From 5514995a9d5ed91db089875adb509c7781357c0e Mon Sep 17 00:00:00 2001 From: markus <> Date: Thu, 5 Sep 2002 12:51:52 +0000 Subject: import openssl-0.9.7-beta1 --- src/lib/libcrypto/asn1/a_gentm.c | 39 +- src/lib/libcrypto/asn1/a_hdr.c | 33 +- src/lib/libcrypto/asn1/a_meth.c | 8 +- src/lib/libcrypto/asn1/a_utctm.c | 148 +- src/lib/libcrypto/asn1/p8_key.c | 4 +- src/lib/libcrypto/bf/asm/bf-686.pl | 1 - src/lib/libcrypto/bf/bf_opts.c | 65 +- src/lib/libcrypto/bf/bfs.cpp | 2 +- src/lib/libcrypto/bf/bfspeed.c | 63 +- src/lib/libcrypto/bf/bftest.c | 61 +- src/lib/libcrypto/bio/bss_rtcp.c | 67 +- src/lib/libcrypto/bn/asm/README | 21 +- src/lib/libcrypto/bn/asm/alpha.s | 3161 +++++++++++++- src/lib/libcrypto/bn/asm/mips3.s | 573 +-- src/lib/libcrypto/bn/asm/vms.mar | 697 +--- src/lib/libcrypto/bn/bnspeed.c | 69 +- src/lib/libcrypto/bn/bntest.c | 1008 +++-- src/lib/libcrypto/bn/exp.c | 2 + src/lib/libcrypto/bn/expspeed.c | 229 +- src/lib/libcrypto/bn/exptest.c | 77 +- src/lib/libcrypto/bn/vms-helper.c | 4 +- src/lib/libcrypto/cast/cast_spd.c | 63 +- src/lib/libcrypto/cast/castopts.c | 65 +- src/lib/libcrypto/cast/casts.cpp | 2 +- src/lib/libcrypto/cast/casttest.c | 199 +- src/lib/libcrypto/conf/cnf_save.c | 12 +- src/lib/libcrypto/conf/test.c | 11 +- src/lib/libcrypto/crypto-lib.com | 562 ++- src/lib/libcrypto/des/VERSION | 1 + src/lib/libcrypto/des/asm/des686.pl | 22 +- src/lib/libcrypto/des/asm/readme | 2 +- src/lib/libcrypto/des/cbc3_enc.c | 54 +- src/lib/libcrypto/des/des-lib.com | 4 +- src/lib/libcrypto/des/des.c | 220 +- src/lib/libcrypto/des/des3s.cpp | 2 +- src/lib/libcrypto/des/des_opts.c | 264 +- src/lib/libcrypto/des/des_ver.h | 11 +- src/lib/libcrypto/des/dess.cpp | 20 +- src/lib/libcrypto/des/destest.c | 410 +- src/lib/libcrypto/des/read2pwd.c | 77 +- src/lib/libcrypto/des/read_pwd.c | 218 +- src/lib/libcrypto/des/rpc_enc.c | 25 +- src/lib/libcrypto/des/rpw.c | 12 +- src/lib/libcrypto/des/speed.c | 117 +- src/lib/libcrypto/dh/dhtest.c | 84 +- src/lib/libcrypto/dh/p1024.c | 8 +- src/lib/libcrypto/dh/p192.c | 8 +- src/lib/libcrypto/dh/p512.c | 8 +- src/lib/libcrypto/dsa/dsagen.c | 5 +- src/lib/libcrypto/dsa/dsatest.c | 81 +- src/lib/libcrypto/dso/README | 24 +- src/lib/libcrypto/dso/dso_dl.c | 111 +- src/lib/libcrypto/dso/dso_vms.c | 86 +- src/lib/libcrypto/dso/dso_win32.c | 112 +- src/lib/libcrypto/ebcdic.c | 3 +- src/lib/libcrypto/ebcdic.h | 14 +- src/lib/libcrypto/engine/enginetest.c | 45 +- src/lib/libcrypto/engine/hw_4758_cca.c | 28 +- src/lib/libcrypto/engine/hw_atalla.c | 283 +- src/lib/libcrypto/engine/hw_cswift.c | 322 +- src/lib/libcrypto/engine/hw_ncipher.c | 662 ++- src/lib/libcrypto/engine/vendor_defns/atalla.h | 13 - src/lib/libcrypto/engine/vendor_defns/cswift.h | 45 +- src/lib/libcrypto/evp/bio_ok.c | 97 +- src/lib/libcrypto/evp/c_allc.c | 45 +- src/lib/libcrypto/evp/c_alld.c | 19 +- src/lib/libcrypto/evp/e_dsa.c | 6 +- src/lib/libcrypto/evp/e_rc5.c | 65 +- src/lib/libcrypto/evp/evp_test.c | 145 +- src/lib/libcrypto/evp/evptests.txt | 125 +- src/lib/libcrypto/evp/m_md2.c | 32 +- src/lib/libcrypto/evp/m_mdc2.c | 31 +- src/lib/libcrypto/evp/m_sha.c | 31 +- src/lib/libcrypto/hmac/hmactest.c | 37 +- src/lib/libcrypto/install.com | 28 +- src/lib/libcrypto/lhash/lh_test.c | 5 +- src/lib/libcrypto/lhash/num.pl | 2 +- src/lib/libcrypto/md2/md2.c | 20 +- src/lib/libcrypto/md2/md2.h | 18 +- src/lib/libcrypto/md2/md2_dgst.c | 39 +- src/lib/libcrypto/md2/md2_one.c | 23 +- src/lib/libcrypto/md2/md2test.c | 36 +- src/lib/libcrypto/md4/md4test.c | 7 +- src/lib/libcrypto/md5/asm/md5-sparcv9.S | 8 +- src/lib/libcrypto/md5/md5.c | 18 +- src/lib/libcrypto/md5/md5s.cpp | 2 +- src/lib/libcrypto/md5/md5test.c | 32 +- src/lib/libcrypto/mdc2/mdc2.h | 27 +- src/lib/libcrypto/mem.c | 454 +-- src/lib/libcrypto/objects/obj_dat.h | 2646 ++++++++++-- src/lib/libcrypto/objects/obj_mac.h | 593 ++- src/lib/libcrypto/opensslconf.h | 180 + src/lib/libcrypto/opensslconf.h.in | 26 +- src/lib/libcrypto/perlasm/x86ms.pl | 21 +- src/lib/libcrypto/perlasm/x86unix.pl | 141 +- src/lib/libcrypto/pkcs7/bio_ber.c | 28 +- src/lib/libcrypto/pkcs7/dec.c | 12 +- src/lib/libcrypto/pkcs7/enc.c | 86 +- src/lib/libcrypto/pkcs7/example.c | 16 +- src/lib/libcrypto/pkcs7/pk7_dgst.c | 10 +- src/lib/libcrypto/pkcs7/pk7_enc.c | 10 +- src/lib/libcrypto/pkcs7/sign.c | 34 +- src/lib/libcrypto/pkcs7/verify.c | 66 +- src/lib/libcrypto/rand/md_rand.c | 639 +-- src/lib/libcrypto/rand/rand_egd.c | 224 +- src/lib/libcrypto/rand/rand_lcl.h | 60 +- src/lib/libcrypto/rand/rand_unix.c | 38 - src/lib/libcrypto/rand/rand_win.c | 67 +- src/lib/libcrypto/rand/randtest.c | 29 +- src/lib/libcrypto/rc2/rc2speed.c | 63 +- src/lib/libcrypto/rc2/rc2test.c | 33 +- src/lib/libcrypto/rc4/rc4.c | 12 +- src/lib/libcrypto/rc4/rc4s.cpp | 2 +- src/lib/libcrypto/rc4/rc4speed.c | 63 +- src/lib/libcrypto/rc4/rc4test.c | 24 +- src/lib/libcrypto/rc5/rc5.h | 36 +- src/lib/libcrypto/ripemd/asm/rips.cpp | 8 +- src/lib/libcrypto/ripemd/rmd160.c | 18 +- src/lib/libcrypto/ripemd/rmdtest.c | 40 +- src/lib/libcrypto/rsa/rsa_null.c | 23 +- src/lib/libcrypto/rsa/rsa_test.c | 14 +- src/lib/libcrypto/sha/sha.c | 19 +- src/lib/libcrypto/sha/sha1.c | 18 +- src/lib/libcrypto/sha/sha1s.cpp | 7 +- src/lib/libcrypto/sha/sha1test.c | 59 +- src/lib/libcrypto/sha/sha_dgst.c | 385 +- src/lib/libcrypto/sha/sha_one.c | 9 +- src/lib/libcrypto/sha/shatest.c | 59 +- src/lib/libcrypto/symhacks.h | 131 +- src/lib/libcrypto/threads/mttest.c | 247 +- src/lib/libcrypto/threads/th-lock.c | 138 +- src/lib/libcrypto/tmdiff.c | 138 +- src/lib/libcrypto/uid.c | 7 +- src/lib/libcrypto/util/add_cr.pl | 2 +- src/lib/libcrypto/util/ck_errf.pl | 3 +- src/lib/libcrypto/util/clean-depend.pl | 24 +- src/lib/libcrypto/util/deleof.pl | 2 +- src/lib/libcrypto/util/do_ms.sh | 8 +- src/lib/libcrypto/util/domd | 22 +- src/lib/libcrypto/util/err-ins.pl | 2 +- src/lib/libcrypto/util/files.pl | 2 +- src/lib/libcrypto/util/libeay.num | 3841 +++++++++++++----- src/lib/libcrypto/util/mk1mf.pl | 432 +- src/lib/libcrypto/util/mkdef.pl | 1396 ++++++- src/lib/libcrypto/util/mkfiles.pl | 9 +- src/lib/libcrypto/util/mklink.pl | 11 +- src/lib/libcrypto/util/perlpath.pl | 9 +- src/lib/libcrypto/util/pl/BC-16.pl | 18 +- src/lib/libcrypto/util/pl/BC-32.pl | 152 +- src/lib/libcrypto/util/pl/Mingw32.pl | 43 +- src/lib/libcrypto/util/pl/VC-16.pl | 17 +- src/lib/libcrypto/util/pl/VC-32.pl | 41 +- src/lib/libcrypto/util/pl/linux.pl | 20 +- src/lib/libcrypto/util/pl/unix.pl | 23 +- src/lib/libcrypto/util/pod2man.pl | 2 + src/lib/libcrypto/util/pod2mantest | 53 + src/lib/libcrypto/util/pod2mantest.pod | 15 + src/lib/libcrypto/util/point.sh | 4 +- src/lib/libcrypto/util/selftest.pl | 31 +- src/lib/libcrypto/util/sp-diff.pl | 4 +- src/lib/libcrypto/util/src-dep.pl | 2 +- src/lib/libcrypto/util/ssleay.num | 373 +- src/lib/libcrypto/util/tab_num.pl | 2 +- src/lib/libcrypto/util/x86asm.sh | 4 +- src/lib/libcrypto/x509v3/v3conf.c | 1 - src/lib/libcrypto/x509v3/v3prin.c | 2 - src/lib/libssl/src/CHANGES | 4290 +++++++++++++++++++- src/lib/libssl/src/Configure | 1694 ++++++-- src/lib/libssl/src/FAQ | 546 ++- src/lib/libssl/src/INSTALL | 420 +- src/lib/libssl/src/INSTALL.MacOS | 16 +- src/lib/libssl/src/INSTALL.VMS | 122 +- src/lib/libssl/src/INSTALL.W32 | 303 +- src/lib/libssl/src/LICENSE | 2 +- .../src/MacOS/GetHTTPS.src/CPStringUtils.cpp | 2 +- .../src/MacOS/GetHTTPS.src/ErrorHandling.cpp | 2 +- src/lib/libssl/src/MacOS/GetHTTPS.src/GetHTTPS.cpp | 44 +- .../libssl/src/MacOS/GetHTTPS.src/MacSocket.cpp | 2 +- src/lib/libssl/src/MacOS/OpenSSL.mcp.hqx | 4148 +++++++++---------- src/lib/libssl/src/Makefile.org | 535 ++- src/lib/libssl/src/NEWS | 155 + src/lib/libssl/src/README | 347 +- src/lib/libssl/src/README.ENGINE | 302 +- src/lib/libssl/src/VMS/install.com | 7 +- src/lib/libssl/src/VMS/tcpip_shr_decc.opt | 1 + src/lib/libssl/src/apps/CA.com | 20 + src/lib/libssl/src/apps/CA.pl | 30 +- src/lib/libssl/src/apps/CA.pl.in | 17 +- src/lib/libssl/src/apps/CA.sh | 12 +- src/lib/libssl/src/apps/app_rand.c | 35 +- src/lib/libssl/src/apps/apps.c | 1100 ++++- src/lib/libssl/src/apps/apps.h | 179 +- src/lib/libssl/src/apps/asn1pars.c | 143 +- src/lib/libssl/src/apps/ca-cert.srl | 2 +- src/lib/libssl/src/apps/ca.c | 2302 ++++++++--- src/lib/libssl/src/apps/ciphers.c | 57 +- src/lib/libssl/src/apps/crl.c | 233 +- src/lib/libssl/src/apps/crl2p7.c | 103 +- src/lib/libssl/src/apps/dgst.c | 258 +- src/lib/libssl/src/apps/dh.c | 72 +- src/lib/libssl/src/apps/dh1024.pem | 11 +- src/lib/libssl/src/apps/dhparam.c | 243 +- src/lib/libssl/src/apps/dsa-ca.pem | 23 +- src/lib/libssl/src/apps/dsa-pca.pem | 23 +- src/lib/libssl/src/apps/dsa.c | 140 +- src/lib/libssl/src/apps/dsaparam.c | 128 +- src/lib/libssl/src/apps/enc.c | 339 +- src/lib/libssl/src/apps/errstr.c | 28 +- src/lib/libssl/src/apps/gendh.c | 121 +- src/lib/libssl/src/apps/gendsa.c | 165 +- src/lib/libssl/src/apps/genrsa.c | 198 +- src/lib/libssl/src/apps/makeapps.com | 80 +- src/lib/libssl/src/apps/nseq.c | 31 +- src/lib/libssl/src/apps/openssl-vms.cnf | 30 +- src/lib/libssl/src/apps/openssl.c | 258 +- src/lib/libssl/src/apps/openssl.cnf | 51 +- src/lib/libssl/src/apps/passwd.c | 182 +- src/lib/libssl/src/apps/pca-cert.srl | 2 +- src/lib/libssl/src/apps/pkcs12.c | 549 ++- src/lib/libssl/src/apps/pkcs7.c | 152 +- src/lib/libssl/src/apps/pkcs8.c | 163 +- src/lib/libssl/src/apps/privkey.pem | 25 +- src/lib/libssl/src/apps/progs.h | 219 +- src/lib/libssl/src/apps/progs.pl | 48 +- src/lib/libssl/src/apps/rand.c | 85 +- src/lib/libssl/src/apps/req.c | 1110 +++-- src/lib/libssl/src/apps/rsa.c | 269 +- src/lib/libssl/src/apps/rsautl.c | 47 +- src/lib/libssl/src/apps/s_apps.h | 125 +- src/lib/libssl/src/apps/s_cb.c | 361 +- src/lib/libssl/src/apps/s_client.c | 456 ++- src/lib/libssl/src/apps/s_server.c | 803 +++- src/lib/libssl/src/apps/s_socket.c | 279 +- src/lib/libssl/src/apps/s_time.c | 169 +- src/lib/libssl/src/apps/server.pem | 16 +- src/lib/libssl/src/apps/sess_id.c | 69 +- src/lib/libssl/src/apps/smime.c | 369 +- src/lib/libssl/src/apps/speed.c | 1550 +++++-- src/lib/libssl/src/apps/spkac.c | 69 +- src/lib/libssl/src/apps/testdsa.h | 82 +- src/lib/libssl/src/apps/testrsa.h | 1 + src/lib/libssl/src/apps/verify.c | 253 +- src/lib/libssl/src/apps/version.c | 105 +- src/lib/libssl/src/apps/x509.c | 882 ++-- src/lib/libssl/src/bugs/SSLv3 | 8 + src/lib/libssl/src/bugs/sgiccbug.c | 2 + src/lib/libssl/src/bugs/stream.c | 6 +- src/lib/libssl/src/certs/vsign1.pem | 28 +- src/lib/libssl/src/certs/vsign3.pem | 30 +- src/lib/libssl/src/config | 638 ++- src/lib/libssl/src/crypto/aes/aes_cfb.c | 2 +- src/lib/libssl/src/crypto/aes/aes_ctr.c | 2 +- src/lib/libssl/src/crypto/asn1/a_bitstr.c | 120 +- src/lib/libssl/src/crypto/asn1/a_bool.c | 17 +- src/lib/libssl/src/crypto/asn1/a_bytes.c | 78 +- src/lib/libssl/src/crypto/asn1/a_d2i_fp.c | 87 +- src/lib/libssl/src/crypto/asn1/a_digest.c | 49 +- src/lib/libssl/src/crypto/asn1/a_dup.c | 37 +- src/lib/libssl/src/crypto/asn1/a_enum.c | 182 +- src/lib/libssl/src/crypto/asn1/a_gentm.c | 39 +- src/lib/libssl/src/crypto/asn1/a_hdr.c | 33 +- src/lib/libssl/src/crypto/asn1/a_i2d_fp.c | 70 +- src/lib/libssl/src/crypto/asn1/a_int.c | 281 +- src/lib/libssl/src/crypto/asn1/a_mbstr.c | 20 +- src/lib/libssl/src/crypto/asn1/a_meth.c | 8 +- src/lib/libssl/src/crypto/asn1/a_object.c | 195 +- src/lib/libssl/src/crypto/asn1/a_octet.c | 33 +- src/lib/libssl/src/crypto/asn1/a_print.c | 56 +- src/lib/libssl/src/crypto/asn1/a_set.c | 117 +- src/lib/libssl/src/crypto/asn1/a_sign.c | 195 +- src/lib/libssl/src/crypto/asn1/a_strex.c | 32 +- src/lib/libssl/src/crypto/asn1/a_strnid.c | 29 +- src/lib/libssl/src/crypto/asn1/a_time.c | 79 +- src/lib/libssl/src/crypto/asn1/a_type.c | 256 +- src/lib/libssl/src/crypto/asn1/a_utctm.c | 148 +- src/lib/libssl/src/crypto/asn1/a_utf8.c | 162 +- src/lib/libssl/src/crypto/asn1/a_verify.c | 92 +- src/lib/libssl/src/crypto/asn1/asn1.h | 1180 +++--- src/lib/libssl/src/crypto/asn1/asn1_err.c | 308 +- src/lib/libssl/src/crypto/asn1/asn1_lib.c | 154 +- src/lib/libssl/src/crypto/asn1/asn1_mac.h | 377 +- src/lib/libssl/src/crypto/asn1/asn1_par.c | 198 +- src/lib/libssl/src/crypto/asn1/asn_pack.c | 56 +- src/lib/libssl/src/crypto/asn1/d2i_pr.c | 56 +- src/lib/libssl/src/crypto/asn1/d2i_pu.c | 33 +- src/lib/libssl/src/crypto/asn1/evp_asn1.c | 62 +- src/lib/libssl/src/crypto/asn1/f_enum.c | 6 +- src/lib/libssl/src/crypto/asn1/f_int.c | 39 +- src/lib/libssl/src/crypto/asn1/f_string.c | 32 +- src/lib/libssl/src/crypto/asn1/i2d_pr.c | 20 +- src/lib/libssl/src/crypto/asn1/i2d_pu.c | 20 +- src/lib/libssl/src/crypto/asn1/n_pkey.c | 346 +- src/lib/libssl/src/crypto/asn1/nsseq.c | 64 +- src/lib/libssl/src/crypto/asn1/p5_pbe.c | 52 +- src/lib/libssl/src/crypto/asn1/p5_pbev2.c | 137 +- src/lib/libssl/src/crypto/asn1/p8_key.c | 4 +- src/lib/libssl/src/crypto/asn1/p8_pkey.c | 81 +- src/lib/libssl/src/crypto/asn1/t_crl.c | 49 +- src/lib/libssl/src/crypto/asn1/t_pkey.c | 117 +- src/lib/libssl/src/crypto/asn1/t_req.c | 112 +- src/lib/libssl/src/crypto/asn1/t_spki.c | 6 +- src/lib/libssl/src/crypto/asn1/t_x509.c | 424 +- src/lib/libssl/src/crypto/asn1/t_x509a.c | 10 +- src/lib/libssl/src/crypto/asn1/x_algor.c | 179 +- src/lib/libssl/src/crypto/asn1/x_attrib.c | 128 +- src/lib/libssl/src/crypto/asn1/x_crl.c | 371 +- src/lib/libssl/src/crypto/asn1/x_exten.c | 209 +- src/lib/libssl/src/crypto/asn1/x_info.c | 19 +- src/lib/libssl/src/crypto/asn1/x_long.c | 10 +- src/lib/libssl/src/crypto/asn1/x_name.c | 371 +- src/lib/libssl/src/crypto/asn1/x_pkey.c | 35 +- src/lib/libssl/src/crypto/asn1/x_pubkey.c | 236 +- src/lib/libssl/src/crypto/asn1/x_req.c | 223 +- src/lib/libssl/src/crypto/asn1/x_sig.c | 64 +- src/lib/libssl/src/crypto/asn1/x_spki.c | 128 +- src/lib/libssl/src/crypto/asn1/x_val.c | 63 +- src/lib/libssl/src/crypto/asn1/x_x509.c | 187 +- src/lib/libssl/src/crypto/asn1/x_x509a.c | 83 +- src/lib/libssl/src/crypto/bf/asm/bf-586.pl | 4 +- src/lib/libssl/src/crypto/bf/asm/bf-686.pl | 1 - src/lib/libssl/src/crypto/bf/bf_cbc.c | 39 +- src/lib/libssl/src/crypto/bf/bf_cfb64.c | 12 +- src/lib/libssl/src/crypto/bf/bf_ecb.c | 20 +- src/lib/libssl/src/crypto/bf/bf_enc.c | 129 +- src/lib/libssl/src/crypto/bf/bf_locl.h | 6 +- src/lib/libssl/src/crypto/bf/bf_ofb64.c | 11 +- src/lib/libssl/src/crypto/bf/bf_opts.c | 65 +- src/lib/libssl/src/crypto/bf/bf_pi.h | 2 +- src/lib/libssl/src/crypto/bf/bf_skey.c | 11 +- src/lib/libssl/src/crypto/bf/bfs.cpp | 2 +- src/lib/libssl/src/crypto/bf/bfspeed.c | 63 +- src/lib/libssl/src/crypto/bf/bftest.c | 61 +- src/lib/libssl/src/crypto/bf/blowfish.h | 67 +- src/lib/libssl/src/crypto/bio/b_dump.c | 129 +- src/lib/libssl/src/crypto/bio/b_print.c | 771 +++- src/lib/libssl/src/crypto/bio/b_sock.c | 386 +- src/lib/libssl/src/crypto/bio/bf_buff.c | 120 +- src/lib/libssl/src/crypto/bio/bf_lbuf.c | 12 +- src/lib/libssl/src/crypto/bio/bf_nbio.c | 79 +- src/lib/libssl/src/crypto/bio/bf_null.c | 73 +- src/lib/libssl/src/crypto/bio/bio.h | 456 +-- src/lib/libssl/src/crypto/bio/bio_cb.c | 15 +- src/lib/libssl/src/crypto/bio/bio_err.c | 149 +- src/lib/libssl/src/crypto/bio/bio_lib.c | 208 +- src/lib/libssl/src/crypto/bio/bss_acpt.c | 167 +- src/lib/libssl/src/crypto/bio/bss_bio.c | 318 +- src/lib/libssl/src/crypto/bio/bss_conn.c | 220 +- src/lib/libssl/src/crypto/bio/bss_fd.c | 226 +- src/lib/libssl/src/crypto/bio/bss_file.c | 91 +- src/lib/libssl/src/crypto/bio/bss_log.c | 325 +- src/lib/libssl/src/crypto/bio/bss_mem.c | 130 +- src/lib/libssl/src/crypto/bio/bss_null.c | 57 +- src/lib/libssl/src/crypto/bio/bss_rtcp.c | 67 +- src/lib/libssl/src/crypto/bio/bss_sock.c | 220 +- src/lib/libssl/src/crypto/bn/asm/README | 21 +- src/lib/libssl/src/crypto/bn/asm/alpha.s | 3161 +++++++++++++- src/lib/libssl/src/crypto/bn/asm/bn-586.pl | 295 +- src/lib/libssl/src/crypto/bn/asm/mips3.s | 573 +-- src/lib/libssl/src/crypto/bn/asm/pa-risc2.s | 2024 +++++++-- src/lib/libssl/src/crypto/bn/asm/pa-risc2W.s | 2 +- src/lib/libssl/src/crypto/bn/asm/vms.mar | 697 +--- src/lib/libssl/src/crypto/bn/bn.h | 290 +- src/lib/libssl/src/crypto/bn/bn_add.c | 206 +- src/lib/libssl/src/crypto/bn/bn_asm.c | 178 +- src/lib/libssl/src/crypto/bn/bn_blind.c | 47 +- src/lib/libssl/src/crypto/bn/bn_ctx.c | 17 +- src/lib/libssl/src/crypto/bn/bn_div.c | 221 +- src/lib/libssl/src/crypto/bn/bn_err.c | 142 +- src/lib/libssl/src/crypto/bn/bn_exp.c | 600 ++- src/lib/libssl/src/crypto/bn/bn_exp2.c | 382 +- src/lib/libssl/src/crypto/bn/bn_gcd.c | 389 +- src/lib/libssl/src/crypto/bn/bn_lcl.h | 291 +- src/lib/libssl/src/crypto/bn/bn_lib.c | 571 ++- src/lib/libssl/src/crypto/bn/bn_mod.c | 251 +- src/lib/libssl/src/crypto/bn/bn_mont.c | 335 +- src/lib/libssl/src/crypto/bn/bn_mpi.c | 11 +- src/lib/libssl/src/crypto/bn/bn_mul.c | 1158 +++++- src/lib/libssl/src/crypto/bn/bn_prime.c | 459 ++- src/lib/libssl/src/crypto/bn/bn_prime.h | 4 +- src/lib/libssl/src/crypto/bn/bn_prime.pl | 71 +- src/lib/libssl/src/crypto/bn/bn_print.c | 67 +- src/lib/libssl/src/crypto/bn/bn_rand.c | 216 +- src/lib/libssl/src/crypto/bn/bn_recp.c | 183 +- src/lib/libssl/src/crypto/bn/bn_shift.c | 27 +- src/lib/libssl/src/crypto/bn/bn_sqr.c | 214 +- src/lib/libssl/src/crypto/bn/bn_word.c | 47 +- src/lib/libssl/src/crypto/bn/bnspeed.c | 69 +- src/lib/libssl/src/crypto/bn/bntest.c | 1008 +++-- src/lib/libssl/src/crypto/bn/exp.c | 2 + src/lib/libssl/src/crypto/bn/expspeed.c | 229 +- src/lib/libssl/src/crypto/bn/exptest.c | 77 +- src/lib/libssl/src/crypto/bn/vms-helper.c | 4 +- src/lib/libssl/src/crypto/buffer/buf_err.c | 128 +- src/lib/libssl/src/crypto/buffer/buffer.c | 34 +- src/lib/libssl/src/crypto/buffer/buffer.h | 25 +- src/lib/libssl/src/crypto/cast/asm/cast-586.pl | 267 +- src/lib/libssl/src/crypto/cast/c_cfb64.c | 25 +- src/lib/libssl/src/crypto/cast/c_ecb.c | 14 +- src/lib/libssl/src/crypto/cast/c_enc.c | 43 +- src/lib/libssl/src/crypto/cast/c_ofb64.c | 16 +- src/lib/libssl/src/crypto/cast/c_skey.c | 11 +- src/lib/libssl/src/crypto/cast/cast.h | 38 +- src/lib/libssl/src/crypto/cast/cast_lcl.h | 30 +- src/lib/libssl/src/crypto/cast/cast_s.h | 16 +- src/lib/libssl/src/crypto/cast/cast_spd.c | 63 +- src/lib/libssl/src/crypto/cast/castopts.c | 65 +- src/lib/libssl/src/crypto/cast/casts.cpp | 2 +- src/lib/libssl/src/crypto/cast/casttest.c | 199 +- src/lib/libssl/src/crypto/comp/c_rle.c | 1 + src/lib/libssl/src/crypto/comp/c_zlib.c | 141 +- src/lib/libssl/src/crypto/comp/comp.h | 9 +- src/lib/libssl/src/crypto/comp/comp_err.c | 7 +- src/lib/libssl/src/crypto/comp/comp_lib.c | 6 +- src/lib/libssl/src/crypto/conf/cnf_save.c | 12 +- src/lib/libssl/src/crypto/conf/conf.h | 170 +- src/lib/libssl/src/crypto/conf/conf_api.c | 49 +- src/lib/libssl/src/crypto/conf/conf_api.h | 12 +- src/lib/libssl/src/crypto/conf/conf_def.c | 62 +- src/lib/libssl/src/crypto/conf/conf_def.h | 143 +- src/lib/libssl/src/crypto/conf/conf_err.c | 150 +- src/lib/libssl/src/crypto/conf/conf_lib.c | 196 +- src/lib/libssl/src/crypto/conf/keysets.pl | 164 +- src/lib/libssl/src/crypto/conf/test.c | 11 +- src/lib/libssl/src/crypto/cpt_err.c | 134 +- src/lib/libssl/src/crypto/cryptlib.c | 303 +- src/lib/libssl/src/crypto/cryptlib.h | 38 +- src/lib/libssl/src/crypto/crypto-lib.com | 562 ++- src/lib/libssl/src/crypto/crypto.h | 430 +- src/lib/libssl/src/crypto/cversion.c | 45 +- src/lib/libssl/src/crypto/des/VERSION | 1 + src/lib/libssl/src/crypto/des/asm/crypt586.pl | 12 +- src/lib/libssl/src/crypto/des/asm/des-586.pl | 30 +- src/lib/libssl/src/crypto/des/asm/des686.pl | 22 +- src/lib/libssl/src/crypto/des/asm/desboth.pl | 16 +- src/lib/libssl/src/crypto/des/asm/readme | 2 +- src/lib/libssl/src/crypto/des/cbc3_enc.c | 54 +- src/lib/libssl/src/crypto/des/cbc_cksm.c | 18 +- src/lib/libssl/src/crypto/des/cbc_enc.c | 78 +- src/lib/libssl/src/crypto/des/cfb64ede.c | 39 +- src/lib/libssl/src/crypto/des/cfb64enc.c | 27 +- src/lib/libssl/src/crypto/des/cfb_enc.c | 18 +- src/lib/libssl/src/crypto/des/des-lib.com | 4 +- src/lib/libssl/src/crypto/des/des.c | 220 +- src/lib/libssl/src/crypto/des/des.h | 303 +- src/lib/libssl/src/crypto/des/des3s.cpp | 2 +- src/lib/libssl/src/crypto/des/des_enc.c | 165 +- src/lib/libssl/src/crypto/des/des_locl.h | 89 +- src/lib/libssl/src/crypto/des/des_opts.c | 264 +- src/lib/libssl/src/crypto/des/des_ver.h | 11 +- src/lib/libssl/src/crypto/des/dess.cpp | 20 +- src/lib/libssl/src/crypto/des/destest.c | 410 +- src/lib/libssl/src/crypto/des/ecb3_enc.c | 20 +- src/lib/libssl/src/crypto/des/ecb_enc.c | 26 +- src/lib/libssl/src/crypto/des/ede_cbcm_enc.c | 24 +- src/lib/libssl/src/crypto/des/enc_read.c | 90 +- src/lib/libssl/src/crypto/des/enc_writ.c | 73 +- src/lib/libssl/src/crypto/des/fcrypt.c | 96 +- src/lib/libssl/src/crypto/des/fcrypt_b.c | 13 +- src/lib/libssl/src/crypto/des/ncbc_enc.c | 52 +- src/lib/libssl/src/crypto/des/ofb64ede.c | 32 +- src/lib/libssl/src/crypto/des/ofb64enc.c | 24 +- src/lib/libssl/src/crypto/des/ofb_enc.c | 16 +- src/lib/libssl/src/crypto/des/pcbc_enc.c | 23 +- src/lib/libssl/src/crypto/des/qud_cksm.c | 53 +- src/lib/libssl/src/crypto/des/rand_key.c | 162 +- src/lib/libssl/src/crypto/des/read2pwd.c | 77 +- src/lib/libssl/src/crypto/des/read_pwd.c | 218 +- src/lib/libssl/src/crypto/des/rpc_enc.c | 25 +- src/lib/libssl/src/crypto/des/rpw.c | 12 +- src/lib/libssl/src/crypto/des/set_key.c | 273 +- src/lib/libssl/src/crypto/des/speed.c | 117 +- src/lib/libssl/src/crypto/des/spr.h | 2 +- src/lib/libssl/src/crypto/des/str2key.c | 70 +- src/lib/libssl/src/crypto/des/xcbc_enc.c | 57 +- src/lib/libssl/src/crypto/dh/dh.h | 131 +- src/lib/libssl/src/crypto/dh/dh_check.c | 18 +- src/lib/libssl/src/crypto/dh/dh_err.c | 126 +- src/lib/libssl/src/crypto/dh/dh_gen.c | 63 +- src/lib/libssl/src/crypto/dh/dh_key.c | 131 +- src/lib/libssl/src/crypto/dh/dh_lib.c | 159 +- src/lib/libssl/src/crypto/dh/dhtest.c | 84 +- src/lib/libssl/src/crypto/dh/p1024.c | 8 +- src/lib/libssl/src/crypto/dh/p192.c | 8 +- src/lib/libssl/src/crypto/dh/p512.c | 8 +- src/lib/libssl/src/crypto/dsa/dsa.h | 180 +- src/lib/libssl/src/crypto/dsa/dsa_asn1.c | 200 +- src/lib/libssl/src/crypto/dsa/dsa_err.c | 133 +- src/lib/libssl/src/crypto/dsa/dsa_gen.c | 220 +- src/lib/libssl/src/crypto/dsa/dsa_key.c | 25 +- src/lib/libssl/src/crypto/dsa/dsa_lib.c | 176 +- src/lib/libssl/src/crypto/dsa/dsa_ossl.c | 39 +- src/lib/libssl/src/crypto/dsa/dsa_sign.c | 166 +- src/lib/libssl/src/crypto/dsa/dsa_vrf.c | 109 +- src/lib/libssl/src/crypto/dsa/dsagen.c | 5 +- src/lib/libssl/src/crypto/dsa/dsatest.c | 81 +- src/lib/libssl/src/crypto/dso/README | 24 +- src/lib/libssl/src/crypto/dso/dso.h | 168 +- src/lib/libssl/src/crypto/dso/dso_dl.c | 111 +- src/lib/libssl/src/crypto/dso/dso_dlfcn.c | 99 +- src/lib/libssl/src/crypto/dso/dso_err.c | 23 +- src/lib/libssl/src/crypto/dso/dso_lib.c | 179 +- src/lib/libssl/src/crypto/dso/dso_vms.c | 86 +- src/lib/libssl/src/crypto/dso/dso_win32.c | 112 +- src/lib/libssl/src/crypto/ebcdic.c | 3 +- src/lib/libssl/src/crypto/ebcdic.h | 14 +- src/lib/libssl/src/crypto/ec/ec_lib.c | 8 + src/lib/libssl/src/crypto/engine/README | 483 +-- src/lib/libssl/src/crypto/engine/eng_all.c | 22 +- src/lib/libssl/src/crypto/engine/eng_fat.c | 3 +- src/lib/libssl/src/crypto/engine/eng_init.c | 3 +- src/lib/libssl/src/crypto/engine/eng_list.c | 2 +- src/lib/libssl/src/crypto/engine/engine.h | 650 ++- src/lib/libssl/src/crypto/engine/enginetest.c | 45 +- src/lib/libssl/src/crypto/engine/hw_4758_cca.c | 28 +- src/lib/libssl/src/crypto/engine/hw_atalla.c | 283 +- src/lib/libssl/src/crypto/engine/hw_cswift.c | 322 +- src/lib/libssl/src/crypto/engine/hw_ncipher.c | 662 ++- .../libssl/src/crypto/engine/vendor_defns/atalla.h | 13 - .../libssl/src/crypto/engine/vendor_defns/cswift.h | 45 +- src/lib/libssl/src/crypto/err/err.c | 938 +++-- src/lib/libssl/src/crypto/err/err.h | 260 +- src/lib/libssl/src/crypto/err/err_all.c | 83 +- src/lib/libssl/src/crypto/err/err_prn.c | 62 +- src/lib/libssl/src/crypto/err/openssl.ec | 34 +- src/lib/libssl/src/crypto/evp/bio_b64.c | 93 +- src/lib/libssl/src/crypto/evp/bio_enc.c | 126 +- src/lib/libssl/src/crypto/evp/bio_md.c | 101 +- src/lib/libssl/src/crypto/evp/bio_ok.c | 97 +- src/lib/libssl/src/crypto/evp/c_all.c | 130 +- src/lib/libssl/src/crypto/evp/c_allc.c | 45 +- src/lib/libssl/src/crypto/evp/c_alld.c | 19 +- src/lib/libssl/src/crypto/evp/digest.c | 259 +- src/lib/libssl/src/crypto/evp/e_aes.c | 4 +- src/lib/libssl/src/crypto/evp/e_bf.c | 16 +- src/lib/libssl/src/crypto/evp/e_cast.c | 16 +- src/lib/libssl/src/crypto/evp/e_des.c | 21 +- src/lib/libssl/src/crypto/evp/e_des3.c | 88 +- src/lib/libssl/src/crypto/evp/e_dsa.c | 6 +- src/lib/libssl/src/crypto/evp/e_idea.c | 22 +- src/lib/libssl/src/crypto/evp/e_null.c | 42 +- src/lib/libssl/src/crypto/evp/e_rc2.c | 67 +- src/lib/libssl/src/crypto/evp/e_rc4.c | 75 +- src/lib/libssl/src/crypto/evp/e_rc5.c | 65 +- src/lib/libssl/src/crypto/evp/e_xcbc_d.c | 82 +- src/lib/libssl/src/crypto/evp/encode.c | 74 +- src/lib/libssl/src/crypto/evp/evp.h | 875 ++-- src/lib/libssl/src/crypto/evp/evp_enc.c | 452 ++- src/lib/libssl/src/crypto/evp/evp_err.c | 174 +- src/lib/libssl/src/crypto/evp/evp_key.c | 67 +- src/lib/libssl/src/crypto/evp/evp_lib.c | 55 +- src/lib/libssl/src/crypto/evp/evp_locl.h | 125 +- src/lib/libssl/src/crypto/evp/evp_pbe.c | 18 +- src/lib/libssl/src/crypto/evp/evp_pkey.c | 296 +- src/lib/libssl/src/crypto/evp/evp_test.c | 145 +- src/lib/libssl/src/crypto/evp/evptests.txt | 125 +- src/lib/libssl/src/crypto/evp/m_dss.c | 31 +- src/lib/libssl/src/crypto/evp/m_dss1.c | 30 +- src/lib/libssl/src/crypto/evp/m_md2.c | 32 +- src/lib/libssl/src/crypto/evp/m_md4.c | 27 +- src/lib/libssl/src/crypto/evp/m_md5.c | 31 +- src/lib/libssl/src/crypto/evp/m_mdc2.c | 31 +- src/lib/libssl/src/crypto/evp/m_null.c | 31 +- src/lib/libssl/src/crypto/evp/m_ripemd.c | 31 +- src/lib/libssl/src/crypto/evp/m_sha.c | 31 +- src/lib/libssl/src/crypto/evp/m_sha1.c | 30 +- src/lib/libssl/src/crypto/evp/names.c | 244 +- src/lib/libssl/src/crypto/evp/p5_crpt.c | 43 +- src/lib/libssl/src/crypto/evp/p5_crpt2.c | 17 +- src/lib/libssl/src/crypto/evp/p_dec.c | 23 +- src/lib/libssl/src/crypto/evp/p_enc.c | 23 +- src/lib/libssl/src/crypto/evp/p_lib.c | 145 +- src/lib/libssl/src/crypto/evp/p_open.c | 52 +- src/lib/libssl/src/crypto/evp/p_seal.c | 52 +- src/lib/libssl/src/crypto/evp/p_sign.c | 31 +- src/lib/libssl/src/crypto/evp/p_verify.c | 19 +- src/lib/libssl/src/crypto/ex_data.c | 646 ++- src/lib/libssl/src/crypto/hmac/hmac.c | 79 +- src/lib/libssl/src/crypto/hmac/hmac.h | 40 +- src/lib/libssl/src/crypto/hmac/hmactest.c | 37 +- src/lib/libssl/src/crypto/idea/idea.h | 20 +- src/lib/libssl/src/crypto/install.com | 28 +- src/lib/libssl/src/crypto/lhash/lh_stats.c | 49 +- src/lib/libssl/src/crypto/lhash/lh_test.c | 5 +- src/lib/libssl/src/crypto/lhash/lhash.c | 171 +- src/lib/libssl/src/crypto/lhash/lhash.h | 126 +- src/lib/libssl/src/crypto/lhash/num.pl | 2 +- src/lib/libssl/src/crypto/md2/md2.c | 20 +- src/lib/libssl/src/crypto/md2/md2.h | 18 +- src/lib/libssl/src/crypto/md2/md2_dgst.c | 39 +- src/lib/libssl/src/crypto/md2/md2_one.c | 23 +- src/lib/libssl/src/crypto/md2/md2test.c | 36 +- src/lib/libssl/src/crypto/md32_common.h | 57 +- src/lib/libssl/src/crypto/md4/md4.h | 14 +- src/lib/libssl/src/crypto/md4/md4_dgst.c | 3 +- src/lib/libssl/src/crypto/md4/md4_locl.h | 2 +- src/lib/libssl/src/crypto/md4/md4test.c | 7 +- src/lib/libssl/src/crypto/md5/asm/md5-586.pl | 40 +- src/lib/libssl/src/crypto/md5/asm/md5-sparcv9.S | 8 +- src/lib/libssl/src/crypto/md5/md5.c | 18 +- src/lib/libssl/src/crypto/md5/md5.h | 57 +- src/lib/libssl/src/crypto/md5/md5_dgst.c | 398 +- src/lib/libssl/src/crypto/md5/md5_locl.h | 167 +- src/lib/libssl/src/crypto/md5/md5_one.c | 28 +- src/lib/libssl/src/crypto/md5/md5s.cpp | 2 +- src/lib/libssl/src/crypto/md5/md5test.c | 32 +- src/lib/libssl/src/crypto/mdc2/mdc2.h | 27 +- src/lib/libssl/src/crypto/mem.c | 454 +-- src/lib/libssl/src/crypto/mem_dbg.c | 263 +- src/lib/libssl/src/crypto/objects/o_names.c | 229 +- src/lib/libssl/src/crypto/objects/obj_dat.c | 359 +- src/lib/libssl/src/crypto/objects/obj_dat.h | 2646 ++++++++++-- src/lib/libssl/src/crypto/objects/obj_dat.pl | 112 +- src/lib/libssl/src/crypto/objects/obj_err.c | 123 +- src/lib/libssl/src/crypto/objects/obj_lib.c | 39 +- src/lib/libssl/src/crypto/objects/obj_mac.h | 593 ++- src/lib/libssl/src/crypto/objects/obj_mac.num | 121 +- src/lib/libssl/src/crypto/objects/objects.h | 444 +- src/lib/libssl/src/crypto/objects/objects.pl | 17 +- src/lib/libssl/src/crypto/objects/objects.txt | 800 +++- src/lib/libssl/src/crypto/opensslconf.h | 180 + src/lib/libssl/src/crypto/opensslconf.h.in | 26 +- src/lib/libssl/src/crypto/opensslv.h | 84 +- src/lib/libssl/src/crypto/pem/pem.h | 612 +-- src/lib/libssl/src/crypto/pem/pem2.h | 8 + src/lib/libssl/src/crypto/pem/pem_all.c | 480 +-- src/lib/libssl/src/crypto/pem/pem_err.c | 129 +- src/lib/libssl/src/crypto/pem/pem_info.c | 99 +- src/lib/libssl/src/crypto/pem/pem_lib.c | 329 +- src/lib/libssl/src/crypto/pem/pem_seal.c | 84 +- src/lib/libssl/src/crypto/pem/pem_sign.c | 33 +- src/lib/libssl/src/crypto/perlasm/cbc.pl | 2 +- src/lib/libssl/src/crypto/perlasm/x86asm.pl | 17 +- src/lib/libssl/src/crypto/perlasm/x86ms.pl | 21 +- src/lib/libssl/src/crypto/perlasm/x86unix.pl | 141 +- src/lib/libssl/src/crypto/pkcs12/p12_add.c | 97 +- src/lib/libssl/src/crypto/pkcs12/p12_attr.c | 155 +- src/lib/libssl/src/crypto/pkcs12/p12_crpt.c | 10 +- src/lib/libssl/src/crypto/pkcs12/p12_crt.c | 37 +- src/lib/libssl/src/crypto/pkcs12/p12_decr.c | 77 +- src/lib/libssl/src/crypto/pkcs12/p12_init.c | 12 +- src/lib/libssl/src/crypto/pkcs12/p12_key.c | 96 +- src/lib/libssl/src/crypto/pkcs12/p12_kiss.c | 175 +- src/lib/libssl/src/crypto/pkcs12/p12_mutl.c | 35 +- src/lib/libssl/src/crypto/pkcs12/p12_npas.c | 47 +- src/lib/libssl/src/crypto/pkcs12/p12_utl.c | 58 +- src/lib/libssl/src/crypto/pkcs12/pk12err.c | 9 +- src/lib/libssl/src/crypto/pkcs12/pkcs12.h | 153 +- src/lib/libssl/src/crypto/pkcs7/bio_ber.c | 28 +- src/lib/libssl/src/crypto/pkcs7/dec.c | 12 +- src/lib/libssl/src/crypto/pkcs7/enc.c | 86 +- src/lib/libssl/src/crypto/pkcs7/example.c | 16 +- src/lib/libssl/src/crypto/pkcs7/pk7_attr.c | 90 +- src/lib/libssl/src/crypto/pkcs7/pk7_dgst.c | 10 +- src/lib/libssl/src/crypto/pkcs7/pk7_doit.c | 833 +++- src/lib/libssl/src/crypto/pkcs7/pk7_enc.c | 10 +- src/lib/libssl/src/crypto/pkcs7/pk7_lib.c | 208 +- src/lib/libssl/src/crypto/pkcs7/pk7_mime.c | 144 +- src/lib/libssl/src/crypto/pkcs7/pk7_smime.c | 60 +- src/lib/libssl/src/crypto/pkcs7/pkcs7.h | 390 +- src/lib/libssl/src/crypto/pkcs7/pkcs7err.c | 174 +- src/lib/libssl/src/crypto/pkcs7/sign.c | 34 +- src/lib/libssl/src/crypto/pkcs7/verify.c | 66 +- src/lib/libssl/src/crypto/rand/md_rand.c | 639 +-- src/lib/libssl/src/crypto/rand/rand.h | 72 +- src/lib/libssl/src/crypto/rand/rand_egd.c | 224 +- src/lib/libssl/src/crypto/rand/rand_err.c | 10 +- src/lib/libssl/src/crypto/rand/rand_lcl.h | 60 +- src/lib/libssl/src/crypto/rand/rand_lib.c | 104 +- src/lib/libssl/src/crypto/rand/rand_unix.c | 38 - src/lib/libssl/src/crypto/rand/rand_win.c | 67 +- src/lib/libssl/src/crypto/rand/randfile.c | 141 +- src/lib/libssl/src/crypto/rand/randtest.c | 29 +- src/lib/libssl/src/crypto/rc2/rc2.h | 28 +- src/lib/libssl/src/crypto/rc2/rc2_cbc.c | 19 +- src/lib/libssl/src/crypto/rc2/rc2_ecb.c | 12 +- src/lib/libssl/src/crypto/rc2/rc2_skey.c | 8 +- src/lib/libssl/src/crypto/rc2/rc2cfb64.c | 13 +- src/lib/libssl/src/crypto/rc2/rc2ofb64.c | 12 +- src/lib/libssl/src/crypto/rc2/rc2speed.c | 63 +- src/lib/libssl/src/crypto/rc2/rc2test.c | 33 +- src/lib/libssl/src/crypto/rc4/asm/rc4-586.pl | 2 +- src/lib/libssl/src/crypto/rc4/rc4.c | 12 +- src/lib/libssl/src/crypto/rc4/rc4.h | 14 +- src/lib/libssl/src/crypto/rc4/rc4_enc.c | 194 +- src/lib/libssl/src/crypto/rc4/rc4_skey.c | 12 +- src/lib/libssl/src/crypto/rc4/rc4s.cpp | 2 +- src/lib/libssl/src/crypto/rc4/rc4speed.c | 63 +- src/lib/libssl/src/crypto/rc4/rc4test.c | 24 +- src/lib/libssl/src/crypto/rc5/rc5.h | 36 +- src/lib/libssl/src/crypto/ripemd/asm/rips.cpp | 8 +- src/lib/libssl/src/crypto/ripemd/asm/rmd-586.pl | 112 +- src/lib/libssl/src/crypto/ripemd/ripemd.h | 46 +- src/lib/libssl/src/crypto/ripemd/rmd160.c | 18 +- src/lib/libssl/src/crypto/ripemd/rmd_dgst.c | 471 +-- src/lib/libssl/src/crypto/ripemd/rmd_locl.h | 182 +- src/lib/libssl/src/crypto/ripemd/rmd_one.c | 9 +- src/lib/libssl/src/crypto/ripemd/rmdtest.c | 40 +- src/lib/libssl/src/crypto/rsa/rsa.h | 319 +- src/lib/libssl/src/crypto/rsa/rsa_chk.c | 2 +- src/lib/libssl/src/crypto/rsa/rsa_eay.c | 555 ++- src/lib/libssl/src/crypto/rsa/rsa_err.c | 142 +- src/lib/libssl/src/crypto/rsa/rsa_gen.c | 120 +- src/lib/libssl/src/crypto/rsa/rsa_lib.c | 263 +- src/lib/libssl/src/crypto/rsa/rsa_none.c | 47 +- src/lib/libssl/src/crypto/rsa/rsa_null.c | 23 +- src/lib/libssl/src/crypto/rsa/rsa_oaep.c | 292 +- src/lib/libssl/src/crypto/rsa/rsa_pk1.c | 75 +- src/lib/libssl/src/crypto/rsa/rsa_saos.c | 41 +- src/lib/libssl/src/crypto/rsa/rsa_sign.c | 192 +- src/lib/libssl/src/crypto/rsa/rsa_ssl.c | 37 +- src/lib/libssl/src/crypto/rsa/rsa_test.c | 14 +- src/lib/libssl/src/crypto/sha/asm/sha1-586.pl | 115 +- src/lib/libssl/src/crypto/sha/sha.c | 19 +- src/lib/libssl/src/crypto/sha/sha.h | 72 +- src/lib/libssl/src/crypto/sha/sha1.c | 18 +- src/lib/libssl/src/crypto/sha/sha1_one.c | 9 +- src/lib/libssl/src/crypto/sha/sha1dgst.c | 407 +- src/lib/libssl/src/crypto/sha/sha1s.cpp | 7 +- src/lib/libssl/src/crypto/sha/sha1test.c | 59 +- src/lib/libssl/src/crypto/sha/sha_dgst.c | 385 +- src/lib/libssl/src/crypto/sha/sha_locl.h | 522 ++- src/lib/libssl/src/crypto/sha/sha_one.c | 9 +- src/lib/libssl/src/crypto/sha/shatest.c | 59 +- src/lib/libssl/src/crypto/stack/safestack.h | 1515 ++++++- src/lib/libssl/src/crypto/stack/stack.c | 163 +- src/lib/libssl/src/crypto/stack/stack.h | 41 +- src/lib/libssl/src/crypto/symhacks.h | 131 +- src/lib/libssl/src/crypto/threads/mttest.c | 247 +- src/lib/libssl/src/crypto/threads/th-lock.c | 138 +- src/lib/libssl/src/crypto/tmdiff.c | 138 +- src/lib/libssl/src/crypto/txt_db/txt_db.c | 79 +- src/lib/libssl/src/crypto/txt_db/txt_db.h | 29 +- src/lib/libssl/src/crypto/ui/ui_openssl.c | 2 +- src/lib/libssl/src/crypto/uid.c | 7 +- src/lib/libssl/src/crypto/x509/by_dir.c | 96 +- src/lib/libssl/src/crypto/x509/by_file.c | 106 +- src/lib/libssl/src/crypto/x509/x509.h | 1161 +++--- src/lib/libssl/src/crypto/x509/x509_att.c | 26 +- src/lib/libssl/src/crypto/x509/x509_cmp.c | 204 +- src/lib/libssl/src/crypto/x509/x509_d2.c | 23 +- src/lib/libssl/src/crypto/x509/x509_def.c | 18 +- src/lib/libssl/src/crypto/x509/x509_err.c | 162 +- src/lib/libssl/src/crypto/x509/x509_ext.c | 142 +- src/lib/libssl/src/crypto/x509/x509_lu.c | 481 ++- src/lib/libssl/src/crypto/x509/x509_obj.c | 75 +- src/lib/libssl/src/crypto/x509/x509_r2x.c | 36 +- src/lib/libssl/src/crypto/x509/x509_req.c | 194 +- src/lib/libssl/src/crypto/x509/x509_set.c | 54 +- src/lib/libssl/src/crypto/x509/x509_trs.c | 65 +- src/lib/libssl/src/crypto/x509/x509_txt.c | 48 +- src/lib/libssl/src/crypto/x509/x509_v3.c | 237 +- src/lib/libssl/src/crypto/x509/x509_vfy.c | 1067 +++-- src/lib/libssl/src/crypto/x509/x509_vfy.h | 261 +- src/lib/libssl/src/crypto/x509/x509name.c | 205 +- src/lib/libssl/src/crypto/x509/x509rset.c | 20 +- src/lib/libssl/src/crypto/x509/x509spki.c | 13 +- src/lib/libssl/src/crypto/x509/x509type.c | 13 +- src/lib/libssl/src/crypto/x509/x_all.c | 523 +-- src/lib/libssl/src/crypto/x509v3/ext_dat.h | 16 +- src/lib/libssl/src/crypto/x509v3/v3_akey.c | 83 +- src/lib/libssl/src/crypto/x509v3/v3_alt.c | 129 +- src/lib/libssl/src/crypto/x509v3/v3_bcons.c | 58 +- src/lib/libssl/src/crypto/x509v3/v3_bitst.c | 11 +- src/lib/libssl/src/crypto/x509v3/v3_conf.c | 387 +- src/lib/libssl/src/crypto/x509v3/v3_cpols.c | 355 +- src/lib/libssl/src/crypto/x509v3/v3_crld.c | 181 +- src/lib/libssl/src/crypto/x509v3/v3_enum.c | 19 +- src/lib/libssl/src/crypto/x509v3/v3_extku.c | 132 +- src/lib/libssl/src/crypto/x509v3/v3_genn.c | 210 +- src/lib/libssl/src/crypto/x509v3/v3_ia5.c | 15 +- src/lib/libssl/src/crypto/x509v3/v3_info.c | 138 +- src/lib/libssl/src/crypto/x509v3/v3_int.c | 18 +- src/lib/libssl/src/crypto/x509v3/v3_lib.c | 190 +- src/lib/libssl/src/crypto/x509v3/v3_pku.c | 61 +- src/lib/libssl/src/crypto/x509v3/v3_prn.c | 112 +- src/lib/libssl/src/crypto/x509v3/v3_purp.c | 271 +- src/lib/libssl/src/crypto/x509v3/v3_skey.c | 32 +- src/lib/libssl/src/crypto/x509v3/v3_sxnet.c | 132 +- src/lib/libssl/src/crypto/x509v3/v3_utl.c | 171 +- src/lib/libssl/src/crypto/x509v3/v3conf.c | 1 - src/lib/libssl/src/crypto/x509v3/v3err.c | 16 +- src/lib/libssl/src/crypto/x509v3/v3prin.c | 2 - src/lib/libssl/src/crypto/x509v3/x509v3.h | 730 +++- src/lib/libssl/src/demos/README | 6 + src/lib/libssl/src/demos/b64.c | 28 +- src/lib/libssl/src/demos/b64.pl | 2 +- src/lib/libssl/src/demos/bio/saccept.c | 6 +- src/lib/libssl/src/demos/bio/sconnect.c | 9 +- src/lib/libssl/src/demos/easy_tls/Makefile | 2 +- src/lib/libssl/src/demos/easy_tls/cacerts.pem | 2 +- src/lib/libssl/src/demos/easy_tls/cert.pem | 2 +- src/lib/libssl/src/demos/easy_tls/easy-tls.c | 9 +- src/lib/libssl/src/demos/easy_tls/easy-tls.h | 2 +- src/lib/libssl/src/demos/easy_tls/test.c | 2 +- src/lib/libssl/src/demos/easy_tls/test.h | 2 +- src/lib/libssl/src/demos/engines/rsaref/Makefile | 119 + src/lib/libssl/src/demos/engines/rsaref/README | 22 + src/lib/libssl/src/demos/engines/rsaref/build.com | 85 + src/lib/libssl/src/demos/engines/rsaref/rsaref.c | 682 ++++ src/lib/libssl/src/demos/engines/rsaref/rsaref.ec | 8 + .../libssl/src/demos/engines/rsaref/rsaref_err.c | 161 + .../libssl/src/demos/engines/rsaref/rsaref_err.h | 109 + src/lib/libssl/src/demos/maurice/Makefile | 42 +- src/lib/libssl/src/demos/maurice/example1.c | 22 +- src/lib/libssl/src/demos/maurice/example2.c | 18 +- src/lib/libssl/src/demos/maurice/example3.c | 15 +- src/lib/libssl/src/demos/maurice/example4.c | 7 +- src/lib/libssl/src/demos/maurice/loadkeys.c | 23 +- src/lib/libssl/src/demos/maurice/loadkeys.h | 2 +- src/lib/libssl/src/demos/prime/prime.c | 7 +- src/lib/libssl/src/demos/selfsign.c | 106 +- src/lib/libssl/src/demos/sign/sign.c | 82 +- src/lib/libssl/src/demos/spkigen.c | 12 +- src/lib/libssl/src/demos/ssl/cli.cpp | 34 +- src/lib/libssl/src/demos/ssl/inetdsrv.cpp | 14 +- src/lib/libssl/src/demos/ssl/serv.cpp | 70 +- src/lib/libssl/src/doc/README | 12 +- src/lib/libssl/src/doc/apps/CA.pl.pod | 43 +- src/lib/libssl/src/doc/apps/ca.pod | 142 +- src/lib/libssl/src/doc/apps/ciphers.pod | 8 +- src/lib/libssl/src/doc/apps/dgst.pod | 69 +- src/lib/libssl/src/doc/apps/dhparam.pod | 42 +- src/lib/libssl/src/doc/apps/dsaparam.pod | 2 +- src/lib/libssl/src/doc/apps/enc.pod | 26 +- src/lib/libssl/src/doc/apps/gendsa.pod | 2 +- src/lib/libssl/src/doc/apps/genrsa.pod | 5 +- src/lib/libssl/src/doc/apps/openssl.pod | 58 +- src/lib/libssl/src/doc/apps/passwd.pod | 21 +- src/lib/libssl/src/doc/apps/pkcs12.pod | 24 +- src/lib/libssl/src/doc/apps/pkcs7.pod | 2 +- src/lib/libssl/src/doc/apps/rand.pod | 4 +- src/lib/libssl/src/doc/apps/req.pod | 69 +- src/lib/libssl/src/doc/apps/rsa.pod | 31 +- src/lib/libssl/src/doc/apps/rsautl.pod | 4 +- src/lib/libssl/src/doc/apps/s_client.pod | 38 +- src/lib/libssl/src/doc/apps/s_server.pod | 35 +- src/lib/libssl/src/doc/apps/smime.pod | 58 +- src/lib/libssl/src/doc/apps/speed.pod | 14 +- src/lib/libssl/src/doc/apps/verify.pod | 71 +- src/lib/libssl/src/doc/apps/version.pod | 8 + src/lib/libssl/src/doc/apps/x509.pod | 289 +- src/lib/libssl/src/doc/c-indentation.el | 12 +- src/lib/libssl/src/doc/crypto/BIO_f_md.pod | 2 +- src/lib/libssl/src/doc/crypto/BIO_s_accept.pod | 31 +- src/lib/libssl/src/doc/crypto/BIO_s_connect.pod | 34 +- src/lib/libssl/src/doc/crypto/BIO_s_socket.pod | 12 +- src/lib/libssl/src/doc/crypto/BN_CTX_start.pod | 3 +- src/lib/libssl/src/doc/crypto/BN_add.pod | 89 +- src/lib/libssl/src/doc/crypto/BN_bn2bin.pod | 4 +- .../src/doc/crypto/BN_mod_mul_montgomery.pod | 20 +- .../src/doc/crypto/BN_mod_mul_reciprocal.pod | 2 +- src/lib/libssl/src/doc/crypto/BN_rand.pod | 27 +- src/lib/libssl/src/doc/crypto/BN_zero.pod | 5 +- src/lib/libssl/src/doc/crypto/DH_set_method.pod | 64 +- src/lib/libssl/src/doc/crypto/DSA_set_method.pod | 63 +- src/lib/libssl/src/doc/crypto/ERR_error_string.pod | 16 +- src/lib/libssl/src/doc/crypto/ERR_get_error.pod | 30 +- src/lib/libssl/src/doc/crypto/ERR_remove_state.pod | 2 +- src/lib/libssl/src/doc/crypto/EVP_DigestInit.pod | 124 +- src/lib/libssl/src/doc/crypto/EVP_EncryptInit.pod | 412 +- src/lib/libssl/src/doc/crypto/EVP_OpenInit.pod | 28 +- src/lib/libssl/src/doc/crypto/EVP_SealInit.pod | 18 +- src/lib/libssl/src/doc/crypto/EVP_SignInit.pod | 41 +- src/lib/libssl/src/doc/crypto/EVP_VerifyInit.pod | 39 +- .../src/doc/crypto/OPENSSL_VERSION_NUMBER.pod | 59 +- .../src/doc/crypto/OpenSSL_add_all_algorithms.pod | 5 +- src/lib/libssl/src/doc/crypto/RAND_add.pod | 25 +- src/lib/libssl/src/doc/crypto/RAND_egd.pod | 55 +- src/lib/libssl/src/doc/crypto/RAND_load_file.pod | 2 +- .../libssl/src/doc/crypto/RAND_set_rand_method.pod | 4 +- src/lib/libssl/src/doc/crypto/RSA_generate_key.pod | 2 +- .../libssl/src/doc/crypto/RSA_get_ex_new_index.pod | 14 +- src/lib/libssl/src/doc/crypto/RSA_print.pod | 5 +- .../libssl/src/doc/crypto/RSA_public_encrypt.pod | 6 +- src/lib/libssl/src/doc/crypto/RSA_set_method.pod | 83 +- src/lib/libssl/src/doc/crypto/bio.pod | 2 +- src/lib/libssl/src/doc/crypto/blowfish.pod | 46 +- src/lib/libssl/src/doc/crypto/bn.pod | 18 +- src/lib/libssl/src/doc/crypto/bn_internal.pod | 21 +- src/lib/libssl/src/doc/crypto/buffer.pod | 6 +- src/lib/libssl/src/doc/crypto/crypto.pod | 8 +- src/lib/libssl/src/doc/crypto/des.pod | 330 +- src/lib/libssl/src/doc/crypto/des_modes.pod | 15 +- src/lib/libssl/src/doc/crypto/dh.pod | 9 +- src/lib/libssl/src/doc/crypto/dsa.pod | 9 +- src/lib/libssl/src/doc/crypto/err.pod | 2 +- src/lib/libssl/src/doc/crypto/evp.pod | 2 +- src/lib/libssl/src/doc/crypto/hmac.pod | 34 +- src/lib/libssl/src/doc/crypto/lhash.pod | 198 +- src/lib/libssl/src/doc/crypto/md5.pod | 44 +- src/lib/libssl/src/doc/crypto/rand.pod | 25 +- src/lib/libssl/src/doc/crypto/rsa.pod | 17 +- src/lib/libssl/src/doc/crypto/threads.pod | 96 +- src/lib/libssl/src/doc/openssl.txt | 179 +- src/lib/libssl/src/doc/ssl/SSL_CIPHER_get_name.pod | 67 +- .../src/doc/ssl/SSL_CTX_add_extra_chain_cert.pod | 1 + src/lib/libssl/src/doc/ssl/SSL_CTX_free.pod | 4 +- .../src/doc/ssl/SSL_CTX_get_ex_new_index.pod | 2 +- .../src/doc/ssl/SSL_CTX_load_verify_locations.pod | 18 +- src/lib/libssl/src/doc/ssl/SSL_CTX_new.pod | 11 +- .../libssl/src/doc/ssl/SSL_CTX_sess_set_get_cb.pod | 8 +- .../libssl/src/doc/ssl/SSL_CTX_set_cipher_list.pod | 28 +- .../src/doc/ssl/SSL_CTX_set_client_CA_list.pod | 24 +- .../src/doc/ssl/SSL_CTX_set_default_passwd_cb.pod | 6 + src/lib/libssl/src/doc/ssl/SSL_CTX_set_mode.pod | 3 + src/lib/libssl/src/doc/ssl/SSL_CTX_set_options.pod | 89 +- .../src/doc/ssl/SSL_CTX_set_session_cache_mode.pod | 3 +- .../libssl/src/doc/ssl/SSL_CTX_set_ssl_version.pod | 13 +- src/lib/libssl/src/doc/ssl/SSL_CTX_set_timeout.pod | 8 +- src/lib/libssl/src/doc/ssl/SSL_CTX_set_verify.pod | 14 +- .../libssl/src/doc/ssl/SSL_CTX_use_certificate.pod | 1 + src/lib/libssl/src/doc/ssl/SSL_SESSION_free.pod | 32 +- .../src/doc/ssl/SSL_SESSION_get_ex_new_index.pod | 2 +- .../libssl/src/doc/ssl/SSL_SESSION_get_time.pod | 3 +- src/lib/libssl/src/doc/ssl/SSL_accept.pod | 6 +- src/lib/libssl/src/doc/ssl/SSL_clear.pod | 36 +- src/lib/libssl/src/doc/ssl/SSL_connect.pod | 6 +- src/lib/libssl/src/doc/ssl/SSL_free.pod | 13 +- .../libssl/src/doc/ssl/SSL_get_client_CA_list.pod | 3 +- src/lib/libssl/src/doc/ssl/SSL_get_error.pod | 65 +- .../libssl/src/doc/ssl/SSL_get_ex_new_index.pod | 2 +- .../libssl/src/doc/ssl/SSL_get_peer_cert_chain.pod | 2 +- .../src/doc/ssl/SSL_get_peer_certificate.pod | 11 +- src/lib/libssl/src/doc/ssl/SSL_get_session.pod | 29 +- .../libssl/src/doc/ssl/SSL_get_verify_result.pod | 4 +- src/lib/libssl/src/doc/ssl/SSL_new.pod | 2 + src/lib/libssl/src/doc/ssl/SSL_pending.pod | 13 + src/lib/libssl/src/doc/ssl/SSL_read.pod | 57 +- .../libssl/src/doc/ssl/SSL_set_connect_state.pod | 23 +- src/lib/libssl/src/doc/ssl/SSL_set_session.pod | 16 +- src/lib/libssl/src/doc/ssl/SSL_set_shutdown.pod | 6 +- src/lib/libssl/src/doc/ssl/SSL_shutdown.pod | 83 +- src/lib/libssl/src/doc/ssl/SSL_write.pod | 50 +- src/lib/libssl/src/doc/ssl/d2i_SSL_SESSION.pod | 14 +- src/lib/libssl/src/doc/ssl/ssl.pod | 195 +- src/lib/libssl/src/doc/ssleay.txt | 22 +- src/lib/libssl/src/doc/standards.txt | 19 +- src/lib/libssl/src/e_os.h | 357 +- src/lib/libssl/src/e_os2.h | 233 +- src/lib/libssl/src/install.com | 3 +- src/lib/libssl/src/makevms.com | 1246 +++++- src/lib/libssl/src/ms/.rnd | Bin 1019 -> 1024 bytes src/lib/libssl/src/ms/16all.bat | 3 + src/lib/libssl/src/ms/32all.bat | 10 +- src/lib/libssl/src/ms/certCA.srl | 2 +- src/lib/libssl/src/ms/certCA.ss | 12 +- src/lib/libssl/src/ms/certU.ss | 14 +- src/lib/libssl/src/ms/cmp.pl | 2 +- src/lib/libssl/src/ms/do_ms.bat | 23 +- src/lib/libssl/src/ms/keyCA.ss | 14 +- src/lib/libssl/src/ms/keyU.ss | 14 +- src/lib/libssl/src/ms/mingw32.bat | 5 +- src/lib/libssl/src/ms/req2CA.ss | 28 +- src/lib/libssl/src/ms/reqCA.ss | 10 +- src/lib/libssl/src/ms/reqU.ss | 8 +- src/lib/libssl/src/ms/tenc.bat | 28 +- src/lib/libssl/src/ms/test.bat | 327 +- src/lib/libssl/src/ms/testenc.bat | 187 +- src/lib/libssl/src/ms/testpem.bat | 68 +- src/lib/libssl/src/ms/testss.bat | 196 +- src/lib/libssl/src/ms/tpem.bat | 12 +- src/lib/libssl/src/openssl.spec | 61 +- src/lib/libssl/src/shlib/Makefile.hpux10-cc | 27 +- src/lib/libssl/src/shlib/hpux10-cc.sh | 18 +- src/lib/libssl/src/shlib/svr5-shared-gcc.sh | 2 +- src/lib/libssl/src/ssl/bio_ssl.c | 115 +- src/lib/libssl/src/ssl/install.com | 3 +- src/lib/libssl/src/ssl/s23_clnt.c | 86 +- src/lib/libssl/src/ssl/s23_lib.c | 101 +- src/lib/libssl/src/ssl/s23_meth.c | 12 +- src/lib/libssl/src/ssl/s23_pkt.c | 15 +- src/lib/libssl/src/ssl/s23_srvr.c | 338 +- src/lib/libssl/src/ssl/s2_clnt.c | 380 +- src/lib/libssl/src/ssl/s2_enc.c | 47 +- src/lib/libssl/src/ssl/s2_lib.c | 238 +- src/lib/libssl/src/ssl/s2_meth.c | 19 +- src/lib/libssl/src/ssl/s2_pkt.c | 297 +- src/lib/libssl/src/ssl/s2_srvr.c | 368 +- src/lib/libssl/src/ssl/s3_both.c | 295 +- src/lib/libssl/src/ssl/s3_clnt.c | 760 ++-- src/lib/libssl/src/ssl/s3_enc.c | 403 +- src/lib/libssl/src/ssl/s3_lib.c | 1139 +++++- src/lib/libssl/src/ssl/s3_meth.c | 10 +- src/lib/libssl/src/ssl/s3_pkt.c | 1064 +++-- src/lib/libssl/src/ssl/s3_srvr.c | 890 ++-- src/lib/libssl/src/ssl/ssl-lib.com | 57 +- src/lib/libssl/src/ssl/ssl.h | 1625 +++++--- src/lib/libssl/src/ssl/ssl2.h | 25 +- src/lib/libssl/src/ssl/ssl3.h | 205 +- src/lib/libssl/src/ssl/ssl_algs.c | 49 +- src/lib/libssl/src/ssl/ssl_asn1.c | 126 +- src/lib/libssl/src/ssl/ssl_cert.c | 665 ++- src/lib/libssl/src/ssl/ssl_ciph.c | 1034 +++-- src/lib/libssl/src/ssl/ssl_err.c | 202 +- src/lib/libssl/src/ssl/ssl_err2.c | 8 +- src/lib/libssl/src/ssl/ssl_lib.c | 1484 ++++--- src/lib/libssl/src/ssl/ssl_locl.h | 535 +-- src/lib/libssl/src/ssl/ssl_rsa.c | 364 +- src/lib/libssl/src/ssl/ssl_sess.c | 431 +- src/lib/libssl/src/ssl/ssl_stat.c | 126 +- src/lib/libssl/src/ssl/ssl_task.c | 20 +- src/lib/libssl/src/ssl/ssl_txt.c | 112 +- src/lib/libssl/src/ssl/ssltest.c | 1062 ++++- src/lib/libssl/src/ssl/t1_clnt.c | 16 +- src/lib/libssl/src/ssl/t1_enc.c | 418 +- src/lib/libssl/src/ssl/t1_lib.c | 36 +- src/lib/libssl/src/ssl/t1_meth.c | 10 +- src/lib/libssl/src/ssl/t1_srvr.c | 18 +- src/lib/libssl/src/ssl/tls1.h | 85 +- src/lib/libssl/src/test/maketests.com | 32 +- src/lib/libssl/src/test/methtest.c | 6 +- src/lib/libssl/src/test/tcrl | 2 +- src/lib/libssl/src/test/tcrl.com | 23 +- src/lib/libssl/src/test/testca | 2 +- src/lib/libssl/src/test/testca.com | 4 +- src/lib/libssl/src/test/testenc | 12 +- src/lib/libssl/src/test/testenc.com | 18 +- src/lib/libssl/src/test/testgen | 16 +- src/lib/libssl/src/test/testgen.com | 25 +- src/lib/libssl/src/test/testp7.pem | 86 +- src/lib/libssl/src/test/tests.com | 137 +- src/lib/libssl/src/test/testsid.pem | 4 +- src/lib/libssl/src/test/testss | 26 +- src/lib/libssl/src/test/testss.com | 19 +- src/lib/libssl/src/test/testssl | 127 +- src/lib/libssl/src/test/testssl.com | 151 +- src/lib/libssl/src/test/tpkcs7 | 2 +- src/lib/libssl/src/test/tpkcs7.com | 13 +- src/lib/libssl/src/test/tpkcs7d | 4 +- src/lib/libssl/src/test/tpkcs7d.com | 7 +- src/lib/libssl/src/test/treq | 7 +- src/lib/libssl/src/test/treq.com | 23 +- src/lib/libssl/src/test/trsa | 7 +- src/lib/libssl/src/test/trsa.com | 34 +- src/lib/libssl/src/test/tsid | 2 +- src/lib/libssl/src/test/tsid.com | 23 +- src/lib/libssl/src/test/tx509 | 2 +- src/lib/libssl/src/test/tx509.com | 23 +- src/lib/libssl/src/times/x86/bfs.cpp | 2 +- src/lib/libssl/src/times/x86/casts.cpp | 2 +- src/lib/libssl/src/times/x86/des3s.cpp | 2 +- src/lib/libssl/src/times/x86/dess.cpp | 2 +- src/lib/libssl/src/times/x86/md5s.cpp | 2 +- src/lib/libssl/src/times/x86/rc4s.cpp | 2 +- src/lib/libssl/src/times/x86/sha1s.cpp | 2 +- src/lib/libssl/src/tools/c_hash | 2 +- src/lib/libssl/src/tools/c_info | 2 +- src/lib/libssl/src/tools/c_issuer | 2 +- src/lib/libssl/src/tools/c_name | 2 +- src/lib/libssl/src/tools/c_rehash | 205 +- src/lib/libssl/src/tools/c_rehash.in | 219 +- src/lib/libssl/src/util/add_cr.pl | 2 +- src/lib/libssl/src/util/ck_errf.pl | 3 +- src/lib/libssl/src/util/clean-depend.pl | 24 +- src/lib/libssl/src/util/deleof.pl | 2 +- src/lib/libssl/src/util/do_ms.sh | 8 +- src/lib/libssl/src/util/domd | 22 +- src/lib/libssl/src/util/err-ins.pl | 2 +- src/lib/libssl/src/util/files.pl | 2 +- src/lib/libssl/src/util/libeay.num | 3841 +++++++++++++----- src/lib/libssl/src/util/mk1mf.pl | 432 +- src/lib/libssl/src/util/mkdef.pl | 1396 ++++++- src/lib/libssl/src/util/mkerr.pl | 234 +- src/lib/libssl/src/util/mkfiles.pl | 9 +- src/lib/libssl/src/util/mklink.pl | 11 +- src/lib/libssl/src/util/mkstack.pl | 2 +- src/lib/libssl/src/util/perlpath.pl | 9 +- src/lib/libssl/src/util/pl/BC-16.pl | 18 +- src/lib/libssl/src/util/pl/BC-32.pl | 152 +- src/lib/libssl/src/util/pl/Mingw32.pl | 43 +- src/lib/libssl/src/util/pl/VC-16.pl | 17 +- src/lib/libssl/src/util/pl/VC-32.pl | 41 +- src/lib/libssl/src/util/pl/linux.pl | 20 +- src/lib/libssl/src/util/pl/unix.pl | 23 +- src/lib/libssl/src/util/pod2man.pl | 2 + src/lib/libssl/src/util/pod2mantest | 53 + src/lib/libssl/src/util/pod2mantest.pod | 15 + src/lib/libssl/src/util/point.sh | 4 +- src/lib/libssl/src/util/selftest.pl | 31 +- src/lib/libssl/src/util/sp-diff.pl | 4 +- src/lib/libssl/src/util/src-dep.pl | 2 +- src/lib/libssl/src/util/ssleay.num | 373 +- src/lib/libssl/src/util/tab_num.pl | 2 +- src/lib/libssl/src/util/x86asm.sh | 4 +- src/lib/libssl/test/maketests.com | 32 +- src/lib/libssl/test/tcrl.com | 23 +- src/lib/libssl/test/testca.com | 4 +- src/lib/libssl/test/testenc.com | 18 +- src/lib/libssl/test/testgen.com | 25 +- src/lib/libssl/test/tests.com | 137 +- src/lib/libssl/test/testss.com | 19 +- src/lib/libssl/test/testssl.com | 151 +- src/lib/libssl/test/tpkcs7.com | 13 +- src/lib/libssl/test/tpkcs7d.com | 7 +- src/lib/libssl/test/treq.com | 23 +- src/lib/libssl/test/trsa.com | 34 +- src/lib/libssl/test/tsid.com | 23 +- src/lib/libssl/test/tx509.com | 23 +- 1098 files changed, 113317 insertions(+), 51321 deletions(-) create mode 100644 src/lib/libcrypto/opensslconf.h create mode 100644 src/lib/libcrypto/util/pod2mantest create mode 100644 src/lib/libcrypto/util/pod2mantest.pod create mode 100644 src/lib/libssl/src/VMS/tcpip_shr_decc.opt create mode 100644 src/lib/libssl/src/crypto/opensslconf.h create mode 100644 src/lib/libssl/src/demos/engines/rsaref/Makefile create mode 100644 src/lib/libssl/src/demos/engines/rsaref/README create mode 100644 src/lib/libssl/src/demos/engines/rsaref/build.com create mode 100644 src/lib/libssl/src/demos/engines/rsaref/rsaref.c create mode 100644 src/lib/libssl/src/demos/engines/rsaref/rsaref.ec create mode 100644 src/lib/libssl/src/demos/engines/rsaref/rsaref_err.c create mode 100644 src/lib/libssl/src/demos/engines/rsaref/rsaref_err.h create mode 100644 src/lib/libssl/src/util/pod2mantest create mode 100644 src/lib/libssl/src/util/pod2mantest.pod (limited to 'src') diff --git a/src/lib/libcrypto/asn1/a_gentm.c b/src/lib/libcrypto/asn1/a_gentm.c index 226474f057..cd09f68b38 100644 --- a/src/lib/libcrypto/asn1/a_gentm.c +++ b/src/lib/libcrypto/asn1/a_gentm.c @@ -61,8 +61,11 @@ #include #include #include "cryptlib.h" +#include "o_time.h" #include +#if 0 + int i2d_ASN1_GENERALIZEDTIME(ASN1_GENERALIZEDTIME *a, unsigned char **pp) { #ifdef CHARSET_EBCDIC @@ -106,10 +109,12 @@ ASN1_GENERALIZEDTIME *d2i_ASN1_GENERALIZEDTIME(ASN1_GENERALIZEDTIME **a, return(ret); err: if ((ret != NULL) && ((a == NULL) || (*a != ret))) - ASN1_GENERALIZEDTIME_free(ret); + M_ASN1_GENERALIZEDTIME_free(ret); return(NULL); } +#endif + int ASN1_GENERALIZEDTIME_check(ASN1_GENERALIZEDTIME *d) { static int min[9]={ 0, 0, 1, 1, 0, 0, 0, 0, 0}; @@ -141,6 +146,19 @@ int ASN1_GENERALIZEDTIME_check(ASN1_GENERALIZEDTIME *d) if ((n < min[i]) || (n > max[i])) goto err; } + /* Optional fractional seconds: decimal point followed by one + * or more digits. + */ + if (a[o] == '.') + { + if (++o > l) goto err; + i = o; + while ((a[o] >= '0') && (a[o] <= '9') && (o <= l)) + o++; + /* Must have at least one digit after decimal point */ + if (i == o) goto err; + } + if (a[o] == 'Z') o++; else if ((a[o] == '+') || (a[o] == '-')) @@ -176,6 +194,7 @@ int ASN1_GENERALIZEDTIME_set_string(ASN1_GENERALIZEDTIME *s, char *str) { ASN1_STRING_set((ASN1_STRING *)s, (unsigned char *)str,t.length); + s->type=V_ASN1_GENERALIZEDTIME; } return(1); } @@ -188,28 +207,24 @@ ASN1_GENERALIZEDTIME *ASN1_GENERALIZEDTIME_set(ASN1_GENERALIZEDTIME *s, { char *p; struct tm *ts; -#if defined(THREADS) && !defined(WIN32) struct tm data; -#endif if (s == NULL) - s=ASN1_GENERALIZEDTIME_new(); + s=M_ASN1_GENERALIZEDTIME_new(); if (s == NULL) return(NULL); -#if defined(THREADS) && !defined(WIN32) - gmtime_r(&t,&data); /* should return &data, but doesn't on some systems, so we don't even look at the return value */ - ts=&data; -#else - ts=gmtime(&t); -#endif + ts=OPENSSL_gmtime(&t, &data); + if (ts == NULL) + return(NULL); + p=(char *)s->data; if ((p == NULL) || (s->length < 16)) { - p=Malloc(20); + p=OPENSSL_malloc(20); if (p == NULL) return(NULL); if (s->data != NULL) - Free(s->data); + OPENSSL_free(s->data); s->data=(unsigned char *)p; } diff --git a/src/lib/libcrypto/asn1/a_hdr.c b/src/lib/libcrypto/asn1/a_hdr.c index 4fb7a5fa75..b1aad81f77 100644 --- a/src/lib/libcrypto/asn1/a_hdr.c +++ b/src/lib/libcrypto/asn1/a_hdr.c @@ -58,19 +58,10 @@ #include #include "cryptlib.h" -#include "asn1_mac.h" -#include "asn1.h" +#include +#include -/* - * ASN1err(ASN1_F_D2I_ASN1_HEADER,ASN1_R_LENGTH_MISMATCH); - * ASN1err(ASN1_F_I2D_ASN1_HEADER,ASN1_R_BAD_GET_OBJECT); - * ASN1err(ASN1_F_I2D_ASN1_HEADER,ASN1_R_BAD_GET_OBJECT); - * ASN1err(ASN1_F_ASN1_HEADER_NEW,ASN1_R_BAD_GET_OBJECT); - */ - -int i2d_ASN1_HEADER(a,pp) -ASN1_HEADER *a; -unsigned char **pp; +int i2d_ASN1_HEADER(ASN1_HEADER *a, unsigned char **pp) { M_ASN1_I2D_vars(a); @@ -85,10 +76,8 @@ unsigned char **pp; M_ASN1_I2D_finish(); } -ASN1_HEADER *d2i_ASN1_HEADER(a,pp,length) -ASN1_HEADER **a; -unsigned char **pp; -long length; +ASN1_HEADER *d2i_ASN1_HEADER(ASN1_HEADER **a, unsigned char **pp, + long length) { M_ASN1_D2I_vars(a,ASN1_HEADER *,ASN1_HEADER_new); @@ -107,24 +96,24 @@ long length; M_ASN1_D2I_Finish(a,ASN1_HEADER_free,ASN1_F_D2I_ASN1_HEADER); } -ASN1_HEADER *ASN1_HEADER_new() +ASN1_HEADER *ASN1_HEADER_new(void) { ASN1_HEADER *ret=NULL; + ASN1_CTX c; M_ASN1_New_Malloc(ret,ASN1_HEADER); - M_ASN1_New(ret->header,ASN1_OCTET_STRING_new); + M_ASN1_New(ret->header,M_ASN1_OCTET_STRING_new); ret->meth=NULL; ret->data=NULL; return(ret); M_ASN1_New_Error(ASN1_F_ASN1_HEADER_NEW); } -void ASN1_HEADER_free(a) -ASN1_HEADER *a; +void ASN1_HEADER_free(ASN1_HEADER *a) { if (a == NULL) return; - ASN1_OCTET_STRING_free(a->header); + M_ASN1_OCTET_STRING_free(a->header); if (a->meth != NULL) a->meth->destroy(a->data); - Free((char *)a); + OPENSSL_free(a); } diff --git a/src/lib/libcrypto/asn1/a_meth.c b/src/lib/libcrypto/asn1/a_meth.c index 513625c305..63158e9cab 100644 --- a/src/lib/libcrypto/asn1/a_meth.c +++ b/src/lib/libcrypto/asn1/a_meth.c @@ -58,8 +58,8 @@ #include #include "cryptlib.h" -#include "buffer.h" -#include "x509.h" +#include +#include static ASN1_METHOD ia5string_meth={ (int (*)()) i2d_ASN1_IA5STRING, @@ -73,12 +73,12 @@ static ASN1_METHOD bit_string_meth={ (char *(*)()) ASN1_STRING_new, (void (*)()) ASN1_STRING_free}; -ASN1_METHOD *ASN1_IA5STRING_asn1_meth() +ASN1_METHOD *ASN1_IA5STRING_asn1_meth(void) { return(&ia5string_meth); } -ASN1_METHOD *ASN1_BIT_STRING_asn1_meth() +ASN1_METHOD *ASN1_BIT_STRING_asn1_meth(void) { return(&bit_string_meth); } diff --git a/src/lib/libcrypto/asn1/a_utctm.c b/src/lib/libcrypto/asn1/a_utctm.c index 17a7abbb67..ed2d827db2 100644 --- a/src/lib/libcrypto/asn1/a_utctm.c +++ b/src/lib/libcrypto/asn1/a_utctm.c @@ -59,25 +59,31 @@ #include #include #include "cryptlib.h" -#include "asn1.h" +#include "o_time.h" +#include -/* ASN1err(ASN1_F_ASN1_UTCTIME_NEW,ASN1_R_UTCTIME_TOO_LONG); - * ASN1err(ASN1_F_D2I_ASN1_UTCTIME,ASN1_R_EXPECTING_A_UTCTIME); - */ - -int i2d_ASN1_UTCTIME(a,pp) -ASN1_UTCTIME *a; -unsigned char **pp; +#if 0 +int i2d_ASN1_UTCTIME(ASN1_UTCTIME *a, unsigned char **pp) { +#ifndef CHARSET_EBCDIC return(i2d_ASN1_bytes((ASN1_STRING *)a,pp, V_ASN1_UTCTIME,V_ASN1_UNIVERSAL)); +#else + /* KLUDGE! We convert to ascii before writing DER */ + int len; + char tmp[24]; + ASN1_STRING x = *(ASN1_STRING *)a; + + len = x.length; + ebcdic2ascii(tmp, x.data, (len >= sizeof tmp) ? sizeof tmp : len); + x.data = tmp; + return i2d_ASN1_bytes(&x, pp, V_ASN1_UTCTIME,V_ASN1_UNIVERSAL); +#endif } -ASN1_UTCTIME *d2i_ASN1_UTCTIME(a, pp, length) -ASN1_UTCTIME **a; -unsigned char **pp; -long length; +ASN1_UTCTIME *d2i_ASN1_UTCTIME(ASN1_UTCTIME **a, unsigned char **pp, + long length) { ASN1_UTCTIME *ret=NULL; @@ -85,9 +91,12 @@ long length; V_ASN1_UTCTIME,V_ASN1_UNIVERSAL); if (ret == NULL) { - ASN1err(ASN1_F_D2I_ASN1_UTCTIME,ASN1_R_ERROR_STACK); + ASN1err(ASN1_F_D2I_ASN1_UTCTIME,ERR_R_NESTED_ASN1_ERROR); return(NULL); } +#ifdef CHARSET_EBCDIC + ascii2ebcdic(ret->data, ret->data, ret->length); +#endif if (!ASN1_UTCTIME_check(ret)) { ASN1err(ASN1_F_D2I_ASN1_UTCTIME,ASN1_R_INVALID_TIME_FORMAT); @@ -97,12 +106,13 @@ long length; return(ret); err: if ((ret != NULL) && ((a == NULL) || (*a != ret))) - ASN1_UTCTIME_free(ret); + M_ASN1_UTCTIME_free(ret); return(NULL); } -int ASN1_UTCTIME_check(d) -ASN1_UTCTIME *d; +#endif + +int ASN1_UTCTIME_check(ASN1_UTCTIME *d) { static int min[8]={ 0, 1, 1, 0, 0, 0, 0, 0}; static int max[8]={99,12,31,23,59,59,12,59}; @@ -152,9 +162,7 @@ err: return(0); } -int ASN1_UTCTIME_set_string(s,str) -ASN1_UTCTIME *s; -char *str; +int ASN1_UTCTIME_set_string(ASN1_UTCTIME *s, char *str) { ASN1_UTCTIME t; @@ -167,6 +175,7 @@ char *str; { ASN1_STRING_set((ASN1_STRING *)s, (unsigned char *)str,t.length); + s->type = V_ASN1_UTCTIME; } return(1); } @@ -174,33 +183,28 @@ char *str; return(0); } -ASN1_UTCTIME *ASN1_UTCTIME_set(s, t) -ASN1_UTCTIME *s; -time_t t; +ASN1_UTCTIME *ASN1_UTCTIME_set(ASN1_UTCTIME *s, time_t t) { char *p; struct tm *ts; -#if defined(THREADS) struct tm data; -#endif if (s == NULL) - s=ASN1_UTCTIME_new(); + s=M_ASN1_UTCTIME_new(); if (s == NULL) return(NULL); -#if defined(THREADS) - ts=(struct tm *)gmtime_r(&t,&data); -#else - ts=(struct tm *)gmtime(&t); -#endif + ts=OPENSSL_gmtime(&t, &data); + if (ts == NULL) + return(NULL); + p=(char *)s->data; if ((p == NULL) || (s->length < 14)) { - p=Malloc(20); + p=OPENSSL_malloc(20); if (p == NULL) return(NULL); if (s->data != NULL) - Free(s->data); + OPENSSL_free(s->data); s->data=(unsigned char *)p; } @@ -208,5 +212,85 @@ time_t t; ts->tm_mon+1,ts->tm_mday,ts->tm_hour,ts->tm_min,ts->tm_sec); s->length=strlen(p); s->type=V_ASN1_UTCTIME; +#ifdef CHARSET_EBCDIC_not + ebcdic2ascii(s->data, s->data, s->length); +#endif return(s); } + + +int ASN1_UTCTIME_cmp_time_t(const ASN1_UTCTIME *s, time_t t) + { + struct tm *tm; + int offset; + int year; + +#define g2(p) (((p)[0]-'0')*10+(p)[1]-'0') + + if (s->data[12] == 'Z') + offset=0; + else + { + offset = g2(s->data+13)*60+g2(s->data+15); + if (s->data[12] == '-') + offset = -offset; + } + + t -= offset*60; /* FIXME: may overflow in extreme cases */ + + { struct tm data; tm = OPENSSL_gmtime(&t, &data); } + +#define return_cmp(a,b) if ((a)<(b)) return -1; else if ((a)>(b)) return 1 + year = g2(s->data); + if (year < 50) + year += 100; + return_cmp(year, tm->tm_year); + return_cmp(g2(s->data+2) - 1, tm->tm_mon); + return_cmp(g2(s->data+4), tm->tm_mday); + return_cmp(g2(s->data+6), tm->tm_hour); + return_cmp(g2(s->data+8), tm->tm_min); + return_cmp(g2(s->data+10), tm->tm_sec); +#undef g2 +#undef return_cmp + + return 0; + } + + +#if 0 +time_t ASN1_UTCTIME_get(const ASN1_UTCTIME *s) + { + struct tm tm; + int offset; + + memset(&tm,'\0',sizeof tm); + +#define g2(p) (((p)[0]-'0')*10+(p)[1]-'0') + tm.tm_year=g2(s->data); + if(tm.tm_year < 50) + tm.tm_year+=100; + tm.tm_mon=g2(s->data+2)-1; + tm.tm_mday=g2(s->data+4); + tm.tm_hour=g2(s->data+6); + tm.tm_min=g2(s->data+8); + tm.tm_sec=g2(s->data+10); + if(s->data[12] == 'Z') + offset=0; + else + { + offset=g2(s->data+13)*60+g2(s->data+15); + if(s->data[12] == '-') + offset= -offset; + } +#undef g2 + + return mktime(&tm)-offset*60; /* FIXME: mktime assumes the current timezone + * instead of UTC, and unless we rewrite OpenSSL + * in Lisp we cannot locally change the timezone + * without possibly interfering with other parts + * of the program. timegm, which uses UTC, is + * non-standard. + * Also time_t is inappropriate for general + * UTC times because it may a 32 bit type. */ + } +#endif diff --git a/src/lib/libcrypto/asn1/p8_key.c b/src/lib/libcrypto/asn1/p8_key.c index 0b24374627..3a31248e14 100644 --- a/src/lib/libcrypto/asn1/p8_key.c +++ b/src/lib/libcrypto/asn1/p8_key.c @@ -94,7 +94,7 @@ X509 *X509_KEY_new(void) { X509_KEY *ret=NULL; - M_ASN1_New_Malloc(ret,X509_KEY); + M_ASN1_New_OPENSSL_malloc(ret,X509_KEY); ret->references=1; ret->type=NID M_ASN1_New(ret->cert_info,X509_CINF_new); @@ -126,6 +126,6 @@ void X509_KEY_free(X509 *a) X509_CINF_free(a->cert_info); X509_ALGOR_free(a->sig_alg); ASN1_BIT_STRING_free(a->signature); - Free(a); + OPENSSL_free(a); } diff --git a/src/lib/libcrypto/bf/asm/bf-686.pl b/src/lib/libcrypto/bf/asm/bf-686.pl index bed303d786..8e4c25f598 100644 --- a/src/lib/libcrypto/bf/asm/bf-686.pl +++ b/src/lib/libcrypto/bf/asm/bf-686.pl @@ -1,4 +1,3 @@ -#!/usr/bin/perl #!/usr/local/bin/perl push(@INC,"perlasm","../../perlasm"); diff --git a/src/lib/libcrypto/bf/bf_opts.c b/src/lib/libcrypto/bf/bf_opts.c index 5cfa60c537..171dada2ca 100644 --- a/src/lib/libcrypto/bf/bf_opts.c +++ b/src/lib/libcrypto/bf/bf_opts.c @@ -59,19 +59,17 @@ /* define PART1, PART2, PART3 or PART4 to build only with a few of the options. * This is for machines with 64k code segment size restrictions. */ -#ifndef MSDOS +#if !defined(OPENSSL_SYS_MSDOS) && (!defined(OPENSSL_SYS_VMS) || defined(__DECC)) && !defined(OPENSSL_SYS_MACOSX) #define TIMES #endif #include -#ifndef MSDOS -#include -#else -#include -extern void exit(); -#endif + +#include +#include OPENSSL_UNISTD_IO +OPENSSL_DECLARE_EXIT + #include -#ifndef VMS #ifndef _IRIX #include #endif @@ -79,25 +77,26 @@ extern void exit(); #include #include #endif -#else /* VMS */ -#include -struct tms { - time_t tms_utime; - time_t tms_stime; - time_t tms_uchild; /* I dunno... */ - time_t tms_uchildsys; /* so these names are a guess :-) */ - } + +/* Depending on the VMS version, the tms structure is perhaps defined. + The __TMS macro will show if it was. If it wasn't defined, we should + undefine TIMES, since that tells the rest of the program how things + should be handled. -- Richard Levitte */ +#if defined(OPENSSL_SYS_VMS_DECC) && !defined(__TMS) +#undef TIMES #endif + #ifndef TIMES #include #endif -#ifdef sun +#if defined(sun) || defined(__ultrix) +#define _POSIX_SOURCE #include #include #endif -#include "blowfish.h" +#include #define BF_DEFAULT_OPTIONS @@ -126,11 +125,7 @@ struct tms { #ifndef HZ # ifndef CLK_TCK # ifndef _BSD_CLK_TCK_ /* FreeBSD fix */ -# ifndef VMS -# define HZ 100.0 -# else /* VMS */ -# define HZ 100.0 -# endif +# define HZ 100.0 # else /* _BSD_CLK_TCK_ */ # define HZ ((double)_BSD_CLK_TCK_) # endif @@ -142,12 +137,7 @@ struct tms { #define BUFSIZE ((long)1024) long run=0; -#ifndef NOPROTO double Time_F(int s); -#else -double Time_F(); -#endif - #ifdef SIGALRM #if defined(__STDC__) || defined(sgi) #define SIGRETTYPE void @@ -155,14 +145,8 @@ double Time_F(); #define SIGRETTYPE int #endif -#ifndef NOPROTO SIGRETTYPE sig_done(int sig); -#else -SIGRETTYPE sig_done(); -#endif - -SIGRETTYPE sig_done(sig) -int sig; +SIGRETTYPE sig_done(int sig) { signal(SIGALRM,sig_done); run=0; @@ -175,8 +159,7 @@ int sig; #define START 0 #define STOP 1 -double Time_F(s) -int s; +double Time_F(int s) { double ret; #ifdef TIMES @@ -237,9 +220,7 @@ int s; fprintf(stderr,"%s bytes per sec = %12.2f (%5.1fuS)\n",name, \ tm[index]*8,1.0e6/tm[index]); -int main(argc,argv) -int argc; -char **argv; +int main(int argc, char **argv) { long count; static unsigned char buf[BUFSIZE]; @@ -261,7 +242,7 @@ char **argv; } #ifndef TIMES - fprintf(stderr,"To get the most acurate results, try to run this\n"); + fprintf(stderr,"To get the most accurate results, try to run this\n"); fprintf(stderr,"program when this computer is idle.\n"); #endif @@ -341,7 +322,7 @@ char **argv; break; } exit(0); -#if defined(LINT) || defined(MSDOS) +#if defined(LINT) || defined(OPENSSL_SYS_MSDOS) return(0); #endif } diff --git a/src/lib/libcrypto/bf/bfs.cpp b/src/lib/libcrypto/bf/bfs.cpp index 272ed2f978..d74c457760 100644 --- a/src/lib/libcrypto/bf/bfs.cpp +++ b/src/lib/libcrypto/bf/bfs.cpp @@ -32,7 +32,7 @@ void GetTSC(unsigned long& tsc) #include #include -#include "blowfish.h" +#include void main(int argc,char *argv[]) { diff --git a/src/lib/libcrypto/bf/bfspeed.c b/src/lib/libcrypto/bf/bfspeed.c index 640d820dd3..f346af64f3 100644 --- a/src/lib/libcrypto/bf/bfspeed.c +++ b/src/lib/libcrypto/bf/bfspeed.c @@ -59,19 +59,17 @@ /* 11-Sep-92 Andrew Daviel Support for Silicon Graphics IRIX added */ /* 06-Apr-92 Luke Brennan Support for VMS and add extra signal calls */ -#ifndef MSDOS +#if !defined(OPENSSL_SYS_MSDOS) && (!defined(OPENSSL_SYS_VMS) || defined(__DECC)) && !defined(OPENSSL_SYS_MACOSX) #define TIMES #endif #include -#ifndef MSDOS -#include -#else -#include -extern int exit(); -#endif + +#include +#include OPENSSL_UNISTD_IO +OPENSSL_DECLARE_EXIT + #include -#ifndef VMS #ifndef _IRIX #include #endif @@ -79,34 +77,31 @@ extern int exit(); #include #include #endif -#else /* VMS */ -#include -struct tms { - time_t tms_utime; - time_t tms_stime; - time_t tms_uchild; /* I dunno... */ - time_t tms_uchildsys; /* so these names are a guess :-) */ - } + +/* Depending on the VMS version, the tms structure is perhaps defined. + The __TMS macro will show if it was. If it wasn't defined, we should + undefine TIMES, since that tells the rest of the program how things + should be handled. -- Richard Levitte */ +#if defined(OPENSSL_SYS_VMS_DECC) && !defined(__TMS) +#undef TIMES #endif + #ifndef TIMES #include #endif -#ifdef sun +#if defined(sun) || defined(__ultrix) +#define _POSIX_SOURCE #include #include #endif -#include "blowfish.h" +#include /* The following if from times(3) man page. It may need to be changed */ #ifndef HZ #ifndef CLK_TCK -#ifndef VMS -#define HZ 100.0 -#else /* VMS */ #define HZ 100.0 -#endif #else /* CLK_TCK */ #define HZ ((double)CLK_TCK) #endif @@ -115,12 +110,7 @@ struct tms { #define BUFSIZE ((long)1024) long run=0; -#ifndef NOPROTO double Time_F(int s); -#else -double Time_F(); -#endif - #ifdef SIGALRM #if defined(__STDC__) || defined(sgi) || defined(_AIX) #define SIGRETTYPE void @@ -128,14 +118,8 @@ double Time_F(); #define SIGRETTYPE int #endif -#ifndef NOPROTO SIGRETTYPE sig_done(int sig); -#else -SIGRETTYPE sig_done(); -#endif - -SIGRETTYPE sig_done(sig) -int sig; +SIGRETTYPE sig_done(int sig) { signal(SIGALRM,sig_done); run=0; @@ -148,8 +132,7 @@ int sig; #define START 0 #define STOP 1 -double Time_F(s) -int s; +double Time_F(int s) { double ret; #ifdef TIMES @@ -185,9 +168,7 @@ int s; #endif } -int main(argc,argv) -int argc; -char **argv; +int main(int argc, char **argv) { long count; static unsigned char buf[BUFSIZE]; @@ -202,7 +183,7 @@ char **argv; #endif #ifndef TIMES - printf("To get the most acurate results, try to run this\n"); + printf("To get the most accurate results, try to run this\n"); printf("program when this computer is idle.\n"); #endif @@ -287,7 +268,7 @@ char **argv; printf("Blowfish raw ecb bytes per sec = %12.3f (%9.3fuS)\n",b,8.0e6/b); printf("Blowfish cbc bytes per sec = %12.3f (%9.3fuS)\n",c,8.0e6/c); exit(0); -#if defined(LINT) || defined(MSDOS) +#if defined(LINT) || defined(OPENSSL_SYS_MSDOS) return(0); #endif } diff --git a/src/lib/libcrypto/bf/bftest.c b/src/lib/libcrypto/bf/bftest.c index 9266cf813a..09895f2542 100644 --- a/src/lib/libcrypto/bf/bftest.c +++ b/src/lib/libcrypto/bf/bftest.c @@ -62,20 +62,32 @@ #include #include #include -#include "blowfish.h" -char *bf_key[2]={ +#ifdef OPENSSL_NO_BF +int main(int argc, char *argv[]) +{ + printf("No BF support\n"); + return(0); +} +#else +#include + +#ifdef CHARSET_EBCDIC +#include +#endif + +static char *bf_key[2]={ "abcdefghijklmnopqrstuvwxyz", "Who is John Galt?" }; /* big endian */ -BF_LONG bf_plain[2][2]={ +static BF_LONG bf_plain[2][2]={ {0x424c4f57L,0x46495348L}, {0xfedcba98L,0x76543210L} }; -BF_LONG bf_cipher[2][2]={ +static BF_LONG bf_cipher[2][2]={ {0x324ed0feL,0xf413a203L}, {0xcc91732bL,0x8022f684L} }; @@ -216,16 +228,16 @@ static unsigned char ofb64_ok[]={ 0x63,0xC2,0xCF,0x80,0xDA}; #define KEY_TEST_NUM 25 -unsigned char key_test[KEY_TEST_NUM]={ +static unsigned char key_test[KEY_TEST_NUM]={ 0xf0,0xe1,0xd2,0xc3,0xb4,0xa5,0x96,0x87, 0x78,0x69,0x5a,0x4b,0x3c,0x2d,0x1e,0x0f, 0x00,0x11,0x22,0x33,0x44,0x55,0x66,0x77, 0x88}; -unsigned char key_data[8]= +static unsigned char key_data[8]= {0xFE,0xDC,0xBA,0x98,0x76,0x54,0x32,0x10}; -unsigned char key_out[KEY_TEST_NUM][8]={ +static unsigned char key_out[KEY_TEST_NUM][8]={ {0xF9,0xAD,0x59,0x7C,0x49,0xDB,0x00,0x5E}, {0xE9,0x1D,0x21,0xC1,0xD9,0x61,0xA6,0xD6}, {0xE9,0xC2,0xB7,0x0A,0x1B,0xC6,0x5C,0xF3}, @@ -252,17 +264,9 @@ unsigned char key_out[KEY_TEST_NUM][8]={ {0x05,0x04,0x4B,0x62,0xFA,0x52,0xD0,0x80}, }; -#ifndef NOPROTO static int test(void ); static int print_test_data(void ); -#else -static int test(); -static int print_test_data(); -#endif - -int main(argc,argv) -int argc; -char *argv[]; +int main(int argc, char *argv[]) { int ret; @@ -275,7 +279,7 @@ char *argv[]; return(0); } -static int print_test_data() +static int print_test_data(void) { unsigned int i,j; @@ -304,7 +308,7 @@ static int print_test_data() printf("c="); for (j=0; j<8; j++) printf("%02X",key_out[i][j]); - printf(" k[%2d]=",i+1); + printf(" k[%2u]=",i+1); for (j=0; j * Date: 22-JUL-1996 + * Revised: 25-SEP-1997 Update for 0.8.1, BIO_CTRL_SET -> BIO_C_SET_FD */ /* VMS */ #include @@ -65,10 +66,11 @@ #include #include #include "cryptlib.h" -#include "bio.h" +#include #include /* VMS IO$_ definitions */ -extern int SYS$QIOW(); +#include + typedef unsigned short io_channel; /*************************************************************************/ struct io_status { short status, count; long flags; }; @@ -86,11 +88,11 @@ struct rpc_ctx { struct rpc_msg msg; }; -static int rtcp_write(BIO *h,char *buf,int num); +static int rtcp_write(BIO *h,const char *buf,int num); static int rtcp_read(BIO *h,char *buf,int size); -static int rtcp_puts(BIO *h,char *str); +static int rtcp_puts(BIO *h,const char *str); static int rtcp_gets(BIO *h,char *str,int size); -static long rtcp_ctrl(BIO *h,int cmd,long arg1,char *arg2); +static long rtcp_ctrl(BIO *h,int cmd,long arg1,void *arg2); static int rtcp_new(BIO *h); static int rtcp_free(BIO *data); @@ -105,20 +107,27 @@ static BIO_METHOD rtcp_method= rtcp_ctrl, rtcp_new, rtcp_free, + NULL, }; -BIO_METHOD *BIO_s_rtcp() +BIO_METHOD *BIO_s_rtcp(void) { return(&rtcp_method); } /*****************************************************************************/ /* Decnet I/O routines. */ + +#ifdef __DECC +#pragma message save +#pragma message disable DOLLARID +#endif + static int get ( io_channel chan, char *buffer, int maxlen, int *length ) { int status; struct io_status iosb; - status = SYS$QIOW ( 0, chan, IO$_READVBLK, &iosb, 0, 0, + status = sys$qiow ( 0, chan, IO$_READVBLK, &iosb, 0, 0, buffer, maxlen, 0, 0, 0, 0 ); if ( (status&1) == 1 ) status = iosb.status; if ( (status&1) == 1 ) *length = iosb.count; @@ -129,40 +138,40 @@ static int put ( io_channel chan, char *buffer, int length ) { int status; struct io_status iosb; - status = SYS$QIOW ( 0, chan, IO$_WRITEVBLK, &iosb, 0, 0, + status = sys$qiow ( 0, chan, IO$_WRITEVBLK, &iosb, 0, 0, buffer, length, 0, 0, 0, 0 ); if ( (status&1) == 1 ) status = iosb.status; return status; } + +#ifdef __DECC +#pragma message restore +#endif + /***************************************************************************/ -static int rtcp_new(bi) -BIO *bi; +static int rtcp_new(BIO *bi) { struct rpc_ctx *ctx; bi->init=1; bi->num=0; bi->flags = 0; - bi->ptr=Malloc(sizeof(struct rpc_ctx)); + bi->ptr=OPENSSL_malloc(sizeof(struct rpc_ctx)); ctx = (struct rpc_ctx *) bi->ptr; ctx->filled = 0; ctx->pos = 0; return(1); } -static int rtcp_free(a) -BIO *a; +static int rtcp_free(BIO *a) { if (a == NULL) return(0); - if ( a->ptr ) Free ( a->ptr ); + if ( a->ptr ) OPENSSL_free ( a->ptr ); a->ptr = NULL; return(1); } -static int rtcp_read(b,out,outl) -BIO *b; -char *out; -int outl; +static int rtcp_read(BIO *b, char *out, int outl) { int status, length; struct rpc_ctx *ctx; @@ -209,10 +218,7 @@ int outl; return length; } -static int rtcp_write(b,in,inl) -BIO *b; -char *in; -int inl; +static int rtcp_write(BIO *b, const char *in, int inl) { int status, i, segment, length; struct rpc_ctx *ctx; @@ -241,11 +247,7 @@ int inl; return(i); } -static long rtcp_ctrl(b,cmd,num,ptr) -BIO *b; -int cmd; -long num; -char *ptr; +static long rtcp_ctrl(BIO *b, int cmd, long num, void *ptr) { long ret=1; @@ -255,7 +257,7 @@ char *ptr; case BIO_CTRL_EOF: ret = 1; break; - case BIO_CTRL_SET: + case BIO_C_SET_FD: b->num = num; ret = 1; break; @@ -276,17 +278,12 @@ char *ptr; return(ret); } -static int rtcp_gets(bp,buf,size) -BIO *bp; -char *buf; -int size; +static int rtcp_gets(BIO *bp, char *buf, int size) { return(0); } -static int rtcp_puts(bp,str) -BIO *bp; -char *str; +static int rtcp_puts(BIO *bp, const char *str) { int length; if (str == NULL) return(0); diff --git a/src/lib/libcrypto/bn/asm/README b/src/lib/libcrypto/bn/asm/README index d93fbff77f..b0f3a68a06 100644 --- a/src/lib/libcrypto/bn/asm/README +++ b/src/lib/libcrypto/bn/asm/README @@ -1,5 +1,7 @@ + + All assember in this directory are just version of the file -crypto/bn/bn_mulw.c. +crypto/bn/bn_asm.c. Quite a few of these files are just the assember output from gcc since on quite a few machines they are 2 times faster than the system compiler. @@ -15,16 +17,11 @@ On the 2 alpha C compilers I had access to, it was not possible to do were 64 bits). So the hand assember gives access to the 128 bit result and a 2 times speedup :-). -The x86xxxx.obj files are the assembled version of x86xxxx.asm files. -I had such a hard time finding a macro assember for Microsoft, I decided to -include the object file to save others the hassle :-). +There are 3 versions of assember for the HP PA-RISC. + +pa-risc.s is the origional one which works fine and generated using gcc :-) -I have also included uu encoded versions of the .obj incase they get -trashed. +pa-risc2W.s and pa-risc2.s are 64 and 32-bit PA-RISC 2.0 implementations +by Chris Ruemmler from HP (with some help from the HP C compiler). -There are 2 versions of assember for the HP PA-RISC. -pa-risc.s is the origional one which works fine. -pa-risc2.s is a new version that often generates warnings but if the -tests pass, it gives performance that is over 2 times faster than -pa-risc.s. -Both were generated using gcc :-) + diff --git a/src/lib/libcrypto/bn/asm/alpha.s b/src/lib/libcrypto/bn/asm/alpha.s index 1d17b1d619..555ff0b92d 100644 --- a/src/lib/libcrypto/bn/asm/alpha.s +++ b/src/lib/libcrypto/bn/asm/alpha.s @@ -1,8 +1,14 @@ # DEC Alpha assember - # The bn_div64 is actually gcc output but the other parts are hand done. + # The bn_div_words is actually gcc output but the other parts are hand done. # Thanks to tzeruch@ceddec.com for sending me the gcc output for - # bn_div64. - .file 1 "bn_mulw.c" + # bn_div_words. + # I've gone back and re-done most of routines. + # The key thing to remeber for the 164 CPU is that while a + # multiply operation takes 8 cycles, another one can only be issued + # after 4 cycles have elapsed. I've done modification to help + # improve this. Also, normally, a ld instruction will not be available + # for about 3 cycles. + .file 1 "bn_asm.c" .set noat gcc2_compiled.: __gnu_compiled_c: @@ -14,65 +20,91 @@ bn_mul_add_words: bn_mul_add_words..ng: .frame $30,0,$26,0 .prologue 0 - subq $18,2,$25 # num=-2 - bis $31,$31,$0 - blt $25,$42 .align 5 -$142: - subq $18,2,$18 # num-=2 - subq $25,2,$25 # num-=2 - - ldq $1,0($17) # a[0] - ldq $2,8($17) # a[1] - - mulq $19,$1,$3 # a[0]*w low part r3 - umulh $19,$1,$1 # a[0]*w high part r1 - mulq $19,$2,$4 # a[1]*w low part r4 - umulh $19,$2,$2 # a[1]*w high part r2 - - ldq $22,0($16) # r[0] r22 - ldq $23,8($16) # r[1] r23 - - addq $3,$22,$3 # a0 low part + r[0] - addq $4,$23,$4 # a1 low part + r[1] - cmpult $3,$22,$5 # overflow? - cmpult $4,$23,$6 # overflow? - addq $5,$1,$1 # high part + overflow - addq $6,$2,$2 # high part + overflow - - addq $3,$0,$3 # add c - cmpult $3,$0,$5 # overflow? - stq $3,0($16) - addq $5,$1,$0 # c=high part + overflow - - addq $4,$0,$4 # add c - cmpult $4,$0,$5 # overflow? - stq $4,8($16) - addq $5,$2,$0 # c=high part + overflow + subq $18,4,$18 + bis $31,$31,$0 + blt $18,$43 # if we are -1, -2, -3 or -4 goto tail code + ldq $20,0($17) # 1 1 + ldq $1,0($16) # 1 1 + .align 3 +$42: + mulq $20,$19,$5 # 1 2 1 ###### + ldq $21,8($17) # 2 1 + ldq $2,8($16) # 2 1 + umulh $20,$19,$20 # 1 2 ###### + ldq $27,16($17) # 3 1 + ldq $3,16($16) # 3 1 + mulq $21,$19,$6 # 2 2 1 ###### + ldq $28,24($17) # 4 1 + addq $1,$5,$1 # 1 2 2 + ldq $4,24($16) # 4 1 + umulh $21,$19,$21 # 2 2 ###### + cmpult $1,$5,$22 # 1 2 3 1 + addq $20,$22,$20 # 1 3 1 + addq $1,$0,$1 # 1 2 3 1 + mulq $27,$19,$7 # 3 2 1 ###### + cmpult $1,$0,$0 # 1 2 3 2 + addq $2,$6,$2 # 2 2 2 + addq $20,$0,$0 # 1 3 2 + cmpult $2,$6,$23 # 2 2 3 1 + addq $21,$23,$21 # 2 3 1 + umulh $27,$19,$27 # 3 2 ###### + addq $2,$0,$2 # 2 2 3 1 + cmpult $2,$0,$0 # 2 2 3 2 + subq $18,4,$18 + mulq $28,$19,$8 # 4 2 1 ###### + addq $21,$0,$0 # 2 3 2 + addq $3,$7,$3 # 3 2 2 + addq $16,32,$16 + cmpult $3,$7,$24 # 3 2 3 1 + stq $1,-32($16) # 1 2 4 + umulh $28,$19,$28 # 4 2 ###### + addq $27,$24,$27 # 3 3 1 + addq $3,$0,$3 # 3 2 3 1 + stq $2,-24($16) # 2 2 4 + cmpult $3,$0,$0 # 3 2 3 2 + stq $3,-16($16) # 3 2 4 + addq $4,$8,$4 # 4 2 2 + addq $27,$0,$0 # 3 3 2 + cmpult $4,$8,$25 # 4 2 3 1 + addq $17,32,$17 + addq $28,$25,$28 # 4 3 1 + addq $4,$0,$4 # 4 2 3 1 + cmpult $4,$0,$0 # 4 2 3 2 + stq $4,-8($16) # 4 2 4 + addq $28,$0,$0 # 4 3 2 + blt $18,$43 - ble $18,$43 + ldq $20,0($17) # 1 1 + ldq $1,0($16) # 1 1 - addq $16,16,$16 - addq $17,16,$17 - blt $25,$42 + br $42 - br $31,$142 -$42: - ldq $1,0($17) # a[0] - umulh $19,$1,$3 # a[0]*w high part - mulq $19,$1,$1 # a[0]*w low part - ldq $2,0($16) # r[0] - addq $1,$2,$1 # low part + r[0] - cmpult $1,$2,$4 # overflow? - addq $4,$3,$3 # high part + overflow - addq $1,$0,$1 # add c - cmpult $1,$0,$4 # overflow? - addq $4,$3,$0 # c=high part + overflow - stq $1,0($16) + .align 4 +$45: + ldq $20,0($17) # 4 1 + ldq $1,0($16) # 4 1 + mulq $20,$19,$5 # 4 2 1 + subq $18,1,$18 + addq $16,8,$16 + addq $17,8,$17 + umulh $20,$19,$20 # 4 2 + addq $1,$5,$1 # 4 2 2 + cmpult $1,$5,$22 # 4 2 3 1 + addq $20,$22,$20 # 4 3 1 + addq $1,$0,$1 # 4 2 3 1 + cmpult $1,$0,$0 # 4 2 3 2 + addq $20,$0,$0 # 4 3 2 + stq $1,-8($16) # 4 2 4 + bgt $18,$45 + ret $31,($26),1 # else exit .align 4 $43: - ret $31,($26),1 + addq $18,4,$18 + bgt $18,$45 # goto tail code + ret $31,($26),1 # else exit + .end bn_mul_add_words .align 3 .globl bn_mul_words @@ -81,49 +113,75 @@ bn_mul_words: bn_mul_words..ng: .frame $30,0,$26,0 .prologue 0 - subq $18,2,$25 # num=-2 - bis $31,$31,$0 - blt $25,$242 .align 5 -$342: - subq $18,2,$18 # num-=2 - subq $25,2,$25 # num-=2 - - ldq $1,0($17) # a[0] - ldq $2,8($17) # a[1] - - mulq $19,$1,$3 # a[0]*w low part r3 - umulh $19,$1,$1 # a[0]*w high part r1 - mulq $19,$2,$4 # a[1]*w low part r4 - umulh $19,$2,$2 # a[1]*w high part r2 - - addq $3,$0,$3 # add c - cmpult $3,$0,$5 # overflow? - stq $3,0($16) - addq $5,$1,$0 # c=high part + overflow - - addq $4,$0,$4 # add c - cmpult $4,$0,$5 # overflow? - stq $4,8($16) - addq $5,$2,$0 # c=high part + overflow - - ble $18,$243 - - addq $16,16,$16 - addq $17,16,$17 - blt $25,$242 - - br $31,$342 -$242: - ldq $1,0($17) # a[0] - umulh $19,$1,$3 # a[0]*w high part - mulq $19,$1,$1 # a[0]*w low part - addq $1,$0,$1 # add c - cmpult $1,$0,$4 # overflow? - addq $4,$3,$0 # c=high part + overflow - stq $1,0($16) -$243: - ret $31,($26),1 + subq $18,4,$18 + bis $31,$31,$0 + blt $18,$143 # if we are -1, -2, -3 or -4 goto tail code + ldq $20,0($17) # 1 1 + .align 3 +$142: + + mulq $20,$19,$5 # 1 2 1 ##### + ldq $21,8($17) # 2 1 + ldq $27,16($17) # 3 1 + umulh $20,$19,$20 # 1 2 ##### + ldq $28,24($17) # 4 1 + mulq $21,$19,$6 # 2 2 1 ##### + addq $5,$0,$5 # 1 2 3 1 + subq $18,4,$18 + cmpult $5,$0,$0 # 1 2 3 2 + umulh $21,$19,$21 # 2 2 ##### + addq $20,$0,$0 # 1 3 2 + addq $17,32,$17 + addq $6,$0,$6 # 2 2 3 1 + mulq $27,$19,$7 # 3 2 1 ##### + cmpult $6,$0,$0 # 2 2 3 2 + addq $21,$0,$0 # 2 3 2 + addq $16,32,$16 + umulh $27,$19,$27 # 3 2 ##### + stq $5,-32($16) # 1 2 4 + mulq $28,$19,$8 # 4 2 1 ##### + addq $7,$0,$7 # 3 2 3 1 + stq $6,-24($16) # 2 2 4 + cmpult $7,$0,$0 # 3 2 3 2 + umulh $28,$19,$28 # 4 2 ##### + addq $27,$0,$0 # 3 3 2 + stq $7,-16($16) # 3 2 4 + addq $8,$0,$8 # 4 2 3 1 + cmpult $8,$0,$0 # 4 2 3 2 + + addq $28,$0,$0 # 4 3 2 + + stq $8,-8($16) # 4 2 4 + + blt $18,$143 + + ldq $20,0($17) # 1 1 + + br $142 + + .align 4 +$145: + ldq $20,0($17) # 4 1 + mulq $20,$19,$5 # 4 2 1 + subq $18,1,$18 + umulh $20,$19,$20 # 4 2 + addq $5,$0,$5 # 4 2 3 1 + addq $16,8,$16 + cmpult $5,$0,$0 # 4 2 3 2 + addq $17,8,$17 + addq $20,$0,$0 # 4 3 2 + stq $5,-8($16) # 4 2 4 + + bgt $18,$145 + ret $31,($26),1 # else exit + + .align 4 +$143: + addq $18,4,$18 + bgt $18,$145 # goto tail code + ret $31,($26),1 # else exit + .end bn_mul_words .align 3 .globl bn_sqr_words @@ -132,44 +190,58 @@ bn_sqr_words: bn_sqr_words..ng: .frame $30,0,$26,0 .prologue 0 - - subq $18,2,$25 # num=-2 - blt $25,$442 - .align 5 -$542: - subq $18,2,$18 # num-=2 - subq $25,2,$25 # num-=2 - ldq $1,0($17) # a[0] - ldq $4,8($17) # a[1] - - mulq $1,$1,$2 # a[0]*w low part r2 - umulh $1,$1,$3 # a[0]*w high part r3 - mulq $4,$4,$5 # a[1]*w low part r5 - umulh $4,$4,$6 # a[1]*w high part r6 - - stq $2,0($16) # r[0] - stq $3,8($16) # r[1] - stq $5,16($16) # r[3] - stq $6,24($16) # r[4] + subq $18,4,$18 + blt $18,$543 # if we are -1, -2, -3 or -4 goto tail code + ldq $20,0($17) # 1 1 + .align 3 +$542: + mulq $20,$20,$5 ###### + ldq $21,8($17) # 1 1 + subq $18,4 + umulh $20,$20,$1 ###### + ldq $27,16($17) # 1 1 + mulq $21,$21,$6 ###### + ldq $28,24($17) # 1 1 + stq $5,0($16) # r[0] + umulh $21,$21,$2 ###### + stq $1,8($16) # r[1] + mulq $27,$27,$7 ###### + stq $6,16($16) # r[0] + umulh $27,$27,$3 ###### + stq $2,24($16) # r[1] + mulq $28,$28,$8 ###### + stq $7,32($16) # r[0] + umulh $28,$28,$4 ###### + stq $3,40($16) # r[1] - ble $18,$443 + addq $16,64,$16 + addq $17,32,$17 + stq $8,-16($16) # r[0] + stq $4,-8($16) # r[1] - addq $16,32,$16 - addq $17,16,$17 - blt $25,$442 - br $31,$542 + blt $18,$543 + ldq $20,0($17) # 1 1 + br $542 $442: - ldq $1,0($17) # a[0] - mulq $1,$1,$2 # a[0]*w low part r2 - umulh $1,$1,$3 # a[0]*w high part r3 - stq $2,0($16) # r[0] - stq $3,8($16) # r[1] + ldq $20,0($17) # a[0] + mulq $20,$20,$5 # a[0]*w low part r2 + addq $16,16,$16 + addq $17,8,$17 + subq $18,1,$18 + umulh $20,$20,$1 # a[0]*w high part r3 + stq $5,-16($16) # r[0] + stq $1,-8($16) # r[1] + + bgt $18,$442 + ret $31,($26),1 # else exit .align 4 -$443: - ret $31,($26),1 +$543: + addq $18,4,$18 + bgt $18,$442 # goto tail code + ret $31,($26),1 # else exit .end bn_sqr_words .align 3 @@ -180,31 +252,74 @@ bn_add_words..ng: .frame $30,0,$26,0 .prologue 0 - bis $31,$31,$8 # carry = 0 - ble $19,$900 + subq $19,4,$19 + bis $31,$31,$0 # carry = 0 + blt $19,$900 + ldq $5,0($17) # a[0] + ldq $1,0($18) # b[1] + .align 3 $901: - ldq $0,0($17) # a[0] - ldq $1,0($18) # a[1] + addq $1,$5,$1 # r=a+b; + ldq $6,8($17) # a[1] + cmpult $1,$5,$22 # did we overflow? + ldq $2,8($18) # b[1] + addq $1,$0,$1 # c+= overflow + ldq $7,16($17) # a[2] + cmpult $1,$0,$0 # overflow? + ldq $3,16($18) # b[2] + addq $0,$22,$0 + ldq $8,24($17) # a[3] + addq $2,$6,$2 # r=a+b; + ldq $4,24($18) # b[3] + cmpult $2,$6,$23 # did we overflow? + addq $3,$7,$3 # r=a+b; + addq $2,$0,$2 # c+= overflow + cmpult $3,$7,$24 # did we overflow? + cmpult $2,$0,$0 # overflow? + addq $4,$8,$4 # r=a+b; + addq $0,$23,$0 + cmpult $4,$8,$25 # did we overflow? + addq $3,$0,$3 # c+= overflow + stq $1,0($16) # r[0]=c + cmpult $3,$0,$0 # overflow? + stq $2,8($16) # r[1]=c + addq $0,$24,$0 + stq $3,16($16) # r[2]=c + addq $4,$0,$4 # c+= overflow + subq $19,4,$19 # loop-- + cmpult $4,$0,$0 # overflow? + addq $17,32,$17 # a++ + addq $0,$25,$0 + stq $4,24($16) # r[3]=c + addq $18,32,$18 # b++ + addq $16,32,$16 # r++ - addq $0,$1,$3 # c=a+b; + blt $19,$900 + ldq $5,0($17) # a[0] + ldq $1,0($18) # b[1] + br $901 + .align 4 +$945: + ldq $5,0($17) # a[0] + ldq $1,0($18) # b[1] + addq $1,$5,$1 # r=a+b; + subq $19,1,$19 # loop-- + addq $1,$0,$1 # c+= overflow addq $17,8,$17 # a++ + cmpult $1,$5,$22 # did we overflow? + cmpult $1,$0,$0 # overflow? + addq $18,8,$18 # b++ + stq $1,0($16) # r[0]=c + addq $0,$22,$0 + addq $16,8,$16 # r++ - cmpult $3,$1,$7 # did we overflow? - addq $18,8,$18 # b++ - - addq $8,$3,$3 # c+=carry - - cmpult $3,$8,$8 # did we overflow? - stq $3,($16) # r[0]=c - - addq $7,$8,$8 # add into overflow - subq $19,1,$19 # loop-- + bgt $19,$945 + ret $31,($26),1 # else exit - addq $16,8,$16 # r++ - bgt $19,$901 $900: - bis $8,$8,$0 # return carry - ret $31,($26),1 + addq $19,4,$19 + bgt $19,$945 # goto tail code + ret $31,($26),1 # else exit .end bn_add_words # @@ -213,11 +328,11 @@ $900: # .text .align 3 - .globl bn_div64 - .ent bn_div64 -bn_div64: + .globl bn_div_words + .ent bn_div_words +bn_div_words: ldgp $29,0($27) -bn_div64..ng: +bn_div_words..ng: lda $30,-48($30) .frame $30,48,$26,0 stq $26,0($30) @@ -338,7 +453,2747 @@ $136: ldq $13,40($30) addq $30,48,$30 ret $31,($26),1 - .end bn_div64 - .ident "GCC: (GNU) 2.7.2.1" + .end bn_div_words + + .set noat + .text + .align 3 + .globl bn_sub_words + .ent bn_sub_words +bn_sub_words: +bn_sub_words..ng: + .frame $30,0,$26,0 + .prologue 0 + + subq $19, 4, $19 + bis $31, $31, $0 + blt $19, $100 + ldq $1, 0($17) + ldq $2, 0($18) +$101: + ldq $3, 8($17) + cmpult $1, $2, $4 + ldq $5, 8($18) + subq $1, $2, $1 + ldq $6, 16($17) + cmpult $1, $0, $2 + ldq $7, 16($18) + subq $1, $0, $23 + ldq $8, 24($17) + addq $2, $4, $0 + cmpult $3, $5, $24 + subq $3, $5, $3 + ldq $22, 24($18) + cmpult $3, $0, $5 + subq $3, $0, $25 + addq $5, $24, $0 + cmpult $6, $7, $27 + subq $6, $7, $6 + stq $23, 0($16) + cmpult $6, $0, $7 + subq $6, $0, $28 + addq $7, $27, $0 + cmpult $8, $22, $21 + subq $8, $22, $8 + stq $25, 8($16) + cmpult $8, $0, $22 + subq $8, $0, $20 + addq $22, $21, $0 + stq $28, 16($16) + subq $19, 4, $19 + stq $20, 24($16) + addq $17, 32, $17 + addq $18, 32, $18 + addq $16, 32, $16 + blt $19, $100 + ldq $1, 0($17) + ldq $2, 0($18) + br $101 +$102: + ldq $1, 0($17) + ldq $2, 0($18) + cmpult $1, $2, $27 + subq $1, $2, $1 + cmpult $1, $0, $2 + subq $1, $0, $1 + stq $1, 0($16) + addq $2, $27, $0 + addq $17, 8, $17 + addq $18, 8, $18 + addq $16, 8, $16 + subq $19, 1, $19 + bgt $19, $102 + ret $31,($26),1 +$100: + addq $19, 4, $19 + bgt $19, $102 +$103: + ret $31,($26),1 + .end bn_sub_words + .text + .align 3 + .globl bn_mul_comba4 + .ent bn_mul_comba4 +bn_mul_comba4: +bn_mul_comba4..ng: + .frame $30,0,$26,0 + .prologue 0 + ldq $0, 0($17) + ldq $1, 0($18) + ldq $2, 8($17) + ldq $3, 8($18) + ldq $4, 16($17) + ldq $5, 16($18) + ldq $6, 24($17) + ldq $7, 24($18) + bis $31, $31, $23 + mulq $0, $1, $8 + umulh $0, $1, $22 + stq $8, 0($16) + bis $31, $31, $8 + mulq $0, $3, $24 + umulh $0, $3, $25 + addq $22, $24, $22 + cmpult $22, $24, $27 + addq $27, $25, $25 + addq $23, $25, $23 + cmpult $23, $25, $28 + addq $8, $28, $8 + mulq $2, $1, $21 + umulh $2, $1, $20 + addq $22, $21, $22 + cmpult $22, $21, $19 + addq $19, $20, $20 + addq $23, $20, $23 + cmpult $23, $20, $17 + addq $8, $17, $8 + stq $22, 8($16) + bis $31, $31, $22 + mulq $2, $3, $18 + umulh $2, $3, $24 + addq $23, $18, $23 + cmpult $23, $18, $27 + addq $27, $24, $24 + addq $8, $24, $8 + cmpult $8, $24, $25 + addq $22, $25, $22 + mulq $0, $5, $28 + umulh $0, $5, $21 + addq $23, $28, $23 + cmpult $23, $28, $19 + addq $19, $21, $21 + addq $8, $21, $8 + cmpult $8, $21, $20 + addq $22, $20, $22 + mulq $4, $1, $17 + umulh $4, $1, $18 + addq $23, $17, $23 + cmpult $23, $17, $27 + addq $27, $18, $18 + addq $8, $18, $8 + cmpult $8, $18, $24 + addq $22, $24, $22 + stq $23, 16($16) + bis $31, $31, $23 + mulq $0, $7, $25 + umulh $0, $7, $28 + addq $8, $25, $8 + cmpult $8, $25, $19 + addq $19, $28, $28 + addq $22, $28, $22 + cmpult $22, $28, $21 + addq $23, $21, $23 + mulq $2, $5, $20 + umulh $2, $5, $17 + addq $8, $20, $8 + cmpult $8, $20, $27 + addq $27, $17, $17 + addq $22, $17, $22 + cmpult $22, $17, $18 + addq $23, $18, $23 + mulq $4, $3, $24 + umulh $4, $3, $25 + addq $8, $24, $8 + cmpult $8, $24, $19 + addq $19, $25, $25 + addq $22, $25, $22 + cmpult $22, $25, $28 + addq $23, $28, $23 + mulq $6, $1, $21 + umulh $6, $1, $0 + addq $8, $21, $8 + cmpult $8, $21, $20 + addq $20, $0, $0 + addq $22, $0, $22 + cmpult $22, $0, $27 + addq $23, $27, $23 + stq $8, 24($16) + bis $31, $31, $8 + mulq $2, $7, $17 + umulh $2, $7, $18 + addq $22, $17, $22 + cmpult $22, $17, $24 + addq $24, $18, $18 + addq $23, $18, $23 + cmpult $23, $18, $19 + addq $8, $19, $8 + mulq $4, $5, $25 + umulh $4, $5, $28 + addq $22, $25, $22 + cmpult $22, $25, $21 + addq $21, $28, $28 + addq $23, $28, $23 + cmpult $23, $28, $20 + addq $8, $20, $8 + mulq $6, $3, $0 + umulh $6, $3, $27 + addq $22, $0, $22 + cmpult $22, $0, $1 + addq $1, $27, $27 + addq $23, $27, $23 + cmpult $23, $27, $17 + addq $8, $17, $8 + stq $22, 32($16) + bis $31, $31, $22 + mulq $4, $7, $24 + umulh $4, $7, $18 + addq $23, $24, $23 + cmpult $23, $24, $19 + addq $19, $18, $18 + addq $8, $18, $8 + cmpult $8, $18, $2 + addq $22, $2, $22 + mulq $6, $5, $25 + umulh $6, $5, $21 + addq $23, $25, $23 + cmpult $23, $25, $28 + addq $28, $21, $21 + addq $8, $21, $8 + cmpult $8, $21, $20 + addq $22, $20, $22 + stq $23, 40($16) + bis $31, $31, $23 + mulq $6, $7, $0 + umulh $6, $7, $1 + addq $8, $0, $8 + cmpult $8, $0, $27 + addq $27, $1, $1 + addq $22, $1, $22 + cmpult $22, $1, $17 + addq $23, $17, $23 + stq $8, 48($16) + stq $22, 56($16) + ret $31,($26),1 + .end bn_mul_comba4 + .text + .align 3 + .globl bn_mul_comba8 + .ent bn_mul_comba8 +bn_mul_comba8: +bn_mul_comba8..ng: + .frame $30,0,$26,0 + .prologue 0 + ldq $1, 0($17) + ldq $2, 0($18) + zapnot $1, 15, $7 + srl $2, 32, $8 + mulq $8, $7, $22 + srl $1, 32, $6 + zapnot $2, 15, $5 + mulq $5, $6, $4 + mulq $7, $5, $24 + addq $22, $4, $22 + cmpult $22, $4, $1 + mulq $6, $8, $3 + beq $1, $173 + bis $31, 1, $1 + sll $1, 32, $1 + addq $3, $1, $3 +$173: + sll $22, 32, $4 + addq $24, $4, $24 + stq $24, 0($16) + ldq $2, 0($17) + ldq $1, 8($18) + zapnot $2, 15, $7 + srl $1, 32, $8 + mulq $8, $7, $25 + zapnot $1, 15, $5 + mulq $7, $5, $0 + srl $2, 32, $6 + mulq $5, $6, $23 + mulq $6, $8, $6 + srl $22, 32, $1 + cmpult $24, $4, $2 + addq $3, $1, $3 + addq $2, $3, $22 + addq $25, $23, $25 + cmpult $25, $23, $1 + bis $31, 1, $2 + beq $1, $177 + sll $2, 32, $1 + addq $6, $1, $6 +$177: + sll $25, 32, $23 + ldq $1, 0($18) + addq $0, $23, $0 + bis $0, $0, $7 + ldq $3, 8($17) + addq $22, $7, $22 + srl $1, 32, $8 + cmpult $22, $7, $4 + zapnot $3, 15, $7 + mulq $8, $7, $28 + zapnot $1, 15, $5 + mulq $7, $5, $21 + srl $25, 32, $1 + cmpult $0, $23, $2 + addq $6, $1, $6 + addq $2, $6, $6 + addq $4, $6, $24 + srl $3, 32, $6 + mulq $5, $6, $2 + mulq $6, $8, $6 + addq $28, $2, $28 + cmpult $28, $2, $1 + bis $31, 1, $2 + beq $1, $181 + sll $2, 32, $1 + addq $6, $1, $6 +$181: + sll $28, 32, $2 + addq $21, $2, $21 + bis $21, $21, $7 + addq $22, $7, $22 + stq $22, 8($16) + ldq $3, 16($17) + ldq $1, 0($18) + cmpult $22, $7, $4 + zapnot $3, 15, $7 + srl $1, 32, $8 + mulq $8, $7, $22 + zapnot $1, 15, $5 + mulq $7, $5, $20 + srl $28, 32, $1 + cmpult $21, $2, $2 + addq $6, $1, $6 + addq $2, $6, $6 + addq $4, $6, $6 + addq $24, $6, $24 + cmpult $24, $6, $23 + srl $3, 32, $6 + mulq $5, $6, $2 + mulq $6, $8, $6 + addq $22, $2, $22 + cmpult $22, $2, $1 + bis $31, 1, $2 + beq $1, $185 + sll $2, 32, $1 + addq $6, $1, $6 +$185: + sll $22, 32, $2 + ldq $1, 8($18) + addq $20, $2, $20 + bis $20, $20, $7 + ldq $4, 8($17) + addq $24, $7, $24 + srl $1, 32, $8 + cmpult $24, $7, $3 + zapnot $4, 15, $7 + mulq $8, $7, $25 + zapnot $1, 15, $5 + mulq $7, $5, $0 + srl $22, 32, $1 + cmpult $20, $2, $2 + addq $6, $1, $6 + addq $2, $6, $6 + addq $3, $6, $6 + addq $23, $6, $23 + cmpult $23, $6, $22 + srl $4, 32, $6 + mulq $5, $6, $5 + bis $31, 1, $21 + addq $25, $5, $25 + cmpult $25, $5, $1 + mulq $6, $8, $6 + beq $1, $189 + sll $21, 32, $1 + addq $6, $1, $6 +$189: + sll $25, 32, $5 + ldq $2, 16($18) + addq $0, $5, $0 + bis $0, $0, $7 + ldq $4, 0($17) + addq $24, $7, $24 + srl $2, 32, $8 + cmpult $24, $7, $3 + zapnot $4, 15, $7 + mulq $8, $7, $28 + srl $25, 32, $1 + addq $6, $1, $6 + cmpult $0, $5, $1 + zapnot $2, 15, $5 + addq $1, $6, $6 + addq $3, $6, $6 + addq $23, $6, $23 + cmpult $23, $6, $1 + srl $4, 32, $6 + mulq $5, $6, $25 + mulq $7, $5, $2 + addq $1, $22, $22 + addq $28, $25, $28 + cmpult $28, $25, $1 + mulq $6, $8, $6 + beq $1, $193 + sll $21, 32, $1 + addq $6, $1, $6 +$193: + sll $28, 32, $25 + addq $2, $25, $2 + bis $2, $2, $7 + addq $24, $7, $24 + stq $24, 16($16) + ldq $4, 0($17) + ldq $5, 24($18) + cmpult $24, $7, $3 + zapnot $4, 15, $7 + srl $5, 32, $8 + mulq $8, $7, $0 + srl $28, 32, $1 + cmpult $2, $25, $2 + addq $6, $1, $6 + addq $2, $6, $6 + addq $3, $6, $6 + addq $23, $6, $23 + cmpult $23, $6, $1 + srl $4, 32, $6 + zapnot $5, 15, $5 + mulq $5, $6, $24 + mulq $7, $5, $2 + addq $1, $22, $22 + addq $0, $24, $0 + cmpult $0, $24, $1 + mulq $6, $8, $6 + beq $1, $197 + sll $21, 32, $1 + addq $6, $1, $6 +$197: + sll $0, 32, $24 + ldq $1, 16($18) + addq $2, $24, $2 + bis $2, $2, $7 + ldq $4, 8($17) + addq $23, $7, $23 + srl $1, 32, $8 + cmpult $23, $7, $3 + zapnot $4, 15, $7 + mulq $8, $7, $25 + zapnot $1, 15, $5 + mulq $7, $5, $21 + srl $0, 32, $1 + cmpult $2, $24, $2 + addq $6, $1, $6 + addq $2, $6, $6 + addq $3, $6, $6 + addq $22, $6, $22 + cmpult $22, $6, $24 + srl $4, 32, $6 + mulq $5, $6, $5 + bis $31, 1, $20 + addq $25, $5, $25 + cmpult $25, $5, $1 + mulq $6, $8, $6 + beq $1, $201 + sll $20, 32, $1 + addq $6, $1, $6 +$201: + sll $25, 32, $5 + ldq $2, 8($18) + addq $21, $5, $21 + bis $21, $21, $7 + ldq $4, 16($17) + addq $23, $7, $23 + srl $2, 32, $8 + cmpult $23, $7, $3 + zapnot $4, 15, $7 + mulq $8, $7, $28 + srl $25, 32, $1 + addq $6, $1, $6 + cmpult $21, $5, $1 + zapnot $2, 15, $5 + addq $1, $6, $6 + addq $3, $6, $6 + addq $22, $6, $22 + cmpult $22, $6, $1 + srl $4, 32, $6 + mulq $5, $6, $25 + mulq $7, $5, $5 + addq $1, $24, $24 + addq $28, $25, $28 + cmpult $28, $25, $1 + mulq $6, $8, $6 + beq $1, $205 + sll $20, 32, $1 + addq $6, $1, $6 +$205: + sll $28, 32, $25 + ldq $2, 0($18) + addq $5, $25, $5 + bis $5, $5, $7 + ldq $4, 24($17) + addq $23, $7, $23 + srl $2, 32, $8 + cmpult $23, $7, $3 + zapnot $4, 15, $7 + mulq $8, $7, $0 + srl $28, 32, $1 + addq $6, $1, $6 + cmpult $5, $25, $1 + zapnot $2, 15, $5 + addq $1, $6, $6 + addq $3, $6, $6 + addq $22, $6, $22 + cmpult $22, $6, $1 + srl $4, 32, $6 + mulq $5, $6, $25 + mulq $7, $5, $2 + addq $1, $24, $24 + addq $0, $25, $0 + cmpult $0, $25, $1 + mulq $6, $8, $6 + beq $1, $209 + sll $20, 32, $1 + addq $6, $1, $6 +$209: + sll $0, 32, $25 + addq $2, $25, $2 + bis $2, $2, $7 + addq $23, $7, $23 + stq $23, 24($16) + ldq $4, 32($17) + ldq $5, 0($18) + cmpult $23, $7, $3 + zapnot $4, 15, $7 + srl $5, 32, $8 + mulq $8, $7, $28 + srl $0, 32, $1 + cmpult $2, $25, $2 + addq $6, $1, $6 + addq $2, $6, $6 + addq $3, $6, $6 + addq $22, $6, $22 + cmpult $22, $6, $1 + srl $4, 32, $6 + zapnot $5, 15, $5 + mulq $5, $6, $23 + mulq $7, $5, $2 + addq $1, $24, $24 + addq $28, $23, $28 + cmpult $28, $23, $1 + mulq $6, $8, $6 + beq $1, $213 + sll $20, 32, $1 + addq $6, $1, $6 +$213: + sll $28, 32, $23 + ldq $1, 8($18) + addq $2, $23, $2 + bis $2, $2, $7 + ldq $4, 24($17) + addq $22, $7, $22 + srl $1, 32, $8 + cmpult $22, $7, $3 + zapnot $4, 15, $7 + mulq $8, $7, $25 + zapnot $1, 15, $5 + mulq $7, $5, $0 + srl $28, 32, $1 + cmpult $2, $23, $2 + addq $6, $1, $6 + addq $2, $6, $6 + addq $3, $6, $6 + addq $24, $6, $24 + cmpult $24, $6, $23 + srl $4, 32, $6 + mulq $5, $6, $5 + bis $31, 1, $21 + addq $25, $5, $25 + cmpult $25, $5, $1 + mulq $6, $8, $6 + beq $1, $217 + sll $21, 32, $1 + addq $6, $1, $6 +$217: + sll $25, 32, $5 + ldq $2, 16($18) + addq $0, $5, $0 + bis $0, $0, $7 + ldq $4, 16($17) + addq $22, $7, $22 + srl $2, 32, $8 + cmpult $22, $7, $3 + zapnot $4, 15, $7 + mulq $8, $7, $28 + srl $25, 32, $1 + addq $6, $1, $6 + cmpult $0, $5, $1 + zapnot $2, 15, $5 + addq $1, $6, $6 + addq $3, $6, $6 + addq $24, $6, $24 + cmpult $24, $6, $1 + srl $4, 32, $6 + mulq $5, $6, $25 + mulq $7, $5, $5 + addq $1, $23, $23 + addq $28, $25, $28 + cmpult $28, $25, $1 + mulq $6, $8, $6 + beq $1, $221 + sll $21, 32, $1 + addq $6, $1, $6 +$221: + sll $28, 32, $25 + ldq $2, 24($18) + addq $5, $25, $5 + bis $5, $5, $7 + ldq $4, 8($17) + addq $22, $7, $22 + srl $2, 32, $8 + cmpult $22, $7, $3 + zapnot $4, 15, $7 + mulq $8, $7, $0 + srl $28, 32, $1 + addq $6, $1, $6 + cmpult $5, $25, $1 + zapnot $2, 15, $5 + addq $1, $6, $6 + addq $3, $6, $6 + addq $24, $6, $24 + cmpult $24, $6, $1 + srl $4, 32, $6 + mulq $5, $6, $25 + mulq $7, $5, $5 + addq $1, $23, $23 + addq $0, $25, $0 + cmpult $0, $25, $1 + mulq $6, $8, $6 + beq $1, $225 + sll $21, 32, $1 + addq $6, $1, $6 +$225: + sll $0, 32, $25 + ldq $2, 32($18) + addq $5, $25, $5 + bis $5, $5, $7 + ldq $4, 0($17) + addq $22, $7, $22 + srl $2, 32, $8 + cmpult $22, $7, $3 + zapnot $4, 15, $7 + mulq $8, $7, $28 + srl $0, 32, $1 + addq $6, $1, $6 + cmpult $5, $25, $1 + zapnot $2, 15, $5 + addq $1, $6, $6 + addq $3, $6, $6 + addq $24, $6, $24 + cmpult $24, $6, $1 + srl $4, 32, $6 + mulq $5, $6, $25 + mulq $7, $5, $2 + addq $1, $23, $23 + addq $28, $25, $28 + cmpult $28, $25, $1 + mulq $6, $8, $6 + beq $1, $229 + sll $21, 32, $1 + addq $6, $1, $6 +$229: + sll $28, 32, $25 + addq $2, $25, $2 + bis $2, $2, $7 + addq $22, $7, $22 + stq $22, 32($16) + ldq $4, 0($17) + ldq $5, 40($18) + cmpult $22, $7, $3 + zapnot $4, 15, $7 + srl $5, 32, $8 + mulq $8, $7, $0 + srl $28, 32, $1 + cmpult $2, $25, $2 + addq $6, $1, $6 + addq $2, $6, $6 + addq $3, $6, $6 + addq $24, $6, $24 + cmpult $24, $6, $1 + srl $4, 32, $6 + zapnot $5, 15, $5 + mulq $5, $6, $22 + mulq $7, $5, $2 + addq $1, $23, $23 + addq $0, $22, $0 + cmpult $0, $22, $1 + mulq $6, $8, $6 + beq $1, $233 + sll $21, 32, $1 + addq $6, $1, $6 +$233: + sll $0, 32, $22 + ldq $1, 32($18) + addq $2, $22, $2 + bis $2, $2, $7 + ldq $4, 8($17) + addq $24, $7, $24 + srl $1, 32, $8 + cmpult $24, $7, $3 + zapnot $4, 15, $7 + mulq $8, $7, $25 + zapnot $1, 15, $5 + mulq $7, $5, $21 + srl $0, 32, $1 + cmpult $2, $22, $2 + addq $6, $1, $6 + addq $2, $6, $6 + addq $3, $6, $6 + addq $23, $6, $23 + cmpult $23, $6, $22 + srl $4, 32, $6 + mulq $5, $6, $5 + bis $31, 1, $20 + addq $25, $5, $25 + cmpult $25, $5, $1 + mulq $6, $8, $6 + beq $1, $237 + sll $20, 32, $1 + addq $6, $1, $6 +$237: + sll $25, 32, $5 + ldq $2, 24($18) + addq $21, $5, $21 + bis $21, $21, $7 + ldq $4, 16($17) + addq $24, $7, $24 + srl $2, 32, $8 + cmpult $24, $7, $3 + zapnot $4, 15, $7 + mulq $8, $7, $28 + srl $25, 32, $1 + addq $6, $1, $6 + cmpult $21, $5, $1 + zapnot $2, 15, $5 + addq $1, $6, $6 + addq $3, $6, $6 + addq $23, $6, $23 + cmpult $23, $6, $1 + srl $4, 32, $6 + mulq $5, $6, $25 + mulq $7, $5, $5 + addq $1, $22, $22 + addq $28, $25, $28 + cmpult $28, $25, $1 + mulq $6, $8, $6 + beq $1, $241 + sll $20, 32, $1 + addq $6, $1, $6 +$241: + sll $28, 32, $25 + ldq $2, 16($18) + addq $5, $25, $5 + bis $5, $5, $7 + ldq $4, 24($17) + addq $24, $7, $24 + srl $2, 32, $8 + cmpult $24, $7, $3 + zapnot $4, 15, $7 + mulq $8, $7, $0 + srl $28, 32, $1 + addq $6, $1, $6 + cmpult $5, $25, $1 + zapnot $2, 15, $5 + addq $1, $6, $6 + addq $3, $6, $6 + addq $23, $6, $23 + cmpult $23, $6, $1 + srl $4, 32, $6 + mulq $5, $6, $25 + mulq $7, $5, $5 + addq $1, $22, $22 + addq $0, $25, $0 + cmpult $0, $25, $1 + mulq $6, $8, $6 + beq $1, $245 + sll $20, 32, $1 + addq $6, $1, $6 +$245: + sll $0, 32, $25 + ldq $2, 8($18) + addq $5, $25, $5 + bis $5, $5, $7 + ldq $4, 32($17) + addq $24, $7, $24 + srl $2, 32, $8 + cmpult $24, $7, $3 + zapnot $4, 15, $7 + mulq $8, $7, $28 + srl $0, 32, $1 + addq $6, $1, $6 + cmpult $5, $25, $1 + zapnot $2, 15, $5 + addq $1, $6, $6 + addq $3, $6, $6 + addq $23, $6, $23 + cmpult $23, $6, $1 + srl $4, 32, $6 + mulq $5, $6, $25 + mulq $7, $5, $5 + addq $1, $22, $22 + addq $28, $25, $28 + cmpult $28, $25, $1 + mulq $6, $8, $6 + beq $1, $249 + sll $20, 32, $1 + addq $6, $1, $6 +$249: + sll $28, 32, $25 + ldq $2, 0($18) + addq $5, $25, $5 + bis $5, $5, $7 + ldq $4, 40($17) + addq $24, $7, $24 + srl $2, 32, $8 + cmpult $24, $7, $3 + zapnot $4, 15, $7 + mulq $8, $7, $0 + srl $28, 32, $1 + addq $6, $1, $6 + cmpult $5, $25, $1 + zapnot $2, 15, $5 + addq $1, $6, $6 + addq $3, $6, $6 + addq $23, $6, $23 + cmpult $23, $6, $1 + srl $4, 32, $6 + mulq $5, $6, $25 + mulq $7, $5, $2 + addq $1, $22, $22 + addq $0, $25, $0 + cmpult $0, $25, $1 + mulq $6, $8, $6 + beq $1, $253 + sll $20, 32, $1 + addq $6, $1, $6 +$253: + sll $0, 32, $25 + addq $2, $25, $2 + bis $2, $2, $7 + addq $24, $7, $24 + stq $24, 40($16) + ldq $4, 48($17) + ldq $5, 0($18) + cmpult $24, $7, $3 + zapnot $4, 15, $7 + srl $5, 32, $8 + mulq $8, $7, $28 + srl $0, 32, $1 + cmpult $2, $25, $2 + addq $6, $1, $6 + addq $2, $6, $6 + addq $3, $6, $6 + addq $23, $6, $23 + cmpult $23, $6, $1 + srl $4, 32, $6 + zapnot $5, 15, $5 + mulq $5, $6, $24 + mulq $7, $5, $2 + addq $1, $22, $22 + addq $28, $24, $28 + cmpult $28, $24, $1 + mulq $6, $8, $6 + beq $1, $257 + sll $20, 32, $1 + addq $6, $1, $6 +$257: + sll $28, 32, $24 + ldq $1, 8($18) + addq $2, $24, $2 + bis $2, $2, $7 + ldq $4, 40($17) + addq $23, $7, $23 + srl $1, 32, $8 + cmpult $23, $7, $3 + zapnot $4, 15, $7 + mulq $8, $7, $25 + zapnot $1, 15, $5 + mulq $7, $5, $0 + srl $28, 32, $1 + cmpult $2, $24, $2 + addq $6, $1, $6 + addq $2, $6, $6 + addq $3, $6, $6 + addq $22, $6, $22 + cmpult $22, $6, $24 + srl $4, 32, $6 + mulq $5, $6, $5 + bis $31, 1, $21 + addq $25, $5, $25 + cmpult $25, $5, $1 + mulq $6, $8, $6 + beq $1, $261 + sll $21, 32, $1 + addq $6, $1, $6 +$261: + sll $25, 32, $5 + ldq $2, 16($18) + addq $0, $5, $0 + bis $0, $0, $7 + ldq $4, 32($17) + addq $23, $7, $23 + srl $2, 32, $8 + cmpult $23, $7, $3 + zapnot $4, 15, $7 + mulq $8, $7, $28 + srl $25, 32, $1 + addq $6, $1, $6 + cmpult $0, $5, $1 + zapnot $2, 15, $5 + addq $1, $6, $6 + addq $3, $6, $6 + addq $22, $6, $22 + cmpult $22, $6, $1 + srl $4, 32, $6 + mulq $5, $6, $25 + mulq $7, $5, $5 + addq $1, $24, $24 + addq $28, $25, $28 + cmpult $28, $25, $1 + mulq $6, $8, $6 + beq $1, $265 + sll $21, 32, $1 + addq $6, $1, $6 +$265: + sll $28, 32, $25 + ldq $2, 24($18) + addq $5, $25, $5 + bis $5, $5, $7 + ldq $4, 24($17) + addq $23, $7, $23 + srl $2, 32, $8 + cmpult $23, $7, $3 + zapnot $4, 15, $7 + mulq $8, $7, $0 + srl $28, 32, $1 + addq $6, $1, $6 + cmpult $5, $25, $1 + zapnot $2, 15, $5 + addq $1, $6, $6 + addq $3, $6, $6 + addq $22, $6, $22 + cmpult $22, $6, $1 + srl $4, 32, $6 + mulq $5, $6, $25 + mulq $7, $5, $5 + addq $1, $24, $24 + addq $0, $25, $0 + cmpult $0, $25, $1 + mulq $6, $8, $6 + beq $1, $269 + sll $21, 32, $1 + addq $6, $1, $6 +$269: + sll $0, 32, $25 + ldq $2, 32($18) + addq $5, $25, $5 + bis $5, $5, $7 + ldq $4, 16($17) + addq $23, $7, $23 + srl $2, 32, $8 + cmpult $23, $7, $3 + zapnot $4, 15, $7 + mulq $8, $7, $28 + srl $0, 32, $1 + addq $6, $1, $6 + cmpult $5, $25, $1 + zapnot $2, 15, $5 + addq $1, $6, $6 + addq $3, $6, $6 + addq $22, $6, $22 + cmpult $22, $6, $1 + srl $4, 32, $6 + mulq $5, $6, $25 + mulq $7, $5, $5 + addq $1, $24, $24 + addq $28, $25, $28 + cmpult $28, $25, $1 + mulq $6, $8, $6 + beq $1, $273 + sll $21, 32, $1 + addq $6, $1, $6 +$273: + sll $28, 32, $25 + ldq $2, 40($18) + addq $5, $25, $5 + bis $5, $5, $7 + ldq $4, 8($17) + addq $23, $7, $23 + srl $2, 32, $8 + cmpult $23, $7, $3 + zapnot $4, 15, $7 + mulq $8, $7, $0 + srl $28, 32, $1 + addq $6, $1, $6 + cmpult $5, $25, $1 + zapnot $2, 15, $5 + addq $1, $6, $6 + addq $3, $6, $6 + addq $22, $6, $22 + cmpult $22, $6, $1 + srl $4, 32, $6 + mulq $5, $6, $25 + mulq $7, $5, $5 + addq $1, $24, $24 + addq $0, $25, $0 + cmpult $0, $25, $1 + mulq $6, $8, $6 + beq $1, $277 + sll $21, 32, $1 + addq $6, $1, $6 +$277: + sll $0, 32, $25 + ldq $2, 48($18) + addq $5, $25, $5 + bis $5, $5, $7 + ldq $4, 0($17) + addq $23, $7, $23 + srl $2, 32, $8 + cmpult $23, $7, $3 + zapnot $4, 15, $7 + mulq $8, $7, $28 + srl $0, 32, $1 + addq $6, $1, $6 + cmpult $5, $25, $1 + zapnot $2, 15, $5 + addq $1, $6, $6 + addq $3, $6, $6 + addq $22, $6, $22 + cmpult $22, $6, $1 + srl $4, 32, $6 + mulq $5, $6, $25 + mulq $7, $5, $2 + addq $1, $24, $24 + addq $28, $25, $28 + cmpult $28, $25, $1 + mulq $6, $8, $6 + beq $1, $281 + sll $21, 32, $1 + addq $6, $1, $6 +$281: + sll $28, 32, $25 + addq $2, $25, $2 + bis $2, $2, $7 + addq $23, $7, $23 + stq $23, 48($16) + ldq $4, 0($17) + ldq $5, 56($18) + cmpult $23, $7, $3 + zapnot $4, 15, $7 + srl $5, 32, $8 + mulq $8, $7, $0 + srl $28, 32, $1 + cmpult $2, $25, $2 + addq $6, $1, $6 + addq $2, $6, $6 + addq $3, $6, $6 + addq $22, $6, $22 + cmpult $22, $6, $1 + srl $4, 32, $6 + zapnot $5, 15, $5 + mulq $5, $6, $23 + mulq $7, $5, $2 + addq $1, $24, $24 + addq $0, $23, $0 + cmpult $0, $23, $1 + mulq $6, $8, $6 + beq $1, $285 + sll $21, 32, $1 + addq $6, $1, $6 +$285: + sll $0, 32, $23 + ldq $1, 48($18) + addq $2, $23, $2 + bis $2, $2, $7 + ldq $4, 8($17) + addq $22, $7, $22 + srl $1, 32, $8 + cmpult $22, $7, $3 + zapnot $4, 15, $7 + mulq $8, $7, $25 + zapnot $1, 15, $5 + mulq $7, $5, $21 + srl $0, 32, $1 + cmpult $2, $23, $2 + addq $6, $1, $6 + addq $2, $6, $6 + addq $3, $6, $6 + addq $24, $6, $24 + cmpult $24, $6, $23 + srl $4, 32, $6 + mulq $5, $6, $5 + bis $31, 1, $20 + addq $25, $5, $25 + cmpult $25, $5, $1 + mulq $6, $8, $6 + beq $1, $289 + sll $20, 32, $1 + addq $6, $1, $6 +$289: + sll $25, 32, $5 + ldq $2, 40($18) + addq $21, $5, $21 + bis $21, $21, $7 + ldq $4, 16($17) + addq $22, $7, $22 + srl $2, 32, $8 + cmpult $22, $7, $3 + zapnot $4, 15, $7 + mulq $8, $7, $28 + srl $25, 32, $1 + addq $6, $1, $6 + cmpult $21, $5, $1 + zapnot $2, 15, $5 + addq $1, $6, $6 + addq $3, $6, $6 + addq $24, $6, $24 + cmpult $24, $6, $1 + srl $4, 32, $6 + mulq $5, $6, $25 + mulq $7, $5, $5 + addq $1, $23, $23 + addq $28, $25, $28 + cmpult $28, $25, $1 + mulq $6, $8, $6 + beq $1, $293 + sll $20, 32, $1 + addq $6, $1, $6 +$293: + sll $28, 32, $25 + ldq $2, 32($18) + addq $5, $25, $5 + bis $5, $5, $7 + ldq $4, 24($17) + addq $22, $7, $22 + srl $2, 32, $8 + cmpult $22, $7, $3 + zapnot $4, 15, $7 + mulq $8, $7, $0 + srl $28, 32, $1 + addq $6, $1, $6 + cmpult $5, $25, $1 + zapnot $2, 15, $5 + addq $1, $6, $6 + addq $3, $6, $6 + addq $24, $6, $24 + cmpult $24, $6, $1 + srl $4, 32, $6 + mulq $5, $6, $25 + mulq $7, $5, $5 + addq $1, $23, $23 + addq $0, $25, $0 + cmpult $0, $25, $1 + mulq $6, $8, $6 + beq $1, $297 + sll $20, 32, $1 + addq $6, $1, $6 +$297: + sll $0, 32, $25 + ldq $2, 24($18) + addq $5, $25, $5 + bis $5, $5, $7 + ldq $4, 32($17) + addq $22, $7, $22 + srl $2, 32, $8 + cmpult $22, $7, $3 + zapnot $4, 15, $7 + mulq $8, $7, $28 + srl $0, 32, $1 + addq $6, $1, $6 + cmpult $5, $25, $1 + zapnot $2, 15, $5 + addq $1, $6, $6 + addq $3, $6, $6 + addq $24, $6, $24 + cmpult $24, $6, $1 + srl $4, 32, $6 + mulq $5, $6, $25 + mulq $7, $5, $5 + addq $1, $23, $23 + addq $28, $25, $28 + cmpult $28, $25, $1 + mulq $6, $8, $6 + beq $1, $301 + sll $20, 32, $1 + addq $6, $1, $6 +$301: + sll $28, 32, $25 + ldq $2, 16($18) + addq $5, $25, $5 + bis $5, $5, $7 + ldq $4, 40($17) + addq $22, $7, $22 + srl $2, 32, $8 + cmpult $22, $7, $3 + zapnot $4, 15, $7 + mulq $8, $7, $0 + srl $28, 32, $1 + addq $6, $1, $6 + cmpult $5, $25, $1 + zapnot $2, 15, $5 + addq $1, $6, $6 + addq $3, $6, $6 + addq $24, $6, $24 + cmpult $24, $6, $1 + srl $4, 32, $6 + mulq $5, $6, $25 + mulq $7, $5, $5 + addq $1, $23, $23 + addq $0, $25, $0 + cmpult $0, $25, $1 + mulq $6, $8, $6 + beq $1, $305 + sll $20, 32, $1 + addq $6, $1, $6 +$305: + sll $0, 32, $25 + ldq $2, 8($18) + addq $5, $25, $5 + bis $5, $5, $7 + ldq $4, 48($17) + addq $22, $7, $22 + srl $2, 32, $8 + cmpult $22, $7, $3 + zapnot $4, 15, $7 + mulq $8, $7, $28 + srl $0, 32, $1 + addq $6, $1, $6 + cmpult $5, $25, $1 + zapnot $2, 15, $5 + addq $1, $6, $6 + addq $3, $6, $6 + addq $24, $6, $24 + cmpult $24, $6, $1 + srl $4, 32, $6 + mulq $5, $6, $25 + mulq $7, $5, $5 + addq $1, $23, $23 + addq $28, $25, $28 + cmpult $28, $25, $1 + mulq $6, $8, $6 + beq $1, $309 + sll $20, 32, $1 + addq $6, $1, $6 +$309: + sll $28, 32, $25 + ldq $2, 0($18) + addq $5, $25, $5 + bis $5, $5, $7 + ldq $4, 56($17) + addq $22, $7, $22 + srl $2, 32, $8 + cmpult $22, $7, $3 + zapnot $4, 15, $7 + mulq $8, $7, $0 + srl $28, 32, $1 + addq $6, $1, $6 + cmpult $5, $25, $1 + zapnot $2, 15, $5 + addq $1, $6, $6 + addq $3, $6, $6 + addq $24, $6, $24 + cmpult $24, $6, $1 + srl $4, 32, $6 + mulq $5, $6, $25 + mulq $7, $5, $2 + addq $1, $23, $23 + addq $0, $25, $0 + cmpult $0, $25, $1 + mulq $6, $8, $6 + beq $1, $313 + sll $20, 32, $1 + addq $6, $1, $6 +$313: + sll $0, 32, $25 + addq $2, $25, $2 + bis $2, $2, $7 + addq $22, $7, $22 + stq $22, 56($16) + ldq $4, 56($17) + ldq $5, 8($18) + cmpult $22, $7, $3 + zapnot $4, 15, $7 + srl $5, 32, $8 + mulq $8, $7, $28 + srl $0, 32, $1 + cmpult $2, $25, $2 + addq $6, $1, $6 + addq $2, $6, $6 + addq $3, $6, $6 + addq $24, $6, $24 + cmpult $24, $6, $1 + srl $4, 32, $6 + zapnot $5, 15, $5 + mulq $5, $6, $22 + mulq $7, $5, $2 + addq $1, $23, $23 + addq $28, $22, $28 + cmpult $28, $22, $1 + mulq $6, $8, $6 + beq $1, $317 + sll $20, 32, $1 + addq $6, $1, $6 +$317: + sll $28, 32, $22 + ldq $1, 16($18) + addq $2, $22, $2 + bis $2, $2, $7 + ldq $4, 48($17) + addq $24, $7, $24 + srl $1, 32, $8 + cmpult $24, $7, $3 + zapnot $4, 15, $7 + mulq $8, $7, $25 + zapnot $1, 15, $5 + mulq $7, $5, $0 + srl $28, 32, $1 + cmpult $2, $22, $2 + addq $6, $1, $6 + addq $2, $6, $6 + addq $3, $6, $6 + addq $23, $6, $23 + cmpult $23, $6, $22 + srl $4, 32, $6 + mulq $5, $6, $5 + bis $31, 1, $21 + addq $25, $5, $25 + cmpult $25, $5, $1 + mulq $6, $8, $6 + beq $1, $321 + sll $21, 32, $1 + addq $6, $1, $6 +$321: + sll $25, 32, $5 + ldq $2, 24($18) + addq $0, $5, $0 + bis $0, $0, $7 + ldq $4, 40($17) + addq $24, $7, $24 + srl $2, 32, $8 + cmpult $24, $7, $3 + zapnot $4, 15, $7 + mulq $8, $7, $28 + srl $25, 32, $1 + addq $6, $1, $6 + cmpult $0, $5, $1 + zapnot $2, 15, $5 + addq $1, $6, $6 + addq $3, $6, $6 + addq $23, $6, $23 + cmpult $23, $6, $1 + srl $4, 32, $6 + mulq $5, $6, $25 + mulq $7, $5, $5 + addq $1, $22, $22 + addq $28, $25, $28 + cmpult $28, $25, $1 + mulq $6, $8, $6 + beq $1, $325 + sll $21, 32, $1 + addq $6, $1, $6 +$325: + sll $28, 32, $25 + ldq $2, 32($18) + addq $5, $25, $5 + bis $5, $5, $7 + ldq $4, 32($17) + addq $24, $7, $24 + srl $2, 32, $8 + cmpult $24, $7, $3 + zapnot $4, 15, $7 + mulq $8, $7, $0 + srl $28, 32, $1 + addq $6, $1, $6 + cmpult $5, $25, $1 + zapnot $2, 15, $5 + addq $1, $6, $6 + addq $3, $6, $6 + addq $23, $6, $23 + cmpult $23, $6, $1 + srl $4, 32, $6 + mulq $5, $6, $25 + mulq $7, $5, $5 + addq $1, $22, $22 + addq $0, $25, $0 + cmpult $0, $25, $1 + mulq $6, $8, $6 + beq $1, $329 + sll $21, 32, $1 + addq $6, $1, $6 +$329: + sll $0, 32, $25 + ldq $2, 40($18) + addq $5, $25, $5 + bis $5, $5, $7 + ldq $4, 24($17) + addq $24, $7, $24 + srl $2, 32, $8 + cmpult $24, $7, $3 + zapnot $4, 15, $7 + mulq $8, $7, $28 + srl $0, 32, $1 + addq $6, $1, $6 + cmpult $5, $25, $1 + zapnot $2, 15, $5 + addq $1, $6, $6 + addq $3, $6, $6 + addq $23, $6, $23 + cmpult $23, $6, $1 + srl $4, 32, $6 + mulq $5, $6, $25 + mulq $7, $5, $5 + addq $1, $22, $22 + addq $28, $25, $28 + cmpult $28, $25, $1 + mulq $6, $8, $6 + beq $1, $333 + sll $21, 32, $1 + addq $6, $1, $6 +$333: + sll $28, 32, $25 + ldq $2, 48($18) + addq $5, $25, $5 + bis $5, $5, $7 + ldq $4, 16($17) + addq $24, $7, $24 + srl $2, 32, $8 + cmpult $24, $7, $3 + zapnot $4, 15, $7 + mulq $8, $7, $0 + srl $28, 32, $1 + addq $6, $1, $6 + cmpult $5, $25, $1 + zapnot $2, 15, $5 + addq $1, $6, $6 + addq $3, $6, $6 + addq $23, $6, $23 + cmpult $23, $6, $1 + srl $4, 32, $6 + mulq $5, $6, $25 + mulq $7, $5, $5 + addq $1, $22, $22 + addq $0, $25, $0 + cmpult $0, $25, $1 + mulq $6, $8, $6 + beq $1, $337 + sll $21, 32, $1 + addq $6, $1, $6 +$337: + sll $0, 32, $25 + ldq $2, 56($18) + addq $5, $25, $5 + bis $5, $5, $7 + ldq $4, 8($17) + addq $24, $7, $24 + srl $2, 32, $8 + cmpult $24, $7, $3 + zapnot $4, 15, $7 + mulq $8, $7, $28 + srl $0, 32, $1 + addq $6, $1, $6 + cmpult $5, $25, $1 + zapnot $2, 15, $5 + addq $1, $6, $6 + addq $3, $6, $6 + addq $23, $6, $23 + cmpult $23, $6, $1 + srl $4, 32, $6 + mulq $5, $6, $25 + mulq $7, $5, $2 + addq $1, $22, $22 + addq $28, $25, $28 + cmpult $28, $25, $1 + mulq $6, $8, $6 + beq $1, $341 + sll $21, 32, $1 + addq $6, $1, $6 +$341: + sll $28, 32, $25 + addq $2, $25, $2 + bis $2, $2, $7 + addq $24, $7, $24 + stq $24, 64($16) + ldq $4, 16($17) + ldq $5, 56($18) + cmpult $24, $7, $3 + zapnot $4, 15, $7 + srl $5, 32, $8 + mulq $8, $7, $0 + srl $28, 32, $1 + cmpult $2, $25, $2 + addq $6, $1, $6 + addq $2, $6, $6 + addq $3, $6, $6 + addq $23, $6, $23 + cmpult $23, $6, $1 + srl $4, 32, $6 + zapnot $5, 15, $5 + mulq $5, $6, $24 + mulq $7, $5, $2 + addq $1, $22, $22 + addq $0, $24, $0 + cmpult $0, $24, $1 + mulq $6, $8, $6 + beq $1, $345 + sll $21, 32, $1 + addq $6, $1, $6 +$345: + sll $0, 32, $24 + ldq $1, 48($18) + addq $2, $24, $2 + bis $2, $2, $7 + ldq $4, 24($17) + addq $23, $7, $23 + srl $1, 32, $8 + cmpult $23, $7, $3 + zapnot $4, 15, $7 + mulq $8, $7, $25 + zapnot $1, 15, $5 + mulq $7, $5, $21 + srl $0, 32, $1 + cmpult $2, $24, $2 + addq $6, $1, $6 + addq $2, $6, $6 + addq $3, $6, $6 + addq $22, $6, $22 + cmpult $22, $6, $24 + srl $4, 32, $6 + mulq $5, $6, $5 + bis $31, 1, $20 + addq $25, $5, $25 + cmpult $25, $5, $1 + mulq $6, $8, $6 + beq $1, $349 + sll $20, 32, $1 + addq $6, $1, $6 +$349: + sll $25, 32, $5 + ldq $2, 40($18) + addq $21, $5, $21 + bis $21, $21, $7 + ldq $4, 32($17) + addq $23, $7, $23 + srl $2, 32, $8 + cmpult $23, $7, $3 + zapnot $4, 15, $7 + mulq $8, $7, $28 + srl $25, 32, $1 + addq $6, $1, $6 + cmpult $21, $5, $1 + zapnot $2, 15, $5 + addq $1, $6, $6 + addq $3, $6, $6 + addq $22, $6, $22 + cmpult $22, $6, $1 + srl $4, 32, $6 + mulq $5, $6, $25 + mulq $7, $5, $5 + addq $1, $24, $24 + addq $28, $25, $28 + cmpult $28, $25, $1 + mulq $6, $8, $6 + beq $1, $353 + sll $20, 32, $1 + addq $6, $1, $6 +$353: + sll $28, 32, $25 + ldq $2, 32($18) + addq $5, $25, $5 + bis $5, $5, $7 + ldq $4, 40($17) + addq $23, $7, $23 + srl $2, 32, $8 + cmpult $23, $7, $3 + zapnot $4, 15, $7 + mulq $8, $7, $0 + srl $28, 32, $1 + addq $6, $1, $6 + cmpult $5, $25, $1 + zapnot $2, 15, $5 + addq $1, $6, $6 + addq $3, $6, $6 + addq $22, $6, $22 + cmpult $22, $6, $1 + srl $4, 32, $6 + mulq $5, $6, $25 + mulq $7, $5, $5 + addq $1, $24, $24 + addq $0, $25, $0 + cmpult $0, $25, $1 + mulq $6, $8, $6 + beq $1, $357 + sll $20, 32, $1 + addq $6, $1, $6 +$357: + sll $0, 32, $25 + ldq $2, 24($18) + addq $5, $25, $5 + bis $5, $5, $7 + ldq $4, 48($17) + addq $23, $7, $23 + srl $2, 32, $8 + cmpult $23, $7, $3 + zapnot $4, 15, $7 + mulq $8, $7, $28 + srl $0, 32, $1 + addq $6, $1, $6 + cmpult $5, $25, $1 + zapnot $2, 15, $5 + addq $1, $6, $6 + addq $3, $6, $6 + addq $22, $6, $22 + cmpult $22, $6, $1 + srl $4, 32, $6 + mulq $5, $6, $25 + mulq $7, $5, $5 + addq $1, $24, $24 + addq $28, $25, $28 + cmpult $28, $25, $1 + mulq $6, $8, $6 + beq $1, $361 + sll $20, 32, $1 + addq $6, $1, $6 +$361: + sll $28, 32, $25 + ldq $2, 16($18) + addq $5, $25, $5 + bis $5, $5, $7 + ldq $4, 56($17) + addq $23, $7, $23 + srl $2, 32, $8 + cmpult $23, $7, $3 + zapnot $4, 15, $7 + mulq $8, $7, $0 + srl $28, 32, $1 + addq $6, $1, $6 + cmpult $5, $25, $1 + zapnot $2, 15, $5 + addq $1, $6, $6 + addq $3, $6, $6 + addq $22, $6, $22 + cmpult $22, $6, $1 + srl $4, 32, $6 + mulq $5, $6, $25 + mulq $7, $5, $2 + addq $1, $24, $24 + addq $0, $25, $0 + cmpult $0, $25, $1 + mulq $6, $8, $6 + beq $1, $365 + sll $20, 32, $1 + addq $6, $1, $6 +$365: + sll $0, 32, $25 + addq $2, $25, $2 + bis $2, $2, $7 + addq $23, $7, $23 + stq $23, 72($16) + ldq $4, 56($17) + ldq $5, 24($18) + cmpult $23, $7, $3 + zapnot $4, 15, $7 + srl $5, 32, $8 + mulq $8, $7, $28 + srl $0, 32, $1 + cmpult $2, $25, $2 + addq $6, $1, $6 + addq $2, $6, $6 + addq $3, $6, $6 + addq $22, $6, $22 + cmpult $22, $6, $1 + srl $4, 32, $6 + zapnot $5, 15, $5 + mulq $5, $6, $23 + mulq $7, $5, $2 + addq $1, $24, $24 + addq $28, $23, $28 + cmpult $28, $23, $1 + mulq $6, $8, $6 + beq $1, $369 + sll $20, 32, $1 + addq $6, $1, $6 +$369: + sll $28, 32, $23 + ldq $1, 32($18) + addq $2, $23, $2 + bis $2, $2, $7 + ldq $4, 48($17) + addq $22, $7, $22 + srl $1, 32, $8 + cmpult $22, $7, $3 + zapnot $4, 15, $7 + mulq $8, $7, $25 + zapnot $1, 15, $5 + mulq $7, $5, $0 + srl $28, 32, $1 + cmpult $2, $23, $2 + addq $6, $1, $6 + addq $2, $6, $6 + addq $3, $6, $6 + addq $24, $6, $24 + cmpult $24, $6, $23 + srl $4, 32, $6 + mulq $5, $6, $5 + bis $31, 1, $21 + addq $25, $5, $25 + cmpult $25, $5, $1 + mulq $6, $8, $6 + beq $1, $373 + sll $21, 32, $1 + addq $6, $1, $6 +$373: + sll $25, 32, $5 + ldq $2, 40($18) + addq $0, $5, $0 + bis $0, $0, $7 + ldq $4, 40($17) + addq $22, $7, $22 + srl $2, 32, $8 + cmpult $22, $7, $3 + zapnot $4, 15, $7 + mulq $8, $7, $28 + srl $25, 32, $1 + addq $6, $1, $6 + cmpult $0, $5, $1 + zapnot $2, 15, $5 + addq $1, $6, $6 + addq $3, $6, $6 + addq $24, $6, $24 + cmpult $24, $6, $1 + srl $4, 32, $6 + mulq $5, $6, $25 + mulq $7, $5, $5 + addq $1, $23, $23 + addq $28, $25, $28 + cmpult $28, $25, $1 + mulq $6, $8, $6 + beq $1, $377 + sll $21, 32, $1 + addq $6, $1, $6 +$377: + sll $28, 32, $25 + ldq $2, 48($18) + addq $5, $25, $5 + bis $5, $5, $7 + ldq $4, 32($17) + addq $22, $7, $22 + srl $2, 32, $8 + cmpult $22, $7, $3 + zapnot $4, 15, $7 + mulq $8, $7, $0 + srl $28, 32, $1 + addq $6, $1, $6 + cmpult $5, $25, $1 + zapnot $2, 15, $5 + addq $1, $6, $6 + addq $3, $6, $6 + addq $24, $6, $24 + cmpult $24, $6, $1 + srl $4, 32, $6 + mulq $5, $6, $25 + mulq $7, $5, $5 + addq $1, $23, $23 + addq $0, $25, $0 + cmpult $0, $25, $1 + mulq $6, $8, $6 + beq $1, $381 + sll $21, 32, $1 + addq $6, $1, $6 +$381: + sll $0, 32, $25 + ldq $2, 56($18) + addq $5, $25, $5 + bis $5, $5, $7 + ldq $4, 24($17) + addq $22, $7, $22 + srl $2, 32, $8 + cmpult $22, $7, $3 + zapnot $4, 15, $7 + mulq $8, $7, $28 + srl $0, 32, $1 + addq $6, $1, $6 + cmpult $5, $25, $1 + zapnot $2, 15, $5 + addq $1, $6, $6 + addq $3, $6, $6 + addq $24, $6, $24 + cmpult $24, $6, $1 + srl $4, 32, $6 + mulq $5, $6, $25 + mulq $7, $5, $2 + addq $1, $23, $23 + addq $28, $25, $28 + cmpult $28, $25, $1 + mulq $6, $8, $6 + beq $1, $385 + sll $21, 32, $1 + addq $6, $1, $6 +$385: + sll $28, 32, $25 + addq $2, $25, $2 + bis $2, $2, $7 + addq $22, $7, $22 + stq $22, 80($16) + ldq $4, 32($17) + ldq $5, 56($18) + cmpult $22, $7, $3 + zapnot $4, 15, $7 + srl $5, 32, $8 + mulq $8, $7, $0 + srl $28, 32, $1 + cmpult $2, $25, $2 + addq $6, $1, $6 + addq $2, $6, $6 + addq $3, $6, $6 + addq $24, $6, $24 + cmpult $24, $6, $1 + srl $4, 32, $6 + zapnot $5, 15, $5 + mulq $5, $6, $22 + mulq $7, $5, $2 + addq $1, $23, $23 + addq $0, $22, $0 + cmpult $0, $22, $1 + mulq $6, $8, $6 + beq $1, $389 + sll $21, 32, $1 + addq $6, $1, $6 +$389: + sll $0, 32, $22 + ldq $1, 48($18) + addq $2, $22, $2 + bis $2, $2, $7 + ldq $4, 40($17) + addq $24, $7, $24 + srl $1, 32, $8 + cmpult $24, $7, $3 + zapnot $4, 15, $7 + mulq $8, $7, $25 + zapnot $1, 15, $5 + mulq $7, $5, $21 + srl $0, 32, $1 + cmpult $2, $22, $2 + addq $6, $1, $6 + addq $2, $6, $6 + addq $3, $6, $6 + addq $23, $6, $23 + cmpult $23, $6, $22 + srl $4, 32, $6 + mulq $5, $6, $5 + bis $31, 1, $20 + addq $25, $5, $25 + cmpult $25, $5, $1 + mulq $6, $8, $6 + beq $1, $393 + sll $20, 32, $1 + addq $6, $1, $6 +$393: + sll $25, 32, $5 + ldq $2, 40($18) + addq $21, $5, $21 + bis $21, $21, $7 + ldq $4, 48($17) + addq $24, $7, $24 + srl $2, 32, $8 + cmpult $24, $7, $3 + zapnot $4, 15, $7 + mulq $8, $7, $28 + srl $25, 32, $1 + addq $6, $1, $6 + cmpult $21, $5, $1 + zapnot $2, 15, $5 + addq $1, $6, $6 + addq $3, $6, $6 + addq $23, $6, $23 + cmpult $23, $6, $1 + srl $4, 32, $6 + mulq $5, $6, $25 + mulq $7, $5, $5 + addq $1, $22, $22 + addq $28, $25, $28 + cmpult $28, $25, $1 + mulq $6, $8, $6 + beq $1, $397 + sll $20, 32, $1 + addq $6, $1, $6 +$397: + sll $28, 32, $25 + ldq $2, 32($18) + addq $5, $25, $5 + bis $5, $5, $7 + ldq $4, 56($17) + addq $24, $7, $24 + srl $2, 32, $8 + cmpult $24, $7, $3 + zapnot $4, 15, $7 + mulq $8, $7, $21 + srl $28, 32, $1 + addq $6, $1, $6 + cmpult $5, $25, $1 + zapnot $2, 15, $5 + addq $1, $6, $6 + addq $3, $6, $6 + addq $23, $6, $23 + cmpult $23, $6, $1 + srl $4, 32, $6 + mulq $5, $6, $25 + mulq $7, $5, $2 + addq $1, $22, $22 + addq $21, $25, $21 + cmpult $21, $25, $1 + mulq $6, $8, $6 + beq $1, $401 + sll $20, 32, $1 + addq $6, $1, $6 +$401: + sll $21, 32, $25 + addq $2, $25, $2 + bis $2, $2, $7 + addq $24, $7, $24 + stq $24, 88($16) + ldq $4, 56($17) + ldq $5, 40($18) + cmpult $24, $7, $3 + zapnot $4, 15, $7 + srl $5, 32, $8 + mulq $8, $7, $0 + srl $21, 32, $1 + cmpult $2, $25, $2 + addq $6, $1, $6 + addq $2, $6, $6 + addq $3, $6, $6 + addq $23, $6, $23 + cmpult $23, $6, $1 + srl $4, 32, $6 + zapnot $5, 15, $5 + mulq $5, $6, $24 + mulq $7, $5, $5 + addq $1, $22, $22 + addq $0, $24, $0 + cmpult $0, $24, $1 + mulq $6, $8, $6 + beq $1, $405 + sll $20, 32, $1 + addq $6, $1, $6 +$405: + sll $0, 32, $24 + ldq $2, 48($18) + addq $5, $24, $5 + bis $5, $5, $7 + ldq $4, 48($17) + addq $23, $7, $23 + srl $2, 32, $8 + cmpult $23, $7, $3 + zapnot $4, 15, $7 + mulq $8, $7, $28 + srl $0, 32, $1 + addq $6, $1, $6 + cmpult $5, $24, $1 + zapnot $2, 15, $5 + addq $1, $6, $6 + addq $3, $6, $6 + addq $22, $6, $22 + cmpult $22, $6, $24 + srl $4, 32, $6 + mulq $5, $6, $25 + mulq $7, $5, $5 + addq $28, $25, $28 + cmpult $28, $25, $1 + mulq $6, $8, $6 + beq $1, $409 + sll $20, 32, $1 + addq $6, $1, $6 +$409: + sll $28, 32, $25 + ldq $2, 56($18) + addq $5, $25, $5 + bis $5, $5, $7 + ldq $4, 40($17) + addq $23, $7, $23 + srl $2, 32, $8 + cmpult $23, $7, $3 + zapnot $4, 15, $7 + mulq $8, $7, $0 + srl $28, 32, $1 + addq $6, $1, $6 + cmpult $5, $25, $1 + zapnot $2, 15, $5 + addq $1, $6, $6 + addq $3, $6, $6 + addq $22, $6, $22 + cmpult $22, $6, $1 + srl $4, 32, $6 + mulq $5, $6, $25 + mulq $7, $5, $2 + addq $1, $24, $24 + addq $0, $25, $0 + cmpult $0, $25, $1 + mulq $6, $8, $6 + beq $1, $413 + sll $20, 32, $1 + addq $6, $1, $6 +$413: + sll $0, 32, $25 + addq $2, $25, $2 + bis $2, $2, $7 + addq $23, $7, $23 + stq $23, 96($16) + ldq $4, 48($17) + ldq $5, 56($18) + cmpult $23, $7, $3 + zapnot $4, 15, $7 + srl $5, 32, $8 + mulq $8, $7, $28 + srl $0, 32, $1 + cmpult $2, $25, $2 + addq $6, $1, $6 + addq $2, $6, $6 + addq $3, $6, $6 + addq $22, $6, $22 + cmpult $22, $6, $1 + srl $4, 32, $6 + zapnot $5, 15, $5 + mulq $5, $6, $23 + mulq $7, $5, $5 + addq $1, $24, $24 + addq $28, $23, $28 + cmpult $28, $23, $1 + mulq $6, $8, $6 + beq $1, $417 + sll $20, 32, $1 + addq $6, $1, $6 +$417: + sll $28, 32, $23 + ldq $2, 48($18) + addq $5, $23, $5 + bis $5, $5, $7 + ldq $4, 56($17) + addq $22, $7, $22 + srl $2, 32, $8 + cmpult $22, $7, $3 + zapnot $4, 15, $7 + mulq $8, $7, $0 + srl $28, 32, $1 + addq $6, $1, $6 + cmpult $5, $23, $1 + zapnot $2, 15, $5 + addq $1, $6, $6 + addq $3, $6, $6 + addq $24, $6, $24 + cmpult $24, $6, $23 + srl $4, 32, $6 + mulq $5, $6, $25 + mulq $7, $5, $2 + addq $0, $25, $0 + cmpult $0, $25, $1 + mulq $6, $8, $6 + beq $1, $421 + sll $20, 32, $1 + addq $6, $1, $6 +$421: + sll $0, 32, $25 + addq $2, $25, $2 + bis $2, $2, $7 + addq $22, $7, $22 + stq $22, 104($16) + ldq $4, 56($17) + ldq $5, 56($18) + cmpult $22, $7, $3 + zapnot $4, 15, $7 + srl $5, 32, $8 + mulq $8, $7, $28 + srl $0, 32, $1 + cmpult $2, $25, $2 + addq $6, $1, $6 + addq $2, $6, $6 + addq $3, $6, $6 + addq $24, $6, $24 + cmpult $24, $6, $1 + srl $4, 32, $6 + zapnot $5, 15, $5 + mulq $5, $6, $22 + mulq $7, $5, $2 + addq $1, $23, $23 + addq $28, $22, $28 + cmpult $28, $22, $1 + mulq $6, $8, $3 + beq $1, $425 + sll $20, 32, $1 + addq $3, $1, $3 +$425: + sll $28, 32, $22 + srl $28, 32, $1 + addq $2, $22, $2 + addq $3, $1, $3 + bis $2, $2, $7 + addq $24, $7, $24 + cmpult $7, $22, $1 + cmpult $24, $7, $2 + addq $1, $3, $6 + addq $2, $6, $6 + stq $24, 112($16) + addq $23, $6, $23 + stq $23, 120($16) + ret $31, ($26), 1 + .end bn_mul_comba8 + .text + .align 3 + .globl bn_sqr_comba4 + .ent bn_sqr_comba4 +bn_sqr_comba4: +bn_sqr_comba4..ng: + .frame $30,0,$26,0 + .prologue 0 + + ldq $0, 0($17) + ldq $1, 8($17) + ldq $2, 16($17) + ldq $3, 24($17) + bis $31, $31, $6 + mulq $0, $0, $4 + umulh $0, $0, $5 + stq $4, 0($16) + bis $31, $31, $4 + mulq $0, $1, $7 + umulh $0, $1, $8 + cmplt $7, $31, $22 + cmplt $8, $31, $23 + addq $7, $7, $7 + addq $8, $8, $8 + addq $8, $22, $8 + addq $4, $23, $4 + addq $5, $7, $5 + addq $6, $8, $6 + cmpult $5, $7, $24 + cmpult $6, $8, $25 + addq $6, $24, $6 + addq $4, $25, $4 + stq $5, 8($16) + bis $31, $31, $5 + mulq $1, $1, $27 + umulh $1, $1, $28 + addq $6, $27, $6 + addq $4, $28, $4 + cmpult $6, $27, $21 + cmpult $4, $28, $20 + addq $4, $21, $4 + addq $5, $20, $5 + mulq $2, $0, $19 + umulh $2, $0, $18 + cmplt $19, $31, $17 + cmplt $18, $31, $22 + addq $19, $19, $19 + addq $18, $18, $18 + addq $18, $17, $18 + addq $5, $22, $5 + addq $6, $19, $6 + addq $4, $18, $4 + cmpult $6, $19, $23 + cmpult $4, $18, $7 + addq $4, $23, $4 + addq $5, $7, $5 + stq $6, 16($16) + bis $31, $31, $6 + mulq $3, $0, $8 + umulh $3, $0, $24 + cmplt $8, $31, $25 + cmplt $24, $31, $27 + addq $8, $8, $8 + addq $24, $24, $24 + addq $24, $25, $24 + addq $6, $27, $6 + addq $4, $8, $4 + addq $5, $24, $5 + cmpult $4, $8, $28 + cmpult $5, $24, $21 + addq $5, $28, $5 + addq $6, $21, $6 + mulq $2, $1, $20 + umulh $2, $1, $17 + cmplt $20, $31, $22 + cmplt $17, $31, $19 + addq $20, $20, $20 + addq $17, $17, $17 + addq $17, $22, $17 + addq $6, $19, $6 + addq $4, $20, $4 + addq $5, $17, $5 + cmpult $4, $20, $18 + cmpult $5, $17, $23 + addq $5, $18, $5 + addq $6, $23, $6 + stq $4, 24($16) + bis $31, $31, $4 + mulq $2, $2, $7 + umulh $2, $2, $25 + addq $5, $7, $5 + addq $6, $25, $6 + cmpult $5, $7, $27 + cmpult $6, $25, $8 + addq $6, $27, $6 + addq $4, $8, $4 + mulq $3, $1, $24 + umulh $3, $1, $28 + cmplt $24, $31, $21 + cmplt $28, $31, $22 + addq $24, $24, $24 + addq $28, $28, $28 + addq $28, $21, $28 + addq $4, $22, $4 + addq $5, $24, $5 + addq $6, $28, $6 + cmpult $5, $24, $19 + cmpult $6, $28, $20 + addq $6, $19, $6 + addq $4, $20, $4 + stq $5, 32($16) + bis $31, $31, $5 + mulq $3, $2, $17 + umulh $3, $2, $18 + cmplt $17, $31, $23 + cmplt $18, $31, $7 + addq $17, $17, $17 + addq $18, $18, $18 + addq $18, $23, $18 + addq $5, $7, $5 + addq $6, $17, $6 + addq $4, $18, $4 + cmpult $6, $17, $25 + cmpult $4, $18, $27 + addq $4, $25, $4 + addq $5, $27, $5 + stq $6, 40($16) + bis $31, $31, $6 + mulq $3, $3, $8 + umulh $3, $3, $21 + addq $4, $8, $4 + addq $5, $21, $5 + cmpult $4, $8, $22 + cmpult $5, $21, $24 + addq $5, $22, $5 + addq $6, $24, $6 + stq $4, 48($16) + stq $5, 56($16) + ret $31,($26),1 + .end bn_sqr_comba4 + .text + .align 3 + .globl bn_sqr_comba8 + .ent bn_sqr_comba8 +bn_sqr_comba8: +bn_sqr_comba8..ng: + .frame $30,0,$26,0 + .prologue 0 + ldq $0, 0($17) + ldq $1, 8($17) + ldq $2, 16($17) + ldq $3, 24($17) + ldq $4, 32($17) + ldq $5, 40($17) + ldq $6, 48($17) + ldq $7, 56($17) + bis $31, $31, $23 + mulq $0, $0, $8 + umulh $0, $0, $22 + stq $8, 0($16) + bis $31, $31, $8 + mulq $1, $0, $24 + umulh $1, $0, $25 + cmplt $24, $31, $27 + cmplt $25, $31, $28 + addq $24, $24, $24 + addq $25, $25, $25 + addq $25, $27, $25 + addq $8, $28, $8 + addq $22, $24, $22 + addq $23, $25, $23 + cmpult $22, $24, $21 + cmpult $23, $25, $20 + addq $23, $21, $23 + addq $8, $20, $8 + stq $22, 8($16) + bis $31, $31, $22 + mulq $1, $1, $19 + umulh $1, $1, $18 + addq $23, $19, $23 + addq $8, $18, $8 + cmpult $23, $19, $17 + cmpult $8, $18, $27 + addq $8, $17, $8 + addq $22, $27, $22 + mulq $2, $0, $28 + umulh $2, $0, $24 + cmplt $28, $31, $25 + cmplt $24, $31, $21 + addq $28, $28, $28 + addq $24, $24, $24 + addq $24, $25, $24 + addq $22, $21, $22 + addq $23, $28, $23 + addq $8, $24, $8 + cmpult $23, $28, $20 + cmpult $8, $24, $19 + addq $8, $20, $8 + addq $22, $19, $22 + stq $23, 16($16) + bis $31, $31, $23 + mulq $2, $1, $18 + umulh $2, $1, $17 + cmplt $18, $31, $27 + cmplt $17, $31, $25 + addq $18, $18, $18 + addq $17, $17, $17 + addq $17, $27, $17 + addq $23, $25, $23 + addq $8, $18, $8 + addq $22, $17, $22 + cmpult $8, $18, $21 + cmpult $22, $17, $28 + addq $22, $21, $22 + addq $23, $28, $23 + mulq $3, $0, $24 + umulh $3, $0, $20 + cmplt $24, $31, $19 + cmplt $20, $31, $27 + addq $24, $24, $24 + addq $20, $20, $20 + addq $20, $19, $20 + addq $23, $27, $23 + addq $8, $24, $8 + addq $22, $20, $22 + cmpult $8, $24, $25 + cmpult $22, $20, $18 + addq $22, $25, $22 + addq $23, $18, $23 + stq $8, 24($16) + bis $31, $31, $8 + mulq $2, $2, $17 + umulh $2, $2, $21 + addq $22, $17, $22 + addq $23, $21, $23 + cmpult $22, $17, $28 + cmpult $23, $21, $19 + addq $23, $28, $23 + addq $8, $19, $8 + mulq $3, $1, $27 + umulh $3, $1, $24 + cmplt $27, $31, $20 + cmplt $24, $31, $25 + addq $27, $27, $27 + addq $24, $24, $24 + addq $24, $20, $24 + addq $8, $25, $8 + addq $22, $27, $22 + addq $23, $24, $23 + cmpult $22, $27, $18 + cmpult $23, $24, $17 + addq $23, $18, $23 + addq $8, $17, $8 + mulq $4, $0, $21 + umulh $4, $0, $28 + cmplt $21, $31, $19 + cmplt $28, $31, $20 + addq $21, $21, $21 + addq $28, $28, $28 + addq $28, $19, $28 + addq $8, $20, $8 + addq $22, $21, $22 + addq $23, $28, $23 + cmpult $22, $21, $25 + cmpult $23, $28, $27 + addq $23, $25, $23 + addq $8, $27, $8 + stq $22, 32($16) + bis $31, $31, $22 + mulq $3, $2, $24 + umulh $3, $2, $18 + cmplt $24, $31, $17 + cmplt $18, $31, $19 + addq $24, $24, $24 + addq $18, $18, $18 + addq $18, $17, $18 + addq $22, $19, $22 + addq $23, $24, $23 + addq $8, $18, $8 + cmpult $23, $24, $20 + cmpult $8, $18, $21 + addq $8, $20, $8 + addq $22, $21, $22 + mulq $4, $1, $28 + umulh $4, $1, $25 + cmplt $28, $31, $27 + cmplt $25, $31, $17 + addq $28, $28, $28 + addq $25, $25, $25 + addq $25, $27, $25 + addq $22, $17, $22 + addq $23, $28, $23 + addq $8, $25, $8 + cmpult $23, $28, $19 + cmpult $8, $25, $24 + addq $8, $19, $8 + addq $22, $24, $22 + mulq $5, $0, $18 + umulh $5, $0, $20 + cmplt $18, $31, $21 + cmplt $20, $31, $27 + addq $18, $18, $18 + addq $20, $20, $20 + addq $20, $21, $20 + addq $22, $27, $22 + addq $23, $18, $23 + addq $8, $20, $8 + cmpult $23, $18, $17 + cmpult $8, $20, $28 + addq $8, $17, $8 + addq $22, $28, $22 + stq $23, 40($16) + bis $31, $31, $23 + mulq $3, $3, $25 + umulh $3, $3, $19 + addq $8, $25, $8 + addq $22, $19, $22 + cmpult $8, $25, $24 + cmpult $22, $19, $21 + addq $22, $24, $22 + addq $23, $21, $23 + mulq $4, $2, $27 + umulh $4, $2, $18 + cmplt $27, $31, $20 + cmplt $18, $31, $17 + addq $27, $27, $27 + addq $18, $18, $18 + addq $18, $20, $18 + addq $23, $17, $23 + addq $8, $27, $8 + addq $22, $18, $22 + cmpult $8, $27, $28 + cmpult $22, $18, $25 + addq $22, $28, $22 + addq $23, $25, $23 + mulq $5, $1, $19 + umulh $5, $1, $24 + cmplt $19, $31, $21 + cmplt $24, $31, $20 + addq $19, $19, $19 + addq $24, $24, $24 + addq $24, $21, $24 + addq $23, $20, $23 + addq $8, $19, $8 + addq $22, $24, $22 + cmpult $8, $19, $17 + cmpult $22, $24, $27 + addq $22, $17, $22 + addq $23, $27, $23 + mulq $6, $0, $18 + umulh $6, $0, $28 + cmplt $18, $31, $25 + cmplt $28, $31, $21 + addq $18, $18, $18 + addq $28, $28, $28 + addq $28, $25, $28 + addq $23, $21, $23 + addq $8, $18, $8 + addq $22, $28, $22 + cmpult $8, $18, $20 + cmpult $22, $28, $19 + addq $22, $20, $22 + addq $23, $19, $23 + stq $8, 48($16) + bis $31, $31, $8 + mulq $4, $3, $24 + umulh $4, $3, $17 + cmplt $24, $31, $27 + cmplt $17, $31, $25 + addq $24, $24, $24 + addq $17, $17, $17 + addq $17, $27, $17 + addq $8, $25, $8 + addq $22, $24, $22 + addq $23, $17, $23 + cmpult $22, $24, $21 + cmpult $23, $17, $18 + addq $23, $21, $23 + addq $8, $18, $8 + mulq $5, $2, $28 + umulh $5, $2, $20 + cmplt $28, $31, $19 + cmplt $20, $31, $27 + addq $28, $28, $28 + addq $20, $20, $20 + addq $20, $19, $20 + addq $8, $27, $8 + addq $22, $28, $22 + addq $23, $20, $23 + cmpult $22, $28, $25 + cmpult $23, $20, $24 + addq $23, $25, $23 + addq $8, $24, $8 + mulq $6, $1, $17 + umulh $6, $1, $21 + cmplt $17, $31, $18 + cmplt $21, $31, $19 + addq $17, $17, $17 + addq $21, $21, $21 + addq $21, $18, $21 + addq $8, $19, $8 + addq $22, $17, $22 + addq $23, $21, $23 + cmpult $22, $17, $27 + cmpult $23, $21, $28 + addq $23, $27, $23 + addq $8, $28, $8 + mulq $7, $0, $20 + umulh $7, $0, $25 + cmplt $20, $31, $24 + cmplt $25, $31, $18 + addq $20, $20, $20 + addq $25, $25, $25 + addq $25, $24, $25 + addq $8, $18, $8 + addq $22, $20, $22 + addq $23, $25, $23 + cmpult $22, $20, $19 + cmpult $23, $25, $17 + addq $23, $19, $23 + addq $8, $17, $8 + stq $22, 56($16) + bis $31, $31, $22 + mulq $4, $4, $21 + umulh $4, $4, $27 + addq $23, $21, $23 + addq $8, $27, $8 + cmpult $23, $21, $28 + cmpult $8, $27, $24 + addq $8, $28, $8 + addq $22, $24, $22 + mulq $5, $3, $18 + umulh $5, $3, $20 + cmplt $18, $31, $25 + cmplt $20, $31, $19 + addq $18, $18, $18 + addq $20, $20, $20 + addq $20, $25, $20 + addq $22, $19, $22 + addq $23, $18, $23 + addq $8, $20, $8 + cmpult $23, $18, $17 + cmpult $8, $20, $21 + addq $8, $17, $8 + addq $22, $21, $22 + mulq $6, $2, $27 + umulh $6, $2, $28 + cmplt $27, $31, $24 + cmplt $28, $31, $25 + addq $27, $27, $27 + addq $28, $28, $28 + addq $28, $24, $28 + addq $22, $25, $22 + addq $23, $27, $23 + addq $8, $28, $8 + cmpult $23, $27, $19 + cmpult $8, $28, $18 + addq $8, $19, $8 + addq $22, $18, $22 + mulq $7, $1, $20 + umulh $7, $1, $17 + cmplt $20, $31, $21 + cmplt $17, $31, $24 + addq $20, $20, $20 + addq $17, $17, $17 + addq $17, $21, $17 + addq $22, $24, $22 + addq $23, $20, $23 + addq $8, $17, $8 + cmpult $23, $20, $25 + cmpult $8, $17, $27 + addq $8, $25, $8 + addq $22, $27, $22 + stq $23, 64($16) + bis $31, $31, $23 + mulq $5, $4, $28 + umulh $5, $4, $19 + cmplt $28, $31, $18 + cmplt $19, $31, $21 + addq $28, $28, $28 + addq $19, $19, $19 + addq $19, $18, $19 + addq $23, $21, $23 + addq $8, $28, $8 + addq $22, $19, $22 + cmpult $8, $28, $24 + cmpult $22, $19, $20 + addq $22, $24, $22 + addq $23, $20, $23 + mulq $6, $3, $17 + umulh $6, $3, $25 + cmplt $17, $31, $27 + cmplt $25, $31, $18 + addq $17, $17, $17 + addq $25, $25, $25 + addq $25, $27, $25 + addq $23, $18, $23 + addq $8, $17, $8 + addq $22, $25, $22 + cmpult $8, $17, $21 + cmpult $22, $25, $28 + addq $22, $21, $22 + addq $23, $28, $23 + mulq $7, $2, $19 + umulh $7, $2, $24 + cmplt $19, $31, $20 + cmplt $24, $31, $27 + addq $19, $19, $19 + addq $24, $24, $24 + addq $24, $20, $24 + addq $23, $27, $23 + addq $8, $19, $8 + addq $22, $24, $22 + cmpult $8, $19, $18 + cmpult $22, $24, $17 + addq $22, $18, $22 + addq $23, $17, $23 + stq $8, 72($16) + bis $31, $31, $8 + mulq $5, $5, $25 + umulh $5, $5, $21 + addq $22, $25, $22 + addq $23, $21, $23 + cmpult $22, $25, $28 + cmpult $23, $21, $20 + addq $23, $28, $23 + addq $8, $20, $8 + mulq $6, $4, $27 + umulh $6, $4, $19 + cmplt $27, $31, $24 + cmplt $19, $31, $18 + addq $27, $27, $27 + addq $19, $19, $19 + addq $19, $24, $19 + addq $8, $18, $8 + addq $22, $27, $22 + addq $23, $19, $23 + cmpult $22, $27, $17 + cmpult $23, $19, $25 + addq $23, $17, $23 + addq $8, $25, $8 + mulq $7, $3, $21 + umulh $7, $3, $28 + cmplt $21, $31, $20 + cmplt $28, $31, $24 + addq $21, $21, $21 + addq $28, $28, $28 + addq $28, $20, $28 + addq $8, $24, $8 + addq $22, $21, $22 + addq $23, $28, $23 + cmpult $22, $21, $18 + cmpult $23, $28, $27 + addq $23, $18, $23 + addq $8, $27, $8 + stq $22, 80($16) + bis $31, $31, $22 + mulq $6, $5, $19 + umulh $6, $5, $17 + cmplt $19, $31, $25 + cmplt $17, $31, $20 + addq $19, $19, $19 + addq $17, $17, $17 + addq $17, $25, $17 + addq $22, $20, $22 + addq $23, $19, $23 + addq $8, $17, $8 + cmpult $23, $19, $24 + cmpult $8, $17, $21 + addq $8, $24, $8 + addq $22, $21, $22 + mulq $7, $4, $28 + umulh $7, $4, $18 + cmplt $28, $31, $27 + cmplt $18, $31, $25 + addq $28, $28, $28 + addq $18, $18, $18 + addq $18, $27, $18 + addq $22, $25, $22 + addq $23, $28, $23 + addq $8, $18, $8 + cmpult $23, $28, $20 + cmpult $8, $18, $19 + addq $8, $20, $8 + addq $22, $19, $22 + stq $23, 88($16) + bis $31, $31, $23 + mulq $6, $6, $17 + umulh $6, $6, $24 + addq $8, $17, $8 + addq $22, $24, $22 + cmpult $8, $17, $21 + cmpult $22, $24, $27 + addq $22, $21, $22 + addq $23, $27, $23 + mulq $7, $5, $25 + umulh $7, $5, $28 + cmplt $25, $31, $18 + cmplt $28, $31, $20 + addq $25, $25, $25 + addq $28, $28, $28 + addq $28, $18, $28 + addq $23, $20, $23 + addq $8, $25, $8 + addq $22, $28, $22 + cmpult $8, $25, $19 + cmpult $22, $28, $17 + addq $22, $19, $22 + addq $23, $17, $23 + stq $8, 96($16) + bis $31, $31, $8 + mulq $7, $6, $24 + umulh $7, $6, $21 + cmplt $24, $31, $27 + cmplt $21, $31, $18 + addq $24, $24, $24 + addq $21, $21, $21 + addq $21, $27, $21 + addq $8, $18, $8 + addq $22, $24, $22 + addq $23, $21, $23 + cmpult $22, $24, $20 + cmpult $23, $21, $25 + addq $23, $20, $23 + addq $8, $25, $8 + stq $22, 104($16) + bis $31, $31, $22 + mulq $7, $7, $28 + umulh $7, $7, $19 + addq $23, $28, $23 + addq $8, $19, $8 + cmpult $23, $28, $17 + cmpult $8, $19, $27 + addq $8, $17, $8 + addq $22, $27, $22 + stq $23, 112($16) + stq $8, 120($16) + ret $31,($26),1 + .end bn_sqr_comba8 diff --git a/src/lib/libcrypto/bn/asm/mips3.s b/src/lib/libcrypto/bn/asm/mips3.s index 191345d920..dca4105c7d 100644 --- a/src/lib/libcrypto/bn/asm/mips3.s +++ b/src/lib/libcrypto/bn/asm/mips3.s @@ -1,5 +1,5 @@ .rdata -.asciiz "mips3.s, Version 1.0" +.asciiz "mips3.s, Version 1.1" .asciiz "MIPS III/IV ISA artwork by Andy Polyakov " /* @@ -395,32 +395,32 @@ LEAF(bn_add_words) .L_bn_add_words_loop: ld ta0,0(a2) + subu a3,4 ld t1,8(a1) - ld ta1,8(a2) + and AT,a3,MINUS4 ld t2,16(a1) - ld ta2,16(a2) + PTR_ADD a2,32 ld t3,24(a1) - ld ta3,24(a2) + PTR_ADD a0,32 + ld ta1,-24(a2) + PTR_ADD a1,32 + ld ta2,-16(a2) + ld ta3,-8(a2) daddu ta0,t0 - subu a3,4 sltu t8,ta0,t0 daddu t0,ta0,v0 - PTR_ADD a0,32 sltu v0,t0,ta0 sd t0,-32(a0) daddu v0,t8 daddu ta1,t1 - PTR_ADD a1,32 sltu t9,ta1,t1 daddu t1,ta1,v0 - PTR_ADD a2,32 sltu v0,t1,ta1 sd t1,-24(a0) daddu v0,t9 daddu ta2,t2 - and AT,a3,MINUS4 sltu t8,ta2,t2 daddu t2,ta2,v0 sltu v0,t2,ta2 @@ -495,25 +495,26 @@ LEAF(bn_sub_words) .L_bn_sub_words_loop: ld ta0,0(a2) + subu a3,4 ld t1,8(a1) - ld ta1,8(a2) + and AT,a3,MINUS4 ld t2,16(a1) - ld ta2,16(a2) + PTR_ADD a2,32 ld t3,24(a1) - ld ta3,24(a2) + PTR_ADD a0,32 + ld ta1,-24(a2) + PTR_ADD a1,32 + ld ta2,-16(a2) + ld ta3,-8(a2) sltu t8,t0,ta0 dsubu t0,ta0 - subu a3,4 dsubu ta0,t0,v0 - and AT,a3,MINUS4 - sd ta0,0(a0) + sd ta0,-32(a0) MOVNZ (t0,v0,t8) sltu t9,t1,ta1 dsubu t1,ta1 - PTR_ADD a0,32 dsubu ta1,t1,v0 - PTR_ADD a1,32 sd ta1,-24(a0) MOVNZ (t1,v0,t9) @@ -521,7 +522,6 @@ LEAF(bn_sub_words) sltu t8,t2,ta2 dsubu t2,ta2 dsubu ta2,t2,v0 - PTR_ADD a2,32 sd ta2,-16(a0) MOVNZ (t2,v0,t8) @@ -574,6 +574,51 @@ END(bn_sub_words) #undef MINUS4 +.align 5 +LEAF(bn_div_3_words) + .set reorder + move a3,a0 /* we know that bn_div_words doesn't + * touch a3, ta2, ta3 and preserves a2 + * so that we can save two arguments + * and return address in registers + * instead of stack:-) + */ + ld a0,(a3) + move ta2,a1 + ld a1,-8(a3) + bne a0,a2,.L_bn_div_3_words_proceed + li v0,-1 + jr ra +.L_bn_div_3_words_proceed: + move ta3,ra + bal bn_div_words + move ra,ta3 + dmultu ta2,v0 + ld t2,-16(a3) + move ta0,zero + mfhi t1 + mflo t0 + sltu t8,t1,v1 +.L_bn_div_3_words_inner_loop: + bnez t8,.L_bn_div_3_words_inner_loop_done + sgeu AT,t2,t0 + seq t9,t1,v1 + and AT,t9 + sltu t3,t0,ta2 + daddu v1,a2 + dsubu t1,t3 + dsubu t0,ta2 + sltu t8,t1,v1 + sltu ta0,v1,a2 + or t8,ta0 + .set noreorder + beqzl AT,.L_bn_div_3_words_inner_loop + dsubu v0,1 + .set reorder +.L_bn_div_3_words_inner_loop_done: + jr ra +END(bn_div_3_words) + .align 5 LEAF(bn_div_words) .set noreorder @@ -633,16 +678,16 @@ LEAF(bn_div_words) seq t8,HH,t1 sltu AT,HH,t1 and t2,t8 + sltu v0,t0,a2 or AT,t2 .set noreorder beqz AT,.L_bn_div_words_inner_loop1_done - sltu t2,t0,a2 - .set reorder - dsubu QT,1 + dsubu t1,v0 dsubu t0,a2 - dsubu t1,t2 b .L_bn_div_words_inner_loop1 -.L_bn_div_words_inner_loop1_done: + dsubu QT,1 + .set reorder +.L_bn_div_words_inner_loop1_done: dsll a1,32 dsubu a0,t3,t0 @@ -655,6 +700,7 @@ LEAF(bn_div_words) ddivu zero,a0,DH mflo QT .L_bn_div_words_skip_div2: +#undef DH dmultu a2,QT dsll t3,a0,32 dsrl AT,a1,32 @@ -666,69 +712,26 @@ LEAF(bn_div_words) seq t8,HH,t1 sltu AT,HH,t1 and t2,t8 + sltu v1,t0,a2 or AT,t2 .set noreorder beqz AT,.L_bn_div_words_inner_loop2_done - sltu t2,t0,a2 - .set reorder - dsubu QT,1 + dsubu t1,v1 dsubu t0,a2 - dsubu t1,t2 b .L_bn_div_words_inner_loop2 + dsubu QT,1 + .set reorder .L_bn_div_words_inner_loop2_done: +#undef HH dsubu a0,t3,t0 or v0,QT dsrl v1,a0,t9 /* v1 contains remainder if anybody wants it */ dsrl a2,t9 /* restore a2 */ jr ra -#undef HH -#undef DH #undef QT END(bn_div_words) -.align 5 -LEAF(bn_div_3_words) - .set reorder - move a3,a0 /* we know that bn_div_words doesn't - * touch a3, ta2, ta3 and preserves a2 - * so that we can save two arguments - * and return address in registers - * instead of stack:-) - */ - ld a0,(a3) - move ta2,a2 - move a2,a1 - ld a1,-8(a3) - move ta3,ra - move v1,zero - li v0,-1 - beq a0,a2,.L_bn_div_3_words_skip_div - jal bn_div_words - move ra,ta3 -.L_bn_div_3_words_skip_div: - dmultu ta2,v0 - ld t2,-16(a3) - mflo t0 - mfhi t1 -.L_bn_div_3_words_inner_loop: - sgeu AT,t2,t0 - seq t9,t1,v1 - sltu t8,t1,v1 - and AT,t9 - or AT,t8 - bnez AT,.L_bn_div_3_words_inner_loop_done - daddu v1,a2 - sltu t3,t0,ta2 - sltu AT,v1,a2 - dsubu v0,1 - dsubu t0,ta2 - dsubu t1,t3 - beqz AT,.L_bn_div_3_words_inner_loop -.L_bn_div_3_words_inner_loop_done: - jr ra -END(bn_div_3_words) - #define a_0 t0 #define a_1 t1 #define a_2 t2 @@ -846,6 +849,7 @@ LEAF(bn_mul_comba8) sltu AT,c_1,t_1 daddu t_2,AT daddu c_2,t_2 + sltu c_3,c_2,t_2 dmultu a_1,b_2 /* mul_add_c(a[1],b[2],c1,c2,c3); */ mflo t_1 mfhi t_2 @@ -853,7 +857,8 @@ LEAF(bn_mul_comba8) sltu AT,c_1,t_1 daddu t_2,AT daddu c_2,t_2 - sltu c_3,c_2,t_2 + sltu AT,c_2,t_2 + daddu c_3,AT dmultu a_2,b_1 /* mul_add_c(a[2],b[1],c1,c2,c3); */ mflo t_1 mfhi t_2 @@ -881,6 +886,7 @@ LEAF(bn_mul_comba8) sltu AT,c_2,t_1 daddu t_2,AT daddu c_3,t_2 + sltu c_1,c_3,t_2 dmultu a_3,b_1 /* mul_add_c(a[3],b[1],c2,c3,c1); */ mflo t_1 mfhi t_2 @@ -888,7 +894,8 @@ LEAF(bn_mul_comba8) sltu AT,c_2,t_1 daddu t_2,AT daddu c_3,t_2 - sltu c_1,c_3,t_2 + sltu AT,c_3,t_2 + daddu c_1,AT dmultu a_2,b_2 /* mul_add_c(a[2],b[2],c2,c3,c1); */ mflo t_1 mfhi t_2 @@ -925,6 +932,7 @@ LEAF(bn_mul_comba8) sltu AT,c_3,t_1 daddu t_2,AT daddu c_1,t_2 + sltu c_2,c_1,t_2 dmultu a_1,b_4 /* mul_add_c(a[1],b[4],c3,c1,c2); */ mflo t_1 mfhi t_2 @@ -932,7 +940,8 @@ LEAF(bn_mul_comba8) sltu AT,c_3,t_1 daddu t_2,AT daddu c_1,t_2 - sltu c_2,c_1,t_2 + sltu AT,c_1,t_2 + daddu c_2,AT dmultu a_2,b_3 /* mul_add_c(a[2],b[3],c3,c1,c2); */ mflo t_1 mfhi t_2 @@ -978,6 +987,7 @@ LEAF(bn_mul_comba8) sltu AT,c_1,t_1 daddu t_2,AT daddu c_2,t_2 + sltu c_3,c_2,t_2 dmultu a_5,b_1 /* mul_add_c(a[5],b[1],c1,c2,c3); */ mflo t_1 mfhi t_2 @@ -985,7 +995,8 @@ LEAF(bn_mul_comba8) sltu AT,c_1,t_1 daddu t_2,AT daddu c_2,t_2 - sltu c_3,c_2,t_2 + sltu AT,c_2,t_2 + daddu c_3,AT dmultu a_4,b_2 /* mul_add_c(a[4],b[2],c1,c2,c3); */ mflo t_1 mfhi t_2 @@ -1040,6 +1051,7 @@ LEAF(bn_mul_comba8) sltu AT,c_2,t_1 daddu t_2,AT daddu c_3,t_2 + sltu c_1,c_3,t_2 dmultu a_1,b_6 /* mul_add_c(a[1],b[6],c2,c3,c1); */ mflo t_1 mfhi t_2 @@ -1047,7 +1059,8 @@ LEAF(bn_mul_comba8) sltu AT,c_2,t_1 daddu t_2,AT daddu c_3,t_2 - sltu c_1,c_3,t_2 + sltu AT,c_3,t_2 + daddu c_1,AT dmultu a_2,b_5 /* mul_add_c(a[2],b[5],c2,c3,c1); */ mflo t_1 mfhi t_2 @@ -1111,6 +1124,7 @@ LEAF(bn_mul_comba8) sltu AT,c_3,t_1 daddu t_2,AT daddu c_1,t_2 + sltu c_2,c_1,t_2 dmultu a_6,b_2 /* mul_add_c(a[6],b[2],c3,c1,c2); */ mflo t_1 mfhi t_2 @@ -1118,7 +1132,8 @@ LEAF(bn_mul_comba8) sltu AT,c_3,t_1 daddu t_2,AT daddu c_1,t_2 - sltu c_2,c_1,t_2 + sltu AT,c_1,t_2 + daddu c_2,AT dmultu a_5,b_3 /* mul_add_c(a[5],b[3],c3,c1,c2); */ mflo t_1 mfhi t_2 @@ -1173,6 +1188,7 @@ LEAF(bn_mul_comba8) sltu AT,c_1,t_1 daddu t_2,AT daddu c_2,t_2 + sltu c_3,c_2,t_2 dmultu a_3,b_6 /* mul_add_c(a[3],b[6],c1,c2,c3); */ mflo t_1 mfhi t_2 @@ -1180,7 +1196,8 @@ LEAF(bn_mul_comba8) sltu AT,c_1,t_1 daddu t_2,AT daddu c_2,t_2 - sltu c_3,c_2,t_2 + sltu AT,c_2,t_2 + daddu c_3,AT dmultu a_4,b_5 /* mul_add_c(a[4],b[5],c1,c2,c3); */ mflo t_1 mfhi t_2 @@ -1226,6 +1243,7 @@ LEAF(bn_mul_comba8) sltu AT,c_2,t_1 daddu t_2,AT daddu c_3,t_2 + sltu c_1,c_3,t_2 dmultu a_6,b_4 /* mul_add_c(a[6],b[4],c2,c3,c1); */ mflo t_1 mfhi t_2 @@ -1233,7 +1251,8 @@ LEAF(bn_mul_comba8) sltu AT,c_2,t_1 daddu t_2,AT daddu c_3,t_2 - sltu c_1,c_3,t_2 + sltu AT,c_3,t_2 + daddu c_1,AT dmultu a_5,b_5 /* mul_add_c(a[5],b[5],c2,c3,c1); */ mflo t_1 mfhi t_2 @@ -1270,6 +1289,7 @@ LEAF(bn_mul_comba8) sltu AT,c_3,t_1 daddu t_2,AT daddu c_1,t_2 + sltu c_2,c_1,t_2 dmultu a_5,b_6 /* mul_add_c(a[5],b[6],c3,c1,c2); */ mflo t_1 mfhi t_2 @@ -1277,7 +1297,8 @@ LEAF(bn_mul_comba8) sltu AT,c_3,t_1 daddu t_2,AT daddu c_1,t_2 - sltu c_2,c_1,t_2 + sltu AT,c_1,t_2 + daddu c_2,AT dmultu a_6,b_5 /* mul_add_c(a[6],b[5],c3,c1,c2); */ mflo t_1 mfhi t_2 @@ -1305,6 +1326,7 @@ LEAF(bn_mul_comba8) sltu AT,c_1,t_1 daddu t_2,AT daddu c_2,t_2 + sltu c_3,c_2,t_2 dmultu a_6,b_6 /* mul_add_c(a[6],b[6],c1,c2,c3); */ mflo t_1 mfhi t_2 @@ -1312,7 +1334,8 @@ LEAF(bn_mul_comba8) sltu AT,c_1,t_1 daddu t_2,AT daddu c_2,t_2 - sltu c_3,c_2,t_2 + sltu AT,c_2,t_2 + daddu c_3,AT dmultu a_5,b_7 /* mul_add_c(a[5],b[7],c1,c2,c3); */ mflo t_1 mfhi t_2 @@ -1331,6 +1354,7 @@ LEAF(bn_mul_comba8) sltu AT,c_2,t_1 daddu t_2,AT daddu c_3,t_2 + sltu c_1,c_3,t_2 dmultu a_7,b_6 /* mul_add_c(a[7],b[6],c2,c3,c1); */ mflo t_1 mfhi t_2 @@ -1338,7 +1362,8 @@ LEAF(bn_mul_comba8) sltu AT,c_2,t_1 daddu t_2,AT daddu c_3,t_2 - sltu c_1,c_3,t_2 + sltu AT,c_3,t_2 + daddu c_1,AT sd c_2,104(a0) /* r[13]=c2; */ dmultu a_7,b_7 /* mul_add_c(a[7],b[7],c3,c1,c2); */ @@ -1427,6 +1452,7 @@ LEAF(bn_mul_comba4) sltu AT,c_1,t_1 daddu t_2,AT daddu c_2,t_2 + sltu c_3,c_2,t_2 dmultu a_1,b_2 /* mul_add_c(a[1],b[2],c1,c2,c3); */ mflo t_1 mfhi t_2 @@ -1434,7 +1460,8 @@ LEAF(bn_mul_comba4) sltu AT,c_1,t_1 daddu t_2,AT daddu c_2,t_2 - sltu c_3,c_2,t_2 + sltu AT,c_2,t_2 + daddu c_3,AT dmultu a_2,b_1 /* mul_add_c(a[2],b[1],c1,c2,c3); */ mflo t_1 mfhi t_2 @@ -1462,6 +1489,7 @@ LEAF(bn_mul_comba4) sltu AT,c_2,t_1 daddu t_2,AT daddu c_3,t_2 + sltu c_1,c_3,t_2 dmultu a_2,b_2 /* mul_add_c(a[2],b[2],c2,c3,c1); */ mflo t_1 mfhi t_2 @@ -1469,7 +1497,8 @@ LEAF(bn_mul_comba4) sltu AT,c_2,t_1 daddu t_2,AT daddu c_3,t_2 - sltu c_1,c_3,t_2 + sltu AT,c_3,t_2 + daddu c_1,AT dmultu a_1,b_3 /* mul_add_c(a[1],b[3],c2,c3,c1); */ mflo t_1 mfhi t_2 @@ -1488,6 +1517,7 @@ LEAF(bn_mul_comba4) sltu AT,c_3,t_1 daddu t_2,AT daddu c_1,t_2 + sltu c_2,c_1,t_2 dmultu a_3,b_2 /* mul_add_c(a[3],b[2],c3,c1,c2); */ mflo t_1 mfhi t_2 @@ -1495,7 +1525,8 @@ LEAF(bn_mul_comba4) sltu AT,c_3,t_1 daddu t_2,AT daddu c_1,t_2 - sltu c_2,c_1,t_2 + sltu AT,c_1,t_2 + daddu c_2,AT sd c_3,40(a0) dmultu a_3,b_3 /* mul_add_c(a[3],b[3],c1,c2,c3); */ @@ -1540,28 +1571,30 @@ LEAF(bn_sqr_comba8) dmultu a_0,a_1 /* mul_add_c2(a[0],b[1],c2,c3,c1); */ mflo t_1 mfhi t_2 + slt c_1,t_2,zero + dsll t_2,1 + slt a2,t_1,zero + daddu t_2,a2 + dsll t_1,1 daddu c_2,t_1 sltu AT,c_2,t_1 daddu c_3,t_2,AT - daddu c_2,t_1 - sltu AT,c_2,t_1 - daddu t_2,AT - daddu c_3,t_2 - sltu c_1,c_3,t_2 sd c_2,8(a0) dmultu a_2,a_0 /* mul_add_c2(a[2],b[0],c3,c1,c2); */ mflo t_1 mfhi t_2 - daddu c_3,t_1 - sltu AT,c_3,t_1 - daddu a2,t_2,AT - daddu c_1,a2 + slt c_2,t_2,zero + dsll t_2,1 + slt a2,t_1,zero + daddu t_2,a2 + dsll t_1,1 daddu c_3,t_1 sltu AT,c_3,t_1 daddu t_2,AT daddu c_1,t_2 - sltu c_2,c_1,t_2 + sltu AT,c_1,t_2 + daddu c_2,AT dmultu a_1,a_1 /* mul_add_c(a[1],b[1],c3,c1,c2); */ mflo t_1 mfhi t_2 @@ -1576,24 +1609,26 @@ LEAF(bn_sqr_comba8) dmultu a_0,a_3 /* mul_add_c2(a[0],b[3],c1,c2,c3); */ mflo t_1 mfhi t_2 - daddu c_1,t_1 - sltu AT,c_1,t_1 - daddu a2,t_2,AT - daddu c_2,a2 + slt c_3,t_2,zero + dsll t_2,1 + slt a2,t_1,zero + daddu t_2,a2 + dsll t_1,1 daddu c_1,t_1 sltu AT,c_1,t_1 daddu t_2,AT daddu c_2,t_2 - sltu c_3,c_2,t_2 + sltu AT,c_2,t_2 + daddu c_3,AT dmultu a_1,a_2 /* mul_add_c2(a[1],b[2],c1,c2,c3); */ mflo t_1 mfhi t_2 - daddu c_1,t_1 - sltu AT,c_1,t_1 - daddu a2,t_2,AT - daddu c_2,a2 - sltu AT,c_2,a2 + slt AT,t_2,zero daddu c_3,AT + dsll t_2,1 + slt a2,t_1,zero + daddu t_2,a2 + dsll t_1,1 daddu c_1,t_1 sltu AT,c_1,t_1 daddu t_2,AT @@ -1605,24 +1640,26 @@ LEAF(bn_sqr_comba8) dmultu a_4,a_0 /* mul_add_c2(a[4],b[0],c2,c3,c1); */ mflo t_1 mfhi t_2 - daddu c_2,t_1 - sltu AT,c_2,t_1 - daddu a2,t_2,AT - daddu c_3,a2 + slt c_1,t_2,zero + dsll t_2,1 + slt a2,t_1,zero + daddu t_2,a2 + dsll t_1,1 daddu c_2,t_1 sltu AT,c_2,t_1 daddu t_2,AT daddu c_3,t_2 - sltu c_1,c_3,t_2 + sltu AT,c_3,t_2 + daddu c_1,AT dmultu a_3,a_1 /* mul_add_c2(a[3],b[1],c2,c3,c1); */ mflo t_1 mfhi t_2 - daddu c_2,t_1 - sltu AT,c_2,t_1 - daddu a2,t_2,AT - daddu c_3,a2 - sltu AT,c_3,a2 + slt AT,t_2,zero daddu c_1,AT + dsll t_2,1 + slt a2,t_1,zero + daddu t_2,a2 + dsll t_1,1 daddu c_2,t_1 sltu AT,c_2,t_1 daddu t_2,AT @@ -1643,24 +1680,26 @@ LEAF(bn_sqr_comba8) dmultu a_0,a_5 /* mul_add_c2(a[0],b[5],c3,c1,c2); */ mflo t_1 mfhi t_2 - daddu c_3,t_1 - sltu AT,c_3,t_1 - daddu a2,t_2,AT - daddu c_1,a2 + slt c_2,t_2,zero + dsll t_2,1 + slt a2,t_1,zero + daddu t_2,a2 + dsll t_1,1 daddu c_3,t_1 sltu AT,c_3,t_1 daddu t_2,AT daddu c_1,t_2 - sltu c_2,c_1,t_2 + sltu AT,c_1,t_2 + daddu c_2,AT dmultu a_1,a_4 /* mul_add_c2(a[1],b[4],c3,c1,c2); */ mflo t_1 mfhi t_2 - daddu c_3,t_1 - sltu AT,c_3,t_1 - daddu a2,t_2,AT - daddu c_1,a2 - sltu AT,c_1,a2 + slt AT,t_2,zero daddu c_2,AT + dsll t_2,1 + slt a2,t_1,zero + daddu t_2,a2 + dsll t_1,1 daddu c_3,t_1 sltu AT,c_3,t_1 daddu t_2,AT @@ -1670,12 +1709,12 @@ LEAF(bn_sqr_comba8) dmultu a_2,a_3 /* mul_add_c2(a[2],b[3],c3,c1,c2); */ mflo t_1 mfhi t_2 - daddu c_3,t_1 - sltu AT,c_3,t_1 - daddu a2,t_2,AT - daddu c_1,a2 - sltu AT,c_1,a2 + slt AT,t_2,zero daddu c_2,AT + dsll t_2,1 + slt a2,t_1,zero + daddu t_2,a2 + dsll t_1,1 daddu c_3,t_1 sltu AT,c_3,t_1 daddu t_2,AT @@ -1687,24 +1726,26 @@ LEAF(bn_sqr_comba8) dmultu a_6,a_0 /* mul_add_c2(a[6],b[0],c1,c2,c3); */ mflo t_1 mfhi t_2 - daddu c_1,t_1 - sltu AT,c_1,t_1 - daddu a2,t_2,AT - daddu c_2,a2 + slt c_3,t_2,zero + dsll t_2,1 + slt a2,t_1,zero + daddu t_2,a2 + dsll t_1,1 daddu c_1,t_1 sltu AT,c_1,t_1 daddu t_2,AT daddu c_2,t_2 - sltu c_3,c_2,t_2 + sltu AT,c_2,t_2 + daddu c_3,AT dmultu a_5,a_1 /* mul_add_c2(a[5],b[1],c1,c2,c3); */ mflo t_1 mfhi t_2 - daddu c_1,t_1 - sltu AT,c_1,t_1 - daddu a2,t_2,AT - daddu c_2,a2 - sltu AT,c_2,a2 + slt AT,t_2,zero daddu c_3,AT + dsll t_2,1 + slt a2,t_1,zero + daddu t_2,a2 + dsll t_1,1 daddu c_1,t_1 sltu AT,c_1,t_1 daddu t_2,AT @@ -1714,12 +1755,12 @@ LEAF(bn_sqr_comba8) dmultu a_4,a_2 /* mul_add_c2(a[4],b[2],c1,c2,c3); */ mflo t_1 mfhi t_2 - daddu c_1,t_1 - sltu AT,c_1,t_1 - daddu a2,t_2,AT - daddu c_2,a2 - sltu AT,c_2,a2 + slt AT,t_2,zero daddu c_3,AT + dsll t_2,1 + slt a2,t_1,zero + daddu t_2,a2 + dsll t_1,1 daddu c_1,t_1 sltu AT,c_1,t_1 daddu t_2,AT @@ -1740,24 +1781,26 @@ LEAF(bn_sqr_comba8) dmultu a_0,a_7 /* mul_add_c2(a[0],b[7],c2,c3,c1); */ mflo t_1 mfhi t_2 - daddu c_2,t_1 - sltu AT,c_2,t_1 - daddu a2,t_2,AT - daddu c_3,a2 + slt c_1,t_2,zero + dsll t_2,1 + slt a2,t_1,zero + daddu t_2,a2 + dsll t_1,1 daddu c_2,t_1 sltu AT,c_2,t_1 daddu t_2,AT daddu c_3,t_2 - sltu c_1,c_3,t_2 + sltu AT,c_3,t_2 + daddu c_1,AT dmultu a_1,a_6 /* mul_add_c2(a[1],b[6],c2,c3,c1); */ mflo t_1 mfhi t_2 - daddu c_2,t_1 - sltu AT,c_2,t_1 - daddu a2,t_2,AT - daddu c_3,a2 - sltu AT,c_3,a2 + slt AT,t_2,zero daddu c_1,AT + dsll t_2,1 + slt a2,t_1,zero + daddu t_2,a2 + dsll t_1,1 daddu c_2,t_1 sltu AT,c_2,t_1 daddu t_2,AT @@ -1767,12 +1810,12 @@ LEAF(bn_sqr_comba8) dmultu a_2,a_5 /* mul_add_c2(a[2],b[5],c2,c3,c1); */ mflo t_1 mfhi t_2 - daddu c_2,t_1 - sltu AT,c_2,t_1 - daddu a2,t_2,AT - daddu c_3,a2 - sltu AT,c_3,a2 + slt AT,t_2,zero daddu c_1,AT + dsll t_2,1 + slt a2,t_1,zero + daddu t_2,a2 + dsll t_1,1 daddu c_2,t_1 sltu AT,c_2,t_1 daddu t_2,AT @@ -1782,12 +1825,12 @@ LEAF(bn_sqr_comba8) dmultu a_3,a_4 /* mul_add_c2(a[3],b[4],c2,c3,c1); */ mflo t_1 mfhi t_2 - daddu c_2,t_1 - sltu AT,c_2,t_1 - daddu a2,t_2,AT - daddu c_3,a2 - sltu AT,c_3,a2 + slt AT,t_2,zero daddu c_1,AT + dsll t_2,1 + slt a2,t_1,zero + daddu t_2,a2 + dsll t_1,1 daddu c_2,t_1 sltu AT,c_2,t_1 daddu t_2,AT @@ -1799,24 +1842,26 @@ LEAF(bn_sqr_comba8) dmultu a_7,a_1 /* mul_add_c2(a[7],b[1],c3,c1,c2); */ mflo t_1 mfhi t_2 - daddu c_3,t_1 - sltu AT,c_3,t_1 - daddu a2,t_2,AT - daddu c_1,a2 + slt c_2,t_2,zero + dsll t_2,1 + slt a2,t_1,zero + daddu t_2,a2 + dsll t_1,1 daddu c_3,t_1 sltu AT,c_3,t_1 daddu t_2,AT daddu c_1,t_2 - sltu c_2,c_1,t_2 + sltu AT,c_1,t_2 + daddu c_2,AT dmultu a_6,a_2 /* mul_add_c2(a[6],b[2],c3,c1,c2); */ mflo t_1 mfhi t_2 - daddu c_3,t_1 - sltu AT,c_3,t_1 - daddu a2,t_2,AT - daddu c_1,a2 - sltu AT,c_1,a2 + slt AT,t_2,zero daddu c_2,AT + dsll t_2,1 + slt a2,t_1,zero + daddu t_2,a2 + dsll t_1,1 daddu c_3,t_1 sltu AT,c_3,t_1 daddu t_2,AT @@ -1826,12 +1871,12 @@ LEAF(bn_sqr_comba8) dmultu a_5,a_3 /* mul_add_c2(a[5],b[3],c3,c1,c2); */ mflo t_1 mfhi t_2 - daddu c_3,t_1 - sltu AT,c_3,t_1 - daddu a2,t_2,AT - daddu c_1,a2 - sltu AT,c_1,a2 + slt AT,t_2,zero daddu c_2,AT + dsll t_2,1 + slt a2,t_1,zero + daddu t_2,a2 + dsll t_1,1 daddu c_3,t_1 sltu AT,c_3,t_1 daddu t_2,AT @@ -1852,24 +1897,26 @@ LEAF(bn_sqr_comba8) dmultu a_2,a_7 /* mul_add_c2(a[2],b[7],c1,c2,c3); */ mflo t_1 mfhi t_2 - daddu c_1,t_1 - sltu AT,c_1,t_1 - daddu a2,t_2,AT - daddu c_2,a2 + slt c_3,t_2,zero + dsll t_2,1 + slt a2,t_1,zero + daddu t_2,a2 + dsll t_1,1 daddu c_1,t_1 sltu AT,c_1,t_1 daddu t_2,AT daddu c_2,t_2 - sltu c_3,c_2,t_2 + sltu AT,c_2,t_2 + daddu c_3,AT dmultu a_3,a_6 /* mul_add_c2(a[3],b[6],c1,c2,c3); */ mflo t_1 mfhi t_2 - daddu c_1,t_1 - sltu AT,c_1,t_1 - daddu a2,t_2,AT - daddu c_2,a2 - sltu AT,c_2,a2 + slt AT,t_2,zero daddu c_3,AT + dsll t_2,1 + slt a2,t_1,zero + daddu t_2,a2 + dsll t_1,1 daddu c_1,t_1 sltu AT,c_1,t_1 daddu t_2,AT @@ -1879,12 +1926,12 @@ LEAF(bn_sqr_comba8) dmultu a_4,a_5 /* mul_add_c2(a[4],b[5],c1,c2,c3); */ mflo t_1 mfhi t_2 - daddu c_1,t_1 - sltu AT,c_1,t_1 - daddu a2,t_2,AT - daddu c_2,a2 - sltu AT,c_2,a2 + slt AT,t_2,zero daddu c_3,AT + dsll t_2,1 + slt a2,t_1,zero + daddu t_2,a2 + dsll t_1,1 daddu c_1,t_1 sltu AT,c_1,t_1 daddu t_2,AT @@ -1896,24 +1943,26 @@ LEAF(bn_sqr_comba8) dmultu a_7,a_3 /* mul_add_c2(a[7],b[3],c2,c3,c1); */ mflo t_1 mfhi t_2 - daddu c_2,t_1 - sltu AT,c_2,t_1 - daddu a2,t_2,AT - daddu c_3,a2 + slt c_1,t_2,zero + dsll t_2,1 + slt a2,t_1,zero + daddu t_2,a2 + dsll t_1,1 daddu c_2,t_1 sltu AT,c_2,t_1 daddu t_2,AT daddu c_3,t_2 - sltu c_1,c_3,t_2 + sltu AT,c_3,t_2 + daddu c_1,AT dmultu a_6,a_4 /* mul_add_c2(a[6],b[4],c2,c3,c1); */ mflo t_1 mfhi t_2 - daddu c_2,t_1 - sltu AT,c_2,t_1 - daddu a2,t_2,AT - daddu c_3,a2 - sltu AT,c_3,a2 + slt AT,t_2,zero daddu c_1,AT + dsll t_2,1 + slt a2,t_1,zero + daddu t_2,a2 + dsll t_1,1 daddu c_2,t_1 sltu AT,c_2,t_1 daddu t_2,AT @@ -1934,24 +1983,26 @@ LEAF(bn_sqr_comba8) dmultu a_4,a_7 /* mul_add_c2(a[4],b[7],c3,c1,c2); */ mflo t_1 mfhi t_2 - daddu c_3,t_1 - sltu AT,c_3,t_1 - daddu a2,t_2,AT - daddu c_1,a2 + slt c_2,t_2,zero + dsll t_2,1 + slt a2,t_1,zero + daddu t_2,a2 + dsll t_1,1 daddu c_3,t_1 sltu AT,c_3,t_1 daddu t_2,AT daddu c_1,t_2 - sltu c_2,c_1,t_2 + sltu AT,c_1,t_2 + daddu c_2,AT dmultu a_5,a_6 /* mul_add_c2(a[5],b[6],c3,c1,c2); */ mflo t_1 mfhi t_2 - daddu c_3,t_1 - sltu AT,c_3,t_1 - daddu a2,t_2,AT - daddu c_1,a2 - sltu AT,c_1,a2 + slt AT,t_2,zero daddu c_2,AT + dsll t_2,1 + slt a2,t_1,zero + daddu t_2,a2 + dsll t_1,1 daddu c_3,t_1 sltu AT,c_3,t_1 daddu t_2,AT @@ -1963,15 +2014,17 @@ LEAF(bn_sqr_comba8) dmultu a_7,a_5 /* mul_add_c2(a[7],b[5],c1,c2,c3); */ mflo t_1 mfhi t_2 - daddu c_1,t_1 - sltu AT,c_1,t_1 - daddu a2,t_2,AT - daddu c_2,a2 + slt c_3,t_2,zero + dsll t_2,1 + slt a2,t_1,zero + daddu t_2,a2 + dsll t_1,1 daddu c_1,t_1 sltu AT,c_1,t_1 daddu t_2,AT daddu c_2,t_2 - sltu c_3,c_2,t_2 + sltu AT,c_2,t_2 + daddu c_3,AT dmultu a_6,a_6 /* mul_add_c(a[6],b[6],c1,c2,c3); */ mflo t_1 mfhi t_2 @@ -1986,15 +2039,17 @@ LEAF(bn_sqr_comba8) dmultu a_6,a_7 /* mul_add_c2(a[6],b[7],c2,c3,c1); */ mflo t_1 mfhi t_2 - daddu c_2,t_1 - sltu AT,c_2,t_1 - daddu a2,t_2,AT - daddu c_3,a2 + slt c_1,t_2,zero + dsll t_2,1 + slt a2,t_1,zero + daddu t_2,a2 + dsll t_1,1 daddu c_2,t_1 sltu AT,c_2,t_1 daddu t_2,AT daddu c_3,t_2 - sltu c_1,c_3,t_2 + sltu AT,c_3,t_2 + daddu c_1,AT sd c_2,104(a0) dmultu a_7,a_7 /* mul_add_c(a[7],b[7],c3,c1,c2); */ @@ -2025,28 +2080,30 @@ LEAF(bn_sqr_comba4) dmultu a_0,a_1 /* mul_add_c2(a[0],b[1],c2,c3,c1); */ mflo t_1 mfhi t_2 + slt c_1,t_2,zero + dsll t_2,1 + slt a2,t_1,zero + daddu t_2,a2 + dsll t_1,1 daddu c_2,t_1 sltu AT,c_2,t_1 daddu c_3,t_2,AT - daddu c_2,t_1 - sltu AT,c_2,t_1 - daddu t_2,AT - daddu c_3,t_2 - sltu c_1,c_3,t_2 sd c_2,8(a0) dmultu a_2,a_0 /* mul_add_c2(a[2],b[0],c3,c1,c2); */ mflo t_1 mfhi t_2 - daddu c_3,t_1 - sltu AT,c_3,t_1 - daddu a2,t_2,AT - daddu c_1,a2 + slt c_2,t_2,zero + dsll t_2,1 + slt a2,t_1,zero + daddu t_2,a2 + dsll t_1,1 daddu c_3,t_1 sltu AT,c_3,t_1 daddu t_2,AT daddu c_1,t_2 - sltu c_2,c_1,t_2 + sltu AT,c_1,t_2 + daddu c_2,AT dmultu a_1,a_1 /* mul_add_c(a[1],b[1],c3,c1,c2); */ mflo t_1 mfhi t_2 @@ -2061,24 +2118,26 @@ LEAF(bn_sqr_comba4) dmultu a_0,a_3 /* mul_add_c2(a[0],b[3],c1,c2,c3); */ mflo t_1 mfhi t_2 - daddu c_1,t_1 - sltu AT,c_1,t_1 - daddu a2,t_2,AT - daddu c_2,a2 + slt c_3,t_2,zero + dsll t_2,1 + slt a2,t_1,zero + daddu t_2,a2 + dsll t_1,1 daddu c_1,t_1 sltu AT,c_1,t_1 daddu t_2,AT daddu c_2,t_2 - sltu c_3,c_2,t_2 + sltu AT,c_2,t_2 + daddu c_3,AT dmultu a_1,a_2 /* mul_add_c(a2[1],b[2],c1,c2,c3); */ mflo t_1 mfhi t_2 - daddu c_1,t_1 - sltu AT,c_1,t_1 - daddu a2,t_2,AT - daddu c_2,a2 - sltu AT,c_2,a2 + slt AT,t_2,zero daddu c_3,AT + dsll t_2,1 + slt a2,t_1,zero + daddu t_2,a2 + dsll t_1,1 daddu c_1,t_1 sltu AT,c_1,t_1 daddu t_2,AT @@ -2090,15 +2149,17 @@ LEAF(bn_sqr_comba4) dmultu a_3,a_1 /* mul_add_c2(a[3],b[1],c2,c3,c1); */ mflo t_1 mfhi t_2 - daddu c_2,t_1 - sltu AT,c_2,t_1 - daddu a2,t_2,AT - daddu c_3,a2 + slt c_1,t_2,zero + dsll t_2,1 + slt a2,t_1,zero + daddu t_2,a2 + dsll t_1,1 daddu c_2,t_1 sltu AT,c_2,t_1 daddu t_2,AT daddu c_3,t_2 - sltu c_1,c_3,t_2 + sltu AT,c_3,t_2 + daddu c_1,AT dmultu a_2,a_2 /* mul_add_c(a[2],b[2],c2,c3,c1); */ mflo t_1 mfhi t_2 @@ -2113,15 +2174,17 @@ LEAF(bn_sqr_comba4) dmultu a_2,a_3 /* mul_add_c2(a[2],b[3],c3,c1,c2); */ mflo t_1 mfhi t_2 - daddu c_3,t_1 - sltu AT,c_3,t_1 - daddu a2,t_2,AT - daddu c_1,a2 + slt c_2,t_2,zero + dsll t_2,1 + slt a2,t_1,zero + daddu t_2,a2 + dsll t_1,1 daddu c_3,t_1 sltu AT,c_3,t_1 daddu t_2,AT daddu c_1,t_2 - sltu c_2,c_1,t_2 + sltu AT,c_1,t_2 + daddu c_2,AT sd c_3,40(a0) dmultu a_3,a_3 /* mul_add_c(a[3],b[3],c1,c2,c3); */ diff --git a/src/lib/libcrypto/bn/asm/vms.mar b/src/lib/libcrypto/bn/asm/vms.mar index ac9d57d7b0..465f2774b6 100644 --- a/src/lib/libcrypto/bn/asm/vms.mar +++ b/src/lib/libcrypto/bn/asm/vms.mar @@ -162,442 +162,237 @@ n=12 ;(AP) n by value (input) movl #1,r0 ; return SS$_NORMAL ret - .title (generated) - - .psect code,nowrt - -.entry BN_DIV_WORDS,^m - subl2 #4,sp - - clrl r9 - movl #2,r8 - - tstl 12(ap) - bneq noname.2 - mnegl #1,r10 - brw noname.3 - tstl r0 - nop -noname.2: - - pushl 12(ap) - calls #1,BN_NUM_BITS_WORD - movl r0,r7 - - cmpl r7,#32 - beql noname.4 - ashl r7,#1,r2 - cmpl 4(ap),r2 - blequ noname.4 - - pushl r7 - calls #1,BN_DIV_WORDS_ABORT -noname.4: - - subl3 r7,#32,r7 - - movl 12(ap),r2 - cmpl 4(ap),r2 - blssu noname.5 - subl2 r2,4(ap) -noname.5: - - tstl r7 - beql noname.6 - - ashl r7,r2,12(ap) - - ashl r7,4(ap),r4 - subl3 r7,#32,r3 - subl3 r3,#32,r2 - extzv r3,r2,8(ap),r2 - bisl3 r4,r2,4(ap) - - ashl r7,8(ap),8(ap) -noname.6: - - bicl3 #65535,12(ap),r2 - extzv #16,#16,r2,r5 - - bicl3 #-65536,12(ap),r6 - -noname.7: - - moval 4(ap),r2 - movzwl 2(r2),r0 - cmpl r0,r5 - bneq noname.8 - - movzwl #65535,r4 - brb noname.9 -noname.8: - - clrl r1 - movl (r2),r0 - movl r5,r2 - bgeq vcg.1 - cmpl r2,r0 - bgtru vcg.2 - incl r1 - brb vcg.2 - nop -vcg.1: - ediv r2,r0,r1,r0 -vcg.2: - movl r1,r4 -noname.9: - -noname.10: - - mull3 r5,r4,r0 - subl3 r0,4(ap),r3 - - bicl3 #65535,r3,r0 - bneq noname.13 - mull3 r6,r4,r2 - ashl #16,r3,r1 - bicl3 #65535,8(ap),r0 - extzv #16,#16,r0,r0 - addl2 r0,r1 - cmpl r2,r1 - bgtru noname.12 -noname.11: - - brb noname.13 - nop -noname.12: - - decl r4 - brb noname.10 -noname.13: - - mull3 r5,r4,r1 - - mull3 r6,r4,r0 - - extzv #16,#16,r0,r3 - - ashl #16,r0,r2 - bicl3 #65535,r2,r0 - - addl2 r3,r1 - - moval 8(ap),r3 - cmpl (r3),r0 - bgequ noname.15 - incl r1 -noname.15: - - subl2 r0,(r3) - - cmpl 4(ap),r1 - bgequ noname.16 - - addl2 12(ap),4(ap) - - decl r4 -noname.16: - - subl2 r1,4(ap) - - decl r8 - beql noname.18 -noname.17: - - ashl #16,r4,r9 + .title vax_bn_div_words unsigned divide +; +; Richard Levitte 20-Nov-2000 +; +; ULONG bn_div_words(ULONG h, ULONG l, ULONG d) +; { +; return ((ULONG)((((ULLONG)h)<<32)|l) / (ULLONG)d); +; } +; +; Using EDIV would be very easy, if it didn't do signed calculations. +; Therefore, som extra things have to happen around it. The way to +; handle that is to shift all operands right one step (basically dividing +; them by 2) and handle the different cases depending on what the lowest +; bit of each operand was. +; +; To start with, let's define the following: +; +; a' = l & 1 +; a2 = >> 1 # UNSIGNED shift! +; b' = d & 1 +; b2 = d >> 1 # UNSIGNED shift! +; +; Now, use EDIV to calculate a quotient and a remainder: +; +; q'' = a2/b2 +; r'' = a2 - q''*b2 +; +; If b' is 0, the quotient is already correct, we just need to adjust the +; remainder: +; +; if (b' == 0) +; { +; r = 2*r'' + a' +; q = q'' +; } +; +; If b' is 1, we need to do other adjustements. The first thought is the +; following (note that r' will not always have the right value, but an +; adjustement follows further down): +; +; if (b' == 1) +; { +; q' = q'' +; r' = a - q'*b +; +; However, one can note the folowing relationship: +; +; r'' = a2 - q''*b2 +; => 2*r'' = 2*a2 - 2*q''*b2 +; = { a = 2*a2 + a', b = 2*b2 + b' = 2*b2 + 1, +; q' = q'' } +; = a - a' - q'*(b - 1) +; = a - q'*b - a' + q' +; = r' - a' + q' +; => r' = 2*r'' - q' + a' +; +; This enables us to use r'' instead of discarding and calculating another +; modulo: +; +; if (b' == 1) +; { +; q' = q'' +; r' = (r'' << 1) - q' + a' +; +; Now, all we have to do is adjust r', because it might be < 0: +; +; while (r' < 0) +; { +; r' = r' + b +; q' = q' - 1 +; } +; } +; +; return q' - ashl #16,4(ap),r2 - movzwl 2(r3),r0 - bisl2 r0,r2 - bicl3 #0,r2,4(ap) +h=4 ;(AP) h by value (input) +l=8 ;(AP) l by value (input) +d=12 ;(AP) d by value (input) - bicl3 #-65536,(r3),r0 - ashl #16,r0,(r3) - brw noname.7 - nop -noname.18: +;aprim=r5 +;a2=r6 +;a20=r6 +;a21=r7 +;bprim=r8 +;b2=r9 +;qprim=r10 ; initially used as q'' +;rprim=r11 ; initially used as r'' - bisl2 r4,r9 - movl r9,r10 + .psect code,nowrt -noname.3: +.entry bn_div_words,^m + movl l(ap),r2 + movl h(ap),r3 + movl d(ap),r4 + + movl #0,r5 + movl #0,r8 + movl #0,r0 +; movl #0,r1 + + rotl #-1,r2,r6 ; a20 = l >> 1 (almost) + rotl #-1,r3,r7 ; a21 = h >> 1 (almost) + rotl #-1,r4,r9 ; b2 = d >> 1 (almost) + + tstl r6 + bgeq 1$ + xorl2 #^X80000000,r6 ; fixup a20 so highest bit is 0 + incl r5 ; a' = 1 +1$: + tstl r7 + bgeq 2$ + xorl2 #^X80000000,r6 ; fixup a20 so highest bit is 1, + ; since that's what was lowest in a21 + xorl2 #^X80000000,r7 ; fixup a21 so highest bit is 1 +2$: + tstl r9 + beql 666$ ; Uh-oh, the divisor is 0... + bgtr 3$ + xorl2 #^X80000000,r9 ; fixup b2 so highest bit is 0 + incl r8 ; b' = 1 +3$: + tstl r9 + bneq 4$ ; if b2 is 0, we know that b' is 1 + tstl r3 + bneq 666$ ; if higher half isn't 0, we overflow + movl r2,r10 ; otherwise, we have our result + brb 42$ ; This is a success, really. +4$: + ediv r9,r6,r10,r11 + + tstl r8 + bneq 5$ ; If b' != 0, go to the other part +; addl3 r11,r11,r1 +; addl2 r5,r1 + brb 42$ +5$: + ashl #1,r11,r11 + subl2 r10,r11 + addl2 r5,r11 + bgeq 7$ +6$: + decl r10 + addl2 r4,r11 + blss 6$ +7$: +; movl r11,r1 +42$: movl r10,r0 - ret - tstl r0 - +666$: + ret - .psect code,nowrt - -.entry BN_ADD_WORDS,^m - - tstl 16(ap) - bgtr noname.21 - clrl r7 - brw noname.22 -noname.21: - - clrl r4 - - tstl r0 -noname.23: - - movl 8(ap),r6 - addl3 r4,(r6),r2 - - bicl2 #0,r2 - - clrl r0 - cmpl r2,r4 - bgequ vcg.3 - incl r0 -vcg.3: - movl r0,r4 - - movl 12(ap),r5 - addl3 (r5),r2,r1 - bicl2 #0,r1 - - clrl r0 - cmpl r1,r2 - bgequ vcg.4 - incl r0 -vcg.4: - addl2 r0,r4 - - movl 4(ap),r3 - movl r1,(r3) - - decl 16(ap) - bgtr gen.1 - brw noname.25 -gen.1: -noname.24: - - addl3 r4,4(r6),r2 - - bicl2 #0,r2 - - clrl r0 - cmpl r2,r4 - bgequ vcg.5 - incl r0 -vcg.5: - movl r0,r4 - - addl3 4(r5),r2,r1 - bicl2 #0,r1 - - clrl r0 - cmpl r1,r2 - bgequ vcg.6 - incl r0 -vcg.6: - addl2 r0,r4 - - movl r1,4(r3) - - decl 16(ap) - bleq noname.25 -noname.26: - - addl3 r4,8(r6),r2 - - bicl2 #0,r2 - - clrl r0 - cmpl r2,r4 - bgequ vcg.7 - incl r0 -vcg.7: - movl r0,r4 - - addl3 8(r5),r2,r1 - bicl2 #0,r1 - - clrl r0 - cmpl r1,r2 - bgequ vcg.8 - incl r0 -vcg.8: - addl2 r0,r4 - - movl r1,8(r3) - - decl 16(ap) - bleq noname.25 -noname.27: - - addl3 r4,12(r6),r2 - - bicl2 #0,r2 - - clrl r0 - cmpl r2,r4 - bgequ vcg.9 - incl r0 -vcg.9: - movl r0,r4 - - addl3 12(r5),r2,r1 - bicl2 #0,r1 - - clrl r0 - cmpl r1,r2 - bgequ vcg.10 - incl r0 -vcg.10: - addl2 r0,r4 + .title vax_bn_add_words unsigned add of two arrays +; +; Richard Levitte 20-Nov-2000 +; +; ULONG bn_add_words(ULONG r[], ULONG a[], ULONG b[], int n) { +; ULONG c = 0; +; int i; +; for (i = 0; i < n; i++) = a[i] + b[i] + c; +; return(c); +; } - movl r1,12(r3) +r=4 ;(AP) r by reference (output) +a=8 ;(AP) a by reference (input) +b=12 ;(AP) b by reference (input) +n=16 ;(AP) n by value (input) - decl 16(ap) - bleq noname.25 -noname.28: - addl3 #16,r6,8(ap) + .psect code,nowrt - addl3 #16,r5,12(ap) +.entry bn_add_words,^m - addl3 #16,r3,4(ap) - brw noname.23 - tstl r0 -noname.25: + moval @r(ap),r2 + moval @a(ap),r3 + moval @b(ap),r4 + movl n(ap),r5 ; assumed >0 by C code + clrl r0 ; c - movl r4,r7 + tstl r5 ; carry = 0 + bleq 666$ -noname.22: - movl r7,r0 - ret - nop +0$: + movl (r3)+,r6 ; carry untouched + adwc (r4)+,r6 ; carry used and touched + movl r6,(r2)+ ; carry untouched + sobgtr r5,0$ ; carry untouched + adwc #0,r0 +666$: + ret + .title vax_bn_sub_words unsigned add of two arrays +; +; Richard Levitte 20-Nov-2000 +; +; ULONG bn_sub_words(ULONG r[], ULONG a[], ULONG b[], int n) { +; ULONG c = 0; +; int i; +; for (i = 0; i < n; i++) = a[i] - b[i] - c; +; return(c); +; } -;r=4 ;(AP) -;a=8 ;(AP) -;b=12 ;(AP) -;n=16 ;(AP) n by value (input) +r=4 ;(AP) r by reference (output) +a=8 ;(AP) a by reference (input) +b=12 ;(AP) b by reference (input) +n=16 ;(AP) n by value (input) - .psect code,nowrt -.entry BN_SUB_WORDS,^m + .psect code,nowrt - clrl r6 +.entry bn_sub_words,^m - tstl 16(ap) - bgtr noname.31 - clrl r7 - brw noname.32 - tstl r0 -noname.31: + moval @r(ap),r2 + moval @a(ap),r3 + moval @b(ap),r4 + movl n(ap),r5 ; assumed >0 by C code + clrl r0 ; c -noname.33: + tstl r5 ; carry = 0 + bleq 666$ - movl 8(ap),r5 - movl (r5),r1 - movl 12(ap),r4 - movl (r4),r2 - - movl 4(ap),r3 - subl3 r2,r1,r0 - subl2 r6,r0 - bicl3 #0,r0,(r3) - - cmpl r1,r2 - beql noname.34 - clrl r0 - cmpl r1,r2 - bgequ vcg.11 - incl r0 -vcg.11: - movl r0,r6 -noname.34: - - decl 16(ap) - bgtr gen.2 - brw noname.36 -gen.2: -noname.35: - - movl 4(r5),r2 - movl 4(r4),r1 - - subl3 r1,r2,r0 - subl2 r6,r0 - bicl3 #0,r0,4(r3) - - cmpl r2,r1 - beql noname.37 - clrl r0 - cmpl r2,r1 - bgequ vcg.12 - incl r0 -vcg.12: - movl r0,r6 -noname.37: - - decl 16(ap) - bleq noname.36 -noname.38: - - movl 8(r5),r1 - movl 8(r4),r2 - - subl3 r2,r1,r0 - subl2 r6,r0 - bicl3 #0,r0,8(r3) - - cmpl r1,r2 - beql noname.39 - clrl r0 - cmpl r1,r2 - bgequ vcg.13 - incl r0 -vcg.13: - movl r0,r6 -noname.39: - - decl 16(ap) - bleq noname.36 -noname.40: - - movl 12(r5),r1 - movl 12(r4),r2 - - subl3 r2,r1,r0 - subl2 r6,r0 - bicl3 #0,r0,12(r3) - - cmpl r1,r2 - beql noname.41 - clrl r0 - cmpl r1,r2 - bgequ vcg.14 - incl r0 -vcg.14: - movl r0,r6 -noname.41: - - decl 16(ap) - bleq noname.36 -noname.42: - - addl3 #16,r5,8(ap) - - addl3 #16,r4,12(ap) - - addl3 #16,r3,4(ap) - brw noname.33 - tstl r0 -noname.36: - - movl r6,r7 - -noname.32: - movl r7,r0 - ret - nop +0$: + movl (r3)+,r6 ; carry untouched + sbwc (r4)+,r6 ; carry used and touched + movl r6,(r2)+ ; carry untouched + sobgtr r5,0$ ; carry untouched + adwc #0,r0 +666$: + ret ;r=4 ;(AP) @@ -6614,82 +6409,4 @@ noname.610: ret ; For now, the code below doesn't work, so I end this prematurely. -.end - - .title vax_bn_div64 division 64/32=>32 -; -; r.l. 16-jan-1998 -; -; unsigned int bn_div64(unsigned long h, unsigned long l, unsigned long d) -; return /d; -; - - .psect code,nowrt - -h=4 ;(AP) by value (input) -l=8 ;(AP) by value (input) -d=12 ;(AP) by value (input) - -.entry bn_div64,^m - - movl l(ap),r2 ; l - movl h(ap),r3 ; h - movl d(ap),r4 ; d - clrl r5 ; q - clrl r6 ; r - - ; Treat "negative" specially - tstl r3 - blss 30$ - - tstl r4 - beql 90$ - - ediv r4,r2,r5,r6 - bvs 666$ - - movl r5,r0 - ret - -30$: - ; The theory here is to do some harmless shifting and a little - ; bit of rounding (brackets are to designate when decimals are - ; cut off): - ; - ; result = 2 * [ ([/2] + [d/2]) / d ] + [ l / d ] - - movl #0,r7 - movl r3,r8 ; copy h - ashq #-1,r7,r7 ; [/2] => - bicl2 #^X80000000,r8 ; Remove "sign" - - movl r4,r9 ; copy d - ashl #-1,r9,r9 ; [d/2] => r9 - bicl2 #^X80000000,r9 ; Remove "sign" - - addl2 r9,r7 - adwc #0,r8 ; [/2] + [d/2] => - - ediv r4,r7,r5,r6 ; [ ([/2] + [d/2]) / d ] => - bvs 666$ - - movl #0,r6 - ashq #1,r5,r5 ; 2 * [ ([/2] + [d/2]) / d ] => r5 - - movl #0,r3 - ediv r4,r2,r8,r9 ; [ l / d ] => - - addl2 r8,r5 ; - bcs 666$ - - movl r5,r0 - ret - -90$: - movl #-1,r0 - ret - -666$: - - .end diff --git a/src/lib/libcrypto/bn/bnspeed.c b/src/lib/libcrypto/bn/bnspeed.c index f7c2790fff..b554ac8cf8 100644 --- a/src/lib/libcrypto/bn/bnspeed.c +++ b/src/lib/libcrypto/bn/bnspeed.c @@ -1,3 +1,5 @@ +/* unused */ + /* crypto/bn/bnspeed.c */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. @@ -66,14 +68,13 @@ #include #include #include -#include "crypto.h" -#include "err.h" +#include +#include -#ifndef MSDOS +#if !defined(OPENSSL_SYS_MSDOS) && (!defined(OPENSSL_SYS_VMS) || defined(__DECC)) && !defined(OPENSSL_SYS_MACOSX) #define TIMES #endif -#ifndef VMS #ifndef _IRIX #include #endif @@ -81,36 +82,33 @@ #include #include #endif -#else /* VMS */ -#include -struct tms { - time_t tms_utime; - time_t tms_stime; - time_t tms_uchild; /* I dunno... */ - time_t tms_uchildsys; /* so these names are a guess :-) */ - } + +/* Depending on the VMS version, the tms structure is perhaps defined. + The __TMS macro will show if it was. If it wasn't defined, we should + undefine TIMES, since that tells the rest of the program how things + should be handled. -- Richard Levitte */ +#if defined(OPENSSL_SYS_VMS_DECC) && !defined(__TMS) +#undef TIMES #endif + #ifndef TIMES #include #endif -#ifdef sun +#if defined(sun) || defined(__ultrix) +#define _POSIX_SOURCE #include #include #endif -#include "bn.h" -#include "x509.h" +#include +#include /* The following if from times(3) man page. It may need to be changed */ #ifndef HZ # ifndef CLK_TCK # ifndef _BSD_CLK_TCK_ /* FreeBSD hack */ -# ifndef VMS -# define HZ 100.0 -# else /* VMS */ -# define HZ 100.0 -# endif +# define HZ 100.0 # else /* _BSD_CLK_TCK_ */ # define HZ ((double)_BSD_CLK_TCK_) # endif @@ -123,17 +121,11 @@ struct tms { #define BUFSIZE ((long)1024*8) int run=0; -#ifndef NOPROTO static double Time_F(int s); -#else -static double Time_F(); -#endif - #define START 0 #define STOP 1 -static double Time_F(s) -int s; +static double Time_F(int s) { double ret; #ifdef TIMES @@ -175,27 +167,20 @@ static int sizes[NUM_SIZES]={128,256,512,1024,2048}; void do_mul(BIGNUM *r,BIGNUM *a,BIGNUM *b,BN_CTX *ctx); -int main(argc,argv) -int argc; -char **argv; +int main(int argc, char **argv) { BN_CTX *ctx; - BIGNUM *a,*b,*c,*r; + BIGNUM a,b,c; ctx=BN_CTX_new(); - a=BN_new(); - b=BN_new(); - c=BN_new(); - r=BN_new(); + BN_init(&a); + BN_init(&b); + BN_init(&c); - do_mul(a,b,c,ctx); + do_mul(&a,&b,&c,ctx); } -void do_mul(r,a,b,ctx) -BIGNUM *r; -BIGNUM *a; -BIGNUM *b; -BN_CTX *ctx; +void do_mul(BIGNUM *r, BIGNUM *a, BIGNUM *b, BN_CTX *ctx) { int i,j,k; double tm; @@ -211,7 +196,7 @@ BN_CTX *ctx; BN_rand(b,sizes[j],1,0); Time_F(START); for (k=0; k %8.3fms\n",sizes[i],sizes[j],tm*1000.0/num); } diff --git a/src/lib/libcrypto/bn/bntest.c b/src/lib/libcrypto/bn/bntest.c index 9ebd68b429..443cf420e5 100644 --- a/src/lib/libcrypto/bn/bntest.c +++ b/src/lib/libcrypto/bn/bntest.c @@ -59,65 +59,70 @@ #include #include #include + #include "e_os.h" -#include "bio.h" -#include "bn.h" -#include "rand.h" -#include "x509.h" -#include "err.h" -#ifdef WINDOWS +#include +#include +#include +#include +#include + +#ifdef OPENSSL_SYS_WINDOWS #include "../bio/bss_file.c" #endif -#ifndef NOPROTO -int test_add (BIO *bp); -int test_sub (BIO *bp); -int test_lshift1 (BIO *bp); -int test_lshift (BIO *bp); -int test_rshift1 (BIO *bp); -int test_rshift (BIO *bp); -int test_div (BIO *bp,BN_CTX *ctx); -int test_mul (BIO *bp); -int test_sqr (BIO *bp,BN_CTX *ctx); -int test_mont (BIO *bp,BN_CTX *ctx); -int test_mod (BIO *bp,BN_CTX *ctx); -int test_mod_mul (BIO *bp,BN_CTX *ctx); -int test_mod_exp (BIO *bp,BN_CTX *ctx); +const int num0 = 100; /* number of tests */ +const int num1 = 50; /* additional tests for some functions */ +const int num2 = 5; /* number of tests for slow functions */ + +int test_add(BIO *bp); +int test_sub(BIO *bp); +int test_lshift1(BIO *bp); +int test_lshift(BIO *bp,BN_CTX *ctx,BIGNUM *a_); +int test_rshift1(BIO *bp); +int test_rshift(BIO *bp,BN_CTX *ctx); +int test_div(BIO *bp,BN_CTX *ctx); +int test_div_recp(BIO *bp,BN_CTX *ctx); +int test_mul(BIO *bp); +int test_sqr(BIO *bp,BN_CTX *ctx); +int test_mont(BIO *bp,BN_CTX *ctx); +int test_mod(BIO *bp,BN_CTX *ctx); +int test_mod_mul(BIO *bp,BN_CTX *ctx); +int test_mod_exp(BIO *bp,BN_CTX *ctx); +int test_exp(BIO *bp,BN_CTX *ctx); +int test_kron(BIO *bp,BN_CTX *ctx); +int test_sqrt(BIO *bp,BN_CTX *ctx); int rand_neg(void); -#else -int test_add (); -int test_sub (); -int test_lshift1 (); -int test_lshift (); -int test_rshift1 (); -int test_rshift (); -int test_div (); -int test_mul (); -int test_sqr (); -int test_mont (); -int test_mod (); -int test_mod_mul (); -int test_mod_exp (); -int rand_neg(); -#endif - static int results=0; -#ifdef NO_STDIO +#ifdef OPENSSL_NO_STDIO #define APPS_WIN16 #include "bss_file.c" #endif -int main(argc,argv) -int argc; -char *argv[]; +static unsigned char lst[]="\xC6\x4F\x43\x04\x2A\xEA\xCA\x6E\x58\x36\x80\x5B\xE8\xC9" +"\x9B\x04\x5D\x48\x36\xC2\xFD\x16\xC9\x64\xF0"; + +static const char rnd_seed[] = "string to make the random number generator think it has entropy"; + +static void message(BIO *out, char *m) + { + fprintf(stderr, "test %s\n", m); + BIO_puts(out, "print \"test "); + BIO_puts(out, m); + BIO_puts(out, "\\n\"\n"); + } + +int main(int argc, char *argv[]) { BN_CTX *ctx; BIO *out; char *outfile=NULL; - srand((unsigned int)time(NULL)); + results = 0; + + RAND_seed(rnd_seed, sizeof rnd_seed); /* or BN_generate_prime may fail */ argc--; argv++; @@ -156,361 +161,516 @@ char *argv[]; if (!results) BIO_puts(out,"obase=16\nibase=16\n"); - fprintf(stderr,"test BN_add\n"); + message(out,"BN_add"); if (!test_add(out)) goto err; - fflush(stdout); + BIO_flush(out); - fprintf(stderr,"test BN_sub\n"); + message(out,"BN_sub"); if (!test_sub(out)) goto err; - fflush(stdout); + BIO_flush(out); - fprintf(stderr,"test BN_lshift1\n"); + message(out,"BN_lshift1"); if (!test_lshift1(out)) goto err; - fflush(stdout); + BIO_flush(out); + + message(out,"BN_lshift (fixed)"); + if (!test_lshift(out,ctx,BN_bin2bn(lst,sizeof(lst)-1,NULL))) + goto err; + BIO_flush(out); - fprintf(stderr,"test BN_lshift\n"); - if (!test_lshift(out)) goto err; - fflush(stdout); + message(out,"BN_lshift"); + if (!test_lshift(out,ctx,NULL)) goto err; + BIO_flush(out); - fprintf(stderr,"test BN_rshift1\n"); + message(out,"BN_rshift1"); if (!test_rshift1(out)) goto err; - fflush(stdout); + BIO_flush(out); - fprintf(stderr,"test BN_rshift\n"); - if (!test_rshift(out)) goto err; - fflush(stdout); + message(out,"BN_rshift"); + if (!test_rshift(out,ctx)) goto err; + BIO_flush(out); - fprintf(stderr,"test BN_sqr\n"); + message(out,"BN_sqr"); if (!test_sqr(out,ctx)) goto err; - fflush(stdout); + BIO_flush(out); - fprintf(stderr,"test BN_mul\n"); + message(out,"BN_mul"); if (!test_mul(out)) goto err; - fflush(stdout); + BIO_flush(out); - fprintf(stderr,"test BN_div\n"); + message(out,"BN_div"); if (!test_div(out,ctx)) goto err; - fflush(stdout); + BIO_flush(out); - fprintf(stderr,"test BN_mod\n"); + message(out,"BN_div_recp"); + if (!test_div_recp(out,ctx)) goto err; + BIO_flush(out); + + message(out,"BN_mod"); if (!test_mod(out,ctx)) goto err; - fflush(stdout); + BIO_flush(out); - fprintf(stderr,"test BN_mod_mul\n"); + message(out,"BN_mod_mul"); if (!test_mod_mul(out,ctx)) goto err; - fflush(stdout); + BIO_flush(out); -/* - fprintf(stderr,"test BN_mont\n"); + message(out,"BN_mont"); if (!test_mont(out,ctx)) goto err; - fflush(stdout); -*/ - fprintf(stderr,"test BN_mod_exp\n"); + BIO_flush(out); + + message(out,"BN_mod_exp"); if (!test_mod_exp(out,ctx)) goto err; - fflush(stdout); + BIO_flush(out); + + message(out,"BN_exp"); + if (!test_exp(out,ctx)) goto err; + BIO_flush(out); + + message(out,"BN_kronecker"); + if (!test_kron(out,ctx)) goto err; + BIO_flush(out); + + message(out,"BN_mod_sqrt"); + if (!test_sqrt(out,ctx)) goto err; + BIO_flush(out); + + BN_CTX_free(ctx); + BIO_free(out); /**/ exit(0); err: + BIO_puts(out,"1\n"); /* make sure the Perl script fed by bc notices + * the failure, see test_bn in test/Makefile.ssl*/ + BIO_flush(out); ERR_load_crypto_strings(); - ERR_print_errors(out); + ERR_print_errors_fp(stderr); exit(1); return(1); } -int test_add(bp) -BIO *bp; +int test_add(BIO *bp) { - BIGNUM *a,*b,*c; + BIGNUM a,b,c; int i; - int j; - a=BN_new(); - b=BN_new(); - c=BN_new(); + BN_init(&a); + BN_init(&b); + BN_init(&c); - BN_rand(a,512,0,0); - for (i=0; i<100; i++) + BN_bntest_rand(&a,512,0,0); + for (i=0; ineg=rand_neg(); - b->neg=rand_neg(); - if (bp == NULL) - for (j=0; j<10000; j++) - BN_add(c,a,b); - BN_add(c,a,b); + BN_bntest_rand(&b,450+i,0,0); + a.neg=rand_neg(); + b.neg=rand_neg(); + BN_add(&c,&a,&b); if (bp != NULL) { if (!results) { - BN_print(bp,a); + BN_print(bp,&a); BIO_puts(bp," + "); - BN_print(bp,b); + BN_print(bp,&b); BIO_puts(bp," - "); } - BN_print(bp,c); + BN_print(bp,&c); BIO_puts(bp,"\n"); } + a.neg=!a.neg; + b.neg=!b.neg; + BN_add(&c,&c,&b); + BN_add(&c,&c,&a); + if(!BN_is_zero(&c)) + { + fprintf(stderr,"Add test failed!