_NEW,ASN1_R_EXPECTING_AN_OBJECT); + * ASN1err(ASN1_F_D2I_ASN1_OBJECT,ASN1_R_BAD_OBJECT_HEADER); + * ASN1err(ASN1_F_I2T_ASN1_OBJECT,ASN1_R_BAD_OBJECT_HEADER); + */ + +int i2d_ASN1_OBJECT(a, pp) +ASN1_OBJECT *a; +unsigned char **pp; + { + unsigned char *p; + + if ((a == NULL) || (a->data == NULL)) return(0); + + if (pp == NULL) + return(ASN1_object_size(0,a->length,V_ASN1_OBJECT)); + + p= *pp; + ASN1_put_object(&p,0,a->length,V_ASN1_OBJECT,V_ASN1_UNIVERSAL); + memcpy(p,a->data,a->length); + p+=a->length; + + *pp=p; + return(a->length); + } + +int a2d_ASN1_OBJECT(out,olen,buf,num) +unsigned char *out; +int olen; +char *buf; +int num; + { + int i,first,len=0,c; + char tmp[24],*p; + unsigned long l; + + if (num == 0) + return(0); + else if (num == -1) + num=strlen(buf); + + p=buf; + c= *(p++); + num--; + if ((c >= '0') && (c <= '2')) + { + first=(c-'0')*40; + } + else + { + ASN1err(ASN1_F_A2D_ASN1_OBJECT,ASN1_R_FIRST_NUM_TOO_LARGE); + goto err; + } + + if (num <= 0) + { + ASN1err(ASN1_F_A2D_ASN1_OBJECT,ASN1_R_MISSING_SECOND_NUMBER); + goto err; + } + c= *(p++); + num--; + for (;;) + { + if (num <= 0) break; + if ((c != '.') && (c != ' ')) + { + ASN1err(ASN1_F_A2D_ASN1_OBJECT,ASN1_R_INVALID_SEPARATOR); + goto err; + } + l=0; + for (;;) + { + if (num <= 0) break; + num--; + c= *(p++); + if ((c == ' ') || (c == '.')) + break; + if ((c < '0') || (c > '9')) + { + ASN1err(ASN1_F_A2D_ASN1_OBJECT,ASN1_R_INVALID_DIGIT); + goto err; + } + l=l*10L+(long)(c-'0'); + } + if (len == 0) + { + if ((first < 2) && (l >= 40)) + { + ASN1err(ASN1_F_A2D_ASN1_OBJECT,ASN1_R_SECOND_NUMBER_TOO_LARGE); + goto err; + } + l+=(long)first; + } + i=0; + for (;;) + { + tmp[i++]=(unsigned char)l&0x7f; + l>>=7L; + if (l == 0L) break; + } + if (out != NULL) + { + if (len+i > olen) + { + ASN1err(ASN1_F_A2D_ASN1_OBJECT,ASN1_R_BUFFER_TOO_SMALL); + goto err; + } + while (--i > 0) + out[len++]=tmp[i]|0x80; + out[len++]=tmp[0]; + } + else + len+=i; + } + return(len); +err: + return(0); + } + +int i2t_ASN1_OBJECT(buf,buf_len,a) +char *buf; +int buf_len; +ASN1_OBJECT *a; + { + int i,idx=0,n=0,len,nid; + unsigned long l; + unsigned char *p; + char *s; + char tbuf[32]; + + if (buf_len <= 0) return(0); + + if ((a == NULL) || (a->data == NULL)) + { + buf[0]='\0'; + return(0); + } + + nid=OBJ_obj2nid(a); + if (nid == NID_undef) + { + len=a->length; + p=a->data; + + idx=0; + l=0; + while (idx < a->length) + { + l|=(p[idx]&0x7f); + if (!(p[idx] & 0x80)) break; + l<<=7L; + idx++; + } + idx++; + i=(int)(l/40); + if (i > 2) i=2; + l-=(long)(i*40); + + sprintf(tbuf,"%d.%ld",i,l); + i=strlen(tbuf); + strncpy(buf,tbuf,buf_len); + buf_len-=i; + buf+=i; + n+=i; + + l=0; + for (; idx 0) + strncpy(buf,tbuf,buf_len); + buf_len-=i; + buf+=i; + n+=i; + l=0; + } + l<<=7L; + } + } + else + { + s=(char *)OBJ_nid2ln(nid); + if (s == NULL) + s=(char *)OBJ_nid2sn(nid); + strncpy(buf,s,buf_len); + n=strlen(s); + } + buf[buf_len-1]='\0'; + return(n); + } + +int i2a_ASN1_OBJECT(bp,a) +BIO *bp; +ASN1_OBJECT *a; + { + char buf[80]; + int i; + + if ((a == NULL) || (a->data == NULL)) + return(BIO_write(bp,"NULL",4)); + i=i2t_ASN1_OBJECT(buf,80,a); + if (i > 80) i=80; + BIO_write(bp,buf,i); + return(i); + } + +ASN1_OBJECT *d2i_ASN1_OBJECT(a, pp, length) +ASN1_OBJECT **a; +unsigned char **pp; +long length; + { + ASN1_OBJECT *ret=NULL; + unsigned char *p; + long len; + int tag,xclass; + int inf,i; + + /* only the ASN1_OBJECTs from the 'table' will have values + * for ->sn or ->ln */ + if ((a == NULL) || ((*a) == NULL) || + !((*a)->flags & ASN1_OBJECT_FLAG_DYNAMIC)) + { + if ((ret=ASN1_OBJECT_new()) == NULL) return(NULL); + } + else ret=(*a); + + p= *pp; + + inf=ASN1_get_object(&p,&len,&tag,&xclass,length); + if (inf & 0x80) + { + i=ASN1_R_BAD_OBJECT_HEADER; + goto err; + } + + if (tag != V_ASN1_OBJECT) + { + i=ASN1_R_EXPECTING_AN_OBJECT; + goto err; + } + if ((ret->data == NULL) || (ret->length < len)) + { + if (ret->data != NULL) Free((char *)ret->data); + ret->data=(unsigned char *)Malloc((int)len); + ret->flags|=ASN1_OBJECT_FLAG_DYNAMIC_DATA; + if (ret->data == NULL) + { i=ERR_R_MALLOC_FAILURE; goto err; } + } + memcpy(ret->data,p,(int)len); + ret->length=(int)len; + ret->sn=NULL; + ret->ln=NULL; + /* ret->flags=ASN1_OBJECT_FLAG_DYNAMIC; we know it is dynamic */ + p+=len; + + if (a != NULL) (*a)=ret; + *pp=p; + return(ret); +err: + ASN1err(ASN1_F_D2I_ASN1_OBJECT,i); + if ((ret != NULL) && ((a == NULL) || (*a != ret))) + ASN1_OBJECT_free(ret); + return(NULL); + } + +ASN1_OBJECT *ASN1_OBJECT_new() + { + ASN1_OBJECT *ret; + + ret=(ASN1_OBJECT *)Malloc(sizeof(ASN1_OBJECT)); + if (ret == NULL) + { + ASN1err(ASN1_F_ASN1_OBJECT_NEW,ERR_R_MALLOC_FAILURE); + return(NULL); + } + ret->length=0; + ret->data=NULL; + ret->nid=0; + ret->sn=NULL; + ret->ln=NULL; + ret->flags=ASN1_OBJECT_FLAG_DYNAMIC; + return(ret); + } + +void ASN1_OBJECT_free(a) +ASN1_OBJECT *a; + { + if (a == NULL) return; + if (a->flags & ASN1_OBJECT_FLAG_DYNAMIC_STRINGS) + { + if (a->sn != NULL) Free(a->sn); + if (a->ln != NULL) Free(a->ln); + a->sn=a->ln=NULL; + } + if (a->flags & ASN1_OBJECT_FLAG_DYNAMIC_DATA) + { + if (a->data != NULL) Free(a->data); + a->data=NULL; + a->length=0; + } + if (a->flags & ASN1_OBJECT_FLAG_DYNAMIC) + Free((char *)a); + } + +ASN1_OBJECT *ASN1_OBJECT_create(nid,data,len,sn,ln) +int nid; +unsigned char *data; +int len; +char *sn,*ln; + { + ASN1_OBJECT o; + + o.sn=sn; + o.ln=ln; + o.data=data; + o.nid=nid; + o.length=len; + o.flags=ASN1_OBJECT_FLAG_DYNAMIC| + ASN1_OBJECT_FLAG_DYNAMIC_STRINGS|ASN1_OBJECT_FLAG_DYNAMIC_DATA; + return(OBJ_dup(&o)); + } + diff --git a/src/lib/libcrypto/asn1/a_octet.c b/src/lib/libcrypto/asn1/a_octet.c new file mode 100644 index 0000000000..be3f172a8c --- /dev/null +++ b/src/lib/libcrypto/asn1/a_octet.c @@ -0,0 +1,90 @@ +/* crypto/asn1/a_octet.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include +#include "cryptlib.h" +#include "asn1.h" + +/* ASN1err(ASN1_F_D2I_ASN1_OCTET_STRING,ASN1_R_EXPECTING_AN_OCTET_STRING); + */ + +int i2d_ASN1_OCTET_STRING(a, pp) +ASN1_OCTET_STRING *a; +unsigned char **pp; + { + return(i2d_ASN1_bytes((ASN1_STRING *)a,pp, + V_ASN1_OCTET_STRING,V_ASN1_UNIVERSAL)); + } + +ASN1_OCTET_STRING *d2i_ASN1_OCTET_STRING(a, pp, length) +ASN1_OCTET_STRING **a; +unsigned char **pp; +long length; + { + ASN1_OCTET_STRING *ret=NULL; + + ret=(ASN1_OCTET_STRING *)d2i_ASN1_bytes((ASN1_STRING **)a, + pp,length,V_ASN1_OCTET_STRING,V_ASN1_UNIVERSAL); + if (ret == NULL) + { + ASN1err(ASN1_F_D2I_ASN1_OCTET_STRING,ASN1_R_ERROR_STACK); + return(NULL); + } + return(ret); + } + diff --git a/src/lib/libcrypto/asn1/a_print.c b/src/lib/libcrypto/asn1/a_print.c new file mode 100644 index 0000000000..3023361dee --- /dev/null +++ b/src/lib/libcrypto/asn1/a_print.c @@ -0,0 +1,161 @@ +/* crypto/asn1/a_print.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include +#include "cryptlib.h" +#include "asn1.h" + +/* ASN1err(ASN1_F_D2I_ASN1_PRINT_TYPE,ASN1_R_WRONG_PRINTABLE_TYPE); + * ASN1err(ASN1_F_D2I_ASN1_PRINT_TYPE,ASN1_R_TAG_VALUE_TOO_HIGH); + */ + +int i2d_ASN1_IA5STRING(a,pp) +ASN1_IA5STRING *a; +unsigned char **pp; + { return(M_i2d_ASN1_IA5STRING(a,pp)); } + +ASN1_IA5STRING *d2i_ASN1_IA5STRING(a,pp,l) +ASN1_IA5STRING **a; +unsigned char **pp; +long l; + { return(M_d2i_ASN1_IA5STRING(a,pp,l)); } + +ASN1_T61STRING *d2i_ASN1_T61STRING(a,pp,l) +ASN1_T61STRING **a; +unsigned char **pp; +long l; + { return(M_d2i_ASN1_T61STRING(a,pp,l)); } + +ASN1_PRINTABLESTRING *d2i_ASN1_PRINTABLESTRING(a,pp,l) +ASN1_PRINTABLESTRING **a; +unsigned char **pp; +long l; + { return(M_d2i_ASN1_PRINTABLESTRING(a,pp,l)); } + +int i2d_ASN1_PRINTABLE(a,pp) +ASN1_STRING *a; +unsigned char **pp; + { return(M_i2d_ASN1_PRINTABLE(a,pp)); } + +ASN1_STRING *d2i_ASN1_PRINTABLE(a,pp,l) +ASN1_STRING **a; +unsigned char **pp; +long l; + { return(M_d2i_ASN1_PRINTABLE(a,pp,l)); } + +int ASN1_PRINTABLE_type(s,len) +unsigned char *s; +int len; + { + int c; + int ia5=0; + int t61=0; + + if (len <= 0) len= -1; + if (s == NULL) return(V_ASN1_PRINTABLESTRING); + + while ((*s) && (len-- != 0)) + { + c= *(s++); + if (!( ((c >= 'a') && (c <= 'z')) || + ((c >= 'A') && (c <= 'Z')) || + (c == ' ') || + ((c >= '0') && (c <= '9')) || + (c == ' ') || (c == '\'') || + (c == '(') || (c == ')') || + (c == '+') || (c == ',') || + (c == '-') || (c == '.') || + (c == '/') || (c == ':') || + (c == '=') || (c == '?'))) + ia5=1; + if (c&0x80) + t61=1; + } + if (t61) return(V_ASN1_T61STRING); + if (ia5) return(V_ASN1_IA5STRING); + return(V_ASN1_PRINTABLESTRING); + } + +int ASN1_UNIVERSALSTRING_to_string(s) +ASN1_UNIVERSALSTRING *s; + { + int i; + unsigned char *p; + + if (s->type != V_ASN1_UNIVERSALSTRING) return(0); + if ((s->length%4) != 0) return(0); + p=s->data; + for (i=0; ilength; i+=4) + { + if ((p[0] != '\0') || (p[1] != '\0') || (p[2] != '\0')) + break; + else + p+=4; + } + if (i < s->length) return(0); + p=s->data; + for (i=3; ilength; i+=4) + { + *(p++)=s->data[i]; + } + *(p)='\0'; + s->length/=4; + s->type=ASN1_PRINTABLE_type(s->data,s->length); + return(1); + } + diff --git a/src/lib/libcrypto/asn1/a_set.c b/src/lib/libcrypto/asn1/a_set.c new file mode 100644 index 0000000000..17c49946cf --- /dev/null +++ b/src/lib/libcrypto/asn1/a_set.c @@ -0,0 +1,149 @@ +/* crypto/asn1/a_set.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include +#include "cryptlib.h" +#include "asn1_mac.h" + +/* ASN1err(ASN1_F_ASN1_TYPE_NEW,ERR_R_MALLOC_FAILURE); + */ + +int i2d_ASN1_SET(a,pp,func,ex_tag,ex_class) +STACK *a; +unsigned char **pp; +int (*func)(); +int ex_tag; +int ex_class; + { + int ret=0,r; + int i; + unsigned char *p; + + if (a == NULL) return(0); + for (i=sk_num(a)-1; i>=0; i--) + ret+=func(sk_value(a,i),NULL); + r=ASN1_object_size(1,ret,ex_tag); + if (pp == NULL) return(r); + + p= *pp; + ASN1_put_object(&p,1,ret,ex_tag,ex_class); + for (i=0; i c.max) + { + ASN1err(ASN1_F_D2I_ASN1_SET,ASN1_R_LENGTH_ERROR); + goto err; + } + /* check for infinite constructed - it can be as long + * as the amount of data passed to us */ + if (c.inf == (V_ASN1_CONSTRUCTED+1)) + c.slen=length+ *pp-c.p; + c.max=c.p+c.slen; + + while (c.p < c.max) + { + char *s; + + if (M_ASN1_D2I_end_sequence()) break; + if ((s=func(NULL,&c.p,c.slen,c.max-c.p)) == NULL) goto err; + if (!sk_push(ret,s)) goto err; + } + if (a != NULL) (*a)=ret; + *pp=c.p; + return(ret); +err: + if ((ret != NULL) && ((a == NULL) || (*a != ret))) sk_free(ret); + return(NULL); + } + diff --git a/src/lib/libcrypto/asn1/a_sign.c b/src/lib/libcrypto/asn1/a_sign.c new file mode 100644 index 0000000000..02188e68c4 --- /dev/null +++ b/src/lib/libcrypto/asn1/a_sign.c @@ -0,0 +1,147 @@ +/* crypto/asn1/a_sign.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include +#include +#include +#include + +#include "cryptlib.h" +#include "bn.h" +#include "evp.h" +#include "x509.h" +#include "objects.h" +#include "buffer.h" +#include "pem.h" + +int ASN1_sign(i2d,algor1,algor2,signature,data,pkey,type) +int (*i2d)(); +X509_ALGOR *algor1; +X509_ALGOR *algor2; +ASN1_BIT_STRING *signature; +char *data; +EVP_PKEY *pkey; +EVP_MD *type; + { + EVP_MD_CTX ctx; + unsigned char *p,*buf_in=NULL,*buf_out=NULL; + int i,inl=0,outl=0,outll=0; + X509_ALGOR *a; + + for (i=0; i<2; i++) + { + if (i == 0) + a=algor1; + else + a=algor2; + if (a == NULL) continue; + if ( (a->parameter == NULL) || + (a->parameter->type != V_ASN1_NULL)) + { + ASN1_TYPE_free(a->parameter); + if ((a->parameter=ASN1_TYPE_new()) == NULL) goto err; + a->parameter->type=V_ASN1_NULL; + } + ASN1_OBJECT_free(a->algorithm); + a->algorithm=OBJ_nid2obj(type->pkey_type); + if (a->algorithm == NULL) + { + ASN1err(ASN1_F_ASN1_SIGN,ASN1_R_UNKNOWN_OBJECT_TYPE); + goto err; + } + if (a->algorithm->length == 0) + { + ASN1err(ASN1_F_ASN1_SIGN,ASN1_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD); + goto err; + } + } + inl=i2d(data,NULL); + buf_in=(unsigned char *)Malloc((unsigned int)inl); + outll=outl=EVP_PKEY_size(pkey); + buf_out=(unsigned char *)Malloc((unsigned int)outl); + if ((buf_in == NULL) || (buf_out == NULL)) + { + outl=0; + ASN1err(ASN1_F_ASN1_SIGN,ERR_R_MALLOC_FAILURE); + goto err; + } + p=buf_in; + + i2d(data,&p); + EVP_SignInit(&ctx,type); + EVP_SignUpdate(&ctx,(unsigned char *)buf_in,inl); + if (!EVP_SignFinal(&ctx,(unsigned char *)buf_out, + (unsigned int *)&outl,pkey)) + { + outl=0; + ASN1err(ASN1_F_ASN1_SIGN,ERR_R_EVP_LIB); + goto err; + } + if (signature->data != NULL) Free((char *)signature->data); + signature->data=buf_out; + buf_out=NULL; + signature->length=outl; + +err: + memset(&ctx,0,sizeof(ctx)); + if (buf_in != NULL) + { memset((char *)buf_in,0,(unsigned int)inl); Free((char *)buf_in); } + if (buf_out != NULL) + { memset((char *)buf_out,0,outll); Free((char *)buf_out); } + return(outl); + } diff --git a/src/lib/libcrypto/asn1/a_type.c b/src/lib/libcrypto/asn1/a_type.c new file mode 100644 index 0000000000..7c0004084c --- /dev/null +++ b/src/lib/libcrypto/asn1/a_type.c @@ -0,0 +1,325 @@ +/* crypto/asn1/a_type.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include +#include "cryptlib.h" +#include "asn1_mac.h" + +/* ASN1err(ASN1_F_ASN1_TYPE_NEW,ASN1_R_ERROR_STACK); + * ASN1err(ASN1_F_D2I_ASN1_BYTES,ASN1_R_ERROR_STACK); + * ASN1err(ASN1_F_D2I_ASN1_BYTES,ASN1_R_WRONG_TAG); + * ASN1err(ASN1_F_ASN1_COLLATE_PRIMATIVE,ASN1_R_WRONG_TAG); + */ + +#ifndef NOPROTO +static void ASN1_TYPE_component_free(ASN1_TYPE *a); +#else +static void ASN1_TYPE_component_free(); +#endif + +int i2d_ASN1_TYPE(a,pp) +ASN1_TYPE *a; +unsigned char **pp; + { + int r=0; + + if (a == NULL) return(0); + + switch (a->type) + { + case V_ASN1_NULL: + if (pp != NULL) + ASN1_put_object(pp,0,0,V_ASN1_NULL,V_ASN1_UNIVERSAL); + r=2; + break; + case V_ASN1_INTEGER: + case V_ASN1_NEG_INTEGER: + r=i2d_ASN1_INTEGER(a->value.integer,pp); + break; + case V_ASN1_BIT_STRING: + r=i2d_ASN1_BIT_STRING(a->value.bit_string,pp); + break; + case V_ASN1_OCTET_STRING: + r=i2d_ASN1_OCTET_STRING(a->value.octet_string,pp); + break; + case V_ASN1_OBJECT: + r=i2d_ASN1_OBJECT(a->value.object,pp); + break; + case V_ASN1_PRINTABLESTRING: + r=M_i2d_ASN1_PRINTABLESTRING(a->value.printablestring,pp); + break; + case V_ASN1_T61STRING: + r=M_i2d_ASN1_T61STRING(a->value.t61string,pp); + break; + case V_ASN1_IA5STRING: + r=M_i2d_ASN1_IA5STRING(a->value.ia5string,pp); + break; + case V_ASN1_GENERALSTRING: + r=M_i2d_ASN1_GENERALSTRING(a->value.generalstring,pp); + break; + case V_ASN1_UNIVERSALSTRING: + r=M_i2d_ASN1_UNIVERSALSTRING(a->value.universalstring,pp); + break; + case V_ASN1_BMPSTRING: + r=M_i2d_ASN1_BMPSTRING(a->value.bmpstring,pp); + break; + case V_ASN1_UTCTIME: + r=i2d_ASN1_UTCTIME(a->value.utctime,pp); + break; + case V_ASN1_SET: + case V_ASN1_SEQUENCE: + if (a->value.set == NULL) + r=0; + else + { + r=a->value.set->length; + if (pp != NULL) + { + memcpy(*pp,a->value.set->data,r); + *pp+=r; + } + } + break; + } + return(r); + } + +ASN1_TYPE *d2i_ASN1_TYPE(a,pp,length) +ASN1_TYPE **a; +unsigned char **pp; +long length; + { + ASN1_TYPE *ret=NULL; + unsigned char *q,*p,*max; + int inf,tag,xclass; + long len; + + if ((a == NULL) || ((*a) == NULL)) + { + if ((ret=ASN1_TYPE_new()) == NULL) goto err; + } + else + ret=(*a); + + p= *pp; + q=p; + max=(p+length); + + inf=ASN1_get_object(&q,&len,&tag,&xclass,length); + if (inf & 0x80) goto err; + + ASN1_TYPE_component_free(ret); + + switch (tag) + { + case V_ASN1_NULL: + p=q; + ret->value.ptr=NULL; + break; + case V_ASN1_INTEGER: + if ((ret->value.integer= + d2i_ASN1_INTEGER(NULL,&p,max-p)) == NULL) + goto err; + break; + case V_ASN1_BIT_STRING: + if ((ret->value.bit_string= + d2i_ASN1_BIT_STRING(NULL,&p,max-p)) == NULL) + goto err; + break; + case V_ASN1_OCTET_STRING: + if ((ret->value.octet_string= + d2i_ASN1_OCTET_STRING(NULL,&p,max-p)) == NULL) + goto err; + break; + case V_ASN1_OBJECT: + if ((ret->value.object= + d2i_ASN1_OBJECT(NULL,&p,max-p)) == NULL) + goto err; + break; + case V_ASN1_PRINTABLESTRING: + if ((ret->value.printablestring= + d2i_ASN1_PRINTABLESTRING(NULL,&p,max-p)) == NULL) + goto err; + break; + case V_ASN1_T61STRING: + if ((ret->value.t61string= + M_d2i_ASN1_T61STRING(NULL,&p,max-p)) == NULL) + goto err; + break; + case V_ASN1_IA5STRING: + if ((ret->value.ia5string= + M_d2i_ASN1_IA5STRING(NULL,&p,max-p)) == NULL) + goto err; + break; + case V_ASN1_GENERALSTRING: + if ((ret->value.generalstring= + M_d2i_ASN1_GENERALSTRING(NULL,&p,max-p)) == NULL) + goto err; + break; + case V_ASN1_UNIVERSALSTRING: + if ((ret->value.universalstring= + M_d2i_ASN1_UNIVERSALSTRING(NULL,&p,max-p)) == NULL) + goto err; + break; + case V_ASN1_BMPSTRING: + if ((ret->value.bmpstring= + M_d2i_ASN1_BMPSTRING(NULL,&p,max-p)) == NULL) + goto err; + break; + case V_ASN1_UTCTIME: + if ((ret->value.utctime= + d2i_ASN1_UTCTIME(NULL,&p,max-p)) == NULL) + goto err; + break; + case V_ASN1_SET: + case V_ASN1_SEQUENCE: + /* Sets and sequences are left complete */ + if ((ret->value.set=ASN1_STRING_new()) == NULL) goto err; + ret->value.set->type=tag; + len+=(q-p); + if (!ASN1_STRING_set(ret->value.set,p,(int)len)) goto err; + p+=len; + break; + default: + ASN1err(ASN1_F_D2I_ASN1_TYPE,ASN1_R_BAD_TYPE); + goto err; + } + + ret->type=tag; + if (a != NULL) (*a)=ret; + *pp=p; + return(ret); +err: + if ((ret != NULL) && ((a == NULL) || (*a != ret))) ASN1_TYPE_free(ret); + return(NULL); + } + +ASN1_TYPE *ASN1_TYPE_new() + { + ASN1_TYPE *ret=NULL; + + M_ASN1_New_Malloc(ret,ASN1_TYPE); + ret->type= -1; + ret->value.ptr=NULL; + return(ret); + M_ASN1_New_Error(ASN1_F_ASN1_TYPE_NEW); + } + +void ASN1_TYPE_free(a) +ASN1_TYPE *a; + { + if (a == NULL) return; + ASN1_TYPE_component_free(a); + Free((char *)(char *)a); + } + +int ASN1_TYPE_get(a) +ASN1_TYPE *a; + { + if (a->value.ptr != NULL) + return(a->type); + else + return(0); + } + +void ASN1_TYPE_set(a,type,value) +ASN1_TYPE *a; +int type; +char *value; + { + if (a->value.ptr != NULL) + ASN1_TYPE_component_free(a); + a->type=type; + a->value.ptr=value; + } + +static void ASN1_TYPE_component_free(a) +ASN1_TYPE *a; + { + if (a == NULL) return; + + if (a->value.ptr != NULL) + { + switch (a->type) + { + case V_ASN1_OBJECT: + ASN1_OBJECT_free(a->value.object); + break; + case V_ASN1_INTEGER: + case V_ASN1_NEG_INTEGER: + case V_ASN1_BIT_STRING: + case V_ASN1_OCTET_STRING: + case V_ASN1_PRINTABLESTRING: + case V_ASN1_T61STRING: + case V_ASN1_IA5STRING: + case V_ASN1_UNIVERSALSTRING: + case V_ASN1_GENERALSTRING: + case V_ASN1_UTCTIME: + case V_ASN1_SET: + case V_ASN1_SEQUENCE: + ASN1_STRING_free((ASN1_STRING *)a->value.ptr); + break; + default: + /* MEMORY LEAK */ + break; + } + a->type=0; + a->value.ptr=NULL; + } + } + diff --git a/src/lib/libcrypto/asn1/a_verify.c b/src/lib/libcrypto/asn1/a_verify.c new file mode 100644 index 0000000000..03fc63dbef --- /dev/null +++ b/src/lib/libcrypto/asn1/a_verify.c @@ -0,0 +1,121 @@ +/* crypto/asn1/a_verify.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include +#include +#include +#include + +#include "cryptlib.h" +#include "bn.h" +#include "x509.h" +#include "objects.h" +#include "buffer.h" +#include "evp.h" +#include "pem.h" + +int ASN1_verify(i2d,a,signature,data,pkey) +int (*i2d)(); +X509_ALGOR *a; +ASN1_BIT_STRING *signature; +char *data; +EVP_PKEY *pkey; + { + EVP_MD_CTX ctx; + EVP_MD *type; + unsigned char *p,*buf_in=NULL; + int ret= -1,i,inl; + + i=OBJ_obj2nid(a->algorithm); + type=EVP_get_digestbyname(OBJ_nid2sn(i)); + if (type == NULL) + { + ASN1err(ASN1_F_ASN1_VERIFY,ASN1_R_UNKNOWN_MESSAGE_DIGEST_ALGORITHM); + goto err; + } + + inl=i2d(data,NULL); + buf_in=(unsigned char *)Malloc((unsigned int)inl); + if (buf_in == NULL) + { + ASN1err(ASN1_F_ASN1_VERIFY,ERR_R_MALLOC_FAILURE); + goto err; + } + p=buf_in; + + i2d(data,&p); + EVP_VerifyInit(&ctx,type); + EVP_VerifyUpdate(&ctx,(unsigned char *)buf_in,inl); + + memset(buf_in,0,(unsigned int)inl); + Free((char *)buf_in); + + if (EVP_VerifyFinal(&ctx,(unsigned char *)signature->data, + (unsigned int)signature->length,pkey) <= 0) + { + ASN1err(ASN1_F_ASN1_VERIFY,ERR_R_EVP_LIB); + ret=0; + goto err; + } + /* we don't need to zero the 'ctx' because we just checked + * public information */ + /* memset(&ctx,0,sizeof(ctx)); */ + ret=1; +err: + return(ret); + } diff --git a/src/lib/libcrypto/asn1/asn1.h b/src/lib/libcrypto/asn1/asn1.h new file mode 100644 index 0000000000..9793db365d --- /dev/null +++ b/src/lib/libcrypto/asn1/asn1.h @@ -0,0 +1,859 @@ +/* crypto/asn1/asn1.h */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#ifndef HEADER_ASN1_H +#define HEADER_ASN1_H + +#ifdef __cplusplus +extern "C" { +#endif + +#include +#include "bn.h" +#include "stack.h" + +#define V_ASN1_UNIVERSAL 0x00 +#define V_ASN1_APPLICATION 0x40 +#define V_ASN1_CONTEXT_SPECIFIC 0x80 +#define V_ASN1_PRIVATE 0xc0 + +#define V_ASN1_CONSTRUCTED 0x20 +#define V_ASN1_PRIMATIVE_TAG 0x1f + +#define V_ASN1_APP_CHOOSE -2 /* let the recipent choose */ + +#define V_ASN1_UNDEF -1 +#define V_ASN1_EOC 0 +#define V_ASN1_BOOLEAN 1 /**/ +#define V_ASN1_INTEGER 2 +#define V_ASN1_NEG_INTEGER (2+0x100) +#define V_ASN1_BIT_STRING 3 +#define V_ASN1_OCTET_STRING 4 +#define V_ASN1_NULL 5 +#define V_ASN1_OBJECT 6 +#define V_ASN1_OBJECT_DESCRIPTOR 7 +#define V_ASN1_EXTERNAL 8 +#define V_ASN1_REAL 9 +#define V_ASN1_ENUMERATED 10 /* microsoft weirdness */ +#define V_ASN1_SEQUENCE 16 +#define V_ASN1_SET 17 +#define V_ASN1_NUMERICSTRING 18 /**/ +#define V_ASN1_PRINTABLESTRING 19 +#define V_ASN1_T61STRING 20 +#define V_ASN1_TELETEXSTRING 20 /* alias */ +#define V_ASN1_VIDEOTEXSTRING 21 /**/ +#define V_ASN1_IA5STRING 22 +#define V_ASN1_UTCTIME 23 +#define V_ASN1_GENERALIZEDTIME 24 /**/ +#define V_ASN1_GRAPHICSTRING 25 /**/ +#define V_ASN1_ISO64STRING 26 /**/ +#define V_ASN1_VISIBLESTRING 26 /* alias */ +#define V_ASN1_GENERALSTRING 27 /**/ +#define V_ASN1_UNIVERSALSTRING 28 /**/ +#define V_ASN1_BMPSTRING 30 + +/* For use with d2i_ASN1_type_bytes() */ +#define B_ASN1_NUMERICSTRING 0x0001 +#define B_ASN1_PRINTABLESTRING 0x0002 +#define B_ASN1_T61STRING 0x0004 +#define B_ASN1_VIDEOTEXSTRING 0x0008 +#define B_ASN1_IA5STRING 0x0010 +#define B_ASN1_GRAPHICSTRING 0x0020 +#define B_ASN1_ISO64STRING 0x0040 +#define B_ASN1_GENERALSTRING 0x0080 +#define B_ASN1_UNIVERSALSTRING 0x0100 +#define B_ASN1_OCTET_STRING 0x0200 +#define B_ASN1_BIT_STRING 0x0400 +#define B_ASN1_BMPSTRING 0x0800 +#define B_ASN1_UNKNOWN 0x1000 + +#ifndef DEBUG + +#define ASN1_INTEGER ASN1_STRING +#define ASN1_BIT_STRING ASN1_STRING +#define ASN1_OCTET_STRING ASN1_STRING +#define ASN1_PRINTABLESTRING ASN1_STRING +#define ASN1_T61STRING ASN1_STRING +#define ASN1_IA5STRING ASN1_STRING +#define ASN1_UTCTIME ASN1_STRING +#define ASN1_GENERALIZEDTIME ASN1_STRING +#define ASN1_GENERALSTRING ASN1_STRING +#define ASN1_UNIVERSALSTRING ASN1_STRING +#define ASN1_BMPSTRING ASN1_STRING + +#else + +typedef struct asn1_integer_st + { + int length; + int type; + unsigned char *data; + } ASN1_INTEGER; + +typedef struct asn1_bit_string_st + { + int length; + int type; + unsigned char *data; + } ASN1_BIT_STRING; + +typedef struct asn1_octet_string_st + { + int length; + int type; + unsigned char *data; + } ASN1_OCTET_STRING; + +typedef struct asn1_printablestring_st + { + int length; + int type; + unsigned char *data; + } ASN1_PRINTABLESTRING; + +typedef struct asn1_t61string_st + { + int length; + int type; + unsigned char *data; + } ASN1_T61STRING; + +typedef struct asn1_ia5string_st + { + int length; + int type; + unsigned char *data; + } ASN1_IA5STRING; + +typedef struct asn1_generalstring_st + { + int length; + int type; + unsigned char *data; + } ASN1_GENERALSTRING; + +typedef struct asn1_universalstring_st + { + int length; + int type; + unsigned char *data; + } ASN1_UNIVERSALSTRING; + +typedef struct asn1_bmpstring_st + { + int length; + int type; + unsigned char *data; + } ASN1_BMPSTRING; + +typedef struct asn1_utctime_st + { + int length; + int type; + unsigned char *data; + } ASN1_UTCTIME; + +typedef struct asn1_generalizedtime_st + { + int length; + int type; + unsigned char *data; + } ASN1_GENERALIZEDTIME; + +#endif + +typedef struct asn1_ctx_st + { + unsigned char *p;/* work char pointer */ + int eos; /* end of sequence read for indefinite encoding */ + int error; /* error code to use when returning an error */ + int inf; /* constructed if 0x20, indefinite is 0x21 */ + int tag; /* tag from last 'get object' */ + int xclass; /* class from last 'get object' */ + long slen; /* length of last 'get object' */ + unsigned char *max; /* largest value of p alowed */ + unsigned char *q;/* temporary variable */ + unsigned char **pp;/* variable */ + } ASN1_CTX; + +/* These are used internally in the ASN1_OBJECT to keep track of + * whether the names and data need to be free()ed */ +#define ASN1_OBJECT_FLAG_DYNAMIC 0x01 /* internal use */ +#define ASN1_OBJECT_FLAG_CRITICAL 0x02 /* critical x509v3 object id */ +#define ASN1_OBJECT_FLAG_DYNAMIC_STRINGS 0x04 /* internal use */ +#define ASN1_OBJECT_FLAG_DYNAMIC_DATA 0x08 /* internal use */ +typedef struct asn1_object_st + { + char *sn,*ln; + int nid; + int length; + unsigned char *data; + int flags; /* Should we free this one */ + } ASN1_OBJECT; + +/* This is the base type that holds just about everything :-) */ +typedef struct asn1_string_st + { + int length; + int type; + unsigned char *data; + } ASN1_STRING; + +typedef struct asn1_type_st + { + int type; + union { + char *ptr; + ASN1_STRING * asn1_string; + ASN1_OBJECT * object; + ASN1_INTEGER * integer; + ASN1_BIT_STRING * bit_string; + ASN1_OCTET_STRING * octet_string; + ASN1_PRINTABLESTRING * printablestring; + ASN1_T61STRING * t61string; + ASN1_IA5STRING * ia5string; + ASN1_GENERALSTRING * generalstring; + ASN1_BMPSTRING * bmpstring; + ASN1_UNIVERSALSTRING * universalstring; + ASN1_UTCTIME * utctime; + ASN1_GENERALIZEDTIME * generalizedtime; + /* set and sequence are left complete and still + * contain the set or sequence bytes */ + ASN1_STRING * set; + ASN1_STRING * sequence; + } value; + } ASN1_TYPE; + +typedef struct asn1_method_st + { + int (*i2d)(); + char *(*d2i)(); + char *(*create)(); + void (*destroy)(); + } ASN1_METHOD; + +/* This is used when parsing some Netscape objects */ +typedef struct asn1_header_st + { + ASN1_OCTET_STRING *header; + char *data; + ASN1_METHOD *meth; + } ASN1_HEADER; + +#define ASN1_STRING_length(x) ((x)->length) +#define ASN1_STRING_type(x) ((x)->type) +#define ASN1_STRING_data(x) ((x)->data) + +/* Macros for string operations */ +#define ASN1_BIT_STRING_new() (ASN1_BIT_STRING *)\ + ASN1_STRING_type_new(V_ASN1_BIT_STRING) +#define ASN1_BIT_STRING_free(a) ASN1_STRING_free((ASN1_STRING *)a) +#define ASN1_BIT_STRING_dup(a) (ASN1_BIT_STRING *)\ + ASN1_STRING_dup((ASN1_STRING *)a) +#define ASN1_BIT_STRING_cmp(a,b) ASN1_STRING_cmp(\ + (ASN1_STRING *)a,(ASN1_STRING *)b) +#define ASN1_BIT_STRING_set(a,b,c) ASN1_STRING_set((ASN1_STRING *)a,b,c) +/* i2d_ASN1_BIT_STRING() is a function */ +/* d2i_ASN1_BIT_STRING() is a function */ + +#define ASN1_INTEGER_new() (ASN1_INTEGER *)\ + ASN1_STRING_type_new(V_ASN1_INTEGER) +#define ASN1_INTEGER_free(a) ASN1_STRING_free((ASN1_STRING *)a) +#define ASN1_INTEGER_dup(a) (ASN1_INTEGER *)ASN1_STRING_dup((ASN1_STRING *)a) +#define ASN1_INTEGER_cmp(a,b) ASN1_STRING_cmp(\ + (ASN1_STRING *)a,(ASN1_STRING *)b) +/* ASN1_INTEGER_set() is a function, also see BN_to_ASN1_INTEGER() */ +/* ASN1_INTEGER_get() is a function, also see ASN1_INTEGER_to_BN() */ +/* i2d_ASN1_INTEGER() is a function */ +/* d2i_ASN1_INTEGER() is a function */ + +#define ASN1_OCTET_STRING_new() (ASN1_OCTET_STRING *)\ + ASN1_STRING_type_new(V_ASN1_OCTET_STRING) +#define ASN1_OCTET_STRING_free(a) ASN1_STRING_free((ASN1_STRING *)a) +#define ASN1_OCTET_STRING_dup(a) (ASN1_OCTET_STRING *)\ + ASN1_STRING_dup((ASN1_STRING *)a) +#define ASN1_OCTET_STRING_cmp(a,b) ASN1_STRING_cmp(\ + (ASN1_STRING *)a,(ASN1_STRING *)b) +#define ASN1_OCTET_STRING_set(a,b,c) ASN1_STRING_set((ASN1_STRING *)a,b,c) +#define ASN1_OCTET_STRING_print(a,b) ASN1_STRING_print(a,(ASN1_STRING *)b) +#define M_i2d_ASN1_OCTET_STRING(a,pp) \ + i2d_ASN1_bytes((ASN1_STRING *)a,pp,V_ASN1_OCTET_STRING,\ + V_ASN1_OCTET_STRING) +/* d2i_ASN1_OCTET_STRING() is a function */ + +#define ASN1_PRINTABLE_new() ASN1_STRING_type_new(V_ASN1_T61STRING) +#define ASN1_PRINTABLE_free(a) ASN1_STRING_free((ASN1_STRING *)a) +#define M_i2d_ASN1_PRINTABLE(a,pp) i2d_ASN1_bytes((ASN1_STRING *)a,\ + pp,a->type,V_ASN1_UNIVERSAL) +#define M_d2i_ASN1_PRINTABLE(a,pp,l) \ + d2i_ASN1_type_bytes((ASN1_STRING **)a,pp,l, \ + B_ASN1_PRINTABLESTRING| \ + B_ASN1_T61STRING| \ + B_ASN1_IA5STRING| \ + B_ASN1_BIT_STRING| \ + B_ASN1_UNIVERSALSTRING|\ + B_ASN1_BMPSTRING|\ + B_ASN1_UNKNOWN) + +#define ASN1_PRINTABLESTRING_new() (ASN1_PRINTABLESTRING_STRING *)\ + ASN1_STRING_type_new(V_ASN1_PRINTABLESTRING) +#define ASN1_PRINTABLESTRING_free(a) ASN1_STRING_free((ASN1_STRING *)a) +#define M_i2d_ASN1_PRINTABLESTRING(a,pp) \ + i2d_ASN1_bytes((ASN1_STRING *)a,pp,V_ASN1_PRINTABLESTRING,\ + V_ASN1_UNIVERSAL) +#define M_d2i_ASN1_PRINTABLESTRING(a,pp,l) \ + (ASN1_PRINTABLESTRING *)d2i_ASN1_type_bytes\ + ((ASN1_STRING **)a,pp,l,B_ASN1_PRINTABLESTRING) + +#define ASN1_T61STRING_new() (ASN1_T61STRING_STRING *)\ + ASN1_STRING_type_new(V_ASN1_T61STRING) +#define ASN1_T61STRING_free(a) ASN1_STRING_free((ASN1_STRING *)a) +#define M_i2d_ASN1_T61STRING(a,pp) \ + i2d_ASN1_bytes((ASN1_STRING *)a,pp,V_ASN1_T61STRING,\ + V_ASN1_UNIVERSAL) +#define M_d2i_ASN1_T61STRING(a,pp,l) \ + (ASN1_T61STRING *)d2i_ASN1_type_bytes\ + ((ASN1_STRING **)a,pp,l,B_ASN1_T61STRING) + +#define ASN1_IA5STRING_new() (ASN1_IA5STRING *)\ + ASN1_STRING_type_new(V_ASN1_IA5STRING) +#define ASN1_IA5STRING_free(a) ASN1_STRING_free((ASN1_STRING *)a) +#define M_i2d_ASN1_IA5STRING(a,pp) \ + i2d_ASN1_bytes((ASN1_STRING *)a,pp,V_ASN1_IA5STRING,\ + V_ASN1_UNIVERSAL) +#define M_d2i_ASN1_IA5STRING(a,pp,l) \ + (ASN1_IA5STRING *)d2i_ASN1_type_bytes((ASN1_STRING **)a,pp,l,\ + B_ASN1_IA5STRING) + +#define ASN1_UTCTIME_new() (ASN1_UTCTIME *)\ + ASN1_STRING_type_new(V_ASN1_UTCTIME) +#define ASN1_UTCTIME_free(a) ASN1_STRING_free((ASN1_STRING *)a) +#define ASN1_UTCTIME_dup(a) (ASN1_UTCTIME *)ASN1_STRING_dup((ASN1_STRING *)a) +/* i2d_ASN1_UTCTIME() is a function */ +/* d2i_ASN1_UTCTIME() is a function */ +/* ASN1_UTCTIME_set() is a function */ +/* ASN1_UTCTIME_check() is a function */ + +#define ASN1_GENERALIZEDTIME_new() (ASN1_GENERALIZEDTIME *)\ + ASN1_STRING_type_new(V_ASN1_GENERALIZEDTIME) +#define ASN1_GENERALIZEDTIME_free(a) ASN1_STRING_free((ASN1_STRING *)a) +#define ASN1_GENERALIZEDTIME_dup(a) (ASN1_UTCTIME *)ASN1_STRING_dup(\ + (ASN1_STRING *)a) +/* DOES NOT EXIST YET i2d_ASN1_GENERALIZEDTIME() is a function */ +/* DOES NOT EXIST YET d2i_ASN1_GENERALIZEDTIME() is a function */ +/* DOES NOT EXIST YET ASN1_GENERALIZEDTIME_set() is a function */ +/* DOES NOT EXIST YET ASN1_GENERALIZEDTIME_check() is a function */ + +#define ASN1_GENERALSTRING_new() (ASN1_GENERALSTRING *)\ + ASN1_STRING_type_new(V_ASN1_GENERALSTRING) +#define ASN1_GENERALSTRING_free(a) ASN1_STRING_free((ASN1_STRING *)a) +#define M_i2d_ASN1_GENERALSTRING(a,pp) \ + i2d_ASN1_bytes((ASN1_STRING *)a,pp,V_ASN1_GENERALSTRING,\ + V_ASN1_UNIVERSAL) +#define M_d2i_ASN1_GENERALSTRING(a,pp,l) \ + (ASN1_GENERALSTRING *)d2i_ASN1_type_bytes\ + ((ASN1_STRING **)a,pp,l,B_ASN1_GENERALSTRING) + +#define ASN1_UNIVERSALSTRING_new() (ASN1_UNIVERSALSTRING *)\ + ASN1_STRING_type_new(V_ASN1_UNIVERSALSTRING) +#define ASN1_UNIVERSALSTRING_free(a) ASN1_STRING_free((ASN1_STRING *)a) +#define M_i2d_ASN1_UNIVERSALSTRING(a,pp) \ + i2d_ASN1_bytes((ASN1_STRING *)a,pp,V_ASN1_UNIVERSALSTRING,\ + V_ASN1_UNIVERSAL) +#define M_d2i_ASN1_UNIVERSALSTRING(a,pp,l) \ + (ASN1_UNIVERSALSTRING *)d2i_ASN1_type_bytes\ + ((ASN1_STRING **)a,pp,l,B_ASN1_UNIVERSALSTRING) + +#define ASN1_BMPSTRING_new() (ASN1_BMPSTRING *)\ + ASN1_STRING_type_new(V_ASN1_BMPSTRING) +#define ASN1_BMPSTRING_free(a) ASN1_STRING_free((ASN1_STRING *)a) +#define M_i2d_ASN1_BMPSTRING(a,pp) \ + i2d_ASN1_bytes((ASN1_STRING *)a,pp,V_ASN1_BMPSTRING,\ + V_ASN1_UNIVERSAL) +#define M_d2i_ASN1_BMPSTRING(a,pp,l) \ + (ASN1_BMPSTRING *)d2i_ASN1_type_bytes\ + ((ASN1_STRING **)a,pp,l,B_ASN1_BMPSTRING) + +#ifndef NOPROTO +ASN1_TYPE * ASN1_TYPE_new(void ); +void ASN1_TYPE_free(ASN1_TYPE *a); +int i2d_ASN1_TYPE(ASN1_TYPE *a,unsigned char **pp); +ASN1_TYPE * d2i_ASN1_TYPE(ASN1_TYPE **a,unsigned char **pp,long length); +int ASN1_TYPE_get(ASN1_TYPE *a); +void ASN1_TYPE_set(ASN1_TYPE *a, int type, char *value); + +ASN1_OBJECT * ASN1_OBJECT_new(void ); +void ASN1_OBJECT_free(ASN1_OBJECT *a); +int i2d_ASN1_OBJECT(ASN1_OBJECT *a,unsigned char **pp); +ASN1_OBJECT * d2i_ASN1_OBJECT(ASN1_OBJECT **a,unsigned char **pp, + long length); + +ASN1_STRING * ASN1_STRING_new(void ); +void ASN1_STRING_free(ASN1_STRING *a); +ASN1_STRING * ASN1_STRING_dup(ASN1_STRING *a); +ASN1_STRING * ASN1_STRING_type_new(int type ); +int ASN1_STRING_cmp(ASN1_STRING *a, ASN1_STRING *b); +int ASN1_STRING_set(ASN1_STRING *str,unsigned char *data, int len); + +int i2d_ASN1_BIT_STRING(ASN1_BIT_STRING *a,unsigned char **pp); +ASN1_BIT_STRING *d2i_ASN1_BIT_STRING(ASN1_BIT_STRING **a,unsigned char **pp, + long length); +int ASN1_BIT_STRING_set_bit(ASN1_BIT_STRING *a, int n, int value); +int ASN1_BIT_STRING_get_bit(ASN1_BIT_STRING *a, int n); + + +int i2d_ASN1_BOOLEAN(int a,unsigned char **pp); +int d2i_ASN1_BOOLEAN(int *a,unsigned char **pp,long length); + +int i2d_ASN1_INTEGER(ASN1_INTEGER *a,unsigned char **pp); +ASN1_INTEGER *d2i_ASN1_INTEGER(ASN1_INTEGER **a,unsigned char **pp, + long length); + +int ASN1_UTCTIME_check(ASN1_UTCTIME *a); +ASN1_UTCTIME *ASN1_UTCTIME_set(ASN1_UTCTIME *s,time_t t); +int ASN1_UTCTIME_set_string(ASN1_UTCTIME *s, char *str); + +int i2d_ASN1_OCTET_STRING(ASN1_OCTET_STRING *a,unsigned char **pp); +ASN1_OCTET_STRING *d2i_ASN1_OCTET_STRING(ASN1_OCTET_STRING **a, + unsigned char **pp,long length); + +int i2d_ASN1_PRINTABLE(ASN1_STRING *a,unsigned char **pp); +ASN1_STRING *d2i_ASN1_PRINTABLE(ASN1_STRING **a, + unsigned char **pp, long l); +ASN1_PRINTABLESTRING *d2i_ASN1_PRINTABLESTRING(ASN1_PRINTABLESTRING **a, + unsigned char **pp, long l); + +ASN1_T61STRING *d2i_ASN1_T61STRING(ASN1_T61STRING **a, + unsigned char **pp, long l); +int i2d_ASN1_IA5STRING(ASN1_IA5STRING *a,unsigned char **pp); +ASN1_IA5STRING *d2i_ASN1_IA5STRING(ASN1_IA5STRING **a, + unsigned char **pp, long l); + +int i2d_ASN1_UTCTIME(ASN1_UTCTIME *a,unsigned char **pp); +ASN1_UTCTIME * d2i_ASN1_UTCTIME(ASN1_UTCTIME **a,unsigned char **pp, + long length); + +int i2d_ASN1_SET(STACK *a, unsigned char **pp, + int (*func)(), int ex_tag, int ex_class); +STACK * d2i_ASN1_SET(STACK **a, unsigned char **pp, long length, + char *(*func)(), int ex_tag, int ex_class); + +#ifdef HEADER_BIO_H +int i2a_ASN1_INTEGER(BIO *bp, ASN1_INTEGER *a); +int a2i_ASN1_INTEGER(BIO *bp,ASN1_INTEGER *bs,char *buf,int size); +int i2a_ASN1_OBJECT(BIO *bp,ASN1_OBJECT *a); +int a2i_ASN1_STRING(BIO *bp,ASN1_STRING *bs,char *buf,int size); +int i2a_ASN1_STRING(BIO *bp, ASN1_STRING *a, int type); +#endif +int i2t_ASN1_OBJECT(char *buf,int buf_len,ASN1_OBJECT *a); + +int a2d_ASN1_OBJECT(unsigned char *out,int olen, char *buf, int num); +ASN1_OBJECT *ASN1_OBJECT_create(int nid, unsigned char *data,int len, + char *sn, char *ln); + +int ASN1_INTEGER_set(ASN1_INTEGER *a, long v); +long ASN1_INTEGER_get(ASN1_INTEGER *a); +ASN1_INTEGER *BN_to_ASN1_INTEGER(BIGNUM *bn, ASN1_INTEGER *ai); +BIGNUM *ASN1_INTEGER_to_BN(ASN1_INTEGER *ai,BIGNUM *bn); + +/* General */ +/* given a string, return the correct type, max is the maximum length */ +int ASN1_PRINTABLE_type(unsigned char *s, int max); + +int i2d_ASN1_bytes(ASN1_STRING *a, unsigned char **pp, int tag, int xclass); +ASN1_STRING *d2i_ASN1_bytes(ASN1_STRING **a, unsigned char **pp, + long length, int Ptag, int Pclass); +/* type is one or more of the B_ASN1_ values. */ +ASN1_STRING *d2i_ASN1_type_bytes(ASN1_STRING **a,unsigned char **pp, + long length,int type); + +/* PARSING */ +int asn1_Finish(ASN1_CTX *c); + +/* SPECIALS */ +int ASN1_get_object(unsigned char **pp, long *plength, int *ptag, + int *pclass, long omax); +int ASN1_check_infinite_end(unsigned char **p,long len); +void ASN1_put_object(unsigned char **pp, int constructed, int length, + int tag, int xclass); +int ASN1_object_size(int constructed, int length, int tag); + +/* Used to implement other functions */ +char *ASN1_dup(int (*i2d)(),char *(*d2i)(),char *x); + +#ifndef NO_FP_API +char *ASN1_d2i_fp(char *(*xnew)(),char *(*d2i)(),FILE *fp,unsigned char **x); +int ASN1_i2d_fp(int (*i2d)(),FILE *out,unsigned char *x); +#endif + +#ifdef HEADER_BIO_H +char *ASN1_d2i_bio(char *(*xnew)(),char *(*d2i)(),BIO *bp,unsigned char **x); +int ASN1_i2d_bio(int (*i2d)(),BIO *out,unsigned char *x); +int ASN1_UTCTIME_print(BIO *fp,ASN1_UTCTIME *a); +int ASN1_STRING_print(BIO *bp,ASN1_STRING *v); +int ASN1_parse(BIO *bp,unsigned char *pp,long len,int indent); +#endif + +/* Used to load and write netscape format cert/key */ +int i2d_ASN1_HEADER(ASN1_HEADER *a,unsigned char **pp); +ASN1_HEADER *d2i_ASN1_HEADER(ASN1_HEADER **a,unsigned char **pp, long length); +ASN1_HEADER *ASN1_HEADER_new(void ); +void ASN1_HEADER_free(ASN1_HEADER *a); + +int ASN1_UNIVERSALSTRING_to_string(ASN1_UNIVERSALSTRING *s); + +void ERR_load_ASN1_strings(void); + +/* Not used that much at this point, except for the first two */ +ASN1_METHOD *X509_asn1_meth(void); +ASN1_METHOD *RSAPrivateKey_asn1_meth(void); +ASN1_METHOD *ASN1_IA5STRING_asn1_meth(void); +ASN1_METHOD *ASN1_BIT_STRING_asn1_meth(void); + +int ASN1_TYPE_set_octetstring(ASN1_TYPE *a, + unsigned char *data, int len); +int ASN1_TYPE_get_octetstring(ASN1_TYPE *a, + unsigned char *data, int max_len); +int ASN1_TYPE_set_int_octetstring(ASN1_TYPE *a, long num, + unsigned char *data, int len); +int ASN1_TYPE_get_int_octetstring(ASN1_TYPE *a,long *num, + unsigned char *data, int max_len); + +#else + +ASN1_TYPE * ASN1_TYPE_new(); +void ASN1_TYPE_free(); +int i2d_ASN1_TYPE(); +ASN1_TYPE * d2i_ASN1_TYPE(); +int ASN1_TYPE_get(); +void ASN1_TYPE_set(); + +ASN1_OBJECT * ASN1_OBJECT_new(); +void ASN1_OBJECT_free(); +int i2d_ASN1_OBJECT(); +ASN1_OBJECT * d2i_ASN1_OBJECT(); +ASN1_STRING * ASN1_STRING_new(); +void ASN1_STRING_free(); +ASN1_STRING * ASN1_STRING_dup(); +ASN1_STRING * ASN1_STRING_type_new(); +int ASN1_STRING_cmp(); +int ASN1_STRING_set(); +int i2d_ASN1_BIT_STRING(); +ASN1_BIT_STRING *d2i_ASN1_BIT_STRING(); +int ASN1_BIT_STRING_set_bit(); +int ASN1_BIT_STRING_get_bit(); +int i2d_ASN1_BOOLEAN(); +int d2i_ASN1_BOOLEAN(); +int i2d_ASN1_INTEGER(); +ASN1_INTEGER *d2i_ASN1_INTEGER(); +int ASN1_UTCTIME_check(); +ASN1_UTCTIME *ASN1_UTCTIME_set(); +int ASN1_UTCTIME_set_string(); +int i2d_ASN1_OCTET_STRING(); +ASN1_OCTET_STRING *d2i_ASN1_OCTET_STRING(); +int i2d_ASN1_PRINTABLE(); +ASN1_STRING *d2i_ASN1_PRINTABLE(); +ASN1_PRINTABLESTRING *d2i_ASN1_PRINTABLESTRING(); +ASN1_T61STRING *d2i_ASN1_T61STRING(); +int i2d_ASN1_IA5STRING(); +ASN1_IA5STRING *d2i_ASN1_IA5STRING(); +int i2d_ASN1_UTCTIME(); +ASN1_UTCTIME * d2i_ASN1_UTCTIME(); +int i2d_ASN1_SET(); +STACK * d2i_ASN1_SET(); +int a2d_ASN1_OBJECT(); +ASN1_OBJECT *ASN1_OBJECT_create(); +int ASN1_INTEGER_set(); +long ASN1_INTEGER_get(); +ASN1_INTEGER *BN_to_ASN1_INTEGER(); +BIGNUM *ASN1_INTEGER_to_BN(); +int ASN1_PRINTABLE_type(); +int i2d_ASN1_bytes(); +ASN1_STRING *d2i_ASN1_bytes(); +ASN1_STRING *d2i_ASN1_type_bytes(); +int asn1_Finish(); +int ASN1_get_object(); +int ASN1_check_infinite_end(); +void ASN1_put_object(); +int ASN1_object_size(); +char *ASN1_dup(); +#ifndef NO_FP_API +char *ASN1_d2i_fp(); +int ASN1_i2d_fp(); +#endif + +char *ASN1_d2i_bio(); +int ASN1_i2d_bio(); +int ASN1_UTCTIME_print(); +int ASN1_STRING_print(); +int ASN1_parse(); +int i2a_ASN1_INTEGER(); +int a2i_ASN1_INTEGER(); +int i2a_ASN1_OBJECT(); +int i2t_ASN1_OBJECT(); +int a2i_ASN1_STRING(); +int i2a_ASN1_STRING(); + +int i2d_ASN1_HEADER(); +ASN1_HEADER *d2i_ASN1_HEADER(); +ASN1_HEADER *ASN1_HEADER_new(); +void ASN1_HEADER_free(); +void ERR_load_ASN1_strings(); +ASN1_METHOD *X509_asn1_meth(); +ASN1_METHOD *RSAPrivateKey_asn1_meth(); +ASN1_METHOD *ASN1_IA5STRING_asn1_meth(); +ASN1_METHOD *ASN1_BIT_STRING_asn1_meth(); + +int ASN1_UNIVERSALSTRING_to_string(); + +int ASN1_TYPE_set_octetstring(); +int ASN1_TYPE_get_octetstring(); +int ASN1_TYPE_set_int_octetstring(); +int ASN1_TYPE_get_int_octetstring(); + +#endif + +/* BEGIN ERROR CODES */ +/* Error codes for the ASN1 functions. */ + +/* Function codes. */ +#define ASN1_F_A2D_ASN1_OBJECT 100 +#define ASN1_F_A2I_ASN1_INTEGER 101 +#define ASN1_F_A2I_ASN1_STRING 102 +#define ASN1_F_ASN1_COLLATE_PRIMATIVE 103 +#define ASN1_F_ASN1_D2I_BIO 104 +#define ASN1_F_ASN1_D2I_FP 105 +#define ASN1_F_ASN1_DUP 106 +#define ASN1_F_ASN1_GET_OBJECT 107 +#define ASN1_F_ASN1_HEADER_NEW 108 +#define ASN1_F_ASN1_I2D_BIO 109 +#define ASN1_F_ASN1_I2D_FP 110 +#define ASN1_F_ASN1_INTEGER_SET 111 +#define ASN1_F_ASN1_INTEGER_TO_BN 112 +#define ASN1_F_ASN1_OBJECT_NEW 113 +#define ASN1_F_ASN1_SIGN 114 +#define ASN1_F_ASN1_STRING_NEW 115 +#define ASN1_F_ASN1_STRING_TYPE_NEW 116 +#define ASN1_F_ASN1_TYPE_GET_INT_OCTETSTRING 117 +#define ASN1_F_ASN1_TYPE_GET_OCTETSTRING 118 +#define ASN1_F_ASN1_TYPE_NEW 119 +#define ASN1_F_ASN1_UTCTIME_NEW 120 +#define ASN1_F_ASN1_VERIFY 121 +#define ASN1_F_BN_TO_ASN1_INTEGER 122 +#define ASN1_F_D2I_ASN1_BIT_STRING 123 +#define ASN1_F_D2I_ASN1_BMPSTRING 124 +#define ASN1_F_D2I_ASN1_BOOLEAN 125 +#define ASN1_F_D2I_ASN1_BYTES 126 +#define ASN1_F_D2I_ASN1_HEADER 127 +#define ASN1_F_D2I_ASN1_INTEGER 128 +#define ASN1_F_D2I_ASN1_OBJECT 129 +#define ASN1_F_D2I_ASN1_OCTET_STRING 130 +#define ASN1_F_D2I_ASN1_PRINT_TYPE 131 +#define ASN1_F_D2I_ASN1_SET 132 +#define ASN1_F_D2I_ASN1_TYPE 133 +#define ASN1_F_D2I_ASN1_TYPE_BYTES 134 +#define ASN1_F_D2I_ASN1_UTCTIME 135 +#define ASN1_F_D2I_DHPARAMS 136 +#define ASN1_F_D2I_DSAPARAMS 137 +#define ASN1_F_D2I_DSAPRIVATEKEY 138 +#define ASN1_F_D2I_DSAPUBLICKEY 139 +#define ASN1_F_D2I_NETSCAPE_PKEY 140 +#define ASN1_F_D2I_NETSCAPE_RSA 141 +#define ASN1_F_D2I_NETSCAPE_RSA_2 142 +#define ASN1_F_D2I_NETSCAPE_SPKAC 143 +#define ASN1_F_D2I_NETSCAPE_SPKI 144 +#define ASN1_F_D2I_PKCS7 145 +#define ASN1_F_D2I_PKCS7_DIGEST 146 +#define ASN1_F_D2I_PKCS7_ENCRYPT 147 +#define ASN1_F_D2I_PKCS7_ENC_CONTENT 148 +#define ASN1_F_D2I_PKCS7_ENVELOPE 149 +#define ASN1_F_D2I_PKCS7_ISSUER_AND_SERIAL 150 +#define ASN1_F_D2I_PKCS7_RECIP_INFO 151 +#define ASN1_F_D2I_PKCS7_SIGNED 152 +#define ASN1_F_D2I_PKCS7_SIGNER_INFO 153 +#define ASN1_F_D2I_PKCS7_SIGN_ENVELOPE 154 +#define ASN1_F_D2I_PRIVATEKEY 155 +#define ASN1_F_D2I_PUBLICKEY 156 +#define ASN1_F_D2I_RSAPRIVATEKEY 157 +#define ASN1_F_D2I_RSAPUBLICKEY 158 +#define ASN1_F_D2I_X509 159 +#define ASN1_F_D2I_X509_ALGOR 160 +#define ASN1_F_D2I_X509_ATTRIBUTE 161 +#define ASN1_F_D2I_X509_CINF 162 +#define ASN1_F_D2I_X509_CRL 163 +#define ASN1_F_D2I_X509_CRL_INFO 164 +#define ASN1_F_D2I_X509_EXTENSION 165 +#define ASN1_F_D2I_X509_KEY 166 +#define ASN1_F_D2I_X509_NAME 167 +#define ASN1_F_D2I_X509_NAME_ENTRY 168 +#define ASN1_F_D2I_X509_PKEY 169 +#define ASN1_F_D2I_X509_PUBKEY 170 +#define ASN1_F_D2I_X509_REQ 171 +#define ASN1_F_D2I_X509_REQ_INFO 172 +#define ASN1_F_D2I_X509_REVOKED 173 +#define ASN1_F_D2I_X509_SIG 174 +#define ASN1_F_D2I_X509_VAL 175 +#define ASN1_F_I2D_ASN1_HEADER 176 +#define ASN1_F_I2D_DHPARAMS 177 +#define ASN1_F_I2D_DSAPARAMS 178 +#define ASN1_F_I2D_DSAPRIVATEKEY 179 +#define ASN1_F_I2D_DSAPUBLICKEY 180 +#define ASN1_F_I2D_NETSCAPE_RSA 181 +#define ASN1_F_I2D_PKCS7 182 +#define ASN1_F_I2D_PRIVATEKEY 183 +#define ASN1_F_I2D_PUBLICKEY 184 +#define ASN1_F_I2D_RSAPRIVATEKEY 185 +#define ASN1_F_I2D_RSAPUBLICKEY 186 +#define ASN1_F_I2D_X509_ATTRIBUTE 187 +#define ASN1_F_I2T_ASN1_OBJECT 188 +#define ASN1_F_NETSCAPE_PKEY_NEW 189 +#define ASN1_F_NETSCAPE_SPKAC_NEW 190 +#define ASN1_F_NETSCAPE_SPKI_NEW 191 +#define ASN1_F_PKCS7_DIGEST_NEW 192 +#define ASN1_F_PKCS7_ENCRYPT_NEW 193 +#define ASN1_F_PKCS7_ENC_CONTENT_NEW 194 +#define ASN1_F_PKCS7_ENVELOPE_NEW 195 +#define ASN1_F_PKCS7_ISSUER_AND_SERIAL_NEW 196 +#define ASN1_F_PKCS7_NEW 197 +#define ASN1_F_PKCS7_RECIP_INFO_NEW 198 +#define ASN1_F_PKCS7_SIGNED_NEW 199 +#define ASN1_F_PKCS7_SIGNER_INFO_NEW 200 +#define ASN1_F_PKCS7_SIGN_ENVELOPE_NEW 201 +#define ASN1_F_X509_ALGOR_NEW 202 +#define ASN1_F_X509_ATTRIBUTE_NEW 203 +#define ASN1_F_X509_CINF_NEW 204 +#define ASN1_F_X509_CRL_INFO_NEW 205 +#define ASN1_F_X509_CRL_NEW 206 +#define ASN1_F_X509_DHPARAMS_NEW 207 +#define ASN1_F_X509_EXTENSION_NEW 208 +#define ASN1_F_X509_INFO_NEW 209 +#define ASN1_F_X509_KEY_NEW 210 +#define ASN1_F_X509_NAME_ENTRY_NEW 211 +#define ASN1_F_X509_NAME_NEW 212 +#define ASN1_F_X509_NEW 213 +#define ASN1_F_X509_PKEY_NEW 214 +#define ASN1_F_X509_PUBKEY_NEW 215 +#define ASN1_F_X509_REQ_INFO_NEW 216 +#define ASN1_F_X509_REQ_NEW 217 +#define ASN1_F_X509_REVOKED_NEW 218 +#define ASN1_F_X509_SIG_NEW 219 +#define ASN1_F_X509_VAL_FREE 220 +#define ASN1_F_X509_VAL_NEW 221 + +/* Reason codes. */ +#define ASN1_R_BAD_CLASS 100 +#define ASN1_R_BAD_GET_OBJECT 101 +#define ASN1_R_BAD_OBJECT_HEADER 102 +#define ASN1_R_BAD_PASSWORD_READ 103 +#define ASN1_R_BAD_PKCS7_CONTENT 104 +#define ASN1_R_BAD_PKCS7_TYPE 105 +#define ASN1_R_BAD_TAG 106 +#define ASN1_R_BAD_TYPE 107 +#define ASN1_R_BN_LIB 108 +#define ASN1_R_BOOLEAN_IS_WRONG_LENGTH 109 +#define ASN1_R_BUFFER_TOO_SMALL 110 +#define ASN1_R_DATA_IS_WRONG 111 +#define ASN1_R_DECODING_ERROR 112 +#define ASN1_R_ERROR_STACK 113 +#define ASN1_R_EXPECTING_AN_INTEGER 114 +#define ASN1_R_EXPECTING_AN_OBJECT 115 +#define ASN1_R_EXPECTING_AN_OCTET_STRING 116 +#define ASN1_R_EXPECTING_A_BIT_STRING 117 +#define ASN1_R_EXPECTING_A_BOOLEAN 118 +#define ASN1_R_EXPECTING_A_SEQUENCE 119 +#define ASN1_R_EXPECTING_A_UTCTIME 120 +#define ASN1_R_FIRST_NUM_TOO_LARGE 121 +#define ASN1_R_HEADER_TOO_LONG 122 +#define ASN1_R_INVALID_DIGIT 123 +#define ASN1_R_INVALID_SEPARATOR 124 +#define ASN1_R_INVALID_TIME_FORMAT 125 +#define ASN1_R_IV_TOO_LARGE 126 +#define ASN1_R_LENGTH_ERROR 127 +#define ASN1_R_LENGTH_MISMATCH 128 +#define ASN1_R_MISSING_EOS 129 +#define ASN1_R_MISSING_SECOND_NUMBER 130 +#define ASN1_R_NON_HEX_CHARACTERS 131 +#define ASN1_R_NOT_ENOUGH_DATA 132 +#define ASN1_R_ODD_NUMBER_OF_CHARS 133 +#define ASN1_R_PARSING 134 +#define ASN1_R_PRIVATE_KEY_HEADER_MISSING 135 +#define ASN1_R_SECOND_NUMBER_TOO_LARGE 136 +#define ASN1_R_SHORT_LINE 137 +#define ASN1_R_STRING_TOO_SHORT 138 +#define ASN1_R_TAG_VALUE_TOO_HIGH 139 +#define ASN1_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD 140 +#define ASN1_R_TOO_LONG 141 +#define ASN1_R_UNABLE_TO_DECODE_RSA_KEY 142 +#define ASN1_R_UNABLE_TO_DECODE_RSA_PRIVATE_KEY 143 +#define ASN1_R_UNKNOWN_ATTRIBUTE_TYPE 144 +#define ASN1_R_UNKNOWN_MESSAGE_DIGEST_ALGORITHM 145 +#define ASN1_R_UNKNOWN_OBJECT_TYPE 146 +#define ASN1_R_UNKNOWN_PUBLIC_KEY_TYPE 147 +#define ASN1_R_UNSUPPORTED_CIPHER 148 +#define ASN1_R_UNSUPPORTED_ENCRYPTION_ALGORITHM 149 +#define ASN1_R_UNSUPPORTED_PUBLIC_KEY_TYPE 150 +#define ASN1_R_UTCTIME_TOO_LONG 151 +#define ASN1_R_WRONG_PRINTABLE_TYPE 152 +#define ASN1_R_WRONG_TAG 153 +#define ASN1_R_WRONG_TYPE 154 + +#ifdef __cplusplus +} +#endif +#endif + diff --git a/src/lib/libcrypto/asn1/asn1_err.c b/src/lib/libcrypto/asn1/asn1_err.c new file mode 100644 index 0000000000..03c2858e7d --- /dev/null +++ b/src/lib/libcrypto/asn1/asn1_err.c @@ -0,0 +1,266 @@ +/* lib/asn1/asn1_err.c */ +/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ +#include +#include "err.h" +#include "asn1.h" + +/* BEGIN ERROR CODES */ +#ifndef NO_ERR +static ERR_STRING_DATA ASN1_str_functs[]= + { +{ERR_PACK(0,ASN1_F_A2D_ASN1_OBJECT,0), "a2d_ASN1_OBJECT"}, +{ERR_PACK(0,ASN1_F_A2I_ASN1_INTEGER,0), "a2i_ASN1_INTEGER"}, +{ERR_PACK(0,ASN1_F_A2I_ASN1_STRING,0), "a2i_ASN1_STRING"}, +{ERR_PACK(0,ASN1_F_ASN1_COLLATE_PRIMATIVE,0), "ASN1_COLLATE_PRIMATIVE"}, +{ERR_PACK(0,ASN1_F_ASN1_D2I_BIO,0), "ASN1_d2i_bio"}, +{ERR_PACK(0,ASN1_F_ASN1_D2I_FP,0), "ASN1_d2i_fp"}, +{ERR_PACK(0,ASN1_F_ASN1_DUP,0), "ASN1_dup"}, +{ERR_PACK(0,ASN1_F_ASN1_GET_OBJECT,0), "ASN1_get_object"}, +{ERR_PACK(0,ASN1_F_ASN1_HEADER_NEW,0), "ASN1_HEADER_new"}, +{ERR_PACK(0,ASN1_F_ASN1_I2D_BIO,0), "ASN1_i2d_bio"}, +{ERR_PACK(0,ASN1_F_ASN1_I2D_FP,0), "ASN1_i2d_fp"}, +{ERR_PACK(0,ASN1_F_ASN1_INTEGER_SET,0), "ASN1_INTEGER_set"}, +{ERR_PACK(0,ASN1_F_ASN1_INTEGER_TO_BN,0), "ASN1_INTEGER_to_BN"}, +{ERR_PACK(0,ASN1_F_ASN1_OBJECT_NEW,0), "ASN1_OBJECT_new"}, +{ERR_PACK(0,ASN1_F_ASN1_SIGN,0), "ASN1_SIGN"}, +{ERR_PACK(0,ASN1_F_ASN1_STRING_NEW,0), "ASN1_STRING_new"}, +{ERR_PACK(0,ASN1_F_ASN1_STRING_TYPE_NEW,0), "ASN1_STRING_type_new"}, +{ERR_PACK(0,ASN1_F_ASN1_TYPE_GET_INT_OCTETSTRING,0), "ASN1_TYPE_get_int_octetstring"}, +{ERR_PACK(0,ASN1_F_ASN1_TYPE_GET_OCTETSTRING,0), "ASN1_TYPE_get_octetstring"}, +{ERR_PACK(0,ASN1_F_ASN1_TYPE_NEW,0), "ASN1_TYPE_new"}, +{ERR_PACK(0,ASN1_F_ASN1_UTCTIME_NEW,0), "ASN1_UTCTIME_NEW"}, +{ERR_PACK(0,ASN1_F_ASN1_VERIFY,0), "ASN1_VERIFY"}, +{ERR_PACK(0,ASN1_F_BN_TO_ASN1_INTEGER,0), "BN_to_ASN1_INTEGER"}, +{ERR_PACK(0,ASN1_F_D2I_ASN1_BIT_STRING,0), "d2i_ASN1_BIT_STRING"}, +{ERR_PACK(0,ASN1_F_D2I_ASN1_BMPSTRING,0), "D2I_ASN1_BMPSTRING"}, +{ERR_PACK(0,ASN1_F_D2I_ASN1_BOOLEAN,0), "d2i_ASN1_BOOLEAN"}, +{ERR_PACK(0,ASN1_F_D2I_ASN1_BYTES,0), "d2i_ASN1_bytes"}, +{ERR_PACK(0,ASN1_F_D2I_ASN1_HEADER,0), "d2i_ASN1_HEADER"}, +{ERR_PACK(0,ASN1_F_D2I_ASN1_INTEGER,0), "d2i_ASN1_INTEGER"}, +{ERR_PACK(0,ASN1_F_D2I_ASN1_OBJECT,0), "d2i_ASN1_OBJECT"}, +{ERR_PACK(0,ASN1_F_D2I_ASN1_OCTET_STRING,0), "d2i_ASN1_OCTET_STRING"}, +{ERR_PACK(0,ASN1_F_D2I_ASN1_PRINT_TYPE,0), "D2I_ASN1_PRINT_TYPE"}, +{ERR_PACK(0,ASN1_F_D2I_ASN1_SET,0), "d2i_ASN1_SET"}, +{ERR_PACK(0,ASN1_F_D2I_ASN1_TYPE,0), "d2i_ASN1_TYPE"}, +{ERR_PACK(0,ASN1_F_D2I_ASN1_TYPE_BYTES,0), "d2i_ASN1_type_bytes"}, +{ERR_PACK(0,ASN1_F_D2I_ASN1_UTCTIME,0), "d2i_ASN1_UTCTIME"}, +{ERR_PACK(0,ASN1_F_D2I_DHPARAMS,0), "D2I_DHPARAMS"}, +{ERR_PACK(0,ASN1_F_D2I_DSAPARAMS,0), "D2I_DSAPARAMS"}, +{ERR_PACK(0,ASN1_F_D2I_DSAPRIVATEKEY,0), "D2I_DSAPRIVATEKEY"}, +{ERR_PACK(0,ASN1_F_D2I_DSAPUBLICKEY,0), "D2I_DSAPUBLICKEY"}, +{ERR_PACK(0,ASN1_F_D2I_NETSCAPE_PKEY,0), "D2I_NETSCAPE_PKEY"}, +{ERR_PACK(0,ASN1_F_D2I_NETSCAPE_RSA,0), "D2I_NETSCAPE_RSA"}, +{ERR_PACK(0,ASN1_F_D2I_NETSCAPE_RSA_2,0), "D2I_NETSCAPE_RSA_2"}, +{ERR_PACK(0,ASN1_F_D2I_NETSCAPE_SPKAC,0), "D2I_NETSCAPE_SPKAC"}, +{ERR_PACK(0,ASN1_F_D2I_NETSCAPE_SPKI,0), "D2I_NETSCAPE_SPKI"}, +{ERR_PACK(0,ASN1_F_D2I_PKCS7,0), "D2I_PKCS7"}, +{ERR_PACK(0,ASN1_F_D2I_PKCS7_DIGEST,0), "D2I_PKCS7_DIGEST"}, +{ERR_PACK(0,ASN1_F_D2I_PKCS7_ENCRYPT,0), "D2I_PKCS7_ENCRYPT"}, +{ERR_PACK(0,ASN1_F_D2I_PKCS7_ENC_CONTENT,0), "D2I_PKCS7_ENC_CONTENT"}, +{ERR_PACK(0,ASN1_F_D2I_PKCS7_ENVELOPE,0), "D2I_PKCS7_ENVELOPE"}, +{ERR_PACK(0,ASN1_F_D2I_PKCS7_ISSUER_AND_SERIAL,0), "D2I_PKCS7_ISSUER_AND_SERIAL"}, +{ERR_PACK(0,ASN1_F_D2I_PKCS7_RECIP_INFO,0), "D2I_PKCS7_RECIP_INFO"}, +{ERR_PACK(0,ASN1_F_D2I_PKCS7_SIGNED,0), "D2I_PKCS7_SIGNED"}, +{ERR_PACK(0,ASN1_F_D2I_PKCS7_SIGNER_INFO,0), "D2I_PKCS7_SIGNER_INFO"}, +{ERR_PACK(0,ASN1_F_D2I_PKCS7_SIGN_ENVELOPE,0), "D2I_PKCS7_SIGN_ENVELOPE"}, +{ERR_PACK(0,ASN1_F_D2I_PRIVATEKEY,0), "D2I_PRIVATEKEY"}, +{ERR_PACK(0,ASN1_F_D2I_PUBLICKEY,0), "D2I_PUBLICKEY"}, +{ERR_PACK(0,ASN1_F_D2I_RSAPRIVATEKEY,0), "D2I_RSAPRIVATEKEY"}, +{ERR_PACK(0,ASN1_F_D2I_RSAPUBLICKEY,0), "D2I_RSAPUBLICKEY"}, +{ERR_PACK(0,ASN1_F_D2I_X509,0), "D2I_X509"}, +{ERR_PACK(0,ASN1_F_D2I_X509_ALGOR,0), "D2I_X509_ALGOR"}, +{ERR_PACK(0,ASN1_F_D2I_X509_ATTRIBUTE,0), "D2I_X509_ATTRIBUTE"}, +{ERR_PACK(0,ASN1_F_D2I_X509_CINF,0), "D2I_X509_CINF"}, +{ERR_PACK(0,ASN1_F_D2I_X509_CRL,0), "D2I_X509_CRL"}, +{ERR_PACK(0,ASN1_F_D2I_X509_CRL_INFO,0), "D2I_X509_CRL_INFO"}, +{ERR_PACK(0,ASN1_F_D2I_X509_EXTENSION,0), "D2I_X509_EXTENSION"}, +{ERR_PACK(0,ASN1_F_D2I_X509_KEY,0), "D2I_X509_KEY"}, +{ERR_PACK(0,ASN1_F_D2I_X509_NAME,0), "D2I_X509_NAME"}, +{ERR_PACK(0,ASN1_F_D2I_X509_NAME_ENTRY,0), "D2I_X509_NAME_ENTRY"}, +{ERR_PACK(0,ASN1_F_D2I_X509_PKEY,0), "D2I_X509_PKEY"}, +{ERR_PACK(0,ASN1_F_D2I_X509_PUBKEY,0), "D2I_X509_PUBKEY"}, +{ERR_PACK(0,ASN1_F_D2I_X509_REQ,0), "D2I_X509_REQ"}, +{ERR_PACK(0,ASN1_F_D2I_X509_REQ_INFO,0), "D2I_X509_REQ_INFO"}, +{ERR_PACK(0,ASN1_F_D2I_X509_REVOKED,0), "D2I_X509_REVOKED"}, +{ERR_PACK(0,ASN1_F_D2I_X509_SIG,0), "D2I_X509_SIG"}, +{ERR_PACK(0,ASN1_F_D2I_X509_VAL,0), "D2I_X509_VAL"}, +{ERR_PACK(0,ASN1_F_I2D_ASN1_HEADER,0), "i2d_ASN1_HEADER"}, +{ERR_PACK(0,ASN1_F_I2D_DHPARAMS,0), "I2D_DHPARAMS"}, +{ERR_PACK(0,ASN1_F_I2D_DSAPARAMS,0), "I2D_DSAPARAMS"}, +{ERR_PACK(0,ASN1_F_I2D_DSAPRIVATEKEY,0), "I2D_DSAPRIVATEKEY"}, +{ERR_PACK(0,ASN1_F_I2D_DSAPUBLICKEY,0), "I2D_DSAPUBLICKEY"}, +{ERR_PACK(0,ASN1_F_I2D_NETSCAPE_RSA,0), "I2D_NETSCAPE_RSA"}, +{ERR_PACK(0,ASN1_F_I2D_PKCS7,0), "I2D_PKCS7"}, +{ERR_PACK(0,ASN1_F_I2D_PRIVATEKEY,0), "I2D_PRIVATEKEY"}, +{ERR_PACK(0,ASN1_F_I2D_PUBLICKEY,0), "I2D_PUBLICKEY"}, +{ERR_PACK(0,ASN1_F_I2D_RSAPRIVATEKEY,0), "I2D_RSAPRIVATEKEY"}, +{ERR_PACK(0,ASN1_F_I2D_RSAPUBLICKEY,0), "I2D_RSAPUBLICKEY"}, +{ERR_PACK(0,ASN1_F_I2D_X509_ATTRIBUTE,0), "I2D_X509_ATTRIBUTE"}, +{ERR_PACK(0,ASN1_F_I2T_ASN1_OBJECT,0), "i2t_ASN1_OBJECT"}, +{ERR_PACK(0,ASN1_F_NETSCAPE_PKEY_NEW,0), "NETSCAPE_PKEY_NEW"}, +{ERR_PACK(0,ASN1_F_NETSCAPE_SPKAC_NEW,0), "NETSCAPE_SPKAC_NEW"}, +{ERR_PACK(0,ASN1_F_NETSCAPE_SPKI_NEW,0), "NETSCAPE_SPKI_NEW"}, +{ERR_PACK(0,ASN1_F_PKCS7_DIGEST_NEW,0), "PKCS7_DIGEST_NEW"}, +{ERR_PACK(0,ASN1_F_PKCS7_ENCRYPT_NEW,0), "PKCS7_ENCRYPT_NEW"}, +{ERR_PACK(0,ASN1_F_PKCS7_ENC_CONTENT_NEW,0), "PKCS7_ENC_CONTENT_NEW"}, +{ERR_PACK(0,ASN1_F_PKCS7_ENVELOPE_NEW,0), "PKCS7_ENVELOPE_NEW"}, +{ERR_PACK(0,ASN1_F_PKCS7_ISSUER_AND_SERIAL_NEW,0), "PKCS7_ISSUER_AND_SERIAL_NEW"}, +{ERR_PACK(0,ASN1_F_PKCS7_NEW,0), "PKCS7_NEW"}, +{ERR_PACK(0,ASN1_F_PKCS7_RECIP_INFO_NEW,0), "PKCS7_RECIP_INFO_NEW"}, +{ERR_PACK(0,ASN1_F_PKCS7_SIGNED_NEW,0), "PKCS7_SIGNED_NEW"}, +{ERR_PACK(0,ASN1_F_PKCS7_SIGNER_INFO_NEW,0), "PKCS7_SIGNER_INFO_NEW"}, +{ERR_PACK(0,ASN1_F_PKCS7_SIGN_ENVELOPE_NEW,0), "PKCS7_SIGN_ENVELOPE_NEW"}, +{ERR_PACK(0,ASN1_F_X509_ALGOR_NEW,0), "X509_ALGOR_NEW"}, +{ERR_PACK(0,ASN1_F_X509_ATTRIBUTE_NEW,0), "X509_ATTRIBUTE_NEW"}, +{ERR_PACK(0,ASN1_F_X509_CINF_NEW,0), "X509_CINF_NEW"}, +{ERR_PACK(0,ASN1_F_X509_CRL_INFO_NEW,0), "X509_CRL_INFO_NEW"}, +{ERR_PACK(0,ASN1_F_X509_CRL_NEW,0), "X509_CRL_NEW"}, +{ERR_PACK(0,ASN1_F_X509_DHPARAMS_NEW,0), "X509_DHPARAMS_NEW"}, +{ERR_PACK(0,ASN1_F_X509_EXTENSION_NEW,0), "X509_EXTENSION_NEW"}, +{ERR_PACK(0,ASN1_F_X509_INFO_NEW,0), "X509_INFO_NEW"}, +{ERR_PACK(0,ASN1_F_X509_KEY_NEW,0), "X509_KEY_NEW"}, +{ERR_PACK(0,ASN1_F_X509_NAME_ENTRY_NEW,0), "X509_NAME_ENTRY_NEW"}, +{ERR_PACK(0,ASN1_F_X509_NAME_NEW,0), "X509_NAME_NEW"}, +{ERR_PACK(0,ASN1_F_X509_NEW,0), "X509_NEW"}, +{ERR_PACK(0,ASN1_F_X509_PKEY_NEW,0), "X509_PKEY_NEW"}, +{ERR_PACK(0,ASN1_F_X509_PUBKEY_NEW,0), "X509_PUBKEY_NEW"}, +{ERR_PACK(0,ASN1_F_X509_REQ_INFO_NEW,0), "X509_REQ_INFO_NEW"}, +{ERR_PACK(0,ASN1_F_X509_REQ_NEW,0), "X509_REQ_NEW"}, +{ERR_PACK(0,ASN1_F_X509_REVOKED_NEW,0), "X509_REVOKED_NEW"}, +{ERR_PACK(0,ASN1_F_X509_SIG_NEW,0), "X509_SIG_NEW"}, +{ERR_PACK(0,ASN1_F_X509_VAL_FREE,0), "X509_VAL_FREE"}, +{ERR_PACK(0,ASN1_F_X509_VAL_NEW,0), "X509_VAL_NEW"}, +{0,NULL}, + }; + +static ERR_STRING_DATA ASN1_str_reasons[]= + { +{ASN1_R_BAD_CLASS ,"bad class"}, +{ASN1_R_BAD_GET_OBJECT ,"bad get object"}, +{ASN1_R_BAD_OBJECT_HEADER ,"bad object header"}, +{ASN1_R_BAD_PASSWORD_READ ,"bad password read"}, +{ASN1_R_BAD_PKCS7_CONTENT ,"bad pkcs7 content"}, +{ASN1_R_BAD_PKCS7_TYPE ,"bad pkcs7 type"}, +{ASN1_R_BAD_TAG ,"bad tag"}, +{ASN1_R_BAD_TYPE ,"bad type"}, +{ASN1_R_BN_LIB ,"bn lib"}, +{ASN1_R_BOOLEAN_IS_WRONG_LENGTH ,"boolean is wrong length"}, +{ASN1_R_BUFFER_TOO_SMALL ,"buffer too small"}, +{ASN1_R_DATA_IS_WRONG ,"data is wrong"}, +{ASN1_R_DECODING_ERROR ,"decoding error"}, +{ASN1_R_ERROR_STACK ,"error stack"}, +{ASN1_R_EXPECTING_AN_INTEGER ,"expecting an integer"}, +{ASN1_R_EXPECTING_AN_OBJECT ,"expecting an object"}, +{ASN1_R_EXPECTING_AN_OCTET_STRING ,"expecting an octet string"}, +{ASN1_R_EXPECTING_A_BIT_STRING ,"expecting a bit string"}, +{ASN1_R_EXPECTING_A_BOOLEAN ,"expecting a boolean"}, +{ASN1_R_EXPECTING_A_SEQUENCE ,"expecting a sequence"}, +{ASN1_R_EXPECTING_A_UTCTIME ,"expecting a utctime"}, +{ASN1_R_FIRST_NUM_TOO_LARGE ,"first num too large"}, +{ASN1_R_HEADER_TOO_LONG ,"header too long"}, +{ASN1_R_INVALID_DIGIT ,"invalid digit"}, +{ASN1_R_INVALID_SEPARATOR ,"invalid separator"}, +{ASN1_R_INVALID_TIME_FORMAT ,"invalid time format"}, +{ASN1_R_IV_TOO_LARGE ,"iv too large"}, +{ASN1_R_LENGTH_ERROR ,"length error"}, +{ASN1_R_LENGTH_MISMATCH ,"length mismatch"}, +{ASN1_R_MISSING_EOS ,"missing eos"}, +{ASN1_R_MISSING_SECOND_NUMBER ,"missing second number"}, +{ASN1_R_NON_HEX_CHARACTERS ,"non hex characters"}, +{ASN1_R_NOT_ENOUGH_DATA ,"not enough data"}, +{ASN1_R_ODD_NUMBER_OF_CHARS ,"odd number of chars"}, +{ASN1_R_PARSING ,"parsing"}, +{ASN1_R_PRIVATE_KEY_HEADER_MISSING ,"private key header missing"}, +{ASN1_R_SECOND_NUMBER_TOO_LARGE ,"second number too large"}, +{ASN1_R_SHORT_LINE ,"short line"}, +{ASN1_R_STRING_TOO_SHORT ,"string too short"}, +{ASN1_R_TAG_VALUE_TOO_HIGH ,"tag value too high"}, +{ASN1_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD,"the asn1 object identifier is not known for this md"}, +{ASN1_R_TOO_LONG ,"too long"}, +{ASN1_R_UNABLE_TO_DECODE_RSA_KEY ,"unable to decode rsa key"}, +{ASN1_R_UNABLE_TO_DECODE_RSA_PRIVATE_KEY ,"unable to decode rsa private key"}, +{ASN1_R_UNKNOWN_ATTRIBUTE_TYPE ,"unknown attribute type"}, +{ASN1_R_UNKNOWN_MESSAGE_DIGEST_ALGORITHM ,"unknown message digest algorithm"}, +{ASN1_R_UNKNOWN_OBJECT_TYPE ,"unknown object type"}, +{ASN1_R_UNKNOWN_PUBLIC_KEY_TYPE ,"unknown public key type"}, +{ASN1_R_UNSUPPORTED_CIPHER ,"unsupported cipher"}, +{ASN1_R_UNSUPPORTED_ENCRYPTION_ALGORITHM ,"unsupported encryption algorithm"}, +{ASN1_R_UNSUPPORTED_PUBLIC_KEY_TYPE ,"unsupported public key type"}, +{ASN1_R_UTCTIME_TOO_LONG ,"utctime too long"}, +{ASN1_R_WRONG_PRINTABLE_TYPE ,"wrong printable type"}, +{ASN1_R_WRONG_TAG ,"wrong tag"}, +{ASN1_R_WRONG_TYPE ,"wrong type"}, +{0,NULL}, + }; + +#endif + +void ERR_load_ASN1_strings() + { + static int init=1; + + if (init); + {; + init=0; +#ifndef NO_ERR + ERR_load_strings(ERR_LIB_ASN1,ASN1_str_functs); + ERR_load_strings(ERR_LIB_ASN1,ASN1_str_reasons); +#endif + + } + } diff --git a/src/lib/libcrypto/asn1/asn1_lib.c b/src/lib/libcrypto/asn1/asn1_lib.c new file mode 100644 index 0000000000..ff30b25836 --- /dev/null +++ b/src/lib/libcrypto/asn1/asn1_lib.c @@ -0,0 +1,444 @@ +/* crypto/asn1/asn1_lib.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include +#include "cryptlib.h" +#include "asn1.h" +#include "asn1_mac.h" + +#ifndef NOPROTO +static int asn1_get_length(unsigned char **pp,int *inf,long *rl,int max); +static void asn1_put_length(unsigned char **pp, int length); +#else +static int asn1_get_length(); +static void asn1_put_length(); +#endif + +char *ASN1_version="ASN1 part of SSLeay 0.9.0b 29-Jun-1998"; + +int ASN1_check_infinite_end(p,len) +unsigned char **p; +long len; + { + /* If there is 0 or 1 byte left, the length check should pick + * things up */ + if (len <= 0) + return(1); + else if ((len >= 2) && ((*p)[0] == 0) && ((*p)[1] == 0)) + { + (*p)+=2; + return(1); + } + return(0); + } + + +int ASN1_get_object(pp, plength, ptag, pclass, omax) +unsigned char **pp; +long *plength; +int *ptag; +int *pclass; +long omax; + { + int i,ret; + long l; + unsigned char *p= *pp; + int tag,xclass,inf; + long max=omax; + + if (!max) goto err; + ret=(*p&V_ASN1_CONSTRUCTED); + xclass=(*p&V_ASN1_PRIVATE); + i= *p&V_ASN1_PRIMATIVE_TAG; + if (i == V_ASN1_PRIMATIVE_TAG) + { /* high-tag */ + p++; + if (--max == 0) goto err; + l=0; + while (*p&0x80) + { + l<<=7L; + l|= *(p++)&0x7f; + if (--max == 0) goto err; + } + l<<=7L; + l|= *(p++)&0x7f; + tag=(int)l; + } + else + { + tag=i; + p++; + if (--max == 0) goto err; + } + *ptag=tag; + *pclass=xclass; + if (!asn1_get_length(&p,&inf,plength,(int)max)) goto err; + +#ifdef undef + fprintf(stderr,"p=%d + *plength=%d > omax=%d + *pp=%d (%d > %d)\n", + p,*plength,omax,*pp,(p+ *plength),omax+ *pp); + +#endif + if ((p+ *plength) > (omax+ *pp)) + { + ASN1err(ASN1_F_ASN1_GET_OBJECT,ASN1_R_TOO_LONG); + /* Set this so that even if things are not long enough + * the values are set correctly */ + ret|=0x80; + } + *pp=p; + return(ret+inf); +err: + ASN1err(ASN1_F_ASN1_GET_OBJECT,ASN1_R_HEADER_TOO_LONG); + return(0x80); + } + +static int asn1_get_length(pp,inf,rl,max) +unsigned char **pp; +int *inf; +long *rl; +int max; + { + unsigned char *p= *pp; + long ret=0; + int i; + + if (max-- < 1) return(0); + if (*p == 0x80) + { + *inf=1; + ret=0; + p++; + } + else + { + *inf=0; + i= *p&0x7f; + if (*(p++) & 0x80) + { + if (max-- == 0) return(0); + while (i-- > 0) + { + ret<<=8L; + ret|= *(p++); + if (max-- == 0) return(0); + } + } + else + ret=i; + } + *pp=p; + *rl=ret; + return(1); + } + +/* class 0 is constructed + * constructed == 2 for indefinitle length constructed */ +void ASN1_put_object(pp,constructed,length,tag,xclass) +unsigned char **pp; +int constructed; +int length; +int tag; +int xclass; + { + unsigned char *p= *pp; + int i; + + i=(constructed)?V_ASN1_CONSTRUCTED:0; + i|=(xclass&V_ASN1_PRIVATE); + if (tag < 31) + *(p++)=i|(tag&V_ASN1_PRIMATIVE_TAG); + else + { + *(p++)=i|V_ASN1_PRIMATIVE_TAG; + while (tag > 0x7f) + { + *(p++)=(tag&0x7f)|0x80; + tag>>=7; + } + *(p++)=(tag&0x7f); + } + if ((constructed == 2) && (length == 0)) + *(p++)=0x80; /* der_put_length would output 0 instead */ + else + asn1_put_length(&p,length); + *pp=p; + } + +static void asn1_put_length(pp, length) +unsigned char **pp; +int length; + { + unsigned char *p= *pp; + int i,l; + if (length <= 127) + *(p++)=(unsigned char)length; + else + { + l=length; + for (i=0; l > 0; i++) + l>>=8; + *(p++)=i|0x80; + l=i; + while (i-- > 0) + { + p[i]=length&0xff; + length>>=8; + } + p+=l; + } + *pp=p; + } + +int ASN1_object_size(constructed, length, tag) +int constructed; +int length; +int tag; + { + int ret; + + ret=length; + ret++; + if (tag >= 31) + { + while (tag > 0) + { + tag>>=7; + ret++; + } + } + if ((length == 0) && (constructed == 2)) + ret+=2; + ret++; + if (length > 127) + { + while (length > 0) + { + length>>=8; + ret++; + } + } + return(ret); + } + +int asn1_Finish(c) +ASN1_CTX *c; + { + if ((c->inf == (1|V_ASN1_CONSTRUCTED)) && (!c->eos)) + { + if (!ASN1_check_infinite_end(&c->p,c->slen)) + { + c->error=ASN1_R_MISSING_EOS; + return(0); + } + } + if ( ((c->slen != 0) && !(c->inf & 1)) || + ((c->slen < 0) && (c->inf & 1))) + { + c->error=ASN1_R_LENGTH_MISMATCH; + return(0); + } + return(1); + } + +int asn1_GetSequence(c,length) +ASN1_CTX *c; +long *length; + { + unsigned char *q; + + q=c->p; + c->inf=ASN1_get_object(&(c->p),&(c->slen),&(c->tag),&(c->xclass), + *length); + if (c->inf & 0x80) + { + c->error=ASN1_R_BAD_GET_OBJECT; + return(0); + } + if (c->tag != V_ASN1_SEQUENCE) + { + c->error=ASN1_R_EXPECTING_A_SEQUENCE; + return(0); + } + (*length)-=(c->p-q); + if (c->max && (*length < 0)) + { + c->error=ASN1_R_LENGTH_MISMATCH; + return(0); + } + if (c->inf == (1|V_ASN1_CONSTRUCTED)) + c->slen= *length+ *(c->pp)-c->p; + c->eos=0; + return(1); + } + +ASN1_STRING *ASN1_STRING_dup(str) +ASN1_STRING *str; + { + ASN1_STRING *ret; + + if (str == NULL) return(NULL); + if ((ret=ASN1_STRING_type_new(str->type)) == NULL) + return(NULL); + if (!ASN1_STRING_set(ret,str->data,str->length)) + { + ASN1_STRING_free(ret); + return(NULL); + } + return(ret); + } + +int ASN1_STRING_set(str,data,len) +ASN1_STRING *str; +unsigned char *data; +int len; + { + char *c; + + if (len < 0) + { + if (data == NULL) + return(0); + else + len=strlen((char *)data); + } + if ((str->length < len) || (str->data == NULL)) + { + c=(char *)str->data; + if (c == NULL) + str->data=(unsigned char *)Malloc(len+1); + else + str->data=(unsigned char *)Realloc(c,len+1); + + if (str->data == NULL) + { + str->data=(unsigned char *)c; + return(0); + } + } + str->length=len; + if (data != NULL) + { + memcpy(str->data,data,len); + /* an alowance for strings :-) */ + str->data[len]='\0'; + } + return(1); + } + +ASN1_STRING *ASN1_STRING_new() + { + return(ASN1_STRING_type_new(V_ASN1_OCTET_STRING)); + } + + +ASN1_STRING *ASN1_STRING_type_new(type) +int type; + { + ASN1_STRING *ret; + + ret=(ASN1_STRING *)Malloc(sizeof(ASN1_STRING)); + if (ret == NULL) + { + ASN1err(ASN1_F_ASN1_STRING_TYPE_NEW,ERR_R_MALLOC_FAILURE); + return(NULL); + } + ret->length=0; + ret->type=type; + ret->data=NULL; + return(ret); + } + +void ASN1_STRING_free(a) +ASN1_STRING *a; + { + if (a == NULL) return; + if (a->data != NULL) Free((char *)a->data); + Free((char *)a); + } + +int ASN1_STRING_cmp(a,b) +ASN1_STRING *a,*b; + { + int i; + + i=(a->length-b->length); + if (i == 0) + { + i=memcmp(a->data,b->data,a->length); + if (i == 0) + return(a->type-b->type); + else + return(i); + } + else + return(i); + } + +void asn1_add_error(address,offset) +unsigned char *address; +int offset; + { + char buf1[16],buf2[16]; + + sprintf(buf1,"%lu",(unsigned long)address); + sprintf(buf2,"%d",offset); + ERR_add_error_data(4,"address=",buf1," offset=",buf2); + } + diff --git a/src/lib/libcrypto/asn1/asn1_mac.h b/src/lib/libcrypto/asn1/asn1_mac.h new file mode 100644 index 0000000000..4fba70e4bb --- /dev/null +++ b/src/lib/libcrypto/asn1/asn1_mac.h @@ -0,0 +1,321 @@ +/* crypto/asn1/asn1_mac.h */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#ifndef HEADER_ASN1_MAC_H +#define HEADER_ASN1_MAC_H + +#ifdef __cplusplus +extern "C" { +#endif + +#include "asn1.h" +#include "x509.h" +#include "pkcs7.h" + +#define M_ASN1_D2I_vars(a,type,func) \ + ASN1_CTX c; \ + type ret=NULL; \ + \ + c.pp=pp; \ + c.error=ASN1_R_ERROR_STACK; \ + if ((a == NULL) || ((*a) == NULL)) \ + { if ((ret=(type)func()) == NULL) goto err; } \ + else ret=(*a); + +#define M_ASN1_D2I_Init() \ + c.p= *pp; \ + c.max=(length == 0)?0:(c.p+length); + +#define M_ASN1_D2I_Finish_2(a) \ + if (!asn1_Finish(&c)) goto err; \ + *pp=c.p; \ + if (a != NULL) (*a)=ret; \ + return(ret); + +#define M_ASN1_D2I_Finish(a,func,e) \ + M_ASN1_D2I_Finish_2(a); \ +err:\ + ASN1err((e),c.error); \ + asn1_add_error(*pp,(int)(c.q- *pp)); \ + if ((ret != NULL) && ((a == NULL) || (*a != ret))) func(ret); \ + return(NULL) + +#define M_ASN1_D2I_start_sequence() \ + if (!asn1_GetSequence(&c,&length)) goto err; + +#define M_ASN1_D2I_end_sequence() \ + (((c.inf&1) == 0)?(c.slen <= 0): \ + (c.eos=ASN1_check_infinite_end(&c.p,c.slen))) + +#define M_ASN1_D2I_get(b,func) \ + c.q=c.p; \ + if (func(&(b),&c.p,c.slen) == NULL) goto err; \ + c.slen-=(c.p-c.q); + +#define M_ASN1_D2I_get_opt(b,func,type) \ + if ((c.slen != 0) && ((M_ASN1_next & (~V_ASN1_CONSTRUCTED)) \ + == (V_ASN1_UNIVERSAL|(type)))) \ + { \ + M_ASN1_D2I_get(b,func); \ + } + +#define M_ASN1_D2I_get_IMP_opt(b,func,tag,type) \ + if ((c.slen != 0) && ((M_ASN1_next & (~V_ASN1_CONSTRUCTED)) == \ + (V_ASN1_CONTEXT_SPECIFIC|(tag)))) \ + { \ + unsigned char tmp; \ + tmp=M_ASN1_next; \ + M_ASN1_next=(tmp& ~V_ASN1_PRIMATIVE_TAG)|type; \ + M_ASN1_D2I_get(b,func); \ + M_ASN1_next_prev=tmp; \ + } + +#define M_ASN1_D2I_get_set(r,func) \ + M_ASN1_D2I_get_imp_set(r,func,V_ASN1_SET,V_ASN1_UNIVERSAL); + +#define M_ASN1_D2I_get_IMP_set_opt(b,func,tag) \ + if ((c.slen != 0) && \ + (M_ASN1_next == \ + (V_ASN1_CONTEXT_SPECIFIC|V_ASN1_CONSTRUCTED|(tag))))\ + { \ + M_ASN1_D2I_get_imp_set(b,func,tag,V_ASN1_CONTEXT_SPECIFIC); \ + } + +#define M_ASN1_D2I_get_seq(r,func) \ + M_ASN1_D2I_get_imp_set(r,func,V_ASN1_SEQUENCE,V_ASN1_UNIVERSAL); + +#define M_ASN1_D2I_get_seq_opt(r,func) \ + if ((c.slen != 0) && (M_ASN1_next == (V_ASN1_UNIVERSAL| \ + V_ASN1_CONSTRUCTED|V_ASN1_SEQUENCE)))\ + { M_ASN1_D2I_get_seq(r,func); } + +#define M_ASN1_D2I_get_IMP_set(r,func,x) \ + M_ASN1_D2I_get_imp_set(r,func,x,V_ASN1_CONTEXT_SPECIFIC); + +#define M_ASN1_D2I_get_imp_set(r,func,a,b) \ + c.q=c.p; \ + if (d2i_ASN1_SET(&(r),&c.p,c.slen,(char *(*)())func,a,b) == NULL) \ + goto err; \ + c.slen-=(c.p-c.q); + +#define M_ASN1_D2I_get_set_strings(r,func,a,b) \ + c.q=c.p; \ + if (d2i_ASN1_STRING_SET(&(r),&c.p,c.slen,a,b) == NULL) \ + goto err; \ + c.slen-=(c.p-c.q); + +#define M_ASN1_D2I_get_EXP_opt(r,func,tag) \ + if ((c.slen != 0L) && (M_ASN1_next == \ + (V_ASN1_CONSTRUCTED|V_ASN1_CONTEXT_SPECIFIC|tag))) \ + { \ + int Tinf,Ttag,Tclass; \ + long Tlen; \ + \ + c.q=c.p; \ + Tinf=ASN1_get_object(&c.p,&Tlen,&Ttag,&Tclass,c.slen); \ + if (Tinf & 0x80) \ + { c.error=ASN1_R_BAD_OBJECT_HEADER; goto err; } \ + if (func(&(r),&c.p,Tlen) == NULL) \ + goto err; \ + c.slen-=(c.p-c.q); \ + } + +#define M_ASN1_D2I_get_EXP_set_opt(r,func,tag,b) \ + if ((c.slen != 0) && (M_ASN1_next == \ + (V_ASN1_CONSTRUCTED|V_ASN1_CONTEXT_SPECIFIC|tag))) \ + { \ + int Tinf,Ttag,Tclass; \ + long Tlen; \ + \ + c.q=c.p; \ + Tinf=ASN1_get_object(&c.p,&Tlen,&Ttag,&Tclass,c.slen); \ + if (Tinf & 0x80) \ + { c.error=ASN1_R_BAD_OBJECT_HEADER; goto err; } \ + if (d2i_ASN1_SET(&(r),&c.p,Tlen,(char *(*)())func, \ + b,V_ASN1_UNIVERSAL) == NULL) \ + goto err; \ + c.slen-=(c.p-c.q); \ + } + +/* New macros */ +#define M_ASN1_New_Malloc(ret,type) \ + if ((ret=(type *)Malloc(sizeof(type))) == NULL) goto err2; + +#define M_ASN1_New(arg,func) \ + if (((arg)=func()) == NULL) return(NULL) + +#define M_ASN1_New_Error(a) \ +/* err: ASN1err((a),ASN1_R_ERROR_STACK); \ + return(NULL);*/ \ + err2: ASN1err((a),ERR_R_MALLOC_FAILURE); \ + return(NULL) + + +#define M_ASN1_next (*c.p) +#define M_ASN1_next_prev (*c.q) + +/*************************************************/ + +#define M_ASN1_I2D_vars(a) int r=0,ret=0; \ + unsigned char *p; \ + if (a == NULL) return(0) + +/* Length Macros */ +#define M_ASN1_I2D_len(a,f) ret+=f(a,NULL) +#define M_ASN1_I2D_len_IMP_opt(a,f) if (a != NULL) M_ASN1_I2D_len(a,f) + +#define M_ASN1_I2D_len_SET(a,f) \ + ret+=i2d_ASN1_SET(a,NULL,f,V_ASN1_SET,V_ASN1_UNIVERSAL); + +#define M_ASN1_I2D_len_SEQ(a,f) \ + ret+=i2d_ASN1_SET(a,NULL,f,V_ASN1_SEQUENCE,V_ASN1_UNIVERSAL); + +#define M_ASN1_I2D_len_SEQ_opt(a,f) \ + if ((a != NULL) && (sk_num(a) != 0)) \ + M_ASN1_I2D_len_SEQ(a,f); + +#define M_ASN1_I2D_len_IMP_set(a,f,x) \ + ret+=i2d_ASN1_SET(a,NULL,f,x,V_ASN1_CONTEXT_SPECIFIC); + +#define M_ASN1_I2D_len_IMP_set_opt(a,f,x) \ + if ((a != NULL) && (sk_num(a) != 0)) \ + ret+=i2d_ASN1_SET(a,NULL,f,x,V_ASN1_CONTEXT_SPECIFIC); + +#define M_ASN1_I2D_len_EXP_opt(a,f,mtag,v) \ + if (a != NULL)\ + { \ + v=f(a,NULL); \ + ret+=ASN1_object_size(1,v,mtag); \ + } + +#define M_ASN1_I2D_len_EXP_set_opt(a,f,mtag,tag,v) \ + if ((a != NULL) && (sk_num(a) != 0))\ + { \ + v=i2d_ASN1_SET(a,NULL,f,tag,V_ASN1_UNIVERSAL); \ + ret+=ASN1_object_size(1,v,mtag); \ + } + +/* Put Macros */ +#define M_ASN1_I2D_put(a,f) f(a,&p) + +#define M_ASN1_I2D_put_IMP_opt(a,f,t) \ + if (a != NULL) \ + { \ + unsigned char *q=p; \ + f(a,&p); \ + *q=(V_ASN1_CONTEXT_SPECIFIC|t|(*q&V_ASN1_CONSTRUCTED));\ + } + +#define M_ASN1_I2D_put_SET(a,f) i2d_ASN1_SET(a,&p,f,V_ASN1_SET,\ + V_ASN1_UNIVERSAL) +#define M_ASN1_I2D_put_IMP_set(a,f,x) i2d_ASN1_SET(a,&p,f,x,\ + V_ASN1_CONTEXT_SPECIFIC) + +#define M_ASN1_I2D_put_SEQ(a,f) i2d_ASN1_SET(a,&p,f,V_ASN1_SEQUENCE,\ + V_ASN1_UNIVERSAL) + +#define M_ASN1_I2D_put_SEQ_opt(a,f) \ + if ((a != NULL) && (sk_num(a) != 0)) \ + M_ASN1_I2D_put_SEQ(a,f); + +#define M_ASN1_I2D_put_IMP_set_opt(a,f,x) \ + if ((a != NULL) && (sk_num(a) != 0)) \ + { i2d_ASN1_SET(a,&p,f,x,V_ASN1_CONTEXT_SPECIFIC); } + +#define M_ASN1_I2D_put_EXP_opt(a,f,tag,v) \ + if (a != NULL) \ + { \ + ASN1_put_object(&p,1,v,tag,V_ASN1_CONTEXT_SPECIFIC); \ + f(a,&p); \ + } + +#define M_ASN1_I2D_put_EXP_set_opt(a,f,mtag,tag,v) \ + if ((a != NULL) && (sk_num(a) != 0)) \ + { \ + ASN1_put_object(&p,1,v,mtag,V_ASN1_CONTEXT_SPECIFIC); \ + i2d_ASN1_SET(a,&p,f,tag,V_ASN1_UNIVERSAL); \ + } + +#define M_ASN1_I2D_seq_total() \ + r=ASN1_object_size(1,ret,V_ASN1_SEQUENCE); \ + if (pp == NULL) return(r); \ + p= *pp; \ + ASN1_put_object(&p,1,ret,V_ASN1_SEQUENCE,V_ASN1_UNIVERSAL) + +#define M_ASN1_I2D_INF_seq_start(tag,ctx) \ + *(p++)=(V_ASN1_CONSTRUCTED|(tag)|(ctx)); \ + *(p++)=0x80 + +#define M_ASN1_I2D_INF_seq_end() *(p++)=0x00; *(p++)=0x00 + +#define M_ASN1_I2D_finish() *pp=p; \ + return(r); + +#ifndef NOPROTO +int asn1_GetSequence(ASN1_CTX *c, long *length); +void asn1_add_error(unsigned char *address,int offset); +#else +int asn1_GetSequence(); +void asn1_add_error(); +#endif + +#ifdef __cplusplus +} +#endif + +#endif diff --git a/src/lib/libcrypto/asn1/asn1_par.c b/src/lib/libcrypto/asn1/asn1_par.c new file mode 100644 index 0000000000..3906227d21 --- /dev/null +++ b/src/lib/libcrypto/asn1/asn1_par.c @@ -0,0 +1,393 @@ +/* crypto/asn1/asn1_par.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include +#include "cryptlib.h" +#include "buffer.h" +#include "objects.h" +#include "x509.h" + +#ifndef NOPROTO +static int asn1_print_info(BIO *bp, int tag, int xclass,int constructed, + int indent); +static int asn1_parse2(BIO *bp, unsigned char **pp, long length, + int offset, int depth, int indent); +#else +static int asn1_print_info(); +static int asn1_parse2(); +#endif + +static int asn1_print_info(bp, tag, xclass, constructed,indent) +BIO *bp; +int tag; +int xclass; +int constructed; +int indent; + { + static char *fmt="%-18s"; + static char *fmt2="%2d %-15s"; + char *p,str[128],*p2=NULL; + + if (constructed & V_ASN1_CONSTRUCTED) + p="cons: "; + else + p="prim: "; + if (BIO_write(bp,p,6) < 6) goto err; + if (indent) + { + if (indent > 128) indent=128; + memset(str,' ',indent); + if (BIO_write(bp,str,indent) < indent) goto err; + } + + p=str; + if ((xclass & V_ASN1_PRIVATE) == V_ASN1_PRIVATE) + sprintf(str,"priv [ %d ] ",tag); + else if ((xclass & V_ASN1_CONTEXT_SPECIFIC) == V_ASN1_CONTEXT_SPECIFIC) + sprintf(str,"cont [ %d ]",tag); + else if ((xclass & V_ASN1_APPLICATION) == V_ASN1_APPLICATION) + sprintf(str,"appl [ %d ]",tag); + else if ((tag == V_ASN1_EOC) /* && (xclass == V_ASN1_UNIVERSAL) */) + p="EOC"; + else if (tag == V_ASN1_BOOLEAN) + p="BOOLEAN"; + else if (tag == V_ASN1_INTEGER) + p="INTEGER"; + else if (tag == V_ASN1_BIT_STRING) + p="BIT STRING"; + else if (tag == V_ASN1_OCTET_STRING) + p="OCTET STRING"; + else if (tag == V_ASN1_NULL) + p="NULL"; + else if (tag == V_ASN1_OBJECT) + p="OBJECT"; + else if (tag == V_ASN1_SEQUENCE) + p="SEQUENCE"; + else if (tag == V_ASN1_SET) + p="SET"; + else if (tag == V_ASN1_PRINTABLESTRING) + p="PRINTABLESTRING"; + else if (tag == V_ASN1_T61STRING) + p="T61STRING"; + else if (tag == V_ASN1_IA5STRING) + p="IA5STRING"; + else if (tag == V_ASN1_UTCTIME) + p="UTCTIME"; + + /* extras */ + else if (tag == V_ASN1_NUMERICSTRING) + p="NUMERICSTRING"; + else if (tag == V_ASN1_VIDEOTEXSTRING) + p="VIDEOTEXSTRING"; + else if (tag == V_ASN1_GENERALIZEDTIME) + p="GENERALIZEDTIME"; + else if (tag == V_ASN1_GRAPHICSTRING) + p="GRAPHICSTRING"; + else if (tag == V_ASN1_ISO64STRING) + p="ISO64STRING"; + else if (tag == V_ASN1_GENERALSTRING) + p="GENERALSTRING"; + else if (tag == V_ASN1_UNIVERSALSTRING) + p="UNIVERSALSTRING"; + else if (tag == V_ASN1_BMPSTRING) + p="BMPSTRING"; + else + p2="(unknown)"; + + if (p2 != NULL) + { + if (BIO_printf(bp,fmt2,tag,p2) <= 0) goto err; + } + else + { + if (BIO_printf(bp,fmt,p) <= 0) goto err; + } + return(1); +err: + return(0); + } + +int ASN1_parse(bp, pp, len, indent) +BIO *bp; +unsigned char *pp; +long len; +int indent; + { + return(asn1_parse2(bp,&pp,len,0,0,indent)); + } + +static int asn1_parse2(bp, pp, length, offset, depth, indent) +BIO *bp; +unsigned char **pp; +long length; +int offset; +int depth; +int indent; + { + unsigned char *p,*ep,*tot,*op,*opp; + long len; + int tag,xclass,ret=0; + int nl,hl,j,r; + ASN1_OBJECT *o=NULL; + ASN1_OCTET_STRING *os=NULL; + /* ASN1_BMPSTRING *bmp=NULL;*/ + + p= *pp; + tot=p+length; + op=p-1; + while ((p < tot) && (op < p)) + { + op=p; + j=ASN1_get_object(&p,&len,&tag,&xclass,length); +#ifdef LINT + j=j; +#endif + if (j & 0x80) + { + if (BIO_write(bp,"Error in encoding\n",18) <= 0) + goto end; + ret=0; + goto end; + } + hl=(p-op); + length-=hl; + /* if j == 0x21 it is a constructed indefinite length object */ + if (BIO_printf(bp,"%5ld:",(long)offset+(long)(op- *pp)) + <= 0) goto end; + + if (j != (V_ASN1_CONSTRUCTED | 1)) + { + if (BIO_printf(bp,"d=%-2d hl=%ld l=%4ld ", + depth,(long)hl,len) <= 0) + goto end; + } + else + { + if (BIO_printf(bp,"d=%-2d hl=%ld l=inf ", + depth,(long)hl) <= 0) + goto end; + } + if (!asn1_print_info(bp,tag,xclass,j,(indent)?depth:0)) + goto end; + if (j & V_ASN1_CONSTRUCTED) + { + ep=p+len; + if (BIO_write(bp,"\n",1) <= 0) goto end; + if (len > length) + { + BIO_printf(bp, + "length is greater than %ld\n",length); + ret=0; + goto end; + } + if ((j == 0x21) && (len == 0)) + { + for (;;) + { + r=asn1_parse2(bp,&p,(long)(tot-p), + offset+(p - *pp),depth+1, + indent); + if (r == 0) { ret=0; goto end; } + if ((r == 2) || (p >= tot)) break; + } + } + else + while (p < ep) + { + r=asn1_parse2(bp,&p,(long)len, + offset+(p - *pp),depth+1, + indent); + if (r == 0) { ret=0; goto end; } + } + } + else if (xclass != 0) + { + p+=len; + if (BIO_write(bp,"\n",1) <= 0) goto end; + } + else + { + nl=0; + if ( (tag == V_ASN1_PRINTABLESTRING) || + (tag == V_ASN1_T61STRING) || + (tag == V_ASN1_IA5STRING) || + (tag == V_ASN1_UTCTIME)) + { + if (BIO_write(bp,":",1) <= 0) goto end; + if ((len > 0) && + BIO_write(bp,(char *)p,(int)len) + != (int)len) + goto end; + } + else if (tag == V_ASN1_OBJECT) + { + opp=op; + if (d2i_ASN1_OBJECT(&o,&opp,len+hl) != NULL) + { + if (BIO_write(bp,":",1) <= 0) goto end; + i2a_ASN1_OBJECT(bp,o); + } + else + { + if (BIO_write(bp,":BAD OBJECT",11) <= 0) + goto end; + } + } + else if (tag == V_ASN1_BOOLEAN) + { + int ii; + + opp=op; + ii=d2i_ASN1_BOOLEAN(NULL,&opp,len+hl); + if (ii < 0) + { + if (BIO_write(bp,"Bad boolean\n",12)) + goto end; + } + BIO_printf(bp,":%d",ii); + } + else if (tag == V_ASN1_BMPSTRING) + { + /* do the BMP thang */ + } + else if (tag == V_ASN1_OCTET_STRING) + { + int i,printable=1; + + opp=op; + os=d2i_ASN1_OCTET_STRING(NULL,&opp,len+hl); + if (os != NULL) + { + opp=os->data; + for (i=0; ilength; i++) + { + if (( (opp[i] < ' ') && + (opp[i] != '\n') && + (opp[i] != '\r') && + (opp[i] != '\t')) || + (opp[i] > '~')) + { + printable=0; + break; + } + } + if (printable && (os->length > 0)) + { + if (BIO_write(bp,":",1) <= 0) + goto end; + if (BIO_write(bp,(char *)opp, + os->length) <= 0) + goto end; + } + ASN1_OCTET_STRING_free(os); + os=NULL; + } + } + else if (tag == V_ASN1_INTEGER) + { + ASN1_INTEGER *bs; + int i; + + opp=op; + bs=d2i_ASN1_INTEGER(NULL,&opp,len+hl); + if (bs != NULL) + { + if (BIO_write(bp,":",1) <= 0) goto end; + if (bs->type == V_ASN1_NEG_INTEGER) + if (BIO_write(bp,"-",1) <= 0) + goto end; + for (i=0; ilength; i++) + { + if (BIO_printf(bp,"%02X", + bs->data[i]) <= 0) + goto end; + } + if (bs->length == 0) + { + if (BIO_write(bp,"00",2) <= 0) + goto end; + } + } + else + { + if (BIO_write(bp,"BAD INTEGER",11) <= 0) + goto end; + } + ASN1_INTEGER_free(bs); + } + + if (!nl) + { + if (BIO_write(bp,"\n",1) <= 0) goto end; + } + p+=len; + if ((tag == V_ASN1_EOC) && (xclass == 0)) + { + ret=2; /* End of sequence */ + goto end; + } + } + length-=len; + } + ret=1; +end: + if (o != NULL) ASN1_OBJECT_free(o); + if (os != NULL) ASN1_OCTET_STRING_free(os); + *pp=p; + return(ret); + } diff --git a/src/lib/libcrypto/asn1/d2i_pr.c b/src/lib/libcrypto/asn1/d2i_pr.c new file mode 100644 index 0000000000..b9eaa9629b --- /dev/null +++ b/src/lib/libcrypto/asn1/d2i_pr.c @@ -0,0 +1,117 @@ +/* crypto/asn1/d2i_pr.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include +#include "cryptlib.h" +#include "bn.h" +#include "evp.h" +#include "objects.h" +#include "x509.h" + +EVP_PKEY *d2i_PrivateKey(type,a,pp,length) +int type; +EVP_PKEY **a; +unsigned char **pp; +long length; + { + EVP_PKEY *ret; + + if ((a == NULL) || (*a == NULL)) + { + if ((ret=EVP_PKEY_new()) == NULL) + { + ASN1err(ASN1_F_D2I_PRIVATEKEY,ERR_R_EVP_LIB); + return(NULL); + } + } + else ret= *a; + + ret->save_type=type; + ret->type=EVP_PKEY_type(type); + switch (ret->type) + { +#ifndef NO_RSA + case EVP_PKEY_RSA: + if ((ret->pkey.rsa=d2i_RSAPrivateKey(NULL,pp,length)) == NULL) + { + ASN1err(ASN1_F_D2I_PRIVATEKEY,ERR_R_ASN1_LIB); + goto err; + } + break; +#endif +#ifndef NO_DSA + case EVP_PKEY_DSA: + if ((ret->pkey.dsa=d2i_DSAPrivateKey(NULL,pp,length)) == NULL) + { + ASN1err(ASN1_F_D2I_PRIVATEKEY,ERR_R_ASN1_LIB); + goto err; + } + break; +#endif + default: + ASN1err(ASN1_F_D2I_PRIVATEKEY,ASN1_R_UNKNOWN_PUBLIC_KEY_TYPE); + goto err; + break; + } + if (a != NULL) (*a)=ret; + return(ret); +err: + if ((ret != NULL) && ((a == NULL) || (*a != ret))) EVP_PKEY_free(ret); + return(NULL); + } + diff --git a/src/lib/libcrypto/asn1/d2i_pu.c b/src/lib/libcrypto/asn1/d2i_pu.c new file mode 100644 index 0000000000..5d6192f1e5 --- /dev/null +++ b/src/lib/libcrypto/asn1/d2i_pu.c @@ -0,0 +1,117 @@ +/* crypto/asn1/d2i_pu.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include +#include "cryptlib.h" +#include "bn.h" +#include "evp.h" +#include "objects.h" +#include "x509.h" + +EVP_PKEY *d2i_PublicKey(type,a,pp,length) +int type; +EVP_PKEY **a; +unsigned char **pp; +long length; + { + EVP_PKEY *ret; + + if ((a == NULL) || (*a == NULL)) + { + if ((ret=EVP_PKEY_new()) == NULL) + { + ASN1err(ASN1_F_D2I_PUBLICKEY,ERR_R_EVP_LIB); + return(NULL); + } + } + else ret= *a; + + ret->save_type=type; + ret->type=EVP_PKEY_type(type); + switch (ret->type) + { +#ifndef NO_RSA + case EVP_PKEY_RSA: + if ((ret->pkey.rsa=d2i_RSAPublicKey(NULL,pp,length)) == NULL) + { + ASN1err(ASN1_F_D2I_PUBLICKEY,ERR_R_ASN1_LIB); + goto err; + } + break; +#endif +#ifndef NO_DSA + case EVP_PKEY_DSA: + if ((ret->pkey.dsa=d2i_DSAPublicKey(NULL,pp,length)) == NULL) + { + ASN1err(ASN1_F_D2I_PUBLICKEY,ERR_R_ASN1_LIB); + goto err; + } + break; +#endif + default: + ASN1err(ASN1_F_D2I_PUBLICKEY,ASN1_R_UNKNOWN_PUBLIC_KEY_TYPE); + goto err; + break; + } + if (a != NULL) (*a)=ret; + return(ret); +err: + if ((ret != NULL) && ((a == NULL) || (*a != ret))) EVP_PKEY_free(ret); + return(NULL); + } + diff --git a/src/lib/libcrypto/asn1/evp_asn1.c b/src/lib/libcrypto/asn1/evp_asn1.c new file mode 100644 index 0000000000..ebe34a3362 --- /dev/null +++ b/src/lib/libcrypto/asn1/evp_asn1.c @@ -0,0 +1,193 @@ +/* crypto/asn1/evp_asn1.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include +#include "cryptlib.h" +#include "asn1.h" +#include "asn1_mac.h" + +int ASN1_TYPE_set_octetstring(a,data,len) +ASN1_TYPE *a; +unsigned char *data; +int len; + { + ASN1_STRING *os; + + if ((os=ASN1_OCTET_STRING_new()) == NULL) return(0); + if (!ASN1_OCTET_STRING_set(os,data,len)) return(0); + ASN1_TYPE_set(a,V_ASN1_OCTET_STRING,(char *)os); + return(1); + } + +int ASN1_TYPE_get_octetstring(a,data,max_len) +ASN1_TYPE *a; +unsigned char *data; +int max_len; /* for returned value */ + { + int ret,num; + unsigned char *p; + + if ((a->type != V_ASN1_OCTET_STRING) || (a->value.octet_string == NULL)) + { + ASN1err(ASN1_F_ASN1_TYPE_GET_OCTETSTRING,ASN1_R_DATA_IS_WRONG); + return(-1); + } + p=ASN1_STRING_data(a->value.octet_string); + ret=ASN1_STRING_length(a->value.octet_string); + if (ret < max_len) + num=ret; + else + num=max_len; + memcpy(data,p,num); + return(ret); + } + +int ASN1_TYPE_set_int_octetstring(a,num,data,len) +ASN1_TYPE *a; +long num; +unsigned char *data; +int len; + { + int n,size; + ASN1_OCTET_STRING os,*osp; + ASN1_INTEGER in; + unsigned char *p; + unsigned char buf[32]; /* when they have 256bit longs, + * I'll be in trouble */ + in.data=buf; + in.length=32; + os.data=data; + os.type=V_ASN1_OCTET_STRING; + os.length=len; + ASN1_INTEGER_set(&in,num); + n = i2d_ASN1_INTEGER(&in,NULL); + n+=M_i2d_ASN1_OCTET_STRING(&os,NULL); + + size=ASN1_object_size(1,n,V_ASN1_SEQUENCE); + + if ((osp=ASN1_STRING_new()) == NULL) return(0); + /* Grow the 'string' */ + ASN1_STRING_set(osp,NULL,size); + + ASN1_STRING_length(osp)=size; + p=ASN1_STRING_data(osp); + + ASN1_put_object(&p,1,n,V_ASN1_SEQUENCE,V_ASN1_UNIVERSAL); + i2d_ASN1_INTEGER(&in,&p); + M_i2d_ASN1_OCTET_STRING(&os,&p); + + ASN1_TYPE_set(a,V_ASN1_SEQUENCE,(char *)osp); + return(1); + } + +/* we return the actual length... */ +int ASN1_TYPE_get_int_octetstring(a,num,data,max_len) +ASN1_TYPE *a; +long *num; +unsigned char *data; +int max_len; /* for returned value */ + { + int ret= -1,n; + ASN1_INTEGER *ai=NULL; + ASN1_OCTET_STRING *os=NULL; + unsigned char *p; + long length; + ASN1_CTX c; + + if ((a->type != V_ASN1_SEQUENCE) || (a->value.sequence == NULL)) + { + goto err; + } + p=ASN1_STRING_data(a->value.sequence); + length=ASN1_STRING_length(a->value.sequence); + + c.pp= &p; + c.p=p; + c.max=p+length; + c.error=ASN1_R_DATA_IS_WRONG; + + M_ASN1_D2I_start_sequence(); + c.q=c.p; + if ((ai=d2i_ASN1_INTEGER(NULL,&c.p,c.slen)) == NULL) goto err; + c.slen-=(c.p-c.q); + c.q=c.p; + if ((os=d2i_ASN1_OCTET_STRING(NULL,&c.p,c.slen)) == NULL) goto err; + c.slen-=(c.p-c.q); + if (!M_ASN1_D2I_end_sequence()) goto err; + + if (num != NULL) + *num=ASN1_INTEGER_get(ai); + + ret=ASN1_STRING_length(os); + if (max_len > ret) + n=ret; + else + n=max_len; + + if (data != NULL) + memcpy(data,ASN1_STRING_data(os),n); + if (0) + { +err: + ASN1err(ASN1_F_ASN1_TYPE_GET_INT_OCTETSTRING,ASN1_R_DATA_IS_WRONG); + } + if (os != NULL) ASN1_OCTET_STRING_free(os); + if (ai != NULL) ASN1_INTEGER_free(ai); + return(ret); + } + diff --git a/src/lib/libcrypto/asn1/f_int.c b/src/lib/libcrypto/asn1/f_int.c new file mode 100644 index 0000000000..4817c45cb7 --- /dev/null +++ b/src/lib/libcrypto/asn1/f_int.c @@ -0,0 +1,211 @@ +/* crypto/asn1/f_int.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include +#include "cryptlib.h" +#include "buffer.h" +#include "x509.h" + +int i2a_ASN1_INTEGER(bp, a) +BIO *bp; +ASN1_INTEGER *a; + { + int i,n=0; + static char *h="0123456789ABCDEF"; + char buf[2]; + + if (a == NULL) return(0); + + if (a->length == 0) + { + if (BIO_write(bp,"00",2) != 2) goto err; + n=2; + } + else + { + for (i=0; ilength; i++) + { + if ((i != 0) && (i%35 == 0)) + { + if (BIO_write(bp,"\\\n",2) != 2) goto err; + n+=2; + } + buf[0]=h[((unsigned char)a->data[i]>>4)&0x0f]; + buf[1]=h[((unsigned char)a->data[i] )&0x0f]; + if (BIO_write(bp,buf,2) != 2) goto err; + n+=2; + } + } + return(n); +err: + return(-1); + } + +int a2i_ASN1_INTEGER(bp,bs,buf,size) +BIO *bp; +ASN1_INTEGER *bs; +char *buf; +int size; + { + int ret=0; + int i,j,k,m,n,again,bufsize; + unsigned char *s=NULL,*sp; + unsigned char *bufp; + int num=0,slen=0,first=1; + + bs->type=V_ASN1_INTEGER; + + bufsize=BIO_gets(bp,buf,size); + for (;;) + { + if (bufsize < 1) goto err_sl; + i=bufsize; + if (buf[i-1] == '\n') buf[--i]='\0'; + if (i == 0) goto err_sl; + if (buf[i-1] == '\r') buf[--i]='\0'; + if (i == 0) goto err_sl; + again=(buf[i-1] == '\\'); + + for (j=0; j= '0') && (buf[j] <= '9')) || + ((buf[j] >= 'a') && (buf[j] <= 'f')) || + ((buf[j] >= 'A') && (buf[j] <= 'F')))) + { + i=j; + break; + } + } + buf[i]='\0'; + /* We have now cleared all the crap off the end of the + * line */ + if (i < 2) goto err_sl; + + bufp=(unsigned char *)buf; + if (first) + { + first=0; + if ((bufp[0] == '0') && (buf[1] == '0')) + { + bufp+=2; + i-=2; + } + } + k=0; + i-=again; + if (i%2 != 0) + { + ASN1err(ASN1_F_A2I_ASN1_INTEGER,ASN1_R_ODD_NUMBER_OF_CHARS); + goto err; + } + i/=2; + if (num+i > slen) + { + if (s == NULL) + sp=(unsigned char *)Malloc( + (unsigned int)num+i*2); + else + sp=(unsigned char *)Realloc(s, + (unsigned int)num+i*2); + if (sp == NULL) + { + ASN1err(ASN1_F_A2I_ASN1_INTEGER,ERR_R_MALLOC_FAILURE); + if (s != NULL) Free((char *)s); + goto err; + } + s=sp; + slen=num+i*2; + } + for (j=0; j= '0') && (m <= '9')) + m-='0'; + else if ((m >= 'a') && (m <= 'f')) + m=m-'a'+10; + else if ((m >= 'A') && (m <= 'F')) + m=m-'A'+10; + else + { + ASN1err(ASN1_F_A2I_ASN1_INTEGER,ASN1_R_NON_HEX_CHARACTERS); + goto err; + } + s[num+j]<<=4; + s[num+j]|=m; + } + } + num+=i; + if (again) + bufsize=BIO_gets(bp,buf,size); + else + break; + } + bs->length=num; + bs->data=s; + ret=1; +err: + if (0) + { +err_sl: + ASN1err(ASN1_F_A2I_ASN1_INTEGER,ASN1_R_SHORT_LINE); + } + return(ret); + } + diff --git a/src/lib/libcrypto/asn1/f_string.c b/src/lib/libcrypto/asn1/f_string.c new file mode 100644 index 0000000000..ab2837824e --- /dev/null +++ b/src/lib/libcrypto/asn1/f_string.c @@ -0,0 +1,210 @@ +/* crypto/asn1/f_string.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include +#include "cryptlib.h" +#include "buffer.h" +#include "x509.h" + +int i2a_ASN1_STRING(bp, a, type) +BIO *bp; +ASN1_STRING *a; +int type; + { + int i,n=0; + static char *h="0123456789ABCDEF"; + char buf[2]; + + if (a == NULL) return(0); + + if (a->length == 0) + { + if (BIO_write(bp,"0",1) != 1) goto err; + n=1; + } + else + { + for (i=0; ilength; i++) + { + if ((i != 0) && (i%35 == 0)) + { + if (BIO_write(bp,"\\\n",2) != 2) goto err; + n+=2; + } + buf[0]=h[((unsigned char)a->data[i]>>4)&0x0f]; + buf[1]=h[((unsigned char)a->data[i] )&0x0f]; + if (BIO_write(bp,buf,2) != 2) goto err; + n+=2; + } + } + return(n); +err: + return(-1); + } + +int a2i_ASN1_STRING(bp,bs,buf,size) +BIO *bp; +ASN1_STRING *bs; +char *buf; +int size; + { + int ret=0; + int i,j,k,m,n,again,bufsize; + unsigned char *s=NULL,*sp; + unsigned char *bufp; + int num=0,slen=0,first=1; + + bufsize=BIO_gets(bp,buf,size); + for (;;) + { + if (bufsize < 1) + { + if (first) + break; + else + goto err_sl; + } + first=0; + + i=bufsize; + if (buf[i-1] == '\n') buf[--i]='\0'; + if (i == 0) goto err_sl; + if (buf[i-1] == '\r') buf[--i]='\0'; + if (i == 0) goto err_sl; + again=(buf[i-1] == '\\'); + + for (j=i-1; j>0; j--) + { + if (!( ((buf[j] >= '0') && (buf[j] <= '9')) || + ((buf[j] >= 'a') && (buf[j] <= 'f')) || + ((buf[j] >= 'A') && (buf[j] <= 'F')))) + { + i=j; + break; + } + } + buf[i]='\0'; + /* We have now cleared all the crap off the end of the + * line */ + if (i < 2) goto err_sl; + + bufp=(unsigned char *)buf; + + k=0; + i-=again; + if (i%2 != 0) + { + ASN1err(ASN1_F_A2I_ASN1_STRING,ASN1_R_ODD_NUMBER_OF_CHARS); + goto err; + } + i/=2; + if (num+i > slen) + { + if (s == NULL) + sp=(unsigned char *)Malloc( + (unsigned int)num+i*2); + else + sp=(unsigned char *)Realloc(s, + (unsigned int)num+i*2); + if (sp == NULL) + { + ASN1err(ASN1_F_A2I_ASN1_STRING,ERR_R_MALLOC_FAILURE); + if (s != NULL) Free((char *)s); + goto err; + } + s=sp; + slen=num+i*2; + } + for (j=0; j= '0') && (m <= '9')) + m-='0'; + else if ((m >= 'a') && (m <= 'f')) + m=m-'a'+10; + else if ((m >= 'A') && (m <= 'F')) + m=m-'A'+10; + else + { + ASN1err(ASN1_F_A2I_ASN1_STRING,ASN1_R_NON_HEX_CHARACTERS); + goto err; + } + s[num+j]<<=4; + s[num+j]|=m; + } + } + num+=i; + if (again) + bufsize=BIO_gets(bp,buf,size); + else + break; + } + bs->length=num; + bs->data=s; + ret=1; +err: + if (0) + { +err_sl: + ASN1err(ASN1_F_A2I_ASN1_STRING,ASN1_R_SHORT_LINE); + } + return(ret); + } + diff --git a/src/lib/libcrypto/asn1/i2d_pr.c b/src/lib/libcrypto/asn1/i2d_pr.c new file mode 100644 index 0000000000..b6b821d73c --- /dev/null +++ b/src/lib/libcrypto/asn1/i2d_pr.c @@ -0,0 +1,86 @@ +/* crypto/asn1/i2d_pr.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include +#include "cryptlib.h" +#include "bn.h" +#include "evp.h" +#include "objects.h" + +int i2d_PrivateKey(a,pp) +EVP_PKEY *a; +unsigned char **pp; + { +#ifndef NO_RSA + if (a->type == EVP_PKEY_RSA) + { + return(i2d_RSAPrivateKey(a->pkey.rsa,pp)); + } + else +#endif +#ifndef NO_DSA + if (a->type == EVP_PKEY_DSA) + { + return(i2d_DSAPrivateKey(a->pkey.dsa,pp)); + } +#endif + + ASN1err(ASN1_F_I2D_PRIVATEKEY,ASN1_R_UNSUPPORTED_PUBLIC_KEY_TYPE); + return(-1); + } + diff --git a/src/lib/libcrypto/asn1/i2d_pu.c b/src/lib/libcrypto/asn1/i2d_pu.c new file mode 100644 index 0000000000..1b854252b7 --- /dev/null +++ b/src/lib/libcrypto/asn1/i2d_pu.c @@ -0,0 +1,84 @@ +/* crypto/asn1/i2d_pu.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include +#include "cryptlib.h" +#include "bn.h" +#include "evp.h" +#include "objects.h" + +int i2d_PublicKey(a,pp) +EVP_PKEY *a; +unsigned char **pp; + { + switch (a->type) + { +#ifndef NO_RSA + case EVP_PKEY_RSA: + return(i2d_RSAPublicKey(a->pkey.rsa,pp)); +#endif +#ifndef NO_DSA + case EVP_PKEY_DSA: + return(i2d_DSAPublicKey(a->pkey.dsa,pp)); +#endif + default: + ASN1err(ASN1_F_I2D_PUBLICKEY,ASN1_R_UNSUPPORTED_PUBLIC_KEY_TYPE); + return(-1); + } + } + diff --git a/src/lib/libcrypto/asn1/n_pkey.c b/src/lib/libcrypto/asn1/n_pkey.c new file mode 100644 index 0000000000..5110c91bec --- /dev/null +++ b/src/lib/libcrypto/asn1/n_pkey.c @@ -0,0 +1,365 @@ +/* crypto/asn1/n_pkey.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include +#include "cryptlib.h" +#include "rsa.h" +#include "objects.h" +#include "asn1_mac.h" +#include "evp.h" +#include "x509.h" + + +#ifndef NO_RC4 + +typedef struct netscape_pkey_st + { + ASN1_INTEGER *version; + X509_ALGOR *algor; + ASN1_OCTET_STRING *private_key; + } NETSCAPE_PKEY; + +/* + * ASN1err(ASN1_F_D2I_NETSCAPE_RSA,ASN1_R_LENGTH_MISMATCH); + * ASN1err(ASN1_F_D2I_NETSCAPE_RSA,ASN1_R_DECODING_ERROR); + * ASN1err(ASN1_F_D2I_NETSCAPE_PKEY,ASN1_R_DECODING_ERROR); + * ASN1err(ASN1_F_NETSCAPE_PKEY_NEW,ASN1_R_DECODING_ERROR); + */ +#ifndef NOPROTO +static int i2d_NETSCAPE_PKEY(NETSCAPE_PKEY *a, unsigned char **pp); +static NETSCAPE_PKEY *d2i_NETSCAPE_PKEY(NETSCAPE_PKEY **a,unsigned char **pp, long length); +static NETSCAPE_PKEY *NETSCAPE_PKEY_new(void); +static void NETSCAPE_PKEY_free(NETSCAPE_PKEY *); +#else +static int i2d_NETSCAPE_PKEY(); +static NETSCAPE_PKEY *d2i_NETSCAPE_PKEY(); +static NETSCAPE_PKEY *NETSCAPE_PKEY_new(); +static void NETSCAPE_PKEY_free(); +#endif + +int i2d_Netscape_RSA(a,pp,cb) +RSA *a; +unsigned char **pp; +int (*cb)(); + { + int i,j,l[6]; + NETSCAPE_PKEY *pkey; + unsigned char buf[256],*zz; + unsigned char key[EVP_MAX_KEY_LENGTH]; + EVP_CIPHER_CTX ctx; + X509_ALGOR *alg=NULL; + ASN1_OCTET_STRING os,os2; + M_ASN1_I2D_vars(a); + + if (a == NULL) return(0); + +#ifdef WIN32 + r=r; /* shut the damn compiler up :-) */ +#endif + + os.data=os2.data=NULL; + if ((pkey=NETSCAPE_PKEY_new()) == NULL) goto err; + if (!ASN1_INTEGER_set(pkey->version,0)) goto err; + + if (pkey->algor->algorithm != NULL) + ASN1_OBJECT_free(pkey->algor->algorithm); + pkey->algor->algorithm=OBJ_nid2obj(NID_rsaEncryption); + if ((pkey->algor->parameter=ASN1_TYPE_new()) == NULL) goto err; + pkey->algor->parameter->type=V_ASN1_NULL; + + l[0]=i2d_RSAPrivateKey(a,NULL); + pkey->private_key->length=l[0]; + + os2.length=i2d_NETSCAPE_PKEY(pkey,NULL); + l[1]=i2d_ASN1_OCTET_STRING(&os2,NULL); + + if ((alg=X509_ALGOR_new()) == NULL) goto err; + if (alg->algorithm != NULL) + ASN1_OBJECT_free(alg->algorithm); + alg->algorithm=OBJ_nid2obj(NID_rc4); + if ((alg->parameter=ASN1_TYPE_new()) == NULL) goto err; + alg->parameter->type=V_ASN1_NULL; + + l[2]=i2d_X509_ALGOR(alg,NULL); + l[3]=ASN1_object_size(1,l[2]+l[1],V_ASN1_SEQUENCE); + + os.data=(unsigned char *)"private-key"; + os.length=11; + l[4]=i2d_ASN1_OCTET_STRING(&os,NULL); + + l[5]=ASN1_object_size(1,l[4]+l[3],V_ASN1_SEQUENCE); + + if (pp == NULL) + { + if (pkey != NULL) NETSCAPE_PKEY_free(pkey); + if (alg != NULL) X509_ALGOR_free(alg); + return(l[5]); + } + + if (pkey->private_key->data != NULL) + Free((char *)pkey->private_key->data); + if ((pkey->private_key->data=(unsigned char *)Malloc(l[0])) == NULL) + { + ASN1err(ASN1_F_I2D_NETSCAPE_RSA,ERR_R_MALLOC_FAILURE); + goto err; + } + zz=pkey->private_key->data; + i2d_RSAPrivateKey(a,&zz); + + if ((os2.data=(unsigned char *)Malloc(os2.length)) == NULL) + { + ASN1err(ASN1_F_I2D_NETSCAPE_RSA,ERR_R_MALLOC_FAILURE); + goto err; + } + zz=os2.data; + i2d_NETSCAPE_PKEY(pkey,&zz); + + if (cb == NULL) + cb=EVP_read_pw_string; + i=cb(buf,256,"Enter Private Key password:",1); + if (i != 0) + { + ASN1err(ASN1_F_I2D_NETSCAPE_RSA,ASN1_R_BAD_PASSWORD_READ); + goto err; + } + EVP_BytesToKey(EVP_rc4(),EVP_md5(),NULL,buf, + strlen((char *)buf),1,key,NULL); + memset(buf,0,256); + + EVP_CIPHER_CTX_init(&ctx); + EVP_EncryptInit(&ctx,EVP_rc4(),key,NULL); + EVP_EncryptUpdate(&ctx,os2.data,&i,os2.data,os2.length); + EVP_EncryptFinal(&ctx,&(os2.data[i]),&j); + EVP_CIPHER_CTX_cleanup(&ctx); + + p= *pp; + ASN1_put_object(&p,1,l[4]+l[3],V_ASN1_SEQUENCE,V_ASN1_UNIVERSAL); + i2d_ASN1_OCTET_STRING(&os,&p); + ASN1_put_object(&p,1,l[2]+l[1],V_ASN1_SEQUENCE,V_ASN1_UNIVERSAL); + i2d_X509_ALGOR(alg,&p); + i2d_ASN1_OCTET_STRING(&os2,&p); + ret=l[5]; +err: + if (os2.data != NULL) Free((char *)os2.data); + if (alg != NULL) X509_ALGOR_free(alg); + if (pkey != NULL) NETSCAPE_PKEY_free(pkey); + r=r; + return(ret); + } + +RSA *d2i_Netscape_RSA(a,pp,length,cb) +RSA **a; +unsigned char **pp; +long length; +int (*cb)(); + { + RSA *ret=NULL; + ASN1_OCTET_STRING *os=NULL; + ASN1_CTX c; + + c.pp=pp; + c.error=ASN1_R_DECODING_ERROR; + + M_ASN1_D2I_Init(); + M_ASN1_D2I_start_sequence(); + M_ASN1_D2I_get(os,d2i_ASN1_OCTET_STRING); + if ((os->length != 11) || (strncmp("private-key", + (char *)os->data,os->length) != 0)) + { + ASN1err(ASN1_F_D2I_NETSCAPE_RSA,ASN1_R_PRIVATE_KEY_HEADER_MISSING); + ASN1_BIT_STRING_free(os); + goto err; + } + ASN1_BIT_STRING_free(os); + c.q=c.p; + if ((ret=d2i_Netscape_RSA_2(a,&c.p,c.slen,cb)) == NULL) goto err; + c.slen-=(c.p-c.q); + + M_ASN1_D2I_Finish(a,RSA_free,ASN1_F_D2I_NETSCAPE_RSA); + } + +RSA *d2i_Netscape_RSA_2(a,pp,length,cb) +RSA **a; +unsigned char **pp; +long length; +int (*cb)(); + { + NETSCAPE_PKEY *pkey=NULL; + RSA *ret=NULL; + int i,j; + unsigned char buf[256],*zz; + unsigned char key[EVP_MAX_KEY_LENGTH]; + EVP_CIPHER_CTX ctx; + X509_ALGOR *alg=NULL; + ASN1_OCTET_STRING *os=NULL; + ASN1_CTX c; + + c.error=ASN1_R_ERROR_STACK; + c.pp=pp; + + M_ASN1_D2I_Init(); + M_ASN1_D2I_start_sequence(); + M_ASN1_D2I_get(alg,d2i_X509_ALGOR); + if (OBJ_obj2nid(alg->algorithm) != NID_rc4) + { + ASN1err(ASN1_F_D2I_NETSCAPE_RSA_2,ASN1_R_UNSUPPORTED_ENCRYPTION_ALGORITHM); + goto err; + } + M_ASN1_D2I_get(os,d2i_ASN1_OCTET_STRING); + if (cb == NULL) + cb=EVP_read_pw_string; + i=cb(buf,256,"Enter Private Key password:",0); + if (i != 0) + { + ASN1err(ASN1_F_D2I_NETSCAPE_RSA_2,ASN1_R_BAD_PASSWORD_READ); + goto err; + } + + EVP_BytesToKey(EVP_rc4(),EVP_md5(),NULL,buf, + strlen((char *)buf),1,key,NULL); + memset(buf,0,256); + + EVP_CIPHER_CTX_init(&ctx); + EVP_DecryptInit(&ctx,EVP_rc4(),key,NULL); + EVP_DecryptUpdate(&ctx,os->data,&i,os->data,os->length); + EVP_DecryptFinal(&ctx,&(os->data[i]),&j); + EVP_CIPHER_CTX_cleanup(&ctx); + os->length=i+j; + + zz=os->data; + + if ((pkey=d2i_NETSCAPE_PKEY(NULL,&zz,os->length)) == NULL) + { + ASN1err(ASN1_F_D2I_NETSCAPE_RSA_2,ASN1_R_UNABLE_TO_DECODE_RSA_PRIVATE_KEY); + goto err; + } + + zz=pkey->private_key->data; + if ((ret=d2i_RSAPrivateKey(a,&zz,pkey->private_key->length)) == NULL) + { + ASN1err(ASN1_F_D2I_NETSCAPE_RSA_2,ASN1_R_UNABLE_TO_DECODE_RSA_KEY); + goto err; + } + if (!asn1_Finish(&c)) goto err; + *pp=c.p; +err: + if (pkey != NULL) NETSCAPE_PKEY_free(pkey); + if (os != NULL) ASN1_BIT_STRING_free(os); + if (alg != NULL) X509_ALGOR_free(alg); + return(ret); + } + +static int i2d_NETSCAPE_PKEY(a,pp) +NETSCAPE_PKEY *a; +unsigned char **pp; + { + M_ASN1_I2D_vars(a); + + + M_ASN1_I2D_len(a->version, i2d_ASN1_INTEGER); + M_ASN1_I2D_len(a->algor, i2d_X509_ALGOR); + M_ASN1_I2D_len(a->private_key, i2d_ASN1_OCTET_STRING); + + M_ASN1_I2D_seq_total(); + + M_ASN1_I2D_put(a->version, i2d_ASN1_INTEGER); + M_ASN1_I2D_put(a->algor, i2d_X509_ALGOR); + M_ASN1_I2D_put(a->private_key, i2d_ASN1_OCTET_STRING); + + M_ASN1_I2D_finish(); + } + +static NETSCAPE_PKEY *d2i_NETSCAPE_PKEY(a,pp,length) +NETSCAPE_PKEY **a; +unsigned char **pp; +long length; + { + M_ASN1_D2I_vars(a,NETSCAPE_PKEY *,NETSCAPE_PKEY_new); + + M_ASN1_D2I_Init(); + M_ASN1_D2I_start_sequence(); + M_ASN1_D2I_get(ret->version,d2i_ASN1_INTEGER); + M_ASN1_D2I_get(ret->algor,d2i_X509_ALGOR); + M_ASN1_D2I_get(ret->private_key,d2i_ASN1_OCTET_STRING); + M_ASN1_D2I_Finish(a,NETSCAPE_PKEY_free,ASN1_F_D2I_NETSCAPE_PKEY); + } + +static NETSCAPE_PKEY *NETSCAPE_PKEY_new() + { + NETSCAPE_PKEY *ret=NULL; + + M_ASN1_New_Malloc(ret,NETSCAPE_PKEY); + M_ASN1_New(ret->version,ASN1_INTEGER_new); + M_ASN1_New(ret->algor,X509_ALGOR_new); + M_ASN1_New(ret->private_key,ASN1_OCTET_STRING_new); + return(ret); + M_ASN1_New_Error(ASN1_F_NETSCAPE_PKEY_NEW); + } + +static void NETSCAPE_PKEY_free(a) +NETSCAPE_PKEY *a; + { + if (a == NULL) return; + ASN1_INTEGER_free(a->version); + X509_ALGOR_free(a->algor); + ASN1_OCTET_STRING_free(a->private_key); + Free((char *)a); + } + +#endif /* NO_RC4 */ + diff --git a/src/lib/libcrypto/asn1/t_pkey.c b/src/lib/libcrypto/asn1/t_pkey.c new file mode 100644 index 0000000000..bc518d59a2 --- /dev/null +++ b/src/lib/libcrypto/asn1/t_pkey.c @@ -0,0 +1,392 @@ +/* crypto/asn1/t_pkey.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include +#include "cryptlib.h" +#include "buffer.h" +#include "bn.h" +#ifndef NO_RSA +#include "rsa.h" +#endif +#ifndef NO_DH +#include "dh.h" +#endif +#ifndef NO_DSA +#include "dsa.h" +#endif + +/* DHerr(DH_F_DHPARAMS_PRINT,ERR_R_MALLOC_FAILURE); + * DSAerr(DSA_F_DSAPARAMS_PRINT,ERR_R_MALLOC_FAILURE); + */ + +#ifndef NOPROTO +static int print(BIO *fp,char *str,BIGNUM *num, + unsigned char *buf,int off); +#else +static int print(); +#endif + +#ifndef NO_RSA +#ifndef NO_FP_API +int RSA_print_fp(fp,x,off) +FILE *fp; +RSA *x; +int off; + { + BIO *b; + int ret; + + if ((b=BIO_new(BIO_s_file())) == NULL) + { + RSAerr(RSA_F_RSA_PRINT_FP,ERR_R_BUF_LIB); + return(0); + } + BIO_set_fp(b,fp,BIO_NOCLOSE); + ret=RSA_print(b,x,off); + BIO_free(b); + return(ret); + } +#endif + +int RSA_print(bp,x,off) +BIO *bp; +RSA *x; +int off; + { + char str[128],*s; + unsigned char *m=NULL; + int i,ret=0; + + i=RSA_size(x); + m=(unsigned char *)Malloc((unsigned int)i+10); + if (m == NULL) + { + RSAerr(RSA_F_RSA_PRINT,ERR_R_MALLOC_FAILURE); + goto err; + } + + if (off) + { + if (off > 128) off=128; + memset(str,' ',off); + } + if (x->d != NULL) + { + if (off && (BIO_write(bp,str,off) <= 0)) goto err; + if (BIO_printf(bp,"Private-Key: (%d bit)\n",BN_num_bits(x->n)) + <= 0) goto err; + } + + if (x->d == NULL) + sprintf(str,"Modulus (%d bit):",BN_num_bits(x->n)); + else + strcpy(str,"modulus:"); + if (!print(bp,str,x->n,m,off)) goto err; + s=(x->d == NULL)?"Exponent:":"publicExponent:"; + if (!print(bp,s,x->e,m,off)) goto err; + if (!print(bp,"privateExponent:",x->d,m,off)) goto err; + if (!print(bp,"prime1:",x->p,m,off)) goto err; + if (!print(bp,"prime2:",x->q,m,off)) goto err; + if (!print(bp,"exponent1:",x->dmp1,m,off)) goto err; + if (!print(bp,"exponent2:",x->dmq1,m,off)) goto err; + if (!print(bp,"coefficient:",x->iqmp,m,off)) goto err; + ret=1; +err: + if (m != NULL) Free((char *)m); + return(ret); + } +#endif /* NO_RSA */ + +#ifndef NO_DSA +#ifndef NO_FP_API +int DSA_print_fp(fp,x,off) +FILE *fp; +DSA *x; +int off; + { + BIO *b; + int ret; + + if ((b=BIO_new(BIO_s_file())) == NULL) + { + DSAerr(DSA_F_DSA_PRINT_FP,ERR_R_BUF_LIB); + return(0); + } + BIO_set_fp(b,fp,BIO_NOCLOSE); + ret=DSA_print(b,x,off); + BIO_free(b); + return(ret); + } +#endif + +int DSA_print(bp,x,off) +BIO *bp; +DSA *x; +int off; + { + char str[128]; + unsigned char *m=NULL; + int i,ret=0; + BIGNUM *bn=NULL; + + if (x->p != NULL) + bn=x->p; + else if (x->priv_key != NULL) + bn=x->priv_key; + else if (x->pub_key != NULL) + bn=x->pub_key; + + /* larger than needed but what the hell :-) */ + if (bn != NULL) + i=BN_num_bytes(bn)*2; + else + i=256; + m=(unsigned char *)Malloc((unsigned int)i+10); + if (m == NULL) + { + DSAerr(DSA_F_DSA_PRINT,ERR_R_MALLOC_FAILURE); + goto err; + } + + if (off) + { + if (off > 128) off=128; + memset(str,' ',off); + } + if (x->priv_key != NULL) + { + if (off && (BIO_write(bp,str,off) <= 0)) goto err; + if (BIO_printf(bp,"Private-Key: (%d bit)\n",BN_num_bits(x->p)) + <= 0) goto err; + } + + if ((x->priv_key != NULL) && !print(bp,"priv:",x->priv_key,m,off)) + goto err; + if ((x->pub_key != NULL) && !print(bp,"pub: ",x->pub_key,m,off)) + goto err; + if ((x->p != NULL) && !print(bp,"P: ",x->p,m,off)) goto err; + if ((x->q != NULL) && !print(bp,"Q: ",x->q,m,off)) goto err; + if ((x->g != NULL) && !print(bp,"G: ",x->g,m,off)) goto err; + ret=1; +err: + if (m != NULL) Free((char *)m); + return(ret); + } +#endif /* !NO_DSA */ + +static int print(bp,number,num,buf,off) +BIO *bp; +char *number; +BIGNUM *num; +unsigned char *buf; +int off; + { + int n,i; + char str[128],*neg; + + if (num == NULL) return(1); + neg=(num->neg)?"-":""; + if (off) + { + if (off > 128) off=128; + memset(str,' ',off); + if (BIO_write(bp,str,off) <= 0) return(0); + } + + if (BN_num_bytes(num) <= BN_BYTES) + { + if (BIO_printf(bp,"%s %s%lu (%s0x%lx)\n",number,neg, + (unsigned long)num->d[0],neg,(unsigned long)num->d[0]) + <= 0) return(0); + } + else + { + buf[0]=0; + if (BIO_printf(bp,"%s%s",number, + (neg[0] == '-')?" (Negative)":"") <= 0) + return(0); + n=BN_bn2bin(num,&buf[1]); + + if (buf[1] & 0x80) + n++; + else buf++; + + for (i=0; ip); + m=(unsigned char *)Malloc((unsigned int)i+10); + if (m == NULL) + { + reason=ERR_R_MALLOC_FAILURE; + goto err; + } + + if (BIO_printf(bp,"Diffie-Hellman-Parameters: (%d bit)\n", + BN_num_bits(x->p)) <= 0) + goto err; + if (!print(bp,"prime:",x->p,m,4)) goto err; + if (!print(bp,"generator:",x->g,m,4)) goto err; + if (x->length != 0) + { + if (BIO_printf(bp," recomented-private-length: %d bits\n", + (int)x->length) <= 0) goto err; + } + ret=1; + if (0) + { +err: + DHerr(DH_F_DHPARAMS_PRINT,reason); + } + if (m != NULL) Free((char *)m); + return(ret); + } +#endif + +#ifndef NO_DSA +#ifndef NO_FP_API +int DSAparams_print_fp(fp,x) +FILE *fp; +DSA *x; + { + BIO *b; + int ret; + + if ((b=BIO_new(BIO_s_file())) == NULL) + { + DSAerr(DSA_F_DSAPARAMS_PRINT_FP,ERR_R_BUF_LIB); + return(0); + } + BIO_set_fp(b,fp,BIO_NOCLOSE); + ret=DSAparams_print(b, x); + BIO_free(b); + return(ret); + } +#endif + +int DSAparams_print(bp,x) +BIO *bp; +DSA *x; + { + unsigned char *m=NULL; + int reason=ERR_R_BUF_LIB,i,ret=0; + + i=BN_num_bytes(x->p); + m=(unsigned char *)Malloc((unsigned int)i+10); + if (m == NULL) + { + reason=ERR_R_MALLOC_FAILURE; + goto err; + } + + if (BIO_printf(bp,"DSA-Parameters: (%d bit)\n", + BN_num_bits(x->p)) <= 0) + goto err; + if (!print(bp,"p:",x->p,m,4)) goto err; + if (!print(bp,"q:",x->q,m,4)) goto err; + if (!print(bp,"g:",x->g,m,4)) goto err; + ret=1; +err: + if (m != NULL) Free((char *)m); + DSAerr(DSA_F_DSAPARAMS_PRINT,reason); + return(ret); + } + +#endif /* !NO_DSA */ + diff --git a/src/lib/libcrypto/asn1/t_req.c b/src/lib/libcrypto/asn1/t_req.c new file mode 100644 index 0000000000..7df749a48f --- /dev/null +++ b/src/lib/libcrypto/asn1/t_req.c @@ -0,0 +1,226 @@ +/* crypto/asn1/t_req.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include +#include "cryptlib.h" +#include "buffer.h" +#include "bn.h" +#include "objects.h" +#include "x509.h" + +#ifndef NO_FP_API +int X509_REQ_print_fp(fp,x) +FILE *fp; +X509_REQ *x; + { + BIO *b; + int ret; + + if ((b=BIO_new(BIO_s_file())) == NULL) + { + X509err(X509_F_X509_REQ_PRINT_FP,ERR_R_BUF_LIB); + return(0); + } + BIO_set_fp(b,fp,BIO_NOCLOSE); + ret=X509_REQ_print(b, x); + BIO_free(b); + return(ret); + } +#endif + +int X509_REQ_print(bp,x) +BIO *bp; +X509_REQ *x; + { + unsigned long l; + int i,n; + char *s,*neg; + X509_REQ_INFO *ri; + EVP_PKEY *pkey; + STACK *sk; + char str[128]; + + ri=x->req_info; + sprintf(str,"Certificate Request:\n"); + if (BIO_puts(bp,str) <= 0) goto err; + sprintf(str,"%4sData:\n",""); + if (BIO_puts(bp,str) <= 0) goto err; + + neg=(ri->version->type == V_ASN1_NEG_INTEGER)?"-":""; + l=0; + for (i=0; iversion->length; i++) + { l<<=8; l+=ri->version->data[i]; } + sprintf(str,"%8sVersion: %s%lu (%s0x%lx)\n","",neg,l,neg,l); + if (BIO_puts(bp,str) <= 0) goto err; + sprintf(str,"%8sSubject: ",""); + if (BIO_puts(bp,str) <= 0) goto err; + + X509_NAME_print(bp,ri->subject,16); + sprintf(str,"\n%8sSubject Public Key Info:\n",""); + if (BIO_puts(bp,str) <= 0) goto err; + i=OBJ_obj2nid(ri->pubkey->algor->algorithm); + sprintf(str,"%12sPublic Key Algorithm: %s\n","", + (i == NID_undef)?"UNKNOWN":OBJ_nid2ln(i)); + if (BIO_puts(bp,str) <= 0) goto err; + + pkey=X509_REQ_get_pubkey(x); +#ifndef NO_RSA + if (pkey->type == EVP_PKEY_RSA) + { + BIO_printf(bp,"%12sRSA Public Key: (%d bit)\n","", + BN_num_bits(pkey->pkey.rsa->n)); + RSA_print(bp,pkey->pkey.rsa,16); + } + else +#endif +#ifndef NO_DSA + if (pkey->type == EVP_PKEY_DSA) + { + BIO_printf(bp,"%12sDSA Public Key:\n",""); + DSA_print(bp,pkey->pkey.dsa,16); + } + else +#endif + BIO_printf(bp,"%12sUnknown Public Key:\n",""); + + /* may not be */ + sprintf(str,"%8sAttributes:\n",""); + if (BIO_puts(bp,str) <= 0) goto err; + + sk=x->req_info->attributes; + if ((sk == NULL) || (sk_num(sk) == 0)) + { + if (!x->req_info->req_kludge) + { + sprintf(str,"%12sa0:00\n",""); + if (BIO_puts(bp,str) <= 0) goto err; + } + } + else + { + for (i=0; iobject)) > 0) + + if (a->set) + { + ii=0; + count=sk_num(a->value.set); +get_next: + at=(ASN1_TYPE *)sk_value(a->value.set,ii); + type=at->type; + bs=at->value.asn1_string; + } + else + { + t=a->value.single; + type=t->type; + bs=t->value.bit_string; + } + for (j=25-j; j>0; j--) + if (BIO_write(bp," ",1) != 1) goto err; + if (BIO_puts(bp,":") <= 0) goto err; + if ( (type == V_ASN1_PRINTABLESTRING) || + (type == V_ASN1_T61STRING) || + (type == V_ASN1_IA5STRING)) + { + if (BIO_write(bp,(char *)bs->data,bs->length) + != bs->length) + goto err; + BIO_puts(bp,"\n"); + } + else + { + BIO_puts(bp,"unable to print attribute\n"); + } + if (++ii < count) goto get_next; + } + } + + i=OBJ_obj2nid(x->sig_alg->algorithm); + sprintf(str,"%4sSignature Algorithm: %s","", + (i == NID_undef)?"UNKNOWN":OBJ_nid2ln(i)); + if (BIO_puts(bp,str) <= 0) goto err; + + n=x->signature->length; + s=(char *)x->signature->data; + for (i=0; i +#include "cryptlib.h" +#include "buffer.h" +#include "bn.h" +#ifndef NO_RSA +#include "rsa.h" +#endif +#ifndef NO_DSA +#include "dsa.h" +#endif +#include "objects.h" +#include "x509.h" + +#ifndef NO_FP_API +int X509_print_fp(fp,x) +FILE *fp; +X509 *x; + { + BIO *b; + int ret; + + if ((b=BIO_new(BIO_s_file())) == NULL) + { + X509err(X509_F_X509_PRINT_FP,ERR_R_BUF_LIB); + return(0); + } + BIO_set_fp(b,fp,BIO_NOCLOSE); + ret=X509_print(b, x); + BIO_free(b); + return(ret); + } +#endif + +int X509_print(bp,x) +BIO *bp; +X509 *x; + { + long l; + int ret=0,i,j,n; + char *m=NULL,*s; + X509_CINF *ci; + ASN1_INTEGER *bs; + EVP_PKEY *pkey=NULL; + char *neg; + X509_EXTENSION *ex; + ASN1_STRING *str=NULL; + + ci=x->cert_info; + if (BIO_write(bp,"Certificate:\n",13) <= 0) goto err; + if (BIO_write(bp," Data:\n",10) <= 0) goto err; + l=X509_get_version(x); + if (BIO_printf(bp,"%8sVersion: %lu (0x%lx)\n","",l+1,l) <= 0) goto err; + if (BIO_write(bp," Serial Number:",22) <= 0) goto err; + + bs=X509_get_serialNumber(x); + if (bs->length <= 4) + { + l=ASN1_INTEGER_get(bs); + if (l < 0) + { + l= -l; + neg="-"; + } + else + neg=""; + if (BIO_printf(bp," %s%lu (%s0x%lx)\n",neg,l,neg,l) <= 0) + goto err; + } + else + { + neg=(bs->type == V_ASN1_NEG_INTEGER)?" (Negative)":""; + if (BIO_printf(bp,"\n%12s%s","",neg) <= 0) goto err; + + for (i=0; ilength; i++) + { + if (BIO_printf(bp,"%02x%c",bs->data[i], + ((i+1 == bs->length)?'\n':':')) <= 0) + goto err; + } + } + + i=OBJ_obj2nid(ci->signature->algorithm); + if (BIO_printf(bp,"%8sSignature Algorithm: %s\n","", + (i == NID_undef)?"UNKNOWN":OBJ_nid2ln(i)) <= 0) + goto err; + + if (BIO_write(bp," Issuer: ",16) <= 0) goto err; + if (!X509_NAME_print(bp,X509_get_issuer_name(x),16)) goto err; + if (BIO_write(bp,"\n Validity\n",18) <= 0) goto err; + if (BIO_write(bp," Not Before: ",24) <= 0) goto err; + if (!ASN1_UTCTIME_print(bp,X509_get_notBefore(x))) goto err; + if (BIO_write(bp,"\n Not After : ",25) <= 0) goto err; + if (!ASN1_UTCTIME_print(bp,X509_get_notAfter(x))) goto err; + if (BIO_write(bp,"\n Subject: ",18) <= 0) goto err; + if (!X509_NAME_print(bp,X509_get_subject_name(x),16)) goto err; + if (BIO_write(bp,"\n Subject Public Key Info:\n",34) <= 0) + goto err; + i=OBJ_obj2nid(ci->key->algor->algorithm); + if (BIO_printf(bp,"%12sPublic Key Algorithm: %s\n","", + (i == NID_undef)?"UNKNOWN":OBJ_nid2ln(i)) <= 0) goto err; + + pkey=X509_get_pubkey(x); +#ifndef NO_RSA + if (pkey->type == EVP_PKEY_RSA) + { + BIO_printf(bp,"%12sRSA Public Key: (%d bit)\n","", + BN_num_bits(pkey->pkey.rsa->n)); + RSA_print(bp,pkey->pkey.rsa,16); + } + else +#endif +#ifndef NO_DSA + if (pkey->type == EVP_PKEY_DSA) + { + BIO_printf(bp,"%12sDSA Public Key:\n",""); + DSA_print(bp,pkey->pkey.dsa,16); + } + else +#endif + BIO_printf(bp,"%12sDSA Public Key:\n",""); + + n=X509_get_ext_count(x); + if (n > 0) + { + BIO_printf(bp,"%8sX509v3 extensions:\n",""); + for (i=0; idata, + str->length) <= 0) + goto err; + } + else if (data_type == V_ASN1_BIT_STRING) + { + BIO_printf(bp,"0x"); + for (j=0; jlength; j++) + { + BIO_printf(bp,"%02X", + str->data[j]); + } + } + } + else + { + ASN1_OCTET_STRING_print(bp,ex->value); + } + if (BIO_write(bp,"\n",1) <= 0) goto err; + } + } + + i=OBJ_obj2nid(x->sig_alg->algorithm); + if (BIO_printf(bp,"%4sSignature Algorithm: %s","", + (i == NID_undef)?"UNKNOWN":OBJ_nid2ln(i)) <= 0) goto err; + + n=x->signature->length; + s=(char *)x->signature->data; + for (i=0; idata; + for (i=0; ilength; i++) + { + if ((p[i] > '~') || ((p[i] < ' ') && + (p[i] != '\n') && (p[i] != '\r'))) + buf[n]='.'; + else + buf[n]=p[i]; + n++; + if (n >= 80) + { + if (BIO_write(bp,buf,n) <= 0) + return(0); + n=0; + } + } + if (n > 0) + if (BIO_write(bp,buf,n) <= 0) + return(0); + return(1); + } + +int ASN1_UTCTIME_print(bp,tm) +BIO *bp; +ASN1_UTCTIME *tm; + { + char *v; + int gmt=0; + static char *mon[12]={ + "Jan","Feb","Mar","Apr","May","Jun", + "Jul","Aug","Sep","Oct","Nov","Dec"}; + int i; + int y=0,M=0,d=0,h=0,m=0,s=0; + + i=tm->length; + v=(char *)tm->data; + + if (i < 10) goto err; + if (v[i-1] == 'Z') gmt=1; + for (i=0; i<10; i++) + if ((v[i] > '9') || (v[i] < '0')) goto err; + y= (v[0]-'0')*10+(v[1]-'0'); + if (y < 50) y+=100; + M= (v[2]-'0')*10+(v[3]-'0'); + if ((M > 12) || (M < 1)) goto err; + d= (v[4]-'0')*10+(v[5]-'0'); + h= (v[6]-'0')*10+(v[7]-'0'); + m= (v[8]-'0')*10+(v[9]-'0'); + if ( (v[10] >= '0') && (v[10] <= '9') && + (v[11] >= '0') && (v[11] <= '9')) + s= (v[10]-'0')*10+(v[11]-'0'); + + if (BIO_printf(bp,"%s %2d %02d:%02d:%02d %d%s", + mon[M-1],d,h,m,s,y+1900,(gmt)?" GMT":"") <= 0) + return(0); + else + return(1); +err: + BIO_write(bp,"Bad time value",14); + return(0); + } + +int X509_NAME_print(bp,name,obase) +BIO *bp; +X509_NAME *name; +int obase; + { + char *s,*c; + int ret=0,l,ll,i,first=1; + char buf[256]; + + ll=80-2-obase; + + s=X509_NAME_oneline(name,buf,256); + s++; /* skip the first slash */ + + l=ll; + c=s; + for (;;) + { + if ( ((*s == '/') && + ((s[1] >= 'A') && (s[1] <= 'Z') && ( + (s[2] == '=') || + ((s[2] >= 'A') && (s[2] <= 'Z') && + (s[3] == '=')) + ))) || + (*s == '\0')) + { + if ((l <= 0) && !first) + { + first=0; + if (BIO_write(bp,"\n",1) != 1) goto err; + for (i=0; i +#include "cryptlib.h" +#include "asn1_mac.h" + +/* + * ASN1err(ASN1_F_D2I_X509_ALGOR,ASN1_R_LENGTH_MISMATCH); + * ASN1err(ASN1_F_X509_ALGOR_NEW,ASN1_R_EXPECTING_A_SEQUENCE); + * ASN1err(ASN1_F_D2I_X509_ALGOR,ASN1_R_LENGTH_MISMATCH); + */ + +int i2d_X509_ALGOR(a,pp) +X509_ALGOR *a; +unsigned char **pp; + { + M_ASN1_I2D_vars(a); + + M_ASN1_I2D_len(a->algorithm,i2d_ASN1_OBJECT); + if (a->parameter != NULL) + { M_ASN1_I2D_len(a->parameter,i2d_ASN1_TYPE); } + + M_ASN1_I2D_seq_total(); + M_ASN1_I2D_put(a->algorithm,i2d_ASN1_OBJECT); + if (a->parameter != NULL) + { M_ASN1_I2D_put(a->parameter,i2d_ASN1_TYPE); } + + M_ASN1_I2D_finish(); + } + +X509_ALGOR *d2i_X509_ALGOR(a,pp,length) +X509_ALGOR **a; +unsigned char **pp; +long length; + { + M_ASN1_D2I_vars(a,X509_ALGOR *,X509_ALGOR_new); + + M_ASN1_D2I_Init(); + M_ASN1_D2I_start_sequence(); + M_ASN1_D2I_get(ret->algorithm,d2i_ASN1_OBJECT); + if (!M_ASN1_D2I_end_sequence()) + { M_ASN1_D2I_get(ret->parameter,d2i_ASN1_TYPE); } + else + { + ASN1_TYPE_free(ret->parameter); + ret->parameter=NULL; + } + M_ASN1_D2I_Finish(a,X509_ALGOR_free,ASN1_F_D2I_X509_ALGOR); + } + +X509_ALGOR *X509_ALGOR_new() + { + X509_ALGOR *ret=NULL; + + M_ASN1_New_Malloc(ret,X509_ALGOR); + M_ASN1_New(ret->algorithm,ASN1_OBJECT_new); + ret->parameter=NULL; + return(ret); + M_ASN1_New_Error(ASN1_F_X509_ALGOR_NEW); + } + +void X509_ALGOR_free(a) +X509_ALGOR *a; + { + if (a == NULL) return; + ASN1_OBJECT_free(a->algorithm); + ASN1_TYPE_free(a->parameter); + Free((char *)a); + } + diff --git a/src/lib/libcrypto/asn1/x_attrib.c b/src/lib/libcrypto/asn1/x_attrib.c new file mode 100644 index 0000000000..e52ced8627 --- /dev/null +++ b/src/lib/libcrypto/asn1/x_attrib.c @@ -0,0 +1,152 @@ +/* crypto/asn1/x_attrib.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include +#include "cryptlib.h" +#include "objects.h" +#include "asn1_mac.h" + +/* + * ASN1err(ASN1_F_D2I_X509_ATTRIBUTE,ASN1_R_LENGTH_MISMATCH); + * ASN1err(ASN1_F_X509_ATTRIBUTE_NEW,ASN1_R_UNKNOWN_ATTRIBUTE_TYPE); + * ASN1err(ASN1_F_I2D_X509_ATTRIBUTE,ASN1_R_UNKNOWN_ATTRIBUTE_TYPE); + */ + +/* sequence */ +int i2d_X509_ATTRIBUTE(a,pp) +X509_ATTRIBUTE *a; +unsigned char **pp; + { + int k=0; + int r=0,ret=0; + unsigned char **p=NULL; + + if (a == NULL) return(0); + + p=NULL; + for (;;) + { + if (k) + { + r=ASN1_object_size(1,ret,V_ASN1_SEQUENCE); + if (pp == NULL) return(r); + p=pp; + ASN1_put_object(p,1,ret,V_ASN1_SEQUENCE, + V_ASN1_UNIVERSAL); + } + + ret+=i2d_ASN1_OBJECT(a->object,p); + if (a->set) + ret+=i2d_ASN1_SET(a->value.set,p,i2d_ASN1_TYPE, + V_ASN1_SET,V_ASN1_UNIVERSAL); + else + ret+=i2d_ASN1_TYPE(a->value.single,p); + if (k++) return(r); + } + } + +X509_ATTRIBUTE *d2i_X509_ATTRIBUTE(a,pp,length) +X509_ATTRIBUTE **a; +unsigned char **pp; +long length; + { + M_ASN1_D2I_vars(a,X509_ATTRIBUTE *,X509_ATTRIBUTE_new); + + M_ASN1_D2I_Init(); + M_ASN1_D2I_start_sequence(); + M_ASN1_D2I_get(ret->object,d2i_ASN1_OBJECT); + + if ((c.slen != 0) && + (M_ASN1_next == (V_ASN1_CONSTRUCTED|V_ASN1_UNIVERSAL|V_ASN1_SET))) + { + ret->set=1; + M_ASN1_D2I_get_set(ret->value.set,d2i_ASN1_TYPE); + } + else + { + ret->set=0; + M_ASN1_D2I_get(ret->value.single,d2i_ASN1_TYPE); + } + + M_ASN1_D2I_Finish(a,X509_ATTRIBUTE_free,ASN1_F_D2I_X509_ATTRIBUTE); + } + +X509_ATTRIBUTE *X509_ATTRIBUTE_new() + { + X509_ATTRIBUTE *ret=NULL; + + M_ASN1_New_Malloc(ret,X509_ATTRIBUTE); + M_ASN1_New(ret->object,ASN1_OBJECT_new); + ret->set=0; + ret->value.ptr=NULL; + return(ret); + M_ASN1_New_Error(ASN1_F_X509_ATTRIBUTE_NEW); + } + +void X509_ATTRIBUTE_free(a) +X509_ATTRIBUTE *a; + { + if (a == NULL) return; + ASN1_OBJECT_free(a->object); + if (a->set) + sk_pop_free(a->value.set,ASN1_TYPE_free); + else + ASN1_TYPE_free(a->value.single); + Free((char *)a); + } + diff --git a/src/lib/libcrypto/asn1/x_crl.c b/src/lib/libcrypto/asn1/x_crl.c new file mode 100644 index 0000000000..13acdab427 --- /dev/null +++ b/src/lib/libcrypto/asn1/x_crl.c @@ -0,0 +1,353 @@ +/* crypto/asn1/x_crl.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include +#include "cryptlib.h" +#include "asn1_mac.h" +#include "x509.h" + +/* + * ASN1err(ASN1_F_D2I_X509_CRL,ASN1_R_LENGTH_MISMATCH); + * ASN1err(ASN1_F_D2I_X509_CRL_INFO,ASN1_R_EXPECTING_A_SEQUENCE); + * ASN1err(ASN1_F_D2I_X509_REVOKED,ASN1_R_LENGTH_MISMATCH); + * ASN1err(ASN1_F_X509_CRL_NEW,ASN1_R_LENGTH_MISMATCH); + * ASN1err(ASN1_F_X509_CRL_INFO_NEW,ASN1_R_EXPECTING_A_SEQUENCE); + * ASN1err(ASN1_F_X509_REVOKED_NEW,ASN1_R_LENGTH_MISMATCH); + */ + +#ifndef NOPROTO +static int X509_REVOKED_cmp(X509_REVOKED **a,X509_REVOKED **b); +static int X509_REVOKED_seq_cmp(X509_REVOKED **a,X509_REVOKED **b); +#else +static int X509_REVOKED_cmp(); +static int X509_REVOKED_seq_cmp(); +#endif + +int i2d_X509_REVOKED(a,pp) +X509_REVOKED *a; +unsigned char **pp; + { + M_ASN1_I2D_vars(a); + + M_ASN1_I2D_len(a->serialNumber,i2d_ASN1_INTEGER); + M_ASN1_I2D_len(a->revocationDate,i2d_ASN1_UTCTIME); + M_ASN1_I2D_len_SEQ_opt(a->extensions,i2d_X509_EXTENSION); + + M_ASN1_I2D_seq_total(); + + M_ASN1_I2D_put(a->serialNumber,i2d_ASN1_INTEGER); + M_ASN1_I2D_put(a->revocationDate,i2d_ASN1_UTCTIME); + M_ASN1_I2D_put_SEQ_opt(a->extensions,i2d_X509_EXTENSION); + + M_ASN1_I2D_finish(); + } + +X509_REVOKED *d2i_X509_REVOKED(a,pp,length) +X509_REVOKED **a; +unsigned char **pp; +long length; + { + M_ASN1_D2I_vars(a,X509_REVOKED *,X509_REVOKED_new); + + M_ASN1_D2I_Init(); + M_ASN1_D2I_start_sequence(); + M_ASN1_D2I_get(ret->serialNumber,d2i_ASN1_INTEGER); + M_ASN1_D2I_get(ret->revocationDate,d2i_ASN1_UTCTIME); + M_ASN1_D2I_get_seq_opt(ret->extensions,d2i_X509_EXTENSION); + M_ASN1_D2I_Finish(a,X509_REVOKED_free,ASN1_F_D2I_X509_REVOKED); + } + +int i2d_X509_CRL_INFO(a,pp) +X509_CRL_INFO *a; +unsigned char **pp; + { + int v1=0; + long l=0; + M_ASN1_I2D_vars(a); + + if (sk_num(a->revoked) != 0) + qsort((char *)a->revoked->data,sk_num(a->revoked), + sizeof(X509_REVOKED *),(int (*)(P_CC_CC))X509_REVOKED_seq_cmp); + if ((a->version != NULL) && ((l=ASN1_INTEGER_get(a->version)) != 0)) + { + M_ASN1_I2D_len(a->version,i2d_ASN1_INTEGER); + } + M_ASN1_I2D_len(a->sig_alg,i2d_X509_ALGOR); + M_ASN1_I2D_len(a->issuer,i2d_X509_NAME); + M_ASN1_I2D_len(a->lastUpdate,i2d_ASN1_UTCTIME); + if (a->nextUpdate != NULL) + { M_ASN1_I2D_len(a->nextUpdate,i2d_ASN1_UTCTIME); } + M_ASN1_I2D_len_SEQ_opt(a->revoked,i2d_X509_REVOKED); + M_ASN1_I2D_len_EXP_set_opt(a->extensions,i2d_X509_EXTENSION,0, + V_ASN1_SEQUENCE,v1); + + M_ASN1_I2D_seq_total(); + + if ((a->version != NULL) && (l != 0)) + { + M_ASN1_I2D_put(a->version,i2d_ASN1_INTEGER); + } + M_ASN1_I2D_put(a->sig_alg,i2d_X509_ALGOR); + M_ASN1_I2D_put(a->issuer,i2d_X509_NAME); + M_ASN1_I2D_put(a->lastUpdate,i2d_ASN1_UTCTIME); + if (a->nextUpdate != NULL) + { M_ASN1_I2D_put(a->nextUpdate,i2d_ASN1_UTCTIME); } + M_ASN1_I2D_put_SEQ_opt(a->revoked,i2d_X509_REVOKED); + M_ASN1_I2D_put_EXP_set_opt(a->extensions,i2d_X509_EXTENSION,0, + V_ASN1_SEQUENCE,v1); + + M_ASN1_I2D_finish(); + } + +X509_CRL_INFO *d2i_X509_CRL_INFO(a,pp,length) +X509_CRL_INFO **a; +unsigned char **pp; +long length; + { + int i,ver=0; + M_ASN1_D2I_vars(a,X509_CRL_INFO *,X509_CRL_INFO_new); + + + M_ASN1_D2I_Init(); + M_ASN1_D2I_start_sequence(); + M_ASN1_D2I_get_opt(ret->version,d2i_ASN1_INTEGER,V_ASN1_INTEGER); + if (ret->version != NULL) + ver=ret->version->data[0]; + + if ((ver == 0) && (ret->version != NULL)) + { + ASN1_INTEGER_free(ret->version); + ret->version=NULL; + } + M_ASN1_D2I_get(ret->sig_alg,d2i_X509_ALGOR); + M_ASN1_D2I_get(ret->issuer,d2i_X509_NAME); + M_ASN1_D2I_get(ret->lastUpdate,d2i_ASN1_UTCTIME); + M_ASN1_D2I_get_opt(ret->nextUpdate,d2i_ASN1_UTCTIME,V_ASN1_UTCTIME); + if (ret->revoked != NULL) + { + while (sk_num(ret->revoked)) + X509_REVOKED_free((X509_REVOKED *)sk_pop(ret->revoked)); + } + M_ASN1_D2I_get_seq_opt(ret->revoked,d2i_X509_REVOKED); + + if (ret->revoked != NULL) + { + for (i=0; irevoked); i++) + { + ((X509_REVOKED *)sk_value(ret->revoked,i))->sequence=i; + } + } + + if (ver >= 1) + { + if (ret->extensions != NULL) + { + while (sk_num(ret->extensions)) + X509_EXTENSION_free((X509_EXTENSION *) + sk_pop(ret->extensions)); + } + + M_ASN1_D2I_get_EXP_set_opt(ret->extensions,d2i_X509_EXTENSION, + 0,V_ASN1_SEQUENCE); + } + + M_ASN1_D2I_Finish(a,X509_CRL_INFO_free,ASN1_F_D2I_X509_CRL_INFO); + } + +int i2d_X509_CRL(a,pp) +X509_CRL *a; +unsigned char **pp; + { + M_ASN1_I2D_vars(a); + + M_ASN1_I2D_len(a->crl,i2d_X509_CRL_INFO); + M_ASN1_I2D_len(a->sig_alg,i2d_X509_ALGOR); + M_ASN1_I2D_len(a->signature,i2d_ASN1_BIT_STRING); + + M_ASN1_I2D_seq_total(); + + M_ASN1_I2D_put(a->crl,i2d_X509_CRL_INFO); + M_ASN1_I2D_put(a->sig_alg,i2d_X509_ALGOR); + M_ASN1_I2D_put(a->signature,i2d_ASN1_BIT_STRING); + + M_ASN1_I2D_finish(); + } + +X509_CRL *d2i_X509_CRL(a,pp,length) +X509_CRL **a; +unsigned char **pp; +long length; + { + M_ASN1_D2I_vars(a,X509_CRL *,X509_CRL_new); + + M_ASN1_D2I_Init(); + M_ASN1_D2I_start_sequence(); + M_ASN1_D2I_get(ret->crl,d2i_X509_CRL_INFO); + M_ASN1_D2I_get(ret->sig_alg,d2i_X509_ALGOR); + M_ASN1_D2I_get(ret->signature,d2i_ASN1_BIT_STRING); + + M_ASN1_D2I_Finish(a,X509_CRL_free,ASN1_F_D2I_X509_CRL); + } + + +X509_REVOKED *X509_REVOKED_new() + { + X509_REVOKED *ret=NULL; + + M_ASN1_New_Malloc(ret,X509_REVOKED); + M_ASN1_New(ret->serialNumber,ASN1_INTEGER_new); + M_ASN1_New(ret->revocationDate,ASN1_UTCTIME_new); + ret->extensions=NULL; + return(ret); + M_ASN1_New_Error(ASN1_F_X509_REVOKED_NEW); + } + +X509_CRL_INFO *X509_CRL_INFO_new() + { + X509_CRL_INFO *ret=NULL; + + M_ASN1_New_Malloc(ret,X509_CRL_INFO); + ret->version=NULL; + M_ASN1_New(ret->sig_alg,X509_ALGOR_new); + M_ASN1_New(ret->issuer,X509_NAME_new); + M_ASN1_New(ret->lastUpdate,ASN1_UTCTIME_new); + ret->nextUpdate=NULL; + M_ASN1_New(ret->revoked,sk_new_null); + M_ASN1_New(ret->extensions,sk_new_null); + ret->revoked->comp=(int (*)())X509_REVOKED_cmp; + return(ret); + M_ASN1_New_Error(ASN1_F_X509_CRL_INFO_NEW); + } + +X509_CRL *X509_CRL_new() + { + X509_CRL *ret=NULL; + + M_ASN1_New_Malloc(ret,X509_CRL); + ret->references=1; + M_ASN1_New(ret->crl,X509_CRL_INFO_new); + M_ASN1_New(ret->sig_alg,X509_ALGOR_new); + M_ASN1_New(ret->signature,ASN1_BIT_STRING_new); + return(ret); + M_ASN1_New_Error(ASN1_F_X509_CRL_NEW); + } + +void X509_REVOKED_free(a) +X509_REVOKED *a; + { + if (a == NULL) return; + ASN1_INTEGER_free(a->serialNumber); + ASN1_UTCTIME_free(a->revocationDate); + sk_pop_free(a->extensions,X509_EXTENSION_free); + Free((char *)a); + } + +void X509_CRL_INFO_free(a) +X509_CRL_INFO *a; + { + if (a == NULL) return; + ASN1_INTEGER_free(a->version); + X509_ALGOR_free(a->sig_alg); + X509_NAME_free(a->issuer); + ASN1_UTCTIME_free(a->lastUpdate); + if (a->nextUpdate) + ASN1_UTCTIME_free(a->nextUpdate); + sk_pop_free(a->revoked,X509_REVOKED_free); + sk_pop_free(a->extensions,X509_EXTENSION_free); + Free((char *)a); + } + +void X509_CRL_free(a) +X509_CRL *a; + { + int i; + + if (a == NULL) return; + + i=CRYPTO_add(&a->references,-1,CRYPTO_LOCK_X509_CRL); +#ifdef REF_PRINT + REF_PRINT("X509_CRL",a); +#endif + if (i > 0) return; +#ifdef REF_CHECK + if (i < 0) + { + fprintf(stderr,"X509_CRL_free, bad reference count\n"); + abort(); + } +#endif + + X509_CRL_INFO_free(a->crl); + X509_ALGOR_free(a->sig_alg); + ASN1_BIT_STRING_free(a->signature); + Free((char *)a); + } + +static int X509_REVOKED_cmp(a,b) +X509_REVOKED **a,**b; + { + return(ASN1_STRING_cmp( + (ASN1_STRING *)(*a)->serialNumber, + (ASN1_STRING *)(*b)->serialNumber)); + } + +static int X509_REVOKED_seq_cmp(a,b) +X509_REVOKED **a,**b; + { + return((*a)->sequence-(*b)->sequence); + } diff --git a/src/lib/libcrypto/asn1/x_exten.c b/src/lib/libcrypto/asn1/x_exten.c new file mode 100644 index 0000000000..54ffe2f00b --- /dev/null +++ b/src/lib/libcrypto/asn1/x_exten.c @@ -0,0 +1,156 @@ +/* crypto/asn1/x_exten.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include +#include "cryptlib.h" +#include "objects.h" +#include "asn1_mac.h" + +/* + * ASN1err(ASN1_F_D2I_X509_EXTENSION,ASN1_R_LENGTH_MISMATCH); + * ASN1err(ASN1_F_X509_EXTENSION_NEW,ASN1_R_LENGTH_MISMATCH); + */ + +int i2d_X509_EXTENSION(a,pp) +X509_EXTENSION *a; +unsigned char **pp; + { + int k=0; + int r=0,ret=0; + unsigned char **p=NULL; + + if (a == NULL) return(0); + + p=NULL; + for (;;) + { + if (k) + { + r=ASN1_object_size(1,ret,V_ASN1_SEQUENCE); + if (pp == NULL) return(r); + p=pp; + ASN1_put_object(p,1,ret,V_ASN1_SEQUENCE, + V_ASN1_UNIVERSAL); + } + + ret+=i2d_ASN1_OBJECT(a->object,p); + if ((a->critical) || a->netscape_hack) + ret+=i2d_ASN1_BOOLEAN(a->critical,p); + ret+=i2d_ASN1_OCTET_STRING(a->value,p); + if (k++) return(r); + } + } + +X509_EXTENSION *d2i_X509_EXTENSION(a,pp,length) +X509_EXTENSION **a; +unsigned char **pp; +long length; + { + int i; + M_ASN1_D2I_vars(a,X509_EXTENSION *,X509_EXTENSION_new); + + M_ASN1_D2I_Init(); + M_ASN1_D2I_start_sequence(); + M_ASN1_D2I_get(ret->object,d2i_ASN1_OBJECT); + + if ((ret->argp != NULL) && (ret->ex_free != NULL)) + ret->ex_free(ret); + ret->argl=0; + ret->argp=NULL; + ret->netscape_hack=0; + if ((c.slen != 0) && + (M_ASN1_next == (V_ASN1_UNIVERSAL|V_ASN1_BOOLEAN))) + { + c.q=c.p; + if (d2i_ASN1_BOOLEAN(&i,&c.p,c.slen) < 0) goto err; + ret->critical=i; + c.slen-=(c.p-c.q); + if (ret->critical == 0) ret->netscape_hack=1; + } + M_ASN1_D2I_get(ret->value,d2i_ASN1_OCTET_STRING); + + M_ASN1_D2I_Finish(a,X509_EXTENSION_free,ASN1_F_D2I_X509_EXTENSION); + } + +X509_EXTENSION *X509_EXTENSION_new() + { + X509_EXTENSION *ret=NULL; + + M_ASN1_New_Malloc(ret,X509_EXTENSION); + M_ASN1_New(ret->object,ASN1_OBJECT_new); + M_ASN1_New(ret->value,ASN1_OCTET_STRING_new); + ret->critical=0; + ret->netscape_hack=0; + ret->argl=0L; + ret->argp=NULL; + ret->ex_free=NULL; + return(ret); + M_ASN1_New_Error(ASN1_F_X509_EXTENSION_NEW); + } + +void X509_EXTENSION_free(a) +X509_EXTENSION *a; + { + if (a == NULL) return; + if ((a->argp != NULL) && (a->ex_free != NULL)) + a->ex_free(a); + ASN1_OBJECT_free(a->object); + ASN1_OCTET_STRING_free(a->value); + Free((char *)a); + } + diff --git a/src/lib/libcrypto/asn1/x_info.c b/src/lib/libcrypto/asn1/x_info.c new file mode 100644 index 0000000000..b55f0ce77a --- /dev/null +++ b/src/lib/libcrypto/asn1/x_info.c @@ -0,0 +1,111 @@ +/* crypto/asn1/x_info.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include +#include "cryptlib.h" +#include "evp.h" +#include "asn1_mac.h" +#include "x509.h" + +X509_INFO *X509_INFO_new() + { + X509_INFO *ret=NULL; + + ret=(X509_INFO *)Malloc(sizeof(X509_INFO)); + if (ret == NULL) + { + ASN1err(ASN1_F_X509_INFO_NEW,ERR_R_MALLOC_FAILURE); + return(NULL); + } + + ret->enc_cipher.cipher=NULL; + ret->enc_len=0; + ret->enc_data=NULL; + + ret->references=1; + ret->x509=NULL; + ret->crl=NULL; + ret->x_pkey=NULL; + return(ret); + } + +void X509_INFO_free(x) +X509_INFO *x; + { + int i; + + if (x == NULL) return; + + i=CRYPTO_add(&x->references,-1,CRYPTO_LOCK_X509_INFO); +#ifdef REF_PRINT + REF_PRINT("X509_INFO",x); +#endif + if (i > 0) return; +#ifdef REF_CHECK + if (i < 0) + { + fprintf(stderr,"X509_INFO_free, bad reference count\n"); + abort(); + } +#endif + + if (x->x509 != NULL) X509_free(x->x509); + if (x->crl != NULL) X509_CRL_free(x->crl); + if (x->x_pkey != NULL) X509_PKEY_free(x->x_pkey); + Free((char *)x); + } diff --git a/src/lib/libcrypto/asn1/x_name.c b/src/lib/libcrypto/asn1/x_name.c new file mode 100644 index 0000000000..28b9c34b58 --- /dev/null +++ b/src/lib/libcrypto/asn1/x_name.c @@ -0,0 +1,295 @@ +/* crypto/asn1/x_name.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include +#include "cryptlib.h" +#include "objects.h" +#include "asn1_mac.h" + +/* + * ASN1err(ASN1_F_D2I_X509_NAME,ASN1_R_LENGTH_MISMATCH); + * ASN1err(ASN1_F_X509_NAME_NEW,ASN1_R_UNKNOWN_ATTRIBUTE_TYPE); + * ASN1err(ASN1_F_D2I_X509_NAME_ENTRY,ASN1_R_LENGTH_MISMATCH); + * ASN1err(ASN1_F_X509_NAME_ENTRY_NEW,ASN1_R_UNKNOWN_ATTRIBUTE_TYPE); + */ + +#ifndef NOPROTO +static int i2d_X509_NAME_entries(X509_NAME *a); +#else +static int i2d_X509_NAME_entries(); +#endif + +int i2d_X509_NAME_ENTRY(a,pp) +X509_NAME_ENTRY *a; +unsigned char **pp; + { + M_ASN1_I2D_vars(a); + + M_ASN1_I2D_len(a->object,i2d_ASN1_OBJECT); + M_ASN1_I2D_len(a->value,i2d_ASN1_PRINTABLE); + + M_ASN1_I2D_seq_total(); + + M_ASN1_I2D_put(a->object,i2d_ASN1_OBJECT); + M_ASN1_I2D_put(a->value,i2d_ASN1_PRINTABLE); + + M_ASN1_I2D_finish(); + } + +X509_NAME_ENTRY *d2i_X509_NAME_ENTRY(a,pp,length) +X509_NAME_ENTRY **a; +unsigned char **pp; +long length; + { + M_ASN1_D2I_vars(a,X509_NAME_ENTRY *,X509_NAME_ENTRY_new); + + M_ASN1_D2I_Init(); + M_ASN1_D2I_start_sequence(); + M_ASN1_D2I_get(ret->object,d2i_ASN1_OBJECT); + M_ASN1_D2I_get(ret->value,d2i_ASN1_PRINTABLE); + ret->set=0; + M_ASN1_D2I_Finish(a,X509_NAME_ENTRY_free,ASN1_F_D2I_X509_NAME_ENTRY); + } + +int i2d_X509_NAME(a,pp) +X509_NAME *a; +unsigned char **pp; + { + int ret; + + if (a == NULL) return(0); + if (a->modified) + { + ret=i2d_X509_NAME_entries(a); + if (ret < 0) return(ret); + } + + ret=a->bytes->length; + if (pp != NULL) + { + memcpy(*pp,a->bytes->data,ret); + *pp+=ret; + } + return(ret); + } + +static int i2d_X509_NAME_entries(a) +X509_NAME *a; + { + X509_NAME_ENTRY *ne,*fe=NULL; + STACK *sk; + BUF_MEM *buf=NULL; + int set=0,r,ret=0; + int i; + unsigned char *p; + int size=0; + + sk=a->entries; + for (i=0; iset != set) + { + ret+=ASN1_object_size(1,size,V_ASN1_SET); + fe->size=size; + fe=ne; + size=0; + set=ne->set; + } + size+=i2d_X509_NAME_ENTRY(ne,NULL); + } + + ret+=ASN1_object_size(1,size,V_ASN1_SET); + if (fe != NULL) + fe->size=size; + + r=ASN1_object_size(1,ret,V_ASN1_SEQUENCE); + + buf=a->bytes; + if (!BUF_MEM_grow(buf,r)) goto err; + p=(unsigned char *)buf->data; + + ASN1_put_object(&p,1,ret,V_ASN1_SEQUENCE,V_ASN1_UNIVERSAL); + + set= -1; + for (i=0; iset) + { + set=ne->set; + ASN1_put_object(&p,1,ne->size, + V_ASN1_SET,V_ASN1_UNIVERSAL); + } + i2d_X509_NAME_ENTRY(ne,&p); + } + a->modified=0; + return(r); +err: + return(-1); + } + +X509_NAME *d2i_X509_NAME(a,pp,length) +X509_NAME **a; +unsigned char **pp; +long length; + { + int set=0,i; + int idx=0; + unsigned char *orig; + M_ASN1_D2I_vars(a,X509_NAME *,X509_NAME_new); + + orig= *pp; + if (sk_num(ret->entries) > 0) + { + while (sk_num(ret->entries) > 0) + X509_NAME_ENTRY_free((X509_NAME_ENTRY *) + sk_pop(ret->entries)); + } + + M_ASN1_D2I_Init(); + M_ASN1_D2I_start_sequence(); + for (;;) + { + if (M_ASN1_D2I_end_sequence()) break; + M_ASN1_D2I_get_set(ret->entries,d2i_X509_NAME_ENTRY); + for (; idx < sk_num(ret->entries); idx++) + { + ((X509_NAME_ENTRY *)sk_value(ret->entries,idx))->set= + set; + } + set++; + } + + i=(int)(c.p-orig); + if (!BUF_MEM_grow(ret->bytes,i)) goto err; + memcpy(ret->bytes->data,orig,i); + ret->bytes->length=i; + ret->modified=0; + + M_ASN1_D2I_Finish(a,X509_NAME_free,ASN1_F_D2I_X509_NAME); + } + +X509_NAME *X509_NAME_new() + { + X509_NAME *ret=NULL; + + M_ASN1_New_Malloc(ret,X509_NAME); + if ((ret->entries=sk_new(NULL)) == NULL) goto err2; + M_ASN1_New(ret->bytes,BUF_MEM_new); + ret->modified=1; + return(ret); + M_ASN1_New_Error(ASN1_F_X509_NAME_NEW); + } + +X509_NAME_ENTRY *X509_NAME_ENTRY_new() + { + X509_NAME_ENTRY *ret=NULL; + + M_ASN1_New_Malloc(ret,X509_NAME_ENTRY); +/* M_ASN1_New(ret->object,ASN1_OBJECT_new);*/ + ret->object=NULL; + ret->set=0; + M_ASN1_New(ret->value,ASN1_STRING_new); + return(ret); + M_ASN1_New_Error(ASN1_F_X509_NAME_ENTRY_NEW); + } + +void X509_NAME_free(a) +X509_NAME *a; + { + BUF_MEM_free(a->bytes); + sk_pop_free(a->entries,X509_NAME_ENTRY_free); + Free((char *)a); + } + +void X509_NAME_ENTRY_free(a) +X509_NAME_ENTRY *a; + { + if (a == NULL) return; + ASN1_OBJECT_free(a->object); + ASN1_BIT_STRING_free(a->value); + Free((char *)a); + } + +int X509_NAME_set(xn,name) +X509_NAME **xn; +X509_NAME *name; + { + X509_NAME *in; + + if (*xn == NULL) return(0); + + if (*xn != name) + { + in=X509_NAME_dup(name); + if (in != NULL) + { + X509_NAME_free(*xn); + *xn=in; + } + } + return(*xn != NULL); + } + diff --git a/src/lib/libcrypto/asn1/x_pkey.c b/src/lib/libcrypto/asn1/x_pkey.c new file mode 100644 index 0000000000..1d4d926129 --- /dev/null +++ b/src/lib/libcrypto/asn1/x_pkey.c @@ -0,0 +1,156 @@ +/* crypto/asn1/x_pkey.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include +#include "cryptlib.h" +#include "evp.h" +#include "objects.h" +#include "asn1_mac.h" + +/* ASN1err(ASN1_F_D2I_X509_PKEY,ASN1_R_UNSUPPORTED_CIPHER); */ +/* ASN1err(ASN1_F_X509_PKEY_NEW,ASN1_R_IV_TOO_LARGE); */ + +/* need to implement */ +int i2d_X509_PKEY(a,pp) +X509_PKEY *a; +unsigned char **pp; + { + return(0); + } + +X509_PKEY *d2i_X509_PKEY(a,pp,length) +X509_PKEY **a; +unsigned char **pp; +long length; + { + int i; + M_ASN1_D2I_vars(a,X509_PKEY *,X509_PKEY_new); + + M_ASN1_D2I_Init(); + M_ASN1_D2I_start_sequence(); + M_ASN1_D2I_get(ret->enc_algor,d2i_X509_ALGOR); + M_ASN1_D2I_get(ret->enc_pkey,d2i_ASN1_OCTET_STRING); + + ret->cipher.cipher=EVP_get_cipherbyname( + OBJ_nid2ln(OBJ_obj2nid(ret->enc_algor->algorithm))); + if (ret->cipher.cipher == NULL) + { + c.error=ASN1_R_UNSUPPORTED_CIPHER; + goto err; + } + if (ret->enc_algor->parameter->type == V_ASN1_OCTET_STRING) + { + i=ret->enc_algor->parameter->value.octet_string->length; + if (i > EVP_MAX_IV_LENGTH) + { + c.error=ASN1_R_IV_TOO_LARGE; + goto err; + } + memcpy(ret->cipher.iv, + ret->enc_algor->parameter->value.octet_string->data,i); + } + else + memset(ret->cipher.iv,0,EVP_MAX_IV_LENGTH); + M_ASN1_D2I_Finish(a,X509_PKEY_free,ASN1_F_D2I_X509_PKEY); + } + +X509_PKEY *X509_PKEY_new() + { + X509_PKEY *ret=NULL; + + M_ASN1_New_Malloc(ret,X509_PKEY); + ret->version=0; + M_ASN1_New(ret->enc_algor,X509_ALGOR_new); + M_ASN1_New(ret->enc_pkey,ASN1_OCTET_STRING_new); + ret->dec_pkey=NULL; + ret->key_length=0; + ret->key_data=NULL; + ret->key_free=0; + ret->cipher.cipher=NULL; + memset(ret->cipher.iv,0,EVP_MAX_IV_LENGTH); + ret->references=1; + return(ret); + M_ASN1_New_Error(ASN1_F_X509_PKEY_NEW); + } + +void X509_PKEY_free(x) +X509_PKEY *x; + { + int i; + + if (x == NULL) return; + + i=CRYPTO_add(&x->references,-1,CRYPTO_LOCK_X509_PKEY); +#ifdef REF_PRINT + REF_PRINT("X509_PKEY",x); +#endif + if (i > 0) return; +#ifdef REF_CHECK + if (i < 0) + { + fprintf(stderr,"X509_PKEY_free, bad reference count\n"); + abort(); + } +#endif + + if (x->enc_algor != NULL) X509_ALGOR_free(x->enc_algor); + if (x->enc_pkey != NULL) ASN1_OCTET_STRING_free(x->enc_pkey); + if (x->dec_pkey != NULL)EVP_PKEY_free(x->dec_pkey); + if ((x->key_data != NULL) && (x->key_free)) Free((char *)x->key_data); + Free((char *)(char *)x); + } diff --git a/src/lib/libcrypto/asn1/x_pubkey.c b/src/lib/libcrypto/asn1/x_pubkey.c new file mode 100644 index 0000000000..a309cf74a7 --- /dev/null +++ b/src/lib/libcrypto/asn1/x_pubkey.c @@ -0,0 +1,256 @@ +/* crypto/asn1/x_pubkey.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include +#include "cryptlib.h" +#include "asn1_mac.h" + +/* + * ASN1err(ASN1_F_D2I_X509_PUBKEY,ASN1_R_LENGTH_MISMATCH); + * ASN1err(ASN1_F_X509_PUBKEY_NEW,ASN1_R_LENGTH_MISMATCH); + */ + +int i2d_X509_PUBKEY(a,pp) +X509_PUBKEY *a; +unsigned char **pp; + { + M_ASN1_I2D_vars(a); + + M_ASN1_I2D_len(a->algor, i2d_X509_ALGOR); + M_ASN1_I2D_len(a->public_key, i2d_ASN1_BIT_STRING); + + M_ASN1_I2D_seq_total(); + + M_ASN1_I2D_put(a->algor, i2d_X509_ALGOR); + M_ASN1_I2D_put(a->public_key, i2d_ASN1_BIT_STRING); + + M_ASN1_I2D_finish(); + } + +X509_PUBKEY *d2i_X509_PUBKEY(a,pp,length) +X509_PUBKEY **a; +unsigned char **pp; +long length; + { + M_ASN1_D2I_vars(a,X509_PUBKEY *,X509_PUBKEY_new); + + M_ASN1_D2I_Init(); + M_ASN1_D2I_start_sequence(); + M_ASN1_D2I_get(ret->algor,d2i_X509_ALGOR); + M_ASN1_D2I_get(ret->public_key,d2i_ASN1_BIT_STRING); + if (ret->pkey != NULL) + { + EVP_PKEY_free(ret->pkey); + ret->pkey=NULL; + } + M_ASN1_D2I_Finish(a,X509_PUBKEY_free,ASN1_F_D2I_X509_PUBKEY); + } + +X509_PUBKEY *X509_PUBKEY_new() + { + X509_PUBKEY *ret=NULL; + + M_ASN1_New_Malloc(ret,X509_PUBKEY); + M_ASN1_New(ret->algor,X509_ALGOR_new); + M_ASN1_New(ret->public_key,ASN1_BIT_STRING_new); + ret->pkey=NULL; + return(ret); + M_ASN1_New_Error(ASN1_F_X509_PUBKEY_NEW); + } + +void X509_PUBKEY_free(a) +X509_PUBKEY *a; + { + if (a == NULL) return; + X509_ALGOR_free(a->algor); + ASN1_BIT_STRING_free(a->public_key); + if (a->pkey != NULL) EVP_PKEY_free(a->pkey); + Free((char *)a); + } + +int X509_PUBKEY_set(x,pkey) +X509_PUBKEY **x; +EVP_PKEY *pkey; + { + int ok=0; + X509_PUBKEY *pk; + X509_ALGOR *a; + ASN1_OBJECT *o; + unsigned char *s,*p; + int i; + + if (x == NULL) return(0); + + if ((pk=X509_PUBKEY_new()) == NULL) goto err; + a=pk->algor; + + /* set the algorithm id */ + if ((o=OBJ_nid2obj(pkey->type)) == NULL) goto err; + ASN1_OBJECT_free(a->algorithm); + a->algorithm=o; + + /* Set the parameter list */ + if (!pkey->save_parameters || (pkey->type == EVP_PKEY_RSA)) + { + if ((a->parameter == NULL) || + (a->parameter->type != V_ASN1_NULL)) + { + ASN1_TYPE_free(a->parameter); + a->parameter=ASN1_TYPE_new(); + a->parameter->type=V_ASN1_NULL; + } + } + else +#ifndef NO_DSA + if (pkey->type == EVP_PKEY_DSA) + { + unsigned char *pp; + DSA *dsa; + + dsa=pkey->pkey.dsa; + dsa->write_params=0; + ASN1_TYPE_free(a->parameter); + i=i2d_DSAparams(dsa,NULL); + p=(unsigned char *)Malloc(i); + pp=p; + i2d_DSAparams(dsa,&pp); + a->parameter=ASN1_TYPE_new(); + a->parameter->type=V_ASN1_SEQUENCE; + a->parameter->value.sequence=ASN1_STRING_new(); + ASN1_STRING_set(a->parameter->value.sequence,p,i); + Free(p); + } + else +#endif + { + X509err(X509_F_X509_PUBKEY_SET,X509_R_UNSUPPORTED_ALGORITHM); + goto err; + } + + i=i2d_PublicKey(pkey,NULL); + if ((s=(unsigned char *)Malloc(i+1)) == NULL) goto err; + p=s; + i2d_PublicKey(pkey,&p); + if (!ASN1_BIT_STRING_set(pk->public_key,s,i)) goto err; + Free(s); + + CRYPTO_add(&pkey->references,1,CRYPTO_LOCK_EVP_PKEY); + pk->pkey=pkey; + + if (*x != NULL) + X509_PUBKEY_free(*x); + + *x=pk; + pk=NULL; + + ok=1; +err: + if (pk != NULL) X509_PUBKEY_free(pk); + return(ok); + } + +EVP_PKEY *X509_PUBKEY_get(key) +X509_PUBKEY *key; + { + EVP_PKEY *ret=NULL; + long j; + int type; + unsigned char *p; +#ifndef NO_DSA + X509_ALGOR *a; +#endif + + if (key == NULL) goto err; + + if (key->pkey != NULL) return(key->pkey); + + if (key->public_key == NULL) goto err; + + type=OBJ_obj2nid(key->algor->algorithm); + p=key->public_key->data; + j=key->public_key->length; + if ((ret=d2i_PublicKey(type,NULL,&p,(long)j)) == NULL) + { + X509err(X509_F_X509_PUBKEY_GET,X509_R_ERR_ASN1_LIB); + goto err; + } + ret->save_parameters=0; + +#ifndef NO_DSA + a=key->algor; + if (ret->type == EVP_PKEY_DSA) + { + if (a->parameter->type == V_ASN1_SEQUENCE) + { + ret->pkey.dsa->write_params=0; + p=a->parameter->value.sequence->data; + j=a->parameter->value.sequence->length; + if (!d2i_DSAparams(&ret->pkey.dsa,&p,(long)j)) + goto err; + } + ret->save_parameters=1; + } +#endif + key->pkey=ret; + return(ret); +err: + if (ret != NULL) + EVP_PKEY_free(ret); + return(NULL); + } + diff --git a/src/lib/libcrypto/asn1/x_req.c b/src/lib/libcrypto/asn1/x_req.c new file mode 100644 index 0000000000..ff0be13d37 --- /dev/null +++ b/src/lib/libcrypto/asn1/x_req.c @@ -0,0 +1,247 @@ +/* crypto/asn1/x_req.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include +#include "cryptlib.h" +#include "asn1_mac.h" +#include "x509.h" + +/* + * ASN1err(ASN1_F_D2I_X509_REQ,ASN1_R_LENGTH_MISMATCH); + * ASN1err(ASN1_F_D2I_X509_REQ_INFO,ASN1_R_LENGTH_MISMATCH); + * ASN1err(ASN1_F_X509_REQ_NEW,ASN1_R_LENGTH_MISMATCH); + * ASN1err(ASN1_F_X509_REQ_INFO_NEW,ASN1_R_LENGTH_MISMATCH); + */ + +int i2d_X509_REQ_INFO(a,pp) +X509_REQ_INFO *a; +unsigned char **pp; + { + M_ASN1_I2D_vars(a); + + M_ASN1_I2D_len(a->version, i2d_ASN1_INTEGER); + M_ASN1_I2D_len(a->subject, i2d_X509_NAME); + M_ASN1_I2D_len(a->pubkey, i2d_X509_PUBKEY); + + /* this is a *nasty* hack reported to be required to + * allow some CA Software to accept the cert request. + * It is not following the PKCS standards ... + * PKCS#10 pg 5 + * attributes [0] IMPLICIT Attibutes + * NOTE: no OPTIONAL ... so it *must* be there + */ + if (a->req_kludge) + { + M_ASN1_I2D_len_IMP_set_opt(a->attributes,i2d_X509_ATTRIBUTE,0); + } + else + { + M_ASN1_I2D_len_IMP_set(a->attributes, i2d_X509_ATTRIBUTE,0); + } + + M_ASN1_I2D_seq_total(); + M_ASN1_I2D_put(a->version, i2d_ASN1_INTEGER); + M_ASN1_I2D_put(a->subject, i2d_X509_NAME); + M_ASN1_I2D_put(a->pubkey, i2d_X509_PUBKEY); + + /* this is a *nasty* hack reported to be required by some CA's. + * It is not following the PKCS standards ... + * PKCS#10 pg 5 + * attributes [0] IMPLICIT Attibutes + * NOTE: no OPTIONAL ... so it *must* be there + */ + if (a->req_kludge) + { + M_ASN1_I2D_put_IMP_set_opt(a->attributes,i2d_X509_ATTRIBUTE,0); + } + else + { + M_ASN1_I2D_put_IMP_set(a->attributes,i2d_X509_ATTRIBUTE,0); + } + + M_ASN1_I2D_finish(); + } + +X509_REQ_INFO *d2i_X509_REQ_INFO(a,pp,length) +X509_REQ_INFO **a; +unsigned char **pp; +long length; + { + M_ASN1_D2I_vars(a,X509_REQ_INFO *,X509_REQ_INFO_new); + + M_ASN1_D2I_Init(); + M_ASN1_D2I_start_sequence(); + M_ASN1_D2I_get(ret->version,d2i_ASN1_INTEGER); + M_ASN1_D2I_get(ret->subject,d2i_X509_NAME); + M_ASN1_D2I_get(ret->pubkey,d2i_X509_PUBKEY); + + /* this is a *nasty* hack to allow for some CA's that + * have been reported as requiring it. + * It is not following the PKCS standards ... + * PKCS#10 pg 5 + * attributes [0] IMPLICIT Attibutes + * NOTE: no OPTIONAL ... so it *must* be there + */ + if (asn1_Finish(&c)) + ret->req_kludge=1; + else + { + M_ASN1_D2I_get_IMP_set(ret->attributes,d2i_X509_ATTRIBUTE,0); + } + + M_ASN1_D2I_Finish(a,X509_REQ_INFO_free,ASN1_F_D2I_X509_REQ_INFO); + } + +X509_REQ_INFO *X509_REQ_INFO_new() + { + X509_REQ_INFO *ret=NULL; + + M_ASN1_New_Malloc(ret,X509_REQ_INFO); + M_ASN1_New(ret->version,ASN1_INTEGER_new); + M_ASN1_New(ret->subject,X509_NAME_new); + M_ASN1_New(ret->pubkey,X509_PUBKEY_new); + M_ASN1_New(ret->attributes,sk_new_null); + ret->req_kludge=0; + return(ret); + M_ASN1_New_Error(ASN1_F_X509_REQ_INFO_NEW); + } + +void X509_REQ_INFO_free(a) +X509_REQ_INFO *a; + { + if (a == NULL) return; + ASN1_INTEGER_free(a->version); + X509_NAME_free(a->subject); + X509_PUBKEY_free(a->pubkey); + sk_pop_free(a->attributes,X509_ATTRIBUTE_free); + Free((char *)a); + } + +int i2d_X509_REQ(a,pp) +X509_REQ *a; +unsigned char **pp; + { + M_ASN1_I2D_vars(a); + M_ASN1_I2D_len(a->req_info, i2d_X509_REQ_INFO); + M_ASN1_I2D_len(a->sig_alg, i2d_X509_ALGOR); + M_ASN1_I2D_len(a->signature, i2d_ASN1_BIT_STRING); + + M_ASN1_I2D_seq_total(); + + M_ASN1_I2D_put(a->req_info, i2d_X509_REQ_INFO); + M_ASN1_I2D_put(a->sig_alg, i2d_X509_ALGOR); + M_ASN1_I2D_put(a->signature, i2d_ASN1_BIT_STRING); + + M_ASN1_I2D_finish(); + } + +X509_REQ *d2i_X509_REQ(a,pp,length) +X509_REQ **a; +unsigned char **pp; +long length; + { + M_ASN1_D2I_vars(a,X509_REQ *,X509_REQ_new); + + M_ASN1_D2I_Init(); + M_ASN1_D2I_start_sequence(); + M_ASN1_D2I_get(ret->req_info,d2i_X509_REQ_INFO); + M_ASN1_D2I_get(ret->sig_alg,d2i_X509_ALGOR); + M_ASN1_D2I_get(ret->signature,d2i_ASN1_BIT_STRING); + M_ASN1_D2I_Finish(a,X509_REQ_free,ASN1_F_D2I_X509_REQ); + } + +X509_REQ *X509_REQ_new() + { + X509_REQ *ret=NULL; + + M_ASN1_New_Malloc(ret,X509_REQ); + ret->references=1; + M_ASN1_New(ret->req_info,X509_REQ_INFO_new); + M_ASN1_New(ret->sig_alg,X509_ALGOR_new); + M_ASN1_New(ret->signature,ASN1_BIT_STRING_new); + return(ret); + M_ASN1_New_Error(ASN1_F_X509_REQ_NEW); + } + +void X509_REQ_free(a) +X509_REQ *a; + { + int i; + + if (a == NULL) return; + + i=CRYPTO_add(&a->references,-1,CRYPTO_LOCK_X509_REQ); +#ifdef REF_PRINT + REF_PRINT("X509_REQ",a); +#endif + if (i > 0) return; +#ifdef REF_CHECK + if (i < 0) + { + fprintf(stderr,"X509_REQ_free, bad reference count\n"); + abort(); + } +#endif + + X509_REQ_INFO_free(a->req_info); + X509_ALGOR_free(a->sig_alg); + ASN1_BIT_STRING_free(a->signature); + Free((char *)a); + } + + diff --git a/src/lib/libcrypto/asn1/x_sig.c b/src/lib/libcrypto/asn1/x_sig.c new file mode 100644 index 0000000000..f0a2e4c27a --- /dev/null +++ b/src/lib/libcrypto/asn1/x_sig.c @@ -0,0 +1,119 @@ +/* crypto/asn1/x_sig.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include +#include "cryptlib.h" +#include "asn1_mac.h" + +/* + * ASN1err(ASN1_F_D2I_X509_SIG,ASN1_R_LENGTH_MISMATCH); + * ASN1err(ASN1_F_X509_SIG_NEW,ASN1_R_LENGTH_MISMATCH); + */ + +int i2d_X509_SIG(a,pp) +X509_SIG *a; +unsigned char **pp; + { + M_ASN1_I2D_vars(a); + + M_ASN1_I2D_len(a->algor, i2d_X509_ALGOR); + M_ASN1_I2D_len(a->digest, i2d_ASN1_OCTET_STRING); + + M_ASN1_I2D_seq_total(); + + M_ASN1_I2D_put(a->algor, i2d_X509_ALGOR); + M_ASN1_I2D_put(a->digest, i2d_ASN1_OCTET_STRING); + + M_ASN1_I2D_finish(); + } + +X509_SIG *d2i_X509_SIG(a,pp,length) +X509_SIG **a; +unsigned char **pp; +long length; + { + M_ASN1_D2I_vars(a,X509_SIG *,X509_SIG_new); + + M_ASN1_D2I_Init(); + M_ASN1_D2I_start_sequence(); + M_ASN1_D2I_get(ret->algor,d2i_X509_ALGOR); + M_ASN1_D2I_get(ret->digest,d2i_ASN1_OCTET_STRING); + M_ASN1_D2I_Finish(a,X509_SIG_free,ASN1_F_D2I_X509_SIG); + } + +X509_SIG *X509_SIG_new() + { + X509_SIG *ret=NULL; + + M_ASN1_New_Malloc(ret,X509_SIG); + M_ASN1_New(ret->algor,X509_ALGOR_new); + M_ASN1_New(ret->digest,ASN1_OCTET_STRING_new); + return(ret); + M_ASN1_New_Error(ASN1_F_X509_SIG_NEW); + } + +void X509_SIG_free(a) +X509_SIG *a; + { + if (a == NULL) return; + X509_ALGOR_free(a->algor); + ASN1_OCTET_STRING_free(a->digest); + Free((char *)a); + } + + diff --git a/src/lib/libcrypto/asn1/x_spki.c b/src/lib/libcrypto/asn1/x_spki.c new file mode 100644 index 0000000000..4a80df44b8 --- /dev/null +++ b/src/lib/libcrypto/asn1/x_spki.c @@ -0,0 +1,181 @@ +/* crypto/asn1/x_spki.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + + /* This module was send to me my Pat Richards who + * wrote it. It is under my Copyright with his permision + */ + +#include +#include "cryptlib.h" +#include "x509.h" +#include "asn1_mac.h" + +/* + * ASN1err(ASN1_F_D2I_NETSCAPE_SPKAC,ASN1_R_LENGTH_MISMATCH); + * ASN1err(ASN1_F_NETSCAPE_SPKAC_NEW,ASN1_R_LENGTH_MISMATCH); + * ASN1err(ASN1_F_D2I_NETSCAPE_SPKI,ASN1_R_LENGTH_MISMATCH); + * ASN1err(ASN1_F_NETSCAPE_SPKI_NEW,ASN1_R_LENGTH_MISMATCH); + */ + +int i2d_NETSCAPE_SPKAC(a,pp) +NETSCAPE_SPKAC *a; +unsigned char **pp; + { + M_ASN1_I2D_vars(a); + + M_ASN1_I2D_len(a->pubkey, i2d_X509_PUBKEY); + M_ASN1_I2D_len(a->challenge, i2d_ASN1_IA5STRING); + + M_ASN1_I2D_seq_total(); + + M_ASN1_I2D_put(a->pubkey, i2d_X509_PUBKEY); + M_ASN1_I2D_put(a->challenge, i2d_ASN1_IA5STRING); + + M_ASN1_I2D_finish(); + } + +NETSCAPE_SPKAC *d2i_NETSCAPE_SPKAC(a,pp,length) +NETSCAPE_SPKAC **a; +unsigned char **pp; +long length; + { + M_ASN1_D2I_vars(a,NETSCAPE_SPKAC *,NETSCAPE_SPKAC_new); + + M_ASN1_D2I_Init(); + M_ASN1_D2I_start_sequence(); + M_ASN1_D2I_get(ret->pubkey,d2i_X509_PUBKEY); + M_ASN1_D2I_get(ret->challenge,d2i_ASN1_IA5STRING); + M_ASN1_D2I_Finish(a,NETSCAPE_SPKAC_free,ASN1_F_D2I_NETSCAPE_SPKAC); + } + +NETSCAPE_SPKAC *NETSCAPE_SPKAC_new() + { + NETSCAPE_SPKAC *ret=NULL; + + M_ASN1_New_Malloc(ret,NETSCAPE_SPKAC); + M_ASN1_New(ret->pubkey,X509_PUBKEY_new); + M_ASN1_New(ret->challenge,ASN1_IA5STRING_new); + return(ret); + M_ASN1_New_Error(ASN1_F_NETSCAPE_SPKAC_NEW); + } + +void NETSCAPE_SPKAC_free(a) +NETSCAPE_SPKAC *a; + { + if (a == NULL) return; + X509_PUBKEY_free(a->pubkey); + ASN1_IA5STRING_free(a->challenge); + Free((char *)a); + } + +int i2d_NETSCAPE_SPKI(a,pp) +NETSCAPE_SPKI *a; +unsigned char **pp; + { + M_ASN1_I2D_vars(a); + + M_ASN1_I2D_len(a->spkac, i2d_NETSCAPE_SPKAC); + M_ASN1_I2D_len(a->sig_algor, i2d_X509_ALGOR); + M_ASN1_I2D_len(a->signature, i2d_ASN1_BIT_STRING); + + M_ASN1_I2D_seq_total(); + + M_ASN1_I2D_put(a->spkac, i2d_NETSCAPE_SPKAC); + M_ASN1_I2D_put(a->sig_algor, i2d_X509_ALGOR); + M_ASN1_I2D_put(a->signature, i2d_ASN1_BIT_STRING); + + M_ASN1_I2D_finish(); + } + +NETSCAPE_SPKI *d2i_NETSCAPE_SPKI(a,pp,length) +NETSCAPE_SPKI **a; +unsigned char **pp; +long length; + { + M_ASN1_D2I_vars(a,NETSCAPE_SPKI *,NETSCAPE_SPKI_new); + + M_ASN1_D2I_Init(); + M_ASN1_D2I_start_sequence(); + M_ASN1_D2I_get(ret->spkac,d2i_NETSCAPE_SPKAC); + M_ASN1_D2I_get(ret->sig_algor,d2i_X509_ALGOR); + M_ASN1_D2I_get(ret->signature,d2i_ASN1_BIT_STRING); + M_ASN1_D2I_Finish(a,NETSCAPE_SPKI_free,ASN1_F_D2I_NETSCAPE_SPKI); + } + +NETSCAPE_SPKI *NETSCAPE_SPKI_new() + { + NETSCAPE_SPKI *ret=NULL; + + M_ASN1_New_Malloc(ret,NETSCAPE_SPKI); + M_ASN1_New(ret->spkac,NETSCAPE_SPKAC_new); + M_ASN1_New(ret->sig_algor,X509_ALGOR_new); + M_ASN1_New(ret->signature,ASN1_BIT_STRING_new); + return(ret); + M_ASN1_New_Error(ASN1_F_NETSCAPE_SPKI_NEW); + } + +void NETSCAPE_SPKI_free(a) +NETSCAPE_SPKI *a; + { + if (a == NULL) return; + NETSCAPE_SPKAC_free(a->spkac); + X509_ALGOR_free(a->sig_algor); + ASN1_BIT_STRING_free(a->signature); + Free((char *)a); + } + diff --git a/src/lib/libcrypto/asn1/x_val.c b/src/lib/libcrypto/asn1/x_val.c new file mode 100644 index 0000000000..a9c390f88c --- /dev/null +++ b/src/lib/libcrypto/asn1/x_val.c @@ -0,0 +1,118 @@ +/* crypto/asn1/x_val.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include +#include "cryptlib.h" +#include "asn1_mac.h" + +/* ASN1err(ASN1_F_X509_VAL_NEW,ERR_R_MALLOC_FAILURE); + * ASN1err(ASN1_F_X509_VAL_FREE,ERR_R_MALLOC_FAILURE); + * ASN1err(ASN1_F_D2I_X509_VAL,ERR_R_MALLOC_FAILURE); + */ + +int i2d_X509_VAL(a,pp) +X509_VAL *a; +unsigned char **pp; + { + M_ASN1_I2D_vars(a); + + M_ASN1_I2D_len(a->notBefore,i2d_ASN1_UTCTIME); + M_ASN1_I2D_len(a->notAfter,i2d_ASN1_UTCTIME); + + M_ASN1_I2D_seq_total(); + + M_ASN1_I2D_put(a->notBefore,i2d_ASN1_UTCTIME); + M_ASN1_I2D_put(a->notAfter,i2d_ASN1_UTCTIME); + + M_ASN1_I2D_finish(); + } + +X509_VAL *d2i_X509_VAL(a,pp,length) +X509_VAL **a; +unsigned char **pp; +long length; + { + M_ASN1_D2I_vars(a,X509_VAL *,X509_VAL_new); + + M_ASN1_D2I_Init(); + M_ASN1_D2I_start_sequence(); + M_ASN1_D2I_get(ret->notBefore,d2i_ASN1_UTCTIME); + M_ASN1_D2I_get(ret->notAfter,d2i_ASN1_UTCTIME); + M_ASN1_D2I_Finish(a,X509_VAL_free,ASN1_F_D2I_X509_VAL); + } + +X509_VAL *X509_VAL_new() + { + X509_VAL *ret=NULL; + + M_ASN1_New_Malloc(ret,X509_VAL); + M_ASN1_New(ret->notBefore,ASN1_UTCTIME_new); + M_ASN1_New(ret->notAfter,ASN1_UTCTIME_new); + return(ret); + M_ASN1_New_Error(ASN1_F_X509_VAL_NEW); + } + +void X509_VAL_free(a) +X509_VAL *a; + { + if (a == NULL) return; + ASN1_UTCTIME_free(a->notBefore); + ASN1_UTCTIME_free(a->notAfter); + Free((char *)a); + } + diff --git a/src/lib/libcrypto/asn1/x_x509.c b/src/lib/libcrypto/asn1/x_x509.c new file mode 100644 index 0000000000..bc466ce0f6 --- /dev/null +++ b/src/lib/libcrypto/asn1/x_x509.c @@ -0,0 +1,158 @@ +/* crypto/asn1/x_x509.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include +#include "cryptlib.h" +#include "evp.h" +#include "asn1_mac.h" + +/* + * ASN1err(ASN1_F_D2I_X509,ASN1_R_LENGTH_MISMATCH); + * ASN1err(ASN1_F_X509_NEW,ASN1_R_BAD_GET_OBJECT); + */ + +static ASN1_METHOD meth={ + (int (*)()) i2d_X509, + (char *(*)())d2i_X509, + (char *(*)())X509_new, + (void (*)()) X509_free}; + +ASN1_METHOD *X509_asn1_meth() + { + return(&meth); + } + +int i2d_X509(a,pp) +X509 *a; +unsigned char **pp; + { + M_ASN1_I2D_vars(a); + + M_ASN1_I2D_len(a->cert_info, i2d_X509_CINF); + M_ASN1_I2D_len(a->sig_alg, i2d_X509_ALGOR); + M_ASN1_I2D_len(a->signature, i2d_ASN1_BIT_STRING); + + M_ASN1_I2D_seq_total(); + + M_ASN1_I2D_put(a->cert_info, i2d_X509_CINF); + M_ASN1_I2D_put(a->sig_alg, i2d_X509_ALGOR); + M_ASN1_I2D_put(a->signature, i2d_ASN1_BIT_STRING); + + M_ASN1_I2D_finish(); + } + +X509 *d2i_X509(a,pp,length) +X509 **a; +unsigned char **pp; +long length; + { + M_ASN1_D2I_vars(a,X509 *,X509_new); + + M_ASN1_D2I_Init(); + M_ASN1_D2I_start_sequence(); + M_ASN1_D2I_get(ret->cert_info,d2i_X509_CINF); + M_ASN1_D2I_get(ret->sig_alg,d2i_X509_ALGOR); + M_ASN1_D2I_get(ret->signature,d2i_ASN1_BIT_STRING); +if (ret->name != NULL) Free(ret->name); +ret->name=X509_NAME_oneline(ret->cert_info->subject,NULL,0); + + M_ASN1_D2I_Finish(a,X509_free,ASN1_F_D2I_X509); + } + +X509 *X509_new() + { + X509 *ret=NULL; + + M_ASN1_New_Malloc(ret,X509); + ret->references=1; + ret->valid=0; + ret->name=NULL; + M_ASN1_New(ret->cert_info,X509_CINF_new); + M_ASN1_New(ret->sig_alg,X509_ALGOR_new); + M_ASN1_New(ret->signature,ASN1_BIT_STRING_new); + return(ret); + M_ASN1_New_Error(ASN1_F_X509_NEW); + } + +void X509_free(a) +X509 *a; + { + int i; + + if (a == NULL) return; + + i=CRYPTO_add(&a->references,-1,CRYPTO_LOCK_X509); +#ifdef REF_PRINT + REF_PRINT("X509",a); +#endif + if (i > 0) return; +#ifdef REF_CHECK + if (i < 0) + { + fprintf(stderr,"X509_free, bad reference count\n"); + abort(); + } +#endif + + X509_CINF_free(a->cert_info); + X509_ALGOR_free(a->sig_alg); + ASN1_BIT_STRING_free(a->signature); + if (a->name != NULL) Free(a->name); + Free((char *)a); + } + diff --git a/src/lib/libcrypto/bf/COPYRIGHT b/src/lib/libcrypto/bf/COPYRIGHT new file mode 100644 index 0000000000..6857223506 --- /dev/null +++ b/src/lib/libcrypto/bf/COPYRIGHT @@ -0,0 +1,46 @@ +Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com) +All rights reserved. + +This package is an Blowfish implementation written +by Eric Young (eay@cryptsoft.com). + +This library is free for commercial and non-commercial use as long as +the following conditions are aheared to. The following conditions +apply to all code found in this distribution. + +Copyright remains Eric Young's, and as such any Copyright notices in +the code are not to be removed. + +Redistribution and use in source and binary forms, with or without +modification, are permitted provided that the following conditions +are met: +1. Redistributions of source code must retain the copyright + notice, this list of conditions and the following disclaimer. +2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. +3. All advertising materials mentioning features or use of this software + must display the following acknowledgement: + This product includes software developed by Eric Young (eay@cryptsoft.com) + +THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND +ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE +FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS +OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) +HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY +OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF +SUCH DAMAGE. + +The license and distribution terms for any publically available version or +derivative of this code cannot be changed. i.e. this code cannot simply be +copied and put under another distrubution license +[including the GNU Public License.] + +The reason behind this being stated in this direct manner is past +experience in code simply being copied and the attribution removed +from it and then being distributed as part of other packages. This +implementation was a non-trivial and unpaid effort. diff --git a/src/lib/libcrypto/bf/INSTALL b/src/lib/libcrypto/bf/INSTALL new file mode 100644 index 0000000000..3b25923532 --- /dev/null +++ b/src/lib/libcrypto/bf/INSTALL @@ -0,0 +1,14 @@ +This Eric Young's blowfish implementation, taken from his SSLeay library +and made available as a separate library. + +The version number (0.7.2m) is the SSLeay version that this library was +taken from. + +To build, just unpack and type make. +If you are not using gcc, edit the Makefile. +If you are compiling for an x86 box, try the assembler (it needs improving). +There are also some compile time options that can improve performance, +these are documented in the Makefile. + +eric 15-Apr-1997 + diff --git a/src/lib/libcrypto/bf/README b/src/lib/libcrypto/bf/README new file mode 100644 index 0000000000..f2712fd0e7 --- /dev/null +++ b/src/lib/libcrypto/bf/README @@ -0,0 +1,8 @@ +This is a quick packaging up of my blowfish code into a library. +It has been lifted from SSLeay. +The copyright notices seem a little harsh because I have not spent the +time to rewrite the conditions from the normal SSLeay ones. + +Basically if you just want to play with the library, not a problem. + +eric 15-Apr-1997 diff --git a/src/lib/libcrypto/bf/VERSION b/src/lib/libcrypto/bf/VERSION new file mode 100644 index 0000000000..be995855e4 --- /dev/null +++ b/src/lib/libcrypto/bf/VERSION @@ -0,0 +1,6 @@ +The version numbers will follow my SSL implementation + +0.7.2r - Some reasonable default compiler options from + Peter Gutman + +0.7.2m - the first release diff --git a/src/lib/libcrypto/bf/asm/bf-586.pl b/src/lib/libcrypto/bf/asm/bf-586.pl new file mode 100644 index 0000000000..5c7ab14ab0 --- /dev/null +++ b/src/lib/libcrypto/bf/asm/bf-586.pl @@ -0,0 +1,136 @@ +#!/usr/bin/perl + +push(@INC,"perlasm","../../perlasm"); +require "x86asm.pl"; +require "cbc.pl"; + +&asm_init($ARGV[0],"bf-586.pl"); + +$BF_ROUNDS=16; +$BF_OFF=($BF_ROUNDS+2)*4; +$L="edi"; +$R="esi"; +$P="ebp"; +$tmp1="eax"; +$tmp2="ebx"; +$tmp3="ecx"; +$tmp4="edx"; + +&BF_encrypt("BF_encrypt",1); +&BF_encrypt("BF_decrypt",0); +&cbc("BF_cbc_encrypt","BF_encrypt","BF_decrypt",1,4,5,3,-1,-1); +&asm_finish(); + +sub BF_encrypt + { + local($name,$enc)=@_; + + &function_begin_B($name,""); + + &comment(""); + + &push("ebp"); + &push("ebx"); + &mov($tmp2,&wparam(0)); + &mov($P,&wparam(1)); + &push("esi"); + &push("edi"); + + &comment("Load the 2 words"); + &mov($L,&DWP(0,$tmp2,"",0)); + &mov($R,&DWP(4,$tmp2,"",0)); + + &xor( $tmp1, $tmp1); + + # encrypting part + + if ($enc) + { + &mov($tmp2,&DWP(0,$P,"",0)); + &xor( $tmp3, $tmp3); + + &xor($L,$tmp2); + for ($i=0; $i<$BF_ROUNDS; $i+=2) + { + &comment(""); + &comment("Round $i"); + &BF_ENCRYPT($i+1,$R,$L,$P,$tmp1,$tmp2,$tmp3,$tmp4,1); + + &comment(""); + &comment("Round ".sprintf("%d",$i+1)); + &BF_ENCRYPT($i+2,$L,$R,$P,$tmp1,$tmp2,$tmp3,$tmp4,1); + } + # &mov($tmp1,&wparam(0)); In last loop + &mov($tmp4,&DWP(($BF_ROUNDS+1)*4,$P,"",0)); + } + else + { + &mov($tmp2,&DWP(($BF_ROUNDS+1)*4,$P,"",0)); + &xor( $tmp3, $tmp3); + + &xor($L,$tmp2); + for ($i=$BF_ROUNDS; $i>0; $i-=2) + { + &comment(""); + &comment("Round $i"); + &BF_ENCRYPT($i,$R,$L,$P,$tmp1,$tmp2,$tmp3,$tmp4,0); + &comment(""); + &comment("Round ".sprintf("%d",$i-1)); + &BF_ENCRYPT($i-1,$L,$R,$P,$tmp1,$tmp2,$tmp3,$tmp4,0); + } + # &mov($tmp1,&wparam(0)); In last loop + &mov($tmp4,&DWP(0,$P,"",0)); + } + + &xor($R,$tmp4); + &mov(&DWP(4,$tmp1,"",0),$L); + + &mov(&DWP(0,$tmp1,"",0),$R); + &function_end($name); + } + +sub BF_ENCRYPT + { + local($i,$L,$R,$P,$tmp1,$tmp2,$tmp3,$tmp4,$enc)=@_; + + &mov( $tmp4, &DWP(&n2a($i*4),$P,"",0)); # for next round + + &mov( $tmp2, $R); + &xor( $L, $tmp4); + + &shr( $tmp2, 16); + &mov( $tmp4, $R); + + &movb( &LB($tmp1), &HB($tmp2)); # A + &and( $tmp2, 0xff); # B + + &movb( &LB($tmp3), &HB($tmp4)); # C + &and( $tmp4, 0xff); # D + + &mov( $tmp1, &DWP(&n2a($BF_OFF+0x0000),$P,$tmp1,4)); + &mov( $tmp2, &DWP(&n2a($BF_OFF+0x0400),$P,$tmp2,4)); + + &add( $tmp2, $tmp1); + &mov( $tmp1, &DWP(&n2a($BF_OFF+0x0800),$P,$tmp3,4)); + + &xor( $tmp2, $tmp1); + &mov( $tmp4, &DWP(&n2a($BF_OFF+0x0C00),$P,$tmp4,4)); + + &add( $tmp2, $tmp4); + if (($enc && ($i != 16)) || ((!$enc) && ($i != 1))) + { &xor( $tmp1, $tmp1); } + else + { + &comment("Load parameter 0 ($i) enc=$enc"); + &mov($tmp1,&wparam(0)); + } # In last loop + + &xor( $L, $tmp2); + # delay + } + +sub n2a + { + sprintf("%d",$_[0]); + } + diff --git a/src/lib/libcrypto/bf/bf_cbc.c b/src/lib/libcrypto/bf/bf_cbc.c new file mode 100644 index 0000000000..e0fa9ad763 --- /dev/null +++ b/src/lib/libcrypto/bf/bf_cbc.c @@ -0,0 +1,148 @@ +/* crypto/bf/bf_cbc.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include "blowfish.h" +#include "bf_locl.h" + +void BF_cbc_encrypt(in, out, length, ks, iv, encrypt) +unsigned char *in; +unsigned char *out; +long length; +BF_KEY *ks; +unsigned char *iv; +int encrypt; + { + register BF_LONG tin0,tin1; + register BF_LONG tout0,tout1,xor0,xor1; + register long l=length; + BF_LONG tin[2]; + + if (encrypt) + { + n2l(iv,tout0); + n2l(iv,tout1); + iv-=8; + for (l-=8; l>=0; l-=8) + { + n2l(in,tin0); + n2l(in,tin1); + tin0^=tout0; + tin1^=tout1; + tin[0]=tin0; + tin[1]=tin1; + BF_encrypt(tin,ks); + tout0=tin[0]; + tout1=tin[1]; + l2n(tout0,out); + l2n(tout1,out); + } + if (l != -8) + { + n2ln(in,tin0,tin1,l+8); + tin0^=tout0; + tin1^=tout1; + tin[0]=tin0; + tin[1]=tin1; + BF_encrypt(tin,ks); + tout0=tin[0]; + tout1=tin[1]; + l2n(tout0,out); + l2n(tout1,out); + } + l2n(tout0,iv); + l2n(tout1,iv); + } + else + { + n2l(iv,xor0); + n2l(iv,xor1); + iv-=8; + for (l-=8; l>=0; l-=8) + { + n2l(in,tin0); + n2l(in,tin1); + tin[0]=tin0; + tin[1]=tin1; + BF_decrypt(tin,ks); + tout0=tin[0]^xor0; + tout1=tin[1]^xor1; + l2n(tout0,out); + l2n(tout1,out); + xor0=tin0; + xor1=tin1; + } + if (l != -8) + { + n2l(in,tin0); + n2l(in,tin1); + tin[0]=tin0; + tin[1]=tin1; + BF_decrypt(tin,ks); + tout0=tin[0]^xor0; + tout1=tin[1]^xor1; + l2nn(tout0,tout1,out,l+8); + xor0=tin0; + xor1=tin1; + } + l2n(xor0,iv); + l2n(xor1,iv); + } + tin0=tin1=tout0=tout1=xor0=xor1=0; + tin[0]=tin[1]=0; + } + diff --git a/src/lib/libcrypto/bf/bf_cfb64.c b/src/lib/libcrypto/bf/bf_cfb64.c new file mode 100644 index 0000000000..f9c66e7ced --- /dev/null +++ b/src/lib/libcrypto/bf/bf_cfb64.c @@ -0,0 +1,127 @@ +/* crypto/bf/bf_cfb64.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include "blowfish.h" +#include "bf_locl.h" + +/* The input and output encrypted as though 64bit cfb mode is being + * used. The extra state information to record how much of the + * 64bit block we have used is contained in *num; + */ + +void BF_cfb64_encrypt(in, out, length, schedule, ivec, num, encrypt) +unsigned char *in; +unsigned char *out; +long length; +BF_KEY *schedule; +unsigned char *ivec; +int *num; +int encrypt; + { + register BF_LONG v0,v1,t; + register int n= *num; + register long l=length; + BF_LONG ti[2]; + unsigned char *iv,c,cc; + + iv=(unsigned char *)ivec; + if (encrypt) + { + while (l--) + { + if (n == 0) + { + n2l(iv,v0); ti[0]=v0; + n2l(iv,v1); ti[1]=v1; + BF_encrypt((BF_LONG *)ti,schedule); + iv=(unsigned char *)ivec; + t=ti[0]; l2n(t,iv); + t=ti[1]; l2n(t,iv); + iv=(unsigned char *)ivec; + } + c= *(in++)^iv[n]; + *(out++)=c; + iv[n]=c; + n=(n+1)&0x07; + } + } + else + { + while (l--) + { + if (n == 0) + { + n2l(iv,v0); ti[0]=v0; + n2l(iv,v1); ti[1]=v1; + BF_encrypt((BF_LONG *)ti,schedule); + iv=(unsigned char *)ivec; + t=ti[0]; l2n(t,iv); + t=ti[1]; l2n(t,iv); + iv=(unsigned char *)ivec; + } + cc= *(in++); + c=iv[n]; + iv[n]=cc; + *(out++)=c^cc; + n=(n+1)&0x07; + } + } + v0=v1=ti[0]=ti[1]=t=c=cc=0; + *num=n; + } + diff --git a/src/lib/libcrypto/bf/bf_ecb.c b/src/lib/libcrypto/bf/bf_ecb.c new file mode 100644 index 0000000000..6d16360bd9 --- /dev/null +++ b/src/lib/libcrypto/bf/bf_ecb.c @@ -0,0 +1,98 @@ +/* crypto/bf/bf_ecb.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include "blowfish.h" +#include "bf_locl.h" + +/* Blowfish as implemented from 'Blowfish: Springer-Verlag paper' + * (From LECTURE NOTES IN COIMPUTER SCIENCE 809, FAST SOFTWARE ENCRYPTION, + * CAMBRIDGE SECURITY WORKSHOP, CAMBRIDGE, U.K., DECEMBER 9-11, 1993) + */ + +char *BF_version="BlowFish part of SSLeay 0.9.0b 29-Jun-1998"; + +char *BF_options() + { +#ifdef BF_PTR + return("blowfish(ptr)"); +#elif defined(BF_PTR2) + return("blowfish(ptr2)"); +#else + return("blowfish(idx)"); +#endif + } + +void BF_ecb_encrypt(in, out, ks, encrypt) +unsigned char *in; +unsigned char *out; +BF_KEY *ks; +int encrypt; + { + BF_LONG l,d[2]; + + n2l(in,l); d[0]=l; + n2l(in,l); d[1]=l; + if (encrypt) + BF_encrypt(d,ks); + else + BF_decrypt(d,ks); + l=d[0]; l2n(l,out); + l=d[1]; l2n(l,out); + l=d[0]=d[1]=0; + } + diff --git a/src/lib/libcrypto/bf/bf_enc.c b/src/lib/libcrypto/bf/bf_enc.c new file mode 100644 index 0000000000..66a8604c59 --- /dev/null +++ b/src/lib/libcrypto/bf/bf_enc.c @@ -0,0 +1,241 @@ +/* crypto/bf/bf_enc.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include "blowfish.h" +#include "bf_locl.h" + +/* Blowfish as implemented from 'Blowfish: Springer-Verlag paper' + * (From LECTURE NOTES IN COIMPUTER SCIENCE 809, FAST SOFTWARE ENCRYPTION, + * CAMBRIDGE SECURITY WORKSHOP, CAMBRIDGE, U.K., DECEMBER 9-11, 1993) + */ + +#if (BF_ROUNDS != 16) && (BF_ROUNDS != 20) +If you set BF_ROUNDS to some value other than 16 or 20, you will have +to modify the code. +#endif + +void BF_encrypt(data,key) +BF_LONG *data; +BF_KEY *key; + { + register BF_LONG l,r,*p,*s; + + p=key->P; + s= &(key->S[0]); + l=data[0]; + r=data[1]; + + l^=p[0]; + BF_ENC(r,l,s,p[ 1]); + BF_ENC(l,r,s,p[ 2]); + BF_ENC(r,l,s,p[ 3]); + BF_ENC(l,r,s,p[ 4]); + BF_ENC(r,l,s,p[ 5]); + BF_ENC(l,r,s,p[ 6]); + BF_ENC(r,l,s,p[ 7]); + BF_ENC(l,r,s,p[ 8]); + BF_ENC(r,l,s,p[ 9]); + BF_ENC(l,r,s,p[10]); + BF_ENC(r,l,s,p[11]); + BF_ENC(l,r,s,p[12]); + BF_ENC(r,l,s,p[13]); + BF_ENC(l,r,s,p[14]); + BF_ENC(r,l,s,p[15]); + BF_ENC(l,r,s,p[16]); +#if BF_ROUNDS == 20 + BF_ENC(r,l,s,p[17]); + BF_ENC(l,r,s,p[18]); + BF_ENC(r,l,s,p[19]); + BF_ENC(l,r,s,p[20]); +#endif + r^=p[BF_ROUNDS+1]; + + data[1]=l&0xffffffffL; + data[0]=r&0xffffffffL; + } + +#ifndef BF_DEFAULT_OPTIONS + +void BF_decrypt(data,key) +BF_LONG *data; +BF_KEY *key; + { + register BF_LONG l,r,*p,*s; + + p=key->P; + s= &(key->S[0]); + l=data[0]; + r=data[1]; + + l^=p[BF_ROUNDS+1]; +#if BF_ROUNDS == 20 + BF_ENC(r,l,s,p[20]); + BF_ENC(l,r,s,p[19]); + BF_ENC(r,l,s,p[18]); + BF_ENC(l,r,s,p[17]); +#endif + BF_ENC(r,l,s,p[16]); + BF_ENC(l,r,s,p[15]); + BF_ENC(r,l,s,p[14]); + BF_ENC(l,r,s,p[13]); + BF_ENC(r,l,s,p[12]); + BF_ENC(l,r,s,p[11]); + BF_ENC(r,l,s,p[10]); + BF_ENC(l,r,s,p[ 9]); + BF_ENC(r,l,s,p[ 8]); + BF_ENC(l,r,s,p[ 7]); + BF_ENC(r,l,s,p[ 6]); + BF_ENC(l,r,s,p[ 5]); + BF_ENC(r,l,s,p[ 4]); + BF_ENC(l,r,s,p[ 3]); + BF_ENC(r,l,s,p[ 2]); + BF_ENC(l,r,s,p[ 1]); + r^=p[0]; + + data[1]=l&0xffffffffL; + data[0]=r&0xffffffffL; + } + +void BF_cbc_encrypt(in, out, length, ks, iv, encrypt) +unsigned char *in; +unsigned char *out; +long length; +BF_KEY *ks; +unsigned char *iv; +int encrypt; + { + register BF_LONG tin0,tin1; + register BF_LONG tout0,tout1,xor0,xor1; + register long l=length; + BF_LONG tin[2]; + + if (encrypt) + { + n2l(iv,tout0); + n2l(iv,tout1); + iv-=8; + for (l-=8; l>=0; l-=8) + { + n2l(in,tin0); + n2l(in,tin1); + tin0^=tout0; + tin1^=tout1; + tin[0]=tin0; + tin[1]=tin1; + BF_encrypt(tin,ks); + tout0=tin[0]; + tout1=tin[1]; + l2n(tout0,out); + l2n(tout1,out); + } + if (l != -8) + { + n2ln(in,tin0,tin1,l+8); + tin0^=tout0; + tin1^=tout1; + tin[0]=tin0; + tin[1]=tin1; + BF_encrypt(tin,ks); + tout0=tin[0]; + tout1=tin[1]; + l2n(tout0,out); + l2n(tout1,out); + } + l2n(tout0,iv); + l2n(tout1,iv); + } + else + { + n2l(iv,xor0); + n2l(iv,xor1); + iv-=8; + for (l-=8; l>=0; l-=8) + { + n2l(in,tin0); + n2l(in,tin1); + tin[0]=tin0; + tin[1]=tin1; + BF_decrypt(tin,ks); + tout0=tin[0]^xor0; + tout1=tin[1]^xor1; + l2n(tout0,out); + l2n(tout1,out); + xor0=tin0; + xor1=tin1; + } + if (l != -8) + { + n2l(in,tin0); + n2l(in,tin1); + tin[0]=tin0; + tin[1]=tin1; + BF_decrypt(tin,ks); + tout0=tin[0]^xor0; + tout1=tin[1]^xor1; + l2nn(tout0,tout1,out,l+8); + xor0=tin0; + xor1=tin1; + } + l2n(xor0,iv); + l2n(xor1,iv); + } + tin0=tin1=tout0=tout1=xor0=xor1=0; + tin[0]=tin[1]=0; + } + +#endif diff --git a/src/lib/libcrypto/bf/bf_ofb64.c b/src/lib/libcrypto/bf/bf_ofb64.c new file mode 100644 index 0000000000..5d844ac760 --- /dev/null +++ b/src/lib/libcrypto/bf/bf_ofb64.c @@ -0,0 +1,115 @@ +/* crypto/bf/bf_ofb64.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include "blowfish.h" +#include "bf_locl.h" + +/* The input and output encrypted as though 64bit ofb mode is being + * used. The extra state information to record how much of the + * 64bit block we have used is contained in *num; + */ +void BF_ofb64_encrypt(in, out, length, schedule, ivec, num) +unsigned char *in; +unsigned char *out; +long length; +BF_KEY *schedule; +unsigned char *ivec; +int *num; + { + register BF_LONG v0,v1,t; + register int n= *num; + register long l=length; + unsigned char d[8]; + register char *dp; + BF_LONG ti[2]; + unsigned char *iv; + int save=0; + + iv=(unsigned char *)ivec; + n2l(iv,v0); + n2l(iv,v1); + ti[0]=v0; + ti[1]=v1; + dp=(char *)d; + l2n(v0,dp); + l2n(v1,dp); + while (l--) + { + if (n == 0) + { + BF_encrypt((BF_LONG *)ti,schedule); + dp=(char *)d; + t=ti[0]; l2n(t,dp); + t=ti[1]; l2n(t,dp); + save++; + } + *(out++)= *(in++)^d[n]; + n=(n+1)&0x07; + } + if (save) + { + v0=ti[0]; + v1=ti[1]; + iv=(unsigned char *)ivec; + l2n(v0,iv); + l2n(v1,iv); + } + t=v0=v1=ti[0]=ti[1]=0; + *num=n; + } + diff --git a/src/lib/libcrypto/bf/bf_pi.h b/src/lib/libcrypto/bf/bf_pi.h new file mode 100644 index 0000000000..417b935538 --- /dev/null +++ b/src/lib/libcrypto/bf/bf_pi.h @@ -0,0 +1,325 @@ +/* crypto/bf/bf_pi.h */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +static BF_KEY bf_init= { + { + 0x243f6a88L, 0x85a308d3L, 0x13198a2eL, 0x03707344L, + 0xa4093822L, 0x299f31d0L, 0x082efa98L, 0xec4e6c89L, + 0x452821e6L, 0x38d01377L, 0xbe5466cfL, 0x34e90c6cL, + 0xc0ac29b7L, 0xc97c50ddL, 0x3f84d5b5L, 0xb5470917L, + 0x9216d5d9L, 0x8979fb1b + },{ + 0xd1310ba6L, 0x98dfb5acL, 0x2ffd72dbL, 0xd01adfb7L, + 0xb8e1afedL, 0x6a267e96L, 0xba7c9045L, 0xf12c7f99L, + 0x24a19947L, 0xb3916cf7L, 0x0801f2e2L, 0x858efc16L, + 0x636920d8L, 0x71574e69L, 0xa458fea3L, 0xf4933d7eL, + 0x0d95748fL, 0x728eb658L, 0x718bcd58L, 0x82154aeeL, + 0x7b54a41dL, 0xc25a59b5L, 0x9c30d539L, 0x2af26013L, + 0xc5d1b023L, 0x286085f0L, 0xca417918L, 0xb8db38efL, + 0x8e79dcb0L, 0x603a180eL, 0x6c9e0e8bL, 0xb01e8a3eL, + 0xd71577c1L, 0xbd314b27L, 0x78af2fdaL, 0x55605c60L, + 0xe65525f3L, 0xaa55ab94L, 0x57489862L, 0x63e81440L, + 0x55ca396aL, 0x2aab10b6L, 0xb4cc5c34L, 0x1141e8ceL, + 0xa15486afL, 0x7c72e993L, 0xb3ee1411L, 0x636fbc2aL, + 0x2ba9c55dL, 0x741831f6L, 0xce5c3e16L, 0x9b87931eL, + 0xafd6ba33L, 0x6c24cf5cL, 0x7a325381L, 0x28958677L, + 0x3b8f4898L, 0x6b4bb9afL, 0xc4bfe81bL, 0x66282193L, + 0x61d809ccL, 0xfb21a991L, 0x487cac60L, 0x5dec8032L, + 0xef845d5dL, 0xe98575b1L, 0xdc262302L, 0xeb651b88L, + 0x23893e81L, 0xd396acc5L, 0x0f6d6ff3L, 0x83f44239L, + 0x2e0b4482L, 0xa4842004L, 0x69c8f04aL, 0x9e1f9b5eL, + 0x21c66842L, 0xf6e96c9aL, 0x670c9c61L, 0xabd388f0L, + 0x6a51a0d2L, 0xd8542f68L, 0x960fa728L, 0xab5133a3L, + 0x6eef0b6cL, 0x137a3be4L, 0xba3bf050L, 0x7efb2a98L, + 0xa1f1651dL, 0x39af0176L, 0x66ca593eL, 0x82430e88L, + 0x8cee8619L, 0x456f9fb4L, 0x7d84a5c3L, 0x3b8b5ebeL, + 0xe06f75d8L, 0x85c12073L, 0x401a449fL, 0x56c16aa6L, + 0x4ed3aa62L, 0x363f7706L, 0x1bfedf72L, 0x429b023dL, + 0x37d0d724L, 0xd00a1248L, 0xdb0fead3L, 0x49f1c09bL, + 0x075372c9L, 0x80991b7bL, 0x25d479d8L, 0xf6e8def7L, + 0xe3fe501aL, 0xb6794c3bL, 0x976ce0bdL, 0x04c006baL, + 0xc1a94fb6L, 0x409f60c4L, 0x5e5c9ec2L, 0x196a2463L, + 0x68fb6fafL, 0x3e6c53b5L, 0x1339b2ebL, 0x3b52ec6fL, + 0x6dfc511fL, 0x9b30952cL, 0xcc814544L, 0xaf5ebd09L, + 0xbee3d004L, 0xde334afdL, 0x660f2807L, 0x192e4bb3L, + 0xc0cba857L, 0x45c8740fL, 0xd20b5f39L, 0xb9d3fbdbL, + 0x5579c0bdL, 0x1a60320aL, 0xd6a100c6L, 0x402c7279L, + 0x679f25feL, 0xfb1fa3ccL, 0x8ea5e9f8L, 0xdb3222f8L, + 0x3c7516dfL, 0xfd616b15L, 0x2f501ec8L, 0xad0552abL, + 0x323db5faL, 0xfd238760L, 0x53317b48L, 0x3e00df82L, + 0x9e5c57bbL, 0xca6f8ca0L, 0x1a87562eL, 0xdf1769dbL, + 0xd542a8f6L, 0x287effc3L, 0xac6732c6L, 0x8c4f5573L, + 0x695b27b0L, 0xbbca58c8L, 0xe1ffa35dL, 0xb8f011a0L, + 0x10fa3d98L, 0xfd2183b8L, 0x4afcb56cL, 0x2dd1d35bL, + 0x9a53e479L, 0xb6f84565L, 0xd28e49bcL, 0x4bfb9790L, + 0xe1ddf2daL, 0xa4cb7e33L, 0x62fb1341L, 0xcee4c6e8L, + 0xef20cadaL, 0x36774c01L, 0xd07e9efeL, 0x2bf11fb4L, + 0x95dbda4dL, 0xae909198L, 0xeaad8e71L, 0x6b93d5a0L, + 0xd08ed1d0L, 0xafc725e0L, 0x8e3c5b2fL, 0x8e7594b7L, + 0x8ff6e2fbL, 0xf2122b64L, 0x8888b812L, 0x900df01cL, + 0x4fad5ea0L, 0x688fc31cL, 0xd1cff191L, 0xb3a8c1adL, + 0x2f2f2218L, 0xbe0e1777L, 0xea752dfeL, 0x8b021fa1L, + 0xe5a0cc0fL, 0xb56f74e8L, 0x18acf3d6L, 0xce89e299L, + 0xb4a84fe0L, 0xfd13e0b7L, 0x7cc43b81L, 0xd2ada8d9L, + 0x165fa266L, 0x80957705L, 0x93cc7314L, 0x211a1477L, + 0xe6ad2065L, 0x77b5fa86L, 0xc75442f5L, 0xfb9d35cfL, + 0xebcdaf0cL, 0x7b3e89a0L, 0xd6411bd3L, 0xae1e7e49L, + 0x00250e2dL, 0x2071b35eL, 0x226800bbL, 0x57b8e0afL, + 0x2464369bL, 0xf009b91eL, 0x5563911dL, 0x59dfa6aaL, + 0x78c14389L, 0xd95a537fL, 0x207d5ba2L, 0x02e5b9c5L, + 0x83260376L, 0x6295cfa9L, 0x11c81968L, 0x4e734a41L, + 0xb3472dcaL, 0x7b14a94aL, 0x1b510052L, 0x9a532915L, + 0xd60f573fL, 0xbc9bc6e4L, 0x2b60a476L, 0x81e67400L, + 0x08ba6fb5L, 0x571be91fL, 0xf296ec6bL, 0x2a0dd915L, + 0xb6636521L, 0xe7b9f9b6L, 0xff34052eL, 0xc5855664L, + 0x53b02d5dL, 0xa99f8fa1L, 0x08ba4799L, 0x6e85076aL, + 0x4b7a70e9L, 0xb5b32944L, 0xdb75092eL, 0xc4192623L, + 0xad6ea6b0L, 0x49a7df7dL, 0x9cee60b8L, 0x8fedb266L, + 0xecaa8c71L, 0x699a17ffL, 0x5664526cL, 0xc2b19ee1L, + 0x193602a5L, 0x75094c29L, 0xa0591340L, 0xe4183a3eL, + 0x3f54989aL, 0x5b429d65L, 0x6b8fe4d6L, 0x99f73fd6L, + 0xa1d29c07L, 0xefe830f5L, 0x4d2d38e6L, 0xf0255dc1L, + 0x4cdd2086L, 0x8470eb26L, 0x6382e9c6L, 0x021ecc5eL, + 0x09686b3fL, 0x3ebaefc9L, 0x3c971814L, 0x6b6a70a1L, + 0x687f3584L, 0x52a0e286L, 0xb79c5305L, 0xaa500737L, + 0x3e07841cL, 0x7fdeae5cL, 0x8e7d44ecL, 0x5716f2b8L, + 0xb03ada37L, 0xf0500c0dL, 0xf01c1f04L, 0x0200b3ffL, + 0xae0cf51aL, 0x3cb574b2L, 0x25837a58L, 0xdc0921bdL, + 0xd19113f9L, 0x7ca92ff6L, 0x94324773L, 0x22f54701L, + 0x3ae5e581L, 0x37c2dadcL, 0xc8b57634L, 0x9af3dda7L, + 0xa9446146L, 0x0fd0030eL, 0xecc8c73eL, 0xa4751e41L, + 0xe238cd99L, 0x3bea0e2fL, 0x3280bba1L, 0x183eb331L, + 0x4e548b38L, 0x4f6db908L, 0x6f420d03L, 0xf60a04bfL, + 0x2cb81290L, 0x24977c79L, 0x5679b072L, 0xbcaf89afL, + 0xde9a771fL, 0xd9930810L, 0xb38bae12L, 0xdccf3f2eL, + 0x5512721fL, 0x2e6b7124L, 0x501adde6L, 0x9f84cd87L, + 0x7a584718L, 0x7408da17L, 0xbc9f9abcL, 0xe94b7d8cL, + 0xec7aec3aL, 0xdb851dfaL, 0x63094366L, 0xc464c3d2L, + 0xef1c1847L, 0x3215d908L, 0xdd433b37L, 0x24c2ba16L, + 0x12a14d43L, 0x2a65c451L, 0x50940002L, 0x133ae4ddL, + 0x71dff89eL, 0x10314e55L, 0x81ac77d6L, 0x5f11199bL, + 0x043556f1L, 0xd7a3c76bL, 0x3c11183bL, 0x5924a509L, + 0xf28fe6edL, 0x97f1fbfaL, 0x9ebabf2cL, 0x1e153c6eL, + 0x86e34570L, 0xeae96fb1L, 0x860e5e0aL, 0x5a3e2ab3L, + 0x771fe71cL, 0x4e3d06faL, 0x2965dcb9L, 0x99e71d0fL, + 0x803e89d6L, 0x5266c825L, 0x2e4cc978L, 0x9c10b36aL, + 0xc6150ebaL, 0x94e2ea78L, 0xa5fc3c53L, 0x1e0a2df4L, + 0xf2f74ea7L, 0x361d2b3dL, 0x1939260fL, 0x19c27960L, + 0x5223a708L, 0xf71312b6L, 0xebadfe6eL, 0xeac31f66L, + 0xe3bc4595L, 0xa67bc883L, 0xb17f37d1L, 0x018cff28L, + 0xc332ddefL, 0xbe6c5aa5L, 0x65582185L, 0x68ab9802L, + 0xeecea50fL, 0xdb2f953bL, 0x2aef7dadL, 0x5b6e2f84L, + 0x1521b628L, 0x29076170L, 0xecdd4775L, 0x619f1510L, + 0x13cca830L, 0xeb61bd96L, 0x0334fe1eL, 0xaa0363cfL, + 0xb5735c90L, 0x4c70a239L, 0xd59e9e0bL, 0xcbaade14L, + 0xeecc86bcL, 0x60622ca7L, 0x9cab5cabL, 0xb2f3846eL, + 0x648b1eafL, 0x19bdf0caL, 0xa02369b9L, 0x655abb50L, + 0x40685a32L, 0x3c2ab4b3L, 0x319ee9d5L, 0xc021b8f7L, + 0x9b540b19L, 0x875fa099L, 0x95f7997eL, 0x623d7da8L, + 0xf837889aL, 0x97e32d77L, 0x11ed935fL, 0x16681281L, + 0x0e358829L, 0xc7e61fd6L, 0x96dedfa1L, 0x7858ba99L, + 0x57f584a5L, 0x1b227263L, 0x9b83c3ffL, 0x1ac24696L, + 0xcdb30aebL, 0x532e3054L, 0x8fd948e4L, 0x6dbc3128L, + 0x58ebf2efL, 0x34c6ffeaL, 0xfe28ed61L, 0xee7c3c73L, + 0x5d4a14d9L, 0xe864b7e3L, 0x42105d14L, 0x203e13e0L, + 0x45eee2b6L, 0xa3aaabeaL, 0xdb6c4f15L, 0xfacb4fd0L, + 0xc742f442L, 0xef6abbb5L, 0x654f3b1dL, 0x41cd2105L, + 0xd81e799eL, 0x86854dc7L, 0xe44b476aL, 0x3d816250L, + 0xcf62a1f2L, 0x5b8d2646L, 0xfc8883a0L, 0xc1c7b6a3L, + 0x7f1524c3L, 0x69cb7492L, 0x47848a0bL, 0x5692b285L, + 0x095bbf00L, 0xad19489dL, 0x1462b174L, 0x23820e00L, + 0x58428d2aL, 0x0c55f5eaL, 0x1dadf43eL, 0x233f7061L, + 0x3372f092L, 0x8d937e41L, 0xd65fecf1L, 0x6c223bdbL, + 0x7cde3759L, 0xcbee7460L, 0x4085f2a7L, 0xce77326eL, + 0xa6078084L, 0x19f8509eL, 0xe8efd855L, 0x61d99735L, + 0xa969a7aaL, 0xc50c06c2L, 0x5a04abfcL, 0x800bcadcL, + 0x9e447a2eL, 0xc3453484L, 0xfdd56705L, 0x0e1e9ec9L, + 0xdb73dbd3L, 0x105588cdL, 0x675fda79L, 0xe3674340L, + 0xc5c43465L, 0x713e38d8L, 0x3d28f89eL, 0xf16dff20L, + 0x153e21e7L, 0x8fb03d4aL, 0xe6e39f2bL, 0xdb83adf7L, + 0xe93d5a68L, 0x948140f7L, 0xf64c261cL, 0x94692934L, + 0x411520f7L, 0x7602d4f7L, 0xbcf46b2eL, 0xd4a20068L, + 0xd4082471L, 0x3320f46aL, 0x43b7d4b7L, 0x500061afL, + 0x1e39f62eL, 0x97244546L, 0x14214f74L, 0xbf8b8840L, + 0x4d95fc1dL, 0x96b591afL, 0x70f4ddd3L, 0x66a02f45L, + 0xbfbc09ecL, 0x03bd9785L, 0x7fac6dd0L, 0x31cb8504L, + 0x96eb27b3L, 0x55fd3941L, 0xda2547e6L, 0xabca0a9aL, + 0x28507825L, 0x530429f4L, 0x0a2c86daL, 0xe9b66dfbL, + 0x68dc1462L, 0xd7486900L, 0x680ec0a4L, 0x27a18deeL, + 0x4f3ffea2L, 0xe887ad8cL, 0xb58ce006L, 0x7af4d6b6L, + 0xaace1e7cL, 0xd3375fecL, 0xce78a399L, 0x406b2a42L, + 0x20fe9e35L, 0xd9f385b9L, 0xee39d7abL, 0x3b124e8bL, + 0x1dc9faf7L, 0x4b6d1856L, 0x26a36631L, 0xeae397b2L, + 0x3a6efa74L, 0xdd5b4332L, 0x6841e7f7L, 0xca7820fbL, + 0xfb0af54eL, 0xd8feb397L, 0x454056acL, 0xba489527L, + 0x55533a3aL, 0x20838d87L, 0xfe6ba9b7L, 0xd096954bL, + 0x55a867bcL, 0xa1159a58L, 0xcca92963L, 0x99e1db33L, + 0xa62a4a56L, 0x3f3125f9L, 0x5ef47e1cL, 0x9029317cL, + 0xfdf8e802L, 0x04272f70L, 0x80bb155cL, 0x05282ce3L, + 0x95c11548L, 0xe4c66d22L, 0x48c1133fL, 0xc70f86dcL, + 0x07f9c9eeL, 0x41041f0fL, 0x404779a4L, 0x5d886e17L, + 0x325f51ebL, 0xd59bc0d1L, 0xf2bcc18fL, 0x41113564L, + 0x257b7834L, 0x602a9c60L, 0xdff8e8a3L, 0x1f636c1bL, + 0x0e12b4c2L, 0x02e1329eL, 0xaf664fd1L, 0xcad18115L, + 0x6b2395e0L, 0x333e92e1L, 0x3b240b62L, 0xeebeb922L, + 0x85b2a20eL, 0xe6ba0d99L, 0xde720c8cL, 0x2da2f728L, + 0xd0127845L, 0x95b794fdL, 0x647d0862L, 0xe7ccf5f0L, + 0x5449a36fL, 0x877d48faL, 0xc39dfd27L, 0xf33e8d1eL, + 0x0a476341L, 0x992eff74L, 0x3a6f6eabL, 0xf4f8fd37L, + 0xa812dc60L, 0xa1ebddf8L, 0x991be14cL, 0xdb6e6b0dL, + 0xc67b5510L, 0x6d672c37L, 0x2765d43bL, 0xdcd0e804L, + 0xf1290dc7L, 0xcc00ffa3L, 0xb5390f92L, 0x690fed0bL, + 0x667b9ffbL, 0xcedb7d9cL, 0xa091cf0bL, 0xd9155ea3L, + 0xbb132f88L, 0x515bad24L, 0x7b9479bfL, 0x763bd6ebL, + 0x37392eb3L, 0xcc115979L, 0x8026e297L, 0xf42e312dL, + 0x6842ada7L, 0xc66a2b3bL, 0x12754cccL, 0x782ef11cL, + 0x6a124237L, 0xb79251e7L, 0x06a1bbe6L, 0x4bfb6350L, + 0x1a6b1018L, 0x11caedfaL, 0x3d25bdd8L, 0xe2e1c3c9L, + 0x44421659L, 0x0a121386L, 0xd90cec6eL, 0xd5abea2aL, + 0x64af674eL, 0xda86a85fL, 0xbebfe988L, 0x64e4c3feL, + 0x9dbc8057L, 0xf0f7c086L, 0x60787bf8L, 0x6003604dL, + 0xd1fd8346L, 0xf6381fb0L, 0x7745ae04L, 0xd736fcccL, + 0x83426b33L, 0xf01eab71L, 0xb0804187L, 0x3c005e5fL, + 0x77a057beL, 0xbde8ae24L, 0x55464299L, 0xbf582e61L, + 0x4e58f48fL, 0xf2ddfda2L, 0xf474ef38L, 0x8789bdc2L, + 0x5366f9c3L, 0xc8b38e74L, 0xb475f255L, 0x46fcd9b9L, + 0x7aeb2661L, 0x8b1ddf84L, 0x846a0e79L, 0x915f95e2L, + 0x466e598eL, 0x20b45770L, 0x8cd55591L, 0xc902de4cL, + 0xb90bace1L, 0xbb8205d0L, 0x11a86248L, 0x7574a99eL, + 0xb77f19b6L, 0xe0a9dc09L, 0x662d09a1L, 0xc4324633L, + 0xe85a1f02L, 0x09f0be8cL, 0x4a99a025L, 0x1d6efe10L, + 0x1ab93d1dL, 0x0ba5a4dfL, 0xa186f20fL, 0x2868f169L, + 0xdcb7da83L, 0x573906feL, 0xa1e2ce9bL, 0x4fcd7f52L, + 0x50115e01L, 0xa70683faL, 0xa002b5c4L, 0x0de6d027L, + 0x9af88c27L, 0x773f8641L, 0xc3604c06L, 0x61a806b5L, + 0xf0177a28L, 0xc0f586e0L, 0x006058aaL, 0x30dc7d62L, + 0x11e69ed7L, 0x2338ea63L, 0x53c2dd94L, 0xc2c21634L, + 0xbbcbee56L, 0x90bcb6deL, 0xebfc7da1L, 0xce591d76L, + 0x6f05e409L, 0x4b7c0188L, 0x39720a3dL, 0x7c927c24L, + 0x86e3725fL, 0x724d9db9L, 0x1ac15bb4L, 0xd39eb8fcL, + 0xed545578L, 0x08fca5b5L, 0xd83d7cd3L, 0x4dad0fc4L, + 0x1e50ef5eL, 0xb161e6f8L, 0xa28514d9L, 0x6c51133cL, + 0x6fd5c7e7L, 0x56e14ec4L, 0x362abfceL, 0xddc6c837L, + 0xd79a3234L, 0x92638212L, 0x670efa8eL, 0x406000e0L, + 0x3a39ce37L, 0xd3faf5cfL, 0xabc27737L, 0x5ac52d1bL, + 0x5cb0679eL, 0x4fa33742L, 0xd3822740L, 0x99bc9bbeL, + 0xd5118e9dL, 0xbf0f7315L, 0xd62d1c7eL, 0xc700c47bL, + 0xb78c1b6bL, 0x21a19045L, 0xb26eb1beL, 0x6a366eb4L, + 0x5748ab2fL, 0xbc946e79L, 0xc6a376d2L, 0x6549c2c8L, + 0x530ff8eeL, 0x468dde7dL, 0xd5730a1dL, 0x4cd04dc6L, + 0x2939bbdbL, 0xa9ba4650L, 0xac9526e8L, 0xbe5ee304L, + 0xa1fad5f0L, 0x6a2d519aL, 0x63ef8ce2L, 0x9a86ee22L, + 0xc089c2b8L, 0x43242ef6L, 0xa51e03aaL, 0x9cf2d0a4L, + 0x83c061baL, 0x9be96a4dL, 0x8fe51550L, 0xba645bd6L, + 0x2826a2f9L, 0xa73a3ae1L, 0x4ba99586L, 0xef5562e9L, + 0xc72fefd3L, 0xf752f7daL, 0x3f046f69L, 0x77fa0a59L, + 0x80e4a915L, 0x87b08601L, 0x9b09e6adL, 0x3b3ee593L, + 0xe990fd5aL, 0x9e34d797L, 0x2cf0b7d9L, 0x022b8b51L, + 0x96d5ac3aL, 0x017da67dL, 0xd1cf3ed6L, 0x7c7d2d28L, + 0x1f9f25cfL, 0xadf2b89bL, 0x5ad6b472L, 0x5a88f54cL, + 0xe029ac71L, 0xe019a5e6L, 0x47b0acfdL, 0xed93fa9bL, + 0xe8d3c48dL, 0x283b57ccL, 0xf8d56629L, 0x79132e28L, + 0x785f0191L, 0xed756055L, 0xf7960e44L, 0xe3d35e8cL, + 0x15056dd4L, 0x88f46dbaL, 0x03a16125L, 0x0564f0bdL, + 0xc3eb9e15L, 0x3c9057a2L, 0x97271aecL, 0xa93a072aL, + 0x1b3f6d9bL, 0x1e6321f5L, 0xf59c66fbL, 0x26dcf319L, + 0x7533d928L, 0xb155fdf5L, 0x03563482L, 0x8aba3cbbL, + 0x28517711L, 0xc20ad9f8L, 0xabcc5167L, 0xccad925fL, + 0x4de81751L, 0x3830dc8eL, 0x379d5862L, 0x9320f991L, + 0xea7a90c2L, 0xfb3e7bceL, 0x5121ce64L, 0x774fbe32L, + 0xa8b6e37eL, 0xc3293d46L, 0x48de5369L, 0x6413e680L, + 0xa2ae0810L, 0xdd6db224L, 0x69852dfdL, 0x09072166L, + 0xb39a460aL, 0x6445c0ddL, 0x586cdecfL, 0x1c20c8aeL, + 0x5bbef7ddL, 0x1b588d40L, 0xccd2017fL, 0x6bb4e3bbL, + 0xdda26a7eL, 0x3a59ff45L, 0x3e350a44L, 0xbcb4cdd5L, + 0x72eacea8L, 0xfa6484bbL, 0x8d6612aeL, 0xbf3c6f47L, + 0xd29be463L, 0x542f5d9eL, 0xaec2771bL, 0xf64e6370L, + 0x740e0d8dL, 0xe75b1357L, 0xf8721671L, 0xaf537d5dL, + 0x4040cb08L, 0x4eb4e2ccL, 0x34d2466aL, 0x0115af84L, + 0xe1b00428L, 0x95983a1dL, 0x06b89fb4L, 0xce6ea048L, + 0x6f3f3b82L, 0x3520ab82L, 0x011a1d4bL, 0x277227f8L, + 0x611560b1L, 0xe7933fdcL, 0xbb3a792bL, 0x344525bdL, + 0xa08839e1L, 0x51ce794bL, 0x2f32c9b7L, 0xa01fbac9L, + 0xe01cc87eL, 0xbcc7d1f6L, 0xcf0111c3L, 0xa1e8aac7L, + 0x1a908749L, 0xd44fbd9aL, 0xd0dadecbL, 0xd50ada38L, + 0x0339c32aL, 0xc6913667L, 0x8df9317cL, 0xe0b12b4fL, + 0xf79e59b7L, 0x43f5bb3aL, 0xf2d519ffL, 0x27d9459cL, + 0xbf97222cL, 0x15e6fc2aL, 0x0f91fc71L, 0x9b941525L, + 0xfae59361L, 0xceb69cebL, 0xc2a86459L, 0x12baa8d1L, + 0xb6c1075eL, 0xe3056a0cL, 0x10d25065L, 0xcb03a442L, + 0xe0ec6e0eL, 0x1698db3bL, 0x4c98a0beL, 0x3278e964L, + 0x9f1f9532L, 0xe0d392dfL, 0xd3a0342bL, 0x8971f21eL, + 0x1b0a7441L, 0x4ba3348cL, 0xc5be7120L, 0xc37632d8L, + 0xdf359f8dL, 0x9b992f2eL, 0xe60b6f47L, 0x0fe3f11dL, + 0xe54cda54L, 0x1edad891L, 0xce6279cfL, 0xcd3e7e6fL, + 0x1618b166L, 0xfd2c1d05L, 0x848fd2c5L, 0xf6fb2299L, + 0xf523f357L, 0xa6327623L, 0x93a83531L, 0x56cccd02L, + 0xacf08162L, 0x5a75ebb5L, 0x6e163697L, 0x88d273ccL, + 0xde966292L, 0x81b949d0L, 0x4c50901bL, 0x71c65614L, + 0xe6c6c7bdL, 0x327a140aL, 0x45e1d006L, 0xc3f27b9aL, + 0xc9aa53fdL, 0x62a80f00L, 0xbb25bfe2L, 0x35bdd2f6L, + 0x71126905L, 0xb2040222L, 0xb6cbcf7cL, 0xcd769c2bL, + 0x53113ec0L, 0x1640e3d3L, 0x38abbd60L, 0x2547adf0L, + 0xba38209cL, 0xf746ce76L, 0x77afa1c5L, 0x20756060L, + 0x85cbfe4eL, 0x8ae88dd8L, 0x7aaaf9b0L, 0x4cf9aa7eL, + 0x1948c25cL, 0x02fb8a8cL, 0x01c36ae4L, 0xd6ebe1f9L, + 0x90d4f869L, 0xa65cdea0L, 0x3f09252dL, 0xc208e69fL, + 0xb74e6132L, 0xce77e25bL, 0x578fdfe3L, 0x3ac372e6L, + } + }; + diff --git a/src/lib/libcrypto/bf/bf_skey.c b/src/lib/libcrypto/bf/bf_skey.c new file mode 100644 index 0000000000..86574c0acc --- /dev/null +++ b/src/lib/libcrypto/bf/bf_skey.c @@ -0,0 +1,119 @@ +/* crypto/bf/bf_skey.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include +#include +#include "blowfish.h" +#include "bf_locl.h" +#include "bf_pi.h" + +void BF_set_key(key,len,data) +BF_KEY *key; +int len; +unsigned char *data; + { + int i; + BF_LONG *p,ri,in[2]; + unsigned char *d,*end; + + + memcpy((char *)key,(char *)&bf_init,sizeof(BF_KEY)); + p=key->P; + + if (len > ((BF_ROUNDS+2)*4)) len=(BF_ROUNDS+2)*4; + + d=data; + end= &(data[len]); + for (i=0; i<(BF_ROUNDS+2); i++) + { + ri= *(d++); + if (d >= end) d=data; + + ri<<=8; + ri|= *(d++); + if (d >= end) d=data; + + ri<<=8; + ri|= *(d++); + if (d >= end) d=data; + + ri<<=8; + ri|= *(d++); + if (d >= end) d=data; + + p[i]^=ri; + } + + in[0]=0L; + in[1]=0L; + for (i=0; i<(BF_ROUNDS+2); i+=2) + { + BF_encrypt(in,key); + p[i ]=in[0]; + p[i+1]=in[1]; + } + + p=key->S; + for (i=0; i<4*256; i+=2) + { + BF_encrypt(in,key); + p[i ]=in[0]; + p[i+1]=in[1]; + } + } + diff --git a/src/lib/libcrypto/bf/blowfish.h b/src/lib/libcrypto/bf/blowfish.h new file mode 100644 index 0000000000..c4a8085a29 --- /dev/null +++ b/src/lib/libcrypto/bf/blowfish.h @@ -0,0 +1,116 @@ +/* crypto/bf/blowfish.h */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#ifndef HEADER_BLOWFISH_H +#define HEADER_BLOWFISH_H + +#ifdef __cplusplus +extern "C" { +#endif + +#define BF_ENCRYPT 1 +#define BF_DECRYPT 0 + +/* If you make this 'unsigned int' the pointer variants will work on + * the Alpha, otherwise they will not. Strangly using the '8 byte' + * BF_LONG and the default 'non-pointer' inner loop is the best configuration + * for the Alpha */ +#define BF_LONG unsigned long + +#define BF_ROUNDS 16 +#define BF_BLOCK 8 + +typedef struct bf_key_st + { + BF_LONG P[BF_ROUNDS+2]; + BF_LONG S[4*256]; + } BF_KEY; + +#ifndef NOPROTO + +void BF_set_key(BF_KEY *key, int len, unsigned char *data); +void BF_ecb_encrypt(unsigned char *in,unsigned char *out,BF_KEY *key, + int enc); +void BF_encrypt(BF_LONG *data,BF_KEY *key); +void BF_decrypt(BF_LONG *data,BF_KEY *key); +void BF_cbc_encrypt(unsigned char *in, unsigned char *out, long length, + BF_KEY *ks, unsigned char *iv, int enc); +void BF_cfb64_encrypt(unsigned char *in, unsigned char *out, long length, + BF_KEY *schedule, unsigned char *ivec, int *num, int enc); +void BF_ofb64_encrypt(unsigned char *in, unsigned char *out, long length, + BF_KEY *schedule, unsigned char *ivec, int *num); +char *BF_options(void); + +#else + +void BF_set_key(); +void BF_ecb_encrypt(); +void BF_encrypt(); +void BF_decrypt(); +void BF_cbc_encrypt(); +void BF_cfb64_encrypt(); +void BF_ofb64_encrypt(); +char *BF_options(); + +#endif + +#ifdef __cplusplus +} +#endif + +#endif diff --git a/src/lib/libcrypto/bio/b_dump.c b/src/lib/libcrypto/bio/b_dump.c new file mode 100644 index 0000000000..db84ad3d47 --- /dev/null +++ b/src/lib/libcrypto/bio/b_dump.c @@ -0,0 +1,125 @@ +/* crypto/bio/b_dump.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +/* + * Stolen from tjh's ssl/ssl_trc.c stuff. + */ + +#include +#include "cryptlib.h" +#include "bio.h" + +#define TRUNCATE +#define DUMP_WIDTH 16 + +int BIO_dump(bio,s,len) +BIO *bio; +char *s; +int len; +{ + int ret=0; + char buf[160+1],tmp[20]; + int i,j,rows,trunc; + unsigned char ch; + + trunc=0; + +#ifdef TRUNCATE + for(; (len > 0) && ((s[len-1] == ' ') || (s[len-1] == '\0')); len--) + trunc++; +#endif + + rows=(len/DUMP_WIDTH); + if ((rows*DUMP_WIDTH)=len) { + strcat(buf," "); + } else { + ch=((unsigned char)*((char *)(s)+i*DUMP_WIDTH+j)) & 0xff; + sprintf(tmp,"%02x%c",ch,j==7?'-':' '); + strcat(buf,tmp); + } + } + strcat(buf," "); + for(j=0;j=len) + break; + ch=((unsigned char)*((char *)(s)+i*DUMP_WIDTH+j)) & 0xff; + sprintf(tmp,"%c",((ch>=' ')&&(ch<='~'))?ch:'.'); + strcat(buf,tmp); + } + strcat(buf,"\n"); + /* if this is the last call then update the ddt_dump thing so that + * we will move the selection point in the debug window + */ + ret+=BIO_write(bio,(char *)buf,strlen(buf)); + } +#ifdef TRUNCATE + if (trunc > 0) { + sprintf(buf,"%04x - \n",len+trunc); + ret+=BIO_write(bio,(char *)buf,strlen(buf)); + } +#endif + return(ret); +} + diff --git a/src/lib/libcrypto/bio/b_print.c b/src/lib/libcrypto/bio/b_print.c new file mode 100644 index 0000000000..cdadeb839a --- /dev/null +++ b/src/lib/libcrypto/bio/b_print.c @@ -0,0 +1,92 @@ +/* crypto/bio/b_print.