\n"); + return 0; + } } - BN_free(a); - BN_free(b); - BN_free(c); + BN_free(&a); + BN_free(&b); + BN_free(&c); return(1); } -int test_sub(bp) -BIO *bp; +int test_sub(BIO *bp) { - BIGNUM *a,*b,*c; + BIGNUM a,b,c; int i; - int j; - a=BN_new(); - b=BN_new(); - c=BN_new(); + BN_init(&a); + BN_init(&b); + BN_init(&c); - BN_rand(a,512,0,0); - for (i=0; i<100; i++) + for (i=0; ineg=rand_neg(); - b->neg=rand_neg(); - if (bp == NULL) - for (j=0; j<10000; j++) - BN_sub(c,a,b); - BN_sub(c,a,b); + if (i < num1) + { + BN_bntest_rand(&a,512,0,0); + BN_copy(&b,&a); + if (BN_set_bit(&a,i)==0) return(0); + BN_add_word(&b,i); + } + else + { + BN_bntest_rand(&b,400+i-num1,0,0); + a.neg=rand_neg(); + b.neg=rand_neg(); + } + BN_sub(&c,&a,&b); if (bp != NULL) { if (!results) { - BN_print(bp,a); + BN_print(bp,&a); BIO_puts(bp," - "); - BN_print(bp,b); + BN_print(bp,&b); BIO_puts(bp," - "); } - BN_print(bp,c); + BN_print(bp,&c); BIO_puts(bp,"\n"); } + BN_add(&c,&c,&b); + BN_sub(&c,&c,&a); + if(!BN_is_zero(&c)) + { + fprintf(stderr,"Subtract test failed!\n"); + return 0; + } } - BN_free(a); - BN_free(b); - BN_free(c); + BN_free(&a); + BN_free(&b); + BN_free(&c); return(1); } -int test_div(bp,ctx) -BIO *bp; -BN_CTX *ctx; +int test_div(BIO *bp, BN_CTX *ctx) { - BIGNUM *a,*b,*c,*d; + BIGNUM a,b,c,d,e; int i; - int j; - a=BN_new(); - b=BN_new(); - c=BN_new(); - d=BN_new(); + BN_init(&a); + BN_init(&b); + BN_init(&c); + BN_init(&d); + BN_init(&e); - BN_rand(a,400,0,0); - for (i=0; i<100; i++) + for (i=0; ineg=rand_neg(); - b->neg=rand_neg(); - if (bp == NULL) - for (j=0; j<100; j++) - BN_div(d,c,a,b,ctx); - BN_div(d,c,a,b,ctx); + if (i < num1) + { + BN_bntest_rand(&a,400,0,0); + BN_copy(&b,&a); + BN_lshift(&a,&a,i); + BN_add_word(&a,i); + } + else + BN_bntest_rand(&b,50+3*(i-num1),0,0); + a.neg=rand_neg(); + b.neg=rand_neg(); + BN_div(&d,&c,&a,&b,ctx); if (bp != NULL) { if (!results) { - BN_print(bp,a); + BN_print(bp,&a); BIO_puts(bp," / "); - BN_print(bp,b); + BN_print(bp,&b); BIO_puts(bp," - "); } - BN_print(bp,d); + BN_print(bp,&d); BIO_puts(bp,"\n"); if (!results) { - BN_print(bp,a); + BN_print(bp,&a); BIO_puts(bp," % "); - BN_print(bp,b); + BN_print(bp,&b); BIO_puts(bp," - "); } - BN_print(bp,c); + BN_print(bp,&c); BIO_puts(bp,"\n"); } + BN_mul(&e,&d,&b,ctx); + BN_add(&d,&e,&c); + BN_sub(&d,&d,&a); + if(!BN_is_zero(&d)) + { + fprintf(stderr,"Division test failed!\n"); + return 0; + } } - BN_free(a); - BN_free(b); - BN_free(c); - BN_free(d); + BN_free(&a); + BN_free(&b); + BN_free(&c); + BN_free(&d); + BN_free(&e); return(1); } -int test_mul(bp) -BIO *bp; +int test_div_recp(BIO *bp, BN_CTX *ctx) { - BIGNUM *a,*b,*c; + BIGNUM a,b,c,d,e; + BN_RECP_CTX recp; int i; - int j; - a=BN_new(); - b=BN_new(); - c=BN_new(); + BN_RECP_CTX_init(&recp); + BN_init(&a); + BN_init(&b); + BN_init(&c); + BN_init(&d); + BN_init(&e); - BN_rand(a,200,0,0); - for (i=0; i<100; i++) + for (i=0; ineg=rand_neg(); - b->neg=rand_neg(); - if (bp == NULL) - for (j=0; j<100; j++) - BN_mul(c,a,b); - BN_mul(c,a,b); + if (i < num1) + { + BN_bntest_rand(&a,400,0,0); + BN_copy(&b,&a); + BN_lshift(&a,&a,i); + BN_add_word(&a,i); + } + else + BN_bntest_rand(&b,50+3*(i-num1),0,0); + a.neg=rand_neg(); + b.neg=rand_neg(); + BN_RECP_CTX_set(&recp,&b,ctx); + BN_div_recp(&d,&c,&a,&recp,ctx); if (bp != NULL) { if (!results) { - BN_print(bp,a); + BN_print(bp,&a); + BIO_puts(bp," / "); + BN_print(bp,&b); + BIO_puts(bp," - "); + } + BN_print(bp,&d); + BIO_puts(bp,"\n"); + + if (!results) + { + BN_print(bp,&a); + BIO_puts(bp," % "); + BN_print(bp,&b); + BIO_puts(bp," - "); + } + BN_print(bp,&c); + BIO_puts(bp,"\n"); + } + BN_mul(&e,&d,&b,ctx); + BN_add(&d,&e,&c); + BN_sub(&d,&d,&a); + if(!BN_is_zero(&d)) + { + fprintf(stderr,"Reciprocal division test failed!\n"); + fprintf(stderr,"a="); + BN_print_fp(stderr,&a); + fprintf(stderr,"\nb="); + BN_print_fp(stderr,&b); + fprintf(stderr,"\n"); + return 0; + } + } + BN_free(&a); + BN_free(&b); + BN_free(&c); + BN_free(&d); + BN_free(&e); + BN_RECP_CTX_free(&recp); + return(1); + } + +int test_mul(BIO *bp) + { + BIGNUM a,b,c,d,e; + int i; + BN_CTX *ctx; + + ctx = BN_CTX_new(); + if (ctx == NULL) exit(1); + + BN_init(&a); + BN_init(&b); + BN_init(&c); + BN_init(&d); + BN_init(&e); + + for (i=0; ineg=rand_neg(); - if (bp == NULL) - for (j=0; j<100; j++) - BN_sqr(c,a,ctx); - BN_sqr(c,a,ctx); + BN_bntest_rand(&a,40+i*10,0,0); + a.neg=rand_neg(); + BN_sqr(&c,&a,ctx); if (bp != NULL) { if (!results) { - BN_print(bp,a); + BN_print(bp,&a); BIO_puts(bp," * "); - BN_print(bp,a); + BN_print(bp,&a); BIO_puts(bp," - "); } - BN_print(bp,c); + BN_print(bp,&c); BIO_puts(bp,"\n"); } + BN_div(&d,&e,&c,&a,ctx); + BN_sub(&d,&d,&a); + if(!BN_is_zero(&d) || !BN_is_zero(&e)) + { + fprintf(stderr,"Square test failed!\n"); + return 0; + } } - BN_free(a); - BN_free(c); + BN_free(&a); + BN_free(&c); + BN_free(&d); + BN_free(&e); return(1); } -int test_mont(bp,ctx) -BIO *bp; -BN_CTX *ctx; +int test_mont(BIO *bp, BN_CTX *ctx) { - BIGNUM *a,*b,*c,*A,*B; - BIGNUM *n; + BIGNUM a,b,c,d,A,B; + BIGNUM n; int i; - int j; BN_MONT_CTX *mont; - a=BN_new(); - b=BN_new(); - c=BN_new(); - A=BN_new(); - B=BN_new(); - n=BN_new(); + BN_init(&a); + BN_init(&b); + BN_init(&c); + BN_init(&d); + BN_init(&A); + BN_init(&B); + BN_init(&n); mont=BN_MONT_CTX_new(); - BN_rand(a,100,0,0); /**/ - BN_rand(b,100,0,0); /**/ - for (i=0; i<10; i++) + BN_bntest_rand(&a,100,0,0); /**/ + BN_bntest_rand(&b,100,0,0); /**/ + for (i=0; iN)); #endif - BN_print(bp,a); + BN_print(bp,&a); BIO_puts(bp," * "); - BN_print(bp,b); + BN_print(bp,&b); BIO_puts(bp," % "); - BN_print(bp,mont->N); + BN_print(bp,&(mont->N)); BIO_puts(bp," - "); } - BN_print(bp,A); + BN_print(bp,&A); BIO_puts(bp,"\n"); } + BN_mod_mul(&d,&a,&b,&n,ctx); + BN_sub(&d,&d,&A); + if(!BN_is_zero(&d)) + { + fprintf(stderr,"Montgomery multiplication test failed!\n"); + return 0; + } } BN_MONT_CTX_free(mont); - BN_free(a); - BN_free(b); - BN_free(c); + BN_free(&a); + BN_free(&b); + BN_free(&c); + BN_free(&d); + BN_free(&A); + BN_free(&B); + BN_free(&n); return(1); } -int test_mod(bp,ctx) -BIO *bp; -BN_CTX *ctx; +int test_mod(BIO *bp, BN_CTX *ctx) { - BIGNUM *a,*b,*c; + BIGNUM *a,*b,*c,*d,*e; int i; - int j; a=BN_new(); b=BN_new(); c=BN_new(); + d=BN_new(); + e=BN_new(); - BN_rand(a,1024,0,0); /**/ - for (i=0; i<20; i++) + BN_bntest_rand(a,1024,0,0); /**/ + for (i=0; ineg=rand_neg(); b->neg=rand_neg(); - if (bp == NULL) - for (j=0; j<100; j++) - BN_mod(c,a,b,ctx);/**/ BN_mod(c,a,b,ctx);/**/ if (bp != NULL) { @@ -524,19 +684,26 @@ BN_CTX *ctx; BN_print(bp,c); BIO_puts(bp,"\n"); } + BN_div(d,e,a,b,ctx); + BN_sub(e,e,c); + if(!BN_is_zero(e)) + { + fprintf(stderr,"Modulo test failed!\n"); + return 0; + } } BN_free(a); BN_free(b); BN_free(c); + BN_free(d); + BN_free(e); return(1); } -int test_mod_mul(bp,ctx) -BIO *bp; -BN_CTX *ctx; +int test_mod_mul(BIO *bp, BN_CTX *ctx) { BIGNUM *a,*b,*c,*d,*e; - int i; + int i,j; a=BN_new(); b=BN_new(); @@ -544,17 +711,14 @@ BN_CTX *ctx; d=BN_new(); e=BN_new(); - BN_rand(c,1024,0,0); /**/ - for (i=0; i<10; i++) + for (j=0; j<3; j++) { + BN_bntest_rand(c,1024,0,0); /**/ + for (i=0; ineg=rand_neg(); b->neg=rand_neg(); - /* if (bp == NULL) - for (j=0; j<100; j++) - BN_mod_mul(d,a,b,c,ctx);*/ /**/ - if (!BN_mod_mul(e,a,b,c,ctx)) { unsigned long l; @@ -573,12 +737,32 @@ BN_CTX *ctx; BN_print(bp,b); BIO_puts(bp," % "); BN_print(bp,c); + if ((a->neg ^ b->neg) && !BN_is_zero(e)) + { + /* If (a*b) % c is negative, c must be added + * in order to obtain the normalized remainder + * (new with OpenSSL 0.9.7, previous versions of + * BN_mod_mul could generate negative results) + */ + BIO_puts(bp," + "); + BN_print(bp,c); + } BIO_puts(bp," - "); } BN_print(bp,e); BIO_puts(bp,"\n"); } + BN_mul(d,a,b,ctx); + BN_sub(d,d,e); + BN_div(a,b,d,c,ctx); + if(!BN_is_zero(b)) + { + fprintf(stderr,"Modulo multiply test failed!\n"); + ERR_print_errors_fp(stderr); + return 0; + } } + } BN_free(a); BN_free(b); BN_free(c); @@ -587,9 +771,7 @@ BN_CTX *ctx; return(1); } -int test_mod_exp(bp,ctx) -BIO *bp; -BN_CTX *ctx; +int test_mod_exp(BIO *bp, BN_CTX *ctx) { BIGNUM *a,*b,*c,*d,*e; int i; @@ -600,11 +782,11 @@ BN_CTX *ctx; d=BN_new(); e=BN_new(); - BN_rand(c,30,0,1); /* must be odd for montgomery */ - for (i=0; i<6; i++) + BN_bntest_rand(c,30,0,1); /* must be odd for montgomery */ + for (i=0; ineg = rand_neg(); + putc('\n', stderr); + + for (i = 0; i < num0; i++) + { + if (!BN_bntest_rand(a, 512, 0, 0)) goto err; + a->neg = rand_neg(); + + /* t := (|b|-1)/2 (note that b is odd) */ + if (!BN_copy(t, b)) goto err; + t->neg = 0; + if (!BN_sub_word(t, 1)) goto err; + if (!BN_rshift1(t, t)) goto err; + /* r := a^t mod b */ + b->neg=0; + + if (!BN_mod_exp_recp(r, a, t, b, ctx)) goto err; /* XXX should be BN_mod_exp_recp, but ..._recp triggers a bug that must be fixed */ + b->neg=1; + + if (BN_is_word(r, 1)) + legendre = 1; + else if (BN_is_zero(r)) + legendre = 0; + else + { + if (!BN_add_word(r, 1)) goto err; + if (0 != BN_ucmp(r, b)) + { + fprintf(stderr, "Legendre symbol computation failed\n"); + goto err; + } + legendre = -1; + } + + kronecker = BN_kronecker(a, b, ctx); + if (kronecker < -1) goto err; + /* we actually need BN_kronecker(a, |b|) */ + if (a->neg && b->neg) + kronecker = -kronecker; + + if (legendre != kronecker) + { + fprintf(stderr, "legendre != kronecker; a = "); + BN_print_fp(stderr, a); + fprintf(stderr, ", b = "); + BN_print_fp(stderr, b); + fprintf(stderr, "\n"); + goto err; + } + + putc('.', stderr); + fflush(stderr); + } + + putc('\n', stderr); + fflush(stderr); + ret = 1; + err: + if (a != NULL) BN_free(a); + if (b != NULL) BN_free(b); + if (r != NULL) BN_free(r); + if (t != NULL) BN_free(t); + return ret; + } + +int test_sqrt(BIO *bp, BN_CTX *ctx) + { + BIGNUM *a,*p,*r; + int i, j; + int ret = 0; + + a = BN_new(); + p = BN_new(); + r = BN_new(); + if (a == NULL || p == NULL || r == NULL) goto err; + + for (i = 0; i < 16; i++) + { + if (i < 8) + { + unsigned primes[8] = { 2, 3, 5, 7, 11, 13, 17, 19 }; + + if (!BN_set_word(p, primes[i])) goto err; + } + else + { + if (!BN_set_word(a, 32)) goto err; + if (!BN_set_word(r, 2*i + 1)) goto err; + + if (!BN_generate_prime(p, 256, 0, a, r, genprime_cb, NULL)) goto err; + putc('\n', stderr); + } + p->neg = rand_neg(); + + for (j = 0; j < num2; j++) + { + /* construct 'a' such that it is a square modulo p, + * but in general not a proper square and not reduced modulo p */ + if (!BN_bntest_rand(r, 256, 0, 3)) goto err; + if (!BN_nnmod(r, r, p, ctx)) goto err; + if (!BN_mod_sqr(r, r, p, ctx)) goto err; + if (!BN_bntest_rand(a, 256, 0, 3)) goto err; + if (!BN_nnmod(a, a, p, ctx)) goto err; + if (!BN_mod_sqr(a, a, p, ctx)) goto err; + if (!BN_mul(a, a, r, ctx)) goto err; + if (rand_neg()) + if (!BN_sub(a, a, p)) goto err; + + if (!BN_mod_sqrt(r, a, p, ctx)) goto err; + if (!BN_mod_sqr(r, r, p, ctx)) goto err; + + if (!BN_nnmod(a, a, p, ctx)) goto err; + + if (BN_cmp(a, r) != 0) + { + fprintf(stderr, "BN_mod_sqrt failed: a = "); + BN_print_fp(stderr, a); + fprintf(stderr, ", r = "); + BN_print_fp(stderr, r); + fprintf(stderr, ", p = "); + BN_print_fp(stderr, p); + fprintf(stderr, "\n"); + goto err; + } + + putc('.', stderr); + fflush(stderr); + } + + putc('\n', stderr); + fflush(stderr); + } + ret = 1; + err: + if (a != NULL) BN_free(a); + if (p != NULL) BN_free(p); + if (r != NULL) BN_free(r); + return ret; + } + +int test_lshift(BIO *bp,BN_CTX *ctx,BIGNUM *a_) + { + BIGNUM *a,*b,*c,*d; + int i; + b=BN_new(); c=BN_new(); + d=BN_new(); BN_one(c); - BN_rand(a,200,0,0); /**/ - a->neg=rand_neg(); - for (i=0; i<70; i++) + if(a_) + a=a_; + else + { + a=BN_new(); + BN_bntest_rand(a,200,0,0); /**/ + a->neg=rand_neg(); + } + for (i=0; ineg=rand_neg(); - for (i=0; i<70; i++) + for (i=0; ineg=rand_neg(); - for (i=0; i<70; i++) + for (i=0; ineg=rand_neg(); - for (i=0; i<70; i++) + for (i=0; i #include #include "bn_lcl.h" diff --git a/src/lib/libcrypto/bn/expspeed.c b/src/lib/libcrypto/bn/expspeed.c index 344f883d35..07a1bcf51c 100644 --- a/src/lib/libcrypto/bn/expspeed.c +++ b/src/lib/libcrypto/bn/expspeed.c @@ -1,3 +1,5 @@ +/* unused */ + /* crypto/bn/expspeed.c */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. @@ -59,6 +61,31 @@ /* most of this code has been pilfered from my libdes speed.c program */ #define BASENUM 5000 +#define NUM_START 0 + + +/* determine timings for modexp, modmul, modsqr, gcd, Kronecker symbol, + * modular inverse, or modular square roots */ +#define TEST_EXP +#undef TEST_MUL +#undef TEST_SQR +#undef TEST_GCD +#undef TEST_KRON +#undef TEST_INV +#undef TEST_SQRT +#define P_MOD_64 9 /* least significant 6 bits for prime to be used for BN_sqrt timings */ + +#if defined(TEST_EXP) + defined(TEST_MUL) + defined(TEST_SQR) + defined(TEST_GCD) + defined(TEST_KRON) + defined(TEST_INV) +defined(TEST_SQRT) != 1 +# error "choose one test" +#endif + +#if defined(TEST_INV) || defined(TEST_SQRT) +# define C_PRIME +static void genprime_cb(int p, int n, void *arg); +#endif + + + #undef PROG #define PROG bnspeed_main @@ -66,14 +93,14 @@ #include #include #include -#include "crypto.h" -#include "err.h" +#include +#include +#include -#ifndef MSDOS +#if !defined(OPENSSL_SYS_MSDOS) && (!defined(OPENSSL_SYS_VMS) || defined(__DECC)) && !defined(OPENSSL_SYS_MACOSX) #define TIMES #endif -#ifndef VMS #ifndef _IRIX #include #endif @@ -81,36 +108,33 @@ #include #include #endif -#else /* VMS */ -#include -struct tms { - time_t tms_utime; - time_t tms_stime; - time_t tms_uchild; /* I dunno... */ - time_t tms_uchildsys; /* so these names are a guess :-) */ - } + +/* Depending on the VMS version, the tms structure is perhaps defined. + The __TMS macro will show if it was. If it wasn't defined, we should + undefine TIMES, since that tells the rest of the program how things + should be handled. -- Richard Levitte */ +#if defined(OPENSSL_SYS_VMS_DECC) && !defined(__TMS) +#undef TIMES #endif + #ifndef TIMES #include #endif -#ifdef sun +#if defined(sun) || defined(__ultrix) +#define _POSIX_SOURCE #include #include #endif -#include "bn.h" -#include "x509.h" +#include +#include /* The following if from times(3) man page. It may need to be changed */ #ifndef HZ # ifndef CLK_TCK # ifndef _BSD_CLK_TCK_ /* FreeBSD hack */ -# ifndef VMS -# define HZ 100.0 -# else /* VMS */ -# define HZ 100.0 -# endif +# define HZ 100.0 # else /* _BSD_CLK_TCK_ */ # define HZ ((double)_BSD_CLK_TCK_) # endif @@ -123,17 +147,11 @@ struct tms { #define BUFSIZE ((long)1024*8) int run=0; -#ifndef NOPROTO static double Time_F(int s); -#else -static double Time_F(); -#endif - #define START 0 #define STOP 1 -static double Time_F(s) -int s; +static double Time_F(int s) { double ret; #ifdef TIMES @@ -169,62 +187,167 @@ int s; #endif } -#define NUM_SIZES 6 -static int sizes[NUM_SIZES]={256,512,1024,2048,4096,8192}; -static int mul_c[NUM_SIZES]={8*8*8*8*8,8*8*8*8,8*8*8,8*8,8,1}; +#define NUM_SIZES 7 +#if NUM_START > NUM_SIZES +# error "NUM_START > NUM_SIZES" +#endif +static int sizes[NUM_SIZES]={128,256,512,1024,2048,4096,8192}; +static int mul_c[NUM_SIZES]={8*8*8*8*8*8,8*8*8*8*8,8*8*8*8,8*8*8,8*8,8,1}; /*static int sizes[NUM_SIZES]={59,179,299,419,539}; */ +#define RAND_SEED(string) { const char str[] = string; RAND_seed(string, sizeof str); } + void do_mul_exp(BIGNUM *r,BIGNUM *a,BIGNUM *b,BIGNUM *c,BN_CTX *ctx); -int main(argc,argv) -int argc; -char **argv; +int main(int argc, char **argv) { BN_CTX *ctx; BIGNUM *a,*b,*c,*r; +#if 1 + if (!CRYPTO_set_mem_debug_functions(0,0,0,0,0)) + abort(); +#endif + ctx=BN_CTX_new(); a=BN_new(); b=BN_new(); c=BN_new(); r=BN_new(); + while (!RAND_status()) + /* not enough bits */ + RAND_SEED("I demand a manual recount!"); + do_mul_exp(r,a,b,c,ctx); + return 0; } -void do_mul_exp(r,a,b,c,ctx) -BIGNUM *r; -BIGNUM *a; -BIGNUM *b; -BIGNUM *c; -BN_CTX *ctx; +void do_mul_exp(BIGNUM *r, BIGNUM *a, BIGNUM *b, BIGNUM *c, BN_CTX *ctx) { int i,k; double tm; long num; - BN_MONT_CTX m; - - memset(&m,0,sizeof(m)); num=BASENUM; - for (i=0; i %8.3fms %5.1f\n",sizes[i],sizes[i],sizes[i],tm*1000.0/num,tm*mul_c[i]/num); + printf( +#if defined(TEST_EXP) + "modexp %4d ^ %4d %% %4d" +#elif defined(TEST_MUL) + "50*modmul %4d %4d %4d" +#elif defined(TEST_SQR) + "100*modsqr %4d %4d %4d" +#elif defined(TEST_GCD) + "3*gcd %4d %4d %4d" +#elif defined(TEST_KRON) + "3*kronecker %4d %4d %4d" +#elif defined(TEST_INV) + "2*inv %4d %4d mod %4d" +#else /* TEST_SQRT */ + "2*sqrt [prime == %d (mod 64)] %4d %4d mod %4d" +#endif + " -> %8.3fms %5.1f (%ld)\n", +#ifdef TEST_SQRT + P_MOD_64, +#endif + sizes[i],sizes[i],sizes[i],tm*1000.0/num,tm*mul_c[i]/num, num); num/=7; if (num <= 0) num=1; } + return; + err: + ERR_print_errors_fp(stderr); } + +#ifdef C_PRIME +static void genprime_cb(int p, int n, void *arg) + { + char c='*'; + + if (p == 0) c='.'; + if (p == 1) c='+'; + if (p == 2) c='*'; + if (p == 3) c='\n'; + putc(c, stderr); + fflush(stderr); + (void)n; + (void)arg; + } +#endif diff --git a/src/lib/libcrypto/bn/exptest.c b/src/lib/libcrypto/bn/exptest.c index 67dc95d726..5ca570d1a8 100644 --- a/src/lib/libcrypto/bn/exptest.c +++ b/src/lib/libcrypto/bn/exptest.c @@ -59,30 +59,37 @@ #include #include #include -#include "bio.h" -#include "bn.h" -#include "rand.h" -#include "err.h" -#ifdef WINDOWS +#include +#include +#include +#include +#ifdef OPENSSL_SYS_WINDOWS #include "../bio/bss_file.c" #endif #define NUM_BITS (BN_BITS*2) -int main(argc,argv) -int argc; -char *argv[]; +static const char rnd_seed[] = "string to make the random number generator think it has entropy"; + +int main(int argc, char *argv[]) { BN_CTX *ctx; BIO *out=NULL; int i,ret; unsigned char c; - BIGNUM *r_mont,*r_recp,*a,*b,*m; + BIGNUM *r_mont,*r_recp,*r_simple,*a,*b,*m; + + RAND_seed(rnd_seed, sizeof rnd_seed); /* or BN_rand may fail, and we don't + * even check its return value + * (which we should) */ + + ERR_load_BN_strings(); ctx=BN_CTX_new(); if (ctx == NULL) exit(1); r_mont=BN_new(); r_recp=BN_new(); + r_simple=BN_new(); a=BN_new(); b=BN_new(); m=BN_new(); @@ -114,29 +121,61 @@ char *argv[]; ret=BN_mod_exp_mont(r_mont,a,b,m,ctx,NULL); if (ret <= 0) - { printf("BN_mod_exp_mont() problems\n"); exit(1); } + { + printf("BN_mod_exp_mont() problems\n"); + ERR_print_errors(out); + exit(1); + } ret=BN_mod_exp_recp(r_recp,a,b,m,ctx); if (ret <= 0) - { printf("BN_mod_exp_recp() problems\n"); exit(1); } - - if (BN_cmp(r_mont,r_recp) != 0) { - printf("\nmont and recp results differ\n"); + printf("BN_mod_exp_recp() problems\n"); + ERR_print_errors(out); + exit(1); + } + + ret=BN_mod_exp_simple(r_simple,a,b,m,ctx); + if (ret <= 0) + { + printf("BN_mod_exp_simple() problems\n"); + ERR_print_errors(out); + exit(1); + } + + if (BN_cmp(r_simple, r_mont) == 0 + && BN_cmp(r_simple,r_recp) == 0) + { + printf("."); + fflush(stdout); + } + else + { + if (BN_cmp(r_simple,r_mont) != 0) + printf("\nsimple and mont results differ\n"); + if (BN_cmp(r_simple,r_recp) != 0) + printf("\nsimple and recp results differ\n"); + printf("a (%3d) = ",BN_num_bits(a)); BN_print(out,a); printf("\nb (%3d) = ",BN_num_bits(b)); BN_print(out,b); printf("\nm (%3d) = ",BN_num_bits(m)); BN_print(out,m); + printf("\nsimple ="); BN_print(out,r_simple); printf("\nrecp ="); BN_print(out,r_recp); printf("\nmont ="); BN_print(out,r_mont); printf("\n"); exit(1); } - else - { - printf("."); - fflush(stdout); - } } + BN_free(r_mont); + BN_free(r_recp); + BN_free(r_simple); + BN_free(a); + BN_free(b); + BN_free(m); + BN_CTX_free(ctx); + ERR_remove_state(0); + CRYPTO_mem_leaks(out); + BIO_free(out); printf(" done\n"); exit(0); err: diff --git a/src/lib/libcrypto/bn/vms-helper.c b/src/lib/libcrypto/bn/vms-helper.c index 73af337069..4b63149bf3 100644 --- a/src/lib/libcrypto/bn/vms-helper.c +++ b/src/lib/libcrypto/bn/vms-helper.c @@ -59,8 +59,10 @@ bn_div_words_abort(int i) { -#if !defined(NO_STDIO) && !defined(WIN16) +#ifdef BN_DEBUG +#if !defined(OPENSSL_NO_STDIO) && !defined(OPENSSL_SYS_WIN16) fprintf(stderr,"Division would overflow (%d)\n",i); #endif abort(); +#endif } diff --git a/src/lib/libcrypto/cast/cast_spd.c b/src/lib/libcrypto/cast/cast_spd.c index ab75e65386..76abf50d98 100644 --- a/src/lib/libcrypto/cast/cast_spd.c +++ b/src/lib/libcrypto/cast/cast_spd.c @@ -59,19 +59,17 @@ /* 11-Sep-92 Andrew Daviel Support for Silicon Graphics IRIX added */ /* 06-Apr-92 Luke Brennan Support for VMS and add extra signal calls */ -#ifndef MSDOS +#if !defined(OPENSSL_SYS_MSDOS) && (!defined(OPENSSL_SYS_VMS) || defined(__DECC)) && !defined(OPENSSL_SYS_MACOSX) #define TIMES #endif #include -#ifndef MSDOS -#include -#else -#include -extern int exit(); -#endif + +#include +#include OPENSSL_UNISTD_IO +OPENSSL_DECLARE_EXIT + #include -#ifndef VMS #ifndef _IRIX #include #endif @@ -79,34 +77,31 @@ extern int exit(); #include #include #endif -#else /* VMS */ -#include -struct tms { - time_t tms_utime; - time_t tms_stime; - time_t tms_uchild; /* I dunno... */ - time_t tms_uchildsys; /* so these names are a guess :-) */ - } + +/* Depending on the VMS version, the tms structure is perhaps defined. + The __TMS macro will show if it was. If it wasn't defined, we should + undefine TIMES, since that tells the rest of the program how things + should be handled. -- Richard Levitte */ +#if defined(OPENSSL_SYS_VMS_DECC) && !defined(__TMS) +#undef TIMES #endif + #ifndef TIMES #include #endif -#ifdef sun +#if defined(sun) || defined(__ultrix) +#define _POSIX_SOURCE #include #include #endif -#include "cast.h" +#include /* The following if from times(3) man page. It may need to be changed */ #ifndef HZ #ifndef CLK_TCK -#ifndef VMS -#define HZ 100.0 -#else /* VMS */ #define HZ 100.0 -#endif #else /* CLK_TCK */ #define HZ ((double)CLK_TCK) #endif @@ -115,12 +110,7 @@ struct tms { #define BUFSIZE ((long)1024) long run=0; -#ifndef NOPROTO double Time_F(int s); -#else -double Time_F(); -#endif - #ifdef SIGALRM #if defined(__STDC__) || defined(sgi) || defined(_AIX) #define SIGRETTYPE void @@ -128,14 +118,8 @@ double Time_F(); #define SIGRETTYPE int #endif -#ifndef NOPROTO SIGRETTYPE sig_done(int sig); -#else -SIGRETTYPE sig_done(); -#endif - -SIGRETTYPE sig_done(sig) -int sig; +SIGRETTYPE sig_done(int sig) { signal(SIGALRM,sig_done); run=0; @@ -148,8 +132,7 @@ int sig; #define START 0 #define STOP 1 -double Time_F(s) -int s; +double Time_F(int s) { double ret; #ifdef TIMES @@ -185,9 +168,7 @@ int s; #endif } -int main(argc,argv) -int argc; -char **argv; +int main(int argc, char **argv) { long count; static unsigned char buf[BUFSIZE]; @@ -202,7 +183,7 @@ char **argv; #endif #ifndef TIMES - printf("To get the most acurate results, try to run this\n"); + printf("To get the most accurate results, try to run this\n"); printf("program when this computer is idle.\n"); #endif @@ -287,7 +268,7 @@ char **argv; printf("CAST raw ecb bytes per sec = %12.2f (%9.3fuS)\n",b,8.0e6/b); printf("CAST cbc bytes per sec = %12.2f (%9.3fuS)\n",c,8.0e6/c); exit(0); -#if defined(LINT) || defined(MSDOS) +#if defined(LINT) || defined(OPENSSL_SYS_MSDOS) return(0); #endif } diff --git a/src/lib/libcrypto/cast/castopts.c b/src/lib/libcrypto/cast/castopts.c index 68cf5a4a60..1b858d153b 100644 --- a/src/lib/libcrypto/cast/castopts.c +++ b/src/lib/libcrypto/cast/castopts.c @@ -59,19 +59,17 @@ /* define PART1, PART2, PART3 or PART4 to build only with a few of the options. * This is for machines with 64k code segment size restrictions. */ -#ifndef MSDOS +#if !defined(OPENSSL_SYS_MSDOS) && (!defined(OPENSSL_SYS_VMS) || defined(__DECC)) #define TIMES #endif #include -#ifndef MSDOS -#include -#else -#include -extern void exit(); -#endif + +#include +#include OPENSSL_UNISTD_IO +OPENSSL_DECLARE_EXIT + #include -#ifndef VMS #ifndef _IRIX #include #endif @@ -79,25 +77,26 @@ extern void exit(); #include #include #endif -#else /* VMS */ -#include -struct tms { - time_t tms_utime; - time_t tms_stime; - time_t tms_uchild; /* I dunno... */ - time_t tms_uchildsys; /* so these names are a guess :-) */ - } + +/* Depending on the VMS version, the tms structure is perhaps defined. + The __TMS macro will show if it was. If it wasn't defined, we should + undefine TIMES, since that tells the rest of the program how things + should be handled. -- Richard Levitte */ +#if defined(OPENSSL_SYS_VMS_DECC) && !defined(__TMS) +#undef TIMES #endif + #ifndef TIMES #include #endif -#ifdef sun +#if defined(sun) || defined(__ultrix) +#define _POSIX_SOURCE #include #include #endif -#include "cast.h" +#include #define CAST_DEFAULT_OPTIONS @@ -136,11 +135,7 @@ struct tms { #ifndef HZ # ifndef CLK_TCK # ifndef _BSD_CLK_TCK_ /* FreeBSD fix */ -# ifndef VMS -# define HZ 100.0 -# else /* VMS */ -# define HZ 100.0 -# endif +# define HZ 100.0 # else /* _BSD_CLK_TCK_ */ # define HZ ((double)_BSD_CLK_TCK_) # endif @@ -152,12 +147,7 @@ struct tms { #define BUFSIZE ((long)1024) long run=0; -#ifndef NOPROTO double Time_F(int s); -#else -double Time_F(); -#endif - #ifdef SIGALRM #if defined(__STDC__) || defined(sgi) #define SIGRETTYPE void @@ -165,14 +155,8 @@ double Time_F(); #define SIGRETTYPE int #endif -#ifndef NOPROTO SIGRETTYPE sig_done(int sig); -#else -SIGRETTYPE sig_done(); -#endif - -SIGRETTYPE sig_done(sig) -int sig; +SIGRETTYPE sig_done(int sig) { signal(SIGALRM,sig_done); run=0; @@ -185,8 +169,7 @@ int sig; #define START 0 #define STOP 1 -double Time_F(s) -int s; +double Time_F(int s) { double ret; #ifdef TIMES @@ -247,9 +230,7 @@ int s; fprintf(stderr,"%s bytes per sec = %12.2f (%5.1fuS)\n",name, \ tm[index]*8,1.0e6/tm[index]); -int main(argc,argv) -int argc; -char **argv; +int main(int argc, char **argv) { long count; static unsigned char buf[BUFSIZE]; @@ -271,7 +252,7 @@ char **argv; } #ifndef TIMES - fprintf(stderr,"To get the most acurate results, try to run this\n"); + fprintf(stderr,"To get the most accurate results, try to run this\n"); fprintf(stderr,"program when this computer is idle.\n"); #endif @@ -351,7 +332,7 @@ char **argv; break; } exit(0); -#if defined(LINT) || defined(MSDOS) +#if defined(LINT) || defined(OPENSSL_SYS_MSDOS) return(0); #endif } diff --git a/src/lib/libcrypto/cast/casts.cpp b/src/lib/libcrypto/cast/casts.cpp index bac7be2c9c..8d7bd468d2 100644 --- a/src/lib/libcrypto/cast/casts.cpp +++ b/src/lib/libcrypto/cast/casts.cpp @@ -32,7 +32,7 @@ void GetTSC(unsigned long& tsc) #include #include -#include "cast.h" +#include void main(int argc,char *argv[]) { diff --git a/src/lib/libcrypto/cast/casttest.c b/src/lib/libcrypto/cast/casttest.c index 8b009bc249..099e790886 100644 --- a/src/lib/libcrypto/cast/casttest.c +++ b/src/lib/libcrypto/cast/casttest.c @@ -59,36 +59,44 @@ #include #include #include -#include "cast.h" -/* #define FULL_TEST */ +#ifdef OPENSSL_NO_CAST +int main(int argc, char *argv[]) +{ + printf("No CAST support\n"); + return(0); +} +#else +#include -unsigned char k[16]={ +#define FULL_TEST + +static unsigned char k[16]={ 0x01,0x23,0x45,0x67,0x12,0x34,0x56,0x78, 0x23,0x45,0x67,0x89,0x34,0x56,0x78,0x9A }; -unsigned char in[8]={ 0x01,0x23,0x45,0x67,0x89,0xAB,0xCD,0xEF}; +static unsigned char in[8]={ 0x01,0x23,0x45,0x67,0x89,0xAB,0xCD,0xEF}; -int k_len[3]={16,10}; -unsigned char c[3][8]={ +static int k_len[3]={16,10,5}; +static unsigned char c[3][8]={ {0x23,0x8B,0x4F,0xE5,0x84,0x7E,0x44,0xB2}, {0xEB,0x6A,0x71,0x1A,0x2C,0x02,0x27,0x1B}, {0x7A,0xC8,0x16,0xD1,0x6E,0x9B,0x30,0x2E}, }; -unsigned char out[80]; +static unsigned char out[80]; -unsigned char in_a[16]={ +static unsigned char in_a[16]={ 0x01,0x23,0x45,0x67,0x12,0x34,0x56,0x78, 0x23,0x45,0x67,0x89,0x34,0x56,0x78,0x9A}; -unsigned char in_b[16]={ +static unsigned char in_b[16]={ 0x01,0x23,0x45,0x67,0x12,0x34,0x56,0x78, 0x23,0x45,0x67,0x89,0x34,0x56,0x78,0x9A}; -unsigned char c_a[16]={ +static unsigned char c_a[16]={ 0xEE,0xA9,0xD0,0xA2,0x49,0xFD,0x3B,0xA6, 0xB3,0x43,0x6F,0xB8,0x9D,0x6D,0xCA,0x92}; -unsigned char c_b[16]={ +static unsigned char c_b[16]={ 0xB2,0xC9,0x5E,0xB0,0x0C,0x31,0xAD,0x71, 0x80,0xAC,0x05,0xB8,0xE8,0x3D,0x69,0x6E}; @@ -120,104 +128,103 @@ static unsigned char cfb_cipher64[CFB_TEST_SIZE]={ }; #endif -int main(argc,argv) -int argc; -char *argv[]; - { +int main(int argc, char *argv[]) + { #ifdef FULL_TEST - long l; - CAST_KEY key_b; + long l; + CAST_KEY key_b; #endif - int i,z,err=0; - CAST_KEY key; + int i,z,err=0; + CAST_KEY key; - for (z=0; z<1; z++) - { + for (z=0; z<3; z++) + { CAST_set_key(&key,k_len[z],k); CAST_ecb_encrypt(in,out,&key,CAST_ENCRYPT); if (memcmp(out,&(c[z][0]),8) != 0) - { - printf("ecb cast error encrypting\n"); - printf("got :"); - for (i=0; i<8; i++) - printf("%02X ",out[i]); - printf("\n"); - printf("expected:"); - for (i=0; i<8; i++) - printf("%02X ",c[z][i]); - err=20; - printf("\n"); - } + { + printf("ecb cast error encrypting for keysize %d\n",k_len[z]*8); + printf("got :"); + for (i=0; i<8; i++) + printf("%02X ",out[i]); + printf("\n"); + printf("expected:"); + for (i=0; i<8; i++) + printf("%02X ",c[z][i]); + err=20; + printf("\n"); + } CAST_ecb_encrypt(out,out,&key,CAST_DECRYPT); if (memcmp(out,in,8) != 0) - { - printf("ecb cast error decrypting\n"); - printf("got :"); - for (i=0; i<8; i++) - printf("%02X ",out[i]); - printf("\n"); - printf("expected:"); - for (i=0; i<8; i++) - printf("%02X ",in[i]); - printf("\n"); - err=3; - } + { + printf("ecb cast error decrypting for keysize %d\n",k_len[z]*8); + printf("got :"); + for (i=0; i<8; i++) + printf("%02X ",out[i]); + printf("\n"); + printf("expected:"); + for (i=0; i<8; i++) + printf("%02X ",in[i]); + printf("\n"); + err=3; + } } - if (err == 0) printf("ecb cast5 ok\n"); + if (err == 0) + printf("ecb cast5 ok\n"); #ifdef FULL_TEST - { - unsigned char out_a[16],out_b[16]; - static char *hex="0123456789ABCDEF"; - - printf("This test will take some time...."); - fflush(stdout); - memcpy(out_a,in_a,sizeof(in_a)); - memcpy(out_b,in_b,sizeof(in_b)); - i=1; - - for (l=0; l<1000000L; l++) - { - CAST_set_key(&key_b,16,out_b); - CAST_ecb_encrypt(&(out_a[0]),&(out_a[0]),&key_b,CAST_ENCRYPT); - CAST_ecb_encrypt(&(out_a[8]),&(out_a[8]),&key_b,CAST_ENCRYPT); - CAST_set_key(&key,16,out_a); - CAST_ecb_encrypt(&(out_b[0]),&(out_b[0]),&key,CAST_ENCRYPT); - CAST_ecb_encrypt(&(out_b[8]),&(out_b[8]),&key,CAST_ENCRYPT); - if ((l & 0xffff) == 0xffff) - { - printf("%c",hex[i&0x0f]); - fflush(stdout); - i++; - } - } - - if ( (memcmp(out_a,c_a,sizeof(c_a)) != 0) || + { + unsigned char out_a[16],out_b[16]; + static char *hex="0123456789ABCDEF"; + + printf("This test will take some time...."); + fflush(stdout); + memcpy(out_a,in_a,sizeof(in_a)); + memcpy(out_b,in_b,sizeof(in_b)); + i=1; + + for (l=0; l<1000000L; l++) + { + CAST_set_key(&key_b,16,out_b); + CAST_ecb_encrypt(&(out_a[0]),&(out_a[0]),&key_b,CAST_ENCRYPT); + CAST_ecb_encrypt(&(out_a[8]),&(out_a[8]),&key_b,CAST_ENCRYPT); + CAST_set_key(&key,16,out_a); + CAST_ecb_encrypt(&(out_b[0]),&(out_b[0]),&key,CAST_ENCRYPT); + CAST_ecb_encrypt(&(out_b[8]),&(out_b[8]),&key,CAST_ENCRYPT); + if ((l & 0xffff) == 0xffff) + { + printf("%c",hex[i&0x0f]); + fflush(stdout); + i++; + } + } + + if ( (memcmp(out_a,c_a,sizeof(c_a)) != 0) || (memcmp(out_b,c_b,sizeof(c_b)) != 0)) - { - printf("\n"); - printf("Error\n"); - - printf("A out ="); - for (i=0; i<16; i++) printf("%02X ",out_a[i]); - printf("\nactual="); - for (i=0; i<16; i++) printf("%02X ",c_a[i]); - printf("\n"); - - printf("B out ="); - for (i=0; i<16; i++) printf("%02X ",out_b[i]); - printf("\nactual="); - for (i=0; i<16; i++) printf("%02X ",c_b[i]); - printf("\n"); - } - else - printf(" ok\n"); - } + { + printf("\n"); + printf("Error\n"); + + printf("A out ="); + for (i=0; i<16; i++) printf("%02X ",out_a[i]); + printf("\nactual="); + for (i=0; i<16; i++) printf("%02X ",c_a[i]); + printf("\n"); + + printf("B out ="); + for (i=0; i<16; i++) printf("%02X ",out_b[i]); + printf("\nactual="); + for (i=0; i<16; i++) printf("%02X ",c_b[i]); + printf("\n"); + } + else + printf(" ok\n"); + } #endif - exit(err); - return(err); - } - + exit(err); + return(err); + } +#endif diff --git a/src/lib/libcrypto/conf/cnf_save.c b/src/lib/libcrypto/conf/cnf_save.c index c9018de10e..1439487526 100644 --- a/src/lib/libcrypto/conf/cnf_save.c +++ b/src/lib/libcrypto/conf/cnf_save.c @@ -57,28 +57,28 @@ */ #include -#include "conf.h" +#include -void print_conf(CONF_VALUE *cv); +static void print_conf(CONF_VALUE *cv); +static IMPLEMENT_LHASH_DOALL_FN(print_conf, CONF_VALUE *); main() { LHASH *conf; long l; - conf=CONF_load(NULL,"../../apps/ssleay.cnf",&l); + conf=CONF_load(NULL,"../../apps/openssl.cnf",&l); if (conf == NULL) { fprintf(stderr,"error loading config, line %ld\n",l); exit(1); } - lh_doall(conf,print_conf); + lh_doall(conf,LHASH_DOALL_FN(print_conf)); } -void print_conf(cv) -CONF_VALUE *cv; +static void print_conf(CONF_VALUE *cv) { int i; CONF_VALUE *v; diff --git a/src/lib/libcrypto/conf/test.c b/src/lib/libcrypto/conf/test.c index 899ee2a067..7fab85053e 100644 --- a/src/lib/libcrypto/conf/test.c +++ b/src/lib/libcrypto/conf/test.c @@ -58,7 +58,8 @@ #include #include -#include "conf.h" +#include +#include main() { @@ -66,7 +67,10 @@ main() long eline; char *s,*s2; - conf=CONF_load(NULL,"ssleay.conf",&eline); +#ifdef USE_WIN32 + CONF_set_default_method(CONF_WIN32); +#endif + conf=CONF_load(NULL,"ssleay.cnf",&eline); if (conf == NULL) { ERR_load_crypto_strings(); @@ -87,5 +91,8 @@ main() s=CONF_get_string(conf,"s_client","cipher1"); printf("s_client:cipher1=%s\n",(s == NULL)?"NULL":s); + printf("---------------------------- DUMP ------------------------\n"); + CONF_dump_fp(conf, stdout); + exit(0); } diff --git a/src/lib/libcrypto/crypto-lib.com b/src/lib/libcrypto/crypto-lib.com index bf916528eb..4847a69a71 100644 --- a/src/lib/libcrypto/crypto-lib.com +++ b/src/lib/libcrypto/crypto-lib.com @@ -14,7 +14,14 @@ $! $! It was re-written so it would try to determine what "C" compiler to use $! or you can specify which "C" compiler to use. $! -$! Specify RSAREF as P1 to compile with the RSAREF library instead of +$! Specify the following as P1 to build just that part or ALL to just +$! build everything. +$! +$! LIBRARY To just compile the [.xxx.EXE.CRYPTO]LIBCRYPTO.OLB Library. +$! APPS To just compile the [.xxx.EXE.CRYPTO]*.EXE +$! ALL To do both LIBRARY and APPS +$! +$! Specify RSAREF as P2 to compile with the RSAREF library instead of $! the regular one. If you specify NORSAREF it will compile with the $! regular RSAREF routines. (Note: If you are in the United States $! you MUST compile with RSAREF unless you have a license from RSA). @@ -26,10 +33,10 @@ $! directory structure stored. You have to extract the file $! into the [.RSAREF] directory under the root directory as that $! is where the scripts will look for the files. $! -$! Specify DEBUG or NODEBUG as P2 to compile with or without debugger +$! Specify DEBUG or NODEBUG as P3 to compile with or without debugger $! information. $! -$! Specify which compiler at P3 to try to compile under. +$! Specify which compiler at P4 to try to compile under. $! $! VAXC For VAX C. $! DECC For DEC C. @@ -38,15 +45,16 @@ $! $! If you don't speficy a compiler, it will try to determine which $! "C" compiler to use. $! -$! P4, if defined, sets a TCP/IP library to use, through one of the following +$! P5, if defined, sets a TCP/IP library to use, through one of the following $! keywords: $! $! UCX for UCX +$! TCPIP for TCPIP (post UCX) $! SOCKETSHR for SOCKETSHR+NETLIB $! -$! P5, if defined, sets a compiler thread NOT needed on OpenVMS 7.1 (and up) +$! P6, if defined, sets a compiler thread NOT needed on OpenVMS 7.1 (and up) $! -$! P6, if defined, sets a choice of crypto methods to compile. +$! P7, if defined, sets a choice of crypto methods to compile. $! WARNING: this should only be done to recompile some part of an already $! fully compiled library. $! @@ -79,12 +87,13 @@ $ ENDIF $! $! Define The Different Encryption Types. $! -$ ENCRYPT_TYPES = ",MD2,MD5,SHA,MDC2,HMAC,RIPEMD,"+ - +$ ENCRYPT_TYPES = "Basic,MD2,MD4,MD5,SHA,MDC2,HMAC,RIPEMD,"+ - "DES,RC2,RC4,RC5,IDEA,BF,CAST,"+ - - "BN,RSA,DSA,DH,"+ - + "BN,EC,RSA,DSA,DH,DSO,ENGINE,AES,"+ - "BUFFER,BIO,STACK,LHASH,RAND,ERR,OBJECTS,"+ - "EVP,EVP_2,ASN1,ASN1_2,PEM,X509,X509V3,"+ - - "CONF,TXT_DB,PKCS7,PKCS12,COMP" + "CONF,TXT_DB,PKCS7,PKCS12,COMP,OCSP,UI,KRB5" +$ ENCRYPT_PROGRAMS = "DES,PKCS7" $! $! Check To Make Sure We Have Valid Command Line Parameters. $! @@ -136,6 +145,14 @@ $! Define The Library Name. $! $ LIB_NAME := 'EXE_DIR'LIBCRYPTO.OLB $! +$! Define The CRYPTO-LIB We Are To Use. +$! +$ CRYPTO_LIB := 'EXE_DIR'LIBCRYPTO.OLB +$! +$! Define The RSAREF-LIB We Are To Use. +$! +$ RSAREF_LIB := SYS$DISK:[-.'ARCH'.EXE.RSAREF]LIBRSAGLUE.OLB +$! $! Check To See If We Already Have A "[.xxx.EXE.CRYPTO]LIBCRYPTO.OLB" Library... $! $ IF (F$SEARCH(LIB_NAME).EQS."") @@ -149,10 +166,18 @@ $! End The Library Check. $! $ ENDIF $! +$! Build our options file for the application +$! +$ GOSUB CHECK_OPT_FILE +$! $! Define The Different Encryption "library" Strings. $! -$ LIB_ = "cryptlib,mem,cversion,ex_data,tmdiff,cpt_err" +$ APPS_DES = "DES/DES,CBC3_ENC" +$ APPS_PKCS7 = "ENC/ENC;DEC/DEC;SIGN/SIGN;VERIFY/VERIFY,EXAMPLE" +$ +$ LIB_ = "cryptlib,mem,mem_dbg,cversion,ex_data,tmdiff,cpt_err,ebcdic,uid,o_time" $ LIB_MD2 = "md2_dgst,md2_one" +$ LIB_MD4 = "md4_dgst,md4_one" $ LIB_MD5 = "md5_dgst,md5_one" $ LIB_SHA = "sha_dgst,sha1dgst,sha_one,sha1_one" $ LIB_MDC2 = "mdc2dgst,mdc2_one" @@ -162,8 +187,9 @@ $ LIB_DES = "set_key,ecb_enc,cbc_enc,"+ - "ecb3_enc,cfb64enc,cfb64ede,cfb_enc,ofb64ede,"+ - "enc_read,enc_writ,ofb64enc,"+ - "ofb_enc,str2key,pcbc_enc,qud_cksm,rand_key,"+ - - "des_enc,fcrypt_b,read2pwd,"+ - - "fcrypt,xcbc_enc,read_pwd,rpc_enc,cbc_cksm,supp,ede_cbcm_enc" + "des_enc,fcrypt_b,"+ - + "fcrypt,xcbc_enc,rpc_enc,cbc_cksm,"+ - + "ede_cbcm_enc,des_old,des_old2,read2pwd" $ LIB_RC2 = "rc2_ecb,rc2_skey,rc2_cbc,rc2cfb64,rc2ofb64" $ LIB_RC4 = "rc4_skey,rc4_enc" $ LIB_RC5 = "rc5_skey,rc5_ecb,rc5_enc,rc5cfb64,rc5ofb64" @@ -171,84 +197,100 @@ $ LIB_IDEA = "i_cbc,i_cfb64,i_ofb64,i_ecb,i_skey" $ LIB_BF = "bf_skey,bf_ecb,bf_enc,bf_cfb64,bf_ofb64" $ LIB_CAST = "c_skey,c_ecb,c_enc,c_cfb64,c_ofb64" $ LIB_BN_ASM = "[.asm]vms.mar,vms-helper" -$ IF F$TRNLNM("OPENSSL_NO_ASM") .NES. "" THEN LIB_BN_ASM = "bn_asm" -$ LIB_BN = "bn_add,bn_div,bn_exp,bn_lib,bn_mul,"+ - +$ IF F$TRNLNM("OPENSSL_NO_ASM").OR.ARCH.EQS."AXP" THEN LIB_BN_ASM = "bn_asm" +$ LIB_BN = "bn_add,bn_div,bn_exp,bn_lib,bn_ctx,bn_mul,bn_mod,"+ - "bn_print,bn_rand,bn_shift,bn_word,bn_blind,"+ - - "bn_gcd,bn_prime,bn_err,bn_sqr,"+LIB_BN_ASM+",bn_recp,bn_mont,"+ - - "bn_mpi,bn_exp2" + "bn_kron,bn_sqrt,bn_gcd,bn_prime,bn_err,bn_sqr,"+LIB_BN_ASM+","+ - + "bn_recp,bn_mont,bn_mpi,bn_exp2" $ LIB_RSA = "rsa_eay,rsa_gen,rsa_lib,rsa_sign,rsa_saos,rsa_err,"+ - - "rsa_pk1,rsa_ssl,rsa_none,rsa_oaep,rsa_chk" -$ LIB_DSA = "dsa_gen,dsa_key,dsa_lib,dsa_asn1,dsa_vrf,dsa_sign,dsa_err" -$ LIB_DH = "dh_gen,dh_key,dh_lib,dh_check,dh_err" + "rsa_pk1,rsa_ssl,rsa_none,rsa_oaep,rsa_chk,rsa_null,"+ - + "rsa_asn1" +$ LIB_EC = "ec_lib,ecp_smpl,ecp_mont,ecp_recp,ecp_nist,ec_cvt,ec_mult,"+ - + "ec_err" +$ LIB_DSA = "dsa_gen,dsa_key,dsa_lib,dsa_asn1,dsa_vrf,dsa_sign,dsa_err,dsa_ossl" +$ LIB_DH = "dh_asn1,dh_gen,dh_key,dh_lib,dh_check,dh_err" +$ LIB_DSO = "dso_dl,dso_dlfcn,dso_err,dso_lib,dso_null,"+ - + "dso_openssl,dso_win32,dso_vms" +$ LIB_ENGINE = "eng_err,eng_lib,eng_list,eng_init,eng_ctrl,"+ - + "eng_table,eng_pkey,eng_fat,eng_all,"+ - + "tb_rsa,tb_dsa,tb_dh,tb_rand,tb_cipher,tb_digest,"+ - + "eng_openssl,eng_dyn,eng_cnf,"+ - + "hw_atalla,hw_cswift,hw_ncipher,hw_nuron,hw_ubsec,"+ - + "hw_openbsd_dev_crypto,hw_aep,hw_sureware,hw_4758_cca" +$ LIB_AES = "aes_core,aes_misc,aes_ecb,aes_cbc,aes_cfb,aes_ofb,aes_ctr" $ LIB_BUFFER = "buffer,buf_err" $ LIB_BIO = "bio_lib,bio_cb,bio_err,"+ - "bss_mem,bss_null,bss_fd,"+ - "bss_file,bss_sock,bss_conn,"+ - "bf_null,bf_buff,b_print,b_dump,"+ - - "b_sock,bss_acpt,bf_nbio,bss_rtcp,bss_bio" ! + ",bss_log" for syslog + "b_sock,bss_acpt,bf_nbio,bss_rtcp,bss_bio,bss_log,"+ - + "bf_lbuf" $ LIB_STACK = "stack" $ LIB_LHASH = "lhash,lh_stats" -$ LIB_RAND = "md_rand,randfile,rand_lib" +$ LIB_RAND = "md_rand,randfile,rand_lib,rand_err,rand_egd,"+ - + "rand_vms" $ LIB_ERR = "err,err_all,err_prn" $ LIB_OBJECTS = "o_names,obj_dat,obj_lib,obj_err" $ LIB_EVP = "encode,digest,evp_enc,evp_key,"+ - - "e_ecb_d,e_cbc_d,e_cfb_d,e_ofb_d,"+ - - "e_ecb_i,e_cbc_i,e_cfb_i,e_ofb_i,"+ - - "e_ecb_3d,e_cbc_3d,e_rc4,names,"+ - - "e_cfb_3d,e_ofb_3d,e_xcbc_d,"+ - - "e_ecb_r2,e_cbc_r2,e_cfb_r2,e_ofb_r2,"+ - - "e_ecb_bf,e_cbc_bf,e_cfb_bf,e_ofb_bf" -$ LIB_EVP_2 = "e_ecb_c,e_cbc_c,e_cfb_c,e_ofb_c,"+ - - "e_ecb_r5,e_cbc_r5,e_cfb_r5,e_ofb_r5,"+ - - "m_null,m_md2,m_md5,m_sha,m_sha1,m_dss,m_dss1,m_mdc2,"+ - - "m_ripemd,"+ - + "e_des,e_bf,e_idea,e_des3,"+ - + "e_rc4,e_aes,names,"+ - + "e_xcbc_d,e_rc2,e_cast,e_rc5" +$ LIB_EVP_2 = "m_null,m_md2,m_md4,m_md5,m_sha,m_sha1," + - + "m_dss,m_dss1,m_mdc2,m_ripemd,"+ - "p_open,p_seal,p_sign,p_verify,p_lib,p_enc,p_dec,"+ - "bio_md,bio_b64,bio_enc,evp_err,e_null,"+ - - "c_all,evp_lib,bio_ok,evp_pkey,evp_pbe,p5_crpt,p5_crpt2" + "c_all,c_allc,c_alld,evp_lib,bio_ok,"+- + "evp_pkey,evp_pbe,p5_crpt,p5_crpt2" $ LIB_ASN1 = "a_object,a_bitstr,a_utctm,a_gentm,a_time,a_int,a_octet,"+ - - "a_print,a_type,a_set,a_dup,a_d2i_fp,a_i2d_fp,a_bmp,"+ - - "a_enum,a_vis,a_utf8,a_sign,a_digest,a_verify,"+ - - "x_algor,x_val,x_pubkey,x_sig,x_req,x_attrib,"+ - - "x_name,x_cinf,x_x509,x_crl,x_info,x_spki,nsseq,"+ - - "d2i_r_pr,i2d_r_pr,d2i_r_pu,i2d_r_pu,"+ - - "d2i_s_pr,i2d_s_pr,d2i_s_pu,i2d_s_pu,"+ - + "a_print,a_type,a_set,a_dup,a_d2i_fp,a_i2d_fp,"+ - + "a_enum,a_utf8,a_sign,a_digest,a_verify,a_mbstr,a_strex,"+ - + "x_algor,x_val,x_pubkey,x_sig,x_req,x_attrib,x_bignum,"+ - + "x_long,x_name,x_x509,x_x509a,x_crl,x_info,x_spki,nsseq,"+ - "d2i_pu,d2i_pr,i2d_pu,i2d_pr" -$ LIB_ASN1_2 = "t_req,t_x509,t_crl,t_pkey,"+ - - "p7_i_s,p7_signi,p7_signd,p7_recip,p7_enc_c,p7_evp,"+ - - "p7_dgst,p7_s_e,p7_enc,p7_lib,"+ - - "f_int,f_string,i2d_dhp,i2d_dsap,d2i_dhp,d2i_dsap,n_pkey,"+ - +$ LIB_ASN1_2 = "t_req,t_x509,t_x509a,t_crl,t_pkey,t_spki,t_bitst,"+ - + "tasn_new,tasn_fre,tasn_enc,tasn_dec,tasn_utl,tasn_typ,"+ - + "f_int,f_string,n_pkey,"+ - "f_enum,a_hdr,x_pkey,a_bool,x_exten,"+ - - "asn1_par,asn1_lib,asn1_err,a_meth,a_bytes,"+ - - "evp_asn1,asn_pack,p5_pbe,p5_pbev2,p8_pkey" -$ LIB_PEM = "pem_sign,pem_seal,pem_info,pem_lib,pem_all,pem_err" + "asn1_par,asn1_lib,asn1_err,a_meth,a_bytes,a_strnid,"+ - + "evp_asn1,asn_pack,p5_pbe,p5_pbev2,p8_pkey,asn_moid" +$ LIB_PEM = "pem_sign,pem_seal,pem_info,pem_lib,pem_all,pem_err,"+ - + "pem_x509,pem_xaux,pem_oth,pem_pk8,pem_pkey" $ LIB_X509 = "x509_def,x509_d2,x509_r2x,x509_cmp,"+ - - "x509_obj,x509_req,x509_vfy,"+ - - "x509_set,x509rset,x509_err,"+ - - "x509name,x509_v3,x509_ext,"+ - + "x509_obj,x509_req,x509spki,x509_vfy,"+ - + "x509_set,x509cset,x509rset,x509_err,"+ - + "x509name,x509_v3,x509_ext,x509_att,"+ - "x509type,x509_lu,x_all,x509_txt,"+ - - "by_file,by_dir" + "x509_trs,by_file,by_dir" $ LIB_X509V3 = "v3_bcons,v3_bitst,v3_conf,v3_extku,v3_ia5,v3_lib,"+ - "v3_prn,v3_utl,v3err,v3_genn,v3_alt,v3_skey,v3_akey,v3_pku,"+ - - "v3_int,v3_enum,v3_sxnet,v3_cpols,v3_crld" -$ LIB_CONF = "conf,conf_err" + "v3_int,v3_enum,v3_sxnet,v3_cpols,v3_crld,v3_purp,v3_info,"+ - + "v3_ocsp,v3_akeya" +$ LIB_CONF = "conf_err,conf_lib,conf_api,conf_def,conf_mod,conf_mall" $ LIB_TXT_DB = "txt_db" -$ LIB_PKCS7 = "pk7_lib,pkcs7err,pk7_doit" -$ LIB_PKCS12 = "p12_add,p12_attr,p12_bags,p12_crpt,p12_crt,p12_decr,"+ - - "p12_init,p12_key,p12_kiss,p12_lib,p12_mac,p12_mutl,"+ - - "p12_sbag,p12_utl,pk12err" +$ LIB_PKCS7 = "pk7_asn1,pk7_lib,pkcs7err,pk7_doit,pk7_smime,pk7_attr,"+ - + "pk7_mime" +$ LIB_PKCS12 = "p12_add,p12_asn,p12_attr,p12_crpt,p12_crt,p12_decr,"+ - + "p12_init,p12_key,p12_kiss,p12_mutl,"+ - + "p12_utl,p12_npas,pk12err,p12_p8d,p12_p8e" $ LIB_COMP = "comp_lib,"+ - "c_rle,c_zlib" +$ LIB_OCSP = "ocsp_asn,ocsp_ext,ocsp_ht,ocsp_lib,ocsp_cl,"+ - + "ocsp_srv,ocsp_prn,ocsp_vfy,ocsp_err" +$ LIB_UI_COMPAT = ",ui_compat" +$ LIB_UI = "ui_err,ui_lib,ui_openssl,ui_util"+LIB_UI_COMPAT +$ LIB_KRB5 = "krb5_asn" $! $! Setup exceptional compilations $! $ COMPILEWITH_CC3 = ",bss_rtcp," -$ COMPILEWITH_CC4 = ",a_utctm," -$ COMPILEWITH_CC5 = ",md2_dgst,md5_dgst,mdc2dgst,sha_dgst,sha1dgst," + - - "rmd_dgst,bf_enc," +$ COMPILEWITH_CC4 = ",a_utctm,bss_log,o_time," +$ COMPILEWITH_CC5 = ",md2_dgst,md4_dgst,md5_dgst,mdc2dgst," + - + "sha_dgst,sha1dgst,rmd_dgst,bf_enc," $! $! Check To See If We Are Going To Use RSAREF. $! -$ IF (RSAREF.EQS."TRUE" .AND. ENCRYPT_TYPES - "RSA".NES.ENCRYPT_TYPES) +$ IF (RSAREF.EQS."TRUE" .AND. ENCRYPT_TYPES - "RSA".NES.ENCRYPT_TYPES - + .AND. (BUILDALL .EQS. "TRUE" .OR. BUILDALL .EQS. "LIBRARY")) $ THEN $! $! Check To See If The File [-.RSAREF]RSAREF.C Is Actually There. @@ -256,10 +298,10 @@ $! $ IF (F$SEARCH("SYS$DISK:[-.RSAREF]RSAREF.C").EQS."") $ THEN $! -$! Tell The User That The File Dosen't Exist. +$! Tell The User That The File Doesn't Exist. $! $ WRITE SYS$OUTPUT "" -$ WRITE SYS$OUTPUT "The File [-.RSAREF]RSAREF.C Dosen't Exist." +$ WRITE SYS$OUTPUT "The File [-.RSAREF]RSAREF.C Doesn't Exist." $ WRITE SYS$OUTPUT "" $! $! Exit The Build. @@ -291,10 +333,10 @@ $! $ IF (F$SEARCH("SYS$DISK:[-.RSAREF]RSAR_ERR.C").EQS."") $ THEN $! -$! Tell The User That The File Dosen't Exist. +$! Tell The User That The File Doesn't Exist. $! $ WRITE SYS$OUTPUT "" -$ WRITE SYS$OUTPUT "The File [-.RSAREF]RSAR_ERR.C Dosen't Exist." +$ WRITE SYS$OUTPUT "The File [-.RSAREF]RSAR_ERR.C Doesn't Exist." $ WRITE SYS$OUTPUT "" $! $! Exit The Build. @@ -340,6 +382,8 @@ $! $! Extract The Module Name From The Encryption List. $! $ MODULE_NAME = F$ELEMENT(MODULE_COUNTER,",",ENCRYPT_TYPES) +$ IF MODULE_NAME.EQS."Basic" THEN MODULE_NAME = "" +$ MODULE_NAME1 = MODULE_NAME $! $! Check To See If We Are At The End Of The Module List. $! @@ -358,20 +402,10 @@ $! Increment The Moudle Counter. $! $ MODULE_COUNTER = MODULE_COUNTER + 1 $! -$! Tell The User What Module We Are Building. -$! -$ IF (MODULE_NAME.NES."") -$ THEN -$ WRITE SYS$OUTPUT "Compiling The ",MODULE_NAME," Files." -$ ENDIF -$! -$! Define A File Counter And Set It To "0". -$! -$ FILE_COUNTER = 0 -$! -$! Create The Library Module Name. +$! Create The Library and Apps Module Names. $! $ LIB_MODULE = "LIB_" + MODULE_NAME +$ APPS_MODULE = "APPS_" + MODULE_NAME $ IF (MODULE_NAME.EQS."ASN1_2") $ THEN $ MODULE_NAME = "ASN1" @@ -381,6 +415,11 @@ $ THEN $ MODULE_NAME = "EVP" $ ENDIF $! +$! Set state (can be LIB and APPS) +$! +$ STATE = "LIB" +$ IF BUILDALL .EQS. "APPS" THEN STATE = "APPS" +$! $! Check if the library module name actually is defined $! $ IF F$TYPE('LIB_MODULE') .EQS. "" @@ -391,22 +430,92 @@ $ WRITE SYS$ERROR "" $ GOTO MODULE_NEXT $ ENDIF $! +$! Top Of The Module Loop. +$! +$ MODULE_AGAIN: +$! +$! Tell The User What Module We Are Building. +$! +$ IF (MODULE_NAME1.NES."") +$ THEN +$ IF STATE .EQS. "LIB" +$ THEN +$ WRITE SYS$OUTPUT "Compiling The ",MODULE_NAME1," Library Files. (",BUILDALL,",",STATE,")" +$ ELSE IF F$TYPE('APPS_MODULE') .NES. "" +$ THEN +$ WRITE SYS$OUTPUT "Compiling The ",MODULE_NAME1," Applications. (",BUILDALL,",",STATE,")" +$ ENDIF +$ ENDIF +$ ENDIF +$! +$! Define A File Counter And Set It To "0". +$! +$ FILE_COUNTER = 0 +$ APPLICATION = "" +$ APPLICATION_COUNTER = 0 +$! $! Top Of The File Loop. $! $ NEXT_FILE: $! -$! O.K, Extract The File Name From The File List. +$! Look in the LIB_MODULE is we're in state LIB $! -$ FILE_NAME = F$ELEMENT(FILE_COUNTER,",",'LIB_MODULE') +$ IF STATE .EQS. "LIB" +$ THEN +$! +$! O.K, Extract The File Name From The File List. +$! +$ FILE_NAME = F$ELEMENT(FILE_COUNTER,",",'LIB_MODULE') +$! +$! else +$! +$ ELSE +$ FILE_NAME = "," +$! +$ IF F$TYPE('APPS_MODULE') .NES. "" +$ THEN +$! +$! Extract The File Name From The File List. +$! This part is a bit more complicated. +$! +$ IF APPLICATION .EQS. "" +$ THEN +$ APPLICATION = F$ELEMENT(APPLICATION_COUNTER,";",'APPS_MODULE') +$ APPLICATION_COUNTER = APPLICATION_COUNTER + 1 +$ APPLICATION_OBJECTS = F$ELEMENT(1,"/",APPLICATION) +$ APPLICATION = F$ELEMENT(0,"/",APPLICATION) +$ FILE_COUNTER = 0 +$ ENDIF +$ +$! WRITE SYS$OUTPUT "DEBUG: SHOW SYMBOL APPLICATION*" +$! SHOW SYMBOL APPLICATION* +$! +$ IF APPLICATION .NES. ";" +$ THEN +$ FILE_NAME = F$ELEMENT(FILE_COUNTER,",",APPLICATION_OBJECTS) +$ IF FILE_NAME .EQS. "," +$ THEN +$ APPLICATION = "" +$ GOTO NEXT_FILE +$ ENDIF +$ ENDIF +$ ENDIF +$ ENDIF $! $! Check To See If We Are At The End Of The File List. $! $ IF (FILE_NAME.EQS.",") $ THEN $! -$! We Are At The End Of The File List, Goto FILE_DONE. +$! We Are At The End Of The File List, Change State Or Goto FILE_DONE. $! -$ GOTO FILE_DONE +$ IF STATE .EQS. "LIB" .AND. BUILDALL .NES. "LIBRARY" +$ THEN +$ STATE = "APPS" +$ GOTO MODULE_AGAIN +$ ELSE +$ GOTO FILE_DONE +$ ENDIF $! $! End The File List Check. $! @@ -440,10 +549,10 @@ $! $ IF (F$SEARCH(SOURCE_FILE).EQS."") $ THEN $! -$! Tell The User That The File Dosen't Exist. +$! Tell The User That The File Doesn't Exist. $! $ WRITE SYS$OUTPUT "" -$ WRITE SYS$OUTPUT "The File ",SOURCE_FILE," Dosen't Exist." +$ WRITE SYS$OUTPUT "The File ",SOURCE_FILE," Doesn't Exist." $ WRITE SYS$OUTPUT "" $! $! Exit The Build. @@ -458,7 +567,7 @@ $! Tell The User We Are Compiling The File. $! $ IF (MODULE_NAME.EQS."") $ THEN - WRITE SYS$OUTPUT "Compiling The ",FILE_NAME," File." +$ WRITE SYS$OUTPUT "Compiling The ",FILE_NAME," File. (",BUILDALL,",",STATE,")" $ ENDIF $ IF (MODULE_NAME.NES."") $ THEN @@ -490,14 +599,17 @@ $ ENDIF $ ENDIF $ ENDIF $ ENDIF +$ IF STATE .EQS. "LIB" +$ THEN $! -$! Add It To The Library. +$! Add It To The Library. $! -$ LIBRARY/REPLACE 'LIB_NAME' 'OBJECT_FILE' +$ LIBRARY/REPLACE 'LIB_NAME' 'OBJECT_FILE' $! -$! Time To Clean Up The Object File. +$! Time To Clean Up The Object File. $! -$ DELETE 'OBJECT_FILE';* +$ DELETE 'OBJECT_FILE';* +$ ENDIF $! $! Go Back And Do It Again. $! @@ -507,6 +619,100 @@ $! All Done With This Library Part. $! $ FILE_DONE: $! +$! Time To Build Some Applications +$! +$ IF F$TYPE('APPS_MODULE') .NES. "" .AND. BUILDALL .NES. "LIBRARY" +$ THEN +$ APPLICATION_COUNTER = 0 +$ NEXT_APPLICATION: +$ APPLICATION = F$ELEMENT(APPLICATION_COUNTER,";",'APPS_MODULE') +$ IF APPLICATION .EQS. ";" THEN GOTO APPLICATION_DONE +$ +$ APPLICATION_COUNTER = APPLICATION_COUNTER + 1 +$ APPLICATION_OBJECTS = F$ELEMENT(1,"/",APPLICATION) +$ APPLICATION = F$ELEMENT(0,"/",APPLICATION) +$ +$! WRITE SYS$OUTPUT "DEBUG: SHOW SYMBOL APPLICATION*" +$! SHOW SYMBOL APPLICATION* +$! +$! Tell the user what happens +$! +$ WRITE SYS$OUTPUT " ",APPLICATION,".exe" +$! +$! Link The Program, Check To See If We Need To Link With RSAREF Or Not. +$! +$ ON ERROR THEN GOTO NEXT_APPLICATION +$ IF (RSAREF.EQS."TRUE") +$ THEN +$! +$! Check To See If We Are To Link With A Specific TCP/IP Library. +$! +$ IF (TCPIP_LIB.NES."") +$ THEN +$! +$! Link With The RSAREF Library And A Specific TCP/IP Library. +$! +$ LINK/'DEBUGGER'/'TRACEBACK'/EXE='EXE_DIR''APPLICATION'.EXE - + 'OBJ_DIR''APPLICATION_OBJECTS', - + 'CRYPTO_LIB'/LIBRARY,'RSAREF_LIB'/LIBRARY, - + 'TCPIP_LIB','OPT_FILE'/OPTION +$! +$! Else... +$! +$ ELSE +$! +$! Link With The RSAREF Library And NO TCP/IP Library. +$! +$ LINK/'DEBUGGER'/'TRACEBACK'/EXE='EXE_DIR''APPLICATION'.EXE - + 'OBJ_DIR''APPLICATION_OBJECTS', - + 'CRYPTO_LIB'/LIBRARY,'RSAREF_LIB'/LIBRARY, - + 'OPT_FILE'/OPTION +$! +$! End The TCP/IP Library Check. +$! +$ ENDIF +$! +$! Else... +$! +$ ELSE +$! +$! Don't Link With The RSAREF Routines. +$! +$! +$! Check To See If We Are To Link With A Specific TCP/IP Library. +$! +$ IF (TCPIP_LIB.NES."") +$ THEN +$! +$! Don't Link With The RSAREF Routines And TCP/IP Library. +$! +$ LINK/'DEBUGGER'/'TRACEBACK'/EXE='EXE_DIR''APPLICATION'.EXE - + 'OBJ_DIR''APPLICATION_OBJECTS', - + 'CRYPTO_LIB'/LIBRARY, - + 'TCPIP_LIB','OPT_FILE'/OPTION +$! +$! Else... +$! +$ ELSE +$! +$! Don't Link With The RSAREF Routines And Link With A TCP/IP Library. +$! +$ LINK/'DEBUGGER'/'TRACEBACK'/EXE='EXE_DIR''APPLICATION'.EXE - + 'OBJ_DIR''APPLICATION_OBJECTS',- + 'CRYPTO_LIB'/LIBRARY, - + 'OPT_FILE'/OPTION +$! +$! End The TCP/IP Library Check. +$! +$ ENDIF +$! +$! End The RSAREF Link Check. +$! +$ ENDIF +$ GOTO NEXT_APPLICATION +$ APPLICATION_DONE: +$ ENDIF +$! $! Go Back And Get The Next Module. $! $ GOTO MODULE_NEXT @@ -653,17 +859,71 @@ $ CHECK_OPTIONS: $! $! Check To See If P1 Is Blank. $! -$ IF (P1.EQS."NORSAREF") +$ IF (P1.EQS."ALL") $ THEN $! -$! P1 Is NORSAREF, So Compile With The Regular RSA Libraries. +$! P1 Is Blank, So Build Everything. +$! +$ BUILDALL = "TRUE" +$! +$! Else... +$! +$ ELSE +$! +$! Else, Check To See If P1 Has A Valid Arguement. +$! +$ IF (P1.EQS."LIBRARY").OR.(P1.EQS."APPS") +$ THEN +$! +$! A Valid Arguement. +$! +$ BUILDALL = P1 +$! +$! Else... +$! +$ ELSE +$! +$! Tell The User We Don't Know What They Want. +$! +$ WRITE SYS$OUTPUT "" +$ WRITE SYS$OUTPUT "The Option ",P1," Is Invalid. The Valid Options Are:" +$ WRITE SYS$OUTPUT "" +$ WRITE SYS$OUTPUT " ALL : Just Build Everything." +$ WRITE SYS$OUTPUT " LIBRARY : To Compile Just The [.xxx.EXE.SSL]LIBCRYPTO.OLB Library." +$ WRITE SYS$OUTPUT " APPS : To Compile Just The [.xxx.EXE.SSL]*.EXE Programs." +$ WRITE SYS$OUTPUT "" +$ WRITE SYS$OUTPUT " Where 'xxx' Stands For:" +$ WRITE SYS$OUTPUT "" +$ WRITE SYS$OUTPUT " AXP : Alpha Architecture." +$ WRITE SYS$OUTPUT " VAX : VAX Architecture." +$ WRITE SYS$OUTPUT "" +$! +$! Time To EXIT. +$! +$ EXIT +$! +$! End The Valid Arguement Check. +$! +$ ENDIF +$! +$! End The P1 Check. +$! +$ ENDIF +$! +$! Check To See If P2 Is Blank. +$! +$ P2 = "NORSAREF" +$ IF (P2.EQS."NORSAREF") +$ THEN +$! +$! P2 Is NORSAREF, So Compile With The Regular RSA Libraries. $! $ RSAREF = "FALSE" $ ELSE $! $! Check To See If We Are To Use The RSAREF Library. $! -$ IF (P1.EQS."RSAREF") +$ IF (P2.EQS."RSAREF") $ THEN $! $! Check To Make Sure We Have The RSAREF Source Code Directory. @@ -677,7 +937,7 @@ $! $ WRITE SYS$OUTPUT "" $ WRITE SYS$OUTPUT "It appears that you don't have the RSAREF Souce Code." $ WRITE SYS$OUTPUT "You need to go to 'ftp://ftp.rsa.com/rsaref'. You have to" -$ WRITE SYS$OUTPUT "get the '.tar-Z' file as the '.zip' file dosen't have the" +$ WRITE SYS$OUTPUT "get the '.tar-Z' file as the '.zip' file doesn't have the" $ WRITE SYS$OUTPUT "directory structure stored. You have to extract the file" $ WRITE SYS$OUTPUT "into the [.RSAREF] directory under the root directory" $ WRITE SYS$OUTPUT "as that is where the scripts will look for the files." @@ -697,7 +957,7 @@ $! $! They Entered An Invalid Option.. $! $ WRITE SYS$OUTPUT "" -$ WRITE SYS$OUTPUT "The Option ",P1," Is Invalid. The Valid Options Are:" +$ WRITE SYS$OUTPUT "The Option ",P2," Is Invalid. The Valid Options Are:" $ WRITE SYS$OUTPUT "" $ WRITE SYS$OUTPUT " RSAREF : Compile With The RSAREF Library." $ WRITE SYS$OUTPUT " NORSAREF : Compile With The Regular RSA Library." @@ -711,16 +971,16 @@ $! End The Valid Arguement Check. $! $ ENDIF $! -$! End The P1 Check. +$! End The P2 Check. $! $ ENDIF $! -$! Check To See If P2 Is Blank. +$! Check To See If P3 Is Blank. $! -$ IF (P2.EQS."NODEBUG") +$ IF (P3.EQS."NODEBUG") $ THEN $! -$! P2 Is NODEBUG, So Compile Without The Debugger Information. +$! P3 Is NODEBUG, So Compile Without The Debugger Information. $! $ DEBUGGER = "NODEBUG" $ TRACEBACK = "NOTRACEBACK" @@ -733,7 +993,7 @@ $ ELSE $! $! Check To See If We Are To Compile With Debugger Information. $! -$ IF (P2.EQS."DEBUG") +$ IF (P3.EQS."DEBUG") $ THEN $! $! Compile With Debugger Information. @@ -750,7 +1010,7 @@ $! $! They Entered An Invalid Option.. $! $ WRITE SYS$OUTPUT "" -$ WRITE SYS$OUTPUT "The Option ",P2," Is Invalid. The Valid Options Are:" +$ WRITE SYS$OUTPUT "The Option ",P3," Is Invalid. The Valid Options Are:" $ WRITE SYS$OUTPUT "" $ WRITE SYS$OUTPUT " DEBUG : Compile With The Debugger Information." $ WRITE SYS$OUTPUT " NODEBUG : Compile Without The Debugger Information." @@ -764,7 +1024,7 @@ $! End The Valid Arguement Check. $! $ ENDIF $! -$! End The P2 Check. +$! End The P3 Check. $! $ ENDIF $! @@ -774,9 +1034,9 @@ $! Written By: Richard Levitte $! richard@levitte.org $! $! -$! Check To See If We Have A Option For P5. +$! Check To See If We Have A Option For P6. $! -$ IF (P5.EQS."") +$ IF (P6.EQS."") $ THEN $! $! Get The Version Of VMS We Are Using. @@ -798,13 +1058,13 @@ $! End The VMS Version Check. $! $ ENDIF $! -$! End The P5 Check. +$! End The P6 Check. $! $ ENDIF $! -$! Check To See If P3 Is Blank. +$! Check To See If P4 Is Blank. $! -$ IF (P3.EQS."") +$ IF (P4.EQS."") $ THEN $! $! O.K., The User Didn't Specify A Compiler, Let's Try To @@ -817,7 +1077,7 @@ $ THEN $! $! Looks Like GNUC, Set To Use GNUC. $! -$ P3 = "GNUC" +$ P4 = "GNUC" $! $! Else... $! @@ -830,7 +1090,7 @@ $ THEN $! $! Looks Like DECC, Set To Use DECC. $! -$ P3 = "DECC" +$ P4 = "DECC" $! $! Else... $! @@ -838,7 +1098,7 @@ $ ELSE $! $! Looks Like VAXC, Set To Use VAXC. $! -$ P3 = "VAXC" +$ P4 = "VAXC" $! $! End The VAXC Compiler Check. $! @@ -852,9 +1112,9 @@ $! End The Compiler Check. $! $ ENDIF $! -$! Check To See If We Have A Option For P4. +$! Check To See If We Have A Option For P5. $! -$ IF (P4.EQS."") +$ IF (P5.EQS."") $ THEN $! $! Find out what socket library we have available @@ -864,7 +1124,7 @@ $ THEN $! $! We have SOCKETSHR, and it is my opinion that it's the best to use. $! -$ P4 = "SOCKETSHR" +$ P5 = "SOCKETSHR" $! $! Tell the user $! @@ -884,7 +1144,7 @@ $ THEN $! $! Last resort: a UCX or UCX-compatible library $! -$ P4 = "UCX" +$ P5 = "UCX" $! $! Tell the user $! @@ -898,22 +1158,22 @@ $ ENDIF $! $! Set Up Initial CC Definitions, Possibly With User Ones $! -$ CCDEFS = "VMS=1,TCPIP_TYPE_''P4'" +$ CCDEFS = "TCPIP_TYPE_''P5',DSO_VMS" $ IF F$TYPE(USER_CCDEFS) .NES. "" THEN CCDEFS = CCDEFS + "," + USER_CCDEFS $ CCEXTRAFLAGS = "" $ IF F$TYPE(USER_CCFLAGS) .NES. "" THEN CCEXTRAFLAGS = USER_CCFLAGS -$ CCDISABLEWARNINGS = "" +$ CCDISABLEWARNINGS = "LONGLONGTYPE,LONGLONGSUFX" $ IF F$TYPE(USER_CCDISABLEWARNINGS) .NES. "" THEN - - CCDISABLEWARNINGS = USER_CCDISABLEWARNINGS + CCDISABLEWARNINGS = CCDISABLEWARNINGS + "," + USER_CCDISABLEWARNINGS $! $! Check To See If The User Entered A Valid Paramter. $! -$ IF (P3.EQS."VAXC").OR.(P3.EQS."DECC").OR.(P3.EQS."GNUC") +$ IF (P4.EQS."VAXC").OR.(P4.EQS."DECC").OR.(P4.EQS."GNUC") $ THEN $! $! Check To See If The User Wanted DECC. $! -$ IF (P3.EQS."DECC") +$ IF (P4.EQS."DECC") $ THEN $! $! Looks Like DECC, Set To Use DECC. @@ -930,7 +1190,9 @@ $ CC = "CC" $ IF ARCH.EQS."VAX" .AND. F$TRNLNM("DECC$CC_DEFAULT").NES."/DECC" - THEN CC = "CC/DECC" $ CC = CC + "/''CC_OPTIMIZE'/''DEBUGGER'/STANDARD=ANSI89" + - - "/NOLIST/PREFIX=ALL/INCLUDE=SYS$DISK:[]" + CCEXTRAFLAGS + "/NOLIST/PREFIX=ALL" + - + "/INCLUDE=(SYS$DISK:[],SYS$DISK:[-],SYS$DISK:[.ENGINE.VENDOR_DEFNS],SYS$DISK:[.EVP])" + - + CCEXTRAFLAGS $! $! Define The Linker Options File Name. $! @@ -942,7 +1204,7 @@ $ ENDIF $! $! Check To See If We Are To Use VAXC. $! -$ IF (P3.EQS."VAXC") +$ IF (P4.EQS."VAXC") $ THEN $! $! Looks Like VAXC, Set To Use VAXC. @@ -962,7 +1224,8 @@ $ WRITE SYS$OUTPUT "There is no VAX C on Alpha!" $ EXIT $ ENDIF $ IF F$TRNLNM("DECC$CC_DEFAULT").EQS."/DECC" THEN CC = "CC/VAXC" -$ CC = CC + "/''CC_OPTIMIZE'/''DEBUGGER'/NOLIST/INCLUDE=SYS$DISK:[]" + - +$ CC = CC + "/''CC_OPTIMIZE'/''DEBUGGER'/NOLIST" + - + "/INCLUDE=(SYS$DISK:[],SYS$DISK:[-],SYS$DISK:[.ENGINE.VENDOR_DEFNS])" + - CCEXTRAFLAGS $ CCDEFS = """VAXC""," + CCDEFS $! @@ -980,7 +1243,7 @@ $ ENDIF $! $! Check To See If We Are To Use GNU C. $! -$ IF (P3.EQS."GNUC") +$ IF (P4.EQS."GNUC") $ THEN $! $! Looks Like GNUC, Set To Use GNUC. @@ -994,7 +1257,8 @@ $! $! Use GNU C... $! $ CC = "GCC/NOCASE_HACK/''GCC_OPTIMIZE'/''DEBUGGER'/NOLIST" + - - "/INCLUDE=SYS$DISK:[]" + CCEXTRAFLAGS + "/INCLUDE=(SYS$DISK:[],SYS$DISK:[-],SYS$DISK:[.ENGINE.VENDOR_DEFNS])" + - + CCEXTRAFLAGS $! $! Define The Linker Options File Name. $! @@ -1051,7 +1315,7 @@ $ CC4DISABLEWARNINGS = "" $ ENDIF $ CC3 = CC + "/DEFINE=(" + CCDEFS + ISSEVEN + ")" + CCDISABLEWARNINGS $ CC = CC + "/DEFINE=(" + CCDEFS + ")" + CCDISABLEWARNINGS -$ IF ARCH .EQS. "VAX" .AND. COMPILER .EQS. "DECC" .AND. P2 .NES. "DEBUG" +$ IF ARCH .EQS. "VAX" .AND. COMPILER .EQS. "DECC" .AND. P3 .NES. "DEBUG" $ THEN $ CC5 = CC + "/OPTIMIZE=NODISJOINT" $ ELSE @@ -1070,7 +1334,7 @@ $! $! Tell The User We Don't Know What They Want. $! $ WRITE SYS$OUTPUT "" -$ WRITE SYS$OUTPUT "The Option ",P3," Is Invalid. The Valid Options Are:" +$ WRITE SYS$OUTPUT "The Option ",P4," Is Invalid. The Valid Options Are:" $ WRITE SYS$OUTPUT "" $ WRITE SYS$OUTPUT " VAXC : To Compile With VAX C." $ WRITE SYS$OUTPUT " DECC : To Compile With DEC C." @@ -1096,17 +1360,18 @@ $ WRITE SYS$OUTPUT "Main MACRO Compiling Command: ",MACRO $! $! Time to check the contents, and to make sure we get the correct library. $! -$ IF P4.EQS."SOCKETSHR" .OR. P4.EQS."MULTINET" .OR. P4.EQS."UCX" +$ IF P5.EQS."SOCKETSHR" .OR. P5.EQS."MULTINET" .OR. P5.EQS."UCX" - + .OR. P5.EQS."TCPIP" .OR. P5.EQS."NONE" $ THEN $! $! Check to see if SOCKETSHR was chosen $! -$ IF P4.EQS."SOCKETSHR" +$ IF P5.EQS."SOCKETSHR" $ THEN $! $! Set the library to use SOCKETSHR $! -$ TCPIP_LIB = "[-.VMS]SOCKETSHR_SHR.OPT/OPT" +$ TCPIP_LIB = "SYS$DISK:[-.VMS]SOCKETSHR_SHR.OPT/OPT" $! $! Done with SOCKETSHR $! @@ -1114,12 +1379,12 @@ $ ENDIF $! $! Check to see if MULTINET was chosen $! -$ IF P4.EQS."MULTINET" +$ IF P5.EQS."MULTINET" $ THEN $! $! Set the library to use UCX emulation. $! -$ P4 = "UCX" +$ P5 = "UCX" $! $! Done with MULTINET $! @@ -1127,24 +1392,50 @@ $ ENDIF $! $! Check to see if UCX was chosen $! -$ IF P4.EQS."UCX" +$ IF P5.EQS."UCX" $ THEN $! $! Set the library to use UCX. $! -$ TCPIP_LIB = "[-.VMS]UCX_SHR_DECC.OPT/OPT" +$ TCPIP_LIB = "SYS$DISK:[-.VMS]UCX_SHR_DECC.OPT/OPT" $ IF F$TRNLNM("UCX$IPC_SHR") .NES. "" $ THEN -$ TCPIP_LIB = "[-.VMS]UCX_SHR_DECC_LOG.OPT/OPT" +$ TCPIP_LIB = "SYS$DISK:[-.VMS]UCX_SHR_DECC_LOG.OPT/OPT" $ ELSE $ IF COMPILER .NES. "DECC" .AND. ARCH .EQS. "VAX" THEN - - TCPIP_LIB = "[-.VMS]UCX_SHR_VAXC.OPT/OPT" + TCPIP_LIB = "SYS$DISK:[-.VMS]UCX_SHR_VAXC.OPT/OPT" $ ENDIF $! $! Done with UCX $! $ ENDIF $! +$! Check to see if TCPIP was chosen +$! +$ IF P5.EQS."TCPIP" +$ THEN +$! +$! Set the library to use TCPIP (post UCX). +$! +$ TCPIP_LIB = "SYS$DISK:[-.VMS]TCPIP_SHR_DECC.OPT/OPT" +$! +$! Done with TCPIP +$! +$ ENDIF +$! +$! Check to see if NONE was chosen +$! +$ IF P5.EQS."NONE" +$ THEN +$! +$! Do not use a TCPIP library. +$! +$ TCPIP_LIB = "" +$! +$! Done with TCPIP +$! +$ ENDIF +$! $! Print info $! $ WRITE SYS$OUTPUT "TCP/IP library spec: ", TCPIP_LIB @@ -1156,10 +1447,11 @@ $! $! Tell The User We Don't Know What They Want. $! $ WRITE SYS$OUTPUT "" -$ WRITE SYS$OUTPUT "The Option ",P4," Is Invalid. The Valid Options Are:" +$ WRITE SYS$OUTPUT "The Option ",P5," Is Invalid. The Valid Options Are:" $ WRITE SYS$OUTPUT "" $ WRITE SYS$OUTPUT " SOCKETSHR : To link with SOCKETSHR TCP/IP library." $ WRITE SYS$OUTPUT " UCX : To link with UCX TCP/IP library." +$ WRITE SYS$OUTPUT " TCPIP : To link with TCPIP (post UCX) TCP/IP library." $ WRITE SYS$OUTPUT "" $! $! Time To EXIT. @@ -1173,9 +1465,10 @@ $! $! Check if the user wanted to compile just a subset of all the encryption $! methods. $! -$ IF P6 .NES. "" +$ IF P7 .NES. "" $ THEN -$ ENCRYPT_TYPES = P6 +$ ENCRYPT_TYPES = P7 +$! NYI: ENCRYPT_PROGRAMS = P7 $ ENDIF $! $! Time To RETURN... @@ -1191,6 +1484,7 @@ $! $! Save directory information $! $ __HERE = F$PARSE(F$PARSE("A.;",F$ENVIRONMENT("PROCEDURE"))-"A.;","[]A.;") - "A.;" +$ __HERE = F$EDIT(__HERE,"UPCASE") $ __TOP = __HERE - "CRYPTO]" $ __INCLUDE = __TOP + "INCLUDE.OPENSSL]" $! diff --git a/src/lib/libcrypto/des/VERSION b/src/lib/libcrypto/des/VERSION index f62d8bdac0..c7d01542bc 100644 --- a/src/lib/libcrypto/des/VERSION +++ b/src/lib/libcrypto/des/VERSION @@ -1,3 +1,4 @@ + Fixed the weak key values which were wrong :-( Defining SIGACTION causes sigaction() to be used instead of signal(). SIGUSR1/SIGUSR2 are no longer mapped in the read tty stuff because it can cause problems. This should hopefully not affect normal diff --git a/src/lib/libcrypto/des/asm/des686.pl b/src/lib/libcrypto/des/asm/des686.pl index cf1a82fb5c..d3ad5d5edd 100644 --- a/src/lib/libcrypto/des/asm/des686.pl +++ b/src/lib/libcrypto/des/asm/des686.pl @@ -1,4 +1,4 @@ -#!/usr/bin/perl +#!/usr/local/bin/perl $prog="des686.pl"; @@ -46,19 +46,19 @@ EOF $L="edi"; $R="esi"; -&des_encrypt("des_encrypt",1); -&des_encrypt("des_encrypt2",0); +&DES_encrypt("DES_encrypt1",1); +&DES_encrypt("DES_encrypt2",0); -&des_encrypt3("des_encrypt3",1); -&des_encrypt3("des_decrypt3",0); +&DES_encrypt3("DES_encrypt3",1); +&DES_encrypt3("DES_decrypt3",0); &file_end(); -sub des_encrypt +sub DES_encrypt { local($name,$do_ip)=@_; - &function_begin($name,"EXTRN _des_SPtrans:DWORD"); + &function_begin($name,"EXTRN _DES_SPtrans:DWORD"); &comment(""); &comment("Load the 2 words"); @@ -94,11 +94,11 @@ sub des_encrypt { &comment(""); &comment("Round $i"); - &D_ENCRYPT($L,$R,$i*2,"ebp","des_SPtrans","ecx","edx","eax","ebx"); + &D_ENCRYPT($L,$R,$i*2,"ebp","DES_SPtrans","ecx","edx","eax","ebx"); &comment(""); &comment("Round ".sprintf("%d",$i+1)); - &D_ENCRYPT($R,$L,($i+1)*2,"ebp","des_SPtrans","ecx","edx","eax","ebx"); + &D_ENCRYPT($R,$L,($i+1)*2,"ebp","DES_SPtrans","ecx","edx","eax","ebx"); } &jmp(&label("end")); @@ -108,10 +108,10 @@ sub des_encrypt { &comment(""); &comment("Round $i"); - &D_ENCRYPT($L,$R,$i*2,"ebp","des_SPtrans","ecx","edx","eax","ebx"); + &D_ENCRYPT($L,$R,$i*2,"ebp","DES_SPtrans","ecx","edx","eax","ebx"); &comment(""); &comment("Round ".sprintf("%d",$i-1)); - &D_ENCRYPT($R,$L,($i-1)*2,"ebp","des_SPtrans","ecx","edx","eax","ebx"); + &D_ENCRYPT($R,$L,($i-1)*2,"ebp","DES_SPtrans","ecx","edx","eax","ebx"); } &set_label("end"); diff --git a/src/lib/libcrypto/des/asm/readme b/src/lib/libcrypto/des/asm/readme index f8529d9307..1beafe253b 100644 --- a/src/lib/libcrypto/des/asm/readme +++ b/src/lib/libcrypto/des/asm/readme @@ -8,7 +8,7 @@ assembler for the inner DES routines in libdes :-). The file to implement in assembler is des_enc.c. Replace the following 4 functions -des_encrypt(DES_LONG data[2],des_key_schedule ks, int encrypt); +des_encrypt1(DES_LONG data[2],des_key_schedule ks, int encrypt); des_encrypt2(DES_LONG data[2],des_key_schedule ks, int encrypt); des_encrypt3(DES_LONG data[2],des_key_schedule ks1,ks2,ks3); des_decrypt3(DES_LONG data[2],des_key_schedule ks1,ks2,ks3); diff --git a/src/lib/libcrypto/des/cbc3_enc.c b/src/lib/libcrypto/des/cbc3_enc.c index 92a78b05d6..b5db4e14f7 100644 --- a/src/lib/libcrypto/des/cbc3_enc.c +++ b/src/lib/libcrypto/des/cbc3_enc.c @@ -58,42 +58,42 @@ #include "des_locl.h" -/* HAS BUGS? DON'T USE - this is only present for use in des.c */ -void des_3cbc_encrypt(input, output, length, ks1, ks2, iv1, iv2, enc) -des_cblock (*input); -des_cblock (*output); -long length; -des_key_schedule ks1; -des_key_schedule ks2; -des_cblock (*iv1); -des_cblock (*iv2); -int enc; +/* HAS BUGS! DON'T USE - this is only present for use in des.c */ +void DES_3cbc_encrypt(DES_cblock *input, DES_cblock *output, long length, + DES_key_schedule ks1, DES_key_schedule ks2, DES_cblock *iv1, + DES_cblock *iv2, int enc) { int off=((int)length-1)/8; long l8=((length+7)/8)*8; - des_cblock niv1,niv2; + DES_cblock niv1,niv2; if (enc == DES_ENCRYPT) { - des_cbc_encrypt(input,output,length,ks1,iv1,enc); - if (length >= sizeof(des_cblock)) - memcpy(niv1,output[off],sizeof(des_cblock)); - des_cbc_encrypt(output,output,l8,ks2,iv1,!enc); - des_cbc_encrypt(output,output,l8,ks1,iv2, enc); - if (length >= sizeof(des_cblock)) - memcpy(niv2,output[off],sizeof(des_cblock)); + DES_cbc_encrypt((unsigned char*)input, + (unsigned char*)output,length,&ks1,iv1,enc); + if (length >= sizeof(DES_cblock)) + memcpy(niv1,output[off],sizeof(DES_cblock)); + DES_cbc_encrypt((unsigned char*)output, + (unsigned char*)output,l8,&ks2,iv1,!enc); + DES_cbc_encrypt((unsigned char*)output, + (unsigned char*)output,l8,&ks1,iv2,enc); + if (length >= sizeof(DES_cblock)) + memcpy(niv2,output[off],sizeof(DES_cblock)); } else { - if (length >= sizeof(des_cblock)) - memcpy(niv2,input[off],sizeof(des_cblock)); - des_cbc_encrypt(input,output,l8,ks1,iv2,enc); - des_cbc_encrypt(output,output,l8,ks2,iv1,!enc); - if (length >= sizeof(des_cblock)) - memcpy(niv1,output[off],sizeof(des_cblock)); - des_cbc_encrypt(output,output,length,ks1,iv1, enc); + if (length >= sizeof(DES_cblock)) + memcpy(niv2,input[off],sizeof(DES_cblock)); + DES_cbc_encrypt((unsigned char*)input, + (unsigned char*)output,l8,&ks1,iv2,enc); + DES_cbc_encrypt((unsigned char*)output, + (unsigned char*)output,l8,&ks2,iv1,!enc); + if (length >= sizeof(DES_cblock)) + memcpy(niv1,output[off],sizeof(DES_cblock)); + DES_cbc_encrypt((unsigned char*)output, + (unsigned char*)output,length,&ks1,iv1,enc); } - memcpy(*iv1,niv1,sizeof(des_cblock)); - memcpy(*iv2,niv2,sizeof(des_cblock)); + memcpy(*iv1,niv1,sizeof(DES_cblock)); + memcpy(*iv2,niv2,sizeof(DES_cblock)); } diff --git a/src/lib/libcrypto/des/des-lib.com b/src/lib/libcrypto/des/des-lib.com index 2aea7a0dea..fc2c35a1ce 100644 --- a/src/lib/libcrypto/des/des-lib.com +++ b/src/lib/libcrypto/des/des-lib.com @@ -846,8 +846,8 @@ $ ENDIF $! $! Set Up Initial CC Definitions, Possibly With User Ones $! -$ CCDEFS = "VMS=1" -$ IF F$TYPE(USER_CCDEFS) .NES. "" THEN CCDEFS = CCDEFS + "," + USER_CCDEFS +$ CCDEFS = "" +$ IF F$TYPE(USER_CCDEFS) .NES. "" THEN CCDEFS = USER_CCDEFS $ CCEXTRAFLAGS = "" $ IF F$TYPE(USER_CCFLAGS) .NES. "" THEN CCEXTRAFLAGS = USER_CCFLAGS $ CCDISABLEWARNINGS = "" diff --git a/src/lib/libcrypto/des/des.c b/src/lib/libcrypto/des/des.c index c1e5005474..d8c846b23d 100644 --- a/src/lib/libcrypto/des/des.c +++ b/src/lib/libcrypto/des/des.c @@ -58,17 +58,26 @@ #include #include -#ifndef MSDOS +#include +#include +#ifndef OPENSSL_SYS_MSDOS +#ifndef OPENSSL_SYS_VMS +#include OPENSSL_UNISTD +#else /* OPENSSL_SYS_VMS */ +#ifdef __DECC #include -#else +#else /* not __DECC */ +#include +#endif /* __DECC */ +#endif /* OPENSSL_SYS_VMS */ +#else /* OPENSSL_SYS_MSDOS */ #include -#define RAND #endif #include #include "des_ver.h" -#ifdef VMS +#ifdef OPENSSL_SYS_VMS #include #include #else @@ -77,21 +86,10 @@ #endif #include #endif -#if defined(NOCONST) -#define const -#endif -#include "des.h" - -#if defined(__STDC__) || defined(VMS) || defined(M_XENIX) || defined(MSDOS) -#include -#endif +#include +#include +#include -#ifdef RAND -#define random rand -#define srandom(s) srand(s) -#endif - -#ifndef NOPROTO void usage(void); void doencryption(void); int uufwrite(unsigned char *data, int size, unsigned int num, FILE *fp); @@ -99,21 +97,10 @@ void uufwriteEnd(FILE *fp); int uufread(unsigned char *out,int size,unsigned int num,FILE *fp); int uuencode(unsigned char *in,int num,unsigned char *out); int uudecode(unsigned char *in,int num,unsigned char *out); -void des_3cbc_encrypt(des_cblock *input,des_cblock *output,long length, - des_key_schedule sk1,des_key_schedule sk2, - des_cblock *ivec1,des_cblock *ivec2,int enc); -#else -void usage(); -void doencryption(); -int uufwrite(); -void uufwriteEnd(); -int uufread(); -int uuencode(); -int uudecode(); -void des_3cbc_encrypt(); -#endif - -#ifdef VMS +void DES_3cbc_encrypt(DES_cblock *input,DES_cblock *output,long length, + DES_key_schedule sk1,DES_key_schedule sk2, + DES_cblock *ivec1,DES_cblock *ivec2,int enc); +#ifdef OPENSSL_SYS_VMS #define EXIT(a) exit(a&0x10000000L) #else #define EXIT(a) exit(a) @@ -133,14 +120,12 @@ int uubufnum=0; #define OUTUUBUF (65*100) unsigned char b[OUTUUBUF]; unsigned char bb[300]; -des_cblock cksum={0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00}; +DES_cblock cksum={0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00}; char cksumname[200]=""; int vflag,cflag,eflag,dflag,kflag,bflag,fflag,sflag,uflag,flag3,hflag,error; -int main(argc, argv) -int argc; -char **argv; +int main(int argc, char **argv) { int i; struct stat ins,outs; @@ -168,12 +153,14 @@ char **argv; case 'c': cflag=1; strncpy(cksumname,p,200); + cksumname[sizeof(cksumname)-1]='\0'; p+=strlen(cksumname); break; case 'C': cflag=1; longk=1; strncpy(cksumname,p,200); + cksumname[sizeof(cksumname)-1]='\0'; p+=strlen(cksumname); break; case 'e': @@ -205,6 +192,7 @@ char **argv; case 'u': uflag=1; strncpy(uuname,p,200); + uuname[sizeof(uuname)-1]='\0'; p+=strlen(uuname); break; case 'h': @@ -274,12 +262,12 @@ char **argv; #endif if ( (in != NULL) && (out != NULL) && -#ifndef MSDOS +#ifndef OPENSSL_SYS_MSDOS (stat(in,&ins) != -1) && (stat(out,&outs) != -1) && (ins.st_dev == outs.st_dev) && (ins.st_ino == outs.st_ino)) -#else /* MSDOS */ +#else /* OPENSSL_SYS_MSDOS */ (strcmp(in,out) == 0)) #endif { @@ -314,7 +302,7 @@ char **argv; EXIT(5); } -#ifdef MSDOS +#ifdef OPENSSL_SYS_MSDOS /* This should set the file to binary mode. */ { #include @@ -331,33 +319,33 @@ char **argv; EXIT(0); } -void usage() +void usage(void) { char **u; static const char *Usage[]={ "des [input-file [output-file]]", "options:", "-v : des(1) version number", -"-e : encrypt using sunOS compatible user key to DES key conversion.", +"-e : encrypt using SunOS compatible user key to DES key conversion.", "-E : encrypt ", -"-d : decrypt using sunOS compatible user key to DES key conversion.", +"-d : decrypt using SunOS compatible user key to DES key conversion.", "-D : decrypt ", -"-c[ckname] : generate a cbc_cksum using sunOS compatible user key to", +"-c[ckname] : generate a cbc_cksum using SunOS compatible user key to", " DES key conversion and output to ckname (stdout default,", " stderr if data being output on stdout). The checksum is", " generated before encryption and after decryption if used", " in conjunction with -[eEdD].", "-C[ckname] : generate a cbc_cksum as for -c but compatible with -[ED].", "-k key : use key 'key'", -"-h : the key that is entered will be a hexidecimal number", +"-h : the key that is entered will be a hexadecimal number", " that is used directly as the des key", "-u[uuname] : input file is uudecoded if -[dD] or output uuencoded data if -[eE]", " (uuname is the filename to put in the uuencode header).", -"-b : encrypt using DES in ecb encryption mode, the defaut is cbc mode.", -"-3 : encrypt using tripple DES encryption. This uses 2 keys", +"-b : encrypt using DES in ecb encryption mode, the default is cbc mode.", +"-3 : encrypt using triple DES encryption. This uses 2 keys", " generated from the input key. If the input key is less", -" than 8 characters long, this is equivelent to normal", -" encryption. Default is tripple cbc, -b makes it tripple ecb.", +" than 8 characters long, this is equivalent to normal", +" encryption. Default is triple cbc, -b makes it triple ecb.", NULL }; for (u=(char **)Usage; *u; u++) @@ -369,31 +357,29 @@ NULL EXIT(1); } -void doencryption() +void doencryption(void) { #ifdef _LIBC - extern int srandom(); - extern int random(); extern unsigned long time(); #endif register int i; - des_key_schedule ks,ks2; - unsigned char iv[8],iv2[8]; + DES_key_schedule ks,ks2; + DES_cblock iv,iv2; char *p; int num=0,j,k,l,rem,ll,len,last,ex=0; - des_cblock kk,k2; + DES_cblock kk,k2; FILE *O; int Exit=0; -#ifndef MSDOS +#ifndef OPENSSL_SYS_MSDOS static unsigned char buf[BUFSIZE+8],obuf[BUFSIZE+8]; #else static unsigned char *buf=NULL,*obuf=NULL; if (buf == NULL) { - if ( (( buf=(unsigned char *)Malloc(BUFSIZE+8)) == NULL) || - ((obuf=(unsigned char *)Malloc(BUFSIZE+8)) == NULL)) + if ( (( buf=OPENSSL_malloc(BUFSIZE+8)) == NULL) || + ((obuf=OPENSSL_malloc(BUFSIZE+8)) == NULL)) { fputs("Not enough memory\n",stderr); Exit=10; @@ -440,19 +426,19 @@ void doencryption() else k2[i-8]=k; } - des_set_key((C_Block *)k2,ks2); + DES_set_key_unchecked(&k2,&ks2); memset(k2,0,sizeof(k2)); } else if (longk || flag3) { if (flag3) { - des_string_to_2keys(key,(C_Block *)kk,(C_Block *)k2); - des_set_key((C_Block *)k2,ks2); + DES_string_to_2keys(key,&kk,&k2); + DES_set_key_unchecked(&k2,&ks2); memset(k2,0,sizeof(k2)); } else - des_string_to_key(key,(C_Block *)kk); + DES_string_to_key(key,&kk); } else for (i=0; i0; i--) - buf[l++]=random()&0xff; + RAND_pseudo_bytes(buf + l++, 1); buf[l++]=rem; ex=1; len+=rem; @@ -510,8 +495,8 @@ void doencryption() if (cflag) { - des_cbc_cksum((C_Block *)buf,(C_Block *)cksum, - (long)len,ks,(C_Block *)cksum); + DES_cbc_cksum(buf,&cksum, + (long)len,&ks,&cksum); if (!eflag) { if (feof(DES_IN)) break; @@ -521,34 +506,34 @@ void doencryption() if (bflag && !flag3) for (i=0; i= 8) memcpy(iv,&(obuf[l-8]),8); } if (rem) memcpy(buf,&(buf[l]),(unsigned int)rem); @@ -600,28 +585,28 @@ void doencryption() if (bflag && !flag3) for (i=0; i= 8) memcpy(iv,&(buf[l-8]),8); } @@ -646,9 +631,9 @@ void doencryption() l=l-8+last; } i=0; - if (cflag) des_cbc_cksum((C_Block *)obuf, - (C_Block *)cksum,(long)l/8*8,ks, - (C_Block *)cksum); + if (cflag) DES_cbc_cksum(obuf, + (DES_cblock *)cksum,(long)l/8*8,&ks, + (DES_cblock *)cksum); while (i != l) { j=fwrite(obuf,1,(unsigned int)l-i,DES_OUT); @@ -683,8 +668,8 @@ void doencryption() problems: memset(buf,0,sizeof(buf)); memset(obuf,0,sizeof(obuf)); - memset(ks,0,sizeof(ks)); - memset(ks2,0,sizeof(ks2)); + memset(&ks,0,sizeof(ks)); + memset(&ks2,0,sizeof(ks2)); memset(iv,0,sizeof(iv)); memset(iv2,0,sizeof(iv2)); memset(kk,0,sizeof(kk)); @@ -696,15 +681,8 @@ problems: if (Exit) EXIT(Exit); } -int uufwrite(data, size, num, fp) -unsigned char *data; -int size; -unsigned int num; -FILE *fp; - - /* We ignore this parameter but it should be > ~50 I believe */ - - +/* We ignore this parameter but it should be > ~50 I believe */ +int uufwrite(unsigned char *data, int size, unsigned int num, FILE *fp) { int i,j,left,rem,ret=num; static int start=1; @@ -757,8 +735,7 @@ FILE *fp; return(ret); } -void uufwriteEnd(fp) -FILE *fp; +void uufwriteEnd(FILE *fp) { int j; static const char *end=" \nend\n"; @@ -774,11 +751,8 @@ FILE *fp; fwrite(end,1,strlen(end),fp); } -int uufread(out, size, num, fp) -unsigned char *out; -int size; /* should always be > ~ 60; I actually ignore this parameter :-) */ -unsigned int num; -FILE *fp; +/* int size: should always be > ~ 60; I actually ignore this parameter :-) */ +int uufread(unsigned char *out, int size, unsigned int num, FILE *fp) { int i,j,tot; static int done=0; @@ -850,10 +824,7 @@ FILE *fp; *((c)++)=(unsigned char)(((l) )&0xff)) -int uuencode(in, num, out) -unsigned char *in; -int num; -unsigned char *out; +int uuencode(unsigned char *in, int num, unsigned char *out) { int j,i,n,tot=0; DES_LONG l; @@ -883,10 +854,7 @@ unsigned char *out; return(tot); } -int uudecode(in, num, out) -unsigned char *in; -int num; -unsigned char *out; +int uudecode(unsigned char *in, int num, unsigned char *out) { int j,i,k; unsigned int n=0,space=0; diff --git a/src/lib/libcrypto/des/des3s.cpp b/src/lib/libcrypto/des/des3s.cpp index 9aff6494d9..02d527c057 100644 --- a/src/lib/libcrypto/des/des3s.cpp +++ b/src/lib/libcrypto/des/des3s.cpp @@ -32,7 +32,7 @@ void GetTSC(unsigned long& tsc) #include #include -#include "des.h" +#include void main(int argc,char *argv[]) { diff --git a/src/lib/libcrypto/des/des_opts.c b/src/lib/libcrypto/des/des_opts.c index fdf0fbf461..79278b920e 100644 --- a/src/lib/libcrypto/des/des_opts.c +++ b/src/lib/libcrypto/des/des_opts.c @@ -59,19 +59,19 @@ /* define PART1, PART2, PART3 or PART4 to build only with a few of the options. * This is for machines with 64k code segment size restrictions. */ -#ifndef MSDOS +#if !defined(OPENSSL_SYS_MSDOS) && (!defined(OPENSSL_SYS_VMS) || defined(__DECC)) && !defined(OPENSSL_SYS_MACOSX) #define TIMES #endif #include -#ifndef MSDOS -#include +#ifndef OPENSSL_SYS_MSDOS +#include +#include OPENSSL_UNISTD #else #include extern void exit(); #endif #include -#ifndef VMS #ifndef _IRIX #include #endif @@ -79,25 +79,27 @@ extern void exit(); #include #include #endif -#else /* VMS */ -#include -struct tms { - time_t tms_utime; - time_t tms_stime; - time_t tms_uchild; /* I dunno... */ - time_t tms_uchildsys; /* so these names are a guess :-) */ - } + +/* Depending on the VMS version, the tms structure is perhaps defined. + The __TMS macro will show if it was. If it wasn't defined, we should + undefine TIMES, since that tells the rest of the program how things + should be handled. -- Richard Levitte */ +#if defined(OPENSSL_SYS_VMS_DECC) && !defined(__TMS) +#undef TIMES #endif + #ifndef TIMES #include #endif -#ifdef sun + +#if defined(sun) || defined(__ultrix) +#define _POSIX_SOURCE #include #include #endif -#include "des.h" +#include #include "spr.h" #define DES_DEFAULT_OPTIONS @@ -116,10 +118,10 @@ struct tms { #undef DES_RISC2 #undef DES_PTR #undef D_ENCRYPT -#define des_encrypt des_encrypt_u4_cisc_idx -#define des_encrypt2 des_encrypt2_u4_cisc_idx -#define des_encrypt3 des_encrypt3_u4_cisc_idx -#define des_decrypt3 des_decrypt3_u4_cisc_idx +#define DES_encrypt1 des_encrypt_u4_cisc_idx +#define DES_encrypt2 des_encrypt2_u4_cisc_idx +#define DES_encrypt3 des_encrypt3_u4_cisc_idx +#define DES_decrypt3 des_decrypt3_u4_cisc_idx #undef HEADER_DES_LOCL_H #include "des_enc.c" @@ -128,14 +130,14 @@ struct tms { #undef DES_RISC2 #undef DES_PTR #undef D_ENCRYPT -#undef des_encrypt -#undef des_encrypt2 -#undef des_encrypt3 -#undef des_decrypt3 -#define des_encrypt des_encrypt_u16_cisc_idx -#define des_encrypt2 des_encrypt2_u16_cisc_idx -#define des_encrypt3 des_encrypt3_u16_cisc_idx -#define des_decrypt3 des_decrypt3_u16_cisc_idx +#undef DES_encrypt1 +#undef DES_encrypt2 +#undef DES_encrypt3 +#undef DES_decrypt3 +#define DES_encrypt1 des_encrypt_u16_cisc_idx +#define DES_encrypt2 des_encrypt2_u16_cisc_idx +#define DES_encrypt3 des_encrypt3_u16_cisc_idx +#define DES_decrypt3 des_decrypt3_u16_cisc_idx #undef HEADER_DES_LOCL_H #include "des_enc.c" @@ -144,14 +146,14 @@ struct tms { #undef DES_RISC2 #undef DES_PTR #undef D_ENCRYPT -#undef des_encrypt -#undef des_encrypt2 -#undef des_encrypt3 -#undef des_decrypt3 -#define des_encrypt des_encrypt_u4_risc1_idx -#define des_encrypt2 des_encrypt2_u4_risc1_idx -#define des_encrypt3 des_encrypt3_u4_risc1_idx -#define des_decrypt3 des_decrypt3_u4_risc1_idx +#undef DES_encrypt1 +#undef DES_encrypt2 +#undef DES_encrypt3 +#undef DES_decrypt3 +#define DES_encrypt1 des_encrypt_u4_risc1_idx +#define DES_encrypt2 des_encrypt2_u4_risc1_idx +#define DES_encrypt3 des_encrypt3_u4_risc1_idx +#define DES_decrypt3 des_decrypt3_u4_risc1_idx #undef HEADER_DES_LOCL_H #include "des_enc.c" @@ -164,14 +166,14 @@ struct tms { #define DES_RISC2 #undef DES_PTR #undef D_ENCRYPT -#undef des_encrypt -#undef des_encrypt2 -#undef des_encrypt3 -#undef des_decrypt3 -#define des_encrypt des_encrypt_u4_risc2_idx -#define des_encrypt2 des_encrypt2_u4_risc2_idx -#define des_encrypt3 des_encrypt3_u4_risc2_idx -#define des_decrypt3 des_decrypt3_u4_risc2_idx +#undef DES_encrypt1 +#undef DES_encrypt2 +#undef DES_encrypt3 +#undef DES_decrypt3 +#define DES_encrypt1 des_encrypt_u4_risc2_idx +#define DES_encrypt2 des_encrypt2_u4_risc2_idx +#define DES_encrypt3 des_encrypt3_u4_risc2_idx +#define DES_decrypt3 des_decrypt3_u4_risc2_idx #undef HEADER_DES_LOCL_H #include "des_enc.c" @@ -180,14 +182,14 @@ struct tms { #undef DES_RISC2 #undef DES_PTR #undef D_ENCRYPT -#undef des_encrypt -#undef des_encrypt2 -#undef des_encrypt3 -#undef des_decrypt3 -#define des_encrypt des_encrypt_u16_risc1_idx -#define des_encrypt2 des_encrypt2_u16_risc1_idx -#define des_encrypt3 des_encrypt3_u16_risc1_idx -#define des_decrypt3 des_decrypt3_u16_risc1_idx +#undef DES_encrypt1 +#undef DES_encrypt2 +#undef DES_encrypt3 +#undef DES_decrypt3 +#define DES_encrypt1 des_encrypt_u16_risc1_idx +#define DES_encrypt2 des_encrypt2_u16_risc1_idx +#define DES_encrypt3 des_encrypt3_u16_risc1_idx +#define DES_decrypt3 des_decrypt3_u16_risc1_idx #undef HEADER_DES_LOCL_H #include "des_enc.c" @@ -196,14 +198,14 @@ struct tms { #define DES_RISC2 #undef DES_PTR #undef D_ENCRYPT -#undef des_encrypt -#undef des_encrypt2 -#undef des_encrypt3 -#undef des_decrypt3 -#define des_encrypt des_encrypt_u16_risc2_idx -#define des_encrypt2 des_encrypt2_u16_risc2_idx -#define des_encrypt3 des_encrypt3_u16_risc2_idx -#define des_decrypt3 des_decrypt3_u16_risc2_idx +#undef DES_encrypt1 +#undef DES_encrypt2 +#undef DES_encrypt3 +#undef DES_decrypt3 +#define DES_encrypt1 des_encrypt_u16_risc2_idx +#define DES_encrypt2 des_encrypt2_u16_risc2_idx +#define DES_encrypt3 des_encrypt3_u16_risc2_idx +#define DES_decrypt3 des_decrypt3_u16_risc2_idx #undef HEADER_DES_LOCL_H #include "des_enc.c" @@ -216,14 +218,14 @@ struct tms { #undef DES_RISC2 #define DES_PTR #undef D_ENCRYPT -#undef des_encrypt -#undef des_encrypt2 -#undef des_encrypt3 -#undef des_decrypt3 -#define des_encrypt des_encrypt_u4_cisc_ptr -#define des_encrypt2 des_encrypt2_u4_cisc_ptr -#define des_encrypt3 des_encrypt3_u4_cisc_ptr -#define des_decrypt3 des_decrypt3_u4_cisc_ptr +#undef DES_encrypt1 +#undef DES_encrypt2 +#undef DES_encrypt3 +#undef DES_decrypt3 +#define DES_encrypt1 des_encrypt_u4_cisc_ptr +#define DES_encrypt2 des_encrypt2_u4_cisc_ptr +#define DES_encrypt3 des_encrypt3_u4_cisc_ptr +#define DES_decrypt3 des_decrypt3_u4_cisc_ptr #undef HEADER_DES_LOCL_H #include "des_enc.c" @@ -232,14 +234,14 @@ struct tms { #undef DES_RISC2 #define DES_PTR #undef D_ENCRYPT -#undef des_encrypt -#undef des_encrypt2 -#undef des_encrypt3 -#undef des_decrypt3 -#define des_encrypt des_encrypt_u16_cisc_ptr -#define des_encrypt2 des_encrypt2_u16_cisc_ptr -#define des_encrypt3 des_encrypt3_u16_cisc_ptr -#define des_decrypt3 des_decrypt3_u16_cisc_ptr +#undef DES_encrypt1 +#undef DES_encrypt2 +#undef DES_encrypt3 +#undef DES_decrypt3 +#define DES_encrypt1 des_encrypt_u16_cisc_ptr +#define DES_encrypt2 des_encrypt2_u16_cisc_ptr +#define DES_encrypt3 des_encrypt3_u16_cisc_ptr +#define DES_decrypt3 des_decrypt3_u16_cisc_ptr #undef HEADER_DES_LOCL_H #include "des_enc.c" @@ -248,14 +250,14 @@ struct tms { #undef DES_RISC2 #define DES_PTR #undef D_ENCRYPT -#undef des_encrypt -#undef des_encrypt2 -#undef des_encrypt3 -#undef des_decrypt3 -#define des_encrypt des_encrypt_u4_risc1_ptr -#define des_encrypt2 des_encrypt2_u4_risc1_ptr -#define des_encrypt3 des_encrypt3_u4_risc1_ptr -#define des_decrypt3 des_decrypt3_u4_risc1_ptr +#undef DES_encrypt1 +#undef DES_encrypt2 +#undef DES_encrypt3 +#undef DES_decrypt3 +#define DES_encrypt1 des_encrypt_u4_risc1_ptr +#define DES_encrypt2 des_encrypt2_u4_risc1_ptr +#define DES_encrypt3 des_encrypt3_u4_risc1_ptr +#define DES_decrypt3 des_decrypt3_u4_risc1_ptr #undef HEADER_DES_LOCL_H #include "des_enc.c" @@ -268,14 +270,14 @@ struct tms { #define DES_RISC2 #define DES_PTR #undef D_ENCRYPT -#undef des_encrypt -#undef des_encrypt2 -#undef des_encrypt3 -#undef des_decrypt3 -#define des_encrypt des_encrypt_u4_risc2_ptr -#define des_encrypt2 des_encrypt2_u4_risc2_ptr -#define des_encrypt3 des_encrypt3_u4_risc2_ptr -#define des_decrypt3 des_decrypt3_u4_risc2_ptr +#undef DES_encrypt1 +#undef DES_encrypt2 +#undef DES_encrypt3 +#undef DES_decrypt3 +#define DES_encrypt1 des_encrypt_u4_risc2_ptr +#define DES_encrypt2 des_encrypt2_u4_risc2_ptr +#define DES_encrypt3 des_encrypt3_u4_risc2_ptr +#define DES_decrypt3 des_decrypt3_u4_risc2_ptr #undef HEADER_DES_LOCL_H #include "des_enc.c" @@ -284,14 +286,14 @@ struct tms { #undef DES_RISC2 #define DES_PTR #undef D_ENCRYPT -#undef des_encrypt -#undef des_encrypt2 -#undef des_encrypt3 -#undef des_decrypt3 -#define des_encrypt des_encrypt_u16_risc1_ptr -#define des_encrypt2 des_encrypt2_u16_risc1_ptr -#define des_encrypt3 des_encrypt3_u16_risc1_ptr -#define des_decrypt3 des_decrypt3_u16_risc1_ptr +#undef DES_encrypt1 +#undef DES_encrypt2 +#undef DES_encrypt3 +#undef DES_decrypt3 +#define DES_encrypt1 des_encrypt_u16_risc1_ptr +#define DES_encrypt2 des_encrypt2_u16_risc1_ptr +#define DES_encrypt3 des_encrypt3_u16_risc1_ptr +#define DES_decrypt3 des_decrypt3_u16_risc1_ptr #undef HEADER_DES_LOCL_H #include "des_enc.c" @@ -300,14 +302,14 @@ struct tms { #define DES_RISC2 #define DES_PTR #undef D_ENCRYPT -#undef des_encrypt -#undef des_encrypt2 -#undef des_encrypt3 -#undef des_decrypt3 -#define des_encrypt des_encrypt_u16_risc2_ptr -#define des_encrypt2 des_encrypt2_u16_risc2_ptr -#define des_encrypt3 des_encrypt3_u16_risc2_ptr -#define des_decrypt3 des_decrypt3_u16_risc2_ptr +#undef DES_encrypt1 +#undef DES_encrypt2 +#undef DES_encrypt3 +#undef DES_decrypt3 +#define DES_encrypt1 des_encrypt_u16_risc2_ptr +#define DES_encrypt2 des_encrypt2_u16_risc2_ptr +#define DES_encrypt3 des_encrypt3_u16_risc2_ptr +#define DES_decrypt3 des_decrypt3_u16_risc2_ptr #undef HEADER_DES_LOCL_H #include "des_enc.c" @@ -317,11 +319,7 @@ struct tms { #ifndef HZ # ifndef CLK_TCK # ifndef _BSD_CLK_TCK_ /* FreeBSD fix */ -# ifndef VMS -# define HZ 100.0 -# else /* VMS */ -# define HZ 100.0 -# endif +# define HZ 100.0 # else /* _BSD_CLK_TCK_ */ # define HZ ((double)_BSD_CLK_TCK_) # endif @@ -333,12 +331,7 @@ struct tms { #define BUFSIZE ((long)1024) long run=0; -#ifndef NOPROTO double Time_F(int s); -#else -double Time_F(); -#endif - #ifdef SIGALRM #if defined(__STDC__) || defined(sgi) #define SIGRETTYPE void @@ -346,14 +339,8 @@ double Time_F(); #define SIGRETTYPE int #endif -#ifndef NOPROTO SIGRETTYPE sig_done(int sig); -#else -SIGRETTYPE sig_done(); -#endif - -SIGRETTYPE sig_done(sig) -int sig; +SIGRETTYPE sig_done(int sig) { signal(SIGALRM,sig_done); run=0; @@ -366,8 +353,7 @@ int sig; #define START 0 #define STOP 1 -double Time_F(s) -int s; +double Time_F(int s) { double ret; #ifdef TIMES @@ -415,7 +401,7 @@ int s; for (count=0,run=1; COND(cb); count++) \ { \ unsigned long d[2]; \ - func(d,&(sch[0]),DES_ENCRYPT); \ + func(d,&sch,DES_ENCRYPT); \ } \ tm[index]=Time_F(STOP); \ fprintf(stderr,"%ld %s's in %.2f second\n",count,name,tm[index]); \ @@ -425,16 +411,14 @@ int s; fprintf(stderr,"%s bytes per sec = %12.2f (%5.1fuS)\n",name, \ tm[index]*8,1.0e6/tm[index]); -int main(argc,argv) -int argc; -char **argv; +int main(int argc, char **argv) { long count; static unsigned char buf[BUFSIZE]; - static des_cblock key ={0x12,0x34,0x56,0x78,0x9a,0xbc,0xde,0xf0}; - static des_cblock key2={0x34,0x56,0x78,0x9a,0xbc,0xde,0xf0,0x12}; - static des_cblock key3={0x56,0x78,0x9a,0xbc,0xde,0xf0,0x12,0x34}; - des_key_schedule sch,sch2,sch3; + static DES_cblock key ={0x12,0x34,0x56,0x78,0x9a,0xbc,0xde,0xf0}; + static DES_cblock key2={0x34,0x56,0x78,0x9a,0xbc,0xde,0xf0,0x12}; + static DES_cblock key3={0x56,0x78,0x9a,0xbc,0xde,0xf0,0x12,0x34}; + DES_key_schedule sch,sch2,sch3; double d,tm[16],max=0; int rank[16]; char *str[16]; @@ -450,17 +434,17 @@ char **argv; } #ifndef TIMES - fprintf(stderr,"To get the most acurate results, try to run this\n"); + fprintf(stderr,"To get the most accurate results, try to run this\n"); fprintf(stderr,"program when this computer is idle.\n"); #endif - des_set_key((C_Block *)key,sch); - des_set_key((C_Block *)key2,sch2); - des_set_key((C_Block *)key3,sch3); + DES_set_key_unchecked(&key,&sch); + DES_set_key_unchecked(&key2,&sch2); + DES_set_key_unchecked(&key3,&sch3); #ifndef SIGALRM fprintf(stderr,"First we calculate the approximate speed ...\n"); - des_set_key((C_Block *)key,sch); + DES_set_key_unchecked(&key,sch); count=10; do { long i; @@ -469,7 +453,7 @@ char **argv; count*=2; Time_F(START); for (i=count; i; i--) - des_encrypt(data,&(sch[0]),DES_ENCRYPT); + DES_encrypt1(data,&(sch[0]),DES_ENCRYPT); d=Time_F(STOP); } while (d < 3.0); ca=count; @@ -614,7 +598,7 @@ char **argv; break; } exit(0); -#if defined(LINT) || defined(MSDOS) +#if defined(LINT) || defined(OPENSSL_SYS_MSDOS) return(0); #endif } diff --git a/src/lib/libcrypto/des/des_ver.h b/src/lib/libcrypto/des/des_ver.h index 7041a9271d..0fa94d5368 100644 --- a/src/lib/libcrypto/des/des_ver.h +++ b/src/lib/libcrypto/des/des_ver.h @@ -56,5 +56,12 @@ * [including the GNU Public Licence.] */ -extern char *DES_version; /* SSLeay version string */ -extern char *libdes_version; /* old libdes version string */ +#include + +#ifdef OPENSSL_BUILD_SHLIBCRYPTO +# undef OPENSSL_EXTERN +# define OPENSSL_EXTERN OPENSSL_EXPORT +#endif + +OPENSSL_EXTERN char *DES_version; /* SSLeay version string */ +OPENSSL_EXTERN char *libdes_version; /* old libdes version string */ diff --git a/src/lib/libcrypto/des/dess.cpp b/src/lib/libcrypto/des/dess.cpp index 7fb5987314..5549bab90a 100644 --- a/src/lib/libcrypto/des/dess.cpp +++ b/src/lib/libcrypto/des/dess.cpp @@ -32,7 +32,7 @@ void GetTSC(unsigned long& tsc) #include #include -#include "des.h" +#include void main(int argc,char *argv[]) { @@ -45,19 +45,19 @@ void main(int argc,char *argv[]) { for (i=0; i<1000; i++) /**/ { - des_encrypt(&data[0],key,1); + des_encrypt1(&data[0],key,1); GetTSC(s1); - des_encrypt(&data[0],key,1); - des_encrypt(&data[0],key,1); - des_encrypt(&data[0],key,1); + des_encrypt1(&data[0],key,1); + des_encrypt1(&data[0],key,1); + des_encrypt1(&data[0],key,1); GetTSC(e1); GetTSC(s2); - des_encrypt(&data[0],key,1); - des_encrypt(&data[0],key,1); - des_encrypt(&data[0],key,1); - des_encrypt(&data[0],key,1); + des_encrypt1(&data[0],key,1); + des_encrypt1(&data[0],key,1); + des_encrypt1(&data[0],key,1); + des_encrypt1(&data[0],key,1); GetTSC(e2); - des_encrypt(&data[0],key,1); + des_encrypt1(&data[0],key,1); } printf("des %d %d (%d)\n", diff --git a/src/lib/libcrypto/des/destest.c b/src/lib/libcrypto/des/destest.c index 620c13ba6f..58e8c35dcb 100644 --- a/src/lib/libcrypto/des/destest.c +++ b/src/lib/libcrypto/des/destest.c @@ -56,21 +56,37 @@ * [including the GNU Public Licence.] */ -#if defined(WIN32) || defined(WIN16) || defined(WINDOWS) -#ifndef MSDOS -#define MSDOS +#include +#include + +#include +#if defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_WIN16) || defined(OPENSSL_SYS_WINDOWS) +#ifndef OPENSSL_SYS_MSDOS +#define OPENSSL_SYS_MSDOS #endif #endif -#include -#include -#ifndef MSDOS -#include +#ifndef OPENSSL_SYS_MSDOS +#if !defined(OPENSSL_SYS_VMS) || defined(OPENSSL_SYS_VMS_DECC) +#include OPENSSL_UNISTD +#endif #else #include #endif #include -#include "des.h" + +#ifdef OPENSSL_NO_DES +int main(int argc, char *argv[]) +{ + printf("No DES support\n"); + return(0); +} +#else +#include + +#if defined(PERL5) || defined(__FreeBSD__) || defined(NeXT) +#define crypt(c,s) (des_crypt((c),(s))) +#endif /* tisk tisk - the test keys don't all have odd parity :-( */ /* test data */ @@ -219,13 +235,13 @@ static unsigned char cipher_ecb2[NUM_TESTS-1][8]={ {0x08,0xD7,0xB4,0xFB,0x62,0x9D,0x08,0x85}}; static unsigned char cbc_key [8]={0x01,0x23,0x45,0x67,0x89,0xab,0xcd,0xef}; -static unsigned char cbc2_key[8]={0xf0,0xe1,0xd2,0xc3,0xb4,0xa5,0x96,0x87}; +static unsigned char cbc2_key[8]={0xf1,0xe0,0xd3,0xc2,0xb5,0xa4,0x97,0x86}; static unsigned char cbc3_key[8]={0xfe,0xdc,0xba,0x98,0x76,0x54,0x32,0x10}; static unsigned char cbc_iv [8]={0xfe,0xdc,0xba,0x98,0x76,0x54,0x32,0x10}; /* Changed the following text constant to binary so it will work on ebcdic * machines :-) */ /* static char cbc_data[40]="7654321 Now is the time for \0001"; */ -static char cbc_data[40]={ +static unsigned char cbc_data[40]={ 0x37,0x36,0x35,0x34,0x33,0x32,0x31,0x20, 0x4E,0x6F,0x77,0x20,0x69,0x73,0x20,0x74, 0x68,0x65,0x20,0x74,0x69,0x6D,0x65,0x20, @@ -239,12 +255,24 @@ static unsigned char cbc_ok[32]={ 0x46,0x8e,0x91,0x15,0x78,0x88,0xba,0x68, 0x1d,0x26,0x93,0x97,0xf7,0xfe,0x62,0xb4}; +#ifdef SCREW_THE_PARITY +#error "SCREW_THE_PARITY is not ment to be defined." +#error "Original vectors are preserved for reference only." +static unsigned char cbc2_key[8]={0xf0,0xe1,0xd2,0xc3,0xb4,0xa5,0x96,0x87}; static unsigned char xcbc_ok[32]={ 0x86,0x74,0x81,0x0D,0x61,0xA4,0xA5,0x48, 0xB9,0x93,0x03,0xE1,0xB8,0xBB,0xBD,0xBD, 0x64,0x30,0x0B,0xB9,0x06,0x65,0x81,0x76, 0x04,0x1D,0x77,0x62,0x17,0xCA,0x2B,0xD2, }; +#else +static unsigned char xcbc_ok[32]={ + 0x84,0x6B,0x29,0x14,0x85,0x1E,0x9A,0x29, + 0x54,0x73,0x2F,0x8A,0xA0,0xA6,0x11,0xC1, + 0x15,0xCD,0xC2,0xD7,0x95,0x1B,0x10,0x53, + 0xA6,0x3C,0x5E,0x03,0xB2,0x1A,0xA3,0xC4, + }; +#endif static unsigned char cbc3_ok[32]={ 0x3F,0xE3,0x01,0xC9,0x62,0xAC,0x01,0xD0, @@ -294,49 +322,95 @@ static unsigned char ofb_cipher[24]= 0x3d,0x6d,0x5b,0xe3,0x25,0x5a,0xf8,0xc3 }; -DES_LONG cbc_cksum_ret=0xB462FEF7L; -unsigned char cbc_cksum_data[8]={0x1D,0x26,0x93,0x97,0xf7,0xfe,0x62,0xb4}; +static DES_LONG cbc_cksum_ret=0xB462FEF7L; +static unsigned char cbc_cksum_data[8]={0x1D,0x26,0x93,0x97,0xf7,0xfe,0x62,0xb4}; -#ifndef NOPROTO static char *pt(unsigned char *p); static int cfb_test(int bits, unsigned char *cfb_cipher); static int cfb64_test(unsigned char *cfb_cipher); static int ede_cfb64_test(unsigned char *cfb_cipher); -#else -static char *pt(); -static int cfb_test(); -static int cfb64_test(); -static int ede_cfb64_test(); -#endif - -int main(argc,argv) -int argc; -char *argv[]; +int main(int argc, char *argv[]) { int i,j,err=0; - des_cblock in,out,outin,iv3; + des_cblock in,out,outin,iv3,iv2; des_key_schedule ks,ks2,ks3; unsigned char cbc_in[40]; unsigned char cbc_out[40]; DES_LONG cs; - unsigned char qret[4][4],cret[8]; - DES_LONG lqret[4]; + unsigned char cret[8]; +#ifdef _CRAY + struct { + int a:32; + int b:32; + } lqret[2]; +#else + DES_LONG lqret[4]; +#endif int num; char *str; +#ifndef OPENSSL_NO_DESCBCM + printf("Doing cbcm\n"); + if ((j=DES_set_key_checked(&cbc_key,&ks)) != 0) + { + printf("Key error %d\n",j); + err=1; + } + if ((j=DES_set_key_checked(&cbc2_key,&ks2)) != 0) + { + printf("Key error %d\n",j); + err=1; + } + if ((j=DES_set_key_checked(&cbc3_key,&ks3)) != 0) + { + printf("Key error %d\n",j); + err=1; + } + memset(cbc_out,0,40); + memset(cbc_in,0,40); + i=strlen((char *)cbc_data)+1; + /* i=((i+7)/8)*8; */ + memcpy(iv3,cbc_iv,sizeof(cbc_iv)); + memset(iv2,'\0',sizeof iv2); + + DES_ede3_cbcm_encrypt(cbc_data,cbc_out,16L,&ks,&ks2,&ks3,&iv3,&iv2, + DES_ENCRYPT); + DES_ede3_cbcm_encrypt(&cbc_data[16],&cbc_out[16],i-16,&ks,&ks2,&ks3, + &iv3,&iv2,DES_ENCRYPT); + /* if (memcmp(cbc_out,cbc3_ok, + (unsigned int)(strlen((char *)cbc_data)+1+7)/8*8) != 0) + { + printf("des_ede3_cbc_encrypt encrypt error\n"); + err=1; + } + */ + memcpy(iv3,cbc_iv,sizeof(cbc_iv)); + memset(iv2,'\0',sizeof iv2); + DES_ede3_cbcm_encrypt(cbc_out,cbc_in,i,&ks,&ks2,&ks3,&iv3,&iv2,DES_DECRYPT); + if (memcmp(cbc_in,cbc_data,strlen((char *)cbc_data)+1) != 0) + { + int n; + + printf("des_ede3_cbcm_encrypt decrypt error\n"); + for(n=0 ; n < i ; ++n) + printf(" %02x",cbc_data[n]); + printf("\n"); + for(n=0 ; n < i ; ++n) + printf(" %02x",cbc_in[n]); + printf("\n"); + err=1; + } +#endif + printf("Doing ecb\n"); for (i=0; i 0) lqret[i]=lqret[i]>>(j*8); /* For Cray */ + printf("quad_cksum error, out[0] %08lx is not %08lx\n", + (unsigned long)lqret[0].a,0x327eba8dUL); + err=1; } - { /* Big-endian fix */ - static DES_LONG l=1; - static unsigned char *c=(unsigned char *)&l; - DES_LONG ll; - - if (!c[0]) + if (lqret[0].b != 0x201a49ccL) { - ll=lqret[0]^lqret[3]; - lqret[0]^=ll; - lqret[3]^=ll; - ll=lqret[1]^lqret[2]; - lqret[1]^=ll; - lqret[2]^=ll; + printf("quad_cksum error, out[1] %08lx is not %08lx\n", + (unsigned long)lqret[0].b,0x201a49ccUL); + err=1; } - } - if (cs != 0x70d7a63aL) + if (lqret[1].a != 0x70d7a63aL) { - printf("quad_cksum error, ret %08lx should be 70d7a63a\n", - (unsigned long)cs); + printf("quad_cksum error, out[2] %08lx is not %08lx\n", + (unsigned long)lqret[1].a,0x70d7a63aUL); err=1; } + if (lqret[1].b != 0x501c2c26L) + { + printf("quad_cksum error, out[3] %08lx is not %08lx\n", + (unsigned long)lqret[1].b,0x501c2c26UL); + err=1; + } +#else if (lqret[0] != 0x327eba8dL) { printf("quad_cksum error, out[0] %08lx is not %08lx\n", - (unsigned long)lqret[0],0x327eba8dL); + (unsigned long)lqret[0],0x327eba8dUL); err=1; } if (lqret[1] != 0x201a49ccL) { printf("quad_cksum error, out[1] %08lx is not %08lx\n", - (unsigned long)lqret[1],0x201a49ccL); + (unsigned long)lqret[1],0x201a49ccUL); err=1; } if (lqret[2] != 0x70d7a63aL) { printf("quad_cksum error, out[2] %08lx is not %08lx\n", - (unsigned long)lqret[2],0x70d7a63aL); + (unsigned long)lqret[2],0x70d7a63aUL); err=1; } if (lqret[3] != 0x501c2c26L) { printf("quad_cksum error, out[3] %08lx is not %08lx\n", - (unsigned long)lqret[3],0x501c2c26L); + (unsigned long)lqret[3],0x501c2c26UL); err=1; } +#endif #endif printf("input word alignment test"); for (i=0; i<4; i++) { printf(" %d",i); - des_ncbc_encrypt((C_Block *)&(cbc_out[i]),(C_Block *)cbc_in, - (long)strlen(cbc_data)+1,ks,(C_Block *)cbc_iv, - DES_ENCRYPT); + des_ncbc_encrypt(&(cbc_out[i]),cbc_in, + strlen((char *)cbc_data)+1,ks, + &cbc_iv,DES_ENCRYPT); } printf("\noutput word alignment test"); for (i=0; i<4; i++) { printf(" %d",i); - des_ncbc_encrypt((C_Block *)cbc_out,(C_Block *)&(cbc_in[i]), - (long)strlen(cbc_data)+1,ks,(C_Block *)cbc_iv, - DES_ENCRYPT); + des_ncbc_encrypt(cbc_out,&(cbc_in[i]), + strlen((char *)cbc_data)+1,ks, + &cbc_iv,DES_ENCRYPT); } printf("\n"); printf("fast crypt test "); @@ -745,12 +819,10 @@ plain[8+4], plain[8+5], plain[8+6], plain[8+7]); err=1; } printf("\n"); - exit(err); - return(0); + return(err); } -static char *pt(p) -unsigned char *p; +static char *pt(unsigned char *p) { static char bufs[10][20]; static int bnum=0; @@ -771,17 +843,15 @@ unsigned char *p; #ifndef LIBDES_LIT -static int cfb_test(bits, cfb_cipher) -int bits; -unsigned char *cfb_cipher; +static int cfb_test(int bits, unsigned char *cfb_cipher) { des_key_schedule ks; int i,err=0; - des_key_sched((C_Block *)cfb_key,ks); + DES_set_key_checked(&cfb_key,&ks); memcpy(cfb_tmp,cfb_iv,sizeof(cfb_iv)); - des_cfb_encrypt(plain,cfb_buf1,bits,(long)sizeof(plain),ks, - (C_Block *)cfb_tmp,DES_ENCRYPT); + des_cfb_encrypt(plain,cfb_buf1,bits,sizeof(plain),ks,&cfb_tmp, + DES_ENCRYPT); if (memcmp(cfb_cipher,cfb_buf1,sizeof(plain)) != 0) { err=1; @@ -790,8 +860,8 @@ unsigned char *cfb_cipher; printf("%s\n",pt(&(cfb_buf1[i]))); } memcpy(cfb_tmp,cfb_iv,sizeof(cfb_iv)); - des_cfb_encrypt(cfb_buf1,cfb_buf2,bits,(long)sizeof(plain),ks, - (C_Block *)cfb_tmp,DES_DECRYPT); + des_cfb_encrypt(cfb_buf1,cfb_buf2,bits,sizeof(plain),ks,&cfb_tmp, + DES_DECRYPT); if (memcmp(plain,cfb_buf2,sizeof(plain)) != 0) { err=1; @@ -802,20 +872,17 @@ unsigned char *cfb_cipher; return(err); } -static int cfb64_test(cfb_cipher) -unsigned char *cfb_cipher; +static int cfb64_test(unsigned char *cfb_cipher) { des_key_schedule ks; int err=0,i,n; - des_key_sched((C_Block *)cfb_key,ks); + DES_set_key_checked(&cfb_key,&ks); memcpy(cfb_tmp,cfb_iv,sizeof(cfb_iv)); n=0; - des_cfb64_encrypt(plain,cfb_buf1,(long)12,ks, - (C_Block *)cfb_tmp,&n,DES_ENCRYPT); - des_cfb64_encrypt(&(plain[12]),&(cfb_buf1[12]), - (long)sizeof(plain)-12,ks, - (C_Block *)cfb_tmp,&n,DES_ENCRYPT); + des_cfb64_encrypt(plain,cfb_buf1,12,ks,&cfb_tmp,&n,DES_ENCRYPT); + des_cfb64_encrypt(&(plain[12]),&(cfb_buf1[12]),sizeof(plain)-12,ks, + &cfb_tmp,&n,DES_ENCRYPT); if (memcmp(cfb_cipher,cfb_buf1,sizeof(plain)) != 0) { err=1; @@ -825,11 +892,9 @@ unsigned char *cfb_cipher; } memcpy(cfb_tmp,cfb_iv,sizeof(cfb_iv)); n=0; - des_cfb64_encrypt(cfb_buf1,cfb_buf2,(long)17,ks, - (C_Block *)cfb_tmp,&n,DES_DECRYPT); + des_cfb64_encrypt(cfb_buf1,cfb_buf2,17,ks,&cfb_tmp,&n,DES_DECRYPT); des_cfb64_encrypt(&(cfb_buf1[17]),&(cfb_buf2[17]), - (long)sizeof(plain)-17,ks, - (C_Block *)cfb_tmp,&n,DES_DECRYPT); + sizeof(plain)-17,ks,&cfb_tmp,&n,DES_DECRYPT); if (memcmp(plain,cfb_buf2,sizeof(plain)) != 0) { err=1; @@ -840,20 +905,19 @@ unsigned char *cfb_cipher; return(err); } -static int ede_cfb64_test(cfb_cipher) -unsigned char *cfb_cipher; +static int ede_cfb64_test(unsigned char *cfb_cipher) { des_key_schedule ks; int err=0,i,n; - des_key_sched((C_Block *)cfb_key,ks); + DES_set_key_checked(&cfb_key,&ks); memcpy(cfb_tmp,cfb_iv,sizeof(cfb_iv)); n=0; - des_ede3_cfb64_encrypt(plain,cfb_buf1,(long)12,ks,ks,ks, - (C_Block *)cfb_tmp,&n,DES_ENCRYPT); + des_ede3_cfb64_encrypt(plain,cfb_buf1,12,ks,ks,ks,&cfb_tmp,&n, + DES_ENCRYPT); des_ede3_cfb64_encrypt(&(plain[12]),&(cfb_buf1[12]), - (long)sizeof(plain)-12,ks,ks,ks, - (C_Block *)cfb_tmp,&n,DES_ENCRYPT); + sizeof(plain)-12,ks,ks,ks, + &cfb_tmp,&n,DES_ENCRYPT); if (memcmp(cfb_cipher,cfb_buf1,sizeof(plain)) != 0) { err=1; @@ -864,10 +928,10 @@ unsigned char *cfb_cipher; memcpy(cfb_tmp,cfb_iv,sizeof(cfb_iv)); n=0; des_ede3_cfb64_encrypt(cfb_buf1,cfb_buf2,(long)17,ks,ks,ks, - (C_Block *)cfb_tmp,&n,DES_DECRYPT); + &cfb_tmp,&n,DES_DECRYPT); des_ede3_cfb64_encrypt(&(cfb_buf1[17]),&(cfb_buf2[17]), - (long)sizeof(plain)-17,ks,ks,ks, - (C_Block *)cfb_tmp,&n,DES_DECRYPT); + sizeof(plain)-17,ks,ks,ks, + &cfb_tmp,&n,DES_DECRYPT); if (memcmp(plain,cfb_buf2,sizeof(plain)) != 0) { err=1; @@ -879,4 +943,4 @@ unsigned char *cfb_cipher; } #endif - +#endif diff --git a/src/lib/libcrypto/des/read2pwd.c b/src/lib/libcrypto/des/read2pwd.c index a0d53793e4..b4720c3a98 100644 --- a/src/lib/libcrypto/des/read2pwd.c +++ b/src/lib/libcrypto/des/read2pwd.c @@ -1,4 +1,57 @@ /* crypto/des/read2pwd.c */ +/* ==================================================================== + * Copyright (c) 2001-2002 The OpenSSL Project. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * 3. All advertising materials mentioning features or use of this + * software must display the following acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" + * + * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to + * endorse or promote products derived from this software without + * prior written permission. For written permission, please contact + * openssl-core@openssl.org. + * + * 5. Products derived from this software may not be called "OpenSSL" + * nor may "OpenSSL" appear in their names without prior written + * permission of the OpenSSL Project. + * + * 6. Redistributions of any form whatsoever must retain the following + * acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit (http://www.openssl.org/)" + * + * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY + * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR + * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * ==================================================================== + * + * This product includes cryptographic software written by Eric Young + * (eay@cryptsoft.com). This product includes software written by Tim + * Hudson (tjh@cryptsoft.com). + * + */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -56,34 +109,30 @@ * [including the GNU Public Licence.] */ -#include "des_locl.h" +#include +#include +#include -int des_read_password(key, prompt, verify) -des_cblock (*key); -char *prompt; -int verify; +int DES_read_password(DES_cblock *key, const char *prompt, int verify) { int ok; char buf[BUFSIZ],buff[BUFSIZ]; - if ((ok=des_read_pw(buf,buff,BUFSIZ,prompt,verify)) == 0) - des_string_to_key(buf,key); + if ((ok=UI_UTIL_read_pw(buf,buff,BUFSIZ,prompt,verify)) == 0) + DES_string_to_key(buf,key); memset(buf,0,BUFSIZ); memset(buff,0,BUFSIZ); return(ok); } -int des_read_2passwords(key1, key2, prompt, verify) -des_cblock (*key1); -des_cblock (*key2); -char *prompt; -int verify; +int DES_read_2passwords(DES_cblock *key1, DES_cblock *key2, const char *prompt, + int verify) { int ok; char buf[BUFSIZ],buff[BUFSIZ]; - if ((ok=des_read_pw(buf,buff,BUFSIZ,prompt,verify)) == 0) - des_string_to_2keys(buf,key1,key2); + if ((ok=UI_UTIL_read_pw(buf,buff,BUFSIZ,prompt,verify)) == 0) + DES_string_to_2keys(buf,key1,key2); memset(buf,0,BUFSIZ); memset(buff,0,BUFSIZ); return(ok); diff --git a/src/lib/libcrypto/des/read_pwd.c b/src/lib/libcrypto/des/read_pwd.c index 99920f2f86..00000190f8 100644 --- a/src/lib/libcrypto/des/read_pwd.c +++ b/src/lib/libcrypto/des/read_pwd.c @@ -56,20 +56,55 @@ * [including the GNU Public Licence.] */ +#include +#if !defined(OPENSSL_SYS_MSDOS) && !defined(OPENSSL_SYS_VMS) && !defined(OPENSSL_SYS_WIN32) +#ifdef OPENSSL_UNISTD +# include OPENSSL_UNISTD +#else +# include +#endif +/* If unistd.h defines _POSIX_VERSION, we conclude that we + * are on a POSIX system and have sigaction and termios. */ +#if defined(_POSIX_VERSION) + +# define SIGACTION +# if !defined(TERMIOS) && !defined(TERMIO) && !defined(SGTTY) +# define TERMIOS +# endif + +#endif +#endif + /* #define SIGACTION */ /* Define this if you have sigaction() */ + #ifdef WIN16TTY -#undef WIN16 +#undef OPENSSL_SYS_WIN16 #undef _WINDOWS #include #endif /* 06-Apr-92 Luke Brennan Support for VMS */ #include "des_locl.h" +#include "cryptlib.h" #include +#include #include #include #include +#ifdef OPENSSL_SYS_VMS /* prototypes for sys$whatever */ +#include +#ifdef __DECC +#pragma message disable DOLLARID +#endif +#endif + +#ifdef WIN_CONSOLE_BUG +#include +#include +#endif + + /* There are 5 types of terminal interface supported, * TERMIO, TERMIOS, VMS, MSDOS and SGTTY */ @@ -92,12 +127,18 @@ #undef SGTTY #endif -#if !defined(TERMIO) && !defined(TERMIOS) && !defined(VMS) && !defined(MSDOS) +#if !defined(TERMIO) && !defined(TERMIOS) && !defined(OPENSSL_SYS_VMS) && !defined(OPENSSL_SYS_MSDOS) && !defined(MAC_OS_pre_X) && !defined(MAC_OS_GUSI_SOURCE) #undef TERMIOS #undef TERMIO #define SGTTY #endif +#if defined(OPENSSL_SYS_VSWORKS) +#undef TERMIOS +#undef TERMIO +#undef SGTTY +#endif + #ifdef TERMIOS #include #define TTY_STRUCT struct termios @@ -122,16 +163,16 @@ #define TTY_set(tty,data) ioctl(tty,TIOCSETP,data) #endif -#if !defined(_LIBC) && !defined(MSDOS) && !defined(VMS) +#if !defined(_LIBC) && !defined(OPENSSL_SYS_MSDOS) && !defined(OPENSSL_SYS_VMS) && !defined(MAC_OS_pre_X) #include #endif -#ifdef MSDOS +#if defined(OPENSSL_SYS_MSDOS) && !defined(__CYGWIN32__) #include #define fgets(a,b,c) noecho_fgets(a,b,c) #endif -#ifdef VMS +#ifdef OPENSSL_SYS_VMS #include #include #include @@ -143,44 +184,35 @@ struct IOSB { }; #endif +#if defined(MAC_OS_pre_X) || defined(MAC_OS_GUSI_SOURCE) +/* + * This one needs work. As a matter of fact the code is unoperational + * and this is only a trick to get it compiled. + * + */ +#define TTY_STRUCT int +#endif + #ifndef NX509_SIG #define NX509_SIG 32 #endif -#ifndef NOPROTO static void read_till_nl(FILE *); static void recsig(int); static void pushsig(void); static void popsig(void); -#if defined(MSDOS) && !defined(WIN16) +#if defined(OPENSSL_SYS_MSDOS) && !defined(OPENSSL_SYS_WIN16) static int noecho_fgets(char *buf, int size, FILE *tty); #endif -#else -static void read_till_nl(); -static void recsig(); -static void pushsig(); -static void popsig(); -#if defined(MSDOS) && !defined(WIN16) -static int noecho_fgets(); -#endif -#endif - #ifdef SIGACTION static struct sigaction savsig[NX509_SIG]; #else -# ifndef NOPROTO static void (*savsig[NX509_SIG])(int ); -# else - static void (*savsig[NX509_SIG])(); -# endif #endif static jmp_buf save; -int des_read_pw_string(buf, length, prompt, verify) -char *buf; -int length; -char *prompt; -int verify; +int des_read_pw_string(char *buf, int length, const char *prompt, + int verify) { char buff[BUFSIZ]; int ret; @@ -190,10 +222,9 @@ int verify; return(ret); } -#ifndef WIN16 +#ifndef OPENSSL_SYS_WIN16 -static void read_till_nl(in) -FILE *in; +static void read_till_nl(FILE *in) { #define SIZE 4 char buf[SIZE+1]; @@ -205,41 +236,54 @@ FILE *in; /* return 0 if ok, 1 (or -1) otherwise */ -int des_read_pw(buf, buff, size, prompt, verify) -char *buf; -char *buff; -int size; -char *prompt; -int verify; +int des_read_pw(char *buf, char *buff, int size, const char *prompt, + int verify) { -#ifdef VMS +#ifdef OPENSSL_SYS_VMS struct IOSB iosb; $DESCRIPTOR(terminal,"TT"); long tty_orig[3], tty_new[3]; long status; unsigned short channel = 0; #else -#ifndef MSDOS +#ifndef OPENSSL_SYS_MSDOS TTY_STRUCT tty_orig,tty_new; #endif #endif - int number=5; - int ok=0; - int ps=0; - int is_a_tty=1; - - FILE *tty=NULL; + int number; + int ok; + /* statics are simply to avoid warnings about longjmp clobbering + things */ + static int ps; + int is_a_tty; + static FILE *tty; char *p; -#ifndef MSDOS - if ((tty=fopen("/dev/tty","r")) == NULL) - tty=stdin; -#else /* MSDOS */ + if (setjmp(save)) + { + ok=0; + goto error; + } + + number=5; + ok=0; + ps=0; + is_a_tty=1; + tty=NULL; + +#ifdef OPENSSL_SYS_MSDOS if ((tty=fopen("con","r")) == NULL) tty=stdin; -#endif /* MSDOS */ +#elif defined(MAC_OS_pre_X) || defined(OPENSSL_SYS_VSWORKS) + tty=stdin; +#else +#ifndef OPENSSL_SYS_MPE + if ((tty=fopen("/dev/tty","r")) == NULL) +#endif + tty=stdin; +#endif -#if defined(TTY_get) && !defined(VMS) +#if defined(TTY_get) && !defined(OPENSSL_SYS_VMS) if (TTY_get(fileno(tty),&tty_orig) == -1) { #ifdef ENOTTY @@ -258,20 +302,15 @@ int verify; } memcpy(&(tty_new),&(tty_orig),sizeof(tty_orig)); #endif -#ifdef VMS - status = SYS$ASSIGN(&terminal,&channel,0,0); +#ifdef OPENSSL_SYS_VMS + status = sys$assign(&terminal,&channel,0,0); if (status != SS$_NORMAL) return(-1); - status=SYS$QIOW(0,channel,IO$_SENSEMODE,&iosb,0,0,tty_orig,12,0,0,0,0); + status=sys$qiow(0,channel,IO$_SENSEMODE,&iosb,0,0,tty_orig,12,0,0,0,0); if ((status != SS$_NORMAL) || (iosb.iosb$w_value != SS$_NORMAL)) return(-1); #endif - if (setjmp(save)) - { - ok=0; - goto error; - } pushsig(); ps=1; @@ -279,15 +318,19 @@ int verify; tty_new.TTY_FLAGS &= ~ECHO; #endif -#if defined(TTY_set) && !defined(VMS) +#if defined(TTY_set) && !defined(OPENSSL_SYS_VMS) if (is_a_tty && (TTY_set(fileno(tty),&tty_new) == -1)) +#ifdef OPENSSL_SYS_MPE + ; /* MPE lies -- echo really has been disabled */ +#else return(-1); #endif -#ifdef VMS +#endif +#ifdef OPENSSL_SYS_VMS tty_new[0] = tty_orig[0]; tty_new[1] = tty_orig[1] | TT$M_NOECHO; tty_new[2] = tty_orig[2]; - status = SYS$QIOW(0,channel,IO$_SETMODE,&iosb,0,0,tty_new,12,0,0,0,0); + status = sys$qiow(0,channel,IO$_SETMODE,&iosb,0,0,tty_new,12,0,0,0,0); if ((status != SS$_NORMAL) || (iosb.iosb$w_value != SS$_NORMAL)) return(-1); #endif @@ -329,35 +372,30 @@ int verify; error: fprintf(stderr,"\n"); -#ifdef DEBUG +#if 0 perror("fgets(tty)"); #endif /* What can we do if there is an error? */ -#if defined(TTY_set) && !defined(VMS) +#if defined(TTY_set) && !defined(OPENSSL_SYS_VMS) if (ps >= 2) TTY_set(fileno(tty),&tty_orig); #endif -#ifdef VMS +#ifdef OPENSSL_SYS_VMS if (ps >= 2) - status = SYS$QIOW(0,channel,IO$_SETMODE,&iosb,0,0 + status = sys$qiow(0,channel,IO$_SETMODE,&iosb,0,0 ,tty_orig,12,0,0,0,0); #endif if (ps >= 1) popsig(); if (stdin != tty) fclose(tty); -#ifdef VMS - status = SYS$DASSGN(channel); +#ifdef OPENSSL_SYS_VMS + status = sys$dassgn(channel); #endif return(!ok); } -#else /* WIN16 */ +#else /* OPENSSL_SYS_WIN16 */ -int des_read_pw(buf, buff, size, prompt, verify) -char *buf; -char *buff; -int size; -char *prompt; -int verify; +int des_read_pw(char *buf, char *buff, int size, char *prompt, int verify) { memset(buf,0,size); memset(buff,0,size); @@ -366,9 +404,15 @@ int verify; #endif -static void pushsig() +static void pushsig(void) { int i; +#ifdef SIGACTION + struct sigaction sa; + + memset(&sa,0,sizeof sa); + sa.sa_handler=recsig; +#endif for (i=1; ides_key,ks); + DES_set_key_unchecked(&desp->des_key,&ks); enc=(desp->des_dir == ENCRYPT)?DES_ENCRYPT:DES_DECRYPT; if (desp->des_mode == CBC) - des_ecb_encrypt((des_cblock *)desp->UDES.UDES_buf, - (des_cblock *)desp->UDES.UDES_buf,ks,enc); + DES_ecb_encrypt((const_DES_cblock *)desp->UDES.UDES_buf, + (DES_cblock *)desp->UDES.UDES_buf,&ks, + enc); else { - des_ncbc_encrypt((des_cblock *)desp->UDES.UDES_buf, - (des_cblock *)desp->UDES.UDES_buf, - (long)len,ks, - (des_cblock *)desp->des_ivec,enc); + DES_ncbc_encrypt(desp->UDES.UDES_buf,desp->UDES.UDES_buf, + len,&ks,&desp->des_ivec,enc); #ifdef undef /* len will always be %8 if called from common_crypt * in secure_rpc. diff --git a/src/lib/libcrypto/des/rpw.c b/src/lib/libcrypto/des/rpw.c index 6447ed9cf0..8a9473c4f9 100644 --- a/src/lib/libcrypto/des/rpw.c +++ b/src/lib/libcrypto/des/rpw.c @@ -57,17 +57,15 @@ */ #include -#include "des.h" +#include -int main(argc,argv) -int argc; -char *argv[]; +int main(int argc, char *argv[]) { - des_cblock k,k1; + DES_cblock k,k1; int i; printf("read passwd\n"); - if ((i=des_read_password((C_Block *)k,"Enter password:",0)) == 0) + if ((i=des_read_password(&k,"Enter password:",0)) == 0) { printf("password = "); for (i=0; i<8; i++) @@ -77,7 +75,7 @@ char *argv[]; printf("error %d\n",i); printf("\n"); printf("read 2passwds and verify\n"); - if ((i=des_read_2passwords((C_Block *)k,(C_Block *)k1, + if ((i=des_read_2passwords(&k,&k1, "Enter verified password:",1)) == 0) { printf("password1 = "); diff --git a/src/lib/libcrypto/des/speed.c b/src/lib/libcrypto/des/speed.c index 5bbe8b01d6..48fc1d49fc 100644 --- a/src/lib/libcrypto/des/speed.c +++ b/src/lib/libcrypto/des/speed.c @@ -59,19 +59,17 @@ /* 11-Sep-92 Andrew Daviel Support for Silicon Graphics IRIX added */ /* 06-Apr-92 Luke Brennan Support for VMS and add extra signal calls */ -#ifndef MSDOS +#if !defined(OPENSSL_SYS_MSDOS) && (!defined(OPENSSL_SYS_VMS) || defined(__DECC)) && !defined(OPENSSL_SYS_MACOSX) #define TIMES #endif #include -#ifndef MSDOS -#include -#else -#include -extern int exit(); -#endif + +#include +#include OPENSSL_UNISTD_IO +OPENSSL_DECLARE_EXIT + #include -#ifndef VMS #ifndef _IRIX #include #endif @@ -79,35 +77,32 @@ extern int exit(); #include #include #endif -#else /* VMS */ -#include -struct tms { - time_t tms_utime; - time_t tms_stime; - time_t tms_uchild; /* I dunno... */ - time_t tms_uchildsys; /* so these names are a guess :-) */ - } + +/* Depending on the VMS version, the tms structure is perhaps defined. + The __TMS macro will show if it was. If it wasn't defined, we should + undefine TIMES, since that tells the rest of the program how things + should be handled. -- Richard Levitte */ +#if defined(OPENSSL_SYS_VMS_DECC) && !defined(__TMS) +#undef TIMES #endif + #ifndef TIMES #include #endif -#ifdef sun +#if defined(sun) || defined(__ultrix) +#define _POSIX_SOURCE #include #include #endif -#include "des.h" +#include /* The following if from times(3) man page. It may need to be changed */ #ifndef HZ # ifndef CLK_TCK # ifndef _BSD_CLK_TCK_ /* FreeBSD fix */ -# ifndef VMS -# define HZ 100.0 -# else /* VMS */ -# define HZ 100.0 -# endif +# define HZ 100.0 # else /* _BSD_CLK_TCK_ */ # define HZ ((double)_BSD_CLK_TCK_) # endif @@ -119,12 +114,7 @@ struct tms { #define BUFSIZE ((long)1024) long run=0; -#ifndef NOPROTO double Time_F(int s); -#else -double Time_F(); -#endif - #ifdef SIGALRM #if defined(__STDC__) || defined(sgi) || defined(_AIX) #define SIGRETTYPE void @@ -132,14 +122,8 @@ double Time_F(); #define SIGRETTYPE int #endif -#ifndef NOPROTO SIGRETTYPE sig_done(int sig); -#else -SIGRETTYPE sig_done(); -#endif - -SIGRETTYPE sig_done(sig) -int sig; +SIGRETTYPE sig_done(int sig) { signal(SIGALRM,sig_done); run=0; @@ -152,8 +136,7 @@ int sig; #define START 0 #define STOP 1 -double Time_F(s) -int s; +double Time_F(int s) { double ret; #ifdef TIMES @@ -189,32 +172,30 @@ int s; #endif } -int main(argc,argv) -int argc; -char **argv; +int main(int argc, char **argv) { long count; static unsigned char buf[BUFSIZE]; - static des_cblock key ={0x12,0x34,0x56,0x78,0x9a,0xbc,0xde,0xf0}; - static des_cblock key2={0x34,0x56,0x78,0x9a,0xbc,0xde,0xf0,0x12}; - static des_cblock key3={0x56,0x78,0x9a,0xbc,0xde,0xf0,0x12,0x34}; - des_key_schedule sch,sch2,sch3; + static DES_cblock key ={0x12,0x34,0x56,0x78,0x9a,0xbc,0xde,0xf0}; + static DES_cblock key2={0x34,0x56,0x78,0x9a,0xbc,0xde,0xf0,0x12}; + static DES_cblock key3={0x56,0x78,0x9a,0xbc,0xde,0xf0,0x12,0x34}; + DES_key_schedule sch,sch2,sch3; double a,b,c,d,e; #ifndef SIGALRM long ca,cb,cc,cd,ce; #endif #ifndef TIMES - printf("To get the most acurate results, try to run this\n"); + printf("To get the most accurate results, try to run this\n"); printf("program when this computer is idle.\n"); #endif - des_set_key((C_Block *)key2,sch2); - des_set_key((C_Block *)key3,sch3); + DES_set_key_unchecked(&key2,&sch2); + DES_set_key_unchecked(&key3,&sch3); #ifndef SIGALRM printf("First we calculate the approximate speed ...\n"); - des_set_key((C_Block *)key,sch); + DES_set_key_unchecked(&key,&sch); count=10; do { long i; @@ -223,7 +204,7 @@ char **argv; count*=2; Time_F(START); for (i=count; i; i--) - des_encrypt(data,&(sch[0]),DES_ENCRYPT); + DES_encrypt1(data,&sch,DES_ENCRYPT); d=Time_F(STOP); } while (d < 3.0); ca=count; @@ -244,63 +225,63 @@ char **argv; Time_F(START); for (count=0,run=1; COND(ca); count++) - des_set_key((C_Block *)key,sch); + DES_set_key_unchecked(&key,&sch); d=Time_F(STOP); printf("%ld set_key's in %.2f seconds\n",count,d); a=((double)COUNT(ca))/d; #ifdef SIGALRM - printf("Doing des_encrypt's for 10 seconds\n"); + printf("Doing DES_encrypt's for 10 seconds\n"); alarm(10); #else - printf("Doing des_encrypt %ld times\n",cb); + printf("Doing DES_encrypt %ld times\n",cb); #endif Time_F(START); for (count=0,run=1; COND(cb); count++) { DES_LONG data[2]; - des_encrypt(data,&(sch[0]),DES_ENCRYPT); + DES_encrypt1(data,&sch,DES_ENCRYPT); } d=Time_F(STOP); - printf("%ld des_encrypt's in %.2f second\n",count,d); + printf("%ld DES_encrypt's in %.2f second\n",count,d); b=((double)COUNT(cb)*8)/d; #ifdef SIGALRM - printf("Doing des_cbc_encrypt on %ld byte blocks for 10 seconds\n", + printf("Doing DES_cbc_encrypt on %ld byte blocks for 10 seconds\n", BUFSIZE); alarm(10); #else - printf("Doing des_cbc_encrypt %ld times on %ld byte blocks\n",cc, + printf("Doing DES_cbc_encrypt %ld times on %ld byte blocks\n",cc, BUFSIZE); #endif Time_F(START); for (count=0,run=1; COND(cc); count++) - des_ncbc_encrypt((C_Block *)buf,(C_Block *)buf,BUFSIZE,&(sch[0]), - (C_Block *)&(key[0]),DES_ENCRYPT); + DES_ncbc_encrypt(buf,buf,BUFSIZE,&sch, + &key,DES_ENCRYPT); d=Time_F(STOP); - printf("%ld des_cbc_encrypt's of %ld byte blocks in %.2f second\n", + printf("%ld DES_cbc_encrypt's of %ld byte blocks in %.2f second\n", count,BUFSIZE,d); c=((double)COUNT(cc)*BUFSIZE)/d; #ifdef SIGALRM - printf("Doing des_ede_cbc_encrypt on %ld byte blocks for 10 seconds\n", + printf("Doing DES_ede_cbc_encrypt on %ld byte blocks for 10 seconds\n", BUFSIZE); alarm(10); #else - printf("Doing des_ede_cbc_encrypt %ld times on %ld byte blocks\n",cd, + printf("Doing DES_ede_cbc_encrypt %ld times on %ld byte blocks\n",cd, BUFSIZE); #endif Time_F(START); for (count=0,run=1; COND(cd); count++) - des_ede3_cbc_encrypt((C_Block *)buf,(C_Block *)buf,BUFSIZE, - &(sch[0]), - &(sch2[0]), - &(sch3[0]), - (C_Block *)&(key[0]), + DES_ede3_cbc_encrypt(buf,buf,BUFSIZE, + &sch, + &sch2, + &sch3, + &key, DES_ENCRYPT); d=Time_F(STOP); - printf("%ld des_ede_cbc_encrypt's of %ld byte blocks in %.2f second\n", + printf("%ld DES_ede_cbc_encrypt's of %ld byte blocks in %.2f second\n", count,BUFSIZE,d); d=((double)COUNT(cd)*BUFSIZE)/d; @@ -323,7 +304,7 @@ char **argv; printf("DES ede cbc bytes per sec = %12.2f (%9.3fuS)\n",d,8.0e6/d); printf("crypt per sec = %12.2f (%9.3fuS)\n",e,1.0e6/e); exit(0); -#if defined(LINT) || defined(MSDOS) +#if defined(LINT) || defined(OPENSSL_SYS_MSDOS) return(0); #endif } diff --git a/src/lib/libcrypto/dh/dhtest.c b/src/lib/libcrypto/dh/dhtest.c index 488f10fd41..34894ced73 100644 --- a/src/lib/libcrypto/dh/dhtest.c +++ b/src/lib/libcrypto/dh/dhtest.c @@ -59,53 +59,74 @@ #include #include #include -#ifdef WINDOWS +#ifdef OPENSSL_SYS_WINDOWS #include "../bio/bss_file.c" #endif -#include "crypto.h" -#include "bio.h" -#include "bn.h" -#include "dh.h" +#include +#include +#include +#include +#include + +#ifdef OPENSSL_NO_DH +int main(int argc, char *argv[]) +{ + printf("No DH support\n"); + return(0); +} +#else +#include -#ifdef WIN16 +#ifdef OPENSSL_SYS_WIN16 #define MS_CALLBACK _far _loadds #else #define MS_CALLBACK #endif -#ifndef NOPROTO -static void MS_CALLBACK cb(int p, int n, char *arg); -#else -static void MS_CALLBACK cb(); -#endif - -#ifdef NO_STDIO +static void MS_CALLBACK cb(int p, int n, void *arg); +#ifdef OPENSSL_NO_STDIO #define APPS_WIN16 #include "bss_file.c" #endif -BIO *out=NULL; +static const char rnd_seed[] = "string to make the random number generator think it has entropy"; -int main(argc,argv) -int argc; -char *argv[]; +int main(int argc, char *argv[]) { - DH *a,*b; + DH *a; + DH *b=NULL; char buf[12]; unsigned char *abuf=NULL,*bbuf=NULL; int i,alen,blen,aout,bout,ret=1; + BIO *out; -#ifdef WIN32 + CRYPTO_malloc_debug_init(); + CRYPTO_dbg_set_options(V_CRYPTO_MDEBUG_ALL); + CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON); + +#ifdef OPENSSL_SYS_WIN32 CRYPTO_malloc_init(); #endif + RAND_seed(rnd_seed, sizeof rnd_seed); + out=BIO_new(BIO_s_file()); if (out == NULL) exit(1); BIO_set_fp(out,stdout,BIO_NOCLOSE); - a=DH_generate_parameters(64,DH_GENERATOR_5,cb,(char *)out); + a=DH_generate_parameters(64,DH_GENERATOR_5,cb,out); if (a == NULL) goto err; + if (!DH_check(a, &i)) goto err; + if (i & DH_CHECK_P_NOT_PRIME) + BIO_puts(out, "p value is not prime\n"); + if (i & DH_CHECK_P_NOT_SAFE_PRIME) + BIO_puts(out, "p value is not a safe prime\n"); + if (i & DH_UNABLE_TO_CHECK_GENERATOR) + BIO_puts(out, "unable to check the generator value\n"); + if (i & DH_NOT_SUITABLE_GENERATOR) + BIO_puts(out, "the g value is not a generator\n"); + BIO_puts(out,"\np ="); BN_print(out,a->p); BIO_puts(out,"\ng ="); @@ -134,7 +155,7 @@ char *argv[]; BIO_puts(out,"\n"); alen=DH_size(a); - abuf=(unsigned char *)Malloc(alen); + abuf=(unsigned char *)OPENSSL_malloc(alen); aout=DH_compute_key(abuf,b->pub_key,a); BIO_puts(out,"key1 ="); @@ -146,7 +167,7 @@ char *argv[]; BIO_puts(out,"\n"); blen=DH_size(b); - bbuf=(unsigned char *)Malloc(blen); + bbuf=(unsigned char *)OPENSSL_malloc(blen); bout=DH_compute_key(bbuf,a->pub_key,b); BIO_puts(out,"key2 ="); @@ -164,16 +185,21 @@ char *argv[]; else ret=0; err: - if (abuf != NULL) Free(abuf); - if (bbuf != NULL) Free(bbuf); + ERR_print_errors_fp(stderr); + + if (abuf != NULL) OPENSSL_free(abuf); + if (bbuf != NULL) OPENSSL_free(bbuf); + if(b != NULL) DH_free(b); + if(a != NULL) DH_free(a); + BIO_free(out); + CRYPTO_cleanup_all_ex_data(); + ERR_remove_state(0); + CRYPTO_mem_leaks_fp(stderr); exit(ret); return(ret); } -static void MS_CALLBACK cb(p, n,arg) -int p; -int n; -char *arg; +static void MS_CALLBACK cb(int p, int n, void *arg) { char c='*'; @@ -182,7 +208,9 @@ char *arg; if (p == 2) c='*'; if (p == 3) c='\n'; BIO_write((BIO *)arg,&c,1); + (void)BIO_flush((BIO *)arg); #ifdef LINT p=n; #endif } +#endif diff --git a/src/lib/libcrypto/dh/p1024.c b/src/lib/libcrypto/dh/p1024.c index 0c50c24cfb..368ceca4eb 100644 --- a/src/lib/libcrypto/dh/p1024.c +++ b/src/lib/libcrypto/dh/p1024.c @@ -57,10 +57,10 @@ */ #include -#include "bn.h" -#include "asn1.h" -#include "dh.h" -#include "pem.h" +#include +#include +#include +#include unsigned char data[]={0x97,0xF6,0x42,0x61,0xCA,0xB5,0x05,0xDD, 0x28,0x28,0xE1,0x3F,0x1D,0x68,0xB6,0xD3, diff --git a/src/lib/libcrypto/dh/p192.c b/src/lib/libcrypto/dh/p192.c index 881908169a..7bdf40410e 100644 --- a/src/lib/libcrypto/dh/p192.c +++ b/src/lib/libcrypto/dh/p192.c @@ -57,10 +57,10 @@ */ #include -#include "bn.h" -#include "asn1.h" -#include "dh.h" -#include "pem.h" +#include +#include +#include +#include unsigned char data[]={ 0xD4,0xA0,0xBA,0x02,0x50,0xB6,0xFD,0x2E, diff --git a/src/lib/libcrypto/dh/p512.c b/src/lib/libcrypto/dh/p512.c index cc84e8e50e..a9b6aa83f0 100644 --- a/src/lib/libcrypto/dh/p512.c +++ b/src/lib/libcrypto/dh/p512.c @@ -57,10 +57,10 @@ */ #include -#include "bn.h" -#include "asn1.h" -#include "dh.h" -#include "pem.h" +#include +#include +#include +#include unsigned char data[]={ 0xDA,0x58,0x3C,0x16,0xD9,0x85,0x22,0x89, diff --git a/src/lib/libcrypto/dsa/dsagen.c b/src/lib/libcrypto/dsa/dsagen.c index 20335de250..a0b0976640 100644 --- a/src/lib/libcrypto/dsa/dsagen.c +++ b/src/lib/libcrypto/dsa/dsagen.c @@ -57,7 +57,7 @@ */ #include -#include "dsa.h" +#include #define TEST #define GENUINE_DSA @@ -77,8 +77,7 @@ unsigned char seed[20]={ 0xe0,0x42,0x7d,LAST_VALUE}; #endif -int cb(p,n) -int p,n; +int cb(int p, int n) { char c='*'; diff --git a/src/lib/libcrypto/dsa/dsatest.c b/src/lib/libcrypto/dsa/dsatest.c index 39bb712c4a..12da64f9f4 100644 --- a/src/lib/libcrypto/dsa/dsatest.c +++ b/src/lib/libcrypto/dsa/dsatest.c @@ -61,27 +61,34 @@ #include #include #include -#include "crypto.h" -#include "rand.h" -#include "bio.h" -#include "err.h" -#include "dsa.h" -#ifdef WINDOWS +#include +#include +#include +#include +#include +#ifdef OPENSSL_SYS_WINDOWS #include "../bio/bss_file.c" #endif -#ifdef WIN16 +#ifdef OPENSSL_NO_DSA +int main(int argc, char *argv[]) +{ + printf("No DSA support\n"); + return(0); +} +#else +#include + +#ifdef OPENSSL_SYS_WIN16 #define MS_CALLBACK _far _loadds #else #define MS_CALLBACK #endif -#ifndef NOPROTO -static void MS_CALLBACK dsa_cb(int p, int n, char *arg); -#else -static void MS_CALLBACK dsa_cb(); -#endif +static void MS_CALLBACK dsa_cb(int p, int n, void *arg); +/* seed, out_p, out_q, out_g are taken from the updated Appendix 5 to + * FIPS PUB 186 and also appear in Appendix 5 to FIPS PIB 186-1 */ static unsigned char seed[20]={ 0xd5,0x01,0x4e,0x4b,0x60,0xef,0x2b,0xa8,0xb6,0x21,0x1b,0x40, 0x62,0xba,0x32,0x24,0xe0,0x42,0x7d,0xd3, @@ -115,24 +122,34 @@ static unsigned char out_g[]={ 0xc5,0x72,0xaf,0x53,0xe6,0xd7,0x88,0x02, }; +static const unsigned char str1[]="12345678901234567890"; + +static const char rnd_seed[] = "string to make the random number generator think it has entropy"; + static BIO *bio_err=NULL; -int main(argc, argv) -int argc; -char **argv; +int main(int argc, char **argv) { DSA *dsa=NULL; int counter,ret=0,i,j; unsigned char buf[256]; unsigned long h; + unsigned char sig[256]; + unsigned int siglen; if (bio_err == NULL) bio_err=BIO_new_fp(stderr,BIO_NOCLOSE); + CRYPTO_malloc_debug_init(); + CRYPTO_dbg_set_options(V_CRYPTO_MDEBUG_ALL); + CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON); + + ERR_load_crypto_strings(); + RAND_seed(rnd_seed, sizeof rnd_seed); + BIO_printf(bio_err,"test generation of DSA parameters\n"); - BIO_printf(bio_err,"expect '.*' followed by 5 lines of '.'s and '+'s\n"); - dsa=DSA_generate_parameters(512,seed,20,&counter,&h,dsa_cb, - (char *)bio_err); + + dsa=DSA_generate_parameters(512,seed,20,&counter,&h,dsa_cb,bio_err); BIO_printf(bio_err,"seed\n"); for (i=0; i<20; i+=4) @@ -178,21 +195,28 @@ char **argv; BIO_printf(bio_err,"g value is wrong\n"); goto end; } - - ret=1; + DSA_generate_key(dsa); + DSA_sign(0, str1, 20, sig, &siglen, dsa); + if (DSA_verify(0, str1, 20, sig, siglen, dsa) == 1) + ret=1; end: if (!ret) ERR_print_errors(bio_err); - if (bio_err != NULL) BIO_free(bio_err); if (dsa != NULL) DSA_free(dsa); + CRYPTO_cleanup_all_ex_data(); + ERR_remove_state(0); + ERR_free_strings(); + CRYPTO_mem_leaks(bio_err); + if (bio_err != NULL) + { + BIO_free(bio_err); + bio_err = NULL; + } exit(!ret); return(0); } -static void MS_CALLBACK dsa_cb(p, n, arg) -int p; -int n; -char *arg; +static void MS_CALLBACK dsa_cb(int p, int n, void *arg) { char c='*'; static int ok=0,num=0; @@ -201,8 +225,8 @@ char *arg; if (p == 1) c='+'; if (p == 2) { c='*'; ok++; } if (p == 3) c='\n'; - BIO_write((BIO *)arg,&c,1); - BIO_flush((BIO *)arg); + BIO_write(arg,&c,1); + (void)BIO_flush(arg); if (!ok && (p == 0) && (num > 1)) { @@ -210,5 +234,4 @@ char *arg; exit(1); } } - - +#endif diff --git a/src/lib/libcrypto/dso/README b/src/lib/libcrypto/dso/README index 6ba03c5631..d0bc9a89fb 100644 --- a/src/lib/libcrypto/dso/README +++ b/src/lib/libcrypto/dso/README @@ -1,16 +1,3 @@ -TODO ----- - -Find a way where name-translation can be done in a way that is -sensitive to particular methods (ie. generic code could still do -different path/filename substitutions on win32 to what it does on -*nix) but doesn't assume some canonical form. Already one case -exists where the "blah -> (libblah.so,blah.dll)" mapping doesn't -suffice. I suspect a callback with an enumerated (or string?) -parameter could be the way to go here ... DSO_ctrl the callback -into place and it can be invoked to handle name translation with -some clue to the calling code as to what kind of system it is. - NOTES ----- @@ -21,4 +8,15 @@ according to their man page, prefer developers to move to that. I'll leave Richard's changes there as I guess dso_dl is needed for HPUX10.20. +There is now a callback scheme in place where filename conversion can +(a) be turned off altogether through the use of the + DSO_FLAG_NO_NAME_TRANSLATION flag, +(b) be handled by default using the default DSO_METHOD's converter +(c) overriden per-DSO by setting the override callback +(d) a mix of (b) and (c) - eg. implement an override callback that; + (i) checks if we're win32 (if(strstr(dso->meth->name, "win32")....) + and if so, convert "blah" into "blah32.dll" (the default is + otherwise to make it "blah.dll"). + (ii) default to the normal behaviour - we're not on win32, eg. + finish with (return dso->meth->dso_name_converter(dso,NULL)). diff --git a/src/lib/libcrypto/dso/dso_dl.c b/src/lib/libcrypto/dso/dso_dl.c index 69810fc3bb..195717e993 100644 --- a/src/lib/libcrypto/dso/dso_dl.c +++ b/src/lib/libcrypto/dso/dso_dl.c @@ -1,5 +1,5 @@ /* dso_dl.c */ -/* Written by Richard Levitte (levitte@openssl.org) for the OpenSSL +/* Written by Richard Levitte (richard@levitte.org) for the OpenSSL * project 2000. */ /* ==================================================================== @@ -72,7 +72,7 @@ DSO_METHOD *DSO_METHOD_dl(void) /* Part of the hack in "dl_load" ... */ #define DSO_MAX_TRANSLATED_SIZE 256 -static int dl_load(DSO *dso, const char *filename); +static int dl_load(DSO *dso); static int dl_unload(DSO *dso); static void *dl_bind_var(DSO *dso, const char *symname); static DSO_FUNC_TYPE dl_bind_func(DSO *dso, const char *symname); @@ -81,8 +81,9 @@ static int dl_unbind_var(DSO *dso, char *symname, void *symptr); static int dl_unbind_func(DSO *dso, char *symname, DSO_FUNC_TYPE symptr); static int dl_init(DSO *dso); static int dl_finish(DSO *dso); -#endif static int dl_ctrl(DSO *dso, int cmd, long larg, void *parg); +#endif +static char *dl_name_converter(DSO *dso, const char *filename); static DSO_METHOD dso_meth_dl = { "OpenSSL 'dl' shared library method", @@ -95,7 +96,8 @@ static DSO_METHOD dso_meth_dl = { NULL, /* unbind_var */ NULL, /* unbind_func */ #endif - dl_ctrl, + NULL, /* ctrl */ + dl_name_converter, NULL, /* init */ NULL /* finish */ }; @@ -111,35 +113,43 @@ DSO_METHOD *DSO_METHOD_dl(void) * type so the cast is safe. */ -static int dl_load(DSO *dso, const char *filename) +static int dl_load(DSO *dso) { - shl_t ptr; - char translated[DSO_MAX_TRANSLATED_SIZE]; - int len; + shl_t ptr = NULL; + /* We don't do any fancy retries or anything, just take the method's + * (or DSO's if it has the callback set) best translation of the + * platform-independant filename and try once with that. */ + char *filename= DSO_convert_filename(dso, NULL); - /* The same comment as in dlfcn_load applies here. bleurgh. */ - len = strlen(filename); - if((dso->flags & DSO_FLAG_NAME_TRANSLATION) && - (len + 6 < DSO_MAX_TRANSLATED_SIZE) && - (strstr(filename, "/") == NULL)) + if(filename == NULL) { - sprintf(translated, "lib%s.so", filename); - ptr = shl_load(translated, BIND_IMMEDIATE, NULL); + DSOerr(DSO_F_DL_LOAD,DSO_R_NO_FILENAME); + goto err; } - else - ptr = shl_load(filename, BIND_IMMEDIATE, NULL); + ptr = shl_load(filename, BIND_IMMEDIATE|DYNAMIC_PATH, NULL); if(ptr == NULL) { DSOerr(DSO_F_DL_LOAD,DSO_R_LOAD_FAILED); - return(0); + ERR_add_error_data(4, "filename(", filename, "): ", + strerror(errno)); + goto err; } if(!sk_push(dso->meth_data, (char *)ptr)) { DSOerr(DSO_F_DL_LOAD,DSO_R_STACK_ERROR); - shl_unload(ptr); - return(0); + goto err; } + /* Success, stick the converted filename we've loaded under into the DSO + * (it also serves as the indicator that we are currently loaded). */ + dso->loaded_filename = filename; return(1); +err: + /* Cleanup! */ + if(filename != NULL) + OPENSSL_free(filename); + if(ptr != NULL) + shl_unload(ptr); + return(0); } static int dl_unload(DSO *dso) @@ -187,9 +197,11 @@ static void *dl_bind_var(DSO *dso, const char *symname) DSOerr(DSO_F_DL_BIND_VAR,DSO_R_NULL_HANDLE); return(NULL); } - if (shl_findsym(ptr, symname, TYPE_UNDEFINED, &sym) < 0) + if (shl_findsym(&ptr, symname, TYPE_UNDEFINED, &sym) < 0) { DSOerr(DSO_F_DL_BIND_VAR,DSO_R_SYM_FAILURE); + ERR_add_error_data(4, "symname(", symname, "): ", + strerror(errno)); return(NULL); } return(sym); @@ -216,36 +228,57 @@ static DSO_FUNC_TYPE dl_bind_func(DSO *dso, const char *symname) DSOerr(DSO_F_DL_BIND_FUNC,DSO_R_NULL_HANDLE); return(NULL); } - if (shl_findsym(ptr, symname, TYPE_UNDEFINED, &sym) < 0) + if (shl_findsym(&ptr, symname, TYPE_UNDEFINED, &sym) < 0) { DSOerr(DSO_F_DL_BIND_FUNC,DSO_R_SYM_FAILURE); + ERR_add_error_data(4, "symname(", symname, "): ", + strerror(errno)); return(NULL); } return((DSO_FUNC_TYPE)sym); } -static int dl_ctrl(DSO *dso, int cmd, long larg, void *parg) +/* This function is identical to the one in dso_dlfcn.c, but as it is highly + * unlikely that both the "dl" *and* "dlfcn" variants are being compiled at the + * same time, there's no great duplicating the code. Figuring out an elegant + * way to share one copy of the code would be more difficult and would not + * leave the implementations independant. */ +#if defined(__hpux) +static const char extension[] = ".sl"; +#else +static const char extension[] = ".so"; +#endif +static char *dl_name_converter(DSO *dso, const char *filename) { - if(dso == NULL) + char *translated; + int len, rsize, transform; + + len = strlen(filename); + rsize = len + 1; + transform = (strstr(filename, "/") == NULL); { - DSOerr(DSO_F_DL_CTRL,ERR_R_PASSED_NULL_PARAMETER); - return(-1); + /* We will convert this to "%s.s?" or "lib%s.s?" */ + rsize += strlen(extension);/* The length of ".s?" */ + if ((DSO_flags(dso) & DSO_FLAG_NAME_TRANSLATION_EXT_ONLY) == 0) + rsize += 3; /* The length of "lib" */ } - switch(cmd) + translated = OPENSSL_malloc(rsize); + if(translated == NULL) { - case DSO_CTRL_GET_FLAGS: - return dso->flags; - case DSO_CTRL_SET_FLAGS: - dso->flags = (int)larg; - return(0); - case DSO_CTRL_OR_FLAGS: - dso->flags |= (int)larg; - return(0); - default: - break; + DSOerr(DSO_F_DL_NAME_CONVERTER, + DSO_R_NAME_TRANSLATION_FAILED); + return(NULL); + } + if(transform) + { + if ((DSO_flags(dso) & DSO_FLAG_NAME_TRANSLATION_EXT_ONLY) == 0) + sprintf(translated, "lib%s%s", filename, extension); + else + sprintf(translated, "%s%s", filename, extension); } - DSOerr(DSO_F_DL_CTRL,DSO_R_UNKNOWN_COMMAND); - return(-1); + else + sprintf(translated, "%s", filename); + return(translated); } #endif /* DSO_DL */ diff --git a/src/lib/libcrypto/dso/dso_vms.c b/src/lib/libcrypto/dso/dso_vms.c index 8ff7090129..1674619d17 100644 --- a/src/lib/libcrypto/dso/dso_vms.c +++ b/src/lib/libcrypto/dso/dso_vms.c @@ -59,18 +59,17 @@ #include #include #include -#ifdef VMS +#include "cryptlib.h" +#include +#ifdef OPENSSL_SYS_VMS #pragma message disable DOLLARID #include -#include #include #include #include #endif -#include "cryptlib.h" -#include -#ifndef VMS +#ifndef OPENSSL_SYS_VMS DSO_METHOD *DSO_METHOD_vms(void) { return NULL; @@ -78,7 +77,7 @@ DSO_METHOD *DSO_METHOD_vms(void) #else #pragma message disable DOLLARID -static int vms_load(DSO *dso, const char *filename); +static int vms_load(DSO *dso); static int vms_unload(DSO *dso); static void *vms_bind_var(DSO *dso, const char *symname); static DSO_FUNC_TYPE vms_bind_func(DSO *dso, const char *symname); @@ -87,8 +86,9 @@ static int vms_unbind_var(DSO *dso, char *symname, void *symptr); static int vms_unbind_func(DSO *dso, char *symname, DSO_FUNC_TYPE symptr); static int vms_init(DSO *dso); static int vms_finish(DSO *dso); -#endif static long vms_ctrl(DSO *dso, int cmd, long larg, void *parg); +#endif +static char *vms_name_converter(DSO *dso, const char *filename); static DSO_METHOD dso_meth_vms = { "OpenSSL 'VMS' shared library method", @@ -101,7 +101,8 @@ static DSO_METHOD dso_meth_vms = { NULL, /* unbind_var */ NULL, /* unbind_func */ #endif - vms_ctrl, + NULL, /* ctrl */ + vms_name_converter, NULL, /* init */ NULL /* finish */ }; @@ -129,11 +130,20 @@ DSO_METHOD *DSO_METHOD_vms(void) return(&dso_meth_vms); } -static int vms_load(DSO *dso, const char *filename) +static int vms_load(DSO *dso) { + void *ptr = NULL; + /* See applicable comments in dso_dl.c */ + char *filename = DSO_convert_filename(dso, NULL); DSO_VMS_INTERNAL *p; const char *sp1, *sp2; /* Search result */ + if(filename == NULL) + { + DSOerr(DSO_F_DLFCN_LOAD,DSO_R_NO_FILENAME); + goto err; + } + /* A file specification may look like this: * * node::dev:[dir-spec]name.type;ver @@ -175,14 +185,14 @@ static int vms_load(DSO *dso, const char *filename) || (sp1 - filename) + strlen(sp2) > FILENAME_MAX) { DSOerr(DSO_F_VMS_LOAD,DSO_R_FILENAME_TOO_BIG); - return(0); + goto err; } p = (DSO_VMS_INTERNAL *)OPENSSL_malloc(sizeof(DSO_VMS_INTERNAL)); if(p == NULL) { DSOerr(DSO_F_VMS_LOAD,ERR_R_MALLOC_FAILURE); - return(0); + goto err; } strncpy(p->filename, sp1, sp2-sp1); @@ -204,10 +214,19 @@ static int vms_load(DSO *dso, const char *filename) if(!sk_push(dso->meth_data, (char *)p)) { DSOerr(DSO_F_VMS_LOAD,DSO_R_STACK_ERROR); - OPENSSL_free(p); - return(0); + goto err; } + + /* Success (for now, we lie. We actually do not know...) */ + dso->loaded_filename = filename; return(1); +err: + /* Cleanup! */ + if(p != NULL) + OPENSSL_free(p); + if(filename != NULL) + OPENSSL_free(filename); + return(0); } /* Note that this doesn't actually unload the shared image, as there is no @@ -260,7 +279,12 @@ void vms_bind_sym(DSO *dso, const char *symname, void **sym) { DSO_VMS_INTERNAL *ptr; int status; - int flags = LIB$M_FIS_MIXEDCASE; +#if 0 + int flags = (1<<4); /* LIB$M_FIS_MIXEDCASE, but this symbol isn't + defined in VMS older than 7.0 or so */ +#else + int flags = 0; +#endif struct dsc$descriptor_s symname_dsc; *sym = NULL; @@ -344,28 +368,12 @@ static DSO_FUNC_TYPE vms_bind_func(DSO *dso, const char *symname) return sym; } -static long vms_ctrl(DSO *dso, int cmd, long larg, void *parg) - { - if(dso == NULL) - { - DSOerr(DSO_F_VMS_CTRL,ERR_R_PASSED_NULL_PARAMETER); - return(-1); - } - switch(cmd) - { - case DSO_CTRL_GET_FLAGS: - return dso->flags; - case DSO_CTRL_SET_FLAGS: - dso->flags = (int)larg; - return(0); - case DSO_CTRL_OR_FLAGS: - dso->flags |= (int)larg; - return(0); - default: - break; - } - DSOerr(DSO_F_VMS_CTRL,DSO_R_UNKNOWN_COMMAND); - return(-1); - } - -#endif /* VMS */ +static char *vms_name_converter(DSO *dso, const char *filename) + { + int len = strlen(filename); + char *not_translated = OPENSSL_malloc(len+1); + strcpy(not_translated,filename); + return(not_translated); + } + +#endif /* OPENSSL_SYS_VMS */ diff --git a/src/lib/libcrypto/dso/dso_win32.c b/src/lib/libcrypto/dso/dso_win32.c index 7f1d904806..af8586d754 100644 --- a/src/lib/libcrypto/dso/dso_win32.c +++ b/src/lib/libcrypto/dso/dso_win32.c @@ -61,7 +61,7 @@ #include "cryptlib.h" #include -#ifndef WIN32 +#ifndef OPENSSL_SYS_WIN32 DSO_METHOD *DSO_METHOD_win32(void) { return NULL; @@ -71,7 +71,7 @@ DSO_METHOD *DSO_METHOD_win32(void) /* Part of the hack in "win32_load" ... */ #define DSO_MAX_TRANSLATED_SIZE 256 -static int win32_load(DSO *dso, const char *filename); +static int win32_load(DSO *dso); static int win32_unload(DSO *dso); static void *win32_bind_var(DSO *dso, const char *symname); static DSO_FUNC_TYPE win32_bind_func(DSO *dso, const char *symname); @@ -80,8 +80,9 @@ static int win32_unbind_var(DSO *dso, char *symname, void *symptr); static int win32_unbind_func(DSO *dso, char *symname, DSO_FUNC_TYPE symptr); static int win32_init(DSO *dso); static int win32_finish(DSO *dso); -#endif static long win32_ctrl(DSO *dso, int cmd, long larg, void *parg); +#endif +static char *win32_name_converter(DSO *dso, const char *filename); static DSO_METHOD dso_meth_win32 = { "OpenSSL 'win32' shared library method", @@ -94,7 +95,8 @@ static DSO_METHOD dso_meth_win32 = { NULL, /* unbind_var */ NULL, /* unbind_func */ #endif - win32_ctrl, + NULL, /* ctrl */ + win32_name_converter, NULL, /* init */ NULL /* finish */ }; @@ -109,50 +111,48 @@ DSO_METHOD *DSO_METHOD_win32(void) * LoadLibrary(), and copied. */ -static int win32_load(DSO *dso, const char *filename) +static int win32_load(DSO *dso) { - HINSTANCE h, *p; - char translated[DSO_MAX_TRANSLATED_SIZE]; - int len; + HINSTANCE h = NULL, *p = NULL; + /* See applicable comments from dso_dl.c */ + char *filename = DSO_convert_filename(dso, NULL); - /* NB: This is a hideous hack, but I'm not yet sure what - * to replace it with. This attempts to convert any filename, - * that looks like it has no path information, into a - * translated form, e. "blah" -> "blah.dll" ... I'm more - * comfortable putting hacks into win32 code though ;-) */ - len = strlen(filename); - if((dso->flags & DSO_FLAG_NAME_TRANSLATION) && - (len + 4 < DSO_MAX_TRANSLATED_SIZE) && - (strstr(filename, "/") == NULL) && - (strstr(filename, "\\") == NULL) && - (strstr(filename, ":") == NULL)) + if(filename == NULL) { - sprintf(translated, "%s.dll", filename); - h = LoadLibrary(translated); + DSOerr(DSO_F_WIN32_LOAD,DSO_R_NO_FILENAME); + goto err; } - else - h = LoadLibrary(filename); + h = LoadLibrary(filename); if(h == NULL) { DSOerr(DSO_F_WIN32_LOAD,DSO_R_LOAD_FAILED); - return(0); + ERR_add_error_data(3, "filename(", filename, ")"); + goto err; } p = (HINSTANCE *)OPENSSL_malloc(sizeof(HINSTANCE)); if(p == NULL) { DSOerr(DSO_F_WIN32_LOAD,ERR_R_MALLOC_FAILURE); - FreeLibrary(h); - return(0); + goto err; } *p = h; if(!sk_push(dso->meth_data, (char *)p)) { DSOerr(DSO_F_WIN32_LOAD,DSO_R_STACK_ERROR); - FreeLibrary(h); - OPENSSL_free(p); - return(0); + goto err; } + /* Success */ + dso->loaded_filename = filename; return(1); +err: + /* Cleanup !*/ + if(filename != NULL) + OPENSSL_free(filename); + if(p != NULL) + OPENSSL_free(p); + if(h != NULL) + FreeLibrary(h); + return(0); } static int win32_unload(DSO *dso) @@ -211,6 +211,7 @@ static void *win32_bind_var(DSO *dso, const char *symname) if(sym == NULL) { DSOerr(DSO_F_WIN32_BIND_VAR,DSO_R_SYM_FAILURE); + ERR_add_error_data(3, "symname(", symname, ")"); return(NULL); } return(sym); @@ -241,33 +242,38 @@ static DSO_FUNC_TYPE win32_bind_func(DSO *dso, const char *symname) if(sym == NULL) { DSOerr(DSO_F_WIN32_BIND_FUNC,DSO_R_SYM_FAILURE); + ERR_add_error_data(3, "symname(", symname, ")"); return(NULL); } return((DSO_FUNC_TYPE)sym); } -static long win32_ctrl(DSO *dso, int cmd, long larg, void *parg) - { - if(dso == NULL) - { - DSOerr(DSO_F_WIN32_CTRL,ERR_R_PASSED_NULL_PARAMETER); - return(-1); - } - switch(cmd) - { - case DSO_CTRL_GET_FLAGS: - return dso->flags; - case DSO_CTRL_SET_FLAGS: - dso->flags = (int)larg; - return(0); - case DSO_CTRL_OR_FLAGS: - dso->flags |= (int)larg; - return(0); - default: - break; - } - DSOerr(DSO_F_WIN32_CTRL,DSO_R_UNKNOWN_COMMAND); - return(-1); - } +static char *win32_name_converter(DSO *dso, const char *filename) + { + char *translated; + int len, transform; + + len = strlen(filename); + transform = ((strstr(filename, "/") == NULL) && + (strstr(filename, "\\") == NULL) && + (strstr(filename, ":") == NULL)); + if(transform) + /* We will convert this to "%s.dll" */ + translated = OPENSSL_malloc(len + 5); + else + /* We will simply duplicate filename */ + translated = OPENSSL_malloc(len + 1); + if(translated == NULL) + { + DSOerr(DSO_F_WIN32_NAME_CONVERTER, + DSO_R_NAME_TRANSLATION_FAILED); + return(NULL); + } + if(transform) + sprintf(translated, "%s.dll", filename); + else + sprintf(translated, "%s", filename); + return(translated); + } -#endif /* WIN32 */ +#endif /* OPENSSL_SYS_WIN32 */ diff --git a/src/lib/libcrypto/ebcdic.c b/src/lib/libcrypto/ebcdic.c index 31397b2add..bc968ea807 100644 --- a/src/lib/libcrypto/ebcdic.c +++ b/src/lib/libcrypto/ebcdic.c @@ -211,7 +211,8 @@ ascii2ebcdic(void *dest, const void *srce, size_t count) } #else /*CHARSET_EBCDIC*/ -#ifdef PEDANTIC +#include +#if defined(PEDANTIC) || defined(__DECC) static void *dummy=&dummy; #endif #endif diff --git a/src/lib/libcrypto/ebcdic.h b/src/lib/libcrypto/ebcdic.h index d3b4e98b12..6d65afcf9e 100644 --- a/src/lib/libcrypto/ebcdic.h +++ b/src/lib/libcrypto/ebcdic.h @@ -1,17 +1,19 @@ +/* crypto/ebcdic.h */ + #ifndef HEADER_EBCDIC_H #define HEADER_EBCDIC_H #include /* Avoid name clashes with other applications */ -#define os_toascii _eay2000_os_toascii -#define os_toebcdic _eay2000_os_toebcdic -#define ebcdic2ascii _eay2000_ebcdic2ascii -#define ascii2ebcdic _eay2000_ascii2ebcdic +#define os_toascii _openssl_os_toascii +#define os_toebcdic _openssl_os_toebcdic +#define ebcdic2ascii _openssl_ebcdic2ascii +#define ascii2ebcdic _openssl_ascii2ebcdic extern const unsigned char os_toascii[256]; extern const unsigned char os_toebcdic[256]; -void ebcdic2ascii(unsigned char *dest, const unsigned char *srce, size_t count); -void ascii2ebcdic(unsigned char *dest, const unsigned char *srce, size_t count); +void *ebcdic2ascii(void *dest, const void *srce, size_t count); +void *ascii2ebcdic(void *dest, const void *srce, size_t count); #endif diff --git a/src/lib/libcrypto/engine/enginetest.c b/src/lib/libcrypto/engine/enginetest.c index a5a3c47fcb..87fa8c57b7 100644 --- a/src/lib/libcrypto/engine/enginetest.c +++ b/src/lib/libcrypto/engine/enginetest.c @@ -3,7 +3,7 @@ * project 2000. */ /* ==================================================================== - * Copyright (c) 1999 The OpenSSL Project. All rights reserved. + * Copyright (c) 1999-2001 The OpenSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -56,8 +56,11 @@ * */ +#include #include #include +#include +#include #include #include @@ -76,6 +79,9 @@ static void display_engine_list() h = ENGINE_get_next(h); } printf("end of list\n"); + /* ENGINE_get_first() increases the struct_ref counter, so we + must call ENGINE_free() to decrease it again */ + ENGINE_free(h); } int main(int argc, char *argv[]) @@ -91,6 +97,18 @@ int main(int argc, char *argv[]) ENGINE *new_h3 = NULL; ENGINE *new_h4 = NULL; + /* enable memory leak checking unless explicitly disabled */ + if (!((getenv("OPENSSL_DEBUG_MEMORY") != NULL) && (0 == strcmp(getenv("OPENSSL_DEBUG_MEMORY"), "off")))) + { + CRYPTO_malloc_debug_init(); + CRYPTO_set_mem_debug_options(V_CRYPTO_MDEBUG_ALL); + } + else + { + /* OPENSSL_DEBUG_MEMORY=off */ + CRYPTO_set_mem_debug_functions(0, 0, 0, 0, 0); + } + CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON); ERR_load_crypto_strings(); memset(block, 0, 512 * sizeof(ENGINE *)); @@ -124,6 +142,8 @@ int main(int argc, char *argv[]) printf("Remove failed!\n"); goto end; } + if (ptr) + ENGINE_free(ptr); display_engine_list(); if(!ENGINE_add(new_h3) || !ENGINE_add(new_h2)) { @@ -158,12 +178,7 @@ int main(int argc, char *argv[]) } else printf("Remove that should fail did.\n"); - if(!ENGINE_remove(new_h1)) - { - printf("Remove failed!\n"); - goto end; - } - display_engine_list(); + ERR_clear_error(); if(!ENGINE_remove(new_h3)) { printf("Remove failed!\n"); @@ -183,6 +198,8 @@ int main(int argc, char *argv[]) if(!ENGINE_remove(ptr)) printf("Remove failed!i - probably no hardware " "support present.\n"); + if (ptr) + ENGINE_free(ptr); display_engine_list(); if(!ENGINE_add(new_h1) || !ENGINE_remove(new_h1)) { @@ -195,9 +212,9 @@ int main(int argc, char *argv[]) for(loop = 0; loop < 512; loop++) { sprintf(buf, "id%i", loop); - id = strdup(buf); + id = BUF_strdup(buf); sprintf(buf, "Fake engine type %i", loop); - name = strdup(buf); + name = BUF_strdup(buf); if(((block[loop] = ENGINE_new()) == NULL) || !ENGINE_set_id(block[loop], id) || !ENGINE_set_name(block[loop], name)) @@ -228,12 +245,13 @@ cleanup_loop: printf("\nRemove failed!\n"); goto end; } + ENGINE_free(ptr); printf("."); fflush(stdout); } for(loop = 0; loop < 512; loop++) { - free((char *)(ENGINE_get_id(block[loop]))); - free((char *)(ENGINE_get_name(block[loop]))); + OPENSSL_free((void *)ENGINE_get_id(block[loop])); + OPENSSL_free((void *)ENGINE_get_name(block[loop])); } printf("\nTests completed happily\n"); to_return = 0; @@ -247,5 +265,10 @@ end: for(loop = 0; loop < 512; loop++) if(block[loop]) ENGINE_free(block[loop]); + ENGINE_cleanup(); + CRYPTO_cleanup_all_ex_data(); + ERR_free_strings(); + ERR_remove_state(0); + CRYPTO_mem_leaks_fp(stderr); return to_return; } diff --git a/src/lib/libcrypto/engine/hw_4758_cca.c b/src/lib/libcrypto/engine/hw_4758_cca.c index 959d8f1a61..77d3d2ffdf 100644 --- a/src/lib/libcrypto/engine/hw_4758_cca.c +++ b/src/lib/libcrypto/engine/hw_4758_cca.c @@ -287,13 +287,13 @@ err: DSO_free(dso); dso = NULL; - keyRecordRead = (F_KEYRECORDREAD)NULL; - randomNumberGenerate = (F_RANDOMNUMBERGENERATE)NULL; - digitalSignatureGenerate = (F_DIGITALSIGNATUREGENERATE)NULL; - digitalSignatureVerify = (F_DIGITALSIGNATUREVERIFY)NULL; - publicKeyExtract = (F_PUBLICKEYEXTRACT)NULL; - pkaEncrypt = (F_PKAENCRYPT)NULL; - pkaDecrypt = (F_PKADECRYPT)NULL; + keyRecordRead = (F_KEYRECORDREAD)0; + randomNumberGenerate = (F_RANDOMNUMBERGENERATE)0; + digitalSignatureGenerate = (F_DIGITALSIGNATUREGENERATE)0; + digitalSignatureVerify = (F_DIGITALSIGNATUREVERIFY)0; + publicKeyExtract = (F_PUBLICKEYEXTRACT)0; + pkaEncrypt = (F_PKAENCRYPT)0; + pkaDecrypt = (F_PKADECRYPT)0; return 0; } @@ -312,13 +312,13 @@ static int ibm_4758_cca_finish(ENGINE *e) return 0; } dso = NULL; - keyRecordRead = (F_KEYRECORDREAD)NULL; - randomNumberGenerate = (F_RANDOMNUMBERGENERATE)NULL; - digitalSignatureGenerate = (F_DIGITALSIGNATUREGENERATE)NULL; - digitalSignatureVerify = (F_DIGITALSIGNATUREVERIFY)NULL; - publicKeyExtract = (F_PUBLICKEYEXTRACT)NULL; - pkaEncrypt = (F_PKAENCRYPT)NULL; - pkaDecrypt = (F_PKADECRYPT)NULL; + keyRecordRead = (F_KEYRECORDREAD)0; + randomNumberGenerate = (F_RANDOMNUMBERGENERATE)0; + digitalSignatureGenerate = (F_DIGITALSIGNATUREGENERATE)0; + digitalSignatureVerify = (F_DIGITALSIGNATUREVERIFY)0; + publicKeyExtract = (F_PUBLICKEYEXTRACT)0; + pkaEncrypt = (F_PKAENCRYPT)0; + pkaDecrypt = (F_PKADECRYPT)0; return 1; } diff --git a/src/lib/libcrypto/engine/hw_atalla.c b/src/lib/libcrypto/engine/hw_atalla.c index 3bb992a193..696cfcf156 100644 --- a/src/lib/libcrypto/engine/hw_atalla.c +++ b/src/lib/libcrypto/engine/hw_atalla.c @@ -3,7 +3,7 @@ * project 2000. */ /* ==================================================================== - * Copyright (c) 1999 The OpenSSL Project. All rights reserved. + * Copyright (c) 1999-2001 The OpenSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -60,11 +60,10 @@ #include #include "cryptlib.h" #include -#include "engine_int.h" #include -#ifndef NO_HW -#ifndef NO_HW_ATALLA +#ifndef OPENSSL_NO_HW +#ifndef OPENSSL_NO_HW_ATALLA #ifdef FLAT_INC #include "atalla.h" @@ -72,19 +71,27 @@ #include "vendor_defns/atalla.h" #endif -static int atalla_init(void); -static int atalla_finish(void); +#define ATALLA_LIB_NAME "atalla engine" +#include "hw_atalla_err.c" + +static int atalla_destroy(ENGINE *e); +static int atalla_init(ENGINE *e); +static int atalla_finish(ENGINE *e); +static int atalla_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)()); /* BIGNUM stuff */ -static int atalla_mod_exp(BIGNUM *r, BIGNUM *a, const BIGNUM *p, +static int atalla_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx); +#ifndef OPENSSL_NO_RSA /* RSA stuff */ -static int atalla_rsa_mod_exp(BIGNUM *r0, BIGNUM *I, RSA *rsa); +static int atalla_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa); +#endif /* This function is aliased to mod_exp (with the mont stuff dropped). */ -static int atalla_mod_exp_mont(BIGNUM *r, BIGNUM *a, const BIGNUM *p, +static int atalla_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx); +#ifndef OPENSSL_NO_DSA /* DSA stuff */ static int atalla_dsa_mod_exp(DSA *dsa, BIGNUM *rr, BIGNUM *a1, BIGNUM *p1, BIGNUM *a2, BIGNUM *p2, BIGNUM *m, @@ -92,13 +99,27 @@ static int atalla_dsa_mod_exp(DSA *dsa, BIGNUM *rr, BIGNUM *a1, static int atalla_mod_exp_dsa(DSA *dsa, BIGNUM *r, BIGNUM *a, const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx); +#endif +#ifndef OPENSSL_NO_DH /* DH stuff */ /* This function is alised to mod_exp (with the DH and mont dropped). */ -static int atalla_mod_exp_dh(DH *dh, BIGNUM *r, BIGNUM *a, const BIGNUM *p, +static int atalla_mod_exp_dh(const DH *dh, BIGNUM *r, + const BIGNUM *a, const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx); +#endif +/* The definitions for control commands specific to this engine */ +#define ATALLA_CMD_SO_PATH ENGINE_CMD_BASE +static const ENGINE_CMD_DEFN atalla_cmd_defns[] = { + {ATALLA_CMD_SO_PATH, + "SO_PATH", + "Specifies the path to the 'atasi' shared library", + ENGINE_CMD_FLAG_STRING}, + {0, NULL, NULL, 0} + }; +#ifndef OPENSSL_NO_RSA /* Our internal RSA_METHOD that we provide pointers to */ static RSA_METHOD atalla_rsa = { @@ -116,7 +137,9 @@ static RSA_METHOD atalla_rsa = NULL, NULL }; +#endif +#ifndef OPENSSL_NO_DSA /* Our internal DSA_METHOD that we provide pointers to */ static DSA_METHOD atalla_dsa = { @@ -131,7 +154,9 @@ static DSA_METHOD atalla_dsa = 0, /* flags */ NULL /* app_data */ }; +#endif +#ifndef OPENSSL_NO_DH /* Our internal DH_METHOD that we provide pointers to */ static DH_METHOD atalla_dh = { @@ -144,36 +169,44 @@ static DH_METHOD atalla_dh = 0, NULL }; +#endif -/* Our ENGINE structure. */ -static ENGINE engine_atalla = - { - "atalla", - "Atalla hardware engine support", - &atalla_rsa, - &atalla_dsa, - &atalla_dh, - NULL, - atalla_mod_exp, - NULL, - atalla_init, - atalla_finish, - NULL, /* no ctrl() */ - NULL, /* no load_privkey() */ - NULL, /* no load_pubkey() */ - 0, /* no flags */ - 0, 0, /* no references */ - NULL, NULL /* unlinked */ - }; - -/* As this is only ever called once, there's no need for locking - * (indeed - the lock will already be held by our caller!!!) */ -ENGINE *ENGINE_atalla() +/* Constants used when creating the ENGINE */ +static const char *engine_atalla_id = "atalla"; +static const char *engine_atalla_name = "Atalla hardware engine support"; + +/* This internal function is used by ENGINE_atalla() and possibly by the + * "dynamic" ENGINE support too */ +static int bind_helper(ENGINE *e) { - RSA_METHOD *meth1; - DSA_METHOD *meth2; - DH_METHOD *meth3; +#ifndef OPENSSL_NO_RSA + const RSA_METHOD *meth1; +#endif +#ifndef OPENSSL_NO_DSA + const DSA_METHOD *meth2; +#endif +#ifndef OPENSSL_NO_DH + const DH_METHOD *meth3; +#endif + if(!ENGINE_set_id(e, engine_atalla_id) || + !ENGINE_set_name(e, engine_atalla_name) || +#ifndef OPENSSL_NO_RSA + !ENGINE_set_RSA(e, &atalla_rsa) || +#endif +#ifndef OPENSSL_NO_DSA + !ENGINE_set_DSA(e, &atalla_dsa) || +#endif +#ifndef OPENSSL_NO_DH + !ENGINE_set_DH(e, &atalla_dh) || +#endif + !ENGINE_set_destroy_function(e, atalla_destroy) || + !ENGINE_set_init_function(e, atalla_init) || + !ENGINE_set_finish_function(e, atalla_finish) || + !ENGINE_set_ctrl_function(e, atalla_ctrl) || + !ENGINE_set_cmd_defns(e, atalla_cmd_defns)) + return 0; +#ifndef OPENSSL_NO_RSA /* We know that the "PKCS1_SSLeay()" functions hook properly * to the atalla-specific mod_exp and mod_exp_crt so we use * those functions. NB: We don't use ENGINE_openssl() or @@ -186,19 +219,50 @@ ENGINE *ENGINE_atalla() atalla_rsa.rsa_pub_dec = meth1->rsa_pub_dec; atalla_rsa.rsa_priv_enc = meth1->rsa_priv_enc; atalla_rsa.rsa_priv_dec = meth1->rsa_priv_dec; +#endif +#ifndef OPENSSL_NO_DSA /* Use the DSA_OpenSSL() method and just hook the mod_exp-ish * bits. */ meth2 = DSA_OpenSSL(); atalla_dsa.dsa_do_sign = meth2->dsa_do_sign; atalla_dsa.dsa_sign_setup = meth2->dsa_sign_setup; atalla_dsa.dsa_do_verify = meth2->dsa_do_verify; +#endif +#ifndef OPENSSL_NO_DH /* Much the same for Diffie-Hellman */ meth3 = DH_OpenSSL(); atalla_dh.generate_key = meth3->generate_key; atalla_dh.compute_key = meth3->compute_key; - return &engine_atalla; +#endif + + /* Ensure the atalla error handling is set up */ + ERR_load_ATALLA_strings(); + return 1; + } + +static ENGINE *engine_atalla(void) + { + ENGINE *ret = ENGINE_new(); + if(!ret) + return NULL; + if(!bind_helper(ret)) + { + ENGINE_free(ret); + return NULL; + } + return ret; + } + +void ENGINE_load_atalla(void) + { + /* Copied from eng_[openssl|dyn].c */ + ENGINE *toadd = engine_atalla(); + if(!toadd) return; + ENGINE_add(toadd); + ENGINE_free(toadd); + ERR_clear_error(); } /* This is a process-global DSO handle used for loading and unloading @@ -214,8 +278,32 @@ static tfnASI_GetHardwareConfig *p_Atalla_GetHardwareConfig = NULL; static tfnASI_RSAPrivateKeyOpFn *p_Atalla_RSAPrivateKeyOpFn = NULL; static tfnASI_GetPerformanceStatistics *p_Atalla_GetPerformanceStatistics = NULL; +/* These are the static string constants for the DSO file name and the function + * symbol names to bind to. Regrettably, the DSO name on *nix appears to be + * "atasi.so" rather than something more consistent like "libatasi.so". At the + * time of writing, I'm not sure what the file name on win32 is but clearly + * native name translation is not possible (eg libatasi.so on *nix, and + * atasi.dll on win32). For the purposes of testing, I have created a symbollic + * link called "libatasi.so" so that we can use native name-translation - a + * better solution will be needed. */ +static const char def_ATALLA_LIBNAME[] = "atasi"; +static const char *ATALLA_LIBNAME = def_ATALLA_LIBNAME; +static const char *ATALLA_F1 = "ASI_GetHardwareConfig"; +static const char *ATALLA_F2 = "ASI_RSAPrivateKeyOpFn"; +static const char *ATALLA_F3 = "ASI_GetPerformanceStatistics"; + +/* Destructor (complements the "ENGINE_atalla()" constructor) */ +static int atalla_destroy(ENGINE *e) + { + /* Unload the atalla error strings so any error state including our + * functs or reasons won't lead to a segfault (they simply get displayed + * without corresponding string data because none will be found). */ + ERR_unload_ATALLA_strings(); + return 1; + } + /* (de)initialisation functions. */ -static int atalla_init() +static int atalla_init(ENGINE *e) { tfnASI_GetHardwareConfig *p1; tfnASI_RSAPrivateKeyOpFn *p2; @@ -226,7 +314,7 @@ static int atalla_init() if(atalla_dso != NULL) { - ENGINEerr(ENGINE_F_ATALLA_INIT,ENGINE_R_ALREADY_LOADED); + ATALLAerr(ATALLA_F_ATALLA_INIT,ATALLA_R_ALREADY_LOADED); goto err; } /* Attempt to load libatasi.so/atasi.dll/whatever. Needs to be @@ -236,11 +324,10 @@ static int atalla_init() * drivers really use - for now a symbollic link needs to be * created on the host system from libatasi.so to atasi.so on * unix variants. */ - atalla_dso = DSO_load(NULL, ATALLA_LIBNAME, NULL, - DSO_FLAG_NAME_TRANSLATION); + atalla_dso = DSO_load(NULL, ATALLA_LIBNAME, NULL, 0); if(atalla_dso == NULL) { - ENGINEerr(ENGINE_F_ATALLA_INIT,ENGINE_R_DSO_FAILURE); + ATALLAerr(ATALLA_F_ATALLA_INIT,ATALLA_R_NOT_LOADED); goto err; } if(!(p1 = (tfnASI_GetHardwareConfig *)DSO_bind_func( @@ -250,7 +337,7 @@ static int atalla_init() !(p3 = (tfnASI_GetPerformanceStatistics *)DSO_bind_func( atalla_dso, ATALLA_F3))) { - ENGINEerr(ENGINE_F_ATALLA_INIT,ENGINE_R_DSO_FAILURE); + ATALLAerr(ATALLA_F_ATALLA_INIT,ATALLA_R_NOT_LOADED); goto err; } /* Copy the pointers */ @@ -261,7 +348,7 @@ static int atalla_init() * running. */ if(p1(0L, config_buf) != 0) { - ENGINEerr(ENGINE_F_ATALLA_INIT,ENGINE_R_UNIT_FAILURE); + ATALLAerr(ATALLA_F_ATALLA_INIT,ATALLA_R_UNIT_FAILURE); goto err; } /* Everything's fine. */ @@ -275,16 +362,16 @@ err: return 0; } -static int atalla_finish() +static int atalla_finish(ENGINE *e) { if(atalla_dso == NULL) { - ENGINEerr(ENGINE_F_ATALLA_FINISH,ENGINE_R_NOT_LOADED); + ATALLAerr(ATALLA_F_ATALLA_FINISH,ATALLA_R_NOT_LOADED); return 0; } if(!DSO_free(atalla_dso)) { - ENGINEerr(ENGINE_F_ATALLA_FINISH,ENGINE_R_DSO_FAILURE); + ATALLAerr(ATALLA_F_ATALLA_FINISH,ATALLA_R_UNIT_FAILURE); return 0; } atalla_dso = NULL; @@ -294,7 +381,32 @@ static int atalla_finish() return 1; } -static int atalla_mod_exp(BIGNUM *r, BIGNUM *a, const BIGNUM *p, +static int atalla_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)()) + { + int initialised = ((atalla_dso == NULL) ? 0 : 1); + switch(cmd) + { + case ATALLA_CMD_SO_PATH: + if(p == NULL) + { + ATALLAerr(ATALLA_F_ATALLA_CTRL,ERR_R_PASSED_NULL_PARAMETER); + return 0; + } + if(initialised) + { + ATALLAerr(ATALLA_F_ATALLA_CTRL,ATALLA_R_ALREADY_LOADED); + return 0; + } + ATALLA_LIBNAME = (const char *)p; + return 1; + default: + break; + } + ATALLAerr(ATALLA_F_ATALLA_CTRL,ATALLA_R_CTRL_COMMAND_NOT_IMPLEMENTED); + return 0; + } + +static int atalla_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx) { /* I need somewhere to store temporary serialised values for @@ -313,26 +425,27 @@ static int atalla_mod_exp(BIGNUM *r, BIGNUM *a, const BIGNUM *p, to_return = 0; /* expect failure */ if(!atalla_dso) - { - ENGINEerr(ENGINE_F_ATALLA_MOD_EXP,ENGINE_R_NOT_LOADED); + { + ATALLAerr(ATALLA_F_ATALLA_MOD_EXP,ATALLA_R_NOT_LOADED); goto err; - } + } /* Prepare the params */ + BN_CTX_start(ctx); modulus = BN_CTX_get(ctx); exponent = BN_CTX_get(ctx); argument = BN_CTX_get(ctx); result = BN_CTX_get(ctx); - if(!modulus || !exponent || !argument || !result) - { - ENGINEerr(ENGINE_F_ATALLA_MOD_EXP,ENGINE_R_BN_CTX_FULL); + if (!result) + { + ATALLAerr(ATALLA_F_ATALLA_MOD_EXP,ATALLA_R_BN_CTX_FULL); goto err; - } + } if(!bn_wexpand(modulus, m->top) || !bn_wexpand(exponent, m->top) || !bn_wexpand(argument, m->top) || !bn_wexpand(result, m->top)) - { - ENGINEerr(ENGINE_F_ATALLA_MOD_EXP,ENGINE_R_BN_EXPAND_FAIL); + { + ATALLAerr(ATALLA_F_ATALLA_MOD_EXP,ATALLA_R_BN_EXPAND_FAIL); goto err; - } + } /* Prepare the key-data */ memset(&keydata, 0,sizeof keydata); numbytes = BN_num_bytes(m); @@ -352,36 +465,34 @@ static int atalla_mod_exp(BIGNUM *r, BIGNUM *a, const BIGNUM *p, if(p_Atalla_RSAPrivateKeyOpFn(&keydata, (unsigned char *)result->d, (unsigned char *)argument->d, keydata.modulus.len) != 0) - { - ENGINEerr(ENGINE_F_ATALLA_MOD_EXP,ENGINE_R_REQUEST_FAILED); + { + ATALLAerr(ATALLA_F_ATALLA_MOD_EXP,ATALLA_R_REQUEST_FAILED); goto err; - } + } /* Convert the response */ BN_bin2bn((unsigned char *)result->d, numbytes, r); to_return = 1; err: - if(modulus) ctx->tos--; - if(exponent) ctx->tos--; - if(argument) ctx->tos--; - if(result) ctx->tos--; + BN_CTX_end(ctx); return to_return; } -static int atalla_rsa_mod_exp(BIGNUM *r0, BIGNUM *I, RSA *rsa) +#ifndef OPENSSL_NO_RSA +static int atalla_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa) { BN_CTX *ctx = NULL; int to_return = 0; if(!atalla_dso) - { - ENGINEerr(ENGINE_F_ATALLA_RSA_MOD_EXP,ENGINE_R_NOT_LOADED); + { + ATALLAerr(ATALLA_F_ATALLA_RSA_MOD_EXP,ATALLA_R_NOT_LOADED); goto err; - } + } if((ctx = BN_CTX_new()) == NULL) goto err; if(!rsa->d || !rsa->n) { - ENGINEerr(ENGINE_F_ATALLA_RSA_MOD_EXP,ENGINE_R_MISSING_KEY_COMPONENTS); + ATALLAerr(ATALLA_F_ATALLA_RSA_MOD_EXP,ATALLA_R_MISSING_KEY_COMPONENTS); goto err; } to_return = atalla_mod_exp(r0, I, rsa->d, rsa->n, ctx); @@ -390,7 +501,9 @@ err: BN_CTX_free(ctx); return to_return; } +#endif +#ifndef OPENSSL_NO_DSA /* This code was liberated and adapted from the commented-out code in * dsa_ossl.c. Because of the unoptimised form of the Atalla acceleration * (it doesn't have a CRT form for RSA), this function means that an @@ -418,27 +531,45 @@ end: return to_return; } - static int atalla_mod_exp_dsa(DSA *dsa, BIGNUM *r, BIGNUM *a, const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx) { return atalla_mod_exp(r, a, p, m, ctx); } +#endif /* This function is aliased to mod_exp (with the mont stuff dropped). */ -static int atalla_mod_exp_mont(BIGNUM *r, BIGNUM *a, const BIGNUM *p, +static int atalla_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx) { return atalla_mod_exp(r, a, p, m, ctx); } +#ifndef OPENSSL_NO_DH /* This function is aliased to mod_exp (with the dh and mont dropped). */ -static int atalla_mod_exp_dh(DH *dh, BIGNUM *r, BIGNUM *a, const BIGNUM *p, +static int atalla_mod_exp_dh(const DH *dh, BIGNUM *r, + const BIGNUM *a, const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx) { return atalla_mod_exp(r, a, p, m, ctx); } +#endif + +/* This stuff is needed if this ENGINE is being compiled into a self-contained + * shared-library. */ +#ifdef ENGINE_DYNAMIC_SUPPORT +static int bind_fn(ENGINE *e, const char *id) + { + if(id && (strcmp(id, engine_atalla_id) != 0)) + return 0; + if(!bind_helper(e)) + return 0; + return 1; + } +IMPLEMENT_DYNAMIC_CHECK_FN() +IMPLEMENT_DYNAMIC_BIND_FN(bind_fn) +#endif /* ENGINE_DYNAMIC_SUPPORT */ -#endif /* !NO_HW_ATALLA */ -#endif /* !NO_HW */ +#endif /* !OPENSSL_NO_HW_ATALLA */ +#endif /* !OPENSSL_NO_HW */ diff --git a/src/lib/libcrypto/engine/hw_cswift.c b/src/lib/libcrypto/engine/hw_cswift.c index 77608b8983..d8b380550f 100644 --- a/src/lib/libcrypto/engine/hw_cswift.c +++ b/src/lib/libcrypto/engine/hw_cswift.c @@ -3,7 +3,7 @@ * project 2000. */ /* ==================================================================== - * Copyright (c) 1999 The OpenSSL Project. All rights reserved. + * Copyright (c) 1999-2001 The OpenSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -60,11 +60,10 @@ #include #include "cryptlib.h" #include -#include "engine_int.h" #include -#ifndef NO_HW -#ifndef NO_HW_CSWIFT +#ifndef OPENSSL_NO_HW +#ifndef OPENSSL_NO_HW_CSWIFT /* Attribution notice: Rainbow have generously allowed me to reproduce * the necessary definitions here from their API. This means the support @@ -84,33 +83,55 @@ #include "vendor_defns/cswift.h" #endif -static int cswift_init(void); -static int cswift_finish(void); +#define CSWIFT_LIB_NAME "cswift engine" +#include "hw_cswift_err.c" + +static int cswift_destroy(ENGINE *e); +static int cswift_init(ENGINE *e); +static int cswift_finish(ENGINE *e); +static int cswift_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)()); /* BIGNUM stuff */ -static int cswift_mod_exp(BIGNUM *r, BIGNUM *a, const BIGNUM *p, +static int cswift_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx); -static int cswift_mod_exp_crt(BIGNUM *r, BIGNUM *a, const BIGNUM *p, +static int cswift_mod_exp_crt(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, const BIGNUM *q, const BIGNUM *dmp1, const BIGNUM *dmq1, const BIGNUM *iqmp, BN_CTX *ctx); +#ifndef OPENSSL_NO_RSA /* RSA stuff */ -static int cswift_rsa_mod_exp(BIGNUM *r0, BIGNUM *I, RSA *rsa); +static int cswift_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa); +#endif /* This function is aliased to mod_exp (with the mont stuff dropped). */ -static int cswift_mod_exp_mont(BIGNUM *r, BIGNUM *a, const BIGNUM *p, +static int cswift_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx); +#ifndef OPENSSL_NO_DSA /* DSA stuff */ static DSA_SIG *cswift_dsa_sign(const unsigned char *dgst, int dlen, DSA *dsa); static int cswift_dsa_verify(const unsigned char *dgst, int dgst_len, DSA_SIG *sig, DSA *dsa); +#endif +#ifndef OPENSSL_NO_DH /* DH stuff */ /* This function is alised to mod_exp (with the DH and mont dropped). */ -static int cswift_mod_exp_dh(DH *dh, BIGNUM *r, BIGNUM *a, const BIGNUM *p, +static int cswift_mod_exp_dh(const DH *dh, BIGNUM *r, + const BIGNUM *a, const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx); +#endif +/* The definitions for control commands specific to this engine */ +#define CSWIFT_CMD_SO_PATH ENGINE_CMD_BASE +static const ENGINE_CMD_DEFN cswift_cmd_defns[] = { + {CSWIFT_CMD_SO_PATH, + "SO_PATH", + "Specifies the path to the 'cswift' shared library", + ENGINE_CMD_FLAG_STRING}, + {0, NULL, NULL, 0} + }; +#ifndef OPENSSL_NO_RSA /* Our internal RSA_METHOD that we provide pointers to */ static RSA_METHOD cswift_rsa = { @@ -128,7 +149,9 @@ static RSA_METHOD cswift_rsa = NULL, NULL }; +#endif +#ifndef OPENSSL_NO_DSA /* Our internal DSA_METHOD that we provide pointers to */ static DSA_METHOD cswift_dsa = { @@ -143,7 +166,9 @@ static DSA_METHOD cswift_dsa = 0, /* flags */ NULL /* app_data */ }; +#endif +#ifndef OPENSSL_NO_DH /* Our internal DH_METHOD that we provide pointers to */ static DH_METHOD cswift_dh = { @@ -156,35 +181,41 @@ static DH_METHOD cswift_dh = 0, NULL }; +#endif -/* Our ENGINE structure. */ -static ENGINE engine_cswift = - { - "cswift", - "CryptoSwift hardware engine support", - &cswift_rsa, - &cswift_dsa, - &cswift_dh, - NULL, - cswift_mod_exp, - cswift_mod_exp_crt, - cswift_init, - cswift_finish, - NULL, /* no ctrl() */ - NULL, /* no load_privkey() */ - NULL, /* no load_pubkey() */ - 0, /* no flags */ - 0, 0, /* no references */ - NULL, NULL /* unlinked */ - }; - -/* As this is only ever called once, there's no need for locking - * (indeed - the lock will already be held by our caller!!!) */ -ENGINE *ENGINE_cswift() +/* Constants used when creating the ENGINE */ +static const char *engine_cswift_id = "cswift"; +static const char *engine_cswift_name = "CryptoSwift hardware engine support"; + +/* This internal function is used by ENGINE_cswift() and possibly by the + * "dynamic" ENGINE support too */ +static int bind_helper(ENGINE *e) { - RSA_METHOD *meth1; - DH_METHOD *meth2; +#ifndef OPENSSL_NO_RSA + const RSA_METHOD *meth1; +#endif +#ifndef OPENSSL_NO_DH + const DH_METHOD *meth2; +#endif + if(!ENGINE_set_id(e, engine_cswift_id) || + !ENGINE_set_name(e, engine_cswift_name) || +#ifndef OPENSSL_NO_RSA + !ENGINE_set_RSA(e, &cswift_rsa) || +#endif +#ifndef OPENSSL_NO_DSA + !ENGINE_set_DSA(e, &cswift_dsa) || +#endif +#ifndef OPENSSL_NO_DH + !ENGINE_set_DH(e, &cswift_dh) || +#endif + !ENGINE_set_destroy_function(e, cswift_destroy) || + !ENGINE_set_init_function(e, cswift_init) || + !ENGINE_set_finish_function(e, cswift_finish) || + !ENGINE_set_ctrl_function(e, cswift_ctrl) || + !ENGINE_set_cmd_defns(e, cswift_cmd_defns)) + return 0; +#ifndef OPENSSL_NO_RSA /* We know that the "PKCS1_SSLeay()" functions hook properly * to the cswift-specific mod_exp and mod_exp_crt so we use * those functions. NB: We don't use ENGINE_openssl() or @@ -197,12 +228,41 @@ ENGINE *ENGINE_cswift() cswift_rsa.rsa_pub_dec = meth1->rsa_pub_dec; cswift_rsa.rsa_priv_enc = meth1->rsa_priv_enc; cswift_rsa.rsa_priv_dec = meth1->rsa_priv_dec; +#endif +#ifndef OPENSSL_NO_DH /* Much the same for Diffie-Hellman */ meth2 = DH_OpenSSL(); cswift_dh.generate_key = meth2->generate_key; cswift_dh.compute_key = meth2->compute_key; - return &engine_cswift; +#endif + + /* Ensure the cswift error handling is set up */ + ERR_load_CSWIFT_strings(); + return 1; + } + +static ENGINE *engine_cswift(void) + { + ENGINE *ret = ENGINE_new(); + if(!ret) + return NULL; + if(!bind_helper(ret)) + { + ENGINE_free(ret); + return NULL; + } + return ret; + } + +void ENGINE_load_cswift(void) + { + /* Copied from eng_[openssl|dyn].c */ + ENGINE *toadd = engine_cswift(); + if(!toadd) return; + ENGINE_add(toadd); + ENGINE_free(toadd); + ERR_clear_error(); } /* This is a process-global DSO handle used for loading and unloading @@ -220,7 +280,8 @@ t_swSimpleRequest *p_CSwift_SimpleRequest = NULL; t_swReleaseAccContext *p_CSwift_ReleaseAccContext = NULL; /* Used in the DSO operations. */ -static const char *CSWIFT_LIBNAME = "swift"; +static const char def_CSWIFT_LIBNAME[] = "swift"; +static const char *CSWIFT_LIBNAME = def_CSWIFT_LIBNAME; static const char *CSWIFT_F1 = "swAcquireAccContext"; static const char *CSWIFT_F2 = "swAttachKeyParam"; static const char *CSWIFT_F3 = "swSimpleRequest"; @@ -249,8 +310,15 @@ static void release_context(SW_CONTEXT_HANDLE hac) p_CSwift_ReleaseAccContext(hac); } +/* Destructor (complements the "ENGINE_cswift()" constructor) */ +static int cswift_destroy(ENGINE *e) + { + ERR_unload_CSWIFT_strings(); + return 1; + } + /* (de)initialisation functions. */ -static int cswift_init() +static int cswift_init(ENGINE *e) { SW_CONTEXT_HANDLE hac; t_swAcquireAccContext *p1; @@ -260,15 +328,14 @@ static int cswift_init() if(cswift_dso != NULL) { - ENGINEerr(ENGINE_F_CSWIFT_INIT,ENGINE_R_ALREADY_LOADED); + CSWIFTerr(CSWIFT_F_CSWIFT_INIT,CSWIFT_R_ALREADY_LOADED); goto err; } /* Attempt to load libswift.so/swift.dll/whatever. */ - cswift_dso = DSO_load(NULL, CSWIFT_LIBNAME, NULL, - DSO_FLAG_NAME_TRANSLATION); + cswift_dso = DSO_load(NULL, CSWIFT_LIBNAME, NULL, 0); if(cswift_dso == NULL) { - ENGINEerr(ENGINE_F_CSWIFT_INIT,ENGINE_R_DSO_FAILURE); + CSWIFTerr(CSWIFT_F_CSWIFT_INIT,CSWIFT_R_NOT_LOADED); goto err; } if(!