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +/* + * Stolen from tjh's ssl/ssl_trc.c stuff. + */ + +#include +#include "cryptlib.h" +#include "bio.h" + +int BIO_printf ( VAR_PLIST( BIO *, bio ) ) +VAR_ALIST + { + VAR_BDEFN(args, BIO *, bio); + char *format; + int ret; + MS_STATIC char hugebuf[1024*2]; /* 10k in one chunk is the limit */ + + VAR_INIT(args, BIO *, bio); + VAR_ARG(args, char *, format); + + hugebuf[0]='\0'; + +/* no-one uses _doprnt anymore and it appears to be broken under SunOS 4.1.4 */ +#if 0 && defined(sun) && !defined(VAR_ANSI) /**/ + _doprnt(hugebuf,format,args); +#else /* !sun */ + vsprintf(hugebuf,format,args); +#endif /* sun */ + + ret=BIO_write(bio,hugebuf,strlen(hugebuf)); + + VAR_END( args ); + return(ret); + } + diff --git a/src/lib/libcrypto/bio/b_sock.c b/src/lib/libcrypto/bio/b_sock.c new file mode 100644 index 0000000000..a45909527c --- /dev/null +++ b/src/lib/libcrypto/bio/b_sock.c @@ -0,0 +1,628 @@ +/* crypto/bio/b_sock.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#ifndef NO_SOCK + +#include +#include +#include +#define USE_SOCKETS +#include "cryptlib.h" +#include "bio.h" + +/* BIOerr(BIO_F_WSASTARTUP,BIO_R_WSASTARTUP ); */ + +#ifdef WIN16 +#define SOCKET_PROTOCOL 0 /* more microsoft stupidity */ +#else +#define SOCKET_PROTOCOL IPPROTO_TCP +#endif + +#ifdef SO_MAXCONN +#define MAX_LISTEN SOMAXCONN +#elif defined(SO_MAXCONN) +#define MAX_LISTEN SO_MAXCONN +#else +#define MAX_LISTEN 32 +#endif + +#ifdef WINDOWS +static int wsa_init_done=0; +#endif + +static unsigned long BIO_ghbn_hits=0L; +static unsigned long BIO_ghbn_miss=0L; + +#define GHBN_NUM 4 +static struct ghbn_cache_st + { + char name[129]; + struct hostent *ent; + unsigned long order; + } ghbn_cache[GHBN_NUM]; + +#ifndef NOPROTO +static int get_ip(char *str,unsigned char *ip); +static void ghbn_free(struct hostent *a); +static struct hostent *ghbn_dup(struct hostent *a); +#else +static int get_ip(); +static void ghbn_free(); +static struct hostent *ghbn_dup(); +#endif + +int BIO_get_host_ip(str,ip) +char *str; +unsigned char *ip; + { + int i; + struct hostent *he; + + i=get_ip(str,ip); + if (i > 0) return(1); + if (i < 0) + { + BIOerr(BIO_F_BIO_GET_HOST_IP,BIO_R_INVALID_IP_ADDRESS); + ERR_add_error_data(2,"host=",str); + return(0); + } + else + { /* do a gethostbyname */ + if (!BIO_sock_init()) return(0); + + he=BIO_gethostbyname(str); + if (he == NULL) + { + BIOerr(BIO_F_BIO_GET_HOST_IP,BIO_R_BAD_HOSTNAME_LOOKUP); + ERR_add_error_data(2,"host=",str); + return(0); + } + + /* cast to short because of win16 winsock definition */ + if ((short)he->h_addrtype != AF_INET) + { + BIOerr(BIO_F_BIO_GET_HOST_IP,BIO_R_GETHOSTBYNAME_ADDR_IS_NOT_AF_INET); + ERR_add_error_data(2,"host=",str); + return(0); + } + for (i=0; i<4; i++) + ip[i]=he->h_addr_list[0][i]; + } + return(1); + } + +int BIO_get_port(str,port_ptr) +char *str; +short *port_ptr; + { + int i; + struct servent *s; + + if (str == NULL) + { + BIOerr(BIO_F_BIO_GET_PORT,BIO_R_NO_PORT_DEFINED); + return(0); + } + i=atoi(str); + if (i != 0) + *port_ptr=(unsigned short)i; + else + { + s=getservbyname(str,"tcp"); + if (s == NULL) + { + if (strcmp(str,"http") == 0) + *port_ptr=80; + else if (strcmp(str,"telnet") == 0) + *port_ptr=23; + else if (strcmp(str,"socks") == 0) + *port_ptr=1080; + else if (strcmp(str,"https") == 0) + *port_ptr=443; + else if (strcmp(str,"ssl") == 0) + *port_ptr=443; + else if (strcmp(str,"ftp") == 0) + *port_ptr=21; + else if (strcmp(str,"gopher") == 0) + *port_ptr=70; +#if 0 + else if (strcmp(str,"wais") == 0) + *port_ptr=21; +#endif + else + { + SYSerr(SYS_F_GETSERVBYNAME,get_last_socket_error()); + ERR_add_error_data(3,"service='",str,"'"); + return(0); + } + return(1); + } + *port_ptr=htons((unsigned short)s->s_port); + } + return(1); + } + +int BIO_sock_error(sock) +int sock; + { + int j,i,size; + + size=sizeof(int); + + i=getsockopt(sock,SOL_SOCKET,SO_ERROR,(char *)&j,&size); + if (i < 0) + return(1); + else + return(j); + } + +long BIO_ghbn_ctrl(cmd,iarg,parg) +int cmd; +int iarg; +char *parg; + { + int i; + char **p; + + switch (cmd) + { + case BIO_GHBN_CTRL_HITS: + return(BIO_ghbn_hits); + break; + case BIO_GHBN_CTRL_MISSES: + return(BIO_ghbn_miss); + break; + case BIO_GHBN_CTRL_CACHE_SIZE: + return(GHBN_NUM); + break; + case BIO_GHBN_CTRL_GET_ENTRY: + if ((iarg >= 0) && (iarg 0)) + { + p=(char **)parg; + if (p == NULL) return(0); + *p=ghbn_cache[iarg].name; + ghbn_cache[iarg].name[128]='\0'; + return(1); + } + return(0); + break; + case BIO_GHBN_CTRL_FLUSH: + for (i=0; ih_aliases[i] != NULL; i++) + ; + i++; + ret->h_aliases=(char **)malloc(sizeof(char *)*i); + memset(ret->h_aliases,0,sizeof(char *)*i); + if (ret == NULL) goto err; + + for (i=0; a->h_addr_list[i] != NULL; i++) + ; + i++; + ret->h_addr_list=(char **)malloc(sizeof(char *)*i); + memset(ret->h_addr_list,0,sizeof(char *)*i); + if (ret->h_addr_list == NULL) goto err; + + j=strlen(a->h_name)+1; + if ((ret->h_name=malloc(j)) == NULL) goto err; + memcpy((char *)ret->h_name,a->h_name,j); + for (i=0; a->h_aliases[i] != NULL; i++) + { + j=strlen(a->h_aliases[i])+1; + if ((ret->h_aliases[i]=malloc(j)) == NULL) goto err; + memcpy(ret->h_aliases[i],a->h_aliases[i],j); + } + ret->h_length=a->h_length; + ret->h_addrtype=a->h_addrtype; + for (i=0; a->h_addr_list[i] != NULL; i++) + { + if ((ret->h_addr_list[i]=malloc(a->h_length)) == NULL) + goto err; + memcpy(ret->h_addr_list[i],a->h_addr_list[i],a->h_length); + } + return(ret); +err: + if (ret != NULL) + ghbn_free(ret); + return(NULL); + } + +static void ghbn_free(a) +struct hostent *a; + { + int i; + + if (a->h_aliases != NULL) + { + for (i=0; a->h_aliases[i] != NULL; i++) + free(a->h_aliases[i]); + free(a->h_aliases); + } + if (a->h_addr_list != NULL) + { + for (i=0; a->h_addr_list[i] != NULL; i++) + free(a->h_addr_list[i]); + free(a->h_addr_list); + } + if (a->h_name != NULL) free((char *)a->h_name); + free(a); + } + +struct hostent *BIO_gethostbyname(name) +char *name; + { + struct hostent *ret; + int i,lowi=0,j; + unsigned long low= (unsigned long)-1; + +/* return(gethostbyname(name)); */ + + CRYPTO_w_lock(CRYPTO_LOCK_BIO_GETHOSTBYNAME); + j=strlen(name); + if (j < 128) + { + for (i=0; i ghbn_cache[i].order) + { + low=ghbn_cache[i].order; + lowi=i; + } + if (ghbn_cache[i].order > 0) + { + if (strncmp(name,ghbn_cache[i].name,128) == 0) + break; + } + } + } + else + i=GHBN_NUM; + + if (i == GHBN_NUM) /* no hit*/ + { + BIO_ghbn_miss++; + ret=gethostbyname(name); + + if (ret == NULL) return(NULL); + if (j > 128) return(ret); /* too big to cache */ + + /* else add to cache */ + if (ghbn_cache[lowi].ent != NULL) + ghbn_free(ghbn_cache[lowi].ent); + + strncpy(ghbn_cache[lowi].name,name,128); + ghbn_cache[lowi].ent=ghbn_dup(ret); + ghbn_cache[lowi].order=BIO_ghbn_miss+BIO_ghbn_hits; + } + else + { + BIO_ghbn_hits++; + ret= ghbn_cache[i].ent; + ghbn_cache[i].order=BIO_ghbn_miss+BIO_ghbn_hits; + } + CRYPTO_w_unlock(CRYPTO_LOCK_BIO_GETHOSTBYNAME); + return(ret); + } + +int BIO_sock_init() + { +#ifdef WINDOWS + static struct WSAData wsa_state; + + if (!wsa_init_done) + { + int err; + +#ifdef SIGINT + signal(SIGINT,(void (*)(int))BIO_sock_cleanup); +#endif + wsa_init_done=1; + memset(&wsa_state,0,sizeof(wsa_state)); + if (WSAStartup(0x0101,&wsa_state)!=0) + { + err=WSAGetLastError(); + SYSerr(SYS_F_WSASTARTUP,err); + BIOerr(BIO_F_BIO_SOCK_INIT,BIO_R_WSASTARTUP); + return(-1); + } + } +#endif /* WINDOWS */ + return(1); + } + +void BIO_sock_cleanup() + { +#ifdef WINDOWS + if (wsa_init_done) + { + wsa_init_done=0; + WSACancelBlockingCall(); + WSACleanup(); + } +#endif + } + +int BIO_socket_ioctl(fd,type,arg) +int fd; +long type; +unsigned long *arg; + { + int i; + + i=ioctlsocket(fd,type,arg); + if (i < 0) + SYSerr(SYS_F_IOCTLSOCKET,get_last_socket_error()); + return(i); + } + +/* The reason I have implemented this instead of using sscanf is because + * Visual C 1.52c gives an unresolved external when linking a DLL :-( */ +static int get_ip(str,ip) +char *str; +unsigned char ip[4]; + { + unsigned int tmp[4]; + int num=0,c,ok=0; + + tmp[0]=tmp[1]=tmp[2]=tmp[3]=0; + + for (;;) + { + c= *(str++); + if ((c >= '0') && (c <= '9')) + { + ok=1; + tmp[num]=tmp[num]*10+c-'0'; + if (tmp[num] > 255) return(-1); + } + else if (c == '.') + { + if (!ok) return(-1); + if (num == 3) break; + num++; + ok=0; + } + else if ((num == 3) && ok) + break; + else + return(0); + } + ip[0]=tmp[0]; + ip[1]=tmp[1]; + ip[2]=tmp[2]; + ip[3]=tmp[3]; + return(1); + } + +int BIO_get_accept_socket(host) +char *host; + { + int ret=0; + struct sockaddr_in server; + int s= -1; + unsigned char ip[4]; + short port; + char *str,*h,*p,*e; + unsigned long l; + + if (!BIO_sock_init()) return(INVALID_SOCKET); + + if ((str=BUF_strdup(host)) == NULL) return(INVALID_SOCKET); + + h=p=NULL; + h=str; + for (e=str; *e; e++) + { + if (*e == ':') + { + p= &(e[1]); + *e='\0'; + } + else if (*e == '/') + { + *e='\0'; + break; + } + } + + if (p == NULL) + { + p=h; + h="*"; + } + + if (!BIO_get_port(p,&port)) return(INVALID_SOCKET); + + memset((char *)&server,0,sizeof(server)); + server.sin_family=AF_INET; + server.sin_port=htons((unsigned short)port); + + if (strcmp(h,"*") == 0) + server.sin_addr.s_addr=INADDR_ANY; + else + { + if (!BIO_get_host_ip(h,&(ip[0]))) return(INVALID_SOCKET); + l=(unsigned long) + ((unsigned long)ip[0]<<24L)| + ((unsigned long)ip[0]<<16L)| + ((unsigned long)ip[0]<< 8L)| + ((unsigned long)ip[0]); + server.sin_addr.s_addr=htonl(l); + } + + s=socket(AF_INET,SOCK_STREAM,SOCKET_PROTOCOL); + if (s == INVALID_SOCKET) + { + SYSerr(SYS_F_SOCKET,get_last_socket_error()); + ERR_add_error_data(3,"port='",host,"'"); + BIOerr(BIO_F_BIO_GET_ACCEPT_SOCKET,BIO_R_UNABLE_TO_CREATE_SOCKET); + goto err; + } + if (bind(s,(struct sockaddr *)&server,sizeof(server)) == -1) + { + SYSerr(SYS_F_BIND,get_last_socket_error()); + ERR_add_error_data(3,"port='",host,"'"); + BIOerr(BIO_F_BIO_GET_ACCEPT_SOCKET,BIO_R_UNABLE_TO_BIND_SOCKET); + goto err; + } + if (listen(s,MAX_LISTEN) == -1) + { + SYSerr(SYS_F_BIND,get_last_socket_error()); + ERR_add_error_data(3,"port='",host,"'"); + BIOerr(BIO_F_BIO_GET_ACCEPT_SOCKET,BIO_R_UNABLE_TO_LISTEN_SOCKET); + goto err; + } + ret=1; +err: + if (str != NULL) Free(str); + if ((ret == 0) && (s != INVALID_SOCKET)) + { +#ifdef WINDOWS + closesocket(s); +#else + close(s); +#endif + s= INVALID_SOCKET; + } + return(s); + } + +int BIO_accept(sock,addr) +int sock; +char **addr; + { + int ret=INVALID_SOCKET; + static struct sockaddr_in from; + unsigned long l; + short port; + int len; + char *p; + + memset((char *)&from,0,sizeof(from)); + len=sizeof(from); + ret=accept(sock,(struct sockaddr *)&from,&len); + if (ret == INVALID_SOCKET) + { + SYSerr(SYS_F_ACCEPT,get_last_socket_error()); + BIOerr(BIO_F_BIO_ACCEPT,BIO_R_ACCEPT_ERROR); + goto end; + } + + if (addr == NULL) goto end; + + l=ntohl(from.sin_addr.s_addr); + port=ntohs(from.sin_port); + if (*addr == NULL) + { + if ((p=Malloc(24)) == NULL) + { + BIOerr(BIO_F_BIO_ACCEPT,ERR_R_MALLOC_FAILURE); + goto end; + } + *addr=p; + } + sprintf(*addr,"%d.%d.%d.%d:%d", + (unsigned char)(l>>24L)&0xff, + (unsigned char)(l>>16L)&0xff, + (unsigned char)(l>> 8L)&0xff, + (unsigned char)(l )&0xff, + port); +end: + return(ret); + } + +int BIO_set_tcp_ndelay(s,on) +int s; +int on; + { + int ret=0; +#if defined(TCP_NODELAY) && (defined(IPPROTO_TCP) || defined(SOL_TCP)) + int opt; + +#ifdef SOL_TCP + opt=SOL_TCP; +#else +#ifdef IPPROTO_TCP + opt=IPPROTO_TCP; +#endif +#endif + + ret=setsockopt(s,opt,TCP_NODELAY,(char *)&on,sizeof(on)); +#endif + return(ret == 0); + } +#endif + diff --git a/src/lib/libcrypto/bio/bf_buff.c b/src/lib/libcrypto/bio/bf_buff.c new file mode 100644 index 0000000000..7912b88473 --- /dev/null +++ b/src/lib/libcrypto/bio/bf_buff.c @@ -0,0 +1,512 @@ +/* crypto/bio/bf_buff.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include +#include +#include "cryptlib.h" +#include "bio.h" +#include "evp.h" + +#ifndef NOPROTO +static int buffer_write(BIO *h,char *buf,int num); +static int buffer_read(BIO *h,char *buf,int size); +static int buffer_puts(BIO *h,char *str); +static int buffer_gets(BIO *h,char *str,int size); +static long buffer_ctrl(BIO *h,int cmd,long arg1,char *arg2); +static int buffer_new(BIO *h); +static int buffer_free(BIO *data); +#else +static int buffer_write(); +static int buffer_read(); +static int buffer_puts(); +static int buffer_gets(); +static long buffer_ctrl(); +static int buffer_new(); +static int buffer_free(); +#endif + +#define DEFAULT_BUFFER_SIZE 1024 + +static BIO_METHOD methods_buffer= + { + BIO_TYPE_BUFFER, + "buffer", + buffer_write, + buffer_read, + buffer_puts, + buffer_gets, + buffer_ctrl, + buffer_new, + buffer_free, + }; + +BIO_METHOD *BIO_f_buffer() + { + return(&methods_buffer); + } + +static int buffer_new(bi) +BIO *bi; + { + BIO_F_BUFFER_CTX *ctx; + + ctx=(BIO_F_BUFFER_CTX *)Malloc(sizeof(BIO_F_BUFFER_CTX)); + if (ctx == NULL) return(0); + ctx->ibuf=(char *)Malloc(DEFAULT_BUFFER_SIZE); + if (ctx->ibuf == NULL) { Free(ctx); return(0); } + ctx->obuf=(char *)Malloc(DEFAULT_BUFFER_SIZE); + if (ctx->obuf == NULL) { Free(ctx->ibuf); Free(ctx); return(0); } + ctx->ibuf_size=DEFAULT_BUFFER_SIZE; + ctx->obuf_size=DEFAULT_BUFFER_SIZE; + ctx->ibuf_len=0; + ctx->ibuf_off=0; + ctx->obuf_len=0; + ctx->obuf_off=0; + + bi->init=1; + bi->ptr=(char *)ctx; + bi->flags=0; + return(1); + } + +static int buffer_free(a) +BIO *a; + { + BIO_F_BUFFER_CTX *b; + + if (a == NULL) return(0); + b=(BIO_F_BUFFER_CTX *)a->ptr; + if (b->ibuf != NULL) Free(b->ibuf); + if (b->obuf != NULL) Free(b->obuf); + Free(a->ptr); + a->ptr=NULL; + a->init=0; + a->flags=0; + return(1); + } + +static int buffer_read(b,out,outl) +BIO *b; +char *out; +int outl; + { + int i,num=0; + BIO_F_BUFFER_CTX *ctx; + + if (out == NULL) return(0); + ctx=(BIO_F_BUFFER_CTX *)b->ptr; + + if ((ctx == NULL) || (b->next_bio == NULL)) return(0); + num=0; + BIO_clear_retry_flags(b); + +start: + i=ctx->ibuf_len; + /* If there is stuff left over, grab it */ + if (i != 0) + { + if (i > outl) i=outl; + memcpy(out,&(ctx->ibuf[ctx->ibuf_off]),i); + ctx->ibuf_off+=i; + ctx->ibuf_len-=i; + num+=i; + if (outl == i) return(num); + outl-=i; + out+=i; + } + + /* We may have done a partial read. try to do more. + * We have nothing in the buffer. + * If we get an error and have read some data, just return it + * and let them retry to get the error again. + * copy direct to parent address space */ + if (outl > ctx->ibuf_size) + { + for (;;) + { + i=BIO_read(b->next_bio,out,outl); + if (i <= 0) + { + BIO_copy_next_retry(b); + if (i < 0) return((num > 0)?num:i); + if (i == 0) return(num); + } + num+=i; + if (outl == i) return(num); + out+=i; + outl-=i; + } + } + /* else */ + + /* we are going to be doing some buffering */ + i=BIO_read(b->next_bio,ctx->ibuf,ctx->ibuf_size); + if (i <= 0) + { + BIO_copy_next_retry(b); + if (i < 0) return((num > 0)?num:i); + if (i == 0) return(num); + } + ctx->ibuf_off=0; + ctx->ibuf_len=i; + + /* Lets re-read using ourselves :-) */ + goto start; + } + +static int buffer_write(b,in,inl) +BIO *b; +char *in; +int inl; + { + int i,num=0; + BIO_F_BUFFER_CTX *ctx; + + if ((in == NULL) || (inl <= 0)) return(0); + ctx=(BIO_F_BUFFER_CTX *)b->ptr; + if ((ctx == NULL) || (b->next_bio == NULL)) return(0); + + BIO_clear_retry_flags(b); +start: + i=ctx->obuf_size-(ctx->obuf_len+ctx->obuf_off); + /* add to buffer and return */ + if (i >= inl) + { + memcpy(&(ctx->obuf[ctx->obuf_len]),in,inl); + ctx->obuf_len+=inl; + return(num+inl); + } + /* else */ + /* stuff already in buffer, so add to it first, then flush */ + if (ctx->obuf_len != 0) + { + if (i > 0) /* lets fill it up if we can */ + { + memcpy(&(ctx->obuf[ctx->obuf_len]),in,i); + in+=i; + inl-=i; + num+=i; + ctx->obuf_len+=i; + } + /* we now have a full buffer needing flushing */ + for (;;) + { + i=BIO_write(b->next_bio,&(ctx->obuf[ctx->obuf_off]), + ctx->obuf_len); + if (i <= 0) + { + BIO_copy_next_retry(b); + + if (i < 0) return((num > 0)?num:i); + if (i == 0) return(num); + } + ctx->obuf_off+=i; + ctx->obuf_len-=i; + if (ctx->obuf_len == 0) break; + } + } + /* we only get here if the buffer has been flushed and we + * still have stuff to write */ + ctx->obuf_off=0; + + /* we now have inl bytes to write */ + while (inl >= ctx->obuf_size) + { + i=BIO_write(b->next_bio,in,inl); + if (i <= 0) + { + BIO_copy_next_retry(b); + if (i < 0) return((num > 0)?num:i); + if (i == 0) return(num); + } + num+=i; + in+=i; + inl-=i; + if (inl == 0) return(num); + } + + /* copy the rest into the buffer since we have only a small + * amount left */ + goto start; + } + +static long buffer_ctrl(b,cmd,num,ptr) +BIO *b; +int cmd; +long num; +char *ptr; + { + BIO *dbio; + BIO_F_BUFFER_CTX *ctx; + long ret=1; + char *p1,*p2; + int r,i,*ip; + int ibs,obs; + + ctx=(BIO_F_BUFFER_CTX *)b->ptr; + + switch (cmd) + { + case BIO_CTRL_RESET: + ctx->ibuf_off=0; + ctx->ibuf_len=0; + ctx->obuf_off=0; + ctx->obuf_len=0; + ret=BIO_ctrl(b->next_bio,cmd,num,ptr); + break; + case BIO_CTRL_INFO: + ret=(long)ctx->obuf_len; + break; + case BIO_C_GET_BUFF_NUM_LINES: + ret=0; + p1=ctx->ibuf; + for (i=ctx->ibuf_off; iibuf_len; i++) + { + if (p1[i] == '\n') ret++; + } + break; + case BIO_CTRL_WPENDING: + ret=(long)ctx->obuf_len; + if (ret == 0) + ret=BIO_ctrl(b->next_bio,cmd,num,ptr); + break; + case BIO_CTRL_PENDING: + ret=(long)ctx->ibuf_len; + if (ret == 0) + ret=BIO_ctrl(b->next_bio,cmd,num,ptr); + break; + case BIO_C_SET_BUFF_READ_DATA: + if (num > ctx->ibuf_size) + { + p1=Malloc((int)num); + if (p1 == NULL) goto malloc_error; + if (ctx->ibuf != NULL) Free(ctx->ibuf); + ctx->ibuf=p1; + } + ctx->ibuf_off=0; + ctx->ibuf_len=(int)num; + memcpy(ctx->ibuf,ptr,(int)num); + ret=1; + break; + case BIO_C_SET_BUFF_SIZE: + if (ptr != NULL) + { + ip=(int *)ptr; + if (*ip == 0) + { + ibs=(int)num; + obs=ctx->obuf_size; + } + else /* if (*ip == 1) */ + { + ibs=ctx->ibuf_size; + obs=(int)num; + } + } + else + { + ibs=(int)num; + obs=(int)num; + } + p1=ctx->ibuf; + p2=ctx->obuf; + if ((ibs > DEFAULT_BUFFER_SIZE) && (ibs != ctx->ibuf_size)) + { + p1=(char *)Malloc((int)num); + if (p1 == NULL) goto malloc_error; + } + if ((obs > DEFAULT_BUFFER_SIZE) && (obs != ctx->obuf_size)) + { + p2=(char *)Malloc((int)num); + if (p2 == NULL) + { + if (p1 != ctx->ibuf) Free(p1); + goto malloc_error; + } + } + if (ctx->ibuf != p1) + { + Free(ctx->ibuf); + ctx->ibuf=p1; + ctx->ibuf_off=0; + ctx->ibuf_len=0; + ctx->ibuf_size=ibs; + } + if (ctx->obuf != p2) + { + Free(ctx->obuf); + ctx->obuf=p2; + ctx->obuf_off=0; + ctx->obuf_len=0; + ctx->obuf_size=obs; + } + break; + case BIO_C_DO_STATE_MACHINE: + BIO_clear_retry_flags(b); + ret=BIO_ctrl(b->next_bio,cmd,num,ptr); + BIO_copy_next_retry(b); + break; + + case BIO_CTRL_FLUSH: + if (ctx->obuf_len <= 0) + { + ret=BIO_ctrl(b->next_bio,cmd,num,ptr); + break; + } + + for (;;) + { + BIO_clear_retry_flags(b); + if (ctx->obuf_len > ctx->obuf_off) + { + r=BIO_write(b->next_bio, + &(ctx->obuf[ctx->obuf_off]), + ctx->obuf_len-ctx->obuf_off); +#if 0 +fprintf(stderr,"FLUSH [%3d] %3d -> %3d\n",ctx->obuf_off,ctx->obuf_len-ctx->obuf_off,r); +#endif + BIO_copy_next_retry(b); + if (r <= 0) return((long)r); + ctx->obuf_off+=r; + } + else + { + ctx->obuf_len=0; + ctx->obuf_off=0; + ret=1; + break; + } + } + break; + case BIO_CTRL_DUP: + dbio=(BIO *)ptr; + if ( !BIO_set_read_buffer_size(dbio,ctx->ibuf_size) || + !BIO_set_write_buffer_size(dbio,ctx->obuf_size)) + ret=0; + break; + default: + ret=BIO_ctrl(b->next_bio,cmd,num,ptr); + break; + } + return(ret); +malloc_error: + BIOerr(BIO_F_BUFFER_CTRL,ERR_R_MALLOC_FAILURE); + return(0); + } + +static int buffer_gets(b,buf,size) +BIO *b; +char *buf; +int size; + { + BIO_F_BUFFER_CTX *ctx; + int num=0,i,flag; + char *p; + + ctx=(BIO_F_BUFFER_CTX *)b->ptr; + size--; /* reserve space for a '\0' */ + BIO_clear_retry_flags(b); + + for (;;) + { + if (ctx->ibuf_len > 0) + { + p= &(ctx->ibuf[ctx->ibuf_off]); + flag=0; + for (i=0; (iibuf_len) && (iibuf_len-=i; + ctx->ibuf_off+=i; + if ((flag) || (i == size)) + { + *buf='\0'; + return(num); + } + } + else /* read another chunk */ + { + i=BIO_read(b->next_bio,ctx->ibuf,ctx->ibuf_size); + if (i <= 0) + { + BIO_copy_next_retry(b); + if (i < 0) return((num > 0)?num:i); + if (i == 0) return(num); + } + ctx->ibuf_len=i; + ctx->ibuf_off=0; + } + } + } + +static int buffer_puts(b,str) +BIO *b; +char *str; + { + return(BIO_write(b,str,strlen(str))); + } + diff --git a/src/lib/libcrypto/bio/bf_nbio.c b/src/lib/libcrypto/bio/bf_nbio.c new file mode 100644 index 0000000000..034b3024df --- /dev/null +++ b/src/lib/libcrypto/bio/bf_nbio.c @@ -0,0 +1,268 @@ +/* crypto/bio/bf_nbio.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include +#include +#include "cryptlib.h" +#include "rand.h" +#include "bio.h" +#include "evp.h" + +/* BIO_put and BIO_get both add to the digest, + * BIO_gets returns the digest */ + +#ifndef NOPROTO +static int nbiof_write(BIO *h,char *buf,int num); +static int nbiof_read(BIO *h,char *buf,int size); +static int nbiof_puts(BIO *h,char *str); +static int nbiof_gets(BIO *h,char *str,int size); +static long nbiof_ctrl(BIO *h,int cmd,long arg1,char *arg2); +static int nbiof_new(BIO *h); +static int nbiof_free(BIO *data); +#else +static int nbiof_write(); +static int nbiof_read(); +static int nbiof_puts(); +static int nbiof_gets(); +static long nbiof_ctrl(); +static int nbiof_new(); +static int nbiof_free(); +#endif + +typedef struct nbio_test_st + { + /* only set if we sent a 'should retry' error */ + int lrn; + int lwn; + } NBIO_TEST; + +static BIO_METHOD methods_nbiof= + { + BIO_TYPE_NBIO_TEST, + "non-blocking IO test filter", + nbiof_write, + nbiof_read, + nbiof_puts, + nbiof_gets, + nbiof_ctrl, + nbiof_new, + nbiof_free, + }; + +BIO_METHOD *BIO_f_nbio_test() + { + return(&methods_nbiof); + } + +static int nbiof_new(bi) +BIO *bi; + { + NBIO_TEST *nt; + + nt=(NBIO_TEST *)Malloc(sizeof(NBIO_TEST)); + nt->lrn= -1; + nt->lwn= -1; + bi->ptr=(char *)nt; + bi->init=1; + bi->flags=0; + return(1); + } + +static int nbiof_free(a) +BIO *a; + { + if (a == NULL) return(0); + if (a->ptr != NULL) + Free(a->ptr); + a->ptr=NULL; + a->init=0; + a->flags=0; + return(1); + } + +static int nbiof_read(b,out,outl) +BIO *b; +char *out; +int outl; + { + NBIO_TEST *nt; + int ret=0; +#if 0 + int num; + unsigned char n; +#endif + + if (out == NULL) return(0); + if (b->next_bio == NULL) return(0); + nt=(NBIO_TEST *)b->ptr; + + BIO_clear_retry_flags(b); +#if 0 + RAND_bytes(&n,1); + num=(n&0x07); + + if (outl > num) outl=num; + + if (num == 0) + { + ret= -1; + BIO_set_retry_read(b); + } + else +#endif + { + ret=BIO_read(b->next_bio,out,outl); + if (ret < 0) + BIO_copy_next_retry(b); + } + return(ret); + } + +static int nbiof_write(b,in,inl) +BIO *b; +char *in; +int inl; + { + NBIO_TEST *nt; + int ret=0; + int num; + unsigned char n; + + if ((in == NULL) || (inl <= 0)) return(0); + if (b->next_bio == NULL) return(0); + nt=(NBIO_TEST *)b->ptr; + + BIO_clear_retry_flags(b); + +#if 1 + if (nt->lwn > 0) + { + num=nt->lwn; + nt->lwn=0; + } + else + { + RAND_bytes(&n,1); + num=(n&7); + } + + if (inl > num) inl=num; + + if (num == 0) + { + ret= -1; + BIO_set_retry_write(b); + } + else +#endif + { + ret=BIO_write(b->next_bio,in,inl); + if (ret < 0) + { + BIO_copy_next_retry(b); + nt->lwn=inl; + } + } + return(ret); + } + +static long nbiof_ctrl(b,cmd,num,ptr) +BIO *b; +int cmd; +long num; +char *ptr; + { + long ret; + + if (b->next_bio == NULL) return(0); + switch (cmd) + { + case BIO_C_DO_STATE_MACHINE: + BIO_clear_retry_flags(b); + ret=BIO_ctrl(b->next_bio,cmd,num,ptr); + BIO_copy_next_retry(b); + break; + case BIO_CTRL_DUP: + ret=0L; + break; + default: + ret=BIO_ctrl(b->next_bio,cmd,num,ptr); + break; + } + return(ret); + } + +static int nbiof_gets(bp,buf,size) +BIO *bp; +char *buf; +int size; + { + if (bp->next_bio == NULL) return(0); + return(BIO_gets(bp->next_bio,buf,size)); + } + + +static int nbiof_puts(bp,str) +BIO *bp; +char *str; + { + if (bp->next_bio == NULL) return(0); + return(BIO_puts(bp->next_bio,str)); + } + + diff --git a/src/lib/libcrypto/bio/bf_null.c b/src/lib/libcrypto/bio/bf_null.c new file mode 100644 index 0000000000..a47a65741a --- /dev/null +++ b/src/lib/libcrypto/bio/bf_null.c @@ -0,0 +1,196 @@ +/* crypto/bio/bf_null.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include +#include +#include "cryptlib.h" +#include "bio.h" +#include "evp.h" + +/* BIO_put and BIO_get both add to the digest, + * BIO_gets returns the digest */ + +#ifndef NOPROTO +static int nullf_write(BIO *h,char *buf,int num); +static int nullf_read(BIO *h,char *buf,int size); +static int nullf_puts(BIO *h,char *str); +static int nullf_gets(BIO *h,char *str,int size); +static long nullf_ctrl(BIO *h,int cmd,long arg1,char *arg2); +static int nullf_new(BIO *h); +static int nullf_free(BIO *data); +#else +static int nullf_write(); +static int nullf_read(); +static int nullf_puts(); +static int nullf_gets(); +static long nullf_ctrl(); +static int nullf_new(); +static int nullf_free(); +#endif + +static BIO_METHOD methods_nullf= + { + BIO_TYPE_NULL_FILTER, + "NULL filter", + nullf_write, + nullf_read, + nullf_puts, + nullf_gets, + nullf_ctrl, + nullf_new, + nullf_free, + }; + +BIO_METHOD *BIO_f_null() + { + return(&methods_nullf); + } + +static int nullf_new(bi) +BIO *bi; + { + bi->init=1; + bi->ptr=NULL; + bi->flags=0; + return(1); + } + +static int nullf_free(a) +BIO *a; + { + if (a == NULL) return(0); +/* a->ptr=NULL; + a->init=0; + a->flags=0;*/ + return(1); + } + +static int nullf_read(b,out,outl) +BIO *b; +char *out; +int outl; + { + int ret=0; + + if (out == NULL) return(0); + if (b->next_bio == NULL) return(0); + ret=BIO_read(b->next_bio,out,outl); + BIO_clear_retry_flags(b); + BIO_copy_next_retry(b); + return(ret); + } + +static int nullf_write(b,in,inl) +BIO *b; +char *in; +int inl; + { + int ret=0; + + if ((in == NULL) || (inl <= 0)) return(0); + if (b->next_bio == NULL) return(0); + ret=BIO_write(b->next_bio,in,inl); + BIO_clear_retry_flags(b); + BIO_copy_next_retry(b); + return(ret); + } + +static long nullf_ctrl(b,cmd,num,ptr) +BIO *b; +int cmd; +long num; +char *ptr; + { + long ret; + + if (b->next_bio == NULL) return(0); + switch(cmd) + { + case BIO_C_DO_STATE_MACHINE: + BIO_clear_retry_flags(b); + ret=BIO_ctrl(b->next_bio,cmd,num,ptr); + BIO_copy_next_retry(b); + break; + case BIO_CTRL_DUP: + ret=0L; + break; + default: + ret=BIO_ctrl(b->next_bio,cmd,num,ptr); + } + return(ret); + } + +static int nullf_gets(bp,buf,size) +BIO *bp; +char *buf; +int size; + { + if (bp->next_bio == NULL) return(0); + return(BIO_gets(bp->next_bio,buf,size)); + } + + +static int nullf_puts(bp,str) +BIO *bp; +char *str; + { + if (bp->next_bio == NULL) return(0); + return(BIO_puts(bp->next_bio,str)); + } + + diff --git a/src/lib/libcrypto/bio/bio.h b/src/lib/libcrypto/bio/bio.h new file mode 100644 index 0000000000..300b330e00 --- /dev/null +++ b/src/lib/libcrypto/bio/bio.h @@ -0,0 +1,688 @@ +/* crypto/bio/bio.h */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#ifndef HEADER_BIO_H +#define HEADER_BIO_H + +#ifdef __cplusplus +extern "C" { +#endif + +#include "crypto.h" + +/* These are the 'types' of BIOs */ +#define BIO_TYPE_NONE 0 +#define BIO_TYPE_MEM (1|0x0400) +#define BIO_TYPE_FILE (2|0x0400) + +#define BIO_TYPE_FD (4|0x0400|0x0100) +#define BIO_TYPE_SOCKET (5|0x0400|0x0100) +#define BIO_TYPE_NULL (6|0x0400) +#define BIO_TYPE_SSL (7|0x0200) +#define BIO_TYPE_MD (8|0x0200) /* pasive filter */ +#define BIO_TYPE_BUFFER (9|0x0200) /* filter */ +#define BIO_TYPE_CIPHER (10|0x0200) /* filter */ +#define BIO_TYPE_BASE64 (11|0x0200) /* filter */ +#define BIO_TYPE_CONNECT (12|0x0400|0x0100) /* socket - connect */ +#define BIO_TYPE_ACCEPT (13|0x0400|0x0100) /* socket for accept */ +#define BIO_TYPE_PROXY_CLIENT (14|0x0200) /* client proxy BIO */ +#define BIO_TYPE_PROXY_SERVER (15|0x0200) /* server proxy BIO */ +#define BIO_TYPE_NBIO_TEST (16|0x0200) /* server proxy BIO */ +#define BIO_TYPE_NULL_FILTER (17|0x0200) + +#define BIO_TYPE_DESCRIPTOR 0x0100 /* socket, fd, connect or accept */ +#define BIO_TYPE_FILTER 0x0200 +#define BIO_TYPE_SOURCE_SINK 0x0400 + +/* BIO_FILENAME_READ|BIO_CLOSE to open or close on free. + * BIO_set_fp(in,stdin,BIO_NOCLOSE); */ +#define BIO_NOCLOSE 0x00 +#define BIO_CLOSE 0x01 + +/* These are used in the following macros and are passed to + * BIO_ctrl() */ +#define BIO_CTRL_RESET 1 /* opt - rewind/zero etc */ +#define BIO_CTRL_EOF 2 /* opt - are we at the eof */ +#define BIO_CTRL_INFO 3 /* opt - extra tit-bits */ +#define BIO_CTRL_SET 4 /* man - set the 'IO' type */ +#define BIO_CTRL_GET 5 /* man - get the 'IO' type */ +#define BIO_CTRL_PUSH 6 /* opt - internal, used to signify change */ +#define BIO_CTRL_POP 7 /* opt - internal, used to signify change */ +#define BIO_CTRL_GET_CLOSE 8 /* man - set the 'close' on free */ +#define BIO_CTRL_SET_CLOSE 9 /* man - set the 'close' on free */ +#define BIO_CTRL_PENDING 10 /* opt - is their more data buffered */ +#define BIO_CTRL_FLUSH 11 /* opt - 'flush' buffered output */ +#define BIO_CTRL_DUP 12 /* man - extra stuff for 'duped' BIO */ +#define BIO_CTRL_WPENDING 13 /* opt - number of bytes still to write */ +/* callback is int cb(BIO *bio,state,ret); */ +#define BIO_CTRL_SET_CALLBACK 14 /* opt - set callback function */ +#define BIO_CTRL_GET_CALLBACK 15 /* opt - set callback function */ + +#define BIO_CTRL_SET_FILENAME 30 /* BIO_s_file special */ + +/* modifiers */ +#define BIO_FP_READ 0x02 +#define BIO_FP_WRITE 0x04 +#define BIO_FP_APPEND 0x08 +#define BIO_FP_TEXT 0x10 + +#define BIO_FLAGS_READ 0x01 +#define BIO_FLAGS_WRITE 0x02 +#define BIO_FLAGS_IO_SPECIAL 0x04 +#define BIO_FLAGS_RWS (BIO_FLAGS_READ|BIO_FLAGS_WRITE|BIO_FLAGS_IO_SPECIAL) +#define BIO_FLAGS_SHOULD_RETRY 0x08 + +/* Used in BIO_gethostbyname() */ +#define BIO_GHBN_CTRL_HITS 1 +#define BIO_GHBN_CTRL_MISSES 2 +#define BIO_GHBN_CTRL_CACHE_SIZE 3 +#define BIO_GHBN_CTRL_GET_ENTRY 4 +#define BIO_GHBN_CTRL_FLUSH 5 + +/* Mostly used in the SSL BIO */ +/* Not used anymore + * #define BIO_FLAGS_PROTOCOL_DELAYED_READ 0x10 + * #define BIO_FLAGS_PROTOCOL_DELAYED_WRITE 0x20 + * #define BIO_FLAGS_PROTOCOL_STARTUP 0x40 + */ + +#define BIO_FLAGS_BASE64_NO_NL 0x100 + +#define BIO_set_flags(b,f) ((b)->flags|=(f)) +#define BIO_get_flags(b) ((b)->flags) +#define BIO_set_retry_special(b) \ + ((b)->flags|=(BIO_FLAGS_IO_SPECIAL|BIO_FLAGS_SHOULD_RETRY)) +#define BIO_set_retry_read(b) \ + ((b)->flags|=(BIO_FLAGS_READ|BIO_FLAGS_SHOULD_RETRY)) +#define BIO_set_retry_write(b) \ + ((b)->flags|=(BIO_FLAGS_WRITE|BIO_FLAGS_SHOULD_RETRY)) + +/* These are normally used internally in BIOs */ +#define BIO_clear_flags(b,f) ((b)->flags&= ~(f)) +#define BIO_clear_retry_flags(b) \ + ((b)->flags&= ~(BIO_FLAGS_RWS|BIO_FLAGS_SHOULD_RETRY)) +#define BIO_get_retry_flags(b) \ + ((b)->flags&(BIO_FLAGS_RWS|BIO_FLAGS_SHOULD_RETRY)) + +/* These shouldbe used by the application to tell why we should retry */ +#define BIO_should_read(a) ((a)->flags & BIO_FLAGS_READ) +#define BIO_should_write(a) ((a)->flags & BIO_FLAGS_WRITE) +#define BIO_should_io_special(a) ((a)->flags & BIO_FLAGS_IO_SPECIAL) +#define BIO_retry_type(a) ((a)->flags & BIO_FLAGS_RWS) +#define BIO_should_retry(a) ((a)->flags & BIO_FLAGS_SHOULD_RETRY) + +/* The next two are used in conjunction with the + * BIO_should_io_special() condition. After this returns true, + * BIO *BIO_get_retry_BIO(BIO *bio, int *reason); will walk the BIO + * stack and return the 'reason' for the special and the offending BIO. + * Given a BIO, BIO_get_retry_reason(bio) will return the code. */ +/* Returned from the SSL bio when the certificate retrieval code had an error */ +#define BIO_RR_SSL_X509_LOOKUP 0x01 +/* Returned from the connect BIO when a connect would have blocked */ +#define BIO_RR_CONNECT 0x02 + +/* These are passed by the BIO callback */ +#define BIO_CB_FREE 0x01 +#define BIO_CB_READ 0x02 +#define BIO_CB_WRITE 0x03 +#define BIO_CB_PUTS 0x04 +#define BIO_CB_GETS 0x05 +#define BIO_CB_CTRL 0x06 + +/* The callback is called before and after the underling operation, + * The BIO_CB_RETURN flag indicates if it is after the call */ +#define BIO_CB_RETURN 0x80 +#define BIO_CB_return(a) ((a)|BIO_CB_RETURN)) +#define BIO_cb_pre(a) (!((a)&BIO_CB_RETURN)) +#define BIO_cb_post(a) ((a)&BIO_CB_RETURN) + +#define BIO_set_callback(b,cb) ((b)->callback=(cb)) +#define BIO_set_callback_arg(b,arg) ((b)->cb_arg=(char *)(arg)) +#define BIO_get_callback_arg(b) ((b)->cb_arg) +#define BIO_get_callback(b) ((b)->callback) +#define BIO_method_name(b) ((b)->method->name) +#define BIO_method_type(b) ((b)->method->type) + +#ifndef WIN16 +typedef struct bio_method_st + { + int type; + char *name; + int (*bwrite)(); + int (*bread)(); + int (*bputs)(); + int (*bgets)(); + long (*ctrl)(); + int (*create)(); + int (*destroy)(); + } BIO_METHOD; +#else +typedef struct bio_method_st + { + int type; + char *name; + int (_far *bwrite)(); + int (_far *bread)(); + int (_far *bputs)(); + int (_far *bgets)(); + long (_far *ctrl)(); + int (_far *create)(); + int (_far *destroy)(); + } BIO_METHOD; +#endif + +typedef struct bio_st + { + BIO_METHOD *method; +#ifndef NOPROTO + /* bio, mode, argp, argi, argl, ret */ + long (*callback)(struct bio_st *,int,char *,int, long,long); +#else + long (*callback)(); +#endif + char *cb_arg; /* first argument for the callback */ + + int init; + int shutdown; + int flags; /* extra storage */ + int retry_reason; + int num; + char *ptr; + struct bio_st *next_bio; /* used by filter BIOs */ + struct bio_st *prev_bio; /* used by filter BIOs */ + int references; + unsigned long num_read; + unsigned long num_write; + + CRYPTO_EX_DATA ex_data; + } BIO; + +typedef struct bio_f_buffer_ctx_struct + { + /* BIO *bio; */ /* this is now in the BIO struct */ + int ibuf_size; /* how big is the input buffer */ + int obuf_size; /* how big is the output buffer */ + + char *ibuf; /* the char array */ + int ibuf_len; /* how many bytes are in it */ + int ibuf_off; /* write/read offset */ + + char *obuf; /* the char array */ + int obuf_len; /* how many bytes are in it */ + int obuf_off; /* write/read offset */ + } BIO_F_BUFFER_CTX; + +/* connect BIO stuff */ +#define BIO_CONN_S_BEFORE 1 +#define BIO_CONN_S_GET_IP 2 +#define BIO_CONN_S_GET_PORT 3 +#define BIO_CONN_S_CREATE_SOCKET 4 +#define BIO_CONN_S_CONNECT 5 +#define BIO_CONN_S_OK 6 +#define BIO_CONN_S_BLOCKED_CONNECT 7 +#define BIO_CONN_S_NBIO 8 +#define BIO_CONN_get_param_hostname BIO_ctrl + +#define BIO_number_read(b) ((b)->num_read) +#define BIO_number_written(b) ((b)->num_write) + +#define BIO_C_SET_CONNECT 100 +#define BIO_C_DO_STATE_MACHINE 101 +#define BIO_C_SET_NBIO 102 +#define BIO_C_SET_PROXY_PARAM 103 +#define BIO_C_SET_FD 104 +#define BIO_C_GET_FD 105 +#define BIO_C_SET_FILE_PTR 106 +#define BIO_C_GET_FILE_PTR 107 +#define BIO_C_SET_FILENAME 108 +#define BIO_C_SET_SSL 109 +#define BIO_C_GET_SSL 110 +#define BIO_C_SET_MD 111 +#define BIO_C_GET_MD 112 +#define BIO_C_GET_CIPHER_STATUS 113 +#define BIO_C_SET_BUF_MEM 114 +#define BIO_C_GET_BUF_MEM_PTR 115 +#define BIO_C_GET_BUFF_NUM_LINES 116 +#define BIO_C_SET_BUFF_SIZE 117 +#define BIO_C_SET_ACCEPT 118 +#define BIO_C_SSL_MODE 119 +#define BIO_C_GET_MD_CTX 120 +#define BIO_C_GET_PROXY_PARAM 121 +#define BIO_C_SET_BUFF_READ_DATA 122 /* data to read first */ +#define BIO_C_GET_CONNECT 123 +#define BIO_C_GET_ACCEPT 124 +#define BIO_C_SET_SSL_RENEGOTIATE_BYTES 125 +#define BIO_C_GET_SSL_NUM_RENEGOTIATES 126 +#define BIO_C_SET_SSL_RENEGOTIATE_TIMEOUT 127 + +#define BIO_set_app_data(s,arg) BIO_set_ex_data(s,0,(char *)arg) +#define BIO_get_app_data(s) BIO_get_ex_data(s,0) + +int BIO_get_ex_num(BIO *bio); +int BIO_set_ex_data(BIO *bio,int idx,char *data); +char *BIO_get_ex_data(BIO *bio,int idx); +void BIO_set_ex_free_func(BIO *bio,int idx,void (*cb)()); +int BIO_get_ex_new_index(long argl, char *argp, int (*new_func)(), + int (*dup_func)(), void (*free_func)()); + +/* BIO_s_connect_socket() */ +#define BIO_set_conn_hostname(b,name) BIO_ctrl(b,BIO_C_SET_CONNECT,0,(char *)name) +#define BIO_set_conn_port(b,port) BIO_ctrl(b,BIO_C_SET_CONNECT,1,(char *)port) +#define BIO_set_conn_ip(b,ip) BIO_ctrl(b,BIO_C_SET_CONNECT,2,(char *)ip) +#define BIO_set_conn_int_port(b,port) BIO_ctrl(b,BIO_C_SET_CONNECT,3,(char *)port) +#define BIO_get_conn_hostname(b) BIO_ptr_ctrl(b,BIO_C_GET_CONNECT,0) +#define BIO_get_conn_port(b) BIO_ptr_ctrl(b,BIO_C_GET_CONNECT,1) +#define BIO_get_conn_ip(b,ip) BIO_ptr_ctrl(b,BIO_C_SET_CONNECT,2) +#define BIO_get_conn_int port(b,port) BIO_int_ctrl(b,BIO_C_SET_CONNECT,3,port) + +#define BIO_set_nbio(b,n) BIO_ctrl(b,BIO_C_SET_NBIO,(n),NULL) + +/* BIO_s_accept_socket() */ +#define BIO_set_accept_port(b,name) BIO_ctrl(b,BIO_C_SET_ACCEPT,0,(char *)name) +#define BIO_get_accept_port(b) BIO_ptr_ctrl(b,BIO_C_GET_ACCEPT,0) +/* #define BIO_set_nbio(b,n) BIO_ctrl(b,BIO_C_SET_NBIO,(n),NULL) */ +#define BIO_set_nbio_accept(b,n) BIO_ctrl(b,BIO_C_SET_ACCEPT,1,(n)?"a":NULL) +#define BIO_set_accept_bios(b,bio) BIO_ctrl(b,BIO_C_SET_ACCEPT,2,(char *)bio) + +#define BIO_do_connect(b) BIO_do_handshake(b) +#define BIO_do_accept(b) BIO_do_handshake(b) +#define BIO_do_handshake(b) BIO_ctrl(b,BIO_C_DO_STATE_MACHINE,0,NULL) + +/* BIO_s_proxy_client() */ +#define BIO_set_url(b,url) BIO_ctrl(b,BIO_C_SET_PROXY_PARAM,0,(char *)(url)) +#define BIO_set_proxies(b,p) BIO_ctrl(b,BIO_C_SET_PROXY_PARAM,1,(char *)(p)) +/* BIO_set_nbio(b,n) */ +#define BIO_set_filter_bio(b,s) BIO_ctrl(b,BIO_C_SET_PROXY_PARAM,2,(char *)(s)) +/* BIO *BIO_get_filter_bio(BIO *bio); */ +#define BIO_set_proxy_cb(b,cb) BIO_ctrl(b,BIO_C_SET_PROXY_PARAM,3,(char *)(cb)) +#define BIO_set_proxy_header(b,sk) BIO_ctrl(b,BIO_C_SET_PROXY_PARAM,4,(char *)sk) +#define BIO_set_no_connect_return(b,bool) BIO_int_ctrl(b,BIO_C_SET_PROXY_PARAM,5,bool) + +#define BIO_get_proxy_header(b,skp) BIO_ctrl(b,BIO_C_GET_PROXY_PARAM,0,(char *)skp) +#define BIO_get_proxies(b,pxy_p) BIO_ctrl(b,BIO_C_GET_PROXY_PARAM,1,(char *)(pxy_p)) +#define BIO_get_url(b,url) BIO_ctrl(b,BIO_C_GET_PROXY_PARAM,2,(char *)(url)) +#define BIO_get_no_connect_return(b) BIO_ctrl(b,BIO_C_GET_PROXY_PARAM,5,NULL) + +#define BIO_set_fd(b,fd,c) BIO_int_ctrl(b,BIO_C_SET_FD,c,fd) +#define BIO_get_fd(b,c) BIO_ctrl(b,BIO_C_GET_FD,0,(char *)c) + +#define BIO_set_fp(b,fp,c) BIO_ctrl(b,BIO_C_SET_FILE_PTR,c,(char *)fp) +#define BIO_get_fp(b,fpp) BIO_ctrl(b,BIO_C_GET_FILE_PTR,0,(char *)fpp) + +#define BIO_read_filename(b,name) BIO_ctrl(b,BIO_C_SET_FILENAME, \ + BIO_CLOSE|BIO_FP_READ,name) +#define BIO_write_filename(b,name) BIO_ctrl(b,BIO_C_SET_FILENAME, \ + BIO_CLOSE|BIO_FP_WRITE,name) +#define BIO_append_filename(b,name) BIO_ctrl(b,BIO_C_SET_FILENAME, \ + BIO_CLOSE|BIO_FP_APPEND,name) + +/* WARNING WARNING, this ups the reference count on the read bio of the + * SSL structure. This is because the ssl read BIO is now pointed to by + * the next_bio field in the bio. So when you free the BIO, make sure + * you are doing a BIO_free_all() to catch the underlying BIO. */ +#define BIO_set_ssl(b,ssl,c) BIO_ctrl(b,BIO_C_SET_SSL,c,(char *)ssl) +#define BIO_get_ssl(b,sslp) BIO_ctrl(b,BIO_C_GET_SSL,0,(char *)sslp) +#define BIO_set_ssl_mode(b,client) BIO_ctrl(b,BIO_C_SSL_MODE,client,NULL) +#define BIO_set_ssl_renegotiate_bytes(b,num) \ + BIO_ctrl(b,BIO_C_SET_SSL_RENEGOTIATE_BYTES,num,NULL); +#define BIO_get_num_renegotiates(b) \ + BIO_ctrl(b,BIO_C_SET_SSL_NUM_RENEGOTIATES,0,NULL); +#define BIO_set_ssl_renegotiate_timeout(b,seconds) \ + BIO_ctrl(b,BIO_C_SET_SSL_RENEGOTIATE_TIMEOUT,seconds,NULL); + +/* defined in evp.h */ +/* #define BIO_set_md(b,md) BIO_ctrl(b,BIO_C_SET_MD,1,(char *)md) */ + +#define BIO_set_mem_buf(b,bm,c) BIO_ctrl(b,BIO_C_SET_BUF_MEM,c,(char *)bm) +#define BIO_get_mem_ptr(b,pp) BIO_ctrl(b,BIO_C_GET_BUF_MEM_PTR,0,(char *)pp) + +/* For the BIO_f_buffer() type */ +#define BIO_get_buffer_num_lines(b) BIO_ctrl(b,BIO_C_GET_BUFF_NUM_LINES,0,NULL) +#define BIO_set_buffer_size(b,size) BIO_ctrl(b,BIO_C_SET_BUFF_SIZE,size,NULL) +#define BIO_set_read_buffer_size(b,size) BIO_int_ctrl(b,BIO_C_SET_BUFF_SIZE,size,0) +#define BIO_set_write_buffer_size(b,size) BIO_int_ctrl(b,BIO_C_SET_BUFF_SIZE,size,1) +#define BIO_set_buffer_read_data(b,buf,num) BIO_ctrl(b,BIO_C_SET_BUFF_READ_DATA,num,buf) + +/* Don't use the next one unless you know what you are doing :-) */ +#define BIO_dup_state(b,ret) BIO_ctrl(b,BIO_CTRL_DUP,0,(char *)(ret)) + +#define BIO_reset(b) (int)BIO_ctrl(b,BIO_CTRL_RESET,0,NULL) +#define BIO_eof(b) (int)BIO_ctrl(b,BIO_CTRL_EOF,0,NULL) +#define BIO_set_close(b,c) (int)BIO_ctrl(b,BIO_CTRL_SET_CLOSE,(c),NULL) +#define BIO_get_close(b) (int)BIO_ctrl(b,BIO_CTRL_GET_CLOSE,0,NULL) +#define BIO_pending(b) (int)BIO_ctrl(b,BIO_CTRL_PENDING,0,NULL) +#define BIO_wpending(b) (int)BIO_ctrl(b,BIO_CTRL_WPENDING,0,NULL) +#define BIO_flush(b) (int)BIO_ctrl(b,BIO_CTRL_FLUSH,0,NULL) +#define BIO_get_info_callback(b,cbp) (int)BIO_ctrl(b,BIO_CTRL_GET_CALLBACK,0,(char *)cbp) +#define BIO_set_info_callback(b,cb) (int)BIO_ctrl(b,BIO_CTRL_SET_CALLBACK,0,(char *)cb) + +/* For the BIO_f_buffer() type */ +#define BIO_buffer_get_num_lines(b) BIO_ctrl(b,BIO_CTRL_GET,0,NULL) + +#ifdef NO_STDIO +#define NO_FP_API +#endif + +#ifndef NOPROTO +# if defined(WIN16) && defined(_WINDLL) +BIO_METHOD *BIO_s_file_internal(void); +BIO *BIO_new_file_internal(char *filename, char *mode); +BIO *BIO_new_fp_internal(FILE *stream, int close_flag); +# define BIO_s_file BIO_s_file_internal +# define BIO_new_file BIO_new_file_internal +# define BIO_new_fp BIO_new_fp_internal +# else /* FP_API */ +BIO_METHOD *BIO_s_file(void ); +BIO *BIO_new_file(char *filename, char *mode); +BIO *BIO_new_fp(FILE *stream, int close_flag); +# define BIO_s_file_internal BIO_s_file +# define BIO_new_file_internal BIO_new_file +# define BIO_new_fp_internal BIO_s_file +# endif /* FP_API */ +#else +# if defined(WIN16) && defined(_WINDLL) +BIO_METHOD *BIO_s_file_internal(); +BIO *BIO_new_file_internal(); +BIO *BIO_new_fp_internal(); +# define BIO_s_file BIO_s_file_internal +# define BIO_new_file BIO_new_file_internal +# define BIO_new_fp BIO_new_fp_internal +# else /* FP_API */ +BIO_METHOD *BIO_s_file(); +BIO *BIO_new_file(); +BIO *BIO_new_fp(); +# define BIO_s_file_internal BIO_s_file +# define BIO_new_file_internal BIO_new_file +# define BIO_new_fp_internal BIO_s_file +# endif /* FP_API */ +#endif + +#ifndef NOPROTO +BIO * BIO_new(BIO_METHOD *type); +int BIO_set(BIO *a,BIO_METHOD *type); +int BIO_free(BIO *a); +int BIO_read(BIO *b, char *data, int len); +int BIO_gets(BIO *bp,char *buf, int size); +int BIO_write(BIO *b, char *data, int len); +int BIO_puts(BIO *bp,char *buf); +long BIO_ctrl(BIO *bp,int cmd,long larg,char *parg); +char * BIO_ptr_ctrl(BIO *bp,int cmd,long larg); +long BIO_int_ctrl(BIO *bp,int cmd,long larg,int iarg); +BIO * BIO_push(BIO *b,BIO *append); +BIO * BIO_pop(BIO *b); +void BIO_free_all(BIO *a); +BIO * BIO_find_type(BIO *b,int bio_type); +BIO * BIO_get_retry_BIO(BIO *bio, int *reason); +int BIO_get_retry_reason(BIO *bio); +BIO * BIO_dup_chain(BIO *in); + +#ifndef WIN16 +long BIO_debug_callback(BIO *bio,int cmd,char *argp,int argi, + long argl,long ret); +#else +long _far _loadds BIO_debug_callback(BIO *bio,int cmd,char *argp,int argi, + long argl,long ret); +#endif + +BIO_METHOD *BIO_s_mem(void); +BIO_METHOD *BIO_s_socket(void); +BIO_METHOD *BIO_s_connect(void); +BIO_METHOD *BIO_s_accept(void); +BIO_METHOD *BIO_s_fd(void); +BIO_METHOD *BIO_s_null(void); +BIO_METHOD *BIO_f_null(void); +BIO_METHOD *BIO_f_nbio_test(void); +BIO_METHOD *BIO_f_buffer(void); + +int BIO_sock_should_retry(int i); +int BIO_sock_non_fatal_error(int error); +int BIO_fd_should_retry(int i); +int BIO_fd_non_fatal_error(int error); +int BIO_dump(BIO *b,char *bytes,int len); + +struct hostent *BIO_gethostbyname(char *name); +int BIO_sock_error(int sock); +int BIO_socket_ioctl(int fd, long type, unsigned long *arg); +int BIO_get_port(char *str, short *port_ptr); +int BIO_get_host_ip(char *str, unsigned char *ip); +int BIO_get_accept_socket(char *host_port); +int BIO_accept(int sock,char **ip_port); +int BIO_sock_init(void ); +void BIO_sock_cleanup(void); +int BIO_set_tcp_ndelay(int sock,int turn_on); + +void ERR_load_BIO_strings(void ); + +BIO *BIO_new_socket(int sock, int close_flag); +BIO *BIO_new_fd(int fd, int close_flag); +BIO *BIO_new_connect(char *host_port); +BIO *BIO_new_accept(char *host_port); + +void BIO_copy_next_retry(BIO *b); + +long BIO_ghbn_ctrl(int cmd,int iarg,char *parg); + +#else + +BIO * BIO_new(); +int BIO_set(); +int BIO_free(); +int BIO_read(); +int BIO_gets(); +int BIO_write(); +int BIO_puts(); +char * BIO_ptr_ctrl(); +long BIO_ctrl(); +long BIO_int_ctrl(); +BIO * BIO_push(); +BIO * BIO_pop(); +void BIO_free_all(); +BIO * BIO_find_type(); +BIO * BIO_get_retry_BIO(); +int BIO_get_retry_reason(); +BIO * BIO_dup_chain(); + +#ifndef WIN16 +long BIO_debug_callback(); +#else +long _far _loadds BIO_debug_callback(); +#endif + +BIO_METHOD *BIO_s_mem(); +BIO_METHOD *BIO_s_socket(); +BIO_METHOD *BIO_s_connect(); +BIO_METHOD *BIO_s_accept(); +BIO_METHOD *BIO_s_fd(); +BIO_METHOD *BIO_s_null(); +BIO_METHOD *BIO_f_null(); +BIO_METHOD *BIO_f_buffer(); +BIO_METHOD *BIO_f_nbio_test(); + +int BIO_sock_should_retry(); +int BIO_sock_non_fatal_error(); +int BIO_fd_should_retry(); +int BIO_fd_non_fatal_error(); +int BIO_dump(); + +struct hostent *BIO_gethostbyname(); +int BIO_sock_error(); +int BIO_socket_ioctl(); +int BIO_get_port(); +int BIO_get_host_ip(); +int BIO_get_accept_socket(); +int BIO_accept(); +int BIO_sock_init(); +void BIO_sock_cleanup(); +int BIO_set_tcp_ndelay(); + +void ERR_load_BIO_strings(); + +BIO *BIO_new_socket(); +BIO *BIO_new_fd(); +BIO *BIO_new_connect(); +BIO *BIO_new_accept(); + +void BIO_copy_next_retry(); + +int BIO_ghbn_ctrl(); + +#endif + +/* Tim Hudson's portable varargs stuff */ + +#ifndef NOPROTO +#define VAR_ANSI /* select ANSI version by default */ +#endif + +#ifdef VAR_ANSI +/* ANSI version of a "portable" macro set for variable length args */ +#ifndef __STDARG_H__ /**/ +#include +#endif /**/ + +#define VAR_PLIST(arg1type,arg1) arg1type arg1, ... +#define VAR_PLIST2(arg1type,arg1,arg2type,arg2) arg1type arg1,arg2type arg2,... +#define VAR_ALIST +#define VAR_BDEFN(args,arg1type,arg1) va_list args +#define VAR_BDEFN2(args,arg1type,arg1,arg2type,arg2) va_list args +#define VAR_INIT(args,arg1type,arg1) va_start(args,arg1); +#define VAR_INIT2(args,arg1type,arg1,arg2type,arg2) va_start(args,arg2); +#define VAR_ARG(args,type,arg) arg=va_arg(args,type) +#define VAR_END(args) va_end(args); + +#else + +/* K&R version of a "portable" macro set for variable length args */ +#ifndef __VARARGS_H__ +#include +#endif + +#define VAR_PLIST(arg1type,arg1) va_alist +#define VAR_PLIST2(arg1type,arg1,arg2type,arg2) va_alist +#define VAR_ALIST va_dcl +#define VAR_BDEFN(args,arg1type,arg1) va_list args; arg1type arg1 +#define VAR_BDEFN2(args,arg1type,arg1,arg2type,arg2) va_list args; \ + arg1type arg1; arg2type arg2 +#define VAR_INIT(args,arg1type,arg1) va_start(args); \ + arg1=va_arg(args,arg1type); +#define VAR_INIT2(args,arg1type,arg1,arg2type,arg2) va_start(args); \ + arg1=va_arg(args,arg1type); arg2=va_arg(args,arg2type); +#define VAR_ARG(args,type,arg) arg=va_arg(args,type) +#define VAR_END(args) va_end(args); + +#endif + +#ifndef NOPROTO +int BIO_printf( VAR_PLIST( BIO *, bio ) ); +#else +int BIO_printf(); +#endif + +/* BEGIN ERROR CODES */ +/* Error codes for the BIO functions. */ + +/* Function codes. */ +#define BIO_F_ACPT_STATE 100 +#define BIO_F_BIO_ACCEPT 101 +#define BIO_F_BIO_CTRL 102 +#define BIO_F_BIO_GETS 103 +#define BIO_F_BIO_GET_ACCEPT_SOCKET 104 +#define BIO_F_BIO_GET_HOST_IP 105 +#define BIO_F_BIO_GET_PORT 106 +#define BIO_F_BIO_NEW 107 +#define BIO_F_BIO_NEW_FILE 108 +#define BIO_F_BIO_PUTS 109 +#define BIO_F_BIO_READ 110 +#define BIO_F_BIO_SOCK_INIT 111 +#define BIO_F_BIO_WRITE 112 +#define BIO_F_BUFFER_CTRL 113 +#define BIO_F_CONN_STATE 114 +#define BIO_F_FILE_CTRL 115 +#define BIO_F_MEM_WRITE 116 +#define BIO_F_SSL_NEW 117 +#define BIO_F_WSASTARTUP 118 + +/* Reason codes. */ +#define BIO_R_ACCEPT_ERROR 100 +#define BIO_R_BAD_FOPEN_MODE 101 +#define BIO_R_BAD_HOSTNAME_LOOKUP 102 +#define BIO_R_CONNECT_ERROR 103 +#define BIO_R_ERROR_SETTING_NBIO 104 +#define BIO_R_ERROR_SETTING_NBIO_ON_ACCEPTED_SOCKET 105 +#define BIO_R_ERROR_SETTING_NBIO_ON_ACCEPT_SOCKET 106 +#define BIO_R_GETHOSTBYNAME_ADDR_IS_NOT_AF_INET 107 +#define BIO_R_INVALID_IP_ADDRESS 108 +#define BIO_R_KEEPALIVE 109 +#define BIO_R_NBIO_CONNECT_ERROR 110 +#define BIO_R_NO_ACCEPT_PORT_SPECIFIED 111 +#define BIO_R_NO_HOSTHNAME_SPECIFIED 112 +#define BIO_R_NO_PORT_DEFINED 113 +#define BIO_R_NO_PORT_SPECIFIED 114 +#define BIO_R_NULL_PARAMETER 115 +#define BIO_R_UNABLE_TO_BIND_SOCKET 116 +#define BIO_R_UNABLE_TO_CREATE_SOCKET 117 +#define BIO_R_UNABLE_TO_LISTEN_SOCKET 118 +#define BIO_R_UNINITALISED 119 +#define BIO_R_UNSUPPORTED_METHOD 120 +#define BIO_R_WSASTARTUP 121 + +#ifdef __cplusplus +} +#endif +#endif + diff --git a/src/lib/libcrypto/bio/bio_cb.c b/src/lib/libcrypto/bio/bio_cb.c new file mode 100644 index 0000000000..bc6ed9eda1 --- /dev/null +++ b/src/lib/libcrypto/bio/bio_cb.c @@ -0,0 +1,138 @@ +/* crypto/bio/bio_cb.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include +#include +#include +#include "cryptlib.h" +#include "bio.h" +#include "err.h" + +long MS_CALLBACK BIO_debug_callback(bio,cmd,argp,argi,argl,ret) +BIO *bio; +int cmd; +char *argp; +int argi; +long argl; +long ret; + { + BIO *b; + MS_STATIC char buf[256]; + char *p; + long r=1; + + if (BIO_CB_RETURN & cmd) + r=ret; + + sprintf(buf,"BIO[%08lX]:",(unsigned long)bio); + p= &(buf[14]); + switch (cmd) + { + case BIO_CB_FREE: + sprintf(p,"Free - %s\n",bio->method->name); + break; + case BIO_CB_READ: + if (bio->method->type & BIO_TYPE_DESCRIPTOR) + sprintf(p,"read(%d,%d) - %s fd=%d\n",bio->num,argi,bio->method->name,bio->num); + else + sprintf(p,"read(%d,%d) - %s\n",bio->num,argi,bio->method->name); + break; + case BIO_CB_WRITE: + if (bio->method->type & BIO_TYPE_DESCRIPTOR) + sprintf(p,"write(%d,%d) - %s fd=%d\n",bio->num,argi,bio->method->name,bio->num); + else + sprintf(p,"write(%d,%d) - %s\n",bio->num,argi,bio->method->name); + break; + case BIO_CB_PUTS: + sprintf(p,"puts() - %s\n",bio->method->name); + break; + case BIO_CB_GETS: + sprintf(p,"gets(%d) - %s\n",argi,bio->method->name); + break; + case BIO_CB_CTRL: + sprintf(p,"ctrl(%d) - %s\n",argi,bio->method->name); + break; + case BIO_CB_RETURN|BIO_CB_READ: + sprintf(p,"read return %ld\n",ret); + break; + case BIO_CB_RETURN|BIO_CB_WRITE: + sprintf(p,"write return %ld\n",ret); + break; + case BIO_CB_RETURN|BIO_CB_GETS: + sprintf(p,"gets return %ld\n",ret); + break; + case BIO_CB_RETURN|BIO_CB_PUTS: + sprintf(p,"puts return %ld\n",ret); + break; + case BIO_CB_RETURN|BIO_CB_CTRL: + sprintf(p,"ctrl return %ld\n",ret); + break; + default: + sprintf(p,"bio callback - unknown type (%d)\n",cmd); + break; + } + + b=(BIO *)bio->cb_arg; + if (b != NULL) + BIO_write(b,buf,strlen(buf)); +#if !defined(NO_STDIO) && !defined(WIN16) + else + fputs(buf,stderr); +#endif + return(r); + } diff --git a/src/lib/libcrypto/bio/bio_err.c b/src/lib/libcrypto/bio/bio_err.c new file mode 100644 index 0000000000..37e14ca107 --- /dev/null +++ b/src/lib/libcrypto/bio/bio_err.c @@ -0,0 +1,130 @@ +/* lib/bio/bio_err.c */ +/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ +#include +#include "err.h" +#include "bio.h" + +/* BEGIN ERROR CODES */ +#ifndef NO_ERR +static ERR_STRING_DATA BIO_str_functs[]= + { +{ERR_PACK(0,BIO_F_ACPT_STATE,0), "ACPT_STATE"}, +{ERR_PACK(0,BIO_F_BIO_ACCEPT,0), "BIO_accept"}, +{ERR_PACK(0,BIO_F_BIO_CTRL,0), "BIO_ctrl"}, +{ERR_PACK(0,BIO_F_BIO_GETS,0), "BIO_gets"}, +{ERR_PACK(0,BIO_F_BIO_GET_ACCEPT_SOCKET,0), "BIO_get_accept_socket"}, +{ERR_PACK(0,BIO_F_BIO_GET_HOST_IP,0), "BIO_get_host_ip"}, +{ERR_PACK(0,BIO_F_BIO_GET_PORT,0), "BIO_get_port"}, +{ERR_PACK(0,BIO_F_BIO_NEW,0), "BIO_new"}, +{ERR_PACK(0,BIO_F_BIO_NEW_FILE,0), "BIO_new_file"}, +{ERR_PACK(0,BIO_F_BIO_PUTS,0), "BIO_puts"}, +{ERR_PACK(0,BIO_F_BIO_READ,0), "BIO_read"}, +{ERR_PACK(0,BIO_F_BIO_SOCK_INIT,0), "BIO_sock_init"}, +{ERR_PACK(0,BIO_F_BIO_WRITE,0), "BIO_write"}, +{ERR_PACK(0,BIO_F_BUFFER_CTRL,0), "BUFFER_CTRL"}, +{ERR_PACK(0,BIO_F_CONN_STATE,0), "CONN_STATE"}, +{ERR_PACK(0,BIO_F_FILE_CTRL,0), "FILE_CTRL"}, +{ERR_PACK(0,BIO_F_MEM_WRITE,0), "MEM_WRITE"}, +{ERR_PACK(0,BIO_F_SSL_NEW,0), "SSL_NEW"}, +{ERR_PACK(0,BIO_F_WSASTARTUP,0), "WSASTARTUP"}, +{0,NULL}, + }; + +static ERR_STRING_DATA BIO_str_reasons[]= + { +{BIO_R_ACCEPT_ERROR ,"accept error"}, +{BIO_R_BAD_FOPEN_MODE ,"bad fopen mode"}, +{BIO_R_BAD_HOSTNAME_LOOKUP ,"bad hostname lookup"}, +{BIO_R_CONNECT_ERROR ,"connect error"}, +{BIO_R_ERROR_SETTING_NBIO ,"error setting nbio"}, +{BIO_R_ERROR_SETTING_NBIO_ON_ACCEPTED_SOCKET,"error setting nbio on accepted socket"}, +{BIO_R_ERROR_SETTING_NBIO_ON_ACCEPT_SOCKET,"error setting nbio on accept socket"}, +{BIO_R_GETHOSTBYNAME_ADDR_IS_NOT_AF_INET ,"gethostbyname addr is not af inet"}, +{BIO_R_INVALID_IP_ADDRESS ,"invalid ip address"}, +{BIO_R_KEEPALIVE ,"keepalive"}, +{BIO_R_NBIO_CONNECT_ERROR ,"nbio connect error"}, +{BIO_R_NO_ACCEPT_PORT_SPECIFIED ,"no accept port specified"}, +{BIO_R_NO_HOSTHNAME_SPECIFIED ,"no hosthname specified"}, +{BIO_R_NO_PORT_DEFINED ,"no port defined"}, +{BIO_R_NO_PORT_SPECIFIED ,"no port specified"}, +{BIO_R_NULL_PARAMETER ,"null parameter"}, +{BIO_R_UNABLE_TO_BIND_SOCKET ,"unable to bind socket"}, +{BIO_R_UNABLE_TO_CREATE_SOCKET ,"unable to create socket"}, +{BIO_R_UNABLE_TO_LISTEN_SOCKET ,"unable to listen socket"}, +{BIO_R_UNINITALISED ,"uninitalised"}, +{BIO_R_UNSUPPORTED_METHOD ,"unsupported method"}, +{BIO_R_WSASTARTUP ,"wsastartup"}, +{0,NULL}, + }; + +#endif + +void ERR_load_BIO_strings() + { + static int init=1; + + if (init); + {; + init=0; +#ifndef NO_ERR + ERR_load_strings(ERR_LIB_BIO,BIO_str_functs); + ERR_load_strings(ERR_LIB_BIO,BIO_str_reasons); +#endif + + } + } diff --git a/src/lib/libcrypto/bio/bio_lib.c b/src/lib/libcrypto/bio/bio_lib.c new file mode 100644 index 0000000000..7a66b0892e --- /dev/null +++ b/src/lib/libcrypto/bio/bio_lib.c @@ -0,0 +1,519 @@ +/* crypto/bio/bio_lib.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include +#include +#include "crypto.h" +#include "cryptlib.h" +#include "bio.h" +#include "stack.h" + +static STACK *bio_meth=NULL; +static int bio_meth_num=0; + +BIO *BIO_new(method) +BIO_METHOD *method; + { + BIO *ret=NULL; + + ret=(BIO *)Malloc(sizeof(BIO)); + if (ret == NULL) + { + BIOerr(BIO_F_BIO_NEW,ERR_R_MALLOC_FAILURE); + return(NULL); + } + if (!BIO_set(ret,method)) + { + Free(ret); + ret=NULL; + } + return(ret); + } + +int BIO_set(bio,method) +BIO *bio; +BIO_METHOD *method; + { + bio->method=method; + bio->callback=NULL; + bio->cb_arg=NULL; + bio->init=0; + bio->shutdown=1; + bio->flags=0; + bio->retry_reason=0; + bio->num=0; + bio->ptr=NULL; + bio->prev_bio=NULL; + bio->next_bio=NULL; + bio->references=1; + bio->num_read=0L; + bio->num_write=0L; + CRYPTO_new_ex_data(bio_meth,(char *)bio,&bio->ex_data); + if (method->create != NULL) + if (!method->create(bio)) + return(0); + return(1); + } + +int BIO_free(a) +BIO *a; + { + int ret=0,i; + + if (a == NULL) return(0); + + i=CRYPTO_add(&a->references,-1,CRYPTO_LOCK_BIO); +#ifdef REF_PRINT + REF_PRINT("BIO",a); +#endif + if (i > 0) return(1); +#ifdef REF_CHECK + if (i < 0) + { + fprintf(stderr,"BIO_free, bad reference count\n"); + abort(); + } +#endif + if ((a->callback != NULL) && + ((i=(int)a->callback(a,BIO_CB_FREE,NULL,0,0L,1L)) <= 0)) + return(i); + + CRYPTO_free_ex_data(bio_meth,(char *)a,&a->ex_data); + + if ((a->method == NULL) || (a->method->destroy == NULL)) return(1); + ret=a->method->destroy(a); + Free(a); + return(1); + } + +int BIO_read(b,out,outl) +BIO *b; +char *out; +int outl; + { + int i; + long (*cb)(); + + if ((b == NULL) || (b->method == NULL) || (b->method->bread == NULL)) + { + BIOerr(BIO_F_BIO_READ,BIO_R_UNSUPPORTED_METHOD); + return(-2); + } + + cb=b->callback; + if ((cb != NULL) && + ((i=(int)cb(b,BIO_CB_READ,out,outl,0L,1L)) <= 0)) + return(i); + + if (!b->init) + { + BIOerr(BIO_F_BIO_READ,BIO_R_UNINITALISED); + return(-2); + } + + i=b->method->bread(b,out,outl); + if (i > 0) b->num_read+=(unsigned long)i; + + if (cb != NULL) + i=(int)cb(b,BIO_CB_READ|BIO_CB_RETURN,out,outl, + 0L,(long)i); + return(i); + } + +int BIO_write(b,in,inl) +BIO *b; +char *in; +int inl; + { + int i; + long (*cb)(); + + if (b == NULL) + return(0); + + cb=b->callback; + if ((b->method == NULL) || (b->method->bwrite == NULL)) + { + BIOerr(BIO_F_BIO_WRITE,BIO_R_UNSUPPORTED_METHOD); + return(-2); + } + + if ((cb != NULL) && + ((i=(int)cb(b,BIO_CB_WRITE,in,inl,0L,1L)) <= 0)) + return(i); + + if (!b->init) + { + BIOerr(BIO_F_BIO_WRITE,BIO_R_UNINITALISED); + return(-2); + } + + i=b->method->bwrite(b,in,inl); + if (i > 0) b->num_write+=(unsigned long)i; + + if (cb != NULL) + i=(int)cb(b,BIO_CB_WRITE|BIO_CB_RETURN,in,inl, + 0L,(long)i); + return(i); + } + +int BIO_puts(b,in) +BIO *b; +char *in; + { + int i; + long (*cb)(); + + if ((b == NULL) || (b->method == NULL) || (b->method->bputs == NULL)) + { + BIOerr(BIO_F_BIO_PUTS,BIO_R_UNSUPPORTED_METHOD); + return(-2); + } + + cb=b->callback; + + if ((cb != NULL) && + ((i=(int)cb(b,BIO_CB_PUTS,in,0,0L,1L)) <= 0)) + return(i); + + if (!b->init) + { + BIOerr(BIO_F_BIO_PUTS,BIO_R_UNINITALISED); + return(-2); + } + + i=b->method->bputs(b,in); + + if (cb != NULL) + i=(int)cb(b,BIO_CB_PUTS|BIO_CB_RETURN,in,0, + 0L,(long)i); + return(i); + } + +int BIO_gets(b,in,inl) +BIO *b; +char *in; +int inl; + { + int i; + long (*cb)(); + + if ((b == NULL) || (b->method == NULL) || (b->method->bgets == NULL)) + { + BIOerr(BIO_F_BIO_GETS,BIO_R_UNSUPPORTED_METHOD); + return(-2); + } + + cb=b->callback; + + if ((cb != NULL) && + ((i=(int)cb(b,BIO_CB_GETS,in,inl,0L,1L)) <= 0)) + return(i); + + if (!b->init) + { + BIOerr(BIO_F_BIO_GETS,BIO_R_UNINITALISED); + return(-2); + } + + i=b->method->bgets(b,in,inl); + + if (cb != NULL) + i=(int)cb(b,BIO_CB_GETS|BIO_CB_RETURN,in,inl, + 0L,(long)i); + return(i); + } + +long BIO_int_ctrl(b,cmd,larg,iarg) +BIO *b; +int cmd; +long larg; +int iarg; + { + int i; + + i=iarg; + return(BIO_ctrl(b,cmd,larg,(char *)&i)); + } + +char *BIO_ptr_ctrl(b,cmd,larg) +BIO *b; +int cmd; +long larg; + { + char *p=NULL; + + if (BIO_ctrl(b,cmd,larg,(char *)&p) <= 0) + return(NULL); + else + return(p); + } + +long BIO_ctrl(b,cmd,larg,parg) +BIO *b; +int cmd; +long larg; +char *parg; + { + long ret; + long (*cb)(); + + if (b == NULL) return(0); + + if ((b->method == NULL) || (b->method->ctrl == NULL)) + { + BIOerr(BIO_F_BIO_CTRL,BIO_R_UNSUPPORTED_METHOD); + return(-2); + } + + cb=b->callback; + + if ((cb != NULL) && + ((ret=cb(b,BIO_CB_CTRL,parg,cmd,larg,1L)) <= 0)) + return(ret); + + ret=b->method->ctrl(b,cmd,larg,parg); + + if (cb != NULL) + ret=cb(b,BIO_CB_CTRL|BIO_CB_RETURN,parg,cmd, + larg,ret); + return(ret); + } + +/* put the 'bio' on the end of b's list of operators */ +BIO *BIO_push(b,bio) +BIO *b,*bio; + { + BIO *lb; + + if (b == NULL) return(bio); + lb=b; + while (lb->next_bio != NULL) + lb=lb->next_bio; + lb->next_bio=bio; + if (bio != NULL) + bio->prev_bio=lb; + /* called to do internal processing */ + BIO_ctrl(b,BIO_CTRL_PUSH,0,NULL); + return(b); + } + +/* Remove the first and return the rest */ +BIO *BIO_pop(b) +BIO *b; + { + BIO *ret; + + if (b == NULL) return(NULL); + ret=b->next_bio; + + if (b->prev_bio != NULL) + b->prev_bio->next_bio=b->next_bio; + if (b->next_bio != NULL) + b->next_bio->prev_bio=b->prev_bio; + + b->next_bio=NULL; + b->prev_bio=NULL; + BIO_ctrl(b,BIO_CTRL_POP,0,NULL); + return(ret); + } + +BIO *BIO_get_retry_BIO(bio,reason) +BIO *bio; +int *reason; + { + BIO *b,*last; + + b=last=bio; + for (;;) + { + if (!BIO_should_retry(b)) break; + last=b; + b=b->next_bio; + if (b == NULL) break; + } + if (reason != NULL) *reason=last->retry_reason; + return(last); + } + +int BIO_get_retry_reason(bio) +BIO *bio; + { + return(bio->retry_reason); + } + +BIO *BIO_find_type(bio,type) +BIO *bio; +int type; + { + int mt,mask; + + mask=type&0xff; + do { + if (bio->method != NULL) + { + mt=bio->method->type; + + if (!mask) + { + if (mt & type) return(bio); + } + else if (mt == type) + return(bio); + } + bio=bio->next_bio; + } while (bio != NULL); + return(NULL); + } + +void BIO_free_all(bio) +BIO *bio; + { + BIO *b; + int ref; + + while (bio != NULL) + { + b=bio; + ref=b->references; + bio=bio->next_bio; + BIO_free(b); + /* Since ref count > 1, don't free anyone else. */ + if (ref > 1) break; + } + } + +BIO *BIO_dup_chain(in) +BIO *in; + { + BIO *ret=NULL,*eoc=NULL,*bio,*new; + + for (bio=in; bio != NULL; bio=bio->next_bio) + { + if ((new=BIO_new(bio->method)) == NULL) goto err; + new->callback=bio->callback; + new->cb_arg=bio->cb_arg; + new->init=bio->init; + new->shutdown=bio->shutdown; + new->flags=bio->flags; + + /* This will let SSL_s_sock() work with stdin/stdout */ + new->num=bio->num; + + if (!BIO_dup_state(bio,(char *)new)) + { + BIO_free(new); + goto err; + } + + /* copy app data */ + if (!CRYPTO_dup_ex_data(bio_meth,&new->ex_data,&bio->ex_data)) + goto err; + + if (ret == NULL) + { + eoc=new; + ret=eoc; + } + else + { + BIO_push(eoc,new); + eoc=new; + } + } + return(ret); +err: + if (ret != NULL) + BIO_free(ret); + return(NULL); + } + +void BIO_copy_next_retry(b) +BIO *b; + { + BIO_set_flags(b,BIO_get_retry_flags(b->next_bio)); + b->retry_reason=b->next_bio->retry_reason; + } + +int BIO_get_ex_new_index(argl,argp,new_func,dup_func,free_func) +long argl; +char *argp; +int (*new_func)(); +int (*dup_func)(); +void (*free_func)(); + { + bio_meth_num++; + return(CRYPTO_get_ex_new_index(bio_meth_num-1,&bio_meth, + argl,argp,new_func,dup_func,free_func)); + } + +int BIO_set_ex_data(bio,idx,data) +BIO *bio; +int idx; +char *data; + { + return(CRYPTO_set_ex_data(&(bio->ex_data),idx,data)); + } + +char *BIO_get_ex_data(bio,idx) +BIO *bio; +int idx; + { + return(CRYPTO_get_ex_data(&(bio->ex_data),idx)); + } + diff --git a/src/lib/libcrypto/bio/bss_acpt.c b/src/lib/libcrypto/bio/bss_acpt.c new file mode 100644 index 0000000000..e49902fa9f --- /dev/null +++ b/src/lib/libcrypto/bio/bss_acpt.c @@ -0,0 +1,500 @@ +/* crypto/bio/bss_acpt.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#ifndef NO_SOCK + +#include +#include +#define USE_SOCKETS +#include "cryptlib.h" +#include "bio.h" + +/* BIOerr(BIO_F_WSASTARTUP,BIO_R_WSASTARTUP ); */ + +#ifdef WIN16 +#define SOCKET_PROTOCOL 0 /* more microsoft stupidity */ +#else +#define SOCKET_PROTOCOL IPPROTO_TCP +#endif + +typedef struct bio_accept_st + { + int state; + char *param_addr; + + int accept_sock; + int accept_nbio; + + char *addr; + int nbio; + BIO *bio_chain; + } BIO_ACCEPT; + +#ifndef NOPROTO +static int acpt_write(BIO *h,char *buf,int num); +static int acpt_read(BIO *h,char *buf,int size); +static int acpt_puts(BIO *h,char *str); +static long acpt_ctrl(BIO *h,int cmd,long arg1,char *arg2); +static int acpt_new(BIO *h); +static int acpt_free(BIO *data); +#else +static int acpt_write(); +static int acpt_read(); +static int acpt_puts(); +static long acpt_ctrl(); +static int acpt_new(); +static int acpt_free(); +#endif + +#ifndef NOPROTO +static int acpt_state(BIO *b, BIO_ACCEPT *c); +static void acpt_close_socket(BIO *data); +BIO_ACCEPT *BIO_ACCEPT_new(void ); +void BIO_ACCEPT_free(BIO_ACCEPT *a); + +#else + +static int acpt_state(); +static void acpt_close_socket(); +BIO_ACCEPT *BIO_ACCEPT_new(); +void BIO_ACCEPT_free(); +#endif + +#define ACPT_S_BEFORE 1 +#define ACPT_S_GET_ACCEPT_SOCKET 2 +#define ACPT_S_OK 3 + +static BIO_METHOD methods_acceptp= + { + BIO_TYPE_ACCEPT, + "socket accept", + acpt_write, + acpt_read, + acpt_puts, + NULL, /* connect_gets, */ + acpt_ctrl, + acpt_new, + acpt_free, + }; + +BIO_METHOD *BIO_s_accept() + { + return(&methods_acceptp); + } + +static int acpt_new(bi) +BIO *bi; + { + BIO_ACCEPT *ba; + + bi->init=0; + bi->num=INVALID_SOCKET; + bi->flags=0; + if ((ba=BIO_ACCEPT_new()) == NULL) + return(0); + bi->ptr=(char *)ba; + ba->state=ACPT_S_BEFORE; + bi->shutdown=1; + return(1); + } + +BIO_ACCEPT *BIO_ACCEPT_new() + { + BIO_ACCEPT *ret; + + if ((ret=(BIO_ACCEPT *)Malloc(sizeof(BIO_ACCEPT))) == NULL) + return(NULL); + + memset(ret,0,sizeof(BIO_ACCEPT)); + ret->accept_sock=INVALID_SOCKET; + return(ret); + } + +void BIO_ACCEPT_free(a) +BIO_ACCEPT *a; + { + if (a->param_addr != NULL) Free(a->param_addr); + if (a->addr != NULL) Free(a->addr); + if (a->bio_chain != NULL) BIO_free(a->bio_chain); + Free(a); + } + +static void acpt_close_socket(bio) +BIO *bio; + { + BIO_ACCEPT *c; + + c=(BIO_ACCEPT *)bio->ptr; + if (c->accept_sock != INVALID_SOCKET) + { + shutdown(c->accept_sock,2); +# ifdef WINDOWS + closesocket(c->accept_sock); +# else + close(c->accept_sock); +# endif + c->accept_sock=INVALID_SOCKET; + bio->num=INVALID_SOCKET; + } + } + +static int acpt_free(a) +BIO *a; + { + BIO_ACCEPT *data; + + if (a == NULL) return(0); + data=(BIO_ACCEPT *)a->ptr; + + if (a->shutdown) + { + acpt_close_socket(a); + BIO_ACCEPT_free(data); + a->ptr=NULL; + a->flags=0; + a->init=0; + } + return(1); + } + +static int acpt_state(b,c) +BIO *b; +BIO_ACCEPT *c; + { + BIO *bio=NULL,*dbio; + unsigned long l=1; + int s= -1; + int i; + +again: + switch (c->state) + { + case ACPT_S_BEFORE: + if (c->param_addr == NULL) + { + BIOerr(BIO_F_ACPT_STATE,BIO_R_NO_ACCEPT_PORT_SPECIFIED); + return(-1); + } + s=BIO_get_accept_socket(c->param_addr); + if (s == INVALID_SOCKET) + return(-1); + +#ifdef FIONBIO + if (c->accept_nbio) + { + i=BIO_socket_ioctl(b->num,FIONBIO,&l); + if (i < 0) + { +#ifdef WINDOWS + closesocket(s); +#else + close(s); +# endif + BIOerr(BIO_F_ACPT_STATE,BIO_R_ERROR_SETTING_NBIO_ON_ACCEPT_SOCKET); + return(-1); + } + } +#endif + c->accept_sock=s; + b->num=s; + c->state=ACPT_S_GET_ACCEPT_SOCKET; + return(1); + break; + case ACPT_S_GET_ACCEPT_SOCKET: + if (b->next_bio != NULL) + { + c->state=ACPT_S_OK; + goto again; + } + i=BIO_accept(c->accept_sock,&(c->addr)); + if (i < 0) return(i); + bio=BIO_new_socket(i,BIO_CLOSE); + if (bio == NULL) goto err; + + BIO_set_callback(bio,BIO_get_callback(b)); + BIO_set_callback_arg(bio,BIO_get_callback_arg(b)); + +#ifdef FIONBIO + if (c->nbio) + { + i=BIO_socket_ioctl(i,FIONBIO,&l); + if (i < 0) + { + BIOerr(BIO_F_ACPT_STATE,BIO_R_ERROR_SETTING_NBIO_ON_ACCEPTED_SOCKET); + goto err; + } + } +#endif + + /* If the accept BIO has an bio_chain, we dup it and + * put the new socket at the end. */ + if (c->bio_chain != NULL) + { + if ((dbio=BIO_dup_chain(c->bio_chain)) == NULL) + goto err; + if (!BIO_push(dbio,bio)) goto err; + bio=dbio; + } + if (BIO_push(b,bio) == NULL) goto err; + + c->state=ACPT_S_OK; + return(1); +err: + if (bio != NULL) + BIO_free(bio); + else if (s >= 0) + { +#ifdef WINDOWS + closesocket(s); +#else + close(s); +# endif + } + return(0); + break; + case ACPT_S_OK: + if (b->next_bio == NULL) + { + c->state=ACPT_S_GET_ACCEPT_SOCKET; + goto again; + } + return(1); + break; + default: + return(0); + break; + } + + } + +static int acpt_read(b,out,outl) +BIO *b; +char *out; +int outl; + { + int ret=0; + BIO_ACCEPT *data; + + BIO_clear_retry_flags(b); + data=(BIO_ACCEPT *)b->ptr; + + while (b->next_bio == NULL) + { + ret=acpt_state(b,data); + if (ret <= 0) return(ret); + } + + ret=BIO_read(b->next_bio,out,outl); + BIO_copy_next_retry(b); + return(ret); + } + +static int acpt_write(b,in,inl) +BIO *b; +char *in; +int inl; + { + int ret; + BIO_ACCEPT *data; + + BIO_clear_retry_flags(b); + data=(BIO_ACCEPT *)b->ptr; + + while (b->next_bio == NULL) + { + ret=acpt_state(b,data); + if (ret <= 0) return(ret); + } + + ret=BIO_write(b->next_bio,in,inl); + BIO_copy_next_retry(b); + return(ret); + } + +static long acpt_ctrl(b,cmd,num,ptr) +BIO *b; +int cmd; +long num; +char *ptr; + { + BIO *dbio; + int *ip; + long ret=1; + BIO_ACCEPT *data; + char **pp; + + data=(BIO_ACCEPT *)b->ptr; + + switch (cmd) + { + case BIO_CTRL_RESET: + ret=0; + data->state=ACPT_S_BEFORE; + acpt_close_socket(b); + b->flags=0; + break; + case BIO_C_DO_STATE_MACHINE: + /* use this one to start the connection */ + ret=(long)acpt_state(b,data); + break; + case BIO_C_SET_ACCEPT: + if (ptr != NULL) + { + if (num == 0) + { + b->init=1; + if (data->param_addr != NULL) + Free(data->param_addr); + data->param_addr=BUF_strdup(ptr); + } + else if (num == 1) + { + data->accept_nbio=(ptr != NULL); + } + else if (num == 2) + { + if (data->bio_chain != NULL) + BIO_free(data->bio_chain); + data->bio_chain=(BIO *)ptr; + } + } + break; + case BIO_C_SET_NBIO: + data->nbio=(int)num; + break; + case BIO_C_GET_FD: + if (b->init) + { + ip=(int *)ptr; + if (ip != NULL) + *ip=data->accept_sock; + ret=b->num; + } + else + ret= -1; + break; + case BIO_C_GET_ACCEPT: + if (b->init) + { + if (ptr != NULL) + { + pp=(char **)ptr; + *pp=data->param_addr; + } + else + ret= -1; + } + else + ret= -1; + break; + case BIO_CTRL_GET_CLOSE: + ret=b->shutdown; + break; + case BIO_CTRL_SET_CLOSE: + b->shutdown=(int)num; + break; + case BIO_CTRL_PENDING: + case BIO_CTRL_WPENDING: + ret=0; + break; + case BIO_CTRL_FLUSH: + break; + case BIO_CTRL_DUP: + dbio=(BIO *)ptr; +/* if (data->param_port) EAY EAY + BIO_set_port(dbio,data->param_port); + if (data->param_hostname) + BIO_set_hostname(dbio,data->param_hostname); + BIO_set_nbio(dbio,data->nbio); */ + break; + + default: + ret=0; + break; + } + return(ret); + } + +static int acpt_puts(bp,str) +BIO *bp; +char *str; + { + int n,ret; + + n=strlen(str); + ret=acpt_write(bp,str,n); + return(ret); + } + +BIO *BIO_new_accept(str) +char *str; + { + BIO *ret; + + ret=BIO_new(BIO_s_accept()); + if (ret == NULL) return(NULL); + if (BIO_set_accept_port(ret,str)) + return(ret); + else + { + BIO_free(ret); + return(NULL); + } + } + +#endif diff --git a/src/lib/libcrypto/bio/bss_conn.c b/src/lib/libcrypto/bio/bss_conn.c new file mode 100644 index 0000000000..6e547bf866 --- /dev/null +++ b/src/lib/libcrypto/bio/bss_conn.c @@ -0,0 +1,648 @@ +/* crypto/bio/bss_conn.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#ifndef NO_SOCK + +#include +#include +#define USE_SOCKETS +#include "cryptlib.h" +#include "bio.h" + +/* BIOerr(BIO_F_WSASTARTUP,BIO_R_WSASTARTUP ); */ + +#ifdef WIN16 +#define SOCKET_PROTOCOL 0 /* more microsoft stupidity */ +#else +#define SOCKET_PROTOCOL IPPROTO_TCP +#endif + +typedef struct bio_connect_st + { + int state; + + char *param_hostname; + char *param_port; + int nbio; + + unsigned char ip[4]; + short port; + + struct sockaddr_in them; + + /* int socket; this will be kept in bio->num so that it is + * compatable with the bss_sock bio */ + int error; + + /* called when the connection is initially made + * callback(BIO,state,ret); The callback should return + * 'ret'. state is for compatablity with the ssl info_callback */ + int (*info_callback)(); + } BIO_CONNECT; + +#ifndef NOPROTO +static int conn_write(BIO *h,char *buf,int num); +static int conn_read(BIO *h,char *buf,int size); +static int conn_puts(BIO *h,char *str); +static long conn_ctrl(BIO *h,int cmd,long arg1,char *arg2); +static int conn_new(BIO *h); +static int conn_free(BIO *data); +#else +static int conn_write(); +static int conn_read(); +static int conn_puts(); +static long conn_ctrl(); +static int conn_new(); +static int conn_free(); +#endif + +#ifndef NOPROTO + +static int conn_state(BIO *b, BIO_CONNECT *c); +static void conn_close_socket(BIO *data); +BIO_CONNECT *BIO_CONNECT_new(void ); +void BIO_CONNECT_free(BIO_CONNECT *a); + +#else + +static int conn_state(); +static void conn_close_socket(); +BIO_CONNECT *BIO_CONNECT_new(); +void BIO_CONNECT_free(); + +#endif + +static BIO_METHOD methods_connectp= + { + BIO_TYPE_CONNECT, + "socket connect", + conn_write, + conn_read, + conn_puts, + NULL, /* connect_gets, */ + conn_ctrl, + conn_new, + conn_free, + }; + +static int conn_state(b,c) +BIO *b; +BIO_CONNECT *c; + { + int ret= -1,i; + unsigned long l; + char *p,*q; + int (*cb)()=NULL; + + if (c->info_callback != NULL) + cb=c->info_callback; + + for (;;) + { + switch (c->state) + { + case BIO_CONN_S_BEFORE: + p=c->param_hostname; + if (p == NULL) + { + BIOerr(BIO_F_CONN_STATE,BIO_R_NO_HOSTHNAME_SPECIFIED); + goto exit_loop; + } + for ( ; *p != '\0'; p++) + { + if ((*p == ':') || (*p == '/')) break; + } + + i= *p; + if ((i == ':') || (i == '/')) + { + + *(p++)='\0'; + if (i == ':') + { + for (q=p; *q; q++) + if (*q == '/') + { + *q='\0'; + break; + } + if (c->param_port != NULL) + Free(c->param_port); + c->param_port=BUF_strdup(p); + } + } + + if (p == NULL) + { + BIOerr(BIO_F_CONN_STATE,BIO_R_NO_PORT_SPECIFIED); + ERR_add_error_data(2,"host=",c->param_hostname); + goto exit_loop; + } + c->state=BIO_CONN_S_GET_IP; + break; + + case BIO_CONN_S_GET_IP: + if (BIO_get_host_ip(c->param_hostname,&(c->ip[0])) <= 0) + goto exit_loop; + c->state=BIO_CONN_S_GET_PORT; + break; + + case BIO_CONN_S_GET_PORT: + if (BIO_get_port(c->param_port,&c->port) <= 0) + goto exit_loop; + c->state=BIO_CONN_S_CREATE_SOCKET; + break; + + case BIO_CONN_S_CREATE_SOCKET: + /* now setup address */ + memset((char *)&c->them,0,sizeof(c->them)); + c->them.sin_family=AF_INET; + c->them.sin_port=htons((unsigned short)c->port); + l=(unsigned long) + ((unsigned long)c->ip[0]<<24L)| + ((unsigned long)c->ip[1]<<16L)| + ((unsigned long)c->ip[2]<< 8L)| + ((unsigned long)c->ip[3]); + c->them.sin_addr.s_addr=htonl(l); + c->state=BIO_CONN_S_CREATE_SOCKET; + + ret=socket(AF_INET,SOCK_STREAM,SOCKET_PROTOCOL); + if (ret == INVALID_SOCKET) + { + SYSerr(SYS_F_SOCKET,get_last_socket_error()); + ERR_add_error_data(4,"host=",c->param_hostname, + ":",c->param_port); + BIOerr(BIO_F_CONN_STATE,BIO_R_UNABLE_TO_CREATE_SOCKET); + goto exit_loop; + } + b->num=ret; + c->state=BIO_CONN_S_NBIO; + break; + + case BIO_CONN_S_NBIO: +#ifdef FIONBIO + if (c->nbio) + { + l=1; + ret=BIO_socket_ioctl(b->num,FIONBIO,&l); + if (ret < 0) + { + BIOerr(BIO_F_CONN_STATE,BIO_R_ERROR_SETTING_NBIO); + ERR_add_error_data(4,"host=", + c->param_hostname, + ":",c->param_port); + goto exit_loop; + } + } +#endif + c->state=BIO_CONN_S_CONNECT; + +#ifdef SO_KEEPALIVE + i=1; + i=setsockopt(b->num,SOL_SOCKET,SO_KEEPALIVE,(char *)&i,sizeof(i)); + if (i < 0) + { + SYSerr(SYS_F_SOCKET,get_last_socket_error()); + ERR_add_error_data(4,"host=",c->param_hostname, + ":",c->param_port); + BIOerr(BIO_F_CONN_STATE,BIO_R_KEEPALIVE); + goto exit_loop; + } +#endif + break; + + case BIO_CONN_S_CONNECT: + BIO_clear_retry_flags(b); + ret=connect(b->num, + (struct sockaddr *)&c->them, + sizeof(c->them)); + b->retry_reason=0; + if (ret < 0) + { + if (BIO_sock_should_retry(ret)) + { + BIO_set_retry_special(b); + c->state=BIO_CONN_S_BLOCKED_CONNECT; + b->retry_reason=BIO_RR_CONNECT; + } + else + { + SYSerr(SYS_F_CONNECT,get_last_socket_error()); + ERR_add_error_data(4,"host=", + c->param_hostname, + ":",c->param_port); + BIOerr(BIO_F_CONN_STATE,BIO_R_CONNECT_ERROR); + } + goto exit_loop; + } + else + c->state=BIO_CONN_S_OK; + break; + + case BIO_CONN_S_BLOCKED_CONNECT: + i=BIO_sock_error(b->num); + if (i) + { + BIO_clear_retry_flags(b); + SYSerr(SYS_F_CONNECT,i); + ERR_add_error_data(4,"host=", + c->param_hostname, + ":",c->param_port); + BIOerr(BIO_F_CONN_STATE,BIO_R_NBIO_CONNECT_ERROR); + ret=0; + goto exit_loop; + } + else + c->state=BIO_CONN_S_OK; + break; + + case BIO_CONN_S_OK: + ret=1; + goto exit_loop; + default: + abort(); + goto exit_loop; + } + + if (cb != NULL) + { + if (!(ret=cb((BIO *)b,c->state,ret))) + goto end; + } + } + + if (1) + { +exit_loop: + if (cb != NULL) + ret=cb((BIO *)b,c->state,ret); + } +end: + return(ret); + } + +BIO_CONNECT *BIO_CONNECT_new() + { + BIO_CONNECT *ret; + + if ((ret=(BIO_CONNECT *)Malloc(sizeof(BIO_CONNECT))) == NULL) + return(NULL); + ret->state=BIO_CONN_S_BEFORE; + ret->param_hostname=NULL; + ret->param_port=NULL; + ret->info_callback=NULL; + ret->nbio=0; + ret->ip[0]=0; + ret->ip[1]=0; + ret->ip[2]=0; + ret->ip[3]=0; + ret->port=0; + memset((char *)&ret->them,0,sizeof(ret->them)); + ret->error=0; + return(ret); + } + +void BIO_CONNECT_free(a) +BIO_CONNECT *a; + { + if (a->param_hostname != NULL) + Free(a->param_hostname); + if (a->param_port != NULL) + Free(a->param_port); + Free(a); + } + +BIO_METHOD *BIO_s_connect() + { + return(&methods_connectp); + } + +static int conn_new(bi) +BIO *bi; + { + bi->init=0; + bi->num=INVALID_SOCKET; + bi->flags=0; + if ((bi->ptr=(char *)BIO_CONNECT_new()) == NULL) + return(0); + else + return(1); + } + +static void conn_close_socket(bio) +BIO *bio; + { + BIO_CONNECT *c; + + c=(BIO_CONNECT *)bio->ptr; + if (bio->num != INVALID_SOCKET) + { + /* Only do a shutdown if things were established */ + if (c->state == BIO_CONN_S_OK) + shutdown(bio->num,2); +# ifdef WINDOWS + closesocket(bio->num); +# else + close(bio->num); +# endif + bio->num=INVALID_SOCKET; + } + } + +static int conn_free(a) +BIO *a; + { + BIO_CONNECT *data; + + if (a == NULL) return(0); + data=(BIO_CONNECT *)a->ptr; + + if (a->shutdown) + { + conn_close_socket(a); + BIO_CONNECT_free(data); + a->ptr=NULL; + a->flags=0; + a->init=0; + } + return(1); + } + +static int conn_read(b,out,outl) +BIO *b; +char *out; +int outl; + { + int ret=0; + BIO_CONNECT *data; + + data=(BIO_CONNECT *)b->ptr; + if (data->state != BIO_CONN_S_OK) + { + ret=conn_state(b,data); + if (ret <= 0) + return(ret); + } + + if (out != NULL) + { + clear_socket_error(); +#if defined(WINDOWS) + ret=recv(b->num,out,outl,0); +#else + ret=read(b->num,out,outl); +#endif + BIO_clear_retry_flags(b); + if (ret <= 0) + { + if (BIO_sock_should_retry(ret)) + BIO_set_retry_read(b); + } + } + return(ret); + } + +static int conn_write(b,in,inl) +BIO *b; +char *in; +int inl; + { + int ret; + BIO_CONNECT *data; + + data=(BIO_CONNECT *)b->ptr; + if (data->state != BIO_CONN_S_OK) + { + ret=conn_state(b,data); + if (ret <= 0) return(ret); + } + + clear_socket_error(); +#if defined(WINDOWS) + ret=send(b->num,in,inl,0); +#else + ret=write(b->num,in,inl); +#endif + BIO_clear_retry_flags(b); + if (ret <= 0) + { + if (BIO_sock_should_retry(ret)) + BIO_set_retry_write(b); + } + return(ret); + } + +static long conn_ctrl(b,cmd,num,ptr) +BIO *b; +int cmd; +long num; +char *ptr; + { + BIO *dbio; + int *ip; + char **pptr; + long ret=1; + BIO_CONNECT *data; + + data=(BIO_CONNECT *)b->ptr; + + switch (cmd) + { + case BIO_CTRL_RESET: + ret=0; + data->state=BIO_CONN_S_BEFORE; + conn_close_socket(b); + b->flags=0; + break; + case BIO_C_DO_STATE_MACHINE: + /* use this one to start the connection */ + if (!data->state != BIO_CONN_S_OK) + ret=(long)conn_state(b,data); + else + ret=1; + break; + case BIO_C_GET_CONNECT: + if (ptr != NULL) + { + pptr=(char **)ptr; + if (num == 0) + { + *pptr=data->param_hostname; + + } + else if (num == 1) + { + *pptr=data->param_port; + } + else if (num == 2) + { + *pptr= (char *)&(data->ip[0]); + } + else if (num == 3) + { + *((int *)ptr)=data->port; + } + if ((!b->init) || (ptr == NULL)) + *pptr="not initalised"; + ret=1; + } + break; + case BIO_C_SET_CONNECT: + if (ptr != NULL) + { + b->init=1; + if (num == 0) + { + if (data->param_hostname != NULL) + Free(data->param_hostname); + data->param_hostname=BUF_strdup(ptr); + } + else if (num == 1) + { + if (data->param_port != NULL) + Free(data->param_port); + data->param_port=BUF_strdup(ptr); + } + else if (num == 2) + memcpy(data->ip,ptr,4); + else if (num == 3) + data->port= *(int *)ptr; + } + break; + case BIO_C_SET_NBIO: + data->nbio=(int)num; + break; + case BIO_C_GET_FD: + if (b->init) + { + ip=(int *)ptr; + if (ip != NULL) + *ip=b->num; + ret=b->num; + } + else + ret= -1; + break; + case BIO_CTRL_GET_CLOSE: + ret=b->shutdown; + break; + case BIO_CTRL_SET_CLOSE: + b->shutdown=(int)num; + break; + case BIO_CTRL_PENDING: + case BIO_CTRL_WPENDING: + ret=0; + break; + case BIO_CTRL_FLUSH: + break; + case BIO_CTRL_DUP: + dbio=(BIO *)ptr; + if (data->param_port) + BIO_set_conn_port(dbio,data->param_port); + if (data->param_hostname) + BIO_set_conn_hostname(dbio,data->param_hostname); + BIO_set_nbio(dbio,data->nbio); + BIO_set_info_callback(dbio,data->info_callback); + break; + case BIO_CTRL_SET_CALLBACK: + data->info_callback=(int (*)())ptr; + break; + case BIO_CTRL_GET_CALLBACK: + { + int (**fptr)(); + + fptr=(int (**)())ptr; + *fptr=data->info_callback; + } + break; + default: + ret=0; + break; + } + return(ret); + } + +static int conn_puts(bp,str) +BIO *bp; +char *str; + { + int n,ret; + + n=strlen(str); + ret=conn_write(bp,str,n); + return(ret); + } + +BIO *BIO_new_connect(str) +char *str; + { + BIO *ret; + + ret=BIO_new(BIO_s_connect()); + if (ret == NULL) return(NULL); + if (BIO_set_conn_hostname(ret,str)) + return(ret); + else + { + BIO_free(ret); + return(NULL); + } + } + +#endif + diff --git a/src/lib/libcrypto/bio/bss_fd.c b/src/lib/libcrypto/bio/bss_fd.c new file mode 100644 index 0000000000..686c4909a2 --- /dev/null +++ b/src/lib/libcrypto/bio/bss_fd.c @@ -0,0 +1,62 @@ +/* crypto/bio/bss_fd.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#define BIO_FD +#include "bss_sock.c" +#undef BIO_FD + diff --git a/src/lib/libcrypto/bio/bss_file.c b/src/lib/libcrypto/bio/bss_file.c new file mode 100644 index 0000000000..1484cf849e --- /dev/null +++ b/src/lib/libcrypto/bio/bss_file.c @@ -0,0 +1,339 @@ +/* crypto/bio/bss_file.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +/* + * 03-Dec-1997 rdenny@dc3.com Fix bug preventing use of stdin/stdout + * with binary data (e.g. asn1parse -inform DER < xxx) under + * Windows + */ + +#ifndef HEADER_BSS_FILE_C +#define HEADER_BSS_FILE_C + +#include +#include +#include "cryptlib.h" +#include "bio.h" +#include "err.h" + +#if !defined(NO_STDIO) + +#ifndef NOPROTO +static int MS_CALLBACK file_write(BIO *h,char *buf,int num); +static int MS_CALLBACK file_read(BIO *h,char *buf,int size); +static int MS_CALLBACK file_puts(BIO *h,char *str); +static int MS_CALLBACK file_gets(BIO *h,char *str,int size); +static long MS_CALLBACK file_ctrl(BIO *h,int cmd,long arg1,char *arg2); +static int MS_CALLBACK file_new(BIO *h); +static int MS_CALLBACK file_free(BIO *data); +#else +static int MS_CALLBACK file_write(); +static int MS_CALLBACK file_read(); +static int MS_CALLBACK file_puts(); +static int MS_CALLBACK file_gets(); +static long MS_CALLBACK file_ctrl(); +static int MS_CALLBACK file_new(); +static int MS_CALLBACK file_free(); +#endif + +static BIO_METHOD methods_filep= + { + BIO_TYPE_FILE, + "FILE pointer", + file_write, + file_read, + file_puts, + file_gets, + file_ctrl, + file_new, + file_free, + }; + +BIO *BIO_new_file(filename,mode) +char *filename; +char *mode; + { + BIO *ret; + FILE *file; + + if ((file=fopen(filename,mode)) == NULL) + { + SYSerr(SYS_F_FOPEN,get_last_sys_error()); + ERR_add_error_data(5,"fopen('",filename,"','",mode,"')"); + BIOerr(BIO_F_BIO_NEW_FILE,ERR_R_SYS_LIB); + return(NULL); + } + if ((ret=BIO_new(BIO_s_file_internal())) == NULL) + return(NULL); + + BIO_set_fp(ret,file,BIO_CLOSE); + return(ret); + } + +BIO *BIO_new_fp(stream,close_flag) +FILE *stream; +int close_flag; + { + BIO *ret; + + if ((ret=BIO_new(BIO_s_file())) == NULL) + return(NULL); + + BIO_set_fp(ret,stream,close_flag); + return(ret); + } + +BIO_METHOD *BIO_s_file() + { + return(&methods_filep); + } + +static int MS_CALLBACK file_new(bi) +BIO *bi; + { + bi->init=0; + bi->num=0; + bi->ptr=NULL; + return(1); + } + +static int MS_CALLBACK file_free(a) +BIO *a; + { + if (a == NULL) return(0); + if (a->shutdown) + { + if ((a->init) && (a->ptr != NULL)) + { + fclose((FILE *)a->ptr); + a->ptr=NULL; + } + a->init=0; + } + return(1); + } + +static int MS_CALLBACK file_read(b,out,outl) +BIO *b; +char *out; +int outl; + { + int ret=0; + + if (b->init && (out != NULL)) + { + ret=fread(out,1,(int)outl,(FILE *)b->ptr); + } + return(ret); + } + +static int MS_CALLBACK file_write(b,in,inl) +BIO *b; +char *in; +int inl; + { + int ret=0; + + if (b->init && (in != NULL)) + { + if (fwrite(in,(int)inl,1,(FILE *)b->ptr)) + ret=inl; + /* ret=fwrite(in,1,(int)inl,(FILE *)b->ptr); */ + /* acording to Tim Hudson , the commented + * out version above can cause 'inl' write calls under + * some stupid stdio implementations (VMS) */ + } + return(ret); + } + +static long MS_CALLBACK file_ctrl(b,cmd,num,ptr) +BIO *b; +int cmd; +long num; +char *ptr; + { + long ret=1; + FILE *fp=(FILE *)b->ptr; + FILE **fpp; + char p[4]; + + switch (cmd) + { + case BIO_CTRL_RESET: + ret=(long)fseek(fp,num,0); + break; + case BIO_CTRL_EOF: + ret=(long)feof(fp); + break; + case BIO_CTRL_INFO: + ret=ftell(fp); + break; + case BIO_C_SET_FILE_PTR: + file_free(b); + b->shutdown=(int)num; + b->ptr=(char *)ptr; + b->init=1; +#if defined(MSDOS) || defined(WINDOWS) + /* Set correct text/binary mode */ + if (num & BIO_FP_TEXT) + _setmode(fileno((FILE *)ptr),_O_TEXT); + else + _setmode(fileno((FILE *)ptr),_O_BINARY); +#endif + break; + case BIO_C_SET_FILENAME: + file_free(b); + b->shutdown=(int)num&BIO_CLOSE; + if (num & BIO_FP_APPEND) + { + if (num & BIO_FP_READ) + strcpy(p,"a+"); + else strcpy(p,"a"); + } + else if ((num & BIO_FP_READ) && (num & BIO_FP_WRITE)) + strcpy(p,"r+"); + else if (num & BIO_FP_WRITE) + strcpy(p,"w"); + else if (num & BIO_FP_READ) + strcpy(p,"r"); + else + { + BIOerr(BIO_F_FILE_CTRL,BIO_R_BAD_FOPEN_MODE); + ret=0; + break; + } +#if defined(MSDOS) || defined(WINDOWS) + if (!(num & BIO_FP_TEXT)) + strcat(p,"b"); + else + strcat(p,"t"); +#endif + fp=fopen(ptr,p); + if (fp == NULL) + { + SYSerr(SYS_F_FOPEN,get_last_sys_error()); + ERR_add_error_data(5,"fopen('",ptr,"','",p,"')"); + BIOerr(BIO_F_FILE_CTRL,ERR_R_SYS_LIB); + ret=0; + break; + } + b->ptr=(char *)fp; + b->init=1; + break; + case BIO_C_GET_FILE_PTR: + /* the ptr parameter is actually a FILE ** in this case. */ + if (ptr != NULL) + { + fpp=(FILE **)ptr; + *fpp=(FILE *)b->ptr; + } + break; + case BIO_CTRL_GET_CLOSE: + ret=(long)b->shutdown; + break; + case BIO_CTRL_SET_CLOSE: + b->shutdown=(int)num; + break; + case BIO_CTRL_FLUSH: + fflush((FILE *)b->ptr); + break; + case BIO_CTRL_DUP: + ret=1; + break; + + case BIO_CTRL_WPENDING: + case BIO_CTRL_PENDING: + case BIO_CTRL_PUSH: + case BIO_CTRL_POP: + default: + ret=0; + break; + } + return(ret); + } + +static int MS_CALLBACK file_gets(bp,buf,size) +BIO *bp; +char *buf; +int size; + { + int ret=0; + + buf[0]='\0'; + fgets(buf,size,(FILE *)bp->ptr); + if (buf[0] != '\0') + ret=strlen(buf); + return(ret); + } + +static int MS_CALLBACK file_puts(bp,str) +BIO *bp; +char *str; + { + int n,ret; + + n=strlen(str); + ret=file_write(bp,str,n); + return(ret); + } + +#endif /* NO_STDIO */ + +#endif /* HEADER_BSS_FILE_C */ + + diff --git a/src/lib/libcrypto/bio/bss_mem.c b/src/lib/libcrypto/bio/bss_mem.c new file mode 100644 index 0000000000..40c4e39f02 --- /dev/null +++ b/src/lib/libcrypto/bio/bss_mem.c @@ -0,0 +1,297 @@ +/* crypto/bio/bss_mem.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include +#include +#include "cryptlib.h" +#include "bio.h" + +#ifndef NOPROTO +static int mem_write(BIO *h,char *buf,int num); +static int mem_read(BIO *h,char *buf,int size); +static int mem_puts(BIO *h,char *str); +static int mem_gets(BIO *h,char *str,int size); +static long mem_ctrl(BIO *h,int cmd,long arg1,char *arg2); +static int mem_new(BIO *h); +static int mem_free(BIO *data); +#else +static int mem_write(); +static int mem_read(); +static int mem_puts(); +static int mem_gets(); +static long mem_ctrl(); +static int mem_new(); +static int mem_free(); +#endif + +static BIO_METHOD mem_method= + { + BIO_TYPE_MEM, + "memory buffer", + mem_write, + mem_read, + mem_puts, + mem_gets, + mem_ctrl, + mem_new, + mem_free, + }; + +BIO_METHOD *BIO_s_mem() + { + return(&mem_method); + } + +static int mem_new(bi) +BIO *bi; + { + BUF_MEM *b; + + if ((b=BUF_MEM_new()) == NULL) + return(0); + bi->shutdown=1; + bi->init=1; + bi->num=0; + bi->ptr=(char *)b; + return(1); + } + +static int mem_free(a) +BIO *a; + { + if (a == NULL) return(0); + if (a->shutdown) + { + if ((a->init) && (a->ptr != NULL)) + { + BUF_MEM_free((BUF_MEM *)a->ptr); + a->ptr=NULL; + } + } + return(1); + } + +static int mem_read(b,out,outl) +BIO *b; +char *out; +int outl; + { + int ret= -1; + BUF_MEM *bm; + int i; + char *from,*to; + + bm=(BUF_MEM *)b->ptr; + BIO_clear_retry_flags(b); + ret=(outl > bm->length)?bm->length:outl; + if ((out != NULL) && (ret > 0)) + { + memcpy(out,bm->data,ret); + bm->length-=ret; + /* memmove(&(bm->data[0]),&(bm->data[ret]), bm->length); */ + from=(char *)&(bm->data[ret]); + to=(char *)&(bm->data[0]); + for (i=0; ilength; i++) + to[i]=from[i]; + } + else if (bm->length == 0) + { + BIO_set_retry_read(b); + ret= -1; + } + return(ret); + } + +static int mem_write(b,in,inl) +BIO *b; +char *in; +int inl; + { + int ret= -1; + int blen; + BUF_MEM *bm; + + bm=(BUF_MEM *)b->ptr; + if (in == NULL) + { + BIOerr(BIO_F_MEM_WRITE,BIO_R_NULL_PARAMETER); + goto end; + } + + BIO_clear_retry_flags(b); + blen=bm->length; + if (BUF_MEM_grow(bm,blen+inl) != (blen+inl)) + goto end; + memcpy(&(bm->data[blen]),in,inl); + ret=inl; +end: + return(ret); + } + +static long mem_ctrl(b,cmd,num,ptr) +BIO *b; +int cmd; +long num; +char *ptr; + { + long ret=1; + char **pptr; + + BUF_MEM *bm=(BUF_MEM *)b->ptr; + + switch (cmd) + { + case BIO_CTRL_RESET: + if (bm->data != NULL) + memset(bm->data,0,bm->max); + bm->length=0; + break; + case BIO_CTRL_EOF: + ret=(long)(bm->length == 0); + break; + case BIO_CTRL_INFO: + ret=(long)bm->length; + if (ptr != NULL) + { + pptr=(char **)ptr; + *pptr=(char *)&(bm->data[0]); + } + break; + case BIO_C_SET_BUF_MEM: + mem_free(b); + b->shutdown=(int)num; + b->ptr=ptr; + break; + case BIO_C_GET_BUF_MEM_PTR: + if (ptr != NULL) + { + pptr=(char **)ptr; + *pptr=(char *)bm; + } + break; + case BIO_CTRL_GET_CLOSE: + ret=(long)b->shutdown; + break; + case BIO_CTRL_SET_CLOSE: + b->shutdown=(int)num; + break; + + case BIO_CTRL_WPENDING: + ret=0L; + break; + case BIO_CTRL_PENDING: + ret=(long)bm->length; + break; + case BIO_CTRL_DUP: + case BIO_CTRL_FLUSH: + ret=1; + break; + case BIO_CTRL_PUSH: + case BIO_CTRL_POP: + default: + ret=0; + break; + } + return(ret); + } + +static int mem_gets(bp,buf,size) +BIO *bp; +char *buf; +int size; + { + int i,j; + int ret= -1; + char *p; + BUF_MEM *bm=(BUF_MEM *)bp->ptr; + + BIO_clear_retry_flags(bp); + j=bm->length; + if (j <= 0) return(0); + p=bm->data; + for (i=0; i 0) buf[i]='\0'; + ret=i; + return(ret); + } + +static int mem_puts(bp,str) +BIO *bp; +char *str; + { + int n,ret; + + n=strlen(str); + ret=mem_write(bp,str,n); + /* memory semantics is that it will always work */ + return(ret); + } + diff --git a/src/lib/libcrypto/bio/bss_null.c b/src/lib/libcrypto/bio/bss_null.c new file mode 100644 index 0000000000..0791a2471a --- /dev/null +++ b/src/lib/libcrypto/bio/bss_null.c @@ -0,0 +1,177 @@ +/* crypto/bio/bss_null.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include +#include +#include "cryptlib.h" +#include "bio.h" + +#ifndef NOPROTO +static int null_write(BIO *h,char *buf,int num); +static int null_read(BIO *h,char *buf,int size); +static int null_puts(BIO *h,char *str); +static int null_gets(BIO *h,char *str,int size); +static long null_ctrl(BIO *h,int cmd,long arg1,char *arg2); +static int null_new(BIO *h); +static int null_free(BIO *data); +#else +static int null_write(); +static int null_read(); +static int null_puts(); +static int null_gets(); +static long null_ctrl(); +static int null_new(); +static int null_free(); +#endif + +static BIO_METHOD null_method= + { + BIO_TYPE_NULL, + "NULL", + null_write, + null_read, + null_puts, + null_gets, + null_ctrl, + null_new, + null_free, + }; + +BIO_METHOD *BIO_s_null() + { + return(&null_method); + } + +static int null_new(bi) +BIO *bi; + { + bi->init=1; + bi->num=0; + bi->ptr=(NULL); + return(1); + } + +static int null_free(a) +BIO *a; + { + if (a == NULL) return(0); + return(1); + } + +static int null_read(b,out,outl) +BIO *b; +char *out; +int outl; + { + return(0); + } + +static int null_write(b,in,inl) +BIO *b; +char *in; +int inl; + { + return(inl); + } + +static long null_ctrl(b,cmd,num,ptr) +BIO *b; +int cmd; +long num; +char *ptr; + { + long ret=1; + + switch (cmd) + { + case BIO_CTRL_RESET: + case BIO_CTRL_EOF: + case BIO_CTRL_SET: + case BIO_CTRL_SET_CLOSE: + case BIO_CTRL_FLUSH: + case BIO_CTRL_DUP: + ret=1; + break; + case BIO_CTRL_GET_CLOSE: + case BIO_CTRL_INFO: + case BIO_CTRL_GET: + case BIO_CTRL_PENDING: + case BIO_CTRL_WPENDING: + default: + ret=0; + break; + } + return(ret); + } + +static int null_gets(bp,buf,size) +BIO *bp; +char *buf; +int size; + { + return(0); + } + +static int null_puts(bp,str) +BIO *bp; +char *str; + { + if (str == NULL) return(0); + return(strlen(str)); + } + diff --git a/src/lib/libcrypto/bio/bss_sock.c b/src/lib/libcrypto/bio/bss_sock.c new file mode 100644 index 0000000000..d907a2867b --- /dev/null +++ b/src/lib/libcrypto/bio/bss_sock.c @@ -0,0 +1,461 @@ +/* crypto/bio/bss_sock.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#if !defined(NO_SOCK) || defined(BIO_FD) + +#include +#include +#define USE_SOCKETS +#include "cryptlib.h" +#include "bio.h" + +#ifndef BIO_FD +#ifndef NOPROTO +static int sock_write(BIO *h,char *buf,int num); +static int sock_read(BIO *h,char *buf,int size); +static int sock_puts(BIO *h,char *str); +static long sock_ctrl(BIO *h,int cmd,long arg1,char *arg2); +static int sock_new(BIO *h); +static int sock_free(BIO *data); +int BIO_sock_should_retry(int s); +#else +static int sock_write(); +static int sock_read(); +static int sock_puts(); +static long sock_ctrl(); +static int sock_new(); +static int sock_free(); +int BIO_sock_should_retry(); +#endif + +#else + +#ifndef NOPROTO +static int fd_write(BIO *h,char *buf,int num); +static int fd_read(BIO *h,char *buf,int size); +static int fd_puts(BIO *h,char *str); +static long fd_ctrl(BIO *h,int cmd,long arg1,char *arg2); +static int fd_new(BIO *h); +static int fd_free(BIO *data); +int BIO_fd_should_retry(int s); +#else +static int fd_write(); +static int fd_read(); +static int fd_puts(); +static long fd_ctrl(); +static int fd_new(); +static int fd_free(); +int BIO_fd_should_retry(); +#endif +#endif + +#ifndef BIO_FD +static BIO_METHOD methods_sockp= + { + BIO_TYPE_SOCKET, + "socket", + sock_write, + sock_read, + sock_puts, + NULL, /* sock_gets, */ + sock_ctrl, + sock_new, + sock_free, + }; + +BIO_METHOD *BIO_s_socket() + { + return(&methods_sockp); + } +#else +static BIO_METHOD methods_fdp= + { + BIO_TYPE_FD,"file descriptor", + fd_write, + fd_read, + fd_puts, + NULL, /* fd_gets, */ + fd_ctrl, + fd_new, + fd_free, + }; + +BIO_METHOD *BIO_s_fd() + { + return(&methods_fdp); + } +#endif + +#ifndef BIO_FD +BIO *BIO_new_socket(fd,close_flag) +#else +BIO *BIO_new_fd(fd,close_flag) +#endif +int fd; +int close_flag; + { + BIO *ret; + +#ifndef BIO_FD + ret=BIO_new(BIO_s_socket()); +#else + ret=BIO_new(BIO_s_fd()); +#endif + if (ret == NULL) return(NULL); + BIO_set_fd(ret,fd,close_flag); + return(ret); + } + +#ifndef BIO_FD +static int sock_new(bi) +#else +static int fd_new(bi) +#endif +BIO *bi; + { + bi->init=0; + bi->num=0; + bi->ptr=NULL; + bi->flags=0; + return(1); + } + +#ifndef BIO_FD +static int sock_free(a) +#else +static int fd_free(a) +#endif +BIO *a; + { + if (a == NULL) return(0); + if (a->shutdown) + { + if (a->init) + { +#ifndef BIO_FD + shutdown(a->num,2); +# ifdef WINDOWS + closesocket(a->num); +# else + close(a->num); +# endif +#else /* BIO_FD */ + close(a->num); +#endif + + } + a->init=0; + a->flags=0; + } + return(1); + } + +#ifndef BIO_FD +static int sock_read(b,out,outl) +#else +static int fd_read(b,out,outl) +#endif +BIO *b; +char *out; +int outl; + { + int ret=0; + + if (out != NULL) + { +#if defined(WINDOWS) && !defined(BIO_FD) + clear_socket_error(); + ret=recv(b->num,out,outl,0); +#else + clear_sys_error(); + ret=read(b->num,out,outl); +#endif + BIO_clear_retry_flags(b); + if (ret <= 0) + { +#ifndef BIO_FD + if (BIO_sock_should_retry(ret)) +#else + if (BIO_fd_should_retry(ret)) +#endif + BIO_set_retry_read(b); + } + } + return(ret); + } + +#ifndef BIO_FD +static int sock_write(b,in,inl) +#else +static int fd_write(b,in,inl) +#endif +BIO *b; +char *in; +int inl; + { + int ret; + +#if defined(WINDOWS) && !defined(BIO_FD) + clear_socket_error(); + ret=send(b->num,in,inl,0); +#else + clear_sys_error(); + ret=write(b->num,in,inl); +#endif + BIO_clear_retry_flags(b); + if (ret <= 0) + { +#ifndef BIO_FD + if (BIO_sock_should_retry(ret)) +#else + if (BIO_fd_should_retry(ret)) +#endif + BIO_set_retry_write(b); + } + return(ret); + } + +#ifndef BIO_FD +static long sock_ctrl(b,cmd,num,ptr) +#else +static long fd_ctrl(b,cmd,num,ptr) +#endif +BIO *b; +int cmd; +long num; +char *ptr; + { + long ret=1; + int *ip; + + switch (cmd) + { + case BIO_CTRL_RESET: +#ifdef BIO_FD + ret=(long)lseek(b->num,0,0); +#else + ret=0; +#endif + break; + case BIO_CTRL_INFO: + ret=0; + break; + case BIO_C_SET_FD: +#ifndef BIO_FD + sock_free(b); +#else + fd_free(b); +#endif + b->num= *((int *)ptr); + b->shutdown=(int)num; + b->init=1; + break; + case BIO_C_GET_FD: + if (b->init) + { + ip=(int *)ptr; + if (ip != NULL) *ip=b->num; + ret=b->num; + } + else + ret= -1; + break; + case BIO_CTRL_GET_CLOSE: + ret=b->shutdown; + break; + case BIO_CTRL_SET_CLOSE: + b->shutdown=(int)num; + break; + case BIO_CTRL_PENDING: + case BIO_CTRL_WPENDING: + ret=0; + break; + case BIO_CTRL_DUP: + case BIO_CTRL_FLUSH: + ret=1; + break; + break; + default: + ret=0; + break; + } + return(ret); + } + +#ifdef undef +static int sock_gets(bp,buf,size) +BIO *bp; +char *buf; +int size; + { + return(-1); + } +#endif + +#ifndef BIO_FD +static int sock_puts(bp,str) +#else +static int fd_puts(bp,str) +#endif +BIO *bp; +char *str; + { + int n,ret; + + n=strlen(str); +#ifndef BIO_FD + ret=sock_write(bp,str,n); +#else + ret=fd_write(bp,str,n); +#endif + return(ret); + } + +#ifndef BIO_FD +int BIO_sock_should_retry(i) +#else +int BIO_fd_should_retry(i) +#endif +int i; + { + int err; + + if ((i == 0) || (i == -1)) + { +#if !defined(BIO_FD) && defined(WINDOWS) + err=get_last_socket_error(); +#else + err=get_last_sys_error(); +#endif + +#if defined(WINDOWS) /* more microsoft stupidity */ + if ((i == -1) && (err == 0)) + return(1); +#endif + +#ifndef BIO_FD + return(BIO_sock_non_fatal_error(err)); +#else + return(BIO_fd_non_fatal_error(err)); +#endif + } + return(0); + } + +#ifndef BIO_FD +int BIO_sock_non_fatal_error(err) +#else +int BIO_fd_non_fatal_error(err) +#endif +int err; + { + switch (err) + { +#if !defined(BIO_FD) && defined(WINDOWS) +# if defined(WSAEWOULDBLOCK) + case WSAEWOULDBLOCK: +# endif + +# if defined(WSAENOTCONN) + case WSAENOTCONN: +# endif +#endif + +#ifdef EWOULDBLOCK +# ifdef WSAEWOULDBLOCK +# if WSAEWOULDBLOCK != EWOULDBLOCK + case EWOULDBLOCK: +# endif +# else + case EWOULDBLOCK: +# endif +#endif + +#if defined(ENOTCONN) + case ENOTCONN: +#endif + +#ifdef EINTR + case EINTR: +#endif + +#ifdef EAGAIN +#if EWOULDBLOCK != EAGAIN + case EAGAIN: +# endif +#endif + +#ifdef EPROTO + case EPROTO: +#endif + +#ifdef EINPROGRESS + case EINPROGRESS: +#endif + +#ifdef EALREADY + case EALREADY: +#endif + return(1); + break; + default: + break; + } + return(0); + } +#endif diff --git a/src/lib/libcrypto/bn/asm/bn-586.pl b/src/lib/libcrypto/bn/asm/bn-586.pl new file mode 100644 index 0000000000..19d425ee96 --- /dev/null +++ b/src/lib/libcrypto/bn/asm/bn-586.pl @@ -0,0 +1,314 @@ +#!/usr/bin/perl +# + +#!/usr/local/bin/perl + +push(@INC,"perlasm","../../perlasm"); +require "x86asm.pl"; + +&asm_init($ARGV[0],"bn-586.pl"); + +&bn_mul_add_words("bn_mul_add_words"); +&bn_mul_words("bn_mul_words"); +&bn_sqr_words("bn_sqr_words"); +&bn_div64("bn_div64"); +&bn_add_words("bn_add_words"); + +&asm_finish(); + +sub bn_mul_add_words + { + local($name)=@_; + + &function_begin($name,""); + + &comment(""); + $Low="eax"; + $High="edx"; + $a="ebx"; + $w="ebp"; + $r="edi"; + $c="esi"; + + &xor($c,$c); # clear carry + &mov($r,&wparam(0)); # + + &mov("ecx",&wparam(2)); # + &mov($a,&wparam(1)); # + + &and("ecx",0xfffffff8); # num / 8 + &mov($w,&wparam(3)); # + + &push("ecx"); # Up the stack for a tmp variable + + &jz(&label("maw_finish")); + + &set_label("maw_loop",0); + + &mov(&swtmp(0),"ecx"); # + + for ($i=0; $i<32; $i+=4) + { + &comment("Round $i"); + + &mov("eax",&DWP($i,$a,"",0)); # *a + &mul($w); # *a * w + &add("eax",$c); # L(t)+= *r + &mov($c,&DWP($i,$r,"",0)); # L(t)+= *r + &adc("edx",0); # H(t)+=carry + &add("eax",$c); # L(t)+=c + &adc("edx",0); # H(t)+=carry + &mov(&DWP($i,$r,"",0),"eax"); # *r= L(t); + &mov($c,"edx"); # c= H(t); + } + + &comment(""); + &mov("ecx",&swtmp(0)); # + &add($a,32); + &add($r,32); + &sub("ecx",8); + &jnz(&label("maw_loop")); + + &set_label("maw_finish",0); + &mov("ecx",&wparam(2)); # get num + &and("ecx",7); + &jnz(&label("maw_finish2")); # helps branch prediction + &jmp(&label("maw_end")); + + &set_label("maw_finish2",1); + for ($i=0; $i<7; $i++) + { + &comment("Tail Round $i"); + &mov("eax",&DWP($i*4,$a,"",0));# *a + &mul($w); # *a * w + &add("eax",$c); # L(t)+=c + &mov($c,&DWP($i*4,$r,"",0)); # L(t)+= *r + &adc("edx",0); # H(t)+=carry + &add("eax",$c); + &adc("edx",0); # H(t)+=carry + &dec("ecx") if ($i != 7-1); + &mov(&DWP($i*4,$r,"",0),"eax"); # *r= L(t); + &mov($c,"edx"); # c= H(t); + &jz(&label("maw_end")) if ($i != 7-1); + } + &set_label("maw_end",0); + &mov("eax",$c); + + &pop("ecx"); # clear variable from + + &function_end($name); + } + +sub bn_mul_words + { + local($name)=@_; + + &function_begin($name,""); + + &comment(""); + $Low="eax"; + $High="edx"; + $a="ebx"; + $w="ecx"; + $r="edi"; + $c="esi"; + $num="ebp"; + + &xor($c,$c); # clear carry + &mov($r,&wparam(0)); # + &mov($a,&wparam(1)); # + &mov($num,&wparam(2)); # + &mov($w,&wparam(3)); # + + &and($num,0xfffffff8); # num / 8 + &jz(&label("mw_finish")); + + &set_label("mw_loop",0); + for ($i=0; $i<32; $i+=4) + { + &comment("Round $i"); + + &mov("eax",&DWP($i,$a,"",0)); # *a + &mul($w); # *a * w + &add("eax",$c); # L(t)+=c + # XXX + + &adc("edx",0); # H(t)+=carry + &mov(&DWP($i,$r,"",0),"eax"); # *r= L(t); + + &mov($c,"edx"); # c= H(t); + } + + &comment(""); + &add($a,32); + &add($r,32); + &sub($num,8); + &jz(&label("mw_finish")); + &jmp(&label("mw_loop")); + + &set_label("mw_finish",0); + &mov($num,&wparam(2)); # get num + &and($num,7); + &jnz(&label("mw_finish2")); + &jmp(&label("mw_end")); + + &set_label("mw_finish2",1); + for ($i=0; $i<7; $i++) + { + &comment("Tail Round $i"); + &mov("eax",&DWP($i*4,$a,"",0));# *a + &mul($w); # *a * w + &add("eax",$c); # L(t)+=c + # XXX + &adc("edx",0); # H(t)+=carry + &mov(&DWP($i*4,$r,"",0),"eax");# *r= L(t); + &mov($c,"edx"); # c= H(t); + &dec($num) if ($i != 7-1); + &jz(&label("mw_end")) if ($i != 7-1); + } + &set_label("mw_end",0); + &mov("eax",$c); + + &function_end($name); + } + +sub bn_sqr_words + { + local($name)=@_; + + &function_begin($name,""); + + &comment(""); + $r="esi"; + $a="edi"; + $num="ebx"; + + &mov($r,&wparam(0)); # + &mov($a,&wparam(1)); # + &mov($num,&wparam(2)); # + + &and($num,0xfffffff8); # num / 8 + &jz(&label("sw_finish")); + + &set_label("sw_loop",0); + for ($i=0; $i<32; $i+=4) + { + &comment("Round $i"); + &mov("eax",&DWP($i,$a,"",0)); # *a + # XXX + &mul("eax"); # *a * *a + &mov(&DWP($i*2,$r,"",0),"eax"); # + &mov(&DWP($i*2+4,$r,"",0),"edx");# + } + + &comment(""); + &add($a,32); + &add($r,64); + &sub($num,8); + &jnz(&label("sw_loop")); + + &set_label("sw_finish",0); + &mov($num,&wparam(2)); # get num + &and($num,7); + &jz(&label("sw_end")); + + for ($i=0; $i<7; $i++) + { + &comment("Tail Round $i"); + &mov("eax",&DWP($i*4,$a,"",0)); # *a + # XXX + &mul("eax"); # *a * *a + &mov(&DWP($i*8,$r,"",0),"eax"); # + &dec($num) if ($i != 7-1); + &mov(&DWP($i*8+4,$r,"",0),"edx"); + &jz(&label("sw_end")) if ($i != 7-1); + } + &set_label("sw_end",0); + + &function_end($name); + } + +sub bn_div64 + { + local($name)=@_; + + &function_begin($name,""); + &mov("edx",&wparam(0)); # + &mov("eax",&wparam(1)); # + &mov("ebx",&wparam(2)); # + &div("ebx"); + &function_end($name); + } + +sub bn_add_words + { + local($name)=@_; + + &function_begin($name,""); + + &comment(""); + $a="esi"; + $b="edi"; + $c="eax"; + $r="ebx"; + $tmp1="ecx"; + $tmp2="edx"; + $num="ebp"; + + &mov($r,&wparam(0)); # get r + &mov($a,&wparam(1)); # get a + &mov($b,&wparam(2)); # get b + &mov($num,&wparam(3)); # get num + &xor($c,$c); # clear carry + &and($num,0xfffffff8); # num / 8 + + &jz(&label("aw_finish")); + + &set_label("aw_loop",0); + for ($i=0; $i<8; $i++) + { + &comment("Round $i"); + + &mov($tmp1,&DWP($i*4,$a,"",0)); # *a + &mov($tmp2,&DWP($i*4,$b,"",0)); # *b + &add($tmp1,$c); + &mov($c,0); + &adc($c,$c); + &add($tmp1,$tmp2); + &adc($c,0); + &mov(&DWP($i*4,$r,"",0),$tmp1); # *r + } + + &comment(""); + &add($a,32); + &add($b,32); + &add($r,32); + &sub($num,8); + &jnz(&label("aw_loop")); + + &set_label("aw_finish",0); + &mov($num,&wparam(3)); # get num + &and($num,7); + &jz(&label("aw_end")); + + for ($i=0; $i<7; $i++) + { + &comment("Tail Round $i"); + &mov($tmp1,&DWP($i*4,$a,"",0)); # *a + &mov($tmp2,&DWP($i*4,$b,"",0));# *b + &add($tmp1,$c); + &mov($c,0); + &adc($c,$c); + &add($tmp1,$tmp2); + &adc($c,0); + &dec($num) if ($i != 6); + &mov(&DWP($i*4,$r,"",0),$tmp1); # *a + &jz(&label("aw_end")) if ($i != 6); + } + &set_label("aw_end",0); + + &mov("eax",$c); + + &function_end($name); + } + diff --git a/src/lib/libcrypto/bn/asm/pa-risc2.s b/src/lib/libcrypto/bn/asm/pa-risc2.s new file mode 100644 index 0000000000..c2725996a4 --- /dev/null +++ b/src/lib/libcrypto/bn/asm/pa-risc2.s @@ -0,0 +1,416 @@ + .SPACE $PRIVATE$ + .SUBSPA $DATA$,QUAD=1,ALIGN=8,ACCESS=31 + .SUBSPA $BSS$,QUAD=1,ALIGN=8,ACCESS=31,ZERO,SORT=82 + .SPACE $TEXT$ + .SUBSPA $LIT$,QUAD=0,ALIGN=8,ACCESS=44 + .SUBSPA $CODE$,QUAD=0,ALIGN=8,ACCESS=44,CODE_ONLY + .IMPORT $global$,DATA + .IMPORT $$dyncall,MILLICODE +; gcc_compiled.: + .SPACE $TEXT$ + .SUBSPA $CODE$ + + .align 4 + .EXPORT bn_mul_add_words,ENTRY,PRIV_LEV=3,ARGW0=GR,ARGW1=GR,ARGW2=GR,ARGW3=GR,RTNVAL=GR +bn_mul_add_words + .PROC + .CALLINFO FRAME=64,CALLS,SAVE_RP,ENTRY_GR=4 + .ENTRY + stw %r2,-20(0,%r30) + stwm %r4,64(0,%r30) + copy %r24,%r31 + stw %r3,-60(0,%r30) + ldi 0,%r20 + ldo 12(%r26),%r2 + stw %r23,-16(0,%r30) + copy %r25,%r3 + ldo 12(%r3),%r1 + fldws -16(0,%r30),%fr8L +L$0010 + copy %r20,%r25 + ldi 0,%r24 + fldws 0(0,%r3),%fr9L + ldw 0(0,%r26),%r19 + xmpyu %fr8L,%fr9L,%fr9 + fstds %fr9,-16(0,%r30) + copy %r19,%r23 + ldw -16(0,%r30),%r28 + ldw -12(0,%r30),%r29 + ldi 0,%r22 + add %r23,%r29,%r29 + addc %r22,%r28,%r28 + add %r25,%r29,%r29 + addc %r24,%r28,%r28 + copy %r28,%r21 + ldi 0,%r20 + copy %r21,%r20 + addib,= -1,%r31,L$0011 + stw %r29,0(0,%r26) + copy %r20,%r25 + ldi 0,%r24 + fldws -8(0,%r1),%fr9L + ldw -8(0,%r2),%r19 + xmpyu %fr8L,%fr9L,%fr9 + fstds %fr9,-16(0,%r30) + copy %r19,%r23 + ldw -16(0,%r30),%r28 + ldw -12(0,%r30),%r29 + ldi 0,%r22 + add %r23,%r29,%r29 + addc %r22,%r28,%r28 + add %r25,%r29,%r29 + addc %r24,%r28,%r28 + copy %r28,%r21 + ldi 0,%r20 + copy %r21,%r20 + addib,= -1,%r31,L$0011 + stw %r29,-8(0,%r2) + copy %r20,%r25 + ldi 0,%r24 + fldws -4(0,%r1),%fr9L + ldw -4(0,%r2),%r19 + xmpyu %fr8L,%fr9L,%fr9 + fstds %fr9,-16(0,%r30) + copy %r19,%r23 + ldw -16(0,%r30),%r28 + ldw -12(0,%r30),%r29 + ldi 0,%r22 + add %r23,%r29,%r29 + addc %r22,%r28,%r28 + add %r25,%r29,%r29 + addc %r24,%r28,%r28 + copy %r28,%r21 + ldi 0,%r20 + copy %r21,%r20 + addib,= -1,%r31,L$0011 + stw %r29,-4(0,%r2) + copy %r20,%r25 + ldi 0,%r24 + fldws 0(0,%r1),%fr9L + ldw 0(0,%r2),%r19 + xmpyu %fr8L,%fr9L,%fr9 + fstds %fr9,-16(0,%r30) + copy %r19,%r23 + ldw -16(0,%r30),%r28 + ldw -12(0,%r30),%r29 + ldi 0,%r22 + add %r23,%r29,%r29 + addc %r22,%r28,%r28 + add %r25,%r29,%r29 + addc %r24,%r28,%r28 + copy %r28,%r21 + ldi 0,%r20 + copy %r21,%r20 + addib,= -1,%r31,L$0011 + stw %r29,0(0,%r2) + ldo 16(%r1),%r1 + ldo 16(%r3),%r3 + ldo 16(%r2),%r2 + bl L$0010,0 + ldo 16(%r26),%r26 +L$0011 + copy %r20,%r28 + ldw -84(0,%r30),%r2 + ldw -60(0,%r30),%r3 + bv 0(%r2) + ldwm -64(0,%r30),%r4 + .EXIT + .PROCEND + .align 4 + .EXPORT bn_mul_words,ENTRY,PRIV_LEV=3,ARGW0=GR,ARGW1=GR,ARGW2=GR,ARGW3=GR,RTNVAL=GR +bn_mul_words + .PROC + .CALLINFO FRAME=64,CALLS,SAVE_RP,ENTRY_GR=3 + .ENTRY + stw %r2,-20(0,%r30) + copy %r25,%r2 + stwm %r4,64(0,%r30) + copy %r24,%r19 + ldi 0,%r28 + stw %r23,-16(0,%r30) + ldo 12(%r26),%r31 + ldo 12(%r2),%r29 + fldws -16(0,%r30),%fr8L +L$0026 + fldws 0(0,%r2),%fr9L + xmpyu %fr8L,%fr9L,%fr9 + fstds %fr9,-16(0,%r30) + copy %r28,%r21 + ldi 0,%r20 + ldw -16(0,%r30),%r24 + ldw -12(0,%r30),%r25 + add %r21,%r25,%r25 + addc %r20,%r24,%r24 + copy %r24,%r23 + ldi 0,%r22 + copy %r23,%r28 + addib,= -1,%r19,L$0027 + stw %r25,0(0,%r26) + fldws -8(0,%r29),%fr9L + xmpyu %fr8L,%fr9L,%fr9 + fstds %fr9,-16(0,%r30) + copy %r28,%r21 + ldi 0,%r20 + ldw -16(0,%r30),%r24 + ldw -12(0,%r30),%r25 + add %r21,%r25,%r25 + addc %r20,%r24,%r24 + copy %r24,%r23 + ldi 0,%r22 + copy %r23,%r28 + addib,= -1,%r19,L$0027 + stw %r25,-8(0,%r31) + fldws -4(0,%r29),%fr9L + xmpyu %fr8L,%fr9L,%fr9 + fstds %fr9,-16(0,%r30) + copy %r28,%r21 + ldi 0,%r20 + ldw -16(0,%r30),%r24 + ldw -12(0,%r30),%r25 + add %r21,%r25,%r25 + addc %r20,%r24,%r24 + copy %r24,%r23 + ldi 0,%r22 + copy %r23,%r28 + addib,= -1,%r19,L$0027 + stw %r25,-4(0,%r31) + fldws 0(0,%r29),%fr9L + xmpyu %fr8L,%fr9L,%fr9 + fstds %fr9,-16(0,%r30) + copy %r28,%r21 + ldi 0,%r20 + ldw -16(0,%r30),%r24 + ldw -12(0,%r30),%r25 + add %r21,%r25,%r25 + addc %r20,%r24,%r24 + copy %r24,%r23 + ldi 0,%r22 + copy %r23,%r28 + addib,= -1,%r19,L$0027 + stw %r25,0(0,%r31) + ldo 16(%r29),%r29 + ldo 16(%r2),%r2 + ldo 16(%r31),%r31 + bl L$0026,0 + ldo 16(%r26),%r26 +L$0027 + ldw -84(0,%r30),%r2 + bv 0(%r2) + ldwm -64(0,%r30),%r4 + .EXIT + .PROCEND + .align 4 + .EXPORT bn_sqr_words,ENTRY,PRIV_LEV=3,ARGW0=GR,ARGW1=GR,ARGW2=GR +bn_sqr_words + .PROC + .CALLINFO FRAME=0,NO_CALLS + .ENTRY + ldo 28(%r26),%r19 + ldo 12(%r25),%r28 +L$0042 + fldws 0(0,%r25),%fr8L + fldws 0(0,%r25),%fr8R + xmpyu %fr8L,%fr8R,%fr8 + fstds %fr8,-16(0,%r30) + ldw -16(0,%r30),%r22 + ldw -12(0,%r30),%r23 + stw %r23,0(0,%r26) + copy %r22,%r21 + ldi 0,%r20 + addib,= -1,%r24,L$0049 + stw %r21,-24(0,%r19) + fldws -8(0,%r28),%fr8L + fldws -8(0,%r28),%fr8R + xmpyu %fr8L,%fr8R,%fr8 + fstds %fr8,-16(0,%r30) + ldw -16(0,%r30),%r22 + ldw -12(0,%r30),%r23 + stw %r23,-20(0,%r19) + copy %r22,%r21 + ldi 0,%r20 + addib,= -1,%r24,L$0049 + stw %r21,-16(0,%r19) + fldws -4(0,%r28),%fr8L + fldws -4(0,%r28),%fr8R + xmpyu %fr8L,%fr8R,%fr8 + fstds %fr8,-16(0,%r30) + ldw -16(0,%r30),%r22 + ldw -12(0,%r30),%r23 + stw %r23,-12(0,%r19) + copy %r22,%r21 + ldi 0,%r20 + addib,= -1,%r24,L$0049 + stw %r21,-8(0,%r19) + fldws 0(0,%r28),%fr8L + fldws 0(0,%r28),%fr8R + xmpyu %fr8L,%fr8R,%fr8 + fstds %fr8,-16(0,%r30) + ldw -16(0,%r30),%r22 + ldw -12(0,%r30),%r23 + stw %r23,-4(0,%r19) + copy %r22,%r21 + ldi 0,%r20 + addib,= -1,%r24,L$0049 + stw %r21,0(0,%r19) + ldo 16(%r28),%r28 + ldo 16(%r25),%r25 + ldo 32(%r19),%r19 + bl L$0042,0 + ldo 32(%r26),%r26 +L$0049 + bv,n 0(%r2) + .EXIT + .PROCEND + .IMPORT BN_num_bits_word,CODE + .IMPORT fprintf,CODE + .IMPORT __iob,DATA + .SPACE $TEXT$ + .SUBSPA $LIT$ + + .align 4 +L$C0000 + .STRING "Division would overflow (%d)\x0a\x00" + .IMPORT abort,CODE + .SPACE $TEXT$ + .SUBSPA $CODE$ + + .align 4 + .EXPORT bn_div64,ENTRY,PRIV_LEV=3,ARGW0=GR,ARGW1=GR,ARGW2=GR,RTNVAL=GR +bn_div64 + .PROC + .CALLINFO FRAME=128,CALLS,SAVE_RP,ENTRY_GR=8 + .ENTRY + stw %r2,-20(0,%r30) + stwm %r8,128(0,%r30) + stw %r7,-124(0,%r30) + stw %r4,-112(0,%r30) + stw %r3,-108(0,%r30) + copy %r26,%r3 + copy %r25,%r4 + stw %r6,-120(0,%r30) + ldi 0,%r7 + stw %r5,-116(0,%r30) + movb,<> %r24,%r5,L$0051 + ldi 2,%r6 + bl L$0068,0 + ldi -1,%r28 +L$0051 + .CALL ARGW0=GR + bl BN_num_bits_word,%r2 + copy %r5,%r26 + copy %r28,%r24 + ldi 32,%r19 + comb,= %r19,%r24,L$0052 + subi 31,%r24,%r19 + mtsar %r19 + zvdepi 1,32,%r19 + comb,>>= %r19,%r3,L$0052 + addil LR'__iob-$global$+32,%r27 + ldo RR'__iob-$global$+32(%r1),%r26 + ldil LR'L$C0000,%r25 + .CALL ARGW0=GR,ARGW1=GR,ARGW2=GR + bl fprintf,%r2 + ldo RR'L$C0000(%r25),%r25 + .CALL + bl abort,%r2 + nop +L$0052 + comb,>> %r5,%r3,L$0053 + subi 32,%r24,%r24 + sub %r3,%r5,%r3 +L$0053 + comib,= 0,%r24,L$0054 + subi 31,%r24,%r19 + mtsar %r19 + zvdep %r5,32,%r5 + zvdep %r3,32,%r21 + subi 32,%r24,%r20 + mtsar %r20 + vshd 0,%r4,%r20 + or %r21,%r20,%r3 + mtsar %r19 + zvdep %r4,32,%r4 +L$0054 + extru %r5,15,16,%r23 + extru %r5,31,16,%r28 +L$0055 + extru %r3,15,16,%r19 + comb,<> %r23,%r19,L$0058 + copy %r3,%r26 + bl L$0059,0 + zdepi -1,31,16,%r29 +L$0058 + .IMPORT $$divU,MILLICODE + bl $$divU,%r31 + copy %r23,%r25 +L$0059 + stw %r29,-16(0,%r30) + fldws -16(0,%r30),%fr10L + stw %r28,-16(0,%r30) + fldws -16(0,%r30),%fr10R + stw %r23,-16(0,%r30) + xmpyu %fr10L,%fr10R,%fr8 + fldws -16(0,%r30),%fr10R + fstws %fr8R,-16(0,%r30) + xmpyu %fr10L,%fr10R,%fr9 + ldw -16(0,%r30),%r8 + fstws %fr9R,-16(0,%r30) + copy %r8,%r22 + ldw -16(0,%r30),%r8 + extru %r4,15,16,%r24 + copy %r8,%r21 +L$0060 + sub %r3,%r21,%r20 + copy %r20,%r19 + depi 0,31,16,%r19 + comib,<> 0,%r19,L$0061 + zdep %r20,15,16,%r19 + addl %r19,%r24,%r19 + comb,>>= %r19,%r22,L$0061 + sub %r22,%r28,%r22 + sub %r21,%r23,%r21 + bl L$0060,0 + ldo -1(%r29),%r29 +L$0061 + stw %r29,-16(0,%r30) + fldws -16(0,%r30),%fr10L + stw %r28,-16(0,%r30) + fldws -16(0,%r30),%fr10R + xmpyu %fr10L,%fr10R,%fr8 + fstws %fr8R,-16(0,%r30) + ldw -16(0,%r30),%r8 + stw %r23,-16(0,%r30) + fldws -16(0,%r30),%fr10R + copy %r8,%r19 + xmpyu %fr10L,%fr10R,%fr8 + fstws %fr8R,-16(0,%r30) + extru %r19,15,16,%r20 + ldw -16(0,%r30),%r8 + zdep %r19,15,16,%r19 + addl %r8,%r20,%r20 + comclr,<<= %r19,%r4,0 + addi 1,%r20,%r20 + comb,<<= %r20,%r3,L$0066 + sub %r4,%r19,%r4 + addl %r3,%r5,%r3 + ldo -1(%r29),%r29 +L$0066 + addib,= -1,%r6,L$0056 + sub %r3,%r20,%r3 + zdep %r29,15,16,%r7 + shd %r3,%r4,16,%r3 + bl L$0055,0 + zdep %r4,15,16,%r4 +L$0056 + or %r7,%r29,%r28 +L$0068 + ldw -148(0,%r30),%r2 + ldw -124(0,%r30),%r7 + ldw -120(0,%r30),%r6 + ldw -116(0,%r30),%r5 + ldw -112(0,%r30),%r4 + ldw -108(0,%r30),%r3 + bv 0(%r2) + ldwm -128(0,%r30),%r8 + .EXIT + .PROCEND diff --git a/src/lib/libcrypto/bn/bn_add.c b/src/lib/libcrypto/bn/bn_add.c new file mode 100644 index 0000000000..efb2e312e8 --- /dev/null +++ b/src/lib/libcrypto/bn/bn_add.c @@ -0,0 +1,167 @@ +/* crypto/bn/bn_add.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include +#include "cryptlib.h" +#include "bn_lcl.h" + +/* r can == a or b */ +int BN_add(r, a, b) +BIGNUM *r; +BIGNUM *a; +BIGNUM *b; + { + int i; + BIGNUM *tmp; + + /* a + b a+b + * a + -b a-b + * -a + b b-a + * -a + -b -(a+b) + */ + if (a->neg ^ b->neg) + { + /* only one is negative */ + if (a->neg) + { tmp=a; a=b; b=tmp; } + + /* we are now a - b */ + + if (BN_ucmp(a,b) < 0) + { + if (bn_wexpand(r,b->top) == NULL) return(0); + bn_qsub(r,b,a); + r->neg=1; + } + else + { + if (bn_wexpand(r,a->top) == NULL) return(0); + bn_qsub(r,a,b); + r->neg=0; + } + return(1); + } + + if (a->neg) /* both are neg */ + r->neg=1; + else + r->neg=0; + + i=(a->top > b->top); + + if (i) + { + if (bn_wexpand(r,a->top+1) == NULL) return(0); + bn_qadd(r,a,b); + } + else + { + if (bn_wexpand(r,b->top+1) == NULL) return(0); + bn_qadd(r,b,a); + } + return(1); + } + +/* unsigned add of b to a, r must be large enough */ +void bn_qadd(r,a,b) +BIGNUM *r; +BIGNUM *a; +BIGNUM *b; + { + register int i; + int max,min; + BN_ULONG *ap,*bp,*rp,carry,t1; + + max=a->top; + min=b->top; + r->top=max; + + ap=a->d; + bp=b->d; + rp=r->d; + carry=0; + + carry=bn_add_words(rp,ap,bp,min); + rp+=min; + ap+=min; + bp+=min; + i=min; + + if (carry) + { + while (i < max) + { + i++; + t1= *(ap++); + if ((*(rp++)=(t1+1)&BN_MASK2) >= t1) + { + carry=0; + break; + } + } + if ((i >= max) && carry) + { + *(rp++)=1; + r->top++; + } + } + for (; i +#include "cryptlib.h" +#include "bn_lcl.h" + +BN_BLINDING *BN_BLINDING_new(A,Ai,mod) +BIGNUM *A; +BIGNUM *Ai; +BIGNUM *mod; + { + BN_BLINDING *ret=NULL; + + if ((ret=(BN_BLINDING *)Malloc(sizeof(BN_BLINDING))) == NULL) + BNerr(BN_F_BN_BLINDING_NEW,ERR_R_MALLOC_FAILURE); + memset(ret,0,sizeof(BN_BLINDING)); + if ((ret->A=BN_new()) == NULL) goto err; + if ((ret->Ai=BN_new()) == NULL) goto err; + if (!BN_copy(ret->A,A)) goto err; + if (!BN_copy(ret->Ai,Ai)) goto err; + ret->mod=mod; + return(ret); +err: + if (ret != NULL) BN_BLINDING_free(ret); + return(ret); + } + +void BN_BLINDING_free(r) +BN_BLINDING *r; + { + if (r->A != NULL) BN_free(r->A ); + if (r->Ai != NULL) BN_free(r->Ai); + Free(r); + } + +int BN_BLINDING_update(b,ctx) +BN_BLINDING *b; +BN_CTX *ctx; + { + int ret=0; + + if ((b->A == NULL) || (b->Ai == NULL)) + { + BNerr(BN_F_BN_BLINDING_UPDATE,BN_R_NOT_INITALISED); + goto err; + } + + if (!BN_mod_mul(b->A,b->A,b->A,b->mod,ctx)) goto err; + if (!BN_mod_mul(b->Ai,b->Ai,b->Ai,b->mod,ctx)) goto err; + + ret=1; +err: + return(ret); + } + +int BN_BLINDING_convert(n,b,ctx) +BIGNUM *n; +BN_BLINDING *b; +BN_CTX *ctx; + { + if ((b->A == NULL) || (b->Ai == NULL)) + { + BNerr(BN_F_BN_BLINDING_CONVERT,BN_R_NOT_INITALISED); + return(0); + } + return(BN_mod_mul(n,n,b->A,b->mod,ctx)); + } + +int BN_BLINDING_invert(n,b,ctx) +BIGNUM *n; +BN_BLINDING *b; +BN_CTX *ctx; + { + int ret; + if ((b->A == NULL) || (b->Ai == NULL)) + { + BNerr(BN_F_BN_BLINDING_INVERT,BN_R_NOT_INITALISED); + return(0); + } + if ((ret=BN_mod_mul(n,n,b->Ai,b->mod,ctx)) >= 0) + { + if (!BN_BLINDING_update(b,ctx)) + return(0); + } + return(ret); + } + diff --git a/src/lib/libcrypto/bn/bn_div.c b/src/lib/libcrypto/bn/bn_div.c new file mode 100644 index 0000000000..2263bdc7da --- /dev/null +++ b/src/lib/libcrypto/bn/bn_div.c @@ -0,0 +1,286 @@ +/* crypto/bn/bn_div.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include +#include "cryptlib.h" +#include "bn_lcl.h" + +/* The old slow way */ +#if 0 +int BN_div(dv, rem, m, d,ctx) +BIGNUM *dv; +BIGNUM *rem; +BIGNUM *m; +BIGNUM *d; +BN_CTX *ctx; + { + int i,nm,nd; + BIGNUM *D; + + if (BN_is_zero(d)) + { + BNerr(BN_F_BN_DIV,BN_R_DIV_BY_ZERO); + return(0); + } + + if (BN_ucmp(m,d) < 0) + { + if (rem != NULL) + { if (BN_copy(rem,m) == NULL) return(0); } + if (dv != NULL) BN_zero(dv); + return(1); + } + + D=ctx->bn[ctx->tos]; + if (dv == NULL) dv=ctx->bn[ctx->tos+1]; + if (rem == NULL) rem=ctx->bn[ctx->tos+2]; + + nd=BN_num_bits(d); + nm=BN_num_bits(m); + if (BN_copy(D,d) == NULL) return(0); + if (BN_copy(rem,m) == NULL) return(0); + + /* The next 2 are needed so we can do a dv->d[0]|=1 later + * since BN_lshift1 will only work once there is a value :-) */ + BN_zero(dv); + dv->top=1; + + if (!BN_lshift(D,D,nm-nd)) return(0); + for (i=nm-nd; i>=0; i--) + { + if (!BN_lshift1(dv,dv)) return(0); + if (BN_ucmp(rem,D) >= 0) + { + dv->d[0]|=1; + bn_qsub(rem,rem,D); + } +/* CAN IMPROVE (and have now :=) */ + if (!BN_rshift1(D,D)) return(0); + } + rem->neg=BN_is_zero(rem)?0:m->neg; + dv->neg=m->neg^d->neg; + return(1); + } + +#else + +int BN_div(dv, rm, num, divisor,ctx) +BIGNUM *dv; +BIGNUM *rm; +BIGNUM *num; +BIGNUM *divisor; +BN_CTX *ctx; + { + int norm_shift,i,j,loop; + BIGNUM *tmp,wnum,*snum,*sdiv,*res; + BN_ULONG *resp,*wnump; + BN_ULONG d0,d1; + int num_n,div_n; + + if (BN_is_zero(divisor)) + { + BNerr(BN_F_BN_DIV,BN_R_DIV_BY_ZERO); + return(0); + } + + if (BN_ucmp(num,divisor) < 0) + { + if (rm != NULL) + { if (BN_copy(rm,num) == NULL) return(0); } + if (dv != NULL) BN_zero(dv); + return(1); + } + + tmp=ctx->bn[ctx->tos]; + tmp->neg=0; + snum=ctx->bn[ctx->tos+1]; + sdiv=ctx->bn[ctx->tos+2]; + if (dv == NULL) + res=ctx->bn[ctx->tos+3]; + else res=dv; + + /* First we normalise the numbers */ + norm_shift=BN_BITS2-((BN_num_bits(divisor))%BN_BITS2); + BN_lshift(sdiv,divisor,norm_shift); + sdiv->neg=0; + norm_shift+=BN_BITS2; + BN_lshift(snum,num,norm_shift); + snum->neg=0; + div_n=sdiv->top; + num_n=snum->top; + loop=num_n-div_n; + + /* Lets setup a 'window' into snum + * This is the part that corresponds to the current + * 'area' being divided */ + wnum.d= &(snum->d[loop]); + wnum.top= div_n; + wnum.max= snum->max; /* a bit of a lie */ + wnum.neg= 0; + + /* Get the top 2 words of sdiv */ + /* i=sdiv->top; */ + d0=sdiv->d[div_n-1]; + d1=(div_n == 1)?0:sdiv->d[div_n-2]; + + /* pointer to the 'top' of snum */ + wnump= &(snum->d[num_n-1]); + + /* Setup to 'res' */ + res->neg= (num->neg^divisor->neg); + res->top=loop; + if (!bn_wexpand(res,(loop+1))) goto err; + resp= &(res->d[loop-1]); + + /* space for temp */ + if (!bn_wexpand(tmp,(div_n+1))) goto err; + + if (BN_ucmp(&wnum,sdiv) >= 0) + { + bn_qsub(&wnum,&wnum,sdiv); + *resp=1; + res->d[res->top-1]=1; + } + else + res->top--; + resp--; + + for (i=0; i>BN_BITS2) || + (t2 <= ((BN_ULLONG)(rem< t1l) t3h++; + t3h=(t1h-t3h)&BN_MASK2; + + /*if ((t3>>BN_BITS2) || + (t2 <= ((t3<d,sdiv->d,div_n,q); + tmp->d[div_n]=l0; + for (j=div_n+1; j>0; j--) + if (tmp->d[j-1]) break; + tmp->top=j; + + j=wnum.top; + BN_sub(&wnum,&wnum,tmp); + + snum->top=snum->top+wnum.top-j; + + if (wnum.neg) + { + q--; + j=wnum.top; + BN_add(&wnum,&wnum,sdiv); + snum->top+=wnum.top-j; + } + *(resp--)=q; + wnump--; + } + if (rm != NULL) + { + BN_rshift(rm,snum,norm_shift); + rm->neg=num->neg; + } + return(1); +err: + return(0); + } + +#endif diff --git a/src/lib/libcrypto/bn/bn_err.c b/src/lib/libcrypto/bn/bn_err.c new file mode 100644 index 0000000000..029ae810d5 --- /dev/null +++ b/src/lib/libcrypto/bn/bn_err.c @@ -0,0 +1,111 @@ +/* lib/bn/bn_err.c */ +/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ +#include +#include "err.h" +#include "bn.h" + +/* BEGIN ERROR CODES */ +#ifndef NO_ERR +static ERR_STRING_DATA BN_str_functs[]= + { +{ERR_PACK(0,BN_F_BN_BLINDING_CONVERT,0), "BN_BLINDING_convert"}, +{ERR_PACK(0,BN_F_BN_BLINDING_INVERT,0), "BN_BLINDING_invert"}, +{ERR_PACK(0,BN_F_BN_BLINDING_NEW,0), "BN_BLINDING_new"}, +{ERR_PACK(0,BN_F_BN_BLINDING_UPDATE,0), "BN_BLINDING_update"}, +{ERR_PACK(0,BN_F_BN_BN2DEC,0), "BN_bn2dec"}, +{ERR_PACK(0,BN_F_BN_BN2HEX,0), "BN_bn2hex"}, +{ERR_PACK(0,BN_F_BN_CTX_NEW,0), "BN_CTX_new"}, +{ERR_PACK(0,BN_F_BN_DIV,0), "BN_div"}, +{ERR_PACK(0,BN_F_BN_EXPAND2,0), "bn_expand2"}, +{ERR_PACK(0,BN_F_BN_MOD_EXP_MONT,0), "BN_mod_exp_mont"}, +{ERR_PACK(0,BN_F_BN_MOD_INVERSE,0), "BN_mod_inverse"}, +{ERR_PACK(0,BN_F_BN_MOD_MUL_RECIPROCAL,0), "BN_mod_mul_reciprocal"}, +{ERR_PACK(0,BN_F_BN_MPI2BN,0), "BN_mpi2bn"}, +{ERR_PACK(0,BN_F_BN_NEW,0), "BN_new"}, +{ERR_PACK(0,BN_F_BN_RAND,0), "BN_rand"}, +{0,NULL}, + }; + +static ERR_STRING_DATA BN_str_reasons[]= + { +{BN_R_BAD_RECIPROCAL ,"bad reciprocal"}, +{BN_R_CALLED_WITH_EVEN_MODULUS ,"called with even modulus"}, +{BN_R_DIV_BY_ZERO ,"div by zero"}, +{BN_R_ENCODING_ERROR ,"encoding error"}, +{BN_R_INVALID_LENGTH ,"invalid length"}, +{BN_R_NOT_INITALISED ,"not initalised"}, +{BN_R_NO_INVERSE ,"no inverse"}, +{0,NULL}, + }; + +#endif + +void ERR_load_BN_strings() + { + static int init=1; + + if (init); + {; + init=0; +#ifndef NO_ERR + ERR_load_strings(ERR_LIB_BN,BN_str_functs); + ERR_load_strings(ERR_LIB_BN,BN_str_reasons); +#endif + + } + } diff --git a/src/lib/libcrypto/bn/bn_exp.c b/src/lib/libcrypto/bn/bn_exp.c new file mode 100644 index 0000000000..c056a5083f --- /dev/null +++ b/src/lib/libcrypto/bn/bn_exp.c @@ -0,0 +1,553 @@ +/* crypto/bn/bn_exp.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include +#include "cryptlib.h" +#include "bn_lcl.h" + +/* slow but works */ +int BN_mod_mul(ret, a, b, m, ctx) +BIGNUM *ret; +BIGNUM *a; +BIGNUM *b; +BIGNUM *m; +BN_CTX *ctx; + { + BIGNUM *t; + int r=0; + + t=ctx->bn[ctx->tos++]; + if (a == b) + { if (!BN_sqr(t,a,ctx)) goto err; } + else + { if (!BN_mul(t,a,b)) goto err; } + if (!BN_mod(ret,t,m,ctx)) goto err; + r=1; +err: + ctx->tos--; + return(r); + } + +#if 0 +/* this one works - simple but works */ +int BN_mod_exp(r,a,p,m,ctx) +BIGNUM *r,*a,*p,*m; +BN_CTX *ctx; + { + int i,bits,ret=0; + BIGNUM *v,*tmp; + + v=ctx->bn[ctx->tos++]; + tmp=ctx->bn[ctx->tos++]; + + if (BN_copy(v,a) == NULL) goto err; + bits=BN_num_bits(p); + + if (BN_is_odd(p)) + { if (BN_copy(r,a) == NULL) goto err; } + else { if (BN_one(r)) goto err; } + + for (i=1; itos-=2; + return(ret); + } + +#endif + +/* this one works - simple but works */ +int BN_exp(r,a,p,ctx) +BIGNUM *r,*a,*p; +BN_CTX *ctx; + { + int i,bits,ret=0; + BIGNUM *v,*tmp; + + v=ctx->bn[ctx->tos++]; + tmp=ctx->bn[ctx->tos++]; + + if (BN_copy(v,a) == NULL) goto err; + bits=BN_num_bits(p); + + if (BN_is_odd(p)) + { if (BN_copy(r,a) == NULL) goto err; } + else { if (BN_one(r)) goto err; } + + for (i=1; itos-=2; + return(ret); + } + +int BN_mod_exp(r,a,p,m,ctx) +BIGNUM *r; +BIGNUM *a; +BIGNUM *p; +BIGNUM *m; +BN_CTX *ctx; + { + int ret; + +#ifdef MONT_MUL_MOD + /* I have finally been able to take out this pre-condition of + * the top bit being set. It was caused by an error in BN_div + * with negatives. There was also another problem when for a^b%m + * a >= m. eay 07-May-97 */ +/* if ((m->d[m->top-1]&BN_TBIT) && BN_is_odd(m)) */ + + if (BN_is_odd(m)) + { ret=BN_mod_exp_mont(r,a,p,m,ctx,NULL); } + else +#endif +#ifdef RECP_MUL_MOD + { ret=BN_mod_exp_recp(r,a,p,m,ctx); } +#else + { ret=BN_mod_exp_simple(r,a,p,m,ctx); } +#endif + + return(ret); + } + +/* #ifdef RECP_MUL_MOD */ +int BN_mod_exp_recp(r,a,p,m,ctx) +BIGNUM *r; +BIGNUM *a; +BIGNUM *p; +BIGNUM *m; +BN_CTX *ctx; + { + int nb,i,j,bits,ret=0,wstart,wend,window,wvalue; + int start=1; + BIGNUM *d,*aa; + BIGNUM *val[16]; + + d=ctx->bn[ctx->tos++]; + aa=ctx->bn[ctx->tos++]; + bits=BN_num_bits(p); + + if (bits == 0) + { + BN_one(r); + return(1); + } + nb=BN_reciprocal(d,m,ctx); + if (nb == -1) goto err; + + val[0]=BN_new(); + if (!BN_mod(val[0],a,m,ctx)) goto err; /* 1 */ + if (!BN_mod_mul_reciprocal(aa,val[0],val[0],m,d,nb,ctx)) + goto err; /* 2 */ + + if (bits <= 17) /* This is probably 3 or 0x10001, so just do singles */ + window=1; + else if (bits >= 256) + window=5; /* max size of window */ + else if (bits >= 128) + window=4; + else + window=3; + + j=1<<(window-1); + for (i=1; i>1],m,d,nb,ctx)) + goto err; + + /* move the 'window' down further */ + wstart-=wend+1; + wvalue=0; + start=0; + if (wstart < 0) break; + } + ret=1; +err: + ctx->tos-=2; + for (i=0; i<16; i++) + if (val[i] != NULL) BN_clear_free(val[i]); + return(ret); + } +/* #endif */ + +/* #ifdef MONT_MUL_MOD */ +int BN_mod_exp_mont(r,a,p,m,ctx,in_mont) +BIGNUM *r; +BIGNUM *a; +BIGNUM *p; +BIGNUM *m; +BN_CTX *ctx; +BN_MONT_CTX *in_mont; + { +#define TABLE_SIZE 16 + int i,j,bits,ret=0,wstart,wend,window,wvalue; + int start=1; + BIGNUM *d,*aa; + BIGNUM *val[TABLE_SIZE]; + BN_MONT_CTX *mont=NULL; + + if (!(m->d[0] & 1)) + { + BNerr(BN_F_BN_MOD_EXP_MONT,BN_R_CALLED_WITH_EVEN_MODULUS); + return(0); + } + d=ctx->bn[ctx->tos++]; + bits=BN_num_bits(p); + if (bits == 0) + { + BN_one(r); + return(1); + } + + /* If this is not done, things will break in the montgomery + * part */ + +#if 1 + if (in_mont != NULL) + mont=in_mont; + else +#endif + { + if ((mont=BN_MONT_CTX_new()) == NULL) goto err; + if (!BN_MONT_CTX_set(mont,m,ctx)) goto err; + } + + val[0]=BN_new(); + if (BN_ucmp(a,m) >= 0) + { + BN_mod(val[0],a,m,ctx); + aa=val[0]; + } + else + aa=a; + if (!BN_to_montgomery(val[0],aa,mont,ctx)) goto err; /* 1 */ + if (!BN_mod_mul_montgomery(d,val[0],val[0],mont,ctx)) goto err; /* 2 */ + + if (bits <= 20) /* This is probably 3 or 0x10001, so just do singles */ + window=1; + else if (bits > 250) + window=5; /* max size of window */ + else if (bits >= 120) + window=4; + else + window=3; + + j=1<<(window-1); + for (i=1; i>1],mont,ctx)) + goto err; + + /* move the 'window' down further */ + wstart-=wend+1; + wvalue=0; + start=0; + if (wstart < 0) break; + } + BN_from_montgomery(r,r,mont,ctx); + ret=1; +err: + if ((in_mont == NULL) && (mont != NULL)) BN_MONT_CTX_free(mont); + ctx->tos--; + for (i=0; ibn[ctx->tos++]; + bits=BN_num_bits(p); + + if (bits == 0) + { + BN_one(r); + return(1); + } + + val[0]=BN_new(); + if (!BN_mod(val[0],a,m,ctx)) goto err; /* 1 */ + if (!BN_mod_mul(d,val[0],val[0],m,ctx)) + goto err; /* 2 */ + + if (bits <= 17) /* This is probably 3 or 0x10001, so just do singles */ + window=1; + else if (bits >= 256) + window=5; /* max size of window */ + else if (bits >= 128) + window=4; + else + window=3; + + j=1<<(window-1); + for (i=1; i>1],m,ctx)) + goto err; + + /* move the 'window' down further */ + wstart-=wend+1; + wvalue=0; + start=0; + if (wstart < 0) break; + } + ret=1; +err: + ctx->tos--; + for (i=0; i<16; i++) + if (val[i] != NULL) BN_clear_free(val[i]); + return(ret); + } + diff --git a/src/lib/libcrypto/bn/bn_gcd.c b/src/lib/libcrypto/bn/bn_gcd.c new file mode 100644 index 0000000000..071bba3b4b --- /dev/null +++ b/src/lib/libcrypto/bn/bn_gcd.c @@ -0,0 +1,203 @@ +/* crypto/bn/bn_gcd.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include +#include "cryptlib.h" +#include "bn_lcl.h" + +#ifndef NOPROTO +static BIGNUM *euclid(BIGNUM *a, BIGNUM *b); +#else +static BIGNUM *euclid(); +#endif + +int BN_gcd(r,in_a,in_b,ctx) +BIGNUM *r,*in_a,*in_b; +BN_CTX *ctx; + { + BIGNUM *a,*b,*t; + int ret=0; + + a=ctx->bn[ctx->tos]; + b=ctx->bn[ctx->tos+1]; + + if (BN_copy(a,in_a) == NULL) goto err; + if (BN_copy(b,in_b) == NULL) goto err; + + if (BN_cmp(a,b) < 0) { t=a; a=b; b=t; } + t=euclid(a,b); + if (t == NULL) goto err; + + if (BN_copy(r,t) == NULL) goto err; + ret=1; +err: + return(ret); + } + +static BIGNUM *euclid(a,b) +BIGNUM *a,*b; + { + BIGNUM *t; + int shifts=0; + + for (;;) + { + if (BN_is_zero(b)) + break; + + if (BN_is_odd(a)) + { + if (BN_is_odd(b)) + { + if (!BN_sub(a,a,b)) goto err; + if (!BN_rshift1(a,a)) goto err; + if (BN_cmp(a,b) < 0) + { t=a; a=b; b=t; } + } + else /* a odd - b even */ + { + if (!BN_rshift1(b,b)) goto err; + if (BN_cmp(a,b) < 0) + { t=a; a=b; b=t; } + } + } + else /* a is even */ + { + if (BN_is_odd(b)) + { + if (!BN_rshift1(a,a)) goto err; + if (BN_cmp(a,b) < 0) + { t=a; a=b; b=t; } + } + else /* a even - b even */ + { + if (!BN_rshift1(a,a)) goto err; + if (!BN_rshift1(b,b)) goto err; + shifts++; + } + } + } + if (shifts) + { + if (!BN_lshift(a,a,shifts)) goto err; + } + return(a); +err: + return(NULL); + } + +/* solves ax == 1 (mod n) */ +BIGNUM *BN_mod_inverse(a, n, ctx) +BIGNUM *a; +BIGNUM *n; +BN_CTX *ctx; + { + BIGNUM *A,*B,*X,*Y,*M,*D,*R; + BIGNUM *ret=NULL,*T; + int sign; + + A=ctx->bn[ctx->tos]; + B=ctx->bn[ctx->tos+1]; + X=ctx->bn[ctx->tos+2]; + D=ctx->bn[ctx->tos+3]; + M=ctx->bn[ctx->tos+4]; + Y=ctx->bn[ctx->tos+5]; + ctx->tos+=6; + R=BN_new(); + if (R == NULL) goto err; + + BN_zero(X); + BN_one(Y); + if (BN_copy(A,a) == NULL) goto err; + if (BN_copy(B,n) == NULL) goto err; + sign=1; + + while (!BN_is_zero(B)) + { + if (!BN_div(D,M,A,B,ctx)) goto err; + T=A; + A=B; + B=M; + /* T has a struct, M does not */ + + if (!BN_mul(T,D,X)) goto err; + if (!BN_add(T,T,Y)) goto err; + M=Y; + Y=X; + X=T; + sign= -sign; + } + if (sign < 0) + { + if (!BN_sub(Y,n,Y)) goto err; + } + + if (BN_is_one(A)) + { if (!BN_mod(R,Y,n,ctx)) goto err; } + else + { + BNerr(BN_F_BN_MOD_INVERSE,BN_R_NO_INVERSE); + goto err; + } + ret=R; +err: + if ((ret == NULL) && (R != NULL)) BN_free(R); + ctx->tos-=6; + return(ret); + } + diff --git a/src/lib/libcrypto/bn/bn_lcl.h b/src/lib/libcrypto/bn/bn_lcl.h new file mode 100644 index 0000000000..edfd788338 --- /dev/null +++ b/src/lib/libcrypto/bn/bn_lcl.h @@ -0,0 +1,199 @@ +/* crypto/bn/bn_lcl.h */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#ifndef HEADER_BN_LCL_H +#define HEADER_BN_LCL_H + +#include "bn.h" + +#ifdef __cplusplus +extern "C" { +#endif + +/************************************************************* + * Using the long long type + */ +#define Lw(t) (((BN_ULONG)(t))&BN_MASK2) +#define Hw(t) (((BN_ULONG)((t)>>BN_BITS2))&BN_MASK2) + +#define bn_fix_top(a) \ + { \ + BN_ULONG *fix_top_l; \ + for (fix_top_l= &((a)->d[(a)->top-1]); (a)->top > 0; (a)->top--) \ + if (*(fix_top_l--)) break; \ + } + +/* #define bn_expand(n,b) ((((b)/BN_BITS2) <= (n)->max)?(n):bn_expand2((n),(b))) */ + +#ifdef BN_LLONG +#define mul_add(r,a,w,c) { \ + BN_ULLONG t; \ + t=(BN_ULLONG)w * (a) + (r) + (c); \ + (r)= Lw(t); \ + (c)= Hw(t); \ + } + +#define mul(r,a,w,c) { \ + BN_ULLONG t; \ + t=(BN_ULLONG)w * (a) + (c); \ + (r)= Lw(t); \ + (c)= Hw(t); \ + } + +#else +/************************************************************* + * No long long type + */ + +#define LBITS(a) ((a)&BN_MASK2l) +#define HBITS(a) (((a)>>BN_BITS4)&BN_MASK2l) +#define L2HBITS(a) ((BN_ULONG)((a)&BN_MASK2l)<>BN_BITS2)&BN_MASKl) +#define LL2HBITS(a) ((BN_ULLONG)((a)&BN_MASKl)<>(BN_BITS4-1); \ + m =(m&BN_MASK2l)<<(BN_BITS4+1); \ + l=(l+m)&BN_MASK2; if (l < m) h++; \ + (lo)=l; \ + (ho)=h; \ + } + +#define mul_add(r,a,bl,bh,c) { \ + BN_ULONG l,h; \ + \ + h= (a); \ + l=LBITS(h); \ + h=HBITS(h); \ + mul64(l,h,(bl),(bh)); \ + \ + /* non-multiply part */ \ + l=(l+(c))&BN_MASK2; if (l < (c)) h++; \ + (c)=(r); \ + l=(l+(c))&BN_MASK2; if (l < (c)) h++; \ + (c)=h&BN_MASK2; \ + (r)=l; \ + } + +#define mul(r,a,bl,bh,c) { \ + BN_ULONG l,h; \ + \ + h= (a); \ + l=LBITS(h); \ + h=HBITS(h); \ + mul64(l,h,(bl),(bh)); \ + \ + /* non-multiply part */ \ + l+=(c); if ((l&BN_MASK2) < (c)) h++; \ + (c)=h&BN_MASK2; \ + (r)=l&BN_MASK2; \ + } + +#endif + +#ifndef NOPROTO + +BIGNUM *bn_expand2(BIGNUM *b, int bits); + +#ifdef X86_ASM +void bn_add_words(BN_ULONG *r,BN_ULONG *a,int num); +#endif + +#else + +BIGNUM *bn_expand2(); +#ifdef X86_ASM +BN_ULONG bn_add_words(); +#endif + +#endif + +#ifdef __cplusplus +} +#endif + +#endif diff --git a/src/lib/libcrypto/bn/bn_lib.c b/src/lib/libcrypto/bn/bn_lib.c new file mode 100644 index 0000000000..bfe7628ad4 --- /dev/null +++ b/src/lib/libcrypto/bn/bn_lib.c @@ -0,0 +1,611 @@ +/* crypto/bn/bn_lib.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include +#include "cryptlib.h" +#include "bn_lcl.h" + +char *BN_version="Big Number part of SSLeay 0.9.0b 29-Jun-1998"; + +BIGNUM *BN_value_one() + { + static BN_ULONG data_one=1L; + static BIGNUM const_one={&data_one,1,1,0}; + + return(&const_one); + } + +char *BN_options() + { + static int init=0; + static char data[16]; + + if (!init) + { + init++; +#ifdef BN_LLONG + sprintf(data,"bn(%d,%d)",(int)sizeof(BN_ULLONG)*8, + (int)sizeof(BN_ULONG)*8); +#else + sprintf(data,"bn(%d,%d)",(int)sizeof(BN_ULONG)*8, + (int)sizeof(BN_ULONG)*8); +#endif + } + return(data); + } + +int BN_num_bits_word(l) +BN_ULONG l; + { + static char bits[256]={ + 0,1,2,2,3,3,3,3,4,4,4,4,4,4,4,4, + 5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5, + 6,6,6,6,6,6,6,6,6,6,6,6,6,6,6,6, + 6,6,6,6,6,6,6,6,6,6,6,6,6,6,6,6, + 7,7,7,7,7,7,7,7,7,7,7,7,7,7,7,7, + 7,7,7,7,7,7,7,7,7,7,7,7,7,7,7,7, + 7,7,7,7,7,7,7,7,7,7,7,7,7,7,7,7, + 7,7,7,7,7,7,7,7,7,7,7,7,7,7,7,7, + 8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,8, + 8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,8, + 8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,8, + 8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,8, + 8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,8, + 8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,8, + 8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,8, + 8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,8, + }; + +#ifdef SIXTY_FOUR_BIT_LONG + if (l & 0xffffffff00000000L) + { + if (l & 0xffff000000000000L) + { + if (l & 0xff00000000000000L) + { + return(bits[l>>56]+56); + } + else return(bits[l>>48]+48); + } + else + { + if (l & 0x0000ff0000000000L) + { + return(bits[l>>40]+40); + } + else return(bits[l>>32]+32); + } + } + else +#else +#ifdef SIXTY_FOUR_BIT + if (l & 0xffffffff00000000LL) + { + if (l & 0xffff000000000000LL) + { + if (l & 0xff00000000000000LL) + { + return(bits[l>>56]+56); + } + else return(bits[l>>48]+48); + } + else + { + if (l & 0x0000ff0000000000LL) + { + return(bits[l>>40]+40); + } + else return(bits[l>>32]+32); + } + } + else +#endif +#endif + { +#if defined(THIRTY_TWO_BIT) || defined(SIXTY_FOUR_BIT) || defined(SIXTY_FOUR_BIT_LONG) + if (l & 0xffff0000L) + { + if (l & 0xff000000L) + return(bits[l>>24L]+24); + else return(bits[l>>16L]+16); + } + else +#endif + { +#if defined(SIXTEEN_BIT) || defined(THIRTY_TWO_BIT) || defined(SIXTY_FOUR_BIT) || defined(SIXTY_FOUR_BIT_LONG) + if (l & 0xff00L) + return(bits[l>>8]+8); + else +#endif + return(bits[l ] ); + } + } + } + +int BN_num_bits(a) +BIGNUM *a; + { + BN_ULONG l; + int i; + + if (a->top == 0) return(0); + l=a->d[a->top-1]; + i=(a->top-1)*BN_BITS2; + if (l == 0) + { +#if !defined(NO_STDIO) && !defined(WIN16) + fprintf(stderr,"BAD TOP VALUE\n"); +#endif + abort(); + } + return(i+BN_num_bits_word(l)); + } + +void BN_clear_free(a) +BIGNUM *a; + { + if (a == NULL) return; + if (a->d != NULL) + { + memset(a->d,0,a->max*sizeof(a->d[0])); + Free(a->d); + } + memset(a,0,sizeof(BIGNUM)); + Free(a); + } + +void BN_free(a) +BIGNUM *a; + { + if (a == NULL) return; + if (a->d != NULL) Free(a->d); + Free(a); + } + +BIGNUM *BN_new() + { + BIGNUM *ret; + BN_ULONG *p; + + ret=(BIGNUM *)Malloc(sizeof(BIGNUM)); + if (ret == NULL) goto err; + ret->top=0; + ret->neg=0; + ret->max=(BN_DEFAULT_BITS/BN_BITS2); + p=(BN_ULONG *)Malloc(sizeof(BN_ULONG)*(ret->max+1)); + if (p == NULL) goto err; + ret->d=p; + + memset(p,0,(ret->max+1)*sizeof(p[0])); + return(ret); +err: + BNerr(BN_F_BN_NEW,ERR_R_MALLOC_FAILURE); + return(NULL); + } + +BN_CTX *BN_CTX_new() + { + BN_CTX *ret; + BIGNUM *n; + int i,j; + + ret=(BN_CTX *)Malloc(sizeof(BN_CTX)); + if (ret == NULL) goto err2; + + for (i=0; ibn[i]=n; + } + + /* There is actually an extra one, this is for debugging my + * stuff */ + ret->bn[BN_CTX_NUM]=NULL; + + ret->tos=0; + return(ret); +err: + for (j=0; jbn[j]); + Free(ret); +err2: + BNerr(BN_F_BN_CTX_NEW,ERR_R_MALLOC_FAILURE); + return(NULL); + } + +void BN_CTX_free(c) +BN_CTX *c; + { + int i; + + for (i=0; ibn[i]); + Free(c); + } + +BIGNUM *bn_expand2(b, words) +BIGNUM *b; +int words; + { + BN_ULONG *p; + + if (words > b->max) + { + p=(BN_ULONG *)Realloc(b->d,sizeof(BN_ULONG)*(words+1)); + if (p == NULL) + { + BNerr(BN_F_BN_EXPAND2,ERR_R_MALLOC_FAILURE); + return(NULL); + } + b->d=p; + memset(&(p[b->max]),0,((words+1)-b->max)*sizeof(BN_ULONG)); + b->max=words; + } + return(b); + } + +BIGNUM *BN_dup(a) +BIGNUM *a; + { + BIGNUM *r; + + r=BN_new(); + if (r == NULL) return(NULL); + return((BIGNUM *)BN_copy(r,a)); + } + +BIGNUM *BN_copy(a, b) +BIGNUM *a; +BIGNUM *b; + { + int i; + BN_ULONG *A,*B; + + if (a == b) return(a); + if (bn_wexpand(a,b->top) == NULL) return(NULL); + +#if 1 + A=a->d; + B=b->d; + for (i=b->top&(~7); i>0; i-=8) + { + A[0]=B[0]; + A[1]=B[1]; + A[2]=B[2]; + A[3]=B[3]; + A[4]=B[4]; + A[5]=B[5]; + A[6]=B[6]; + A[7]=B[7]; + A+=8; + B+=8; + } + switch (b->top&7) + { + case 7: + A[6]=B[6]; + case 6: + A[5]=B[5]; + case 5: + A[4]=B[4]; + case 4: + A[3]=B[3]; + case 3: + A[2]=B[2]; + case 2: + A[1]=B[1]; + case 1: + A[0]=B[0]; + } +#else + memcpy(a->d,b->d,sizeof(b->d[0])*b->top); +#endif + +/* memset(&(a->d[b->top]),0,sizeof(a->d[0])*(a->max-b->top));*/ + a->top=b->top; + if (a->top == 0) + a->d[0]=0; + a->neg=b->neg; + return(a); + } + +void BN_clear(a) +BIGNUM *a; + { + memset(a->d,0,a->max*sizeof(a->d[0])); + a->top=0; + a->neg=0; + } + +unsigned long BN_get_word(a) +BIGNUM *a; + { + int i,n; + unsigned long ret=0; + + n=BN_num_bytes(a); + if (n > sizeof(unsigned long)) +#ifdef SIXTY_FOUR_BIT_LONG + return(BN_MASK2); +#else + return(0xFFFFFFFFL); +#endif + for (i=a->top-1; i>=0; i--) + { +#ifndef SIXTY_FOUR_BIT /* the data item > unsigned long */ + ret<<=BN_BITS4; /* stops the compiler complaining */ + ret<<=BN_BITS4; +#endif + ret|=a->d[i]; + } + return(ret); + } + +int BN_set_word(a,w) +BIGNUM *a; +unsigned long w; + { + int i,n; + if (bn_expand(a,sizeof(unsigned long)*8) == NULL) return(0); + + n=sizeof(unsigned long)/BN_BYTES; + a->neg=0; + a->top=0; + a->d[0]=(BN_ULONG)w&BN_MASK2; + if (a->d[0] != 0) a->top=1; + for (i=1; i>=BN_BITS2 so compilers don't complain + * on builds where sizeof(long) == BN_TYPES */ +#ifndef SIXTY_FOUR_BIT /* the data item > unsigned long */ + w>>=BN_BITS4; + w>>=BN_BITS4; +#endif + a->d[i]=(BN_ULONG)w&BN_MASK2; + if (a->d[i] != 0) a->top=i+1; + } + return(1); + } + +/* ignore negative */ +BIGNUM *BN_bin2bn(s, len, ret) +unsigned char *s; +int len; +BIGNUM *ret; + { + unsigned int i,m; + unsigned int n; + BN_ULONG l; + + if (ret == NULL) ret=BN_new(); + if (ret == NULL) return(NULL); + l=0; + n=len; + if (n == 0) + { + ret->top=0; + return(ret); + } + if (bn_expand(ret,(int)(n+2)*8) == NULL) + return(NULL); + i=((n-1)/BN_BYTES)+1; + m=((n-1)%(BN_BYTES)); + ret->top=i; + while (n-- > 0) + { + l=(l<<8L)| *(s++); + if (m-- == 0) + { + ret->d[--i]=l; + l=0; + m=BN_BYTES-1; + } + } + /* need to call this due to clear byte at top if avoiding + * having the top bit set (-ve number) */ + bn_fix_top(ret); + return(ret); + } + +/* ignore negative */ +int BN_bn2bin(a, to) +BIGNUM *a; +unsigned char *to; + { + int n,i; + BN_ULONG l; + + n=i=BN_num_bytes(a); + while (i-- > 0) + { + l=a->d[i/BN_BYTES]; + *(to++)=(unsigned char)(l>>(8*(i%BN_BYTES)))&0xff; + } + return(n); + } + +int BN_ucmp(a, b) +BIGNUM *a; +BIGNUM *b; + { + int i; + BN_ULONG t1,t2,*ap,*bp; + + i=a->top-b->top; + if (i != 0) return(i); + ap=a->d; + bp=b->d; + for (i=a->top-1; i>=0; i--) + { + t1= ap[i]; + t2= bp[i]; + if (t1 != t2) + return(t1 > t2?1:-1); + } + return(0); + } + +int BN_cmp(a, b) +BIGNUM *a; +BIGNUM *b; + { + int i; + int gt,lt; + BN_ULONG t1,t2; + + if ((a == NULL) || (b == NULL)) + { + if (a != NULL) + return(-1); + else if (b != NULL) + return(1); + else + return(0); + } + if (a->neg != b->neg) + { + if (a->neg) + return(-1); + else return(1); + } + if (a->neg == 0) + { gt=1; lt= -1; } + else { gt= -1; lt=1; } + + if (a->top > b->top) return(gt); + if (a->top < b->top) return(lt); + for (i=a->top-1; i>=0; i--) + { + t1=a->d[i]; + t2=b->d[i]; + if (t1 > t2) return(gt); + if (t1 < t2) return(lt); + } + return(0); + } + +int BN_set_bit(a, n) +BIGNUM *a; +int n; + { + int i,j; + + i=n/BN_BITS2; + j=n%BN_BITS2; + if (a->top <= i) + { + if (bn_expand(a,n) == NULL) return(0); + a->top=i+1; + } + + a->d[i]|=(1L<top <= i) return(0); + + a->d[i]&=(~(1L<top <= i) return(0); + return((a->d[i]&(((BN_ULONG)1)<= a->top) return(0); + if (b == 0) + a->top=w; + else + { + a->top=w+1; + a->d[w]&= ~(BN_MASK2<= 0) && (a->d[w] == 0)) + { + a->top--; + w--; + } + } + return(1); + } diff --git a/src/lib/libcrypto/bn/bn_mod.c b/src/lib/libcrypto/bn/bn_mod.c new file mode 100644 index 0000000000..c351aac14f --- /dev/null +++ b/src/lib/libcrypto/bn/bn_mod.c @@ -0,0 +1,97 @@ +/* crypto/bn/bn_mod.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include +#include "cryptlib.h" +#include "bn_lcl.h" + +/* rem != m */ +int BN_mod(rem, m, d,ctx) +BIGNUM *rem; +BIGNUM *m; +BIGNUM *d; +BN_CTX *ctx; + { +#if 0 /* The old slow way */ + int i,nm,nd; + BIGNUM *dv; + + if (BN_ucmp(m,d) < 0) + return((BN_copy(rem,m) == NULL)?0:1); + + dv=ctx->bn[ctx->tos]; + + if (!BN_copy(rem,m)) return(0); + + nm=BN_num_bits(rem); + nd=BN_num_bits(d); + if (!BN_lshift(dv,d,nm-nd)) return(0); + for (i=nm-nd; i>=0; i--) + { + if (BN_cmp(rem,dv) >= 0) + { + if (!BN_sub(rem,rem,dv)) return(0); + } + if (!BN_rshift1(dv,dv)) return(0); + } + return(1); +#else + return(BN_div(NULL,rem,m,d,ctx)); +#endif + } + diff --git a/src/lib/libcrypto/bn/bn_mont.c b/src/lib/libcrypto/bn/bn_mont.c new file mode 100644 index 0000000000..e435df61f8 --- /dev/null +++ b/src/lib/libcrypto/bn/bn_mont.c @@ -0,0 +1,306 @@ +/* crypto/bn/bn_mont.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include +#include "cryptlib.h" +#include "bn_lcl.h" + +int BN_mod_mul_montgomery(r,a,b,mont,ctx) +BIGNUM *r,*a,*b; +BN_MONT_CTX *mont; +BN_CTX *ctx; + { + BIGNUM *tmp; + + tmp=ctx->bn[ctx->tos++]; + + if (a == b) + { + if (!BN_sqr(tmp,a,ctx)) goto err; + } + else + { + if (!BN_mul(tmp,a,b)) goto err; + } + /* reduce from aRR to aR */ + if (!BN_from_montgomery(r,tmp,mont,ctx)) goto err; + ctx->tos--; + return(1); +err: + return(0); + } + +#define MONT_WORD + +#ifdef MONT_WORD +int BN_from_montgomery(ret,a,mont,ctx) +BIGNUM *ret; +BIGNUM *a; +BN_MONT_CTX *mont; +BN_CTX *ctx; + { + BIGNUM *n,*t1,*r; + BN_ULONG *ap,*np,*rp,n0,v; + int al,nl,max,i,x,ri; + int retn=0; + + t1=ctx->bn[ctx->tos]; + r=ctx->bn[ctx->tos+1]; + + if (!BN_copy(r,a)) goto err; + n=mont->N; + + ap=a->d; + /* mont->ri is the size of mont->N in bits/words */ + al=ri=mont->ri/BN_BITS2; + + nl=n->top; + if ((al == 0) || (nl == 0)) { r->top=0; return(1); } + + max=(nl+al+1); /* allow for overflow (no?) XXX */ + if (bn_wexpand(r,max) == NULL) goto err; + if (bn_wexpand(ret,max) == NULL) goto err; + + r->neg=a->neg^n->neg; + np=n->d; + rp=r->d; + + /* clear the top words of T */ +#if 1 + for (i=r->top; id[i]=0; +#else + memset(&(r->d[r->top]),0,(max-r->top)*sizeof(BN_ULONG)); +#endif + + r->top=max; + n0=mont->n0; + + for (i=0; i nl) + { + x2=nl; + x1=0; + } + else + { + x2=i+4; + x1=nl-x2; + } + v=bn_mul_add_words(&(rp[x1]),&(np[x1]),x2,(rp[x1]*n0)&BN_MASK2); +#else + v=bn_mul_add_words(rp,np,nl,(rp[0]*n0)&BN_MASK2); +#endif + + if (((rp[nl]+=v)&BN_MASK2) < v) + { + for (x=(nl+1); (((++rp[x])&BN_MASK2) == 0); x++) + ; + } + rp++; + } + while (r->d[r->top-1] == 0) + r->top--; + + /* mont->ri will be a multiple of the word size */ +#if 0 + BN_rshift(ret,r,mont->ri); +#else + ap=r->d; + rp=ret->d; + x=ri; + al=r->top-x; + for (i=0; itop=al; +#endif + + if (BN_ucmp(ret,mont->N) >= 0) + { + bn_qsub(ret,ret,mont->N); /* XXX */ + } + retn=1; +err: + return(retn); + } +#else +int BN_from_montgomery(r,a,mont,ctx) +BIGNUM *r; +BIGNUM *a; +BN_MONT_CTX *mont; +BN_CTX *ctx; + { + BIGNUM *t1,*t2; + + t1=ctx->bn[ctx->tos]; + t2=ctx->bn[ctx->tos+1]; + + if (!BN_copy(t1,a)) goto err; + /* can cheat */ + BN_mask_bits(t1,mont->ri); + + if (!BN_mul(t2,t1,mont->Ni)) goto err; + BN_mask_bits(t2,mont->ri); + + if (!BN_mul(t1,t2,mont->N)) goto err; + if (!BN_add(t2,a,t1)) goto err; + BN_rshift(r,t2,mont->ri); + + if (BN_ucmp(r,mont->N) >= 0) + bn_qsub(r,r,mont->N); + + return(1); +err: + return(0); + } +#endif + +BN_MONT_CTX *BN_MONT_CTX_new() + { + BN_MONT_CTX *ret; + + if ((ret=(BN_MONT_CTX *)Malloc(sizeof(BN_MONT_CTX))) == NULL) + return(NULL); + ret->ri=0; + ret->RR=BN_new(); + ret->N=BN_new(); + ret->Ni=NULL; + if ((ret->RR == NULL) || (ret->N == NULL)) + { + BN_MONT_CTX_free(ret); + return(NULL); + } + return(ret); + } + +void BN_MONT_CTX_free(mont) +BN_MONT_CTX *mont; + { + if (mont->RR != NULL) BN_free(mont->RR); + if (mont->N != NULL) BN_free(mont->N); + if (mont->Ni != NULL) BN_free(mont->Ni); + Free(mont); + } + +int BN_MONT_CTX_set(mont,mod,ctx) +BN_MONT_CTX *mont; +BIGNUM *mod; +BN_CTX *ctx; + { + BIGNUM *Ri=NULL,*R=NULL; + + if (mont->RR == NULL) mont->RR=BN_new(); + if (mont->N == NULL) mont->N=BN_new(); + + R=mont->RR; /* grab RR as a temp */ + BN_copy(mont->N,mod); /* Set N */ + +#ifdef MONT_WORD +{ + BIGNUM tmod; + BN_ULONG buf[2]; + /* int z; */ + + mont->ri=(BN_num_bits(mod)+(BN_BITS2-1))/BN_BITS2*BN_BITS2; + BN_lshift(R,BN_value_one(),BN_BITS2); /* R */ + /* I was bad, this modification of a passed variable was + * breaking the multithreaded stuff :-( + * z=mod->top; + * mod->top=1; */ + + buf[0]=mod->d[0]; + buf[1]=0; + tmod.d=buf; + tmod.top=1; + tmod.max=mod->max; + tmod.neg=mod->neg; + + if ((Ri=BN_mod_inverse(R,&tmod,ctx)) == NULL) goto err; /* Ri */ + BN_lshift(Ri,Ri,BN_BITS2); /* R*Ri */ + bn_qsub(Ri,Ri,BN_value_one()); /* R*Ri - 1 */ + BN_div(Ri,NULL,Ri,&tmod,ctx); + mont->n0=Ri->d[0]; + BN_free(Ri); + /* mod->top=z; */ +} +#else + mont->ri=BN_num_bits(mod); + BN_lshift(R,BN_value_one(),mont->ri); /* R */ + if ((Ri=BN_mod_inverse(R,mod,ctx)) == NULL) goto err; /* Ri */ + BN_lshift(Ri,Ri,mont->ri); /* R*Ri */ + bn_qsub(Ri,Ri,BN_value_one()); /* R*Ri - 1 */ + BN_div(Ri,NULL,Ri,mod,ctx); + if (mont->Ni != NULL) BN_free(mont->Ni); + mont->Ni=Ri; /* Ni=(R*Ri-1)/N */ +#endif + + /* setup RR for conversions */ + BN_lshift(mont->RR,BN_value_one(),mont->ri*2); + BN_mod(mont->RR,mont->RR,mont->N,ctx); + + return(1); +err: + return(0); + } + diff --git a/src/lib/libcrypto/bn/bn_mpi.c b/src/lib/libcrypto/bn/bn_mpi.c new file mode 100644 index 0000000000..53945c1057 --- /dev/null +++ b/src/lib/libcrypto/bn/bn_mpi.c @@ -0,0 +1,134 @@ +/* crypto/bn/bn_mpi.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include +#include "cryptlib.h" +#include "bn_lcl.h" + +int BN_bn2mpi(a,d) +BIGNUM *a; +unsigned char *d; + { + int bits; + int num=0; + int ext=0; + long l; + + bits=BN_num_bits(a); + num=(bits+7)/8; + if (bits > 0) + { + ext=((bits & 0x07) == 0); + } + if (d == NULL) + return(num+4+ext); + + l=num+ext; + d[0]=(unsigned char)(l>>24)&0xff; + d[1]=(unsigned char)(l>>16)&0xff; + d[2]=(unsigned char)(l>> 8)&0xff; + d[3]=(unsigned char)(l )&0xff; + if (ext) d[4]=0; + num=BN_bn2bin(a,&(d[4+ext])); + if (a->neg) + d[4]|=0x80; + return(num+4+ext); + } + +BIGNUM *BN_mpi2bn(d,n,a) +unsigned char *d; +int n; +BIGNUM *a; + { + long len; + int neg=0; + + if (n < 4) + { + BNerr(BN_F_BN_MPI2BN,BN_R_INVALID_LENGTH); + return(NULL); + } + len=(d[0]<<24)|(d[1]<<16)|(d[2]<<8)|d[3]; + if ((len+4) != n) + { + BNerr(BN_F_BN_MPI2BN,BN_R_ENCODING_ERROR); + return(NULL); + } + + if (a == NULL) a=BN_new(); + if (a == NULL) return(NULL); + + if (len == 0) + { + a->neg=0; + a->top=0; + return(a); + } + d+=4; + if ((*d) & 0x80) + neg=1; + if (BN_bin2bn(d,(int)len,a) == NULL) + return(NULL); + a->neg=neg; + if (neg) + { + BN_clear_bit(a,BN_num_bits(a)-1); + } + return(a); + } + diff --git a/src/lib/libcrypto/bn/bn_mul.c b/src/lib/libcrypto/bn/bn_mul.c new file mode 100644 index 0000000000..d0c04e1d4b --- /dev/null +++ b/src/lib/libcrypto/bn/bn_mul.c @@ -0,0 +1,209 @@ +/* crypto/bn/bn_mul.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include +#include "cryptlib.h" +#include "bn_lcl.h" + +/* r must be different to a and b */ +/* int BN_mmul(r, a, b) */ +int BN_mul(r, a, b) +BIGNUM *r; +BIGNUM *a; +BIGNUM *b; + { + int i; + int max,al,bl; + BN_ULONG *ap,*bp,*rp; + + al=a->top; + bl=b->top; + if ((al == 0) || (bl == 0)) + { + r->top=0; + return(1); + } + + max=(al+bl); + if (bn_wexpand(r,max) == NULL) return(0); + r->top=max; + r->neg=a->neg^b->neg; + ap=a->d; + bp=b->d; + rp=r->d; + + rp[al]=bn_mul_words(rp,ap,al,*(bp++)); + rp++; + for (i=1; id[max-1] == 0) r->top--; + return(1); + } + +#if 0 +#include "stack.h" + +int limit=16; + +typedef struct bn_pool_st + { + int used; + int tos; + STACK *sk; + } BN_POOL; + +BIGNUM *BN_POOL_push(bp) +BN_POOL *bp; + { + BIGNUM *ret; + + if (bp->used >= bp->tos) + { + ret=BN_new(); + sk_push(bp->sk,(char *)ret); + bp->tos++; + bp->used++; + } + else + { + ret=(BIGNUM *)sk_value(bp->sk,bp->used); + bp->used++; + } + return(ret); + } + +void BN_POOL_pop(bp,num) +BN_POOL *bp; +int num; + { + bp->used-=num; + } + +int BN_mul(r,a,b) +BIGNUM *r,*a,*b; + { + static BN_POOL bp; + static init=1; + + if (init) + { + bp.used=0; + bp.tos=0; + bp.sk=sk_new_null(); + init=0; + } + return(BN_mm(r,a,b,&bp)); + } + +/* r must be different to a and b */ +int BN_mm(m, A, B, bp) +BIGNUM *m,*A,*B; +BN_POOL *bp; + { + int i,num; + int an,bn; + BIGNUM *a,*b,*c,*d,*ac,*bd; + + an=A->top; + bn=B->top; + if ((an <= limit) || (bn <= limit)) + { + return(BN_mmul(m,A,B)); + } + + a=BN_POOL_push(bp); + b=BN_POOL_push(bp); + c=BN_POOL_push(bp); + d=BN_POOL_push(bp); + ac=BN_POOL_push(bp); + bd=BN_POOL_push(bp); + + num=(an <= bn)?an:bn; + num=1<<(BN_num_bits_word(num-1)-1); + + /* Are going to now chop things into 'num' word chunks. */ + num*=BN_BITS2; + + BN_copy(a,A); + BN_mask_bits(a,num); + BN_rshift(b,A,num); + + BN_copy(c,B); + BN_mask_bits(c,num); + BN_rshift(d,B,num); + + BN_sub(ac ,b,a); + BN_sub(bd,c,d); + BN_mm(m,ac,bd,bp); + BN_mm(ac,a,c,bp); + BN_mm(bd,b,d,bp); + + BN_add(m,m,ac); + BN_add(m,m,bd); + BN_lshift(m,m,num); + BN_lshift(bd,bd,num*2); + + BN_add(m,m,ac); + BN_add(m,m,bd); + BN_POOL_pop(bp,6); + return(1); + } +#endif diff --git a/src/lib/libcrypto/bn/bn_prime.c b/src/lib/libcrypto/bn/bn_prime.c new file mode 100644 index 0000000000..0c85f70b59 --- /dev/null +++ b/src/lib/libcrypto/bn/bn_prime.c @@ -0,0 +1,473 @@ +/* crypto/bn/bn_prime.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include +#include +#include "cryptlib.h" +#include "bn_lcl.h" +#include "rand.h" + +/* The quick seive algorithm approach to weeding out primes is + * Philip Zimmermann's, as implemented in PGP. I have had a read of + * his comments and implemented my own version. + */ +#include "bn_prime.h" + +#ifndef NOPROTO +static int witness(BIGNUM *a, BIGNUM *n, BN_CTX *ctx,BN_CTX *ctx2, + BN_MONT_CTX *mont); +static int probable_prime(BIGNUM *rnd, int bits); +static int probable_prime_dh(BIGNUM *rnd, int bits, + BIGNUM *add, BIGNUM *rem, BN_CTX *ctx); +static int probable_prime_dh_strong(BIGNUM *rnd, int bits, + BIGNUM *add, BIGNUM *rem, BN_CTX *ctx); +#else +static int witness(); +static int probable_prime(); +static int probable_prime_dh(); +static int probable_prime_dh_strong(); +#endif + +BIGNUM *BN_generate_prime(bits,strong,add,rem,callback,cb_arg) +int bits; +int strong; +BIGNUM *add; +BIGNUM *rem; +void (*callback)(P_I_I_P); +char *cb_arg; + { + BIGNUM *rnd=NULL; + BIGNUM *ret=NULL; + BIGNUM *t=NULL; + int i,j,c1=0; + BN_CTX *ctx; + + ctx=BN_CTX_new(); + if (ctx == NULL) goto err; + if ((rnd=BN_new()) == NULL) goto err; + if (strong) + if ((t=BN_new()) == NULL) goto err; +loop: + /* make a random number and set the top and bottom bits */ + if (add == NULL) + { + if (!probable_prime(rnd,bits)) goto err; + } + else + { + if (strong) + { + if (!probable_prime_dh_strong(rnd,bits,add,rem,ctx)) + goto err; + } + else + { + if (!probable_prime_dh(rnd,bits,add,rem,ctx)) + goto err; + } + } + /* if (BN_mod_word(rnd,(BN_ULONG)3) == 1) goto loop; */ + if (callback != NULL) callback(0,c1++,cb_arg); + + if (!strong) + { + i=BN_is_prime(rnd,BN_prime_checks,callback,ctx,cb_arg); + if (i == -1) goto err; + if (i == 0) goto loop; + } + else + { + /* for a strong prime generation, + * check that (p-1)/2 is prime. + * Since a prime is odd, We just + * need to divide by 2 */ + if (!BN_rshift1(t,rnd)) goto err; + + for (i=0; ibn[ctx->tos++]; + + /* Setup the montgomery structure */ + if (!BN_MONT_CTX_set(mont,a,ctx2)) goto err; + + for (i=0; itos--; + if ((ctx_passed == NULL) && (ctx != NULL)) + BN_CTX_free(ctx); + if (ctx2 != NULL) + BN_CTX_free(ctx2); + if (mont != NULL) BN_MONT_CTX_free(mont); + + return(ret); + } + +#define RECP_MUL_MOD + +static int witness(a,n,ctx,ctx2,mont) +BIGNUM *a; +BIGNUM *n; +BN_CTX *ctx,*ctx2; +BN_MONT_CTX *mont; + { + int k,i,ret= -1,good; + BIGNUM *d,*dd,*tmp,*d1,*d2,*n1; + BIGNUM *mont_one,*mont_n1,*mont_a; + + d1=ctx->bn[ctx->tos]; + d2=ctx->bn[ctx->tos+1]; + n1=ctx->bn[ctx->tos+2]; + ctx->tos+=3; + + mont_one=ctx2->bn[ctx2->tos]; + mont_n1=ctx2->bn[ctx2->tos+1]; + mont_a=ctx2->bn[ctx2->tos+2]; + ctx2->tos+=3; + + d=d1; + dd=d2; + if (!BN_one(d)) goto err; + if (!BN_sub(n1,n,d)) goto err; /* n1=n-1; */ + k=BN_num_bits(n1); + + if (!BN_to_montgomery(mont_one,BN_value_one(),mont,ctx2)) goto err; + if (!BN_to_montgomery(mont_n1,n1,mont,ctx2)) goto err; + if (!BN_to_montgomery(mont_a,a,mont,ctx2)) goto err; + + BN_copy(d,mont_one); + for (i=k-1; i>=0; i--) + { + if ( (BN_cmp(d,mont_one) != 0) && + (BN_cmp(d,mont_n1) != 0)) + good=1; + else + good=0; + + BN_mod_mul_montgomery(dd,d,d,mont,ctx2); + + if (good && (BN_cmp(dd,mont_one) == 0)) + { + ret=1; + goto err; + } + if (BN_is_bit_set(n1,i)) + { + BN_mod_mul_montgomery(d,dd,mont_a,mont,ctx2); + } + else + { + tmp=d; + d=dd; + dd=tmp; + } + } + if (BN_cmp(d,mont_one) == 0) + i=0; + else i=1; + ret=i; +err: + ctx->tos-=3; + ctx2->tos-=3; + return(ret); + } + +static int probable_prime(rnd, bits) +BIGNUM *rnd; +int bits; + { + int i; + MS_STATIC BN_ULONG mods[NUMPRIMES]; + BN_ULONG delta; + + if (!BN_rand(rnd,bits,1,1)) return(0); + /* we now have a random number 'rand' to test. */ + for (i=1; ibn[ctx->tos++]; + + if (!BN_rand(rnd,bits,0,1)) goto err; + + /* we need ((rnd-rem) % add) == 0 */ + + if (!BN_mod(t1,rnd,add,ctx)) goto err; + if (!BN_sub(rnd,rnd,t1)) goto err; + if (rem == NULL) + { if (!BN_add_word(rnd,1)) goto err; } + else + { if (!BN_add(rnd,rnd,rem)) goto err; } + + /* we now have a random number 'rand' to test. */ + + loop: for (i=1; itos--; + return(ret); + } + +static int probable_prime_dh_strong(p, bits, padd, rem,ctx) +BIGNUM *p; +int bits; +BIGNUM *padd; +BIGNUM *rem; +BN_CTX *ctx; + { + int i,ret=0; + BIGNUM *t1,*qadd=NULL,*q=NULL; + + bits--; + t1=ctx->bn[ctx->tos++]; + q=ctx->bn[ctx->tos++]; + qadd=ctx->bn[ctx->tos++]; + + if (!BN_rshift1(qadd,padd)) goto err; + + if (!BN_rand(q,bits,0,1)) goto err; + + /* we need ((rnd-rem) % add) == 0 */ + if (!BN_mod(t1,q,qadd,ctx)) goto err; + if (!BN_sub(q,q,t1)) goto err; + if (rem == NULL) + { if (!BN_add_word(q,1)) goto err; } + else + { + if (!BN_rshift1(t1,rem)) goto err; + if (!BN_add(q,q,t1)) goto err; + } + + /* we now have a random number 'rand' to test. */ + if (!BN_lshift1(p,q)) goto err; + if (!BN_add_word(p,1)) goto err; + + loop: for (i=1; itos-=3; + return(ret); + } + +#if 0 +static int witness(a, n,ctx) +BIGNUM *a; +BIGNUM *n; +BN_CTX *ctx; + { + int k,i,nb,ret= -1; + BIGNUM *d,*dd,*tmp; + BIGNUM *d1,*d2,*x,*n1,*inv; + + d1=ctx->bn[ctx->tos]; + d2=ctx->bn[ctx->tos+1]; + x=ctx->bn[ctx->tos+2]; + n1=ctx->bn[ctx->tos+3]; + inv=ctx->bn[ctx->tos+4]; + ctx->tos+=5; + + d=d1; + dd=d2; + if (!BN_one(d)) goto err; + if (!BN_sub(n1,n,d)) goto err; /* n1=n-1; */ + k=BN_num_bits(n1); + + /* i=BN_num_bits(n); */ +#ifdef RECP_MUL_MOD + nb=BN_reciprocal(inv,n,ctx); /**/ + if (nb == -1) goto err; +#endif + + for (i=k-1; i>=0; i--) + { + if (BN_copy(x,d) == NULL) goto err; +#ifndef RECP_MUL_MOD + if (!BN_mod_mul(dd,d,d,n,ctx)) goto err; +#else + if (!BN_mod_mul_reciprocal(dd,d,d,n,inv,nb,ctx)) goto err; +#endif + if ( BN_is_one(dd) && + !BN_is_one(x) && + (BN_cmp(x,n1) != 0)) + { + ret=1; + goto err; + } + if (BN_is_bit_set(n1,i)) + { +#ifndef RECP_MUL_MOD + if (!BN_mod_mul(d,dd,a,n,ctx)) goto err; +#else + if (!BN_mod_mul_reciprocal(d,dd,a,n,inv,nb,ctx)) goto err; +#endif + } + else + { + tmp=d; + d=dd; + dd=tmp; + } + } + if (BN_is_one(d)) + i=0; + else i=1; + ret=i; +err: + ctx->tos-=5; + return(ret); + } +#endif diff --git a/src/lib/libcrypto/bn/bn_prime.h b/src/lib/libcrypto/bn/bn_prime.h new file mode 100644 index 0000000000..6fce0210cd --- /dev/null +++ b/src/lib/libcrypto/bn/bn_prime.h @@ -0,0 +1,325 @@ +/* crypto/bn/bn_prime.h */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#ifndef EIGHT_BIT +#define NUMPRIMES 2048 +#else +#define NUMPRIMES 54 +#endif +static unsigned int primes[NUMPRIMES]= + { + 2, 3, 5, 7, 11, 13, 17, 19, + 23, 29, 31, 37, 41, 43, 47, 53, + 59, 61, 67, 71, 73, 79, 83, 89, + 97, 101, 103, 107, 109, 113, 127, 131, + 137, 139, 149, 151, 157, 163, 167, 173, + 179, 181, 191, 193, 197, 199, 211, 223, + 227, 229, 233, 239, 241, 251, +#ifndef EIGHT_BIT + 257, 263, + 269, 271, 277, 281, 283, 293, 307, 311, + 313, 317, 331, 337, 347, 349, 353, 359, + 367, 373, 379, 383, 389, 397, 401, 409, + 419, 421, 431, 433, 439, 443, 449, 457, + 461, 463, 467, 479, 487, 491, 499, 503, + 509, 521, 523, 541, 547, 557, 563, 569, + 571, 577, 587, 593, 599, 601, 607, 613, + 617, 619, 631, 641, 643, 647, 653, 659, + 661, 673, 677, 683, 691, 701, 709, 719, + 727, 733, 739, 743, 751, 757, 761, 769, + 773, 787, 797, 809, 811, 821, 823, 827, + 829, 839, 853, 857, 859, 863, 877, 881, + 883, 887, 907, 911, 919, 929, 937, 941, + 947, 953, 967, 971, 977, 983, 991, 997, + 1009,1013,1019,1021,1031,1033,1039,1049, + 1051,1061,1063,1069,1087,1091,1093,1097, + 1103,1109,1117,1123,1129,1151,1153,1163, + 1171,1181,1187,1193,1201,1213,1217,1223, + 1229,1231,1237,1249,1259,1277,1279,1283, + 1289,1291,1297,1301,1303,1307,1319,1321, + 1327,1361,1367,1373,1381,1399,1409,1423, + 1427,1429,1433,1439,1447,1451,1453,1459, + 1471,1481,1483,1487,1489,1493,1499,1511, + 1523,1531,1543,1549,1553,1559,1567,1571, + 1579,1583,1597,1601,1607,1609,1613,1619, + 1621,1627,1637,1657,1663,1667,1669,1693, + 1697,1699,1709,1721,1723,1733,1741,1747, + 1753,1759,1777,1783,1787,1789,1801,1811, + 1823,1831,1847,1861,1867,1871,1873,1877, + 1879,1889,1901,1907,1913,1931,1933,1949, + 1951,1973,1979,1987,1993,1997,1999,2003, + 2011,2017,2027,2029,2039,2053,2063,2069, + 2081,2083,2087,2089,2099,2111,2113,2129, + 2131,2137,2141,2143,2153,2161,2179,2203, + 2207,2213,2221,2237,2239,2243,2251,2267, + 2269,2273,2281,2287,2293,2297,2309,2311, + 2333,2339,2341,2347,2351,2357,2371,2377, + 2381,2383,2389,2393,2399,2411,2417,2423, + 2437,2441,2447,2459,2467,2473,2477,2503, + 2521,2531,2539,2543,2549,2551,2557,2579, + 2591,2593,2609,2617,2621,2633,2647,2657, + 2659,2663,2671,2677,2683,2687,2689,2693, + 2699,2707,2711,2713,2719,2729,2731,2741, + 2749,2753,2767,2777,2789,2791,2797,2801, + 2803,2819,2833,2837,2843,2851,2857,2861, + 2879,2887,2897,2903,2909,2917,2927,2939, + 2953,2957,2963,2969,2971,2999,3001,3011, + 3019,3023,3037,3041,3049,3061,3067,3079, + 3083,3089,3109,3119,3121,3137,3163,3167, + 3169,3181,3187,3191,3203,3209,3217,3221, + 3229,3251,3253,3257,3259,3271,3299,3301, + 3307,3313,3319,3323,3329,3331,3343,3347, + 3359,3361,3371,3373,3389,3391,3407,3413, + 3433,3449,3457,3461,3463,3467,3469,3491, + 3499,3511,3517,3527,3529,3533,3539,3541, + 3547,3557,3559,3571,3581,3583,3593,3607, + 3613,3617,3623,3631,3637,3643,3659,3671, + 3673,3677,3691,3697,3701,3709,3719,3727, + 3733,3739,3761,3767,3769,3779,3793,3797, + 3803,3821,3823,3833,3847,3851,3853,3863, + 3877,3881,3889,3907,3911,3917,3919,3923, + 3929,3931,3943,3947,3967,3989,4001,4003, + 4007,4013,4019,4021,4027,4049,4051,4057, + 4073,4079,4091,4093,4099,4111,4127,4129, + 4133,4139,4153,4157,4159,4177,4201,4211, + 4217,4219,4229,4231,4241,4243,4253,4259, + 4261,4271,4273,4283,4289,4297,4327,4337, + 4339,4349,4357,4363,4373,4391,4397,4409, + 4421,4423,4441,4447,4451,4457,4463,4481, + 4483,4493,4507,4513,4517,4519,4523,4547, + 4549,4561,4567,4583,4591,4597,4603,4621, + 4637,4639,4643,4649,4651,4657,4663,4673, + 4679,4691,4703,4721,4723,4729,4733,4751, + 4759,4783,4787,4789,4793,4799,4801,4813, + 4817,4831,4861,4871,4877,4889,4903,4909, + 4919,4931,4933,4937,4943,4951,4957,4967, + 4969,4973,4987,4993,4999,5003,5009,5011, + 5021,5023,5039,5051,5059,5077,5081,5087, + 5099,5101,5107,5113,5119,5147,5153,5167, + 5171,5179,5189,5197,5209,5227,5231,5233, + 5237,5261,5273,5279,5281,5297,5303,5309, + 5323,5333,5347,5351,5381,5387,5393,5399, + 5407,5413,5417,5419,5431,5437,5441,5443, + 5449,5471,5477,5479,5483,5501,5503,5507, + 5519,5521,5527,5531,5557,5563,5569,5573, + 5581,5591,5623,5639,5641,5647,5651,5653, + 5657,5659,5669,5683,5689,5693,5701,5711, + 5717,5737,5741,5743,5749,5779,5783,5791, + 5801,5807,5813,5821,5827,5839,5843,5849, + 5851,5857,5861,5867,5869,5879,5881,5897, + 5903,5923,5927,5939,5953,5981,5987,6007, + 6011,6029,6037,6043,6047,6053,6067,6073, + 6079,6089,6091,6101,6113,6121,6131,6133, + 6143,6151,6163,6173,6197,6199,6203,6211, + 6217,6221,6229,6247,6257,6263,6269,6271, + 6277,6287,6299,6301,6311,6317,6323,6329, + 6337,6343,6353,6359,6361,6367,6373,6379, + 6389,6397,6421,6427,6449,6451,6469,6473, + 6481,6491,6521,6529,6547,6551,6553,6563, + 6569,6571,6577,6581,6599,6607,6619,6637, + 6653,6659,6661,6673,6679,6689,6691,6701, + 6703,6709,6719,6733,6737,6761,6763,6779, + 6781,6791,6793,6803,6823,6827,6829,6833, + 6841,6857,6863,6869,6871,6883,6899,6907, + 6911,6917,6947,6949,6959,6961,6967,6971, + 6977,6983,6991,6997,7001,7013,7019,7027, + 7039,7043,7057,7069,7079,7103,7109,7121, + 7127,7129,7151,7159,7177,7187,7193,7207, + 7211,7213,7219,7229,7237,7243,7247,7253, + 7283,7297,7307,7309,7321,7331,7333,7349, + 7351,7369,7393,7411,7417,7433,7451,7457, + 7459,7477,7481,7487,7489,7499,7507,7517, + 7523,7529,7537,7541,7547,7549,7559,7561, + 7573,7577,7583,7589,7591,7603,7607,7621, + 7639,7643,7649,7669,7673,7681,7687,7691, + 7699,7703,7717,7723,7727,7741,7753,7757, + 7759,7789,7793,7817,7823,7829,7841,7853, + 7867,7873,7877,7879,7883,7901,7907,7919, + 7927,7933,7937,7949,7951,7963,7993,8009, + 8011,8017,8039,8053,8059,8069,8081,8087, + 8089,8093,8101,8111,8117,8123,8147,8161, + 8167,8171,8179,8191,8209,8219,8221,8231, + 8233,8237,8243,8263,8269,8273,8287,8291, + 8293,8297,8311,8317,8329,8353,8363,8369, + 8377,8387,8389,8419,8423,8429,8431,8443, + 8447,8461,8467,8501,8513,8521,8527,8537, + 8539,8543,8563,8573,8581,8597,8599,8609, + 8623,8627,8629,8641,8647,8663,8669,8677, + 8681,8689,8693,8699,8707,8713,8719,8731, + 8737,8741,8747,8753,8761,8779,8783,8803, + 8807,8819,8821,8831,8837,8839,8849,8861, + 8863,8867,8887,8893,8923,8929,8933,8941, + 8951,8963,8969,8971,8999,9001,9007,9011, + 9013,9029,9041,9043,9049,9059,9067,9091, + 9103,9109,9127,9133,9137,9151,9157,9161, + 9173,9181,9187,9199,9203,9209,9221,9227, + 9239,9241,9257,9277,9281,9283,9293,9311, + 9319,9323,9337,9341,9343,9349,9371,9377, + 9391,9397,9403,9413,9419,9421,9431,9433, + 9437,9439,9461,9463,9467,9473,9479,9491, + 9497,9511,9521,9533,9539,9547,9551,9587, + 9601,9613,9619,9623,9629,9631,9643,9649, + 9661,9677,9679,9689,9697,9719,9721,9733, + 9739,9743,9749,9767,9769,9781,9787,9791, + 9803,9811,9817,9829,9833,9839,9851,9857, + 9859,9871,9883,9887,9901,9907,9923,9929, + 9931,9941,9949,9967,9973,10007,10009,10037, + 10039,10061,10067,10069,10079,10091,10093,10099, + 10103,10111,10133,10139,10141,10151,10159,10163, + 10169,10177,10181,10193,10211,10223,10243,10247, + 10253,10259,10267,10271,10273,10289,10301,10303, + 10313,10321,10331,10333,10337,10343,10357,10369, + 10391,10399,10427,10429,10433,10453,10457,10459, + 10463,10477,10487,10499,10501,10513,10529,10531, + 10559,10567,10589,10597,10601,10607,10613,10627, + 10631,10639,10651,10657,10663,10667,10687,10691, + 10709,10711,10723,10729,10733,10739,10753,10771, + 10781,10789,10799,10831,10837,10847,10853,10859, + 10861,10867,10883,10889,10891,10903,10909,10937, + 10939,10949,10957,10973,10979,10987,10993,11003, + 11027,11047,11057,11059,11069,11071,11083,11087, + 11093,11113,11117,11119,11131,11149,11159,11161, + 11171,11173,11177,11197,11213,11239,11243,11251, + 11257,11261,11273,11279,11287,11299,11311,11317, + 11321,11329,11351,11353,11369,11383,11393,11399, + 11411,11423,11437,11443,11447,11467,11471,11483, + 11489,11491,11497,11503,11519,11527,11549,11551, + 11579,11587,11593,11597,11617,11621,11633,11657, + 11677,11681,11689,11699,11701,11717,11719,11731, + 11743,11777,11779,11783,11789,11801,11807,11813, + 11821,11827,11831,11833,11839,11863,11867,11887, + 11897,11903,11909,11923,11927,11933,11939,11941, + 11953,11959,11969,11971,11981,11987,12007,12011, + 12037,12041,12043,12049,12071,12073,12097,12101, + 12107,12109,12113,12119,12143,12149,12157,12161, + 12163,12197,12203,12211,12227,12239,12241,12251, + 12253,12263,12269,12277,12281,12289,12301,12323, + 12329,12343,12347,12373,12377,12379,12391,12401, + 12409,12413,12421,12433,12437,12451,12457,12473, + 12479,12487,12491,12497,12503,12511,12517,12527, + 12539,12541,12547,12553,12569,12577,12583,12589, + 12601,12611,12613,12619,12637,12641,12647,12653, + 12659,12671,12689,12697,12703,12713,12721,12739, + 12743,12757,12763,12781,12791,12799,12809,12821, + 12823,12829,12841,12853,12889,12893,12899,12907, + 12911,12917,12919,12923,12941,12953,12959,12967, + 12973,12979,12983,13001,13003,13007,13009,13033, + 13037,13043,13049,13063,13093,13099,13103,13109, + 13121,13127,13147,13151,13159,13163,13171,13177, + 13183,13187,13217,13219,13229,13241,13249,13259, + 13267,13291,13297,13309,13313,13327,13331,13337, + 13339,13367,13381,13397,13399,13411,13417,13421, + 13441,13451,13457,13463,13469,13477,13487,13499, + 13513,13523,13537,13553,13567,13577,13591,13597, + 13613,13619,13627,13633,13649,13669,13679,13681, + 13687,13691,13693,13697,13709,13711,13721,13723, + 13729,13751,13757,13759,13763,13781,13789,13799, + 13807,13829,13831,13841,13859,13873,13877,13879, + 13883,13901,13903,13907,13913,13921,13931,13933, + 13963,13967,13997,13999,14009,14011,14029,14033, + 14051,14057,14071,14081,14083,14087,14107,14143, + 14149,14153,14159,14173,14177,14197,14207,14221, + 14243,14249,14251,14281,14293,14303,14321,14323, + 14327,14341,14347,14369,14387,14389,14401,14407, + 14411,14419,14423,14431,14437,14447,14449,14461, + 14479,14489,14503,14519,14533,14537,14543,14549, + 14551,14557,14561,14563,14591,14593,14621,14627, + 14629,14633,14639,14653,14657,14669,14683,14699, + 14713,14717,14723,14731,14737,14741,14747,14753, + 14759,14767,14771,14779,14783,14797,14813,14821, + 14827,14831,14843,14851,14867,14869,14879,14887, + 14891,14897,14923,14929,14939,14947,14951,14957, + 14969,14983,15013,15017,15031,15053,15061,15073, + 15077,15083,15091,15101,15107,15121,15131,15137, + 15139,15149,15161,15173,15187,15193,15199,15217, + 15227,15233,15241,15259,15263,15269,15271,15277, + 15287,15289,15299,15307,15313,15319,15329,15331, + 15349,15359,15361,15373,15377,15383,15391,15401, + 15413,15427,15439,15443,15451,15461,15467,15473, + 15493,15497,15511,15527,15541,15551,15559,15569, + 15581,15583,15601,15607,15619,15629,15641,15643, + 15647,15649,15661,15667,15671,15679,15683,15727, + 15731,15733,15737,15739,15749,15761,15767,15773, + 15787,15791,15797,15803,15809,15817,15823,15859, + 15877,15881,15887,15889,15901,15907,15913,15919, + 15923,15937,15959,15971,15973,15991,16001,16007, + 16033,16057,16061,16063,16067,16069,16073,16087, + 16091,16097,16103,16111,16127,16139,16141,16183, + 16187,16189,16193,16217,16223,16229,16231,16249, + 16253,16267,16273,16301,16319,16333,16339,16349, + 16361,16363,16369,16381,16411,16417,16421,16427, + 16433,16447,16451,16453,16477,16481,16487,16493, + 16519,16529,16547,16553,16561,16567,16573,16603, + 16607,16619,16631,16633,16649,16651,16657,16661, + 16673,16691,16693,16699,16703,16729,16741,16747, + 16759,16763,16787,16811,16823,16829,16831,16843, + 16871,16879,16883,16889,16901,16903,16921,16927, + 16931,16937,16943,16963,16979,16981,16987,16993, + 17011,17021,17027,17029,17033,17041,17047,17053, + 17077,17093,17099,17107,17117,17123,17137,17159, + 17167,17183,17189,17191,17203,17207,17209,17231, + 17239,17257,17291,17293,17299,17317,17321,17327, + 17333,17341,17351,17359,17377,17383,17387,17389, + 17393,17401,17417,17419,17431,17443,17449,17467, + 17471,17477,17483,17489,17491,17497,17509,17519, + 17539,17551,17569,17573,17579,17581,17597,17599, + 17609,17623,17627,17657,17659,17669,17681,17683, + 17707,17713,17729,17737,17747,17749,17761,17783, + 17789,17791,17807,17827,17837,17839,17851,17863, +#endif + }; diff --git a/src/lib/libcrypto/bn/bn_prime.pl b/src/lib/libcrypto/bn/bn_prime.pl new file mode 100644 index 0000000000..1b00c21a77 --- /dev/null +++ b/src/lib/libcrypto/bn/bn_prime.pl @@ -0,0 +1,56 @@ +#!/usr/bin/perl +# bn_prime.pl + +$num=2048; +$num=$ARGV[0] if ($#ARGV >= 0); + +push(@primes,2); +$p=1; +loop: while ($#primes < $num-1) + { + $p+=2; + $s=int(sqrt($p)); + + for ($i=0; $primes[$i]<=$s; $i++) + { + next loop if (($p%$primes[$i]) == 0); + } + push(@primes,$p); + } + +print <<"EOF"; +/* Auto generated by bn_prime.pl */ +/* Copyright (C) 1995-1997 Eric Young (eay\@mincom.oz.au). + * All rights reserved. + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * See the COPYRIGHT file in the SSLeay distribution for more details. + */ + +EOF + +for ($i=0; $i <= $#primes; $i++) + { + if ($primes[$i] > 256) + { + $eight=$i; + last; + } + } + +printf "#ifndef EIGHT_BIT\n"; +printf "#define NUMPRIMES %d\n",$num; +printf "#else\n"; +printf "#define NUMPRIMES %d\n",$eight; +printf "#endif\n"; +print "static unsigned int primes[NUMPRIMES]=\n\t{\n\t"; +$init=0; +for ($i=0; $i <= $#primes; $i++) + { + printf "\n#ifndef EIGHT_BIT\n\t" if ($primes[$i] > 256) && !($init++); + printf("\n\t") if (($i%8) == 0) && ($i != 0); + printf("%4d,",$primes[$i]); + } +print "\n#endif\n\t};\n"; + + diff --git a/src/lib/libcrypto/bn/bn_print.c b/src/lib/libcrypto/bn/bn_print.c new file mode 100644 index 0000000000..2bcc11c852 --- /dev/null +++ b/src/lib/libcrypto/bn/bn_print.c @@ -0,0 +1,333 @@ +/* crypto/bn/bn_print.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include +#include +#include "cryptlib.h" +#include "buffer.h" +#include "bn_lcl.h" + +static char *Hex="0123456789ABCDEF"; + +/* Must 'Free' the returned data */ +char *BN_bn2hex(a) +BIGNUM *a; + { + int i,j,v,z=0; + char *buf; + char *p; + + buf=(char *)Malloc(a->top*BN_BYTES*2+2); + if (buf == NULL) + { + BNerr(BN_F_BN_BN2HEX,ERR_R_MALLOC_FAILURE); + goto err; + } + p=buf; + if (a->neg) *(p++)='-'; + if (a->top == 0) *(p++)='0'; + for (i=a->top-1; i >=0; i--) + { + for (j=BN_BITS2-8; j >= 0; j-=8) + { + /* strip leading zeros */ + v=((int)(a->d[i]>>(long)j))&0xff; + if (z || (v != 0)) + { + *(p++)=Hex[v>>4]; + *(p++)=Hex[v&0x0f]; + z=1; + } + } + } + *p='\0'; +err: + return(buf); + } + +/* Must 'Free' the returned data */ +char *BN_bn2dec(a) +BIGNUM *a; + { + int i=0,num; + char *buf=NULL; + char *p; + BIGNUM *t=NULL; + BN_ULONG *bn_data=NULL,*lp; + + i=BN_num_bits(a)*3; + num=(i/10+i/1000+3)+1; + bn_data=(BN_ULONG *)Malloc((num/BN_DEC_NUM+1)*sizeof(BN_ULONG)); + buf=(char *)Malloc(num+3); + if ((buf == NULL) || (bn_data == NULL)) + { + BNerr(BN_F_BN_BN2DEC,ERR_R_MALLOC_FAILURE); + goto err; + } + if ((t=BN_dup(a)) == NULL) goto err; + + p=buf; + lp=bn_data; + if (t->neg) *(p++)='-'; + if (t->top == 0) + { + *(p++)='0'; + *(p++)='\0'; + } + else + { + i=0; + while (!BN_is_zero(t)) + { + *lp=BN_div_word(t,BN_DEC_CONV); + lp++; + } + lp--; + /* We now have a series of blocks, BN_DEC_NUM chars + * in length, where the last one needs trucation. + * The blocks need to be reversed in order. */ + sprintf(p,BN_DEC_FMT1,*lp); + while (*p) p++; + while (lp != bn_data) + { + lp--; + sprintf(p,BN_DEC_FMT2,*lp); + while (*p) p++; + } + } +err: + if (bn_data != NULL) Free(bn_data); + if (t != NULL) BN_free(t); + return(buf); + } + +int BN_hex2bn(bn,a) +BIGNUM **bn; +char *a; + { + BIGNUM *ret=NULL; + BN_ULONG l=0; + int neg=0,h,m,i,j,k,c; + int num; + + if ((a == NULL) || (*a == '\0')) return(0); + + if (*a == '-') { neg=1; a++; } + + for (i=0; isxdigit(a[i]); i++) + ; + + num=i+neg; + if (bn == NULL) return(num); + + /* a is the start of the hex digets, and it is 'i' long */ + if (*bn == NULL) + { + if ((ret=BN_new()) == NULL) return(0); + } + else + { + ret= *bn; + BN_zero(ret); + } + + /* i is the number of hex digests; */ + if (bn_expand(ret,i*4) == NULL) goto err; + + j=i; /* least significate 'hex' */ + m=0; + h=0; + while (j > 0) + { + m=((BN_BYTES*2) <= j)?(BN_BYTES*2):j; + l=0; + for (;;) + { + c=a[j-m]; + if ((c >= '0') && (c <= '9')) k=c-'0'; + else if ((c >= 'a') && (c <= 'f')) k=c-'a'+10; + else if ((c >= 'A') && (c <= 'F')) k=c-'A'+10; + else k=0; /* paranoia */ + l=(l<<4)|k; + + if (--m <= 0) + { + ret->d[h++]=l; + break; + } + } + j-=(BN_BYTES*2); + } + ret->top=h; + bn_fix_top(ret); + ret->neg=neg; + + *bn=ret; + return(num); +err: + if (*bn == NULL) BN_free(ret); + return(0); + } + +int BN_dec2bn(bn,a) +BIGNUM **bn; +char *a; + { + BIGNUM *ret=NULL; + BN_ULONG l=0; + int neg=0,i,j; + int num; + + if ((a == NULL) || (*a == '\0')) return(0); + if (*a == '-') { neg=1; a++; } + + for (i=0; isdigit(a[i]); i++) + ; + + num=i+neg; + if (bn == NULL) return(num); + + /* a is the start of the digets, and it is 'i' long. + * We chop it into BN_DEC_NUM digets at a time */ + if (*bn == NULL) + { + if ((ret=BN_new()) == NULL) return(0); + } + else + { + ret= *bn; + BN_zero(ret); + } + + /* i is the number of digests, a bit of an over expand; */ + if (bn_expand(ret,i*4) == NULL) goto err; + + j=BN_DEC_NUM-(i%BN_DEC_NUM); + if (j == BN_DEC_NUM) j=0; + l=0; + while (*a) + { + l*=10; + l+= *a-'0'; + a++; + if (++j == BN_DEC_NUM) + { + BN_mul_word(ret,BN_DEC_CONV); + BN_add_word(ret,l); + l=0; + j=0; + } + } + ret->neg=neg; + + bn_fix_top(ret); + *bn=ret; + return(num); +err: + if (*bn == NULL) BN_free(ret); + return(0); + } + +#ifndef NO_BIO + +#ifndef NO_FP_API +int BN_print_fp(fp, a) +FILE *fp; +BIGNUM *a; + { + BIO *b; + int ret; + + if ((b=BIO_new(BIO_s_file())) == NULL) + return(0); + BIO_set_fp(b,fp,BIO_NOCLOSE); + ret=BN_print(b,a); + BIO_free(b); + return(ret); + } +#endif + +int BN_print(bp, a) +BIO *bp; +BIGNUM *a; + { + int i,j,v,z=0; + int ret=0; + + if ((a->neg) && (BIO_write(bp,"-",1) != 1)) goto end; + if ((a->top == 0) && (BIO_write(bp,"0",1) != 1)) goto end; + for (i=a->top-1; i >=0; i--) + { + for (j=BN_BITS2-4; j >= 0; j-=4) + { + /* strip leading zeros */ + v=((int)(a->d[i]>>(long)j))&0x0f; + if (z || (v != 0)) + { + if (BIO_write(bp,&(Hex[v]),1) != 1) + goto end; + z=1; + } + } + } + ret=1; +end: + return(ret); + } + +#endif diff --git a/src/lib/libcrypto/bn/bn_rand.c b/src/lib/libcrypto/bn/bn_rand.c new file mode 100644 index 0000000000..75b6b0493b --- /dev/null +++ b/src/lib/libcrypto/bn/bn_rand.c @@ -0,0 +1,121 @@ +/* crypto/bn/bn_rand.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include +#include +#include "cryptlib.h" +#include "bn_lcl.h" +#include "rand.h" + +int BN_rand(rnd, bits, top, bottom) +BIGNUM *rnd; +int bits; +int top; +int bottom; + { + unsigned char *buf=NULL; + int ret=0,bit,bytes,mask; + time_t tim; + + bytes=(bits+7)/8; + bit=(bits-1)%8; + mask=0xff< +#include "cryptlib.h" +#include "bn_lcl.h" + +int BN_mod_mul_reciprocal(r, x, y, m, i, nb, ctx) +BIGNUM *r; +BIGNUM *x; +BIGNUM *y; +BIGNUM *m; +BIGNUM *i; +int nb; +BN_CTX *ctx; + { + int ret=0,j; + BIGNUM *a,*b,*c,*d; + + a=ctx->bn[ctx->tos++]; + b=ctx->bn[ctx->tos++]; + c=ctx->bn[ctx->tos++]; + d=ctx->bn[ctx->tos++]; + + if (x == y) + { if (!BN_sqr(a,x,ctx)) goto err; } + else + { if (!BN_mul(a,x,y)) goto err; } + if (!BN_rshift(d,a,nb)) goto err; + if (!BN_mul(b,d,i)) goto err; + if (!BN_rshift(c,b,nb)) goto err; + if (!BN_mul(b,m,c)) goto err; + if (!BN_sub(r,a,b)) goto err; + j=0; + while (BN_cmp(r,m) >= 0) + { + if (j++ > 2) + { + BNerr(BN_F_BN_MOD_MUL_RECIPROCAL,BN_R_BAD_RECIPROCAL); + goto err; + } + if (!BN_sub(r,r,m)) goto err; + } + + ret=1; +err: + ctx->tos-=4; + return(ret); + } + +int BN_reciprocal(r, m,ctx) +BIGNUM *r; +BIGNUM *m; +BN_CTX *ctx; + { + int nm,ret= -1; + BIGNUM *t; + + t=ctx->bn[ctx->tos++]; + + nm=BN_num_bits(m); + if (!BN_lshift(t,BN_value_one(),nm*2)) goto err; + + if (!BN_div(r,NULL,t,m,ctx)) goto err; + ret=nm; +err: + ctx->tos--; + return(ret); + } + diff --git a/src/lib/libcrypto/bn/bn_shift.c b/src/lib/libcrypto/bn/bn_shift.c new file mode 100644 index 0000000000..944bf1794b --- /dev/null +++ b/src/lib/libcrypto/bn/bn_shift.c @@ -0,0 +1,210 @@ +/* crypto/bn/bn_shift.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include +#include "cryptlib.h" +#include "bn_lcl.h" + +int BN_lshift1(r, a) +BIGNUM *r; +BIGNUM *a; + { + register BN_ULONG *ap,*rp,t,c; + int i; + + if (r != a) + { + r->neg=a->neg; + if (bn_wexpand(r,a->top+1) == NULL) return(0); + r->top=a->top; + } + else + { + if (bn_wexpand(r,a->top+1) == NULL) return(0); + } + ap=a->d; + rp=r->d; + c=0; + for (i=0; itop; i++) + { + t= *(ap++); + *(rp++)=((t<<1)|c)&BN_MASK2; + c=(t & BN_TBIT)?1:0; + } + if (c) + { + *rp=1; + r->top++; + } + return(1); + } + +int BN_rshift1(r, a) +BIGNUM *r; +BIGNUM *a; + { + BN_ULONG *ap,*rp,t,c; + int i; + + if (BN_is_zero(a)) + { + BN_zero(r); + return(1); + } + if (a != r) + { + if (bn_wexpand(r,a->top) == NULL) return(0); + r->top=a->top; + r->neg=a->neg; + } + ap=a->d; + rp=r->d; + c=0; + for (i=a->top-1; i>=0; i--) + { + t=ap[i]; + rp[i]=((t>>1)&BN_MASK2)|c; + c=(t&1)?BN_TBIT:0; + } + bn_fix_top(r); + return(1); + } + +int BN_lshift(r, a, n) +BIGNUM *r; +BIGNUM *a; +int n; + { + int i,nw,lb,rb; + BN_ULONG *t,*f; + BN_ULONG l; + + r->neg=a->neg; + if (bn_wexpand(r,a->top+(n/BN_BITS2)+1) == NULL) return(0); + nw=n/BN_BITS2; + lb=n%BN_BITS2; + rb=BN_BITS2-lb; + f=a->d; + t=r->d; + t[a->top+nw]=0; + if (lb == 0) + for (i=a->top-1; i>=0; i--) + t[nw+i]=f[i]; + else + for (i=a->top-1; i>=0; i--) + { + l=f[i]; + t[nw+i+1]|=(l>>rb)&BN_MASK2; + t[nw+i]=(l<top=a->top+nw+1; + bn_fix_top(r); + return(1); + } + +int BN_rshift(r, a, n) +BIGNUM *r; +BIGNUM *a; +int n; + { + int i,j,nw,lb,rb; + BN_ULONG *t,*f; + BN_ULONG l,tmp; + + nw=n/BN_BITS2; + rb=n%BN_BITS2; + lb=BN_BITS2-rb; + if (nw > a->top) + { + BN_zero(r); + return(1); + } + if (r != a) + { + r->neg=a->neg; + if (bn_wexpand(r,a->top-nw+1) == NULL) return(0); + } + + f= &(a->d[nw]); + t=r->d; + j=a->top-nw; + r->top=j; + + if (rb == 0) + { + for (i=j+1; i > 0; i--) + *(t++)= *(f++); + } + else + { + l= *(f++); + for (i=1; i>rb)&BN_MASK2; + l= *(f++); + *(t++) =(tmp|(l<>rb)&BN_MASK2; + } + *t=0; + bn_fix_top(r); + return(1); + } diff --git a/src/lib/libcrypto/bn/bn_sqr.c b/src/lib/libcrypto/bn/bn_sqr.c new file mode 100644 index 0000000000..a8464610e5 --- /dev/null +++ b/src/lib/libcrypto/bn/bn_sqr.c @@ -0,0 +1,122 @@ +/* crypto/bn/bn_sqr.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include +#include "cryptlib.h" +#include "bn_lcl.h" + +/* r must not be a */ +/* I've just gone over this and it is now %20 faster on x86 - eay - 27 Jun 96 */ +int BN_sqr(r, a, ctx) +BIGNUM *r; +BIGNUM *a; +BN_CTX *ctx; + { + int i,j,max,al; + BIGNUM *tmp; + BN_ULONG *ap,*rp; + + tmp=ctx->bn[ctx->tos]; + + al=a->top; + if (al == 0) + { + r->top=0; + return(1); + } + + max=(al*2); + if (bn_wexpand(r,1+max) == NULL) return(0); + if (bn_wexpand(tmp,1+max) == NULL) return(0); + + r->neg=0; + + ap=a->d; + rp=r->d; + rp[0]=rp[max-1]=0; + rp++; + j=al; + + if (--j > 0) + { + ap++; + rp[j]=bn_mul_words(rp,ap,j,ap[-1]); + rp+=2; + } + + for (i=2; id,r->d,r->d,max); + + /* There will not be a carry */ + + bn_sqr_words(tmp->d,a->d,al); + + bn_add_words(r->d,r->d,tmp->d,max); + + r->top=max; + if (r->d[max-1] == 0) r->top--; + return(1); + } + diff --git a/src/lib/libcrypto/bn/bn_word.c b/src/lib/libcrypto/bn/bn_word.c new file mode 100644 index 0000000000..4b3d0f011d --- /dev/null +++ b/src/lib/libcrypto/bn/bn_word.c @@ -0,0 +1,204 @@ +/* crypto/bn/bn_word.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include +#include "cryptlib.h" +#include "bn_lcl.h" + +BN_ULONG BN_mod_word(a, w) +BIGNUM *a; +unsigned long w; + { +#ifndef BN_LLONG + BN_ULONG ret=0; +#else + BN_ULLONG ret=0; +#endif + int i; + + w&=BN_MASK2; + for (i=a->top-1; i>=0; i--) + { +#ifndef BN_LLONG + ret=((ret<d[i]>>BN_BITS4)&BN_MASK2l))%(unsigned long)w; + ret=((ret<d[i]&BN_MASK2l))%(unsigned long)w; +#else + ret=(BN_ULLONG)(((ret<<(BN_ULLONG)BN_BITS2)|a->d[i])% + (BN_ULLONG)w); +#endif + } + return((BN_ULONG)ret); + } + +BN_ULONG BN_div_word(a, w) +BIGNUM *a; +unsigned long w; + { + BN_ULONG ret; + int i; + + if (a->top == 0) return(0); + ret=0; + w&=BN_MASK2; + for (i=a->top-1; i>=0; i--) + { + BN_ULONG l,d; + + l=a->d[i]; + d=bn_div64(ret,l,w); + ret=(l-((d*w)&BN_MASK2))&BN_MASK2; + a->d[i]=d; + } + if (a->d[a->top-1] == 0) + a->top--; + return(ret); + } + +int BN_add_word(a, w) +BIGNUM *a; +unsigned long w; + { + BN_ULONG l; + int i; + + if (a->neg) + { + a->neg=0; + i=BN_sub_word(a,w); + if (!BN_is_zero(a)) + a->neg=1; + return(i); + } + w&=BN_MASK2; + if (bn_wexpand(a,a->top+1) == NULL) return(0); + i=0; + for (;;) + { + l=(a->d[i]+(BN_ULONG)w)&BN_MASK2; + a->d[i]=l; + if (w > l) + w=1; + else + break; + i++; + } + if (i >= a->top) + a->top++; + return(1); + } + +int BN_sub_word(a, w) +BIGNUM *a; +unsigned long w; + { + int i; + + if (a->neg) + { + a->neg=0; + i=BN_add_word(a,w); + a->neg=1; + return(i); + } + + w&=BN_MASK2; + if ((a->top == 1) && (a->d[0] < w)) + { + a->d[0]=w-a->d[0]; + a->neg=1; + return(1); + } + i=0; + for (;;) + { + if (a->d[i] >= w) + { + a->d[i]-=w; + break; + } + else + { + a->d[i]=(a->d[i]-w)&BN_MASK2; + i++; + w=1; + } + } + if ((a->d[i] == 0) && (i == (a->top-1))) + a->top--; + return(1); + } + +int BN_mul_word(a,w) +BIGNUM *a; +unsigned long w; + { + BN_ULONG ll; + + w&=BN_MASK2; + if (a->top) + { + ll=bn_mul_words(a->d,a->d,a->top,w); + if (ll) + { + if (bn_wexpand(a,a->top+1) == NULL) return(0); + a->d[a->top++]=ll; + } + } + return(0); + } + diff --git a/src/lib/libcrypto/buffer/buf_err.c b/src/lib/libcrypto/buffer/buf_err.c new file mode 100644 index 0000000000..ff988852cc --- /dev/null +++ b/src/lib/libcrypto/buffer/buf_err.c @@ -0,0 +1,87 @@ +/* lib/buf/buf_err.c */ +/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ +#include +#include "err.h" +#include "buffer.h" + +/* BEGIN ERROR CODES */ +#ifndef NO_ERR +static ERR_STRING_DATA BUF_str_functs[]= + { +{ERR_PACK(0,BUF_F_BUF_MEM_GROW,0), "BUF_MEM_grow"}, +{ERR_PACK(0,BUF_F_BUF_MEM_NEW,0), "BUF_MEM_new"}, +{ERR_PACK(0,BUF_F_BUF_STRDUP,0), "BUF_strdup"}, +{ERR_PACK(0,BUF_F_PXYCLNT_READ,0), "PXYCLNT_READ"}, +{0,NULL}, + }; + +#endif + +void ERR_load_BUF_strings() + { + static int init=1; + + if (init); + {; + init=0; +#ifndef NO_ERR + ERR_load_strings(ERR_LIB_BUF,BUF_str_functs); +#endif + + } + } diff --git a/src/lib/libcrypto/buffer/buffer.c b/src/lib/libcrypto/buffer/buffer.c new file mode 100644 index 0000000000..7e8af9e2fa --- /dev/null +++ b/src/lib/libcrypto/buffer/buffer.c @@ -0,0 +1,145 @@ +/* crypto/buffer/buffer.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include +#include "cryptlib.h" +#include "buffer.h" + +BUF_MEM *BUF_MEM_new() + { + BUF_MEM *ret; + + ret=(BUF_MEM *)Malloc(sizeof(BUF_MEM)); + if (ret == NULL) + { + BUFerr(BUF_F_BUF_MEM_NEW,ERR_R_MALLOC_FAILURE); + return(NULL); + } + ret->length=0; + ret->max=0; + ret->data=NULL; + return(ret); + } + +void BUF_MEM_free(a) +BUF_MEM *a; + { + if (a->data != NULL) + { + memset(a->data,0,(unsigned int)a->max); + Free(a->data); + } + Free(a); + } + +int BUF_MEM_grow(str, len) +BUF_MEM *str; +int len; + { + char *ret; + unsigned int n; + + if (str->length >= len) + { + str->length=len; + return(len); + } + if (str->max >= len) + { + memset(&(str->data[str->length]),0,len-str->length); + str->length=len; + return(len); + } + n=(len+3)/3*4; + if (str->data == NULL) + ret=(char *)Malloc(n); + else + ret=(char *)Realloc(str->data,n); + if (ret == NULL) + { + BUFerr(BUF_F_BUF_MEM_GROW,ERR_R_MALLOC_FAILURE); + len=0; + } + else + { + str->data=ret; + str->length=len; + str->max=n; + } + return(len); + } + +char *BUF_strdup(str) +char *str; + { + char *ret; + int n; + + if (str == NULL) return(NULL); + + n=strlen(str); + ret=Malloc(n+1); + if (ret == NULL) + { + BUFerr(BUF_F_BUF_STRDUP,ERR_R_MALLOC_FAILURE); + return(NULL); + } + memcpy(ret,str,n+1); + return(ret); + } + diff --git a/src/lib/libcrypto/buffer/buffer.h b/src/lib/libcrypto/buffer/buffer.h new file mode 100644 index 0000000000..417548c04a --- /dev/null +++ b/src/lib/libcrypto/buffer/buffer.h @@ -0,0 +1,107 @@ +/* crypto/buffer/buffer.h */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#ifndef HEADER_BUFFER_H +#define HEADER_BUFFER_H + +#ifdef __cplusplus +extern "C" { +#endif + +typedef struct buf_mem_st + { + int length; /* current number of bytes */ + char *data; + int max; /* size of buffer */ + } BUF_MEM; + +#ifndef NOPROTO +BUF_MEM *BUF_MEM_new(void); +void BUF_MEM_free(BUF_MEM *a); +int BUF_MEM_grow(BUF_MEM *str, int len); +char * BUF_strdup(char *str); + +void ERR_load_BUF_strings(void ); + +#else + +BUF_MEM *BUF_MEM_new(); +void BUF_MEM_free(); +int BUF_MEM_grow(); +char * BUF_strdup(); + +void ERR_load_BUF_strings(); + +#endif + +/* BEGIN ERROR CODES */ +/* Error codes for the BUF functions. */ + +/* Function codes. */ +#define BUF_F_BUF_MEM_GROW 100 +#define BUF_F_BUF_MEM_NEW 101 +#define BUF_F_BUF_STRDUP 102 +#define BUF_F_PXYCLNT_READ 103 + +/* Reason codes. */ + +#ifdef __cplusplus +} +#endif +#endif + diff --git a/src/lib/libcrypto/cast/asm/cast-586.pl b/src/lib/libcrypto/cast/asm/cast-586.pl new file mode 100644 index 0000000000..d0be004c99 --- /dev/null +++ b/src/lib/libcrypto/cast/asm/cast-586.pl @@ -0,0 +1,167 @@ +#!/usr/bin/perl + +# define for pentium pro friendly version +$ppro=1; + +push(@INC,"perlasm","../../perlasm"); +require "x86asm.pl"; +require "cbc.pl"; + +&asm_init($ARGV[0],"cast-586.pl"); + +$CAST_ROUNDS=16; +$L="edi"; +$R="esi"; +$K="ebp"; +$tmp1="ecx"; +$tmp2="ebx"; +$tmp3="eax"; +$tmp4="edx"; +$S1="CAST_S_table0"; +$S2="CAST_S_table1"; +$S3="CAST_S_table2"; +$S4="CAST_S_table3"; + +@F1=("add","xor","sub"); +@F2=("xor","sub","add"); +@F3=("sub","add","xor"); + +&CAST_encrypt("CAST_encrypt",1); +&CAST_encrypt("CAST_decrypt",0); +&cbc("CAST_cbc_encrypt","CAST_encrypt","CAST_decrypt",1,4,5,3,-1,-1); + +&asm_finish(); + +sub CAST_encrypt + { + local($name,$enc)=@_; + + local($win_ex)=<<"EOF"; +EXTERN _CAST_S_table0:DWORD +EXTERN _CAST_S_table1:DWORD +EXTERN _CAST_S_table2:DWORD +EXTERN _CAST_S_table3:DWORD +EOF + &main'external_label( + "CAST_S_table0", + "CAST_S_table1", + "CAST_S_table2", + "CAST_S_table3", + ); + + &function_begin_B($name,$win_ex); + + &comment(""); + + &push("ebp"); + &push("ebx"); + &mov($tmp2,&wparam(0)); + &mov($K,&wparam(1)); + &push("esi"); + &push("edi"); + + &comment("Load the 2 words"); + &mov($L,&DWP(0,$tmp2,"",0)); + &mov($R,&DWP(4,$tmp2,"",0)); + + &xor( $tmp3, $tmp3); + + # encrypting part + + if ($enc) + { + &E_CAST( 0,$S,$L,$R,$K,@F1,$tmp1,$tmp2,$tmp3,$tmp4); + &E_CAST( 1,$S,$R,$L,$K,@F2,$tmp1,$tmp2,$tmp3,$tmp4); + &E_CAST( 2,$S,$L,$R,$K,@F3,$tmp1,$tmp2,$tmp3,$tmp4); + &E_CAST( 3,$S,$R,$L,$K,@F1,$tmp1,$tmp2,$tmp3,$tmp4); + &E_CAST( 4,$S,$L,$R,$K,@F2,$tmp1,$tmp2,$tmp3,$tmp4); + &E_CAST( 5,$S,$R,$L,$K,@F3,$tmp1,$tmp2,$tmp3,$tmp4); + &E_CAST( 6,$S,$L,$R,$K,@F1,$tmp1,$tmp2,$tmp3,$tmp4); + &E_CAST( 7,$S,$R,$L,$K,@F2,$tmp1,$tmp2,$tmp3,$tmp4); + &E_CAST( 8,$S,$L,$R,$K,@F3,$tmp1,$tmp2,$tmp3,$tmp4); + &E_CAST( 9,$S,$R,$L,$K,@F1,$tmp1,$tmp2,$tmp3,$tmp4); + &E_CAST(10,$S,$L,$R,$K,@F2,$tmp1,$tmp2,$tmp3,$tmp4); + &E_CAST(11,$S,$R,$L,$K,@F3,$tmp1,$tmp2,$tmp3,$tmp4); + &E_CAST(12,$S,$L,$R,$K,@F1,$tmp1,$tmp2,$tmp3,$tmp4); + &E_CAST(13,$S,$R,$L,$K,@F2,$tmp1,$tmp2,$tmp3,$tmp4); + &E_CAST(14,$S,$L,$R,$K,@F3,$tmp1,$tmp2,$tmp3,$tmp4); + &E_CAST(15,$S,$R,$L,$K,@F1,$tmp1,$tmp2,$tmp3,$tmp4,1); + } + else + { + &E_CAST(15,$S,$L,$R,$K,@F1,$tmp1,$tmp2,$tmp3,$tmp4); + &E_CAST(14,$S,$R,$L,$K,@F3,$tmp1,$tmp2,$tmp3,$tmp4); + &E_CAST(13,$S,$L,$R,$K,@F2,$tmp1,$tmp2,$tmp3,$tmp4); + &E_CAST(12,$S,$R,$L,$K,@F1,$tmp1,$tmp2,$tmp3,$tmp4); + &E_CAST(11,$S,$L,$R,$K,@F3,$tmp1,$tmp2,$tmp3,$tmp4); + &E_CAST(10,$S,$R,$L,$K,@F2,$tmp1,$tmp2,$tmp3,$tmp4); + &E_CAST( 9,$S,$L,$R,$K,@F1,$tmp1,$tmp2,$tmp3,$tmp4); + &E_CAST( 8,$S,$R,$L,$K,@F3,$tmp1,$tmp2,$tmp3,$tmp4); + &E_CAST( 7,$S,$L,$R,$K,@F2,$tmp1,$tmp2,$tmp3,$tmp4); + &E_CAST( 6,$S,$R,$L,$K,@F1,$tmp1,$tmp2,$tmp3,$tmp4); + &E_CAST( 5,$S,$L,$R,$K,@F3,$tmp1,$tmp2,$tmp3,$tmp4); + &E_CAST( 4,$S,$R,$L,$K,@F2,$tmp1,$tmp2,$tmp3,$tmp4); + &E_CAST( 3,$S,$L,$R,$K,@F1,$tmp1,$tmp2,$tmp3,$tmp4); + &E_CAST( 2,$S,$R,$L,$K,@F3,$tmp1,$tmp2,$tmp3,$tmp4); + &E_CAST( 1,$S,$L,$R,$K,@F2,$tmp1,$tmp2,$tmp3,$tmp4); + &E_CAST( 0,$S,$R,$L,$K,@F1,$tmp1,$tmp2,$tmp3,$tmp4,1); + } + + &nop(); + &mov(&DWP(4,$tmp3,"",0),$L); + &mov(&DWP(0,$tmp3,"",0),$R); + &function_end($name); + } + +sub E_CAST + { + local($i,$S,$L,$R,$K,$OP1,$OP2,$OP3,$tmp1,$tmp2,$tmp3,$tmp4,$lst)=@_; + # Ri needs to have 16 pre added. + + &comment("round $i"); + &mov( $tmp4, &DWP($i*8,$K,"",1)); + + &mov( $tmp1, &DWP($i*8+4,$K,"",1));# must be word + &$OP1( $tmp4, $R); + + &rotl( $tmp4, &LB($tmp1)); + + if ($ppro) + { + &mov( $tmp2, $tmp4); # B + &xor( $tmp1, $tmp1); + + &movb( &LB($tmp1), &HB($tmp4)); # A + &and( $tmp2, 0xff); + + &shr( $tmp4, 16); # + &xor( $tmp3, $tmp3); + } + else + { + &mov( $tmp2, $tmp4); # B + &movb( &LB($tmp1), &HB($tmp4)); # A # BAD BAD BAD + + &shr( $tmp4, 16); # + &and( $tmp2, 0xff); + } + + &movb( &LB($tmp3), &HB($tmp4)); # C # BAD BAD BAD + &and( $tmp4, 0xff); # D + + &mov( $tmp1, &DWP($S1,"",$tmp1,4)); + &mov( $tmp2, &DWP($S2,"",$tmp2,4)); + + &$OP2( $tmp1, $tmp2); + &mov( $tmp2, &DWP($S3,"",$tmp3,4)); + + &$OP3( $tmp1, $tmp2); + &mov( $tmp2, &DWP($S4,"",$tmp4,4)); + + &$OP1( $tmp1, $tmp2); + &mov($tmp3,&wparam(0)) if $lst; + # XXX + + &xor( $L, $tmp1); + # XXX + } diff --git a/src/lib/libcrypto/cast/c_cfb64.c b/src/lib/libcrypto/cast/c_cfb64.c new file mode 100644 index 0000000000..c46c375f75 --- /dev/null +++ b/src/lib/libcrypto/cast/c_cfb64.c @@ -0,0 +1,127 @@ +/* crypto/cast/c_cfb64.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include "cast.h" +#include "cast_lcl.h" + +/* The input and output encrypted as though 64bit cfb mode is being + * used. The extra state information to record how much of the + * 64bit block we have used is contained in *num; + */ + +void CAST_cfb64_encrypt(in, out, length, schedule, ivec, num, encrypt) +unsigned char *in; +unsigned char *out; +long length; +CAST_KEY *schedule; +unsigned char *ivec; +int *num; +int encrypt; + { + register CAST_LONG v0,v1,t; + register int n= *num; + register long l=length; + CAST_LONG ti[2]; + unsigned char *iv,c,cc; + + iv=(unsigned char *)ivec; + if (encrypt) + { + while (l--) + { + if (n == 0) + { + n2l(iv,v0); ti[0]=v0; + n2l(iv,v1); ti[1]=v1; + CAST_encrypt((CAST_LONG *)ti,schedule); + iv=(unsigned char *)ivec; + t=ti[0]; l2n(t,iv); + t=ti[1]; l2n(t,iv); + iv=(unsigned char *)ivec; + } + c= *(in++)^iv[n]; + *(out++)=c; + iv[n]=c; + n=(n+1)&0x07; + } + } + else + { + while (l--) + { + if (n == 0) + { + n2l(iv,v0); ti[0]=v0; + n2l(iv,v1); ti[1]=v1; + CAST_encrypt((CAST_LONG *)ti,schedule); + iv=(unsigned char *)ivec; + t=ti[0]; l2n(t,iv); + t=ti[1]; l2n(t,iv); + iv=(unsigned char *)ivec; + } + cc= *(in++); + c=iv[n]; + iv[n]=cc; + *(out++)=c^cc; + n=(n+1)&0x07; + } + } + v0=v1=ti[0]=ti[1]=t=c=cc=0; + *num=n; + } + diff --git a/src/lib/libcrypto/cast/c_ecb.c b/src/lib/libcrypto/cast/c_ecb.c new file mode 100644 index 0000000000..f0f2f4df0e --- /dev/null +++ b/src/lib/libcrypto/cast/c_ecb.c @@ -0,0 +1,82 @@ +/* crypto/cast/c_ecb.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include "cast.h" +#include "cast_lcl.h" + +char *CAST_version="CAST part of SSLeay 0.9.0b 29-Jun-1998"; + +void CAST_ecb_encrypt(in, out, ks, encrypt) +unsigned char *in; +unsigned char *out; +CAST_KEY *ks; +int encrypt; + { + CAST_LONG l,d[2]; + + n2l(in,l); d[0]=l; + n2l(in,l); d[1]=l; + if (encrypt) + CAST_encrypt(d,ks); + else + CAST_decrypt(d,ks); + l=d[0]; l2n(l,out); + l=d[1]; l2n(l,out); + l=d[0]=d[1]=0; + } + diff --git a/src/lib/libcrypto/cast/c_enc.c b/src/lib/libcrypto/cast/c_enc.c new file mode 100644 index 0000000000..d998dd4953 --- /dev/null +++ b/src/lib/libcrypto/cast/c_enc.c @@ -0,0 +1,210 @@ +/* crypto/cast/c_enc.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include "cast.h" +#include "cast_lcl.h" + +void CAST_encrypt(data,key) +CAST_LONG *data; +CAST_KEY *key; + { + register CAST_LONG l,r,*k,t; + + k= &(key->data[0]); + l=data[0]; + r=data[1]; + + E_CAST( 0,k,l,r,+,^,-); + E_CAST( 1,k,r,l,^,-,+); + E_CAST( 2,k,l,r,-,+,^); + E_CAST( 3,k,r,l,+,^,-); + E_CAST( 4,k,l,r,^,-,+); + E_CAST( 5,k,r,l,-,+,^); + E_CAST( 6,k,l,r,+,^,-); + E_CAST( 7,k,r,l,^,-,+); + E_CAST( 8,k,l,r,-,+,^); + E_CAST( 9,k,r,l,+,^,-); + E_CAST(10,k,l,r,^,-,+); + E_CAST(11,k,r,l,-,+,^); + E_CAST(12,k,l,r,+,^,-); + E_CAST(13,k,r,l,^,-,+); + E_CAST(14,k,l,r,-,+,^); + E_CAST(15,k,r,l,+,^,-); + + data[1]=l&0xffffffffL; + data[0]=r&0xffffffffL; + } + +void CAST_decrypt(data,key) +CAST_LONG *data; +CAST_KEY *key; + { + register CAST_LONG l,r,*k,t; + + k= &(key->data[0]); + l=data[0]; + r=data[1]; + + E_CAST(15,k,l,r,+,^,-); + E_CAST(14,k,r,l,-,+,^); + E_CAST(13,k,l,r,^,-,+); + E_CAST(12,k,r,l,+,^,-); + E_CAST(11,k,l,r,-,+,^); + E_CAST(10,k,r,l,^,-,+); + E_CAST( 9,k,l,r,+,^,-); + E_CAST( 8,k,r,l,-,+,^); + E_CAST( 7,k,l,r,^,-,+); + E_CAST( 6,k,r,l,+,^,-); + E_CAST( 5,k,l,r,-,+,^); + E_CAST( 4,k,r,l,^,-,+); + E_CAST( 3,k,l,r,+,^,-); + E_CAST( 2,k,r,l,-,+,^); + E_CAST( 1,k,l,r,^,-,+); + E_CAST( 0,k,r,l,+,^,-); + + data[1]=l&0xffffffffL; + data[0]=r&0xffffffffL; + } + +void CAST_cbc_encrypt(in, out, length, ks, iv, encrypt) +unsigned char *in; +unsigned char *out; +long length; +CAST_KEY *ks; +unsigned char *iv; +int encrypt; + { + register CAST_LONG tin0,tin1; + register CAST_LONG tout0,tout1,xor0,xor1; + register long l=length; + CAST_LONG tin[2]; + + if (encrypt) + { + n2l(iv,tout0); + n2l(iv,tout1); + iv-=8; + for (l-=8; l>=0; l-=8) + { + n2l(in,tin0); + n2l(in,tin1); + tin0^=tout0; + tin1^=tout1; + tin[0]=tin0; + tin[1]=tin1; + CAST_encrypt(tin,ks); + tout0=tin[0]; + tout1=tin[1]; + l2n(tout0,out); + l2n(tout1,out); + } + if (l != -8) + { + n2ln(in,tin0,tin1,l+8); + tin0^=tout0; + tin1^=tout1; + tin[0]=tin0; + tin[1]=tin1; + CAST_encrypt(tin,ks); + tout0=tin[0]; + tout1=tin[1]; + l2n(tout0,out); + l2n(tout1,out); + } + l2n(tout0,iv); + l2n(tout1,iv); + } + else + { + n2l(iv,xor0); + n2l(iv,xor1); + iv-=8; + for (l-=8; l>=0; l-=8) + { + n2l(in,tin0); + n2l(in,tin1); + tin[0]=tin0; + tin[1]=tin1; + CAST_decrypt(tin,ks); + tout0=tin[0]^xor0; + tout1=tin[1]^xor1; + l2n(tout0,out); + l2n(tout1,out); + xor0=tin0; + xor1=tin1; + } + if (l != -8) + { + n2l(in,tin0); + n2l(in,tin1); + tin[0]=tin0; + tin[1]=tin1; + CAST_decrypt(tin,ks); + tout0=tin[0]^xor0; + tout1=tin[1]^xor1; + l2nn(tout0,tout1,out,l+8); + xor0=tin0; + xor1=tin1; + } + l2n(xor0,iv); + l2n(xor1,iv); + } + tin0=tin1=tout0=tout1=xor0=xor1=0; + tin[0]=tin[1]=0; + } + diff --git a/src/lib/libcrypto/cast/c_ofb64.c b/src/lib/libcrypto/cast/c_ofb64.c new file mode 100644 index 0000000000..2aad2d6d96 --- /dev/null +++ b/src/lib/libcrypto/cast/c_ofb64.c @@ -0,0 +1,115 @@ +/* crypto/cast/c_ofb64.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include "cast.h" +#include "cast_lcl.h" + +/* The input and output encrypted as though 64bit ofb mode is being + * used. The extra state information to record how much of the + * 64bit block we have used is contained in *num; + */ +void CAST_ofb64_encrypt(in, out, length, schedule, ivec, num) +unsigned char *in; +unsigned char *out; +long length; +CAST_KEY *schedule; +unsigned char *ivec; +int *num; + { + register CAST_LONG v0,v1,t; + register int n= *num; + register long l=length; + unsigned char d[8]; + register char *dp; + CAST_LONG ti[2]; + unsigned char *iv; + int save=0; + + iv=(unsigned char *)ivec; + n2l(iv,v0); + n2l(iv,v1); + ti[0]=v0; + ti[1]=v1; + dp=(char *)d; + l2n(v0,dp); + l2n(v1,dp); + while (l--) + { + if (n == 0) + { + CAST_encrypt((CAST_LONG *)ti,schedule); + dp=(char *)d; + t=ti[0]; l2n(t,dp); + t=ti[1]; l2n(t,dp); + save++; + } + *(out++)= *(in++)^d[n]; + n=(n+1)&0x07; + } + if (save) + { + v0=ti[0]; + v1=ti[1]; + iv=(unsigned char *)ivec; + l2n(v0,iv); + l2n(v1,iv); + } + t=v0=v1=ti[0]=ti[1]=0; + *num=n; + } + diff --git a/src/lib/libcrypto/cast/c_skey.c b/src/lib/libcrypto/cast/c_skey.c new file mode 100644 index 0000000000..2fc3363dcd --- /dev/null +++ b/src/lib/libcrypto/cast/c_skey.c @@ -0,0 +1,165 @@ +/* crypto/cast/c_skey.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include "cast.h" +#include "cast_lcl.h" +#include "cast_s.h" + +#define CAST_exp(l,A,a,n) \ + A[n/4]=l; \ + a[n+3]=(l )&0xff; \ + a[n+2]=(l>> 8)&0xff; \ + a[n+1]=(l>>16)&0xff; \ + a[n+0]=(l>>24)&0xff; + +#define S4 CAST_S_table4 +#define S5 CAST_S_table5 +#define S6 CAST_S_table6 +#define S7 CAST_S_table7 + +void CAST_set_key(key,len,data) +CAST_KEY *key; +int len; +unsigned char *data; + { + CAST_LONG x[16]; + CAST_LONG z[16]; + CAST_LONG k[32]; + CAST_LONG X[4],Z[4]; + CAST_LONG l,*K; + int i; + + for (i=0; i<16; i++) x[i]=0; + if (len > 16) len=16; + for (i=0; idata[i*2]=k[i]; + key->data[i*2+1]=((k[i+16])+16)&0x1f; + } + } + diff --git a/src/lib/libcrypto/cast/cast.h b/src/lib/libcrypto/cast/cast.h new file mode 100644 index 0000000000..528cb7c824 --- /dev/null +++ b/src/lib/libcrypto/cast/cast.h @@ -0,0 +1,109 @@ +/* crypto/cast/cast.h */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#ifndef HEADER_CAST_H +#define HEADER_CAST_H + +#ifdef __cplusplus +extern "C" { +#endif + +#define CAST_ENCRYPT 1 +#define CAST_DECRYPT 0 + +#define CAST_LONG unsigned long + +#define CAST_BLOCK 8 +#define CAST_KEY_LENGTH 16 + +typedef struct cast_key_st + { + CAST_LONG data[32]; + } CAST_KEY; + +#ifndef NOPROTO + +void CAST_set_key(CAST_KEY *key, int len, unsigned char *data); +void CAST_ecb_encrypt(unsigned char *in,unsigned char *out,CAST_KEY *key, + int enc); +void CAST_encrypt(CAST_LONG *data,CAST_KEY *key); +void CAST_decrypt(CAST_LONG *data,CAST_KEY *key); +void CAST_cbc_encrypt(unsigned char *in, unsigned char *out, long length, + CAST_KEY *ks, unsigned char *iv, int enc); +void CAST_cfb64_encrypt(unsigned char *in, unsigned char *out, long length, + CAST_KEY *schedule, unsigned char *ivec, int *num, int enc); +void CAST_ofb64_encrypt(unsigned char *in, unsigned char *out, long length, + CAST_KEY *schedule, unsigned char *ivec, int *num); + +#else + +void CAST_set_key(); +void CAST_ecb_encrypt(); +void CAST_encrypt(); +void CAST_decrypt(); +void CAST_cbc_encrypt(); +void CAST_cfb64_encrypt(); +void CAST_ofb64_encrypt(); + +#endif + +#ifdef __cplusplus +} +#endif + +#endif diff --git a/src/lib/libcrypto/cast/cast_lcl.h b/src/lib/libcrypto/cast/cast_lcl.h new file mode 100644 index 0000000000..6587952a96 --- /dev/null +++ b/src/lib/libcrypto/cast/cast_lcl.h @@ -0,0 +1,224 @@ +/* crypto/cast/cast_lcl.h */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#ifdef WIN32 +#include +#endif + +#undef c2l +#define c2l(c,l) (l =((unsigned long)(*((c)++))) , \ + l|=((unsigned long)(*((c)++)))<< 8L, \ + l|=((unsigned long)(*((c)++)))<<16L, \ + l|=((unsigned long)(*((c)++)))<<24L) + +/* NOTE - c is not incremented as per c2l */ +#undef c2ln +#define c2ln(c,l1,l2,n) { \ + c+=n; \ + l1=l2=0; \ + switch (n) { \ + case 8: l2 =((unsigned long)(*(--(c))))<<24L; \ + case 7: l2|=((unsigned long)(*(--(c))))<<16L; \ + case 6: l2|=((unsigned long)(*(--(c))))<< 8L; \ + case 5: l2|=((unsigned long)(*(--(c)))); \ + case 4: l1 =((unsigned long)(*(--(c))))<<24L; \ + case 3: l1|=((unsigned long)(*(--(c))))<<16L; \ + case 2: l1|=((unsigned long)(*(--(c))))<< 8L; \ + case 1: l1|=((unsigned long)(*(--(c)))); \ + } \ + } + +#undef l2c +#define l2c(l,c) (*((c)++)=(unsigned char)(((l) )&0xff), \ + *((c)++)=(unsigned char)(((l)>> 8L)&0xff), \ + *((c)++)=(unsigned char)(((l)>>16L)&0xff), \ + *((c)++)=(unsigned char)(((l)>>24L)&0xff)) + +/* NOTE - c is not incremented as per l2c */ +#undef l2cn +#define l2cn(l1,l2,c,n) { \ + c+=n; \ + switch (n) { \ + case 8: *(--(c))=(unsigned char)(((l2)>>24L)&0xff); \ + case 7: *(--(c))=(unsigned char)(((l2)>>16L)&0xff); \ + case 6: *(--(c))=(unsigned char)(((l2)>> 8L)&0xff); \ + case 5: *(--(c))=(unsigned char)(((l2) )&0xff); \ + case 4: *(--(c))=(unsigned char)(((l1)>>24L)&0xff); \ + case 3: *(--(c))=(unsigned char)(((l1)>>16L)&0xff); \ + case 2: *(--(c))=(unsigned char)(((l1)>> 8L)&0xff); \ + case 1: *(--(c))=(unsigned char)(((l1) )&0xff); \ + } \ + } + +/* NOTE - c is not incremented as per n2l */ +#define n2ln(c,l1,l2,n) { \ + c+=n; \ + l1=l2=0; \ + switch (n) { \ + case 8: l2 =((unsigned long)(*(--(c)))) ; \ + case 7: l2|=((unsigned long)(*(--(c))))<< 8; \ + case 6: l2|=((unsigned long)(*(--(c))))<<16; \ + case 5: l2|=((unsigned long)(*(--(c))))<<24; \ + case 4: l1 =((unsigned long)(*(--(c)))) ; \ + case 3: l1|=((unsigned long)(*(--(c))))<< 8; \ + case 2: l1|=((unsigned long)(*(--(c))))<<16; \ + case 1: l1|=((unsigned long)(*(--(c))))<<24; \ + } \ + } + +/* NOTE - c is not incremented as per l2n */ +#define l2nn(l1,l2,c,n) { \ + c+=n; \ + switch (n) { \ + case 8: *(--(c))=(unsigned char)(((l2) )&0xff); \ + case 7: *(--(c))=(unsigned char)(((l2)>> 8)&0xff); \ + case 6: *(--(c))=(unsigned char)(((l2)>>16)&0xff); \ + case 5: *(--(c))=(unsigned char)(((l2)>>24)&0xff); \ + case 4: *(--(c))=(unsigned char)(((l1) )&0xff); \ + case 3: *(--(c))=(unsigned char)(((l1)>> 8)&0xff); \ + case 2: *(--(c))=(unsigned char)(((l1)>>16)&0xff); \ + case 1: *(--(c))=(unsigned char)(((l1)>>24)&0xff); \ + } \ + } + +#undef n2l +#define n2l(c,l) (l =((unsigned long)(*((c)++)))<<24L, \ + l|=((unsigned long)(*((c)++)))<<16L, \ + l|=((unsigned long)(*((c)++)))<< 8L, \ + l|=((unsigned long)(*((c)++)))) + +#undef l2n +#define l2n(l,c) (*((c)++)=(unsigned char)(((l)>>24L)&0xff), \ + *((c)++)=(unsigned char)(((l)>>16L)&0xff), \ + *((c)++)=(unsigned char)(((l)>> 8L)&0xff), \ + *((c)++)=(unsigned char)(((l) )&0xff)) + +#if defined(WIN32) +#define ROTL(a,n) (_lrotl(a,n)) +#else +#define ROTL(a,n) ((((a)<<(n))&0xffffffffL)|((a)>>(32-(n)))) +#endif + +#define C_M 0x3fc +#define C_0 22L +#define C_1 14L +#define C_2 6L +#define C_3 2L /* left shift */ + +/* The rotate has an extra 16 added to it to help the x86 asm */ +#if defined(CAST_PTR) +#define E_CAST(n,key,L,R,OP1,OP2,OP3) \ + { \ + int i; \ + t=(key[n*2] OP1 R)&0xffffffffL; \ + i=key[n*2+1]; \ + t=ROTL(t,i); \ + L^= (((((*(CAST_LONG *)((unsigned char *) \ + CAST_S_table0+((t>>C_2)&C_M)) OP2 \ + *(CAST_LONG *)((unsigned char *) \ + CAST_S_table1+((t<>C_0)&C_M)))&0xffffffffL) OP1 \ + *(CAST_LONG *)((unsigned char *) \ + CAST_S_table3+((t>>C_1)&C_M)))&0xffffffffL; \ + } +#elif defined(CAST_PTR2) +#define E_CAST(n,key,L,R,OP1,OP2,OP3) \ + { \ + int i; \ + CAST_LONG u,v,w; \ + w=(key[n*2] OP1 R)&0xffffffffL; \ + i=key[n*2+1]; \ + w=ROTL(w,i); \ + u=w>>C_2; \ + v=w<>C_0; \ + t=(t OP2 *(CAST_LONG *)((unsigned char *)CAST_S_table1+v))&0xffffffffL;\ + v=w>>C_1; \ + u&=C_M; \ + v&=C_M; \ + t=(t OP3 *(CAST_LONG *)((unsigned char *)CAST_S_table2+u)&0xffffffffL);\ + t=(t OP1 *(CAST_LONG *)((unsigned char *)CAST_S_table3+v)&0xffffffffL);\ + L^=(t&0xffffffff); \ + } +#else +#define E_CAST(n,key,L,R,OP1,OP2,OP3) \ + { \ + CAST_LONG a,b,c,d; \ + t=(key[n*2] OP1 R)&0xffffffff; \ + t=ROTL(t,(key[n*2+1])); \ + a=CAST_S_table0[(t>> 8)&0xff]; \ + b=CAST_S_table1[(t )&0xff]; \ + c=CAST_S_table2[(t>>24)&0xff]; \ + d=CAST_S_table3[(t>>16)&0xff]; \ + L^=(((((a OP2 b)&0xffffffffL) OP3 c)&0xffffffffL) OP1 d)&0xffffffffL; \ + } +#endif + +extern CAST_LONG CAST_S_table0[256]; +extern CAST_LONG CAST_S_table1[256]; +extern CAST_LONG CAST_S_table2[256]; +extern CAST_LONG CAST_S_table3[256]; +extern CAST_LONG CAST_S_table4[256]; +extern CAST_LONG CAST_S_table5[256]; +extern CAST_LONG CAST_S_table6[256]; +extern CAST_LONG CAST_S_table7[256]; + diff --git a/src/lib/libcrypto/cast/cast_s.h b/src/lib/libcrypto/cast/cast_s.h new file mode 100644 index 0000000000..8fe0152149 --- /dev/null +++ b/src/lib/libcrypto/cast/cast_s.h @@ -0,0 +1,585 @@ +/* crypto/cast/cast_s.h */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ +CAST_LONG CAST_S_table0[256]={ + 0x30fb40d4,0x9fa0ff0b,0x6beccd2f,0x3f258c7a, + 0x1e213f2f,0x9c004dd3,0x6003e540,0xcf9fc949, + 0xbfd4af27,0x88bbbdb5,0xe2034090,0x98d09675, + 0x6e63a0e0,0x15c361d2,0xc2e7661d,0x22d4ff8e, + 0x28683b6f,0xc07fd059,0xff2379c8,0x775f50e2, + 0x43c340d3,0xdf2f8656,0x887ca41a,0xa2d2bd2d, + 0xa1c9e0d6,0x346c4819,0x61b76d87,0x22540f2f, + 0x2abe32e1,0xaa54166b,0x22568e3a,0xa2d341d0, + 0x66db40c8,0xa784392f,0x004dff2f,0x2db9d2de, + 0x97943fac,0x4a97c1d8,0x527644b7,0xb5f437a7, + 0xb82cbaef,0xd751d159,0x6ff7f0ed,0x5a097a1f, + 0x827b68d0,0x90ecf52e,0x22b0c054,0xbc8e5935, + 0x4b6d2f7f,0x50bb64a2,0xd2664910,0xbee5812d, + 0xb7332290,0xe93b159f,0xb48ee411,0x4bff345d, + 0xfd45c240,0xad31973f,0xc4f6d02e,0x55fc8165, + 0xd5b1caad,0xa1ac2dae,0xa2d4b76d,0xc19b0c50, + 0x882240f2,0x0c6e4f38,0xa4e4bfd7,0x4f5ba272, + 0x564c1d2f,0xc59c5319,0xb949e354,0xb04669fe, + 0xb1b6ab8a,0xc71358dd,0x6385c545,0x110f935d, + 0x57538ad5,0x6a390493,0xe63d37e0,0x2a54f6b3, + 0x3a787d5f,0x6276a0b5,0x19a6fcdf,0x7a42206a, + 0x29f9d4d5,0xf61b1891,0xbb72275e,0xaa508167, + 0x38901091,0xc6b505eb,0x84c7cb8c,0x2ad75a0f, + 0x874a1427,0xa2d1936b,0x2ad286af,0xaa56d291, + 0xd7894360,0x425c750d,0x93b39e26,0x187184c9, + 0x6c00b32d,0x73e2bb14,0xa0bebc3c,0x54623779, + 0x64459eab,0x3f328b82,0x7718cf82,0x59a2cea6, + 0x04ee002e,0x89fe78e6,0x3fab0950,0x325ff6c2, + 0x81383f05,0x6963c5c8,0x76cb5ad6,0xd49974c9, + 0xca180dcf,0x380782d5,0xc7fa5cf6,0x8ac31511, + 0x35e79e13,0x47da91d0,0xf40f9086,0xa7e2419e, + 0x31366241,0x051ef495,0xaa573b04,0x4a805d8d, + 0x548300d0,0x00322a3c,0xbf64cddf,0xba57a68e, + 0x75c6372b,0x50afd341,0xa7c13275,0x915a0bf5, + 0x6b54bfab,0x2b0b1426,0xab4cc9d7,0x449ccd82, + 0xf7fbf265,0xab85c5f3,0x1b55db94,0xaad4e324, + 0xcfa4bd3f,0x2deaa3e2,0x9e204d02,0xc8bd25ac, + 0xeadf55b3,0xd5bd9e98,0xe31231b2,0x2ad5ad6c, + 0x954329de,0xadbe4528,0xd8710f69,0xaa51c90f, + 0xaa786bf6,0x22513f1e,0xaa51a79b,0x2ad344cc, + 0x7b5a41f0,0xd37cfbad,0x1b069505,0x41ece491, + 0xb4c332e6,0x032268d4,0xc9600acc,0xce387e6d, + 0xbf6bb16c,0x6a70fb78,0x0d03d9c9,0xd4df39de, + 0xe01063da,0x4736f464,0x5ad328d8,0xb347cc96, + 0x75bb0fc3,0x98511bfb,0x4ffbcc35,0xb58bcf6a, + 0xe11f0abc,0xbfc5fe4a,0xa70aec10,0xac39570a, + 0x3f04442f,0x6188b153,0xe0397a2e,0x5727cb79, + 0x9ceb418f,0x1cacd68d,0x2ad37c96,0x0175cb9d, + 0xc69dff09,0xc75b65f0,0xd9db40d8,0xec0e7779, + 0x4744ead4,0xb11c3274,0xdd24cb9e,0x7e1c54bd, + 0xf01144f9,0xd2240eb1,0x9675b3fd,0xa3ac3755, + 0xd47c27af,0x51c85f4d,0x56907596,0xa5bb15e6, + 0x580304f0,0xca042cf1,0x011a37ea,0x8dbfaadb, + 0x35ba3e4a,0x3526ffa0,0xc37b4d09,0xbc306ed9, + 0x98a52666,0x5648f725,0xff5e569d,0x0ced63d0, + 0x7c63b2cf,0x700b45e1,0xd5ea50f1,0x85a92872, + 0xaf1fbda7,0xd4234870,0xa7870bf3,0x2d3b4d79, + 0x42e04198,0x0cd0ede7,0x26470db8,0xf881814c, + 0x474d6ad7,0x7c0c5e5c,0xd1231959,0x381b7298, + 0xf5d2f4db,0xab838653,0x6e2f1e23,0x83719c9e, + 0xbd91e046,0x9a56456e,0xdc39200c,0x20c8c571, + 0x962bda1c,0xe1e696ff,0xb141ab08,0x7cca89b9, + 0x1a69e783,0x02cc4843,0xa2f7c579,0x429ef47d, + 0x427b169c,0x5ac9f049,0xdd8f0f00,0x5c8165bf, + }; +CAST_LONG CAST_S_table1[256]={ + 0x1f201094,0xef0ba75b,0x69e3cf7e,0x393f4380, + 0xfe61cf7a,0xeec5207a,0x55889c94,0x72fc0651, + 0xada7ef79,0x4e1d7235,0xd55a63ce,0xde0436ba, + 0x99c430ef,0x5f0c0794,0x18dcdb7d,0xa1d6eff3, + 0xa0b52f7b,0x59e83605,0xee15b094,0xe9ffd909, + 0xdc440086,0xef944459,0xba83ccb3,0xe0c3cdfb, + 0xd1da4181,0x3b092ab1,0xf997f1c1,0xa5e6cf7b, + 0x01420ddb,0xe4e7ef5b,0x25a1ff41,0xe180f806, + 0x1fc41080,0x179bee7a,0xd37ac6a9,0xfe5830a4, + 0x98de8b7f,0x77e83f4e,0x79929269,0x24fa9f7b, + 0xe113c85b,0xacc40083,0xd7503525,0xf7ea615f, + 0x62143154,0x0d554b63,0x5d681121,0xc866c359, + 0x3d63cf73,0xcee234c0,0xd4d87e87,0x5c672b21, + 0x071f6181,0x39f7627f,0x361e3084,0xe4eb573b, + 0x602f64a4,0xd63acd9c,0x1bbc4635,0x9e81032d, + 0x2701f50c,0x99847ab4,0xa0e3df79,0xba6cf38c, + 0x10843094,0x2537a95e,0xf46f6ffe,0xa1ff3b1f, + 0x208cfb6a,0x8f458c74,0xd9e0a227,0x4ec73a34, + 0xfc884f69,0x3e4de8df,0xef0e0088,0x3559648d, + 0x8a45388c,0x1d804366,0x721d9bfd,0xa58684bb, + 0xe8256333,0x844e8212,0x128d8098,0xfed33fb4, + 0xce280ae1,0x27e19ba5,0xd5a6c252,0xe49754bd, + 0xc5d655dd,0xeb667064,0x77840b4d,0xa1b6a801, + 0x84db26a9,0xe0b56714,0x21f043b7,0xe5d05860, + 0x54f03084,0x066ff472,0xa31aa153,0xdadc4755, + 0xb5625dbf,0x68561be6,0x83ca6b94,0x2d6ed23b, + 0xeccf01db,0xa6d3d0ba,0xb6803d5c,0xaf77a709, + 0x33b4a34c,0x397bc8d6,0x5ee22b95,0x5f0e5304, + 0x81ed6f61,0x20e74364,0xb45e1378,0xde18639b, + 0x881ca122,0xb96726d1,0x8049a7e8,0x22b7da7b, + 0x5e552d25,0x5272d237,0x79d2951c,0xc60d894c, + 0x488cb402,0x1ba4fe5b,0xa4b09f6b,0x1ca815cf, + 0xa20c3005,0x8871df63,0xb9de2fcb,0x0cc6c9e9, + 0x0beeff53,0xe3214517,0xb4542835,0x9f63293c, + 0xee41e729,0x6e1d2d7c,0x50045286,0x1e6685f3, + 0xf33401c6,0x30a22c95,0x31a70850,0x60930f13, + 0x73f98417,0xa1269859,0xec645c44,0x52c877a9, + 0xcdff33a6,0xa02b1741,0x7cbad9a2,0x2180036f, + 0x50d99c08,0xcb3f4861,0xc26bd765,0x64a3f6ab, + 0x80342676,0x25a75e7b,0xe4e6d1fc,0x20c710e6, + 0xcdf0b680,0x17844d3b,0x31eef84d,0x7e0824e4, + 0x2ccb49eb,0x846a3bae,0x8ff77888,0xee5d60f6, + 0x7af75673,0x2fdd5cdb,0xa11631c1,0x30f66f43, + 0xb3faec54,0x157fd7fa,0xef8579cc,0xd152de58, + 0xdb2ffd5e,0x8f32ce19,0x306af97a,0x02f03ef8, + 0x99319ad5,0xc242fa0f,0xa7e3ebb0,0xc68e4906, + 0xb8da230c,0x80823028,0xdcdef3c8,0xd35fb171, + 0x088a1bc8,0xbec0c560,0x61a3c9e8,0xbca8f54d, + 0xc72feffa,0x22822e99,0x82c570b4,0xd8d94e89, + 0x8b1c34bc,0x301e16e6,0x273be979,0xb0ffeaa6, + 0x61d9b8c6,0x00b24869,0xb7ffce3f,0x08dc283b, + 0x43daf65a,0xf7e19798,0x7619b72f,0x8f1c9ba4, + 0xdc8637a0,0x16a7d3b1,0x9fc393b7,0xa7136eeb, + 0xc6bcc63e,0x1a513742,0xef6828bc,0x520365d6, + 0x2d6a77ab,0x3527ed4b,0x821fd216,0x095c6e2e, + 0xdb92f2fb,0x5eea29cb,0x145892f5,0x91584f7f, + 0x5483697b,0x2667a8cc,0x85196048,0x8c4bacea, + 0x833860d4,0x0d23e0f9,0x6c387e8a,0x0ae6d249, + 0xb284600c,0xd835731d,0xdcb1c647,0xac4c56ea, + 0x3ebd81b3,0x230eabb0,0x6438bc87,0xf0b5b1fa, + 0x8f5ea2b3,0xfc184642,0x0a036b7a,0x4fb089bd, + 0x649da589,0xa345415e,0x5c038323,0x3e5d3bb9, + 0x43d79572,0x7e6dd07c,0x06dfdf1e,0x6c6cc4ef, + 0x7160a539,0x73bfbe70,0x83877605,0x4523ecf1, + }; +CAST_LONG CAST_S_table2[256]={ + 0x8defc240,0x25fa5d9f,0xeb903dbf,0xe810c907, + 0x47607fff,0x369fe44b,0x8c1fc644,0xaececa90, + 0xbeb1f9bf,0xeefbcaea,0xe8cf1950,0x51df07ae, + 0x920e8806,0xf0ad0548,0xe13c8d83,0x927010d5, + 0x11107d9f,0x07647db9,0xb2e3e4d4,0x3d4f285e, + 0xb9afa820,0xfade82e0,0xa067268b,0x8272792e, + 0x553fb2c0,0x489ae22b,0xd4ef9794,0x125e3fbc, + 0x21fffcee,0x825b1bfd,0x9255c5ed,0x1257a240, + 0x4e1a8302,0xbae07fff,0x528246e7,0x8e57140e, + 0x3373f7bf,0x8c9f8188,0xa6fc4ee8,0xc982b5a5, + 0xa8c01db7,0x579fc264,0x67094f31,0xf2bd3f5f, + 0x40fff7c1,0x1fb78dfc,0x8e6bd2c1,0x437be59b, + 0x99b03dbf,0xb5dbc64b,0x638dc0e6,0x55819d99, + 0xa197c81c,0x4a012d6e,0xc5884a28,0xccc36f71, + 0xb843c213,0x6c0743f1,0x8309893c,0x0feddd5f, + 0x2f7fe850,0xd7c07f7e,0x02507fbf,0x5afb9a04, + 0xa747d2d0,0x1651192e,0xaf70bf3e,0x58c31380, + 0x5f98302e,0x727cc3c4,0x0a0fb402,0x0f7fef82, + 0x8c96fdad,0x5d2c2aae,0x8ee99a49,0x50da88b8, + 0x8427f4a0,0x1eac5790,0x796fb449,0x8252dc15, + 0xefbd7d9b,0xa672597d,0xada840d8,0x45f54504, + 0xfa5d7403,0xe83ec305,0x4f91751a,0x925669c2, + 0x23efe941,0xa903f12e,0x60270df2,0x0276e4b6, + 0x94fd6574,0x927985b2,0x8276dbcb,0x02778176, + 0xf8af918d,0x4e48f79e,0x8f616ddf,0xe29d840e, + 0x842f7d83,0x340ce5c8,0x96bbb682,0x93b4b148, + 0xef303cab,0x984faf28,0x779faf9b,0x92dc560d, + 0x224d1e20,0x8437aa88,0x7d29dc96,0x2756d3dc, + 0x8b907cee,0xb51fd240,0xe7c07ce3,0xe566b4a1, + 0xc3e9615e,0x3cf8209d,0x6094d1e3,0xcd9ca341, + 0x5c76460e,0x00ea983b,0xd4d67881,0xfd47572c, + 0xf76cedd9,0xbda8229c,0x127dadaa,0x438a074e, + 0x1f97c090,0x081bdb8a,0x93a07ebe,0xb938ca15, + 0x97b03cff,0x3dc2c0f8,0x8d1ab2ec,0x64380e51, + 0x68cc7bfb,0xd90f2788,0x12490181,0x5de5ffd4, + 0xdd7ef86a,0x76a2e214,0xb9a40368,0x925d958f, + 0x4b39fffa,0xba39aee9,0xa4ffd30b,0xfaf7933b, + 0x6d498623,0x193cbcfa,0x27627545,0x825cf47a, + 0x61bd8ba0,0xd11e42d1,0xcead04f4,0x127ea392, + 0x10428db7,0x8272a972,0x9270c4a8,0x127de50b, + 0x285ba1c8,0x3c62f44f,0x35c0eaa5,0xe805d231, + 0x428929fb,0xb4fcdf82,0x4fb66a53,0x0e7dc15b, + 0x1f081fab,0x108618ae,0xfcfd086d,0xf9ff2889, + 0x694bcc11,0x236a5cae,0x12deca4d,0x2c3f8cc5, + 0xd2d02dfe,0xf8ef5896,0xe4cf52da,0x95155b67, + 0x494a488c,0xb9b6a80c,0x5c8f82bc,0x89d36b45, + 0x3a609437,0xec00c9a9,0x44715253,0x0a874b49, + 0xd773bc40,0x7c34671c,0x02717ef6,0x4feb5536, + 0xa2d02fff,0xd2bf60c4,0xd43f03c0,0x50b4ef6d, + 0x07478cd1,0x006e1888,0xa2e53f55,0xb9e6d4bc, + 0xa2048016,0x97573833,0xd7207d67,0xde0f8f3d, + 0x72f87b33,0xabcc4f33,0x7688c55d,0x7b00a6b0, + 0x947b0001,0x570075d2,0xf9bb88f8,0x8942019e, + 0x4264a5ff,0x856302e0,0x72dbd92b,0xee971b69, + 0x6ea22fde,0x5f08ae2b,0xaf7a616d,0xe5c98767, + 0xcf1febd2,0x61efc8c2,0xf1ac2571,0xcc8239c2, + 0x67214cb8,0xb1e583d1,0xb7dc3e62,0x7f10bdce, + 0xf90a5c38,0x0ff0443d,0x606e6dc6,0x60543a49, + 0x5727c148,0x2be98a1d,0x8ab41738,0x20e1be24, + 0xaf96da0f,0x68458425,0x99833be5,0x600d457d, + 0x282f9350,0x8334b362,0xd91d1120,0x2b6d8da0, + 0x642b1e31,0x9c305a00,0x52bce688,0x1b03588a, + 0xf7baefd5,0x4142ed9c,0xa4315c11,0x83323ec5, + 0xdfef4636,0xa133c501,0xe9d3531c,0xee353783, + }; +CAST_LONG CAST_S_table3[256]={ + 0x9db30420,0x1fb6e9de,0xa7be7bef,0xd273a298, + 0x4a4f7bdb,0x64ad8c57,0x85510443,0xfa020ed1, + 0x7e287aff,0xe60fb663,0x095f35a1,0x79ebf120, + 0xfd059d43,0x6497b7b1,0xf3641f63,0x241e4adf, + 0x28147f5f,0x4fa2b8cd,0xc9430040,0x0cc32220, + 0xfdd30b30,0xc0a5374f,0x1d2d00d9,0x24147b15, + 0xee4d111a,0x0fca5167,0x71ff904c,0x2d195ffe, + 0x1a05645f,0x0c13fefe,0x081b08ca,0x05170121, + 0x80530100,0xe83e5efe,0xac9af4f8,0x7fe72701, + 0xd2b8ee5f,0x06df4261,0xbb9e9b8a,0x7293ea25, + 0xce84ffdf,0xf5718801,0x3dd64b04,0xa26f263b, + 0x7ed48400,0x547eebe6,0x446d4ca0,0x6cf3d6f5, + 0x2649abdf,0xaea0c7f5,0x36338cc1,0x503f7e93, + 0xd3772061,0x11b638e1,0x72500e03,0xf80eb2bb, + 0xabe0502e,0xec8d77de,0x57971e81,0xe14f6746, + 0xc9335400,0x6920318f,0x081dbb99,0xffc304a5, + 0x4d351805,0x7f3d5ce3,0xa6c866c6,0x5d5bcca9, + 0xdaec6fea,0x9f926f91,0x9f46222f,0x3991467d, + 0xa5bf6d8e,0x1143c44f,0x43958302,0xd0214eeb, + 0x022083b8,0x3fb6180c,0x18f8931e,0x281658e6, + 0x26486e3e,0x8bd78a70,0x7477e4c1,0xb506e07c, + 0xf32d0a25,0x79098b02,0xe4eabb81,0x28123b23, + 0x69dead38,0x1574ca16,0xdf871b62,0x211c40b7, + 0xa51a9ef9,0x0014377b,0x041e8ac8,0x09114003, + 0xbd59e4d2,0xe3d156d5,0x4fe876d5,0x2f91a340, + 0x557be8de,0x00eae4a7,0x0ce5c2ec,0x4db4bba6, + 0xe756bdff,0xdd3369ac,0xec17b035,0x06572327, + 0x99afc8b0,0x56c8c391,0x6b65811c,0x5e146119, + 0x6e85cb75,0xbe07c002,0xc2325577,0x893ff4ec, + 0x5bbfc92d,0xd0ec3b25,0xb7801ab7,0x8d6d3b24, + 0x20c763ef,0xc366a5fc,0x9c382880,0x0ace3205, + 0xaac9548a,0xeca1d7c7,0x041afa32,0x1d16625a, + 0x6701902c,0x9b757a54,0x31d477f7,0x9126b031, + 0x36cc6fdb,0xc70b8b46,0xd9e66a48,0x56e55a79, + 0x026a4ceb,0x52437eff,0x2f8f76b4,0x0df980a5, + 0x8674cde3,0xedda04eb,0x17a9be04,0x2c18f4df, + 0xb7747f9d,0xab2af7b4,0xefc34d20,0x2e096b7c, + 0x1741a254,0xe5b6a035,0x213d42f6,0x2c1c7c26, + 0x61c2f50f,0x6552daf9,0xd2c231f8,0x25130f69, + 0xd8167fa2,0x0418f2c8,0x001a96a6,0x0d1526ab, + 0x63315c21,0x5e0a72ec,0x49bafefd,0x187908d9, + 0x8d0dbd86,0x311170a7,0x3e9b640c,0xcc3e10d7, + 0xd5cad3b6,0x0caec388,0xf73001e1,0x6c728aff, + 0x71eae2a1,0x1f9af36e,0xcfcbd12f,0xc1de8417, + 0xac07be6b,0xcb44a1d8,0x8b9b0f56,0x013988c3, + 0xb1c52fca,0xb4be31cd,0xd8782806,0x12a3a4e2, + 0x6f7de532,0x58fd7eb6,0xd01ee900,0x24adffc2, + 0xf4990fc5,0x9711aac5,0x001d7b95,0x82e5e7d2, + 0x109873f6,0x00613096,0xc32d9521,0xada121ff, + 0x29908415,0x7fbb977f,0xaf9eb3db,0x29c9ed2a, + 0x5ce2a465,0xa730f32c,0xd0aa3fe8,0x8a5cc091, + 0xd49e2ce7,0x0ce454a9,0xd60acd86,0x015f1919, + 0x77079103,0xdea03af6,0x78a8565e,0xdee356df, + 0x21f05cbe,0x8b75e387,0xb3c50651,0xb8a5c3ef, + 0xd8eeb6d2,0xe523be77,0xc2154529,0x2f69efdf, + 0xafe67afb,0xf470c4b2,0xf3e0eb5b,0xd6cc9876, + 0x39e4460c,0x1fda8538,0x1987832f,0xca007367, + 0xa99144f8,0x296b299e,0x492fc295,0x9266beab, + 0xb5676e69,0x9bd3ddda,0xdf7e052f,0xdb25701c, + 0x1b5e51ee,0xf65324e6,0x6afce36c,0x0316cc04, + 0x8644213e,0xb7dc59d0,0x7965291f,0xccd6fd43, + 0x41823979,0x932bcdf6,0xb657c34d,0x4edfd282, + 0x7ae5290c,0x3cb9536b,0x851e20fe,0x9833557e, + 0x13ecf0b0,0xd3ffb372,0x3f85c5c1,0x0aef7ed2, + }; +CAST_LONG CAST_S_table4[256]={ + 0x7ec90c04,0x2c6e74b9,0x9b0e66df,0xa6337911, + 0xb86a7fff,0x1dd358f5,0x44dd9d44,0x1731167f, + 0x08fbf1fa,0xe7f511cc,0xd2051b00,0x735aba00, + 0x2ab722d8,0x386381cb,0xacf6243a,0x69befd7a, + 0xe6a2e77f,0xf0c720cd,0xc4494816,0xccf5c180, + 0x38851640,0x15b0a848,0xe68b18cb,0x4caadeff, + 0x5f480a01,0x0412b2aa,0x259814fc,0x41d0efe2, + 0x4e40b48d,0x248eb6fb,0x8dba1cfe,0x41a99b02, + 0x1a550a04,0xba8f65cb,0x7251f4e7,0x95a51725, + 0xc106ecd7,0x97a5980a,0xc539b9aa,0x4d79fe6a, + 0xf2f3f763,0x68af8040,0xed0c9e56,0x11b4958b, + 0xe1eb5a88,0x8709e6b0,0xd7e07156,0x4e29fea7, + 0x6366e52d,0x02d1c000,0xc4ac8e05,0x9377f571, + 0x0c05372a,0x578535f2,0x2261be02,0xd642a0c9, + 0xdf13a280,0x74b55bd2,0x682199c0,0xd421e5ec, + 0x53fb3ce8,0xc8adedb3,0x28a87fc9,0x3d959981, + 0x5c1ff900,0xfe38d399,0x0c4eff0b,0x062407ea, + 0xaa2f4fb1,0x4fb96976,0x90c79505,0xb0a8a774, + 0xef55a1ff,0xe59ca2c2,0xa6b62d27,0xe66a4263, + 0xdf65001f,0x0ec50966,0xdfdd55bc,0x29de0655, + 0x911e739a,0x17af8975,0x32c7911c,0x89f89468, + 0x0d01e980,0x524755f4,0x03b63cc9,0x0cc844b2, + 0xbcf3f0aa,0x87ac36e9,0xe53a7426,0x01b3d82b, + 0x1a9e7449,0x64ee2d7e,0xcddbb1da,0x01c94910, + 0xb868bf80,0x0d26f3fd,0x9342ede7,0x04a5c284, + 0x636737b6,0x50f5b616,0xf24766e3,0x8eca36c1, + 0x136e05db,0xfef18391,0xfb887a37,0xd6e7f7d4, + 0xc7fb7dc9,0x3063fcdf,0xb6f589de,0xec2941da, + 0x26e46695,0xb7566419,0xf654efc5,0xd08d58b7, + 0x48925401,0xc1bacb7f,0xe5ff550f,0xb6083049, + 0x5bb5d0e8,0x87d72e5a,0xab6a6ee1,0x223a66ce, + 0xc62bf3cd,0x9e0885f9,0x68cb3e47,0x086c010f, + 0xa21de820,0xd18b69de,0xf3f65777,0xfa02c3f6, + 0x407edac3,0xcbb3d550,0x1793084d,0xb0d70eba, + 0x0ab378d5,0xd951fb0c,0xded7da56,0x4124bbe4, + 0x94ca0b56,0x0f5755d1,0xe0e1e56e,0x6184b5be, + 0x580a249f,0x94f74bc0,0xe327888e,0x9f7b5561, + 0xc3dc0280,0x05687715,0x646c6bd7,0x44904db3, + 0x66b4f0a3,0xc0f1648a,0x697ed5af,0x49e92ff6, + 0x309e374f,0x2cb6356a,0x85808573,0x4991f840, + 0x76f0ae02,0x083be84d,0x28421c9a,0x44489406, + 0x736e4cb8,0xc1092910,0x8bc95fc6,0x7d869cf4, + 0x134f616f,0x2e77118d,0xb31b2be1,0xaa90b472, + 0x3ca5d717,0x7d161bba,0x9cad9010,0xaf462ba2, + 0x9fe459d2,0x45d34559,0xd9f2da13,0xdbc65487, + 0xf3e4f94e,0x176d486f,0x097c13ea,0x631da5c7, + 0x445f7382,0x175683f4,0xcdc66a97,0x70be0288, + 0xb3cdcf72,0x6e5dd2f3,0x20936079,0x459b80a5, + 0xbe60e2db,0xa9c23101,0xeba5315c,0x224e42f2, + 0x1c5c1572,0xf6721b2c,0x1ad2fff3,0x8c25404e, + 0x324ed72f,0x4067b7fd,0x0523138e,0x5ca3bc78, + 0xdc0fd66e,0x75922283,0x784d6b17,0x58ebb16e, + 0x44094f85,0x3f481d87,0xfcfeae7b,0x77b5ff76, + 0x8c2302bf,0xaaf47556,0x5f46b02a,0x2b092801, + 0x3d38f5f7,0x0ca81f36,0x52af4a8a,0x66d5e7c0, + 0xdf3b0874,0x95055110,0x1b5ad7a8,0xf61ed5ad, + 0x6cf6e479,0x20758184,0xd0cefa65,0x88f7be58, + 0x4a046826,0x0ff6f8f3,0xa09c7f70,0x5346aba0, + 0x5ce96c28,0xe176eda3,0x6bac307f,0x376829d2, + 0x85360fa9,0x17e3fe2a,0x24b79767,0xf5a96b20, + 0xd6cd2595,0x68ff1ebf,0x7555442c,0xf19f06be, + 0xf9e0659a,0xeeb9491d,0x34010718,0xbb30cab8, + 0xe822fe15,0x88570983,0x750e6249,0xda627e55, + 0x5e76ffa8,0xb1534546,0x6d47de08,0xefe9e7d4, + }; +CAST_LONG CAST_S_table5[256]={ + 0xf6fa8f9d,0x2cac6ce1,0x4ca34867,0xe2337f7c, + 0x95db08e7,0x016843b4,0xeced5cbc,0x325553ac, + 0xbf9f0960,0xdfa1e2ed,0x83f0579d,0x63ed86b9, + 0x1ab6a6b8,0xde5ebe39,0xf38ff732,0x8989b138, + 0x33f14961,0xc01937bd,0xf506c6da,0xe4625e7e, + 0xa308ea99,0x4e23e33c,0x79cbd7cc,0x48a14367, + 0xa3149619,0xfec94bd5,0xa114174a,0xeaa01866, + 0xa084db2d,0x09a8486f,0xa888614a,0x2900af98, + 0x01665991,0xe1992863,0xc8f30c60,0x2e78ef3c, + 0xd0d51932,0xcf0fec14,0xf7ca07d2,0xd0a82072, + 0xfd41197e,0x9305a6b0,0xe86be3da,0x74bed3cd, + 0x372da53c,0x4c7f4448,0xdab5d440,0x6dba0ec3, + 0x083919a7,0x9fbaeed9,0x49dbcfb0,0x4e670c53, + 0x5c3d9c01,0x64bdb941,0x2c0e636a,0xba7dd9cd, + 0xea6f7388,0xe70bc762,0x35f29adb,0x5c4cdd8d, + 0xf0d48d8c,0xb88153e2,0x08a19866,0x1ae2eac8, + 0x284caf89,0xaa928223,0x9334be53,0x3b3a21bf, + 0x16434be3,0x9aea3906,0xefe8c36e,0xf890cdd9, + 0x80226dae,0xc340a4a3,0xdf7e9c09,0xa694a807, + 0x5b7c5ecc,0x221db3a6,0x9a69a02f,0x68818a54, + 0xceb2296f,0x53c0843a,0xfe893655,0x25bfe68a, + 0xb4628abc,0xcf222ebf,0x25ac6f48,0xa9a99387, + 0x53bddb65,0xe76ffbe7,0xe967fd78,0x0ba93563, + 0x8e342bc1,0xe8a11be9,0x4980740d,0xc8087dfc, + 0x8de4bf99,0xa11101a0,0x7fd37975,0xda5a26c0, + 0xe81f994f,0x9528cd89,0xfd339fed,0xb87834bf, + 0x5f04456d,0x22258698,0xc9c4c83b,0x2dc156be, + 0x4f628daa,0x57f55ec5,0xe2220abe,0xd2916ebf, + 0x4ec75b95,0x24f2c3c0,0x42d15d99,0xcd0d7fa0, + 0x7b6e27ff,0xa8dc8af0,0x7345c106,0xf41e232f, + 0x35162386,0xe6ea8926,0x3333b094,0x157ec6f2, + 0x372b74af,0x692573e4,0xe9a9d848,0xf3160289, + 0x3a62ef1d,0xa787e238,0xf3a5f676,0x74364853, + 0x20951063,0x4576698d,0xb6fad407,0x592af950, + 0x36f73523,0x4cfb6e87,0x7da4cec0,0x6c152daa, + 0xcb0396a8,0xc50dfe5d,0xfcd707ab,0x0921c42f, + 0x89dff0bb,0x5fe2be78,0x448f4f33,0x754613c9, + 0x2b05d08d,0x48b9d585,0xdc049441,0xc8098f9b, + 0x7dede786,0xc39a3373,0x42410005,0x6a091751, + 0x0ef3c8a6,0x890072d6,0x28207682,0xa9a9f7be, + 0xbf32679d,0xd45b5b75,0xb353fd00,0xcbb0e358, + 0x830f220a,0x1f8fb214,0xd372cf08,0xcc3c4a13, + 0x8cf63166,0x061c87be,0x88c98f88,0x6062e397, + 0x47cf8e7a,0xb6c85283,0x3cc2acfb,0x3fc06976, + 0x4e8f0252,0x64d8314d,0xda3870e3,0x1e665459, + 0xc10908f0,0x513021a5,0x6c5b68b7,0x822f8aa0, + 0x3007cd3e,0x74719eef,0xdc872681,0x073340d4, + 0x7e432fd9,0x0c5ec241,0x8809286c,0xf592d891, + 0x08a930f6,0x957ef305,0xb7fbffbd,0xc266e96f, + 0x6fe4ac98,0xb173ecc0,0xbc60b42a,0x953498da, + 0xfba1ae12,0x2d4bd736,0x0f25faab,0xa4f3fceb, + 0xe2969123,0x257f0c3d,0x9348af49,0x361400bc, + 0xe8816f4a,0x3814f200,0xa3f94043,0x9c7a54c2, + 0xbc704f57,0xda41e7f9,0xc25ad33a,0x54f4a084, + 0xb17f5505,0x59357cbe,0xedbd15c8,0x7f97c5ab, + 0xba5ac7b5,0xb6f6deaf,0x3a479c3a,0x5302da25, + 0x653d7e6a,0x54268d49,0x51a477ea,0x5017d55b, + 0xd7d25d88,0x44136c76,0x0404a8c8,0xb8e5a121, + 0xb81a928a,0x60ed5869,0x97c55b96,0xeaec991b, + 0x29935913,0x01fdb7f1,0x088e8dfa,0x9ab6f6f5, + 0x3b4cbf9f,0x4a5de3ab,0xe6051d35,0xa0e1d855, + 0xd36b4cf1,0xf544edeb,0xb0e93524,0xbebb8fbd, + 0xa2d762cf,0x49c92f54,0x38b5f331,0x7128a454, + 0x48392905,0xa65b1db8,0x851c97bd,0xd675cf2f, + }; +CAST_LONG CAST_S_table6[256]={ + 0x85e04019,0x332bf567,0x662dbfff,0xcfc65693, + 0x2a8d7f6f,0xab9bc912,0xde6008a1,0x2028da1f, + 0x0227bce7,0x4d642916,0x18fac300,0x50f18b82, + 0x2cb2cb11,0xb232e75c,0x4b3695f2,0xb28707de, + 0xa05fbcf6,0xcd4181e9,0xe150210c,0xe24ef1bd, + 0xb168c381,0xfde4e789,0x5c79b0d8,0x1e8bfd43, + 0x4d495001,0x38be4341,0x913cee1d,0x92a79c3f, + 0x089766be,0xbaeeadf4,0x1286becf,0xb6eacb19, + 0x2660c200,0x7565bde4,0x64241f7a,0x8248dca9, + 0xc3b3ad66,0x28136086,0x0bd8dfa8,0x356d1cf2, + 0x107789be,0xb3b2e9ce,0x0502aa8f,0x0bc0351e, + 0x166bf52a,0xeb12ff82,0xe3486911,0xd34d7516, + 0x4e7b3aff,0x5f43671b,0x9cf6e037,0x4981ac83, + 0x334266ce,0x8c9341b7,0xd0d854c0,0xcb3a6c88, + 0x47bc2829,0x4725ba37,0xa66ad22b,0x7ad61f1e, + 0x0c5cbafa,0x4437f107,0xb6e79962,0x42d2d816, + 0x0a961288,0xe1a5c06e,0x13749e67,0x72fc081a, + 0xb1d139f7,0xf9583745,0xcf19df58,0xbec3f756, + 0xc06eba30,0x07211b24,0x45c28829,0xc95e317f, + 0xbc8ec511,0x38bc46e9,0xc6e6fa14,0xbae8584a, + 0xad4ebc46,0x468f508b,0x7829435f,0xf124183b, + 0x821dba9f,0xaff60ff4,0xea2c4e6d,0x16e39264, + 0x92544a8b,0x009b4fc3,0xaba68ced,0x9ac96f78, + 0x06a5b79a,0xb2856e6e,0x1aec3ca9,0xbe838688, + 0x0e0804e9,0x55f1be56,0xe7e5363b,0xb3a1f25d, + 0xf7debb85,0x61fe033c,0x16746233,0x3c034c28, + 0xda6d0c74,0x79aac56c,0x3ce4e1ad,0x51f0c802, + 0x98f8f35a,0x1626a49f,0xeed82b29,0x1d382fe3, + 0x0c4fb99a,0xbb325778,0x3ec6d97b,0x6e77a6a9, + 0xcb658b5c,0xd45230c7,0x2bd1408b,0x60c03eb7, + 0xb9068d78,0xa33754f4,0xf430c87d,0xc8a71302, + 0xb96d8c32,0xebd4e7be,0xbe8b9d2d,0x7979fb06, + 0xe7225308,0x8b75cf77,0x11ef8da4,0xe083c858, + 0x8d6b786f,0x5a6317a6,0xfa5cf7a0,0x5dda0033, + 0xf28ebfb0,0xf5b9c310,0xa0eac280,0x08b9767a, + 0xa3d9d2b0,0x79d34217,0x021a718d,0x9ac6336a, + 0x2711fd60,0x438050e3,0x069908a8,0x3d7fedc4, + 0x826d2bef,0x4eeb8476,0x488dcf25,0x36c9d566, + 0x28e74e41,0xc2610aca,0x3d49a9cf,0xbae3b9df, + 0xb65f8de6,0x92aeaf64,0x3ac7d5e6,0x9ea80509, + 0xf22b017d,0xa4173f70,0xdd1e16c3,0x15e0d7f9, + 0x50b1b887,0x2b9f4fd5,0x625aba82,0x6a017962, + 0x2ec01b9c,0x15488aa9,0xd716e740,0x40055a2c, + 0x93d29a22,0xe32dbf9a,0x058745b9,0x3453dc1e, + 0xd699296e,0x496cff6f,0x1c9f4986,0xdfe2ed07, + 0xb87242d1,0x19de7eae,0x053e561a,0x15ad6f8c, + 0x66626c1c,0x7154c24c,0xea082b2a,0x93eb2939, + 0x17dcb0f0,0x58d4f2ae,0x9ea294fb,0x52cf564c, + 0x9883fe66,0x2ec40581,0x763953c3,0x01d6692e, + 0xd3a0c108,0xa1e7160e,0xe4f2dfa6,0x693ed285, + 0x74904698,0x4c2b0edd,0x4f757656,0x5d393378, + 0xa132234f,0x3d321c5d,0xc3f5e194,0x4b269301, + 0xc79f022f,0x3c997e7e,0x5e4f9504,0x3ffafbbd, + 0x76f7ad0e,0x296693f4,0x3d1fce6f,0xc61e45be, + 0xd3b5ab34,0xf72bf9b7,0x1b0434c0,0x4e72b567, + 0x5592a33d,0xb5229301,0xcfd2a87f,0x60aeb767, + 0x1814386b,0x30bcc33d,0x38a0c07d,0xfd1606f2, + 0xc363519b,0x589dd390,0x5479f8e6,0x1cb8d647, + 0x97fd61a9,0xea7759f4,0x2d57539d,0x569a58cf, + 0xe84e63ad,0x462e1b78,0x6580f87e,0xf3817914, + 0x91da55f4,0x40a230f3,0xd1988f35,0xb6e318d2, + 0x3ffa50bc,0x3d40f021,0xc3c0bdae,0x4958c24c, + 0x518f36b2,0x84b1d370,0x0fedce83,0x878ddada, + 0xf2a279c7,0x94e01be8,0x90716f4b,0x954b8aa3, + }; +CAST_LONG CAST_S_table7[256]={ + 0xe216300d,0xbbddfffc,0xa7ebdabd,0x35648095, + 0x7789f8b7,0xe6c1121b,0x0e241600,0x052ce8b5, + 0x11a9cfb0,0xe5952f11,0xece7990a,0x9386d174, + 0x2a42931c,0x76e38111,0xb12def3a,0x37ddddfc, + 0xde9adeb1,0x0a0cc32c,0xbe197029,0x84a00940, + 0xbb243a0f,0xb4d137cf,0xb44e79f0,0x049eedfd, + 0x0b15a15d,0x480d3168,0x8bbbde5a,0x669ded42, + 0xc7ece831,0x3f8f95e7,0x72df191b,0x7580330d, + 0x94074251,0x5c7dcdfa,0xabbe6d63,0xaa402164, + 0xb301d40a,0x02e7d1ca,0x53571dae,0x7a3182a2, + 0x12a8ddec,0xfdaa335d,0x176f43e8,0x71fb46d4, + 0x38129022,0xce949ad4,0xb84769ad,0x965bd862, + 0x82f3d055,0x66fb9767,0x15b80b4e,0x1d5b47a0, + 0x4cfde06f,0xc28ec4b8,0x57e8726e,0x647a78fc, + 0x99865d44,0x608bd593,0x6c200e03,0x39dc5ff6, + 0x5d0b00a3,0xae63aff2,0x7e8bd632,0x70108c0c, + 0xbbd35049,0x2998df04,0x980cf42a,0x9b6df491, + 0x9e7edd53,0x06918548,0x58cb7e07,0x3b74ef2e, + 0x522fffb1,0xd24708cc,0x1c7e27cd,0xa4eb215b, + 0x3cf1d2e2,0x19b47a38,0x424f7618,0x35856039, + 0x9d17dee7,0x27eb35e6,0xc9aff67b,0x36baf5b8, + 0x09c467cd,0xc18910b1,0xe11dbf7b,0x06cd1af8, + 0x7170c608,0x2d5e3354,0xd4de495a,0x64c6d006, + 0xbcc0c62c,0x3dd00db3,0x708f8f34,0x77d51b42, + 0x264f620f,0x24b8d2bf,0x15c1b79e,0x46a52564, + 0xf8d7e54e,0x3e378160,0x7895cda5,0x859c15a5, + 0xe6459788,0xc37bc75f,0xdb07ba0c,0x0676a3ab, + 0x7f229b1e,0x31842e7b,0x24259fd7,0xf8bef472, + 0x835ffcb8,0x6df4c1f2,0x96f5b195,0xfd0af0fc, + 0xb0fe134c,0xe2506d3d,0x4f9b12ea,0xf215f225, + 0xa223736f,0x9fb4c428,0x25d04979,0x34c713f8, + 0xc4618187,0xea7a6e98,0x7cd16efc,0x1436876c, + 0xf1544107,0xbedeee14,0x56e9af27,0xa04aa441, + 0x3cf7c899,0x92ecbae6,0xdd67016d,0x151682eb, + 0xa842eedf,0xfdba60b4,0xf1907b75,0x20e3030f, + 0x24d8c29e,0xe139673b,0xefa63fb8,0x71873054, + 0xb6f2cf3b,0x9f326442,0xcb15a4cc,0xb01a4504, + 0xf1e47d8d,0x844a1be5,0xbae7dfdc,0x42cbda70, + 0xcd7dae0a,0x57e85b7a,0xd53f5af6,0x20cf4d8c, + 0xcea4d428,0x79d130a4,0x3486ebfb,0x33d3cddc, + 0x77853b53,0x37effcb5,0xc5068778,0xe580b3e6, + 0x4e68b8f4,0xc5c8b37e,0x0d809ea2,0x398feb7c, + 0x132a4f94,0x43b7950e,0x2fee7d1c,0x223613bd, + 0xdd06caa2,0x37df932b,0xc4248289,0xacf3ebc3, + 0x5715f6b7,0xef3478dd,0xf267616f,0xc148cbe4, + 0x9052815e,0x5e410fab,0xb48a2465,0x2eda7fa4, + 0xe87b40e4,0xe98ea084,0x5889e9e1,0xefd390fc, + 0xdd07d35b,0xdb485694,0x38d7e5b2,0x57720101, + 0x730edebc,0x5b643113,0x94917e4f,0x503c2fba, + 0x646f1282,0x7523d24a,0xe0779695,0xf9c17a8f, + 0x7a5b2121,0xd187b896,0x29263a4d,0xba510cdf, + 0x81f47c9f,0xad1163ed,0xea7b5965,0x1a00726e, + 0x11403092,0x00da6d77,0x4a0cdd61,0xad1f4603, + 0x605bdfb0,0x9eedc364,0x22ebe6a8,0xcee7d28a, + 0xa0e736a0,0x5564a6b9,0x10853209,0xc7eb8f37, + 0x2de705ca,0x8951570f,0xdf09822b,0xbd691a6c, + 0xaa12e4f2,0x87451c0f,0xe0f6a27a,0x3ada4819, + 0x4cf1764f,0x0d771c2b,0x67cdb156,0x350d8384, + 0x5938fa0f,0x42399ef3,0x36997b07,0x0e84093d, + 0x4aa93e61,0x8360d87b,0x1fa98b0c,0x1149382c, + 0xe97625a5,0x0614d1b7,0x0e25244b,0x0c768347, + 0x589e8d82,0x0d2059d1,0xa466bb1e,0xf8da0a82, + 0x04f19130,0xba6e4ec0,0x99265164,0x1ee7230d, + 0x50b2ad80,0xeaee6801,0x8db2a283,0xea8bf59e, + }; diff --git a/src/lib/libcrypto/conf/conf.h b/src/lib/libcrypto/conf/conf.h new file mode 100644 index 0000000000..1446226a16 --- /dev/null +++ b/src/lib/libcrypto/conf/conf.h @@ -0,0 +1,114 @@ +/* crypto/conf/conf.h */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#ifndef HEADER_CONF_H +#define HEADER_CONF_H + +#ifdef __cplusplus +extern "C" { +#endif + +#include "stack.h" +#include "lhash.h" + +typedef struct + { + char *section; + char *name; + char *value; + } CONF_VALUE; + +#ifndef NOPROTO + +LHASH *CONF_load(LHASH *conf,char *file,long *eline); +STACK *CONF_get_section(LHASH *conf,char *section); +char *CONF_get_string(LHASH *conf,char *group,char *name); +long CONF_get_number(LHASH *conf,char *group,char *name); +void CONF_free(LHASH *conf); +void ERR_load_CONF_strings(void ); + +#else + +LHASH *CONF_load(); +STACK *CONF_get_section(); +char *CONF_get_string(); +long CONF_get_number(); +void CONF_free(); +void ERR_load_CONF_strings(); + +#endif + +/* BEGIN ERROR CODES */ +/* Error codes for the CONF functions. */ + +/* Function codes. */ +#define CONF_F_CONF_LOAD 100 +#define CONF_F_STR_COPY 101 + +/* Reason codes. */ +#define CONF_R_MISSING_CLOSE_SQUARE_BRACKET 100 +#define CONF_R_MISSING_EQUAL_SIGN 101 +#define CONF_R_NO_CLOSE_BRACE 102 +#define CONF_R_UNABLE_TO_CREATE_NEW_SECTION 103 +#define CONF_R_VARIABLE_HAS_NO_VALUE 104 + +#ifdef __cplusplus +} +#endif +#endif + diff --git a/src/lib/libcrypto/conf/conf_err.c b/src/lib/libcrypto/conf/conf_err.c new file mode 100644 index 0000000000..a8db8f266f --- /dev/null +++ b/src/lib/libcrypto/conf/conf_err.c @@ -0,0 +1,96 @@ +/* lib/conf/conf_err.c */ +/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ +#include +#include "err.h" +#include "conf.h" + +/* BEGIN ERROR CODES */ +#ifndef NO_ERR +static ERR_STRING_DATA CONF_str_functs[]= + { +{ERR_PACK(0,CONF_F_CONF_LOAD,0), "CONF_load"}, +{ERR_PACK(0,CONF_F_STR_COPY,0), "STR_COPY"}, +{0,NULL}, + }; + +static ERR_STRING_DATA CONF_str_reasons[]= + { +{CONF_R_MISSING_CLOSE_SQUARE_BRACKET ,"missing close square bracket"}, +{CONF_R_MISSING_EQUAL_SIGN ,"missing equal sign"}, +{CONF_R_NO_CLOSE_BRACE ,"no close brace"}, +{CONF_R_UNABLE_TO_CREATE_NEW_SECTION ,"unable to create new section"}, +{CONF_R_VARIABLE_HAS_NO_VALUE ,"variable has no value"}, +{0,NULL}, + }; + +#endif + +void ERR_load_CONF_strings() + { + static int init=1; + + if (init); + {; + init=0; +#ifndef NO_ERR + ERR_load_strings(ERR_LIB_CONF,CONF_str_functs); + ERR_load_strings(ERR_LIB_CONF,CONF_str_reasons); +#endif + + } + } diff --git a/src/lib/libcrypto/conf/keysets.pl b/src/lib/libcrypto/conf/keysets.pl new file mode 100644 index 0000000000..e40fed0ca1 --- /dev/null +++ b/src/lib/libcrypto/conf/keysets.pl @@ -0,0 +1,61 @@ +#!/usr/bin/perl + +$NUMBER=0x01; +$UPPER=0x02; +$LOWER=0x04; +$EOF=0x08; +$WS=0x10; +$ESC=0x20; +$QUOTE=0x40; +$COMMENT=0x80; +$UNDER=0x100; + +foreach (0 .. 127) + { + $v=0; + $c=sprintf("%c",$_); + $v|=$NUMBER if ($c =~ /[0-9]/); + $v|=$UPPER if ($c =~ /[A-Z]/); + $v|=$LOWER if ($c =~ /[a-z]/); + $v|=$UNDER if ($c =~ /_/); + $v|=$WS if ($c =~ / \t\r\n/); + $v|=$ESC if ($c =~ /\\/); + $v|=$QUOTE if ($c =~ /['`"]/); + $v|=$COMMENT if ($c =~ /\#/); + $v|=$EOF if ($c =~ /\0/); + + push(@V,$v); + } + +print <<"EOF"; +#define CONF_NUMBER $NUMBER +#define CONF_UPPER $UPPER +#define CONF_LOWER $LOWER +#define CONF_EOF $EOF +#define CONF_WS $WS +#define CONF_ESC $ESC +#define CONF_QUOTE $QUOTE +#define CONF_COMMENT $COMMENT +#define CONF_ALPHA (CONF_UPPER|CONF_LOWER) +#define CONF_ALPHA_NUMERIC (CONF_ALPHA|CONF_NUMBER|CONF_UNDER) +#define CONF_UNDER $UNDER + +#define IS_COMMENT(a) (CONF_COMMENT&(CONF_type[(a)&0x7f])) +#define IS_EOF(a) ((a) == '\\0') +#define IS_ESC(a) ((a) == '\\\\') +#define IS_NUMER(a) (CONF_type[(a)&0x7f]&CONF_NUMBER) +#define IS_WS(a) (CONF_type[(a)&0x7f]&CONF_WS) +#define IS_ALPHA_NUMERIC(a) (CONF_type[(a)&0x7f]&CONF_ALPHA_NUMERIC) +#define IS_QUOTE(a) (CONF_type[(a)&0x7f]&CONF_QUOTE) + +EOF + +print "static unsigned short CONF_type[128]={"; + +for ($i=0; $i<128; $i++) + { + print "\n\t" if ($i % 8) == 0; + printf "0x%03X,",$V[$i]; + } + +print "\n\t};\n"; diff --git a/src/lib/libcrypto/conf/ssleay.cnf b/src/lib/libcrypto/conf/ssleay.cnf new file mode 100644 index 0000000000..ed33af601e --- /dev/null +++ b/src/lib/libcrypto/conf/ssleay.cnf @@ -0,0 +1,78 @@ +# +# This is a test configuration file for use in SSLeay etc... +# + +init = 5 +in\#it1 =10 +init2='10' +init3='10\'' +init4="10'" +init5='='10\'' again' + +SSLeay::version = 0.5.0 + +[genrsa] +default_bits = 512 +SSLEAY::version = 0.5.0 + +[gendh] +default_bits = 512 +def_generator = 2 + +[s_client] +cipher1 = DES_CBC_MD5:DES_CBC_SHA:DES_EDE_SHA:RC4_MD5\ +cipher2 = 'DES_CBC_MD5 DES_CBC_SHA DES_EDE_SHA RC4_MD5' +cipher3 = "DES_CBC_MD5 DES_CBC_SHA DES_EDE_SHA RC4_MD5" +cipher4 = DES_CBC_MD5 DES_CBC_SHA DES_EDE_SHA RC4_MD5 + +[ default ] +cert_dir = $ENV::HOME/.ca_certs + +HOME = /tmp/eay + +tmp_cert_dir = $HOME/.ca_certs +tmp2_cert_dir = thisis$(HOME)stuff + +LOGNAME = Eric Young (home=$HOME) + +[ special ] + +H=$HOME +H=$default::HOME +H=$ENV::HOME +# +# SSLeay example configuration file. +# This is mostly being used for generation of certificate requests. +# + +RANDFILE = $HOME/.rand + +[ req ] +default_bits = 512 +default_keyfile = privkey.pem + +Attribute_type_1 = countryName +Attribute_text_1 = Country Name (2 letter code) +Attribute_default_1 = AU + +Attribute_type_2 = stateOrProvinceName +Attribute_text_2 = State or Province Name (full name) +Attribute_default_2 = Queensland + +Attribute_type_3 = localityName +Attribute_text_3 = Locality Name (eg, city) + +Attribute_type_4 = organizationName +Attribute_text_4 = Organization Name (eg, company) +Attribute_default_4 = Mincom Pty Ltd + +Attribute_type_5 = organizationalUnitName +Attribute_text_5 = Organizational Unit Name (eg, section) +Attribute_default_5 = TR + +Attribute_type_6 = commonName +Attribute_text_6 = Common Name (eg, YOUR name) + +Attribute_type_7 = emailAddress +Attribute_text_7 = Email Address + diff --git a/src/lib/libcrypto/cpt_err.c b/src/lib/libcrypto/cpt_err.c new file mode 100644 index 0000000000..ea3c135d39 --- /dev/null +++ b/src/lib/libcrypto/cpt_err.c @@ -0,0 +1,86 @@ +/* lib/crypto/crypto_err.c */ +/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ +#include +#include "err.h" +#include "crypto.h" + +/* BEGIN ERROR CODES */ +#ifndef NO_ERR +static ERR_STRING_DATA CRYPTO_str_functs[]= + { +{ERR_PACK(0,CRYPTO_F_CRYPTO_GET_EX_NEW_INDEX,0), "CRYPTO_get_ex_new_index"}, +{ERR_PACK(0,CRYPTO_F_CRYPTO_GET_NEW_LOCKID,0), "CRYPTO_get_new_lockid"}, +{ERR_PACK(0,CRYPTO_F_CRYPTO_SET_EX_DATA,0), "CRYPTO_set_ex_data"}, +{0,NULL}, + }; + +#endif + +void ERR_load_CRYPTO_strings() + { + static int init=1; + + if (init); + {; + init=0; +#ifndef NO_ERR + ERR_load_strings(ERR_LIB_CRYPTO,CRYPTO_str_functs); +#endif + + } + } diff --git a/src/lib/libcrypto/cryptlib.c b/src/lib/libcrypto/cryptlib.c new file mode 100644 index 0000000000..9a7e80b7f8 --- /dev/null +++ b/src/lib/libcrypto/cryptlib.c @@ -0,0 +1,307 @@ +/* crypto/cryptlib.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include +#include +#include "cryptlib.h" +#include "crypto.h" +#include "date.h" + +#if defined(WIN32) || defined(WIN16) +static double SSLeay_MSVC5_hack=0.0; /* and for VC1.5 */ +#endif + +/* real #defines in crypto.h, keep these upto date */ +static char* lock_names[CRYPTO_NUM_LOCKS] = + { + "<>", + "err", + "err_hash", + "x509", + "x509_info", + "x509_pkey", + "x509_crl", + "x509_req", + "dsa", + "rsa", + "evp_pkey", + "x509_store", + "ssl_ctx", + "ssl_cert", + "ssl_session", + "ssl", + "rand", + "debug_malloc", + "BIO", + "bio_gethostbyname", + "RSA_blinding", + }; + +static STACK *app_locks=NULL; + +#ifndef NOPROTO +static void (MS_FAR *locking_callback)(int mode,int type, + char *file,int line)=NULL; +static int (MS_FAR *add_lock_callback)(int *pointer,int amount, + int type,char *file,int line)=NULL; +static unsigned long (MS_FAR *id_callback)(void)=NULL; +#else +static void (MS_FAR *locking_callback)()=NULL; +static int (MS_FAR *add_lock_callback)()=NULL; +static unsigned long (MS_FAR *id_callback)()=NULL; +#endif + +int CRYPTO_get_new_lockid(name) +char *name; + { + char *str; + int i; + + /* A hack to make Visual C++ 5.0 work correctly when linking as + * a DLL using /MT. Without this, the application cannot use + * and floating point printf's. + * It also seems to be needed for Visual C 1.5 (win16) */ +#if defined(WIN32) || defined(WIN16) + SSLeay_MSVC5_hack=(double)name[0]*(double)name[1]; +#endif + + if (app_locks == NULL) + if ((app_locks=sk_new_null()) == NULL) + CRYPTOerr(CRYPTO_F_CRYPTO_GET_NEW_LOCKID,ERR_R_MALLOC_FAILURE); + return(0); + if ((str=BUF_strdup(name)) == NULL) + return(0); + i=sk_push(app_locks,str); + if (!i) + Free(str); + else + i+=CRYPTO_NUM_LOCKS; /* gap of one :-) */ + return(i); + } + +void (*CRYPTO_get_locking_callback(P_V))(P_I_I_P_I) + { + return(locking_callback); + } + +int (*CRYPTO_get_add_lock_callback(P_V))(P_IP_I_I_P_I) + { + return(add_lock_callback); + } + +void CRYPTO_set_locking_callback(func) +void (*func)(P_I_I_P_I); + { + locking_callback=func; + } + +void CRYPTO_set_add_lock_callback(func) +int (*func)(P_IP_I_I_P_I); + { + add_lock_callback=func; + } + +unsigned long (*CRYPTO_get_id_callback(P_V))(P_V) + { + return(id_callback); + } + +void CRYPTO_set_id_callback(func) +unsigned long (*func)(P_V); + { + id_callback=func; + } + +unsigned long CRYPTO_thread_id() + { + unsigned long ret=0; + + if (id_callback == NULL) + { +#ifdef WIN16 + ret=(unsigned long)GetCurrentTask(); +#elif defined(WIN32) + ret=(unsigned long)GetCurrentThreadId(); +#elif defined(MSDOS) + ret=1L; +#else + ret=(unsigned long)getpid(); +#endif + } + else + ret=id_callback(); + return(ret); + } + +void CRYPTO_lock(mode,type,file,line) +int mode; +int type; +char *file; +int line; + { +#ifdef LOCK_DEBUG + { + char *rw_text,*operation_text; + + if (mode & CRYPTO_LOCK) + operation_text="lock "; + else if (mode & CRYPTO_UNLOCK) + operation_text="unlock"; + else + operation_text="ERROR "; + + if (mode & CRYPTO_READ) + rw_text="r"; + else if (mode & CRYPTO_WRITE) + rw_text="w"; + else + rw_text="ERROR"; + + fprintf(stderr,"lock:%08lx:(%s)%s %-18s %s:%d\n", + CRYPTO_thread_id(), rw_text, operation_text, + CRYPTO_get_lock_name(type), file, line); + } +#endif + if (locking_callback != NULL) + locking_callback(mode,type,file,line); + } + +int CRYPTO_add_lock(pointer,amount,type,file,line) +int *pointer; +int amount; +int type; +char *file; +int line; + { + int ret; + + if (add_lock_callback != NULL) + { +#ifdef LOCK_DEBUG + int before= *pointer; +#endif + + ret=add_lock_callback(pointer,amount,type,file,line); +#ifdef LOCK_DEBUG + fprintf(stderr,"ladd:%08lx:%2d+%2d->%2d %-18s %s:%d\n", + CRYPTO_thread_id(), + before,amount,ret, + CRYPTO_get_lock_name(type), + file,line); +#endif + *pointer=ret; + } + else + { + CRYPTO_lock(CRYPTO_LOCK|CRYPTO_WRITE,type,file,line); + + ret= *pointer+amount; +#ifdef LOCK_DEBUG + fprintf(stderr,"ladd:%08lx:%2d+%2d->%2d %-18s %s:%d\n", + CRYPTO_thread_id(), + *pointer,amount,ret, + CRYPTO_get_lock_name(type), + file,line); +#endif + *pointer=ret; + CRYPTO_lock(CRYPTO_UNLOCK|CRYPTO_WRITE,type,file,line); + } + return(ret); + } + +char *CRYPTO_get_lock_name(type) +int type; + { + if (type < 0) + return("ERROR"); + else if (type < CRYPTO_NUM_LOCKS) + return(lock_names[type]); + else if (type-CRYPTO_NUM_LOCKS >= sk_num(app_locks)) + return("ERROR"); + else + return(sk_value(app_locks,type-CRYPTO_NUM_LOCKS)); + } + +#ifdef _DLL +#ifdef WIN32 + +/* All we really need to do is remove the 'error' state when a thread + * detaches */ + +BOOL WINAPI DLLEntryPoint(hinstDLL,fdwReason,lpvReserved) +HINSTANCE hinstDLL; +DWORD fdwReason; +LPVOID lpvReserved; + { + switch(fdwReason) + { + case DLL_PROCESS_ATTACH: + break; + case DLL_THREAD_ATTACH: + break; + case DLL_THREAD_DETACH: + ERR_remove_state(0); + break; + case DLL_PROCESS_DETACH: + break; + } + return(TRUE); + } +#endif + +#endif diff --git a/src/lib/libcrypto/cryptlib.h b/src/lib/libcrypto/cryptlib.h new file mode 100644 index 0000000000..32757c9efb --- /dev/null +++ b/src/lib/libcrypto/cryptlib.h @@ -0,0 +1,100 @@ +/* crypto/cryptlib.h */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#ifndef HEADER_CRYPTLIB_H +#define HEADER_CRYPTLIB_H + +#include +#include + +#ifdef __cplusplus +extern "C" { +#endif + +/* #ifdef FLAT_INC */ + +#include "e_os.h" +#include "crypto.h" +#include "buffer.h" +#include "bio.h" +#include "err.h" + +/* +#else + +#include "../e_os.h" +#include "crypto.h" +#include "buffer/buffer.h" +#include "bio/bio.h" +#include "err/err.h" +#endif +*/ + +#define X509_CERT_AREA "/etc/ssl" +#define X509_CERT_DIR "/etc/ssl/certs" +#define X509_CERT_FILE "/etc/ssl/cert.pem" +#define X509_PRIVATE_DIR "/etc/ssl/private" + +#define X509_CERT_DIR_EVP "SSL_CERT_DIR" +#define X509_CERT_FILE_EVP "SSL_CERT_FILE" + +#ifdef __cplusplus +} +#endif + +#endif diff --git a/src/lib/libcrypto/crypto.h b/src/lib/libcrypto/crypto.h new file mode 100644 index 0000000000..0a38b5b87c --- /dev/null +++ b/src/lib/libcrypto/crypto.h @@ -0,0 +1,319 @@ +/* crypto/crypto.h */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#ifndef HEADER_CRYPTO_H +#define HEADER_CRYPTO_H + +#ifdef __cplusplus +extern "C" { +#endif + +#include "stack.h" + +/* This is more to be used to check the correct DLL is being used + * in the MS world. */ +#define SSLEAY_VERSION_NUMBER 0x0902 /* Version 0.5.1c would be 0513 */ + +#define SSLEAY_VERSION 0 +/* #define SSLEAY_OPTIONS 1 no longer supported */ +#define SSLEAY_CFLAGS 2 +#define SSLEAY_BUILT_ON 3 + +/* When changing the CRYPTO_LOCK_* list, be sure to maintin the text lock + * names in cryptlib.c + */ + +#define CRYPTO_LOCK_ERR 1 +#define CRYPTO_LOCK_ERR_HASH 2 +#define CRYPTO_LOCK_X509 3 +#define CRYPTO_LOCK_X509_INFO 4 +#define CRYPTO_LOCK_X509_PKEY 5 +#define CRYPTO_LOCK_X509_CRL 6 +#define CRYPTO_LOCK_X509_REQ 7 +#define CRYPTO_LOCK_DSA 8 +#define CRYPTO_LOCK_RSA 9 +#define CRYPTO_LOCK_EVP_PKEY 10 +#define CRYPTO_LOCK_X509_STORE 11 +#define CRYPTO_LOCK_SSL_CTX 12 +#define CRYPTO_LOCK_SSL_CERT 13 +#define CRYPTO_LOCK_SSL_SESSION 14 +#define CRYPTO_LOCK_SSL 15 +#define CRYPTO_LOCK_RAND 16 +#define CRYPTO_LOCK_MALLOC 17 +#define CRYPTO_LOCK_BIO 18 +#define CRYPTO_LOCK_BIO_GETHOSTBYNAME 19 +#define CRYPTO_LOCK_RSA_BLINDING 20 +#define CRYPTO_NUM_LOCKS 21 + +#define CRYPTO_LOCK 1 +#define CRYPTO_UNLOCK 2 +#define CRYPTO_READ 4 +#define CRYPTO_WRITE 8 + +#ifndef CRYPTO_w_lock +#define CRYPTO_w_lock(type) \ + CRYPTO_lock(CRYPTO_LOCK|CRYPTO_WRITE,type,__FILE__,__LINE__) +#define CRYPTO_w_unlock(type) \ + CRYPTO_lock(CRYPTO_UNLOCK|CRYPTO_WRITE,type,__FILE__,__LINE__) +#define CRYPTO_r_lock(type) \ + CRYPTO_lock(CRYPTO_LOCK|CRYPTO_READ,type,__FILE__,__LINE__) +#define CRYPTO_r_unlock(type) \ + CRYPTO_lock(CRYPTO_UNLOCK|CRYPTO_READ,type,__FILE__,__LINE__) +#define CRYPTO_add(addr,amount,type) \ + CRYPTO_add_lock(addr,amount,type,__FILE__,__LINE__) + +#endif + +/* The following can be used to detect memory leaks in the SSLeay library. + * It used, it turns on malloc checking */ + +#define CRYPTO_MEM_CHECK_OFF 0x0 +#define CRYPTO_MEM_CHECK_ON 0x1 + +/* +typedef struct crypto_mem_st + { + char *(*malloc_func)(); + char *(*realloc_func)(); + void (*free_func)(); + } CRYPTO_MEM_FUNC; +*/ + +/* predec of the BIO type */ +typedef struct bio_st BIO_dummy; + +typedef struct crypto_ex_data_st + { + STACK *sk; + int dummy; /* gcc is screwing up this data structure :-( */ + } CRYPTO_EX_DATA; + +/* This stuff is basically class callback functions + * The current classes are SSL_CTX, SSL, SSL_SESION, and a few more */ +typedef struct crypto_ex_data_func_st + { + long argl; /* Arbitary long */ + char *argp; /* Arbitary char * */ + /* Called when a new object is created */ + int (*new_func)(/*char *obj, + char *item,int index,long argl,char *argp*/); + /* Called when this object is free()ed */ + void (*free_func)(/*char *obj, + char *item,int index,long argl,char *argp*/); + + /* Called when we need to dup this one */ + int (*dup_func)(/*char *obj_to,char *obj_from, + char **new,int index,long argl,char *argp*/); + } CRYPTO_EX_DATA_FUNCS; + +/* Per class, we have a STACK of CRYPTO_EX_DATA_FUNCS for each CRYPTO_EX_DATA + * entry. + */ + +#define CRYPTO_EX_INDEX_BIO 0 +#define CRYPTO_EX_INDEX_SSL 1 +#define CRYPTO_EX_INDEX_SSL_CTX 2 +#define CRYPTO_EX_INDEX_SSL_SESSION 3 +#define CRYPTO_EX_INDEX_X509_STORE 4 +#define CRYPTO_EX_INDEX_X509_STORE_CTX 5 + +/* Use this for win32 DLL's */ +#define CRYPTO_malloc_init() CRYPTO_set_mem_functions(\ + (char *(*)())malloc,\ + (char *(*)())realloc,\ + (void (*)())free) + +#ifdef CRYPTO_MDEBUG +#define Malloc(num) CRYPTO_dbg_malloc((int)num,__FILE__,__LINE__) +#define Realloc(addr,num) \ + CRYPTO_dbg_realloc((char *)addr,(int)num,__FILE__,__LINE__) +#define Remalloc(addr,num) \ + CRYPTO_dbg_remalloc((char **)addr,(int)num,__FILE__,__LINE__) +#define FreeFunc CRYPTO_dbg_free +#define Free(addr) CRYPTO_dbg_free((char *)(addr)) +#else +#define Remalloc CRYPTO_remalloc +#if defined(WIN32) || defined(MFUNC) +#define Malloc CRYPTO_malloc +#define Realloc(a,n) CRYPTO_realloc((char *)(a),(n)) +#define FreeFunc CRYPTO_free +#define Free(addr) CRYPTO_free((char *)(addr)) +#else +#define Malloc malloc +#define Realloc realloc +#define FreeFunc free +#define Free(addr) free((char *)(addr)) +#endif /* WIN32 || MFUNC */ +#endif /* MDEBUG */ + +/* Case insensiteve linking causes problems.... */ +#ifdef WIN16 +#define ERR_load_CRYPTO_strings ERR_load_CRYPTOlib_strings +#endif + +#ifndef NOPROTO + +char *SSLeay_version(int type); +unsigned long SSLeay(void); + +int CRYPTO_get_ex_new_index(int idx,STACK **sk,long argl,char *argp, + int (*new_func)(),int (*dup_func)(),void (*free_func)()); +int CRYPTO_set_ex_data(CRYPTO_EX_DATA *ad,int idx,char *val); +char *CRYPTO_get_ex_data(CRYPTO_EX_DATA *ad,int idx); +int CRYPTO_dup_ex_data(STACK *meth,CRYPTO_EX_DATA *from,CRYPTO_EX_DATA *to); +void CRYPTO_free_ex_data(STACK *meth,char *obj,CRYPTO_EX_DATA *ad); +void CRYPTO_new_ex_data(STACK *meth, char *obj, CRYPTO_EX_DATA *ad); + +int CRYPTO_mem_ctrl(int mode); +int CRYPTO_get_new_lockid(char *name); +void CRYPTO_lock(int mode, int type,char *file,int line); +void CRYPTO_set_locking_callback(void (*func)(int mode,int type,char *file, + int line)); +void (*CRYPTO_get_locking_callback(void))(int mode,int type,char *file, + int line); +void CRYPTO_set_add_lock_callback(int (*func)(int *num,int mount, + int type,char *file, int line)); +int (*CRYPTO_get_add_lock_callback(void))(int *num,int mount, + int type,char *file,int line); +void CRYPTO_set_id_callback(unsigned long (*func)(void)); +unsigned long (*CRYPTO_get_id_callback(void))(void); +unsigned long CRYPTO_thread_id(void); +char *CRYPTO_get_lock_name(int type); +int CRYPTO_add_lock(int *pointer,int amount,int type, char *file,int line); + +void CRYPTO_set_mem_functions(char *(*m)(),char *(*r)(), void (*free_func)()); +void CRYPTO_get_mem_functions(char *(**m)(),char *(**r)(), void (**f)()); + +char *CRYPTO_malloc(int num); +char *CRYPTO_realloc(char *addr,int num); +void CRYPTO_free(char *); +char *CRYPTO_remalloc(char *addr,int num); + +char *CRYPTO_dbg_malloc(int num,char *file,int line); +char *CRYPTO_dbg_realloc(char *addr,int num,char *file,int line); +void CRYPTO_dbg_free(char *); +char *CRYPTO_dbg_remalloc(char *addr,int num,char *file,int line); +#ifndef NO_FP_API +void CRYPTO_mem_leaks_fp(FILE *); +#endif +void CRYPTO_mem_leaks(struct bio_st *bio); +/* unsigned long order, char *file, int line, int num_bytes, char *addr */ +void CRYPTO_mem_leaks_cb(void (*cb)()); + +void ERR_load_CRYPTO_strings(void ); + +#else + +int CRYPTO_get_ex_new_index(); +int CRYPTO_set_ex_data(); +char *CRYPTO_get_ex_data(); +int CRYPTO_dup_ex_data(); +void CRYPTO_free_ex_data(); +void CRYPTO_new_ex_data(); + +int CRYPTO_mem_ctrl(); +char *SSLeay_version(); +unsigned long SSLeay(); + +int CRYPTO_get_new_lockid(); +void CRYPTO_lock(); +void CRYPTO_set_locking_callback(); +void (*CRYPTO_get_locking_callback())(); +void CRYPTO_set_add_lock_callback(); +int (*CRYPTO_get_add_lock_callback())(); +void CRYPTO_set_id_callback(); +unsigned long (*CRYPTO_get_id_callback())(); +unsigned long CRYPTO_thread_id(); +char *CRYPTO_get_lock_name(); +int CRYPTO_add_lock(); + +void CRYPTO_set_mem_functions(); +void CRYPTO_get_mem_functions(); +char *CRYPTO_malloc(); +char *CRYPTO_realloc(); +void CRYPTO_free(); +char *CRYPTO_remalloc(); +char *CRYPTO_dbg_remalloc(); +char *CRYPTO_dbg_malloc(); +char *CRYPTO_dbg_realloc(); +void CRYPTO_dbg_free(); +#ifndef NO_FP_API +void CRYPTO_mem_leaks_fp(); +#endif +void CRYPTO_mem_leaks(); +void CRYPTO_mem_leaks_cb(); + +void ERR_load_CRYPTO_strings(); + +#endif + +/* BEGIN ERROR CODES */ +/* Error codes for the CRYPTO functions. */ + +/* Function codes. */ +#define CRYPTO_F_CRYPTO_GET_EX_NEW_INDEX 100 +#define CRYPTO_F_CRYPTO_GET_NEW_LOCKID 101 +#define CRYPTO_F_CRYPTO_SET_EX_DATA 102 + +/* Reason codes. */ + +#ifdef __cplusplus +} +#endif +#endif + diff --git a/src/lib/libcrypto/cversion.c b/src/lib/libcrypto/cversion.c new file mode 100644 index 0000000000..4e823be52f --- /dev/null +++ b/src/lib/libcrypto/cversion.c @@ -0,0 +1,99 @@ +/* crypto/cversion.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include +#include +#include "cryptlib.h" +#include "crypto.h" +#include "date.h" + +char *SSLeay_version(t) +int t; + { + if (t == SSLEAY_VERSION) + return("SSLeay 0.9.0b 29-Jun-1998"); + if (t == SSLEAY_BUILT_ON) + { +#ifdef DATE + static char buf[sizeof(DATE)+10]; + + sprintf(buf,"built on %s",DATE); + return(buf); +#else + return("build date not available"); +#endif + } + if (t == SSLEAY_CFLAGS) + { +#ifdef CFLAGS + static char buf[sizeof(CFLAGS)+10]; + + sprintf(buf,"C flags:%s",CFLAGS); + return(buf); +#else + return("C flags not available"); +#endif + } + return("not available"); + } + +unsigned long SSLeay() + { + return(SSLEAY_VERSION_NUMBER); + } + diff --git a/src/lib/libcrypto/des/COPYRIGHT b/src/lib/libcrypto/des/COPYRIGHT new file mode 100644 index 0000000000..5469e1e469 --- /dev/null +++ b/src/lib/libcrypto/des/COPYRIGHT @@ -0,0 +1,50 @@ +Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com) +All rights reserved. + +This package is an DES implementation written by Eric Young (eay@cryptsoft.com). +The implementation was written so as to conform with MIT's libdes. + +This library is free for commercial and non-commercial use as long as +the following conditions are aheared to. The following conditions +apply to all code found in this distribution. + +Copyright remains Eric Young's, and as such any Copyright notices in +the code are not to be removed. +If this package is used in a product, Eric Young should be given attribution +as the author of that the SSL library. This can be in the form of a textual +message at program startup or in documentation (online or textual) provided +with the package. + +Redistribution and use in source and binary forms, with or without +modification, are permitted provided that the following conditions +are met: +1. Redistributions of source code must retain the copyright + notice, this list of conditions and the following disclaimer. +2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. +3. All advertising materials mentioning features or use of this software + must display the following acknowledgement: + This product includes software developed by Eric Young (eay@cryptsoft.com) + +THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND +ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE +FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS +OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) +HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY +OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF +SUCH DAMAGE. + +The license and distribution terms for any publically available version or +derivative of this code cannot be changed. i.e. this code cannot simply be +copied and put under another distrubution license +[including the GNU Public License.] + +The reason behind this being stated in this direct manner is past +experience in code simply being copied and the attribution removed +from it and then being distributed as part of other packages. This +implementation was a non-trivial and unpaid effort. diff --git a/src/lib/libcrypto/des/asm/crypt586.pl b/src/lib/libcrypto/des/asm/crypt586.pl new file mode 100644 index 0000000000..297e38dec8 --- /dev/null +++ b/src/lib/libcrypto/des/asm/crypt586.pl @@ -0,0 +1,204 @@ +#!/usr/bin/perl +# +# The inner loop instruction sequence and the IP/FP modifications are from +# Svend Olaf Mikkelsen +# I've added the stuff needed for crypt() but I've not worried about making +# things perfect. +# + +push(@INC,"perlasm","../../perlasm"); +require "x86asm.pl"; + +&asm_init($ARGV[0],"crypt586.pl"); + +$L="edi"; +$R="esi"; + +&external_label("des_SPtrans"); +&fcrypt_body("fcrypt_body"); +&asm_finish(); + +sub fcrypt_body + { + local($name,$do_ip)=@_; + + &function_begin($name,"EXTRN _des_SPtrans:DWORD"); + + &comment(""); + &comment("Load the 2 words"); + $ks="ebp"; + + &xor( $L, $L); + &xor( $R, $R); + &mov($ks,&wparam(1)); + + &push(25); # add a variable + + &set_label("start"); + for ($i=0; $i<16; $i+=2) + { + &comment(""); + &comment("Round $i"); + &D_ENCRYPT($i,$L,$R,$i*2,$ks,"des_SPtrans","eax","ebx","ecx","edx"); + + &comment(""); + &comment("Round ".sprintf("%d",$i+1)); + &D_ENCRYPT($i+1,$R,$L,($i+1)*2,$ks,"des_SPtrans","eax","ebx","ecx","edx"); + } + &mov("ebx", &swtmp(0)); + &mov("eax", $L); + &dec("ebx"); + &mov($L, $R); + &mov($R, "eax"); + &mov(&swtmp(0), "ebx"); + &jnz(&label("start")); + + &comment(""); + &comment("FP"); + &mov("edx",&wparam(0)); + + &FP_new($R,$L,"eax",3); + &mov(&DWP(0,"edx","",0),"eax"); + &mov(&DWP(4,"edx","",0),$L); + + &pop("ecx"); # remove variable + + &function_end($name); + } + +sub D_ENCRYPT + { + local($r,$L,$R,$S,$ks,$desSP,$u,$tmp1,$tmp2,$t)=@_; + + &mov( $u, &wparam(2)); # 2 + &mov( $t, $R); + &shr( $t, 16); # 1 + &mov( $tmp2, &wparam(3)); # 2 + &xor( $t, $R); # 1 + + &and( $u, $t); # 2 + &and( $t, $tmp2); # 2 + + &mov( $tmp1, $u); + &shl( $tmp1, 16); # 1 + &mov( $tmp2, $t); + &shl( $tmp2, 16); # 1 + &xor( $u, $tmp1); # 2 + &xor( $t, $tmp2); # 2 + &mov( $tmp1, &DWP(&n2a($S*4),$ks,"",0)); # 2 + &xor( $u, $tmp1); + &mov( $tmp2, &DWP(&n2a(($S+1)*4),$ks,"",0)); # 2 + &xor( $u, $R); + &xor( $t, $R); + &xor( $t, $tmp2); + + &and( $u, "0xfcfcfcfc" ); # 2 + &xor( $tmp1, $tmp1); # 1 + &and( $t, "0xcfcfcfcf" ); # 2 + &xor( $tmp2, $tmp2); + &movb( &LB($tmp1), &LB($u) ); + &movb( &LB($tmp2), &HB($u) ); + &rotr( $t, 4 ); + &mov( $ks, &DWP(" $desSP",$tmp1,"",0)); + &movb( &LB($tmp1), &LB($t) ); + &xor( $L, $ks); + &mov( $ks, &DWP("0x200+$desSP",$tmp2,"",0)); + &xor( $L, $ks); + &movb( &LB($tmp2), &HB($t) ); + &shr( $u, 16); + &mov( $ks, &DWP("0x100+$desSP",$tmp1,"",0)); + &xor( $L, $ks); + &movb( &LB($tmp1), &HB($u) ); + &shr( $t, 16); + &mov( $ks, &DWP("0x300+$desSP",$tmp2,"",0)); + &xor( $L, $ks); + &mov( $ks, &wparam(1)); + &movb( &LB($tmp2), &HB($t) ); + &and( $u, "0xff" ); + &and( $t, "0xff" ); + &mov( $tmp1, &DWP("0x600+$desSP",$tmp1,"",0)); + &xor( $L, $tmp1); + &mov( $tmp1, &DWP("0x700+$desSP",$tmp2,"",0)); + &xor( $L, $tmp1); + &mov( $tmp1, &DWP("0x400+$desSP",$u,"",0)); + &xor( $L, $tmp1); + &mov( $tmp1, &DWP("0x500+$desSP",$t,"",0)); + &xor( $L, $tmp1); + } + +sub n2a + { + sprintf("%d",$_[0]); + } + +# now has a side affect of rotating $a by $shift +sub R_PERM_OP + { + local($a,$b,$tt,$shift,$mask,$last)=@_; + + &rotl( $a, $shift ) if ($shift != 0); + &mov( $tt, $a ); + &xor( $a, $b ); + &and( $a, $mask ); + if ($notlast eq $b) + { + &xor( $b, $a ); + &xor( $tt, $a ); + } + else + { + &xor( $tt, $a ); + &xor( $b, $a ); + } + &comment(""); + } + +sub IP_new + { + local($l,$r,$tt,$lr)=@_; + + &R_PERM_OP($l,$r,$tt, 4,"0xf0f0f0f0",$l); + &R_PERM_OP($r,$tt,$l,20,"0xfff0000f",$l); + &R_PERM_OP($l,$tt,$r,14,"0x33333333",$r); + &R_PERM_OP($tt,$r,$l,22,"0x03fc03fc",$r); + &R_PERM_OP($l,$r,$tt, 9,"0xaaaaaaaa",$r); + + if ($lr != 3) + { + if (($lr-3) < 0) + { &rotr($tt, 3-$lr); } + else { &rotl($tt, $lr-3); } + } + if ($lr != 2) + { + if (($lr-2) < 0) + { &rotr($r, 2-$lr); } + else { &rotl($r, $lr-2); } + } + } + +sub FP_new + { + local($l,$r,$tt,$lr)=@_; + + if ($lr != 2) + { + if (($lr-2) < 0) + { &rotl($r, 2-$lr); } + else { &rotr($r, $lr-2); } + } + if ($lr != 3) + { + if (($lr-3) < 0) + { &rotl($l, 3-$lr); } + else { &rotr($l, $lr-3); } + } + + &R_PERM_OP($l,$r,$tt, 0,"0xaaaaaaaa",$r); + &R_PERM_OP($tt,$r,$l,23,"0x03fc03fc",$r); + &R_PERM_OP($l,$r,$tt,10,"0x33333333",$l); + &R_PERM_OP($r,$tt,$l,18,"0xfff0000f",$l); + &R_PERM_OP($l,$tt,$r,12,"0xf0f0f0f0",$r); + &rotr($tt , 4); + } + diff --git a/src/lib/libcrypto/des/asm/des-586.pl b/src/lib/libcrypto/des/asm/des-586.pl new file mode 100644 index 0000000000..7f2e09fa7a --- /dev/null +++ b/src/lib/libcrypto/des/asm/des-586.pl @@ -0,0 +1,251 @@ +#!/usr/bin/perl +# +# The inner loop instruction sequence and the IP/FP modifications are from +# Svend Olaf Mikkelsen +# + +push(@INC,"perlasm","../../perlasm"); +require "x86asm.pl"; +require "cbc.pl"; +require "desboth.pl"; + +# base code is in microsft +# op dest, source +# format. +# + +&asm_init($ARGV[0],"des-586.pl"); + +$L="edi"; +$R="esi"; + +&external_label("des_SPtrans"); +&des_encrypt("des_encrypt",1); +&des_encrypt("des_encrypt2",0); +&des_encrypt3("des_encrypt3",1); +&des_encrypt3("des_decrypt3",0); +&cbc("des_ncbc_encrypt","des_encrypt","des_encrypt",0,4,5,3,5,-1); +&cbc("des_ede3_cbc_encrypt","des_encrypt3","des_decrypt3",0,6,7,3,4,5); + +&asm_finish(); + +sub des_encrypt + { + local($name,$do_ip)=@_; + + &function_begin_B($name,"EXTRN _des_SPtrans:DWORD"); + + &push("esi"); + &push("edi"); + + &comment(""); + &comment("Load the 2 words"); + $ks="ebp"; + + if ($do_ip) + { + &mov($R,&wparam(0)); + &xor( "ecx", "ecx" ); + + &push("ebx"); + &push("ebp"); + + &mov("eax",&DWP(0,$R,"",0)); + &mov("ebx",&wparam(2)); # get encrypt flag + &mov($L,&DWP(4,$R,"",0)); + &comment(""); + &comment("IP"); + &IP_new("eax",$L,$R,3); + } + else + { + &mov("eax",&wparam(0)); + &xor( "ecx", "ecx" ); + + &push("ebx"); + &push("ebp"); + + &mov($R,&DWP(0,"eax","",0)); + &mov("ebx",&wparam(2)); # get encrypt flag + &rotl($R,3); + &mov($L,&DWP(4,"eax","",0)); + &rotl($L,3); + } + + &mov( $ks, &wparam(1) ); + &cmp("ebx","0"); + &je(&label("start_decrypt")); + + for ($i=0; $i<16; $i+=2) + { + &comment(""); + &comment("Round $i"); + &D_ENCRYPT($i,$L,$R,$i*2,$ks,"des_SPtrans","eax","ebx","ecx","edx"); + + &comment(""); + &comment("Round ".sprintf("%d",$i+1)); + &D_ENCRYPT($i+1,$R,$L,($i+1)*2,$ks,"des_SPtrans","eax","ebx","ecx","edx"); + } + &jmp(&label("end")); + + &set_label("start_decrypt"); + + for ($i=15; $i>0; $i-=2) + { + &comment(""); + &comment("Round $i"); + &D_ENCRYPT(15-$i,$L,$R,$i*2,$ks,"des_SPtrans","eax","ebx","ecx","edx"); + &comment(""); + &comment("Round ".sprintf("%d",$i-1)); + &D_ENCRYPT(15-$i+1,$R,$L,($i-1)*2,$ks,"des_SPtrans","eax","ebx","ecx","edx"); + } + + &set_label("end"); + + if ($do_ip) + { + &comment(""); + &comment("FP"); + &mov("edx",&wparam(0)); + &FP_new($L,$R,"eax",3); + + &mov(&DWP(0,"edx","",0),"eax"); + &mov(&DWP(4,"edx","",0),$R); + } + else + { + &comment(""); + &comment("Fixup"); + &rotr($L,3); # r + &mov("eax",&wparam(0)); + &rotr($R,3); # l + &mov(&DWP(0,"eax","",0),$L); + &mov(&DWP(4,"eax","",0),$R); + } + + &pop("ebp"); + &pop("ebx"); + &pop("edi"); + &pop("esi"); + &ret(); + + &function_end_B($name); + } + +sub D_ENCRYPT + { + local($r,$L,$R,$S,$ks,$desSP,$u,$tmp1,$tmp2,$t)=@_; + + &mov( $u, &DWP(&n2a($S*4),$ks,"",0)); + &xor( $tmp1, $tmp1); + &mov( $t, &DWP(&n2a(($S+1)*4),$ks,"",0)); + &xor( $u, $R); + &xor( $t, $R); + &and( $u, "0xfcfcfcfc" ); + &and( $t, "0xcfcfcfcf" ); + &movb( &LB($tmp1), &LB($u) ); + &movb( &LB($tmp2), &HB($u) ); + &rotr( $t, 4 ); + &mov( $ks, &DWP(" $desSP",$tmp1,"",0)); + &movb( &LB($tmp1), &LB($t) ); + &xor( $L, $ks); + &mov( $ks, &DWP("0x200+$desSP",$tmp2,"",0)); + &xor( $L, $ks); ###### + &movb( &LB($tmp2), &HB($t) ); + &shr( $u, 16); + &mov( $ks, &DWP("0x100+$desSP",$tmp1,"",0)); + &xor( $L, $ks); ###### + &movb( &LB($tmp1), &HB($u) ); + &shr( $t, 16); + &mov( $ks, &DWP("0x300+$desSP",$tmp2,"",0)); + &xor( $L, $ks); + &mov( $ks, &wparam(1) ); + &movb( &LB($tmp2), &HB($t) ); + &and( $u, "0xff" ); + &and( $t, "0xff" ); + &mov( $tmp1, &DWP("0x600+$desSP",$tmp1,"",0)); + &xor( $L, $tmp1); + &mov( $tmp1, &DWP("0x700+$desSP",$tmp2,"",0)); + &xor( $L, $tmp1); + &mov( $tmp1, &DWP("0x400+$desSP",$u,"",0)); + &xor( $L, $tmp1); + &mov( $tmp1, &DWP("0x500+$desSP",$t,"",0)); + &xor( $L, $tmp1); + } + +sub n2a + { + sprintf("%d",$_[0]); + } + +# now has a side affect of rotating $a by $shift +sub R_PERM_OP + { + local($a,$b,$tt,$shift,$mask,$last)=@_; + + &rotl( $a, $shift ) if ($shift != 0); + &mov( $tt, $a ); + &xor( $a, $b ); + &and( $a, $mask ); + if (!$last eq $b) + { + &xor( $b, $a ); + &xor( $tt, $a ); + } + else + { + &xor( $tt, $a ); + &xor( $b, $a ); + } + &comment(""); + } + +sub IP_new + { + local($l,$r,$tt,$lr)=@_; + + &R_PERM_OP($l,$r,$tt, 4,"0xf0f0f0f0",$l); + &R_PERM_OP($r,$tt,$l,20,"0xfff0000f",$l); + &R_PERM_OP($l,$tt,$r,14,"0x33333333",$r); + &R_PERM_OP($tt,$r,$l,22,"0x03fc03fc",$r); + &R_PERM_OP($l,$r,$tt, 9,"0xaaaaaaaa",$r); + + if ($lr != 3) + { + if (($lr-3) < 0) + { &rotr($tt, 3-$lr); } + else { &rotl($tt, $lr-3); } + } + if ($lr != 2) + { + if (($lr-2) < 0) + { &rotr($r, 2-$lr); } + else { &rotl($r, $lr-2); } + } + } + +sub FP_new + { + local($l,$r,$tt,$lr)=@_; + + if ($lr != 2) + { + if (($lr-2) < 0) + { &rotl($r, 2-$lr); } + else { &rotr($r, $lr-2); } + } + if ($lr != 3) + { + if (($lr-3) < 0) + { &rotl($l, 3-$lr); } + else { &rotr($l, $lr-3); } + } + + &R_PERM_OP($l,$r,$tt, 0,"0xaaaaaaaa",$r); + &R_PERM_OP($tt,$r,$l,23,"0x03fc03fc",$r); + &R_PERM_OP($l,$r,$tt,10,"0x33333333",$l); + &R_PERM_OP($r,$tt,$l,18,"0xfff0000f",$l); + &R_PERM_OP($l,$tt,$r,12,"0xf0f0f0f0",$r); + &rotr($tt , 4); + } + diff --git a/src/lib/libcrypto/des/asm/desboth.pl b/src/lib/libcrypto/des/asm/desboth.pl new file mode 100644 index 0000000000..8f939953a6 --- /dev/null +++ b/src/lib/libcrypto/des/asm/desboth.pl @@ -0,0 +1,79 @@ +#!/usr/bin/perl + +$L="edi"; +$R="esi"; + +sub des_encrypt3 + { + local($name,$enc)=@_; + + &function_begin_B($name,""); + &push("ebx"); + &mov("ebx",&wparam(0)); + + &push("ebp"); + &push("esi"); + + &push("edi"); + + &comment(""); + &comment("Load the data words"); + &mov($L,&DWP(0,"ebx","",0)); + &mov($R,&DWP(4,"ebx","",0)); + &stack_push(3); + + &comment(""); + &comment("IP"); + &IP_new($L,$R,"edx",0); + + # put them back + + if ($enc) + { + &mov(&DWP(4,"ebx","",0),$R); + &mov("eax",&wparam(1)); + &mov(&DWP(0,"ebx","",0),"edx"); + &mov("edi",&wparam(2)); + &mov("esi",&wparam(3)); + } + else + { + &mov(&DWP(4,"ebx","",0),$R); + &mov("esi",&wparam(1)); + &mov(&DWP(0,"ebx","",0),"edx"); + &mov("edi",&wparam(2)); + &mov("eax",&wparam(3)); + } + &mov(&swtmp(2), (($enc)?"1":"0")); + &mov(&swtmp(1), "eax"); + &mov(&swtmp(0), "ebx"); + &call("des_encrypt2"); + &mov(&swtmp(2), (($enc)?"0":"1")); + &mov(&swtmp(1), "edi"); + &mov(&swtmp(0), "ebx"); + &call("des_encrypt2"); + &mov(&swtmp(2), (($enc)?"1":"0")); + &mov(&swtmp(1), "esi"); + &mov(&swtmp(0), "ebx"); + &call("des_encrypt2"); + + &stack_pop(3); + &mov($L,&DWP(0,"ebx","",0)); + &mov($R,&DWP(4,"ebx","",0)); + + &comment(""); + &comment("FP"); + &FP_new($L,$R,"eax",0); + + &mov(&DWP(0,"ebx","",0),"eax"); + &mov(&DWP(4,"ebx","",0),$R); + + &pop("edi"); + &pop("esi"); + &pop("ebp"); + &pop("ebx"); + &ret(); + &function_end_B($name); + } + + diff --git a/src/lib/libcrypto/des/cbc_cksm.c b/src/lib/libcrypto/des/cbc_cksm.c new file mode 100644 index 0000000000..edfdec8a0f --- /dev/null +++ b/src/lib/libcrypto/des/cbc_cksm.c @@ -0,0 +1,103 @@ +/* crypto/des/cbc_cksm.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include "des_locl.h" + +DES_LONG des_cbc_cksum(input, output, length, schedule, ivec) +des_cblock (*input); +des_cblock (*output); +long length; +des_key_schedule schedule; +des_cblock (*ivec); + { + register DES_LONG tout0,tout1,tin0,tin1; + register long l=length; + DES_LONG tin[2]; + unsigned char *in,*out,*iv; + + in=(unsigned char *)input; + out=(unsigned char *)output; + iv=(unsigned char *)ivec; + + c2l(iv,tout0); + c2l(iv,tout1); + for (; l>0; l-=8) + { + if (l >= 8) + { + c2l(in,tin0); + c2l(in,tin1); + } + else + c2ln(in,tin0,tin1,l); + + tin0^=tout0; tin[0]=tin0; + tin1^=tout1; tin[1]=tin1; + des_encrypt((DES_LONG *)tin,schedule,DES_ENCRYPT); + /* fix 15/10/91 eay - thanks to keithr@sco.COM */ + tout0=tin[0]; + tout1=tin[1]; + } + if (out != NULL) + { + l2c(tout0,out); + l2c(tout1,out); + } + tout0=tin0=tin1=tin[0]=tin[1]=0; + return(tout1); + } diff --git a/src/lib/libcrypto/des/cbc_enc.c b/src/lib/libcrypto/des/cbc_enc.c new file mode 100644 index 0000000000..a84a53633c --- /dev/null +++ b/src/lib/libcrypto/des/cbc_enc.c @@ -0,0 +1,135 @@ +/* crypto/des/cbc_enc.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include "des_locl.h" + +void des_cbc_encrypt(input, output, length, schedule, ivec, enc) +des_cblock (*input); +des_cblock (*output); +long length; +des_key_schedule schedule; +des_cblock (*ivec); +int enc; + { + register DES_LONG tin0,tin1; + register DES_LONG tout0,tout1,xor0,xor1; + register unsigned char *in,*out; + register long l=length; + DES_LONG tin[2]; + unsigned char *iv; + + in=(unsigned char *)input; + out=(unsigned char *)output; + iv=(unsigned char *)ivec; + + if (enc) + { + c2l(iv,tout0); + c2l(iv,tout1); + for (l-=8; l>=0; l-=8) + { + c2l(in,tin0); + c2l(in,tin1); + tin0^=tout0; tin[0]=tin0; + tin1^=tout1; tin[1]=tin1; + des_encrypt((DES_LONG *)tin,schedule,DES_ENCRYPT); + tout0=tin[0]; l2c(tout0,out); + tout1=tin[1]; l2c(tout1,out); + } + if (l != -8) + { + c2ln(in,tin0,tin1,l+8); + tin0^=tout0; tin[0]=tin0; + tin1^=tout1; tin[1]=tin1; + des_encrypt((DES_LONG *)tin,schedule,DES_ENCRYPT); + tout0=tin[0]; l2c(tout0,out); + tout1=tin[1]; l2c(tout1,out); + } + } + else + { + c2l(iv,xor0); + c2l(iv,xor1); + for (l-=8; l>=0; l-=8) + { + c2l(in,tin0); tin[0]=tin0; + c2l(in,tin1); tin[1]=tin1; + des_encrypt((DES_LONG *)tin,schedule,DES_DECRYPT); + tout0=tin[0]^xor0; + tout1=tin[1]^xor1; + l2c(tout0,out); + l2c(tout1,out); + xor0=tin0; + xor1=tin1; + } + if (l != -8) + { + c2l(in,tin0); tin[0]=tin0; + c2l(in,tin1); tin[1]=tin1; + des_encrypt((DES_LONG *)tin,schedule,DES_DECRYPT); + tout0=tin[0]^xor0; + tout1=tin[1]^xor1; + l2cn(tout0,tout1,out,l+8); + /* xor0=tin0; + xor1=tin1; */ + } + } + tin0=tin1=tout0=tout1=xor0=xor1=0; + tin[0]=tin[1]=0; + } + diff --git a/src/lib/libcrypto/des/cfb64ede.c b/src/lib/libcrypto/des/cfb64ede.c new file mode 100644 index 0000000000..80b8a9eaaa --- /dev/null +++ b/src/lib/libcrypto/des/cfb64ede.c @@ -0,0 +1,151 @@ +/* crypto/des/cfb64ede.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include "des_locl.h" + +/* The input and output encrypted as though 64bit cfb mode is being + * used. The extra state information to record how much of the + * 64bit block we have used is contained in *num; + */ + +void des_ede3_cfb64_encrypt(in, out, length, ks1,ks2,ks3, ivec, num, enc) +unsigned char *in; +unsigned char *out; +long length; +des_key_schedule ks1,ks2,ks3; +des_cblock (*ivec); +int *num; +int enc; + { + register DES_LONG v0,v1; + register long l=length; + register int n= *num; + DES_LONG ti[2]; + unsigned char *iv,c,cc; + + iv=(unsigned char *)ivec; + if (enc) + { + while (l--) + { + if (n == 0) + { + c2l(iv,v0); + c2l(iv,v1); + + ti[0]=v0; + ti[1]=v1; + des_encrypt3((DES_LONG *)ti,ks1,ks2,ks3); + v0=ti[0]; + v1=ti[1]; + + iv=(unsigned char *)ivec; + l2c(v0,iv); + l2c(v1,iv); + iv=(unsigned char *)ivec; + } + c= *(in++)^iv[n]; + *(out++)=c; + iv[n]=c; + n=(n+1)&0x07; + } + } + else + { + while (l--) + { + if (n == 0) + { + c2l(iv,v0); + c2l(iv,v1); + + ti[0]=v0; + ti[1]=v1; + des_encrypt3((DES_LONG *)ti,ks1,ks2,ks3); + v0=ti[0]; + v1=ti[1]; + + iv=(unsigned char *)ivec; + l2c(v0,iv); + l2c(v1,iv); + iv=(unsigned char *)ivec; + } + cc= *(in++); + c=iv[n]; + iv[n]=cc; + *(out++)=c^cc; + n=(n+1)&0x07; + } + } + v0=v1=ti[0]=ti[1]=c=cc=0; + *num=n; + } + +#ifdef undef /* MACRO */ +void des_ede2_cfb64_encrypt(in, out, length, ks1,ks2, ivec, num, enc) +unsigned char *in; +unsigned char *out; +long length; +des_key_schedule ks1,ks2; +des_cblock (*ivec); +int *num; +int enc; + { + des_ede3_cfb64_encrypt(in,out,length,ks1,ks2,ks1,ivec,num,enc); + } +#endif diff --git a/src/lib/libcrypto/des/cfb64enc.c b/src/lib/libcrypto/des/cfb64enc.c new file mode 100644 index 0000000000..403da479df --- /dev/null +++ b/src/lib/libcrypto/des/cfb64enc.c @@ -0,0 +1,128 @@ +/* crypto/des/cfb64enc.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include "des_locl.h" + +/* The input and output encrypted as though 64bit cfb mode is being + * used. The extra state information to record how much of the + * 64bit block we have used is contained in *num; + */ + +void des_cfb64_encrypt(in, out, length, schedule, ivec, num, enc) +unsigned char *in; +unsigned char *out; +long length; +des_key_schedule schedule; +des_cblock (*ivec); +int *num; +int enc; + { + register DES_LONG v0,v1; + register long l=length; + register int n= *num; + DES_LONG ti[2]; + unsigned char *iv,c,cc; + + iv=(unsigned char *)ivec; + if (enc) + { + while (l--) + { + if (n == 0) + { + c2l(iv,v0); ti[0]=v0; + c2l(iv,v1); ti[1]=v1; + des_encrypt((DES_LONG *)ti, + schedule,DES_ENCRYPT); + iv=(unsigned char *)ivec; + v0=ti[0]; l2c(v0,iv); + v0=ti[1]; l2c(v0,iv); + iv=(unsigned char *)ivec; + } + c= *(in++)^iv[n]; + *(out++)=c; + iv[n]=c; + n=(n+1)&0x07; + } + } + else + { + while (l--) + { + if (n == 0) + { + c2l(iv,v0); ti[0]=v0; + c2l(iv,v1); ti[1]=v1; + des_encrypt((DES_LONG *)ti, + schedule,DES_ENCRYPT); + iv=(unsigned char *)ivec; + v0=ti[0]; l2c(v0,iv); + v0=ti[1]; l2c(v0,iv); + iv=(unsigned char *)ivec; + } + cc= *(in++); + c=iv[n]; + iv[n]=cc; + *(out++)=c^cc; + n=(n+1)&0x07; + } + } + v0=v1=ti[0]=ti[1]=c=cc=0; + *num=n; + } + diff --git a/src/lib/libcrypto/des/cfb_enc.c b/src/lib/libcrypto/des/cfb_enc.c new file mode 100644 index 0000000000..342e785691 --- /dev/null +++ b/src/lib/libcrypto/des/cfb_enc.c @@ -0,0 +1,171 @@ +/* crypto/des/cfb_enc.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include "des_locl.h" + +/* The input and output are loaded in multiples of 8 bits. + * What this means is that if you hame numbits=12 and length=2 + * the first 12 bits will be retrieved from the first byte and half + * the second. The second 12 bits will come from the 3rd and half the 4th + * byte. + */ +void des_cfb_encrypt(in, out, numbits, length, schedule, ivec, enc) +unsigned char *in; +unsigned char *out; +int numbits; +long length; +des_key_schedule schedule; +des_cblock (*ivec); +int enc; + { + register DES_LONG d0,d1,v0,v1,n=(numbits+7)/8; + register DES_LONG mask0,mask1; + register unsigned long l=length; + register int num=numbits; + DES_LONG ti[2]; + unsigned char *iv; + + if (num > 64) return; + if (num > 32) + { + mask0=0xffffffffL; + if (num == 64) + mask1=mask0; + else mask1=(1L<<(num-32))-1; + } + else + { + if (num == 32) + mask0=0xffffffffL; + else mask0=(1L<= n) + { + l-=n; + ti[0]=v0; + ti[1]=v1; + des_encrypt((DES_LONG *)ti,schedule,DES_ENCRYPT); + c2ln(in,d0,d1,n); + in+=n; + d0=(d0^ti[0])&mask0; + d1=(d1^ti[1])&mask1; + l2cn(d0,d1,out,n); + out+=n; + /* 30-08-94 - eay - changed because l>>32 and + * l<<32 are bad under gcc :-( */ + if (num == 32) + { v0=v1; v1=d0; } + else if (num == 64) + { v0=d0; v1=d1; } + else if (num > 32) /* && num != 64 */ + { + v0=((v1>>(num-32))|(d0<<(64-num)))&0xffffffffL; + v1=((d0>>(num-32))|(d1<<(64-num)))&0xffffffffL; + } + else /* num < 32 */ + { + v0=((v0>>num)|(v1<<(32-num)))&0xffffffffL; + v1=((v1>>num)|(d0<<(32-num)))&0xffffffffL; + } + } + } + else + { + while (l >= n) + { + l-=n; + ti[0]=v0; + ti[1]=v1; + des_encrypt((DES_LONG *)ti,schedule,DES_ENCRYPT); + c2ln(in,d0,d1,n); + in+=n; + /* 30-08-94 - eay - changed because l>>32 and + * l<<32 are bad under gcc :-( */ + if (num == 32) + { v0=v1; v1=d0; } + else if (num == 64) + { v0=d0; v1=d1; } + else if (num > 32) /* && num != 64 */ + { + v0=((v1>>(num-32))|(d0<<(64-num)))&0xffffffffL; + v1=((d0>>(num-32))|(d1<<(64-num)))&0xffffffffL; + } + else /* num < 32 */ + { + v0=((v0>>num)|(v1<<(32-num)))&0xffffffffL; + v1=((v1>>num)|(d0<<(32-num)))&0xffffffffL; + } + d0=(d0^ti[0])&mask0; + d1=(d1^ti[1])&mask1; + l2cn(d0,d1,out,n); + out+=n; + } + } + iv=(unsigned char *)ivec; + l2c(v0,iv); + l2c(v1,iv); + v0=v1=d0=d1=ti[0]=ti[1]=0; + } + diff --git a/src/lib/libcrypto/des/des_enc.c b/src/lib/libcrypto/des/des_enc.c new file mode 100644 index 0000000000..e4db09299e --- /dev/null +++ b/src/lib/libcrypto/des/des_enc.c @@ -0,0 +1,502 @@ +/* crypto/des/des_enc.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include "des_locl.h" + +void des_encrypt(data, ks, enc) +DES_LONG *data; +des_key_schedule ks; +int enc; + { + register DES_LONG l,r,t,u; +#ifdef DES_PTR + register unsigned char *des_SP=(unsigned char *)des_SPtrans; +#endif +#ifndef DES_UNROLL + register int i; +#endif + register DES_LONG *s; + + r=data[0]; + l=data[1]; + + IP(r,l); + /* Things have been modified so that the initial rotate is + * done outside the loop. This required the + * des_SPtrans values in sp.h to be rotated 1 bit to the right. + * One perl script later and things have a 5% speed up on a sparc2. + * Thanks to Richard Outerbridge <71755.204@CompuServe.COM> + * for pointing this out. */ + /* clear the top bits on machines with 8byte longs */ + /* shift left by 2 */ + r=ROTATE(r,29)&0xffffffffL; + l=ROTATE(l,29)&0xffffffffL; + + s=(DES_LONG *)ks; + /* I don't know if it is worth the effort of loop unrolling the + * inner loop */ + if (enc) + { +#ifdef DES_UNROLL + D_ENCRYPT(l,r, 0); /* 1 */ + D_ENCRYPT(r,l, 2); /* 2 */ + D_ENCRYPT(l,r, 4); /* 3 */ + D_ENCRYPT(r,l, 6); /* 4 */ + D_ENCRYPT(l,r, 8); /* 5 */ + D_ENCRYPT(r,l,10); /* 6 */ + D_ENCRYPT(l,r,12); /* 7 */ + D_ENCRYPT(r,l,14); /* 8 */ + D_ENCRYPT(l,r,16); /* 9 */ + D_ENCRYPT(r,l,18); /* 10 */ + D_ENCRYPT(l,r,20); /* 11 */ + D_ENCRYPT(r,l,22); /* 12 */ + D_ENCRYPT(l,r,24); /* 13 */ + D_ENCRYPT(r,l,26); /* 14 */ + D_ENCRYPT(l,r,28); /* 15 */ + D_ENCRYPT(r,l,30); /* 16 */ +#else + for (i=0; i<32; i+=8) + { + D_ENCRYPT(l,r,i+0); /* 1 */ + D_ENCRYPT(r,l,i+2); /* 2 */ + D_ENCRYPT(l,r,i+4); /* 3 */ + D_ENCRYPT(r,l,i+6); /* 4 */ + } +#endif + } + else + { +#ifdef DES_UNROLL + D_ENCRYPT(l,r,30); /* 16 */ + D_ENCRYPT(r,l,28); /* 15 */ + D_ENCRYPT(l,r,26); /* 14 */ + D_ENCRYPT(r,l,24); /* 13 */ + D_ENCRYPT(l,r,22); /* 12 */ + D_ENCRYPT(r,l,20); /* 11 */ + D_ENCRYPT(l,r,18); /* 10 */ + D_ENCRYPT(r,l,16); /* 9 */ + D_ENCRYPT(l,r,14); /* 8 */ + D_ENCRYPT(r,l,12); /* 7 */ + D_ENCRYPT(l,r,10); /* 6 */ + D_ENCRYPT(r,l, 8); /* 5 */ + D_ENCRYPT(l,r, 6); /* 4 */ + D_ENCRYPT(r,l, 4); /* 3 */ + D_ENCRYPT(l,r, 2); /* 2 */ + D_ENCRYPT(r,l, 0); /* 1 */ +#else + for (i=30; i>0; i-=8) + { + D_ENCRYPT(l,r,i-0); /* 16 */ + D_ENCRYPT(r,l,i-2); /* 15 */ + D_ENCRYPT(l,r,i-4); /* 14 */ + D_ENCRYPT(r,l,i-6); /* 13 */ + } +#endif + } + + /* rotate and clear the top bits on machines with 8byte longs */ + l=ROTATE(l,3)&0xffffffffL; + r=ROTATE(r,3)&0xffffffffL; + + FP(r,l); + data[0]=l; + data[1]=r; + l=r=t=u=0; + } + +void des_encrypt2(data, ks, enc) +DES_LONG *data; +des_key_schedule ks; +int enc; + { + register DES_LONG l,r,t,u; +#ifdef DES_PTR + register unsigned char *des_SP=(unsigned char *)des_SPtrans; +#endif +#ifndef DES_UNROLL + register int i; +#endif + register DES_LONG *s; + + r=data[0]; + l=data[1]; + + /* Things have been modified so that the initial rotate is + * done outside the loop. This required the + * des_SPtrans values in sp.h to be rotated 1 bit to the right. + * One perl script later and things have a 5% speed up on a sparc2. + * Thanks to Richard Outerbridge <71755.204@CompuServe.COM> + * for pointing this out. */ + /* clear the top bits on machines with 8byte longs */ + r=ROTATE(r,29)&0xffffffffL; + l=ROTATE(l,29)&0xffffffffL; + + s=(DES_LONG *)ks; + /* I don't know if it is worth the effort of loop unrolling the + * inner loop */ + if (enc) + { +#ifdef DES_UNROLL + D_ENCRYPT(l,r, 0); /* 1 */ + D_ENCRYPT(r,l, 2); /* 2 */ + D_ENCRYPT(l,r, 4); /* 3 */ + D_ENCRYPT(r,l, 6); /* 4 */ + D_ENCRYPT(l,r, 8); /* 5 */ + D_ENCRYPT(r,l,10); /* 6 */ + D_ENCRYPT(l,r,12); /* 7 */ + D_ENCRYPT(r,l,14); /* 8 */ + D_ENCRYPT(l,r,16); /* 9 */ + D_ENCRYPT(r,l,18); /* 10 */ + D_ENCRYPT(l,r,20); /* 11 */ + D_ENCRYPT(r,l,22); /* 12 */ + D_ENCRYPT(l,r,24); /* 13 */ + D_ENCRYPT(r,l,26); /* 14 */ + D_ENCRYPT(l,r,28); /* 15 */ + D_ENCRYPT(r,l,30); /* 16 */ +#else + for (i=0; i<32; i+=8) + { + D_ENCRYPT(l,r,i+0); /* 1 */ + D_ENCRYPT(r,l,i+2); /* 2 */ + D_ENCRYPT(l,r,i+4); /* 3 */ + D_ENCRYPT(r,l,i+6); /* 4 */ + } +#endif + } + else + { +#ifdef DES_UNROLL + D_ENCRYPT(l,r,30); /* 16 */ + D_ENCRYPT(r,l,28); /* 15 */ + D_ENCRYPT(l,r,26); /* 14 */ + D_ENCRYPT(r,l,24); /* 13 */ + D_ENCRYPT(l,r,22); /* 12 */ + D_ENCRYPT(r,l,20); /* 11 */ + D_ENCRYPT(l,r,18); /* 10 */ + D_ENCRYPT(r,l,16); /* 9 */ + D_ENCRYPT(l,r,14); /* 8 */ + D_ENCRYPT(r,l,12); /* 7 */ + D_ENCRYPT(l,r,10); /* 6 */ + D_ENCRYPT(r,l, 8); /* 5 */ + D_ENCRYPT(l,r, 6); /* 4 */ + D_ENCRYPT(r,l, 4); /* 3 */ + D_ENCRYPT(l,r, 2); /* 2 */ + D_ENCRYPT(r,l, 0); /* 1 */ +#else + for (i=30; i>0; i-=8) + { + D_ENCRYPT(l,r,i-0); /* 16 */ + D_ENCRYPT(r,l,i-2); /* 15 */ + D_ENCRYPT(l,r,i-4); /* 14 */ + D_ENCRYPT(r,l,i-6); /* 13 */ + } +#endif + } + /* rotate and clear the top bits on machines with 8byte longs */ + data[0]=ROTATE(l,3)&0xffffffffL; + data[1]=ROTATE(r,3)&0xffffffffL; + l=r=t=u=0; + } + +void des_encrypt3(data,ks1,ks2,ks3) +DES_LONG *data; +des_key_schedule ks1; +des_key_schedule ks2; +des_key_schedule ks3; + { + register DES_LONG l,r; + + l=data[0]; + r=data[1]; + IP(l,r); + data[0]=l; + data[1]=r; + des_encrypt2((DES_LONG *)data,ks1,DES_ENCRYPT); + des_encrypt2((DES_LONG *)data,ks2,DES_DECRYPT); + des_encrypt2((DES_LONG *)data,ks3,DES_ENCRYPT); + l=data[0]; + r=data[1]; + FP(r,l); + data[0]=l; + data[1]=r; + } + +void des_decrypt3(data,ks1,ks2,ks3) +DES_LONG *data; +des_key_schedule ks1; +des_key_schedule ks2; +des_key_schedule ks3; + { + register DES_LONG l,r; + + l=data[0]; + r=data[1]; + IP(l,r); + data[0]=l; + data[1]=r; + des_encrypt2((DES_LONG *)data,ks3,DES_DECRYPT); + des_encrypt2((DES_LONG *)data,ks2,DES_ENCRYPT); + des_encrypt2((DES_LONG *)data,ks1,DES_DECRYPT); + l=data[0]; + r=data[1]; + FP(r,l); + data[0]=l; + data[1]=r; + } + +#ifndef DES_DEFAULT_OPTIONS + +void des_ncbc_encrypt(input, output, length, schedule, ivec, enc) +des_cblock (*input); +des_cblock (*output); +long length; +des_key_schedule schedule; +des_cblock (*ivec); +int enc; + { + register DES_LONG tin0,tin1; + register DES_LONG tout0,tout1,xor0,xor1; + register unsigned char *in,*out; + register long l=length; + DES_LONG tin[2]; + unsigned char *iv; + + in=(unsigned char *)input; + out=(unsigned char *)output; + iv=(unsigned char *)ivec; + + if (enc) + { + c2l(iv,tout0); + c2l(iv,tout1); + for (l-=8; l>=0; l-=8) + { + c2l(in,tin0); + c2l(in,tin1); + tin0^=tout0; tin[0]=tin0; + tin1^=tout1; tin[1]=tin1; + des_encrypt((DES_LONG *)tin,schedule,DES_ENCRYPT); + tout0=tin[0]; l2c(tout0,out); + tout1=tin[1]; l2c(tout1,out); + } + if (l != -8) + { + c2ln(in,tin0,tin1,l+8); + tin0^=tout0; tin[0]=tin0; + tin1^=tout1; tin[1]=tin1; + des_encrypt((DES_LONG *)tin,schedule,DES_ENCRYPT); + tout0=tin[0]; l2c(tout0,out); + tout1=tin[1]; l2c(tout1,out); + } + iv=(unsigned char *)ivec; + l2c(tout0,iv); + l2c(tout1,iv); + } + else + { + c2l(iv,xor0); + c2l(iv,xor1); + for (l-=8; l>=0; l-=8) + { + c2l(in,tin0); tin[0]=tin0; + c2l(in,tin1); tin[1]=tin1; + des_encrypt((DES_LONG *)tin,schedule,DES_DECRYPT); + tout0=tin[0]^xor0; + tout1=tin[1]^xor1; + l2c(tout0,out); + l2c(tout1,out); + xor0=tin0; + xor1=tin1; + } + if (l != -8) + { + c2l(in,tin0); tin[0]=tin0; + c2l(in,tin1); tin[1]=tin1; + des_encrypt((DES_LONG *)tin,schedule,DES_DECRYPT); + tout0=tin[0]^xor0; + tout1=tin[1]^xor1; + l2cn(tout0,tout1,out,l+8); + xor0=tin0; + xor1=tin1; + } + + iv=(unsigned char *)ivec; + l2c(xor0,iv); + l2c(xor1,iv); + } + tin0=tin1=tout0=tout1=xor0=xor1=0; + tin[0]=tin[1]=0; + } + +void des_ede3_cbc_encrypt(input, output, length, ks1, ks2, ks3, ivec, enc) +des_cblock (*input); +des_cblock (*output); +long length; +des_key_schedule ks1; +des_key_schedule ks2; +des_key_schedule ks3; +des_cblock (*ivec); +int enc; + { + register DES_LONG tin0,tin1; + register DES_LONG tout0,tout1,xor0,xor1; + register unsigned char *in,*out; + register long l=length; + DES_LONG tin[2]; + unsigned char *iv; + + in=(unsigned char *)input; + out=(unsigned char *)output; + iv=(unsigned char *)ivec; + + if (enc) + { + c2l(iv,tout0); + c2l(iv,tout1); + for (l-=8; l>=0; l-=8) + { + c2l(in,tin0); + c2l(in,tin1); + tin0^=tout0; + tin1^=tout1; + + tin[0]=tin0; + tin[1]=tin1; + des_encrypt3((DES_LONG *)tin,ks1,ks2,ks3); + tout0=tin[0]; + tout1=tin[1]; + + l2c(tout0,out); + l2c(tout1,out); + } + if (l != -8) + { + c2ln(in,tin0,tin1,l+8); + tin0^=tout0; + tin1^=tout1; + + tin[0]=tin0; + tin[1]=tin1; + des_encrypt3((DES_LONG *)tin,ks1,ks2,ks3); + tout0=tin[0]; + tout1=tin[1]; + + l2c(tout0,out); + l2c(tout1,out); + } + iv=(unsigned char *)ivec; + l2c(tout0,iv); + l2c(tout1,iv); + } + else + { + register DES_LONG t0,t1; + + c2l(iv,xor0); + c2l(iv,xor1); + for (l-=8; l>=0; l-=8) + { + c2l(in,tin0); + c2l(in,tin1); + + t0=tin0; + t1=tin1; + + tin[0]=tin0; + tin[1]=tin1; + des_decrypt3((DES_LONG *)tin,ks1,ks2,ks3); + tout0=tin[0]; + tout1=tin[1]; + + tout0^=xor0; + tout1^=xor1; + l2c(tout0,out); + l2c(tout1,out); + xor0=t0; + xor1=t1; + } + if (l != -8) + { + c2l(in,tin0); + c2l(in,tin1); + + t0=tin0; + t1=tin1; + + tin[0]=tin0; + tin[1]=tin1; + des_decrypt3((DES_LONG *)tin,ks1,ks2,ks3); + tout0=tin[0]; + tout1=tin[1]; + + tout0^=xor0; + tout1^=xor1; + l2cn(tout0,tout1,out,l+8); + xor0=t0; + xor1=t1; + } + + iv=(unsigned char *)ivec; + l2c(xor0,iv); + l2c(xor1,iv); + } + tin0=tin1=tout0=tout1=xor0=xor1=0; + tin[0]=tin[1]=0; + } + +#endif /* DES_DEFAULT_OPTIONS */ diff --git a/src/lib/libcrypto/des/ecb3_enc.c b/src/lib/libcrypto/des/ecb3_enc.c new file mode 100644 index 0000000000..140f6b5285 --- /dev/null +++ b/src/lib/libcrypto/des/ecb3_enc.c @@ -0,0 +1,87 @@ +/* crypto/des/ecb3_enc.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include "des_locl.h" + +void des_ecb3_encrypt(input, output, ks1, ks2, ks3, enc) +des_cblock (*input); +des_cblock (*output); +des_key_schedule ks1; +des_key_schedule ks2; +des_key_schedule ks3; +int enc; + { + register DES_LONG l0,l1; + register unsigned char *in,*out; + DES_LONG ll[2]; + + in=(unsigned char *)input; + out=(unsigned char *)output; + c2l(in,l0); + c2l(in,l1); + ll[0]=l0; + ll[1]=l1; + if (enc) + des_encrypt3(ll,ks1,ks2,ks3); + else + des_decrypt3(ll,ks1,ks2,ks3); + l0=ll[0]; + l1=ll[1]; + l2c(l0,out); + l2c(l1,out); + } diff --git a/src/lib/libcrypto/des/ecb_enc.c b/src/lib/libcrypto/des/ecb_enc.c new file mode 100644 index 0000000000..acf23fdd00 --- /dev/null +++ b/src/lib/libcrypto/des/ecb_enc.c @@ -0,0 +1,124 @@ +/* crypto/des/ecb_enc.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include "des_locl.h" +#include "spr.h" + +char *libdes_version="libdes v 3.24 - 20-Apr-1996 - eay"; +char *DES_version="DES part of SSLeay 0.9.0b 29-Jun-1998"; + +char *des_options() + { + static int init=1; + static char buf[32]; + + if (init) + { + char *ptr,*unroll,*risc,*size; + + init=0; +#ifdef DES_PTR + ptr="ptr"; +#else + ptr="idx"; +#endif +#if defined(DES_RISC1) || defined(DES_RISC2) +#ifdef DES_RISC1 + risc="risc1"; +#endif +#ifdef DES_RISC2 + risc="risc2"; +#endif +#else + risc="cisc"; +#endif +#ifdef DES_UNROLL + unroll="16"; +#else + unroll="4"; +#endif + if (sizeof(DES_LONG) != sizeof(long)) + size="int"; + else + size="long"; + sprintf(buf,"des(%s,%s,%s,%s)",ptr,risc,unroll,size); + } + return(buf); + } + + +void des_ecb_encrypt(input, output, ks, enc) +des_cblock (*input); +des_cblock (*output); +des_key_schedule ks; +int enc; + { + register DES_LONG l; + register unsigned char *in,*out; + DES_LONG ll[2]; + + in=(unsigned char *)input; + out=(unsigned char *)output; + c2l(in,l); ll[0]=l; + c2l(in,l); ll[1]=l; + des_encrypt(ll,ks,enc); + l=ll[0]; l2c(l,out); + l=ll[1]; l2c(l,out); + l=ll[0]=ll[1]=0; + } + diff --git a/src/lib/libcrypto/des/enc_read.c b/src/lib/libcrypto/des/enc_read.c new file mode 100644 index 0000000000..e08a904d75 --- /dev/null +++ b/src/lib/libcrypto/des/enc_read.c @@ -0,0 +1,218 @@ +/* crypto/des/enc_read.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include +#include +#include "des_locl.h" + +/* This has some uglies in it but it works - even over sockets. */ +/*extern int errno;*/ +int des_rw_mode=DES_PCBC_MODE; + +int des_enc_read(fd, buf, len, sched, iv) +int fd; +char *buf; +int len; +des_key_schedule sched; +des_cblock (*iv); + { + /* data to be unencrypted */ + int net_num=0; + static unsigned char *net=NULL; + /* extra unencrypted data + * for when a block of 100 comes in but is des_read one byte at + * a time. */ + static char *unnet=NULL; + static int unnet_start=0; + static int unnet_left=0; + static char *tmpbuf=NULL; + int i; + long num=0,rnum; + unsigned char *p; + + if (tmpbuf == NULL) + { + tmpbuf=(char *)malloc(BSIZE); + if (tmpbuf == NULL) return(-1); + } + if (net == NULL) + { + net=(unsigned char *)malloc(BSIZE); + if (net == NULL) return(-1); + } + if (unnet == NULL) + { + unnet=(char *)malloc(BSIZE); + if (unnet == NULL) return(-1); + } + /* left over data from last decrypt */ + if (unnet_left != 0) + { + if (unnet_left < len) + { + /* we still still need more data but will return + * with the number of bytes we have - should always + * check the return value */ + memcpy(buf,&(unnet[unnet_start]), + (unsigned int)unnet_left); + /* eay 26/08/92 I had the next 2 lines + * reversed :-( */ + i=unnet_left; + unnet_start=unnet_left=0; + } + else + { + memcpy(buf,&(unnet[unnet_start]),(unsigned int)len); + unnet_start+=len; + unnet_left-=len; + i=len; + } + return(i); + } + + /* We need to get more data. */ + if (len > MAXWRITE) len=MAXWRITE; + + /* first - get the length */ + while (net_num < HDRSIZE) + { + i=read(fd,&(net[net_num]),(unsigned int)HDRSIZE-net_num); +#ifdef EINTR + if ((i == -1) && (errno == EINTR)) continue; +#endif + if (i <= 0) return(0); + net_num+=i; + } + + /* we now have at net_num bytes in net */ + p=net; + /* num=0; */ + n2l(p,num); + /* num should be rounded up to the next group of eight + * we make sure that we have read a multiple of 8 bytes from the net. + */ + if ((num > MAXWRITE) || (num < 0)) /* error */ + return(-1); + rnum=(num < 8)?8:((num+7)/8*8); + + net_num=0; + while (net_num < rnum) + { + i=read(fd,&(net[net_num]),(unsigned int)rnum-net_num); +#ifdef EINTR + if ((i == -1) && (errno == EINTR)) continue; +#endif + if (i <= 0) return(0); + net_num+=i; + } + + /* Check if there will be data left over. */ + if (len < num) + { + if (des_rw_mode & DES_PCBC_MODE) + des_pcbc_encrypt((des_cblock *)net,(des_cblock *)unnet, + num,sched,iv,DES_DECRYPT); + else + des_cbc_encrypt((des_cblock *)net,(des_cblock *)unnet, + num,sched,iv,DES_DECRYPT); + memcpy(buf,unnet,(unsigned int)len); + unnet_start=len; + unnet_left=(int)num-len; + + /* The following line is done because we return num + * as the number of bytes read. */ + num=len; + } + else + { + /* >output is a multiple of 8 byes, if len < rnum + * >we must be careful. The user must be aware that this + * >routine will write more bytes than he asked for. + * >The length of the buffer must be correct. + * FIXED - Should be ok now 18-9-90 - eay */ + if (len < rnum) + { + + if (des_rw_mode & DES_PCBC_MODE) + des_pcbc_encrypt((des_cblock *)net, + (des_cblock *)tmpbuf, + num,sched,iv,DES_DECRYPT); + else + des_cbc_encrypt((des_cblock *)net, + (des_cblock *)tmpbuf, + num,sched,iv,DES_DECRYPT); + + /* eay 26/08/92 fix a bug that returned more + * bytes than you asked for (returned len bytes :-( */ + memcpy(buf,tmpbuf,(unsigned int)num); + } + else + { + if (des_rw_mode & DES_PCBC_MODE) + des_pcbc_encrypt((des_cblock *)net, + (des_cblock *)buf,num,sched,iv, + DES_DECRYPT); + else + des_cbc_encrypt((des_cblock *)net, + (des_cblock *)buf,num,sched,iv, + DES_DECRYPT); + } + } + return((int)num); + } + diff --git a/src/lib/libcrypto/des/enc_writ.c b/src/lib/libcrypto/des/enc_writ.c new file mode 100644 index 0000000000..29a7330fb0 --- /dev/null +++ b/src/lib/libcrypto/des/enc_writ.c @@ -0,0 +1,160 @@ +/* crypto/des/enc_writ.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include +#include +#include "des_locl.h" + +int des_enc_write(fd, buf, len, sched, iv) +int fd; +char *buf; +int len; +des_key_schedule sched; +des_cblock (*iv); + { +#ifdef _LIBC + extern int srandom(); + extern unsigned long time(); + extern int random(); + extern int write(); +#endif + + long rnum; + int i,j,k,outnum; + static char *outbuf=NULL; + char shortbuf[8]; + char *p; + static int start=1; + + if (outbuf == NULL) + { + outbuf=(char *)malloc(BSIZE+HDRSIZE); + if (outbuf == NULL) return(-1); + } + /* If we are sending less than 8 bytes, the same char will look + * the same if we don't pad it out with random bytes */ + if (start) + { + start=0; + srandom((unsigned int)time(NULL)); + } + + /* lets recurse if we want to send the data in small chunks */ + if (len > MAXWRITE) + { + j=0; + for (i=0; i MAXWRITE)?MAXWRITE:(len-i),sched,iv); + if (k < 0) + return(k); + else + j+=k; + } + return(j); + } + + /* write length first */ + p=outbuf; + l2n(len,p); + + /* pad short strings */ + if (len < 8) + { + p=shortbuf; + memcpy(shortbuf,buf,(unsigned int)len); + for (i=len; i<8; i++) + shortbuf[i]=random(); + rnum=8; + } + else + { + p=buf; + rnum=((len+7)/8*8); /* round up to nearest eight */ + } + + if (des_rw_mode & DES_PCBC_MODE) + des_pcbc_encrypt((des_cblock *)p, + (des_cblock *)&(outbuf[HDRSIZE]), + (long)((len<8)?8:len),sched,iv,DES_ENCRYPT); + else + des_cbc_encrypt((des_cblock *)p, + (des_cblock *)&(outbuf[HDRSIZE]), + (long)((len<8)?8:len),sched,iv,DES_ENCRYPT); + + /* output */ + outnum=(int)rnum+HDRSIZE; + + for (j=0; j + +/* This version of crypt has been developed from my MIT compatable + * DES library. + * The library is available at pub/Crypto/DES at ftp.psy.uq.oz.au + * Eric Young (eay@cryptsoft.com) + */ + +/* Modification by Jens Kupferschmidt (Cu) + * I have included directive PARA for shared memory computers. + * I have included a directive LONGCRYPT to using this routine to cipher + * passwords with more then 8 bytes like HP-UX 10.x it used. The MAXPLEN + * definition is the maximum of lenght of password and can changed. I have + * defined 24. + */ + +#include "des_locl.h" + +/* Added more values to handle illegal salt values the way normal + * crypt() implementations do. The patch was sent by + * Bjorn Gronvall + */ +static unsigned const char con_salt[128]={ +0xD2,0xD3,0xD4,0xD5,0xD6,0xD7,0xD8,0xD9, +0xDA,0xDB,0xDC,0xDD,0xDE,0xDF,0xE0,0xE1, +0xE2,0xE3,0xE4,0xE5,0xE6,0xE7,0xE8,0xE9, +0xEA,0xEB,0xEC,0xED,0xEE,0xEF,0xF0,0xF1, +0xF2,0xF3,0xF4,0xF5,0xF6,0xF7,0xF8,0xF9, +0xFA,0xFB,0xFC,0xFD,0xFE,0xFF,0x00,0x01, +0x02,0x03,0x04,0x05,0x06,0x07,0x08,0x09, +0x0A,0x0B,0x05,0x06,0x07,0x08,0x09,0x0A, +0x0B,0x0C,0x0D,0x0E,0x0F,0x10,0x11,0x12, +0x13,0x14,0x15,0x16,0x17,0x18,0x19,0x1A, +0x1B,0x1C,0x1D,0x1E,0x1F,0x20,0x21,0x22, +0x23,0x24,0x25,0x20,0x21,0x22,0x23,0x24, +0x25,0x26,0x27,0x28,0x29,0x2A,0x2B,0x2C, +0x2D,0x2E,0x2F,0x30,0x31,0x32,0x33,0x34, +0x35,0x36,0x37,0x38,0x39,0x3A,0x3B,0x3C, +0x3D,0x3E,0x3F,0x40,0x41,0x42,0x43,0x44, +}; + +static unsigned const char cov_2char[64]={ +0x2E,0x2F,0x30,0x31,0x32,0x33,0x34,0x35, +0x36,0x37,0x38,0x39,0x41,0x42,0x43,0x44, +0x45,0x46,0x47,0x48,0x49,0x4A,0x4B,0x4C, +0x4D,0x4E,0x4F,0x50,0x51,0x52,0x53,0x54, +0x55,0x56,0x57,0x58,0x59,0x5A,0x61,0x62, +0x63,0x64,0x65,0x66,0x67,0x68,0x69,0x6A, +0x6B,0x6C,0x6D,0x6E,0x6F,0x70,0x71,0x72, +0x73,0x74,0x75,0x76,0x77,0x78,0x79,0x7A +}; + +#ifndef NOPROTO +void fcrypt_body(DES_LONG *out,des_key_schedule ks, + DES_LONG Eswap0, DES_LONG Eswap1); + +#if defined(PERL5) || defined(FreeBSD) +char *des_crypt(const char *buf,const char *salt); +#else +char *crypt(const char *buf,const char *salt); +#endif +#else +void fcrypt_body(); +#ifdef PERL5 +char *des_crypt(); +#else +char *crypt(); +#endif +#endif + +#if defined(PERL5) || defined(FreeBSD) +char *des_crypt(buf,salt) +#else +char *crypt(buf,salt) +#endif +const char *buf; +const char *salt; + { + static char buff[14]; + + return(des_fcrypt(buf,salt,buff)); + } + + +char *des_fcrypt(buf,salt,ret) +const char *buf; +const char *salt; +char *ret; + { + unsigned int i,j,x,y; + DES_LONG Eswap0,Eswap1; + DES_LONG out[2],ll; + des_cblock key; + des_key_schedule ks; + unsigned char bb[9]; + unsigned char *b=bb; + unsigned char c,u; + + /* eay 25/08/92 + * If you call crypt("pwd","*") as often happens when you + * have * as the pwd field in /etc/passwd, the function + * returns *\0XXXXXXXXX + * The \0 makes the string look like * so the pwd "*" would + * crypt to "*". This was found when replacing the crypt in + * our shared libraries. People found that the disbled + * accounts effectivly had no passwd :-(. */ + x=ret[0]=((salt[0] == '\0')?'A':salt[0]); + Eswap0=con_salt[x]<<2; + x=ret[1]=((salt[1] == '\0')?'A':salt[1]); + Eswap1=con_salt[x]<<6; + +/* EAY +r=strlen(buf); +r=(r+7)/8; +*/ + for (i=0; i<8; i++) + { + c= *(buf++); + if (!c) break; + key[i]=(c<<1); + } + for (; i<8; i++) + key[i]=0; + + des_set_key((des_cblock *)(key),ks); + fcrypt_body(&(out[0]),ks,Eswap0,Eswap1); + + ll=out[0]; l2c(ll,b); + ll=out[1]; l2c(ll,b); + y=0; + u=0x80; + bb[8]=0; + for (i=2; i<13; i++) + { + c=0; + for (j=0; j<6; j++) + { + c<<=1; + if (bb[y] & u) c|=1; + u>>=1; + if (!u) + { + y++; + u=0x80; + } + } + ret[i]=cov_2char[c]; + } + ret[13]='\0'; + return(ret); + } + diff --git a/src/lib/libcrypto/des/fcrypt_b.c b/src/lib/libcrypto/des/fcrypt_b.c new file mode 100644 index 0000000000..1544634bc1 --- /dev/null +++ b/src/lib/libcrypto/des/fcrypt_b.c @@ -0,0 +1,148 @@ +/* crypto/des/fcrypt_b.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include + +/* This version of crypt has been developed from my MIT compatable + * DES library. + * The library is available at pub/Crypto/DES at ftp.psy.uq.oz.au + * Eric Young (eay@cryptsoft.com) + */ + +#define DES_FCRYPT +#include "des_locl.h" +#undef DES_FCRYPT + +#undef PERM_OP +#define PERM_OP(a,b,t,n,m) ((t)=((((a)>>(n))^(b))&(m)),\ + (b)^=(t),\ + (a)^=((t)<<(n))) + +#undef HPERM_OP +#define HPERM_OP(a,t,n,m) ((t)=((((a)<<(16-(n)))^(a))&(m)),\ + (a)=(a)^(t)^(t>>(16-(n))))\ + +void fcrypt_body(out, ks, Eswap0, Eswap1) +DES_LONG *out; +des_key_schedule ks; +DES_LONG Eswap0; +DES_LONG Eswap1; + { + register DES_LONG l,r,t,u; +#ifdef DES_PTR + register unsigned char *des_SP=(unsigned char *)des_SPtrans; +#endif + register DES_LONG *s; + register int j; + register DES_LONG E0,E1; + + l=0; + r=0; + + s=(DES_LONG *)ks; + E0=Eswap0; + E1=Eswap1; + + for (j=0; j<25; j++) + { +#ifdef DES_UNROLL + register int i; + + for (i=0; i<32; i+=8) + { + D_ENCRYPT(l,r,i+0); /* 1 */ + D_ENCRYPT(r,l,i+2); /* 2 */ + D_ENCRYPT(l,r,i+4); /* 1 */ + D_ENCRYPT(r,l,i+6); /* 2 */ + } +#else + D_ENCRYPT(l,r, 0); /* 1 */ + D_ENCRYPT(r,l, 2); /* 2 */ + D_ENCRYPT(l,r, 4); /* 3 */ + D_ENCRYPT(r,l, 6); /* 4 */ + D_ENCRYPT(l,r, 8); /* 5 */ + D_ENCRYPT(r,l,10); /* 6 */ + D_ENCRYPT(l,r,12); /* 7 */ + D_ENCRYPT(r,l,14); /* 8 */ + D_ENCRYPT(l,r,16); /* 9 */ + D_ENCRYPT(r,l,18); /* 10 */ + D_ENCRYPT(l,r,20); /* 11 */ + D_ENCRYPT(r,l,22); /* 12 */ + D_ENCRYPT(l,r,24); /* 13 */ + D_ENCRYPT(r,l,26); /* 14 */ + D_ENCRYPT(l,r,28); /* 15 */ + D_ENCRYPT(r,l,30); /* 16 */ +#endif + + t=l; + l=r; + r=t; + } + l=ROTATE(l,3)&0xffffffffL; + r=ROTATE(r,3)&0xffffffffL; + + PERM_OP(l,r,t, 1,0x55555555L); + PERM_OP(r,l,t, 8,0x00ff00ffL); + PERM_OP(l,r,t, 2,0x33333333L); + PERM_OP(r,l,t,16,0x0000ffffL); + PERM_OP(l,r,t, 4,0x0f0f0f0fL); + + out[0]=r; + out[1]=l; + } + diff --git a/src/lib/libcrypto/des/ncbc_enc.c b/src/lib/libcrypto/des/ncbc_enc.c new file mode 100644 index 0000000000..1d1a368c22 --- /dev/null +++ b/src/lib/libcrypto/des/ncbc_enc.c @@ -0,0 +1,130 @@ +/* crypto/des/ncbc_enc.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include "des_locl.h" + +void des_ncbc_encrypt(input, output, length, schedule, ivec, enc) +des_cblock (*input); +des_cblock (*output); +long length; +des_key_schedule schedule; +des_cblock (*ivec); +int enc; + { + register DES_LONG tin0,tin1; + register DES_LONG tout0,tout1,xor0,xor1; + register unsigned char *in,*out; + register long l=length; + DES_LONG tin[2]; + unsigned char *iv; + + in=(unsigned char *)input; + out=(unsigned char *)output; + iv=(unsigned char *)ivec; + + if (enc) + { + c2l(iv,tout0); + c2l(iv,tout1); + for (l-=8; l>=0; l-=8) + { + c2l(in,tin0); + c2l(in,tin1); + tin0^=tout0; tin[0]=tin0; + tin1^=tout1; tin[1]=tin1; + des_encrypt((DES_LONG *)tin,schedule,DES_ENCRYPT); + tout0=tin[0]; l2c(tout0,out); + tout1=tin[1]; l2c(tout1,out); + } + if (l != -8) + { + c2ln(in,tin0,tin1,l+8); + tin0^=tout0; tin[0]=tin0; + tin1^=tout1; tin[1]=tin1; + des_encrypt((DES_LONG *)tin,schedule,DES_ENCRYPT); + tout0=tin[0]; l2c(tout0,out); + tout1=tin[1]; l2c(tout1,out); + } + iv=(unsigned char *)ivec; + l2c(tout0,iv); + l2c(tout1,iv); + } + else + { + c2l(iv,xor0); + c2l(iv,xor1); + for (l-=8; l>=0; l-=8) + { + c2l(in,tin0); tin[0]=tin0; + c2l(in,tin1); tin[1]=tin1; + des_encrypt((DES_LONG *)tin,schedule,DES_DECRYPT); + tout0=tin[0]^xor0; + tout1=tin[1]^xor1; + l2c(tout0,out); + l2c(tout1,out); + xor0=tin0; + xor1=tin1; + } + iv=(unsigned char *)ivec; + l2c(xor0,iv); + l2c(xor1,iv); + } + tin0=tin1=tout0=tout1=xor0=xor1=0; + tin[0]=tin[1]=0; + } + diff --git a/src/lib/libcrypto/des/ofb64ede.c b/src/lib/libcrypto/des/ofb64ede.c new file mode 100644 index 0000000000..4b1b0199f1 --- /dev/null +++ b/src/lib/libcrypto/des/ofb64ede.c @@ -0,0 +1,131 @@ +/* crypto/des/ofb64ede.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include "des_locl.h" + +/* The input and output encrypted as though 64bit ofb mode is being + * used. The extra state information to record how much of the + * 64bit block we have used is contained in *num; + */ +void des_ede3_ofb64_encrypt(in, out, length, k1,k2,k3, ivec, num) +register unsigned char *in; +register unsigned char *out; +long length; +des_key_schedule k1,k2,k3; +des_cblock (*ivec); +int *num; + { + register DES_LONG v0,v1; + register int n= *num; + register long l=length; + des_cblock d; + register char *dp; + DES_LONG ti[2]; + unsigned char *iv; + int save=0; + + iv=(unsigned char *)ivec; + c2l(iv,v0); + c2l(iv,v1); + ti[0]=v0; + ti[1]=v1; + dp=(char *)d; + l2c(v0,dp); + l2c(v1,dp); + while (l--) + { + if (n == 0) + { + /* ti[0]=v0; */ + /* ti[1]=v1; */ + des_encrypt3((DES_LONG *)ti,k1,k2,k3); + v0=ti[0]; + v1=ti[1]; + + dp=(char *)d; + l2c(v0,dp); + l2c(v1,dp); + save++; + } + *(out++)= *(in++)^d[n]; + n=(n+1)&0x07; + } + if (save) + { +/* v0=ti[0]; + v1=ti[1];*/ + iv=(unsigned char *)ivec; + l2c(v0,iv); + l2c(v1,iv); + } + v0=v1=ti[0]=ti[1]=0; + *num=n; + } + +#ifdef undef /* MACRO */ +void des_ede2_ofb64_encrypt(in, out, length, k1,k2, ivec, num) +register unsigned char *in; +register unsigned char *out; +long length; +des_key_schedule k1,k2; +des_cblock (*ivec); +int *num; + { + des_ede3_ofb64_encrypt(in, out, length, k1,k2,k1, ivec, num); + } +#endif diff --git a/src/lib/libcrypto/des/ofb64enc.c b/src/lib/libcrypto/des/ofb64enc.c new file mode 100644 index 0000000000..ea7e612697 --- /dev/null +++ b/src/lib/libcrypto/des/ofb64enc.c @@ -0,0 +1,114 @@ +/* crypto/des/ofb64enc.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include "des_locl.h" + +/* The input and output encrypted as though 64bit ofb mode is being + * used. The extra state information to record how much of the + * 64bit block we have used is contained in *num; + */ +void des_ofb64_encrypt(in, out, length, schedule, ivec, num) +register unsigned char *in; +register unsigned char *out; +long length; +des_key_schedule schedule; +des_cblock (*ivec); +int *num; + { + register DES_LONG v0,v1,t; + register int n= *num; + register long l=length; + des_cblock d; + register char *dp; + DES_LONG ti[2]; + unsigned char *iv; + int save=0; + + iv=(unsigned char *)ivec; + c2l(iv,v0); + c2l(iv,v1); + ti[0]=v0; + ti[1]=v1; + dp=(char *)d; + l2c(v0,dp); + l2c(v1,dp); + while (l--) + { + if (n == 0) + { + des_encrypt((DES_LONG *)ti,schedule,DES_ENCRYPT); + dp=(char *)d; + t=ti[0]; l2c(t,dp); + t=ti[1]; l2c(t,dp); + save++; + } + *(out++)= *(in++)^d[n]; + n=(n+1)&0x07; + } + if (save) + { + v0=ti[0]; + v1=ti[1]; + iv=(unsigned char *)ivec; + l2c(v0,iv); + l2c(v1,iv); + } + t=v0=v1=ti[0]=ti[1]=0; + *num=n; + } + diff --git a/src/lib/libcrypto/des/ofb_enc.c b/src/lib/libcrypto/des/ofb_enc.c new file mode 100644 index 0000000000..4db0cdbd60 --- /dev/null +++ b/src/lib/libcrypto/des/ofb_enc.c @@ -0,0 +1,139 @@ +/* crypto/des/ofb_enc.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include "des_locl.h" + +/* The input and output are loaded in multiples of 8 bits. + * What this means is that if you hame numbits=12 and length=2 + * the first 12 bits will be retrieved from the first byte and half + * the second. The second 12 bits will come from the 3rd and half the 4th + * byte. + */ +void des_ofb_encrypt(in, out, numbits, length, schedule, ivec) +unsigned char *in; +unsigned char *out; +int numbits; +long length; +des_key_schedule schedule; +des_cblock (*ivec); + { + register DES_LONG d0,d1,vv0,vv1,v0,v1,n=(numbits+7)/8; + register DES_LONG mask0,mask1; + register long l=length; + register int num=numbits; + DES_LONG ti[2]; + unsigned char *iv; + + if (num > 64) return; + if (num > 32) + { + mask0=0xffffffffL; + if (num >= 64) + mask1=mask0; + else + mask1=(1L<<(num-32))-1; + } + else + { + if (num == 32) + mask0=0xffffffffL; + else + mask0=(1L< 0) + { + ti[0]=v0; + ti[1]=v1; + des_encrypt((DES_LONG *)ti,schedule,DES_ENCRYPT); + vv0=ti[0]; + vv1=ti[1]; + c2ln(in,d0,d1,n); + in+=n; + d0=(d0^vv0)&mask0; + d1=(d1^vv1)&mask1; + l2cn(d0,d1,out,n); + out+=n; + + if (num == 32) + { v0=v1; v1=vv0; } + else if (num == 64) + { v0=vv0; v1=vv1; } + else if (num > 32) /* && num != 64 */ + { + v0=((v1>>(num-32))|(vv0<<(64-num)))&0xffffffffL; + v1=((vv0>>(num-32))|(vv1<<(64-num)))&0xffffffffL; + } + else /* num < 32 */ + { + v0=((v0>>num)|(v1<<(32-num)))&0xffffffffL; + v1=((v1>>num)|(vv0<<(32-num)))&0xffffffffL; + } + } + iv=(unsigned char *)ivec; + l2c(v0,iv); + l2c(v1,iv); + v0=v1=d0=d1=ti[0]=ti[1]=vv0=vv1=0; + } + diff --git a/src/lib/libcrypto/des/pcbc_enc.c b/src/lib/libcrypto/des/pcbc_enc.c new file mode 100644 index 0000000000..4513207d90 --- /dev/null +++ b/src/lib/libcrypto/des/pcbc_enc.c @@ -0,0 +1,126 @@ +/* crypto/des/pcbc_enc.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include "des_locl.h" + +void des_pcbc_encrypt(input, output, length, schedule, ivec, enc) +des_cblock (*input); +des_cblock (*output); +long length; +des_key_schedule schedule; +des_cblock (*ivec); +int enc; + { + register DES_LONG sin0,sin1,xor0,xor1,tout0,tout1; + DES_LONG tin[2]; + unsigned char *in,*out,*iv; + + in=(unsigned char *)input; + out=(unsigned char *)output; + iv=(unsigned char *)ivec; + + if (enc) + { + c2l(iv,xor0); + c2l(iv,xor1); + for (; length>0; length-=8) + { + if (length >= 8) + { + c2l(in,sin0); + c2l(in,sin1); + } + else + c2ln(in,sin0,sin1,length); + tin[0]=sin0^xor0; + tin[1]=sin1^xor1; + des_encrypt((DES_LONG *)tin,schedule,DES_ENCRYPT); + tout0=tin[0]; + tout1=tin[1]; + xor0=sin0^tout0; + xor1=sin1^tout1; + l2c(tout0,out); + l2c(tout1,out); + } + } + else + { + c2l(iv,xor0); c2l(iv,xor1); + for (; length>0; length-=8) + { + c2l(in,sin0); + c2l(in,sin1); + tin[0]=sin0; + tin[1]=sin1; + des_encrypt((DES_LONG *)tin,schedule,DES_DECRYPT); + tout0=tin[0]^xor0; + tout1=tin[1]^xor1; + if (length >= 8) + { + l2c(tout0,out); + l2c(tout1,out); + } + else + l2cn(tout0,tout1,out,length); + xor0=tout0^sin0; + xor1=tout1^sin1; + } + } + tin[0]=tin[1]=0; + sin0=sin1=xor0=xor1=tout0=tout1=0; + } diff --git a/src/lib/libcrypto/des/qud_cksm.c b/src/lib/libcrypto/des/qud_cksm.c new file mode 100644 index 0000000000..8526abf334 --- /dev/null +++ b/src/lib/libcrypto/des/qud_cksm.c @@ -0,0 +1,144 @@ +/* crypto/des/qud_cksm.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +/* From "Message Authentication" R.R. Jueneman, S.M. Matyas, C.H. Meyer + * IEEE Communications Magazine Sept 1985 Vol. 23 No. 9 p 29-40 + * This module in only based on the code in this paper and is + * almost definitely not the same as the MIT implementation. + */ +#include "des_locl.h" + +/* bug fix for dos - 7/6/91 - Larry hughes@logos.ucs.indiana.edu */ +#define Q_B0(a) (((DES_LONG)(a))) +#define Q_B1(a) (((DES_LONG)(a))<<8) +#define Q_B2(a) (((DES_LONG)(a))<<16) +#define Q_B3(a) (((DES_LONG)(a))<<24) + +/* used to scramble things a bit */ +/* Got the value MIT uses via brute force :-) 2/10/90 eay */ +#define NOISE ((DES_LONG)83653421L) + +DES_LONG des_quad_cksum(input, output, length, out_count, seed) +des_cblock (*input); +des_cblock (*output); +long length; +int out_count; +des_cblock (*seed); + { + DES_LONG z0,z1,t0,t1; + int i; + long l; + unsigned char *cp; + unsigned char *lp; + + if (out_count < 1) out_count=1; + lp=(unsigned char *)output; + + z0=Q_B0((*seed)[0])|Q_B1((*seed)[1])|Q_B2((*seed)[2])|Q_B3((*seed)[3]); + z1=Q_B0((*seed)[4])|Q_B1((*seed)[5])|Q_B2((*seed)[6])|Q_B3((*seed)[7]); + + for (i=0; ((i<4)&&(i 0) + { + if (l > 1) + { + t0= (DES_LONG)(*(cp++)); + t0|=(DES_LONG)Q_B1(*(cp++)); + l--; + } + else + t0= (DES_LONG)(*(cp++)); + l--; + /* add */ + t0+=z0; + t0&=0xffffffffL; + t1=z1; + /* square, well sort of square */ + z0=((((t0*t0)&0xffffffffL)+((t1*t1)&0xffffffffL)) + &0xffffffffL)%0x7fffffffL; + z1=((t0*((t1+NOISE)&0xffffffffL))&0xffffffffL)%0x7fffffffL; + } + if (lp != NULL) + { + /* I believe I finally have things worked out. + * The MIT library assumes that the checksum + * is one huge number and it is returned in a + * host dependant byte order. + */ + static DES_LONG ltmp=1; + static unsigned char *c=(unsigned char *)<mp; + + if (c[0]) + { + l2c(z0,lp); + l2c(z1,lp); + } + else + { + lp=output[out_count-i-1]; + l2n(z1,lp); + l2n(z0,lp); + } + } + } + return(z0); + } + diff --git a/src/lib/libcrypto/des/rand_key.c b/src/lib/libcrypto/des/rand_key.c new file mode 100644 index 0000000000..8c30bd029a --- /dev/null +++ b/src/lib/libcrypto/des/rand_key.c @@ -0,0 +1,118 @@ +/* crypto/des/rand_key.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include "des_locl.h" +#include + +static int seed=0; +static des_cblock init; + +void des_random_seed(key) +des_cblock key; + { + memcpy(init,key,sizeof(des_cblock)); + seed=1; + } + +void des_random_key(ret) +unsigned char *ret; + { + des_key_schedule ks; + static DES_LONG c=0; + static unsigned short pid=0; + static des_cblock data={0x01,0x23,0x45,0x67,0x89,0xab,0xcd,0xef}; + des_cblock key; + unsigned char *p; + DES_LONG t; + int i; + +#ifdef MSDOS + pid=1; +#else + if (!pid) pid=getpid(); +#endif + p=key; + if (seed) + { + for (i=0; i<8; i++) + { + data[i] ^= init[i]; + init[i]=0; + } + seed=0; + } + t=(DES_LONG)time(NULL); + l2c(t,p); + t=(DES_LONG)((pid)|((c++)<<16)); + l2c(t,p); + + des_set_odd_parity((des_cblock *)data); + des_set_key((des_cblock *)data,ks); + des_cbc_cksum((des_cblock *)key,(des_cblock *)key, + (long)sizeof(key),ks,(des_cblock *)data); + + des_set_odd_parity((des_cblock *)key); + des_set_key((des_cblock *)key,ks); + des_cbc_cksum((des_cblock *)key,(des_cblock *)data, + (long)sizeof(key),ks,(des_cblock *)key); + + memcpy(ret,data,sizeof(key)); + memset(key,0,sizeof(key)); + memset(ks,0,sizeof(ks)); + t=0; + } diff --git a/src/lib/libcrypto/des/set_key.c b/src/lib/libcrypto/des/set_key.c new file mode 100644 index 0000000000..c3bcd7ee2b --- /dev/null +++ b/src/lib/libcrypto/des/set_key.c @@ -0,0 +1,246 @@ +/* crypto/des/set_key.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +/* set_key.c v 1.4 eay 24/9/91 + * 1.4 Speed up by 400% :-) + * 1.3 added register declarations. + * 1.2 unrolled make_key_sched a bit more + * 1.1 added norm_expand_bits + * 1.0 First working version + */ +#include "des_locl.h" +#include "podd.h" +#include "sk.h" + +#ifndef NOPROTO +static int check_parity(des_cblock (*key)); +#else +static int check_parity(); +#endif + +int des_check_key=0; + +void des_set_odd_parity(key) +des_cblock (*key); + { + int i; + + for (i=0; i>(n))^(b))&(m)),\ + * (b)^=(t),\ + * (a)=((a)^((t)<<(n)))) + */ + +#define HPERM_OP(a,t,n,m) ((t)=((((a)<<(16-(n)))^(a))&(m)),\ + (a)=(a)^(t)^(t>>(16-(n)))) + +/* return 0 if key parity is odd (correct), + * return -1 if key parity error, + * return -2 if illegal weak key. + */ +int des_set_key(key, schedule) +des_cblock (*key); +des_key_schedule schedule; + { + static int shifts2[16]={0,0,1,1,1,1,1,1,0,1,1,1,1,1,1,0}; + register DES_LONG c,d,t,s,t2; + register unsigned char *in; + register DES_LONG *k; + register int i; + + if (des_check_key) + { + if (!check_parity(key)) + return(-1); + + if (des_is_weak_key(key)) + return(-2); + } + + k=(DES_LONG *)schedule; + in=(unsigned char *)key; + + c2l(in,c); + c2l(in,d); + + /* do PC1 in 60 simple operations */ +/* PERM_OP(d,c,t,4,0x0f0f0f0fL); + HPERM_OP(c,t,-2, 0xcccc0000L); + HPERM_OP(c,t,-1, 0xaaaa0000L); + HPERM_OP(c,t, 8, 0x00ff0000L); + HPERM_OP(c,t,-1, 0xaaaa0000L); + HPERM_OP(d,t,-8, 0xff000000L); + HPERM_OP(d,t, 8, 0x00ff0000L); + HPERM_OP(d,t, 2, 0x33330000L); + d=((d&0x00aa00aaL)<<7L)|((d&0x55005500L)>>7L)|(d&0xaa55aa55L); + d=(d>>8)|((c&0xf0000000L)>>4); + c&=0x0fffffffL; */ + + /* I now do it in 47 simple operations :-) + * Thanks to John Fletcher (john_fletcher@lccmail.ocf.llnl.gov) + * for the inspiration. :-) */ + PERM_OP (d,c,t,4,0x0f0f0f0fL); + HPERM_OP(c,t,-2,0xcccc0000L); + HPERM_OP(d,t,-2,0xcccc0000L); + PERM_OP (d,c,t,1,0x55555555L); + PERM_OP (c,d,t,8,0x00ff00ffL); + PERM_OP (d,c,t,1,0x55555555L); + d= (((d&0x000000ffL)<<16L)| (d&0x0000ff00L) | + ((d&0x00ff0000L)>>16L)|((c&0xf0000000L)>>4L)); + c&=0x0fffffffL; + + for (i=0; i>2L)|(c<<26L)); d=((d>>2L)|(d<<26L)); } + else + { c=((c>>1L)|(c<<27L)); d=((d>>1L)|(d<<27L)); } + c&=0x0fffffffL; + d&=0x0fffffffL; + /* could be a few less shifts but I am to lazy at this + * point in time to investigate */ + s= des_skb[0][ (c )&0x3f ]| + des_skb[1][((c>> 6)&0x03)|((c>> 7L)&0x3c)]| + des_skb[2][((c>>13)&0x0f)|((c>>14L)&0x30)]| + des_skb[3][((c>>20)&0x01)|((c>>21L)&0x06) | + ((c>>22L)&0x38)]; + t= des_skb[4][ (d )&0x3f ]| + des_skb[5][((d>> 7L)&0x03)|((d>> 8L)&0x3c)]| + des_skb[6][ (d>>15L)&0x3f ]| + des_skb[7][((d>>21L)&0x0f)|((d>>22L)&0x30)]; + + /* table contained 0213 4657 */ + t2=((t<<16L)|(s&0x0000ffffL))&0xffffffffL; + *(k++)=ROTATE(t2,30)&0xffffffffL; + + t2=((s>>16L)|(t&0xffff0000L)); + *(k++)=ROTATE(t2,26)&0xffffffffL; + } + return(0); + } + +int des_key_sched(key, schedule) +des_cblock (*key); +des_key_schedule schedule; + { + return(des_set_key(key,schedule)); + } diff --git a/src/lib/libcrypto/des/spr.h b/src/lib/libcrypto/des/spr.h new file mode 100644 index 0000000000..81813f9f7a --- /dev/null +++ b/src/lib/libcrypto/des/spr.h @@ -0,0 +1,204 @@ +/* crypto/des/spr.h */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +const DES_LONG des_SPtrans[8][64]={ +{ +/* nibble 0 */ +0x02080800L, 0x00080000L, 0x02000002L, 0x02080802L, +0x02000000L, 0x00080802L, 0x00080002L, 0x02000002L, +0x00080802L, 0x02080800L, 0x02080000L, 0x00000802L, +0x02000802L, 0x02000000L, 0x00000000L, 0x00080002L, +0x00080000L, 0x00000002L, 0x02000800L, 0x00080800L, +0x02080802L, 0x02080000L, 0x00000802L, 0x02000800L, +0x00000002L, 0x00000800L, 0x00080800L, 0x02080002L, +0x00000800L, 0x02000802L, 0x02080002L, 0x00000000L, +0x00000000L, 0x02080802L, 0x02000800L, 0x00080002L, +0x02080800L, 0x00080000L, 0x00000802L, 0x02000800L, +0x02080002L, 0x00000800L, 0x00080800L, 0x02000002L, +0x00080802L, 0x00000002L, 0x02000002L, 0x02080000L, +0x02080802L, 0x00080800L, 0x02080000L, 0x02000802L, +0x02000000L, 0x00000802L, 0x00080002L, 0x00000000L, +0x00080000L, 0x02000000L, 0x02000802L, 0x02080800L, +0x00000002L, 0x02080002L, 0x00000800L, 0x00080802L, +},{ +/* nibble 1 */ +0x40108010L, 0x00000000L, 0x00108000L, 0x40100000L, +0x40000010L, 0x00008010L, 0x40008000L, 0x00108000L, +0x00008000L, 0x40100010L, 0x00000010L, 0x40008000L, +0x00100010L, 0x40108000L, 0x40100000L, 0x00000010L, +0x00100000L, 0x40008010L, 0x40100010L, 0x00008000L, +0x00108010L, 0x40000000L, 0x00000000L, 0x00100010L, +0x40008010L, 0x00108010L, 0x40108000L, 0x40000010L, +0x40000000L, 0x00100000L, 0x00008010L, 0x40108010L, +0x00100010L, 0x40108000L, 0x40008000L, 0x00108010L, +0x40108010L, 0x00100010L, 0x40000010L, 0x00000000L, +0x40000000L, 0x00008010L, 0x00100000L, 0x40100010L, +0x00008000L, 0x40000000L, 0x00108010L, 0x40008010L, +0x40108000L, 0x00008000L, 0x00000000L, 0x40000010L, +0x00000010L, 0x40108010L, 0x00108000L, 0x40100000L, +0x40100010L, 0x00100000L, 0x00008010L, 0x40008000L, +0x40008010L, 0x00000010L, 0x40100000L, 0x00108000L, +},{ +/* nibble 2 */ +0x04000001L, 0x04040100L, 0x00000100L, 0x04000101L, +0x00040001L, 0x04000000L, 0x04000101L, 0x00040100L, +0x04000100L, 0x00040000L, 0x04040000L, 0x00000001L, +0x04040101L, 0x00000101L, 0x00000001L, 0x04040001L, +0x00000000L, 0x00040001L, 0x04040100L, 0x00000100L, +0x00000101L, 0x04040101L, 0x00040000L, 0x04000001L, +0x04040001L, 0x04000100L, 0x00040101L, 0x04040000L, +0x00040100L, 0x00000000L, 0x04000000L, 0x00040101L, +0x04040100L, 0x00000100L, 0x00000001L, 0x00040000L, +0x00000101L, 0x00040001L, 0x04040000L, 0x04000101L, +0x00000000L, 0x04040100L, 0x00040100L, 0x04040001L, +0x00040001L, 0x04000000L, 0x04040101L, 0x00000001L, +0x00040101L, 0x04000001L, 0x04000000L, 0x04040101L, +0x00040000L, 0x04000100L, 0x04000101L, 0x00040100L, +0x04000100L, 0x00000000L, 0x04040001L, 0x00000101L, +0x04000001L, 0x00040101L, 0x00000100L, 0x04040000L, +},{ +/* nibble 3 */ +0x00401008L, 0x10001000L, 0x00000008L, 0x10401008L, +0x00000000L, 0x10400000L, 0x10001008L, 0x00400008L, +0x10401000L, 0x10000008L, 0x10000000L, 0x00001008L, +0x10000008L, 0x00401008L, 0x00400000L, 0x10000000L, +0x10400008L, 0x00401000L, 0x00001000L, 0x00000008L, +0x00401000L, 0x10001008L, 0x10400000L, 0x00001000L, +0x00001008L, 0x00000000L, 0x00400008L, 0x10401000L, +0x10001000L, 0x10400008L, 0x10401008L, 0x00400000L, +0x10400008L, 0x00001008L, 0x00400000L, 0x10000008L, +0x00401000L, 0x10001000L, 0x00000008L, 0x10400000L, +0x10001008L, 0x00000000L, 0x00001000L, 0x00400008L, +0x00000000L, 0x10400008L, 0x10401000L, 0x00001000L, +0x10000000L, 0x10401008L, 0x00401008L, 0x00400000L, +0x10401008L, 0x00000008L, 0x10001000L, 0x00401008L, +0x00400008L, 0x00401000L, 0x10400000L, 0x10001008L, +0x00001008L, 0x10000000L, 0x10000008L, 0x10401000L, +},{ +/* nibble 4 */ +0x08000000L, 0x00010000L, 0x00000400L, 0x08010420L, +0x08010020L, 0x08000400L, 0x00010420L, 0x08010000L, +0x00010000L, 0x00000020L, 0x08000020L, 0x00010400L, +0x08000420L, 0x08010020L, 0x08010400L, 0x00000000L, +0x00010400L, 0x08000000L, 0x00010020L, 0x00000420L, +0x08000400L, 0x00010420L, 0x00000000L, 0x08000020L, +0x00000020L, 0x08000420L, 0x08010420L, 0x00010020L, +0x08010000L, 0x00000400L, 0x00000420L, 0x08010400L, +0x08010400L, 0x08000420L, 0x00010020L, 0x08010000L, +0x00010000L, 0x00000020L, 0x08000020L, 0x08000400L, +0x08000000L, 0x00010400L, 0x08010420L, 0x00000000L, +0x00010420L, 0x08000000L, 0x00000400L, 0x00010020L, +0x08000420L, 0x00000400L, 0x00000000L, 0x08010420L, +0x08010020L, 0x08010400L, 0x00000420L, 0x00010000L, +0x00010400L, 0x08010020L, 0x08000400L, 0x00000420L, +0x00000020L, 0x00010420L, 0x08010000L, 0x08000020L, +},{ +/* nibble 5 */ +0x80000040L, 0x00200040L, 0x00000000L, 0x80202000L, +0x00200040L, 0x00002000L, 0x80002040L, 0x00200000L, +0x00002040L, 0x80202040L, 0x00202000L, 0x80000000L, +0x80002000L, 0x80000040L, 0x80200000L, 0x00202040L, +0x00200000L, 0x80002040L, 0x80200040L, 0x00000000L, +0x00002000L, 0x00000040L, 0x80202000L, 0x80200040L, +0x80202040L, 0x80200000L, 0x80000000L, 0x00002040L, +0x00000040L, 0x00202000L, 0x00202040L, 0x80002000L, +0x00002040L, 0x80000000L, 0x80002000L, 0x00202040L, +0x80202000L, 0x00200040L, 0x00000000L, 0x80002000L, +0x80000000L, 0x00002000L, 0x80200040L, 0x00200000L, +0x00200040L, 0x80202040L, 0x00202000L, 0x00000040L, +0x80202040L, 0x00202000L, 0x00200000L, 0x80002040L, +0x80000040L, 0x80200000L, 0x00202040L, 0x00000000L, +0x00002000L, 0x80000040L, 0x80002040L, 0x80202000L, +0x80200000L, 0x00002040L, 0x00000040L, 0x80200040L, +},{ +/* nibble 6 */ +0x00004000L, 0x00000200L, 0x01000200L, 0x01000004L, +0x01004204L, 0x00004004L, 0x00004200L, 0x00000000L, +0x01000000L, 0x01000204L, 0x00000204L, 0x01004000L, +0x00000004L, 0x01004200L, 0x01004000L, 0x00000204L, +0x01000204L, 0x00004000L, 0x00004004L, 0x01004204L, +0x00000000L, 0x01000200L, 0x01000004L, 0x00004200L, +0x01004004L, 0x00004204L, 0x01004200L, 0x00000004L, +0x00004204L, 0x01004004L, 0x00000200L, 0x01000000L, +0x00004204L, 0x01004000L, 0x01004004L, 0x00000204L, +0x00004000L, 0x00000200L, 0x01000000L, 0x01004004L, +0x01000204L, 0x00004204L, 0x00004200L, 0x00000000L, +0x00000200L, 0x01000004L, 0x00000004L, 0x01000200L, +0x00000000L, 0x01000204L, 0x01000200L, 0x00004200L, +0x00000204L, 0x00004000L, 0x01004204L, 0x01000000L, +0x01004200L, 0x00000004L, 0x00004004L, 0x01004204L, +0x01000004L, 0x01004200L, 0x01004000L, 0x00004004L, +},{ +/* nibble 7 */ +0x20800080L, 0x20820000L, 0x00020080L, 0x00000000L, +0x20020000L, 0x00800080L, 0x20800000L, 0x20820080L, +0x00000080L, 0x20000000L, 0x00820000L, 0x00020080L, +0x00820080L, 0x20020080L, 0x20000080L, 0x20800000L, +0x00020000L, 0x00820080L, 0x00800080L, 0x20020000L, +0x20820080L, 0x20000080L, 0x00000000L, 0x00820000L, +0x20000000L, 0x00800000L, 0x20020080L, 0x20800080L, +0x00800000L, 0x00020000L, 0x20820000L, 0x00000080L, +0x00800000L, 0x00020000L, 0x20000080L, 0x20820080L, +0x00020080L, 0x20000000L, 0x00000000L, 0x00820000L, +0x20800080L, 0x20020080L, 0x20020000L, 0x00800080L, +0x20820000L, 0x00000080L, 0x00800080L, 0x20020000L, +0x20820080L, 0x00800000L, 0x20800000L, 0x20000080L, +0x00820000L, 0x00020080L, 0x20020080L, 0x20800000L, +0x00000080L, 0x20820000L, 0x00820080L, 0x00000000L, +0x20000000L, 0x20800080L, 0x00020000L, 0x00820080L, +}}; diff --git a/src/lib/libcrypto/des/str2key.c b/src/lib/libcrypto/des/str2key.c new file mode 100644 index 0000000000..3365c1bcf3 --- /dev/null +++ b/src/lib/libcrypto/des/str2key.c @@ -0,0 +1,171 @@ +/* crypto/des/str2key.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include "des_locl.h" + +extern int des_check_key; + +void des_string_to_key(str, key) +char *str; +des_cblock (*key); + { + des_key_schedule ks; + int i,length; + register unsigned char j; + + memset(key,0,8); + length=strlen(str); +#ifdef OLD_STR_TO_KEY + for (i=0; i>4)&0x0f); + j=((j<<2)&0xcc)|((j>>2)&0x33); + j=((j<<1)&0xaa)|((j>>1)&0x55); + (*key)[7-(i%8)]^=j; + } + } +#endif + des_set_odd_parity((des_cblock *)key); + i=des_check_key; + des_check_key=0; + des_set_key((des_cblock *)key,ks); + des_check_key=i; + des_cbc_cksum((des_cblock *)str,(des_cblock *)key,(long)length,ks, + (des_cblock *)key); + memset(ks,0,sizeof(ks)); + des_set_odd_parity((des_cblock *)key); + } + +void des_string_to_2keys(str, key1, key2) +char *str; +des_cblock (*key1); +des_cblock (*key2); + { + des_key_schedule ks; + int i,length; + register unsigned char j; + + memset(key1,0,8); + memset(key2,0,8); + length=strlen(str); +#ifdef OLD_STR_TO_KEY + if (length <= 8) + { + for (i=0; i>4)&0x0f); + j=((j<<2)&0xcc)|((j>>2)&0x33); + j=((j<<1)&0xaa)|((j>>1)&0x55); + if ((i%16) < 8) + (*key1)[7-(i%8)]^=j; + else + (*key2)[7-(i%8)]^=j; + } + } + if (length <= 8) memcpy(key2,key1,8); +#endif + des_set_odd_parity((des_cblock *)key1); + des_set_odd_parity((des_cblock *)key2); + i=des_check_key; + des_check_key=0; + des_set_key((des_cblock *)key1,ks); + des_cbc_cksum((des_cblock *)str,(des_cblock *)key1,(long)length,ks, + (des_cblock *)key1); + des_set_key((des_cblock *)key2,ks); + des_cbc_cksum((des_cblock *)str,(des_cblock *)key2,(long)length,ks, + (des_cblock *)key2); + des_check_key=i; + memset(ks,0,sizeof(ks)); + des_set_odd_parity(key1); + des_set_odd_parity(key2); + } diff --git a/src/lib/libcrypto/des/xcbc_enc.c b/src/lib/libcrypto/des/xcbc_enc.c new file mode 100644 index 0000000000..031589bf50 --- /dev/null +++ b/src/lib/libcrypto/des/xcbc_enc.c @@ -0,0 +1,206 @@ +/* crypto/des/xcbc_enc.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include "des_locl.h" + +/* RSA's DESX */ + +static unsigned char desx_white_in2out[256]={ +0xBD,0x56,0xEA,0xF2,0xA2,0xF1,0xAC,0x2A,0xB0,0x93,0xD1,0x9C,0x1B,0x33,0xFD,0xD0, +0x30,0x04,0xB6,0xDC,0x7D,0xDF,0x32,0x4B,0xF7,0xCB,0x45,0x9B,0x31,0xBB,0x21,0x5A, +0x41,0x9F,0xE1,0xD9,0x4A,0x4D,0x9E,0xDA,0xA0,0x68,0x2C,0xC3,0x27,0x5F,0x80,0x36, +0x3E,0xEE,0xFB,0x95,0x1A,0xFE,0xCE,0xA8,0x34,0xA9,0x13,0xF0,0xA6,0x3F,0xD8,0x0C, +0x78,0x24,0xAF,0x23,0x52,0xC1,0x67,0x17,0xF5,0x66,0x90,0xE7,0xE8,0x07,0xB8,0x60, +0x48,0xE6,0x1E,0x53,0xF3,0x92,0xA4,0x72,0x8C,0x08,0x15,0x6E,0x86,0x00,0x84,0xFA, +0xF4,0x7F,0x8A,0x42,0x19,0xF6,0xDB,0xCD,0x14,0x8D,0x50,0x12,0xBA,0x3C,0x06,0x4E, +0xEC,0xB3,0x35,0x11,0xA1,0x88,0x8E,0x2B,0x94,0x99,0xB7,0x71,0x74,0xD3,0xE4,0xBF, +0x3A,0xDE,0x96,0x0E,0xBC,0x0A,0xED,0x77,0xFC,0x37,0x6B,0x03,0x79,0x89,0x62,0xC6, +0xD7,0xC0,0xD2,0x7C,0x6A,0x8B,0x22,0xA3,0x5B,0x05,0x5D,0x02,0x75,0xD5,0x61,0xE3, +0x18,0x8F,0x55,0x51,0xAD,0x1F,0x0B,0x5E,0x85,0xE5,0xC2,0x57,0x63,0xCA,0x3D,0x6C, +0xB4,0xC5,0xCC,0x70,0xB2,0x91,0x59,0x0D,0x47,0x20,0xC8,0x4F,0x58,0xE0,0x01,0xE2, +0x16,0x38,0xC4,0x6F,0x3B,0x0F,0x65,0x46,0xBE,0x7E,0x2D,0x7B,0x82,0xF9,0x40,0xB5, +0x1D,0x73,0xF8,0xEB,0x26,0xC7,0x87,0x97,0x25,0x54,0xB1,0x28,0xAA,0x98,0x9D,0xA5, +0x64,0x6D,0x7A,0xD4,0x10,0x81,0x44,0xEF,0x49,0xD6,0xAE,0x2E,0xDD,0x76,0x5C,0x2F, +0xA7,0x1C,0xC9,0x09,0x69,0x9A,0x83,0xCF,0x29,0x39,0xB9,0xE9,0x4C,0xFF,0x43,0xAB, + }; + +void des_xwhite_in2out(des_key,in_white,out_white) +des_cblock (*des_key); +des_cblock (*in_white); +des_cblock (*out_white); + { + unsigned char *key,*in,*out; + int out0,out1; + int i; + + key=(unsigned char *)des_key; + in=(unsigned char *)in_white; + out=(unsigned char *)out_white; + + out[0]=out[1]=out[2]=out[3]=out[4]=out[5]=out[6]=out[7]=0; + out0=out1=0; + for (i=0; i<8; i++) + { + out[i]=key[i]^desx_white_in2out[out0^out1]; + out0=out1; + out1=(int)out[i&0x07]; + } + + out0=out[0]; + out1=out[i]; + for (i=0; i<8; i++) + { + out[i]=in[i]^desx_white_in2out[out0^out1]; + out0=out1; + out1=(int)out[i&0x07]; + } + } + +void des_xcbc_encrypt(input, output, length, schedule, ivec, inw,outw,enc) +des_cblock (*input); +des_cblock (*output); +long length; +des_key_schedule schedule; +des_cblock (*ivec); +des_cblock (*inw); +des_cblock (*outw); +int enc; + { + register DES_LONG tin0,tin1; + register DES_LONG tout0,tout1,xor0,xor1; + register DES_LONG inW0,inW1,outW0,outW1; + register unsigned char *in,*out; + register long l=length; + DES_LONG tin[2]; + unsigned char *iv; + + in=(unsigned char *)inw; + c2l(in,inW0); + c2l(in,inW1); + in=(unsigned char *)outw; + c2l(in,outW0); + c2l(in,outW1); + + in=(unsigned char *)input; + out=(unsigned char *)output; + iv=(unsigned char *)ivec; + + if (enc) + { + c2l(iv,tout0); + c2l(iv,tout1); + for (l-=8; l>=0; l-=8) + { + c2l(in,tin0); + c2l(in,tin1); + tin0^=tout0^inW0; tin[0]=tin0; + tin1^=tout1^inW1; tin[1]=tin1; + des_encrypt((DES_LONG *)tin,schedule,DES_ENCRYPT); + tout0=tin[0]^outW0; l2c(tout0,out); + tout1=tin[1]^outW1; l2c(tout1,out); + } + if (l != -8) + { + c2ln(in,tin0,tin1,l+8); + tin0^=tout0^inW0; tin[0]=tin0; + tin1^=tout1^inW1; tin[1]=tin1; + des_encrypt((DES_LONG *)tin,schedule,DES_ENCRYPT); + tout0=tin[0]^outW0; l2c(tout0,out); + tout1=tin[1]^outW1; l2c(tout1,out); + } + iv=(unsigned char *)ivec; + l2c(tout0,iv); + l2c(tout1,iv); + } + else + { + c2l(iv,xor0); + c2l(iv,xor1); + for (l-=8; l>0; l-=8) + { + c2l(in,tin0); tin[0]=tin0^outW0; + c2l(in,tin1); tin[1]=tin1^outW1; + des_encrypt((DES_LONG *)tin,schedule,DES_DECRYPT); + tout0=tin[0]^xor0^inW0; + tout1=tin[1]^xor1^inW1; + l2c(tout0,out); + l2c(tout1,out); + xor0=tin0; + xor1=tin1; + } + if (l != -8) + { + c2l(in,tin0); tin[0]=tin0^outW0; + c2l(in,tin1); tin[1]=tin1^outW1; + des_encrypt((DES_LONG *)tin,schedule,DES_DECRYPT); + tout0=tin[0]^xor0^inW0; + tout1=tin[1]^xor1^inW1; + l2cn(tout0,tout1,out,l+8); + xor0=tin0; + xor1=tin1; + } + + iv=(unsigned char *)ivec; + l2c(xor0,iv); + l2c(xor1,iv); + } + tin0=tin1=tout0=tout1=xor0=xor1=0; + inW0=inW1=outW0=outW1=0; + tin[0]=tin[1]=0; + } + diff --git a/src/lib/libcrypto/dh/dh.h b/src/lib/libcrypto/dh/dh.h new file mode 100644 index 0000000000..4cc1df2650 --- /dev/null +++ b/src/lib/libcrypto/dh/dh.h @@ -0,0 +1,162 @@ +/* crypto/dh/dh.h */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#ifndef HEADER_DH_H +#define HEADER_DH_H + +#ifdef __cplusplus +extern "C" { +#endif + +#ifndef HEADER_BN_H +#define BIGNUM char +#endif + +typedef struct dh_st + { + /* This first argument is used to pick up errors when + * a DH is passed instead of a EVP_PKEY */ + int pad; + int version; + BIGNUM *p; + BIGNUM *g; + int length; /* optional */ + BIGNUM *pub_key; /* y */ + BIGNUM *priv_key; /* x */ + } DH; + +#define DH_GENERATOR_2 2 +/* #define DH_GENERATOR_3 3 */ +#define DH_GENERATOR_5 5 + +/* DH_check error codes */ +#define DH_CHECK_P_NOT_PRIME 0x01 +#define DH_CHECK_P_NOT_STRONG_PRIME 0x02 +#define DH_UNABLE_TO_CHECK_GENERATOR 0x04 +#define DH_NOT_SUITABLE_GENERATOR 0x08 + +#define DHparams_dup(x) (DH *)ASN1_dup((int (*)())i2d_DHparams, \ + (char *(*)())d2i_DHparams,(char *)(x)) +#define d2i_DHparams_fp(fp,x) (DH *)ASN1_d2i_fp((char *(*)())DH_new, \ + (char *(*)())d2i_DHparams,(fp),(unsigned char **)(x)) +#define i2d_DHparams_fp(fp,x) ASN1_i2d_fp(i2d_DHparams,(fp), \ + (unsigned char *)(x)) +#define d2i_DHparams_bio(bp,x) (DH *)ASN1_d2i_bio((char *(*)())DH_new, \ + (char *(*)())d2i_DHparams,(bp),(unsigned char **)(x)) +#define i2d_DHparams_bio(bp,x) ASN1_i2d_bio(i2d_DHparams,(bp), \ + (unsigned char *)(x)) + +#ifndef NOPROTO +DH * DH_new(void); +void DH_free(DH *dh); +int DH_size(DH *dh); +DH * DH_generate_parameters(int prime_len,int generator, + void (*callback)(int,int,char *),char *cb_arg); +int DH_check(DH *dh,int *codes); +int DH_generate_key(DH *dh); +int DH_compute_key(unsigned char *key,BIGNUM *pub_key,DH *dh); +DH * d2i_DHparams(DH **a,unsigned char **pp, long length); +int i2d_DHparams(DH *a,unsigned char **pp); +#ifndef NO_FP_API +int DHparams_print_fp(FILE *fp, DH *x); +#endif +#ifdef HEADER_BIO_H +int DHparams_print(BIO *bp, DH *x); +#else +int DHparams_print(char *bp, DH *x); +#endif +void ERR_load_DH_strings(void ); + +#else + +DH * DH_new(); +void DH_free(); +int DH_size(); +DH * DH_generate_parameters(); +int DH_check(); +int DH_generate_key(); +int DH_compute_key(); +DH * d2i_DHparams(); +int i2d_DHparams(); +#ifndef NO_FP_API +int DHparams_print_fp(); +#endif +int DHparams_print(); +void ERR_load_DH_strings(); + +#endif + +/* BEGIN ERROR CODES */ +/* Error codes for the DH functions. */ + +/* Function codes. */ +#define DH_F_DHPARAMS_PRINT 100 +#define DH_F_DHPARAMS_PRINT_FP 101 +#define DH_F_DH_COMPUTE_KEY 102 +#define DH_F_DH_GENERATE_KEY 103 +#define DH_F_DH_GENERATE_PARAMETERS 104 +#define DH_F_DH_NEW 105 + +/* Reason codes. */ +#define DH_R_NO_PRIVATE_VALUE 100 + +#ifdef __cplusplus +} +#endif +#endif + diff --git a/src/lib/libcrypto/dh/dh_check.c b/src/lib/libcrypto/dh/dh_check.c new file mode 100644 index 0000000000..65602e494f --- /dev/null +++ b/src/lib/libcrypto/dh/dh_check.c @@ -0,0 +1,120 @@ +/* crypto/dh/dh_check.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include +#include "cryptlib.h" +#include "bn.h" +#include "dh.h" + +/* Check that p is a strong prime and + * if g is 2, 3 or 5, check that is is a suitable generator + * where + * for 2, p mod 24 == 11 + * for 3, p mod 12 == 5 + * for 5, p mod 10 == 3 or 7 + * should hold. + */ + +int DH_check(dh,ret) +DH *dh; +int *ret; + { + int ok=0; + BN_CTX *ctx=NULL; + BN_ULONG l; + BIGNUM *q=NULL; + + *ret=0; + ctx=BN_CTX_new(); + if (ctx == NULL) goto err; + q=BN_new(); + if (q == NULL) goto err; + + if (BN_is_word(dh->g,DH_GENERATOR_2)) + { + l=BN_mod_word(dh->p,24); + if (l != 11) *ret|=DH_NOT_SUITABLE_GENERATOR; + } +/* else if (BN_is_word(dh->g,DH_GENERATOR_3)) + { + l=BN_mod_word(dh->p,12); + if (l != 5) *ret|=DH_NOT_SUITABLE_GENERATOR; + }*/ + else if (BN_is_word(dh->g,DH_GENERATOR_5)) + { + l=BN_mod_word(dh->p,10); + if ((l != 3) && (l != 7)) + *ret|=DH_NOT_SUITABLE_GENERATOR; + } + else + *ret|=DH_UNABLE_TO_CHECK_GENERATOR; + + if (!BN_is_prime(dh->p,BN_prime_checks,NULL,ctx,NULL)) + *ret|=DH_CHECK_P_NOT_PRIME; + else + { + if (!BN_rshift1(q,dh->p)) goto err; + if (!BN_is_prime(q,BN_prime_checks,NULL,ctx,NULL)) + *ret|=DH_CHECK_P_NOT_STRONG_PRIME; + } + ok=1; +err: + if (ctx != NULL) BN_CTX_free(ctx); + if (q != NULL) BN_free(q); + return(ok); + } diff --git a/src/lib/libcrypto/dh/dh_err.c b/src/lib/libcrypto/dh/dh_err.c new file mode 100644 index 0000000000..9d5c06ac24 --- /dev/null +++ b/src/lib/libcrypto/dh/dh_err.c @@ -0,0 +1,96 @@ +/* lib/dh/dh_err.c */ +/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ +#include +#include "err.h" +#include "dh.h" + +/* BEGIN ERROR CODES */ +#ifndef NO_ERR +static ERR_STRING_DATA DH_str_functs[]= + { +{ERR_PACK(0,DH_F_DHPARAMS_PRINT,0), "DHparams_print"}, +{ERR_PACK(0,DH_F_DHPARAMS_PRINT_FP,0), "DHparams_print_fp"}, +{ERR_PACK(0,DH_F_DH_COMPUTE_KEY,0), "DH_compute_key"}, +{ERR_PACK(0,DH_F_DH_GENERATE_KEY,0), "DH_generate_key"}, +{ERR_PACK(0,DH_F_DH_GENERATE_PARAMETERS,0), "DH_generate_parameters"}, +{ERR_PACK(0,DH_F_DH_NEW,0), "DH_new"}, +{0,NULL}, + }; + +static ERR_STRING_DATA DH_str_reasons[]= + { +{DH_R_NO_PRIVATE_VALUE ,"no private value"}, +{0,NULL}, + }; + +#endif + +void ERR_load_DH_strings() + { + static int init=1; + + if (init); + {; + init=0; +#ifndef NO_ERR + ERR_load_strings(ERR_LIB_DH,DH_str_functs); + ERR_load_strings(ERR_LIB_DH,DH_str_reasons); +#endif + + } + } diff --git a/src/lib/libcrypto/dh/dh_gen.c b/src/lib/libcrypto/dh/dh_gen.c new file mode 100644 index 0000000000..04c7046a7b --- /dev/null +++ b/src/lib/libcrypto/dh/dh_gen.c @@ -0,0 +1,150 @@ +/* crypto/dh/dh_gen.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include +#include "cryptlib.h" +#include "bn.h" +#include "dh.h" + +/* We generate DH parameters as follows + * find a prime q which is prime_len/2 bits long. + * p=(2*q)+1 or (p-1)/2 = q + * For this case, g is a generator if + * g^((p-1)/q) mod p != 1 for values of q which are the factors of p-1. + * Since the factors of p-1 are q and 2, we just need to check + * g^2 mod p != 1 and g^q mod p != 1. + * + * Having said all that, + * there is another special case method for the generators 2, 3 and 5. + * for 2, p mod 24 == 11 + * for 3, p mod 12 == 5 <<<<< does not work for strong primes. + * for 5, p mod 10 == 3 or 7 + * + * Thanks to Phil Karn for the pointers about the + * special generators and for answering some of my questions. + * + * I've implemented the second simple method :-). + * Since DH should be using a strong prime (both p and q are prime), + * this generator function can take a very very long time to run. + */ + +DH *DH_generate_parameters(prime_len,generator,callback,cb_arg) +int prime_len; +int generator; +void (*callback)(P_I_I_P); +char *cb_arg; + { + BIGNUM *p=NULL,*t1,*t2; + DH *ret=NULL; + int g,ok= -1; + BN_CTX *ctx=NULL; + + ret=DH_new(); + ctx=BN_CTX_new(); + if (ctx == NULL) goto err; + t1=ctx->bn[0]; + t2=ctx->bn[1]; + ctx->tos=2; + + if (generator == DH_GENERATOR_2) + { + BN_set_word(t1,24); + BN_set_word(t2,11); + g=2; + } +#ifdef undef /* does not work for strong primes */ + else if (generator == DH_GENERATOR_3) + { + BN_set_word(t1,12); + BN_set_word(t2,5); + g=3; + } +#endif + else if (generator == DH_GENERATOR_5) + { + BN_set_word(t1,10); + BN_set_word(t2,3); + /* BN_set_word(t3,7); just have to miss + * out on these ones :-( */ + g=5; + } + else + g=generator; + + p=BN_generate_prime(prime_len,1,t1,t2,callback,cb_arg); + if (p == NULL) goto err; + if (callback != NULL) callback(3,0,cb_arg); + ret->p=p; + ret->g=BN_new(); + if (!BN_set_word(ret->g,g)) goto err; + ok=1; +err: + if (ok == -1) + { + DHerr(DH_F_DH_GENERATE_PARAMETERS,ERR_R_BN_LIB); + ok=0; + } + + if (ctx != NULL) BN_CTX_free(ctx); + if (!ok && (ret != NULL)) + { + DH_free(ret); + ret=NULL; + } + return(ret); + } diff --git a/src/lib/libcrypto/dh/dh_key.c b/src/lib/libcrypto/dh/dh_key.c new file mode 100644 index 0000000000..7576772bcd --- /dev/null +++ b/src/lib/libcrypto/dh/dh_key.c @@ -0,0 +1,142 @@ +/* crypto/dh/dh_key.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include +#include "cryptlib.h" +#include "bn.h" +#include "rand.h" +#include "dh.h" + +int DH_generate_key(dh) +DH *dh; + { + int ok=0; + unsigned int i; + BN_CTX *ctx=NULL; + BIGNUM *pub_key=NULL,*priv_key=NULL; + + ctx=BN_CTX_new(); + if (ctx == NULL) goto err; + + if (dh->priv_key == NULL) + { + i=dh->length; + if (i == 0) + { + /* Make the number p-1 bits long */ + i=BN_num_bits(dh->p)-1; + } + priv_key=BN_new(); + if (priv_key == NULL) goto err; + if (!BN_rand(priv_key,i,0,0)) goto err; + } + else + priv_key=dh->priv_key; + + if (dh->pub_key == NULL) + { + pub_key=BN_new(); + if (pub_key == NULL) goto err; + } + else + pub_key=dh->pub_key; + + if (!BN_mod_exp(pub_key,dh->g,priv_key,dh->p,ctx)) goto err; + + dh->pub_key=pub_key; + dh->priv_key=priv_key; + ok=1; +err: + if (ok != 1) + DHerr(DH_F_DH_GENERATE_KEY,ERR_R_BN_LIB); + + if ((pub_key != NULL) && (dh->pub_key == NULL)) BN_free(pub_key); + if ((priv_key != NULL) && (dh->priv_key == NULL)) BN_free(priv_key); + if (ctx != NULL) BN_CTX_free(ctx); + return(ok); + } + +int DH_compute_key(key,pub_key,dh) +unsigned char *key; +BIGNUM *pub_key; +DH *dh; + { + BN_CTX *ctx; + BIGNUM *tmp; + int ret= -1; + + ctx=BN_CTX_new(); + if (ctx == NULL) goto err; + tmp=ctx->bn[ctx->tos++]; + + if (dh->priv_key == NULL) + { + DHerr(DH_F_DH_COMPUTE_KEY,DH_R_NO_PRIVATE_VALUE); + goto err; + } + if (!BN_mod_exp(tmp,pub_key,dh->priv_key,dh->p,ctx)) + { + DHerr(DH_F_DH_COMPUTE_KEY,ERR_R_BN_LIB); + goto err; + } + + ret=BN_bn2bin(tmp,key); +err: + if (ctx != NULL) BN_CTX_free(ctx); + return(ret); + } diff --git a/src/lib/libcrypto/dh/dh_lib.c b/src/lib/libcrypto/dh/dh_lib.c new file mode 100644 index 0000000000..a300b38396 --- /dev/null +++ b/src/lib/libcrypto/dh/dh_lib.c @@ -0,0 +1,100 @@ +/* crypto/dh/dh_lib.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include +#include "cryptlib.h" +#include "bn.h" +#include "dh.h" + +char *DH_version="Diffie-Hellman part of SSLeay 0.9.0b 29-Jun-1998"; + +DH *DH_new() + { + DH *ret; + + ret=(DH *)Malloc(sizeof(DH)); + if (ret == NULL) + { + DHerr(DH_F_DH_NEW,ERR_R_MALLOC_FAILURE); + return(NULL); + } + ret->pad=0; + ret->version=0; + ret->p=NULL; + ret->g=NULL; + ret->length=0; + ret->pub_key=NULL; + ret->priv_key=NULL; + return(ret); + } + +void DH_free(r) +DH *r; + { + if (r->p != NULL) BN_clear_free(r->p); + if (r->g != NULL) BN_clear_free(r->g); + if (r->pub_key != NULL) BN_clear_free(r->pub_key); + if (r->priv_key != NULL) BN_clear_free(r->priv_key); + Free(r); + } + +int DH_size(dh) +DH *dh; + { + return(BN_num_bytes(dh->p)); + } diff --git a/src/lib/libcrypto/dsa/dsa.h b/src/lib/libcrypto/dsa/dsa.h new file mode 100644 index 0000000000..1ca87c1cbe --- /dev/null +++ b/src/lib/libcrypto/dsa/dsa.h @@ -0,0 +1,194 @@ +/* crypto/dsa/dsa.h */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +/* + * The DSS routines are based on patches supplied by + * Steven Schoch . He basically did the + * work and I have just tweaked them a little to fit into my + * stylistic vision for SSLeay :-) */ + +#ifndef HEADER_DSA_H +#define HEADER_DSA_H + +#ifdef __cplusplus +extern "C" { +#endif + +#include "bn.h" + +typedef struct dsa_st + { + /* This first variable is used to pick up errors where + * a DSA is passed instead of of a EVP_PKEY */ + int pad; + int version; + int write_params; + BIGNUM *p; + BIGNUM *q; /* == 20 */ + BIGNUM *g; + + BIGNUM *pub_key; /* y public key */ + BIGNUM *priv_key; /* x private key */ + + BIGNUM *kinv; /* Signing pre-calc */ + BIGNUM *r; /* Signing pre-calc */ + + int references; + } DSA; + +#define DSAparams_dup(x) (DSA *)ASN1_dup((int (*)())i2d_DSAparams, \ + (char *(*)())d2i_DSAparams,(char *)(x)) +#define d2i_DSAparams_fp(fp,x) (DSA *)ASN1_d2i_fp((char *(*)())DSA_new, \ + (char *(*)())d2i_DSAparams,(fp),(unsigned char **)(x)) +#define i2d_DSAparams_fp(fp,x) ASN1_i2d_fp(i2d_DSAparams,(fp), \ + (unsigned char *)(x)) +#define d2i_DSAparams_bio(bp,x) (DSA *)ASN1_d2i_bio((char *(*)())DSA_new, \ + (char *(*)())d2i_DSAparams,(bp),(unsigned char **)(x)) +#define i2d_DSAparams_bio(bp,x) ASN1_i2d_bio(i2d_DSAparams,(bp), \ + (unsigned char *)(x)) + +#ifndef NOPROTO + +DSA * DSA_new(void); +int DSA_size(DSA *); + /* next 4 return -1 on error */ +int DSA_sign_setup( DSA *dsa,BN_CTX *ctx_in,BIGNUM **kinvp,BIGNUM **rp); +int DSA_sign(int type,unsigned char *dgst,int dlen, + unsigned char *sig, unsigned int *siglen, DSA *dsa); +int DSA_verify(int type,unsigned char *dgst,int dgst_len, + unsigned char *sigbuf, int siglen, DSA *dsa); +void DSA_free (DSA *r); + +void ERR_load_DSA_strings(void ); + +DSA * d2i_DSAPublicKey(DSA **a, unsigned char **pp, long length); +DSA * d2i_DSAPrivateKey(DSA **a, unsigned char **pp, long length); +DSA * d2i_DSAparams(DSA **a, unsigned char **pp, long length); +DSA * DSA_generate_parameters(int bits, unsigned char *seed,int seed_len, + int *counter_ret, unsigned long *h_ret,void + (*callback)(),char *cb_arg); +int DSA_generate_key(DSA *a); +int i2d_DSAPublicKey(DSA *a, unsigned char **pp); +int i2d_DSAPrivateKey(DSA *a, unsigned char **pp); +int i2d_DSAparams(DSA *a,unsigned char **pp); + +#ifdef HEADER_BIO_H +int DSAparams_print(BIO *bp, DSA *x); +int DSA_print(BIO *bp, DSA *x, int off); +#endif +#ifndef NO_FP_API +int DSAparams_print_fp(FILE *fp, DSA *x); +int DSA_print_fp(FILE *bp, DSA *x, int off); +#endif + +int DSA_is_prime(BIGNUM *q,void (*callback)(),char *cb_arg); + +#else + +DSA * DSA_new(); +int DSA_size(); +int DSA_sign_setup(); +int DSA_sign(); +int DSA_verify(); +void DSA_free (); + +void ERR_load_DSA_strings(); + +DSA * d2i_DSAPublicKey(); +DSA * d2i_DSAPrivateKey(); +DSA * d2i_DSAparams(); +DSA * DSA_generate_parameters(); +int DSA_generate_key(); +int i2d_DSAPublicKey(); +int i2d_DSAPrivateKey(); +int i2d_DSAparams(); + +int DSA_is_prime(); + +int DSAparams_print(); +int DSA_print(); + +#ifndef NO_FP_API +int DSAparams_print_fp(); +int DSA_print_fp(); +#endif + +#endif + +/* BEGIN ERROR CODES */ +/* Error codes for the DSA functions. */ + +/* Function codes. */ +#define DSA_F_DSAPARAMS_PRINT 100 +#define DSA_F_DSAPARAMS_PRINT_FP 101 +#define DSA_F_DSA_IS_PRIME 102 +#define DSA_F_DSA_NEW 103 +#define DSA_F_DSA_PRINT 104 +#define DSA_F_DSA_PRINT_FP 105 +#define DSA_F_DSA_SIGN 106 +#define DSA_F_DSA_SIGN_SETUP 107 +#define DSA_F_DSA_VERIFY 108 + +/* Reason codes. */ +#define DSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE 100 + +#ifdef __cplusplus +} +#endif +#endif + diff --git a/src/lib/libcrypto/dsa/dsa_err.c b/src/lib/libcrypto/dsa/dsa_err.c new file mode 100644 index 0000000000..318e9f31aa --- /dev/null +++ b/src/lib/libcrypto/dsa/dsa_err.c @@ -0,0 +1,99 @@ +/* lib/dsa/dsa_err.c */ +/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ +#include +#include "err.h" +#include "dsa.h" + +/* BEGIN ERROR CODES */ +#ifndef NO_ERR +static ERR_STRING_DATA DSA_str_functs[]= + { +{ERR_PACK(0,DSA_F_DSAPARAMS_PRINT,0), "DSAparams_print"}, +{ERR_PACK(0,DSA_F_DSAPARAMS_PRINT_FP,0), "DSAparams_print_fp"}, +{ERR_PACK(0,DSA_F_DSA_IS_PRIME,0), "DSA_is_prime"}, +{ERR_PACK(0,DSA_F_DSA_NEW,0), "DSA_new"}, +{ERR_PACK(0,DSA_F_DSA_PRINT,0), "DSA_print"}, +{ERR_PACK(0,DSA_F_DSA_PRINT_FP,0), "DSA_print_fp"}, +{ERR_PACK(0,DSA_F_DSA_SIGN,0), "DSA_sign"}, +{ERR_PACK(0,DSA_F_DSA_SIGN_SETUP,0), "DSA_sign_setup"}, +{ERR_PACK(0,DSA_F_DSA_VERIFY,0), "DSA_verify"}, +{0,NULL}, + }; + +static ERR_STRING_DATA DSA_str_reasons[]= + { +{DSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE ,"data too large for key size"}, +{0,NULL}, + }; + +#endif + +void ERR_load_DSA_strings() + { + static int init=1; + + if (init); + {; + init=0; +#ifndef NO_ERR + ERR_load_strings(ERR_LIB_DSA,DSA_str_functs); + ERR_load_strings(ERR_LIB_DSA,DSA_str_reasons); +#endif + + } + } diff --git a/src/lib/libcrypto/dsa/dsa_gen.c b/src/lib/libcrypto/dsa/dsa_gen.c new file mode 100644 index 0000000000..d7d30bf90a --- /dev/null +++ b/src/lib/libcrypto/dsa/dsa_gen.c @@ -0,0 +1,328 @@ +/* crypto/dsa/dsa_gen.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#undef GENUINE_DSA + +#ifdef GENUINE_DSA +#define HASH SHA +#else +#define HASH SHA1 +#endif + +#include +#include +#include "cryptlib.h" +#include "sha.h" +#include "bn.h" +#include "dsa.h" +#include "rand.h" + +DSA *DSA_generate_parameters(bits,seed_in,seed_len,counter_ret,h_ret,callback, + cb_arg) +int bits; +unsigned char *seed_in; +int seed_len; +int *counter_ret; +unsigned long *h_ret; +void (*callback)(); +char *cb_arg; + { + int ok=0; + unsigned char seed[SHA_DIGEST_LENGTH]; + unsigned char md[SHA_DIGEST_LENGTH]; + unsigned char buf[SHA_DIGEST_LENGTH],buf2[SHA_DIGEST_LENGTH]; + BIGNUM *r0,*W,*X,*c,*test; + BIGNUM *g=NULL,*q=NULL,*p=NULL; + int k,n=0,i,b,m=0; + int counter=0; + BN_CTX *ctx=NULL,*ctx2=NULL; + unsigned int h=2; + DSA *ret=NULL; + + if (bits < 512) bits=512; + bits=(bits+63)/64*64; + + if ((seed_in != NULL) && (seed_len == 20)) + memcpy(seed,seed_in,seed_len); + + ctx=BN_CTX_new(); + if (ctx == NULL) goto err; + ctx2=BN_CTX_new(); + if (ctx2 == NULL) goto err; + ret=DSA_new(); + if (ret == NULL) goto err; + r0=ctx2->bn[0]; + g=ctx2->bn[1]; + W=ctx2->bn[2]; + q=ctx2->bn[3]; + X=ctx2->bn[4]; + c=ctx2->bn[5]; + p=ctx2->bn[6]; + test=ctx2->bn[7]; + + BN_lshift(test,BN_value_one(),bits-1); + + for (;;) + { + for (;;) + { + /* step 1 */ + if (callback != NULL) callback(0,m++,cb_arg); + + if (!seed_len) + RAND_bytes(seed,SHA_DIGEST_LENGTH); + else + seed_len=0; + + memcpy(buf,seed,SHA_DIGEST_LENGTH); + memcpy(buf2,seed,SHA_DIGEST_LENGTH); + for (i=SHA_DIGEST_LENGTH-1; i >= 0; i--) + { + buf[i]++; + if (buf[i] != 0) break; + } + + /* step 2 */ + HASH(seed,SHA_DIGEST_LENGTH,md); + HASH(buf,SHA_DIGEST_LENGTH,buf2); + for (i=0; i 0) break; + /* do a callback call */ + /* step 5 */ + } + + if (callback != NULL) callback(2,0,cb_arg); + if (callback != NULL) callback(3,0,cb_arg); + + /* step 6 */ + counter=0; + + n=(bits-1)/160; + b=(bits-1)-n*160; + + for (;;) + { + /* step 7 */ + BN_zero(W); + for (k=0; k<=n; k++) + { + for (i=SHA_DIGEST_LENGTH-1; i >= 0; i--) + { + buf[i]++; + if (buf[i] != 0) break; + } + + HASH(buf,SHA_DIGEST_LENGTH,md); + + /* step 8 */ + if (!BN_bin2bn(md,SHA_DIGEST_LENGTH,r0)) abort(); + BN_lshift(r0,r0,160*k); + BN_add(W,W,r0); + } + + /* more of step 8 */ + BN_mask_bits(W,bits-1); + BN_copy(X,W); /* this should be ok */ + BN_add(X,X,test); /* this should be ok */ + + /* step 9 */ + BN_lshift1(r0,q); + BN_mod(c,X,r0,ctx); + BN_sub(r0,c,BN_value_one()); + BN_sub(p,X,r0); + + /* step 10 */ + if (BN_cmp(p,test) >= 0) + { + /* step 11 */ + if (DSA_is_prime(p,callback,cb_arg) > 0) + goto end; + } + + /* step 13 */ + counter++; + + /* step 14 */ + if (counter >= 4096) break; + + if (callback != NULL) callback(0,counter,cb_arg); + } + } +end: + if (callback != NULL) callback(2,1,cb_arg); + + /* We now need to gernerate g */ + /* Set r0=(p-1)/q */ + BN_sub(test,p,BN_value_one()); + BN_div(r0,NULL,test,q,ctx); + + BN_set_word(test,h); + for (;;) + { + /* g=test^r0%p */ + BN_mod_exp(g,test,r0,p,ctx); + if (!BN_is_one(g)) break; + BN_add(test,test,BN_value_one()); + h++; + } + + if (callback != NULL) callback(3,1,cb_arg); + + ok=1; +err: + if (!ok) + { + if (ret != NULL) DSA_free(ret); + } + else + { + ret->p=BN_dup(p); + ret->q=BN_dup(q); + ret->g=BN_dup(g); + if ((m > 1) && (seed_in != NULL)) memcpy(seed_in,seed,20); + if (counter_ret != NULL) *counter_ret=counter; + if (h_ret != NULL) *h_ret=h; + } + BN_CTX_free(ctx); + BN_CTX_free(ctx2); + return(ok?ret:NULL); + } + +int DSA_is_prime(w, callback,cb_arg) +BIGNUM *w; +void (*callback)(); +char *cb_arg; + { + int ok= -1,j,i,n; + BN_CTX *ctx=NULL,*ctx2=NULL; + BIGNUM *w_1,*b,*m,*z; + int a; + + if (!BN_is_bit_set(w,0)) return(0); + + ctx=BN_CTX_new(); + if (ctx == NULL) goto err; + ctx2=BN_CTX_new(); + if (ctx2 == NULL) goto err; + + m= ctx2->bn[2]; + b= ctx2->bn[3]; + z= ctx2->bn[4]; + w_1=ctx2->bn[5]; + + /* step 1 */ + n=50; + + /* step 2 */ + if (!BN_sub(w_1,w,BN_value_one())) goto err; + for (a=1; !BN_is_bit_set(w_1,a); a++) + ; + if (!BN_rshift(m,w_1,a)) goto err; + + for (i=1; i < n; i++) + { + /* step 3 */ + BN_rand(b,BN_num_bits(w)-2/*-1*/,0,0); + BN_set_word(b,0x10001L); + + /* step 4 */ + j=0; + if (!BN_mod_exp(z,b,m,w,ctx)) goto err; + + /* step 5 */ + for (;;) + { + if (((j == 0) && BN_is_one(z)) || (BN_cmp(z,w_1) == 0)) + break; + + /* step 6 */ + if ((j > 0) && BN_is_one(z)) + { + ok=0; + goto err; + } + + j++; + if (j >= a) + { + ok=0; + goto err; + } + + if (!BN_mod_mul(z,z,z,w,ctx)) goto err; + if (callback != NULL) callback(1,j,cb_arg); + } + } + + ok=1; +err: + if (ok == -1) DSAerr(DSA_F_DSA_IS_PRIME,ERR_R_BN_LIB); + BN_CTX_free(ctx); + BN_CTX_free(ctx2); + + return(ok); + } + diff --git a/src/lib/libcrypto/dsa/dsa_key.c b/src/lib/libcrypto/dsa/dsa_key.c new file mode 100644 index 0000000000..d51ed9395f --- /dev/null +++ b/src/lib/libcrypto/dsa/dsa_key.c @@ -0,0 +1,112 @@ +/* crypto/dsa/dsa_key.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include +#include +#include "cryptlib.h" +#include "sha.h" +#include "bn.h" +#include "dsa.h" +#include "rand.h" + +int DSA_generate_key(dsa) +DSA *dsa; + { + int ok=0; + unsigned int i; + BN_CTX *ctx=NULL; + BIGNUM *pub_key=NULL,*priv_key=NULL; + + if ((ctx=BN_CTX_new()) == NULL) goto err; + + if (dsa->priv_key == NULL) + { + if ((priv_key=BN_new()) == NULL) goto err; + } + else + priv_key=dsa->priv_key; + + i=BN_num_bits(dsa->q); + for (;;) + { + BN_rand(priv_key,i,1,0); + if (BN_cmp(priv_key,dsa->q) >= 0) + BN_sub(priv_key,priv_key,dsa->q); + if (!BN_is_zero(priv_key)) break; + } + + if (dsa->pub_key == NULL) + { + if ((pub_key=BN_new()) == NULL) goto err; + } + else + pub_key=dsa->pub_key; + + if (!BN_mod_exp(pub_key,dsa->g,priv_key,dsa->p,ctx)) goto err; + + dsa->priv_key=priv_key; + dsa->pub_key=pub_key; + ok=1; + +err: + if ((pub_key != NULL) && (dsa->pub_key == NULL)) BN_free(pub_key); + if ((priv_key != NULL) && (dsa->priv_key == NULL)) BN_free(priv_key); + if (ctx != NULL) BN_CTX_free(ctx); + return(ok); + } + diff --git a/src/lib/libcrypto/dsa/dsa_lib.c b/src/lib/libcrypto/dsa/dsa_lib.c new file mode 100644 index 0000000000..b647257f9f --- /dev/null +++ b/src/lib/libcrypto/dsa/dsa_lib.c @@ -0,0 +1,145 @@ +/* crypto/dsa/dsa_lib.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +/* Origional version from Steven Schoch */ + +#include +#include "cryptlib.h" +#include "bn.h" +#include "dsa.h" +#include "asn1.h" + +char *DSA_version="\0DSA part of SSLeay 0.9.0b 29-Jun-1998"; + +DSA *DSA_new() + { + DSA *ret; + + ret=(DSA *)Malloc(sizeof(DSA)); + if (ret == NULL) + { + DSAerr(DSA_F_DSA_NEW,ERR_R_MALLOC_FAILURE); + return(NULL); + } + ret->pad=0; + ret->version=0; + ret->write_params=1; + ret->p=NULL; + ret->q=NULL; + ret->g=NULL; + + ret->pub_key=NULL; + ret->priv_key=NULL; + + ret->kinv=NULL; + ret->r=NULL; + + ret->references=1; + return(ret); + } + +void DSA_free(r) +DSA *r; + { + int i; + + if (r == NULL) return; + + i=CRYPTO_add(&r->references,-1,CRYPTO_LOCK_DSA); +#ifdef REF_PRINT + REF_PRINT("DSA",r); +#endif + if (i > 0) return; +#ifdef REF_CHECK + if (i < 0) + { + fprintf(stderr,"DSA_free, bad reference count\n"); + abort(); + } +#endif + + if (r->p != NULL) BN_clear_free(r->p); + if (r->q != NULL) BN_clear_free(r->q); + if (r->g != NULL) BN_clear_free(r->g); + if (r->pub_key != NULL) BN_clear_free(r->pub_key); + if (r->priv_key != NULL) BN_clear_free(r->priv_key); + if (r->kinv != NULL) BN_clear_free(r->kinv); + if (r->r != NULL) BN_clear_free(r->r); + Free(r); + } + +int DSA_size(r) +DSA *r; + { + int ret,i; + ASN1_INTEGER bs; + unsigned char buf[4]; + + i=BN_num_bits(r->q); + bs.length=(i+7)/8; + bs.data=buf; + bs.type=V_ASN1_INTEGER; + /* If the top bit is set the asn1 encoding is 1 larger. */ + buf[0]=0xff; + + i=i2d_ASN1_INTEGER(&bs,NULL); + i+=i; /* r and s */ + ret=ASN1_object_size(1,i,V_ASN1_SEQUENCE); + return(ret); + } + diff --git a/src/lib/libcrypto/dsa/dsa_sign.c b/src/lib/libcrypto/dsa/dsa_sign.c new file mode 100644 index 0000000000..6ca1c318f2 --- /dev/null +++ b/src/lib/libcrypto/dsa/dsa_sign.c @@ -0,0 +1,215 @@ +/* crypto/dsa/dsa_sign.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +/* Origional version from Steven Schoch */ + +#include +#include "cryptlib.h" +#include "bn.h" +#include "dsa.h" +#include "rand.h" +#include "asn1.h" + +/* data has already been hashed (probably with SHA or SHA-1). */ +/* DSAerr(DSA_F_DSA_SIGN,DSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE); */ + +int DSA_sign(type,dgst,dlen,sig,siglen,dsa) +int type; +unsigned char *dgst; +int dlen; +unsigned char *sig; /* out */ +unsigned int *siglen; /* out */ +DSA *dsa; + { + BIGNUM *kinv=NULL,*r=NULL; + BIGNUM *m=NULL; + BIGNUM *xr=NULL,*s=NULL; + BN_CTX *ctx=NULL; + unsigned char *p; + int i,len=0,ret=0,reason=ERR_R_BN_LIB; + ASN1_INTEGER rbs,sbs; + MS_STATIC unsigned char rbuf[50]; /* assuming r is 20 bytes +extra */ + MS_STATIC unsigned char sbuf[50]; /* assuming s is 20 bytes +extra */ + + i=BN_num_bytes(dsa->q); /* should be 20 */ + if ((dlen > i) || (dlen > 50)) + { + reason=DSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE; + goto err; + } + + ctx=BN_CTX_new(); + if (ctx == NULL) goto err; + + if ((dsa->kinv == NULL) || (dsa->r == NULL)) + { + if (!DSA_sign_setup(dsa,ctx,&kinv,&r)) goto err; + } + else + { + kinv=dsa->kinv; + dsa->kinv=NULL; + r=dsa->r; + dsa->r=NULL; + } + + m=BN_new(); + xr=BN_new(); + s=BN_new(); + if (m == NULL || xr == NULL || s == NULL) goto err; + + if (BN_bin2bn(dgst,dlen,m) == NULL) goto err; + + /* Compute s = inv(k) (m + xr) mod q */ + if (!BN_mul(xr, dsa->priv_key, r)) goto err; /* s = xr */ + if (!BN_add(s, xr, m)) goto err; /* s = m + xr */ + if (!BN_mod_mul(s,s,kinv,dsa->q,ctx)) goto err; + + /* + * Now create a ASN.1 sequence of the integers R and S. + */ + rbs.data=rbuf; + sbs.data=sbuf; + rbs.type = V_ASN1_INTEGER; + sbs.type = V_ASN1_INTEGER; + rbs.length=BN_bn2bin(r,rbs.data); + sbs.length=BN_bn2bin(s,sbs.data); + + len =i2d_ASN1_INTEGER(&rbs,NULL); + len+=i2d_ASN1_INTEGER(&sbs,NULL); + + p=sig; + ASN1_put_object(&p,1,len,V_ASN1_SEQUENCE,V_ASN1_UNIVERSAL); + i2d_ASN1_INTEGER(&rbs,&p); + i2d_ASN1_INTEGER(&sbs,&p); + *siglen=(p-sig); + ret=1; +err: + if (!ret) DSAerr(DSA_F_DSA_SIGN,reason); + +#if 1 /* do the right thing :-) */ + if (kinv != NULL) BN_clear_free(kinv); + if (r != NULL) BN_clear_free(r); +#endif + if (ctx != NULL) BN_CTX_free(ctx); + if (m != NULL) BN_clear_free(m); + if (xr != NULL) BN_clear_free(xr); + if (s != NULL) BN_clear_free(s); + return(ret); + } + +int DSA_sign_setup(dsa,ctx_in,kinvp,rp) +DSA *dsa; +BN_CTX *ctx_in; +BIGNUM **kinvp; +BIGNUM **rp; + { + BN_CTX *ctx; + BIGNUM *k=NULL,*kinv=NULL,*r=NULL; + int ret=0; + + if (ctx_in == NULL) + { + if ((ctx=BN_CTX_new()) == NULL) goto err; + } + else + ctx=ctx_in; + + r=BN_new(); + k=BN_new(); + if ((r == NULL) || (k == NULL)) + goto err; + kinv=NULL; + + if (r == NULL) goto err; + + /* Get random k */ + for (;;) + { + if (!BN_rand(k, BN_num_bits(dsa->q), 1, 0)) goto err; + if (BN_cmp(k,dsa->q) >= 0) + BN_sub(k,k,dsa->q); + if (!BN_is_zero(k)) break; + } + + /* Compute r = (g^k mod p) mod q */ + if (!BN_mod_exp(r,dsa->g,k,dsa->p,ctx)) goto err; + if (!BN_mod(r,r,dsa->q,ctx)) goto err; + + /* Compute part of 's = inv(k) (m + xr) mod q' */ + if ((kinv=BN_mod_inverse(k,dsa->q,ctx)) == NULL) goto err; + + if (*kinvp != NULL) BN_clear_free(*kinvp); + *kinvp=kinv; + kinv=NULL; + if (*rp != NULL) BN_clear_free(*rp); + *rp=r; + ret=1; +err: + if (!ret) + { + DSAerr(DSA_F_DSA_SIGN_SETUP,ERR_R_BN_LIB); + if (kinv != NULL) BN_clear_free(kinv); + if (r != NULL) BN_clear_free(r); + } + if (ctx_in == NULL) BN_CTX_free(ctx); + if (k != NULL) BN_clear_free(k); + if (kinv != NULL) BN_clear_free(kinv); + return(ret); + } + diff --git a/src/lib/libcrypto/dsa/dsa_vrf.c b/src/lib/libcrypto/dsa/dsa_vrf.c new file mode 100644 index 0000000000..0f860984ed --- /dev/null +++ b/src/lib/libcrypto/dsa/dsa_vrf.c @@ -0,0 +1,152 @@ +/* crypto/dsa/dsa_vrf.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +/* Origional version from Steven Schoch */ + +#include +#include "cryptlib.h" +#include "bn.h" +#include "dsa.h" +#include "rand.h" +#include "asn1.h" +#include "asn1_mac.h" + +/* data has already been hashed (probably with SHA or SHA-1). */ +/* returns + * 1: correct signature + * 0: incorrect signature + * -1: error + */ +int DSA_verify(type,dgst,dgst_len,sigbuf,siglen, dsa) +int type; +unsigned char *dgst; +int dgst_len; +unsigned char *sigbuf; +int siglen; +DSA *dsa; + { + /* The next 3 are used by the M_ASN1 macros */ + long length=siglen; + ASN1_CTX c; + unsigned char **pp= &sigbuf; + BN_CTX *ctx; + BIGNUM *r=NULL; + BIGNUM *t1=NULL,*t2=NULL; + BIGNUM *u1=NULL,*u2=NULL; + ASN1_INTEGER *bs=NULL; + int ret = -1; + + ctx=BN_CTX_new(); + if (ctx == NULL) goto err; + + t1=BN_new(); + t2=BN_new(); + if (t1 == NULL || t2 == NULL) goto err; + + M_ASN1_D2I_Init(); + M_ASN1_D2I_start_sequence(); + M_ASN1_D2I_get(bs,d2i_ASN1_INTEGER); + if ((r=BN_bin2bn(bs->data,bs->length,NULL)) == NULL) goto err_bn; + M_ASN1_D2I_get(bs,d2i_ASN1_INTEGER); + if ((u1=BN_bin2bn(bs->data,bs->length,NULL)) == NULL) goto err_bn; + if (!asn1_Finish(&c)) goto err; + + /* Calculate W = inv(S) mod Q + * save W in u2 */ + if ((u2=BN_mod_inverse(u1,dsa->q,ctx)) == NULL) goto err_bn; + + /* save M in u1 */ + if (BN_bin2bn(dgst,dgst_len,u1) == NULL) goto err_bn; + + /* u1 = M * w mod q */ + if (!BN_mod_mul(u1,u1,u2,dsa->q,ctx)) goto err_bn; + + /* u2 = r * w mod q */ + if (!BN_mod_mul(u2,r,u2,dsa->q,ctx)) goto err_bn; + + /* v = ( g^u1 * y^u2 mod p ) mod q */ + /* let t1 = g ^ u1 mod p */ + if (!BN_mod_exp(t1,dsa->g,u1,dsa->p,ctx)) goto err_bn; + /* let t2 = y ^ u2 mod p */ + if (!BN_mod_exp(t2,dsa->pub_key,u2,dsa->p,ctx)) goto err_bn; + /* let u1 = t1 * t2 mod p */ + if (!BN_mod_mul(u1,t1,t2,dsa->p,ctx)) goto err_bn; + /* let u1 = u1 mod q */ + if (!BN_mod(u1,u1,dsa->q,ctx)) goto err_bn; + /* V is now in u1. If the signature is correct, it will be + * equal to R. */ + ret=(BN_ucmp(u1, r) == 0); + if (0) + { +err: /* ASN1 error */ + DSAerr(DSA_F_DSA_VERIFY,c.error); + } + if (0) + { +err_bn: /* BN error */ + DSAerr(DSA_F_DSA_VERIFY,ERR_R_BN_LIB); + } + if (ctx != NULL) BN_CTX_free(ctx); + if (r != NULL) BN_free(r); + if (t1 != NULL) BN_free(t1); + if (t2 != NULL) BN_free(t2); + if (u1 != NULL) BN_free(u1); + if (u2 != NULL) BN_free(u2); + if (bs != NULL) ASN1_BIT_STRING_free(bs); + return(ret); + } diff --git a/src/lib/libcrypto/err/err.c b/src/lib/libcrypto/err/err.c new file mode 100644 index 0000000000..5aef6a1259 --- /dev/null +++ b/src/lib/libcrypto/err/err.c @@ -0,0 +1,642 @@ +/* crypto/err/err.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include +#include "lhash.h" +#include "crypto.h" +#include "cryptlib.h" +#include "buffer.h" +#include "err.h" +#include "crypto.h" + + +static LHASH *error_hash=NULL; +static LHASH *thread_hash=NULL; + +#ifndef NOPROTO +static unsigned long err_hash(ERR_STRING_DATA *a); +static int err_cmp(ERR_STRING_DATA *a, ERR_STRING_DATA *b); +static unsigned long pid_hash(ERR_STATE *pid); +static int pid_cmp(ERR_STATE *a,ERR_STATE *pid); +static unsigned long get_error_values(int inc,char **file,int *line, + char **data,int *flags); +static void ERR_STATE_free(ERR_STATE *s); +#else +static unsigned long err_hash(); +static int err_cmp(); +static unsigned long pid_hash(); +static int pid_cmp(); +static void ERR_STATE_free(); +ERR_STATE *s; +#endif + +#ifndef NO_ERR +static ERR_STRING_DATA ERR_str_libraries[]= + { +{ERR_PACK(ERR_LIB_NONE,0,0) ,"unknown library"}, +{ERR_PACK(ERR_LIB_SYS,0,0) ,"system library"}, +{ERR_PACK(ERR_LIB_BN,0,0) ,"bignum routines"}, +{ERR_PACK(ERR_LIB_RSA,0,0) ,"rsa routines"}, +{ERR_PACK(ERR_LIB_DH,0,0) ,"Diffie-Hellman routines"}, +{ERR_PACK(ERR_LIB_EVP,0,0) ,"digital envelope routines"}, +{ERR_PACK(ERR_LIB_BUF,0,0) ,"memory buffer routines"}, +{ERR_PACK(ERR_LIB_BIO,0,0) ,"BIO routines"}, +{ERR_PACK(ERR_LIB_OBJ,0,0) ,"object identifier routines"}, +{ERR_PACK(ERR_LIB_PEM,0,0) ,"PEM routines"}, +{ERR_PACK(ERR_LIB_ASN1,0,0) ,"asn1 encoding routines"}, +{ERR_PACK(ERR_LIB_X509,0,0) ,"x509 certificate routines"}, +{ERR_PACK(ERR_LIB_CONF,0,0) ,"configuation file routines"}, +{ERR_PACK(ERR_LIB_METH,0,0) ,"X509 lookup 'method' routines"}, +{ERR_PACK(ERR_LIB_SSL,0,0) ,"SSL routines"}, +{ERR_PACK(ERR_LIB_RSAREF,0,0) ,"RSAref routines"}, +{ERR_PACK(ERR_LIB_PROXY,0,0) ,"Proxy routines"}, +{ERR_PACK(ERR_LIB_BIO,0,0) ,"BIO routines"}, +{ERR_PACK(ERR_LIB_PKCS7,0,0) ,"PKCS7 routines"}, +{0,NULL}, + }; + +static ERR_STRING_DATA ERR_str_functs[]= + { + {ERR_PACK(0,SYS_F_FOPEN,0), "fopen"}, + {ERR_PACK(0,SYS_F_CONNECT,0), "connect"}, + {ERR_PACK(0,SYS_F_GETSERVBYNAME,0), "getservbyname"}, + {ERR_PACK(0,SYS_F_SOCKET,0), "socket"}, + {ERR_PACK(0,SYS_F_IOCTLSOCKET,0), "ioctlsocket"}, + {ERR_PACK(0,SYS_F_BIND,0), "bind"}, + {ERR_PACK(0,SYS_F_LISTEN,0), "listen"}, + {ERR_PACK(0,SYS_F_ACCEPT,0), "accept"}, +#ifdef WINDOWS + {ERR_PACK(0,SYS_F_WSASTARTUP,0), "WSAstartup"}, +#endif + {0,NULL}, + }; + +static ERR_STRING_DATA ERR_str_reasons[]= + { +{ERR_R_FATAL ,"fatal"}, +{ERR_R_SYS_LIB ,"system lib"}, +{ERR_R_BN_LIB ,"BN lib"}, +{ERR_R_RSA_LIB ,"RSA lib"}, +{ERR_R_DH_LIB ,"DH lib"}, +{ERR_R_EVP_LIB ,"EVP lib"}, +{ERR_R_BUF_LIB ,"BUF lib"}, +{ERR_R_BIO_LIB ,"BIO lib"}, +{ERR_R_OBJ_LIB ,"OBJ lib"}, +{ERR_R_PEM_LIB ,"PEM lib"}, +{ERR_R_X509_LIB ,"X509 lib"}, +{ERR_R_METH_LIB ,"METH lib"}, +{ERR_R_ASN1_LIB ,"ASN1 lib"}, +{ERR_R_CONF_LIB ,"CONF lib"}, +{ERR_R_SSL_LIB ,"SSL lib"}, +{ERR_R_PROXY_LIB ,"PROXY lib"}, +{ERR_R_BIO_LIB ,"BIO lib"}, +{ERR_R_PKCS7_LIB ,"PKCS7 lib"}, +{ERR_R_MALLOC_FAILURE ,"Malloc failure"}, +{ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED ,"called a fuction you should not call"}, +{0,NULL}, + }; +#endif + +#define err_clear_data(p,i) \ + if (((p)->err_data[i] != NULL) && \ + (p)->err_data_flags[i] & ERR_TXT_MALLOCED) \ + { \ + Free((p)->err_data[i]); \ + (p)->err_data[i]=NULL; \ + } \ + (p)->err_data_flags[i]=0; + +static void ERR_STATE_free(s) +ERR_STATE *s; + { + int i; + + for (i=0; ierror) + { + str->error|=ERR_PACK(lib,0,0); + lh_insert(error_hash,(char *)str); + str++; + } + CRYPTO_w_unlock(CRYPTO_LOCK_ERR_HASH); + } + +void ERR_free_strings() + { + CRYPTO_w_lock(CRYPTO_LOCK_ERR); + + if (error_hash != NULL) + { + lh_free(error_hash); + error_hash=NULL; + } + + CRYPTO_w_unlock(CRYPTO_LOCK_ERR); + } + +/********************************************************/ + +void ERR_put_error(lib,func,reason,file,line) +int lib,func,reason; +char *file; +int line; + { + ERR_STATE *es; + + es=ERR_get_state(); + + es->top=(es->top+1)%ERR_NUM_ERRORS; + if (es->top == es->bottom) + es->bottom=(es->bottom+1)%ERR_NUM_ERRORS; + es->err_buffer[es->top]=ERR_PACK(lib,func,reason); + es->err_file[es->top]=file; + es->err_line[es->top]=line; + err_clear_data(es,es->top); + } + +void ERR_clear_error() + { + ERR_STATE *es; + + es=ERR_get_state(); + +#if 0 + /* hmm... is this needed */ + for (i=0; ierr_buffer[i]=0; + es->err_file[i]=NULL; + es->err_line[i]= -1; + err_clear_data(es,i); + } +#endif + es->top=es->bottom=0; + } + + +unsigned long ERR_get_error() + { return(get_error_values(1,NULL,NULL,NULL,NULL)); } + +unsigned long ERR_get_error_line(file,line) +char **file; +int *line; + { return(get_error_values(1,file,line,NULL,NULL)); } + +unsigned long ERR_get_error_line_data(file,line,data,flags) +char **file; +int *line; +char **data; +int *flags; + { return(get_error_values(1,file,line,data,flags)); } + +unsigned long ERR_peek_error() + { return(get_error_values(0,NULL,NULL,NULL,NULL)); } + +unsigned long ERR_peek_error_line(file,line) +char **file; +int *line; + { return(get_error_values(0,file,line,NULL,NULL)); } + +unsigned long ERR_peek_error_line_data(file,line,data,flags) +char **file; +int *line; +char **data; +int *flags; + { return(get_error_values(0,file,line,data,flags)); } + +static unsigned long get_error_values(inc,file,line,data,flags) +int inc; +char **file; +int *line; +char **data; +int *flags; + { + int i=0; + ERR_STATE *es; + unsigned long ret; + + es=ERR_get_state(); + + if (es->bottom == es->top) return(0); + i=(es->bottom+1)%ERR_NUM_ERRORS; + + ret=es->err_buffer[i]; + if (inc) + { + es->bottom=i; + es->err_buffer[i]=0; + } + + if ((file != NULL) && (line != NULL)) + { + if (es->err_file[i] == NULL) + { + *file="NA"; + if (line != NULL) *line=0; + } + else + { + *file=es->err_file[i]; + if (line != NULL) *line=es->err_line[i]; + } + } + + if (data != NULL) + { + if (es->err_data[i] == NULL) + { + *data=""; + if (flags != NULL) *flags=0; + } + else + { + *data=es->err_data[i]; + if (flags != NULL) *flags=es->err_data_flags[i]; + } + } + return(ret); + } + +/* BAD for multi-threaded, uses a local buffer if ret == NULL */ +char *ERR_error_string(e,ret) +unsigned long e; +char *ret; + { + static char buf[256]; + char *ls,*fs,*rs; + unsigned long l,f,r; + int i; + + l=ERR_GET_LIB(e); + f=ERR_GET_FUNC(e); + r=ERR_GET_REASON(e); + + ls=ERR_lib_error_string(e); + fs=ERR_func_error_string(e); + rs=ERR_reason_error_string(e); + + if (ret == NULL) ret=buf; + + sprintf(&(ret[0]),"error:%08lX:",e); + i=strlen(ret); + if (ls == NULL) + sprintf(&(ret[i]),":lib(%lu) ",l); + else sprintf(&(ret[i]),"%s",ls); + i=strlen(ret); + if (fs == NULL) + sprintf(&(ret[i]),":func(%lu) ",f); + else sprintf(&(ret[i]),":%s",fs); + i=strlen(ret); + if (rs == NULL) + sprintf(&(ret[i]),":reason(%lu)",r); + else sprintf(&(ret[i]),":%s",rs); + + return(ret); + } + +LHASH *ERR_get_string_table() + { + return(error_hash); + } + +LHASH *ERR_get_err_state_table() + { + return(thread_hash); + } + +char *ERR_lib_error_string(e) +unsigned long e; + { + ERR_STRING_DATA d,*p=NULL; + unsigned long l; + + l=ERR_GET_LIB(e); + + CRYPTO_r_lock(CRYPTO_LOCK_ERR_HASH); + + if (error_hash != NULL) + { + d.error=ERR_PACK(l,0,0); + p=(ERR_STRING_DATA *)lh_retrieve(error_hash,(char *)&d); + } + + CRYPTO_r_unlock(CRYPTO_LOCK_ERR_HASH); + + return((p == NULL)?NULL:p->string); + } + +char *ERR_func_error_string(e) +unsigned long e; + { + ERR_STRING_DATA d,*p=NULL; + unsigned long l,f; + + l=ERR_GET_LIB(e); + f=ERR_GET_FUNC(e); + + CRYPTO_r_lock(CRYPTO_LOCK_ERR_HASH); + + if (error_hash != NULL) + { + d.error=ERR_PACK(l,f,0); + p=(ERR_STRING_DATA *)lh_retrieve(error_hash,(char *)&d); + } + + CRYPTO_r_unlock(CRYPTO_LOCK_ERR_HASH); + + return((p == NULL)?NULL:p->string); + } + +char *ERR_reason_error_string(e) +unsigned long e; + { + ERR_STRING_DATA d,*p=NULL; + unsigned long l,r; + + l=ERR_GET_LIB(e); + r=ERR_GET_REASON(e); + + CRYPTO_r_lock(CRYPTO_LOCK_ERR_HASH); + + if (error_hash != NULL) + { + d.error=ERR_PACK(l,0,r); + p=(ERR_STRING_DATA *)lh_retrieve(error_hash,(char *)&d); + if (p == NULL) + { + d.error=ERR_PACK(0,0,r); + p=(ERR_STRING_DATA *)lh_retrieve(error_hash, + (char *)&d); + } + } + + CRYPTO_r_unlock(CRYPTO_LOCK_ERR_HASH); + + return((p == NULL)?NULL:p->string); + } + +static unsigned long err_hash(a) +ERR_STRING_DATA *a; + { + unsigned long ret,l; + + l=a->error; + ret=l^ERR_GET_LIB(l)^ERR_GET_FUNC(l); + return(ret^ret%19*13); + } + +static int err_cmp(a,b) +ERR_STRING_DATA *a,*b; + { + return((int)(a->error-b->error)); + } + +static unsigned long pid_hash(a) +ERR_STATE *a; + { + return(a->pid*13); + } + +static int pid_cmp(a,b) +ERR_STATE *a,*b; + { + return((int)((long)a->pid - (long)b->pid)); + } + +void ERR_remove_state(pid) +unsigned long pid; + { + ERR_STATE *p,tmp; + + if (thread_hash == NULL) + return; + if (pid == 0) + pid=(unsigned long)CRYPTO_thread_id(); + tmp.pid=pid; + CRYPTO_w_lock(CRYPTO_LOCK_ERR); + p=(ERR_STATE *)lh_delete(thread_hash,(char *)&tmp); + CRYPTO_w_unlock(CRYPTO_LOCK_ERR); + + if (p != NULL) ERR_STATE_free(p); + } + +ERR_STATE *ERR_get_state() + { + static ERR_STATE fallback; + ERR_STATE *ret=NULL,tmp,*tmpp; + int i; + unsigned long pid; + + pid=(unsigned long)CRYPTO_thread_id(); + + CRYPTO_r_lock(CRYPTO_LOCK_ERR); + if (thread_hash == NULL) + { + CRYPTO_r_unlock(CRYPTO_LOCK_ERR); + CRYPTO_w_lock(CRYPTO_LOCK_ERR); + if (thread_hash == NULL) + { + thread_hash=lh_new(pid_hash,pid_cmp); + CRYPTO_w_unlock(CRYPTO_LOCK_ERR); + if (thread_hash == NULL) return(&fallback); + } + else + CRYPTO_w_unlock(CRYPTO_LOCK_ERR); + } + else + { + tmp.pid=pid; + ret=(ERR_STATE *)lh_retrieve(thread_hash,(char *)&tmp); + CRYPTO_r_unlock(CRYPTO_LOCK_ERR); + } + + /* ret == the error state, if NULL, make a new one */ + if (ret == NULL) + { + ret=(ERR_STATE *)Malloc(sizeof(ERR_STATE)); + if (ret == NULL) return(&fallback); + ret->pid=pid; + ret->top=0; + ret->bottom=0; + for (i=0; ierr_data[i]=NULL; + ret->err_data_flags[i]=0; + } + CRYPTO_w_lock(CRYPTO_LOCK_ERR); + tmpp=(ERR_STATE *)lh_insert(thread_hash,(char *)ret); + CRYPTO_w_unlock(CRYPTO_LOCK_ERR); + if (tmpp != NULL) /* old entry - should not happen */ + { + ERR_STATE_free(tmpp); + } + } + return(ret); + } + +int ERR_get_next_error_library() + { + static int value=ERR_LIB_USER; + + return(value++); + } + +void ERR_set_error_data(data,flags) +char *data; +int flags; + { + ERR_STATE *es; + int i; + + es=ERR_get_state(); + + i=es->top; + if (i == 0) + i=ERR_NUM_ERRORS-1; + + es->err_data[i]=data; + es->err_data_flags[es->top]=flags; + } + +void ERR_add_error_data( VAR_PLIST(int , num)) +VAR_ALIST + { + VAR_BDEFN(args, int, num); + int i,n,s; + char *str,*p,*a; + + s=64; + str=Malloc(s+1); + if (str == NULL) return; + str[0]='\0'; + + VAR_INIT(args,int,num); + n=0; + for (i=0; i s) + { + s=n+20; + p=Realloc(str,s+1); + if (p == NULL) + { + Free(str); + return; + } + else + str=p; + } + strcat(str,a); + } + } + ERR_set_error_data(str,ERR_TXT_MALLOCED|ERR_TXT_STRING); + + VAR_END( args ); + } + diff --git a/src/lib/libcrypto/err/err.h b/src/lib/libcrypto/err/err.h new file mode 100644 index 0000000000..75f931be11 --- /dev/null +++ b/src/lib/libcrypto/err/err.h @@ -0,0 +1,287 @@ +/* crypto/err/err.h */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#ifndef HEADER_ERR_H +#define HEADER_ERR_H + +#ifdef __cplusplus +extern "C" { +#endif + +/* The following is a bit of a trick to help the object files only contain + * the 'name of the file' string once. Since 'err.h' is protected by the + * HEADER_ERR_H stuff, this should be included only once per file. */ + +#define ERR_file_name __FILE__ + +#ifndef NO_ERR +#define ERR_PUT_error(a,b,c,d,e) ERR_put_error(a,b,c,d,e) +#else +#define ERR_PUT_error(a,b,c,d,e) ERR_put_error(a,b,c,NULL,0) +#endif + +#include + +#define ERR_TXT_MALLOCED 0x01 +#define ERR_TXT_STRING 0x02 + +#define ERR_NUM_ERRORS 16 +typedef struct err_state_st + { + unsigned long pid; + unsigned long err_buffer[ERR_NUM_ERRORS]; + char *err_data[ERR_NUM_ERRORS]; + int err_data_flags[ERR_NUM_ERRORS]; + char *err_file[ERR_NUM_ERRORS]; + int err_line[ERR_NUM_ERRORS]; + int top,bottom; + } ERR_STATE; + +/* library */ +#define ERR_LIB_NONE 1 +#define ERR_LIB_SYS 2 +#define ERR_LIB_BN 3 +#define ERR_LIB_RSA 4 +#define ERR_LIB_DH 5 +#define ERR_LIB_EVP 6 +#define ERR_LIB_BUF 7 +#define ERR_LIB_OBJ 8 +#define ERR_LIB_PEM 9 +#define ERR_LIB_DSA 10 +#define ERR_LIB_X509 11 +#define ERR_LIB_METH 12 +#define ERR_LIB_ASN1 13 +#define ERR_LIB_CONF 14 +#define ERR_LIB_CRYPTO 15 +#define ERR_LIB_SSL 20 +#define ERR_LIB_SSL23 21 +#define ERR_LIB_SSL2 22 +#define ERR_LIB_SSL3 23 +#define ERR_LIB_RSAREF 30 +#define ERR_LIB_PROXY 31 +#define ERR_LIB_BIO 32 +#define ERR_LIB_PKCS7 33 + +#define ERR_LIB_USER 128 + +#define SYSerr(f,r) ERR_PUT_error(ERR_LIB_SYS,(f),(r),ERR_file_name,__LINE__) +#define BNerr(f,r) ERR_PUT_error(ERR_LIB_BN,(f),(r),ERR_file_name,__LINE__) +#define RSAerr(f,r) ERR_PUT_error(ERR_LIB_RSA,(f),(r),ERR_file_name,__LINE__) +#define DHerr(f,r) ERR_PUT_error(ERR_LIB_DH,(f),(r),ERR_file_name,__LINE__) +#define EVPerr(f,r) ERR_PUT_error(ERR_LIB_EVP,(f),(r),ERR_file_name,__LINE__) +#define BUFerr(f,r) ERR_PUT_error(ERR_LIB_BUF,(f),(r),ERR_file_name,__LINE__) +#define BIOerr(f,r) ERR_PUT_error(ERR_LIB_BIO,(f),(r),ERR_file_name,__LINE__) +#define OBJerr(f,r) ERR_PUT_error(ERR_LIB_OBJ,(f),(r),ERR_file_name,__LINE__) +#define PEMerr(f,r) ERR_PUT_error(ERR_LIB_PEM,(f),(r),ERR_file_name,__LINE__) +#define DSAerr(f,r) ERR_PUT_error(ERR_LIB_DSA,(f),(r),ERR_file_name,__LINE__) +#define X509err(f,r) ERR_PUT_error(ERR_LIB_X509,(f),(r),ERR_file_name,__LINE__) +#define METHerr(f,r) ERR_PUT_error(ERR_LIB_METH,(f),(r),ERR_file_name,__LINE__) +#define ASN1err(f,r) ERR_PUT_error(ERR_LIB_ASN1,(f),(r),ERR_file_name,__LINE__) +#define CONFerr(f,r) ERR_PUT_error(ERR_LIB_CONF,(f),(r),ERR_file_name,__LINE__) +#define CRYPTOerr(f,r) ERR_PUT_error(ERR_LIB_CRYPTO,(f),(r),ERR_file_name,__LINE__) +#define SSLerr(f,r) ERR_PUT_error(ERR_LIB_SSL,(f),(r),ERR_file_name,__LINE__) +#define SSL23err(f,r) ERR_PUT_error(ERR_LIB_SSL23,(f),(r),ERR_file_name,__LINE__) +#define SSL2err(f,r) ERR_PUT_error(ERR_LIB_SSL2,(f),(r),ERR_file_name,__LINE__) +#define SSL3err(f,r) ERR_PUT_error(ERR_LIB_SSL3,(f),(r),ERR_file_name,__LINE__) +#define RSAREFerr(f,r) ERR_PUT_error(ERR_LIB_RSAREF,(f),(r),ERR_file_name,__LINE__) +#define PROXYerr(f,r) ERR_PUT_error(ERR_LIB_PROXY,(f),(r),ERR_file_name,__LINE__) +#define PKCS7err(f,r) ERR_PUT_error(ERR_LIB_PKCS7,(f),(r),ERR_file_name,__LINE__) + +/* Borland C seems too stupid to be able to shift and do longs in + * the pre-processor :-( */ +#define ERR_PACK(l,f,r) (((((unsigned long)l)&0xffL)*0x1000000)| \ + ((((unsigned long)f)&0xfffL)*0x1000)| \ + ((((unsigned long)r)&0xfffL))) +#define ERR_GET_LIB(l) (int)((((unsigned long)l)>>24L)&0xffL) +#define ERR_GET_FUNC(l) (int)((((unsigned long)l)>>12L)&0xfffL) +#define ERR_GET_REASON(l) (int)((l)&0xfffL) +#define ERR_FATAL_ERROR(l) (int)((l)&ERR_R_FATAL) + +/* OS fuctions */ +#define SYS_F_FOPEN 1 +#define SYS_F_CONNECT 2 +#define SYS_F_GETSERVBYNAME 3 +#define SYS_F_SOCKET 4 +#define SYS_F_IOCTLSOCKET 5 +#define SYS_F_BIND 6 +#define SYS_F_LISTEN 7 +#define SYS_F_ACCEPT 8 +#define SYS_F_WSASTARTUP 9 /* Winsock stuff */ + +#define ERR_R_FATAL 32 +/* reasons */ +#define ERR_R_SYS_LIB ERR_LIB_SYS +#define ERR_R_BN_LIB ERR_LIB_BN +#define ERR_R_RSA_LIB ERR_LIB_RSA +#define ERR_R_DSA_LIB ERR_LIB_DSA +#define ERR_R_DH_LIB ERR_LIB_DH +#define ERR_R_EVP_LIB ERR_LIB_EVP +#define ERR_R_BUF_LIB ERR_LIB_BUF +#define ERR_R_BIO_LIB ERR_LIB_BIO +#define ERR_R_OBJ_LIB ERR_LIB_OBJ +#define ERR_R_PEM_LIB ERR_LIB_PEM +#define ERR_R_X509_LIB ERR_LIB_X509 +#define ERR_R_METH_LIB ERR_LIB_METH +#define ERR_R_ASN1_LIB ERR_LIB_ASN1 +#define ERR_R_CONF_LIB ERR_LIB_CONF +#define ERR_R_CRYPTO_LIB ERR_LIB_CRYPTO +#define ERR_R_SSL_LIB ERR_LIB_SSL +#define ERR_R_SSL23_LIB ERR_LIB_SSL23 +#define ERR_R_SSL2_LIB ERR_LIB_SSL2 +#define ERR_R_SSL3_LIB ERR_LIB_SSL3 +#define ERR_R_PROXY_LIB ERR_LIB_PROXY +#define ERR_R_BIO_LIB ERR_LIB_BIO +#define ERR_R_PKCS7_LIB ERR_LIB_PKCS7 + +/* fatal error */ +#define ERR_R_MALLOC_FAILURE (1|ERR_R_FATAL) +#define ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED (2|ERR_R_FATAL) +#define ERR_R_PASSED_NULL_PARAMETER (3|ERR_R_FATAL) + +typedef struct ERR_string_data_st + { + unsigned long error; + char *string; + } ERR_STRING_DATA; + +#ifndef NOPROTO +void ERR_put_error(int lib, int func,int reason,char *file,int line); +void ERR_set_error_data(char *data,int flags); + +unsigned long ERR_get_error(void ); +unsigned long ERR_get_error_line(char **file,int *line); +unsigned long ERR_get_error_line_data(char **file,int *line, + char **data, int *flags); +unsigned long ERR_peek_error(void ); +unsigned long ERR_peek_error_line(char **file,int *line); +unsigned long ERR_peek_error_line_data(char **file,int *line, + char **data,int *flags); +void ERR_clear_error(void ); +char *ERR_error_string(unsigned long e,char *buf); +char *ERR_lib_error_string(unsigned long e); +char *ERR_func_error_string(unsigned long e); +char *ERR_reason_error_string(unsigned long e); +#ifndef NO_FP_API +void ERR_print_errors_fp(FILE *fp); +#endif +#ifdef HEADER_BIO_H +void ERR_print_errors(BIO *bp); +void ERR_add_error_data( VAR_PLIST( int, num ) ); +#endif +void ERR_load_strings(int lib,ERR_STRING_DATA str[]); +void ERR_load_ERR_strings(void ); +void ERR_load_crypto_strings(void ); +void ERR_free_strings(void ); + +void ERR_remove_state(unsigned long pid); /* if zero we look it up */ +ERR_STATE *ERR_get_state(void); + +#ifdef HEADER_LHASH_H +LHASH *ERR_get_string_table(void ); +LHASH *ERR_get_err_state_table(void ); +#else +char *ERR_get_string_table(void ); +char *ERR_get_err_state_table(void ); +#endif + +int ERR_get_next_error_library(void ); + +#else + +void ERR_put_error(); +void ERR_set_error_data(); + +unsigned long ERR_get_error(); +unsigned long ERR_get_error_line(); +unsigned long ERR_peek_error(); +unsigned long ERR_peek_error_line(); +void ERR_clear_error(); +char *ERR_error_string(); +char *ERR_lib_error_string(); +char *ERR_func_error_string(); +char *ERR_reason_error_string(); +#ifndef NO_FP_API +void ERR_print_errors_fp(); +#endif +void ERR_print_errors(); +void ERR_add_error_data(); +void ERR_load_strings(); +void ERR_load_ERR_strings(); +void ERR_load_crypto_strings(); +void ERR_free_strings(); + +void ERR_remove_state(); +ERR_STATE *ERR_get_state(); + +#ifdef HEADER_LHASH_H +LHASH *ERR_get_string_table(); +LHASH *ERR_get_err_state_table(); +#else +char *ERR_get_string_table(); +char *ERR_get_err_state_table(); +#endif + +int ERR_get_next_error_library(); + +#endif + +#ifdef __cplusplus +} +#endif + +#endif diff --git a/src/lib/libcrypto/err/err_all.c b/src/lib/libcrypto/err/err_all.c new file mode 100644 index 0000000000..f874268e1a --- /dev/null +++ b/src/lib/libcrypto/err/err_all.c @@ -0,0 +1,116 @@ +/* crypto/err/err_all.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include +#include "asn1.h" +#include "bn.h" +#include "buffer.h" +#include "bio.h" +#ifndef NO_RSA +#include "rsa.h" +#endif +#ifdef RSAref +#include "rsaref.h" +#endif +#ifndef NO_DH +#include "dh.h" +#endif +#ifndef NO_DSA +#include "dsa.h" +#endif +#include "evp.h" +#include "objects.h" +#include "pem.h" +#include "x509.h" +#include "conf.h" +#include "err.h" + +void ERR_load_crypto_strings() + { + static int done=0; + + if (done) return; + done=1; +#ifndef NO_ERR + ERR_load_ASN1_strings(); + ERR_load_BN_strings(); + ERR_load_BUF_strings(); + ERR_load_BIO_strings(); + ERR_load_CONF_strings(); +#ifndef NO_RSA +#ifdef RSAref + ERR_load_RSAREF_strings(); +#else + ERR_load_RSA_strings(); +#endif +#endif +#ifndef NO_DH + ERR_load_DH_strings(); +#endif +#ifndef NO_DSA + ERR_load_DSA_strings(); +#endif + ERR_load_ERR_strings(); + ERR_load_EVP_strings(); + ERR_load_OBJ_strings(); + ERR_load_PEM_strings(); + ERR_load_X509_strings(); + ERR_load_CRYPTO_strings(); + ERR_load_PKCS7_strings(); +#endif + } diff --git a/src/lib/libcrypto/err/err_prn.c b/src/lib/libcrypto/err/err_prn.c new file mode 100644 index 0000000000..ecd0e7c4fa --- /dev/null +++ b/src/lib/libcrypto/err/err_prn.c @@ -0,0 +1,107 @@ +/* crypto/err/err_prn.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include +#include "lhash.h" +#include "crypto.h" +#include "cryptlib.h" +#include "buffer.h" +#include "err.h" +#include "crypto.h" + +#ifndef NO_FP_API +void ERR_print_errors_fp(fp) +FILE *fp; + { + unsigned long l; + char buf[200]; + char *file,*data; + int line,flags; + unsigned long es; + + es=CRYPTO_thread_id(); + while ((l=ERR_get_error_line_data(&file,&line,&data,&flags)) != 0) + { + fprintf(fp,"%lu:%s:%s:%d:%s\n",es,ERR_error_string(l,buf), + file,line,(flags&ERR_TXT_STRING)?data:""); + } + } +#endif + +void ERR_print_errors(bp) +BIO *bp; + { + unsigned long l; + char buf[256]; + char buf2[256]; + char *file,*data; + int line,flags; + unsigned long es; + + es=CRYPTO_thread_id(); + while ((l=ERR_get_error_line_data(&file,&line,&data,&flags)) != 0) + { + sprintf(buf2,"%lu:%s:%s:%d:",es,ERR_error_string(l,buf), + file,line); + BIO_write(bp,buf2,strlen(buf2)); + if (flags & ERR_TXT_STRING) + BIO_write(bp,data,strlen(data)); + BIO_write(bp,"\n",1); + } + } + diff --git a/src/lib/libcrypto/evp/bio_b64.c b/src/lib/libcrypto/evp/bio_b64.c new file mode 100644 index 0000000000..73172b9a07 --- /dev/null +++ b/src/lib/libcrypto/evp/bio_b64.c @@ -0,0 +1,547 @@ +/* crypto/evp/bio_b64.