(p1 = (t_swAcquireAccContext *) @@ -280,7 +347,7 @@ static int cswift_init() !(p4 = (t_swReleaseAccContext *) DSO_bind_func(cswift_dso, CSWIFT_F4))) { - ENGINEerr(ENGINE_F_CSWIFT_INIT,ENGINE_R_DSO_FAILURE); + CSWIFTerr(CSWIFT_F_CSWIFT_INIT,CSWIFT_R_NOT_LOADED); goto err; } /* Copy the pointers */ @@ -292,7 +359,7 @@ static int cswift_init() * accelerator! */ if(!get_context(&hac)) { - ENGINEerr(ENGINE_F_CSWIFT_INIT,ENGINE_R_UNIT_FAILURE); + CSWIFTerr(CSWIFT_F_CSWIFT_INIT,CSWIFT_R_UNIT_FAILURE); goto err; } release_context(hac); @@ -308,16 +375,16 @@ err: return 0; } -static int cswift_finish() +static int cswift_finish(ENGINE *e) { if(cswift_dso == NULL) { - ENGINEerr(ENGINE_F_CSWIFT_FINISH,ENGINE_R_NOT_LOADED); + CSWIFTerr(CSWIFT_F_CSWIFT_FINISH,CSWIFT_R_NOT_LOADED); return 0; } if(!DSO_free(cswift_dso)) { - ENGINEerr(ENGINE_F_CSWIFT_FINISH,ENGINE_R_DSO_FAILURE); + CSWIFTerr(CSWIFT_F_CSWIFT_FINISH,CSWIFT_R_UNIT_FAILURE); return 0; } cswift_dso = NULL; @@ -328,8 +395,33 @@ static int cswift_finish() return 1; } +static int cswift_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)()) + { + int initialised = ((cswift_dso == NULL) ? 0 : 1); + switch(cmd) + { + case CSWIFT_CMD_SO_PATH: + if(p == NULL) + { + CSWIFTerr(CSWIFT_F_CSWIFT_CTRL,ERR_R_PASSED_NULL_PARAMETER); + return 0; + } + if(initialised) + { + CSWIFTerr(CSWIFT_F_CSWIFT_CTRL,CSWIFT_R_ALREADY_LOADED); + return 0; + } + CSWIFT_LIBNAME = (const char *)p; + return 1; + default: + break; + } + CSWIFTerr(CSWIFT_F_CSWIFT_CTRL,CSWIFT_R_CTRL_COMMAND_NOT_IMPLEMENTED); + return 0; + } + /* Un petit mod_exp */ -static int cswift_mod_exp(BIGNUM *r, BIGNUM *a, const BIGNUM *p, +static int cswift_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx) { /* I need somewhere to store temporary serialised values for @@ -353,24 +445,25 @@ static int cswift_mod_exp(BIGNUM *r, BIGNUM *a, const BIGNUM *p, if(!get_context(&hac)) { - ENGINEerr(ENGINE_F_CSWIFT_MOD_EXP,ENGINE_R_GET_HANDLE_FAILED); + CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP,CSWIFT_R_UNIT_FAILURE); goto err; } acquired = 1; /* Prepare the params */ + BN_CTX_start(ctx); modulus = BN_CTX_get(ctx); exponent = BN_CTX_get(ctx); argument = BN_CTX_get(ctx); result = BN_CTX_get(ctx); - if(!modulus || !exponent || !argument || !result) + if(!result) { - ENGINEerr(ENGINE_F_CSWIFT_MOD_EXP,ENGINE_R_BN_CTX_FULL); + CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP,CSWIFT_R_BN_CTX_FULL); goto err; } if(!bn_wexpand(modulus, m->top) || !bn_wexpand(exponent, p->top) || !bn_wexpand(argument, a->top) || !bn_wexpand(result, m->top)) { - ENGINEerr(ENGINE_F_CSWIFT_MOD_EXP,ENGINE_R_BN_EXPAND_FAIL); + CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP,CSWIFT_R_BN_EXPAND_FAIL); goto err; } sw_param.type = SW_ALG_EXP; @@ -387,13 +480,12 @@ static int cswift_mod_exp(BIGNUM *r, BIGNUM *a, const BIGNUM *p, case SW_OK: break; case SW_ERR_INPUT_SIZE: - ENGINEerr(ENGINE_F_CSWIFT_MOD_EXP, - ENGINE_R_SIZE_TOO_LARGE_OR_TOO_SMALL); + CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP,CSWIFT_R_BAD_KEY_SIZE); goto err; default: { char tmpbuf[20]; - ENGINEerr(ENGINE_F_CSWIFT_MOD_EXP,ENGINE_R_REQUEST_FAILED); + CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP,CSWIFT_R_REQUEST_FAILED); sprintf(tmpbuf, "%ld", sw_status); ERR_add_error_data(2, "CryptoSwift error number is ",tmpbuf); } @@ -410,7 +502,7 @@ static int cswift_mod_exp(BIGNUM *r, BIGNUM *a, const BIGNUM *p, &res, 1)) != SW_OK) { char tmpbuf[20]; - ENGINEerr(ENGINE_F_CSWIFT_MOD_EXP,ENGINE_R_REQUEST_FAILED); + CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP,CSWIFT_R_REQUEST_FAILED); sprintf(tmpbuf, "%ld", sw_status); ERR_add_error_data(2, "CryptoSwift error number is ",tmpbuf); goto err; @@ -421,15 +513,12 @@ static int cswift_mod_exp(BIGNUM *r, BIGNUM *a, const BIGNUM *p, err: if(acquired) release_context(hac); - if(modulus) ctx->tos--; - if(exponent) ctx->tos--; - if(argument) ctx->tos--; - if(result) ctx->tos--; + BN_CTX_end(ctx); return to_return; } /* Un petit mod_exp chinois */ -static int cswift_mod_exp_crt(BIGNUM *r, BIGNUM *a, const BIGNUM *p, +static int cswift_mod_exp_crt(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, const BIGNUM *q, const BIGNUM *dmp1, const BIGNUM *dmq1, const BIGNUM *iqmp, BN_CTX *ctx) { @@ -449,11 +538,12 @@ static int cswift_mod_exp_crt(BIGNUM *r, BIGNUM *a, const BIGNUM *p, if(!get_context(&hac)) { - ENGINEerr(ENGINE_F_CSWIFT_MOD_EXP_CRT,ENGINE_R_GET_HANDLE_FAILED); + CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP_CRT,CSWIFT_R_UNIT_FAILURE); goto err; } acquired = 1; /* Prepare the params */ + BN_CTX_start(ctx); rsa_p = BN_CTX_get(ctx); rsa_q = BN_CTX_get(ctx); rsa_dmp1 = BN_CTX_get(ctx); @@ -461,10 +551,9 @@ static int cswift_mod_exp_crt(BIGNUM *r, BIGNUM *a, const BIGNUM *p, rsa_iqmp = BN_CTX_get(ctx); argument = BN_CTX_get(ctx); result = BN_CTX_get(ctx); - if(!rsa_p || !rsa_q || !rsa_dmp1 || !rsa_dmq1 || !rsa_iqmp || - !argument || !result) + if(!result) { - ENGINEerr(ENGINE_F_CSWIFT_MOD_EXP_CRT,ENGINE_R_BN_CTX_FULL); + CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP_CRT,CSWIFT_R_BN_CTX_FULL); goto err; } if(!bn_wexpand(rsa_p, p->top) || !bn_wexpand(rsa_q, q->top) || @@ -474,7 +563,7 @@ static int cswift_mod_exp_crt(BIGNUM *r, BIGNUM *a, const BIGNUM *p, !bn_wexpand(argument, a->top) || !bn_wexpand(result, p->top + q->top)) { - ENGINEerr(ENGINE_F_CSWIFT_MOD_EXP_CRT,ENGINE_R_BN_EXPAND_FAIL); + CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP_CRT,CSWIFT_R_BN_EXPAND_FAIL); goto err; } sw_param.type = SW_ALG_CRT; @@ -498,13 +587,12 @@ static int cswift_mod_exp_crt(BIGNUM *r, BIGNUM *a, const BIGNUM *p, case SW_OK: break; case SW_ERR_INPUT_SIZE: - ENGINEerr(ENGINE_F_CSWIFT_MOD_EXP_CRT, - ENGINE_R_SIZE_TOO_LARGE_OR_TOO_SMALL); + CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP_CRT,CSWIFT_R_BAD_KEY_SIZE); goto err; default: { char tmpbuf[20]; - ENGINEerr(ENGINE_F_CSWIFT_MOD_EXP_CRT,ENGINE_R_REQUEST_FAILED); + CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP_CRT,CSWIFT_R_REQUEST_FAILED); sprintf(tmpbuf, "%ld", sw_status); ERR_add_error_data(2, "CryptoSwift error number is ",tmpbuf); } @@ -521,7 +609,7 @@ static int cswift_mod_exp_crt(BIGNUM *r, BIGNUM *a, const BIGNUM *p, &res, 1)) != SW_OK) { char tmpbuf[20]; - ENGINEerr(ENGINE_F_CSWIFT_MOD_EXP_CRT,ENGINE_R_REQUEST_FAILED); + CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP_CRT,CSWIFT_R_REQUEST_FAILED); sprintf(tmpbuf, "%ld", sw_status); ERR_add_error_data(2, "CryptoSwift error number is ",tmpbuf); goto err; @@ -532,17 +620,12 @@ static int cswift_mod_exp_crt(BIGNUM *r, BIGNUM *a, const BIGNUM *p, err: if(acquired) release_context(hac); - if(rsa_p) ctx->tos--; - if(rsa_q) ctx->tos--; - if(rsa_dmp1) ctx->tos--; - if(rsa_dmq1) ctx->tos--; - if(rsa_iqmp) ctx->tos--; - if(argument) ctx->tos--; - if(result) ctx->tos--; + BN_CTX_end(ctx); return to_return; } -static int cswift_rsa_mod_exp(BIGNUM *r0, BIGNUM *I, RSA *rsa) +#ifndef OPENSSL_NO_RSA +static int cswift_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa) { BN_CTX *ctx; int to_return = 0; @@ -551,7 +634,7 @@ static int cswift_rsa_mod_exp(BIGNUM *r0, BIGNUM *I, RSA *rsa) goto err; if(!rsa->p || !rsa->q || !rsa->dmp1 || !rsa->dmq1 || !rsa->iqmp) { - ENGINEerr(ENGINE_F_CSWIFT_RSA_MOD_EXP,ENGINE_R_MISSING_KEY_COMPONENTS); + CSWIFTerr(CSWIFT_F_CSWIFT_RSA_MOD_EXP,CSWIFT_R_MISSING_KEY_COMPONENTS); goto err; } to_return = cswift_mod_exp_crt(r0, I, rsa->p, rsa->q, rsa->dmp1, @@ -561,14 +644,16 @@ err: BN_CTX_free(ctx); return to_return; } +#endif /* This function is aliased to mod_exp (with the mont stuff dropped). */ -static int cswift_mod_exp_mont(BIGNUM *r, BIGNUM *a, const BIGNUM *p, +static int cswift_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx) { return cswift_mod_exp(r, a, p, m, ctx); } +#ifndef OPENSSL_NO_DSA static DSA_SIG *cswift_dsa_sign(const unsigned char *dgst, int dlen, DSA *dsa) { SW_CONTEXT_HANDLE hac; @@ -589,19 +674,20 @@ static DSA_SIG *cswift_dsa_sign(const unsigned char *dgst, int dlen, DSA *dsa) goto err; if(!get_context(&hac)) { - ENGINEerr(ENGINE_F_CSWIFT_DSA_SIGN,ENGINE_R_GET_HANDLE_FAILED); + CSWIFTerr(CSWIFT_F_CSWIFT_DSA_SIGN,CSWIFT_R_UNIT_FAILURE); goto err; } acquired = 1; /* Prepare the params */ + BN_CTX_start(ctx); dsa_p = BN_CTX_get(ctx); dsa_q = BN_CTX_get(ctx); dsa_g = BN_CTX_get(ctx); dsa_key = BN_CTX_get(ctx); result = BN_CTX_get(ctx); - if(!dsa_p || !dsa_q || !dsa_g || !dsa_key || !result) + if(!result) { - ENGINEerr(ENGINE_F_CSWIFT_DSA_SIGN,ENGINE_R_BN_CTX_FULL); + CSWIFTerr(CSWIFT_F_CSWIFT_DSA_SIGN,CSWIFT_R_BN_CTX_FULL); goto err; } if(!bn_wexpand(dsa_p, dsa->p->top) || @@ -610,7 +696,7 @@ static DSA_SIG *cswift_dsa_sign(const unsigned char *dgst, int dlen, DSA *dsa) !bn_wexpand(dsa_key, dsa->priv_key->top) || !bn_wexpand(result, dsa->p->top)) { - ENGINEerr(ENGINE_F_CSWIFT_DSA_SIGN,ENGINE_R_BN_EXPAND_FAIL); + CSWIFTerr(CSWIFT_F_CSWIFT_DSA_SIGN,CSWIFT_R_BN_EXPAND_FAIL); goto err; } sw_param.type = SW_ALG_DSA; @@ -633,13 +719,12 @@ static DSA_SIG *cswift_dsa_sign(const unsigned char *dgst, int dlen, DSA *dsa) case SW_OK: break; case SW_ERR_INPUT_SIZE: - ENGINEerr(ENGINE_F_CSWIFT_DSA_SIGN, - ENGINE_R_SIZE_TOO_LARGE_OR_TOO_SMALL); + CSWIFTerr(CSWIFT_F_CSWIFT_DSA_SIGN,CSWIFT_R_BAD_KEY_SIZE); goto err; default: { char tmpbuf[20]; - ENGINEerr(ENGINE_F_CSWIFT_DSA_SIGN,ENGINE_R_REQUEST_FAILED); + CSWIFTerr(CSWIFT_F_CSWIFT_DSA_SIGN,CSWIFT_R_REQUEST_FAILED); sprintf(tmpbuf, "%ld", sw_status); ERR_add_error_data(2, "CryptoSwift error number is ",tmpbuf); } @@ -657,7 +742,7 @@ static DSA_SIG *cswift_dsa_sign(const unsigned char *dgst, int dlen, DSA *dsa) if(sw_status != SW_OK) { char tmpbuf[20]; - ENGINEerr(ENGINE_F_CSWIFT_DSA_SIGN,ENGINE_R_REQUEST_FAILED); + CSWIFTerr(CSWIFT_F_CSWIFT_DSA_SIGN,CSWIFT_R_REQUEST_FAILED); sprintf(tmpbuf, "%ld", sw_status); ERR_add_error_data(2, "CryptoSwift error number is ",tmpbuf); goto err; @@ -672,13 +757,11 @@ static DSA_SIG *cswift_dsa_sign(const unsigned char *dgst, int dlen, DSA *dsa) err: if(acquired) release_context(hac); - if(dsa_p) ctx->tos--; - if(dsa_q) ctx->tos--; - if(dsa_g) ctx->tos--; - if(dsa_key) ctx->tos--; - if(result) ctx->tos--; if(ctx) + { + BN_CTX_end(ctx); BN_CTX_free(ctx); + } return to_return; } @@ -703,19 +786,20 @@ static int cswift_dsa_verify(const unsigned char *dgst, int dgst_len, goto err; if(!get_context(&hac)) { - ENGINEerr(ENGINE_F_CSWIFT_DSA_VERIFY,ENGINE_R_GET_HANDLE_FAILED); + CSWIFTerr(CSWIFT_F_CSWIFT_DSA_VERIFY,CSWIFT_R_UNIT_FAILURE); goto err; } acquired = 1; /* Prepare the params */ + BN_CTX_start(ctx); dsa_p = BN_CTX_get(ctx); dsa_q = BN_CTX_get(ctx); dsa_g = BN_CTX_get(ctx); dsa_key = BN_CTX_get(ctx); argument = BN_CTX_get(ctx); - if(!dsa_p || !dsa_q || !dsa_g || !dsa_key || !argument) + if(!argument) { - ENGINEerr(ENGINE_F_CSWIFT_DSA_VERIFY,ENGINE_R_BN_CTX_FULL); + CSWIFTerr(CSWIFT_F_CSWIFT_DSA_VERIFY,CSWIFT_R_BN_CTX_FULL); goto err; } if(!bn_wexpand(dsa_p, dsa->p->top) || @@ -724,7 +808,7 @@ static int cswift_dsa_verify(const unsigned char *dgst, int dgst_len, !bn_wexpand(dsa_key, dsa->pub_key->top) || !bn_wexpand(argument, 40)) { - ENGINEerr(ENGINE_F_CSWIFT_DSA_VERIFY,ENGINE_R_BN_EXPAND_FAIL); + CSWIFTerr(CSWIFT_F_CSWIFT_DSA_VERIFY,CSWIFT_R_BN_EXPAND_FAIL); goto err; } sw_param.type = SW_ALG_DSA; @@ -747,13 +831,12 @@ static int cswift_dsa_verify(const unsigned char *dgst, int dgst_len, case SW_OK: break; case SW_ERR_INPUT_SIZE: - ENGINEerr(ENGINE_F_CSWIFT_DSA_VERIFY, - ENGINE_R_SIZE_TOO_LARGE_OR_TOO_SMALL); + CSWIFTerr(CSWIFT_F_CSWIFT_DSA_VERIFY,CSWIFT_R_BAD_KEY_SIZE); goto err; default: { char tmpbuf[20]; - ENGINEerr(ENGINE_F_CSWIFT_DSA_VERIFY,ENGINE_R_REQUEST_FAILED); + CSWIFTerr(CSWIFT_F_CSWIFT_DSA_VERIFY,CSWIFT_R_REQUEST_FAILED); sprintf(tmpbuf, "%ld", sw_status); ERR_add_error_data(2, "CryptoSwift error number is ",tmpbuf); } @@ -775,7 +858,7 @@ static int cswift_dsa_verify(const unsigned char *dgst, int dgst_len, if(sw_status != SW_OK) { char tmpbuf[20]; - ENGINEerr(ENGINE_F_CSWIFT_DSA_VERIFY,ENGINE_R_REQUEST_FAILED); + CSWIFTerr(CSWIFT_F_CSWIFT_DSA_VERIFY,CSWIFT_R_REQUEST_FAILED); sprintf(tmpbuf, "%ld", sw_status); ERR_add_error_data(2, "CryptoSwift error number is ",tmpbuf); goto err; @@ -786,22 +869,39 @@ static int cswift_dsa_verify(const unsigned char *dgst, int dgst_len, err: if(acquired) release_context(hac); - if(dsa_p) ctx->tos--; - if(dsa_q) ctx->tos--; - if(dsa_g) ctx->tos--; - if(dsa_key) ctx->tos--; - if(argument) ctx->tos--; if(ctx) + { + BN_CTX_end(ctx); BN_CTX_free(ctx); + } return to_return; } +#endif +#ifndef OPENSSL_NO_DH /* This function is aliased to mod_exp (with the dh and mont dropped). */ -static int cswift_mod_exp_dh(DH *dh, BIGNUM *r, BIGNUM *a, const BIGNUM *p, +static int cswift_mod_exp_dh(const DH *dh, BIGNUM *r, + const BIGNUM *a, const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx) { return cswift_mod_exp(r, a, p, m, ctx); } +#endif + +/* This stuff is needed if this ENGINE is being compiled into a self-contained + * shared-library. */ +#ifdef ENGINE_DYNAMIC_SUPPORT +static int bind_fn(ENGINE *e, const char *id) + { + if(id && (strcmp(id, engine_cswift_id) != 0)) + return 0; + if(!bind_helper(e)) + return 0; + return 1; + } +IMPLEMENT_DYNAMIC_CHECK_FN() +IMPLEMENT_DYNAMIC_BIND_FN(bind_fn) +#endif /* ENGINE_DYNAMIC_SUPPORT */ -#endif /* !NO_HW_CSWIFT */ -#endif /* !NO_HW */ +#endif /* !OPENSSL_NO_HW_CSWIFT */ +#endif /* !OPENSSL_NO_HW */ diff --git a/src/lib/libcrypto/engine/hw_ncipher.c b/src/lib/libcrypto/engine/hw_ncipher.c index 41f5900676..4762a54e3d 100644 --- a/src/lib/libcrypto/engine/hw_ncipher.c +++ b/src/lib/libcrypto/engine/hw_ncipher.c @@ -4,7 +4,7 @@ * for the OpenSSL project 2000. */ /* ==================================================================== - * Copyright (c) 1999 The OpenSSL Project. All rights reserved. + * Copyright (c) 1999-2001 The OpenSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -58,15 +58,16 @@ */ #include +#include #include #include #include "cryptlib.h" #include -#include "engine_int.h" #include +#include -#ifndef NO_HW -#ifndef NO_HW_NCIPHER +#ifndef OPENSSL_NO_HW +#ifndef OPENSSL_NO_HW_NCIPHER /* Attribution notice: nCipher have said several times that it's OK for * us to implement a general interface to their boxes, and recently declared @@ -82,9 +83,13 @@ #include "vendor_defns/hwcryptohook.h" #endif -static int hwcrhk_init(void); -static int hwcrhk_finish(void); -static int hwcrhk_ctrl(int cmd, long i, void *p, void (*f)()); +#define HWCRHK_LIB_NAME "hwcrhk engine" +#include "hw_ncipher_err.c" + +static int hwcrhk_destroy(ENGINE *e); +static int hwcrhk_init(ENGINE *e); +static int hwcrhk_finish(ENGINE *e); +static int hwcrhk_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)()); /* Functions to handle mutexes */ static int hwcrhk_mutex_init(HWCryptoHook_Mutex*, HWCryptoHook_CallerContext*); @@ -93,39 +98,77 @@ static void hwcrhk_mutex_unlock(HWCryptoHook_Mutex*); static void hwcrhk_mutex_destroy(HWCryptoHook_Mutex*); /* BIGNUM stuff */ -static int hwcrhk_mod_exp(BIGNUM *r, BIGNUM *a, const BIGNUM *p, +static int hwcrhk_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx); +#ifndef OPENSSL_NO_RSA /* RSA stuff */ -static int hwcrhk_rsa_mod_exp(BIGNUM *r, BIGNUM *I, RSA *rsa); +static int hwcrhk_rsa_mod_exp(BIGNUM *r, const BIGNUM *I, RSA *rsa); +#endif /* This function is aliased to mod_exp (with the mont stuff dropped). */ -static int hwcrhk_mod_exp_mont(BIGNUM *r, BIGNUM *a, const BIGNUM *p, +static int hwcrhk_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx); /* DH stuff */ /* This function is alised to mod_exp (with the DH and mont dropped). */ -static int hwcrhk_mod_exp_dh(DH *dh, BIGNUM *r, BIGNUM *a, const BIGNUM *p, - const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx); +static int hwcrhk_mod_exp_dh(const DH *dh, BIGNUM *r, + const BIGNUM *a, const BIGNUM *p, + const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx); /* RAND stuff */ static int hwcrhk_rand_bytes(unsigned char *buf, int num); static int hwcrhk_rand_status(void); /* KM stuff */ -static EVP_PKEY *hwcrhk_load_privkey(const char *key_id, - const char *passphrase); -static EVP_PKEY *hwcrhk_load_pubkey(const char *key_id, - const char *passphrase); +static EVP_PKEY *hwcrhk_load_privkey(ENGINE *eng, const char *key_id, + UI_METHOD *ui_method, void *callback_data); +static EVP_PKEY *hwcrhk_load_pubkey(ENGINE *eng, const char *key_id, + UI_METHOD *ui_method, void *callback_data); static void hwcrhk_ex_free(void *obj, void *item, CRYPTO_EX_DATA *ad, - int index,long argl, void *argp); + int ind,long argl, void *argp); /* Interaction stuff */ +static int hwcrhk_insert_card(const char *prompt_info, + const char *wrong_info, + HWCryptoHook_PassphraseContext *ppctx, + HWCryptoHook_CallerContext *cactx); static int hwcrhk_get_pass(const char *prompt_info, int *len_io, char *buf, HWCryptoHook_PassphraseContext *ppctx, HWCryptoHook_CallerContext *cactx); -static void hwcrhk_log_message(void *logstream, const char *message); +static void hwcrhk_log_message(void *logstr, const char *message); + +/* The definitions for control commands specific to this engine */ +#define HWCRHK_CMD_SO_PATH ENGINE_CMD_BASE +#define HWCRHK_CMD_FORK_CHECK (ENGINE_CMD_BASE + 1) +#define HWCRHK_CMD_THREAD_LOCKING (ENGINE_CMD_BASE + 2) +#define HWCRHK_CMD_SET_USER_INTERFACE (ENGINE_CMD_BASE + 3) +#define HWCRHK_CMD_SET_CALLBACK_DATA (ENGINE_CMD_BASE + 4) +static const ENGINE_CMD_DEFN hwcrhk_cmd_defns[] = { + {HWCRHK_CMD_SO_PATH, + "SO_PATH", + "Specifies the path to the 'hwcrhk' shared library", + ENGINE_CMD_FLAG_STRING}, + {HWCRHK_CMD_FORK_CHECK, + "FORK_CHECK", + "Turns fork() checking on or off (boolean)", + ENGINE_CMD_FLAG_NUMERIC}, + {HWCRHK_CMD_THREAD_LOCKING, + "THREAD_LOCKING", + "Turns thread-safe locking on or off (boolean)", + ENGINE_CMD_FLAG_NUMERIC}, + {HWCRHK_CMD_SET_USER_INTERFACE, + "SET_USER_INTERFACE", + "Set the global user interface (internal)", + ENGINE_CMD_FLAG_INTERNAL}, + {HWCRHK_CMD_SET_CALLBACK_DATA, + "SET_CALLBACK_DATA", + "Set the global user interface extra data (internal)", + ENGINE_CMD_FLAG_INTERNAL}, + {0, NULL, NULL, 0} + }; +#ifndef OPENSSL_NO_RSA /* Our internal RSA_METHOD that we provide pointers to */ static RSA_METHOD hwcrhk_rsa = { @@ -143,7 +186,9 @@ static RSA_METHOD hwcrhk_rsa = NULL, NULL }; +#endif +#ifndef OPENSSL_NO_DH /* Our internal DH_METHOD that we provide pointers to */ static DH_METHOD hwcrhk_dh = { @@ -156,6 +201,7 @@ static DH_METHOD hwcrhk_dh = 0, NULL }; +#endif static RAND_METHOD hwcrhk_rand = { @@ -168,26 +214,9 @@ static RAND_METHOD hwcrhk_rand = hwcrhk_rand_status, }; -/* Our ENGINE structure. */ -static ENGINE engine_hwcrhk = - { - "chil", - "nCipher hardware engine support", - &hwcrhk_rsa, - NULL, - &hwcrhk_dh, - &hwcrhk_rand, - hwcrhk_mod_exp, - NULL, - hwcrhk_init, - hwcrhk_finish, - hwcrhk_ctrl, - hwcrhk_load_privkey, - hwcrhk_load_pubkey, - 0, /* no flags */ - 0, 0, /* no references */ - NULL, NULL /* unlinked */ - }; +/* Constants used when creating the ENGINE */ +static const char *engine_hwcrhk_id = "chil"; +static const char *engine_hwcrhk_name = "nCipher hardware engine support"; /* Internal stuff for HWCryptoHook */ @@ -204,7 +233,8 @@ struct HWCryptoHook_MutexValue into HWCryptoHook_PassphraseContext */ struct HWCryptoHook_PassphraseContextValue { - void *any; + UI_METHOD *ui_method; + void *callback_data; }; /* hwcryptohook.h has some typedefs that turn @@ -212,7 +242,10 @@ struct HWCryptoHook_PassphraseContextValue into HWCryptoHook_CallerContext */ struct HWCryptoHook_CallerContextValue { - void *any; + pem_password_cb *password_callback; /* Deprecated! Only present for + backward compatibility! */ + UI_METHOD *ui_method; + void *callback_data; }; /* The MPI structure in HWCryptoHook is pretty compatible with OpenSSL @@ -222,31 +255,27 @@ struct HWCryptoHook_CallerContextValue #define MPI2BN(bn, mp) \ {mp.size = bn->dmax * sizeof(BN_ULONG); mp.buf = (unsigned char *)bn->d;} -#if 0 /* Card and password management is not yet supported */ -/* HWCryptoHook callbacks. insert_card() and get_pass() are not yet - defined, because we haven't quite decided on the proper form yet. - log_message() just adds an entry in the error stack. I don't know - if that's good or bad... */ -static int insert_card(const char *prompt_info, - const char *wrong_info, - HWCryptoHook_PassphraseContext *ppctx, - HWCryptoHook_CallerContext *cactx); -static int get_pass(const char *prompt_info, - int *len_io, char *buf, - HWCryptoHook_PassphraseContext *ppctx, - HWCryptoHook_CallerContext *cactx); -#endif - static BIO *logstream = NULL; -static pem_password_cb *password_callback = NULL; -#if 0 -static void *password_callback_userdata = NULL; -#endif static int disable_mutex_callbacks = 0; +/* One might wonder why these are needed, since one can pass down at least + a UI_METHOD and a pointer to callback data to the key-loading functions. + The thing is that the ModExp and RSAImmed functions can load keys as well, + if the data they get is in a special, nCipher-defined format (hint: if you + look at the private exponent of the RSA data as a string, you'll see this + string: "nCipher KM tool key id", followed by some bytes, followed a key + identity string, followed by more bytes. This happens when you use "embed" + keys instead of "hwcrhk" keys). Unfortunately, those functions do not take + any passphrase or caller context, and our functions can't really take any + callback data either. Still, the "insert_card" and "get_passphrase" + callbacks may be called down the line, and will need to know what user + interface callbacks to call, and having callback data from the application + may be a nice thing as well, so we need to keep track of that globally. */ +static HWCryptoHook_CallerContext password_context = { NULL, NULL, NULL }; + /* Stuff to pass to the HWCryptoHook library */ static HWCryptoHook_InitInfo hwcrhk_globals = { - 0, /* Flags */ + HWCryptoHook_InitFlags_SimpleForkCheck, /* Flags */ &logstream, /* logstream */ sizeof(BN_ULONG), /* limbsize */ 0, /* mslimb first: false for BNs */ @@ -280,20 +309,42 @@ static HWCryptoHook_InitInfo hwcrhk_globals = { 0, /* hwcrhk_cv_destroy, */ hwcrhk_get_pass, /* pass phrase */ - 0, /* insert_card, */ /* insert a card */ + hwcrhk_insert_card, /* insert a card */ hwcrhk_log_message /* Log message */ }; /* Now, to our own code */ -/* As this is only ever called once, there's no need for locking - * (indeed - the lock will already be held by our caller!!!) */ -ENGINE *ENGINE_ncipher() +/* This internal function is used by ENGINE_ncipher() and possibly by the + * "dynamic" ENGINE support too */ +static int bind_helper(ENGINE *e) { - RSA_METHOD *meth1; - DH_METHOD *meth2; +#ifndef OPENSSL_NO_RSA + const RSA_METHOD *meth1; +#endif +#ifndef OPENSSL_NO_DH + const DH_METHOD *meth2; +#endif + if(!ENGINE_set_id(e, engine_hwcrhk_id) || + !ENGINE_set_name(e, engine_hwcrhk_name) || +#ifndef OPENSSL_NO_RSA + !ENGINE_set_RSA(e, &hwcrhk_rsa) || +#endif +#ifndef OPENSSL_NO_DH + !ENGINE_set_DH(e, &hwcrhk_dh) || +#endif + !ENGINE_set_RAND(e, &hwcrhk_rand) || + !ENGINE_set_destroy_function(e, hwcrhk_destroy) || + !ENGINE_set_init_function(e, hwcrhk_init) || + !ENGINE_set_finish_function(e, hwcrhk_finish) || + !ENGINE_set_ctrl_function(e, hwcrhk_ctrl) || + !ENGINE_set_load_privkey_function(e, hwcrhk_load_privkey) || + !ENGINE_set_load_pubkey_function(e, hwcrhk_load_pubkey) || + !ENGINE_set_cmd_defns(e, hwcrhk_cmd_defns)) + return 0; +#ifndef OPENSSL_NO_RSA /* We know that the "PKCS1_SSLeay()" functions hook properly * to the cswift-specific mod_exp and mod_exp_crt so we use * those functions. NB: We don't use ENGINE_openssl() or @@ -306,12 +357,41 @@ ENGINE *ENGINE_ncipher() hwcrhk_rsa.rsa_pub_dec = meth1->rsa_pub_dec; hwcrhk_rsa.rsa_priv_enc = meth1->rsa_priv_enc; hwcrhk_rsa.rsa_priv_dec = meth1->rsa_priv_dec; +#endif +#ifndef OPENSSL_NO_DH /* Much the same for Diffie-Hellman */ meth2 = DH_OpenSSL(); hwcrhk_dh.generate_key = meth2->generate_key; hwcrhk_dh.compute_key = meth2->compute_key; - return &engine_hwcrhk; +#endif + + /* Ensure the hwcrhk error handling is set up */ + ERR_load_HWCRHK_strings(); + return 1; + } + +static ENGINE *engine_ncipher(void) + { + ENGINE *ret = ENGINE_new(); + if(!ret) + return NULL; + if(!bind_helper(ret)) + { + ENGINE_free(ret); + return NULL; + } + return ret; + } + +void ENGINE_load_chil(void) + { + /* Copied from eng_[openssl|dyn].c */ + ENGINE *toadd = engine_ncipher(); + if(!toadd) return; + ENGINE_add(toadd); + ENGINE_free(toadd); + ERR_clear_error(); } /* This is a process-global DSO handle used for loading and unloading @@ -321,30 +401,41 @@ ENGINE *ENGINE_ncipher() * implicitly. */ static DSO *hwcrhk_dso = NULL; static HWCryptoHook_ContextHandle hwcrhk_context = 0; -static int hndidx = -1; /* Index for KM handle. Not really used yet. */ +#ifndef OPENSSL_NO_RSA +static int hndidx_rsa = -1; /* Index for KM handle. Not really used yet. */ +#endif /* These are the function pointers that are (un)set when the library has * successfully (un)loaded. */ static HWCryptoHook_Init_t *p_hwcrhk_Init = NULL; static HWCryptoHook_Finish_t *p_hwcrhk_Finish = NULL; static HWCryptoHook_ModExp_t *p_hwcrhk_ModExp = NULL; +#ifndef OPENSSL_NO_RSA static HWCryptoHook_RSA_t *p_hwcrhk_RSA = NULL; +#endif static HWCryptoHook_RandomBytes_t *p_hwcrhk_RandomBytes = NULL; +#ifndef OPENSSL_NO_RSA static HWCryptoHook_RSALoadKey_t *p_hwcrhk_RSALoadKey = NULL; static HWCryptoHook_RSAGetPublicKey_t *p_hwcrhk_RSAGetPublicKey = NULL; static HWCryptoHook_RSAUnloadKey_t *p_hwcrhk_RSAUnloadKey = NULL; +#endif static HWCryptoHook_ModExpCRT_t *p_hwcrhk_ModExpCRT = NULL; /* Used in the DSO operations. */ -static const char *HWCRHK_LIBNAME = "nfhwcrhk"; +static const char def_HWCRHK_LIBNAME[] = "nfhwcrhk"; +static const char *HWCRHK_LIBNAME = def_HWCRHK_LIBNAME; static const char *n_hwcrhk_Init = "HWCryptoHook_Init"; static const char *n_hwcrhk_Finish = "HWCryptoHook_Finish"; static const char *n_hwcrhk_ModExp = "HWCryptoHook_ModExp"; +#ifndef OPENSSL_NO_RSA static const char *n_hwcrhk_RSA = "HWCryptoHook_RSA"; +#endif static const char *n_hwcrhk_RandomBytes = "HWCryptoHook_RandomBytes"; +#ifndef OPENSSL_NO_RSA static const char *n_hwcrhk_RSALoadKey = "HWCryptoHook_RSALoadKey"; static const char *n_hwcrhk_RSAGetPublicKey = "HWCryptoHook_RSAGetPublicKey"; static const char *n_hwcrhk_RSAUnloadKey = "HWCryptoHook_RSAUnloadKey"; +#endif static const char *n_hwcrhk_ModExpCRT = "HWCryptoHook_ModExpCRT"; /* HWCryptoHook library functions and mechanics - these are used by the @@ -353,16 +444,17 @@ static const char *n_hwcrhk_ModExpCRT = "HWCryptoHook_ModExpCRT"; * called, the checking and error handling is probably down there. */ /* utility function to obtain a context */ -static int get_context(HWCryptoHook_ContextHandle *hac) +static int get_context(HWCryptoHook_ContextHandle *hac, + HWCryptoHook_CallerContext *cac) { char tempbuf[1024]; HWCryptoHook_ErrMsgBuf rmsg; rmsg.buf = tempbuf; - rmsg.size = 1024; + rmsg.size = sizeof(tempbuf); *hac = p_hwcrhk_Init(&hwcrhk_globals, sizeof(hwcrhk_globals), &rmsg, - NULL); + cac); if (!*hac) return 0; return 1; @@ -374,30 +466,38 @@ static void release_context(HWCryptoHook_ContextHandle hac) p_hwcrhk_Finish(hac); } +/* Destructor (complements the "ENGINE_ncipher()" constructor) */ +static int hwcrhk_destroy(ENGINE *e) + { + ERR_unload_HWCRHK_strings(); + return 1; + } + /* (de)initialisation functions. */ -static int hwcrhk_init() +static int hwcrhk_init(ENGINE *e) { HWCryptoHook_Init_t *p1; HWCryptoHook_Finish_t *p2; HWCryptoHook_ModExp_t *p3; +#ifndef OPENSSL_NO_RSA HWCryptoHook_RSA_t *p4; HWCryptoHook_RSALoadKey_t *p5; HWCryptoHook_RSAGetPublicKey_t *p6; HWCryptoHook_RSAUnloadKey_t *p7; +#endif HWCryptoHook_RandomBytes_t *p8; HWCryptoHook_ModExpCRT_t *p9; if(hwcrhk_dso != NULL) { - ENGINEerr(ENGINE_F_HWCRHK_INIT,ENGINE_R_ALREADY_LOADED); + HWCRHKerr(HWCRHK_F_HWCRHK_INIT,HWCRHK_R_ALREADY_LOADED); goto err; } /* Attempt to load libnfhwcrhk.so/nfhwcrhk.dll/whatever. */ - hwcrhk_dso = DSO_load(NULL, HWCRHK_LIBNAME, NULL, - DSO_FLAG_NAME_TRANSLATION); + hwcrhk_dso = DSO_load(NULL, HWCRHK_LIBNAME, NULL, 0); if(hwcrhk_dso == NULL) { - ENGINEerr(ENGINE_F_HWCRHK_INIT,ENGINE_R_DSO_FAILURE); + HWCRHKerr(HWCRHK_F_HWCRHK_INIT,HWCRHK_R_DSO_FAILURE); goto err; } if(!(p1 = (HWCryptoHook_Init_t *) @@ -406,6 +506,7 @@ static int hwcrhk_init() DSO_bind_func(hwcrhk_dso, n_hwcrhk_Finish)) || !(p3 = (HWCryptoHook_ModExp_t *) DSO_bind_func(hwcrhk_dso, n_hwcrhk_ModExp)) || +#ifndef OPENSSL_NO_RSA !(p4 = (HWCryptoHook_RSA_t *) DSO_bind_func(hwcrhk_dso, n_hwcrhk_RSA)) || !(p5 = (HWCryptoHook_RSALoadKey_t *) @@ -414,22 +515,25 @@ static int hwcrhk_init() DSO_bind_func(hwcrhk_dso, n_hwcrhk_RSAGetPublicKey)) || !(p7 = (HWCryptoHook_RSAUnloadKey_t *) DSO_bind_func(hwcrhk_dso, n_hwcrhk_RSAUnloadKey)) || +#endif !(p8 = (HWCryptoHook_RandomBytes_t *) DSO_bind_func(hwcrhk_dso, n_hwcrhk_RandomBytes)) || !(p9 = (HWCryptoHook_ModExpCRT_t *) DSO_bind_func(hwcrhk_dso, n_hwcrhk_ModExpCRT))) { - ENGINEerr(ENGINE_F_HWCRHK_INIT,ENGINE_R_DSO_FAILURE); + HWCRHKerr(HWCRHK_F_HWCRHK_INIT,HWCRHK_R_DSO_FAILURE); goto err; } /* Copy the pointers */ p_hwcrhk_Init = p1; p_hwcrhk_Finish = p2; p_hwcrhk_ModExp = p3; +#ifndef OPENSSL_NO_RSA p_hwcrhk_RSA = p4; p_hwcrhk_RSALoadKey = p5; p_hwcrhk_RSAGetPublicKey = p6; p_hwcrhk_RSAUnloadKey = p7; +#endif p_hwcrhk_RandomBytes = p8; p_hwcrhk_ModExpCRT = p9; @@ -448,16 +552,18 @@ static int hwcrhk_init() /* Try and get a context - if not, we may have a DSO but no * accelerator! */ - if(!get_context(&hwcrhk_context)) + if(!get_context(&hwcrhk_context, &password_context)) { - ENGINEerr(ENGINE_F_HWCRHK_INIT,ENGINE_R_UNIT_FAILURE); + HWCRHKerr(HWCRHK_F_HWCRHK_INIT,HWCRHK_R_UNIT_FAILURE); goto err; } /* Everything's fine. */ - if (hndidx == -1) - hndidx = RSA_get_ex_new_index(0, +#ifndef OPENSSL_NO_RSA + if (hndidx_rsa == -1) + hndidx_rsa = RSA_get_ex_new_index(0, "nFast HWCryptoHook RSA key handle", NULL, NULL, hwcrhk_ex_free); +#endif return 1; err: if(hwcrhk_dso) @@ -466,28 +572,30 @@ err: p_hwcrhk_Init = NULL; p_hwcrhk_Finish = NULL; p_hwcrhk_ModExp = NULL; +#ifndef OPENSSL_NO_RSA p_hwcrhk_RSA = NULL; p_hwcrhk_RSALoadKey = NULL; p_hwcrhk_RSAGetPublicKey = NULL; p_hwcrhk_RSAUnloadKey = NULL; +#endif p_hwcrhk_ModExpCRT = NULL; p_hwcrhk_RandomBytes = NULL; return 0; } -static int hwcrhk_finish() +static int hwcrhk_finish(ENGINE *e) { int to_return = 1; if(hwcrhk_dso == NULL) { - ENGINEerr(ENGINE_F_HWCRHK_FINISH,ENGINE_R_NOT_LOADED); + HWCRHKerr(HWCRHK_F_HWCRHK_FINISH,HWCRHK_R_NOT_LOADED); to_return = 0; goto err; } release_context(hwcrhk_context); if(!DSO_free(hwcrhk_dso)) { - ENGINEerr(ENGINE_F_HWCRHK_FINISH,ENGINE_R_DSO_FAILURE); + HWCRHKerr(HWCRHK_F_HWCRHK_FINISH,HWCRHK_R_DSO_FAILURE); to_return = 0; goto err; } @@ -498,21 +606,36 @@ static int hwcrhk_finish() p_hwcrhk_Init = NULL; p_hwcrhk_Finish = NULL; p_hwcrhk_ModExp = NULL; +#ifndef OPENSSL_NO_RSA p_hwcrhk_RSA = NULL; p_hwcrhk_RSALoadKey = NULL; p_hwcrhk_RSAGetPublicKey = NULL; p_hwcrhk_RSAUnloadKey = NULL; +#endif p_hwcrhk_ModExpCRT = NULL; p_hwcrhk_RandomBytes = NULL; return to_return; } -static int hwcrhk_ctrl(int cmd, long i, void *p, void (*f)()) +static int hwcrhk_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)()) { int to_return = 1; switch(cmd) { + case HWCRHK_CMD_SO_PATH: + if(hwcrhk_dso) + { + HWCRHKerr(HWCRHK_F_HWCRHK_CTRL,HWCRHK_R_ALREADY_LOADED); + return 0; + } + if(p == NULL) + { + HWCRHKerr(HWCRHK_F_HWCRHK_CTRL,ERR_R_PASSED_NULL_PARAMETER); + return 0; + } + HWCRHK_LIBNAME = (const char *)p; + return 1; case ENGINE_CTRL_SET_LOGSTREAM: { BIO *bio = (BIO *)p; @@ -526,18 +649,31 @@ static int hwcrhk_ctrl(int cmd, long i, void *p, void (*f)()) if (CRYPTO_add(&bio->references,1,CRYPTO_LOCK_BIO) > 1) logstream = bio; else - ENGINEerr(ENGINE_F_HWCRHK_CTRL,ENGINE_R_BIO_WAS_FREED); + HWCRHKerr(HWCRHK_F_HWCRHK_CTRL,HWCRHK_R_BIO_WAS_FREED); } CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE); break; case ENGINE_CTRL_SET_PASSWORD_CALLBACK: CRYPTO_w_lock(CRYPTO_LOCK_ENGINE); - password_callback = (pem_password_cb *)f; + password_context.password_callback = (pem_password_cb *)f; + CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE); + break; + case ENGINE_CTRL_SET_USER_INTERFACE: + case HWCRHK_CMD_SET_USER_INTERFACE: + CRYPTO_w_lock(CRYPTO_LOCK_ENGINE); + password_context.ui_method = (UI_METHOD *)p; + CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE); + break; + case ENGINE_CTRL_SET_CALLBACK_DATA: + case HWCRHK_CMD_SET_CALLBACK_DATA: + CRYPTO_w_lock(CRYPTO_LOCK_ENGINE); + password_context.callback_data = p; CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE); break; /* this enables or disables the "SimpleForkCheck" flag used in the * initialisation structure. */ case ENGINE_CTRL_CHIL_SET_FORKCHECK: + case HWCRHK_CMD_FORK_CHECK: CRYPTO_w_lock(CRYPTO_LOCK_ENGINE); if(i) hwcrhk_globals.flags |= @@ -557,11 +693,16 @@ static int hwcrhk_ctrl(int cmd, long i, void *p, void (*f)()) disable_mutex_callbacks = 1; CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE); break; + case HWCRHK_CMD_THREAD_LOCKING: + CRYPTO_w_lock(CRYPTO_LOCK_ENGINE); + disable_mutex_callbacks = ((i == 0) ? 0 : 1); + CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE); + break; /* The command isn't understood by this engine */ default: - ENGINEerr(ENGINE_F_HWCRHK_CTRL, - ENGINE_R_CTRL_COMMAND_NOT_IMPLEMENTED); + HWCRHKerr(HWCRHK_F_HWCRHK_CTRL, + HWCRHK_R_CTRL_COMMAND_NOT_IMPLEMENTED); to_return = 0; break; } @@ -569,44 +710,62 @@ static int hwcrhk_ctrl(int cmd, long i, void *p, void (*f)()) return to_return; } -static EVP_PKEY *hwcrhk_load_privkey(const char *key_id, - const char *passphrase) +static EVP_PKEY *hwcrhk_load_privkey(ENGINE *eng, const char *key_id, + UI_METHOD *ui_method, void *callback_data) { +#ifndef OPENSSL_NO_RSA RSA *rtmp = NULL; +#endif EVP_PKEY *res = NULL; +#ifndef OPENSSL_NO_RSA HWCryptoHook_MPI e, n; HWCryptoHook_RSAKeyHandle *hptr; +#endif +#if !defined(OPENSSL_NO_RSA) + char tempbuf[1024]; HWCryptoHook_ErrMsgBuf rmsg; +#endif + HWCryptoHook_PassphraseContext ppctx; + +#if !defined(OPENSSL_NO_RSA) + rmsg.buf = tempbuf; + rmsg.size = sizeof(tempbuf); +#endif if(!hwcrhk_context) { - ENGINEerr(ENGINE_F_HWCRHK_LOAD_PRIVKEY, - ENGINE_R_NOT_INITIALISED); + HWCRHKerr(HWCRHK_F_HWCRHK_LOAD_PRIVKEY, + HWCRHK_R_NOT_INITIALISED); goto err; } +#ifndef OPENSSL_NO_RSA hptr = OPENSSL_malloc(sizeof(HWCryptoHook_RSAKeyHandle)); if (!hptr) { - ENGINEerr(ENGINE_F_HWCRHK_LOAD_PRIVKEY, + HWCRHKerr(HWCRHK_F_HWCRHK_LOAD_PRIVKEY, ERR_R_MALLOC_FAILURE); goto err; } + ppctx.ui_method = ui_method; + ppctx.callback_data = callback_data; if (p_hwcrhk_RSALoadKey(hwcrhk_context, key_id, hptr, - &rmsg, NULL)) + &rmsg, &ppctx)) { - ENGINEerr(ENGINE_F_HWCRHK_LOAD_PRIVKEY, - ENGINE_R_CHIL_ERROR); + HWCRHKerr(HWCRHK_F_HWCRHK_LOAD_PRIVKEY, + HWCRHK_R_CHIL_ERROR); ERR_add_error_data(1,rmsg.buf); goto err; } if (!*hptr) { - ENGINEerr(ENGINE_F_HWCRHK_LOAD_PRIVKEY, - ENGINE_R_NO_KEY); + HWCRHKerr(HWCRHK_F_HWCRHK_LOAD_PRIVKEY, + HWCRHK_R_NO_KEY); goto err; } - rtmp = RSA_new_method(&engine_hwcrhk); - RSA_set_ex_data(rtmp, hndidx, (char *)hptr); +#endif +#ifndef OPENSSL_NO_RSA + rtmp = RSA_new_method(eng); + RSA_set_ex_data(rtmp, hndidx_rsa, (char *)hptr); rtmp->e = BN_new(); rtmp->n = BN_new(); rtmp->flags |= RSA_FLAG_EXT_PKEY; @@ -615,11 +774,11 @@ static EVP_PKEY *hwcrhk_load_privkey(const char *key_id, if (p_hwcrhk_RSAGetPublicKey(*hptr, &n, &e, &rmsg) != HWCRYPTOHOOK_ERROR_MPISIZE) { - ENGINEerr(ENGINE_F_HWCRHK_LOAD_PUBKEY,ENGINE_R_CHIL_ERROR); + HWCRHKerr(HWCRHK_F_HWCRHK_LOAD_PUBKEY,HWCRHK_R_CHIL_ERROR); ERR_add_error_data(1,rmsg.buf); goto err; } - + bn_expand2(rtmp->e, e.size/sizeof(BN_ULONG)); bn_expand2(rtmp->n, n.size/sizeof(BN_ULONG)); MPI2BN(rtmp->e, e); @@ -627,8 +786,8 @@ static EVP_PKEY *hwcrhk_load_privkey(const char *key_id, if (p_hwcrhk_RSAGetPublicKey(*hptr, &n, &e, &rmsg)) { - ENGINEerr(ENGINE_F_HWCRHK_LOAD_PUBKEY, - ENGINE_R_CHIL_ERROR); + HWCRHKerr(HWCRHK_F_HWCRHK_LOAD_PUBKEY, + HWCRHK_R_CHIL_ERROR); ERR_add_error_data(1,rmsg.buf); goto err; } @@ -639,23 +798,37 @@ static EVP_PKEY *hwcrhk_load_privkey(const char *key_id, res = EVP_PKEY_new(); EVP_PKEY_assign_RSA(res, rtmp); +#endif + + if (!res) + HWCRHKerr(HWCRHK_F_HWCRHK_LOAD_PUBKEY, + HWCRHK_R_PRIVATE_KEY_ALGORITHMS_DISABLED); return res; err: if (res) EVP_PKEY_free(res); +#ifndef OPENSSL_NO_RSA if (rtmp) RSA_free(rtmp); +#endif return NULL; } -static EVP_PKEY *hwcrhk_load_pubkey(const char *key_id, const char *passphrase) +static EVP_PKEY *hwcrhk_load_pubkey(ENGINE *eng, const char *key_id, + UI_METHOD *ui_method, void *callback_data) { - EVP_PKEY *res = hwcrhk_load_privkey(key_id, passphrase); + EVP_PKEY *res = NULL; + +#ifndef OPENSSL_NO_RSA + res = hwcrhk_load_privkey(eng, key_id, + ui_method, callback_data); +#endif if (res) switch(res->type) { +#ifndef OPENSSL_NO_RSA case EVP_PKEY_RSA: { RSA *rsa = NULL; @@ -665,12 +838,16 @@ static EVP_PKEY *hwcrhk_load_pubkey(const char *key_id, const char *passphrase) res->pkey.rsa = RSA_new(); res->pkey.rsa->n = rsa->n; res->pkey.rsa->e = rsa->e; + rsa->n = NULL; + rsa->e = NULL; CRYPTO_w_unlock(CRYPTO_LOCK_EVP_PKEY); RSA_free(rsa); } + break; +#endif default: - ENGINEerr(ENGINE_F_HWCRHK_LOAD_PUBKEY, - ENGINE_R_CTRL_COMMAND_NOT_IMPLEMENTED); + HWCRHKerr(HWCRHK_F_HWCRHK_LOAD_PUBKEY, + HWCRHK_R_CTRL_COMMAND_NOT_IMPLEMENTED); goto err; } @@ -682,7 +859,7 @@ static EVP_PKEY *hwcrhk_load_pubkey(const char *key_id, const char *passphrase) } /* A little mod_exp */ -static int hwcrhk_mod_exp(BIGNUM *r, BIGNUM *a, const BIGNUM *p, +static int hwcrhk_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx) { char tempbuf[1024]; @@ -695,11 +872,11 @@ static int hwcrhk_mod_exp(BIGNUM *r, BIGNUM *a, const BIGNUM *p, to_return = 0; /* expect failure */ rmsg.buf = tempbuf; - rmsg.size = 1024; + rmsg.size = sizeof(tempbuf); if(!hwcrhk_context) { - ENGINEerr(ENGINE_F_HWCRHK_MOD_EXP,ENGINE_R_NOT_INITIALISED); + HWCRHKerr(HWCRHK_F_HWCRHK_MOD_EXP,HWCRHK_R_NOT_INITIALISED); goto err; } /* Prepare the params */ @@ -723,11 +900,11 @@ static int hwcrhk_mod_exp(BIGNUM *r, BIGNUM *a, const BIGNUM *p, might be a good thing. */ if(ret == HWCRYPTOHOOK_ERROR_FALLBACK) { - ENGINEerr(ENGINE_F_HWCRHK_MOD_EXP,ENGINE_R_REQUEST_FALLBACK); + HWCRHKerr(HWCRHK_F_HWCRHK_MOD_EXP,HWCRHK_R_REQUEST_FALLBACK); } else { - ENGINEerr(ENGINE_F_HWCRHK_MOD_EXP,ENGINE_R_REQUEST_FAILED); + HWCRHKerr(HWCRHK_F_HWCRHK_MOD_EXP,HWCRHK_R_REQUEST_FAILED); } ERR_add_error_data(1,rmsg.buf); goto err; @@ -737,38 +914,39 @@ static int hwcrhk_mod_exp(BIGNUM *r, BIGNUM *a, const BIGNUM *p, err: return to_return; } - -static int hwcrhk_rsa_mod_exp(BIGNUM *r, BIGNUM *I, RSA *rsa) + +#ifndef OPENSSL_NO_RSA +static int hwcrhk_rsa_mod_exp(BIGNUM *r, const BIGNUM *I, RSA *rsa) { char tempbuf[1024]; HWCryptoHook_ErrMsgBuf rmsg; HWCryptoHook_RSAKeyHandle *hptr; int to_return = 0, ret; + rmsg.buf = tempbuf; + rmsg.size = sizeof(tempbuf); + if(!hwcrhk_context) { - ENGINEerr(ENGINE_F_HWCRHK_MOD_EXP,ENGINE_R_NOT_INITIALISED); + HWCRHKerr(HWCRHK_F_HWCRHK_MOD_EXP,HWCRHK_R_NOT_INITIALISED); goto err; } /* This provides support for nForce keys. Since that's opaque data all we do is provide a handle to the proper key and let HWCryptoHook take care of the rest. */ - if ((hptr = (HWCryptoHook_RSAKeyHandle *) RSA_get_ex_data(rsa, hndidx)) + if ((hptr = (HWCryptoHook_RSAKeyHandle *) RSA_get_ex_data(rsa, hndidx_rsa)) != NULL) { HWCryptoHook_MPI m_a, m_r; if(!rsa->n) { - ENGINEerr(ENGINE_F_HWCRHK_RSA_MOD_EXP, - ENGINE_R_MISSING_KEY_COMPONENTS); + HWCRHKerr(HWCRHK_F_HWCRHK_RSA_MOD_EXP, + HWCRHK_R_MISSING_KEY_COMPONENTS); goto err; } - rmsg.buf = tempbuf; - rmsg.size = 1024; - /* Prepare the params */ bn_expand2(r, rsa->n->top); /* Check for error !! */ BN2MPI(m_a, I); @@ -788,11 +966,13 @@ static int hwcrhk_rsa_mod_exp(BIGNUM *r, BIGNUM *I, RSA *rsa) might be a good thing. */ if(ret == HWCRYPTOHOOK_ERROR_FALLBACK) { - ENGINEerr(ENGINE_F_HWCRHK_RSA_MOD_EXP,ENGINE_R_REQUEST_FALLBACK); + HWCRHKerr(HWCRHK_F_HWCRHK_RSA_MOD_EXP, + HWCRHK_R_REQUEST_FALLBACK); } else { - ENGINEerr(ENGINE_F_HWCRHK_RSA_MOD_EXP,ENGINE_R_REQUEST_FAILED); + HWCRHKerr(HWCRHK_F_HWCRHK_RSA_MOD_EXP, + HWCRHK_R_REQUEST_FAILED); } ERR_add_error_data(1,rmsg.buf); goto err; @@ -804,14 +984,11 @@ static int hwcrhk_rsa_mod_exp(BIGNUM *r, BIGNUM *I, RSA *rsa) if(!rsa->p || !rsa->q || !rsa->dmp1 || !rsa->dmq1 || !rsa->iqmp) { - ENGINEerr(ENGINE_F_HWCRHK_RSA_MOD_EXP, - ENGINE_R_MISSING_KEY_COMPONENTS); + HWCRHKerr(HWCRHK_F_HWCRHK_RSA_MOD_EXP, + HWCRHK_R_MISSING_KEY_COMPONENTS); goto err; } - rmsg.buf = tempbuf; - rmsg.size = 1024; - /* Prepare the params */ bn_expand2(r, rsa->n->top); /* Check for error !! */ BN2MPI(m_a, I); @@ -837,11 +1014,13 @@ static int hwcrhk_rsa_mod_exp(BIGNUM *r, BIGNUM *I, RSA *rsa) might be a good thing. */ if(ret == HWCRYPTOHOOK_ERROR_FALLBACK) { - ENGINEerr(ENGINE_F_HWCRHK_RSA_MOD_EXP,ENGINE_R_REQUEST_FALLBACK); + HWCRHKerr(HWCRHK_F_HWCRHK_RSA_MOD_EXP, + HWCRHK_R_REQUEST_FALLBACK); } else { - ENGINEerr(ENGINE_F_HWCRHK_RSA_MOD_EXP,ENGINE_R_REQUEST_FAILED); + HWCRHKerr(HWCRHK_F_HWCRHK_RSA_MOD_EXP, + HWCRHK_R_REQUEST_FAILED); } ERR_add_error_data(1,rmsg.buf); goto err; @@ -852,16 +1031,18 @@ static int hwcrhk_rsa_mod_exp(BIGNUM *r, BIGNUM *I, RSA *rsa) err: return to_return; } +#endif /* This function is aliased to mod_exp (with the mont stuff dropped). */ -static int hwcrhk_mod_exp_mont(BIGNUM *r, BIGNUM *a, const BIGNUM *p, +static int hwcrhk_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx) { return hwcrhk_mod_exp(r, a, p, m, ctx); } /* This function is aliased to mod_exp (with the dh and mont dropped). */ -static int hwcrhk_mod_exp_dh(DH *dh, BIGNUM *r, BIGNUM *a, const BIGNUM *p, +static int hwcrhk_mod_exp_dh(const DH *dh, BIGNUM *r, + const BIGNUM *a, const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx) { return hwcrhk_mod_exp(r, a, p, m, ctx); @@ -876,11 +1057,11 @@ static int hwcrhk_rand_bytes(unsigned char *buf, int num) int ret; rmsg.buf = tempbuf; - rmsg.size = 1024; + rmsg.size = sizeof(tempbuf); if(!hwcrhk_context) { - ENGINEerr(ENGINE_F_HWCRHK_RAND_BYTES,ENGINE_R_NOT_INITIALISED); + HWCRHKerr(HWCRHK_F_HWCRHK_RAND_BYTES,HWCRHK_R_NOT_INITIALISED); goto err; } @@ -892,11 +1073,13 @@ static int hwcrhk_rand_bytes(unsigned char *buf, int num) might be a good thing. */ if(ret == HWCRYPTOHOOK_ERROR_FALLBACK) { - ENGINEerr(ENGINE_F_HWCRHK_RAND_BYTES,ENGINE_R_REQUEST_FALLBACK); + HWCRHKerr(HWCRHK_F_HWCRHK_RAND_BYTES, + HWCRHK_R_REQUEST_FALLBACK); } else { - ENGINEerr(ENGINE_F_HWCRHK_RAND_BYTES,ENGINE_R_REQUEST_FAILED); + HWCRHKerr(HWCRHK_F_HWCRHK_RAND_BYTES, + HWCRHK_R_REQUEST_FAILED); } ERR_add_error_data(1,rmsg.buf); goto err; @@ -914,20 +1097,28 @@ static int hwcrhk_rand_status(void) /* This cleans up an RSA KM key, called when ex_data is freed */ static void hwcrhk_ex_free(void *obj, void *item, CRYPTO_EX_DATA *ad, - int index,long argl, void *argp) + int ind,long argl, void *argp) { char tempbuf[1024]; HWCryptoHook_ErrMsgBuf rmsg; +#ifndef OPENSSL_NO_RSA HWCryptoHook_RSAKeyHandle *hptr; +#endif +#if !defined(OPENSSL_NO_RSA) int ret; +#endif rmsg.buf = tempbuf; - rmsg.size = 1024; + rmsg.size = sizeof(tempbuf); +#ifndef OPENSSL_NO_RSA hptr = (HWCryptoHook_RSAKeyHandle *) item; - if(!hptr) return; - ret = p_hwcrhk_RSAUnloadKey(*hptr, NULL); - OPENSSL_free(hptr); + if(hptr) + { + ret = p_hwcrhk_RSAUnloadKey(*hptr, NULL); + OPENSSL_free(hptr); + } +#endif } /* Mutex calls: since the HWCryptoHook model closely follows the POSIX model @@ -939,17 +1130,17 @@ static int hwcrhk_mutex_init(HWCryptoHook_Mutex* mt, { mt->lockid = CRYPTO_get_new_dynlockid(); if (mt->lockid == 0) - return 0; - return 1; + return 1; /* failure */ + return 0; /* success */ } static int hwcrhk_mutex_lock(HWCryptoHook_Mutex *mt) { CRYPTO_w_lock(mt->lockid); - return 1; + return 0; } -void hwcrhk_mutex_unlock(HWCryptoHook_Mutex * mt) +static void hwcrhk_mutex_unlock(HWCryptoHook_Mutex * mt) { CRYPTO_w_unlock(mt->lockid); } @@ -964,50 +1155,146 @@ static int hwcrhk_get_pass(const char *prompt_info, HWCryptoHook_PassphraseContext *ppctx, HWCryptoHook_CallerContext *cactx) { - int l = 0; - char prompt[1024]; - - if (password_callback == NULL) - { - ENGINEerr(ENGINE_F_HWCRHK_GET_PASS,ENGINE_R_NO_CALLBACK); - return -1; - } - if (prompt_info) + pem_password_cb *callback = NULL; + void *callback_data = NULL; + UI_METHOD *ui_method = NULL; + + if (cactx) + { + if (cactx->ui_method) + ui_method = cactx->ui_method; + if (cactx->password_callback) + callback = cactx->password_callback; + if (cactx->callback_data) + callback_data = cactx->callback_data; + } + if (ppctx) { - strncpy(prompt, "Card: \"", sizeof(prompt)); - l += 5; - strncpy(prompt + l, prompt_info, sizeof(prompt) - l); - l += strlen(prompt_info); - if (l + 2 < sizeof(prompt)) - { - strncpy(prompt + l, "\"\n", sizeof(prompt) - l); - l += 2; - } + if (ppctx->ui_method) + { + ui_method = ppctx->ui_method; + callback = NULL; + } + if (ppctx->callback_data) + callback_data = ppctx->callback_data; } - if (l < sizeof(prompt) - 1) + if (callback == NULL && ui_method == NULL) { - strncpy(prompt, "Enter Passphrase :", - sizeof(prompt) - l); - l += 35; + HWCRHKerr(HWCRHK_F_HWCRHK_GET_PASS,HWCRHK_R_NO_CALLBACK); + return -1; } - prompt[l] = '\0'; - /* I know, passing on the prompt instead of the user data *is* - a bad thing. However, that's all we have right now. - -- Richard Levitte */ - *len_io = password_callback(buf, *len_io, 0, prompt); + if (ui_method) + { + UI *ui = UI_new_method(ui_method); + if (ui) + { + int ok; + char *prompt = UI_construct_prompt(ui, + "pass phrase", prompt_info); + + ok = UI_add_input_string(ui,prompt, + UI_INPUT_FLAG_DEFAULT_PWD, + buf,0,(*len_io) - 1); + UI_add_user_data(ui, callback_data); + UI_ctrl(ui, UI_CTRL_PRINT_ERRORS, 1, 0, 0); + + if (ok >= 0) + do + { + ok=UI_process(ui); + } + while (ok < 0 && UI_ctrl(ui, UI_CTRL_IS_REDOABLE, 0, 0, 0)); + + if (ok >= 0) + *len_io = strlen(buf); + + UI_free(ui); + OPENSSL_free(prompt); + } + } + else + { + *len_io = callback(buf, *len_io, 0, callback_data); + } if(!*len_io) return -1; return 0; } -static void hwcrhk_log_message(void *logstream, const char *message) +static int hwcrhk_insert_card(const char *prompt_info, + const char *wrong_info, + HWCryptoHook_PassphraseContext *ppctx, + HWCryptoHook_CallerContext *cactx) + { + int ok = -1; + UI *ui; + void *callback_data = NULL; + UI_METHOD *ui_method = NULL; + + if (cactx) + { + if (cactx->ui_method) + ui_method = cactx->ui_method; + if (cactx->callback_data) + callback_data = cactx->callback_data; + } + if (ppctx) + { + if (ppctx->ui_method) + ui_method = ppctx->ui_method; + if (ppctx->callback_data) + callback_data = ppctx->callback_data; + } + if (ui_method == NULL) + { + HWCRHKerr(HWCRHK_F_HWCRHK_INSERT_CARD, + HWCRHK_R_NO_CALLBACK); + return -1; + } + + ui = UI_new_method(ui_method); + + if (ui) + { + char answer; + char buf[BUFSIZ]; + + if (wrong_info) + BIO_snprintf(buf, sizeof(buf)-1, + "Current card: \"%s\"\n", wrong_info); + ok = UI_dup_info_string(ui, buf); + if (ok >= 0 && prompt_info) + { + BIO_snprintf(buf, sizeof(buf)-1, + "Insert card \"%s\"", prompt_info); + ok = UI_dup_input_boolean(ui, buf, + "\n then hit or C to cancel\n", + "\r\n", "Cc", UI_INPUT_FLAG_ECHO, &answer); + } + UI_add_user_data(ui, callback_data); + + if (ok >= 0) + ok = UI_process(ui); + UI_free(ui); + + if (ok == -2 || (ok >= 0 && answer == 'C')) + ok = 1; + else if (ok < 0) + ok = -1; + else + ok = 0; + } + return ok; + } + +static void hwcrhk_log_message(void *logstr, const char *message) { BIO *lstream = NULL; CRYPTO_w_lock(CRYPTO_LOCK_BIO); - if (logstream) - lstream=*(BIO **)logstream; + if (logstr) + lstream=*(BIO **)logstr; if (lstream) { BIO_write(lstream, message, strlen(message)); @@ -1015,5 +1302,20 @@ static void hwcrhk_log_message(void *logstream, const char *message) CRYPTO_w_unlock(CRYPTO_LOCK_BIO); } -#endif /* !NO_HW_NCIPHER */ -#endif /* !NO_HW */ +/* This stuff is needed if this ENGINE is being compiled into a self-contained + * shared-library. */ +#ifdef ENGINE_DYNAMIC_SUPPORT +static int bind_fn(ENGINE *e, const char *id) + { + if(id && (strcmp(id, engine_hwcrhk_id) != 0)) + return 0; + if(!bind_helper(e)) + return 0; + return 1; + } +IMPLEMENT_DYNAMIC_CHECK_FN() +IMPLEMENT_DYNAMIC_BIND_FN(bind_fn) +#endif /* ENGINE_DYNAMIC_SUPPORT */ + +#endif /* !OPENSSL_NO_HW_NCIPHER */ +#endif /* !OPENSSL_NO_HW */ diff --git a/src/lib/libcrypto/engine/vendor_defns/atalla.h b/src/lib/libcrypto/engine/vendor_defns/atalla.h index 8111649c54..149970d441 100644 --- a/src/lib/libcrypto/engine/vendor_defns/atalla.h +++ b/src/lib/libcrypto/engine/vendor_defns/atalla.h @@ -46,16 +46,3 @@ typedef int tfnASI_RSAPrivateKeyOpFn(RSAPrivateKey * rsaKey, unsigned char *input, unsigned int modulus_len); -/* These are the static string constants for the DSO file name and the function - * symbol names to bind to. Regrettably, the DSO name on *nix appears to be - * "atasi.so" rather than something more consistent like "libatasi.so". At the - * time of writing, I'm not sure what the file name on win32 is but clearly - * native name translation is not possible (eg libatasi.so on *nix, and - * atasi.dll on win32). For the purposes of testing, I have created a symbollic - * link called "libatasi.so" so that we can use native name-translation - a - * better solution will be needed. */ -static const char *ATALLA_LIBNAME = "atasi"; -static const char *ATALLA_F1 = "ASI_GetHardwareConfig"; -static const char *ATALLA_F2 = "ASI_RSAPrivateKeyOpFn"; -static const char *ATALLA_F3 = "ASI_GetPerformanceStatistics"; - diff --git a/src/lib/libcrypto/engine/vendor_defns/cswift.h b/src/lib/libcrypto/engine/vendor_defns/cswift.h index 0af14a1a92..60079326bb 100644 --- a/src/lib/libcrypto/engine/vendor_defns/cswift.h +++ b/src/lib/libcrypto/engine/vendor_defns/cswift.h @@ -32,12 +32,12 @@ typedef __uint32_t SW_U32; typedef unsigned long SW_U32; /* 32 bit integer */ #endif -#if defined(WIN32) +#if defined(OPENSSL_SYS_WIN32) typedef struct _SW_U64 { SW_U32 low32; SW_U32 high32; } SW_U64; /* 64 bit integer */ -#elif defined(MAC) +#elif defined(OPENSSL_SYS_MACINTOSH_CLASSIC) typedef longlong SW_U64 #else /* Unix variants */ typedef struct _SW_U64 { @@ -156,6 +156,27 @@ typedef struct _SW_LARGENUMBER { /* bytes in network (big endian) order */ } SW_LARGENUMBER; +#if defined(OPENSSL_SYS_WIN32) + #include + typedef HANDLE SW_OSHANDLE; /* handle to kernel object */ + #define SW_OS_INVALID_HANDLE INVALID_HANDLE_VALUE + #define SW_CALLCONV _stdcall +#elif defined(OPENSSL_SYS_MACINTOSH_CLASSIC) + /* async callback mechanisms */ + /* swiftCallbackLevel */ + #define SW_MAC_CALLBACK_LEVEL_NO 0 + #define SW_MAC_CALLBACK_LEVEL_HARDWARE 1 /* from the hardware ISR */ + #define SW_MAC_CALLBACK_LEVEL_SECONDARY 2 /* as secondary ISR */ + typedef int SW_MAC_CALLBACK_LEVEL; + typedef int SW_OSHANDLE; + #define SW_OS_INVALID_HANDLE (-1) + #define SW_CALLCONV +#else /* Unix variants */ + typedef int SW_OSHANDLE; /* handle to driver */ + #define SW_OS_INVALID_HANDLE (-1) + #define SW_CALLCONV +#endif + typedef struct _SW_CRT { SW_LARGENUMBER p; /* prime number p */ SW_LARGENUMBER q; /* prime number q */ @@ -196,16 +217,16 @@ typedef SW_U32 SW_CONTEXT_HANDLE; /* opaque context handle */ /* Now the OpenSSL bits, these function types are the for the function * pointers that will bound into the Rainbow shared libraries. */ -typedef SW_STATUS t_swAcquireAccContext(SW_CONTEXT_HANDLE *hac); -typedef SW_STATUS t_swAttachKeyParam(SW_CONTEXT_HANDLE hac, - SW_PARAM *key_params); -typedef SW_STATUS t_swSimpleRequest(SW_CONTEXT_HANDLE hac, - SW_COMMAND_CODE cmd, - SW_LARGENUMBER pin[], - SW_U32 pin_count, - SW_LARGENUMBER pout[], - SW_U32 pout_count); -typedef SW_STATUS t_swReleaseAccContext(SW_CONTEXT_HANDLE hac); +typedef SW_STATUS SW_CALLCONV t_swAcquireAccContext(SW_CONTEXT_HANDLE *hac); +typedef SW_STATUS SW_CALLCONV t_swAttachKeyParam(SW_CONTEXT_HANDLE hac, + SW_PARAM *key_params); +typedef SW_STATUS SW_CALLCONV t_swSimpleRequest(SW_CONTEXT_HANDLE hac, + SW_COMMAND_CODE cmd, + SW_LARGENUMBER pin[], + SW_U32 pin_count, + SW_LARGENUMBER pout[], + SW_U32 pout_count); +typedef SW_STATUS SW_CALLCONV t_swReleaseAccContext(SW_CONTEXT_HANDLE hac); #ifdef __cplusplus } diff --git a/src/lib/libcrypto/evp/bio_ok.c b/src/lib/libcrypto/evp/bio_ok.c index 101275d648..3cbc6e7848 100644 --- a/src/lib/libcrypto/evp/bio_ok.c +++ b/src/lib/libcrypto/evp/bio_ok.c @@ -67,7 +67,7 @@ and everything was OK. BUT if user types wrong password BIO_f_cipher outputs only garbage and my function crashes. Yes I can and I should fix my function, but BIO_f_cipher is - easy way to add encryption support to many exisiting applications + easy way to add encryption support to many existing applications and it's hard to debug and fix them all. So I wanted another BIO which would catch the incorrect passwords and @@ -80,10 +80,10 @@ 1) you must somehow separate checksum from actual data. 2) you need lot's of memory when reading the file, because you must read to the end of the file and verify the checksum before - leting the application to read the data. + letting the application to read the data. BIO_f_reliable tries to solve both problems, so that you can - read and write arbitraly long streams using only fixed amount + read and write arbitrary long streams using only fixed amount of memory. BIO_f_reliable splits data stream into blocks. Each block is prefixed @@ -91,7 +91,7 @@ several Kbytes of memory to buffer single block before verifying it's digest. - BIO_f_reliable goes futher and adds several important capabilities: + BIO_f_reliable goes further and adds several important capabilities: 1) the digest of the block is computed over the whole stream -- so nobody can rearrange the blocks or remove or replace them. @@ -110,7 +110,7 @@ and then compare the digest output. Bad things: BIO_f_reliable knows what's going on in EVP_Digest. I - initialy wrote and tested this code on x86 machine and wrote the + initially wrote and tested this code on x86 machine and wrote the digests out in machine-dependent order :( There are people using this code and I cannot change this easily without making existing data files unreadable. @@ -125,11 +125,13 @@ #include #include -static int ok_write(BIO *h,char *buf,int num); -static int ok_read(BIO *h,char *buf,int size); -static long ok_ctrl(BIO *h,int cmd,long arg1,char *arg2); +static int ok_write(BIO *h, const char *buf, int num); +static int ok_read(BIO *h, char *buf, int size); +static long ok_ctrl(BIO *h, int cmd, long arg1, void *arg2); static int ok_new(BIO *h); static int ok_free(BIO *data); +static long ok_callback_ctrl(BIO *h, int cmd, bio_info_cb *fp); + static void sig_out(BIO* b); static void sig_in(BIO* b); static void block_out(BIO* b); @@ -160,7 +162,7 @@ typedef struct ok_struct EVP_MD_CTX md; int blockout; /* output block is ready */ int sigio; /* must process signature */ - char buf[IOBS]; + unsigned char buf[IOBS]; } BIO_OK_CTX; static BIO_METHOD methods_ok= @@ -173,6 +175,7 @@ static BIO_METHOD methods_ok= ok_ctrl, ok_new, ok_free, + ok_callback_ctrl, }; BIO_METHOD *BIO_f_reliable(void) @@ -184,7 +187,7 @@ static int ok_new(BIO *bi) { BIO_OK_CTX *ctx; - ctx=(BIO_OK_CTX *)Malloc(sizeof(BIO_OK_CTX)); + ctx=(BIO_OK_CTX *)OPENSSL_malloc(sizeof(BIO_OK_CTX)); if (ctx == NULL) return(0); ctx->buf_len=0; @@ -196,6 +199,8 @@ static int ok_new(BIO *bi) ctx->blockout= 0; ctx->sigio=1; + EVP_MD_CTX_init(&ctx->md); + bi->init=0; bi->ptr=(char *)ctx; bi->flags=0; @@ -205,8 +210,9 @@ static int ok_new(BIO *bi) static int ok_free(BIO *a) { if (a == NULL) return(0); + EVP_MD_CTX_cleanup(&((BIO_OK_CTX *)a->ptr)->md); memset(a->ptr,0,sizeof(BIO_OK_CTX)); - Free(a->ptr); + OPENSSL_free(a->ptr); a->ptr=NULL; a->init=0; a->flags=0; @@ -284,7 +290,7 @@ static int ok_read(BIO *b, char *out, int outl) return(ret); } -static int ok_write(BIO *b, char *in, int inl) +static int ok_write(BIO *b, const char *in, int inl) { int ret=0,n,i; BIO_OK_CTX *ctx; @@ -342,7 +348,7 @@ static int ok_write(BIO *b, char *in, int inl) return(ret); } -static long ok_ctrl(BIO *b, int cmd, long num, char *ptr) +static long ok_ctrl(BIO *b, int cmd, long num, void *ptr) { BIO_OK_CTX *ctx; EVP_MD *md; @@ -350,7 +356,7 @@ static long ok_ctrl(BIO *b, int cmd, long num, char *ptr) long ret=1; int i; - ctx=(BIO_OK_CTX *)b->ptr; + ctx=b->ptr; switch (cmd) { @@ -408,14 +414,14 @@ static long ok_ctrl(BIO *b, int cmd, long num, char *ptr) ret=(long)ctx->cont; break; case BIO_C_SET_MD: - md=(EVP_MD *)ptr; - EVP_DigestInit(&(ctx->md),md); + md=ptr; + EVP_DigestInit_ex(&ctx->md, md, NULL); b->init=1; break; case BIO_C_GET_MD: if (b->init) { - ppmd=(const EVP_MD **)ptr; + ppmd=ptr; *ppmd=ctx->md.digest; } else @@ -428,6 +434,20 @@ static long ok_ctrl(BIO *b, int cmd, long num, char *ptr) return(ret); } +static long ok_callback_ctrl(BIO *b, int cmd, bio_info_cb *fp) + { + long ret=1; + + if (b->next_bio == NULL) return(0); + switch (cmd) + { + default: + ret=BIO_callback_ctrl(b->next_bio,cmd,fp); + break; + } + return(ret); + } + static void longswap(void *_ptr, int len) { #ifndef L_ENDIAN @@ -445,19 +465,22 @@ static void sig_out(BIO* b) BIO_OK_CTX *ctx; EVP_MD_CTX *md; - ctx=(BIO_OK_CTX *)b->ptr; - md= &(ctx->md); + ctx=b->ptr; + md=&ctx->md; if(ctx->buf_len+ 2* md->digest->md_size > OK_BLOCK_SIZE) return; - EVP_DigestInit(md, md->digest); - RAND_bytes(&(md->md.base[0]), md->digest->md_size); - memcpy(&(ctx->buf[ctx->buf_len]), &(md->md.base[0]), md->digest->md_size); + EVP_DigestInit_ex(md, md->digest, NULL); + /* FIXME: there's absolutely no guarantee this makes any sense at all, + * particularly now EVP_MD_CTX has been restructured. + */ + RAND_pseudo_bytes(md->md_data, md->digest->md_size); + memcpy(&(ctx->buf[ctx->buf_len]), md->md_data, md->digest->md_size); longswap(&(ctx->buf[ctx->buf_len]), md->digest->md_size); ctx->buf_len+= md->digest->md_size; - EVP_DigestUpdate(md, (unsigned char*)WELLKNOWN, strlen(WELLKNOWN)); - md->digest->final(&(ctx->buf[ctx->buf_len]), &(md->md.base[0])); + EVP_DigestUpdate(md, WELLKNOWN, strlen(WELLKNOWN)); + EVP_DigestFinal_ex(md, &(ctx->buf[ctx->buf_len]), NULL); ctx->buf_len+= md->digest->md_size; ctx->blockout= 1; ctx->sigio= 0; @@ -470,18 +493,18 @@ static void sig_in(BIO* b) unsigned char tmp[EVP_MAX_MD_SIZE]; int ret= 0; - ctx=(BIO_OK_CTX *)b->ptr; - md= &(ctx->md); + ctx=b->ptr; + md=&ctx->md; if(ctx->buf_len- ctx->buf_off < 2* md->digest->md_size) return; - EVP_DigestInit(md, md->digest); - memcpy(&(md->md.base[0]), &(ctx->buf[ctx->buf_off]), md->digest->md_size); - longswap(&(md->md.base[0]), md->digest->md_size); + EVP_DigestInit_ex(md, md->digest, NULL); + memcpy(md->md_data, &(ctx->buf[ctx->buf_off]), md->digest->md_size); + longswap(md->md_data, md->digest->md_size); ctx->buf_off+= md->digest->md_size; - EVP_DigestUpdate(md, (unsigned char*)WELLKNOWN, strlen(WELLKNOWN)); - md->digest->final(tmp, &(md->md.base[0])); + EVP_DigestUpdate(md, WELLKNOWN, strlen(WELLKNOWN)); + EVP_DigestFinal_ex(md, tmp, NULL); ret= memcmp(&(ctx->buf[ctx->buf_off]), tmp, md->digest->md_size) == 0; ctx->buf_off+= md->digest->md_size; if(ret == 1) @@ -506,15 +529,15 @@ static void block_out(BIO* b) EVP_MD_CTX *md; unsigned long tl; - ctx=(BIO_OK_CTX *)b->ptr; - md= &(ctx->md); + ctx=b->ptr; + md=&ctx->md; tl= ctx->buf_len- OK_BLOCK_BLOCK; tl= swapem(tl); memcpy(ctx->buf, &tl, OK_BLOCK_BLOCK); tl= swapem(tl); EVP_DigestUpdate(md, (unsigned char*) &(ctx->buf[OK_BLOCK_BLOCK]), tl); - md->digest->final(&(ctx->buf[ctx->buf_len]), &(md->md.base[0])); + EVP_DigestFinal_ex(md, &(ctx->buf[ctx->buf_len]), NULL); ctx->buf_len+= md->digest->md_size; ctx->blockout= 1; } @@ -526,15 +549,15 @@ static void block_in(BIO* b) long tl= 0; unsigned char tmp[EVP_MAX_MD_SIZE]; - ctx=(BIO_OK_CTX *)b->ptr; - md= &(ctx->md); + ctx=b->ptr; + md=&ctx->md; memcpy(&tl, ctx->buf, OK_BLOCK_BLOCK); tl= swapem(tl); if (ctx->buf_len < tl+ OK_BLOCK_BLOCK+ md->digest->md_size) return; EVP_DigestUpdate(md, (unsigned char*) &(ctx->buf[OK_BLOCK_BLOCK]), tl); - md->digest->final(tmp, &(md->md.base[0])); + EVP_DigestFinal_ex(md, tmp, NULL); if(memcmp(&(ctx->buf[tl+ OK_BLOCK_BLOCK]), tmp, md->digest->md_size) == 0) { /* there might be parts from next block lurking around ! */ diff --git a/src/lib/libcrypto/evp/c_allc.c b/src/lib/libcrypto/evp/c_allc.c index f24d3756c9..341a958fd4 100644 --- a/src/lib/libcrypto/evp/c_allc.c +++ b/src/lib/libcrypto/evp/c_allc.c @@ -64,7 +64,8 @@ void OpenSSL_add_all_ciphers(void) { -#ifndef NO_DES + +#ifndef OPENSSL_NO_DES EVP_add_cipher(EVP_des_cfb()); EVP_add_cipher(EVP_des_ede_cfb()); EVP_add_cipher(EVP_des_ede3_cfb()); @@ -90,12 +91,12 @@ void OpenSSL_add_all_ciphers(void) EVP_add_cipher(EVP_des_ede3()); #endif -#ifndef NO_RC4 +#ifndef OPENSSL_NO_RC4 EVP_add_cipher(EVP_rc4()); EVP_add_cipher(EVP_rc4_40()); #endif -#ifndef NO_IDEA +#ifndef OPENSSL_NO_IDEA EVP_add_cipher(EVP_idea_ecb()); EVP_add_cipher(EVP_idea_cfb()); EVP_add_cipher(EVP_idea_ofb()); @@ -104,7 +105,7 @@ void OpenSSL_add_all_ciphers(void) EVP_add_cipher_alias(SN_idea_cbc,"idea"); #endif -#ifndef NO_RC2 +#ifndef OPENSSL_NO_RC2 EVP_add_cipher(EVP_rc2_ecb()); EVP_add_cipher(EVP_rc2_cfb()); EVP_add_cipher(EVP_rc2_ofb()); @@ -115,7 +116,7 @@ void OpenSSL_add_all_ciphers(void) EVP_add_cipher_alias(SN_rc2_cbc,"rc2"); #endif -#ifndef NO_BF +#ifndef OPENSSL_NO_BF EVP_add_cipher(EVP_bf_ecb()); EVP_add_cipher(EVP_bf_cfb()); EVP_add_cipher(EVP_bf_ofb()); @@ -125,7 +126,7 @@ void OpenSSL_add_all_ciphers(void) EVP_add_cipher_alias(SN_bf_cbc,"blowfish"); #endif -#ifndef NO_CAST +#ifndef OPENSSL_NO_CAST EVP_add_cipher(EVP_cast5_ecb()); EVP_add_cipher(EVP_cast5_cfb()); EVP_add_cipher(EVP_cast5_ofb()); @@ -136,7 +137,7 @@ void OpenSSL_add_all_ciphers(void) EVP_add_cipher_alias(SN_cast5_cbc,"cast-cbc"); #endif -#ifndef NO_RC5 +#ifndef OPENSSL_NO_RC5 EVP_add_cipher(EVP_rc5_32_12_16_ecb()); EVP_add_cipher(EVP_rc5_32_12_16_cfb()); EVP_add_cipher(EVP_rc5_32_12_16_ofb()); @@ -144,6 +145,36 @@ void OpenSSL_add_all_ciphers(void) EVP_add_cipher_alias(SN_rc5_cbc,"rc5"); EVP_add_cipher_alias(SN_rc5_cbc,"RC5"); #endif + +#ifndef OPENSSL_NO_AES + EVP_add_cipher(EVP_aes_128_ecb()); + EVP_add_cipher(EVP_aes_128_cbc()); + EVP_add_cipher(EVP_aes_128_cfb()); + EVP_add_cipher(EVP_aes_128_ofb()); +#if 0 + EVP_add_cipher(EVP_aes_128_ctr()); +#endif + EVP_add_cipher_alias(SN_aes_128_cbc,"AES128"); + EVP_add_cipher_alias(SN_aes_128_cbc,"aes128"); + EVP_add_cipher(EVP_aes_192_ecb()); + EVP_add_cipher(EVP_aes_192_cbc()); + EVP_add_cipher(EVP_aes_192_cfb()); + EVP_add_cipher(EVP_aes_192_ofb()); +#if 0 + EVP_add_cipher(EVP_aes_192_ctr()); +#endif + EVP_add_cipher_alias(SN_aes_192_cbc,"AES192"); + EVP_add_cipher_alias(SN_aes_192_cbc,"aes192"); + EVP_add_cipher(EVP_aes_256_ecb()); + EVP_add_cipher(EVP_aes_256_cbc()); + EVP_add_cipher(EVP_aes_256_cfb()); + EVP_add_cipher(EVP_aes_256_ofb()); +#if 0 + EVP_add_cipher(EVP_aes_256_ctr()); +#endif + EVP_add_cipher_alias(SN_aes_256_cbc,"AES256"); + EVP_add_cipher_alias(SN_aes_256_cbc,"aes256"); +#endif PKCS12_PBE_add(); PKCS5_PBE_add(); } diff --git a/src/lib/libcrypto/evp/c_alld.c b/src/lib/libcrypto/evp/c_alld.c index febe51a3ee..be91cdb037 100644 --- a/src/lib/libcrypto/evp/c_alld.c +++ b/src/lib/libcrypto/evp/c_alld.c @@ -64,35 +64,38 @@ void OpenSSL_add_all_digests(void) { -#ifndef NO_MD2 +#ifndef OPENSSL_NO_MD2 EVP_add_digest(EVP_md2()); #endif -#ifndef NO_MD5 +#ifndef OPENSSL_NO_MD4 + EVP_add_digest(EVP_md4()); +#endif +#ifndef OPENSSL_NO_MD5 EVP_add_digest(EVP_md5()); EVP_add_digest_alias(SN_md5,"ssl2-md5"); EVP_add_digest_alias(SN_md5,"ssl3-md5"); #endif -#ifndef NO_SHA +#ifndef OPENSSL_NO_SHA EVP_add_digest(EVP_sha()); -#ifndef NO_DSA +#ifndef OPENSSL_NO_DSA EVP_add_digest(EVP_dss()); #endif #endif -#ifndef NO_SHA +#ifndef OPENSSL_NO_SHA EVP_add_digest(EVP_sha1()); EVP_add_digest_alias(SN_sha1,"ssl3-sha1"); EVP_add_digest_alias(SN_sha1WithRSAEncryption,SN_sha1WithRSA); -#ifndef NO_DSA +#ifndef OPENSSL_NO_DSA EVP_add_digest(EVP_dss1()); EVP_add_digest_alias(SN_dsaWithSHA1,SN_dsaWithSHA1_2); EVP_add_digest_alias(SN_dsaWithSHA1,"DSS1"); EVP_add_digest_alias(SN_dsaWithSHA1,"dss1"); #endif #endif -#if !defined(NO_MDC2) && !defined(NO_DES) +#if !defined(OPENSSL_NO_MDC2) && !defined(OPENSSL_NO_DES) EVP_add_digest(EVP_mdc2()); #endif -#ifndef NO_RIPEMD +#ifndef OPENSSL_NO_RIPEMD EVP_add_digest(EVP_ripemd160()); EVP_add_digest_alias(SN_ripemd160,"ripemd"); EVP_add_digest_alias(SN_ripemd160,"rmd160"); diff --git a/src/lib/libcrypto/evp/e_dsa.c b/src/lib/libcrypto/evp/e_dsa.c index 6715c3e95e..b96f2738b3 100644 --- a/src/lib/libcrypto/evp/e_dsa.c +++ b/src/lib/libcrypto/evp/e_dsa.c @@ -58,9 +58,9 @@ #include #include "cryptlib.h" -#include "evp.h" -#include "objects.h" -#include "x509.h" +#include +#include +#include static EVP_PKEY_METHOD dss_method= { diff --git a/src/lib/libcrypto/evp/e_rc5.c b/src/lib/libcrypto/evp/e_rc5.c index 5885f1826b..3c7713b181 100644 --- a/src/lib/libcrypto/evp/e_rc5.c +++ b/src/lib/libcrypto/evp/e_rc5.c @@ -56,62 +56,69 @@ * [including the GNU Public Licence.] */ -#ifndef NO_RC5 +#ifndef OPENSSL_NO_RC5 #include #include "cryptlib.h" #include #include #include "evp_locl.h" +#include static int r_32_12_16_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, const unsigned char *iv,int enc); static int rc5_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr); -IMPLEMENT_BLOCK_CIPHER(rc5_32_12_16, rc5.ks, RC5_32, rc5, NID_rc5, - 8, EVP_RC5_32_12_16_KEY_SIZE, 8, - EVP_CIPH_VARIABLE_LENGTH | EVP_CIPH_CTRL_INIT, - r_32_12_16_init_key, NULL, - NULL, NULL, rc5_ctrl) +typedef struct + { + int rounds; /* number of rounds */ + RC5_32_KEY ks; /* key schedule */ + } EVP_RC5_KEY; +#define data(ctx) EVP_C_DATA(EVP_RC5_KEY,ctx) +IMPLEMENT_BLOCK_CIPHER(rc5_32_12_16, ks, RC5_32, EVP_RC5_KEY, NID_rc5, + 8, RC5_32_KEY_LENGTH, 8, 64, + EVP_CIPH_VARIABLE_LENGTH | EVP_CIPH_CTRL_INIT, + r_32_12_16_init_key, NULL, + NULL, NULL, rc5_ctrl) static int rc5_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr) { - switch(type) { - - case EVP_CTRL_INIT: - c->c.rc5.rounds = RC5_12_ROUNDS; - return 1; + switch(type) + { + case EVP_CTRL_INIT: + data(c)->rounds = RC5_12_ROUNDS; + return 1; - case EVP_CTRL_GET_RC5_ROUNDS: - *(int *)ptr = c->c.rc5.rounds; - return 1; - + case EVP_CTRL_GET_RC5_ROUNDS: + *(int *)ptr = data(c)->rounds; + return 1; - case EVP_CTRL_SET_RC5_ROUNDS: - switch(arg) { - case RC5_8_ROUNDS: - case RC5_12_ROUNDS: - case RC5_16_ROUNDS: - c->c.rc5.rounds = arg; - return 1; + case EVP_CTRL_SET_RC5_ROUNDS: + switch(arg) + { + case RC5_8_ROUNDS: + case RC5_12_ROUNDS: + case RC5_16_ROUNDS: + data(c)->rounds = arg; + return 1; - default: - EVPerr(EVP_F_RC5_CTRL, EVP_R_UNSUPORTED_NUMBER_OF_ROUNDS); - return 0; + default: + EVPerr(EVP_F_RC5_CTRL, EVP_R_UNSUPORTED_NUMBER_OF_ROUNDS); + return 0; } - default: - return -1; + default: + return -1; } } static int r_32_12_16_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, const unsigned char *iv, int enc) { - RC5_32_set_key(&(ctx->c.rc5.ks),EVP_CIPHER_CTX_key_length(ctx), - key,ctx->c.rc5.rounds); + RC5_32_set_key(&data(ctx)->ks,EVP_CIPHER_CTX_key_length(ctx), + key,data(ctx)->rounds); return 1; } diff --git a/src/lib/libcrypto/evp/evp_test.c b/src/lib/libcrypto/evp/evp_test.c index 3607fe7776..1bfffb34cf 100644 --- a/src/lib/libcrypto/evp/evp_test.c +++ b/src/lib/libcrypto/evp/evp_test.c @@ -123,13 +123,15 @@ static unsigned char *ustrsep(char **p,const char *sep) static void test1(const EVP_CIPHER *c,const unsigned char *key,int kn, const unsigned char *iv,int in, const unsigned char *plaintext,int pn, - const unsigned char *ciphertext,int cn) + const unsigned char *ciphertext,int cn, + int encdec) { EVP_CIPHER_CTX ctx; unsigned char out[4096]; int outl,outl2; - printf("Testing cipher %s\n",EVP_CIPHER_name(c)); + printf("Testing cipher %s%s\n",EVP_CIPHER_name(c), + (encdec == 1 ? "(encrypt)" : (encdec == 0 ? "(decrypt)" : "(encrypt/decrypt)"))); hexdump(stdout,"Key",key,kn); if(in) hexdump(stdout,"IV",iv,in); @@ -143,79 +145,88 @@ static void test1(const EVP_CIPHER *c,const unsigned char *key,int kn, exit(5); } EVP_CIPHER_CTX_init(&ctx); - if(!EVP_EncryptInit_ex(&ctx,c,NULL,key,iv)) - { - fprintf(stderr,"EncryptInit failed\n"); - exit(10); - } - EVP_CIPHER_CTX_set_padding(&ctx,0); + if (encdec != 0) + { + if(!EVP_EncryptInit_ex(&ctx,c,NULL,key,iv)) + { + fprintf(stderr,"EncryptInit failed\n"); + exit(10); + } + EVP_CIPHER_CTX_set_padding(&ctx,0); - if(!EVP_EncryptUpdate(&ctx,out,&outl,plaintext,pn)) - { - fprintf(stderr,"Encrypt failed\n"); - exit(6); - } - if(!EVP_EncryptFinal_ex(&ctx,out+outl,&outl2)) - { - fprintf(stderr,"EncryptFinal failed\n"); - exit(7); - } + if(!EVP_EncryptUpdate(&ctx,out,&outl,plaintext,pn)) + { + fprintf(stderr,"Encrypt failed\n"); + exit(6); + } + if(!EVP_EncryptFinal_ex(&ctx,out+outl,&outl2)) + { + fprintf(stderr,"EncryptFinal failed\n"); + exit(7); + } - if(outl+outl2 != cn) - { - fprintf(stderr,"Ciphertext length mismatch got %d expected %d\n", - outl+outl2,cn); - exit(8); - } + if(outl+outl2 != cn) + { + fprintf(stderr,"Ciphertext length mismatch got %d expected %d\n", + outl+outl2,cn); + exit(8); + } - if(memcmp(out,ciphertext,cn)) - { - fprintf(stderr,"Ciphertext mismatch\n"); - hexdump(stderr,"Got",out,cn); - hexdump(stderr,"Expected",ciphertext,cn); - exit(9); + if(memcmp(out,ciphertext,cn)) + { + fprintf(stderr,"Ciphertext mismatch\n"); + hexdump(stderr,"Got",out,cn); + hexdump(stderr,"Expected",ciphertext,cn); + exit(9); + } } - if(!EVP_DecryptInit_ex(&ctx,c,NULL,key,iv)) - { - fprintf(stderr,"DecryptInit failed\n"); - exit(11); - } - EVP_CIPHER_CTX_set_padding(&ctx,0); + if (encdec <= 0) + { + if(!EVP_DecryptInit_ex(&ctx,c,NULL,key,iv)) + { + fprintf(stderr,"DecryptInit failed\n"); + exit(11); + } + EVP_CIPHER_CTX_set_padding(&ctx,0); - if(!EVP_DecryptUpdate(&ctx,out,&outl,ciphertext,pn)) - { - fprintf(stderr,"Decrypt failed\n"); - exit(6); - } - if(!EVP_DecryptFinal_ex(&ctx,out+outl,&outl2)) - { - fprintf(stderr,"DecryptFinal failed\n"); - exit(7); - } + if(!EVP_DecryptUpdate(&ctx,out,&outl,ciphertext,cn)) + { + fprintf(stderr,"Decrypt failed\n"); + exit(6); + } + if(!EVP_DecryptFinal_ex(&ctx,out+outl,&outl2)) + { + fprintf(stderr,"DecryptFinal failed\n"); + exit(7); + } - if(outl+outl2 != cn) - { - fprintf(stderr,"Plaintext length mismatch got %d expected %d\n", - outl+outl2,cn); - exit(8); - } + if(outl+outl2 != cn) + { + fprintf(stderr,"Plaintext length mismatch got %d expected %d\n", + outl+outl2,cn); + exit(8); + } - if(memcmp(out,plaintext,cn)) - { - fprintf(stderr,"Plaintext mismatch\n"); - hexdump(stderr,"Got",out,cn); - hexdump(stderr,"Expected",plaintext,cn); - exit(9); + if(memcmp(out,plaintext,cn)) + { + fprintf(stderr,"Plaintext mismatch\n"); + hexdump(stderr,"Got",out,cn); + hexdump(stderr,"Expected",plaintext,cn); + exit(9); + } } + EVP_CIPHER_CTX_cleanup(&ctx); + printf("\n"); } static int test_cipher(const char *cipher,const unsigned char *key,int kn, const unsigned char *iv,int in, const unsigned char *plaintext,int pn, - const unsigned char *ciphertext,int cn) + const unsigned char *ciphertext,int cn, + int encdec) { const EVP_CIPHER *c; @@ -223,7 +234,7 @@ static int test_cipher(const char *cipher,const unsigned char *key,int kn, if(!c) return 0; - test1(c,key,kn,iv,in,plaintext,pn,ciphertext,cn); + test1(c,key,kn,iv,in,plaintext,pn,ciphertext,cn,encdec); return 1; } @@ -279,6 +290,8 @@ static int test_digest(const char *digest, printf("\n"); + EVP_MD_CTX_cleanup(&ctx); + return 1; } @@ -328,6 +341,7 @@ int main(int argc,char **argv) char *p; char *cipher; unsigned char *iv,*key,*plaintext,*ciphertext; + int encdec; int kn,in,pn,cn; if(!fgets((char *)line,sizeof line,f)) @@ -339,14 +353,21 @@ int main(int argc,char **argv) key=ustrsep(&p,":"); iv=ustrsep(&p,":"); plaintext=ustrsep(&p,":"); - ciphertext=ustrsep(&p,"\n"); + ciphertext=ustrsep(&p,":"); + if (p[-1] == '\n') { + p[-1] = '\0'; + encdec = -1; + } else { + encdec = atoi(strsep(&p,"\n")); + } + kn=convert(key); in=convert(iv); pn=convert(plaintext); cn=convert(ciphertext); - if(!test_cipher(cipher,key,kn,iv,in,plaintext,pn,ciphertext,cn) + if(!test_cipher(cipher,key,kn,iv,in,plaintext,pn,ciphertext,cn,encdec) && !test_digest(cipher,plaintext,pn,ciphertext,cn)) { fprintf(stderr,"Can't find %s\n",cipher); diff --git a/src/lib/libcrypto/evp/evptests.txt b/src/lib/libcrypto/evp/evptests.txt index 6c1529db37..80bd9c7765 100644 --- a/src/lib/libcrypto/evp/evptests.txt +++ b/src/lib/libcrypto/evp/evptests.txt @@ -1,4 +1,4 @@ -#cipher:key:iv:input:output +#cipher:key:iv:plaintext:ciphertext:0/1(decrypt/encrypt) #digest:::input:output # SHA(1) tests (from shatest.c) @@ -15,47 +15,148 @@ MD5:::31323334353637383930313233343536373839303132333435363738393031323334353637 # AES 128 ECB tests (from FIPS-197 test vectors, encrypt) -AES-128-ECB:000102030405060708090A0B0C0D0E0F::00112233445566778899AABBCCDDEEFF:69C4E0D86A7B0430D8CDB78070B4C55A +AES-128-ECB:000102030405060708090A0B0C0D0E0F::00112233445566778899AABBCCDDEEFF:69C4E0D86A7B0430D8CDB78070B4C55A:1 # AES 192 ECB tests (from FIPS-197 test vectors, encrypt) -AES-192-ECB:000102030405060708090A0B0C0D0E0F1011121314151617::00112233445566778899AABBCCDDEEFF:DDA97CA4864CDFE06EAF70A0EC0D7191 +AES-192-ECB:000102030405060708090A0B0C0D0E0F1011121314151617::00112233445566778899AABBCCDDEEFF:DDA97CA4864CDFE06EAF70A0EC0D7191:1 # AES 256 ECB tests (from FIPS-197 test vectors, encrypt) -AES-256-ECB:000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F::00112233445566778899AABBCCDDEEFF:8EA2B7CA516745BFEAFC49904B496089 +AES-256-ECB:000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F::00112233445566778899AABBCCDDEEFF:8EA2B7CA516745BFEAFC49904B496089:1 # AES 128 ECB tests (from NIST test vectors, encrypt) -#AES-128-ECB:00000000000000000000000000000000::00000000000000000000000000000000:C34C052CC0DA8D73451AFE5F03BE297F +#AES-128-ECB:00000000000000000000000000000000::00000000000000000000000000000000:C34C052CC0DA8D73451AFE5F03BE297F:1 # AES 128 ECB tests (from NIST test vectors, decrypt) -#AES-128-ECB:00000000000000000000000000000000::44416AC2D1F53C583303917E6BE9EBE0:00000000000000000000000000000000 +#AES-128-ECB:00000000000000000000000000000000::44416AC2D1F53C583303917E6BE9EBE0:00000000000000000000000000000000:0 # AES 192 ECB tests (from NIST test vectors, decrypt) -#AES-192-ECB:000000000000000000000000000000000000000000000000::48E31E9E256718F29229319C19F15BA4:00000000000000000000000000000000 +#AES-192-ECB:000000000000000000000000000000000000000000000000::48E31E9E256718F29229319C19F15BA4:00000000000000000000000000000000:0 # AES 256 ECB tests (from NIST test vectors, decrypt) -#AES-256-ECB:0000000000000000000000000000000000000000000000000000000000000000::058CCFFDBBCB382D1F6F56585D8A4ADE:00000000000000000000000000000000 +#AES-256-ECB:0000000000000000000000000000000000000000000000000000000000000000::058CCFFDBBCB382D1F6F56585D8A4ADE:00000000000000000000000000000000:0 # AES 128 CBC tests (from NIST test vectors, encrypt) -#AES-128-CBC:00000000000000000000000000000000:00000000000000000000000000000000:00000000000000000000000000000000:8A05FC5E095AF4848A08D328D3688E3D +#AES-128-CBC:00000000000000000000000000000000:00000000000000000000000000000000:00000000000000000000000000000000:8A05FC5E095AF4848A08D328D3688E3D:1 # AES 192 CBC tests (from NIST test vectors, encrypt) -#AES-192-CBC:000000000000000000000000000000000000000000000000:00000000000000000000000000000000:00000000000000000000000000000000:7BD966D53AD8C1BB85D2ADFAE87BB104 +#AES-192-CBC:000000000000000000000000000000000000000000000000:00000000000000000000000000000000:00000000000000000000000000000000:7BD966D53AD8C1BB85D2ADFAE87BB104:1 # AES 256 CBC tests (from NIST test vectors, encrypt) -#AES-256-CBC:0000000000000000000000000000000000000000000000000000000000000000:00000000000000000000000000000000:00000000000000000000000000000000:FE3C53653E2F45B56FCD88B2CC898FF0 +#AES-256-CBC:0000000000000000000000000000000000000000000000000000000000000000:00000000000000000000000000000000:00000000000000000000000000000000:FE3C53653E2F45B56FCD88B2CC898FF0:1 # AES 128 CBC tests (from NIST test vectors, decrypt) -#AES-128-CBC:00000000000000000000000000000000:00000000000000000000000000000000:FACA37E0B0C85373DF706E73F7C9AF86:00000000000000000000000000000000 +#AES-128-CBC:00000000000000000000000000000000:00000000000000000000000000000000:FACA37E0B0C85373DF706E73F7C9AF86:00000000000000000000000000000000:0 + +# AES tests from NIST document SP800-38A +# For all ECB encrypts and decrypts, the transformed sequence is +# AES-bits-ECB:key::plaintext:ciphertext:encdec +# ECB-AES128.Encrypt and ECB-AES128.Decrypt +AES-128-ECB:2B7E151628AED2A6ABF7158809CF4F3C::6BC1BEE22E409F96E93D7E117393172A:3AD77BB40D7A3660A89ECAF32466EF97 +AES-128-ECB:2B7E151628AED2A6ABF7158809CF4F3C::AE2D8A571E03AC9C9EB76FAC45AF8E51:F5D3D58503B9699DE785895A96FDBAAF +AES-128-ECB:2B7E151628AED2A6ABF7158809CF4F3C::30C81C46A35CE411E5FBC1191A0A52EF:43B1CD7F598ECE23881B00E3ED030688 +AES-128-ECB:2B7E151628AED2A6ABF7158809CF4F3C::F69F2445DF4F9B17AD2B417BE66C3710:7B0C785E27E8AD3F8223207104725DD4 +# ECB-AES192.Encrypt and ECB-AES192.Decrypt +AES-192-ECB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B::6BC1BEE22E409F96E93D7E117393172A:BD334F1D6E45F25FF712A214571FA5CC +AES-192-ECB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B::AE2D8A571E03AC9C9EB76FAC45AF8E51:974104846D0AD3AD7734ECB3ECEE4EEF +AES-192-ECB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B::30C81C46A35CE411E5FBC1191A0A52EF:EF7AFD2270E2E60ADCE0BA2FACE6444E +AES-192-ECB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B::F69F2445DF4F9B17AD2B417BE66C3710:9A4B41BA738D6C72FB16691603C18E0E +# ECB-AES256.Encrypt and ECB-AES256.Decrypt +AES-256-ECB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4::6BC1BEE22E409F96E93D7E117393172A:F3EED1BDB5D2A03C064B5A7E3DB181F8 +AES-256-ECB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4::AE2D8A571E03AC9C9EB76FAC45AF8E51:591CCB10D410ED26DC5BA74A31362870 +AES-256-ECB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4::30C81C46A35CE411E5FBC1191A0A52EF:B6ED21B99CA6F4F9F153E7B1BEAFED1D +AES-256-ECB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4::F69F2445DF4F9B17AD2B417BE66C3710:23304B7A39F9F3FF067D8D8F9E24ECC7 +# For all CBC encrypts and decrypts, the transformed sequence is +# AES-bits-CBC:key:IV/ciphertext':plaintext:ciphertext:encdec +# CBC-AES128.Encrypt and CBC-AES128.Decrypt +AES-128-CBC:2B7E151628AED2A6ABF7158809CF4F3C:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:7649ABAC8119B246CEE98E9B12E9197D +AES-128-CBC:2B7E151628AED2A6ABF7158809CF4F3C:7649ABAC8119B246CEE98E9B12E9197D:AE2D8A571E03AC9C9EB76FAC45AF8E51:5086CB9B507219EE95DB113A917678B2 +AES-128-CBC:2B7E151628AED2A6ABF7158809CF4F3C:5086CB9B507219EE95DB113A917678B2:30C81C46A35CE411E5FBC1191A0A52EF:73BED6B8E3C1743B7116E69E22229516 +AES-128-CBC:2B7E151628AED2A6ABF7158809CF4F3C:73BED6B8E3C1743B7116E69E22229516:F69F2445DF4F9B17AD2B417BE66C3710:3FF1CAA1681FAC09120ECA307586E1A7 +# CBC-AES192.Encrypt and CBC-AES192.Decrypt +AES-192-CBC:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:4F021DB243BC633D7178183A9FA071E8 +AES-192-CBC:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:4F021DB243BC633D7178183A9FA071E8:AE2D8A571E03AC9C9EB76FAC45AF8E51:B4D9ADA9AD7DEDF4E5E738763F69145A +AES-192-CBC:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:B4D9ADA9AD7DEDF4E5E738763F69145A:30C81C46A35CE411E5FBC1191A0A52EF:571B242012FB7AE07FA9BAAC3DF102E0 +AES-192-CBC:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:571B242012FB7AE07FA9BAAC3DF102E0:F69F2445DF4F9B17AD2B417BE66C3710:08B0E27988598881D920A9E64F5615CD +# CBC-AES256.Encrypt and CBC-AES256.Decrypt +AES-256-CBC:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:F58C4C04D6E5F1BA779EABFB5F7BFBD6 +AES-256-CBC:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:F58C4C04D6E5F1BA779EABFB5F7BFBD6:AE2D8A571E03AC9C9EB76FAC45AF8E51:9CFC4E967EDB808D679F777BC6702C7D +AES-256-CBC:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:9CFC4E967EDB808D679F777BC6702C7D:30C81C46A35CE411E5FBC1191A0A52EF:39F23369A9D9BACFA530E26304231461 +AES-256-CBC:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:39F23369A9D9BACFA530E26304231461:F69F2445DF4F9B17AD2B417BE66C3710:B2EB05E2C39BE9FCDA6C19078C6A9D1B +# We don't support CFB{1,8}-AESxxx.