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include +#include +#include "cryptlib.h" +#include "buffer.h" +#include "evp.h" + +#ifndef NOPROTO +static int b64_write(BIO *h,char *buf,int num); +static int b64_read(BIO *h,char *buf,int size); +/*static int b64_puts(BIO *h,char *str); */ +/*static int b64_gets(BIO *h,char *str,int size); */ +static long b64_ctrl(BIO *h,int cmd,long arg1,char *arg2); +static int b64_new(BIO *h); +static int b64_free(BIO *data); +#else +static int b64_write(); +static int b64_read(); +/*static int b64_puts(); */ +/*static int b64_gets(); */ +static long b64_ctrl(); +static int b64_new(); +static int b64_free(); +#endif + +#define B64_BLOCK_SIZE 1024 +#define B64_BLOCK_SIZE2 768 +#define B64_NONE 0 +#define B64_ENCODE 1 +#define B64_DECODE 2 + +typedef struct b64_struct + { + /*BIO *bio; moved to the BIO structure */ + int buf_len; + int buf_off; + int tmp_len; /* used to find the start when decoding */ + int tmp_nl; /* If true, scan until '\n' */ + int encode; + int start; /* have we started decoding yet? */ + int cont; /* <= 0 when finished */ + EVP_ENCODE_CTX base64; + char buf[EVP_ENCODE_LENGTH(B64_BLOCK_SIZE)+10]; + char tmp[B64_BLOCK_SIZE]; + } BIO_B64_CTX; + +static BIO_METHOD methods_b64= + { + BIO_TYPE_BASE64,"base64 encoding", + b64_write, + b64_read, + NULL, /* b64_puts, */ + NULL, /* b64_gets, */ + b64_ctrl, + b64_new, + b64_free, + }; + +BIO_METHOD *BIO_f_base64() + { + return(&methods_b64); + } + +static int b64_new(bi) +BIO *bi; + { + BIO_B64_CTX *ctx; + + ctx=(BIO_B64_CTX *)Malloc(sizeof(BIO_B64_CTX)); + if (ctx == NULL) return(0); + + ctx->buf_len=0; + ctx->tmp_len=0; + ctx->tmp_nl=0; + ctx->buf_off=0; + ctx->cont=1; + ctx->start=1; + ctx->encode=0; + + bi->init=1; + bi->ptr=(char *)ctx; + bi->flags=0; + return(1); + } + +static int b64_free(a) +BIO *a; + { + if (a == NULL) return(0); + Free(a->ptr); + a->ptr=NULL; + a->init=0; + a->flags=0; + return(1); + } + +static int b64_read(b,out,outl) +BIO *b; +char *out; +int outl; + { + int ret=0,i,ii,j,k,x,n,num,ret_code=0; + BIO_B64_CTX *ctx; + unsigned char *p,*q; + + if (out == NULL) return(0); + ctx=(BIO_B64_CTX *)b->ptr; + + if ((ctx == NULL) || (b->next_bio == NULL)) return(0); + + if (ctx->encode != B64_DECODE) + { + ctx->encode=B64_DECODE; + ctx->buf_len=0; + ctx->buf_off=0; + ctx->tmp_len=0; + EVP_DecodeInit(&(ctx->base64)); + } + + /* First check if there are bytes decoded/encoded */ + if (ctx->buf_len > 0) + { + i=ctx->buf_len-ctx->buf_off; + if (i > outl) i=outl; + memcpy(out,&(ctx->buf[ctx->buf_off]),i); + ret=i; + out+=i; + outl-=i; + ctx->buf_off+=i; + if (ctx->buf_len == ctx->buf_off) + { + ctx->buf_len=0; + ctx->buf_off=0; + } + } + + /* At this point, we have room of outl bytes and an empty + * buffer, so we should read in some more. */ + + ret_code=0; + while (outl > 0) + { + if (ctx->cont <= 0) break; + + i=BIO_read(b->next_bio,&(ctx->tmp[ctx->tmp_len]), + B64_BLOCK_SIZE-ctx->tmp_len); + + if (i <= 0) + { + ret_code=i; + + /* Should be continue next time we are called? */ + if (!BIO_should_retry(b->next_bio)) + ctx->cont=i; + /* else we should continue when called again */ + break; + } + i+=ctx->tmp_len; + + /* We need to scan, a line at a time until we + * have a valid line if we are starting. */ + if (ctx->start && (BIO_get_flags(b) & BIO_FLAGS_BASE64_NO_NL)) + { + /* ctx->start=1; */ + ctx->tmp_len=0; + } + else if (ctx->start) + { + q=p=(unsigned char *)ctx->tmp; + for (j=0; jtmp_nl) + { + p=q; + ctx->tmp_nl=0; + continue; + } + + k=EVP_DecodeUpdate(&(ctx->base64), + (unsigned char *)ctx->buf, + &num,p,q-p); + if ((k <= 0) && (num == 0) && (ctx->start)) + EVP_DecodeInit(&ctx->base64); + else + { + if (p != (unsigned char *) + &(ctx->tmp[0])) + { + i-=(p- (unsigned char *) + &(ctx->tmp[0])); + for (x=0; x < i; x++) + ctx->tmp[x]=p[x]; + EVP_DecodeInit(&ctx->base64); + } + ctx->start=0; + break; + } + p=q; + } + + /* we fell off the end without starting */ + if (j == i) + { + /* Is this is one long chunk?, if so, keep on + * reading until a new line. */ + if (p == (unsigned char *)&(ctx->tmp[0])) + { + ctx->tmp_nl=1; + ctx->tmp_len=0; + } + else if (p != q) /* finished on a '\n' */ + { + n=q-p; + for (ii=0; iitmp[ii]=p[ii]; + ctx->tmp_len=n; + } + /* else finished on a '\n' */ + continue; + } + else + ctx->tmp_len=0; + } + + if (BIO_get_flags(b) & BIO_FLAGS_BASE64_NO_NL) + { + int z,jj; + + jj=(i>>2)<<2; + z=EVP_DecodeBlock((unsigned char *)ctx->buf, + (unsigned char *)ctx->tmp,jj); + if (jj > 2) + { + if (ctx->tmp[jj-1] == '=') + { + z--; + if (ctx->tmp[jj-2] == '=') + z--; + } + } + /* z is now number of output bytes and jj is the + * number consumed */ + if (jj != i) + { + memcpy((unsigned char *)ctx->tmp, + (unsigned char *)&(ctx->tmp[jj]),i-jj); + ctx->tmp_len=i-jj; + } + ctx->buf_len=0; + if (z > 0) + { + ctx->buf_len=z; + i=1; + } + else + i=z; + } + else + { + i=EVP_DecodeUpdate(&(ctx->base64), + (unsigned char *)ctx->buf,&ctx->buf_len, + (unsigned char *)ctx->tmp,i); + } + ctx->cont=i; + ctx->buf_off=0; + if (i < 0) + { + ret_code=0; + ctx->buf_len=0; + break; + } + + if (ctx->buf_len <= outl) + i=ctx->buf_len; + else + i=outl; + + memcpy(out,ctx->buf,i); + ret+=i; + ctx->buf_off=i; + if (ctx->buf_off == ctx->buf_len) + { + ctx->buf_len=0; + ctx->buf_off=0; + } + outl-=i; + out+=i; + } + BIO_clear_retry_flags(b); + BIO_copy_next_retry(b); + return((ret == 0)?ret_code:ret); + } + +static int b64_write(b,in,inl) +BIO *b; +char *in; +int inl; + { + int ret=inl,n,i; + BIO_B64_CTX *ctx; + + ctx=(BIO_B64_CTX *)b->ptr; + BIO_clear_retry_flags(b); + + if (ctx->encode != B64_ENCODE) + { + ctx->encode=B64_ENCODE; + ctx->buf_len=0; + ctx->buf_off=0; + ctx->tmp_len=0; + EVP_EncodeInit(&(ctx->base64)); + } + + n=ctx->buf_len-ctx->buf_off; + while (n > 0) + { + i=BIO_write(b->next_bio,&(ctx->buf[ctx->buf_off]),n); + if (i <= 0) + { + BIO_copy_next_retry(b); + return(i); + } + ctx->buf_off+=i; + n-=i; + } + /* at this point all pending data has been written */ + + if ((in == NULL) || (inl <= 0)) return(0); + + ctx->buf_off=0; + while (inl > 0) + { + n=(inl > B64_BLOCK_SIZE)?B64_BLOCK_SIZE:inl; + + if (BIO_get_flags(b) & BIO_FLAGS_BASE64_NO_NL) + { + if (ctx->tmp_len > 0) + { + n=3-ctx->tmp_len; + memcpy(&(ctx->tmp[ctx->tmp_len]),in,n); + ctx->tmp_len+=n; + n=ctx->tmp_len; + if (n < 3) + break; + ctx->buf_len=EVP_EncodeBlock( + (unsigned char *)ctx->buf, + (unsigned char *)ctx->tmp,n); + } + else + { + if (n < 3) + { + memcpy(&(ctx->tmp[0]),in,n); + ctx->tmp_len=n; + break; + } + n-=n%3; + ctx->buf_len=EVP_EncodeBlock( + (unsigned char *)ctx->buf, + (unsigned char *)in,n); + } + } + else + { + EVP_EncodeUpdate(&(ctx->base64), + (unsigned char *)ctx->buf,&ctx->buf_len, + (unsigned char *)in,n); + } + inl-=n; + in+=n; + + ctx->buf_off=0; + n=ctx->buf_len; + while (n > 0) + { + i=BIO_write(b->next_bio,&(ctx->buf[ctx->buf_off]),n); + if (i <= 0) + { + BIO_copy_next_retry(b); + return((ret == 0)?i:ret); + } + n-=i; + ctx->buf_off+=i; + } + ctx->buf_len=0; + ctx->buf_off=0; + } + return(ret); + } + +static long b64_ctrl(b,cmd,num,ptr) +BIO *b; +int cmd; +long num; +char *ptr; + { + BIO_B64_CTX *ctx; + long ret=1; + int i; + + ctx=(BIO_B64_CTX *)b->ptr; + + switch (cmd) + { + case BIO_CTRL_RESET: + ctx->cont=1; + ctx->start=1; + ctx->encode=B64_NONE; + ret=BIO_ctrl(b->next_bio,cmd,num,ptr); + break; + case BIO_CTRL_EOF: /* More to read */ + if (ctx->cont <= 0) + ret=1; + else + ret=BIO_ctrl(b->next_bio,cmd,num,ptr); + break; + case BIO_CTRL_WPENDING: /* More to write in buffer */ + ret=ctx->buf_len-ctx->buf_off; + if ((ret == 0) && (ctx->base64.num != 0)) + ret=1; + else if (ret <= 0) + ret=BIO_ctrl(b->next_bio,cmd,num,ptr); + break; + case BIO_CTRL_PENDING: /* More to read in buffer */ + ret=ctx->buf_len-ctx->buf_off; + if (ret <= 0) + ret=BIO_ctrl(b->next_bio,cmd,num,ptr); + break; + case BIO_CTRL_FLUSH: + /* do a final write */ +again: + while (ctx->buf_len != ctx->buf_off) + { + i=b64_write(b,NULL,0); + if (i < 0) + { + ret=i; + break; + } + } + if (BIO_get_flags(b) & BIO_FLAGS_BASE64_NO_NL) + { + if (ctx->tmp_len != 0) + { + ctx->buf_len=EVP_EncodeBlock( + (unsigned char *)ctx->buf, + (unsigned char *)ctx->tmp, + ctx->tmp_len); + ctx->buf_off=0; + ctx->tmp_len=0; + goto again; + } + } + else if (ctx->base64.num != 0) + { + ctx->buf_off=0; + EVP_EncodeFinal(&(ctx->base64), + (unsigned char *)ctx->buf, + &(ctx->buf_len)); + /* push out the bytes */ + goto again; + } + /* Finally flush the underlying BIO */ + ret=BIO_ctrl(b->next_bio,cmd,num,ptr); + break; + + case BIO_C_DO_STATE_MACHINE: + BIO_clear_retry_flags(b); + ret=BIO_ctrl(b->next_bio,cmd,num,ptr); + BIO_copy_next_retry(b); + break; + + case BIO_CTRL_DUP: + break; + case BIO_CTRL_INFO: + case BIO_CTRL_GET: + case BIO_CTRL_SET: + default: + ret=BIO_ctrl(b->next_bio,cmd,num,ptr); + break; + } + return(ret); + } + diff --git a/src/lib/libcrypto/evp/bio_enc.c b/src/lib/libcrypto/evp/bio_enc.c new file mode 100644 index 0000000000..6c30ddfc54 --- /dev/null +++ b/src/lib/libcrypto/evp/bio_enc.c @@ -0,0 +1,423 @@ +/* crypto/evp/bio_enc.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include +#include +#include "cryptlib.h" +#include "buffer.h" +#include "evp.h" + +#ifndef NOPROTO +static int enc_write(BIO *h,char *buf,int num); +static int enc_read(BIO *h,char *buf,int size); +/*static int enc_puts(BIO *h,char *str); */ +/*static int enc_gets(BIO *h,char *str,int size); */ +static long enc_ctrl(BIO *h,int cmd,long arg1,char *arg2); +static int enc_new(BIO *h); +static int enc_free(BIO *data); +#else +static int enc_write(); +static int enc_read(); +/*static int enc_puts(); */ +/*static int enc_gets(); */ +static long enc_ctrl(); +static int enc_new(); +static int enc_free(); +#endif + +#define ENC_BLOCK_SIZE (1024*4) + +typedef struct enc_struct + { + int buf_len; + int buf_off; + int cont; /* <= 0 when finished */ + int finished; + int ok; /* bad decrypt */ + EVP_CIPHER_CTX cipher; + char buf[ENC_BLOCK_SIZE+10]; + } BIO_ENC_CTX; + +static BIO_METHOD methods_enc= + { + BIO_TYPE_CIPHER,"cipher", + enc_write, + enc_read, + NULL, /* enc_puts, */ + NULL, /* enc_gets, */ + enc_ctrl, + enc_new, + enc_free, + }; + +BIO_METHOD *BIO_f_cipher() + { + return(&methods_enc); + } + +static int enc_new(bi) +BIO *bi; + { + BIO_ENC_CTX *ctx; + + ctx=(BIO_ENC_CTX *)Malloc(sizeof(BIO_ENC_CTX)); + EVP_CIPHER_CTX_init(&ctx->cipher); + if (ctx == NULL) return(0); + + ctx->buf_len=0; + ctx->buf_off=0; + ctx->cont=1; + ctx->finished=0; + ctx->ok=1; + + bi->init=0; + bi->ptr=(char *)ctx; + bi->flags=0; + return(1); + } + +static int enc_free(a) +BIO *a; + { + BIO_ENC_CTX *b; + + if (a == NULL) return(0); + b=(BIO_ENC_CTX *)a->ptr; + EVP_CIPHER_CTX_cleanup(&(b->cipher)); + memset(a->ptr,0,sizeof(BIO_ENC_CTX)); + Free(a->ptr); + a->ptr=NULL; + a->init=0; + a->flags=0; + return(1); + } + +static int enc_read(b,out,outl) +BIO *b; +char *out; +int outl; + { + int ret=0,i; + BIO_ENC_CTX *ctx; + + if (out == NULL) return(0); + ctx=(BIO_ENC_CTX *)b->ptr; + + if ((ctx == NULL) || (b->next_bio == NULL)) return(0); + + /* First check if there are bytes decoded/encoded */ + if (ctx->buf_len > 0) + { + i=ctx->buf_len-ctx->buf_off; + if (i > outl) i=outl; + memcpy(out,&(ctx->buf[ctx->buf_off]),i); + ret=i; + out+=i; + outl-=i; + ctx->buf_off+=i; + if (ctx->buf_len == ctx->buf_off) + { + ctx->buf_len=0; + ctx->buf_off=0; + } + } + + /* At this point, we have room of outl bytes and an empty + * buffer, so we should read in some more. */ + + while (outl > 0) + { + if (ctx->cont <= 0) break; + + /* read in at offset 8, read the EVP_Cipher + * documentation about why */ + i=BIO_read(b->next_bio,&(ctx->buf[8]),ENC_BLOCK_SIZE); + + if (i <= 0) + { + /* Should be continue next time we are called? */ + if (!BIO_should_retry(b->next_bio)) + { + ctx->cont=i; + i=EVP_CipherFinal(&(ctx->cipher), + (unsigned char *)ctx->buf, + &(ctx->buf_len)); + ctx->ok=i; + ctx->buf_off=0; + } + else + ret=(ret == 0)?i:ret; + break; + } + else + { + EVP_CipherUpdate(&(ctx->cipher), + (unsigned char *)ctx->buf,&ctx->buf_len, + (unsigned char *)&(ctx->buf[8]),i); + ctx->cont=1; + } + + if (ctx->buf_len <= outl) + i=ctx->buf_len; + else + i=outl; + + if (i <= 0) break; + memcpy(out,ctx->buf,i); + ret+=i; + ctx->buf_off=i; + outl-=i; + out+=i; + } + + BIO_clear_retry_flags(b); + BIO_copy_next_retry(b); + return((ret == 0)?ctx->cont:ret); + } + +static int enc_write(b,in,inl) +BIO *b; +char *in; +int inl; + { + int ret=0,n,i; + BIO_ENC_CTX *ctx; + + ctx=(BIO_ENC_CTX *)b->ptr; + ret=inl; + + BIO_clear_retry_flags(b); + n=ctx->buf_len-ctx->buf_off; + while (n > 0) + { + i=BIO_write(b->next_bio,&(ctx->buf[ctx->buf_off]),n); + if (i <= 0) + { + BIO_copy_next_retry(b); + return(i); + } + ctx->buf_off+=i; + n-=i; + } + /* at this point all pending data has been written */ + + if ((in == NULL) || (inl <= 0)) return(0); + + ctx->buf_off=0; + while (inl > 0) + { + n=(inl > ENC_BLOCK_SIZE)?ENC_BLOCK_SIZE:inl; + EVP_CipherUpdate(&(ctx->cipher), + (unsigned char *)ctx->buf,&ctx->buf_len, + (unsigned char *)in,n); + inl-=n; + in+=n; + + ctx->buf_off=0; + n=ctx->buf_len; + while (n > 0) + { + i=BIO_write(b->next_bio,&(ctx->buf[ctx->buf_off]),n); + if (i <= 0) + { + BIO_copy_next_retry(b); + return(i); + } + n-=i; + ctx->buf_off+=i; + } + ctx->buf_len=0; + ctx->buf_off=0; + } + BIO_copy_next_retry(b); + return(ret); + } + +static long enc_ctrl(b,cmd,num,ptr) +BIO *b; +int cmd; +long num; +char *ptr; + { + BIO *dbio; + BIO_ENC_CTX *ctx,*dctx; + long ret=1; + int i; + + ctx=(BIO_ENC_CTX *)b->ptr; + + switch (cmd) + { + case BIO_CTRL_RESET: + ctx->ok=1; + ctx->finished=0; + EVP_CipherInit(&(ctx->cipher),NULL,NULL,NULL, + ctx->cipher.encrypt); + ret=BIO_ctrl(b->next_bio,cmd,num,ptr); + break; + case BIO_CTRL_EOF: /* More to read */ + if (ctx->cont <= 0) + ret=1; + else + ret=BIO_ctrl(b->next_bio,cmd,num,ptr); + break; + case BIO_CTRL_WPENDING: + ret=ctx->buf_len-ctx->buf_off; + if (ret <= 0) + ret=BIO_ctrl(b->next_bio,cmd,num,ptr); + break; + case BIO_CTRL_PENDING: /* More to read in buffer */ + ret=ctx->buf_len-ctx->buf_off; + if (ret <= 0) + ret=BIO_ctrl(b->next_bio,cmd,num,ptr); + break; + case BIO_CTRL_FLUSH: + /* do a final write */ +again: + while (ctx->buf_len != ctx->buf_off) + { + i=enc_write(b,NULL,0); + if (i < 0) + { + ret=i; + break; + } + } + + if (!ctx->finished) + { + ctx->finished=1; + ctx->buf_off=0; + ret=EVP_CipherFinal(&(ctx->cipher), + (unsigned char *)ctx->buf, + &(ctx->buf_len)); + ctx->ok=(int)ret; + if (ret <= 0) break; + + /* push out the bytes */ + goto again; + } + + /* Finally flush the underlying BIO */ + ret=BIO_ctrl(b->next_bio,cmd,num,ptr); + break; + case BIO_C_GET_CIPHER_STATUS: + ret=(long)ctx->ok; + break; + case BIO_C_DO_STATE_MACHINE: + BIO_clear_retry_flags(b); + ret=BIO_ctrl(b->next_bio,cmd,num,ptr); + BIO_copy_next_retry(b); + break; + + case BIO_CTRL_DUP: + dbio=(BIO *)ptr; + dctx=(BIO_ENC_CTX *)dbio->ptr; + memcpy(&(dctx->cipher),&(ctx->cipher),sizeof(ctx->cipher)); + dbio->init=1; + break; + default: + ret=BIO_ctrl(b->next_bio,cmd,num,ptr); + break; + } + return(ret); + } + +/* +void BIO_set_cipher_ctx(b,c) +BIO *b; +EVP_CIPHER_ctx *c; + { + if (b == NULL) return; + + if ((b->callback != NULL) && + (b->callback(b,BIO_CB_CTRL,(char *)c,BIO_CTRL_SET,e,0L) <= 0)) + return; + + b->init=1; + ctx=(BIO_ENC_CTX *)b->ptr; + memcpy(ctx->cipher,c,sizeof(EVP_CIPHER_CTX)); + + if (b->callback != NULL) + b->callback(b,BIO_CB_CTRL,(char *)c,BIO_CTRL_SET,e,1L); + } +*/ + +void BIO_set_cipher(b,c,k,i,e) +BIO *b; +EVP_CIPHER *c; +unsigned char *k; +unsigned char *i; +int e; + { + BIO_ENC_CTX *ctx; + + if (b == NULL) return; + + if ((b->callback != NULL) && + (b->callback(b,BIO_CB_CTRL,(char *)c,BIO_CTRL_SET,e,0L) <= 0)) + return; + + b->init=1; + ctx=(BIO_ENC_CTX *)b->ptr; + EVP_CipherInit(&(ctx->cipher),c,k,i,e); + + if (b->callback != NULL) + b->callback(b,BIO_CB_CTRL,(char *)c,BIO_CTRL_SET,e,1L); + } + diff --git a/src/lib/libcrypto/evp/bio_md.c b/src/lib/libcrypto/evp/bio_md.c new file mode 100644 index 0000000000..fa5fdc055b --- /dev/null +++ b/src/lib/libcrypto/evp/bio_md.c @@ -0,0 +1,270 @@ +/* crypto/evp/bio_md.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include +#include +#include "cryptlib.h" +#include "buffer.h" +#include "evp.h" + +/* BIO_put and BIO_get both add to the digest, + * BIO_gets returns the digest */ + +#ifndef NOPROTO +static int md_write(BIO *h,char *buf,int num); +static int md_read(BIO *h,char *buf,int size); +/*static int md_puts(BIO *h,char *str); */ +static int md_gets(BIO *h,char *str,int size); +static long md_ctrl(BIO *h,int cmd,long arg1,char *arg2); +static int md_new(BIO *h); +static int md_free(BIO *data); +#else +static int md_write(); +static int md_read(); +/*static int md_puts(); */ +static int md_gets(); +static long md_ctrl(); +static int md_new(); +static int md_free(); +#endif + +static BIO_METHOD methods_md= + { + BIO_TYPE_MD,"message digest", + md_write, + md_read, + NULL, /* md_puts, */ + md_gets, + md_ctrl, + md_new, + md_free, + }; + +BIO_METHOD *BIO_f_md() + { + return(&methods_md); + } + +static int md_new(bi) +BIO *bi; + { + EVP_MD_CTX *ctx; + + ctx=(EVP_MD_CTX *)Malloc(sizeof(EVP_MD_CTX)); + if (ctx == NULL) return(0); + + bi->init=0; + bi->ptr=(char *)ctx; + bi->flags=0; + return(1); + } + +static int md_free(a) +BIO *a; + { + if (a == NULL) return(0); + Free(a->ptr); + a->ptr=NULL; + a->init=0; + a->flags=0; + return(1); + } + +static int md_read(b,out,outl) +BIO *b; +char *out; +int outl; + { + int ret=0; + EVP_MD_CTX *ctx; + + if (out == NULL) return(0); + ctx=(EVP_MD_CTX *)b->ptr; + + if ((ctx == NULL) || (b->next_bio == NULL)) return(0); + + ret=BIO_read(b->next_bio,out,outl); + if (b->init) + { + if (ret > 0) + { + EVP_DigestUpdate(ctx,(unsigned char *)out, + (unsigned int)ret); + } + } + BIO_clear_retry_flags(b); + BIO_copy_next_retry(b); + return(ret); + } + +static int md_write(b,in,inl) +BIO *b; +char *in; +int inl; + { + int ret=0; + EVP_MD_CTX *ctx; + + if ((in == NULL) || (inl <= 0)) return(0); + ctx=(EVP_MD_CTX *)b->ptr; + + if ((ctx != NULL) && (b->next_bio != NULL)) + ret=BIO_write(b->next_bio,in,inl); + if (b->init) + { + if (ret > 0) + { + EVP_DigestUpdate(ctx,(unsigned char *)in, + (unsigned int)ret); + } + } + BIO_clear_retry_flags(b); + BIO_copy_next_retry(b); + return(ret); + } + +static long md_ctrl(b,cmd,num,ptr) +BIO *b; +int cmd; +long num; +char *ptr; + { + EVP_MD_CTX *ctx,*dctx,**pctx; + EVP_MD **ppmd; + EVP_MD *md; + long ret=1; + BIO *dbio; + + ctx=(EVP_MD_CTX *)b->ptr; + + switch (cmd) + { + case BIO_CTRL_RESET: + if (b->init) + EVP_DigestInit(ctx,ctx->digest); + else + ret=0; + ret=BIO_ctrl(b->next_bio,cmd,num,ptr); + break; + case BIO_C_GET_MD: + if (b->init) + { + ppmd=(EVP_MD **)ptr; + *ppmd=ctx->digest; + } + else + ret=0; + break; + case BIO_C_GET_MD_CTX: + if (b->init) + { + pctx=(EVP_MD_CTX **)ptr; + *pctx=ctx; + } + else + ret=0; + break; + case BIO_C_DO_STATE_MACHINE: + BIO_clear_retry_flags(b); + ret=BIO_ctrl(b->next_bio,cmd,num,ptr); + BIO_copy_next_retry(b); + break; + + case BIO_C_SET_MD: + md=(EVP_MD *)ptr; + EVP_DigestInit(ctx,md); + b->init=1; + break; + case BIO_CTRL_DUP: + dbio=(BIO *)ptr; + dctx=(EVP_MD_CTX *)dbio->ptr; + memcpy(dctx,ctx,sizeof(ctx)); + b->init=1; + break; + default: + ret=BIO_ctrl(b->next_bio,cmd,num,ptr); + break; + } + return(ret); + } + +static int md_gets(bp,buf,size) +BIO *bp; +char *buf; +int size; + { + EVP_MD_CTX *ctx; + unsigned int ret; + + + ctx=(EVP_MD_CTX *)bp->ptr; + if (size < ctx->digest->md_size) + return(0); + EVP_DigestFinal(ctx,(unsigned char *)buf,&ret); + return((int)ret); + } + +/* +static int md_puts(bp,str) +BIO *bp; +char *str; + { + return(-1); + } +*/ + diff --git a/src/lib/libcrypto/evp/c_all.c b/src/lib/libcrypto/evp/c_all.c new file mode 100644 index 0000000000..e77d1c896b --- /dev/null +++ b/src/lib/libcrypto/evp/c_all.c @@ -0,0 +1,190 @@ +/* crypto/evp/c_all.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include +#include "cryptlib.h" +#include "evp.h" +#include "objects.h" + +void SSLeay_add_all_algorithms() + { + SSLeay_add_all_ciphers(); + SSLeay_add_all_digests(); + } + +void SSLeay_add_all_ciphers() + { +#ifndef NO_DES + EVP_add_cipher(EVP_des_cfb()); + EVP_add_cipher(EVP_des_ede_cfb()); + EVP_add_cipher(EVP_des_ede3_cfb()); + + EVP_add_cipher(EVP_des_ofb()); + EVP_add_cipher(EVP_des_ede_ofb()); + EVP_add_cipher(EVP_des_ede3_ofb()); + + EVP_add_cipher(EVP_desx_cbc()); + EVP_add_alias(SN_desx_cbc,"DESX"); + EVP_add_alias(SN_desx_cbc,"desx"); + + EVP_add_cipher(EVP_des_cbc()); + EVP_add_alias(SN_des_cbc,"DES"); + EVP_add_alias(SN_des_cbc,"des"); + EVP_add_cipher(EVP_des_ede_cbc()); + EVP_add_cipher(EVP_des_ede3_cbc()); + EVP_add_alias(SN_des_ede3_cbc,"DES3"); + EVP_add_alias(SN_des_ede3_cbc,"des3"); + + EVP_add_cipher(EVP_des_ecb()); + EVP_add_cipher(EVP_des_ede()); + EVP_add_cipher(EVP_des_ede3()); +#endif + +#ifndef NO_RC4 + EVP_add_cipher(EVP_rc4()); + EVP_add_cipher(EVP_rc4_40()); +#endif + +#ifndef NO_IDEA + EVP_add_cipher(EVP_idea_ecb()); + EVP_add_cipher(EVP_idea_cfb()); + EVP_add_cipher(EVP_idea_ofb()); + EVP_add_cipher(EVP_idea_cbc()); + EVP_add_alias(SN_idea_cbc,"IDEA"); + EVP_add_alias(SN_idea_cbc,"idea"); +#endif + +#ifndef NO_RC2 + EVP_add_cipher(EVP_rc2_ecb()); + EVP_add_cipher(EVP_rc2_cfb()); + EVP_add_cipher(EVP_rc2_ofb()); + EVP_add_cipher(EVP_rc2_cbc()); + EVP_add_cipher(EVP_rc2_40_cbc()); + EVP_add_alias(SN_rc2_cbc,"RC2"); + EVP_add_alias(SN_rc2_cbc,"rc2"); +#endif + +#ifndef NO_BLOWFISH + EVP_add_cipher(EVP_bf_ecb()); + EVP_add_cipher(EVP_bf_cfb()); + EVP_add_cipher(EVP_bf_ofb()); + EVP_add_cipher(EVP_bf_cbc()); + EVP_add_alias(SN_bf_cbc,"BF"); + EVP_add_alias(SN_bf_cbc,"bf"); + EVP_add_alias(SN_bf_cbc,"blowfish"); +#endif + +#ifndef NO_CAST + EVP_add_cipher(EVP_cast5_ecb()); + EVP_add_cipher(EVP_cast5_cfb()); + EVP_add_cipher(EVP_cast5_ofb()); + EVP_add_cipher(EVP_cast5_cbc()); + EVP_add_alias(SN_cast5_cbc,"CAST"); + EVP_add_alias(SN_cast5_cbc,"cast"); + EVP_add_alias(SN_cast5_cbc,"CAST-cbc"); + EVP_add_alias(SN_cast5_cbc,"cast-cbc"); +#endif + +#ifndef NO_RC5 + EVP_add_cipher(EVP_rc5_32_12_16_ecb()); + EVP_add_cipher(EVP_rc5_32_12_16_cfb()); + EVP_add_cipher(EVP_rc5_32_12_16_ofb()); + EVP_add_cipher(EVP_rc5_32_12_16_cbc()); + EVP_add_alias(SN_rc5_cbc,"rc5"); + EVP_add_alias(SN_rc5_cbc,"RC5"); + EVP_add_alias(SN_rc5_cbc,"rc5-cbc"); + EVP_add_alias(SN_rc5_cbc,"RC5-cbc"); +#endif + } + + +void SSLeay_add_all_digests() + { +#ifndef NO_MD2 + EVP_add_digest(EVP_md2()); +#endif +#ifndef NO_MD5 + EVP_add_digest(EVP_md5()); + EVP_add_alias(SN_md5,"ssl2-md5"); + EVP_add_alias(SN_md5,"ssl3-md5"); +#endif +#ifndef NO_SHA + EVP_add_digest(EVP_sha()); +#ifndef NO_DSA + EVP_add_digest(EVP_dss()); +#endif +#endif +#ifndef NO_SHA1 + EVP_add_digest(EVP_sha1()); + EVP_add_alias(SN_sha1,"ssl3-sha1"); +#ifndef NO_DSA + EVP_add_digest(EVP_dss1()); + EVP_add_alias(SN_dsaWithSHA1,SN_dsaWithSHA1_2); + EVP_add_alias(SN_dsaWithSHA1,"DSS1"); + EVP_add_alias(SN_dsaWithSHA1,"dss1"); +#endif +#endif +#if !defined(NO_MDC2) && !defined(NO_DES) + EVP_add_digest(EVP_mdc2()); +#endif +#ifndef NO_RIPEMD160 + EVP_add_digest(EVP_ripemd160()); + EVP_add_alias(SN_ripemd160,"ripemd"); + EVP_add_alias(SN_ripemd160,"rmd160"); +#endif + } diff --git a/src/lib/libcrypto/evp/digest.c b/src/lib/libcrypto/evp/digest.c new file mode 100644 index 0000000000..d65f0036f7 --- /dev/null +++ b/src/lib/libcrypto/evp/digest.c @@ -0,0 +1,89 @@ +/* crypto/evp/digest.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include +#include "cryptlib.h" +#include "objects.h" +#include "evp.h" + +void EVP_DigestInit(ctx,type) +EVP_MD_CTX *ctx; +EVP_MD *type; + { + ctx->digest=type; + type->init(&(ctx->md)); + } + +void EVP_DigestUpdate(ctx,data,count) +EVP_MD_CTX *ctx; +unsigned char *data; +unsigned int count; + { + ctx->digest->update(&(ctx->md.base[0]),data,(unsigned long)count); + } + +void EVP_DigestFinal(ctx,md,size) +EVP_MD_CTX *ctx; +unsigned char *md; +unsigned int *size; + { + ctx->digest->final(md,&(ctx->md.base[0])); + if (size != NULL) + *size=ctx->digest->md_size; + memset(&(ctx->md),0,sizeof(ctx->md)); + } diff --git a/src/lib/libcrypto/evp/e_null.c b/src/lib/libcrypto/evp/e_null.c new file mode 100644 index 0000000000..e4e7ca7606 --- /dev/null +++ b/src/lib/libcrypto/evp/e_null.c @@ -0,0 +1,109 @@ +/* crypto/evp/e_null.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include +#include "cryptlib.h" +#include "evp.h" +#include "objects.h" + +#ifndef NOPROTO +static void null_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key, + unsigned char *iv,int enc); +static void null_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, + unsigned char *in, unsigned int inl); +#else +static void null_init_key(); +static void null_cipher(); +#endif + +static EVP_CIPHER n_cipher= + { + NID_undef, + 1,0,0, + null_init_key, + null_cipher, + NULL, + 0, + NULL, + NULL, + }; + +EVP_CIPHER *EVP_enc_null() + { + return(&n_cipher); + } + +static void null_init_key(ctx,key,iv,enc) +EVP_CIPHER_CTX *ctx; +unsigned char *key; +unsigned char *iv; +int enc; + { + memset(&(ctx->c),0,sizeof(ctx->c)); + } + +static void null_cipher(ctx,out,in,inl) +EVP_CIPHER_CTX *ctx; +unsigned char *out; +unsigned char *in; +unsigned int inl; + { + if (in != out) + memcpy((char *)out,(char *)in,(int)inl); + } + diff --git a/src/lib/libcrypto/evp/e_rc4.c b/src/lib/libcrypto/evp/e_rc4.c new file mode 100644 index 0000000000..7e9790a94c --- /dev/null +++ b/src/lib/libcrypto/evp/e_rc4.c @@ -0,0 +1,127 @@ +/* crypto/evp/e_rc4.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#ifndef NO_RC4 + +#include +#include "cryptlib.h" +#include "evp.h" +#include "objects.h" + +#ifndef NOPROTO +static void rc4_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key, + unsigned char *iv,int enc); +static void rc4_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, + unsigned char *in, unsigned int inl); +#else +static void rc4_init_key(); +static void rc4_cipher(); +#endif + +static EVP_CIPHER r4_cipher= + { + NID_rc4, + 1,EVP_RC4_KEY_SIZE,0, + rc4_init_key, + rc4_cipher, + NULL, + sizeof(EVP_CIPHER_CTX)-sizeof((((EVP_CIPHER_CTX *)NULL)->c))+ + sizeof((((EVP_CIPHER_CTX *)NULL)->c.rc4)), + NULL, + NULL, + }; + +static EVP_CIPHER r4_40_cipher= + { + NID_rc4_40, + 1,5 /* 40 bit */,0, + rc4_init_key, + rc4_cipher, + }; + +EVP_CIPHER *EVP_rc4() + { + return(&r4_cipher); + } + +EVP_CIPHER *EVP_rc4_40() + { + return(&r4_40_cipher); + } + +static void rc4_init_key(ctx,key,iv,enc) +EVP_CIPHER_CTX *ctx; +unsigned char *key; +unsigned char *iv; +int enc; + { + if (key != NULL) + memcpy(&(ctx->c.rc4.key[0]),key,EVP_CIPHER_CTX_key_length(ctx)); + RC4_set_key(&(ctx->c.rc4.ks),EVP_CIPHER_CTX_key_length(ctx), + ctx->c.rc4.key); + } + +static void rc4_cipher(ctx,out,in,inl) +EVP_CIPHER_CTX *ctx; +unsigned char *out; +unsigned char *in; +unsigned int inl; + { + RC4(&(ctx->c.rc4.ks),inl,in,out); + } +#endif diff --git a/src/lib/libcrypto/evp/e_xcbc_d.c b/src/lib/libcrypto/evp/e_xcbc_d.c new file mode 100644 index 0000000000..0d7fda0c47 --- /dev/null +++ b/src/lib/libcrypto/evp/e_xcbc_d.c @@ -0,0 +1,122 @@ +/* crypto/evp/e_xcbc_d.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include +#include "cryptlib.h" +#include "evp.h" +#include "objects.h" + +#ifndef NOPROTO +static void desx_cbc_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key, + unsigned char *iv,int enc); +static void desx_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, + unsigned char *in, unsigned int inl); +#else +static void desx_cbc_init_key(); +static void desx_cbc_cipher(); +#endif + +static EVP_CIPHER d_xcbc_cipher= + { + NID_desx_cbc, + 8,24,8, + desx_cbc_init_key, + desx_cbc_cipher, + NULL, + sizeof(EVP_CIPHER_CTX)-sizeof((((EVP_CIPHER_CTX *)NULL)->c))+ + sizeof((((EVP_CIPHER_CTX *)NULL)->c.desx_cbc)), + EVP_CIPHER_set_asn1_iv, + EVP_CIPHER_get_asn1_iv, + }; + +EVP_CIPHER *EVP_desx_cbc() + { + return(&d_xcbc_cipher); + } + +static void desx_cbc_init_key(ctx,key,iv,enc) +EVP_CIPHER_CTX *ctx; +unsigned char *key; +unsigned char *iv; +int enc; + { + if (iv != NULL) + memcpy(&(ctx->oiv[0]),iv,8); + memcpy(&(ctx->iv[0]),&(ctx->oiv[0]),8); + if (key != NULL) + { + des_set_key((des_cblock *)key,ctx->c.desx_cbc.ks); + memcpy(&(ctx->c.desx_cbc.inw[0]),&(key[8]),8); + memcpy(&(ctx->c.desx_cbc.outw[0]),&(key[16]),8); + } + } + +static void desx_cbc_cipher(ctx,out,in,inl) +EVP_CIPHER_CTX *ctx; +unsigned char *out; +unsigned char *in; +unsigned int inl; + { + des_xcbc_encrypt( + (des_cblock *)in,(des_cblock *)out, + (long)inl, ctx->c.desx_cbc.ks, + (des_cblock *)&(ctx->iv[0]), + (des_cblock *)&(ctx->c.desx_cbc.inw[0]), + (des_cblock *)&(ctx->c.desx_cbc.outw[0]), + ctx->encrypt); + } diff --git a/src/lib/libcrypto/evp/encode.c b/src/lib/libcrypto/evp/encode.c new file mode 100644 index 0000000000..14d47c1eed --- /dev/null +++ b/src/lib/libcrypto/evp/encode.c @@ -0,0 +1,438 @@ +/* crypto/evp/encode.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include +#include "cryptlib.h" +#include "evp.h" + +#define conv_bin2ascii(a) (data_bin2ascii[(a)&0x3f]) +#define conv_ascii2bin(a) (data_ascii2bin[(a)&0x7f]) + +/* 64 char lines + * pad input with 0 + * left over chars are set to = + * 1 byte => xx== + * 2 bytes => xxx= + * 3 bytes => xxxx + */ +#define BIN_PER_LINE (64/4*3) +#define CHUNKS_PER_LINE (64/4) +#define CHAR_PER_LINE (64+1) + +static unsigned char data_bin2ascii[65]="ABCDEFGHIJKLMNOPQRSTUVWXYZ\ +abcdefghijklmnopqrstuvwxyz0123456789+/"; + +/* 0xF0 is a EOLN + * 0xF1 is ignore but next needs to be 0xF0 (for \r\n processing). + * 0xF2 is EOF + * 0xE0 is ignore at start of line. + * 0xFF is error + */ + +#define B64_EOLN 0xF0 +#define B64_CR 0xF1 +#define B64_EOF 0xF2 +#define B64_WS 0xE0 +#define B64_ERROR 0xFF +#define B64_NOT_BASE64(a) (((a)|0x13) == 0xF3) + +static unsigned char data_ascii2bin[128]={ + 0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF, + 0xFF,0xE0,0xF0,0xFF,0xFF,0xF1,0xFF,0xFF, + 0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF, + 0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF, + 0xE0,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF, + 0xFF,0xFF,0xFF,0x3E,0xFF,0xF2,0xFF,0x3F, + 0x34,0x35,0x36,0x37,0x38,0x39,0x3A,0x3B, + 0x3C,0x3D,0xFF,0xFF,0xFF,0x00,0xFF,0xFF, + 0xFF,0x00,0x01,0x02,0x03,0x04,0x05,0x06, + 0x07,0x08,0x09,0x0A,0x0B,0x0C,0x0D,0x0E, + 0x0F,0x10,0x11,0x12,0x13,0x14,0x15,0x16, + 0x17,0x18,0x19,0xFF,0xFF,0xFF,0xFF,0xFF, + 0xFF,0x1A,0x1B,0x1C,0x1D,0x1E,0x1F,0x20, + 0x21,0x22,0x23,0x24,0x25,0x26,0x27,0x28, + 0x29,0x2A,0x2B,0x2C,0x2D,0x2E,0x2F,0x30, + 0x31,0x32,0x33,0xFF,0xFF,0xFF,0xFF,0xFF, + }; + +void EVP_EncodeInit(ctx) +EVP_ENCODE_CTX *ctx; + { + ctx->length=48; + ctx->num=0; + ctx->line_num=0; + } + +void EVP_EncodeUpdate(ctx,out,outl,in,inl) +EVP_ENCODE_CTX *ctx; +unsigned char *out; +int *outl; +unsigned char *in; +int inl; + { + int i,j; + unsigned int total=0; + + *outl=0; + if (inl == 0) return; + if ((ctx->num+inl) < ctx->length) + { + memcpy(&(ctx->enc_data[ctx->num]),in,inl); + ctx->num+=inl; + return; + } + if (ctx->num != 0) + { + i=ctx->length-ctx->num; + memcpy(&(ctx->enc_data[ctx->num]),in,i); + in+=i; + inl-=i; + j=EVP_EncodeBlock(out,ctx->enc_data,ctx->length); + ctx->num=0; + out+=j; + *(out++)='\n'; + *out='\0'; + total=j+1; + } + while (inl >= ctx->length) + { + j=EVP_EncodeBlock(out,in,ctx->length); + in+=ctx->length; + inl-=ctx->length; + out+=j; + *(out++)='\n'; + *out='\0'; + total+=j+1; + } + if (inl != 0) + memcpy(&(ctx->enc_data[0]),in,inl); + ctx->num=inl; + *outl=total; + } + +void EVP_EncodeFinal(ctx,out,outl) +EVP_ENCODE_CTX *ctx; +unsigned char *out; +int *outl; + { + unsigned int ret=0; + + if (ctx->num != 0) + { + ret=EVP_EncodeBlock(out,ctx->enc_data,ctx->num); + out[ret++]='\n'; + out[ret]='\0'; + ctx->num=0; + } + *outl=ret; + } + +int EVP_EncodeBlock(t,f,dlen) +unsigned char *t,*f; +int dlen; + { + int i,ret=0; + unsigned long l; + + for (i=dlen; i > 0; i-=3) + { + if (i >= 3) + { + l= (((unsigned long)f[0])<<16L)| + (((unsigned long)f[1])<< 8L)|f[2]; + *(t++)=conv_bin2ascii(l>>18L); + *(t++)=conv_bin2ascii(l>>12L); + *(t++)=conv_bin2ascii(l>> 6L); + *(t++)=conv_bin2ascii(l ); + } + else + { + l=((unsigned long)f[0])<<16L; + if (i == 2) l|=((unsigned long)f[1]<<8L); + + *(t++)=conv_bin2ascii(l>>18L); + *(t++)=conv_bin2ascii(l>>12L); + *(t++)=(i == 1)?'=':conv_bin2ascii(l>> 6L); + *(t++)='='; + } + ret+=4; + f+=3; + } + + *t='\0'; + return(ret); + } + +void EVP_DecodeInit(ctx) +EVP_ENCODE_CTX *ctx; + { + ctx->length=30; + ctx->num=0; + ctx->line_num=0; + ctx->expect_nl=0; + } + +/* -1 for error + * 0 for last line + * 1 for full line + */ +int EVP_DecodeUpdate(ctx,out,outl,in,inl) +EVP_ENCODE_CTX *ctx; +unsigned char *out; +int *outl; +unsigned char *in; +int inl; + { + int seof= -1,eof=0,rv= -1,ret=0,i,v,tmp,n,ln,tmp2,exp_nl; + unsigned char *d; + + n=ctx->num; + d=ctx->enc_data; + ln=ctx->line_num; + exp_nl=ctx->expect_nl; + + /* last line of input. */ + if ((inl == 0) || ((n == 0) && (conv_ascii2bin(in[0]) == B64_EOF))) + { rv=0; goto end; } + + /* We parse the input data */ + for (i=0; i 80 characters, scream alot */ + if (ln >= 80) { rv= -1; goto end; } + + /* Get char and put it into the buffer */ + tmp= *(in++); + v=conv_ascii2bin(tmp); + /* only save the good data :-) */ + if (!B64_NOT_BASE64(v)) + { + d[n++]=tmp; + ln++; + } + else if (v == B64_ERROR) + { + rv= -1; + goto end; + } + + /* have we seen a '=' which is 'definitly' the last + * input line. seof will point to the character that + * holds it. and eof will hold how many characters to + * chop off. */ + if (tmp == '=') + { + if (seof == -1) seof=n; + eof++; + } + + /* eoln */ + if (v == B64_EOLN) + { + ln=0; + if (exp_nl) + { + exp_nl=0; + continue; + } + } + exp_nl=0; + + /* If we are at the end of input and it looks like a + * line, process it. */ + if (((i+1) == inl) && (((n&3) == 0) || eof)) + v=B64_EOF; + + if ((v == B64_EOF) || (n >= 64)) + { + /* This is needed to work correctly on 64 byte input + * lines. We process the line and then need to + * accept the '\n' */ + if ((v != B64_EOF) && (n >= 64)) exp_nl=1; + tmp2=v; + if (n > 0) + { + v=EVP_DecodeBlock(out,d,n); + if (v < 0) { rv=0; goto end; } + n=0; + ret+=(v-eof); + } + else + { + eof=1; + v=0; + } + + /* This is the case where we have had a short + * but valid input line */ + if ((v < ctx->length) && eof) + { + rv=0; + goto end; + } + else + ctx->length=v; + + if (seof >= 0) { rv=0; goto end; } + out+=v; + } + } + rv=1; +end: + *outl=ret; + ctx->num=n; + ctx->line_num=ln; + ctx->expect_nl=exp_nl; + return(rv); + } + +int EVP_DecodeBlock(t,f,n) +unsigned char *t,*f; +int n; + { + int i,ret=0,a,b,c,d; + unsigned long l; + + /* trim white space from the start of the line. */ + while ((conv_ascii2bin(*f) == B64_WS) && (n > 0)) + { + f++; + n--; + } + + /* strip off stuff at the end of the line + * ascii2bin values B64_WS, B64_EOLN, B64_EOLN and B64_EOF */ + while ((n > 3) && (B64_NOT_BASE64(conv_ascii2bin(f[n-1])))) + n--; + + if (n%4 != 0) return(-1); + + for (i=0; i>16L)&0xff; + *(t++)=(unsigned char)(l>> 8L)&0xff; + *(t++)=(unsigned char)(l )&0xff; + ret+=3; + } + return(ret); + } + +int EVP_DecodeFinal(ctx,out,outl) +EVP_ENCODE_CTX *ctx; +unsigned char *out; +int *outl; + { + int i; + + *outl=0; + if (ctx->num != 0) + { + i=EVP_DecodeBlock(out,ctx->enc_data,ctx->num); + if (i < 0) return(-1); + ctx->num=0; + *outl=i; + return(1); + } + else + return(1); + } + +#ifdef undef +int EVP_DecodeValid(buf,len) +unsigned char *buf; +int len; + { + int i,num=0,bad=0; + + if (len == 0) return(-1); + while (conv_ascii2bin(*buf) == B64_WS) + { + buf++; + len--; + if (len == 0) return(-1); + } + + for (i=len; i >= 4; i-=4) + { + if ( (conv_ascii2bin(buf[0]) >= 0x40) || + (conv_ascii2bin(buf[1]) >= 0x40) || + (conv_ascii2bin(buf[2]) >= 0x40) || + (conv_ascii2bin(buf[3]) >= 0x40)) + return(-1); + buf+=4; + num+=1+(buf[2] != '=')+(buf[3] != '='); + } + if ((i == 1) && (conv_ascii2bin(buf[0]) == B64_EOLN)) + return(num); + if ((i == 2) && (conv_ascii2bin(buf[0]) == B64_EOLN) && + (conv_ascii2bin(buf[0]) == B64_EOLN)) + return(num); + return(1); + } +#endif diff --git a/src/lib/libcrypto/evp/evp.h b/src/lib/libcrypto/evp/evp.h new file mode 100644 index 0000000000..b39fad93a4 --- /dev/null +++ b/src/lib/libcrypto/evp/evp.h @@ -0,0 +1,793 @@ +/* crypto/evp/evp.h */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#ifndef HEADER_ENVELOPE_H +#define HEADER_ENVELOPE_H + +#ifdef __cplusplus +extern "C" { +#endif + +#ifndef NO_MD2 +#include "md2.h" +#endif +#ifndef NO_MD5 +#include "md5.h" +#endif +#if !defined(NO_SHA) || !defined(NO_SHA1) +#include "sha.h" +#endif +#ifndef NO_RIPEMD +#include "ripemd.h" +#endif +#ifndef NO_DES +#include "des.h" +#endif +#ifndef NO_RC4 +#include "rc4.h" +#endif +#ifndef NO_RC2 +#include "rc2.h" +#endif +#ifndef NO_RC5 +#include "rc5.h" +#endif +#ifndef NO_BLOWFISH +#include "blowfish.h" +#endif +#ifndef NO_CAST +#include "cast.h" +#endif +#ifndef NO_IDEA +#include "idea.h" +#endif +#ifndef NO_MDC2 +#include "mdc2.h" +#endif + +#define EVP_RC2_KEY_SIZE 16 +#define EVP_RC4_KEY_SIZE 16 +#define EVP_BLOWFISH_KEY_SIZE 16 +#define EVP_CAST5_KEY_SIZE 16 +#define EVP_RC5_32_12_16_KEY_SIZE 16 +#define EVP_MAX_MD_SIZE (16+20) /* The SSLv3 md5+sha1 type */ +#define EVP_MAX_KEY_LENGTH 24 +#define EVP_MAX_IV_LENGTH 8 + +#ifndef NO_RSA +#include "rsa.h" +#else +#define RSA long +#endif + +#ifndef NO_DSA +#include "dsa.h" +#else +#define DSA long +#endif + +#ifndef NO_DH +#include "dh.h" +#else +#define DH long +#endif + +#include "objects.h" + +#define EVP_PK_RSA 0x0001 +#define EVP_PK_DSA 0x0002 +#define EVP_PK_DH 0x0004 +#define EVP_PKT_SIGN 0x0010 +#define EVP_PKT_ENC 0x0020 +#define EVP_PKT_EXCH 0x0040 +#define EVP_PKS_RSA 0x0100 +#define EVP_PKS_DSA 0x0200 +#define EVP_PKT_EXP 0x1000 /* <= 512 bit key */ + +#define EVP_PKEY_NONE NID_undef +#define EVP_PKEY_RSA NID_rsaEncryption +#define EVP_PKEY_RSA2 NID_rsa +#define EVP_PKEY_DSA NID_dsa +#define EVP_PKEY_DSA1 NID_dsa_2 +#define EVP_PKEY_DSA2 NID_dsaWithSHA +#define EVP_PKEY_DSA3 NID_dsaWithSHA1 +#define EVP_PKEY_DSA4 NID_dsaWithSHA1_2 +#define EVP_PKEY_DH NID_dhKeyAgreement + +/* Type needs to be a bit field + * Sub-type needs to be for variations on the method, as in, can it do + * arbitary encryption.... */ +typedef struct evp_pkey_st + { + int type; + int save_type; + int references; + union { + char *ptr; + struct rsa_st *rsa; /* RSA */ + struct dsa_st *dsa; /* DSA */ + struct dh_st *dh; /* DH */ + } pkey; + int save_parameters; +#ifdef HEADER_STACK_H + STACK /* X509_ATTRIBUTE */ *attributes; /* [ 0 ] */ +#else + char /* X509_ATTRIBUTE */ *attributes; /* [ 0 ] */ +#endif + } EVP_PKEY; + +#define EVP_PKEY_MO_SIGN 0x0001 +#define EVP_PKEY_MO_VERIFY 0x0002 +#define EVP_PKEY_MO_ENCRYPT 0x0004 +#define EVP_PKEY_MO_DECRYPT 0x0008 + +#if 0 +/* This structure is required to tie the message digest and signing together. + * The lookup can be done by md/pkey_method, oid, oid/pkey_method, or + * oid, md and pkey. + * This is required because for various smart-card perform the digest and + * signing/verification on-board. To handle this case, the specific + * EVP_MD and EVP_PKEY_METHODs need to be closely associated. + * When a PKEY is created, it will have a EVP_PKEY_METHOD ossociated with it. + * This can either be software or a token to provide the required low level + * routines. + */ +typedef struct evp_pkey_md_st + { + int oid; + EVP_MD *md; + EVP_PKEY_METHOD *pkey; + } EVP_PKEY_MD; + +#define EVP_rsa_md2() + EVP_PKEY_MD_add(NID_md2WithRSAEncryption,\ + EVP_rsa_pkcs1(),EVP_md2()) +#define EVP_rsa_md5() + EVP_PKEY_MD_add(NID_md5WithRSAEncryption,\ + EVP_rsa_pkcs1(),EVP_md5()) +#define EVP_rsa_sha0() + EVP_PKEY_MD_add(NID_shaWithRSAEncryption,\ + EVP_rsa_pkcs1(),EVP_sha()) +#define EVP_rsa_sha1() + EVP_PKEY_MD_add(NID_sha1WithRSAEncryption,\ + EVP_rsa_pkcs1(),EVP_sha1()) +#define EVP_rsa_ripemd160() + EVP_PKEY_MD_add(NID_ripemd160WithRSA,\ + EVP_rsa_pkcs1(),EVP_ripemd160()) +#define EVP_rsa_mdc2() + EVP_PKEY_MD_add(NID_mdc2WithRSA,\ + EVP_rsa_octet_string(),EVP_mdc2()) +#define EVP_dsa_sha() + EVP_PKEY_MD_add(NID_dsaWithSHA,\ + EVP_dsa(),EVP_mdc2()) +#define EVP_dsa_sha1() + EVP_PKEY_MD_add(NID_dsaWithSHA1,\ + EVP_dsa(),EVP_sha1()) + +typedef struct evp_pkey_method_st + { + char *name; + int flags; + int type; /* RSA, DSA, an SSLeay specific constant */ + int oid; /* For the pub-key type */ + int encrypt_oid; /* pub/priv key encryption */ + + int (*sign)(); + int (*verify)(); + struct { + int + int (*set)(); /* get and/or set the underlying type */ + int (*get)(); + int (*encrypt)(); + int (*decrypt)(); + int (*i2d)(); + int (*d2i)(); + int (*dup)(); + } pub,priv; + int (*set_asn1_parameters)(); + int (*get_asn1_parameters)(); + } EVP_PKEY_METHOD; +#endif + +#ifndef EVP_MD +typedef struct env_md_st + { + int type; + int pkey_type; + int md_size; + void (*init)(); + void (*update)(); + void (*final)(); + + int (*sign)(); + int (*verify)(); + int required_pkey_type[5]; /*EVP_PKEY_xxx */ + int block_size; + int ctx_size; /* how big does the ctx need to be */ + } EVP_MD; + +#define EVP_PKEY_NULL_method NULL,NULL,{0,0,0,0} + +#ifndef NO_DSA +#define EVP_PKEY_DSA_method DSA_sign,DSA_verify, \ + {EVP_PKEY_DSA,EVP_PKEY_DSA2,EVP_PKEY_DSA3, \ + EVP_PKEY_DSA4,0} +#else +#define EVP_PKEY_DSA_method EVP_PKEY_NULL_method +#endif + +#ifndef NO_RSA +#define EVP_PKEY_RSA_method RSA_sign,RSA_verify, \ + {EVP_PKEY_RSA,EVP_PKEY_RSA2,0,0} +#define EVP_PKEY_RSA_ASN1_OCTET_STRING_method \ + RSA_sign_ASN1_OCTET_STRING, \ + RSA_verify_ASN1_OCTET_STRING, \ + {EVP_PKEY_RSA,EVP_PKEY_RSA2,0,0} +#else +#define EVP_PKEY_RSA_method EVP_PKEY_NULL_method +#define EVP_PKEY_RSA_ASN1_OCTET_STRING_method EVP_PKEY_NULL_method +#endif + +#endif /* !EVP_MD */ + +typedef struct env_md_ctx_st + { + EVP_MD *digest; + union { + unsigned char base[4]; +#ifndef NO_MD2 + MD2_CTX md2; +#endif +#ifndef NO_MD5 + MD5_CTX md5; +#endif +#ifndef NO_MD5 + RIPEMD160_CTX ripemd160; +#endif +#if !defined(NO_SHA) || !defined(NO_SHA1) + SHA_CTX sha; +#endif +#ifndef NO_MDC2 + MDC2_CTX mdc2; +#endif + } md; + } EVP_MD_CTX; + +typedef struct evp_cipher_st + { + int nid; + int block_size; + int key_len; + int iv_len; + void (*init)(); /* init for encryption */ + void (*do_cipher)(); /* encrypt data */ + void (*cleanup)(); /* used by cipher method */ + int ctx_size; /* how big the ctx needs to be */ + /* int set_asn1_parameters(EVP_CIPHER_CTX,ASN1_TYPE *); */ + int (*set_asn1_parameters)(); /* Populate a ASN1_TYPE with parameters */ + /* int get_asn1_parameters(EVP_CIPHER_CTX,ASN1_TYPE *); */ + int (*get_asn1_parameters)(); /* Get parameters from a ASN1_TYPE */ + } EVP_CIPHER; + +typedef struct evp_cipher_info_st + { + EVP_CIPHER *cipher; + unsigned char iv[EVP_MAX_IV_LENGTH]; + } EVP_CIPHER_INFO; + +typedef struct evp_cipher_ctx_st + { + EVP_CIPHER *cipher; + int encrypt; /* encrypt or decrypt */ + int buf_len; /* number we have left */ + + unsigned char oiv[EVP_MAX_IV_LENGTH]; /* original iv */ + unsigned char iv[EVP_MAX_IV_LENGTH]; /* working iv */ + unsigned char buf[EVP_MAX_IV_LENGTH]; /* saved partial block */ + int num; /* used by cfb/ofb mode */ + + char *app_data; /* aplication stuff */ + union { +#ifndef NO_RC4 + struct + { + unsigned char key[EVP_RC4_KEY_SIZE]; + RC4_KEY ks; /* working key */ + } rc4; +#endif +#ifndef NO_DES + des_key_schedule des_ks;/* key schedule */ + struct + { + des_key_schedule ks;/* key schedule */ + C_Block inw; + C_Block outw; + } desx_cbc; + struct + { + des_key_schedule ks1;/* key schedule */ + des_key_schedule ks2;/* key schedule (for ede) */ + des_key_schedule ks3;/* key schedule (for ede3) */ + } des_ede; +#endif +#ifndef NO_IDEA + IDEA_KEY_SCHEDULE idea_ks;/* key schedule */ +#endif +#ifndef NO_RC2 + RC2_KEY rc2_ks;/* key schedule */ +#endif +#ifndef NO_RC5 + RC5_32_KEY rc5_ks;/* key schedule */ +#endif +#ifndef NO_BLOWFISH + BF_KEY bf_ks;/* key schedule */ +#endif +#ifndef NO_CAST + CAST_KEY cast_ks;/* key schedule */ +#endif + } c; + } EVP_CIPHER_CTX; + +typedef struct evp_Encode_Ctx_st + { + int num; /* number saved in a partial encode/decode */ + int length; /* The length is either the output line length + * (in input bytes) or the shortest input line + * length that is ok. Once decoding begins, + * the length is adjusted up each time a longer + * line is decoded */ + unsigned char enc_data[80]; /* data to encode */ + int line_num; /* number read on current line */ + int expect_nl; + } EVP_ENCODE_CTX; + +#define EVP_PKEY_assign_RSA(pkey,rsa) EVP_PKEY_assign((pkey),EVP_PKEY_RSA,\ + (char *)(rsa)) +#define EVP_PKEY_assign_DSA(pkey,dsa) EVP_PKEY_assign((pkey),EVP_PKEY_DSA,\ + (char *)(dsa)) +#define EVP_PKEY_assign_DH(pkey,dh) EVP_PKEY_assign((pkey),EVP_PKEY_DH,\ + (char *)(dh)) + +/* Add some extra combinations */ +#define EVP_get_digestbynid(a) EVP_get_digestbyname(OBJ_nid2sn(a)) +#define EVP_get_digestbyobj(a) EVP_get_digestbynid(OBJ_obj2nid(a)) +#define EVP_get_cipherbynid(a) EVP_get_cipherbyname(OBJ_nid2sn(a)) +#define EVP_get_cipherbyobj(a) EVP_get_cipherbynid(OBJ_obj2nid(a)) + +#define EVP_MD_type(e) ((e)->type) +#define EVP_MD_pkey_type(e) ((e)->pkey_type) +#define EVP_MD_size(e) ((e)->md_size) +#define EVP_MD_block_size(e) ((e)->block_size) + +#define EVP_MD_CTX_size(e) EVP_MD_size((e)->digest) +#define EVP_MD_CTX_block_size(e) EVP_MD_block_size((e)->digest) +#define EVP_MD_CTX_type(e) ((e)->digest) + +#define EVP_CIPHER_nid(e) ((e)->nid) +#define EVP_CIPHER_block_size(e) ((e)->block_size) +#define EVP_CIPHER_key_length(e) ((e)->key_len) +#define EVP_CIPHER_iv_length(e) ((e)->iv_len) + +#define EVP_CIPHER_CTX_cipher(e) ((e)->cipher) +#define EVP_CIPHER_CTX_nid(e) ((e)->cipher->nid) +#define EVP_CIPHER_CTX_block_size(e) ((e)->cipher->block_size) +#define EVP_CIPHER_CTX_key_length(e) ((e)->cipher->key_len) +#define EVP_CIPHER_CTX_iv_length(e) ((e)->cipher->iv_len) +#define EVP_CIPHER_CTX_get_app_data(e) ((e)->app_data) +#define EVP_CIPHER_CTX_set_app_data(e,d) ((e)->app_data=(char *)(d)) + +#define EVP_ENCODE_LENGTH(l) (((l+2)/3*4)+(l/48+1)*2+80) +#define EVP_DECODE_LENGTH(l) ((l+3)/4*3+80) + +#define EVP_SignInit(a,b) EVP_DigestInit(a,b) +#define EVP_SignUpdate(a,b,c) EVP_DigestUpdate(a,b,c) +#define EVP_VerifyInit(a,b) EVP_DigestInit(a,b) +#define EVP_VerifyUpdate(a,b,c) EVP_DigestUpdate(a,b,c) +#define EVP_OpenUpdate(a,b,c,d,e) EVP_DecryptUpdate(a,b,c,d,e) +#define EVP_SealUpdate(a,b,c,d,e) EVP_EncryptUpdate(a,b,c,d,e) + +#define BIO_set_md(b,md) BIO_ctrl(b,BIO_C_SET_MD,0,(char *)md) +#define BIO_get_md(b,mdp) BIO_ctrl(b,BIO_C_GET_MD,0,(char *)mdp) +#define BIO_get_md_ctx(b,mdcp) BIO_ctrl(b,BIO_C_GET_MD_CTX,0,(char *)mdcp) +#define BIO_get_cipher_status(b) BIO_ctrl(b,BIO_C_GET_CIPHER_STATUS,0,NULL) + +#define EVP_Cipher(c,o,i,l) (c)->cipher->do_cipher((c),(o),(i),(l)) + +#ifndef NOPROTO + +void EVP_DigestInit(EVP_MD_CTX *ctx, EVP_MD *type); +void EVP_DigestUpdate(EVP_MD_CTX *ctx,unsigned char *d,unsigned int cnt); +void EVP_DigestFinal(EVP_MD_CTX *ctx,unsigned char *md,unsigned int *s); + +int EVP_read_pw_string(char *buf,int length,char *prompt,int verify); +void EVP_set_pw_prompt(char *prompt); +char * EVP_get_pw_prompt(void); + +int EVP_BytesToKey(EVP_CIPHER *type,EVP_MD *md,unsigned char *salt, + unsigned char *data, int datal, int count, + unsigned char *key,unsigned char *iv); + +EVP_CIPHER *EVP_get_cipherbyname(char *name); + +void EVP_EncryptInit(EVP_CIPHER_CTX *ctx,EVP_CIPHER *type, + unsigned char *key, unsigned char *iv); +void EVP_EncryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, + int *outl, unsigned char *in, int inl); +void EVP_EncryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl); + +void EVP_DecryptInit(EVP_CIPHER_CTX *ctx,EVP_CIPHER *type, + unsigned char *key, unsigned char *iv); +void EVP_DecryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, + int *outl, unsigned char *in, int inl); +int EVP_DecryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl); + +void EVP_CipherInit(EVP_CIPHER_CTX *ctx,EVP_CIPHER *type, unsigned char *key, + unsigned char *iv,int enc); +void EVP_CipherUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, + int *outl, unsigned char *in, int inl); +int EVP_CipherFinal(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl); + +int EVP_SignFinal(EVP_MD_CTX *ctx,unsigned char *md,unsigned int *s, + EVP_PKEY *pkey); + +int EVP_VerifyFinal(EVP_MD_CTX *ctx,unsigned char *sigbuf, + unsigned int siglen,EVP_PKEY *pkey); + +int EVP_OpenInit(EVP_CIPHER_CTX *ctx,EVP_CIPHER *type,unsigned char *ek, + int ekl,unsigned char *iv,EVP_PKEY *priv); +int EVP_OpenFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl); + +int EVP_SealInit(EVP_CIPHER_CTX *ctx, EVP_CIPHER *type, unsigned char **ek, + int *ekl, unsigned char *iv,EVP_PKEY **pubk, int npubk); +void EVP_SealFinal(EVP_CIPHER_CTX *ctx,unsigned char *out,int *outl); + +void EVP_EncodeInit(EVP_ENCODE_CTX *ctx); +void EVP_EncodeUpdate(EVP_ENCODE_CTX *ctx,unsigned char *out, + int *outl,unsigned char *in,int inl); +void EVP_EncodeFinal(EVP_ENCODE_CTX *ctx,unsigned char *out,int *outl); +int EVP_EncodeBlock(unsigned char *t, unsigned char *f, int n); + +void EVP_DecodeInit(EVP_ENCODE_CTX *ctx); +int EVP_DecodeUpdate(EVP_ENCODE_CTX *ctx,unsigned char *out,int *outl, + unsigned char *in, int inl); +int EVP_DecodeFinal(EVP_ENCODE_CTX *ctx, unsigned + char *out, int *outl); +int EVP_DecodeBlock(unsigned char *t, unsigned + char *f, int n); + +void ERR_load_EVP_strings(void ); + +void EVP_CIPHER_CTX_init(EVP_CIPHER_CTX *a); +void EVP_CIPHER_CTX_cleanup(EVP_CIPHER_CTX *a); + +#ifdef HEADER_BIO_H +BIO_METHOD *BIO_f_md(void); +BIO_METHOD *BIO_f_base64(void); +BIO_METHOD *BIO_f_cipher(void); +void BIO_set_cipher(BIO *b,EVP_CIPHER *c,unsigned char *k, + unsigned char *i, int enc); +#endif + +EVP_MD *EVP_md_null(void); +EVP_MD *EVP_md2(void); +EVP_MD *EVP_md5(void); +EVP_MD *EVP_sha(void); +EVP_MD *EVP_sha1(void); +EVP_MD *EVP_dss(void); +EVP_MD *EVP_dss1(void); +EVP_MD *EVP_mdc2(void); +EVP_MD *EVP_ripemd160(void); + +EVP_CIPHER *EVP_enc_null(void); /* does nothing :-) */ +EVP_CIPHER *EVP_des_ecb(void); +EVP_CIPHER *EVP_des_ede(void); +EVP_CIPHER *EVP_des_ede3(void); +EVP_CIPHER *EVP_des_cfb(void); +EVP_CIPHER *EVP_des_ede_cfb(void); +EVP_CIPHER *EVP_des_ede3_cfb(void); +EVP_CIPHER *EVP_des_ofb(void); +EVP_CIPHER *EVP_des_ede_ofb(void); +EVP_CIPHER *EVP_des_ede3_ofb(void); +EVP_CIPHER *EVP_des_cbc(void); +EVP_CIPHER *EVP_des_ede_cbc(void); +EVP_CIPHER *EVP_des_ede3_cbc(void); +EVP_CIPHER *EVP_desx_cbc(void); +EVP_CIPHER *EVP_rc4(void); +EVP_CIPHER *EVP_rc4_40(void); +EVP_CIPHER *EVP_idea_ecb(void); +EVP_CIPHER *EVP_idea_cfb(void); +EVP_CIPHER *EVP_idea_ofb(void); +EVP_CIPHER *EVP_idea_cbc(void); +EVP_CIPHER *EVP_rc2_ecb(void); +EVP_CIPHER *EVP_rc2_cbc(void); +EVP_CIPHER *EVP_rc2_40_cbc(void); +EVP_CIPHER *EVP_rc2_cfb(void); +EVP_CIPHER *EVP_rc2_ofb(void); +EVP_CIPHER *EVP_bf_ecb(void); +EVP_CIPHER *EVP_bf_cbc(void); +EVP_CIPHER *EVP_bf_cfb(void); +EVP_CIPHER *EVP_bf_ofb(void); +EVP_CIPHER *EVP_cast5_ecb(void); +EVP_CIPHER *EVP_cast5_cbc(void); +EVP_CIPHER *EVP_cast5_cfb(void); +EVP_CIPHER *EVP_cast5_ofb(void); +EVP_CIPHER *EVP_rc5_32_12_16_cbc(void); +EVP_CIPHER *EVP_rc5_32_12_16_ecb(void); +EVP_CIPHER *EVP_rc5_32_12_16_cfb(void); +EVP_CIPHER *EVP_rc5_32_12_16_ofb(void); + +void SSLeay_add_all_algorithms(void); +void SSLeay_add_all_ciphers(void); +void SSLeay_add_all_digests(void); + +int EVP_add_cipher(EVP_CIPHER *cipher); +int EVP_add_digest(EVP_MD *digest); +int EVP_add_alias(char *name,char *alias); +int EVP_delete_alias(char *name); + +EVP_CIPHER *EVP_get_cipherbyname(char *name); +EVP_MD *EVP_get_digestbyname(char *name); +void EVP_cleanup(void); + +int EVP_PKEY_decrypt(unsigned char *dec_key,unsigned char *enc_key, + int enc_key_len,EVP_PKEY *private_key); +int EVP_PKEY_encrypt(unsigned char *enc_key, + unsigned char *key,int key_len,EVP_PKEY *pub_key); +int EVP_PKEY_type(int type); +int EVP_PKEY_bits(EVP_PKEY *pkey); +int EVP_PKEY_size(EVP_PKEY *pkey); +int EVP_PKEY_assign(EVP_PKEY *pkey,int type,char *key); +EVP_PKEY * EVP_PKEY_new(void); +void EVP_PKEY_free(EVP_PKEY *pkey); +EVP_PKEY * d2i_PublicKey(int type,EVP_PKEY **a, unsigned char **pp, + long length); +int i2d_PublicKey(EVP_PKEY *a, unsigned char **pp); + +EVP_PKEY * d2i_PrivateKey(int type,EVP_PKEY **a, unsigned char **pp, + long length); +int i2d_PrivateKey(EVP_PKEY *a, unsigned char **pp); + +int EVP_PKEY_copy_parameters(EVP_PKEY *to,EVP_PKEY *from); +int EVP_PKEY_missing_parameters(EVP_PKEY *pkey); +int EVP_PKEY_save_parameters(EVP_PKEY *pkey,int mode); +int EVP_PKEY_cmp_parameters(EVP_PKEY *a,EVP_PKEY *b); + +/* calls methods */ +int EVP_CIPHER_param_to_asn1(EVP_CIPHER_CTX *c, ASN1_TYPE *type); +int EVP_CIPHER_asn1_to_param(EVP_CIPHER_CTX *c, ASN1_TYPE *type); + +/* These are used by EVP_CIPHER methods */ +int EVP_CIPHER_set_asn1_iv(EVP_CIPHER_CTX *c,ASN1_TYPE *type); +int EVP_CIPHER_get_asn1_iv(EVP_CIPHER_CTX *c,ASN1_TYPE *type); + +#else + +void EVP_DigestInit(); +void EVP_DigestUpdate(); +void EVP_DigestFinal(); + +int EVP_read_pw_string(); +void EVP_set_pw_prompt(); +char * EVP_get_pw_prompt(); + +int EVP_BytesToKey(); + +EVP_CIPHER *EVP_get_cipherbyname(); + +void EVP_EncryptInit(); +void EVP_EncryptUpdate(); +void EVP_EncryptFinal(); + +void EVP_DecryptInit(); +void EVP_DecryptUpdate(); +int EVP_DecryptFinal(); + +void EVP_CipherInit(); +void EVP_CipherUpdate(); +int EVP_CipherFinal(); + +int EVP_SignFinal(); + +int EVP_VerifyFinal(); + +int EVP_OpenInit(); +int EVP_OpenFinal(); + +int EVP_SealInit(); +void EVP_SealFinal(); + +void EVP_EncodeInit(); +void EVP_EncodeUpdate(); +void EVP_EncodeFinal(); +int EVP_EncodeBlock(); + +void EVP_DecodeInit(); +int EVP_DecodeUpdate(); +int EVP_DecodeFinal(); +int EVP_DecodeBlock(); + +void ERR_load_EVP_strings(); + +void EVP_CIPHER_CTX_init(); +void EVP_CIPHER_CTX_cleanup(); + +#ifdef HEADER_BIO_H +BIO_METHOD *BIO_f_md(); +BIO_METHOD *BIO_f_base64(); +BIO_METHOD *BIO_f_cipher(); +void BIO_set_cipher(); +#endif + +EVP_MD *EVP_md_null(); +EVP_MD *EVP_md2(); +EVP_MD *EVP_md5(); +EVP_MD *EVP_sha(); +EVP_MD *EVP_sha1(); +EVP_MD *EVP_dss(); +EVP_MD *EVP_dss1(); +EVP_MD *EVP_mdc2(); + +EVP_CIPHER *EVP_enc_null(); +EVP_CIPHER *EVP_des_ecb(); +EVP_CIPHER *EVP_des_ede(); +EVP_CIPHER *EVP_des_ede3(); +EVP_CIPHER *EVP_des_cfb(); +EVP_CIPHER *EVP_des_ede_cfb(); +EVP_CIPHER *EVP_des_ede3_cfb(); +EVP_CIPHER *EVP_des_ofb(); +EVP_CIPHER *EVP_des_ede_ofb(); +EVP_CIPHER *EVP_des_ede3_ofb(); +EVP_CIPHER *EVP_des_cbc(); +EVP_CIPHER *EVP_des_ede_cbc(); +EVP_CIPHER *EVP_des_ede3_cbc(); +EVP_CIPHER *EVP_desx_cbc(); +EVP_CIPHER *EVP_rc4(); +EVP_CIPHER *EVP_rc4_40(); +EVP_CIPHER *EVP_idea_ecb(); +EVP_CIPHER *EVP_idea_cfb(); +EVP_CIPHER *EVP_idea_ofb(); +EVP_CIPHER *EVP_idea_cbc(); +EVP_CIPHER *EVP_rc2_ecb(); +EVP_CIPHER *EVP_rc2_cbc(); +EVP_CIPHER *EVP_rc2_40_cbc(); +EVP_CIPHER *EVP_rc2_cfb(); +EVP_CIPHER *EVP_rc2_ofb(); +EVP_CIPHER *EVP_bf_ecb(); +EVP_CIPHER *EVP_bf_cbc(); +EVP_CIPHER *EVP_bf_cfb(); +EVP_CIPHER *EVP_bf_ofb(); +EVP_CIPHER *EVP_cast5_ecb(); +EVP_CIPHER *EVP_cast5_cbc(); +EVP_CIPHER *EVP_cast5_cfb(); +EVP_CIPHER *EVP_cast5_ofb(); +EVP_CIPHER *EVP_rc5_32_12_16_cbc(); +EVP_CIPHER *EVP_rc5_32_12_16_ecb(); +EVP_CIPHER *EVP_rc5_32_12_16_cfb(); +EVP_CIPHER *EVP_rc5_32_12_16_ofb(); + +void SSLeay_add_all_algorithms(); +void SSLeay_add_all_ciphers(); +void SSLeay_add_all_digests(); + +int EVP_add_cipher(); +int EVP_add_digest(); +int EVP_add_alias(); +int EVP_delete_alias(); + +EVP_CIPHER *EVP_get_cipherbyname(); +EVP_MD *EVP_get_digestbyname(); +void EVP_cleanup(); + +int EVP_PKEY_decrypt(); +int EVP_PKEY_encrypt(); +int EVP_PKEY_type(); +int EVP_PKEY_bits(); +int EVP_PKEY_size(); +int EVP_PKEY_assign(); +EVP_PKEY * EVP_PKEY_new(); +void EVP_PKEY_free(); +EVP_PKEY * d2i_PublicKey(); +int i2d_PublicKey(); + +EVP_PKEY * d2i_PrivateKey(); +int i2d_PrivateKey(); + +int EVP_PKEY_copy_parameters(); +int EVP_PKEY_missing_parameters(); +int EVP_PKEY_save_parameters(); +int EVP_PKEY_cmp_parameters(); + +int EVP_CIPHER_param_to_asn1(EVP_CIPHER_CTX *c, ASN1_TYPE *type); +int EVP_CIPHER_asn1_to_param(EVP_CIPHER_CTX *c, ASN1_TYPE *type); + +int EVP_CIPHER_set_asn1_iv(); +int EVP_CIPHER_get_asn1_iv(); + +#endif + +/* BEGIN ERROR CODES */ +/* Error codes for the EVP functions. */ + +/* Function codes. */ +#define EVP_F_D2I_PKEY 100 +#define EVP_F_EVP_DECRYPTFINAL 101 +#define EVP_F_EVP_OPENINIT 102 +#define EVP_F_EVP_PKEY_COPY_PARAMETERS 103 +#define EVP_F_EVP_PKEY_DECRYPT 104 +#define EVP_F_EVP_PKEY_ENCRYPT 105 +#define EVP_F_EVP_PKEY_NEW 106 +#define EVP_F_EVP_SIGNFINAL 107 +#define EVP_F_EVP_VERIFYFINAL 108 + +/* Reason codes. */ +#define EVP_R_BAD_DECRYPT 100 +#define EVP_R_DIFFERENT_KEY_TYPES 101 +#define EVP_R_IV_TOO_LARGE 102 +#define EVP_R_MISSING_PARMATERS 103 +#define EVP_R_NO_SIGN_FUNCTION_CONFIGURED 104 +#define EVP_R_NO_VERIFY_FUNCTION_CONFIGURED 105 +#define EVP_R_PUBLIC_KEY_NOT_RSA 106 +#define EVP_R_UNSUPPORTED_CIPHER 107 +#define EVP_R_WRONG_FINAL_BLOCK_LENGTH 108 +#define EVP_R_WRONG_PUBLIC_KEY_TYPE 109 + +#ifdef __cplusplus +} +#endif +#endif + diff --git a/src/lib/libcrypto/evp/evp_enc.c b/src/lib/libcrypto/evp/evp_enc.c new file mode 100644 index 0000000000..93cc3a9464 --- /dev/null +++ b/src/lib/libcrypto/evp/evp_enc.c @@ -0,0 +1,303 @@ +/* crypto/evp/evp_enc.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include +#include "cryptlib.h" +#include "evp.h" + +char *EVP_version="EVP part of SSLeay 0.9.0b 29-Jun-1998"; + +void EVP_CIPHER_CTX_init(ctx) +EVP_CIPHER_CTX *ctx; + { + memset(ctx,0,sizeof(EVP_CIPHER_CTX)); + /* ctx->cipher=NULL; */ + } + +void EVP_CipherInit(ctx,data,key,iv,enc) +EVP_CIPHER_CTX *ctx; +EVP_CIPHER *data; +unsigned char *key; +unsigned char *iv; +int enc; + { + if (enc) + EVP_EncryptInit(ctx,data,key,iv); + else + EVP_DecryptInit(ctx,data,key,iv); + } + +void EVP_CipherUpdate(ctx,out,outl,in,inl) +EVP_CIPHER_CTX *ctx; +unsigned char *out; +int *outl; +unsigned char *in; +int inl; + { + if (ctx->encrypt) + EVP_EncryptUpdate(ctx,out,outl,in,inl); + else EVP_DecryptUpdate(ctx,out,outl,in,inl); + } + +int EVP_CipherFinal(ctx,out,outl) +EVP_CIPHER_CTX *ctx; +unsigned char *out; +int *outl; + { + if (ctx->encrypt) + { + EVP_EncryptFinal(ctx,out,outl); + return(1); + } + else return(EVP_DecryptFinal(ctx,out,outl)); + } + +void EVP_EncryptInit(ctx,cipher,key,iv) +EVP_CIPHER_CTX *ctx; +EVP_CIPHER *cipher; +unsigned char *key; +unsigned char *iv; + { + if (cipher != NULL) + ctx->cipher=cipher; + ctx->cipher->init(ctx,key,iv,1); + ctx->encrypt=1; + ctx->buf_len=0; + } + +void EVP_DecryptInit(ctx,cipher,key,iv) +EVP_CIPHER_CTX *ctx; +EVP_CIPHER *cipher; +unsigned char *key; +unsigned char *iv; + { + if (cipher != NULL) + ctx->cipher=cipher; + ctx->cipher->init(ctx,key,iv,0); + ctx->encrypt=0; + ctx->buf_len=0; + } + + +void EVP_EncryptUpdate(ctx,out,outl,in,inl) +EVP_CIPHER_CTX *ctx; +unsigned char *out; +int *outl; +unsigned char *in; +int inl; + { + int i,j,bl; + + i=ctx->buf_len; + bl=ctx->cipher->block_size; + *outl=0; + if ((inl == 0) && (i != bl)) return; + if (i != 0) + { + if (i+inl < bl) + { + memcpy(&(ctx->buf[i]),in,inl); + ctx->buf_len+=inl; + return; + } + else + { + j=bl-i; + if (j != 0) memcpy(&(ctx->buf[i]),in,j); + ctx->cipher->do_cipher(ctx,out,ctx->buf,bl); + inl-=j; + in+=j; + out+=bl; + *outl+=bl; + } + } + i=inl%bl; /* how much is left */ + inl-=i; + if (inl > 0) + { + ctx->cipher->do_cipher(ctx,out,in,inl); + *outl+=inl; + } + + if (i != 0) + memcpy(ctx->buf,&(in[inl]),i); + ctx->buf_len=i; + } + +void EVP_EncryptFinal(ctx,out,outl) +EVP_CIPHER_CTX *ctx; +unsigned char *out; +int *outl; + { + int i,n,b,bl; + + b=ctx->cipher->block_size; + if (b == 1) + { + *outl=0; + return; + } + bl=ctx->buf_len; + n=b-bl; + for (i=bl; ibuf[i]=n; + ctx->cipher->do_cipher(ctx,out,ctx->buf,b); + *outl=b; + } + +void EVP_DecryptUpdate(ctx,out,outl,in,inl) +EVP_CIPHER_CTX *ctx; +unsigned char *out; +int *outl; +unsigned char *in; +int inl; + { + int b,bl,n; + int keep_last=0; + + *outl=0; + if (inl == 0) return; + + b=ctx->cipher->block_size; + if (b > 1) + { + /* Is the input a multiple of the block size? */ + bl=ctx->buf_len; + n=inl+bl; + if (n%b == 0) + { + if (inl < b) /* must be 'just one' buff */ + { + memcpy(&(ctx->buf[bl]),in,inl); + ctx->buf_len=b; + *outl=0; + return; + } + keep_last=1; + inl-=b; /* don't do the last block */ + } + } + EVP_EncryptUpdate(ctx,out,outl,in,inl); + + /* if we have 'decrypted' a multiple of block size, make sure + * we have a copy of this last block */ + if (keep_last) + { + memcpy(&(ctx->buf[0]),&(in[inl]),b); +#ifdef DEBUG + if (ctx->buf_len != 0) + { + abort(); + } +#endif + ctx->buf_len=b; + } + } + +int EVP_DecryptFinal(ctx,out,outl) +EVP_CIPHER_CTX *ctx; +unsigned char *out; +int *outl; + { + int i,b; + int n; + + *outl=0; + b=ctx->cipher->block_size; + if (b > 1) + { + if (ctx->buf_len != b) + { + EVPerr(EVP_F_EVP_DECRYPTFINAL,EVP_R_WRONG_FINAL_BLOCK_LENGTH); + return(0); + } + EVP_EncryptUpdate(ctx,ctx->buf,&n,ctx->buf,0); + if (n != b) + return(0); + n=ctx->buf[b-1]; + if (n > b) + { + EVPerr(EVP_F_EVP_DECRYPTFINAL,EVP_R_BAD_DECRYPT); + return(0); + } + for (i=0; ibuf[--b] != n) + { + EVPerr(EVP_F_EVP_DECRYPTFINAL,EVP_R_BAD_DECRYPT); + return(0); + } + } + n=ctx->cipher->block_size-n; + for (i=0; ibuf[i]; + *outl=n; + } + else + *outl=0; + return(1); + } + +void EVP_CIPHER_CTX_cleanup(c) +EVP_CIPHER_CTX *c; + { + if ((c->cipher != NULL) && (c->cipher->cleanup != NULL)) + c->cipher->cleanup(c); + memset(c,0,sizeof(EVP_CIPHER_CTX)); + } + diff --git a/src/lib/libcrypto/evp/evp_err.c b/src/lib/libcrypto/evp/evp_err.c new file mode 100644 index 0000000000..2b0a0ab93f --- /dev/null +++ b/src/lib/libcrypto/evp/evp_err.c @@ -0,0 +1,108 @@ +/* lib/evp/evp_err.c */ +/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ +#include +#include "err.h" +#include "evp.h" + +/* BEGIN ERROR CODES */ +#ifndef NO_ERR +static ERR_STRING_DATA EVP_str_functs[]= + { +{ERR_PACK(0,EVP_F_D2I_PKEY,0), "D2I_PKEY"}, +{ERR_PACK(0,EVP_F_EVP_DECRYPTFINAL,0), "EVP_DecryptFinal"}, +{ERR_PACK(0,EVP_F_EVP_OPENINIT,0), "EVP_OpenInit"}, +{ERR_PACK(0,EVP_F_EVP_PKEY_COPY_PARAMETERS,0), "EVP_PKEY_copy_parameters"}, +{ERR_PACK(0,EVP_F_EVP_PKEY_DECRYPT,0), "EVP_PKEY_decrypt"}, +{ERR_PACK(0,EVP_F_EVP_PKEY_ENCRYPT,0), "EVP_PKEY_encrypt"}, +{ERR_PACK(0,EVP_F_EVP_PKEY_NEW,0), "EVP_PKEY_new"}, +{ERR_PACK(0,EVP_F_EVP_SIGNFINAL,0), "EVP_SignFinal"}, +{ERR_PACK(0,EVP_F_EVP_VERIFYFINAL,0), "EVP_VerifyFinal"}, +{0,NULL}, + }; + +static ERR_STRING_DATA EVP_str_reasons[]= + { +{EVP_R_BAD_DECRYPT ,"bad decrypt"}, +{EVP_R_DIFFERENT_KEY_TYPES ,"different key types"}, +{EVP_R_IV_TOO_LARGE ,"iv too large"}, +{EVP_R_MISSING_PARMATERS ,"missing parmaters"}, +{EVP_R_NO_SIGN_FUNCTION_CONFIGURED ,"no sign function configured"}, +{EVP_R_NO_VERIFY_FUNCTION_CONFIGURED ,"no verify function configured"}, +{EVP_R_PUBLIC_KEY_NOT_RSA ,"public key not rsa"}, +{EVP_R_UNSUPPORTED_CIPHER ,"unsupported cipher"}, +{EVP_R_WRONG_FINAL_BLOCK_LENGTH ,"wrong final block length"}, +{EVP_R_WRONG_PUBLIC_KEY_TYPE ,"wrong public key type"}, +{0,NULL}, + }; + +#endif + +void ERR_load_EVP_strings() + { + static int init=1; + + if (init); + {; + init=0; +#ifndef NO_ERR + ERR_load_strings(ERR_LIB_EVP,EVP_str_functs); + ERR_load_strings(ERR_LIB_EVP,EVP_str_reasons); +#endif + + } + } diff --git a/src/lib/libcrypto/evp/evp_key.c b/src/lib/libcrypto/evp/evp_key.c new file mode 100644 index 0000000000..dafa686f64 --- /dev/null +++ b/src/lib/libcrypto/evp/evp_key.c @@ -0,0 +1,167 @@ +/* crypto/evp/evp_key.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include +#include "cryptlib.h" +#include "x509.h" +#include "objects.h" +#include "evp.h" + +/* should be init to zeros. */ +static char prompt_string[80]; + +void EVP_set_pw_prompt(prompt) +char *prompt; + { + if (prompt == NULL) + prompt_string[0]='\0'; + else + strncpy(prompt_string,prompt,79); + } + +char *EVP_get_pw_prompt() + { + if (prompt_string[0] == '\0') + return(NULL); + else + return(prompt_string); + } + +#ifdef NO_DES +int des_read_pw_string(char *buf,int len,char *prompt,int verify); +#endif + +int EVP_read_pw_string(buf,len,prompt,verify) +char *buf; +int len; +char *prompt; +int verify; + { + if ((prompt == NULL) && (prompt_string[0] != '\0')) + prompt=prompt_string; + return(des_read_pw_string(buf,len,prompt,verify)); + } + +int EVP_BytesToKey(type,md,salt,data,datal,count,key,iv) +EVP_CIPHER *type; +EVP_MD *md; +unsigned char *salt; +unsigned char *data; +int datal; +int count; +unsigned char *key; +unsigned char *iv; + { + EVP_MD_CTX c; + unsigned char md_buf[EVP_MAX_MD_SIZE]; + int niv,nkey,addmd=0; + unsigned int mds=0,i; + + nkey=type->key_len; + niv=type->iv_len; + + if (data == NULL) return(nkey); + + for (;;) + { + EVP_DigestInit(&c,md); + if (addmd++) + EVP_DigestUpdate(&c,&(md_buf[0]),mds); + EVP_DigestUpdate(&c,data,datal); + if (salt != NULL) + EVP_DigestUpdate(&c,salt,8); + EVP_DigestFinal(&c,&(md_buf[0]),&mds); + + for (i=1; i<(unsigned int)count; i++) + { + EVP_DigestInit(&c,md); + EVP_DigestUpdate(&c,&(md_buf[0]),mds); + EVP_DigestFinal(&c,&(md_buf[0]),&mds); + } + i=0; + if (nkey) + { + for (;;) + { + if (nkey == 0) break; + if (i == mds) break; + if (key != NULL) + *(key++)=md_buf[i]; + nkey--; + i++; + } + } + if (niv && (i != mds)) + { + for (;;) + { + if (niv == 0) break; + if (i == mds) break; + if (iv != NULL) + *(iv++)=md_buf[i]; + niv--; + i++; + } + } + if ((nkey == 0) && (niv == 0)) break; + } + memset(&c,0,sizeof(c)); + memset(&(md_buf[0]),0,EVP_MAX_MD_SIZE); + return(type->key_len); + } + diff --git a/src/lib/libcrypto/evp/evp_lib.c b/src/lib/libcrypto/evp/evp_lib.c new file mode 100644 index 0000000000..69784eb555 --- /dev/null +++ b/src/lib/libcrypto/evp/evp_lib.c @@ -0,0 +1,117 @@ +/* crypto/evp/evp_lib.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include +#include "cryptlib.h" +#include "evp.h" +#include "objects.h" + +int EVP_CIPHER_param_to_asn1(c,type) +EVP_CIPHER_CTX *c; +ASN1_TYPE *type; + { + int ret; + + if (c->cipher->set_asn1_parameters != NULL) + ret=c->cipher->set_asn1_parameters(c,type); + else + ret=1; + return(ret); + } + +int EVP_CIPHER_asn1_to_param(c,type) +EVP_CIPHER_CTX *c; +ASN1_TYPE *type; + { + int ret; + + if (c->cipher->get_asn1_parameters != NULL) + ret=c->cipher->get_asn1_parameters(c,type); + else + ret=1; + return(ret); + } + +int EVP_CIPHER_get_asn1_iv(c,type) +EVP_CIPHER_CTX *c; +ASN1_TYPE *type; + { + int i=0,l; + + if (type != NULL) + { + l=EVP_CIPHER_CTX_iv_length(c); + i=ASN1_TYPE_get_octetstring(type,c->oiv,l); + memcpy(c->iv,c->oiv,l); + } + return(i); + } + +int EVP_CIPHER_set_asn1_iv(c,type) +EVP_CIPHER_CTX *c; +ASN1_TYPE *type; + { + int i=0,j; + + if (type != NULL) + { + j=EVP_CIPHER_CTX_iv_length(c); + i=ASN1_TYPE_set_octetstring(type,c->oiv,j); + } + return(i); + } diff --git a/src/lib/libcrypto/evp/m_dss.c b/src/lib/libcrypto/evp/m_dss.c new file mode 100644 index 0000000000..3549b1699c --- /dev/null +++ b/src/lib/libcrypto/evp/m_dss.c @@ -0,0 +1,82 @@ +/* crypto/evp/m_dss.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include +#include "cryptlib.h" +#include "evp.h" +#include "objects.h" +#include "x509.h" + +static EVP_MD dsa_md= + { + NID_dsaWithSHA, + NID_dsaWithSHA, + SHA_DIGEST_LENGTH, + SHA1_Init, + SHA1_Update, + SHA1_Final, + EVP_PKEY_DSA_method, + SHA_CBLOCK, + sizeof(EVP_MD *)+sizeof(SHA_CTX), + }; + +EVP_MD *EVP_dss() + { + return(&dsa_md); + } + diff --git a/src/lib/libcrypto/evp/m_dss1.c b/src/lib/libcrypto/evp/m_dss1.c new file mode 100644 index 0000000000..ff256b7b20 --- /dev/null +++ b/src/lib/libcrypto/evp/m_dss1.c @@ -0,0 +1,81 @@ +/* crypto/evp/m_dss1.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include +#include "cryptlib.h" +#include "evp.h" +#include "objects.h" +#include "x509.h" + +static EVP_MD dss1_md= + { + NID_dsa, + NID_dsaWithSHA1, + SHA_DIGEST_LENGTH, + SHA1_Init, + SHA1_Update, + SHA1_Final, + EVP_PKEY_DSA_method, + SHA_CBLOCK, + sizeof(EVP_MD *)+sizeof(SHA_CTX), + }; + +EVP_MD *EVP_dss1() + { + return(&dss1_md); + } diff --git a/src/lib/libcrypto/evp/m_md5.c b/src/lib/libcrypto/evp/m_md5.c new file mode 100644 index 0000000000..d65db9aa1d --- /dev/null +++ b/src/lib/libcrypto/evp/m_md5.c @@ -0,0 +1,81 @@ +/* crypto/evp/m_md5.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include +#include "cryptlib.h" +#include "evp.h" +#include "objects.h" +#include "x509.h" + +static EVP_MD md5_md= + { + NID_md5, + NID_md5WithRSAEncryption, + MD5_DIGEST_LENGTH, + MD5_Init, + MD5_Update, + MD5_Final, + EVP_PKEY_RSA_method, + MD5_CBLOCK, + sizeof(EVP_MD *)+sizeof(MD5_CTX), + }; + +EVP_MD *EVP_md5() + { + return(&md5_md); + } diff --git a/src/lib/libcrypto/evp/m_null.c b/src/lib/libcrypto/evp/m_null.c new file mode 100644 index 0000000000..6d80560df2 --- /dev/null +++ b/src/lib/libcrypto/evp/m_null.c @@ -0,0 +1,88 @@ +/* crypto/evp/m_null.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include +#include "cryptlib.h" +#include "evp.h" +#include "objects.h" +#include "x509.h" + +static void function() + { + } + +static EVP_MD null_md= + { + NID_undef, + NID_undef, + 0, + function, + function, + function, + + EVP_PKEY_NULL_method, + 0, + sizeof(EVP_MD *), + }; + +EVP_MD *EVP_md_null() + { + return(&null_md); + } + + diff --git a/src/lib/libcrypto/evp/m_ripemd.c b/src/lib/libcrypto/evp/m_ripemd.c new file mode 100644 index 0000000000..04c5d8897b --- /dev/null +++ b/src/lib/libcrypto/evp/m_ripemd.c @@ -0,0 +1,81 @@ +/* crypto/evp/m_ripemd.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include +#include "cryptlib.h" +#include "evp.h" +#include "objects.h" +#include "x509.h" + +static EVP_MD ripemd160_md= + { + NID_ripemd160, + NID_ripemd160WithRSA, + RIPEMD160_DIGEST_LENGTH, + RIPEMD160_Init, + RIPEMD160_Update, + RIPEMD160_Final, + EVP_PKEY_RSA_method, + RIPEMD160_CBLOCK, + sizeof(EVP_MD *)+sizeof(RIPEMD160_CTX), + }; + +EVP_MD *EVP_ripemd160() + { + return(&ripemd160_md); + } diff --git a/src/lib/libcrypto/evp/m_sha1.c b/src/lib/libcrypto/evp/m_sha1.c new file mode 100644 index 0000000000..87135a9cf2 --- /dev/null +++ b/src/lib/libcrypto/evp/m_sha1.c @@ -0,0 +1,81 @@ +/* crypto/evp/m_sha1.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include +#include "cryptlib.h" +#include "evp.h" +#include "objects.h" +#include "x509.h" + +static EVP_MD sha1_md= + { + NID_sha1, + NID_sha1WithRSAEncryption, + SHA_DIGEST_LENGTH, + SHA1_Init, + SHA1_Update, + SHA1_Final, + EVP_PKEY_RSA_method, + SHA_CBLOCK, + sizeof(EVP_MD *)+sizeof(SHA_CTX), + }; + +EVP_MD *EVP_sha1() + { + return(&sha1_md); + } diff --git a/src/lib/libcrypto/evp/names.c b/src/lib/libcrypto/evp/names.c new file mode 100644 index 0000000000..e0774da20d --- /dev/null +++ b/src/lib/libcrypto/evp/names.c @@ -0,0 +1,285 @@ +/* crypto/evp/names.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include +#include "cryptlib.h" +#include "evp.h" +#include "objects.h" + +typedef struct aliases_st { + char *alias; + /* This must be the last field becaue I will allocate things + * so they go off the end of it */ + char name[4]; + } ALIASES; + +static STACK /* ALIASES */ *aliases=NULL; +static STACK /* EVP_CIPHERS */ *ciphers=NULL; +static STACK /* EVP_MD */ *digests=NULL; + +static int cipher_nid_cmp(a,b) +EVP_CIPHER **a,**b; + { return((*a)->nid - (*b)->nid); } + +static int digest_type_cmp(a,b) +EVP_MD **a,**b; + { return((*a)->pkey_type - (*b)->pkey_type); } + +int EVP_add_cipher(c) +EVP_CIPHER *c; + { + int i; + + if (ciphers == NULL) + { + ciphers=sk_new(cipher_nid_cmp); + if (ciphers == NULL) return(0); + } + if ((i=sk_find(ciphers,(char *)c)) >= 0) + { + if (sk_value(ciphers,i) == (char *)c) + return(1); + sk_delete(ciphers,i); + } + return(sk_push(ciphers,(char *)c)); + } + +int EVP_add_digest(md) +EVP_MD *md; + { + int i; + char *n; + + if (digests == NULL) + { + digests=sk_new(digest_type_cmp); + if (digests == NULL) return(0); + } + if ((i=sk_find(digests,(char *)md)) >= 0) + { + if (sk_value(digests,i) == (char *)md) + return(1); + sk_delete(digests,i); + } + if (md->type != md->pkey_type) + { + n=OBJ_nid2sn(md->pkey_type); + EVP_add_alias(n,OBJ_nid2sn(md->type)); + EVP_add_alias(n,OBJ_nid2ln(md->type)); + } + sk_push(digests,(char *)md); + return(1); + } + +static int alias_cmp(a,b) +ALIASES **a,**b; + { + return(strcmp((*a)->alias,(*b)->alias)); + } + +int EVP_add_alias(name,aname) +char *name; +char *aname; + { + int l1,l2,i; + ALIASES *a; + char *p; + + if ((name == NULL) || (aname == NULL)) return(0); + l1=strlen(name)+1; + l2=strlen(aname)+1; + i=sizeof(ALIASES)+l1+l2; + if ((a=(ALIASES *)Malloc(i)) == NULL) + return(0); + strcpy(a->name,name); + p= &(a->name[l1]); + strcpy(p,aname); + a->alias=p; + + if (aliases == NULL) + { + aliases=sk_new(alias_cmp); + if (aliases == NULL) goto err; + } + + if ((i=sk_find(aliases,(char *)a)) >= 0) + { + Free(sk_delete(aliases,i)); + } + if (!sk_push(aliases,(char *)a)) goto err; + return(1); +err: + return(0); + } + +int EVP_delete_alias(name) +char *name; + { + ALIASES a; + int i; + + if (aliases != NULL) + { + a.alias=name; + if ((i=sk_find(aliases,(char *)&a)) >= 0) + { + Free(sk_delete(aliases,i)); + return(1); + } + } + return(0); + } + +EVP_CIPHER *EVP_get_cipherbyname(name) +char *name; + { + int nid,num=6,i; + EVP_CIPHER c,*cp; + ALIASES a,*ap; + + if (ciphers == NULL) return(NULL); + for (;;) + { + if (num-- <= 0) return(NULL); + if (aliases != NULL) + { + a.alias=name; + i=sk_find(aliases,(char *)&a); + if (i >= 0) + { + ap=(ALIASES *)sk_value(aliases,i); + name=ap->name; + continue; + } + } + + nid=OBJ_txt2nid(name); + if (nid == NID_undef) return(NULL); + c.nid=nid; + i=sk_find(ciphers,(char *)&c); + if (i >= 0) + { + cp=(EVP_CIPHER *)sk_value(ciphers,i); + return(cp); + } + else + return(NULL); + } + } + +EVP_MD *EVP_get_digestbyname(name) +char *name; + { + int nid,num=6,i; + EVP_MD c,*cp; + ALIASES a,*ap; + + if (digests == NULL) return(NULL); + + for (;;) + { + if (num-- <= 0) return(NULL); + + if (aliases != NULL) + { + a.alias=name; + i=sk_find(aliases,(char *)&a); + if (i >= 0) + { + ap=(ALIASES *)sk_value(aliases,i); + name=ap->name; + continue; + } + } + + nid=OBJ_txt2nid(name); + if (nid == NID_undef) return(NULL); + c.pkey_type=nid; + i=sk_find(digests,(char *)&c); + if (i >= 0) + { + cp=(EVP_MD *)sk_value(digests,i); + return(cp); + } + else + return(NULL); + } + } + +void EVP_cleanup() + { + int i; + + if (aliases != NULL) + { + for (i=0; i +#include "cryptlib.h" +#include "rand.h" +#include "rsa.h" +#include "evp.h" +#include "objects.h" +#include "x509.h" + +int EVP_PKEY_decrypt(key,ek,ekl,priv) +unsigned char *key; +unsigned char *ek; +int ekl; +EVP_PKEY *priv; + { + int ret= -1; + + if (priv->type != EVP_PKEY_RSA) + { + EVPerr(EVP_F_EVP_PKEY_DECRYPT,EVP_R_PUBLIC_KEY_NOT_RSA); + goto err; + } + + ret=RSA_private_decrypt(ekl,ek,key,priv->pkey.rsa,RSA_PKCS1_PADDING); +err: + return(ret); + } diff --git a/src/lib/libcrypto/evp/p_enc.c b/src/lib/libcrypto/evp/p_enc.c new file mode 100644 index 0000000000..a26bfad02a --- /dev/null +++ b/src/lib/libcrypto/evp/p_enc.c @@ -0,0 +1,83 @@ +/* crypto/evp/p_enc.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include +#include "cryptlib.h" +#include "rand.h" +#include "rsa.h" +#include "evp.h" +#include "objects.h" +#include "x509.h" + +int EVP_PKEY_encrypt(ek,key,key_len,pubk) +unsigned char *ek; +unsigned char *key; +int key_len; +EVP_PKEY *pubk; + { + int ret=0; + + if (pubk->type != EVP_PKEY_RSA) + { + EVPerr(EVP_F_EVP_PKEY_ENCRYPT,EVP_R_PUBLIC_KEY_NOT_RSA); + goto err; + } + ret=RSA_public_encrypt(key_len,key,ek,pubk->pkey.rsa,RSA_PKCS1_PADDING); +err: + return(ret); + } diff --git a/src/lib/libcrypto/evp/p_lib.c b/src/lib/libcrypto/evp/p_lib.c new file mode 100644 index 0000000000..395351b373 --- /dev/null +++ b/src/lib/libcrypto/evp/p_lib.c @@ -0,0 +1,294 @@ +/* crypto/evp/p_lib.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include +#include "cryptlib.h" +#include "objects.h" +#include "evp.h" +#include "asn1_mac.h" +#include "x509.h" + +/* EVPerr(EVP_F_D2I_PKEY,EVP_R_UNSUPPORTED_CIPHER); */ +/* EVPerr(EVP_F_D2I_PKEY,EVP_R_IV_TOO_LARGE); */ + +#ifndef NOPROTO +static void EVP_PKEY_free_it(EVP_PKEY *x); +#else +static void EVP_PKEY_free_it(); +#endif + +int EVP_PKEY_bits(pkey) +EVP_PKEY *pkey; + { +#ifndef NO_RSA + if (pkey->type == EVP_PKEY_RSA) + return(BN_num_bits(pkey->pkey.rsa->n)); + else +#endif +#ifndef NO_DSA + if (pkey->type == EVP_PKEY_DSA) + return(BN_num_bits(pkey->pkey.dsa->p)); +#endif + return(0); + } + +int EVP_PKEY_size(pkey) +EVP_PKEY *pkey; + { +#ifndef NO_RSA + if (pkey->type == EVP_PKEY_RSA) + return(RSA_size(pkey->pkey.rsa)); + else +#endif +#ifndef NO_DSA + if (pkey->type == EVP_PKEY_DSA) + return(DSA_size(pkey->pkey.dsa)); +#endif + return(0); + } + +int EVP_PKEY_save_parameters(pkey,mode) +EVP_PKEY *pkey; +int mode; + { +#ifndef NO_DSA + if (pkey->type == EVP_PKEY_DSA) + { + int ret=pkey->save_parameters=mode; + + if (mode >= 0) + pkey->save_parameters=mode; + return(ret); + } +#endif + return(0); + } + +int EVP_PKEY_copy_parameters(to,from) +EVP_PKEY *to,*from; + { + if (to->type != from->type) + { + EVPerr(EVP_F_EVP_PKEY_COPY_PARAMETERS,EVP_R_DIFFERENT_KEY_TYPES); + goto err; + } + + if (EVP_PKEY_missing_parameters(from)) + { + EVPerr(EVP_F_EVP_PKEY_COPY_PARAMETERS,EVP_R_MISSING_PARMATERS); + goto err; + } +#ifndef NO_DSA + if (to->type == EVP_PKEY_DSA) + { + BIGNUM *a; + + if ((a=BN_dup(from->pkey.dsa->p)) == NULL) goto err; + if (to->pkey.dsa->p != NULL) BN_free(to->pkey.dsa->p); + to->pkey.dsa->p=a; + + if ((a=BN_dup(from->pkey.dsa->q)) == NULL) goto err; + if (to->pkey.dsa->q != NULL) BN_free(to->pkey.dsa->q); + to->pkey.dsa->q=a; + + if ((a=BN_dup(from->pkey.dsa->g)) == NULL) goto err; + if (to->pkey.dsa->g != NULL) BN_free(to->pkey.dsa->g); + to->pkey.dsa->g=a; + } +#endif + return(1); +err: + return(0); + } + +int EVP_PKEY_missing_parameters(pkey) +EVP_PKEY *pkey; + { +#ifndef NO_DSA + if (pkey->type == EVP_PKEY_DSA) + { + DSA *dsa; + + dsa=pkey->pkey.dsa; + if ((dsa->p == NULL) || (dsa->q == NULL) || (dsa->g == NULL)) + return(1); + } +#endif + return(0); + } + +int EVP_PKEY_cmp_parameters(a,b) +EVP_PKEY *a,*b; + { +#ifndef NO_DSA + if ((a->type == EVP_PKEY_DSA) && (b->type == EVP_PKEY_DSA)) + { + if ( BN_cmp(a->pkey.dsa->p,b->pkey.dsa->p) || + BN_cmp(a->pkey.dsa->q,b->pkey.dsa->q) || + BN_cmp(a->pkey.dsa->g,b->pkey.dsa->g)) + return(0); + else + return(1); + } +#endif + return(-1); + } + +EVP_PKEY *EVP_PKEY_new() + { + EVP_PKEY *ret; + + ret=(EVP_PKEY *)Malloc(sizeof(EVP_PKEY)); + if (ret == NULL) + { + EVPerr(EVP_F_EVP_PKEY_NEW,ERR_R_MALLOC_FAILURE); + return(NULL); + } + ret->type=EVP_PKEY_NONE; + ret->references=1; + ret->pkey.ptr=NULL; + ret->attributes=NULL; + ret->save_parameters=1; + return(ret); + } + +int EVP_PKEY_assign(pkey,type,key) +EVP_PKEY *pkey; +int type; +char *key; + { + if (pkey == NULL) return(0); + if (pkey->pkey.ptr != NULL) + EVP_PKEY_free_it(pkey); + pkey->type=EVP_PKEY_type(type); + pkey->save_type=type; + pkey->pkey.ptr=key; + return(1); + } + +int EVP_PKEY_type(type) +int type; + { + switch (type) + { + case EVP_PKEY_RSA: + case EVP_PKEY_RSA2: + return(EVP_PKEY_RSA); + case EVP_PKEY_DSA: + case EVP_PKEY_DSA1: + case EVP_PKEY_DSA2: + case EVP_PKEY_DSA3: + case EVP_PKEY_DSA4: + return(EVP_PKEY_DSA); + case EVP_PKEY_DH: + return(EVP_PKEY_DH); + default: + return(NID_undef); + } + } + +void EVP_PKEY_free(x) +EVP_PKEY *x; + { + int i; + + if (x == NULL) return; + + i=CRYPTO_add(&x->references,-1,CRYPTO_LOCK_EVP_PKEY); +#ifdef REF_PRINT + REF_PRINT("EVP_PKEY",x); +#endif + if (i > 0) return; +#ifdef REF_CHECK + if (i < 0) + { + fprintf(stderr,"EVP_PKEY_free, bad reference count\n"); + abort(); + } +#endif + EVP_PKEY_free_it(x); + Free((char *)x); + } + +static void EVP_PKEY_free_it(x) +EVP_PKEY *x; + { + switch (x->type) + { +#ifndef NO_RSA + case EVP_PKEY_RSA: + case EVP_PKEY_RSA2: + RSA_free(x->pkey.rsa); + break; +#endif +#ifndef NO_DSA + case EVP_PKEY_DSA: + case EVP_PKEY_DSA2: + case EVP_PKEY_DSA3: + case EVP_PKEY_DSA4: + DSA_free(x->pkey.dsa); + break; +#endif +#ifndef NO_DH + case EVP_PKEY_DH: + DH_free(x->pkey.dh); + break; +#endif + } + } + diff --git a/src/lib/libcrypto/evp/p_open.c b/src/lib/libcrypto/evp/p_open.c new file mode 100644 index 0000000000..28a8e02252 --- /dev/null +++ b/src/lib/libcrypto/evp/p_open.c @@ -0,0 +1,119 @@ +/* crypto/evp/p_open.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include +#include "cryptlib.h" +#include "evp.h" +#include "objects.h" +#include "x509.h" + +int EVP_OpenInit(ctx,type,ek,ekl,iv,priv) +EVP_CIPHER_CTX *ctx; +EVP_CIPHER *type; +unsigned char *ek; +int ekl; +unsigned char *iv; +EVP_PKEY *priv; + { + unsigned char *key=NULL; + int i,size=0,ret=0; + + if (priv->type != EVP_PKEY_RSA) + { + EVPerr(EVP_F_EVP_OPENINIT,EVP_R_PUBLIC_KEY_NOT_RSA); + ret= -1; + goto err; + } + + size=RSA_size(priv->pkey.rsa); + key=(unsigned char *)Malloc(size+2); + if (key == NULL) + { + /* ERROR */ + EVPerr(EVP_F_EVP_OPENINIT,ERR_R_MALLOC_FAILURE); + ret= -1; + goto err; + } + + i=EVP_PKEY_decrypt(key,ek,ekl,priv); + if (i != type->key_len) + { + /* ERROR */ + goto err; + } + + EVP_CIPHER_CTX_init(ctx); + EVP_DecryptInit(ctx,type,key,iv); + ret=1; +err: + if (key != NULL) memset(key,0,size); + Free(key); + return(ret); + } + +int EVP_OpenFinal(ctx,out,outl) +EVP_CIPHER_CTX *ctx; +unsigned char *out; +int *outl; + { + int i; + + i=EVP_DecryptFinal(ctx,out,outl); + EVP_DecryptInit(ctx,NULL,NULL,NULL); + return(i); + } diff --git a/src/lib/libcrypto/evp/p_seal.c b/src/lib/libcrypto/evp/p_seal.c new file mode 100644 index 0000000000..09a408de35 --- /dev/null +++ b/src/lib/libcrypto/evp/p_seal.c @@ -0,0 +1,115 @@ +/* crypto/evp/p_seal.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include +#include "cryptlib.h" +#include "rand.h" +#include "rsa.h" +#include "evp.h" +#include "objects.h" +#include "x509.h" + +int EVP_SealInit(ctx,type,ek,ekl,iv,pubk,npubk) +EVP_CIPHER_CTX *ctx; +EVP_CIPHER *type; +unsigned char **ek; +int *ekl; +unsigned char *iv; +EVP_PKEY **pubk; +int npubk; + { + unsigned char key[EVP_MAX_KEY_LENGTH]; + int i; + + if (npubk <= 0) return(0); + RAND_bytes(key,EVP_MAX_KEY_LENGTH); + if (type->iv_len > 0) + RAND_bytes(iv,type->iv_len); + + EVP_CIPHER_CTX_init(ctx); + EVP_EncryptInit(ctx,type,key,iv); + + for (i=0; i +#include "cryptlib.h" +#include "evp.h" +#include "objects.h" +#include "x509.h" + +#ifdef undef +void EVP_SignInit(ctx,type) +EVP_MD_CTX *ctx; +EVP_MD *type; + { + EVP_DigestInit(ctx,type); + } + +void EVP_SignUpdate(ctx,data,count) +EVP_MD_CTX *ctx; +unsigned char *data; +unsigned int count; + { + EVP_DigestUpdate(ctx,data,count); + } +#endif + +int EVP_SignFinal(ctx,sigret,siglen,pkey) +EVP_MD_CTX *ctx; +unsigned char *sigret; +unsigned int *siglen; +EVP_PKEY *pkey; + { + unsigned char m[EVP_MAX_MD_SIZE]; + unsigned int m_len; + int i,ok=0,v; + MS_STATIC EVP_MD_CTX tmp_ctx; + + *siglen=0; + memcpy(&tmp_ctx,ctx,sizeof(EVP_MD_CTX)); + EVP_DigestFinal(&tmp_ctx,&(m[0]),&m_len); + for (i=0; i<4; i++) + { + v=ctx->digest->required_pkey_type[i]; + if (v == 0) break; + if (pkey->type == v) + { + ok=1; + break; + } + } + if (!ok) + { + EVPerr(EVP_F_EVP_SIGNFINAL,EVP_R_WRONG_PUBLIC_KEY_TYPE); + return(0); + } + if (ctx->digest->sign == NULL) + { + EVPerr(EVP_F_EVP_SIGNFINAL,EVP_R_NO_SIGN_FUNCTION_CONFIGURED); + return(0); + } + return(ctx->digest->sign(ctx->digest->type,m,m_len,sigret,siglen, + pkey->pkey.ptr)); + } + diff --git a/src/lib/libcrypto/evp/p_verify.c b/src/lib/libcrypto/evp/p_verify.c new file mode 100644 index 0000000000..8d727d8f02 --- /dev/null +++ b/src/lib/libcrypto/evp/p_verify.c @@ -0,0 +1,102 @@ +/* crypto/evp/p_verify.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include +#include "cryptlib.h" +#include "evp.h" +#include "objects.h" +#include "x509.h" + +int EVP_VerifyFinal(ctx,sigbuf,siglen,pkey) +EVP_MD_CTX *ctx; +unsigned char *sigbuf; +unsigned int siglen; +EVP_PKEY *pkey; + { + unsigned char m[EVP_MAX_MD_SIZE]; + unsigned int m_len; + int i,ok=0,v; + MS_STATIC EVP_MD_CTX tmp_ctx; + + for (i=0; i<4; i++) + { + v=ctx->digest->required_pkey_type[i]; + if (v == 0) break; + if (pkey->type == v) + { + ok=1; + break; + } + } + if (!ok) + { + EVPerr(EVP_F_EVP_VERIFYFINAL,EVP_R_WRONG_PUBLIC_KEY_TYPE); + return(-1); + } + memcpy(&tmp_ctx,ctx,sizeof(EVP_MD_CTX)); + EVP_DigestFinal(&tmp_ctx,&(m[0]),&m_len); + if (ctx->digest->verify == NULL) + { + EVPerr(EVP_F_EVP_VERIFYFINAL,EVP_R_NO_VERIFY_FUNCTION_CONFIGURED); + return(0); + } + + return(ctx->digest->verify(ctx->digest->type,m,m_len, + sigbuf,siglen,pkey->pkey.ptr)); + } + diff --git a/src/lib/libcrypto/ex_data.c b/src/lib/libcrypto/ex_data.c new file mode 100644 index 0000000000..c858b518ff --- /dev/null +++ b/src/lib/libcrypto/ex_data.c @@ -0,0 +1,236 @@ +/* crypto/ex_data.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include +#include +#include "buffer.h" +#include "bio.h" +#include "lhash.h" +#include "cryptlib.h" + +int CRYPTO_get_ex_new_index(idx,skp,argl,argp,new_func,dup_func,free_func) +int idx; +STACK **skp; +long argl; +char *argp; +int (*new_func)(); +int (*dup_func)(); +void (*free_func)(); + { + CRYPTO_EX_DATA_FUNCS *a; + + if (*skp == NULL) + *skp=sk_new_null(); + if (*skp == NULL) + { + CRYPTOerr(CRYPTO_F_CRYPTO_GET_EX_NEW_INDEX,ERR_R_MALLOC_FAILURE); + return(-1); + } + a=(CRYPTO_EX_DATA_FUNCS *)Malloc(sizeof(CRYPTO_EX_DATA_FUNCS)); + if (a == NULL) + { + CRYPTOerr(CRYPTO_F_CRYPTO_GET_EX_NEW_INDEX,ERR_R_MALLOC_FAILURE); + return(-1); + } + a->argl=argl; + a->argp=argp; + a->new_func=new_func; + a->dup_func=dup_func; + a->free_func=free_func; + while (sk_num(*skp) <= idx) + { + if (!sk_push(*skp,NULL)) + { + CRYPTOerr(CRYPTO_F_CRYPTO_GET_EX_NEW_INDEX,ERR_R_MALLOC_FAILURE); + Free(a); + return(-1); + } + } + sk_value(*skp,idx)=(char *)a; + return(idx); + } + +int CRYPTO_set_ex_data(ad,idx,val) +CRYPTO_EX_DATA *ad; +int idx; +char *val; + { + int i; + + if (ad->sk == NULL) + { + if ((ad->sk=sk_new_null()) == NULL) + { + CRYPTOerr(CRYPTO_F_CRYPTO_SET_EX_DATA,ERR_R_MALLOC_FAILURE); + return(0); + } + } + i=sk_num(ad->sk); + + while (i <= idx) + { + if (!sk_push(ad->sk,NULL)) + { + CRYPTOerr(CRYPTO_F_CRYPTO_SET_EX_DATA,ERR_R_MALLOC_FAILURE); + return(0); + } + i++; + } + sk_value(ad->sk,idx)=val; + return(1); + } + +char *CRYPTO_get_ex_data(ad,idx) +CRYPTO_EX_DATA *ad; +int idx; + { + if (ad->sk == NULL) + return(0); + else if (idx >= sk_num(ad->sk)) + return(0); + else + return(sk_value(ad->sk,idx)); + } + +/* The callback is called with the 'object', which is the origional data object + * being duplicated, a pointer to the + * 'new' object to be inserted, the index, and the argi/argp + */ +int CRYPTO_dup_ex_data(meth,to,from) +STACK *meth; +CRYPTO_EX_DATA *to,*from; + { + int i,j,m,r; + CRYPTO_EX_DATA_FUNCS *mm; + char *from_d; + + if (meth == NULL) return(1); + if (from->sk == NULL) return(1); + m=sk_num(meth); + j=sk_num(from->sk); + for (i=0; idup_func != NULL) + r=mm->dup_func(to,from,(char **)&from_d,i, + mm->argl,mm->argp); + } + CRYPTO_set_ex_data(to,i,from_d); + } + return(1); + } + +/* Call each free callback */ +void CRYPTO_free_ex_data(meth,obj,ad) +STACK *meth; +char *obj; +CRYPTO_EX_DATA *ad; + { + CRYPTO_EX_DATA_FUNCS *m; + char *ptr; + int i,max; + + if (meth != NULL) + { + max=sk_num(meth); + for (i=0; ifree_func != NULL)) + { + ptr=CRYPTO_get_ex_data(ad,i); + m->free_func(obj,ptr,ad,i,m->argl,m->argp); + } + } + } + if (ad->sk != NULL) + { + sk_free(ad->sk); + ad->sk=NULL; + } + } + +void CRYPTO_new_ex_data(meth,obj,ad) +STACK *meth; +char *obj; +CRYPTO_EX_DATA *ad; + { + CRYPTO_EX_DATA_FUNCS *m; + char *ptr; + int i,max; + + ad->sk=NULL; + if (meth != NULL) + { + max=sk_num(meth); + for (i=0; inew_func != NULL)) + { + ptr=CRYPTO_get_ex_data(ad,i); + m->new_func(obj,ptr,ad,i,m->argl,m->argp); + } + } + } + } + + diff --git a/src/lib/libcrypto/hmac/hmac.c b/src/lib/libcrypto/hmac/hmac.c new file mode 100644 index 0000000000..fb09129963 --- /dev/null +++ b/src/lib/libcrypto/hmac/hmac.c @@ -0,0 +1,165 @@ +/* crypto/hmac/hmac.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ +#include +#include +#include +#include "hmac.h" + +void HMAC_Init(ctx,key,len,md) +HMAC_CTX *ctx; +unsigned char *key; +int len; +EVP_MD *md; + { + int i,j,reset=0; + unsigned char pad[HMAC_MAX_MD_CBLOCK]; + + if (md != NULL) + { + reset=1; + ctx->md=md; + } + else + md=ctx->md; + + if (key != NULL) + { + reset=1; + j=EVP_MD_block_size(md); + if (j < len) + { + EVP_DigestInit(&ctx->md_ctx,md); + EVP_DigestUpdate(&ctx->md_ctx,key,len); + EVP_DigestFinal(&(ctx->md_ctx),ctx->key, + &ctx->key_length); + } + else + { + memcpy(ctx->key,key,len); + memset(&(ctx->key[len]),0,sizeof(ctx->key)-len); + ctx->key_length=len; + } + } + + if (reset) + { + for (i=0; ikey[i]; + EVP_DigestInit(&ctx->i_ctx,md); + EVP_DigestUpdate(&ctx->i_ctx,pad,EVP_MD_block_size(md)); + + for (i=0; ikey[i]; + EVP_DigestInit(&ctx->o_ctx,md); + EVP_DigestUpdate(&ctx->o_ctx,pad,EVP_MD_block_size(md)); + } + + memcpy(&ctx->md_ctx,&ctx->i_ctx,sizeof(ctx->i_ctx)); + } + +void HMAC_Update(ctx,data,len) +HMAC_CTX *ctx; +unsigned char *data; +int len; + { + EVP_DigestUpdate(&(ctx->md_ctx),data,len); + } + +void HMAC_Final(ctx,md,len) +HMAC_CTX *ctx; +unsigned char *md; +unsigned int *len; + { + int j; + unsigned int i; + unsigned char buf[EVP_MAX_MD_SIZE]; + + j=EVP_MD_block_size(ctx->md); + + EVP_DigestFinal(&(ctx->md_ctx),buf,&i); + memcpy(&(ctx->md_ctx),&(ctx->o_ctx),sizeof(ctx->o_ctx)); + EVP_DigestUpdate(&(ctx->md_ctx),buf,i); + EVP_DigestFinal(&(ctx->md_ctx),md,len); + } + +void HMAC_cleanup(ctx) +HMAC_CTX *ctx; + { + memset(ctx,0,sizeof(HMAC_CTX)); + } + +unsigned char *HMAC(evp_md,key,key_len,d,n,md,md_len) +EVP_MD *evp_md; +unsigned char *key; +int key_len; +unsigned char *d; +int n; +unsigned char *md; +unsigned int *md_len; + { + HMAC_CTX c; + static unsigned char m[EVP_MAX_MD_SIZE]; + + if (md == NULL) md=m; + HMAC_Init(&c,key,key_len,evp_md); + HMAC_Update(&c,d,n); + HMAC_Final(&c,md,md_len); + HMAC_cleanup(&c); + return(md); + } + diff --git a/src/lib/libcrypto/hmac/hmac.h b/src/lib/libcrypto/hmac/hmac.h new file mode 100644 index 0000000000..e6b43f52c4 --- /dev/null +++ b/src/lib/libcrypto/hmac/hmac.h @@ -0,0 +1,106 @@ +/* crypto/hmac/hmac.h */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ +#ifndef HEADER_HMAC_H +#define HEADER_HMAC_H + +#ifdef __cplusplus +extern "C" { +#endif + +#include "evp.h" + +#define HMAC_MAX_MD_CBLOCK 64 + +typedef struct hmac_ctx_st + { + EVP_MD *md; + EVP_MD_CTX md_ctx; + EVP_MD_CTX i_ctx; + EVP_MD_CTX o_ctx; + unsigned int key_length; + unsigned char key[HMAC_MAX_MD_CBLOCK]; + } HMAC_CTX; + +#define HMAC_size(e) (EVP_MD_size((e)->md)) + +#ifndef NOPROTO + +void HMAC_Init(HMAC_CTX *ctx, unsigned char *key, int len, + EVP_MD *md); +void HMAC_Update(HMAC_CTX *ctx,unsigned char *key, int len); +void HMAC_Final(HMAC_CTX *ctx, unsigned char *md, unsigned int *len); +void HMAC_cleanup(HMAC_CTX *ctx); +unsigned char *HMAC(EVP_MD *evp_md, unsigned char *key, int key_len, + unsigned char *d, int n, unsigned char *md, unsigned int *md_len); + + +#else + +void HMAC_Init(); +void HMAC_Update(); +void HMAC_Final(); +void HMAC_cleanup(); +unsigned char *HMAC(); + +#endif + +#ifdef __cplusplus +} +#endif + +#endif diff --git a/src/lib/libcrypto/lhash/lh_stats.c b/src/lib/libcrypto/lhash/lh_stats.c new file mode 100644 index 0000000000..23fe82f777 --- /dev/null +++ b/src/lib/libcrypto/lhash/lh_stats.c @@ -0,0 +1,289 @@ +/* crypto/lhash/lh_stats.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include +#include +#include +/* If you wish to build this outside of SSLeay, remove the following lines + * and things should work as expected */ +#include "cryptlib.h" + +#include "lhash.h" + +#ifndef HEADER_BIO_H + +void lh_stats(lh, out) +LHASH *lh; +FILE *out; + { + fprintf(out,"num_items = %lu\n",lh->num_items); + fprintf(out,"num_nodes = %u\n",lh->num_nodes); + fprintf(out,"num_alloc_nodes = %u\n",lh->num_alloc_nodes); + fprintf(out,"num_expands = %lu\n",lh->num_expands); + fprintf(out,"num_expand_reallocs = %lu\n",lh->num_expand_reallocs); + fprintf(out,"num_contracts = %lu\n",lh->num_contracts); + fprintf(out,"num_contract_reallocs = %lu\n",lh->num_contract_reallocs); + fprintf(out,"num_hash_calls = %lu\n",lh->num_hash_calls); + fprintf(out,"num_comp_calls = %lu\n",lh->num_comp_calls); + fprintf(out,"num_insert = %lu\n",lh->num_insert); + fprintf(out,"num_replace = %lu\n",lh->num_replace); + fprintf(out,"num_delete = %lu\n",lh->num_delete); + fprintf(out,"num_no_delete = %lu\n",lh->num_no_delete); + fprintf(out,"num_retrieve = %lu\n",lh->num_retrieve); + fprintf(out,"num_retrieve_miss = %lu\n",lh->num_retrieve_miss); + fprintf(out,"num_hash_comps = %lu\n",lh->num_hash_comps); +#ifdef DEBUG + fprintf(out,"p = %u\n",lh->p); + fprintf(out,"pmax = %u\n",lh->pmax); + fprintf(out,"up_load = %lu\n",lh->up_load); + fprintf(out,"down_load = %lu\n",lh->down_load); +#endif + } + +void lh_node_stats(lh, out) +LHASH *lh; +FILE *out; + { + LHASH_NODE *n; + unsigned int i,num; + + for (i=0; inum_nodes; i++) + { + for (n=lh->b[i],num=0; n != NULL; n=n->next) + num++; + fprintf(out,"node %6u -> %3u\n",i,num); + } + } + +void lh_node_usage_stats(lh, out) +LHASH *lh; +FILE *out; + { + LHASH_NODE *n; + unsigned long num; + unsigned int i; + unsigned long total=0,n_used=0; + + for (i=0; inum_nodes; i++) + { + for (n=lh->b[i],num=0; n != NULL; n=n->next) + num++; + if (num != 0) + { + n_used++; + total+=num; + } + } + fprintf(out,"%lu nodes used out of %u\n",n_used,lh->num_nodes); + fprintf(out,"%lu items\n",total); + if (n_used == 0) return; + fprintf(out,"load %d.%02d actual load %d.%02d\n", + (int)(total/lh->num_nodes), + (int)((total%lh->num_nodes)*100/lh->num_nodes), + (int)(total/n_used), + (int)((total%n_used)*100/n_used)); + } + +#else + +#ifndef NO_FP_API +void lh_stats(lh,fp) +LHASH *lh; +FILE *fp; + { + BIO *bp; + + bp=BIO_new(BIO_s_file()); + if (bp == NULL) goto end; + BIO_set_fp(bp,fp,BIO_NOCLOSE); + lh_stats_bio(lh,bp); + BIO_free(bp); +end:; + } + +void lh_node_stats(lh,fp) +LHASH *lh; +FILE *fp; + { + BIO *bp; + + bp=BIO_new(BIO_s_file()); + if (bp == NULL) goto end; + BIO_set_fp(bp,fp,BIO_NOCLOSE); + lh_node_stats_bio(lh,bp); + BIO_free(bp); +end:; + } + +void lh_node_usage_stats(lh,fp) +LHASH *lh; +FILE *fp; + { + BIO *bp; + + bp=BIO_new(BIO_s_file()); + if (bp == NULL) goto end; + BIO_set_fp(bp,fp,BIO_NOCLOSE); + lh_node_usage_stats_bio(lh,bp); + BIO_free(bp); +end:; + } + +#endif + +void lh_stats_bio(lh, out) +LHASH *lh; +BIO *out; + { + char buf[128]; + + sprintf(buf,"num_items = %lu\n",lh->num_items); + BIO_puts(out,buf); + sprintf(buf,"num_nodes = %u\n",lh->num_nodes); + BIO_puts(out,buf); + sprintf(buf,"num_alloc_nodes = %u\n",lh->num_alloc_nodes); + BIO_puts(out,buf); + sprintf(buf,"num_expands = %lu\n",lh->num_expands); + BIO_puts(out,buf); + sprintf(buf,"num_expand_reallocs = %lu\n",lh->num_expand_reallocs); + BIO_puts(out,buf); + sprintf(buf,"num_contracts = %lu\n",lh->num_contracts); + BIO_puts(out,buf); + sprintf(buf,"num_contract_reallocs = %lu\n",lh->num_contract_reallocs); + BIO_puts(out,buf); + sprintf(buf,"num_hash_calls = %lu\n",lh->num_hash_calls); + BIO_puts(out,buf); + sprintf(buf,"num_comp_calls = %lu\n",lh->num_comp_calls); + BIO_puts(out,buf); + sprintf(buf,"num_insert = %lu\n",lh->num_insert); + BIO_puts(out,buf); + sprintf(buf,"num_replace = %lu\n",lh->num_replace); + BIO_puts(out,buf); + sprintf(buf,"num_delete = %lu\n",lh->num_delete); + BIO_puts(out,buf); + sprintf(buf,"num_no_delete = %lu\n",lh->num_no_delete); + BIO_puts(out,buf); + sprintf(buf,"num_retrieve = %lu\n",lh->num_retrieve); + BIO_puts(out,buf); + sprintf(buf,"num_retrieve_miss = %lu\n",lh->num_retrieve_miss); + BIO_puts(out,buf); + sprintf(buf,"num_hash_comps = %lu\n",lh->num_hash_comps); + BIO_puts(out,buf); +#ifdef DEBUG + sprintf(buf,"p = %u\n",lh->p); + BIO_puts(out,buf); + sprintf(buf,"pmax = %u\n",lh->pmax); + BIO_puts(out,buf); + sprintf(buf,"up_load = %lu\n",lh->up_load); + BIO_puts(out,buf); + sprintf(buf,"down_load = %lu\n",lh->down_load); + BIO_puts(out,buf); +#endif + } + +void lh_node_stats_bio(lh, out) +LHASH *lh; +BIO *out; + { + LHASH_NODE *n; + unsigned int i,num; + char buf[128]; + + for (i=0; inum_nodes; i++) + { + for (n=lh->b[i],num=0; n != NULL; n=n->next) + num++; + sprintf(buf,"node %6u -> %3u\n",i,num); + BIO_puts(out,buf); + } + } + +void lh_node_usage_stats_bio(lh, out) +LHASH *lh; +BIO *out; + { + LHASH_NODE *n; + unsigned long num; + unsigned int i; + unsigned long total=0,n_used=0; + char buf[128]; + + for (i=0; inum_nodes; i++) + { + for (n=lh->b[i],num=0; n != NULL; n=n->next) + num++; + if (num != 0) + { + n_used++; + total+=num; + } + } + sprintf(buf,"%lu nodes used out of %u\n",n_used,lh->num_nodes); + BIO_puts(out,buf); + sprintf(buf,"%lu items\n",total); + BIO_puts(out,buf); + if (n_used == 0) return; + sprintf(buf,"load %d.%02d actual load %d.%02d\n", + (int)(total/lh->num_nodes), + (int)((total%lh->num_nodes)*100/lh->num_nodes), + (int)(total/n_used), + (int)((total%n_used)*100/n_used)); + BIO_puts(out,buf); + } + +#endif diff --git a/src/lib/libcrypto/lhash/lhash.c b/src/lib/libcrypto/lhash/lhash.c new file mode 100644 index 0000000000..6dfb5c9ccc --- /dev/null +++ b/src/lib/libcrypto/lhash/lhash.c @@ -0,0 +1,489 @@ +/* crypto/lhash/lhash.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +char *lh_version="lhash part of SSLeay 0.9.0b 29-Jun-1998"; + +/* Code for dynamic hash table routines + * Author - Eric Young v 2.0 + * + * 2.0 eay - Fixed a bug that occured when using lh_delete + * from inside lh_doall(). As entries were deleted, + * the 'table' was 'contract()ed', making some entries + * jump from the end of the table to the start, there by + * skiping the lh_doall() processing. eay - 4/12/95 + * + * 1.9 eay - Fixed a memory leak in lh_free, the LHASH_NODEs + * were not being free()ed. 21/11/95 + * + * 1.8 eay - Put the stats routines into a separate file, lh_stats.c + * 19/09/95 + * + * 1.7 eay - Removed the fputs() for realloc failures - the code + * should silently tolerate them. I have also fixed things + * lint complained about 04/05/95 + * + * 1.6 eay - Fixed an invalid pointers in contract/expand 27/07/92 + * + * 1.5 eay - Fixed a misuse of realloc in expand 02/03/1992 + * + * 1.4 eay - Fixed lh_doall so the function can call lh_delete 28/05/91 + * + * 1.3 eay - Fixed a few lint problems 19/3/1991 + * + * 1.2 eay - Fixed lh_doall problem 13/3/1991 + * + * 1.1 eay - Added lh_doall + * + * 1.0 eay - First version + */ +#include +#include +#include +#include "lhash.h" + +#undef MIN_NODES +#define MIN_NODES 16 +#define UP_LOAD (2*LH_LOAD_MULT) /* load times 256 (default 2) */ +#define DOWN_LOAD (LH_LOAD_MULT) /* load times 256 (default 1) */ + +#ifndef NOPROTO + +#define P_CP char * +#define P_CPP char *,char * +static void expand(LHASH *lh); +static void contract(LHASH *lh); +static LHASH_NODE **getrn(LHASH *lh, char *data, unsigned long *rhash); + +#else + +#define P_CP +#define P_CPP +static void expand(); +static void contract(); +static LHASH_NODE **getrn(); + +#endif + +LHASH *lh_new(h, c) +unsigned long (*h)(); +int (*c)(); + { + LHASH *ret; + int i; + + if ((ret=(LHASH *)malloc(sizeof(LHASH))) == NULL) + goto err0; + if ((ret->b=(LHASH_NODE **)malloc(sizeof(LHASH_NODE *)*MIN_NODES)) == NULL) + goto err1; + for (i=0; ib[i]=NULL; + ret->comp=((c == NULL)?(int (*)())strcmp:c); + ret->hash=((h == NULL)?(unsigned long (*)())lh_strhash:h); + ret->num_nodes=MIN_NODES/2; + ret->num_alloc_nodes=MIN_NODES; + ret->p=0; + ret->pmax=MIN_NODES/2; + ret->up_load=UP_LOAD; + ret->down_load=DOWN_LOAD; + ret->num_items=0; + + ret->num_expands=0; + ret->num_expand_reallocs=0; + ret->num_contracts=0; + ret->num_contract_reallocs=0; + ret->num_hash_calls=0; + ret->num_comp_calls=0; + ret->num_insert=0; + ret->num_replace=0; + ret->num_delete=0; + ret->num_no_delete=0; + ret->num_retrieve=0; + ret->num_retrieve_miss=0; + ret->num_hash_comps=0; + + return(ret); +err1: + free((char *)ret); +err0: + return(NULL); + } + +void lh_free(lh) +LHASH *lh; + { + unsigned int i; + LHASH_NODE *n,*nn; + + for (i=0; inum_nodes; i++) + { + n=lh->b[i]; + while (n != NULL) + { + nn=n->next; + free(n); + n=nn; + } + } + free((char *)lh->b); + free((char *)lh); + } + +char *lh_insert(lh, data) +LHASH *lh; +char *data; + { + unsigned long hash; + LHASH_NODE *nn,**rn; + char *ret; + + if (lh->up_load <= (lh->num_items*LH_LOAD_MULT/lh->num_nodes)) + expand(lh); + + rn=getrn(lh,data,&hash); + + if (*rn == NULL) + { + if ((nn=(LHASH_NODE *)malloc(sizeof(LHASH_NODE))) == NULL) + return(NULL); + nn->data=data; + nn->next=NULL; +#ifndef NO_HASH_COMP + nn->hash=hash; +#endif + *rn=nn; + ret=NULL; + lh->num_insert++; + lh->num_items++; + } + else /* replace same key */ + { + ret= (*rn)->data; + (*rn)->data=data; + lh->num_replace++; + } + return(ret); + } + +char *lh_delete(lh, data) +LHASH *lh; +char *data; + { + unsigned long hash; + LHASH_NODE *nn,**rn; + char *ret; + + rn=getrn(lh,data,&hash); + + if (*rn == NULL) + { + lh->num_no_delete++; + return(NULL); + } + else + { + nn= *rn; + *rn=nn->next; + ret=nn->data; + free((char *)nn); + lh->num_delete++; + } + + lh->num_items--; + if ((lh->num_nodes > MIN_NODES) && + (lh->down_load >= (lh->num_items*LH_LOAD_MULT/lh->num_nodes))) + contract(lh); + + return(ret); + } + +char *lh_retrieve(lh, data) +LHASH *lh; +char *data; + { + unsigned long hash; + LHASH_NODE **rn; + char *ret; + + rn=getrn(lh,data,&hash); + + if (*rn == NULL) + { + lh->num_retrieve_miss++; + return(NULL); + } + else + { + ret= (*rn)->data; + lh->num_retrieve++; + } + return(ret); + } + +void lh_doall(lh, func) +LHASH *lh; +void (*func)(); + { + lh_doall_arg(lh,func,NULL); + } + +void lh_doall_arg(lh, func, arg) +LHASH *lh; +void (*func)(); +char *arg; + { + int i; + LHASH_NODE *a,*n; + + /* reverse the order so we search from 'top to bottom' + * We were having memory leaks otherwise */ + for (i=lh->num_nodes-1; i>=0; i--) + { + a=lh->b[i]; + while (a != NULL) + { + /* 28/05/91 - eay - n added so items can be deleted + * via lh_doall */ + n=a->next; + func(a->data,arg); + a=n; + } + } + } + +static void expand(lh) +LHASH *lh; + { + LHASH_NODE **n,**n1,**n2,*np; + unsigned int p,i,j; + unsigned long hash,nni; + + lh->num_nodes++; + lh->num_expands++; + p=(int)lh->p++; + n1= &(lh->b[p]); + n2= &(lh->b[p+(int)lh->pmax]); + *n2=NULL; /* 27/07/92 - eay - undefined pointer bug */ + nni=lh->num_alloc_nodes; + + for (np= *n1; np != NULL; ) + { +#ifndef NO_HASH_COMP + hash=np->hash; +#else + hash=(*(lh->hash))(np->data); + lh->num_hash_calls++; +#endif + if ((hash%nni) != p) + { /* move it */ + *n1= (*n1)->next; + np->next= *n2; + *n2=np; + } + else + n1= &((*n1)->next); + np= *n1; + } + + if ((lh->p) >= lh->pmax) + { + j=(int)lh->num_alloc_nodes*2; + n=(LHASH_NODE **)realloc((char *)lh->b, + (unsigned int)sizeof(LHASH_NODE *)*j); + if (n == NULL) + { +/* fputs("realloc error in lhash",stderr); */ + lh->p=0; + return; + } + /* else */ + for (i=(int)lh->num_alloc_nodes; ipmax=lh->num_alloc_nodes; + lh->num_alloc_nodes=j; + lh->num_expand_reallocs++; + lh->p=0; + lh->b=n; + } + } + +static void contract(lh) +LHASH *lh; + { + LHASH_NODE **n,*n1,*np; + + np=lh->b[lh->p+lh->pmax-1]; + lh->b[lh->p+lh->pmax-1]=NULL; /* 24/07-92 - eay - weird but :-( */ + if (lh->p == 0) + { + n=(LHASH_NODE **)realloc((char *)lh->b, + (unsigned int)(sizeof(LHASH_NODE *)*lh->pmax)); + if (n == NULL) + { +/* fputs("realloc error in lhash",stderr); */ + return; + } + lh->num_contract_reallocs++; + lh->num_alloc_nodes/=2; + lh->pmax/=2; + lh->p=lh->pmax-1; + lh->b=n; + } + else + lh->p--; + + lh->num_nodes--; + lh->num_contracts++; + + n1=lh->b[(int)lh->p]; + if (n1 == NULL) + lh->b[(int)lh->p]=np; + else + { + while (n1->next != NULL) + n1=n1->next; + n1->next=np; + } + } + +static LHASH_NODE **getrn(lh, data, rhash) +LHASH *lh; +char *data; +unsigned long *rhash; + { + LHASH_NODE **ret,*n1; + unsigned long hash,nn; + int (*cf)(); + + hash=(*(lh->hash))(data); + lh->num_hash_calls++; + *rhash=hash; + + nn=hash%lh->pmax; + if (nn < lh->p) + nn=hash%lh->num_alloc_nodes; + + cf=lh->comp; + ret= &(lh->b[(int)nn]); + for (n1= *ret; n1 != NULL; n1=n1->next) + { +#ifndef NO_HASH_COMP + lh->num_hash_comps++; + if (n1->hash != hash) + { + ret= &(n1->next); + continue; + } +#endif + lh->num_comp_calls++; + if ((*cf)(n1->data,data) == 0) + break; + ret= &(n1->next); + } + return(ret); + } + +/* +static unsigned long lh_strhash(str) +char *str; + { + int i,l; + unsigned long ret=0; + unsigned short *s; + + if (str == NULL) return(0); + l=(strlen(str)+1)/2; + s=(unsigned short *)str; + for (i=0; i>2)^v)&0x0f; + ret=(ret<>(32-r)); + ret&=0xFFFFFFFFL; + ret^=v*v; + c++; + } + return((ret>>16)^ret); + } + diff --git a/src/lib/libcrypto/lhash/lhash.h b/src/lib/libcrypto/lhash/lhash.h new file mode 100644 index 0000000000..70cbc6dfe7 --- /dev/null +++ b/src/lib/libcrypto/lhash/lhash.h @@ -0,0 +1,155 @@ +/* crypto/lhash/lhash.h */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +/* Header for dynamic hash table routines + * Author - Eric Young + */ + +#ifndef HEADER_LHASH_H +#define HEADER_LHASH_H + +#ifdef __cplusplus +extern "C" { +#endif + +typedef struct lhash_node_st + { + char *data; + struct lhash_node_st *next; +#ifndef NO_HASH_COMP + unsigned long hash; +#endif + } LHASH_NODE; + +typedef struct lhash_st + { + LHASH_NODE **b; + int (*comp)(); + unsigned long (*hash)(); + unsigned int num_nodes; + unsigned int num_alloc_nodes; + unsigned int p; + unsigned int pmax; + unsigned long up_load; /* load times 256 */ + unsigned long down_load; /* load times 256 */ + unsigned long num_items; + + unsigned long num_expands; + unsigned long num_expand_reallocs; + unsigned long num_contracts; + unsigned long num_contract_reallocs; + unsigned long num_hash_calls; + unsigned long num_comp_calls; + unsigned long num_insert; + unsigned long num_replace; + unsigned long num_delete; + unsigned long num_no_delete; + unsigned long num_retrieve; + unsigned long num_retrieve_miss; + unsigned long num_hash_comps; + } LHASH; + +#define LH_LOAD_MULT 256 + +#ifndef NOPROTO +LHASH *lh_new(unsigned long (*h)(), int (*c)()); +void lh_free(LHASH *lh); +char *lh_insert(LHASH *lh, char *data); +char *lh_delete(LHASH *lh, char *data); +char *lh_retrieve(LHASH *lh, char *data); +void lh_doall(LHASH *lh, void (*func)(/* char *b */)); +void lh_doall_arg(LHASH *lh, void (*func)(/*char *a,char *b*/),char *arg); +unsigned long lh_strhash(char *c); + +#ifndef NO_FP_API +void lh_stats(LHASH *lh, FILE *out); +void lh_node_stats(LHASH *lh, FILE *out); +void lh_node_usage_stats(LHASH *lh, FILE *out); +#endif + +#ifdef HEADER_BIO_H +void lh_stats_bio(LHASH *lh, BIO *out); +void lh_node_stats_bio(LHASH *lh, BIO *out); +void lh_node_usage_stats_bio(LHASH *lh, BIO *out); +#endif +#else +LHASH *lh_new(); +void lh_free(); +char *lh_insert(); +char *lh_delete(); +char *lh_retrieve(); +void lh_doall(); +void lh_doall_arg(); +unsigned long lh_strhash(); + +#ifndef NO_FP_API +void lh_stats(); +void lh_node_stats(); +void lh_node_usage_stats(); +#endif +void lh_stats_bio(); +void lh_node_stats_bio(); +void lh_node_usage_stats_bio(); +#endif + +#ifdef __cplusplus +} +#endif + +#endif + diff --git a/src/lib/libcrypto/md5/asm/md5-586.pl b/src/lib/libcrypto/md5/asm/md5-586.pl new file mode 100644 index 0000000000..2c7fb7dd98 --- /dev/null +++ b/src/lib/libcrypto/md5/asm/md5-586.pl @@ -0,0 +1,304 @@ +#!/usr/bin/perl + +# Normal is the +# md5_block_x86(MD5_CTX *c, ULONG *X); +# version, non-normal is the +# md5_block_x86(MD5_CTX *c, ULONG *X,int blocks); + +$normal=0; + +push(@INC,"perlasm","../../perlasm"); +require "x86asm.pl"; + +&asm_init($ARGV[0],$0); + +$A="eax"; +$B="ebx"; +$C="ecx"; +$D="edx"; +$tmp1="edi"; +$tmp2="ebp"; +$X="esi"; + +# What we need to load into $tmp for the next round +%Ltmp1=("R0",&Np($C), "R1",&Np($C), "R2",&Np($C), "R3",&Np($D)); +@xo=( + 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, # R0 + 1, 6, 11, 0, 5, 10, 15, 4, 9, 14, 3, 8, 13, 2, 7, 12, # R1 + 5, 8, 11, 14, 1, 4, 7, 10, 13, 0, 3, 6, 9, 12, 15, 2, # R2 + 0, 7, 14, 5, 12, 3, 10, 1, 8, 15, 6, 13, 4, 11, 2, 9, # R3 + ); + +&md5_block("md5_block_x86"); +&asm_finish(); + +sub Np + { + local($p)=@_; + local(%n)=($A,$D,$B,$A,$C,$B,$D,$C); + return($n{$p}); + } + +sub R0 + { + local($pos,$a,$b,$c,$d,$K,$ki,$s,$t)=@_; + + &mov($tmp1,$C) if $pos < 0; + &mov($tmp2,&DWP($xo[$ki]*4,$K,"",0)) if $pos < 0; # very first one + + # body proper + + &comment("R0 $ki"); + &xor($tmp1,$d); # F function - part 2 + + &and($tmp1,$b); # F function - part 3 + &lea($a,&DWP($t,$a,$tmp2,1)); + + &mov($tmp2,&DWP($xo[$ki+1]*4,$K,"",0)) if ($pos != 2); + &xor($tmp1,$d); # F function - part 4 + + &add($a,$tmp1); + &mov($tmp1,&Np($c)) if $pos < 1; # next tmp1 for R0 + &mov($tmp1,&Np($c)) if $pos == 1; # next tmp1 for R1 + + &rotl($a,$s); + &add($a,$b); + + } + +sub R1 + { + local($pos,$a,$b,$c,$d,$K,$ki,$s,$t)=@_; + + &comment("R1 $ki"); + + &lea($a,&DWP($t,$a,$tmp2,1)); + + &xor($tmp1,$b); # G function - part 2 + &and($tmp1,$d); # G function - part 3 + + &mov($tmp2,&DWP($xo[$ki+1]*4,$K,"",0)) if ($pos != 2); + &xor($tmp1,$c); # G function - part 4 + + &add($a,$tmp1); + &mov($tmp1,&Np($c)) if $pos < 1; # G function - part 1 + &mov($tmp1,&Np($c)) if $pos == 1; # G function - part 1 + + &rotl($a,$s); + + &add($a,$b); + } + +sub R2 + { + local($n,$pos,$a,$b,$c,$d,$K,$ki,$s,$t)=@_; + # This one is different, only 3 logical operations + +if (($n & 1) == 0) + { + &comment("R2 $ki"); + # make sure to do 'D' first, not 'B', else we clash with + # the last add from the previous round. + + &xor($tmp1,$d); # H function - part 2 + + &xor($tmp1,$b); # H function - part 3 + &lea($a,&DWP($t,$a,$tmp2,1)); + + &add($a,$tmp1); + &mov($tmp2,&DWP($xo[$ki+1]*4,$K,"",0)); + + &rotl($a,$s); + + &mov($tmp1,&Np($c)); + } +else + { + &comment("R2 $ki"); + # make sure to do 'D' first, not 'B', else we clash with + # the last add from the previous round. + + &lea($a,&DWP($t,$a,$tmp2,1)); + + &add($b,$c); # MOVED FORWARD + &xor($tmp1,$d); # H function - part 2 + + &xor($tmp1,$b); # H function - part 3 + &mov($tmp2,&DWP($xo[$ki+1]*4,$K,"",0)) if ($pos != 2); + + &add($a,$tmp1); + &mov($tmp1,&Np($c)) if $pos < 1; # H function - part 1 + &mov($tmp1,-1) if $pos == 1; # I function - part 1 + + &rotl($a,$s); + + &add($a,$b); + } + } + +sub R3 + { + local($pos,$a,$b,$c,$d,$K,$ki,$s,$t)=@_; + + &comment("R3 $ki"); + + # ¬($tmp1) + &xor($tmp1,$d) if $pos < 0; # I function - part 2 + + &or($tmp1,$b); # I function - part 3 + &lea($a,&DWP($t,$a,$tmp2,1)); + + &xor($tmp1,$c); # I function - part 4 + &mov($tmp2,&DWP($xo[$ki+1]*4,$K,"",0)) if $pos != 2; # load X/k value + &mov($tmp2,&wparam(0)) if $pos == 2; + + &add($a,$tmp1); + &mov($tmp1,-1) if $pos < 1; # H function - part 1 + &add($K,64) if $pos >=1 && !$normal; + + &rotl($a,$s); + + &xor($tmp1,&Np($d)) if $pos <= 0; # I function - part = first time + &mov($tmp1,&DWP( 0,$tmp2,"",0)) if $pos > 0; + &add($a,$b); + } + + +sub md5_block + { + local($name)=@_; + + &function_begin_B($name,"",3); + + # parameter 1 is the MD5_CTX structure. + # A 0 + # B 4 + # C 8 + # D 12 + + &push("esi"); + &push("edi"); + &mov($tmp1, &wparam(0)); # edi + &mov($X, &wparam(1)); # esi + &mov($C, &wparam(2)); + &push("ebp"); + &push("ebx"); + &add($C, $X); # offset we end at + &sub($C, 64); + &mov($A, &DWP( 0,$tmp1,"",0)); + &push($C); # Put on the TOS + &mov($B, &DWP( 4,$tmp1,"",0)); + &mov($C, &DWP( 8,$tmp1,"",0)); + &mov($D, &DWP(12,$tmp1,"",0)); + + &set_label("start") unless $normal; + &comment(""); + &comment("R0 section"); + + &R0(-2,$A,$B,$C,$D,$X, 0, 7,0xd76aa478); + &R0( 0,$D,$A,$B,$C,$X, 1,12,0xe8c7b756); + &R0( 0,$C,$D,$A,$B,$X, 2,17,0x242070db); + &R0( 0,$B,$C,$D,$A,$X, 3,22,0xc1bdceee); + &R0( 0,$A,$B,$C,$D,$X, 4, 7,0xf57c0faf); + &R0( 0,$D,$A,$B,$C,$X, 5,12,0x4787c62a); + &R0( 0,$C,$D,$A,$B,$X, 6,17,0xa8304613); + &R0( 0,$B,$C,$D,$A,$X, 7,22,0xfd469501); + &R0( 0,$A,$B,$C,$D,$X, 8, 7,0x698098d8); + &R0( 0,$D,$A,$B,$C,$X, 9,12,0x8b44f7af); + &R0( 0,$C,$D,$A,$B,$X,10,17,0xffff5bb1); + &R0( 0,$B,$C,$D,$A,$X,11,22,0x895cd7be); + &R0( 0,$A,$B,$C,$D,$X,12, 7,0x6b901122); + &R0( 0,$D,$A,$B,$C,$X,13,12,0xfd987193); + &R0( 0,$C,$D,$A,$B,$X,14,17,0xa679438e); + &R0( 1,$B,$C,$D,$A,$X,15,22,0x49b40821); + + &comment(""); + &comment("R1 section"); + &R1(-1,$A,$B,$C,$D,$X,16, 5,0xf61e2562); + &R1( 0,$D,$A,$B,$C,$X,17, 9,0xc040b340); + &R1( 0,$C,$D,$A,$B,$X,18,14,0x265e5a51); + &R1( 0,$B,$C,$D,$A,$X,19,20,0xe9b6c7aa); + &R1( 0,$A,$B,$C,$D,$X,20, 5,0xd62f105d); + &R1( 0,$D,$A,$B,$C,$X,21, 9,0x02441453); + &R1( 0,$C,$D,$A,$B,$X,22,14,0xd8a1e681); + &R1( 0,$B,$C,$D,$A,$X,23,20,0xe7d3fbc8); + &R1( 0,$A,$B,$C,$D,$X,24, 5,0x21e1cde6); + &R1( 0,$D,$A,$B,$C,$X,25, 9,0xc33707d6); + &R1( 0,$C,$D,$A,$B,$X,26,14,0xf4d50d87); + &R1( 0,$B,$C,$D,$A,$X,27,20,0x455a14ed); + &R1( 0,$A,$B,$C,$D,$X,28, 5,0xa9e3e905); + &R1( 0,$D,$A,$B,$C,$X,29, 9,0xfcefa3f8); + &R1( 0,$C,$D,$A,$B,$X,30,14,0x676f02d9); + &R1( 1,$B,$C,$D,$A,$X,31,20,0x8d2a4c8a); + + &comment(""); + &comment("R2 section"); + &R2( 0,-1,$A,$B,$C,$D,$X,32, 4,0xfffa3942); + &R2( 1, 0,$D,$A,$B,$C,$X,33,11,0x8771f681); + &R2( 2, 0,$C,$D,$A,$B,$X,34,16,0x6d9d6122); + &R2( 3, 0,$B,$C,$D,$A,$X,35,23,0xfde5380c); + &R2( 4, 0,$A,$B,$C,$D,$X,36, 4,0xa4beea44); + &R2( 5, 0,$D,$A,$B,$C,$X,37,11,0x4bdecfa9); + &R2( 6, 0,$C,$D,$A,$B,$X,38,16,0xf6bb4b60); + &R2( 7, 0,$B,$C,$D,$A,$X,39,23,0xbebfbc70); + &R2( 8, 0,$A,$B,$C,$D,$X,40, 4,0x289b7ec6); + &R2( 9, 0,$D,$A,$B,$C,$X,41,11,0xeaa127fa); + &R2(10, 0,$C,$D,$A,$B,$X,42,16,0xd4ef3085); + &R2(11, 0,$B,$C,$D,$A,$X,43,23,0x04881d05); + &R2(12, 0,$A,$B,$C,$D,$X,44, 4,0xd9d4d039); + &R2(13, 0,$D,$A,$B,$C,$X,45,11,0xe6db99e5); + &R2(14, 0,$C,$D,$A,$B,$X,46,16,0x1fa27cf8); + &R2(15, 1,$B,$C,$D,$A,$X,47,23,0xc4ac5665); + + &comment(""); + &comment("R3 section"); + &R3(-1,$A,$B,$C,$D,$X,48, 6,0xf4292244); + &R3( 0,$D,$A,$B,$C,$X,49,10,0x432aff97); + &R3( 0,$C,$D,$A,$B,$X,50,15,0xab9423a7); + &R3( 0,$B,$C,$D,$A,$X,51,21,0xfc93a039); + &R3( 0,$A,$B,$C,$D,$X,52, 6,0x655b59c3); + &R3( 0,$D,$A,$B,$C,$X,53,10,0x8f0ccc92); + &R3( 0,$C,$D,$A,$B,$X,54,15,0xffeff47d); + &R3( 0,$B,$C,$D,$A,$X,55,21,0x85845dd1); + &R3( 0,$A,$B,$C,$D,$X,56, 6,0x6fa87e4f); + &R3( 0,$D,$A,$B,$C,$X,57,10,0xfe2ce6e0); + &R3( 0,$C,$D,$A,$B,$X,58,15,0xa3014314); + &R3( 0,$B,$C,$D,$A,$X,59,21,0x4e0811a1); + &R3( 0,$A,$B,$C,$D,$X,60, 6,0xf7537e82); + &R3( 0,$D,$A,$B,$C,$X,61,10,0xbd3af235); + &R3( 0,$C,$D,$A,$B,$X,62,15,0x2ad7d2bb); + &R3( 2,$B,$C,$D,$A,$X,63,21,0xeb86d391); + + # &mov($tmp2,&wparam(0)); # done in the last R3 + # &mov($tmp1, &DWP( 0,$tmp2,"",0)); # done is the last R3 + + &add($A,$tmp1); + &mov($tmp1, &DWP( 4,$tmp2,"",0)); + + &add($B,$tmp1); + &mov($tmp1, &DWP( 8,$tmp2,"",0)); + + &add($C,$tmp1); + &mov($tmp1, &DWP(12,$tmp2,"",0)); + + &add($D,$tmp1); + &mov(&DWP( 0,$tmp2,"",0),$A); + + &mov(&DWP( 4,$tmp2,"",0),$B); + &mov($tmp1,&swtmp(0)) unless $normal; + + &mov(&DWP( 8,$tmp2,"",0),$C); + &mov(&DWP(12,$tmp2,"",0),$D); + + &cmp($tmp1,$X) unless $normal; # check count + &jge(&label("start")) unless $normal; + + &pop("eax"); # pop the temp variable off the stack + &pop("ebx"); + &pop("ebp"); + &pop("edi"); + &pop("esi"); + &ret(); + &function_end_B($name); + } + diff --git a/src/lib/libcrypto/md5/md5.h b/src/lib/libcrypto/md5/md5.h new file mode 100644 index 0000000000..357c6c625d --- /dev/null +++ b/src/lib/libcrypto/md5/md5.h @@ -0,0 +1,99 @@ +/* crypto/md5/md5.h */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#ifndef HEADER_MD5_H +#define HEADER_MD5_H + +#ifdef __cplusplus +extern "C" { +#endif + +#define MD5_CBLOCK 64 +#define MD5_LBLOCK 16 +#define MD5_BLOCK 16 +#define MD5_LAST_BLOCK 56 +#define MD5_LENGTH_BLOCK 8 +#define MD5_DIGEST_LENGTH 16 + +typedef struct MD5state_st + { + unsigned long A,B,C,D; + unsigned long Nl,Nh; + unsigned long data[MD5_LBLOCK]; + int num; + } MD5_CTX; + +#ifndef NOPROTO +void MD5_Init(MD5_CTX *c); +void MD5_Update(MD5_CTX *c, unsigned char *data, unsigned long len); +void MD5_Final(unsigned char *md, MD5_CTX *c); +unsigned char *MD5(unsigned char *d, unsigned long n, unsigned char *md); +void MD5_Transform(MD5_CTX *c, unsigned char *b); +#else +void MD5_Init(); +void MD5_Update(); +void MD5_Final(); +unsigned char *MD5(); +void MD5_Transform(); +#endif + +#ifdef __cplusplus +} +#endif + +#endif diff --git a/src/lib/libcrypto/md5/md5_dgst.c b/src/lib/libcrypto/md5/md5_dgst.c new file mode 100644 index 0000000000..43b3498d92 --- /dev/null +++ b/src/lib/libcrypto/md5/md5_dgst.c @@ -0,0 +1,440 @@ +/* crypto/md5/md5_dgst.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include +#include "md5_locl.h" + +char *MD5_version="MD5 part of SSLeay 0.9.0b 29-Jun-1998"; + +/* Implemented from RFC1321 The MD5 Message-Digest Algorithm + */ + +#define INIT_DATA_A (unsigned long)0x67452301L +#define INIT_DATA_B (unsigned long)0xefcdab89L +#define INIT_DATA_C (unsigned long)0x98badcfeL +#define INIT_DATA_D (unsigned long)0x10325476L + +#ifndef NOPROTO +# ifdef MD5_ASM + void md5_block_x86(MD5_CTX *c, unsigned long *p,int num); +# define md5_block md5_block_x86 +# else + static void md5_block(MD5_CTX *c, unsigned long *p,int num); +# endif +#else +# ifdef MD5_ASM + void md5_block_x86(); +# define md5_block md5_block_x86 +# else + static void md5_block(); +# endif +#endif + +void MD5_Init(c) +MD5_CTX *c; + { + c->A=INIT_DATA_A; + c->B=INIT_DATA_B; + c->C=INIT_DATA_C; + c->D=INIT_DATA_D; + c->Nl=0; + c->Nh=0; + c->num=0; + } + +void MD5_Update(c, data, len) +MD5_CTX *c; +register unsigned char *data; +unsigned long len; + { + register ULONG *p; + int sw,sc; + ULONG l; + + if (len == 0) return; + + l=(c->Nl+(len<<3))&0xffffffffL; + /* 95-05-24 eay Fixed a bug with the overflow handling, thanks to + * Wei Dai for pointing it out. */ + if (l < c->Nl) /* overflow */ + c->Nh++; + c->Nh+=(len>>29); + c->Nl=l; + + if (c->num != 0) + { + p=c->data; + sw=c->num>>2; + sc=c->num&0x03; + + if ((c->num+len) >= MD5_CBLOCK) + { + l= p[sw]; + p_c2l(data,l,sc); + p[sw++]=l; + for (; swnum); + + md5_block(c,p,64); + c->num=0; + /* drop through and do the rest */ + } + else + { + int ew,ec; + + c->num+=(int)len; + if ((sc+len) < 4) /* ugly, add char's to a word */ + { + l= p[sw]; + p_c2l_p(data,l,sc,len); + p[sw]=l; + } + else + { + ew=(c->num>>2); + ec=(c->num&0x03); + l= p[sw]; + p_c2l(data,l,sc); + p[sw++]=l; + for (; sw < ew; sw++) + { c2l(data,l); p[sw]=l; } + if (ec) + { + c2l_p(data,l,ec); + p[sw]=l; + } + } + return; + } + } + /* we now can process the input data in blocks of MD5_CBLOCK + * chars and save the leftovers to c->data. */ +#ifdef L_ENDIAN + if ((((unsigned long)data)%sizeof(ULONG)) == 0) + { + sw=(int)len/MD5_CBLOCK; + if (sw > 0) + { + sw*=MD5_CBLOCK; + md5_block(c,(ULONG *)data,sw); + data+=sw; + len-=sw; + } + } +#endif + p=c->data; + while (len >= MD5_CBLOCK) + { +#if defined(L_ENDIAN) || defined(B_ENDIAN) + if (p != (unsigned long *)data) + memcpy(p,data,MD5_CBLOCK); + data+=MD5_CBLOCK; +#ifdef B_ENDIAN + for (sw=(MD5_LBLOCK/4); sw; sw--) + { + Endian_Reverse32(p[0]); + Endian_Reverse32(p[1]); + Endian_Reverse32(p[2]); + Endian_Reverse32(p[3]); + p+=4; + } +#endif +#else + for (sw=(MD5_LBLOCK/4); sw; sw--) + { + c2l(data,l); *(p++)=l; + c2l(data,l); *(p++)=l; + c2l(data,l); *(p++)=l; + c2l(data,l); *(p++)=l; + } +#endif + p=c->data; + md5_block(c,p,64); + len-=MD5_CBLOCK; + } + sc=(int)len; + c->num=sc; + if (sc) + { + sw=sc>>2; /* words to copy */ +#ifdef L_ENDIAN + p[sw]=0; + memcpy(p,data,sc); +#else + sc&=0x03; + for ( ; sw; sw--) + { c2l(data,l); *(p++)=l; } + c2l_p(data,l,sc); + *p=l; +#endif + } + } + +void MD5_Transform(c,b) +MD5_CTX *c; +unsigned char *b; + { + ULONG p[16]; +#if !defined(L_ENDIAN) + ULONG *q; + int i; +#endif + +#if defined(B_ENDIAN) || defined(L_ENDIAN) + memcpy(p,b,64); +#ifdef B_ENDIAN + q=p; + for (i=(MD5_LBLOCK/4); i; i--) + { + Endian_Reverse32(q[0]); + Endian_Reverse32(q[1]); + Endian_Reverse32(q[2]); + Endian_Reverse32(q[3]); + q+=4; + } +#endif +#else + q=p; + for (i=(MD5_LBLOCK/4); i; i--) + { + ULONG l; + c2l(b,l); *(q++)=l; + c2l(b,l); *(q++)=l; + c2l(b,l); *(q++)=l; + c2l(b,l); *(q++)=l; + } +#endif + md5_block(c,p,64); + } + +#ifndef MD5_ASM + +static void md5_block(c, X, num) +MD5_CTX *c; +register ULONG *X; +int num; + { + register ULONG A,B,C,D; + + A=c->A; + B=c->B; + C=c->C; + D=c->D; + for (;;) + { + /* Round 0 */ + R0(A,B,C,D,X[ 0], 7,0xd76aa478L); + R0(D,A,B,C,X[ 1],12,0xe8c7b756L); + R0(C,D,A,B,X[ 2],17,0x242070dbL); + R0(B,C,D,A,X[ 3],22,0xc1bdceeeL); + R0(A,B,C,D,X[ 4], 7,0xf57c0fafL); + R0(D,A,B,C,X[ 5],12,0x4787c62aL); + R0(C,D,A,B,X[ 6],17,0xa8304613L); + R0(B,C,D,A,X[ 7],22,0xfd469501L); + R0(A,B,C,D,X[ 8], 7,0x698098d8L); + R0(D,A,B,C,X[ 9],12,0x8b44f7afL); + R0(C,D,A,B,X[10],17,0xffff5bb1L); + R0(B,C,D,A,X[11],22,0x895cd7beL); + R0(A,B,C,D,X[12], 7,0x6b901122L); + R0(D,A,B,C,X[13],12,0xfd987193L); + R0(C,D,A,B,X[14],17,0xa679438eL); + R0(B,C,D,A,X[15],22,0x49b40821L); + /* Round 1 */ + R1(A,B,C,D,X[ 1], 5,0xf61e2562L); + R1(D,A,B,C,X[ 6], 9,0xc040b340L); + R1(C,D,A,B,X[11],14,0x265e5a51L); + R1(B,C,D,A,X[ 0],20,0xe9b6c7aaL); + R1(A,B,C,D,X[ 5], 5,0xd62f105dL); + R1(D,A,B,C,X[10], 9,0x02441453L); + R1(C,D,A,B,X[15],14,0xd8a1e681L); + R1(B,C,D,A,X[ 4],20,0xe7d3fbc8L); + R1(A,B,C,D,X[ 9], 5,0x21e1cde6L); + R1(D,A,B,C,X[14], 9,0xc33707d6L); + R1(C,D,A,B,X[ 3],14,0xf4d50d87L); + R1(B,C,D,A,X[ 8],20,0x455a14edL); + R1(A,B,C,D,X[13], 5,0xa9e3e905L); + R1(D,A,B,C,X[ 2], 9,0xfcefa3f8L); + R1(C,D,A,B,X[ 7],14,0x676f02d9L); + R1(B,C,D,A,X[12],20,0x8d2a4c8aL); + /* Round 2 */ + R2(A,B,C,D,X[ 5], 4,0xfffa3942L); + R2(D,A,B,C,X[ 8],11,0x8771f681L); + R2(C,D,A,B,X[11],16,0x6d9d6122L); + R2(B,C,D,A,X[14],23,0xfde5380cL); + R2(A,B,C,D,X[ 1], 4,0xa4beea44L); + R2(D,A,B,C,X[ 4],11,0x4bdecfa9L); + R2(C,D,A,B,X[ 7],16,0xf6bb4b60L); + R2(B,C,D,A,X[10],23,0xbebfbc70L); + R2(A,B,C,D,X[13], 4,0x289b7ec6L); + R2(D,A,B,C,X[ 0],11,0xeaa127faL); + R2(C,D,A,B,X[ 3],16,0xd4ef3085L); + R2(B,C,D,A,X[ 6],23,0x04881d05L); + R2(A,B,C,D,X[ 9], 4,0xd9d4d039L); + R2(D,A,B,C,X[12],11,0xe6db99e5L); + R2(C,D,A,B,X[15],16,0x1fa27cf8L); + R2(B,C,D,A,X[ 2],23,0xc4ac5665L); + /* Round 3 */ + R3(A,B,C,D,X[ 0], 6,0xf4292244L); + R3(D,A,B,C,X[ 7],10,0x432aff97L); + R3(C,D,A,B,X[14],15,0xab9423a7L); + R3(B,C,D,A,X[ 5],21,0xfc93a039L); + R3(A,B,C,D,X[12], 6,0x655b59c3L); + R3(D,A,B,C,X[ 3],10,0x8f0ccc92L); + R3(C,D,A,B,X[10],15,0xffeff47dL); + R3(B,C,D,A,X[ 1],21,0x85845dd1L); + R3(A,B,C,D,X[ 8], 6,0x6fa87e4fL); + R3(D,A,B,C,X[15],10,0xfe2ce6e0L); + R3(C,D,A,B,X[ 6],15,0xa3014314L); + R3(B,C,D,A,X[13],21,0x4e0811a1L); + R3(A,B,C,D,X[ 4], 6,0xf7537e82L); + R3(D,A,B,C,X[11],10,0xbd3af235L); + R3(C,D,A,B,X[ 2],15,0x2ad7d2bbL); + R3(B,C,D,A,X[ 9],21,0xeb86d391L); + + A+=c->A&0xffffffffL; + B+=c->B&0xffffffffL; + c->A=A; + c->B=B; + C+=c->C&0xffffffffL; + D+=c->D&0xffffffffL; + c->C=C; + c->D=D; + X+=16; + num-=64; + if (num <= 0) break; + } + } +#endif + +void MD5_Final(md, c) +unsigned char *md; +MD5_CTX *c; + { + register int i,j; + register ULONG l; + register ULONG *p; + static unsigned char end[4]={0x80,0x00,0x00,0x00}; + unsigned char *cp=end; + + /* c->num should definitly have room for at least one more byte. */ + p=c->data; + j=c->num; + i=j>>2; + + /* purify often complains about the following line as an + * Uninitialized Memory Read. While this can be true, the + * following p_c2l macro will reset l when that case is true. + * This is because j&0x03 contains the number of 'valid' bytes + * already in p[i]. If and only if j&0x03 == 0, the UMR will + * occur but this is also the only time p_c2l will do + * l= *(cp++) instead of l|= *(cp++) + * Many thanks to Alex Tang for pickup this + * 'potential bug' */ +#ifdef PURIFY + if ((j&0x03) == 0) p[i]=0; +#endif + l=p[i]; + p_c2l(cp,l,j&0x03); + p[i]=l; + i++; + /* i is the next 'undefined word' */ + if (c->num >= MD5_LAST_BLOCK) + { + for (; iNl; + p[MD5_LBLOCK-1]=c->Nh; + md5_block(c,p,64); + cp=md; + l=c->A; l2c(l,cp); + l=c->B; l2c(l,cp); + l=c->C; l2c(l,cp); + l=c->D; l2c(l,cp); + + /* clear stuff, md5_block may be leaving some stuff on the stack + * but I'm not worried :-) */ + c->num=0; +/* memset((char *)&c,0,sizeof(c));*/ + } + +#ifdef undef +int printit(l) +unsigned long *l; + { + int i,ii; + + for (i=0; i<2; i++) + { + for (ii=0; ii<8; ii++) + { + fprintf(stderr,"%08lx ",l[i*8+ii]); + } + fprintf(stderr,"\n"); + } + } +#endif diff --git a/src/lib/libcrypto/md5/md5_locl.h b/src/lib/libcrypto/md5/md5_locl.h new file mode 100644 index 0000000000..dbbe1b71ca --- /dev/null +++ b/src/lib/libcrypto/md5/md5_locl.h @@ -0,0 +1,195 @@ +/* crypto/md5/md5_locl.h */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +/* On sparc, this actually slows things down :-( */ +#if defined(sun) +#undef B_ENDIAN +#endif + +#include +#include +#include "md5.h" + +#define ULONG unsigned long +#define UCHAR unsigned char +#define UINT unsigned int + +#if defined(NOCONST) +#define const +#endif + +#undef c2l +#define c2l(c,l) (l = ((unsigned long)(*((c)++))) , \ + l|=(((unsigned long)(*((c)++)))<< 8), \ + l|=(((unsigned long)(*((c)++)))<<16), \ + l|=(((unsigned long)(*((c)++)))<<24)) + +#undef p_c2l +#define p_c2l(c,l,n) { \ + switch (n) { \ + case 0: l =((unsigned long)(*((c)++))); \ + case 1: l|=((unsigned long)(*((c)++)))<< 8; \ + case 2: l|=((unsigned long)(*((c)++)))<<16; \ + case 3: l|=((unsigned long)(*((c)++)))<<24; \ + } \ + } + +/* NOTE the pointer is not incremented at the end of this */ +#undef c2l_p +#define c2l_p(c,l,n) { \ + l=0; \ + (c)+=n; \ + switch (n) { \ + case 3: l =((unsigned long)(*(--(c))))<<16; \ + case 2: l|=((unsigned long)(*(--(c))))<< 8; \ + case 1: l|=((unsigned long)(*(--(c)))) ; \ + } \ + } + +#undef p_c2l_p +#define p_c2l_p(c,l,sc,len) { \ + switch (sc) \ + { \ + case 0: l =((unsigned long)(*((c)++))); \ + if (--len == 0) break; \ + case 1: l|=((unsigned long)(*((c)++)))<< 8; \ + if (--len == 0) break; \ + case 2: l|=((unsigned long)(*((c)++)))<<16; \ + } \ + } + +#undef l2c +#define l2c(l,c) (*((c)++)=(unsigned char)(((l) )&0xff), \ + *((c)++)=(unsigned char)(((l)>> 8)&0xff), \ + *((c)++)=(unsigned char)(((l)>>16)&0xff), \ + *((c)++)=(unsigned char)(((l)>>24)&0xff)) + +/* NOTE - c is not incremented as per l2c */ +#undef l2cn +#define l2cn(l1,l2,c,n) { \ + c+=n; \ + switch (n) { \ + case 8: *(--(c))=(unsigned char)(((l2)>>24)&0xff); \ + case 7: *(--(c))=(unsigned char)(((l2)>>16)&0xff); \ + case 6: *(--(c))=(unsigned char)(((l2)>> 8)&0xff); \ + case 5: *(--(c))=(unsigned char)(((l2) )&0xff); \ + case 4: *(--(c))=(unsigned char)(((l1)>>24)&0xff); \ + case 3: *(--(c))=(unsigned char)(((l1)>>16)&0xff); \ + case 2: *(--(c))=(unsigned char)(((l1)>> 8)&0xff); \ + case 1: *(--(c))=(unsigned char)(((l1) )&0xff); \ + } \ + } + +/* A nice byte order reversal from Wei Dai */ +#if defined(WIN32) +/* 5 instructions with rotate instruction, else 9 */ +#define Endian_Reverse32(a) \ + { \ + unsigned long l=(a); \ + (a)=((ROTATE(l,8)&0x00FF00FF)|(ROTATE(l,24)&0xFF00FF00)); \ + } +#else +/* 6 instructions with rotate instruction, else 8 */ +#define Endian_Reverse32(a) \ + { \ + unsigned long l=(a); \ + l=(((l&0xFF00FF00)>>8L)|((l&0x00FF00FF)<<8L)); \ + (a)=ROTATE(l,16L); \ + } +#endif +/* +#define F(x,y,z) (((x) & (y)) | ((~(x)) & (z))) +#define G(x,y,z) (((x) & (z)) | ((y) & (~(z)))) +*/ + +/* As pointed out by Wei Dai , the above can be + * simplified to the code below. Wei attributes these optimisations + * to Peter Gutmann's SHS code, and he attributes it to Rich Schroeppel. + */ +#define F(b,c,d) ((((c) ^ (d)) & (b)) ^ (d)) +#define G(b,c,d) ((((b) ^ (c)) & (d)) ^ (c)) +#define H(b,c,d) ((b) ^ (c) ^ (d)) +#define I(b,c,d) (((~(d)) | (b)) ^ (c)) + +#undef ROTATE +#if defined(WIN32) +#define ROTATE(a,n) _lrotl(a,n) +#else +#define ROTATE(a,n) (((a)<<(n))|(((a)&0xffffffff)>>(32-(n)))) +#endif + + +#define R0(a,b,c,d,k,s,t) { \ + a+=((k)+(t)+F((b),(c),(d))); \ + a=ROTATE(a,s); \ + a+=b; };\ + +#define R1(a,b,c,d,k,s,t) { \ + a+=((k)+(t)+G((b),(c),(d))); \ + a=ROTATE(a,s); \ + a+=b; }; + +#define R2(a,b,c,d,k,s,t) { \ + a+=((k)+(t)+H((b),(c),(d))); \ + a=ROTATE(a,s); \ + a+=b; }; + +#define R3(a,b,c,d,k,s,t) { \ + a+=((k)+(t)+I((b),(c),(d))); \ + a=ROTATE(a,s); \ + a+=b; }; diff --git a/src/lib/libcrypto/md5/md5_one.c b/src/lib/libcrypto/md5/md5_one.c new file mode 100644 index 0000000000..ab6bb435f9 --- /dev/null +++ b/src/lib/libcrypto/md5/md5_one.c @@ -0,0 +1,77 @@ +/* crypto/md5/md5_one.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include +#include "md5_locl.h" + +unsigned char *MD5(d, n, md) +unsigned char *d; +unsigned long n; +unsigned char *md; + { + MD5_CTX c; + static unsigned char m[MD5_DIGEST_LENGTH]; + + if (md == NULL) md=m; + MD5_Init(&c); + MD5_Update(&c,d,n); + MD5_Final(md,&c); + memset(&c,0,sizeof(c)); /* security consideration */ + return(md); + } + diff --git a/src/lib/libcrypto/objects/obj_dat.c b/src/lib/libcrypto/objects/obj_dat.c new file mode 100644 index 0000000000..34866ebbd2 --- /dev/null +++ b/src/lib/libcrypto/objects/obj_dat.c @@ -0,0 +1,578 @@ +/* crypto/objects/obj_dat.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include +#include +#include "cryptlib.h" +#include "lhash.h" +#include "asn1.h" +#include "objects.h" + +/* obj_dat.h is generated from objects.h by obj_dat.pl */ +#include "obj_dat.h" + +#ifndef NOPROTO +static int sn_cmp(ASN1_OBJECT **a, ASN1_OBJECT **b); +static int ln_cmp(ASN1_OBJECT **a, ASN1_OBJECT **b); +static int obj_cmp(ASN1_OBJECT **a, ASN1_OBJECT **b); +#else +static int sn_cmp(); +static int ln_cmp(); +static int obj_cmp(); +#endif + +#define ADDED_DATA 0 +#define ADDED_SNAME 1 +#define ADDED_LNAME 2 +#define ADDED_NID 3 + +typedef struct added_obj_st + { + int type; + ASN1_OBJECT *obj; + } ADDED_OBJ; + +static int new_nid=NUM_NID; +static LHASH *added=NULL; + +static int sn_cmp(ap,bp) +ASN1_OBJECT **ap; +ASN1_OBJECT **bp; + { return(strcmp((*ap)->sn,(*bp)->sn)); } + +static int ln_cmp(ap,bp) +ASN1_OBJECT **ap; +ASN1_OBJECT **bp; + { return(strcmp((*ap)->ln,(*bp)->ln)); } + +static unsigned long add_hash(ca) +ADDED_OBJ *ca; + { + ASN1_OBJECT *a; + int i; + unsigned long ret=0; + unsigned char *p; + + a=ca->obj; + switch (ca->type) + { + case ADDED_DATA: + ret=a->length<<20L; + p=(unsigned char *)a->data; + for (i=0; ilength; i++) + ret^=p[i]<<((i*3)%24); + break; + case ADDED_SNAME: + ret=lh_strhash(a->sn); + break; + case ADDED_LNAME: + ret=lh_strhash(a->ln); + break; + case ADDED_NID: + ret=a->nid; + break; + default: + abort(); + } + ret&=0x3fffffffL; + ret|=ca->type<<30L; + return(ret); + } + +static int add_cmp(ca,cb) +ADDED_OBJ *ca,*cb; + { + ASN1_OBJECT *a,*b; + int i; + + i=ca->type-cb->type; + if (i) return(i); + a=ca->obj; + b=cb->obj; + switch (ca->type) + { + case ADDED_DATA: + i=(a->length - b->length); + if (i) return(i); + return(memcmp(a->data,b->data,a->length)); + case ADDED_SNAME: + if (a->sn == NULL) return(-1); + else if (b->sn == NULL) return(1); + else return(strcmp(a->sn,b->sn)); + case ADDED_LNAME: + if (a->ln == NULL) return(-1); + else if (b->ln == NULL) return(1); + else return(strcmp(a->ln,b->ln)); + case ADDED_NID: + return(a->nid-b->nid); + default: + abort(); + } + } + +static int init_added() + { + if (added != NULL) return(1); + added=lh_new(add_hash,add_cmp); + return(added != NULL); + } + +static void cleanup1(a) +ADDED_OBJ *a; + { + a->obj->nid=0; + a->obj->flags|=ASN1_OBJECT_FLAG_DYNAMIC| + ASN1_OBJECT_FLAG_DYNAMIC_STRINGS; + } + +static void cleanup2(a) +ADDED_OBJ *a; + { a->obj->nid++; } + +static void cleanup3(a) +ADDED_OBJ *a; + { + if (--a->obj->nid == 0) + ASN1_OBJECT_free(a->obj); + Free(a); + } + +void OBJ_cleanup() + { + if (added == NULL) return; + added->down_load=0; + lh_doall(added,cleanup1); /* zero counters */ + lh_doall(added,cleanup2); /* set counters */ + lh_doall(added,cleanup3); /* free objects */ + lh_free(added); + added=NULL; + } + +int OBJ_new_nid(num) +int num; + { + int i; + + i=new_nid; + new_nid+=num; + return(i); + } + +int OBJ_add_object(obj) +ASN1_OBJECT *obj; + { + ASN1_OBJECT *o; + ADDED_OBJ *ao[4],*aop; + int i; + + if (added == NULL) + if (!init_added()) return(0); + if ((o=OBJ_dup(obj)) == NULL) goto err; + ao[ADDED_DATA]=NULL; + ao[ADDED_SNAME]=NULL; + ao[ADDED_LNAME]=NULL; + ao[ADDED_NID]=NULL; + ao[ADDED_NID]=(ADDED_OBJ *)Malloc(sizeof(ADDED_OBJ)); + if ((o->length != 0) && (obj->data != NULL)) + ao[ADDED_DATA]=(ADDED_OBJ *)Malloc(sizeof(ADDED_OBJ)); + if (o->sn != NULL) + ao[ADDED_SNAME]=(ADDED_OBJ *)Malloc(sizeof(ADDED_OBJ)); + if (o->ln != NULL) + ao[ADDED_LNAME]=(ADDED_OBJ *)Malloc(sizeof(ADDED_OBJ)); + + for (i=ADDED_DATA; i<=ADDED_NID; i++) + { + if (ao[i] != NULL) + { + ao[i]->type=i; + ao[i]->obj=o; + aop=(ADDED_OBJ *)lh_insert(added,(char *)ao[i]); + /* memory leak, buit should not normally matter */ + if (aop != NULL) + Free(aop); + } + } + o->flags&= ~(ASN1_OBJECT_FLAG_DYNAMIC|ASN1_OBJECT_FLAG_DYNAMIC_STRINGS); + return(o->nid); +err: + for (i=ADDED_DATA; i<=ADDED_NID; i++) + if (ao[i] != NULL) Free(ao[i]); + if (o != NULL) Free(o); + return(NID_undef); + } + +ASN1_OBJECT *OBJ_nid2obj(n) +int n; + { + ADDED_OBJ ad,*adp; + ASN1_OBJECT ob; + + if ((n >= 0) && (n < NUM_NID)) + { + if ((n != NID_undef) && (nid_objs[n].nid == NID_undef)) + { + OBJerr(OBJ_F_OBJ_NID2OBJ,OBJ_R_UNKNOWN_NID); + return(NULL); + } + return((ASN1_OBJECT *)&(nid_objs[n])); + } + else if (added == NULL) + return(NULL); + else + { + ad.type=ADDED_NID; + ad.obj= &ob; + ob.nid=n; + adp=(ADDED_OBJ *)lh_retrieve(added,(char *)&ad); + if (adp != NULL) + return(adp->obj); + else + { + OBJerr(OBJ_F_OBJ_NID2OBJ,OBJ_R_UNKNOWN_NID); + return(NULL); + } + } + } + +char *OBJ_nid2sn(n) +int n; + { + ADDED_OBJ ad,*adp; + ASN1_OBJECT ob; + + if ((n >= 0) && (n < NUM_NID)) + { + if ((n != NID_undef) && (nid_objs[n].nid == NID_undef)) + { + OBJerr(OBJ_F_OBJ_NID2SN,OBJ_R_UNKNOWN_NID); + return(NULL); + } + return(nid_objs[n].sn); + } + else if (added == NULL) + return(NULL); + else + { + ad.type=ADDED_NID; + ad.obj= &ob; + ob.nid=n; + adp=(ADDED_OBJ *)lh_retrieve(added,(char *)&ad); + if (adp != NULL) + return(adp->obj->sn); + else + { + OBJerr(OBJ_F_OBJ_NID2SN,OBJ_R_UNKNOWN_NID); + return(NULL); + } + } + } + +char *OBJ_nid2ln(n) +int n; + { + ADDED_OBJ ad,*adp; + ASN1_OBJECT ob; + + if ((n >= 0) && (n < NUM_NID)) + { + if ((n != NID_undef) && (nid_objs[n].nid == NID_undef)) + { + OBJerr(OBJ_F_OBJ_NID2LN,OBJ_R_UNKNOWN_NID); + return(NULL); + } + return(nid_objs[n].ln); + } + else if (added == NULL) + return(NULL); + else + { + ad.type=ADDED_NID; + ad.obj= &ob; + ob.nid=n; + adp=(ADDED_OBJ *)lh_retrieve(added,(char *)&ad); + if (adp != NULL) + return(adp->obj->ln); + else + { + OBJerr(OBJ_F_OBJ_NID2LN,OBJ_R_UNKNOWN_NID); + return(NULL); + } + } + } + +int OBJ_obj2nid(a) +ASN1_OBJECT *a; + { + ASN1_OBJECT **op; + ADDED_OBJ ad,*adp; + + if (a == NULL) + return(NID_undef); + if (a->nid != 0) + return(a->nid); + + if (added != NULL) + { + ad.type=ADDED_DATA; + ad.obj=a; + adp=(ADDED_OBJ *)lh_retrieve(added,(char *)&ad); + if (adp != NULL) return (adp->obj->nid); + } + op=(ASN1_OBJECT **)OBJ_bsearch((char *)&a,(char *)obj_objs,NUM_OBJ, + sizeof(ASN1_OBJECT *),(int (*)())obj_cmp); + if (op == NULL) + return(NID_undef); + return((*op)->nid); + } + +int OBJ_txt2nid(s) +char *s; + { + int ret; + + ret=OBJ_sn2nid(s); + if (ret == NID_undef) + { + ret=OBJ_ln2nid(s); + if (ret == NID_undef) + { + ASN1_OBJECT *op=NULL; + unsigned char *buf,*p; + int i; + + i=a2d_ASN1_OBJECT(NULL,0,s,-1); + if (i <= 0) + { + /* clear the error */ + ERR_get_error(); + return(0); + } + + if ((buf=(unsigned char *)Malloc(i)) == NULL) + return(NID_undef); + a2d_ASN1_OBJECT(buf,i,s,-1); + p=buf; + op=d2i_ASN1_OBJECT(NULL,&p,i); + if (op == NULL) return(NID_undef); + ret=OBJ_obj2nid(op); + ASN1_OBJECT_free(op); + Free(buf); + } + } + return(ret); + } + +int OBJ_ln2nid(s) +char *s; + { + ASN1_OBJECT o,*oo= &o,**op; + ADDED_OBJ ad,*adp; + + o.ln=s; + if (added != NULL) + { + ad.type=ADDED_LNAME; + ad.obj= &o; + adp=(ADDED_OBJ *)lh_retrieve(added,(char *)&ad); + if (adp != NULL) return (adp->obj->nid); + } + op=(ASN1_OBJECT **)OBJ_bsearch((char *)&oo,(char *)ln_objs,NUM_LN, + sizeof(ASN1_OBJECT *),(int (*)())ln_cmp); + if (op == NULL) return(NID_undef); + return((*op)->nid); + } + +int OBJ_sn2nid(s) +char *s; + { + ASN1_OBJECT o,*oo= &o,**op; + ADDED_OBJ ad,*adp; + + o.sn=s; + if (added != NULL) + { + ad.type=ADDED_SNAME; + ad.obj= &o; + adp=(ADDED_OBJ *)lh_retrieve(added,(char *)&ad); + if (adp != NULL) return (adp->obj->nid); + } + op=(ASN1_OBJECT **)OBJ_bsearch((char *)&oo,(char *)sn_objs,NUM_SN, + sizeof(ASN1_OBJECT *),(int (*)())sn_cmp); + if (op == NULL) return(NID_undef); + return((*op)->nid); + } + +static int obj_cmp(ap, bp) +ASN1_OBJECT **ap; +ASN1_OBJECT **bp; + { + int j; + ASN1_OBJECT *a= *ap; + ASN1_OBJECT *b= *bp; + + j=(a->length - b->length); + if (j) return(j); + return(memcmp(a->data,b->data,a->length)); + } + +char *OBJ_bsearch(key,base,num,size,cmp) +char *key; +char *base; +int num; +int size; +int (*cmp)(); + { + int l,h,i,c; + char *p; + + if (num == 0) return(NULL); + l=0; + h=num; + while (l < h) + { + i=(l+h)/2; + p= &(base[i*size]); + c=(*cmp)(key,p); + if (c < 0) + h=i; + else if (c > 0) + l=i+1; + else + return(p); + } + return(NULL); + } + +int OBJ_create_objects(in) +BIO *in; + { + MS_STATIC char buf[512]; + int i,num= -1; + char *o,*s,*l=NULL; + + for (;;) + { + s=o=NULL; + i=BIO_gets(in,buf,512); + if (i <= 0) return(num); + buf[i-1]='\0'; + if (!isalnum(buf[0])) return(num); + o=s=buf; + while (isdigit(*s) || (*s == '.')) + s++; + if (*s != '\0') + { + *(s++)='\0'; + while (isspace(*s)) + s++; + if (*s == '\0') + s=NULL; + else + { + l=s; + while ((*l != '\0') && !isspace(*l)) + l++; + if (*l != '\0') + { + *(l++)='\0'; + while (isspace(*l)) + l++; + if (*l == '\0') l=NULL; + } + else + l=NULL; + } + } + else + s=NULL; + if ((o == NULL) || (*o == '\0')) return(num); + if (!OBJ_create(o,s,l)) return(num); + num++; + } + return(num); + } + +int OBJ_create(oid,sn,ln) +char *oid; +char *sn; +char *ln; + { + int ok=0; + ASN1_OBJECT *op=NULL; + unsigned char *buf; + int i; + + i=a2d_ASN1_OBJECT(NULL,0,oid,-1); + if (i <= 0) return(0); + + if ((buf=(unsigned char *)Malloc(i)) == NULL) + { + OBJerr(OBJ_F_OBJ_CREATE,OBJ_R_MALLOC_FAILURE); + return(0); + } + i=a2d_ASN1_OBJECT(buf,i,oid,-1); + op=(ASN1_OBJECT *)ASN1_OBJECT_create(OBJ_new_nid(1),buf,i,sn,ln); + if (op == NULL) + goto err; + ok=OBJ_add_object(op); +err: + ASN1_OBJECT_free(op); + Free((char *)buf); + return(ok); + } + diff --git a/src/lib/libcrypto/objects/obj_dat.pl b/src/lib/libcrypto/objects/obj_dat.pl new file mode 100644 index 0000000000..4e7879d3f3 --- /dev/null +++ b/src/lib/libcrypto/objects/obj_dat.pl @@ -0,0 +1,269 @@ +#!/usr/bin/perl + +sub obj_cmp + { + local(@a,@b,$_,$r); + + $A=$obj_len{$obj{$nid{$a}}}; + $B=$obj_len{$obj{$nid{$b}}}; + + $r=($A-$B); + return($r) if $r != 0; + + $A=$obj_der{$obj{$nid{$a}}}; + $B=$obj_der{$obj{$nid{$b}}}; + + return($A cmp $B); + } + +sub expand_obj + { + local(*v)=@_; + local($k,$d); + local($i); + + do { + $i=0; + foreach $k (keys %v) + { + if (($v{$k} =~ s/(OBJ_[^,]+),/$v{$1},/)) + { $i++; } + } + } while($i); + foreach $k (keys %v) + { + @a=split(/,/,$v{$k}); + $objn{$k}=$#a+1; + } + return(%objn); + } + +while (<>) + { + next unless /^\#define\s+(\S+)\s+(.*)$/; + $v=$1; + $d=$2; + if ($v =~ /^SN_(.*)$/) + { $sn{$1}=$d; } + elsif ($v =~ /^LN_(.*)$/) + { $ln{$1}=$d; } + elsif ($v =~ /^NID_(.*)$/) + { $nid{$d}=$1; } + elsif ($v =~ /^OBJ_(.*)$/) + { + $obj{$1}=$v; + $objd{$v}=$d; + } + } + +%ob=&expand_obj(*objd); + +@a=sort { $a <=> $b } keys %nid; +$n=$a[$#a]+1; + +@lvalues=(); +$lvalues=0; + +for ($i=0; $i<$n; $i++) + { + if (!defined($nid{$i})) + { + push(@out,"{NULL,NULL,NID_undef,0,NULL},\n"); + } + else + { + $sn=defined($sn{$nid{$i}})?"$sn{$nid{$i}}":"NULL"; + $ln=defined($ln{$nid{$i}})?"$ln{$nid{$i}}":"NULL"; + $sn=$ln if ($sn eq "NULL"); + $ln=$sn if ($ln eq "NULL"); + $out ="{"; + $out.=$sn; + $out.=",".$ln; + $out.=",NID_$nid{$i},"; + if (defined($obj{$nid{$i}})) + { + $v=$objd{$obj{$nid{$i}}}; + $v =~ s/L//g; + $v =~ s/,/ /g; + $r=&der_it($v); + $z=""; + $length=0; + foreach (unpack("C*",$r)) + { + $z.=sprintf("0x%02X,",$_); + $length++; + } + $obj_der{$obj{$nid{$i}}}=$z; + $obj_len{$obj{$nid{$i}}}=$length; + + push(@lvalues,sprintf("%-45s/* [%3d] %s */\n", + $z,$lvalues,$obj{$nid{$i}})); + $out.="$length,&(lvalues[$lvalues]),0"; + $lvalues+=$length; + } + else + { + $out.="0,NULL"; + } + $out.="},\n"; + push(@out,$out); + } + } + +@a=grep(defined($sn{$nid{$_}}),0 .. $n); +foreach (sort { $sn{$nid{$a}} cmp $sn{$nid{$b}} } @a) + { + push(@sn,sprintf("&(nid_objs[%2d]),/* $sn{$nid{$_}} */\n",$_)); + } + +@a=grep(defined($ln{$nid{$_}}),0 .. $n); +foreach (sort { $ln{$nid{$a}} cmp $ln{$nid{$b}} } @a) + { + push(@ln,sprintf("&(nid_objs[%2d]),/* $ln{$nid{$_}} */\n",$_)); + } + +@a=grep(defined($obj{$nid{$_}}),0 .. $n); +foreach (sort obj_cmp @a) + { + $m=$obj{$nid{$_}}; + $v=$objd{$m}; + $v =~ s/L//g; + $v =~ s/,/ /g; + push(@ob,sprintf("&(nid_objs[%2d]),/* %-32s %s */\n",$_,$m,$v)); + } + +print <<'EOF'; +/* lib/obj/obj_dat.h */ +/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +/* THIS FILE IS GENERATED FROM Objects.h by obj_dat.pl via the + * following command: + * perl obj_dat.pl < objects.h > obj_dat.h + */ + +EOF + +printf "#define NUM_NID %d\n",$n; +printf "#define NUM_SN %d\n",$#sn+1; +printf "#define NUM_LN %d\n",$#ln+1; +printf "#define NUM_OBJ %d\n\n",$#ob+1; + +printf "static unsigned char lvalues[%d]={\n",$lvalues+1; +print @lvalues; +print "};\n\n"; + +printf "static ASN1_OBJECT nid_objs[NUM_NID]={\n"; +foreach (@out) + { + if (length($_) > 75) + { + $out=""; + foreach (split(/,/)) + { + $t=$out.$_.","; + if (length($t) > 70) + { + print "$out\n"; + $t="\t$_,"; + } + $out=$t; + } + chop $out; + print "$out"; + } + else + { print $_; } + } +print "};\n\n"; + +printf "static ASN1_OBJECT *sn_objs[NUM_SN]={\n"; +print @sn; +print "};\n\n"; + +printf "static ASN1_OBJECT *ln_objs[NUM_LN]={\n"; +print @ln; +print "};\n\n"; + +printf "static ASN1_OBJECT *obj_objs[NUM_OBJ]={\n"; +print @ob; +print "};\n\n"; + +sub der_it + { + local($v)=@_; + local(@a,$i,$ret,@r); + + @a=split(/\s+/,$v); + $ret.=pack("C*",$a[0]*40+$a[1]); + shift @a; + shift @a; + while ($_=shift(@a)) + { + @r=(); + $t=0; + while ($_ >= 128) + { + $x=$_%128; + $_/=128; + push(@r,((($t++)?0x80:0)|$x)); + } + push(@r,((($t++)?0x80:0)|$_)); + $ret.=pack("C*",reverse(@r)); + } + return($ret); + } diff --git a/src/lib/libcrypto/objects/obj_err.c b/src/lib/libcrypto/objects/obj_err.c new file mode 100644 index 0000000000..45206c616c --- /dev/null +++ b/src/lib/libcrypto/objects/obj_err.c @@ -0,0 +1,96 @@ +/* lib/obj/obj_err.c */ +/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ +#include +#include "err.h" +#include "objects.h" + +/* BEGIN ERROR CODES */ +#ifndef NO_ERR +static ERR_STRING_DATA OBJ_str_functs[]= + { +{ERR_PACK(0,OBJ_F_OBJ_CREATE,0), "OBJ_create"}, +{ERR_PACK(0,OBJ_F_OBJ_DUP,0), "OBJ_dup"}, +{ERR_PACK(0,OBJ_F_OBJ_NID2LN,0), "OBJ_nid2ln"}, +{ERR_PACK(0,OBJ_F_OBJ_NID2OBJ,0), "OBJ_nid2obj"}, +{ERR_PACK(0,OBJ_F_OBJ_NID2SN,0), "OBJ_nid2sn"}, +{0,NULL}, + }; + +static ERR_STRING_DATA OBJ_str_reasons[]= + { +{OBJ_R_MALLOC_FAILURE ,"malloc failure"}, +{OBJ_R_UNKNOWN_NID ,"unknown nid"}, +{0,NULL}, + }; + +#endif + +void ERR_load_OBJ_strings() + { + static int init=1; + + if (init); + {; + init=0; +#ifndef NO_ERR + ERR_load_strings(ERR_LIB_OBJ,OBJ_str_functs); + ERR_load_strings(ERR_LIB_OBJ,OBJ_str_reasons); +#endif + + } + } diff --git a/src/lib/libcrypto/objects/obj_lib.c b/src/lib/libcrypto/objects/obj_lib.c new file mode 100644 index 0000000000..0a9c756197 --- /dev/null +++ b/src/lib/libcrypto/objects/obj_lib.c @@ -0,0 +1,126 @@ +/* crypto/objects/obj_lib.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include +#include "cryptlib.h" +#include "lhash.h" +#include "objects.h" +#include "buffer.h" + +ASN1_OBJECT *OBJ_dup(o) +ASN1_OBJECT *o; + { + ASN1_OBJECT *r; + int i; + + if (o == NULL) return(NULL); + if (!(o->flags & ASN1_OBJECT_FLAG_DYNAMIC)) + return(o); + + r=(ASN1_OBJECT *)ASN1_OBJECT_new(); + if (r == NULL) + { + OBJerr(OBJ_F_OBJ_DUP,ERR_R_ASN1_LIB); + return(NULL); + } + r->data=(unsigned char *)Malloc(o->length); + if (r->data == NULL) + goto err; + memcpy(r->data,o->data,o->length); + r->length=o->length; + r->nid=o->nid; + r->ln=r->sn=NULL; + if (o->ln != NULL) + { + i=strlen(o->ln)+1; + r->ln=(char *)Malloc(i); + if (r->ln == NULL) goto err; + memcpy(r->ln,o->ln,i); + } + + if (o->sn != NULL) + { + i=strlen(o->sn)+1; + r->sn=(char *)Malloc(i); + if (r->sn == NULL) goto err; + memcpy(r->sn,o->sn,i); + } + r->flags=o->flags|(ASN1_OBJECT_FLAG_DYNAMIC| + ASN1_OBJECT_FLAG_DYNAMIC_STRINGS); + return(r); +err: + OBJerr(OBJ_F_OBJ_DUP,ERR_R_MALLOC_FAILURE); + if (r != NULL) + { + if (r->ln != NULL) Free(r->ln); + if (r->data != NULL) Free(r->data); + Free(r); + } + return(NULL); + } + +int OBJ_cmp(a,b) +ASN1_OBJECT *a; +ASN1_OBJECT *b; + { + int ret; + + ret=(a->length-b->length); + if (ret) return(ret); + return(memcmp(a->data,b->data,a->length)); + } diff --git a/src/lib/libcrypto/objects/objects.h b/src/lib/libcrypto/objects/objects.h new file mode 100644 index 0000000000..e1d555b47c --- /dev/null +++ b/src/lib/libcrypto/objects/objects.h @@ -0,0 +1,724 @@ +/* crypto/objects/objects.h */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#ifndef HEADER_OBJECTS_H +#define HEADER_OBJECTS_H + +#ifdef __cplusplus +extern "C" { +#endif + +#define SN_undef "UNDEF" +#define LN_undef "undefined" +#define NID_undef 0 + +#define SN_Algorithm "Algorithm" +#define LN_algorithm "algorithm" +#define NID_algorithm 38 +#define OBJ_algorithm 1L,3L,14L,3L,2L + +#define LN_rsadsi "rsadsi" +#define NID_rsadsi 1 +#define OBJ_rsadsi 1L,2L,840L,113549L + +#define LN_pkcs "pkcs" +#define NID_pkcs 2 +#define OBJ_pkcs OBJ_rsadsi,1L + +#define SN_md2 "MD2" +#define LN_md2 "md2" +#define NID_md2 3 +#define OBJ_md2 OBJ_rsadsi,2L,2L + +#define SN_md5 "MD5" +#define LN_md5 "md5" +#define NID_md5 4 +#define OBJ_md5 OBJ_rsadsi,2L,5L + +#define SN_rc4 "RC4" +#define LN_rc4 "rc4" +#define NID_rc4 5 +#define OBJ_rc4 OBJ_rsadsi,3L,4L + +#define LN_rsaEncryption "rsaEncryption" +#define NID_rsaEncryption 6 +#define OBJ_rsaEncryption OBJ_pkcs,1L,1L + +#define SN_md2WithRSAEncryption "RSA-MD2" +#define LN_md2WithRSAEncryption "md2WithRSAEncryption" +#define NID_md2WithRSAEncryption 7 +#define OBJ_md2WithRSAEncryption OBJ_pkcs,1L,2L + +#define SN_md5WithRSAEncryption "RSA-MD5" +#define LN_md5WithRSAEncryption "md5WithRSAEncryption" +#define NID_md5WithRSAEncryption 8 +#define OBJ_md5WithRSAEncryption OBJ_pkcs,1L,4L + +#define LN_pbeWithMD2AndDES_CBC "pbeWithMD2AndDES-CBC" +#define NID_pbeWithMD2AndDES_CBC 9 +#define OBJ_pbeWithMD2AndDES_CBC OBJ_pkcs,5L,1L + +#define LN_pbeWithMD5AndDES_CBC "pbeWithMD5AndDES-CBC" +#define NID_pbeWithMD5AndDES_CBC 10 +#define OBJ_pbeWithMD5AndDES_CBC OBJ_pkcs,5L,3L + +#define LN_X500 "X500" +#define NID_X500 11 +#define OBJ_X500 2L,5L + +#define LN_X509 "X509" +#define NID_X509 12 +#define OBJ_X509 OBJ_X500,4L + +#define SN_commonName "CN" +#define LN_commonName "commonName" +#define NID_commonName 13 +#define OBJ_commonName OBJ_X509,3L + +#define SN_countryName "C" +#define LN_countryName "countryName" +#define NID_countryName 14 +#define OBJ_countryName OBJ_X509,6L + +#define SN_localityName "L" +#define LN_localityName "localityName" +#define NID_localityName 15 +#define OBJ_localityName OBJ_X509,7L + +/* Postal Address? PA */ + +/* should be "ST" (rfc1327) but MS uses 'S' */ +#define SN_stateOrProvinceName "ST" +#define LN_stateOrProvinceName "stateOrProvinceName" +#define NID_stateOrProvinceName 16 +#define OBJ_stateOrProvinceName OBJ_X509,8L + +#define SN_organizationName "O" +#define LN_organizationName "organizationName" +#define NID_organizationName 17 +#define OBJ_organizationName OBJ_X509,10L + +#define SN_organizationalUnitName "OU" +#define LN_organizationalUnitName "organizationalUnitName" +#define NID_organizationalUnitName 18 +#define OBJ_organizationalUnitName OBJ_X509,11L + +#define SN_rsa "RSA" +#define LN_rsa "rsa" +#define NID_rsa 19 +#define OBJ_rsa OBJ_X500,8L,1L,1L + +#define LN_pkcs7 "pkcs7" +#define NID_pkcs7 20 +#define OBJ_pkcs7 OBJ_pkcs,7L + +#define LN_pkcs7_data "pkcs7-data" +#define NID_pkcs7_data 21 +#define OBJ_pkcs7_data OBJ_pkcs7,1L + +#define LN_pkcs7_signed "pkcs7-signedData" +#define NID_pkcs7_signed 22 +#define OBJ_pkcs7_signed OBJ_pkcs7,2L + +#define LN_pkcs7_enveloped "pkcs7-envelopedData" +#define NID_pkcs7_enveloped 23 +#define OBJ_pkcs7_enveloped OBJ_pkcs7,3L + +#define LN_pkcs7_signedAndEnveloped "pkcs7-signedAndEnvelopedData" +#define NID_pkcs7_signedAndEnveloped 24 +#define OBJ_pkcs7_signedAndEnveloped OBJ_pkcs7,4L + +#define LN_pkcs7_digest "pkcs7-digestData" +#define NID_pkcs7_digest 25 +#define OBJ_pkcs7_digest OBJ_pkcs7,5L + +#define LN_pkcs7_encrypted "pkcs7-encryptedData" +#define NID_pkcs7_encrypted 26 +#define OBJ_pkcs7_encrypted OBJ_pkcs7,6L + +#define LN_pkcs3 "pkcs3" +#define NID_pkcs3 27 +#define OBJ_pkcs3 OBJ_pkcs,3L + +#define LN_dhKeyAgreement "dhKeyAgreement" +#define NID_dhKeyAgreement 28 +#define OBJ_dhKeyAgreement OBJ_pkcs3,1L + +#define SN_des_ecb "DES-ECB" +#define LN_des_ecb "des-ecb" +#define NID_des_ecb 29 +#define OBJ_des_ecb OBJ_algorithm,6L + +#define SN_des_cfb64 "DES-CFB" +#define LN_des_cfb64 "des-cfb" +#define NID_des_cfb64 30 +/* IV + num */ +#define OBJ_des_cfb64 OBJ_algorithm,9L + +#define SN_des_cbc "DES-CBC" +#define LN_des_cbc "des-cbc" +#define NID_des_cbc 31 +/* IV */ +#define OBJ_des_cbc OBJ_algorithm,7L + +#define SN_des_ede "DES-EDE" +#define LN_des_ede "des-ede" +#define NID_des_ede 32 +/* ?? */ +#define OBJ_des_ede OBJ_algorithm,17L + +#define SN_des_ede3 "DES-EDE3" +#define LN_des_ede3 "des-ede3" +#define NID_des_ede3 33 + +#define SN_idea_cbc "IDEA-CBC" +#define LN_idea_cbc "idea-cbc" +#define NID_idea_cbc 34 + +#define SN_idea_cfb64 "IDEA-CFB" +#define LN_idea_cfb64 "idea-cfb" +#define NID_idea_cfb64 35 + +#define SN_idea_ecb "IDEA-ECB" +#define LN_idea_ecb "idea-ecb" +#define NID_idea_ecb 36 + +#define SN_rc2_cbc "RC2-CBC" +#define LN_rc2_cbc "rc2-cbc" +#define NID_rc2_cbc 37 +#define OBJ_rc2_cbc OBJ_rsadsi,3L,2L + +#define SN_rc2_ecb "RC2-ECB" +#define LN_rc2_ecb "rc2-ecb" +#define NID_rc2_ecb 38 + +#define SN_rc2_cfb64 "RC2-CFB" +#define LN_rc2_cfb64 "rc2-cfb" +#define NID_rc2_cfb64 39 + +#define SN_rc2_ofb64 "RC2-OFB" +#define LN_rc2_ofb64 "rc2-ofb" +#define NID_rc2_ofb64 40 + +#define SN_sha "SHA" +#define LN_sha "sha" +#define NID_sha 41 +#define OBJ_sha OBJ_algorithm,18L + +#define SN_shaWithRSAEncryption "RSA-SHA" +#define LN_shaWithRSAEncryption "shaWithRSAEncryption" +#define NID_shaWithRSAEncryption 42 +#define OBJ_shaWithRSAEncryption OBJ_algorithm,15L + +#define SN_des_ede_cbc "DES-EDE-CBC" +#define LN_des_ede_cbc "des-ede-cbc" +#define NID_des_ede_cbc 43 + +#define SN_des_ede3_cbc "DES-EDE3-CBC" +#define LN_des_ede3_cbc "des-ede3-cbc" +#define NID_des_ede3_cbc 44 +#define OBJ_des_ede3_cbc OBJ_rsadsi,3L,7L + +#define SN_des_ofb64 "DES-OFB" +#define LN_des_ofb64 "des-ofb" +#define NID_des_ofb64 45 +#define OBJ_des_ofb64 OBJ_algorithm,8L + +#define SN_idea_ofb64 "IDEA-OFB" +#define LN_idea_ofb64 "idea-ofb" +#define NID_idea_ofb64 46 + +#define LN_pkcs9 "pkcs9" +#define NID_pkcs9 47 +#define OBJ_pkcs9 OBJ_pkcs,9L + +#define SN_pkcs9_emailAddress "Email" +#define LN_pkcs9_emailAddress "emailAddress" +#define NID_pkcs9_emailAddress 48 +#define OBJ_pkcs9_emailAddress OBJ_pkcs9,1L + +#define LN_pkcs9_unstructuredName "unstructuredName" +#define NID_pkcs9_unstructuredName 49 +#define OBJ_pkcs9_unstructuredName OBJ_pkcs9,2L + +#define LN_pkcs9_contentType "contentType" +#define NID_pkcs9_contentType 50 +#define OBJ_pkcs9_contentType OBJ_pkcs9,3L + +#define LN_pkcs9_messageDigest "messageDigest" +#define NID_pkcs9_messageDigest 51 +#define OBJ_pkcs9_messageDigest OBJ_pkcs9,4L + +#define LN_pkcs9_signingTime "signingTime" +#define NID_pkcs9_signingTime 52 +#define OBJ_pkcs9_signingTime OBJ_pkcs9,5L + +#define LN_pkcs9_countersignature "countersignature" +#define NID_pkcs9_countersignature 53 +#define OBJ_pkcs9_countersignature OBJ_pkcs9,6L + +#define LN_pkcs9_challengePassword "challengePassword" +#define NID_pkcs9_challengePassword 54 +#define OBJ_pkcs9_challengePassword OBJ_pkcs9,7L + +#define LN_pkcs9_unstructuredAddress "unstructuredAddress" +#define NID_pkcs9_unstructuredAddress 55 +#define OBJ_pkcs9_unstructuredAddress OBJ_pkcs9,8L + +#define LN_pkcs9_extCertAttributes "extendedCertificateAttributes" +#define NID_pkcs9_extCertAttributes 56 +#define OBJ_pkcs9_extCertAttributes OBJ_pkcs9,9L + +#define SN_netscape "Netscape" +#define LN_netscape "Netscape Communications Corp." +#define NID_netscape 57 +#define OBJ_netscape 2L,16L,840L,1L,113730L + +#define SN_netscape_cert_extension "nsCertExt" +#define LN_netscape_cert_extension "Netscape Certificate Extension" +#define NID_netscape_cert_extension 58 +#define OBJ_netscape_cert_extension OBJ_netscape,1L + +#define SN_netscape_data_type "nsDataType" +#define LN_netscape_data_type "Netscape Data Type" +#define NID_netscape_data_type 59 +#define OBJ_netscape_data_type OBJ_netscape,2L + +#define SN_des_ede_cfb64 "DES-EDE-CFB" +#define LN_des_ede_cfb64 "des-ede-cfb" +#define NID_des_ede_cfb64 60 + +#define SN_des_ede3_cfb64 "DES-EDE3-CFB" +#define LN_des_ede3_cfb64 "des-ede3-cfb" +#define NID_des_ede3_cfb64 61 + +#define SN_des_ede_ofb64 "DES-EDE-OFB" +#define LN_des_ede_ofb64 "des-ede-ofb" +#define NID_des_ede_ofb64 62 + +#define SN_des_ede3_ofb64 "DES-EDE3-OFB" +#define LN_des_ede3_ofb64 "des-ede3-ofb" +#define NID_des_ede3_ofb64 63 + +/* I'm not sure about the object ID */ +#define SN_sha1 "SHA1" +#define LN_sha1 "sha1" +#define NID_sha1 64 +#define OBJ_sha1 OBJ_algorithm,26L +/* 28 Jun 1996 - eay */ +/* #define OBJ_sha1 1L,3L,14L,2L,26L,05L <- wrong */ + +#define SN_sha1WithRSAEncryption "RSA-SHA1" +#define LN_sha1WithRSAEncryption "sha1WithRSAEncryption" +#define NID_sha1WithRSAEncryption 65 +#define OBJ_sha1WithRSAEncryption OBJ_pkcs,1L,5L + +#define SN_dsaWithSHA "DSA-SHA" +#define LN_dsaWithSHA "dsaWithSHA" +#define NID_dsaWithSHA 66 +#define OBJ_dsaWithSHA OBJ_algorithm,13L + +#define SN_dsa_2 "DSA-old" +#define LN_dsa_2 "dsaEncryption-old" +#define NID_dsa_2 67 +#define OBJ_dsa_2 OBJ_algorithm,12L + +/* proposed by microsoft to RSA */ +#define LN_pbeWithSHA1AndRC2_CBC "pbeWithSHA1AndRC2-CBC" +#define NID_pbeWithSHA1AndRC2_CBC 68 +#define OBJ_pbeWithSHA1AndRC2_CBC OBJ_pkcs,5L,11L + +/* proposed by microsoft to RSA */ +#define LN_pbeWithSHA1AndRC4 "pbeWithSHA1AndRC4" +#define NID_pbeWithSHA1AndRC4 69 +#define OBJ_pbeWithSHA1AndRC4 OBJ_pkcs,5L,12L + +#define SN_dsaWithSHA1_2 "DSA-SHA1-old" +#define LN_dsaWithSHA1_2 "dsaWithSHA1" +#define NID_dsaWithSHA1_2 70 +/* Got this one from 'sdn706r20.pdf' which is actually an NSA document :-) */ +#define OBJ_dsaWithSHA1_2 OBJ_algorithm,27L + +#define SN_netscape_cert_type "nsCertType" +#define LN_netscape_cert_type "Netscape Cert Type" +#define NID_netscape_cert_type 71 +#define OBJ_netscape_cert_type OBJ_netscape_cert_extension,1L + +#define SN_netscape_base_url "nsBaseUrl" +#define LN_netscape_base_url "Netscape Base Url" +#define NID_netscape_base_url 72 +#define OBJ_netscape_base_url OBJ_netscape_cert_extension,2L + +#define SN_netscape_revocation_url "nsRevocationUrl" +#define LN_netscape_revocation_url "Netscape Revocation Url" +#define NID_netscape_revocation_url 73 +#define OBJ_netscape_revocation_url OBJ_netscape_cert_extension,3L + +#define SN_netscape_ca_revocation_url "nsCaRevocationUrl" +#define LN_netscape_ca_revocation_url "Netscape CA Revocation Url" +#define NID_netscape_ca_revocation_url 74 +#define OBJ_netscape_ca_revocation_url OBJ_netscape_cert_extension,4L + +#define SN_netscape_renewal_url "nsRenewalUrl" +#define LN_netscape_renewal_url "Netscape Renewal Url" +#define NID_netscape_renewal_url 75 +#define OBJ_netscape_renewal_url OBJ_netscape_cert_extension,7L + +#define SN_netscape_ca_policy_url "nsCaPolicyUrl" +#define LN_netscape_ca_policy_url "Netscape CA Policy Url" +#define NID_netscape_ca_policy_url 76 +#define OBJ_netscape_ca_policy_url OBJ_netscape_cert_extension,8L + +#define SN_netscape_ssl_server_name "nsSslServerName" +#define LN_netscape_ssl_server_name "Netscape SSL Server Name" +#define NID_netscape_ssl_server_name 77 +#define OBJ_netscape_ssl_server_name OBJ_netscape_cert_extension,12L + +#define SN_netscape_comment "nsComment" +#define LN_netscape_comment "Netscape Comment" +#define NID_netscape_comment 78 +#define OBJ_netscape_comment OBJ_netscape_cert_extension,13L + +#define SN_netscape_cert_sequence "nsCertSequence" +#define LN_netscape_cert_sequence "Netscape Certificate Sequence" +#define NID_netscape_cert_sequence 79 +#define OBJ_netscape_cert_sequence OBJ_netscape_data_type,5L + +#define SN_desx_cbc "DESX-CBC" +#define LN_desx_cbc "desx-cbc" +#define NID_desx_cbc 80 + +#define SN_ld_ce "ld-ce" +#define NID_ld_ce 81 +#define OBJ_ld_ce 2L,5L,29L + +#define SN_subject_key_identifier "subjectKeyIdentifier" +#define LN_subject_key_identifier "X509v3 Subject Key Identifier" +#define NID_subject_key_identifier 82 +#define OBJ_subject_key_identifier OBJ_ld_ce,14L + +#define SN_key_usage "keyUsage" +#define LN_key_usage "X509v3 Key Usage" +#define NID_key_usage 83 +#define OBJ_key_usage OBJ_ld_ce,15L + +#define SN_private_key_usage_period "privateKeyUsagePeriod" +#define LN_private_key_usage_period "X509v3 Private Key Usage Period" +#define NID_private_key_usage_period 84 +#define OBJ_private_key_usage_period OBJ_ld_ce,16L + +#define SN_subject_alt_name "subjectAltName" +#define LN_subject_alt_name "X509v3 Subject Alternative Name" +#define NID_subject_alt_name 85 +#define OBJ_subject_alt_name OBJ_ld_ce,17L + +#define SN_issuer_alt_name "issuerAltName" +#define LN_issuer_alt_name "X509v3 Issuer Alternative Name" +#define NID_issuer_alt_name 86 +#define OBJ_issuer_alt_name OBJ_ld_ce,18L + +#define SN_basic_constraints "basicConstraints" +#define LN_basic_constraints "X509v3 Basic Constraints" +#define NID_basic_constraints 87 +#define OBJ_basic_constraints OBJ_ld_ce,19L + +#define SN_crl_number "crlNumber" +#define LN_crl_number "X509v3 CRL Number" +#define NID_crl_number 88 +#define OBJ_crl_number OBJ_ld_ce,20L + +#define SN_certificate_policies "certificatePolicies" +#define LN_certificate_policies "X509v3 Certificate Policies" +#define NID_certificate_policies 89 +#define OBJ_certificate_policies OBJ_ld_ce,32L + +#define SN_authority_key_identifier "authorityKeyIdentifier" +#define LN_authority_key_identifier "X509v3 Authority Key Identifier" +#define NID_authority_key_identifier 90 +#define OBJ_authority_key_identifier OBJ_ld_ce,35L + +#define SN_bf_cbc "BF-CBC" +#define LN_bf_cbc "bf-cbc" +#define NID_bf_cbc 91 + +#define SN_bf_ecb "BF-ECB" +#define LN_bf_ecb "bf-ecb" +#define NID_bf_ecb 92 + +#define SN_bf_cfb64 "BF-CFB" +#define LN_bf_cfb64 "bf-cfb" +#define NID_bf_cfb64 93 + +#define SN_bf_ofb64 "BF-OFB" +#define LN_bf_ofb64 "bf-ofb" +#define NID_bf_ofb64 94 + +#define SN_mdc2 "MDC2" +#define LN_mdc2 "mdc2" +#define NID_mdc2 95 +#define OBJ_mdc2 2L,5L,8L,3L,101L +/* An alternative? 1L,3L,14L,3L,2L,19L */ + +#define SN_mdc2WithRSA "RSA-MDC2" +#define LN_mdc2WithRSA "mdc2withRSA" +#define NID_mdc2WithRSA 96 +#define OBJ_mdc2WithRSA 2L,5L,8L,3L,100L + +#define SN_rc4_40 "RC4-40" +#define LN_rc4_40 "rc4-40" +#define NID_rc4_40 97 + +#define SN_rc2_40_cbc "RC2-40-CBC" +#define LN_rc2_40_cbc "rc2-40-cbc" +#define NID_rc2_40_cbc 98 + +#define SN_givenName "G" +#define LN_givenName "givenName" +#define NID_givenName 99 +#define OBJ_givenName OBJ_X509,42L + +#define SN_surname "S" +#define LN_surname "surname" +#define NID_surname 100 +#define OBJ_surname OBJ_X509,4L + +#define SN_initials "I" +#define LN_initials "initials" +#define NID_initials 101 +#define OBJ_initials OBJ_X509,43L + +#define SN_uniqueIdentifier "UID" +#define LN_uniqueIdentifier "uniqueIdentifier" +#define NID_uniqueIdentifier 102 +#define OBJ_uniqueIdentifier OBJ_X509,45L + +#define SN_crl_distribution_points "crlDistributionPoints" +#define LN_crl_distribution_points "X509v3 CRL Distribution Points" +#define NID_crl_distribution_points 103 +#define OBJ_crl_distribution_points OBJ_ld_ce,31L + +#define SN_md5WithRSA "RSA-NP-MD5" +#define LN_md5WithRSA "md5WithRSA" +#define NID_md5WithRSA 104 +#define OBJ_md5WithRSA OBJ_algorithm,3L + +#define SN_serialNumber "SN" +#define LN_serialNumber "serialNumber" +#define NID_serialNumber 105 +#define OBJ_serialNumber OBJ_X509,5L + +#define SN_title "T" +#define LN_title "title" +#define NID_title 106 +#define OBJ_title OBJ_X509,12L + +#define SN_description "D" +#define LN_description "description" +#define NID_description 107 +#define OBJ_description OBJ_X509,13L + +/* CAST5 is CAST-128, I'm just sticking with the documentation */ +#define SN_cast5_cbc "CAST5-CBC" +#define LN_cast5_cbc "cast5-cbc" +#define NID_cast5_cbc 108 +#define OBJ_cast5_cbc 1L,2L,840L,113533L,7L,66L,10L + +#define SN_cast5_ecb "CAST5-ECB" +#define LN_cast5_ecb "cast5-ecb" +#define NID_cast5_ecb 109 + +#define SN_cast5_cfb64 "CAST5-CFB" +#define LN_cast5_cfb64 "cast5-cfb" +#define NID_cast5_cfb64 110 + +#define SN_cast5_ofb64 "CAST5-OFB" +#define LN_cast5_ofb64 "cast5-ofb" +#define NID_cast5_ofb64 111 + +#define LN_pbeWithMD5AndCast5_CBC "pbeWithMD5AndCast5CBC" +#define NID_pbeWithMD5AndCast5_CBC 112 +#define OBJ_pbeWithMD5AndCast5_CBC 1L,2L,840L,113533L,7L,66L,12L + +/* This is one sun will soon be using :-( + * id-dsa-with-sha1 ID ::= { + * iso(1) member-body(2) us(840) x9-57 (10040) x9cm(4) 3 } + */ +#define SN_dsaWithSHA1 "DSA-SHA1" +#define LN_dsaWithSHA1 "dsaWithSHA1" +#define NID_dsaWithSHA1 113 +#define OBJ_dsaWithSHA1 1L,2L,840L,10040L,4L,3L + +#define NID_md5_sha1 114 +#define SN_md5_sha1 "MD5-SHA1" +#define LN_md5_sha1 "md5-sha1" + +#define SN_sha1WithRSA "RSA-SHA1-2" +#define LN_sha1WithRSA "sha1WithRSA" +#define NID_sha1WithRSA 115 +#define OBJ_sha1WithRSA OBJ_algorithm,29L + +#define SN_dsa "DSA" +#define LN_dsa "dsaEncryption" +#define NID_dsa 116 +#define OBJ_dsa 1L,2L,840L,10040L,4L,1L + +#define SN_ripemd160 "RIPEMD160" +#define LN_ripemd160 "ripemd160" +#define NID_ripemd160 117 +#define OBJ_ripemd160 1L,3L,36L,3L,2L,1L + +/* The name should actually be rsaSignatureWithripemd160, but I'm going + * to contiune using the convention I'm using with the other ciphers */ +#define SN_ripemd160WithRSA "RSA-RIPEMD160" +#define LN_ripemd160WithRSA "ripemd160WithRSA" +#define NID_ripemd160WithRSA 119 +#define OBJ_ripemd160WithRSA 1L,3L,36L,3L,3L,1L,2L + +/* Taken from rfc2040 + * RC5_CBC_Parameters ::= SEQUENCE { + * version INTEGER (v1_0(16)), + * rounds INTEGER (8..127), + * blockSizeInBits INTEGER (64, 128), + * iv OCTET STRING OPTIONAL + * } + */ +#define SN_rc5_cbc "RC5-CBC" +#define LN_rc5_cbc "rc5-cbc" +#define NID_rc5_cbc 120 +#define OBJ_rc5_cbc OBJ_rsadsi,3L,8L + +#define SN_rc5_ecb "RC5-ECB" +#define LN_rc5_ecb "rc5-ecb" +#define NID_rc5_ecb 121 + +#define SN_rc5_cfb64 "RC5-CFB" +#define LN_rc5_cfb64 "rc5-cfb" +#define NID_rc5_cfb64 122 + +#define SN_rc5_ofb64 "RC5-OFB" +#define LN_rc5_ofb64 "rc5-ofb" +#define NID_rc5_ofb64 123 + +#include "bio.h" +#include "asn1.h" + +#define OBJ_create_and_add_object(a,b,c) OBJ_create(a,b,c) + +#ifndef NOPROTO + +ASN1_OBJECT * OBJ_dup(ASN1_OBJECT *o); +ASN1_OBJECT * OBJ_nid2obj(int n); +char * OBJ_nid2ln(int n); +char * OBJ_nid2sn(int n); +int OBJ_obj2nid(ASN1_OBJECT *o); +int OBJ_txt2nid(char *s); +int OBJ_ln2nid(char *s); +int OBJ_sn2nid(char *s); +int OBJ_cmp(ASN1_OBJECT *a,ASN1_OBJECT *b); +char * OBJ_bsearch(char *key,char *base,int num,int size,int (*cmp)()); + +void ERR_load_OBJ_strings(void ); + +int OBJ_new_nid(int num); +int OBJ_add_object(ASN1_OBJECT *obj); +int OBJ_create(char *oid,char *sn,char *ln); +void OBJ_cleanup(void ); +int OBJ_create_objects(BIO *in); + +#else + +ASN1_OBJECT * OBJ_dup(); +ASN1_OBJECT * OBJ_nid2obj(); +char * OBJ_nid2ln(); +char * OBJ_nid2sn(); +int OBJ_obj2nid(); +int OBJ_txt2nid(); +int OBJ_ln2nid(); +int OBJ_sn2nid(); +int OBJ_cmp(); +char * OBJ_bsearch(); + +void ERR_load_OBJ_strings(); + +int OBJ_new_nid(); +int OBJ_add_object(); +int OBJ_create(); +void OBJ_cleanup(); +int OBJ_create_objects(); + +#endif + +/* BEGIN ERROR CODES */ +/* Error codes for the OBJ functions. */ + +/* Function codes. */ +#define OBJ_F_OBJ_CREATE 100 +#define OBJ_F_OBJ_DUP 101 +#define OBJ_F_OBJ_NID2LN 102 +#define OBJ_F_OBJ_NID2OBJ 103 +#define OBJ_F_OBJ_NID2SN 104 + +/* Reason codes. */ +#define OBJ_R_MALLOC_FAILURE 100 +#define OBJ_R_UNKNOWN_NID 101 + +#ifdef __cplusplus +} +#endif +#endif + diff --git a/src/lib/libcrypto/objects/objects.txt b/src/lib/libcrypto/objects/objects.txt new file mode 100644 index 0000000000..cb276e90e9 --- /dev/null +++ b/src/lib/libcrypto/objects/objects.txt @@ -0,0 +1,40 @@ +1 2 : ISO member bodies +1 2 840 : US (ANSI) +1 2 840 113549 : rsadsi : RSA Data Security, Inc. +1 2 840 113549 1 : pkcs : RSA Data Security, Inc. PKCS +1 2 840 113549 1 1 1 : rsaEncryption +1 2 840 113549 1 1 2 : md2withRSAEncryption +1 2 840 113549 1 1 4 : md5withRSAEncryption +1 2 840 113549 1 7 : pkcs-7 +1 2 840 113549 1 7 1 : pkcs-7-data +1 2 840 113549 1 7 2 : pkcs-7-signedData +1 2 840 113549 1 7 3 : pkcs-7-envelopedData +1 2 840 113549 1 7 4 : pkcs-7-signedAndEnvelopedData +1 2 840 113549 1 7 5 : pkcs-7-digestData +1 2 840 113549 1 7 6 : pkcs-7-encryptedData +1 2 840 113549 2 2 : md2 +1 2 840 113549 2 4 : md4 +1 2 840 113549 2 5 : md5 +1 2 840 113549 3 4 : rc4 +1 2 840 113549 5 1 : pbeWithMD2AndDES_CBC +1 2 840 113549 5 3 : pbeWithMD5AndDES_CBC +2 5 : X500 : directory services (X.500) +2 5 4 : X509 +2 5 4 3 : commonName +2 5 4 6 : countryName +2 5 4 7 : localityName +2 5 4 8 : stateOrProvinceName +2 5 4 10 : organizationName +2 5 4 11 : organizationalUnitName +2 5 8 : directory services - algorithms +2 5 8 1 1 : rsa + +algorithm 18 : sha +encryptionAlgorithm 1 : rsa +algorithm 11 : rsaSignature + +algorithm 6 : desECB +algorithm 7 : desCBC +algorithm 8 : desOFB +algorithm 9 : desCFB +algorithm 17 : desEDE2 diff --git a/src/lib/libcrypto/pem/message b/src/lib/libcrypto/pem/message new file mode 100644 index 0000000000..e8bf9d7592 --- /dev/null +++ b/src/lib/libcrypto/pem/message @@ -0,0 +1,16 @@ +-----BEGIN PRIVACY-ENHANCED MESSAGE----- +Proc-Type: 4,ENCRYPTED +Proc-Type: 4,MIC-ONLY +Proc-Type: 4,MIC-CLEAR +Content-Domain: RFC822 +DEK-Info: DES-CBC,0123456789abcdef +Originator-Certificate + xxxx +Issuer-Certificate + xxxx +MIC-Info: RSA-MD5,RSA, + xxxx + + +-----END PRIVACY-ENHANCED MESSAGE----- + diff --git a/src/lib/libcrypto/pem/pem.h b/src/lib/libcrypto/pem/pem.h new file mode 100644 index 0000000000..55fbaeffe2 --- /dev/null +++ b/src/lib/libcrypto/pem/pem.h @@ -0,0 +1,562 @@ +/* crypto/pem/pem.org */ +/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +/* WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING + * + * Always modify pem.org since pem.h is automatically generated from + * it during SSLeay configuration. + * + * WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING + */ + +#ifndef HEADER_PEM_H +#define HEADER_PEM_H + +#ifdef __cplusplus +extern "C" { +#endif + +#include "evp.h" +#include "x509.h" + +#define PEM_OBJ_UNDEF 0 +#define PEM_OBJ_X509 1 +#define PEM_OBJ_X509_REQ 2 +#define PEM_OBJ_CRL 3 +#define PEM_OBJ_SSL_SESSION 4 +#define PEM_OBJ_PRIV_KEY 10 +#define PEM_OBJ_PRIV_RSA 11 +#define PEM_OBJ_PRIV_DSA 12 +#define PEM_OBJ_PRIV_DH 13 +#define PEM_OBJ_PUB_RSA 14 +#define PEM_OBJ_PUB_DSA 15 +#define PEM_OBJ_PUB_DH 16 +#define PEM_OBJ_DHPARAMS 17 +#define PEM_OBJ_DSAPARAMS 18 +#define PEM_OBJ_PRIV_RSA_PUBLIC 19 + +#define PEM_ERROR 30 +#define PEM_DEK_DES_CBC 40 +#define PEM_DEK_IDEA_CBC 45 +#define PEM_DEK_DES_EDE 50 +#define PEM_DEK_DES_ECB 60 +#define PEM_DEK_RSA 70 +#define PEM_DEK_RSA_MD2 80 +#define PEM_DEK_RSA_MD5 90 + +#define PEM_MD_MD2 NID_md2 +#define PEM_MD_MD5 NID_md5 +#define PEM_MD_SHA NID_sha +#define PEM_MD_MD2_RSA NID_md2WithRSAEncryption +#define PEM_MD_MD5_RSA NID_md5WithRSAEncryption +#define PEM_MD_SHA_RSA NID_sha1WithRSAEncryption + +#define PEM_STRING_X509_OLD "X509 CERTIFICATE" +#define PEM_STRING_X509 "CERTIFICATE" +#define PEM_STRING_X509_REQ_OLD "NEW CERTIFICATE REQUEST" +#define PEM_STRING_X509_REQ "CERTIFICATE REQUEST" +#define PEM_STRING_X509_CRL "X509 CRL" +#define PEM_STRING_EVP_PKEY "PRIVATE KEY" +#define PEM_STRING_RSA "RSA PRIVATE KEY" +#define PEM_STRING_RSA_PUBLIC "RSA PUBLIC KEY" +#define PEM_STRING_DSA "DSA PRIVATE KEY" +#define PEM_STRING_PKCS7 "PKCS7" +#define PEM_STRING_DHPARAMS "DH PARAMETERS" +#define PEM_STRING_SSL_SESSION "SSL SESSION PARAMETERS" +#define PEM_STRING_DSAPARAMS "DSA PARAMETERS" + +#ifndef HEADER_ENVELOPE_H + +#define EVP_ENCODE_CTX_SIZE 96 +#define EVP_MD_SIZE 60 +#define EVP_MD_CTX_SIZE 152 +#define EVP_CIPHER_SIZE 40 +#define EVP_CIPHER_CTX_SIZE 4212 +#define EVP_MAX_MD_SIZE 20 + +typedef struct evp_encode_ctx_st + { + char data[EVP_ENCODE_CTX_SIZE]; + } EVP_ENCODE_CTX; + +typedef struct env_md_ctx_st + { + char data[EVP_MD_CTX_SIZE]; + } EVP_MD_CTX; + +typedef struct evp_cipher_st + { + char data[EVP_CIPHER_SIZE]; + } EVP_CIPHER; + +typedef struct evp_cipher_ctx_st + { + char data[EVP_CIPHER_CTX_SIZE]; + } EVP_CIPHER_CTX; +#endif + + +typedef struct PEM_Encode_Seal_st + { + EVP_ENCODE_CTX encode; + EVP_MD_CTX md; + EVP_CIPHER_CTX cipher; + } PEM_ENCODE_SEAL_CTX; + +/* enc_type is one off */ +#define PEM_TYPE_ENCRYPTED 10 +#define PEM_TYPE_MIC_ONLY 20 +#define PEM_TYPE_MIC_CLEAR 30 +#define PEM_TYPE_CLEAR 40 + +typedef struct pem_recip_st + { + char *name; + X509_NAME *dn; + + int cipher; + int key_enc; + char iv[8]; + } PEM_USER; + +typedef struct pem_ctx_st + { + int type; /* what type of object */ + + struct { + int version; + int mode; + } proc_type; + + char *domain; + + struct { + int cipher; + unsigned char iv[8]; + } DEK_info; + + PEM_USER *originator; + + int num_recipient; + PEM_USER **recipient; + +#ifdef HEADER_STACK_H + STACK *x509_chain; /* certificate chain */ +#else + char *x509_chain; /* certificate chain */ +#endif + EVP_MD *md; /* signature type */ + + int md_enc; /* is the md encrypted or not? */ + int md_len; /* length of md_data */ + char *md_data; /* message digest, could be pkey encrypted */ + + EVP_CIPHER *dec; /* date encryption cipher */ + int key_len; /* key length */ + unsigned char *key; /* key */ + unsigned char iv[8]; /* the iv */ + + + int data_enc; /* is the data encrypted */ + int data_len; + unsigned char *data; + } PEM_CTX; + +#ifdef SSLEAY_MACROS + +#define PEM_write_SSL_SESSION(fp,x) \ + PEM_ASN1_write((int (*)())i2d_SSL_SESSION, \ + PEM_STRING_SSL_SESSION,fp, (char *)x, NULL,NULL,0,NULL) +#define PEM_write_X509(fp,x) \ + PEM_ASN1_write((int (*)())i2d_X509,PEM_STRING_X509,fp, \ + (char *)x, NULL,NULL,0,NULL) +#define PEM_write_X509_REQ(fp,x) PEM_ASN1_write( \ + (int (*)())i2d_X509_REQ,PEM_STRING_X509_REQ,fp,(char *)x, \ + NULL,NULL,0,NULL) +#define PEM_write_X509_CRL(fp,x) \ + PEM_ASN1_write((int (*)())i2d_X509_CRL,PEM_STRING_X509_CRL, \ + fp,(char *)x, NULL,NULL,0,NULL) +#define PEM_write_RSAPrivateKey(fp,x,enc,kstr,klen,cb) \ + PEM_ASN1_write((int (*)())i2d_RSAPrivateKey,PEM_STRING_RSA,fp,\ + (char *)x,enc,kstr,klen,cb) +#define PEM_write_RSAPublicKey(fp,x) \ + PEM_ASN1_write((int (*)())i2d_RSAPublicKey,\ + PEM_STRING_RSA_PUBLIC,fp,(char *)x,NULL,NULL,0,NULL) +#define PEM_write_DSAPrivateKey(fp,x,enc,kstr,klen,cb) \ + PEM_ASN1_write((int (*)())i2d_DSAPrivateKey,PEM_STRING_DSA,fp,\ + (char *)x,enc,kstr,klen,cb) +#define PEM_write_PrivateKey(bp,x,enc,kstr,klen,cb) \ + PEM_ASN1_write((int (*)())i2d_PrivateKey,\ + (((x)->type == EVP_PKEY_DSA)?PEM_STRING_DSA:PEM_STRING_RSA),\ + bp,(char *)x,enc,kstr,klen,cb) +#define PEM_write_PKCS7(fp,x) \ + PEM_ASN1_write((int (*)())i2d_PKCS7,PEM_STRING_PKCS7,fp, \ + (char *)x, NULL,NULL,0,NULL) +#define PEM_write_DHparams(fp,x) \ + PEM_ASN1_write((int (*)())i2d_DHparams,PEM_STRING_DHPARAMS,fp,\ + (char *)x,NULL,NULL,0,NULL) + +#define PEM_read_SSL_SESSION(fp,x,cb) (SSL_SESSION *)PEM_ASN1_read( \ + (char *(*)())d2i_SSL_SESSION,PEM_STRING_SSL_SESSION,fp,(char **)x,cb) +#define PEM_read_X509(fp,x,cb) (X509 *)PEM_ASN1_read( \ + (char *(*)())d2i_X509,PEM_STRING_X509,fp,(char **)x,cb) +#define PEM_read_X509_REQ(fp,x,cb) (X509_REQ *)PEM_ASN1_read( \ + (char *(*)())d2i_X509_REQ,PEM_STRING_X509_REQ,fp,(char **)x,cb) +#define PEM_read_X509_CRL(fp,x,cb) (X509_CRL *)PEM_ASN1_read( \ + (char *(*)())d2i_X509_CRL,PEM_STRING_X509_CRL,fp,(char **)x,cb) +#define PEM_read_RSAPrivateKey(fp,x,cb) (RSA *)PEM_ASN1_read( \ + (char *(*)())d2i_RSAPrivateKey,PEM_STRING_RSA,fp,(char **)x,cb) +#define PEM_read_RSAPublicKey(fp,x,cb) (RSA *)PEM_ASN1_read( \ + (char *(*)())d2i_RSAPublicKey,PEM_STRING_RSA_PUBLIC,fp,(char **)x,cb) +#define PEM_read_DSAPrivateKey(fp,x,cb) (DSA *)PEM_ASN1_read( \ + (char *(*)())d2i_DSAPrivateKey,PEM_STRING_DSA,fp,(char **)x,cb) +#define PEM_read_PrivateKey(fp,x,cb) (EVP_PKEY *)PEM_ASN1_read( \ + (char *(*)())d2i_PrivateKey,PEM_STRING_EVP_PKEY,fp,(char **)x,cb) +#define PEM_read_PKCS7(fp,x,cb) (PKCS7 *)PEM_ASN1_read( \ + (char *(*)())d2i_PKCS7,PEM_STRING_PKCS7,fp,(char **)x,cb) +#define PEM_read_DHparams(fp,x,cb) (DH *)PEM_ASN1_read( \ + (char *(*)())d2i_DHparams,PEM_STRING_DHPARAMS,fp,(char **)x,cb) + +#define PEM_write_bio_SSL_SESSION(bp,x) \ + PEM_ASN1_write_bio((int (*)())i2d_SSL_SESSION, \ + PEM_STRING_SSL_SESSION,bp, (char *)x, NULL,NULL,0,NULL) +#define PEM_write_bio_X509(bp,x) \ + PEM_ASN1_write_bio((int (*)())i2d_X509,PEM_STRING_X509,bp, \ + (char *)x, NULL,NULL,0,NULL) +#define PEM_write_bio_X509_REQ(bp,x) PEM_ASN1_write_bio( \ + (int (*)())i2d_X509_REQ,PEM_STRING_X509_REQ,bp,(char *)x, \ + NULL,NULL,0,NULL) +#define PEM_write_bio_X509_CRL(bp,x) \ + PEM_ASN1_write_bio((int (*)())i2d_X509_CRL,PEM_STRING_X509_CRL,\ + bp,(char *)x, NULL,NULL,0,NULL) +#define PEM_write_bio_RSAPrivateKey(bp,x,enc,kstr,klen,cb) \ + PEM_ASN1_write_bio((int (*)())i2d_RSAPrivateKey,PEM_STRING_RSA,\ + bp,(char *)x,enc,kstr,klen,cb) +#define PEM_write_bio_RSAPublicKey(bp,x) \ + PEM_ASN1_write_bio((int (*)())i2d_RSAPublicKey, \ + PEM_STRING_RSA_PUBLIC,\ + bp,(char *)x,NULL,NULL,0,NULL) +#define PEM_write_bio_DSAPrivateKey(bp,x,enc,kstr,klen,cb) \ + PEM_ASN1_write_bio((int (*)())i2d_DSAPrivateKey,PEM_STRING_DSA,\ + bp,(char *)x,enc,kstr,klen,cb) +#define PEM_write_bio_PrivateKey(bp,x,enc,kstr,klen,cb) \ + PEM_ASN1_write_bio((int (*)())i2d_PrivateKey,\ + (((x)->type == EVP_PKEY_DSA)?PEM_STRING_DSA:PEM_STRING_RSA),\ + bp,(char *)x,enc,kstr,klen,cb) +#define PEM_write_bio_PKCS7(bp,x) \ + PEM_ASN1_write_bio((int (*)())i2d_PKCS7,PEM_STRING_PKCS7,bp, \ + (char *)x, NULL,NULL,0,NULL) +#define PEM_write_bio_DHparams(bp,x) \ + PEM_ASN1_write_bio((int (*)())i2d_DHparams,PEM_STRING_DHPARAMS,\ + bp,(char *)x,NULL,NULL,0,NULL) +#define PEM_write_bio_DSAparams(bp,x) \ + PEM_ASN1_write_bio((int (*)())i2d_DSAparams, \ + PEM_STRING_DSAPARAMS,bp,(char *)x,NULL,NULL,0,NULL) + +#define PEM_read_bio_SSL_SESSION(bp,x,cb) (SSL_SESSION *)PEM_ASN1_read_bio( \ + (char *(*)())d2i_SSL_SESSION,PEM_STRING_SSL_SESSION,bp,(char **)x,cb) +#define PEM_read_bio_X509(bp,x,cb) (X509 *)PEM_ASN1_read_bio( \ + (char *(*)())d2i_X509,PEM_STRING_X509,bp,(char **)x,cb) +#define PEM_read_bio_X509_REQ(bp,x,cb) (X509_REQ *)PEM_ASN1_read_bio( \ + (char *(*)())d2i_X509_REQ,PEM_STRING_X509_REQ,bp,(char **)x,cb) +#define PEM_read_bio_X509_CRL(bp,x,cb) (X509_CRL *)PEM_ASN1_read_bio( \ + (char *(*)())d2i_X509_CRL,PEM_STRING_X509_CRL,bp,(char **)x,cb) +#define PEM_read_bio_RSAPrivateKey(bp,x,cb) (RSA *)PEM_ASN1_read_bio( \ + (char *(*)())d2i_RSAPrivateKey,PEM_STRING_RSA,bp,(char **)x,cb) +#define PEM_read_bio_RSAPublicKey(bp,x,cb) (RSA *)PEM_ASN1_read_bio( \ + (char *(*)())d2i_RSAPublicKey,PEM_STRING_RSA_PUBLIC,bp,(char **)x,cb) +#define PEM_read_bio_DSAPrivateKey(bp,x,cb) (DSA *)PEM_ASN1_read_bio( \ + (char *(*)())d2i_DSAPrivateKey,PEM_STRING_DSA,bp,(char **)x,cb) +#define PEM_read_bio_PrivateKey(bp,x,cb) (EVP_PKEY *)PEM_ASN1_read_bio( \ + (char *(*)())d2i_PrivateKey,PEM_STRING_EVP_PKEY,bp,(char **)x,cb) + +#define PEM_read_bio_PKCS7(bp,x,cb) (PKCS7 *)PEM_ASN1_read_bio( \ + (char *(*)())d2i_PKCS7,PEM_STRING_PKCS7,bp,(char **)x,cb) +#define PEM_read_bio_DHparams(bp,x,cb) (DH *)PEM_ASN1_read_bio( \ + (char *(*)())d2i_DHparams,PEM_STRING_DHPARAMS,bp,(char **)x,cb) +#define PEM_read_bio_DSAparams(bp,x,cb) (DSA *)PEM_ASN1_read_bio( \ + (char *(*)())d2i_DSAparams,PEM_STRING_DSAPARAMS,bp,(char **)x,cb) + +#endif + +#ifndef NOPROTO +int PEM_get_EVP_CIPHER_INFO(char *header, EVP_CIPHER_INFO *cipher); +int PEM_do_header (EVP_CIPHER_INFO *cipher, unsigned char *data,long *len, + int (*callback)()); + +#ifdef HEADER_BIO_H +int PEM_read_bio(BIO *bp, char **name, char **header, + unsigned char **data,long *len); +int PEM_write_bio(BIO *bp,char *name,char *hdr,unsigned char *data, + long len); +char * PEM_ASN1_read_bio(char *(*d2i)(),char *name,BIO *bp,char **x, + int (*cb)()); +int PEM_ASN1_write_bio(int (*i2d)(),char *name,BIO *bp,char *x, + EVP_CIPHER *enc,unsigned char *kstr,int klen,int (*callback)()); +STACK * PEM_X509_INFO_read_bio(BIO *bp, STACK *sk, int (*cb)()); +int PEM_X509_INFO_write_bio(BIO *bp,X509_INFO *xi, EVP_CIPHER *enc, + unsigned char *kstr, int klen, int (*cb)()); +#endif + +#ifndef WIN16 +int PEM_read(FILE *fp, char **name, char **header, + unsigned char **data,long *len); +int PEM_write(FILE *fp,char *name,char *hdr,unsigned char *data,long len); +char * PEM_ASN1_read(char *(*d2i)(),char *name,FILE *fp,char **x, + int (*cb)()); +int PEM_ASN1_write(int (*i2d)(),char *name,FILE *fp,char *x, + EVP_CIPHER *enc,unsigned char *kstr,int klen,int (*callback)()); +STACK * PEM_X509_INFO_read(FILE *fp, STACK *sk, int (*cb)()); +#endif + +int PEM_SealInit(PEM_ENCODE_SEAL_CTX *ctx, EVP_CIPHER *type, + EVP_MD *md_type, unsigned char **ek, int *ekl, + unsigned char *iv, EVP_PKEY **pubk, int npubk); +void PEM_SealUpdate(PEM_ENCODE_SEAL_CTX *ctx, unsigned char *out, int *outl, + unsigned char *in, int inl); +int PEM_SealFinal(PEM_ENCODE_SEAL_CTX *ctx, unsigned char *sig,int *sigl, + unsigned char *out, int *outl, EVP_PKEY *priv); + +void PEM_SignInit(EVP_MD_CTX *ctx, EVP_MD *type); +void PEM_SignUpdate(EVP_MD_CTX *ctx,unsigned char *d,unsigned int cnt); +int PEM_SignFinal(EVP_MD_CTX *ctx, unsigned char *sigret, + unsigned int *siglen, EVP_PKEY *pkey); + +void ERR_load_PEM_strings(void); + +void PEM_proc_type(char *buf, int type); +void PEM_dek_info(char *buf, char *type, int len, char *str); + +#ifndef SSLEAY_MACROS + +#ifndef WIN16 +X509 *PEM_read_X509(FILE *fp,X509 **x,int (*cb)()); +X509_REQ *PEM_read_X509_REQ(FILE *fp,X509_REQ **x,int (*cb)()); +X509_CRL *PEM_read_X509_CRL(FILE *fp,X509_CRL **x,int (*cb)()); +RSA *PEM_read_RSAPrivateKey(FILE *fp,RSA **x,int (*cb)()); +RSA *PEM_read_RSAPublicKey(FILE *fp,RSA **x,int (*cb)()); +DSA *PEM_read_DSAPrivateKey(FILE *fp,DSA **x,int (*cb)()); +EVP_PKEY *PEM_read_PrivateKey(FILE *fp,EVP_PKEY **x,int (*cb)()); +PKCS7 *PEM_read_PKCS7(FILE *fp,PKCS7 **x,int (*cb)()); +DH *PEM_read_DHparams(FILE *fp,DH **x,int (*cb)()); +DSA *PEM_read_DSAparams(FILE *fp,DSA **x,int (*cb)()); +int PEM_write_X509(FILE *fp,X509 *x); +int PEM_write_X509_REQ(FILE *fp,X509_REQ *x); +int PEM_write_X509_CRL(FILE *fp,X509_CRL *x); +int PEM_write_RSAPrivateKey(FILE *fp,RSA *x,EVP_CIPHER *enc,unsigned char *kstr, + int klen,int (*cb)()); +int PEM_write_RSAPublicKey(FILE *fp,RSA *x); +int PEM_write_DSAPrivateKey(FILE *fp,DSA *x,EVP_CIPHER *enc,unsigned char *kstr, + int klen,int (*cb)()); +int PEM_write_PrivateKey(FILE *fp,EVP_PKEY *x,EVP_CIPHER *enc, + unsigned char *kstr,int klen,int (*cb)()); +int PEM_write_PKCS7(FILE *fp,PKCS7 *x); +int PEM_write_DHparams(FILE *fp,DH *x); +int PEM_write_DSAparams(FILE *fp,DSA *x); +#endif + +#ifdef HEADER_BIO_H +X509 *PEM_read_bio_X509(BIO *bp,X509 **x,int (*cb)()); +X509_REQ *PEM_read_bio_X509_REQ(BIO *bp,X509_REQ **x,int (*cb)()); +X509_CRL *PEM_read_bio_X509_CRL(BIO *bp,X509_CRL **x,int (*cb)()); +RSA *PEM_read_bio_RSAPrivateKey(BIO *bp,RSA **x,int (*cb)()); +RSA *PEM_read_bio_RSAPublicKey(BIO *bp,RSA **x,int (*cb)()); +DSA *PEM_read_bio_DSAPrivateKey(BIO *bp,DSA **x,int (*cb)()); +EVP_PKEY *PEM_read_bio_PrivateKey(BIO *bp,EVP_PKEY **x,int (*cb)()); +PKCS7 *PEM_read_bio_PKCS7(BIO *bp,PKCS7 **x,int (*cb)()); +DH *PEM_read_bio_DHparams(BIO *bp,DH **x,int (*cb)()); +DSA *PEM_read_bio_DSAparams(BIO *bp,DSA **x,int (*cb)()); +int PEM_write_bio_X509(BIO *bp,X509 *x); +int PEM_write_bio_X509_REQ(BIO *bp,X509_REQ *x); +int PEM_write_bio_X509_CRL(BIO *bp,X509_CRL *x); +int PEM_write_bio_RSAPrivateKey(BIO *fp,RSA *x,EVP_CIPHER *enc, + unsigned char *kstr,int klen,int (*cb)()); +int PEM_write_bio_RSAPublicKey(BIO *fp,RSA *x); +int PEM_write_bio_DSAPrivateKey(BIO *fp,DSA *x,EVP_CIPHER *enc, + unsigned char *kstr,int klen,int (*cb)()); +int PEM_write_bio_PrivateKey(BIO *fp,EVP_PKEY *x,EVP_CIPHER *enc, + unsigned char *kstr,int klen,int (*cb)()); +int PEM_write_bio_PKCS7(BIO *bp,PKCS7 *x); +int PEM_write_bio_DHparams(BIO *bp,DH *x); +int PEM_write_bio_DSAparams(BIO *bp,DSA *x); +#endif + +#endif /* SSLEAY_MACROS */ + + +#else + +int PEM_get_EVP_CIPHER_INFO(); +int PEM_do_header(); +int PEM_read_bio(); +int PEM_write_bio(); +#ifndef WIN16 +int PEM_read(); +int PEM_write(); +STACK * PEM_X509_INFO_read(); +char * PEM_ASN1_read(); +int PEM_ASN1_write(); +#endif +STACK * PEM_X509_INFO_read_bio(); +int PEM_X509_INFO_write_bio(); +char * PEM_ASN1_read_bio(); +int PEM_ASN1_write_bio(); +int PEM_SealInit(); +void PEM_SealUpdate(); +int PEM_SealFinal(); +int PEM_SignFinal(); + +void ERR_load_PEM_strings(); + +void PEM_proc_type(); +void PEM_dek_info(); + +#ifndef SSLEAY_MACROS +#ifndef WIN16 +X509 *PEM_read_X509(); +X509_REQ *PEM_read_X509_REQ(); +X509_CRL *PEM_read_X509_CRL(); +RSA *PEM_read_RSAPrivateKey(); +RSA *PEM_read_RSAPublicKey(); +DSA *PEM_read_DSAPrivateKey(); +EVP_PKEY *PEM_read_PrivateKey(); +PKCS7 *PEM_read_PKCS7(); +DH *PEM_read_DHparams(); +DSA *PEM_read_DSAparams(); +int PEM_write_X509(); +int PEM_write_X509_REQ(); +int PEM_write_X509_CRL(); +int PEM_write_RSAPrivateKey(); +int PEM_write_RSAPublicKey(); +int PEM_write_DSAPrivateKey(); +int PEM_write_PrivateKey(); +int PEM_write_PKCS7(); +int PEM_write_DHparams(); +int PEM_write_DSAparams(); +#endif + +X509 *PEM_read_bio_X509(); +X509_REQ *PEM_read_bio_X509_REQ(); +X509_CRL *PEM_read_bio_X509_CRL(); +RSA *PEM_read_bio_RSAPrivateKey(); +RSA *PEM_read_bio_RSAPublicKey(); +DSA *PEM_read_bio_DSAPrivateKey(); +EVP_PKEY *PEM_read_bio_PrivateKey(); +PKCS7 *PEM_read_bio_PKCS7(); +DH *PEM_read_bio_DHparams(); +DSA *PEM_read_bio_DSAparams(); +int PEM_write_bio_X509(); +int PEM_write_bio_X509_REQ(); +int PEM_write_bio_X509_CRL(); +int PEM_write_bio_RSAPrivateKey(); +int PEM_write_bio_RSAPublicKey(); +int PEM_write_bio_DSAPrivateKey(); +int PEM_write_bio_PrivateKey(); +int PEM_write_bio_PKCS7(); +int PEM_write_bio_DHparams(); +int PEM_write_bio_DSAparams(); + +#endif /* SSLEAY_MACROS */ + +#endif + +/* BEGIN ERROR CODES */ +/* Error codes for the PEM functions. */ + +/* Function codes. */ +#define PEM_F_DEF_CALLBACK 100 +#define PEM_F_LOAD_IV 101 +#define PEM_F_PEM_ASN1_READ 102 +#define PEM_F_PEM_ASN1_READ_BIO 103 +#define PEM_F_PEM_ASN1_WRITE 104 +#define PEM_F_PEM_ASN1_WRITE_BIO 105 +#define PEM_F_PEM_DO_HEADER 106 +#define PEM_F_PEM_GET_EVP_CIPHER_INFO 107 +#define PEM_F_PEM_READ 108 +#define PEM_F_PEM_READ_BIO 109 +#define PEM_F_PEM_SEALFINAL 110 +#define PEM_F_PEM_SEALINIT 111 +#define PEM_F_PEM_SIGNFINAL 112 +#define PEM_F_PEM_WRITE 113 +#define PEM_F_PEM_WRITE_BIO 114 +#define PEM_F_PEM_X509_INFO_READ 115 +#define PEM_F_PEM_X509_INFO_READ_BIO 116 +#define PEM_F_PEM_X509_INFO_WRITE_BIO 117 + +/* Reason codes. */ +#define PEM_R_BAD_BASE64_DECODE 100 +#define PEM_R_BAD_DECRYPT 101 +#define PEM_R_BAD_END_LINE 102 +#define PEM_R_BAD_IV_CHARS 103 +#define PEM_R_BAD_PASSWORD_READ 104 +#define PEM_R_NOT_DEK_INFO 105 +#define PEM_R_NOT_ENCRYPTED 106 +#define PEM_R_NOT_PROC_TYPE 107 +#define PEM_R_NO_START_LINE 108 +#define PEM_R_PROBLEMS_GETTING_PASSWORD 109 +#define PEM_R_PUBLIC_KEY_NO_RSA 110 +#define PEM_R_READ_KEY 111 +#define PEM_R_SHORT_HEADER 112 +#define PEM_R_UNSUPPORTED_CIPHER 113 +#define PEM_R_UNSUPPORTED_ENCRYPTION 114 + +#ifdef __cplusplus +} +#endif +#endif + diff --git a/src/lib/libcrypto/pem/pem_all.c b/src/lib/libcrypto/pem/pem_all.c new file mode 100644 index 0000000000..d1cda7aabe --- /dev/null +++ b/src/lib/libcrypto/pem/pem_all.c @@ -0,0 +1,488 @@ +/* crypto/pem/pem_all.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include +#undef SSLEAY_MACROS +#include "cryptlib.h" +#include "bio.h" +#include "evp.h" +#include "x509.h" +#include "pkcs7.h" +#include "pem.h" + +#ifndef NO_FP_API +/* The X509 functions */ +X509 *PEM_read_X509(fp,x,cb) +FILE *fp; +X509 **x; +int (*cb)(); + { + return((X509 *)PEM_ASN1_read((char *(*)())d2i_X509, + PEM_STRING_X509,fp,(char **)x,cb)); + } +#endif + +X509 *PEM_read_bio_X509(bp,x,cb) +BIO *bp; +X509 **x; +int (*cb)(); + { + return((X509 *)PEM_ASN1_read_bio((char *(*)())d2i_X509, + PEM_STRING_X509,bp,(char **)x,cb)); + } + +#ifndef NO_FP_API +int PEM_write_X509(fp,x) +FILE *fp; +X509 *x; + { + return(PEM_ASN1_write((int (*)())i2d_X509,PEM_STRING_X509,fp, + (char *)x, NULL,NULL,0,NULL)); + } +#endif + +int PEM_write_bio_X509(bp,x) +BIO *bp; +X509 *x; + { + return(PEM_ASN1_write_bio((int (*)())i2d_X509,PEM_STRING_X509,bp, + (char *)x, NULL,NULL,0,NULL)); + } + +#ifndef NO_FP_API +/* The X509_REQ functions */ +X509_REQ *PEM_read_X509_REQ(fp,x,cb) +FILE *fp; +X509_REQ **x; +int (*cb)(); + { + return((X509_REQ *)PEM_ASN1_read((char *(*)())d2i_X509_REQ, + PEM_STRING_X509_REQ,fp,(char **)x,cb)); + } +#endif + +X509_REQ *PEM_read_bio_X509_REQ(bp,x,cb) +BIO *bp; +X509_REQ **x; +int (*cb)(); + { + return((X509_REQ *)PEM_ASN1_read_bio((char *(*)())d2i_X509_REQ, + PEM_STRING_X509_REQ,bp,(char **)x,cb)); + } + +#ifndef NO_FP_API +int PEM_write_X509_REQ(fp,x) +FILE *fp; +X509_REQ *x; + { + return(PEM_ASN1_write((int (*)())i2d_X509_REQ,PEM_STRING_X509_REQ,fp, + (char *)x, NULL,NULL,0,NULL)); + } +#endif + +int PEM_write_bio_X509_REQ(bp,x) +BIO *bp; +X509_REQ *x; + { + return(PEM_ASN1_write_bio((int (*)())i2d_X509_REQ,PEM_STRING_X509_REQ, + bp,(char *)x, NULL,NULL,0,NULL)); + } + +#ifndef NO_FP_API +/* The X509_CRL functions */ +X509_CRL *PEM_read_X509_CRL(fp,x,cb) +FILE *fp; +X509_CRL **x; +int (*cb)(); + { + return((X509_CRL *)PEM_ASN1_read((char *(*)())d2i_X509_CRL, + PEM_STRING_X509_CRL,fp,(char **)x,cb)); + } +#endif + +X509_CRL *PEM_read_bio_X509_CRL(bp,x,cb) +BIO *bp; +X509_CRL **x; +int (*cb)(); + { + return((X509_CRL *)PEM_ASN1_read_bio((char *(*)())d2i_X509_CRL, + PEM_STRING_X509_CRL,bp,(char **)x,cb)); + } + +#ifndef NO_FP_API +int PEM_write_X509_CRL(fp,x) +FILE *fp; +X509_CRL *x; + { + return(PEM_ASN1_write((int (*)())i2d_X509_CRL,PEM_STRING_X509_CRL,fp, + (char *)x, NULL,NULL,0,NULL)); + } +#endif + +int PEM_write_bio_X509_CRL(bp,x) +BIO *bp; +X509_CRL *x; + { + return(PEM_ASN1_write_bio((int (*)())i2d_X509_CRL,PEM_STRING_X509_CRL, + bp,(char *)x, NULL,NULL,0,NULL)); + } + +#ifndef NO_RSA +#ifndef NO_FP_API +/* The RSAPrivateKey functions */ +RSA *PEM_read_RSAPrivateKey(fp,x,cb) +FILE *fp; +RSA **x; +int (*cb)(); + { + return((RSA *)PEM_ASN1_read((char *(*)())d2i_RSAPrivateKey, + PEM_STRING_RSA,fp,(char **)x,cb)); + } + +RSA *PEM_read_RSAPublicKey(fp,x,cb) +FILE *fp; +RSA **x; +int (*cb)(); + { + return((RSA *)PEM_ASN1_read((char *(*)())d2i_RSAPublicKey, + PEM_STRING_RSA_PUBLIC,fp,(char **)x,cb)); + } +#endif + +RSA *PEM_read_bio_RSAPrivateKey(bp,x,cb) +BIO *bp; +RSA **x; +int (*cb)(); + { + return((RSA *)PEM_ASN1_read_bio((char *(*)())d2i_RSAPrivateKey, + PEM_STRING_RSA,bp,(char **)x,cb)); + } + +RSA *PEM_read_bio_RSAPublicKey(bp,x,cb) +BIO *bp; +RSA **x; +int (*cb)(); + { + return((RSA *)PEM_ASN1_read_bio((char *(*)())d2i_RSAPublicKey, + PEM_STRING_RSA_PUBLIC,bp,(char **)x,cb)); + } + +#ifndef NO_FP_API +int PEM_write_RSAPrivateKey(fp,x,enc,kstr,klen,cb) +FILE *fp; +RSA *x; +EVP_CIPHER *enc; +unsigned char *kstr; +int klen; +int (*cb)(); + { + return(PEM_ASN1_write((int (*)())i2d_RSAPrivateKey,PEM_STRING_RSA,fp, + (char *)x,enc,kstr,klen,cb)); + } + +int PEM_write_RSAPublicKey(fp,x) +FILE *fp; +RSA *x; + { + return(PEM_ASN1_write((int (*)())i2d_RSAPublicKey, + PEM_STRING_RSA_PUBLIC,fp, + (char *)x,NULL,NULL,0,NULL)); + } +#endif + +int PEM_write_bio_RSAPrivateKey(bp,x,enc,kstr,klen,cb) +BIO *bp; +RSA *x; +EVP_CIPHER *enc; +unsigned char *kstr; +int klen; +int (*cb)(); + { + return(PEM_ASN1_write_bio((int (*)())i2d_RSAPrivateKey,PEM_STRING_RSA, + bp,(char *)x,enc,kstr,klen,cb)); + } + +int PEM_write_bio_RSAPublicKey(bp,x) +BIO *bp; +RSA *x; + { + return(PEM_ASN1_write_bio((int (*)())i2d_RSAPublicKey, + PEM_STRING_RSA_PUBLIC, + bp,(char *)x,NULL,NULL,0,NULL)); + } +#endif /* !NO_RSA */ + +#ifndef NO_DSA +#ifndef NO_FP_API +/* The DSAPrivateKey functions */ +DSA *PEM_read_DSAPrivateKey(fp,x,cb) +FILE *fp; +DSA **x; +int (*cb)(); + { + return((DSA *)PEM_ASN1_read((char *(*)())d2i_DSAPrivateKey, + PEM_STRING_DSA,fp,(char **)x,cb)); + } +#endif + +DSA *PEM_read_bio_DSAPrivateKey(bp,x,cb) +BIO *bp; +DSA **x; +int (*cb)(); + { + return((DSA *)PEM_ASN1_read_bio((char *(*)())d2i_DSAPrivateKey, + PEM_STRING_DSA,bp,(char **)x,cb)); + } + +#ifndef NO_FP_API +int PEM_write_DSAPrivateKey(fp,x,enc,kstr,klen,cb) +FILE *fp; +DSA *x; +EVP_CIPHER *enc; +unsigned char *kstr; +int klen; +int (*cb)(); + { + return(PEM_ASN1_write((int (*)())i2d_DSAPrivateKey,PEM_STRING_DSA,fp, + (char *)x,enc,kstr,klen,cb)); + } +#endif + +int PEM_write_bio_DSAPrivateKey(bp,x,enc,kstr,klen,cb) +BIO *bp; +DSA *x; +EVP_CIPHER *enc; +unsigned char *kstr; +int klen; +int (*cb)(); + { + return(PEM_ASN1_write_bio((int (*)())i2d_DSAPrivateKey,PEM_STRING_DSA, + bp,(char *)x,enc,kstr,klen,cb)); + } +#endif + +#ifndef NO_FP_API +/* The PrivateKey functions */ +EVP_PKEY *PEM_read_PrivateKey(fp,x,cb) +FILE *fp; +EVP_PKEY **x; +int (*cb)(); + { + return((EVP_PKEY *)PEM_ASN1_read((char *(*)())d2i_PrivateKey, + PEM_STRING_EVP_PKEY,fp,(char **)x,cb)); + } +#endif + +EVP_PKEY *PEM_read_bio_PrivateKey(bp,x,cb) +BIO *bp; +EVP_PKEY **x; +int (*cb)(); + { + return((EVP_PKEY *)PEM_ASN1_read_bio((char *(*)())d2i_PrivateKey, + PEM_STRING_EVP_PKEY,bp,(char **)x,cb)); + } + +#ifndef NO_FP_API +int PEM_write_PrivateKey(fp,x,enc,kstr,klen,cb) +FILE *fp; +EVP_PKEY *x; +EVP_CIPHER *enc; +unsigned char *kstr; +int klen; +int (*cb)(); + { + return(PEM_ASN1_write((int (*)())i2d_PrivateKey, + ((x->type == EVP_PKEY_DSA)?PEM_STRING_DSA:PEM_STRING_RSA), + fp,(char *)x,enc,kstr,klen,cb)); + } +#endif + +int PEM_write_bio_PrivateKey(bp,x,enc,kstr,klen,cb) +BIO *bp; +EVP_PKEY *x; +EVP_CIPHER *enc; +unsigned char *kstr; +int klen; +int (*cb)(); + { + return(PEM_ASN1_write_bio((int (*)())i2d_PrivateKey, + ((x->type == EVP_PKEY_DSA)?PEM_STRING_DSA:PEM_STRING_RSA), + bp,(char *)x,enc,kstr,klen,cb)); + } + +#ifndef NO_FP_API +/* The PKCS7 functions */ +PKCS7 *PEM_read_PKCS7(fp,x,cb) +FILE *fp; +PKCS7 **x; +int (*cb)(); + { + return((PKCS7 *)PEM_ASN1_read((char *(*)())d2i_PKCS7, + PEM_STRING_PKCS7,fp,(char **)x,cb)); + } +#endif + +PKCS7 *PEM_read_bio_PKCS7(bp,x,cb) +BIO *bp; +PKCS7 **x; +int (*cb)(); + { + return((PKCS7 *)PEM_ASN1_read_bio((char *(*)())d2i_PKCS7, + PEM_STRING_PKCS7,bp,(char **)x,cb)); + } + +#ifndef NO_FP_API +int PEM_write_PKCS7(fp,x) +FILE *fp; +PKCS7 *x; + { + return(PEM_ASN1_write((int (*)())i2d_PKCS7,PEM_STRING_PKCS7,fp, + (char *)x, NULL,NULL,0,NULL)); + } +#endif + +int PEM_write_bio_PKCS7(bp,x) +BIO *bp; +PKCS7 *x; + { + return(PEM_ASN1_write_bio((int (*)())i2d_PKCS7,PEM_STRING_PKCS7,bp, + (char *)x, NULL,NULL,0,NULL)); + } + +#ifndef NO_DH +#ifndef NO_FP_API +/* The DHparams functions */ +DH *PEM_read_DHparams(fp,x,cb) +FILE *fp; +DH **x; +int (*cb)(); + { + return((DH *)PEM_ASN1_read((char *(*)())d2i_DHparams, + PEM_STRING_DHPARAMS,fp,(char **)x,cb)); + } +#endif + +DH *PEM_read_bio_DHparams(bp,x,cb) +BIO *bp; +DH **x; +int (*cb)(); + { + return((DH *)PEM_ASN1_read_bio((char *(*)())d2i_DHparams, + PEM_STRING_DHPARAMS,bp,(char **)x,cb)); + } + +#ifndef NO_FP_API +int PEM_write_DHparams(fp,x) +FILE *fp; +DH *x; + { + return(PEM_ASN1_write((int (*)())i2d_DHparams,PEM_STRING_DHPARAMS,fp, + (char *)x, NULL,NULL,0,NULL)); + } +#endif + +int PEM_write_bio_DHparams(bp,x) +BIO *bp; +DH *x; + { + return(PEM_ASN1_write_bio((int (*)())i2d_DHparams,PEM_STRING_DHPARAMS, + bp,(char *)x, NULL,NULL,0,NULL)); + } +#endif + +#ifndef NO_DSA +#ifndef NO_FP_API +/* The DSAparams functions */ +DSA *PEM_read_DSAparams(fp,x,cb) +FILE *fp; +DSA **x; +int (*cb)(); + { + return((DSA *)PEM_ASN1_read((char *(*)())d2i_DSAparams, + PEM_STRING_DSAPARAMS,fp,(char **)x,cb)); + } +#endif + +DSA *PEM_read_bio_DSAparams(bp,x,cb) +BIO *bp; +DSA **x; +int (*cb)(); + { + return((DSA *)PEM_ASN1_read_bio((char *(*)())d2i_DSAparams, + PEM_STRING_DSAPARAMS,bp,(char **)x,cb)); + } + +#ifndef NO_FP_API +int PEM_write_DSAparams(fp,x) +FILE *fp; +DSA *x; + { + return(PEM_ASN1_write((int (*)())i2d_DSAparams,PEM_STRING_DSAPARAMS,fp, + (char *)x, NULL,NULL,0,NULL)); + } +#endif + +int PEM_write_bio_DSAparams(bp,x) +BIO *bp; +DSA *x; + { + return(PEM_ASN1_write_bio((int (*)())i2d_DSAparams,PEM_STRING_DSAPARAMS, + bp,(char *)x, NULL,NULL,0,NULL)); + } +#endif + diff --git a/src/lib/libcrypto/pem/pem_err.c b/src/lib/libcrypto/pem/pem_err.c new file mode 100644 index 0000000000..e17fcdb540 --- /dev/null +++ b/src/lib/libcrypto/pem/pem_err.c @@ -0,0 +1,122 @@ +/* lib/pem/pem_err.c */ +/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ +#include +#include "err.h" +#include "pem.h" + +/* BEGIN ERROR CODES */ +#ifndef NO_ERR +static ERR_STRING_DATA PEM_str_functs[]= + { +{ERR_PACK(0,PEM_F_DEF_CALLBACK,0), "DEF_CALLBACK"}, +{ERR_PACK(0,PEM_F_LOAD_IV,0), "LOAD_IV"}, +{ERR_PACK(0,PEM_F_PEM_ASN1_READ,0), "PEM_ASN1_read"}, +{ERR_PACK(0,PEM_F_PEM_ASN1_READ_BIO,0), "PEM_ASN1_read_bio"}, +{ERR_PACK(0,PEM_F_PEM_ASN1_WRITE,0), "PEM_ASN1_write"}, +{ERR_PACK(0,PEM_F_PEM_ASN1_WRITE_BIO,0), "PEM_ASN1_write_bio"}, +{ERR_PACK(0,PEM_F_PEM_DO_HEADER,0), "PEM_do_header"}, +{ERR_PACK(0,PEM_F_PEM_GET_EVP_CIPHER_INFO,0), "PEM_get_EVP_CIPHER_INFO"}, +{ERR_PACK(0,PEM_F_PEM_READ,0), "PEM_read"}, +{ERR_PACK(0,PEM_F_PEM_READ_BIO,0), "PEM_read_bio"}, +{ERR_PACK(0,PEM_F_PEM_SEALFINAL,0), "PEM_SealFinal"}, +{ERR_PACK(0,PEM_F_PEM_SEALINIT,0), "PEM_SealInit"}, +{ERR_PACK(0,PEM_F_PEM_SIGNFINAL,0), "PEM_SignFinal"}, +{ERR_PACK(0,PEM_F_PEM_WRITE,0), "PEM_write"}, +{ERR_PACK(0,PEM_F_PEM_WRITE_BIO,0), "PEM_write_bio"}, +{ERR_PACK(0,PEM_F_PEM_X509_INFO_READ,0), "PEM_X509_INFO_read"}, +{ERR_PACK(0,PEM_F_PEM_X509_INFO_READ_BIO,0), "PEM_X509_INFO_read_bio"}, +{ERR_PACK(0,PEM_F_PEM_X509_INFO_WRITE_BIO,0), "PEM_X509_INFO_write_bio"}, +{0,NULL}, + }; + +static ERR_STRING_DATA PEM_str_reasons[]= + { +{PEM_R_BAD_BASE64_DECODE ,"bad base64 decode"}, +{PEM_R_BAD_DECRYPT ,"bad decrypt"}, +{PEM_R_BAD_END_LINE ,"bad end line"}, +{PEM_R_BAD_IV_CHARS ,"bad iv chars"}, +{PEM_R_BAD_PASSWORD_READ ,"bad password read"}, +{PEM_R_NOT_DEK_INFO ,"not dek info"}, +{PEM_R_NOT_ENCRYPTED ,"not encrypted"}, +{PEM_R_NOT_PROC_TYPE ,"not proc type"}, +{PEM_R_NO_START_LINE ,"no start line"}, +{PEM_R_PROBLEMS_GETTING_PASSWORD ,"problems getting password"}, +{PEM_R_PUBLIC_KEY_NO_RSA ,"public key no rsa"}, +{PEM_R_READ_KEY ,"read key"}, +{PEM_R_SHORT_HEADER ,"short header"}, +{PEM_R_UNSUPPORTED_CIPHER ,"unsupported cipher"}, +{PEM_R_UNSUPPORTED_ENCRYPTION ,"unsupported encryption"}, +{0,NULL}, + }; + +#endif + +void ERR_load_PEM_strings() + { + static int init=1; + + if (init); + {; + init=0; +#ifndef NO_ERR + ERR_load_strings(ERR_LIB_PEM,PEM_str_functs); + ERR_load_strings(ERR_LIB_PEM,PEM_str_reasons); +#endif + + } + } diff --git a/src/lib/libcrypto/pem/pem_info.c b/src/lib/libcrypto/pem/pem_info.c new file mode 100644 index 0000000000..4b69833b62 --- /dev/null +++ b/src/lib/libcrypto/pem/pem_info.c @@ -0,0 +1,365 @@ +/* crypto/pem/pem_info.