{En,De}crypt +# For all CFB128 encrypts and decrypts, the transformed sequence is +# AES-bits-CFB:key:IV/ciphertext':plaintext:ciphertext:encdec +# CFB128-AES128.Encrypt +AES-128-CFB:2B7E151628AED2A6ABF7158809CF4F3C:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:3B3FD92EB72DAD20333449F8E83CFB4A:1 +AES-128-CFB:2B7E151628AED2A6ABF7158809CF4F3C:3B3FD92EB72DAD20333449F8E83CFB4A:AE2D8A571E03AC9C9EB76FAC45AF8E51:C8A64537A0B3A93FCDE3CDAD9F1CE58B:1 +AES-128-CFB:2B7E151628AED2A6ABF7158809CF4F3C:C8A64537A0B3A93FCDE3CDAD9F1CE58B:30C81C46A35CE411E5FBC1191A0A52EF:26751F67A3CBB140B1808CF187A4F4DF:1 +AES-128-CFB:2B7E151628AED2A6ABF7158809CF4F3C:26751F67A3CBB140B1808CF187A4F4DF:F69F2445DF4F9B17AD2B417BE66C3710:C04B05357C5D1C0EEAC4C66F9FF7F2E6:1 +# CFB128-AES128.Decrypt +AES-128-CFB:2B7E151628AED2A6ABF7158809CF4F3C:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:3B3FD92EB72DAD20333449F8E83CFB4A:0 +AES-128-CFB:2B7E151628AED2A6ABF7158809CF4F3C:3B3FD92EB72DAD20333449F8E83CFB4A:AE2D8A571E03AC9C9EB76FAC45AF8E51:C8A64537A0B3A93FCDE3CDAD9F1CE58B:0 +AES-128-CFB:2B7E151628AED2A6ABF7158809CF4F3C:C8A64537A0B3A93FCDE3CDAD9F1CE58B:30C81C46A35CE411E5FBC1191A0A52EF:26751F67A3CBB140B1808CF187A4F4DF:0 +AES-128-CFB:2B7E151628AED2A6ABF7158809CF4F3C:26751F67A3CBB140B1808CF187A4F4DF:F69F2445DF4F9B17AD2B417BE66C3710:C04B05357C5D1C0EEAC4C66F9FF7F2E6:0 +# CFB128-AES192.Encrypt +AES-192-CFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:CDC80D6FDDF18CAB34C25909C99A4174:1 +AES-192-CFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:CDC80D6FDDF18CAB34C25909C99A4174:AE2D8A571E03AC9C9EB76FAC45AF8E51:67CE7F7F81173621961A2B70171D3D7A:1 +AES-192-CFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:67CE7F7F81173621961A2B70171D3D7A:30C81C46A35CE411E5FBC1191A0A52EF:2E1E8A1DD59B88B1C8E60FED1EFAC4C9:1 +AES-192-CFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:2E1E8A1DD59B88B1C8E60FED1EFAC4C9:F69F2445DF4F9B17AD2B417BE66C3710:C05F9F9CA9834FA042AE8FBA584B09FF:1 +# CFB128-AES192.Decrypt +AES-192-CFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:CDC80D6FDDF18CAB34C25909C99A4174:0 +AES-192-CFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:CDC80D6FDDF18CAB34C25909C99A4174:AE2D8A571E03AC9C9EB76FAC45AF8E51:67CE7F7F81173621961A2B70171D3D7A:0 +AES-192-CFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:67CE7F7F81173621961A2B70171D3D7A:30C81C46A35CE411E5FBC1191A0A52EF:2E1E8A1DD59B88B1C8E60FED1EFAC4C9:0 +AES-192-CFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:2E1E8A1DD59B88B1C8E60FED1EFAC4C9:F69F2445DF4F9B17AD2B417BE66C3710:C05F9F9CA9834FA042AE8FBA584B09FF:0 +# CFB128-AES256.Encrypt +AES-256-CFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:DC7E84BFDA79164B7ECD8486985D3860:1 +AES-256-CFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:DC7E84BFDA79164B7ECD8486985D3860:AE2D8A571E03AC9C9EB76FAC45AF8E51:39FFED143B28B1C832113C6331E5407B:1 +AES-256-CFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:39FFED143B28B1C832113C6331E5407B:30C81C46A35CE411E5FBC1191A0A52EF:DF10132415E54B92A13ED0A8267AE2F9:1 +AES-256-CFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:DF10132415E54B92A13ED0A8267AE2F9:F69F2445DF4F9B17AD2B417BE66C3710:75A385741AB9CEF82031623D55B1E471:1 +# CFB128-AES256.Decrypt +AES-256-CFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:DC7E84BFDA79164B7ECD8486985D3860:0 +AES-256-CFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:DC7E84BFDA79164B7ECD8486985D3860:AE2D8A571E03AC9C9EB76FAC45AF8E51:39FFED143B28B1C832113C6331E5407B:0 +AES-256-CFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:39FFED143B28B1C832113C6331E5407B:30C81C46A35CE411E5FBC1191A0A52EF:DF10132415E54B92A13ED0A8267AE2F9:0 +AES-256-CFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:DF10132415E54B92A13ED0A8267AE2F9:F69F2445DF4F9B17AD2B417BE66C3710:75A385741AB9CEF82031623D55B1E471:0 +# For all OFB encrypts and decrypts, the transformed sequence is +# AES-bits-CFB:key:IV/output':plaintext:ciphertext:encdec +# OFB-AES128.Encrypt +AES-128-OFB:2B7E151628AED2A6ABF7158809CF4F3C:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:3B3FD92EB72DAD20333449F8E83CFB4A:1 +AES-128-OFB:2B7E151628AED2A6ABF7158809CF4F3C:50FE67CC996D32B6DA0937E99BAFEC60:AE2D8A571E03AC9C9EB76FAC45AF8E51:7789508D16918F03F53C52DAC54ED825:1 +AES-128-OFB:2B7E151628AED2A6ABF7158809CF4F3C:D9A4DADA0892239F6B8B3D7680E15674:30C81C46A35CE411E5FBC1191A0A52EF:9740051E9C5FECF64344F7A82260EDCC:1 +AES-128-OFB:2B7E151628AED2A6ABF7158809CF4F3C:A78819583F0308E7A6BF36B1386ABF23:F69F2445DF4F9B17AD2B417BE66C3710:304C6528F659C77866A510D9C1D6AE5E:1 +# OFB-AES128.Decrypt +AES-128-OFB:2B7E151628AED2A6ABF7158809CF4F3C:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:3B3FD92EB72DAD20333449F8E83CFB4A:0 +AES-128-OFB:2B7E151628AED2A6ABF7158809CF4F3C:50FE67CC996D32B6DA0937E99BAFEC60:AE2D8A571E03AC9C9EB76FAC45AF8E51:7789508D16918F03F53C52DAC54ED825:0 +AES-128-OFB:2B7E151628AED2A6ABF7158809CF4F3C:D9A4DADA0892239F6B8B3D7680E15674:30C81C46A35CE411E5FBC1191A0A52EF:9740051E9C5FECF64344F7A82260EDCC:0 +AES-128-OFB:2B7E151628AED2A6ABF7158809CF4F3C:A78819583F0308E7A6BF36B1386ABF23:F69F2445DF4F9B17AD2B417BE66C3710:304C6528F659C77866A510D9C1D6AE5E:0 +# OFB-AES192.Encrypt +AES-192-OFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:CDC80D6FDDF18CAB34C25909C99A4174:1 +AES-192-OFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:A609B38DF3B1133DDDFF2718BA09565E:AE2D8A571E03AC9C9EB76FAC45AF8E51:FCC28B8D4C63837C09E81700C1100401:1 +AES-192-OFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:52EF01DA52602FE0975F78AC84BF8A50:30C81C46A35CE411E5FBC1191A0A52EF:8D9A9AEAC0F6596F559C6D4DAF59A5F2:1 +AES-192-OFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:BD5286AC63AABD7EB067AC54B553F71D:F69F2445DF4F9B17AD2B417BE66C3710:6D9F200857CA6C3E9CAC524BD9ACC92A:1 +# OFB-AES192.Decrypt +AES-192-OFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:CDC80D6FDDF18CAB34C25909C99A4174:0 +AES-192-OFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:A609B38DF3B1133DDDFF2718BA09565E:AE2D8A571E03AC9C9EB76FAC45AF8E51:FCC28B8D4C63837C09E81700C1100401:0 +AES-192-OFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:52EF01DA52602FE0975F78AC84BF8A50:30C81C46A35CE411E5FBC1191A0A52EF:8D9A9AEAC0F6596F559C6D4DAF59A5F2:0 +AES-192-OFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:BD5286AC63AABD7EB067AC54B553F71D:F69F2445DF4F9B17AD2B417BE66C3710:6D9F200857CA6C3E9CAC524BD9ACC92A:0 +# OFB-AES256.Encrypt +AES-256-OFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:DC7E84BFDA79164B7ECD8486985D3860:1 +AES-256-OFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:B7BF3A5DF43989DD97F0FA97EBCE2F4A:AE2D8A571E03AC9C9EB76FAC45AF8E51:4FEBDC6740D20B3AC88F6AD82A4FB08D:1 +AES-256-OFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:E1C656305ED1A7A6563805746FE03EDC:30C81C46A35CE411E5FBC1191A0A52EF:71AB47A086E86EEDF39D1C5BBA97C408:1 +AES-256-OFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:41635BE625B48AFC1666DD42A09D96E7:F69F2445DF4F9B17AD2B417BE66C3710:0126141D67F37BE8538F5A8BE740E484:1 +# OFB-AES256.Decrypt +AES-256-OFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:DC7E84BFDA79164B7ECD8486985D3860:0 +AES-256-OFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:B7BF3A5DF43989DD97F0FA97EBCE2F4A:AE2D8A571E03AC9C9EB76FAC45AF8E51:4FEBDC6740D20B3AC88F6AD82A4FB08D:0 +AES-256-OFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:E1C656305ED1A7A6563805746FE03EDC:30C81C46A35CE411E5FBC1191A0A52EF:71AB47A086E86EEDF39D1C5BBA97C408:0 +AES-256-OFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:41635BE625B48AFC1666DD42A09D96E7:F69F2445DF4F9B17AD2B417BE66C3710:0126141D67F37BE8538F5A8BE740E484:0 # DES ECB tests (from destest) diff --git a/src/lib/libcrypto/evp/m_md2.c b/src/lib/libcrypto/evp/m_md2.c index 2209416142..50914c83b3 100644 --- a/src/lib/libcrypto/evp/m_md2.c +++ b/src/lib/libcrypto/evp/m_md2.c @@ -56,27 +56,41 @@ * [including the GNU Public Licence.] */ +#ifndef OPENSSL_NO_MD2 #include #include "cryptlib.h" -#include "evp.h" -#include "objects.h" -#include "x509.h" +#include +#include +#include +#include -static EVP_MD md2_md= +static int init(EVP_MD_CTX *ctx) + { return MD2_Init(ctx->md_data); } + +static int update(EVP_MD_CTX *ctx,const void *data,unsigned long count) + { return MD2_Update(ctx->md_data,data,count); } + +static int final(EVP_MD_CTX *ctx,unsigned char *md) + { return MD2_Final(md,ctx->md_data); } + +static const EVP_MD md2_md= { NID_md2, NID_md2WithRSAEncryption, MD2_DIGEST_LENGTH, - MD2_Init, - MD2_Update, - MD2_Final, + 0, + init, + update, + final, + NULL, + NULL, EVP_PKEY_RSA_method, MD2_BLOCK, sizeof(EVP_MD *)+sizeof(MD2_CTX), }; -EVP_MD *EVP_md2() +const EVP_MD *EVP_md2(void) { return(&md2_md); } - +#endif diff --git a/src/lib/libcrypto/evp/m_mdc2.c b/src/lib/libcrypto/evp/m_mdc2.c index 64a853eb7f..9f6467c931 100644 --- a/src/lib/libcrypto/evp/m_mdc2.c +++ b/src/lib/libcrypto/evp/m_mdc2.c @@ -56,26 +56,41 @@ * [including the GNU Public Licence.] */ +#ifndef OPENSSL_NO_MDC2 #include #include "cryptlib.h" -#include "evp.h" -#include "objects.h" -#include "x509.h" +#include +#include +#include +#include -static EVP_MD mdc2_md= +static int init(EVP_MD_CTX *ctx) + { return MDC2_Init(ctx->md_data); } + +static int update(EVP_MD_CTX *ctx,const void *data,unsigned long count) + { return MDC2_Update(ctx->md_data,data,count); } + +static int final(EVP_MD_CTX *ctx,unsigned char *md) + { return MDC2_Final(md,ctx->md_data); } + +static const EVP_MD mdc2_md= { NID_mdc2, NID_mdc2WithRSA, MDC2_DIGEST_LENGTH, - MDC2_Init, - MDC2_Update, - MDC2_Final, + 0, + init, + update, + final, + NULL, + NULL, EVP_PKEY_RSA_ASN1_OCTET_STRING_method, MDC2_BLOCK, sizeof(EVP_MD *)+sizeof(MDC2_CTX), }; -EVP_MD *EVP_mdc2() +const EVP_MD *EVP_mdc2(void) { return(&mdc2_md); } +#endif diff --git a/src/lib/libcrypto/evp/m_sha.c b/src/lib/libcrypto/evp/m_sha.c index af4e434a22..10697c7ed3 100644 --- a/src/lib/libcrypto/evp/m_sha.c +++ b/src/lib/libcrypto/evp/m_sha.c @@ -56,27 +56,40 @@ * [including the GNU Public Licence.] */ +#ifndef OPENSSL_NO_SHA #include #include "cryptlib.h" -#include "evp.h" -#include "objects.h" -#include "x509.h" +#include +#include +#include -static EVP_MD sha_md= +static int init(EVP_MD_CTX *ctx) + { return SHA_Init(ctx->md_data); } + +static int update(EVP_MD_CTX *ctx,const void *data,unsigned long count) + { return SHA_Update(ctx->md_data,data,count); } + +static int final(EVP_MD_CTX *ctx,unsigned char *md) + { return SHA_Final(md,ctx->md_data); } + +static const EVP_MD sha_md= { NID_sha, NID_shaWithRSAEncryption, SHA_DIGEST_LENGTH, - SHA_Init, - SHA_Update, - SHA_Final, + 0, + init, + update, + final, + NULL, + NULL, EVP_PKEY_RSA_method, SHA_CBLOCK, sizeof(EVP_MD *)+sizeof(SHA_CTX), }; -EVP_MD *EVP_sha() +const EVP_MD *EVP_sha(void) { return(&sha_md); } - +#endif diff --git a/src/lib/libcrypto/hmac/hmactest.c b/src/lib/libcrypto/hmac/hmactest.c index 5938e375dc..96d3beb8e6 100644 --- a/src/lib/libcrypto/hmac/hmactest.c +++ b/src/lib/libcrypto/hmac/hmactest.c @@ -59,9 +59,22 @@ #include #include #include -#include "hmac.h" -struct test_st +#ifdef OPENSSL_NO_HMAC +int main(int argc, char *argv[]) +{ + printf("No HMAC support\n"); + return(0); +} +#else +#include +#include + +#ifdef CHARSET_EBCDIC +#include +#endif + +static struct test_st { unsigned char key[16]; int key_len; @@ -102,19 +115,19 @@ struct test_st }; -#ifndef NOPROTO static char *pt(unsigned char *md); -#else -static char *pt(); -#endif - -int main(argc,argv) -int argc; -char *argv[]; +int main(int argc, char *argv[]) { int i,err=0; char *p; +#ifdef CHARSET_EBCDIC + ebcdic2ascii(test[0].data, test[0].data, test[0].data_len); + ebcdic2ascii(test[1].data, test[1].data, test[1].data_len); + ebcdic2ascii(test[2].key, test[2].key, test[2].key_len); + ebcdic2ascii(test[2].data, test[2].data, test[2].data_len); +#endif + for (i=0; i<4; i++) { p=pt(HMAC(EVP_md5(), @@ -135,8 +148,7 @@ char *argv[]; return(0); } -static char *pt(md) -unsigned char *md; +static char *pt(unsigned char *md) { int i; static char buf[80]; @@ -145,3 +157,4 @@ unsigned char *md; sprintf(&(buf[i*2]),"%02x",md[i]); return(buf); } +#endif diff --git a/src/lib/libcrypto/install.com b/src/lib/libcrypto/install.com index b75d1b44b2..b3d155e964 100644 --- a/src/lib/libcrypto/install.com +++ b/src/lib/libcrypto/install.com @@ -32,20 +32,22 @@ $ IF F$PARSE("WRK_SSLALIB:") .EQS. "" THEN - $ IF F$PARSE("WRK_SSLINCLUDE:") .EQS. "" THEN - CREATE/DIR/LOG WRK_SSLINCLUDE: $ -$ SDIRS := ,MD2,MD5,SHA,MDC2,HMAC,RIPEMD,- +$ SDIRS := ,MD2,MD4,MD5,SHA,MDC2,HMAC,RIPEMD,- DES,RC2,RC4,RC5,IDEA,BF,CAST,- - BN,RSA,DSA,DH,- + BN,EC,RSA,DSA,DH,DSO,ENGINE,AES,- BUFFER,BIO,STACK,LHASH,RAND,ERR,OBJECTS,- - EVP,ASN1,PEM,X509,X509V3,- - CONF,TXT_DB,PKCS7,PKCS12,COMP -$ EXHEADER_ := crypto.h,tmdiff.h,opensslv.h,opensslconf.h,ebcdic.h + EVP,ASN1,PEM,X509,X509V3,CONF,TXT_DB,PKCS7,PKCS12,COMP,OCSP,- + UI,KRB5 +$ EXHEADER_ := crypto.h,tmdiff.h,opensslv.h,opensslconf.h,ebcdic.h,- + symhacks.h,ossl_typ.h $ EXHEADER_MD2 := md2.h +$ EXHEADER_MD4 := md4.h $ EXHEADER_MD5 := md5.h $ EXHEADER_SHA := sha.h $ EXHEADER_MDC2 := mdc2.h $ EXHEADER_HMAC := hmac.h $ EXHEADER_RIPEMD := ripemd.h -$ EXHEADER_DES := des.h +$ EXHEADER_DES := des.h,des_old.h $ EXHEADER_RC2 := rc2.h $ EXHEADER_RC4 := rc4.h $ EXHEADER_RC5 := rc5.h @@ -53,26 +55,33 @@ $ EXHEADER_IDEA := idea.h $ EXHEADER_BF := blowfish.h $ EXHEADER_CAST := cast.h $ EXHEADER_BN := bn.h +$ EXHEADER_EC := ec.h $ EXHEADER_RSA := rsa.h $ EXHEADER_DSA := dsa.h $ EXHEADER_DH := dh.h +$ EXHEADER_DSO := dso.h +$ EXHEADER_ENGINE := engine.h +$ EXHEADER_AES := aes.h $ EXHEADER_BUFFER := buffer.h $ EXHEADER_BIO := bio.h $ EXHEADER_STACK := stack.h,safestack.h $ EXHEADER_LHASH := lhash.h $ EXHEADER_RAND := rand.h $ EXHEADER_ERR := err.h -$ EXHEADER_OBJECTS := objects.h +$ EXHEADER_OBJECTS := objects.h,obj_mac.h $ EXHEADER_EVP := evp.h -$ EXHEADER_ASN1 := asn1.h,asn1_mac.h +$ EXHEADER_ASN1 := asn1.h,asn1_mac.h,asn1t.h $ EXHEADER_PEM := pem.h,pem2.h $ EXHEADER_X509 := x509.h,x509_vfy.h $ EXHEADER_X509V3 := x509v3.h -$ EXHEADER_CONF := conf.h +$ EXHEADER_CONF := conf.h,conf_api.h $ EXHEADER_TXT_DB := txt_db.h $ EXHEADER_PKCS7 := pkcs7.h $ EXHEADER_PKCS12 := pkcs12.h $ EXHEADER_COMP := comp.h +$ EXHEADER_OCSP := ocsp.h +$ EXHEADER_UI := ui.h,ui_compat.h +$ EXHEADER_KRB5 := krb5_asn.h $ LIBS := LIBCRYPTO $ $ VEXE_DIR := [-.VAX.EXE.CRYPTO] @@ -90,6 +99,7 @@ $ COPY 'tmp' WRK_SSLINCLUDE: /LOG $ ELSE $ COPY [.'D']'tmp' WRK_SSLINCLUDE: /LOG $ ENDIF +$ SET FILE/PROT=WORLD:RE WRK_SSLINCLUDE:'tmp' $ GOTO LOOP_SDIRS $ LOOP_SDIRS_END: $ diff --git a/src/lib/libcrypto/lhash/lh_test.c b/src/lib/libcrypto/lhash/lh_test.c index 294b42bc82..85700c859b 100644 --- a/src/lib/libcrypto/lhash/lh_test.c +++ b/src/lib/libcrypto/lhash/lh_test.c @@ -59,7 +59,7 @@ #include #include #include -#include "lhash.h" +#include main() { @@ -75,9 +75,8 @@ main() buf[0]='\0'; fgets(buf,256,stdin); if (buf[0] == '\0') break; - buf[256]='\0'; i=strlen(buf); - p=Malloc(i+1); + p=OPENSSL_malloc(i+1); memcpy(p,buf,i+1); lh_insert(conf,p); } diff --git a/src/lib/libcrypto/lhash/num.pl b/src/lib/libcrypto/lhash/num.pl index 4d937c1f90..30fedf9cd5 100644 --- a/src/lib/libcrypto/lhash/num.pl +++ b/src/lib/libcrypto/lhash/num.pl @@ -1,4 +1,4 @@ -#!/usr/bin/perl +#!/usr/local/bin/perl #node 10 -> 4 diff --git a/src/lib/libcrypto/md2/md2.c b/src/lib/libcrypto/md2/md2.c index 7f3ab64a43..f4d6f62264 100644 --- a/src/lib/libcrypto/md2/md2.c +++ b/src/lib/libcrypto/md2/md2.c @@ -58,25 +58,15 @@ #include #include -#include "md2.h" +#include #define BUFSIZE 1024*16 -#ifndef NOPROTO void do_fp(FILE *f); void pt(unsigned char *md); int read(int, void *, unsigned int); void exit(int); -#else -void do_fp(); -void pt(); -int read(); -void exit(); -#endif - -int main(argc, argv) -int argc; -char *argv[]; +int main(int argc, char *argv[]) { int i,err=0; FILE *IN; @@ -105,8 +95,7 @@ char *argv[]; return(err); } -void do_fp(f) -FILE *f; +void do_fp(FILE *f) { MD2_CTX c; unsigned char md[MD2_DIGEST_LENGTH]; @@ -125,8 +114,7 @@ FILE *f; pt(md); } -void pt(md) -unsigned char *md; +void pt(unsigned char *md) { int i; diff --git a/src/lib/libcrypto/md2/md2.h b/src/lib/libcrypto/md2/md2.h index 0d3592506c..ad9241455c 100644 --- a/src/lib/libcrypto/md2/md2.h +++ b/src/lib/libcrypto/md2/md2.h @@ -59,11 +59,7 @@ #ifndef HEADER_MD2_H #define HEADER_MD2_H -#ifdef __cplusplus -extern "C" { -#endif - -#ifdef NO_MD2 +#ifdef OPENSSL_NO_MD2 #error MD2 is disabled. #endif @@ -71,6 +67,10 @@ extern "C" { #define MD2_BLOCK 16 #include /* MD2_INT */ +#ifdef __cplusplus +extern "C" { +#endif + typedef struct MD2state_st { int num; @@ -80,10 +80,10 @@ typedef struct MD2state_st } MD2_CTX; const char *MD2_options(void); -void MD2_Init(MD2_CTX *c); -void MD2_Update(MD2_CTX *c, register unsigned char *data, unsigned long len); -void MD2_Final(unsigned char *md, MD2_CTX *c); -unsigned char *MD2(unsigned char *d, unsigned long n,unsigned char *md); +int MD2_Init(MD2_CTX *c); +int MD2_Update(MD2_CTX *c, const unsigned char *data, unsigned long len); +int MD2_Final(unsigned char *md, MD2_CTX *c); +unsigned char *MD2(const unsigned char *d, unsigned long n,unsigned char *md); #ifdef __cplusplus } #endif diff --git a/src/lib/libcrypto/md2/md2_dgst.c b/src/lib/libcrypto/md2/md2_dgst.c index 5cbd36f3fe..e25dd00e02 100644 --- a/src/lib/libcrypto/md2/md2_dgst.c +++ b/src/lib/libcrypto/md2/md2_dgst.c @@ -59,23 +59,19 @@ #include #include #include -#include "md2.h" +#include +#include -char *MD2_version="MD2 part of SSLeay 0.9.0b 29-Jun-1998"; +const char *MD2_version="MD2" OPENSSL_VERSION_PTEXT; /* Implemented from RFC1319 The MD2 Message-Digest Algorithm */ #define UCHAR unsigned char -#ifndef NOPROTO -static void md2_block(MD2_CTX *c, unsigned char *d); -#else -static void md2_block(); -#endif - +static void md2_block(MD2_CTX *c, const unsigned char *d); /* The magic S table - I have converted it to hex since it is - * basicaly just a random byte string. */ + * basically just a random byte string. */ static MD2_INT S[256]={ 0x29, 0x2E, 0x43, 0xC9, 0xA2, 0xD8, 0x7C, 0x01, 0x3D, 0x36, 0x54, 0xA1, 0xEC, 0xF0, 0x06, 0x13, @@ -111,7 +107,7 @@ static MD2_INT S[256]={ 0xDB, 0x99, 0x8D, 0x33, 0x9F, 0x11, 0x83, 0x14, }; -char *MD2_options() +const char *MD2_options(void) { if (sizeof(MD2_INT) == 1) return("md2(char)"); @@ -119,23 +115,20 @@ char *MD2_options() return("md2(int)"); } -void MD2_Init(c) -MD2_CTX *c; +int MD2_Init(MD2_CTX *c) { c->num=0; memset(c->state,0,MD2_BLOCK*sizeof(MD2_INT)); memset(c->cksm,0,MD2_BLOCK*sizeof(MD2_INT)); memset(c->data,0,MD2_BLOCK); + return 1; } -void MD2_Update(c, data, len) -MD2_CTX *c; -register unsigned char *data; -unsigned long len; +int MD2_Update(MD2_CTX *c, const unsigned char *data, unsigned long len) { register UCHAR *p; - if (len == 0) return; + if (len == 0) return 1; p=c->data; if (c->num != 0) @@ -154,7 +147,7 @@ unsigned long len; memcpy(&(p[c->num]),data,(int)len); /* data+=len; */ c->num+=(int)len; - return; + return 1; } } /* we now can process the input data in blocks of MD2_BLOCK @@ -167,11 +160,10 @@ unsigned long len; } memcpy(p,data,(int)len); c->num=(int)len; + return 1; } -static void md2_block(c, d) -MD2_CTX *c; -unsigned char *d; +static void md2_block(MD2_CTX *c, const unsigned char *d) { register MD2_INT t,*sp1,*sp2; register int i,j; @@ -207,9 +199,7 @@ unsigned char *d; memset(state,0,48*sizeof(MD2_INT)); } -void MD2_Final(md, c) -unsigned char *md; -MD2_CTX *c; +int MD2_Final(unsigned char *md, MD2_CTX *c) { int i,v; register UCHAR *cp; @@ -231,5 +221,6 @@ MD2_CTX *c; for (i=0; i<16; i++) md[i]=(UCHAR)(p1[i]&0xff); memset((char *)&c,0,sizeof(c)); + return 1; } diff --git a/src/lib/libcrypto/md2/md2_one.c b/src/lib/libcrypto/md2/md2_one.c index 513bf62fdb..b12c37ce4d 100644 --- a/src/lib/libcrypto/md2/md2_one.c +++ b/src/lib/libcrypto/md2/md2_one.c @@ -58,22 +58,35 @@ #include #include "cryptlib.h" -#include "md2.h" +#include /* This is a separate file so that #defines in cryptlib.h can * map my MD functions to different names */ -unsigned char *MD2(d, n, md) -unsigned char *d; -unsigned long n; -unsigned char *md; +unsigned char *MD2(const unsigned char *d, unsigned long n, unsigned char *md) { MD2_CTX c; static unsigned char m[MD2_DIGEST_LENGTH]; if (md == NULL) md=m; MD2_Init(&c); +#ifndef CHARSET_EBCDIC MD2_Update(&c,d,n); +#else + { + char temp[1024]; + unsigned long chunk; + + while (n > 0) + { + chunk = (n > sizeof(temp)) ? sizeof(temp) : n; + ebcdic2ascii(temp, d, chunk); + MD2_Update(&c,temp,chunk); + n -= chunk; + d += chunk; + } + } +#endif MD2_Final(md,&c); memset(&c,0,sizeof(c)); /* Security consideration */ return(md); diff --git a/src/lib/libcrypto/md2/md2test.c b/src/lib/libcrypto/md2/md2test.c index 55924d44cd..7d3664faf5 100644 --- a/src/lib/libcrypto/md2/md2test.c +++ b/src/lib/libcrypto/md2/md2test.c @@ -59,9 +59,22 @@ #include #include #include -#include "md2.h" +#include -char *test[]={ +#ifdef OPENSSL_NO_MD2 +int main(int argc, char *argv[]) +{ + printf("No MD2 support\n"); + return(0); +} +#else +#include + +#ifdef CHARSET_EBCDIC +#include +#endif + +static char *test[]={ "", "a", "abc", @@ -72,7 +85,7 @@ char *test[]={ NULL, }; -char *ret[]={ +static char *ret[]={ "8350e5a3e24c153df2275c9f80692773", "32ec01ec4a6dac72c0ab96fb34c0b5d1", "da853b0d3f88d99b30283a69e6ded6bb", @@ -82,26 +95,21 @@ char *ret[]={ "d5976f79d83d3a0dc9806c3c66f3efd8", }; -#ifndef NOPROTO static char *pt(unsigned char *md); -#else -static char *pt(); -#endif - -int main(argc,argv) -int argc; -char *argv[]; +int main(int argc, char *argv[]) { int i,err=0; char **P,**R; char *p; + unsigned char md[MD2_DIGEST_LENGTH]; P=test; R=ret; i=1; while (*P != NULL) { - p=pt(MD2((unsigned char *)*P,(unsigned long)strlen(*P),NULL)); + EVP_Digest((unsigned char *)*P,(unsigned long)strlen(*P),md,NULL,EVP_md2(), NULL); + p=pt(md); if (strcmp(p,*R) != 0) { printf("error calculating MD2 on '%s'\n",*P); @@ -118,8 +126,7 @@ char *argv[]; return(0); } -static char *pt(md) -unsigned char *md; +static char *pt(unsigned char *md) { int i; static char buf[80]; @@ -128,3 +135,4 @@ unsigned char *md; sprintf(&(buf[i*2]),"%02x",md[i]); return(buf); } +#endif diff --git a/src/lib/libcrypto/md4/md4test.c b/src/lib/libcrypto/md4/md4test.c index 97e6e21efd..e0fdc42282 100644 --- a/src/lib/libcrypto/md4/md4test.c +++ b/src/lib/libcrypto/md4/md4test.c @@ -60,13 +60,14 @@ #include #include -#ifdef NO_MD4 +#ifdef OPENSSL_NO_MD4 int main(int argc, char *argv[]) { printf("No MD4 support\n"); return(0); } #else +#include #include static char *test[]={ @@ -96,13 +97,15 @@ int main(int argc, char *argv[]) int i,err=0; unsigned char **P,**R; char *p; + unsigned char md[MD4_DIGEST_LENGTH]; P=(unsigned char **)test; R=(unsigned char **)ret; i=1; while (*P != NULL) { - p=pt(MD4(&(P[0][0]),(unsigned long)strlen((char *)*P),NULL)); + EVP_Digest(&(P[0][0]),(unsigned long)strlen((char *)*P),md,NULL,EVP_md4(), NULL); + p=pt(md); if (strcmp(p,(char *)*R) != 0) { printf("error calculating MD4 on '%s'\n",*P); diff --git a/src/lib/libcrypto/md5/asm/md5-sparcv9.S b/src/lib/libcrypto/md5/asm/md5-sparcv9.S index ca4257f134..a599ed5660 100644 --- a/src/lib/libcrypto/md5/asm/md5-sparcv9.S +++ b/src/lib/libcrypto/md5/asm/md5-sparcv9.S @@ -24,12 +24,12 @@ * * To compile with SC4.x/SC5.x: * - * cc -xarch=v[9|8plus] -DULTRASPARC -DMD5_BLOCK_DATA_ORDER \ + * cc -xarch=v[9|8plus] -DOPENSSL_SYSNAME_ULTRASPARC -DMD5_BLOCK_DATA_ORDER \ * -c md5-sparcv9.S * * and with gcc: * - * gcc -mcpu=ultrasparc -DULTRASPARC -DMD5_BLOCK_DATA_ORDER \ + * gcc -mcpu=ultrasparc -DOPENSSL_SYSNAME_ULTRASPARC -DMD5_BLOCK_DATA_ORDER \ * -c md5-sparcv9.S * * or if above fails (it does if you have gas): @@ -72,7 +72,7 @@ #define Dval R8 #if defined(MD5_BLOCK_DATA_ORDER) -# if defined(ULTRASPARC) +# if defined(OPENSSL_SYSNAME_ULTRASPARC) # define LOAD lda # define X(i) [%i1+i*4]%asi # define md5_block md5_block_asm_data_order_aligned @@ -1012,7 +1012,7 @@ md5_block: st B,[Bptr] nop != -#ifdef ULTRASPARC +#ifdef OPENSSL_SYSNAME_ULTRASPARC bg,a,pt %icc,.Lmd5_block_loop #else bg,a .Lmd5_block_loop diff --git a/src/lib/libcrypto/md5/md5.c b/src/lib/libcrypto/md5/md5.c index 9d6f5a6003..7ed0024ae1 100644 --- a/src/lib/libcrypto/md5/md5.c +++ b/src/lib/libcrypto/md5/md5.c @@ -58,23 +58,17 @@ #include #include -#include "md5.h" +#include #define BUFSIZE 1024*16 -#ifndef NOPROTO void do_fp(FILE *f); void pt(unsigned char *md); +#ifndef _OSD_POSIX int read(int, void *, unsigned int); -#else -void do_fp(); -void pt(); -int read(); #endif -int main(argc, argv) -int argc; -char **argv; +int main(int argc, char **argv) { int i,err=0; FILE *IN; @@ -102,8 +96,7 @@ char **argv; exit(err); } -void do_fp(f) -FILE *f; +void do_fp(FILE *f) { MD5_CTX c; unsigned char md[MD5_DIGEST_LENGTH]; @@ -123,8 +116,7 @@ FILE *f; pt(md); } -void pt(md) -unsigned char *md; +void pt(unsigned char *md) { int i; diff --git a/src/lib/libcrypto/md5/md5s.cpp b/src/lib/libcrypto/md5/md5s.cpp index ef8e175df0..dd343fd4e6 100644 --- a/src/lib/libcrypto/md5/md5s.cpp +++ b/src/lib/libcrypto/md5/md5s.cpp @@ -32,7 +32,7 @@ void GetTSC(unsigned long& tsc) #include #include -#include "md5.h" +#include extern "C" { void md5_block_x86(MD5_CTX *ctx, unsigned char *buffer,int num); diff --git a/src/lib/libcrypto/md5/md5test.c b/src/lib/libcrypto/md5/md5test.c index 74b84bc67f..862b89658a 100644 --- a/src/lib/libcrypto/md5/md5test.c +++ b/src/lib/libcrypto/md5/md5test.c @@ -59,9 +59,18 @@ #include #include #include -#include "md5.h" -char *test[]={ +#ifdef OPENSSL_NO_MD5 +int main(int argc, char *argv[]) +{ + printf("No MD5 support\n"); + return(0); +} +#else +#include +#include + +static char *test[]={ "", "a", "abc", @@ -72,7 +81,7 @@ char *test[]={ NULL, }; -char *ret[]={ +static char *ret[]={ "d41d8cd98f00b204e9800998ecf8427e", "0cc175b9c0f1b6a831c399e269772661", "900150983cd24fb0d6963f7d28e17f72", @@ -82,26 +91,21 @@ char *ret[]={ "57edf4a22be3c955ac49da2e2107b67a", }; -#ifndef NOPROTO static char *pt(unsigned char *md); -#else -static char *pt(); -#endif - -int main(argc,argv) -int argc; -char *argv[]; +int main(int argc, char *argv[]) { int i,err=0; unsigned char **P,**R; char *p; + unsigned char md[MD5_DIGEST_LENGTH]; P=(unsigned char **)test; R=(unsigned char **)ret; i=1; while (*P != NULL) { - p=pt(MD5(&(P[0][0]),(unsigned long)strlen((char *)*P),NULL)); + EVP_Digest(&(P[0][0]),(unsigned long)strlen((char *)*P),md,NULL,EVP_md5(), NULL); + p=pt(md); if (strcmp(p,(char *)*R) != 0) { printf("error calculating MD5 on '%s'\n",*P); @@ -118,8 +122,7 @@ char *argv[]; return(0); } -static char *pt(md) -unsigned char *md; +static char *pt(unsigned char *md) { int i; static char buf[80]; @@ -128,3 +131,4 @@ unsigned char *md; sprintf(&(buf[i*2]),"%02x",md[i]); return(buf); } +#endif diff --git a/src/lib/libcrypto/mdc2/mdc2.h b/src/lib/libcrypto/mdc2/mdc2.h index 0b104be184..793a8a0f13 100644 --- a/src/lib/libcrypto/mdc2/mdc2.h +++ b/src/lib/libcrypto/mdc2/mdc2.h @@ -59,11 +59,15 @@ #ifndef HEADER_MDC2_H #define HEADER_MDC2_H +#include + #ifdef __cplusplus extern "C" { #endif -#include "des.h" +#ifdef OPENSSL_NO_MDC2 +#error MDC2 is disabled. +#endif #define MDC2_BLOCK 8 #define MDC2_DIGEST_LENGTH 16 @@ -72,25 +76,16 @@ typedef struct mdc2_ctx_st { int num; unsigned char data[MDC2_BLOCK]; - des_cblock h,hh; + DES_cblock h,hh; int pad_type; /* either 1 or 2, default 1 */ } MDC2_CTX; -#ifndef NOPROTO - -void MDC2_Init(MDC2_CTX *c); -void MDC2_Update(MDC2_CTX *c, unsigned char *data, unsigned long len); -void MDC2_Final(unsigned char *md, MDC2_CTX *c); -unsigned char *MDC2(unsigned char *d, unsigned long n, unsigned char *md); -#else - -void MDC2_Init(); -void MDC2_Update(); -void MDC2_Final(); -unsigned char *MDC2(); - -#endif +int MDC2_Init(MDC2_CTX *c); +int MDC2_Update(MDC2_CTX *c, const unsigned char *data, unsigned long len); +int MDC2_Final(unsigned char *md, MDC2_CTX *c); +unsigned char *MDC2(const unsigned char *d, unsigned long n, + unsigned char *md); #ifdef __cplusplus } diff --git a/src/lib/libcrypto/mem.c b/src/lib/libcrypto/mem.c index 72e501ad0f..effec714e8 100644 --- a/src/lib/libcrypto/mem.c +++ b/src/lib/libcrypto/mem.c @@ -58,296 +58,292 @@ #include #include -#include "buffer.h" -#include "bio.h" -#include "lhash.h" +#include #include "cryptlib.h" -static int mh_mode=CRYPTO_MEM_CHECK_OFF; -static unsigned long order=0; -static LHASH *mh=NULL; +static int allow_customize = 1; /* we provide flexible functions for */ +static int allow_customize_debug = 1;/* exchanging memory-related functions at + * run-time, but this must be done + * before any blocks are actually + * allocated; or we'll run into huge + * problems when malloc/free pairs + * don't match etc. */ + + + +/* the following pointers may be changed as long as 'allow_customize' is set */ + +static void *(*malloc_func)(size_t) = malloc; +static void *default_malloc_ex(size_t num, const char *file, int line) + { return malloc_func(num); } +static void *(*malloc_ex_func)(size_t, const char *file, int line) + = default_malloc_ex; + +static void *(*realloc_func)(void *, size_t)= realloc; +static void *default_realloc_ex(void *str, size_t num, + const char *file, int line) + { return realloc_func(str,num); } +static void *(*realloc_ex_func)(void *, size_t, const char *file, int line) + = default_realloc_ex; + +static void (*free_func)(void *) = free; + +static void *(*malloc_locked_func)(size_t) = malloc; +static void *default_malloc_locked_ex(size_t num, const char *file, int line) + { return malloc_locked_func(num); } +static void *(*malloc_locked_ex_func)(size_t, const char *file, int line) + = default_malloc_locked_ex; + +static void (*free_locked_func)(void *) = free; + + + +/* may be changed as long as 'allow_customize_debug' is set */ +/* XXX use correct function pointer types */ +#ifdef CRYPTO_MDEBUG +/* use default functions from mem_dbg.c */ +static void (*malloc_debug_func)(void *,int,const char *,int,int) + = CRYPTO_dbg_malloc; +static void (*realloc_debug_func)(void *,void *,int,const char *,int,int) + = CRYPTO_dbg_realloc; +static void (*free_debug_func)(void *,int) = CRYPTO_dbg_free; +static void (*set_debug_options_func)(long) = CRYPTO_dbg_set_options; +static long (*get_debug_options_func)(void) = CRYPTO_dbg_get_options; +#else +/* applications can use CRYPTO_malloc_debug_init() to select above case + * at run-time */ +static void (*malloc_debug_func)(void *,int,const char *,int,int) = NULL; +static void (*realloc_debug_func)(void *,void *,int,const char *,int,int) + = NULL; +static void (*free_debug_func)(void *,int) = NULL; +static void (*set_debug_options_func)(long) = NULL; +static long (*get_debug_options_func)(void) = NULL; +#endif -typedef struct mem_st - { - char *addr; - int num; - char *file; - int line; - unsigned long order; - } MEM; - -int CRYPTO_mem_ctrl(mode) -int mode; - { - int ret=mh_mode; - CRYPTO_w_lock(CRYPTO_LOCK_MALLOC); - switch (mode) - { - case CRYPTO_MEM_CHECK_ON: - mh_mode|=CRYPTO_MEM_CHECK_ON; - break; - case CRYPTO_MEM_CHECK_OFF: - mh_mode&= ~CRYPTO_MEM_CHECK_ON; - break; - default: - break; - } - CRYPTO_w_unlock(CRYPTO_LOCK_MALLOC); - return(ret); +int CRYPTO_set_mem_functions(void *(*m)(size_t), void *(*r)(void *, size_t), + void (*f)(void *)) + { + if (!allow_customize) + return 0; + if ((m == 0) || (r == 0) || (f == 0)) + return 0; + malloc_func=m; malloc_ex_func=default_malloc_ex; + realloc_func=r; realloc_ex_func=default_realloc_ex; + free_func=f; + malloc_locked_func=m; malloc_locked_ex_func=default_malloc_locked_ex; + free_locked_func=f; + return 1; } -static int mem_cmp(a,b) -MEM *a,*b; +int CRYPTO_set_mem_ex_functions( + void *(*m)(size_t,const char *,int), + void *(*r)(void *, size_t,const char *,int), + void (*f)(void *)) { - return(a->addr - b->addr); + if (!allow_customize) + return 0; + if ((m == 0) || (r == 0) || (f == 0)) + return 0; + malloc_func=0; malloc_ex_func=m; + realloc_func=0; realloc_ex_func=r; + free_func=f; + malloc_locked_func=0; malloc_locked_ex_func=m; + free_locked_func=f; + return 1; } -static unsigned long mem_hash(a) -MEM *a; +int CRYPTO_set_locked_mem_functions(void *(*m)(size_t), void (*f)(void *)) { - unsigned long ret; + if (!allow_customize) + return 0; + if ((m == NULL) || (f == NULL)) + return 0; + malloc_locked_func=m; malloc_locked_ex_func=default_malloc_locked_ex; + free_locked_func=f; + return 1; + } - ret=(unsigned long)a->addr; +int CRYPTO_set_locked_mem_ex_functions( + void *(*m)(size_t,const char *,int), + void (*f)(void *)) + { + if (!allow_customize) + return 0; + if ((m == NULL) || (f == NULL)) + return 0; + malloc_locked_func=0; malloc_locked_ex_func=m; + free_func=f; + return 1; + } - ret=ret*17851+(ret>>14)*7+(ret>>4)*251; - return(ret); +int CRYPTO_set_mem_debug_functions(void (*m)(void *,int,const char *,int,int), + void (*r)(void *,void *,int,const char *,int,int), + void (*f)(void *,int), + void (*so)(long), + long (*go)(void)) + { + if (!allow_customize_debug) + return 0; + malloc_debug_func=m; + realloc_debug_func=r; + free_debug_func=f; + set_debug_options_func=so; + get_debug_options_func=go; + return 1; } -static char *(*malloc_func)()= (char *(*)())malloc; -static char *(*realloc_func)()= (char *(*)())realloc; -static void (*free_func)()= (void (*)())free; -void CRYPTO_set_mem_functions(m,r,f) -char *(*m)(); -char *(*r)(); -void (*f)(); +void CRYPTO_get_mem_functions(void *(**m)(size_t), void *(**r)(void *, size_t), + void (**f)(void *)) { - if ((m == NULL) || (r == NULL) || (f == NULL)) return; - malloc_func=m; - realloc_func=r; - free_func=f; + if (m != NULL) *m = (malloc_ex_func == default_malloc_ex) ? + malloc_func : 0; + if (r != NULL) *r = (realloc_ex_func == default_realloc_ex) ? + realloc_func : 0; + if (f != NULL) *f=free_func; } -void CRYPTO_get_mem_functions(m,r,f) -char *(**m)(); -char *(**r)(); -void (**f)(); +void CRYPTO_get_mem_ex_functions( + void *(**m)(size_t,const char *,int), + void *(**r)(void *, size_t,const char *,int), + void (**f)(void *)) { - if (m != NULL) *m=malloc_func; - if (r != NULL) *r=realloc_func; + if (m != NULL) *m = (malloc_ex_func != default_malloc_ex) ? + malloc_ex_func : 0; + if (r != NULL) *r = (realloc_ex_func != default_realloc_ex) ? + realloc_ex_func : 0; if (f != NULL) *f=free_func; } -char *CRYPTO_malloc(num) -int num; +void CRYPTO_get_locked_mem_functions(void *(**m)(size_t), void (**f)(void *)) { - return(malloc_func(num)); + if (m != NULL) *m = (malloc_locked_ex_func == default_malloc_locked_ex) ? + malloc_locked_func : 0; + if (f != NULL) *f=free_locked_func; } -char *CRYPTO_realloc(str,num) -char *str; -int num; +void CRYPTO_get_locked_mem_ex_functions( + void *(**m)(size_t,const char *,int), + void (**f)(void *)) { - return(realloc_func(str,num)); + if (m != NULL) *m = (malloc_locked_ex_func != default_malloc_locked_ex) ? + malloc_locked_ex_func : 0; + if (f != NULL) *f=free_locked_func; } -void CRYPTO_free(str) -char *str; +void CRYPTO_get_mem_debug_functions(void (**m)(void *,int,const char *,int,int), + void (**r)(void *,void *,int,const char *,int,int), + void (**f)(void *,int), + void (**so)(long), + long (**go)(void)) { - free_func(str); + if (m != NULL) *m=malloc_debug_func; + if (r != NULL) *r=realloc_debug_func; + if (f != NULL) *f=free_debug_func; + if (so != NULL) *so=set_debug_options_func; + if (go != NULL) *go=get_debug_options_func; } -char *CRYPTO_dbg_malloc(num,file,line) -int num; -char *file; -int line; - { - char *ret; - MEM *m,*mm; - if ((ret=malloc_func(num)) == NULL) - return(NULL); +void *CRYPTO_malloc_locked(int num, const char *file, int line) + { + void *ret = NULL; - if (mh_mode & CRYPTO_MEM_CHECK_ON) + allow_customize = 0; + if (malloc_debug_func != NULL) { - if ((m=(MEM *)malloc(sizeof(MEM))) == NULL) - { - free(ret); - return(NULL); - } - CRYPTO_w_lock(CRYPTO_LOCK_MALLOC); - if (mh == NULL) - { - if ((mh=lh_new(mem_hash,mem_cmp)) == NULL) - { - free(ret); - free(m); - return(NULL); - } - } - - m->addr=ret; - m->file=file; - m->line=line; - m->num=num; - m->order=order++; - if ((mm=(MEM *)lh_insert(mh,(char *)m)) != NULL) - { - /* Not good, but don't sweat it */ - free(mm); - } - CRYPTO_w_unlock(CRYPTO_LOCK_MALLOC); + allow_customize_debug = 0; + malloc_debug_func(NULL, num, file, line, 0); } - return(ret); + ret = malloc_locked_ex_func(num,file,line); +#ifdef LEVITTE_DEBUG_MEM + fprintf(stderr, "LEVITTE_DEBUG_MEM: > 0x%p (%d)\n", ret, num); +#endif + if (malloc_debug_func != NULL) + malloc_debug_func(ret, num, file, line, 1); + + return ret; } -void CRYPTO_dbg_free(addr) -char *addr; +void CRYPTO_free_locked(void *str) { - MEM m,*mp; - - if ((mh_mode & CRYPTO_MEM_CHECK_ON) && (mh != NULL)) - { - CRYPTO_w_lock(CRYPTO_LOCK_MALLOC); - m.addr=addr; - mp=(MEM *)lh_delete(mh,(char *)&m); - if (mp != NULL) - free(mp); - CRYPTO_w_unlock(CRYPTO_LOCK_MALLOC); - } - free_func(addr); + if (free_debug_func != NULL) + free_debug_func(str, 0); +#ifdef LEVITTE_DEBUG_MEM + fprintf(stderr, "LEVITTE_DEBUG_MEM: < 0x%p\n", str); +#endif + free_locked_func(str); + if (free_debug_func != NULL) + free_debug_func(NULL, 1); } -char *CRYPTO_dbg_realloc(addr,num,file,line) -char *addr; -int num; -char *file; -int line; +void *CRYPTO_malloc(int num, const char *file, int line) { - char *ret; - MEM m,*mp; - - ret=realloc_func(addr,num); - if (ret == addr) return(ret); + void *ret = NULL; - if (mh_mode & CRYPTO_MEM_CHECK_ON) + allow_customize = 0; + if (malloc_debug_func != NULL) { - if (ret == NULL) return(NULL); - m.addr=addr; - CRYPTO_w_lock(CRYPTO_LOCK_MALLOC); - mp=(MEM *)lh_delete(mh,(char *)&m); - if (mp != NULL) - { - mp->addr=ret; - lh_insert(mh,(char *)mp); - } - CRYPTO_w_unlock(CRYPTO_LOCK_MALLOC); + allow_customize_debug = 0; + malloc_debug_func(NULL, num, file, line, 0); } - return(ret); - } + ret = malloc_ex_func(num,file,line); +#ifdef LEVITTE_DEBUG_MEM + fprintf(stderr, "LEVITTE_DEBUG_MEM: > 0x%p (%d)\n", ret, num); +#endif + if (malloc_debug_func != NULL) + malloc_debug_func(ret, num, file, line, 1); -char *CRYPTO_remalloc(a,n) -char *a; -int n; - { - if (a != NULL) Free(a); - a=(char *)Malloc(n); - return(a); + return ret; } -char *CRYPTO_dbg_remalloc(a,n,file,line) -char *a; -int n; -char *file; -int line; +void *CRYPTO_realloc(void *str, int num, const char *file, int line) { - if (a != NULL) CRYPTO_dbg_free(a); - a=(char *)CRYPTO_dbg_malloc(n,file,line); - return(a); - } + void *ret = NULL; + if (realloc_debug_func != NULL) + realloc_debug_func(str, NULL, num, file, line, 0); + ret = realloc_ex_func(str,num,file,line); +#ifdef LEVITTE_DEBUG_MEM + fprintf(stderr, "LEVITTE_DEBUG_MEM: | 0x%p -> 0x%p (%d)\n", str, ret, num); +#endif + if (realloc_debug_func != NULL) + realloc_debug_func(str, ret, num, file, line, 1); -typedef struct mem_leak_st - { - BIO *bio; - int chunks; - long bytes; - } MEM_LEAK; - -static void print_leak(m,l) -MEM *m; -MEM_LEAK *l; - { - char buf[128]; - - sprintf(buf,"%5ld file=%s, line=%d, number=%d, address=%08lX\n", - m->order,m->file,m->line,m->num,(long)m->addr); - BIO_puts(l->bio,buf); - l->chunks++; - l->bytes+=m->num; + return ret; } -void CRYPTO_mem_leaks(b) -BIO *b; +void CRYPTO_free(void *str) { - MEM_LEAK ml; - char buf[80]; - - if (mh == NULL) return; - ml.bio=b; - ml.bytes=0; - ml.chunks=0; - CRYPTO_w_lock(CRYPTO_LOCK_MALLOC); - lh_doall_arg(mh,(void (*)())print_leak,(char *)&ml); - CRYPTO_w_unlock(CRYPTO_LOCK_MALLOC); - if (ml.chunks != 0) - { - sprintf(buf,"%ld bytes leaked in %d chunks\n", - ml.bytes,ml.chunks); - BIO_puts(b,buf); - } - /* - lh_stats_bio(mh,b); - lh_node_stats_bio(mh,b); - lh_node_usage_stats_bio(mh,b); - */ + if (free_debug_func != NULL) + free_debug_func(str, 0); +#ifdef LEVITTE_DEBUG_MEM + fprintf(stderr, "LEVITTE_DEBUG_MEM: < 0x%p\n", str); +#endif + free_func(str); + if (free_debug_func != NULL) + free_debug_func(NULL, 1); } -static void (*mem_cb)()=NULL; - -static void cb_leak(m,cb) -MEM *m; -char *cb; +void *CRYPTO_remalloc(void *a, int num, const char *file, int line) { - void (*mem_callback)()=(void (*)())cb; - mem_callback(m->order,m->file,m->line,m->num,m->addr); + if (a != NULL) OPENSSL_free(a); + a=(char *)OPENSSL_malloc(num); + return(a); } -void CRYPTO_mem_leaks_cb(cb) -void (*cb)(); + +void CRYPTO_set_mem_debug_options(long bits) { - if (mh == NULL) return; - CRYPTO_w_lock(CRYPTO_LOCK_MALLOC); - mem_cb=cb; - lh_doall_arg(mh,(void (*)())cb_leak,(char *)mem_cb); - mem_cb=NULL; - CRYPTO_w_unlock(CRYPTO_LOCK_MALLOC); + if (set_debug_options_func != NULL) + set_debug_options_func(bits); } -#ifndef NO_FP_API -void CRYPTO_mem_leaks_fp(fp) -FILE *fp; +long CRYPTO_get_mem_debug_options(void) { - BIO *b; - - if (mh == NULL) return; - if ((b=BIO_new(BIO_s_file())) == NULL) - return; - BIO_set_fp(b,fp,BIO_NOCLOSE); - CRYPTO_mem_leaks(b); - BIO_free(b); + if (get_debug_options_func != NULL) + return get_debug_options_func(); + return 0; } -#endif - diff --git a/src/lib/libcrypto/objects/obj_dat.h b/src/lib/libcrypto/objects/obj_dat.h index 48143ae3c7..39cfcda783 100644 --- a/src/lib/libcrypto/objects/obj_dat.h +++ b/src/lib/libcrypto/objects/obj_dat.h @@ -1,4 +1,10 @@ -/* lib/obj/obj_dat.h */ +/* crypto/objects/obj_dat.h */ + +/* THIS FILE IS GENERATED FROM objects.h by obj_dat.pl via the + * following command: + * perl obj_dat.pl obj_mac.h obj_dat.h + */ + /* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -56,284 +62,1294 @@ * [including the GNU Public Licence.] */ -/* THIS FILE IS GENERATED FROM Objects.h by obj_dat.pl via the - * following command: - * perl obj_dat.pl < objects.h > obj_dat.h - */ +#define NUM_NID 510 +#define NUM_SN 507 +#define NUM_LN 507 +#define NUM_OBJ 481 -#define NUM_NID 124 -#define NUM_SN 95 -#define NUM_LN 122 -#define NUM_OBJ 95 - -static unsigned char lvalues[600]={ -0x2A,0x86,0x48,0x86,0xF7,0x0D, /* [ 0] OBJ_rsadsi */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01, /* [ 6] OBJ_pkcs */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x02,0x02, /* [ 13] OBJ_md2 */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x02,0x05, /* [ 21] OBJ_md5 */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x03,0x04, /* [ 29] OBJ_rc4 */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x01,/* [ 37] OBJ_rsaEncryption */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x02,/* [ 46] OBJ_md2WithRSAEncryption */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x04,/* [ 55] OBJ_md5WithRSAEncryption */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x05,0x01,/* [ 64] OBJ_pbeWithMD2AndDES_CBC */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x05,0x03,/* [ 73] OBJ_pbeWithMD5AndDES_CBC */ -0x55, /* [ 82] OBJ_X500 */ -0x55,0x04, /* [ 83] OBJ_X509 */ -0x55,0x04,0x03, /* [ 85] OBJ_commonName */ -0x55,0x04,0x06, /* [ 88] OBJ_countryName */ -0x55,0x04,0x07, /* [ 91] OBJ_localityName */ -0x55,0x04,0x08, /* [ 94] OBJ_stateOrProvinceName */ -0x55,0x04,0x0A, /* [ 97] OBJ_organizationName */ -0x55,0x04,0x0B, /* [100] OBJ_organizationalUnitName */ -0x55,0x08,0x01,0x01, /* [103] OBJ_rsa */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x07, /* [107] OBJ_pkcs7 */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x07,0x01,/* [115] OBJ_pkcs7_data */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x07,0x02,/* [124] OBJ_pkcs7_signed */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x07,0x03,/* [133] OBJ_pkcs7_enveloped */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x07,0x04,/* [142] OBJ_pkcs7_signedAndEnveloped */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x07,0x05,/* [151] OBJ_pkcs7_digest */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x07,0x06,/* [160] OBJ_pkcs7_encrypted */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x03, /* [169] OBJ_pkcs3 */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x03,0x01,/* [177] OBJ_dhKeyAgreement */ -0x2B,0x0E,0x03,0x02,0x06, /* [186] OBJ_des_ecb */ -0x2B,0x0E,0x03,0x02,0x09, /* [191] OBJ_des_cfb64 */ -0x2B,0x0E,0x03,0x02,0x07, /* [196] OBJ_des_cbc */ -0x2B,0x0E,0x03,0x02,0x11, /* [201] OBJ_des_ede */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x03,0x02, /* [206] OBJ_rc2_cbc */ -0x2B,0x0E,0x03,0x02,0x12, /* [214] OBJ_sha */ -0x2B,0x0E,0x03,0x02,0x0F, /* [219] OBJ_shaWithRSAEncryption */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x03,0x07, /* [224] OBJ_des_ede3_cbc */ -0x2B,0x0E,0x03,0x02,0x08, /* [232] OBJ_des_ofb64 */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09, /* [237] OBJ_pkcs9 */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x01,/* [245] OBJ_pkcs9_emailAddress */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x02,/* [254] OBJ_pkcs9_unstructuredName */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x03,/* [263] OBJ_pkcs9_contentType */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x04,/* [272] OBJ_pkcs9_messageDigest */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x05,/* [281] OBJ_pkcs9_signingTime */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x06,/* [290] OBJ_pkcs9_countersignature */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x07,/* [299] OBJ_pkcs9_challengePassword */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x08,/* [308] OBJ_pkcs9_unstructuredAddress */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x09,/* [317] OBJ_pkcs9_extCertAttributes */ -0x60,0x86,0x48,0x01,0x86,0xF8,0x42, /* [326] OBJ_netscape */ -0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x01, /* [333] OBJ_netscape_cert_extension */ -0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x02, /* [341] OBJ_netscape_data_type */ -0x2B,0x0E,0x03,0x02,0x1A, /* [349] OBJ_sha1 */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x05,/* [354] OBJ_sha1WithRSAEncryption */ -0x2B,0x0E,0x03,0x02,0x0D, /* [363] OBJ_dsaWithSHA */ -0x2B,0x0E,0x03,0x02,0x0C, /* [368] OBJ_dsa_2 */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x05,0x0B,/* [373] OBJ_pbeWithSHA1AndRC2_CBC */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x05,0x0C,/* [382] OBJ_pbeWithSHA1AndRC4 */ -0x2B,0x0E,0x03,0x02,0x1B, /* [391] OBJ_dsaWithSHA1_2 */ -0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x01,0x01,/* [396] OBJ_netscape_cert_type */ -0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x01,0x02,/* [405] OBJ_netscape_base_url */ -0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x01,0x03,/* [414] OBJ_netscape_revocation_url */ -0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x01,0x04,/* [423] OBJ_netscape_ca_revocation_url */ -0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x01,0x07,/* [432] OBJ_netscape_renewal_url */ -0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x01,0x08,/* [441] OBJ_netscape_ca_policy_url */ -0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x01,0x0C,/* [450] OBJ_netscape_ssl_server_name */ -0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x01,0x0D,/* [459] OBJ_netscape_comment */ -0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x02,0x05,/* [468] OBJ_netscape_cert_sequence */ -0x55,0x1D, /* [477] OBJ_ld_ce */ -0x55,0x1D,0x0E, /* [479] OBJ_subject_key_identifier */ -0x55,0x1D,0x0F, /* [482] OBJ_key_usage */ -0x55,0x1D,0x10, /* [485] OBJ_private_key_usage_period */ -0x55,0x1D,0x11, /* [488] OBJ_subject_alt_name */ -0x55,0x1D,0x12, /* [491] OBJ_issuer_alt_name */ -0x55,0x1D,0x13, /* [494] OBJ_basic_constraints */ -0x55,0x1D,0x14, /* [497] OBJ_crl_number */ -0x55,0x1D,0x20, /* [500] OBJ_certificate_policies */ -0x55,0x1D,0x23, /* [503] OBJ_authority_key_identifier */ -0x55,0x08,0x03,0x65, /* [506] OBJ_mdc2 */ -0x55,0x08,0x03,0x64, /* [510] OBJ_mdc2WithRSA */ -0x55,0x04,0x2A, /* [514] OBJ_givenName */ -0x55,0x04,0x04, /* [517] OBJ_surname */ -0x55,0x04,0x2B, /* [520] OBJ_initials */ -0x55,0x04,0x2D, /* [523] OBJ_uniqueIdentifier */ -0x55,0x1D,0x1F, /* [526] OBJ_crl_distribution_points */ -0x2B,0x0E,0x03,0x02,0x03, /* [529] OBJ_md5WithRSA */ -0x55,0x04,0x05, /* [534] OBJ_serialNumber */ -0x55,0x04,0x0C, /* [537] OBJ_title */ -0x55,0x04,0x0D, /* [540] OBJ_description */ -0x2A,0x86,0x48,0x86,0xF6,0x7D,0x07,0x42,0x0A,/* [543] OBJ_cast5_cbc */ -0x2A,0x86,0x48,0x86,0xF6,0x7D,0x07,0x42,0x0C,/* [552] OBJ_pbeWithMD5AndCast5_CBC */ -0x2A,0x86,0x48,0xCE,0x38,0x04,0x03, /* [561] OBJ_dsaWithSHA1 */ -0x2B,0x0E,0x03,0x02,0x1D, /* [568] OBJ_sha1WithRSA */ -0x2A,0x86,0x48,0xCE,0x38,0x04,0x01, /* [573] OBJ_dsa */ -0x2B,0x24,0x03,0x02,0x01, /* [580] OBJ_ripemd160 */ -0x2B,0x24,0x03,0x03,0x01,0x02, /* [585] OBJ_ripemd160WithRSA */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x03,0x08, /* [591] OBJ_rc5_cbc */ +static unsigned char lvalues[3881]={ +0x00, /* [ 0] OBJ_undef */ +0x2A,0x86,0x48,0x86,0xF7,0x0D, /* [ 1] OBJ_rsadsi */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01, /* [ 7] OBJ_pkcs */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x02,0x02, /* [ 14] OBJ_md2 */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x02,0x05, /* [ 22] OBJ_md5 */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x03,0x04, /* [ 30] OBJ_rc4 */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x01,/* [ 38] OBJ_rsaEncryption */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x02,/* [ 47] OBJ_md2WithRSAEncryption */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x04,/* [ 56] OBJ_md5WithRSAEncryption */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x05,0x01,/* [ 65] OBJ_pbeWithMD2AndDES_CBC */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x05,0x03,/* [ 74] OBJ_pbeWithMD5AndDES_CBC */ +0x55, /* [ 83] OBJ_X500 */ +0x55,0x04, /* [ 84] OBJ_X509 */ +0x55,0x04,0x03, /* [ 86] OBJ_commonName */ +0x55,0x04,0x06, /* [ 89] OBJ_countryName */ +0x55,0x04,0x07, /* [ 92] OBJ_localityName */ +0x55,0x04,0x08, /* [ 95] OBJ_stateOrProvinceName */ +0x55,0x04,0x0A, /* [ 98] OBJ_organizationName */ +0x55,0x04,0x0B, /* [101] OBJ_organizationalUnitName */ +0x55,0x08,0x01,0x01, /* [104] OBJ_rsa */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x07, /* [108] OBJ_pkcs7 */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x07,0x01,/* [116] OBJ_pkcs7_data */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x07,0x02,/* [125] OBJ_pkcs7_signed */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x07,0x03,/* [134] OBJ_pkcs7_enveloped */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x07,0x04,/* [143] OBJ_pkcs7_signedAndEnveloped */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x07,0x05,/* [152] OBJ_pkcs7_digest */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x07,0x06,/* [161] OBJ_pkcs7_encrypted */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x03, /* [170] OBJ_pkcs3 */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x03,0x01,/* [178] OBJ_dhKeyAgreement */ +0x2B,0x0E,0x03,0x02,0x06, /* [187] OBJ_des_ecb */ +0x2B,0x0E,0x03,0x02,0x09, /* [192] OBJ_des_cfb64 */ +0x2B,0x0E,0x03,0x02,0x07, /* [197] OBJ_des_cbc */ +0x2B,0x0E,0x03,0x02,0x11, /* [202] OBJ_des_ede_ecb */ +0x2B,0x06,0x01,0x04,0x01,0x81,0x3C,0x07,0x01,0x01,0x02,/* [207] OBJ_idea_cbc */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x03,0x02, /* [218] OBJ_rc2_cbc */ +0x2B,0x0E,0x03,0x02,0x12, /* [226] OBJ_sha */ +0x2B,0x0E,0x03,0x02,0x0F, /* [231] OBJ_shaWithRSAEncryption */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x03,0x07, /* [236] OBJ_des_ede3_cbc */ +0x2B,0x0E,0x03,0x02,0x08, /* [244] OBJ_des_ofb64 */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09, /* [249] OBJ_pkcs9 */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x01,/* [257] OBJ_pkcs9_emailAddress */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x02,/* [266] OBJ_pkcs9_unstructuredName */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x03,/* [275] OBJ_pkcs9_contentType */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x04,/* [284] OBJ_pkcs9_messageDigest */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x05,/* [293] OBJ_pkcs9_signingTime */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x06,/* [302] OBJ_pkcs9_countersignature */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x07,/* [311] OBJ_pkcs9_challengePassword */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x08,/* [320] OBJ_pkcs9_unstructuredAddress */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x09,/* [329] OBJ_pkcs9_extCertAttributes */ +0x60,0x86,0x48,0x01,0x86,0xF8,0x42, /* [338] OBJ_netscape */ +0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x01, /* [345] OBJ_netscape_cert_extension */ +0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x02, /* [353] OBJ_netscape_data_type */ +0x2B,0x0E,0x03,0x02,0x1A, /* [361] OBJ_sha1 */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x05,/* [366] OBJ_sha1WithRSAEncryption */ +0x2B,0x0E,0x03,0x02,0x0D, /* [375] OBJ_dsaWithSHA */ +0x2B,0x0E,0x03,0x02,0x0C, /* [380] OBJ_dsa_2 */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x05,0x0B,/* [385] OBJ_pbeWithSHA1AndRC2_CBC */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x05,0x0C,/* [394] OBJ_id_pbkdf2 */ +0x2B,0x0E,0x03,0x02,0x1B, /* [403] OBJ_dsaWithSHA1_2 */ +0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x01,0x01,/* [408] OBJ_netscape_cert_type */ +0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x01,0x02,/* [417] OBJ_netscape_base_url */ +0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x01,0x03,/* [426] OBJ_netscape_revocation_url */ +0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x01,0x04,/* [435] OBJ_netscape_ca_revocation_url */ +0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x01,0x07,/* [444] OBJ_netscape_renewal_url */ +0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x01,0x08,/* [453] OBJ_netscape_ca_policy_url */ +0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x01,0x0C,/* [462] OBJ_netscape_ssl_server_name */ +0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x01,0x0D,/* [471] OBJ_netscape_comment */ +0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x02,0x05,/* [480] OBJ_netscape_cert_sequence */ +0x55,0x1D, /* [489] OBJ_id_ce */ +0x55,0x1D,0x0E, /* [491] OBJ_subject_key_identifier */ +0x55,0x1D,0x0F, /* [494] OBJ_key_usage */ +0x55,0x1D,0x10, /* [497] OBJ_private_key_usage_period */ +0x55,0x1D,0x11, /* [500] OBJ_subject_alt_name */ +0x55,0x1D,0x12, /* [503] OBJ_issuer_alt_name */ +0x55,0x1D,0x13, /* [506] OBJ_basic_constraints */ +0x55,0x1D,0x14, /* [509] OBJ_crl_number */ +0x55,0x1D,0x20, /* [512] OBJ_certificate_policies */ +0x55,0x1D,0x23, /* [515] OBJ_authority_key_identifier */ +0x2B,0x06,0x01,0x04,0x01,0x97,0x55,0x01,0x02,/* [518] OBJ_bf_cbc */ +0x55,0x08,0x03,0x65, /* [527] OBJ_mdc2 */ +0x55,0x08,0x03,0x64, /* [531] OBJ_mdc2WithRSA */ +0x55,0x04,0x2A, /* [535] OBJ_givenName */ +0x55,0x04,0x04, /* [538] OBJ_surname */ +0x55,0x04,0x2B, /* [541] OBJ_initials */ +0x55,0x1D,0x1F, /* [544] OBJ_crl_distribution_points */ +0x2B,0x0E,0x03,0x02,0x03, /* [547] OBJ_md5WithRSA */ +0x55,0x04,0x05, /* [552] OBJ_serialNumber */ +0x55,0x04,0x0C, /* [555] OBJ_title */ +0x55,0x04,0x0D, /* [558] OBJ_description */ +0x2A,0x86,0x48,0x86,0xF6,0x7D,0x07,0x42,0x0A,/* [561] OBJ_cast5_cbc */ +0x2A,0x86,0x48,0x86,0xF6,0x7D,0x07,0x42,0x0C,/* [570] OBJ_pbeWithMD5AndCast5_CBC */ +0x2A,0x86,0x48,0xCE,0x38,0x04,0x03, /* [579] OBJ_dsaWithSHA1 */ +0x2B,0x0E,0x03,0x02,0x1D, /* [586] OBJ_sha1WithRSA */ +0x2A,0x86,0x48,0xCE,0x38,0x04,0x01, /* [591] OBJ_dsa */ +0x2B,0x24,0x03,0x02,0x01, /* [598] OBJ_ripemd160 */ +0x2B,0x24,0x03,0x03,0x01,0x02, /* [603] OBJ_ripemd160WithRSA */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x03,0x08, /* [609] OBJ_rc5_cbc */ +0x29,0x01,0x01,0x85,0x1A,0x01, /* [617] OBJ_rle_compression */ +0x29,0x01,0x01,0x85,0x1A,0x02, /* [623] OBJ_zlib_compression */ +0x55,0x1D,0x25, /* [629] OBJ_ext_key_usage */ +0x2B,0x06,0x01,0x05,0x05,0x07, /* [632] OBJ_id_pkix */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x03, /* [638] OBJ_id_kp */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x01, /* [645] OBJ_server_auth */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x02, /* [653] OBJ_client_auth */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x03, /* [661] OBJ_code_sign */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x04, /* [669] OBJ_email_protect */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x08, /* [677] OBJ_time_stamp */ +0x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x02,0x01,0x15,/* [685] OBJ_ms_code_ind */ +0x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x02,0x01,0x16,/* [695] OBJ_ms_code_com */ +0x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x0A,0x03,0x01,/* [705] OBJ_ms_ctl_sign */ +0x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x0A,0x03,0x03,/* [715] OBJ_ms_sgc */ +0x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x0A,0x03,0x04,/* [725] OBJ_ms_efs */ +0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x04,0x01,/* [735] OBJ_ns_sgc */ +0x55,0x1D,0x1B, /* [744] OBJ_delta_crl */ +0x55,0x1D,0x15, /* [747] OBJ_crl_reason */ +0x55,0x1D,0x18, /* [750] OBJ_invalidity_date */ +0x2B,0x65,0x01,0x04,0x01, /* [753] OBJ_sxnet */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x01,0x01,/* [758] OBJ_pbe_WithSHA1And128BitRC4 */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x01,0x02,/* [768] OBJ_pbe_WithSHA1And40BitRC4 */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x01,0x03,/* [778] OBJ_pbe_WithSHA1And3_Key_TripleDES_CBC */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x01,0x04,/* [788] OBJ_pbe_WithSHA1And2_Key_TripleDES_CBC */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x01,0x05,/* [798] OBJ_pbe_WithSHA1And128BitRC2_CBC */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x01,0x06,/* [808] OBJ_pbe_WithSHA1And40BitRC2_CBC */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x0A,0x01,0x01,/* [818] OBJ_keyBag */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x0A,0x01,0x02,/* [829] OBJ_pkcs8ShroudedKeyBag */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x0A,0x01,0x03,/* [840] OBJ_certBag */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x0A,0x01,0x04,/* [851] OBJ_crlBag */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x0A,0x01,0x05,/* [862] OBJ_secretBag */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x0A,0x01,0x06,/* [873] OBJ_safeContentsBag */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x14,/* [884] OBJ_friendlyName */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x15,/* [893] OBJ_localKeyID */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x16,0x01,/* [902] OBJ_x509Certificate */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x16,0x02,/* [912] OBJ_sdsiCertificate */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x17,0x01,/* [922] OBJ_x509Crl */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x05,0x0D,/* [932] OBJ_pbes2 */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x05,0x0E,/* [941] OBJ_pbmac1 */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x02,0x07, /* [950] OBJ_hmacWithSHA1 */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x02,0x01, /* [958] OBJ_id_qt_cps */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x02,0x02, /* [966] OBJ_id_qt_unotice */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x0F,/* [974] OBJ_SMIMECapabilities */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x05,0x04,/* [983] OBJ_pbeWithMD2AndRC2_CBC */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x05,0x06,/* [992] OBJ_pbeWithMD5AndRC2_CBC */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x05,0x0A,/* [1001] OBJ_pbeWithSHA1AndDES_CBC */ +0x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x02,0x01,0x0E,/* [1010] OBJ_ms_ext_req */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x0E,/* [1020] OBJ_ext_req */ +0x55,0x04,0x29, /* [1029] OBJ_name */ +0x55,0x04,0x2E, /* [1032] OBJ_dnQualifier */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x01, /* [1035] OBJ_id_pe */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x30, /* [1042] OBJ_id_ad */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x01, /* [1049] OBJ_info_access */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01, /* [1057] OBJ_ad_OCSP */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x02, /* [1065] OBJ_ad_ca_issuers */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x09, /* [1073] OBJ_OCSP_sign */ +0x28, /* [1081] OBJ_iso */ +0x2A, /* [1082] OBJ_member_body */ +0x2A,0x86,0x48, /* [1083] OBJ_ISO_US */ +0x2A,0x86,0x48,0xCE,0x38, /* [1086] OBJ_X9_57 */ +0x2A,0x86,0x48,0xCE,0x38,0x04, /* [1091] OBJ_X9cm */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01, /* [1097] OBJ_pkcs1 */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x05, /* [1105] OBJ_pkcs5 */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,/* [1113] OBJ_SMIME */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x00,/* [1122] OBJ_id_smime_mod */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x01,/* [1132] OBJ_id_smime_ct */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,/* [1142] OBJ_id_smime_aa */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x03,/* [1152] OBJ_id_smime_alg */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x04,/* [1162] OBJ_id_smime_cd */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x05,/* [1172] OBJ_id_smime_spq */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x06,/* [1182] OBJ_id_smime_cti */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x00,0x01,/* [1192] OBJ_id_smime_mod_cms */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x00,0x02,/* [1203] OBJ_id_smime_mod_ess */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x00,0x03,/* [1214] OBJ_id_smime_mod_oid */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x00,0x04,/* [1225] OBJ_id_smime_mod_msg_v3 */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x00,0x05,/* [1236] OBJ_id_smime_mod_ets_eSignature_88 */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x00,0x06,/* [1247] OBJ_id_smime_mod_ets_eSignature_97 */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x00,0x07,/* [1258] OBJ_id_smime_mod_ets_eSigPolicy_88 */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x00,0x08,/* [1269] OBJ_id_smime_mod_ets_eSigPolicy_97 */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x01,0x01,/* [1280] OBJ_id_smime_ct_receipt */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x01,0x02,/* [1291] OBJ_id_smime_ct_authData */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x01,0x03,/* [1302] OBJ_id_smime_ct_publishCert */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x01,0x04,/* [1313] OBJ_id_smime_ct_TSTInfo */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x01,0x05,/* [1324] OBJ_id_smime_ct_TDTInfo */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x01,0x06,/* [1335] OBJ_id_smime_ct_contentInfo */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x01,0x07,/* [1346] OBJ_id_smime_ct_DVCSRequestData */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x01,0x08,/* [1357] OBJ_id_smime_ct_DVCSResponseData */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x01,/* [1368] OBJ_id_smime_aa_receiptRequest */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x02,/* [1379] OBJ_id_smime_aa_securityLabel */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x03,/* [1390] OBJ_id_smime_aa_mlExpandHistory */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x04,/* [1401] OBJ_id_smime_aa_contentHint */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x05,/* [1412] OBJ_id_smime_aa_msgSigDigest */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x06,/* [1423] OBJ_id_smime_aa_encapContentType */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x07,/* [1434] OBJ_id_smime_aa_contentIdentifier */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x08,/* [1445] OBJ_id_smime_aa_macValue */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x09,/* [1456] OBJ_id_smime_aa_equivalentLabels */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x0A,/* [1467] OBJ_id_smime_aa_contentReference */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x0B,/* [1478] OBJ_id_smime_aa_encrypKeyPref */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x0C,/* [1489] OBJ_id_smime_aa_signingCertificate */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x0D,/* [1500] OBJ_id_smime_aa_smimeEncryptCerts */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x0E,/* [1511] OBJ_id_smime_aa_timeStampToken */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x0F,/* [1522] OBJ_id_smime_aa_ets_sigPolicyId */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x10,/* [1533] OBJ_id_smime_aa_ets_commitmentType */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x11,/* [1544] OBJ_id_smime_aa_ets_signerLocation */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x12,/* [1555] OBJ_id_smime_aa_ets_signerAttr */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x13,/* [1566] OBJ_id_smime_aa_ets_otherSigCert */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x14,/* [1577] OBJ_id_smime_aa_ets_contentTimestamp */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x15,/* [1588] OBJ_id_smime_aa_ets_CertificateRefs */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x16,/* [1599] OBJ_id_smime_aa_ets_RevocationRefs */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x17,/* [1610] OBJ_id_smime_aa_ets_certValues */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x18,/* [1621] OBJ_id_smime_aa_ets_revocationValues */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x19,/* [1632] OBJ_id_smime_aa_ets_escTimeStamp */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x1A,/* [1643] OBJ_id_smime_aa_ets_certCRLTimestamp */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x1B,/* [1654] OBJ_id_smime_aa_ets_archiveTimeStamp */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x1C,/* [1665] OBJ_id_smime_aa_signatureType */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x1D,/* [1676] OBJ_id_smime_aa_dvcs_dvc */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x03,0x01,/* [1687] OBJ_id_smime_alg_ESDHwith3DES */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x03,0x02,/* [1698] OBJ_id_smime_alg_ESDHwithRC2 */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x03,0x03,/* [1709] OBJ_id_smime_alg_3DESwrap */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x03,0x04,/* [1720] OBJ_id_smime_alg_RC2wrap */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x03,0x05,/* [1731] OBJ_id_smime_alg_ESDH */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x03,0x06,/* [1742] OBJ_id_smime_alg_CMS3DESwrap */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x03,0x07,/* [1753] OBJ_id_smime_alg_CMSRC2wrap */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x04,0x01,/* [1764] OBJ_id_smime_cd_ldap */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x05,0x01,/* [1775] OBJ_id_smime_spq_ets_sqt_uri */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x05,0x02,/* [1786] OBJ_id_smime_spq_ets_sqt_unotice */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x06,0x01,/* [1797] OBJ_id_smime_cti_ets_proofOfOrigin */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x06,0x02,/* [1808] OBJ_id_smime_cti_ets_proofOfReceipt */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x06,0x03,/* [1819] OBJ_id_smime_cti_ets_proofOfDelivery */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x06,0x04,/* [1830] OBJ_id_smime_cti_ets_proofOfSender */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x06,0x05,/* [1841] OBJ_id_smime_cti_ets_proofOfApproval */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x06,0x06,/* [1852] OBJ_id_smime_cti_ets_proofOfCreation */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x02,0x04, /* [1863] OBJ_md4 */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x00, /* [1871] OBJ_id_pkix_mod */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x02, /* [1878] OBJ_id_qt */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x04, /* [1885] OBJ_id_it */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x05, /* [1892] OBJ_id_pkip */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x06, /* [1899] OBJ_id_alg */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x07, /* [1906] OBJ_id_cmc */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x08, /* [1913] OBJ_id_on */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x09, /* [1920] OBJ_id_pda */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x0A, /* [1927] OBJ_id_aca */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x0B, /* [1934] OBJ_id_qcs */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x0C, /* [1941] OBJ_id_cct */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x01, /* [1948] OBJ_id_pkix1_explicit_88 */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x02, /* [1956] OBJ_id_pkix1_implicit_88 */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x03, /* [1964] OBJ_id_pkix1_explicit_93 */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x04, /* [1972] OBJ_id_pkix1_implicit_93 */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x05, /* [1980] OBJ_id_mod_crmf */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x06, /* [1988] OBJ_id_mod_cmc */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x07, /* [1996] OBJ_id_mod_kea_profile_88 */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x08, /* [2004] OBJ_id_mod_kea_profile_93 */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x09, /* [2012] OBJ_id_mod_cmp */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x0A, /* [2020] OBJ_id_mod_qualified_cert_88 */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x0B, /* [2028] OBJ_id_mod_qualified_cert_93 */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x0C, /* [2036] OBJ_id_mod_attribute_cert */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x0D, /* [2044] OBJ_id_mod_timestamp_protocol */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x0E, /* [2052] OBJ_id_mod_ocsp */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x0F, /* [2060] OBJ_id_mod_dvcs */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x10, /* [2068] OBJ_id_mod_cmp2000 */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x02, /* [2076] OBJ_biometricInfo */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x03, /* [2084] OBJ_qcStatements */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x04, /* [2092] OBJ_ac_auditEntity */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x05, /* [2100] OBJ_ac_targeting */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x06, /* [2108] OBJ_aaControls */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x07, /* [2116] OBJ_sbqp_ipAddrBlock */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x08, /* [2124] OBJ_sbqp_autonomousSysNum */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x09, /* [2132] OBJ_sbqp_routerIdentifier */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x02,0x03, /* [2140] OBJ_textNotice */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x05, /* [2148] OBJ_ipsecEndSystem */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x06, /* [2156] OBJ_ipsecTunnel */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x07, /* [2164] OBJ_ipsecUser */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x0A, /* [2172] OBJ_dvcs */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x01, /* [2180] OBJ_id_it_caProtEncCert */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x02, /* [2188] OBJ_id_it_signKeyPairTypes */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x03, /* [2196] OBJ_id_it_encKeyPairTypes */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x04, /* [2204] OBJ_id_it_preferredSymmAlg */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x05, /* [2212] OBJ_id_it_caKeyUpdateInfo */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x06, /* [2220] OBJ_id_it_currentCRL */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x07, /* [2228] OBJ_id_it_unsupportedOIDs */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x08, /* [2236] OBJ_id_it_subscriptionRequest */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x09, /* [2244] OBJ_id_it_subscriptionResponse */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x0A, /* [2252] OBJ_id_it_keyPairParamReq */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x0B, /* [2260] OBJ_id_it_keyPairParamRep */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x0C, /* [2268] OBJ_id_it_revPassphrase */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x0D, /* [2276] OBJ_id_it_implicitConfirm */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x0E, /* [2284] OBJ_id_it_confirmWaitTime */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x0F, /* [2292] OBJ_id_it_origPKIMessage */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x05,0x01, /* [2300] OBJ_id_regCtrl */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x05,0x02, /* [2308] OBJ_id_regInfo */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x05,0x01,0x01,/* [2316] OBJ_id_regCtrl_regToken */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x05,0x01,0x02,/* [2325] OBJ_id_regCtrl_authenticator */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x05,0x01,0x03,/* [2334] OBJ_id_regCtrl_pkiPublicationInfo */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x05,0x01,0x04,/* [2343] OBJ_id_regCtrl_pkiArchiveOptions */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x05,0x01,0x05,/* [2352] OBJ_id_regCtrl_oldCertID */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x05,0x01,0x06,/* [2361] OBJ_id_regCtrl_protocolEncrKey */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x05,0x02,0x01,/* [2370] OBJ_id_regInfo_utf8Pairs */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x05,0x02,0x02,/* [2379] OBJ_id_regInfo_certReq */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x06,0x01, /* [2388] OBJ_id_alg_des40 */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x06,0x02, /* [2396] OBJ_id_alg_noSignature */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x06,0x03, /* [2404] OBJ_id_alg_dh_sig_hmac_sha1 */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x06,0x04, /* [2412] OBJ_id_alg_dh_pop */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x01, /* [2420] OBJ_id_cmc_statusInfo */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x02, /* [2428] OBJ_id_cmc_identification */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x03, /* [2436] OBJ_id_cmc_identityProof */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x04, /* [2444] OBJ_id_cmc_dataReturn */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x05, /* [2452] OBJ_id_cmc_transactionId */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x06, /* [2460] OBJ_id_cmc_senderNonce */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x07, /* [2468] OBJ_id_cmc_recipientNonce */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x08, /* [2476] OBJ_id_cmc_addExtensions */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x09, /* [2484] OBJ_id_cmc_encryptedPOP */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x0A, /* [2492] OBJ_id_cmc_decryptedPOP */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x0B, /* [2500] OBJ_id_cmc_lraPOPWitness */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x0F, /* [2508] OBJ_id_cmc_getCert */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x10, /* [2516] OBJ_id_cmc_getCRL */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x11, /* [2524] OBJ_id_cmc_revokeRequest */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x12, /* [2532] OBJ_id_cmc_regInfo */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x13, /* [2540] OBJ_id_cmc_responseInfo */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x15, /* [2548] OBJ_id_cmc_queryPending */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x16, /* [2556] OBJ_id_cmc_popLinkRandom */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x17, /* [2564] OBJ_id_cmc_popLinkWitness */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x18, /* [2572] OBJ_id_cmc_confirmCertAcceptance */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x08,0x01, /* [2580] OBJ_id_on_personalData */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x09,0x01, /* [2588] OBJ_id_pda_dateOfBirth */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x09,0x02, /* [2596] OBJ_id_pda_placeOfBirth */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x09,0x03, /* [2604] OBJ_id_pda_gender */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x09,0x04, /* [2612] OBJ_id_pda_countryOfCitizenship */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x09,0x05, /* [2620] OBJ_id_pda_countryOfResidence */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x0A,0x01, /* [2628] OBJ_id_aca_authenticationInfo */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x0A,0x02, /* [2636] OBJ_id_aca_accessIdentity */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x0A,0x03, /* [2644] OBJ_id_aca_chargingIdentity */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x0A,0x04, /* [2652] OBJ_id_aca_group */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x0A,0x05, /* [2660] OBJ_id_aca_role */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x0B,0x01, /* [2668] OBJ_id_qcs_pkixQCSyntax_v1 */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x0C,0x01, /* [2676] OBJ_id_cct_crs */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x0C,0x02, /* [2684] OBJ_id_cct_PKIData */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x0C,0x03, /* [2692] OBJ_id_cct_PKIResponse */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x03, /* [2700] OBJ_ad_timeStamping */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x04, /* [2708] OBJ_ad_dvcs */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,0x01,/* [2716] OBJ_id_pkix_OCSP_basic */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,0x02,/* [2725] OBJ_id_pkix_OCSP_Nonce */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,0x03,/* [2734] OBJ_id_pkix_OCSP_CrlID */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,0x04,/* [2743] OBJ_id_pkix_OCSP_acceptableResponses */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,0x05,/* [2752] OBJ_id_pkix_OCSP_noCheck */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,0x06,/* [2761] OBJ_id_pkix_OCSP_archiveCutoff */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,0x07,/* [2770] OBJ_id_pkix_OCSP_serviceLocator */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,0x08,/* [2779] OBJ_id_pkix_OCSP_extendedStatus */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,0x09,/* [2788] OBJ_id_pkix_OCSP_valid */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,0x0A,/* [2797] OBJ_id_pkix_OCSP_path */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,0x0B,/* [2806] OBJ_id_pkix_OCSP_trustRoot */ +0x2B,0x0E,0x03,0x02, /* [2815] OBJ_algorithm */ +0x2B,0x0E,0x03,0x02,0x0B, /* [2819] OBJ_rsaSignature */ +0x55,0x08, /* [2824] OBJ_X500algorithms */ +0x2B, /* [2826] OBJ_org */ +0x2B,0x06, /* [2827] OBJ_dod */ +0x2B,0x06,0x01, /* [2829] OBJ_iana */ +0x2B,0x06,0x01,0x01, /* [2832] OBJ_Directory */ +0x2B,0x06,0x01,0x02, /* [2836] OBJ_Management */ +0x2B,0x06,0x01,0x03, /* [2840] OBJ_Experimental */ +0x2B,0x06,0x01,0x04, /* [2844] OBJ_Private */ +0x2B,0x06,0x01,0x05, /* [2848] OBJ_Security */ +0x2B,0x06,0x01,0x06, /* [2852] OBJ_SNMPv2 */ +0x2B,0x06,0x01,0x07, /* [2856] OBJ_Mail */ +0x2B,0x06,0x01,0x04,0x01, /* [2860] OBJ_Enterprises */ +0x2B,0x06,0x01,0x04,0x01,0x8B,0x3A,0x82,0x58,/* [2865] OBJ_dcObject */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x19,/* [2874] OBJ_domainComponent */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x0D,/* [2884] OBJ_Domain */ +0x50, /* [2894] OBJ_joint_iso_ccitt */ +0x55,0x01,0x05, /* [2895] OBJ_selected_attribute_types */ +0x55,0x01,0x05,0x37, /* [2898] OBJ_clearance */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x03,/* [2902] OBJ_md4WithRSAEncryption */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x0A, /* [2911] OBJ_ac_proxying */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x0B, /* [2919] OBJ_sinfo_access */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x0A,0x06, /* [2927] OBJ_id_aca_encAttrs */ +0x55,0x04,0x48, /* [2935] OBJ_role */ +0x55,0x1D,0x24, /* [2938] OBJ_policy_constraints */ +0x55,0x1D,0x37, /* [2941] OBJ_target_information */ +0x55,0x1D,0x38, /* [2944] OBJ_no_rev_avail */ +0x00, /* [2947] OBJ_ccitt */ +0x2A,0x86,0x48,0xCE,0x3D, /* [2948] OBJ_ansi_X9_62 */ +0x2A,0x86,0x48,0xCE,0x3D,0x01,0x01, /* [2953] OBJ_X9_62_prime_field */ +0x2A,0x86,0x48,0xCE,0x3D,0x01,0x02, /* [2960] OBJ_X9_62_characteristic_two_field */ +0x2A,0x86,0x48,0xCE,0x3D,0x02,0x01, /* [2967] OBJ_X9_62_id_ecPublicKey */ +0x2A,0x86,0x48,0xCE,0x3D,0x03,0x01,0x01, /* [2974] OBJ_X9_62_prime192v1 */ +0x2A,0x86,0x48,0xCE,0x3D,0x03,0x01,0x02, /* [2982] OBJ_X9_62_prime192v2 */ +0x2A,0x86,0x48,0xCE,0x3D,0x03,0x01,0x03, /* [2990] OBJ_X9_62_prime192v3 */ +0x2A,0x86,0x48,0xCE,0x3D,0x03,0x01,0x04, /* [2998] OBJ_X9_62_prime239v1 */ +0x2A,0x86,0x48,0xCE,0x3D,0x03,0x01,0x05, /* [3006] OBJ_X9_62_prime239v2 */ +0x2A,0x86,0x48,0xCE,0x3D,0x03,0x01,0x06, /* [3014] OBJ_X9_62_prime239v3 */ +0x2A,0x86,0x48,0xCE,0x3D,0x03,0x01,0x07, /* [3022] OBJ_X9_62_prime256v1 */ +0x2A,0x86,0x48,0xCE,0x3D,0x04,0x01, /* [3030] OBJ_ecdsa_with_SHA1 */ +0x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x11,0x01,/* [3037] OBJ_ms_csp_name */ +0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x01,/* [3046] OBJ_aes_128_ecb */ +0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x02,/* [3055] OBJ_aes_128_cbc */ +0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x03,/* [3064] OBJ_aes_128_ofb128 */ +0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x04,/* [3073] OBJ_aes_128_cfb128 */ +0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x15,/* [3082] OBJ_aes_192_ecb */ +0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x16,/* [3091] OBJ_aes_192_cbc */ +0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x17,/* [3100] OBJ_aes_192_ofb128 */ +0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x18,/* [3109] OBJ_aes_192_cfb128 */ +0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x29,/* [3118] OBJ_aes_256_ecb */ +0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x2A,/* [3127] OBJ_aes_256_cbc */ +0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x2B,/* [3136] OBJ_aes_256_ofb128 */ +0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x2C,/* [3145] OBJ_aes_256_cfb128 */ +0x55,0x1D,0x17, /* [3154] OBJ_hold_instruction_code */ +0x2A,0x86,0x48,0xCE,0x38,0x02,0x01, /* [3157] OBJ_hold_instruction_none */ +0x2A,0x86,0x48,0xCE,0x38,0x02,0x02, /* [3164] OBJ_hold_instruction_call_issuer */ +0x2A,0x86,0x48,0xCE,0x38,0x02,0x03, /* [3171] OBJ_hold_instruction_reject */ +0x09, /* [3178] OBJ_data */ +0x09,0x92,0x26, /* [3179] OBJ_pss */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C, /* [3182] OBJ_ucl */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64, /* [3189] OBJ_pilot */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,/* [3197] OBJ_pilotAttributeType */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x03,/* [3206] OBJ_pilotAttributeSyntax */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,/* [3215] OBJ_pilotObjectClass */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x0A,/* [3224] OBJ_pilotGroups */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x03,0x04,/* [3233] OBJ_iA5StringSyntax */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x03,0x05,/* [3243] OBJ_caseIgnoreIA5StringSyntax */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x03,/* [3253] OBJ_pilotObject */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x04,/* [3263] OBJ_pilotPerson */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x05,/* [3273] OBJ_account */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x06,/* [3283] OBJ_document */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x07,/* [3293] OBJ_room */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x09,/* [3303] OBJ_documentSeries */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x0E,/* [3313] OBJ_rFC822localPart */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x0F,/* [3323] OBJ_dNSDomain */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x11,/* [3333] OBJ_domainRelatedObject */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x12,/* [3343] OBJ_friendlyCountry */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x13,/* [3353] OBJ_simpleSecurityObject */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x14,/* [3363] OBJ_pilotOrganization */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x15,/* [3373] OBJ_pilotDSA */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x16,/* [3383] OBJ_qualityLabelledData */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x01,/* [3393] OBJ_userId */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x02,/* [3403] OBJ_textEncodedORAddress */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x03,/* [3413] OBJ_rfc822Mailbox */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x04,/* [3423] OBJ_info */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x05,/* [3433] OBJ_favouriteDrink */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x06,/* [3443] OBJ_roomNumber */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x07,/* [3453] OBJ_photo */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x08,/* [3463] OBJ_userClass */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x09,/* [3473] OBJ_host */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x0A,/* [3483] OBJ_manager */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x0B,/* [3493] OBJ_documentIdentifier */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x0C,/* [3503] OBJ_documentTitle */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x0D,/* [3513] OBJ_documentVersion */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x0E,/* [3523] OBJ_documentAuthor */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x0F,/* [3533] OBJ_documentLocation */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x14,/* [3543] OBJ_homeTelephoneNumber */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x15,/* [3553] OBJ_secretary */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x16,/* [3563] OBJ_otherMailbox */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x17,/* [3573] OBJ_lastModifiedTime */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x18,/* [3583] OBJ_lastModifiedBy */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x1A,/* [3593] OBJ_aRecord */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x1B,/* [3603] OBJ_pilotAttributeType27 */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x1C,/* [3613] OBJ_mXRecord */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x1D,/* [3623] OBJ_nSRecord */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x1E,/* [3633] OBJ_sOARecord */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x1F,/* [3643] OBJ_cNAMERecord */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x25,/* [3653] OBJ_associatedDomain */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x26,/* [3663] OBJ_associatedName */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x27,/* [3673] OBJ_homePostalAddress */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x28,/* [3683] OBJ_personalTitle */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x29,/* [3693] OBJ_mobileTelephoneNumber */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x2A,/* [3703] OBJ_pagerTelephoneNumber */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x2B,/* [3713] OBJ_friendlyCountryName */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x2D,/* [3723] OBJ_organizationalStatus */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x2E,/* [3733] OBJ_janetMailbox */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x2F,/* [3743] OBJ_mailPreferenceOption */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x30,/* [3753] OBJ_buildingName */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x31,/* [3763] OBJ_dSAQuality */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x32,/* [3773] OBJ_singleLevelQuality */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x33,/* [3783] OBJ_subtreeMinimumQuality */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x34,/* [3793] OBJ_subtreeMaximumQuality */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x35,/* [3803] OBJ_personalSignature */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x36,/* [3813] OBJ_dITRedirect */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x37,/* [3823] OBJ_audio */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x38,/* [3833] OBJ_documentPublisher */ +0x55,0x04,0x2D, /* [3843] OBJ_x500UniqueIdentifier */ +0x2B,0x06,0x01,0x07,0x01, /* [3846] OBJ_mime_mhs */ +0x2B,0x06,0x01,0x07,0x01,0x01, /* [3851] OBJ_mime_mhs_headings */ +0x2B,0x06,0x01,0x07,0x01,0x02, /* [3857] OBJ_mime_mhs_bodies */ +0x2B,0x06,0x01,0x07,0x01,0x01,0x01, /* [3863] OBJ_id_hex_partial_message */ +0x2B,0x06,0x01,0x07,0x01,0x01,0x02, /* [3870] OBJ_id_hex_multipart_message */ +0x55,0x04,0x2C, /* [3877] OBJ_generationQualifier */ }; static ASN1_OBJECT nid_objs[NUM_NID]={ -{"UNDEF","undefined",NID_undef,0,NULL}, -{"rsadsi","rsadsi",NID_rsadsi,6,&(lvalues[0]),0}, -{"pkcs","pkcs",NID_pkcs,7,&(lvalues[6]),0}, -{"MD2","md2",NID_md2,8,&(lvalues[13]),0}, -{"MD5","md5",NID_md5,8,&(lvalues[21]),0}, -{"RC4","rc4",NID_rc4,8,&(lvalues[29]),0}, -{"rsaEncryption","rsaEncryption",NID_rsaEncryption,9,&(lvalues[37]),0}, +{"UNDEF","undefined",NID_undef,1,&(lvalues[0]),0}, +{"rsadsi","RSA Data Security, Inc.",NID_rsadsi,6,&(lvalues[1]),0}, +{"pkcs","RSA Data Security, Inc. PKCS",NID_pkcs,7,&(lvalues[7]),0}, +{"MD2","md2",NID_md2,8,&(lvalues[14]),0}, +{"MD5","md5",NID_md5,8,&(lvalues[22]),0}, +{"RC4","rc4",NID_rc4,8,&(lvalues[30]),0}, +{"rsaEncryption","rsaEncryption",NID_rsaEncryption,9,&(lvalues[38]),0}, {"RSA-MD2","md2WithRSAEncryption",NID_md2WithRSAEncryption,9, - &(lvalues[46]),0}, + &(lvalues[47]),0}, {"RSA-MD5","md5WithRSAEncryption",NID_md5WithRSAEncryption,9, - &(lvalues[55]),0}, -{"pbeWithMD2AndDES-CBC","pbeWithMD2AndDES-CBC", - NID_pbeWithMD2AndDES_CBC,9,&(lvalues[64]),0}, -{"pbeWithMD5AndDES-CBC","pbeWithMD5AndDES-CBC", - NID_pbeWithMD5AndDES_CBC,9,&(lvalues[73]),0}, -{"X500","X500",NID_X500,1,&(lvalues[82]),0}, -{"X509","X509",NID_X509,2,&(lvalues[83]),0}, -{"CN","commonName",NID_commonName,3,&(lvalues[85]),0}, -{"C","countryName",NID_countryName,3,&(lvalues[88]),0}, -{"L","localityName",NID_localityName,3,&(lvalues[91]),0}, -{"ST","stateOrProvinceName",NID_stateOrProvinceName,3,&(lvalues[94]),0}, -{"O","organizationName",NID_organizationName,3,&(lvalues[97]),0}, + &(lvalues[56]),0}, +{"PBE-MD2-DES","pbeWithMD2AndDES-CBC",NID_pbeWithMD2AndDES_CBC,9, + &(lvalues[65]),0}, +{"PBE-MD5-DES","pbeWithMD5AndDES-CBC",NID_pbeWithMD5AndDES_CBC,9, + &(lvalues[74]),0}, +{"X500","directory services (X.500)",NID_X500,1,&(lvalues[83]),0}, +{"X509","X509",NID_X509,2,&(lvalues[84]),0}, +{"CN","commonName",NID_commonName,3,&(lvalues[86]),0}, +{"C","countryName",NID_countryName,3,&(lvalues[89]),0}, +{"L","localityName",NID_localityName,3,&(lvalues[92]),0}, +{"ST","stateOrProvinceName",NID_stateOrProvinceName,3,&(lvalues[95]),0}, +{"O","organizationName",NID_organizationName,3,&(lvalues[98]),0}, {"OU","organizationalUnitName",NID_organizationalUnitName,3, - &(lvalues[100]),0}, -{"RSA","rsa",NID_rsa,4,&(lvalues[103]),0}, -{"pkcs7","pkcs7",NID_pkcs7,8,&(lvalues[107]),0}, -{"pkcs7-data","pkcs7-data",NID_pkcs7_data,9,&(lvalues[115]),0}, + &(lvalues[101]),0}, +{"RSA","rsa",NID_rsa,4,&(lvalues[104]),0}, +{"pkcs7","pkcs7",NID_pkcs7,8,&(lvalues[108]),0}, +{"pkcs7-data","pkcs7-data",NID_pkcs7_data,9,&(lvalues[116]),0}, {"pkcs7-signedData","pkcs7-signedData",NID_pkcs7_signed,9, - &(lvalues[124]),0}, + &(lvalues[125]),0}, {"pkcs7-envelopedData","pkcs7-envelopedData",NID_pkcs7_enveloped,9, - &(lvalues[133]),0}, + &(lvalues[134]),0}, {"pkcs7-signedAndEnvelopedData","pkcs7-signedAndEnvelopedData", - NID_pkcs7_signedAndEnveloped,9,&(lvalues[142]),0}, + NID_pkcs7_signedAndEnveloped,9,&(lvalues[143]),0}, {"pkcs7-digestData","pkcs7-digestData",NID_pkcs7_digest,9, - &(lvalues[151]),0}, + &(lvalues[152]),0}, {"pkcs7-encryptedData","pkcs7-encryptedData",NID_pkcs7_encrypted,9, - &(lvalues[160]),0}, -{"pkcs3","pkcs3",NID_pkcs3,8,&(lvalues[169]),0}, + &(lvalues[161]),0}, +{"pkcs3","pkcs3",NID_pkcs3,8,&(lvalues[170]),0}, {"dhKeyAgreement","dhKeyAgreement",NID_dhKeyAgreement,9, - &(lvalues[177]),0}, -{"DES-ECB","des-ecb",NID_des_ecb,5,&(lvalues[186]),0}, -{"DES-CFB","des-cfb",NID_des_cfb64,5,&(lvalues[191]),0}, -{"DES-CBC","des-cbc",NID_des_cbc,5,&(lvalues[196]),0}, -{"DES-EDE","des-ede",NID_des_ede,5,&(lvalues[201]),0}, -{"DES-EDE3","des-ede3",NID_des_ede3,0,NULL}, -{"IDEA-CBC","idea-cbc",NID_idea_cbc,0,NULL}, + &(lvalues[178]),0}, +{"DES-ECB","des-ecb",NID_des_ecb,5,&(lvalues[187]),0}, +{"DES-CFB","des-cfb",NID_des_cfb64,5,&(lvalues[192]),0}, +{"DES-CBC","des-cbc",NID_des_cbc,5,&(lvalues[197]),0}, +{"DES-EDE","des-ede",NID_des_ede_ecb,5,&(lvalues[202]),0}, +{"DES-EDE3","des-ede3",NID_des_ede3_ecb,0,NULL}, +{"IDEA-CBC","idea-cbc",NID_idea_cbc,11,&(lvalues[207]),0}, {"IDEA-CFB","idea-cfb",NID_idea_cfb64,0,NULL}, {"IDEA-ECB","idea-ecb",NID_idea_ecb,0,NULL}, -{"RC2-CBC","rc2-cbc",NID_rc2_cbc,8,&(lvalues[206]),0}, +{"RC2-CBC","rc2-cbc",NID_rc2_cbc,8,&(lvalues[218]),0}, {"RC2-ECB","rc2-ecb",NID_rc2_ecb,0,NULL}, {"RC2-CFB","rc2-cfb",NID_rc2_cfb64,0,NULL}, {"RC2-OFB","rc2-ofb",NID_rc2_ofb64,0,NULL}, -{"SHA","sha",NID_sha,5,&(lvalues[214]),0}, +{"SHA","sha",NID_sha,5,&(lvalues[226]),0}, {"RSA-SHA","shaWithRSAEncryption",NID_shaWithRSAEncryption,5, - &(lvalues[219]),0}, + &(lvalues[231]),0}, {"DES-EDE-CBC","des-ede-cbc",NID_des_ede_cbc,0,NULL}, -{"DES-EDE3-CBC","des-ede3-cbc",NID_des_ede3_cbc,8,&(lvalues[224]),0}, -{"DES-OFB","des-ofb",NID_des_ofb64,5,&(lvalues[232]),0}, +{"DES-EDE3-CBC","des-ede3-cbc",NID_des_ede3_cbc,8,&(lvalues[236]),0}, +{"DES-OFB","des-ofb",NID_des_ofb64,5,&(lvalues[244]),0}, {"IDEA-OFB","idea-ofb",NID_idea_ofb64,0,NULL}, -{"pkcs9","pkcs9",NID_pkcs9,8,&(lvalues[237]),0}, -{"Email","emailAddress",NID_pkcs9_emailAddress,9,&(lvalues[245]),0}, +{"pkcs9","pkcs9",NID_pkcs9,8,&(lvalues[249]),0}, +{"emailAddress","emailAddress",NID_pkcs9_emailAddress,9, + &(lvalues[257]),0}, {"unstructuredName","unstructuredName",NID_pkcs9_unstructuredName,9, - &(lvalues[254]),0}, -{"contentType","contentType",NID_pkcs9_contentType,9,&(lvalues[263]),0}, + &(lvalues[266]),0}, +{"contentType","contentType",NID_pkcs9_contentType,9,&(lvalues[275]),0}, {"messageDigest","messageDigest",NID_pkcs9_messageDigest,9, - &(lvalues[272]),0}, -{"signingTime","signingTime",NID_pkcs9_signingTime,9,&(lvalues[281]),0}, + &(lvalues[284]),0}, +{"signingTime","signingTime",NID_pkcs9_signingTime,9,&(lvalues[293]),0}, {"countersignature","countersignature",NID_pkcs9_countersignature,9, - &(lvalues[290]),0}, + &(lvalues[302]),0}, {"challengePassword","challengePassword",NID_pkcs9_challengePassword, - 9,&(lvalues[299]),0}, + 9,&(lvalues[311]),0}, {"unstructuredAddress","unstructuredAddress", - NID_pkcs9_unstructuredAddress,9,&(lvalues[308]),0}, + NID_pkcs9_unstructuredAddress,9,&(lvalues[320]),0}, {"extendedCertificateAttributes","extendedCertificateAttributes", - NID_pkcs9_extCertAttributes,9,&(lvalues[317]),0}, + NID_pkcs9_extCertAttributes,9,&(lvalues[329]),0}, {"Netscape","Netscape Communications Corp.",NID_netscape,7, - &(lvalues[326]),0}, + &(lvalues[338]),0}, {"nsCertExt","Netscape Certificate Extension", - NID_netscape_cert_extension,8,&(lvalues[333]),0}, + NID_netscape_cert_extension,8,&(lvalues[345]),0}, {"nsDataType","Netscape Data Type",NID_netscape_data_type,8, - &(lvalues[341]),0}, + &(lvalues[353]),0}, {"DES-EDE-CFB","des-ede-cfb",NID_des_ede_cfb64,0,NULL}, {"DES-EDE3-CFB","des-ede3-cfb",NID_des_ede3_cfb64,0,NULL}, {"DES-EDE-OFB","des-ede-ofb",NID_des_ede_ofb64,0,NULL}, {"DES-EDE3-OFB","des-ede3-ofb",NID_des_ede3_ofb64,0,NULL}, -{"SHA1","sha1",NID_sha1,5,&(lvalues[349]),0}, +{"SHA1","sha1",NID_sha1,5,&(lvalues[361]),0}, {"RSA-SHA1","sha1WithRSAEncryption",NID_sha1WithRSAEncryption,9, - &(lvalues[354]),0}, -{"DSA-SHA","dsaWithSHA",NID_dsaWithSHA,5,&(lvalues[363]),0}, -{"DSA-old","dsaEncryption-old",NID_dsa_2,5,&(lvalues[368]),0}, -{"pbeWithSHA1AndRC2-CBC","pbeWithSHA1AndRC2-CBC", - NID_pbeWithSHA1AndRC2_CBC,9,&(lvalues[373]),0}, -{"pbeWithSHA1AndRC4","pbeWithSHA1AndRC4",NID_pbeWithSHA1AndRC4,9, - &(lvalues[382]),0}, -{"DSA-SHA1-old","dsaWithSHA1",NID_dsaWithSHA1_2,5,&(lvalues[391]),0}, + &(lvalues[366]),0}, +{"DSA-SHA","dsaWithSHA",NID_dsaWithSHA,5,&(lvalues[375]),0}, +{"DSA-old","dsaEncryption-old",NID_dsa_2,5,&(lvalues[380]),0}, +{"PBE-SHA1-RC2-64","pbeWithSHA1AndRC2-CBC",NID_pbeWithSHA1AndRC2_CBC, + 9,&(lvalues[385]),0}, +{"PBKDF2","PBKDF2",NID_id_pbkdf2,9,&(lvalues[394]),0}, +{"DSA-SHA1-old","dsaWithSHA1-old",NID_dsaWithSHA1_2,5,&(lvalues[403]),0}, {"nsCertType","Netscape Cert Type",NID_netscape_cert_type,9, - &(lvalues[396]),0}, + &(lvalues[408]),0}, {"nsBaseUrl","Netscape Base Url",NID_netscape_base_url,9, - &(lvalues[405]),0}, + &(lvalues[417]),0}, {"nsRevocationUrl","Netscape Revocation Url", - NID_netscape_revocation_url,9,&(lvalues[414]),0}, + NID_netscape_revocation_url,9,&(lvalues[426]),0}, {"nsCaRevocationUrl","Netscape CA Revocation Url", - NID_netscape_ca_revocation_url,9,&(lvalues[423]),0}, + NID_netscape_ca_revocation_url,9,&(lvalues[435]),0}, {"nsRenewalUrl","Netscape Renewal Url",NID_netscape_renewal_url,9, - &(lvalues[432]),0}, + &(lvalues[444]),0}, {"nsCaPolicyUrl","Netscape CA Policy Url",NID_netscape_ca_policy_url, - 9,&(lvalues[441]),0}, + 9,&(lvalues[453]),0}, {"nsSslServerName","Netscape SSL Server Name", - NID_netscape_ssl_server_name,9,&(lvalues[450]),0}, -{"nsComment","Netscape Comment",NID_netscape_comment,9,&(lvalues[459]),0}, + NID_netscape_ssl_server_name,9,&(lvalues[462]),0}, +{"nsComment","Netscape Comment",NID_netscape_comment,9,&(lvalues[471]),0}, {"nsCertSequence","Netscape Certificate Sequence", - NID_netscape_cert_sequence,9,&(lvalues[468]),0}, + NID_netscape_cert_sequence,9,&(lvalues[480]),0}, {"DESX-CBC","desx-cbc",NID_desx_cbc,0,NULL}, -{"ld-ce","ld-ce",NID_ld_ce,2,&(lvalues[477]),0}, +{"id-ce","id-ce",NID_id_ce,2,&(lvalues[489]),0}, {"subjectKeyIdentifier","X509v3 Subject Key Identifier", - NID_subject_key_identifier,3,&(lvalues[479]),0}, -{"keyUsage","X509v3 Key Usage",NID_key_usage,3,&(lvalues[482]),0}, + NID_subject_key_identifier,3,&(lvalues[491]),0}, +{"keyUsage","X509v3 Key Usage",NID_key_usage,3,&(lvalues[494]),0}, {"privateKeyUsagePeriod","X509v3 Private Key Usage Period", - NID_private_key_usage_period,3,&(lvalues[485]),0}, + NID_private_key_usage_period,3,&(lvalues[497]),0}, {"subjectAltName","X509v3 Subject Alternative Name", - NID_subject_alt_name,3,&(lvalues[488]),0}, + NID_subject_alt_name,3,&(lvalues[500]),0}, {"issuerAltName","X509v3 Issuer Alternative Name",NID_issuer_alt_name, - 3,&(lvalues[491]),0}, + 3,&(lvalues[503]),0}, {"basicConstraints","X509v3 Basic Constraints",NID_basic_constraints, - 3,&(lvalues[494]),0}, -{"crlNumber","X509v3 CRL Number",NID_crl_number,3,&(lvalues[497]),0}, + 3,&(lvalues[506]),0}, +{"crlNumber","X509v3 CRL Number",NID_crl_number,3,&(lvalues[509]),0}, {"certificatePolicies","X509v3 Certificate Policies", - NID_certificate_policies,3,&(lvalues[500]),0}, + NID_certificate_policies,3,&(lvalues[512]),0}, {"authorityKeyIdentifier","X509v3 Authority Key Identifier", - NID_authority_key_identifier,3,&(lvalues[503]),0}, -{"BF-CBC","bf-cbc",NID_bf_cbc,0,NULL}, + NID_authority_key_identifier,3,&(lvalues[515]),0}, +{"BF-CBC","bf-cbc",NID_bf_cbc,9,&(lvalues[518]),0}, {"BF-ECB","bf-ecb",NID_bf_ecb,0,NULL}, {"BF-CFB","bf-cfb",NID_bf_cfb64,0,NULL}, {"BF-OFB","bf-ofb",NID_bf_ofb64,0,NULL}, -{"MDC2","mdc2",NID_mdc2,4,&(lvalues[506]),0}, -{"RSA-MDC2","mdc2withRSA",NID_mdc2WithRSA,4,&(lvalues[510]),0}, +{"MDC2","mdc2",NID_mdc2,4,&(lvalues[527]),0}, +{"RSA-MDC2","mdc2WithRSA",NID_mdc2WithRSA,4,&(lvalues[531]),0}, {"RC4-40","rc4-40",NID_rc4_40,0,NULL}, {"RC2-40-CBC","rc2-40-cbc",NID_rc2_40_cbc,0,NULL}, -{"G","givenName",NID_givenName,3,&(lvalues[514]),0}, -{"S","surname",NID_surname,3,&(lvalues[517]),0}, -{"I","initials",NID_initials,3,&(lvalues[520]),0}, -{"UID","uniqueIdentifier",NID_uniqueIdentifier,3,&(lvalues[523]),0}, +{"gn","givenName",NID_givenName,3,&(lvalues[535]),0}, +{"SN","surname",NID_surname,3,&(lvalues[538]),0}, +{"initials","initials",NID_initials,3,&(lvalues[541]),0}, +{NULL,NULL,NID_undef,0,NULL}, {"crlDistributionPoints","X509v3 CRL Distribution Points", - NID_crl_distribution_points,3,&(lvalues[526]),0}, -{"RSA-NP-MD5","md5WithRSA",NID_md5WithRSA,5,&(lvalues[529]),0}, -{"SN","serialNumber",NID_serialNumber,3,&(lvalues[534]),0}, -{"T","title",NID_title,3,&(lvalues[537]),0}, -{"D","description",NID_description,3,&(lvalues[540]),0}, -{"CAST5-CBC","cast5-cbc",NID_cast5_cbc,9,&(lvalues[543]),0}, + NID_crl_distribution_points,3,&(lvalues[544]),0}, +{"RSA-NP-MD5","md5WithRSA",NID_md5WithRSA,5,&(lvalues[547]),0}, +{"serialNumber","serialNumber",NID_serialNumber,3,&(lvalues[552]),0}, +{"title","title",NID_title,3,&(lvalues[555]),0}, +{"description","description",NID_description,3,&(lvalues[558]),0}, +{"CAST5-CBC","cast5-cbc",NID_cast5_cbc,9,&(lvalues[561]),0}, {"CAST5-ECB","cast5-ecb",NID_cast5_ecb,0,NULL}, {"CAST5-CFB","cast5-cfb",NID_cast5_cfb64,0,NULL}, {"CAST5-OFB","cast5-ofb",NID_cast5_ofb64,0,NULL}, {"pbeWithMD5AndCast5CBC","pbeWithMD5AndCast5CBC", - NID_pbeWithMD5AndCast5_CBC,9,&(lvalues[552]),0}, -{"DSA-SHA1","dsaWithSHA1",NID_dsaWithSHA1,7,&(lvalues[561]),0}, + NID_pbeWithMD5AndCast5_CBC,9,&(lvalues[570]),0}, +{"DSA-SHA1","dsaWithSHA1",NID_dsaWithSHA1,7,&(lvalues[579]),0}, {"MD5-SHA1","md5-sha1",NID_md5_sha1,0,NULL}, -{"RSA-SHA1-2","sha1WithRSA",NID_sha1WithRSA,5,&(lvalues[568]),0}, -{"DSA","dsaEncryption",NID_dsa,7,&(lvalues[573]),0}, -{"RIPEMD160","ripemd160",NID_ripemd160,5,&(lvalues[580]),0}, +{"RSA-SHA1-2","sha1WithRSA",NID_sha1WithRSA,5,&(lvalues[586]),0}, +{"DSA","dsaEncryption",NID_dsa,7,&(lvalues[591]),0}, +{"RIPEMD160","ripemd160",NID_ripemd160,5,&(lvalues[598]),0}, {NULL,NULL,NID_undef,0,NULL}, {"RSA-RIPEMD160","ripemd160WithRSA",NID_ripemd160WithRSA,6, - &(lvalues[585]),0}, -{"RC5-CBC","rc5-cbc",NID_rc5_cbc,8,&(lvalues[591]),0}, + &(lvalues[603]),0}, +{"RC5-CBC","rc5-cbc",NID_rc5_cbc,8,&(lvalues[609]),0}, {"RC5-ECB","rc5-ecb",NID_rc5_ecb,0,NULL}, {"RC5-CFB","rc5-cfb",NID_rc5_cfb64,0,NULL}, {"RC5-OFB","rc5-ofb",NID_rc5_ofb64,0,NULL}, +{"RLE","run length compression",NID_rle_compression,6,&(lvalues[617]),0}, +{"ZLIB","zlib compression",NID_zlib_compression,6,&(lvalues[623]),0}, +{"extendedKeyUsage","X509v3 Extended Key Usage",NID_ext_key_usage,3, + &(lvalues[629]),0}, +{"PKIX","PKIX",NID_id_pkix,6,&(lvalues[632]),0}, +{"id-kp","id-kp",NID_id_kp,7,&(lvalues[638]),0}, +{"serverAuth","TLS Web Server Authentication",NID_server_auth,8, + &(lvalues[645]),0}, +{"clientAuth","TLS Web Client Authentication",NID_client_auth,8, + &(lvalues[653]),0}, +{"codeSigning","Code Signing",NID_code_sign,8,&(lvalues[661]),0}, +{"emailProtection","E-mail Protection",NID_email_protect,8, + &(lvalues[669]),0}, +{"timeStamping","Time Stamping",NID_time_stamp,8,&(lvalues[677]),0}, +{"msCodeInd","Microsoft Individual Code Signing",NID_ms_code_ind,10, + &(lvalues[685]),0}, +{"msCodeCom","Microsoft Commercial Code Signing",NID_ms_code_com,10, + &(lvalues[695]),0}, +{"msCTLSign","Microsoft Trust List Signing",NID_ms_ctl_sign,10, + &(lvalues[705]),0}, +{"msSGC","Microsoft Server Gated Crypto",NID_ms_sgc,10,&(lvalues[715]),0}, +{"msEFS","Microsoft Encrypted File System",NID_ms_efs,10, + &(lvalues[725]),0}, +{"nsSGC","Netscape Server Gated Crypto",NID_ns_sgc,9,&(lvalues[735]),0}, +{"deltaCRL","X509v3 Delta CRL Indicator",NID_delta_crl,3, + &(lvalues[744]),0}, +{"CRLReason","X509v3 CRL Reason Code",NID_crl_reason,3,&(lvalues[747]),0}, +{"invalidityDate","Invalidity Date",NID_invalidity_date,3, + &(lvalues[750]),0}, +{"SXNetID","Strong Extranet ID",NID_sxnet,5,&(lvalues[753]),0}, +{"PBE-SHA1-RC4-128","pbeWithSHA1And128BitRC4", + NID_pbe_WithSHA1And128BitRC4,10,&(lvalues[758]),0}, +{"PBE-SHA1-RC4-40","pbeWithSHA1And40BitRC4", + NID_pbe_WithSHA1And40BitRC4,10,&(lvalues[768]),0}, +{"PBE-SHA1-3DES","pbeWithSHA1And3-KeyTripleDES-CBC", + NID_pbe_WithSHA1And3_Key_TripleDES_CBC,10,&(lvalues[778]),0}, +{"PBE-SHA1-2DES","pbeWithSHA1And2-KeyTripleDES-CBC", + NID_pbe_WithSHA1And2_Key_TripleDES_CBC,10,&(lvalues[788]),0}, +{"PBE-SHA1-RC2-128","pbeWithSHA1And128BitRC2-CBC", + NID_pbe_WithSHA1And128BitRC2_CBC,10,&(lvalues[798]),0}, +{"PBE-SHA1-RC2-40","pbeWithSHA1And40BitRC2-CBC", + NID_pbe_WithSHA1And40BitRC2_CBC,10,&(lvalues[808]),0}, +{"keyBag","keyBag",NID_keyBag,11,&(lvalues[818]),0}, +{"pkcs8ShroudedKeyBag","pkcs8ShroudedKeyBag",NID_pkcs8ShroudedKeyBag, + 11,&(lvalues[829]),0}, +{"certBag","certBag",NID_certBag,11,&(lvalues[840]),0}, +{"crlBag","crlBag",NID_crlBag,11,&(lvalues[851]),0}, +{"secretBag","secretBag",NID_secretBag,11,&(lvalues[862]),0}, +{"safeContentsBag","safeContentsBag",NID_safeContentsBag,11, + &(lvalues[873]),0}, +{"friendlyName","friendlyName",NID_friendlyName,9,&(lvalues[884]),0}, +{"localKeyID","localKeyID",NID_localKeyID,9,&(lvalues[893]),0}, +{"x509Certificate","x509Certificate",NID_x509Certificate,10, + &(lvalues[902]),0}, +{"sdsiCertificate","sdsiCertificate",NID_sdsiCertificate,10, + &(lvalues[912]),0}, +{"x509Crl","x509Crl",NID_x509Crl,10,&(lvalues[922]),0}, +{"PBES2","PBES2",NID_pbes2,9,&(lvalues[932]),0}, +{"PBMAC1","PBMAC1",NID_pbmac1,9,&(lvalues[941]),0}, +{"hmacWithSHA1","hmacWithSHA1",NID_hmacWithSHA1,8,&(lvalues[950]),0}, +{"id-qt-cps","Policy Qualifier CPS",NID_id_qt_cps,8,&(lvalues[958]),0}, +{"id-qt-unotice","Policy Qualifier User Notice",NID_id_qt_unotice,8, + &(lvalues[966]),0}, +{"RC2-64-CBC","rc2-64-cbc",NID_rc2_64_cbc,0,NULL}, +{"SMIME-CAPS","S/MIME Capabilities",NID_SMIMECapabilities,9, + &(lvalues[974]),0}, +{"PBE-MD2-RC2-64","pbeWithMD2AndRC2-CBC",NID_pbeWithMD2AndRC2_CBC,9, + &(lvalues[983]),0}, +{"PBE-MD5-RC2-64","pbeWithMD5AndRC2-CBC",NID_pbeWithMD5AndRC2_CBC,9, + &(lvalues[992]),0}, +{"PBE-SHA1-DES","pbeWithSHA1AndDES-CBC",NID_pbeWithSHA1AndDES_CBC,9, + &(lvalues[1001]),0}, +{"msExtReq","Microsoft Extension Request",NID_ms_ext_req,10, + &(lvalues[1010]),0}, +{"extReq","Extension Request",NID_ext_req,9,&(lvalues[1020]),0}, +{"name","name",NID_name,3,&(lvalues[1029]),0}, +{"dnQualifier","dnQualifier",NID_dnQualifier,3,&(lvalues[1032]),0}, +{"id-pe","id-pe",NID_id_pe,7,&(lvalues[1035]),0}, +{"id-ad","id-ad",NID_id_ad,7,&(lvalues[1042]),0}, +{"authorityInfoAccess","Authority Information Access",NID_info_access, + 8,&(lvalues[1049]),0}, +{"OCSP","OCSP",NID_ad_OCSP,8,&(lvalues[1057]),0}, +{"caIssuers","CA Issuers",NID_ad_ca_issuers,8,&(lvalues[1065]),0}, +{"OCSPSigning","OCSP Signing",NID_OCSP_sign,8,&(lvalues[1073]),0}, +{"ISO","iso",NID_iso,1,&(lvalues[1081]),0}, +{"member-body","ISO Member Body",NID_member_body,1,&(lvalues[1082]),0}, +{"ISO-US","ISO US Member Body",NID_ISO_US,3,&(lvalues[1083]),0}, +{"X9-57","X9.57",NID_X9_57,5,&(lvalues[1086]),0}, +{"X9cm","X9.57 CM ?",NID_X9cm,6,&(lvalues[1091]),0}, +{"pkcs1","pkcs1",NID_pkcs1,8,&(lvalues[1097]),0}, +{"pkcs5","pkcs5",NID_pkcs5,8,&(lvalues[1105]),0}, +{"SMIME","S/MIME",NID_SMIME,9,&(lvalues[1113]),0}, +{"id-smime-mod","id-smime-mod",NID_id_smime_mod,10,&(lvalues[1122]),0}, +{"id-smime-ct","id-smime-ct",NID_id_smime_ct,10,&(lvalues[1132]),0}, +{"id-smime-aa","id-smime-aa",NID_id_smime_aa,10,&(lvalues[1142]),0}, +{"id-smime-alg","id-smime-alg",NID_id_smime_alg,10,&(lvalues[1152]),0}, +{"id-smime-cd","id-smime-cd",NID_id_smime_cd,10,&(lvalues[1162]),0}, +{"id-smime-spq","id-smime-spq",NID_id_smime_spq,10,&(lvalues[1172]),0}, +{"id-smime-cti","id-smime-cti",NID_id_smime_cti,10,&(lvalues[1182]),0}, +{"id-smime-mod-cms","id-smime-mod-cms",NID_id_smime_mod_cms,11, + &(lvalues[1192]),0}, +{"id-smime-mod-ess","id-smime-mod-ess",NID_id_smime_mod_ess,11, + &(lvalues[1203]),0}, +{"id-smime-mod-oid","id-smime-mod-oid",NID_id_smime_mod_oid,11, + &(lvalues[1214]),0}, +{"id-smime-mod-msg-v3","id-smime-mod-msg-v3",NID_id_smime_mod_msg_v3, + 11,&(lvalues[1225]),0}, +{"id-smime-mod-ets-eSignature-88","id-smime-mod-ets-eSignature-88", + NID_id_smime_mod_ets_eSignature_88,11,&(lvalues[1236]),0}, +{"id-smime-mod-ets-eSignature-97","id-smime-mod-ets-eSignature-97", + NID_id_smime_mod_ets_eSignature_97,11,&(lvalues[1247]),0}, +{"id-smime-mod-ets-eSigPolicy-88","id-smime-mod-ets-eSigPolicy-88", + NID_id_smime_mod_ets_eSigPolicy_88,11,&(lvalues[1258]),0}, +{"id-smime-mod-ets-eSigPolicy-97","id-smime-mod-ets-eSigPolicy-97", + NID_id_smime_mod_ets_eSigPolicy_97,11,&(lvalues[1269]),0}, +{"id-smime-ct-receipt","id-smime-ct-receipt",NID_id_smime_ct_receipt, + 11,&(lvalues[1280]),0}, +{"id-smime-ct-authData","id-smime-ct-authData", + NID_id_smime_ct_authData,11,&(lvalues[1291]),0}, +{"id-smime-ct-publishCert","id-smime-ct-publishCert", + NID_id_smime_ct_publishCert,11,&(lvalues[1302]),0}, +{"id-smime-ct-TSTInfo","id-smime-ct-TSTInfo",NID_id_smime_ct_TSTInfo, + 11,&(lvalues[1313]),0}, +{"id-smime-ct-TDTInfo","id-smime-ct-TDTInfo",NID_id_smime_ct_TDTInfo, + 11,&(lvalues[1324]),0}, +{"id-smime-ct-contentInfo","id-smime-ct-contentInfo", + NID_id_smime_ct_contentInfo,11,&(lvalues[1335]),0}, +{"id-smime-ct-DVCSRequestData","id-smime-ct-DVCSRequestData", + NID_id_smime_ct_DVCSRequestData,11,&(lvalues[1346]),0}, +{"id-smime-ct-DVCSResponseData","id-smime-ct-DVCSResponseData", + NID_id_smime_ct_DVCSResponseData,11,&(lvalues[1357]),0}, +{"id-smime-aa-receiptRequest","id-smime-aa-receiptRequest", + NID_id_smime_aa_receiptRequest,11,&(lvalues[1368]),0}, +{"id-smime-aa-securityLabel","id-smime-aa-securityLabel", + NID_id_smime_aa_securityLabel,11,&(lvalues[1379]),0}, +{"id-smime-aa-mlExpandHistory","id-smime-aa-mlExpandHistory", + NID_id_smime_aa_mlExpandHistory,11,&(lvalues[1390]),0}, +{"id-smime-aa-contentHint","id-smime-aa-contentHint", + NID_id_smime_aa_contentHint,11,&(lvalues[1401]),0}, +{"id-smime-aa-msgSigDigest","id-smime-aa-msgSigDigest", + NID_id_smime_aa_msgSigDigest,11,&(lvalues[1412]),0}, +{"id-smime-aa-encapContentType","id-smime-aa-encapContentType", + NID_id_smime_aa_encapContentType,11,&(lvalues[1423]),0}, +{"id-smime-aa-contentIdentifier","id-smime-aa-contentIdentifier", + NID_id_smime_aa_contentIdentifier,11,&(lvalues[1434]),0}, +{"id-smime-aa-macValue","id-smime-aa-macValue", + NID_id_smime_aa_macValue,11,&(lvalues[1445]),0}, +{"id-smime-aa-equivalentLabels","id-smime-aa-equivalentLabels", + NID_id_smime_aa_equivalentLabels,11,&(lvalues[1456]),0}, +{"id-smime-aa-contentReference","id-smime-aa-contentReference", + NID_id_smime_aa_contentReference,11,&(lvalues[1467]),0}, +{"id-smime-aa-encrypKeyPref","id-smime-aa-encrypKeyPref", + NID_id_smime_aa_encrypKeyPref,11,&(lvalues[1478]),0}, +{"id-smime-aa-signingCertificate","id-smime-aa-signingCertificate", + NID_id_smime_aa_signingCertificate,11,&(lvalues[1489]),0}, +{"id-smime-aa-smimeEncryptCerts","id-smime-aa-smimeEncryptCerts", + NID_id_smime_aa_smimeEncryptCerts,11,&(lvalues[1500]),0}, +{"id-smime-aa-timeStampToken","id-smime-aa-timeStampToken", + NID_id_smime_aa_timeStampToken,11,&(lvalues[1511]),0}, +{"id-smime-aa-ets-sigPolicyId","id-smime-aa-ets-sigPolicyId", + NID_id_smime_aa_ets_sigPolicyId,11,&(lvalues[1522]),0}, +{"id-smime-aa-ets-commitmentType","id-smime-aa-ets-commitmentType", + NID_id_smime_aa_ets_commitmentType,11,&(lvalues[1533]),0}, +{"id-smime-aa-ets-signerLocation","id-smime-aa-ets-signerLocation", + NID_id_smime_aa_ets_signerLocation,11,&(lvalues[1544]),0}, +{"id-smime-aa-ets-signerAttr","id-smime-aa-ets-signerAttr", + NID_id_smime_aa_ets_signerAttr,11,&(lvalues[1555]),0}, +{"id-smime-aa-ets-otherSigCert","id-smime-aa-ets-otherSigCert", + NID_id_smime_aa_ets_otherSigCert,11,&(lvalues[1566]),0}, +{"id-smime-aa-ets-contentTimestamp", + "id-smime-aa-ets-contentTimestamp", + NID_id_smime_aa_ets_contentTimestamp,11,&(lvalues[1577]),0}, +{"id-smime-aa-ets-CertificateRefs","id-smime-aa-ets-CertificateRefs", + NID_id_smime_aa_ets_CertificateRefs,11,&(lvalues[1588]),0}, +{"id-smime-aa-ets-RevocationRefs","id-smime-aa-ets-RevocationRefs", + NID_id_smime_aa_ets_RevocationRefs,11,&(lvalues[1599]),0}, +{"id-smime-aa-ets-certValues","id-smime-aa-ets-certValues", + NID_id_smime_aa_ets_certValues,11,&(lvalues[1610]),0}, +{"id-smime-aa-ets-revocationValues", + "id-smime-aa-ets-revocationValues", + NID_id_smime_aa_ets_revocationValues,11,&(lvalues[1621]),0}, +{"id-smime-aa-ets-escTimeStamp","id-smime-aa-ets-escTimeStamp", + NID_id_smime_aa_ets_escTimeStamp,11,&(lvalues[1632]),0}, +{"id-smime-aa-ets-certCRLTimestamp", + "id-smime-aa-ets-certCRLTimestamp", + NID_id_smime_aa_ets_certCRLTimestamp,11,&(lvalues[1643]),0}, +{"id-smime-aa-ets-archiveTimeStamp", + "id-smime-aa-ets-archiveTimeStamp", + NID_id_smime_aa_ets_archiveTimeStamp,11,&(lvalues[1654]),0}, +{"id-smime-aa-signatureType","id-smime-aa-signatureType", + NID_id_smime_aa_signatureType,11,&(lvalues[1665]),0}, +{"id-smime-aa-dvcs-dvc","id-smime-aa-dvcs-dvc", + NID_id_smime_aa_dvcs_dvc,11,&(lvalues[1676]),0}, +{"id-smime-alg-ESDHwith3DES","id-smime-alg-ESDHwith3DES", + NID_id_smime_alg_ESDHwith3DES,11,&(lvalues[1687]),0}, +{"id-smime-alg-ESDHwithRC2","id-smime-alg-ESDHwithRC2", + NID_id_smime_alg_ESDHwithRC2,11,&(lvalues[1698]),0}, +{"id-smime-alg-3DESwrap","id-smime-alg-3DESwrap", + NID_id_smime_alg_3DESwrap,11,&(lvalues[1709]),0}, +{"id-smime-alg-RC2wrap","id-smime-alg-RC2wrap", + NID_id_smime_alg_RC2wrap,11,&(lvalues[1720]),0}, +{"id-smime-alg-ESDH","id-smime-alg-ESDH",NID_id_smime_alg_ESDH,11, + &(lvalues[1731]),0}, +{"id-smime-alg-CMS3DESwrap","id-smime-alg-CMS3DESwrap", + NID_id_smime_alg_CMS3DESwrap,11,&(lvalues[1742]),0}, +{"id-smime-alg-CMSRC2wrap","id-smime-alg-CMSRC2wrap", + NID_id_smime_alg_CMSRC2wrap,11,&(lvalues[1753]),0}, +{"id-smime-cd-ldap","id-smime-cd-ldap",NID_id_smime_cd_ldap,11, + &(lvalues[1764]),0}, +{"id-smime-spq-ets-sqt-uri","id-smime-spq-ets-sqt-uri", + NID_id_smime_spq_ets_sqt_uri,11,&(lvalues[1775]),0}, +{"id-smime-spq-ets-sqt-unotice","id-smime-spq-ets-sqt-unotice", + NID_id_smime_spq_ets_sqt_unotice,11,&(lvalues[1786]),0}, +{"id-smime-cti-ets-proofOfOrigin","id-smime-cti-ets-proofOfOrigin", + NID_id_smime_cti_ets_proofOfOrigin,11,&(lvalues[1797]),0}, +{"id-smime-cti-ets-proofOfReceipt","id-smime-cti-ets-proofOfReceipt", + NID_id_smime_cti_ets_proofOfReceipt,11,&(lvalues[1808]),0}, +{"id-smime-cti-ets-proofOfDelivery", + "id-smime-cti-ets-proofOfDelivery", + NID_id_smime_cti_ets_proofOfDelivery,11,&(lvalues[1819]),0}, +{"id-smime-cti-ets-proofOfSender","id-smime-cti-ets-proofOfSender", + NID_id_smime_cti_ets_proofOfSender,11,&(lvalues[1830]),0}, +{"id-smime-cti-ets-proofOfApproval", + "id-smime-cti-ets-proofOfApproval", + NID_id_smime_cti_ets_proofOfApproval,11,&(lvalues[1841]),0}, +{"id-smime-cti-ets-proofOfCreation", + "id-smime-cti-ets-proofOfCreation", + NID_id_smime_cti_ets_proofOfCreation,11,&(lvalues[1852]),0}, +{"MD4","md4",NID_md4,8,&(lvalues[1863]),0}, +{"id-pkix-mod","id-pkix-mod",NID_id_pkix_mod,7,&(lvalues[1871]),0}, +{"id-qt","id-qt",NID_id_qt,7,&(lvalues[1878]),0}, +{"id-it","id-it",NID_id_it,7,&(lvalues[1885]),0}, +{"id-pkip","id-pkip",NID_id_pkip,7,&(lvalues[1892]),0}, +{"id-alg","id-alg",NID_id_alg,7,&(lvalues[1899]),0}, +{"id-cmc","id-cmc",NID_id_cmc,7,&(lvalues[1906]),0}, +{"id-on","id-on",NID_id_on,7,&(lvalues[1913]),0}, +{"id-pda","id-pda",NID_id_pda,7,&(lvalues[1920]),0}, +{"id-aca","id-aca",NID_id_aca,7,&(lvalues[1927]),0}, +{"id-qcs","id-qcs",NID_id_qcs,7,&(lvalues[1934]),0}, +{"id-cct","id-cct",NID_id_cct,7,&(lvalues[1941]),0}, +{"id-pkix1-explicit-88","id-pkix1-explicit-88", + NID_id_pkix1_explicit_88,8,&(lvalues[1948]),0}, +{"id-pkix1-implicit-88","id-pkix1-implicit-88", + NID_id_pkix1_implicit_88,8,&(lvalues[1956]),0}, +{"id-pkix1-explicit-93","id-pkix1-explicit-93", + NID_id_pkix1_explicit_93,8,&(lvalues[1964]),0}, +{"id-pkix1-implicit-93","id-pkix1-implicit-93", + NID_id_pkix1_implicit_93,8,&(lvalues[1972]),0}, +{"id-mod-crmf","id-mod-crmf",NID_id_mod_crmf,8,&(lvalues[1980]),0}, +{"id-mod-cmc","id-mod-cmc",NID_id_mod_cmc,8,&(lvalues[1988]),0}, +{"id-mod-kea-profile-88","id-mod-kea-profile-88", + NID_id_mod_kea_profile_88,8,&(lvalues[1996]),0}, +{"id-mod-kea-profile-93","id-mod-kea-profile-93", + NID_id_mod_kea_profile_93,8,&(lvalues[2004]),0}, +{"id-mod-cmp","id-mod-cmp",NID_id_mod_cmp,8,&(lvalues[2012]),0}, +{"id-mod-qualified-cert-88","id-mod-qualified-cert-88", + NID_id_mod_qualified_cert_88,8,&(lvalues[2020]),0}, +{"id-mod-qualified-cert-93","id-mod-qualified-cert-93", + NID_id_mod_qualified_cert_93,8,&(lvalues[2028]),0}, +{"id-mod-attribute-cert","id-mod-attribute-cert", + NID_id_mod_attribute_cert,8,&(lvalues[2036]),0}, +{"id-mod-timestamp-protocol","id-mod-timestamp-protocol", + NID_id_mod_timestamp_protocol,8,&(lvalues[2044]),0}, +{"id-mod-ocsp","id-mod-ocsp",NID_id_mod_ocsp,8,&(lvalues[2052]),0}, +{"id-mod-dvcs","id-mod-dvcs",NID_id_mod_dvcs,8,&(lvalues[2060]),0}, +{"id-mod-cmp2000","id-mod-cmp2000",NID_id_mod_cmp2000,8, + &(lvalues[2068]),0}, +{"biometricInfo","Biometric Info",NID_biometricInfo,8,&(lvalues[2076]),0}, +{"qcStatements","qcStatements",NID_qcStatements,8,&(lvalues[2084]),0}, +{"ac-auditEntity","ac-auditEntity",NID_ac_auditEntity,8, + &(lvalues[2092]),0}, +{"ac-targeting","ac-targeting",NID_ac_targeting,8,&(lvalues[2100]),0}, +{"aaControls","aaControls",NID_aaControls,8,&(lvalues[2108]),0}, +{"sbqp-ipAddrBlock","sbqp-ipAddrBlock",NID_sbqp_ipAddrBlock,8, + &(lvalues[2116]),0}, +{"sbqp-autonomousSysNum","sbqp-autonomousSysNum", + NID_sbqp_autonomousSysNum,8,&(lvalues[2124]),0}, +{"sbqp-routerIdentifier","sbqp-routerIdentifier", + NID_sbqp_routerIdentifier,8,&(lvalues[2132]),0}, +{"textNotice","textNotice",NID_textNotice,8,&(lvalues[2140]),0}, +{"ipsecEndSystem","IPSec End System",NID_ipsecEndSystem,8, + &(lvalues[2148]),0}, +{"ipsecTunnel","IPSec Tunnel",NID_ipsecTunnel,8,&(lvalues[2156]),0}, +{"ipsecUser","IPSec User",NID_ipsecUser,8,&(lvalues[2164]),0}, +{"DVCS","dvcs",NID_dvcs,8,&(lvalues[2172]),0}, +{"id-it-caProtEncCert","id-it-caProtEncCert",NID_id_it_caProtEncCert, + 8,&(lvalues[2180]),0}, +{"id-it-signKeyPairTypes","id-it-signKeyPairTypes", + NID_id_it_signKeyPairTypes,8,&(lvalues[2188]),0}, +{"id-it-encKeyPairTypes","id-it-encKeyPairTypes", + NID_id_it_encKeyPairTypes,8,&(lvalues[2196]),0}, +{"id-it-preferredSymmAlg","id-it-preferredSymmAlg", + NID_id_it_preferredSymmAlg,8,&(lvalues[2204]),0}, +{"id-it-caKeyUpdateInfo","id-it-caKeyUpdateInfo", + NID_id_it_caKeyUpdateInfo,8,&(lvalues[2212]),0}, +{"id-it-currentCRL","id-it-currentCRL",NID_id_it_currentCRL,8, + &(lvalues[2220]),0}, +{"id-it-unsupportedOIDs","id-it-unsupportedOIDs", + NID_id_it_unsupportedOIDs,8,&(lvalues[2228]),0}, +{"id-it-subscriptionRequest","id-it-subscriptionRequest", + NID_id_it_subscriptionRequest,8,&(lvalues[2236]),0}, +{"id-it-subscriptionResponse","id-it-subscriptionResponse", + NID_id_it_subscriptionResponse,8,&(lvalues[2244]),0}, +{"id-it-keyPairParamReq","id-it-keyPairParamReq", + NID_id_it_keyPairParamReq,8,&(lvalues[2252]),0}, +{"id-it-keyPairParamRep","id-it-keyPairParamRep", + NID_id_it_keyPairParamRep,8,&(lvalues[2260]),0}, +{"id-it-revPassphrase","id-it-revPassphrase",NID_id_it_revPassphrase, + 8,&(lvalues[2268]),0}, +{"id-it-implicitConfirm","id-it-implicitConfirm", + NID_id_it_implicitConfirm,8,&(lvalues[2276]),0}, +{"id-it-confirmWaitTime","id-it-confirmWaitTime", + NID_id_it_confirmWaitTime,8,&(lvalues[2284]),0}, +{"id-it-origPKIMessage","id-it-origPKIMessage", + NID_id_it_origPKIMessage,8,&(lvalues[2292]),0}, +{"id-regCtrl","id-regCtrl",NID_id_regCtrl,8,&(lvalues[2300]),0}, +{"id-regInfo","id-regInfo",NID_id_regInfo,8,&(lvalues[2308]),0}, +{"id-regCtrl-regToken","id-regCtrl-regToken",NID_id_regCtrl_regToken, + 9,&(lvalues[2316]),0}, +{"id-regCtrl-authenticator","id-regCtrl-authenticator", + NID_id_regCtrl_authenticator,9,&(lvalues[2325]),0}, +{"id-regCtrl-pkiPublicationInfo","id-regCtrl-pkiPublicationInfo", + NID_id_regCtrl_pkiPublicationInfo,9,&(lvalues[2334]),0}, +{"id-regCtrl-pkiArchiveOptions","id-regCtrl-pkiArchiveOptions", + NID_id_regCtrl_pkiArchiveOptions,9,&(lvalues[2343]),0}, +{"id-regCtrl-oldCertID","id-regCtrl-oldCertID", + NID_id_regCtrl_oldCertID,9,&(lvalues[2352]),0}, +{"id-regCtrl-protocolEncrKey","id-regCtrl-protocolEncrKey", + NID_id_regCtrl_protocolEncrKey,9,&(lvalues[2361]),0}, +{"id-regInfo-utf8Pairs","id-regInfo-utf8Pairs", + NID_id_regInfo_utf8Pairs,9,&(lvalues[2370]),0}, +{"id-regInfo-certReq","id-regInfo-certReq",NID_id_regInfo_certReq,9, + &(lvalues[2379]),0}, +{"id-alg-des40","id-alg-des40",NID_id_alg_des40,8,&(lvalues[2388]),0}, +{"id-alg-noSignature","id-alg-noSignature",NID_id_alg_noSignature,8, + &(lvalues[2396]),0}, +{"id-alg-dh-sig-hmac-sha1","id-alg-dh-sig-hmac-sha1", + NID_id_alg_dh_sig_hmac_sha1,8,&(lvalues[2404]),0}, +{"id-alg-dh-pop","id-alg-dh-pop",NID_id_alg_dh_pop,8,&(lvalues[2412]),0}, +{"id-cmc-statusInfo","id-cmc-statusInfo",NID_id_cmc_statusInfo,8, + &(lvalues[2420]),0}, +{"id-cmc-identification","id-cmc-identification", + NID_id_cmc_identification,8,&(lvalues[2428]),0}, +{"id-cmc-identityProof","id-cmc-identityProof", + NID_id_cmc_identityProof,8,&(lvalues[2436]),0}, +{"id-cmc-dataReturn","id-cmc-dataReturn",NID_id_cmc_dataReturn,8, + &(lvalues[2444]),0}, +{"id-cmc-transactionId","id-cmc-transactionId", + NID_id_cmc_transactionId,8,&(lvalues[2452]),0}, +{"id-cmc-senderNonce","id-cmc-senderNonce",NID_id_cmc_senderNonce,8, + &(lvalues[2460]),0}, +{"id-cmc-recipientNonce","id-cmc-recipientNonce", + NID_id_cmc_recipientNonce,8,&(lvalues[2468]),0}, +{"id-cmc-addExtensions","id-cmc-addExtensions", + NID_id_cmc_addExtensions,8,&(lvalues[2476]),0}, +{"id-cmc-encryptedPOP","id-cmc-encryptedPOP",NID_id_cmc_encryptedPOP, + 8,&(lvalues[2484]),0}, +{"id-cmc-decryptedPOP","id-cmc-decryptedPOP",NID_id_cmc_decryptedPOP, + 8,&(lvalues[2492]),0}, +{"id-cmc-lraPOPWitness","id-cmc-lraPOPWitness", + NID_id_cmc_lraPOPWitness,8,&(lvalues[2500]),0}, +{"id-cmc-getCert","id-cmc-getCert",NID_id_cmc_getCert,8, + &(lvalues[2508]),0}, +{"id-cmc-getCRL","id-cmc-getCRL",NID_id_cmc_getCRL,8,&(lvalues[2516]),0}, +{"id-cmc-revokeRequest","id-cmc-revokeRequest", + NID_id_cmc_revokeRequest,8,&(lvalues[2524]),0}, +{"id-cmc-regInfo","id-cmc-regInfo",NID_id_cmc_regInfo,8, + &(lvalues[2532]),0}, +{"id-cmc-responseInfo","id-cmc-responseInfo",NID_id_cmc_responseInfo, + 8,&(lvalues[2540]),0}, +{"id-cmc-queryPending","id-cmc-queryPending",NID_id_cmc_queryPending, + 8,&(lvalues[2548]),0}, +{"id-cmc-popLinkRandom","id-cmc-popLinkRandom", + NID_id_cmc_popLinkRandom,8,&(lvalues[2556]),0}, +{"id-cmc-popLinkWitness","id-cmc-popLinkWitness", + NID_id_cmc_popLinkWitness,8,&(lvalues[2564]),0}, +{"id-cmc-confirmCertAcceptance","id-cmc-confirmCertAcceptance", + NID_id_cmc_confirmCertAcceptance,8,&(lvalues[2572]),0}, +{"id-on-personalData","id-on-personalData",NID_id_on_personalData,8, + &(lvalues[2580]),0}, +{"id-pda-dateOfBirth","id-pda-dateOfBirth",NID_id_pda_dateOfBirth,8, + &(lvalues[2588]),0}, +{"id-pda-placeOfBirth","id-pda-placeOfBirth",NID_id_pda_placeOfBirth, + 8,&(lvalues[2596]),0}, +{NULL,NULL,NID_undef,0,NULL}, +{"id-pda-gender","id-pda-gender",NID_id_pda_gender,8,&(lvalues[2604]),0}, +{"id-pda-countryOfCitizenship","id-pda-countryOfCitizenship", + NID_id_pda_countryOfCitizenship,8,&(lvalues[2612]),0}, +{"id-pda-countryOfResidence","id-pda-countryOfResidence", + NID_id_pda_countryOfResidence,8,&(lvalues[2620]),0}, +{"id-aca-authenticationInfo","id-aca-authenticationInfo", + NID_id_aca_authenticationInfo,8,&(lvalues[2628]),0}, +{"id-aca-accessIdentity","id-aca-accessIdentity", + NID_id_aca_accessIdentity,8,&(lvalues[2636]),0}, +{"id-aca-chargingIdentity","id-aca-chargingIdentity", + NID_id_aca_chargingIdentity,8,&(lvalues[2644]),0}, +{"id-aca-group","id-aca-group",NID_id_aca_group,8,&(lvalues[2652]),0}, +{"id-aca-role","id-aca-role",NID_id_aca_role,8,&(lvalues[2660]),0}, +{"id-qcs-pkixQCSyntax-v1","id-qcs-pkixQCSyntax-v1", + NID_id_qcs_pkixQCSyntax_v1,8,&(lvalues[2668]),0}, +{"id-cct-crs","id-cct-crs",NID_id_cct_crs,8,&(lvalues[2676]),0}, +{"id-cct-PKIData","id-cct-PKIData",NID_id_cct_PKIData,8, + &(lvalues[2684]),0}, +{"id-cct-PKIResponse","id-cct-PKIResponse",NID_id_cct_PKIResponse,8, + &(lvalues[2692]),0}, +{"ad_timestamping","AD Time Stamping",NID_ad_timeStamping,8, + &(lvalues[2700]),0}, +{"AD_DVCS","ad dvcs",NID_ad_dvcs,8,&(lvalues[2708]),0}, +{"basicOCSPResponse","Basic OCSP Response",NID_id_pkix_OCSP_basic,9, + &(lvalues[2716]),0}, +{"Nonce","OCSP Nonce",NID_id_pkix_OCSP_Nonce,9,&(lvalues[2725]),0}, +{"CrlID","OCSP CRL ID",NID_id_pkix_OCSP_CrlID,9,&(lvalues[2734]),0}, +{"acceptableResponses","Acceptable OCSP Responses", + NID_id_pkix_OCSP_acceptableResponses,9,&(lvalues[2743]),0}, +{"noCheck","OCSP No Check",NID_id_pkix_OCSP_noCheck,9,&(lvalues[2752]),0}, +{"archiveCutoff","OCSP Archive Cutoff",NID_id_pkix_OCSP_archiveCutoff, + 9,&(lvalues[2761]),0}, +{"serviceLocator","OCSP Service Locator", + NID_id_pkix_OCSP_serviceLocator,9,&(lvalues[2770]),0}, +{"extendedStatus","Extended OCSP Status", + NID_id_pkix_OCSP_extendedStatus,9,&(lvalues[2779]),0}, +{"valid","valid",NID_id_pkix_OCSP_valid,9,&(lvalues[2788]),0}, +{"path","path",NID_id_pkix_OCSP_path,9,&(lvalues[2797]),0}, +{"trustRoot","Trust Root",NID_id_pkix_OCSP_trustRoot,9, + &(lvalues[2806]),0}, +{"algorithm","algorithm",NID_algorithm,4,&(lvalues[2815]),0}, +{"rsaSignature","rsaSignature",NID_rsaSignature,5,&(lvalues[2819]),0}, +{"X500algorithms","directory services - algorithms", + NID_X500algorithms,2,&(lvalues[2824]),0}, +{"ORG","org",NID_org,1,&(lvalues[2826]),0}, +{"DOD","dod",NID_dod,2,&(lvalues[2827]),0}, +{"IANA","iana",NID_iana,3,&(lvalues[2829]),0}, +{"directory","Directory",NID_Directory,4,&(lvalues[2832]),0}, +{"mgmt","Management",NID_Management,4,&(lvalues[2836]),0}, +{"experimental","Experimental",NID_Experimental,4,&(lvalues[2840]),0}, +{"private","Private",NID_Private,4,&(lvalues[2844]),0}, +{"security","Security",NID_Security,4,&(lvalues[2848]),0}, +{"snmpv2","SNMPv2",NID_SNMPv2,4,&(lvalues[2852]),0}, +{"Mail","Mail",NID_Mail,4,&(lvalues[2856]),0}, +{"enterprises","Enterprises",NID_Enterprises,5,&(lvalues[2860]),0}, +{"dcobject","dcObject",NID_dcObject,9,&(lvalues[2865]),0}, +{"DC","domainComponent",NID_domainComponent,10,&(lvalues[2874]),0}, +{"domain","Domain",NID_Domain,10,&(lvalues[2884]),0}, +{"JOINT-ISO-CCITT","joint-iso-ccitt",NID_joint_iso_ccitt,1, + &(lvalues[2894]),0}, +{"selected-attribute-types","Selected Attribute Types", + NID_selected_attribute_types,3,&(lvalues[2895]),0}, +{"clearance","clearance",NID_clearance,4,&(lvalues[2898]),0}, +{"RSA-MD4","md4WithRSAEncryption",NID_md4WithRSAEncryption,9, + &(lvalues[2902]),0}, +{"ac-proxying","ac-proxying",NID_ac_proxying,8,&(lvalues[2911]),0}, +{"subjectInfoAccess","Subject Information Access",NID_sinfo_access,8, + &(lvalues[2919]),0}, +{"id-aca-encAttrs","id-aca-encAttrs",NID_id_aca_encAttrs,8, + &(lvalues[2927]),0}, +{"role","role",NID_role,3,&(lvalues[2935]),0}, +{"policyConstraints","X509v3 Policy Constraints", + NID_policy_constraints,3,&(lvalues[2938]),0}, +{"targetInformation","X509v3 AC Targeting",NID_target_information,3, + &(lvalues[2941]),0}, +{"noRevAvail","X509v3 No Revocation Available",NID_no_rev_avail,3, + &(lvalues[2944]),0}, +{"CCITT","ccitt",NID_ccitt,1,&(lvalues[2947]),0}, +{"ansi-X9-62","ANSI X9.62",NID_ansi_X9_62,5,&(lvalues[2948]),0}, +{"prime-field","prime-field",NID_X9_62_prime_field,7,&(lvalues[2953]),0}, +{"characteristic-two-field","characteristic-two-field", + NID_X9_62_characteristic_two_field,7,&(lvalues[2960]),0}, +{"id-ecPublicKey","id-ecPublicKey",NID_X9_62_id_ecPublicKey,7, + &(lvalues[2967]),0}, +{"prime192v1","prime192v1",NID_X9_62_prime192v1,8,&(lvalues[2974]),0}, +{"prime192v2","prime192v2",NID_X9_62_prime192v2,8,&(lvalues[2982]),0}, +{"prime192v3","prime192v3",NID_X9_62_prime192v3,8,&(lvalues[2990]),0}, +{"prime239v1","prime239v1",NID_X9_62_prime239v1,8,&(lvalues[2998]),0}, +{"prime239v2","prime239v2",NID_X9_62_prime239v2,8,&(lvalues[3006]),0}, +{"prime239v3","prime239v3",NID_X9_62_prime239v3,8,&(lvalues[3014]),0}, +{"prime256v1","prime256v1",NID_X9_62_prime256v1,8,&(lvalues[3022]),0}, +{"ecdsa-with-SHA1","ecdsa-with-SHA1",NID_ecdsa_with_SHA1,7, + &(lvalues[3030]),0}, +{"CSPName","Microsoft CSP Name",NID_ms_csp_name,9,&(lvalues[3037]),0}, +{"AES-128-ECB","aes-128-ecb",NID_aes_128_ecb,9,&(lvalues[3046]),0}, +{"AES-128-CBC","aes-128-cbc",NID_aes_128_cbc,9,&(lvalues[3055]),0}, +{"AES-128-OFB","aes-128-ofb",NID_aes_128_ofb128,9,&(lvalues[3064]),0}, +{"AES-128-CFB","aes-128-cfb",NID_aes_128_cfb128,9,&(lvalues[3073]),0}, +{"AES-192-ECB","aes-192-ecb",NID_aes_192_ecb,9,&(lvalues[3082]),0}, +{"AES-192-CBC","aes-192-cbc",NID_aes_192_cbc,9,&(lvalues[3091]),0}, +{"AES-192-OFB","aes-192-ofb",NID_aes_192_ofb128,9,&(lvalues[3100]),0}, +{"AES-192-CFB","aes-192-cfb",NID_aes_192_cfb128,9,&(lvalues[3109]),0}, +{"AES-256-ECB","aes-256-ecb",NID_aes_256_ecb,9,&(lvalues[3118]),0}, +{"AES-256-CBC","aes-256-cbc",NID_aes_256_cbc,9,&(lvalues[3127]),0}, +{"AES-256-OFB","aes-256-ofb",NID_aes_256_ofb128,9,&(lvalues[3136]),0}, +{"AES-256-CFB","aes-256-cfb",NID_aes_256_cfb128,9,&(lvalues[3145]),0}, +{"holdInstructionCode","Hold Instruction Code", + NID_hold_instruction_code,3,&(lvalues[3154]),0}, +{"holdInstructionNone","Hold Instruction None", + NID_hold_instruction_none,7,&(lvalues[3157]),0}, +{"holdInstructionCallIssuer","Hold Instruction Call Issuer", + NID_hold_instruction_call_issuer,7,&(lvalues[3164]),0}, +{"holdInstructionReject","Hold Instruction Reject", + NID_hold_instruction_reject,7,&(lvalues[3171]),0}, +{"data","data",NID_data,1,&(lvalues[3178]),0}, +{"pss","pss",NID_pss,3,&(lvalues[3179]),0}, +{"ucl","ucl",NID_ucl,7,&(lvalues[3182]),0}, +{"pilot","pilot",NID_pilot,8,&(lvalues[3189]),0}, +{"pilotAttributeType","pilotAttributeType",NID_pilotAttributeType,9, + &(lvalues[3197]),0}, +{"pilotAttributeSyntax","pilotAttributeSyntax", + NID_pilotAttributeSyntax,9,&(lvalues[3206]),0}, +{"pilotObjectClass","pilotObjectClass",NID_pilotObjectClass,9, + &(lvalues[3215]),0}, +{"pilotGroups","pilotGroups",NID_pilotGroups,9,&(lvalues[3224]),0}, +{"iA5StringSyntax","iA5StringSyntax",NID_iA5StringSyntax,10, + &(lvalues[3233]),0}, +{"caseIgnoreIA5StringSyntax","caseIgnoreIA5StringSyntax", + NID_caseIgnoreIA5StringSyntax,10,&(lvalues[3243]),0}, +{"pilotObject","pilotObject",NID_pilotObject,10,&(lvalues[3253]),0}, +{"pilotPerson","pilotPerson",NID_pilotPerson,10,&(lvalues[3263]),0}, +{"account","account",NID_account,10,&(lvalues[3273]),0}, +{"document","document",NID_document,10,&(lvalues[3283]),0}, +{"room","room",NID_room,10,&(lvalues[3293]),0}, +{"documentSeries","documentSeries",NID_documentSeries,10, + &(lvalues[3303]),0}, +{"rFC822localPart","rFC822localPart",NID_rFC822localPart,10, + &(lvalues[3313]),0}, +{"dNSDomain","dNSDomain",NID_dNSDomain,10,&(lvalues[3323]),0}, +{"domainRelatedObject","domainRelatedObject",NID_domainRelatedObject, + 10,&(lvalues[3333]),0}, +{"friendlyCountry","friendlyCountry",NID_friendlyCountry,10, + &(lvalues[3343]),0}, +{"simpleSecurityObject","simpleSecurityObject", + NID_simpleSecurityObject,10,&(lvalues[3353]),0}, +{"pilotOrganization","pilotOrganization",NID_pilotOrganization,10, + &(lvalues[3363]),0}, +{"pilotDSA","pilotDSA",NID_pilotDSA,10,&(lvalues[3373]),0}, +{"qualityLabelledData","qualityLabelledData",NID_qualityLabelledData, + 10,&(lvalues[3383]),0}, +{"UID","userId",NID_userId,10,&(lvalues[3393]),0}, +{"textEncodedORAddress","textEncodedORAddress", + NID_textEncodedORAddress,10,&(lvalues[3403]),0}, +{"mail","rfc822Mailbox",NID_rfc822Mailbox,10,&(lvalues[3413]),0}, +{"info","info",NID_info,10,&(lvalues[3423]),0}, +{"favouriteDrink","favouriteDrink",NID_favouriteDrink,10, + &(lvalues[3433]),0}, +{"roomNumber","roomNumber",NID_roomNumber,10,&(lvalues[3443]),0}, +{"photo","photo",NID_photo,10,&(lvalues[3453]),0}, +{"userClass","userClass",NID_userClass,10,&(lvalues[3463]),0}, +{"host","host",NID_host,10,&(lvalues[3473]),0}, +{"manager","manager",NID_manager,10,&(lvalues[3483]),0}, +{"documentIdentifier","documentIdentifier",NID_documentIdentifier,10, + &(lvalues[3493]),0}, +{"documentTitle","documentTitle",NID_documentTitle,10,&(lvalues[3503]),0}, +{"documentVersion","documentVersion",NID_documentVersion,10, + &(lvalues[3513]),0}, +{"documentAuthor","documentAuthor",NID_documentAuthor,10, + &(lvalues[3523]),0}, +{"documentLocation","documentLocation",NID_documentLocation,10, + &(lvalues[3533]),0}, +{"homeTelephoneNumber","homeTelephoneNumber",NID_homeTelephoneNumber, + 10,&(lvalues[3543]),0}, +{"secretary","secretary",NID_secretary,10,&(lvalues[3553]),0}, +{"otherMailbox","otherMailbox",NID_otherMailbox,10,&(lvalues[3563]),0}, +{"lastModifiedTime","lastModifiedTime",NID_lastModifiedTime,10, + &(lvalues[3573]),0}, +{"lastModifiedBy","lastModifiedBy",NID_lastModifiedBy,10, + &(lvalues[3583]),0}, +{"aRecord","aRecord",NID_aRecord,10,&(lvalues[3593]),0}, +{"pilotAttributeType27","pilotAttributeType27", + NID_pilotAttributeType27,10,&(lvalues[3603]),0}, +{"mXRecord","mXRecord",NID_mXRecord,10,&(lvalues[3613]),0}, +{"nSRecord","nSRecord",NID_nSRecord,10,&(lvalues[3623]),0}, +{"sOARecord","sOARecord",NID_sOARecord,10,&(lvalues[3633]),0}, +{"cNAMERecord","cNAMERecord",NID_cNAMERecord,10,&(lvalues[3643]),0}, +{"associatedDomain","associatedDomain",NID_associatedDomain,10, + &(lvalues[3653]),0}, +{"associatedName","associatedName",NID_associatedName,10, + &(lvalues[3663]),0}, +{"homePostalAddress","homePostalAddress",NID_homePostalAddress,10, + &(lvalues[3673]),0}, +{"personalTitle","personalTitle",NID_personalTitle,10,&(lvalues[3683]),0}, +{"mobileTelephoneNumber","mobileTelephoneNumber", + NID_mobileTelephoneNumber,10,&(lvalues[3693]),0}, +{"pagerTelephoneNumber","pagerTelephoneNumber", + NID_pagerTelephoneNumber,10,&(lvalues[3703]),0}, +{"friendlyCountryName","friendlyCountryName",NID_friendlyCountryName, + 10,&(lvalues[3713]),0}, +{"organizationalStatus","organizationalStatus", + NID_organizationalStatus,10,&(lvalues[3723]),0}, +{"janetMailbox","janetMailbox",NID_janetMailbox,10,&(lvalues[3733]),0}, +{"mailPreferenceOption","mailPreferenceOption", + NID_mailPreferenceOption,10,&(lvalues[3743]),0}, +{"buildingName","buildingName",NID_buildingName,10,&(lvalues[3753]),0}, +{"dSAQuality","dSAQuality",NID_dSAQuality,10,&(lvalues[3763]),0}, +{"singleLevelQuality","singleLevelQuality",NID_singleLevelQuality,10, + &(lvalues[3773]),0}, +{"subtreeMinimumQuality","subtreeMinimumQuality", + NID_subtreeMinimumQuality,10,&(lvalues[3783]),0}, +{"subtreeMaximumQuality","subtreeMaximumQuality", + NID_subtreeMaximumQuality,10,&(lvalues[3793]),0}, +{"personalSignature","personalSignature",NID_personalSignature,10, + &(lvalues[3803]),0}, +{"dITRedirect","dITRedirect",NID_dITRedirect,10,&(lvalues[3813]),0}, +{"audio","audio",NID_audio,10,&(lvalues[3823]),0}, +{"documentPublisher","documentPublisher",NID_documentPublisher,10, + &(lvalues[3833]),0}, +{"x500UniqueIdentifier","x500UniqueIdentifier", + NID_x500UniqueIdentifier,3,&(lvalues[3843]),0}, +{"mime-mhs","MIME MHS",NID_mime_mhs,5,&(lvalues[3846]),0}, +{"mime-mhs-headings","mime-mhs-headings",NID_mime_mhs_headings,6, + &(lvalues[3851]),0}, +{"mime-mhs-bodies","mime-mhs-bodies",NID_mime_mhs_bodies,6, + &(lvalues[3857]),0}, +{"id-hex-partial-message","id-hex-partial-message", + NID_id_hex_partial_message,7,&(lvalues[3863]),0}, +{"id-hex-multipart-message","id-hex-multipart-message", + NID_id_hex_multipart_message,7,&(lvalues[3870]),0}, +{"generationQualifier","generationQualifier",NID_generationQualifier, + 3,&(lvalues[3877]),0}, }; static ASN1_OBJECT *sn_objs[NUM_SN]={ +&(nid_objs[364]),/* "AD_DVCS" */ +&(nid_objs[419]),/* "AES-128-CBC" */ +&(nid_objs[421]),/* "AES-128-CFB" */ +&(nid_objs[418]),/* "AES-128-ECB" */ +&(nid_objs[420]),/* "AES-128-OFB" */ +&(nid_objs[423]),/* "AES-192-CBC" */ +&(nid_objs[425]),/* "AES-192-CFB" */ +&(nid_objs[422]),/* "AES-192-ECB" */ +&(nid_objs[424]),/* "AES-192-OFB" */ +&(nid_objs[427]),/* "AES-256-CBC" */ +&(nid_objs[429]),/* "AES-256-CFB" */ +&(nid_objs[426]),/* "AES-256-ECB" */ +&(nid_objs[428]),/* "AES-256-OFB" */ &(nid_objs[91]),/* "BF-CBC" */ &(nid_objs[93]),/* "BF-CFB" */ &(nid_objs[92]),/* "BF-ECB" */ @@ -343,8 +1359,12 @@ static ASN1_OBJECT *sn_objs[NUM_SN]={ &(nid_objs[110]),/* "CAST5-CFB" */ &(nid_objs[109]),/* "CAST5-ECB" */ &(nid_objs[111]),/* "CAST5-OFB" */ +&(nid_objs[404]),/* "CCITT" */ &(nid_objs[13]),/* "CN" */ -&(nid_objs[107]),/* "D" */ +&(nid_objs[141]),/* "CRLReason" */ +&(nid_objs[417]),/* "CSPName" */ +&(nid_objs[367]),/* "CrlID" */ +&(nid_objs[391]),/* "DC" */ &(nid_objs[31]),/* "DES-CBC" */ &(nid_objs[30]),/* "DES-CFB" */ &(nid_objs[29]),/* "DES-ECB" */ @@ -358,27 +1378,53 @@ static ASN1_OBJECT *sn_objs[NUM_SN]={ &(nid_objs[63]),/* "DES-EDE3-OFB" */ &(nid_objs[45]),/* "DES-OFB" */ &(nid_objs[80]),/* "DESX-CBC" */ +&(nid_objs[380]),/* "DOD" */ &(nid_objs[116]),/* "DSA" */ &(nid_objs[66]),/* "DSA-SHA" */ &(nid_objs[113]),/* "DSA-SHA1" */ &(nid_objs[70]),/* "DSA-SHA1-old" */ &(nid_objs[67]),/* "DSA-old" */ -&(nid_objs[48]),/* "Email" */ -&(nid_objs[99]),/* "G" */ -&(nid_objs[101]),/* "I" */ +&(nid_objs[297]),/* "DVCS" */ +&(nid_objs[381]),/* "IANA" */ &(nid_objs[34]),/* "IDEA-CBC" */ &(nid_objs[35]),/* "IDEA-CFB" */ &(nid_objs[36]),/* "IDEA-ECB" */ &(nid_objs[46]),/* "IDEA-OFB" */ +&(nid_objs[181]),/* "ISO" */ +&(nid_objs[183]),/* "ISO-US" */ +&(nid_objs[393]),/* "JOINT-ISO-CCITT" */ &(nid_objs[15]),/* "L" */ &(nid_objs[ 3]),/* "MD2" */ +&(nid_objs[257]),/* "MD4" */ &(nid_objs[ 4]),/* "MD5" */ &(nid_objs[114]),/* "MD5-SHA1" */ &(nid_objs[95]),/* "MDC2" */ +&(nid_objs[388]),/* "Mail" */ &(nid_objs[57]),/* "Netscape" */ +&(nid_objs[366]),/* "Nonce" */ &(nid_objs[17]),/* "O" */ +&(nid_objs[178]),/* "OCSP" */ +&(nid_objs[180]),/* "OCSPSigning" */ +&(nid_objs[379]),/* "ORG" */ &(nid_objs[18]),/* "OU" */ +&(nid_objs[ 9]),/* "PBE-MD2-DES" */ +&(nid_objs[168]),/* "PBE-MD2-RC2-64" */ +&(nid_objs[10]),/* "PBE-MD5-DES" */ +&(nid_objs[169]),/* "PBE-MD5-RC2-64" */ +&(nid_objs[147]),/* "PBE-SHA1-2DES" */ +&(nid_objs[146]),/* "PBE-SHA1-3DES" */ +&(nid_objs[170]),/* "PBE-SHA1-DES" */ +&(nid_objs[148]),/* "PBE-SHA1-RC2-128" */ +&(nid_objs[149]),/* "PBE-SHA1-RC2-40" */ +&(nid_objs[68]),/* "PBE-SHA1-RC2-64" */ +&(nid_objs[144]),/* "PBE-SHA1-RC4-128" */ +&(nid_objs[145]),/* "PBE-SHA1-RC4-40" */ +&(nid_objs[161]),/* "PBES2" */ +&(nid_objs[69]),/* "PBKDF2" */ +&(nid_objs[162]),/* "PBMAC1" */ +&(nid_objs[127]),/* "PKIX" */ &(nid_objs[98]),/* "RC2-40-CBC" */ +&(nid_objs[166]),/* "RC2-64-CBC" */ &(nid_objs[37]),/* "RC2-CBC" */ &(nid_objs[39]),/* "RC2-CFB" */ &(nid_objs[38]),/* "RC2-ECB" */ @@ -390,8 +1436,10 @@ static ASN1_OBJECT *sn_objs[NUM_SN]={ &(nid_objs[121]),/* "RC5-ECB" */ &(nid_objs[123]),/* "RC5-OFB" */ &(nid_objs[117]),/* "RIPEMD160" */ +&(nid_objs[124]),/* "RLE" */ &(nid_objs[19]),/* "RSA" */ &(nid_objs[ 7]),/* "RSA-MD2" */ +&(nid_objs[396]),/* "RSA-MD4" */ &(nid_objs[ 8]),/* "RSA-MD5" */ &(nid_objs[96]),/* "RSA-MDC2" */ &(nid_objs[104]),/* "RSA-NP-MD5" */ @@ -399,22 +1447,303 @@ static ASN1_OBJECT *sn_objs[NUM_SN]={ &(nid_objs[42]),/* "RSA-SHA" */ &(nid_objs[65]),/* "RSA-SHA1" */ &(nid_objs[115]),/* "RSA-SHA1-2" */ -&(nid_objs[100]),/* "S" */ &(nid_objs[41]),/* "SHA" */ &(nid_objs[64]),/* "SHA1" */ -&(nid_objs[105]),/* "SN" */ +&(nid_objs[188]),/* "SMIME" */ +&(nid_objs[167]),/* "SMIME-CAPS" */ +&(nid_objs[100]),/* "SN" */ &(nid_objs[16]),/* "ST" */ -&(nid_objs[106]),/* "T" */ -&(nid_objs[102]),/* "UID" */ +&(nid_objs[143]),/* "SXNetID" */ +&(nid_objs[458]),/* "UID" */ &(nid_objs[ 0]),/* "UNDEF" */ +&(nid_objs[11]),/* "X500" */ +&(nid_objs[378]),/* "X500algorithms" */ +&(nid_objs[12]),/* "X509" */ +&(nid_objs[184]),/* "X9-57" */ +&(nid_objs[185]),/* "X9cm" */ +&(nid_objs[125]),/* "ZLIB" */ +&(nid_objs[478]),/* "aRecord" */ +&(nid_objs[289]),/* "aaControls" */ +&(nid_objs[287]),/* "ac-auditEntity" */ +&(nid_objs[397]),/* "ac-proxying" */ +&(nid_objs[288]),/* "ac-targeting" */ +&(nid_objs[368]),/* "acceptableResponses" */ +&(nid_objs[446]),/* "account" */ +&(nid_objs[363]),/* "ad_timestamping" */ +&(nid_objs[376]),/* "algorithm" */ +&(nid_objs[405]),/* "ansi-X9-62" */ +&(nid_objs[370]),/* "archiveCutoff" */ +&(nid_objs[484]),/* "associatedDomain" */ +&(nid_objs[485]),/* "associatedName" */ +&(nid_objs[501]),/* "audio" */ +&(nid_objs[177]),/* "authorityInfoAccess" */ &(nid_objs[90]),/* "authorityKeyIdentifier" */ &(nid_objs[87]),/* "basicConstraints" */ +&(nid_objs[365]),/* "basicOCSPResponse" */ +&(nid_objs[285]),/* "biometricInfo" */ +&(nid_objs[494]),/* "buildingName" */ +&(nid_objs[483]),/* "cNAMERecord" */ +&(nid_objs[179]),/* "caIssuers" */ +&(nid_objs[443]),/* "caseIgnoreIA5StringSyntax" */ +&(nid_objs[152]),/* "certBag" */ &(nid_objs[89]),/* "certificatePolicies" */ +&(nid_objs[54]),/* "challengePassword" */ +&(nid_objs[407]),/* "characteristic-two-field" */ +&(nid_objs[395]),/* "clearance" */ +&(nid_objs[130]),/* "clientAuth" */ +&(nid_objs[131]),/* "codeSigning" */ +&(nid_objs[50]),/* "contentType" */ +&(nid_objs[53]),/* "countersignature" */ +&(nid_objs[153]),/* "crlBag" */ &(nid_objs[103]),/* "crlDistributionPoints" */ &(nid_objs[88]),/* "crlNumber" */ +&(nid_objs[500]),/* "dITRedirect" */ +&(nid_objs[451]),/* "dNSDomain" */ +&(nid_objs[495]),/* "dSAQuality" */ +&(nid_objs[434]),/* "data" */ +&(nid_objs[390]),/* "dcobject" */ +&(nid_objs[140]),/* "deltaCRL" */ +&(nid_objs[107]),/* "description" */ +&(nid_objs[28]),/* "dhKeyAgreement" */ +&(nid_objs[382]),/* "directory" */ +&(nid_objs[174]),/* "dnQualifier" */ +&(nid_objs[447]),/* "document" */ +&(nid_objs[471]),/* "documentAuthor" */ +&(nid_objs[468]),/* "documentIdentifier" */ +&(nid_objs[472]),/* "documentLocation" */ +&(nid_objs[502]),/* "documentPublisher" */ +&(nid_objs[449]),/* "documentSeries" */ +&(nid_objs[469]),/* "documentTitle" */ +&(nid_objs[470]),/* "documentVersion" */ +&(nid_objs[392]),/* "domain" */ +&(nid_objs[452]),/* "domainRelatedObject" */ +&(nid_objs[416]),/* "ecdsa-with-SHA1" */ +&(nid_objs[48]),/* "emailAddress" */ +&(nid_objs[132]),/* "emailProtection" */ +&(nid_objs[389]),/* "enterprises" */ +&(nid_objs[384]),/* "experimental" */ +&(nid_objs[172]),/* "extReq" */ +&(nid_objs[56]),/* "extendedCertificateAttributes" */ +&(nid_objs[126]),/* "extendedKeyUsage" */ +&(nid_objs[372]),/* "extendedStatus" */ +&(nid_objs[462]),/* "favouriteDrink" */ +&(nid_objs[453]),/* "friendlyCountry" */ +&(nid_objs[490]),/* "friendlyCountryName" */ +&(nid_objs[156]),/* "friendlyName" */ +&(nid_objs[509]),/* "generationQualifier" */ +&(nid_objs[99]),/* "gn" */ +&(nid_objs[163]),/* "hmacWithSHA1" */ +&(nid_objs[432]),/* "holdInstructionCallIssuer" */ +&(nid_objs[430]),/* "holdInstructionCode" */ +&(nid_objs[431]),/* "holdInstructionNone" */ +&(nid_objs[433]),/* "holdInstructionReject" */ +&(nid_objs[486]),/* "homePostalAddress" */ +&(nid_objs[473]),/* "homeTelephoneNumber" */ +&(nid_objs[466]),/* "host" */ +&(nid_objs[442]),/* "iA5StringSyntax" */ +&(nid_objs[266]),/* "id-aca" */ +&(nid_objs[355]),/* "id-aca-accessIdentity" */ +&(nid_objs[354]),/* "id-aca-authenticationInfo" */ +&(nid_objs[356]),/* "id-aca-chargingIdentity" */ +&(nid_objs[399]),/* "id-aca-encAttrs" */ +&(nid_objs[357]),/* "id-aca-group" */ +&(nid_objs[358]),/* "id-aca-role" */ +&(nid_objs[176]),/* "id-ad" */ +&(nid_objs[262]),/* "id-alg" */ +&(nid_objs[323]),/* "id-alg-des40" */ +&(nid_objs[326]),/* "id-alg-dh-pop" */ +&(nid_objs[325]),/* "id-alg-dh-sig-hmac-sha1" */ +&(nid_objs[324]),/* "id-alg-noSignature" */ +&(nid_objs[268]),/* "id-cct" */ +&(nid_objs[361]),/* "id-cct-PKIData" */ +&(nid_objs[362]),/* "id-cct-PKIResponse" */ +&(nid_objs[360]),/* "id-cct-crs" */ +&(nid_objs[81]),/* "id-ce" */ +&(nid_objs[263]),/* "id-cmc" */ +&(nid_objs[334]),/* "id-cmc-addExtensions" */ +&(nid_objs[346]),/* "id-cmc-confirmCertAcceptance" */ +&(nid_objs[330]),/* "id-cmc-dataReturn" */ +&(nid_objs[336]),/* "id-cmc-decryptedPOP" */ +&(nid_objs[335]),/* "id-cmc-encryptedPOP" */ +&(nid_objs[339]),/* "id-cmc-getCRL" */ +&(nid_objs[338]),/* "id-cmc-getCert" */ +&(nid_objs[328]),/* "id-cmc-identification" */ +&(nid_objs[329]),/* "id-cmc-identityProof" */ +&(nid_objs[337]),/* "id-cmc-lraPOPWitness" */ +&(nid_objs[344]),/* "id-cmc-popLinkRandom" */ +&(nid_objs[345]),/* "id-cmc-popLinkWitness" */ +&(nid_objs[343]),/* "id-cmc-queryPending" */ +&(nid_objs[333]),/* "id-cmc-recipientNonce" */ +&(nid_objs[341]),/* "id-cmc-regInfo" */ +&(nid_objs[342]),/* "id-cmc-responseInfo" */ +&(nid_objs[340]),/* "id-cmc-revokeRequest" */ +&(nid_objs[332]),/* "id-cmc-senderNonce" */ +&(nid_objs[327]),/* "id-cmc-statusInfo" */ +&(nid_objs[331]),/* "id-cmc-transactionId" */ +&(nid_objs[408]),/* "id-ecPublicKey" */ +&(nid_objs[508]),/* "id-hex-multipart-message" */ +&(nid_objs[507]),/* "id-hex-partial-message" */ +&(nid_objs[260]),/* "id-it" */ +&(nid_objs[302]),/* "id-it-caKeyUpdateInfo" */ +&(nid_objs[298]),/* "id-it-caProtEncCert" */ +&(nid_objs[311]),/* "id-it-confirmWaitTime" */ +&(nid_objs[303]),/* "id-it-currentCRL" */ +&(nid_objs[300]),/* "id-it-encKeyPairTypes" */ +&(nid_objs[310]),/* "id-it-implicitConfirm" */ +&(nid_objs[308]),/* "id-it-keyPairParamRep" */ +&(nid_objs[307]),/* "id-it-keyPairParamReq" */ +&(nid_objs[312]),/* "id-it-origPKIMessage" */ +&(nid_objs[301]),/* "id-it-preferredSymmAlg" */ +&(nid_objs[309]),/* "id-it-revPassphrase" */ +&(nid_objs[299]),/* "id-it-signKeyPairTypes" */ +&(nid_objs[305]),/* "id-it-subscriptionRequest" */ +&(nid_objs[306]),/* "id-it-subscriptionResponse" */ +&(nid_objs[304]),/* "id-it-unsupportedOIDs" */ +&(nid_objs[128]),/* "id-kp" */ +&(nid_objs[280]),/* "id-mod-attribute-cert" */ +&(nid_objs[274]),/* "id-mod-cmc" */ +&(nid_objs[277]),/* "id-mod-cmp" */ +&(nid_objs[284]),/* "id-mod-cmp2000" */ +&(nid_objs[273]),/* "id-mod-crmf" */ +&(nid_objs[283]),/* "id-mod-dvcs" */ +&(nid_objs[275]),/* "id-mod-kea-profile-88" */ +&(nid_objs[276]),/* "id-mod-kea-profile-93" */ +&(nid_objs[282]),/* "id-mod-ocsp" */ +&(nid_objs[278]),/* "id-mod-qualified-cert-88" */ +&(nid_objs[279]),/* "id-mod-qualified-cert-93" */ +&(nid_objs[281]),/* "id-mod-timestamp-protocol" */ +&(nid_objs[264]),/* "id-on" */ +&(nid_objs[347]),/* "id-on-personalData" */ +&(nid_objs[265]),/* "id-pda" */ +&(nid_objs[352]),/* "id-pda-countryOfCitizenship" */ +&(nid_objs[353]),/* "id-pda-countryOfResidence" */ +&(nid_objs[348]),/* "id-pda-dateOfBirth" */ +&(nid_objs[351]),/* "id-pda-gender" */ +&(nid_objs[349]),/* "id-pda-placeOfBirth" */ +&(nid_objs[175]),/* "id-pe" */ +&(nid_objs[261]),/* "id-pkip" */ +&(nid_objs[258]),/* "id-pkix-mod" */ +&(nid_objs[269]),/* "id-pkix1-explicit-88" */ +&(nid_objs[271]),/* "id-pkix1-explicit-93" */ +&(nid_objs[270]),/* "id-pkix1-implicit-88" */ +&(nid_objs[272]),/* "id-pkix1-implicit-93" */ +&(nid_objs[267]),/* "id-qcs" */ +&(nid_objs[359]),/* "id-qcs-pkixQCSyntax-v1" */ +&(nid_objs[259]),/* "id-qt" */ +&(nid_objs[164]),/* "id-qt-cps" */ +&(nid_objs[165]),/* "id-qt-unotice" */ +&(nid_objs[313]),/* "id-regCtrl" */ +&(nid_objs[316]),/* "id-regCtrl-authenticator" */ +&(nid_objs[319]),/* "id-regCtrl-oldCertID" */ +&(nid_objs[318]),/* "id-regCtrl-pkiArchiveOptions" */ +&(nid_objs[317]),/* "id-regCtrl-pkiPublicationInfo" */ +&(nid_objs[320]),/* "id-regCtrl-protocolEncrKey" */ +&(nid_objs[315]),/* "id-regCtrl-regToken" */ +&(nid_objs[314]),/* "id-regInfo" */ +&(nid_objs[322]),/* "id-regInfo-certReq" */ +&(nid_objs[321]),/* "id-regInfo-utf8Pairs" */ +&(nid_objs[191]),/* "id-smime-aa" */ +&(nid_objs[215]),/* "id-smime-aa-contentHint" */ +&(nid_objs[218]),/* "id-smime-aa-contentIdentifier" */ +&(nid_objs[221]),/* "id-smime-aa-contentReference" */ +&(nid_objs[240]),/* "id-smime-aa-dvcs-dvc" */ +&(nid_objs[217]),/* "id-smime-aa-encapContentType" */ +&(nid_objs[222]),/* "id-smime-aa-encrypKeyPref" */ +&(nid_objs[220]),/* "id-smime-aa-equivalentLabels" */ +&(nid_objs[232]),/* "id-smime-aa-ets-CertificateRefs" */ +&(nid_objs[233]),/* "id-smime-aa-ets-RevocationRefs" */ +&(nid_objs[238]),/* "id-smime-aa-ets-archiveTimeStamp" */ +&(nid_objs[237]),/* "id-smime-aa-ets-certCRLTimestamp" */ +&(nid_objs[234]),/* "id-smime-aa-ets-certValues" */ +&(nid_objs[227]),/* "id-smime-aa-ets-commitmentType" */ +&(nid_objs[231]),/* "id-smime-aa-ets-contentTimestamp" */ +&(nid_objs[236]),/* "id-smime-aa-ets-escTimeStamp" */ +&(nid_objs[230]),/* "id-smime-aa-ets-otherSigCert" */ +&(nid_objs[235]),/* "id-smime-aa-ets-revocationValues" */ +&(nid_objs[226]),/* "id-smime-aa-ets-sigPolicyId" */ +&(nid_objs[229]),/* "id-smime-aa-ets-signerAttr" */ +&(nid_objs[228]),/* "id-smime-aa-ets-signerLocation" */ +&(nid_objs[219]),/* "id-smime-aa-macValue" */ +&(nid_objs[214]),/* "id-smime-aa-mlExpandHistory" */ +&(nid_objs[216]),/* "id-smime-aa-msgSigDigest" */ +&(nid_objs[212]),/* "id-smime-aa-receiptRequest" */ +&(nid_objs[213]),/* "id-smime-aa-securityLabel" */ +&(nid_objs[239]),/* "id-smime-aa-signatureType" */ +&(nid_objs[223]),/* "id-smime-aa-signingCertificate" */ +&(nid_objs[224]),/* "id-smime-aa-smimeEncryptCerts" */ +&(nid_objs[225]),/* "id-smime-aa-timeStampToken" */ +&(nid_objs[192]),/* "id-smime-alg" */ +&(nid_objs[243]),/* "id-smime-alg-3DESwrap" */ +&(nid_objs[246]),/* "id-smime-alg-CMS3DESwrap" */ +&(nid_objs[247]),/* "id-smime-alg-CMSRC2wrap" */ +&(nid_objs[245]),/* "id-smime-alg-ESDH" */ +&(nid_objs[241]),/* "id-smime-alg-ESDHwith3DES" */ +&(nid_objs[242]),/* "id-smime-alg-ESDHwithRC2" */ +&(nid_objs[244]),/* "id-smime-alg-RC2wrap" */ +&(nid_objs[193]),/* "id-smime-cd" */ +&(nid_objs[248]),/* "id-smime-cd-ldap" */ +&(nid_objs[190]),/* "id-smime-ct" */ +&(nid_objs[210]),/* "id-smime-ct-DVCSRequestData" */ +&(nid_objs[211]),/* "id-smime-ct-DVCSResponseData" */ +&(nid_objs[208]),/* "id-smime-ct-TDTInfo" */ +&(nid_objs[207]),/* "id-smime-ct-TSTInfo" */ +&(nid_objs[205]),/* "id-smime-ct-authData" */ +&(nid_objs[209]),/* "id-smime-ct-contentInfo" */ +&(nid_objs[206]),/* "id-smime-ct-publishCert" */ +&(nid_objs[204]),/* "id-smime-ct-receipt" */ +&(nid_objs[195]),/* "id-smime-cti" */ +&(nid_objs[255]),/* "id-smime-cti-ets-proofOfApproval" */ +&(nid_objs[256]),/* "id-smime-cti-ets-proofOfCreation" */ +&(nid_objs[253]),/* "id-smime-cti-ets-proofOfDelivery" */ +&(nid_objs[251]),/* "id-smime-cti-ets-proofOfOrigin" */ +&(nid_objs[252]),/* "id-smime-cti-ets-proofOfReceipt" */ +&(nid_objs[254]),/* "id-smime-cti-ets-proofOfSender" */ +&(nid_objs[189]),/* "id-smime-mod" */ +&(nid_objs[196]),/* "id-smime-mod-cms" */ +&(nid_objs[197]),/* "id-smime-mod-ess" */ +&(nid_objs[202]),/* "id-smime-mod-ets-eSigPolicy-88" */ +&(nid_objs[203]),/* "id-smime-mod-ets-eSigPolicy-97" */ +&(nid_objs[200]),/* "id-smime-mod-ets-eSignature-88" */ +&(nid_objs[201]),/* "id-smime-mod-ets-eSignature-97" */ +&(nid_objs[199]),/* "id-smime-mod-msg-v3" */ +&(nid_objs[198]),/* "id-smime-mod-oid" */ +&(nid_objs[194]),/* "id-smime-spq" */ +&(nid_objs[250]),/* "id-smime-spq-ets-sqt-unotice" */ +&(nid_objs[249]),/* "id-smime-spq-ets-sqt-uri" */ +&(nid_objs[461]),/* "info" */ +&(nid_objs[101]),/* "initials" */ +&(nid_objs[142]),/* "invalidityDate" */ +&(nid_objs[294]),/* "ipsecEndSystem" */ +&(nid_objs[295]),/* "ipsecTunnel" */ +&(nid_objs[296]),/* "ipsecUser" */ &(nid_objs[86]),/* "issuerAltName" */ +&(nid_objs[492]),/* "janetMailbox" */ +&(nid_objs[150]),/* "keyBag" */ &(nid_objs[83]),/* "keyUsage" */ -&(nid_objs[81]),/* "ld-ce" */ +&(nid_objs[477]),/* "lastModifiedBy" */ +&(nid_objs[476]),/* "lastModifiedTime" */ +&(nid_objs[157]),/* "localKeyID" */ +&(nid_objs[480]),/* "mXRecord" */ +&(nid_objs[460]),/* "mail" */ +&(nid_objs[493]),/* "mailPreferenceOption" */ +&(nid_objs[467]),/* "manager" */ +&(nid_objs[182]),/* "member-body" */ +&(nid_objs[51]),/* "messageDigest" */ +&(nid_objs[383]),/* "mgmt" */ +&(nid_objs[504]),/* "mime-mhs" */ +&(nid_objs[506]),/* "mime-mhs-bodies" */ +&(nid_objs[505]),/* "mime-mhs-headings" */ +&(nid_objs[488]),/* "mobileTelephoneNumber" */ +&(nid_objs[136]),/* "msCTLSign" */ +&(nid_objs[135]),/* "msCodeCom" */ +&(nid_objs[134]),/* "msCodeInd" */ +&(nid_objs[138]),/* "msEFS" */ +&(nid_objs[171]),/* "msExtReq" */ +&(nid_objs[137]),/* "msSGC" */ +&(nid_objs[481]),/* "nSRecord" */ +&(nid_objs[173]),/* "name" */ +&(nid_objs[369]),/* "noCheck" */ +&(nid_objs[403]),/* "noRevAvail" */ &(nid_objs[72]),/* "nsBaseUrl" */ &(nid_objs[76]),/* "nsCaPolicyUrl" */ &(nid_objs[74]),/* "nsCaRevocationUrl" */ @@ -425,13 +1754,134 @@ static ASN1_OBJECT *sn_objs[NUM_SN]={ &(nid_objs[59]),/* "nsDataType" */ &(nid_objs[75]),/* "nsRenewalUrl" */ &(nid_objs[73]),/* "nsRevocationUrl" */ +&(nid_objs[139]),/* "nsSGC" */ &(nid_objs[77]),/* "nsSslServerName" */ +&(nid_objs[491]),/* "organizationalStatus" */ +&(nid_objs[475]),/* "otherMailbox" */ +&(nid_objs[489]),/* "pagerTelephoneNumber" */ +&(nid_objs[374]),/* "path" */ +&(nid_objs[112]),/* "pbeWithMD5AndCast5CBC" */ +&(nid_objs[499]),/* "personalSignature" */ +&(nid_objs[487]),/* "personalTitle" */ +&(nid_objs[464]),/* "photo" */ +&(nid_objs[437]),/* "pilot" */ +&(nid_objs[439]),/* "pilotAttributeSyntax" */ +&(nid_objs[438]),/* "pilotAttributeType" */ +&(nid_objs[479]),/* "pilotAttributeType27" */ +&(nid_objs[456]),/* "pilotDSA" */ +&(nid_objs[441]),/* "pilotGroups" */ +&(nid_objs[444]),/* "pilotObject" */ +&(nid_objs[440]),/* "pilotObjectClass" */ +&(nid_objs[455]),/* "pilotOrganization" */ +&(nid_objs[445]),/* "pilotPerson" */ +&(nid_objs[ 2]),/* "pkcs" */ +&(nid_objs[186]),/* "pkcs1" */ +&(nid_objs[27]),/* "pkcs3" */ +&(nid_objs[187]),/* "pkcs5" */ +&(nid_objs[20]),/* "pkcs7" */ +&(nid_objs[21]),/* "pkcs7-data" */ +&(nid_objs[25]),/* "pkcs7-digestData" */ +&(nid_objs[26]),/* "pkcs7-encryptedData" */ +&(nid_objs[23]),/* "pkcs7-envelopedData" */ +&(nid_objs[24]),/* "pkcs7-signedAndEnvelopedData" */ +&(nid_objs[22]),/* "pkcs7-signedData" */ +&(nid_objs[151]),/* "pkcs8ShroudedKeyBag" */ +&(nid_objs[47]),/* "pkcs9" */ +&(nid_objs[401]),/* "policyConstraints" */ +&(nid_objs[406]),/* "prime-field" */ +&(nid_objs[409]),/* "prime192v1" */ +&(nid_objs[410]),/* "prime192v2" */ +&(nid_objs[411]),/* "prime192v3" */ +&(nid_objs[412]),/* "prime239v1" */ +&(nid_objs[413]),/* "prime239v2" */ +&(nid_objs[414]),/* "prime239v3" */ +&(nid_objs[415]),/* "prime256v1" */ +&(nid_objs[385]),/* "private" */ &(nid_objs[84]),/* "privateKeyUsagePeriod" */ +&(nid_objs[435]),/* "pss" */ +&(nid_objs[286]),/* "qcStatements" */ +&(nid_objs[457]),/* "qualityLabelledData" */ +&(nid_objs[450]),/* "rFC822localPart" */ +&(nid_objs[400]),/* "role" */ +&(nid_objs[448]),/* "room" */ +&(nid_objs[463]),/* "roomNumber" */ +&(nid_objs[ 6]),/* "rsaEncryption" */ +&(nid_objs[377]),/* "rsaSignature" */ +&(nid_objs[ 1]),/* "rsadsi" */ +&(nid_objs[482]),/* "sOARecord" */ +&(nid_objs[155]),/* "safeContentsBag" */ +&(nid_objs[291]),/* "sbqp-autonomousSysNum" */ +&(nid_objs[290]),/* "sbqp-ipAddrBlock" */ +&(nid_objs[292]),/* "sbqp-routerIdentifier" */ +&(nid_objs[159]),/* "sdsiCertificate" */ +&(nid_objs[154]),/* "secretBag" */ +&(nid_objs[474]),/* "secretary" */ +&(nid_objs[386]),/* "security" */ +&(nid_objs[394]),/* "selected-attribute-types" */ +&(nid_objs[105]),/* "serialNumber" */ +&(nid_objs[129]),/* "serverAuth" */ +&(nid_objs[371]),/* "serviceLocator" */ +&(nid_objs[52]),/* "signingTime" */ +&(nid_objs[454]),/* "simpleSecurityObject" */ +&(nid_objs[496]),/* "singleLevelQuality" */ +&(nid_objs[387]),/* "snmpv2" */ &(nid_objs[85]),/* "subjectAltName" */ +&(nid_objs[398]),/* "subjectInfoAccess" */ &(nid_objs[82]),/* "subjectKeyIdentifier" */ +&(nid_objs[498]),/* "subtreeMaximumQuality" */ +&(nid_objs[497]),/* "subtreeMinimumQuality" */ +&(nid_objs[402]),/* "targetInformation" */ +&(nid_objs[459]),/* "textEncodedORAddress" */ +&(nid_objs[293]),/* "textNotice" */ +&(nid_objs[133]),/* "timeStamping" */ +&(nid_objs[106]),/* "title" */ +&(nid_objs[375]),/* "trustRoot" */ +&(nid_objs[436]),/* "ucl" */ +&(nid_objs[55]),/* "unstructuredAddress" */ +&(nid_objs[49]),/* "unstructuredName" */ +&(nid_objs[465]),/* "userClass" */ +&(nid_objs[373]),/* "valid" */ +&(nid_objs[503]),/* "x500UniqueIdentifier" */ +&(nid_objs[158]),/* "x509Certificate" */ +&(nid_objs[160]),/* "x509Crl" */ }; static ASN1_OBJECT *ln_objs[NUM_LN]={ +&(nid_objs[363]),/* "AD Time Stamping" */ +&(nid_objs[405]),/* "ANSI X9.62" */ +&(nid_objs[368]),/* "Acceptable OCSP Responses" */ +&(nid_objs[177]),/* "Authority Information Access" */ +&(nid_objs[365]),/* "Basic OCSP Response" */ +&(nid_objs[285]),/* "Biometric Info" */ +&(nid_objs[179]),/* "CA Issuers" */ +&(nid_objs[131]),/* "Code Signing" */ +&(nid_objs[382]),/* "Directory" */ +&(nid_objs[392]),/* "Domain" */ +&(nid_objs[132]),/* "E-mail Protection" */ +&(nid_objs[389]),/* "Enterprises" */ +&(nid_objs[384]),/* "Experimental" */ +&(nid_objs[372]),/* "Extended OCSP Status" */ +&(nid_objs[172]),/* "Extension Request" */ +&(nid_objs[432]),/* "Hold Instruction Call Issuer" */ +&(nid_objs[430]),/* "Hold Instruction Code" */ +&(nid_objs[431]),/* "Hold Instruction None" */ +&(nid_objs[433]),/* "Hold Instruction Reject" */ +&(nid_objs[294]),/* "IPSec End System" */ +&(nid_objs[295]),/* "IPSec Tunnel" */ +&(nid_objs[296]),/* "IPSec User" */ +&(nid_objs[182]),/* "ISO Member Body" */ +&(nid_objs[183]),/* "ISO US Member Body" */ +&(nid_objs[142]),/* "Invalidity Date" */ +&(nid_objs[504]),/* "MIME MHS" */ +&(nid_objs[388]),/* "Mail" */ +&(nid_objs[383]),/* "Management" */ +&(nid_objs[417]),/* "Microsoft CSP Name" */ +&(nid_objs[135]),/* "Microsoft Commercial Code Signing" */ +&(nid_objs[138]),/* "Microsoft Encrypted File System" */ +&(nid_objs[171]),/* "Microsoft Extension Request" */ +&(nid_objs[134]),/* "Microsoft Individual Code Signing" */ +&(nid_objs[137]),/* "Microsoft Server Gated Crypto" */ +&(nid_objs[136]),/* "Microsoft Trust List Signing" */ &(nid_objs[72]),/* "Netscape Base Url" */ &(nid_objs[76]),/* "Netscape CA Policy Url" */ &(nid_objs[74]),/* "Netscape CA Revocation Url" */ @@ -444,31 +1894,102 @@ static ASN1_OBJECT *ln_objs[NUM_LN]={ &(nid_objs[75]),/* "Netscape Renewal Url" */ &(nid_objs[73]),/* "Netscape Revocation Url" */ &(nid_objs[77]),/* "Netscape SSL Server Name" */ -&(nid_objs[11]),/* "X500" */ +&(nid_objs[139]),/* "Netscape Server Gated Crypto" */ +&(nid_objs[178]),/* "OCSP" */ +&(nid_objs[370]),/* "OCSP Archive Cutoff" */ +&(nid_objs[367]),/* "OCSP CRL ID" */ +&(nid_objs[369]),/* "OCSP No Check" */ +&(nid_objs[366]),/* "OCSP Nonce" */ +&(nid_objs[371]),/* "OCSP Service Locator" */ +&(nid_objs[180]),/* "OCSP Signing" */ +&(nid_objs[161]),/* "PBES2" */ +&(nid_objs[69]),/* "PBKDF2" */ +&(nid_objs[162]),/* "PBMAC1" */ +&(nid_objs[127]),/* "PKIX" */ +&(nid_objs[164]),/* "Policy Qualifier CPS" */ +&(nid_objs[165]),/* "Policy Qualifier User Notice" */ +&(nid_objs[385]),/* "Private" */ +&(nid_objs[ 1]),/* "RSA Data Security, Inc." */ +&(nid_objs[ 2]),/* "RSA Data Security, Inc. PKCS" */ +&(nid_objs[188]),/* "S/MIME" */ +&(nid_objs[167]),/* "S/MIME Capabilities" */ +&(nid_objs[387]),/* "SNMPv2" */ +&(nid_objs[386]),/* "Security" */ +&(nid_objs[394]),/* "Selected Attribute Types" */ +&(nid_objs[143]),/* "Strong Extranet ID" */ +&(nid_objs[398]),/* "Subject Information Access" */ +&(nid_objs[130]),/* "TLS Web Client Authentication" */ +&(nid_objs[129]),/* "TLS Web Server Authentication" */ +&(nid_objs[133]),/* "Time Stamping" */ +&(nid_objs[375]),/* "Trust Root" */ &(nid_objs[12]),/* "X509" */ +&(nid_objs[402]),/* "X509v3 AC Targeting" */ &(nid_objs[90]),/* "X509v3 Authority Key Identifier" */ &(nid_objs[87]),/* "X509v3 Basic Constraints" */ &(nid_objs[103]),/* "X509v3 CRL Distribution Points" */ &(nid_objs[88]),/* "X509v3 CRL Number" */ +&(nid_objs[141]),/* "X509v3 CRL Reason Code" */ &(nid_objs[89]),/* "X509v3 Certificate Policies" */ +&(nid_objs[140]),/* "X509v3 Delta CRL Indicator" */ +&(nid_objs[126]),/* "X509v3 Extended Key Usage" */ &(nid_objs[86]),/* "X509v3 Issuer Alternative Name" */ &(nid_objs[83]),/* "X509v3 Key Usage" */ +&(nid_objs[403]),/* "X509v3 No Revocation Available" */ +&(nid_objs[401]),/* "X509v3 Policy Constraints" */ &(nid_objs[84]),/* "X509v3 Private Key Usage Period" */ &(nid_objs[85]),/* "X509v3 Subject Alternative Name" */ &(nid_objs[82]),/* "X509v3 Subject Key Identifier" */ +&(nid_objs[184]),/* "X9.57" */ +&(nid_objs[185]),/* "X9.57 CM ?" */ +&(nid_objs[478]),/* "aRecord" */ +&(nid_objs[289]),/* "aaControls" */ +&(nid_objs[287]),/* "ac-auditEntity" */ +&(nid_objs[397]),/* "ac-proxying" */ +&(nid_objs[288]),/* "ac-targeting" */ +&(nid_objs[446]),/* "account" */ +&(nid_objs[364]),/* "ad dvcs" */ +&(nid_objs[419]),/* "aes-128-cbc" */ +&(nid_objs[421]),/* "aes-128-cfb" */ +&(nid_objs[418]),/* "aes-128-ecb" */ +&(nid_objs[420]),/* "aes-128-ofb" */ +&(nid_objs[423]),/* "aes-192-cbc" */ +&(nid_objs[425]),/* "aes-192-cfb" */ +&(nid_objs[422]),/* "aes-192-ecb" */ +&(nid_objs[424]),/* "aes-192-ofb" */ +&(nid_objs[427]),/* "aes-256-cbc" */ +&(nid_objs[429]),/* "aes-256-cfb" */ +&(nid_objs[426]),/* "aes-256-ecb" */ +&(nid_objs[428]),/* "aes-256-ofb" */ +&(nid_objs[376]),/* "algorithm" */ +&(nid_objs[484]),/* "associatedDomain" */ +&(nid_objs[485]),/* "associatedName" */ +&(nid_objs[501]),/* "audio" */ &(nid_objs[91]),/* "bf-cbc" */ &(nid_objs[93]),/* "bf-cfb" */ &(nid_objs[92]),/* "bf-ecb" */ &(nid_objs[94]),/* "bf-ofb" */ +&(nid_objs[494]),/* "buildingName" */ +&(nid_objs[483]),/* "cNAMERecord" */ +&(nid_objs[443]),/* "caseIgnoreIA5StringSyntax" */ &(nid_objs[108]),/* "cast5-cbc" */ &(nid_objs[110]),/* "cast5-cfb" */ &(nid_objs[109]),/* "cast5-ecb" */ &(nid_objs[111]),/* "cast5-ofb" */ +&(nid_objs[404]),/* "ccitt" */ +&(nid_objs[152]),/* "certBag" */ &(nid_objs[54]),/* "challengePassword" */ +&(nid_objs[407]),/* "characteristic-two-field" */ +&(nid_objs[395]),/* "clearance" */ &(nid_objs[13]),/* "commonName" */ &(nid_objs[50]),/* "contentType" */ &(nid_objs[53]),/* "countersignature" */ &(nid_objs[14]),/* "countryName" */ +&(nid_objs[153]),/* "crlBag" */ +&(nid_objs[500]),/* "dITRedirect" */ +&(nid_objs[451]),/* "dNSDomain" */ +&(nid_objs[495]),/* "dSAQuality" */ +&(nid_objs[434]),/* "data" */ +&(nid_objs[390]),/* "dcObject" */ &(nid_objs[31]),/* "des-cbc" */ &(nid_objs[30]),/* "des-cfb" */ &(nid_objs[29]),/* "des-ecb" */ @@ -484,38 +2005,277 @@ static ASN1_OBJECT *ln_objs[NUM_LN]={ &(nid_objs[107]),/* "description" */ &(nid_objs[80]),/* "desx-cbc" */ &(nid_objs[28]),/* "dhKeyAgreement" */ +&(nid_objs[11]),/* "directory services (X.500)" */ +&(nid_objs[378]),/* "directory services - algorithms" */ +&(nid_objs[174]),/* "dnQualifier" */ +&(nid_objs[447]),/* "document" */ +&(nid_objs[471]),/* "documentAuthor" */ +&(nid_objs[468]),/* "documentIdentifier" */ +&(nid_objs[472]),/* "documentLocation" */ +&(nid_objs[502]),/* "documentPublisher" */ +&(nid_objs[449]),/* "documentSeries" */ +&(nid_objs[469]),/* "documentTitle" */ +&(nid_objs[470]),/* "documentVersion" */ +&(nid_objs[380]),/* "dod" */ +&(nid_objs[391]),/* "domainComponent" */ +&(nid_objs[452]),/* "domainRelatedObject" */ &(nid_objs[116]),/* "dsaEncryption" */ &(nid_objs[67]),/* "dsaEncryption-old" */ &(nid_objs[66]),/* "dsaWithSHA" */ &(nid_objs[113]),/* "dsaWithSHA1" */ -&(nid_objs[70]),/* "dsaWithSHA1" */ +&(nid_objs[70]),/* "dsaWithSHA1-old" */ +&(nid_objs[297]),/* "dvcs" */ +&(nid_objs[416]),/* "ecdsa-with-SHA1" */ &(nid_objs[48]),/* "emailAddress" */ &(nid_objs[56]),/* "extendedCertificateAttributes" */ +&(nid_objs[462]),/* "favouriteDrink" */ +&(nid_objs[453]),/* "friendlyCountry" */ +&(nid_objs[490]),/* "friendlyCountryName" */ +&(nid_objs[156]),/* "friendlyName" */ +&(nid_objs[509]),/* "generationQualifier" */ &(nid_objs[99]),/* "givenName" */ +&(nid_objs[163]),/* "hmacWithSHA1" */ +&(nid_objs[486]),/* "homePostalAddress" */ +&(nid_objs[473]),/* "homeTelephoneNumber" */ +&(nid_objs[466]),/* "host" */ +&(nid_objs[442]),/* "iA5StringSyntax" */ +&(nid_objs[381]),/* "iana" */ +&(nid_objs[266]),/* "id-aca" */ +&(nid_objs[355]),/* "id-aca-accessIdentity" */ +&(nid_objs[354]),/* "id-aca-authenticationInfo" */ +&(nid_objs[356]),/* "id-aca-chargingIdentity" */ +&(nid_objs[399]),/* "id-aca-encAttrs" */ +&(nid_objs[357]),/* "id-aca-group" */ +&(nid_objs[358]),/* "id-aca-role" */ +&(nid_objs[176]),/* "id-ad" */ +&(nid_objs[262]),/* "id-alg" */ +&(nid_objs[323]),/* "id-alg-des40" */ +&(nid_objs[326]),/* "id-alg-dh-pop" */ +&(nid_objs[325]),/* "id-alg-dh-sig-hmac-sha1" */ +&(nid_objs[324]),/* "id-alg-noSignature" */ +&(nid_objs[268]),/* "id-cct" */ +&(nid_objs[361]),/* "id-cct-PKIData" */ +&(nid_objs[362]),/* "id-cct-PKIResponse" */ +&(nid_objs[360]),/* "id-cct-crs" */ +&(nid_objs[81]),/* "id-ce" */ +&(nid_objs[263]),/* "id-cmc" */ +&(nid_objs[334]),/* "id-cmc-addExtensions" */ +&(nid_objs[346]),/* "id-cmc-confirmCertAcceptance" */ +&(nid_objs[330]),/* "id-cmc-dataReturn" */ +&(nid_objs[336]),/* "id-cmc-decryptedPOP" */ +&(nid_objs[335]),/* "id-cmc-encryptedPOP" */ +&(nid_objs[339]),/* "id-cmc-getCRL" */ +&(nid_objs[338]),/* "id-cmc-getCert" */ +&(nid_objs[328]),/* "id-cmc-identification" */ +&(nid_objs[329]),/* "id-cmc-identityProof" */ +&(nid_objs[337]),/* "id-cmc-lraPOPWitness" */ +&(nid_objs[344]),/* "id-cmc-popLinkRandom" */ +&(nid_objs[345]),/* "id-cmc-popLinkWitness" */ +&(nid_objs[343]),/* "id-cmc-queryPending" */ +&(nid_objs[333]),/* "id-cmc-recipientNonce" */ +&(nid_objs[341]),/* "id-cmc-regInfo" */ +&(nid_objs[342]),/* "id-cmc-responseInfo" */ +&(nid_objs[340]),/* "id-cmc-revokeRequest" */ +&(nid_objs[332]),/* "id-cmc-senderNonce" */ +&(nid_objs[327]),/* "id-cmc-statusInfo" */ +&(nid_objs[331]),/* "id-cmc-transactionId" */ +&(nid_objs[408]),/* "id-ecPublicKey" */ +&(nid_objs[508]),/* "id-hex-multipart-message" */ +&(nid_objs[507]),/* "id-hex-partial-message" */ +&(nid_objs[260]),/* "id-it" */ +&(nid_objs[302]),/* "id-it-caKeyUpdateInfo" */ +&(nid_objs[298]),/* "id-it-caProtEncCert" */ +&(nid_objs[311]),/* "id-it-confirmWaitTime" */ +&(nid_objs[303]),/* "id-it-currentCRL" */ +&(nid_objs[300]),/* "id-it-encKeyPairTypes" */ +&(nid_objs[310]),/* "id-it-implicitConfirm" */ +&(nid_objs[308]),/* "id-it-keyPairParamRep" */ +&(nid_objs[307]),/* "id-it-keyPairParamReq" */ +&(nid_objs[312]),/* "id-it-origPKIMessage" */ +&(nid_objs[301]),/* "id-it-preferredSymmAlg" */ +&(nid_objs[309]),/* "id-it-revPassphrase" */ +&(nid_objs[299]),/* "id-it-signKeyPairTypes" */ +&(nid_objs[305]),/* "id-it-subscriptionRequest" */ +&(nid_objs[306]),/* "id-it-subscriptionResponse" */ +&(nid_objs[304]),/* "id-it-unsupportedOIDs" */ +&(nid_objs[128]),/* "id-kp" */ +&(nid_objs[280]),/* "id-mod-attribute-cert" */ +&(nid_objs[274]),/* "id-mod-cmc" */ +&(nid_objs[277]),/* "id-mod-cmp" */ +&(nid_objs[284]),/* "id-mod-cmp2000" */ +&(nid_objs[273]),/* "id-mod-crmf" */ +&(nid_objs[283]),/* "id-mod-dvcs" */ +&(nid_objs[275]),/* "id-mod-kea-profile-88" */ +&(nid_objs[276]),/* "id-mod-kea-profile-93" */ +&(nid_objs[282]),/* "id-mod-ocsp" */ +&(nid_objs[278]),/* "id-mod-qualified-cert-88" */ +&(nid_objs[279]),/* "id-mod-qualified-cert-93" */ +&(nid_objs[281]),/* "id-mod-timestamp-protocol" */ +&(nid_objs[264]),/* "id-on" */ +&(nid_objs[347]),/* "id-on-personalData" */ +&(nid_objs[265]),/* "id-pda" */ +&(nid_objs[352]),/* "id-pda-countryOfCitizenship" */ +&(nid_objs[353]),/* "id-pda-countryOfResidence" */ +&(nid_objs[348]),/* "id-pda-dateOfBirth" */ +&(nid_objs[351]),/* "id-pda-gender" */ +&(nid_objs[349]),/* "id-pda-placeOfBirth" */ +&(nid_objs[175]),/* "id-pe" */ +&(nid_objs[261]),/* "id-pkip" */ +&(nid_objs[258]),/* "id-pkix-mod" */ +&(nid_objs[269]),/* "id-pkix1-explicit-88" */ +&(nid_objs[271]),/* "id-pkix1-explicit-93" */ +&(nid_objs[270]),/* "id-pkix1-implicit-88" */ +&(nid_objs[272]),/* "id-pkix1-implicit-93" */ +&(nid_objs[267]),/* "id-qcs" */ +&(nid_objs[359]),/* "id-qcs-pkixQCSyntax-v1" */ +&(nid_objs[259]),/* "id-qt" */ +&(nid_objs[313]),/* "id-regCtrl" */ +&(nid_objs[316]),/* "id-regCtrl-authenticator" */ +&(nid_objs[319]),/* "id-regCtrl-oldCertID" */ +&(nid_objs[318]),/* "id-regCtrl-pkiArchiveOptions" */ +&(nid_objs[317]),/* "id-regCtrl-pkiPublicationInfo" */ +&(nid_objs[320]),/* "id-regCtrl-protocolEncrKey" */ +&(nid_objs[315]),/* "id-regCtrl-regToken" */ +&(nid_objs[314]),/* "id-regInfo" */ +&(nid_objs[322]),/* "id-regInfo-certReq" */ +&(nid_objs[321]),/* "id-regInfo-utf8Pairs" */ +&(nid_objs[191]),/* "id-smime-aa" */ +&(nid_objs[215]),/* "id-smime-aa-contentHint" */ +&(nid_objs[218]),/* "id-smime-aa-contentIdentifier" */ +&(nid_objs[221]),/* "id-smime-aa-contentReference" */ +&(nid_objs[240]),/* "id-smime-aa-dvcs-dvc" */ +&(nid_objs[217]),/* "id-smime-aa-encapContentType" */ +&(nid_objs[222]),/* "id-smime-aa-encrypKeyPref" */ +&(nid_objs[220]),/* "id-smime-aa-equivalentLabels" */ +&(nid_objs[232]),/* "id-smime-aa-ets-CertificateRefs" */ +&(nid_objs[233]),/* "id-smime-aa-ets-RevocationRefs" */ +&(nid_objs[238]),/* "id-smime-aa-ets-archiveTimeStamp" */ +&(nid_objs[237]),/* "id-smime-aa-ets-certCRLTimestamp" */ +&(nid_objs[234]),/* "id-smime-aa-ets-certValues" */ +&(nid_objs[227]),/* "id-smime-aa-ets-commitmentType" */ +&(nid_objs[231]),/* "id-smime-aa-ets-contentTimestamp" */ +&(nid_objs[236]),/* "id-smime-aa-ets-escTimeStamp" */ +&(nid_objs[230]),/* "id-smime-aa-ets-otherSigCert" */ +&(nid_objs[235]),/* "id-smime-aa-ets-revocationValues" */ +&(nid_objs[226]),/* "id-smime-aa-ets-sigPolicyId" */ +&(nid_objs[229]),/* "id-smime-aa-ets-signerAttr" */ +&(nid_objs[228]),/* "id-smime-aa-ets-signerLocation" */ +&(nid_objs[219]),/* "id-smime-aa-macValue" */ +&(nid_objs[214]),/* "id-smime-aa-mlExpandHistory" */ +&(nid_objs[216]),/* "id-smime-aa-msgSigDigest" */ +&(nid_objs[212]),/* "id-smime-aa-receiptRequest" */ +&(nid_objs[213]),/* "id-smime-aa-securityLabel" */ +&(nid_objs[239]),/* "id-smime-aa-signatureType" */ +&(nid_objs[223]),/* "id-smime-aa-signingCertificate" */ +&(nid_objs[224]),/* "id-smime-aa-smimeEncryptCerts" */ +&(nid_objs[225]),/* "id-smime-aa-timeStampToken" */ +&(nid_objs[192]),/* "id-smime-alg" */ +&(nid_objs[243]),/* "id-smime-alg-3DESwrap" */ +&(nid_objs[246]),/* "id-smime-alg-CMS3DESwrap" */ +&(nid_objs[247]),/* "id-smime-alg-CMSRC2wrap" */ +&(nid_objs[245]),/* "id-smime-alg-ESDH" */ +&(nid_objs[241]),/* "id-smime-alg-ESDHwith3DES" */ +&(nid_objs[242]),/* "id-smime-alg-ESDHwithRC2" */ +&(nid_objs[244]),/* "id-smime-alg-RC2wrap" */ +&(nid_objs[193]),/* "id-smime-cd" */ +&(nid_objs[248]),/* "id-smime-cd-ldap" */ +&(nid_objs[190]),/* "id-smime-ct" */ +&(nid_objs[210]),/* "id-smime-ct-DVCSRequestData" */ +&(nid_objs[211]),/* "id-smime-ct-DVCSResponseData" */ +&(nid_objs[208]),/* "id-smime-ct-TDTInfo" */ +&(nid_objs[207]),/* "id-smime-ct-TSTInfo" */ +&(nid_objs[205]),/* "id-smime-ct-authData" */ +&(nid_objs[209]),/* "id-smime-ct-contentInfo" */ +&(nid_objs[206]),/* "id-smime-ct-publishCert" */ +&(nid_objs[204]),/* "id-smime-ct-receipt" */ +&(nid_objs[195]),/* "id-smime-cti" */ +&(nid_objs[255]),/* "id-smime-cti-ets-proofOfApproval" */ +&(nid_objs[256]),/* "id-smime-cti-ets-proofOfCreation" */ +&(nid_objs[253]),/* "id-smime-cti-ets-proofOfDelivery" */ +&(nid_objs[251]),/* "id-smime-cti-ets-proofOfOrigin" */ +&(nid_objs[252]),/* "id-smime-cti-ets-proofOfReceipt" */ +&(nid_objs[254]),/* "id-smime-cti-ets-proofOfSender" */ +&(nid_objs[189]),/* "id-smime-mod" */ +&(nid_objs[196]),/* "id-smime-mod-cms" */ +&(nid_objs[197]),/* "id-smime-mod-ess" */ +&(nid_objs[202]),/* "id-smime-mod-ets-eSigPolicy-88" */ +&(nid_objs[203]),/* "id-smime-mod-ets-eSigPolicy-97" */ +&(nid_objs[200]),/* "id-smime-mod-ets-eSignature-88" */ +&(nid_objs[201]),/* "id-smime-mod-ets-eSignature-97" */ +&(nid_objs[199]),/* "id-smime-mod-msg-v3" */ +&(nid_objs[198]),/* "id-smime-mod-oid" */ +&(nid_objs[194]),/* "id-smime-spq" */ +&(nid_objs[250]),/* "id-smime-spq-ets-sqt-unotice" */ +&(nid_objs[249]),/* "id-smime-spq-ets-sqt-uri" */ &(nid_objs[34]),/* "idea-cbc" */ &(nid_objs[35]),/* "idea-cfb" */ &(nid_objs[36]),/* "idea-ecb" */ &(nid_objs[46]),/* "idea-ofb" */ +&(nid_objs[461]),/* "info" */ &(nid_objs[101]),/* "initials" */ +&(nid_objs[181]),/* "iso" */ +&(nid_objs[492]),/* "janetMailbox" */ +&(nid_objs[393]),/* "joint-iso-ccitt" */ +&(nid_objs[150]),/* "keyBag" */ +&(nid_objs[477]),/* "lastModifiedBy" */ +&(nid_objs[476]),/* "lastModifiedTime" */ +&(nid_objs[157]),/* "localKeyID" */ &(nid_objs[15]),/* "localityName" */ +&(nid_objs[480]),/* "mXRecord" */ +&(nid_objs[493]),/* "mailPreferenceOption" */ +&(nid_objs[467]),/* "manager" */ &(nid_objs[ 3]),/* "md2" */ &(nid_objs[ 7]),/* "md2WithRSAEncryption" */ +&(nid_objs[257]),/* "md4" */ +&(nid_objs[396]),/* "md4WithRSAEncryption" */ &(nid_objs[ 4]),/* "md5" */ &(nid_objs[114]),/* "md5-sha1" */ &(nid_objs[104]),/* "md5WithRSA" */ &(nid_objs[ 8]),/* "md5WithRSAEncryption" */ &(nid_objs[95]),/* "mdc2" */ -&(nid_objs[96]),/* "mdc2withRSA" */ +&(nid_objs[96]),/* "mdc2WithRSA" */ &(nid_objs[51]),/* "messageDigest" */ +&(nid_objs[506]),/* "mime-mhs-bodies" */ +&(nid_objs[505]),/* "mime-mhs-headings" */ +&(nid_objs[488]),/* "mobileTelephoneNumber" */ +&(nid_objs[481]),/* "nSRecord" */ +&(nid_objs[173]),/* "name" */ +&(nid_objs[379]),/* "org" */ &(nid_objs[17]),/* "organizationName" */ +&(nid_objs[491]),/* "organizationalStatus" */ &(nid_objs[18]),/* "organizationalUnitName" */ +&(nid_objs[475]),/* "otherMailbox" */ +&(nid_objs[489]),/* "pagerTelephoneNumber" */ +&(nid_objs[374]),/* "path" */ &(nid_objs[ 9]),/* "pbeWithMD2AndDES-CBC" */ +&(nid_objs[168]),/* "pbeWithMD2AndRC2-CBC" */ &(nid_objs[112]),/* "pbeWithMD5AndCast5CBC" */ &(nid_objs[10]),/* "pbeWithMD5AndDES-CBC" */ +&(nid_objs[169]),/* "pbeWithMD5AndRC2-CBC" */ +&(nid_objs[148]),/* "pbeWithSHA1And128BitRC2-CBC" */ +&(nid_objs[144]),/* "pbeWithSHA1And128BitRC4" */ +&(nid_objs[147]),/* "pbeWithSHA1And2-KeyTripleDES-CBC" */ +&(nid_objs[146]),/* "pbeWithSHA1And3-KeyTripleDES-CBC" */ +&(nid_objs[149]),/* "pbeWithSHA1And40BitRC2-CBC" */ +&(nid_objs[145]),/* "pbeWithSHA1And40BitRC4" */ +&(nid_objs[170]),/* "pbeWithSHA1AndDES-CBC" */ &(nid_objs[68]),/* "pbeWithSHA1AndRC2-CBC" */ -&(nid_objs[69]),/* "pbeWithSHA1AndRC4" */ -&(nid_objs[ 2]),/* "pkcs" */ +&(nid_objs[499]),/* "personalSignature" */ +&(nid_objs[487]),/* "personalTitle" */ +&(nid_objs[464]),/* "photo" */ +&(nid_objs[437]),/* "pilot" */ +&(nid_objs[439]),/* "pilotAttributeSyntax" */ +&(nid_objs[438]),/* "pilotAttributeType" */ +&(nid_objs[479]),/* "pilotAttributeType27" */ +&(nid_objs[456]),/* "pilotDSA" */ +&(nid_objs[441]),/* "pilotGroups" */ +&(nid_objs[444]),/* "pilotObject" */ +&(nid_objs[440]),/* "pilotObjectClass" */ +&(nid_objs[455]),/* "pilotOrganization" */ +&(nid_objs[445]),/* "pilotPerson" */ +&(nid_objs[186]),/* "pkcs1" */ &(nid_objs[27]),/* "pkcs3" */ +&(nid_objs[187]),/* "pkcs5" */ &(nid_objs[20]),/* "pkcs7" */ &(nid_objs[21]),/* "pkcs7-data" */ &(nid_objs[25]),/* "pkcs7-digestData" */ @@ -523,8 +2283,22 @@ static ASN1_OBJECT *ln_objs[NUM_LN]={ &(nid_objs[23]),/* "pkcs7-envelopedData" */ &(nid_objs[24]),/* "pkcs7-signedAndEnvelopedData" */ &(nid_objs[22]),/* "pkcs7-signedData" */ +&(nid_objs[151]),/* "pkcs8ShroudedKeyBag" */ &(nid_objs[47]),/* "pkcs9" */ +&(nid_objs[406]),/* "prime-field" */ +&(nid_objs[409]),/* "prime192v1" */ +&(nid_objs[410]),/* "prime192v2" */ +&(nid_objs[411]),/* "prime192v3" */ +&(nid_objs[412]),/* "prime239v1" */ +&(nid_objs[413]),/* "prime239v2" */ +&(nid_objs[414]),/* "prime239v3" */ +&(nid_objs[415]),/* "prime256v1" */ +&(nid_objs[435]),/* "pss" */ +&(nid_objs[286]),/* "qcStatements" */ +&(nid_objs[457]),/* "qualityLabelledData" */ +&(nid_objs[450]),/* "rFC822localPart" */ &(nid_objs[98]),/* "rc2-40-cbc" */ +&(nid_objs[166]),/* "rc2-64-cbc" */ &(nid_objs[37]),/* "rc2-cbc" */ &(nid_objs[39]),/* "rc2-cfb" */ &(nid_objs[38]),/* "rc2-ecb" */ @@ -535,11 +2309,24 @@ static ASN1_OBJECT *ln_objs[NUM_LN]={ &(nid_objs[122]),/* "rc5-cfb" */ &(nid_objs[121]),/* "rc5-ecb" */ &(nid_objs[123]),/* "rc5-ofb" */ +&(nid_objs[460]),/* "rfc822Mailbox" */ &(nid_objs[117]),/* "ripemd160" */ &(nid_objs[119]),/* "ripemd160WithRSA" */ +&(nid_objs[400]),/* "role" */ +&(nid_objs[448]),/* "room" */ +&(nid_objs[463]),/* "roomNumber" */ &(nid_objs[19]),/* "rsa" */ &(nid_objs[ 6]),/* "rsaEncryption" */ -&(nid_objs[ 1]),/* "rsadsi" */ +&(nid_objs[377]),/* "rsaSignature" */ +&(nid_objs[124]),/* "run length compression" */ +&(nid_objs[482]),/* "sOARecord" */ +&(nid_objs[155]),/* "safeContentsBag" */ +&(nid_objs[291]),/* "sbqp-autonomousSysNum" */ +&(nid_objs[290]),/* "sbqp-ipAddrBlock" */ +&(nid_objs[292]),/* "sbqp-routerIdentifier" */ +&(nid_objs[159]),/* "sdsiCertificate" */ +&(nid_objs[154]),/* "secretBag" */ +&(nid_objs[474]),/* "secretary" */ &(nid_objs[105]),/* "serialNumber" */ &(nid_objs[41]),/* "sha" */ &(nid_objs[64]),/* "sha1" */ @@ -547,19 +2334,45 @@ static ASN1_OBJECT *ln_objs[NUM_LN]={ &(nid_objs[65]),/* "sha1WithRSAEncryption" */ &(nid_objs[42]),/* "shaWithRSAEncryption" */ &(nid_objs[52]),/* "signingTime" */ +&(nid_objs[454]),/* "simpleSecurityObject" */ +&(nid_objs[496]),/* "singleLevelQuality" */ &(nid_objs[16]),/* "stateOrProvinceName" */ +&(nid_objs[498]),/* "subtreeMaximumQuality" */ +&(nid_objs[497]),/* "subtreeMinimumQuality" */ &(nid_objs[100]),/* "surname" */ +&(nid_objs[459]),/* "textEncodedORAddress" */ +&(nid_objs[293]),/* "textNotice" */ &(nid_objs[106]),/* "title" */ +&(nid_objs[436]),/* "ucl" */ &(nid_objs[ 0]),/* "undefined" */ -&(nid_objs[102]),/* "uniqueIdentifier" */ &(nid_objs[55]),/* "unstructuredAddress" */ &(nid_objs[49]),/* "unstructuredName" */ +&(nid_objs[465]),/* "userClass" */ +&(nid_objs[458]),/* "userId" */ +&(nid_objs[373]),/* "valid" */ +&(nid_objs[503]),/* "x500UniqueIdentifier" */ +&(nid_objs[158]),/* "x509Certificate" */ +&(nid_objs[160]),/* "x509Crl" */ +&(nid_objs[125]),/* "zlib compression" */ }; static ASN1_OBJECT *obj_objs[NUM_OBJ]={ +&(nid_objs[ 0]),/* OBJ_undef 0 */ +&(nid_objs[404]),/* OBJ_ccitt 0 */ +&(nid_objs[434]),/* OBJ_data 0 9 */ +&(nid_objs[181]),/* OBJ_iso 1 */ +&(nid_objs[182]),/* OBJ_member_body 1 2 */ +&(nid_objs[379]),/* OBJ_org 1 3 */ +&(nid_objs[393]),/* OBJ_joint_iso_ccitt 2 */ &(nid_objs[11]),/* OBJ_X500 2 5 */ +&(nid_objs[380]),/* OBJ_dod 1 3 6 */ &(nid_objs[12]),/* OBJ_X509 2 5 4 */ -&(nid_objs[81]),/* OBJ_ld_ce 2 5 29 */ +&(nid_objs[378]),/* OBJ_X500algorithms 2 5 8 */ +&(nid_objs[81]),/* OBJ_id_ce 2 5 29 */ +&(nid_objs[435]),/* OBJ_pss 0 9 2342 */ +&(nid_objs[183]),/* OBJ_ISO_US 1 2 840 */ +&(nid_objs[381]),/* OBJ_iana 1 3 6 1 */ +&(nid_objs[394]),/* OBJ_selected_attribute_types 2 5 1 5 */ &(nid_objs[13]),/* OBJ_commonName 2 5 4 3 */ &(nid_objs[100]),/* OBJ_surname 2 5 4 4 */ &(nid_objs[105]),/* OBJ_serialNumber 2 5 4 5 */ @@ -570,9 +2383,13 @@ static ASN1_OBJECT *obj_objs[NUM_OBJ]={ &(nid_objs[18]),/* OBJ_organizationalUnitName 2 5 4 11 */ &(nid_objs[106]),/* OBJ_title 2 5 4 12 */ &(nid_objs[107]),/* OBJ_description 2 5 4 13 */ +&(nid_objs[173]),/* OBJ_name 