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include +#include "cryptlib.h" +#include "buffer.h" +#include "objects.h" +#include "evp.h" +#include "x509.h" +#include "pem.h" + +#ifndef NO_FP_API +STACK *PEM_X509_INFO_read(fp,sk,cb) +FILE *fp; +STACK *sk; +int (*cb)(); + { + BIO *b; + STACK *ret; + + if ((b=BIO_new(BIO_s_file())) == NULL) + { + PEMerr(PEM_F_PEM_X509_INFO_READ,ERR_R_BUF_LIB); + return(0); + } + BIO_set_fp(b,fp,BIO_NOCLOSE); + ret=PEM_X509_INFO_read_bio(b,sk,cb); + BIO_free(b); + return(ret); + } +#endif + +STACK *PEM_X509_INFO_read_bio(bp,sk,cb) +BIO *bp; +STACK *sk; +int (*cb)(); + { + X509_INFO *xi=NULL; + char *name=NULL,*header=NULL,**pp; + unsigned char *data=NULL,*p; + long len,error=0; + int ok=0; + STACK *ret=NULL; + unsigned int i,raw; + char *(*d2i)(); + + if (sk == NULL) + { + if ((ret=sk_new_null()) == NULL) + { + PEMerr(PEM_F_PEM_X509_INFO_READ_BIO,ERR_R_MALLOC_FAILURE); + goto err; + } + } + else + ret=sk; + + if ((xi=X509_INFO_new()) == NULL) goto err; + for (;;) + { + raw=0; + i=PEM_read_bio(bp,&name,&header,&data,&len); + if (i == 0) + { + error=ERR_GET_REASON(ERR_peek_error()); + if (error == PEM_R_NO_START_LINE) + { + ERR_clear_error(); + break; + } + goto err; + } +start: + if ( (strcmp(name,PEM_STRING_X509) == 0) || + (strcmp(name,PEM_STRING_X509_OLD) == 0)) + { + d2i=(char *(*)())d2i_X509; + if (xi->x509 != NULL) + { + if (!sk_push(ret,(char *)xi)) goto err; + if ((xi=X509_INFO_new()) == NULL) goto err; + goto start; + } + pp=(char **)&(xi->x509); + } + else if (strcmp(name,PEM_STRING_X509_CRL) == 0) + { + d2i=(char *(*)())d2i_X509_CRL; + if (xi->crl != NULL) + { + if (!sk_push(ret,(char *)xi)) goto err; + if ((xi=X509_INFO_new()) == NULL) goto err; + goto start; + } + pp=(char **)&(xi->crl); + } + else +#ifndef NO_RSA + if (strcmp(name,PEM_STRING_RSA) == 0) + { + d2i=(char *(*)())d2i_RSAPrivateKey; + if (xi->x_pkey != NULL) + { + if (!sk_push(ret,(char *)xi)) goto err; + if ((xi=X509_INFO_new()) == NULL) goto err; + goto start; + } + + xi->enc_data=NULL; + xi->enc_len=0; + + xi->x_pkey=X509_PKEY_new(); + if ((xi->x_pkey->dec_pkey=EVP_PKEY_new()) == NULL) + goto err; + xi->x_pkey->dec_pkey->type=EVP_PKEY_RSA; + pp=(char **)&(xi->x_pkey->dec_pkey->pkey.rsa); + if ((int)strlen(header) > 10) /* assume encrypted */ + raw=1; + } + else +#endif +#ifndef NO_DSA + if (strcmp(name,PEM_STRING_DSA) == 0) + { + d2i=(char *(*)())d2i_DSAPrivateKey; + if (xi->x_pkey != NULL) + { + if (!sk_push(ret,(char *)xi)) goto err; + if ((xi=X509_INFO_new()) == NULL) goto err; + goto start; + } + + xi->enc_data=NULL; + xi->enc_len=0; + + xi->x_pkey=X509_PKEY_new(); + if ((xi->x_pkey->dec_pkey=EVP_PKEY_new()) == NULL) + goto err; + xi->x_pkey->dec_pkey->type=EVP_PKEY_DSA; + pp=(char **)&(xi->x_pkey->dec_pkey->pkey.dsa); + if ((int)strlen(header) > 10) /* assume encrypted */ + raw=1; + } + else +#endif + { + d2i=NULL; + pp=NULL; + } + + if (d2i != NULL) + { + if (!raw) + { + EVP_CIPHER_INFO cipher; + + if (!PEM_get_EVP_CIPHER_INFO(header,&cipher)) + goto err; + if (!PEM_do_header(&cipher,data,&len,cb)) + goto err; + p=data; + if (d2i(pp,&p,len) == NULL) + { + PEMerr(PEM_F_PEM_X509_INFO_READ_BIO,ERR_R_ASN1_LIB); + goto err; + } + } + else + { /* encrypted RSA data */ + if (!PEM_get_EVP_CIPHER_INFO(header, + &xi->enc_cipher)) goto err; + xi->enc_data=(char *)data; + xi->enc_len=(int)len; + data=NULL; + } + } + else { + /* unknown */ + } + if (name != NULL) Free(name); + if (header != NULL) Free(header); + if (data != NULL) Free(data); + name=NULL; + header=NULL; + data=NULL; + } + + /* if the last one hasn't been pushed yet and there is anything + * in it then add it to the stack ... + */ + if ((xi->x509 != NULL) || (xi->crl != NULL) || + (xi->x_pkey != NULL) || (xi->enc_data != NULL)) + { + if (!sk_push(ret,(char *)xi)) goto err; + xi=NULL; + } + ok=1; +err: + if (xi != NULL) X509_INFO_free(xi); + if (!ok) + { + for (i=0; ((int)i)x_pkey!=NULL) + { + if ( (xi->enc_data!=NULL) && (xi->enc_len>0) ) + { + /* copy from wierdo names into more normal things */ + iv=xi->enc_cipher.iv; + data=(unsigned char *)xi->enc_data; + i=xi->enc_len; + + /* we take the encryption data from the + * internal stuff rather than what the + * user has passed us ... as we have to + * match exactly for some strange reason + */ + objstr=OBJ_nid2sn( + EVP_CIPHER_nid(xi->enc_cipher.cipher)); + if (objstr == NULL) + { + PEMerr(PEM_F_PEM_X509_INFO_WRITE_BIO,PEM_R_UNSUPPORTED_CIPHER); + goto err; + } + + /* create the right magic header stuff */ + buf[0]='\0'; + PEM_proc_type(buf,PEM_TYPE_ENCRYPTED); + PEM_dek_info(buf,objstr,8,(char *)iv); + + /* use the normal code to write things out */ + i=PEM_write_bio(bp,PEM_STRING_RSA,buf,data,i); + if (i <= 0) goto err; + } + else + { + /* Add DSA/DH */ +#ifndef NO_RSA + /* normal optionally encrypted stuff */ + if (PEM_write_bio_RSAPrivateKey(bp, + xi->x_pkey->dec_pkey->pkey.rsa, + enc,kstr,klen,cb)<=0) + goto err; +#endif + } + } + + /* if we have a certificate then write it out now */ + if ((xi->x509 != NULL) || (PEM_write_bio_X509(bp,xi->x509) <= 0)) + goto err; + + /* we are ignoring anything else that is loaded into the X509_INFO + * structure for the moment ... as I don't need it so I'm not + * coding it here and Eric can do it when this makes it into the + * base library --tjh + */ + + ret=1; + +err: + memset((char *)&ctx,0,sizeof(ctx)); + memset(buf,0,PEM_BUFSIZE); + return(ret); + } diff --git a/src/lib/libcrypto/pem/pem_lib.c b/src/lib/libcrypto/pem/pem_lib.c new file mode 100644 index 0000000000..7a2c0ad83b --- /dev/null +++ b/src/lib/libcrypto/pem/pem_lib.c @@ -0,0 +1,762 @@ +/* crypto/pem/pem_lib.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include +#include "cryptlib.h" +#include "buffer.h" +#include "objects.h" +#include "evp.h" +#include "rand.h" +#include "x509.h" +#include "pem.h" +#ifndef NO_DES +#include "des.h" +#endif + +char *PEM_version="PEM part of SSLeay 0.9.0b 29-Jun-1998"; + +#define MIN_LENGTH 4 + +/* PEMerr(PEM_F_PEM_WRITE_BIO,ERR_R_MALLOC_FAILURE); + * PEMerr(PEM_F_PEM_READ_BIO,ERR_R_MALLOC_FAILURE); + */ + +#ifndef NOPROTO +static int def_callback(char *buf, int num, int w); +static int load_iv(unsigned char **fromp,unsigned char *to, int num); +#else +static int def_callback(); +static int load_iv(); +#endif + +static int def_callback(buf, num, w) +char *buf; +int num; +int w; + { +#ifdef NO_FP_API + /* We should not ever call the default callback routine from + * windows. */ + PEMerr(PEM_F_DEF_CALLBACK,ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); + return(-1); +#else + int i,j; + char *prompt; + + prompt=EVP_get_pw_prompt(); + if (prompt == NULL) + prompt="Enter PEM pass phrase:"; + + for (;;) + { + i=EVP_read_pw_string(buf,num,prompt,w); + if (i != 0) + { + PEMerr(PEM_F_DEF_CALLBACK,PEM_R_PROBLEMS_GETTING_PASSWORD); + memset(buf,0,(unsigned int)num); + return(-1); + } + j=strlen(buf); + if (j < MIN_LENGTH) + { + fprintf(stderr,"phrase is too short, needs to be at least %d chars\n",MIN_LENGTH); + } + else + break; + } + return(j); +#endif + } + +void PEM_proc_type(buf, type) +char *buf; +int type; + { + char *str; + + if (type == PEM_TYPE_ENCRYPTED) + str="ENCRYPTED"; + else if (type == PEM_TYPE_MIC_CLEAR) + str="MIC-CLEAR"; + else if (type == PEM_TYPE_MIC_ONLY) + str="MIC-ONLY"; + else + str="BAD-TYPE"; + + strcat(buf,"Proc-Type: 4,"); + strcat(buf,str); + strcat(buf,"\n"); + } + +void PEM_dek_info(buf, type, len, str) +char *buf; +char *type; +int len; +char *str; + { + static unsigned char map[17]="0123456789ABCDEF"; + long i; + int j; + + strcat(buf,"DEK-Info: "); + strcat(buf,type); + strcat(buf,","); + j=strlen(buf); + for (i=0; i>4)&0x0f]; + buf[j+i*2+1]=map[(str[i] )&0x0f]; + } + buf[j+i*2]='\n'; + buf[j+i*2+1]='\0'; + } + +#ifndef NO_FP_API +char *PEM_ASN1_read(d2i,name,fp, x, cb) +char *(*d2i)(); +char *name; +FILE *fp; +char **x; +int (*cb)(); + { + BIO *b; + char *ret; + + if ((b=BIO_new(BIO_s_file())) == NULL) + { + PEMerr(PEM_F_PEM_ASN1_READ,ERR_R_BUF_LIB); + return(0); + } + BIO_set_fp(b,fp,BIO_NOCLOSE); + ret=PEM_ASN1_read_bio(d2i,name,b,x,cb); + BIO_free(b); + return(ret); + } +#endif + +char *PEM_ASN1_read_bio(d2i,name,bp, x, cb) +char *(*d2i)(); +char *name; +BIO *bp; +char **x; +int (*cb)(); + { + EVP_CIPHER_INFO cipher; + char *nm=NULL,*header=NULL; + unsigned char *p=NULL,*data=NULL; + long len; + char *ret=NULL; + + for (;;) + { + if (!PEM_read_bio(bp,&nm,&header,&data,&len)) return(NULL); + if ( (strcmp(nm,name) == 0) || + ((strcmp(nm,PEM_STRING_RSA) == 0) && + (strcmp(name,PEM_STRING_EVP_PKEY) == 0)) || + ((strcmp(nm,PEM_STRING_DSA) == 0) && + (strcmp(name,PEM_STRING_EVP_PKEY) == 0)) || + ((strcmp(nm,PEM_STRING_X509_OLD) == 0) && + (strcmp(name,PEM_STRING_X509) == 0)) || + ((strcmp(nm,PEM_STRING_X509_REQ_OLD) == 0) && + (strcmp(name,PEM_STRING_X509_REQ) == 0)) + ) + break; + Free(nm); + Free(header); + Free(data); + } + if (!PEM_get_EVP_CIPHER_INFO(header,&cipher)) goto err; + if (!PEM_do_header(&cipher,data,&len,cb)) goto err; + p=data; + if (strcmp(name,PEM_STRING_EVP_PKEY) == 0) + { + if (strcmp(nm,PEM_STRING_RSA) == 0) + ret=d2i(EVP_PKEY_RSA,x,&p,len); + else if (strcmp(nm,PEM_STRING_DSA) == 0) + ret=d2i(EVP_PKEY_DSA,x,&p,len); + } + else + ret=d2i(x,&p,len); + if (ret == NULL) + PEMerr(PEM_F_PEM_ASN1_READ_BIO,ERR_R_ASN1_LIB); +err: + Free(nm); + Free(header); + Free(data); + return(ret); + } + +#ifndef NO_FP_API +int PEM_ASN1_write(i2d,name,fp, x, enc, kstr, klen, callback) +int (*i2d)(); +char *name; +FILE *fp; +char *x; +EVP_CIPHER *enc; +unsigned char *kstr; +int klen; +int (*callback)(); + { + BIO *b; + int ret; + + if ((b=BIO_new(BIO_s_file())) == NULL) + { + PEMerr(PEM_F_PEM_ASN1_WRITE,ERR_R_BUF_LIB); + return(0); + } + BIO_set_fp(b,fp,BIO_NOCLOSE); + ret=PEM_ASN1_write_bio(i2d,name,b,x,enc,kstr,klen,callback); + BIO_free(b); + return(ret); + } +#endif + +int PEM_ASN1_write_bio(i2d,name,bp, x, enc, kstr, klen, callback) +int (*i2d)(); +char *name; +BIO *bp; +char *x; +EVP_CIPHER *enc; +unsigned char *kstr; +int klen; +int (*callback)(); + { + EVP_CIPHER_CTX ctx; + int dsize=0,i,j,ret=0; + unsigned char *p,*data=NULL; + char *objstr=NULL; +#define PEM_BUFSIZE 1024 + char buf[PEM_BUFSIZE]; + unsigned char key[EVP_MAX_KEY_LENGTH]; + unsigned char iv[EVP_MAX_IV_LENGTH]; + + if (enc != NULL) + { + objstr=OBJ_nid2sn(EVP_CIPHER_nid(enc)); + if (objstr == NULL) + { + PEMerr(PEM_F_PEM_ASN1_WRITE_BIO,PEM_R_UNSUPPORTED_CIPHER); + goto err; + } + } + + if ((dsize=i2d(x,NULL)) < 0) + { + PEMerr(PEM_F_PEM_ASN1_WRITE_BIO,ERR_R_MALLOC_FAILURE); + dsize=0; + goto err; + } + /* dzise + 8 bytes are needed */ + data=(unsigned char *)Malloc((unsigned int)dsize+20); + if (data == NULL) + { + PEMerr(PEM_F_PEM_ASN1_WRITE_BIO,ERR_R_MALLOC_FAILURE); + goto err; + } + p=data; + i=i2d(x,&p); + + if (enc != NULL) + { + if (kstr == NULL) + { + if (callback == NULL) + klen=def_callback(buf,PEM_BUFSIZE,1); + else + klen=(*callback)(buf,PEM_BUFSIZE,1); + if (klen <= 0) + { + PEMerr(PEM_F_PEM_ASN1_WRITE_BIO,PEM_R_READ_KEY); + goto err; + } + kstr=(unsigned char *)buf; + } + RAND_seed(data,i);/* put in the RSA key. */ + RAND_bytes(iv,8); /* Generate a salt */ + /* The 'iv' is used as the iv and as a salt. It is + * NOT taken from the BytesToKey function */ + EVP_BytesToKey(enc,EVP_md5(),iv,kstr,klen,1,key,NULL); + + if (kstr == (unsigned char *)buf) memset(buf,0,PEM_BUFSIZE); + + buf[0]='\0'; + PEM_proc_type(buf,PEM_TYPE_ENCRYPTED); + PEM_dek_info(buf,objstr,8,(char *)iv); + /* k=strlen(buf); */ + + EVP_EncryptInit(&ctx,enc,key,iv); + EVP_EncryptUpdate(&ctx,data,&j,data,i); + EVP_EncryptFinal(&ctx,&(data[j]),&i); + i+=j; + ret=1; + } + else + { + ret=1; + buf[0]='\0'; + } + i=PEM_write_bio(bp,name,buf,data,i); + if (i <= 0) ret=0; +err: + memset(key,0,sizeof(key)); + memset(iv,0,sizeof(iv)); + memset((char *)&ctx,0,sizeof(ctx)); + memset(buf,0,PEM_BUFSIZE); + memset(data,0,(unsigned int)dsize); + Free(data); + return(ret); + } + +int PEM_do_header(cipher, data, plen, callback) +EVP_CIPHER_INFO *cipher; +unsigned char *data; +long *plen; +int (*callback)(); + { + int i,j,o,klen; + long len; + EVP_CIPHER_CTX ctx; + unsigned char key[EVP_MAX_KEY_LENGTH]; + char buf[PEM_BUFSIZE]; + + len= *plen; + + if (cipher->cipher == NULL) return(1); + if (callback == NULL) + klen=def_callback(buf,PEM_BUFSIZE,0); + else + klen=callback(buf,PEM_BUFSIZE,0); + if (klen <= 0) + { + PEMerr(PEM_F_PEM_DO_HEADER,PEM_R_BAD_PASSWORD_READ); + return(0); + } + EVP_BytesToKey(cipher->cipher,EVP_md5(),&(cipher->iv[0]), + (unsigned char *)buf,klen,1,key,NULL); + + j=(int)len; + EVP_DecryptInit(&ctx,cipher->cipher,key,&(cipher->iv[0])); + EVP_DecryptUpdate(&ctx,data,&i,data,j); + o=EVP_DecryptFinal(&ctx,&(data[i]),&j); + EVP_CIPHER_CTX_cleanup(&ctx); + memset((char *)buf,0,sizeof(buf)); + memset((char *)key,0,sizeof(key)); + j+=i; + if (!o) + { + PEMerr(PEM_F_PEM_DO_HEADER,PEM_R_BAD_DECRYPT); + return(0); + } + *plen=j; + return(1); + } + +int PEM_get_EVP_CIPHER_INFO(header,cipher) +char *header; +EVP_CIPHER_INFO *cipher; + { + int o; + EVP_CIPHER *enc=NULL; + char *p,c; + + cipher->cipher=NULL; + if ((header == NULL) || (*header == '\0') || (*header == '\n')) + return(1); + if (strncmp(header,"Proc-Type: ",11) != 0) + { PEMerr(PEM_F_PEM_GET_EVP_CIPHER_INFO,PEM_R_NOT_PROC_TYPE); return(0); } + header+=11; + if (*header != '4') return(0); header++; + if (*header != ',') return(0); header++; + if (strncmp(header,"ENCRYPTED",9) != 0) + { PEMerr(PEM_F_PEM_GET_EVP_CIPHER_INFO,PEM_R_NOT_ENCRYPTED); return(0); } + for (; (*header != '\n') && (*header != '\0'); header++) + ; + if (*header == '\0') + { PEMerr(PEM_F_PEM_GET_EVP_CIPHER_INFO,PEM_R_SHORT_HEADER); return(0); } + header++; + if (strncmp(header,"DEK-Info: ",10) != 0) + { PEMerr(PEM_F_PEM_GET_EVP_CIPHER_INFO,PEM_R_NOT_DEK_INFO); return(0); } + header+=10; + + p=header; + for (;;) + { + c= *header; + if (!( ((c >= 'A') && (c <= 'Z')) || (c == '-') || + ((c >= '0') && (c <= '9')))) + break; + header++; + } + *header='\0'; + o=OBJ_sn2nid(p); + cipher->cipher=enc=EVP_get_cipherbyname(p); + *header=c; + header++; + + if (enc == NULL) + { + PEMerr(PEM_F_PEM_GET_EVP_CIPHER_INFO,PEM_R_UNSUPPORTED_ENCRYPTION); + return(0); + } + if (!load_iv((unsigned char **)&header,&(cipher->iv[0]),8)) return(0); + + return(1); + } + +static int load_iv(fromp,to,num) +unsigned char **fromp,*to; +int num; + { + int v,i; + unsigned char *from; + + from= *fromp; + for (i=0; i= '0') && (*from <= '9')) + v= *from-'0'; + else if ((*from >= 'A') && (*from <= 'F')) + v= *from-'A'+10; + else if ((*from >= 'a') && (*from <= 'f')) + v= *from-'a'+10; + else + { + PEMerr(PEM_F_LOAD_IV,PEM_R_BAD_IV_CHARS); + return(0); + } + from++; + to[i/2]|=v<<(long)((!(i&1))*4); + } + + *fromp=from; + return(1); + } + +#ifndef NO_FP_API +int PEM_write(fp, name, header, data,len) +FILE *fp; +char *name; +char *header; +unsigned char *data; +long len; + { + BIO *b; + int ret; + + if ((b=BIO_new(BIO_s_file())) == NULL) + { + PEMerr(PEM_F_PEM_WRITE,ERR_R_BUF_LIB); + return(0); + } + BIO_set_fp(b,fp,BIO_NOCLOSE); + ret=PEM_write_bio(b, name, header, data,len); + BIO_free(b); + return(ret); + } +#endif + +int PEM_write_bio(bp, name, header, data,len) +BIO *bp; +char *name; +char *header; +unsigned char *data; +long len; + { + int nlen,n,i,j,outl; + unsigned char *buf; + EVP_ENCODE_CTX ctx; + int reason=ERR_R_BUF_LIB; + + EVP_EncodeInit(&ctx); + nlen=strlen(name); + + if ( (BIO_write(bp,"-----BEGIN ",11) != 11) || + (BIO_write(bp,name,nlen) != nlen) || + (BIO_write(bp,"-----\n",6) != 6)) + goto err; + + i=strlen(header); + if (i > 0) + { + if ( (BIO_write(bp,header,i) != i) || + (BIO_write(bp,"\n",1) != 1)) + goto err; + } + + buf=(unsigned char *)Malloc(PEM_BUFSIZE*8); + if (buf == NULL) + { + reason=ERR_R_MALLOC_FAILURE; + goto err; + } + + i=j=0; + while (len > 0) + { + n=(int)((len>(PEM_BUFSIZE*5))?(PEM_BUFSIZE*5):len); + EVP_EncodeUpdate(&ctx,buf,&outl,&(data[j]),n); + if ((outl) && (BIO_write(bp,(char *)buf,outl) != outl)) + goto err; + i+=outl; + len-=n; + j+=n; + } + EVP_EncodeFinal(&ctx,buf,&outl); + if ((outl > 0) && (BIO_write(bp,(char *)buf,outl) != outl)) goto err; + Free(buf); + if ( (BIO_write(bp,"-----END ",9) != 9) || + (BIO_write(bp,name,nlen) != nlen) || + (BIO_write(bp,"-----\n",6) != 6)) + goto err; + return(i+outl); +err: + PEMerr(PEM_F_PEM_WRITE_BIO,reason); + return(0); + } + +#ifndef NO_FP_API +int PEM_read(fp, name, header, data,len) +FILE *fp; +char **name; +char **header; +unsigned char **data; +long *len; + { + BIO *b; + int ret; + + if ((b=BIO_new(BIO_s_file())) == NULL) + { + PEMerr(PEM_F_PEM_READ,ERR_R_BUF_LIB); + return(0); + } + BIO_set_fp(b,fp,BIO_NOCLOSE); + ret=PEM_read_bio(b, name, header, data,len); + BIO_free(b); + return(ret); + } +#endif + +int PEM_read_bio(bp, name, header, data, len) +BIO *bp; +char **name; +char **header; +unsigned char **data; +long *len; + { + EVP_ENCODE_CTX ctx; + int end=0,i,k,bl=0,hl=0,nohead=0; + char buf[256]; + BUF_MEM *nameB; + BUF_MEM *headerB; + BUF_MEM *dataB,*tmpB; + + nameB=BUF_MEM_new(); + headerB=BUF_MEM_new(); + dataB=BUF_MEM_new(); + if ((nameB == NULL) || (headerB == NULL) || (dataB == NULL)) + { + PEMerr(PEM_F_PEM_READ_BIO,ERR_R_MALLOC_FAILURE); + return(0); + } + + buf[254]='\0'; + for (;;) + { + i=BIO_gets(bp,buf,254); + + if (i <= 0) + { + PEMerr(PEM_F_PEM_READ_BIO,PEM_R_NO_START_LINE); + goto err; + } + + while ((i >= 0) && (buf[i] <= ' ')) i--; + buf[++i]='\n'; buf[++i]='\0'; + + if (strncmp(buf,"-----BEGIN ",11) == 0) + { + i=strlen(&(buf[11])); + + if (strncmp(&(buf[11+i-6]),"-----\n",6) != 0) + continue; + if (!BUF_MEM_grow(nameB,i+9)) + { + PEMerr(PEM_F_PEM_READ_BIO,ERR_R_MALLOC_FAILURE); + goto err; + } + strncpy(nameB->data,&(buf[11]),(unsigned int)i-6); + nameB->data[i-6]='\0'; + break; + } + } + hl=0; + if (!BUF_MEM_grow(headerB,256)) + { PEMerr(PEM_F_PEM_READ_BIO,ERR_R_MALLOC_FAILURE); goto err; } + headerB->data[0]='\0'; + for (;;) + { + i=BIO_gets(bp,buf,254); + if (i <= 0) break; + + while ((i >= 0) && (buf[i] <= ' ')) i--; + buf[++i]='\n'; buf[++i]='\0'; + + if (buf[0] == '\n') break; + if (!BUF_MEM_grow(headerB,hl+i+9)) + { PEMerr(PEM_F_PEM_READ_BIO,ERR_R_MALLOC_FAILURE); goto err; } + if (strncmp(buf,"-----END ",9) == 0) + { + nohead=1; + break; + } + strncpy(&(headerB->data[hl]),buf,(unsigned int)i); + headerB->data[hl+i]='\0'; + hl+=i; + } + + bl=0; + if (!BUF_MEM_grow(dataB,1024)) + { PEMerr(PEM_F_PEM_READ_BIO,ERR_R_MALLOC_FAILURE); goto err; } + dataB->data[0]='\0'; + if (!nohead) + { + for (;;) + { + i=BIO_gets(bp,buf,254); + if (i <= 0) break; + + while ((i >= 0) && (buf[i] <= ' ')) i--; + buf[++i]='\n'; buf[++i]='\0'; + + if (i != 65) end=1; + if (strncmp(buf,"-----END ",9) == 0) + break; + if (i > 65) break; + if (!BUF_MEM_grow(dataB,i+bl+9)) + { + PEMerr(PEM_F_PEM_READ_BIO,ERR_R_MALLOC_FAILURE); + goto err; + } + strncpy(&(dataB->data[bl]),buf,(unsigned int)i); + dataB->data[bl+i]='\0'; + bl+=i; + if (end) + { + buf[0]='\0'; + i=BIO_gets(bp,buf,254); + if (i <= 0) break; + + while ((i >= 0) && (buf[i] <= ' ')) i--; + buf[++i]='\n'; buf[++i]='\0'; + + break; + } + } + } + else + { + tmpB=headerB; + headerB=dataB; + dataB=tmpB; + bl=hl; + } + i=strlen(nameB->data); + if ( (strncmp(buf,"-----END ",9) != 0) || + (strncmp(nameB->data,&(buf[9]),(unsigned int)i) != 0) || + (strncmp(&(buf[9+i]),"-----\n",6) != 0)) + { + PEMerr(PEM_F_PEM_READ_BIO,PEM_R_BAD_END_LINE); + goto err; + } + + EVP_DecodeInit(&ctx); + i=EVP_DecodeUpdate(&ctx, + (unsigned char *)dataB->data,&bl, + (unsigned char *)dataB->data,bl); + if (i < 0) + { + PEMerr(PEM_F_PEM_READ_BIO,PEM_R_BAD_BASE64_DECODE); + goto err; + } + i=EVP_DecodeFinal(&ctx,(unsigned char *)&(dataB->data[bl]),&k); + if (i < 0) + { + PEMerr(PEM_F_PEM_READ_BIO,PEM_R_BAD_BASE64_DECODE); + goto err; + } + bl+=k; + + if (bl == 0) goto err; + *name=nameB->data; + *header=headerB->data; + *data=(unsigned char *)dataB->data; + *len=bl; + Free(nameB); + Free(headerB); + Free(dataB); + return(1); +err: + BUF_MEM_free(nameB); + BUF_MEM_free(headerB); + BUF_MEM_free(dataB); + return(0); + } diff --git a/src/lib/libcrypto/pem/pem_seal.c b/src/lib/libcrypto/pem/pem_seal.c new file mode 100644 index 0000000000..b4b36df453 --- /dev/null +++ b/src/lib/libcrypto/pem/pem_seal.c @@ -0,0 +1,191 @@ +/* crypto/pem/pem_seal.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include +#include "cryptlib.h" +#include "evp.h" +#include "rand.h" +#include "objects.h" +#include "x509.h" +#include "pem.h" + +int PEM_SealInit(ctx,type,md_type,ek,ekl,iv,pubk,npubk) +PEM_ENCODE_SEAL_CTX *ctx; +EVP_CIPHER *type; +EVP_MD *md_type; +unsigned char **ek; +int *ekl; +unsigned char *iv; +EVP_PKEY **pubk; +int npubk; + { + unsigned char key[EVP_MAX_KEY_LENGTH]; + int ret= -1; + int i,j,max=0; + char *s=NULL; + + for (i=0; itype != EVP_PKEY_RSA) + { + PEMerr(PEM_F_PEM_SEALINIT,PEM_R_PUBLIC_KEY_NO_RSA); + goto err; + } + j=RSA_size(pubk[i]->pkey.rsa); + if (j > max) max=j; + } + s=(char *)Malloc(max*2); + if (s == NULL) + { + PEMerr(PEM_F_PEM_SEALINIT,ERR_R_MALLOC_FAILURE); + goto err; + } + + EVP_EncodeInit(&(ctx->encode)); + EVP_SignInit(&(ctx->md),md_type); + + ret=EVP_SealInit(&(ctx->cipher),type,ek,ekl,iv,pubk,npubk); + if (!ret) goto err; + + /* base64 encode the keys */ + for (i=0; ipkey.rsa)); + ekl[i]=j; + memcpy(ek[i],s,j+1); + } + + ret=npubk; +err: + if (s != NULL) Free(s); + memset(key,0,EVP_MAX_KEY_LENGTH); + return(ret); + } + +void PEM_SealUpdate(ctx,out,outl,in,inl) +PEM_ENCODE_SEAL_CTX *ctx; +unsigned char *out; +int *outl; +unsigned char *in; +int inl; + { + unsigned char buffer[1600]; + int i,j; + + *outl=0; + EVP_SignUpdate(&(ctx->md),in,inl); + for (;;) + { + if (inl <= 0) break; + if (inl > 1200) + i=1200; + else + i=inl; + EVP_EncryptUpdate(&(ctx->cipher),buffer,&j,in,i); + EVP_EncodeUpdate(&(ctx->encode),out,&j,buffer,j); + *outl+=j; + out+=j; + in+=i; + inl-=i; + } + } + +int PEM_SealFinal(ctx,sig,sigl,out,outl,priv) +PEM_ENCODE_SEAL_CTX *ctx; +unsigned char *sig; +int *sigl; +unsigned char *out; +int *outl; +EVP_PKEY *priv; + { + unsigned char *s=NULL; + int ret=0,j; + unsigned int i; + + if (priv->type != EVP_PKEY_RSA) + { + PEMerr(PEM_F_PEM_SEALFINAL,PEM_R_PUBLIC_KEY_NO_RSA); + goto err; + } + i=RSA_size(priv->pkey.rsa); + if (i < 100) i=100; + s=(unsigned char *)Malloc(i*2); + if (s == NULL) + { + PEMerr(PEM_F_PEM_SEALFINAL,ERR_R_MALLOC_FAILURE); + goto err; + } + + EVP_EncryptFinal(&(ctx->cipher),s,(int *)&i); + EVP_EncodeUpdate(&(ctx->encode),out,&j,s,i); + *outl=j; + out+=j; + EVP_EncodeFinal(&(ctx->encode),out,&j); + *outl+=j; + + if (!EVP_SignFinal(&(ctx->md),s,&i,priv)) goto err; + *sigl=EVP_EncodeBlock(sig,s,i); + + ret=1; +err: + memset((char *)&(ctx->md),0,sizeof(ctx->md)); + memset((char *)&(ctx->cipher),0,sizeof(ctx->cipher)); + if (s != NULL) Free(s); + return(ret); + } diff --git a/src/lib/libcrypto/pem/pem_sign.c b/src/lib/libcrypto/pem/pem_sign.c new file mode 100644 index 0000000000..d56f9f9e14 --- /dev/null +++ b/src/lib/libcrypto/pem/pem_sign.c @@ -0,0 +1,109 @@ +/* crypto/pem/pem_sign.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include +#include "cryptlib.h" +#include "rand.h" +#include "evp.h" +#include "objects.h" +#include "x509.h" +#include "pem.h" + +void PEM_SignInit(ctx,type) +EVP_MD_CTX *ctx; +EVP_MD *type; + { + EVP_DigestInit(ctx,type); + } + +void PEM_SignUpdate(ctx,data,count) +EVP_MD_CTX *ctx; +unsigned char *data; +unsigned int count; + { + EVP_DigestUpdate(ctx,data,count); + } + +int PEM_SignFinal(ctx,sigret,siglen,pkey) +EVP_MD_CTX *ctx; +unsigned char *sigret; +unsigned int *siglen; +EVP_PKEY *pkey; + { + unsigned char *m; + int i,ret=0; + unsigned int m_len; + + m=(unsigned char *)Malloc(EVP_PKEY_size(pkey)+2); + if (m == NULL) + { + PEMerr(PEM_F_PEM_SIGNFINAL,ERR_R_MALLOC_FAILURE); + goto err; + } + + if (EVP_SignFinal(ctx,m,&m_len,pkey) <= 0) goto err; + + i=EVP_EncodeBlock(sigret,m,m_len); + *siglen=i; + ret=1; +err: + /* ctx has been zeroed by EVP_SignFinal() */ + if (m != NULL) Free(m); + return(ret); + } + diff --git a/src/lib/libcrypto/pem/pkcs7.lis b/src/lib/libcrypto/pem/pkcs7.lis new file mode 100644 index 0000000000..be90c5d87f --- /dev/null +++ b/src/lib/libcrypto/pem/pkcs7.lis @@ -0,0 +1,22 @@ +21 0:d=0 hl=2 l= 0 cons: univ: SEQUENCE + 00 2:d=0 hl=2 l= 9 prim: univ: OBJECT_IDENTIFIER :pkcs-7-signedData + 21 13:d=0 hl=2 l= 0 cons: cont: 00 # explicit tag + 21 15:d=0 hl=2 l= 0 cons: univ: SEQUENCE + 00 17:d=0 hl=2 l= 1 prim: univ: INTEGER # version + 20 20:d=0 hl=2 l= 0 cons: univ: SET + 21 22:d=0 hl=2 l= 0 cons: univ: SEQUENCE + 00 24:d=0 hl=2 l= 9 prim: univ: OBJECT_IDENTIFIER :pkcs-7-data + 00 35:d=0 hl=2 l= 0 prim: univ: EOC + 21 37:d=0 hl=2 l= 0 cons: cont: 00 # cert tag + 20 39:d=0 hl=4 l=545 cons: univ: SEQUENCE + 20 588:d=0 hl=4 l=524 cons: univ: SEQUENCE + 00 1116:d=0 hl=2 l= 0 prim: univ: EOC + 21 1118:d=0 hl=2 l= 0 cons: cont: 01 # crl tag + 20 1120:d=0 hl=4 l=653 cons: univ: SEQUENCE + 20 1777:d=0 hl=4 l=285 cons: univ: SEQUENCE + 00 2066:d=0 hl=2 l= 0 prim: univ: EOC + 21 2068:d=0 hl=2 l= 0 cons: univ: SET # signers + 00 2070:d=0 hl=2 l= 0 prim: univ: EOC + 00 2072:d=0 hl=2 l= 0 prim: univ: EOC + 00 2074:d=0 hl=2 l= 0 prim: univ: EOC +00 2076:d=0 hl=2 l= 0 prim: univ: EOC diff --git a/src/lib/libcrypto/perlasm/cbc.pl b/src/lib/libcrypto/perlasm/cbc.pl new file mode 100644 index 0000000000..2789305790 --- /dev/null +++ b/src/lib/libcrypto/perlasm/cbc.pl @@ -0,0 +1,342 @@ +#!/usr/bin/perl + +# void des_ncbc_encrypt(input, output, length, schedule, ivec, enc) +# des_cblock (*input); +# des_cblock (*output); +# long length; +# des_key_schedule schedule; +# des_cblock (*ivec); +# int enc; +# +# calls +# des_encrypt((DES_LONG *)tin,schedule,DES_ENCRYPT); +# + +#&cbc("des_ncbc_encrypt","des_encrypt",0); +#&cbc("BF_cbc_encrypt","BF_encrypt","BF_encrypt", +# 1,4,5,3,5,-1); +#&cbc("des_ncbc_encrypt","des_encrypt","des_encrypt", +# 0,4,5,3,5,-1); +#&cbc("des_ede3_cbc_encrypt","des_encrypt3","des_decrypt3", +# 0,6,7,3,4,5); +# +# When doing a cipher that needs bigendian order, +# for encrypt, the iv is kept in bigendian form, +# while for decrypt, it is kept in little endian. +sub cbc + { + local($name,$enc_func,$dec_func,$swap,$iv_off,$enc_off,$p1,$p2,$p3)=@_; + # name is the function name + # enc_func and dec_func and the functions to call for encrypt/decrypt + # swap is true if byte order needs to be reversed + # iv_off is parameter number for the iv + # enc_off is parameter number for the encrypt/decrypt flag + # p1,p2,p3 are the offsets for parameters to be passed to the + # underlying calls. + + &function_begin_B($name,""); + &comment(""); + + $in="esi"; + $out="edi"; + $count="ebp"; + + &push("ebp"); + &push("ebx"); + &push("esi"); + &push("edi"); + + $data_off=4; + $data_off+=4 if ($p1 > 0); + $data_off+=4 if ($p2 > 0); + $data_off+=4 if ($p3 > 0); + + &mov($count, &wparam(2)); # length + + &comment("getting iv ptr from parameter $iv_off"); + &mov("ebx", &wparam($iv_off)); # Get iv ptr + + &mov($in, &DWP(0,"ebx","",0));# iv[0] + &mov($out, &DWP(4,"ebx","",0));# iv[1] + + &push($out); + &push($in); + &push($out); # used in decrypt for iv[1] + &push($in); # used in decrypt for iv[0] + + &mov("ebx", "esp"); # This is the address of tin[2] + + &mov($in, &wparam(0)); # in + &mov($out, &wparam(1)); # out + + # We have loaded them all, how lets push things + &comment("getting encrypt flag from parameter $enc_off"); + &mov("ecx", &wparam($enc_off)); # Get enc flag + if ($p3 > 0) + { + &comment("get and push parameter $p3"); + if ($enc_off != $p3) + { &mov("eax", &wparam($p3)); &push("eax"); } + else { &push("ecx"); } + } + if ($p2 > 0) + { + &comment("get and push parameter $p2"); + if ($enc_off != $p2) + { &mov("eax", &wparam($p2)); &push("eax"); } + else { &push("ecx"); } + } + if ($p1 > 0) + { + &comment("get and push parameter $p1"); + if ($enc_off != $p1) + { &mov("eax", &wparam($p1)); &push("eax"); } + else { &push("ecx"); } + } + &push("ebx"); # push data/iv + + &cmp("ecx",0); + &jz(&label("decrypt")); + + &and($count,0xfffffff8); + &mov("eax", &DWP($data_off,"esp","",0)); # load iv[0] + &mov("ebx", &DWP($data_off+4,"esp","",0)); # load iv[1] + + &jz(&label("encrypt_finish")); + + ############################################################# + + &set_label("encrypt_loop"); + # encrypt start + # "eax" and "ebx" hold iv (or the last cipher text) + + &mov("ecx", &DWP(0,$in,"",0)); # load first 4 bytes + &mov("edx", &DWP(4,$in,"",0)); # second 4 bytes + + &xor("eax", "ecx"); + &xor("ebx", "edx"); + + &bswap("eax") if $swap; + &bswap("ebx") if $swap; + + &mov(&DWP($data_off,"esp","",0), "eax"); # put in array for call + &mov(&DWP($data_off+4,"esp","",0), "ebx"); # + + &call($enc_func); + + &mov("eax", &DWP($data_off,"esp","",0)); + &mov("ebx", &DWP($data_off+4,"esp","",0)); + + &bswap("eax") if $swap; + &bswap("ebx") if $swap; + + &mov(&DWP(0,$out,"",0),"eax"); + &mov(&DWP(4,$out,"",0),"ebx"); + + # eax and ebx are the next iv. + + &add($in, 8); + &add($out, 8); + + &sub($count, 8); + &jnz(&label("encrypt_loop")); + +###################################################################3 + &set_label("encrypt_finish"); + &mov($count, &wparam(2)); # length + &and($count, 7); + &jz(&label("finish")); + &xor("ecx","ecx"); + &xor("edx","edx"); + &mov($count,&DWP(&label("cbc_enc_jmp_table"),"",$count,4)); + &jmp_ptr($count); + +&set_label("ej7"); + &xor("edx", "edx") if $ppro; # ppro friendly + &movb(&HB("edx"), &BP(6,$in,"",0)); + &shl("edx",8); +&set_label("ej6"); + &movb(&HB("edx"), &BP(5,$in,"",0)); +&set_label("ej5"); + &movb(&LB("edx"), &BP(4,$in,"",0)); +&set_label("ej4"); + &mov("ecx", &DWP(0,$in,"",0)); + &jmp(&label("ejend")); +&set_label("ej3"); + &movb(&HB("ecx"), &BP(2,$in,"",0)); + &xor("ecx", "ecx") if $ppro; # ppro friendly + &shl("ecx",8); +&set_label("ej2"); + &movb(&HB("ecx"), &BP(1,$in,"",0)); +&set_label("ej1"); + &movb(&LB("ecx"), &BP(0,$in,"",0)); +&set_label("ejend"); + + &xor("eax", "ecx"); + &xor("ebx", "edx"); + + &bswap("eax") if $swap; + &bswap("ebx") if $swap; + + &mov(&DWP($data_off,"esp","",0), "eax"); # put in array for call + &mov(&DWP($data_off+4,"esp","",0), "ebx"); # + + &call($enc_func); + + &mov("eax", &DWP($data_off,"esp","",0)); + &mov("ebx", &DWP($data_off+4,"esp","",0)); + + &bswap("eax") if $swap; + &bswap("ebx") if $swap; + + &mov(&DWP(0,$out,"",0),"eax"); + &mov(&DWP(4,$out,"",0),"ebx"); + + &jmp(&label("finish")); + + ############################################################# + ############################################################# + &set_label("decrypt",1); + # decrypt start + &and($count,0xfffffff8); + # The next 2 instructions are only for if the jz is taken + &mov("eax", &DWP($data_off+8,"esp","",0)); # get iv[0] + &mov("ebx", &DWP($data_off+12,"esp","",0)); # get iv[1] + &jz(&label("decrypt_finish")); + + &set_label("decrypt_loop"); + &mov("eax", &DWP(0,$in,"",0)); # load first 4 bytes + &mov("ebx", &DWP(4,$in,"",0)); # second 4 bytes + + &bswap("eax") if $swap; + &bswap("ebx") if $swap; + + &mov(&DWP($data_off,"esp","",0), "eax"); # put back + &mov(&DWP($data_off+4,"esp","",0), "ebx"); # + + &call($dec_func); + + &mov("eax", &DWP($data_off,"esp","",0)); # get return + &mov("ebx", &DWP($data_off+4,"esp","",0)); # + + &bswap("eax") if $swap; + &bswap("ebx") if $swap; + + &mov("ecx", &DWP($data_off+8,"esp","",0)); # get iv[0] + &mov("edx", &DWP($data_off+12,"esp","",0)); # get iv[1] + + &xor("ecx", "eax"); + &xor("edx", "ebx"); + + &mov("eax", &DWP(0,$in,"",0)); # get old cipher text, + &mov("ebx", &DWP(4,$in,"",0)); # next iv actually + + &mov(&DWP(0,$out,"",0),"ecx"); + &mov(&DWP(4,$out,"",0),"edx"); + + &mov(&DWP($data_off+8,"esp","",0), "eax"); # save iv + &mov(&DWP($data_off+12,"esp","",0), "ebx"); # + + &add($in, 8); + &add($out, 8); + + &sub($count, 8); + &jnz(&label("decrypt_loop")); +############################ ENDIT #######################3 + &set_label("decrypt_finish"); + &mov($count, &wparam(2)); # length + &and($count, 7); + &jz(&label("finish")); + + &mov("eax", &DWP(0,$in,"",0)); # load first 4 bytes + &mov("ebx", &DWP(4,$in,"",0)); # second 4 bytes + + &bswap("eax") if $swap; + &bswap("ebx") if $swap; + + &mov(&DWP($data_off,"esp","",0), "eax"); # put back + &mov(&DWP($data_off+4,"esp","",0), "ebx"); # + + &call($dec_func); + + &mov("eax", &DWP($data_off,"esp","",0)); # get return + &mov("ebx", &DWP($data_off+4,"esp","",0)); # + + &bswap("eax") if $swap; + &bswap("ebx") if $swap; + + &mov("ecx", &DWP($data_off+8,"esp","",0)); # get iv[0] + &mov("edx", &DWP($data_off+12,"esp","",0)); # get iv[1] + + &xor("ecx", "eax"); + &xor("edx", "ebx"); + + # this is for when we exit + &mov("eax", &DWP(0,$in,"",0)); # get old cipher text, + &mov("ebx", &DWP(4,$in,"",0)); # next iv actually + +&set_label("dj7"); + &rotr("edx", 16); + &movb(&BP(6,$out,"",0), &LB("edx")); + &shr("edx",16); +&set_label("dj6"); + &movb(&BP(5,$out,"",0), &HB("edx")); +&set_label("dj5"); + &movb(&BP(4,$out,"",0), &LB("edx")); +&set_label("dj4"); + &mov(&DWP(0,$out,"",0), "ecx"); + &jmp(&label("djend")); +&set_label("dj3"); + &rotr("ecx", 16); + &movb(&BP(2,$out,"",0), &LB("ecx")); + &shl("ecx",16); +&set_label("dj2"); + &movb(&BP(1,$in,"",0), &HB("ecx")); +&set_label("dj1"); + &movb(&BP(0,$in,"",0), &LB("ecx")); +&set_label("djend"); + + # final iv is still in eax:ebx + &jmp(&label("finish")); + + +############################ FINISH #######################3 + &set_label("finish",1); + &mov("ecx", &wparam($iv_off)); # Get iv ptr + + ################################################# + $total=16+4; + $total+=4 if ($p1 > 0); + $total+=4 if ($p2 > 0); + $total+=4 if ($p3 > 0); + &add("esp",$total); + + &mov(&DWP(0,"ecx","",0), "eax"); # save iv + &mov(&DWP(4,"ecx","",0), "ebx"); # save iv + + &function_end_A($name); + + &set_label("cbc_enc_jmp_table",1); + &data_word("0"); + &data_word(&label("ej1")); + &data_word(&label("ej2")); + &data_word(&label("ej3")); + &data_word(&label("ej4")); + &data_word(&label("ej5")); + &data_word(&label("ej6")); + &data_word(&label("ej7")); + &set_label("cbc_dec_jmp_table",1); + &data_word("0"); + &data_word(&label("dj1")); + &data_word(&label("dj2")); + &data_word(&label("dj3")); + &data_word(&label("dj4")); + &data_word(&label("dj5")); + &data_word(&label("dj6")); + &data_word(&label("dj7")); + + &function_end_B($name); + + } + +1; diff --git a/src/lib/libcrypto/perlasm/readme b/src/lib/libcrypto/perlasm/readme new file mode 100644 index 0000000000..f02bbee75a --- /dev/null +++ b/src/lib/libcrypto/perlasm/readme @@ -0,0 +1,124 @@ +The perl scripts in this directory are my 'hack' to generate +multiple different assembler formats via the one origional script. + +The way to use this library is to start with adding the path to this directory +and then include it. + +push(@INC,"perlasm","../../perlasm"); +require "x86asm.pl"; + +The first thing we do is setup the file and type of assember + +&asm_init($ARGV[0],$0); + +The first argument is the 'type'. Currently +'cpp', 'sol', 'a.out', 'elf' or 'win32'. +Argument 2 is the file name. + +The reciprocal function is +&asm_finish() which should be called at the end. + +There are 2 main 'packages'. x86ms.pl, which is the microsoft assembler, +and x86unix.pl which is the unix (gas) version. + +Functions of interest are: +&external_label("des_SPtrans"); declare and external variable +&LB(reg); Low byte for a register +&HB(reg); High byte for a register +&BP(off,base,index,scale) Byte pointer addressing +&DWP(off,base,index,scale) Word pointer addressing +&stack_push(num) Basically a 'sub esp, num*4' with extra +&stack_pop(num) inverse of stack_push +&function_begin(name,extra) Start a function with pushing of + edi, esi, ebx and ebp. extra is extra win32 + external info that may be required. +&function_begin_B(name,extra) Same as norma function_begin but no pushing. +&function_end(name) Call at end of function. +&function_end_A(name) Standard pop and ret, for use inside functions +&function_end_B(name) Call at end but with poping or 'ret'. +&swtmp(num) Address on stack temp word. +&wparam(num) Parameter number num, that was push + in C convention. This all works over pushes + and pops. +&comment("hello there") Put in a comment. +&label("loop") Refer to a label, normally a jmp target. +&set_label("loop") Set a label at this point. +&data_word(word) Put in a word of data. + +So how does this all hold together? Given + +int calc(int len, int *data) + { + int i,j=0; + + for (i=0; i"); +&comment(""); + + $filename =~ s/\.pl$//; + &file($filename); + } + +sub asm_finish_cpp + { + return unless $cpp; + + local($tmp,$i); + foreach $i (&get_labels()) + { + $tmp.="#define $i _$i\n"; + } + print <<"EOF"; +/* Run the C pre-processor over this file with one of the following defined + * ELF - elf object files, + * OUT - a.out object files, + * BSDI - BSDI style a.out object files + * SOL - Solaris style elf + */ + +#define TYPE(a,b) .type a,b +#define SIZE(a,b) .size a,b + +#if defined(OUT) || defined(BSDI) +$tmp +#endif + +#ifdef OUT +#define OK 1 +#define ALIGN 4 +#endif + +#ifdef BSDI +#define OK 1 +#define ALIGN 4 +#undef SIZE +#undef TYPE +#define SIZE(a,b) +#define TYPE(a,b) +#endif + +#if defined(ELF) || defined(SOL) +#define OK 1 +#define ALIGN 16 +#endif + +#ifndef OK +You need to define one of +ELF - elf systems - linux-elf, NetBSD and DG-UX +OUT - a.out systems - linux-a.out and FreeBSD +SOL - solaris systems, which are elf with strange comment lines +BSDI - a.out with a very primative version of as. +#endif + +/* Let the Assembler begin :-) */ +EOF + } + +1; diff --git a/src/lib/libcrypto/pkcs7/pk7_doit.c b/src/lib/libcrypto/pkcs7/pk7_doit.c new file mode 100644 index 0000000000..b5689b3fe4 --- /dev/null +++ b/src/lib/libcrypto/pkcs7/pk7_doit.c @@ -0,0 +1,408 @@ +/* crypto/pkcs7/pk7_doit.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include +#include "cryptlib.h" +#include "rand.h" +#include "objects.h" +#include "x509.h" + +BIO *PKCS7_dataInit(p7,bio) +PKCS7 *p7; +BIO *bio; + { + int i,j; + BIO *out=NULL,*btmp; + X509_ALGOR *xa; + EVP_MD *evp_md; + EVP_CIPHER *evp_cipher=NULL; + STACK *md_sk=NULL,*rsk=NULL; + X509_ALGOR *xalg=NULL; + PKCS7_RECIP_INFO *ri=NULL; + EVP_PKEY *pkey; + + i=OBJ_obj2nid(p7->type); + p7->state=PKCS7_S_HEADER; + + switch (i) + { + case NID_pkcs7_signed: + md_sk=p7->d.sign->md_algs; + break; + case NID_pkcs7_signedAndEnveloped: + rsk=p7->d.signed_and_enveloped->recipientinfo; + md_sk=p7->d.signed_and_enveloped->md_algs; + evp_cipher=EVP_get_cipherbyname(OBJ_nid2sn(OBJ_obj2nid(p7->d.signed_and_enveloped->enc_data->algorithm->algorithm))); + if (evp_cipher == NULL) + { + PKCS7err(PKCS7_F_PKCS7_DATAINIT,PKCS7_R_UNSUPPORTED_CIPHER_TYPE); + goto err; + } + xalg=p7->d.signed_and_enveloped->enc_data->algorithm; + break; + default: + PKCS7err(PKCS7_F_PKCS7_DATAINIT,PKCS7_R_UNSUPPORTED_CONTENT_TYPE); + goto err; + } + + if (md_sk != NULL) + { + for (i=0; ialgorithm); + evp_md=EVP_get_digestbyname(OBJ_nid2sn(j)); + if (evp_md == NULL) + { + PKCS7err(PKCS7_F_PKCS7_DATAINIT,PKCS7_R_UNKNOWN_DIGEST_TYPE); + goto err; + } + + BIO_set_md(btmp,evp_md); + if (out == NULL) + out=btmp; + else + BIO_push(out,btmp); + } + } + + if (evp_cipher != NULL) + { + unsigned char key[EVP_MAX_KEY_LENGTH]; + unsigned char iv[EVP_MAX_IV_LENGTH]; + int keylen,ivlen; + int jj,max; + unsigned char *tmp; + + if ((btmp=BIO_new(BIO_f_cipher())) == NULL) goto err; + keylen=EVP_CIPHER_key_length(evp_cipher); + ivlen=EVP_CIPHER_iv_length(evp_cipher); + + if (ivlen > 0) + { + ASN1_OCTET_STRING *os; + + RAND_bytes(iv,ivlen); + os=ASN1_OCTET_STRING_new(); + ASN1_OCTET_STRING_set(os,iv,ivlen); + /* ASN1_TYPE_set(xalg->parameter,V_ASN1_OCTET_STRING, + (char *)os); + */ } + RAND_bytes(key,keylen); + + /* Lets do the pub key stuff :-) */ + max=0; + for (i=0; icert == NULL) abort(); + pkey=X509_get_pubkey(ri->cert); + jj=EVP_PKEY_size(pkey); + if (max < jj) max=jj; + } + if ((tmp=(unsigned char *)Malloc(max)) == NULL) abort(); + for (i=0; icert); + jj=EVP_PKEY_encrypt(tmp,key,keylen,pkey); + if (jj <= 0) abort(); + ASN1_OCTET_STRING_set(ri->enc_key,tmp,jj); + } + + BIO_set_cipher(btmp,evp_cipher,key,iv,1); + + if (out == NULL) + out=btmp; + else + BIO_push(out,btmp); + } + + if (bio == NULL) /* ??????????? */ + { + if (p7->detached) + bio=BIO_new(BIO_s_null()); + else + { + bio=BIO_new(BIO_s_mem()); + if (PKCS7_type_is_signed(p7) && + PKCS7_type_is_data(p7->d.sign->contents)) + { + ASN1_OCTET_STRING *os; + + os=p7->d.sign->contents->d.data; + if (os->length > 0) + BIO_write(bio,(char *)os->data, + os->length); + } + } + } + BIO_push(out,bio); + return(out); +err: + return(NULL); + } + +int PKCS7_dataSign(p7,bio) +PKCS7 *p7; +BIO *bio; + { + int ret=0; + int i,j; + BIO *btmp; + BUF_MEM *buf_mem=NULL; + BUF_MEM *buf=NULL; + PKCS7_SIGNER_INFO *si; + EVP_MD_CTX *mdc,ctx_tmp; + STACK *sk,*si_sk=NULL; + unsigned char *p,*pp=NULL; + int x; + ASN1_OCTET_STRING *os=NULL; + + i=OBJ_obj2nid(p7->type); + p7->state=PKCS7_S_HEADER; + + switch (i) + { + case NID_pkcs7_signedAndEnveloped: + /* XXXXXXXXXXXXXXXX */ + si_sk=p7->d.signed_and_enveloped->signer_info; + os=ASN1_OCTET_STRING_new(); + p7->d.signed_and_enveloped->enc_data->enc_data=os; + break; + case NID_pkcs7_signed: + si_sk=p7->d.sign->signer_info; + os=p7->d.sign->contents->d.data; + break; + } + + if (si_sk != NULL) + { + if ((buf=BUF_MEM_new()) == NULL) goto err; + for (i=0; ipkey == NULL) + continue; + j=OBJ_obj2nid(si->digest_enc_alg->algorithm); + + btmp=bio; + for (;;) + { + if ((btmp=BIO_find_type(btmp,BIO_TYPE_MD)) + == NULL) + { + PKCS7err(PKCS7_F_PKCS7_DATASIGN,PKCS7_R_UNABLE_TO_FIND_MESSAGE_DIGEST); + goto err; + } + BIO_get_md_ctx(btmp,&mdc); + if (mdc == NULL) + { + PKCS7err(PKCS7_F_PKCS7_DATASIGN,PKCS7_R_INTERNAL_ERROR); + goto err; + } + if (EVP_MD_pkey_type(EVP_MD_CTX_type(mdc)) == j) + break; + else + btmp=btmp->next_bio; + } + + /* We now have the EVP_MD_CTX, lets do the + * signing. */ + memcpy(&ctx_tmp,mdc,sizeof(ctx_tmp)); + if (!BUF_MEM_grow(buf,EVP_PKEY_size(si->pkey))) + goto err; + + sk=si->auth_attr; + if ((sk != NULL) && (sk_num(sk) != 0)) + { + x=i2d_ASN1_SET(sk,NULL,i2d_X509_ATTRIBUTE, + V_ASN1_SET,V_ASN1_UNIVERSAL); + pp=(unsigned char *)Malloc(i); + p=pp; + i2d_ASN1_SET(sk,&p,i2d_X509_ATTRIBUTE, + V_ASN1_SET,V_ASN1_UNIVERSAL); + EVP_SignUpdate(&ctx_tmp,pp,x); + Free(pp); + } + + if (!EVP_SignFinal(&ctx_tmp,(unsigned char *)buf->data, + (unsigned int *)&buf->length,si->pkey)) + goto err; + if (!ASN1_STRING_set(si->enc_digest, + (unsigned char *)buf->data,buf->length)) + goto err; + } + if (p7->detached) + ASN1_OCTET_STRING_set(os,(unsigned char *)"",0); + else + { + btmp=BIO_find_type(bio,BIO_TYPE_MEM); + if (btmp == NULL) + { + PKCS7err(PKCS7_F_PKCS7_DATASIGN,PKCS7_R_UNABLE_TO_FIND_MEM_BIO); + goto err; + } + BIO_get_mem_ptr(btmp,&buf_mem); + ASN1_OCTET_STRING_set(os, + (unsigned char *)buf_mem->data,buf_mem->length); + } + if (pp != NULL) Free(pp); + pp=NULL; + } + + ret=1; +err: + if (buf != NULL) BUF_MEM_free(buf); + return(ret); + } + +int PKCS7_dataVerify(cert_store,ctx,bio,p7,si) +X509_STORE *cert_store; +X509_STORE_CTX *ctx; +BIO *bio; +PKCS7 *p7; +PKCS7_SIGNER_INFO *si; + { + PKCS7_SIGNED *s; + ASN1_OCTET_STRING *os; + EVP_MD_CTX mdc_tmp,*mdc; + unsigned char *pp,*p; + PKCS7_ISSUER_AND_SERIAL *ias; + int ret=0,md_type,i; + STACK *sk; + BIO *btmp; + X509 *x509; + + if (!PKCS7_type_is_signed(p7)) abort(); + /* XXXXXXXXXXXXXXXXXXXXXXX */ + ias=si->issuer_and_serial; + s=p7->d.sign; + + x509=X509_find_by_issuer_and_serial(s->cert,ias->issuer,ias->serial); + + /* were we able to find the cert in passed to us */ + if (x509 == NULL) + { + PKCS7err(PKCS7_F_PKCS7_DATAVERIFY,PKCS7_R_UNABLE_TO_FIND_CERTIFICATE); + goto err; + } + + /* Lets verify */ + X509_STORE_CTX_init(ctx,cert_store,x509,s->cert); + i=X509_verify_cert(ctx); + if (i <= 0) goto err; + X509_STORE_CTX_cleanup(ctx); + + /* So we like 'x509', lets check the signature. */ + md_type=OBJ_obj2nid(si->digest_alg->algorithm); + + btmp=bio; + for (;;) + { + if ((btmp == NULL) || + ((btmp=BIO_find_type(btmp,BIO_TYPE_MD)) == NULL)) + { + PKCS7err(PKCS7_F_PKCS7_DATAVERIFY,PKCS7_R_UNABLE_TO_FIND_MESSAGE_DIGEST); + goto err; + } + BIO_get_md_ctx(btmp,&mdc); + if (mdc == NULL) + { + PKCS7err(PKCS7_F_PKCS7_DATAVERIFY,PKCS7_R_INTERNAL_ERROR); + goto err; + } + if (EVP_MD_type(EVP_MD_CTX_type(mdc)) == md_type) + break; + btmp=btmp->next_bio; + } + + /* mdc is the digest ctx that we want */ + memcpy(&mdc_tmp,mdc,sizeof(mdc_tmp)); + + sk=si->auth_attr; + if ((sk != NULL) && (sk_num(sk) != 0)) + { + i=i2d_ASN1_SET(sk,NULL,i2d_X509_ATTRIBUTE, + V_ASN1_SET,V_ASN1_UNIVERSAL); + pp=(unsigned char *)malloc(i); + p=pp; + i2d_ASN1_SET(sk,&p,i2d_X509_ATTRIBUTE, + V_ASN1_SET,V_ASN1_UNIVERSAL); + EVP_VerifyUpdate(&mdc_tmp,pp,i); + free(pp); + } + + os=si->enc_digest; + i=EVP_VerifyFinal(&mdc_tmp,os->data,os->length, + X509_get_pubkey(x509)); + if (i <= 0) + { + PKCS7err(PKCS7_F_PKCS7_DATAVERIFY,PKCS7_R_SIGNATURE_FAILURE); + ret= -1; + goto err; + } + else + ret=1; +err: + return(ret); + } + diff --git a/src/lib/libcrypto/pkcs7/pk7_lib.c b/src/lib/libcrypto/pkcs7/pk7_lib.c new file mode 100644 index 0000000000..7d14ad1173 --- /dev/null +++ b/src/lib/libcrypto/pkcs7/pk7_lib.c @@ -0,0 +1,449 @@ +/* crypto/pkcs7/pk7_lib.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include +#include "cryptlib.h" +#include "objects.h" +#include "x509.h" + +long PKCS7_ctrl(p7,cmd,larg,parg) +PKCS7 *p7; +int cmd; +long larg; +char *parg; + { + int nid; + long ret; + + nid=OBJ_obj2nid(p7->type); + + switch (cmd) + { + case PKCS7_OP_SET_DETACHED_SIGNATURE: + if (nid == NID_pkcs7_signed) + { + ret=p7->detached=(int)larg; + } + else + { + PKCS7err(PKCS7_F_PKCS7_CTRL,PKCS7_R_OPERATION_NOT_SUPPORTED_ON_THIS_TYPE); + ret=0; + } + break; + case PKCS7_OP_GET_DETACHED_SIGNATURE: + if (nid == NID_pkcs7_signed) + { + ret=p7->detached; + } + else + { + PKCS7err(PKCS7_F_PKCS7_CTRL,PKCS7_R_OPERATION_NOT_SUPPORTED_ON_THIS_TYPE); + ret=0; + } + + break; + default: + abort(); + } + return(ret); + } + +int PKCS7_content_new(p7,type) +PKCS7 *p7; +int type; + { + PKCS7 *ret=NULL; + + if ((ret=PKCS7_new()) == NULL) goto err; + if (!PKCS7_set_type(ret,type)) goto err; + if (!PKCS7_set_content(p7,ret)) goto err; + + return(1); +err: + if (ret != NULL) PKCS7_free(ret); + return(0); + } + +int PKCS7_set_content(p7,p7_data) +PKCS7 *p7; +PKCS7 *p7_data; + { + int i; + + i=OBJ_obj2nid(p7->type); + switch (i) + { + case NID_pkcs7_signed: + if (p7->d.sign->contents != NULL) + PKCS7_content_free(p7->d.sign->contents); + p7->d.sign->contents=p7_data; + break; + case NID_pkcs7_digest: + case NID_pkcs7_data: + case NID_pkcs7_enveloped: + case NID_pkcs7_signedAndEnveloped: + case NID_pkcs7_encrypted: + default: + PKCS7err(PKCS7_F_PKCS7_SET_CONTENT,PKCS7_R_UNSUPPORTED_CONTENT_TYPE); + goto err; + } + return(1); +err: + return(0); + } + +int PKCS7_set_type(p7,type) +PKCS7 *p7; +int type; + { + ASN1_OBJECT *obj; + + PKCS7_content_free(p7); + obj=OBJ_nid2obj(type); /* will not fail */ + + switch (type) + { + case NID_pkcs7_signed: + p7->type=obj; + if ((p7->d.sign=PKCS7_SIGNED_new()) == NULL) + goto err; + ASN1_INTEGER_set(p7->d.sign->version,1); + break; + case NID_pkcs7_data: + p7->type=obj; + if ((p7->d.data=ASN1_OCTET_STRING_new()) == NULL) + goto err; + break; + case NID_pkcs7_signedAndEnveloped: + p7->type=obj; + if ((p7->d.signed_and_enveloped=PKCS7_SIGN_ENVELOPE_new()) + == NULL) + goto err; + ASN1_INTEGER_set(p7->d.sign->version,1); + break; + case NID_pkcs7_digest: + case NID_pkcs7_enveloped: + case NID_pkcs7_encrypted: + default: + PKCS7err(PKCS7_F_PKCS7_SET_TYPE,PKCS7_R_UNSUPPORTED_CONTENT_TYPE); + goto err; + } + return(1); +err: + return(0); + } + +int PKCS7_add_signer(p7,psi) +PKCS7 *p7; +PKCS7_SIGNER_INFO *psi; + { + int i,j,nid; + X509_ALGOR *alg; + STACK *signer_sk; + STACK *md_sk; + + i=OBJ_obj2nid(p7->type); + switch (i) + { + case NID_pkcs7_signed: + signer_sk= p7->d.sign->signer_info; + md_sk= p7->d.sign->md_algs; + break; + case NID_pkcs7_signedAndEnveloped: + signer_sk= p7->d.signed_and_enveloped->signer_info; + md_sk= p7->d.signed_and_enveloped->md_algs; + break; + default: + PKCS7err(PKCS7_F_PKCS7_ADD_SIGNER,PKCS7_R_WRONG_CONTENT_TYPE); + return(0); + } + + nid=OBJ_obj2nid(psi->digest_alg->algorithm); + + /* If the digest is not currently listed, add it */ + j=0; + for (i=0; ialgorithm) == nid) + { + j=1; + break; + } + } + if (!j) /* we need to add another algorithm */ + { + alg=X509_ALGOR_new(); + alg->algorithm=OBJ_nid2obj(nid); + sk_push(md_sk,(char *)alg); + } + + sk_push(signer_sk,(char *)psi); + return(1); + } + +int PKCS7_add_certificate(p7,x509) +PKCS7 *p7; +X509 *x509; + { + int i; + STACK **sk; + + i=OBJ_obj2nid(p7->type); + switch (i) + { + case NID_pkcs7_signed: + sk= &(p7->d.sign->cert); + break; + case NID_pkcs7_signedAndEnveloped: + sk= &(p7->d.signed_and_enveloped->cert); + break; + default: + PKCS7err(PKCS7_F_PKCS7_ADD_CERTIFICATE,PKCS7_R_WRONG_CONTENT_TYPE); + return(0); + } + + if (*sk == NULL) + *sk=sk_new_null(); + CRYPTO_add(&x509->references,1,CRYPTO_LOCK_X509); + sk_push(*sk,(char *)x509); + return(1); + } + +int PKCS7_add_crl(p7,crl) +PKCS7 *p7; +X509_CRL *crl; + { + int i; + STACK **sk; + + i=OBJ_obj2nid(p7->type); + switch (i) + { + case NID_pkcs7_signed: + sk= &(p7->d.sign->crl); + break; + case NID_pkcs7_signedAndEnveloped: + sk= &(p7->d.signed_and_enveloped->crl); + break; + default: + PKCS7err(PKCS7_F_PKCS7_ADD_CRL,PKCS7_R_WRONG_CONTENT_TYPE); + return(0); + } + + if (*sk == NULL) + *sk=sk_new_null(); + + CRYPTO_add(&crl->references,1,CRYPTO_LOCK_X509_CRL); + sk_push(*sk,(char *)crl); + return(1); + } + +int PKCS7_SIGNER_INFO_set(p7i,x509,pkey,dgst) +PKCS7_SIGNER_INFO *p7i; +X509 *x509; +EVP_PKEY *pkey; +EVP_MD *dgst; + { + /* We now need to add another PKCS7_SIGNER_INFO entry */ + ASN1_INTEGER_set(p7i->version,1); + X509_NAME_set(&p7i->issuer_and_serial->issuer, + X509_get_issuer_name(x509)); + + /* because ASN1_INTEGER_set is used to set a 'long' we will do + * things the ugly way. */ + ASN1_INTEGER_free(p7i->issuer_and_serial->serial); + p7i->issuer_and_serial->serial= + ASN1_INTEGER_dup(X509_get_serialNumber(x509)); + + /* lets keep the pkey around for a while */ + CRYPTO_add(&pkey->references,1,CRYPTO_LOCK_EVP_PKEY); + p7i->pkey=pkey; + + /* Set the algorithms */ + p7i->digest_alg->algorithm=OBJ_nid2obj(EVP_MD_type(dgst)); + p7i->digest_enc_alg->algorithm=OBJ_nid2obj(EVP_MD_pkey_type(dgst)); + +#if 1 + if (p7i->digest_enc_alg->parameter != NULL) + ASN1_TYPE_free(p7i->digest_enc_alg->parameter); + if ((p7i->digest_enc_alg->parameter=ASN1_TYPE_new()) == NULL) + goto err; + p7i->digest_enc_alg->parameter->type=V_ASN1_NULL; +#endif + + return(1); +err: + return(0); + } + +PKCS7_SIGNER_INFO *PKCS7_add_signature(p7,x509,pkey,dgst) +PKCS7 *p7; +X509 *x509; +EVP_PKEY *pkey; +EVP_MD *dgst; + { + PKCS7_SIGNER_INFO *si; + + if ((si=PKCS7_SIGNER_INFO_new()) == NULL) goto err; + if (!PKCS7_SIGNER_INFO_set(si,x509,pkey,dgst)) goto err; + if (!PKCS7_add_signer(p7,si)) goto err; + return(si); +err: + return(NULL); + } + +STACK *PKCS7_get_signer_info(p7) +PKCS7 *p7; + { + if (PKCS7_type_is_signed(p7)) + { + return(p7->d.sign->signer_info); + } + else + return(NULL); + } + +PKCS7_RECIP_INFO *PKCS7_add_recipient(p7,x509) +PKCS7 *p7; +X509 *x509; + { + PKCS7_RECIP_INFO *ri; + + if ((ri=PKCS7_RECIP_INFO_new()) == NULL) goto err; + if (!PKCS7_RECIP_INFO_set(ri,x509)) goto err; + if (!PKCS7_add_recipient_info(p7,ri)) goto err; + return(ri); +err: + return(NULL); + } + +int PKCS7_add_recipient_info(p7,ri) +PKCS7 *p7; +PKCS7_RECIP_INFO *ri; + { + int i; + STACK *sk; + + i=OBJ_obj2nid(p7->type); + switch (i) + { + case NID_pkcs7_signedAndEnveloped: + sk= p7->d.signed_and_enveloped->recipientinfo; + break; + default: + PKCS7err(PKCS7_F_PKCS7_ADD_RECIPIENT_INFO,PKCS7_R_WRONG_CONTENT_TYPE); + return(0); + } + + sk_push(sk,(char *)ri); + return(1); + } + +int PKCS7_RECIP_INFO_set(p7i,x509) +PKCS7_RECIP_INFO *p7i; +X509 *x509; + { + ASN1_INTEGER_set(p7i->version,0); + X509_NAME_set(&p7i->issuer_and_serial->issuer, + X509_get_issuer_name(x509)); + + ASN1_INTEGER_free(p7i->issuer_and_serial->serial); + p7i->issuer_and_serial->serial= + ASN1_INTEGER_dup(X509_get_serialNumber(x509)); + + CRYPTO_add(&x509->references,1,CRYPTO_LOCK_X509); + p7i->cert=x509; + + return(1); + } + +X509 *PKCS7_cert_from_signer_info(p7,si) +PKCS7 *p7; +PKCS7_SIGNER_INFO *si; + { + if (PKCS7_type_is_signed(p7)) + return(X509_find_by_issuer_and_serial(p7->d.sign->cert, + si->issuer_and_serial->issuer, + si->issuer_and_serial->serial)); + else + return(NULL); + } + +int PKCS7_set_cipher(p7,cipher) +PKCS7 *p7; +EVP_CIPHER *cipher; + { + int i; + PKCS7_ENC_CONTENT *ec; + + i=OBJ_obj2nid(p7->type); + switch (i) + { + case NID_pkcs7_signedAndEnveloped: + ec=p7->d.signed_and_enveloped->enc_data; + break; + default: + PKCS7err(PKCS7_F_PKCS7_SET_CIPHER,PKCS7_R_WRONG_CONTENT_TYPE); + return(0); + } + + ec->algorithm->algorithm=OBJ_nid2obj(EVP_CIPHER_nid(cipher)); + return(ec->algorithm->algorithm != NULL); + } + diff --git a/src/lib/libcrypto/pkcs7/pkcs7.h b/src/lib/libcrypto/pkcs7/pkcs7.h new file mode 100644 index 0000000000..ee12f670a8 --- /dev/null +++ b/src/lib/libcrypto/pkcs7/pkcs7.h @@ -0,0 +1,449 @@ +/* crypto/pkcs7/pkcs7.h */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#ifndef HEADER_PKCS7_H +#define HEADER_PKCS7_H + +#ifdef __cplusplus +extern "C" { +#endif + +#include "bio.h" +#include "x509.h" + +/* +Encryption_ID DES-CBC +Digest_ID MD5 +Digest_Encryption_ID rsaEncryption +Key_Encryption_ID rsaEncryption +*/ + +typedef struct pkcs7_issuer_and_serial_st + { + X509_NAME *issuer; + ASN1_INTEGER *serial; + } PKCS7_ISSUER_AND_SERIAL; + +typedef struct pkcs7_signer_info_st + { + ASN1_INTEGER *version; /* version 1 */ + PKCS7_ISSUER_AND_SERIAL *issuer_and_serial; + X509_ALGOR *digest_alg; + STACK /* X509_ATTRIBUTE */ *auth_attr; /* [ 0 ] */ + X509_ALGOR *digest_enc_alg; + ASN1_OCTET_STRING *enc_digest; + STACK /* X509_ATTRIBUTE */ *unauth_attr; /* [ 1 ] */ + + /* The private key to sign with */ + EVP_PKEY *pkey; + } PKCS7_SIGNER_INFO; + +typedef struct pkcs7_recip_info_st + { + ASN1_INTEGER *version; /* version 0 */ + PKCS7_ISSUER_AND_SERIAL *issuer_and_serial; + X509_ALGOR *key_enc_algor; + ASN1_OCTET_STRING *enc_key; + X509 *cert; /* get the pub-key from this */ + } PKCS7_RECIP_INFO; + +typedef struct pkcs7_signed_st + { + ASN1_INTEGER *version; /* version 1 */ + STACK /* X509_ALGOR's */ *md_algs; /* md used */ + STACK /* X509 */ *cert; /* [ 0 ] */ + STACK /* X509_CRL */ *crl; /* [ 1 ] */ + STACK /* PKCS7_SIGNER_INFO */ *signer_info; + + struct pkcs7_st *contents; + } PKCS7_SIGNED; +/* The above structure is very very similar to PKCS7_SIGN_ENVELOPE. + * How about merging the two */ + +typedef struct pkcs7_enc_content_st + { + ASN1_OBJECT *content_type; + X509_ALGOR *algorithm; + ASN1_OCTET_STRING *enc_data; /* [ 0 ] */ + } PKCS7_ENC_CONTENT; + +typedef struct pkcs7_enveloped_st + { + ASN1_INTEGER *version; /* version 0 */ + STACK /* PKCS7_RECIP_INFO */ *recipientinfo; + PKCS7_ENC_CONTENT *enc_data; + } PKCS7_ENVELOPE; + +typedef struct pkcs7_signedandenveloped_st + { + ASN1_INTEGER *version; /* version 1 */ + STACK /* X509_ALGOR's */ *md_algs; /* md used */ + STACK /* X509 */ *cert; /* [ 0 ] */ + STACK /* X509_CRL */ *crl; /* [ 1 ] */ + STACK /* PKCS7_SIGNER_INFO */ *signer_info; + + PKCS7_ENC_CONTENT *enc_data; + STACK /* PKCS7_RECIP_INFO */ *recipientinfo; + } PKCS7_SIGN_ENVELOPE; + +typedef struct pkcs7_digest_st + { + ASN1_INTEGER *version; /* version 0 */ + X509_ALGOR *md; /* md used */ + struct pkcs7_st *contents; + ASN1_OCTET_STRING *digest; + } PKCS7_DIGEST; + +typedef struct pkcs7_encrypted_st + { + ASN1_INTEGER *version; /* version 0 */ + PKCS7_ENC_CONTENT *enc_data; + } PKCS7_ENCRYPT; + +typedef struct pkcs7_st + { + /* The following is non NULL if it contains ASN1 encoding of + * this structure */ + unsigned char *asn1; + long length; + +#define PKCS7_S_HEADER 0 +#define PKCS7_S_BODY 1 +#define PKCS7_S_TAIL 2 + int state; /* used during processing */ + + int detached; + + ASN1_OBJECT *type; + /* content as defined by the type */ + /* all encryption/message digests are applied to the 'contents', + * leaving out the 'type' field. */ + union { + char *ptr; + + /* NID_pkcs7_data */ + ASN1_OCTET_STRING *data; + + /* NID_pkcs7_signed */ + PKCS7_SIGNED *sign; + + /* NID_pkcs7_enveloped */ + PKCS7_ENVELOPE *enveloped; + + /* NID_pkcs7_signedAndEnveloped */ + PKCS7_SIGN_ENVELOPE *signed_and_enveloped; + + /* NID_pkcs7_digest */ + PKCS7_DIGEST *digest; + + /* NID_pkcs7_encrypted */ + PKCS7_ENCRYPT *encrypted; + } d; + } PKCS7; + +#define PKCS7_OP_SET_DETACHED_SIGNATURE 1 +#define PKCS7_OP_GET_DETACHED_SIGNATURE 2 + +#define PKCS7_type_is_signed(a) (OBJ_obj2nid((a)->type) == NID_pkcs7_signed) +#define PKCS7_type_is_data(a) (OBJ_obj2nid((a)->type) == NID_pkcs7_data) + +#define PKCS7_set_detached(p,v) \ + PKCS7_ctrl(p,PKCS7_OP_SET_DETACHED_SIGNATURE,v,NULL) +#define PKCS7_get_detached(p) \ + PKCS7_ctrl(p,PKCS7_OP_GET_DETACHED_SIGNATURE,0,NULL) + +#ifdef SSLEAY_MACROS + +#define PKCS7_ISSUER_AND_SERIAL_digest(data,type,md,len) \ + ASN1_digest((int (*)())i2d_PKCS7_ISSUER_AND_SERIAL,type,\ + (char *)data,md,len) +#endif + + +#ifndef NOPROTO +PKCS7_ISSUER_AND_SERIAL *PKCS7_ISSUER_AND_SERIAL_new(void ); +void PKCS7_ISSUER_AND_SERIAL_free( + PKCS7_ISSUER_AND_SERIAL *a); +int i2d_PKCS7_ISSUER_AND_SERIAL( + PKCS7_ISSUER_AND_SERIAL *a,unsigned char **pp); +PKCS7_ISSUER_AND_SERIAL *d2i_PKCS7_ISSUER_AND_SERIAL( + PKCS7_ISSUER_AND_SERIAL **a, + unsigned char **pp, long length); + +#ifndef SSLEAY_MACROS +int PKCS7_ISSUER_AND_SERIAL_digest(PKCS7_ISSUER_AND_SERIAL *data,EVP_MD *type, + unsigned char *md,unsigned int *len); +#ifndef NO_FP_API +PKCS7 *d2i_PKCS7_fp(FILE *fp,PKCS7 *p7); +int i2d_PKCS7_fp(FILE *fp,PKCS7 *p7); +#endif +PKCS7 *PKCS7_dup(PKCS7 *p7); +PKCS7 *d2i_PKCS7_bio(BIO *bp,PKCS7 *p7); +int i2d_PKCS7_bio(BIO *bp,PKCS7 *p7); +#endif + +PKCS7_SIGNER_INFO *PKCS7_SIGNER_INFO_new(void); +void PKCS7_SIGNER_INFO_free(PKCS7_SIGNER_INFO *a); +int i2d_PKCS7_SIGNER_INFO(PKCS7_SIGNER_INFO *a, + unsigned char **pp); +PKCS7_SIGNER_INFO *d2i_PKCS7_SIGNER_INFO(PKCS7_SIGNER_INFO **a, + unsigned char **pp,long length); + +PKCS7_RECIP_INFO *PKCS7_RECIP_INFO_new(void); +void PKCS7_RECIP_INFO_free(PKCS7_RECIP_INFO *a); +int i2d_PKCS7_RECIP_INFO(PKCS7_RECIP_INFO *a, + unsigned char **pp); +PKCS7_RECIP_INFO *d2i_PKCS7_RECIP_INFO(PKCS7_RECIP_INFO **a, + unsigned char **pp,long length); + +PKCS7_SIGNED *PKCS7_SIGNED_new(void); +void PKCS7_SIGNED_free(PKCS7_SIGNED *a); +int i2d_PKCS7_SIGNED(PKCS7_SIGNED *a, + unsigned char **pp); +PKCS7_SIGNED *d2i_PKCS7_SIGNED(PKCS7_SIGNED **a, + unsigned char **pp,long length); + +PKCS7_ENC_CONTENT *PKCS7_ENC_CONTENT_new(void); +void PKCS7_ENC_CONTENT_free(PKCS7_ENC_CONTENT *a); +int i2d_PKCS7_ENC_CONTENT(PKCS7_ENC_CONTENT *a, + unsigned char **pp); +PKCS7_ENC_CONTENT *d2i_PKCS7_ENC_CONTENT(PKCS7_ENC_CONTENT **a, + unsigned char **pp,long length); + +PKCS7_ENVELOPE *PKCS7_ENVELOPE_new(void); +void PKCS7_ENVELOPE_free(PKCS7_ENVELOPE *a); +int i2d_PKCS7_ENVELOPE(PKCS7_ENVELOPE *a, + unsigned char **pp); +PKCS7_ENVELOPE *d2i_PKCS7_ENVELOPE(PKCS7_ENVELOPE **a, + unsigned char **pp,long length); + +PKCS7_SIGN_ENVELOPE *PKCS7_SIGN_ENVELOPE_new(void); +void PKCS7_SIGN_ENVELOPE_free(PKCS7_SIGN_ENVELOPE *a); +int i2d_PKCS7_SIGN_ENVELOPE(PKCS7_SIGN_ENVELOPE *a, + unsigned char **pp); +PKCS7_SIGN_ENVELOPE *d2i_PKCS7_SIGN_ENVELOPE(PKCS7_SIGN_ENVELOPE **a, + unsigned char **pp,long length); + +PKCS7_DIGEST *PKCS7_DIGEST_new(void); +void PKCS7_DIGEST_free(PKCS7_DIGEST *a); +int i2d_PKCS7_DIGEST(PKCS7_DIGEST *a, + unsigned char **pp); +PKCS7_DIGEST *d2i_PKCS7_DIGEST(PKCS7_DIGEST **a, + unsigned char **pp,long length); + +PKCS7_ENCRYPT *PKCS7_ENCRYPT_new(void); +void PKCS7_ENCRYPT_free(PKCS7_ENCRYPT *a); +int i2d_PKCS7_ENCRYPT(PKCS7_ENCRYPT *a, + unsigned char **pp); +PKCS7_ENCRYPT *d2i_PKCS7_ENCRYPT(PKCS7_ENCRYPT **a, + unsigned char **pp,long length); + +PKCS7 *PKCS7_new(void); +void PKCS7_free(PKCS7 *a); +void PKCS7_content_free(PKCS7 *a); +int i2d_PKCS7(PKCS7 *a, + unsigned char **pp); +PKCS7 *d2i_PKCS7(PKCS7 **a, + unsigned char **pp,long length); + +void ERR_load_PKCS7_strings(void); + + +long PKCS7_ctrl(PKCS7 *p7, int cmd, long larg, char *parg); + +int PKCS7_set_type(PKCS7 *p7, int type); +int PKCS7_set_content(PKCS7 *p7, PKCS7 *p7_data); +int PKCS7_SIGNER_INFO_set(PKCS7_SIGNER_INFO *p7i, X509 *x509, EVP_PKEY *pkey, + EVP_MD *dgst); +int PKCS7_add_signer(PKCS7 *p7, PKCS7_SIGNER_INFO *p7i); +int PKCS7_add_certificate(PKCS7 *p7, X509 *x509); +int PKCS7_add_crl(PKCS7 *p7, X509_CRL *x509); +int PKCS7_content_new(PKCS7 *p7, int nid); +int PKCS7_dataSign(PKCS7 *p7, BIO *bio); +int PKCS7_dataVerify(X509_STORE *cert_store, X509_STORE_CTX *ctx, + BIO *bio, PKCS7 *p7, PKCS7_SIGNER_INFO *si); + +BIO *PKCS7_dataInit(PKCS7 *p7, BIO *bio); +/*int PKCS7_DataFinal(PKCS7 *p7, BIO *bio); */ + +PKCS7_SIGNER_INFO *PKCS7_add_signature(PKCS7 *p7, X509 *x509, + EVP_PKEY *pkey, EVP_MD *dgst); +X509 *PKCS7_cert_from_signer_info(PKCS7 *p7, PKCS7_SIGNER_INFO *si); +STACK *PKCS7_get_signer_info(PKCS7 *p7); + +PKCS7_RECIP_INFO *PKCS7_add_recipient(PKCS7 *p7, X509 *x509); +int PKCS7_add_recipient_info(PKCS7 *p7, PKCS7_RECIP_INFO *ri); +int PKCS7_RECIP_INFO_set(PKCS7_RECIP_INFO *p7i, X509 *x509); +int PKCS7_set_cipher(PKCS7 *p7, EVP_CIPHER *cipher); + + + +#else + +PKCS7_ISSUER_AND_SERIAL *PKCS7_ISSUER_AND_SERIAL_new(); +void PKCS7_ISSUER_AND_SERIAL_free(); +int i2d_PKCS7_ISSUER_AND_SERIAL(); +PKCS7_ISSUER_AND_SERIAL *d2i_PKCS7_ISSUER_AND_SERIAL(); + +#ifndef SSLEAY_MACROS +int PKCS7_ISSUER_AND_SERIAL_digest(); +#ifndef NO_FP_API +PKCS7 *d2i_PKCS7_fp(); +int i2d_PKCS7_fp(); +#endif +PKCS7 *PKCS7_dup(); +PKCS7 *d2i_PKCS7_bio(); +int i2d_PKCS7_bio(); + +#endif + +PKCS7_SIGNER_INFO *PKCS7_SIGNER_INFO_new(); +void PKCS7_SIGNER_INFO_free(); +int i2d_PKCS7_SIGNER_INFO(); +PKCS7_SIGNER_INFO *d2i_PKCS7_SIGNER_INFO(); +PKCS7_RECIP_INFO *PKCS7_RECIP_INFO_new(); +void PKCS7_RECIP_INFO_free(); +int i2d_PKCS7_RECIP_INFO(); +PKCS7_RECIP_INFO *d2i_PKCS7_RECIP_INFO(); +PKCS7_SIGNED *PKCS7_SIGNED_new(); +void PKCS7_SIGNED_free(); +int i2d_PKCS7_SIGNED(); +PKCS7_SIGNED *d2i_PKCS7_SIGNED(); +PKCS7_ENC_CONTENT *PKCS7_ENC_CONTENT_new(); +void PKCS7_ENC_CONTENT_free(); +int i2d_PKCS7_ENC_CONTENT(); +PKCS7_ENC_CONTENT *d2i_PKCS7_ENC_CONTENT(); +PKCS7_ENVELOPE *PKCS7_ENVELOPE_new(); +void PKCS7_ENVELOPE_free(); +int i2d_PKCS7_ENVELOPE(); +PKCS7_ENVELOPE *d2i_PKCS7_ENVELOPE(); +PKCS7_SIGN_ENVELOPE *PKCS7_SIGN_ENVELOPE_new(); +void PKCS7_SIGN_ENVELOPE_free(); +int i2d_PKCS7_SIGN_ENVELOPE(); +PKCS7_SIGN_ENVELOPE *d2i_PKCS7_SIGN_ENVELOPE(); +PKCS7_DIGEST *PKCS7_DIGEST_new(); +void PKCS7_DIGEST_free(); +int i2d_PKCS7_DIGEST(); +PKCS7_DIGEST *d2i_PKCS7_DIGEST(); +PKCS7_ENCRYPT *PKCS7_ENCRYPT_new(); +void PKCS7_ENCRYPT_free(); +int i2d_PKCS7_ENCRYPT(); +PKCS7_ENCRYPT *d2i_PKCS7_ENCRYPT(); +PKCS7 *PKCS7_new(); +void PKCS7_free(); +void PKCS7_content_free(); +int i2d_PKCS7(); +PKCS7 *d2i_PKCS7(); + +void ERR_load_PKCS7_strings(); + +long PKCS7_ctrl(); +int PKCS7_set_type(); +int PKCS7_set_content(); +int PKCS7_SIGNER_INFO_set(); +int PKCS7_add_signer(); +int PKCS7_add_certificate(); +int PKCS7_add_crl(); +int PKCS7_content_new(); +int PKCS7_dataSign(); +int PKCS7_dataVerify(); +BIO *PKCS7_dataInit(); +PKCS7_SIGNER_INFO *PKCS7_add_signature(); +X509 *PKCS7_cert_from_signer_info(); +STACK *PKCS7_get_signer_info(); + +PKCS7_RECIP_INFO *PKCS7_add_recipient(); +int PKCS7_add_recipient_info(); +int PKCS7_RECIP_INFO_set(); +int PKCS7_set_cipher(); + +#endif + +/* BEGIN ERROR CODES */ +/* Error codes for the PKCS7 functions. */ + +/* Function codes. */ +#define PKCS7_F_PKCS7_ADD_CERTIFICATE 100 +#define PKCS7_F_PKCS7_ADD_CRL 101 +#define PKCS7_F_PKCS7_ADD_RECIPIENT_INFO 102 +#define PKCS7_F_PKCS7_ADD_SIGNER 103 +#define PKCS7_F_PKCS7_CTRL 104 +#define PKCS7_F_PKCS7_DATAINIT 105 +#define PKCS7_F_PKCS7_DATASIGN 106 +#define PKCS7_F_PKCS7_DATAVERIFY 107 +#define PKCS7_F_PKCS7_SET_CIPHER 108 +#define PKCS7_F_PKCS7_SET_CONTENT 109 +#define PKCS7_F_PKCS7_SET_TYPE 110 + +/* Reason codes. */ +#define PKCS7_R_INTERNAL_ERROR 100 +#define PKCS7_R_OPERATION_NOT_SUPPORTED_ON_THIS_TYPE 101 +#define PKCS7_R_SIGNATURE_FAILURE 102 +#define PKCS7_R_UNABLE_TO_FIND_CERTIFICATE 103 +#define PKCS7_R_UNABLE_TO_FIND_MEM_BIO 104 +#define PKCS7_R_UNABLE_TO_FIND_MESSAGE_DIGEST 105 +#define PKCS7_R_UNKNOWN_DIGEST_TYPE 106 +#define PKCS7_R_UNSUPPORTED_CIPHER_TYPE 107 +#define PKCS7_R_UNSUPPORTED_CONTENT_TYPE 108 +#define PKCS7_R_WRONG_CONTENT_TYPE 109 + +#ifdef __cplusplus +} +#endif +#endif + diff --git a/src/lib/libcrypto/pkcs7/pkcs7err.c b/src/lib/libcrypto/pkcs7/pkcs7err.c new file mode 100644 index 0000000000..f851057422 --- /dev/null +++ b/src/lib/libcrypto/pkcs7/pkcs7err.c @@ -0,0 +1,110 @@ +/* lib/pkcs7/pkcs7_err.c */ +/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ +#include +#include "err.h" +#include "pkcs7.h" + +/* BEGIN ERROR CODES */ +#ifndef NO_ERR +static ERR_STRING_DATA PKCS7_str_functs[]= + { +{ERR_PACK(0,PKCS7_F_PKCS7_ADD_CERTIFICATE,0), "PKCS7_add_certificate"}, +{ERR_PACK(0,PKCS7_F_PKCS7_ADD_CRL,0), "PKCS7_add_crl"}, +{ERR_PACK(0,PKCS7_F_PKCS7_ADD_RECIPIENT_INFO,0), "PKCS7_add_recipient_info"}, +{ERR_PACK(0,PKCS7_F_PKCS7_ADD_SIGNER,0), "PKCS7_add_signer"}, +{ERR_PACK(0,PKCS7_F_PKCS7_CTRL,0), "PKCS7_ctrl"}, +{ERR_PACK(0,PKCS7_F_PKCS7_DATAINIT,0), "PKCS7_dataInit"}, +{ERR_PACK(0,PKCS7_F_PKCS7_DATASIGN,0), "PKCS7_dataSign"}, +{ERR_PACK(0,PKCS7_F_PKCS7_DATAVERIFY,0), "PKCS7_dataVerify"}, +{ERR_PACK(0,PKCS7_F_PKCS7_SET_CIPHER,0), "PKCS7_set_cipher"}, +{ERR_PACK(0,PKCS7_F_PKCS7_SET_CONTENT,0), "PKCS7_set_content"}, +{ERR_PACK(0,PKCS7_F_PKCS7_SET_TYPE,0), "PKCS7_set_type"}, +{0,NULL}, + }; + +static ERR_STRING_DATA PKCS7_str_reasons[]= + { +{PKCS7_R_INTERNAL_ERROR ,"internal error"}, +{PKCS7_R_OPERATION_NOT_SUPPORTED_ON_THIS_TYPE,"operation not supported on this type"}, +{PKCS7_R_SIGNATURE_FAILURE ,"signature failure"}, +{PKCS7_R_UNABLE_TO_FIND_CERTIFICATE ,"unable to find certificate"}, +{PKCS7_R_UNABLE_TO_FIND_MEM_BIO ,"unable to find mem bio"}, +{PKCS7_R_UNABLE_TO_FIND_MESSAGE_DIGEST ,"unable to find message digest"}, +{PKCS7_R_UNKNOWN_DIGEST_TYPE ,"unknown digest type"}, +{PKCS7_R_UNSUPPORTED_CIPHER_TYPE ,"unsupported cipher type"}, +{PKCS7_R_UNSUPPORTED_CONTENT_TYPE ,"unsupported content type"}, +{PKCS7_R_WRONG_CONTENT_TYPE ,"wrong content type"}, +{0,NULL}, + }; + +#endif + +void ERR_load_PKCS7_strings() + { + static int init=1; + + if (init); + {; + init=0; +#ifndef NO_ERR + ERR_load_strings(ERR_LIB_PKCS7,PKCS7_str_functs); + ERR_load_strings(ERR_LIB_PKCS7,PKCS7_str_reasons); +#endif + + } + } diff --git a/src/lib/libcrypto/rand/rand.h b/src/lib/libcrypto/rand/rand.h new file mode 100644 index 0000000000..477d7a150a --- /dev/null +++ b/src/lib/libcrypto/rand/rand.h @@ -0,0 +1,92 @@ +/* crypto/rand/rand.h */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#ifndef HEADER_RAND_H +#define HEADER_RAND_H + +#ifdef __cplusplus +extern "C" { +#endif + +#ifndef NOPROTO +void RAND_cleanup(void ); +void RAND_bytes( unsigned char *buf,int num); +void RAND_seed( unsigned char *buf,int num); +int RAND_load_file(char *file,long max_bytes); +int RAND_write_file(char *file); +char *RAND_file_name(char *file,int num); +#ifdef WINDOWS +void RAND_screen(void); +#endif +#else +void RAND_cleanup(); +void RAND_bytes(); +void RAND_seed(); +int RAND_load_file(); +int RAND_write_file(); +char *RAND_file_name(); +#ifdef WINDOWS +void RAND_screen(); +#endif +#endif + +#ifdef __cplusplus +} +#endif + +#endif diff --git a/src/lib/libcrypto/rand/randfile.c b/src/lib/libcrypto/rand/randfile.c new file mode 100644 index 0000000000..f2b3746363 --- /dev/null +++ b/src/lib/libcrypto/rand/randfile.c @@ -0,0 +1,166 @@ +/* crypto/rand/randfile.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include +#include "cryptlib.h" +#include +#include +#include "rand.h" + +#undef BUFSIZE +#define BUFSIZE 1024 +#define RAND_DATA 1024 + +/* #define RFILE ".rand" - defined in ../../e_os.h */ + +int RAND_load_file(file,bytes) +char *file; +long bytes; + { + MS_STATIC unsigned char buf[BUFSIZE]; + struct stat sb; + int i,ret=0,n; + FILE *in; + + if (file == NULL) return(0); + + i=stat(file,&sb); + /* If the state fails, put some crap in anyway */ + RAND_seed((unsigned char *)&sb,sizeof(sb)); + ret+=sizeof(sb); + if (i < 0) return(0); + if (bytes <= 0) return(ret); + + in=fopen(file,"r"); + if (in == NULL) goto err; + for (;;) + { + n=(bytes < BUFSIZE)?(int)bytes:BUFSIZE; + i=fread(buf,1,n,in); + if (i <= 0) break; + /* even if n != i, use the full array */ + RAND_seed(buf,n); + ret+=i; + bytes-=n; + if (bytes <= 0) break; + } + fclose(in); + memset(buf,0,BUFSIZE); +err: + return(ret); + } + +int RAND_write_file(file) +char *file; + { + unsigned char buf[BUFSIZE]; + int i,ret=0; + FILE *out; + int n; + + out=fopen(file,"w"); + if (out == NULL) goto err; + chmod(file,0600); + n=RAND_DATA; + for (;;) + { + i=(n > BUFSIZE)?BUFSIZE:n; + n-=BUFSIZE; + RAND_bytes(buf,i); + i=fwrite(buf,1,i,out); + if (i <= 0) + { + ret=0; + break; + } + ret+=i; + if (n <= 0) break; + } + fclose(out); + memset(buf,0,BUFSIZE); +err: + return(ret); + } + +char *RAND_file_name(buf,size) +char *buf; +int size; + { + char *s; + char *ret=NULL; + + s=getenv("RANDFILE"); + if (s != NULL) + { + strncpy(buf,s,size-1); + buf[size-1]='\0'; + ret=buf; + } + else + { + s=getenv("HOME"); + if (s == NULL) return(RFILE); + if (((int)(strlen(s)+strlen(RFILE)+2)) > size) + return(RFILE); + strcpy(buf,s); + strcat(buf,"/"); + strcat(buf,RFILE); + ret=buf; + } + return(ret); + } diff --git a/src/lib/libcrypto/rc2/rc2_cbc.c b/src/lib/libcrypto/rc2/rc2_cbc.c new file mode 100644 index 0000000000..22e89f0441 --- /dev/null +++ b/src/lib/libcrypto/rc2/rc2_cbc.c @@ -0,0 +1,235 @@ +/* crypto/rc2/rc2_cbc.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include "rc2.h" +#include "rc2_locl.h" + +void RC2_cbc_encrypt(in, out, length, ks, iv, encrypt) +unsigned char *in; +unsigned char *out; +long length; +RC2_KEY *ks; +unsigned char *iv; +int encrypt; + { + register unsigned long tin0,tin1; + register unsigned long tout0,tout1,xor0,xor1; + register long l=length; + unsigned long tin[2]; + + if (encrypt) + { + c2l(iv,tout0); + c2l(iv,tout1); + iv-=8; + for (l-=8; l>=0; l-=8) + { + c2l(in,tin0); + c2l(in,tin1); + tin0^=tout0; + tin1^=tout1; + tin[0]=tin0; + tin[1]=tin1; + RC2_encrypt(tin,ks); + tout0=tin[0]; l2c(tout0,out); + tout1=tin[1]; l2c(tout1,out); + } + if (l != -8) + { + c2ln(in,tin0,tin1,l+8); + tin0^=tout0; + tin1^=tout1; + tin[0]=tin0; + tin[1]=tin1; + RC2_encrypt(tin,ks); + tout0=tin[0]; l2c(tout0,out); + tout1=tin[1]; l2c(tout1,out); + } + l2c(tout0,iv); + l2c(tout1,iv); + } + else + { + c2l(iv,xor0); + c2l(iv,xor1); + iv-=8; + for (l-=8; l>=0; l-=8) + { + c2l(in,tin0); tin[0]=tin0; + c2l(in,tin1); tin[1]=tin1; + RC2_decrypt(tin,ks); + tout0=tin[0]^xor0; + tout1=tin[1]^xor1; + l2c(tout0,out); + l2c(tout1,out); + xor0=tin0; + xor1=tin1; + } + if (l != -8) + { + c2l(in,tin0); tin[0]=tin0; + c2l(in,tin1); tin[1]=tin1; + RC2_decrypt(tin,ks); + tout0=tin[0]^xor0; + tout1=tin[1]^xor1; + l2cn(tout0,tout1,out,l+8); + xor0=tin0; + xor1=tin1; + } + l2c(xor0,iv); + l2c(xor1,iv); + } + tin0=tin1=tout0=tout1=xor0=xor1=0; + tin[0]=tin[1]=0; + } + +void RC2_encrypt(d,key) +unsigned long *d; +RC2_KEY *key; + { + int i,n; + register RC2_INT *p0,*p1; + register RC2_INT x0,x1,x2,x3,t; + unsigned long l; + + l=d[0]; + x0=(RC2_INT)l&0xffff; + x1=(RC2_INT)(l>>16L); + l=d[1]; + x2=(RC2_INT)l&0xffff; + x3=(RC2_INT)(l>>16L); + + n=3; + i=5; + + p0=p1= &(key->data[0]); + for (;;) + { + t=(x0+(x1& ~x3)+(x2&x3)+ *(p0++))&0xffff; + x0=(t<<1)|(t>>15); + t=(x1+(x2& ~x0)+(x3&x0)+ *(p0++))&0xffff; + x1=(t<<2)|(t>>14); + t=(x2+(x3& ~x1)+(x0&x1)+ *(p0++))&0xffff; + x2=(t<<3)|(t>>13); + t=(x3+(x0& ~x2)+(x1&x2)+ *(p0++))&0xffff; + x3=(t<<5)|(t>>11); + + if (--i == 0) + { + if (--n == 0) break; + i=(n == 2)?6:5; + + x0+=p1[x3&0x3f]; + x1+=p1[x0&0x3f]; + x2+=p1[x1&0x3f]; + x3+=p1[x2&0x3f]; + } + } + + d[0]=(unsigned long)(x0&0xffff)|((unsigned long)(x1&0xffff)<<16L); + d[1]=(unsigned long)(x2&0xffff)|((unsigned long)(x3&0xffff)<<16L); + } + +void RC2_decrypt(d,key) +unsigned long *d; +RC2_KEY *key; + { + int i,n; + register RC2_INT *p0,*p1; + register RC2_INT x0,x1,x2,x3,t; + unsigned long l; + + l=d[0]; + x0=(RC2_INT)l&0xffff; + x1=(RC2_INT)(l>>16L); + l=d[1]; + x2=(RC2_INT)l&0xffff; + x3=(RC2_INT)(l>>16L); + + n=3; + i=5; + + p0= &(key->data[63]); + p1= &(key->data[0]); + for (;;) + { + t=((x3<<11)|(x3>>5))&0xffff; + x3=(t-(x0& ~x2)-(x1&x2)- *(p0--))&0xffff; + t=((x2<<13)|(x2>>3))&0xffff; + x2=(t-(x3& ~x1)-(x0&x1)- *(p0--))&0xffff; + t=((x1<<14)|(x1>>2))&0xffff; + x1=(t-(x2& ~x0)-(x3&x0)- *(p0--))&0xffff; + t=((x0<<15)|(x0>>1))&0xffff; + x0=(t-(x1& ~x3)-(x2&x3)- *(p0--))&0xffff; + + if (--i == 0) + { + if (--n == 0) break; + i=(n == 2)?6:5; + + x3=(x3-p1[x2&0x3f])&0xffff; + x2=(x2-p1[x1&0x3f])&0xffff; + x1=(x1-p1[x0&0x3f])&0xffff; + x0=(x0-p1[x3&0x3f])&0xffff; + } + } + + d[0]=(unsigned long)(x0&0xffff)|((unsigned long)(x1&0xffff)<<16L); + d[1]=(unsigned long)(x2&0xffff)|((unsigned long)(x3&0xffff)<<16L); + } + diff --git a/src/lib/libcrypto/rc2/rc2_ecb.c b/src/lib/libcrypto/rc2/rc2_ecb.c new file mode 100644 index 0000000000..96239cd4e0 --- /dev/null +++ b/src/lib/libcrypto/rc2/rc2_ecb.c @@ -0,0 +1,90 @@ +/* crypto/rc2/rc2_ecb.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include "rc2.h" +#include "rc2_locl.h" + +char *RC2_version="RC2 part of SSLeay 0.9.0b 29-Jun-1998"; + +/* RC2 as implemented frm a posting from + * Newsgroups: sci.crypt + * Sender: pgut01@cs.auckland.ac.nz (Peter Gutmann) + * Subject: Specification for Ron Rivests Cipher No.2 + * Message-ID: <4fk39f$f70@net.auckland.ac.nz> + * Date: 11 Feb 1996 06:45:03 GMT + */ + +void RC2_ecb_encrypt(in, out, ks, encrypt) +unsigned char *in; +unsigned char *out; +RC2_KEY *ks; +int encrypt; + { + unsigned long l,d[2]; + + c2l(in,l); d[0]=l; + c2l(in,l); d[1]=l; + if (encrypt) + RC2_encrypt(d,ks); + else + RC2_decrypt(d,ks); + l=d[0]; l2c(l,out); + l=d[1]; l2c(l,out); + l=d[0]=d[1]=0; + } + diff --git a/src/lib/libcrypto/rc2/rc2_locl.h b/src/lib/libcrypto/rc2/rc2_locl.h new file mode 100644 index 0000000000..565cd17619 --- /dev/null +++ b/src/lib/libcrypto/rc2/rc2_locl.h @@ -0,0 +1,156 @@ +/* crypto/rc2/rc2_locl.h */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#undef c2l +#define c2l(c,l) (l =((unsigned long)(*((c)++))) , \ + l|=((unsigned long)(*((c)++)))<< 8L, \ + l|=((unsigned long)(*((c)++)))<<16L, \ + l|=((unsigned long)(*((c)++)))<<24L) + +/* NOTE - c is not incremented as per c2l */ +#undef c2ln +#define c2ln(c,l1,l2,n) { \ + c+=n; \ + l1=l2=0; \ + switch (n) { \ + case 8: l2 =((unsigned long)(*(--(c))))<<24L; \ + case 7: l2|=((unsigned long)(*(--(c))))<<16L; \ + case 6: l2|=((unsigned long)(*(--(c))))<< 8L; \ + case 5: l2|=((unsigned long)(*(--(c)))); \ + case 4: l1 =((unsigned long)(*(--(c))))<<24L; \ + case 3: l1|=((unsigned long)(*(--(c))))<<16L; \ + case 2: l1|=((unsigned long)(*(--(c))))<< 8L; \ + case 1: l1|=((unsigned long)(*(--(c)))); \ + } \ + } + +#undef l2c +#define l2c(l,c) (*((c)++)=(unsigned char)(((l) )&0xff), \ + *((c)++)=(unsigned char)(((l)>> 8L)&0xff), \ + *((c)++)=(unsigned char)(((l)>>16L)&0xff), \ + *((c)++)=(unsigned char)(((l)>>24L)&0xff)) + +/* NOTE - c is not incremented as per l2c */ +#undef l2cn +#define l2cn(l1,l2,c,n) { \ + c+=n; \ + switch (n) { \ + case 8: *(--(c))=(unsigned char)(((l2)>>24L)&0xff); \ + case 7: *(--(c))=(unsigned char)(((l2)>>16L)&0xff); \ + case 6: *(--(c))=(unsigned char)(((l2)>> 8L)&0xff); \ + case 5: *(--(c))=(unsigned char)(((l2) )&0xff); \ + case 4: *(--(c))=(unsigned char)(((l1)>>24L)&0xff); \ + case 3: *(--(c))=(unsigned char)(((l1)>>16L)&0xff); \ + case 2: *(--(c))=(unsigned char)(((l1)>> 8L)&0xff); \ + case 1: *(--(c))=(unsigned char)(((l1) )&0xff); \ + } \ + } + +/* NOTE - c is not incremented as per n2l */ +#define n2ln(c,l1,l2,n) { \ + c+=n; \ + l1=l2=0; \ + switch (n) { \ + case 8: l2 =((unsigned long)(*(--(c)))) ; \ + case 7: l2|=((unsigned long)(*(--(c))))<< 8; \ + case 6: l2|=((unsigned long)(*(--(c))))<<16; \ + case 5: l2|=((unsigned long)(*(--(c))))<<24; \ + case 4: l1 =((unsigned long)(*(--(c)))) ; \ + case 3: l1|=((unsigned long)(*(--(c))))<< 8; \ + case 2: l1|=((unsigned long)(*(--(c))))<<16; \ + case 1: l1|=((unsigned long)(*(--(c))))<<24; \ + } \ + } + +/* NOTE - c is not incremented as per l2n */ +#define l2nn(l1,l2,c,n) { \ + c+=n; \ + switch (n) { \ + case 8: *(--(c))=(unsigned char)(((l2) )&0xff); \ + case 7: *(--(c))=(unsigned char)(((l2)>> 8)&0xff); \ + case 6: *(--(c))=(unsigned char)(((l2)>>16)&0xff); \ + case 5: *(--(c))=(unsigned char)(((l2)>>24)&0xff); \ + case 4: *(--(c))=(unsigned char)(((l1) )&0xff); \ + case 3: *(--(c))=(unsigned char)(((l1)>> 8)&0xff); \ + case 2: *(--(c))=(unsigned char)(((l1)>>16)&0xff); \ + case 1: *(--(c))=(unsigned char)(((l1)>>24)&0xff); \ + } \ + } + +#undef n2l +#define n2l(c,l) (l =((unsigned long)(*((c)++)))<<24L, \ + l|=((unsigned long)(*((c)++)))<<16L, \ + l|=((unsigned long)(*((c)++)))<< 8L, \ + l|=((unsigned long)(*((c)++)))) + +#undef l2n +#define l2n(l,c) (*((c)++)=(unsigned char)(((l)>>24L)&0xff), \ + *((c)++)=(unsigned char)(((l)>>16L)&0xff), \ + *((c)++)=(unsigned char)(((l)>> 8L)&0xff), \ + *((c)++)=(unsigned char)(((l) )&0xff)) + +#define C_RC2(n) \ + t=(x0+(x1& ~x3)+(x2&x3)+ *(p0++))&0xffff; \ + x0=(t<<1)|(t>>15); \ + t=(x1+(x2& ~x0)+(x3&x0)+ *(p0++))&0xffff; \ + x1=(t<<2)|(t>>14); \ + t=(x2+(x3& ~x1)+(x0&x1)+ *(p0++))&0xffff; \ + x2=(t<<3)|(t>>13); \ + t=(x3+(x0& ~x2)+(x1&x2)+ *(p0++))&0xffff; \ + x3=(t<<5)|(t>>11); + diff --git a/src/lib/libcrypto/rc2/rc2_skey.c b/src/lib/libcrypto/rc2/rc2_skey.c new file mode 100644 index 0000000000..0f1f253395 --- /dev/null +++ b/src/lib/libcrypto/rc2/rc2_skey.c @@ -0,0 +1,142 @@ +/* crypto/rc2/rc2_skey.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include "rc2.h" +#include "rc2_locl.h" + +static unsigned char key_table[256]={ + 0xd9,0x78,0xf9,0xc4,0x19,0xdd,0xb5,0xed,0x28,0xe9,0xfd,0x79, + 0x4a,0xa0,0xd8,0x9d,0xc6,0x7e,0x37,0x83,0x2b,0x76,0x53,0x8e, + 0x62,0x4c,0x64,0x88,0x44,0x8b,0xfb,0xa2,0x17,0x9a,0x59,0xf5, + 0x87,0xb3,0x4f,0x13,0x61,0x45,0x6d,0x8d,0x09,0x81,0x7d,0x32, + 0xbd,0x8f,0x40,0xeb,0x86,0xb7,0x7b,0x0b,0xf0,0x95,0x21,0x22, + 0x5c,0x6b,0x4e,0x82,0x54,0xd6,0x65,0x93,0xce,0x60,0xb2,0x1c, + 0x73,0x56,0xc0,0x14,0xa7,0x8c,0xf1,0xdc,0x12,0x75,0xca,0x1f, + 0x3b,0xbe,0xe4,0xd1,0x42,0x3d,0xd4,0x30,0xa3,0x3c,0xb6,0x26, + 0x6f,0xbf,0x0e,0xda,0x46,0x69,0x07,0x57,0x27,0xf2,0x1d,0x9b, + 0xbc,0x94,0x43,0x03,0xf8,0x11,0xc7,0xf6,0x90,0xef,0x3e,0xe7, + 0x06,0xc3,0xd5,0x2f,0xc8,0x66,0x1e,0xd7,0x08,0xe8,0xea,0xde, + 0x80,0x52,0xee,0xf7,0x84,0xaa,0x72,0xac,0x35,0x4d,0x6a,0x2a, + 0x96,0x1a,0xd2,0x71,0x5a,0x15,0x49,0x74,0x4b,0x9f,0xd0,0x5e, + 0x04,0x18,0xa4,0xec,0xc2,0xe0,0x41,0x6e,0x0f,0x51,0xcb,0xcc, + 0x24,0x91,0xaf,0x50,0xa1,0xf4,0x70,0x39,0x99,0x7c,0x3a,0x85, + 0x23,0xb8,0xb4,0x7a,0xfc,0x02,0x36,0x5b,0x25,0x55,0x97,0x31, + 0x2d,0x5d,0xfa,0x98,0xe3,0x8a,0x92,0xae,0x05,0xdf,0x29,0x10, + 0x67,0x6c,0xba,0xc9,0xd3,0x00,0xe6,0xcf,0xe1,0x9e,0xa8,0x2c, + 0x63,0x16,0x01,0x3f,0x58,0xe2,0x89,0xa9,0x0d,0x38,0x34,0x1b, + 0xab,0x33,0xff,0xb0,0xbb,0x48,0x0c,0x5f,0xb9,0xb1,0xcd,0x2e, + 0xc5,0xf3,0xdb,0x47,0xe5,0xa5,0x9c,0x77,0x0a,0xa6,0x20,0x68, + 0xfe,0x7f,0xc1,0xad, + }; + +/* It has come to my attention that there are 2 versions of the RC2 + * key schedule. One which is normal, and anther which has a hook to + * use a reduced key length. + * BSAFE uses the 'retarded' version. What I previously shipped is + * the same as specifying 1024 for the 'bits' parameter. Bsafe uses + * a version where the bits parameter is the same as len*8 */ +void RC2_set_key(key,len,data,bits) +RC2_KEY *key; +int len; +unsigned char *data; +int bits; + { + int i,j; + unsigned char *k; + RC2_INT *ki; + unsigned int c,d; + + k= (unsigned char *)&(key->data[0]); + *k=0; /* for if there is a zero length key */ + + if (len > 128) len=128; + if (bits <= 0) bits=1024; + if (bits > 1024) bits=1024; + + for (i=0; i>3; + i=128-j; + c= (0xff>>(-bits & 0x07)); + + d=key_table[k[i]&c]; + k[i]=d; + while (i--) + { + d=key_table[k[i+j]^d]; + k[i]=d; + } + + /* copy from bytes into RC2_INT's */ + ki= &(key->data[63]); + for (i=127; i>=0; i-=2) + *(ki--)=((k[i]<<8)|k[i-1])&0xffff; + } + diff --git a/src/lib/libcrypto/rc2/rc2cfb64.c b/src/lib/libcrypto/rc2/rc2cfb64.c new file mode 100644 index 0000000000..d409fb77e9 --- /dev/null +++ b/src/lib/libcrypto/rc2/rc2cfb64.c @@ -0,0 +1,127 @@ +/* crypto/rc2/rc2cfb64.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include "rc2.h" +#include "rc2_locl.h" + +/* The input and output encrypted as though 64bit cfb mode is being + * used. The extra state information to record how much of the + * 64bit block we have used is contained in *num; + */ + +void RC2_cfb64_encrypt(in, out, length, schedule, ivec, num, encrypt) +unsigned char *in; +unsigned char *out; +long length; +RC2_KEY *schedule; +unsigned char *ivec; +int *num; +int encrypt; + { + register unsigned long v0,v1,t; + register int n= *num; + register long l=length; + unsigned long ti[2]; + unsigned char *iv,c,cc; + + iv=(unsigned char *)ivec; + if (encrypt) + { + while (l--) + { + if (n == 0) + { + c2l(iv,v0); ti[0]=v0; + c2l(iv,v1); ti[1]=v1; + RC2_encrypt((unsigned long *)ti,schedule); + iv=(unsigned char *)ivec; + t=ti[0]; l2c(t,iv); + t=ti[1]; l2c(t,iv); + iv=(unsigned char *)ivec; + } + c= *(in++)^iv[n]; + *(out++)=c; + iv[n]=c; + n=(n+1)&0x07; + } + } + else + { + while (l--) + { + if (n == 0) + { + c2l(iv,v0); ti[0]=v0; + c2l(iv,v1); ti[1]=v1; + RC2_encrypt((unsigned long *)ti,schedule); + iv=(unsigned char *)ivec; + t=ti[0]; l2c(t,iv); + t=ti[1]; l2c(t,iv); + iv=(unsigned char *)ivec; + } + cc= *(in++); + c=iv[n]; + iv[n]=cc; + *(out++)=c^cc; + n=(n+1)&0x07; + } + } + v0=v1=ti[0]=ti[1]=t=c=cc=0; + *num=n; + } + diff --git a/src/lib/libcrypto/rc2/rc2ofb64.c b/src/lib/libcrypto/rc2/rc2ofb64.c new file mode 100644 index 0000000000..4f09167447 --- /dev/null +++ b/src/lib/libcrypto/rc2/rc2ofb64.c @@ -0,0 +1,115 @@ +/* crypto/rc2/rc2ofb64.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include "rc2.h" +#include "rc2_locl.h" + +/* The input and output encrypted as though 64bit ofb mode is being + * used. The extra state information to record how much of the + * 64bit block we have used is contained in *num; + */ +void RC2_ofb64_encrypt(in, out, length, schedule, ivec, num) +unsigned char *in; +unsigned char *out; +long length; +RC2_KEY *schedule; +unsigned char *ivec; +int *num; + { + register unsigned long v0,v1,t; + register int n= *num; + register long l=length; + unsigned char d[8]; + register char *dp; + unsigned long ti[2]; + unsigned char *iv; + int save=0; + + iv=(unsigned char *)ivec; + c2l(iv,v0); + c2l(iv,v1); + ti[0]=v0; + ti[1]=v1; + dp=(char *)d; + l2c(v0,dp); + l2c(v1,dp); + while (l--) + { + if (n == 0) + { + RC2_encrypt((unsigned long *)ti,schedule); + dp=(char *)d; + t=ti[0]; l2c(t,dp); + t=ti[1]; l2c(t,dp); + save++; + } + *(out++)= *(in++)^d[n]; + n=(n+1)&0x07; + } + if (save) + { + v0=ti[0]; + v1=ti[1]; + iv=(unsigned char *)ivec; + l2c(v0,iv); + l2c(v1,iv); + } + t=v0=v1=ti[0]=ti[1]=0; + *num=n; + } + diff --git a/src/lib/libcrypto/rc2/rrc2.doc b/src/lib/libcrypto/rc2/rrc2.doc new file mode 100644 index 0000000000..f93ee003d2 --- /dev/null +++ b/src/lib/libcrypto/rc2/rrc2.doc @@ -0,0 +1,219 @@ +>From cygnus.mincom.oz.au!minbne.mincom.oz.au!bunyip.cc.uq.oz.au!munnari.OZ.AU!comp.vuw.ac.nz!waikato!auckland.ac.nz!news Mon Feb 12 18:48:17 EST 1996 +Article 23601 of sci.crypt: +Path: cygnus.mincom.oz.au!minbne.mincom.oz.au!bunyip.cc.uq.oz.au!munnari.OZ.AU!comp.vuw.ac.nz!waikato!auckland.ac.nz!news +>From: pgut01@cs.auckland.ac.nz (Peter Gutmann) +Newsgroups: sci.crypt +Subject: Specification for Ron Rivests Cipher No.2 +Date: 11 Feb 1996 06:45:03 GMT +Organization: University of Auckland +Lines: 203 +Sender: pgut01@cs.auckland.ac.nz (Peter Gutmann) +Message-ID: <4fk39f$f70@net.auckland.ac.nz> +NNTP-Posting-Host: cs26.cs.auckland.ac.nz +X-Newsreader: NN version 6.5.0 #3 (NOV) + + + + + Ron Rivest's Cipher No.2 + ------------------------ + +Ron Rivest's Cipher No.2 (hereafter referred to as RRC.2, other people may +refer to it by other names) is word oriented, operating on a block of 64 bits +divided into four 16-bit words, with a key table of 64 words. All data units +are little-endian. This functional description of the algorithm is based in +the paper "The RC5 Encryption Algorithm" (RC5 is a trademark of RSADSI), using +the same general layout, terminology, and pseudocode style. + + +Notation and RRC.2 Primitive Operations + +RRC.2 uses the following primitive operations: + +1. Two's-complement addition of words, denoted by "+". The inverse operation, + subtraction, is denoted by "-". +2. Bitwise exclusive OR, denoted by "^". +3. Bitwise AND, denoted by "&". +4. Bitwise NOT, denoted by "~". +5. A left-rotation of words; the rotation of word x left by y is denoted + x <<< y. The inverse operation, right-rotation, is denoted x >>> y. + +These operations are directly and efficiently supported by most processors. + + +The RRC.2 Algorithm + +RRC.2 consists of three components, a *key expansion* algorithm, an +*encryption* algorithm, and a *decryption* algorithm. + + +Key Expansion + +The purpose of the key-expansion routine is to expand the user's key K to fill +the expanded key array S, so S resembles an array of random binary words +determined by the user's secret key K. + +Initialising the S-box + +RRC.2 uses a single 256-byte S-box derived from the ciphertext contents of +Beale Cipher No.1 XOR'd with a one-time pad. The Beale Ciphers predate modern +cryptography by enough time that there should be no concerns about trapdoors +hidden in the data. They have been published widely, and the S-box can be +easily recreated from the one-time pad values and the Beale Cipher data taken +from a standard source. To initialise the S-box: + + for i = 0 to 255 do + sBox[ i ] = ( beale[ i ] mod 256 ) ^ pad[ i ] + +The contents of Beale Cipher No.1 and the necessary one-time pad are given as +an appendix at the end of this document. For efficiency, implementors may wish +to skip the Beale Cipher expansion and store the sBox table directly. + +Expanding the Secret Key to 128 Bytes + +The secret key is first expanded to fill 128 bytes (64 words). The expansion +consists of taking the sum of the first and last bytes in the user key, looking +up the sum (modulo 256) in the S-box, and appending the result to the key. The +operation is repeated with the second byte and new last byte of the key until +all 128 bytes have been generated. Note that the following pseudocode treats +the S array as an array of 128 bytes rather than 64 words. + + for j = 0 to length-1 do + S[ j ] = K[ j ] + for j = length to 127 do + s[ j ] = sBox[ ( S[ j-length ] + S[ j-1 ] ) mod 256 ]; + +At this point it is possible to perform a truncation of the effective key +length to ease the creation of espionage-enabled software products. However +since the author cannot conceive why anyone would want to do this, it will not +be considered further. + +The final phase of the key expansion involves replacing the first byte of S +with the entry selected from the S-box: + + S[ 0 ] = sBox[ S[ 0 ] ] + + +Encryption + +The cipher has 16 full rounds, each divided into 4 subrounds. Two of the full +rounds perform an additional transformation on the data. Note that the +following pseudocode treats the S array as an array of 64 words rather than 128 +bytes. + + for i = 0 to 15 do + j = i * 4; + word0 = ( word0 + ( word1 & ~word3 ) + ( word2 & word3 ) + S[ j+0 ] ) <<< 1 + word1 = ( word1 + ( word2 & ~word0 ) + ( word3 & word0 ) + S[ j+1 ] ) <<< 2 + word2 = ( word2 + ( word3 & ~word1 ) + ( word0 & word1 ) + S[ j+2 ] ) <<< 3 + word3 = ( word3 + ( word0 & ~word2 ) + ( word1 & word2 ) + S[ j+3 ] ) <<< 5 + +In addition the fifth and eleventh rounds add the contents of the S-box indexed +by one of the data words to another of the data words following the four +subrounds as follows: + + word0 = word0 + S[ word3 & 63 ]; + word1 = word1 + S[ word0 & 63 ]; + word2 = word2 + S[ word1 & 63 ]; + word3 = word3 + S[ word2 & 63 ]; + + +Decryption + +The decryption operation is simply the inverse of the encryption operation. +Note that the following pseudocode treats the S array as an array of 64 words +rather than 128 bytes. + + for i = 15 downto 0 do + j = i * 4; + word3 = ( word3 >>> 5 ) - ( word0 & ~word2 ) - ( word1 & word2 ) - S[ j+3 ] + word2 = ( word2 >>> 3 ) - ( word3 & ~word1 ) - ( word0 & word1 ) - S[ j+2 ] + word1 = ( word1 >>> 2 ) - ( word2 & ~word0 ) - ( word3 & word0 ) - S[ j+1 ] + word0 = ( word0 >>> 1 ) - ( word1 & ~word3 ) - ( word2 & word3 ) - S[ j+0 ] + +In addition the fifth and eleventh rounds subtract the contents of the S-box +indexed by one of the data words from another one of the data words following +the four subrounds as follows: + + word3 = word3 - S[ word2 & 63 ] + word2 = word2 - S[ word1 & 63 ] + word1 = word1 - S[ word0 & 63 ] + word0 = word0 - S[ word3 & 63 ] + + +Test Vectors + +The following test vectors may be used to test the correctness of an RRC.2 +implementation: + + Key: 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 + Plain: 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 + Cipher: 0x1C, 0x19, 0x8A, 0x83, 0x8D, 0xF0, 0x28, 0xB7 + + Key: 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01 + Plain: 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 + Cipher: 0x21, 0x82, 0x9C, 0x78, 0xA9, 0xF9, 0xC0, 0x74 + + Key: 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 + Plain: 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF + Cipher: 0x13, 0xDB, 0x35, 0x17, 0xD3, 0x21, 0x86, 0x9E + + Key: 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, + 0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F + Plain: 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 + Cipher: 0x50, 0xDC, 0x01, 0x62, 0xBD, 0x75, 0x7F, 0x31 + + +Appendix: Beale Cipher No.1, "The Locality of the Vault", and One-time Pad for + Creating the S-Box + +Beale Cipher No.1. + + 71, 194, 38,1701, 89, 76, 11, 83,1629, 48, 94, 63, 132, 16, 111, 95, + 84, 341, 975, 14, 40, 64, 27, 81, 139, 213, 63, 90,1120, 8, 15, 3, + 126,2018, 40, 74, 758, 485, 604, 230, 436, 664, 582, 150, 251, 284, 308, 231, + 124, 211, 486, 225, 401, 370, 11, 101, 305, 139, 189, 17, 33, 88, 208, 193, + 145, 1, 94, 73, 416, 918, 263, 28, 500, 538, 356, 117, 136, 219, 27, 176, + 130, 10, 460, 25, 485, 18, 436, 65, 84, 200, 283, 118, 320, 138, 36, 416, + 280, 15, 71, 224, 961, 44, 16, 401, 39, 88, 61, 304, 12, 21, 24, 283, + 134, 92, 63, 246, 486, 682, 7, 219, 184, 360, 780, 18, 64, 463, 474, 131, + 160, 79, 73, 440, 95, 18, 64, 581, 34, 69, 128, 367, 460, 17, 81, 12, + 103, 820, 62, 110, 97, 103, 862, 70, 60,1317, 471, 540, 208, 121, 890, 346, + 36, 150, 59, 568, 614, 13, 120, 63, 219, 812,2160,1780, 99, 35, 18, 21, + 136, 872, 15, 28, 170, 88, 4, 30, 44, 112, 18, 147, 436, 195, 320, 37, + 122, 113, 6, 140, 8, 120, 305, 42, 58, 461, 44, 106, 301, 13, 408, 680, + 93, 86, 116, 530, 82, 568, 9, 102, 38, 416, 89, 71, 216, 728, 965, 818, + 2, 38, 121, 195, 14, 326, 148, 234, 18, 55, 131, 234, 361, 824, 5, 81, + 623, 48, 961, 19, 26, 33, 10,1101, 365, 92, 88, 181, 275, 346, 201, 206 + +One-time Pad. + + 158, 186, 223, 97, 64, 145, 190, 190, 117, 217, 163, 70, 206, 176, 183, 194, + 146, 43, 248, 141, 3, 54, 72, 223, 233, 153, 91, 210, 36, 131, 244, 161, + 105, 120, 113, 191, 113, 86, 19, 245, 213, 221, 43, 27, 242, 157, 73, 213, + 193, 92, 166, 10, 23, 197, 112, 110, 193, 30, 156, 51, 125, 51, 158, 67, + 197, 215, 59, 218, 110, 246, 181, 0, 135, 76, 164, 97, 47, 87, 234, 108, + 144, 127, 6, 6, 222, 172, 80, 144, 22, 245, 207, 70, 227, 182, 146, 134, + 119, 176, 73, 58, 135, 69, 23, 198, 0, 170, 32, 171, 176, 129, 91, 24, + 126, 77, 248, 0, 118, 69, 57, 60, 190, 171, 217, 61, 136, 169, 196, 84, + 168, 167, 163, 102, 223, 64, 174, 178, 166, 239, 242, 195, 249, 92, 59, 38, + 241, 46, 236, 31, 59, 114, 23, 50, 119, 186, 7, 66, 212, 97, 222, 182, + 230, 118, 122, 86, 105, 92, 179, 243, 255, 189, 223, 164, 194, 215, 98, 44, + 17, 20, 53, 153, 137, 224, 176, 100, 208, 114, 36, 200, 145, 150, 215, 20, + 87, 44, 252, 20, 235, 242, 163, 132, 63, 18, 5, 122, 74, 97, 34, 97, + 142, 86, 146, 221, 179, 166, 161, 74, 69, 182, 88, 120, 128, 58, 76, 155, + 15, 30, 77, 216, 165, 117, 107, 90, 169, 127, 143, 181, 208, 137, 200, 127, + 170, 195, 26, 84, 255, 132, 150, 58, 103, 250, 120, 221, 237, 37, 8, 99 + + +Implementation + +A non-US based programmer who has never seen any encryption code before will +shortly be implementing RRC.2 based solely on this specification and not on +knowledge of any other encryption algorithms. Stand by. + + + diff --git a/src/lib/libcrypto/rc2/version b/src/lib/libcrypto/rc2/version new file mode 100644 index 0000000000..6f89d595f1 --- /dev/null +++ b/src/lib/libcrypto/rc2/version @@ -0,0 +1,22 @@ +1.1 23/08/96 - eay + Changed RC2_set_key() so it now takes another argument. Many + thanks to Peter Gutmann for the + clarification and origional specification of RC2. BSAFE uses + this last parameter, 'bits'. It the key is 128 bits, BSAFE + also sets this parameter to 128. The old behaviour can be + duplicated by setting this parameter to 1024. + +1.0 08/04/96 - eay + First version of SSLeay with rc2. This has been written from the spec + posted sci.crypt. It is in this directory under rrc2.doc + I have no test values for any mode other than ecb, my wrappers for the + other modes should be ok since they are basically the same as + the ones taken from idea and des :-). I have implemented them as + little-endian operators. + While rc2 is included because it is used with SSL, I don't know how + far I trust it. It is about the same speed as IDEA and DES. + So if you are paranoid, used Tripple DES, else IDEA. If RC2 + does get used more, perhaps more people will look for weaknesses in + it. + + diff --git a/src/lib/libcrypto/rc4/asm/rc4-586.pl b/src/lib/libcrypto/rc4/asm/rc4-586.pl new file mode 100644 index 0000000000..0dd8eb1ba9 --- /dev/null +++ b/src/lib/libcrypto/rc4/asm/rc4-586.pl @@ -0,0 +1,173 @@ +#!/usr/bin/perl + +# define for pentium pro friendly version + +push(@INC,"perlasm","../../perlasm"); +require "x86asm.pl"; + +&asm_init($ARGV[0],"rc4-586.pl"); + +$tx="eax"; +$ty="ebx"; +$x="ecx"; +$y="edx"; +$in="esi"; +$out="edi"; +$d="ebp"; + +&RC4("RC4"); + +&asm_finish(); + +sub RC4_loop + { + local($n,$p,$char)=@_; + + &comment("Round $n"); + + if ($char) + { + if ($p >= 0) + { + &mov($ty, &swtmp(2)); + &cmp($ty, $in); + &jle(&label("finished")); + &inc($in); + } + else + { + &add($ty, 8); + &inc($in); + &cmp($ty, $in); + &jl(&label("finished")); + &mov(&swtmp(2), $ty); + } + } + # Moved out + # &mov( $tx, &DWP(0,$d,$x,4)) if $p < 0; + + &add( $y, $tx); + &and( $y, 0xff); + &inc( $x); # NEXT ROUND + &mov( $ty, &DWP(0,$d,$y,4)); + # XXX + &mov( &DWP(-4,$d,$x,4),$ty); # AGI + &add( $ty, $tx); + &and( $x, 0xff); # NEXT ROUND + &and( $ty, 0xff); + &mov( &DWP(0,$d,$y,4),$tx); + &nop(); + &mov( $ty, &DWP(0,$d,$ty,4)); + &mov( $tx, &DWP(0,$d,$x,4)) if $p < 1; # NEXT ROUND + # XXX + + if (!$char) + { + #moved up into last round + if ($p >= 1) + { + &add( $out, 8) + } + &movb( &BP($n,"esp","",0), &LB($ty)); + } + else + { + # Note in+=8 has occured + &movb( &HB($ty), &BP(-1,$in,"",0)); + # XXX + &xorb(&LB($ty), &HB($ty)); + # XXX + &movb(&BP($n,$out,"",0),&LB($ty)); + } + } + + +sub RC4 + { + local($name)=@_; + + &function_begin_B($name,""); + + &comment(""); + + &push("ebp"); + &push("ebx"); + &mov( $d, &wparam(0)); # key + &mov( $ty, &wparam(1)); # num + &push("esi"); + &push("edi"); + + &mov( $x, &DWP(0,$d,"",1)); + &mov( $y, &DWP(4,$d,"",1)); + + &mov( $in, &wparam(2)); + &inc( $x); + + &stack_push(3); # 3 temp variables + &add( $d, 8); + &and( $x, 0xff); + + &lea( $ty, &DWP(-8,$ty,$in)); + + # check for 0 length input + + &mov( $out, &wparam(3)); + &mov( &swtmp(2), $ty); # this is now address to exit at + &mov( $tx, &DWP(0,$d,$x,4)); + + &cmp( $ty, $in); + &jl( &label("end")); # less than 8 bytes + + &set_label("start"); + + # filling DELAY SLOT + &add( $in, 8); + + &RC4_loop(0,-1,0); + &RC4_loop(1,0,0); + &RC4_loop(2,0,0); + &RC4_loop(3,0,0); + &RC4_loop(4,0,0); + &RC4_loop(5,0,0); + &RC4_loop(6,0,0); + &RC4_loop(7,1,0); + + &comment("apply the cipher text"); + # xor the cipher data with input + + #&add( $out, 8); #moved up into last round + + &mov( $tx, &swtmp(0)); + &mov( $ty, &DWP(-8,$in,"",0)); + &xor( $tx, $ty); + &mov( $ty, &DWP(-4,$in,"",0)); + &mov( &DWP(-8,$out,"",0), $tx); + &mov( $tx, &swtmp(1)); + &xor( $tx, $ty); + &mov( $ty, &swtmp(2)); # load end ptr; + &mov( &DWP(-4,$out,"",0), $tx); + &mov( $tx, &DWP(0,$d,$x,4)); + &cmp($in, $ty); + &jle(&label("start")); + + &set_label("end"); + + # There is quite a bit of extra crap in RC4_loop() for this + # first round + &RC4_loop(0,-1,1); + &RC4_loop(1,0,1); + &RC4_loop(2,0,1); + &RC4_loop(3,0,1); + &RC4_loop(4,0,1); + &RC4_loop(5,0,1); + &RC4_loop(6,1,1); + + &set_label("finished"); + &dec( $x); + &stack_pop(3); + &mov( &DWP(-4,$d,"",0),$y); + &movb( &BP(-8,$d,"",0),&LB($x)); + + &function_end($name); + } + diff --git a/src/lib/libcrypto/rc4/rc4_enc.c b/src/lib/libcrypto/rc4/rc4_enc.c new file mode 100644 index 0000000000..ab8a111b52 --- /dev/null +++ b/src/lib/libcrypto/rc4/rc4_enc.c @@ -0,0 +1,135 @@ +/* crypto/rc4/rc4_enc.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include "rc4.h" +#include "rc4_locl.h" + +/* RC4 as implemented from a posting from + * Newsgroups: sci.crypt + * From: sterndark@netcom.com (David Sterndark) + * Subject: RC4 Algorithm revealed. + * Message-ID: + * Date: Wed, 14 Sep 1994 06:35:31 GMT + */ + +void RC4(key, len, indata, outdata) +RC4_KEY *key; +unsigned long len; +unsigned char *indata; +unsigned char *outdata; + { + register RC4_INT *d; + register RC4_INT x,y,tx,ty; + int i; + + x=key->x; + y=key->y; + d=key->data; + +#define LOOP(in,out) \ + x=((x+1)&0xff); \ + tx=d[x]; \ + y=(tx+y)&0xff; \ + d[x]=ty=d[y]; \ + d[y]=tx; \ + (out) = d[(tx+ty)&0xff]^ (in); + +#ifndef RC4_INDEX +#define RC4_LOOP(a,b,i) LOOP(*((a)++),*((b)++)) +#else +#define RC4_LOOP(a,b,i) LOOP(a[i],b[i]) +#endif + + i= -(int)len; + i=(int)(len>>3L); + if (i) + { + for (;;) + { + RC4_LOOP(indata,outdata,0); + RC4_LOOP(indata,outdata,1); + RC4_LOOP(indata,outdata,2); + RC4_LOOP(indata,outdata,3); + RC4_LOOP(indata,outdata,4); + RC4_LOOP(indata,outdata,5); + RC4_LOOP(indata,outdata,6); + RC4_LOOP(indata,outdata,7); +#ifdef RC4_INDEX + indata+=8; + outdata+=8; +#endif + if (--i == 0) break; + } + } + i=(int)len&0x07; + if (i) + { + for (;;) + { + RC4_LOOP(indata,outdata,0); if (--i == 0) break; + RC4_LOOP(indata,outdata,1); if (--i == 0) break; + RC4_LOOP(indata,outdata,2); if (--i == 0) break; + RC4_LOOP(indata,outdata,3); if (--i == 0) break; + RC4_LOOP(indata,outdata,4); if (--i == 0) break; + RC4_LOOP(indata,outdata,5); if (--i == 0) break; + RC4_LOOP(indata,outdata,6); if (--i == 0) break; + } + } + key->x=x; + key->y=y; + } diff --git a/src/lib/libcrypto/rc4/rc4_skey.c b/src/lib/libcrypto/rc4/rc4_skey.c new file mode 100644 index 0000000000..0be5fde67b --- /dev/null +++ b/src/lib/libcrypto/rc4/rc4_skey.c @@ -0,0 +1,119 @@ +/* crypto/rc4/rc4_skey.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include "rc4.h" +#include "rc4_locl.h" + +char *RC4_version="RC4 part of SSLeay 0.9.0b 29-Jun-1998"; + +char *RC4_options() + { +#ifdef RC4_INDEX + if (sizeof(RC4_INT) == 1) + return("rc4(idx,char)"); + else + return("rc4(idx,int)"); +#else + if (sizeof(RC4_INT) == 1) + return("rc4(ptr,char)"); + else + return("rc4(ptr,int)"); +#endif + } + +/* RC4 as implemented from a posting from + * Newsgroups: sci.crypt + * From: sterndark@netcom.com (David Sterndark) + * Subject: RC4 Algorithm revealed. + * Message-ID: + * Date: Wed, 14 Sep 1994 06:35:31 GMT + */ + +void RC4_set_key(key, len, data) +RC4_KEY *key; +int len; +register unsigned char *data; + { + register RC4_INT tmp; + register int id1,id2; + register RC4_INT *d; + unsigned int i; + + d= &(key->data[0]); + for (i=0; i<256; i++) + d[i]=i; + key->x = 0; + key->y = 0; + id1=id2=0; + +#define SK_LOOP(n) { \ + tmp=d[(n)]; \ + id2 = (data[id1] + tmp + id2) & 0xff; \ + if (++id1 == len) id1=0; \ + d[(n)]=d[id2]; \ + d[id2]=tmp; } + + for (i=0; i < 256; i+=4) + { + SK_LOOP(i+0); + SK_LOOP(i+1); + SK_LOOP(i+2); + SK_LOOP(i+3); + } + } + diff --git a/src/lib/libcrypto/ripemd/README b/src/lib/libcrypto/ripemd/README new file mode 100644 index 0000000000..7097707264 --- /dev/null +++ b/src/lib/libcrypto/ripemd/README @@ -0,0 +1,15 @@ +RIPEMD-160 +http://www.esat.kuleuven.ac.be/~bosselae/ripemd160.html + +This is my implementation of RIPEMD-160. The pentium assember is a little +off the pace since I only get 1050 cycles, while the best is 1013. +I have a few ideas for how to get another 20 or so cycles, but at +this point I will not bother right now. I belive the trick will be +to remove my 'copy X array onto stack' until inside the RIP1() finctions the +first time round. To do this I need another register and will only have one +temporary one. A bit tricky.... I can also cleanup the saving of the 5 words +after the first half of the calculation. I should read the origional +value, add then write. Currently I just save the new and read the origioal. +I then read both at the end. Bad. + +eric (20-Jan-1998) diff --git a/src/lib/libcrypto/ripemd/asm/rmd-586.pl b/src/lib/libcrypto/ripemd/asm/rmd-586.pl new file mode 100644 index 0000000000..dc3f6c792e --- /dev/null +++ b/src/lib/libcrypto/ripemd/asm/rmd-586.pl @@ -0,0 +1,582 @@ +#!/usr/bin/perl + +# Normal is the +# ripemd160_block_x86(MD5_CTX *c, ULONG *X); +# version, non-normal is the +# ripemd160_block_x86(MD5_CTX *c, ULONG *X,int blocks); + +$normal=0; + +push(@INC,"perlasm","../../perlasm"); +require "x86asm.pl"; + +&asm_init($ARGV[0],$0); + +$A="eax"; +$B="ebx"; +$C="ecx"; +$D="edx"; +$E="ebp"; +$tmp1="esi"; +$tmp2="edi"; + +$KL1=0x5A827999; +$KL2=0x6ED9EBA1; +$KL3=0x8F1BBCDC; +$KL4=0xA953FD4E; +$KR0=0x50A28BE6; +$KR1=0x5C4DD124; +$KR2=0x6D703EF3; +$KR3=0x7A6D76E9; + + +@wl=( 0, 1, 2, 3, 4, 5, 6, 7, 8, 9,10,11,12,13,14,15, + 7, 4,13, 1,10, 6,15, 3,12, 0, 9, 5, 2,14,11, 8, + 3,10,14, 4, 9,15, 8, 1, 2, 7, 0, 6,13,11, 5,12, + 1, 9,11,10, 0, 8,12, 4,13, 3, 7,15,14, 5, 6, 2, + 4, 0, 5, 9, 7,12, 2,10,14, 1, 3, 8,11, 6,15,13, + ); + +@wr=( 5,14, 7, 0, 9, 2,11, 4,13, 6,15, 8, 1,10, 3,12, + 6,11, 3, 7, 0,13, 5,10,14,15, 8,12, 4, 9, 1, 2, + 15, 5, 1, 3, 7,14, 6, 9,11, 8,12, 2,10, 0, 4,13, + 8, 6, 4, 1, 3,11,15, 0, 5,12, 2,13, 9, 7,10,14, + 12,15,10, 4, 1, 5, 8, 7, 6, 2,13,14, 0, 3, 9,11, + ); + +@sl=( 11,14,15,12, 5, 8, 7, 9,11,13,14,15, 6, 7, 9, 8, + 7, 6, 8,13,11, 9, 7,15, 7,12,15, 9,11, 7,13,12, + 11,13, 6, 7,14, 9,13,15,14, 8,13, 6, 5,12, 7, 5, + 11,12,14,15,14,15, 9, 8, 9,14, 5, 6, 8, 6, 5,12, + 9,15, 5,11, 6, 8,13,12, 5,12,13,14,11, 8, 5, 6, + ); + +@sr=( 8, 9, 9,11,13,15,15, 5, 7, 7, 8,11,14,14,12, 6, + 9,13,15, 7,12, 8, 9,11, 7, 7,12, 7, 6,15,13,11, + 9, 7,15,11, 8, 6, 6,14,12,13, 5,14,13,13, 7, 5, + 15, 5, 8,11,14,14, 6,14, 6, 9,12, 9,12, 5,15, 8, + 8, 5,12, 9,12, 5,14, 6, 8,13, 6, 5,15,13,11,11, + ); + +&ripemd160_block("ripemd160_block_x86"); +&asm_finish(); + +sub Xv + { + local($n)=@_; + return(&swtmp($n+1)); + # tmp on stack + } + +sub Np + { + local($p)=@_; + local(%n)=($A,$E,$B,$A,$C,$B,$D,$C,$E,$D); + return($n{$p}); + } + +sub RIP1 + { + local($a,$b,$c,$d,$e,$pos,$s,$o,$pos2)=@_; + + &comment($p++); + if ($p & 1) + { + &mov($tmp1, $c) if $o == -1; + &xor($tmp1, $d) if $o == -1; + &mov($tmp2, &Xv($pos)); + &xor($tmp1, $b); + &add($a, $tmp2); + &rotl($c, 10); + &add($a, $tmp1); + &mov($tmp1, &Np($c)); # NEXT + # XXX + &rotl($a, $s); + &add($a, $e); + } + else + { + &xor($tmp1, $d); + &mov($tmp2, &Xv($pos)); + &xor($tmp1, $b); + &add($a, $tmp1); + &mov($tmp1, &Np($c)) if $o <= 0; + &mov($tmp1, -1) if $o == 1; + # XXX if $o == 2; + &rotl($c, 10); + &add($a, $tmp2); + &xor($tmp1, &Np($d)) if $o <= 0; + &mov($tmp2, &Xv($pos2)) if $o == 1; + &mov($tmp2, &wparam(0)) if $o == 2; + &rotl($a, $s); + &add($a, $e); + } + } + +sub RIP2 + { + local($a,$b,$c,$d,$e,$pos,$pos2,$s,$K,$o)=@_; + +# XXXXXX + &comment($p++); + if ($p & 1) + { +# &mov($tmp2, &Xv($pos)) if $o < -1; +# &mov($tmp1, -1) if $o < -1; + + &add($a, $tmp2); + &mov($tmp2, $c); + &sub($tmp1, $b); + &and($tmp2, $b); + &and($tmp1, $d); + &or($tmp2, $tmp1); + &mov($tmp1, &Xv($pos2)) if $o <= 0; # XXXXXXXXXXXXXX + # XXX + &rotl($c, 10); + &lea($a, &DWP($K,$a,$tmp2,1)); + &mov($tmp2, -1) if $o <= 0; + # XXX + &rotl($a, $s); + &add($a, $e); + } + else + { + # XXX + &add($a, $tmp1); + &mov($tmp1, $c); + &sub($tmp2, $b); + &and($tmp1, $b); + &and($tmp2, $d); + if ($o != 2) + { + &or($tmp1, $tmp2); + &mov($tmp2, &Xv($pos2)) if $o <= 0; + &mov($tmp2, -1) if $o == 1; + &rotl($c, 10); + &lea($a, &DWP($K,$a,$tmp1,1)); + &mov($tmp1, -1) if $o <= 0; + &sub($tmp2, &Np($c)) if $o == 1; + } else { + &or($tmp2, $tmp1); + &mov($tmp1, &Np($c)); + &rotl($c, 10); + &lea($a, &DWP($K,$a,$tmp2,1)); + &xor($tmp1, &Np($d)); + } + &rotl($a, $s); + &add($a, $e); + } + } + +sub RIP3 + { + local($a,$b,$c,$d,$e,$pos,$s,$K,$o,$pos2)=@_; + + &comment($p++); + if ($p & 1) + { +# &mov($tmp2, -1) if $o < -1; +# &sub($tmp2, $c) if $o < -1; + &mov($tmp1, &Xv($pos)); + &or($tmp2, $b); + &add($a, $tmp1); + &xor($tmp2, $d); + &mov($tmp1, -1) if $o <= 0; # NEXT + # XXX + &rotl($c, 10); + &lea($a, &DWP($K,$a,$tmp2,1)); + &sub($tmp1, &Np($c)) if $o <= 0; # NEXT + # XXX + &rotl($a, $s); + &add($a, $e); + } + else + { + &mov($tmp2, &Xv($pos)); + &or($tmp1, $b); + &add($a, $tmp2); + &xor($tmp1, $d); + &mov($tmp2, -1) if $o <= 0; # NEXT + &mov($tmp2, -1) if $o == 1; + &mov($tmp2, &Xv($pos2)) if $o == 2; + &rotl($c, 10); + &lea($a, &DWP($K,$a,$tmp1,1)); + &sub($tmp2, &Np($c)) if $o <= 0; # NEXT + &mov($tmp1, &Np($d)) if $o == 1; + &mov($tmp1, -1) if $o == 2; + &rotl($a, $s); + &add($a, $e); + } + } + +sub RIP4 + { + local($a,$b,$c,$d,$e,$pos,$s,$K,$o)=@_; + + &comment($p++); + if ($p & 1) + { +# &mov($tmp2, -1) if $o == -2; +# &mov($tmp1, $d) if $o == -2; + &sub($tmp2, $d); + &and($tmp1, $b); + &and($tmp2, $c); + &or($tmp2, $tmp1); + &mov($tmp1, &Xv($pos)); + &rotl($c, 10); + &lea($a, &DWP($K,$a,$tmp2)); + &mov($tmp2, -1) unless $o > 0; # NEXT + # XXX + &add($a, $tmp1); + &mov($tmp1, &Np($d)) unless $o > 0; # NEXT + # XXX + &rotl($a, $s); + &add($a, $e); + } + else + { + &sub($tmp2, $d); + &and($tmp1, $b); + &and($tmp2, $c); + &or($tmp2, $tmp1); + &mov($tmp1, &Xv($pos)); + &rotl($c, 10); + &lea($a, &DWP($K,$a,$tmp2)); + &mov($tmp2, -1) if $o == 0; # NEXT + &mov($tmp2, -1) if $o == 1; + &mov($tmp2, -1) if $o == 2; + # XXX + &add($a, $tmp1); + &mov($tmp1, &Np($d)) if $o == 0; # NEXT + &sub($tmp2, &Np($d)) if $o == 1; + &sub($tmp2, &Np($c)) if $o == 2; + # XXX + &rotl($a, $s); + &add($a, $e); + } + } + +sub RIP5 + { + local($a,$b,$c,$d,$e,$pos,$s,$K,$o)=@_; + + &comment($p++); + if ($p & 1) + { + &mov($tmp2, -1) if $o == -2; + &sub($tmp2, $d) if $o == -2; + &mov($tmp1, &Xv($pos)); + &or($tmp2, $c); + &add($a, $tmp1); + &xor($tmp2, $b); + &mov($tmp1, -1) if $o <= 0; + # XXX + &rotl($c, 10); + &lea($a, &DWP($K,$a,$tmp2,1)); + &sub($tmp1, &Np($d)) if $o <= 0; + # XXX + &rotl($a, $s); + &add($a, $e); + } + else + { + &mov($tmp2, &Xv($pos)); + &or($tmp1, $c); + &add($a, $tmp2); + &xor($tmp1, $b); + &mov($tmp2, -1) if $o <= 0; + &mov($tmp2, &wparam(0)) if $o == 1; # Middle code + &mov($tmp2, -1) if $o == 2; + &rotl($c, 10); + &lea($a, &DWP($K,$a,$tmp1,1)); + &sub($tmp2, &Np($d)) if $o <= 0; + &mov(&swtmp(1+16), $A) if $o == 1; + &mov($tmp1, &Np($d)) if $o == 2; + &rotl($a, $s); + &add($a, $e); + } + } + +sub ripemd160_block + { + local($name)=@_; + + &function_begin_B($name,"",3); + + # parameter 1 is the RIPEMD160_CTX structure. + # A 0 + # B 4 + # C 8 + # D 12 + # E 16 + + &push("esi"); + &mov($C, &wparam(2)); + &push("edi"); + &mov($tmp1, &wparam(1)); # edi + &push("ebp"); + &add($C, $tmp1); # offset we end at + &push("ebx"); + &sub($C, 64); + &stack_push(16+5+1); + # XXX + + &mov(&swtmp(0), $C); + &mov($tmp2, &wparam(0)); # Done at end of loop + + &set_label("start") unless $normal; + &comment(""); + + # &mov($tmp1, &wparam(1)); # Done at end of loop + # &mov($tmp2, &wparam(0)); # Done at end of loop + + for ($z=0; $z<16; $z+=2) + { + &mov($A, &DWP( $z*4,$tmp1,"",0)); + &mov($B, &DWP( ($z+1)*4,$tmp1,"",0)); + &mov(&swtmp(1+$z), $A); + &mov(&swtmp(1+$z+1), $B); + } + &add($tmp1, 64); + &mov($A, &DWP( 0,$tmp2,"",0)); + &mov(&wparam(1),$tmp1); + &mov($B, &DWP( 4,$tmp2,"",0)); + &mov($C, &DWP( 8,$tmp2,"",0)); + &mov($D, &DWP(12,$tmp2,"",0)); + &mov($E, &DWP(16,$tmp2,"",0)); + + &RIP1($A,$B,$C,$D,$E,$wl[ 0],$sl[ 0],-1); + &RIP1($E,$A,$B,$C,$D,$wl[ 1],$sl[ 1],0); + &RIP1($D,$E,$A,$B,$C,$wl[ 2],$sl[ 2],0); + &RIP1($C,$D,$E,$A,$B,$wl[ 3],$sl[ 3],0); + &RIP1($B,$C,$D,$E,$A,$wl[ 4],$sl[ 4],0); + &RIP1($A,$B,$C,$D,$E,$wl[ 5],$sl[ 5],0); + &RIP1($E,$A,$B,$C,$D,$wl[ 6],$sl[ 6],0); + &RIP1($D,$E,$A,$B,$C,$wl[ 7],$sl[ 7],0); + &RIP1($C,$D,$E,$A,$B,$wl[ 8],$sl[ 8],0); + &RIP1($B,$C,$D,$E,$A,$wl[ 9],$sl[ 9],0); + &RIP1($A,$B,$C,$D,$E,$wl[10],$sl[10],0); + &RIP1($E,$A,$B,$C,$D,$wl[11],$sl[11],0); + &RIP1($D,$E,$A,$B,$C,$wl[12],$sl[12],0); + &RIP1($C,$D,$E,$A,$B,$wl[13],$sl[13],0); + &RIP1($B,$C,$D,$E,$A,$wl[14],$sl[14],0); + &RIP1($A,$B,$C,$D,$E,$wl[15],$sl[15],1,$wl[16]); + + &RIP2($E,$A,$B,$C,$D,$wl[16],$wl[17],$sl[16],$KL1,-1); + &RIP2($D,$E,$A,$B,$C,$wl[17],$wl[18],$sl[17],$KL1,0); + &RIP2($C,$D,$E,$A,$B,$wl[18],$wl[19],$sl[18],$KL1,0); + &RIP2($B,$C,$D,$E,$A,$wl[19],$wl[20],$sl[19],$KL1,0); + &RIP2($A,$B,$C,$D,$E,$wl[20],$wl[21],$sl[20],$KL1,0); + &RIP2($E,$A,$B,$C,$D,$wl[21],$wl[22],$sl[21],$KL1,0); + &RIP2($D,$E,$A,$B,$C,$wl[22],$wl[23],$sl[22],$KL1,0); + &RIP2($C,$D,$E,$A,$B,$wl[23],$wl[24],$sl[23],$KL1,0); + &RIP2($B,$C,$D,$E,$A,$wl[24],$wl[25],$sl[24],$KL1,0); + &RIP2($A,$B,$C,$D,$E,$wl[25],$wl[26],$sl[25],$KL1,0); + &RIP2($E,$A,$B,$C,$D,$wl[26],$wl[27],$sl[26],$KL1,0); + &RIP2($D,$E,$A,$B,$C,$wl[27],$wl[28],$sl[27],$KL1,0); + &RIP2($C,$D,$E,$A,$B,$wl[28],$wl[29],$sl[28],$KL1,0); + &RIP2($B,$C,$D,$E,$A,$wl[29],$wl[30],$sl[29],$KL1,0); + &RIP2($A,$B,$C,$D,$E,$wl[30],$wl[31],$sl[30],$KL1,0); + &RIP2($E,$A,$B,$C,$D,$wl[31],$wl[32],$sl[31],$KL1,1); + + &RIP3($D,$E,$A,$B,$C,$wl[32],$sl[32],$KL2,-1); + &RIP3($C,$D,$E,$A,$B,$wl[33],$sl[33],$KL2,0); + &RIP3($B,$C,$D,$E,$A,$wl[34],$sl[34],$KL2,0); + &RIP3($A,$B,$C,$D,$E,$wl[35],$sl[35],$KL2,0); + &RIP3($E,$A,$B,$C,$D,$wl[36],$sl[36],$KL2,0); + &RIP3($D,$E,$A,$B,$C,$wl[37],$sl[37],$KL2,0); + &RIP3($C,$D,$E,$A,$B,$wl[38],$sl[38],$KL2,0); + &RIP3($B,$C,$D,$E,$A,$wl[39],$sl[39],$KL2,0); + &RIP3($A,$B,$C,$D,$E,$wl[40],$sl[40],$KL2,0); + &RIP3($E,$A,$B,$C,$D,$wl[41],$sl[41],$KL2,0); + &RIP3($D,$E,$A,$B,$C,$wl[42],$sl[42],$KL2,0); + &RIP3($C,$D,$E,$A,$B,$wl[43],$sl[43],$KL2,0); + &RIP3($B,$C,$D,$E,$A,$wl[44],$sl[44],$KL2,0); + &RIP3($A,$B,$C,$D,$E,$wl[45],$sl[45],$KL2,0); + &RIP3($E,$A,$B,$C,$D,$wl[46],$sl[46],$KL2,0); + &RIP3($D,$E,$A,$B,$C,$wl[47],$sl[47],$KL2,1); + + &RIP4($C,$D,$E,$A,$B,$wl[48],$sl[48],$KL3,-1); + &RIP4($B,$C,$D,$E,$A,$wl[49],$sl[49],$KL3,0); + &RIP4($A,$B,$C,$D,$E,$wl[50],$sl[50],$KL3,0); + &RIP4($E,$A,$B,$C,$D,$wl[51],$sl[51],$KL3,0); + &RIP4($D,$E,$A,$B,$C,$wl[52],$sl[52],$KL3,0); + &RIP4($C,$D,$E,$A,$B,$wl[53],$sl[53],$KL3,0); + &RIP4($B,$C,$D,$E,$A,$wl[54],$sl[54],$KL3,0); + &RIP4($A,$B,$C,$D,$E,$wl[55],$sl[55],$KL3,0); + &RIP4($E,$A,$B,$C,$D,$wl[56],$sl[56],$KL3,0); + &RIP4($D,$E,$A,$B,$C,$wl[57],$sl[57],$KL3,0); + &RIP4($C,$D,$E,$A,$B,$wl[58],$sl[58],$KL3,0); + &RIP4($B,$C,$D,$E,$A,$wl[59],$sl[59],$KL3,0); + &RIP4($A,$B,$C,$D,$E,$wl[60],$sl[60],$KL3,0); + &RIP4($E,$A,$B,$C,$D,$wl[61],$sl[61],$KL3,0); + &RIP4($D,$E,$A,$B,$C,$wl[62],$sl[62],$KL3,0); + &RIP4($C,$D,$E,$A,$B,$wl[63],$sl[63],$KL3,1); + + &RIP5($B,$C,$D,$E,$A,$wl[64],$sl[64],$KL4,-1); + &RIP5($A,$B,$C,$D,$E,$wl[65],$sl[65],$KL4,0); + &RIP5($E,$A,$B,$C,$D,$wl[66],$sl[66],$KL4,0); + &RIP5($D,$E,$A,$B,$C,$wl[67],$sl[67],$KL4,0); + &RIP5($C,$D,$E,$A,$B,$wl[68],$sl[68],$KL4,0); + &RIP5($B,$C,$D,$E,$A,$wl[69],$sl[69],$KL4,0); + &RIP5($A,$B,$C,$D,$E,$wl[70],$sl[70],$KL4,0); + &RIP5($E,$A,$B,$C,$D,$wl[71],$sl[71],$KL4,0); + &RIP5($D,$E,$A,$B,$C,$wl[72],$sl[72],$KL4,0); + &RIP5($C,$D,$E,$A,$B,$wl[73],$sl[73],$KL4,0); + &RIP5($B,$C,$D,$E,$A,$wl[74],$sl[74],$KL4,0); + &RIP5($A,$B,$C,$D,$E,$wl[75],$sl[75],$KL4,0); + &RIP5($E,$A,$B,$C,$D,$wl[76],$sl[76],$KL4,0); + &RIP5($D,$E,$A,$B,$C,$wl[77],$sl[77],$KL4,0); + &RIP5($C,$D,$E,$A,$B,$wl[78],$sl[78],$KL4,0); + &RIP5($B,$C,$D,$E,$A,$wl[79],$sl[79],$KL4,1); + + # &mov($tmp2, &wparam(0)); # moved into last RIP5 + # &mov(&swtmp(1+16), $A); + &mov($A, &DWP( 0,$tmp2,"",0)); + &mov(&swtmp(1+17), $B); + &mov(&swtmp(1+18), $C); + &mov($B, &DWP( 4,$tmp2,"",0)); + &mov(&swtmp(1+19), $D); + &mov($C, &DWP( 8,$tmp2,"",0)); + &mov(&swtmp(1+20), $E); + &mov($D, &DWP(12,$tmp2,"",0)); + &mov($E, &DWP(16,$tmp2,"",0)); + + &RIP5($A,$B,$C,$D,$E,$wr[ 0],$sr[ 0],$KR0,-2); + &RIP5($E,$A,$B,$C,$D,$wr[ 1],$sr[ 1],$KR0,0); + &RIP5($D,$E,$A,$B,$C,$wr[ 2],$sr[ 2],$KR0,0); + &RIP5($C,$D,$E,$A,$B,$wr[ 3],$sr[ 3],$KR0,0); + &RIP5($B,$C,$D,$E,$A,$wr[ 4],$sr[ 4],$KR0,0); + &RIP5($A,$B,$C,$D,$E,$wr[ 5],$sr[ 5],$KR0,0); + &RIP5($E,$A,$B,$C,$D,$wr[ 6],$sr[ 6],$KR0,0); + &RIP5($D,$E,$A,$B,$C,$wr[ 7],$sr[ 7],$KR0,0); + &RIP5($C,$D,$E,$A,$B,$wr[ 8],$sr[ 8],$KR0,0); + &RIP5($B,$C,$D,$E,$A,$wr[ 9],$sr[ 9],$KR0,0); + &RIP5($A,$B,$C,$D,$E,$wr[10],$sr[10],$KR0,0); + &RIP5($E,$A,$B,$C,$D,$wr[11],$sr[11],$KR0,0); + &RIP5($D,$E,$A,$B,$C,$wr[12],$sr[12],$KR0,0); + &RIP5($C,$D,$E,$A,$B,$wr[13],$sr[13],$KR0,0); + &RIP5($B,$C,$D,$E,$A,$wr[14],$sr[14],$KR0,0); + &RIP5($A,$B,$C,$D,$E,$wr[15],$sr[15],$KR0,2); + + &RIP4($E,$A,$B,$C,$D,$wr[16],$sr[16],$KR1,-2); + &RIP4($D,$E,$A,$B,$C,$wr[17],$sr[17],$KR1,0); + &RIP4($C,$D,$E,$A,$B,$wr[18],$sr[18],$KR1,0); + &RIP4($B,$C,$D,$E,$A,$wr[19],$sr[19],$KR1,0); + &RIP4($A,$B,$C,$D,$E,$wr[20],$sr[20],$KR1,0); + &RIP4($E,$A,$B,$C,$D,$wr[21],$sr[21],$KR1,0); + &RIP4($D,$E,$A,$B,$C,$wr[22],$sr[22],$KR1,0); + &RIP4($C,$D,$E,$A,$B,$wr[23],$sr[23],$KR1,0); + &RIP4($B,$C,$D,$E,$A,$wr[24],$sr[24],$KR1,0); + &RIP4($A,$B,$C,$D,$E,$wr[25],$sr[25],$KR1,0); + &RIP4($E,$A,$B,$C,$D,$wr[26],$sr[26],$KR1,0); + &RIP4($D,$E,$A,$B,$C,$wr[27],$sr[27],$KR1,0); + &RIP4($C,$D,$E,$A,$B,$wr[28],$sr[28],$KR1,0); + &RIP4($B,$C,$D,$E,$A,$wr[29],$sr[29],$KR1,0); + &RIP4($A,$B,$C,$D,$E,$wr[30],$sr[30],$KR1,0); + &RIP4($E,$A,$B,$C,$D,$wr[31],$sr[31],$KR1,2); + + &RIP3($D,$E,$A,$B,$C,$wr[32],$sr[32],$KR2,-2); + &RIP3($C,$D,$E,$A,$B,$wr[33],$sr[33],$KR2,0); + &RIP3($B,$C,$D,$E,$A,$wr[34],$sr[34],$KR2,0); + &RIP3($A,$B,$C,$D,$E,$wr[35],$sr[35],$KR2,0); + &RIP3($E,$A,$B,$C,$D,$wr[36],$sr[36],$KR2,0); + &RIP3($D,$E,$A,$B,$C,$wr[37],$sr[37],$KR2,0); + &RIP3($C,$D,$E,$A,$B,$wr[38],$sr[38],$KR2,0); + &RIP3($B,$C,$D,$E,$A,$wr[39],$sr[39],$KR2,0); + &RIP3($A,$B,$C,$D,$E,$wr[40],$sr[40],$KR2,0); + &RIP3($E,$A,$B,$C,$D,$wr[41],$sr[41],$KR2,0); + &RIP3($D,$E,$A,$B,$C,$wr[42],$sr[42],$KR2,0); + &RIP3($C,$D,$E,$A,$B,$wr[43],$sr[43],$KR2,0); + &RIP3($B,$C,$D,$E,$A,$wr[44],$sr[44],$KR2,0); + &RIP3($A,$B,$C,$D,$E,$wr[45],$sr[45],$KR2,0); + &RIP3($E,$A,$B,$C,$D,$wr[46],$sr[46],$KR2,0); + &RIP3($D,$E,$A,$B,$C,$wr[47],$sr[47],$KR2,2,$wr[48]); + + &RIP2($C,$D,$E,$A,$B,$wr[48],$wr[49],$sr[48],$KR3,-2); + &RIP2($B,$C,$D,$E,$A,$wr[49],$wr[50],$sr[49],$KR3,0); + &RIP2($A,$B,$C,$D,$E,$wr[50],$wr[51],$sr[50],$KR3,0); + &RIP2($E,$A,$B,$C,$D,$wr[51],$wr[52],$sr[51],$KR3,0); + &RIP2($D,$E,$A,$B,$C,$wr[52],$wr[53],$sr[52],$KR3,0); + &RIP2($C,$D,$E,$A,$B,$wr[53],$wr[54],$sr[53],$KR3,0); + &RIP2($B,$C,$D,$E,$A,$wr[54],$wr[55],$sr[54],$KR3,0); + &RIP2($A,$B,$C,$D,$E,$wr[55],$wr[56],$sr[55],$KR3,0); + &RIP2($E,$A,$B,$C,$D,$wr[56],$wr[57],$sr[56],$KR3,0); + &RIP2($D,$E,$A,$B,$C,$wr[57],$wr[58],$sr[57],$KR3,0); + &RIP2($C,$D,$E,$A,$B,$wr[58],$wr[59],$sr[58],$KR3,0); + &RIP2($B,$C,$D,$E,$A,$wr[59],$wr[60],$sr[59],$KR3,0); + &RIP2($A,$B,$C,$D,$E,$wr[60],$wr[61],$sr[60],$KR3,0); + &RIP2($E,$A,$B,$C,$D,$wr[61],$wr[62],$sr[61],$KR3,0); + &RIP2($D,$E,$A,$B,$C,$wr[62],$wr[63],$sr[62],$KR3,0); + &RIP2($C,$D,$E,$A,$B,$wr[63],$wr[64],$sr[63],$KR3,2); + + &RIP1($B,$C,$D,$E,$A,$wr[64],$sr[64],-2); + &RIP1($A,$B,$C,$D,$E,$wr[65],$sr[65],0); + &RIP1($E,$A,$B,$C,$D,$wr[66],$sr[66],0); + &RIP1($D,$E,$A,$B,$C,$wr[67],$sr[67],0); + &RIP1($C,$D,$E,$A,$B,$wr[68],$sr[68],0); + &RIP1($B,$C,$D,$E,$A,$wr[69],$sr[69],0); + &RIP1($A,$B,$C,$D,$E,$wr[70],$sr[70],0); + &RIP1($E,$A,$B,$C,$D,$wr[71],$sr[71],0); + &RIP1($D,$E,$A,$B,$C,$wr[72],$sr[72],0); + &RIP1($C,$D,$E,$A,$B,$wr[73],$sr[73],0); + &RIP1($B,$C,$D,$E,$A,$wr[74],$sr[74],0); + &RIP1($A,$B,$C,$D,$E,$wr[75],$sr[75],0); + &RIP1($E,$A,$B,$C,$D,$wr[76],$sr[76],0); + &RIP1($D,$E,$A,$B,$C,$wr[77],$sr[77],0); + &RIP1($C,$D,$E,$A,$B,$wr[78],$sr[78],0); + &RIP1($B,$C,$D,$E,$A,$wr[79],$sr[79],2); + + # &mov($tmp2, &wparam(0)); # Moved into last round + + &mov($tmp1, &DWP( 4,$tmp2,"",0)); # ctx->B + &add($D, $tmp1); + &mov($tmp1, &swtmp(1+18)); # $c + &add($D, $tmp1); + + &mov($tmp1, &DWP( 8,$tmp2,"",0)); # ctx->C + &add($E, $tmp1); + &mov($tmp1, &swtmp(1+19)); # $d + &add($E, $tmp1); + + &mov($tmp1, &DWP(12,$tmp2,"",0)); # ctx->D + &add($A, $tmp1); + &mov($tmp1, &swtmp(1+20)); # $e + &add($A, $tmp1); + + + &mov($tmp1, &DWP(16,$tmp2,"",0)); # ctx->E + &add($B, $tmp1); + &mov($tmp1, &swtmp(1+16)); # $a + &add($B, $tmp1); + + &mov($tmp1, &DWP( 0,$tmp2,"",0)); # ctx->A + &add($C, $tmp1); + &mov($tmp1, &swtmp(1+17)); # $b + &add($C, $tmp1); + + &mov(&DWP( 0,$tmp2,"",0), $D); + &mov(&DWP( 4,$tmp2,"",0), $E); + &mov(&DWP( 8,$tmp2,"",0), $A); + &mov(&DWP(12,$tmp2,"",0), $B); + &mov(&DWP(16,$tmp2,"",0), $C); + + &mov($tmp2, &swtmp(0)); + &mov($tmp1, &wparam(1)); + + &cmp($tmp2,$tmp1); + &mov($tmp2, &wparam(0)); + + # XXX + &jge(&label("start")); + + &stack_pop(16+5+1); + + &pop("ebx"); + &pop("ebp"); + &pop("edi"); + &pop("esi"); + &ret(); + &function_end_B($name); + } + diff --git a/src/lib/libcrypto/ripemd/ripemd.h b/src/lib/libcrypto/ripemd/ripemd.h new file mode 100644 index 0000000000..a3bc6e3ab2 --- /dev/null +++ b/src/lib/libcrypto/ripemd/ripemd.h @@ -0,0 +1,99 @@ +/* crypto/ripemd/ripemd.h */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#ifndef HEADER_RIPEMD_H +#define HEADER_RIPEMD_H + +#ifdef __cplusplus +extern "C" { +#endif + +#define RIPEMD160_CBLOCK 64 +#define RIPEMD160_LBLOCK 16 +#define RIPEMD160_BLOCK 16 +#define RIPEMD160_LAST_BLOCK 56 +#define RIPEMD160_LENGTH_BLOCK 8 +#define RIPEMD160_DIGEST_LENGTH 20 + +typedef struct RIPEMD160state_st + { + unsigned long A,B,C,D,E; + unsigned long Nl,Nh; + unsigned long data[RIPEMD160_LBLOCK]; + int num; + } RIPEMD160_CTX; + +#ifndef NOPROTO +void RIPEMD160_Init(RIPEMD160_CTX *c); +void RIPEMD160_Update(RIPEMD160_CTX *c, unsigned char *data, unsigned long len); +void RIPEMD160_Final(unsigned char *md, RIPEMD160_CTX *c); +unsigned char *RIPEMD160(unsigned char *d, unsigned long n, unsigned char *md); +void RIPEMD160_Transform(RIPEMD160_CTX *c, unsigned char *b); +#else +void RIPEMD160_Init(); +void RIPEMD160_Update(); +void RIPEMD160_Final(); +unsigned char *RIPEMD160(); +void RIPEMD160_Transform(); +#endif + +#ifdef __cplusplus +} +#endif + +#endif diff --git a/src/lib/libcrypto/ripemd/rmd_dgst.c b/src/lib/libcrypto/ripemd/rmd_dgst.c new file mode 100644 index 0000000000..210de1977d --- /dev/null +++ b/src/lib/libcrypto/ripemd/rmd_dgst.c @@ -0,0 +1,535 @@ +/* crypto/ripemd/rmd_dgst.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include +#include "rmd_locl.h" + +char *RMD160_version="RIPEMD160 part of SSLeay 0.9.0b 29-Jun-1998"; + +#ifndef NOPROTO +# ifdef RMD160_ASM + void ripemd160_block_x86(RIPEMD160_CTX *c, unsigned long *p,int num); +# define ripemd160_block ripemd160_block_x86 +# else + void ripemd160_block(RIPEMD160_CTX *c, unsigned long *p,int num); +# endif +#else +# ifdef RMD160_ASM + void ripemd160_block_x86(); +# define ripemd160_block ripemd160_block_x86 +# else + static void ripemd160_block(); +# endif +#endif + +void RIPEMD160_Init(c) +RIPEMD160_CTX *c; + { + c->A=RIPEMD160_A; + c->B=RIPEMD160_B; + c->C=RIPEMD160_C; + c->D=RIPEMD160_D; + c->E=RIPEMD160_E; + c->Nl=0; + c->Nh=0; + c->num=0; + } + +void RIPEMD160_Update(c, data, len) +RIPEMD160_CTX *c; +register unsigned char *data; +unsigned long len; + { + register ULONG *p; + int sw,sc; + ULONG l; + + if (len == 0) return; + + l=(c->Nl+(len<<3))&0xffffffffL; + if (l < c->Nl) /* overflow */ + c->Nh++; + c->Nh+=(len>>29); + c->Nl=l; + + if (c->num != 0) + { + p=c->data; + sw=c->num>>2; + sc=c->num&0x03; + + if ((c->num+len) >= RIPEMD160_CBLOCK) + { + l= p[sw]; + p_c2l(data,l,sc); + p[sw++]=l; + for (; swnum); + + ripemd160_block(c,p,64); + c->num=0; + /* drop through and do the rest */ + } + else + { + int ew,ec; + + c->num+=(int)len; + if ((sc+len) < 4) /* ugly, add char's to a word */ + { + l= p[sw]; + p_c2l_p(data,l,sc,len); + p[sw]=l; + } + else + { + ew=(c->num>>2); + ec=(c->num&0x03); + l= p[sw]; + p_c2l(data,l,sc); + p[sw++]=l; + for (; sw < ew; sw++) + { c2l(data,l); p[sw]=l; } + if (ec) + { + c2l_p(data,l,ec); + p[sw]=l; + } + } + return; + } + } + /* we now can process the input data in blocks of RIPEMD160_CBLOCK + * chars and save the leftovers to c->data. */ +#ifdef L_ENDIAN + if ((((unsigned long)data)%sizeof(ULONG)) == 0) + { + sw=(int)len/RIPEMD160_CBLOCK; + if (sw > 0) + { + sw*=RIPEMD160_CBLOCK; + ripemd160_block(c,(ULONG *)data,sw); + data+=sw; + len-=sw; + } + } +#endif + p=c->data; + while (len >= RIPEMD160_CBLOCK) + { +#if defined(L_ENDIAN) || defined(B_ENDIAN) + if (p != (unsigned long *)data) + memcpy(p,data,RIPEMD160_CBLOCK); + data+=RIPEMD160_CBLOCK; +#ifdef B_ENDIAN + for (sw=(RIPEMD160_LBLOCK/4); sw; sw--) + { + Endian_Reverse32(p[0]); + Endian_Reverse32(p[1]); + Endian_Reverse32(p[2]); + Endian_Reverse32(p[3]); + p+=4; + } +#endif +#else + for (sw=(RIPEMD160_LBLOCK/4); sw; sw--) + { + c2l(data,l); *(p++)=l; + c2l(data,l); *(p++)=l; + c2l(data,l); *(p++)=l; + c2l(data,l); *(p++)=l; + } +#endif + p=c->data; + ripemd160_block(c,p,64); + len-=RIPEMD160_CBLOCK; + } + sc=(int)len; + c->num=sc; + if (sc) + { + sw=sc>>2; /* words to copy */ +#ifdef L_ENDIAN + p[sw]=0; + memcpy(p,data,sc); +#else + sc&=0x03; + for ( ; sw; sw--) + { c2l(data,l); *(p++)=l; } + c2l_p(data,l,sc); + *p=l; +#endif + } + } + +void RIPEMD160_Transform(c,b) +RIPEMD160_CTX *c; +unsigned char *b; + { + ULONG p[16]; +#if !defined(L_ENDIAN) + ULONG *q; + int i; +#endif + +#if defined(B_ENDIAN) || defined(L_ENDIAN) + memcpy(p,b,64); +#ifdef B_ENDIAN + q=p; + for (i=(RIPEMD160_LBLOCK/4); i; i--) + { + Endian_Reverse32(q[0]); + Endian_Reverse32(q[1]); + Endian_Reverse32(q[2]); + Endian_Reverse32(q[3]); + q+=4; + } +#endif +#else + q=p; + for (i=(RIPEMD160_LBLOCK/4); i; i--) + { + ULONG l; + c2l(b,l); *(q++)=l; + c2l(b,l); *(q++)=l; + c2l(b,l); *(q++)=l; + c2l(b,l); *(q++)=l; + } +#endif + ripemd160_block(c,p,64); + } + +#ifndef RMD160_ASM + +void ripemd160_block(ctx, X, num) +RIPEMD160_CTX *ctx; +register ULONG *X; +int num; + { + register ULONG A,B,C,D,E; + ULONG a,b,c,d,e; + + for (;;) + { + A=ctx->A; B=ctx->B; C=ctx->C; D=ctx->D; E=ctx->E; + + RIP1(A,B,C,D,E,WL00,SL00); + RIP1(E,A,B,C,D,WL01,SL01); + RIP1(D,E,A,B,C,WL02,SL02); + RIP1(C,D,E,A,B,WL03,SL03); + RIP1(B,C,D,E,A,WL04,SL04); + RIP1(A,B,C,D,E,WL05,SL05); + RIP1(E,A,B,C,D,WL06,SL06); + RIP1(D,E,A,B,C,WL07,SL07); + RIP1(C,D,E,A,B,WL08,SL08); + RIP1(B,C,D,E,A,WL09,SL09); + RIP1(A,B,C,D,E,WL10,SL10); + RIP1(E,A,B,C,D,WL11,SL11); + RIP1(D,E,A,B,C,WL12,SL12); + RIP1(C,D,E,A,B,WL13,SL13); + RIP1(B,C,D,E,A,WL14,SL14); + RIP1(A,B,C,D,E,WL15,SL15); + + RIP2(E,A,B,C,D,WL16,SL16,KL1); + RIP2(D,E,A,B,C,WL17,SL17,KL1); + RIP2(C,D,E,A,B,WL18,SL18,KL1); + RIP2(B,C,D,E,A,WL19,SL19,KL1); + RIP2(A,B,C,D,E,WL20,SL20,KL1); + RIP2(E,A,B,C,D,WL21,SL21,KL1); + RIP2(D,E,A,B,C,WL22,SL22,KL1); + RIP2(C,D,E,A,B,WL23,SL23,KL1); + RIP2(B,C,D,E,A,WL24,SL24,KL1); + RIP2(A,B,C,D,E,WL25,SL25,KL1); + RIP2(E,A,B,C,D,WL26,SL26,KL1); + RIP2(D,E,A,B,C,WL27,SL27,KL1); + RIP2(C,D,E,A,B,WL28,SL28,KL1); + RIP2(B,C,D,E,A,WL29,SL29,KL1); + RIP2(A,B,C,D,E,WL30,SL30,KL1); + RIP2(E,A,B,C,D,WL31,SL31,KL1); + + RIP3(D,E,A,B,C,WL32,SL32,KL2); + RIP3(C,D,E,A,B,WL33,SL33,KL2); + RIP3(B,C,D,E,A,WL34,SL34,KL2); + RIP3(A,B,C,D,E,WL35,SL35,KL2); + RIP3(E,A,B,C,D,WL36,SL36,KL2); + RIP3(D,E,A,B,C,WL37,SL37,KL2); + RIP3(C,D,E,A,B,WL38,SL38,KL2); + RIP3(B,C,D,E,A,WL39,SL39,KL2); + RIP3(A,B,C,D,E,WL40,SL40,KL2); + RIP3(E,A,B,C,D,WL41,SL41,KL2); + RIP3(D,E,A,B,C,WL42,SL42,KL2); + RIP3(C,D,E,A,B,WL43,SL43,KL2); + RIP3(B,C,D,E,A,WL44,SL44,KL2); + RIP3(A,B,C,D,E,WL45,SL45,KL2); + RIP3(E,A,B,C,D,WL46,SL46,KL2); + RIP3(D,E,A,B,C,WL47,SL47,KL2); + + RIP4(C,D,E,A,B,WL48,SL48,KL3); + RIP4(B,C,D,E,A,WL49,SL49,KL3); + RIP4(A,B,C,D,E,WL50,SL50,KL3); + RIP4(E,A,B,C,D,WL51,SL51,KL3); + RIP4(D,E,A,B,C,WL52,SL52,KL3); + RIP4(C,D,E,A,B,WL53,SL53,KL3); + RIP4(B,C,D,E,A,WL54,SL54,KL3); + RIP4(A,B,C,D,E,WL55,SL55,KL3); + RIP4(E,A,B,C,D,WL56,SL56,KL3); + RIP4(D,E,A,B,C,WL57,SL57,KL3); + RIP4(C,D,E,A,B,WL58,SL58,KL3); + RIP4(B,C,D,E,A,WL59,SL59,KL3); + RIP4(A,B,C,D,E,WL60,SL60,KL3); + RIP4(E,A,B,C,D,WL61,SL61,KL3); + RIP4(D,E,A,B,C,WL62,SL62,KL3); + RIP4(C,D,E,A,B,WL63,SL63,KL3); + + RIP5(B,C,D,E,A,WL64,SL64,KL4); + RIP5(A,B,C,D,E,WL65,SL65,KL4); + RIP5(E,A,B,C,D,WL66,SL66,KL4); + RIP5(D,E,A,B,C,WL67,SL67,KL4); + RIP5(C,D,E,A,B,WL68,SL68,KL4); + RIP5(B,C,D,E,A,WL69,SL69,KL4); + RIP5(A,B,C,D,E,WL70,SL70,KL4); + RIP5(E,A,B,C,D,WL71,SL71,KL4); + RIP5(D,E,A,B,C,WL72,SL72,KL4); + RIP5(C,D,E,A,B,WL73,SL73,KL4); + RIP5(B,C,D,E,A,WL74,SL74,KL4); + RIP5(A,B,C,D,E,WL75,SL75,KL4); + RIP5(E,A,B,C,D,WL76,SL76,KL4); + RIP5(D,E,A,B,C,WL77,SL77,KL4); + RIP5(C,D,E,A,B,WL78,SL78,KL4); + RIP5(B,C,D,E,A,WL79,SL79,KL4); + + a=A; b=B; c=C; d=D; e=E; + /* Do other half */ + A=ctx->A; B=ctx->B; C=ctx->C; D=ctx->D; E=ctx->E; + + RIP5(A,B,C,D,E,WR00,SR00,KR0); + RIP5(E,A,B,C,D,WR01,SR01,KR0); + RIP5(D,E,A,B,C,WR02,SR02,KR0); + RIP5(C,D,E,A,B,WR03,SR03,KR0); + RIP5(B,C,D,E,A,WR04,SR04,KR0); + RIP5(A,B,C,D,E,WR05,SR05,KR0); + RIP5(E,A,B,C,D,WR06,SR06,KR0); + RIP5(D,E,A,B,C,WR07,SR07,KR0); + RIP5(C,D,E,A,B,WR08,SR08,KR0); + RIP5(B,C,D,E,A,WR09,SR09,KR0); + RIP5(A,B,C,D,E,WR10,SR10,KR0); + RIP5(E,A,B,C,D,WR11,SR11,KR0); + RIP5(D,E,A,B,C,WR12,SR12,KR0); + RIP5(C,D,E,A,B,WR13,SR13,KR0); + RIP5(B,C,D,E,A,WR14,SR14,KR0); + RIP5(A,B,C,D,E,WR15,SR15,KR0); + + RIP4(E,A,B,C,D,WR16,SR16,KR1); + RIP4(D,E,A,B,C,WR17,SR17,KR1); + RIP4(C,D,E,A,B,WR18,SR18,KR1); + RIP4(B,C,D,E,A,WR19,SR19,KR1); + RIP4(A,B,C,D,E,WR20,SR20,KR1); + RIP4(E,A,B,C,D,WR21,SR21,KR1); + RIP4(D,E,A,B,C,WR22,SR22,KR1); + RIP4(C,D,E,A,B,WR23,SR23,KR1); + RIP4(B,C,D,E,A,WR24,SR24,KR1); + RIP4(A,B,C,D,E,WR25,SR25,KR1); + RIP4(E,A,B,C,D,WR26,SR26,KR1); + RIP4(D,E,A,B,C,WR27,SR27,KR1); + RIP4(C,D,E,A,B,WR28,SR28,KR1); + RIP4(B,C,D,E,A,WR29,SR29,KR1); + RIP4(A,B,C,D,E,WR30,SR30,KR1); + RIP4(E,A,B,C,D,WR31,SR31,KR1); + + RIP3(D,E,A,B,C,WR32,SR32,KR2); + RIP3(C,D,E,A,B,WR33,SR33,KR2); + RIP3(B,C,D,E,A,WR34,SR34,KR2); + RIP3(A,B,C,D,E,WR35,SR35,KR2); + RIP3(E,A,B,C,D,WR36,SR36,KR2); + RIP3(D,E,A,B,C,WR37,SR37,KR2); + RIP3(C,D,E,A,B,WR38,SR38,KR2); + RIP3(B,C,D,E,A,WR39,SR39,KR2); + RIP3(A,B,C,D,E,WR40,SR40,KR2); + RIP3(E,A,B,C,D,WR41,SR41,KR2); + RIP3(D,E,A,B,C,WR42,SR42,KR2); + RIP3(C,D,E,A,B,WR43,SR43,KR2); + RIP3(B,C,D,E,A,WR44,SR44,KR2); + RIP3(A,B,C,D,E,WR45,SR45,KR2); + RIP3(E,A,B,C,D,WR46,SR46,KR2); + RIP3(D,E,A,B,C,WR47,SR47,KR2); + + RIP2(C,D,E,A,B,WR48,SR48,KR3); + RIP2(B,C,D,E,A,WR49,SR49,KR3); + RIP2(A,B,C,D,E,WR50,SR50,KR3); + RIP2(E,A,B,C,D,WR51,SR51,KR3); + RIP2(D,E,A,B,C,WR52,SR52,KR3); + RIP2(C,D,E,A,B,WR53,SR53,KR3); + RIP2(B,C,D,E,A,WR54,SR54,KR3); + RIP2(A,B,C,D,E,WR55,SR55,KR3); + RIP2(E,A,B,C,D,WR56,SR56,KR3); + RIP2(D,E,A,B,C,WR57,SR57,KR3); + RIP2(C,D,E,A,B,WR58,SR58,KR3); + RIP2(B,C,D,E,A,WR59,SR59,KR3); + RIP2(A,B,C,D,E,WR60,SR60,KR3); + RIP2(E,A,B,C,D,WR61,SR61,KR3); + RIP2(D,E,A,B,C,WR62,SR62,KR3); + RIP2(C,D,E,A,B,WR63,SR63,KR3); + + RIP1(B,C,D,E,A,WR64,SR64); + RIP1(A,B,C,D,E,WR65,SR65); + RIP1(E,A,B,C,D,WR66,SR66); + RIP1(D,E,A,B,C,WR67,SR67); + RIP1(C,D,E,A,B,WR68,SR68); + RIP1(B,C,D,E,A,WR69,SR69); + RIP1(A,B,C,D,E,WR70,SR70); + RIP1(E,A,B,C,D,WR71,SR71); + RIP1(D,E,A,B,C,WR72,SR72); + RIP1(C,D,E,A,B,WR73,SR73); + RIP1(B,C,D,E,A,WR74,SR74); + RIP1(A,B,C,D,E,WR75,SR75); + RIP1(E,A,B,C,D,WR76,SR76); + RIP1(D,E,A,B,C,WR77,SR77); + RIP1(C,D,E,A,B,WR78,SR78); + RIP1(B,C,D,E,A,WR79,SR79); + + D =ctx->B+c+D; + ctx->B=ctx->C+d+E; + ctx->C=ctx->D+e+A; + ctx->D=ctx->E+a+B; + ctx->E=ctx->A+b+C; + ctx->A=D; + + X+=16; + num-=64; + if (num <= 0) break; + } + } +#endif + +void RIPEMD160_Final(md, c) +unsigned char *md; +RIPEMD160_CTX *c; + { + register int i,j; + register ULONG l; + register ULONG *p; + static unsigned char end[4]={0x80,0x00,0x00,0x00}; + unsigned char *cp=end; + + /* c->num should definitly have room for at least one more byte. */ + p=c->data; + j=c->num; + i=j>>2; + + /* purify often complains about the following line as an + * Uninitialized Memory Read. While this can be true, the + * following p_c2l macro will reset l when that case is true. + * This is because j&0x03 contains the number of 'valid' bytes + * already in p[i]. If and only if j&0x03 == 0, the UMR will + * occur but this is also the only time p_c2l will do + * l= *(cp++) instead of l|= *(cp++) + * Many thanks to Alex Tang for pickup this + * 'potential bug' */ +#ifdef PURIFY + if ((j&0x03) == 0) p[i]=0; +#endif + l=p[i]; + p_c2l(cp,l,j&0x03); + p[i]=l; + i++; + /* i is the next 'undefined word' */ + if (c->num >= RIPEMD160_LAST_BLOCK) + { + for (; iNl; + p[RIPEMD160_LBLOCK-1]=c->Nh; + ripemd160_block(c,p,64); + cp=md; + l=c->A; l2c(l,cp); + l=c->B; l2c(l,cp); + l=c->C; l2c(l,cp); + l=c->D; l2c(l,cp); + l=c->E; l2c(l,cp); + + /* clear stuff, ripemd160_block may be leaving some stuff on the stack + * but I'm not worried :-) */ + c->num=0; +/* memset((char *)&c,0,sizeof(c));*/ + } + +#ifdef undef +int printit(l) +unsigned long *l; + { + int i,ii; + + for (i=0; i<2; i++) + { + for (ii=0; ii<8; ii++) + { + fprintf(stderr,"%08lx ",l[i*8+ii]); + } + fprintf(stderr,"\n"); + } + } +#endif diff --git a/src/lib/libcrypto/ripemd/rmd_locl.h b/src/lib/libcrypto/ripemd/rmd_locl.h new file mode 100644 index 0000000000..a1feccf7c1 --- /dev/null +++ b/src/lib/libcrypto/ripemd/rmd_locl.h @@ -0,0 +1,226 @@ +/* crypto/ripemd/rmd_locl.h */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include +#include +#include "ripemd.h" + +#define ULONG unsigned long +#define UCHAR unsigned char +#define UINT unsigned int + +#ifdef NOCONST +#define const +#endif + +#undef c2nl +#define c2nl(c,l) (l =(((unsigned long)(*((c)++)))<<24), \ + l|=(((unsigned long)(*((c)++)))<<16), \ + l|=(((unsigned long)(*((c)++)))<< 8), \ + l|=(((unsigned long)(*((c)++))) )) + +#undef p_c2nl +#define p_c2nl(c,l,n) { \ + switch (n) { \ + case 0: l =((unsigned long)(*((c)++)))<<24; \ + case 1: l|=((unsigned long)(*((c)++)))<<16; \ + case 2: l|=((unsigned long)(*((c)++)))<< 8; \ + case 3: l|=((unsigned long)(*((c)++))); \ + } \ + } + +#undef c2nl_p +/* NOTE the pointer is not incremented at the end of this */ +#define c2nl_p(c,l,n) { \ + l=0; \ + (c)+=n; \ + switch (n) { \ + case 3: l =((unsigned long)(*(--(c))))<< 8; \ + case 2: l|=((unsigned long)(*(--(c))))<<16; \ + case 1: l|=((unsigned long)(*(--(c))))<<24; \ + } \ + } + +#undef p_c2nl_p +#define p_c2nl_p(c,l,sc,len) { \ + switch (sc) \ + { \ + case 0: l =((unsigned long)(*((c)++)))<<24; \ + if (--len == 0) break; \ + case 1: l|=((unsigned long)(*((c)++)))<<16; \ + if (--len == 0) break; \ + case 2: l|=((unsigned long)(*((c)++)))<< 8; \ + } \ + } + +#undef nl2c +#define nl2c(l,c) (*((c)++)=(unsigned char)(((l)>>24)&0xff), \ + *((c)++)=(unsigned char)(((l)>>16)&0xff), \ + *((c)++)=(unsigned char)(((l)>> 8)&0xff), \ + *((c)++)=(unsigned char)(((l) )&0xff)) + +#undef c2l +#define c2l(c,l) (l =(((unsigned long)(*((c)++))) ), \ + l|=(((unsigned long)(*((c)++)))<< 8), \ + l|=(((unsigned long)(*((c)++)))<<16), \ + l|=(((unsigned long)(*((c)++)))<<24)) + +#undef p_c2l +#define p_c2l(c,l,n) { \ + switch (n) { \ + case 0: l =((unsigned long)(*((c)++))); \ + case 1: l|=((unsigned long)(*((c)++)))<< 8; \ + case 2: l|=((unsigned long)(*((c)++)))<<16; \ + case 3: l|=((unsigned long)(*((c)++)))<<24; \ + } \ + } + +#undef c2l_p +/* NOTE the pointer is not incremented at the end of this */ +#define c2l_p(c,l,n) { \ + l=0; \ + (c)+=n; \ + switch (n) { \ + case 3: l =((unsigned long)(*(--(c))))<<16; \ + case 2: l|=((unsigned long)(*(--(c))))<< 8; \ + case 1: l|=((unsigned long)(*(--(c)))); \ + } \ + } + +#undef p_c2l_p +#define p_c2l_p(c,l,sc,len) { \ + switch (sc) \ + { \ + case 0: l =((unsigned long)(*((c)++))); \ + if (--len == 0) break; \ + case 1: l|=((unsigned long)(*((c)++)))<< 8; \ + if (--len == 0) break; \ + case 2: l|=((unsigned long)(*((c)++)))<<16; \ + } \ + } + +#undef l2c +#define l2c(l,c) (*((c)++)=(unsigned char)(((l) )&0xff), \ + *((c)++)=(unsigned char)(((l)>> 8)&0xff), \ + *((c)++)=(unsigned char)(((l)>>16)&0xff), \ + *((c)++)=(unsigned char)(((l)>>24)&0xff)) + +#undef ROTATE +#if defined(WIN32) +#define ROTATE(a,n) _lrotl(a,n) +#else +#define ROTATE(a,n) (((a)<<(n))|(((a)&0xffffffff)>>(32-(n)))) +#endif + +/* A nice byte order reversal from Wei Dai */ +#if defined(WIN32) +/* 5 instructions with rotate instruction, else 9 */ +#define Endian_Reverse32(a) \ + { \ + unsigned long l=(a); \ + (a)=((ROTATE(l,8)&0x00FF00FF)|(ROTATE(l,24)&0xFF00FF00)); \ + } +#else +/* 6 instructions with rotate instruction, else 8 */ +#define Endian_Reverse32(a) \ + { \ + unsigned long l=(a); \ + l=(((l&0xFF00FF00)>>8L)|((l&0x00FF00FF)<<8L)); \ + (a)=ROTATE(l,16L); \ + } +#endif + +#define F1(x,y,z) ((x)^(y)^(z)) +#define F2(x,y,z) (((x)&(y))|((~x)&z)) +#define F3(x,y,z) (((x)|(~y))^(z)) +#define F4(x,y,z) (((x)&(z))|((y)&(~(z)))) +#define F5(x,y,z) ((x)^((y)|(~(z)))) + +#define RIPEMD160_A 0x67452301L +#define RIPEMD160_B 0xEFCDAB89L +#define RIPEMD160_C 0x98BADCFEL +#define RIPEMD160_D 0x10325476L +#define RIPEMD160_E 0xC3D2E1F0L + +#include "rmdconst.h" + +#define RIP1(a,b,c,d,e,w,s) { \ + a+=F1(b,c,d)+X[w]; \ + a=ROTATE(a,s)+e; \ + c=ROTATE(c,10); } + +#define RIP2(a,b,c,d,e,w,s,K) { \ + a+=F2(b,c,d)+X[w]+K; \ + a=ROTATE(a,s)+e; \ + c=ROTATE(c,10); } + +#define RIP3(a,b,c,d,e,w,s,K) { \ + a+=F3(b,c,d)+X[w]+K; \ + a=ROTATE(a,s)+e; \ + c=ROTATE(c,10); } + +#define RIP4(a,b,c,d,e,w,s,K) { \ + a+=F4(b,c,d)+X[w]+K; \ + a=ROTATE(a,s)+e; \ + c=ROTATE(c,10); } + +#define RIP5(a,b,c,d,e,w,s,K) { \ + a+=F5(b,c,d)+X[w]+K; \ + a=ROTATE(a,s)+e; \ + c=ROTATE(c,10); } + diff --git a/src/lib/libcrypto/ripemd/rmd_one.c b/src/lib/libcrypto/ripemd/rmd_one.c new file mode 100644 index 0000000000..a7626dbcda --- /dev/null +++ b/src/lib/libcrypto/ripemd/rmd_one.c @@ -0,0 +1,77 @@ +/* crypto/ripemd/rmd_one.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include +#include "rmd_locl.h" + +unsigned char *RIPEMD160(d, n, md) +unsigned char *d; +unsigned long n; +unsigned char *md; + { + RIPEMD160_CTX c; + static unsigned char m[RIPEMD160_DIGEST_LENGTH]; + + if (md == NULL) md=m; + RIPEMD160_Init(&c); + RIPEMD160_Update(&c,d,n); + RIPEMD160_Final(md,&c); + memset(&c,0,sizeof(c)); /* security consideration */ + return(md); + } + diff --git a/src/lib/libcrypto/ripemd/rmdconst.h b/src/lib/libcrypto/ripemd/rmdconst.h new file mode 100644 index 0000000000..59c48dead1 --- /dev/null +++ b/src/lib/libcrypto/ripemd/rmdconst.h @@ -0,0 +1,399 @@ +/* crypto/ripemd/rmdconst.h */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ +#define KL0 0x00000000L +#define KL1 0x5A827999L +#define KL2 0x6ED9EBA1L +#define KL3 0x8F1BBCDCL +#define KL4 0xA953FD4EL + +#define KR0 0x50A28BE6L +#define KR1 0x5C4DD124L +#define KR2 0x6D703EF3L +#define KR3 0x7A6D76E9L +#define KR4 0x00000000L + +#define WL00 0 +#define SL00 11 +#define WL01 1 +#define SL01 14 +#define WL02 2 +#define SL02 15 +#define WL03 3 +#define SL03 12 +#define WL04 4 +#define SL04 5 +#define WL05 5 +#define SL05 8 +#define WL06 6 +#define SL06 7 +#define WL07 7 +#define SL07 9 +#define WL08 8 +#define SL08 11 +#define WL09 9 +#define SL09 13 +#define WL10 10 +#define SL10 14 +#define WL11 11 +#define SL11 15 +#define WL12 12 +#define SL12 6 +#define WL13 13 +#define SL13 7 +#define WL14 14 +#define SL14 9 +#define WL15 15 +#define SL15 8 + +#define WL16 7 +#define SL16 7 +#define WL17 4 +#define SL17 6 +#define WL18 13 +#define SL18 8 +#define WL19 1 +#define SL19 13 +#define WL20 10 +#define SL20 11 +#define WL21 6 +#define SL21 9 +#define WL22 15 +#define SL22 7 +#define WL23 3 +#define SL23 15 +#define WL24 12 +#define SL24 7 +#define WL25 0 +#define SL25 12 +#define WL26 9 +#define SL26 15 +#define WL27 5 +#define SL27 9 +#define WL28 2 +#define SL28 11 +#define WL29 14 +#define SL29 7 +#define WL30 11 +#define SL30 13 +#define WL31 8 +#define SL31 12 + +#define WL32 3 +#define SL32 11 +#define WL33 10 +#define SL33 13 +#define WL34 14 +#define SL34 6 +#define WL35 4 +#define SL35 7 +#define WL36 9 +#define SL36 14 +#define WL37 15 +#define SL37 9 +#define WL38 8 +#define SL38 13 +#define WL39 1 +#define SL39 15 +#define WL40 2 +#define SL40 14 +#define WL41 7 +#define SL41 8 +#define WL42 0 +#define SL42 13 +#define WL43 6 +#define SL43 6 +#define WL44 13 +#define SL44 5 +#define WL45 11 +#define SL45 12 +#define WL46 5 +#define SL46 7 +#define WL47 12 +#define SL47 5 + +#define WL48 1 +#define SL48 11 +#define WL49 9 +#define SL49 12 +#define WL50 11 +#define SL50 14 +#define WL51 10 +#define SL51 15 +#define WL52 0 +#define SL52 14 +#define WL53 8 +#define SL53 15 +#define WL54 12 +#define SL54 9 +#define WL55 4 +#define SL55 8 +#define WL56 13 +#define SL56 9 +#define WL57 3 +#define SL57 14 +#define WL58 7 +#define SL58 5 +#define WL59 15 +#define SL59 6 +#define WL60 14 +#define SL60 8 +#define WL61 5 +#define SL61 6 +#define WL62 6 +#define SL62 5 +#define WL63 2 +#define SL63 12 + +#define WL64 4 +#define SL64 9 +#define WL65 0 +#define SL65 15 +#define WL66 5 +#define SL66 5 +#define WL67 9 +#define SL67 11 +#define WL68 7 +#define SL68 6 +#define WL69 12 +#define SL69 8 +#define WL70 2 +#define SL70 13 +#define WL71 10 +#define SL71 12 +#define WL72 14 +#define SL72 5 +#define WL73 1 +#define SL73 12 +#define WL74 3 +#define SL74 13 +#define WL75 8 +#define SL75 14 +#define WL76 11 +#define SL76 11 +#define WL77 6 +#define SL77 8 +#define WL78 15 +#define SL78 5 +#define WL79 13 +#define SL79 6 + +#define WR00 5 +#define SR00 8 +#define WR01 14 +#define SR01 9 +#define WR02 7 +#define SR02 9 +#define WR03 0 +#define SR03 11 +#define WR04 9 +#define SR04 13 +#define WR05 2 +#define SR05 15 +#define WR06 11 +#define SR06 15 +#define WR07 4 +#define SR07 5 +#define WR08 13 +#define SR08 7 +#define WR09 6 +#define SR09 7 +#define WR10 15 +#define SR10 8 +#define WR11 8 +#define SR11 11 +#define WR12 1 +#define SR12 14 +#define WR13 10 +#define SR13 14 +#define WR14 3 +#define SR14 12 +#define WR15 12 +#define SR15 6 + +#define WR16 6 +#define SR16 9 +#define WR17 11 +#define SR17 13 +#define WR18 3 +#define SR18 15 +#define WR19 7 +#define SR19 7 +#define WR20 0 +#define SR20 12 +#define WR21 13 +#define SR21 8 +#define WR22 5 +#define SR22 9 +#define WR23 10 +#define SR23 11 +#define WR24 14 +#define SR24 7 +#define WR25 15 +#define SR25 7 +#define WR26 8 +#define SR26 12 +#define WR27 12 +#define SR27 7 +#define WR28 4 +#define SR28 6 +#define WR29 9 +#define SR29 15 +#define WR30 1 +#define SR30 13 +#define WR31 2 +#define SR31 11 + +#define WR32 15 +#define SR32 9 +#define WR33 5 +#define SR33 7 +#define WR34 1 +#define SR34 15 +#define WR35 3 +#define SR35 11 +#define WR36 7 +#define SR36 8 +#define WR37 14 +#define SR37 6 +#define WR38 6 +#define SR38 6 +#define WR39 9 +#define SR39 14 +#define WR40 11 +#define SR40 12 +#define WR41 8 +#define SR41 13 +#define WR42 12 +#define SR42 5 +#define WR43 2 +#define SR43 14 +#define WR44 10 +#define SR44 13 +#define WR45 0 +#define SR45 13 +#define WR46 4 +#define SR46 7 +#define WR47 13 +#define SR47 5 + +#define WR48 8 +#define SR48 15 +#define WR49 6 +#define SR49 5 +#define WR50 4 +#define SR50 8 +#define WR51 1 +#define SR51 11 +#define WR52 3 +#define SR52 14 +#define WR53 11 +#define SR53 14 +#define WR54 15 +#define SR54 6 +#define WR55 0 +#define SR55 14 +#define WR56 5 +#define SR56 6 +#define WR57 12 +#define SR57 9 +#define WR58 2 +#define SR58 12 +#define WR59 13 +#define SR59 9 +#define WR60 9 +#define SR60 12 +#define WR61 7 +#define SR61 5 +#define WR62 10 +#define SR62 15 +#define WR63 14 +#define SR63 8 + +#define WR64 12 +#define SR64 8 +#define WR65 15 +#define SR65 5 +#define WR66 10 +#define SR66 12 +#define WR67 4 +#define SR67 9 +#define WR68 1 +#define SR68 12 +#define WR69 5 +#define SR69 5 +#define WR70 8 +#define SR70 14 +#define WR71 7 +#define SR71 6 +#define WR72 6 +#define SR72 8 +#define WR73 2 +#define SR73 13 +#define WR74 13 +#define SR74 6 +#define WR75 14 +#define SR75 5 +#define WR76 0 +#define SR76 15 +#define WR77 3 +#define SR77 13 +#define WR78 9 +#define SR78 11 +#define WR79 11 +#define SR79 11 + diff --git a/src/lib/libcrypto/rsa/rsa.h b/src/lib/libcrypto/rsa/rsa.h new file mode 100644 index 0000000000..aeb78ffcd3 --- /dev/null +++ b/src/lib/libcrypto/rsa/rsa.h @@ -0,0 +1,324 @@ +/* crypto/rsa/rsa.h */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#ifndef HEADER_RSA_H +#define HEADER_RSA_H + +#ifdef __cplusplus +extern "C" { +#endif + +#include "bn.h" +#include "crypto.h" + +typedef struct rsa_meth_st + { + char *name; + int (*rsa_pub_enc)(); + int (*rsa_pub_dec)(); + int (*rsa_priv_enc)(); + int (*rsa_priv_dec)(); + int (*rsa_mod_exp)(); /* Can be null */ + int (*bn_mod_exp)(); /* Can be null */ + int (*init)(/* RSA * */); /* called at new */ + int (*finish)(/* RSA * */); /* called at free */ + + int flags; /* RSA_METHOD_FLAG_* things */ + char *app_data; /* may be needed! */ + } RSA_METHOD; + +typedef struct rsa_st + { + /* The first parameter is used to pickup errors where + * this is passed instead of aEVP_PKEY, it is set to 0 */ + int pad; + int version; + RSA_METHOD *meth; + BIGNUM *n; + BIGNUM *e; + BIGNUM *d; + BIGNUM *p; + BIGNUM *q; + BIGNUM *dmp1; + BIGNUM *dmq1; + BIGNUM *iqmp; + /* be carefull using this if the RSA structure is shared */ + CRYPTO_EX_DATA ex_data; + int references; + int flags; + + /* Normally used to cached montgomery values */ + char *method_mod_n; + char *method_mod_p; + char *method_mod_q; + + BN_BLINDING *blinding; + } RSA; + +#define RSA_3 0x3L +#define RSA_F4 0x10001L + +#define RSA_METHOD_FLAG_NO_CHECK 0x01 /* don't check pub/private match */ +#define RSA_FLAG_CACHE_PUBLIC 0x02 +#define RSA_FLAG_CACHE_PRIVATE 0x04 +#define RSA_FLAG_BLINDING 0x08 +#define RSA_FLAG_THREAD_SAFE 0x10 + +#define RSA_PKCS1_PADDING 1 +#define RSA_SSLV23_PADDING 2 +#define RSA_NO_PADDING 3 + +#define RSA_set_app_data(s,arg) RSA_set_ex_data(s,0,(char *)arg) +#define RSA_get_app_data(s) RSA_get_ex_data(s,0) + +#ifndef NOPROTO +RSA * RSA_new(void); +RSA * RSA_new_method(RSA_METHOD *method); +int RSA_size(RSA *); +RSA * RSA_generate_key(int bits, unsigned long e,void + (*callback)(int,int,char *),char *cb_arg); + /* next 4 return -1 on error */ +int RSA_public_encrypt(int flen, unsigned char *from, + unsigned char *to, RSA *rsa,int padding); +int RSA_private_encrypt(int flen, unsigned char *from, + unsigned char *to, RSA *rsa,int padding); +int RSA_public_decrypt(int flen, unsigned char *from, + unsigned char *to, RSA *rsa,int padding); +int RSA_private_decrypt(int flen, unsigned char *from, + unsigned char *to, RSA *rsa,int padding); +void RSA_free (RSA *r); + +int RSA_flags(RSA *r); + +void RSA_set_default_method(RSA_METHOD *meth); + +/* If you have RSAref compiled in. */ +RSA_METHOD *RSA_PKCS1_RSAref(void); + +/* these are the actual SSLeay RSA functions */ +RSA_METHOD *RSA_PKCS1_SSLeay(void); + +void ERR_load_RSA_strings(void ); + +RSA * d2i_RSAPublicKey(RSA **a, unsigned char **pp, long length); +int i2d_RSAPublicKey(RSA *a, unsigned char **pp); +RSA * d2i_RSAPrivateKey(RSA **a, unsigned char **pp, long length); +int i2d_RSAPrivateKey(RSA *a, unsigned char **pp); +#ifndef NO_FP_API +int RSA_print_fp(FILE *fp, RSA *r,int offset); +#endif + +#ifdef HEADER_BIO_H +int RSA_print(BIO *bp, RSA *r,int offset); +#endif + +int i2d_Netscape_RSA(RSA *a, unsigned char **pp, int (*cb)()); +RSA *d2i_Netscape_RSA(RSA **a, unsigned char **pp, long length, int (*cb)()); +/* Naughty internal function required elsewhere, to handle a MS structure + * that is the same as the netscape one :-) */ +RSA *d2i_Netscape_RSA_2(RSA **a, unsigned char **pp, long length, int (*cb)()); + +/* The following 2 functions sign and verify a X509_SIG ASN1 object + * inside PKCS#1 padded RSA encryption */ +int RSA_sign(int type, unsigned char *m, unsigned int m_len, + unsigned char *sigret, unsigned int *siglen, RSA *rsa); +int RSA_verify(int type, unsigned char *m, unsigned int m_len, + unsigned char *sigbuf, unsigned int siglen, RSA *rsa); + +/* The following 2 function sign and verify a ASN1_OCTET_STRING + * object inside PKCS#1 padded RSA encryption */ +int RSA_sign_ASN1_OCTET_STRING(int type, unsigned char *m, unsigned int m_len, + unsigned char *sigret, unsigned int *siglen, RSA *rsa); +int RSA_verify_ASN1_OCTET_STRING(int type, unsigned char *m, unsigned int m_len, + unsigned char *sigbuf, unsigned int siglen, RSA *rsa); + +int RSA_blinding_on(RSA *rsa, BN_CTX *ctx); +void RSA_blinding_off(RSA *rsa); + +int RSA_padding_add_PKCS1_type_1(unsigned char *to,int tlen, + unsigned char *f,int fl); +int RSA_padding_check_PKCS1_type_1(unsigned char *to,int tlen, + unsigned char *f,int fl); +int RSA_padding_add_PKCS1_type_2(unsigned char *to,int tlen, + unsigned char *f,int fl); +int RSA_padding_check_PKCS1_type_2(unsigned char *to,int tlen, + unsigned char *f,int fl); +int RSA_padding_add_SSLv23(unsigned char *to,int tlen, + unsigned char *f,int fl); +int RSA_padding_check_SSLv23(unsigned char *to,int tlen, + unsigned char *f,int fl); +int RSA_padding_add_none(unsigned char *to,int tlen, + unsigned char *f,int fl); +int RSA_padding_check_none(unsigned char *to,int tlen, + unsigned char *f,int fl); + +int RSA_get_ex_new_index(long argl, char *argp, int (*new_func)(), + int (*dup_func)(), void (*free_func)()); +int RSA_set_ex_data(RSA *r,int idx,char *arg); +char *RSA_get_ex_data(RSA *r, int idx); + +#else + +RSA * RSA_new(); +RSA * RSA_new_method(); +int RSA_size(); +RSA * RSA_generate_key(); +int RSA_public_encrypt(); +int RSA_private_encrypt(); +int RSA_public_decrypt(); +int RSA_private_decrypt(); +void RSA_free (); + +int RSA_flags(); + +void RSA_set_default_method(); + +/* RSA_METHOD *RSA_PKCS1_RSAref(); */ +RSA_METHOD *RSA_PKCS1_SSLeay(); + +void ERR_load_RSA_strings(); + +RSA * d2i_RSAPublicKey(); +int i2d_RSAPublicKey(); +RSA * d2i_RSAPrivateKey(); +int i2d_RSAPrivateKey(); +#ifndef NO_FP_API +int RSA_print_fp(); +#endif + +int RSA_print(); + +int i2d_Netscape_RSA(); +RSA *d2i_Netscape_RSA(); +RSA *d2i_Netscape_RSA_2(); + +int RSA_sign(); +int RSA_verify(); + +int RSA_sign_ASN1_OCTET_STRING(); +int RSA_verify_ASN1_OCTET_STRING(); +int RSA_blinding_on(); +void RSA_blinding_off(); + +int RSA_padding_add_PKCS1_type_1(); +int RSA_padding_check_PKCS1_type_1(); +int RSA_padding_add_PKCS1_type_2(); +int RSA_padding_check_PKCS1_type_2(); +int RSA_padding_add_SSLv23(); +int RSA_padding_check_SSLv23(); +int RSA_padding_add_none(); +int RSA_padding_check_none(); + +int RSA_get_ex_new_index(); +int RSA_set_ex_data(); +char *RSA_get_ex_data(); + +#endif + +/* BEGIN ERROR CODES */ +/* Error codes for the RSA functions. */ + +/* Function codes. */ +#define RSA_F_RSA_EAY_PRIVATE_DECRYPT 100 +#define RSA_F_RSA_EAY_PRIVATE_ENCRYPT 101 +#define RSA_F_RSA_EAY_PUBLIC_DECRYPT 102 +#define RSA_F_RSA_EAY_PUBLIC_ENCRYPT 103 +#define RSA_F_RSA_GENERATE_KEY 104 +#define RSA_F_RSA_NEW_METHOD 105 +#define RSA_F_RSA_PADDING_ADD_NONE 106 +#define RSA_F_RSA_PADDING_ADD_PKCS1_TYPE_1 107 +#define RSA_F_RSA_PADDING_ADD_PKCS1_TYPE_2 108 +#define RSA_F_RSA_PADDING_ADD_SSLV23 109 +#define RSA_F_RSA_PADDING_CHECK_NONE 110 +#define RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_1 111 +#define RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_2 112 +#define RSA_F_RSA_PADDING_CHECK_SSLV23 113 +#define RSA_F_RSA_PRINT 114 +#define RSA_F_RSA_PRINT_FP 115 +#define RSA_F_RSA_SIGN 116 +#define RSA_F_RSA_SIGN_ASN1_OCTET_STRING 117 +#define RSA_F_RSA_VERIFY 118 +#define RSA_F_RSA_VERIFY_ASN1_OCTET_STRING 119 + +/* Reason codes. */ +#define RSA_R_ALGORITHM_MISMATCH 100 +#define RSA_R_BAD_E_VALUE 101 +#define RSA_R_BAD_FIXED_HEADER_DECRYPT 102 +#define RSA_R_BAD_PAD_BYTE_COUNT 103 +#define RSA_R_BAD_SIGNATURE 104 +#define RSA_R_BAD_ZERO_BYTE 105 +#define RSA_R_BLOCK_TYPE_IS_NOT_01 106 +#define RSA_R_BLOCK_TYPE_IS_NOT_02 107 +#define RSA_R_DATA_GREATER_THAN_MOD_LEN 108 +#define RSA_R_DATA_TOO_LARGE 109 +#define RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE 110 +#define RSA_R_DATA_TOO_SMALL 111 +#define RSA_R_DIGEST_TOO_BIG_FOR_RSA_KEY 112 +#define RSA_R_NULL_BEFORE_BLOCK_MISSING 113 +#define RSA_R_PADDING_CHECK_FAILED 114 +#define RSA_R_SSLV3_ROLLBACK_ATTACK 115 +#define RSA_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD 116 +#define RSA_R_UNKNOWN_ALGORITHM_TYPE 117 +#define RSA_R_UNKNOWN_PADDING_TYPE 118 +#define RSA_R_WRONG_SIGNATURE_LENGTH 119 + +#ifdef __cplusplus +} +#endif +#endif + diff --git a/src/lib/libcrypto/rsa/rsa_eay.c b/src/lib/libcrypto/rsa/rsa_eay.c new file mode 100644 index 0000000000..42a77f11cd --- /dev/null +++ b/src/lib/libcrypto/rsa/rsa_eay.c @@ -0,0 +1,274 @@ + +/* This file has been explicitly broken by ryker for OpenBSD, July + * 1, 1998. In spite of the title, there is no implementation of the + * RSA algorithm left in this file. All these routines will return an + * error and fail when called. They exist as stubs and can be + * ressurected from the bit bucket by someone in the free world once + * the RSA algorithm is no longer subject to patent problems. Eric + * Young's original copyright is below. + */ + +/* crypto/rsa/rsa_eay.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include +#include "cryptlib.h" +#include "bn.h" +#include "rsa.h" +#include "rand.h" + +#ifndef NOPROTO +static int RSA_eay_public_encrypt(int flen, unsigned char *from, + unsigned char *to, RSA *rsa,int padding); +static int RSA_eay_private_encrypt(int flen, unsigned char *from, + unsigned char *to, RSA *rsa,int padding); +static int RSA_eay_public_decrypt(int flen, unsigned char *from, + unsigned char *to, RSA *rsa,int padding); +static int RSA_eay_private_decrypt(int flen, unsigned char *from, + unsigned char *to, RSA *rsa,int padding); +static int RSA_eay_mod_exp(BIGNUM *r0, BIGNUM *i, RSA *rsa); +static int RSA_eay_init(RSA *rsa); +static int RSA_eay_finish(RSA *rsa); +#else +static int RSA_eay_public_encrypt(); +static int RSA_eay_private_encrypt(); +static int RSA_eay_public_decrypt(); +static int RSA_eay_private_decrypt(); +static int RSA_eay_mod_exp(); +static int RSA_eay_init(); +static int RSA_eay_finish(); +#endif + +static RSA_METHOD rsa_pkcs1_eay_meth={ + "Eric Young's PKCS#1 RSA", + RSA_eay_public_encrypt, + RSA_eay_public_decrypt, + RSA_eay_private_encrypt, + RSA_eay_private_decrypt, + RSA_eay_mod_exp, + BN_mod_exp_mont, + RSA_eay_init, + RSA_eay_finish, + 0, + NULL, + }; + +RSA_METHOD *RSA_PKCS1_SSLeay() + { + return(&rsa_pkcs1_eay_meth); + } + +static int RSA_eay_public_encrypt(flen, from, to, rsa, padding) +int flen; +unsigned char *from; +unsigned char *to; +RSA *rsa; +int padding; + { + BIGNUM *f=NULL,*ret=NULL; + int i,j,k,num=0,r= -1; + unsigned char *buf=NULL; + BN_CTX *ctx=NULL; + + /* Body of this routine removed for OpenBSD - will return + * when the RSA patent expires + */ + +err: + if (ctx != NULL) BN_CTX_free(ctx); + if (f != NULL) BN_free(f); + if (ret != NULL) BN_free(ret); + if (buf != NULL) + { + memset(buf,0,num); + Free(buf); + } + return(r); + } + +static int RSA_eay_private_encrypt(flen, from, to, rsa, padding) +int flen; +unsigned char *from; +unsigned char *to; +RSA *rsa; +int padding; + { + BIGNUM *f=NULL,*ret=NULL; + int i,j,k,num=0,r= -1; + unsigned char *buf=NULL; + BN_CTX *ctx=NULL; + + /* Body of this routine removed for OpenBSD - will return + * when the RSA patent expires + */ + +err: + if (ctx != NULL) BN_CTX_free(ctx); + if (ret != NULL) BN_free(ret); + if (f != NULL) BN_free(f); + if (buf != NULL) + { + memset(buf,0,num); + Free(buf); + } + return(r); + } + +static int RSA_eay_private_decrypt(flen, from, to, rsa,padding) +int flen; +unsigned char *from; +unsigned char *to; +RSA *rsa; +int padding; + { + BIGNUM *f=NULL,*ret=NULL; + int j,num=0,r= -1; + unsigned char *p; + unsigned char *buf=NULL; + BN_CTX *ctx=NULL; + + /* Body of this routine removed for OpenBSD - will return + * when the RSA patent expires + */ + +err: + if (ctx != NULL) BN_CTX_free(ctx); + if (f != NULL) BN_free(f); + if (ret != NULL) BN_free(ret); + if (buf != NULL) + { + memset(buf,0,num); + Free(buf); + } + return(r); + } + +static int RSA_eay_public_decrypt(flen, from, to, rsa, padding) +int flen; +unsigned char *from; +unsigned char *to; +RSA *rsa; +int padding; + { + BIGNUM *f=NULL,*ret=NULL; + int i,num=0,r= -1; + unsigned char *p; + unsigned char *buf=NULL; + BN_CTX *ctx=NULL; + + + /* Body of this routine removed for OpenBSD - will return + * when the RSA patent expires + */ + +err: + if (ctx != NULL) BN_CTX_free(ctx); + if (f != NULL) BN_free(f); + if (ret != NULL) BN_free(ret); + if (buf != NULL) + { + memset(buf,0,num); + Free(buf); + } + return(r); + } + +static int RSA_eay_mod_exp(r0, I, rsa) +BIGNUM *r0; +BIGNUM *I; +RSA *rsa; + { + BIGNUM *r1=NULL,*m1=NULL; + int ret=0; + BN_CTX *ctx; + + if ((ctx=BN_CTX_new()) == NULL) goto err; + m1=BN_new(); + r1=BN_new(); + if ((m1 == NULL) || (r1 == NULL)) goto err; + + /* Body of this routine removed for OpenBSD - will return + * when the RSA patent expires + */ +err: + if (m1 != NULL) BN_free(m1); + if (r1 != NULL) BN_free(r1); + BN_CTX_free(ctx); + return(ret); + } + +static int RSA_eay_init(rsa) +RSA *rsa; + { + rsa->flags|=RSA_FLAG_CACHE_PUBLIC|RSA_FLAG_CACHE_PRIVATE; + return(1); + } + +static int RSA_eay_finish(rsa) +RSA *rsa; + { + if (rsa->method_mod_n != NULL) + BN_MONT_CTX_free((BN_MONT_CTX *)rsa->method_mod_n); + if (rsa->method_mod_p != NULL) + BN_MONT_CTX_free((BN_MONT_CTX *)rsa->method_mod_p); + if (rsa->method_mod_q != NULL) + BN_MONT_CTX_free((BN_MONT_CTX *)rsa->method_mod_q); + return(1); + } + + diff --git a/src/lib/libcrypto/rsa/rsa_err.c b/src/lib/libcrypto/rsa/rsa_err.c new file mode 100644 index 0000000000..796b3afd47 --- /dev/null +++ b/src/lib/libcrypto/rsa/rsa_err.c @@ -0,0 +1,129 @@ +/* lib/rsa/rsa_err.c */ +/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ +#include +#include "err.h" +#include "rsa.h" + +/* BEGIN ERROR CODES */ +#ifndef NO_ERR +static ERR_STRING_DATA RSA_str_functs[]= + { +{ERR_PACK(0,RSA_F_RSA_EAY_PRIVATE_DECRYPT,0), "RSA_EAY_PRIVATE_DECRYPT"}, +{ERR_PACK(0,RSA_F_RSA_EAY_PRIVATE_ENCRYPT,0), "RSA_EAY_PRIVATE_ENCRYPT"}, +{ERR_PACK(0,RSA_F_RSA_EAY_PUBLIC_DECRYPT,0), "RSA_EAY_PUBLIC_DECRYPT"}, +{ERR_PACK(0,RSA_F_RSA_EAY_PUBLIC_ENCRYPT,0), "RSA_EAY_PUBLIC_ENCRYPT"}, +{ERR_PACK(0,RSA_F_RSA_GENERATE_KEY,0), "RSA_generate_key"}, +{ERR_PACK(0,RSA_F_RSA_NEW_METHOD,0), "RSA_new_method"}, +{ERR_PACK(0,RSA_F_RSA_PADDING_ADD_NONE,0), "RSA_padding_add_none"}, +{ERR_PACK(0,RSA_F_RSA_PADDING_ADD_PKCS1_TYPE_1,0), "RSA_padding_add_PKCS1_type_1"}, +{ERR_PACK(0,RSA_F_RSA_PADDING_ADD_PKCS1_TYPE_2,0), "RSA_padding_add_PKCS1_type_2"}, +{ERR_PACK(0,RSA_F_RSA_PADDING_ADD_SSLV23,0), "RSA_padding_add_SSLv23"}, +{ERR_PACK(0,RSA_F_RSA_PADDING_CHECK_NONE,0), "RSA_padding_check_none"}, +{ERR_PACK(0,RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_1,0), "RSA_padding_check_PKCS1_type_1"}, +{ERR_PACK(0,RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_2,0), "RSA_padding_check_PKCS1_type_2"}, +{ERR_PACK(0,RSA_F_RSA_PADDING_CHECK_SSLV23,0), "RSA_padding_check_SSLv23"}, +{ERR_PACK(0,RSA_F_RSA_PRINT,0), "RSA_print"}, +{ERR_PACK(0,RSA_F_RSA_PRINT_FP,0), "RSA_print_fp"}, +{ERR_PACK(0,RSA_F_RSA_SIGN,0), "RSA_sign"}, +{ERR_PACK(0,RSA_F_RSA_SIGN_ASN1_OCTET_STRING,0), "RSA_sign_ASN1_OCTET_STRING"}, +{ERR_PACK(0,RSA_F_RSA_VERIFY,0), "RSA_verify"}, +{ERR_PACK(0,RSA_F_RSA_VERIFY_ASN1_OCTET_STRING,0), "RSA_verify_ASN1_OCTET_STRING"}, +{0,NULL}, + }; + +static ERR_STRING_DATA RSA_str_reasons[]= + { +{RSA_R_ALGORITHM_MISMATCH ,"algorithm mismatch"}, +{RSA_R_BAD_E_VALUE ,"bad e value"}, +{RSA_R_BAD_FIXED_HEADER_DECRYPT ,"bad fixed header decrypt"}, +{RSA_R_BAD_PAD_BYTE_COUNT ,"bad pad byte count"}, +{RSA_R_BAD_SIGNATURE ,"bad signature"}, +{RSA_R_BAD_ZERO_BYTE ,"bad zero byte"}, +{RSA_R_BLOCK_TYPE_IS_NOT_01 ,"block type is not 01"}, +{RSA_R_BLOCK_TYPE_IS_NOT_02 ,"block type is not 02"}, +{RSA_R_DATA_GREATER_THAN_MOD_LEN ,"data greater than mod len"}, +{RSA_R_DATA_TOO_LARGE ,"data too large"}, +{RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE ,"data too large for key size"}, +{RSA_R_DATA_TOO_SMALL ,"data too small"}, +{RSA_R_DIGEST_TOO_BIG_FOR_RSA_KEY ,"digest too big for rsa key"}, +{RSA_R_NULL_BEFORE_BLOCK_MISSING ,"null before block missing"}, +{RSA_R_PADDING_CHECK_FAILED ,"padding check failed"}, +{RSA_R_SSLV3_ROLLBACK_ATTACK ,"sslv3 rollback attack"}, +{RSA_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD,"the asn1 object identifier is not known for this md"}, +{RSA_R_UNKNOWN_ALGORITHM_TYPE ,"unknown algorithm type"}, +{RSA_R_UNKNOWN_PADDING_TYPE ,"unknown padding type"}, +{RSA_R_WRONG_SIGNATURE_LENGTH ,"wrong signature length"}, +{0,NULL}, + }; + +#endif + +void ERR_load_RSA_strings() + { + static int init=1; + + if (init); + {; + init=0; +#ifndef NO_ERR + ERR_load_strings(ERR_LIB_RSA,RSA_str_functs); + ERR_load_strings(ERR_LIB_RSA,RSA_str_reasons); +#endif + + } + } diff --git a/src/lib/libcrypto/rsa/rsa_gen.c b/src/lib/libcrypto/rsa/rsa_gen.c new file mode 100644 index 0000000000..4cbd373829 --- /dev/null +++ b/src/lib/libcrypto/rsa/rsa_gen.c @@ -0,0 +1,101 @@ +/* crypto/rsa/rsa_gen.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include +#include +#include "cryptlib.h" +#include "bn.h" +#include "rsa.h" + +RSA *RSA_generate_key(bits, e_value, callback,cb_arg) +int bits; +unsigned long e_value; +void (*callback)(P_I_I_P); +char *cb_arg; + { + RSA *rsa=NULL; + BIGNUM *r0=NULL,*r1=NULL,*r2=NULL,*r3=NULL,*tmp; + int bitsp,bitsq,ok= -1,n=0; + BN_CTX *ctx=NULL,*ctx2=NULL; + + ctx=BN_CTX_new(); + if (ctx == NULL) goto err; + ctx2=BN_CTX_new(); + if (ctx2 == NULL) goto err; + + /* Body of this routine removed for OpenBSD - will return + * when the RSA patent expires + */ +err: + if (ok == -1) + { + RSAerr(RSA_F_RSA_GENERATE_KEY,ERR_LIB_BN); + ok=0; + } + BN_CTX_free(ctx); + BN_CTX_free(ctx2); + + if (!ok) + { + if (rsa != NULL) RSA_free(rsa); + return(NULL); + } + else + return(rsa); + } + diff --git a/src/lib/libcrypto/rsa/rsa_lib.c b/src/lib/libcrypto/rsa/rsa_lib.c new file mode 100644 index 0000000000..95a56f8a28 --- /dev/null +++ b/src/lib/libcrypto/rsa/rsa_lib.c @@ -0,0 +1,294 @@ +/* crypto/rsa/rsa_lib.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include +#include "crypto.h" +#include "cryptlib.h" +#include "lhash.h" +#include "bn.h" +#include "rsa.h" + +char *RSA_version="RSA part of SSLeay 0.9.0b 29-Jun-1998"; + +static RSA_METHOD *default_RSA_meth=NULL; +static int rsa_meth_num=0; +static STACK *rsa_meth=NULL; + +RSA *RSA_new() + { + return(RSA_new_method(NULL)); + } + +void RSA_set_default_method(meth) +RSA_METHOD *meth; + { + default_RSA_meth=meth; + } + +RSA *RSA_new_method(meth) +RSA_METHOD *meth; + { + RSA *ret; + + if (default_RSA_meth == NULL) + { +#ifdef RSAref + default_RSA_meth=RSA_PKCS1_RSAref(); +#else + default_RSA_meth=RSA_PKCS1_SSLeay(); +#endif + } + ret=(RSA *)Malloc(sizeof(RSA)); + if (ret == NULL) + { + RSAerr(RSA_F_RSA_NEW_METHOD,ERR_R_MALLOC_FAILURE); + return(NULL); + } + + if (meth == NULL) + ret->meth=default_RSA_meth; + else + ret->meth=meth; + + ret->pad=0; + ret->version=0; + ret->n=NULL; + ret->e=NULL; + ret->d=NULL; + ret->p=NULL; + ret->q=NULL; + ret->dmp1=NULL; + ret->dmq1=NULL; + ret->iqmp=NULL; + ret->references=1; + ret->method_mod_n=NULL; + ret->method_mod_p=NULL; + ret->method_mod_q=NULL; + ret->blinding=NULL; + ret->flags=ret->meth->flags; + if ((ret->meth->init != NULL) && !ret->meth->init(ret)) + { + Free(ret); + ret=NULL; + } + CRYPTO_new_ex_data(rsa_meth,(char *)ret,&ret->ex_data); + return(ret); + } + +void RSA_free(r) +RSA *r; + { + int i; + + if (r == NULL) return; + + i=CRYPTO_add(&r->references,-1,CRYPTO_LOCK_RSA); +#ifdef REF_PRINT + REF_PRINT("RSA",r); +#endif + if (i > 0) return; +#ifdef REF_CHECK + if (i < 0) + { + fprintf(stderr,"RSA_free, bad reference count\n"); + abort(); + } +#endif + + CRYPTO_free_ex_data(rsa_meth,(char *)r,&r->ex_data); + + if (r->meth->finish != NULL) + r->meth->finish(r); + + if (r->n != NULL) BN_clear_free(r->n); + if (r->e != NULL) BN_clear_free(r->e); + if (r->d != NULL) BN_clear_free(r->d); + if (r->p != NULL) BN_clear_free(r->p); + if (r->q != NULL) BN_clear_free(r->q); + if (r->dmp1 != NULL) BN_clear_free(r->dmp1); + if (r->dmq1 != NULL) BN_clear_free(r->dmq1); + if (r->iqmp != NULL) BN_clear_free(r->iqmp); + if (r->blinding != NULL) BN_BLINDING_free(r->blinding); + Free(r); + } + +int RSA_get_ex_new_index(argl,argp,new_func,dup_func,free_func) +long argl; +char *argp; +int (*new_func)(); +int (*dup_func)(); +void (*free_func)(); + { + rsa_meth_num++; + return(CRYPTO_get_ex_new_index(rsa_meth_num-1, + &rsa_meth,argl,argp,new_func,dup_func,free_func)); + } + +int RSA_set_ex_data(r,idx,arg) +RSA *r; +int idx; +char *arg; + { + return(CRYPTO_set_ex_data(&r->ex_data,idx,arg)); + } + +char *RSA_get_ex_data(r,idx) +RSA *r; +int idx; + { + return(CRYPTO_get_ex_data(&r->ex_data,idx)); + } + +int RSA_size(r) +RSA *r; + { + return(BN_num_bytes(r->n)); + } + +int RSA_public_encrypt(flen, from, to, rsa, padding) +int flen; +unsigned char *from; +unsigned char *to; +RSA *rsa; +int padding; + { + return(rsa->meth->rsa_pub_enc(flen, from, to, rsa, padding)); + } + +int RSA_private_encrypt(flen, from, to, rsa, padding) +int flen; +unsigned char *from; +unsigned char *to; +RSA *rsa; +int padding; + { + return(rsa->meth->rsa_priv_enc(flen, from, to, rsa, padding)); + } + +int RSA_private_decrypt(flen, from, to, rsa, padding) +int flen; +unsigned char *from; +unsigned char *to; +RSA *rsa; +int padding; + { + return(rsa->meth->rsa_priv_dec(flen, from, to, rsa, padding)); + } + +int RSA_public_decrypt(flen, from, to, rsa, padding) +int flen; +unsigned char *from; +unsigned char *to; +RSA *rsa; +int padding; + { + return(rsa->meth->rsa_pub_dec(flen, from, to, rsa, padding)); + } + +int RSA_flags(r) +RSA *r; + { + return((r == NULL)?0:r->meth->flags); + } + +void RSA_blinding_off(rsa) +RSA *rsa; + { + if (rsa->blinding != NULL) + { + BN_BLINDING_free(rsa->blinding); + rsa->blinding=NULL; + } + rsa->flags&= ~RSA_FLAG_BLINDING; + } + +int RSA_blinding_on(rsa,p_ctx) +RSA *rsa; +BN_CTX *p_ctx; + { + BIGNUM *A,*Ai; + BN_CTX *ctx; + int ret=0; + + if (p_ctx == NULL) + { + if ((ctx=BN_CTX_new()) == NULL) goto err; + } + else + ctx=p_ctx; + + if (rsa->blinding != NULL) + BN_BLINDING_free(rsa->blinding); + + A=ctx->bn[0]; + ctx->tos++; + if (!BN_rand(A,BN_num_bits(rsa->n)-1,1,0)) goto err; + if ((Ai=BN_mod_inverse(A,rsa->n,ctx)) == NULL) goto err; + + if (!rsa->meth->bn_mod_exp(A,A,rsa->e,rsa->n,ctx, + (char *)rsa->method_mod_n)) goto err; + rsa->blinding=BN_BLINDING_new(A,Ai,rsa->n); + ctx->tos--; + rsa->flags|=RSA_FLAG_BLINDING; + BN_free(Ai); + ret=1; +err: + if (ctx != p_ctx) BN_CTX_free(ctx); + return(ret); + } + diff --git a/src/lib/libcrypto/rsa/rsa_none.c b/src/lib/libcrypto/rsa/rsa_none.c new file mode 100644 index 0000000000..f0dd943657 --- /dev/null +++ b/src/lib/libcrypto/rsa/rsa_none.c @@ -0,0 +1,109 @@ +/* crypto/rsa/rsa_none.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include +#include "cryptlib.h" +#include "bn.h" +#include "rsa.h" +#include "rand.h" + +int RSA_padding_add_none(to,tlen,from,flen) +unsigned char *to; +int tlen; +unsigned char *from; +int flen; + { + if (flen >= tlen) + { + RSAerr(RSA_F_RSA_PADDING_ADD_NONE,RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE); + return(0); + } + + *(to++)=0; + memcpy(to,from,(unsigned int)flen); + return(1); + } + +int RSA_padding_check_none(to,tlen,from,flen) +unsigned char *to; +int tlen; +unsigned char *from; +int flen; + { + int j; + + from++; + if (flen+1 > tlen) + { + RSAerr(RSA_F_RSA_PADDING_CHECK_NONE,RSA_R_DATA_TOO_LARGE); + return(-1); + } + if (*(from++) != 0) + { + RSAerr(RSA_F_RSA_PADDING_CHECK_NONE,RSA_R_BAD_ZERO_BYTE); + return(-1); + } + + /* scan over padding data */ + j=flen-1; /* one for type and one for the prepended 0. */ + memset(to,0,tlen-j); + to+=(tlen-j); + memcpy(to,from,j); + return(j); + } + diff --git a/src/lib/libcrypto/rsa/rsa_pk1.c b/src/lib/libcrypto/rsa/rsa_pk1.c new file mode 100644 index 0000000000..2791291b94 --- /dev/null +++ b/src/lib/libcrypto/rsa/rsa_pk1.c @@ -0,0 +1,233 @@ +/* crypto/rsa/rsa_pk1.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include +#include "cryptlib.h" +#include "bn.h" +#include "rsa.h" +#include "rand.h" + +#ifndef NOPROTO +int RSA_padding_add_PKCS1_type_1(); +int RSA_padding_check_PKCS1_type_1(); +int RSA_padding_add_PKCS1_type_2(); +int RSA_padding_check_PKCS1_type_2(); +int RSA_padding_add_SSLv23(); +int RSA_padding_check_SSLv23(); +int RSA_padding_add_none(); +int RSA_padding_check_none(); + +#endif + +int RSA_padding_add_PKCS1_type_1(to,tlen,from,flen) +unsigned char *to; +int tlen; +unsigned char *from; +int flen; + { + int j; + unsigned char *p; + + if (flen > (tlen-11)) + { + RSAerr(RSA_F_RSA_PADDING_ADD_PKCS1_TYPE_1,RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE); + return(0); + } + + p=(unsigned char *)to; + + *(p++)=0; + *(p++)=1; /* Private Key BT (Block Type) */ + + /* padd out with 0xff data */ + j=tlen-3-flen; + memset(p,0xff,j); + p+=j; + *(p++)='\0'; + memcpy(p,from,(unsigned int)flen); + return(1); + } + +int RSA_padding_check_PKCS1_type_1(to,tlen,from,flen) +unsigned char *to; +int tlen; +unsigned char *from; +int flen; + { + int i,j; + unsigned char *p; + + p=from; + if (*(p++) != 01) + { + RSAerr(RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_1,RSA_R_BLOCK_TYPE_IS_NOT_01); + return(-1); + } + + /* scan over padding data */ + j=flen-1; /* one for type. */ + for (i=0; i (tlen-11)) + { + RSAerr(RSA_F_RSA_PADDING_ADD_PKCS1_TYPE_2,RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE); + return(0); + } + + p=(unsigned char *)to; + + *(p++)=0; + *(p++)=2; /* Public Key BT (Block Type) */ + + /* pad out with non-zero random data */ + j=tlen-3-flen; + + RAND_bytes(p,j); + for (i=0; i +#include "cryptlib.h" +#include "bn.h" +#include "rsa.h" +#include "objects.h" +#include "x509.h" + +int RSA_sign_ASN1_OCTET_STRING(type,m,m_len,sigret,siglen,rsa) +int type; +unsigned char *m; +unsigned int m_len; +unsigned char *sigret; +unsigned int *siglen; +RSA *rsa; + { + ASN1_OCTET_STRING sig; + int i,j,ret=1; + unsigned char *p,*s; + + sig.type=V_ASN1_OCTET_STRING; + sig.length=m_len; + sig.data=m; + + i=i2d_ASN1_OCTET_STRING(&sig,NULL); + j=RSA_size(rsa); + if ((i-RSA_PKCS1_PADDING) > j) + { + RSAerr(RSA_F_RSA_SIGN_ASN1_OCTET_STRING,RSA_R_DIGEST_TOO_BIG_FOR_RSA_KEY); + return(0); + } + s=(unsigned char *)Malloc((unsigned int)j+1); + if (s == NULL) + { + RSAerr(RSA_F_RSA_SIGN_ASN1_OCTET_STRING,ERR_R_MALLOC_FAILURE); + return(0); + } + p=s; + i2d_ASN1_OCTET_STRING(&sig,&p); + i=RSA_private_encrypt(i,s,sigret,rsa,RSA_PKCS1_PADDING); + if (i <= 0) + ret=0; + else + *siglen=i; + + memset(s,0,(unsigned int)j+1); + Free(s); + return(ret); + } + +int RSA_verify_ASN1_OCTET_STRING(dtype, m, m_len, sigbuf, siglen, rsa) +int dtype; +unsigned char *m; +unsigned int m_len; +unsigned char *sigbuf; +unsigned int siglen; +RSA *rsa; + { + int i,ret=0; + unsigned char *p,*s; + ASN1_OCTET_STRING *sig=NULL; + + if (siglen != (unsigned int)RSA_size(rsa)) + { + RSAerr(RSA_F_RSA_VERIFY_ASN1_OCTET_STRING,RSA_R_WRONG_SIGNATURE_LENGTH); + return(0); + } + + s=(unsigned char *)Malloc((unsigned int)siglen); + if (s == NULL) + { + RSAerr(RSA_F_RSA_VERIFY_ASN1_OCTET_STRING,ERR_R_MALLOC_FAILURE); + goto err; + } + i=RSA_public_decrypt((int)siglen,sigbuf,s,rsa,RSA_PKCS1_PADDING); + + if (i <= 0) goto err; + + p=s; + sig=d2i_ASN1_OCTET_STRING(NULL,&p,(long)i); + if (sig == NULL) goto err; + + if ( ((unsigned int)sig->length != m_len) || + (memcmp(m,sig->data,m_len) != 0)) + { + RSAerr(RSA_F_RSA_VERIFY_ASN1_OCTET_STRING,RSA_R_BAD_SIGNATURE); + } + else + ret=1; +err: + if (sig != NULL) ASN1_OCTET_STRING_free(sig); + memset(s,0,(unsigned int)siglen); + Free(s); + return(ret); + } + diff --git a/src/lib/libcrypto/rsa/rsa_sign.c b/src/lib/libcrypto/rsa/rsa_sign.c new file mode 100644 index 0000000000..28c5571e74 --- /dev/null +++ b/src/lib/libcrypto/rsa/rsa_sign.c @@ -0,0 +1,196 @@ +/* crypto/rsa/rsa_sign.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include +#include "cryptlib.h" +#include "bn.h" +#include "rsa.h" +#include "objects.h" +#include "x509.h" + +int RSA_sign(type,m,m_len,sigret,siglen,rsa) +int type; +unsigned char *m; +unsigned int m_len; +unsigned char *sigret; +unsigned int *siglen; +RSA *rsa; + { + X509_SIG sig; + ASN1_TYPE parameter; + int i,j,ret=1; + unsigned char *p,*s; + X509_ALGOR algor; + ASN1_OCTET_STRING digest; + + sig.algor= &algor; + sig.algor->algorithm=OBJ_nid2obj(type); + if (sig.algor->algorithm == NULL) + { + RSAerr(RSA_F_RSA_SIGN,RSA_R_UNKNOWN_ALGORITHM_TYPE); + return(0); + } + if (sig.algor->algorithm->length == 0) + { + RSAerr(RSA_F_RSA_SIGN,RSA_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD); + return(0); + } + parameter.type=V_ASN1_NULL; + parameter.value.ptr=NULL; + sig.algor->parameter= ¶meter; + + sig.digest= &digest; + sig.digest->data=m; + sig.digest->length=m_len; + + i=i2d_X509_SIG(&sig,NULL); + j=RSA_size(rsa); + if ((i-RSA_PKCS1_PADDING) > j) + { + RSAerr(RSA_F_RSA_SIGN,RSA_R_DIGEST_TOO_BIG_FOR_RSA_KEY); + return(0); + } + s=(unsigned char *)Malloc((unsigned int)j+1); + if (s == NULL) + { + RSAerr(RSA_F_RSA_SIGN,ERR_R_MALLOC_FAILURE); + return(0); + } + p=s; + i2d_X509_SIG(&sig,&p); + i=RSA_private_encrypt(i,s,sigret,rsa,RSA_PKCS1_PADDING); + if (i <= 0) + ret=0; + else + *siglen=i; + + memset(s,0,(unsigned int)j+1); + Free(s); + return(ret); + } + +int RSA_verify(dtype, m, m_len, sigbuf, siglen, rsa) +int dtype; +unsigned char *m; +unsigned int m_len; +unsigned char *sigbuf; +unsigned int siglen; +RSA *rsa; + { + int i,ret=0,sigtype; + unsigned char *p,*s; + X509_SIG *sig=NULL; + + if (siglen != (unsigned int)RSA_size(rsa)) + { + RSAerr(RSA_F_RSA_VERIFY,RSA_R_WRONG_SIGNATURE_LENGTH); + return(0); + } + + s=(unsigned char *)Malloc((unsigned int)siglen); + if (s == NULL) + { + RSAerr(RSA_F_RSA_VERIFY,ERR_R_MALLOC_FAILURE); + goto err; + } + i=RSA_public_decrypt((int)siglen,sigbuf,s,rsa,RSA_PKCS1_PADDING); + + if (i <= 0) goto err; + + p=s; + sig=d2i_X509_SIG(NULL,&p,(long)i); + if (sig == NULL) goto err; + sigtype=OBJ_obj2nid(sig->algor->algorithm); + +#ifdef RSA_DEBUG + /* put a backward compatability flag in EAY */ + fprintf(stderr,"in(%s) expect(%s)\n",OBJ_nid2ln(sigtype), + OBJ_nid2ln(dtype)); +#endif + if (sigtype != dtype) + { + if (((dtype == NID_md5) && + (sigtype == NID_md5WithRSAEncryption)) || + ((dtype == NID_md2) && + (sigtype == NID_md2WithRSAEncryption))) + { + /* ok, we will let it through */ +#if !defined(NO_STDIO) && !defined(WIN16) + fprintf(stderr,"signature has problems, re-make with post SSLeay045\n"); +#endif + } + else + { + RSAerr(RSA_F_RSA_VERIFY,RSA_R_ALGORITHM_MISMATCH); + goto err; + } + } + if ( ((unsigned int)sig->digest->length != m_len) || + (memcmp(m,sig->digest->data,m_len) != 0)) + { + RSAerr(RSA_F_RSA_VERIFY,RSA_R_BAD_SIGNATURE); + } + else + ret=1; +err: + if (sig != NULL) X509_SIG_free(sig); + memset(s,0,(unsigned int)siglen); + Free(s); + return(ret); + } + diff --git a/src/lib/libcrypto/rsa/rsa_ssl.c b/src/lib/libcrypto/rsa/rsa_ssl.c new file mode 100644 index 0000000000..9bcd4b2c03 --- /dev/null +++ b/src/lib/libcrypto/rsa/rsa_ssl.c @@ -0,0 +1,153 @@ +/* crypto/rsa/rsa_ssl.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include +#include "cryptlib.h" +#include "bn.h" +#include "rsa.h" +#include "rand.h" + +int RSA_padding_add_SSLv23(to,tlen,from,flen) +unsigned char *to; +int tlen; +unsigned char *from; +int flen; + { + int i,j; + unsigned char *p; + + if (flen > (tlen-11)) + { + RSAerr(RSA_F_RSA_PADDING_ADD_SSLV23,RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE); + return(0); + } + + p=(unsigned char *)to; + + *(p++)=0; + *(p++)=2; /* Public Key BT (Block Type) */ + + /* pad out with non-zero random data */ + j=tlen-3-8-flen; + + RAND_bytes(p,j); + for (i=0; i A + # T -> B + # A -> C + # B -> D + # C -> E + # D -> T + + # The last 2 have been moved into the last loop + # &mov($tmp1,&wparam(0)); + + &mov($D, &DWP(12,$tmp1,"",0)); + &add($D,$B); + &mov($B, &DWP( 4,$tmp1,"",0)); + &add($B,$T); + &mov($T, $A); + &mov($A, &DWP( 0,$tmp1,"",0)); + &mov(&DWP(12,$tmp1,"",0),$D); + + &add($A,$E); + &mov($E, &DWP(16,$tmp1,"",0)); + &add($E,$C); + &mov($C, &DWP( 8,$tmp1,"",0)); + &add($C,$T); + + &mov(&DWP( 0,$tmp1,"",0),$A); + &mov("esi",&swtmp(16)); + &mov(&DWP( 8,$tmp1,"",0),$C); # This is for looping + &add("esi",64); + &mov("eax",&swtmp(17)); + &mov(&DWP(16,$tmp1,"",0),$E); + &cmp("eax","esi"); + &mov(&DWP( 4,$tmp1,"",0),$B); # This is for looping + &jl(&label("end")); + &mov("eax",&DWP(0,"esi","",0)); # Pulled down from + &jmp(&label("start")); + + &set_label("end"); + &stack_pop(18); + &pop("edi"); + &pop("ebx"); + &pop("ebp"); + &pop("esi"); + &ret(); + &function_end_B($name); + } + diff --git a/src/lib/libcrypto/sha/sha.h b/src/lib/libcrypto/sha/sha.h new file mode 100644 index 0000000000..4cf0ea0225 --- /dev/null +++ b/src/lib/libcrypto/sha/sha.h @@ -0,0 +1,109 @@ +/* crypto/sha/sha.h */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#ifndef HEADER_SHA_H +#define HEADER_SHA_H + +#ifdef __cplusplus +extern "C" { +#endif + +#define SHA_CBLOCK 64 +#define SHA_LBLOCK 16 +#define SHA_BLOCK 16 +#define SHA_LAST_BLOCK 56 +#define SHA_LENGTH_BLOCK 8 +#define SHA_DIGEST_LENGTH 20 + +typedef struct SHAstate_st + { + unsigned long h0,h1,h2,h3,h4; + unsigned long Nl,Nh; + unsigned long data[SHA_LBLOCK]; + int num; + } SHA_CTX; + +#ifndef NOPROTO +void SHA_Init(SHA_CTX *c); +void SHA_Update(SHA_CTX *c, unsigned char *data, unsigned long len); +void SHA_Final(unsigned char *md, SHA_CTX *c); +unsigned char *SHA(unsigned char *d, unsigned long n,unsigned char *md); +void SHA_Transform(SHA_CTX *c, unsigned char *data); +void SHA1_Init(SHA_CTX *c); +void SHA1_Update(SHA_CTX *c, unsigned char *data, unsigned long len); +void SHA1_Final(unsigned char *md, SHA_CTX *c); +unsigned char *SHA1(unsigned char *d, unsigned long n,unsigned char *md); +void SHA1_Transform(SHA_CTX *c, unsigned char *data); +#else +void SHA_Init(); +void SHA_Update(); +void SHA_Final(); +unsigned char *SHA(); +void SHA_Transform(); +void SHA1_Init(); +void SHA1_Update(); +void SHA1_Final(); +unsigned char *SHA1(); +void SHA1_Transform(); +#endif + +#ifdef __cplusplus +} +#endif + +#endif diff --git a/src/lib/libcrypto/sha/sha1_one.c b/src/lib/libcrypto/sha/sha1_one.c new file mode 100644 index 0000000000..fe5770d601 --- /dev/null +++ b/src/lib/libcrypto/sha/sha1_one.c @@ -0,0 +1,77 @@ +/* crypto/sha/sha1_one.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include +#include +#include "sha.h" + +unsigned char *SHA1(d, n, md) +unsigned char *d; +unsigned long n; +unsigned char *md; + { + SHA_CTX c; + static unsigned char m[SHA_DIGEST_LENGTH]; + + if (md == NULL) md=m; + SHA1_Init(&c); + SHA1_Update(&c,d,n); + SHA1_Final(md,&c); + memset(&c,0,sizeof(c)); + return(md); + } diff --git a/src/lib/libcrypto/sha/sha1dgst.c b/src/lib/libcrypto/sha/sha1dgst.c new file mode 100644 index 0000000000..2b0ae1f0d4 --- /dev/null +++ b/src/lib/libcrypto/sha/sha1dgst.c @@ -0,0 +1,468 @@ +/* crypto/sha/sha1dgst.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include +#include +#undef SHA_0 +#define SHA_1 +#include "sha.h" +#include "sha_locl.h" + +char *SHA1_version="SHA1 part of SSLeay 0.9.0b 29-Jun-1998"; + +/* Implemented from SHA-1 document - The Secure Hash Algorithm + */ + +#define INIT_DATA_h0 (unsigned long)0x67452301L +#define INIT_DATA_h1 (unsigned long)0xefcdab89L +#define INIT_DATA_h2 (unsigned long)0x98badcfeL +#define INIT_DATA_h3 (unsigned long)0x10325476L +#define INIT_DATA_h4 (unsigned long)0xc3d2e1f0L + +#define K_00_19 0x5a827999L +#define K_20_39 0x6ed9eba1L +#define K_40_59 0x8f1bbcdcL +#define K_60_79 0xca62c1d6L + +#ifndef NOPROTO +# ifdef SHA1_ASM + void sha1_block_x86(SHA_CTX *c, register unsigned long *p, int num); +# define sha1_block sha1_block_x86 +# else + void sha1_block(SHA_CTX *c, register unsigned long *p, int num); +# endif +#else +# ifdef SHA1_ASM + void sha1_block_x86(); +# define sha1_block sha1_block_x86 +# else + void sha1_block(); +# endif +#endif + + +#if defined(L_ENDIAN) && defined(SHA1_ASM) +# define M_c2nl c2l +# define M_p_c2nl p_c2l +# define M_c2nl_p c2l_p +# define M_p_c2nl_p p_c2l_p +# define M_nl2c l2c +#else +# define M_c2nl c2nl +# define M_p_c2nl p_c2nl +# define M_c2nl_p c2nl_p +# define M_p_c2nl_p p_c2nl_p +# define M_nl2c nl2c +#endif + +void SHA1_Init(c) +SHA_CTX *c; + { + c->h0=INIT_DATA_h0; + c->h1=INIT_DATA_h1; + c->h2=INIT_DATA_h2; + c->h3=INIT_DATA_h3; + c->h4=INIT_DATA_h4; + c->Nl=0; + c->Nh=0; + c->num=0; + } + +void SHA1_Update(c, data, len) +SHA_CTX *c; +register unsigned char *data; +unsigned long len; + { + register ULONG *p; + int ew,ec,sw,sc; + ULONG l; + + if (len == 0) return; + + l=(c->Nl+(len<<3))&0xffffffffL; + if (l < c->Nl) /* overflow */ + c->Nh++; + c->Nh+=(len>>29); + c->Nl=l; + + if (c->num != 0) + { + p=c->data; + sw=c->num>>2; + sc=c->num&0x03; + + if ((c->num+len) >= SHA_CBLOCK) + { + l= p[sw]; + M_p_c2nl(data,l,sc); + p[sw++]=l; + for (; swnum); + + sha1_block(c,p,64); + c->num=0; + /* drop through and do the rest */ + } + else + { + c->num+=(int)len; + if ((sc+len) < 4) /* ugly, add char's to a word */ + { + l= p[sw]; + M_p_c2nl_p(data,l,sc,len); + p[sw]=l; + } + else + { + ew=(c->num>>2); + ec=(c->num&0x03); + l= p[sw]; + M_p_c2nl(data,l,sc); + p[sw++]=l; + for (; sw < ew; sw++) + { M_c2nl(data,l); p[sw]=l; } + if (ec) + { + M_c2nl_p(data,l,ec); + p[sw]=l; + } + } + return; + } + } + /* We can only do the following code for assember, the reason + * being that the sha1_block 'C' version changes the values + * in the 'data' array. The assember code avoids this and + * copies it to a local array. I should be able to do this for + * the C version as well.... + */ +#if 1 +#if defined(B_ENDIAN) || defined(SHA1_ASM) + if ((((unsigned int)data)%sizeof(ULONG)) == 0) + { + sw=len/SHA_CBLOCK; + if (sw) + { + sw*=SHA_CBLOCK; + sha1_block(c,(ULONG *)data,sw); + data+=sw; + len-=sw; + } + } +#endif +#endif + /* we now can process the input data in blocks of SHA_CBLOCK + * chars and save the leftovers to c->data. */ + p=c->data; + while (len >= SHA_CBLOCK) + { +#if defined(B_ENDIAN) || defined(L_ENDIAN) + if (p != (unsigned long *)data) + memcpy(p,data,SHA_CBLOCK); + data+=SHA_CBLOCK; +# ifdef L_ENDIAN +# ifndef SHA1_ASM /* Will not happen */ + for (sw=(SHA_LBLOCK/4); sw; sw--) + { + Endian_Reverse32(p[0]); + Endian_Reverse32(p[1]); + Endian_Reverse32(p[2]); + Endian_Reverse32(p[3]); + p+=4; + } + p=c->data; +# endif +# endif +#else + for (sw=(SHA_BLOCK/4); sw; sw--) + { + M_c2nl(data,l); *(p++)=l; + M_c2nl(data,l); *(p++)=l; + M_c2nl(data,l); *(p++)=l; + M_c2nl(data,l); *(p++)=l; + } + p=c->data; +#endif + sha1_block(c,p,64); + len-=SHA_CBLOCK; + } + ec=(int)len; + c->num=ec; + ew=(ec>>2); + ec&=0x03; + + for (sw=0; sw < ew; sw++) + { M_c2nl(data,l); p[sw]=l; } + M_c2nl_p(data,l,ec); + p[sw]=l; + } + +void SHA1_Transform(c,b) +SHA_CTX *c; +unsigned char *b; + { + ULONG p[16]; +#ifndef B_ENDIAN + ULONG *q; + int i; +#endif + +#if defined(B_ENDIAN) || defined(L_ENDIAN) + memcpy(p,b,64); +#ifdef L_ENDIAN + q=p; + for (i=(SHA_LBLOCK/4); i; i--) + { + Endian_Reverse32(q[0]); + Endian_Reverse32(q[1]); + Endian_Reverse32(q[2]); + Endian_Reverse32(q[3]); + q+=4; + } +#endif +#else + q=p; + for (i=(SHA_LBLOCK/4); i; i--) + { + ULONG l; + c2nl(b,l); *(q++)=l; + c2nl(b,l); *(q++)=l; + c2nl(b,l); *(q++)=l; + c2nl(b,l); *(q++)=l; + } +#endif + sha1_block(c,p,64); + } + +#ifndef SHA1_ASM + +void sha1_block(c, W, num) +SHA_CTX *c; +register unsigned long *W; +int num; + { + register ULONG A,B,C,D,E,T; + ULONG X[16]; + + A=c->h0; + B=c->h1; + C=c->h2; + D=c->h3; + E=c->h4; + + for (;;) + { + BODY_00_15( 0,A,B,C,D,E,T,W); + BODY_00_15( 1,T,A,B,C,D,E,W); + BODY_00_15( 2,E,T,A,B,C,D,W); + BODY_00_15( 3,D,E,T,A,B,C,W); + BODY_00_15( 4,C,D,E,T,A,B,W); + BODY_00_15( 5,B,C,D,E,T,A,W); + BODY_00_15( 6,A,B,C,D,E,T,W); + BODY_00_15( 7,T,A,B,C,D,E,W); + BODY_00_15( 8,E,T,A,B,C,D,W); + BODY_00_15( 9,D,E,T,A,B,C,W); + BODY_00_15(10,C,D,E,T,A,B,W); + BODY_00_15(11,B,C,D,E,T,A,W); + BODY_00_15(12,A,B,C,D,E,T,W); + BODY_00_15(13,T,A,B,C,D,E,W); + BODY_00_15(14,E,T,A,B,C,D,W); + BODY_00_15(15,D,E,T,A,B,C,W); + BODY_16_19(16,C,D,E,T,A,B,W,W,W,W); + BODY_16_19(17,B,C,D,E,T,A,W,W,W,W); + BODY_16_19(18,A,B,C,D,E,T,W,W,W,W); + BODY_16_19(19,T,A,B,C,D,E,W,W,W,X); + + BODY_20_31(20,E,T,A,B,C,D,W,W,W,X); + BODY_20_31(21,D,E,T,A,B,C,W,W,W,X); + BODY_20_31(22,C,D,E,T,A,B,W,W,W,X); + BODY_20_31(23,B,C,D,E,T,A,W,W,W,X); + BODY_20_31(24,A,B,C,D,E,T,W,W,X,X); + BODY_20_31(25,T,A,B,C,D,E,W,W,X,X); + BODY_20_31(26,E,T,A,B,C,D,W,W,X,X); + BODY_20_31(27,D,E,T,A,B,C,W,W,X,X); + BODY_20_31(28,C,D,E,T,A,B,W,W,X,X); + BODY_20_31(29,B,C,D,E,T,A,W,W,X,X); + BODY_20_31(30,A,B,C,D,E,T,W,X,X,X); + BODY_20_31(31,T,A,B,C,D,E,W,X,X,X); + BODY_32_39(32,E,T,A,B,C,D,X); + BODY_32_39(33,D,E,T,A,B,C,X); + BODY_32_39(34,C,D,E,T,A,B,X); + BODY_32_39(35,B,C,D,E,T,A,X); + BODY_32_39(36,A,B,C,D,E,T,X); + BODY_32_39(37,T,A,B,C,D,E,X); + BODY_32_39(38,E,T,A,B,C,D,X); + BODY_32_39(39,D,E,T,A,B,C,X); + + BODY_40_59(40,C,D,E,T,A,B,X); + BODY_40_59(41,B,C,D,E,T,A,X); + BODY_40_59(42,A,B,C,D,E,T,X); + BODY_40_59(43,T,A,B,C,D,E,X); + BODY_40_59(44,E,T,A,B,C,D,X); + BODY_40_59(45,D,E,T,A,B,C,X); + BODY_40_59(46,C,D,E,T,A,B,X); + BODY_40_59(47,B,C,D,E,T,A,X); + BODY_40_59(48,A,B,C,D,E,T,X); + BODY_40_59(49,T,A,B,C,D,E,X); + BODY_40_59(50,E,T,A,B,C,D,X); + BODY_40_59(51,D,E,T,A,B,C,X); + BODY_40_59(52,C,D,E,T,A,B,X); + BODY_40_59(53,B,C,D,E,T,A,X); + BODY_40_59(54,A,B,C,D,E,T,X); + BODY_40_59(55,T,A,B,C,D,E,X); + BODY_40_59(56,E,T,A,B,C,D,X); + BODY_40_59(57,D,E,T,A,B,C,X); + BODY_40_59(58,C,D,E,T,A,B,X); + BODY_40_59(59,B,C,D,E,T,A,X); + + BODY_60_79(60,A,B,C,D,E,T,X); + BODY_60_79(61,T,A,B,C,D,E,X); + BODY_60_79(62,E,T,A,B,C,D,X); + BODY_60_79(63,D,E,T,A,B,C,X); + BODY_60_79(64,C,D,E,T,A,B,X); + BODY_60_79(65,B,C,D,E,T,A,X); + BODY_60_79(66,A,B,C,D,E,T,X); + BODY_60_79(67,T,A,B,C,D,E,X); + BODY_60_79(68,E,T,A,B,C,D,X); + BODY_60_79(69,D,E,T,A,B,C,X); + BODY_60_79(70,C,D,E,T,A,B,X); + BODY_60_79(71,B,C,D,E,T,A,X); + BODY_60_79(72,A,B,C,D,E,T,X); + BODY_60_79(73,T,A,B,C,D,E,X); + BODY_60_79(74,E,T,A,B,C,D,X); + BODY_60_79(75,D,E,T,A,B,C,X); + BODY_60_79(76,C,D,E,T,A,B,X); + BODY_60_79(77,B,C,D,E,T,A,X); + BODY_60_79(78,A,B,C,D,E,T,X); + BODY_60_79(79,T,A,B,C,D,E,X); + + c->h0=(c->h0+E)&0xffffffffL; + c->h1=(c->h1+T)&0xffffffffL; + c->h2=(c->h2+A)&0xffffffffL; + c->h3=(c->h3+B)&0xffffffffL; + c->h4=(c->h4+C)&0xffffffffL; + + num-=64; + if (num <= 0) break; + + A=c->h0; + B=c->h1; + C=c->h2; + D=c->h3; + E=c->h4; + + W+=16; + } + } +#endif + +void SHA1_Final(md, c) +unsigned char *md; +SHA_CTX *c; + { + register int i,j; + register ULONG l; + register ULONG *p; + static unsigned char end[4]={0x80,0x00,0x00,0x00}; + unsigned char *cp=end; + + /* c->num should definitly have room for at least one more byte. */ + p=c->data; + j=c->num; + i=j>>2; +#ifdef PURIFY + if ((j&0x03) == 0) p[i]=0; +#endif + l=p[i]; + M_p_c2nl(cp,l,j&0x03); + p[i]=l; + i++; + /* i is the next 'undefined word' */ + if (c->num >= SHA_LAST_BLOCK) + { + for (; iNh; + p[SHA_LBLOCK-1]=c->Nl; +#if defined(L_ENDIAN) && defined(SHA1_ASM) + Endian_Reverse32(p[SHA_LBLOCK-2]); + Endian_Reverse32(p[SHA_LBLOCK-1]); +#endif + sha1_block(c,p,64); + cp=md; + l=c->h0; nl2c(l,cp); + l=c->h1; nl2c(l,cp); + l=c->h2; nl2c(l,cp); + l=c->h3; nl2c(l,cp); + l=c->h4; nl2c(l,cp); + + /* clear stuff, sha1_block may be leaving some stuff on the stack + * but I'm not worried :-) */ + c->num=0; +/* memset((char *)&c,0,sizeof(c));*/ + } + diff --git a/src/lib/libcrypto/sha/sha_locl.h b/src/lib/libcrypto/sha/sha_locl.h new file mode 100644 index 0000000000..2814ad15fa --- /dev/null +++ b/src/lib/libcrypto/sha/sha_locl.h @@ -0,0 +1,246 @@ +/* crypto/sha/sha_locl.h */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include +#include + +#ifdef undef +/* one or the other needs to be defined */ +#ifndef SHA_1 /* FIPE 180-1 */ +#define SHA_0 /* FIPS 180 */ +#endif +#endif + +#define ULONG unsigned long +#define UCHAR unsigned char +#define UINT unsigned int + +#ifdef NOCONST +#define const +#endif + +#undef c2nl +#define c2nl(c,l) (l =(((unsigned long)(*((c)++)))<<24), \ + l|=(((unsigned long)(*((c)++)))<<16), \ + l|=(((unsigned long)(*((c)++)))<< 8), \ + l|=(((unsigned long)(*((c)++))) )) + +#undef p_c2nl +#define p_c2nl(c,l,n) { \ + switch (n) { \ + case 0: l =((unsigned long)(*((c)++)))<<24; \ + case 1: l|=((unsigned long)(*((c)++)))<<16; \ + case 2: l|=((unsigned long)(*((c)++)))<< 8; \ + case 3: l|=((unsigned long)(*((c)++))); \ + } \ + } + +#undef c2nl_p +/* NOTE the pointer is not incremented at the end of this */ +#define c2nl_p(c,l,n) { \ + l=0; \ + (c)+=n; \ + switch (n) { \ + case 3: l =((unsigned long)(*(--(c))))<< 8; \ + case 2: l|=((unsigned long)(*(--(c))))<<16; \ + case 1: l|=((unsigned long)(*(--(c))))<<24; \ + } \ + } + +#undef p_c2nl_p +#define p_c2nl_p(c,l,sc,len) { \ + switch (sc) \ + { \ + case 0: l =((unsigned long)(*((c)++)))<<24; \ + if (--len == 0) break; \ + case 1: l|=((unsigned long)(*((c)++)))<<16; \ + if (--len == 0) break; \ + case 2: l|=((unsigned long)(*((c)++)))<< 8; \ + } \ + } + +#undef nl2c +#define nl2c(l,c) (*((c)++)=(unsigned char)(((l)>>24)&0xff), \ + *((c)++)=(unsigned char)(((l)>>16)&0xff), \ + *((c)++)=(unsigned char)(((l)>> 8)&0xff), \ + *((c)++)=(unsigned char)(((l) )&0xff)) + +#undef c2l +#define c2l(c,l) (l =(((unsigned long)(*((c)++))) ), \ + l|=(((unsigned long)(*((c)++)))<< 8), \ + l|=(((unsigned long)(*((c)++)))<<16), \ + l|=(((unsigned long)(*((c)++)))<<24)) + +#undef p_c2l +#define p_c2l(c,l,n) { \ + switch (n) { \ + case 0: l =((unsigned long)(*((c)++))); \ + case 1: l|=((unsigned long)(*((c)++)))<< 8; \ + case 2: l|=((unsigned long)(*((c)++)))<<16; \ + case 3: l|=((unsigned long)(*((c)++)))<<24; \ + } \ + } + +#undef c2l_p +/* NOTE the pointer is not incremented at the end of this */ +#define c2l_p(c,l,n) { \ + l=0; \ + (c)+=n; \ + switch (n) { \ + case 3: l =((unsigned long)(*(--(c))))<<16; \ + case 2: l|=((unsigned long)(*(--(c))))<< 8; \ + case 1: l|=((unsigned long)(*(--(c)))); \ + } \ + } + +#undef p_c2l_p +#define p_c2l_p(c,l,sc,len) { \ + switch (sc) \ + { \ + case 0: l =((unsigned long)(*((c)++))); \ + if (--len == 0) break; \ + case 1: l|=((unsigned long)(*((c)++)))<< 8; \ + if (--len == 0) break; \ + case 2: l|=((unsigned long)(*((c)++)))<<16; \ + } \ + } + +#undef l2c +#define l2c(l,c) (*((c)++)=(unsigned char)(((l) )&0xff), \ + *((c)++)=(unsigned char)(((l)>> 8)&0xff), \ + *((c)++)=(unsigned char)(((l)>>16)&0xff), \ + *((c)++)=(unsigned char)(((l)>>24)&0xff)) + +#undef ROTATE +#if defined(WIN32) +#define ROTATE(a,n) _lrotl(a,n) +#else +#define ROTATE(a,n) (((a)<<(n))|(((a)&0xffffffff)>>(32-(n)))) +#endif + +/* A nice byte order reversal from Wei Dai */ +#if defined(WIN32) +/* 5 instructions with rotate instruction, else 9 */ +#define Endian_Reverse32(a) \ + { \ + unsigned long l=(a); \ + (a)=((ROTATE(l,8)&0x00FF00FF)|(ROTATE(l,24)&0xFF00FF00)); \ + } +#else +/* 6 instructions with rotate instruction, else 8 */ +#define Endian_Reverse32(a) \ + { \ + unsigned long l=(a); \ + l=(((l&0xFF00FF00)>>8L)|((l&0x00FF00FF)<<8L)); \ + (a)=ROTATE(l,16L); \ + } +#endif + +/* As pointed out by Wei Dai , F() below can be + * simplified to the code in F_00_19. Wei attributes these optimisations + * to Peter Gutmann's SHS code, and he attributes it to Rich Schroeppel. + * #define F(x,y,z) (((x) & (y)) | ((~(x)) & (z))) + * I've just become aware of another tweak to be made, again from Wei Dai, + * in F_40_59, (x&a)|(y&a) -> (x|y)&a + */ +#define F_00_19(b,c,d) ((((c) ^ (d)) & (b)) ^ (d)) +#define F_20_39(b,c,d) ((b) ^ (c) ^ (d)) +#define F_40_59(b,c,d) (((b) & (c)) | (((b)|(c)) & (d))) +#define F_60_79(b,c,d) F_20_39(b,c,d) + +#ifdef SHA_0 +#undef Xupdate +#define Xupdate(a,i,ia,ib,ic,id) X[(i)&0x0f]=(a)=\ + (ia[(i)&0x0f]^ib[((i)+2)&0x0f]^ic[((i)+8)&0x0f]^id[((i)+13)&0x0f]); +#endif +#ifdef SHA_1 +#undef Xupdate +#define Xupdate(a,i,ia,ib,ic,id) (a)=\ + (ia[(i)&0x0f]^ib[((i)+2)&0x0f]^ic[((i)+8)&0x0f]^id[((i)+13)&0x0f]);\ + X[(i)&0x0f]=(a)=ROTATE((a),1); +#endif + +#define BODY_00_15(i,a,b,c,d,e,f,xa) \ + (f)=xa[i]+(e)+K_00_19+ROTATE((a),5)+F_00_19((b),(c),(d)); \ + (b)=ROTATE((b),30); + +#define BODY_16_19(i,a,b,c,d,e,f,xa,xb,xc,xd) \ + Xupdate(f,i,xa,xb,xc,xd); \ + (f)+=(e)+K_00_19+ROTATE((a),5)+F_00_19((b),(c),(d)); \ + (b)=ROTATE((b),30); + +#define BODY_20_31(i,a,b,c,d,e,f,xa,xb,xc,xd) \ + Xupdate(f,i,xa,xb,xc,xd); \ + (f)+=(e)+K_20_39+ROTATE((a),5)+F_20_39((b),(c),(d)); \ + (b)=ROTATE((b),30); + +#define BODY_32_39(i,a,b,c,d,e,f,xa) \ + Xupdate(f,i,xa,xa,xa,xa); \ + (f)+=(e)+K_20_39+ROTATE((a),5)+F_20_39((b),(c),(d)); \ + (b)=ROTATE((b),30); + +#define BODY_40_59(i,a,b,c,d,e,f,xa) \ + Xupdate(f,i,xa,xa,xa,xa); \ + (f)+=(e)+K_40_59+ROTATE((a),5)+F_40_59((b),(c),(d)); \ + (b)=ROTATE((b),30); + +#define BODY_60_79(i,a,b,c,d,e,f,xa) \ + Xupdate(f,i,xa,xa,xa,xa); \ + (f)=X[(i)&0x0f]+(e)+K_60_79+ROTATE((a),5)+F_60_79((b),(c),(d)); \ + (b)=ROTATE((b),30); + diff --git a/src/lib/libcrypto/stack/stack.c b/src/lib/libcrypto/stack/stack.c new file mode 100644 index 0000000000..610ccbb756 --- /dev/null +++ b/src/lib/libcrypto/stack/stack.c @@ -0,0 +1,307 @@ +/* crypto/stack/stack.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +/* Code for stacks + * Author - Eric Young v 1.0 + * 1.2 eay 12-Mar-97 - Modified sk_find so that it _DOES_ return the + * lowest index for the seached item. + * + * 1.1 eay - Take from netdb and added to SSLeay + * + * 1.0 eay - First version 29/07/92 + */ +#include +#include "cryptlib.h" +#include "stack.h" + +#undef MIN_NODES +#define MIN_NODES 4 + +char *STACK_version="STACK part of SSLeay 0.9.0b 29-Jun-1998"; + +#ifndef NOPROTO +#define FP_ICC (int (*)(const void *,const void *)) +#else +#define FP_ICC +#endif + +#include + +void sk_set_cmp_func(sk,c) +STACK *sk; +int (*c)(); + { + if (sk->comp != c) + sk->sorted=0; + sk->comp=c; + } + +STACK *sk_dup(sk) +STACK *sk; + { + STACK *ret; + char **s; + + if ((ret=sk_new(sk->comp)) == NULL) goto err; + s=(char **)Realloc((char *)ret->data, + (unsigned int)sizeof(char *)*sk->num_alloc); + if (s == NULL) goto err; + ret->data=s; + + ret->num=sk->num; + memcpy(ret->data,sk->data,sizeof(char *)*sk->num); + ret->sorted=sk->sorted; + ret->num_alloc=sk->num_alloc; + ret->comp=sk->comp; + return(ret); +err: + return(NULL); + } + +STACK *sk_new(c) +int (*c)(); + { + STACK *ret; + int i; + + if ((ret=(STACK *)Malloc(sizeof(STACK))) == NULL) + goto err0; + if ((ret->data=(char **)Malloc(sizeof(char *)*MIN_NODES)) == NULL) + goto err1; + for (i=0; idata[i]=NULL; + ret->comp=c; + ret->num_alloc=MIN_NODES; + ret->num=0; + ret->sorted=0; + return(ret); +err1: + Free((char *)ret); +err0: + return(NULL); + } + +int sk_insert(st,data,loc) +STACK *st; +char *data; +int loc; + { + char **s; + + if (st->num_alloc <= st->num+1) + { + s=(char **)Realloc((char *)st->data, + (unsigned int)sizeof(char *)*st->num_alloc*2); + if (s == NULL) + return(0); + st->data=s; + st->num_alloc*=2; + } + if ((loc >= (int)st->num) || (loc < 0)) + st->data[st->num]=data; + else + { + int i; + char **f,**t; + + f=(char **)st->data; + t=(char **)&(st->data[1]); + for (i=st->num; i>loc; i--) + t[i]=f[i]; + +#ifdef undef /* no memmove on sunos :-( */ + memmove( (char *)&(st->data[loc+1]), + (char *)&(st->data[loc]), + sizeof(char *)*(st->num-loc)); +#endif + st->data[loc]=data; + } + st->num++; + st->sorted=0; + return(st->num); + } + +char *sk_delete_ptr(st,p) +STACK *st; +char *p; + { + int i; + + for (i=0; inum; i++) + if (st->data[i] == p) + return(sk_delete(st,i)); + return(NULL); + } + +char *sk_delete(st,loc) +STACK *st; +int loc; + { + char *ret; + int i,j; + + if ((st->num == 0) || (loc < 0) || (loc >= st->num)) return(NULL); + + ret=st->data[loc]; + if (loc != st->num-1) + { + j=st->num-1; + for (i=loc; idata[i]=st->data[i+1]; + /* In theory memcpy is not safe for this + * memcpy( &(st->data[loc]), + * &(st->data[loc+1]), + * sizeof(char *)*(st->num-loc-1)); + */ + } + st->num--; + return(ret); + } + +int sk_find(st,data) +STACK *st; +char *data; + { + char **r; + int i; + int (*comp_func)(); + + if (st->comp == NULL) + { + for (i=0; inum; i++) + if (st->data[i] == data) + return(i); + return(-1); + } + comp_func=(int (*)())st->comp; + if (!st->sorted) + { + qsort((char *)st->data,st->num,sizeof(char *),FP_ICC comp_func); + st->sorted=1; + } + if (data == NULL) return(-1); + r=(char **)bsearch(&data,(char *)st->data, + st->num,sizeof(char *),FP_ICC comp_func); + if (r == NULL) return(-1); + i=(int)(r-st->data); + for ( ; i>0; i--) + if ((*st->comp)(&(st->data[i-1]),&data) < 0) + break; + return(i); + } + +int sk_push(st,data) +STACK *st; +char *data; + { + return(sk_insert(st,data,st->num)); + } + +int sk_unshift(st,data) +STACK *st; +char *data; + { + return(sk_insert(st,data,0)); + } + +char *sk_shift(st) +STACK *st; + { + if (st == NULL) return(NULL); + if (st->num <= 0) return(NULL); + return(sk_delete(st,0)); + } + +char *sk_pop(st) +STACK *st; + { + if (st == NULL) return(NULL); + if (st->num <= 0) return(NULL); + return(sk_delete(st,st->num-1)); + } + +void sk_zero(st) +STACK *st; + { + if (st == NULL) return; + if (st->num <= 0) return; + memset((char *)st->data,0,sizeof(st->data)*st->num); + st->num=0; + } + +void sk_pop_free(st,func) +STACK *st; +void (*func)(); + { + int i; + + if (st == NULL) return; + for (i=0; inum; i++) + if (st->data[i] != NULL) + func(st->data[i]); + sk_free(st); + } + +void sk_free(st) +STACK *st; + { + if (st == NULL) return; + if (st->data != NULL) Free((char *)st->data); + Free((char *)st); + } + diff --git a/src/lib/libcrypto/stack/stack.h b/src/lib/libcrypto/stack/stack.h new file mode 100644 index 0000000000..615eb6ff94 --- /dev/null +++ b/src/lib/libcrypto/stack/stack.h @@ -0,0 +1,120 @@ +/* crypto/stack/stack.h */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#ifndef HEADER_STACK_H +#define HEADER_STACK_H + +#ifdef __cplusplus +extern "C" { +#endif + +typedef struct stack_st + { + int num; + char **data; + int sorted; + + int num_alloc; + int (*comp)(); + } STACK; + +#define sk_num(sk) ((sk)->num) +#define sk_value(sk,n) ((sk)->data[n]) + +#define sk_new_null() sk_new(NULL) +#ifndef NOPROTO + +STACK *sk_new(int (*cmp)()); +void sk_free(STACK *); +void sk_pop_free(STACK *st, void (*func)()); +int sk_insert(STACK *sk,char *data,int where); +char *sk_delete(STACK *st,int loc); +char *sk_delete_ptr(STACK *st, char *p); +int sk_find(STACK *st,char *data); +int sk_push(STACK *st,char *data); +int sk_unshift(STACK *st,char *data); +char *sk_shift(STACK *st); +char *sk_pop(STACK *st); +void sk_zero(STACK *st); +void sk_set_cmp_func(STACK *sk, int (*c)()); +STACK *sk_dup(STACK *st); + +#else + +STACK *sk_new(); +void sk_free(); +void sk_pop_free(); +int sk_insert(); +char *sk_delete(); +char *sk_delete_ptr(); +int sk_find(); +int sk_push(); +int sk_unshift(); +char *sk_shift(); +char *sk_pop(); +void sk_zero(); +void sk_set_cmp_func(); +STACK *sk_dup(); + +#endif + +#ifdef __cplusplus +} +#endif + +#endif diff --git a/src/lib/libcrypto/txt_db/txt_db.c b/src/lib/libcrypto/txt_db/txt_db.c new file mode 100644 index 0000000000..e34ce4efa9 --- /dev/null +++ b/src/lib/libcrypto/txt_db/txt_db.c @@ -0,0 +1,394 @@ +/* crypto/txt_db/txt_db.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include +#include +#include +#include "cryptlib.h" +#include "buffer.h" +#include "txt_db.h" + +#undef BUFSIZE +#define BUFSIZE 512 + +char *TXT_DB_version="TXT_DB part of SSLeay 0.9.0b 29-Jun-1998"; + +TXT_DB *TXT_DB_read(in,num) +BIO *in; +int num; + { + TXT_DB *ret=NULL; + int er=1; + int esc=0; + long ln=0; + int i,add,n; + int size=BUFSIZE; + int offset=0; + char *p,**pp,*f; + BUF_MEM *buf=NULL; + + if ((buf=BUF_MEM_new()) == NULL) goto err; + if (!BUF_MEM_grow(buf,size)) goto err; + + if ((ret=(TXT_DB *)Malloc(sizeof(TXT_DB))) == NULL) + goto err; + ret->num_fields=num; + ret->index=NULL; + ret->qual=NULL; + if ((ret->data=sk_new_null()) == NULL) + goto err; + if ((ret->index=(LHASH **)Malloc(sizeof(LHASH *)*num)) == NULL) + goto err; + if ((ret->qual=(int (**)())Malloc(sizeof(int (**)())*num)) == NULL) + goto err; + for (i=0; iindex[i]=NULL; + ret->qual[i]=NULL; + } + + add=(num+1)*sizeof(char *); + buf->data[size-1]='\0'; + offset=0; + for (;;) + { + if (offset != 0) + { + size+=BUFSIZE; + if (!BUF_MEM_grow(buf,size)) goto err; + } + buf->data[offset]='\0'; + BIO_gets(in,&(buf->data[offset]),size-offset); + ln++; + if (buf->data[offset] == '\0') break; + if ((offset == 0) && (buf->data[0] == '#')) continue; + i=strlen(&(buf->data[offset])); + offset+=i; + if (buf->data[offset-1] != '\n') + continue; + else + { + buf->data[offset-1]='\0'; /* blat the '\n' */ + p=(char *)Malloc(add+offset); + offset=0; + } + pp=(char **)p; + p+=add; + n=0; + pp[n++]=p; + i=0; + f=buf->data; + + esc=0; + for (;;) + { + if (*f == '\0') break; + if (*f == '\t') + { + if (esc) + p--; + else + { + *(p++)='\0'; + f++; + if (n >= num) break; + pp[n++]=p; + continue; + } + } + esc=(*f == '\\'); + *(p++)= *(f++); + } + *(p++)='\0'; + if ((n != num) || (*f != '\0')) + { +#if !defined(NO_STDIO) && !defined(WIN16) /* temporaty fix :-( */ + fprintf(stderr,"wrong number of fields on line %ld\n",ln); +#endif + er=2; + goto err; + } + pp[n]=p; + if (!sk_push(ret->data,(char *)pp)) + { +#if !defined(NO_STDIO) && !defined(WIN16) /* temporaty fix :-( */ + fprintf(stderr,"failure in sk_push\n"); +#endif + er=2; + goto err; + } + } + er=0; +err: + BUF_MEM_free(buf); + if (er) + { +#if !defined(NO_STDIO) && !defined(WIN16) + if (er == 1) fprintf(stderr,"Malloc failure\n"); +#endif + if (ret->data != NULL) sk_free(ret->data); + if (ret->index != NULL) Free(ret->index); + if (ret->qual != NULL) Free((char *)ret->qual); + if (ret != NULL) Free(ret); + return(NULL); + } + else + return(ret); + } + +char **TXT_DB_get_by_index(db,idx,value) +TXT_DB *db; +int idx; +char **value; + { + char **ret; + LHASH *lh; + + if (idx >= db->num_fields) + { + db->error=DB_ERROR_INDEX_OUT_OF_RANGE; + return(NULL); + } + lh=db->index[idx]; + if (lh == NULL) + { + db->error=DB_ERROR_NO_INDEX; + return(NULL); + } + ret=(char **)lh_retrieve(lh,(char *)value); + db->error=DB_ERROR_OK; + return(ret); + } + +int TXT_DB_create_index(db,field,qual,hash,cmp) +TXT_DB *db; +int field; +int (*qual)(); +unsigned long (*hash)(); +int (*cmp)(); + { + LHASH *idx; + char *r; + int i,n; + + if (field >= db->num_fields) + { + db->error=DB_ERROR_INDEX_OUT_OF_RANGE; + return(0); + } + if ((idx=lh_new(hash,cmp)) == NULL) + { + db->error=DB_ERROR_MALLOC; + return(0); + } + n=sk_num(db->data); + for (i=0; idata,i); + if ((qual != NULL) && (qual(r) == 0)) continue; + if ((r=lh_insert(idx,r)) != NULL) + { + db->error=DB_ERROR_INDEX_CLASH; + db->arg1=sk_find(db->data,r); + db->arg2=i; + lh_free(idx); + return(0); + } + } + if (db->index[field] != NULL) lh_free(db->index[field]); + db->index[field]=idx; + db->qual[field]=qual; + return(1); + } + +long TXT_DB_write(out,db) +BIO *out; +TXT_DB *db; + { + long i,j,n,nn,l,tot=0; + char *p,**pp,*f; + BUF_MEM *buf=NULL; + long ret= -1; + + if ((buf=BUF_MEM_new()) == NULL) + goto err; + n=sk_num(db->data); + nn=db->num_fields; + for (i=0; idata,i); + + l=0; + for (j=0; jdata; + for (j=0; jdata; + if (BIO_write(out,buf->data,(int)j) != j) + goto err; + tot+=j; + } + ret=tot; +err: + if (buf != NULL) BUF_MEM_free(buf); + return(ret); + } + +int TXT_DB_insert(db,row) +TXT_DB *db; +char **row; + { + int i; + char **r; + + for (i=0; inum_fields; i++) + { + if (db->index[i] != NULL) + { + if ((db->qual[i] != NULL) && + (db->qual[i](row) == 0)) continue; + r=(char **)lh_retrieve(db->index[i],(char *)row); + if (r != NULL) + { + db->error=DB_ERROR_INDEX_CLASH; + db->arg1=i; + db->arg_row=r; + goto err; + } + } + } + /* We have passed the index checks, now just append and insert */ + if (!sk_push(db->data,(char *)row)) + { + db->error=DB_ERROR_MALLOC; + goto err; + } + + for (i=0; inum_fields; i++) + { + if (db->index[i] != NULL) + { + if ((db->qual[i] != NULL) && + (db->qual[i](row) == 0)) continue; + lh_insert(db->index[i],(char *)row); + } + } + return(1); +err: + return(0); + } + +void TXT_DB_free(db) +TXT_DB *db; + { + int i,n; + char **p,*max; + + if (db->index != NULL) + { + for (i=db->num_fields-1; i>=0; i--) + if (db->index[i] != NULL) lh_free(db->index[i]); + Free(db->index); + } + if (db->qual != NULL) + Free(db->qual); + if (db->data != NULL) + { + for (i=sk_num(db->data)-1; i>=0; i--) + { + /* check if any 'fields' have been allocated + * from outside of the initial block */ + p=(char **)sk_value(db->data,i); + max=p[db->num_fields]; /* last address */ + if (max == NULL) /* new row */ + { + for (n=0; nnum_fields; n++) + if (p[n] != NULL) Free(p[n]); + } + else + { + for (n=0; nnum_fields; n++) + { + if (((p[n] < (char *)p) || (p[n] > max)) + && (p[n] != NULL)) + Free(p[n]); + } + } + Free(sk_value(db->data,i)); + } + sk_free(db->data); + } + Free(db); + } diff --git a/src/lib/libcrypto/txt_db/txt_db.h b/src/lib/libcrypto/txt_db/txt_db.h new file mode 100644 index 0000000000..aca6dae393 --- /dev/null +++ b/src/lib/libcrypto/txt_db/txt_db.h @@ -0,0 +1,117 @@ +/* crypto/txt_db/txt_db.h */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#ifndef HEADER_TXT_DB_H +#define HEADER_TXT_DB_H + +#ifdef __cplusplus +extern "C" { +#endif + +#include "stack.h" +#include "lhash.h" + +#define DB_ERROR_OK 0 +#define DB_ERROR_MALLOC 1 +#define DB_ERROR_INDEX_CLASH 2 +#define DB_ERROR_INDEX_OUT_OF_RANGE 3 +#define DB_ERROR_NO_INDEX 4 +#define DB_ERROR_INSERT_INDEX_CLASH 5 + +typedef struct txt_db_st + { + int num_fields; + STACK /* char ** */ *data; + LHASH **index; + int (**qual)(); + long error; + long arg1; + long arg2; + char **arg_row; + } TXT_DB; + +#ifndef NOPROTO +#ifdef HEADER_BIO_H +TXT_DB *TXT_DB_read(BIO *in, int num); +long TXT_DB_write(BIO *out, TXT_DB *db); +#else +TXT_DB *TXT_DB_read(char *in, int num); +long TXT_DB_write(char *out, TXT_DB *db); +#endif +int TXT_DB_create_index(TXT_DB *db,int field,int (*qual)(), + unsigned long (*hash)(),int (*cmp)()); +void TXT_DB_free(TXT_DB *db); +char **TXT_DB_get_by_index(TXT_DB *db, int idx, char **value); +int TXT_DB_insert(TXT_DB *db,char **value); + +#else + +TXT_DB *TXT_DB_read(); +long TXT_DB_write(); +int TXT_DB_create_index(); +void TXT_DB_free(); +char **TXT_DB_get_by_index(); +int TXT_DB_insert(); + +#endif + +#ifdef __cplusplus +} +#endif + +#endif diff --git a/src/lib/libcrypto/x509/by_dir.c b/src/lib/libcrypto/x509/by_dir.c new file mode 100644 index 0000000000..11725ec94c --- /dev/null +++ b/src/lib/libcrypto/x509/by_dir.c @@ -0,0 +1,359 @@ +/* crypto/x509/by_dir.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include +#include +#include +#include +#include + +#include "cryptlib.h" +#include "lhash.h" +#include "x509.h" +#include "pem.h" + +typedef struct lookup_dir_st + { + BUF_MEM *buffer; + int num_dirs; + char **dirs; + int *dirs_type; + int num_dirs_alloced; + } BY_DIR; + +#ifndef NOPROTO +static int dir_ctrl(X509_LOOKUP *ctx,int cmd,char *argp,long argl,char **ret); +static int new_dir(X509_LOOKUP *lu); +static void free_dir(X509_LOOKUP *lu); +static int add_cert_dir(BY_DIR *ctx,char *dir,int type); +static int get_cert_by_subject(X509_LOOKUP *xl,int type,X509_NAME *name, + X509_OBJECT *ret); +#else +static int dir_ctrl(); +static int new_dir(); +static void free_dir(); +static int add_cert_dir(); +static int get_cert_by_subject(); +#endif + +X509_LOOKUP_METHOD x509_dir_lookup= + { + "Load certs from files in a directory", + new_dir, /* new */ + free_dir, /* free */ + NULL, /* init */ + NULL, /* shutdown */ + dir_ctrl, /* ctrl */ + get_cert_by_subject, /* get_by_subject */ + NULL, /* get_by_issuer_serial */ + NULL, /* get_by_fingerprint */ + NULL, /* get_by_alias */ + }; + +X509_LOOKUP_METHOD *X509_LOOKUP_hash_dir() + { + return(&x509_dir_lookup); + } + +static int dir_ctrl(ctx,cmd,argp,argl,retp) +X509_LOOKUP *ctx; +int cmd; +long argl; +char *argp; +char **retp; + { + int ret=0; + BY_DIR *ld; + char *dir; + + ld=(BY_DIR *)ctx->method_data; + + switch (cmd) + { + case X509_L_ADD_DIR: + if (argl == X509_FILETYPE_DEFAULT) + { + ret=add_cert_dir(ld,X509_get_default_cert_dir(), + X509_FILETYPE_PEM); + if (!ret) + { + X509err(X509_F_DIR_CTRL,X509_R_LOADING_CERT_DIR); + } + else + { + dir=(char *)Getenv(X509_get_default_cert_dir_env()); + ret=add_cert_dir(ld,dir,X509_FILETYPE_PEM); + } + } + else + ret=add_cert_dir(ld,argp,(int)argl); + break; + } + return(ret); + } + +static int new_dir(lu) +X509_LOOKUP *lu; + { + BY_DIR *a; + + if ((a=(BY_DIR *)Malloc(sizeof(BY_DIR))) == NULL) + return(0); + if ((a->buffer=BUF_MEM_new()) == NULL) + { + Free(a); + return(0); + } + a->num_dirs=0; + a->dirs=NULL; + a->dirs_type=NULL; + a->num_dirs_alloced=0; + lu->method_data=(char *)a; + return(1); + } + +static void free_dir(lu) +X509_LOOKUP *lu; + { + BY_DIR *a; + int i; + + a=(BY_DIR *)lu->method_data; + for (i=0; inum_dirs; i++) + if (a->dirs[i] != NULL) Free(a->dirs[i]); + if (a->dirs != NULL) Free(a->dirs); + if (a->dirs_type != NULL) Free(a->dirs_type); + if (a->buffer != NULL) BUF_MEM_free(a->buffer); + Free(a); + } + +static int add_cert_dir(ctx,dir, type) +BY_DIR *ctx; +char *dir; +int type; + { + int j,len; + int *ip; + char *s,*ss,*p; + char **pp; + + if (dir == NULL) return(0); + + s=dir; + p=s; + for (;;) + { + if ((*p == LIST_SEPARATOR_CHAR) || (*p == '\0')) + { + ss=s; + s=p+1; + len=(int)(p-ss); + if (len == 0) continue; + for (j=0; jnum_dirs; j++) + if (strncmp(ctx->dirs[j],ss,(unsigned int)len) == 0) + continue; + if (ctx->num_dirs_alloced < (ctx->num_dirs+1)) + { + ctx->num_dirs_alloced+=10; + pp=(char **)Malloc(ctx->num_dirs_alloced* + sizeof(char *)); + ip=(int *)Malloc(ctx->num_dirs_alloced* + sizeof(int)); + if ((pp == NULL) || (ip == NULL)) + { + X509err(X509_F_ADD_CERT_DIR,ERR_R_MALLOC_FAILURE); + return(0); + } + memcpy(pp,ctx->dirs,(ctx->num_dirs_alloced-10)* + sizeof(char *)); + memcpy(ip,ctx->dirs_type,(ctx->num_dirs_alloced-10)* + sizeof(int)); + if (ctx->dirs != NULL) + Free((char *)ctx->dirs); + if (ctx->dirs_type != NULL) + Free((char *)ctx->dirs_type); + ctx->dirs=pp; + ctx->dirs_type=ip; + } + ctx->dirs_type[ctx->num_dirs]=type; + ctx->dirs[ctx->num_dirs]=(char *)Malloc((unsigned int)len+1); + if (ctx->dirs[ctx->num_dirs] == NULL) return(0); + strncpy(ctx->dirs[ctx->num_dirs],ss,(unsigned int)len); + ctx->dirs[ctx->num_dirs][len]='\0'; + ctx->num_dirs++; + } + if (*p == '\0') break; + p++; + } + return(1); + } + +static int get_cert_by_subject(xl,type,name,ret) +X509_LOOKUP *xl; +int type; +X509_NAME *name; +X509_OBJECT *ret; + { + BY_DIR *ctx; + union { + struct { + X509 st_x509; + X509_CINF st_x509_cinf; + } x509; + struct { + X509_CRL st_crl; + X509_CRL_INFO st_crl_info; + } crl; + } data; + int ok=0; + int i,j,k; + unsigned long h; + BUF_MEM *b=NULL; + struct stat st; + X509_OBJECT stmp,*tmp; + char *postfix=""; + + if (name == NULL) return(0); + + stmp.type=type; + if (type == X509_LU_X509) + { + data.x509.st_x509.cert_info= &data.x509.st_x509_cinf; + data.x509.st_x509_cinf.subject=name; + stmp.data.x509= &data.x509.st_x509; + postfix=""; + } + else if (type == X509_LU_CRL) + { + data.crl.st_crl.crl= &data.crl.st_crl_info; + data.crl.st_crl_info.issuer=name; + stmp.data.crl= &data.crl.st_crl; + postfix="r"; + } + else + { + X509err(X509_F_GET_CERT_BY_SUBJECT,X509_R_WRONG_LOOKUP_TYPE); + goto finish; + } + + if ((b=BUF_MEM_new()) == NULL) + { + X509err(X509_F_GET_CERT_BY_SUBJECT,ERR_R_BUF_LIB); + goto finish; + } + + ctx=(BY_DIR *)xl->method_data; + + h=X509_NAME_hash(name); + for (i=0; inum_dirs; i++) + { + j=strlen(ctx->dirs[i])+1+8+6+1+1; + if (!BUF_MEM_grow(b,j)) + { + X509err(X509_F_GET_CERT_BY_SUBJECT,ERR_R_MALLOC_FAILURE); + goto finish; + } + k=0; + for (;;) + { + sprintf(b->data,"%s/%08lx.%s%d",ctx->dirs[i],h, + postfix,k); + k++; + if (stat(b->data,&st) < 0) + break; + /* found one. */ + if (type == X509_LU_X509) + { + if ((X509_load_cert_file(xl,b->data, + ctx->dirs_type[i])) == 0) + break; + } + else if (type == X509_LU_CRL) + { + if ((X509_load_crl_file(xl,b->data, + ctx->dirs_type[i])) == 0) + break; + } + /* else case will caught higher up */ + } + + /* we have added it to the cache so now pull + * it out again */ + CRYPTO_r_lock(CRYPTO_LOCK_X509_STORE); + tmp=(X509_OBJECT *)lh_retrieve(xl->store_ctx->certs, + (char *)&stmp); + CRYPTO_r_unlock(CRYPTO_LOCK_X509_STORE); + + if (tmp != NULL) + { + ok=1; + ret->type=tmp->type; + memcpy(&ret->data,&tmp->data,sizeof(ret->data)); + /* If we were going to up the reference count, + * we would need to do it on a perl 'type' + * basis */ + /* CRYPTO_add(&tmp->data.x509->references,1, + CRYPTO_LOCK_X509);*/ + goto finish; + } + } +finish: + if (b != NULL) BUF_MEM_free(b); + return(ok); + } + diff --git a/src/lib/libcrypto/x509/by_file.c b/src/lib/libcrypto/x509/by_file.c new file mode 100644 index 0000000000..09ebb9bf08 --- /dev/null +++ b/src/lib/libcrypto/x509/by_file.c @@ -0,0 +1,282 @@ +/* crypto/x509/by_file.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include +#include +#include +#include +#include + +#include "cryptlib.h" +#include "lhash.h" +#include "buffer.h" +#include "x509.h" +#include "pem.h" + +#ifndef NO_STDIO + +#ifndef NOPROTO +static int by_file_ctrl(X509_LOOKUP *ctx,int cmd,char *argc, + long argl,char **ret); +#else +static int by_file_ctrl(); +#endif + +X509_LOOKUP_METHOD x509_file_lookup= + { + "Load file into cache", + NULL, /* new */ + NULL, /* free */ + NULL, /* init */ + NULL, /* shutdown */ + by_file_ctrl, /* ctrl */ + NULL, /* get_by_subject */ + NULL, /* get_by_issuer_serial */ + NULL, /* get_by_fingerprint */ + NULL, /* get_by_alias */ + }; + +X509_LOOKUP_METHOD *X509_LOOKUP_file() + { + return(&x509_file_lookup); + } + +static int by_file_ctrl(ctx,cmd,argp,argl,ret) +X509_LOOKUP *ctx; +int cmd; +char *argp; +long argl; +char **ret; + { + int ok=0,ok2=0; + char *file; + + switch (cmd) + { + case X509_L_FILE_LOAD: + if (argl == X509_FILETYPE_DEFAULT) + { + ok=X509_load_cert_file(ctx,X509_get_default_cert_file(), + X509_FILETYPE_PEM); + ok2=X509_load_crl_file(ctx,X509_get_default_cert_file(), + X509_FILETYPE_PEM); + if (!ok || !ok2) + { + X509err(X509_F_BY_FILE_CTRL,X509_R_LOADING_DEFAULTS); + } + else + { + file=(char *)Getenv(X509_get_default_cert_file_env()); + ok=X509_load_cert_file(ctx,file, + X509_FILETYPE_PEM); + ok2=X509_load_crl_file(ctx,file, + X509_FILETYPE_PEM); + } + } + else + { + ok=X509_load_cert_file(ctx,argp,(int)argl); + ok2=X509_load_crl_file(ctx,argp,(int)argl); + } + break; + } + return((ok && ok2)?ok:0); + } + +int X509_load_cert_file(ctx,file,type) +X509_LOOKUP *ctx; +char *file; +int type; + { + int ret=0; + BIO *in=NULL; + int i,count=0; + X509 *x=NULL; + + if (file == NULL) return(1); + in=BIO_new(BIO_s_file_internal()); + + if ((in == NULL) || (BIO_read_filename(in,file) <= 0)) + { + X509err(X509_F_X509_LOAD_CERT_FILE,ERR_R_SYS_LIB); + goto err; + } + + if (type == X509_FILETYPE_PEM) + { + for (;;) + { + x=PEM_read_bio_X509(in,NULL,NULL); + if (x == NULL) + { + if ((ERR_GET_REASON(ERR_peek_error()) == + PEM_R_NO_START_LINE) && (count > 0)) + { + ERR_clear_error(); + break; + } + else + { + X509err(X509_F_X509_LOAD_CERT_FILE, + ERR_R_PEM_LIB); + goto err; + } + } + i=X509_STORE_add_cert(ctx->store_ctx,x); + if (!i) goto err; + count++; + X509_free(x); + x=NULL; + } + ret=count; + } + else if (type == X509_FILETYPE_ASN1) + { + x=d2i_X509_bio(in,NULL); + if (x == NULL) + { + X509err(X509_F_X509_LOAD_CERT_FILE,ERR_R_ASN1_LIB); + goto err; + } + i=X509_STORE_add_cert(ctx->store_ctx,x); + if (!i) goto err; + ret=i; + } + else + { + X509err(X509_F_X509_LOAD_CERT_FILE,X509_R_BAD_X509_FILETYPE); + goto err; + } +err: + if (x != NULL) X509_free(x); + if (in != NULL) BIO_free(in); + return(ret); + } + +int X509_load_crl_file(ctx,file,type) +X509_LOOKUP *ctx; +char *file; +int type; + { + int ret=0; + BIO *in=NULL; + int i,count=0; + X509_CRL *x=NULL; + + if (file == NULL) return(1); + in=BIO_new(BIO_s_file_internal()); + + if ((in == NULL) || (BIO_read_filename(in,file) <= 0)) + { + X509err(X509_F_X509_LOAD_CRL_FILE,ERR_R_SYS_LIB); + goto err; + } + + if (type == X509_FILETYPE_PEM) + { + for (;;) + { + x=PEM_read_bio_X509_CRL(in,NULL,NULL); + if (x == NULL) + { + if ((ERR_GET_REASON(ERR_peek_error()) == + PEM_R_NO_START_LINE) && (count > 0)) + { + ERR_clear_error(); + break; + } + else + { + X509err(X509_F_X509_LOAD_CRL_FILE, + ERR_R_PEM_LIB); + goto err; + } + } + i=X509_STORE_add_crl(ctx->store_ctx,x); + if (!i) goto err; + count++; + X509_CRL_free(x); + x=NULL; + } + ret=count; + } + else if (type == X509_FILETYPE_ASN1) + { + x=d2i_X509_CRL_bio(in,NULL); + if (x == NULL) + { + X509err(X509_F_X509_LOAD_CRL_FILE,ERR_R_ASN1_LIB); + goto err; + } + i=X509_STORE_add_crl(ctx->store_ctx,x); + if (!i) goto err; + ret=i; + } + else + { + X509err(X509_F_X509_LOAD_CRL_FILE,X509_R_BAD_X509_FILETYPE); + goto err; + } +err: + if (x != NULL) X509_CRL_free(x); + if (in != NULL) BIO_free(in); + return(ret); + } + +#endif /* NO_STDIO */ + diff --git a/src/lib/libcrypto/x509/x509.h b/src/lib/libcrypto/x509/x509.h new file mode 100644 index 0000000000..95114f7c43 --- /dev/null +++ b/src/lib/libcrypto/x509/x509.h @@ -0,0 +1,1152 @@ +/* crypto/x509/x509.h */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#ifndef HEADER_X509_H +#define HEADER_X509_H + +#ifdef __cplusplus +extern "C" { +#endif + +#include "stack.h" +#include "asn1.h" + +#ifndef NO_RSA +#include "rsa.h" +#else +#define RSA long +#endif + +#ifndef NO_DSA +#include "dsa.h" +#else +#define DSA long +#endif + +#ifndef NO_DH +#include "dh.h" +#else +#define DH long +#endif + +#include "evp.h" + +#define X509_FILETYPE_PEM 1 +#define X509_FILETYPE_ASN1 2 +#define X509_FILETYPE_DEFAULT 3 + +#define X509v3_KU_DIGITAL_SIGNATURE 0x0080 +#define X509v3_KU_NON_REPUDIATION 0x0040 +#define X509v3_KU_KEY_ENCIPHERMENT 0x0020 +#define X509v3_KU_DATA_ENCIPHERMENT 0x0010 +#define X509v3_KU_KEY_AGREEMENT 0x0008 +#define X509v3_KU_KEY_CERT_SIGN 0x0004 +#define X509v3_KU_CRL_SIGN 0x0002 +#define X509v3_KU_ENCIPHER_ONLY 0x0001 +#define X509v3_KU_DECIPHER_ONLY 0x8000 +#define X509v3_KU_UNDEF 0xffff + +typedef struct X509_objects_st + { + int nid; + int (*a2i)(); + int (*i2a)(); + } X509_OBJECTS; + +typedef struct X509_algor_st + { + ASN1_OBJECT *algorithm; + ASN1_TYPE *parameter; + } X509_ALGOR; + +typedef struct X509_val_st + { + ASN1_UTCTIME *notBefore; + ASN1_UTCTIME *notAfter; + } X509_VAL; + +typedef struct X509_pubkey_st + { + X509_ALGOR *algor; + ASN1_BIT_STRING *public_key; + struct evp_pkey_st /* EVP_PKEY*/ *pkey; + } X509_PUBKEY; + +typedef struct X509_sig_st + { + X509_ALGOR *algor; + ASN1_OCTET_STRING *digest; + } X509_SIG; + +typedef struct X509_name_entry_st + { + ASN1_OBJECT *object; + ASN1_STRING *value; + int set; + int size; /* temp variable */ + } X509_NAME_ENTRY; + +/* we always keep X509_NAMEs in 2 forms. */ +typedef struct X509_name_st + { + STACK *entries; /* of X509_NAME_ENTRY */ + int modified; /* true if 'bytes' needs to be built */ +#ifdef HEADER_BUFFER_H + BUF_MEM *bytes; +#else + char *bytes; +#endif + unsigned long hash; /* Keep the hash around for lookups */ + } X509_NAME; + +#define X509_EX_V_NETSCAPE_HACK 0x8000 +#define X509_EX_V_INIT 0x0001 +typedef struct X509_extension_st + { + ASN1_OBJECT *object; + short critical; + short netscape_hack; + ASN1_OCTET_STRING *value; + long argl; /* used when decoding */ + char *argp; /* used when decoding */ + void (*ex_free)(); /* clear argp stuff */ + } X509_EXTENSION; + +/* #if 1 */ +typedef struct x509_extension_method_st + { + int nid; + int data_type; + int pack_type; + void (*ex_clear)(); + int (*ex_get_bool)(); + int (*ex_set_bool)(); + int (*ex_get_str)(); + int (*ex_set_str)(); + char *(*ex_get_struct)(); + int (*ex_set_struct)(); + int (*a2i)(); + int (*i2a)(); + } X509_EXTENSION_METHOD; +/* #endif */ + +typedef struct X509_req_info_st + { + ASN1_INTEGER *version; + X509_NAME *subject; + X509_PUBKEY *pubkey; + /* d=2 hl=2 l= 0 cons: cont: 00 */ + STACK /* X509_ATTRIBUTE */ *attributes; /* [ 0 ] */ + int req_kludge; + } X509_REQ_INFO; + +typedef struct X509_req_st + { + X509_REQ_INFO *req_info; + X509_ALGOR *sig_alg; + ASN1_BIT_STRING *signature; + int references; + } X509_REQ; + +typedef struct x509_cinf_st + { + ASN1_INTEGER *version; /* [ 0 ] default of v1 */ + ASN1_INTEGER *serialNumber; + X509_ALGOR *signature; + X509_NAME *issuer; + X509_VAL *validity; + X509_NAME *subject; + X509_PUBKEY *key; + ASN1_BIT_STRING *issuerUID; /* [ 1 ] optional in v2 */ + ASN1_BIT_STRING *subjectUID; /* [ 2 ] optional in v2 */ + STACK /* X509_EXTENSION */ *extensions; /* [ 3 ] optional in v3 */ + } X509_CINF; + +typedef struct x509_st + { + X509_CINF *cert_info; + X509_ALGOR *sig_alg; + ASN1_BIT_STRING *signature; + int valid; + int references; + char *name; + } X509; + +typedef struct X509_revoked_st + { + ASN1_INTEGER *serialNumber; + ASN1_UTCTIME *revocationDate; + STACK /* optional X509_EXTENSION */ *extensions; + int sequence; /* load sequence */ + } X509_REVOKED; + +typedef struct X509_crl_info_st + { + ASN1_INTEGER *version; + X509_ALGOR *sig_alg; + X509_NAME *issuer; + ASN1_UTCTIME *lastUpdate; + ASN1_UTCTIME *nextUpdate; + STACK /* X509_REVOKED */ *revoked; + STACK /* [0] X509_EXTENSION */ *extensions; + } X509_CRL_INFO; + +typedef struct X509_crl_st + { + /* actual signature */ + X509_CRL_INFO *crl; + X509_ALGOR *sig_alg; + ASN1_BIT_STRING *signature; + int references; + } X509_CRL; + +/* a sequence of these are used */ +typedef struct x509_attributes_st + { + ASN1_OBJECT *object; + int set; /* 1 for a set, 0 for a single item (which is wrong) */ + union { + char *ptr; +/* 1 */ STACK /* ASN1_TYPE */ *set; +/* 0 */ ASN1_TYPE *single; + } value; + } X509_ATTRIBUTE; + +typedef struct private_key_st + { + int version; + /* The PKCS#8 data types */ + X509_ALGOR *enc_algor; + ASN1_OCTET_STRING *enc_pkey; /* encrypted pub key */ + + /* When decrypted, the following will not be NULL */ + EVP_PKEY *dec_pkey; + + /* used to encrypt and decrypt */ + int key_length; + char *key_data; + int key_free; /* true if we should auto free key_data */ + + /* expanded version of 'enc_algor' */ + EVP_CIPHER_INFO cipher; + + int references; + } X509_PKEY; + +#ifdef HEADER_ENVELOPE_H +typedef struct X509_info_st + { + X509 *x509; + X509_CRL *crl; + X509_PKEY *x_pkey; + + EVP_CIPHER_INFO enc_cipher; + int enc_len; + char *enc_data; + + int references; + } X509_INFO; +#endif + +/* The next 2 structures and their 8 routines were sent to me by + * Pat Richard and are used to manipulate + * Netscapes spki strucutres - usefull if you are writing a CA web page + */ +typedef struct Netscape_spkac_st + { + X509_PUBKEY *pubkey; + ASN1_IA5STRING *challenge; /* challenge sent in atlas >= PR2 */ + } NETSCAPE_SPKAC; + +typedef struct Netscape_spki_st + { + NETSCAPE_SPKAC *spkac; /* signed public key and challenge */ + X509_ALGOR *sig_algor; + ASN1_BIT_STRING *signature; + } NETSCAPE_SPKI; + +#ifndef HEADER_BN_H +#define BIGNUM char +#endif + +typedef struct CBCParameter_st + { + unsigned char iv[8]; + } CBC_PARAM; + +#include "x509_vfy.h" +#include "pkcs7.h" + +#ifdef SSLEAY_MACROS +#define X509_verify(a,r) ASN1_verify((int (*)())i2d_X509_CINF,a->sig_alg,\ + a->signature,(char *)a->cert_info,r) +#define X509_REQ_verify(a,r) ASN1_verify((int (*)())i2d_X509_REQ_INFO, \ + a->sig_alg,a->signature,(char *)a->req_info,r) +#define X509_CRL_verify(a,r) ASN1_verify((int (*)())i2d_X509_CRL_INFO, \ + a->sig_alg, a->signature,(char *)a->crl,r) + +#define X509_sign(x,pkey,md) \ + ASN1_sign((int (*)())i2d_X509_CINF, x->cert_info->signature, \ + x->sig_alg, x->signature, (char *)x->cert_info,pkey,md) +#define X509_REQ_sign(x,pkey,md) \ + ASN1_sign((int (*)())i2d_X509_REQ_INFO,x->sig_alg, NULL, \ + x->signature, (char *)x->req_info,pkey,md) +#define X509_CRL_sign(x,pkey,md) \ + ASN1_sign((int (*)())i2d_X509_CRL_INFO,x->crl->sig_alg,x->sig_alg, \ + x->signature, (char *)x->crl,pkey,md) +#define NETSCAPE_SPKI_sign(x,pkey,md) \ + ASN1_sign((int (*)())i2d_NETSCAPE_SPKAC, x->sig_algor,NULL, \ + x->signature, (char *)x->spkac,pkey,md) + +#define X509_dup(x509) (X509 *)ASN1_dup((int (*)())i2d_X509, \ + (char *(*)())d2i_X509,(char *)x509) +#define X509_EXTENSION_dup(ex) (X509_EXTENSION *)ASN1_dup( \ + (int (*)())i2d_X509_EXTENSION, \ + (char *(*)())d2i_X509_EXTENSION,(char *)ex) +#define d2i_X509_fp(fp,x509) (X509 *)ASN1_d2i_fp((char *(*)())X509_new, \ + (char *(*)())d2i_X509, (fp),(unsigned char **)(x509)) +#define i2d_X509_fp(fp,x509) ASN1_i2d_fp(i2d_X509,fp,(unsigned char *)x509) +#define d2i_X509_bio(bp,x509) (X509 *)ASN1_d2i_bio((char *(*)())X509_new, \ + (char *(*)())d2i_X509, (bp),(unsigned char **)(x509)) +#define i2d_X509_bio(bp,x509) ASN1_i2d_bio(i2d_X509,bp,(unsigned char *)x509) + +#define X509_CRL_dup(crl) (X509_CRL *)ASN1_dup((int (*)())i2d_X509_CRL, \ + (char *(*)())d2i_X509_CRL,(char *)crl) +#define d2i_X509_CRL_fp(fp,crl) (X509_CRL *)ASN1_d2i_fp((char *(*)()) \ + X509_CRL_new,(char *(*)())d2i_X509_CRL, (fp),\ + (unsigned char **)(crl)) +#define i2d_X509_CRL_fp(fp,crl) ASN1_i2d_fp(i2d_X509_CRL,fp,\ + (unsigned char *)crl) +#define d2i_X509_CRL_bio(bp,crl) (X509_CRL *)ASN1_d2i_bio((char *(*)()) \ + X509_CRL_new,(char *(*)())d2i_X509_CRL, (bp),\ + (unsigned char **)(crl)) +#define i2d_X509_CRL_bio(bp,crl) ASN1_i2d_bio(i2d_X509_CRL,bp,\ + (unsigned char *)crl) + +#define PKCS7_dup(p7) (PKCS7 *)ASN1_dup((int (*)())i2d_PKCS7, \ + (char *(*)())d2i_PKCS7,(char *)p7) +#define d2i_PKCS7_fp(fp,p7) (PKCS7 *)ASN1_d2i_fp((char *(*)()) \ + PKCS7_new,(char *(*)())d2i_PKCS7, (fp),\ + (unsigned char **)(p7)) +#define i2d_PKCS7_fp(fp,p7) ASN1_i2d_fp(i2d_PKCS7,fp,\ + (unsigned char *)p7) +#define d2i_PKCS7_bio(bp,p7) (PKCS7 *)ASN1_d2i_bio((char *(*)()) \ + PKCS7_new,(char *(*)())d2i_PKCS7, (bp),\ + (unsigned char **)(p7)) +#define i2d_PKCS7_bio(bp,p7) ASN1_i2d_bio(i2d_PKCS7,bp,\ + (unsigned char *)p7) + +#define X509_REQ_dup(req) (X509_REQ *)ASN1_dup((int (*)())i2d_X509_REQ, \ + (char *(*)())d2i_X509_REQ,(char *)req) +#define d2i_X509_REQ_fp(fp,req) (X509_REQ *)ASN1_d2i_fp((char *(*)())\ + X509_REQ_new, (char *(*)())d2i_X509_REQ, (fp),\ + (unsigned char **)(req)) +#define i2d_X509_REQ_fp(fp,req) ASN1_i2d_fp(i2d_X509_REQ,fp,\ + (unsigned char *)req) +#define d2i_X509_REQ_bio(bp,req) (X509_REQ *)ASN1_d2i_bio((char *(*)())\ + X509_REQ_new, (char *(*)())d2i_X509_REQ, (bp),\ + (unsigned char **)(req)) +#define i2d_X509_REQ_bio(bp,req) ASN1_i2d_bio(i2d_X509_REQ,bp,\ + (unsigned char *)req) + +#define RSAPublicKey_dup(rsa) (RSA *)ASN1_dup((int (*)())i2d_RSAPublicKey, \ + (char *(*)())d2i_RSAPublicKey,(char *)rsa) +#define RSAPrivateKey_dup(rsa) (RSA *)ASN1_dup((int (*)())i2d_RSAPrivateKey, \ + (char *(*)())d2i_RSAPrivateKey,(char *)rsa) + +#define d2i_RSAPrivateKey_fp(fp,rsa) (RSA *)ASN1_d2i_fp((char *(*)())\ + RSA_new,(char *(*)())d2i_RSAPrivateKey, (fp), \ + (unsigned char **)(rsa)) +#define i2d_RSAPrivateKey_fp(fp,rsa) ASN1_i2d_fp(i2d_RSAPrivateKey,fp, \ + (unsigned char *)rsa) +#define d2i_RSAPrivateKey_bio(bp,rsa) (RSA *)ASN1_d2i_bio((char *(*)())\ + RSA_new,(char *(*)())d2i_RSAPrivateKey, (bp), \ + (unsigned char **)(rsa)) +#define i2d_RSAPrivateKey_bio(bp,rsa) ASN1_i2d_bio(i2d_RSAPrivateKey,bp, \ + (unsigned char *)rsa) + +#define d2i_RSAPublicKey_fp(fp,rsa) (RSA *)ASN1_d2i_fp((char *(*)())\ + RSA_new,(char *(*)())d2i_RSAPublicKey, (fp), \ + (unsigned char **)(rsa)) +#define i2d_RSAPublicKey_fp(fp,rsa) ASN1_i2d_fp(i2d_RSAPublicKey,fp, \ + (unsigned char *)rsa) +#define d2i_RSAPublicKey_bio(bp,rsa) (RSA *)ASN1_d2i_bio((char *(*)())\ + RSA_new,(char *(*)())d2i_RSAPublicKey, (bp), \ + (unsigned char **)(rsa)) +#define i2d_RSAPublicKey_bio(bp,rsa) ASN1_i2d_bio(i2d_RSAPublicKey,bp, \ + (unsigned char *)rsa) + +#define d2i_DSAPrivateKey_fp(fp,dsa) (DSA *)ASN1_d2i_fp((char *(*)())\ + DSA_new,(char *(*)())d2i_DSAPrivateKey, (fp), \ + (unsigned char **)(dsa)) +#define i2d_DSAPrivateKey_fp(fp,dsa) ASN1_i2d_fp(i2d_DSAPrivateKey,fp, \ + (unsigned char *)dsa) +#define d2i_DSAPrivateKey_bio(bp,dsa) (DSA *)ASN1_d2i_bio((char *(*)())\ + DSA_new,(char *(*)())d2i_DSAPrivateKey, (bp), \ + (unsigned char **)(dsa)) +#define i2d_DSAPrivateKey_bio(bp,dsa) ASN1_i2d_bio(i2d_DSAPrivateKey,bp, \ + (unsigned char *)dsa) + +#define X509_NAME_dup(xn) (X509_NAME *)ASN1_dup((int (*)())i2d_X509_NAME, \ + (char *(*)())d2i_X509_NAME,(char *)xn) +#define X509_NAME_ENTRY_dup(ne) (X509_NAME_ENTRY *)ASN1_dup( \ + (int (*)())i2d_X509_NAME_ENTRY, \ + (char *(*)())d2i_X509_NAME_ENTRY,\ + (char *)ne) + +#define X509_digest(data,type,md,len) \ + ASN1_digest((int (*)())i2d_X509,type,(char *)data,md,len) +#define X509_NAME_digest(data,type,md,len) \ + ASN1_digest((int (*)())i2d_X509_NAME,type,(char *)data,md,len) +#define PKCS7_ISSUER_AND_SERIAL_digest(data,type,md,len) \ + ASN1_digest((int (*)())i2d_PKCS7_ISSUER_AND_SERIAL,type,\ + (char *)data,md,len) +#endif + +#define X509_EXT_PACK_UNKNOWN 1 +#define X509_EXT_PACK_STRING 2 + +#define X509_get_version(x) ASN1_INTEGER_get((x)->cert_info->version) +/* #define X509_get_serialNumber(x) ((x)->cert_info->serialNumber) */ +#define X509_get_notBefore(x) ((x)->cert_info->validity->notBefore) +#define X509_get_notAfter(x) ((x)->cert_info->validity->notAfter) +#define X509_extract_key(x) X509_get_pubkey(x) /*****/ +#define X509_REQ_get_version(x) ASN1_INTEGER_get((x)->req_info->version) +#define X509_REQ_get_subject_name(x) ((x)->req_info->subject) +#define X509_REQ_extract_key(a) X509_REQ_get_pubkey(a) +#define X509_name_cmp(a,b) X509_NAME_cmp((a),(b)) +#define X509_get_signature_type(x) EVP_PKEY_type(OBJ_obj2nid((x)->sig_alg->algorithm)) + +/* This one is only used so that a binary form can output, as in + * i2d_X509_NAME(X509_get_X509_PUBKEY(x),&buf) */ +#define X509_get_X509_PUBKEY(x) ((x)->cert_info->key) + +#ifndef NOPROTO + +#ifndef SSLEAY_MACROS +#ifdef HEADER_ENVELOPE_H +int X509_verify(X509 *a, EVP_PKEY *r); +char *X509_verify_cert_error_string(long n); + +int X509_REQ_verify(X509_REQ *a, EVP_PKEY *r); +int X509_CRL_verify(X509_CRL *a, EVP_PKEY *r); +int NETSCAPE_SPKI_verify(NETSCAPE_SPKI *a, EVP_PKEY *r); + +int X509_sign(X509 *x, EVP_PKEY *pkey, EVP_MD *md); +int X509_REQ_sign(X509_REQ *x, EVP_PKEY *pkey, EVP_MD *md); +int X509_CRL_sign(X509_CRL *x, EVP_PKEY *pkey, EVP_MD *md); +int NETSCAPE_SPKI_sign(NETSCAPE_SPKI *x, EVP_PKEY *pkey, EVP_MD *md); + +int X509_digest(X509 *data,EVP_MD *type,unsigned char *md,unsigned int *len); +int X509_NAME_digest(X509_NAME *data,EVP_MD *type, + unsigned char *md,unsigned int *len); +#endif + +#ifndef NO_FP_API +X509 *d2i_X509_fp(FILE *fp, X509 *x509); +int i2d_X509_fp(FILE *fp,X509 *x509); +X509_CRL *d2i_X509_CRL_fp(FILE *fp,X509_CRL *crl); +int i2d_X509_CRL_fp(FILE *fp,X509_CRL *crl); +X509_REQ *d2i_X509_REQ_fp(FILE *fp,X509_REQ *req); +int i2d_X509_REQ_fp(FILE *fp,X509_REQ *req); +RSA *d2i_RSAPrivateKey_fp(FILE *fp,RSA *rsa); +int i2d_RSAPrivateKey_fp(FILE *fp,RSA *rsa); +DSA *d2i_DSAPrivateKey_fp(FILE *fp, DSA *dsa); +int i2d_DSAPrivateKey_fp(FILE *fp, DSA *dsa); +RSA *d2i_RSAPublicKey_fp(FILE *fp,RSA *rsa); +int i2d_RSAPublicKey_fp(FILE *fp,RSA *rsa); +#endif + +#ifdef HEADER_BIO_H +X509 *d2i_X509_bio(BIO *bp,X509 *x509); +int i2d_X509_bio(BIO *bp,X509 *x509); +X509_CRL *d2i_X509_CRL_bio(BIO *bp,X509_CRL *crl); +int i2d_X509_CRL_bio(BIO *bp,X509_CRL *crl); +X509_REQ *d2i_X509_REQ_bio(BIO *bp,X509_REQ *req); +int i2d_X509_REQ_bio(BIO *bp,X509_REQ *req); +RSA *d2i_RSAPrivateKey_bio(BIO *bp,RSA *rsa); +int i2d_RSAPrivateKey_bio(BIO *bp,RSA *rsa); +DSA *d2i_DSAPrivateKey_bio(BIO *bp, DSA *dsa); +int i2d_DSAPrivateKey_bio(BIO *bp, DSA *dsa); +RSA *d2i_RSAPublicKey_bio(BIO *bp,RSA *rsa); +int i2d_RSAPublicKey_bio(BIO *bp,RSA *rsa); +#endif + +X509 *X509_dup(X509 *x509); +X509_EXTENSION *X509_EXTENSION_dup(X509_EXTENSION *ex); +X509_CRL *X509_CRL_dup(X509_CRL *crl); +X509_REQ *X509_REQ_dup(X509_REQ *req); +X509_NAME *X509_NAME_dup(X509_NAME *xn); +X509_NAME_ENTRY *X509_NAME_ENTRY_dup(X509_NAME_ENTRY *ne); +RSA *RSAPublicKey_dup(RSA *rsa); +RSA *RSAPrivateKey_dup(RSA *rsa); + +#endif /* !SSLEAY_MACROS */ + +int X509_cmp_current_time(ASN1_UTCTIME *s); +ASN1_UTCTIME * X509_gmtime_adj(ASN1_UTCTIME *s, long adj); + +char * X509_get_default_cert_area(void ); +char * X509_get_default_cert_dir(void ); +char * X509_get_default_cert_file(void ); +char * X509_get_default_cert_dir_env(void ); +char * X509_get_default_cert_file_env(void ); +char * X509_get_default_private_dir(void ); + +X509_REQ * X509_to_X509_REQ(X509 *x, EVP_PKEY *pkey, EVP_MD *md); +X509 * X509_REQ_to_X509(X509_REQ *r, int days,EVP_PKEY *pkey); +void ERR_load_X509_strings(void ); + +X509_ALGOR * X509_ALGOR_new(void ); +void X509_ALGOR_free(X509_ALGOR *a); +int i2d_X509_ALGOR(X509_ALGOR *a,unsigned char **pp); +X509_ALGOR * d2i_X509_ALGOR(X509_ALGOR **a,unsigned char **pp, + long length); + +X509_VAL * X509_VAL_new(void ); +void X509_VAL_free(X509_VAL *a); +int i2d_X509_VAL(X509_VAL *a,unsigned char **pp); +X509_VAL * d2i_X509_VAL(X509_VAL **a,unsigned char **pp, + long length); + +X509_PUBKEY * X509_PUBKEY_new(void ); +void X509_PUBKEY_free(X509_PUBKEY *a); +int i2d_X509_PUBKEY(X509_PUBKEY *a,unsigned char **pp); +X509_PUBKEY * d2i_X509_PUBKEY(X509_PUBKEY **a,unsigned char **pp, + long length); +int X509_PUBKEY_set(X509_PUBKEY **x, EVP_PKEY *pkey); +EVP_PKEY * X509_PUBKEY_get(X509_PUBKEY *key); +int X509_get_pubkey_parameters(EVP_PKEY *pkey, STACK *chain); + + +X509_SIG * X509_SIG_new(void ); +void X509_SIG_free(X509_SIG *a); +int i2d_X509_SIG(X509_SIG *a,unsigned char **pp); +X509_SIG * d2i_X509_SIG(X509_SIG **a,unsigned char **pp,long length); + +X509_REQ_INFO *X509_REQ_INFO_new(void); +void X509_REQ_INFO_free(X509_REQ_INFO *a); +int i2d_X509_REQ_INFO(X509_REQ_INFO *a,unsigned char **pp); +X509_REQ_INFO *d2i_X509_REQ_INFO(X509_REQ_INFO **a,unsigned char **pp, + long length); + +X509_REQ * X509_REQ_new(void); +void X509_REQ_free(X509_REQ *a); +int i2d_X509_REQ(X509_REQ *a,unsigned char **pp); +X509_REQ * d2i_X509_REQ(X509_REQ **a,unsigned char **pp,long length); + +X509_ATTRIBUTE *X509_ATTRIBUTE_new(void ); +void X509_ATTRIBUTE_free(X509_ATTRIBUTE *a); +int i2d_X509_ATTRIBUTE(X509_ATTRIBUTE *a,unsigned char **pp); +X509_ATTRIBUTE *d2i_X509_ATTRIBUTE(X509_ATTRIBUTE **a,unsigned char **pp, + long length); + +X509_EXTENSION *X509_EXTENSION_new(void ); +void X509_EXTENSION_free(X509_EXTENSION *a); +int i2d_X509_EXTENSION(X509_EXTENSION *a,unsigned char **pp); +X509_EXTENSION *d2i_X509_EXTENSION(X509_EXTENSION **a,unsigned char **pp, + long length); + +X509_NAME_ENTRY *X509_NAME_ENTRY_new(void); +void X509_NAME_ENTRY_free(X509_NAME_ENTRY *a); +int i2d_X509_NAME_ENTRY(X509_NAME_ENTRY *a,unsigned char **pp); +X509_NAME_ENTRY *d2i_X509_NAME_ENTRY(X509_NAME_ENTRY **a,unsigned char **pp, + long length); + +X509_NAME * X509_NAME_new(void); +void X509_NAME_free(X509_NAME *a); +int i2d_X509_NAME(X509_NAME *a,unsigned char **pp); +X509_NAME * d2i_X509_NAME(X509_NAME **a,unsigned char **pp,long length); +int X509_NAME_set(X509_NAME **xn, X509_NAME *name); + + +X509_CINF * X509_CINF_new(void); +void X509_CINF_free(X509_CINF *a); +int i2d_X509_CINF(X509_CINF *a,unsigned char **pp); +X509_CINF * d2i_X509_CINF(X509_CINF **a,unsigned char **pp,long length); + +X509 * X509_new(void); +void X509_free(X509 *a); +int i2d_X509(X509 *a,unsigned char **pp); +X509 * d2i_X509(X509 **a,unsigned char **pp,long length); + +X509_REVOKED * X509_REVOKED_new(void); +void X509_REVOKED_free(X509_REVOKED *a); +int i2d_X509_REVOKED(X509_REVOKED *a,unsigned char **pp); +X509_REVOKED * d2i_X509_REVOKED(X509_REVOKED **a,unsigned char **pp,long length); + +X509_CRL_INFO *X509_CRL_INFO_new(void); +void X509_CRL_INFO_free(X509_CRL_INFO *a); +int i2d_X509_CRL_INFO(X509_CRL_INFO *a,unsigned char **pp); +X509_CRL_INFO *d2i_X509_CRL_INFO(X509_CRL_INFO **a,unsigned char **pp, + long length); + +X509_CRL * X509_CRL_new(void); +void X509_CRL_free(X509_CRL *a); +int i2d_X509_CRL(X509_CRL *a,unsigned char **pp); +X509_CRL * d2i_X509_CRL(X509_CRL **a,unsigned char **pp,long length); + +X509_PKEY * X509_PKEY_new(void ); +void X509_PKEY_free(X509_PKEY *a); +int i2d_X509_PKEY(X509_PKEY *a,unsigned char **pp); +X509_PKEY * d2i_X509_PKEY(X509_PKEY **a,unsigned char **pp,long length); + +NETSCAPE_SPKI * NETSCAPE_SPKI_new(void ); +void NETSCAPE_SPKI_free(NETSCAPE_SPKI *a); +int i2d_NETSCAPE_SPKI(NETSCAPE_SPKI *a,unsigned char **pp); +NETSCAPE_SPKI * d2i_NETSCAPE_SPKI(NETSCAPE_SPKI **a,unsigned char **pp, + long length); + +NETSCAPE_SPKAC *NETSCAPE_SPKAC_new(void ); +void NETSCAPE_SPKAC_free(NETSCAPE_SPKAC *a); +int i2d_NETSCAPE_SPKAC(NETSCAPE_SPKAC *a,unsigned char **pp); +NETSCAPE_SPKAC *d2i_NETSCAPE_SPKAC(NETSCAPE_SPKAC **a,unsigned char **pp, + long length); + +#ifdef HEADER_ENVELOPE_H +X509_INFO * X509_INFO_new(void); +void X509_INFO_free(X509_INFO *a); +char * X509_NAME_oneline(X509_NAME *a,char *buf,int size); + +int ASN1_verify(int (*i2d)(), X509_ALGOR *algor1, + ASN1_BIT_STRING *signature,char *data,EVP_PKEY *pkey); + +int ASN1_digest(int (*i2d)(),EVP_MD *type,char *data, + unsigned char *md,unsigned int *len); + +int ASN1_sign(int (*i2d)(), X509_ALGOR *algor1, X509_ALGOR *algor2, + ASN1_BIT_STRING *signature, + char *data,EVP_PKEY *pkey, EVP_MD *type); +#endif + +int X509_set_version(X509 *x,long version); +int X509_set_serialNumber(X509 *x, ASN1_INTEGER *serial); +ASN1_INTEGER * X509_get_serialNumber(X509 *x); +int X509_set_issuer_name(X509 *x, X509_NAME *name); +X509_NAME * X509_get_issuer_name(X509 *a); +int X509_set_subject_name(X509 *x, X509_NAME *name); +X509_NAME * X509_get_subject_name(X509 *a); +int X509_set_notBefore(X509 *x, ASN1_UTCTIME *tm); +int X509_set_notAfter(X509 *x, ASN1_UTCTIME *tm); +int X509_set_pubkey(X509 *x, EVP_PKEY *pkey); +EVP_PKEY * X509_get_pubkey(X509 *x); +int X509_certificate_type(X509 *x,EVP_PKEY *pubkey /* optional */); + +int X509_REQ_set_version(X509_REQ *x,long version); +int X509_REQ_set_subject_name(X509_REQ *req,X509_NAME *name); +int X509_REQ_set_pubkey(X509_REQ *x, EVP_PKEY *pkey); +EVP_PKEY * X509_REQ_get_pubkey(X509_REQ *req); + +int X509_check_private_key(X509 *x509,EVP_PKEY *pkey); + +int X509_issuer_and_serial_cmp(X509 *a, X509 *b); +unsigned long X509_issuer_and_serial_hash(X509 *a); + +int X509_issuer_name_cmp(X509 *a, X509 *b); +unsigned long X509_issuer_name_hash(X509 *a); + +int X509_subject_name_cmp(X509 *a,X509 *b); +unsigned long X509_subject_name_hash(X509 *x); + +int X509_NAME_cmp (X509_NAME *a, X509_NAME *b); +unsigned long X509_NAME_hash(X509_NAME *x); + +int X509_CRL_cmp(X509_CRL *a,X509_CRL *b); +#ifndef NO_FP_API +int X509_print_fp(FILE *bp,X509 *x); +int X509_REQ_print_fp(FILE *bp,X509_REQ *req); +#endif + +#ifdef HEADER_BIO_H +int X509_NAME_print(BIO *bp, X509_NAME *name, int obase); +int X509_print(BIO *bp,X509 *x); +int X509_REQ_print(BIO *bp,X509_REQ *req); +#endif + +int X509_NAME_entry_count(X509_NAME *name); +int X509_NAME_get_text_by_NID(X509_NAME *name, int nid, + char *buf,int len); +int X509_NAME_get_text_by_OBJ(X509_NAME *name, ASN1_OBJECT *obj, + char *buf,int len); + +/* NOTE: you should be passsing -1, not 0 as lastpos. The functions that use + * lastpos, seach after that position on. */ +int X509_NAME_get_index_by_NID(X509_NAME *name,int nid,int lastpos); +int X509_NAME_get_index_by_OBJ(X509_NAME *name,ASN1_OBJECT *obj, + int lastpos); +X509_NAME_ENTRY *X509_NAME_get_entry(X509_NAME *name, int loc); +X509_NAME_ENTRY *X509_NAME_delete_entry(X509_NAME *name, int loc); +int X509_NAME_add_entry(X509_NAME *name,X509_NAME_ENTRY *ne, + int loc, int set); +X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_NID(X509_NAME_ENTRY **ne, int nid, + int type,unsigned char *bytes, int len); +X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_OBJ(X509_NAME_ENTRY **ne, + ASN1_OBJECT *obj, int type,unsigned char *bytes, + int len); +int X509_NAME_ENTRY_set_object(X509_NAME_ENTRY *ne, + ASN1_OBJECT *obj); +int X509_NAME_ENTRY_set_data(X509_NAME_ENTRY *ne, int type, + unsigned char *bytes, int len); +ASN1_OBJECT * X509_NAME_ENTRY_get_object(X509_NAME_ENTRY *ne); +ASN1_STRING * X509_NAME_ENTRY_get_data(X509_NAME_ENTRY *ne); + +int X509v3_get_ext_count(STACK *x); +int X509v3_get_ext_by_NID(STACK *x, int nid, int lastpos); +int X509v3_get_ext_by_OBJ(STACK *x,ASN1_OBJECT *obj,int lastpos); +int X509v3_get_ext_by_critical(STACK *x, int crit, int lastpos); +X509_EXTENSION *X509v3_get_ext(STACK *x, int loc); +X509_EXTENSION *X509v3_delete_ext(STACK *x, int loc); +STACK * X509v3_add_ext(STACK **x, X509_EXTENSION *ex, int loc); + +int X509v3_data_type_by_OBJ(ASN1_OBJECT *obj); +int X509v3_data_type_by_NID(int nid); +int X509v3_pack_type_by_OBJ(ASN1_OBJECT *obj); +int X509v3_pack_type_by_NID(int nid); + +int X509_get_ext_count(X509 *x); +int X509_get_ext_by_NID(X509 *x, int nid, int lastpos); +int X509_get_ext_by_OBJ(X509 *x,ASN1_OBJECT *obj,int lastpos); +int X509_get_ext_by_critical(X509 *x, int crit, int lastpos); +X509_EXTENSION *X509_get_ext(X509 *x, int loc); +X509_EXTENSION *X509_delete_ext(X509 *x, int loc); +int X509_add_ext(X509 *x, X509_EXTENSION *ex, int loc); + +int X509_CRL_get_ext_count(X509_CRL *x); +int X509_CRL_get_ext_by_NID(X509_CRL *x, int nid, int lastpos); +int X509_CRL_get_ext_by_OBJ(X509_CRL *x,ASN1_OBJECT *obj,int lastpos); +int X509_CRL_get_ext_by_critical(X509_CRL *x, int crit, int lastpos); +X509_EXTENSION *X509_CRL_get_ext(X509_CRL *x, int loc); +X509_EXTENSION *X509_CRL_delete_ext(X509_CRL *x, int loc); +int X509_CRL_add_ext(X509_CRL *x, X509_EXTENSION *ex, int loc); + +int X509_REVOKED_get_ext_count(X509_REVOKED *x); +int X509_REVOKED_get_ext_by_NID(X509_REVOKED *x, int nid, int lastpos); +int X509_REVOKED_get_ext_by_OBJ(X509_REVOKED *x,ASN1_OBJECT *obj,int lastpos); +int X509_REVOKED_get_ext_by_critical(X509_REVOKED *x, int crit, int lastpos); +X509_EXTENSION *X509_REVOKED_get_ext(X509_REVOKED *x, int loc); +X509_EXTENSION *X509_REVOKED_delete_ext(X509_REVOKED *x, int loc); +int X509_REVOKED_add_ext(X509_REVOKED *x, X509_EXTENSION *ex, int loc); + +X509_EXTENSION *X509_EXTENSION_create_by_NID(X509_EXTENSION **ex, + int nid, int crit, ASN1_OCTET_STRING *data); +X509_EXTENSION *X509_EXTENSION_create_by_OBJ(X509_EXTENSION **ex, + ASN1_OBJECT *obj,int crit,ASN1_OCTET_STRING *data); +int X509_EXTENSION_set_object(X509_EXTENSION *ex,ASN1_OBJECT *obj); +int X509_EXTENSION_set_critical(X509_EXTENSION *ex, int crit); +int X509_EXTENSION_set_data(X509_EXTENSION *ex, + ASN1_OCTET_STRING *data); +ASN1_OBJECT * X509_EXTENSION_get_object(X509_EXTENSION *ex); +ASN1_OCTET_STRING *X509_EXTENSION_get_data(X509_EXTENSION *ne); +int X509_EXTENSION_get_critical(X509_EXTENSION *ex); +ASN1_OCTET_STRING *X509v3_pack_string(ASN1_OCTET_STRING **ex,int type, + unsigned char *bytes, int len); +ASN1_STRING * X509v3_unpack_string(ASN1_STRING **ex,int type, + ASN1_OCTET_STRING *os); + +int X509_verify_cert(X509_STORE_CTX *ctx); + +/* lookup a cert from a X509 STACK */ +X509 *X509_find_by_issuer_and_serial(STACK *sk,X509_NAME *name, + ASN1_INTEGER *serial); +X509 *X509_find_by_subject(STACK *sk,X509_NAME *name); + +#else + +#ifndef SSLEAY_MACROS +#ifdef HEADER_ENVELOPE_H +int X509_verify(); +int X509_REQ_verify(); +int X509_CRL_verify(); +int NETSCAPE_SPKI_verify(); + +int X509_sign(); +int X509_REQ_sign(); +int X509_CRL_sign(); +int NETSCAPE_SPKI_sign(); + +int X509_digest(); +int X509_NAME_digest(); +#endif + +#ifndef NO_FP_API +X509 *d2i_X509_fp(); +int i2d_X509_fp(); +X509_CRL *d2i_X509_CRL_fp(); +int i2d_X509_CRL_fp(); +X509_REQ *d2i_X509_REQ_fp(); +int i2d_X509_REQ_fp(); +RSA *d2i_RSAPrivateKey_fp(); +int i2d_RSAPrivateKey_fp(); +DSA *d2i_DSAPrivateKey_fp(); +int i2d_DSAPrivateKey_fp(); +RSA *d2i_RSAPublicKey_fp(); +int i2d_RSAPublicKey_fp(); +#endif + +X509 *d2i_X509_bio(); +int i2d_X509_bio(); +X509_CRL *d2i_X509_CRL_bio(); +int i2d_X509_CRL_bio(); +X509_REQ *d2i_X509_REQ_bio(); +int i2d_X509_REQ_bio(); +RSA *d2i_RSAPrivateKey_bio(); +int i2d_RSAPrivateKey_bio(); +DSA *d2i_DSAPrivateKey_bio(); +int i2d_DSAPrivateKey_bio(); +RSA *d2i_RSAPublicKey_bio(); +int i2d_RSAPublicKey_bio(); + +X509 *X509_dup(); +X509_EXTENSION *X509_EXTENSION_dup(); +X509_CRL *X509_CRL_dup(); +X509_REQ *X509_REQ_dup(); +X509_NAME *X509_NAME_dup(); +X509_NAME_ENTRY *X509_NAME_ENTRY_dup(); +RSA *RSAPublicKey_dup(); +RSA *RSAPrivateKey_dup(); + +#endif /* !SSLEAY_MACROS */ + +int X509_cmp_current_time(); +ASN1_UTCTIME * X509_gmtime_adj(); + +char * X509_get_default_cert_area(); +char * X509_get_default_cert_dir(); +char * X509_get_default_cert_file(); +char * X509_get_default_cert_dir_env(); +char * X509_get_default_cert_file_env(); +char * X509_get_default_private_dir(); + +X509_REQ * X509_to_X509_REQ(); +X509 * X509_REQ_to_X509(); +void ERR_load_X509_strings(); + +X509_ALGOR * X509_ALGOR_new(); +void X509_ALGOR_free(); +int i2d_X509_ALGOR(); +X509_ALGOR * d2i_X509_ALGOR(); + +X509_VAL * X509_VAL_new(); +void X509_VAL_free(); +int i2d_X509_VAL(); +X509_VAL * d2i_X509_VAL(); + +X509_PUBKEY * X509_PUBKEY_new(); +void X509_PUBKEY_free(); +int i2d_X509_PUBKEY(); +X509_PUBKEY * d2i_X509_PUBKEY(); +int X509_PUBKEY_set(); +EVP_PKEY * X509_PUBKEY_get(); +int X509_get_pubkey_parameters(); + +X509_SIG * X509_SIG_new(); +void X509_SIG_free(); +int i2d_X509_SIG(); +X509_SIG * d2i_X509_SIG(); + +X509_REQ_INFO *X509_REQ_INFO_new(); +void X509_REQ_INFO_free(); +int i2d_X509_REQ_INFO(); +X509_REQ_INFO *d2i_X509_REQ_INFO(); + +X509_REQ * X509_REQ_new(); +void X509_REQ_free(); +int i2d_X509_REQ(); +X509_REQ * d2i_X509_REQ(); + +X509_ATTRIBUTE *X509_ATTRIBUTE_new(); +void X509_ATTRIBUTE_free(); +int i2d_X509_ATTRIBUTE(); +X509_ATTRIBUTE *d2i_X509_ATTRIBUTE(); + +X509_EXTENSION *X509_EXTENSION_new(); +void X509_EXTENSION_free(); +int i2d_X509_EXTENSION(); +X509_EXTENSION *d2i_X509_EXTENSION(); + +X509_NAME_ENTRY *X509_NAME_ENTRY_new(); +void X509_NAME_ENTRY_free(); +int i2d_X509_NAME_ENTRY(); +X509_NAME_ENTRY *d2i_X509_NAME_ENTRY(); + +X509_NAME * X509_NAME_new(); +void X509_NAME_free(); +int i2d_X509_NAME(); +X509_NAME * d2i_X509_NAME(); +int X509_NAME_set(); + + +X509_CINF * X509_CINF_new(); +void X509_CINF_free(); +int i2d_X509_CINF(); +X509_CINF * d2i_X509_CINF(); + +X509 * X509_new(); +void X509_free(); +int i2d_X509(); +X509 * d2i_X509(); + +X509_REVOKED * X509_REVOKED_new(); +void X509_REVOKED_free(); +int i2d_X509_REVOKED(); +X509_REVOKED * d2i_X509_REVOKED(); + +X509_CRL_INFO *X509_CRL_INFO_new(); +void X509_CRL_INFO_free(); +int i2d_X509_CRL_INFO(); +X509_CRL_INFO *d2i_X509_CRL_INFO(); + +X509_CRL * X509_CRL_new(); +void X509_CRL_free(); +int i2d_X509_CRL(); +X509_CRL * d2i_X509_CRL(); + +X509_PKEY * X509_PKEY_new(); +void X509_PKEY_free(); +int i2d_X509_PKEY(); +X509_PKEY * d2i_X509_PKEY(); + +NETSCAPE_SPKI * NETSCAPE_SPKI_new(); +void NETSCAPE_SPKI_free(); +int i2d_NETSCAPE_SPKI(); +NETSCAPE_SPKI * d2i_NETSCAPE_SPKI(); + +NETSCAPE_SPKAC *NETSCAPE_SPKAC_new(); +void NETSCAPE_SPKAC_free(); +int i2d_NETSCAPE_SPKAC(); +NETSCAPE_SPKAC *d2i_NETSCAPE_SPKAC(); + +#ifdef HEADER_ENVELOPE_H +X509_INFO * X509_INFO_new(); +void X509_INFO_free(); +#endif + +char * X509_NAME_oneline(); + +int ASN1_verify(); +int ASN1_digest(); +int ASN1_sign(); + +int X509_set_version(); +int X509_set_serialNumber(); +ASN1_INTEGER * X509_get_serialNumber(); +int X509_set_issuer_name(); +X509_NAME * X509_get_issuer_name(); +int X509_set_subject_name(); +X509_NAME * X509_get_subject_name(); +int X509_set_notBefore(); +int X509_set_notAfter(); +int X509_set_pubkey(); +EVP_PKEY * X509_get_pubkey(); +int X509_certificate_type(); + +int X509_REQ_set_version(); +int X509_REQ_set_subject_name(); +int X509_REQ_set_pubkey(); +EVP_PKEY * X509_REQ_get_pubkey(); + +int X509_check_private_key(); + +int X509_issuer_and_serial_cmp(); +unsigned long X509_issuer_and_serial_hash(); + +int X509_issuer_name_cmp(); +unsigned long X509_issuer_name_hash(); + +int X509_subject_name_cmp(); +unsigned long X509_subject_name_hash(); + +int X509_NAME_cmp (); +unsigned long X509_NAME_hash(); + +int X509_CRL_cmp(); +#ifndef NO_FP_API +int X509_print_fp(); +int X509_REQ_print_fp(); +#endif + +int X509_NAME_print(); +int X509_print(); +int X509_REQ_print(); + +int X509_NAME_entry_count(); +int X509_NAME_get_text_by_NID(); +int X509_NAME_get_text_by_OBJ(); + +int X509_NAME_get_index_by_NID(); +int X509_NAME_get_index_by_OBJ(); +X509_NAME_ENTRY *X509_NAME_get_entry(); +X509_NAME_ENTRY *X509_NAME_delete_entry(); +int X509_NAME_add_entry(); +X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_NID(); +X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_OBJ(); +int X509_NAME_ENTRY_set_object(); +int X509_NAME_ENTRY_set_data(); +ASN1_OBJECT * X509_NAME_ENTRY_get_object(); +ASN1_STRING * X509_NAME_ENTRY_get_data(); + +int X509v3_get_ext_count(); +int X509v3_get_ext_by_NID(); +int X509v3_get_ext_by_OBJ(); +int X509v3_get_ext_by_critical(); +X509_EXTENSION *X509v3_get_ext(); +X509_EXTENSION *X509v3_delete_ext(); +STACK * X509v3_add_ext(); + +int X509v3_data_type_by_OBJ(); +int X509v3_data_type_by_NID(); +int X509v3_pack_type_by_OBJ(); +int X509v3_pack_type_by_NID(); + +int X509_get_ext_count(); +int X509_get_ext_by_NID(); +int X509_get_ext_by_OBJ(); +int X509_get_ext_by_critical(); +X509_EXTENSION *X509_get_ext(); +X509_EXTENSION *X509_delete_ext(); +int X509_add_ext(); + +int X509_CRL_get_ext_count(); +int X509_CRL_get_ext_by_NID(); +int X509_CRL_get_ext_by_OBJ(); +int X509_CRL_get_ext_by_critical(); +X509_EXTENSION *X509_CRL_get_ext(); +X509_EXTENSION *X509_CRL_delete_ext(); +int X509_CRL_add_ext(); + +int X509_REVOKED_get_ext_count(); +int X509_REVOKED_get_ext_by_NID(); +int X509_REVOKED_get_ext_by_OBJ(); +int X509_REVOKED_get_ext_by_critical(); +X509_EXTENSION *X509_REVOKED_get_ext(); +X509_EXTENSION *X509_REVOKED_delete_ext(); +int X509_REVOKED_add_ext(); + +X509_EXTENSION *X509_EXTENSION_create_by_NID(); +X509_EXTENSION *X509_EXTENSION_create_by_OBJ(); +int X509_EXTENSION_set_object(); +int X509_EXTENSION_set_critical(); +int X509_EXTENSION_set_data(); +ASN1_OBJECT * X509_EXTENSION_get_object(); +ASN1_OCTET_STRING *X509_EXTENSION_get_data(); +int X509_EXTENSION_get_critical(); +ASN1_OCTET_STRING *X509v3_pack_string(); +ASN1_STRING * X509v3_unpack_string(); + +int X509_verify_cert(); +char * X509_verify_cert_error_string(); + +/* lookup a cert from a X509 STACK */ +X509 *X509_find_by_issuer_and_serial(); +X509 *X509_find_by_subject(); + +#endif + +/* BEGIN ERROR CODES */ +/* Error codes for the X509 functions. */ + +/* Function codes. */ +#define X509_F_ADD_CERT_DIR 100 +#define X509_F_BY_FILE_CTRL 101 +#define X509_F_DIR_CTRL 102 +#define X509_F_GET_CERT_BY_SUBJECT 103 +#define X509_F_X509V3_ADD_EXT 104 +#define X509_F_X509V3_ADD_EXTENSION 105 +#define X509_F_X509V3_PACK_STRING 106 +#define X509_F_X509V3_UNPACK_STRING 107 +#define X509_F_X509_EXTENSION_CREATE_BY_NID 108 +#define X509_F_X509_EXTENSION_CREATE_BY_OBJ 109 +#define X509_F_X509_GET_PUBKEY_PARAMETERS 110 +#define X509_F_X509_LOAD_CERT_FILE 111 +#define X509_F_X509_LOAD_CRL_FILE 112 +#define X509_F_X509_NAME_ADD_ENTRY 113 +#define X509_F_X509_NAME_ENTRY_CREATE_BY_NID 114 +#define X509_F_X509_NAME_ENTRY_SET_OBJECT 115 +#define X509_F_X509_NAME_ONELINE 116 +#define X509_F_X509_NAME_PRINT 117 +#define X509_F_X509_PRINT_FP 118 +#define X509_F_X509_PUBKEY_GET 119 +#define X509_F_X509_PUBKEY_SET 120 +#define X509_F_X509_REQ_PRINT 121 +#define X509_F_X509_REQ_PRINT_FP 122 +#define X509_F_X509_REQ_TO_X509 123 +#define X509_F_X509_STORE_ADD_CERT 124 +#define X509_F_X509_STORE_ADD_CRL 125 +#define X509_F_X509_TO_X509_REQ 126 +#define X509_F_X509_VERIFY_CERT 127 + +/* Reason codes. */ +#define X509_R_BAD_X509_FILETYPE 100 +#define X509_R_CERT_ALREADY_IN_HASH_TABLE 101 +#define X509_R_ERR_ASN1_LIB 102 +#define X509_R_LOADING_CERT_DIR 103 +#define X509_R_LOADING_DEFAULTS 104 +#define X509_R_NO_CERT_SET_FOR_US_TO_VERIFY 105 +#define X509_R_SHOULD_RETRY 106 +#define X509_R_UNABLE_TO_FIND_PARAMETERS_IN_CHAIN 107 +#define X509_R_UNABLE_TO_GET_CERTS_PUBLIC_KEY 108 +#define X509_R_UNKNOWN_NID 109 +#define X509_R_UNKNOWN_STRING_TYPE 110 +#define X509_R_UNSUPPORTED_ALGORITHM 111 +#define X509_R_WRONG_LOOKUP_TYPE 112 + +#ifdef __cplusplus +} +#endif +#endif + diff --git a/src/lib/libcrypto/x509/x509_cmp.c b/src/lib/libcrypto/x509/x509_cmp.c new file mode 100644 index 0000000000..f9d9510ac5 --- /dev/null +++ b/src/lib/libcrypto/x509/x509_cmp.c @@ -0,0 +1,257 @@ +/* crypto/x509/x509_cmp.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include +#include +#include +#include "cryptlib.h" +#include "asn1.h" +#include "objects.h" +#include "x509.h" + +int X509_issuer_and_serial_cmp(a,b) +X509 *a; +X509 *b; + { + int i; + X509_CINF *ai,*bi; + + ai=a->cert_info; + bi=b->cert_info; + i=ASN1_INTEGER_cmp(ai->serialNumber,bi->serialNumber); + if (i) return(i); + return(X509_NAME_cmp(ai->issuer,bi->issuer)); + } + +#ifndef NO_MD5 +unsigned long X509_issuer_and_serial_hash(a) +X509 *a; + { + unsigned long ret=0; + MD5_CTX ctx; + unsigned char md[16]; + char str[256]; + + X509_NAME_oneline(a->cert_info->issuer,str,256); + ret=strlen(str); + MD5_Init(&ctx); + MD5_Update(&ctx,(unsigned char *)str,ret); + MD5_Update(&ctx,(unsigned char *)a->cert_info->serialNumber->data, + (unsigned long)a->cert_info->serialNumber->length); + MD5_Final(&(md[0]),&ctx); + ret=( ((unsigned long)md[0] )|((unsigned long)md[1]<<8L)| + ((unsigned long)md[2]<<16L)|((unsigned long)md[3]<<24L) + )&0xffffffffL; + return(ret); + } +#endif + +int X509_issuer_name_cmp(a, b) +X509 *a; +X509 *b; + { + return(X509_NAME_cmp(a->cert_info->issuer,b->cert_info->issuer)); + } + +int X509_subject_name_cmp(a, b) +X509 *a; +X509 *b; + { + return(X509_NAME_cmp(a->cert_info->subject,b->cert_info->subject)); + } + +int X509_CRL_cmp(a, b) +X509_CRL *a; +X509_CRL *b; + { + return(X509_NAME_cmp(a->crl->issuer,b->crl->issuer)); + } + +X509_NAME *X509_get_issuer_name(a) +X509 *a; + { + return(a->cert_info->issuer); + } + +unsigned long X509_issuer_name_hash(x) +X509 *x; + { + return(X509_NAME_hash(x->cert_info->issuer)); + } + +X509_NAME *X509_get_subject_name(a) +X509 *a; + { + return(a->cert_info->subject); + } + +ASN1_INTEGER *X509_get_serialNumber(a) +X509 *a; + { + return(a->cert_info->serialNumber); + } + +unsigned long X509_subject_name_hash(x) +X509 *x; + { + return(X509_NAME_hash(x->cert_info->subject)); + } + +int X509_NAME_cmp(a, b) +X509_NAME *a; +X509_NAME *b; + { + int i,j; + X509_NAME_ENTRY *na,*nb; + + if (sk_num(a->entries) != sk_num(b->entries)) + return(sk_num(a->entries)-sk_num(b->entries)); + for (i=sk_num(a->entries)-1; i>=0; i--) + { + na=(X509_NAME_ENTRY *)sk_value(a->entries,i); + nb=(X509_NAME_ENTRY *)sk_value(b->entries,i); + j=na->value->length-nb->value->length; + if (j) return(j); + j=memcmp(na->value->data,nb->value->data, + na->value->length); + if (j) return(j); + j=na->set-nb->set; + if (j) return(j); + } + + /* We will check the object types after checking the values + * since the values will more often be different than the object + * types. */ + for (i=sk_num(a->entries)-1; i>=0; i--) + { + na=(X509_NAME_ENTRY *)sk_value(a->entries,i); + nb=(X509_NAME_ENTRY *)sk_value(b->entries,i); + j=OBJ_cmp(na->object,nb->object); + if (j) return(j); + } + return(0); + } + +#ifndef NO_MD5 +/* I now DER encode the name and hash it. Since I cache the DER encoding, + * this is reasonably effiecent. */ +unsigned long X509_NAME_hash(x) +X509_NAME *x; + { + unsigned long ret=0; + unsigned char md[16]; + unsigned char str[256],*p,*pp; + int i; + + i=i2d_X509_NAME(x,NULL); + if (i > sizeof(str)) + p=Malloc(i); + else + p=str; + + pp=p; + i2d_X509_NAME(x,&pp); + MD5((unsigned char *)p,i,&(md[0])); + if (p != str) Free(p); + + ret=( ((unsigned long)md[0] )|((unsigned long)md[1]<<8L)| + ((unsigned long)md[2]<<16L)|((unsigned long)md[3]<<24L) + )&0xffffffffL; + return(ret); + } +#endif + +/* Search a stack of X509 for a match */ +X509 *X509_find_by_issuer_and_serial(sk,name,serial) +STACK *sk; +X509_NAME *name; +ASN1_INTEGER *serial; + { + int i; + X509_CINF cinf; + X509 x,*x509=NULL; + + x.cert_info= &cinf; + cinf.serialNumber=serial; + cinf.issuer=name; + + for (i=0; i +#include +#include +#include "cryptlib.h" +#include "crypto.h" +#include "x509.h" + +#ifndef NO_STDIO +int X509_STORE_set_default_paths(ctx) +X509_STORE *ctx; + { + X509_LOOKUP *lookup; + + lookup=X509_STORE_add_lookup(ctx,X509_LOOKUP_file()); + if (lookup == NULL) return(0); + X509_LOOKUP_load_file(lookup,NULL,X509_FILETYPE_DEFAULT); + + lookup=X509_STORE_add_lookup(ctx,X509_LOOKUP_hash_dir()); + if (lookup == NULL) return(0); + X509_LOOKUP_add_dir(lookup,NULL,X509_FILETYPE_DEFAULT); + + /* clear any errors */ + ERR_clear_error(); + + return(1); + } + +int X509_STORE_load_locations(ctx,file,path) +X509_STORE *ctx; +char *file; +char *path; + { + X509_LOOKUP *lookup; + + if (file != NULL) + { + lookup=X509_STORE_add_lookup(ctx,X509_LOOKUP_file()); + if (lookup == NULL) return(0); + X509_LOOKUP_load_file(lookup,file,X509_FILETYPE_PEM); + } + if (path != NULL) + { + lookup=X509_STORE_add_lookup(ctx,X509_LOOKUP_hash_dir()); + if (lookup == NULL) return(0); + X509_LOOKUP_add_dir(lookup,path,X509_FILETYPE_PEM); + } + if ((path == NULL) && (file == NULL)) + return(0); + return(1); + } + +#endif diff --git a/src/lib/libcrypto/x509/x509_def.c b/src/lib/libcrypto/x509/x509_def.c new file mode 100644 index 0000000000..d9ab39b15a --- /dev/null +++ b/src/lib/libcrypto/x509/x509_def.c @@ -0,0 +1,83 @@ +/* crypto/x509/x509_def.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include +#include +#include +#include "cryptlib.h" +#include "crypto.h" +#include "x509.h" + +char *X509_get_default_private_dir() + { return(X509_PRIVATE_DIR); } + +char *X509_get_default_cert_area() + { return(X509_CERT_AREA); } + +char *X509_get_default_cert_dir() + { return(X509_CERT_DIR); } + +char *X509_get_default_cert_file() + { return(X509_CERT_FILE); } + +char *X509_get_default_cert_dir_env() + { return(X509_CERT_DIR_EVP); } + +char *X509_get_default_cert_file_env() + { return(X509_CERT_FILE_EVP); } + diff --git a/src/lib/libcrypto/x509/x509_err.c b/src/lib/libcrypto/x509/x509_err.c new file mode 100644 index 0000000000..9304721612 --- /dev/null +++ b/src/lib/libcrypto/x509/x509_err.c @@ -0,0 +1,130 @@ +/* lib/x509/x509_err.c */ +/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ +#include +#include "err.h" +#include "x509.h" + +/* BEGIN ERROR CODES */ +#ifndef NO_ERR +static ERR_STRING_DATA X509_str_functs[]= + { +{ERR_PACK(0,X509_F_ADD_CERT_DIR,0), "ADD_CERT_DIR"}, +{ERR_PACK(0,X509_F_BY_FILE_CTRL,0), "BY_FILE_CTRL"}, +{ERR_PACK(0,X509_F_DIR_CTRL,0), "DIR_CTRL"}, +{ERR_PACK(0,X509_F_GET_CERT_BY_SUBJECT,0), "GET_CERT_BY_SUBJECT"}, +{ERR_PACK(0,X509_F_X509V3_ADD_EXT,0), "X509v3_add_ext"}, +{ERR_PACK(0,X509_F_X509V3_ADD_EXTENSION,0), "X509V3_ADD_EXTENSION"}, +{ERR_PACK(0,X509_F_X509V3_PACK_STRING,0), "X509v3_pack_string"}, +{ERR_PACK(0,X509_F_X509V3_UNPACK_STRING,0), "X509v3_unpack_string"}, +{ERR_PACK(0,X509_F_X509_EXTENSION_CREATE_BY_NID,0), "X509_EXTENSION_create_by_NID"}, +{ERR_PACK(0,X509_F_X509_EXTENSION_CREATE_BY_OBJ,0), "X509_EXTENSION_create_by_OBJ"}, +{ERR_PACK(0,X509_F_X509_GET_PUBKEY_PARAMETERS,0), "X509_get_pubkey_parameters"}, +{ERR_PACK(0,X509_F_X509_LOAD_CERT_FILE,0), "X509_LOAD_CERT_FILE"}, +{ERR_PACK(0,X509_F_X509_LOAD_CRL_FILE,0), "X509_LOAD_CRL_FILE"}, +{ERR_PACK(0,X509_F_X509_NAME_ADD_ENTRY,0), "X509_NAME_add_entry"}, +{ERR_PACK(0,X509_F_X509_NAME_ENTRY_CREATE_BY_NID,0), "X509_NAME_ENTRY_create_by_NID"}, +{ERR_PACK(0,X509_F_X509_NAME_ENTRY_SET_OBJECT,0), "X509_NAME_ENTRY_set_object"}, +{ERR_PACK(0,X509_F_X509_NAME_ONELINE,0), "X509_NAME_oneline"}, +{ERR_PACK(0,X509_F_X509_NAME_PRINT,0), "X509_NAME_print"}, +{ERR_PACK(0,X509_F_X509_PRINT_FP,0), "X509_print_fp"}, +{ERR_PACK(0,X509_F_X509_PUBKEY_GET,0), "X509_PUBKEY_get"}, +{ERR_PACK(0,X509_F_X509_PUBKEY_SET,0), "X509_PUBKEY_set"}, +{ERR_PACK(0,X509_F_X509_REQ_PRINT,0), "X509_REQ_print"}, +{ERR_PACK(0,X509_F_X509_REQ_PRINT_FP,0), "X509_REQ_print_fp"}, +{ERR_PACK(0,X509_F_X509_REQ_TO_X509,0), "X509_REQ_to_X509"}, +{ERR_PACK(0,X509_F_X509_STORE_ADD_CERT,0), "X509_STORE_ADD_CERT"}, +{ERR_PACK(0,X509_F_X509_STORE_ADD_CRL,0), "X509_STORE_ADD_CRL"}, +{ERR_PACK(0,X509_F_X509_TO_X509_REQ,0), "X509_to_X509_REQ"}, +{ERR_PACK(0,X509_F_X509_VERIFY_CERT,0), "X509_verify_cert"}, +{0,NULL}, + }; + +static ERR_STRING_DATA X509_str_reasons[]= + { +{X509_R_BAD_X509_FILETYPE ,"bad x509 filetype"}, +{X509_R_CERT_ALREADY_IN_HASH_TABLE ,"cert already in hash table"}, +{X509_R_ERR_ASN1_LIB ,"err asn1 lib"}, +{X509_R_LOADING_CERT_DIR ,"loading cert dir"}, +{X509_R_LOADING_DEFAULTS ,"loading defaults"}, +{X509_R_NO_CERT_SET_FOR_US_TO_VERIFY ,"no cert set for us to verify"}, +{X509_R_SHOULD_RETRY ,"should retry"}, +{X509_R_UNABLE_TO_FIND_PARAMETERS_IN_CHAIN,"unable to find parameters in chain"}, +{X509_R_UNABLE_TO_GET_CERTS_PUBLIC_KEY ,"unable to get certs public key"}, +{X509_R_UNKNOWN_NID ,"unknown nid"}, +{X509_R_UNKNOWN_STRING_TYPE ,"unknown string type"}, +{X509_R_UNSUPPORTED_ALGORITHM ,"unsupported algorithm"}, +{X509_R_WRONG_LOOKUP_TYPE ,"wrong lookup type"}, +{0,NULL}, + }; + +#endif + +void ERR_load_X509_strings() + { + static int init=1; + + if (init); + {; + init=0; +#ifndef NO_ERR + ERR_load_strings(ERR_LIB_X509,X509_str_functs); + ERR_load_strings(ERR_LIB_X509,X509_str_reasons); +#endif + + } + } diff --git a/src/lib/libcrypto/x509/x509_ext.c b/src/lib/libcrypto/x509/x509_ext.c new file mode 100644 index 0000000000..1d76ecfcfd --- /dev/null +++ b/src/lib/libcrypto/x509/x509_ext.c @@ -0,0 +1,222 @@ +/* crypto/x509/x509_ext.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include +#include "stack.h" +#include "cryptlib.h" +#include "asn1.h" +#include "objects.h" +#include "evp.h" +#include "x509.h" + +int X509_CRL_get_ext_count(x) +X509_CRL *x; + { + return(X509v3_get_ext_count(x->crl->extensions)); + } + +int X509_CRL_get_ext_by_NID(x,nid,lastpos) +X509_CRL *x; +int nid; +int lastpos; + { + return(X509v3_get_ext_by_NID(x->crl->extensions,nid,lastpos)); + } + +int X509_CRL_get_ext_by_OBJ(x,obj,lastpos) +X509_CRL *x; +ASN1_OBJECT *obj; +int lastpos; + { + return(X509v3_get_ext_by_OBJ(x->crl->extensions,obj,lastpos)); + } + +int X509_CRL_get_ext_by_critical(x,crit,lastpos) +X509_CRL *x; +int crit; +int lastpos; + { + return(X509v3_get_ext_by_critical(x->crl->extensions,crit,lastpos)); + } + +X509_EXTENSION *X509_CRL_get_ext(x,loc) +X509_CRL *x; +int loc; + { + return(X509v3_get_ext(x->crl->extensions,loc)); + } + +X509_EXTENSION *X509_CRL_delete_ext(x,loc) +X509_CRL *x; +int loc; + { + return(X509v3_delete_ext(x->crl->extensions,loc)); + } + +int X509_CRL_add_ext(x,ex,loc) +X509_CRL *x; +X509_EXTENSION *ex; +int loc; + { + return(X509v3_add_ext(&(x->crl->extensions),ex,loc) != NULL); + } + +int X509_get_ext_count(x) +X509 *x; + { + return(X509v3_get_ext_count(x->cert_info->extensions)); + } + +int X509_get_ext_by_NID(x,nid,lastpos) +X509 *x; +int nid; +int lastpos; + { + return(X509v3_get_ext_by_NID(x->cert_info->extensions,nid,lastpos)); + } + +int X509_get_ext_by_OBJ(x,obj,lastpos) +X509 *x; +ASN1_OBJECT *obj; +int lastpos; + { + return(X509v3_get_ext_by_OBJ(x->cert_info->extensions,obj,lastpos)); + } + +int X509_get_ext_by_critical(x,crit,lastpos) +X509 *x; +int crit; +int lastpos; + { + return(X509v3_get_ext_by_critical(x->cert_info->extensions,crit,lastpos)); + } + +X509_EXTENSION *X509_get_ext(x,loc) +X509 *x; +int loc; + { + return(X509v3_get_ext(x->cert_info->extensions,loc)); + } + +X509_EXTENSION *X509_delete_ext(x,loc) +X509 *x; +int loc; + { + return(X509v3_delete_ext(x->cert_info->extensions,loc)); + } + +int X509_add_ext(x,ex,loc) +X509 *x; +X509_EXTENSION *ex; +int loc; + { + return(X509v3_add_ext(&(x->cert_info->extensions),ex,loc) != NULL); + } + +int X509_REVOKED_get_ext_count(x) +X509_REVOKED *x; + { + return(X509v3_get_ext_count(x->extensions)); + } + +int X509_REVOKED_get_ext_by_NID(x,nid,lastpos) +X509_REVOKED *x; +int nid; +int lastpos; + { + return(X509v3_get_ext_by_NID(x->extensions,nid,lastpos)); + } + +int X509_REVOKED_get_ext_by_OBJ(x,obj,lastpos) +X509_REVOKED *x; +ASN1_OBJECT *obj; +int lastpos; + { + return(X509v3_get_ext_by_OBJ(x->extensions,obj,lastpos)); + } + +int X509_REVOKED_get_ext_by_critical(x,crit,lastpos) +X509_REVOKED *x; +int crit; +int lastpos; + { + return(X509v3_get_ext_by_critical(x->extensions,crit,lastpos)); + } + +X509_EXTENSION *X509_REVOKED_get_ext(x,loc) +X509_REVOKED *x; +int loc; + { + return(X509v3_get_ext(x->extensions,loc)); + } + +X509_EXTENSION *X509_REVOKED_delete_ext(x,loc) +X509_REVOKED *x; +int loc; + { + return(X509v3_delete_ext(x->extensions,loc)); + } + +int X509_REVOKED_add_ext(x,ex,loc) +X509_REVOKED *x; +X509_EXTENSION *ex; +int loc; + { + return(X509v3_add_ext(&(x->extensions),ex,loc) != NULL); + } + diff --git a/src/lib/libcrypto/x509/x509_lu.c b/src/lib/libcrypto/x509/x509_lu.c new file mode 100644 index 0000000000..2c7e10a46e --- /dev/null +++ b/src/lib/libcrypto/x509/x509_lu.c @@ -0,0 +1,446 @@ +/* crypto/x509/x509_lu.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include +#include "cryptlib.h" +#include "lhash.h" +#include "x509.h" + +static STACK *x509_store_meth=NULL; +static STACK *x509_store_ctx_meth=NULL; + +X509_LOOKUP *X509_LOOKUP_new(method) +X509_LOOKUP_METHOD *method; + { + X509_LOOKUP *ret; + + ret=(X509_LOOKUP *)Malloc(sizeof(X509_LOOKUP)); + if (ret == NULL) return(NULL); + + ret->init=0; + ret->skip=0; + ret->method=method; + ret->method_data=NULL; + ret->store_ctx=NULL; + if ((method->new_item != NULL) && !method->new_item(ret)) + { + Free(ret); + return(NULL); + } + return(ret); + } + +void X509_LOOKUP_free(ctx) +X509_LOOKUP *ctx; + { + if (ctx == NULL) return; + if ( (ctx->method != NULL) && + (ctx->method->free != NULL)) + ctx->method->free(ctx); + Free(ctx); + } + +int X509_LOOKUP_init(ctx) +X509_LOOKUP *ctx; + { + if (ctx->method == NULL) return(0); + if (ctx->method->init != NULL) + return(ctx->method->init(ctx)); + else + return(1); + } + +int X509_LOOKUP_shutdown(ctx) +X509_LOOKUP *ctx; + { + if (ctx->method == NULL) return(0); + if (ctx->method->init != NULL) + return(ctx->method->shutdown(ctx)); + else + return(1); + } + +int X509_LOOKUP_ctrl(ctx,cmd,argc,argl,ret) +X509_LOOKUP *ctx; +int cmd; +char *argc; +long argl; +char **ret; + { + if (ctx->method == NULL) return(-1); + if (ctx->method->ctrl != NULL) + return(ctx->method->ctrl(ctx,cmd,argc,argl,ret)); + else + return(1); + } + +int X509_LOOKUP_by_subject(ctx,type,name,ret) +X509_LOOKUP *ctx; +int type; +X509_NAME *name; +X509_OBJECT *ret; + { + if ((ctx->method == NULL) || (ctx->method->get_by_subject == NULL)) + return(X509_LU_FAIL); + if (ctx->skip) return(0); + return(ctx->method->get_by_subject(ctx,type,name,ret)); + } + +int X509_LOOKUP_by_issuer_serial(ctx,type,name,serial,ret) +X509_LOOKUP *ctx; +int type; +X509_NAME *name; +ASN1_INTEGER *serial; +X509_OBJECT *ret; + { + if ((ctx->method == NULL) || + (ctx->method->get_by_issuer_serial == NULL)) + return(X509_LU_FAIL); + return(ctx->method->get_by_issuer_serial(ctx,type,name,serial,ret)); + } + +int X509_LOOKUP_by_fingerprint(ctx,type,bytes,len,ret) +X509_LOOKUP *ctx; +int type; +unsigned char *bytes; +int len; +X509_OBJECT *ret; + { + if ((ctx->method == NULL) || (ctx->method->get_by_fingerprint == NULL)) + return(X509_LU_FAIL); + return(ctx->method->get_by_fingerprint(ctx,type,bytes,len,ret)); + } + +int X509_LOOKUP_by_alias(ctx,type,str,len,ret) +X509_LOOKUP *ctx; +int type; +char *str; +int len; +X509_OBJECT *ret; + { + if ((ctx->method == NULL) || (ctx->method->get_by_alias == NULL)) + return(X509_LU_FAIL); + return(ctx->method->get_by_alias(ctx,str,len,ret)); + } + +static unsigned long x509_object_hash(a) +X509_OBJECT *a; + { + unsigned long h; + + switch (a->type) + { + case X509_LU_X509: + h=X509_NAME_hash(a->data.x509->cert_info->subject); + break; + case X509_LU_CRL: + h=X509_NAME_hash(a->data.crl->crl->issuer); + break; + default: + abort(); + } + return(h); + } + +static int x509_object_cmp(a,b) +X509_OBJECT *a,*b; + { + int ret; + + ret=(a->type - b->type); + if (ret) return(ret); + switch (a->type) + { + case X509_LU_X509: + ret=X509_subject_name_cmp(a->data.x509,b->data.x509); + break; + case X509_LU_CRL: + ret=X509_CRL_cmp(a->data.crl,b->data.crl); + break; + default: + abort(); + } + return(ret); + } + +X509_STORE *X509_STORE_new() + { + X509_STORE *ret; + + if ((ret=(X509_STORE *)Malloc(sizeof(X509_STORE))) == NULL) + return(NULL); + ret->certs=lh_new(x509_object_hash,x509_object_cmp); + ret->cache=1; + ret->get_cert_methods=sk_new_null(); + ret->verify=NULL; + ret->verify_cb=NULL; + memset(&ret->ex_data,0,sizeof(CRYPTO_EX_DATA)); + ret->references=1; + return(ret); + } + +static void cleanup(a) +X509_OBJECT *a; + { + if (a->type == X509_LU_X509) + { + X509_free(a->data.x509); + } + else if (a->type == X509_LU_CRL) + { + X509_CRL_free(a->data.crl); + } + else + abort(); + + Free(a); + } + +void X509_STORE_free(vfy) +X509_STORE *vfy; + { + int i; + STACK *sk; + X509_LOOKUP *lu; + + sk=vfy->get_cert_methods; + for (i=0; iex_data); + lh_doall(vfy->certs,cleanup); + lh_free(vfy->certs); + Free(vfy); + } + +X509_LOOKUP *X509_STORE_add_lookup(v,m) +X509_STORE *v; +X509_LOOKUP_METHOD *m; + { + int i; + STACK *sk; + X509_LOOKUP *lu; + + sk=v->get_cert_methods; + for (i=0; imethod) + { + return(lu); + } + } + /* a new one */ + lu=X509_LOOKUP_new(m); + if (lu == NULL) + return(NULL); + else + { + lu->store_ctx=v; + if (sk_push(v->get_cert_methods,(char *)lu)) + return(lu); + else + { + X509_LOOKUP_free(lu); + return(NULL); + } + } + } + +int X509_STORE_get_by_subject(vs,type,name,ret) +X509_STORE_CTX *vs; +int type; +X509_NAME *name; +X509_OBJECT *ret; + { + X509_STORE *ctx=vs->ctx; + X509_LOOKUP *lu; + X509_OBJECT stmp,*tmp; + int i,j; + + tmp=X509_OBJECT_retrive_by_subject(ctx->certs,type,name); + + if (tmp == NULL) + { + for (i=vs->current_method; iget_cert_methods); i++) + { + lu=(X509_LOOKUP *)sk_value(ctx->get_cert_methods,i); + j=X509_LOOKUP_by_subject(lu,type,name,&stmp); + if (j < 0) + { + vs->current_method=j; + return(j); + } + else if (j) + { + tmp= &stmp; + break; + } + } + vs->current_method=0; + if (tmp == NULL) + return(0); + } + +/* if (ret->data.ptr != NULL) + X509_OBJECT_free_contents(ret); */ + + ret->type=tmp->type; + ret->data.ptr=tmp->data.ptr; + + X509_OBJECT_up_ref_count(ret); + + return(1); + } + +void X509_OBJECT_up_ref_count(a) +X509_OBJECT *a; + { + switch (a->type) + { + case X509_LU_X509: + CRYPTO_add(&a->data.x509->references,1,CRYPTO_LOCK_X509); + break; + case X509_LU_CRL: + CRYPTO_add(&a->data.crl->references,1,CRYPTO_LOCK_X509_CRL); + break; + } + } + +void X509_OBJECT_free_contents(a) +X509_OBJECT *a; + { + switch (a->type) + { + case X509_LU_X509: + X509_free(a->data.x509); + break; + case X509_LU_CRL: + X509_CRL_free(a->data.crl); + break; + } + } + +X509_OBJECT *X509_OBJECT_retrive_by_subject(h,type,name) +LHASH *h; +int type; +X509_NAME *name; + { + X509_OBJECT stmp,*tmp; + X509 x509_s; + X509_CINF cinf_s; + X509_CRL crl_s; + X509_CRL_INFO crl_info_s; + + stmp.type=type; + switch (type) + { + case X509_LU_X509: + stmp.data.x509= &x509_s; + x509_s.cert_info= &cinf_s; + cinf_s.subject=name; + break; + case X509_LU_CRL: + stmp.data.crl= &crl_s; + crl_s.crl= &crl_info_s; + crl_info_s.issuer=name; + break; + default: + abort(); + } + + tmp=(X509_OBJECT *)lh_retrieve(h,(char *)&stmp); + return(tmp); + } + +void X509_STORE_CTX_init(ctx,store,x509,chain) +X509_STORE_CTX *ctx; +X509_STORE *store; +X509 *x509; +STACK *chain; + { + ctx->ctx=store; + ctx->current_method=0; + ctx->cert=x509; + ctx->untrusted=chain; + ctx->last_untrusted=0; + ctx->valid=0; + ctx->chain=NULL; + ctx->depth=10; + ctx->error=0; + ctx->current_cert=NULL; + memset(&(ctx->ex_data),0,sizeof(CRYPTO_EX_DATA)); + } + +void X509_STORE_CTX_cleanup(ctx) +X509_STORE_CTX *ctx; + { + if (ctx->chain != NULL) + { + sk_pop_free(ctx->chain,X509_free); + ctx->chain=NULL; + } + CRYPTO_free_ex_data(x509_store_ctx_meth,(char *)ctx,&(ctx->ex_data)); + memset(&ctx->ex_data,0,sizeof(CRYPTO_EX_DATA)); + } + diff --git a/src/lib/libcrypto/x509/x509_obj.c b/src/lib/libcrypto/x509/x509_obj.c new file mode 100644 index 0000000000..c0576fd6f6 --- /dev/null +++ b/src/lib/libcrypto/x509/x509_obj.c @@ -0,0 +1,179 @@ +/* crypto/x509/x509_obj.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include +#include "cryptlib.h" +#include "lhash.h" +#include "objects.h" +#include "x509.h" +#include "buffer.h" + +char *X509_NAME_oneline(a,buf,len) +X509_NAME *a; +char *buf; +int len; + { + X509_NAME_ENTRY *ne; + unsigned int i; + int n,lold,l,l1,l2,num,j,type; + char *s,*p; + unsigned char *q; + BUF_MEM *b=NULL; + static char hex[17]="0123456789ABCDEF"; + int gs_doit[4]; + char tmp_buf[80]; + + if (a == NULL) return("NO X509_NAME"); + if (buf == NULL) + { + if ((b=BUF_MEM_new()) == NULL) goto err; + if (!BUF_MEM_grow(b,200)) goto err; + b->data[0]='\0'; + len=200; + } + + len--; /* space for '\0' */ + l=0; + for (i=0; (int)ientries); i++) + { + ne=(X509_NAME_ENTRY *)sk_value(a->entries,i); + n=OBJ_obj2nid(ne->object); + if ((n == NID_undef) || ((s=OBJ_nid2sn(n)) == NULL)) + { + i2t_ASN1_OBJECT(tmp_buf,sizeof(tmp_buf),ne->object); + s=tmp_buf; + } + l1=strlen(s); + + type=ne->value->type; + num=ne->value->length; + q=ne->value->data; + + if ((type == V_ASN1_GENERALSTRING) && ((num%4) == 0)) + { + gs_doit[0]=gs_doit[1]=gs_doit[2]=gs_doit[3]=0; + for (j=0; j '~')) l2+=3; + } + + lold=l; + l+=1+l1+1+l2; + if (b != NULL) + { + if (!BUF_MEM_grow(b,l+1)) goto err; + p= &(b->data[lold]); + } + else if (l > len) + { + break; + } + else + p= &(buf[lold]); + *(p++)='/'; + memcpy(p,s,(unsigned int)l1); p+=l1; + *(p++)='='; + + q=ne->value->data; + + for (j=0; j '~')) + { + *(p++)='\\'; + *(p++)='x'; + *(p++)=hex[(n>>4)&0x0f]; + *(p++)=hex[n&0x0f]; + } + else + *(p++)=n; + } + *p='\0'; + } + if (b != NULL) + { + p=b->data; + Free((char *)b); + } + else + p=buf; + return(p); +err: + X509err(X509_F_X509_NAME_ONELINE,ERR_R_MALLOC_FAILURE); + if (b != NULL) BUF_MEM_free(b); + return(NULL); + } + diff --git a/src/lib/libcrypto/x509/x509_r2x.c b/src/lib/libcrypto/x509/x509_r2x.c new file mode 100644 index 0000000000..6aec2427f7 --- /dev/null +++ b/src/lib/libcrypto/x509/x509_r2x.c @@ -0,0 +1,122 @@ +/* crypto/x509/x509_r2x.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include +#include "cryptlib.h" +#include "bn.h" +#include "evp.h" +#include "asn1.h" +#include "x509.h" +#include "objects.h" +#include "buffer.h" +#include "pem.h" + +X509 *X509_REQ_to_X509(r,days,pkey) +X509_REQ *r; +int days; +EVP_PKEY *pkey; + { + X509 *ret=NULL; + int er=1; + X509_REQ_INFO *ri=NULL; + X509_CINF *xi=NULL; + X509_NAME *xn; + + if ((ret=X509_new()) == NULL) + { + X509err(X509_F_X509_REQ_TO_X509,ERR_R_MALLOC_FAILURE); + goto err; + } + + /* duplicate the request */ + ri=(X509_REQ_INFO *)ASN1_dup(i2d_X509_REQ_INFO, + (char *(*)())d2i_X509_REQ_INFO,(char *)r->req_info); + if (ri == NULL) goto err; + + xi=ret->cert_info; + + if (sk_num(ri->attributes) != 0) + { + if ((xi->version=ASN1_INTEGER_new()) == NULL) goto err; + if (!ASN1_INTEGER_set(xi->version,2)) goto err; +/* xi->extensions=ri->attributes; <- bad, should not ever be done + ri->attributes=NULL; */ + } + + xn=X509_REQ_get_subject_name(r); + X509_set_subject_name(ret,X509_NAME_dup(xn)); + X509_set_issuer_name(ret,X509_NAME_dup(xn)); + + X509_gmtime_adj(xi->validity->notBefore,0); + X509_gmtime_adj(xi->validity->notAfter,(long)60*60*24*days); + + X509_set_pubkey(ret,X509_REQ_get_pubkey(r)); + + if (!X509_sign(ret,pkey,EVP_md5())) + goto err; + er=0; +err: + if (er) + { + X509_free(ret); + X509_REQ_INFO_free(ri); + return(NULL); + } + return(ret); + } + diff --git a/src/lib/libcrypto/x509/x509_req.c b/src/lib/libcrypto/x509/x509_req.c new file mode 100644 index 0000000000..5004365bad --- /dev/null +++ b/src/lib/libcrypto/x509/x509_req.c @@ -0,0 +1,116 @@ +/* crypto/x509/x509_req.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include +#include "cryptlib.h" +#include "bn.h" +#include "evp.h" +#include "asn1.h" +#include "x509.h" +#include "objects.h" +#include "buffer.h" +#include "pem.h" + +X509_REQ *X509_to_X509_REQ(x,pkey,md) +X509 *x; +EVP_PKEY *pkey; +EVP_MD *md; + { + X509_REQ *ret; + X509_REQ_INFO *ri; + int i; + + ret=X509_REQ_new(); + if (ret == NULL) + { + X509err(X509_F_X509_TO_X509_REQ,ERR_R_MALLOC_FAILURE); + goto err; + } + + ri=ret->req_info; + + ri->version->length=1; + ri->version->data=(unsigned char *)Malloc(1); + if (ri->version->data == NULL) goto err; + ri->version->data[0]=0; /* version == 0 */ + + if (!X509_REQ_set_subject_name(ret,X509_get_subject_name(x))) + goto err; + + i=X509_REQ_set_pubkey(ret,X509_get_pubkey(x)); + if (!i) goto err; + + if (pkey != NULL) + { + if (!X509_REQ_sign(ret,pkey,md)) + goto err; + } + return(ret); +err: + X509_REQ_free(ret); + return(NULL); + } + +EVP_PKEY *X509_REQ_get_pubkey(req) +X509_REQ *req; + { + if ((req == NULL) || (req->req_info == NULL)) + return(NULL); + return(X509_PUBKEY_get(req->req_info->pubkey)); + } + diff --git a/src/lib/libcrypto/x509/x509_set.c b/src/lib/libcrypto/x509/x509_set.c new file mode 100644 index 0000000000..5d0a3a0c0e --- /dev/null +++ b/src/lib/libcrypto/x509/x509_set.c @@ -0,0 +1,164 @@ +/* crypto/x509/x509_set.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include +#include "cryptlib.h" +#include "asn1.h" +#include "objects.h" +#include "evp.h" +#include "x509.h" + +int X509_set_version(x,version) +X509 *x; +long version; + { + if (x == NULL) return(0); + if (x->cert_info->version == NULL) + { + if ((x->cert_info->version=ASN1_INTEGER_new()) == NULL) + return(0); + } + return(ASN1_INTEGER_set(x->cert_info->version,version)); + } + +int X509_set_serialNumber(x,serial) +X509 *x; +ASN1_INTEGER *serial; + { + ASN1_INTEGER *in; + + if (x == NULL) return(0); + in=x->cert_info->serialNumber; + if (in != serial) + { + in=ASN1_INTEGER_dup(serial); + if (in != NULL) + { + ASN1_INTEGER_free(x->cert_info->serialNumber); + x->cert_info->serialNumber=in; + } + } + return(in != NULL); + } + +int X509_set_issuer_name(x,name) +X509 *x; +X509_NAME *name; + { + if ((x == NULL) || (x->cert_info == NULL)) return(0); + return(X509_NAME_set(&x->cert_info->issuer,name)); + } + +int X509_set_subject_name(x,name) +X509 *x; +X509_NAME *name; + { + if ((x == NULL) || (x->cert_info == NULL)) return(0); + return(X509_NAME_set(&x->cert_info->subject,name)); + } + +int X509_set_notBefore(x,tm) +X509 *x; +ASN1_UTCTIME *tm; + { + ASN1_UTCTIME *in; + + if ((x == NULL) || (x->cert_info->validity == NULL)) return(0); + in=x->cert_info->validity->notBefore; + if (in != tm) + { + in=ASN1_UTCTIME_dup(tm); + if (in != NULL) + { + ASN1_UTCTIME_free(x->cert_info->validity->notBefore); + x->cert_info->validity->notBefore=in; + } + } + return(in != NULL); + } + +int X509_set_notAfter(x,tm) +X509 *x; +ASN1_UTCTIME *tm; + { + ASN1_UTCTIME *in; + + if ((x == NULL) || (x->cert_info->validity == NULL)) return(0); + in=x->cert_info->validity->notAfter; + if (in != tm) + { + in=ASN1_UTCTIME_dup(tm); + if (in != NULL) + { + ASN1_UTCTIME_free(x->cert_info->validity->notAfter); + x->cert_info->validity->notAfter=in; + } + } + return(in != NULL); + } + +int X509_set_pubkey(x,pkey) +X509 *x; +EVP_PKEY *pkey; + { + if ((x == NULL) || (x->cert_info == NULL)) return(0); + return(X509_PUBKEY_set(&(x->cert_info->key),pkey)); + } + + + diff --git a/src/lib/libcrypto/x509/x509_txt.c b/src/lib/libcrypto/x509/x509_txt.c new file mode 100644 index 0000000000..408d1c277c --- /dev/null +++ b/src/lib/libcrypto/x509/x509_txt.c @@ -0,0 +1,132 @@ +/* crypto/x509/x509_txt.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include +#include +#include +#include + +#include "cryptlib.h" +#include "lhash.h" +#include "buffer.h" +#include "evp.h" +#include "asn1.h" +#include "x509.h" +#include "objects.h" +#include "pem.h" + +char *X509_verify_cert_error_string(n) +long n; + { + static char buf[100]; + + switch ((int)n) + { + case X509_V_OK: + return("ok"); + case X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT: + return("unable to get issuer certificate"); + case X509_V_ERR_UNABLE_TO_GET_CRL: + return("unable to get certificate CRL"); + case X509_V_ERR_UNABLE_TO_DECRYPT_CERT_SIGNATURE: + return("unable to decrypt certificate's signature"); + case X509_V_ERR_UNABLE_TO_DECRYPT_CRL_SIGNATURE: + return("unable to decrypt CRL's's signature"); + case X509_V_ERR_UNABLE_TO_DECODE_ISSUER_PUBLIC_KEY: + return("unable to decode issuer public key"); + case X509_V_ERR_CERT_SIGNATURE_FAILURE: + return("certificate signature failure"); + case X509_V_ERR_CRL_SIGNATURE_FAILURE: + return("CRL signature failure"); + case X509_V_ERR_CERT_NOT_YET_VALID: + return("certificate is not yet valid"); + case X509_V_ERR_CRL_NOT_YET_VALID: + return("CRL is not yet valid"); + case X509_V_ERR_CERT_HAS_EXPIRED: + return("Certificate has expired"); + case X509_V_ERR_CRL_HAS_EXPIRED: + return("CRL has expired"); + case X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD: + return("format error in certificate's notBefore field"); + case X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD: + return("format error in certificate's notAfter field"); + case X509_V_ERR_ERROR_IN_CRL_LAST_UPDATE_FIELD: + return("format error in CRL's lastUpdate field"); + case X509_V_ERR_ERROR_IN_CRL_NEXT_UPDATE_FIELD: + return("format error in CRL's nextUpdate field"); + case X509_V_ERR_OUT_OF_MEM: + return("out of memory"); + case X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT: + return("self signed certificate"); + case X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN: + return("self signed certificate in certificate chain"); + case X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY: + return("unable to get local issuer certificate"); + case X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE: + return("unable to verify the first certificate"); + case X509_V_ERR_CERT_CHAIN_TOO_LONG: + return("certificate chain too long"); + case X509_V_ERR_APPLICATION_VERIFICATION: + return("application verification failure"); + default: + sprintf(buf,"error number %ld",n); + return(buf); + } + } + + diff --git a/src/lib/libcrypto/x509/x509_v3.c b/src/lib/libcrypto/x509/x509_v3.c new file mode 100644 index 0000000000..1c03602f0b --- /dev/null +++ b/src/lib/libcrypto/x509/x509_v3.c @@ -0,0 +1,409 @@ +/* crypto/x509/x509_v3.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include +#include "stack.h" +#include "cryptlib.h" +#include "asn1.h" +#include "objects.h" +#include "evp.h" +#include "x509.h" + +#ifndef NOPROTO +static X509_EXTENSION_METHOD *find_by_nid(int nid); +static int xem_cmp(X509_EXTENSION_METHOD **a, X509_EXTENSION_METHOD **b); +#else +static X509_EXTENSION_METHOD *find_by_nid(); +static int xem_cmp(); +#endif + +static STACK *extensions=NULL; + +int X509v3_get_ext_count(x) +STACK *x; + { + if (x == NULL) return(0); + return(sk_num(x)); + } + +int X509v3_get_ext_by_NID(x,nid,lastpos) +STACK *x; +int nid; +int lastpos; + { + ASN1_OBJECT *obj; + + obj=OBJ_nid2obj(nid); + if (obj == NULL) return(-2); + return(X509v3_get_ext_by_OBJ(x,obj,lastpos)); + } + +int X509v3_get_ext_by_OBJ(sk,obj,lastpos) +STACK *sk; +ASN1_OBJECT *obj; +int lastpos; + { + int n; + X509_EXTENSION *ex; + + if (sk == NULL) return(-1); + lastpos++; + if (lastpos < 0) + lastpos=0; + n=sk_num(sk); + for ( ; lastpos < n; lastpos++) + { + ex=(X509_EXTENSION *)sk_value(sk,lastpos); + if (OBJ_cmp(ex->object,obj) == 0) + return(lastpos); + } + return(-1); + } + +int X509v3_get_ext_by_critical(sk,crit,lastpos) +STACK *sk; +int crit; +int lastpos; + { + int n; + X509_EXTENSION *ex; + + if (sk == NULL) return(-1); + lastpos++; + if (lastpos < 0) + lastpos=0; + n=sk_num(sk); + for ( ; lastpos < n; lastpos++) + { + ex=(X509_EXTENSION *)sk_value(sk,lastpos); + if ( (ex->critical && crit) || + (!ex->critical && !crit)) + return(lastpos); + } + return(-1); + } + +X509_EXTENSION *X509v3_get_ext(x,loc) +STACK *x; +int loc; + { + if ((x == NULL) || (sk_num(x) <= loc) || (loc < 0)) + return(NULL); + else + return((X509_EXTENSION *)sk_value(x,loc)); + } + +X509_EXTENSION *X509v3_delete_ext(x,loc) +STACK *x; +int loc; + { + X509_EXTENSION *ret; + + if ((x == NULL) || (sk_num(x) <= loc) || (loc < 0)) + return(NULL); + ret=(X509_EXTENSION *)sk_delete(x,loc); + return(ret); + } + +STACK *X509v3_add_ext(x,ex,loc) +STACK **x; +X509_EXTENSION *ex; +int loc; + { + X509_EXTENSION *new_ex=NULL; + int n; + STACK *sk=NULL; + + if ((x != NULL) && (*x == NULL)) + { + if ((sk=sk_new_null()) == NULL) + goto err; + } + else + sk= *x; + + n=sk_num(sk); + if (loc > n) loc=n; + else if (loc < 0) loc=n; + + if ((new_ex=X509_EXTENSION_dup(ex)) == NULL) + goto err2; + if (!sk_insert(sk,(char *)new_ex,loc)) + goto err; + if ((x != NULL) && (*x == NULL)) + *x=sk; + return(sk); +err: + X509err(X509_F_X509V3_ADD_EXT,ERR_R_MALLOC_FAILURE); +err2: + if (new_ex != NULL) X509_EXTENSION_free(new_ex); + if (sk != NULL) sk_free(sk); + return(NULL); + } + +X509_EXTENSION *X509_EXTENSION_create_by_NID(ex,nid,crit,data) +X509_EXTENSION **ex; +int nid; +int crit; +ASN1_OCTET_STRING *data; + { + ASN1_OBJECT *obj; + X509_EXTENSION *ret; + + obj=OBJ_nid2obj(nid); + if (obj == NULL) + { + X509err(X509_F_X509_EXTENSION_CREATE_BY_NID,X509_R_UNKNOWN_NID); + return(NULL); + } + ret=X509_EXTENSION_create_by_OBJ(ex,obj,crit,data); + if (ret == NULL) ASN1_OBJECT_free(obj); + return(ret); + } + +X509_EXTENSION *X509_EXTENSION_create_by_OBJ(ex,obj,crit,data) +X509_EXTENSION **ex; +ASN1_OBJECT *obj; +int crit; +ASN1_OCTET_STRING *data; + { + X509_EXTENSION *ret; + + if ((ex == NULL) || (*ex == NULL)) + { + if ((ret=X509_EXTENSION_new()) == NULL) + { + X509err(X509_F_X509_EXTENSION_CREATE_BY_OBJ,ERR_R_MALLOC_FAILURE); + return(NULL); + } + } + else + ret= *ex; + + if (!X509_EXTENSION_set_object(ret,obj)) + goto err; + if (!X509_EXTENSION_set_critical(ret,crit)) + goto err; + if (!X509_EXTENSION_set_data(ret,data)) + goto err; + + if ((ex != NULL) && (*ex == NULL)) *ex=ret; + return(ret); +err: + if ((ex == NULL) || (ret != *ex)) + X509_EXTENSION_free(ret); + return(NULL); + } + +int X509_EXTENSION_set_object(ex,obj) +X509_EXTENSION *ex; +ASN1_OBJECT *obj; + { + if ((ex == NULL) || (obj == NULL)) + return(0); + ASN1_OBJECT_free(ex->object); + ex->object=OBJ_dup(obj); + return(1); + } + +int X509_EXTENSION_set_critical(ex,crit) +X509_EXTENSION *ex; +int crit; + { + if (ex == NULL) return(0); + ex->critical=(crit)?0xFF:0; + return(1); + } + +int X509_EXTENSION_set_data(ex,data) +X509_EXTENSION *ex; +ASN1_OCTET_STRING *data; + { + int i; + + if (ex == NULL) return(0); + i=ASN1_OCTET_STRING_set(ex->value,data->data,data->length); + if (!i) return(0); + return(1); + } + +ASN1_OBJECT *X509_EXTENSION_get_object(ex) +X509_EXTENSION *ex; + { + if (ex == NULL) return(NULL); + return(ex->object); + } + +ASN1_OCTET_STRING *X509_EXTENSION_get_data(ex) +X509_EXTENSION *ex; + { + if (ex == NULL) return(NULL); + return(ex->value); + } + +int X509_EXTENSION_get_critical(ex) +X509_EXTENSION *ex; + { + if (ex == NULL) return(0); + return(ex->critical); + } + +int X509v3_data_type_by_OBJ(obj) +ASN1_OBJECT *obj; + { + int nid; + + nid=OBJ_obj2nid(obj); + if (nid == V_ASN1_UNDEF) return(V_ASN1_UNDEF); + return(X509v3_data_type_by_NID(nid)); + } + +int X509v3_data_type_by_NID(nid) +int nid; + { + X509_EXTENSION_METHOD *x; + + x=find_by_nid(nid); + if (x == NULL) + return(V_ASN1_UNDEF); + else + return(x->data_type); + } + +int X509v3_pack_type_by_OBJ(obj) +ASN1_OBJECT *obj; + { + int nid; + + nid=OBJ_obj2nid(obj); + if (nid == NID_undef) return(X509_EXT_PACK_UNKNOWN); + return(X509v3_pack_type_by_NID(nid)); + } + +int X509v3_pack_type_by_NID(nid) +int nid; + { + X509_EXTENSION_METHOD *x; + + x=find_by_nid(nid); + if (x == NULL) + return(X509_EXT_PACK_UNKNOWN); + else + return(x->pack_type); + } + +static X509_EXTENSION_METHOD *find_by_nid(nid) +int nid; + { + X509_EXTENSION_METHOD x; + int i; + + x.nid=nid; + if (extensions == NULL) return(NULL); + i=sk_find(extensions,(char *)&x); + if (i < 0) + return(NULL); + else + return((X509_EXTENSION_METHOD *)sk_value(extensions,i)); + } + +static int xem_cmp(a,b) +X509_EXTENSION_METHOD **a,**b; + { + return((*a)->nid-(*b)->nid); + } + +void X509v3_cleanup_extensions() + { + int i; + + if (extensions != NULL) + { + for (i=0; inid=x->nid; + newx->data_type=x->data_type; + newx->pack_type=x->pack_type; + if (!sk_push(extensions,(char *)newx)) + { + Free(newx); + goto err; + } + return(1); +err: + X509err(X509_F_X509V3_ADD_EXTENSION,ERR_R_MALLOC_FAILURE); + return(0); + } + diff --git a/src/lib/libcrypto/x509/x509_vfy.c b/src/lib/libcrypto/x509/x509_vfy.c new file mode 100644 index 0000000000..c1be91edba --- /dev/null +++ b/src/lib/libcrypto/x509/x509_vfy.c @@ -0,0 +1,704 @@ +/* crypto/x509/x509_vfy.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include +#include +#include +#include +#include + +#include "crypto.h" +#include "cryptlib.h" +#include "lhash.h" +#include "buffer.h" +#include "evp.h" +#include "asn1.h" +#include "x509.h" +#include "objects.h" +#include "pem.h" + +#ifndef NOPROTO +static int null_callback(int ok,X509_STORE_CTX *e); +static int internal_verify(X509_STORE_CTX *ctx); +#else +static int null_callback(); +static int internal_verify(); +#endif + +char *X509_version="X509 part of SSLeay 0.9.0b 29-Jun-1998"; +static STACK *x509_store_ctx_method=NULL; +static int x509_store_ctx_num=0; +#if 0 +static int x509_store_num=1; +static STACK *x509_store_method=NULL; +#endif + +static int null_callback(ok,e) +int ok; +X509_STORE_CTX *e; + { + return(ok); + } + +#if 0 +static int x509_subject_cmp(a,b) +X509 **a,**b; + { + return(X509_subject_name_cmp(*a,*b)); + } +#endif + +int X509_verify_cert(ctx) +X509_STORE_CTX *ctx; + { + X509 *x,*xtmp,*chain_ss=NULL; + X509_NAME *xn; + X509_OBJECT obj; + int depth,i,ok=0; + int num; + int (*cb)(); + STACK *sktmp=NULL; + + if (ctx->cert == NULL) + { + X509err(X509_F_X509_VERIFY_CERT,X509_R_NO_CERT_SET_FOR_US_TO_VERIFY); + return(-1); + } + + cb=ctx->ctx->verify_cb; + if (cb == NULL) cb=null_callback; + + /* first we make sure the chain we are going to build is + * present and that the first entry is in place */ + if (ctx->chain == NULL) + { + if ( ((ctx->chain=sk_new_null()) == NULL) || + (!sk_push(ctx->chain,(char *)ctx->cert))) + { + X509err(X509_F_X509_VERIFY_CERT,ERR_R_MALLOC_FAILURE); + goto end; + } + CRYPTO_add(&ctx->cert->references,1,CRYPTO_LOCK_X509); + ctx->last_untrusted=1; + } + + /* We use a temporary so we can chop and hack at it */ + if ((ctx->untrusted != NULL) && (sktmp=sk_dup(ctx->untrusted)) == NULL) + { + X509err(X509_F_X509_VERIFY_CERT,ERR_R_MALLOC_FAILURE); + goto end; + } + + num=sk_num(ctx->chain); + x=(X509 *)sk_value(ctx->chain,num-1); + depth=ctx->depth; + + + for (;;) + { + /* If we have enough, we break */ + if (depth <= num) break; + + /* If we are self signed, we break */ + xn=X509_get_issuer_name(x); + if (X509_NAME_cmp(X509_get_subject_name(x),xn) == 0) + break; + + /* If we were passed a cert chain, use it first */ + if (ctx->untrusted != NULL) + { + xtmp=X509_find_by_subject(sktmp,xn); + if (xtmp != NULL) + { + if (!sk_push(ctx->chain,(char *)xtmp)) + { + X509err(X509_F_X509_VERIFY_CERT,ERR_R_MALLOC_FAILURE); + goto end; + } + CRYPTO_add(&xtmp->references,1,CRYPTO_LOCK_X509); + sk_delete_ptr(sktmp,(char *)xtmp); + ctx->last_untrusted++; + x=xtmp; + num++; + /* reparse the full chain for + * the next one */ + continue; + } + } + break; + } + + /* at this point, chain should contain a list of untrusted + * certificates. We now need to add at least one trusted one, + * if possible, otherwise we complain. */ + + i=sk_num(ctx->chain); + x=(X509 *)sk_value(ctx->chain,i-1); + if (X509_NAME_cmp(X509_get_subject_name(x),X509_get_issuer_name(x)) + == 0) + { + /* we have a self signed certificate */ + if (sk_num(ctx->chain) == 1) + { + ctx->error=X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT; + ctx->current_cert=x; + ctx->error_depth=i-1; + ok=cb(0,ctx); + if (!ok) goto end; + } + else + { + /* worry more about this one elsewhere */ + chain_ss=(X509 *)sk_pop(ctx->chain); + ctx->last_untrusted--; + num--; + x=(X509 *)sk_value(ctx->chain,num-1); + } + } + + /* We now lookup certs from the certificate store */ + for (;;) + { + /* If we have enough, we break */ + if (depth <= num) break; + + /* If we are self signed, we break */ + xn=X509_get_issuer_name(x); + if (X509_NAME_cmp(X509_get_subject_name(x),xn) == 0) + break; + + ok=X509_STORE_get_by_subject(ctx,X509_LU_X509,xn,&obj); + if (ok != X509_LU_X509) + { + if (ok == X509_LU_RETRY) + { + X509_OBJECT_free_contents(&obj); + X509err(X509_F_X509_VERIFY_CERT,X509_R_SHOULD_RETRY); + return(ok); + } + else if (ok != X509_LU_FAIL) + { + X509_OBJECT_free_contents(&obj); + /* not good :-(, break anyway */ + return(ok); + } + break; + } + x=obj.data.x509; + if (!sk_push(ctx->chain,(char *)obj.data.x509)) + { + X509_OBJECT_free_contents(&obj); + X509err(X509_F_X509_VERIFY_CERT,ERR_R_MALLOC_FAILURE); + return(0); + } + num++; + } + + /* we now have our chain, lets check it... */ + xn=X509_get_issuer_name(x); + if (X509_NAME_cmp(X509_get_subject_name(x),xn) != 0) + { + if ((chain_ss == NULL) || (X509_NAME_cmp(X509_get_subject_name(chain_ss),xn) != 0)) + { + if (ctx->last_untrusted >= num) + ctx->error=X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY; + else + ctx->error=X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT; + ctx->current_cert=x; + } + else + { + + sk_push(ctx->chain,(char *)chain_ss); + num++; + ctx->last_untrusted=num; + ctx->current_cert=chain_ss; + ctx->error=X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN; + chain_ss=NULL; + } + + ctx->error_depth=num-1; + ok=cb(0,ctx); + if (!ok) goto end; + } + + /* We may as well copy down any DSA parameters that are required */ + X509_get_pubkey_parameters(NULL,ctx->chain); + + /* At this point, we have a chain and just need to verify it */ + if (ctx->ctx->verify != NULL) + ok=ctx->ctx->verify(ctx); + else + ok=internal_verify(ctx); +end: + if (sktmp != NULL) sk_free(sktmp); + if (chain_ss != NULL) X509_free(chain_ss); + return(ok); + } + +static int internal_verify(ctx) +X509_STORE_CTX *ctx; + { + int i,ok=0,n; + X509 *xs,*xi; + EVP_PKEY *pkey=NULL; + int (*cb)(); + + cb=ctx->ctx->verify_cb; + if (cb == NULL) cb=null_callback; + + n=sk_num(ctx->chain); + ctx->error_depth=n-1; + n--; + xi=(X509 *)sk_value(ctx->chain,n); + if (X509_NAME_cmp(X509_get_subject_name(xi), + X509_get_issuer_name(xi)) == 0) + xs=xi; + else + { + if (n <= 0) + { + ctx->error=X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE; + ctx->current_cert=xi; + ok=cb(0,ctx); + goto end; + } + else + { + n--; + ctx->error_depth=n; + xs=(X509 *)sk_value(ctx->chain,n); + } + } + +/* ctx->error=0; not needed */ + while (n >= 0) + { + ctx->error_depth=n; + if (!xs->valid) + { + if ((pkey=X509_get_pubkey(xi)) == NULL) + { + ctx->error=X509_V_ERR_UNABLE_TO_DECODE_ISSUER_PUBLIC_KEY; + ctx->current_cert=xi; + ok=(*cb)(0,ctx); + if (!ok) goto end; + } + if (X509_verify(xs,pkey) <= 0) + { + ctx->error=X509_V_ERR_CERT_SIGNATURE_FAILURE; + ctx->current_cert=xs; + ok=(*cb)(0,ctx); + if (!ok) goto end; + } + pkey=NULL; + + i=X509_cmp_current_time(X509_get_notBefore(xs)); + if (i == 0) + { + ctx->error=X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD; + ctx->current_cert=xs; + ok=(*cb)(0,ctx); + if (!ok) goto end; + } + if (i > 0) + { + ctx->error=X509_V_ERR_CERT_NOT_YET_VALID; + ctx->current_cert=xs; + ok=(*cb)(0,ctx); + if (!ok) goto end; + } + xs->valid=1; + } + + i=X509_cmp_current_time(X509_get_notAfter(xs)); + if (i == 0) + { + ctx->error=X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD; + ctx->current_cert=xs; + ok=(*cb)(0,ctx); + if (!ok) goto end; + } + + if (i < 0) + { + ctx->error=X509_V_ERR_CERT_HAS_EXPIRED; + ctx->current_cert=xs; + ok=(*cb)(0,ctx); + if (!ok) goto end; + } + + /* CRL CHECK */ + + /* The last error (if any) is still in the error value */ + ctx->current_cert=xs; + ok=(*cb)(1,ctx); + if (!ok) goto end; + + n--; + if (n >= 0) + { + xi=xs; + xs=(X509 *)sk_value(ctx->chain,n); + } + } + ok=1; +end: + return(ok); + } + +int X509_cmp_current_time(ctm) +ASN1_UTCTIME *ctm; + { + char *str; + ASN1_UTCTIME atm; + time_t offset; + char buff1[24],buff2[24],*p; + int i,j; + + p=buff1; + i=ctm->length; + str=(char *)ctm->data; + if ((i < 11) || (i > 17)) return(0); + memcpy(p,str,10); + p+=10; + str+=10; + + if ((*str == 'Z') || (*str == '-') || (*str == '+')) + { *(p++)='0'; *(p++)='0'; } + else { *(p++)= *(str++); *(p++)= *(str++); } + *(p++)='Z'; + *(p++)='\0'; + + if (*str == 'Z') + offset=0; + else + { + if ((*str != '+') && (str[5] != '-')) + return(0); + offset=((str[1]-'0')*10+(str[2]-'0'))*60; + offset+=(str[3]-'0')*10+(str[4]-'0'); + if (*str == '-') + offset=-offset; + } + atm.type=V_ASN1_UTCTIME; + atm.length=sizeof(buff2); + atm.data=(unsigned char *)buff2; + + X509_gmtime_adj(&atm,-offset); + + i=(buff1[0]-'0')*10+(buff1[1]-'0'); + if (i < 70) i+=100; + j=(buff2[0]-'0')*10+(buff2[1]-'0'); + if (j < 70) j+=100; + + if (i < j) return (-1); + if (i > j) return (1); + i=strcmp(buff1,buff2); + if (i == 0) /* wait a second then return younger :-) */ + return(-1); + else + return(i); + } + +ASN1_UTCTIME *X509_gmtime_adj(s, adj) +ASN1_UTCTIME *s; +long adj; + { + time_t t; + + time(&t); + t+=adj; + return(ASN1_UTCTIME_set(s,t)); + } + +int X509_get_pubkey_parameters(pkey,chain) +EVP_PKEY *pkey; +STACK *chain; + { + EVP_PKEY *ktmp=NULL,*ktmp2; + int i,j; + + if ((pkey != NULL) && !EVP_PKEY_missing_parameters(pkey)) return(1); + + for (i=0; i= 0; j--) + { + ktmp2=X509_get_pubkey((X509 *)sk_value(chain,j)); + EVP_PKEY_copy_parameters(ktmp2,ktmp); + } + + if (pkey != NULL) + EVP_PKEY_copy_parameters(pkey,ktmp); + return(1); + } + +EVP_PKEY *X509_get_pubkey(x) +X509 *x; + { + if ((x == NULL) || (x->cert_info == NULL)) + return(NULL); + return(X509_PUBKEY_get(x->cert_info->key)); + } + +int X509_check_private_key(x,k) +X509 *x; +EVP_PKEY *k; + { + EVP_PKEY *xk=NULL; + int ok=0; + + xk=X509_get_pubkey(x); + if (xk->type != k->type) goto err; + switch (k->type) + { +#ifndef NO_RSA + case EVP_PKEY_RSA: + if (BN_cmp(xk->pkey.rsa->n,k->pkey.rsa->n) != 0) goto err; + if (BN_cmp(xk->pkey.rsa->e,k->pkey.rsa->e) != 0) goto err; + break; +#endif +#ifndef NO_DSA + case EVP_PKEY_DSA: + if (BN_cmp(xk->pkey.dsa->pub_key,k->pkey.dsa->pub_key) != 0) + goto err; + break; +#endif +#ifndef NO_DH + case EVP_PKEY_DH: + /* No idea */ + goto err; +#endif + default: + goto err; + } + + ok=1; +err: + return(ok); + } + +int X509_STORE_add_cert(ctx,x) +X509_STORE *ctx; +X509 *x; + { + X509_OBJECT *obj,*r; + int ret=1; + + if (x == NULL) return(0); + obj=(X509_OBJECT *)Malloc(sizeof(X509_OBJECT)); + if (obj == NULL) + { + X509err(X509_F_X509_STORE_ADD_CERT,ERR_R_MALLOC_FAILURE); + return(0); + } + obj->type=X509_LU_X509; + obj->data.x509=x; + + CRYPTO_w_lock(CRYPTO_LOCK_X509_STORE); + + X509_OBJECT_up_ref_count(obj); + + r=(X509_OBJECT *)lh_insert(ctx->certs,(char *)obj); + if (r != NULL) + { /* oops, put it back */ + lh_delete(ctx->certs,(char *)obj); + X509_OBJECT_free_contents(obj); + Free(obj); + lh_insert(ctx->certs,(char *)r); + X509err(X509_F_X509_STORE_ADD_CERT,X509_R_CERT_ALREADY_IN_HASH_TABLE); + ret=0; + } + + CRYPTO_w_unlock(CRYPTO_LOCK_X509_STORE); + + return(ret); + } + +int X509_STORE_add_crl(ctx,x) +X509_STORE *ctx; +X509_CRL *x; + { + X509_OBJECT *obj,*r; + int ret=1; + + if (x == NULL) return(0); + obj=(X509_OBJECT *)Malloc(sizeof(X509_OBJECT)); + if (obj == NULL) + { + X509err(X509_F_X509_STORE_ADD_CRL,ERR_R_MALLOC_FAILURE); + return(0); + } + obj->type=X509_LU_CRL; + obj->data.crl=x; + + CRYPTO_w_lock(CRYPTO_LOCK_X509_STORE); + + X509_OBJECT_up_ref_count(obj); + + r=(X509_OBJECT *)lh_insert(ctx->certs,(char *)obj); + if (r != NULL) + { /* oops, put it back */ + lh_delete(ctx->certs,(char *)obj); + X509_OBJECT_free_contents(obj); + Free(obj); + lh_insert(ctx->certs,(char *)r); + X509err(X509_F_X509_STORE_ADD_CRL,X509_R_CERT_ALREADY_IN_HASH_TABLE); + ret=0; + } + + CRYPTO_w_unlock(CRYPTO_LOCK_X509_STORE); + + return(ret); + } + +int X509_STORE_CTX_get_ex_new_index(argl,argp,new_func,dup_func,free_func) +long argl; +char *argp; +int (*new_func)(); +int (*dup_func)(); +void (*free_func)(); + { + x509_store_ctx_num++; + return(CRYPTO_get_ex_new_index(x509_store_ctx_num-1, + &x509_store_ctx_method, + argl,argp,new_func,dup_func,free_func)); + } + +int X509_STORE_CTX_set_ex_data(ctx,idx,data) +X509_STORE_CTX *ctx; +int idx; +char *data; + { + return(CRYPTO_set_ex_data(&ctx->ex_data,idx,data)); + } + +char *X509_STORE_CTX_get_ex_data(ctx,idx) +X509_STORE_CTX *ctx; +int idx; + { + return(CRYPTO_get_ex_data(&ctx->ex_data,idx)); + } + +int X509_STORE_CTX_get_error(ctx) +X509_STORE_CTX *ctx; + { + return(ctx->error); + } + +void X509_STORE_CTX_set_error(ctx,err) +X509_STORE_CTX *ctx; +int err; + { + ctx->error=err; + } + +int X509_STORE_CTX_get_error_depth(ctx) +X509_STORE_CTX *ctx; + { + return(ctx->error_depth); + } + +X509 *X509_STORE_CTX_get_current_cert(ctx) +X509_STORE_CTX *ctx; + { + return(ctx->current_cert); + } + +STACK *X509_STORE_CTX_get_chain(ctx) +X509_STORE_CTX *ctx; + { + return(ctx->chain); + } + +void X509_STORE_CTX_set_cert(ctx,x) +X509_STORE_CTX *ctx; +X509 *x; + { + ctx->cert=x; + } + +void X509_STORE_CTX_set_chain(ctx,sk) +X509_STORE_CTX *ctx; +STACK *sk; + { + ctx->untrusted=sk; + } + + diff --git a/src/lib/libcrypto/x509/x509_vfy.h b/src/lib/libcrypto/x509/x509_vfy.h new file mode 100644 index 0000000000..dfc060f899 --- /dev/null +++ b/src/lib/libcrypto/x509/x509_vfy.h @@ -0,0 +1,378 @@ +/* crypto/x509/x509_vfy.h */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#ifndef HEADER_X509_VFY_H +#define HEADER_X509_VFY_H + +#ifdef __cplusplus +extern "C" { +#endif + +#include "bio.h" +#include "crypto.h" + +/* Outer object */ +typedef struct x509_hash_dir_st + { + int num_dirs; + char **dirs; + int *dirs_type; + int num_dirs_alloced; + } X509_HASH_DIR_CTX; + +typedef struct x509_file_st + { + int num_paths; /* number of paths to files or directories */ + int num_alloced; + char **paths; /* the list of paths or directories */ + int *path_type; + } X509_CERT_FILE_CTX; + +/*******************************/ +/* +SSL_CTX -> X509_STORE + -> X509_LOOKUP + ->X509_LOOKUP_METHOD + -> X509_LOOKUP + ->X509_LOOKUP_METHOD + +SSL -> X509_STORE_CTX + ->X509_STORE + +The X509_STORE holds the tables etc for verification stuff. +A X509_STORE_CTX is used while validating a single certificate. +The X509_STORE has X509_LOOKUPs for looking up certs. +The X509_STORE then calls a function to actually verify the +certificate chain. +*/ + +#define X509_LU_RETRY -1 +#define X509_LU_FAIL 0 +#define X509_LU_X509 1 +#define X509_LU_CRL 2 +#define X509_LU_PKEY 3 + +typedef struct x509_object_st + { + /* one of the above types */ + int type; + union { + char *ptr; + X509 *x509; + X509_CRL *crl; + EVP_PKEY *pkey; + } data; + } X509_OBJECT; + +/* This is a static that defines the function interface */ +typedef struct x509_lookup_method_st + { + char *name; + int (*new_item)(); + void (*free)(); + int (*init)(/* meth, char ** */); + int (*shutdown)( /* meth, char ** */); + int (*ctrl)( /* meth, char **, int cmd, char *argp, int argi */); + int (*get_by_subject)(/* meth, char **, XNAME *, X509 **ret */); + int (*get_by_issuer_serial)(); + int (*get_by_fingerprint)(); + int (*get_by_alias)(); + } X509_LOOKUP_METHOD; + +/* This is used to hold everything. It is used for all certificate + * validation. Once we have a certificate chain, the 'verify' + * function is then called to actually check the cert chain. */ +typedef struct x509_store_st + { + /* The following is a cache of trusted certs */ + int cache; /* if true, stash any hits */ +#ifdef HEADER_LHASH_H + LHASH *certs; /* cached certs; */ +#else + char *certs; +#endif + + /* These are external lookup methods */ + STACK *get_cert_methods;/* X509_LOOKUP */ + int (*verify)(); /* called to verify a certificate */ + int (*verify_cb)(); /* error callback */ + + CRYPTO_EX_DATA ex_data; + int references; + int depth; /* how deep to look */ + } X509_STORE; + +#define X509_STORE_set_depth(ctx,d) ((ctx)->depth=(d)) + +#define X509_STORE_set_verify_cb_func(ctx,func) ((ctx)->verify_cb=(func)) +#define X509_STORE_set_verify_func(ctx,func) ((ctx)->verify=(func)) + +/* This is the functions plus an instance of the local variables. */ +typedef struct x509_lookup_st + { + int init; /* have we been started */ + int skip; /* don't use us. */ + X509_LOOKUP_METHOD *method; /* the functions */ + char *method_data; /* method data */ + + X509_STORE *store_ctx; /* who owns us */ + } X509_LOOKUP; + +/* This is a temporary used when processing cert chains. Since the + * gathering of the cert chain can take some time (and have to be + * 'retried', this needs to be kept and passed around. */ +typedef struct x509_store_state_st + { + X509_STORE *ctx; + int current_method; /* used when looking up certs */ + + /* The following are set by the caller */ + X509 *cert; /* The cert to check */ + STACK *untrusted; /* chain of X509s - untrusted - passed in */ + + /* The following is built up */ + int depth; /* how far to go looking up certs */ + int valid; /* if 0, rebuild chain */ + int last_untrusted; /* index of last untrusted cert */ + STACK *chain; /* chain of X509s - built up and trusted */ + + /* When something goes wrong, this is why */ + int error_depth; + int error; + X509 *current_cert; + + CRYPTO_EX_DATA ex_data; + } X509_STORE_CTX; + +#define X509_STORE_CTX_set_app_data(ctx,data) \ + X509_STORE_CTX_set_ex_data(ctx,0,data) +#define X509_STORE_CTX_get_app_data(ctx) \ + X509_STORE_CTX_get_ex_data(ctx,0) + +#define X509_L_FILE_LOAD 1 +#define X509_L_ADD_DIR 2 + +X509_LOOKUP_METHOD *X509_LOOKUP_file(); +#define X509_LOOKUP_load_file(x,name,type) \ + X509_LOOKUP_ctrl((x),X509_L_FILE_LOAD,(name),(long)(type),NULL) + +X509_LOOKUP_METHOD *X509_LOOKUP_dir(); +#define X509_LOOKUP_add_dir(x,name,type) \ + X509_LOOKUP_ctrl((x),X509_L_ADD_DIR,(name),(long)(type),NULL) + +#define X509_V_OK 0 + +#define X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT 2 +#define X509_V_ERR_UNABLE_TO_GET_CRL 3 +#define X509_V_ERR_UNABLE_TO_DECRYPT_CERT_SIGNATURE 4 +#define X509_V_ERR_UNABLE_TO_DECRYPT_CRL_SIGNATURE 5 +#define X509_V_ERR_UNABLE_TO_DECODE_ISSUER_PUBLIC_KEY 6 +#define X509_V_ERR_CERT_SIGNATURE_FAILURE 7 +#define X509_V_ERR_CRL_SIGNATURE_FAILURE 8 +#define X509_V_ERR_CERT_NOT_YET_VALID 9 +#define X509_V_ERR_CERT_HAS_EXPIRED 10 +#define X509_V_ERR_CRL_NOT_YET_VALID 11 +#define X509_V_ERR_CRL_HAS_EXPIRED 12 +#define X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD 13 +#define X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD 14 +#define X509_V_ERR_ERROR_IN_CRL_LAST_UPDATE_FIELD 15 +#define X509_V_ERR_ERROR_IN_CRL_NEXT_UPDATE_FIELD 16 +#define X509_V_ERR_OUT_OF_MEM 17 +#define X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT 18 +#define X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN 19 +#define X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY 20 +#define X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE 21 +#define X509_V_ERR_CERT_CHAIN_TOO_LONG 22 +#define X509_V_ERR_CERT_REVOKED 23 + +/* The application is not happy */ +#define X509_V_ERR_APPLICATION_VERIFICATION 50 + +#ifndef NOPROTO +#ifdef HEADER_LHASH_H +X509_OBJECT *X509_OBJECT_retrive_by_subject(LHASH *h,int type,X509_NAME *name); +#endif +void X509_OBJECT_up_ref_count(X509_OBJECT *a); +void X509_OBJECT_free_contents(X509_OBJECT *a); +X509_STORE *X509_STORE_new(void ); +void X509_STORE_free(X509_STORE *v); + +void X509_STORE_CTX_init(X509_STORE_CTX *ctx, X509_STORE *store, + X509 *x509, STACK *chain); +void X509_STORE_CTX_cleanup(X509_STORE_CTX *ctx); + +X509_LOOKUP *X509_STORE_add_lookup(X509_STORE *v, X509_LOOKUP_METHOD *m); + +X509_LOOKUP_METHOD *X509_LOOKUP_hash_dir(void); +X509_LOOKUP_METHOD *X509_LOOKUP_file(void); + +int X509_STORE_add_cert(X509_STORE *ctx, X509 *x); +int X509_STORE_add_crl(X509_STORE *ctx, X509_CRL *x); + +int X509_STORE_get_by_subject(X509_STORE_CTX *vs,int type,X509_NAME *name, + X509_OBJECT *ret); + +int X509_LOOKUP_ctrl(X509_LOOKUP *ctx,int cmd,char *argc,long argl,char **ret); + +#ifndef NO_STDIO +int X509_load_cert_file(X509_LOOKUP *ctx, char *file, int type); +int X509_load_crl_file(X509_LOOKUP *ctx, char *file, int type); +#endif + +void X509v3_cleanup_extensions(void ); +int X509v3_add_extension(X509_EXTENSION_METHOD *x); +int X509v3_add_netscape_extensions(void ); +int X509v3_add_standard_extensions(void ); + +X509_LOOKUP *X509_LOOKUP_new(X509_LOOKUP_METHOD *method); +void X509_LOOKUP_free(X509_LOOKUP *ctx); +int X509_LOOKUP_init(X509_LOOKUP *ctx); +int X509_LOOKUP_by_subject(X509_LOOKUP *ctx, int type, X509_NAME *name, + X509_OBJECT *ret); +int X509_LOOKUP_by_issuer_serial(X509_LOOKUP *ctx, int type, X509_NAME *name, + ASN1_INTEGER *serial, X509_OBJECT *ret); +int X509_LOOKUP_by_fingerprint(X509_LOOKUP *ctx, int type, + unsigned char *bytes, int len, X509_OBJECT *ret); +int X509_LOOKUP_by_alias(X509_LOOKUP *ctx, int type, char *str, + int len, X509_OBJECT *ret); +int X509_LOOKUP_shutdown(X509_LOOKUP *ctx); + +#ifndef NO_STDIO +int X509_STORE_load_locations (X509_STORE *ctx, + char *file, char *dir); +int X509_STORE_set_default_paths(X509_STORE *ctx); +#endif + +int X509_STORE_CTX_get_ex_new_index(long argl, char *argp, int (*new_func)(), + int (*dup_func)(), void (*free_func)()); +int X509_STORE_CTX_set_ex_data(X509_STORE_CTX *ctx,int idx,char *data); +char * X509_STORE_CTX_get_ex_data(X509_STORE_CTX *ctx,int idx); +int X509_STORE_CTX_get_error(X509_STORE_CTX *ctx); +void X509_STORE_CTX_set_error(X509_STORE_CTX *ctx,int s); +int X509_STORE_CTX_get_error_depth(X509_STORE_CTX *ctx); +X509 * X509_STORE_CTX_get_current_cert(X509_STORE_CTX *ctx); +STACK * X509_STORE_CTX_get_chain(X509_STORE_CTX *ctx); +void X509_STORE_CTX_set_cert(X509_STORE_CTX *c,X509 *x); +void X509_STORE_CTX_set_chain(X509_STORE_CTX *c,STACK /* X509 */ *sk); + +#else + +#ifdef HEADER_LHASH_H +X509_OBJECT *X509_OBJECT_retrive_by_subject(); +#endif +void X509_OBJECT_up_ref_count(); +void X509_OBJECT_free_contents(); +X509_STORE *X509_STORE_new(); +void X509_STORE_free(); + +void X509_STORE_CTX_init(); +void X509_STORE_CTX_cleanup(); + +X509_LOOKUP *X509_STORE_add_lookup(); + +X509_LOOKUP_METHOD *X509_LOOKUP_hash_dir(); +X509_LOOKUP_METHOD *X509_LOOKUP_file(); + +int X509_STORE_add_cert(); +int X509_STORE_add_crl(); + +int X509_STORE_get_by_subject(); + +int X509_LOOKUP_ctrl(); + +#ifndef NO_STDIO +int X509_load_cert_file(); +int X509_load_crl_file(); +#endif + +void X509v3_cleanup_extensions(); +int X509v3_add_extension(); +int X509v3_add_netscape_extensions(); +int X509v3_add_standard_extensions(); + +X509_LOOKUP *X509_LOOKUP_new(); +void X509_LOOKUP_free(); +int X509_LOOKUP_init(); +int X509_LOOKUP_by_subject(); +int X509_LOOKUP_by_issuer_serial(); +int X509_LOOKUP_by_fingerprint(); +int X509_LOOKUP_by_alias(); +int X509_LOOKUP_shutdown(); + +#ifndef NO_STDIO +int X509_STORE_load_locations (); +int X509_STORE_set_default_paths(); +#endif + +int X509_STORE_CTX_set_ex_data(); +char * X509_STORE_CTX_get_ex_data(); +int X509_STORE_CTX_get_error(); +void X509_STORE_CTX_set_error(); +int X509_STORE_CTX_get_error_depth(); +X509 * X509_STORE_CTX_get_current_cert(); +STACK * X509_STORE_CTX_get_chain(); +void X509_STORE_CTX_set_cert(); +void X509_STORE_CTX_set_chain(); + +#endif + +#ifdef __cplusplus +} +#endif +#endif + diff --git a/src/lib/libcrypto/x509/x509name.c b/src/lib/libcrypto/x509/x509name.c new file mode 100644 index 0000000000..650e71b1b5 --- /dev/null +++ b/src/lib/libcrypto/x509/x509name.c @@ -0,0 +1,358 @@ +/* crypto/x509/x509name.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include +#include "stack.h" +#include "cryptlib.h" +#include "asn1.h" +#include "objects.h" +#include "evp.h" +#include "x509.h" + +int X509_NAME_get_text_by_NID(name,nid,buf,len) +X509_NAME *name; +int nid; +char *buf; +int len; + { + ASN1_OBJECT *obj; + + obj=OBJ_nid2obj(nid); + if (obj == NULL) return(-1); + return(X509_NAME_get_text_by_OBJ(name,obj,buf,len)); + } + +int X509_NAME_get_text_by_OBJ(name,obj,buf,len) +X509_NAME *name; +ASN1_OBJECT *obj; +char *buf; +int len; + { + int i; + ASN1_STRING *data; + + i=X509_NAME_get_index_by_OBJ(name,obj,-1); + if (i < 0) return(-1); + data=X509_NAME_ENTRY_get_data(X509_NAME_get_entry(name,i)); + i=(data->length > (len-1))?(len-1):data->length; + if (buf == NULL) return(data->length); + memcpy(buf,data->data,i); + buf[i]='\0'; + return(i); + } + +int X509_NAME_entry_count(name) +X509_NAME *name; + { + if (name == NULL) return(0); + return(sk_num(name->entries)); + } + +int X509_NAME_get_index_by_NID(name,nid,lastpos) +X509_NAME *name; +int nid; +int lastpos; + { + ASN1_OBJECT *obj; + + obj=OBJ_nid2obj(nid); + if (obj == NULL) return(-2); + return(X509_NAME_get_index_by_OBJ(name,obj,lastpos)); + } + +/* NOTE: you should be passsing -1, not 0 as lastpos */ +int X509_NAME_get_index_by_OBJ(name,obj,lastpos) +X509_NAME *name; +ASN1_OBJECT *obj; +int lastpos; + { + int n; + X509_NAME_ENTRY *ne; + STACK *sk; + + if (name == NULL) return(-1); + if (lastpos < 0) + lastpos= -1; + sk=name->entries; + n=sk_num(sk); + for (lastpos++; lastpos < n; lastpos++) + { + ne=(X509_NAME_ENTRY *)sk_value(sk,lastpos); + if (OBJ_cmp(ne->object,obj) == 0) + return(lastpos); + } + return(-1); + } + +X509_NAME_ENTRY *X509_NAME_get_entry(name,loc) +X509_NAME *name; +int loc; + { + if ( (name == NULL) || (sk_num(name->entries) <= loc) || (loc < 0)) + return(NULL); + else + return((X509_NAME_ENTRY *)sk_value(name->entries,loc)); + } + +X509_NAME_ENTRY *X509_NAME_delete_entry(name,loc) +X509_NAME *name; +int loc; + { + X509_NAME_ENTRY *ret; + int i,j,n,set_prev,set_next; + STACK *sk; + + if ((name == NULL) || (sk_num(name->entries) <= loc) || (loc < 0)) + return(NULL); + sk=name->entries; + ret=(X509_NAME_ENTRY *)sk_delete(sk,loc); + n=sk_num(sk); + name->modified=1; + if (loc == n) return(ret); + + /* else we need to fixup the set field */ + if (loc != 0) + set_prev=((X509_NAME_ENTRY *)sk_value(sk,loc-1))->set; + else + set_prev=ret->set-1; + set_next=((X509_NAME_ENTRY *)sk_value(sk,loc))->set; + + /* set_prev is the previous set + * set is the current set + * set_next is the following + * prev 1 1 1 1 1 1 1 1 + * set 1 1 2 2 + * next 1 1 2 2 2 2 3 2 + * so basically only if prev and next differ by 2, then + * re-number down by 1 */ + if (set_prev+1 < set_next) + { + j=set_next-set_prev-1; + for (i=loc; iset-=j; + } + return(ret); + } + +/* if set is -1, append to previous set, 0 'a new one', and 1, + * prepend to the guy we are about to stomp on. */ +int X509_NAME_add_entry(name,ne,loc,set) +X509_NAME *name; +X509_NAME_ENTRY *ne; +int loc; +int set; + { + X509_NAME_ENTRY *new_name=NULL; + int n,i,inc; + STACK *sk; + + if (name == NULL) return(0); + sk=name->entries; + n=sk_num(sk); + if (loc > n) loc=n; + else if (loc < 0) loc=n; + + name->modified=1; + + if (set == -1) + { + if (loc == 0) + { + set=0; + inc=1; + } + else + { + set=((X509_NAME_ENTRY *)sk_value(sk,loc-1))->set; + inc=0; + } + } + else /* if (set >= 0) */ + { + if (loc >= n) + { + if (loc != 0) + set=((X509_NAME_ENTRY *) + sk_value(sk,loc-1))->set+1; + else + set=0; + } + else + set=((X509_NAME_ENTRY *)sk_value(sk,loc))->set; + inc=(set == 0)?1:0; + } + + if ((new_name=X509_NAME_ENTRY_dup(ne)) == NULL) + goto err; + new_name->set=set; + if (!sk_insert(sk,(char *)new_name,loc)) + { + X509err(X509_F_X509_NAME_ADD_ENTRY,ERR_R_MALLOC_FAILURE); + goto err; + } + if (inc) + { + n=sk_num(sk); + for (i=loc+1; iset+=1; + } + return(1); +err: + if (new_name != NULL) + X509_NAME_ENTRY_free(ne); + return(0); + } + +X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_NID(ne,nid,type,bytes,len) +X509_NAME_ENTRY **ne; +int nid; +int type; +unsigned char *bytes; +int len; + { + ASN1_OBJECT *obj; + + obj=OBJ_nid2obj(nid); + if (obj == NULL) + { + X509err(X509_F_X509_NAME_ENTRY_CREATE_BY_NID,X509_R_UNKNOWN_NID); + return(NULL); + } + return(X509_NAME_ENTRY_create_by_OBJ(ne,obj,type,bytes,len)); + } + +X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_OBJ(ne,obj,type,bytes,len) +X509_NAME_ENTRY **ne; +ASN1_OBJECT *obj; +int type; +unsigned char *bytes; +int len; + { + X509_NAME_ENTRY *ret; + + if ((ne == NULL) || (*ne == NULL)) + { + if ((ret=X509_NAME_ENTRY_new()) == NULL) + return(NULL); + } + else + ret= *ne; + + if (!X509_NAME_ENTRY_set_object(ret,obj)) + goto err; + if (!X509_NAME_ENTRY_set_data(ret,type,bytes,len)) + goto err; + + if ((ne != NULL) && (*ne == NULL)) *ne=ret; + return(ret); +err: + if ((ne == NULL) || (ret != *ne)) + X509_NAME_ENTRY_free(ret); + return(NULL); + } + +int X509_NAME_ENTRY_set_object(ne,obj) +X509_NAME_ENTRY *ne; +ASN1_OBJECT *obj; + { + if ((ne == NULL) || (obj == NULL)) + { + X509err(X509_F_X509_NAME_ENTRY_SET_OBJECT,ERR_R_PASSED_NULL_PARAMETER); + return(0); + } + ASN1_OBJECT_free(ne->object); + ne->object=OBJ_dup(obj); + return((ne->object == NULL)?0:1); + } + +int X509_NAME_ENTRY_set_data(ne,type,bytes,len) +X509_NAME_ENTRY *ne; +int type; +unsigned char *bytes; +int len; + { + int i; + + if ((ne == NULL) || ((bytes == NULL) && (len != 0))) return(0); + if (len < 0) len=strlen((char *)bytes); + i=ASN1_STRING_set(ne->value,bytes,len); + if (!i) return(0); + if (type != V_ASN1_UNDEF) + { + if (type == V_ASN1_APP_CHOOSE) + ne->value->type=ASN1_PRINTABLE_type(bytes,len); + else + ne->value->type=type; + } + return(1); + } + +ASN1_OBJECT *X509_NAME_ENTRY_get_object(ne) +X509_NAME_ENTRY *ne; + { + if (ne == NULL) return(NULL); + return(ne->object); + } + +ASN1_STRING *X509_NAME_ENTRY_get_data(ne) +X509_NAME_ENTRY *ne; + { + if (ne == NULL) return(NULL); + return(ne->value); + } + diff --git a/src/lib/libcrypto/x509/x509rset.c b/src/lib/libcrypto/x509/x509rset.c new file mode 100644 index 0000000000..323b25470a --- /dev/null +++ b/src/lib/libcrypto/x509/x509rset.c @@ -0,0 +1,89 @@ +/* crypto/x509/x509rset.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include +#include "cryptlib.h" +#include "asn1.h" +#include "objects.h" +#include "evp.h" +#include "x509.h" + +int X509_REQ_set_version(x,version) +X509_REQ *x; +long version; + { + if (x == NULL) return(0); + return(ASN1_INTEGER_set(x->req_info->version,version)); + } + +int X509_REQ_set_subject_name(x,name) +X509_REQ *x; +X509_NAME *name; + { + if ((x == NULL) || (x->req_info == NULL)) return(0); + return(X509_NAME_set(&x->req_info->subject,name)); + } + +int X509_REQ_set_pubkey(x,pkey) +X509_REQ *x; +EVP_PKEY *pkey; + { + if ((x == NULL) || (x->req_info == NULL)) return(0); + return(X509_PUBKEY_set(&x->req_info->pubkey,pkey)); + } + diff --git a/src/lib/libcrypto/x509/x509type.c b/src/lib/libcrypto/x509/x509type.c new file mode 100644 index 0000000000..42c23bcfca --- /dev/null +++ b/src/lib/libcrypto/x509/x509type.c @@ -0,0 +1,115 @@ +/* crypto/x509/x509type.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include +#include "cryptlib.h" +#include "evp.h" +#include "objects.h" +#include "x509.h" + +int X509_certificate_type(x,pkey) +X509 *x; +EVP_PKEY *pkey; + { + EVP_PKEY *pk; + int ret=0,i; + + if (x == NULL) return(0); + + if (pkey == NULL) + pk=X509_get_pubkey(x); + else + pk=pkey; + + if (pk == NULL) return(0); + + switch (pk->type) + { + case EVP_PKEY_RSA: + ret=EVP_PK_RSA|EVP_PKT_SIGN; +/* if (!sign only extension) */ + ret|=EVP_PKT_ENC; + break; + case EVP_PKEY_DSA: + ret=EVP_PK_DSA|EVP_PKT_SIGN; + break; + case EVP_PKEY_DH: + ret=EVP_PK_DH|EVP_PKT_EXCH; + break; + default: + break; + } + + i=X509_get_signature_type(x); + switch (i) + { + case EVP_PKEY_RSA: + ret|=EVP_PKS_RSA; + break; + case EVP_PKS_DSA: + ret|=EVP_PKS_DSA; + break; + default: + break; + } + + if (EVP_PKEY_size(pkey) <= 512) + ret|=EVP_PKT_EXP; + return(ret); + } + diff --git a/src/lib/libcrypto/x509/x_all.c b/src/lib/libcrypto/x509/x_all.c new file mode 100644 index 0000000000..b7dde23e9a --- /dev/null +++ b/src/lib/libcrypto/x509/x_all.c @@ -0,0 +1,465 @@ +/* crypto/x509/x_all.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include +#undef SSLEAY_MACROS +#include "stack.h" +#include "cryptlib.h" +#include "buffer.h" +#include "asn1.h" +#include "evp.h" +#include "x509.h" + +int X509_verify(a,r) +X509 *a; +EVP_PKEY *r; + { + return(ASN1_verify((int (*)())i2d_X509_CINF,a->sig_alg, + a->signature,(char *)a->cert_info,r)); + } + +int X509_REQ_verify(a,r) +X509_REQ *a; +EVP_PKEY *r; + { + return( ASN1_verify((int (*)())i2d_X509_REQ_INFO, + a->sig_alg,a->signature,(char *)a->req_info,r)); + } + +int X509_CRL_verify(a,r) +X509_CRL *a; +EVP_PKEY *r; + { + return(ASN1_verify((int (*)())i2d_X509_CRL_INFO, + a->sig_alg, a->signature,(char *)a->crl,r)); + } + +int NETSCAPE_SPKI_verify(a,r) +NETSCAPE_SPKI *a; +EVP_PKEY *r; + { + return(ASN1_verify((int (*)())i2d_NETSCAPE_SPKAC, + a->sig_algor,a->signature, (char *)a->spkac,r)); + } + +int X509_sign(x,pkey,md) +X509 *x; +EVP_PKEY *pkey; +EVP_MD *md; + { + return(ASN1_sign((int (*)())i2d_X509_CINF, x->cert_info->signature, + x->sig_alg, x->signature, (char *)x->cert_info,pkey,md)); + } + +int X509_REQ_sign(x,pkey,md) +X509_REQ *x; +EVP_PKEY *pkey; +EVP_MD *md; + { + return(ASN1_sign((int (*)())i2d_X509_REQ_INFO,x->sig_alg, NULL, + x->signature, (char *)x->req_info,pkey,md)); + } + +int X509_CRL_sign(x,pkey,md) +X509_CRL *x; +EVP_PKEY *pkey; +EVP_MD *md; + { + return(ASN1_sign((int (*)())i2d_X509_CRL_INFO,x->crl->sig_alg, + x->sig_alg, x->signature, (char *)x->crl,pkey,md)); + } + +int NETSCAPE_SPKI_sign(x,pkey,md) +NETSCAPE_SPKI *x; +EVP_PKEY *pkey; +EVP_MD *md; + { + return(ASN1_sign((int (*)())i2d_NETSCAPE_SPKAC, x->sig_algor,NULL, + x->signature, (char *)x->spkac,pkey,md)); + } + +X509 *X509_dup(x509) +X509 *x509; + { + return((X509 *)ASN1_dup((int (*)())i2d_X509, + (char *(*)())d2i_X509,(char *)x509)); + } + +X509_EXTENSION *X509_EXTENSION_dup(ex) +X509_EXTENSION *ex; + { + return((X509_EXTENSION *)ASN1_dup( + (int (*)())i2d_X509_EXTENSION, + (char *(*)())d2i_X509_EXTENSION,(char *)ex)); + } + +#ifndef NO_FP_API +X509 *d2i_X509_fp(fp,x509) +FILE *fp; +X509 *x509; + { + return((X509 *)ASN1_d2i_fp((char *(*)())X509_new, + (char *(*)())d2i_X509, (fp),(unsigned char **)(x509))); + } + +int i2d_X509_fp(fp,x509) +FILE *fp; +X509 *x509; + { + return(ASN1_i2d_fp(i2d_X509,fp,(unsigned char *)x509)); + } +#endif + +X509 *d2i_X509_bio(bp,x509) +BIO *bp; +X509 *x509; + { + return((X509 *)ASN1_d2i_bio((char *(*)())X509_new, + (char *(*)())d2i_X509, (bp),(unsigned char **)(x509))); + } + +int i2d_X509_bio(bp,x509) +BIO *bp; +X509 *x509; + { + return(ASN1_i2d_bio(i2d_X509,bp,(unsigned char *)x509)); + } + +X509_CRL *X509_CRL_dup(crl) +X509_CRL *crl; + { + return((X509_CRL *)ASN1_dup((int (*)())i2d_X509_CRL, + (char *(*)())d2i_X509_CRL,(char *)crl)); + } + +#ifndef NO_FP_API +X509_CRL *d2i_X509_CRL_fp(fp,crl) +FILE *fp; +X509_CRL *crl; + { + return((X509_CRL *)ASN1_d2i_fp((char *(*)()) + X509_CRL_new,(char *(*)())d2i_X509_CRL, (fp), + (unsigned char **)(crl))); + } + +int i2d_X509_CRL_fp(fp,crl) +FILE *fp; +X509_CRL *crl; + { + return(ASN1_i2d_fp(i2d_X509_CRL,fp,(unsigned char *)crl)); + } +#endif + +X509_CRL *d2i_X509_CRL_bio(bp,crl) +BIO *bp; +X509_CRL *crl; + { + return((X509_CRL *)ASN1_d2i_bio((char *(*)()) + X509_CRL_new,(char *(*)())d2i_X509_CRL, (bp), + (unsigned char **)(crl))); + } + +int i2d_X509_CRL_bio(bp,crl) +BIO *bp; +X509_CRL *crl; + { + return(ASN1_i2d_bio(i2d_X509_CRL,bp,(unsigned char *)crl)); + } + +PKCS7 *PKCS7_dup(p7) +PKCS7 *p7; + { + return((PKCS7 *)ASN1_dup((int (*)())i2d_PKCS7, + (char *(*)())d2i_PKCS7,(char *)p7)); + } + +#ifndef NO_FP_API +PKCS7 *d2i_PKCS7_fp(fp,p7) +FILE *fp; +PKCS7 *p7; + { + return((PKCS7 *)ASN1_d2i_fp((char *(*)()) + PKCS7_new,(char *(*)())d2i_PKCS7, (fp), + (unsigned char **)(p7))); + } + +int i2d_PKCS7_fp(fp,p7) +FILE *fp; +PKCS7 *p7; + { + return(ASN1_i2d_fp(i2d_PKCS7,fp,(unsigned char *)p7)); + } +#endif + +PKCS7 *d2i_PKCS7_bio(bp,p7) +BIO *bp; +PKCS7 *p7; + { + return((PKCS7 *)ASN1_d2i_bio((char *(*)()) + PKCS7_new,(char *(*)())d2i_PKCS7, (bp), + (unsigned char **)(p7))); + } + +int i2d_PKCS7_bio(bp,p7) +BIO *bp; +PKCS7 *p7; + { + return(ASN1_i2d_bio(i2d_PKCS7,bp,(unsigned char *)p7)); + } + +X509_REQ *X509_REQ_dup(req) +X509_REQ *req; + { + return((X509_REQ *)ASN1_dup((int (*)())i2d_X509_REQ, + (char *(*)())d2i_X509_REQ,(char *)req)); + } + +#ifndef NO_FP_API +X509_REQ *d2i_X509_REQ_fp(fp,req) +FILE *fp; +X509_REQ *req; + { + return((X509_REQ *)ASN1_d2i_fp((char *(*)()) + X509_REQ_new, (char *(*)())d2i_X509_REQ, (fp), + (unsigned char **)(req))); + } + +int i2d_X509_REQ_fp(fp,req) +FILE *fp; +X509_REQ *req; + { + return(ASN1_i2d_fp(i2d_X509_REQ,fp,(unsigned char *)req)); + } +#endif + +X509_REQ *d2i_X509_REQ_bio(bp,req) +BIO *bp; +X509_REQ *req; + { + return((X509_REQ *)ASN1_d2i_bio((char *(*)()) + X509_REQ_new, (char *(*)())d2i_X509_REQ, (bp), + (unsigned char **)(req))); + } + +int i2d_X509_REQ_bio(bp,req) +BIO *bp; +X509_REQ *req; + { + return(ASN1_i2d_bio(i2d_X509_REQ,bp,(unsigned char *)req)); + } + +#ifndef NO_RSA +RSA *RSAPublicKey_dup(rsa) +RSA *rsa; + { + return((RSA *)ASN1_dup((int (*)())i2d_RSAPublicKey, + (char *(*)())d2i_RSAPublicKey,(char *)rsa)); + } + +RSA *RSAPrivateKey_dup(rsa) +RSA *rsa; + { + return((RSA *)ASN1_dup((int (*)())i2d_RSAPrivateKey, + (char *(*)())d2i_RSAPrivateKey,(char *)rsa)); + } + +#ifndef NO_FP_API +RSA *d2i_RSAPrivateKey_fp(fp,rsa) +FILE *fp; +RSA *rsa; + { + return((RSA *)ASN1_d2i_fp((char *(*)()) + RSA_new,(char *(*)())d2i_RSAPrivateKey, (fp), + (unsigned char **)(rsa))); + } + +int i2d_RSAPrivateKey_fp(fp,rsa) +FILE *fp; +RSA *rsa; + { + return(ASN1_i2d_fp(i2d_RSAPrivateKey,fp,(unsigned char *)rsa)); + } + +RSA *d2i_RSAPublicKey_fp(fp,rsa) +FILE *fp; +RSA *rsa; + { + return((RSA *)ASN1_d2i_fp((char *(*)()) + RSA_new,(char *(*)())d2i_RSAPublicKey, (fp), + (unsigned char **)(rsa))); + } + +int i2d_RSAPublicKey_fp(fp,rsa) +FILE *fp; +RSA *rsa; + { + return(ASN1_i2d_fp(i2d_RSAPublicKey,fp,(unsigned char *)rsa)); + } +#endif + +RSA *d2i_RSAPrivateKey_bio(bp,rsa) +BIO *bp; +RSA *rsa; + { + return((RSA *)ASN1_d2i_bio((char *(*)()) + RSA_new,(char *(*)())d2i_RSAPrivateKey, (bp), + (unsigned char **)(rsa))); + } + +int i2d_RSAPrivateKey_bio(bp,rsa) +BIO *bp; +RSA *rsa; + { + return(ASN1_i2d_bio(i2d_RSAPrivateKey,bp,(unsigned char *)rsa)); + } + +RSA *d2i_RSAPublicKey_bio(bp,rsa) +BIO *bp; +RSA *rsa; + { + return((RSA *)ASN1_d2i_bio((char *(*)()) + RSA_new,(char *(*)())d2i_RSAPublicKey, (bp), + (unsigned char **)(rsa))); + } + +int i2d_RSAPublicKey_bio(bp,rsa) +BIO *bp; +RSA *rsa; + { + return(ASN1_i2d_bio(i2d_RSAPublicKey,bp,(unsigned char *)rsa)); + } +#endif + +#ifndef NO_DSA +#ifndef NO_FP_API +DSA *d2i_DSAPrivateKey_fp(fp,dsa) +FILE *fp; +DSA *dsa; + { + return((DSA *)ASN1_d2i_fp((char *(*)()) + DSA_new,(char *(*)())d2i_DSAPrivateKey, (fp), + (unsigned char **)(dsa))); + } + +int i2d_DSAPrivateKey_fp(fp,dsa) +FILE *fp; +DSA *dsa; + { + return(ASN1_i2d_fp(i2d_DSAPrivateKey,fp,(unsigned char *)dsa)); + } +#endif + +DSA *d2i_DSAPrivateKey_bio(bp,dsa) +BIO *bp; +DSA *dsa; + { + return((DSA *)ASN1_d2i_bio((char *(*)()) + DSA_new,(char *(*)())d2i_DSAPrivateKey, (bp), + (unsigned char **)(dsa))); + } + +int i2d_DSAPrivateKey_bio(bp,dsa) +BIO *bp; +DSA *dsa; + { + return(ASN1_i2d_bio(i2d_DSAPrivateKey,bp,(unsigned char *)dsa)); + } +#endif + +X509_NAME *X509_NAME_dup(xn) +X509_NAME *xn; + { + return((X509_NAME *)ASN1_dup((int (*)())i2d_X509_NAME, + (char *(*)())d2i_X509_NAME,(char *)xn)); + } + +X509_NAME_ENTRY *X509_NAME_ENTRY_dup(ne) +X509_NAME_ENTRY *ne; + { + return((X509_NAME_ENTRY *)ASN1_dup((int (*)())i2d_X509_NAME_ENTRY, + (char *(*)())d2i_X509_NAME_ENTRY,(char *)ne)); + } + +int X509_digest(data,type,md,len) +X509 *data; +EVP_MD *type; +unsigned char *md; +unsigned int *len; + { + return(ASN1_digest((int (*)())i2d_X509,type,(char *)data,md,len)); + } + +int X509_NAME_digest(data,type,md,len) +X509_NAME *data; +EVP_MD *type; +unsigned char *md; +unsigned int *len; + { + return(ASN1_digest((int (*)())i2d_X509_NAME,type,(char *)data,md,len)); + } + +int PKCS7_ISSUER_AND_SERIAL_digest(data,type,md,len) +PKCS7_ISSUER_AND_SERIAL *data; +EVP_MD *type; +unsigned char *md; +unsigned int *len; + { + return(ASN1_digest((int (*)())i2d_PKCS7_ISSUER_AND_SERIAL,type, + (char *)data,md,len)); + } + diff --git a/src/lib/libcrypto/x509v3/x509v3.h b/src/lib/libcrypto/x509v3/x509v3.h new file mode 100644 index 0000000000..d7945bc9cd --- /dev/null +++ b/src/lib/libcrypto/x509v3/x509v3.h @@ -0,0 +1,87 @@ +/* crypto/x509v3/x509v3.h */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ +#define X509v3_N_KU_digitalSignature 0 +#define X509v3_N_KU_nonRepudiation 1 +#define X509v3_N_KU_keyEncipherment 2 +#define X509v3_N_KU_dataEncipherment 3 +#define X509v3_N_KU_keyAgreement 4 +#define X509v3_N_KU_keyCertSign 5 +#define X509v3_N_KU_cRLSign 6 +#define X509v3_N_KU_encipherOnly 7 +#define X509v3_N_KU_decipherOnly 8 +#define X509v3_N_KU_NUM 9 +#define X509v3_S_KU_digitalSignature "digitalSignature" +#define X509v3_S_KU_nonRepudiation "nonRepudiation" +#define X509v3_S_KU_keyEncipherment "keyEncipherment" +#define X509v3_S_KU_dataEncipherment "dataEncipherment" +#define X509v3_S_KU_keyAgreement "keyAgreement" +#define X509v3_S_KU_keyCertSign "keyCertSign" +#define X509v3_S_KU_cRLSign "cRLSign" +#define X509v3_S_KU_encipherOnly "encipherOnly" +#define X509v3_S_KU_decipherOnly "decipherOnly" + + +void X509_ex_clear(X509_EXTENSION *a); +int X509_ex_get_bool(X509_EXTENSION *a,int num); +int X509_ex_set_bool(X509_EXTENSION *a,int num,int value); +int X509_ex_get_str(X509_EXTENSION *a,int index,char **p,int *len); +int X509_ex_set_str(X509_EXTENSION *a,int oid,int index,char *p,int len); +char *X509_ex_get_struct(X509_EXTENSION *a,int oid,int index,char **p); +int X509_ex_set_struct(X509_EXTENSION *a,int index,char *p); +int a2i_X509_EXTENSION(BIO *bp,X509_EXTENSION *a,char *buf,int len); +int i2a_X509_EXTENSION(BIO *bp,X509_EXTENSION *a); diff --git a/src/lib/libssl/bio_ssl.c b/src/lib/libssl/bio_ssl.c new file mode 100644 index 0000000000..58a6d69b9b --- /dev/null +++ b/src/lib/libssl/bio_ssl.c @@ -0,0 +1,585 @@ +/* ssl/bio_ssl.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include +#include +#include +#include +#include "crypto.h" +#include "bio.h" +#include "err.h" +#include "ssl.h" + +#ifndef NOPROTO +static int ssl_write(BIO *h,char *buf,int num); +static int ssl_read(BIO *h,char *buf,int size); +static int ssl_puts(BIO *h,char *str); +static long ssl_ctrl(BIO *h,int cmd,long arg1,char *arg2); +static int ssl_new(BIO *h); +static int ssl_free(BIO *data); +#else +static int ssl_write(); +static int ssl_read(); +static int ssl_puts(); +static long ssl_ctrl(); +static int ssl_new(); +static int ssl_free(); +#endif + +typedef struct bio_ssl_st + { + SSL *ssl; /* The ssl handle :-) */ + /* re-negotiate every time the total number of bytes is this size */ + int num_renegotiates; + unsigned long renegotiate_count; + unsigned long byte_count; + unsigned long renegotiate_timeout; + unsigned long last_time; + } BIO_SSL; + +static BIO_METHOD methods_sslp= + { + BIO_TYPE_SSL,"ssl", + ssl_write, + ssl_read, + ssl_puts, + NULL, /* ssl_gets, */ + ssl_ctrl, + ssl_new, + ssl_free, + }; + +BIO_METHOD *BIO_f_ssl() + { + return(&methods_sslp); + } + +static int ssl_new(bi) +BIO *bi; + { + BIO_SSL *bs; + + bs=(BIO_SSL *)Malloc(sizeof(BIO_SSL)); + if (bs == NULL) + { + BIOerr(BIO_F_SSL_NEW,ERR_R_MALLOC_FAILURE); + return(0); + } + memset(bs,0,sizeof(BIO_SSL)); + bi->init=0; + bi->ptr=(char *)bs; + bi->flags=0; + return(1); + } + +static int ssl_free(a) +BIO *a; + { + BIO_SSL *bs; + + if (a == NULL) return(0); + bs=(BIO_SSL *)a->ptr; + if (bs->ssl != NULL) SSL_shutdown(bs->ssl); + if (a->shutdown) + { + if (a->init && (bs->ssl != NULL)) + SSL_free(bs->ssl); + a->init=0; + a->flags=0; + } + if (a->ptr != NULL) + Free(a->ptr); + return(1); + } + +static int ssl_read(b,out,outl) +BIO *b; +char *out; +int outl; + { + int ret=1; + BIO_SSL *sb; + SSL *ssl; + int retry_reason=0; + int r=0; + + if (out == NULL) return(0); + sb=(BIO_SSL *)b->ptr; + ssl=sb->ssl; + + BIO_clear_retry_flags(b); + +#if 0 + if (!SSL_is_init_finished(ssl)) + { +/* ret=SSL_do_handshake(ssl); */ + if (ret > 0) + { + + outflags=(BIO_FLAGS_READ|BIO_FLAGS_SHOULD_RETRY); + ret= -1; + goto end; + } + } +#endif +/* if (ret > 0) */ + ret=SSL_read(ssl,out,outl); + + switch (SSL_get_error(ssl,ret)) + { + case SSL_ERROR_NONE: + if (ret <= 0) break; + if (sb->renegotiate_count > 0) + { + sb->byte_count+=ret; + if (sb->byte_count > sb->renegotiate_count) + { + sb->byte_count=0; + sb->num_renegotiates++; + SSL_renegotiate(ssl); + r=1; + } + } + if ((sb->renegotiate_timeout > 0) && (!r)) + { + unsigned long tm; + + tm=(unsigned long)time(NULL); + if (tm > sb->last_time+sb->renegotiate_timeout) + { + sb->last_time=tm; + sb->num_renegotiates++; + SSL_renegotiate(ssl); + } + } + + break; + case SSL_ERROR_WANT_READ: + BIO_set_retry_read(b); + break; + case SSL_ERROR_WANT_WRITE: + BIO_set_retry_write(b); + break; + case SSL_ERROR_WANT_X509_LOOKUP: + BIO_set_retry_special(b); + retry_reason=BIO_RR_SSL_X509_LOOKUP; + break; + case SSL_ERROR_WANT_CONNECT: + BIO_set_retry_special(b); + retry_reason=BIO_RR_CONNECT; + break; + case SSL_ERROR_SYSCALL: + case SSL_ERROR_SSL: + case SSL_ERROR_ZERO_RETURN: + default: + break; + } + + b->retry_reason=retry_reason; + return(ret); + } + +static int ssl_write(b,out,outl) +BIO *b; +char *out; +int outl; + { + int ret,r=0; + int retry_reason=0; + SSL *ssl; + BIO_SSL *bs; + + if (out == NULL) return(0); + bs=(BIO_SSL *)b->ptr; + ssl=bs->ssl; + + BIO_clear_retry_flags(b); + +/* ret=SSL_do_handshake(ssl); + if (ret > 0) */ + ret=SSL_write(ssl,out,outl); + + switch (SSL_get_error(ssl,ret)) + { + case SSL_ERROR_NONE: + if (ret <= 0) break; + if (bs->renegotiate_count > 0) + { + bs->byte_count+=ret; + if (bs->byte_count > bs->renegotiate_count) + { + bs->byte_count=0; + bs->num_renegotiates++; + SSL_renegotiate(ssl); + r=1; + } + } + if ((bs->renegotiate_timeout > 0) && (!r)) + { + unsigned long tm; + + tm=(unsigned long)time(NULL); + if (tm > bs->last_time+bs->renegotiate_timeout) + { + bs->last_time=tm; + bs->num_renegotiates++; + SSL_renegotiate(ssl); + } + } + break; + case SSL_ERROR_WANT_WRITE: + BIO_set_retry_write(b); + break; + case SSL_ERROR_WANT_READ: + BIO_set_retry_read(b); + break; + case SSL_ERROR_WANT_X509_LOOKUP: + BIO_set_retry_special(b); + retry_reason=BIO_RR_SSL_X509_LOOKUP; + break; + case SSL_ERROR_WANT_CONNECT: + BIO_set_retry_special(b); + retry_reason=BIO_RR_CONNECT; + case SSL_ERROR_SYSCALL: + case SSL_ERROR_SSL: + default: + break; + } + + b->retry_reason=retry_reason; + return(ret); + } + +static long ssl_ctrl(b,cmd,num,ptr) +BIO *b; +int cmd; +long num; +char *ptr; + { + SSL **sslp,*ssl; + BIO_SSL *bs; + BIO *dbio,*bio; + long ret=1; + + bs=(BIO_SSL *)b->ptr; + ssl=bs->ssl; + if ((ssl == NULL) && (cmd != BIO_C_SET_SSL)) + return(0); + switch (cmd) + { + case BIO_CTRL_RESET: + SSL_shutdown(ssl); + + if (ssl->handshake_func == ssl->method->ssl_connect) + SSL_set_connect_state(ssl); + else if (ssl->handshake_func == ssl->method->ssl_accept) + SSL_set_accept_state(ssl); + + SSL_clear(ssl); + + if (b->next_bio != NULL) + ret=BIO_ctrl(b->next_bio,cmd,num,ptr); + else if (ssl->rbio != NULL) + ret=BIO_ctrl(ssl->rbio,cmd,num,ptr); + else + ret=1; + break; + case BIO_CTRL_INFO: + ret=0; + break; + case BIO_C_SSL_MODE: + if (num) /* client mode */ + SSL_set_connect_state(ssl); + else + SSL_set_accept_state(ssl); + break; + case BIO_C_SET_SSL_RENEGOTIATE_TIMEOUT: + ret=bs->renegotiate_timeout; + if (num < 60) num=5; + bs->renegotiate_timeout=(unsigned long)num; + bs->last_time=(unsigned long)time(NULL); + break; + case BIO_C_SET_SSL_RENEGOTIATE_BYTES: + ret=bs->renegotiate_count; + if ((long)num >=512) + bs->renegotiate_count=(unsigned long)num; + break; + case BIO_C_GET_SSL_NUM_RENEGOTIATES: + ret=bs->num_renegotiates; + break; + case BIO_C_SET_SSL: + if (ssl != NULL) + ssl_free(b); + b->shutdown=(int)num; + ssl=(SSL *)ptr; + ((BIO_SSL *)b->ptr)->ssl=ssl; + bio=SSL_get_rbio(ssl); + if (bio != NULL) + { + if (b->next_bio != NULL) + BIO_push(bio,b->next_bio); + b->next_bio=bio; + CRYPTO_add(&bio->references,1,CRYPTO_LOCK_BIO); + } + b->init=1; + break; + case BIO_C_GET_SSL: + if (ptr != NULL) + { + sslp=(SSL **)ptr; + *sslp=ssl; + } + else + ret=0; + break; + case BIO_CTRL_GET_CLOSE: + ret=b->shutdown; + break; + case BIO_CTRL_SET_CLOSE: + b->shutdown=(int)num; + break; + case BIO_CTRL_WPENDING: + ret=BIO_ctrl(ssl->wbio,cmd,num,ptr); + break; + case BIO_CTRL_PENDING: + ret=SSL_pending(ssl); + if (ret == 0) + ret=BIO_pending(ssl->rbio); + break; + case BIO_CTRL_FLUSH: + BIO_clear_retry_flags(b); + ret=BIO_ctrl(ssl->wbio,cmd,num,ptr); + BIO_copy_next_retry(b); + break; + case BIO_CTRL_PUSH: + if ((b->next_bio != NULL) && (b->next_bio != ssl->rbio)) + { + SSL_set_bio(ssl,b->next_bio,b->next_bio); + CRYPTO_add(&b->next_bio->references,1,CRYPTO_LOCK_BIO); + } + break; + case BIO_CTRL_POP: + /* ugly bit of a hack */ + if (ssl->rbio != ssl->wbio) /* we are in trouble :-( */ + { + BIO_free_all(ssl->wbio); + } + ssl->wbio=NULL; + ssl->rbio=NULL; + break; + case BIO_C_DO_STATE_MACHINE: + BIO_clear_retry_flags(b); + + b->retry_reason=0; + ret=(int)SSL_do_handshake(ssl); + + switch (SSL_get_error(ssl,(int)ret)) + { + case SSL_ERROR_WANT_READ: + BIO_set_flags(b, + BIO_FLAGS_READ|BIO_FLAGS_SHOULD_RETRY); + break; + case SSL_ERROR_WANT_WRITE: + BIO_set_flags(b, + BIO_FLAGS_WRITE|BIO_FLAGS_SHOULD_RETRY); + break; + case SSL_ERROR_WANT_CONNECT: + BIO_set_flags(b, + BIO_FLAGS_IO_SPECIAL|BIO_FLAGS_SHOULD_RETRY); + b->retry_reason=b->next_bio->retry_reason; + break; + default: + break; + } + break; + case BIO_CTRL_DUP: + dbio=(BIO *)ptr; + if (((BIO_SSL *)dbio->ptr)->ssl != NULL) + SSL_free(((BIO_SSL *)dbio->ptr)->ssl); + ((BIO_SSL *)dbio->ptr)->ssl=SSL_dup(ssl); + ((BIO_SSL *)dbio->ptr)->renegotiate_count= + ((BIO_SSL *)b->ptr)->renegotiate_count; + ((BIO_SSL *)dbio->ptr)->byte_count= + ((BIO_SSL *)b->ptr)->byte_count; + ((BIO_SSL *)dbio->ptr)->renegotiate_timeout= + ((BIO_SSL *)b->ptr)->renegotiate_timeout; + ((BIO_SSL *)dbio->ptr)->last_time= + ((BIO_SSL *)b->ptr)->last_time; + ret=(((BIO_SSL *)dbio->ptr)->ssl != NULL); + break; + case BIO_C_GET_FD: + ret=BIO_ctrl(ssl->rbio,cmd,num,ptr); + break; + case BIO_CTRL_SET_CALLBACK: + SSL_set_info_callback(ssl,(void (*)())ptr); + break; + case BIO_CTRL_GET_CALLBACK: + { + void (**fptr)(); + + fptr=(void (**)())ptr; + *fptr=SSL_get_info_callback(ssl); + } + break; + default: + ret=BIO_ctrl(ssl->rbio,cmd,num,ptr); + break; + } + return(ret); + } + +static int ssl_puts(bp,str) +BIO *bp; +char *str; + { + int n,ret; + + n=strlen(str); + ret=BIO_write(bp,str,n); + return(ret); + } + +BIO *BIO_new_buffer_ssl_connect(ctx) +SSL_CTX *ctx; + { + BIO *ret=NULL,*buf=NULL,*ssl=NULL; + + if ((buf=BIO_new(BIO_f_buffer())) == NULL) + return(NULL); + if ((ssl=BIO_new_ssl_connect(ctx)) == NULL) + goto err; + if ((ret=BIO_push(buf,ssl)) == NULL) + goto err; + return(ret); +err: + if (buf != NULL) BIO_free(buf); + if (ssl != NULL) BIO_free(ssl); + return(NULL); + } + +BIO *BIO_new_ssl_connect(ctx) +SSL_CTX *ctx; + { + BIO *ret=NULL,*con=NULL,*ssl=NULL; + + if ((con=BIO_new(BIO_s_connect())) == NULL) + return(NULL); + if ((ssl=BIO_new_ssl(ctx,1)) == NULL) + goto err; + if ((ret=BIO_push(ssl,con)) == NULL) + goto err; + return(ret); +err: + if (con != NULL) BIO_free(con); + if (ret != NULL) BIO_free(ret); + return(NULL); + } + +BIO *BIO_new_ssl(ctx,client) +SSL_CTX *ctx; +int client; + { + BIO *ret; + SSL *ssl; + + if ((ret=BIO_new(BIO_f_ssl())) == NULL) + return(NULL); + if ((ssl=SSL_new(ctx)) == NULL) + { + BIO_free(ret); + return(NULL); + } + if (client) + SSL_set_connect_state(ssl); + else + SSL_set_accept_state(ssl); + + BIO_set_ssl(ret,ssl,BIO_CLOSE); + return(ret); + } + +int BIO_ssl_copy_session_id(t,f) +BIO *t,*f; + { + t=BIO_find_type(t,BIO_TYPE_SSL); + f=BIO_find_type(f,BIO_TYPE_SSL); + if ((t == NULL) || (f == NULL)) + return(0); + if ( (((BIO_SSL *)t->ptr)->ssl == NULL) || + (((BIO_SSL *)f->ptr)->ssl == NULL)) + return(0); + SSL_copy_session_id(((BIO_SSL *)t->ptr)->ssl,((BIO_SSL *)f->ptr)->ssl); + return(1); + } + +void BIO_ssl_shutdown(b) +BIO *b; + { + SSL *s; + + while (b != NULL) + { + if (b->method->type == BIO_TYPE_SSL) + { + s=((BIO_SSL *)b->ptr)->ssl; + SSL_shutdown(s); + break; + } + b=b->next_bio; + } + } diff --git a/src/lib/libssl/s23_clnt.c b/src/lib/libssl/s23_clnt.c new file mode 100644 index 0000000000..a4661ebb68 --- /dev/null +++ b/src/lib/libssl/s23_clnt.c @@ -0,0 +1,466 @@ +/* ssl/s23_clnt.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include +#include "buffer.h" +#include "rand.h" +#include "objects.h" +#include "evp.h" +#include "ssl_locl.h" + +#define BREAK break + +#ifndef NOPROTO +static int ssl23_client_hello(SSL *s); +static int ssl23_get_server_hello(SSL *s); +#else +static int ssl23_client_hello(); +static int ssl23_get_server_hello(); +#endif + +static SSL_METHOD *ssl23_get_client_method(ver) +int ver; + { + if (ver == SSL2_VERSION) + return(SSLv2_client_method()); + else if (ver == SSL3_VERSION) + return(SSLv3_client_method()); + else if (ver == TLS1_VERSION) + return(TLSv1_client_method()); + else + return(NULL); + } + +SSL_METHOD *SSLv23_client_method() + { + static int init=1; + static SSL_METHOD SSLv23_client_data; + + if (init) + { + init=0; + memcpy((char *)&SSLv23_client_data, + (char *)sslv23_base_method(),sizeof(SSL_METHOD)); + SSLv23_client_data.ssl_connect=ssl23_connect; + SSLv23_client_data.get_ssl_method=ssl23_get_client_method; + } + return(&SSLv23_client_data); + } + +int ssl23_connect(s) +SSL *s; + { + BUF_MEM *buf; + unsigned long Time=time(NULL); + void (*cb)()=NULL; + int ret= -1; + int new_state,state; + + RAND_seed((unsigned char *)&Time,sizeof(Time)); + ERR_clear_error(); + clear_sys_error(); + + if (s->info_callback != NULL) + cb=s->info_callback; + else if (s->ctx->info_callback != NULL) + cb=s->ctx->info_callback; + + if (!SSL_in_init(s) || SSL_in_before(s)) SSL_clear(s); + s->in_handshake++; + + for (;;) + { + state=s->state; + + switch(s->state) + { + case SSL_ST_BEFORE: + case SSL_ST_CONNECT: + case SSL_ST_BEFORE|SSL_ST_CONNECT: + case SSL_ST_OK|SSL_ST_CONNECT: + + if (cb != NULL) cb(s,SSL_CB_HANDSHAKE_START,1); + + /* s->version=TLS1_VERSION; */ + s->type=SSL_ST_CONNECT; + + if (s->init_buf == NULL) + { + if ((buf=BUF_MEM_new()) == NULL) + { + ret= -1; + goto end; + } + if (!BUF_MEM_grow(buf,SSL3_RT_MAX_PLAIN_LENGTH)) + { + ret= -1; + goto end; + } + s->init_buf=buf; + } + + if (!ssl3_setup_buffers(s)) { ret= -1; goto end; } + + ssl3_init_finished_mac(s); + + s->state=SSL23_ST_CW_CLNT_HELLO_A; + s->ctx->sess_connect++; + s->init_num=0; + break; + + case SSL23_ST_CW_CLNT_HELLO_A: + case SSL23_ST_CW_CLNT_HELLO_B: + + s->shutdown=0; + ret=ssl23_client_hello(s); + if (ret <= 0) goto end; + s->state=SSL23_ST_CR_SRVR_HELLO_A; + s->init_num=0; + + break; + + case SSL23_ST_CR_SRVR_HELLO_A: + case SSL23_ST_CR_SRVR_HELLO_B: + ret=ssl23_get_server_hello(s); + if (ret >= 0) cb=NULL; + goto end; + break; + + default: + SSLerr(SSL_F_SSL23_CONNECT,SSL_R_UNKNOWN_STATE); + ret= -1; + goto end; + /* break; */ + } + + if (s->debug) BIO_flush(s->wbio); + + if ((cb != NULL) && (s->state != state)) + { + new_state=s->state; + s->state=state; + cb(s,SSL_CB_CONNECT_LOOP,1); + s->state=new_state; + } + } +end: + s->in_handshake--; + if (cb != NULL) + cb(s,SSL_CB_CONNECT_EXIT,ret); + return(ret); + } + + +static int ssl23_client_hello(s) +SSL *s; + { + unsigned char *buf; + unsigned char *p,*d; + int i,ch_len; + + buf=(unsigned char *)s->init_buf->data; + if (s->state == SSL23_ST_CW_CLNT_HELLO_A) + { +#if 0 + /* don't reuse session-id's */ + if (!ssl_get_new_session(s,0)) + { + return(-1); + } +#endif + + p=s->s3->client_random; + RAND_bytes(p,SSL3_RANDOM_SIZE); + + /* Do the message type and length last */ + d= &(buf[2]); + p=d+9; + + *(d++)=SSL2_MT_CLIENT_HELLO; + if (!(s->options & SSL_OP_NO_TLSv1)) + { + *(d++)=TLS1_VERSION_MAJOR; + *(d++)=TLS1_VERSION_MINOR; + } + else if (!(s->options & SSL_OP_NO_SSLv3)) + { + *(d++)=SSL3_VERSION_MAJOR; + *(d++)=SSL3_VERSION_MINOR; + } + else if (!(s->options & SSL_OP_NO_SSLv2)) + { + *(d++)=SSL2_VERSION_MAJOR; + *(d++)=SSL2_VERSION_MINOR; + } + else + { + SSLerr(SSL_F_SSL23_CLIENT_HELLO,SSL_R_NO_PROTOCOLS_AVAILABLE); + return(-1); + } + + /* Ciphers supported */ + i=ssl_cipher_list_to_bytes(s,SSL_get_ciphers(s),p); + if (i == 0) + { + /* no ciphers */ + SSLerr(SSL_F_SSL23_CLIENT_HELLO,SSL_R_NO_CIPHERS_AVAILABLE); + return(-1); + } + s2n(i,d); + p+=i; + + /* put in the session-id, zero since there is no + * reuse. */ +#if 0 + s->session->session_id_length=0; +#endif + s2n(0,d); + + if (s->options & SSL_OP_NETSCAPE_CHALLENGE_BUG) + ch_len=SSL2_CHALLENGE_LENGTH; + else + ch_len=SSL2_MAX_CHALLENGE_LENGTH; + + /* write out sslv2 challenge */ + if (SSL3_RANDOM_SIZE < ch_len) + i=SSL3_RANDOM_SIZE; + else + i=ch_len; + s2n(i,d); + memset(&(s->s3->client_random[0]),0,SSL3_RANDOM_SIZE); + RAND_bytes(&(s->s3->client_random[SSL3_RANDOM_SIZE-i]),i); + memcpy(p,&(s->s3->client_random[SSL3_RANDOM_SIZE-i]),i); + p+=i; + + i= p- &(buf[2]); + buf[0]=((i>>8)&0xff)|0x80; + buf[1]=(i&0xff); + + s->state=SSL23_ST_CW_CLNT_HELLO_B; + /* number of bytes to write */ + s->init_num=i+2; + s->init_off=0; + + ssl3_finish_mac(s,&(buf[2]),i); + } + + /* SSL3_ST_CW_CLNT_HELLO_B */ + return(ssl23_write_bytes(s)); + } + +static int ssl23_get_server_hello(s) +SSL *s; + { + char buf[8]; + unsigned char *p; + int i,ch_len; + int n; + + n=ssl23_read_bytes(s,7); + + if (n != 7) return(n); + p=s->packet; + + memcpy(buf,p,n); + + if ((p[0] & 0x80) && (p[2] == SSL2_MT_SERVER_HELLO) && + (p[5] == 0x00) && (p[6] == 0x02)) + { + /* we are talking sslv2 */ + /* we need to clean up the SSLv3 setup and put in the + * sslv2 stuff. */ + + if (s->options & SSL_OP_NO_SSLv2) + { + SSLerr(SSL_F_SSL23_GET_SERVER_HELLO,SSL_R_UNSUPPORTED_PROTOCOL); + goto err; + } + if (s->s2 == NULL) + { + if (!ssl2_new(s)) + goto err; + } + else + ssl2_clear(s); + + if (s->options & SSL_OP_NETSCAPE_CHALLENGE_BUG) + ch_len=SSL2_CHALLENGE_LENGTH; + else + ch_len=SSL2_MAX_CHALLENGE_LENGTH; + + /* write out sslv2 challenge */ + i=(SSL3_RANDOM_SIZE < ch_len) + ?SSL3_RANDOM_SIZE:ch_len; + s->s2->challenge_length=i; + memcpy(s->s2->challenge, + &(s->s3->client_random[SSL3_RANDOM_SIZE-i]),i); + + if (s->s3 != NULL) ssl3_free(s); + + if (!BUF_MEM_grow(s->init_buf, + SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER)) + { + SSLerr(SSL_F_SSL23_GET_SERVER_HELLO,ERR_R_BUF_LIB); + goto err; + } + + s->state=SSL2_ST_GET_SERVER_HELLO_A; + s->s2->ssl2_rollback=1; + + /* setup the 5 bytes we have read so we get them from + * the sslv2 buffer */ + s->rstate=SSL_ST_READ_HEADER; + s->packet_length=n; + s->packet= &(s->s2->rbuf[0]); + memcpy(s->packet,buf,n); + s->s2->rbuf_left=n; + s->s2->rbuf_offs=0; + + /* we have already written one */ + s->s2->write_sequence=1; + + s->method=SSLv2_client_method(); + s->handshake_func=s->method->ssl_connect; + } + else if ((p[0] == SSL3_RT_HANDSHAKE) && + (p[1] == SSL3_VERSION_MAJOR) && + ((p[2] == SSL3_VERSION_MINOR) || + (p[2] == TLS1_VERSION_MINOR)) && + (p[5] == SSL3_MT_SERVER_HELLO)) + { + /* we have sslv3 or tls1 */ + + if (!ssl_init_wbio_buffer(s,1)) goto err; + + /* we are in this state */ + s->state=SSL3_ST_CR_SRVR_HELLO_A; + + /* put the 5 bytes we have read into the input buffer + * for SSLv3 */ + s->rstate=SSL_ST_READ_HEADER; + s->packet_length=n; + s->packet= &(s->s3->rbuf.buf[0]); + memcpy(s->packet,buf,n); + s->s3->rbuf.left=n; + s->s3->rbuf.offset=0; + + if ((p[2] == SSL3_VERSION_MINOR) && + !(s->options & SSL_OP_NO_SSLv3)) + { + s->version=SSL3_VERSION; + s->method=SSLv3_client_method(); + } + else if ((p[2] == TLS1_VERSION_MINOR) && + !(s->options & SSL_OP_NO_TLSv1)) + { + s->version=TLS1_VERSION; + s->method=TLSv1_client_method(); + } + else + { + SSLerr(SSL_F_SSL23_GET_SERVER_HELLO,SSL_R_UNSUPPORTED_PROTOCOL); + goto err; + } + + s->handshake_func=s->method->ssl_connect; + } + else if ((p[0] == SSL3_RT_ALERT) && + (p[1] == SSL3_VERSION_MAJOR) && + ((p[2] == SSL3_VERSION_MINOR) || + (p[2] == TLS1_VERSION_MINOR)) && + (p[3] == 0) && + (p[4] == 2)) + { + void (*cb)()=NULL; + int j; + + /* An alert */ + if (s->info_callback != NULL) + cb=s->info_callback; + else if (s->ctx->info_callback != NULL) + cb=s->ctx->info_callback; + + i=p[5]; + if (cb != NULL) + { + j=(i<<8)|p[6]; + cb(s,SSL_CB_READ_ALERT,j); + } + + s->rwstate=SSL_NOTHING; + SSLerr(SSL_F_SSL23_GET_SERVER_HELLO,1000+p[6]); + goto err; + } + else + { + SSLerr(SSL_F_SSL23_GET_SERVER_HELLO,SSL_R_UNKNOWN_PROTOCOL); + goto err; + } + s->init_num=0; + + /* Since, if we are sending a ssl23 client hello, we are not + * reusing a session-id */ + if (!ssl_get_new_session(s,0)) + goto err; + + s->first_packet=1; + return(SSL_connect(s)); +err: + return(-1); + } + diff --git a/src/lib/libssl/s23_lib.c b/src/lib/libssl/s23_lib.c new file mode 100644 index 0000000000..e16f641101 --- /dev/null +++ b/src/lib/libssl/s23_lib.c @@ -0,0 +1,233 @@ +/* ssl/s23_lib.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include +#include "objects.h" +#include "ssl_locl.h" + +#ifndef NOPROTO +static int ssl23_num_ciphers(void ); +static SSL_CIPHER *ssl23_get_cipher(unsigned int u); +static int ssl23_read(SSL *s, char *buf, int len); +static int ssl23_write(SSL *s, char *buf, int len); +static long ssl23_default_timeout(void ); +static int ssl23_put_cipher_by_char(SSL_CIPHER *c, unsigned char *p); +static SSL_CIPHER *ssl23_get_cipher_by_char(unsigned char *p); +#else +static int ssl23_num_ciphers(); +static SSL_CIPHER *ssl23_get_cipher(); +static int ssl23_read(); +static int ssl23_write(); +static long ssl23_default_timeout(); +static int ssl23_put_cipher_by_char(); +static SSL_CIPHER *ssl23_get_cipher_by_char(); +#endif + +char *SSL23_version_str="SSLv2/3 compatablity part of SSLeay 0.7.0 30-Jan-1997"; + +static SSL_METHOD SSLv23_data= { + TLS1_VERSION, + tls1_new, + tls1_clear, + tls1_free, + ssl_undefined_function, + ssl_undefined_function, + ssl23_read, + ssl_undefined_function, + ssl23_write, + ssl_undefined_function, + ssl_undefined_function, + ssl3_ctrl, + ssl3_ctx_ctrl, + ssl23_get_cipher_by_char, + ssl23_put_cipher_by_char, + ssl_undefined_function, + ssl23_num_ciphers, + ssl23_get_cipher, + ssl_bad_method, + ssl23_default_timeout, + &ssl3_undef_enc_method, + }; + +static long ssl23_default_timeout() + { + return(300); + } + +SSL_METHOD *sslv23_base_method() + { + return(&SSLv23_data); + } + +static int ssl23_num_ciphers() + { + return(ssl3_num_ciphers()+ssl2_num_ciphers()); + } + +static SSL_CIPHER *ssl23_get_cipher(u) +unsigned int u; + { + unsigned int uu=ssl3_num_ciphers(); + + if (u < uu) + return(ssl3_get_cipher(u)); + else + return(ssl2_get_cipher(u-uu)); + } + +/* This function needs to check if the ciphers required are actually + * available */ +static SSL_CIPHER *ssl23_get_cipher_by_char(p) +unsigned char *p; + { + SSL_CIPHER c,*cp; + unsigned long id; + int n; + + n=ssl3_num_ciphers(); + id=0x03000000|((unsigned long)p[0]<<16L)| + ((unsigned long)p[1]<<8L)|(unsigned long)p[2]; + c.id=id; + cp=ssl3_get_cipher_by_char(p); + if (cp == NULL) + cp=ssl2_get_cipher_by_char(p); + return(cp); + } + +static int ssl23_put_cipher_by_char(c,p) +SSL_CIPHER *c; +unsigned char *p; + { + long l; + + /* We can write SSLv2 and SSLv3 ciphers */ + if (p != NULL) + { + l=c->id; + p[0]=((unsigned char)(l>>16L))&0xFF; + p[1]=((unsigned char)(l>> 8L))&0xFF; + p[2]=((unsigned char)(l ))&0xFF; + } + return(3); + } + +static int ssl23_read(s,buf,len) +SSL *s; +char *buf; +int len; + { + int n; + +#if 0 + if (s->shutdown & SSL_RECEIVED_SHUTDOWN) + { + s->rwstate=SSL_NOTHING; + return(0); + } +#endif + clear_sys_error(); + if (SSL_in_init(s) && (!s->in_handshake)) + { + n=s->handshake_func(s); + if (n < 0) return(n); + if (n == 0) + { + SSLerr(SSL_F_SSL23_READ,SSL_R_SSL_HANDSHAKE_FAILURE); + return(-1); + } + return(SSL_read(s,buf,len)); + } + else + { + ssl_undefined_function(s); + return(-1); + } + } + +static int ssl23_write(s,buf,len) +SSL *s; +char *buf; +int len; + { + int n; + +#if 0 + if (s->shutdown & SSL_SENT_SHUTDOWN) + { + s->rwstate=SSL_NOTHING; + return(0); + } +#endif + clear_sys_error(); + if (SSL_in_init(s) && (!s->in_handshake)) + { + n=s->handshake_func(s); + if (n < 0) return(n); + if (n == 0) + { + SSLerr(SSL_F_SSL23_WRITE,SSL_R_SSL_HANDSHAKE_FAILURE); + return(-1); + } + return(SSL_write(s,buf,len)); + } + else + { + ssl_undefined_function(s); + return(-1); + } + } diff --git a/src/lib/libssl/s23_pkt.c b/src/lib/libssl/s23_pkt.c new file mode 100644 index 0000000000..c25c312772 --- /dev/null +++ b/src/lib/libssl/s23_pkt.c @@ -0,0 +1,120 @@ +/* ssl/s23_pkt.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include +#include +#define USE_SOCKETS +#include "evp.h" +#include "buffer.h" +#include "ssl_locl.h" + +int ssl23_write_bytes(s) +SSL *s; + { + int i,num,tot; + char *buf; + + buf=s->init_buf->data; + tot=s->init_off; + num=s->init_num; + for (;;) + { + s->rwstate=SSL_WRITING; + i=BIO_write(s->wbio,&(buf[tot]),num); + if (i < 0) + { + s->init_off=tot; + s->init_num=num; + return(i); + } + s->rwstate=SSL_NOTHING; + if (i == num) return(tot+i); + + num-=i; + tot+=i; + } + } + +/* only return when we have read 'n' bytes */ +int ssl23_read_bytes(s,n) +SSL *s; +int n; + { + unsigned char *p; + int j; + + if (s->packet_length < (unsigned int)n) + { + p=s->packet; + + for (;;) + { + s->rwstate=SSL_READING; + j=BIO_read(s->rbio,(char *)&(p[s->packet_length]), + n-s->packet_length); + if (j <= 0) + return(j); + s->rwstate=SSL_NOTHING; + s->packet_length+=j; + if (s->packet_length >= (unsigned int)n) + return(s->packet_length); + } + } + return(n); + } + diff --git a/src/lib/libssl/s23_srvr.c b/src/lib/libssl/s23_srvr.c new file mode 100644 index 0000000000..c7b9ecbcf2 --- /dev/null +++ b/src/lib/libssl/s23_srvr.c @@ -0,0 +1,499 @@ +/* ssl/s23_srvr.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include +#include "buffer.h" +#include "rand.h" +#include "objects.h" +#include "evp.h" +#include "ssl_locl.h" + +#define BREAK break + +#ifndef NOPROTO +int ssl23_get_client_hello(SSL *s); +#else +int ssl23_get_client_hello(); +#endif + +static SSL_METHOD *ssl23_get_server_method(ver) +int ver; + { + if (ver == SSL2_VERSION) + return(SSLv2_server_method()); + else if (ver == SSL3_VERSION) + return(SSLv3_server_method()); + else if (ver == TLS1_VERSION) + return(TLSv1_server_method()); + else + return(NULL); + } + +SSL_METHOD *SSLv23_server_method() + { + static int init=1; + static SSL_METHOD SSLv23_server_data; + + if (init) + { + init=0; + memcpy((char *)&SSLv23_server_data, + (char *)sslv23_base_method(),sizeof(SSL_METHOD)); + SSLv23_server_data.ssl_accept=ssl23_accept; + SSLv23_server_data.get_ssl_method=ssl23_get_server_method; + } + return(&SSLv23_server_data); + } + +int ssl23_accept(s) +SSL *s; + { + BUF_MEM *buf; + unsigned long Time=time(NULL); + void (*cb)()=NULL; + int ret= -1; + int new_state,state; + + RAND_seed((unsigned char *)&Time,sizeof(Time)); + ERR_clear_error(); + clear_sys_error(); + + if (s->info_callback != NULL) + cb=s->info_callback; + else if (s->ctx->info_callback != NULL) + cb=s->ctx->info_callback; + + if (!SSL_in_init(s) || SSL_in_before(s)) SSL_clear(s); + s->in_handshake++; + + for (;;) + { + state=s->state; + + switch(s->state) + { + case SSL_ST_BEFORE: + case SSL_ST_ACCEPT: + case SSL_ST_BEFORE|SSL_ST_ACCEPT: + case SSL_ST_OK|SSL_ST_ACCEPT: + + if (cb != NULL) cb(s,SSL_CB_HANDSHAKE_START,1); + + /* s->version=SSL3_VERSION; */ + s->type=SSL_ST_ACCEPT; + + if (s->init_buf == NULL) + { + if ((buf=BUF_MEM_new()) == NULL) + { + ret= -1; + goto end; + } + if (!BUF_MEM_grow(buf,SSL3_RT_MAX_PLAIN_LENGTH)) + { + ret= -1; + goto end; + } + s->init_buf=buf; + } + + ssl3_init_finished_mac(s); + + s->state=SSL23_ST_SR_CLNT_HELLO_A; + s->ctx->sess_accept++; + s->init_num=0; + break; + + case SSL23_ST_SR_CLNT_HELLO_A: + case SSL23_ST_SR_CLNT_HELLO_B: + + s->shutdown=0; + ret=ssl23_get_client_hello(s); + if (ret >= 0) cb=NULL; + goto end; + break; + + default: + SSLerr(SSL_F_SSL23_ACCEPT,SSL_R_UNKNOWN_STATE); + ret= -1; + goto end; + /* break; */ + } + + if ((cb != NULL) && (s->state != state)) + { + new_state=s->state; + s->state=state; + cb(s,SSL_CB_ACCEPT_LOOP,1); + s->state=new_state; + } + } +end: + if (cb != NULL) + cb(s,SSL_CB_ACCEPT_EXIT,ret); + s->in_handshake--; + return(ret); + } + + +int ssl23_get_client_hello(s) +SSL *s; + { + char buf_space[8]; + char *buf= &(buf_space[0]); + unsigned char *p,*d,*dd; + unsigned int i; + unsigned int csl,sil,cl; + int n=0,j,tls1=0; + int type=0,use_sslv2_strong=0; + + /* read the initial header */ + if (s->state == SSL23_ST_SR_CLNT_HELLO_A) + { + if (!ssl3_setup_buffers(s)) goto err; + + n=ssl23_read_bytes(s,7); + if (n != 7) return(n); + + p=s->packet; + + memcpy(buf,p,n); + + if ((p[0] & 0x80) && (p[2] == SSL2_MT_CLIENT_HELLO)) + { + /* SSLv2 header */ + if ((p[3] == 0x00) && (p[4] == 0x02)) + { + /* SSLv2 */ + if (!(s->options & SSL_OP_NO_SSLv2)) + type=1; + } + else if (p[3] == SSL3_VERSION_MAJOR) + { + /* SSLv3/TLSv1 */ + if (p[4] >= TLS1_VERSION_MINOR) + { + if (!(s->options & SSL_OP_NO_TLSv1)) + { + tls1=1; + s->state=SSL23_ST_SR_CLNT_HELLO_B; + } + else if (!(s->options & SSL_OP_NO_SSLv3)) + { + s->state=SSL23_ST_SR_CLNT_HELLO_B; + } + } + else if (!(s->options & SSL_OP_NO_SSLv3)) + s->state=SSL23_ST_SR_CLNT_HELLO_B; + + if (s->options & SSL_OP_NON_EXPORT_FIRST) + { + STACK *sk; + SSL_CIPHER *c; + int ne2,ne3; + + j=((p[0]&0x7f)<<8)|p[1]; + if (j > (1024*4)) + { + SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO,SSL_R_RECORD_TOO_LARGE); + goto err; + } + + n=ssl23_read_bytes(s,j+2); + if (n <= 0) return(n); + p=s->packet; + + if ((buf=Malloc(n)) == NULL) + { + SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO,ERR_R_MALLOC_FAILURE); + goto err; + } + memcpy(buf,p,n); + + p+=5; + n2s(p,csl); + p+=4; + + sk=ssl_bytes_to_cipher_list( + s,p,csl,NULL); + if (sk != NULL) + { + ne2=ne3=0; + for (j=0; jalgorithms & SSL_EXP)) + { + if ((c->id>>24L) == 2L) + ne2=1; + else + ne3=1; + } + } + if (ne2 && !ne3) + { + type=1; + use_sslv2_strong=1; + goto next_bit; + } + } + } + } + } + else if ((p[0] == SSL3_RT_HANDSHAKE) && + (p[1] == SSL3_VERSION_MAJOR) && + (p[5] == SSL3_MT_CLIENT_HELLO)) + { + /* true SSLv3 or tls1 */ + if (p[2] >= TLS1_VERSION_MINOR) + { + if (!(s->options & SSL_OP_NO_TLSv1)) + { + type=3; + tls1=1; + } + else if (!(s->options & SSL_OP_NO_SSLv3)) + type=3; + } + else if (!(s->options & SSL_OP_NO_SSLv3)) + type=3; + } + else if ((strncmp("GET ", p,4) == 0) || + (strncmp("POST ",p,5) == 0) || + (strncmp("HEAD ",p,5) == 0) || + (strncmp("PUT ", p,4) == 0)) + { + SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO,SSL_R_HTTP_REQUEST); + goto err; + } + else if (strncmp("CONNECT",p,7) == 0) + { + SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO,SSL_R_HTTPS_PROXY_REQUEST); + goto err; + } + } + +next_bit: + if (s->state == SSL23_ST_SR_CLNT_HELLO_B) + { + /* we have a SSLv3/TLSv1 in a SSLv2 header */ + type=2; + p=s->packet; + n=((p[0]&0x7f)<<8)|p[1]; + if (n > (1024*4)) + { + SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO,SSL_R_RECORD_TOO_LARGE); + goto err; + } + + j=ssl23_read_bytes(s,n+2); + if (j <= 0) return(j); + + ssl3_finish_mac(s,&(s->packet[2]),s->packet_length-2); + + p=s->packet; + p+=5; + n2s(p,csl); + n2s(p,sil); + n2s(p,cl); + d=(unsigned char *)s->init_buf->data; + if ((csl+sil+cl+11) != s->packet_length) + { + SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO,SSL_R_RECORD_LENGTH_MISMATCH); + goto err; + } + + *(d++)=SSL3_VERSION_MAJOR; + if (tls1) + *(d++)=TLS1_VERSION_MINOR; + else + *(d++)=SSL3_VERSION_MINOR; + + /* lets populate the random area */ + /* get the chalenge_length */ + i=(cl > SSL3_RANDOM_SIZE)?SSL3_RANDOM_SIZE:cl; + memset(d,0,SSL3_RANDOM_SIZE); + memcpy(&(d[SSL3_RANDOM_SIZE-i]),&(p[csl+sil]),i); + d+=SSL3_RANDOM_SIZE; + + /* no session-id reuse */ + *(d++)=0; + + /* ciphers */ + j=0; + dd=d; + d+=2; + for (i=0; iinit_buf->data); + + /* get the data reused from the init_buf */ + s->s3->tmp.reuse_message=1; + s->s3->tmp.message_type=SSL3_MT_CLIENT_HELLO; + s->s3->tmp.message_size=i; + } + + if (type == 1) + { + /* we are talking sslv2 */ + /* we need to clean up the SSLv3/TLSv1 setup and put in the + * sslv2 stuff. */ + + if (s->s2 == NULL) + { + if (!ssl2_new(s)) + goto err; + } + else + ssl2_clear(s); + + if (s->s3 != NULL) ssl3_free(s); + + if (!BUF_MEM_grow(s->init_buf, + SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER)) + { + goto err; + } + + s->state=SSL2_ST_GET_CLIENT_HELLO_A; + if ((s->options & SSL_OP_MSIE_SSLV2_RSA_PADDING) || + use_sslv2_strong) + s->s2->ssl2_rollback=0; + else + s->s2->ssl2_rollback=1; + + /* setup the 5 bytes we have read so we get them from + * the sslv2 buffer */ + s->rstate=SSL_ST_READ_HEADER; + s->packet_length=n; + s->packet= &(s->s2->rbuf[0]); + memcpy(s->packet,buf,n); + s->s2->rbuf_left=n; + s->s2->rbuf_offs=0; + + s->method=SSLv2_server_method(); + s->handshake_func=s->method->ssl_accept; + } + + if ((type == 2) || (type == 3)) + { + /* we have SSLv3/TLSv1 */ + + if (!ssl_init_wbio_buffer(s,1)) goto err; + + /* we are in this state */ + s->state=SSL3_ST_SR_CLNT_HELLO_A; + + if (type == 3) + { + /* put the 'n' bytes we have read into the input buffer + * for SSLv3 */ + s->rstate=SSL_ST_READ_HEADER; + s->packet_length=n; + s->packet= &(s->s3->rbuf.buf[0]); + memcpy(s->packet,buf,n); + s->s3->rbuf.left=n; + s->s3->rbuf.offset=0; + } + else + { + s->packet_length=0; + s->s3->rbuf.left=0; + s->s3->rbuf.offset=0; + } + + if (tls1) + { + s->version=TLS1_VERSION; + s->method=TLSv1_server_method(); + } + else + { + s->version=SSL3_VERSION; + s->method=SSLv3_server_method(); + } + s->handshake_func=s->method->ssl_accept; + } + + if ((type < 1) || (type > 3)) + { + /* bad, very bad */ + SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO,SSL_R_UNKNOWN_PROTOCOL); + goto err; + } + s->init_num=0; + + if (buf != buf_space) Free(buf); + s->first_packet=1; + return(SSL_accept(s)); +err: + if (buf != buf_space) Free(buf); + return(-1); + } + diff --git a/src/lib/libssl/s3_both.c b/src/lib/libssl/s3_both.c new file mode 100644 index 0000000000..6de62e1591 --- /dev/null +++ b/src/lib/libssl/s3_both.c @@ -0,0 +1,469 @@ +/* ssl/s3_both.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include +#include "buffer.h" +#include "rand.h" +#include "objects.h" +#include "evp.h" +#include "x509.h" +#include "ssl_locl.h" + +#define BREAK break + +/* SSL3err(SSL_F_SSL3_GET_FINISHED,SSL_R_EXCESSIVE_MESSAGE_SIZE); + */ + +int ssl3_send_finished(s,a,b,sender,slen) +SSL *s; +int a; +int b; +unsigned char *sender; +int slen; + { + unsigned char *p,*d; + int i; + unsigned long l; + + if (s->state == a) + { + d=(unsigned char *)s->init_buf->data; + p= &(d[4]); + + i=s->method->ssl3_enc->final_finish_mac(s, + &(s->s3->finish_dgst1), + &(s->s3->finish_dgst2), + sender,slen,p); + p+=i; + l=i; + + *(d++)=SSL3_MT_FINISHED; + l2n3(l,d); + s->init_num=(int)l+4; + s->init_off=0; + + s->state=b; + } + + /* SSL3_ST_SEND_xxxxxx_HELLO_B */ + return(ssl3_do_write(s,SSL3_RT_HANDSHAKE)); + } + +int ssl3_get_finished(s,a,b) +SSL *s; +int a; +int b; + { + int al,i,ok; + long n; + unsigned char *p; + + /* the mac has already been generated when we received the + * change cipher spec message and is in s->s3->tmp.in_dgst[12] + */ + + n=ssl3_get_message(s, + a, + b, + SSL3_MT_FINISHED, + 64, /* should actually be 36+4 :-) */ + &ok); + + if (!ok) return((int)n); + + /* If this occurs if we has missed a message */ + if (!s->s3->change_cipher_spec) + { + al=SSL_AD_UNEXPECTED_MESSAGE; + SSLerr(SSL_F_SSL3_GET_FINISHED,SSL_R_GOT_A_FIN_BEFORE_A_CCS); + goto f_err; + } + s->s3->change_cipher_spec=0; + + p=(unsigned char *)s->init_buf->data; + + i=s->method->ssl3_enc->finish_mac_length; + + if (i != n) + { + al=SSL_AD_DECODE_ERROR; + SSLerr(SSL_F_SSL3_GET_FINISHED,SSL_R_BAD_DIGEST_LENGTH); + goto f_err; + } + + if (memcmp( p, (char *)&(s->s3->tmp.finish_md[0]),i) != 0) + { + al=SSL_AD_DECRYPT_ERROR; + SSLerr(SSL_F_SSL3_GET_FINISHED,SSL_R_DIGEST_CHECK_FAILED); + goto f_err; + } + + return(1); +f_err: + ssl3_send_alert(s,SSL3_AL_FATAL,al); + return(0); + } + +/* for these 2 messages, we need to + * ssl->enc_read_ctx re-init + * ssl->s3->read_sequence zero + * ssl->s3->read_mac_secret re-init + * ssl->session->read_sym_enc assign + * ssl->session->read_compression assign + * ssl->session->read_hash assign + */ +int ssl3_send_change_cipher_spec(s,a,b) +SSL *s; +int a,b; + { + unsigned char *p; + + if (s->state == a) + { + p=(unsigned char *)s->init_buf->data; + *p=SSL3_MT_CCS; + s->init_num=1; + s->init_off=0; + + s->state=b; + } + + /* SSL3_ST_CW_CHANGE_B */ + return(ssl3_do_write(s,SSL3_RT_CHANGE_CIPHER_SPEC)); + } + +unsigned long ssl3_output_cert_chain(s,x) +SSL *s; +X509 *x; + { + unsigned char *p; + int n,i; + unsigned long l=7; + BUF_MEM *buf; + X509_STORE_CTX xs_ctx; + X509_OBJECT obj; + + /* TLSv1 sends a chain with nothing in it, instead of an alert */ + buf=s->init_buf; + if (!BUF_MEM_grow(buf,(int)(10))) + { + SSLerr(SSL_F_SSL3_OUTPUT_CERT_CHAIN,ERR_R_BUF_LIB); + return(0); + } + if (x != NULL) + { + X509_STORE_CTX_init(&xs_ctx,s->ctx->cert_store,NULL,NULL); + + for (;;) + { + n=i2d_X509(x,NULL); + if (!BUF_MEM_grow(buf,(int)(n+l+3))) + { + SSLerr(SSL_F_SSL3_OUTPUT_CERT_CHAIN,ERR_R_BUF_LIB); + return(0); + } + p=(unsigned char *)&(buf->data[l]); + l2n3(n,p); + i2d_X509(x,&p); + l+=n+3; + if (X509_NAME_cmp(X509_get_subject_name(x), + X509_get_issuer_name(x)) == 0) break; + + i=X509_STORE_get_by_subject(&xs_ctx,X509_LU_X509, + X509_get_issuer_name(x),&obj); + if (i <= 0) break; + x=obj.data.x509; + /* Count is one too high since the X509_STORE_get uped the + * ref count */ + X509_free(x); + } + + X509_STORE_CTX_cleanup(&xs_ctx); + } + + l-=7; + p=(unsigned char *)&(buf->data[4]); + l2n3(l,p); + l+=3; + p=(unsigned char *)&(buf->data[0]); + *(p++)=SSL3_MT_CERTIFICATE; + l2n3(l,p); + l+=4; + return(l); + } + +long ssl3_get_message(s,st1,stn,mt,max,ok) +SSL *s; +int st1,stn,mt; +long max; +int *ok; + { + unsigned char *p; + unsigned long l; + long n; + int i,al; + + if (s->s3->tmp.reuse_message) + { + s->s3->tmp.reuse_message=0; + if ((mt >= 0) && (s->s3->tmp.message_type != mt)) + { + al=SSL_AD_UNEXPECTED_MESSAGE; + SSLerr(SSL_F_SSL3_GET_MESSAGE,SSL_R_UNEXPECTED_MESSAGE); + goto f_err; + } + *ok=1; + return((int)s->s3->tmp.message_size); + } + + p=(unsigned char *)s->init_buf->data; + + if (s->state == st1) + { + i=ssl3_read_bytes(s,SSL3_RT_HANDSHAKE, + (char *)&(p[s->init_num]), + 4-s->init_num); + if (i < (4-s->init_num)) + { + *ok=0; + return(ssl3_part_read(s,i)); + } + + if ((mt >= 0) && (*p != mt)) + { + al=SSL_AD_UNEXPECTED_MESSAGE; + SSLerr(SSL_F_SSL3_GET_MESSAGE,SSL_R_UNEXPECTED_MESSAGE); + goto f_err; + } + s->s3->tmp.message_type= *(p++); + + n2l3(p,l); + if (l > (unsigned long)max) + { + al=SSL_AD_ILLEGAL_PARAMETER; + SSLerr(SSL_F_SSL3_GET_MESSAGE,SSL_R_EXCESSIVE_MESSAGE_SIZE); + goto f_err; + } + if (l && !BUF_MEM_grow(s->init_buf,(int)l)) + { + SSLerr(SSL_F_SSL3_GET_MESSAGE,ERR_R_BUF_LIB); + goto err; + } + s->s3->tmp.message_size=l; + s->state=stn; + + s->init_num=0; + } + + /* next state (stn) */ + p=(unsigned char *)s->init_buf->data; + n=s->s3->tmp.message_size; + if (n > 0) + { + i=ssl3_read_bytes(s,SSL3_RT_HANDSHAKE, + (char *)&(p[s->init_num]),(int)n); + if (i != (int)n) + { + *ok=0; + return(ssl3_part_read(s,i)); + } + } + *ok=1; + return(n); +f_err: + ssl3_send_alert(s,SSL3_AL_FATAL,al); +err: + *ok=0; + return(-1); + } + +int ssl_cert_type(x,pkey) +X509 *x; +EVP_PKEY *pkey; + { + EVP_PKEY *pk; + int ret= -1,i,j; + + if (pkey == NULL) + pk=X509_get_pubkey(x); + else + pk=pkey; + if (pk == NULL) goto err; + + i=pk->type; + if (i == EVP_PKEY_RSA) + { + ret=SSL_PKEY_RSA_ENC; + if (x != NULL) + { + j=X509_get_ext_count(x); + /* check to see if this is a signing only certificate */ + /* EAY EAY EAY EAY */ + } + } + else if (i == EVP_PKEY_DSA) + { + ret=SSL_PKEY_DSA_SIGN; + } + else if (i == EVP_PKEY_DH) + { + /* if we just have a key, we needs to be guess */ + + if (x == NULL) + ret=SSL_PKEY_DH_DSA; + else + { + j=X509_get_signature_type(x); + if (j == EVP_PKEY_RSA) + ret=SSL_PKEY_DH_RSA; + else if (j== EVP_PKEY_DSA) + ret=SSL_PKEY_DH_DSA; + else ret= -1; + } + } + else + ret= -1; + +err: + return(ret); + } + +int ssl_verify_alarm_type(type) +long type; + { + int al; + + switch(type) + { + case X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT: + case X509_V_ERR_UNABLE_TO_GET_CRL: + al=SSL_AD_UNKNOWN_CA; + break; + case X509_V_ERR_UNABLE_TO_DECRYPT_CERT_SIGNATURE: + case X509_V_ERR_UNABLE_TO_DECRYPT_CRL_SIGNATURE: + case X509_V_ERR_UNABLE_TO_DECODE_ISSUER_PUBLIC_KEY: + case X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD: + case X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD: + case X509_V_ERR_ERROR_IN_CRL_LAST_UPDATE_FIELD: + case X509_V_ERR_ERROR_IN_CRL_NEXT_UPDATE_FIELD: + case X509_V_ERR_CERT_NOT_YET_VALID: + case X509_V_ERR_CRL_NOT_YET_VALID: + al=SSL_AD_BAD_CERTIFICATE; + break; + case X509_V_ERR_CERT_SIGNATURE_FAILURE: + case X509_V_ERR_CRL_SIGNATURE_FAILURE: + al=SSL_AD_DECRYPT_ERROR; + break; + case X509_V_ERR_CERT_HAS_EXPIRED: + case X509_V_ERR_CRL_HAS_EXPIRED: + al=SSL_AD_CERTIFICATE_EXPIRED; + break; + case X509_V_ERR_CERT_REVOKED: + al=SSL_AD_CERTIFICATE_REVOKED; + break; + case X509_V_ERR_OUT_OF_MEM: + al=SSL_AD_INTERNAL_ERROR; + break; + case X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT: + case X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN: + case X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY: + case X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE: + case X509_V_ERR_CERT_CHAIN_TOO_LONG: + al=SSL_AD_UNKNOWN_CA; + break; + case X509_V_ERR_APPLICATION_VERIFICATION: + al=SSL_AD_HANDSHAKE_FAILURE; + break; + default: + al=SSL_AD_CERTIFICATE_UNKNOWN; + break; + } + return(al); + } + +int ssl3_setup_buffers(s) +SSL *s; + { + unsigned char *p; + unsigned int extra; + + if (s->s3->rbuf.buf == NULL) + { + if (s->options & SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER) + extra=SSL3_RT_MAX_EXTRA; + else + extra=0; + if ((p=(unsigned char *)Malloc(SSL3_RT_MAX_PACKET_SIZE+extra)) + == NULL) + goto err; + s->s3->rbuf.buf=p; + } + + if (s->s3->wbuf.buf == NULL) + { + if ((p=(unsigned char *)Malloc(SSL3_RT_MAX_PACKET_SIZE)) + == NULL) + goto err; + s->s3->wbuf.buf=p; + } + s->packet= &(s->s3->rbuf.buf[0]); + return(1); +err: + SSLerr(SSL_F_SSL3_SETUP_BUFFERS,ERR_R_MALLOC_FAILURE); + return(0); + } diff --git a/src/lib/libssl/s3_clnt.c b/src/lib/libssl/s3_clnt.c new file mode 100644 index 0000000000..940c6a458f --- /dev/null +++ b/src/lib/libssl/s3_clnt.c @@ -0,0 +1,1678 @@ +/* ssl/s3_clnt.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include +#include "buffer.h" +#include "rand.h" +#include "objects.h" +#include "evp.h" +#include "ssl_locl.h" + +#define BREAK break +/* SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,ERR_R_MALLOC_FAILURE); + * SSLerr(SSL_F_SSL3_GET_SERVER_CERTIFICATE,ERR_R_MALLOC_FAILURE); + * SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,ERR_R_MALLOC_FAILURE); + * SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,ERR_R_MALLOC_FAILURE); + * SSLerr(SSL_F_SSL3_GET_CERTIFICATE_REQUEST,ERR_R_MALLOC_FAILURE); + * SSLerr(SSL_F_SSL3_GET_SERVER_DONE,ERR_R_MALLOC_FAILURE); +SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,SSL_R_SSL3_SESSION_ID_TOO_SHORT); + */ + +#ifndef NOPROTO +static int ssl3_client_hello(SSL *s); +static int ssl3_get_server_hello(SSL *s); +static int ssl3_get_certificate_request(SSL *s); +static int ca_dn_cmp(X509_NAME **a,X509_NAME **b); +static int ssl3_get_server_done(SSL *s); +static int ssl3_send_client_verify(SSL *s); +static int ssl3_send_client_certificate(SSL *s); +static int ssl3_send_client_key_exchange(SSL *s); +static int ssl3_get_key_exchange(SSL *s); +static int ssl3_get_server_certificate(SSL *s); +static int ssl3_check_cert_and_algorithm(SSL *s); +#else +static int ssl3_client_hello(); +static int ssl3_get_server_hello(); +static int ssl3_get_certificate_request(); +static int ca_dn_cmp(); +static int ssl3_get_server_done(); +static int ssl3_send_client_verify(); +static int ssl3_send_client_certificate(); +static int ssl3_send_client_key_exchange(); +static int ssl3_get_key_exchange(); +static int ssl3_get_server_certificate(); +static int ssl3_check_cert_and_algorithm(); +#endif + +static SSL_METHOD *ssl3_get_client_method(ver) +int ver; + { + if (ver == SSL3_VERSION) + return(SSLv3_client_method()); + else + return(NULL); + } + +SSL_METHOD *SSLv3_client_method() + { + static int init=1; + static SSL_METHOD SSLv3_client_data; + + if (init) + { + init=0; + memcpy((char *)&SSLv3_client_data,(char *)sslv3_base_method(), + sizeof(SSL_METHOD)); + SSLv3_client_data.ssl_connect=ssl3_connect; + SSLv3_client_data.get_ssl_method=ssl3_get_client_method; + } + return(&SSLv3_client_data); + } + +int ssl3_connect(s) +SSL *s; + { + BUF_MEM *buf; + unsigned long Time=time(NULL),l; + long num1; + void (*cb)()=NULL; + int ret= -1; + BIO *under; + int new_state,state,skip=0;; + + RAND_seed((unsigned char *)&Time,sizeof(Time)); + ERR_clear_error(); + clear_sys_error(); + + if (s->info_callback != NULL) + cb=s->info_callback; + else if (s->ctx->info_callback != NULL) + cb=s->ctx->info_callback; + + if (!SSL_in_init(s) || SSL_in_before(s)) SSL_clear(s); + s->in_handshake++; + + for (;;) + { + state=s->state; + + switch(s->state) + { + case SSL_ST_RENEGOTIATE: + s->new_session=1; + s->state=SSL_ST_CONNECT; + s->ctx->sess_connect_renegotiate++; + /* break */ + case SSL_ST_BEFORE: + case SSL_ST_CONNECT: + case SSL_ST_BEFORE|SSL_ST_CONNECT: + case SSL_ST_OK|SSL_ST_CONNECT: + + if (cb != NULL) cb(s,SSL_CB_HANDSHAKE_START,1); + + if ((s->version & 0xff00 ) != 0x0300) + abort(); + /* s->version=SSL3_VERSION; */ + s->type=SSL_ST_CONNECT; + + if (s->init_buf == NULL) + { + if ((buf=BUF_MEM_new()) == NULL) + { + ret= -1; + goto end; + } + if (!BUF_MEM_grow(buf,SSL3_RT_MAX_PLAIN_LENGTH)) + { + ret= -1; + goto end; + } + s->init_buf=buf; + } + + if (!ssl3_setup_buffers(s)) { ret= -1; goto end; } + + /* setup buffing BIO */ + if (!ssl_init_wbio_buffer(s,0)) { ret= -1; goto end; } + + /* don't push the buffering BIO quite yet */ + + ssl3_init_finished_mac(s); + + s->state=SSL3_ST_CW_CLNT_HELLO_A; + s->ctx->sess_connect++; + s->init_num=0; + break; + + case SSL3_ST_CW_CLNT_HELLO_A: + case SSL3_ST_CW_CLNT_HELLO_B: + + s->shutdown=0; + ret=ssl3_client_hello(s); + if (ret <= 0) goto end; + s->state=SSL3_ST_CR_SRVR_HELLO_A; + s->init_num=0; + + /* turn on buffering for the next lot of output */ + if (s->bbio != s->wbio) + s->wbio=BIO_push(s->bbio,s->wbio); + + break; + + case SSL3_ST_CR_SRVR_HELLO_A: + case SSL3_ST_CR_SRVR_HELLO_B: + ret=ssl3_get_server_hello(s); + if (ret <= 0) goto end; + if (s->hit) + s->state=SSL3_ST_CR_FINISHED_A; + else + s->state=SSL3_ST_CR_CERT_A; + s->init_num=0; + break; + + case SSL3_ST_CR_CERT_A: + case SSL3_ST_CR_CERT_B: + /* Check if it is anon DH */ + if (!(s->s3->tmp.new_cipher->algorithms & SSL_aNULL)) + { + ret=ssl3_get_server_certificate(s); + if (ret <= 0) goto end; + } + else + skip=1; + s->state=SSL3_ST_CR_KEY_EXCH_A; + s->init_num=0; + break; + + case SSL3_ST_CR_KEY_EXCH_A: + case SSL3_ST_CR_KEY_EXCH_B: + ret=ssl3_get_key_exchange(s); + if (ret <= 0) goto end; + s->state=SSL3_ST_CR_CERT_REQ_A; + s->init_num=0; + + /* at this point we check that we have the + * required stuff from the server */ + if (!ssl3_check_cert_and_algorithm(s)) + { + ret= -1; + goto end; + } + break; + + case SSL3_ST_CR_CERT_REQ_A: + case SSL3_ST_CR_CERT_REQ_B: + ret=ssl3_get_certificate_request(s); + if (ret <= 0) goto end; + s->state=SSL3_ST_CR_SRVR_DONE_A; + s->init_num=0; + break; + + case SSL3_ST_CR_SRVR_DONE_A: + case SSL3_ST_CR_SRVR_DONE_B: + ret=ssl3_get_server_done(s); + if (ret <= 0) goto end; + if (s->s3->tmp.cert_req) + s->state=SSL3_ST_CW_CERT_A; + else + s->state=SSL3_ST_CW_KEY_EXCH_A; + s->init_num=0; + + break; + + case SSL3_ST_CW_CERT_A: + case SSL3_ST_CW_CERT_B: + case SSL3_ST_CW_CERT_C: + ret=ssl3_send_client_certificate(s); + if (ret <= 0) goto end; + s->state=SSL3_ST_CW_KEY_EXCH_A; + s->init_num=0; + break; + + case SSL3_ST_CW_KEY_EXCH_A: + case SSL3_ST_CW_KEY_EXCH_B: + ret=ssl3_send_client_key_exchange(s); + if (ret <= 0) goto end; + l=s->s3->tmp.new_cipher->algorithms; + /* EAY EAY EAY need to check for DH fix cert + * sent back */ + /* For TLS, cert_req is set to 2, so a cert chain + * of nothing is sent, but no verify packet is sent */ + if (s->s3->tmp.cert_req == 1) + { + s->state=SSL3_ST_CW_CERT_VRFY_A; + } + else + { + s->state=SSL3_ST_CW_CHANGE_A; + s->s3->change_cipher_spec=0; + } + + s->init_num=0; + break; + + case SSL3_ST_CW_CERT_VRFY_A: + case SSL3_ST_CW_CERT_VRFY_B: + ret=ssl3_send_client_verify(s); + if (ret <= 0) goto end; + s->state=SSL3_ST_CW_CHANGE_A; + s->init_num=0; + s->s3->change_cipher_spec=0; + break; + + case SSL3_ST_CW_CHANGE_A: + case SSL3_ST_CW_CHANGE_B: + ret=ssl3_send_change_cipher_spec(s, + SSL3_ST_CW_CHANGE_A,SSL3_ST_CW_CHANGE_B); + if (ret <= 0) goto end; + s->state=SSL3_ST_CW_FINISHED_A; + s->init_num=0; + + s->session->cipher=s->s3->tmp.new_cipher; + if (!s->method->ssl3_enc->setup_key_block(s)) + { + ret= -1; + goto end; + } + + if (!s->method->ssl3_enc->change_cipher_state(s, + SSL3_CHANGE_CIPHER_CLIENT_WRITE)) + { + ret= -1; + goto end; + } + + break; + + case SSL3_ST_CW_FINISHED_A: + case SSL3_ST_CW_FINISHED_B: + ret=ssl3_send_finished(s, + SSL3_ST_CW_FINISHED_A,SSL3_ST_CW_FINISHED_B, + s->method->ssl3_enc->client_finished, + s->method->ssl3_enc->client_finished_len); + if (ret <= 0) goto end; + s->state=SSL3_ST_CW_FLUSH; + + /* clear flags */ + s->s3->flags&= ~SSL3_FLAGS_POP_BUFFER; + if (s->hit) + { + s->s3->tmp.next_state=SSL_ST_OK; + if (s->s3->flags & SSL3_FLAGS_DELAY_CLIENT_FINISHED) + { + s->state=SSL_ST_OK; + s->s3->flags|=SSL3_FLAGS_POP_BUFFER; + s->s3->delay_buf_pop_ret=0; + } + } + else + { + s->s3->tmp.next_state=SSL3_ST_CR_FINISHED_A; + } + s->init_num=0; + break; + + case SSL3_ST_CR_FINISHED_A: + case SSL3_ST_CR_FINISHED_B: + + ret=ssl3_get_finished(s,SSL3_ST_CR_FINISHED_A, + SSL3_ST_CR_FINISHED_B); + if (ret <= 0) goto end; + + if (s->hit) + s->state=SSL3_ST_CW_CHANGE_A; + else + s->state=SSL_ST_OK; + s->init_num=0; + break; + + case SSL3_ST_CW_FLUSH: + /* number of bytes to be flushed */ + num1=BIO_ctrl(s->wbio,BIO_CTRL_INFO,0,NULL); + if (num1 > 0) + { + s->rwstate=SSL_WRITING; + num1=BIO_flush(s->wbio); + if (num1 <= 0) { ret= -1; goto end; } + s->rwstate=SSL_NOTHING; + } + + s->state=s->s3->tmp.next_state; + break; + + case SSL_ST_OK: + /* clean a few things up */ + ssl3_cleanup_key_block(s); + + BUF_MEM_free(s->init_buf); + s->init_buf=NULL; + + if (!(s->s3->flags & SSL3_FLAGS_POP_BUFFER)) + { + /* remove buffering */ + under=BIO_pop(s->wbio); + if (under != NULL) + s->wbio=under; + else + abort(); /* ok */ + + BIO_free(s->bbio); + s->bbio=NULL; + } + /* else do it later */ + + s->init_num=0; + s->new_session=0; + + ssl_update_cache(s,SSL_SESS_CACHE_CLIENT); + if (s->hit) s->ctx->sess_hit++; + + ret=1; + /* s->server=0; */ + s->handshake_func=ssl3_connect; + s->ctx->sess_connect_good++; + + if (cb != NULL) cb(s,SSL_CB_HANDSHAKE_DONE,1); + + goto end; + break; + + default: + SSLerr(SSL_F_SSL3_CONNECT,SSL_R_UNKNOWN_STATE); + ret= -1; + goto end; + /* break; */ + } + + /* did we do anything */ + if (!s->s3->tmp.reuse_message && !skip) + { + if (s->debug) + { + if ((ret=BIO_flush(s->wbio)) <= 0) + goto end; + } + + if ((cb != NULL) && (s->state != state)) + { + new_state=s->state; + s->state=state; + cb(s,SSL_CB_CONNECT_LOOP,1); + s->state=new_state; + } + } + skip=0; + } +end: + if (cb != NULL) + cb(s,SSL_CB_CONNECT_EXIT,ret); + s->in_handshake--; + return(ret); + } + + +static int ssl3_client_hello(s) +SSL *s; + { + unsigned char *buf; + unsigned char *p,*d; + int i; + unsigned long Time,l; + + buf=(unsigned char *)s->init_buf->data; + if (s->state == SSL3_ST_CW_CLNT_HELLO_A) + { + if ((s->session == NULL) || + (s->session->ssl_version != s->version)) + { + if (!ssl_get_new_session(s,0)) + goto err; + } + /* else use the pre-loaded session */ + + p=s->s3->client_random; + Time=time(NULL); /* Time */ + l2n(Time,p); + RAND_bytes(&(p[4]),SSL3_RANDOM_SIZE-sizeof(Time)); + + /* Do the message type and length last */ + d=p= &(buf[4]); + + *(p++)=s->version>>8; + *(p++)=s->version&0xff; + + /* Random stuff */ + memcpy(p,s->s3->client_random,SSL3_RANDOM_SIZE); + p+=SSL3_RANDOM_SIZE; + + /* Session ID */ + if (s->new_session) + i=0; + else + i=s->session->session_id_length; + *(p++)=i; + if (i != 0) + { + memcpy(p,s->session->session_id,i); + p+=i; + } + + /* Ciphers supported */ + i=ssl_cipher_list_to_bytes(s,SSL_get_ciphers(s),&(p[2])); + if (i == 0) + { + SSLerr(SSL_F_SSL3_CLIENT_HELLO,SSL_R_NO_CIPHERS_AVAILABLE); + goto err; + } + s2n(i,p); + p+=i; + + /* hardwire in the NULL compression algorithm. */ + *(p++)=1; + *(p++)=0; + + l=(p-d); + d=buf; + *(d++)=SSL3_MT_CLIENT_HELLO; + l2n3(l,d); + + s->state=SSL3_ST_CW_CLNT_HELLO_B; + /* number of bytes to write */ + s->init_num=p-buf; + s->init_off=0; + } + + /* SSL3_ST_CW_CLNT_HELLO_B */ + return(ssl3_do_write(s,SSL3_RT_HANDSHAKE)); +err: + return(-1); + } + +static int ssl3_get_server_hello(s) +SSL *s; + { + STACK *sk; + SSL_CIPHER *c; + unsigned char *p,*d; + int i,al,ok; + unsigned int j; + long n; + + n=ssl3_get_message(s, + SSL3_ST_CR_SRVR_HELLO_A, + SSL3_ST_CR_SRVR_HELLO_B, + SSL3_MT_SERVER_HELLO, + 300, /* ?? */ + &ok); + + if (!ok) return((int)n); + d=p=(unsigned char *)s->init_buf->data; + + if ((p[0] != (s->version>>8)) || (p[1] != (s->version&0xff))) + { + SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,SSL_R_WRONG_SSL_VERSION); + s->version=(s->version&0xff00)|p[1]; + al=SSL_AD_PROTOCOL_VERSION; + goto f_err; + } + p+=2; + + /* load the server hello data */ + /* load the server random */ + memcpy(s->s3->server_random,p,SSL3_RANDOM_SIZE); + p+=SSL3_RANDOM_SIZE; + + /* get the session-id */ + j= *(p++); + + if ((j != 0) && (j != SSL3_SESSION_ID_SIZE)) + { + /* SSLref returns 16 :-( */ + if (j < SSL2_SSL_SESSION_ID_LENGTH) + { + al=SSL_AD_ILLEGAL_PARAMETER; + SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,SSL_R_SSL3_SESSION_ID_TOO_SHORT); + goto f_err; + } + } + if ((j != 0) && (j == s->session->session_id_length) && + (memcmp(p,s->session->session_id,j) == 0)) + s->hit=1; + else /* a miss or crap from the other end */ + { + /* If we were trying for session-id reuse, make a new + * SSL_SESSION so we don't stuff up other people */ + s->hit=0; + if (s->session->session_id_length > 0) + { + if (!ssl_get_new_session(s,0)) + { + al=SSL_AD_INTERNAL_ERROR; + goto f_err; + } + } + s->session->session_id_length=j; + memcpy(s->session->session_id,p,j); /* j could be 0 */ + } + p+=j; + c=ssl_get_cipher_by_char(s,p); + if (c == NULL) + { + /* unknown cipher */ + al=SSL_AD_ILLEGAL_PARAMETER; + SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,SSL_R_UNKNOWN_CIPHER_RETURNED); + goto f_err; + } + p+=ssl_put_cipher_by_char(s,NULL,NULL); + + sk=ssl_get_ciphers_by_id(s); + i=sk_find(sk,(char *)c); + if (i < 0) + { + /* we did not say we would use this cipher */ + al=SSL_AD_ILLEGAL_PARAMETER; + SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,SSL_R_WRONG_CIPHER_RETURNED); + goto f_err; + } + + if (s->hit && (s->session->cipher != c)) + { + if (!(s->options & + SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG)) + { + al=SSL_AD_ILLEGAL_PARAMETER; + SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,SSL_R_OLD_SESSION_CIPHER_NOT_RETURNED); + goto f_err; + } + } + s->s3->tmp.new_cipher=c; + + /* lets get the compression algorithm */ + j= *(p++); + if (j != 0) + { + al=SSL_AD_ILLEGAL_PARAMETER; + SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,SSL_R_UNSUPPORTED_COMPRESSION_ALGORITHM); + goto f_err; + } + + if (p != (d+n)) + { + /* wrong packet length */ + al=SSL_AD_DECODE_ERROR; + SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,SSL_R_BAD_PACKET_LENGTH); + goto err; + } + + return(1); +f_err: + ssl3_send_alert(s,SSL3_AL_FATAL,al); +err: + return(-1); + } + +static int ssl3_get_server_certificate(s) +SSL *s; + { + int al,i,ok,ret= -1; + unsigned long n,nc,llen,l; + X509 *x=NULL; + unsigned char *p,*d,*q; + STACK *sk=NULL; + CERT *c; + EVP_PKEY *pkey=NULL; + + n=ssl3_get_message(s, + SSL3_ST_CR_CERT_A, + SSL3_ST_CR_CERT_B, + -1, +#if defined(MSDOS) && !defined(WIN32) + 1024*30, /* 30k max cert list :-) */ +#else + 1024*100, /* 100k max cert list :-) */ +#endif + &ok); + + if (!ok) return((int)n); + + if (s->s3->tmp.message_type == SSL3_MT_SERVER_KEY_EXCHANGE) + { + s->s3->tmp.reuse_message=1; + return(1); + } + + if (s->s3->tmp.message_type != SSL3_MT_CERTIFICATE) + { + al=SSL_AD_UNEXPECTED_MESSAGE; + SSLerr(SSL_F_SSL3_GET_SERVER_CERTIFICATE,SSL_R_BAD_MESSAGE_TYPE); + goto f_err; + } + d=p=(unsigned char *)s->init_buf->data; + + if ((sk=sk_new_null()) == NULL) + { + SSLerr(SSL_F_SSL3_GET_SERVER_CERTIFICATE,ERR_R_MALLOC_FAILURE); + goto err; + } + + n2l3(p,llen); + if (llen+3 != n) + { + al=SSL_AD_DECODE_ERROR; + SSLerr(SSL_F_SSL3_GET_SERVER_CERTIFICATE,SSL_R_LENGTH_MISMATCH); + goto f_err; + } + for (nc=0; nc llen) + { + al=SSL_AD_DECODE_ERROR; + SSLerr(SSL_F_SSL3_GET_SERVER_CERTIFICATE,SSL_R_CERT_LENGTH_MISMATCH); + goto f_err; + } + + q=p; + x=d2i_X509(NULL,&q,l); + if (x == NULL) + { + al=SSL_AD_BAD_CERTIFICATE; + SSLerr(SSL_F_SSL3_GET_SERVER_CERTIFICATE,ERR_R_ASN1_LIB); + goto f_err; + } + if (q != (p+l)) + { + al=SSL_AD_DECODE_ERROR; + SSLerr(SSL_F_SSL3_GET_SERVER_CERTIFICATE,SSL_R_CERT_LENGTH_MISMATCH); + goto f_err; + } + if (!sk_push(sk,(char *)x)) + { + SSLerr(SSL_F_SSL3_GET_SERVER_CERTIFICATE,ERR_R_MALLOC_FAILURE); + goto err; + } + x=NULL; + nc+=l+3; + p=q; + } + + i=ssl_verify_cert_chain(s,sk); + if ((s->verify_mode != SSL_VERIFY_NONE) && (!i)) + { + al=ssl_verify_alarm_type(s->verify_result); + SSLerr(SSL_F_SSL3_GET_SERVER_CERTIFICATE,SSL_R_CERTIFICATE_VERIFY_FAILED); + goto f_err; + } + + c=ssl_cert_new(); + if (c == NULL) goto err; + + if (s->session->cert) ssl_cert_free(s->session->cert); + s->session->cert=c; + + c->cert_chain=sk; + x=(X509 *)sk_value(sk,0); + sk=NULL; + + pkey=X509_get_pubkey(x); + + if (EVP_PKEY_missing_parameters(pkey)) + { + x=NULL; + al=SSL3_AL_FATAL; + SSLerr(SSL_F_SSL3_GET_SERVER_CERTIFICATE,SSL_R_UNABLE_TO_FIND_PUBLIC_KEY_PARAMETERS); + goto f_err; + } + + i=ssl_cert_type(x,pkey); + if (i < 0) + { + x=NULL; + al=SSL3_AL_FATAL; + SSLerr(SSL_F_SSL3_GET_SERVER_CERTIFICATE,SSL_R_UNKNOWN_CERTIFICATE_TYPE); + goto f_err; + } + + c->cert_type=i; + CRYPTO_add(&x->references,1,CRYPTO_LOCK_X509); + if (c->pkeys[i].x509 != NULL) + X509_free(c->pkeys[i].x509); + c->pkeys[i].x509=x; + c->key= &(c->pkeys[i]); + + if ((s->session != NULL) && (s->session->peer != NULL)) + X509_free(s->session->peer); + CRYPTO_add(&x->references,1,CRYPTO_LOCK_X509); + s->session->peer=x; + + x=NULL; + ret=1; + + if (0) + { +f_err: + ssl3_send_alert(s,SSL3_AL_FATAL,al); + } +err: + if (x != NULL) X509_free(x); + if (sk != NULL) sk_pop_free(sk,X509_free); + return(ret); + } + +static int ssl3_get_key_exchange(s) +SSL *s; + { +#ifndef NO_RSA + unsigned char *q,md_buf[EVP_MAX_MD_SIZE*2]; +#endif + EVP_MD_CTX md_ctx; + unsigned char *param,*p; + int al,i,j,param_len,ok; + long n,alg; + EVP_PKEY *pkey=NULL; + RSA *rsa=NULL; +#ifndef NO_DH + DH *dh=NULL; +#endif + + n=ssl3_get_message(s, + SSL3_ST_CR_KEY_EXCH_A, + SSL3_ST_CR_KEY_EXCH_B, + -1, + 1024*8, /* ?? */ + &ok); + + if (!ok) return((int)n); + + if (s->s3->tmp.message_type != SSL3_MT_SERVER_KEY_EXCHANGE) + { + s->s3->tmp.reuse_message=1; + return(1); + } + + param=p=(unsigned char *)s->init_buf->data; + + if (s->session->cert != NULL) + { +#ifndef NO_RSA + if (s->session->cert->rsa_tmp != NULL) + { + RSA_free(s->session->cert->rsa_tmp); + s->session->cert->rsa_tmp=NULL; + } +#endif +#ifndef NO_DH + if (s->session->cert->dh_tmp) + { + DH_free(s->session->cert->dh_tmp); + s->session->cert->dh_tmp=NULL; + } +#endif + } + else + { + s->session->cert=ssl_cert_new(); + } + + param_len=0; + alg=s->s3->tmp.new_cipher->algorithms; + +#ifndef NO_RSA + if (alg & SSL_kRSA) + { + if ((rsa=RSA_new()) == NULL) + { + SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,ERR_R_MALLOC_FAILURE); + goto err; + } + n2s(p,i); + param_len=i+2; + if (param_len > n) + { + al=SSL_AD_DECODE_ERROR; + SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,SSL_R_BAD_RSA_MODULUS_LENGTH); + goto f_err; + } + if (!(rsa->n=BN_bin2bn(p,i,rsa->n))) + { + SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,ERR_R_BN_LIB); + goto err; + } + p+=i; + + n2s(p,i); + param_len+=i+2; + if (param_len > n) + { + al=SSL_AD_DECODE_ERROR; + SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,SSL_R_BAD_RSA_E_LENGTH); + goto f_err; + } + if (!(rsa->e=BN_bin2bn(p,i,rsa->e))) + { + SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,ERR_R_BN_LIB); + goto err; + } + p+=i; + n-=param_len; + +/* s->session->cert->rsa_tmp=rsa;*/ + /* this should be because we are using an export cipher */ + if (alg & SSL_aRSA) + pkey=X509_get_pubkey(s->session->cert->pkeys[SSL_PKEY_RSA_ENC].x509); + else + { + SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,SSL_R_INTERNAL_ERROR); + goto err; + } + s->session->cert->rsa_tmp=rsa; + } + else +#endif +#ifndef NO_DH + if (alg & SSL_kEDH) + { + if ((dh=DH_new()) == NULL) + { + SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,ERR_R_DH_LIB); + goto err; + } + n2s(p,i); + param_len=i+2; + if (param_len > n) + { + al=SSL_AD_DECODE_ERROR; + SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,SSL_R_BAD_DH_P_LENGTH); + goto f_err; + } + if (!(dh->p=BN_bin2bn(p,i,NULL))) + { + SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,ERR_R_BN_LIB); + goto err; + } + p+=i; + + n2s(p,i); + param_len+=i+2; + if (param_len > n) + { + al=SSL_AD_DECODE_ERROR; + SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,SSL_R_BAD_DH_G_LENGTH); + goto f_err; + } + if (!(dh->g=BN_bin2bn(p,i,NULL))) + { + SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,ERR_R_BN_LIB); + goto err; + } + p+=i; + + n2s(p,i); + param_len+=i+2; + if (param_len > n) + { + al=SSL_AD_DECODE_ERROR; + SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,SSL_R_BAD_DH_PUB_KEY_LENGTH); + goto f_err; + } + if (!(dh->pub_key=BN_bin2bn(p,i,NULL))) + { + SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,ERR_R_BN_LIB); + goto err; + } + p+=i; + n-=param_len; + +#ifndef NO_RSA + if (alg & SSL_aRSA) + pkey=X509_get_pubkey(s->session->cert->pkeys[SSL_PKEY_RSA_ENC].x509); + else +#endif +#ifndef NO_DSA + if (alg & SSL_aDSS) + pkey=X509_get_pubkey(s->session->cert->pkeys[SSL_PKEY_DSA_SIGN].x509); +#endif + /* else anonymous DH, so no certificate or pkey. */ + + s->session->cert->dh_tmp=dh; + } + else if ((alg & SSL_kDHr) || (alg & SSL_kDHd)) + { + al=SSL_AD_ILLEGAL_PARAMETER; + SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,SSL_R_TRIED_TO_USE_UNSUPPORTED_CIPHER); + goto f_err; + } +#endif + + /* p points to the next byte, there are 'n' bytes left */ + + + /* if it was signed, check the signature */ + if (pkey != NULL) + { + n2s(p,i); + n-=2; + j=EVP_PKEY_size(pkey); + + if ((i != n) || (n > j) || (n <= 0)) + { + /* wrong packet length */ + al=SSL_AD_DECODE_ERROR; + SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,SSL_R_WRONG_SIGNATURE_LENGTH); + goto err; + } + +#ifndef NO_RSA + if (pkey->type == EVP_PKEY_RSA) + { + int num; + + j=0; + q=md_buf; + for (num=2; num > 0; num--) + { + EVP_DigestInit(&md_ctx,(num == 2) + ?s->ctx->md5:s->ctx->sha1); + EVP_DigestUpdate(&md_ctx,&(s->s3->client_random[0]),SSL3_RANDOM_SIZE); + EVP_DigestUpdate(&md_ctx,&(s->s3->server_random[0]),SSL3_RANDOM_SIZE); + EVP_DigestUpdate(&md_ctx,param,param_len); + EVP_DigestFinal(&md_ctx,q,(unsigned int *)&i); + q+=i; + j+=i; + } + i=RSA_public_decrypt((int)n,p,p,pkey->pkey.rsa, + RSA_PKCS1_PADDING); + if (i <= 0) + { + al=SSL_AD_DECRYPT_ERROR; + SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,SSL_R_BAD_RSA_DECRYPT); + goto f_err; + } + if ((j != i) || (memcmp(p,md_buf,i) != 0)) + { + /* bad signature */ + al=SSL_AD_DECRYPT_ERROR; + SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,SSL_R_BAD_SIGNATURE); + goto f_err; + } + } + else +#endif +#ifndef NO_DSA + if (pkey->type == EVP_PKEY_DSA) + { + /* lets do DSS */ + EVP_VerifyInit(&md_ctx,EVP_dss1()); + EVP_VerifyUpdate(&md_ctx,&(s->s3->client_random[0]),SSL3_RANDOM_SIZE); + EVP_VerifyUpdate(&md_ctx,&(s->s3->server_random[0]),SSL3_RANDOM_SIZE); + EVP_VerifyUpdate(&md_ctx,param,param_len); + if (!EVP_VerifyFinal(&md_ctx,p,(int)n,pkey)) + { + /* bad signature */ + al=SSL_AD_DECRYPT_ERROR; + SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,SSL_R_BAD_SIGNATURE); + goto f_err; + } + } + else +#endif + { + SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,SSL_R_INTERNAL_ERROR); + goto err; + } + } + else + { + /* still data left over */ + if (!(alg & SSL_aNULL)) + { + SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,SSL_R_INTERNAL_ERROR); + goto err; + } + if (n != 0) + { + al=SSL_AD_DECODE_ERROR; + SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,SSL_R_EXTRA_DATA_IN_MESSAGE); + goto f_err; + } + } + + return(1); +f_err: + ssl3_send_alert(s,SSL3_AL_FATAL,al); +err: + return(-1); + } + +static int ssl3_get_certificate_request(s) +SSL *s; + { + int ok,ret=0; + unsigned long n,nc,l; + unsigned int llen,ctype_num,i; + X509_NAME *xn=NULL; + unsigned char *p,*d,*q; + STACK *ca_sk=NULL; + + n=ssl3_get_message(s, + SSL3_ST_CR_CERT_REQ_A, + SSL3_ST_CR_CERT_REQ_B, + -1, +#if defined(MSDOS) && !defined(WIN32) + 1024*30, /* 30k max cert list :-) */ +#else + 1024*100, /* 100k max cert list :-) */ +#endif + &ok); + + if (!ok) return((int)n); + + s->s3->tmp.cert_req=0; + + if (s->s3->tmp.message_type == SSL3_MT_SERVER_DONE) + { + s->s3->tmp.reuse_message=1; + return(1); + } + + if (s->s3->tmp.message_type != SSL3_MT_CERTIFICATE_REQUEST) + { + ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_UNEXPECTED_MESSAGE); + SSLerr(SSL_F_SSL3_GET_CERTIFICATE_REQUEST,SSL_R_WRONG_MESSAGE_TYPE); + goto err; + } + + /* TLS does not like anon-DH with client cert */ + if (s->version > SSL3_VERSION) + { + l=s->s3->tmp.new_cipher->algorithms; + if (l & SSL_aNULL) + { + ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_UNEXPECTED_MESSAGE); + SSLerr(SSL_F_SSL3_GET_CERTIFICATE_REQUEST,SSL_R_TLS_CLIENT_CERT_REQ_WITH_ANON_CIPHER); + goto err; + } + } + + d=p=(unsigned char *)s->init_buf->data; + + if ((ca_sk=sk_new(ca_dn_cmp)) == NULL) + { + SSLerr(SSL_F_SSL3_GET_CERTIFICATE_REQUEST,ERR_R_MALLOC_FAILURE); + goto err; + } + + /* get the certificate types */ + ctype_num= *(p++); + if (ctype_num > SSL3_CT_NUMBER) + ctype_num=SSL3_CT_NUMBER; + for (i=0; is3->tmp.ctype[i]= p[i]; + p+=ctype_num; + + /* get the CA RDNs */ + n2s(p,llen); + if ((llen+ctype_num+2+1) != n) + { + ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_DECODE_ERROR); + SSLerr(SSL_F_SSL3_GET_CERTIFICATE_REQUEST,SSL_R_LENGTH_MISMATCH); + goto err; + } + + for (nc=0; nc llen) + { + if ((s->options & SSL_OP_NETSCAPE_CA_DN_BUG)) + goto cont; /* netscape bugs */ + ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_DECODE_ERROR); + SSLerr(SSL_F_SSL3_GET_CERTIFICATE_REQUEST,SSL_R_CA_DN_TOO_LONG); + goto err; + } + + q=p; + + if ((xn=d2i_X509_NAME(NULL,&q,l)) == NULL) + { + /* If netscape tollerance is on, ignore errors */ + if (s->options & SSL_OP_NETSCAPE_CA_DN_BUG) + goto cont; + else + { + ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_DECODE_ERROR); + SSLerr(SSL_F_SSL3_GET_CERTIFICATE_REQUEST,ERR_R_ASN1_LIB); + goto err; + } + } + + if (q != (p+l)) + { + ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_DECODE_ERROR); + SSLerr(SSL_F_SSL3_GET_CERTIFICATE_REQUEST,SSL_R_CA_DN_LENGTH_MISMATCH); + goto err; + } + if (!sk_push(ca_sk,(char *)xn)) + { + SSLerr(SSL_F_SSL3_GET_CERTIFICATE_REQUEST,ERR_R_MALLOC_FAILURE); + goto err; + } + + p+=l; + nc+=l+2; + } + + if (0) + { +cont: + ERR_clear_error(); + } + + /* we should setup a certficate to return.... */ + s->s3->tmp.cert_req=1; + s->s3->tmp.ctype_num=ctype_num; + if (s->s3->tmp.ca_names != NULL) + sk_pop_free(s->s3->tmp.ca_names,X509_NAME_free); + s->s3->tmp.ca_names=ca_sk; + ca_sk=NULL; + + ret=1; +err: + if (ca_sk != NULL) sk_pop_free(ca_sk,X509_NAME_free); + return(ret); + } + +static int ca_dn_cmp(a,b) +X509_NAME **a,**b; + { + return(X509_NAME_cmp(*a,*b)); + } + +static int ssl3_get_server_done(s) +SSL *s; + { + int ok,ret=0; + long n; + + n=ssl3_get_message(s, + SSL3_ST_CR_SRVR_DONE_A, + SSL3_ST_CR_SRVR_DONE_B, + SSL3_MT_SERVER_DONE, + 30, /* should be very small, like 0 :-) */ + &ok); + + if (!ok) return((int)n); + if (n > 0) + { + /* should contain no data */ + ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_DECODE_ERROR); + SSLerr(SSL_F_SSL3_GET_SERVER_DONE,SSL_R_LENGTH_MISMATCH); + } + ret=1; + return(ret); + } + +static int ssl3_send_client_key_exchange(s) +SSL *s; + { + unsigned char *p,*q,*d; + int n; + unsigned long l; + EVP_PKEY *pkey=NULL; + + if (s->state == SSL3_ST_CW_KEY_EXCH_A) + { + d=(unsigned char *)s->init_buf->data; + p= &(d[4]); + + l=s->s3->tmp.new_cipher->algorithms; + +#ifndef NO_RSA + if (l & SSL_kRSA) + { + RSA *rsa; + unsigned char tmp_buf[48]; + + if (s->session->cert->rsa_tmp != NULL) + rsa=s->session->cert->rsa_tmp; + else + { + pkey=X509_get_pubkey(s->session->cert->pkeys[SSL_PKEY_RSA_ENC].x509); + if ((pkey == NULL) || + (pkey->type != EVP_PKEY_RSA) || + (pkey->pkey.rsa == NULL)) + { + SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,SSL_R_INTERNAL_ERROR); + goto err; + } + rsa=pkey->pkey.rsa; + } + + tmp_buf[0]=s->version>>8; + tmp_buf[1]=s->version&0xff; + RAND_bytes(&(tmp_buf[2]),SSL_MAX_MASTER_KEY_LENGTH-2); + + s->session->master_key_length=SSL_MAX_MASTER_KEY_LENGTH; + + q=p; + /* Fix buf for TLS and beyond */ + if (s->version > SSL3_VERSION) + p+=2; + n=RSA_public_encrypt(SSL_MAX_MASTER_KEY_LENGTH, + tmp_buf,p,rsa,RSA_PKCS1_PADDING); + if (n <= 0) + { + SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,SSL_R_BAD_RSA_ENCRYPT); + goto err; + } + + /* Fix buf for TLS and beyond */ + if (s->version > SSL3_VERSION) + { + s2n(n,q); + n+=2; + } + + s->session->master_key_length= + s->method->ssl3_enc->generate_master_secret(s, + s->session->master_key, + tmp_buf,48); + memset(tmp_buf,0,48); + } + else +#endif +#ifndef NO_DH + if (l & (SSL_kEDH|SSL_kDHr|SSL_kDHd)) + { + DH *dh_srvr,*dh_clnt; + + if (s->session->cert->dh_tmp != NULL) + dh_srvr=s->session->cert->dh_tmp; + else + { + /* we get them from the cert */ + ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_HANDSHAKE_FAILURE); + SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,SSL_R_UNABLE_TO_FIND_DH_PARAMETERS); + goto err; + } + + /* generate a new random key */ + if ((dh_clnt=DHparams_dup(dh_srvr)) == NULL) + { + SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,ERR_R_DH_LIB); + goto err; + } + if (!DH_generate_key(dh_clnt)) + { + SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,ERR_R_DH_LIB); + goto err; + } + + /* use the 'p' output buffer for the DH key, but + * make sure to clear it out afterwards */ + + n=DH_compute_key(p,dh_srvr->pub_key,dh_clnt); + + if (n <= 0) + { + SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,ERR_R_DH_LIB); + goto err; + } + + /* generate master key from the result */ + s->session->master_key_length= + s->method->ssl3_enc->generate_master_secret(s, + s->session->master_key,p,n); + /* clean up */ + memset(p,0,n); + + /* send off the data */ + n=BN_num_bytes(dh_clnt->pub_key); + s2n(n,p); + BN_bn2bin(dh_clnt->pub_key,p); + n+=2; + + DH_free(dh_clnt); + + /* perhaps clean things up a bit EAY EAY EAY EAY*/ + } + else +#endif + { + ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_HANDSHAKE_FAILURE); + SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,SSL_R_INTERNAL_ERROR); + goto err; + } + + *(d++)=SSL3_MT_CLIENT_KEY_EXCHANGE; + l2n3(n,d); + + s->state=SSL3_ST_CW_KEY_EXCH_B; + /* number of bytes to write */ + s->init_num=n+4; + s->init_off=0; + } + + /* SSL3_ST_CW_KEY_EXCH_B */ + return(ssl3_do_write(s,SSL3_RT_HANDSHAKE)); +err: + return(-1); + } + +static int ssl3_send_client_verify(s) +SSL *s; + { + unsigned char *p,*d; + unsigned char data[MD5_DIGEST_LENGTH+SHA_DIGEST_LENGTH]; + EVP_PKEY *pkey; + int i=0; + unsigned long n; +#ifndef NO_DSA + int j; +#endif + + if (s->state == SSL3_ST_CW_CERT_VRFY_A) + { + d=(unsigned char *)s->init_buf->data; + p= &(d[4]); + pkey=s->cert->key->privatekey; + + s->method->ssl3_enc->cert_verify_mac(s,&(s->s3->finish_dgst2), + &(data[MD5_DIGEST_LENGTH])); + +#ifndef NO_RSA + if (pkey->type == EVP_PKEY_RSA) + { + s->method->ssl3_enc->cert_verify_mac(s, + &(s->s3->finish_dgst1),&(data[0])); + i=RSA_private_encrypt( + MD5_DIGEST_LENGTH+SHA_DIGEST_LENGTH, + data,&(p[2]),pkey->pkey.rsa, + RSA_PKCS1_PADDING); + if (i <= 0) + { + SSLerr(SSL_F_SSL3_SEND_CLIENT_VERIFY,ERR_R_RSA_LIB); + goto err; + } + s2n(i,p); + n=i+2; + } + else +#endif +#ifndef NO_DSA + if (pkey->type == EVP_PKEY_DSA) + { + if (!DSA_sign(pkey->save_type, + &(data[MD5_DIGEST_LENGTH]), + SHA_DIGEST_LENGTH,&(p[2]), + (unsigned int *)&j,pkey->pkey.dsa)) + { + SSLerr(SSL_F_SSL3_SEND_CLIENT_VERIFY,ERR_R_DSA_LIB); + goto err; + } + s2n(j,p); + n=j+2; + } + else +#endif + { + SSLerr(SSL_F_SSL3_SEND_CLIENT_VERIFY,SSL_R_INTERNAL_ERROR); + goto err; + } + *(d++)=SSL3_MT_CERTIFICATE_VERIFY; + l2n3(n,d); + + s->init_num=(int)n+4; + s->init_off=0; + } + return(ssl3_do_write(s,SSL3_RT_HANDSHAKE)); +err: + return(-1); + } + +static int ssl3_send_client_certificate(s) +SSL *s; + { + X509 *x509=NULL; + EVP_PKEY *pkey=NULL; + int i; + unsigned long l; + + if (s->state == SSL3_ST_CW_CERT_A) + { + if ((s->cert == NULL) || + (s->cert->key->x509 == NULL) || + (s->cert->key->privatekey == NULL)) + s->state=SSL3_ST_CW_CERT_B; + else + s->state=SSL3_ST_CW_CERT_C; + } + + /* We need to get a client cert */ + if (s->state == SSL3_ST_CW_CERT_B) + { + /* If we get an error, we need to + * ssl->rwstate=SSL_X509_LOOKUP; return(-1); + * We then get retied later */ + i=0; + if (s->ctx->client_cert_cb != NULL) + i=s->ctx->client_cert_cb(s,&(x509),&(pkey)); + if (i < 0) + { + s->rwstate=SSL_X509_LOOKUP; + return(-1); + } + s->rwstate=SSL_NOTHING; + if ((i == 1) && (pkey != NULL) && (x509 != NULL)) + { + s->state=SSL3_ST_CW_CERT_B; + if ( !SSL_use_certificate(s,x509) || + !SSL_use_PrivateKey(s,pkey)) + i=0; + } + else if (i == 1) + { + i=0; + SSLerr(SSL_F_SSL3_SEND_CLIENT_CERTIFICATE,SSL_R_BAD_DATA_RETURNED_BY_CALLBACK); + } + + if (x509 != NULL) X509_free(x509); + if (pkey != NULL) EVP_PKEY_free(pkey); + if (i == 0) + { + if (s->version == SSL3_VERSION) + { + s->s3->tmp.cert_req=0; + ssl3_send_alert(s,SSL3_AL_WARNING,SSL_AD_NO_CERTIFICATE); + return(1); + } + else + { + s->s3->tmp.cert_req=2; + } + } + + /* Ok, we have a cert */ + s->state=SSL3_ST_CW_CERT_C; + } + + if (s->state == SSL3_ST_CW_CERT_C) + { + s->state=SSL3_ST_CW_CERT_D; + l=ssl3_output_cert_chain(s, + (s->s3->tmp.cert_req == 2)?NULL:s->cert->key->x509); + s->init_num=(int)l; + s->init_off=0; + } + /* SSL3_ST_CW_CERT_D */ + return(ssl3_do_write(s,SSL3_RT_HANDSHAKE)); + } + +#define has_bits(i,m) (((i)&(m)) == (m)) + +static int ssl3_check_cert_and_algorithm(s) +SSL *s; + { + int i,idx; + long algs; + EVP_PKEY *pkey=NULL; + CERT *c; + RSA *rsa; + DH *dh; + + c=s->session->cert; + + if (c == NULL) + { + SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,SSL_R_INTERNAL_ERROR); + goto err; + } + + algs=s->s3->tmp.new_cipher->algorithms; + + /* we don't have a certificate */ + if (algs & (SSL_aDH|SSL_aNULL)) + return(1); + + rsa=s->session->cert->rsa_tmp; + dh=s->session->cert->dh_tmp; + + /* This is the passed certificate */ + + idx=c->cert_type; + pkey=X509_get_pubkey(c->pkeys[idx].x509); + i=X509_certificate_type(c->pkeys[idx].x509,pkey); + + + /* Check that we have a certificate if we require one */ + if ((algs & SSL_aRSA) && !has_bits(i,EVP_PK_RSA|EVP_PKT_SIGN)) + { + SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,SSL_R_MISSING_RSA_SIGNING_CERT); + goto f_err; + } +#ifndef NO_DSA + else if ((algs & SSL_aDSS) && !has_bits(i,EVP_PK_DSA|EVP_PKT_SIGN)) + { + SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,SSL_R_MISSING_DSA_SIGNING_CERT); + goto f_err; + } +#endif + + if ((algs & SSL_kRSA) && + !(has_bits(i,EVP_PK_RSA|EVP_PKT_ENC) || (rsa != NULL))) + { + SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,SSL_R_MISSING_RSA_ENCRYPTING_CERT); + goto f_err; + } +#ifndef NO_DH + else if ((algs & SSL_kEDH) && + !(has_bits(i,EVP_PK_DH|EVP_PKT_EXCH) || (dh != NULL))) + { + SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,SSL_R_MISSING_DH_KEY); + goto f_err; + } + else if ((algs & SSL_kDHr) && !has_bits(i,EVP_PK_DH|EVP_PKS_RSA)) + { + SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,SSL_R_MISSING_DH_RSA_CERT); + goto f_err; + } +#ifndef NO_DSA + else if ((algs & SSL_kDHd) && !has_bits(i,EVP_PK_DH|EVP_PKS_DSA)) + { + SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,SSL_R_MISSING_DH_DSA_CERT); + goto f_err; + } +#endif +#endif + + if ((algs & SSL_EXP) && !has_bits(i,EVP_PKT_EXP)) + { +#ifndef NO_RSA + if (algs & SSL_kRSA) + { + if ((rsa == NULL) || (RSA_size(rsa) > 512)) + { + SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,SSL_R_MISSING_EXPORT_TMP_RSA_KEY); + goto f_err; + } + } + else +#endif +#ifndef NO_DH + if (algs & (SSL_kEDH|SSL_kDHr|SSL_kDHd)) + { + if ((dh == NULL) || (DH_size(dh) > 512)) + { + SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,SSL_R_MISSING_EXPORT_TMP_DH_KEY); + goto f_err; + } + } + else +#endif + { + SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,SSL_R_UNKNOWN_KEY_EXCHANGE_TYPE); + goto f_err; + } + } + return(1); +f_err: + ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_HANDSHAKE_FAILURE); +err: + return(0); + } + diff --git a/src/lib/libssl/s3_lib.c b/src/lib/libssl/s3_lib.c new file mode 100644 index 0000000000..0fd945025d --- /dev/null +++ b/src/lib/libssl/s3_lib.c @@ -0,0 +1,961 @@ +/* ssl/s3_lib.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include +#include "objects.h" +#include "ssl_locl.h" + +char *ssl3_version_str="SSLv3 part of SSLeay 0.9.0b 29-Jun-1998"; + +#define SSL3_NUM_CIPHERS (sizeof(ssl3_ciphers)/sizeof(SSL_CIPHER)) + +#ifndef NOPROTO +static long ssl3_default_timeout(void ); +#else +static long ssl3_default_timeout(); +#endif + +SSL_CIPHER ssl3_ciphers[]={ +/* The RSA ciphers */ +/* Cipher 01 */ + { + 1, + SSL3_TXT_RSA_NULL_MD5, + SSL3_CK_RSA_NULL_MD5, + SSL_kRSA|SSL_aRSA|SSL_eNULL |SSL_MD5|SSL_NOT_EXP|SSL_SSLV3, + 0, + SSL_ALL_CIPHERS, + }, +/* Cipher 02 */ + { + 1, + SSL3_TXT_RSA_NULL_SHA, + SSL3_CK_RSA_NULL_SHA, + SSL_kRSA|SSL_aRSA|SSL_eNULL |SSL_SHA1|SSL_NOT_EXP|SSL_SSLV3, + 0, + SSL_ALL_CIPHERS, + }, + +/* anon DH */ +/* Cipher 17 */ + { + 1, + SSL3_TXT_ADH_RC4_40_MD5, + SSL3_CK_ADH_RC4_40_MD5, + SSL_kEDH |SSL_aNULL|SSL_RC4 |SSL_MD5 |SSL_EXP|SSL_SSLV3, + 0, + SSL_ALL_CIPHERS, + }, +/* Cipher 18 */ + { + 1, + SSL3_TXT_ADH_RC4_128_MD5, + SSL3_CK_ADH_RC4_128_MD5, + SSL_kEDH |SSL_aNULL|SSL_RC4 |SSL_MD5|SSL_NOT_EXP|SSL_SSLV3, + 0, + SSL_ALL_CIPHERS, + }, +/* Cipher 19 */ + { + 1, + SSL3_TXT_ADH_DES_40_CBC_SHA, + SSL3_CK_ADH_DES_40_CBC_SHA, + SSL_kEDH |SSL_aNULL|SSL_DES|SSL_SHA1|SSL_EXP|SSL_SSLV3, + 0, + SSL_ALL_CIPHERS, + }, +/* Cipher 1A */ + { + 1, + SSL3_TXT_ADH_DES_64_CBC_SHA, + SSL3_CK_ADH_DES_64_CBC_SHA, + SSL_kEDH |SSL_aNULL|SSL_DES |SSL_SHA1|SSL_NOT_EXP|SSL_SSLV3, + 0, + SSL_ALL_CIPHERS, + }, +/* Cipher 1B */ + { + 1, + SSL3_TXT_ADH_DES_192_CBC_SHA, + SSL3_CK_ADH_DES_192_CBC_SHA, + SSL_kEDH |SSL_aNULL|SSL_3DES |SSL_SHA1|SSL_NOT_EXP|SSL_SSLV3, + 0, + SSL_ALL_CIPHERS, + }, + +/* RSA again */ +/* Cipher 03 */ + { + 1, + SSL3_TXT_RSA_RC4_40_MD5, + SSL3_CK_RSA_RC4_40_MD5, + SSL_kRSA|SSL_aRSA|SSL_RC4 |SSL_MD5 |SSL_EXP|SSL_SSLV3, + 0, + SSL_ALL_CIPHERS, + }, +/* Cipher 04 */ + { + 1, + SSL3_TXT_RSA_RC4_128_MD5, + SSL3_CK_RSA_RC4_128_MD5, + SSL_kRSA|SSL_aRSA|SSL_RC4 |SSL_MD5|SSL_NOT_EXP|SSL_SSLV3|SSL_MEDIUM, + 0, + SSL_ALL_CIPHERS, + }, +/* Cipher 05 */ + { + 1, + SSL3_TXT_RSA_RC4_128_SHA, + SSL3_CK_RSA_RC4_128_SHA, + SSL_kRSA|SSL_aRSA|SSL_RC4 |SSL_SHA1|SSL_NOT_EXP|SSL_SSLV3|SSL_MEDIUM, + 0, + SSL_ALL_CIPHERS, + }, +/* Cipher 06 */ + { + 1, + SSL3_TXT_RSA_RC2_40_MD5, + SSL3_CK_RSA_RC2_40_MD5, + SSL_kRSA|SSL_aRSA|SSL_RC2 |SSL_MD5 |SSL_EXP|SSL_SSLV3, + 0, + SSL_ALL_CIPHERS, + }, +/* Cipher 07 */ + { + 1, + SSL3_TXT_RSA_IDEA_128_SHA, + SSL3_CK_RSA_IDEA_128_SHA, + SSL_kRSA|SSL_aRSA|SSL_IDEA |SSL_SHA1|SSL_NOT_EXP|SSL_SSLV3|SSL_MEDIUM, + 0, + SSL_ALL_CIPHERS, + }, +/* Cipher 08 */ + { + 1, + SSL3_TXT_RSA_DES_40_CBC_SHA, + SSL3_CK_RSA_DES_40_CBC_SHA, + SSL_kRSA|SSL_aRSA|SSL_DES|SSL_SHA1|SSL_EXP|SSL_SSLV3, + 0, + SSL_ALL_CIPHERS, + }, +/* Cipher 09 */ + { + 1, + SSL3_TXT_RSA_DES_64_CBC_SHA, + SSL3_CK_RSA_DES_64_CBC_SHA, + SSL_kRSA|SSL_aRSA|SSL_DES |SSL_SHA1|SSL_NOT_EXP|SSL_SSLV3|SSL_LOW, + 0, + SSL_ALL_CIPHERS, + }, +/* Cipher 0A */ + { + 1, + SSL3_TXT_RSA_DES_192_CBC3_SHA, + SSL3_CK_RSA_DES_192_CBC3_SHA, + SSL_kRSA|SSL_aRSA|SSL_3DES |SSL_SHA1|SSL_NOT_EXP|SSL_SSLV3|SSL_HIGH, + 0, + SSL_ALL_CIPHERS, + }, + +/* The DH ciphers */ +/* Cipher 0B */ + { + 0, + SSL3_TXT_DH_DSS_DES_40_CBC_SHA, + SSL3_CK_DH_DSS_DES_40_CBC_SHA, + SSL_kDHd |SSL_aDH|SSL_DES|SSL_SHA1|SSL_EXP|SSL_SSLV3, + 0, + SSL_ALL_CIPHERS, + }, +/* Cipher 0C */ + { + 0, + SSL3_TXT_DH_DSS_DES_64_CBC_SHA, + SSL3_CK_DH_DSS_DES_64_CBC_SHA, + SSL_kDHd |SSL_aDH|SSL_DES |SSL_SHA1|SSL_NOT_EXP|SSL_SSLV3|SSL_LOW, + 0, + SSL_ALL_CIPHERS, + }, +/* Cipher 0D */ + { + 0, + SSL3_TXT_DH_DSS_DES_192_CBC3_SHA, + SSL3_CK_DH_DSS_DES_192_CBC3_SHA, + SSL_kDHd |SSL_aDH|SSL_3DES |SSL_SHA1|SSL_NOT_EXP|SSL_SSLV3|SSL_HIGH, + 0, + SSL_ALL_CIPHERS, + }, +/* Cipher 0E */ + { + 0, + SSL3_TXT_DH_RSA_DES_40_CBC_SHA, + SSL3_CK_DH_RSA_DES_40_CBC_SHA, + SSL_kDHr |SSL_aDH|SSL_DES|SSL_SHA1|SSL_EXP|SSL_SSLV3, + 0, + SSL_ALL_CIPHERS, + }, +/* Cipher 0F */ + { + 0, + SSL3_TXT_DH_RSA_DES_64_CBC_SHA, + SSL3_CK_DH_RSA_DES_64_CBC_SHA, + SSL_kDHr |SSL_aDH|SSL_DES |SSL_SHA1|SSL_NOT_EXP|SSL_SSLV3|SSL_LOW, + 0, + SSL_ALL_CIPHERS, + }, +/* Cipher 10 */ + { + 0, + SSL3_TXT_DH_RSA_DES_192_CBC3_SHA, + SSL3_CK_DH_RSA_DES_192_CBC3_SHA, + SSL_kDHr |SSL_aDH|SSL_3DES |SSL_SHA1|SSL_NOT_EXP|SSL_SSLV3|SSL_HIGH, + 0, + SSL_ALL_CIPHERS, + }, + +/* The Ephemeral DH ciphers */ +/* Cipher 11 */ + { + 1, + SSL3_TXT_EDH_DSS_DES_40_CBC_SHA, + SSL3_CK_EDH_DSS_DES_40_CBC_SHA, + SSL_kEDH|SSL_aDSS|SSL_DES|SSL_SHA1|SSL_EXP|SSL_SSLV3, + 0, + SSL_ALL_CIPHERS, + }, +/* Cipher 12 */ + { + 1, + SSL3_TXT_EDH_DSS_DES_64_CBC_SHA, + SSL3_CK_EDH_DSS_DES_64_CBC_SHA, + SSL_kEDH|SSL_aDSS|SSL_DES |SSL_SHA1|SSL_NOT_EXP|SSL_SSLV3|SSL_LOW, + 0, + SSL_ALL_CIPHERS, + }, +/* Cipher 13 */ + { + 1, + SSL3_TXT_EDH_DSS_DES_192_CBC3_SHA, + SSL3_CK_EDH_DSS_DES_192_CBC3_SHA, + SSL_kEDH|SSL_aDSS|SSL_3DES |SSL_SHA1|SSL_NOT_EXP|SSL_SSLV3|SSL_HIGH, + 0, + SSL_ALL_CIPHERS, + }, +/* Cipher 14 */ + { + 1, + SSL3_TXT_EDH_RSA_DES_40_CBC_SHA, + SSL3_CK_EDH_RSA_DES_40_CBC_SHA, + SSL_kEDH|SSL_aRSA|SSL_DES|SSL_SHA1|SSL_EXP|SSL_SSLV3, + 0, + SSL_ALL_CIPHERS, + }, +/* Cipher 15 */ + { + 1, + SSL3_TXT_EDH_RSA_DES_64_CBC_SHA, + SSL3_CK_EDH_RSA_DES_64_CBC_SHA, + SSL_kEDH|SSL_aRSA|SSL_DES |SSL_SHA1|SSL_NOT_EXP|SSL_SSLV3|SSL_LOW, + 0, + SSL_ALL_CIPHERS, + }, +/* Cipher 16 */ + { + 1, + SSL3_TXT_EDH_RSA_DES_192_CBC3_SHA, + SSL3_CK_EDH_RSA_DES_192_CBC3_SHA, + SSL_kEDH|SSL_aRSA|SSL_3DES |SSL_SHA1|SSL_NOT_EXP|SSL_SSLV3|SSL_HIGH, + 0, + SSL_ALL_CIPHERS, + }, + +/* Fortezza */ +/* Cipher 1C */ + { + 0, + SSL3_TXT_FZA_DMS_NULL_SHA, + SSL3_CK_FZA_DMS_NULL_SHA, + SSL_kFZA|SSL_aFZA |SSL_eNULL |SSL_SHA1|SSL_NOT_EXP|SSL_SSLV3, + 0, + SSL_ALL_CIPHERS, + }, + +/* Cipher 1D */ + { + 0, + SSL3_TXT_FZA_DMS_FZA_SHA, + SSL3_CK_FZA_DMS_FZA_SHA, + SSL_kFZA|SSL_aFZA |SSL_eFZA |SSL_SHA1|SSL_NOT_EXP|SSL_SSLV3, + 0, + SSL_ALL_CIPHERS, + }, + +/* Cipher 1E */ + { + 0, + SSL3_TXT_FZA_DMS_RC4_SHA, + SSL3_CK_FZA_DMS_RC4_SHA, + SSL_kFZA|SSL_aFZA |SSL_RC4 |SSL_SHA1|SSL_NOT_EXP|SSL_SSLV3, + 0, + SSL_ALL_CIPHERS, + }, + +/* end of list */ + }; + +static SSL3_ENC_METHOD SSLv3_enc_data={ + ssl3_enc, + ssl3_mac, + ssl3_setup_key_block, + ssl3_generate_master_secret, + ssl3_change_cipher_state, + ssl3_final_finish_mac, + MD5_DIGEST_LENGTH+SHA_DIGEST_LENGTH, + ssl3_cert_verify_mac, + SSL3_MD_CLIENT_FINISHED_CONST,4, + SSL3_MD_SERVER_FINISHED_CONST,4, + ssl3_alert_code, + }; + +static SSL_METHOD SSLv3_data= { + SSL3_VERSION, + ssl3_new, + ssl3_clear, + ssl3_free, + ssl_undefined_function, + ssl_undefined_function, + ssl3_read, + ssl3_peek, + ssl3_write, + ssl3_shutdown, + ssl3_renegotiate, + ssl3_ctrl, + ssl3_ctx_ctrl, + ssl3_get_cipher_by_char, + ssl3_put_cipher_by_char, + ssl3_pending, + ssl3_num_ciphers, + ssl3_get_cipher, + ssl_bad_method, + ssl3_default_timeout, + &SSLv3_enc_data, + }; + +static long ssl3_default_timeout() + { + /* 2 hours, the 24 hours mentioned in the SSLv3 spec + * is way too long for http, the cache would over fill */ + return(60*60*2); + } + +SSL_METHOD *sslv3_base_method() + { + return(&SSLv3_data); + } + +int ssl3_num_ciphers() + { + return(SSL3_NUM_CIPHERS); + } + +SSL_CIPHER *ssl3_get_cipher(u) +unsigned int u; + { + if (u < SSL3_NUM_CIPHERS) + return(&(ssl3_ciphers[SSL3_NUM_CIPHERS-1-u])); + else + return(NULL); + } + +/* The problem is that it may not be the correct record type */ +int ssl3_pending(s) +SSL *s; + { + return(s->s3->rrec.length); + } + +int ssl3_new(s) +SSL *s; + { + SSL3_CTX *s3; + + if ((s3=(SSL3_CTX *)Malloc(sizeof(SSL3_CTX))) == NULL) goto err; + memset(s3,0,sizeof(SSL3_CTX)); + + s->s3=s3; + /* + s->s3->tmp.ca_names=NULL; + s->s3->tmp.key_block=NULL; + s->s3->tmp.key_block_length=0; + s->s3->rbuf.buf=NULL; + s->s3->wbuf.buf=NULL; + */ + + s->method->ssl_clear(s); + return(1); +err: + return(0); + } + +void ssl3_free(s) +SSL *s; + { + ssl3_cleanup_key_block(s); + if (s->s3->rbuf.buf != NULL) + Free(s->s3->rbuf.buf); + if (s->s3->wbuf.buf != NULL) + Free(s->s3->wbuf.buf); +#ifndef NO_DH + if (s->s3->tmp.dh != NULL) + DH_free(s->s3->tmp.dh); +#endif + if (s->s3->tmp.ca_names != NULL) + sk_pop_free(s->s3->tmp.ca_names,X509_NAME_free); + memset(s->s3,0,sizeof(SSL3_CTX)); + Free(s->s3); + s->s3=NULL; + } + +void ssl3_clear(s) +SSL *s; + { + unsigned char *rp,*wp; + + ssl3_cleanup_key_block(s); + if (s->s3->tmp.ca_names != NULL) + sk_pop_free(s->s3->tmp.ca_names,X509_NAME_free); + + rp=s->s3->rbuf.buf; + wp=s->s3->wbuf.buf; + + memset(s->s3,0,sizeof(SSL3_CTX)); + if (rp != NULL) s->s3->rbuf.buf=rp; + if (wp != NULL) s->s3->wbuf.buf=wp; + s->packet_length=0; + s->s3->renegotiate=0; + s->s3->total_renegotiations=0; + s->s3->num_renegotiations=0; + s->s3->in_read_app_data=0; + s->version=SSL3_VERSION; + } + +long ssl3_ctrl(s,cmd,larg,parg) +SSL *s; +int cmd; +long larg; +char *parg; + { + int ret=0; + + switch (cmd) + { + case SSL_CTRL_GET_SESSION_REUSED: + ret=s->hit; + break; + case SSL_CTRL_GET_CLIENT_CERT_REQUEST: + break; + case SSL_CTRL_GET_NUM_RENEGOTIATIONS: + ret=s->s3->num_renegotiations; + break; + case SSL_CTRL_CLEAR_NUM_RENEGOTIATIONS: + ret=s->s3->num_renegotiations; + s->s3->num_renegotiations=0; + break; + case SSL_CTRL_GET_TOTAL_RENEGOTIATIONS: + ret=s->s3->total_renegotiations; + break; + default: + break; + } + return(ret); + } + +long ssl3_ctx_ctrl(ctx,cmd,larg,parg) +SSL_CTX *ctx; +int cmd; +long larg; +char *parg; + { + CERT *cert; + + cert=ctx->default_cert; + + switch (cmd) + { +#ifndef NO_RSA + case SSL_CTRL_NEED_TMP_RSA: + if ( (cert->rsa_tmp == NULL) && + ((cert->pkeys[SSL_PKEY_RSA_ENC].privatekey == NULL) || + (EVP_PKEY_size(cert->pkeys[SSL_PKEY_RSA_ENC].privatekey) > (512/8))) + ) + return(1); + else + return(0); + break; + case SSL_CTRL_SET_TMP_RSA: + { + RSA *rsa; + int i; + + rsa=(RSA *)parg; + i=1; + if (rsa == NULL) + i=0; + else + { + if ((rsa=RSAPrivateKey_dup(rsa)) == NULL) + i=0; + } + if (!i) + { + SSLerr(SSL_F_SSL3_CTX_CTRL,ERR_R_RSA_LIB); + return(0); + } + else + { + if (cert->rsa_tmp != NULL) + RSA_free(cert->rsa_tmp); + cert->rsa_tmp=rsa; + return(1); + } + } + break; + case SSL_CTRL_SET_TMP_RSA_CB: + cert->rsa_tmp_cb=(RSA *(*)())parg; + break; +#endif +#ifndef NO_DH + case SSL_CTRL_SET_TMP_DH: + { + DH *new=NULL,*dh; + + dh=(DH *)parg; + if ( ((new=DHparams_dup(dh)) == NULL) || + (!DH_generate_key(new))) + { + SSLerr(SSL_F_SSL3_CTX_CTRL,ERR_R_DH_LIB); + if (new != NULL) DH_free(new); + return(0); + } + else + { + if (cert->dh_tmp != NULL) + DH_free(cert->dh_tmp); + cert->dh_tmp=new; + return(1); + } + } + break; + case SSL_CTRL_SET_TMP_DH_CB: + cert->dh_tmp_cb=(DH *(*)())parg; + break; +#endif + default: + return(0); + } + return(1); + } + +/* This function needs to check if the ciphers required are actually + * available */ +SSL_CIPHER *ssl3_get_cipher_by_char(p) +unsigned char *p; + { + static int init=1; + static SSL_CIPHER *sorted[SSL3_NUM_CIPHERS]; + SSL_CIPHER c,*cp= &c,**cpp; + unsigned long id; + int i; + + if (init) + { + init=0; + + for (i=0; ivalid) + return(NULL); + else + return(*cpp); + } + +int ssl3_put_cipher_by_char(c,p) +SSL_CIPHER *c; +unsigned char *p; + { + long l; + + if (p != NULL) + { + l=c->id; + if ((l & 0xff000000) != 0x03000000) return(0); + p[0]=((unsigned char)(l>> 8L))&0xFF; + p[1]=((unsigned char)(l ))&0xFF; + } + return(2); + } + +int ssl3_part_read(s,i) +SSL *s; +int i; + { + s->rwstate=SSL_READING; + + if (i < 0) + { + return(i); + } + else + { + s->init_num+=i; + return(0); + } + } + +SSL_CIPHER *ssl3_choose_cipher(s,have,pref) +SSL *s; +STACK *have,*pref; + { + SSL_CIPHER *c,*ret=NULL; + int i,j,ok; + CERT *cert; + unsigned long alg,mask,emask; + + /* Lets see which ciphers we can supported */ + if (s->cert != NULL) + cert=s->cert; + else + cert=s->ctx->default_cert; + + ssl_set_cert_masks(cert); + mask=cert->mask; + emask=cert->export_mask; + + sk_set_cmp_func(pref,ssl_cipher_ptr_id_cmp); + + for (i=0; ialgorithms&(SSL_MKEY_MASK|SSL_AUTH_MASK); + if (alg & SSL_EXPORT) + { + ok=((alg & emask) == alg)?1:0; +#ifdef CIPHER_DEBUG + printf("%d:[%08lX:%08lX]%s\n",ok,alg,mask,c->name); +#endif + } + else + { + ok=((alg & mask) == alg)?1:0; +#ifdef CIPHER_DEBUG + printf("%d:[%08lX:%08lX]%s\n",ok,alg,mask,c->name); +#endif + } + + if (!ok) continue; + + j=sk_find(pref,(char *)c); + if (j >= 0) + { + ret=(SSL_CIPHER *)sk_value(pref,j); + break; + } + } + return(ret); + } + +int ssl3_get_req_cert_type(s,p) +SSL *s; +unsigned char *p; + { + int ret=0; + unsigned long alg; + + alg=s->s3->tmp.new_cipher->algorithms; + +#ifndef NO_DH + if (alg & (SSL_kDHr|SSL_kEDH)) + { +#ifndef NO_RSA + p[ret++]=SSL3_CT_RSA_FIXED_DH; +#endif +#ifndef NO_DSA + p[ret++]=SSL3_CT_DSS_FIXED_DH; +#endif + } + if ((s->version == SSL3_VERSION) && + (alg & (SSL_kEDH|SSL_kDHd|SSL_kDHr))) + { +#ifndef NO_RSA + p[ret++]=SSL3_CT_RSA_EPHEMERAL_DH; +#endif +#ifndef NO_DSA + p[ret++]=SSL3_CT_DSS_EPHEMERAL_DH; +#endif + } +#endif /* !NO_DH */ +#ifndef NO_RSA + p[ret++]=SSL3_CT_RSA_SIGN; +#endif + p[ret++]=SSL3_CT_DSS_SIGN; + return(ret); + } + +int ssl3_shutdown(s) +SSL *s; + { + + /* Don't do anything much if we have not done the handshake or + * we don't want to send messages :-) */ + if ((s->quiet_shutdown) || (s->state == SSL_ST_BEFORE)) + { + s->shutdown=(SSL_SENT_SHUTDOWN|SSL_RECEIVED_SHUTDOWN); + return(1); + } + + if (!(s->shutdown & SSL_SENT_SHUTDOWN)) + { + s->shutdown|=SSL_SENT_SHUTDOWN; +#if 1 + ssl3_send_alert(s,SSL3_AL_WARNING,SSL_AD_CLOSE_NOTIFY); +#endif + /* our shutdown alert has been sent now, and if it still needs + * to be written, s->s3->alert_dispatch will be true */ + } + else if (s->s3->alert_dispatch) + { + /* resend it if not sent */ +#if 1 + ssl3_dispatch_alert(s); +#endif + } + else if (!(s->shutdown & SSL_RECEIVED_SHUTDOWN)) + { + /* If we are waiting for a close from our peer, we are closed */ + ssl3_read_bytes(s,0,NULL,0); + } + + if ((s->shutdown == (SSL_SENT_SHUTDOWN|SSL_RECEIVED_SHUTDOWN)) && + !s->s3->alert_dispatch) + return(1); + else + return(0); + } + +int ssl3_write(s,buf,len) +SSL *s; +char *buf; +int len; + { + int ret,n; + BIO *under; + +#if 0 + if (s->shutdown & SSL_SEND_SHUTDOWN) + { + s->rwstate=SSL_NOTHING; + return(0); + } +#endif + clear_sys_error(); + if (s->s3->renegotiate) ssl3_renegotiate_check(s); + + /* This is an experimental flag that sends the + * last handshake message in the same packet as the first + * use data - used to see if it helps the TCP protocol during + * session-id reuse */ + /* The second test is because the buffer may have been removed */ + if ((s->s3->flags & SSL3_FLAGS_POP_BUFFER) && (s->wbio == s->bbio)) + { + /* First time through, we write into the buffer */ + if (s->s3->delay_buf_pop_ret == 0) + { + ret=ssl3_write_bytes(s,SSL3_RT_APPLICATION_DATA, + (char *)buf,len); + if (ret <= 0) return(ret); + + s->s3->delay_buf_pop_ret=ret; + } + + s->rwstate=SSL_WRITING; + n=BIO_flush(s->wbio); + if (n <= 0) return(n); + s->rwstate=SSL_NOTHING; + + /* We have flushed the buffer */ + under=BIO_pop(s->wbio); + s->wbio=under; + BIO_free(s->bbio); + s->bbio=NULL; + ret=s->s3->delay_buf_pop_ret; + s->s3->delay_buf_pop_ret=0; + + s->s3->flags&= ~SSL3_FLAGS_POP_BUFFER; + } + else + { + ret=ssl3_write_bytes(s,SSL3_RT_APPLICATION_DATA, + (char *)buf,len); + if (ret <= 0) return(ret); + } + + return(ret); + } + +int ssl3_read(s,buf,len) +SSL *s; +char *buf; +int len; + { + int ret; + + clear_sys_error(); + if (s->s3->renegotiate) ssl3_renegotiate_check(s); + s->s3->in_read_app_data=1; + ret=ssl3_read_bytes(s,SSL3_RT_APPLICATION_DATA,buf,len); + if ((ret == -1) && (s->s3->in_read_app_data == 0)) + { + ERR_get_error(); /* clear the error */ + s->s3->in_read_app_data=0; + s->in_handshake++; + ret=ssl3_read_bytes(s,SSL3_RT_APPLICATION_DATA,buf,len); + s->in_handshake--; + } + else + s->s3->in_read_app_data=0; + + return(ret); + } + +int ssl3_peek(s,buf,len) +SSL *s; +char *buf; +int len; + { + SSL3_RECORD *rr; + int n; + + rr= &(s->s3->rrec); + if ((rr->length == 0) || (rr->type != SSL3_RT_APPLICATION_DATA)) + { + n=ssl3_read(s,buf,1); + if (n <= 0) return(n); + rr->length++; + rr->off--; + } + + if ((unsigned int)len > rr->length) + n=rr->length; + else + n=len; + memcpy(buf,&(rr->data[rr->off]),(unsigned int)n); + return(n); + } + +int ssl3_renegotiate(s) +SSL *s; + { + if (s->handshake_func == NULL) + return(1); + + if (s->s3->flags & SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS) + return(0); + + s->s3->renegotiate=1; + return(1); + } + +int ssl3_renegotiate_check(s) +SSL *s; + { + int ret=0; + + if (s->s3->renegotiate) + { + if ( (s->s3->rbuf.left == 0) && + (s->s3->wbuf.left == 0) && + !SSL_in_init(s)) + { +/* +if we are the server, and we have sent a 'RENEGOTIATE' message, we +need to go to SSL_ST_ACCEPT. +*/ + /* SSL_ST_ACCEPT */ + s->state=SSL_ST_RENEGOTIATE; + s->s3->renegotiate=0; + s->s3->num_renegotiations++; + s->s3->total_renegotiations++; + ret=1; + } + } + return(ret); + } + + diff --git a/src/lib/libssl/s3_pkt.c b/src/lib/libssl/s3_pkt.c new file mode 100644 index 0000000000..2385080347 --- /dev/null +++ b/src/lib/libssl/s3_pkt.c @@ -0,0 +1,1061 @@ +/* ssl/s3_pkt.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include +#include +#define USE_SOCKETS +#include "evp.h" +#include "buffer.h" +#include "ssl_locl.h" + +/* SSLerr(SSL_F_GET_SERVER_HELLO,SSL_R_SSLV3_ALERT_PEER_ERROR_NO_CIPHER); + * SSLerr(SSL_F_GET_SERVER_HELLO,SSL_R_SSLV3_ALERT_PEER_ERROR_NO_CERTIFICATE); + * SSLerr(SSL_F_GET_SERVER_HELLO,SSL_R_SSLV3_ALERT_PEER_ERROR_CERTIFICATE); + * SSLerr(SSL_F_GET_SERVER_HELLO,SSL_R_SSLV3_ALERT_PEER_ERROR_UNSUPPORTED_CERTIFICATE_TYPE); + * SSLerr(SSL_F_GET_SERVER_HELLO,SSL_R_SSLV3_ALERT_UNKNOWN_REMOTE_ERROR_TYPE); + * SSLerr(SSL_F_GET_SERVER_HELLO,SSL_R_SSLV3_ALERT_UNEXPECTED_MESSAGE); + * SSLerr(SSL_F_GET_SERVER_HELLO,SSL_R_SSLV3_ALERT_BAD_RECORD_MAC); + * SSLerr(SSL_F_GET_SERVER_HELLO,SSL_R_SSLV3_ALERT_DECOMPRESSION_FAILURE); + * SSLerr(SSL_F_GET_SERVER_HELLO,SSL_R_SSLV3_ALERT_HANDSHAKE_FAILURE); + * SSLerr(SSL_F_GET_SERVER_HELLO,SSL_R_SSLV3_ALERT_NO_CERTIFICATE); + * SSLerr(SSL_F_GET_SERVER_HELLO,SSL_R_SSLV3_ALERT_BAD_CERTIFICATE); + * SSLerr(SSL_F_GET_SERVER_HELLO,SSL_R_SSLV3_ALERT_UNSUPPORTED_CERTIFICATE); + * SSLerr(SSL_F_GET_SERVER_HELLO,SSL_R_SSLV3_ALERT_CERTIFICATE_REVOKED); + * SSLerr(SSL_F_GET_SERVER_HELLO,SSL_R_SSLV3_ALERT_CERTIFICATE_EXPIRED); + * SSLerr(SSL_F_GET_SERVER_HELLO,SSL_R_SSLV3_ALERT_CERTIFICATE_UNKNOWN); + * SSLerr(SSL_F_GET_SERVER_HELLO,SSL_R_SSLV3_ALERT_ILLEGAL_PARAMETER); + */ + +#ifndef NOPROTO +static int do_ssl3_write(SSL *s, int type, char *buf, unsigned int len); +static int ssl3_write_pending(SSL *s, int type, char *buf, unsigned int len); +static int ssl3_get_record(SSL *s); +static int do_compress(SSL *ssl); +static int do_uncompress(SSL *ssl); +static int do_change_cipher_spec(SSL *ssl); +#else +static int do_ssl3_write(); +static int ssl3_write_pending(); +static int ssl3_get_record(); +static int do_compress(); +static int do_uncompress(); +static int do_change_cipher_spec(); +#endif + +static int ssl3_read_n(s,n,max,extend) +SSL *s; +int n; +int max; +int extend; + { + int i,off,newb; + + /* if there is stuff still in the buffer from a previous read, + * and there is more than we want, take some. */ + if (s->s3->rbuf.left >= (int)n) + { + if (extend) + s->packet_length+=n; + else + { + s->packet= &(s->s3->rbuf.buf[s->s3->rbuf.offset]); + s->packet_length=n; + } + s->s3->rbuf.left-=n; + s->s3->rbuf.offset+=n; + return(n); + } + + /* else we need to read more data */ + if (!s->read_ahead) max=n; + if (max > SSL3_RT_MAX_PACKET_SIZE) + max=SSL3_RT_MAX_PACKET_SIZE; + + /* First check if there is some left or we want to extend */ + off=0; + if ( (s->s3->rbuf.left != 0) || + ((s->packet_length != 0) && extend)) + { + newb=s->s3->rbuf.left; + if (extend) + { + /* Copy bytes back to the front of the buffer + * Take the bytes already pointed to by 'packet' + * and take the extra ones on the end. */ + off=s->packet_length; + if (s->packet != s->s3->rbuf.buf) + memcpy(s->s3->rbuf.buf,s->packet,newb+off); + } + else if (s->s3->rbuf.offset != 0) + { /* so the data is not at the start of the buffer */ + memcpy(s->s3->rbuf.buf, + &(s->s3->rbuf.buf[s->s3->rbuf.offset]),newb); + s->s3->rbuf.offset=0; + } + + s->s3->rbuf.left=0; + } + else + newb=0; + + /* So we now have 'newb' bytes at the front of + * s->s3->rbuf.buf and need to read some more in on the end + * We start reading into the buffer at 's->s3->rbuf.offset' + */ + s->packet=s->s3->rbuf.buf; + + while (newb < n) + { + clear_sys_error(); + if (s->rbio != NULL) + { + s->rwstate=SSL_READING; + i=BIO_read(s->rbio, + (char *)&(s->s3->rbuf.buf[off+newb]), + max-newb); + } + else + { + SSLerr(SSL_F_SSL3_READ_N,SSL_R_READ_BIO_NOT_SET); + i= -1; + } + + if (i <= 0) + { + s->s3->rbuf.left+=newb; + return(i); + } + newb+=i; + } + + /* record used data read */ + if (newb > n) + { + s->s3->rbuf.offset=n+off; + s->s3->rbuf.left=newb-n; + } + else + { + s->s3->rbuf.offset=0; + s->s3->rbuf.left=0; + } + + if (extend) + s->packet_length+=n; + else + s->packet_length+=n; + return(n); + } + +/* Call this to get a new input record. + * It will return <= 0 if more data is needed, normally due to an error + * or non-blocking IO. + * When it finishes, one packet has been decoded and can be found in + * ssl->s3->rrec.type - is the type of record + * ssl->s3->rrec.data, - data + * ssl->s3->rrec.length, - number of bytes + */ +static int ssl3_get_record(s) +SSL *s; + { + char tmp_buf[512]; + int ssl_major,ssl_minor,al; + int n,i,ret= -1; + SSL3_BUFFER *rb; + SSL3_RECORD *rr; + SSL_SESSION *sess; + unsigned char *p; + unsigned char md[EVP_MAX_MD_SIZE]; + short version; + unsigned int mac_size; + int clear=0,extra; + + rr= &(s->s3->rrec); + rb= &(s->s3->rbuf); + sess=s->session; + + if (s->options & SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER) + extra=SSL3_RT_MAX_EXTRA; + else + extra=0; + +again: + /* check if we have the header */ + if ( (s->rstate != SSL_ST_READ_BODY) || + (s->packet_length < SSL3_RT_HEADER_LENGTH)) + { + n=ssl3_read_n(s,SSL3_RT_HEADER_LENGTH, + SSL3_RT_MAX_PACKET_SIZE,0); + if (n <= 0) return(n); /* error or non-blocking */ + s->rstate=SSL_ST_READ_BODY; + + p=s->packet; + + /* Pull apart the header into the SSL3_RECORD */ + rr->type= *(p++); + ssl_major= *(p++); + ssl_minor= *(p++); + version=(ssl_major<<8)|ssl_minor; + n2s(p,rr->length); + + /* Lets check version */ + if (s->first_packet) + { + s->first_packet=0; + } + else + { + if (version != s->version) + { + SSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_WRONG_VERSION_NUMBER); + /* Send back error using their + * version number :-) */ + s->version=version; + al=SSL_AD_PROTOCOL_VERSION; + goto f_err; + } + } + + if ((version>>8) != SSL3_VERSION_MAJOR) + { + SSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_WRONG_VERSION_NUMBER); + goto err; + } + + if (rr->length > + (unsigned int)SSL3_RT_MAX_ENCRYPTED_LENGTH+extra) + { + al=SSL_AD_RECORD_OVERFLOW; + SSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_PACKET_LENGTH_TOO_LONG); + goto f_err; + } + + s->rstate=SSL_ST_READ_BODY; + } + + /* get and decode the data */ + if (s->rstate == SSL_ST_READ_BODY) + { + if (rr->length > (s->packet_length-SSL3_RT_HEADER_LENGTH)) + { + i=rr->length; + /*-(s->packet_length-SSL3_RT_HEADER_LENGTH); */ + n=ssl3_read_n(s,i,i,1); + if (n <= 0) return(n); /* error or non-blocking io */ + } + s->rstate=SSL_ST_READ_HEADER; + } + + /* At this point, we have the data in s->packet and there should be + * s->packet_length bytes, we must not 'overrun' this buffer :-) + * One of the following functions will copy the data from the + * s->packet buffer */ + + rr->input= &(s->packet[SSL3_RT_HEADER_LENGTH]); + + /* ok, we can now read from 's->packet' data into 'rr' + * rr->input points at rr->length bytes, which + * need to be copied into rr->data by either + * the decryption or by the decompression + * When the data is 'copied' into the rr->data buffer, + * rr->input will be pointed at the new buffer */ + + /* Set the state for the following operations */ + s->rstate=SSL_ST_READ_HEADER; + + /* We now have - encrypted [ MAC [ compressed [ plain ] ] ] + * rr->length bytes of encrypted compressed stuff. */ + + /* check is not needed I belive */ + if (rr->length > (unsigned int)SSL3_RT_MAX_ENCRYPTED_LENGTH+extra) + { + al=SSL_AD_RECORD_OVERFLOW; + SSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_ENCRYPTED_LENGTH_TOO_LONG); + goto f_err; + } + + /* decrypt in place in 'rr->input' */ + rr->data=rr->input; + memcpy(tmp_buf,rr->input,(rr->length > 512)?512:rr->length); + + if (!s->method->ssl3_enc->enc(s,0)) + { + al=SSL_AD_DECRYPT_ERROR; + goto f_err; + } +#ifdef TLS_DEBUG +printf("dec %d\n",rr->length); +{ int z; for (z=0; zlength; z++) printf("%02X%c",rr->data[z],((z+1)%16)?' ':'\n'); } +printf("\n"); +#endif + /* r->length is now the compressed data plus mac */ + if ( (sess == NULL) || + (s->enc_read_ctx == NULL) || + (s->read_hash == NULL)) + clear=1; + + if (!clear) + { + mac_size=EVP_MD_size(s->read_hash); + + if (rr->length > SSL3_RT_MAX_COMPRESSED_LENGTH+extra+mac_size) + { + al=SSL_AD_RECORD_OVERFLOW; + SSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_PRE_MAC_LENGTH_TOO_LONG); + goto f_err; + } + /* check MAC for rr->input' */ + if (rr->length < mac_size) + { + al=SSL_AD_DECODE_ERROR; + SSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_LENGTH_TOO_SHORT); + goto f_err; + } + rr->length-=mac_size; + i=s->method->ssl3_enc->mac(s,md,0); + if (memcmp(md,&(rr->data[rr->length]),mac_size) != 0) + { + al=SSL_AD_BAD_RECORD_MAC; + SSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_BAD_MAC_DECODE); + ret= -1; + goto f_err; + } + } + + /* r->length is now just compressed */ + if ((sess != NULL) && (sess->read_compression != NULL)) + { + if (rr->length > + (unsigned int)SSL3_RT_MAX_COMPRESSED_LENGTH+extra) + { + al=SSL_AD_RECORD_OVERFLOW; + SSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_COMPRESSED_LENGTH_TOO_LONG); + goto f_err; + } + if (!do_uncompress(s)) + { + al=SSL_AD_DECOMPRESSION_FAILURE; + SSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_BAD_DECOMPRESSION); + goto f_err; + } + } + + if (rr->length > (unsigned int)SSL3_RT_MAX_PLAIN_LENGTH+extra) + { + al=SSL_AD_RECORD_OVERFLOW; + SSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_DATA_LENGTH_TOO_LONG); + goto f_err; + } + + rr->off=0; + /* So at this point the following is true + * ssl->s3->rrec.type is the type of record + * ssl->s3->rrec.length == number of bytes in record + * ssl->s3->rrec.off == offset to first valid byte + * ssl->s3->rrec.data == where to take bytes from, increment + * after use :-). + */ + + /* we have pulled in a full packet so zero things */ + s->packet_length=0; + + /* just read a 0 length packet */ + if (rr->length == 0) goto again; + + return(1); +f_err: + ssl3_send_alert(s,SSL3_AL_FATAL,al); +err: + return(ret); + } + +static int do_uncompress(ssl) +SSL *ssl; + { + return(1); + } + +static int do_compress(ssl) +SSL *ssl; + { + return(1); + } + +/* Call this to write data + * It will return <= 0 if not all data has been sent or non-blocking IO. + */ +int ssl3_write_bytes(s,type,buf,len) +SSL *s; +int type; +char *buf; +int len; + { + unsigned int tot,n,nw; + int i; + + s->rwstate=SSL_NOTHING; + tot=s->s3->wnum; + s->s3->wnum=0; + + if (SSL_in_init(s) && !s->in_handshake) + { + i=s->handshake_func(s); + if (i < 0) return(i); + if (i == 0) + { + SSLerr(SSL_F_SSL3_WRITE_BYTES,SSL_R_SSL_HANDSHAKE_FAILURE); + return(-1); + } + } + + n=(len-tot); + for (;;) + { + if (n > SSL3_RT_MAX_PLAIN_LENGTH) + nw=SSL3_RT_MAX_PLAIN_LENGTH; + else + nw=n; + + i=do_ssl3_write(s,type,&(buf[tot]),nw); + if (i <= 0) + { + s->s3->wnum=tot; + return(i); + } + + if (type == SSL3_RT_HANDSHAKE) + ssl3_finish_mac(s,(unsigned char *)&(buf[tot]),i); + + if (i == (int)n) return(tot+i); + + n-=i; + tot+=i; + } + } + +static int do_ssl3_write(s,type,buf,len) +SSL *s; +int type; +char *buf; +unsigned int len; + { + unsigned char *p,*plen; + int i,mac_size,clear=0; + SSL3_RECORD *wr; + SSL3_BUFFER *wb; + SSL_SESSION *sess; + + /* first check is there is a SSL3_RECORD still being written + * out. This will happen with non blocking IO */ + if (s->s3->wbuf.left != 0) + return(ssl3_write_pending(s,type,buf,len)); + + /* If we have an alert to send, lets send it */ + if (s->s3->alert_dispatch) + { + i=ssl3_dispatch_alert(s); + if (i <= 0) + return(i); + /* if it went, fall through and send more stuff */ + } + + if (len <= 0) return(len); + + wr= &(s->s3->wrec); + wb= &(s->s3->wbuf); + sess=s->session; + + if ( (sess == NULL) || + (s->enc_write_ctx == NULL) || + (s->write_hash == NULL)) + clear=1; + + if (clear) + mac_size=0; + else + mac_size=EVP_MD_size(s->write_hash); + + p=wb->buf; + + /* write the header */ + *(p++)=type&0xff; + wr->type=type; + + *(p++)=(s->version>>8); + *(p++)=s->version&0xff; + + /* record where we are to write out packet length */ + plen=p; + p+=2; + + /* lets setup the record stuff. */ + wr->data=p; + wr->length=(int)len; + wr->input=(unsigned char *)buf; + + /* we now 'read' from wr->input, wr->length bytes into + * wr->data */ + + /* first we compress */ + if ((sess != NULL) && (sess->write_compression != NULL)) + { + if (!do_compress(s)) + { + SSLerr(SSL_F_DO_SSL3_WRITE,SSL_R_COMPRESSION_FAILURE); + goto err; + } + } + else + { + memcpy(wr->data,wr->input,wr->length); + wr->input=wr->data; + } + + /* we should still have the output to wr->data and the input + * from wr->input. Length should be wr->length. + * wr->data still points in the wb->buf */ + + if (mac_size != 0) + { + s->method->ssl3_enc->mac(s,&(p[wr->length]),1); + wr->length+=mac_size; + wr->input=p; + wr->data=p; + } + + /* ssl3_enc can only have an error on read */ + s->method->ssl3_enc->enc(s,1); + + /* record length after mac and block padding */ + s2n(wr->length,plen); + + /* we should now have + * wr->data pointing to the encrypted data, which is + * wr->length long */ + wr->type=type; /* not needed but helps for debugging */ + wr->length+=SSL3_RT_HEADER_LENGTH; + + /* Now lets setup wb */ + wb->left=wr->length; + wb->offset=0; + + s->s3->wpend_tot=len; + s->s3->wpend_buf=buf; + s->s3->wpend_type=type; + s->s3->wpend_ret=len; + + /* we now just need to write the buffer */ + return(ssl3_write_pending(s,type,buf,len)); +err: + return(-1); + } + +/* if s->s3->wbuf.left != 0, we need to call this */ +static int ssl3_write_pending(s,type,buf,len) +SSL *s; +int type; +char *buf; +unsigned int len; + { + int i; + +/* XXXX */ + if ((s->s3->wpend_tot > (int)len) || (s->s3->wpend_buf != buf) + || (s->s3->wpend_type != type)) + { + SSLerr(SSL_F_SSL3_WRITE_PENDING,SSL_R_BAD_WRITE_RETRY); + return(-1); + } + + for (;;) + { + clear_sys_error(); + if (s->wbio != NULL) + { + s->rwstate=SSL_WRITING; + i=BIO_write(s->wbio, + (char *)&(s->s3->wbuf.buf[s->s3->wbuf.offset]), + (unsigned int)s->s3->wbuf.left); + } + else + { + SSLerr(SSL_F_SSL3_WRITE_PENDING,SSL_R_BIO_NOT_SET); + i= -1; + } + if (i == s->s3->wbuf.left) + { + s->s3->wbuf.left=0; + s->rwstate=SSL_NOTHING; + return(s->s3->wpend_ret); + } + else if (i <= 0) + return(i); + s->s3->wbuf.offset+=i; + s->s3->wbuf.left-=i; + } + } + +int ssl3_read_bytes(s,type,buf,len) +SSL *s; +int type; +char *buf; +int len; + { + int al,i,j,n,ret; + SSL3_RECORD *rr; + void (*cb)()=NULL; + BIO *bio; + + if (s->s3->rbuf.buf == NULL) /* Not initalised yet */ + if (!ssl3_setup_buffers(s)) + return(-1); + + if (!s->in_handshake && SSL_in_init(s)) + { + i=s->handshake_func(s); + if (i < 0) return(i); + if (i == 0) + { + SSLerr(SSL_F_SSL3_READ_BYTES,SSL_R_SSL_HANDSHAKE_FAILURE); + return(-1); + } + } +start: + s->rwstate=SSL_NOTHING; + + /* s->s3->rrec.type - is the type of record + * s->s3->rrec.data, - data + * s->s3->rrec.off, - ofset into 'data' for next read + * s->s3->rrec.length, - number of bytes. */ + rr= &(s->s3->rrec); + + /* get new packet */ + if ((rr->length == 0) || (s->rstate == SSL_ST_READ_BODY)) + { + ret=ssl3_get_record(s); + if (ret <= 0) return(ret); + } + + /* we now have a packet which can be read and processed */ + + if (s->s3->change_cipher_spec && (rr->type != SSL3_RT_HANDSHAKE)) + { + al=SSL_AD_UNEXPECTED_MESSAGE; + SSLerr(SSL_F_SSL3_READ_BYTES,SSL_R_DATA_BETWEEN_CCS_AND_FINISHED); + goto err; + } + + /* If the other end has shutdown, throw anything we read away */ + if (s->shutdown & SSL_RECEIVED_SHUTDOWN) + { + rr->length=0; + s->rwstate=SSL_NOTHING; + return(0); + } + + /* Check for an incoming 'Client Request' message */ + if ((rr->type == SSL3_RT_HANDSHAKE) && (rr->length == 4) && + (rr->data[0] == SSL3_MT_CLIENT_REQUEST) && + (s->session != NULL) && (s->session->cipher != NULL)) + { + if ((rr->data[1] != 0) || (rr->data[2] != 0) || + (rr->data[3] != 0)) + { + al=SSL_AD_DECODE_ERROR; + SSLerr(SSL_F_SSL3_READ_BYTES,SSL_R_BAD_CLIENT_REQUEST); + goto err; + } + + if (SSL_is_init_finished(s) && + !(s->s3->flags & SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS) && + !s->s3->renegotiate) + { + ssl3_renegotiate(s); + if (ssl3_renegotiate_check(s)) + { + n=s->handshake_func(s); + if (n < 0) return(n); + if (n == 0) + { + SSLerr(SSL_F_SSL3_READ_BYTES,SSL_R_SSL_HANDSHAKE_FAILURE); + return(-1); + } + } + } + rr->length=0; +/* ZZZ */ goto start; + } + + /* if it is not the type we want, or we have shutdown and want + * the peer shutdown */ + if ((rr->type != type) || (s->shutdown & SSL_SENT_SHUTDOWN)) + { + if (rr->type == SSL3_RT_ALERT) + { + if ((rr->length != 2) || (rr->off != 0)) + { + al=SSL_AD_DECODE_ERROR; + SSLerr(SSL_F_SSL3_READ_BYTES,SSL_R_BAD_ALERT_RECORD); + goto f_err; + } + + i=rr->data[0]; + n=rr->data[1]; + + /* clear from buffer */ + rr->length=0; + + if (s->info_callback != NULL) + cb=s->info_callback; + else if (s->ctx->info_callback != NULL) + cb=s->ctx->info_callback; + + if (cb != NULL) + { + j=(i<<8)|n; + cb(s,SSL_CB_READ_ALERT,j); + } + + if (i == 1) + { + s->s3->warn_alert=n; + if (n == SSL_AD_CLOSE_NOTIFY) + { + s->shutdown|=SSL_RECEIVED_SHUTDOWN; + return(0); + } + } + else if (i == 2) + { + char tmp[16]; + + s->rwstate=SSL_NOTHING; + s->s3->fatal_alert=n; + SSLerr(SSL_F_SSL3_READ_BYTES,1000+n); + sprintf(tmp,"%d",n); + ERR_add_error_data(2,"SSL alert number ",tmp); + s->shutdown|=SSL_RECEIVED_SHUTDOWN; + SSL_CTX_remove_session(s->ctx,s->session); + return(0); + } + else + { + al=SSL_AD_ILLEGAL_PARAMETER; + SSLerr(SSL_F_SSL3_READ_BYTES,SSL_R_UNKNOWN_ALERT_TYPE); + goto f_err; + } + + rr->length=0; + goto start; + } + + if (s->shutdown & SSL_SENT_SHUTDOWN) + { + s->rwstate=SSL_NOTHING; + rr->length=0; + return(0); + } + + if (rr->type == SSL3_RT_CHANGE_CIPHER_SPEC) + { + if ( (rr->length != 1) || (rr->off != 0) || + (rr->data[0] != SSL3_MT_CCS)) + { + i=SSL_AD_ILLEGAL_PARAMETER; + SSLerr(SSL_F_SSL3_READ_BYTES,SSL_R_BAD_CHANGE_CIPHER_SPEC); + goto err; + } + + rr->length=0; + s->s3->change_cipher_spec=1; + if (!do_change_cipher_spec(s)) + goto err; + else + goto start; + } + + /* else we have a handshake */ + if ((rr->type == SSL3_RT_HANDSHAKE) && + !s->in_handshake) + { + if (((s->state&SSL_ST_MASK) == SSL_ST_OK) && + !(s->s3->flags & SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS)) + { + s->state=SSL_ST_BEFORE; + s->new_session=1; + } + n=s->handshake_func(s); + if (n < 0) return(n); + if (n == 0) + { + SSLerr(SSL_F_SSL3_READ_BYTES,SSL_R_SSL_HANDSHAKE_FAILURE); + return(-1); + } + + /* In the case where we try to read application data + * the first time, but we trigger an SSL handshake, we + * return -1 with the retry option set. I do this + * otherwise renegotiation can cause nasty problems + * in the non-blocking world */ + + s->rwstate=SSL_READING; + bio=SSL_get_rbio(s); + BIO_clear_retry_flags(bio); + BIO_set_retry_read(bio); + return(-1); + } + + switch (rr->type) + { + default: +#ifndef NO_TLS + /* TLS just ignores unknown message types */ + if (s->version == TLS1_VERSION) + { + goto start; + } +#endif + case SSL3_RT_CHANGE_CIPHER_SPEC: + case SSL3_RT_ALERT: + case SSL3_RT_HANDSHAKE: + al=SSL_AD_UNEXPECTED_MESSAGE; + SSLerr(SSL_F_SSL3_READ_BYTES,SSL_R_UNEXPECTED_RECORD); + goto f_err; + case SSL3_RT_APPLICATION_DATA: + /* At this point, we were expecting something else, + * but have application data. What we do is set the + * error, and return -1. On the way out, if the + * library was running inside ssl3_read() and it makes + * sense to read application data at this point, we + * will indulge it. This will mostly happen during + * session renegotiation. + */ + if (s->s3->in_read_app_data && + (s->s3->total_renegotiations != 0) && + (( + (s->state & SSL_ST_CONNECT) && + (s->state >= SSL3_ST_CW_CLNT_HELLO_A) && + (s->state <= SSL3_ST_CR_SRVR_HELLO_A) + ) || ( + (s->state & SSL_ST_ACCEPT) && + (s->state <= SSL3_ST_SW_HELLO_REQ_A) && + (s->state >= SSL3_ST_SR_CLNT_HELLO_A) + ) + )) + { + s->s3->in_read_app_data=0; + return(-1); + } + else + { + al=SSL_AD_UNEXPECTED_MESSAGE; + SSLerr(SSL_F_SSL3_READ_BYTES,SSL_R_UNEXPECTED_RECORD); + goto f_err; + } + } + } + + /* make sure that we are not getting application data when we + * are doing a handshake for the first time */ + if (SSL_in_init(s) && (type == SSL3_RT_APPLICATION_DATA) && + (s->enc_read_ctx == NULL)) + { + al=SSL_AD_UNEXPECTED_MESSAGE; + SSLerr(SSL_F_SSL3_READ_BYTES,SSL_R_APP_DATA_IN_HANDSHAKE); + goto f_err; + } + + if (len <= 0) return(len); + + if ((unsigned int)len > rr->length) + n=rr->length; + else + n=len; + + memcpy(buf,&(rr->data[rr->off]),(unsigned int)n); + rr->length-=n; + rr->off+=n; + if (rr->length <= 0) + { + s->rstate=SSL_ST_READ_HEADER; + rr->off=0; + } + + if (type == SSL3_RT_HANDSHAKE) + ssl3_finish_mac(s,(unsigned char *)buf,n); + return(n); +f_err: + ssl3_send_alert(s,SSL3_AL_FATAL,al); +err: + return(-1); + } + +static int do_change_cipher_spec(s) +SSL *s; + { + int i; + unsigned char *sender; + int slen; + + if (s->state & SSL_ST_ACCEPT) + i=SSL3_CHANGE_CIPHER_SERVER_READ; + else + i=SSL3_CHANGE_CIPHER_CLIENT_READ; + + if (s->s3->tmp.key_block == NULL) + { + s->session->cipher=s->s3->tmp.new_cipher; + if (!s->method->ssl3_enc->setup_key_block(s)) return(0); + } + + if (!s->method->ssl3_enc->change_cipher_state(s,i)) + return(0); + + /* we have to record the message digest at + * this point so we can get it before we read + * the finished message */ + if (s->state & SSL_ST_CONNECT) + { + sender=s->method->ssl3_enc->server_finished; + slen=s->method->ssl3_enc->server_finished_len; + } + else + { + sender=s->method->ssl3_enc->client_finished; + slen=s->method->ssl3_enc->client_finished_len; + } + + s->method->ssl3_enc->final_finish_mac(s, + &(s->s3->finish_dgst1), + &(s->s3->finish_dgst2), + sender,slen,&(s->s3->tmp.finish_md[0])); + + return(1); + } + +int ssl3_do_write(s,type) +SSL *s; +int type; + { + int ret; + + ret=ssl3_write_bytes(s,type,(char *) + &(s->init_buf->data[s->init_off]),s->init_num); + if (ret == s->init_num) + return(1); + if (ret < 0) return(-1); + s->init_off+=ret; + s->init_num-=ret; + return(0); + } + +void ssl3_send_alert(s,level,desc) +SSL *s; +int level; +int desc; + { + /* Map tls/ssl alert value to correct one */ + desc=s->method->ssl3_enc->alert_value(desc); + if (desc < 0) return; + /* If a fatal one, remove from cache */ + if ((level == 2) && (s->session != NULL)) + SSL_CTX_remove_session(s->ctx,s->session); + + s->s3->alert_dispatch=1; + s->s3->send_alert[0]=level; + s->s3->send_alert[1]=desc; + if (s->s3->wbuf.left == 0) /* data still being written out */ + ssl3_dispatch_alert(s); + /* else data is still being written out, we will get written + * some time in the future */ + } + +int ssl3_dispatch_alert(s) +SSL *s; + { + int i,j; + void (*cb)()=NULL; + + s->s3->alert_dispatch=0; + i=do_ssl3_write(s,SSL3_RT_ALERT,&(s->s3->send_alert[0]),2); + if (i <= 0) + { + s->s3->alert_dispatch=1; + } + else + { + /* If it is important, send it now. If the message + * does not get sent due to non-blocking IO, we will + * not worry too much. */ + if (s->s3->send_alert[0] == SSL3_AL_FATAL) + BIO_flush(s->wbio); + + if (s->info_callback != NULL) + cb=s->info_callback; + else if (s->ctx->info_callback != NULL) + cb=s->ctx->info_callback; + + if (cb != NULL) + { + j=(s->s3->send_alert[0]<<8)|s->s3->send_alert[1]; + cb(s,SSL_CB_WRITE_ALERT,j); + } + } + return(i); + } + diff --git a/src/lib/libssl/s3_srvr.c b/src/lib/libssl/s3_srvr.c new file mode 100644 index 0000000000..64903af151 --- /dev/null +++ b/src/lib/libssl/s3_srvr.c @@ -0,0 +1,1675 @@ +/* ssl/s3_srvr.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#define REUSE_CIPHER_BUG + +#include +#include "buffer.h" +#include "rand.h" +#include "objects.h" +#include "evp.h" +#include "x509.h" +#include "ssl_locl.h" + +#define BREAK break +/* SSLerr(SSL_F_SSL3_ACCEPT,ERR_R_MALLOC_FAILURE); + * SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO,ERR_R_MALLOC_FAILURE); + * SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,ERR_R_MALLOC_FAILURE); + * SSLerr(SSL_F_SSL3_GET_CERT_VERIFY,ERR_R_MALLOC_FAILURE); + * SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE,ERR_R_MALLOC_FAILURE); + */ + +#ifndef NOPROTO +static int ssl3_get_client_hello(SSL *s); +static int ssl3_send_server_hello(SSL *s); +static int ssl3_send_server_key_exchange(SSL *s); +static int ssl3_send_certificate_request(SSL *s); +static int ssl3_send_server_done(SSL *s); +static int ssl3_get_cert_verify(SSL *s); +static int ssl3_get_client_key_exchange(SSL *s); +static int ssl3_get_client_certificate(SSL *s); +static int ssl3_send_hello_request(SSL *s); + +#else + +static int ssl3_get_client_hello(); +static int ssl3_send_server_hello(); +static int ssl3_send_server_key_exchange(); +static int ssl3_send_certificate_request(); +static int ssl3_send_server_done(); +static int ssl3_get_cert_verify(); +static int ssl3_get_client_key_exchange(); +static int ssl3_get_client_certificate(); +static int ssl3_send_hello_request(); + +#endif + +static SSL_METHOD *ssl3_get_server_method(ver) +int ver; + { + if (ver == SSL3_VERSION) + return(SSLv3_server_method()); + else + return(NULL); + } + +SSL_METHOD *SSLv3_server_method() + { + static int init=1; + static SSL_METHOD SSLv3_server_data; + + if (init) + { + init=0; + memcpy((char *)&SSLv3_server_data,(char *)sslv3_base_method(), + sizeof(SSL_METHOD)); + SSLv3_server_data.ssl_accept=ssl3_accept; + SSLv3_server_data.get_ssl_method=ssl3_get_server_method; + } + return(&SSLv3_server_data); + } + +int ssl3_accept(s) +SSL *s; + { + BUF_MEM *buf; + unsigned long l,Time=time(NULL); + void (*cb)()=NULL; + long num1; + int ret= -1; + CERT *ct; + BIO *under; + int new_state,state,skip=0; + + RAND_seed((unsigned char *)&Time,sizeof(Time)); + ERR_clear_error(); + clear_sys_error(); + + if (s->info_callback != NULL) + cb=s->info_callback; + else if (s->ctx->info_callback != NULL) + cb=s->ctx->info_callback; + + /* init things to blank */ + if (!SSL_in_init(s) || SSL_in_before(s)) SSL_clear(s); + s->in_handshake++; + +#ifdef undef + /* FIX THIS EAY EAY EAY */ + /* we don't actually need a cert, we just need a cert or a DH_tmp */ + if (((s->session == NULL) || (s->session->cert == NULL)) && + (s->cert == NULL)) + { + SSLerr(SSL_F_SSL3_ACCEPT,SSL_R_NO_CERTIFICATE_SET); + ret= -1; + goto end; + } +#endif + + for (;;) + { + state=s->state; + + switch (s->state) + { + case SSL_ST_RENEGOTIATE: + s->new_session=1; + /* s->state=SSL_ST_ACCEPT; */ + + case SSL_ST_BEFORE: + case SSL_ST_ACCEPT: + case SSL_ST_BEFORE|SSL_ST_ACCEPT: + case SSL_ST_OK|SSL_ST_ACCEPT: + + if (cb != NULL) cb(s,SSL_CB_HANDSHAKE_START,1); + + if ((s->version>>8) != 3) + abort(); + /* s->version=SSL3_VERSION; */ + s->type=SSL_ST_ACCEPT; + + if (s->init_buf == NULL) + { + if ((buf=BUF_MEM_new()) == NULL) + { + ret= -1; + goto end; + } + if (!BUF_MEM_grow(buf,SSL3_RT_MAX_PLAIN_LENGTH)) + { + ret= -1; + goto end; + } + s->init_buf=buf; + } + + if (!ssl3_setup_buffers(s)) + { + ret= -1; + goto end; + } + + /* Ok, we now need to push on a buffering BIO so that + * the output is sent in a way that TCP likes :-) + */ + if (!ssl_init_wbio_buffer(s,1)) { ret= -1; goto end; } + + s->init_num=0; + + if (s->state != SSL_ST_RENEGOTIATE) + { + s->state=SSL3_ST_SR_CLNT_HELLO_A; + ssl3_init_finished_mac(s); + s->ctx->sess_accept++; + } + else + { + s->ctx->sess_accept_renegotiate++; + s->state=SSL3_ST_SW_HELLO_REQ_A; + } + break; + + case SSL3_ST_SW_HELLO_REQ_A: + case SSL3_ST_SW_HELLO_REQ_B: + + s->shutdown=0; + ret=ssl3_send_hello_request(s); + if (ret <= 0) goto end; + s->s3->tmp.next_state=SSL3_ST_SW_HELLO_REQ_C; + s->state=SSL3_ST_SW_FLUSH; + s->init_num=0; + + ssl3_init_finished_mac(s); + break; + + case SSL3_ST_SW_HELLO_REQ_C: + /* remove buffering on output */ + under=BIO_pop(s->wbio); + if (under != NULL) + s->wbio=under; + else + abort(); /* ok */ + BIO_free(s->bbio); + s->bbio=NULL; + + s->state=SSL_ST_OK; + ret=1; + goto end; + /* break; */ + + case SSL3_ST_SR_CLNT_HELLO_A: + case SSL3_ST_SR_CLNT_HELLO_B: + case SSL3_ST_SR_CLNT_HELLO_C: + + s->shutdown=0; + ret=ssl3_get_client_hello(s); + if (ret <= 0) goto end; + s->state=SSL3_ST_SW_SRVR_HELLO_A; + s->init_num=0; + break; + + case SSL3_ST_SW_SRVR_HELLO_A: + case SSL3_ST_SW_SRVR_HELLO_B: + ret=ssl3_send_server_hello(s); + if (ret <= 0) goto end; + + if (s->hit) + s->state=SSL3_ST_SW_CHANGE_A; + else + s->state=SSL3_ST_SW_CERT_A; + s->init_num=0; + break; + + case SSL3_ST_SW_CERT_A: + case SSL3_ST_SW_CERT_B: + /* Check if it is anon DH */ + if (!(s->s3->tmp.new_cipher->algorithms & SSL_aNULL)) + { + ret=ssl3_send_server_certificate(s); + if (ret <= 0) goto end; + } + else + skip=1; + s->state=SSL3_ST_SW_KEY_EXCH_A; + s->init_num=0; + break; + + case SSL3_ST_SW_KEY_EXCH_A: + case SSL3_ST_SW_KEY_EXCH_B: + l=s->s3->tmp.new_cipher->algorithms; + if (s->session->cert == NULL) + { + if (s->cert != NULL) + { + CRYPTO_add(&s->cert->references,1,CRYPTO_LOCK_SSL_CERT); + s->session->cert=s->cert; + } + else + { + CRYPTO_add(&s->ctx->default_cert->references,1,CRYPTO_LOCK_SSL_CERT); + s->session->cert=s->ctx->default_cert; + } + } + ct=s->session->cert; + + /* clear this, it may get reset by + * send_server_key_exchange */ + if (s->options & SSL_OP_EPHEMERAL_RSA) + s->s3->tmp.use_rsa_tmp=1; + else + s->s3->tmp.use_rsa_tmp=0; + + /* only send if a DH key exchange, fortezza or + * RSA but we have a sign only certificate */ + if ( s->s3->tmp.use_rsa_tmp || + (l & (SSL_DH|SSL_kFZA)) || + ((l & SSL_kRSA) && + ((ct->pkeys[SSL_PKEY_RSA_ENC].privatekey == NULL)|| + ((l & SSL_EXPORT) && + (EVP_PKEY_size(ct->pkeys[SSL_PKEY_RSA_ENC].privatekey)*8 > 512) + ) + ) + ) + ) + { + ret=ssl3_send_server_key_exchange(s); + if (ret <= 0) goto end; + } + else + skip=1; + + s->state=SSL3_ST_SW_CERT_REQ_A; + s->init_num=0; + break; + + case SSL3_ST_SW_CERT_REQ_A: + case SSL3_ST_SW_CERT_REQ_B: + if (!(s->verify_mode & SSL_VERIFY_PEER) || + ((s->session->peer != NULL) && + (s->verify_mode & SSL_VERIFY_CLIENT_ONCE))) + { + /* no cert request */ + skip=1; + s->s3->tmp.cert_request=0; + s->state=SSL3_ST_SW_SRVR_DONE_A; + } + else + { + s->s3->tmp.cert_request=1; + ret=ssl3_send_certificate_request(s); + if (ret <= 0) goto end; + s->state=SSL3_ST_SW_SRVR_DONE_A; + s->init_num=0; + } + break; + + case SSL3_ST_SW_SRVR_DONE_A: + case SSL3_ST_SW_SRVR_DONE_B: + ret=ssl3_send_server_done(s); + if (ret <= 0) goto end; + s->s3->tmp.next_state=SSL3_ST_SR_CERT_A; + s->state=SSL3_ST_SW_FLUSH; + s->init_num=0; + break; + + case SSL3_ST_SW_FLUSH: + /* number of bytes to be flushed */ + num1=BIO_ctrl(s->wbio,BIO_CTRL_INFO,0,NULL); + if (num1 > 0) + { + s->rwstate=SSL_WRITING; + num1=BIO_flush(s->wbio); + if (num1 <= 0) { ret= -1; goto end; } + s->rwstate=SSL_NOTHING; + } + + s->state=s->s3->tmp.next_state; + break; + + case SSL3_ST_SR_CERT_A: + case SSL3_ST_SR_CERT_B: + /* could be sent for a DH cert, even if we + * have not asked for it :-) */ + ret=ssl3_get_client_certificate(s); + if (ret <= 0) goto end; + s->init_num=0; + s->state=SSL3_ST_SR_KEY_EXCH_A; + break; + + case SSL3_ST_SR_KEY_EXCH_A: + case SSL3_ST_SR_KEY_EXCH_B: + ret=ssl3_get_client_key_exchange(s); + if (ret <= 0) goto end; + s->state=SSL3_ST_SR_CERT_VRFY_A; + s->init_num=0; + + /* We need to get hashes here so if there is + * a client cert, it can be verified */ + s->method->ssl3_enc->cert_verify_mac(s, + &(s->s3->finish_dgst1), + &(s->s3->tmp.finish_md[0])); + s->method->ssl3_enc->cert_verify_mac(s, + &(s->s3->finish_dgst2), + &(s->s3->tmp.finish_md[MD5_DIGEST_LENGTH])); + + break; + + case SSL3_ST_SR_CERT_VRFY_A: + case SSL3_ST_SR_CERT_VRFY_B: + + /* we should decide if we expected this one */ + ret=ssl3_get_cert_verify(s); + if (ret <= 0) goto end; + + s->state=SSL3_ST_SR_FINISHED_A; + s->init_num=0; + break; + + case SSL3_ST_SR_FINISHED_A: + case SSL3_ST_SR_FINISHED_B: + ret=ssl3_get_finished(s,SSL3_ST_SR_FINISHED_A, + SSL3_ST_SR_FINISHED_B); + if (ret <= 0) goto end; + if (s->hit) + s->state=SSL_ST_OK; + else + s->state=SSL3_ST_SW_CHANGE_A; + s->init_num=0; + break; + + case SSL3_ST_SW_CHANGE_A: + case SSL3_ST_SW_CHANGE_B: + + s->session->cipher=s->s3->tmp.new_cipher; + if (!s->method->ssl3_enc->setup_key_block(s)) + { ret= -1; goto end; } + + ret=ssl3_send_change_cipher_spec(s, + SSL3_ST_SW_CHANGE_A,SSL3_ST_SW_CHANGE_B); + + if (ret <= 0) goto end; + s->state=SSL3_ST_SW_FINISHED_A; + s->init_num=0; + + if (!s->method->ssl3_enc->change_cipher_state(s, + SSL3_CHANGE_CIPHER_SERVER_WRITE)) + { + ret= -1; + goto end; + } + + break; + + case SSL3_ST_SW_FINISHED_A: + case SSL3_ST_SW_FINISHED_B: + ret=ssl3_send_finished(s, + SSL3_ST_SW_FINISHED_A,SSL3_ST_SW_FINISHED_B, + s->method->ssl3_enc->server_finished, + s->method->ssl3_enc->server_finished_len); + if (ret <= 0) goto end; + s->state=SSL3_ST_SW_FLUSH; + if (s->hit) + s->s3->tmp.next_state=SSL3_ST_SR_FINISHED_A; + else + s->s3->tmp.next_state=SSL_ST_OK; + s->init_num=0; + break; + + case SSL_ST_OK: + /* clean a few things up */ + ssl3_cleanup_key_block(s); + + BUF_MEM_free(s->init_buf); + s->init_buf=NULL; + + /* remove buffering on output */ + under=BIO_pop(s->wbio); + if (under != NULL) + s->wbio=under; + else + abort(); /* ok */ + BIO_free(s->bbio); + s->bbio=NULL; + + s->new_session=0; + s->init_num=0; + + ssl_update_cache(s,SSL_SESS_CACHE_SERVER); + + s->ctx->sess_accept_good++; + /* s->server=1; */ + s->handshake_func=ssl3_accept; + ret=1; + + if (cb != NULL) cb(s,SSL_CB_HANDSHAKE_DONE,1); + + goto end; + /* break; */ + + default: + SSLerr(SSL_F_SSL3_ACCEPT,SSL_R_UNKNOWN_STATE); + ret= -1; + goto end; + /* break; */ + } + + if (!s->s3->tmp.reuse_message && !skip) + { + if (s->debug) + { + if ((ret=BIO_flush(s->wbio)) <= 0) + goto end; + } + + + if ((cb != NULL) && (s->state != state)) + { + new_state=s->state; + s->state=state; + cb(s,SSL_CB_ACCEPT_LOOP,1); + s->state=new_state; + } + } + skip=0; + } +end: + /* BIO_flush(s->wbio); */ + + if (cb != NULL) + cb(s,SSL_CB_ACCEPT_EXIT,ret); + s->in_handshake--; + return(ret); + } + +static int ssl3_send_hello_request(s) +SSL *s; + { + unsigned char *p; + + if (s->state == SSL3_ST_SW_HELLO_REQ_A) + { + p=(unsigned char *)s->init_buf->data; + *(p++)=SSL3_MT_CLIENT_REQUEST; + *(p++)=0; + *(p++)=0; + *(p++)=0; + + s->state=SSL3_ST_SW_HELLO_REQ_B; + /* number of bytes to write */ + s->init_num=4; + s->init_off=0; + } + + /* SSL3_ST_SW_HELLO_REQ_B */ + return(ssl3_do_write(s,SSL3_RT_HANDSHAKE)); + } + +static int ssl3_get_client_hello(s) +SSL *s; + { + int i,j,ok,al,ret= -1; + long n; + unsigned long id; + unsigned char *p,*d; + SSL_CIPHER *c; + STACK *ciphers=NULL; + + /* We do this so that we will respond with our native type. + * If we are TLSv1 and we get SSLv3, we will respond with TLSv1, + * This down switching should be handled by a different method. + * If we are SSLv3, we will respond with SSLv3, even if prompted with + * TLSv1. + */ + if (s->state == SSL3_ST_SR_CLNT_HELLO_A) + { + s->first_packet=1; + s->state=SSL3_ST_SR_CLNT_HELLO_B; + } + n=ssl3_get_message(s, + SSL3_ST_SR_CLNT_HELLO_B, + SSL3_ST_SR_CLNT_HELLO_C, + SSL3_MT_CLIENT_HELLO, + SSL3_RT_MAX_PLAIN_LENGTH, + &ok); + + if (!ok) return((int)n); + d=p=(unsigned char *)s->init_buf->data; + + /* The version number has already been checked in ssl3_get_message. + * I a native TLSv1/SSLv3 method, the match must be correct except + * perhaps for the first message */ + p+=2; + + /* load the client random */ + memcpy(s->s3->client_random,p,SSL3_RANDOM_SIZE); + p+=SSL3_RANDOM_SIZE; + + /* get the session-id */ + j= *(p++); + + s->hit=0; + if (j == 0) + { + if (!ssl_get_new_session(s,1)) + goto err; + } + else + { + i=ssl_get_prev_session(s,p,j); + if (i == 1) + { /* previous session */ + s->hit=1; + } + else + { + if (!ssl_get_new_session(s,1)) + goto err; + } + } + + p+=j; + n2s(p,i); + if ((i == 0) && (j != 0)) + { + /* we need a cipher if we are not resuming a session */ + al=SSL_AD_ILLEGAL_PARAMETER; + SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO,SSL_R_NO_CIPHERS_SPECIFIED); + goto f_err; + } + if ((i+p) > (d+n)) + { + /* not enough data */ + al=SSL_AD_DECODE_ERROR; + SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO,SSL_R_LENGTH_MISMATCH); + goto f_err; + } + if ((i > 0) && (ssl_bytes_to_cipher_list(s,p,i,&(ciphers)) + == NULL)) + { + goto err; + } + p+=i; + + /* If it is a hit, check that the cipher is in the list */ + if ((s->hit) && (i > 0)) + { + j=0; + id=s->session->cipher->id; + + for (i=0; iid == id) + { + j=1; + break; + } + } + if (j == 0) + { + if ((s->options & SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG) && (sk_num(ciphers) == 1)) + { + /* Very bad for multi-threading.... */ + s->session->cipher= + (SSL_CIPHER *)sk_value(ciphers,0); + } + else + { + /* we need to have the cipher in the cipher + * list if we are asked to reuse it */ + al=SSL_AD_ILLEGAL_PARAMETER; + SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO,SSL_R_REQUIRED_CIPHER_MISSING); + goto f_err; + } + } + } + + /* compression */ + i= *(p++); + for (j=0; j= i) + { + /* no compress */ + al=SSL_AD_DECODE_ERROR; + SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO,SSL_R_NO_COMPRESSION_SPECIFIED); + goto f_err; + } + + /* TLS does not mind if there is extra stuff */ + if (s->version == SSL3_VERSION) + { + if (p > (d+n)) + { + /* wrong number of bytes, + * there could be more to follow */ + al=SSL_AD_DECODE_ERROR; + SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO,SSL_R_LENGTH_MISMATCH); + goto f_err; + } + } + + /* do nothing with compression */ + + /* Given s->session->ciphers and ssl_get_ciphers_by_id(s), we must + * pick a cipher */ + + if (!s->hit) + { + if (s->session->ciphers != NULL) + sk_free(s->session->ciphers); + s->session->ciphers=ciphers; + if (ciphers == NULL) + { + al=SSL_AD_ILLEGAL_PARAMETER; + SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO,SSL_R_NO_CIPHERS_PASSED); + goto f_err; + } + ciphers=NULL; + c=ssl3_choose_cipher(s,s->session->ciphers, + ssl_get_ciphers_by_id(s)); + + if (c == NULL) + { + al=SSL_AD_HANDSHAKE_FAILURE; + SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO,SSL_R_NO_SHARED_CIPHER); + goto f_err; + } + s->s3->tmp.new_cipher=c; + } + else + { + /* Session-id reuse */ +#ifdef REUSE_CIPHER_BUG + STACK *sk; + SSL_CIPHER *nc=NULL; + SSL_CIPHER *ec=NULL; + + if (s->options & SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG) + { + sk=s->session->ciphers; + for (i=0; ialgorithms & SSL_eNULL) + nc=c; + if (c->algorithms & SSL_EXP) + ec=c; + } + if (nc != NULL) + s->s3->tmp.new_cipher=nc; + else if (ec != NULL) + s->s3->tmp.new_cipher=ec; + else + s->s3->tmp.new_cipher=s->session->cipher; + } + else +#endif + s->s3->tmp.new_cipher=s->session->cipher; + } + + /* we now have the following setup. + * client_random + * cipher_list - our prefered list of ciphers + * ciphers - the clients prefered list of ciphers + * compression - basically ignored right now + * ssl version is set - sslv3 + * s->session - The ssl session has been setup. + * s->hit - sesson reuse flag + * s->tmp.new_cipher - the new cipher to use. + */ + + ret=1; + if (0) + { +f_err: + ssl3_send_alert(s,SSL3_AL_FATAL,al); + } +err: + if (ciphers != NULL) sk_free(ciphers); + return(ret); + } + +static int ssl3_send_server_hello(s) +SSL *s; + { + unsigned char *buf; + unsigned char *p,*d; + int i,sl; + unsigned long l,Time; + + if (s->state == SSL3_ST_SW_SRVR_HELLO_A) + { + buf=(unsigned char *)s->init_buf->data; + p=s->s3->server_random; + Time=time(NULL); /* Time */ + l2n(Time,p); + RAND_bytes(p,SSL3_RANDOM_SIZE-sizeof(Time)); + /* Do the message type and length last */ + d=p= &(buf[4]); + + *(p++)=s->version>>8; + *(p++)=s->version&0xff; + + /* Random stuff */ + memcpy(p,s->s3->server_random,SSL3_RANDOM_SIZE); + p+=SSL3_RANDOM_SIZE; + + /* now in theory we have 3 options to sending back the + * session id. If it is a re-use, we send back the + * old session-id, if it is a new session, we send + * back the new session-id or we send back a 0 length + * session-id if we want it to be single use. + * Currently I will not implement the '0' length session-id + * 12-Jan-98 - I'll now support the '0' length stuff. + */ + if (!(s->ctx->session_cache_mode & SSL_SESS_CACHE_SERVER)) + s->session->session_id_length=0; + + sl=s->session->session_id_length; + *(p++)=sl; + memcpy(p,s->session->session_id,sl); + p+=sl; + + /* put the cipher */ + i=ssl3_put_cipher_by_char(s->s3->tmp.new_cipher,p); + p+=i; + + /* put the compression method */ + *(p++)=0; + + /* do the header */ + l=(p-d); + d=buf; + *(d++)=SSL3_MT_SERVER_HELLO; + l2n3(l,d); + + s->state=SSL3_ST_CW_CLNT_HELLO_B; + /* number of bytes to write */ + s->init_num=p-buf; + s->init_off=0; + } + + /* SSL3_ST_CW_CLNT_HELLO_B */ + return(ssl3_do_write(s,SSL3_RT_HANDSHAKE)); + } + +static int ssl3_send_server_done(s) +SSL *s; + { + unsigned char *p; + + if (s->state == SSL3_ST_SW_SRVR_DONE_A) + { + p=(unsigned char *)s->init_buf->data; + + /* do the header */ + *(p++)=SSL3_MT_SERVER_DONE; + *(p++)=0; + *(p++)=0; + *(p++)=0; + + s->state=SSL3_ST_SW_SRVR_DONE_B; + /* number of bytes to write */ + s->init_num=4; + s->init_off=0; + } + + /* SSL3_ST_CW_CLNT_HELLO_B */ + return(ssl3_do_write(s,SSL3_RT_HANDSHAKE)); + } + +static int ssl3_send_server_key_exchange(s) +SSL *s; + { +#ifndef NO_RSA + unsigned char *q; + int j,num; + RSA *rsa; + unsigned char md_buf[MD5_DIGEST_LENGTH+SHA_DIGEST_LENGTH]; +#endif +#ifndef NO_DH + DH *dh,*dhp; +#endif + EVP_PKEY *pkey; + unsigned char *p,*d; + int al,i; + unsigned long type; + int n; + CERT *cert; + BIGNUM *r[4]; + int nr[4],kn; + BUF_MEM *buf; + EVP_MD_CTX md_ctx; + + if (s->state == SSL3_ST_SW_KEY_EXCH_A) + { + type=s->s3->tmp.new_cipher->algorithms & SSL_MKEY_MASK; + cert=s->session->cert; + + buf=s->init_buf; + + r[0]=r[1]=r[2]=r[3]=NULL; + n=0; +#ifndef NO_RSA + if (type & SSL_kRSA) + { + rsa=cert->rsa_tmp; + if ((rsa == NULL) && (s->ctx->default_cert->rsa_tmp_cb != NULL)) + { + rsa=s->ctx->default_cert->rsa_tmp_cb(s, + (s->s3->tmp.new_cipher->algorithms| + SSL_NOT_EXP)?0:1); + CRYPTO_add(&rsa->references,1,CRYPTO_LOCK_RSA); + cert->rsa_tmp=rsa; + } + if (rsa == NULL) + { + al=SSL_AD_HANDSHAKE_FAILURE; + SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,SSL_R_MISSING_TMP_RSA_KEY); + goto f_err; + } + r[0]=rsa->n; + r[1]=rsa->e; + s->s3->tmp.use_rsa_tmp=1; + } + else +#endif +#ifndef NO_DH + if (type & SSL_kEDH) + { + dhp=cert->dh_tmp; + if ((dhp == NULL) && (cert->dh_tmp_cb != NULL)) + dhp=cert->dh_tmp_cb(s, + (s->s3->tmp.new_cipher->algorithms| + SSL_NOT_EXP)?0:1); + if (dhp == NULL) + { + al=SSL_AD_HANDSHAKE_FAILURE; + SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,SSL_R_MISSING_TMP_DH_KEY); + goto f_err; + } + if ((dh=DHparams_dup(dhp)) == NULL) + { + SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,ERR_R_DH_LIB); + goto err; + } + + s->s3->tmp.dh=dh; + if (((dhp->pub_key == NULL) || + (dhp->priv_key == NULL) || + (s->options & SSL_OP_SINGLE_DH_USE)) && + (!DH_generate_key(dh))) + { + SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,ERR_R_DH_LIB); + goto err; + } + else + { + dh->pub_key=BN_dup(dhp->pub_key); + dh->priv_key=BN_dup(dhp->priv_key); + if ((dh->pub_key == NULL) || + (dh->priv_key == NULL)) + { + SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,ERR_R_DH_LIB); + goto err; + } + } + r[0]=dh->p; + r[1]=dh->g; + r[2]=dh->pub_key; + } + else +#endif + { + al=SSL_AD_HANDSHAKE_FAILURE; + SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,SSL_R_UNKNOWN_KEY_EXCHANGE_TYPE); + goto f_err; + } + for (i=0; r[i] != NULL; i++) + { + nr[i]=BN_num_bytes(r[i]); + n+=2+nr[i]; + } + + if (!(s->s3->tmp.new_cipher->algorithms & SSL_aNULL)) + { + if ((pkey=ssl_get_sign_pkey(s,s->s3->tmp.new_cipher)) + == NULL) + { + al=SSL_AD_DECODE_ERROR; + goto f_err; + } + kn=EVP_PKEY_size(pkey); + } + else + { + pkey=NULL; + kn=0; + } + + if (!BUF_MEM_grow(buf,n+4+kn)) + { + SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,ERR_LIB_BUF); + goto err; + } + d=(unsigned char *)s->init_buf->data; + p= &(d[4]); + + for (i=0; r[i] != NULL; i++) + { + s2n(nr[i],p); + BN_bn2bin(r[i],p); + p+=nr[i]; + } + + /* not anonymous */ + if (pkey != NULL) + { + /* n is the length of the params, they start at &(d[4]) + * and p points to the space at the end. */ +#ifndef NO_RSA + if (pkey->type == EVP_PKEY_RSA) + { + q=md_buf; + j=0; + for (num=2; num > 0; num--) + { + EVP_DigestInit(&md_ctx,(num == 2) + ?s->ctx->md5:s->ctx->sha1); + EVP_DigestUpdate(&md_ctx,&(s->s3->client_random[0]),SSL3_RANDOM_SIZE); + EVP_DigestUpdate(&md_ctx,&(s->s3->server_random[0]),SSL3_RANDOM_SIZE); + EVP_DigestUpdate(&md_ctx,&(d[4]),n); + EVP_DigestFinal(&md_ctx,q, + (unsigned int *)&i); + q+=i; + j+=i; + } + i=RSA_private_encrypt(j,md_buf,&(p[2]), + pkey->pkey.rsa,RSA_PKCS1_PADDING); + if (i <= 0) + { + SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,ERR_LIB_RSA); + goto err; + } + s2n(i,p); + n+=i+2; + } + else +#endif +#if !defined(NO_DSA) + if (pkey->type == EVP_PKEY_DSA) + { + /* lets do DSS */ + EVP_SignInit(&md_ctx,EVP_dss1()); + EVP_SignUpdate(&md_ctx,&(s->s3->client_random[0]),SSL3_RANDOM_SIZE); + EVP_SignUpdate(&md_ctx,&(s->s3->server_random[0]),SSL3_RANDOM_SIZE); + EVP_SignUpdate(&md_ctx,&(d[4]),n); + if (!EVP_SignFinal(&md_ctx,&(p[2]), + (unsigned int *)&i,pkey)) + { + SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,ERR_LIB_DSA); + goto err; + } + s2n(i,p); + n+=i+2; + } + else +#endif + { + /* Is this error check actually needed? */ + al=SSL_AD_HANDSHAKE_FAILURE; + SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,SSL_R_UNKNOWN_PKEY_TYPE); + goto f_err; + } + } + + *(d++)=SSL3_MT_SERVER_KEY_EXCHANGE; + l2n3(n,d); + + /* we should now have things packed up, so lets send + * it off */ + s->init_num=n+4; + s->init_off=0; + } + + /* SSL3_ST_SW_KEY_EXCH_B */ + return(ssl3_do_write(s,SSL3_RT_HANDSHAKE)); +f_err: + ssl3_send_alert(s,SSL3_AL_FATAL,al); +err: + return(-1); + } + +static int ssl3_send_certificate_request(s) +SSL *s; + { + unsigned char *p,*d; + int i,j,nl,off,n; + STACK *sk=NULL; + X509_NAME *name; + BUF_MEM *buf; + + if (s->state == SSL3_ST_SW_CERT_REQ_A) + { + buf=s->init_buf; + + d=p=(unsigned char *)&(buf->data[4]); + + /* get the list of acceptable cert types */ + p++; + n=ssl3_get_req_cert_type(s,p); + d[0]=n; + p+=n; + n++; + + off=n; + p+=2; + n+=2; + + sk=SSL_get_client_CA_list(s); + nl=0; + if (sk != NULL) + { + for (i=0; idata[4+n]); + if (!(s->options & SSL_OP_NETSCAPE_CA_DN_BUG)) + { + s2n(j,p); + i2d_X509_NAME(name,&p); + n+=2+j; + nl+=2+j; + } + else + { + d=p; + i2d_X509_NAME(name,&p); + j-=2; s2n(j,d); j+=2; + n+=j; + nl+=j; + } + } + } + /* else no CA names */ + p=(unsigned char *)&(buf->data[4+off]); + s2n(nl,p); + + d=(unsigned char *)buf->data; + *(d++)=SSL3_MT_CERTIFICATE_REQUEST; + l2n3(n,d); + + /* we should now have things packed up, so lets send + * it off */ + + s->init_num=n+4; + s->init_off=0; + } + + /* SSL3_ST_SW_CERT_REQ_B */ + return(ssl3_do_write(s,SSL3_RT_HANDSHAKE)); +err: + return(-1); + } + +static int ssl3_get_client_key_exchange(s) +SSL *s; + { + int i,al,ok; + long n; + unsigned long l; + unsigned char *p; + RSA *rsa=NULL; + EVP_PKEY *pkey=NULL; +#ifndef NO_DH + BIGNUM *pub=NULL; + DH *dh_srvr; +#endif + + n=ssl3_get_message(s, + SSL3_ST_SR_KEY_EXCH_A, + SSL3_ST_SR_KEY_EXCH_B, + SSL3_MT_CLIENT_KEY_EXCHANGE, + 400, /* ???? */ + &ok); + + if (!ok) return((int)n); + p=(unsigned char *)s->init_buf->data; + + l=s->s3->tmp.new_cipher->algorithms; + +#ifndef NO_RSA + if (l & SSL_kRSA) + { + /* FIX THIS UP EAY EAY EAY EAY */ + if (s->s3->tmp.use_rsa_tmp) + { + if ((s->session->cert != NULL) && + (s->session->cert->rsa_tmp != NULL)) + rsa=s->session->cert->rsa_tmp; + else if ((s->ctx->default_cert != NULL) && + (s->ctx->default_cert->rsa_tmp != NULL)) + rsa=s->ctx->default_cert->rsa_tmp; + /* Don't do a callback because rsa_tmp should + * be sent already */ + if (rsa == NULL) + { + al=SSL_AD_HANDSHAKE_FAILURE; + SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,SSL_R_MISSING_TMP_RSA_PKEY); + goto f_err; + + } + } + else + { + pkey=s->cert->pkeys[SSL_PKEY_RSA_ENC].privatekey; + if ( (pkey == NULL) || + (pkey->type != EVP_PKEY_RSA) || + (pkey->pkey.rsa == NULL)) + { + al=SSL_AD_HANDSHAKE_FAILURE; + SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,SSL_R_MISSING_RSA_CERTIFICATE); + goto f_err; + } + rsa=pkey->pkey.rsa; + } + + /* TLS */ + if (s->version > SSL3_VERSION) + { + n2s(p,i); + if (n != i+2) + { + if (!(s->options & SSL_OP_TLS_D5_BUG)) + { + SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,SSL_R_TLS_RSA_ENCRYPTED_VALUE_LENGTH_IS_WRONG); + goto err; + } + else + p-=2; + } + else + n=i; + } + + i=RSA_private_decrypt((int)n,p,p,rsa,RSA_PKCS1_PADDING); + +#if 1 + /* If a bad decrypt, use a dud master key */ + if ((i != SSL_MAX_MASTER_KEY_LENGTH) || + ((p[0] != (s->version>>8)) || + (p[1] != (s->version & 0xff)))) + { + p[0]=(s->version>>8); + p[1]=(s->version & 0xff); + RAND_bytes(&(p[2]),SSL_MAX_MASTER_KEY_LENGTH-2); + i=SSL_MAX_MASTER_KEY_LENGTH; + } +#else + if (i != SSL_MAX_MASTER_KEY_LENGTH) + { + al=SSL_AD_DECODE_ERROR; + SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,SSL_R_BAD_RSA_DECRYPT); + goto f_err; + } + + if ((p[0] != (s->version>>8)) || (p[1] != (s->version & 0xff))) + { + al=SSL_AD_DECODE_ERROR; + SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,SSL_R_BAD_PROTOCOL_VERSION_NUMBER); + goto f_err; + } +#endif + + s->session->master_key_length= + s->method->ssl3_enc->generate_master_secret(s, + s->session->master_key, + p,i); + memset(p,0,i); + } + else +#endif +#ifndef NO_DH + if (l & (SSL_kEDH|SSL_kDHr|SSL_kDHd)) + { + n2s(p,i); + if (n != i+2) + { + if (!(s->options & SSL_OP_SSLEAY_080_CLIENT_DH_BUG)) + { + SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,SSL_R_DH_PUBLIC_VALUE_LENGTH_IS_WRONG); + goto err; + } + else + { + p-=2; + i=(int)n; + } + } + + if (n == 0L) /* the parameters are in the cert */ + { + al=SSL_AD_HANDSHAKE_FAILURE; + SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,SSL_R_UNABLE_TO_DECODE_DH_CERTS); + goto f_err; + } + else + { + if (s->s3->tmp.dh == NULL) + { + al=SSL_AD_HANDSHAKE_FAILURE; + SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,SSL_R_MISSING_TMP_DH_KEY); + goto f_err; + } + else + dh_srvr=s->s3->tmp.dh; + } + + pub=BN_bin2bn(p,i,NULL); + if (pub == NULL) + { + SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,SSL_R_BN_LIB); + goto err; + } + + i=DH_compute_key(p,pub,dh_srvr); + + if (i <= 0) + { + SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,ERR_R_DH_LIB); + goto err; + } + + DH_free(s->s3->tmp.dh); + s->s3->tmp.dh=NULL; + + BN_clear_free(pub); + pub=NULL; + s->session->master_key_length= + s->method->ssl3_enc->generate_master_secret(s, + s->session->master_key,p,i); + } + else +#endif + { + al=SSL_AD_HANDSHAKE_FAILURE; + SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,SSL_R_UNKNOWN_CIPHER_TYPE); + goto f_err; + } + + return(1); +f_err: + ssl3_send_alert(s,SSL3_AL_FATAL,al); +#if !defined(NO_DH) || !defined(NO_RSA) +err: +#endif + return(-1); + } + +static int ssl3_get_cert_verify(s) +SSL *s; + { + EVP_PKEY *pkey=NULL; + unsigned char *p; + int al,ok,ret=0; + long n; + int type=0,i,j; + X509 *peer; + + n=ssl3_get_message(s, + SSL3_ST_SR_CERT_VRFY_A, + SSL3_ST_SR_CERT_VRFY_B, + -1, + 512, /* 512? */ + &ok); + + if (!ok) return((int)n); + + if (s->session->peer != NULL) + { + peer=s->session->peer; + pkey=X509_get_pubkey(peer); + type=X509_certificate_type(peer,pkey); + } + else + { + peer=NULL; + pkey=NULL; + } + + if (s->s3->tmp.message_type != SSL3_MT_CERTIFICATE_VERIFY) + { + s->s3->tmp.reuse_message=1; + if ((peer != NULL) && (type | EVP_PKT_SIGN)) + { + al=SSL_AD_UNEXPECTED_MESSAGE; + SSLerr(SSL_F_SSL3_GET_CERT_VERIFY,SSL_R_MISSING_VERIFY_MESSAGE); + goto f_err; + } + ret=1; + goto end; + } + + if (peer == NULL) + { + SSLerr(SSL_F_SSL3_GET_CERT_VERIFY,SSL_R_NO_CLIENT_CERT_RECEIVED); + al=SSL_AD_UNEXPECTED_MESSAGE; + goto f_err; + } + + if (!(type & EVP_PKT_SIGN)) + { + SSLerr(SSL_F_SSL3_GET_CERT_VERIFY,SSL_R_SIGNATURE_FOR_NON_SIGNING_CERTIFICATE); + al=SSL_AD_ILLEGAL_PARAMETER; + goto f_err; + } + + if (s->s3->change_cipher_spec) + { + SSLerr(SSL_F_SSL3_GET_CERT_VERIFY,SSL_R_CCS_RECEIVED_EARLY); + al=SSL_AD_UNEXPECTED_MESSAGE; + goto f_err; + } + + /* we now have a signature that we need to verify */ + p=(unsigned char *)s->init_buf->data; + n2s(p,i); + n-=2; + if (i > n) + { + SSLerr(SSL_F_SSL3_GET_CERT_VERIFY,SSL_R_LENGTH_MISMATCH); + al=SSL_AD_DECODE_ERROR; + goto f_err; + } + + j=EVP_PKEY_size(pkey); + if ((i > j) || (n > j) || (n <= 0)) + { + SSLerr(SSL_F_SSL3_GET_CERT_VERIFY,SSL_R_WRONG_SIGNATURE_SIZE); + al=SSL_AD_DECODE_ERROR; + goto f_err; + } + +#ifndef NO_RSA + if (pkey->type == EVP_PKEY_RSA) + { + i=RSA_public_decrypt(i,p,p,pkey->pkey.rsa,RSA_PKCS1_PADDING); + if (i < 0) + { + al=SSL_AD_DECRYPT_ERROR; + SSLerr(SSL_F_SSL3_GET_CERT_VERIFY,SSL_R_BAD_RSA_DECRYPT); + goto f_err; + } + if ((i != (MD5_DIGEST_LENGTH+SHA_DIGEST_LENGTH)) || + memcmp(&(s->s3->tmp.finish_md[0]),p, + MD5_DIGEST_LENGTH+SHA_DIGEST_LENGTH)) + { + al=SSL_AD_DECRYPT_ERROR; + SSLerr(SSL_F_SSL3_GET_CERT_VERIFY,SSL_R_BAD_RSA_SIGNATURE); + goto f_err; + } + } + else +#endif +#ifndef NO_DSA + if (pkey->type == EVP_PKEY_DSA) + { + j=DSA_verify(pkey->save_type, + &(s->s3->tmp.finish_md[MD5_DIGEST_LENGTH]), + SHA_DIGEST_LENGTH,p,i,pkey->pkey.dsa); + if (j <= 0) + { + /* bad signature */ + al=SSL_AD_DECRYPT_ERROR; + SSLerr(SSL_F_SSL3_GET_CERT_VERIFY,SSL_R_BAD_DSA_SIGNATURE); + goto f_err; + } + } + else +#endif + { + SSLerr(SSL_F_SSL3_GET_CERT_VERIFY,SSL_R_INTERNAL_ERROR); + al=SSL_AD_UNSUPPORTED_CERTIFICATE; + goto f_err; + } + + + ret=1; + if (0) + { +f_err: + ssl3_send_alert(s,SSL3_AL_FATAL,al); + } +end: + return(ret); + } + +static int ssl3_get_client_certificate(s) +SSL *s; + { + int i,ok,al,ret= -1; + X509 *x=NULL; + unsigned long l,nc,llen,n; + unsigned char *p,*d,*q; + STACK *sk=NULL; + + n=ssl3_get_message(s, + SSL3_ST_SR_CERT_A, + SSL3_ST_SR_CERT_B, + -1, +#if defined(MSDOS) && !defined(WIN32) + 1024*30, /* 30k max cert list :-) */ +#else + 1024*100, /* 100k max cert list :-) */ +#endif + &ok); + + if (!ok) return((int)n); + + if (s->s3->tmp.message_type == SSL3_MT_CLIENT_KEY_EXCHANGE) + { + if ( (s->verify_mode & SSL_VERIFY_PEER) && + (s->verify_mode & SSL_VERIFY_FAIL_IF_NO_PEER_CERT)) + { + SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE,SSL_R_PEER_DID_NOT_RETURN_A_CERTIFICATE); + al=SSL_AD_HANDSHAKE_FAILURE; + goto f_err; + } + /* If tls asked for a client cert we must return a 0 list */ + if ((s->version > SSL3_VERSION) && s->s3->tmp.cert_request) + { + SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE,SSL_R_TLS_PEER_DID_NOT_RESPOND_WITH_CERTIFICATE_LIST); + al=SSL_AD_UNEXPECTED_MESSAGE; + goto f_err; + } + s->s3->tmp.reuse_message=1; + return(1); + } + + if (s->s3->tmp.message_type != SSL3_MT_CERTIFICATE) + { + al=SSL_AD_UNEXPECTED_MESSAGE; + SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE,SSL_R_WRONG_MESSAGE_TYPE); + goto f_err; + } + d=p=(unsigned char *)s->init_buf->data; + + if ((sk=sk_new_null()) == NULL) + { + SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE,ERR_R_MALLOC_FAILURE); + goto err; + } + + n2l3(p,llen); + if (llen+3 != n) + { + al=SSL_AD_DECODE_ERROR; + SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE,SSL_R_LENGTH_MISMATCH); + goto f_err; + } + for (nc=0; nc llen) + { + al=SSL_AD_DECODE_ERROR; + SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE,SSL_R_CERT_LENGTH_MISMATCH); + goto f_err; + } + + q=p; + x=d2i_X509(NULL,&p,l); + if (x == NULL) + { + SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE,ERR_R_ASN1_LIB); + goto err; + } + if (p != (q+l)) + { + al=SSL_AD_DECODE_ERROR; + SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE,SSL_R_CERT_LENGTH_MISMATCH); + goto f_err; + } + if (!sk_push(sk,(char *)x)) + { + SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE,ERR_R_MALLOC_FAILURE); + goto err; + } + x=NULL; + nc+=l+3; + } + + if (sk_num(sk) <= 0) + { + /* TLS does not mind 0 certs returned */ + if (s->version == SSL3_VERSION) + { + al=SSL_AD_HANDSHAKE_FAILURE; + SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE,SSL_R_NO_CERTIFICATES_RETURNED); + goto f_err; + } + /* Fail for TLS only if we required a certificate */ + else if ((s->verify_mode & SSL_VERIFY_PEER) && + (s->verify_mode & SSL_VERIFY_FAIL_IF_NO_PEER_CERT)) + { + SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE,SSL_R_PEER_DID_NOT_RETURN_A_CERTIFICATE); + al=SSL_AD_HANDSHAKE_FAILURE; + goto f_err; + } + } + else + { + i=ssl_verify_cert_chain(s,sk); + if (!i) + { + al=ssl_verify_alarm_type(s->verify_result); + SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE,SSL_R_NO_CERTIFICATE_RETURNED); + goto f_err; + } + } + + /* This should not be needed */ + if (s->session->peer != NULL) + X509_free(s->session->peer); + s->session->peer=(X509 *)sk_shift(sk); + + ret=1; + if (0) + { +f_err: + ssl3_send_alert(s,SSL3_AL_FATAL,al); + } +err: + if (x != NULL) X509_free(x); + if (sk != NULL) sk_pop_free(sk,X509_free); + return(ret); + } + +int ssl3_send_server_certificate(s) +SSL *s; + { + unsigned long l; + X509 *x; + + if (s->state == SSL3_ST_SW_CERT_A) + { + x=ssl_get_server_send_cert(s); + if (x == NULL) + { + SSLerr(SSL_F_SSL3_SEND_SERVER_CERTIFICATE,SSL_R_INTERNAL_ERROR); + return(0); + } + + l=ssl3_output_cert_chain(s,x); + s->state=SSL3_ST_SW_CERT_B; + s->init_num=(int)l; + s->init_off=0; + } + + /* SSL3_ST_SW_CERT_B */ + return(ssl3_do_write(s,SSL3_RT_HANDSHAKE)); + } diff --git a/src/lib/libssl/shlib_version b/src/lib/libssl/shlib_version new file mode 100644 index 0000000000..1edea46de9 --- /dev/null +++ b/src/lib/libssl/shlib_version @@ -0,0 +1,2 @@ +major=1 +minor=0 diff --git a/src/lib/libssl/ssl.h b/src/lib/libssl/ssl.h new file mode 100644 index 0000000000..cf8f9651b2 --- /dev/null +++ b/src/lib/libssl/ssl.h @@ -0,0 +1,1453 @@ +/* ssl/ssl.h */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#ifndef HEADER_SSL_H +#define HEADER_SSL_H + +#ifdef __cplusplus +extern "C" { +#endif + +/* SSLeay version number for ASN.1 encoding of the session information */ +/* Version 0 - initial version + * Version 1 - added the optional peer certificate + */ +#define SSL_SESSION_ASN1_VERSION 0x0001 + +/* text strings for the ciphers */ +#define SSL_TXT_NULL_WITH_MD5 SSL2_TXT_NULL_WITH_MD5 +#define SSL_TXT_RC4_128_WITH_MD5 SSL2_TXT_RC4_128_WITH_MD5 +#define SSL_TXT_RC4_128_EXPORT40_WITH_MD5 SSL2_TXT_RC4_128_EXPORT40_WITH_MD5 +#define SSL_TXT_RC2_128_CBC_WITH_MD5 SSL2_TXT_RC2_128_CBC_WITH_MD5 +#define SSL_TXT_RC2_128_CBC_EXPORT40_WITH_MD5 SSL2_TXT_RC2_128_CBC_EXPORT40_WITH_MD5 +#define SSL_TXT_IDEA_128_CBC_WITH_MD5 SSL2_TXT_IDEA_128_CBC_WITH_MD5 +#define SSL_TXT_DES_64_CBC_WITH_MD5 SSL2_TXT_DES_64_CBC_WITH_MD5 +#define SSL_TXT_DES_64_CBC_WITH_SHA SSL2_TXT_DES_64_CBC_WITH_SHA +#define SSL_TXT_DES_192_EDE3_CBC_WITH_MD5 SSL2_TXT_DES_192_EDE3_CBC_WITH_MD5 +#define SSL_TXT_DES_192_EDE3_CBC_WITH_SHA SSL2_TXT_DES_192_EDE3_CBC_WITH_SHA + +#define SSL_MAX_SSL_SESSION_ID_LENGTH 32 + +#define SSL_MIN_RSA_MODULUS_LENGTH_IN_BYTES (512/8) +#define SSL_MAX_KEY_ARG_LENGTH 8 +#define SSL_MAX_MASTER_KEY_LENGTH 48 + +/* These are used to specify which ciphers to use and not to use */ +#define SSL_TXT_LOW "LOW" +#define SSL_TXT_MEDIUM "MEDIUM" +#define SSL_TXT_HIGH "HIGH" +#define SSL_TXT_kFZA "kFZA" +#define SSL_TXT_aFZA "aFZA" +#define SSL_TXT_eFZA "eFZA" +#define SSL_TXT_FZA "FZA" + +#define SSL_TXT_aNULL "aNULL" +#define SSL_TXT_eNULL "eNULL" +#define SSL_TXT_NULL "NULL" + +#define SSL_TXT_kRSA "kRSA" +#define SSL_TXT_kDHr "kDHr" +#define SSL_TXT_kDHd "kDHd" +#define SSL_TXT_kEDH "kEDH" +#define SSL_TXT_aRSA "aRSA" +#define SSL_TXT_aDSS "aDSS" +#define SSL_TXT_aDH "aDH" +#define SSL_TXT_DSS "DSS" +#define SSL_TXT_DH "DH" +#define SSL_TXT_EDH "EDH" +#define SSL_TXT_ADH "ADH" +#define SSL_TXT_RSA "RSA" +#define SSL_TXT_DES "DES" +#define SSL_TXT_3DES "3DES" +#define SSL_TXT_RC4 "RC4" +#define SSL_TXT_RC2 "RC2" +#define SSL_TXT_IDEA "IDEA" +#define SSL_TXT_MD5 "MD5" +#define SSL_TXT_SHA1 "SHA1" +#define SSL_TXT_SHA "SHA" +#define SSL_TXT_EXP "EXP" +#define SSL_TXT_EXPORT "EXPORT" +#define SSL_TXT_SSLV2 "SSLv2" +#define SSL_TXT_SSLV3 "SSLv3" +#define SSL_TXT_ALL "ALL" + +/* 'DEFAULT' at the start of the cipher list insert the following string + * in addition to this being the default cipher string */ +#ifndef NO_RSA +#define SSL_DEFAULT_CIPHER_LIST "ALL:!ADH:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP" +#else +#define SSL_ALLOW_ADH +#define SSL_DEFAULT_CIPHER_LIST "HIGH:MEDIUM:LOW:ADH+3DES:ADH+RC4:ADH+DES:+EXP" +#endif + +/* Used in SSL_set_shutdown()/SSL_get_shutdown(); */ +#define SSL_SENT_SHUTDOWN 1 +#define SSL_RECEIVED_SHUTDOWN 2 + +#include "crypto.h" +#include "lhash.h" +#include "buffer.h" +#include "bio.h" +#include "x509.h" + +#define SSL_FILETYPE_ASN1 X509_FILETYPE_ASN1 +#define SSL_FILETYPE_PEM X509_FILETYPE_PEM + +/* This is needed to stop compilers complaining about the + * 'struct ssl_st *' function parameters used to prototype callbacks + * in SSL_CTX. */ +typedef struct ssl_st *ssl_crock_st; + +/* used to hold info on the particular ciphers used */ +typedef struct ssl_cipher_st + { + int valid; + char *name; /* text name */ + unsigned long id; /* id, 4 bytes, first is version */ + unsigned long algorithms; /* what ciphers are used */ + unsigned long algorithm2; /* Extra flags */ + unsigned long mask; /* used for matching */ + } SSL_CIPHER; + +/* Used to hold functions for SSLv2 or SSLv3/TLSv1 functions */ +typedef struct ssl_method_st + { + int version; + int (*ssl_new)(); + void (*ssl_clear)(); + void (*ssl_free)(); + int (*ssl_accept)(); + int (*ssl_connect)(); + int (*ssl_read)(); + int (*ssl_peek)(); + int (*ssl_write)(); + int (*ssl_shutdown)(); + int (*ssl_renegotiate)(); + long (*ssl_ctrl)(); + long (*ssl_ctx_ctrl)(); + SSL_CIPHER *(*get_cipher_by_char)(); + int (*put_cipher_by_char)(); + int (*ssl_pending)(); + int (*num_ciphers)(); + SSL_CIPHER *(*get_cipher)(); + struct ssl_method_st *(*get_ssl_method)(); + long (*get_timeout)(); + struct ssl3_enc_method *ssl3_enc; /* Extra SSLv3/TLS stuff */ + } SSL_METHOD; + +typedef struct ssl_compression_st + { + char *stuff; + } SSL_COMPRESSION; + +/* Lets make this into an ASN.1 type structure as follows + * SSL_SESSION_ID ::= SEQUENCE { + * version INTEGER, -- structure version number + * SSLversion INTEGER, -- SSL version number + * Cipher OCTET_STRING, -- the 3 byte cipher ID + * Session_ID OCTET_STRING, -- the Session ID + * Master_key OCTET_STRING, -- the master key + * Key_Arg [ 0 ] IMPLICIT OCTET_STRING, -- the optional Key argument + * Time [ 1 ] EXPLICIT INTEGER, -- optional Start Time + * Timeout [ 2 ] EXPLICIT INTEGER, -- optional Timeout ins seconds + * Peer [ 3 ] EXPLICIT X509, -- optional Peer Certificate + * } + * Look in ssl/ssl_asn1.c for more details + * I'm using EXPLICIT tags so I can read the damn things using asn1parse :-). + */ +typedef struct ssl_session_st + { + int ssl_version; /* what ssl version session info is + * being kept in here? */ + + /* only really used in SSLv2 */ + unsigned int key_arg_length; + unsigned char key_arg[SSL_MAX_KEY_ARG_LENGTH]; + int master_key_length; + unsigned char master_key[SSL_MAX_MASTER_KEY_LENGTH]; + /* session_id - valid? */ + unsigned int session_id_length; + unsigned char session_id[SSL_MAX_SSL_SESSION_ID_LENGTH]; + + int not_resumable; + + /* The cert is the certificate used to establish this connection */ + struct cert_st /* CERT */ *cert; + + /* This is the cert for the other end. On servers, it will be + * the same as cert->x509 */ + X509 *peer; + + int references; + long timeout; + long time; + + SSL_COMPRESSION *read_compression; + SSL_COMPRESSION *write_compression; + + SSL_CIPHER *cipher; + unsigned long cipher_id; /* when ASN.1 loaded, this + * needs to be used to load + * the 'cipher' structure */ + + STACK /* SSL_CIPHER */ *ciphers; /* shared ciphers? */ + + CRYPTO_EX_DATA ex_data; /* application specific data */ + + /* These are used to make removal of session-ids more + * efficient and to implement a maximum cache size. */ + struct ssl_session_st *prev,*next; + } SSL_SESSION; + +#define SSL_OP_MICROSOFT_SESS_ID_BUG 0x00000001L +#define SSL_OP_NETSCAPE_CHALLENGE_BUG 0x00000002L +#define SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG 0x00000008L +#define SSL_OP_SSLREF2_REUSE_CERT_TYPE_BUG 0x00000010L +#define SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER 0x00000020L +#define SSL_OP_MSIE_SSLV2_RSA_PADDING 0x00000040L +#define SSL_OP_SSLEAY_080_CLIENT_DH_BUG 0x00000080L +#define SSL_OP_TLS_D5_BUG 0x00000100L +#define SSL_OP_TLS_BLOCK_PADDING_BUG 0x00000200L + +/* If set, only use tmp_dh parameters once */ +#define SSL_OP_SINGLE_DH_USE 0x00100000L +/* Set to also use the tmp_rsa key when doing RSA operations. */ +#define SSL_OP_EPHEMERAL_RSA 0x00200000L + +#define SSL_OP_NETSCAPE_CA_DN_BUG 0x20000000L +#define SSL_OP_NON_EXPORT_FIRST 0x40000000L +#define SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG 0x80000000L +#define SSL_OP_ALL 0x000FFFFFL + +#define SSL_CTX_set_options(ctx,op) ((ctx)->options|=(op)) +#define SSL_set_options(ssl,op) ((ssl)->options|=(op)) + +#define SSL_OP_NO_SSLv2 0x01000000L +#define SSL_OP_NO_SSLv3 0x02000000L +#define SSL_OP_NO_TLSv1 0x04000000L + +/* Normally you will only use these if your application wants to use + * the certificate store in other places, perhaps PKCS7 */ +#define SSL_CTX_get_cert_store(ctx) ((ctx)->cert_store) +#define SSL_CTX_set_cert_store(ctx,cs) \ + (X509_STORE_free((ctx)->cert_store),(ctx)->cert_store=(cs)) + + +#define SSL_SESSION_CACHE_MAX_SIZE_DEFAULT (1024*20) + +typedef struct ssl_ctx_st + { + SSL_METHOD *method; + unsigned long options; + + STACK /* SSL_CIPHER */ *cipher_list; + /* same as above but sorted for lookup */ + STACK /* SSL_CIPHER */ *cipher_list_by_id; + + struct x509_store_st /* X509_STORE */ *cert_store; + struct lhash_st /* LHASH */ *sessions; /* a set of SSL_SESSION's */ + /* Most session-ids that will be cached, default is + * SSL_SESSION_CACHE_SIZE_DEFAULT. 0 is unlimited. */ + unsigned long session_cache_size; + struct ssl_session_st *session_cache_head; + struct ssl_session_st *session_cache_tail; + + /* This can have one of 2 values, ored together, + * SSL_SESS_CACHE_CLIENT, + * SSL_SESS_CACHE_SERVER, + * Default is SSL_SESSION_CACHE_SERVER, which means only + * SSL_accept which cache SSL_SESSIONS. */ + int session_cache_mode; + + /* If timeout is not 0, it is the default timeout value set + * when SSL_new() is called. This has been put in to make + * life easier to set things up */ + long session_timeout; + + /* If this callback is not null, it will be called each + * time a session id is added to the cache. If this function + * returns 1, it means that the callback will do a + * SSL_SESSION_free() when it has finished using it. Otherwise, + * on 0, it means the callback has finished with it. + * If remove_session_cb is not null, it will be called when + * a session-id is removed from the cache. Again, a return + * of 0 mens that SSLeay should not SSL_SESSION_free() since + * the application is doing something with it. */ +#ifndef NOPROTO + int (*new_session_cb)(struct ssl_st *ssl,SSL_SESSION *sess); + void (*remove_session_cb)(struct ssl_ctx_st *ctx,SSL_SESSION *sess); + SSL_SESSION *(*get_session_cb)(struct ssl_st *ssl, + unsigned char *data,int len,int *copy); +#else + int (*new_session_cb)(); + void (*remove_session_cb)(); + SSL_SESSION *(*get_session_cb)(); +#endif + + int sess_connect; /* SSL new connection - started */ + int sess_connect_renegotiate;/* SSL renegotiatene - requested */ + int sess_connect_good; /* SSL new connection/renegotiate - finished */ + int sess_accept; /* SSL new accept - started */ + int sess_accept_renegotiate;/* SSL renegotiatene - requested */ + int sess_accept_good; /* SSL accept/renegotiate - finished */ + int sess_miss; /* session lookup misses */ + int sess_timeout; /* session reuse attempt on timeouted session */ + int sess_cache_full; /* session removed due to full cache */ + int sess_hit; /* session reuse actually done */ + int sess_cb_hit; /* session-id that was not in the cache was + * passed back via the callback. This + * indicates that the application is supplying + * session-id's from other processes - + * spooky :-) */ + + int references; + + void (*info_callback)(); + + /* if defined, these override the X509_verify_cert() calls */ + int (*app_verify_callback)(); + char *app_verify_arg; + + /* default values to use in SSL structures */ + struct cert_st /* CERT */ *default_cert; + int default_read_ahead; + int default_verify_mode; + int (*default_verify_callback)(); + + /* Default password callback. */ + int (*default_passwd_callback)(); + + /* get client cert callback */ + int (*client_cert_cb)(/* SSL *ssl, X509 **x509, EVP_PKEY **pkey */); + + /* what we put in client requests */ + STACK *client_CA; + + int quiet_shutdown; + + CRYPTO_EX_DATA ex_data; + + EVP_MD *rsa_md5;/* For SSLv2 - name is 'ssl2-md5' */ + EVP_MD *md5; /* For SSLv3/TLSv1 'ssl3-md5' */ + EVP_MD *sha1; /* For SSLv3/TLSv1 'ssl3->sha1' */ + } SSL_CTX; + +#define SSL_SESS_CACHE_OFF 0x0000 +#define SSL_SESS_CACHE_CLIENT 0x0001 +#define SSL_SESS_CACHE_SERVER 0x0002 +#define SSL_SESS_CACHE_BOTH (SSL_SESS_CACHE_CLIENT|SSL_SESS_CACHE_SERVER) +#define SSL_SESS_CACHE_NO_AUTO_CLEAR 0x0080 +/* This one, when set, makes the server session-id lookup not look + * in the cache. If there is an application get_session callback + * defined, this will still get called. */ +#define SSL_SESS_CACHE_NO_INTERNAL_LOOKUP 0x0100 + +#define SSL_CTX_sessions(ctx) ((ctx)->sessions) +/* You will need to include lhash.h to access the following #define */ +#define SSL_CTX_sess_number(ctx) ((ctx)->sessions->num_items) +#define SSL_CTX_sess_connect(ctx) ((ctx)->sess_connect) +#define SSL_CTX_sess_connect_good(ctx) ((ctx)->sess_connect_good) +#define SSL_CTX_sess_accept(ctx) ((ctx)->sess_accept) +#define SSL_CTX_sess_accept_renegotiate(ctx) ((ctx)->sess_accept_renegotiate) +#define SSL_CTX_sess_connect_renegotiate(ctx) ((ctx)->sess_connect_renegotiate) +#define SSL_CTX_sess_accept_good(ctx) ((ctx)->sess_accept_good) +#define SSL_CTX_sess_hits(ctx) ((ctx)->sess_hit) +#define SSL_CTX_sess_cb_hits(ctx) ((ctx)->sess_cb_hit) +#define SSL_CTX_sess_misses(ctx) ((ctx)->sess_miss) +#define SSL_CTX_sess_timeouts(ctx) ((ctx)->sess_timeout) +#define SSL_CTX_sess_cache_full(ctx) ((ctx)->sess_cache_full) + +#define SSL_CTX_sess_set_cache_size(ctx,t) ((ctx)->session_cache_size=(t)) +#define SSL_CTX_sess_get_cache_size(ctx) ((ctx)->session_cache_size) + +#define SSL_CTX_sess_set_new_cb(ctx,cb) ((ctx)->new_session_cb=(cb)) +#define SSL_CTX_sess_get_new_cb(ctx) ((ctx)->new_session_cb) +#define SSL_CTX_sess_set_remove_cb(ctx,cb) ((ctx)->remove_session_cb=(cb)) +#define SSL_CTX_sess_get_remove_cb(ctx) ((ctx)->remove_session_cb) +#define SSL_CTX_sess_set_get_cb(ctx,cb) ((ctx)->get_session_cb=(cb)) +#define SSL_CTX_sess_get_get_cb(ctx) ((ctx)->get_session_cb) +#define SSL_CTX_set_session_cache_mode(ctx,m) ((ctx)->session_cache_mode=(m)) +#define SSL_CTX_get_session_cache_mode(ctx) ((ctx)->session_cache_mode) +#define SSL_CTX_set_timeout(ctx,t) ((ctx)->session_timeout=(t)) +#define SSL_CTX_get_timeout(ctx) ((ctx)->session_timeout) + +#define SSL_CTX_set_info_callback(ctx,cb) ((ctx)->info_callback=(cb)) +#define SSL_CTX_get_info_callback(ctx) ((ctx)->info_callback) +#define SSL_CTX_set_default_read_ahead(ctx,m) (((ctx)->default_read_ahead)=(m)) + +#define SSL_CTX_set_client_cert_cb(ctx,cb) ((ctx)->client_cert_cb=(cb)) +#define SSL_CTX_get_client_cert_cb(ctx) ((ctx)->client_cert_cb) + +#define SSL_NOTHING 1 +#define SSL_WRITING 2 +#define SSL_READING 3 +#define SSL_X509_LOOKUP 4 + +/* These will only be used when doing non-blocking IO */ +#define SSL_want(s) ((s)->rwstate) +#define SSL_want_nothing(s) ((s)->rwstate == SSL_NOTHING) +#define SSL_want_read(s) ((s)->rwstate == SSL_READING) +#define SSL_want_write(s) ((s)->rwstate == SSL_WRITING) +#define SSL_want_x509_lookup(s) ((s)->rwstate == SSL_X509_LOOKUP) + +typedef struct ssl_st + { + /* procol version + * 2 for SSLv2 + * 3 for SSLv3 + * -3 for SSLv3 but accept SSLv2 */ + int version; + int type; /* SSL_ST_CONNECT or SSL_ST_ACCEPT */ + + SSL_METHOD *method; /* SSLv3 */ + + /* There are 2 BIO's even though they are normally both the + * same. This is so data can be read and written to different + * handlers */ + +#ifdef HEADER_BIO_H + BIO *rbio; /* used by SSL_read */ + BIO *wbio; /* used by SSL_write */ + BIO *bbio; /* used during session-id reuse to concatinate + * messages */ +#else + char *rbio; /* used by SSL_read */ + char *wbio; /* used by SSL_write */ + char *bbio; +#endif + /* This holds a variable that indicates what we were doing + * when a 0 or -1 is returned. This is needed for + * non-blocking IO so we know what request needs re-doing when + * in SSL_accept or SSL_connect */ + int rwstate; + + /* true when we are actually in SSL_accept() or SSL_connect() */ + int in_handshake; + int (*handshake_func)(); + +/* int server;*/ /* are we the server side? */ + + int new_session;/* 1 if we are to use a new session */ + int quiet_shutdown;/* don't send shutdown packets */ + int shutdown; /* we have shut things down, 0x01 sent, 0x02 + * for received */ + int state; /* where we are */ + int rstate; /* where we are when reading */ + + BUF_MEM *init_buf; /* buffer used during init */ + int init_num; /* amount read/written */ + int init_off; /* amount read/written */ + + /* used internally to point at a raw packet */ + unsigned char *packet; + unsigned int packet_length; + + struct ssl2_ctx_st *s2; /* SSLv2 variables */ + struct ssl3_ctx_st *s3; /* SSLv3 variables */ + + int read_ahead; /* Read as many input bytes as possible */ + int hit; /* reusing a previous session */ + + /* crypto */ + STACK /* SSL_CIPHER */ *cipher_list; + STACK /* SSL_CIPHER */ *cipher_list_by_id; + + /* These are the ones being used, the ones is SSL_SESSION are + * the ones to be 'copied' into these ones */ + + EVP_CIPHER_CTX *enc_read_ctx; /* cryptographic state */ + EVP_MD *read_hash; /* used for mac generation */ + SSL_COMPRESSION *read_compression; /* compression */ + + EVP_CIPHER_CTX *enc_write_ctx; /* cryptographic state */ + EVP_MD *write_hash; /* used for mac generation */ + SSL_COMPRESSION *write_compression; /* compression */ + + /* session info */ + + /* client cert? */ + /* This is used to hold the server certificate used */ + struct cert_st /* CERT */ *cert; + + /* This can also be in the session once a session is established */ + SSL_SESSION *session; + + /* Used in SSL2 and SSL3 */ + int verify_mode; /* 0 don't care about verify failure. + * 1 fail if verify fails */ + int (*verify_callback)(); /* fail if callback returns 0 */ + void (*info_callback)(); /* optional informational callback */ + + int error; /* error bytes to be written */ + int error_code; /* actual code */ + + SSL_CTX *ctx; + /* set this flag to 1 and a sleep(1) is put into all SSL_read() + * and SSL_write() calls, good for nbio debuging :-) */ + int debug; + + /* extra application data */ + long verify_result; + CRYPTO_EX_DATA ex_data; + + /* for server side, keep the list of CA_dn we can use */ + STACK /* X509_NAME */ *client_CA; + + int references; + unsigned long options; + int first_packet; + } SSL; + +#include "ssl2.h" +#include "ssl3.h" +#include "tls1.h" /* This is mostly sslv3 with a few tweaks */ +#include "ssl23.h" + +/* compatablity */ +#define SSL_set_app_data(s,arg) (SSL_set_ex_data(s,0,(char *)arg)) +#define SSL_get_app_data(s) (SSL_get_ex_data(s,0)) +#define SSL_SESSION_set_app_data(s,a) (SSL_SESSION_set_ex_data(s,0,(char *)a)) +#define SSL_SESSION_get_app_data(s) (SSL_SESSION_get_ex_data(s,0)) +#define SSL_CTX_get_app_data(ctx) (SSL_CTX_get_ex_data(ctx,0)) +#define SSL_CTX_set_app_data(ctx,arg) (SSL_CTX_set_ex_data(ctx,0,(char *)arg)) + +/* The following are the possible values for ssl->state are are + * used to indicate where we are upto in the SSL connection establishment. + * The macros that follow are about the only things you should need to use + * and even then, only when using non-blocking IO. + * It can also be useful to work out where you were when the connection + * failed */ + +#define SSL_ST_CONNECT 0x1000 +#define SSL_ST_ACCEPT 0x2000 +#define SSL_ST_MASK 0x0FFF +#define SSL_ST_INIT (SSL_ST_CONNECT|SSL_ST_ACCEPT) +#define SSL_ST_BEFORE 0x4000 +#define SSL_ST_OK 0x03 +#define SSL_ST_RENEGOTIATE (0x04|SSL_ST_INIT) + +#define SSL_CB_LOOP 0x01 +#define SSL_CB_EXIT 0x02 +#define SSL_CB_READ 0x04 +#define SSL_CB_WRITE 0x08 +#define SSL_CB_ALERT 0x4000 /* used in callback */ +#define SSL_CB_READ_ALERT (SSL_CB_ALERT|SSL_CB_READ) +#define SSL_CB_WRITE_ALERT (SSL_CB_ALERT|SSL_CB_WRITE) +#define SSL_CB_ACCEPT_LOOP (SSL_ST_ACCEPT|SSL_CB_LOOP) +#define SSL_CB_ACCEPT_EXIT (SSL_ST_ACCEPT|SSL_CB_EXIT) +#define SSL_CB_CONNECT_LOOP (SSL_ST_CONNECT|SSL_CB_LOOP) +#define SSL_CB_CONNECT_EXIT (SSL_ST_CONNECT|SSL_CB_EXIT) +#define SSL_CB_HANDSHAKE_START 0x10 +#define SSL_CB_HANDSHAKE_DONE 0x20 + +/* Is the SSL_connection established? */ +#define SSL_get_state(a) SSL_state(a) +#define SSL_is_init_finished(a) (SSL_state(a) == SSL_ST_OK) +#define SSL_in_init(a) (SSL_state(a)&SSL_ST_INIT) +#define SSL_in_before(a) (SSL_state(a)&SSL_ST_BEFORE) +#define SSL_in_connect_init(a) (SSL_state(a)&SSL_ST_CONNECT) +#define SSL_in_accept_init(a) (SSL_state(a)&SSL_ST_ACCEPT) + +/* The following 2 states are kept in ssl->rstate when reads fail, + * you should not need these */ +#define SSL_ST_READ_HEADER 0xF0 +#define SSL_ST_READ_BODY 0xF1 +#define SSL_ST_READ_DONE 0xF2 + +/* use either SSL_VERIFY_NONE or SSL_VERIFY_PEER, the last 2 options + * are 'ored' with SSL_VERIFY_PEER if they are desired */ +#define SSL_VERIFY_NONE 0x00 +#define SSL_VERIFY_PEER 0x01 +#define SSL_VERIFY_FAIL_IF_NO_PEER_CERT 0x02 +#define SSL_VERIFY_CLIENT_ONCE 0x04 + +/* this is for backward compatablility */ +#if 0 /* NEW_SSLEAY */ +#define SSL_CTX_set_default_verify(a,b,c) SSL_CTX_set_verify(a,b,c) +#define SSL_set_pref_cipher(c,n) SSL_set_cipher_list(c,n) +#define SSL_add_session(a,b) SSL_CTX_add_session((a),(b)) +#define SSL_remove_session(a,b) SSL_CTX_remove_session((a),(b)) +#define SSL_flush_sessions(a,b) SSL_CTX_flush_sessions((a),(b)) +#endif +/* More backward compatablity */ +#define SSL_get_cipher(s) \ + SSL_CIPHER_get_name(SSL_get_current_cipher(s)) +#define SSL_get_cipher_bits(s,np) \ + SSL_CIPHER_get_bits(SSL_get_current_cipher(s),np) +#define SSL_get_cipher_version(s) \ + SSL_CIPHER_get_version(SSL_get_current_cipher(s)) +#define SSL_get_cipher_name(s) \ + SSL_CIPHER_get_name(SSL_get_current_cipher(s)) +#define SSL_get_time(a) SSL_SESSION_get_time(a) +#define SSL_set_time(a,b) SSL_SESSION_set_time((a),(b)) +#define SSL_get_timeout(a) SSL_SESSION_get_timeout(a) +#define SSL_set_timeout(a,b) SSL_SESSION_set_timeout((a),(b)) + +/* VMS linker has a 31 char name limit */ +#define SSL_CTX_set_cert_verify_callback(a,b,c) \ + SSL_CTX_set_cert_verify_cb((a),(b),(c)) + +#if 1 /*SSLEAY_MACROS*/ +#define d2i_SSL_SESSION_bio(bp,s_id) (SSL_SESSION *)ASN1_d2i_bio( \ + (char *(*)())SSL_SESSION_new,(char *(*)())d2i_SSL_SESSION, \ + (bp),(unsigned char **)(s_id)) +#define i2d_SSL_SESSION_bio(bp,s_id) ASN1_i2d_bio(i2d_SSL_SESSION, \ + bp,(unsigned char *)s_id) +#define PEM_read_SSL_SESSION(fp,x,cb) (SSL_SESSION *)PEM_ASN1_read( \ + (char *(*)())d2i_SSL_SESSION,PEM_STRING_SSL_SESSION,fp,(char **)x,cb) +#define PEM_read_bio_SSL_SESSION(bp,x,cb) (SSL_SESSION *)PEM_ASN1_read_bio( \ + (char *(*)())d2i_SSL_SESSION,PEM_STRING_SSL_SESSION,bp,(char **)x,cb) +#define PEM_write_SSL_SESSION(fp,x) \ + PEM_ASN1_write((int (*)())i2d_SSL_SESSION, \ + PEM_STRING_SSL_SESSION,fp, (char *)x, NULL,NULL,0,NULL) +#define PEM_write_bio_SSL_SESSION(bp,x) \ + PEM_ASN1_write_bio((int (*)())i2d_SSL_SESSION, \ + PEM_STRING_SSL_SESSION,bp, (char *)x, NULL,NULL,0,NULL) +#endif + +/* These alert types are for SSLv3 and TLSv1 */ +#define SSL_AD_CLOSE_NOTIFY SSL3_AD_CLOSE_NOTIFY +#define SSL_AD_UNEXPECTED_MESSAGE SSL3_AD_UNEXPECTED_MESSAGE /* fatal */ +#define SSL_AD_BAD_RECORD_MAC SSL3_AD_BAD_RECORD_MAC /* fatal */ +#define SSL_AD_DECRYPTION_FAILED TLS1_AD_DECRYPTION_FAILED +#define SSL_AD_RECORD_OVERFLOW TLS1_AD_RECORD_OVERFLOW +#define SSL_AD_DECOMPRESSION_FAILURE SSL3_AD_DECOMPRESSION_FAILURE/* fatal */ +#define SSL_AD_HANDSHAKE_FAILURE SSL3_AD_HANDSHAKE_FAILURE/* fatal */ +#define SSL_AD_NO_CERTIFICATE SSL3_AD_NO_CERTIFICATE /* Not for TLS */ +#define SSL_AD_BAD_CERTIFICATE SSL3_AD_BAD_CERTIFICATE +#define SSL_AD_UNSUPPORTED_CERTIFICATE SSL3_AD_UNSUPPORTED_CERTIFICATE +#define SSL_AD_CERTIFICATE_REVOKED SSL3_AD_CERTIFICATE_REVOKED +#define SSL_AD_CERTIFICATE_EXPIRED SSL3_AD_CERTIFICATE_EXPIRED +#define SSL_AD_CERTIFICATE_UNKNOWN SSL3_AD_CERTIFICATE_UNKNOWN +#define SSL_AD_ILLEGAL_PARAMETER SSL3_AD_ILLEGAL_PARAMETER /* fatal */ +#define SSL_AD_UNKNOWN_CA TLS1_AD_UNKNOWN_CA /* fatal */ +#define SSL_AD_ACCESS_DENIED TLS1_AD_ACCESS_DENIED /* fatal */ +#define SSL_AD_DECODE_ERROR TLS1_AD_DECODE_ERROR /* fatal */ +#define SSL_AD_DECRYPT_ERROR TLS1_AD_DECRYPT_ERROR +#define SSL_AD_EXPORT_RESTRICION TLS1_AD_EXPORT_RESTRICION/* fatal */ +#define SSL_AD_PROTOCOL_VERSION TLS1_AD_PROTOCOL_VERSION /* fatal */ +#define SSL_AD_INSUFFICIENT_SECURITY TLS1_AD_INSUFFICIENT_SECURITY/* fatal */ +#define SSL_AD_INTERNAL_ERROR TLS1_AD_INTERNAL_ERROR /* fatal */ +#define SSL_AD_USER_CANCLED TLS1_AD_USER_CANCLED +#define SSL_AD_NO_RENEGOTIATION TLS1_AD_NO_RENEGOTIATION + +#define SSL_ERROR_NONE 0 +#define SSL_ERROR_SSL 1 +#define SSL_ERROR_WANT_READ 2 +#define SSL_ERROR_WANT_WRITE 3 +#define SSL_ERROR_WANT_X509_LOOKUP 4 +#define SSL_ERROR_SYSCALL 5 /* look at errno */ +#define SSL_ERROR_ZERO_RETURN 6 +#define SSL_ERROR_WANT_CONNECT 7 + +#define SSL_CTRL_NEED_TMP_RSA 1 +#define SSL_CTRL_SET_TMP_RSA 2 +#define SSL_CTRL_SET_TMP_DH 3 +#define SSL_CTRL_SET_TMP_RSA_CB 4 +#define SSL_CTRL_SET_TMP_DH_CB 5 +/* Add these ones */ +#define SSL_CTRL_GET_SESSION_REUSED 6 +#define SSL_CTRL_GET_CLIENT_CERT_REQUEST 7 +#define SSL_CTRL_GET_NUM_RENEGOTIATIONS 8 +#define SSL_CTRL_CLEAR_NUM_RENEGOTIATIONS 9 +#define SSL_CTRL_GET_TOTAL_RENEGOTIATIONS 10 + +#define SSL_session_reused(ssl) \ + SSL_ctrl((ssl),SSL_CTRL_GET_SESSION_REUSED,0,NULL) +#define SSL_num_renegotiations(ssl) \ + SSL_ctrl((ssl),SSL_CTRL_GET_NUM_RENEGOTIATIONS,0,NULL) +#define SSL_clear_num_renegotiations(ssl) \ + SSL_ctrl((ssl),SSL_CTRL_CLEAR_NUM_RENEGOTIATIONS,0,NULL) +#define SSL_total_renegotiations(ssl) \ + SSL_ctrl((ssl),SSL_CTRL_GET_TOTAL_RENEGOTIATIONS,0,NULL) + +#define SSL_CTX_need_tmp_RSA(ctx) \ + SSL_CTX_ctrl(ctx,SSL_CTRL_NEED_TMP_RSA,0,NULL) +#define SSL_CTX_set_tmp_rsa(ctx,rsa) \ + SSL_CTX_ctrl(ctx,SSL_CTRL_SET_TMP_RSA,0,(char *)rsa) +#define SSL_CTX_set_tmp_dh(ctx,dh) \ + SSL_CTX_ctrl(ctx,SSL_CTRL_SET_TMP_DH,0,(char *)dh) + +/* For the next 2, the callbacks are + * RSA *tmp_rsa_cb(int export) + * DH *tmp_dh_cb(int export) + */ +#define SSL_CTX_set_tmp_rsa_callback(ctx,cb) \ + SSL_CTX_ctrl(ctx,SSL_CTRL_SET_TMP_RSA_CB,0,(char *)cb) +#define SSL_CTX_set_tmp_dh_callback(ctx,dh) \ + SSL_CTX_ctrl(ctx,SSL_CTRL_SET_TMP_DH_CB,0,(char *)dh) + +#ifndef NOPROTO + +#ifdef HEADER_BIO_H +BIO_METHOD *BIO_f_ssl(void); +BIO *BIO_new_ssl(SSL_CTX *ctx,int client); +BIO *BIO_new_ssl_connect(SSL_CTX *ctx); +BIO *BIO_new_buffer_ssl_connect(SSL_CTX *ctx); +int BIO_ssl_copy_session_id(BIO *to,BIO *from); +void BIO_ssl_shutdown(BIO *ssl_bio); + +#endif + +int SSL_CTX_set_cipher_list(SSL_CTX *,char *str); +SSL_CTX *SSL_CTX_new(SSL_METHOD *meth); +void SSL_CTX_free(SSL_CTX *); +void SSL_clear(SSL *s); +void SSL_CTX_flush_sessions(SSL_CTX *ctx,long tm); + +SSL_CIPHER *SSL_get_current_cipher(SSL *s); +int SSL_CIPHER_get_bits(SSL_CIPHER *c,int *alg_bits); +char * SSL_CIPHER_get_version(SSL_CIPHER *c); +char * SSL_CIPHER_get_name(SSL_CIPHER *c); + +int SSL_get_fd(SSL *s); +char * SSL_get_cipher_list(SSL *s,int n); +char * SSL_get_shared_ciphers(SSL *s, char *buf, int len); +int SSL_get_read_ahead(SSL * s); +int SSL_pending(SSL *s); +#ifndef NO_SOCK +int SSL_set_fd(SSL *s, int fd); +int SSL_set_rfd(SSL *s, int fd); +int SSL_set_wfd(SSL *s, int fd); +#endif +#ifdef HEADER_BIO_H +void SSL_set_bio(SSL *s, BIO *rbio,BIO *wbio); +BIO * SSL_get_rbio(SSL *s); +BIO * SSL_get_wbio(SSL *s); +#endif +int SSL_set_cipher_list(SSL *s, char *str); +void SSL_set_read_ahead(SSL *s, int yes); +int SSL_get_verify_mode(SSL *s); +int (*SSL_get_verify_callback(SSL *s))(); +void SSL_set_verify(SSL *s, int mode, int (*callback) ()); +int SSL_use_RSAPrivateKey(SSL *ssl, RSA *rsa); +int SSL_use_RSAPrivateKey_ASN1(SSL *ssl, unsigned char *d, long len); +int SSL_use_PrivateKey(SSL *ssl, EVP_PKEY *pkey); +int SSL_use_PrivateKey_ASN1(int pk,SSL *ssl, unsigned char *d, long len); +int SSL_use_certificate(SSL *ssl, X509 *x); +int SSL_use_certificate_ASN1(SSL *ssl, int len, unsigned char *d); + +#ifndef NO_STDIO +int SSL_use_RSAPrivateKey_file(SSL *ssl, char *file, int type); +int SSL_use_PrivateKey_file(SSL *ssl, char *file, int type); +int SSL_use_certificate_file(SSL *ssl, char *file, int type); +int SSL_CTX_use_RSAPrivateKey_file(SSL_CTX *ctx, char *file, int type); +int SSL_CTX_use_PrivateKey_file(SSL_CTX *ctx, char *file, int type); +int SSL_CTX_use_certificate_file(SSL_CTX *ctx, char *file, int type); +STACK * SSL_load_client_CA_file(char *file); +#endif + +void ERR_load_SSL_strings(void ); +void SSL_load_error_strings(void ); +char * SSL_state_string(SSL *s); +char * SSL_rstate_string(SSL *s); +char * SSL_state_string_long(SSL *s); +char * SSL_rstate_string_long(SSL *s); +long SSL_SESSION_get_time(SSL_SESSION *s); +long SSL_SESSION_set_time(SSL_SESSION *s, long t); +long SSL_SESSION_get_timeout(SSL_SESSION *s); +long SSL_SESSION_set_timeout(SSL_SESSION *s, long t); +void SSL_copy_session_id(SSL *to,SSL *from); + +SSL_SESSION *SSL_SESSION_new(void); +unsigned long SSL_SESSION_hash(SSL_SESSION *a); +int SSL_SESSION_cmp(SSL_SESSION *a,SSL_SESSION *b); +#ifndef NO_FP_API +int SSL_SESSION_print_fp(FILE *fp,SSL_SESSION *ses); +#endif +#ifdef HEADER_BIO_H +int SSL_SESSION_print(BIO *fp,SSL_SESSION *ses); +#endif +void SSL_SESSION_free(SSL_SESSION *ses); +int i2d_SSL_SESSION(SSL_SESSION *in,unsigned char **pp); +int SSL_set_session(SSL *to, SSL_SESSION *session); +int SSL_CTX_add_session(SSL_CTX *s, SSL_SESSION *c); +int SSL_CTX_remove_session(SSL_CTX *,SSL_SESSION *c); +SSL_SESSION *d2i_SSL_SESSION(SSL_SESSION **a,unsigned char **pp,long length); + +#ifdef HEADER_X509_H +X509 * SSL_get_peer_certificate(SSL *s); +#endif + +STACK * SSL_get_peer_cert_chain(SSL *s); + +int SSL_CTX_get_verify_mode(SSL_CTX *ctx); +int (*SSL_CTX_get_verify_callback(SSL_CTX *ctx))(); +void SSL_CTX_set_verify(SSL_CTX *ctx,int mode,int (*callback)()); +void SSL_CTX_set_cert_verify_cb(SSL_CTX *ctx, int (*cb)(),char *arg); +int SSL_CTX_use_RSAPrivateKey(SSL_CTX *ctx, RSA *rsa); +int SSL_CTX_use_RSAPrivateKey_ASN1(SSL_CTX *ctx, unsigned char *d, long len); +int SSL_CTX_use_PrivateKey(SSL_CTX *ctx, EVP_PKEY *pkey); +int SSL_CTX_use_PrivateKey_ASN1(int pk,SSL_CTX *ctx, + unsigned char *d, long len); +int SSL_CTX_use_certificate(SSL_CTX *ctx, X509 *x); +int SSL_CTX_use_certificate_ASN1(SSL_CTX *ctx, int len, unsigned char *d); + +void SSL_CTX_set_default_passwd_cb(SSL_CTX *ctx,int (*cb)()); + +int SSL_CTX_check_private_key(SSL_CTX *ctx); +int SSL_check_private_key(SSL *ctx); + +SSL * SSL_new(SSL_CTX *ctx); +void SSL_clear(SSL *s); +void SSL_free(SSL *ssl); +int SSL_accept(SSL *ssl); +int SSL_connect(SSL *ssl); +int SSL_read(SSL *ssl,char *buf,int num); +int SSL_peek(SSL *ssl,char *buf,int num); +int SSL_write(SSL *ssl,char *buf,int num); +long SSL_ctrl(SSL *ssl,int cmd, long larg, char *parg); +long SSL_CTX_ctrl(SSL_CTX *ctx,int cmd, long larg, char *parg); + +int SSL_get_error(SSL *s,int ret_code); +char * SSL_get_version(SSL *s); + +/* This sets the 'default' SSL version that SSL_new() will create */ +int SSL_CTX_set_ssl_version(SSL_CTX *ctx,SSL_METHOD *meth); + +SSL_METHOD *SSLv2_method(void); /* SSLv2 */ +SSL_METHOD *SSLv2_server_method(void); /* SSLv2 */ +SSL_METHOD *SSLv2_client_method(void); /* SSLv2 */ + +SSL_METHOD *SSLv3_method(void); /* SSLv3 */ +SSL_METHOD *SSLv3_server_method(void); /* SSLv3 */ +SSL_METHOD *SSLv3_client_method(void); /* SSLv3 */ + +SSL_METHOD *SSLv23_method(void); /* SSLv3 but can rollback to v2 */ +SSL_METHOD *SSLv23_server_method(void); /* SSLv3 but can rollback to v2 */ +SSL_METHOD *SSLv23_client_method(void); /* SSLv3 but can rollback to v2 */ + +SSL_METHOD *TLSv1_method(void); /* TLSv1.0 */ +SSL_METHOD *TLSv1_server_method(void); /* TLSv1.0 */ +SSL_METHOD *TLSv1_client_method(void); /* TLSv1.0 */ + +STACK *SSL_get_ciphers(SSL *s); + +int SSL_do_handshake(SSL *s); +int SSL_renegotiate(SSL *s); +int SSL_shutdown(SSL *s); + +SSL_METHOD *SSL_get_ssl_method(SSL *s); +int SSL_set_ssl_method(SSL *s,SSL_METHOD *method); +char *SSL_alert_type_string_long(int value); +char *SSL_alert_type_string(int value); +char *SSL_alert_desc_string_long(int value); +char *SSL_alert_desc_string(int value); + +void SSL_set_client_CA_list(SSL *s, STACK *list); +void SSL_CTX_set_client_CA_list(SSL_CTX *ctx, STACK *list); +STACK *SSL_get_client_CA_list(SSL *s); +STACK *SSL_CTX_get_client_CA_list(SSL_CTX *s); +int SSL_add_client_CA(SSL *ssl,X509 *x); +int SSL_CTX_add_client_CA(SSL_CTX *ctx,X509 *x); + +void SSL_set_connect_state(SSL *s); +void SSL_set_accept_state(SSL *s); + +long SSL_get_default_timeout(SSL *s); + +void SSLeay_add_ssl_algorithms(void ); + +char *SSL_CIPHER_description(SSL_CIPHER *,char *buf,int size); +STACK *SSL_dup_CA_list(STACK *sk); + +SSL *SSL_dup(SSL *ssl); + +X509 *SSL_get_certificate(SSL *ssl); +/* EVP_PKEY */ struct evp_pkey_st *SSL_get_privatekey(SSL *ssl); + +void SSL_CTX_set_quiet_shutdown(SSL_CTX *ctx,int mode); +int SSL_CTX_get_quiet_shutdown(SSL_CTX *ctx); +void SSL_set_quiet_shutdown(SSL *ssl,int mode); +int SSL_get_quiet_shutdown(SSL *ssl); +void SSL_set_shutdown(SSL *ssl,int mode); +int SSL_get_shutdown(SSL *ssl); +int SSL_version(SSL *ssl); +int SSL_CTX_set_default_verify_paths(SSL_CTX *ctx); +int SSL_CTX_load_verify_locations(SSL_CTX *ctx,char *CAfile,char *CApath); +SSL_SESSION *SSL_get_session(SSL *ssl); +SSL_CTX *SSL_get_SSL_CTX(SSL *ssl); +void SSL_set_info_callback(SSL *ssl,void (*cb)()); +void (*SSL_get_info_callback(SSL *ssl))(); +int SSL_state(SSL *ssl); + +void SSL_set_verify_result(SSL *ssl,long v); +long SSL_get_verify_result(SSL *ssl); + +int SSL_set_ex_data(SSL *ssl,int idx,char *data); +char *SSL_get_ex_data(SSL *ssl,int idx); +int SSL_get_ex_new_index(long argl, char *argp, int (*new_func)(), + int (*dup_func)(), void (*free_func)()); + +int SSL_SESSION_set_ex_data(SSL_SESSION *ss,int idx,char *data); +char *SSL_SESSION_get_ex_data(SSL_SESSION *ss,int idx); +int SSL_SESSION_get_ex_new_index(long argl, char *argp, int (*new_func)(), + int (*dup_func)(), void (*free_func)()); + +int SSL_CTX_set_ex_data(SSL_CTX *ssl,int idx,char *data); +char *SSL_CTX_get_ex_data(SSL_CTX *ssl,int idx); +int SSL_CTX_get_ex_new_index(long argl, char *argp, int (*new_func)(), + int (*dup_func)(), void (*free_func)()); + +#else + +BIO_METHOD *BIO_f_ssl(); +BIO *BIO_new_ssl(); +BIO *BIO_new_ssl_connect(); +BIO *BIO_new_buffer_ssl_connect(); +int BIO_ssl_copy_session_id(); +void BIO_ssl_shutdown(); + +int SSL_CTX_set_cipher_list(); +SSL_CTX *SSL_CTX_new(); +void SSL_CTX_free(); +void SSL_clear(); +void SSL_CTX_flush_sessions(); + +SSL_CIPHER *SSL_get_current_cipher(); +int SSL_CIPHER_get_bits(); +char * SSL_CIPHER_get_version(); +char * SSL_CIPHER_get_name(); + +int SSL_get_fd(); +char * SSL_get_cipher_list(); +char * SSL_get_shared_ciphers(); +int SSL_get_read_ahead(); +int SSL_pending(); +#ifndef NO_SOCK +int SSL_set_fd(); +int SSL_set_rfd(); +int SSL_set_wfd(); +#endif +#ifdef HEADER_BIO_H +void SSL_set_bio(); +BIO * SSL_get_rbio(); +BIO * SSL_get_wbio(); +#endif +int SSL_set_cipher_list(); +void SSL_set_read_ahead(); +int SSL_get_verify_mode(); + +void SSL_set_verify(); +int SSL_use_RSAPrivateKey(); +int SSL_use_RSAPrivateKey_ASN1(); +int SSL_use_PrivateKey(); +int SSL_use_PrivateKey_ASN1(); +int SSL_use_certificate(); +int SSL_use_certificate_ASN1(); + +#ifndef NO_STDIO +int SSL_use_RSAPrivateKey_file(); +int SSL_use_PrivateKey_file(); +int SSL_use_certificate_file(); +int SSL_CTX_use_RSAPrivateKey_file(); +int SSL_CTX_use_PrivateKey_file(); +int SSL_CTX_use_certificate_file(); +STACK * SSL_load_client_CA_file(); +#endif + +void ERR_load_SSL_strings(); +void SSL_load_error_strings(); +char * SSL_state_string(); +char * SSL_rstate_string(); +char * SSL_state_string_long(); +char * SSL_rstate_string_long(); +long SSL_SESSION_get_time(); +long SSL_SESSION_set_time(); +long SSL_SESSION_get_timeout(); +long SSL_SESSION_set_timeout(); +void SSL_copy_session_id(); + +SSL_SESSION *SSL_SESSION_new(); +unsigned long SSL_SESSION_hash(); +int SSL_SESSION_cmp(); +#ifndef NO_FP_API +int SSL_SESSION_print_fp(); +#endif +#ifdef HEADER_BIO_H +int SSL_SESSION_print(); +#endif +void SSL_SESSION_free(); +int i2d_SSL_SESSION(); +int SSL_set_session(); +int SSL_CTX_add_session(); +int SSL_CTX_remove_session(); +SSL_SESSION *d2i_SSL_SESSION(); + +#ifdef HEADER_X509_H +X509 * SSL_get_peer_certificate(); +#endif + +STACK * SSL_get_peer_cert_chain(); + +int SSL_CTX_get_verify_mode(); +int (*SSL_CTX_get_verify_callback())(); +void SSL_CTX_set_verify(); +void SSL_CTX_set_cert_verify_cb(); +int SSL_CTX_use_RSAPrivateKey(); +int SSL_CTX_use_RSAPrivateKey_ASN1(); +int SSL_CTX_use_PrivateKey(); +int SSL_CTX_use_PrivateKey_ASN1(); +int SSL_CTX_use_certificate(); +int SSL_CTX_use_certificate_ASN1(); + +void SSL_CTX_set_default_passwd_cb(); + +int SSL_CTX_check_private_key(); +int SSL_check_private_key(); + +SSL * SSL_new(); +void SSL_clear(); +void SSL_free(); +int SSL_accept(); +int SSL_connect(); +int SSL_read(); +int SSL_peek(); +int SSL_write(); +long SSL_ctrl(); +long SSL_CTX_ctrl(); + +int SSL_get_error(); +char * SSL_get_version(); + +int SSL_CTX_set_ssl_version(); + +SSL_METHOD *SSLv2_method(); +SSL_METHOD *SSLv2_server_method(); +SSL_METHOD *SSLv2_client_method(); + +SSL_METHOD *SSLv3_method(); +SSL_METHOD *SSLv3_server_method(); +SSL_METHOD *SSLv3_client_method(); + +SSL_METHOD *SSLv23_method(); +SSL_METHOD *SSLv23_server_method(); +SSL_METHOD *SSLv23_client_method(); + +SSL_METHOD *TLSv1_method(); +SSL_METHOD *TLSv1_server_method(); +SSL_METHOD *TLSv1_client_method(); + +STACK *SSL_get_ciphers(); + +int SSL_do_handshake(); +int SSL_renegotiate(); +int SSL_shutdown(); + +SSL_METHOD *SSL_get_ssl_method(); +int SSL_set_ssl_method(); +char *SSL_alert_type_string_long(); +char *SSL_alert_type_string(); +char *SSL_alert_desc_string_long(); +char *SSL_alert_desc_string(); + +void SSL_set_client_CA_list(); +void SSL_CTX_set_client_CA_list(); +STACK *SSL_get_client_CA_list(); +STACK *SSL_CTX_get_client_CA_list(); +int SSL_add_client_CA(); +int SSL_CTX_add_client_CA(); + +void SSL_set_connect_state(); +void SSL_set_accept_state(); + +long SSL_get_default_timeout(); + +void SSLeay_add_ssl_algorithms(); + +char *SSL_CIPHER_description(); +STACK *SSL_dup_CA_list(); + +SSL *SSL_dup(); + +X509 *SSL_get_certificate(); +/* EVP * */ struct evp_pkey_st *SSL_get_privatekey(); + +#ifdef this_is_for_mk1mf_pl +EVP *SSL_get_privatekey(); + +void SSL_CTX_set_quiet_shutdown(); +int SSL_CTX_get_quiet_shutdown(); +void SSL_set_quiet_shutdown(); +int SSL_get_quiet_shutdown(); +void SSL_set_shutdown(); +int SSL_get_shutdown(); +int SSL_version(); +int SSL_CTX_set_default_verify_paths(); +int SSL_CTX_load_verify_locations(); +SSL_SESSION *SSL_get_session(); +SSL_CTX *SSL_get_SSL_CTX(); +void SSL_set_info_callback(); +int (*SSL_get_info_callback())(); +int SSL_state(); +void SSL_set_verify_result(); +long SSL_get_verify_result(); + +int SSL_set_ex_data(); +char *SSL_get_ex_data(); +int SSL_get_ex_new_index(); + +int SSL_SESSION_set_ex_data(); +char *SSL_SESSION_get_ex_data(); +int SSL_SESSION_get_ex_new_index(); + +int SSL_CTX_set_ex_data(); +char *SSL_CTX_get_ex_data(); +int SSL_CTX_get_ex_new_index(); + +#endif + +#endif + +/* BEGIN ERROR CODES */ +/* Error codes for the SSL functions. */ + +/* Function codes. */ +#define SSL_F_CLIENT_CERTIFICATE 100 +#define SSL_F_CLIENT_HELLO 101 +#define SSL_F_CLIENT_MASTER_KEY 102 +#define SSL_F_D2I_SSL_SESSION 103 +#define SSL_F_DO_SSL3_WRITE 104 +#define SSL_F_GET_CLIENT_FINISHED 105 +#define SSL_F_GET_CLIENT_HELLO 106 +#define SSL_F_GET_CLIENT_MASTER_KEY 107 +#define SSL_F_GET_SERVER_FINISHED 108 +#define SSL_F_GET_SERVER_HELLO 109 +#define SSL_F_GET_SERVER_VERIFY 110 +#define SSL_F_I2D_SSL_SESSION 111 +#define SSL_F_READ_N 112 +#define SSL_F_REQUEST_CERTIFICATE 113 +#define SSL_F_SERVER_HELLO 114 +#define SSL_F_SSL23_ACCEPT 115 +#define SSL_F_SSL23_CLIENT_HELLO 116 +#define SSL_F_SSL23_CONNECT 117 +#define SSL_F_SSL23_GET_CLIENT_HELLO 118 +#define SSL_F_SSL23_GET_SERVER_HELLO 119 +#define SSL_F_SSL23_READ 120 +#define SSL_F_SSL23_WRITE 121 +#define SSL_F_SSL2_ACCEPT 122 +#define SSL_F_SSL2_CONNECT 123 +#define SSL_F_SSL2_ENC_INIT 124 +#define SSL_F_SSL2_READ 125 +#define SSL_F_SSL2_SET_CERTIFICATE 126 +#define SSL_F_SSL2_WRITE 127 +#define SSL_F_SSL3_ACCEPT 128 +#define SSL_F_SSL3_CHANGE_CIPHER_STATE 129 +#define SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM 130 +#define SSL_F_SSL3_CLIENT_HELLO 131 +#define SSL_F_SSL3_CONNECT 132 +#define SSL_F_SSL3_CTX_CTRL 133 +#define SSL_F_SSL3_ENC 134 +#define SSL_F_SSL3_GET_CERTIFICATE_REQUEST 135 +#define SSL_F_SSL3_GET_CERT_VERIFY 136 +#define SSL_F_SSL3_GET_CLIENT_CERTIFICATE 137 +#define SSL_F_SSL3_GET_CLIENT_HELLO 138 +#define SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE 139 +#define SSL_F_SSL3_GET_FINISHED 140 +#define SSL_F_SSL3_GET_KEY_EXCHANGE 141 +#define SSL_F_SSL3_GET_MESSAGE 142 +#define SSL_F_SSL3_GET_RECORD 143 +#define SSL_F_SSL3_GET_SERVER_CERTIFICATE 144 +#define SSL_F_SSL3_GET_SERVER_DONE 145 +#define SSL_F_SSL3_GET_SERVER_HELLO 146 +#define SSL_F_SSL3_OUTPUT_CERT_CHAIN 147 +#define SSL_F_SSL3_READ_BYTES 148 +#define SSL_F_SSL3_READ_N 149 +#define SSL_F_SSL3_SEND_CERTIFICATE_REQUEST 150 +#define SSL_F_SSL3_SEND_CLIENT_CERTIFICATE 151 +#define SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE 152 +#define SSL_F_SSL3_SEND_CLIENT_VERIFY 153 +#define SSL_F_SSL3_SEND_SERVER_CERTIFICATE 154 +#define SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE 155 +#define SSL_F_SSL3_SETUP_BUFFERS 156 +#define SSL_F_SSL3_SETUP_KEY_BLOCK 157 +#define SSL_F_SSL3_WRITE_BYTES 158 +#define SSL_F_SSL3_WRITE_PENDING 159 +#define SSL_F_SSL_BAD_METHOD 160 +#define SSL_F_SSL_BYTES_TO_CIPHER_LIST 161 +#define SSL_F_SSL_CERT_NEW 162 +#define SSL_F_SSL_CHECK_PRIVATE_KEY 163 +#define SSL_F_SSL_CREATE_CIPHER_LIST 164 +#define SSL_F_SSL_CTX_CHECK_PRIVATE_KEY 165 +#define SSL_F_SSL_CTX_NEW 166 +#define SSL_F_SSL_CTX_SET_SSL_VERSION 167 +#define SSL_F_SSL_CTX_USE_CERTIFICATE 168 +#define SSL_F_SSL_CTX_USE_CERTIFICATE_ASN1 169 +#define SSL_F_SSL_CTX_USE_CERTIFICATE_FILE 170 +#define SSL_F_SSL_CTX_USE_PRIVATEKEY 171 +#define SSL_F_SSL_CTX_USE_PRIVATEKEY_ASN1 172 +#define SSL_F_SSL_CTX_USE_PRIVATEKEY_FILE 173 +#define SSL_F_SSL_CTX_USE_RSAPRIVATEKEY 174 +#define SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_ASN1 175 +#define SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_FILE 176 +#define SSL_F_SSL_DO_HANDSHAKE 177 +#define SSL_F_SSL_GET_NEW_SESSION 178 +#define SSL_F_SSL_GET_SERVER_SEND_CERT 179 +#define SSL_F_SSL_GET_SIGN_PKEY 180 +#define SSL_F_SSL_INIT_WBIO_BUFFER 181 +#define SSL_F_SSL_LOAD_CLIENT_CA_FILE 182 +#define SSL_F_SSL_NEW 183 +#define SSL_F_SSL_RSA_PRIVATE_DECRYPT 184 +#define SSL_F_SSL_RSA_PUBLIC_ENCRYPT 185 +#define SSL_F_SSL_SESSION_NEW 186 +#define SSL_F_SSL_SESSION_PRINT_FP 187 +#define SSL_F_SSL_SET_CERT 188 +#define SSL_F_SSL_SET_FD 189 +#define SSL_F_SSL_SET_PKEY 190 +#define SSL_F_SSL_SET_RFD 191 +#define SSL_F_SSL_SET_SESSION 192 +#define SSL_F_SSL_SET_WFD 193 +#define SSL_F_SSL_UNDEFINED_FUNCTION 194 +#define SSL_F_SSL_USE_CERTIFICATE 195 +#define SSL_F_SSL_USE_CERTIFICATE_ASN1 196 +#define SSL_F_SSL_USE_CERTIFICATE_FILE 197 +#define SSL_F_SSL_USE_PRIVATEKEY 198 +#define SSL_F_SSL_USE_PRIVATEKEY_ASN1 199 +#define SSL_F_SSL_USE_PRIVATEKEY_FILE 200 +#define SSL_F_SSL_USE_RSAPRIVATEKEY 201 +#define SSL_F_SSL_USE_RSAPRIVATEKEY_ASN1 202 +#define SSL_F_SSL_USE_RSAPRIVATEKEY_FILE 203 +#define SSL_F_SSL_WRITE 204 +#define SSL_F_TLS1_CHANGE_CIPHER_STATE 205 +#define SSL_F_TLS1_ENC 206 +#define SSL_F_TLS1_SETUP_KEY_BLOCK 207 +#define SSL_F_WRITE_PENDING 208 + +/* Reason codes. */ +#define SSL_R_APP_DATA_IN_HANDSHAKE 100 +#define SSL_R_BAD_ALERT_RECORD 101 +#define SSL_R_BAD_AUTHENTICATION_TYPE 102 +#define SSL_R_BAD_CHANGE_CIPHER_SPEC 103 +#define SSL_R_BAD_CHECKSUM 104 +#define SSL_R_BAD_CLIENT_REQUEST 105 +#define SSL_R_BAD_DATA_RETURNED_BY_CALLBACK 106 +#define SSL_R_BAD_DECOMPRESSION 107 +#define SSL_R_BAD_DH_G_LENGTH 108 +#define SSL_R_BAD_DH_PUB_KEY_LENGTH 109 +#define SSL_R_BAD_DH_P_LENGTH 110 +#define SSL_R_BAD_DIGEST_LENGTH 111 +#define SSL_R_BAD_DSA_SIGNATURE 112 +#define SSL_R_BAD_MAC_DECODE 113 +#define SSL_R_BAD_MESSAGE_TYPE 114 +#define SSL_R_BAD_PACKET_LENGTH 115 +#define SSL_R_BAD_PROTOCOL_VERSION_NUMBER 116 +#define SSL_R_BAD_RESPONSE_ARGUMENT 117 +#define SSL_R_BAD_RSA_DECRYPT 118 +#define SSL_R_BAD_RSA_ENCRYPT 119 +#define SSL_R_BAD_RSA_E_LENGTH 120 +#define SSL_R_BAD_RSA_MODULUS_LENGTH 121 +#define SSL_R_BAD_RSA_SIGNATURE 122 +#define SSL_R_BAD_SIGNATURE 123 +#define SSL_R_BAD_SSL_FILETYPE 124 +#define SSL_R_BAD_SSL_SESSION_ID_LENGTH 125 +#define SSL_R_BAD_STATE 126 +#define SSL_R_BAD_WRITE_RETRY 127 +#define SSL_R_BIO_NOT_SET 128 +#define SSL_R_BLOCK_CIPHER_PAD_IS_WRONG 129 +#define SSL_R_BN_LIB 130 +#define SSL_R_CA_DN_LENGTH_MISMATCH 131 +#define SSL_R_CA_DN_TOO_LONG 132 +#define SSL_R_CCS_RECEIVED_EARLY 133 +#define SSL_R_CERTIFICATE_VERIFY_FAILED 134 +#define SSL_R_CERT_LENGTH_MISMATCH 135 +#define SSL_R_CHALLENGE_IS_DIFFERENT 136 +#define SSL_R_CIPHER_CODE_WRONG_LENGTH 137 +#define SSL_R_CIPHER_OR_HASH_UNAVAILABLE 138 +#define SSL_R_CIPHER_TABLE_SRC_ERROR 139 +#define SSL_R_COMPRESSED_LENGTH_TOO_LONG 140 +#define SSL_R_COMPRESSION_FAILURE 141 +#define SSL_R_CONNECTION_ID_IS_DIFFERENT 142 +#define SSL_R_CONNECTION_TYPE_NOT_SET 143 +#define SSL_R_DATA_BETWEEN_CCS_AND_FINISHED 144 +#define SSL_R_DATA_LENGTH_TOO_LONG 145 +#define SSL_R_DECRYPTION_FAILED 146 +#define SSL_R_DH_PUBLIC_VALUE_LENGTH_IS_WRONG 147 +#define SSL_R_DIGEST_CHECK_FAILED 148 +#define SSL_R_ENCRYPTED_LENGTH_TOO_LONG 149 +#define SSL_R_ERROR_IN_RECEIVED_CIPHER_LIST 150 +#define SSL_R_EXCESSIVE_MESSAGE_SIZE 151 +#define SSL_R_EXTRA_DATA_IN_MESSAGE 152 +#define SSL_R_GOT_A_FIN_BEFORE_A_CCS 153 +#define SSL_R_HTTPS_PROXY_REQUEST 154 +#define SSL_R_HTTP_REQUEST 155 +#define SSL_R_INTERNAL_ERROR 156 +#define SSL_R_INVALID_CHALLENGE_LENGTH 157 +#define SSL_R_LENGTH_MISMATCH 158 +#define SSL_R_LENGTH_TOO_SHORT 159 +#define SSL_R_LIBRARY_HAS_NO_CIPHERS 160 +#define SSL_R_MISSING_DH_DSA_CERT 161 +#define SSL_R_MISSING_DH_KEY 162 +#define SSL_R_MISSING_DH_RSA_CERT 163 +#define SSL_R_MISSING_DSA_SIGNING_CERT 164 +#define SSL_R_MISSING_EXPORT_TMP_DH_KEY 165 +#define SSL_R_MISSING_EXPORT_TMP_RSA_KEY 166 +#define SSL_R_MISSING_RSA_CERTIFICATE 167 +#define SSL_R_MISSING_RSA_ENCRYPTING_CERT 168 +#define SSL_R_MISSING_RSA_SIGNING_CERT 169 +#define SSL_R_MISSING_TMP_DH_KEY 170 +#define SSL_R_MISSING_TMP_RSA_KEY 171 +#define SSL_R_MISSING_TMP_RSA_PKEY 172 +#define SSL_R_MISSING_VERIFY_MESSAGE 173 +#define SSL_R_NON_SSLV2_INITIAL_PACKET 174 +#define SSL_R_NO_CERTIFICATES_RETURNED 175 +#define SSL_R_NO_CERTIFICATE_ASSIGNED 176 +#define SSL_R_NO_CERTIFICATE_RETURNED 177 +#define SSL_R_NO_CERTIFICATE_SET 178 +#define SSL_R_NO_CERTIFICATE_SPECIFIED 179 +#define SSL_R_NO_CIPHERS_AVAILABLE 180 +#define SSL_R_NO_CIPHERS_PASSED 181 +#define SSL_R_NO_CIPHERS_SPECIFIED 182 +#define SSL_R_NO_CIPHER_LIST 183 +#define SSL_R_NO_CIPHER_MATCH 184 +#define SSL_R_NO_CLIENT_CERT_RECEIVED 185 +#define SSL_R_NO_COMPRESSION_SPECIFIED 186 +#define SSL_R_NO_PRIVATEKEY 187 +#define SSL_R_NO_PRIVATE_KEY_ASSIGNED 188 +#define SSL_R_NO_PROTOCOLS_AVAILABLE 189 +#define SSL_R_NO_PUBLICKEY 190 +#define SSL_R_NO_SHARED_CIPHER 191 +#define SSL_R_NULL_SSL_CTX 192 +#define SSL_R_NULL_SSL_METHOD_PASSED 193 +#define SSL_R_OLD_SESSION_CIPHER_NOT_RETURNED 194 +#define SSL_R_PACKET_LENGTH_TOO_LONG 195 +#define SSL_R_PEER_DID_NOT_RETURN_A_CERTIFICATE 196 +#define SSL_R_PEER_ERROR 197 +#define SSL_R_PEER_ERROR_CERTIFICATE 198 +#define SSL_R_PEER_ERROR_NO_CERTIFICATE 199 +#define SSL_R_PEER_ERROR_NO_CIPHER 200 +#define SSL_R_PEER_ERROR_UNSUPPORTED_CERTIFICATE_TYPE 201 +#define SSL_R_PRE_MAC_LENGTH_TOO_LONG 202 +#define SSL_R_PROBLEMS_MAPPING_CIPHER_FUNCTIONS 203 +#define SSL_R_PROTOCOL_IS_SHUTDOWN 204 +#define SSL_R_PUBLIC_KEY_ENCRYPT_ERROR 205 +#define SSL_R_PUBLIC_KEY_IS_NOT_RSA 206 +#define SSL_R_PUBLIC_KEY_NOT_RSA 207 +#define SSL_R_READ_BIO_NOT_SET 208 +#define SSL_R_READ_WRONG_PACKET_TYPE 209 +#define SSL_R_RECORD_LENGTH_MISMATCH 210 +#define SSL_R_RECORD_TOO_LARGE 211 +#define SSL_R_REQUIRED_CIPHER_MISSING 212 +#define SSL_R_REUSE_CERT_LENGTH_NOT_ZERO 213 +#define SSL_R_REUSE_CERT_TYPE_NOT_ZERO 214 +#define SSL_R_REUSE_CIPHER_LIST_NOT_ZERO 215 +#define SSL_R_SHORT_READ 216 +#define SSL_R_SIGNATURE_FOR_NON_SIGNING_CERTIFICATE 217 +#define SSL_R_SSL3_SESSION_ID_TOO_SHORT 218 +#define SSL_R_SSLV3_ALERT_BAD_CERTIFICATE 1042 +#define SSL_R_SSLV3_ALERT_BAD_RECORD_MAC 1020 +#define SSL_R_SSLV3_ALERT_CERTIFICATE_EXPIRED 1045 +#define SSL_R_SSLV3_ALERT_CERTIFICATE_REVOKED 1044 +#define SSL_R_SSLV3_ALERT_CERTIFICATE_UNKNOWN 1046 +#define SSL_R_SSLV3_ALERT_DECOMPRESSION_FAILURE 1030 +#define SSL_R_SSLV3_ALERT_HANDSHAKE_FAILURE 1040 +#define SSL_R_SSLV3_ALERT_ILLEGAL_PARAMETER 1047 +#define SSL_R_SSLV3_ALERT_NO_CERTIFICATE 1041 +#define SSL_R_SSLV3_ALERT_PEER_ERROR_CERTIFICATE 219 +#define SSL_R_SSLV3_ALERT_PEER_ERROR_NO_CERTIFICATE 220 +#define SSL_R_SSLV3_ALERT_PEER_ERROR_NO_CIPHER 221 +#define SSL_R_SSLV3_ALERT_PEER_ERROR_UNSUPPORTED_CERTIFICATE_TYPE 222 +#define SSL_R_SSLV3_ALERT_UNEXPECTED_MESSAGE 1010 +#define SSL_R_SSLV3_ALERT_UNKNOWN_REMOTE_ERROR_TYPE 223 +#define SSL_R_SSLV3_ALERT_UNSUPPORTED_CERTIFICATE 1043 +#define SSL_R_SSL_CTX_HAS_NO_DEFAULT_SSL_VERSION 224 +#define SSL_R_SSL_HANDSHAKE_FAILURE 225 +#define SSL_R_SSL_LIBRARY_HAS_NO_CIPHERS 226 +#define SSL_R_SSL_SESSION_ID_IS_DIFFERENT 227 +#define SSL_R_TLS_CLIENT_CERT_REQ_WITH_ANON_CIPHER 228 +#define SSL_R_TLS_PEER_DID_NOT_RESPOND_WITH_CERTIFICATE_LIST 229 +#define SSL_R_TLS_RSA_ENCRYPTED_VALUE_LENGTH_IS_WRONG 230 +#define SSL_R_TRIED_TO_USE_UNSUPPORTED_CIPHER 231 +#define SSL_R_UNABLE_TO_DECODE_DH_CERTS 232 +#define SSL_R_UNABLE_TO_EXTRACT_PUBLIC_KEY 233 +#define SSL_R_UNABLE_TO_FIND_DH_PARAMETERS 234 +#define SSL_R_UNABLE_TO_FIND_PUBLIC_KEY_PARAMETERS 235 +#define SSL_R_UNABLE_TO_FIND_SSL_METHOD 236 +#define SSL_R_UNABLE_TO_LOAD_SSL2_MD5_ROUTINES 237 +#define SSL_R_UNABLE_TO_LOAD_SSL3_MD5_ROUTINES 238 +#define SSL_R_UNABLE_TO_LOAD_SSL3_SHA1_ROUTINES 239 +#define SSL_R_UNEXPECTED_MESSAGE 240 +#define SSL_R_UNEXPECTED_RECORD 241 +#define SSL_R_UNKNOWN_ALERT_TYPE 242 +#define SSL_R_UNKNOWN_CERTIFICATE_TYPE 243 +#define SSL_R_UNKNOWN_CIPHER_RETURNED 244 +#define SSL_R_UNKNOWN_CIPHER_TYPE 245 +#define SSL_R_UNKNOWN_KEY_EXCHANGE_TYPE 246 +#define SSL_R_UNKNOWN_PKEY_TYPE 247 +#define SSL_R_UNKNOWN_PROTOCOL 248 +#define SSL_R_UNKNOWN_REMOTE_ERROR_TYPE 249 +#define SSL_R_UNKNOWN_SSL_VERSION 250 +#define SSL_R_UNKNOWN_STATE 251 +#define SSL_R_UNSUPPORTED_CIPHER 252 +#define SSL_R_UNSUPPORTED_COMPRESSION_ALGORITHM 253 +#define SSL_R_UNSUPPORTED_PROTOCOL 254 +#define SSL_R_UNSUPPORTED_SSL_VERSION 255 +#define SSL_R_WRITE_BIO_NOT_SET 256 +#define SSL_R_WRONG_CIPHER_RETURNED 257 +#define SSL_R_WRONG_MESSAGE_TYPE 258 +#define SSL_R_WRONG_NUMBER_OF_KEY_BITS 259 +#define SSL_R_WRONG_SIGNATURE_LENGTH 260 +#define SSL_R_WRONG_SIGNATURE_SIZE 261 +#define SSL_R_WRONG_SSL_VERSION 262 +#define SSL_R_WRONG_VERSION_NUMBER 263 +#define SSL_R_X509_LIB 264 + +#ifdef __cplusplus +} +#endif +#endif + diff --git a/src/lib/libssl/ssl2.h b/src/lib/libssl/ssl2.h new file mode 100644 index 0000000000..3dc94e520b --- /dev/null +++ b/src/lib/libssl/ssl2.h @@ -0,0 +1,265 @@ +/* ssl/ssl2.h */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#ifndef HEADER_SSL2_H +#define HEADER_SSL2_H + +#ifdef __cplusplus +extern "C" { +#endif + +/* Protocol Version Codes */ +#define SSL2_VERSION 0x0002 +#define SSL2_VERSION_MAJOR 0x00 +#define SSL2_VERSION_MINOR 0x02 +#define SSL2_CLIENT_VERSION 0x0002 +#define SSL2_SERVER_VERSION 0x0002 + +/* Protocol Message Codes */ +#define SSL2_MT_ERROR 0 +#define SSL2_MT_CLIENT_HELLO 1 +#define SSL2_MT_CLIENT_MASTER_KEY 2 +#define SSL2_MT_CLIENT_FINISHED 3 +#define SSL2_MT_SERVER_HELLO 4 +#define SSL2_MT_SERVER_VERIFY 5 +#define SSL2_MT_SERVER_FINISHED 6 +#define SSL2_MT_REQUEST_CERTIFICATE 7 +#define SSL2_MT_CLIENT_CERTIFICATE 8 + +/* Error Message Codes */ +#define SSL2_PE_UNDEFINED_ERROR 0x0000 +#define SSL2_PE_NO_CIPHER 0x0001 +#define SSL2_PE_NO_CERTIFICATE 0x0002 +#define SSL2_PE_BAD_CERTIFICATE 0x0004 +#define SSL2_PE_UNSUPPORTED_CERTIFICATE_TYPE 0x0006 + +/* Cipher Kind Values */ +#define SSL2_CK_NULL_WITH_MD5 0x02000000 /* v3 */ +#define SSL2_CK_RC4_128_WITH_MD5 0x02010080 +#define SSL2_CK_RC4_128_EXPORT40_WITH_MD5 0x02020080 +#define SSL2_CK_RC2_128_CBC_WITH_MD5 0x02030080 +#define SSL2_CK_RC2_128_CBC_EXPORT40_WITH_MD5 0x02040080 +#define SSL2_CK_IDEA_128_CBC_WITH_MD5 0x02050080 +#define SSL2_CK_DES_64_CBC_WITH_MD5 0x02060040 +#define SSL2_CK_DES_64_CBC_WITH_SHA 0x02060140 /* v3 */ +#define SSL2_CK_DES_192_EDE3_CBC_WITH_MD5 0x020700c0 +#define SSL2_CK_DES_192_EDE3_CBC_WITH_SHA 0x020701c0 /* v3 */ +#define SSL2_CK_RC4_64_WITH_MD5 0x02080080 /* MS hack */ + +#define SSL2_CK_DES_64_CFB64_WITH_MD5_1 0x02ff0800 /* SSLeay */ +#define SSL2_CK_NULL 0x02ff0810 /* SSLeay */ + +#define SSL2_TXT_DES_64_CFB64_WITH_MD5_1 "DES-CFB-M1" +#define SSL2_TXT_NULL_WITH_MD5 "NULL-MD5" +#define SSL2_TXT_RC4_128_WITH_MD5 "RC4-MD5" +#define SSL2_TXT_RC4_128_EXPORT40_WITH_MD5 "EXP-RC4-MD5" +#define SSL2_TXT_RC2_128_CBC_WITH_MD5 "RC2-CBC-MD5" +#define SSL2_TXT_RC2_128_CBC_EXPORT40_WITH_MD5 "EXP-RC2-CBC-MD5" +#define SSL2_TXT_IDEA_128_CBC_WITH_MD5 "IDEA-CBC-MD5" +#define SSL2_TXT_DES_64_CBC_WITH_MD5 "DES-CBC-MD5" +#define SSL2_TXT_DES_64_CBC_WITH_SHA "DES-CBC-SHA" +#define SSL2_TXT_DES_192_EDE3_CBC_WITH_MD5 "DES-CBC3-MD5" +#define SSL2_TXT_DES_192_EDE3_CBC_WITH_SHA "DES-CBC3-SHA" +#define SSL2_TXT_RC4_64_WITH_MD5 "RC4-64-MD5" + +#define SSL2_TXT_NULL "NULL" + +/* Flags for the SSL_CIPHER.algorithm2 field */ +#define SSL2_CF_5_BYTE_ENC 0x01 +#define SSL2_CF_8_BYTE_ENC 0x02 + +/* Certificate Type Codes */ +#define SSL2_CT_X509_CERTIFICATE 0x01 + +/* Authentication Type Code */ +#define SSL2_AT_MD5_WITH_RSA_ENCRYPTION 0x01 + +#define SSL2_MAX_SSL_SESSION_ID_LENGTH 32 + +/* Upper/Lower Bounds */ +#define SSL2_MAX_MASTER_KEY_LENGTH_IN_BITS 256 +#define SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER (unsigned int)32767 +#define SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER 16383 /**/ + +#define SSL2_CHALLENGE_LENGTH 16 +/*#define SSL2_CHALLENGE_LENGTH 32 */ +#define SSL2_MIN_CHALLENGE_LENGTH 16 +#define SSL2_MAX_CHALLENGE_LENGTH 32 +#define SSL2_CONNECTION_ID_LENGTH 16 +#define SSL2_MAX_CONNECTION_ID_LENGTH 16 +#define SSL2_SSL_SESSION_ID_LENGTH 16 +#define SSL2_MAX_CERT_CHALLENGE_LENGTH 32 +#define SSL2_MIN_CERT_CHALLENGE_LENGTH 16 +#define SSL2_MAX_KEY_MATERIAL_LENGTH 24 + +#ifndef HEADER_SSL_LOCL_H +#define CERT char +#endif + +typedef struct ssl2_ctx_st + { + int three_byte_header; + int clear_text; /* clear text */ + int escape; /* not used in SSLv2 */ + int ssl2_rollback; /* used if SSLv23 rolled back to SSLv2 */ + + /* non-blocking io info, used to make sure the same + * args were passwd */ + unsigned int wnum; /* number of bytes sent so far */ + int wpend_tot; + char *wpend_buf; + + int wpend_off; /* offset to data to write */ + int wpend_len; /* number of bytes passwd to write */ + int wpend_ret; /* number of bytes to return to caller */ + + /* buffer raw data */ + int rbuf_left; + int rbuf_offs; + unsigned char *rbuf; + unsigned char *wbuf; + + unsigned char *write_ptr;/* used to point to the start due to + * 2/3 byte header. */ + + unsigned int padding; + unsigned int rlength; /* passed to ssl2_enc */ + int ract_data_length; /* Set when things are encrypted. */ + unsigned int wlength; /* passed to ssl2_enc */ + int wact_data_length; /* Set when things are decrypted. */ + unsigned char *ract_data; + unsigned char *wact_data; + unsigned char *mac_data; + unsigned char *pad_data; + + unsigned char *read_key; + unsigned char *write_key; + + /* Stuff specifically to do with this SSL session */ + unsigned int challenge_length; + unsigned char challenge[SSL2_MAX_CHALLENGE_LENGTH]; + unsigned int conn_id_length; + unsigned char conn_id[SSL2_MAX_CONNECTION_ID_LENGTH]; + unsigned int key_material_length; + unsigned char key_material[SSL2_MAX_KEY_MATERIAL_LENGTH*2]; + + unsigned long read_sequence; + unsigned long write_sequence; + + struct { + unsigned int conn_id_length; + unsigned int cert_type; + unsigned int cert_length; + int csl; + int clear; + unsigned int enc; + unsigned char ccl[SSL2_MAX_CERT_CHALLENGE_LENGTH]; + int cipher_spec_length; + unsigned int session_id_length; + unsigned int clen; + unsigned int rlen; + } tmp; + } SSL2_CTX; + +/* SSLv2 */ +/* client */ +#define SSL2_ST_SEND_CLIENT_HELLO_A (0x10|SSL_ST_CONNECT) +#define SSL2_ST_SEND_CLIENT_HELLO_B (0x11|SSL_ST_CONNECT) +#define SSL2_ST_GET_SERVER_HELLO_A (0x20|SSL_ST_CONNECT) +#define SSL2_ST_GET_SERVER_HELLO_B (0x21|SSL_ST_CONNECT) +#define SSL2_ST_SEND_CLIENT_MASTER_KEY_A (0x30|SSL_ST_CONNECT) +#define SSL2_ST_SEND_CLIENT_MASTER_KEY_B (0x31|SSL_ST_CONNECT) +#define SSL2_ST_SEND_CLIENT_FINISHED_A (0x40|SSL_ST_CONNECT) +#define SSL2_ST_SEND_CLIENT_FINISHED_B (0x41|SSL_ST_CONNECT) +#define SSL2_ST_SEND_CLIENT_CERTIFICATE_A (0x50|SSL_ST_CONNECT) +#define SSL2_ST_SEND_CLIENT_CERTIFICATE_B (0x51|SSL_ST_CONNECT) +#define SSL2_ST_SEND_CLIENT_CERTIFICATE_C (0x52|SSL_ST_CONNECT) +#define SSL2_ST_SEND_CLIENT_CERTIFICATE_D (0x53|SSL_ST_CONNECT) +#define SSL2_ST_GET_SERVER_VERIFY_A (0x60|SSL_ST_CONNECT) +#define SSL2_ST_GET_SERVER_VERIFY_B (0x61|SSL_ST_CONNECT) +#define SSL2_ST_GET_SERVER_FINISHED_A (0x70|SSL_ST_CONNECT) +#define SSL2_ST_GET_SERVER_FINISHED_B (0x71|SSL_ST_CONNECT) +#define SSL2_ST_CLIENT_START_ENCRYPTION (0x80|SSL_ST_CONNECT) +#define SSL2_ST_X509_GET_CLIENT_CERTIFICATE (0x90|SSL_ST_CONNECT) +/* server */ +#define SSL2_ST_GET_CLIENT_HELLO_A (0x10|SSL_ST_ACCEPT) +#define SSL2_ST_GET_CLIENT_HELLO_B (0x11|SSL_ST_ACCEPT) +#define SSL2_ST_GET_CLIENT_HELLO_C (0x12|SSL_ST_ACCEPT) +#define SSL2_ST_SEND_SERVER_HELLO_A (0x20|SSL_ST_ACCEPT) +#define SSL2_ST_SEND_SERVER_HELLO_B (0x21|SSL_ST_ACCEPT) +#define SSL2_ST_GET_CLIENT_MASTER_KEY_A (0x30|SSL_ST_ACCEPT) +#define SSL2_ST_GET_CLIENT_MASTER_KEY_B (0x31|SSL_ST_ACCEPT) +#define SSL2_ST_SEND_SERVER_VERIFY_A (0x40|SSL_ST_ACCEPT) +#define SSL2_ST_SEND_SERVER_VERIFY_B (0x41|SSL_ST_ACCEPT) +#define SSL2_ST_SEND_SERVER_VERIFY_C (0x42|SSL_ST_ACCEPT) +#define SSL2_ST_GET_CLIENT_FINISHED_A (0x50|SSL_ST_ACCEPT) +#define SSL2_ST_GET_CLIENT_FINISHED_B (0x51|SSL_ST_ACCEPT) +#define SSL2_ST_SEND_SERVER_FINISHED_A (0x60|SSL_ST_ACCEPT) +#define SSL2_ST_SEND_SERVER_FINISHED_B (0x61|SSL_ST_ACCEPT) +#define SSL2_ST_SEND_REQUEST_CERTIFICATE_A (0x70|SSL_ST_ACCEPT) +#define SSL2_ST_SEND_REQUEST_CERTIFICATE_B (0x71|SSL_ST_ACCEPT) +#define SSL2_ST_SEND_REQUEST_CERTIFICATE_C (0x72|SSL_ST_ACCEPT) +#define SSL2_ST_SEND_REQUEST_CERTIFICATE_D (0x73|SSL_ST_ACCEPT) +#define SSL2_ST_SERVER_START_ENCRYPTION (0x80|SSL_ST_ACCEPT) +#define SSL2_ST_X509_GET_SERVER_CERTIFICATE (0x90|SSL_ST_ACCEPT) + +#ifdef __cplusplus +} +#endif +#endif + diff --git a/src/lib/libssl/ssl23.h b/src/lib/libssl/ssl23.h new file mode 100644 index 0000000000..d3228983c7 --- /dev/null +++ b/src/lib/libssl/ssl23.h @@ -0,0 +1,83 @@ +/* ssl/ssl23.h */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#ifndef HEADER_SSL23_H +#define HEADER_SSL23_H + +#ifdef __cplusplus +extern "C" { +#endif + +/*client */ +/* write to server */ +#define SSL23_ST_CW_CLNT_HELLO_A (0x210|SSL_ST_CONNECT) +#define SSL23_ST_CW_CLNT_HELLO_B (0x211|SSL_ST_CONNECT) +/* read from server */ +#define SSL23_ST_CR_SRVR_HELLO_A (0x220|SSL_ST_CONNECT) +#define SSL23_ST_CR_SRVR_HELLO_B (0x221|SSL_ST_CONNECT) + +/* server */ +/* read from client */ +#define SSL23_ST_SR_CLNT_HELLO_A (0x210|SSL_ST_ACCEPT) +#define SSL23_ST_SR_CLNT_HELLO_B (0x211|SSL_ST_ACCEPT) + +#ifdef __cplusplus +} +#endif +#endif + diff --git a/src/lib/libssl/ssl3.h b/src/lib/libssl/ssl3.h new file mode 100644 index 0000000000..95772eef60 --- /dev/null +++ b/src/lib/libssl/ssl3.h @@ -0,0 +1,455 @@ +/* ssl/ssl3.h */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#ifndef HEADER_SSL3_H +#define HEADER_SSL3_H + +#include "buffer.h" + +#ifdef __cplusplus +extern "C" { +#endif + +#define SSL3_CK_RSA_NULL_MD5 0x03000001 +#define SSL3_CK_RSA_NULL_SHA 0x03000002 +#define SSL3_CK_RSA_RC4_40_MD5 0x03000003 +#define SSL3_CK_RSA_RC4_128_MD5 0x03000004 +#define SSL3_CK_RSA_RC4_128_SHA 0x03000005 +#define SSL3_CK_RSA_RC2_40_MD5 0x03000006 +#define SSL3_CK_RSA_IDEA_128_SHA 0x03000007 +#define SSL3_CK_RSA_DES_40_CBC_SHA 0x03000008 +#define SSL3_CK_RSA_DES_64_CBC_SHA 0x03000009 +#define SSL3_CK_RSA_DES_192_CBC3_SHA 0x0300000A + +#define SSL3_CK_DH_DSS_DES_40_CBC_SHA 0x0300000B +#define SSL3_CK_DH_DSS_DES_64_CBC_SHA 0x0300000C +#define SSL3_CK_DH_DSS_DES_192_CBC3_SHA 0x0300000D +#define SSL3_CK_DH_RSA_DES_40_CBC_SHA 0x0300000E +#define SSL3_CK_DH_RSA_DES_64_CBC_SHA 0x0300000F +#define SSL3_CK_DH_RSA_DES_192_CBC3_SHA 0x03000010 + +#define SSL3_CK_EDH_DSS_DES_40_CBC_SHA 0x03000011 +#define SSL3_CK_EDH_DSS_DES_64_CBC_SHA 0x03000012 +#define SSL3_CK_EDH_DSS_DES_192_CBC3_SHA 0x03000013 +#define SSL3_CK_EDH_RSA_DES_40_CBC_SHA 0x03000014 +#define SSL3_CK_EDH_RSA_DES_64_CBC_SHA 0x03000015 +#define SSL3_CK_EDH_RSA_DES_192_CBC3_SHA 0x03000016 + +#define SSL3_CK_ADH_RC4_40_MD5 0x03000017 +#define SSL3_CK_ADH_RC4_128_MD5 0x03000018 +#define SSL3_CK_ADH_DES_40_CBC_SHA 0x03000019 +#define SSL3_CK_ADH_DES_64_CBC_SHA 0x0300001A +#define SSL3_CK_ADH_DES_192_CBC_SHA 0x0300001B + +#define SSL3_CK_FZA_DMS_NULL_SHA 0x0300001C +#define SSL3_CK_FZA_DMS_FZA_SHA 0x0300001D +#define SSL3_CK_FZA_DMS_RC4_SHA 0x0300001E + +#define SSL3_TXT_RSA_NULL_MD5 "NULL-MD5" +#define SSL3_TXT_RSA_NULL_SHA "NULL-SHA" +#define SSL3_TXT_RSA_RC4_40_MD5 "EXP-RC4-MD5" +#define SSL3_TXT_RSA_RC4_128_MD5 "RC4-MD5" +#define SSL3_TXT_RSA_RC4_128_SHA "RC4-SHA" +#define SSL3_TXT_RSA_RC2_40_MD5 "EXP-RC2-CBC-MD5" +#define SSL3_TXT_RSA_IDEA_128_SHA "IDEA-CBC-SHA" +#define SSL3_TXT_RSA_DES_40_CBC_SHA "EXP-DES-CBC-SHA" +#define SSL3_TXT_RSA_DES_64_CBC_SHA "DES-CBC-SHA" +#define SSL3_TXT_RSA_DES_192_CBC3_SHA "DES-CBC3-SHA" + +#define SSL3_TXT_DH_DSS_DES_40_CBC_SHA "EXP-DH-DSS-DES-CBC-SHA" +#define SSL3_TXT_DH_DSS_DES_64_CBC_SHA "DH-DSS-DES-CBC-SHA" +#define SSL3_TXT_DH_DSS_DES_192_CBC3_SHA "DH-DSS-DES-CBC3-SHA" +#define SSL3_TXT_DH_RSA_DES_40_CBC_SHA "EXP-DH-RSA-DES-CBC-SHA" +#define SSL3_TXT_DH_RSA_DES_64_CBC_SHA "DH-RSA-DES-CBC-SHA" +#define SSL3_TXT_DH_RSA_DES_192_CBC3_SHA "DH-RSA-DES-CBC3-SHA" + +#define SSL3_TXT_EDH_DSS_DES_40_CBC_SHA "EXP-EDH-DSS-DES-CBC-SHA" +#define SSL3_TXT_EDH_DSS_DES_64_CBC_SHA "EDH-DSS-DES-CBC-SHA" +#define SSL3_TXT_EDH_DSS_DES_192_CBC3_SHA "EDH-DSS-DES-CBC3-SHA" +#define SSL3_TXT_EDH_RSA_DES_40_CBC_SHA "EXP-EDH-RSA-DES-CBC-SHA" +#define SSL3_TXT_EDH_RSA_DES_64_CBC_SHA "EDH-RSA-DES-CBC-SHA" +#define SSL3_TXT_EDH_RSA_DES_192_CBC3_SHA "EDH-RSA-DES-CBC3-SHA" + +#define SSL3_TXT_ADH_RC4_40_MD5 "EXP-ADH-RC4-MD5" +#define SSL3_TXT_ADH_RC4_128_MD5 "ADH-RC4-MD5" +#define SSL3_TXT_ADH_DES_40_CBC_SHA "EXP-ADH-DES-CBC-SHA" +#define SSL3_TXT_ADH_DES_64_CBC_SHA "ADH-DES-CBC-SHA" +#define SSL3_TXT_ADH_DES_192_CBC_SHA "ADH-DES-CBC3-SHA" + +#define SSL3_TXT_FZA_DMS_NULL_SHA "FZA-NULL-SHA" +#define SSL3_TXT_FZA_DMS_FZA_SHA "FZA-FZA-CBC-SHA" +#define SSL3_TXT_FZA_DMS_RC4_SHA "FZA-RC4-SHA" + +#define SSL3_SSL_SESSION_ID_LENGTH 32 +#define SSL3_MAX_SSL_SESSION_ID_LENGTH 32 + +#define SSL3_MASTER_SECRET_SIZE 48 +#define SSL3_RANDOM_SIZE 32 +#define SSL3_SESSION_ID_SIZE 32 +#define SSL3_RT_HEADER_LENGTH 5 + +/* Due to MS stuffing up, this can change.... */ +#if defined(WIN16) || (defined(MSDOS) && !defined(WIN32)) +#define SSL3_RT_MAX_EXTRA (14000) +#else +#define SSL3_RT_MAX_EXTRA (16384) +#endif + +#define SSL3_RT_MAX_PLAIN_LENGTH 16384 +#define SSL3_RT_MAX_COMPRESSED_LENGTH (1024+SSL3_RT_MAX_PLAIN_LENGTH) +#define SSL3_RT_MAX_ENCRYPTED_LENGTH (1024+SSL3_RT_MAX_COMPRESSED_LENGTH) +#define SSL3_RT_MAX_PACKET_SIZE (SSL3_RT_MAX_ENCRYPTED_LENGTH+SSL3_RT_HEADER_LENGTH) +#define SSL3_RT_MAX_DATA_SIZE (1024*1024) + +/* the states that a SSL3_RECORD can be in + * For SSL_read it goes + * rbuf->ENCODED -> read + * ENCODED -> we need to decode everything - call decode_record + */ + +#define SSL3_RS_BLANK 1 +#define SSL3_RS_DATA + +#define SSL3_RS_ENCODED 2 +#define SSL3_RS_READ_MORE 3 +#define SSL3_RS_WRITE_MORE +#define SSL3_RS_PLAIN 3 +#define SSL3_RS_PART_READ 4 +#define SSL3_RS_PART_WRITE 5 + +#define SSL3_MD_CLIENT_FINISHED_CONST {0x43,0x4C,0x4E,0x54} +#define SSL3_MD_SERVER_FINISHED_CONST {0x53,0x52,0x56,0x52} + +#define SSL3_VERSION 0x0300 +#define SSL3_VERSION_MAJOR 0x03 +#define SSL3_VERSION_MINOR 0x00 + +#define SSL3_RT_CHANGE_CIPHER_SPEC 20 +#define SSL3_RT_ALERT 21 +#define SSL3_RT_HANDSHAKE 22 +#define SSL3_RT_APPLICATION_DATA 23 + +#define SSL3_AL_WARNING 1 +#define SSL3_AL_FATAL 2 + +#define SSL3_AD_CLOSE_NOTIFY 0 +#define SSL3_AD_UNEXPECTED_MESSAGE 10 /* fatal */ +#define SSL3_AD_BAD_RECORD_MAC 20 /* fatal */ +#define SSL3_AD_DECOMPRESSION_FAILURE 30 /* fatal */ +#define SSL3_AD_HANDSHAKE_FAILURE 40 /* fatal */ +#define SSL3_AD_NO_CERTIFICATE 41 +#define SSL3_AD_BAD_CERTIFICATE 42 +#define SSL3_AD_UNSUPPORTED_CERTIFICATE 43 +#define SSL3_AD_CERTIFICATE_REVOKED 44 +#define SSL3_AD_CERTIFICATE_EXPIRED 45 +#define SSL3_AD_CERTIFICATE_UNKNOWN 46 +#define SSL3_AD_ILLEGAL_PARAMETER 47 /* fatal */ + +typedef struct ssl3_record_st + { +/*r */ int type; /* type of record */ +/* */ /*int state;*/ /* any data in it? */ +/*rw*/ unsigned int length; /* How many bytes available */ +/*r */ unsigned int off; /* read/write offset into 'buf' */ +/*rw*/ unsigned char *data; /* pointer to the record data */ +/*rw*/ unsigned char *input; /* where the decode bytes are */ +/*rw*/ unsigned char *comp; /* only used with decompression */ + } SSL3_RECORD; + +typedef struct ssl3_buffer_st + { +/*r */ int total; /* used in non-blocking writes */ +/*r */ int wanted; /* how many more bytes we need */ +/*rw*/ int left; /* how many bytes left */ +/*rw*/ int offset; /* where to 'copy from' */ +/*rw*/ unsigned char *buf; /* SSL3_RT_MAX_PACKET_SIZE bytes */ + } SSL3_BUFFER; + +typedef struct ssl3_compression_st { + int nothing; + } SSL3_COMPRESSION; + +#define SSL3_CT_RSA_SIGN 1 +#define SSL3_CT_DSS_SIGN 2 +#define SSL3_CT_RSA_FIXED_DH 3 +#define SSL3_CT_DSS_FIXED_DH 4 +#define SSL3_CT_RSA_EPHEMERAL_DH 5 +#define SSL3_CT_DSS_EPHEMERAL_DH 6 +#define SSL3_CT_FORTEZZA_DMS 20 +#define SSL3_CT_NUMBER 7 + +#define SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS 0x0001 +#define SSL3_FLAGS_DELAY_CLIENT_FINISHED 0x0002 +#define SSL3_FLAGS_POP_BUFFER 0x0004 +#define TLS1_FLAGS_TLS_PADDING_BUG 0x0008 + +#if 0 +#define AD_CLOSE_NOTIFY 0 +#define AD_UNEXPECTED_MESSAGE 1 +#define AD_BAD_RECORD_MAC 2 +#define AD_DECRYPTION_FAILED 3 +#define AD_RECORD_OVERFLOW 4 +#define AD_DECOMPRESSION_FAILURE 5 /* fatal */ +#define AD_HANDSHAKE_FAILURE 6 /* fatal */ +#define AD_NO_CERTIFICATE 7 /* Not under TLS */ +#define AD_BAD_CERTIFICATE 8 +#define AD_UNSUPPORTED_CERTIFICATE 9 +#define AD_CERTIFICATE_REVOKED 10 +#define AD_CERTIFICATE_EXPIRED 11 +#define AD_CERTIFICATE_UNKNOWN 12 +#define AD_ILLEGAL_PARAMETER 13 /* fatal */ +#define AD_UNKNOWN_CA 14 /* fatal */ +#define AD_ACCESS_DENIED 15 /* fatal */ +#define AD_DECODE_ERROR 16 /* fatal */ +#define AD_DECRYPT_ERROR 17 +#define AD_EXPORT_RESTRICION 18 /* fatal */ +#define AD_PROTOCOL_VERSION 19 /* fatal */ +#define AD_INSUFFICIENT_SECURITY 20 /* fatal */ +#define AD_INTERNAL_ERROR 21 /* fatal */ +#define AD_USER_CANCLED 22 +#define AD_NO_RENEGOTIATION 23 +#endif + +typedef struct ssl3_ctx_st + { + long flags; + int delay_buf_pop_ret; + + unsigned char read_sequence[8]; + unsigned char read_mac_secret[EVP_MAX_MD_SIZE]; + unsigned char write_sequence[8]; + unsigned char write_mac_secret[EVP_MAX_MD_SIZE]; + + unsigned char server_random[SSL3_RANDOM_SIZE]; + unsigned char client_random[SSL3_RANDOM_SIZE]; + + SSL3_BUFFER rbuf; /* read IO goes into here */ + SSL3_BUFFER wbuf; /* write IO goes into here */ + SSL3_RECORD rrec; /* each decoded record goes in here */ + SSL3_RECORD wrec; /* goes out from here */ + /* Used by ssl3_read_n to point + * to input data packet */ + + /* partial write - check the numbers match */ + unsigned int wnum; /* number of bytes sent so far */ + int wpend_tot; /* number bytes written */ + int wpend_type; + int wpend_ret; /* number of bytes submitted */ + char *wpend_buf; + + /* used during startup, digest all incoming/outgoing packets */ + EVP_MD_CTX finish_dgst1; + EVP_MD_CTX finish_dgst2; + + /* this is set whenerver we see a change_cipher_spec message + * come in when we are not looking for one */ + int change_cipher_spec; + + int warn_alert; + int fatal_alert; + /* we alow one fatal and one warning alert to be outstanding, + * send close alert via the warning alert */ + int alert_dispatch; + char send_alert[2]; + + /* This flag is set when we should renegotiate ASAP, basically when + * there is no more data in the read or write buffers */ + int renegotiate; + int total_renegotiations; + int num_renegotiations; + + int in_read_app_data; + + struct { + /* Actually only needs to be 16+20 for SSLv3 and 12 for TLS */ + unsigned char finish_md[EVP_MAX_MD_SIZE*2]; + + unsigned long message_size; + int message_type; + + /* used to hold the new cipher we are going to use */ + SSL_CIPHER *new_cipher; + DH *dh; + + /* used when SSL_ST_FLUSH_DATA is entered */ + int next_state; + + int reuse_message; + + /* used for certificate requests */ + int cert_req; + int ctype_num; + char ctype[SSL3_CT_NUMBER]; + STACK *ca_names; + + int use_rsa_tmp; + + int key_block_length; + unsigned char *key_block; + + EVP_CIPHER *new_sym_enc; + EVP_MD *new_hash; + SSL_COMPRESSION *new_compression; + int cert_request; + } tmp; + } SSL3_CTX; + +/* SSLv3 */ +/*client */ +/* extra state */ +#define SSL3_ST_CW_FLUSH (0x100|SSL_ST_CONNECT) +/* write to server */ +#define SSL3_ST_CW_CLNT_HELLO_A (0x110|SSL_ST_CONNECT) +#define SSL3_ST_CW_CLNT_HELLO_B (0x111|SSL_ST_CONNECT) +/* read from server */ +#define SSL3_ST_CR_SRVR_HELLO_A (0x120|SSL_ST_CONNECT) +#define SSL3_ST_CR_SRVR_HELLO_B (0x121|SSL_ST_CONNECT) +#define SSL3_ST_CR_CERT_A (0x130|SSL_ST_CONNECT) +#define SSL3_ST_CR_CERT_B (0x131|SSL_ST_CONNECT) +#define SSL3_ST_CR_KEY_EXCH_A (0x140|SSL_ST_CONNECT) +#define SSL3_ST_CR_KEY_EXCH_B (0x141|SSL_ST_CONNECT) +#define SSL3_ST_CR_CERT_REQ_A (0x150|SSL_ST_CONNECT) +#define SSL3_ST_CR_CERT_REQ_B (0x151|SSL_ST_CONNECT) +#define SSL3_ST_CR_SRVR_DONE_A (0x160|SSL_ST_CONNECT) +#define SSL3_ST_CR_SRVR_DONE_B (0x161|SSL_ST_CONNECT) +/* write to server */ +#define SSL3_ST_CW_CERT_A (0x170|SSL_ST_CONNECT) +#define SSL3_ST_CW_CERT_B (0x171|SSL_ST_CONNECT) +#define SSL3_ST_CW_CERT_C (0x172|SSL_ST_CONNECT) +#define SSL3_ST_CW_CERT_D (0x173|SSL_ST_CONNECT) +#define SSL3_ST_CW_KEY_EXCH_A (0x180|SSL_ST_CONNECT) +#define SSL3_ST_CW_KEY_EXCH_B (0x181|SSL_ST_CONNECT) +#define SSL3_ST_CW_CERT_VRFY_A (0x190|SSL_ST_CONNECT) +#define SSL3_ST_CW_CERT_VRFY_B (0x191|SSL_ST_CONNECT) +#define SSL3_ST_CW_CHANGE_A (0x1A0|SSL_ST_CONNECT) +#define SSL3_ST_CW_CHANGE_B (0x1A1|SSL_ST_CONNECT) +#define SSL3_ST_CW_FINISHED_A (0x1B0|SSL_ST_CONNECT) +#define SSL3_ST_CW_FINISHED_B (0x1B1|SSL_ST_CONNECT) +/* read from server */ +#define SSL3_ST_CR_CHANGE_A (0x1C0|SSL_ST_CONNECT) +#define SSL3_ST_CR_CHANGE_B (0x1C1|SSL_ST_CONNECT) +#define SSL3_ST_CR_FINISHED_A (0x1D0|SSL_ST_CONNECT) +#define SSL3_ST_CR_FINISHED_B (0x1D1|SSL_ST_CONNECT) + +/* server */ +/* extra state */ +#define SSL3_ST_SW_FLUSH (0x100|SSL_ST_ACCEPT) +/* read from client */ +/* Do not change the number values, they do matter */ +#define SSL3_ST_SR_CLNT_HELLO_A (0x110|SSL_ST_ACCEPT) +#define SSL3_ST_SR_CLNT_HELLO_B (0x111|SSL_ST_ACCEPT) +#define SSL3_ST_SR_CLNT_HELLO_C (0x112|SSL_ST_ACCEPT) +/* write to client */ +#define SSL3_ST_SW_HELLO_REQ_A (0x120|SSL_ST_ACCEPT) +#define SSL3_ST_SW_HELLO_REQ_B (0x121|SSL_ST_ACCEPT) +#define SSL3_ST_SW_HELLO_REQ_C (0x122|SSL_ST_ACCEPT) +#define SSL3_ST_SW_SRVR_HELLO_A (0x130|SSL_ST_ACCEPT) +#define SSL3_ST_SW_SRVR_HELLO_B (0x131|SSL_ST_ACCEPT) +#define SSL3_ST_SW_CERT_A (0x140|SSL_ST_ACCEPT) +#define SSL3_ST_SW_CERT_B (0x141|SSL_ST_ACCEPT) +#define SSL3_ST_SW_KEY_EXCH_A (0x150|SSL_ST_ACCEPT) +#define SSL3_ST_SW_KEY_EXCH_B (0x151|SSL_ST_ACCEPT) +#define SSL3_ST_SW_CERT_REQ_A (0x160|SSL_ST_ACCEPT) +#define SSL3_ST_SW_CERT_REQ_B (0x161|SSL_ST_ACCEPT) +#define SSL3_ST_SW_SRVR_DONE_A (0x170|SSL_ST_ACCEPT) +#define SSL3_ST_SW_SRVR_DONE_B (0x171|SSL_ST_ACCEPT) +/* read from client */ +#define SSL3_ST_SR_CERT_A (0x180|SSL_ST_ACCEPT) +#define SSL3_ST_SR_CERT_B (0x181|SSL_ST_ACCEPT) +#define SSL3_ST_SR_KEY_EXCH_A (0x190|SSL_ST_ACCEPT) +#define SSL3_ST_SR_KEY_EXCH_B (0x191|SSL_ST_ACCEPT) +#define SSL3_ST_SR_CERT_VRFY_A (0x1A0|SSL_ST_ACCEPT) +#define SSL3_ST_SR_CERT_VRFY_B (0x1A1|SSL_ST_ACCEPT) +#define SSL3_ST_SR_CHANGE_A (0x1B0|SSL_ST_ACCEPT) +#define SSL3_ST_SR_CHANGE_B (0x1B1|SSL_ST_ACCEPT) +#define SSL3_ST_SR_FINISHED_A (0x1C0|SSL_ST_ACCEPT) +#define SSL3_ST_SR_FINISHED_B (0x1C1|SSL_ST_ACCEPT) +/* write to client */ +#define SSL3_ST_SW_CHANGE_A (0x1D0|SSL_ST_ACCEPT) +#define SSL3_ST_SW_CHANGE_B (0x1D1|SSL_ST_ACCEPT) +#define SSL3_ST_SW_FINISHED_A (0x1E0|SSL_ST_ACCEPT) +#define SSL3_ST_SW_FINISHED_B (0x1E1|SSL_ST_ACCEPT) + +#define SSL3_MT_CLIENT_REQUEST 0 +#define SSL3_MT_CLIENT_HELLO 1 +#define SSL3_MT_SERVER_HELLO 2 +#define SSL3_MT_CERTIFICATE 11 +#define SSL3_MT_SERVER_KEY_EXCHANGE 12 +#define SSL3_MT_CERTIFICATE_REQUEST 13 +#define SSL3_MT_SERVER_DONE 14 +#define SSL3_MT_CERTIFICATE_VERIFY 15 +#define SSL3_MT_CLIENT_KEY_EXCHANGE 16 +#define SSL3_MT_FINISHED 20 + +#define SSL3_MT_CCS 1 + +/* These are used when changing over to a new cipher */ +#define SSL3_CC_READ 0x01 +#define SSL3_CC_WRITE 0x02 +#define SSL3_CC_CLIENT 0x10 +#define SSL3_CC_SERVER 0x20 +#define SSL3_CHANGE_CIPHER_CLIENT_WRITE (SSL3_CC_CLIENT|SSL3_CC_WRITE) +#define SSL3_CHANGE_CIPHER_SERVER_READ (SSL3_CC_SERVER|SSL3_CC_READ) +#define SSL3_CHANGE_CIPHER_CLIENT_READ (SSL3_CC_CLIENT|SSL3_CC_READ) +#define SSL3_CHANGE_CIPHER_SERVER_WRITE (SSL3_CC_SERVER|SSL3_CC_WRITE) + +#ifdef __cplusplus +} +#endif +#endif + diff --git a/src/lib/libssl/ssl_algs.c b/src/lib/libssl/ssl_algs.c new file mode 100644 index 0000000000..65f3a59386 --- /dev/null +++ b/src/lib/libssl/ssl_algs.c @@ -0,0 +1,102 @@ +/* ssl/ssl_algs.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include +#include "objects.h" +#include "lhash.h" +#include "ssl_locl.h" + +void SSLeay_add_ssl_algorithms() + { +#ifndef NO_DES + EVP_add_cipher(EVP_des_cbc()); + EVP_add_cipher(EVP_des_ede3_cbc()); +#endif +#ifndef NO_IDEA + EVP_add_cipher(EVP_idea_cbc()); +#endif +#ifndef NO_RC4 + EVP_add_cipher(EVP_rc4()); +#endif +#ifndef NO_RC2 + EVP_add_cipher(EVP_rc2_cbc()); +#endif + +#ifndef NO_MD2 + EVP_add_digest(EVP_md2()); +#endif +#ifndef NO_MD5 + EVP_add_digest(EVP_md5()); + EVP_add_alias(SN_md5,"ssl2-md5"); + EVP_add_alias(SN_md5,"ssl3-md5"); +#endif +#ifndef NO_SHA1 + EVP_add_digest(EVP_sha1()); /* RSA with sha1 */ + EVP_add_alias(SN_sha1,"ssl3-sha1"); +#endif +#if !defined(NO_SHA1) && !defined(NO_DSA) + EVP_add_digest(EVP_dss1()); /* DSA with sha1 */ +#endif + + /* If you want support for phased out ciphers, add the following */ +#if 0 + EVP_add_digest(EVP_sha()); + EVP_add_digest(EVP_dss()); +#endif + } + diff --git a/src/lib/libssl/ssl_asn1.c b/src/lib/libssl/ssl_asn1.c new file mode 100644 index 0000000000..116a83de64 --- /dev/null +++ b/src/lib/libssl/ssl_asn1.c @@ -0,0 +1,313 @@ +/* ssl/ssl_asn1.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include +#include +#include "asn1_mac.h" +#include "objects.h" +#include "ssl_locl.h" + +typedef struct ssl_session_asn1_st + { + ASN1_INTEGER version; + ASN1_INTEGER ssl_version; + ASN1_OCTET_STRING cipher; + ASN1_OCTET_STRING master_key; + ASN1_OCTET_STRING session_id; + ASN1_OCTET_STRING key_arg; + ASN1_INTEGER time; + ASN1_INTEGER timeout; + } SSL_SESSION_ASN1; + +/* + * SSLerr(SSL_F_I2D_SSL_SESSION,SSL_R_CIPHER_CODE_WRONG_LENGTH); + * SSLerr(SSL_F_D2I_SSL_SESSION,SSL_R_UNSUPPORTED_CIPHER); + */ + +int i2d_SSL_SESSION(in,pp) +SSL_SESSION *in; +unsigned char **pp; + { +#define LSIZE2 (sizeof(long)*2) + int v1=0,v2=0,v3=0; + unsigned char buf[4],ibuf1[LSIZE2],ibuf2[LSIZE2]; + unsigned char ibuf3[LSIZE2],ibuf4[LSIZE2]; + long l; + SSL_SESSION_ASN1 a; + M_ASN1_I2D_vars(in); + + if ((in == NULL) || ((in->cipher == NULL) && (in->cipher_id == 0))) + return(0); + + /* Note that I cheat in the following 2 assignments. I know + * that if the ASN1_INTERGER passed to ASN1_INTEGER_set + * is > sizeof(long)+1, the buffer will not be re-Malloc()ed. + * This is a bit evil but makes things simple, no dynamic allocation + * to clean up :-) */ + a.version.length=LSIZE2; + a.version.type=V_ASN1_INTEGER; + a.version.data=ibuf1; + ASN1_INTEGER_set(&(a.version),SSL_SESSION_ASN1_VERSION); + + a.ssl_version.length=LSIZE2; + a.ssl_version.type=V_ASN1_INTEGER; + a.ssl_version.data=ibuf2; + ASN1_INTEGER_set(&(a.ssl_version),in->ssl_version); + + a.cipher.type=V_ASN1_OCTET_STRING; + a.cipher.data=buf; + + if (in->cipher == NULL) + l=in->cipher_id; + else + l=in->cipher->id; + if (in->ssl_version == SSL2_VERSION) + { + a.cipher.length=3; + buf[0]=((unsigned char)(l>>16L))&0xff; + buf[1]=((unsigned char)(l>> 8L))&0xff; + buf[2]=((unsigned char)(l ))&0xff; + } + else + { + a.cipher.length=2; + buf[0]=((unsigned char)(l>>8L))&0xff; + buf[1]=((unsigned char)(l ))&0xff; + } + + a.master_key.length=in->master_key_length; + a.master_key.type=V_ASN1_OCTET_STRING; + a.master_key.data=in->master_key; + + a.session_id.length=in->session_id_length; + a.session_id.type=V_ASN1_OCTET_STRING; + a.session_id.data=in->session_id; + + a.key_arg.length=in->key_arg_length; + a.key_arg.type=V_ASN1_OCTET_STRING; + a.key_arg.data=in->key_arg; + + if (in->time != 0L) + { + a.time.length=LSIZE2; + a.time.type=V_ASN1_INTEGER; + a.time.data=ibuf3; + ASN1_INTEGER_set(&(a.time),in->time); + } + + if (in->timeout != 0L) + { + a.timeout.length=LSIZE2; + a.timeout.type=V_ASN1_INTEGER; + a.timeout.data=ibuf4; + ASN1_INTEGER_set(&(a.timeout),in->timeout); + } + + M_ASN1_I2D_len(&(a.version), i2d_ASN1_INTEGER); + M_ASN1_I2D_len(&(a.ssl_version), i2d_ASN1_INTEGER); + M_ASN1_I2D_len(&(a.cipher), i2d_ASN1_OCTET_STRING); + M_ASN1_I2D_len(&(a.session_id), i2d_ASN1_OCTET_STRING); + M_ASN1_I2D_len(&(a.master_key), i2d_ASN1_OCTET_STRING); + if (in->key_arg_length > 0) + M_ASN1_I2D_len_IMP_opt(&(a.key_arg),i2d_ASN1_OCTET_STRING); + if (in->time != 0L) + M_ASN1_I2D_len_EXP_opt(&(a.time),i2d_ASN1_INTEGER,1,v1); + if (in->timeout != 0L) + M_ASN1_I2D_len_EXP_opt(&(a.timeout),i2d_ASN1_INTEGER,2,v2); + if (in->peer != NULL) + M_ASN1_I2D_len_EXP_opt(in->peer,i2d_X509,3,v3); + + M_ASN1_I2D_seq_total(); + + M_ASN1_I2D_put(&(a.version), i2d_ASN1_INTEGER); + M_ASN1_I2D_put(&(a.ssl_version), i2d_ASN1_INTEGER); + M_ASN1_I2D_put(&(a.cipher), i2d_ASN1_OCTET_STRING); + M_ASN1_I2D_put(&(a.session_id), i2d_ASN1_OCTET_STRING); + M_ASN1_I2D_put(&(a.master_key), i2d_ASN1_OCTET_STRING); + if (in->key_arg_length > 0) + M_ASN1_I2D_put_IMP_opt(&(a.key_arg),i2d_ASN1_OCTET_STRING,0); + if (in->time != 0L) + M_ASN1_I2D_put_EXP_opt(&(a.time),i2d_ASN1_INTEGER,1,v1); + if (in->timeout != 0L) + M_ASN1_I2D_put_EXP_opt(&(a.timeout),i2d_ASN1_INTEGER,2,v2); + if (in->peer != NULL) + M_ASN1_I2D_put_EXP_opt(in->peer,i2d_X509,3,v3); + + M_ASN1_I2D_finish(); + } + +SSL_SESSION *d2i_SSL_SESSION(a,pp,length) +SSL_SESSION **a; +unsigned char **pp; +long length; + { + int version,ssl_version=0,i; + long id; + ASN1_INTEGER ai,*aip; + ASN1_OCTET_STRING os,*osp; + M_ASN1_D2I_vars(a,SSL_SESSION *,SSL_SESSION_new); + + aip= &ai; + osp= &os; + + M_ASN1_D2I_Init(); + M_ASN1_D2I_start_sequence(); + + ai.data=NULL; ai.length=0; + M_ASN1_D2I_get(aip,d2i_ASN1_INTEGER); + version=(int)ASN1_INTEGER_get(aip); + if (ai.data != NULL) { Free(ai.data); ai.data=NULL; ai.length=0; } + + /* we don't care about the version right now :-) */ + M_ASN1_D2I_get(aip,d2i_ASN1_INTEGER); + ssl_version=(int)ASN1_INTEGER_get(aip); + ret->ssl_version=ssl_version; + if (ai.data != NULL) { Free(ai.data); ai.data=NULL; ai.length=0; } + + os.data=NULL; os.length=0; + M_ASN1_D2I_get(osp,d2i_ASN1_OCTET_STRING); + if (ssl_version == SSL2_VERSION) + { + if (os.length != 3) + { + c.error=SSL_R_CIPHER_CODE_WRONG_LENGTH; + goto err; + } + id=0x02000000L| + ((unsigned long)os.data[0]<<16L)| + ((unsigned long)os.data[1]<< 8L)| + (unsigned long)os.data[2]; + } + else if ((ssl_version>>8) == 3) + { + if (os.length != 2) + { + c.error=SSL_R_CIPHER_CODE_WRONG_LENGTH; + goto err; + } + id=0x03000000L| + ((unsigned long)os.data[0]<<8L)| + (unsigned long)os.data[1]; + } + else + { + SSLerr(SSL_F_D2I_SSL_SESSION,SSL_R_UNKNOWN_SSL_VERSION); + return(NULL); + } + + ret->cipher=NULL; + ret->cipher_id=id; + + M_ASN1_D2I_get(osp,d2i_ASN1_OCTET_STRING); + if ((ssl_version>>8) == SSL3_VERSION) + i=SSL3_MAX_SSL_SESSION_ID_LENGTH; + else /* if (ssl_version == SSL2_VERSION) */ + i=SSL2_MAX_SSL_SESSION_ID_LENGTH; + + if (os.length > i) + os.length=i; + + ret->session_id_length=os.length; + memcpy(ret->session_id,os.data,os.length); + + M_ASN1_D2I_get(osp,d2i_ASN1_OCTET_STRING); + if (ret->master_key_length > SSL_MAX_MASTER_KEY_LENGTH) + ret->master_key_length=SSL_MAX_MASTER_KEY_LENGTH; + else + ret->master_key_length=os.length; + memcpy(ret->master_key,os.data,ret->master_key_length); + + os.length=0; + M_ASN1_D2I_get_IMP_opt(osp,d2i_ASN1_OCTET_STRING,0,V_ASN1_OCTET_STRING); + if (os.length > SSL_MAX_KEY_ARG_LENGTH) + ret->key_arg_length=SSL_MAX_KEY_ARG_LENGTH; + else + ret->key_arg_length=os.length; + memcpy(ret->key_arg,os.data,ret->key_arg_length); + if (os.data != NULL) Free(os.data); + + ai.length=0; + M_ASN1_D2I_get_EXP_opt(aip,d2i_ASN1_INTEGER,1); + if (ai.data != NULL) + { + ret->time=ASN1_INTEGER_get(aip); + Free(ai.data); ai.data=NULL; ai.length=0; + } + else + ret->time=time(NULL); + + ai.length=0; + M_ASN1_D2I_get_EXP_opt(aip,d2i_ASN1_INTEGER,2); + if (ai.data != NULL) + { + ret->timeout=ASN1_INTEGER_get(aip); + Free(ai.data); ai.data=NULL; ai.length=0; + } + else + ret->timeout=3; + + if (ret->peer != NULL) + { + X509_free(ret->peer); + ret->peer=NULL; + } + M_ASN1_D2I_get_EXP_opt(ret->peer,d2i_X509,3); + + M_ASN1_D2I_Finish(a,SSL_SESSION_free,SSL_F_D2I_SSL_SESSION); + } + diff --git a/src/lib/libssl/ssl_cert.c b/src/lib/libssl/ssl_cert.c new file mode 100644 index 0000000000..c1cb86e1b7 --- /dev/null +++ b/src/lib/libssl/ssl_cert.c @@ -0,0 +1,329 @@ +/* ssl/ssl_cert.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include +#include "objects.h" +#include "bio.h" +#include "pem.h" +#include "ssl_locl.h" + +CERT *ssl_cert_new() + { + CERT *ret; + + ret=(CERT *)Malloc(sizeof(CERT)); + if (ret == NULL) + { + SSLerr(SSL_F_SSL_CERT_NEW,ERR_R_MALLOC_FAILURE); + return(NULL); + } + memset(ret,0,sizeof(CERT)); +/* + ret->valid=0; + ret->mask=0; + ret->export_mask=0; + ret->cert_type=0; + ret->key->x509=NULL; + ret->key->publickey=NULL; + ret->key->privatekey=NULL; */ + + ret->key= &(ret->pkeys[SSL_PKEY_RSA_ENC]); + ret->references=1; + + return(ret); + } + +void ssl_cert_free(c) +CERT *c; + { + int i; + + i=CRYPTO_add(&c->references,-1,CRYPTO_LOCK_SSL_CERT); +#ifdef REF_PRINT + REF_PRINT("CERT",c); +#endif + if (i > 0) return; +#ifdef REF_CHECK + if (i < 0) + { + fprintf(stderr,"ssl_cert_free, bad reference count\n"); + abort(); /* ok */ + } +#endif + +#ifndef NO_RSA + if (c->rsa_tmp) RSA_free(c->rsa_tmp); +#endif +#ifndef NO_DH + if (c->dh_tmp) DH_free(c->dh_tmp); +#endif + + for (i=0; ipkeys[i].x509 != NULL) + X509_free(c->pkeys[i].x509); + if (c->pkeys[i].privatekey != NULL) + EVP_PKEY_free(c->pkeys[i].privatekey); +#if 0 + if (c->pkeys[i].publickey != NULL) + EVP_PKEY_free(c->pkeys[i].publickey); +#endif + } + if (c->cert_chain != NULL) + sk_pop_free(c->cert_chain,X509_free); + Free(c); + } + +int ssl_set_cert_type(c, type) +CERT *c; +int type; + { + c->cert_type=type; + return(1); + } + +int ssl_verify_cert_chain(s,sk) +SSL *s; +STACK *sk; + { + X509 *x; + int i; + X509_STORE_CTX ctx; + + if ((sk == NULL) || (sk_num(sk) == 0)) + return(0); + + x=(X509 *)sk_value(sk,0); + X509_STORE_CTX_init(&ctx,s->ctx->cert_store,x,sk); + X509_STORE_CTX_set_app_data(&ctx,(char *)s); + + if (s->ctx->app_verify_callback != NULL) + i=s->ctx->app_verify_callback(&ctx); + else + i=X509_verify_cert(&ctx); + + X509_STORE_CTX_cleanup(&ctx); + s->verify_result=ctx.error; + + return(i); + } + +static void set_client_CA_list(ca_list,list) +STACK **ca_list; +STACK *list; + { + if (*ca_list != NULL) + sk_pop_free(*ca_list,X509_NAME_free); + + *ca_list=list; + } + +STACK *SSL_dup_CA_list(sk) +STACK *sk; + { + int i; + STACK *ret; + X509_NAME *name; + + ret=sk_new_null(); + for (i=0; iclient_CA),list); + } + +void SSL_CTX_set_client_CA_list(ctx,list) +SSL_CTX *ctx; +STACK *list; + { + set_client_CA_list(&(ctx->client_CA),list); + } + +STACK *SSL_CTX_get_client_CA_list(ctx) +SSL_CTX *ctx; + { + return(ctx->client_CA); + } + +STACK *SSL_get_client_CA_list(s) +SSL *s; + { + if (s->type == SSL_ST_CONNECT) + { /* we are in the client */ + if (((s->version>>8) == SSL3_VERSION_MAJOR) && + (s->s3 != NULL)) + return(s->s3->tmp.ca_names); + else + return(NULL); + } + else + { + if (s->client_CA != NULL) + return(s->client_CA); + else + return(s->ctx->client_CA); + } + } + +static int add_client_CA(sk,x) +STACK **sk; +X509 *x; + { + X509_NAME *name; + + if (x == NULL) return(0); + if ((*sk == NULL) && ((*sk=sk_new_null()) == NULL)) + return(0); + + if ((name=X509_NAME_dup(X509_get_subject_name(x))) == NULL) + return(0); + + if (!sk_push(*sk,(char *)name)) + { + X509_NAME_free(name); + return(0); + } + return(1); + } + +int SSL_add_client_CA(ssl,x) +SSL *ssl; +X509 *x; + { + return(add_client_CA(&(ssl->client_CA),x)); + } + +int SSL_CTX_add_client_CA(ctx,x) +SSL_CTX *ctx; +X509 *x; + { + return(add_client_CA(&(ctx->client_CA),x)); + } + +static int name_cmp(a,b) +X509_NAME **a,**b; + { + return(X509_NAME_cmp(*a,*b)); + } + +#ifndef NO_STDIO +STACK *SSL_load_client_CA_file(file) +char *file; + { + BIO *in; + X509 *x=NULL; + X509_NAME *xn=NULL; + STACK *ret,*sk; + + ret=sk_new(NULL); + sk=sk_new(name_cmp); + + in=BIO_new(BIO_s_file_internal()); + + if ((ret == NULL) || (sk == NULL) || (in == NULL)) + { + SSLerr(SSL_F_SSL_LOAD_CLIENT_CA_FILE,ERR_R_MALLOC_FAILURE); + goto err; + } + + if (!BIO_read_filename(in,file)) + goto err; + + for (;;) + { + if (PEM_read_bio_X509(in,&x,NULL) == NULL) + break; + if ((xn=X509_get_subject_name(x)) == NULL) goto err; + /* check for duplicates */ + xn=X509_NAME_dup(xn); + if (xn == NULL) goto err; + if (sk_find(sk,(char *)xn) >= 0) + X509_NAME_free(xn); + else + { + sk_push(sk,(char *)xn); + sk_push(ret,(char *)xn); + } + } + + if (0) + { +err: + if (ret != NULL) sk_pop_free(ret,X509_NAME_free); + ret=NULL; + } + if (sk != NULL) sk_free(sk); + if (in != NULL) BIO_free(in); + if (x != NULL) X509_free(x); + return(ret); + } +#endif + diff --git a/src/lib/libssl/ssl_ciph.c b/src/lib/libssl/ssl_ciph.c new file mode 100644 index 0000000000..820994408b --- /dev/null +++ b/src/lib/libssl/ssl_ciph.c @@ -0,0 +1,758 @@ +/* ssl/ssl_ciph.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include +#include "objects.h" +#include "ssl_locl.h" + +#define SSL_ENC_DES_IDX 0 +#define SSL_ENC_3DES_IDX 1 +#define SSL_ENC_RC4_IDX 2 +#define SSL_ENC_RC2_IDX 3 +#define SSL_ENC_IDEA_IDX 4 +#define SSL_ENC_eFZA_IDX 5 +#define SSL_ENC_NULL_IDX 6 +#define SSL_ENC_NUM_IDX 7 + +static EVP_CIPHER *ssl_cipher_methods[SSL_ENC_NUM_IDX]={ + NULL,NULL,NULL,NULL,NULL,NULL, + }; + +#define SSL_MD_MD5_IDX 0 +#define SSL_MD_SHA1_IDX 1 +#define SSL_MD_NUM_IDX 2 +static EVP_MD *ssl_digest_methods[SSL_MD_NUM_IDX]={ + NULL,NULL, + }; + +typedef struct cipher_sort_st + { + SSL_CIPHER *cipher; + int pref; + } CIPHER_SORT; + +#define CIPHER_ADD 1 +#define CIPHER_KILL 2 +#define CIPHER_DEL 3 +#define CIPHER_ORD 4 + +typedef struct cipher_choice_st + { + int type; + unsigned long algorithms; + unsigned long mask; + long top; + } CIPHER_CHOICE; + +typedef struct cipher_order_st + { + SSL_CIPHER *cipher; + int active; + int dead; + struct cipher_order_st *next,*prev; + } CIPHER_ORDER; + +static SSL_CIPHER cipher_aliases[]={ + {0,SSL_TXT_ALL, 0,SSL_ALL, 0,SSL_ALL}, /* must be first */ + {0,SSL_TXT_kRSA,0,SSL_kRSA, 0,SSL_MKEY_MASK}, + {0,SSL_TXT_kDHr,0,SSL_kDHr, 0,SSL_MKEY_MASK}, + {0,SSL_TXT_kDHd,0,SSL_kDHd, 0,SSL_MKEY_MASK}, + {0,SSL_TXT_kEDH,0,SSL_kEDH, 0,SSL_MKEY_MASK}, + {0,SSL_TXT_kFZA,0,SSL_kFZA, 0,SSL_MKEY_MASK}, + {0,SSL_TXT_DH, 0,SSL_DH, 0,SSL_MKEY_MASK}, + {0,SSL_TXT_EDH, 0,SSL_EDH, 0,SSL_MKEY_MASK|SSL_AUTH_MASK}, + + {0,SSL_TXT_aRSA,0,SSL_aRSA, 0,SSL_AUTH_MASK}, + {0,SSL_TXT_aDSS,0,SSL_aDSS, 0,SSL_AUTH_MASK}, + {0,SSL_TXT_aFZA,0,SSL_aFZA, 0,SSL_AUTH_MASK}, + {0,SSL_TXT_aNULL,0,SSL_aNULL,0,SSL_AUTH_MASK}, + {0,SSL_TXT_aDH, 0,SSL_aDH, 0,SSL_AUTH_MASK}, + {0,SSL_TXT_DSS, 0,SSL_DSS, 0,SSL_AUTH_MASK}, + + {0,SSL_TXT_DES, 0,SSL_DES, 0,SSL_ENC_MASK}, + {0,SSL_TXT_3DES,0,SSL_3DES, 0,SSL_ENC_MASK}, + {0,SSL_TXT_RC4, 0,SSL_RC4, 0,SSL_ENC_MASK}, + {0,SSL_TXT_RC2, 0,SSL_RC2, 0,SSL_ENC_MASK}, + {0,SSL_TXT_IDEA,0,SSL_IDEA, 0,SSL_ENC_MASK}, + {0,SSL_TXT_eNULL,0,SSL_eNULL,0,SSL_ENC_MASK}, + {0,SSL_TXT_eFZA,0,SSL_eFZA, 0,SSL_ENC_MASK}, + + {0,SSL_TXT_MD5, 0,SSL_MD5, 0,SSL_MAC_MASK}, + {0,SSL_TXT_SHA1,0,SSL_SHA1, 0,SSL_MAC_MASK}, + {0,SSL_TXT_SHA, 0,SSL_SHA, 0,SSL_MAC_MASK}, + + {0,SSL_TXT_NULL,0,SSL_NULL, 0,SSL_ENC_MASK}, + {0,SSL_TXT_RSA, 0,SSL_RSA, 0,SSL_AUTH_MASK|SSL_MKEY_MASK}, + {0,SSL_TXT_ADH, 0,SSL_ADH, 0,SSL_AUTH_MASK|SSL_MKEY_MASK}, + {0,SSL_TXT_FZA, 0,SSL_FZA, 0,SSL_AUTH_MASK|SSL_MKEY_MASK|SSL_ENC_MASK}, + + {0,SSL_TXT_EXP, 0,SSL_EXP, 0,SSL_EXP_MASK}, + {0,SSL_TXT_EXPORT,0,SSL_EXPORT,0,SSL_EXP_MASK}, + {0,SSL_TXT_SSLV2,0,SSL_SSLV2,0,SSL_SSL_MASK}, + {0,SSL_TXT_SSLV3,0,SSL_SSLV3,0,SSL_SSL_MASK}, + {0,SSL_TXT_LOW, 0,SSL_LOW,0,SSL_STRONG_MASK}, + {0,SSL_TXT_MEDIUM,0,SSL_MEDIUM,0,SSL_STRONG_MASK}, + {0,SSL_TXT_HIGH, 0,SSL_HIGH,0,SSL_STRONG_MASK}, + }; + +static int init_ciphers=1; +static void load_ciphers(); + +static int cmp_by_name(a,b) +SSL_CIPHER **a,**b; + { + return(strcmp((*a)->name,(*b)->name)); + } + +static void load_ciphers() + { + init_ciphers=0; + ssl_cipher_methods[SSL_ENC_DES_IDX]= + EVP_get_cipherbyname(SN_des_cbc); + ssl_cipher_methods[SSL_ENC_3DES_IDX]= + EVP_get_cipherbyname(SN_des_ede3_cbc); + ssl_cipher_methods[SSL_ENC_RC4_IDX]= + EVP_get_cipherbyname(SN_rc4); + ssl_cipher_methods[SSL_ENC_RC2_IDX]= + EVP_get_cipherbyname(SN_rc2_cbc); + ssl_cipher_methods[SSL_ENC_IDEA_IDX]= + EVP_get_cipherbyname(SN_idea_cbc); + + ssl_digest_methods[SSL_MD_MD5_IDX]= + EVP_get_digestbyname(SN_md5); + ssl_digest_methods[SSL_MD_SHA1_IDX]= + EVP_get_digestbyname(SN_sha1); + } + +int ssl_cipher_get_evp(c,enc,md) +SSL_CIPHER *c; +EVP_CIPHER **enc; +EVP_MD **md; + { + int i; + + if (c == NULL) return(0); + + switch (c->algorithms & SSL_ENC_MASK) + { + case SSL_DES: + i=SSL_ENC_DES_IDX; + break; + case SSL_3DES: + i=SSL_ENC_3DES_IDX; + break; + case SSL_RC4: + i=SSL_ENC_RC4_IDX; + break; + case SSL_RC2: + i=SSL_ENC_RC2_IDX; + break; + case SSL_IDEA: + i=SSL_ENC_IDEA_IDX; + break; + case SSL_eNULL: + i=SSL_ENC_NULL_IDX; + break; + break; + default: + i= -1; + break; + } + + if ((i < 0) || (i > SSL_ENC_NUM_IDX)) + *enc=NULL; + else + { + if (i == SSL_ENC_NULL_IDX) + *enc=EVP_enc_null(); + else + *enc=ssl_cipher_methods[i]; + } + + switch (c->algorithms & SSL_MAC_MASK) + { + case SSL_MD5: + i=SSL_MD_MD5_IDX; + break; + case SSL_SHA1: + i=SSL_MD_SHA1_IDX; + break; + default: + i= -1; + break; + } + if ((i < 0) || (i > SSL_MD_NUM_IDX)) + *md=NULL; + else + *md=ssl_digest_methods[i]; + + if ((*enc != NULL) && (*md != NULL)) + return(1); + else + return(0); + } + +#define ITEM_SEP(a) \ + (((a) == ':') || ((a) == ' ') || ((a) == ';') || ((a) == ',')) + +static void ll_append_tail(head,curr,tail) +CIPHER_ORDER **head,*curr,**tail; + { + if (curr == *tail) return; + if (curr == *head) + *head=curr->next; + if (curr->prev != NULL) + curr->prev->next=curr->next; + if (curr->next != NULL) /* should always be true */ + curr->next->prev=curr->prev; + (*tail)->next=curr; + curr->prev= *tail; + curr->next=NULL; + *tail=curr; + } + +STACK *ssl_create_cipher_list(ssl_method,cipher_list,cipher_list_by_id,str) +SSL_METHOD *ssl_method; +STACK **cipher_list,**cipher_list_by_id; +char *str; + { + SSL_CIPHER *c; + char *l; + STACK *ret=NULL,*ok=NULL; +#define CL_BUF 40 + char buf[CL_BUF]; + char *tmp_str=NULL; + unsigned long mask,algorithms,ma; + char *start; + int i,j,k,num=0,ch,multi; + unsigned long al; + STACK *ca_list=NULL; + int current_x,num_x; + CIPHER_CHOICE *ops=NULL; + CIPHER_ORDER *list=NULL,*head=NULL,*tail=NULL,*curr,*tail2,*curr2; + int list_num; + int type; + SSL_CIPHER c_tmp,*cp; + + if (str == NULL) return(NULL); + + if (strncmp(str,"DEFAULT",7) == 0) + { + i=strlen(str)+2+strlen(SSL_DEFAULT_CIPHER_LIST); + if ((tmp_str=Malloc(i)) == NULL) + { + SSLerr(SSL_F_SSL_CREATE_CIPHER_LIST,ERR_R_MALLOC_FAILURE); + goto err; + } + strcpy(tmp_str,SSL_DEFAULT_CIPHER_LIST); + strcat(tmp_str,":"); + strcat(tmp_str,&(str[7])); + str=tmp_str; + } + if (init_ciphers) load_ciphers(); + + num=ssl_method->num_ciphers(); + + if ((ret=(STACK *)sk_new(NULL)) == NULL) goto err; + if ((ca_list=(STACK *)sk_new(cmp_by_name)) == NULL) goto err; + + mask =SSL_kFZA; +#ifdef NO_RSA + mask|=SSL_aRSA|SSL_kRSA; +#endif +#ifdef NO_DSA + mask|=SSL_aDSS; +#endif +#ifdef NO_DH + mask|=SSL_kDHr|SSL_kDHd|SSL_kEDH|SSL_aDH; +#endif + +#ifndef SSL_ALLOW_ENULL + mask|=SSL_eNULL; +#endif + + mask|=(ssl_cipher_methods[SSL_ENC_DES_IDX ] == NULL)?SSL_DES :0; + mask|=(ssl_cipher_methods[SSL_ENC_3DES_IDX] == NULL)?SSL_3DES:0; + mask|=(ssl_cipher_methods[SSL_ENC_RC4_IDX ] == NULL)?SSL_RC4 :0; + mask|=(ssl_cipher_methods[SSL_ENC_RC2_IDX ] == NULL)?SSL_RC2 :0; + mask|=(ssl_cipher_methods[SSL_ENC_IDEA_IDX] == NULL)?SSL_IDEA:0; + mask|=(ssl_cipher_methods[SSL_ENC_eFZA_IDX] == NULL)?SSL_eFZA:0; + + mask|=(ssl_digest_methods[SSL_MD_MD5_IDX ] == NULL)?SSL_MD5 :0; + mask|=(ssl_digest_methods[SSL_MD_SHA1_IDX] == NULL)?SSL_SHA1:0; + + if ((list=(CIPHER_ORDER *)Malloc(sizeof(CIPHER_ORDER)*num)) == NULL) + goto err; + + /* Get the initial list of ciphers */ + list_num=0; + for (i=0; iget_cipher((unsigned int)i); + /* drop those that use any of that is not available */ + if ((c != NULL) && c->valid && !(c->algorithms & mask)) + { + list[list_num].cipher=c; + list[list_num].next=NULL; + list[list_num].prev=NULL; + list[list_num].active=0; + list_num++; + if (!sk_push(ca_list,(char *)c)) goto err; + } + } + + for (i=1; i 0) + { + head= &(list[0]); + head->prev=NULL; + head->next= &(list[1]); + tail= &(list[list_num-1]); + tail->prev= &(list[list_num-2]); + tail->next=NULL; + } + + /* special case */ + cipher_aliases[0].algorithms= ~mask; + + /* get the aliases */ + k=sizeof(cipher_aliases)/sizeof(SSL_CIPHER); + for (j=0; j= 'A') && (ch <= 'Z')) || + ((ch >= '0') && (ch <= '9')) || + ((ch >= 'a') && (ch <= 'z')) || + (ch == '-')) + { + buf[i]=ch; + ch= *(++l); + i++; + if (i >= (CL_BUF-2)) break; + } + buf[i]='\0'; + + /* check for multi-part specification */ + if (ch == '+') + { + multi=1; + l++; + } + else + multi=0; + + c_tmp.name=buf; + j=sk_find(ca_list,(char *)&c_tmp); + if (j < 0) + goto end_loop; + + cp=(SSL_CIPHER *)sk_value(ca_list,j); + ops[current_x].algorithms|=cp->algorithms; + /* We add the SSL_SSL_MASK so we can match the + * SSLv2 and SSLv3 versions of RC4-MD5 */ + ops[current_x].mask|=cp->mask; + if (!multi) break; + } + current_x++; + if (ch == '\0') break; +end_loop: + /* Make sure we scan until the next valid start point */ + while ((*l != '\0') && ITEM_SEP(*l)) + l++; + } + + num_x=current_x; + current_x=0; + + /* We will now process the list of ciphers, once for each category, to + * decide what we should do with it. */ + for (j=0; jnext; + + cp=curr->cipher; + ma=mask & cp->algorithms; + if ((ma == 0) || ((ma & algorithms) != ma)) + { + /* does not apply */ + continue; + } + + /* add the cipher if it has not been added yet. */ + if (type == CIPHER_ADD) + { + if (!curr->active) + { + ll_append_tail(&head,curr,&tail); + curr->active=1; + } + } + /* Move the added cipher to this location */ + else if (type == CIPHER_ORD) + { + if (curr->active) + { + ll_append_tail(&head,curr,&tail); + } + } + else if (type == CIPHER_DEL) + curr->active=0; + if (type == CIPHER_KILL) + { + if (head == curr) + head=curr->next; + else + curr->prev->next=curr->next; + if (tail == curr) + tail=curr->prev; + curr->active=0; + if (curr->next != NULL) + curr->next->prev=curr->prev; + if (curr->prev != NULL) + curr->prev->next=curr->next; + curr->next=NULL; + curr->prev=NULL; + } + } + } + + for (curr=head; curr != NULL; curr=curr->next) + { + if (curr->active) + { + sk_push(ret,(char *)curr->cipher); +#ifdef CIPHER_DEBUG + printf("<%s>\n",curr->cipher->name); +#endif + } + } + + if (cipher_list != NULL) + { + if (*cipher_list != NULL) + sk_free(*cipher_list); + *cipher_list=ret; + } + + if (cipher_list_by_id != NULL) + { + if (*cipher_list_by_id != NULL) + sk_free(*cipher_list_by_id); + *cipher_list_by_id=sk_dup(ret); + } + + if ( (cipher_list_by_id == NULL) || + (*cipher_list_by_id == NULL) || + (cipher_list == NULL) || + (*cipher_list == NULL)) + goto err; + sk_set_cmp_func(*cipher_list_by_id,ssl_cipher_ptr_id_cmp); + + ok=ret; + ret=NULL; +err: + if (tmp_str) Free(tmp_str); + if (ops != NULL) Free(ops); + if (ret != NULL) sk_free(ret); + if (ca_list != NULL) sk_free(ca_list); + if (list != NULL) Free(list); + return(ok); + } + +char *SSL_CIPHER_description(cipher,buf,len) +SSL_CIPHER *cipher; +char *buf; +int len; + { + int export; + char *ver,*exp; + char *kx,*au,*enc,*mac; + unsigned long alg,alg2; + static char *format="%-23s %s Kx=%-8s Au=%-4s Enc=%-9s Mac=%-4s%s\n"; + + alg=cipher->algorithms; + alg2=cipher->algorithm2; + + export=(alg&SSL_EXP)?1:0; + exp=(export)?" export":""; + + if (alg & SSL_SSLV2) + ver="SSLv2"; + else if (alg & SSL_SSLV3) + ver="SSLv3"; + else + ver="unknown"; + + switch (alg&SSL_MKEY_MASK) + { + case SSL_kRSA: + kx=(export)?"RSA(512)":"RSA"; + break; + case SSL_kDHr: + kx="DH/RSA"; + break; + case SSL_kDHd: + kx="DH/DSS"; + break; + case SSL_kFZA: + kx="Fortezza"; + break; + case SSL_kEDH: + kx=(export)?"DH(512)":"DH"; + break; + default: + kx="unknown"; + } + + switch (alg&SSL_AUTH_MASK) + { + case SSL_aRSA: + au="RSA"; + break; + case SSL_aDSS: + au="DSS"; + break; + case SSL_aDH: + au="DH"; + break; + case SSL_aFZA: + case SSL_aNULL: + au="None"; + break; + default: + au="unknown"; + break; + } + + switch (alg&SSL_ENC_MASK) + { + case SSL_DES: + enc=export?"DES(40)":"DES(56)"; + break; + case SSL_3DES: + enc="3DES(168)"; + break; + case SSL_RC4: + enc=export?"RC4(40)":((alg2&SSL2_CF_8_BYTE_ENC)?"RC4(64)":"RC4(128)"); + break; + case SSL_RC2: + enc=export?"RC2(40)":"RC2(128)"; + break; + case SSL_IDEA: + enc="IDEA(128)"; + break; + case SSL_eFZA: + enc="Fortezza"; + break; + case SSL_eNULL: + enc="None"; + break; + default: + enc="unknown"; + break; + } + + switch (alg&SSL_MAC_MASK) + { + case SSL_MD5: + mac="MD5"; + break; + case SSL_SHA1: + mac="SHA1"; + break; + default: + mac="unknown"; + break; + } + + if (buf == NULL) + { + buf=Malloc(128); + if (buf == NULL) return("Malloc Error"); + } + else if (len < 128) + return("Buffer too small"); + + sprintf(buf,format,cipher->name,ver,kx,au,enc,mac,exp); + return(buf); + } + +char *SSL_CIPHER_get_version(c) +SSL_CIPHER *c; + { + int i; + + if (c == NULL) return("(NONE)"); + i=(int)(c->id>>24L); + if (i == 3) + return("TLSv1/SSLv3"); + else if (i == 2) + return("SSLv2"); + else + return("unknown"); + } + +/* return the actual cipher being used */ +char *SSL_CIPHER_get_name(c) +SSL_CIPHER *c; + { + if (c != NULL) + return(c->name); + return("(NONE)"); + } + +/* number of bits for symetric cipher */ +int SSL_CIPHER_get_bits(c,alg_bits) +SSL_CIPHER *c; +int *alg_bits; + { + int ret=0,a=0; + EVP_CIPHER *enc; + EVP_MD *md; + + if (c != NULL) + { + if (!ssl_cipher_get_evp(c,&enc,&md)) + return(0); + + a=EVP_CIPHER_key_length(enc)*8; + + if (c->algorithms & SSL_EXP) + { + ret=40; + } + else + { + if (c->algorithm2 & SSL2_CF_8_BYTE_ENC) + ret=64; + else + ret=a; + } + } + + if (alg_bits != NULL) *alg_bits=a; + + return(ret); + } + diff --git a/src/lib/libssl/ssl_err.c b/src/lib/libssl/ssl_err.c new file mode 100644 index 0000000000..bcbb98591f --- /dev/null +++ b/src/lib/libssl/ssl_err.c @@ -0,0 +1,374 @@ +/* lib/ssl/ssl_err.c */ +/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ +#include +#include "err.h" +#include "ssl.h" + +/* BEGIN ERROR CODES */ +#ifndef NO_ERR +static ERR_STRING_DATA SSL_str_functs[]= + { +{ERR_PACK(0,SSL_F_CLIENT_CERTIFICATE,0), "CLIENT_CERTIFICATE"}, +{ERR_PACK(0,SSL_F_CLIENT_HELLO,0), "CLIENT_HELLO"}, +{ERR_PACK(0,SSL_F_CLIENT_MASTER_KEY,0), "CLIENT_MASTER_KEY"}, +{ERR_PACK(0,SSL_F_D2I_SSL_SESSION,0), "d2i_SSL_SESSION"}, +{ERR_PACK(0,SSL_F_DO_SSL3_WRITE,0), "DO_SSL3_WRITE"}, +{ERR_PACK(0,SSL_F_GET_CLIENT_FINISHED,0), "GET_CLIENT_FINISHED"}, +{ERR_PACK(0,SSL_F_GET_CLIENT_HELLO,0), "GET_CLIENT_HELLO"}, +{ERR_PACK(0,SSL_F_GET_CLIENT_MASTER_KEY,0), "GET_CLIENT_MASTER_KEY"}, +{ERR_PACK(0,SSL_F_GET_SERVER_FINISHED,0), "GET_SERVER_FINISHED"}, +{ERR_PACK(0,SSL_F_GET_SERVER_HELLO,0), "GET_SERVER_HELLO"}, +{ERR_PACK(0,SSL_F_GET_SERVER_VERIFY,0), "GET_SERVER_VERIFY"}, +{ERR_PACK(0,SSL_F_I2D_SSL_SESSION,0), "i2d_SSL_SESSION"}, +{ERR_PACK(0,SSL_F_READ_N,0), "READ_N"}, +{ERR_PACK(0,SSL_F_REQUEST_CERTIFICATE,0), "REQUEST_CERTIFICATE"}, +{ERR_PACK(0,SSL_F_SERVER_HELLO,0), "SERVER_HELLO"}, +{ERR_PACK(0,SSL_F_SSL23_ACCEPT,0), "SSL23_ACCEPT"}, +{ERR_PACK(0,SSL_F_SSL23_CLIENT_HELLO,0), "SSL23_CLIENT_HELLO"}, +{ERR_PACK(0,SSL_F_SSL23_CONNECT,0), "SSL23_CONNECT"}, +{ERR_PACK(0,SSL_F_SSL23_GET_CLIENT_HELLO,0), "SSL23_GET_CLIENT_HELLO"}, +{ERR_PACK(0,SSL_F_SSL23_GET_SERVER_HELLO,0), "SSL23_GET_SERVER_HELLO"}, +{ERR_PACK(0,SSL_F_SSL23_READ,0), "SSL23_READ"}, +{ERR_PACK(0,SSL_F_SSL23_WRITE,0), "SSL23_WRITE"}, +{ERR_PACK(0,SSL_F_SSL2_ACCEPT,0), "SSL2_ACCEPT"}, +{ERR_PACK(0,SSL_F_SSL2_CONNECT,0), "SSL2_CONNECT"}, +{ERR_PACK(0,SSL_F_SSL2_ENC_INIT,0), "SSL2_ENC_INIT"}, +{ERR_PACK(0,SSL_F_SSL2_READ,0), "SSL2_READ"}, +{ERR_PACK(0,SSL_F_SSL2_SET_CERTIFICATE,0), "SSL2_SET_CERTIFICATE"}, +{ERR_PACK(0,SSL_F_SSL2_WRITE,0), "SSL2_WRITE"}, +{ERR_PACK(0,SSL_F_SSL3_ACCEPT,0), "SSL3_ACCEPT"}, +{ERR_PACK(0,SSL_F_SSL3_CHANGE_CIPHER_STATE,0), "SSL3_CHANGE_CIPHER_STATE"}, +{ERR_PACK(0,SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,0), "SSL3_CHECK_CERT_AND_ALGORITHM"}, +{ERR_PACK(0,SSL_F_SSL3_CLIENT_HELLO,0), "SSL3_CLIENT_HELLO"}, +{ERR_PACK(0,SSL_F_SSL3_CONNECT,0), "SSL3_CONNECT"}, +{ERR_PACK(0,SSL_F_SSL3_CTX_CTRL,0), "SSL3_CTX_CTRL"}, +{ERR_PACK(0,SSL_F_SSL3_ENC,0), "SSL3_ENC"}, +{ERR_PACK(0,SSL_F_SSL3_GET_CERTIFICATE_REQUEST,0), "SSL3_GET_CERTIFICATE_REQUEST"}, +{ERR_PACK(0,SSL_F_SSL3_GET_CERT_VERIFY,0), "SSL3_GET_CERT_VERIFY"}, +{ERR_PACK(0,SSL_F_SSL3_GET_CLIENT_CERTIFICATE,0), "SSL3_GET_CLIENT_CERTIFICATE"}, +{ERR_PACK(0,SSL_F_SSL3_GET_CLIENT_HELLO,0), "SSL3_GET_CLIENT_HELLO"}, +{ERR_PACK(0,SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,0), "SSL3_GET_CLIENT_KEY_EXCHANGE"}, +{ERR_PACK(0,SSL_F_SSL3_GET_FINISHED,0), "SSL3_GET_FINISHED"}, +{ERR_PACK(0,SSL_F_SSL3_GET_KEY_EXCHANGE,0), "SSL3_GET_KEY_EXCHANGE"}, +{ERR_PACK(0,SSL_F_SSL3_GET_MESSAGE,0), "SSL3_GET_MESSAGE"}, +{ERR_PACK(0,SSL_F_SSL3_GET_RECORD,0), "SSL3_GET_RECORD"}, +{ERR_PACK(0,SSL_F_SSL3_GET_SERVER_CERTIFICATE,0), "SSL3_GET_SERVER_CERTIFICATE"}, +{ERR_PACK(0,SSL_F_SSL3_GET_SERVER_DONE,0), "SSL3_GET_SERVER_DONE"}, +{ERR_PACK(0,SSL_F_SSL3_GET_SERVER_HELLO,0), "SSL3_GET_SERVER_HELLO"}, +{ERR_PACK(0,SSL_F_SSL3_OUTPUT_CERT_CHAIN,0), "SSL3_OUTPUT_CERT_CHAIN"}, +{ERR_PACK(0,SSL_F_SSL3_READ_BYTES,0), "SSL3_READ_BYTES"}, +{ERR_PACK(0,SSL_F_SSL3_READ_N,0), "SSL3_READ_N"}, +{ERR_PACK(0,SSL_F_SSL3_SEND_CERTIFICATE_REQUEST,0), "SSL3_SEND_CERTIFICATE_REQUEST"}, +{ERR_PACK(0,SSL_F_SSL3_SEND_CLIENT_CERTIFICATE,0), "SSL3_SEND_CLIENT_CERTIFICATE"}, +{ERR_PACK(0,SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,0), "SSL3_SEND_CLIENT_KEY_EXCHANGE"}, +{ERR_PACK(0,SSL_F_SSL3_SEND_CLIENT_VERIFY,0), "SSL3_SEND_CLIENT_VERIFY"}, +{ERR_PACK(0,SSL_F_SSL3_SEND_SERVER_CERTIFICATE,0), "SSL3_SEND_SERVER_CERTIFICATE"}, +{ERR_PACK(0,SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,0), "SSL3_SEND_SERVER_KEY_EXCHANGE"}, +{ERR_PACK(0,SSL_F_SSL3_SETUP_BUFFERS,0), "SSL3_SETUP_BUFFERS"}, +{ERR_PACK(0,SSL_F_SSL3_SETUP_KEY_BLOCK,0), "SSL3_SETUP_KEY_BLOCK"}, +{ERR_PACK(0,SSL_F_SSL3_WRITE_BYTES,0), "SSL3_WRITE_BYTES"}, +{ERR_PACK(0,SSL_F_SSL3_WRITE_PENDING,0), "SSL3_WRITE_PENDING"}, +{ERR_PACK(0,SSL_F_SSL_BAD_METHOD,0), "SSL_BAD_METHOD"}, +{ERR_PACK(0,SSL_F_SSL_BYTES_TO_CIPHER_LIST,0), "SSL_BYTES_TO_CIPHER_LIST"}, +{ERR_PACK(0,SSL_F_SSL_CERT_NEW,0), "SSL_CERT_NEW"}, +{ERR_PACK(0,SSL_F_SSL_CHECK_PRIVATE_KEY,0), "SSL_check_private_key"}, +{ERR_PACK(0,SSL_F_SSL_CREATE_CIPHER_LIST,0), "SSL_CREATE_CIPHER_LIST"}, +{ERR_PACK(0,SSL_F_SSL_CTX_CHECK_PRIVATE_KEY,0), "SSL_CTX_check_private_key"}, +{ERR_PACK(0,SSL_F_SSL_CTX_NEW,0), "SSL_CTX_new"}, +{ERR_PACK(0,SSL_F_SSL_CTX_SET_SSL_VERSION,0), "SSL_CTX_set_ssl_version"}, +{ERR_PACK(0,SSL_F_SSL_CTX_USE_CERTIFICATE,0), "SSL_CTX_use_certificate"}, +{ERR_PACK(0,SSL_F_SSL_CTX_USE_CERTIFICATE_ASN1,0), "SSL_CTX_use_certificate_ASN1"}, +{ERR_PACK(0,SSL_F_SSL_CTX_USE_CERTIFICATE_FILE,0), "SSL_CTX_use_certificate_file"}, +{ERR_PACK(0,SSL_F_SSL_CTX_USE_PRIVATEKEY,0), "SSL_CTX_use_PrivateKey"}, +{ERR_PACK(0,SSL_F_SSL_CTX_USE_PRIVATEKEY_ASN1,0), "SSL_CTX_use_PrivateKey_ASN1"}, +{ERR_PACK(0,SSL_F_SSL_CTX_USE_PRIVATEKEY_FILE,0), "SSL_CTX_use_PrivateKey_file"}, +{ERR_PACK(0,SSL_F_SSL_CTX_USE_RSAPRIVATEKEY,0), "SSL_CTX_use_RSAPrivateKey"}, +{ERR_PACK(0,SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_ASN1,0), "SSL_CTX_use_RSAPrivateKey_ASN1"}, +{ERR_PACK(0,SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_FILE,0), "SSL_CTX_use_RSAPrivateKey_file"}, +{ERR_PACK(0,SSL_F_SSL_DO_HANDSHAKE,0), "SSL_do_handshake"}, +{ERR_PACK(0,SSL_F_SSL_GET_NEW_SESSION,0), "SSL_GET_NEW_SESSION"}, +{ERR_PACK(0,SSL_F_SSL_GET_SERVER_SEND_CERT,0), "SSL_GET_SERVER_SEND_CERT"}, +{ERR_PACK(0,SSL_F_SSL_GET_SIGN_PKEY,0), "SSL_GET_SIGN_PKEY"}, +{ERR_PACK(0,SSL_F_SSL_INIT_WBIO_BUFFER,0), "SSL_INIT_WBIO_BUFFER"}, +{ERR_PACK(0,SSL_F_SSL_LOAD_CLIENT_CA_FILE,0), "SSL_load_client_CA_file"}, +{ERR_PACK(0,SSL_F_SSL_NEW,0), "SSL_new"}, +{ERR_PACK(0,SSL_F_SSL_RSA_PRIVATE_DECRYPT,0), "SSL_RSA_PRIVATE_DECRYPT"}, +{ERR_PACK(0,SSL_F_SSL_RSA_PUBLIC_ENCRYPT,0), "SSL_RSA_PUBLIC_ENCRYPT"}, +{ERR_PACK(0,SSL_F_SSL_SESSION_NEW,0), "SSL_SESSION_new"}, +{ERR_PACK(0,SSL_F_SSL_SESSION_PRINT_FP,0), "SSL_SESSION_print_fp"}, +{ERR_PACK(0,SSL_F_SSL_SET_CERT,0), "SSL_SET_CERT"}, +{ERR_PACK(0,SSL_F_SSL_SET_FD,0), "SSL_set_fd"}, +{ERR_PACK(0,SSL_F_SSL_SET_PKEY,0), "SSL_SET_PKEY"}, +{ERR_PACK(0,SSL_F_SSL_SET_RFD,0), "SSL_set_rfd"}, +{ERR_PACK(0,SSL_F_SSL_SET_SESSION,0), "SSL_set_session"}, +{ERR_PACK(0,SSL_F_SSL_SET_WFD,0), "SSL_set_wfd"}, +{ERR_PACK(0,SSL_F_SSL_UNDEFINED_FUNCTION,0), "SSL_UNDEFINED_FUNCTION"}, +{ERR_PACK(0,SSL_F_SSL_USE_CERTIFICATE,0), "SSL_use_certificate"}, +{ERR_PACK(0,SSL_F_SSL_USE_CERTIFICATE_ASN1,0), "SSL_use_certificate_ASN1"}, +{ERR_PACK(0,SSL_F_SSL_USE_CERTIFICATE_FILE,0), "SSL_use_certificate_file"}, +{ERR_PACK(0,SSL_F_SSL_USE_PRIVATEKEY,0), "SSL_use_PrivateKey"}, +{ERR_PACK(0,SSL_F_SSL_USE_PRIVATEKEY_ASN1,0), "SSL_use_PrivateKey_ASN1"}, +{ERR_PACK(0,SSL_F_SSL_USE_PRIVATEKEY_FILE,0), "SSL_use_PrivateKey_file"}, +{ERR_PACK(0,SSL_F_SSL_USE_RSAPRIVATEKEY,0), "SSL_use_RSAPrivateKey"}, +{ERR_PACK(0,SSL_F_SSL_USE_RSAPRIVATEKEY_ASN1,0), "SSL_use_RSAPrivateKey_ASN1"}, +{ERR_PACK(0,SSL_F_SSL_USE_RSAPRIVATEKEY_FILE,0), "SSL_use_RSAPrivateKey_file"}, +{ERR_PACK(0,SSL_F_SSL_WRITE,0), "SSL_write"}, +{ERR_PACK(0,SSL_F_TLS1_CHANGE_CIPHER_STATE,0), "TLS1_CHANGE_CIPHER_STATE"}, +{ERR_PACK(0,SSL_F_TLS1_ENC,0), "TLS1_ENC"}, +{ERR_PACK(0,SSL_F_TLS1_SETUP_KEY_BLOCK,0), "TLS1_SETUP_KEY_BLOCK"}, +{ERR_PACK(0,SSL_F_WRITE_PENDING,0), "WRITE_PENDING"}, +{0,NULL}, + }; + +static ERR_STRING_DATA SSL_str_reasons[]= + { +{SSL_R_APP_DATA_IN_HANDSHAKE ,"app data in handshake"}, +{SSL_R_BAD_ALERT_RECORD ,"bad alert record"}, +{SSL_R_BAD_AUTHENTICATION_TYPE ,"bad authentication type"}, +{SSL_R_BAD_CHANGE_CIPHER_SPEC ,"bad change cipher spec"}, +{SSL_R_BAD_CHECKSUM ,"bad checksum"}, +{SSL_R_BAD_CLIENT_REQUEST ,"bad client request"}, +{SSL_R_BAD_DATA_RETURNED_BY_CALLBACK ,"bad data returned by callback"}, +{SSL_R_BAD_DECOMPRESSION ,"bad decompression"}, +{SSL_R_BAD_DH_G_LENGTH ,"bad dh g length"}, +{SSL_R_BAD_DH_PUB_KEY_LENGTH ,"bad dh pub key length"}, +{SSL_R_BAD_DH_P_LENGTH ,"bad dh p length"}, +{SSL_R_BAD_DIGEST_LENGTH ,"bad digest length"}, +{SSL_R_BAD_DSA_SIGNATURE ,"bad dsa signature"}, +{SSL_R_BAD_MAC_DECODE ,"bad mac decode"}, +{SSL_R_BAD_MESSAGE_TYPE ,"bad message type"}, +{SSL_R_BAD_PACKET_LENGTH ,"bad packet length"}, +{SSL_R_BAD_PROTOCOL_VERSION_NUMBER ,"bad protocol version number"}, +{SSL_R_BAD_RESPONSE_ARGUMENT ,"bad response argument"}, +{SSL_R_BAD_RSA_DECRYPT ,"bad rsa decrypt"}, +{SSL_R_BAD_RSA_ENCRYPT ,"bad rsa encrypt"}, +{SSL_R_BAD_RSA_E_LENGTH ,"bad rsa e length"}, +{SSL_R_BAD_RSA_MODULUS_LENGTH ,"bad rsa modulus length"}, +{SSL_R_BAD_RSA_SIGNATURE ,"bad rsa signature"}, +{SSL_R_BAD_SIGNATURE ,"bad signature"}, +{SSL_R_BAD_SSL_FILETYPE ,"bad ssl filetype"}, +{SSL_R_BAD_SSL_SESSION_ID_LENGTH ,"bad ssl session id length"}, +{SSL_R_BAD_STATE ,"bad state"}, +{SSL_R_BAD_WRITE_RETRY ,"bad write retry"}, +{SSL_R_BIO_NOT_SET ,"bio not set"}, +{SSL_R_BLOCK_CIPHER_PAD_IS_WRONG ,"block cipher pad is wrong"}, +{SSL_R_BN_LIB ,"bn lib"}, +{SSL_R_CA_DN_LENGTH_MISMATCH ,"ca dn length mismatch"}, +{SSL_R_CA_DN_TOO_LONG ,"ca dn too long"}, +{SSL_R_CCS_RECEIVED_EARLY ,"ccs received early"}, +{SSL_R_CERTIFICATE_VERIFY_FAILED ,"certificate verify failed"}, +{SSL_R_CERT_LENGTH_MISMATCH ,"cert length mismatch"}, +{SSL_R_CHALLENGE_IS_DIFFERENT ,"challenge is different"}, +{SSL_R_CIPHER_CODE_WRONG_LENGTH ,"cipher code wrong length"}, +{SSL_R_CIPHER_OR_HASH_UNAVAILABLE ,"cipher or hash unavailable"}, +{SSL_R_CIPHER_TABLE_SRC_ERROR ,"cipher table src error"}, +{SSL_R_COMPRESSED_LENGTH_TOO_LONG ,"compressed length too long"}, +{SSL_R_COMPRESSION_FAILURE ,"compression failure"}, +{SSL_R_CONNECTION_ID_IS_DIFFERENT ,"connection id is different"}, +{SSL_R_CONNECTION_TYPE_NOT_SET ,"connection type not set"}, +{SSL_R_DATA_BETWEEN_CCS_AND_FINISHED ,"data between ccs and finished"}, +{SSL_R_DATA_LENGTH_TOO_LONG ,"data length too long"}, +{SSL_R_DECRYPTION_FAILED ,"decryption failed"}, +{SSL_R_DH_PUBLIC_VALUE_LENGTH_IS_WRONG ,"dh public value length is wrong"}, +{SSL_R_DIGEST_CHECK_FAILED ,"digest check failed"}, +{SSL_R_ENCRYPTED_LENGTH_TOO_LONG ,"encrypted length too long"}, +{SSL_R_ERROR_IN_RECEIVED_CIPHER_LIST ,"error in received cipher list"}, +{SSL_R_EXCESSIVE_MESSAGE_SIZE ,"excessive message size"}, +{SSL_R_EXTRA_DATA_IN_MESSAGE ,"extra data in message"}, +{SSL_R_GOT_A_FIN_BEFORE_A_CCS ,"got a fin before a ccs"}, +{SSL_R_HTTPS_PROXY_REQUEST ,"https proxy request"}, +{SSL_R_HTTP_REQUEST ,"http request"}, +{SSL_R_INTERNAL_ERROR ,"internal error"}, +{SSL_R_INVALID_CHALLENGE_LENGTH ,"invalid challenge length"}, +{SSL_R_LENGTH_MISMATCH ,"length mismatch"}, +{SSL_R_LENGTH_TOO_SHORT ,"length too short"}, +{SSL_R_LIBRARY_HAS_NO_CIPHERS ,"library has no ciphers"}, +{SSL_R_MISSING_DH_DSA_CERT ,"missing dh dsa cert"}, +{SSL_R_MISSING_DH_KEY ,"missing dh key"}, +{SSL_R_MISSING_DH_RSA_CERT ,"missing dh rsa cert"}, +{SSL_R_MISSING_DSA_SIGNING_CERT ,"missing dsa signing cert"}, +{SSL_R_MISSING_EXPORT_TMP_DH_KEY ,"missing export tmp dh key"}, +{SSL_R_MISSING_EXPORT_TMP_RSA_KEY ,"missing export tmp rsa key"}, +{SSL_R_MISSING_RSA_CERTIFICATE ,"missing rsa certificate"}, +{SSL_R_MISSING_RSA_ENCRYPTING_CERT ,"missing rsa encrypting cert"}, +{SSL_R_MISSING_RSA_SIGNING_CERT ,"missing rsa signing cert"}, +{SSL_R_MISSING_TMP_DH_KEY ,"missing tmp dh key"}, +{SSL_R_MISSING_TMP_RSA_KEY ,"missing tmp rsa key"}, +{SSL_R_MISSING_TMP_RSA_PKEY ,"missing tmp rsa pkey"}, +{SSL_R_MISSING_VERIFY_MESSAGE ,"missing verify message"}, +{SSL_R_NON_SSLV2_INITIAL_PACKET ,"non sslv2 initial packet"}, +{SSL_R_NO_CERTIFICATES_RETURNED ,"no certificates returned"}, +{SSL_R_NO_CERTIFICATE_ASSIGNED ,"no certificate assigned"}, +{SSL_R_NO_CERTIFICATE_RETURNED ,"no certificate returned"}, +{SSL_R_NO_CERTIFICATE_SET ,"no certificate set"}, +{SSL_R_NO_CERTIFICATE_SPECIFIED ,"no certificate specified"}, +{SSL_R_NO_CIPHERS_AVAILABLE ,"no ciphers available"}, +{SSL_R_NO_CIPHERS_PASSED ,"no ciphers passed"}, +{SSL_R_NO_CIPHERS_SPECIFIED ,"no ciphers specified"}, +{SSL_R_NO_CIPHER_LIST ,"no cipher list"}, +{SSL_R_NO_CIPHER_MATCH ,"no cipher match"}, +{SSL_R_NO_CLIENT_CERT_RECEIVED ,"no client cert received"}, +{SSL_R_NO_COMPRESSION_SPECIFIED ,"no compression specified"}, +{SSL_R_NO_PRIVATEKEY ,"no privatekey"}, +{SSL_R_NO_PRIVATE_KEY_ASSIGNED ,"no private key assigned"}, +{SSL_R_NO_PROTOCOLS_AVAILABLE ,"no protocols available"}, +{SSL_R_NO_PUBLICKEY ,"no publickey"}, +{SSL_R_NO_SHARED_CIPHER ,"no shared cipher"}, +{SSL_R_NULL_SSL_CTX ,"null ssl ctx"}, +{SSL_R_NULL_SSL_METHOD_PASSED ,"null ssl method passed"}, +{SSL_R_OLD_SESSION_CIPHER_NOT_RETURNED ,"old session cipher not returned"}, +{SSL_R_PACKET_LENGTH_TOO_LONG ,"packet length too long"}, +{SSL_R_PEER_DID_NOT_RETURN_A_CERTIFICATE ,"peer did not return a certificate"}, +{SSL_R_PEER_ERROR ,"peer error"}, +{SSL_R_PEER_ERROR_CERTIFICATE ,"peer error certificate"}, +{SSL_R_PEER_ERROR_NO_CERTIFICATE ,"peer error no certificate"}, +{SSL_R_PEER_ERROR_NO_CIPHER ,"peer error no cipher"}, +{SSL_R_PEER_ERROR_UNSUPPORTED_CERTIFICATE_TYPE,"peer error unsupported certificate type"}, +{SSL_R_PRE_MAC_LENGTH_TOO_LONG ,"pre mac length too long"}, +{SSL_R_PROBLEMS_MAPPING_CIPHER_FUNCTIONS ,"problems mapping cipher functions"}, +{SSL_R_PROTOCOL_IS_SHUTDOWN ,"protocol is shutdown"}, +{SSL_R_PUBLIC_KEY_ENCRYPT_ERROR ,"public key encrypt error"}, +{SSL_R_PUBLIC_KEY_IS_NOT_RSA ,"public key is not rsa"}, +{SSL_R_PUBLIC_KEY_NOT_RSA ,"public key not rsa"}, +{SSL_R_READ_BIO_NOT_SET ,"read bio not set"}, +{SSL_R_READ_WRONG_PACKET_TYPE ,"read wrong packet type"}, +{SSL_R_RECORD_LENGTH_MISMATCH ,"record length mismatch"}, +{SSL_R_RECORD_TOO_LARGE ,"record too large"}, +{SSL_R_REQUIRED_CIPHER_MISSING ,"required cipher missing"}, +{SSL_R_REUSE_CERT_LENGTH_NOT_ZERO ,"reuse cert length not zero"}, +{SSL_R_REUSE_CERT_TYPE_NOT_ZERO ,"reuse cert type not zero"}, +{SSL_R_REUSE_CIPHER_LIST_NOT_ZERO ,"reuse cipher list not zero"}, +{SSL_R_SHORT_READ ,"short read"}, +{SSL_R_SIGNATURE_FOR_NON_SIGNING_CERTIFICATE,"signature for non signing certificate"}, +{SSL_R_SSL3_SESSION_ID_TOO_SHORT ,"ssl3 session id too short"}, +{SSL_R_SSLV3_ALERT_BAD_CERTIFICATE ,"sslv3 alert bad certificate"}, +{SSL_R_SSLV3_ALERT_BAD_RECORD_MAC ,"sslv3 alert bad record mac"}, +{SSL_R_SSLV3_ALERT_CERTIFICATE_EXPIRED ,"sslv3 alert certificate expired"}, +{SSL_R_SSLV3_ALERT_CERTIFICATE_REVOKED ,"sslv3 alert certificate revoked"}, +{SSL_R_SSLV3_ALERT_CERTIFICATE_UNKNOWN ,"sslv3 alert certificate unknown"}, +{SSL_R_SSLV3_ALERT_DECOMPRESSION_FAILURE ,"sslv3 alert decompression failure"}, +{SSL_R_SSLV3_ALERT_HANDSHAKE_FAILURE ,"sslv3 alert handshake failure"}, +{SSL_R_SSLV3_ALERT_ILLEGAL_PARAMETER ,"sslv3 alert illegal parameter"}, +{SSL_R_SSLV3_ALERT_NO_CERTIFICATE ,"sslv3 alert no certificate"}, +{SSL_R_SSLV3_ALERT_PEER_ERROR_CERTIFICATE,"sslv3 alert peer error certificate"}, +{SSL_R_SSLV3_ALERT_PEER_ERROR_NO_CERTIFICATE,"sslv3 alert peer error no certificate"}, +{SSL_R_SSLV3_ALERT_PEER_ERROR_NO_CIPHER ,"sslv3 alert peer error no cipher"}, +{SSL_R_SSLV3_ALERT_PEER_ERROR_UNSUPPORTED_CERTIFICATE_TYPE,"sslv3 alert peer error unsupported certificate type"}, +{SSL_R_SSLV3_ALERT_UNEXPECTED_MESSAGE ,"sslv3 alert unexpected message"}, +{SSL_R_SSLV3_ALERT_UNKNOWN_REMOTE_ERROR_TYPE,"sslv3 alert unknown remote error type"}, +{SSL_R_SSLV3_ALERT_UNSUPPORTED_CERTIFICATE,"sslv3 alert unsupported certificate"}, +{SSL_R_SSL_CTX_HAS_NO_DEFAULT_SSL_VERSION,"ssl ctx has no default ssl version"}, +{SSL_R_SSL_HANDSHAKE_FAILURE ,"ssl handshake failure"}, +{SSL_R_SSL_LIBRARY_HAS_NO_CIPHERS ,"ssl library has no ciphers"}, +{SSL_R_SSL_SESSION_ID_IS_DIFFERENT ,"ssl session id is different"}, +{SSL_R_TLS_CLIENT_CERT_REQ_WITH_ANON_CIPHER,"tls client cert req with anon cipher"}, +{SSL_R_TLS_PEER_DID_NOT_RESPOND_WITH_CERTIFICATE_LIST,"tls peer did not respond with certificate list"}, +{SSL_R_TLS_RSA_ENCRYPTED_VALUE_LENGTH_IS_WRONG,"tls rsa encrypted value length is wrong"}, +{SSL_R_TRIED_TO_USE_UNSUPPORTED_CIPHER ,"tried to use unsupported cipher"}, +{SSL_R_UNABLE_TO_DECODE_DH_CERTS ,"unable to decode dh certs"}, +{SSL_R_UNABLE_TO_EXTRACT_PUBLIC_KEY ,"unable to extract public key"}, +{SSL_R_UNABLE_TO_FIND_DH_PARAMETERS ,"unable to find dh parameters"}, +{SSL_R_UNABLE_TO_FIND_PUBLIC_KEY_PARAMETERS,"unable to find public key parameters"}, +{SSL_R_UNABLE_TO_FIND_SSL_METHOD ,"unable to find ssl method"}, +{SSL_R_UNABLE_TO_LOAD_SSL2_MD5_ROUTINES ,"unable to load ssl2 md5 routines"}, +{SSL_R_UNABLE_TO_LOAD_SSL3_MD5_ROUTINES ,"unable to load ssl3 md5 routines"}, +{SSL_R_UNABLE_TO_LOAD_SSL3_SHA1_ROUTINES ,"unable to load ssl3 sha1 routines"}, +{SSL_R_UNEXPECTED_MESSAGE ,"unexpected message"}, +{SSL_R_UNEXPECTED_RECORD ,"unexpected record"}, +{SSL_R_UNKNOWN_ALERT_TYPE ,"unknown alert type"}, +{SSL_R_UNKNOWN_CERTIFICATE_TYPE ,"unknown certificate type"}, +{SSL_R_UNKNOWN_CIPHER_RETURNED ,"unknown cipher returned"}, +{SSL_R_UNKNOWN_CIPHER_TYPE ,"unknown cipher type"}, +{SSL_R_UNKNOWN_KEY_EXCHANGE_TYPE ,"unknown key exchange type"}, +{SSL_R_UNKNOWN_PKEY_TYPE ,"unknown pkey type"}, +{SSL_R_UNKNOWN_PROTOCOL ,"unknown protocol"}, +{SSL_R_UNKNOWN_REMOTE_ERROR_TYPE ,"unknown remote error type"}, +{SSL_R_UNKNOWN_SSL_VERSION ,"unknown ssl version"}, +{SSL_R_UNKNOWN_STATE ,"unknown state"}, +{SSL_R_UNSUPPORTED_CIPHER ,"unsupported cipher"}, +{SSL_R_UNSUPPORTED_COMPRESSION_ALGORITHM ,"unsupported compression algorithm"}, +{SSL_R_UNSUPPORTED_PROTOCOL ,"unsupported protocol"}, +{SSL_R_UNSUPPORTED_SSL_VERSION ,"unsupported ssl version"}, +{SSL_R_WRITE_BIO_NOT_SET ,"write bio not set"}, +{SSL_R_WRONG_CIPHER_RETURNED ,"wrong cipher returned"}, +{SSL_R_WRONG_MESSAGE_TYPE ,"wrong message type"}, +{SSL_R_WRONG_NUMBER_OF_KEY_BITS ,"wrong number of key bits"}, +{SSL_R_WRONG_SIGNATURE_LENGTH ,"wrong signature length"}, +{SSL_R_WRONG_SIGNATURE_SIZE ,"wrong signature size"}, +{SSL_R_WRONG_SSL_VERSION ,"wrong ssl version"}, +{SSL_R_WRONG_VERSION_NUMBER ,"wrong version number"}, +{SSL_R_X509_LIB ,"x509 lib"}, +{0,NULL}, + }; + +#endif + +void ERR_load_SSL_strings() + { + static int init=1; + + if (init); + {; + init=0; +#ifndef NO_ERR + ERR_load_strings(ERR_LIB_SSL,SSL_str_functs); + ERR_load_strings(ERR_LIB_SSL,SSL_str_reasons); +#endif + + } + } diff --git a/src/lib/libssl/ssl_err2.c b/src/lib/libssl/ssl_err2.c new file mode 100644 index 0000000000..0b91f7b8d2 --- /dev/null +++ b/src/lib/libssl/ssl_err2.c @@ -0,0 +1,70 @@ +/* ssl/ssl_err2.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include +#include "err.h" +#include "ssl.h" + +void SSL_load_error_strings() + { +#ifndef NO_ERR + ERR_load_crypto_strings(); + ERR_load_SSL_strings(); +#endif + } + diff --git a/src/lib/libssl/ssl_lib.c b/src/lib/libssl/ssl_lib.c new file mode 100644 index 0000000000..f562ec6b14 --- /dev/null +++ b/src/lib/libssl/ssl_lib.c @@ -0,0 +1,1721 @@ +/* ssl/ssl_lib.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include +#include "objects.h" +#include "lhash.h" +#include "ssl_locl.h" + +char *SSL_version_str="SSLeay 0.9.0b 29-Jun-1998"; + +static STACK *ssl_meth=NULL; +static STACK *ssl_ctx_meth=NULL; +static int ssl_meth_num=0; +static int ssl_ctx_meth_num=0; + +SSL3_ENC_METHOD ssl3_undef_enc_method={ + ssl_undefined_function, + ssl_undefined_function, + ssl_undefined_function, + ssl_undefined_function, + ssl_undefined_function, + ssl_undefined_function, + }; + +void SSL_clear(s) +SSL *s; + { + int state; + + if (s->method == NULL) return; + + s->error=0; + s->hit=0; + + /* This is set if we are doing dynamic renegotiation so keep + * the old cipher. It is sort of a SSL_clear_lite :-) */ + if (s->new_session) return; + + state=s->state; /* Keep to check if we throw away the session-id */ + s->type=0; + + s->version=s->method->version; + s->rwstate=SSL_NOTHING; + s->state=SSL_ST_BEFORE; + s->rstate=SSL_ST_READ_HEADER; + s->read_ahead=s->ctx->default_read_ahead; + +/* s->shutdown=(SSL_SENT_SHUTDOWN|SSL_RECEIVED_SHUTDOWN); */ + + if (s->init_buf != NULL) + { + BUF_MEM_free(s->init_buf); + s->init_buf=NULL; + } + + ssl_clear_cipher_ctx(s); + + if (ssl_clear_bad_session(s)) + { + SSL_SESSION_free(s->session); + s->session=NULL; + } + + s->shutdown=(SSL_SENT_SHUTDOWN|SSL_RECEIVED_SHUTDOWN); + s->first_packet=0; + + s->method->ssl_clear(s); + } + +/* Used to change an SSL_CTXs default SSL method type */ +int SSL_CTX_set_ssl_version(ctx,meth) +SSL_CTX *ctx; +SSL_METHOD *meth; + { + STACK *sk; + + ctx->method=meth; + + sk=ssl_create_cipher_list(ctx->method,&(ctx->cipher_list), + &(ctx->cipher_list_by_id),SSL_DEFAULT_CIPHER_LIST); + if ((sk == NULL) || (sk_num(sk) <= 0)) + { + SSLerr(SSL_F_SSL_CTX_SET_SSL_VERSION,SSL_R_SSL_LIBRARY_HAS_NO_CIPHERS); + return(0); + } + return(1); + } + +SSL *SSL_new(ctx) +SSL_CTX *ctx; + { + SSL *s; + + if (ctx == NULL) + { + SSLerr(SSL_F_SSL_NEW,SSL_R_NULL_SSL_CTX); + return(NULL); + } + if (ctx->method == NULL) + { + SSLerr(SSL_F_SSL_NEW,SSL_R_SSL_CTX_HAS_NO_DEFAULT_SSL_VERSION); + return(NULL); + } + + s=(SSL *)Malloc(sizeof(SSL)); + if (s == NULL) goto err; + memset(s,0,sizeof(SSL)); + + if (ctx->default_cert != NULL) + { + CRYPTO_add(&ctx->default_cert->references,1, + CRYPTO_LOCK_SSL_CERT); + s->cert=ctx->default_cert; + } + else + s->cert=NULL; + s->verify_mode=ctx->default_verify_mode; + s->verify_callback=ctx->default_verify_callback; + CRYPTO_add(&ctx->references,1,CRYPTO_LOCK_SSL_CTX); + s->ctx=ctx; + + s->verify_result=X509_V_OK; + + s->method=ctx->method; + + if (!s->method->ssl_new(s)) + { + SSL_CTX_free(ctx); + Free(s); + goto err; + } + + s->quiet_shutdown=ctx->quiet_shutdown; + s->references=1; + s->options=ctx->options; + SSL_clear(s); + + CRYPTO_new_ex_data(ssl_meth,(char *)s,&s->ex_data); + + return(s); +err: + SSLerr(SSL_F_SSL_NEW,ERR_R_MALLOC_FAILURE); + return(NULL); + } + +void SSL_free(s) +SSL *s; + { + int i; + + i=CRYPTO_add(&s->references,-1,CRYPTO_LOCK_SSL); +#ifdef REF_PRINT + REF_PRINT("SSL",s); +#endif + if (i > 0) return; +#ifdef REF_CHECK + if (i < 0) + { + fprintf(stderr,"SSL_free, bad reference count\n"); + abort(); /* ok */ + } +#endif + + CRYPTO_free_ex_data(ssl_meth,(char *)s,&s->ex_data); + + if (s->bbio != NULL) + { + /* If the buffering BIO is in place, pop it off */ + if (s->bbio == s->wbio) + { + s->wbio=BIO_pop(s->wbio); + } + BIO_free(s->bbio); + s->bbio=NULL; + } + if (s->rbio != NULL) + BIO_free_all(s->rbio); + if ((s->wbio != NULL) && (s->wbio != s->rbio)) + BIO_free_all(s->wbio); + + if (s->init_buf != NULL) BUF_MEM_free(s->init_buf); + + /* add extra stuff */ + if (s->cipher_list != NULL) sk_free(s->cipher_list); + if (s->cipher_list_by_id != NULL) sk_free(s->cipher_list_by_id); + + /* Make the next call work :-) */ + if (s->session != NULL) + { + ssl_clear_bad_session(s); + SSL_SESSION_free(s->session); + } + + ssl_clear_cipher_ctx(s); + + if (s->cert != NULL) ssl_cert_free(s->cert); + /* Free up if allocated */ + + if (s->ctx) SSL_CTX_free(s->ctx); + + if (s->client_CA != NULL) + sk_pop_free(s->client_CA,X509_NAME_free); + + if (s->method != NULL) s->method->ssl_free(s); + + Free((char *)s); + } + +void SSL_set_bio(s, rbio,wbio) +SSL *s; +BIO *rbio; +BIO *wbio; + { + /* If the output buffering BIO is still in place, remove it + */ + if (s->bbio != NULL) + { + if (s->wbio == s->bbio) + { + s->wbio=s->wbio->next_bio; + s->bbio->next_bio=NULL; + } + } + if ((s->rbio != NULL) && (s->rbio != rbio)) + BIO_free_all(s->rbio); + if ((s->wbio != NULL) && (s->wbio != wbio) && (s->rbio != s->wbio)) + BIO_free_all(s->wbio); + s->rbio=rbio; + s->wbio=wbio; + } + +BIO *SSL_get_rbio(s) +SSL *s; + { return(s->rbio); } + +BIO *SSL_get_wbio(s) +SSL *s; + { return(s->wbio); } + +int SSL_get_fd(s) +SSL *s; + { + int ret= -1; + BIO *b,*r; + + b=SSL_get_rbio(s); + r=BIO_find_type(b,BIO_TYPE_DESCRIPTOR); + if (r != NULL) + BIO_get_fd(r,&ret); + return(ret); + } + +#ifndef NO_SOCK +int SSL_set_fd(s, fd) +SSL *s; +int fd; + { + int ret=0; + BIO *bio=NULL; + + bio=BIO_new(BIO_s_socket()); + + if (bio == NULL) + { + SSLerr(SSL_F_SSL_SET_FD,ERR_R_BUF_LIB); + goto err; + } + BIO_set_fd(bio,fd,BIO_NOCLOSE); + SSL_set_bio(s,bio,bio); + ret=1; +err: + return(ret); + } + +int SSL_set_wfd(s, fd) +SSL *s; +int fd; + { + int ret=0; + BIO *bio=NULL; + + if ((s->rbio == NULL) || (BIO_method_type(s->rbio) != BIO_TYPE_SOCKET) + || ((int)BIO_get_fd(s->rbio,NULL) != fd)) + { + bio=BIO_new(BIO_s_socket()); + + if (bio == NULL) + { SSLerr(SSL_F_SSL_SET_WFD,ERR_R_BUF_LIB); goto err; } + BIO_set_fd(bio,fd,BIO_NOCLOSE); + SSL_set_bio(s,SSL_get_rbio(s),bio); + } + else + SSL_set_bio(s,SSL_get_rbio(s),SSL_get_rbio(s)); + ret=1; +err: + return(ret); + } + +int SSL_set_rfd(s, fd) +SSL *s; +int fd; + { + int ret=0; + BIO *bio=NULL; + + if ((s->wbio == NULL) || (BIO_method_type(s->wbio) != BIO_TYPE_SOCKET) + || ((int)BIO_get_fd(s->wbio,NULL) != fd)) + { + bio=BIO_new(BIO_s_socket()); + + if (bio == NULL) + { + SSLerr(SSL_F_SSL_SET_RFD,ERR_R_BUF_LIB); + goto err; + } + BIO_set_fd(bio,fd,BIO_NOCLOSE); + SSL_set_bio(s,bio,SSL_get_wbio(s)); + } + else + SSL_set_bio(s,SSL_get_wbio(s),SSL_get_wbio(s)); + ret=1; +err: + return(ret); + } +#endif + +int SSL_get_verify_mode(s) +SSL *s; + { + return(s->verify_mode); + } + +int (*SSL_get_verify_callback(s))() +SSL *s; + { + return(s->verify_callback); + } + +int SSL_CTX_get_verify_mode(ctx) +SSL_CTX *ctx; + { + return(ctx->default_verify_mode); + } + +int (*SSL_CTX_get_verify_callback(ctx))() +SSL_CTX *ctx; + { + return(ctx->default_verify_callback); + } + +void SSL_set_verify(s, mode, callback) +SSL *s; +int mode; +int (*callback)(); + { + s->verify_mode=mode; + if (callback != NULL) + s->verify_callback=callback; + } + +void SSL_set_read_ahead(s, yes) +SSL *s; +int yes; + { + s->read_ahead=yes; + } + +int SSL_get_read_ahead(s) +SSL *s; + { + return(s->read_ahead); + } + +int SSL_pending(s) +SSL *s; + { + return(s->method->ssl_pending(s)); + } + +X509 *SSL_get_peer_certificate(s) +SSL *s; + { + X509 *r; + + if ((s == NULL) || (s->session == NULL)) + r=NULL; + else + r=s->session->peer; + + if (r == NULL) return(r); + + CRYPTO_add(&r->references,1,CRYPTO_LOCK_X509); + + return(r); + } + +STACK *SSL_get_peer_cert_chain(s) +SSL *s; + { + STACK *r; + + if ((s == NULL) || (s->session == NULL) || (s->session->cert == NULL)) + r=NULL; + else + r=s->session->cert->cert_chain; + + return(r); + } + +/* Now in theory, since the calling process own 't' it should be safe to + * modify. We need to be able to read f without being hassled */ +void SSL_copy_session_id(t,f) +SSL *t,*f; + { + CERT *tmp; + + /* Do we need to to SSL locking? */ + SSL_set_session(t,SSL_get_session(f)); + + /* what if we are setup as SSLv2 but want to talk SSLv3 or + * vice-versa */ + if (t->method != f->method) + { + t->method->ssl_free(t); /* cleanup current */ + t->method=f->method; /* change method */ + t->method->ssl_new(t); /* setup new */ + } + + tmp=t->cert; + if (f->cert != NULL) + { + CRYPTO_add(&f->cert->references,1,CRYPTO_LOCK_SSL_CERT); + t->cert=f->cert; + } + else + t->cert=NULL; + if (tmp != NULL) ssl_cert_free(tmp); + } + +/* Fix this so it checks all the valid key/cert options */ +int SSL_CTX_check_private_key(ctx) +SSL_CTX *ctx; + { + if ( (ctx == NULL) || + (ctx->default_cert == NULL) || + (ctx->default_cert->key->x509 == NULL)) + { + SSLerr(SSL_F_SSL_CTX_CHECK_PRIVATE_KEY,SSL_R_NO_CERTIFICATE_ASSIGNED); + return(0); + } + if (ctx->default_cert->key->privatekey == NULL) + { + SSLerr(SSL_F_SSL_CTX_CHECK_PRIVATE_KEY,SSL_R_NO_PRIVATE_KEY_ASSIGNED); + return(0); + } + return(X509_check_private_key(ctx->default_cert->key->x509, ctx->default_cert->key->privatekey)); + } + +/* Fix this function so that it takes an optional type parameter */ +int SSL_check_private_key(ssl) +SSL *ssl; + { + if (ssl == NULL) + { + SSLerr(SSL_F_SSL_CHECK_PRIVATE_KEY,ERR_R_PASSED_NULL_PARAMETER); + return(0); + } + if (ssl->cert == NULL) + return(SSL_CTX_check_private_key(ssl->ctx)); + if (ssl->cert->key->x509 == NULL) + { + SSLerr(SSL_F_SSL_CHECK_PRIVATE_KEY,SSL_R_NO_CERTIFICATE_ASSIGNED); + return(0); + } + if (ssl->cert->key->privatekey == NULL) + { + SSLerr(SSL_F_SSL_CHECK_PRIVATE_KEY,SSL_R_NO_PRIVATE_KEY_ASSIGNED); + return(0); + } + return(X509_check_private_key(ssl->cert->key->x509, + ssl->cert->key->privatekey)); + } + +int SSL_accept(s) +SSL *s; + { + return(s->method->ssl_accept(s)); + } + +int SSL_connect(s) +SSL *s; + { + return(s->method->ssl_connect(s)); + } + +long SSL_get_default_timeout(s) +SSL *s; + { + return(s->method->get_timeout()); + } + +int SSL_read(s,buf,num) +SSL *s; +char *buf; +int num; + { + if (s->shutdown & SSL_RECEIVED_SHUTDOWN) + { + s->rwstate=SSL_NOTHING; + return(0); + } + return(s->method->ssl_read(s,buf,num)); + } + +int SSL_peek(s,buf,num) +SSL *s; +char *buf; +int num; + { + if (s->shutdown & SSL_RECEIVED_SHUTDOWN) + { + return(0); + } + return(s->method->ssl_peek(s,buf,num)); + } + +int SSL_write(s,buf,num) +SSL *s; +char *buf; +int num; + { + if (s->shutdown & SSL_SENT_SHUTDOWN) + { + s->rwstate=SSL_NOTHING; + SSLerr(SSL_F_SSL_WRITE,SSL_R_PROTOCOL_IS_SHUTDOWN); + return(-1); + } + return(s->method->ssl_write(s,buf,num)); + } + +int SSL_shutdown(s) +SSL *s; + { + if ((s != NULL) && !SSL_in_init(s)) + return(s->method->ssl_shutdown(s)); + else + return(1); + } + +int SSL_renegotiate(s) +SSL *s; + { + s->new_session=1; + return(s->method->ssl_renegotiate(s)); + } + +long SSL_ctrl(s,cmd,larg,parg) +SSL *s; +int cmd; +long larg; +char *parg; + { + return(s->method->ssl_ctrl(s,cmd,larg,parg)); + } + +long SSL_CTX_ctrl(ctx,cmd,larg,parg) +SSL_CTX *ctx; +int cmd; +long larg; +char *parg; + { + return(ctx->method->ssl_ctx_ctrl(ctx,cmd,larg,parg)); + } + +int ssl_cipher_id_cmp(a,b) +SSL_CIPHER *a,*b; + { + long l; + + l=a->id-b->id; + if (l == 0L) + return(0); + else + return((l > 0)?1:-1); + } + +int ssl_cipher_ptr_id_cmp(ap,bp) +SSL_CIPHER **ap,**bp; + { + long l; + + l=(*ap)->id-(*bp)->id; + if (l == 0L) + return(0); + else + return((l > 0)?1:-1); + } + +/* return a STACK of the ciphers available for the SSL and in order of + * preference */ +STACK *SSL_get_ciphers(s) +SSL *s; + { + if ((s != NULL) && (s->cipher_list != NULL)) + { + return(s->cipher_list); + } + else if ((s->ctx != NULL) && + (s->ctx->cipher_list != NULL)) + { + return(s->ctx->cipher_list); + } + return(NULL); + } + +/* return a STACK of the ciphers available for the SSL and in order of + * algorithm id */ +STACK *ssl_get_ciphers_by_id(s) +SSL *s; + { + if ((s != NULL) && (s->cipher_list_by_id != NULL)) + { + return(s->cipher_list_by_id); + } + else if ((s != NULL) && (s->ctx != NULL) && + (s->ctx->cipher_list_by_id != NULL)) + { + return(s->ctx->cipher_list_by_id); + } + return(NULL); + } + +/* The old interface to get the same thing as SSL_get_ciphers() */ +char *SSL_get_cipher_list(s,n) +SSL *s; +int n; + { + SSL_CIPHER *c; + STACK *sk; + + if (s == NULL) return(NULL); + sk=SSL_get_ciphers(s); + if ((sk == NULL) || (sk_num(sk) <= n)) + return(NULL); + c=(SSL_CIPHER *)sk_value(sk,n); + if (c == NULL) return(NULL); + return(c->name); + } + +/* specify the ciphers to be used by defaut by the SSL_CTX */ +int SSL_CTX_set_cipher_list(ctx,str) +SSL_CTX *ctx; +char *str; + { + STACK *sk; + + sk=ssl_create_cipher_list(ctx->method,&ctx->cipher_list, + &ctx->cipher_list_by_id,str); +/* XXXX */ + return((sk == NULL)?0:1); + } + +/* specify the ciphers to be used by the SSL */ +int SSL_set_cipher_list(s, str) +SSL *s; +char *str; + { + STACK *sk; + + sk=ssl_create_cipher_list(s->ctx->method,&s->cipher_list, + &s->cipher_list_by_id,str); +/* XXXX */ + return((sk == NULL)?0:1); + } + +/* works well for SSLv2, not so good for SSLv3 */ +char *SSL_get_shared_ciphers(s,buf,len) +SSL *s; +char *buf; +int len; + { + char *p,*cp; + STACK *sk; + SSL_CIPHER *c; + int i; + + if ((s->session == NULL) || (s->session->ciphers == NULL) || + (len < 2)) + return(NULL); + + p=buf; + sk=s->session->ciphers; + for (i=0; iname; *cp; ) + { + if (len-- == 0) + { + *p='\0'; + return(buf); + } + else + *(p++)= *(cp++); + } + *(p++)=':'; + } + p[-1]='\0'; + return(buf); + } + +int ssl_cipher_list_to_bytes(s,sk,p) +SSL *s; +STACK *sk; +unsigned char *p; + { + int i,j=0; + SSL_CIPHER *c; + unsigned char *q; + + if (sk == NULL) return(0); + q=p; + + for (i=0; isession_id[0] )|(a->session_id[1]<< 8L)| + (a->session_id[2]<<16L)|(a->session_id[3]<<24L); + return(l); + } + +int SSL_SESSION_cmp(a, b) +SSL_SESSION *a; +SSL_SESSION *b; + { + if (a->ssl_version != b->ssl_version) + return(1); + if (a->session_id_length != b->session_id_length) + return(1); + return(memcmp(a->session_id,b->session_id,a->session_id_length)); + } + +SSL_CTX *SSL_CTX_new(meth) +SSL_METHOD *meth; + { + SSL_CTX *ret; + + if (meth == NULL) + { + SSLerr(SSL_F_SSL_CTX_NEW,SSL_R_NULL_SSL_METHOD_PASSED); + return(NULL); + } + ret=(SSL_CTX *)Malloc(sizeof(SSL_CTX)); + if (ret == NULL) + goto err; + + memset(ret,0,sizeof(SSL_CTX)); + + ret->method=meth; + + ret->cert_store=NULL; + ret->session_cache_mode=SSL_SESS_CACHE_SERVER; + ret->session_cache_size=SSL_SESSION_CACHE_MAX_SIZE_DEFAULT; + ret->session_cache_head=NULL; + ret->session_cache_tail=NULL; + + /* We take the system default */ + ret->session_timeout=meth->get_timeout(); + + ret->new_session_cb=NULL; + ret->remove_session_cb=NULL; + ret->get_session_cb=NULL; + + ret->sess_connect=0; + ret->sess_connect_good=0; + ret->sess_accept=0; + ret->sess_accept_renegotiate=0; + ret->sess_connect_renegotiate=0; + ret->sess_accept_good=0; + ret->sess_miss=0; + ret->sess_timeout=0; + ret->sess_cache_full=0; + ret->sess_hit=0; + ret->sess_cb_hit=0; + + ret->references=1; + ret->quiet_shutdown=0; + +/* ret->cipher=NULL;*/ +/* ret->s2->challenge=NULL; + ret->master_key=NULL; + ret->key_arg=NULL; + ret->s2->conn_id=NULL; */ + + ret->info_callback=NULL; + + ret->app_verify_callback=NULL; + ret->app_verify_arg=NULL; + + ret->default_read_ahead=0; + ret->default_verify_mode=SSL_VERIFY_NONE; + ret->default_verify_callback=NULL; + if ((ret->default_cert=ssl_cert_new()) == NULL) + goto err; + + ret->default_passwd_callback=NULL; + ret->client_cert_cb=NULL; + + ret->sessions=lh_new(SSL_SESSION_hash,SSL_SESSION_cmp); + if (ret->sessions == NULL) goto err; + ret->cert_store=X509_STORE_new(); + if (ret->cert_store == NULL) goto err; + + ssl_create_cipher_list(ret->method, + &ret->cipher_list,&ret->cipher_list_by_id, + SSL_DEFAULT_CIPHER_LIST); + if ((ret->cipher_list == NULL) || (sk_num(ret->cipher_list) <= 0)) + { + SSLerr(SSL_F_SSL_CTX_NEW,SSL_R_LIBRARY_HAS_NO_CIPHERS); + goto err2; + } + + if ((ret->rsa_md5=EVP_get_digestbyname("ssl2-md5")) == NULL) + { + SSLerr(SSL_F_SSL_CTX_NEW,SSL_R_UNABLE_TO_LOAD_SSL2_MD5_ROUTINES); + goto err2; + } + if ((ret->md5=EVP_get_digestbyname("ssl3-md5")) == NULL) + { + SSLerr(SSL_F_SSL_CTX_NEW,SSL_R_UNABLE_TO_LOAD_SSL3_MD5_ROUTINES); + goto err2; + } + if ((ret->sha1=EVP_get_digestbyname("ssl3-sha1")) == NULL) + { + SSLerr(SSL_F_SSL_CTX_NEW,SSL_R_UNABLE_TO_LOAD_SSL3_SHA1_ROUTINES); + goto err2; + } + + if ((ret->client_CA=sk_new_null()) == NULL) + goto err; + + CRYPTO_new_ex_data(ssl_ctx_meth,(char *)ret,&ret->ex_data); + + return(ret); +err: + SSLerr(SSL_F_SSL_CTX_NEW,ERR_R_MALLOC_FAILURE); +err2: + if (ret != NULL) SSL_CTX_free(ret); + return(NULL); + } + +void SSL_CTX_free(a) +SSL_CTX *a; + { + int i; + + if (a == NULL) return; + + i=CRYPTO_add(&a->references,-1,CRYPTO_LOCK_SSL_CTX); +#ifdef REF_PRINT + REF_PRINT("SSL_CTX",a); +#endif + if (i > 0) return; +#ifdef REF_CHECK + if (i < 0) + { + fprintf(stderr,"SSL_CTX_free, bad reference count\n"); + abort(); /* ok */ + } +#endif + CRYPTO_free_ex_data(ssl_ctx_meth,(char *)a,&a->ex_data); + + if (a->sessions != NULL) + { + SSL_CTX_flush_sessions(a,0); + lh_free(a->sessions); + } + if (a->cert_store != NULL) + X509_STORE_free(a->cert_store); + if (a->cipher_list != NULL) + sk_free(a->cipher_list); + if (a->cipher_list_by_id != NULL) + sk_free(a->cipher_list_by_id); + if (a->default_cert != NULL) + ssl_cert_free(a->default_cert); + if (a->client_CA != NULL) + sk_pop_free(a->client_CA,X509_NAME_free); + Free((char *)a); + } + +void SSL_CTX_set_default_passwd_cb(ctx,cb) +SSL_CTX *ctx; +int (*cb)(); + { + ctx->default_passwd_callback=cb; + } + +void SSL_CTX_set_cert_verify_cb(ctx,cb,arg) +SSL_CTX *ctx; +int (*cb)(); +char *arg; + { + ctx->app_verify_callback=cb; + ctx->app_verify_arg=arg; + } + +void SSL_CTX_set_verify(ctx,mode,cb) +SSL_CTX *ctx; +int mode; +int (*cb)(); + { + ctx->default_verify_mode=mode; + ctx->default_verify_callback=cb; + /* This needs cleaning up EAY EAY EAY */ + X509_STORE_set_verify_cb_func(ctx->cert_store,cb); + } + +void ssl_set_cert_masks(c) +CERT *c; + { + CERT_PKEY *cpk; + int rsa_enc,rsa_tmp,rsa_sign,dh_tmp,dh_rsa,dh_dsa,dsa_sign; + int rsa_enc_export,dh_rsa_export,dh_dsa_export; + int rsa_tmp_export,dh_tmp_export; + unsigned long mask,emask; + + if ((c == NULL) || (c->valid)) return; + +#ifndef NO_RSA + rsa_tmp=((c->rsa_tmp != NULL) || (c->rsa_tmp_cb != NULL))?1:0; + rsa_tmp_export=((c->rsa_tmp_cb != NULL) || + (rsa_tmp && (RSA_size(c->rsa_tmp)*8 <= 512)))?1:0; +#else + rsa_tmp=rsa_tmp_export=0; +#endif +#ifndef NO_DH + dh_tmp=((c->dh_tmp != NULL) || (c->dh_tmp_cb != NULL))?1:0; + dh_tmp_export=((c->dh_tmp_cb != NULL) || + (dh_tmp && (DH_size(c->dh_tmp)*8 <= 512)))?1:0; +#else + dh_tmp=dh_tmp_export=0; +#endif + + cpk= &(c->pkeys[SSL_PKEY_RSA_ENC]); + rsa_enc= ((cpk->x509 != NULL) && (cpk->privatekey != NULL))?1:0; + rsa_enc_export=(rsa_enc && (EVP_PKEY_size(cpk->privatekey)*8 <= 512))?1:0; + cpk= &(c->pkeys[SSL_PKEY_RSA_SIGN]); + rsa_sign=((cpk->x509 != NULL) && (cpk->privatekey != NULL))?1:0; + cpk= &(c->pkeys[SSL_PKEY_DSA_SIGN]); + dsa_sign=((cpk->x509 != NULL) && (cpk->privatekey != NULL))?1:0; + cpk= &(c->pkeys[SSL_PKEY_DH_RSA]); + dh_rsa= ((cpk->x509 != NULL) && (cpk->privatekey != NULL))?1:0; + dh_rsa_export=(dh_rsa && (EVP_PKEY_size(cpk->privatekey)*8 <= 512))?1:0; + cpk= &(c->pkeys[SSL_PKEY_DH_DSA]); +/* FIX THIS EAY EAY EAY */ + dh_dsa= ((cpk->x509 != NULL) && (cpk->privatekey != NULL))?1:0; + dh_dsa_export=(dh_dsa && (EVP_PKEY_size(cpk->privatekey)*8 <= 512))?1:0; + + mask=0; + emask=0; + +#ifdef CIPHER_DEBUG + printf("rt=%d dht=%d re=%d rs=%d ds=%d dhr=%d dhd=%d\n", + rsa_tmp,dh_tmp, + rsa_enc,rsa_sign,dsa_sign,dh_rsa,dh_dsa); +#endif + + if (rsa_enc || (rsa_tmp && rsa_sign)) + mask|=SSL_kRSA; + if (rsa_enc_export || (rsa_tmp_export && rsa_sign)) + emask|=SSL_kRSA; + +#if 0 + /* The match needs to be both kEDH and aRSA or aDSA, so don't worry */ + if ( (dh_tmp || dh_rsa || dh_dsa) && + (rsa_enc || rsa_sign || dsa_sign)) + mask|=SSL_kEDH; + if ((dh_tmp_export || dh_rsa_export || dh_dsa_export) && + (rsa_enc || rsa_sign || dsa_sign)) + emask|=SSL_kEDH; +#endif + + if (dh_tmp_export) + emask|=SSL_kEDH; + + if (dh_tmp) + mask|=SSL_kEDH; + + if (dh_rsa) mask|=SSL_kDHr; + if (dh_rsa_export) emask|=SSL_kDHr; + + if (dh_dsa) mask|=SSL_kDHd; + if (dh_dsa_export) emask|=SSL_kDHd; + + if (rsa_enc || rsa_sign) + { + mask|=SSL_aRSA; + emask|=SSL_aRSA; + } + + if (dsa_sign) + { + mask|=SSL_aDSS; + emask|=SSL_aDSS; + } + +#ifdef SSL_ALLOW_ADH + mask|=SSL_aNULL; + emask|=SSL_aNULL; +#endif + + c->mask=mask; + c->export_mask=emask; + c->valid=1; + } + +/* THIS NEEDS CLEANING UP */ +X509 *ssl_get_server_send_cert(s) +SSL *s; + { + unsigned long alg,mask,kalg; + CERT *c; + int i,export; + + c=s->cert; + ssl_set_cert_masks(c); + alg=s->s3->tmp.new_cipher->algorithms; + export=(alg & SSL_EXPORT)?1:0; + mask=(export)?c->export_mask:c->mask; + kalg=alg&(SSL_MKEY_MASK|SSL_AUTH_MASK); + + if (kalg & SSL_kDHr) + i=SSL_PKEY_DH_RSA; + else if (kalg & SSL_kDHd) + i=SSL_PKEY_DH_DSA; + else if (kalg & SSL_aDSS) + i=SSL_PKEY_DSA_SIGN; + else if (kalg & SSL_aRSA) + { + if (c->pkeys[SSL_PKEY_RSA_ENC].x509 == NULL) + i=SSL_PKEY_RSA_SIGN; + else + i=SSL_PKEY_RSA_ENC; + } + else /* if (kalg & SSL_aNULL) */ + { + SSLerr(SSL_F_SSL_GET_SERVER_SEND_CERT,SSL_R_INTERNAL_ERROR); + return(NULL); + } + if (c->pkeys[i].x509 == NULL) return(NULL); + return(c->pkeys[i].x509); + } + +EVP_PKEY *ssl_get_sign_pkey(s,cipher) +SSL *s; +SSL_CIPHER *cipher; + { + unsigned long alg; + CERT *c; + + alg=cipher->algorithms; + c=s->cert; + + if ((alg & SSL_aDSS) && + (c->pkeys[SSL_PKEY_DSA_SIGN].privatekey != NULL)) + return(c->pkeys[SSL_PKEY_DSA_SIGN].privatekey); + else if (alg & SSL_aRSA) + { + if (c->pkeys[SSL_PKEY_RSA_SIGN].privatekey != NULL) + return(c->pkeys[SSL_PKEY_RSA_SIGN].privatekey); + else if (c->pkeys[SSL_PKEY_RSA_ENC].privatekey != NULL) + return(c->pkeys[SSL_PKEY_RSA_ENC].privatekey); + else + return(NULL); + } + else /* if (alg & SSL_aNULL) */ + { + SSLerr(SSL_F_SSL_GET_SIGN_PKEY,SSL_R_INTERNAL_ERROR); + return(NULL); + } + } + +void ssl_update_cache(s,mode) +SSL *s; +int mode; + { + int i; + + /* If the session_id_length is 0, we are not supposed to cache it, + * and it would be rather hard to do anyway :-) */ + if (s->session->session_id_length == 0) return; + + if ((s->ctx->session_cache_mode & mode) + && (!s->hit) + && SSL_CTX_add_session(s->ctx,s->session) + && (s->ctx->new_session_cb != NULL)) + { + CRYPTO_add(&s->session->references,1,CRYPTO_LOCK_SSL_SESSION); + if (!s->ctx->new_session_cb(s,s->session)) + SSL_SESSION_free(s->session); + } + + /* auto flush every 255 connections */ + i=s->ctx->session_cache_mode; + if ((!(i & SSL_SESS_CACHE_NO_AUTO_CLEAR)) && + ((i & mode) == mode)) + { + if ( (((mode & SSL_SESS_CACHE_CLIENT) + ?s->ctx->sess_connect_good + :s->ctx->sess_accept_good) & 0xff) == 0xff) + { + SSL_CTX_flush_sessions(s->ctx,time(NULL)); + } + } + } + +SSL_METHOD *SSL_get_ssl_method(s) +SSL *s; + { + return(s->method); + } + +int SSL_set_ssl_method(s,meth) +SSL *s; +SSL_METHOD *meth; + { + int conn= -1; + int ret=1; + + if (s->method != meth) + { + if (s->handshake_func != NULL) + conn=(s->handshake_func == s->method->ssl_connect); + + if (s->method->version == meth->version) + s->method=meth; + else + { + s->method->ssl_free(s); + s->method=meth; + ret=s->method->ssl_new(s); + } + + if (conn == 1) + s->handshake_func=meth->ssl_connect; + else if (conn == 0) + s->handshake_func=meth->ssl_accept; + } + return(ret); + } + +int SSL_get_error(s,i) +SSL *s; +int i; + { + int reason; + BIO *bio; + + if (i > 0) return(SSL_ERROR_NONE); + + if (ERR_peek_error() != 0) + return(SSL_ERROR_SSL); + + if ((i < 0) && SSL_want_read(s)) + { + bio=SSL_get_rbio(s); + if (BIO_should_read(bio)) + return(SSL_ERROR_WANT_READ); + else if (BIO_should_write(bio)) + return(SSL_ERROR_WANT_WRITE); + else if (BIO_should_io_special(bio)) + { + reason=BIO_get_retry_reason(bio); + if (reason == BIO_RR_CONNECT) + return(SSL_ERROR_WANT_CONNECT); + else + return(SSL_ERROR_SYSCALL); /* unknown */ + } + } + + if ((i < 0) && SSL_want_write(s)) + { + bio=SSL_get_wbio(s); + if (BIO_should_write(bio)) + return(SSL_ERROR_WANT_WRITE); + else if (BIO_should_read(bio)) + return(SSL_ERROR_WANT_READ); + else if (BIO_should_io_special(bio)) + { + reason=BIO_get_retry_reason(bio); + if (reason == BIO_RR_CONNECT) + return(SSL_ERROR_WANT_CONNECT); + else + return(SSL_ERROR_SYSCALL); + } + } + if ((i < 0) && SSL_want_x509_lookup(s)) + { + return(SSL_ERROR_WANT_X509_LOOKUP); + } + + if (i == 0) + { + if (s->version == SSL2_VERSION) + { + /* assume it is the socket being closed */ + return(SSL_ERROR_ZERO_RETURN); + } + else + { + if ((s->shutdown & SSL_RECEIVED_SHUTDOWN) && + (s->s3->warn_alert == SSL_AD_CLOSE_NOTIFY)) + return(SSL_ERROR_ZERO_RETURN); + } + } + return(SSL_ERROR_SYSCALL); + } + +int SSL_do_handshake(s) +SSL *s; + { + int ret=1; + + if (s->handshake_func == NULL) + { + SSLerr(SSL_F_SSL_DO_HANDSHAKE,SSL_R_CONNECTION_TYPE_NOT_SET); + return(-1); + } + if (s->s3->renegotiate) ssl3_renegotiate_check(s); + if (SSL_in_init(s) || SSL_in_before(s)) + { + ret=s->handshake_func(s); + } + return(ret); + } + +/* For the next 2 functions, SSL_clear() sets shutdown and so + * one of these calls will reset it */ +void SSL_set_accept_state(s) +SSL *s; + { + s->shutdown=0; + s->state=SSL_ST_ACCEPT|SSL_ST_BEFORE; + s->handshake_func=s->method->ssl_accept; + /* clear the current cipher */ + ssl_clear_cipher_ctx(s); + } + +void SSL_set_connect_state(s) +SSL *s; + { + s->shutdown=0; + s->state=SSL_ST_CONNECT|SSL_ST_BEFORE; + s->handshake_func=s->method->ssl_connect; + /* clear the current cipher */ + ssl_clear_cipher_ctx(s); + } + +int ssl_undefined_function(s) +SSL *s; + { + SSLerr(SSL_F_SSL_UNDEFINED_FUNCTION,ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); + return(0); + } + +SSL_METHOD *ssl_bad_method(ver) +int ver; + { + SSLerr(SSL_F_SSL_BAD_METHOD,ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); + return(NULL); + } + +char *SSL_get_version(s) +SSL *s; + { + if (s->version == TLS1_VERSION) + return("TLSv1"); + else if (s->version == SSL3_VERSION) + return("SSLv3"); + else if (s->version == SSL2_VERSION) + return("SSLv2"); + else + return("unknown"); + } + +SSL *SSL_dup(s) +SSL *s; + { + STACK *sk; + X509_NAME *xn; + SSL *ret; + int i; + + if ((ret=SSL_new(SSL_get_SSL_CTX(s))) == NULL) return(NULL); + + /* This copies version, session-id, SSL_METHOD and 'cert' */ + SSL_copy_session_id(ret,s); + + SSL_set_read_ahead(ret,SSL_get_read_ahead(s)); + SSL_set_verify(ret,SSL_get_verify_mode(s), + SSL_get_verify_callback(s)); + + SSL_set_info_callback(ret,SSL_get_info_callback(s)); + + ret->debug=s->debug; + ret->options=s->options; + + /* copy app data, a little dangerous perhaps */ + if (!CRYPTO_dup_ex_data(ssl_meth,&ret->ex_data,&s->ex_data)) + goto err; + + /* setup rbio, and wbio */ + if (s->rbio != NULL) + { + if (!BIO_dup_state(s->rbio,(char *)&ret->rbio)) + goto err; + } + if (s->wbio != NULL) + { + if (s->wbio != s->rbio) + { + if (!BIO_dup_state(s->wbio,(char *)&ret->wbio)) + goto err; + } + else + ret->wbio=ret->rbio; + } + + /* dup the cipher_list and cipher_list_by_id stacks */ + if (s->cipher_list != NULL) + { + if ((ret->cipher_list=sk_dup(s->cipher_list)) == NULL) + goto err; + } + if (s->cipher_list_by_id != NULL) + if ((ret->cipher_list_by_id=sk_dup(s->cipher_list_by_id)) + == NULL) + goto err; + + /* Dup the client_CA list */ + if (s->client_CA != NULL) + { + if ((sk=sk_dup(s->client_CA)) == NULL) goto err; + ret->client_CA=sk; + for (i=0; ishutdown=s->shutdown; + ret->state=s->state; + ret->handshake_func=s->handshake_func; + + if (0) + { +err: + if (ret != NULL) SSL_free(ret); + ret=NULL; + } + return(ret); + } + +void ssl_clear_cipher_ctx(s) +SSL *s; + { + if (s->enc_read_ctx != NULL) + { + EVP_CIPHER_CTX_cleanup(s->enc_read_ctx); + Free(s->enc_read_ctx); + s->enc_read_ctx=NULL; + } + if (s->enc_write_ctx != NULL) + { + EVP_CIPHER_CTX_cleanup(s->enc_write_ctx); + Free(s->enc_write_ctx); + s->enc_write_ctx=NULL; + } + } + +/* Fix this function so that it takes an optional type parameter */ +X509 *SSL_get_certificate(s) +SSL *s; + { + if (s->cert != NULL) + return(s->cert->key->x509); + else + return(NULL); + } + +/* Fix this function so that it takes an optional type parameter */ +EVP_PKEY *SSL_get_privatekey(s) +SSL *s; + { + if (s->cert != NULL) + return(s->cert->key->privatekey); + else + return(NULL); + } + +SSL_CIPHER *SSL_get_current_cipher(s) +SSL *s; + { + if ((s->session != NULL) && (s->session->cipher != NULL)) + return(s->session->cipher); + return(NULL); + } + +int ssl_init_wbio_buffer(s,push) +SSL *s; +int push; + { + BIO *bbio; + + if (s->bbio == NULL) + { + bbio=BIO_new(BIO_f_buffer()); + if (bbio == NULL) return(0); + s->bbio=bbio; + } + else + { + bbio=s->bbio; + if (s->bbio == s->wbio) + s->wbio=BIO_pop(s->wbio); + } + BIO_reset(bbio); +/* if (!BIO_set_write_buffer_size(bbio,16*1024)) */ + if (!BIO_set_read_buffer_size(bbio,1)) + { + SSLerr(SSL_F_SSL_INIT_WBIO_BUFFER,ERR_R_BUF_LIB); + return(0); + } + if (push) + { + if (s->wbio != bbio) + s->wbio=BIO_push(bbio,s->wbio); + } + else + { + if (s->wbio == bbio) + s->wbio=BIO_pop(bbio); + } + return(1); + } + +void SSL_CTX_set_quiet_shutdown(ctx,mode) +SSL_CTX *ctx; +int mode; + { + ctx->quiet_shutdown=mode; + } + +int SSL_CTX_get_quiet_shutdown(ctx) +SSL_CTX *ctx; + { + return(ctx->quiet_shutdown); + } + +void SSL_set_quiet_shutdown(s,mode) +SSL *s; +int mode; + { + s->quiet_shutdown=mode; + } + +int SSL_get_quiet_shutdown(s) +SSL *s; + { + return(s->quiet_shutdown); + } + +void SSL_set_shutdown(s,mode) +SSL *s; +int mode; + { + s->shutdown=mode; + } + +int SSL_get_shutdown(s) +SSL *s; + { + return(s->shutdown); + } + +int SSL_version(s) +SSL *s; + { + return(s->version); + } + +SSL_CTX *SSL_get_SSL_CTX(ssl) +SSL *ssl; + { + return(ssl->ctx); + } + +int SSL_CTX_set_default_verify_paths(ctx) +SSL_CTX *ctx; + { + return(X509_STORE_set_default_paths(ctx->cert_store)); + } + +int SSL_CTX_load_verify_locations(ctx,CAfile,CApath) +SSL_CTX *ctx; +char *CAfile; +char *CApath; + { + return(X509_STORE_load_locations(ctx->cert_store,CAfile,CApath)); + } + +void SSL_set_info_callback(ssl,cb) +SSL *ssl; +void (*cb)(); + { + ssl->info_callback=cb; + } + +void (*SSL_get_info_callback(ssl))() +SSL *ssl; + { + return(ssl->info_callback); + } + +int SSL_state(ssl) +SSL *ssl; + { + return(ssl->state); + } + +void SSL_set_verify_result(ssl,arg) +SSL *ssl; +long arg; + { + ssl->verify_result=arg; + } + +long SSL_get_verify_result(ssl) +SSL *ssl; + { + return(ssl->verify_result); + } + +int SSL_get_ex_new_index(argl,argp,new_func,dup_func,free_func) +long argl; +char *argp; +int (*new_func)(); +int (*dup_func)(); +void (*free_func)(); + { + ssl_meth_num++; + return(CRYPTO_get_ex_new_index(ssl_meth_num-1, + &ssl_meth,argl,argp,new_func,dup_func,free_func)); + } + +int SSL_set_ex_data(s,idx,arg) +SSL *s; +int idx; +char *arg; + { + return(CRYPTO_set_ex_data(&s->ex_data,idx,arg)); + } + +char *SSL_get_ex_data(s,idx) +SSL *s; +int idx; + { + return(CRYPTO_get_ex_data(&s->ex_data,idx)); + } + +int SSL_CTX_get_ex_new_index(argl,argp,new_func,dup_func,free_func) +long argl; +char *argp; +int (*new_func)(); +int (*dup_func)(); +void (*free_func)(); + { + ssl_ctx_meth_num++; + return(CRYPTO_get_ex_new_index(ssl_ctx_meth_num-1, + &ssl_ctx_meth,argl,argp,new_func,dup_func,free_func)); + } + +int SSL_CTX_set_ex_data(s,idx,arg) +SSL_CTX *s; +int idx; +char *arg; + { + return(CRYPTO_set_ex_data(&s->ex_data,idx,arg)); + } + +char *SSL_CTX_get_ex_data(s,idx) +SSL_CTX *s; +int idx; + { + return(CRYPTO_get_ex_data(&s->ex_data,idx)); + } + +#if defined(_WINDLL) && defined(WIN16) +#include "../crypto/bio/bss_file.c" +#endif + diff --git a/src/lib/libssl/ssl_locl.h b/src/lib/libssl/ssl_locl.h new file mode 100644 index 0000000000..b29517081b --- /dev/null +++ b/src/lib/libssl/ssl_locl.h @@ -0,0 +1,558 @@ +/* ssl/ssl_locl.h */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#ifndef HEADER_SSL_LOCL_H +#define HEADER_SSL_LOCL_H +#include +#include +#include +#include + +#include "e_os.h" + +#include "buffer.h" +#include "bio.h" +#include "crypto.h" +#include "evp.h" +#include "stack.h" +#include "x509.h" +#include "err.h" +#include "ssl.h" + + +#define c2l(c,l) (l = ((unsigned long)(*((c)++))) , \ + l|=(((unsigned long)(*((c)++)))<< 8), \ + l|=(((unsigned long)(*((c)++)))<<16), \ + l|=(((unsigned long)(*((c)++)))<<24)) + +/* NOTE - c is not incremented as per c2l */ +#define c2ln(c,l1,l2,n) { \ + c+=n; \ + l1=l2=0; \ + switch (n) { \ + case 8: l2 =((unsigned long)(*(--(c))))<<24; \ + case 7: l2|=((unsigned long)(*(--(c))))<<16; \ + case 6: l2|=((unsigned long)(*(--(c))))<< 8; \ + case 5: l2|=((unsigned long)(*(--(c)))); \ + case 4: l1 =((unsigned long)(*(--(c))))<<24; \ + case 3: l1|=((unsigned long)(*(--(c))))<<16; \ + case 2: l1|=((unsigned long)(*(--(c))))<< 8; \ + case 1: l1|=((unsigned long)(*(--(c)))); \ + } \ + } + +#define l2c(l,c) (*((c)++)=(unsigned char)(((l) )&0xff), \ + *((c)++)=(unsigned char)(((l)>> 8)&0xff), \ + *((c)++)=(unsigned char)(((l)>>16)&0xff), \ + *((c)++)=(unsigned char)(((l)>>24)&0xff)) + +#define n2l(c,l) (l =((unsigned long)(*((c)++)))<<24, \ + l|=((unsigned long)(*((c)++)))<<16, \ + l|=((unsigned long)(*((c)++)))<< 8, \ + l|=((unsigned long)(*((c)++)))) + +#define l2n(l,c) (*((c)++)=(unsigned char)(((l)>>24)&0xff), \ + *((c)++)=(unsigned char)(((l)>>16)&0xff), \ + *((c)++)=(unsigned char)(((l)>> 8)&0xff), \ + *((c)++)=(unsigned char)(((l) )&0xff)) + +/* NOTE - c is not incremented as per l2c */ +#define l2cn(l1,l2,c,n) { \ + c+=n; \ + switch (n) { \ + case 8: *(--(c))=(unsigned char)(((l2)>>24)&0xff); \ + case 7: *(--(c))=(unsigned char)(((l2)>>16)&0xff); \ + case 6: *(--(c))=(unsigned char)(((l2)>> 8)&0xff); \ + case 5: *(--(c))=(unsigned char)(((l2) )&0xff); \ + case 4: *(--(c))=(unsigned char)(((l1)>>24)&0xff); \ + case 3: *(--(c))=(unsigned char)(((l1)>>16)&0xff); \ + case 2: *(--(c))=(unsigned char)(((l1)>> 8)&0xff); \ + case 1: *(--(c))=(unsigned char)(((l1) )&0xff); \ + } \ + } + +#define n2s(c,s) (s =((unsigned int)(*((c)++)))<< 8, \ + s|=((unsigned int)(*((c)++)))) +#define s2n(s,c) (*((c)++)=(unsigned char)(((s)>> 8)&0xff), \ + *((c)++)=(unsigned char)(((s) )&0xff)) + +#define n2l3(c,l) (l =((unsigned long)(*((c)++)))<<16, \ + l|=((unsigned long)(*((c)++)))<< 8, \ + l|=((unsigned long)(*((c)++)))) + +#define l2n3(l,c) (*((c)++)=(unsigned char)(((l)>>16)&0xff), \ + *((c)++)=(unsigned char)(((l)>> 8)&0xff), \ + *((c)++)=(unsigned char)(((l) )&0xff)) + +/* LOCAL STUFF */ + +#define SSL_DECRYPT 0 +#define SSL_ENCRYPT 1 + +#define TWO_BYTE_BIT 0x80 +#define SEC_ESC_BIT 0x40 +#define TWO_BYTE_MASK 0x7fff +#define THREE_BYTE_MASK 0x3fff + +#define INC32(a) ((a)=((a)+1)&0xffffffffL) +#define DEC32(a) ((a)=((a)-1)&0xffffffffL) +#define MAX_MAC_SIZE 20 /* up from 16 for SSLv3 */ + +#define SSL_MKEY_MASK 0x0000001FL +#define SSL_kRSA 0x00000001L /* RSA key exchange */ +#define SSL_kDHr 0x00000002L /* DH cert RSA CA cert */ +#define SSL_kDHd 0x00000004L /* DH cert DSA CA cert */ +#define SSL_kFZA 0x00000008L +#define SSL_kEDH 0x00000010L /* tmp DH key no DH cert */ +#define SSL_EDH (SSL_kEDH|(SSL_AUTH_MASK^SSL_aNULL)) + +#define SSL_AUTH_MASK 0x000003e0L +#define SSL_aRSA 0x00000020L /* Authenticate with RSA */ +#define SSL_aDSS 0x00000040L /* Authenticate with DSS */ +#define SSL_DSS SSL_aDSS +#define SSL_aFZA 0x00000080L +#define SSL_aNULL 0x00000100L /* no Authenticate, ADH */ +#define SSL_aDH 0x00000200L /* no Authenticate, ADH */ + +#define SSL_NULL (SSL_eNULL) +#define SSL_ADH (SSL_kEDH|SSL_aNULL) +#define SSL_RSA (SSL_kRSA|SSL_aRSA) +#define SSL_DH (SSL_kDHr|SSL_kDHd|SSL_kEDH) +#define SSL_FZA (SSL_aFZA|SSL_kFZA|SSL_eFZA) + +#define SSL_ENC_MASK 0x0001Fc00L +#define SSL_DES 0x00000400L +#define SSL_3DES 0x00000800L +#define SSL_RC4 0x00001000L +#define SSL_RC2 0x00002000L +#define SSL_IDEA 0x00004000L +#define SSL_eFZA 0x00008000L +#define SSL_eNULL 0x00010000L + +#define SSL_MAC_MASK 0x00060000L +#define SSL_MD5 0x00020000L +#define SSL_SHA1 0x00040000L +#define SSL_SHA (SSL_SHA1) + +#define SSL_EXP_MASK 0x00300000L +#define SSL_EXP 0x00100000L +#define SSL_NOT_EXP 0x00200000L +#define SSL_EXPORT SSL_EXP + +#define SSL_SSL_MASK 0x00c00000L +#define SSL_SSLV2 0x00400000L +#define SSL_SSLV3 0x00800000L + +#define SSL_STRONG_MASK 0x07000000L +#define SSL_LOW 0x01000000L +#define SSL_MEDIUM 0x02000000L +#define SSL_HIGH 0x04000000L + +/* we have used 0fffffff - 4 bits left to go */ +#define SSL_ALL 0xffffffffL +#define SSL_ALL_CIPHERS (SSL_MKEY_MASK|SSL_AUTH_MASK|SSL_ENC_MASK|\ + SSL_MAC_MASK|SSL_EXP_MASK) + +/* Mostly for SSLv3 */ +#define SSL_PKEY_RSA_ENC 0 +#define SSL_PKEY_RSA_SIGN 1 +#define SSL_PKEY_DSA_SIGN 2 +#define SSL_PKEY_DH_RSA 3 +#define SSL_PKEY_DH_DSA 4 +#define SSL_PKEY_NUM 5 + +/* SSL_kRSA <- RSA_ENC | (RSA_TMP & RSA_SIGN) | + * <- (EXPORT & (RSA_ENC | RSA_TMP) & RSA_SIGN) + * SSL_kDH <- DH_ENC & (RSA_ENC | RSA_SIGN | DSA_SIGN) + * SSL_kEDH <- RSA_ENC | RSA_SIGN | DSA_SIGN + * SSL_aRSA <- RSA_ENC | RSA_SIGN + * SSL_aDSS <- DSA_SIGN + */ + +/* +#define CERT_INVALID 0 +#define CERT_PUBLIC_KEY 1 +#define CERT_PRIVATE_KEY 2 +*/ + +typedef struct cert_pkey_st + { + X509 *x509; +/* EVP_PKEY *publickey; *//* when extracted */ + EVP_PKEY *privatekey; + } CERT_PKEY; + +typedef struct cert_st + { + int cert_type; + +#ifdef undef + X509 *x509; + EVP_PKEY *publickey; /* when extracted */ + EVP_PKEY *privatekey; + + pkeys[SSL_PKEY_RSA_ENC].x509 +/* pkeys[SSL_PKEY_RSA_ENC].publickey */ + pkeys[SSL_PKEY_RSA_ENC].privatekey +#endif + + /* Current active set */ + CERT_PKEY *key; + + /* The following masks are for the key and auth + * algorithms that are supported by the certs below */ + int valid; + unsigned long mask; + unsigned long export_mask; + + RSA *rsa_tmp; + DH *dh_tmp; + RSA *(*rsa_tmp_cb)(); + DH *(*dh_tmp_cb)(); + CERT_PKEY pkeys[SSL_PKEY_NUM]; + + STACK *cert_chain; + + int references; + } CERT; + +/*#define MAC_DEBUG */ + +/*#define ERR_DEBUG */ +/*#define ABORT_DEBUG */ +/*#define PKT_DEBUG 1 */ +/*#define DES_DEBUG */ +/*#define DES_OFB_DEBUG */ +/*#define SSL_DEBUG */ +/*#define RSA_DEBUG */ +/*#define IDEA_DEBUG */ + +#ifndef NOPROTO +#define FP_ICC (int (*)(const void *,const void *)) +#else +#define FP_ICC +#endif + +#define ssl_put_cipher_by_char(ssl,ciph,ptr) \ + ((ssl)->method->put_cipher_by_char((ciph),(ptr))) +#define ssl_get_cipher_by_char(ssl,ptr) \ + ((ssl)->method->get_cipher_by_char(ptr)) + +/* This is for the SSLv3/TLSv1.0 differences in crypto/hash stuff + * It is a bit of a mess of functions, but hell, think of it as + * an opaque strucute :-) */ +typedef struct ssl3_enc_method + { + int (*enc)(); + int (*mac)(); + int (*setup_key_block)(); + int (*generate_master_secret)(); + int (*change_cipher_state)(); + int (*final_finish_mac)(); + int finish_mac_length; + int (*cert_verify_mac)(); + unsigned char client_finished[20]; + int client_finished_len; + unsigned char server_finished[20]; + int server_finished_len; + int (*alert_value)(); + } SSL3_ENC_METHOD; + +extern SSL3_ENC_METHOD ssl3_undef_enc_method; +extern SSL_CIPHER ssl2_ciphers[]; +extern SSL_CIPHER ssl3_ciphers[]; + +#ifndef NOPROTO + +SSL_METHOD *ssl_bad_method(int ver); +SSL_METHOD *sslv2_base_method(void); +SSL_METHOD *sslv23_base_method(void); +SSL_METHOD *sslv3_base_method(void); + +void ssl_clear_cipher_ctx(SSL *s); +int ssl_clear_bad_session(SSL *s); +CERT *ssl_cert_new(void); +void ssl_cert_free(CERT *c); +int ssl_set_cert_type(CERT *c, int type); +int ssl_get_new_session(SSL *s, int session); +int ssl_get_prev_session(SSL *s, unsigned char *session,int len); +int ssl_cipher_id_cmp(SSL_CIPHER *a,SSL_CIPHER *b); +int ssl_cipher_ptr_id_cmp(SSL_CIPHER **ap,SSL_CIPHER **bp); +STACK *ssl_bytes_to_cipher_list(SSL *s,unsigned char *p,int num,STACK **skp); +int ssl_cipher_list_to_bytes(SSL *s,STACK *sk,unsigned char *p); +STACK *ssl_create_cipher_list(SSL_METHOD *meth,STACK **pref, + STACK **sorted,char *str); +void ssl_update_cache(SSL *s, int mode); +int ssl_cipher_get_evp(SSL_CIPHER *c, EVP_CIPHER **enc, EVP_MD **md); +int ssl_verify_cert_chain(SSL *s,STACK *sk); +int ssl_undefined_function(SSL *s); +X509 *ssl_get_server_send_cert(SSL *); +EVP_PKEY *ssl_get_sign_pkey(SSL *,SSL_CIPHER *); +int ssl_cert_type(X509 *x,EVP_PKEY *pkey); +void ssl_set_cert_masks(CERT *c); +STACK *ssl_get_ciphers_by_id(SSL *s); +int ssl_verify_alarm_type(long type); + +int ssl2_enc_init(SSL *s, int client); +void ssl2_generate_key_material(SSL *s); +void ssl2_enc(SSL *s,int send_data); +void ssl2_mac(SSL *s,unsigned char *mac,int send_data); +SSL_CIPHER *ssl2_get_cipher_by_char(unsigned char *p); +int ssl2_put_cipher_by_char(SSL_CIPHER *c,unsigned char *p); +int ssl2_part_read(SSL *s, unsigned long f, int i); +int ssl2_do_write(SSL *s); +int ssl2_set_certificate(SSL *s, int type, int len, unsigned char *data); +void ssl2_return_error(SSL *s,int reason); +void ssl2_write_error(SSL *s); +int ssl2_num_ciphers(void); +SSL_CIPHER *ssl2_get_cipher(unsigned int u); +int ssl2_new(SSL *s); +void ssl2_free(SSL *s); +int ssl2_accept(SSL *s); +int ssl2_connect(SSL *s); +int ssl2_read(SSL *s, char *buf, int len); +int ssl2_peek(SSL *s, char *buf, int len); +int ssl2_write(SSL *s, char *buf, int len); +int ssl2_shutdown(SSL *s); +void ssl2_clear(SSL *s); +long ssl2_ctrl(SSL *s,int cmd, long larg, char *parg); +long ssl2_ctx_ctrl(SSL_CTX *s,int cmd, long larg, char *parg); +int ssl2_pending(SSL *s); + +SSL_CIPHER *ssl3_get_cipher_by_char(unsigned char *p); +int ssl3_put_cipher_by_char(SSL_CIPHER *c,unsigned char *p); +void ssl3_init_finished_mac(SSL *s); +int ssl3_send_server_certificate(SSL *s); +int ssl3_get_finished(SSL *s,int state_a,int state_b); +int ssl3_setup_key_block(SSL *s); +int ssl3_send_change_cipher_spec(SSL *s,int state_a,int state_b); +int ssl3_change_cipher_state(SSL *s,int which); +void ssl3_cleanup_key_block(SSL *s); +int ssl3_do_write(SSL *s,int type); +void ssl3_send_alert(SSL *s,int level, int desc); +int ssl3_generate_master_secret(SSL *s, unsigned char *out, + unsigned char *p, int len); +int ssl3_get_req_cert_type(SSL *s,unsigned char *p); +long ssl3_get_message(SSL *s, int st1, int stn, int mt, long max, int *ok); +int ssl3_send_finished(SSL *s, int a, int b, unsigned char *sender,int slen); +int ssl3_num_ciphers(void); +SSL_CIPHER *ssl3_get_cipher(unsigned int u); +int ssl3_renegotiate(SSL *ssl); +int ssl3_renegotiate_check(SSL *ssl); +int ssl3_dispatch_alert(SSL *s); +int ssl3_read_bytes(SSL *s, int type, char *buf, int len); +int ssl3_part_read(SSL *s, int i); +int ssl3_write_bytes(SSL *s, int type, char *buf, int len); +int ssl3_final_finish_mac(SSL *s, EVP_MD_CTX *ctx1,EVP_MD_CTX *ctx2, + unsigned char *sender, int slen,unsigned char *p); +int ssl3_cert_verify_mac(SSL *s, EVP_MD_CTX *in, unsigned char *p); +void ssl3_finish_mac(SSL *s, unsigned char *buf, int len); +int ssl3_enc(SSL *s, int send_data); +int ssl3_mac(SSL *ssl, unsigned char *md, int send_data); +unsigned long ssl3_output_cert_chain(SSL *s, X509 *x); +SSL_CIPHER *ssl3_choose_cipher(SSL *ssl,STACK *have,STACK *pref); +int ssl3_setup_buffers(SSL *s); +int ssl3_new(SSL *s); +void ssl3_free(SSL *s); +int ssl3_accept(SSL *s); +int ssl3_connect(SSL *s); +int ssl3_read(SSL *s, char *buf, int len); +int ssl3_peek(SSL *s,char *buf, int len); +int ssl3_write(SSL *s, char *buf, int len); +int ssl3_shutdown(SSL *s); +void ssl3_clear(SSL *s); +long ssl3_ctrl(SSL *s,int cmd, long larg, char *parg); +long ssl3_ctx_ctrl(SSL_CTX *s,int cmd, long larg, char *parg); +int ssl3_pending(SSL *s); + +int ssl23_accept(SSL *s); +int ssl23_connect(SSL *s); +int ssl23_read_bytes(SSL *s, int n); +int ssl23_write_bytes(SSL *s); + +int tls1_new(SSL *s); +void tls1_free(SSL *s); +void tls1_clear(SSL *s); +long tls1_ctrl(SSL *s,int cmd, long larg, char *parg); +SSL_METHOD *tlsv1_base_method(void ); + + +int ssl_init_wbio_buffer(SSL *s, int push); + +int tls1_change_cipher_state(SSL *s, int which); +int tls1_setup_key_block(SSL *s); +int tls1_enc(SSL *s, int snd); +int tls1_final_finish_mac(SSL *s, EVP_MD_CTX *in1_ctx, EVP_MD_CTX *in2_ctx, + unsigned char *str, int slen, unsigned char *p); +int tls1_cert_verify_mac(SSL *s, EVP_MD_CTX *in, unsigned char *p); +int tls1_mac(SSL *ssl, unsigned char *md, int snd); +int tls1_generate_master_secret(SSL *s, unsigned char *out, + unsigned char *p, int len); +int tls1_alert_code(int code); +int ssl3_alert_code(int code); + + +#else + +SSL_METHOD *ssl_bad_method(); +SSL_METHOD *sslv2_base_method(); +SSL_METHOD *sslv23_base_method(); +SSL_METHOD *sslv3_base_method(); + +void ssl_clear_cipher_ctx(); +int ssl_clear_bad_session(); +CERT *ssl_cert_new(); +void ssl_cert_free(); +int ssl_set_cert_type(); +int ssl_get_new_session(); +int ssl_get_prev_session(); +int ssl_cipher_id_cmp(); +int ssl_cipher_ptr_id_cmp(); +STACK *ssl_bytes_to_cipher_list(); +int ssl_cipher_list_to_bytes(); +STACK *ssl_create_cipher_list(); +void ssl_update_cache(); +int ssl_session_get_ciphers(); +int ssl_verify_cert_chain(); +int ssl_undefined_function(); +X509 *ssl_get_server_send_cert(); +EVP_PKEY *ssl_get_sign_pkey(); +int ssl_cert_type(); +void ssl_set_cert_masks(); +STACK *ssl_get_ciphers_by_id(); +int ssl_verify_alarm_type(); + +int ssl2_enc_init(); +void ssl2_generate_key_material(); +void ssl2_enc(); +void ssl2_mac(); +SSL_CIPHER *ssl2_get_cipher_by_char(); +int ssl2_put_cipher_by_char(); +int ssl2_part_read(); +int ssl2_do_write(); +int ssl2_set_certificate(); +void ssl2_return_error(); +void ssl2_write_error(); +int ssl2_num_ciphers(); +SSL_CIPHER *ssl2_get_cipher(); +int ssl2_new(); +void ssl2_free(); +int ssl2_accept(); +int ssl2_connect(); +int ssl2_read(); +int ssl2_peek(); +int ssl2_write(); +int ssl2_shutdown(); +void ssl2_clear(); +long ssl2_ctrl(); +long ssl2_ctx_ctrl(); +int ssl2_pending(); + +SSL_CIPHER *ssl3_get_cipher_by_char(); +int ssl3_put_cipher_by_char(); +void ssl3_init_finished_mac(); +int ssl3_send_server_certificate(); +int ssl3_get_finished(); +int ssl3_setup_key_block(); +int ssl3_send_change_cipher_spec(); +int ssl3_change_cipher_state(); +void ssl3_cleanup_key_block(); +int ssl3_do_write(); +void ssl3_send_alert(); +int ssl3_generate_master_secret(); +int ssl3_get_req_cert_type(); +long ssl3_get_message(); +int ssl3_send_finished(); +int ssl3_num_ciphers(); +SSL_CIPHER *ssl3_get_cipher(); +int ssl3_renegotiate(); +int ssl3_renegotiate_check(); +int ssl3_dispatch_alert(); +int ssl3_read_bytes(); +int ssl3_part_read(); +int ssl3_write_bytes(); +int ssl3_final_finish_mac(); +void ssl3_finish_mac(); +int ssl3_enc(); +int ssl3_mac(); +unsigned long ssl3_output_cert_chain(); +SSL_CIPHER *ssl3_choose_cipher(); +int ssl3_setup_buffers(); +int ssl3_new(); +void ssl3_free(); +int ssl3_accept(); +int ssl3_connect(); +int ssl3_read(); +int ssl3_peek(); +int ssl3_write(); +int ssl3_shutdown(); +void ssl3_clear(); +long ssl3_ctrl(); +long ssl3_ctx_ctrl(); +int ssl3_pending(); + +int ssl23_accept(); +int ssl23_connect(); +int ssl23_read_bytes(); +int ssl23_write_bytes(); + +int ssl_init_wbio_buffer(); + +#endif + +#endif diff --git a/src/lib/libssl/ssl_rsa.c b/src/lib/libssl/ssl_rsa.c new file mode 100644 index 0000000000..140475e5fb --- /dev/null +++ b/src/lib/libssl/ssl_rsa.c @@ -0,0 +1,831 @@ +/* ssl/ssl_rsa.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include +#include "bio.h" +#include "objects.h" +#include "evp.h" +#include "x509.h" +#include "pem.h" +#include "ssl_locl.h" + +#ifndef NOPROTO +static int ssl_set_cert(CERT *c, X509 *x509); +static int ssl_set_pkey(CERT *c, EVP_PKEY *pkey); +#else +static int ssl_set_cert(); +static int ssl_set_pkey(); +#endif + +int SSL_use_certificate(ssl, x) +SSL *ssl; +X509 *x; + { + CERT *c; + + if (x == NULL) + { + SSLerr(SSL_F_SSL_USE_CERTIFICATE,ERR_R_PASSED_NULL_PARAMETER); + return(0); + } + if ((ssl->cert == NULL) || (ssl->cert == ssl->ctx->default_cert)) + { + c=ssl_cert_new(); + if (c == NULL) + { + SSLerr(SSL_F_SSL_USE_CERTIFICATE,ERR_R_MALLOC_FAILURE); + return(0); + } + if (ssl->cert != NULL) ssl_cert_free(ssl->cert); + ssl->cert=c; + } + c=ssl->cert; + + return(ssl_set_cert(c,x)); + } + +#ifndef NO_STDIO +int SSL_use_certificate_file(ssl, file, type) +SSL *ssl; +char *file; +int type; + { + int j; + BIO *in; + int ret=0; + X509 *x=NULL; + + in=BIO_new(BIO_s_file_internal()); + if (in == NULL) + { + SSLerr(SSL_F_SSL_USE_CERTIFICATE_FILE,ERR_R_BUF_LIB); + goto end; + } + + if (BIO_read_filename(in,file) <= 0) + { + SSLerr(SSL_F_SSL_USE_CERTIFICATE_FILE,ERR_R_SYS_LIB); + goto end; + } + if (type == SSL_FILETYPE_ASN1) + { + j=ERR_R_ASN1_LIB; + x=d2i_X509_bio(in,NULL); + } + else if (type == SSL_FILETYPE_PEM) + { + j=ERR_R_PEM_LIB; + x=PEM_read_bio_X509(in,NULL,ssl->ctx->default_passwd_callback); + } + else + { + SSLerr(SSL_F_SSL_USE_CERTIFICATE_FILE,SSL_R_BAD_SSL_FILETYPE); + goto end; + } + + if (x == NULL) + { + SSLerr(SSL_F_SSL_USE_CERTIFICATE_FILE,j); + goto end; + } + + ret=SSL_use_certificate(ssl,x); +end: + if (x != NULL) X509_free(x); + if (in != NULL) BIO_free(in); + return(ret); + } +#endif + +int SSL_use_certificate_ASN1(ssl, len, d) +SSL *ssl; +int len; +unsigned char *d; + { + X509 *x; + int ret; + + x=d2i_X509(NULL,&d,(long)len); + if (x == NULL) + { + SSLerr(SSL_F_SSL_USE_CERTIFICATE_ASN1,ERR_R_ASN1_LIB); + return(0); + } + + ret=SSL_use_certificate(ssl,x); + X509_free(x); + return(ret); + } + +#ifndef NO_RSA +int SSL_use_RSAPrivateKey(ssl, rsa) +SSL *ssl; +RSA *rsa; + { + CERT *c; + EVP_PKEY *pkey; + int ret; + + if (rsa == NULL) + { + SSLerr(SSL_F_SSL_USE_RSAPRIVATEKEY,ERR_R_PASSED_NULL_PARAMETER); + return(0); + } + + if ((ssl->cert == NULL) || (ssl->cert == ssl->ctx->default_cert)) + { + c=ssl_cert_new(); + if (c == NULL) + { + SSLerr(SSL_F_SSL_USE_RSAPRIVATEKEY,ERR_R_MALLOC_FAILURE); + return(0); + } + if (ssl->cert != NULL) ssl_cert_free(ssl->cert); + ssl->cert=c; + } + c=ssl->cert; + if ((pkey=EVP_PKEY_new()) == NULL) + { + SSLerr(SSL_F_SSL_USE_RSAPRIVATEKEY,ERR_R_EVP_LIB); + return(0); + } + + CRYPTO_add(&rsa->references,1,CRYPTO_LOCK_RSA); + EVP_PKEY_assign_RSA(pkey,rsa); + + ret=ssl_set_pkey(c,pkey); + EVP_PKEY_free(pkey); + return(ret); + } +#endif + +static int ssl_set_pkey(c,pkey) +CERT *c; +EVP_PKEY *pkey; + { + int i,ok=0,bad=0; + + i=ssl_cert_type(NULL,pkey); + if (i < 0) + { + SSLerr(SSL_F_SSL_SET_PKEY,SSL_R_UNKNOWN_CERTIFICATE_TYPE); + return(0); + } + + if (c->pkeys[i].x509 != NULL) + { +#ifndef NO_RSA + /* Don't check the public/private key, this is mostly + * for smart cards. */ + if ((pkey->type == EVP_PKEY_RSA) && + (RSA_flags(pkey->pkey.rsa) & + RSA_METHOD_FLAG_NO_CHECK)) + ok=1; + else +#endif + if (!X509_check_private_key(c->pkeys[i].x509,pkey)) + { + if ((i == SSL_PKEY_DH_RSA) || (i == SSL_PKEY_DH_DSA)) + { + i=(i == SSL_PKEY_DH_RSA)? + SSL_PKEY_DH_DSA:SSL_PKEY_DH_RSA; + + if (c->pkeys[i].x509 == NULL) + ok=1; + else + { + if (!X509_check_private_key( + c->pkeys[i].x509,pkey)) + bad=1; + else + ok=1; + } + } + else + bad=1; + } + else + ok=1; + } + else + ok=1; + + if (bad) + { + X509_free(c->pkeys[i].x509); + c->pkeys[i].x509=NULL; + return(0); + } + + if (c->pkeys[i].privatekey != NULL) + EVP_PKEY_free(c->pkeys[i].privatekey); + CRYPTO_add(&pkey->references,1,CRYPTO_LOCK_EVP_PKEY); + c->pkeys[i].privatekey=pkey; + c->key= &(c->pkeys[i]); + + c->valid=0; + return(1); + } + +#ifndef NO_RSA +#ifndef NO_STDIO +int SSL_use_RSAPrivateKey_file(ssl, file, type) +SSL *ssl; +char *file; +int type; + { + int j,ret=0; + BIO *in; + RSA *rsa=NULL; + + in=BIO_new(BIO_s_file_internal()); + if (in == NULL) + { + SSLerr(SSL_F_SSL_USE_RSAPRIVATEKEY_FILE,ERR_R_BUF_LIB); + goto end; + } + + if (BIO_read_filename(in,file) <= 0) + { + SSLerr(SSL_F_SSL_USE_RSAPRIVATEKEY_FILE,ERR_R_SYS_LIB); + goto end; + } + if (type == SSL_FILETYPE_ASN1) + { + j=ERR_R_ASN1_LIB; + rsa=d2i_RSAPrivateKey_bio(in,NULL); + } + else if (type == SSL_FILETYPE_PEM) + { + j=ERR_R_PEM_LIB; + rsa=PEM_read_bio_RSAPrivateKey(in,NULL, + ssl->ctx->default_passwd_callback); + } + else + { + SSLerr(SSL_F_SSL_USE_RSAPRIVATEKEY_FILE,SSL_R_BAD_SSL_FILETYPE); + goto end; + } + if (rsa == NULL) + { + SSLerr(SSL_F_SSL_USE_RSAPRIVATEKEY_FILE,j); + goto end; + } + ret=SSL_use_RSAPrivateKey(ssl,rsa); + RSA_free(rsa); +end: + if (in != NULL) BIO_free(in); + return(ret); + } +#endif + +int SSL_use_RSAPrivateKey_ASN1(ssl,d,len) +SSL *ssl; +unsigned char *d; +long len; + { + int ret; + unsigned char *p; + RSA *rsa; + + p=d; + if ((rsa=d2i_RSAPrivateKey(NULL,&p,(long)len)) == NULL) + { + SSLerr(SSL_F_SSL_USE_RSAPRIVATEKEY_ASN1,ERR_R_ASN1_LIB); + return(0); + } + + ret=SSL_use_RSAPrivateKey(ssl,rsa); + RSA_free(rsa); + return(ret); + } +#endif /* !NO_RSA */ + +int SSL_use_PrivateKey(ssl, pkey) +SSL *ssl; +EVP_PKEY *pkey; + { + CERT *c; + int ret; + + if (pkey == NULL) + { + SSLerr(SSL_F_SSL_USE_PRIVATEKEY,ERR_R_PASSED_NULL_PARAMETER); + return(0); + } + + if ((ssl->cert == NULL) || (ssl->cert == ssl->ctx->default_cert)) + { + c=ssl_cert_new(); + if (c == NULL) + { + SSLerr(SSL_F_SSL_USE_PRIVATEKEY,ERR_R_MALLOC_FAILURE); + return(0); + } + if (ssl->cert != NULL) ssl_cert_free(ssl->cert); + ssl->cert=c; + } + c=ssl->cert; + + ret=ssl_set_pkey(c,pkey); + return(ret); + } + +#ifndef NO_STDIO +int SSL_use_PrivateKey_file(ssl, file, type) +SSL *ssl; +char *file; +int type; + { + int j,ret=0; + BIO *in; + EVP_PKEY *pkey=NULL; + + in=BIO_new(BIO_s_file_internal()); + if (in == NULL) + { + SSLerr(SSL_F_SSL_USE_PRIVATEKEY_FILE,ERR_R_BUF_LIB); + goto end; + } + + if (BIO_read_filename(in,file) <= 0) + { + SSLerr(SSL_F_SSL_USE_PRIVATEKEY_FILE,ERR_R_SYS_LIB); + goto end; + } + if (type == SSL_FILETYPE_PEM) + { + j=ERR_R_PEM_LIB; + pkey=PEM_read_bio_PrivateKey(in,NULL, + ssl->ctx->default_passwd_callback); + } + else + { + SSLerr(SSL_F_SSL_USE_PRIVATEKEY_FILE,SSL_R_BAD_SSL_FILETYPE); + goto end; + } + if (pkey == NULL) + { + SSLerr(SSL_F_SSL_USE_PRIVATEKEY_FILE,j); + goto end; + } + ret=SSL_use_PrivateKey(ssl,pkey); + EVP_PKEY_free(pkey); +end: + if (in != NULL) BIO_free(in); + return(ret); + } +#endif + +int SSL_use_PrivateKey_ASN1(type,ssl,d,len) +int type; +SSL *ssl; +unsigned char *d; +long len; + { + int ret; + unsigned char *p; + EVP_PKEY *pkey; + + p=d; + if ((pkey=d2i_PrivateKey(type,NULL,&p,(long)len)) == NULL) + { + SSLerr(SSL_F_SSL_USE_PRIVATEKEY_ASN1,ERR_R_ASN1_LIB); + return(0); + } + + ret=SSL_use_PrivateKey(ssl,pkey); + EVP_PKEY_free(pkey); + return(ret); + } + +int SSL_CTX_use_certificate(ctx, x) +SSL_CTX *ctx; +X509 *x; + { + CERT *c; + + if (x == NULL) + { + SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE,ERR_R_PASSED_NULL_PARAMETER); + return(0); + } + + if (ctx->default_cert == NULL) + { + c=ssl_cert_new(); + if (c == NULL) + { + SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE,ERR_R_MALLOC_FAILURE); + return(0); + } + ctx->default_cert=c; + } + c=ctx->default_cert; + + return(ssl_set_cert(c,x)); + } + +static int ssl_set_cert(c,x) +CERT *c; +X509 *x; + { + EVP_PKEY *pkey; + int i,ok=0,bad=0; + + pkey=X509_get_pubkey(x); + if (pkey == NULL) + { + SSLerr(SSL_F_SSL_SET_CERT,SSL_R_X509_LIB); + return(0); + } + + i=ssl_cert_type(x,pkey); + if (i < 0) + { + SSLerr(SSL_F_SSL_SET_CERT,SSL_R_UNKNOWN_CERTIFICATE_TYPE); + return(0); + } + + if (c->pkeys[i].privatekey != NULL) + { + if (!X509_check_private_key(x,c->pkeys[i].privatekey)) + { + if ((i == SSL_PKEY_DH_RSA) || (i == SSL_PKEY_DH_DSA)) + { + i=(i == SSL_PKEY_DH_RSA)? + SSL_PKEY_DH_DSA:SSL_PKEY_DH_RSA; + + if (c->pkeys[i].privatekey == NULL) + ok=1; + else + { + if (!X509_check_private_key(x, + c->pkeys[i].privatekey)) + bad=1; + else + ok=1; + } + } + else + bad=1; + } + else + ok=1; + } + else + ok=1; + + if (bad) + { + EVP_PKEY_free(c->pkeys[i].privatekey); + c->pkeys[i].privatekey=NULL; + } + + if (c->pkeys[i].x509 != NULL) + X509_free(c->pkeys[i].x509); + CRYPTO_add(&x->references,1,CRYPTO_LOCK_X509); + c->pkeys[i].x509=x; + c->key= &(c->pkeys[i]); + + c->valid=0; + return(1); + } + +#ifndef NO_STDIO +int SSL_CTX_use_certificate_file(ctx, file, type) +SSL_CTX *ctx; +char *file; +int type; + { + int j; + BIO *in; + int ret=0; + X509 *x=NULL; + + in=BIO_new(BIO_s_file_internal()); + if (in == NULL) + { + SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE_FILE,ERR_R_BUF_LIB); + goto end; + } + + if (BIO_read_filename(in,file) <= 0) + { + SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE_FILE,ERR_R_SYS_LIB); + goto end; + } + if (type == SSL_FILETYPE_ASN1) + { + j=ERR_R_ASN1_LIB; + x=d2i_X509_bio(in,NULL); + } + else if (type == SSL_FILETYPE_PEM) + { + j=ERR_R_PEM_LIB; + x=PEM_read_bio_X509(in,NULL,ctx->default_passwd_callback); + } + else + { + SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE_FILE,SSL_R_BAD_SSL_FILETYPE); + goto end; + } + + if (x == NULL) + { + SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE_FILE,j); + goto end; + } + + ret=SSL_CTX_use_certificate(ctx,x); +end: + if (x != NULL) X509_free(x); + if (in != NULL) BIO_free(in); + return(ret); + } +#endif + +int SSL_CTX_use_certificate_ASN1(ctx, len, d) +SSL_CTX *ctx; +int len; +unsigned char *d; + { + X509 *x; + int ret; + + x=d2i_X509(NULL,&d,(long)len); + if (x == NULL) + { + SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE_ASN1,ERR_R_ASN1_LIB); + return(0); + } + + ret=SSL_CTX_use_certificate(ctx,x); + X509_free(x); + return(ret); + } + +#ifndef NO_RSA +int SSL_CTX_use_RSAPrivateKey(ctx, rsa) +SSL_CTX *ctx; +RSA *rsa; + { + int ret; + CERT *c; + EVP_PKEY *pkey; + + if (rsa == NULL) + { + SSLerr(SSL_F_SSL_CTX_USE_RSAPRIVATEKEY,ERR_R_PASSED_NULL_PARAMETER); + return(0); + } + if (ctx->default_cert == NULL) + { + c=ssl_cert_new(); + if (c == NULL) + { + SSLerr(SSL_F_SSL_CTX_USE_RSAPRIVATEKEY,ERR_R_MALLOC_FAILURE); + return(0); + } + ctx->default_cert=c; + } + c=ctx->default_cert; + + if ((pkey=EVP_PKEY_new()) == NULL) + { + SSLerr(SSL_F_SSL_CTX_USE_RSAPRIVATEKEY,ERR_R_EVP_LIB); + return(0); + } + + CRYPTO_add(&rsa->references,1,CRYPTO_LOCK_RSA); + EVP_PKEY_assign_RSA(pkey,rsa); + + ret=ssl_set_pkey(c,pkey); + EVP_PKEY_free(pkey); + return(ret); + } + +#ifndef NO_STDIO +int SSL_CTX_use_RSAPrivateKey_file(ctx, file, type) +SSL_CTX *ctx; +char *file; +int type; + { + int j,ret=0; + BIO *in; + RSA *rsa=NULL; + + in=BIO_new(BIO_s_file_internal()); + if (in == NULL) + { + SSLerr(SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_FILE,ERR_R_BUF_LIB); + goto end; + } + + if (BIO_read_filename(in,file) <= 0) + { + SSLerr(SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_FILE,ERR_R_SYS_LIB); + goto end; + } + if (type == SSL_FILETYPE_ASN1) + { + j=ERR_R_ASN1_LIB; + rsa=d2i_RSAPrivateKey_bio(in,NULL); + } + else if (type == SSL_FILETYPE_PEM) + { + j=ERR_R_PEM_LIB; + rsa=PEM_read_bio_RSAPrivateKey(in,NULL, + ctx->default_passwd_callback); + } + else + { + SSLerr(SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_FILE,SSL_R_BAD_SSL_FILETYPE); + goto end; + } + if (rsa == NULL) + { + SSLerr(SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_FILE,j); + goto end; + } + ret=SSL_CTX_use_RSAPrivateKey(ctx,rsa); + RSA_free(rsa); +end: + if (in != NULL) BIO_free(in); + return(ret); + } +#endif + +int SSL_CTX_use_RSAPrivateKey_ASN1(ctx,d,len) +SSL_CTX *ctx; +unsigned char *d; +long len; + { + int ret; + unsigned char *p; + RSA *rsa; + + p=d; + if ((rsa=d2i_RSAPrivateKey(NULL,&p,(long)len)) == NULL) + { + SSLerr(SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_ASN1,ERR_R_ASN1_LIB); + return(0); + } + + ret=SSL_CTX_use_RSAPrivateKey(ctx,rsa); + RSA_free(rsa); + return(ret); + } +#endif /* !NO_RSA */ + +int SSL_CTX_use_PrivateKey(ctx, pkey) +SSL_CTX *ctx; +EVP_PKEY *pkey; + { + CERT *c; + + if (pkey == NULL) + { + SSLerr(SSL_F_SSL_CTX_USE_PRIVATEKEY,ERR_R_PASSED_NULL_PARAMETER); + return(0); + } + + if (ctx->default_cert == NULL) + { + c=ssl_cert_new(); + if (c == NULL) + { + SSLerr(SSL_F_SSL_CTX_USE_PRIVATEKEY,ERR_R_MALLOC_FAILURE); + return(0); + } + ctx->default_cert=c; + } + c=ctx->default_cert; + + return(ssl_set_pkey(c,pkey)); + } + +#ifndef NO_STDIO +int SSL_CTX_use_PrivateKey_file(ctx, file, type) +SSL_CTX *ctx; +char *file; +int type; + { + int j,ret=0; + BIO *in; + EVP_PKEY *pkey=NULL; + + in=BIO_new(BIO_s_file_internal()); + if (in == NULL) + { + SSLerr(SSL_F_SSL_CTX_USE_PRIVATEKEY_FILE,ERR_R_BUF_LIB); + goto end; + } + + if (BIO_read_filename(in,file) <= 0) + { + SSLerr(SSL_F_SSL_CTX_USE_PRIVATEKEY_FILE,ERR_R_SYS_LIB); + goto end; + } + if (type == SSL_FILETYPE_PEM) + { + j=ERR_R_PEM_LIB; + pkey=PEM_read_bio_PrivateKey(in,NULL, + ctx->default_passwd_callback); + } + else + { + SSLerr(SSL_F_SSL_CTX_USE_PRIVATEKEY_FILE,SSL_R_BAD_SSL_FILETYPE); + goto end; + } + if (pkey == NULL) + { + SSLerr(SSL_F_SSL_CTX_USE_PRIVATEKEY_FILE,j); + goto end; + } + ret=SSL_CTX_use_PrivateKey(ctx,pkey); + EVP_PKEY_free(pkey); +end: + if (in != NULL) BIO_free(in); + return(ret); + } +#endif + +int SSL_CTX_use_PrivateKey_ASN1(type,ctx,d,len) +int type; +SSL_CTX *ctx; +unsigned char *d; +long len; + { + int ret; + unsigned char *p; + EVP_PKEY *pkey; + + p=d; + if ((pkey=d2i_PrivateKey(type,NULL,&p,(long)len)) == NULL) + { + SSLerr(SSL_F_SSL_CTX_USE_PRIVATEKEY_ASN1,ERR_R_ASN1_LIB); + return(0); + } + + ret=SSL_CTX_use_PrivateKey(ctx,pkey); + EVP_PKEY_free(pkey); + return(ret); + } + + diff --git a/src/lib/libssl/ssl_sess.c b/src/lib/libssl/ssl_sess.c new file mode 100644 index 0000000000..8212600e40 --- /dev/null +++ b/src/lib/libssl/ssl_sess.c @@ -0,0 +1,582 @@ +/* ssl/ssl_sess.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include +#include "lhash.h" +#include "rand.h" +#include "ssl_locl.h" + +#ifndef NOPROTO +static void SSL_SESSION_list_remove(SSL_CTX *ctx, SSL_SESSION *s); +static void SSL_SESSION_list_add(SSL_CTX *ctx,SSL_SESSION *s); +#else +static void SSL_SESSION_list_remove(); +static void SSL_SESSION_list_add(); +#endif + +static ssl_session_num=0; +static STACK *ssl_session_meth=NULL; + +SSL_SESSION *SSL_get_session(ssl) +SSL *ssl; + { + return(ssl->session); + } + +int SSL_SESSION_get_ex_new_index(argl,argp,new_func,dup_func,free_func) +long argl; +char *argp; +int (*new_func)(); +int (*dup_func)(); +void (*free_func)(); + { + ssl_session_num++; + return(CRYPTO_get_ex_new_index(ssl_session_num-1, + &ssl_session_meth, + argl,argp,new_func,dup_func,free_func)); + } + +int SSL_SESSION_set_ex_data(s,idx,arg) +SSL_SESSION *s; +int idx; +char *arg; + { + return(CRYPTO_set_ex_data(&s->ex_data,idx,arg)); + } + +char *SSL_SESSION_get_ex_data(s,idx) +SSL_SESSION *s; +int idx; + { + return(CRYPTO_get_ex_data(&s->ex_data,idx)); + } + +SSL_SESSION *SSL_SESSION_new() + { + SSL_SESSION *ss; + + ss=(SSL_SESSION *)Malloc(sizeof(SSL_SESSION)); + if (ss == NULL) + { + SSLerr(SSL_F_SSL_SESSION_NEW,ERR_R_MALLOC_FAILURE); + return(0); + } + memset(ss,0,sizeof(SSL_SESSION)); + + ss->references=1; + ss->timeout=60*5+4; /* 5 minute timeout by default */ + ss->time=time(NULL); + ss->prev=NULL; + ss->next=NULL; + CRYPTO_new_ex_data(ssl_session_meth,(char *)ss,&ss->ex_data); + return(ss); + } + +int ssl_get_new_session(s, session) +SSL *s; +int session; + { + SSL_SESSION *ss=NULL; + + if ((ss=SSL_SESSION_new()) == NULL) return(0); + + /* If the context has a default timeout, use it */ + if (s->ctx->session_timeout != 0) + ss->timeout=SSL_get_default_timeout(s); + + if (s->session != NULL) + { + SSL_SESSION_free(s->session); + s->session=NULL; + } + + if (session) + { + if (s->version == SSL2_CLIENT_VERSION) + { + ss->ssl_version=SSL2_VERSION; + ss->session_id_length=SSL2_SSL_SESSION_ID_LENGTH; + } + else if (s->version == SSL3_VERSION) + { + ss->ssl_version=SSL3_VERSION; + ss->session_id_length=SSL3_SSL_SESSION_ID_LENGTH; + } + else if (s->version == TLS1_VERSION) + { + ss->ssl_version=TLS1_VERSION; + ss->session_id_length=SSL3_SSL_SESSION_ID_LENGTH; + } + else + { + SSLerr(SSL_F_SSL_GET_NEW_SESSION,SSL_R_UNSUPPORTED_SSL_VERSION); + SSL_SESSION_free(ss); + return(0); + } + + for (;;) + { + SSL_SESSION *r; + + RAND_bytes(ss->session_id,ss->session_id_length); + CRYPTO_r_lock(CRYPTO_LOCK_SSL_CTX); + r=(SSL_SESSION *)lh_retrieve(s->ctx->sessions, + (char *)ss); + CRYPTO_r_unlock(CRYPTO_LOCK_SSL_CTX); + if (r == NULL) break; + /* else - woops a session_id match */ + } + } + else + { + ss->session_id_length=0; + } + + s->session=ss; + ss->ssl_version=s->version; + + return(1); + } + +int ssl_get_prev_session(s,session_id,len) +SSL *s; +unsigned char *session_id; +int len; + { + SSL_SESSION *ret=NULL,data; + + /* conn_init();*/ + data.ssl_version=s->version; + data.session_id_length=len; + if (len > SSL_MAX_SSL_SESSION_ID_LENGTH) + return(0); + memcpy(data.session_id,session_id,len);; + + if (!(s->ctx->session_cache_mode & SSL_SESS_CACHE_NO_INTERNAL_LOOKUP)) + { + CRYPTO_r_lock(CRYPTO_LOCK_SSL_CTX); + ret=(SSL_SESSION *)lh_retrieve(s->ctx->sessions,(char *)&data); + CRYPTO_r_unlock(CRYPTO_LOCK_SSL_CTX); + } + + if (ret == NULL) + { + int copy=1; + + s->ctx->sess_miss++; + ret=NULL; + if ((s->ctx->get_session_cb != NULL) && + ((ret=s->ctx->get_session_cb(s,session_id,len,©)) + != NULL)) + { + s->ctx->sess_cb_hit++; + + /* The following should not return 1, otherwise, + * things are very strange */ + SSL_CTX_add_session(s->ctx,ret); + /* auto free it */ + if (!copy) + SSL_SESSION_free(ret); + } + if (ret == NULL) return(0); + } + + if (ret->cipher == NULL) + { + char buf[5],*p; + unsigned long l; + + p=buf; + l=ret->cipher_id; + l2n(l,p); + if ((ret->ssl_version>>8) == SSL3_VERSION_MAJOR) + ret->cipher=ssl_get_cipher_by_char(s,&(buf[2])); + else + ret->cipher=ssl_get_cipher_by_char(s,&(buf[1])); + if (ret->cipher == NULL) + return(0); + } + + /* If a thread got the session, then 'swaped', and another got + * it and then due to a time-out decided to 'Free' it we could + * be in trouble. So I'll increment it now, then double decrement + * later - am I speaking rubbish?. */ + CRYPTO_add(&ret->references,1,CRYPTO_LOCK_SSL_SESSION); + + if ((long)(ret->time+ret->timeout) < (long)time(NULL)) /* timeout */ + { + s->ctx->sess_timeout++; + /* remove it from the cache */ + SSL_CTX_remove_session(s->ctx,ret); + SSL_SESSION_free(ret); /* again to actually Free it */ + return(0); + } + + s->ctx->sess_hit++; + + /* ret->time=time(NULL); */ /* rezero timeout? */ + /* again, just leave the session + * if it is the same session, we have just incremented and + * then decremented the reference count :-) */ + if (s->session != NULL) + SSL_SESSION_free(s->session); + s->session=ret; + return(1); + } + +int SSL_CTX_add_session(ctx,c) +SSL_CTX *ctx; +SSL_SESSION *c; + { + int ret=0; + SSL_SESSION *s; + + /* conn_init(); */ + CRYPTO_add(&c->references,1,CRYPTO_LOCK_SSL_SESSION); + + CRYPTO_w_lock(CRYPTO_LOCK_SSL_CTX); + s=(SSL_SESSION *)lh_insert(ctx->sessions,(char *)c); + + /* Put on the end of the queue unless it is already in the cache */ + if (s == NULL) + SSL_SESSION_list_add(ctx,c); + + /* If the same session if is being 're-added', Free the old + * one when the last person stops using it. + * This will also work if it is alread in the cache. + * The references will go up and then down :-) */ + if (s != NULL) + { + SSL_SESSION_free(s); + ret=0; + } + else + { + ret=1; + + if (SSL_CTX_sess_get_cache_size(ctx) > 0) + { + while (SSL_CTX_sess_number(ctx) > + SSL_CTX_sess_get_cache_size(ctx)) + { + if (!SSL_CTX_remove_session(ctx, + ctx->session_cache_tail)) + break; + else + ctx->sess_cache_full++; + } + } + } + CRYPTO_w_unlock(CRYPTO_LOCK_SSL_CTX); + return(ret); + } + +int SSL_CTX_remove_session(ctx,c) +SSL_CTX *ctx; +SSL_SESSION *c; + { + SSL_SESSION *r; + int ret=0; + + if ((c != NULL) && (c->session_id_length != 0)) + { + CRYPTO_w_lock(CRYPTO_LOCK_SSL_CTX); + r=(SSL_SESSION *)lh_delete(ctx->sessions,(char *)c); + if (r != NULL) + { + ret=1; + SSL_SESSION_list_remove(ctx,c); + } + + CRYPTO_w_unlock(CRYPTO_LOCK_SSL_CTX); + + if (ret) + { + r->not_resumable=1; + if (ctx->remove_session_cb != NULL) + ctx->remove_session_cb(ctx,r); + SSL_SESSION_free(r); + } + } + else + ret=0; + return(ret); + } + +void SSL_SESSION_free(ss) +SSL_SESSION *ss; + { + int i; + + i=CRYPTO_add(&ss->references,-1,CRYPTO_LOCK_SSL_SESSION); +#ifdef REF_PRINT + REF_PRINT("SSL_SESSION",ss); +#endif + if (i > 0) return; +#ifdef REF_CHECK + if (i < 0) + { + fprintf(stderr,"SSL_SESSION_free, bad reference count\n"); + abort(); /* ok */ + } +#endif + + CRYPTO_free_ex_data(ssl_session_meth,(char *)ss,&ss->ex_data); + + memset(ss->key_arg,0,SSL_MAX_KEY_ARG_LENGTH); + memset(ss->master_key,0,SSL_MAX_MASTER_KEY_LENGTH); + memset(ss->session_id,0,SSL_MAX_SSL_SESSION_ID_LENGTH); + if (ss->cert != NULL) ssl_cert_free(ss->cert); + if (ss->peer != NULL) X509_free(ss->peer); + if (ss->ciphers != NULL) sk_free(ss->ciphers); + memset(ss,0,sizeof(*ss)); + Free(ss); + } + +int SSL_set_session(s, session) +SSL *s; +SSL_SESSION *session; + { + int ret=0; + SSL_METHOD *meth; + + if (session != NULL) + { + meth=s->ctx->method->get_ssl_method(session->ssl_version); + if (meth == NULL) + meth=s->method->get_ssl_method(session->ssl_version); + if (meth == NULL) + { + SSLerr(SSL_F_SSL_SET_SESSION,SSL_R_UNABLE_TO_FIND_SSL_METHOD); + return(0); + } + + if (meth != s->method) + { + if (!SSL_set_ssl_method(s,meth)) + return(0); + session->timeout=SSL_get_default_timeout(s); + } + + /* CRYPTO_w_lock(CRYPTO_LOCK_SSL);*/ + CRYPTO_add(&session->references,1,CRYPTO_LOCK_SSL_SESSION); + if (s->session != NULL) + SSL_SESSION_free(s->session); + s->session=session; + /* CRYPTO_w_unlock(CRYPTO_LOCK_SSL);*/ + ret=1; + } + else + { + if (s->session != NULL) + { + SSL_SESSION_free(s->session); + s->session=NULL; + } + } + return(ret); + } + +long SSL_SESSION_set_timeout(s,t) +SSL_SESSION *s; +long t; + { + if (s == NULL) return(0); + s->timeout=t; + return(1); + } + +long SSL_SESSION_get_timeout(s) +SSL_SESSION *s; + { + if (s == NULL) return(0); + return(s->timeout); + } + +long SSL_SESSION_get_time(s) +SSL_SESSION *s; + { + if (s == NULL) return(0); + return(s->time); + } + +long SSL_SESSION_set_time(s,t) +SSL_SESSION *s; +long t; + { + if (s == NULL) return(0); + s->time=t; + return(t); + } + +typedef struct timeout_param_st + { + SSL_CTX *ctx; + long time; + LHASH *cache; + } TIMEOUT_PARAM; + +static void timeout(s,p) +SSL_SESSION *s; +TIMEOUT_PARAM *p; + { + if ((p->time == 0) || (p->time > (s->time+s->timeout))) /* timeout */ + { + /* The reason we don't call SSL_CTX_remove_session() is to + * save on locking overhead */ + lh_delete(p->cache,(char *)s); + SSL_SESSION_list_remove(p->ctx,s); + s->not_resumable=1; + if (p->ctx->remove_session_cb != NULL) + p->ctx->remove_session_cb(p->ctx,s); + SSL_SESSION_free(s); + } + } + +void SSL_CTX_flush_sessions(s,t) +SSL_CTX *s; +long t; + { + unsigned long i; + TIMEOUT_PARAM tp; + + tp.ctx=s; + tp.cache=SSL_CTX_sessions(s); + if (tp.cache == NULL) return; + tp.time=t; + CRYPTO_w_lock(CRYPTO_LOCK_SSL_CTX); + i=tp.cache->down_load; + tp.cache->down_load=0; + lh_doall_arg(tp.cache,(void (*)())timeout,(char *)&tp); + tp.cache->down_load=i; + CRYPTO_w_unlock(CRYPTO_LOCK_SSL_CTX); + } + +int ssl_clear_bad_session(s) +SSL *s; + { + if ( (s->session != NULL) && + !(s->shutdown & SSL_SENT_SHUTDOWN) && + !(SSL_in_init(s) || SSL_in_before(s))) + { + SSL_CTX_remove_session(s->ctx,s->session); + return(1); + } + else + return(0); + } + +/* locked by SSL_CTX in the calling function */ +static void SSL_SESSION_list_remove(ctx,s) +SSL_CTX *ctx; +SSL_SESSION *s; + { + if ((s->next == NULL) || (s->prev == NULL)) return; + + if (s->next == (SSL_SESSION *)&(ctx->session_cache_tail)) + { /* last element in list */ + if (s->prev == (SSL_SESSION *)&(ctx->session_cache_head)) + { /* only one element in list */ + ctx->session_cache_head=NULL; + ctx->session_cache_tail=NULL; + } + else + { + ctx->session_cache_tail=s->prev; + s->prev->next=(SSL_SESSION *)&(ctx->session_cache_tail); + } + } + else + { + if (s->prev == (SSL_SESSION *)&(ctx->session_cache_head)) + { /* first element in list */ + ctx->session_cache_head=s->next; + s->next->prev=(SSL_SESSION *)&(ctx->session_cache_head); + } + else + { /* middle of list */ + s->next->prev=s->prev; + s->prev->next=s->next; + } + } + s->prev=s->next=NULL; + } + +static void SSL_SESSION_list_add(ctx,s) +SSL_CTX *ctx; +SSL_SESSION *s; + { + if ((s->next != NULL) && (s->prev != NULL)) + SSL_SESSION_list_remove(ctx,s); + + if (ctx->session_cache_head == NULL) + { + ctx->session_cache_head=s; + ctx->session_cache_tail=s; + s->prev=(SSL_SESSION *)&(ctx->session_cache_head); + s->next=(SSL_SESSION *)&(ctx->session_cache_tail); + } + else + { + s->next=ctx->session_cache_head; + s->next->prev=s; + s->prev=(SSL_SESSION *)&(ctx->session_cache_head); + ctx->session_cache_head=s; + } + } + diff --git a/src/lib/libssl/ssl_stat.c b/src/lib/libssl/ssl_stat.c new file mode 100644 index 0000000000..a1daf25dd4 --- /dev/null +++ b/src/lib/libssl/ssl_stat.c @@ -0,0 +1,458 @@ +/* ssl/ssl_stat.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include +#include "ssl_locl.h" + +char *SSL_state_string_long(s) +SSL *s; + { + char *str; + + switch (s->state) + { +case SSL_ST_BEFORE: str="before SSL initalisation"; break; +case SSL_ST_ACCEPT: str="before accept initalisation"; break; +case SSL_ST_CONNECT: str="before connect initalisation"; break; +case SSL_ST_OK: str="SSL negotiation finished successfully"; break; +case SSL_ST_RENEGOTIATE: str="SSL renegotiate ciphers"; break; +case SSL_ST_BEFORE|SSL_ST_CONNECT: str="before/connect initalisation"; break; +case SSL_ST_OK|SSL_ST_CONNECT: str="ok/connect SSL initalisation"; break; +case SSL_ST_BEFORE|SSL_ST_ACCEPT: str="before/accept initalisation"; break; +case SSL_ST_OK|SSL_ST_ACCEPT: str="ok/accept SSL initalisation"; break; +#ifndef NO_SSL2 +case SSL2_ST_CLIENT_START_ENCRYPTION: str="SSLv2 client start encryption"; break; +case SSL2_ST_SERVER_START_ENCRYPTION: str="SSLv2 server start encryption"; break; +case SSL2_ST_SEND_CLIENT_HELLO_A: str="SSLv2 write client hello A"; break; +case SSL2_ST_SEND_CLIENT_HELLO_B: str="SSLv2 write client hello B"; break; +case SSL2_ST_GET_SERVER_HELLO_A: str="SSLv2 read server hello A"; break; +case SSL2_ST_GET_SERVER_HELLO_B: str="SSLv2 read server hello B"; break; +case SSL2_ST_SEND_CLIENT_MASTER_KEY_A: str="SSLv2 write client master key A"; break; +case SSL2_ST_SEND_CLIENT_MASTER_KEY_B: str="SSLv2 write client master key B"; break; +case SSL2_ST_SEND_CLIENT_FINISHED_A: str="SSLv2 write client finished A"; break; +case SSL2_ST_SEND_CLIENT_FINISHED_B: str="SSLv2 write client finished B"; break; +case SSL2_ST_SEND_CLIENT_CERTIFICATE_A: str="SSLv2 write client certificate A"; break; +case SSL2_ST_SEND_CLIENT_CERTIFICATE_B: str="SSLv2 write client certificate B"; break; +case SSL2_ST_SEND_CLIENT_CERTIFICATE_C: str="SSLv2 write client certificate C"; break; +case SSL2_ST_SEND_CLIENT_CERTIFICATE_D: str="SSLv2 write client certificate D"; break; +case SSL2_ST_GET_SERVER_VERIFY_A: str="SSLv2 read server verify A"; break; +case SSL2_ST_GET_SERVER_VERIFY_B: str="SSLv2 read server verify B"; break; +case SSL2_ST_GET_SERVER_FINISHED_A: str="SSLv2 read server finished A"; break; +case SSL2_ST_GET_SERVER_FINISHED_B: str="SSLv2 read server finished B"; break; +case SSL2_ST_GET_CLIENT_HELLO_A: str="SSLv2 read client hello A"; break; +case SSL2_ST_GET_CLIENT_HELLO_B: str="SSLv2 read client hello B"; break; +case SSL2_ST_GET_CLIENT_HELLO_C: str="SSLv2 read client hello C"; break; +case SSL2_ST_SEND_SERVER_HELLO_A: str="SSLv2 write server hello A"; break; +case SSL2_ST_SEND_SERVER_HELLO_B: str="SSLv2 write server hello B"; break; +case SSL2_ST_GET_CLIENT_MASTER_KEY_A: str="SSLv2 read client master key A"; break; +case SSL2_ST_GET_CLIENT_MASTER_KEY_B: str="SSLv2 read client master key B"; break; +case SSL2_ST_SEND_SERVER_VERIFY_A: str="SSLv2 write server verify A"; break; +case SSL2_ST_SEND_SERVER_VERIFY_B: str="SSLv2 write server verify B"; break; +case SSL2_ST_SEND_SERVER_VERIFY_C: str="SSLv2 write server verify C"; break; +case SSL2_ST_GET_CLIENT_FINISHED_A: str="SSLv2 read client finished A"; break; +case SSL2_ST_GET_CLIENT_FINISHED_B: str="SSLv2 read client finished B"; break; +case SSL2_ST_SEND_SERVER_FINISHED_A: str="SSLv2 write server finished A"; break; +case SSL2_ST_SEND_SERVER_FINISHED_B: str="SSLv2 write server finished B"; break; +case SSL2_ST_SEND_REQUEST_CERTIFICATE_A: str="SSLv2 write request certificate A"; break; +case SSL2_ST_SEND_REQUEST_CERTIFICATE_B: str="SSLv2 write request certificate B"; break; +case SSL2_ST_SEND_REQUEST_CERTIFICATE_C: str="SSLv2 write request certificate C"; break; +case SSL2_ST_SEND_REQUEST_CERTIFICATE_D: str="SSLv2 write request certificate D"; break; +case SSL2_ST_X509_GET_SERVER_CERTIFICATE: str="SSLv2 X509 read server certificate"; break; +case SSL2_ST_X509_GET_CLIENT_CERTIFICATE: str="SSLv2 X509 read client certificate"; break; +#endif + +#ifndef NO_SSL3 +/* SSLv3 additions */ +case SSL3_ST_CW_CLNT_HELLO_A: str="SSLv3 write client hello A"; break; +case SSL3_ST_CW_CLNT_HELLO_B: str="SSLv3 write client hello B"; break; +case SSL3_ST_CR_SRVR_HELLO_A: str="SSLv3 read server hello A"; break; +case SSL3_ST_CR_SRVR_HELLO_B: str="SSLv3 read server hello B"; break; +case SSL3_ST_CR_CERT_A: str="SSLv3 read server certificate A"; break; +case SSL3_ST_CR_CERT_B: str="SSLv3 read server certificate B"; break; +case SSL3_ST_CR_KEY_EXCH_A: str="SSLv3 read server key exchange A"; break; +case SSL3_ST_CR_KEY_EXCH_B: str="SSLv3 read server key exchange B"; break; +case SSL3_ST_CR_CERT_REQ_A: str="SSLv3 read server certificate request A"; break; +case SSL3_ST_CR_CERT_REQ_B: str="SSLv3 read server certificate request B"; break; +case SSL3_ST_CR_SRVR_DONE_A: str="SSLv3 read server done A"; break; +case SSL3_ST_CR_SRVR_DONE_B: str="SSLv3 read server done B"; break; +case SSL3_ST_CW_CERT_A: str="SSLv3 write client certificate A"; break; +case SSL3_ST_CW_CERT_B: str="SSLv3 write client certificate B"; break; +case SSL3_ST_CW_KEY_EXCH_A: str="SSLv3 write client key exchange A"; break; +case SSL3_ST_CW_KEY_EXCH_B: str="SSLv3 write client key exchange B"; break; +case SSL3_ST_CW_CERT_VRFY_A: str="SSLv3 write certificate verify A"; break; +case SSL3_ST_CW_CERT_VRFY_B: str="SSLv3 write certificate verify A"; break; + +case SSL3_ST_CW_CHANGE_A: +case SSL3_ST_SW_CHANGE_A: str="SSLv3 write change cipher spec A"; break; +case SSL3_ST_CW_CHANGE_B: +case SSL3_ST_SW_CHANGE_B: str="SSLv3 write change cipher spec B"; break; +case SSL3_ST_CW_FINISHED_A: +case SSL3_ST_SW_FINISHED_A: str="SSLv3 write finished A"; break; +case SSL3_ST_CW_FINISHED_B: +case SSL3_ST_SW_FINISHED_B: str="SSLv3 write finished A"; break; +case SSL3_ST_CR_CHANGE_A: +case SSL3_ST_SR_CHANGE_A: str="SSLv3 read change cipher spec A"; break; +case SSL3_ST_CR_CHANGE_B: +case SSL3_ST_SR_CHANGE_B: str="SSLv3 read change cipher spec B"; break; +case SSL3_ST_CR_FINISHED_A: +case SSL3_ST_SR_FINISHED_A: str="SSLv3 read finished A"; break; +case SSL3_ST_CR_FINISHED_B: +case SSL3_ST_SR_FINISHED_B: str="SSLv3 read finished B"; break; + +case SSL3_ST_CW_FLUSH: +case SSL3_ST_SW_FLUSH: str="SSLv3 flush data"; break; + +case SSL3_ST_SR_CLNT_HELLO_A: str="SSLv3 read client hello A"; break; +case SSL3_ST_SR_CLNT_HELLO_B: str="SSLv3 read client hello B"; break; +case SSL3_ST_SR_CLNT_HELLO_C: str="SSLv3 read client hello C"; break; +case SSL3_ST_SW_HELLO_REQ_A: str="SSLv3 write hello request A"; break; +case SSL3_ST_SW_HELLO_REQ_B: str="SSLv3 write hello request B"; break; +case SSL3_ST_SW_HELLO_REQ_C: str="SSLv3 write hello request C"; break; +case SSL3_ST_SW_SRVR_HELLO_A: str="SSLv3 write server hello A"; break; +case SSL3_ST_SW_SRVR_HELLO_B: str="SSLv3 write server hello B"; break; +case SSL3_ST_SW_CERT_A: str="SSLv3 write certificate A"; break; +case SSL3_ST_SW_CERT_B: str="SSLv3 write certificate B"; break; +case SSL3_ST_SW_KEY_EXCH_A: str="SSLv3 write key exchange A"; break; +case SSL3_ST_SW_KEY_EXCH_B: str="SSLv3 write key exchange B"; break; +case SSL3_ST_SW_CERT_REQ_A: str="SSLv3 write certificate request A"; break; +case SSL3_ST_SW_CERT_REQ_B: str="SSLv3 write certificate request B"; break; +case SSL3_ST_SW_SRVR_DONE_A: str="SSLv3 write server done A"; break; +case SSL3_ST_SW_SRVR_DONE_B: str="SSLv3 write server done B"; break; +case SSL3_ST_SR_CERT_A: str="SSLv3 read client certificate A"; break; +case SSL3_ST_SR_CERT_B: str="SSLv3 read client certificate B"; break; +case SSL3_ST_SR_KEY_EXCH_A: str="SSLv3 read client key exchange A"; break; +case SSL3_ST_SR_KEY_EXCH_B: str="SSLv3 read client key exchange B"; break; +case SSL3_ST_SR_CERT_VRFY_A: str="SSLv3 read certificate verify A"; break; +case SSL3_ST_SR_CERT_VRFY_B: str="SSLv3 read certificate verify B"; break; +#endif + +#if !defined(NO_SSL2) && !defined(NO_SSL3) +/* SSLv2/v3 compatablitity states */ +/* client */ +case SSL23_ST_CW_CLNT_HELLO_A: str="SSLv2/v3 write client hello A"; break; +case SSL23_ST_CW_CLNT_HELLO_B: str="SSLv2/v3 write client hello B"; break; +case SSL23_ST_CR_SRVR_HELLO_A: str="SSLv2/v3 read server hello A"; break; +case SSL23_ST_CR_SRVR_HELLO_B: str="SSLv2/v3 read server hello B"; break; +/* server */ +case SSL23_ST_SR_CLNT_HELLO_A: str="SSLv2/v3 read client hello A"; break; +case SSL23_ST_SR_CLNT_HELLO_B: str="SSLv2/v3 read client hello B"; break; +#endif + +default: str="unknown state"; break; + } + return(str); + } + +char *SSL_rstate_string_long(s) +SSL *s; + { + char *str; + + switch (s->rstate) + { + case SSL_ST_READ_HEADER: str="read header"; break; + case SSL_ST_READ_BODY: str="read body"; break; + case SSL_ST_READ_DONE: str="read done"; break; + default: str="unknown"; break; + } + return(str); + } + +char *SSL_state_string(s) +SSL *s; + { + char *str; + + switch (s->state) + { +case SSL_ST_BEFORE: str="PINIT "; break; +case SSL_ST_ACCEPT: str="AINIT "; break; +case SSL_ST_CONNECT: str="CINIT "; break; +case SSL_ST_OK: str="SSLOK "; break; +#ifndef NO_SSL2 +case SSL2_ST_CLIENT_START_ENCRYPTION: str="2CSENC"; break; +case SSL2_ST_SERVER_START_ENCRYPTION: str="2SSENC"; break; +case SSL2_ST_SEND_CLIENT_HELLO_A: str="2SCH_A"; break; +case SSL2_ST_SEND_CLIENT_HELLO_B: str="2SCH_B"; break; +case SSL2_ST_GET_SERVER_HELLO_A: str="2GSH_A"; break; +case SSL2_ST_GET_SERVER_HELLO_B: str="2GSH_B"; break; +case SSL2_ST_SEND_CLIENT_MASTER_KEY_A: str="2SCMKA"; break; +case SSL2_ST_SEND_CLIENT_MASTER_KEY_B: str="2SCMKB"; break; +case SSL2_ST_SEND_CLIENT_FINISHED_A: str="2SCF_A"; break; +case SSL2_ST_SEND_CLIENT_FINISHED_B: str="2SCF_B"; break; +case SSL2_ST_SEND_CLIENT_CERTIFICATE_A: str="2SCC_A"; break; +case SSL2_ST_SEND_CLIENT_CERTIFICATE_B: str="2SCC_B"; break; +case SSL2_ST_SEND_CLIENT_CERTIFICATE_C: str="2SCC_C"; break; +case SSL2_ST_SEND_CLIENT_CERTIFICATE_D: str="2SCC_D"; break; +case SSL2_ST_GET_SERVER_VERIFY_A: str="2GSV_A"; break; +case SSL2_ST_GET_SERVER_VERIFY_B: str="2GSV_B"; break; +case SSL2_ST_GET_SERVER_FINISHED_A: str="2GSF_A"; break; +case SSL2_ST_GET_SERVER_FINISHED_B: str="2GSF_B"; break; +case SSL2_ST_GET_CLIENT_HELLO_A: str="2GCH_A"; break; +case SSL2_ST_GET_CLIENT_HELLO_B: str="2GCH_B"; break; +case SSL2_ST_GET_CLIENT_HELLO_C: str="2GCH_C"; break; +case SSL2_ST_SEND_SERVER_HELLO_A: str="2SSH_A"; break; +case SSL2_ST_SEND_SERVER_HELLO_B: str="2SSH_B"; break; +case SSL2_ST_GET_CLIENT_MASTER_KEY_A: str="2GCMKA"; break; +case SSL2_ST_GET_CLIENT_MASTER_KEY_B: str="2GCMKA"; break; +case SSL2_ST_SEND_SERVER_VERIFY_A: str="2SSV_A"; break; +case SSL2_ST_SEND_SERVER_VERIFY_B: str="2SSV_B"; break; +case SSL2_ST_SEND_SERVER_VERIFY_C: str="2SSV_C"; break; +case SSL2_ST_GET_CLIENT_FINISHED_A: str="2GCF_A"; break; +case SSL2_ST_GET_CLIENT_FINISHED_B: str="2GCF_B"; break; +case SSL2_ST_SEND_SERVER_FINISHED_A: str="2SSF_A"; break; +case SSL2_ST_SEND_SERVER_FINISHED_B: str="2SSF_B"; break; +case SSL2_ST_SEND_REQUEST_CERTIFICATE_A: str="2SRC_A"; break; +case SSL2_ST_SEND_REQUEST_CERTIFICATE_B: str="2SRC_B"; break; +case SSL2_ST_SEND_REQUEST_CERTIFICATE_C: str="2SRC_C"; break; +case SSL2_ST_SEND_REQUEST_CERTIFICATE_D: str="2SRC_D"; break; +case SSL2_ST_X509_GET_SERVER_CERTIFICATE: str="2X9GSC"; break; +case SSL2_ST_X509_GET_CLIENT_CERTIFICATE: str="2X9GCC"; break; +#endif + +#ifndef NO_SSL3 +/* SSLv3 additions */ +case SSL3_ST_SW_FLUSH: +case SSL3_ST_CW_FLUSH: str="3FLUSH"; break; +case SSL3_ST_CW_CLNT_HELLO_A: str="3WCH_A"; break; +case SSL3_ST_CW_CLNT_HELLO_B: str="3WCH_B"; break; +case SSL3_ST_CR_SRVR_HELLO_A: str="3RSH_A"; break; +case SSL3_ST_CR_SRVR_HELLO_B: str="3RSH_B"; break; +case SSL3_ST_CR_CERT_A: str="3RSC_A"; break; +case SSL3_ST_CR_CERT_B: str="3RSC_B"; break; +case SSL3_ST_CR_KEY_EXCH_A: str="3RSKEA"; break; +case SSL3_ST_CR_KEY_EXCH_B: str="3RSKEB"; break; +case SSL3_ST_CR_CERT_REQ_A: str="3RCR_A"; break; +case SSL3_ST_CR_CERT_REQ_B: str="3RCR_B"; break; +case SSL3_ST_CR_SRVR_DONE_A: str="3RSD_A"; break; +case SSL3_ST_CR_SRVR_DONE_B: str="3RSD_B"; break; +case SSL3_ST_CW_CERT_A: str="3WCC_A"; break; +case SSL3_ST_CW_CERT_B: str="3WCC_B"; break; +case SSL3_ST_CW_KEY_EXCH_A: str="3WCKEA"; break; +case SSL3_ST_CW_KEY_EXCH_B: str="3WCKEB"; break; +case SSL3_ST_CW_CERT_VRFY_A: str="3WCV_A"; break; +case SSL3_ST_CW_CERT_VRFY_B: str="3WCV_B"; break; + +case SSL3_ST_SW_CHANGE_A: +case SSL3_ST_CW_CHANGE_A: str="3WCCSA"; break; +case SSL3_ST_SW_CHANGE_B: +case SSL3_ST_CW_CHANGE_B: str="3WCCSB"; break; +case SSL3_ST_SW_FINISHED_A: +case SSL3_ST_CW_FINISHED_A: str="3WFINA"; break; +case SSL3_ST_SW_FINISHED_B: +case SSL3_ST_CW_FINISHED_B: str="3WFINB"; break; +case SSL3_ST_SR_CHANGE_A: +case SSL3_ST_CR_CHANGE_A: str="3RCCSA"; break; +case SSL3_ST_SR_CHANGE_B: +case SSL3_ST_CR_CHANGE_B: str="3RCCSB"; break; +case SSL3_ST_SR_FINISHED_A: +case SSL3_ST_CR_FINISHED_A: str="3RFINA"; break; +case SSL3_ST_SR_FINISHED_B: +case SSL3_ST_CR_FINISHED_B: str="3RFINB"; break; + +case SSL3_ST_SW_HELLO_REQ_A: str="3WHR_A"; break; +case SSL3_ST_SW_HELLO_REQ_B: str="3WHR_B"; break; +case SSL3_ST_SW_HELLO_REQ_C: str="3WHR_C"; break; +case SSL3_ST_SR_CLNT_HELLO_A: str="3RCH_A"; break; +case SSL3_ST_SR_CLNT_HELLO_B: str="3RCH_B"; break; +case SSL3_ST_SR_CLNT_HELLO_C: str="3RCH_C"; break; +case SSL3_ST_SW_SRVR_HELLO_A: str="3WSH_A"; break; +case SSL3_ST_SW_SRVR_HELLO_B: str="3WSH_B"; break; +case SSL3_ST_SW_CERT_A: str="3WSC_A"; break; +case SSL3_ST_SW_CERT_B: str="3WSC_B"; break; +case SSL3_ST_SW_KEY_EXCH_A: str="3WSKEA"; break; +case SSL3_ST_SW_KEY_EXCH_B: str="3WSKEB"; break; +case SSL3_ST_SW_CERT_REQ_A: str="3WCR_A"; break; +case SSL3_ST_SW_CERT_REQ_B: str="3WCR_B"; break; +case SSL3_ST_SW_SRVR_DONE_A: str="3WSD_A"; break; +case SSL3_ST_SW_SRVR_DONE_B: str="3WSD_B"; break; +case SSL3_ST_SR_CERT_A: str="3RCC_A"; break; +case SSL3_ST_SR_CERT_B: str="3RCC_B"; break; +case SSL3_ST_SR_KEY_EXCH_A: str="3RCKEA"; break; +case SSL3_ST_SR_KEY_EXCH_B: str="3RCKEB"; break; +case SSL3_ST_SR_CERT_VRFY_A: str="3RCV_A"; break; +case SSL3_ST_SR_CERT_VRFY_B: str="3RCV_B"; break; +#endif + +#if !defined(NO_SSL2) && !defined(NO_SSL3) +/* SSLv2/v3 compatablitity states */ +/* client */ +case SSL23_ST_CW_CLNT_HELLO_A: str="23WCHA"; break; +case SSL23_ST_CW_CLNT_HELLO_B: str="23WCHB"; break; +case SSL23_ST_CR_SRVR_HELLO_A: str="23RSHA"; break; +case SSL23_ST_CR_SRVR_HELLO_B: str="23RSHA"; break; +/* server */ +case SSL23_ST_SR_CLNT_HELLO_A: str="23RCHA"; break; +case SSL23_ST_SR_CLNT_HELLO_B: str="23RCHB"; break; +#endif + +default: str="UNKWN "; break; + } + return(str); + } + +char *SSL_alert_type_string_long(value) +int value; + { + value>>=8; + if (value == SSL3_AL_WARNING) + return("warning"); + else if (value == SSL3_AL_FATAL) + return("fatal"); + else + return("unknown"); + } + +char *SSL_alert_type_string(value) +int value; + { + value>>=8; + if (value == SSL3_AL_WARNING) + return("W"); + else if (value == SSL3_AL_FATAL) + return("F"); + else + return("U"); + } + +char *SSL_alert_desc_string(value) +int value; + { + char *str; + + switch (value & 0xff) + { + case SSL3_AD_CLOSE_NOTIFY: str="CN"; break; + case SSL3_AD_UNEXPECTED_MESSAGE: str="UM"; break; + case SSL3_AD_BAD_RECORD_MAC: str="BM"; break; + case SSL3_AD_DECOMPRESSION_FAILURE: str="DF"; break; + case SSL3_AD_HANDSHAKE_FAILURE: str="HF"; break; + case SSL3_AD_NO_CERTIFICATE: str="NC"; break; + case SSL3_AD_BAD_CERTIFICATE: str="BC"; break; + case SSL3_AD_UNSUPPORTED_CERTIFICATE: str="UC"; break; + case SSL3_AD_CERTIFICATE_REVOKED: str="CR"; break; + case SSL3_AD_CERTIFICATE_EXPIRED: str="CE"; break; + case SSL3_AD_CERTIFICATE_UNKNOWN: str="CU"; break; + case SSL3_AD_ILLEGAL_PARAMETER: str="IP"; break; + default: str="UK"; break; + } + return(str); + } + +char *SSL_alert_desc_string_long(value) +int value; + { + char *str; + + switch (value & 0xff) + { + case SSL3_AD_CLOSE_NOTIFY: + str="close notify"; + break; + case SSL3_AD_UNEXPECTED_MESSAGE: + str="unexected_message"; + break; + case SSL3_AD_BAD_RECORD_MAC: + str="bad record mac"; + break; + case SSL3_AD_DECOMPRESSION_FAILURE: + str="decompression failure"; + break; + case SSL3_AD_HANDSHAKE_FAILURE: + str="handshake failure"; + break; + case SSL3_AD_NO_CERTIFICATE: + str="no certificate"; + break; + case SSL3_AD_BAD_CERTIFICATE: + str="bad certificate"; + break; + case SSL3_AD_UNSUPPORTED_CERTIFICATE: + str="unsupported certificate"; + break; + case SSL3_AD_CERTIFICATE_REVOKED: + str="certificate revoked"; + break; + case SSL3_AD_CERTIFICATE_EXPIRED: + str="certificate expired"; + break; + case SSL3_AD_CERTIFICATE_UNKNOWN: + str="certifcate unknown"; + break; + case SSL3_AD_ILLEGAL_PARAMETER: + str="illegal parameter"; + break; + default: str="unknown"; break; + } + return(str); + } + +char *SSL_rstate_string(s) +SSL *s; + { + char *str; + + switch (s->rstate) + { + case SSL_ST_READ_HEADER:str="RH"; break; + case SSL_ST_READ_BODY: str="RB"; break; + case SSL_ST_READ_DONE: str="RD"; break; + default: str="unknown"; break; + } + return(str); + } diff --git a/src/lib/libssl/ssl_txt.c b/src/lib/libssl/ssl_txt.c new file mode 100644 index 0000000000..ce60e1a6dd --- /dev/null +++ b/src/lib/libssl/ssl_txt.c @@ -0,0 +1,152 @@ +/* ssl/ssl_txt.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include +#include "buffer.h" +#include "ssl_locl.h" + +#ifndef NO_FP_API +int SSL_SESSION_print_fp(fp, x) +FILE *fp; +SSL_SESSION *x; + { + BIO *b; + int ret; + + if ((b=BIO_new(BIO_s_file_internal())) == NULL) + { + SSLerr(SSL_F_SSL_SESSION_PRINT_FP,ERR_R_BUF_LIB); + return(0); + } + BIO_set_fp(b,fp,BIO_NOCLOSE); + ret=SSL_SESSION_print(b,x); + BIO_free(b); + return(ret); + } +#endif + +int SSL_SESSION_print(bp,x) +BIO *bp; +SSL_SESSION *x; + { + int i; + char str[128],*s; + + if (x == NULL) goto err; + if (BIO_puts(bp,"SSL-Session:\n") <= 0) goto err; + if (x->ssl_version == SSL2_VERSION) + s="SSLv2"; + else if (x->ssl_version == SSL3_VERSION) + s="SSLv3"; + else if (x->ssl_version == TLS1_VERSION) + s="TLSv1"; + else + s="unknown"; + sprintf(str," Protocol : %s\n",s); + if (BIO_puts(bp,str) <= 0) goto err; + + if (x->cipher == NULL) + { + if (((x->cipher_id) & 0xff000000) == 0x02000000) + sprintf(str," Cipher : %06lX\n",x->cipher_id&0xffffff); + else + sprintf(str," Cipher : %04lX\n",x->cipher_id&0xffff); + } + else + sprintf(str," Cipher : %s\n",(x->cipher == NULL)?"unknown":x->cipher->name); + if (BIO_puts(bp,str) <= 0) goto err; + if (BIO_puts(bp," Session-ID: ") <= 0) goto err; + for (i=0; i<(int)x->session_id_length; i++) + { + sprintf(str,"%02X",x->session_id[i]); + if (BIO_puts(bp,str) <= 0) goto err; + } + if (BIO_puts(bp,"\n Master-Key: ") <= 0) goto err; + for (i=0; i<(int)x->master_key_length; i++) + { + sprintf(str,"%02X",x->master_key[i]); + if (BIO_puts(bp,str) <= 0) goto err; + } + if (BIO_puts(bp,"\n Key-Arg : ") <= 0) goto err; + if (x->key_arg_length == 0) + { + if (BIO_puts(bp,"None") <= 0) goto err; + } + else + for (i=0; i<(int)x->key_arg_length; i++) + { + sprintf(str,"%02X",x->key_arg[i]); + if (BIO_puts(bp,str) <= 0) goto err; + } + if (x->time != 0L) + { + sprintf(str,"\n Start Time: %ld",x->time); + if (BIO_puts(bp,str) <= 0) goto err; + } + if (x->timeout != 0L) + { + sprintf(str,"\n Timeout : %ld (sec)",x->timeout); + if (BIO_puts(bp,str) <= 0) goto err; + } + if (BIO_puts(bp,"\n") <= 0) goto err; + + return(1); +err: + return(0); + } + diff --git a/src/lib/libssl/t1_clnt.c b/src/lib/libssl/t1_clnt.c new file mode 100644 index 0000000000..986d2436e2 --- /dev/null +++ b/src/lib/libssl/t1_clnt.c @@ -0,0 +1,90 @@ +/* ssl/t1_clnt.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include +#include "buffer.h" +#include "rand.h" +#include "objects.h" +#include "evp.h" +#include "ssl_locl.h" + +static SSL_METHOD *tls1_get_client_method(ver) +int ver; + { + if (ver == TLS1_VERSION) + return(TLSv1_client_method()); + else + return(NULL); + } + +SSL_METHOD *TLSv1_client_method() + { + static int init=1; + static SSL_METHOD TLSv1_client_data; + + if (init) + { + init=0; + memcpy((char *)&TLSv1_client_data,(char *)tlsv1_base_method(), + sizeof(SSL_METHOD)); + TLSv1_client_data.ssl_connect=ssl3_connect; + TLSv1_client_data.get_ssl_method=tls1_get_client_method; + } + return(&TLSv1_client_data); + } + diff --git a/src/lib/libssl/t1_enc.c b/src/lib/libssl/t1_enc.c new file mode 100644 index 0000000000..fbdd3bffb5 --- /dev/null +++ b/src/lib/libssl/t1_enc.c @@ -0,0 +1,635 @@ +/* ssl/t1_enc.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include +#include "evp.h" +#include "hmac.h" +#include "ssl_locl.h" + +static void tls1_P_hash(md,sec,sec_len,seed,seed_len,out,olen) +EVP_MD *md; +unsigned char *sec; +int sec_len; +unsigned char *seed; +int seed_len; +unsigned char *out; +int olen; + { + int chunk,n; + unsigned int j; + HMAC_CTX ctx; + HMAC_CTX ctx_tmp; + unsigned char A1[HMAC_MAX_MD_CBLOCK]; + unsigned int A1_len; + + chunk=EVP_MD_size(md); + + HMAC_Init(&ctx,sec,sec_len,md); + HMAC_Update(&ctx,seed,seed_len); + HMAC_Final(&ctx,A1,&A1_len); + + n=0; + for (;;) + { + HMAC_Init(&ctx,NULL,0,NULL); /* re-init */ + HMAC_Update(&ctx,A1,A1_len); + memcpy(&ctx_tmp,&ctx,sizeof(ctx)); /* Copy for A2 */ /* not needed for last one */ + HMAC_Update(&ctx,seed,seed_len); + + if (olen > chunk) + { + HMAC_Final(&ctx,out,&j); + out+=j; + olen-=j; + HMAC_Final(&ctx_tmp,A1,&A1_len); /* calc the next A1 value */ + } + else /* last one */ + { + HMAC_Final(&ctx,A1,&A1_len); + memcpy(out,A1,olen); + break; + } + } + HMAC_cleanup(&ctx); + HMAC_cleanup(&ctx_tmp); + memset(A1,0,sizeof(A1)); + } + +static void tls1_PRF(md5,sha1,label,label_len,sec,slen,out1,out2,olen) +EVP_MD *md5; +EVP_MD *sha1; +unsigned char *label; +int label_len; +unsigned char *sec; +int slen; +unsigned char *out1; +unsigned char *out2; +int olen; + { + int len,i; + unsigned char *S1,*S2; + + len=slen/2; + S1=sec; + S2= &(sec[len]); + len+=(slen&1); /* add for odd, make longer */ + + + tls1_P_hash(md5 ,S1,len,label,label_len,out1,olen); + tls1_P_hash(sha1,S2,len,label,label_len,out2,olen); + + for (i=0; is3->server_random,SSL3_RANDOM_SIZE); + p+=SSL3_RANDOM_SIZE; + memcpy(p,s->s3->client_random,SSL3_RANDOM_SIZE); + p+=SSL3_RANDOM_SIZE; + + tls1_PRF(s->ctx->md5,s->ctx->sha1,buf,p-buf, + s->session->master_key,s->session->master_key_length, + km,tmp,num); + } + +int tls1_change_cipher_state(s,which) +SSL *s; +int which; + { + unsigned char *p,*key_block,*mac_secret; + unsigned char *exp_label,buf[TLS_MD_MAX_CONST_SIZE+ + SSL3_RANDOM_SIZE*2]; + unsigned char tmp1[EVP_MAX_KEY_LENGTH]; + unsigned char tmp2[EVP_MAX_KEY_LENGTH]; + unsigned char iv1[EVP_MAX_IV_LENGTH*2]; + unsigned char iv2[EVP_MAX_IV_LENGTH*2]; + unsigned char *ms,*key,*iv,*er1,*er2; + int client_write; + EVP_CIPHER_CTX *dd; + EVP_CIPHER *c; + SSL_COMPRESSION *comp; + EVP_MD *m; + int exp,n,i,j,k,exp_label_len; + + exp=(s->s3->tmp.new_cipher->algorithms & SSL_EXPORT)?1:0; + c=s->s3->tmp.new_sym_enc; + m=s->s3->tmp.new_hash; + comp=s->s3->tmp.new_compression; + key_block=s->s3->tmp.key_block; + + if (which & SSL3_CC_READ) + { + if ((s->enc_read_ctx == NULL) && + ((s->enc_read_ctx=(EVP_CIPHER_CTX *) + Malloc(sizeof(EVP_CIPHER_CTX))) == NULL)) + goto err; + dd= s->enc_read_ctx; + s->read_hash=m; + s->read_compression=comp; + memset(&(s->s3->read_sequence[0]),0,8); + mac_secret= &(s->s3->read_mac_secret[0]); + } + else + { + if ((s->enc_write_ctx == NULL) && + ((s->enc_write_ctx=(EVP_CIPHER_CTX *) + Malloc(sizeof(EVP_CIPHER_CTX))) == NULL)) + goto err; + dd= s->enc_write_ctx; + s->write_hash=m; + s->write_compression=comp; + memset(&(s->s3->write_sequence[0]),0,8); + mac_secret= &(s->s3->write_mac_secret[0]); + } + + EVP_CIPHER_CTX_init(dd); + + p=s->s3->tmp.key_block; + i=EVP_MD_size(m); + j=(exp)?5:EVP_CIPHER_key_length(c); + k=EVP_CIPHER_iv_length(c); + er1= &(s->s3->client_random[0]); + er2= &(s->s3->server_random[0]); + if ( (which == SSL3_CHANGE_CIPHER_CLIENT_WRITE) || + (which == SSL3_CHANGE_CIPHER_SERVER_READ)) + { + ms= &(p[ 0]); n=i+i; + key= &(p[ n]); n+=j+j; + iv= &(p[ n]); n+=k+k; + exp_label=(unsigned char *)TLS_MD_CLIENT_WRITE_KEY_CONST; + exp_label_len=TLS_MD_CLIENT_WRITE_KEY_CONST_SIZE; + client_write=1; + } + else + { + n=i; + ms= &(p[ n]); n+=i+j; + key= &(p[ n]); n+=j+k; + iv= &(p[ n]); n+=k; + exp_label=(unsigned char *)TLS_MD_SERVER_WRITE_KEY_CONST; + exp_label_len=TLS_MD_SERVER_WRITE_KEY_CONST_SIZE; + client_write=0; + } + + if (n > s->s3->tmp.key_block_length) + { + SSLerr(SSL_F_TLS1_CHANGE_CIPHER_STATE,SSL_R_INTERNAL_ERROR); + goto err2; + } + + memcpy(mac_secret,ms,i); +#ifdef TLS_DEBUG +printf("which = %04X\nmac key=",which); +{ int z; for (z=0; zs3->client_random,SSL3_RANDOM_SIZE); + p+=SSL3_RANDOM_SIZE; + memcpy(p,s->s3->server_random,SSL3_RANDOM_SIZE); + p+=SSL3_RANDOM_SIZE; + tls1_PRF(s->ctx->md5,s->ctx->sha1,buf,p-buf,key,j, + tmp1,tmp2,EVP_CIPHER_key_length(c)); + key=tmp1; + + if (k > 0) + { + p=buf; + memcpy(p,TLS_MD_IV_BLOCK_CONST, + TLS_MD_IV_BLOCK_CONST_SIZE); + p+=TLS_MD_IV_BLOCK_CONST_SIZE; + memcpy(p,s->s3->client_random,SSL3_RANDOM_SIZE); + p+=SSL3_RANDOM_SIZE; + memcpy(p,s->s3->server_random,SSL3_RANDOM_SIZE); + p+=SSL3_RANDOM_SIZE; + tls1_PRF(s->ctx->md5,s->ctx->sha1, + buf,p-buf,"",0,iv1,iv2,k*2); + if (client_write) + iv=iv1; + else + iv= &(iv1[k]); + } + } + + s->session->key_arg_length=0; + + EVP_CipherInit(dd,c,key,iv,(which & SSL3_CC_WRITE)); +#ifdef TLS_DEBUG +printf("which = %04X\nkey=",which); +{ int z; for (z=0; zs3->tmp.key_block_length != 0) + return(1); + + if (!ssl_cipher_get_evp(s->session->cipher,&c,&hash)) + { + SSLerr(SSL_F_TLS1_SETUP_KEY_BLOCK,SSL_R_CIPHER_OR_HASH_UNAVAILABLE); + return(0); + } + + s->s3->tmp.new_sym_enc=c; + s->s3->tmp.new_hash=hash; + + exp=(s->session->cipher->algorithms & SSL_EXPORT)?1:0; + + num=EVP_CIPHER_key_length(c)+EVP_MD_size(hash)+EVP_CIPHER_iv_length(c); + num*=2; + + ssl3_cleanup_key_block(s); + + if ((p1=(unsigned char *)Malloc(num)) == NULL) + goto err; + if ((p2=(unsigned char *)Malloc(num)) == NULL) + goto err; + + s->s3->tmp.key_block_length=num; + s->s3->tmp.key_block=p1; + + +#ifdef TLS_DEBUG +printf("client random\n"); +{ int z; for (z=0; zs3->client_random[z],((z+1)%16)?' ':'\n'); } +printf("server random\n"); +{ int z; for (z=0; zs3->server_random[z],((z+1)%16)?' ':'\n'); } +printf("pre-master\n"); +{ int z; for (z=0; zsession->master_key_length; z++) printf("%02X%c",s->session->master_key[z],((z+1)%16)?' ':'\n'); } +#endif + tls1_generate_key_block(s,p1,p2,num); + memset(p2,0,num); + Free(p2); +#ifdef TLS_DEBUG +printf("\nkey block\n"); +{ int z; for (z=0; zwrite_hash != NULL) + n=EVP_MD_size(s->write_hash); + ds=s->enc_write_ctx; + rec= &(s->s3->wrec); + if (s->enc_write_ctx == NULL) + { enc=NULL; comp=NULL; } + else + { + enc=EVP_CIPHER_CTX_cipher(s->enc_write_ctx); + comp=s->write_compression; + } + } + else + { + if (s->read_hash != NULL) + n=EVP_MD_size(s->read_hash); + ds=s->enc_read_ctx; + rec= &(s->s3->rrec); + if (s->enc_read_ctx == NULL) + { enc=NULL; comp=NULL; } + else + { + enc=EVP_CIPHER_CTX_cipher(s->enc_read_ctx); + comp=s->read_compression; + } + } + + if ((s->session == NULL) || (ds == NULL) || + ((enc == NULL) && (comp == NULL))) + { + memcpy(rec->data,rec->input,rec->length); + rec->input=rec->data; + } + else + { + l=rec->length; + bs=EVP_CIPHER_block_size(ds->cipher); + + if ((bs != 1) && send) + { + i=bs-((int)l%bs); + + /* Add weird padding of upto 256 bytes */ + + /* we need to add 'i' padding bytes of value j */ + j=i-1; + if (s->options & SSL_OP_TLS_BLOCK_PADDING_BUG) + { + if (s->s3->flags & TLS1_FLAGS_TLS_PADDING_BUG) + j++; + } + for (k=(int)l; k<(int)(l+i); k++) + rec->input[k]=j; + l+=i; + rec->length+=i; + } + + EVP_Cipher(ds,rec->data,rec->input,l); + + if ((bs != 1) && !send) + { + ii=i=rec->data[l-1]; + i++; + if (s->options&SSL_OP_TLS_BLOCK_PADDING_BUG) + { + /* First packet is even in size, so check */ + if ((memcmp(s->s3->read_sequence, + "\0\0\0\0\0\0\0\0",8) == 0) && !(ii & 1)) + s->s3->flags|=TLS1_FLAGS_TLS_PADDING_BUG; + if (s->s3->flags & TLS1_FLAGS_TLS_PADDING_BUG) + i--; + } + if (i > (int)rec->length) + { + SSLerr(SSL_F_TLS1_ENC,SSL_R_BLOCK_CIPHER_PAD_IS_WRONG); + ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_DECRYPTION_FAILED); + return(0); + } + for (j=(int)(l-i); j<(int)l; j++) + { + if (rec->data[j] != ii) + { + SSLerr(SSL_F_TLS1_ENC,SSL_R_DECRYPTION_FAILED); + ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_DECRYPTION_FAILED); + return(0); + } + } + rec->length-=i; + } + } + return(1); + } + +int tls1_cert_verify_mac(s,in_ctx,out) +SSL *s; +EVP_MD_CTX *in_ctx; +unsigned char *out; + { + unsigned int ret; + EVP_MD_CTX ctx; + + memcpy(&ctx,in_ctx,sizeof(EVP_MD_CTX)); + EVP_DigestFinal(&ctx,out,&ret); + return((int)ret); + } + +int tls1_final_finish_mac(s,in1_ctx,in2_ctx,str,slen,out) +SSL *s; +EVP_MD_CTX *in1_ctx,*in2_ctx; +unsigned char *str; +int slen; +unsigned char *out; + { + unsigned int i; + EVP_MD_CTX ctx; + unsigned char buf[TLS_MD_MAX_CONST_SIZE+MD5_DIGEST_LENGTH+SHA_DIGEST_LENGTH]; + unsigned char *q,buf2[12]; + + q=buf; + memcpy(q,str,slen); + q+=slen; + + memcpy(&ctx,in1_ctx,sizeof(EVP_MD_CTX)); + EVP_DigestFinal(&ctx,q,&i); + q+=i; + memcpy(&ctx,in2_ctx,sizeof(EVP_MD_CTX)); + EVP_DigestFinal(&ctx,q,&i); + q+=i; + + tls1_PRF(s->ctx->md5,s->ctx->sha1,buf,q-buf, + s->session->master_key,s->session->master_key_length, + out,buf2,12); + memset(&ctx,0,sizeof(EVP_MD_CTX)); + + return((int)12); + } + +int tls1_mac(ssl,md,send) +SSL *ssl; +unsigned char *md; +int send; + { + SSL3_RECORD *rec; + unsigned char *mac_sec,*seq; + EVP_MD *hash; + unsigned int md_size; + int i; + HMAC_CTX hmac; + unsigned char buf[5]; + + if (send) + { + rec= &(ssl->s3->wrec); + mac_sec= &(ssl->s3->write_mac_secret[0]); + seq= &(ssl->s3->write_sequence[0]); + hash=ssl->write_hash; + } + else + { + rec= &(ssl->s3->rrec); + mac_sec= &(ssl->s3->read_mac_secret[0]); + seq= &(ssl->s3->read_sequence[0]); + hash=ssl->read_hash; + } + + md_size=EVP_MD_size(hash); + + buf[0]=rec->type; + buf[1]=TLS1_VERSION_MAJOR; + buf[2]=TLS1_VERSION_MINOR; + buf[3]=rec->length>>8; + buf[4]=rec->length&0xff; + + /* I should fix this up TLS TLS TLS TLS TLS XXXXXXXX */ + HMAC_Init(&hmac,mac_sec,EVP_MD_size(hash),hash); + HMAC_Update(&hmac,seq,8); + HMAC_Update(&hmac,buf,5); + HMAC_Update(&hmac,rec->input,rec->length); + HMAC_Final(&hmac,md,&md_size); + +#ifdef TLS_DEBUG +printf("sec="); +{int z; for (z=0; z=0; i--) + if (++seq[i]) break; + +#ifdef TLS_DEBUG +{int z; for (z=0; zs3->client_random,SSL3_RANDOM_SIZE); + memcpy(&(buf[SSL3_RANDOM_SIZE+TLS_MD_MASTER_SECRET_CONST_SIZE]), + s->s3->server_random,SSL3_RANDOM_SIZE); + tls1_PRF(s->ctx->md5,s->ctx->sha1, + buf,TLS_MD_MASTER_SECRET_CONST_SIZE+SSL3_RANDOM_SIZE*2,p,len, + s->session->master_key,buff,SSL3_MASTER_SECRET_SIZE); + return(SSL3_MASTER_SECRET_SIZE); + } + +int tls1_alert_code(code) +int code; + { + switch (code) + { + case SSL_AD_CLOSE_NOTIFY: return(SSL3_AD_CLOSE_NOTIFY); + case SSL_AD_UNEXPECTED_MESSAGE: return(SSL3_AD_UNEXPECTED_MESSAGE); + case SSL_AD_BAD_RECORD_MAC: return(SSL3_AD_BAD_RECORD_MAC); + case SSL_AD_DECRYPTION_FAILED: return(TLS1_AD_DECRYPTION_FAILED); + case SSL_AD_RECORD_OVERFLOW: return(TLS1_AD_RECORD_OVERFLOW); + case SSL_AD_DECOMPRESSION_FAILURE:return(SSL3_AD_DECOMPRESSION_FAILURE); + case SSL_AD_HANDSHAKE_FAILURE: return(SSL3_AD_HANDSHAKE_FAILURE); + case SSL_AD_NO_CERTIFICATE: return(-1); + case SSL_AD_BAD_CERTIFICATE: return(SSL3_AD_BAD_CERTIFICATE); + case SSL_AD_UNSUPPORTED_CERTIFICATE:return(SSL3_AD_UNSUPPORTED_CERTIFICATE); + case SSL_AD_CERTIFICATE_REVOKED:return(SSL3_AD_CERTIFICATE_REVOKED); + case SSL_AD_CERTIFICATE_EXPIRED:return(SSL3_AD_CERTIFICATE_EXPIRED); + case SSL_AD_CERTIFICATE_UNKNOWN:return(SSL3_AD_CERTIFICATE_UNKNOWN); + case SSL_AD_ILLEGAL_PARAMETER: return(SSL3_AD_ILLEGAL_PARAMETER); + case SSL_AD_UNKNOWN_CA: return(TLS1_AD_UNKNOWN_CA); + case SSL_AD_ACCESS_DENIED: return(TLS1_AD_ACCESS_DENIED); + case SSL_AD_DECODE_ERROR: return(TLS1_AD_DECODE_ERROR); + case SSL_AD_DECRYPT_ERROR: return(TLS1_AD_DECRYPT_ERROR); + case SSL_AD_EXPORT_RESTRICION: return(TLS1_AD_EXPORT_RESTRICION); + case SSL_AD_PROTOCOL_VERSION: return(TLS1_AD_PROTOCOL_VERSION); + case SSL_AD_INSUFFICIENT_SECURITY:return(TLS1_AD_INSUFFICIENT_SECURITY); + case SSL_AD_INTERNAL_ERROR: return(TLS1_AD_INTERNAL_ERROR); + case SSL_AD_USER_CANCLED: return(TLS1_AD_USER_CANCLED); + case SSL_AD_NO_RENEGOTIATION: return(TLS1_AD_NO_RENEGOTIATION); + default: return(-1); + } + } + diff --git a/src/lib/libssl/t1_lib.c b/src/lib/libssl/t1_lib.c new file mode 100644 index 0000000000..f9fbfa414c --- /dev/null +++ b/src/lib/libssl/t1_lib.c @@ -0,0 +1,151 @@ +/* ssl/t1_lib.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include +#include "objects.h" +#include "ssl_locl.h" + +char *tls1_version_str="TLSv1 part of SSLeay 0.9.0b 29-Jun-1998"; + +#ifndef NO_PROTO +static long tls1_default_timeout(void); +#else +static long tls1_default_timeout(); +#endif + +static SSL3_ENC_METHOD TLSv1_enc_data={ + tls1_enc, + tls1_mac, + tls1_setup_key_block, + tls1_generate_master_secret, + tls1_change_cipher_state, + tls1_final_finish_mac, + TLS1_FINISH_MAC_LENGTH, + tls1_cert_verify_mac, + TLS_MD_CLIENT_FINISH_CONST,TLS_MD_CLIENT_FINISH_CONST_SIZE, + TLS_MD_SERVER_FINISH_CONST,TLS_MD_SERVER_FINISH_CONST_SIZE, + tls1_alert_code, + }; + +static SSL_METHOD TLSv1_data= { + TLS1_VERSION, + tls1_new, + tls1_clear, + tls1_free, + ssl_undefined_function, + ssl_undefined_function, + ssl3_read, + ssl3_peek, + ssl3_write, + ssl3_shutdown, + ssl3_renegotiate, + ssl3_ctrl, + ssl3_ctx_ctrl, + ssl3_get_cipher_by_char, + ssl3_put_cipher_by_char, + ssl3_pending, + ssl3_num_ciphers, + ssl3_get_cipher, + ssl_bad_method, + tls1_default_timeout, + &TLSv1_enc_data, + }; + +static long tls1_default_timeout() + { + /* 2 hours, the 24 hours mentioned in the TLSv1 spec + * is way too long for http, the cache would over fill */ + return(60*60*2); + } + +SSL_METHOD *tlsv1_base_method() + { + return(&TLSv1_data); + } + +int tls1_new(s) +SSL *s; + { + if (!ssl3_new(s)) return(0); + s->method->ssl_clear(s); + return(1); + } + +void tls1_free(s) +SSL *s; + { + ssl3_free(s); + } + +void tls1_clear(s) +SSL *s; + { + ssl3_clear(s); + s->version=TLS1_VERSION; + } + +#if 0 +long tls1_ctrl(s,cmd,larg,parg) +SSL *s; +int cmd; +long larg; +char *parg; + { + return(0); + } +#endif diff --git a/src/lib/libssl/t1_meth.c b/src/lib/libssl/t1_meth.c new file mode 100644 index 0000000000..512c2078e7 --- /dev/null +++ b/src/lib/libssl/t1_meth.c @@ -0,0 +1,88 @@ +/* ssl/t1_meth.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include +#include "objects.h" +#include "ssl_locl.h" + +static SSL_METHOD *tls1_get_method(ver) +int ver; + { + if (ver == TLS1_VERSION) + return(TLSv1_method()); + else + return(NULL); + } + +SSL_METHOD *TLSv1_method() + { + static int init=1; + static SSL_METHOD TLSv1_data; + + if (init) + { + init=0; + memcpy((char *)&TLSv1_data,(char *)tlsv1_base_method(), + sizeof(SSL_METHOD)); + TLSv1_data.ssl_connect=ssl3_connect; + TLSv1_data.ssl_accept=ssl3_accept; + TLSv1_data.get_ssl_method=tls1_get_method; + } + return(&TLSv1_data); + } + diff --git a/src/lib/libssl/t1_srvr.c b/src/lib/libssl/t1_srvr.c new file mode 100644 index 0000000000..8cf0addcd9 --- /dev/null +++ b/src/lib/libssl/t1_srvr.c @@ -0,0 +1,91 @@ +/* ssl/t1_srvr.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include +#include "buffer.h" +#include "rand.h" +#include "objects.h" +#include "evp.h" +#include "x509.h" +#include "ssl_locl.h" + +static SSL_METHOD *tls1_get_server_method(ver) +int ver; + { + if (ver == TLS1_VERSION) + return(TLSv1_server_method()); + else + return(NULL); + } + +SSL_METHOD *TLSv1_server_method() + { + static int init=1; + static SSL_METHOD TLSv1_server_data; + + if (init) + { + init=0; + memcpy((char *)&TLSv1_server_data,(char *)tlsv1_base_method(), + sizeof(SSL_METHOD)); + TLSv1_server_data.ssl_accept=ssl3_accept; + TLSv1_server_data.get_ssl_method=tls1_get_server_method; + } + return(&TLSv1_server_data); + } + diff --git a/src/lib/libssl/test/CAss.cnf b/src/lib/libssl/test/CAss.cnf new file mode 100644 index 0000000000..b941b7ae15 --- /dev/null +++ b/src/lib/libssl/test/CAss.cnf @@ -0,0 +1,25 @@ +# +# SSLeay example configuration file. +# This is mostly being used for generation of certificate requests. +# + +RANDFILE = ./.rnd + +#################################################################### +[ req ] +default_bits = 512 +default_keyfile = keySS.pem +distinguished_name = req_distinguished_name +encrypt_rsa_key = no +default_md = sha1 + +[ req_distinguished_name ] +countryName = Country Name (2 letter code) +countryName_default = AU +countryName_value = AU + +organizationName = Organization Name (eg, company) +organizationName_value = Dodgy Brothers + +commonName = Common Name (eg, YOUR name) +commonName_value = Dodgy CA diff --git a/src/lib/libssl/test/CAssdh.cnf b/src/lib/libssl/test/CAssdh.cnf new file mode 100644 index 0000000000..4e0a908679 --- /dev/null +++ b/src/lib/libssl/test/CAssdh.cnf @@ -0,0 +1,24 @@ +# +# SSLeay example configuration file. +# This is mostly being used for generation of certificate requests. +# +# hacked by iang to do DH certs - CA + +RANDFILE = ./.rnd + +#################################################################### +[ req ] +distinguished_name = req_distinguished_name +encrypt_rsa_key = no + +[ req_distinguished_name ] +countryName = Country Name (2 letter code) +countryName_default = CU +countryName_value = CU + +organizationName = Organization Name (eg, company) +organizationName_value = La Junta de la Revolucion + +commonName = Common Name (eg, YOUR name) +commonName_value = Junta + diff --git a/src/lib/libssl/test/CAssdsa.cnf b/src/lib/libssl/test/CAssdsa.cnf new file mode 100644 index 0000000000..a6b4d1810c --- /dev/null +++ b/src/lib/libssl/test/CAssdsa.cnf @@ -0,0 +1,23 @@ +# +# SSLeay example configuration file. +# This is mostly being used for generation of certificate requests. +# +# hacked by iang to do DSA certs - CA + +RANDFILE = ./.rnd + +#################################################################### +[ req ] +distinguished_name = req_distinguished_name +encrypt_rsa_key = no + +[ req_distinguished_name ] +countryName = Country Name (2 letter code) +countryName_default = ES +countryName_value = ES + +organizationName = Organization Name (eg, company) +organizationName_value = Hermanos Locos + +commonName = Common Name (eg, YOUR name) +commonName_value = Hermanos Locos CA diff --git a/src/lib/libssl/test/CAssrsa.cnf b/src/lib/libssl/test/CAssrsa.cnf new file mode 100644 index 0000000000..eb24a6dfc0 --- /dev/null +++ b/src/lib/libssl/test/CAssrsa.cnf @@ -0,0 +1,24 @@ +# +# SSLeay example configuration file. +# This is mostly being used for generation of certificate requests. +# +# create RSA certs - CA + +RANDFILE = ./.rnd + +#################################################################### +[ req ] +distinguished_name = req_distinguished_name +encrypt_key = no + +[ req_distinguished_name ] +countryName = Country Name (2 letter code) +countryName_default = ES +countryName_value = ES + +organizationName = Organization Name (eg, company) +organizationName_value = Hermanos Locos + +commonName = Common Name (eg, YOUR name) +commonName_value = Hermanos Locos CA + diff --git a/src/lib/libssl/test/Sssdsa.cnf b/src/lib/libssl/test/Sssdsa.cnf new file mode 100644 index 0000000000..8e170a28ef --- /dev/null +++ b/src/lib/libssl/test/Sssdsa.cnf @@ -0,0 +1,27 @@ +# +# SSLeay example configuration file. +# This is mostly being used for generation of certificate requests. +# +# hacked by iang to do DSA certs - Server + +RANDFILE = ./.rnd + +#################################################################### +[ req ] +distinguished_name = req_distinguished_name +encrypt_rsa_key = no + +[ req_distinguished_name ] +countryName = Country Name (2 letter code) +countryName_default = ES +countryName_value = ES + +organizationName = Organization Name (eg, company) +organizationName_value = Tortilleras S.A. + +0.commonName = Common Name (eg, YOUR name) +0.commonName_value = Torti + +1.commonName = Common Name (eg, YOUR name) +1.commonName_value = Gordita + diff --git a/src/lib/libssl/test/Sssrsa.cnf b/src/lib/libssl/test/Sssrsa.cnf new file mode 100644 index 0000000000..8c79a03fca --- /dev/null +++ b/src/lib/libssl/test/Sssrsa.cnf @@ -0,0 +1,26 @@ +# +# SSLeay example configuration file. +# This is mostly being used for generation of certificate requests. +# +# create RSA certs - Server + +RANDFILE = ./.rnd + +#################################################################### +[ req ] +distinguished_name = req_distinguished_name +encrypt_key = no + +[ req_distinguished_name ] +countryName = Country Name (2 letter code) +countryName_default = ES +countryName_value = ES + +organizationName = Organization Name (eg, company) +organizationName_value = Tortilleras S.A. + +0.commonName = Common Name (eg, YOUR name) +0.commonName_value = Torti + +1.commonName = Common Name (eg, YOUR name) +1.commonName_value = Gordita diff --git a/src/lib/libssl/test/Uss.cnf b/src/lib/libssl/test/Uss.cnf new file mode 100644 index 0000000000..c89692d519 --- /dev/null +++ b/src/lib/libssl/test/Uss.cnf @@ -0,0 +1,28 @@ +# +# SSLeay example configuration file. +# This is mostly being used for generation of certificate requests. +# + +RANDFILE = ./.rnd + +#################################################################### +[ req ] +default_bits = 512 +default_keyfile = keySS.pem +distinguished_name = req_distinguished_name +encrypt_rsa_key = no +default_md = md2 + +[ req_distinguished_name ] +countryName = Country Name (2 letter code) +countryName_default = AU +countryName_value = AU + +organizationName = Organization Name (eg, company) +organizationName_value = Dodgy Brothers + +0.commonName = Common Name (eg, YOUR name) +0.commonName_value = Brother 1 + +1.commonName = Common Name (eg, YOUR name) +1.commonName_value = Brother 2 diff --git a/src/lib/libssl/test/methtest.c b/src/lib/libssl/test/methtest.c new file mode 100644 index 0000000000..630d29dc91 --- /dev/null +++ b/src/lib/libssl/test/methtest.c @@ -0,0 +1,105 @@ +/* test/methtest.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include +#include +#include "rsa.h" +#include "x509.h" +#include "meth.h" +#include "err.h" + +int main(argc,argv) +int argc; +char *argv[]; + { + METHOD_CTX *top,*tmp1,*tmp2; + + top=METH_new(x509_lookup()); /* get a top level context */ + if (top == NULL) goto err; + + tmp1=METH_new(x509_by_file()); + if (top == NULL) goto err; + METH_arg(tmp1,METH_TYPE_FILE,"cafile1"); + METH_arg(tmp1,METH_TYPE_FILE,"cafile2"); + METH_push(top,METH_X509_CA_BY_SUBJECT,tmp1); + + tmp2=METH_new(x509_by_dir()); + METH_arg(tmp2,METH_TYPE_DIR,"/home/eay/.CAcerts"); + METH_arg(tmp2,METH_TYPE_DIR,"/home/eay/SSLeay/certs"); + METH_arg(tmp2,METH_TYPE_DIR,"/usr/local/ssl/certs"); + METH_push(top,METH_X509_CA_BY_SUBJECT,tmp2); + +/* tmp=METH_new(x509_by_issuer_dir); + METH_arg(tmp,METH_TYPE_DIR,"/home/eay/.mycerts"); + METH_push(top,METH_X509_BY_ISSUER,tmp); + + tmp=METH_new(x509_by_issuer_primary); + METH_arg(tmp,METH_TYPE_FILE,"/home/eay/.mycerts/primary.pem"); + METH_push(top,METH_X509_BY_ISSUER,tmp); +*/ + + METH_init(top); + METH_control(tmp1,METH_CONTROL_DUMP,stdout); + METH_control(tmp2,METH_CONTROL_DUMP,stdout); + exit(0); +err: + ERR_load_crypto_strings(); + ERR_print_errors_fp(stderr); + exit(1); + return(0); + } diff --git a/src/lib/libssl/test/pkcs7-1.pem b/src/lib/libssl/test/pkcs7-1.pem new file mode 100644 index 0000000000..c47b27af88 --- /dev/null +++ b/src/lib/libssl/test/pkcs7-1.pem @@ -0,0 +1,15 @@ +-----BEGIN PKCS7----- +MIICUAYJKoZIhvcNAQcCoIICQTCCAj0CAQExDjAMBggqhkiG9w0CAgUAMCgGCSqG +SIb3DQEHAaAbBBlFdmVyeW9uZSBnZXRzIEZyaWRheSBvZmYuoIIBXjCCAVowggEE +AgQUAAApMA0GCSqGSIb3DQEBAgUAMCwxCzAJBgNVBAYTAlVTMR0wGwYDVQQKExRF +eGFtcGxlIE9yZ2FuaXphdGlvbjAeFw05MjA5MDkyMjE4MDZaFw05NDA5MDkyMjE4 +MDVaMEIxCzAJBgNVBAYTAlVTMR0wGwYDVQQKExRFeGFtcGxlIE9yZ2FuaXphdGlv +bjEUMBIGA1UEAxMLVGVzdCBVc2VyIDEwWzANBgkqhkiG9w0BAQEFAANKADBHAkAK +ZnkdxpiBaN56t3QZu3+wwAHGJxAnAHUUKULhmo2MUdBTs+N4Kh3l3Fr06+mUaBcB +FKHf5nzcmpr1XWVWILurAgMBAAEwDQYJKoZIhvcNAQECBQADQQBFGqHhqncgSl/N +9XYGnQL3MsJvNnsNV4puZPOakR9Hld8JlDQFEaDR30ogsmp3TMrvdfxpLlTCoZN8 +BxEmnZsWMYGbMIGYAgEBMDQwLDELMAkGA1UEBhMCVVMxHTAbBgNVBAoTFEV4YW1w +bGUgT3JnYW5pemF0aW9uAgQUAAApMAwGCCqGSIb3DQICBQAwDQYJKoZIhvcNAQEB +BQAEQAX6aoEvx9+L9PJUJQngPoRuEbnGIL4gCe+0QO+8xmkhaZSsBPNBtX0FIC1C +j7Kie1x339mxW/w9VZNTUDQQweHh +-----END PKCS7----- diff --git a/src/lib/libssl/test/pkcs7.pem b/src/lib/libssl/test/pkcs7.pem new file mode 100644 index 0000000000..d55c60b94e --- /dev/null +++ b/src/lib/libssl/test/pkcs7.pem @@ -0,0 +1,54 @@ + MIAGCSqGSIb3DQEHAqCAMIACAQExADCABgkqhkiG9w0BBwEAAKCAMIIE+DCCBGGg + AwIBAgIQaGSF/JpbS1C223+yrc+N1DANBgkqhkiG9w0BAQQFADBiMREwDwYDVQQH + EwhJbnRlcm5ldDEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xNDAyBgNVBAsTK1Zl + cmlTaWduIENsYXNzIDEgQ0EgLSBJbmRpdmlkdWFsIFN1YnNjcmliZXIwHhcNOTYw + ODEyMDAwMDAwWhcNOTYwODE3MjM1OTU5WjCCASAxETAPBgNVBAcTCEludGVybmV0 + MRcwFQYDVQQKEw5WZXJpU2lnbiwgSW5jLjE0MDIGA1UECxMrVmVyaVNpZ24gQ2xh + c3MgMSBDQSAtIEluZGl2aWR1YWwgU3Vic2NyaWJlcjE3MDUGA1UECxMuRGlnaXRh + bCBJRCBDbGFzcyAxIC0gU01JTUUgVmVyaVNpZ24sIEluYy4gVEVTVDFGMEQGA1UE + CxM9d3d3LnZlcmlzaWduLmNvbS9yZXBvc2l0b3J5L0NQUyBJbmNvcnAuIGJ5IFJl + Zi4sTElBQi5MVEQoYyk5NjEZMBcGA1UEAxMQQWxleGFuZHJlIERlYWNvbjEgMB4G + CSqGSIb3DQEJARYRYWxleEB2ZXJpc2lnbi5jb20wWzANBgkqhkiG9w0BAQEFAANK + ADBHAkAOy7xxCAIkOfuIA2LyRpxgKlDORl8htdXYhF5iBGUx1GYaK6KF+bK/CCI0 + l4j2OfWGFBUrwGoWqxTNcWgTfMzRAgMBAAGjggIyMIICLjAJBgNVHRMEAjAAMIIC + HwYDVR0DBIICFjCCAhIwggIOMIICCgYLYIZIAYb4RQEHAQEwggH5FoIBp1RoaXMg + Y2VydGlmaWNhdGUgaW5jb3Jwb3JhdGVzIGJ5IHJlZmVyZW5jZSwgYW5kIGl0cyB1 + c2UgaXMgc3RyaWN0bHkgc3ViamVjdCB0bywgdGhlIFZlcmlTaWduIENlcnRpZmlj + YXRpb24gUHJhY3RpY2UgU3RhdGVtZW50IChDUFMpLCBhdmFpbGFibGUgYXQ6IGh0 + dHBzOi8vd3d3LnZlcmlzaWduLmNvbS9DUFM7IGJ5IEUtbWFpbCBhdCBDUFMtcmVx + dWVzdHNAdmVyaXNpZ24uY29tOyBvciBieSBtYWlsIGF0IFZlcmlTaWduLCBJbmMu + LCAyNTkzIENvYXN0IEF2ZS4sIE1vdW50YWluIFZpZXcsIENBIDk0MDQzIFVTQSBU + ZWwuICsxICg0MTUpIDk2MS04ODMwIENvcHlyaWdodCAoYykgMTk5NiBWZXJpU2ln + biwgSW5jLiAgQWxsIFJpZ2h0cyBSZXNlcnZlZC4gQ0VSVEFJTiBXQVJSQU5USUVT + IERJU0NMQUlNRUQgYW5kIExJQUJJTElUWSBMSU1JVEVELqAOBgxghkgBhvhFAQcB + AQGhDgYMYIZIAYb4RQEHAQECMCwwKhYoaHR0cHM6Ly93d3cudmVyaXNpZ24uY29t + L3JlcG9zaXRvcnkvQ1BTIDANBgkqhkiG9w0BAQQFAAOBgQAimWMGQwwwxk+b3KAL + HlSWXtU7LWHe29CEG8XeVNTvrqs6SBqT7OoENOkGxpfdpVgZ3Qw2SKjxDvbvpfSF + slsqcxWSgB/hWuaVuZCkvTw/dYGGOxkTJGxvDCfl1PZjX4dKbatslsi9Z9HpGWT7 + ttItRwKqcBKgmCJvKi1pGWED0zCCAnkwggHioAMCAQICEDURpVKQb+fQKaRAGdQR + /D4wDQYJKoZIhvcNAQECBQAwXzELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlT + aWduLCBJbmMuMTcwNQYDVQQLEy5DbGFzcyAxIFB1YmxpYyBQcmltYXJ5IENlcnRp + ZmljYXRpb24gQXV0aG9yaXR5MB4XDTk2MDYyNzAwMDAwMFoXDTk3MDYyNzIzNTk1 + OVowYjERMA8GA1UEBxMISW50ZXJuZXQxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMu + MTQwMgYDVQQLEytWZXJpU2lnbiBDbGFzcyAxIENBIC0gSW5kaXZpZHVhbCBTdWJz + Y3JpYmVyMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC2FKbPTdAFDdjKI9Bv + qrQpkmOOLPhvltcunXZLEbE2jVfJw/0cxrr+Hgi6M8qV6r7jW80GqLd5HUQq7XPy + sVKDaBBwZJHXPmv5912dFEObbpdFmIFH0S3L3bty10w/cariQPJUObwW7s987Lrb + P2wqsxaxhhKdrpM01bjV0Pc+qQIDAQABozMwMTAPBgNVHRMECDAGAQH/AgEBMAsG + A1UdDwQEAwIBBjARBglghkgBhvhCAQEEBAMCAgQwDQYJKoZIhvcNAQECBQADgYEA + KeXHoBmnbxRCgk0jM9e9mDppdxpsipIna/J8DOHEUuD4nONAr4+xOg73SBl026n7 + Bk55A2wvAMGo7+kKTZ+rHaFDDcmq4O+rzFri2RIOeGAncj1IcGptAQhvXoIhFMG4 + Jlzg1KlHZHqy7D3jex78zcSU7kKOu8f5tAX1jC3+sToAAKGAMIIBJzCBkTANBgkq + hkiG9w0BAQIFADBiMREwDwYDVQQHEwhJbnRlcm5ldDEXMBUGA1UEChMOVmVyaVNp + Z24sIEluYy4xNDAyBgNVBAsTK1ZlcmlTaWduIENsYXNzIDEgQ0EgLSBJbmRpdmlk + dWFsIFN1YnNjcmliZXIXDTk2MDcwMTE3MzA0MFoXDTk3MDcwMTAwMDAwMFowDQYJ + KoZIhvcNAQECBQADgYEAGLuQ6PX8A7AiqBEtWzYtl6lZNSDI0bR5YUo+D2Jzkw30 + dxQnJSbKXEc6XYuzAW5HvrzATXu5c19WWPT4cRDwmjH71i9QcDysWwf/wE0qGTiW + I3tQT0I5VGh7jIJD07nlBw3R4Xl8dH9kr85JsWinqDH5YKpIo9o8knY5n7+qjOow + ggEkMIGOMA0GCSqGSIb3DQEBAgUAMF8xCzAJBgNVBAYTAlVTMRcwFQYDVQQKEw5W + ZXJpU2lnbiwgSW5jLjE3MDUGA1UECxMuQ2xhc3MgMSBQdWJsaWMgUHJpbWFyeSBD + ZXJ0aWZpY2F0aW9uIEF1dGhvcml0eRcNOTYwNzE2MjMxMTI5WhcNOTYwODE1MDAw + MDAwWjANBgkqhkiG9w0BAQIFAAOBgQAXsLE4vnsY6sY67QrmWec7iaU2ehzxanEK + /9wKHZNuhlNzk+qGZZw2evxfUe2OaRbYpl8zuZvhK9BHD3ad14OSe9/zx5hOPgP/ + DQXt6R4R8Q/1JheBrolrgbavjvI2wKS8/Psp2prBrkF4T48+AKRmS8Zzh1guxgvP + b+xSu/jH0gAAMYAAAAAAAAAAAA== diff --git a/src/lib/libssl/test/r160test.c b/src/lib/libssl/test/r160test.c new file mode 100644 index 0000000000..a172e393ca --- /dev/null +++ b/src/lib/libssl/test/r160test.c @@ -0,0 +1,57 @@ +/* test/r160test.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ diff --git a/src/lib/libssl/test/tcrl b/src/lib/libssl/test/tcrl new file mode 100644 index 0000000000..859fba452f --- /dev/null +++ b/src/lib/libssl/test/tcrl @@ -0,0 +1,81 @@ +#!/bin/sh + +PATH=../apps:$PATH +export PATH + +cmd='../apps/ssleay crl' + +if [ "$1"x != "x" ]; then + t=$1 +else + t=testcrl.pem +fi + +echo testing crl conversions +cp $t fff.p + +echo "p -> d" +$cmd -in fff.p -inform p -outform d >f.d +if [ $? != 0 ]; then exit 1; fi +#echo "p -> t" +#$cmd -in fff.p -inform p -outform t >f.t +#if [ $? != 0 ]; then exit 1; fi +echo "p -> p" +$cmd -in fff.p -inform p -outform p >f.p +if [ $? != 0 ]; then exit 1; fi + +echo "d -> d" +$cmd -in f.d -inform d -outform d >ff.d1 +if [ $? != 0 ]; then exit 1; fi +#echo "t -> d" +#$cmd -in f.t -inform t -outform d >ff.d2 +#if [ $? != 0 ]; then exit 1; fi +echo "p -> d" +$cmd -in f.p -inform p -outform d >ff.d3 +if [ $? != 0 ]; then exit 1; fi + +#echo "d -> t" +#$cmd -in f.d -inform d -outform t >ff.t1 +#if [ $? != 0 ]; then exit 1; fi +#echo "t -> t" +#$cmd -in f.t -inform t -outform t >ff.t2 +#if [ $? != 0 ]; then exit 1; fi +#echo "p -> t" +#$cmd -in f.p -inform p -outform t >ff.t3 +#if [ $? != 0 ]; then exit 1; fi + +echo "d -> p" +$cmd -in f.d -inform d -outform p >ff.p1 +if [ $? != 0 ]; then exit 1; fi +#echo "t -> p" +#$cmd -in f.t -inform t -outform p >ff.p2 +#if [ $? != 0 ]; then exit 1; fi +echo "p -> p" +$cmd -in f.p -inform p -outform p >ff.p3 +if [ $? != 0 ]; then exit 1; fi + +cmp fff.p f.p +if [ $? != 0 ]; then exit 1; fi +cmp fff.p ff.p1 +if [ $? != 0 ]; then exit 1; fi +#cmp fff.p ff.p2 +#if [ $? != 0 ]; then exit 1; fi +cmp fff.p ff.p3 +if [ $? != 0 ]; then exit 1; fi + +#cmp f.t ff.t1 +#if [ $? != 0 ]; then exit 1; fi +#cmp f.t ff.t2 +#if [ $? != 0 ]; then exit 1; fi +#cmp f.t ff.t3 +#if [ $? != 0 ]; then exit 1; fi + +cmp f.p ff.p1 +if [ $? != 0 ]; then exit 1; fi +#cmp f.p ff.p2 +#if [ $? != 0 ]; then exit 1; fi +cmp f.p ff.p3 +if [ $? != 0 ]; then exit 1; fi + +/bin/rm -f f.* ff.* fff.* +exit 0 diff --git a/src/lib/libssl/test/test.cnf b/src/lib/libssl/test/test.cnf new file mode 100644 index 0000000000..faad3914a8 --- /dev/null +++ b/src/lib/libssl/test/test.cnf @@ -0,0 +1,88 @@ +# +# SSLeay example configuration file. +# This is mostly being used for generation of certificate requests. +# + +RANDFILE = ./.rnd + +#################################################################### +[ ca ] +default_ca = CA_default # The default ca section + +#################################################################### +[ CA_default ] + +dir = ./demoCA # Where everything is kept +certs = $dir/certs # Where the issued certs are kept +crl_dir = $dir/crl # Where the issued crl are kept +database = $dir/index.txt # database index file. +new_certs_dir = $dir/new_certs # default place for new certs. + +certificate = $dir/CAcert.pem # The CA certificate +serial = $dir/serial # The current serial number +crl = $dir/crl.pem # The current CRL +private_key = $dir/private/CAkey.pem# The private key +RANDFILE = $dir/private/.rand # private random number file + +default_days = 365 # how long to certify for +default_crl_days= 30 # how long before next CRL +default_md = md5 # which md to use. + +# A few difference way of specifying how similar the request should look +# For type CA, the listed attributes must be the same, and the optional +# and supplied fields are just that :-) +policy = policy_match + +# For the CA policy +[ policy_match ] +countryName = match +stateOrProvinceName = match +organizationName = match +organizationalUnitName = optional +commonName = supplied +emailAddress = optional + +# For the 'anything' policy +# At this point in time, you must list all acceptable 'object' +# types. +[ policy_anything ] +countryName = optional +stateOrProvinceName = optional +localityName = optional +organizationName = optional +organizationalUnitName = optional +commonName = supplied +emailAddress = optional + +#################################################################### +[ req ] +default_bits = 512 +default_keyfile = testkey.pem +distinguished_name = req_distinguished_name +encrypt_rsa_key = no + +[ req_distinguished_name ] +countryName = Country Name (2 letter code) +countryName_default = AU +countryName_value = AU + +stateOrProvinceName = State or Province Name (full name) +stateOrProvinceName_default = Queensland +stateOrProvinceName_value = + +localityName = Locality Name (eg, city) +localityName_value = Brisbane + +organizationName = Organization Name (eg, company) +organizationName_default = +organizationName_value = CryptSoft Pty Ltd + +organizationalUnitName = Organizational Unit Name (eg, section) +organizationalUnitName_default = +organizationalUnitName_value = . + +commonName = Common Name (eg, YOUR name) +commonName_value = Eric Young + +emailAddress = Email Address +emailAddress_value = eay@mincom.oz.au diff --git a/src/lib/libssl/test/testca b/src/lib/libssl/test/testca new file mode 100644 index 0000000000..a28402f9ca --- /dev/null +++ b/src/lib/libssl/test/testca @@ -0,0 +1,44 @@ +#!/bin/sh + +SH="/bin/sh" +PATH=../apps:$PATH +export SH PATH + +SSLEAY_CONFIG="-config CAss.cnf" +export SSLEAY_CONFIG + +/bin/rm -fr demoCA +$SH ../apps/CA.sh -newca <$test; + +echo cat +$cmd enc < $test > $test.cipher +$cmd enc < $test.cipher >$test.clear +cmp $test $test.clear +if [ $? != 0 ] +then + exit 1 +else + /bin/rm $test.cipher $test.clear +fi +echo base64 +$cmd enc -a -e < $test > $test.cipher +$cmd enc -a -d < $test.cipher >$test.clear +cmp $test $test.clear +if [ $? != 0 ] +then + exit 1 +else + /bin/rm $test.cipher $test.clear +fi + +for i in rc4 \ + des-cfb des-ede-cfb des-ede3-cfb \ + des-ofb des-ede-ofb des-ede3-ofb \ + des-ecb des-ede des-ede3 desx \ + des-cbc des-ede-cbc des-ede3-cbc \ + idea-ecb idea-cfb idea-ofb idea-cbc \ + rc2-ecb rc2-cfb rc2-ofb rc2-cbc \ + bf-ecb bf-cfb bf-ofb bf-cbc rc4 \ + cast5-ecb cast5-cfb cast5-ofb cast5-cbc +do + echo $i + $cmd $i -bufsize 113 -e -k test < $test > $test.$i.cipher + $cmd $i -bufsize 157 -d -k test < $test.$i.cipher >$test.$i.clear + cmp $test $test.$i.clear + if [ $? != 0 ] + then + exit 1 + else + /bin/rm $test.$i.cipher $test.$i.clear + fi + + echo $i base64 + $cmd $i -bufsize 113 -a -e -k test < $test > $test.$i.cipher + $cmd $i -bufsize 157 -a -d -k test < $test.$i.cipher >$test.$i.clear + cmp $test $test.$i.clear + if [ $? != 0 ] + then + exit 1 + else + /bin/rm $test.$i.cipher $test.$i.clear + fi +done +rm -f $test diff --git a/src/lib/libssl/test/testgen b/src/lib/libssl/test/testgen new file mode 100644 index 0000000000..12a4ca4cea --- /dev/null +++ b/src/lib/libssl/test/testgen @@ -0,0 +1,30 @@ +#!/bin/sh + +T=testcert +KEY=512 +CA=../certs/testca.pem + +/bin/rm -f $T.1 $T.2 $T.key + +PATH=../apps:$PATH; +export PATH + +echo "generating certificate request" + +echo "There should be a 2 sequences of .'s and some +'s." +echo "There should not be more that at most 80 per line" +echo "This could take some time." + +../apps/ssleay req -config test.cnf -new -out testreq.pem +if [ $? != 0 ]; then +echo problems creating request +exit 1 +fi + +../apps/ssleay req -verify -in testreq.pem -noout +if [ $? != 0 ]; then +echo signature on req is wrong +exit 1 +fi + +exit 0 diff --git a/src/lib/libssl/test/testp7.pem b/src/lib/libssl/test/testp7.pem new file mode 100644 index 0000000000..b3b6dba830 --- /dev/null +++ b/src/lib/libssl/test/testp7.pem @@ -0,0 +1,46 @@ +-----BEGIN PKCS7----- +MIAGCSqGSIb3DQEHAqCAMIIIBwIBATEAMIAGCSqGSIb3DQEHAQAAoIIGPDCCBHIw +ggQcoAMCAQICEHkvjiX1iVGQMenF9HgIjI8wDQYJKoZIhvcNAQEEBQAwYjERMA8G +A1UEBxMISW50ZXJuZXQxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMTQwMgYDVQQL +EytWZXJpU2lnbiBDbGFzcyAxIENBIC0gSW5kaXZpZHVhbCBTdWJzY3JpYmVyMB4X +DTk2MDcxOTAwMDAwMFoXDTk3MDMzMDIzNTk1OVowgdUxETAPBgNVBAcTCEludGVy +bmV0MRcwFQYDVQQKEw5WZXJpU2lnbiwgSW5jLjE0MDIGA1UECxMrVmVyaVNpZ24g +Q2xhc3MgMSBDQSAtIEluZGl2aWR1YWwgU3Vic2NyaWJlcjEoMCYGA1UECxMfRGln +aXRhbCBJRCBDbGFzcyAxIC0gU01JTUUgVGVzdDFHMEUGA1UECxM+d3d3LnZlcmlz +aWduLmNvbS9yZXBvc2l0b3J5L0NQUy0xLjAgSW5jLiBieSBSZWYuLExJQUIuTFRE +KGMpOTYwWzANBgkqhkiG9w0BAQEFAANKADBHAkAOy7xxCAIkOfuIA2LyRpxgKlDO +Rl8htdXYhF5iBGUx1GYaK6KF+bK/CCI0l4j2OfWGFBUrwGoWqxTNcWgTfMzRAgMB +AAGjggI5MIICNTAJBgNVHRMEAjAAMIICJgYDVR0DBIICHTCCAhkwggIVMIICEQYL +YIZIAYb4RQEHAQEwggIAFoIBq1RoaXMgY2VydGlmaWNhdGUgaW5jb3Jwb3JhdGVz +IGJ5IHJlZmVyZW5jZSwgYW5kIGl0cyB1c2UgaXMgc3RyaWN0bHkgc3ViamVjdCB0 +bywgdGhlIFZlcmlTaWduIENlcnRpZmljYXRpb24gUHJhY3RpY2UgU3RhdGVtZW50 +IChDUFMpLCBhdmFpbGFibGUgYXQ6IGh0dHBzOi8vd3d3LnZlcmlzaWduLmNvbS9D +UFMtMS4wOyBieSBFLW1haWwgYXQgQ1BTLXJlcXVlc3RzQHZlcmlzaWduLmNvbTsg +b3IgYnkgbWFpbCBhdCBWZXJpU2lnbiwgSW5jLiwgMjU5MyBDb2FzdCBBdmUuLCBN +b3VudGFpbiBWaWV3LCBDQSA5NDA0MyBVU0EgVGVsLiArMSAoNDE1KSA5NjEtODgz +MCBDb3B5cmlnaHQgKGMpIDE5OTYgVmVyaVNpZ24sIEluYy4gIEFsbCBSaWdodHMg +UmVzZXJ2ZWQuIENFUlRBSU4gV0FSUkFOVElFUyBESVNDTEFJTUVEIGFuZCBMSUFC +SUxJVFkgTElNSVRFRC6gDgYMYIZIAYb4RQEHAQEBoQ4GDGCGSAGG+EUBBwEBAjAv +MC0WK2h0dHBzOi8vd3d3LnZlcmlzaWduLmNvbS9yZXBvc2l0b3J5L0NQUy0xLgMw +DQYJKoZIhvcNAQEEBQADQQDAmA7km/3iJWEsWN9Z2WU2gmZAknx45WnDKHxMa3Bf +gNsh6BLk/ngkJKjNKTDR13XVHqEPUY1flbjATZputw1GMIIBwjCCAWygAwIBAgIQ +fAmE6tW5ERSQWDneu3KfSTANBgkqhkiG9w0BAQIFADA+MQswCQYDVQQGEwJVUzEX +MBUGA1UEChMOVmVyaVNpZ24sIEluYy4xFjAUBgNVBAsTDVRFU1QgUm9vdCBQQ0Ew +HhcNOTYwNzE3MDAwMDAwWhcNOTcwNzE3MjM1OTU5WjBiMREwDwYDVQQHEwhJbnRl +cm5ldDEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xNDAyBgNVBAsTK1ZlcmlTaWdu +IENsYXNzIDEgQ0EgLSBJbmRpdmlkdWFsIFN1YnNjcmliZXIwXDANBgkqhkiG9w0B +AQEFAANLADBIAkEA7Fc6zYJw4WwCWa1ni3fYNbzGSQNluuw990024GusjLfhEk1h +MsIUukTT/n8yxoO7rYp4x+LS+tHF2tBtuxg7CwIDAQABoyIwIDALBgNVHQ8EBAMC +AQYwEQYJYIZIAYb4QgEBBAQDAgIEMA0GCSqGSIb3DQEBAgUAA0EAFKem0cJGg9nd +TAbP5o1HIEyNn11ZlvLU5v1Hejs1MKQt72IMm4jjgOH+pjguXW8lB6yzrK4oVOO2 +UNCaNQ1H26GCAa0wgeYwgZEwDQYJKoZIhvcNAQECBQAwYjERMA8GA1UEBxMISW50 +ZXJuZXQxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMTQwMgYDVQQLEytWZXJpU2ln +biBDbGFzcyAxIENBIC0gSW5kaXZpZHVhbCBTdWJzY3JpYmVyFw05NjA3MTcxNzU5 +MjlaFw05NzA3MTgwMDAwMDBaMA0GCSqGSIb3DQEBAgUAA0EAubVWYTsWsQmste9f ++UgMw8BkjDlM25fwQLrCfmmnLxjewey10kSROypUaJLb+r4oRALc0fG9XfZsaiiI +gotQHjCBwTBtMA0GCSqGSIb3DQEBAgUAMD4xCzAJBgNVBAYTAlVTMRcwFQYDVQQK +Ew5WZXJpU2lnbiwgSW5jLjEWMBQGA1UECxMNVEVTVCBSb290IFBDQRcNOTYwNzE3 +MTc0NDA5WhcNOTgwNzE3MDAwMDAwWjANBgkqhkiG9w0BAQIFAANBAHitA0/xAukC +jHzeh1AMT/l2oC68N+yFb+aJPHBBMxc6gG2MaKjBNwb5hcXUllMlExONA3ju10f7 +owIq3s3wx10xAAAAAAA= +-----END PKCS7----- diff --git a/src/lib/libssl/test/testreq2.pem b/src/lib/libssl/test/testreq2.pem new file mode 100644 index 0000000000..c3cdcffcbc --- /dev/null +++ b/src/lib/libssl/test/testreq2.pem @@ -0,0 +1,7 @@ +-----BEGIN CERTIFICATE REQUEST----- +MIHaMIGFAgEAMA4xDDAKBgNVBAMTA2NuNDBcMA0GCSqGSIb3DQEBAQUAA0sAMEgC +QQCQsnkyUGDY2R3mYoeTprFJKgWuJ3f1jUjlIuW5+wfAUoeMt35c4vcFZ2mIBpEG +DtzkNQN1kr2O9ldm9zYnYhyhAgMBAAGgEjAQBgorBgEEAYI3AgEOMQIwADANBgkq +hkiG9w0BAQQFAANBAAb2szZgVIxg3vK6kYLjGSBISyuzcXJ6IvuPW6M+yzi1Qgoi +gQhazHTJp91T8ItZEzUJGZSZl2e5iXlnffWB+/U= +-----END CERTIFICATE REQUEST----- diff --git a/src/lib/libssl/test/testrsa.pem b/src/lib/libssl/test/testrsa.pem new file mode 100644 index 0000000000..aad21067a8 --- /dev/null +++ b/src/lib/libssl/test/testrsa.pem @@ -0,0 +1,9 @@ +-----BEGIN RSA PRIVATE KEY----- +MIIBPAIBAAJBAKrbeqkuRk8VcRmWFmtP+LviMB3+6dizWW3DwaffznyHGAFwUJ/I +Tv0XtbsCyl3QoyKGhrOAy3RvPK5M38iuXT0CAwEAAQJAZ3cnzaHXM/bxGaR5CR1R +rD1qFBAVfoQFiOH9uPJgMaoAuoQEisPHVcZDKcOv4wEg6/TInAIXBnEigtqvRzuy +oQIhAPcgZzUq3yVooAaoov8UbXPxqHlwo6GBMqnv20xzkf6ZAiEAsP4BnIaQTM8S +mvcpHZwQJdmdHHkGKAs37Dfxi67HbkUCIQCeZGliHXFa071Fp06ZeWlR2ADonTZz +rJBhdTe0v5pCeQIhAIZfkiGgGBX4cIuuckzEm43g9WMUjxP/0GlK39vIyihxAiEA +mymehFRT0MvqW5xAKAx7Pgkt8HVKwVhc2LwGKHE0DZM= +-----END RSA PRIVATE KEY----- diff --git a/src/lib/libssl/test/testsid.pem b/src/lib/libssl/test/testsid.pem new file mode 100644 index 0000000000..cd8617be2e --- /dev/null +++ b/src/lib/libssl/test/testsid.pem @@ -0,0 +1,12 @@ +-----BEGIN SSL SESSION PARAMETERS----- +MIIBxwIBAQIBAgQDAQCABBCi11xa5qkOP8xrr02K/NQCBBBkIYQZM0Bt95W0EHNV +bA58oQYCBDIBr7WiBAICASyjggGGMIIBgjCCASwCAQMwDQYJKoZIhvcNAQEEBQAw +ODELMAkGA1UEBhMCQVUxDDAKBgNVBAgTA1FMRDEbMBkGA1UEAxMSU1NMZWF5L3Jz +YSB0ZXN0IENBMB4XDTk1MTAwOTIzMzEzNFoXDTk4MDcwNTIzMzEzNFowYDELMAkG +A1UEBhMCQVUxDDAKBgNVBAgTA1FMRDEZMBcGA1UEChMQTWluY29tIFB0eS4gTHRk +LjELMAkGA1UECxMCQ1MxGzAZBgNVBAMTElNTTGVheSBkZW1vIGNsaWVudDBcMA0G +CSqGSIb3DQEBAQUAA0sAMEgCQQC4pcXEL1lgVA+B5Q3TcuW/O3LZHoA73IYm8oFD +TezgCDhL2RTMn+seKWF36UtJKRIOBU9jZHCVVd0Me5ls6BEjAgMBAAEwDQYJKoZI +hvcNAQEEBQADQQBoIpOcwUY1qlVF7j3ROSGvUsbvByOBFmYWkIBgsCqR+9qo1A7L +CrWF5i8LWt/vLwAHaxWNx2YuBJMFyuK81fTv +-----END SSL SESSION PARAMETERS----- diff --git a/src/lib/libssl/test/testss b/src/lib/libssl/test/testss new file mode 100644 index 0000000000..a5aecf4694 --- /dev/null +++ b/src/lib/libssl/test/testss @@ -0,0 +1,89 @@ +#!/bin/sh + +digest='-mdc2' +reqcmd="../apps/ssleay req" +x509cmd="../apps/ssleay x509 $digest" +verifycmd="../apps/ssleay verify" + +CAkey="keyCA.ss" +CAcert="certCA.ss" +CAreq="reqCA.ss" +CAconf="CAss.cnf" +CAreq2="req2CA.ss" # temp + +Uconf="Uss.cnf" +Ukey="keyU.ss" +Ureq="reqU.ss" +Ucert="certU.ss" + +echo +echo "make a certificate request using 'req'" +$reqcmd -config $CAconf -out $CAreq -keyout $CAkey -new #>err.ss +if [ $? != 0 ]; then + echo "error using 'req' to generate a certificate request" + exit 1 +fi +echo +echo "convert the certificate request into a self signed certificate using 'x509'" +$x509cmd -CAcreateserial -in $CAreq -days 30 -req -out $CAcert -signkey $CAkey >err.ss +if [ $? != 0 ]; then + echo "error using 'x509' to self sign a certificate request" + exit 1 +fi + +echo +echo "convert a certificate into a certificate request using 'x509'" +$x509cmd -in $CAcert -x509toreq -signkey $CAkey -out $CAreq2 >err.ss +if [ $? != 0 ]; then + echo "error using 'x509' convert a certificate to a certificate request" + exit 1 +fi + +$reqcmd -verify -in $CAreq -noout +if [ $? != 0 ]; then + echo first generated request is invalid + exit 1 +fi + +$reqcmd -verify -in $CAreq2 -noout +if [ $? != 0 ]; then + echo second generated request is invalid + exit 1 +fi + +$verifycmd -CAfile $CAcert $CAcert +if [ $? != 0 ]; then + echo first generated cert is invalid + exit 1 +fi + +echo +echo "make another certificate request using 'req'" +$reqcmd -config $Uconf -out $Ureq -keyout $Ukey -new >err.ss +if [ $? != 0 ]; then + echo "error using 'req' to generate a certificate request" + exit 1 +fi + +echo +echo "sign certificate request with the just created CA via 'x509'" +$x509cmd -CAcreateserial -in $Ureq -days 30 -req -out $Ucert -CA $CAcert -CAkey $CAkey >err.ss +if [ $? != 0 ]; then + echo "error using 'x509' to sign a certificate request" + exit 1 +fi + +$verifycmd -CAfile $CAcert $Ucert +echo +echo "Certificate details" +$x509cmd -subject -issuer -startdate -enddate -noout -in $Ucert + +echo +echo The generated CA certificate is $CAcert +echo The generated CA private key is $CAkey + +echo The generated user certificate is $Ucert +echo The generated user private key is $Ukey + +/bin/rm err.ss +exit 0 diff --git a/src/lib/libssl/test/testssl b/src/lib/libssl/test/testssl new file mode 100644 index 0000000000..f115adb8e1 --- /dev/null +++ b/src/lib/libssl/test/testssl @@ -0,0 +1,40 @@ +#!/bin/sh + +echo test sslv2 +./ssltest -ssl2 || exit 1 + +echo test sslv2 with server authentication +./ssltest -ssl2 -server_auth -CApath ../certs || exit 1 + +echo test sslv2 with client authentication +./ssltest -ssl2 -client_auth -CApath ../certs || exit 1 + +echo test sslv2 with both client and server authentication +./ssltest -ssl2 -server_auth -client_auth -CApath ../certs || exit 1 + +echo test sslv3 +./ssltest -ssl3 || exit 1 + +echo test sslv3 with server authentication +./ssltest -ssl3 -server_auth -CApath ../certs || exit 1 + +echo test sslv3 with client authentication +./ssltest -ssl3 -client_auth -CApath ../certs || exit 1 + +echo test sslv3 with both client and server authentication +./ssltest -ssl3 -server_auth -client_auth -CApath ../certs || exit 1 + +echo test sslv2/sslv3 +./ssltest || exit 1 + +echo test sslv2/sslv3 with server authentication +./ssltest -server_auth -CApath ../certs || exit 1 + +echo test sslv2/sslv3 with client authentication +./ssltest -client_auth -CApath ../certs || exit 1 + +echo test sslv2/sslv3 with both client and server authentication +./ssltest -server_auth -client_auth -CApath ../certs || exit 1 + +exit 0 + diff --git a/src/lib/libssl/test/testx509.pem b/src/lib/libssl/test/testx509.pem new file mode 100644 index 0000000000..8a85d14964 --- /dev/null +++ b/src/lib/libssl/test/testx509.pem @@ -0,0 +1,10 @@ +-----BEGIN CERTIFICATE----- +MIIBWzCCAQYCARgwDQYJKoZIhvcNAQEEBQAwODELMAkGA1UEBhMCQVUxDDAKBgNV +BAgTA1FMRDEbMBkGA1UEAxMSU1NMZWF5L3JzYSB0ZXN0IENBMB4XDTk1MDYxOTIz +MzMxMloXDTk1MDcxNzIzMzMxMlowOjELMAkGA1UEBhMCQVUxDDAKBgNVBAgTA1FM +RDEdMBsGA1UEAxMUU1NMZWF5L3JzYSB0ZXN0IGNlcnQwXDANBgkqhkiG9w0BAQEF +AANLADBIAkEAqtt6qS5GTxVxGZYWa0/4u+IwHf7p2LNZbcPBp9/OfIcYAXBQn8hO +/Re1uwLKXdCjIoaGs4DLdG88rkzfyK5dPQIDAQABMAwGCCqGSIb3DQIFBQADQQAE +Wc7EcF8po2/ZO6kNCwK/ICH6DobgLekA5lSLr5EvuioZniZp5lFzAw4+YzPQ7XKJ +zl9HYIMxATFyqSiD9jsx +-----END CERTIFICATE----- diff --git a/src/lib/libssl/test/times b/src/lib/libssl/test/times new file mode 100644 index 0000000000..49aeebf216 --- /dev/null +++ b/src/lib/libssl/test/times @@ -0,0 +1,113 @@ + +More number for the questions about SSL overheads.... + +The following numbers were generated on a pentium pro 200, running linux. +They give an indication of the SSL protocol and encryption overheads. + +The program that generated them is an unreleased version of ssl/ssltest.c +which is the SSLeay ssl protocol testing program. It is a single process that +talks both sides of the SSL protocol via a non-blocking memory buffer +interface. + +How do I read this? The protocol and cipher are reasonable obvious. +The next number is the number of connections being made. The next is the +number of bytes exchanged bewteen the client and server side of the protocol. +This is the number of bytes that the client sends to the server, and then +the server sends back. Because this is all happening in one process, +the data is being encrypted, decrypted, encrypted and then decrypted again. +It is a round trip of that many bytes. Because the one process performs +both the client and server sides of the protocol and it sends this many bytes +each direction, multiply this number by 4 to generate the number +of bytes encrypted/decrypted/MACed. The first time value is how many seconds +elapsed doing a full SSL handshake, the second is the cost of one +full handshake and the rest being session-id reuse. + +SSLv2 RC4-MD5 1000 x 1 12.83s 0.70s +SSLv3 NULL-MD5 1000 x 1 14.35s 1.47s +SSLv3 RC4-MD5 1000 x 1 14.46s 1.56s +SSLv3 RC4-MD5 1000 x 1 51.93s 1.62s 1024bit RSA +SSLv3 RC4-SHA 1000 x 1 14.61s 1.83s +SSLv3 DES-CBC-SHA 1000 x 1 14.70s 1.89s +SSLv3 DES-CBC3-SHA 1000 x 1 15.16s 2.16s + +SSLv2 RC4-MD5 1000 x 1024 13.72s 1.27s +SSLv3 NULL-MD5 1000 x 1024 14.79s 1.92s +SSLv3 RC4-MD5 1000 x 1024 52.58s 2.29s 1024bit RSA +SSLv3 RC4-SHA 1000 x 1024 15.39s 2.67s +SSLv3 DES-CBC-SHA 1000 x 1024 16.45s 3.55s +SSLv3 DES-CBC3-SHA 1000 x 1024 18.21s 5.38s + +SSLv2 RC4-MD5 1000 x 10240 18.97s 6.52s +SSLv3 NULL-MD5 1000 x 10240 17.79s 5.11s +SSLv3 RC4-MD5 1000 x 10240 20.25s 7.90s +SSLv3 RC4-MD5 1000 x 10240 58.26s 8.08s 1024bit RSA +SSLv3 RC4-SHA 1000 x 10240 22.96s 11.44s +SSLv3 DES-CBC-SHA 1000 x 10240 30.65s 18.41s +SSLv3 DES-CBC3-SHA 1000 x 10240 47.04s 34.53s + +SSLv2 RC4-MD5 1000 x 102400 70.22s 57.74s +SSLv3 NULL-MD5 1000 x 102400 43.73s 31.03s +SSLv3 RC4-MD5 1000 x 102400 71.32s 58.83s +SSLv3 RC4-MD5 1000 x 102400 109.66s 59.20s 1024bit RSA +SSLv3 RC4-SHA 1000 x 102400 95.88s 82.21s +SSLv3 DES-CBC-SHA 1000 x 102400 173.22s 160.55s +SSLv3 DES-CBC3-SHA 1000 x 102400 336.61s 323.82s + +What does this all mean? Well for a server, with no session-id reuse, with +a transfer size of 10240 bytes, using RC4-MD5 and a 512bit server key, +a pentium pro 200 running linux can handle the SSLv3 protocol overheads of +about 49 connections a second. Reality will be quite different :-). + +Remeber the first number is 1000 full ssl handshakes, the second is +1 full and 999 with session-id reuse. The RSA overheads for each exchange +would be one public and one private operation, but the protocol/MAC/cipher +cost would be quite similar in both the client and server. + +eric (adding numbers to speculation) + +--- Appendix --- +- The time measured is user time but these number a very rough. +- Remember this is the cost of both client and server sides of the protocol. +- The TCP/kernal overhead of connection establishment is normally the + killer in SSL. Often delays in the TCP protocol will make session-id + reuse look slower that new sessions, but this would not be the case on + a loaded server. +- The TCP round trip latencies, while slowing indervidual connections, + would have minimal impact on throughput. +- Instead of sending one 102400 byte buffer, one 8k buffer is sent until +- the required number of bytes are processed. +- The SSLv3 connections were actually SSLv2 compatable SSLv3 headers. +- A 512bit server key was being used except where noted. +- No server key verification was being performed on the client side of the + protocol. This would slow things down very little. +- The library being used is SSLeay 0.8.x. +- The normal mesauring system was commands of the form + time ./ssltest -num 1000 -bytes 102400 -cipher DES-CBC-SHA -reuse + This modified version of ssltest should be in the next public release of + SSLeay. + +The general cipher performace number for this platform are + +SSLeay 0.8.2a 04-Sep-1997 +built on Fri Sep 5 17:37:05 EST 1997 +options:bn(64,32) md2(int) rc4(idx,int) des(ptr,risc1,16,long) idea(int) blowfish(ptr2) +C flags:gcc -DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -m486 -Wall -Wuninitialized +The 'numbers' are in 1000s of bytes per second processed. +type 8 bytes 64 bytes 256 bytes 1024 bytes 8192 bytes +md2 131.02k 368.41k 500.57k 549.21k 566.09k +mdc2 535.60k 589.10k 595.88k 595.97k 594.54k +md5 1801.53k 9674.77k 17484.03k 21849.43k 23592.96k +sha 1261.63k 5533.25k 9285.63k 11187.88k 11913.90k +sha1 1103.13k 4782.53k 7933.78k 9472.34k 10070.70k +rc4 10722.53k 14443.93k 15215.79k 15299.24k 15219.59k +des cbc 3286.57k 3827.73k 3913.39k 3931.82k 3926.70k +des ede3 1443.50k 1549.08k 1561.17k 1566.38k 1564.67k +idea cbc 2203.64k 2508.16k 2538.33k 2543.62k 2547.71k +rc2 cbc 1430.94k 1511.59k 1524.82k 1527.13k 1523.33k +blowfish cbc 4716.07k 5965.82k 6190.17k 6243.67k 6234.11k + sign verify +rsa 512 bits 0.0100s 0.0011s +rsa 1024 bits 0.0451s 0.0012s +rsa 2048 bits 0.2605s 0.0086s +rsa 4096 bits 1.6883s 0.0302s + diff --git a/src/lib/libssl/test/tpkcs7 b/src/lib/libssl/test/tpkcs7 new file mode 100644 index 0000000000..ea1f005dac --- /dev/null +++ b/src/lib/libssl/test/tpkcs7 @@ -0,0 +1,51 @@ +#!/bin/sh + +PATH=../apps:$PATH +export PATH + +cmd='../apps/ssleay pkcs7' + +if [ "$1"x != "x" ]; then + t=$1 +else + t=testp7.pem +fi + +echo testing pkcs7 conversions +cp $t fff.p + +echo "p -> d" +$cmd -in fff.p -inform p -outform d >f.d +if [ $? != 0 ]; then exit 1; fi +echo "p -> p" +$cmd -in fff.p -inform p -outform p >f.p +if [ $? != 0 ]; then exit 1; fi + +echo "d -> d" +$cmd -in f.d -inform d -outform d >ff.d1 +if [ $? != 0 ]; then exit 1; fi +echo "p -> d" +$cmd -in f.p -inform p -outform d >ff.d3 +if [ $? != 0 ]; then exit 1; fi + +echo "d -> p" +$cmd -in f.d -inform d -outform p >ff.p1 +if [ $? != 0 ]; then exit 1; fi +echo "p -> p" +$cmd -in f.p -inform p -outform p >ff.p3 +if [ $? != 0 ]; then exit 1; fi + +cmp fff.p f.p +if [ $? != 0 ]; then exit 1; fi +cmp fff.p ff.p1 +if [ $? != 0 ]; then exit 1; fi +cmp fff.p ff.p3 +if [ $? != 0 ]; then exit 1; fi + +cmp f.p ff.p1 +if [ $? != 0 ]; then exit 1; fi +cmp f.p ff.p3 +if [ $? != 0 ]; then exit 1; fi + +/bin/rm -f f.* ff.* fff.* +exit 0 diff --git a/src/lib/libssl/test/tpkcs7d b/src/lib/libssl/test/tpkcs7d new file mode 100644 index 0000000000..c8f18fb09c --- /dev/null +++ b/src/lib/libssl/test/tpkcs7d @@ -0,0 +1,44 @@ +#!/bin/sh + +PATH=../apps:$PATH +export PATH + +cmd='../apps/ssleay pkcs7' + +if [ "$1"x != "x" ]; then + t=$1 +else + t=pkcs7-1.pem +fi + +echo testing pkcs7 conversions +cp $t fff.p + +echo "p -> d" +$cmd -in fff.p -inform p -outform d >f.d +if [ $? != 0 ]; then exit 1; fi +echo "p -> p" +$cmd -in fff.p -inform p -outform p >f.p +if [ $? != 0 ]; then exit 1; fi + +echo "d -> d" +$cmd -in f.d -inform d -outform d >ff.d1 +if [ $? != 0 ]; then exit 1; fi +echo "p -> d" +$cmd -in f.p -inform p -outform d >ff.d3 +if [ $? != 0 ]; then exit 1; fi + +echo "d -> p" +$cmd -in f.d -inform d -outform p >ff.p1 +if [ $? != 0 ]; then exit 1; fi +echo "p -> p" +$cmd -in f.p -inform p -outform p >ff.p3 +if [ $? != 0 ]; then exit 1; fi + +cmp f.p ff.p1 +if [ $? != 0 ]; then exit 1; fi +cmp f.p ff.p3 +if [ $? != 0 ]; then exit 1; fi + +/bin/rm -f f.* ff.* fff.* +exit 0 diff --git a/src/lib/libssl/test/treq b/src/lib/libssl/test/treq new file mode 100644 index 0000000000..e5f1d8cc41 --- /dev/null +++ b/src/lib/libssl/test/treq @@ -0,0 +1,81 @@ +#!/bin/sh + +PATH=../apps:$PATH +export PATH + +cmd='../apps/ssleay req' + +if [ "$1"x != "x" ]; then + t=$1 +else + t=testreq.pem +fi + +echo testing req conversions +cp $t fff.p + +echo "p -> d" +$cmd -in fff.p -inform p -outform d >f.d +if [ $? != 0 ]; then exit 1; fi +#echo "p -> t" +#$cmd -in fff.p -inform p -outform t >f.t +#if [ $? != 0 ]; then exit 1; fi +echo "p -> p" +$cmd -in fff.p -inform p -outform p >f.p +if [ $? != 0 ]; then exit 1; fi + +echo "d -> d" +$cmd -verify -in f.d -inform d -outform d >ff.d1 +if [ $? != 0 ]; then exit 1; fi +#echo "t -> d" +#$cmd -in f.t -inform t -outform d >ff.d2 +#if [ $? != 0 ]; then exit 1; fi +echo "p -> d" +$cmd -verify -in f.p -inform p -outform d >ff.d3 +if [ $? != 0 ]; then exit 1; fi + +#echo "d -> t" +#$cmd -in f.d -inform d -outform t >ff.t1 +#if [ $? != 0 ]; then exit 1; fi +#echo "t -> t" +#$cmd -in f.t -inform t -outform t >ff.t2 +#if [ $? != 0 ]; then exit 1; fi +#echo "p -> t" +#$cmd -in f.p -inform p -outform t >ff.t3 +#if [ $? != 0 ]; then exit 1; fi + +echo "d -> p" +$cmd -in f.d -inform d -outform p >ff.p1 +if [ $? != 0 ]; then exit 1; fi +#echo "t -> p" +#$cmd -in f.t -inform t -outform p >ff.p2 +#if [ $? != 0 ]; then exit 1; fi +echo "p -> p" +$cmd -in f.p -inform p -outform p >ff.p3 +if [ $? != 0 ]; then exit 1; fi + +cmp fff.p f.p +if [ $? != 0 ]; then exit 1; fi +cmp fff.p ff.p1 +if [ $? != 0 ]; then exit 1; fi +#cmp fff.p ff.p2 +#if [ $? != 0 ]; then exit 1; fi +cmp fff.p ff.p3 +if [ $? != 0 ]; then exit 1; fi + +#cmp f.t ff.t1 +#if [ $? != 0 ]; then exit 1; fi +#cmp f.t ff.t2 +#if [ $? != 0 ]; then exit 1; fi +#cmp f.t ff.t3 +#if [ $? != 0 ]; then exit 1; fi + +cmp f.p ff.p1 +if [ $? != 0 ]; then exit 1; fi +#cmp f.p ff.p2 +#if [ $? != 0 ]; then exit 1; fi +cmp f.p ff.p3 +if [ $? != 0 ]; then exit 1; fi + +/bin/rm -f f.* ff.* fff.* +exit 0 diff --git a/src/lib/libssl/test/trsa b/src/lib/libssl/test/trsa new file mode 100644 index 0000000000..e5b8fe0448 --- /dev/null +++ b/src/lib/libssl/test/trsa @@ -0,0 +1,81 @@ +#!/bin/sh + +PATH=../apps:$PATH +export PATH + +cmd='../apps/ssleay rsa' + +if [ "$1"x != "x" ]; then + t=$1 +else + t=testrsa.pem +fi + +echo testing rsa conversions +cp $t fff.p + +echo "p -> d" +$cmd -in fff.p -inform p -outform d >f.d +if [ $? != 0 ]; then exit 1; fi +#echo "p -> t" +#$cmd -in fff.p -inform p -outform t >f.t +#if [ $? != 0 ]; then exit 1; fi +echo "p -> p" +$cmd -in fff.p -inform p -outform p >f.p +if [ $? != 0 ]; then exit 1; fi + +echo "d -> d" +$cmd -in f.d -inform d -outform d >ff.d1 +if [ $? != 0 ]; then exit 1; fi +#echo "t -> d" +#$cmd -in f.t -inform t -outform d >ff.d2 +#if [ $? != 0 ]; then exit 1; fi +echo "p -> d" +$cmd -in f.p -inform p -outform d >ff.d3 +if [ $? != 0 ]; then exit 1; fi + +#echo "d -> t" +#$cmd -in f.d -inform d -outform t >ff.t1 +#if [ $? != 0 ]; then exit 1; fi +#echo "t -> t" +#$cmd -in f.t -inform t -outform t >ff.t2 +#if [ $? != 0 ]; then exit 1; fi +#echo "p -> t" +#$cmd -in f.p -inform p -outform t >ff.t3 +#if [ $? != 0 ]; then exit 1; fi + +echo "d -> p" +$cmd -in f.d -inform d -outform p >ff.p1 +if [ $? != 0 ]; then exit 1; fi +#echo "t -> p" +#$cmd -in f.t -inform t -outform p >ff.p2 +#if [ $? != 0 ]; then exit 1; fi +echo "p -> p" +$cmd -in f.p -inform p -outform p >ff.p3 +if [ $? != 0 ]; then exit 1; fi + +cmp fff.p f.p +if [ $? != 0 ]; then exit 1; fi +cmp fff.p ff.p1 +if [ $? != 0 ]; then exit 1; fi +#cmp fff.p ff.p2 +#if [ $? != 0 ]; then exit 1; fi +cmp fff.p ff.p3 +if [ $? != 0 ]; then exit 1; fi + +#cmp f.t ff.t1 +#if [ $? != 0 ]; then exit 1; fi +#cmp f.t ff.t2 +#if [ $? != 0 ]; then exit 1; fi +#cmp f.t ff.t3 +#if [ $? != 0 ]; then exit 1; fi + +cmp f.p ff.p1 +if [ $? != 0 ]; then exit 1; fi +#cmp f.p ff.p2 +#if [ $? != 0 ]; then exit 1; fi +cmp f.p ff.p3 +if [ $? != 0 ]; then exit 1; fi + +/bin/rm -f f.* ff.* fff.* +exit 0 diff --git a/src/lib/libssl/test/tsid b/src/lib/libssl/test/tsid new file mode 100644 index 0000000000..8c7e9b1387 --- /dev/null +++ b/src/lib/libssl/test/tsid @@ -0,0 +1,81 @@ +#!/bin/sh + +PATH=../apps:$PATH +export PATH + +cmd='../apps/ssleay sess_id' + +if [ "$1"x != "x" ]; then + t=$1 +else + t=testsid.pem +fi + +echo testing session-id conversions +cp $t fff.p + +echo "p -> d" +$cmd -in fff.p -inform p -outform d >f.d +if [ $? != 0 ]; then exit 1; fi +#echo "p -> t" +#$cmd -in fff.p -inform p -outform t >f.t +#if [ $? != 0 ]; then exit 1; fi +echo "p -> p" +$cmd -in fff.p -inform p -outform p >f.p +if [ $? != 0 ]; then exit 1; fi + +echo "d -> d" +$cmd -in f.d -inform d -outform d >ff.d1 +if [ $? != 0 ]; then exit 1; fi +#echo "t -> d" +#$cmd -in f.t -inform t -outform d >ff.d2 +#if [ $? != 0 ]; then exit 1; fi +echo "p -> d" +$cmd -in f.p -inform p -outform d >ff.d3 +if [ $? != 0 ]; then exit 1; fi + +#echo "d -> t" +#$cmd -in f.d -inform d -outform t >ff.t1 +#if [ $? != 0 ]; then exit 1; fi +#echo "t -> t" +#$cmd -in f.t -inform t -outform t >ff.t2 +#if [ $? != 0 ]; then exit 1; fi +#echo "p -> t" +#$cmd -in f.p -inform p -outform t >ff.t3 +#if [ $? != 0 ]; then exit 1; fi + +echo "d -> p" +$cmd -in f.d -inform d -outform p >ff.p1 +if [ $? != 0 ]; then exit 1; fi +#echo "t -> p" +#$cmd -in f.t -inform t -outform p >ff.p2 +#if [ $? != 0 ]; then exit 1; fi +echo "p -> p" +$cmd -in f.p -inform p -outform p >ff.p3 +if [ $? != 0 ]; then exit 1; fi + +cmp fff.p f.p +if [ $? != 0 ]; then exit 1; fi +cmp fff.p ff.p1 +if [ $? != 0 ]; then exit 1; fi +#cmp fff.p ff.p2 +#if [ $? != 0 ]; then exit 1; fi +cmp fff.p ff.p3 +if [ $? != 0 ]; then exit 1; fi + +#cmp f.t ff.t1 +#if [ $? != 0 ]; then exit 1; fi +#cmp f.t ff.t2 +#if [ $? != 0 ]; then exit 1; fi +#cmp f.t ff.t3 +#if [ $? != 0 ]; then exit 1; fi + +cmp f.p ff.p1 +if [ $? != 0 ]; then exit 1; fi +#cmp f.p ff.p2 +#if [ $? != 0 ]; then exit 1; fi +cmp f.p ff.p3 +if [ $? != 0 ]; then exit 1; fi + +/bin/rm -f f.* ff.* fff.* +exit 0 diff --git a/src/lib/libssl/test/tx509 b/src/lib/libssl/test/tx509 new file mode 100644 index 0000000000..f8d1f82cdd --- /dev/null +++ b/src/lib/libssl/test/tx509 @@ -0,0 +1,81 @@ +#!/bin/sh + +PATH=../apps:$PATH +export PATH + +cmd='../apps/ssleay x509' + +if [ "$1"x != "x" ]; then + t=$1 +else + t=testx509.pem +fi + +echo testing X509 conversions +cp $t fff.p + +echo "p -> d" +$cmd -in fff.p -inform p -outform d >f.d +if [ $? != 0 ]; then exit 1; fi +echo "p -> n" +$cmd -in fff.p -inform p -outform n >f.n +if [ $? != 0 ]; then exit 1; fi +echo "p -> p" +$cmd -in fff.p -inform p -outform p >f.p +if [ $? != 0 ]; then exit 1; fi + +echo "d -> d" +$cmd -in f.d -inform d -outform d >ff.d1 +if [ $? != 0 ]; then exit 1; fi +echo "n -> d" +$cmd -in f.n -inform n -outform d >ff.d2 +if [ $? != 0 ]; then exit 1; fi +echo "p -> d" +$cmd -in f.p -inform p -outform d >ff.d3 +if [ $? != 0 ]; then exit 1; fi + +echo "d -> n" +$cmd -in f.d -inform d -outform n >ff.n1 +if [ $? != 0 ]; then exit 1; fi +echo "n -> n" +$cmd -in f.n -inform n -outform n >ff.n2 +if [ $? != 0 ]; then exit 1; fi +echo "p -> n" +$cmd -in f.p -inform p -outform n >ff.n3 +if [ $? != 0 ]; then exit 1; fi + +echo "d -> p" +$cmd -in f.d -inform d -outform p >ff.p1 +if [ $? != 0 ]; then exit 1; fi +echo "n -> p" +$cmd -in f.n -inform n -outform p >ff.p2 +if [ $? != 0 ]; then exit 1; fi +echo "p -> p" +$cmd -in f.p -inform p -outform p >ff.p3 +if [ $? != 0 ]; then exit 1; fi + +cmp fff.p f.p +if [ $? != 0 ]; then exit 1; fi +cmp fff.p ff.p1 +if [ $? != 0 ]; then exit 1; fi +cmp fff.p ff.p2 +if [ $? != 0 ]; then exit 1; fi +cmp fff.p ff.p3 +if [ $? != 0 ]; then exit 1; fi + +cmp f.n ff.n1 +if [ $? != 0 ]; then exit 1; fi +cmp f.n ff.n2 +if [ $? != 0 ]; then exit 1; fi +cmp f.n ff.n3 +if [ $? != 0 ]; then exit 1; fi + +cmp f.p ff.p1 +if [ $? != 0 ]; then exit 1; fi +cmp f.p ff.p2 +if [ $? != 0 ]; then exit 1; fi +cmp f.p ff.p3 +if [ $? != 0 ]; then exit 1; fi + +/bin/rm -f f.* ff.* fff.* +exit 0 diff --git a/src/lib/libssl/test/v3-cert1.pem b/src/lib/libssl/test/v3-cert1.pem new file mode 100644 index 0000000000..0da253d5c3 --- /dev/null +++ b/src/lib/libssl/test/v3-cert1.pem @@ -0,0 +1,16 @@ +-----BEGIN CERTIFICATE----- +MIICjTCCAfigAwIBAgIEMaYgRzALBgkqhkiG9w0BAQQwRTELMAkGA1UEBhMCVVMx +NjA0BgNVBAoTLU5hdGlvbmFsIEFlcm9uYXV0aWNzIGFuZCBTcGFjZSBBZG1pbmlz +dHJhdGlvbjAmFxE5NjA1MjgxMzQ5MDUrMDgwMBcROTgwNTI4MTM0OTA1KzA4MDAw +ZzELMAkGA1UEBhMCVVMxNjA0BgNVBAoTLU5hdGlvbmFsIEFlcm9uYXV0aWNzIGFu +ZCBTcGFjZSBBZG1pbmlzdHJhdGlvbjEgMAkGA1UEBRMCMTYwEwYDVQQDEwxTdGV2 +ZSBTY2hvY2gwWDALBgkqhkiG9w0BAQEDSQAwRgJBALrAwyYdgxmzNP/ts0Uyf6Bp +miJYktU/w4NG67ULaN4B5CnEz7k57s9o3YY3LecETgQ5iQHmkwlYDTL2fTgVfw0C +AQOjgaswgagwZAYDVR0ZAQH/BFowWDBWMFQxCzAJBgNVBAYTAlVTMTYwNAYDVQQK +Ey1OYXRpb25hbCBBZXJvbmF1dGljcyBhbmQgU3BhY2UgQWRtaW5pc3RyYXRpb24x +DTALBgNVBAMTBENSTDEwFwYDVR0BAQH/BA0wC4AJODMyOTcwODEwMBgGA1UdAgQR +MA8ECTgzMjk3MDgyM4ACBSAwDQYDVR0KBAYwBAMCBkAwCwYJKoZIhvcNAQEEA4GB +AH2y1VCEw/A4zaXzSYZJTTUi3uawbbFiS2yxHvgf28+8Js0OHXk1H1w2d6qOHH21 +X82tZXd/0JtG0g1T9usFFBDvYK8O0ebgz/P5ELJnBL2+atObEuJy1ZZ0pBDWINR3 +WkDNLCGiTkCKp0F5EWIrVDwh54NNevkCQRZita+z4IBO +-----END CERTIFICATE----- diff --git a/src/lib/libssl/test/v3-cert2.pem b/src/lib/libssl/test/v3-cert2.pem new file mode 100644 index 0000000000..de0723ff8d --- /dev/null +++ b/src/lib/libssl/test/v3-cert2.pem @@ -0,0 +1,16 @@ +-----BEGIN CERTIFICATE----- +MIICiTCCAfKgAwIBAgIEMeZfHzANBgkqhkiG9w0BAQQFADB9MQswCQYDVQQGEwJD +YTEPMA0GA1UEBxMGTmVwZWFuMR4wHAYDVQQLExVObyBMaWFiaWxpdHkgQWNjZXB0 +ZWQxHzAdBgNVBAoTFkZvciBEZW1vIFB1cnBvc2VzIE9ubHkxHDAaBgNVBAMTE0Vu +dHJ1c3QgRGVtbyBXZWIgQ0EwHhcNOTYwNzEyMTQyMDE1WhcNOTYxMDEyMTQyMDE1 +WjB0MSQwIgYJKoZIhvcNAQkBExVjb29rZUBpc3NsLmF0bC5ocC5jb20xCzAJBgNV +BAYTAlVTMScwJQYDVQQLEx5IZXdsZXR0IFBhY2thcmQgQ29tcGFueSAoSVNTTCkx +FjAUBgNVBAMTDVBhdWwgQS4gQ29va2UwXDANBgkqhkiG9w0BAQEFAANLADBIAkEA +6ceSq9a9AU6g+zBwaL/yVmW1/9EE8s5you1mgjHnj0wAILuoB3L6rm6jmFRy7QZT +G43IhVZdDua4e+5/n1ZslwIDAQABo2MwYTARBglghkgBhvhCAQEEBAMCB4AwTAYJ +YIZIAYb4QgENBD8WPVRoaXMgY2VydGlmaWNhdGUgaXMgb25seSBpbnRlbmRlZCBm +b3IgZGVtb25zdHJhdGlvbiBwdXJwb3Nlcy4wDQYJKoZIhvcNAQEEBQADgYEAi8qc +F3zfFqy1sV8NhjwLVwOKuSfhR/Z8mbIEUeSTlnH3QbYt3HWZQ+vXI8mvtZoBc2Fz +lexKeIkAZXCesqGbs6z6nCt16P6tmdfbZF3I3AWzLquPcOXjPf4HgstkyvVBn0Ap +jAFN418KF/Cx4qyHB4cjdvLrRjjQLnb2+ibo7QU= +-----END CERTIFICATE----- diff --git a/src/lib/libssl/tls1.h b/src/lib/libssl/tls1.h new file mode 100644 index 0000000000..60978613ef --- /dev/null +++ b/src/lib/libssl/tls1.h @@ -0,0 +1,115 @@ +/* ssl/tls1.h */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#ifndef HEADER_TLS1_H +#define HEADER_TLS1_H + +#include "buffer.h" + +#ifdef __cplusplus +extern "C" { +#endif + +#define TLS1_VERSION 0x0301 +#define TLS1_VERSION_MAJOR 0x03 +#define TLS1_VERSION_MINOR 0x01 + +#define TLS1_AD_DECRYPTION_FAILED 21 +#define TLS1_AD_RECORD_OVERFLOW 22 +#define TLS1_AD_UNKNOWN_CA 48 /* fatal */ +#define TLS1_AD_ACCESS_DENIED 49 /* fatal */ +#define TLS1_AD_DECODE_ERROR 50 /* fatal */ +#define TLS1_AD_DECRYPT_ERROR 51 +#define TLS1_AD_EXPORT_RESTRICION 60 /* fatal */ +#define TLS1_AD_PROTOCOL_VERSION 70 /* fatal */ +#define TLS1_AD_INSUFFICIENT_SECURITY 71 /* fatal */ +#define TLS1_AD_INTERNAL_ERROR 80 /* fatal */ +#define TLS1_AD_USER_CANCLED 90 +#define TLS1_AD_NO_RENEGOTIATION 100 + +#define TLS_CT_RSA_SIGN 1 +#define TLS_CT_DSS_SIGN 2 +#define TLS_CT_RSA_FIXED_DH 3 +#define TLS_CT_DSS_FIXED_DH 4 +#define TLS_CT_NUMBER 4 + +#define TLS1_FINISH_MAC_LENGTH 12 + +#define TLS_MD_MAX_CONST_SIZE 20 +#define TLS_MD_CLIENT_FINISH_CONST "client finished" +#define TLS_MD_CLIENT_FINISH_CONST_SIZE 15 +#define TLS_MD_SERVER_FINISH_CONST "server finished" +#define TLS_MD_SERVER_FINISH_CONST_SIZE 15 +#define TLS_MD_SERVER_WRITE_KEY_CONST "server write key" +#define TLS_MD_SERVER_WRITE_KEY_CONST_SIZE 16 +#define TLS_MD_KEY_EXPANSION_CONST "key expansion" +#define TLS_MD_KEY_EXPANSION_CONST_SIZE 13 +#define TLS_MD_CLIENT_WRITE_KEY_CONST "client write key" +#define TLS_MD_CLIENT_WRITE_KEY_CONST_SIZE 16 +#define TLS_MD_SERVER_WRITE_KEY_CONST "server write key" +#define TLS_MD_SERVER_WRITE_KEY_CONST_SIZE 16 +#define TLS_MD_IV_BLOCK_CONST "IV block" +#define TLS_MD_IV_BLOCK_CONST_SIZE 8 +#define TLS_MD_MASTER_SECRET_CONST "master secret" +#define TLS_MD_MASTER_SECRET_CONST_SIZE 13 + +#ifdef __cplusplus +} +#endif +#endif + -- cgit v1.2.3-55-g6feb