2 5 4 41 */ &(nid_objs[99]),/* OBJ_givenName 2 5 4 42 */ &(nid_objs[101]),/* OBJ_initials 2 5 4 43 */ -&(nid_objs[102]),/* OBJ_uniqueIdentifier 2 5 4 45 */ +&(nid_objs[509]),/* OBJ_generationQualifier 2 5 4 44 */ +&(nid_objs[503]),/* OBJ_x500UniqueIdentifier 2 5 4 45 */ +&(nid_objs[174]),/* OBJ_dnQualifier 2 5 4 46 */ +&(nid_objs[400]),/* OBJ_role 2 5 4 72 */ &(nid_objs[82]),/* OBJ_subject_key_identifier 2 5 29 14 */ &(nid_objs[83]),/* OBJ_key_usage 2 5 29 15 */ &(nid_objs[84]),/* OBJ_private_key_usage_period 2 5 29 16 */ @@ -580,54 +2397,230 @@ static ASN1_OBJECT *obj_objs[NUM_OBJ]={ &(nid_objs[86]),/* OBJ_issuer_alt_name 2 5 29 18 */ &(nid_objs[87]),/* OBJ_basic_constraints 2 5 29 19 */ &(nid_objs[88]),/* OBJ_crl_number 2 5 29 20 */ +&(nid_objs[141]),/* OBJ_crl_reason 2 5 29 21 */ +&(nid_objs[430]),/* OBJ_hold_instruction_code 2 5 29 23 */ +&(nid_objs[142]),/* OBJ_invalidity_date 2 5 29 24 */ +&(nid_objs[140]),/* OBJ_delta_crl 2 5 29 27 */ &(nid_objs[103]),/* OBJ_crl_distribution_points 2 5 29 31 */ &(nid_objs[89]),/* OBJ_certificate_policies 2 5 29 32 */ &(nid_objs[90]),/* OBJ_authority_key_identifier 2 5 29 35 */ +&(nid_objs[401]),/* OBJ_policy_constraints 2 5 29 36 */ +&(nid_objs[126]),/* OBJ_ext_key_usage 2 5 29 37 */ +&(nid_objs[402]),/* OBJ_target_information 2 5 29 55 */ +&(nid_objs[403]),/* OBJ_no_rev_avail 2 5 29 56 */ +&(nid_objs[382]),/* OBJ_Directory 1 3 6 1 1 */ +&(nid_objs[383]),/* OBJ_Management 1 3 6 1 2 */ +&(nid_objs[384]),/* OBJ_Experimental 1 3 6 1 3 */ +&(nid_objs[385]),/* OBJ_Private 1 3 6 1 4 */ +&(nid_objs[386]),/* OBJ_Security 1 3 6 1 5 */ +&(nid_objs[387]),/* OBJ_SNMPv2 1 3 6 1 6 */ +&(nid_objs[388]),/* OBJ_Mail 1 3 6 1 7 */ +&(nid_objs[376]),/* OBJ_algorithm 1 3 14 3 2 */ +&(nid_objs[395]),/* OBJ_clearance 2 5 1 5 55 */ &(nid_objs[19]),/* OBJ_rsa 2 5 8 1 1 */ &(nid_objs[96]),/* OBJ_mdc2WithRSA 2 5 8 3 100 */ &(nid_objs[95]),/* OBJ_mdc2 2 5 8 3 101 */ +&(nid_objs[184]),/* OBJ_X9_57 1 2 840 10040 */ +&(nid_objs[405]),/* OBJ_ansi_X9_62 1 2 840 10045 */ +&(nid_objs[389]),/* OBJ_Enterprises 1 3 6 1 4 1 */ +&(nid_objs[504]),/* OBJ_mime_mhs 1 3 6 1 7 1 */ &(nid_objs[104]),/* OBJ_md5WithRSA 1 3 14 3 2 3 */ &(nid_objs[29]),/* OBJ_des_ecb 1 3 14 3 2 6 */ &(nid_objs[31]),/* OBJ_des_cbc 1 3 14 3 2 7 */ &(nid_objs[45]),/* OBJ_des_ofb64 1 3 14 3 2 8 */ &(nid_objs[30]),/* OBJ_des_cfb64 1 3 14 3 2 9 */ +&(nid_objs[377]),/* OBJ_rsaSignature 1 3 14 3 2 11 */ &(nid_objs[67]),/* OBJ_dsa_2 1 3 14 3 2 12 */ &(nid_objs[66]),/* OBJ_dsaWithSHA 1 3 14 3 2 13 */ &(nid_objs[42]),/* OBJ_shaWithRSAEncryption 1 3 14 3 2 15 */ -&(nid_objs[32]),/* OBJ_des_ede 1 3 14 3 2 17 */ +&(nid_objs[32]),/* OBJ_des_ede_ecb 1 3 14 3 2 17 */ &(nid_objs[41]),/* OBJ_sha 1 3 14 3 2 18 */ &(nid_objs[64]),/* OBJ_sha1 1 3 14 3 2 26 */ &(nid_objs[70]),/* OBJ_dsaWithSHA1_2 1 3 14 3 2 27 */ &(nid_objs[115]),/* OBJ_sha1WithRSA 1 3 14 3 2 29 */ &(nid_objs[117]),/* OBJ_ripemd160 1 3 36 3 2 1 */ +&(nid_objs[143]),/* OBJ_sxnet 1 3 101 1 4 1 */ +&(nid_objs[124]),/* OBJ_rle_compression 1 1 1 1 666 1 */ +&(nid_objs[125]),/* OBJ_zlib_compression 1 1 1 1 666 2 */ &(nid_objs[ 1]),/* OBJ_rsadsi 1 2 840 113549 */ +&(nid_objs[185]),/* OBJ_X9cm 1 2 840 10040 4 */ +&(nid_objs[127]),/* OBJ_id_pkix 1 3 6 1 5 5 7 */ +&(nid_objs[505]),/* OBJ_mime_mhs_headings 1 3 6 1 7 1 1 */ +&(nid_objs[506]),/* OBJ_mime_mhs_bodies 1 3 6 1 7 1 2 */ &(nid_objs[119]),/* OBJ_ripemd160WithRSA 1 3 36 3 3 1 2 */ +&(nid_objs[436]),/* OBJ_ucl 0 9 2342 19200300 */ &(nid_objs[ 2]),/* OBJ_pkcs 1 2 840 113549 1 */ +&(nid_objs[431]),/* OBJ_hold_instruction_none 1 2 840 10040 2 1 */ +&(nid_objs[432]),/* OBJ_hold_instruction_call_issuer 1 2 840 10040 2 2 */ +&(nid_objs[433]),/* OBJ_hold_instruction_reject 1 2 840 10040 2 3 */ &(nid_objs[116]),/* OBJ_dsa 1 2 840 10040 4 1 */ &(nid_objs[113]),/* OBJ_dsaWithSHA1 1 2 840 10040 4 3 */ +&(nid_objs[406]),/* OBJ_X9_62_prime_field 1 2 840 10045 1 1 */ +&(nid_objs[407]),/* OBJ_X9_62_characteristic_two_field 1 2 840 10045 1 2 */ +&(nid_objs[408]),/* OBJ_X9_62_id_ecPublicKey 1 2 840 10045 2 1 */ +&(nid_objs[416]),/* OBJ_ecdsa_with_SHA1 1 2 840 10045 4 1 */ +&(nid_objs[258]),/* OBJ_id_pkix_mod 1 3 6 1 5 5 7 0 */ +&(nid_objs[175]),/* OBJ_id_pe 1 3 6 1 5 5 7 1 */ +&(nid_objs[259]),/* OBJ_id_qt 1 3 6 1 5 5 7 2 */ +&(nid_objs[128]),/* OBJ_id_kp 1 3 6 1 5 5 7 3 */ +&(nid_objs[260]),/* OBJ_id_it 1 3 6 1 5 5 7 4 */ +&(nid_objs[261]),/* OBJ_id_pkip 1 3 6 1 5 5 7 5 */ +&(nid_objs[262]),/* OBJ_id_alg 1 3 6 1 5 5 7 6 */ +&(nid_objs[263]),/* OBJ_id_cmc 1 3 6 1 5 5 7 7 */ +&(nid_objs[264]),/* OBJ_id_on 1 3 6 1 5 5 7 8 */ +&(nid_objs[265]),/* OBJ_id_pda 1 3 6 1 5 5 7 9 */ +&(nid_objs[266]),/* OBJ_id_aca 1 3 6 1 5 5 7 10 */ +&(nid_objs[267]),/* OBJ_id_qcs 1 3 6 1 5 5 7 11 */ +&(nid_objs[268]),/* OBJ_id_cct 1 3 6 1 5 5 7 12 */ +&(nid_objs[176]),/* OBJ_id_ad 1 3 6 1 5 5 7 48 */ +&(nid_objs[507]),/* OBJ_id_hex_partial_message 1 3 6 1 7 1 1 1 */ +&(nid_objs[508]),/* OBJ_id_hex_multipart_message 1 3 6 1 7 1 1 2 */ &(nid_objs[57]),/* OBJ_netscape 2 16 840 1 113730 */ +&(nid_objs[437]),/* OBJ_pilot 0 9 2342 19200300 100 */ +&(nid_objs[186]),/* OBJ_pkcs1 1 2 840 113549 1 1 */ &(nid_objs[27]),/* OBJ_pkcs3 1 2 840 113549 1 3 */ +&(nid_objs[187]),/* OBJ_pkcs5 1 2 840 113549 1 5 */ &(nid_objs[20]),/* OBJ_pkcs7 1 2 840 113549 1 7 */ &(nid_objs[47]),/* OBJ_pkcs9 1 2 840 113549 1 9 */ &(nid_objs[ 3]),/* OBJ_md2 1 2 840 113549 2 2 */ +&(nid_objs[257]),/* OBJ_md4 1 2 840 113549 2 4 */ &(nid_objs[ 4]),/* OBJ_md5 1 2 840 113549 2 5 */ +&(nid_objs[163]),/* OBJ_hmacWithSHA1 1 2 840 113549 2 7 */ &(nid_objs[37]),/* OBJ_rc2_cbc 1 2 840 113549 3 2 */ &(nid_objs[ 5]),/* OBJ_rc4 1 2 840 113549 3 4 */ &(nid_objs[44]),/* OBJ_des_ede3_cbc 1 2 840 113549 3 7 */ &(nid_objs[120]),/* OBJ_rc5_cbc 1 2 840 113549 3 8 */ +&(nid_objs[409]),/* OBJ_X9_62_prime192v1 1 2 840 10045 3 1 1 */ +&(nid_objs[410]),/* OBJ_X9_62_prime192v2 1 2 840 10045 3 1 2 */ +&(nid_objs[411]),/* OBJ_X9_62_prime192v3 1 2 840 10045 3 1 3 */ +&(nid_objs[412]),/* OBJ_X9_62_prime239v1 1 2 840 10045 3 1 4 */ +&(nid_objs[413]),/* OBJ_X9_62_prime239v2 1 2 840 10045 3 1 5 */ +&(nid_objs[414]),/* OBJ_X9_62_prime239v3 1 2 840 10045 3 1 6 */ +&(nid_objs[415]),/* OBJ_X9_62_prime256v1 1 2 840 10045 3 1 7 */ +&(nid_objs[269]),/* OBJ_id_pkix1_explicit_88 1 3 6 1 5 5 7 0 1 */ +&(nid_objs[270]),/* OBJ_id_pkix1_implicit_88 1 3 6 1 5 5 7 0 2 */ +&(nid_objs[271]),/* OBJ_id_pkix1_explicit_93 1 3 6 1 5 5 7 0 3 */ +&(nid_objs[272]),/* OBJ_id_pkix1_implicit_93 1 3 6 1 5 5 7 0 4 */ +&(nid_objs[273]),/* OBJ_id_mod_crmf 1 3 6 1 5 5 7 0 5 */ +&(nid_objs[274]),/* OBJ_id_mod_cmc 1 3 6 1 5 5 7 0 6 */ +&(nid_objs[275]),/* OBJ_id_mod_kea_profile_88 1 3 6 1 5 5 7 0 7 */ +&(nid_objs[276]),/* OBJ_id_mod_kea_profile_93 1 3 6 1 5 5 7 0 8 */ +&(nid_objs[277]),/* OBJ_id_mod_cmp 1 3 6 1 5 5 7 0 9 */ +&(nid_objs[278]),/* OBJ_id_mod_qualified_cert_88 1 3 6 1 5 5 7 0 10 */ +&(nid_objs[279]),/* OBJ_id_mod_qualified_cert_93 1 3 6 1 5 5 7 0 11 */ +&(nid_objs[280]),/* OBJ_id_mod_attribute_cert 1 3 6 1 5 5 7 0 12 */ +&(nid_objs[281]),/* OBJ_id_mod_timestamp_protocol 1 3 6 1 5 5 7 0 13 */ +&(nid_objs[282]),/* OBJ_id_mod_ocsp 1 3 6 1 5 5 7 0 14 */ +&(nid_objs[283]),/* OBJ_id_mod_dvcs 1 3 6 1 5 5 7 0 15 */ +&(nid_objs[284]),/* OBJ_id_mod_cmp2000 1 3 6 1 5 5 7 0 16 */ +&(nid_objs[177]),/* OBJ_info_access 1 3 6 1 5 5 7 1 1 */ +&(nid_objs[285]),/* OBJ_biometricInfo 1 3 6 1 5 5 7 1 2 */ +&(nid_objs[286]),/* OBJ_qcStatements 1 3 6 1 5 5 7 1 3 */ +&(nid_objs[287]),/* OBJ_ac_auditEntity 1 3 6 1 5 5 7 1 4 */ +&(nid_objs[288]),/* OBJ_ac_targeting 1 3 6 1 5 5 7 1 5 */ +&(nid_objs[289]),/* OBJ_aaControls 1 3 6 1 5 5 7 1 6 */ +&(nid_objs[290]),/* OBJ_sbqp_ipAddrBlock 1 3 6 1 5 5 7 1 7 */ +&(nid_objs[291]),/* OBJ_sbqp_autonomousSysNum 1 3 6 1 5 5 7 1 8 */ +&(nid_objs[292]),/* OBJ_sbqp_routerIdentifier 1 3 6 1 5 5 7 1 9 */ +&(nid_objs[397]),/* OBJ_ac_proxying 1 3 6 1 5 5 7 1 10 */ +&(nid_objs[398]),/* OBJ_sinfo_access 1 3 6 1 5 5 7 1 11 */ +&(nid_objs[164]),/* OBJ_id_qt_cps 1 3 6 1 5 5 7 2 1 */ +&(nid_objs[165]),/* OBJ_id_qt_unotice 1 3 6 1 5 5 7 2 2 */ +&(nid_objs[293]),/* OBJ_textNotice 1 3 6 1 5 5 7 2 3 */ +&(nid_objs[129]),/* OBJ_server_auth 1 3 6 1 5 5 7 3 1 */ +&(nid_objs[130]),/* OBJ_client_auth 1 3 6 1 5 5 7 3 2 */ +&(nid_objs[131]),/* OBJ_code_sign 1 3 6 1 5 5 7 3 3 */ +&(nid_objs[132]),/* OBJ_email_protect 1 3 6 1 5 5 7 3 4 */ +&(nid_objs[294]),/* OBJ_ipsecEndSystem 1 3 6 1 5 5 7 3 5 */ +&(nid_objs[295]),/* OBJ_ipsecTunnel 1 3 6 1 5 5 7 3 6 */ +&(nid_objs[296]),/* OBJ_ipsecUser 1 3 6 1 5 5 7 3 7 */ +&(nid_objs[133]),/* OBJ_time_stamp 1 3 6 1 5 5 7 3 8 */ +&(nid_objs[180]),/* OBJ_OCSP_sign 1 3 6 1 5 5 7 3 9 */ +&(nid_objs[297]),/* OBJ_dvcs 1 3 6 1 5 5 7 3 10 */ +&(nid_objs[298]),/* OBJ_id_it_caProtEncCert 1 3 6 1 5 5 7 4 1 */ +&(nid_objs[299]),/* OBJ_id_it_signKeyPairTypes 1 3 6 1 5 5 7 4 2 */ +&(nid_objs[300]),/* OBJ_id_it_encKeyPairTypes 1 3 6 1 5 5 7 4 3 */ +&(nid_objs[301]),/* OBJ_id_it_preferredSymmAlg 1 3 6 1 5 5 7 4 4 */ +&(nid_objs[302]),/* OBJ_id_it_caKeyUpdateInfo 1 3 6 1 5 5 7 4 5 */ +&(nid_objs[303]),/* OBJ_id_it_currentCRL 1 3 6 1 5 5 7 4 6 */ +&(nid_objs[304]),/* OBJ_id_it_unsupportedOIDs 1 3 6 1 5 5 7 4 7 */ +&(nid_objs[305]),/* OBJ_id_it_subscriptionRequest 1 3 6 1 5 5 7 4 8 */ +&(nid_objs[306]),/* OBJ_id_it_subscriptionResponse 1 3 6 1 5 5 7 4 9 */ +&(nid_objs[307]),/* OBJ_id_it_keyPairParamReq 1 3 6 1 5 5 7 4 10 */ +&(nid_objs[308]),/* OBJ_id_it_keyPairParamRep 1 3 6 1 5 5 7 4 11 */ +&(nid_objs[309]),/* OBJ_id_it_revPassphrase 1 3 6 1 5 5 7 4 12 */ +&(nid_objs[310]),/* OBJ_id_it_implicitConfirm 1 3 6 1 5 5 7 4 13 */ +&(nid_objs[311]),/* OBJ_id_it_confirmWaitTime 1 3 6 1 5 5 7 4 14 */ +&(nid_objs[312]),/* OBJ_id_it_origPKIMessage 1 3 6 1 5 5 7 4 15 */ +&(nid_objs[313]),/* OBJ_id_regCtrl 1 3 6 1 5 5 7 5 1 */ +&(nid_objs[314]),/* OBJ_id_regInfo 1 3 6 1 5 5 7 5 2 */ +&(nid_objs[323]),/* OBJ_id_alg_des40 1 3 6 1 5 5 7 6 1 */ +&(nid_objs[324]),/* OBJ_id_alg_noSignature 1 3 6 1 5 5 7 6 2 */ +&(nid_objs[325]),/* OBJ_id_alg_dh_sig_hmac_sha1 1 3 6 1 5 5 7 6 3 */ +&(nid_objs[326]),/* OBJ_id_alg_dh_pop 1 3 6 1 5 5 7 6 4 */ +&(nid_objs[327]),/* OBJ_id_cmc_statusInfo 1 3 6 1 5 5 7 7 1 */ +&(nid_objs[328]),/* OBJ_id_cmc_identification 1 3 6 1 5 5 7 7 2 */ +&(nid_objs[329]),/* OBJ_id_cmc_identityProof 1 3 6 1 5 5 7 7 3 */ +&(nid_objs[330]),/* OBJ_id_cmc_dataReturn 1 3 6 1 5 5 7 7 4 */ +&(nid_objs[331]),/* OBJ_id_cmc_transactionId 1 3 6 1 5 5 7 7 5 */ +&(nid_objs[332]),/* OBJ_id_cmc_senderNonce 1 3 6 1 5 5 7 7 6 */ +&(nid_objs[333]),/* OBJ_id_cmc_recipientNonce 1 3 6 1 5 5 7 7 7 */ +&(nid_objs[334]),/* OBJ_id_cmc_addExtensions 1 3 6 1 5 5 7 7 8 */ +&(nid_objs[335]),/* OBJ_id_cmc_encryptedPOP 1 3 6 1 5 5 7 7 9 */ +&(nid_objs[336]),/* OBJ_id_cmc_decryptedPOP 1 3 6 1 5 5 7 7 10 */ +&(nid_objs[337]),/* OBJ_id_cmc_lraPOPWitness 1 3 6 1 5 5 7 7 11 */ +&(nid_objs[338]),/* OBJ_id_cmc_getCert 1 3 6 1 5 5 7 7 15 */ +&(nid_objs[339]),/* OBJ_id_cmc_getCRL 1 3 6 1 5 5 7 7 16 */ +&(nid_objs[340]),/* OBJ_id_cmc_revokeRequest 1 3 6 1 5 5 7 7 17 */ +&(nid_objs[341]),/* OBJ_id_cmc_regInfo 1 3 6 1 5 5 7 7 18 */ +&(nid_objs[342]),/* OBJ_id_cmc_responseInfo 1 3 6 1 5 5 7 7 19 */ +&(nid_objs[343]),/* OBJ_id_cmc_queryPending 1 3 6 1 5 5 7 7 21 */ +&(nid_objs[344]),/* OBJ_id_cmc_popLinkRandom 1 3 6 1 5 5 7 7 22 */ +&(nid_objs[345]),/* OBJ_id_cmc_popLinkWitness 1 3 6 1 5 5 7 7 23 */ +&(nid_objs[346]),/* OBJ_id_cmc_confirmCertAcceptance 1 3 6 1 5 5 7 7 24 */ +&(nid_objs[347]),/* OBJ_id_on_personalData 1 3 6 1 5 5 7 8 1 */ +&(nid_objs[348]),/* OBJ_id_pda_dateOfBirth 1 3 6 1 5 5 7 9 1 */ +&(nid_objs[349]),/* OBJ_id_pda_placeOfBirth 1 3 6 1 5 5 7 9 2 */ +&(nid_objs[351]),/* OBJ_id_pda_gender 1 3 6 1 5 5 7 9 3 */ +&(nid_objs[352]),/* OBJ_id_pda_countryOfCitizenship 1 3 6 1 5 5 7 9 4 */ +&(nid_objs[353]),/* OBJ_id_pda_countryOfResidence 1 3 6 1 5 5 7 9 5 */ +&(nid_objs[354]),/* OBJ_id_aca_authenticationInfo 1 3 6 1 5 5 7 10 1 */ +&(nid_objs[355]),/* OBJ_id_aca_accessIdentity 1 3 6 1 5 5 7 10 2 */ +&(nid_objs[356]),/* OBJ_id_aca_chargingIdentity 1 3 6 1 5 5 7 10 3 */ +&(nid_objs[357]),/* OBJ_id_aca_group 1 3 6 1 5 5 7 10 4 */ +&(nid_objs[358]),/* OBJ_id_aca_role 1 3 6 1 5 5 7 10 5 */ +&(nid_objs[399]),/* OBJ_id_aca_encAttrs 1 3 6 1 5 5 7 10 6 */ +&(nid_objs[359]),/* OBJ_id_qcs_pkixQCSyntax_v1 1 3 6 1 5 5 7 11 1 */ +&(nid_objs[360]),/* OBJ_id_cct_crs 1 3 6 1 5 5 7 12 1 */ +&(nid_objs[361]),/* OBJ_id_cct_PKIData 1 3 6 1 5 5 7 12 2 */ +&(nid_objs[362]),/* OBJ_id_cct_PKIResponse 1 3 6 1 5 5 7 12 3 */ +&(nid_objs[178]),/* OBJ_ad_OCSP 1 3 6 1 5 5 7 48 1 */ +&(nid_objs[179]),/* OBJ_ad_ca_issuers 1 3 6 1 5 5 7 48 2 */ +&(nid_objs[363]),/* OBJ_ad_timeStamping 1 3 6 1 5 5 7 48 3 */ +&(nid_objs[364]),/* OBJ_ad_dvcs 1 3 6 1 5 5 7 48 4 */ &(nid_objs[58]),/* OBJ_netscape_cert_extension 2 16 840 1 113730 1 */ &(nid_objs[59]),/* OBJ_netscape_data_type 2 16 840 1 113730 2 */ +&(nid_objs[438]),/* OBJ_pilotAttributeType 0 9 2342 19200300 100 1 */ +&(nid_objs[439]),/* OBJ_pilotAttributeSyntax 0 9 2342 19200300 100 3 */ +&(nid_objs[440]),/* OBJ_pilotObjectClass 0 9 2342 19200300 100 4 */ +&(nid_objs[441]),/* OBJ_pilotGroups 0 9 2342 19200300 100 10 */ &(nid_objs[108]),/* OBJ_cast5_cbc 1 2 840 113533 7 66 10 */ &(nid_objs[112]),/* OBJ_pbeWithMD5AndCast5_CBC 1 2 840 113533 7 66 12 */ &(nid_objs[ 6]),/* OBJ_rsaEncryption 1 2 840 113549 1 1 1 */ &(nid_objs[ 7]),/* OBJ_md2WithRSAEncryption 1 2 840 113549 1 1 2 */ +&(nid_objs[396]),/* OBJ_md4WithRSAEncryption 1 2 840 113549 1 1 3 */ &(nid_objs[ 8]),/* OBJ_md5WithRSAEncryption 1 2 840 113549 1 1 4 */ &(nid_objs[65]),/* OBJ_sha1WithRSAEncryption 1 2 840 113549 1 1 5 */ &(nid_objs[28]),/* OBJ_dhKeyAgreement 1 2 840 113549 1 3 1 */ &(nid_objs[ 9]),/* OBJ_pbeWithMD2AndDES_CBC 1 2 840 113549 1 5 1 */ &(nid_objs[10]),/* OBJ_pbeWithMD5AndDES_CBC 1 2 840 113549 1 5 3 */ -&(nid_objs[68]),/* OBJ_pbeWithSHA1AndRC2_CBC 1 2 840 113549 1 5 11 */ -&(nid_objs[69]),/* OBJ_pbeWithSHA1AndRC4 1 2 840 113549 1 5 12 */ +&(nid_objs[168]),/* OBJ_pbeWithMD2AndRC2_CBC 1 2 840 113549 1 5 4 */ +&(nid_objs[169]),/* OBJ_pbeWithMD5AndRC2_CBC 1 2 840 113549 1 5 6 */ +&(nid_objs[170]),/* OBJ_pbeWithSHA1AndDES_CBC 1 2 840 113549 1 5 10 */ +&(nid_objs[68]),/* OBJ_pbeWithSHA1AndRC2_CBC 1 2 840 113549 1 5 11 */ +&(nid_objs[69]),/* OBJ_id_pbkdf2 1 2 840 113549 1 5 12 */ +&(nid_objs[161]),/* OBJ_pbes2 1 2 840 113549 1 5 13 */ +&(nid_objs[162]),/* OBJ_pbmac1 1 2 840 113549 1 5 14 */ &(nid_objs[21]),/* OBJ_pkcs7_data 1 2 840 113549 1 7 1 */ &(nid_objs[22]),/* OBJ_pkcs7_signed 1 2 840 113549 1 7 2 */ &(nid_objs[23]),/* OBJ_pkcs7_enveloped 1 2 840 113549 1 7 3 */ @@ -643,6 +2636,45 @@ static ASN1_OBJECT *obj_objs[NUM_OBJ]={ &(nid_objs[54]),/* OBJ_pkcs9_challengePassword 1 2 840 113549 1 9 7 */ &(nid_objs[55]),/* OBJ_pkcs9_unstructuredAddress 1 2 840 113549 1 9 8 */ &(nid_objs[56]),/* OBJ_pkcs9_extCertAttributes 1 2 840 113549 1 9 9 */ +&(nid_objs[172]),/* OBJ_ext_req 1 2 840 113549 1 9 14 */ +&(nid_objs[167]),/* OBJ_SMIMECapabilities 1 2 840 113549 1 9 15 */ +&(nid_objs[188]),/* OBJ_SMIME 1 2 840 113549 1 9 16 */ +&(nid_objs[156]),/* OBJ_friendlyName 1 2 840 113549 1 9 20 */ +&(nid_objs[157]),/* OBJ_localKeyID 1 2 840 113549 1 9 21 */ +&(nid_objs[417]),/* OBJ_ms_csp_name 1 3 6 1 4 1 311 17 1 */ +&(nid_objs[390]),/* OBJ_dcObject 1 3 6 1 4 1 1466 344 */ +&(nid_objs[91]),/* OBJ_bf_cbc 1 3 6 1 4 1 3029 1 2 */ +&(nid_objs[315]),/* OBJ_id_regCtrl_regToken 1 3 6 1 5 5 7 5 1 1 */ +&(nid_objs[316]),/* OBJ_id_regCtrl_authenticator 1 3 6 1 5 5 7 5 1 2 */ +&(nid_objs[317]),/* OBJ_id_regCtrl_pkiPublicationInfo 1 3 6 1 5 5 7 5 1 3 */ +&(nid_objs[318]),/* OBJ_id_regCtrl_pkiArchiveOptions 1 3 6 1 5 5 7 5 1 4 */ +&(nid_objs[319]),/* OBJ_id_regCtrl_oldCertID 1 3 6 1 5 5 7 5 1 5 */ +&(nid_objs[320]),/* OBJ_id_regCtrl_protocolEncrKey 1 3 6 1 5 5 7 5 1 6 */ +&(nid_objs[321]),/* OBJ_id_regInfo_utf8Pairs 1 3 6 1 5 5 7 5 2 1 */ +&(nid_objs[322]),/* OBJ_id_regInfo_certReq 1 3 6 1 5 5 7 5 2 2 */ +&(nid_objs[365]),/* OBJ_id_pkix_OCSP_basic 1 3 6 1 5 5 7 48 1 1 */ +&(nid_objs[366]),/* OBJ_id_pkix_OCSP_Nonce 1 3 6 1 5 5 7 48 1 2 */ +&(nid_objs[367]),/* OBJ_id_pkix_OCSP_CrlID 1 3 6 1 5 5 7 48 1 3 */ +&(nid_objs[368]),/* OBJ_id_pkix_OCSP_acceptableResponses 1 3 6 1 5 5 7 48 1 4 */ +&(nid_objs[369]),/* OBJ_id_pkix_OCSP_noCheck 1 3 6 1 5 5 7 48 1 5 */ +&(nid_objs[370]),/* OBJ_id_pkix_OCSP_archiveCutoff 1 3 6 1 5 5 7 48 1 6 */ +&(nid_objs[371]),/* OBJ_id_pkix_OCSP_serviceLocator 1 3 6 1 5 5 7 48 1 7 */ +&(nid_objs[372]),/* OBJ_id_pkix_OCSP_extendedStatus 1 3 6 1 5 5 7 48 1 8 */ +&(nid_objs[373]),/* OBJ_id_pkix_OCSP_valid 1 3 6 1 5 5 7 48 1 9 */ +&(nid_objs[374]),/* OBJ_id_pkix_OCSP_path 1 3 6 1 5 5 7 48 1 10 */ +&(nid_objs[375]),/* OBJ_id_pkix_OCSP_trustRoot 1 3 6 1 5 5 7 48 1 11 */ +&(nid_objs[418]),/* OBJ_aes_128_ecb 2 16 840 1 101 3 4 1 1 */ +&(nid_objs[419]),/* OBJ_aes_128_cbc 2 16 840 1 101 3 4 1 2 */ +&(nid_objs[420]),/* OBJ_aes_128_ofb128 2 16 840 1 101 3 4 1 3 */ +&(nid_objs[421]),/* OBJ_aes_128_cfb128 2 16 840 1 101 3 4 1 4 */ +&(nid_objs[422]),/* OBJ_aes_192_ecb 2 16 840 1 101 3 4 1 21 */ +&(nid_objs[423]),/* OBJ_aes_192_cbc 2 16 840 1 101 3 4 1 22 */ +&(nid_objs[424]),/* OBJ_aes_192_ofb128 2 16 840 1 101 3 4 1 23 */ +&(nid_objs[425]),/* OBJ_aes_192_cfb128 2 16 840 1 101 3 4 1 24 */ +&(nid_objs[426]),/* OBJ_aes_256_ecb 2 16 840 1 101 3 4 1 41 */ +&(nid_objs[427]),/* OBJ_aes_256_cbc 2 16 840 1 101 3 4 1 42 */ +&(nid_objs[428]),/* OBJ_aes_256_ofb128 2 16 840 1 101 3 4 1 43 */ +&(nid_objs[429]),/* OBJ_aes_256_cfb128 2 16 840 1 101 3 4 1 44 */ &(nid_objs[71]),/* OBJ_netscape_cert_type 2 16 840 1 113730 1 1 */ &(nid_objs[72]),/* OBJ_netscape_base_url 2 16 840 1 113730 1 2 */ &(nid_objs[73]),/* OBJ_netscape_revocation_url 2 16 840 1 113730 1 3 */ @@ -652,5 +2684,159 @@ static ASN1_OBJECT *obj_objs[NUM_OBJ]={ &(nid_objs[77]),/* OBJ_netscape_ssl_server_name 2 16 840 1 113730 1 12 */ &(nid_objs[78]),/* OBJ_netscape_comment 2 16 840 1 113730 1 13 */ &(nid_objs[79]),/* OBJ_netscape_cert_sequence 2 16 840 1 113730 2 5 */ +&(nid_objs[139]),/* OBJ_ns_sgc 2 16 840 1 113730 4 1 */ +&(nid_objs[458]),/* OBJ_userId 0 9 2342 19200300 100 1 1 */ +&(nid_objs[459]),/* OBJ_textEncodedORAddress 0 9 2342 19200300 100 1 2 */ +&(nid_objs[460]),/* OBJ_rfc822Mailbox 0 9 2342 19200300 100 1 3 */ +&(nid_objs[461]),/* OBJ_info 0 9 2342 19200300 100 1 4 */ +&(nid_objs[462]),/* OBJ_favouriteDrink 0 9 2342 19200300 100 1 5 */ +&(nid_objs[463]),/* OBJ_roomNumber 0 9 2342 19200300 100 1 6 */ +&(nid_objs[464]),/* OBJ_photo 0 9 2342 19200300 100 1 7 */ +&(nid_objs[465]),/* OBJ_userClass 0 9 2342 19200300 100 1 8 */ +&(nid_objs[466]),/* OBJ_host 0 9 2342 19200300 100 1 9 */ +&(nid_objs[467]),/* OBJ_manager 0 9 2342 19200300 100 1 10 */ +&(nid_objs[468]),/* OBJ_documentIdentifier 0 9 2342 19200300 100 1 11 */ +&(nid_objs[469]),/* OBJ_documentTitle 0 9 2342 19200300 100 1 12 */ +&(nid_objs[470]),/* OBJ_documentVersion 0 9 2342 19200300 100 1 13 */ +&(nid_objs[471]),/* OBJ_documentAuthor 0 9 2342 19200300 100 1 14 */ +&(nid_objs[472]),/* OBJ_documentLocation 0 9 2342 19200300 100 1 15 */ +&(nid_objs[473]),/* OBJ_homeTelephoneNumber 0 9 2342 19200300 100 1 20 */ +&(nid_objs[474]),/* OBJ_secretary 0 9 2342 19200300 100 1 21 */ +&(nid_objs[475]),/* OBJ_otherMailbox 0 9 2342 19200300 100 1 22 */ +&(nid_objs[476]),/* OBJ_lastModifiedTime 0 9 2342 19200300 100 1 23 */ +&(nid_objs[477]),/* OBJ_lastModifiedBy 0 9 2342 19200300 100 1 24 */ +&(nid_objs[391]),/* OBJ_domainComponent 0 9 2342 19200300 100 1 25 */ +&(nid_objs[478]),/* OBJ_aRecord 0 9 2342 19200300 100 1 26 */ +&(nid_objs[479]),/* OBJ_pilotAttributeType27 0 9 2342 19200300 100 1 27 */ +&(nid_objs[480]),/* OBJ_mXRecord 0 9 2342 19200300 100 1 28 */ +&(nid_objs[481]),/* OBJ_nSRecord 0 9 2342 19200300 100 1 29 */ +&(nid_objs[482]),/* OBJ_sOARecord 0 9 2342 19200300 100 1 30 */ +&(nid_objs[483]),/* OBJ_cNAMERecord 0 9 2342 19200300 100 1 31 */ +&(nid_objs[484]),/* OBJ_associatedDomain 0 9 2342 19200300 100 1 37 */ +&(nid_objs[485]),/* OBJ_associatedName 0 9 2342 19200300 100 1 38 */ +&(nid_objs[486]),/* OBJ_homePostalAddress 0 9 2342 19200300 100 1 39 */ +&(nid_objs[487]),/* OBJ_personalTitle 0 9 2342 19200300 100 1 40 */ +&(nid_objs[488]),/* OBJ_mobileTelephoneNumber 0 9 2342 19200300 100 1 41 */ +&(nid_objs[489]),/* OBJ_pagerTelephoneNumber 0 9 2342 19200300 100 1 42 */ +&(nid_objs[490]),/* OBJ_friendlyCountryName 0 9 2342 19200300 100 1 43 */ +&(nid_objs[491]),/* OBJ_organizationalStatus 0 9 2342 19200300 100 1 45 */ +&(nid_objs[492]),/* OBJ_janetMailbox 0 9 2342 19200300 100 1 46 */ +&(nid_objs[493]),/* OBJ_mailPreferenceOption 0 9 2342 19200300 100 1 47 */ +&(nid_objs[494]),/* OBJ_buildingName 0 9 2342 19200300 100 1 48 */ +&(nid_objs[495]),/* OBJ_dSAQuality 0 9 2342 19200300 100 1 49 */ +&(nid_objs[496]),/* OBJ_singleLevelQuality 0 9 2342 19200300 100 1 50 */ +&(nid_objs[497]),/* OBJ_subtreeMinimumQuality 0 9 2342 19200300 100 1 51 */ +&(nid_objs[498]),/* OBJ_subtreeMaximumQuality 0 9 2342 19200300 100 1 52 */ +&(nid_objs[499]),/* OBJ_personalSignature 0 9 2342 19200300 100 1 53 */ +&(nid_objs[500]),/* OBJ_dITRedirect 0 9 2342 19200300 100 1 54 */ +&(nid_objs[501]),/* OBJ_audio 0 9 2342 19200300 100 1 55 */ +&(nid_objs[502]),/* OBJ_documentPublisher 0 9 2342 19200300 100 1 56 */ +&(nid_objs[442]),/* OBJ_iA5StringSyntax 0 9 2342 19200300 100 3 4 */ +&(nid_objs[443]),/* OBJ_caseIgnoreIA5StringSyntax 0 9 2342 19200300 100 3 5 */ +&(nid_objs[444]),/* OBJ_pilotObject 0 9 2342 19200300 100 4 3 */ +&(nid_objs[445]),/* OBJ_pilotPerson 0 9 2342 19200300 100 4 4 */ +&(nid_objs[446]),/* OBJ_account 0 9 2342 19200300 100 4 5 */ +&(nid_objs[447]),/* OBJ_document 0 9 2342 19200300 100 4 6 */ +&(nid_objs[448]),/* OBJ_room 0 9 2342 19200300 100 4 7 */ +&(nid_objs[449]),/* OBJ_documentSeries 0 9 2342 19200300 100 4 9 */ +&(nid_objs[392]),/* OBJ_Domain 0 9 2342 19200300 100 4 13 */ +&(nid_objs[450]),/* OBJ_rFC822localPart 0 9 2342 19200300 100 4 14 */ +&(nid_objs[451]),/* OBJ_dNSDomain 0 9 2342 19200300 100 4 15 */ +&(nid_objs[452]),/* OBJ_domainRelatedObject 0 9 2342 19200300 100 4 17 */ +&(nid_objs[453]),/* OBJ_friendlyCountry 0 9 2342 19200300 100 4 18 */ +&(nid_objs[454]),/* OBJ_simpleSecurityObject 0 9 2342 19200300 100 4 19 */ +&(nid_objs[455]),/* OBJ_pilotOrganization 0 9 2342 19200300 100 4 20 */ +&(nid_objs[456]),/* OBJ_pilotDSA 0 9 2342 19200300 100 4 21 */ +&(nid_objs[457]),/* OBJ_qualityLabelledData 0 9 2342 19200300 100 4 22 */ +&(nid_objs[189]),/* OBJ_id_smime_mod 1 2 840 113549 1 9 16 0 */ +&(nid_objs[190]),/* OBJ_id_smime_ct 1 2 840 113549 1 9 16 1 */ +&(nid_objs[191]),/* OBJ_id_smime_aa 1 2 840 113549 1 9 16 2 */ +&(nid_objs[192]),/* OBJ_id_smime_alg 1 2 840 113549 1 9 16 3 */ +&(nid_objs[193]),/* OBJ_id_smime_cd 1 2 840 113549 1 9 16 4 */ +&(nid_objs[194]),/* OBJ_id_smime_spq 1 2 840 113549 1 9 16 5 */ +&(nid_objs[195]),/* OBJ_id_smime_cti 1 2 840 113549 1 9 16 6 */ +&(nid_objs[158]),/* OBJ_x509Certificate 1 2 840 113549 1 9 22 1 */ +&(nid_objs[159]),/* OBJ_sdsiCertificate 1 2 840 113549 1 9 22 2 */ +&(nid_objs[160]),/* OBJ_x509Crl 1 2 840 113549 1 9 23 1 */ +&(nid_objs[144]),/* OBJ_pbe_WithSHA1And128BitRC4 1 2 840 113549 1 12 1 1 */ +&(nid_objs[145]),/* OBJ_pbe_WithSHA1And40BitRC4 1 2 840 113549 1 12 1 2 */ +&(nid_objs[146]),/* OBJ_pbe_WithSHA1And3_Key_TripleDES_CBC 1 2 840 113549 1 12 1 3 */ +&(nid_objs[147]),/* OBJ_pbe_WithSHA1And2_Key_TripleDES_CBC 1 2 840 113549 1 12 1 4 */ +&(nid_objs[148]),/* OBJ_pbe_WithSHA1And128BitRC2_CBC 1 2 840 113549 1 12 1 5 */ +&(nid_objs[149]),/* OBJ_pbe_WithSHA1And40BitRC2_CBC 1 2 840 113549 1 12 1 6 */ +&(nid_objs[171]),/* OBJ_ms_ext_req 1 3 6 1 4 1 311 2 1 14 */ +&(nid_objs[134]),/* OBJ_ms_code_ind 1 3 6 1 4 1 311 2 1 21 */ +&(nid_objs[135]),/* OBJ_ms_code_com 1 3 6 1 4 1 311 2 1 22 */ +&(nid_objs[136]),/* OBJ_ms_ctl_sign 1 3 6 1 4 1 311 10 3 1 */ +&(nid_objs[137]),/* OBJ_ms_sgc 1 3 6 1 4 1 311 10 3 3 */ +&(nid_objs[138]),/* OBJ_ms_efs 1 3 6 1 4 1 311 10 3 4 */ +&(nid_objs[196]),/* OBJ_id_smime_mod_cms 1 2 840 113549 1 9 16 0 1 */ +&(nid_objs[197]),/* OBJ_id_smime_mod_ess 1 2 840 113549 1 9 16 0 2 */ +&(nid_objs[198]),/* OBJ_id_smime_mod_oid 1 2 840 113549 1 9 16 0 3 */ +&(nid_objs[199]),/* OBJ_id_smime_mod_msg_v3 1 2 840 113549 1 9 16 0 4 */ +&(nid_objs[200]),/* OBJ_id_smime_mod_ets_eSignature_88 1 2 840 113549 1 9 16 0 5 */ +&(nid_objs[201]),/* OBJ_id_smime_mod_ets_eSignature_97 1 2 840 113549 1 9 16 0 6 */ +&(nid_objs[202]),/* OBJ_id_smime_mod_ets_eSigPolicy_88 1 2 840 113549 1 9 16 0 7 */ +&(nid_objs[203]),/* OBJ_id_smime_mod_ets_eSigPolicy_97 1 2 840 113549 1 9 16 0 8 */ +&(nid_objs[204]),/* OBJ_id_smime_ct_receipt 1 2 840 113549 1 9 16 1 1 */ +&(nid_objs[205]),/* OBJ_id_smime_ct_authData 1 2 840 113549 1 9 16 1 2 */ +&(nid_objs[206]),/* OBJ_id_smime_ct_publishCert 1 2 840 113549 1 9 16 1 3 */ +&(nid_objs[207]),/* OBJ_id_smime_ct_TSTInfo 1 2 840 113549 1 9 16 1 4 */ +&(nid_objs[208]),/* OBJ_id_smime_ct_TDTInfo 1 2 840 113549 1 9 16 1 5 */ +&(nid_objs[209]),/* OBJ_id_smime_ct_contentInfo 1 2 840 113549 1 9 16 1 6 */ +&(nid_objs[210]),/* OBJ_id_smime_ct_DVCSRequestData 1 2 840 113549 1 9 16 1 7 */ +&(nid_objs[211]),/* OBJ_id_smime_ct_DVCSResponseData 1 2 840 113549 1 9 16 1 8 */ +&(nid_objs[212]),/* OBJ_id_smime_aa_receiptRequest 1 2 840 113549 1 9 16 2 1 */ +&(nid_objs[213]),/* OBJ_id_smime_aa_securityLabel 1 2 840 113549 1 9 16 2 2 */ +&(nid_objs[214]),/* OBJ_id_smime_aa_mlExpandHistory 1 2 840 113549 1 9 16 2 3 */ +&(nid_objs[215]),/* OBJ_id_smime_aa_contentHint 1 2 840 113549 1 9 16 2 4 */ +&(nid_objs[216]),/* OBJ_id_smime_aa_msgSigDigest 1 2 840 113549 1 9 16 2 5 */ +&(nid_objs[217]),/* OBJ_id_smime_aa_encapContentType 1 2 840 113549 1 9 16 2 6 */ +&(nid_objs[218]),/* OBJ_id_smime_aa_contentIdentifier 1 2 840 113549 1 9 16 2 7 */ +&(nid_objs[219]),/* OBJ_id_smime_aa_macValue 1 2 840 113549 1 9 16 2 8 */ +&(nid_objs[220]),/* OBJ_id_smime_aa_equivalentLabels 1 2 840 113549 1 9 16 2 9 */ +&(nid_objs[221]),/* OBJ_id_smime_aa_contentReference 1 2 840 113549 1 9 16 2 10 */ +&(nid_objs[222]),/* OBJ_id_smime_aa_encrypKeyPref 1 2 840 113549 1 9 16 2 11 */ +&(nid_objs[223]),/* OBJ_id_smime_aa_signingCertificate 1 2 840 113549 1 9 16 2 12 */ +&(nid_objs[224]),/* OBJ_id_smime_aa_smimeEncryptCerts 1 2 840 113549 1 9 16 2 13 */ +&(nid_objs[225]),/* OBJ_id_smime_aa_timeStampToken 1 2 840 113549 1 9 16 2 14 */ +&(nid_objs[226]),/* OBJ_id_smime_aa_ets_sigPolicyId 1 2 840 113549 1 9 16 2 15 */ +&(nid_objs[227]),/* OBJ_id_smime_aa_ets_commitmentType 1 2 840 113549 1 9 16 2 16 */ +&(nid_objs[228]),/* OBJ_id_smime_aa_ets_signerLocation 1 2 840 113549 1 9 16 2 17 */ +&(nid_objs[229]),/* OBJ_id_smime_aa_ets_signerAttr 1 2 840 113549 1 9 16 2 18 */ +&(nid_objs[230]),/* OBJ_id_smime_aa_ets_otherSigCert 1 2 840 113549 1 9 16 2 19 */ +&(nid_objs[231]),/* OBJ_id_smime_aa_ets_contentTimestamp 1 2 840 113549 1 9 16 2 20 */ +&(nid_objs[232]),/* OBJ_id_smime_aa_ets_CertificateRefs 1 2 840 113549 1 9 16 2 21 */ +&(nid_objs[233]),/* OBJ_id_smime_aa_ets_RevocationRefs 1 2 840 113549 1 9 16 2 22 */ +&(nid_objs[234]),/* OBJ_id_smime_aa_ets_certValues 1 2 840 113549 1 9 16 2 23 */ +&(nid_objs[235]),/* OBJ_id_smime_aa_ets_revocationValues 1 2 840 113549 1 9 16 2 24 */ +&(nid_objs[236]),/* OBJ_id_smime_aa_ets_escTimeStamp 1 2 840 113549 1 9 16 2 25 */ +&(nid_objs[237]),/* OBJ_id_smime_aa_ets_certCRLTimestamp 1 2 840 113549 1 9 16 2 26 */ +&(nid_objs[238]),/* OBJ_id_smime_aa_ets_archiveTimeStamp 1 2 840 113549 1 9 16 2 27 */ +&(nid_objs[239]),/* OBJ_id_smime_aa_signatureType 1 2 840 113549 1 9 16 2 28 */ +&(nid_objs[240]),/* OBJ_id_smime_aa_dvcs_dvc 1 2 840 113549 1 9 16 2 29 */ +&(nid_objs[241]),/* OBJ_id_smime_alg_ESDHwith3DES 1 2 840 113549 1 9 16 3 1 */ +&(nid_objs[242]),/* OBJ_id_smime_alg_ESDHwithRC2 1 2 840 113549 1 9 16 3 2 */ +&(nid_objs[243]),/* OBJ_id_smime_alg_3DESwrap 1 2 840 113549 1 9 16 3 3 */ +&(nid_objs[244]),/* OBJ_id_smime_alg_RC2wrap 1 2 840 113549 1 9 16 3 4 */ +&(nid_objs[245]),/* OBJ_id_smime_alg_ESDH 1 2 840 113549 1 9 16 3 5 */ +&(nid_objs[246]),/* OBJ_id_smime_alg_CMS3DESwrap 1 2 840 113549 1 9 16 3 6 */ +&(nid_objs[247]),/* OBJ_id_smime_alg_CMSRC2wrap 1 2 840 113549 1 9 16 3 7 */ +&(nid_objs[248]),/* OBJ_id_smime_cd_ldap 1 2 840 113549 1 9 16 4 1 */ +&(nid_objs[249]),/* OBJ_id_smime_spq_ets_sqt_uri 1 2 840 113549 1 9 16 5 1 */ +&(nid_objs[250]),/* OBJ_id_smime_spq_ets_sqt_unotice 1 2 840 113549 1 9 16 5 2 */ +&(nid_objs[251]),/* OBJ_id_smime_cti_ets_proofOfOrigin 1 2 840 113549 1 9 16 6 1 */ +&(nid_objs[252]),/* OBJ_id_smime_cti_ets_proofOfReceipt 1 2 840 113549 1 9 16 6 2 */ +&(nid_objs[253]),/* OBJ_id_smime_cti_ets_proofOfDelivery 1 2 840 113549 1 9 16 6 3 */ +&(nid_objs[254]),/* OBJ_id_smime_cti_ets_proofOfSender 1 2 840 113549 1 9 16 6 4 */ +&(nid_objs[255]),/* OBJ_id_smime_cti_ets_proofOfApproval 1 2 840 113549 1 9 16 6 5 */ +&(nid_objs[256]),/* OBJ_id_smime_cti_ets_proofOfCreation 1 2 840 113549 1 9 16 6 6 */ +&(nid_objs[150]),/* OBJ_keyBag 1 2 840 113549 1 12 10 1 1 */ +&(nid_objs[151]),/* OBJ_pkcs8ShroudedKeyBag 1 2 840 113549 1 12 10 1 2 */ +&(nid_objs[152]),/* OBJ_certBag 1 2 840 113549 1 12 10 1 3 */ +&(nid_objs[153]),/* OBJ_crlBag 1 2 840 113549 1 12 10 1 4 */ +&(nid_objs[154]),/* OBJ_secretBag 1 2 840 113549 1 12 10 1 5 */ +&(nid_objs[155]),/* OBJ_safeContentsBag 1 2 840 113549 1 12 10 1 6 */ +&(nid_objs[34]),/* OBJ_idea_cbc 1 3 6 1 4 1 188 7 1 1 2 */ }; diff --git a/src/lib/libcrypto/objects/obj_mac.h b/src/lib/libcrypto/objects/obj_mac.h index 401b1e5a1b..6d77fcba3f 100644 --- a/src/lib/libcrypto/objects/obj_mac.h +++ b/src/lib/libcrypto/objects/obj_mac.h @@ -1,4 +1,10 @@ -/* lib/obj/obj_mac.h */ +/* crypto/objects/obj_mac.h */ + +/* THIS FILE IS GENERATED FROM objects.txt by objects.pl via the + * following command: + * perl objects.pl objects.txt obj_mac.num obj_mac.h + */ + /* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -56,26 +62,40 @@ * [including the GNU Public Licence.] */ -/* THIS FILE IS GENERATED FROM objects.txt by objects.pl via the - * following command: - * perl objects.pl objects.txt obj_mac.num obj_mac.h - */ - #define SN_undef "UNDEF" #define LN_undef "undefined" #define NID_undef 0 #define OBJ_undef 0L +#define SN_ccitt "CCITT" +#define LN_ccitt "ccitt" +#define NID_ccitt 404 +#define OBJ_ccitt 0L + #define SN_iso "ISO" #define LN_iso "iso" #define NID_iso 181 #define OBJ_iso 1L +#define SN_joint_iso_ccitt "JOINT-ISO-CCITT" +#define LN_joint_iso_ccitt "joint-iso-ccitt" +#define NID_joint_iso_ccitt 393 +#define OBJ_joint_iso_ccitt 2L + #define SN_member_body "member-body" #define LN_member_body "ISO Member Body" #define NID_member_body 182 #define OBJ_member_body OBJ_iso,2L +#define SN_selected_attribute_types "selected-attribute-types" +#define LN_selected_attribute_types "Selected Attribute Types" +#define NID_selected_attribute_types 394 +#define OBJ_selected_attribute_types OBJ_joint_iso_ccitt,5L,1L,5L + +#define SN_clearance "clearance" +#define NID_clearance 395 +#define OBJ_clearance OBJ_selected_attribute_types,55L + #define SN_ISO_US "ISO-US" #define LN_ISO_US "ISO US Member Body" #define NID_ISO_US 183 @@ -101,6 +121,67 @@ #define NID_dsaWithSHA1 113 #define OBJ_dsaWithSHA1 OBJ_X9cm,3L +#define SN_ansi_X9_62 "ansi-X9-62" +#define LN_ansi_X9_62 "ANSI X9.62" +#define NID_ansi_X9_62 405 +#define OBJ_ansi_X9_62 OBJ_ISO_US,10045L + +#define OBJ_X9_62_id_fieldType OBJ_ansi_X9_62,1L + +#define SN_X9_62_prime_field "prime-field" +#define NID_X9_62_prime_field 406 +#define OBJ_X9_62_prime_field OBJ_X9_62_id_fieldType,1L + +#define SN_X9_62_characteristic_two_field "characteristic-two-field" +#define NID_X9_62_characteristic_two_field 407 +#define OBJ_X9_62_characteristic_two_field OBJ_X9_62_id_fieldType,2L + +#define OBJ_X9_62_id_publicKeyType OBJ_ansi_X9_62,2L + +#define SN_X9_62_id_ecPublicKey "id-ecPublicKey" +#define NID_X9_62_id_ecPublicKey 408 +#define OBJ_X9_62_id_ecPublicKey OBJ_X9_62_id_publicKeyType,1L + +#define OBJ_X9_62_ellipticCurve OBJ_ansi_X9_62,3L + +#define OBJ_X9_62_c_TwoCurve OBJ_X9_62_ellipticCurve,0L + +#define OBJ_X9_62_primeCurve OBJ_X9_62_ellipticCurve,1L + +#define SN_X9_62_prime192v1 "prime192v1" +#define NID_X9_62_prime192v1 409 +#define OBJ_X9_62_prime192v1 OBJ_X9_62_primeCurve,1L + +#define SN_X9_62_prime192v2 "prime192v2" +#define NID_X9_62_prime192v2 410 +#define OBJ_X9_62_prime192v2 OBJ_X9_62_primeCurve,2L + +#define SN_X9_62_prime192v3 "prime192v3" +#define NID_X9_62_prime192v3 411 +#define OBJ_X9_62_prime192v3 OBJ_X9_62_primeCurve,3L + +#define SN_X9_62_prime239v1 "prime239v1" +#define NID_X9_62_prime239v1 412 +#define OBJ_X9_62_prime239v1 OBJ_X9_62_primeCurve,4L + +#define SN_X9_62_prime239v2 "prime239v2" +#define NID_X9_62_prime239v2 413 +#define OBJ_X9_62_prime239v2 OBJ_X9_62_primeCurve,5L + +#define SN_X9_62_prime239v3 "prime239v3" +#define NID_X9_62_prime239v3 414 +#define OBJ_X9_62_prime239v3 OBJ_X9_62_primeCurve,6L + +#define SN_X9_62_prime256v1 "prime256v1" +#define NID_X9_62_prime256v1 415 +#define OBJ_X9_62_prime256v1 OBJ_X9_62_primeCurve,7L + +#define OBJ_X9_62_id_ecSigType OBJ_ansi_X9_62,4L + +#define SN_ecdsa_with_SHA1 "ecdsa-with-SHA1" +#define NID_ecdsa_with_SHA1 416 +#define OBJ_ecdsa_with_SHA1 OBJ_X9_62_id_ecSigType,1L + #define SN_cast5_cbc "CAST5-CBC" #define LN_cast5_cbc "cast5-cbc" #define NID_cast5_cbc 108 @@ -145,6 +226,11 @@ #define NID_md2WithRSAEncryption 7 #define OBJ_md2WithRSAEncryption OBJ_pkcs1,2L +#define SN_md4WithRSAEncryption "RSA-MD4" +#define LN_md4WithRSAEncryption "md4WithRSAEncryption" +#define NID_md4WithRSAEncryption 396 +#define OBJ_md4WithRSAEncryption OBJ_pkcs1,3L + #define SN_md5WithRSAEncryption "RSA-MD5" #define LN_md5WithRSAEncryption "md5WithRSAEncryption" #define NID_md5WithRSAEncryption 8 @@ -241,7 +327,6 @@ #define NID_pkcs9 47 #define OBJ_pkcs9 OBJ_pkcs,9L -#define SN_pkcs9_emailAddress "Email" #define LN_pkcs9_emailAddress "emailAddress" #define NID_pkcs9_emailAddress 48 #define OBJ_pkcs9_emailAddress OBJ_pkcs9,1L @@ -573,6 +658,11 @@ #define NID_localKeyID 157 #define OBJ_localKeyID OBJ_pkcs9,21L +#define SN_ms_csp_name "CSPName" +#define LN_ms_csp_name "Microsoft CSP Name" +#define NID_ms_csp_name 417 +#define OBJ_ms_csp_name 1L,3L,6L,1L,4L,1L,311L,17L,1L + #define OBJ_certTypes OBJ_pkcs9,22L #define LN_x509Certificate "x509Certificate" @@ -956,6 +1046,15 @@ #define NID_sbqp_routerIdentifier 292 #define OBJ_sbqp_routerIdentifier OBJ_id_pe,9L +#define SN_ac_proxying "ac-proxying" +#define NID_ac_proxying 397 +#define OBJ_ac_proxying OBJ_id_pe,10L + +#define SN_sinfo_access "subjectInfoAccess" +#define LN_sinfo_access "Subject Information Access" +#define NID_sinfo_access 398 +#define OBJ_sinfo_access OBJ_id_pe,11L + #define SN_id_qt_cps "id-qt-cps" #define LN_id_qt_cps "Policy Qualifier CPS" #define NID_id_qt_cps 164 @@ -1228,21 +1327,17 @@ #define NID_id_pda_placeOfBirth 349 #define OBJ_id_pda_placeOfBirth OBJ_id_pda,2L -#define SN_id_pda_pseudonym "id-pda-pseudonym" -#define NID_id_pda_pseudonym 350 -#define OBJ_id_pda_pseudonym OBJ_id_pda,3L - #define SN_id_pda_gender "id-pda-gender" #define NID_id_pda_gender 351 -#define OBJ_id_pda_gender OBJ_id_pda,4L +#define OBJ_id_pda_gender OBJ_id_pda,3L #define SN_id_pda_countryOfCitizenship "id-pda-countryOfCitizenship" #define NID_id_pda_countryOfCitizenship 352 -#define OBJ_id_pda_countryOfCitizenship OBJ_id_pda,5L +#define OBJ_id_pda_countryOfCitizenship OBJ_id_pda,4L #define SN_id_pda_countryOfResidence "id-pda-countryOfResidence" #define NID_id_pda_countryOfResidence 353 -#define OBJ_id_pda_countryOfResidence OBJ_id_pda,6L +#define OBJ_id_pda_countryOfResidence OBJ_id_pda,5L #define SN_id_aca_authenticationInfo "id-aca-authenticationInfo" #define NID_id_aca_authenticationInfo 354 @@ -1264,6 +1359,10 @@ #define NID_id_aca_role 358 #define OBJ_id_aca_role OBJ_id_aca,5L +#define SN_id_aca_encAttrs "id-aca-encAttrs" +#define NID_id_aca_encAttrs 399 +#define OBJ_id_aca_encAttrs OBJ_id_aca,6L + #define SN_id_qcs_pkixQCSyntax_v1 "id-qcs-pkixQCSyntax-v1" #define NID_id_qcs_pkixQCSyntax_v1 359 #define OBJ_id_qcs_pkixQCSyntax_v1 OBJ_id_qcs,1L @@ -1323,6 +1422,7 @@ #define OBJ_id_pkix_OCSP_acceptableResponses OBJ_id_pkix_OCSP,4L #define SN_id_pkix_OCSP_noCheck "noCheck" +#define LN_id_pkix_OCSP_noCheck "OCSP No Check" #define NID_id_pkix_OCSP_noCheck 369 #define OBJ_id_pkix_OCSP_noCheck OBJ_id_pkix_OCSP,5L @@ -1403,14 +1503,14 @@ #define NID_shaWithRSAEncryption 42 #define OBJ_shaWithRSAEncryption OBJ_algorithm,15L -#define SN_des_ede "DES-EDE" -#define LN_des_ede "des-ede" -#define NID_des_ede 32 -#define OBJ_des_ede OBJ_algorithm,17L +#define SN_des_ede_ecb "DES-EDE" +#define LN_des_ede_ecb "des-ede" +#define NID_des_ede_ecb 32 +#define OBJ_des_ede_ecb OBJ_algorithm,17L -#define SN_des_ede3 "DES-EDE3" -#define LN_des_ede3 "des-ede3" -#define NID_des_ede3 33 +#define SN_des_ede3_ecb "DES-EDE3" +#define LN_des_ede3_ecb "des-ede3" +#define NID_des_ede3_ecb 33 #define SN_des_ede_cbc "DES-EDE-CBC" #define LN_des_ede_cbc "des-ede-cbc" @@ -1485,12 +1585,11 @@ #define NID_commonName 13 #define OBJ_commonName OBJ_X509,3L -#define SN_surname "S" +#define SN_surname "SN" #define LN_surname "surname" #define NID_surname 100 #define OBJ_surname OBJ_X509,4L -#define SN_serialNumber "SN" #define LN_serialNumber "serialNumber" #define NID_serialNumber 105 #define OBJ_serialNumber OBJ_X509,5L @@ -1520,12 +1619,10 @@ #define NID_organizationalUnitName 18 #define OBJ_organizationalUnitName OBJ_X509,11L -#define SN_title "T" #define LN_title "title" #define NID_title 106 #define OBJ_title OBJ_X509,12L -#define SN_description "D" #define LN_description "description" #define NID_description 107 #define OBJ_description OBJ_X509,13L @@ -1535,26 +1632,33 @@ #define NID_name 173 #define OBJ_name OBJ_X509,41L -#define SN_givenName "G" +#define SN_givenName "gn" #define LN_givenName "givenName" #define NID_givenName 99 #define OBJ_givenName OBJ_X509,42L -#define SN_initials "I" #define LN_initials "initials" #define NID_initials 101 #define OBJ_initials OBJ_X509,43L -#define SN_uniqueIdentifier "UID" -#define LN_uniqueIdentifier "uniqueIdentifier" -#define NID_uniqueIdentifier 102 -#define OBJ_uniqueIdentifier OBJ_X509,45L +#define LN_generationQualifier "generationQualifier" +#define NID_generationQualifier 509 +#define OBJ_generationQualifier OBJ_X509,44L + +#define LN_x500UniqueIdentifier "x500UniqueIdentifier" +#define NID_x500UniqueIdentifier 503 +#define OBJ_x500UniqueIdentifier OBJ_X509,45L #define SN_dnQualifier "dnQualifier" #define LN_dnQualifier "dnQualifier" #define NID_dnQualifier 174 #define OBJ_dnQualifier OBJ_X509,46L +#define SN_role "role" +#define LN_role "role" +#define NID_role 400 +#define OBJ_role OBJ_X509,72L + #define SN_X500algorithms "X500algorithms" #define LN_X500algorithms "directory services - algorithms" #define NID_X500algorithms 378 @@ -1644,11 +1748,26 @@ #define NID_authority_key_identifier 90 #define OBJ_authority_key_identifier OBJ_id_ce,35L +#define SN_policy_constraints "policyConstraints" +#define LN_policy_constraints "X509v3 Policy Constraints" +#define NID_policy_constraints 401 +#define OBJ_policy_constraints OBJ_id_ce,36L + #define SN_ext_key_usage "extendedKeyUsage" #define LN_ext_key_usage "X509v3 Extended Key Usage" #define NID_ext_key_usage 126 #define OBJ_ext_key_usage OBJ_id_ce,37L +#define SN_target_information "targetInformation" +#define LN_target_information "X509v3 AC Targeting" +#define NID_target_information 402 +#define OBJ_target_information OBJ_id_ce,55L + +#define SN_no_rev_avail "noRevAvail" +#define LN_no_rev_avail "X509v3 No Revocation Available" +#define NID_no_rev_avail 403 +#define OBJ_no_rev_avail OBJ_id_ce,56L + #define SN_netscape "Netscape" #define LN_netscape "Netscape Communications Corp." #define NID_netscape 57 @@ -1761,7 +1880,6 @@ #define NID_SNMPv2 387 #define OBJ_SNMPv2 OBJ_internet,6L -#define SN_Mail "mail" #define LN_Mail "Mail" #define NID_Mail 388 #define OBJ_Mail OBJ_internet,7L @@ -1769,22 +1887,37 @@ #define SN_Enterprises "enterprises" #define LN_Enterprises "Enterprises" #define NID_Enterprises 389 -#define OBJ_Enterprises OBJ_private,1L +#define OBJ_Enterprises OBJ_Private,1L #define SN_dcObject "dcobject" #define LN_dcObject "dcObject" #define NID_dcObject 390 -#define OBJ_dcObject OBJ_enterprises,1466L,344L +#define OBJ_dcObject OBJ_Enterprises,1466L,344L -#define SN_domainComponent "DC" -#define LN_domainComponent "domainComponent" -#define NID_domainComponent 391 -#define OBJ_domainComponent 0L,9L,2342L,19200300L,100L,1L,25L +#define SN_mime_mhs "mime-mhs" +#define LN_mime_mhs "MIME MHS" +#define NID_mime_mhs 504 +#define OBJ_mime_mhs OBJ_Mail,1L -#define SN_Domain "domain" -#define LN_Domain "Domain" -#define NID_Domain 392 -#define OBJ_Domain 0L,9L,2342L,19200300L,100L,4L,13L +#define SN_mime_mhs_headings "mime-mhs-headings" +#define LN_mime_mhs_headings "mime-mhs-headings" +#define NID_mime_mhs_headings 505 +#define OBJ_mime_mhs_headings OBJ_mime_mhs,1L + +#define SN_mime_mhs_bodies "mime-mhs-bodies" +#define LN_mime_mhs_bodies "mime-mhs-bodies" +#define NID_mime_mhs_bodies 506 +#define OBJ_mime_mhs_bodies OBJ_mime_mhs,2L + +#define SN_id_hex_partial_message "id-hex-partial-message" +#define LN_id_hex_partial_message "id-hex-partial-message" +#define NID_id_hex_partial_message 507 +#define OBJ_id_hex_partial_message OBJ_mime_mhs_headings,1L + +#define SN_id_hex_multipart_message "id-hex-multipart-message" +#define LN_id_hex_multipart_message "id-hex-multipart-message" +#define NID_id_hex_multipart_message 508 +#define OBJ_id_hex_multipart_message OBJ_mime_mhs_headings,2L #define SN_rle_compression "RLE" #define LN_rle_compression "run length compression" @@ -1796,3 +1929,379 @@ #define NID_zlib_compression 125 #define OBJ_zlib_compression 1L,1L,1L,1L,666L,2L +#define OBJ_csor 2L,16L,840L,1L,101L,3L + +#define OBJ_nistAlgorithms OBJ_csor,4L + +#define OBJ_aes OBJ_nistAlgorithms,1L + +#define SN_aes_128_ecb "AES-128-ECB" +#define LN_aes_128_ecb "aes-128-ecb" +#define NID_aes_128_ecb 418 +#define OBJ_aes_128_ecb OBJ_aes,1L + +#define SN_aes_128_cbc "AES-128-CBC" +#define LN_aes_128_cbc "aes-128-cbc" +#define NID_aes_128_cbc 419 +#define OBJ_aes_128_cbc OBJ_aes,2L + +#define SN_aes_128_ofb128 "AES-128-OFB" +#define LN_aes_128_ofb128 "aes-128-ofb" +#define NID_aes_128_ofb128 420 +#define OBJ_aes_128_ofb128 OBJ_aes,3L + +#define SN_aes_128_cfb128 "AES-128-CFB" +#define LN_aes_128_cfb128 "aes-128-cfb" +#define NID_aes_128_cfb128 421 +#define OBJ_aes_128_cfb128 OBJ_aes,4L + +#define SN_aes_192_ecb "AES-192-ECB" +#define LN_aes_192_ecb "aes-192-ecb" +#define NID_aes_192_ecb 422 +#define OBJ_aes_192_ecb OBJ_aes,21L + +#define SN_aes_192_cbc "AES-192-CBC" +#define LN_aes_192_cbc "aes-192-cbc" +#define NID_aes_192_cbc 423 +#define OBJ_aes_192_cbc OBJ_aes,22L + +#define SN_aes_192_ofb128 "AES-192-OFB" +#define LN_aes_192_ofb128 "aes-192-ofb" +#define NID_aes_192_ofb128 424 +#define OBJ_aes_192_ofb128 OBJ_aes,23L + +#define SN_aes_192_cfb128 "AES-192-CFB" +#define LN_aes_192_cfb128 "aes-192-cfb" +#define NID_aes_192_cfb128 425 +#define OBJ_aes_192_cfb128 OBJ_aes,24L + +#define SN_aes_256_ecb "AES-256-ECB" +#define LN_aes_256_ecb "aes-256-ecb" +#define NID_aes_256_ecb 426 +#define OBJ_aes_256_ecb OBJ_aes,41L + +#define SN_aes_256_cbc "AES-256-CBC" +#define LN_aes_256_cbc "aes-256-cbc" +#define NID_aes_256_cbc 427 +#define OBJ_aes_256_cbc OBJ_aes,42L + +#define SN_aes_256_ofb128 "AES-256-OFB" +#define LN_aes_256_ofb128 "aes-256-ofb" +#define NID_aes_256_ofb128 428 +#define OBJ_aes_256_ofb128 OBJ_aes,43L + +#define SN_aes_256_cfb128 "AES-256-CFB" +#define LN_aes_256_cfb128 "aes-256-cfb" +#define NID_aes_256_cfb128 429 +#define OBJ_aes_256_cfb128 OBJ_aes,44L + +#define SN_hold_instruction_code "holdInstructionCode" +#define LN_hold_instruction_code "Hold Instruction Code" +#define NID_hold_instruction_code 430 +#define OBJ_hold_instruction_code OBJ_id_ce,23L + +#define OBJ_holdInstruction OBJ_X9_57,2L + +#define SN_hold_instruction_none "holdInstructionNone" +#define LN_hold_instruction_none "Hold Instruction None" +#define NID_hold_instruction_none 431 +#define OBJ_hold_instruction_none OBJ_holdInstruction,1L + +#define SN_hold_instruction_call_issuer "holdInstructionCallIssuer" +#define LN_hold_instruction_call_issuer "Hold Instruction Call Issuer" +#define NID_hold_instruction_call_issuer 432 +#define OBJ_hold_instruction_call_issuer OBJ_holdInstruction,2L + +#define SN_hold_instruction_reject "holdInstructionReject" +#define LN_hold_instruction_reject "Hold Instruction Reject" +#define NID_hold_instruction_reject 433 +#define OBJ_hold_instruction_reject OBJ_holdInstruction,3L + +#define SN_data "data" +#define NID_data 434 +#define OBJ_data OBJ_ccitt,9L + +#define SN_pss "pss" +#define NID_pss 435 +#define OBJ_pss OBJ_data,2342L + +#define SN_ucl "ucl" +#define NID_ucl 436 +#define OBJ_ucl OBJ_pss,19200300L + +#define SN_pilot "pilot" +#define NID_pilot 437 +#define OBJ_pilot OBJ_ucl,100L + +#define LN_pilotAttributeType "pilotAttributeType" +#define NID_pilotAttributeType 438 +#define OBJ_pilotAttributeType OBJ_pilot,1L + +#define LN_pilotAttributeSyntax "pilotAttributeSyntax" +#define NID_pilotAttributeSyntax 439 +#define OBJ_pilotAttributeSyntax OBJ_pilot,3L + +#define LN_pilotObjectClass "pilotObjectClass" +#define NID_pilotObjectClass 440 +#define OBJ_pilotObjectClass OBJ_pilot,4L + +#define LN_pilotGroups "pilotGroups" +#define NID_pilotGroups 441 +#define OBJ_pilotGroups OBJ_pilot,10L + +#define LN_iA5StringSyntax "iA5StringSyntax" +#define NID_iA5StringSyntax 442 +#define OBJ_iA5StringSyntax OBJ_pilotAttributeSyntax,4L + +#define LN_caseIgnoreIA5StringSyntax "caseIgnoreIA5StringSyntax" +#define NID_caseIgnoreIA5StringSyntax 443 +#define OBJ_caseIgnoreIA5StringSyntax OBJ_pilotAttributeSyntax,5L + +#define LN_pilotObject "pilotObject" +#define NID_pilotObject 444 +#define OBJ_pilotObject OBJ_pilotObjectClass,3L + +#define LN_pilotPerson "pilotPerson" +#define NID_pilotPerson 445 +#define OBJ_pilotPerson OBJ_pilotObjectClass,4L + +#define SN_account "account" +#define NID_account 446 +#define OBJ_account OBJ_pilotObjectClass,5L + +#define SN_document "document" +#define NID_document 447 +#define OBJ_document OBJ_pilotObjectClass,6L + +#define SN_room "room" +#define NID_room 448 +#define OBJ_room OBJ_pilotObjectClass,7L + +#define LN_documentSeries "documentSeries" +#define NID_documentSeries 449 +#define OBJ_documentSeries OBJ_pilotObjectClass,9L + +#define SN_Domain "domain" +#define LN_Domain "Domain" +#define NID_Domain 392 +#define OBJ_Domain OBJ_pilotObjectClass,13L + +#define LN_rFC822localPart "rFC822localPart" +#define NID_rFC822localPart 450 +#define OBJ_rFC822localPart OBJ_pilotObjectClass,14L + +#define LN_dNSDomain "dNSDomain" +#define NID_dNSDomain 451 +#define OBJ_dNSDomain OBJ_pilotObjectClass,15L + +#define LN_domainRelatedObject "domainRelatedObject" +#define NID_domainRelatedObject 452 +#define OBJ_domainRelatedObject OBJ_pilotObjectClass,17L + +#define LN_friendlyCountry "friendlyCountry" +#define NID_friendlyCountry 453 +#define OBJ_friendlyCountry OBJ_pilotObjectClass,18L + +#define LN_simpleSecurityObject "simpleSecurityObject" +#define NID_simpleSecurityObject 454 +#define OBJ_simpleSecurityObject OBJ_pilotObjectClass,19L + +#define LN_pilotOrganization "pilotOrganization" +#define NID_pilotOrganization 455 +#define OBJ_pilotOrganization OBJ_pilotObjectClass,20L + +#define LN_pilotDSA "pilotDSA" +#define NID_pilotDSA 456 +#define OBJ_pilotDSA OBJ_pilotObjectClass,21L + +#define LN_qualityLabelledData "qualityLabelledData" +#define NID_qualityLabelledData 457 +#define OBJ_qualityLabelledData OBJ_pilotObjectClass,22L + +#define SN_userId "UID" +#define LN_userId "userId" +#define NID_userId 458 +#define OBJ_userId OBJ_pilotAttributeType,1L + +#define LN_textEncodedORAddress "textEncodedORAddress" +#define NID_textEncodedORAddress 459 +#define OBJ_textEncodedORAddress OBJ_pilotAttributeType,2L + +#define SN_rfc822Mailbox "mail" +#define LN_rfc822Mailbox "rfc822Mailbox" +#define NID_rfc822Mailbox 460 +#define OBJ_rfc822Mailbox OBJ_pilotAttributeType,3L + +#define SN_info "info" +#define NID_info 461 +#define OBJ_info OBJ_pilotAttributeType,4L + +#define LN_favouriteDrink "favouriteDrink" +#define NID_favouriteDrink 462 +#define OBJ_favouriteDrink OBJ_pilotAttributeType,5L + +#define LN_roomNumber "roomNumber" +#define NID_roomNumber 463 +#define OBJ_roomNumber OBJ_pilotAttributeType,6L + +#define SN_photo "photo" +#define NID_photo 464 +#define OBJ_photo OBJ_pilotAttributeType,7L + +#define LN_userClass "userClass" +#define NID_userClass 465 +#define OBJ_userClass OBJ_pilotAttributeType,8L + +#define SN_host "host" +#define NID_host 466 +#define OBJ_host OBJ_pilotAttributeType,9L + +#define SN_manager "manager" +#define NID_manager 467 +#define OBJ_manager OBJ_pilotAttributeType,10L + +#define LN_documentIdentifier "documentIdentifier" +#define NID_documentIdentifier 468 +#define OBJ_documentIdentifier OBJ_pilotAttributeType,11L + +#define LN_documentTitle "documentTitle" +#define NID_documentTitle 469 +#define OBJ_documentTitle OBJ_pilotAttributeType,12L + +#define LN_documentVersion "documentVersion" +#define NID_documentVersion 470 +#define OBJ_documentVersion OBJ_pilotAttributeType,13L + +#define LN_documentAuthor "documentAuthor" +#define NID_documentAuthor 471 +#define OBJ_documentAuthor OBJ_pilotAttributeType,14L + +#define LN_documentLocation "documentLocation" +#define NID_documentLocation 472 +#define OBJ_documentLocation OBJ_pilotAttributeType,15L + +#define LN_homeTelephoneNumber "homeTelephoneNumber" +#define NID_homeTelephoneNumber 473 +#define OBJ_homeTelephoneNumber OBJ_pilotAttributeType,20L + +#define SN_secretary "secretary" +#define NID_secretary 474 +#define OBJ_secretary OBJ_pilotAttributeType,21L + +#define LN_otherMailbox "otherMailbox" +#define NID_otherMailbox 475 +#define OBJ_otherMailbox OBJ_pilotAttributeType,22L + +#define LN_lastModifiedTime "lastModifiedTime" +#define NID_lastModifiedTime 476 +#define OBJ_lastModifiedTime OBJ_pilotAttributeType,23L + +#define LN_lastModifiedBy "lastModifiedBy" +#define NID_lastModifiedBy 477 +#define OBJ_lastModifiedBy OBJ_pilotAttributeType,24L + +#define SN_domainComponent "DC" +#define LN_domainComponent "domainComponent" +#define NID_domainComponent 391 +#define OBJ_domainComponent OBJ_pilotAttributeType,25L + +#define LN_aRecord "aRecord" +#define NID_aRecord 478 +#define OBJ_aRecord OBJ_pilotAttributeType,26L + +#define LN_pilotAttributeType27 "pilotAttributeType27" +#define NID_pilotAttributeType27 479 +#define OBJ_pilotAttributeType27 OBJ_pilotAttributeType,27L + +#define LN_mXRecord "mXRecord" +#define NID_mXRecord 480 +#define OBJ_mXRecord OBJ_pilotAttributeType,28L + +#define LN_nSRecord "nSRecord" +#define NID_nSRecord 481 +#define OBJ_nSRecord OBJ_pilotAttributeType,29L + +#define LN_sOARecord "sOARecord" +#define NID_sOARecord 482 +#define OBJ_sOARecord OBJ_pilotAttributeType,30L + +#define LN_cNAMERecord "cNAMERecord" +#define NID_cNAMERecord 483 +#define OBJ_cNAMERecord OBJ_pilotAttributeType,31L + +#define LN_associatedDomain "associatedDomain" +#define NID_associatedDomain 484 +#define OBJ_associatedDomain OBJ_pilotAttributeType,37L + +#define LN_associatedName "associatedName" +#define NID_associatedName 485 +#define OBJ_associatedName OBJ_pilotAttributeType,38L + +#define LN_homePostalAddress "homePostalAddress" +#define NID_homePostalAddress 486 +#define OBJ_homePostalAddress OBJ_pilotAttributeType,39L + +#define LN_personalTitle "personalTitle" +#define NID_personalTitle 487 +#define OBJ_personalTitle OBJ_pilotAttributeType,40L + +#define LN_mobileTelephoneNumber "mobileTelephoneNumber" +#define NID_mobileTelephoneNumber 488 +#define OBJ_mobileTelephoneNumber OBJ_pilotAttributeType,41L + +#define LN_pagerTelephoneNumber "pagerTelephoneNumber" +#define NID_pagerTelephoneNumber 489 +#define OBJ_pagerTelephoneNumber OBJ_pilotAttributeType,42L + +#define LN_friendlyCountryName "friendlyCountryName" +#define NID_friendlyCountryName 490 +#define OBJ_friendlyCountryName OBJ_pilotAttributeType,43L + +#define LN_organizationalStatus "organizationalStatus" +#define NID_organizationalStatus 491 +#define OBJ_organizationalStatus OBJ_pilotAttributeType,45L + +#define LN_janetMailbox "janetMailbox" +#define NID_janetMailbox 492 +#define OBJ_janetMailbox OBJ_pilotAttributeType,46L + +#define LN_mailPreferenceOption "mailPreferenceOption" +#define NID_mailPreferenceOption 493 +#define OBJ_mailPreferenceOption OBJ_pilotAttributeType,47L + +#define LN_buildingName "buildingName" +#define NID_buildingName 494 +#define OBJ_buildingName OBJ_pilotAttributeType,48L + +#define LN_dSAQuality "dSAQuality" +#define NID_dSAQuality 495 +#define OBJ_dSAQuality OBJ_pilotAttributeType,49L + +#define LN_singleLevelQuality "singleLevelQuality" +#define NID_singleLevelQuality 496 +#define OBJ_singleLevelQuality OBJ_pilotAttributeType,50L + +#define LN_subtreeMinimumQuality "subtreeMinimumQuality" +#define NID_subtreeMinimumQuality 497 +#define OBJ_subtreeMinimumQuality OBJ_pilotAttributeType,51L + +#define LN_subtreeMaximumQuality "subtreeMaximumQuality" +#define NID_subtreeMaximumQuality 498 +#define OBJ_subtreeMaximumQuality OBJ_pilotAttributeType,52L + +#define LN_personalSignature "personalSignature" +#define NID_personalSignature 499 +#define OBJ_personalSignature OBJ_pilotAttributeType,53L + +#define LN_dITRedirect "dITRedirect" +#define NID_dITRedirect 500 +#define OBJ_dITRedirect OBJ_pilotAttributeType,54L + +#define SN_audio "audio" +#define NID_audio 501 +#define OBJ_audio OBJ_pilotAttributeType,55L + +#define LN_documentPublisher "documentPublisher" +#define NID_documentPublisher 502 +#define OBJ_documentPublisher OBJ_pilotAttributeType,56L + diff --git a/src/lib/libcrypto/opensslconf.h b/src/lib/libcrypto/opensslconf.h new file mode 100644 index 0000000000..c9756e47a3 --- /dev/null +++ b/src/lib/libcrypto/opensslconf.h @@ -0,0 +1,180 @@ +/* opensslconf.h */ +/* WARNING: Generated automatically from opensslconf.h.in by Configure. */ + +/* OpenSSL was configured with the following options: */ +#ifndef OPENSSL_DOING_MAKEDEPEND + +#ifndef OPENSSL_NO_KRB5 +# define OPENSSL_NO_KRB5 +#endif + +#endif /* OPENSSL_DOING_MAKEDEPEND */ + +/* The OPENSSL_NO_* macros are also defined as NO_* if the application + asks for it. This is a transient feature that is provided for those + who haven't had the time to do the appropriate changes in their + applications. */ +#ifdef OPENSSL_ALGORITHM_DEFINES +# if defined(OPENSSL_NO_KRB5) && !defined(NO_KRB5) +# define NO_KRB5 +# endif +#endif + +/* crypto/opensslconf.h.in */ + +/* Generate 80386 code? */ +#undef I386_ONLY + +#if !(defined(VMS) || defined(__VMS)) /* VMS uses logical names instead */ +#if defined(HEADER_CRYPTLIB_H) && !defined(OPENSSLDIR) +#define OPENSSLDIR "/usr/local/ssl" +#endif +#endif + +#undef OPENSSL_UNISTD +#define OPENSSL_UNISTD + +#undef OPENSSL_EXPORT_VAR_AS_FUNCTION + +#if defined(HEADER_IDEA_H) && !defined(IDEA_INT) +#define IDEA_INT unsigned int +#endif + +#if defined(HEADER_MD2_H) && !defined(MD2_INT) +#define MD2_INT unsigned int +#endif + +#if defined(HEADER_RC2_H) && !defined(RC2_INT) +/* I need to put in a mod for the alpha - eay */ +#define RC2_INT unsigned int +#endif + +#if defined(HEADER_RC4_H) +#if !defined(RC4_INT) +/* using int types make the structure larger but make the code faster + * on most boxes I have tested - up to %20 faster. */ +/* + * I don't know what does "most" mean, but declaring "int" is a must on: + * - Intel P6 because partial register stalls are very expensive; + * - elder Alpha because it lacks byte load/store instructions; + */ +#define RC4_INT unsigned int +#endif +#if !defined(RC4_CHUNK) +/* + * This enables code handling data aligned at natural CPU word + * boundary. See crypto/rc4/rc4_enc.c for further details. + */ +#undef RC4_CHUNK +#endif +#endif + +#if (defined(HEADER_DES_H) || defined(HEADER_DES_OLD_H)) && !defined(DES_LONG) +/* If this is set to 'unsigned int' on a DEC Alpha, this gives about a + * %20 speed up (longs are 8 bytes, int's are 4). */ +#ifndef DES_LONG +#define DES_LONG unsigned long +#endif +#endif + +#if defined(HEADER_BN_H) && !defined(CONFIG_HEADER_BN_H) +#define CONFIG_HEADER_BN_H +#undef BN_LLONG + +/* Should we define BN_DIV2W here? */ + +/* Only one for the following should be defined */ +/* The prime number generation stuff may not work when + * EIGHT_BIT but I don't care since I've only used this mode + * for debuging the bignum libraries */ +#undef SIXTY_FOUR_BIT_LONG +#undef SIXTY_FOUR_BIT +#define THIRTY_TWO_BIT +#undef SIXTEEN_BIT +#undef EIGHT_BIT +#endif + +#if defined(HEADER_RC4_LOCL_H) && !defined(CONFIG_HEADER_RC4_LOCL_H) +#define CONFIG_HEADER_RC4_LOCL_H +/* if this is defined data[i] is used instead of *data, this is a %20 + * speedup on x86 */ +#undef RC4_INDEX +#endif + +#if defined(HEADER_BF_LOCL_H) && !defined(CONFIG_HEADER_BF_LOCL_H) +#define CONFIG_HEADER_BF_LOCL_H +#undef BF_PTR +#endif /* HEADER_BF_LOCL_H */ + +#if defined(HEADER_DES_LOCL_H) && !defined(CONFIG_HEADER_DES_LOCL_H) +#define CONFIG_HEADER_DES_LOCL_H +#ifndef DES_DEFAULT_OPTIONS +/* the following is tweaked from a config script, that is why it is a + * protected undef/define */ +#ifndef DES_PTR +#undef DES_PTR +#endif + +/* This helps C compiler generate the correct code for multiple functional + * units. It reduces register dependancies at the expense of 2 more + * registers */ +#ifndef DES_RISC1 +#undef DES_RISC1 +#endif + +#ifndef DES_RISC2 +#undef DES_RISC2 +#endif + +#if defined(DES_RISC1) && defined(DES_RISC2) +YOU SHOULD NOT HAVE BOTH DES_RISC1 AND DES_RISC2 DEFINED!!!!! +#endif + +/* Unroll the inner loop, this sometimes helps, sometimes hinders. + * Very mucy CPU dependant */ +#ifndef DES_UNROLL +#undef DES_UNROLL +#endif + +/* These default values were supplied by + * Peter Gutman + * They are only used if nothing else has been defined */ +#if !defined(DES_PTR) && !defined(DES_RISC1) && !defined(DES_RISC2) && !defined(DES_UNROLL) +/* Special defines which change the way the code is built depending on the + CPU and OS. For SGI machines you can use _MIPS_SZLONG (32 or 64) to find + even newer MIPS CPU's, but at the moment one size fits all for + optimization options. Older Sparc's work better with only UNROLL, but + there's no way to tell at compile time what it is you're running on */ + +#if defined( sun ) /* Newer Sparc's */ +# define DES_PTR +# define DES_RISC1 +# define DES_UNROLL +#elif defined( __ultrix ) /* Older MIPS */ +# define DES_PTR +# define DES_RISC2 +# define DES_UNROLL +#elif defined( __osf1__ ) /* Alpha */ +# define DES_PTR +# define DES_RISC2 +#elif defined ( _AIX ) /* RS6000 */ + /* Unknown */ +#elif defined( __hpux ) /* HP-PA */ + /* Unknown */ +#elif defined( __aux ) /* 68K */ + /* Unknown */ +#elif defined( __dgux ) /* 88K (but P6 in latest boxes) */ +# define DES_UNROLL +#elif defined( __sgi ) /* Newer MIPS */ +# define DES_PTR +# define DES_RISC2 +# define DES_UNROLL +#elif defined(i386) || defined(__i386__) /* x86 boxes, should be gcc */ +# define DES_PTR +# define DES_RISC1 +# define DES_UNROLL +#endif /* Systems-specific speed defines */ +#endif + +#endif /* DES_DEFAULT_OPTIONS */ +#endif /* HEADER_DES_LOCL_H */ diff --git a/src/lib/libcrypto/opensslconf.h.in b/src/lib/libcrypto/opensslconf.h.in index e4a8f8ad54..9082a16c46 100644 --- a/src/lib/libcrypto/opensslconf.h.in +++ b/src/lib/libcrypto/opensslconf.h.in @@ -1,5 +1,4 @@ -/* crypto/opensslconf.h */ -/* WARNING: This file is autogenerated by Configure */ +/* crypto/opensslconf.h.in */ /* Generate 80386 code? */ #undef I386_ONLY @@ -10,8 +9,11 @@ #endif #endif +#undef OPENSSL_UNISTD #define OPENSSL_UNISTD +#undef OPENSSL_EXPORT_VAR_AS_FUNCTION + #if defined(HEADER_IDEA_H) && !defined(IDEA_INT) #define IDEA_INT unsigned int #endif @@ -25,13 +27,27 @@ #define RC2_INT unsigned int #endif -#if defined(HEADER_RC4_H) && !defined(RC4_INT) +#if defined(HEADER_RC4_H) +#if !defined(RC4_INT) /* using int types make the structure larger but make the code faster * on most boxes I have tested - up to %20 faster. */ +/* + * I don't know what does "most" mean, but declaring "int" is a must on: + * - Intel P6 because partial register stalls are very expensive; + * - elder Alpha because it lacks byte load/store instructions; + */ #define RC4_INT unsigned int #endif +#if !defined(RC4_CHUNK) +/* + * This enables code handling data aligned at natural CPU word + * boundary. See crypto/rc4/rc4_enc.c for further details. + */ +#undef RC4_CHUNK +#endif +#endif -#if defined(HEADER_DES_H) && !defined(DES_LONG) +#if (defined(HEADER_DES_H) || defined(HEADER_DES_OLD_H)) && !defined(DES_LONG) /* If this is set to 'unsigned int' on a DEC Alpha, this gives about a * %20 speed up (longs are 8 bytes, int's are 4). */ #ifndef DES_LONG @@ -131,7 +147,7 @@ YOU SHOULD NOT HAVE BOTH DES_RISC1 AND DES_RISC2 DEFINED!!!!! # define DES_PTR # define DES_RISC2 # define DES_UNROLL -#elif defined( i386 ) /* x86 boxes, should be gcc */ +#elif defined(i386) || defined(__i386__) /* x86 boxes, should be gcc */ # define DES_PTR # define DES_RISC1 # define DES_UNROLL diff --git a/src/lib/libcrypto/perlasm/x86ms.pl b/src/lib/libcrypto/perlasm/x86ms.pl index 893b50b1a4..206452341d 100644 --- a/src/lib/libcrypto/perlasm/x86ms.pl +++ b/src/lib/libcrypto/perlasm/x86ms.pl @@ -1,4 +1,4 @@ -#!/usr/bin/perl +#!/usr/local/bin/perl package x86ms; @@ -51,6 +51,16 @@ sub main'DWP &get_mem("DWORD",@_); } +sub main'BC + { + return @_; + } + +sub main'DWC + { + return @_; + } + sub main'stack_push { local($num)=@_; @@ -331,7 +341,14 @@ sub main'set_label $label{$_[0]}="${label}${_[0]}"; $label++; } - push(@out,"$label{$_[0]}:\n"); + if((defined $_[2]) && ($_[2] == 1)) + { + push(@out,"$label{$_[0]}::\n"); + } + else + { + push(@out,"$label{$_[0]}:\n"); + } } sub main'data_word diff --git a/src/lib/libcrypto/perlasm/x86unix.pl b/src/lib/libcrypto/perlasm/x86unix.pl index 6ee4dd3245..9ceabf0705 100644 --- a/src/lib/libcrypto/perlasm/x86unix.pl +++ b/src/lib/libcrypto/perlasm/x86unix.pl @@ -1,14 +1,10 @@ -#!/usr/bin/perl - -# Because the bswapl instruction is not supported for old assembers -# (it was a new instruction for the 486), I've added .byte xxxx code -# to put it in. -# eric 24-Apr-1998 -# +#!/usr/local/bin/perl package x86unix; $label="L000"; +$const=""; +$constl=0; $align=($main'aout)?"4":"16"; $under=($main'aout)?"_":""; @@ -85,12 +81,17 @@ sub main'DWP local($addr,$reg1,$reg2,$idx)=@_; $ret=""; - $addr =~ s/(^|[+ \t])([A-Za-z_]+)($|[+ \t])/$1$under$2$3/; + $addr =~ s/(^|[+ \t])([A-Za-z_]+[A-Za-z0-9_]+)($|[+ \t])/$1$under$2$3/; $reg1="$regs{$reg1}" if defined($regs{$reg1}); $reg2="$regs{$reg2}" if defined($regs{$reg2}); $ret.=$addr if ($addr ne "") && ($addr ne 0); if ($reg2 ne "") - { $ret.="($reg1,$reg2,$idx)"; } + { + if($idx ne "") + { $ret.="($reg1,$reg2,$idx)"; } + else + { $ret.="($reg1,$reg2)"; } + } else { $ret.="($reg1)" } return($ret); @@ -101,6 +102,16 @@ sub main'BP return(&main'DWP(@_)); } +sub main'BC + { + return @_; + } + +sub main'DWC + { + return @_; + } + #sub main'BP # { # local($addr,$reg1,$reg2,$idx)=@_; @@ -153,12 +164,29 @@ sub main'dec { &out1("decl",@_); } sub main'inc { &out1("incl",@_); } sub main'push { &out1("pushl",@_); $stack+=4; } sub main'pop { &out1("popl",@_); $stack-=4; } -sub main'bswap { &out1("bswapl",@_); } +sub main'pushf { &out0("pushf"); $stack+=4; } +sub main'popf { &out0("popf"); $stack-=4; } sub main'not { &out1("notl",@_); } sub main'call { &out1("call",$under.$_[0]); } sub main'ret { &out0("ret"); } sub main'nop { &out0("nop"); } +# The bswapl instruction is new for the 486. Emulate if i386. +sub main'bswap + { + if ($main'i386) + { + &main'comment("bswapl @_"); + &main'exch(main'HB(@_),main'LB(@_)); + &main'rotr(@_,16); + &main'exch(main'HB(@_),main'LB(@_)); + } + else + { + &out1("bswapl",@_); + } + } + sub out2 { local($name,$p1,$p2)=@_; @@ -268,6 +296,8 @@ EOF push(@out,$tmp); if ($main'cpp) { $tmp=push(@out,"\tTYPE($func,\@function)\n"); } + elsif ($main'gaswin) + { $tmp=push(@out,"\t.def\t$func;\t.scl\t2;\t.type\t32;\t.endef\n"); } else { $tmp=push(@out,"\t.type\t$func,\@function\n"); } push(@out,"$func:\n"); $tmp=<<"EOF"; @@ -296,6 +326,8 @@ EOF push(@out,$tmp); if ($main'cpp) { push(@out,"\tTYPE($func,\@function)\n"); } + elsif ($main'gaswin) + { $tmp=push(@out,"\t.def\t$func;\t.scl\t2;\t.type\t32;\t.endef\n"); } else { push(@out,"\t.type $func,\@function\n"); } push(@out,"$func:\n"); $stack=4; @@ -316,8 +348,11 @@ sub main'function_end .${func}_end: EOF push(@out,$tmp); + if ($main'cpp) { push(@out,"\tSIZE($func,.${func}_end-$func)\n"); } + elsif ($main'gaswin) + { $tmp=push(@out,"\t.align 4\n"); } else { push(@out,"\t.size\t$func,.${func}_end-$func\n"); } push(@out,".ident \"$func\"\n"); $stack=0; @@ -344,10 +379,12 @@ sub main'function_end_B $func=$under.$func; - push(@out,".${func}_end:\n"); + push(@out,".L_${func}_end:\n"); if ($main'cpp) - { push(@out,"\tSIZE($func,.${func}_end-$func)\n"); } - else { push(@out,"\t.size\t$func,.${func}_end-$func\n"); } + { push(@out,"\tSIZE($func,.L_${func}_end-$func)\n"); } + elsif ($main'gaswin) + { push(@out,"\t.align 4\n"); } + else { push(@out,"\t.size\t$func,.L_${func}_end-$func\n"); } push(@out,".ident \"desasm.pl\"\n"); $stack=0; %label=(); @@ -421,9 +458,87 @@ sub main'set_label sub main'file_end { + if ($const ne "") + { + push(@out,".section .rodata\n"); + push(@out,$const); + $const=""; + } } sub main'data_word { push(@out,"\t.long $_[0]\n"); } + +# debug output functions: puts, putx, printf + +sub main'puts + { + &pushvars(); + &main'push('$Lstring' . ++$constl); + &main'call('puts'); + $stack-=4; + &main'add("esp",4); + &popvars(); + + $const .= "Lstring$constl:\n\t.string \"@_[0]\"\n"; + } + +sub main'putx + { + &pushvars(); + &main'push($_[0]); + &main'push('$Lstring' . ++$constl); + &main'call('printf'); + &main'add("esp",8); + $stack-=8; + &popvars(); + + $const .= "Lstring$constl:\n\t.string \"\%X\"\n"; + } + +sub main'printf + { + $ostack = $stack; + &pushvars(); + for ($i = @_ - 1; $i >= 0; $i--) + { + if ($i == 0) # change this to support %s format strings + { + &main'push('$Lstring' . ++$constl); + $const .= "Lstring$constl:\n\t.string \"@_[$i]\"\n"; + } + else + { + if ($_[$i] =~ /([0-9]*)\(%esp\)/) + { + &main'push(($1 + $stack - $ostack) . '(%esp)'); + } + else + { + &main'push($_[$i]); + } + } + } + &main'call('printf'); + $stack-=4*@_; + &main'add("esp",4*@_); + &popvars(); + } + +sub pushvars + { + &main'pushf(); + &main'push("edx"); + &main'push("ecx"); + &main'push("eax"); + } + +sub popvars + { + &main'pop("eax"); + &main'pop("ecx"); + &main'pop("edx"); + &main'popf(); + } diff --git a/src/lib/libcrypto/pkcs7/bio_ber.c b/src/lib/libcrypto/pkcs7/bio_ber.c index 2f17723e98..42331f7ab0 100644 --- a/src/lib/libcrypto/pkcs7/bio_ber.c +++ b/src/lib/libcrypto/pkcs7/bio_ber.c @@ -69,6 +69,7 @@ static int ber_read(BIO *h,char *buf,int size); static long ber_ctrl(BIO *h,int cmd,long arg1,char *arg2); static int ber_new(BIO *h); static int ber_free(BIO *data); +static long ber_callback_ctrl(BIO *h,int cmd,void *(*fp)()); #define BER_BUF_SIZE (32) /* This is used to hold the state of the BER objects being read. */ @@ -92,7 +93,7 @@ typedef struct bio_ber_struct /* most of the following are used when doing non-blocking IO */ /* reading */ long num_left; /* number of bytes still to read/write in block */ - int depth; /* used with idefinite encoding. */ + int depth; /* used with indefinite encoding. */ int finished; /* No more read data */ /* writting */ @@ -115,6 +116,7 @@ static BIO_METHOD methods_ber= ber_ctrl, ber_new, ber_free, + ber_callback_ctrl, }; BIO_METHOD *BIO_f_ber(void) @@ -126,7 +128,7 @@ static int ber_new(BIO *bi) { BIO_BER_CTX *ctx; - ctx=(BIO_BER_CTX *)Malloc(sizeof(BIO_BER_CTX)); + ctx=(BIO_BER_CTX *)OPENSSL_malloc(sizeof(BIO_BER_CTX)); if (ctx == NULL) return(0); memset((char *)ctx,0,sizeof(BIO_BER_CTX)); @@ -144,7 +146,7 @@ static int ber_free(BIO *a) if (a == NULL) return(0); b=(BIO_BER_CTX *)a->ptr; memset(a->ptr,0,sizeof(BIO_BER_CTX)); - Free(a->ptr); + OPENSSL_free(a->ptr); a->ptr=NULL; a->init=0; a->flags=0; @@ -337,7 +339,7 @@ static long ber_ctrl(BIO *b, int cmd, long num, char *ptr) case BIO_CTRL_RESET: ctx->ok=1; ctx->finished=0; - EVP_CipherInit(&(ctx->cipher),NULL,NULL,NULL, + EVP_CipherInit_ex(&(ctx->cipher),NULL,NULL,NULL,NULL, ctx->cipher.berrypt); ret=BIO_ctrl(b->next_bio,cmd,num,ptr); break; @@ -374,7 +376,7 @@ again: { ctx->finished=1; ctx->buf_off=0; - ret=EVP_CipherFinal(&(ctx->cipher), + ret=EVP_CipherFinal_ex(&(ctx->cipher), (unsigned char *)ctx->buf, &(ctx->buf_len)); ctx->ok=(int)ret; @@ -409,6 +411,20 @@ again: return(ret); } +static long ber_callback_ctrl(BIO *b, int cmd, void *(*fp)()) + { + long ret=1; + + if (b->next_bio == NULL) return(0); + switch (cmd) + { + default: + ret=BIO_callback_ctrl(b->next_bio,cmd,fp); + break; + } + return(ret); + } + /* void BIO_set_cipher_ctx(b,c) BIO *b; @@ -442,7 +458,7 @@ void BIO_set_cipher(BIO *b, EVP_CIPHER *c, unsigned char *k, unsigned char *i, b->init=1; ctx=(BIO_ENC_CTX *)b->ptr; - EVP_CipherInit(&(ctx->cipher),c,k,i,e); + EVP_CipherInit_ex(&(ctx->cipher),c,NULL,k,i,e); if (b->callback != NULL) b->callback(b,BIO_CB_CTRL,(char *)c,BIO_CTRL_SET,e,1L); diff --git a/src/lib/libcrypto/pkcs7/dec.c b/src/lib/libcrypto/pkcs7/dec.c index b3661f28d3..6752ec568a 100644 --- a/src/lib/libcrypto/pkcs7/dec.c +++ b/src/lib/libcrypto/pkcs7/dec.c @@ -57,6 +57,7 @@ */ #include #include +#include #include #include #include @@ -85,7 +86,7 @@ char *argv[]; int i,printit=0; STACK_OF(PKCS7_SIGNER_INFO) *sk; - SSLeay_add_all_algorithms(); + OpenSSL_add_all_algorithms(); bio_err=BIO_new_fp(stderr,BIO_NOCLOSE); data=BIO_new(BIO_s_file()); @@ -121,9 +122,10 @@ char *argv[]; } if ((in=BIO_new_file(keyfile,"r")) == NULL) goto err; - if ((x509=PEM_read_bio_X509(in,NULL,NULL)) == NULL) goto err; + if ((x509=PEM_read_bio_X509(in,NULL,NULL,NULL)) == NULL) goto err; BIO_reset(in); - if ((pkey=PEM_read_bio_PrivateKey(in,NULL,NULL)) == NULL) goto err; + if ((pkey=PEM_read_bio_PrivateKey(in,NULL,NULL,NULL)) == NULL) + goto err; BIO_free(in); if (pp == NULL) @@ -131,7 +133,7 @@ char *argv[]; /* Load the PKCS7 object from a file */ - if ((p7=PEM_read_bio_PKCS7(data,NULL,NULL)) == NULL) goto err; + if ((p7=PEM_read_bio_PKCS7(data,NULL,NULL,NULL)) == NULL) goto err; @@ -148,7 +150,7 @@ char *argv[]; /* We need to process the data */ /* We cannot support detached encryption */ p7bio=PKCS7_dataDecode(p7,pkey,detached,x509); - + if (p7bio == NULL) { printf("problems decoding\n"); diff --git a/src/lib/libcrypto/pkcs7/enc.c b/src/lib/libcrypto/pkcs7/enc.c index 625a7c2285..7417f8a4e0 100644 --- a/src/lib/libcrypto/pkcs7/enc.c +++ b/src/lib/libcrypto/pkcs7/enc.c @@ -56,61 +56,91 @@ * [including the GNU Public Licence.] */ #include -#include "bio.h" -#include "x509.h" -#include "pem.h" +#include +#include +#include +#include +#include -main(argc,argv) +int main(argc,argv) int argc; char *argv[]; { X509 *x509; - EVP_PKEY *pkey; PKCS7 *p7; - PKCS7 *p7_data; - PKCS7_SIGNER_INFO *si; BIO *in; BIO *data,*p7bio; char buf[1024*4]; - int i,j; - int nodetach=0; + int i; + int nodetach=1; + char *keyfile = NULL; + const EVP_CIPHER *cipher=NULL; + STACK_OF(X509) *recips=NULL; - EVP_add_digest(EVP_sha1()); - EVP_add_cipher(EVP_des_cbc()); + OpenSSL_add_all_algorithms(); data=BIO_new(BIO_s_file()); -again: - if (argc > 1) + while(argc > 1) { if (strcmp(argv[1],"-nd") == 0) { nodetach=1; argv++; argc--; - goto again; } - if (!BIO_read_filename(data,argv[1])) - goto err; - } - else - BIO_set_fp(data,stdin,BIO_NOCLOSE); + else if ((strcmp(argv[1],"-c") == 0) && (argc >= 2)) { + if(!(cipher = EVP_get_cipherbyname(argv[2]))) { + fprintf(stderr, "Unknown cipher %s\n", argv[2]); + goto err; + } + argc-=2; + argv+=2; + } else if ((strcmp(argv[1],"-k") == 0) && (argc >= 2)) { + keyfile = argv[2]; + argc-=2; + argv+=2; + if (!(in=BIO_new_file(keyfile,"r"))) goto err; + if (!(x509=PEM_read_bio_X509(in,NULL,NULL,NULL))) + goto err; + if(!recips) recips = sk_X509_new_null(); + sk_X509_push(recips, x509); + BIO_free(in); + } else break; + } - if ((in=BIO_new_file("server.pem","r")) == NULL) goto err; - if ((x509=PEM_read_bio_X509(in,NULL,NULL)) == NULL) goto err; + if(!recips) { + fprintf(stderr, "No recipients\n"); + goto err; + } + + if (!BIO_read_filename(data,argv[1])) goto err; + + p7=PKCS7_new(); +#if 0 BIO_reset(in); if ((pkey=PEM_read_bio_PrivateKey(in,NULL,NULL)) == NULL) goto err; BIO_free(in); - - p7=PKCS7_new(); PKCS7_set_type(p7,NID_pkcs7_signedAndEnveloped); if (PKCS7_add_signature(p7,x509,pkey,EVP_sha1()) == NULL) goto err; - - if (!PKCS7_set_cipher(p7,EVP_des_cbc())) goto err; - if (PKCS7_add_recipient(p7,x509) == NULL) goto err; - /* we may want to add more */ PKCS7_add_certificate(p7,x509); +#else + PKCS7_set_type(p7,NID_pkcs7_enveloped); +#endif + if(!cipher) { +#ifndef OPENSSL_NO_DES + cipher = EVP_des_ede3_cbc(); +#else + fprintf(stderr, "No cipher selected\n"); + goto err; +#endif + } + if (!PKCS7_set_cipher(p7,cipher)) goto err; + for(i = 0; i < sk_X509_num(recips); i++) { + if (!PKCS7_add_recipient(p7,sk_X509_value(recips, i))) goto err; + } + sk_X509_pop_free(recips, X509_free); /* Set the content of the signed to 'data' */ /* PKCS7_content_new(p7,NID_pkcs7_data); not used in envelope */ @@ -129,7 +159,7 @@ again: } BIO_flush(p7bio); - if (!PKCS7_dataSign(p7,p7bio)) goto err; + if (!PKCS7_dataFinal(p7,p7bio)) goto err; BIO_free(p7bio); PEM_write_PKCS7(stdout,p7); diff --git a/src/lib/libcrypto/pkcs7/example.c b/src/lib/libcrypto/pkcs7/example.c index 7354890084..c993947cc3 100644 --- a/src/lib/libcrypto/pkcs7/example.c +++ b/src/lib/libcrypto/pkcs7/example.c @@ -1,7 +1,9 @@ #include #include +#include #include #include +#include int add_signed_time(PKCS7_SIGNER_INFO *si) { @@ -36,7 +38,7 @@ void add_signed_string(PKCS7_SIGNER_INFO *si, char *str) signed_string_nid= OBJ_create("1.2.3.4.5","OID_example","Our example OID"); os=ASN1_OCTET_STRING_new(); - ASN1_OCTET_STRING_set(os,str,strlen(str)); + ASN1_OCTET_STRING_set(os,(unsigned char*)str,strlen(str)); /* When we add, we do not free */ PKCS7_add_signed_attribute(si,signed_string_nid, V_ASN1_OCTET_STRING,(char *)os); @@ -68,7 +70,7 @@ int get_signed_string(PKCS7_SIGNER_INFO *si, char *buf, int len) return(0); } -static signed_seq2string_nid= -1; +static int signed_seq2string_nid= -1; /* ########################################### */ int add_signed_seq2string(PKCS7_SIGNER_INFO *si, char *str1, char *str2) { @@ -86,8 +88,8 @@ int add_signed_seq2string(PKCS7_SIGNER_INFO *si, char *str1, char *str2) os1=ASN1_OCTET_STRING_new(); os2=ASN1_OCTET_STRING_new(); - ASN1_OCTET_STRING_set(os1,str1,strlen(str1)); - ASN1_OCTET_STRING_set(os2,str1,strlen(str1)); + ASN1_OCTET_STRING_set(os1,(unsigned char*)str1,strlen(str1)); + ASN1_OCTET_STRING_set(os2,(unsigned char*)str1,strlen(str1)); i =i2d_ASN1_OCTET_STRING(os1,NULL); i+=i2d_ASN1_OCTET_STRING(os2,NULL); total=ASN1_object_size(1,i,V_ASN1_SEQUENCE); @@ -197,7 +199,7 @@ X509_ATTRIBUTE *create_string(char *str) signed_string_nid= OBJ_create("1.2.3.4.5","OID_example","Our example OID"); os=ASN1_OCTET_STRING_new(); - ASN1_OCTET_STRING_set(os,str,strlen(str)); + ASN1_OCTET_STRING_set(os,(unsigned char*)str,strlen(str)); /* When we add, we do not free */ ret=X509_ATTRIBUTE_create(signed_string_nid, V_ASN1_OCTET_STRING,(char *)os); @@ -250,8 +252,8 @@ X509_ATTRIBUTE *add_seq2string(PKCS7_SIGNER_INFO *si, char *str1, char *str2) os1=ASN1_OCTET_STRING_new(); os2=ASN1_OCTET_STRING_new(); - ASN1_OCTET_STRING_set(os1,str1,strlen(str1)); - ASN1_OCTET_STRING_set(os2,str1,strlen(str1)); + ASN1_OCTET_STRING_set(os1,(unsigned char*)str1,strlen(str1)); + ASN1_OCTET_STRING_set(os2,(unsigned char*)str1,strlen(str1)); i =i2d_ASN1_OCTET_STRING(os1,NULL); i+=i2d_ASN1_OCTET_STRING(os2,NULL); total=ASN1_object_size(1,i,V_ASN1_SEQUENCE); diff --git a/src/lib/libcrypto/pkcs7/pk7_dgst.c b/src/lib/libcrypto/pkcs7/pk7_dgst.c index 7769abeb1e..90edfa5001 100644 --- a/src/lib/libcrypto/pkcs7/pk7_dgst.c +++ b/src/lib/libcrypto/pkcs7/pk7_dgst.c @@ -58,9 +58,9 @@ #include #include "cryptlib.h" -#include "evp.h" -#include "rand.h" -#include "objects.h" -#include "x509.h" -#include "pkcs7.h" +#include +#include +#include +#include +#include diff --git a/src/lib/libcrypto/pkcs7/pk7_enc.c b/src/lib/libcrypto/pkcs7/pk7_enc.c index a5b6dc463f..acbb189c59 100644 --- a/src/lib/libcrypto/pkcs7/pk7_enc.c +++ b/src/lib/libcrypto/pkcs7/pk7_enc.c @@ -58,11 +58,11 @@ #include #include "cryptlib.h" -#include "evp.h" -#include "rand.h" -#include "objects.h" -#include "x509.h" -#include "pkcs7.h" +#include +#include +#include +#include +#include PKCS7_in_bio(PKCS7 *p7,BIO *in); PKCS7_out_bio(PKCS7 *p7,BIO *out); diff --git a/src/lib/libcrypto/pkcs7/sign.c b/src/lib/libcrypto/pkcs7/sign.c index ead1cb65ca..8b59885f7e 100644 --- a/src/lib/libcrypto/pkcs7/sign.c +++ b/src/lib/libcrypto/pkcs7/sign.c @@ -56,29 +56,38 @@ * [including the GNU Public Licence.] */ #include -#include "bio.h" -#include "x509.h" -#include "pem.h" +#include +#include +#include +#include +#include -main(argc,argv) +int main(argc,argv) int argc; char *argv[]; { X509 *x509; EVP_PKEY *pkey; PKCS7 *p7; - PKCS7 *p7_data; PKCS7_SIGNER_INFO *si; BIO *in; BIO *data,*p7bio; char buf[1024*4]; - int i,j; + int i; int nodetach=0; +#ifndef OPENSSL_NO_MD2 EVP_add_digest(EVP_md2()); +#endif +#ifndef OPENSSL_NO_MD5 EVP_add_digest(EVP_md5()); +#endif +#ifndef OPENSSL_NO_SHA1 EVP_add_digest(EVP_sha1()); +#endif +#ifndef OPENSSL_NO_MDC2 EVP_add_digest(EVP_mdc2()); +#endif data=BIO_new(BIO_s_file()); again: @@ -97,15 +106,20 @@ again: BIO_set_fp(data,stdin,BIO_NOCLOSE); if ((in=BIO_new_file("server.pem","r")) == NULL) goto err; - if ((x509=PEM_read_bio_X509(in,NULL,NULL)) == NULL) goto err; + if ((x509=PEM_read_bio_X509(in,NULL,NULL,NULL)) == NULL) goto err; BIO_reset(in); - if ((pkey=PEM_read_bio_PrivateKey(in,NULL,NULL)) == NULL) goto err; + if ((pkey=PEM_read_bio_PrivateKey(in,NULL,NULL,NULL)) == NULL) goto err; BIO_free(in); p7=PKCS7_new(); PKCS7_set_type(p7,NID_pkcs7_signed); - if (PKCS7_add_signature(p7,x509,pkey,EVP_sha1()) == NULL) goto err; + si=PKCS7_add_signature(p7,x509,pkey,EVP_sha1()); + if (si == NULL) goto err; + + /* If you do this then you get signing time automatically added */ + PKCS7_add_signed_attribute(si, NID_pkcs9_contentType, V_ASN1_OBJECT, + OBJ_nid2obj(NID_pkcs7_data)); /* we may want to add more */ PKCS7_add_certificate(p7,x509); @@ -125,7 +139,7 @@ again: BIO_write(p7bio,buf,i); } - if (!PKCS7_dataSign(p7,p7bio)) goto err; + if (!PKCS7_dataFinal(p7,p7bio)) goto err; BIO_free(p7bio); PEM_write_PKCS7(stdout,p7); diff --git a/src/lib/libcrypto/pkcs7/verify.c b/src/lib/libcrypto/pkcs7/verify.c index 0e1c1b26dc..5f7afe8933 100644 --- a/src/lib/libcrypto/pkcs7/verify.c +++ b/src/lib/libcrypto/pkcs7/verify.c @@ -56,41 +56,50 @@ * [including the GNU Public Licence.] */ #include -#include "asn1.h" -#include "bio.h" -#include "x509.h" -#include "pem.h" +#include +#include +#include +#include +#include +#include +#include "example.h" int verify_callback(int ok, X509_STORE_CTX *ctx); BIO *bio_err=NULL; +BIO *bio_out=NULL; -main(argc,argv) +int main(argc,argv) int argc; char *argv[]; { - X509 *x509,*x; PKCS7 *p7; - PKCS7_SIGNED *s; PKCS7_SIGNER_INFO *si; - PKCS7_ISSUER_AND_SERIAL *ias; X509_STORE_CTX cert_ctx; X509_STORE *cert_store=NULL; - X509_LOOKUP *lookup=NULL; BIO *data,*detached=NULL,*p7bio=NULL; char buf[1024*4]; - unsigned char *p,*pp; - int i,j,printit=0; - STACK *sk; + char *pp; + int i,printit=0; + STACK_OF(PKCS7_SIGNER_INFO) *sk; bio_err=BIO_new_fp(stderr,BIO_NOCLOSE); + bio_out=BIO_new_fp(stdout,BIO_NOCLOSE); +#ifndef OPENSSL_NO_MD2 EVP_add_digest(EVP_md2()); +#endif +#ifndef OPENSSL_NO_MD5 EVP_add_digest(EVP_md5()); +#endif +#ifndef OPENSSL_NO_SHA1 EVP_add_digest(EVP_sha1()); +#endif +#ifndef OPENSSL_NO_MDC2 EVP_add_digest(EVP_mdc2()); +#endif data=BIO_new(BIO_s_file()); -again: + pp=NULL; while (argc > 1) { @@ -121,7 +130,7 @@ again: /* Load the PKCS7 object from a file */ - if ((p7=PEM_read_bio_PKCS7(data,NULL,NULL)) == NULL) goto err; + if ((p7=PEM_read_bio_PKCS7(data,NULL,NULL,NULL)) == NULL) goto err; /* This stuff is being setup for certificate verification. * When using SSL, it could be replaced with a @@ -131,10 +140,10 @@ again: X509_STORE_load_locations(cert_store,NULL,"../../certs"); X509_STORE_set_verify_cb_func(cert_store,verify_callback); - ERR_clear_errors(); + ERR_clear_error(); /* We need to process the data */ - if (PKCS7_get_detached(p7)) + if ((PKCS7_get_detached(p7) || detached)) { if (detached == NULL) { @@ -166,12 +175,29 @@ again: } /* Ok, first we need to, for each subject entry, see if we can verify */ - for (i=0; i -#include "cryptlib.h" -#include -#include - -#if !defined(USE_MD5_RAND) && !defined(USE_SHA1_RAND) && !defined(USE_MDC2_RAND) && !defined(USE_MD2_RAND) -#ifndef NO_MD5 -#define USE_MD5_RAND -#elif !defined(NO_SHA1) -#define USE_SHA1_RAND -#elif !defined(NO_MDC2) -#define USE_MDC2_RAND -#elif !defined(NO_MD2) -#define USE_MD2_RAND -#else -We need a message digest of some type -#endif +#ifdef MD_RAND_DEBUG +# ifndef NDEBUG +# define NDEBUG +# endif #endif -/* Changed how the state buffer used. I now attempt to 'wrap' such - * that I don't run over the same locations the next time go through - * the 1023 bytes - many thanks to - * Robert J. LeBlanc for his comments - */ +#include +#include +#include -#if defined(USE_MD5_RAND) -#include "md5.h" -#define MD_DIGEST_LENGTH MD5_DIGEST_LENGTH -#define MD_CTX MD5_CTX -#define MD_Init(a) MD5_Init(a) -#define MD_Update(a,b,c) MD5_Update(a,b,c) -#define MD_Final(a,b) MD5_Final(a,b) -#elif defined(USE_SHA1_RAND) -#include "sha.h" -#define MD_DIGEST_LENGTH SHA_DIGEST_LENGTH -#define MD_CTX SHA_CTX -#define MD_Init(a) SHA1_Init(a) -#define MD_Update(a,b,c) SHA1_Update(a,b,c) -#define MD_Final(a,b) SHA1_Final(a,b) -#elif defined(USE_MDC2_RAND) -#include "mdc2.h" -#define MD_DIGEST_LENGTH MDC2_DIGEST_LENGTH -#define MD_CTX MDC2_CTX -#define MD_Init(a) MDC2_Init(a) -#define MD_Update(a,b,c) MDC2_Update(a,b,c) -#define MD_Final(a,b) MDC2_Final(a,b) -#elif defined(USE_MD2_RAND) -#include "md2.h" -#define MD_DIGEST_LENGTH MD2_DIGEST_LENGTH -#define MD_CTX MD2_CTX -#define MD_Init(a) MD2_Init(a) -#define MD_Update(a,b,c) MD2_Update(a,b,c) -#define MD_Final(a,b) MD2_Final(a,b) -#endif +#include "e_os.h" -#include "rand.h" +#include +#include "rand_lcl.h" -/*#define NORAND 1 */ -/*#define PREDICT 1 */ +#include +#include + +#ifdef BN_DEBUG +# define PREDICT +#endif + +/* #define PREDICT 1 */ #define STATE_SIZE 1023 static int state_num=0,state_index=0; static unsigned char state[STATE_SIZE+MD_DIGEST_LENGTH]; static unsigned char md[MD_DIGEST_LENGTH]; -static int md_count=0; +static long md_count[2]={0,0}; +static double entropy=0; +static int initialized=0; -char *RAND_version="RAND part of SSLeay 0.9.0b 29-Jun-1998"; +static unsigned int crypto_lock_rand = 0; /* may be set only when a thread + * holds CRYPTO_LOCK_RAND + * (to prevent double locking) */ +/* access to lockin_thread is synchronized by CRYPTO_LOCK_RAND2 */ +static unsigned long locking_thread = 0; /* valid iff crypto_lock_rand is set */ -void RAND_cleanup() + +#ifdef PREDICT +int rand_predictable=0; +#endif + +const char *RAND_version="RAND" OPENSSL_VERSION_PTEXT; + +static void ssleay_rand_cleanup(void); +static void ssleay_rand_seed(const void *buf, int num); +static void ssleay_rand_add(const void *buf, int num, double add_entropy); +static int ssleay_rand_bytes(unsigned char *buf, int num); +static int ssleay_rand_pseudo_bytes(unsigned char *buf, int num); +static int ssleay_rand_status(void); + +RAND_METHOD rand_ssleay_meth={ + ssleay_rand_seed, + ssleay_rand_bytes, + ssleay_rand_cleanup, + ssleay_rand_add, + ssleay_rand_pseudo_bytes, + ssleay_rand_status + }; + +RAND_METHOD *RAND_SSLeay(void) + { + return(&rand_ssleay_meth); + } + +static void ssleay_rand_cleanup(void) { memset(state,0,sizeof(state)); state_num=0; state_index=0; memset(md,0,MD_DIGEST_LENGTH); - md_count=0; + md_count[0]=0; + md_count[1]=0; + entropy=0; + initialized=0; } -void RAND_seed(buf,num) -unsigned char *buf; -int num; +static void ssleay_rand_add(const void *buf, int num, double add) { - int i,j,k,st_idx,st_num; - MD_CTX m; - -#ifdef NORAND - return; -#endif + int i,j,k,st_idx; + long md_c[2]; + unsigned char local_md[MD_DIGEST_LENGTH]; + EVP_MD_CTX m; + int do_not_lock; + + /* + * (Based on the rand(3) manpage) + * + * The input is chopped up into units of 20 bytes (or less for + * the last block). Each of these blocks is run through the hash + * function as follows: The data passed to the hash function + * is the current 'md', the same number of bytes from the 'state' + * (the location determined by in incremented looping index) as + * the current 'block', the new key data 'block', and 'count' + * (which is incremented after each use). + * The result of this is kept in 'md' and also xored into the + * 'state' at the same locations that were used as input into the + * hash function. + */ + + /* check if we already have the lock */ + if (crypto_lock_rand) + { + CRYPTO_r_lock(CRYPTO_LOCK_RAND2); + do_not_lock = (locking_thread == CRYPTO_thread_id()); + CRYPTO_r_unlock(CRYPTO_LOCK_RAND2); + } + else + do_not_lock = 0; - CRYPTO_w_lock(CRYPTO_LOCK_RAND); + if (!do_not_lock) CRYPTO_w_lock(CRYPTO_LOCK_RAND); st_idx=state_index; - st_num=state_num; - state_index=(state_index+num); + /* use our own copies of the counters so that even + * if a concurrent thread seeds with exactly the + * same data and uses the same subarray there's _some_ + * difference */ + md_c[0] = md_count[0]; + md_c[1] = md_count[1]; + + memcpy(local_md, md, sizeof md); + + /* state_index <= state_num <= STATE_SIZE */ + state_index += num; if (state_index >= STATE_SIZE) { state_index%=STATE_SIZE; @@ -159,15 +244,24 @@ int num; if (state_index > state_num) state_num=state_index; } - CRYPTO_w_unlock(CRYPTO_LOCK_RAND); + /* state_index <= state_num <= STATE_SIZE */ + /* state[st_idx], ..., state[(st_idx + num - 1) % STATE_SIZE] + * are what we will use now, but other threads may use them + * as well */ + + md_count[1] += (num / MD_DIGEST_LENGTH) + (num % MD_DIGEST_LENGTH > 0); + + if (!do_not_lock) CRYPTO_w_unlock(CRYPTO_LOCK_RAND); + + EVP_MD_CTX_init(&m); for (i=0; i MD_DIGEST_LENGTH)?MD_DIGEST_LENGTH:j; MD_Init(&m); - MD_Update(&m,md,MD_DIGEST_LENGTH); + MD_Update(&m,local_md,MD_DIGEST_LENGTH); k=(st_idx+j)-STATE_SIZE; if (k > 0) { @@ -178,228 +272,301 @@ int num; MD_Update(&m,&(state[st_idx]),j); MD_Update(&m,buf,j); - MD_Final(md,&m); + MD_Update(&m,(unsigned char *)&(md_c[0]),sizeof(md_c)); + MD_Final(&m,local_md); + md_c[1]++; - buf+=j; + buf=(const char *)buf + j; for (k=0; k= STATE_SIZE) - { st_idx=0; - st_num=STATE_SIZE; - } } } - memset((char *)&m,0,sizeof(m)); + EVP_MD_CTX_cleanup(&m); + + if (!do_not_lock) CRYPTO_w_lock(CRYPTO_LOCK_RAND); + /* Don't just copy back local_md into md -- this could mean that + * other thread's seeding remains without effect (except for + * the incremented counter). By XORing it we keep at least as + * much entropy as fits into md. */ + for (k = 0; k < sizeof md; k++) + { + md[k] ^= local_md[k]; + } + if (entropy < ENTROPY_NEEDED) /* stop counting when we have enough */ + entropy += add; + if (!do_not_lock) CRYPTO_w_unlock(CRYPTO_LOCK_RAND); + +#if !defined(OPENSSL_THREADS) && !defined(OPENSSL_SYS_WIN32) + assert(md_c[1] == md_count[1]); +#endif } -void RAND_bytes(buf,num) -unsigned char *buf; -int num; +static void ssleay_rand_seed(const void *buf, int num) { + ssleay_rand_add(buf, num, num); + } + +static int ssleay_rand_bytes(unsigned char *buf, int num) + { + static volatile int stirred_pool = 0; int i,j,k,st_num,st_idx; - MD_CTX m; - static int init=1; - unsigned long l; -#ifdef DEVRANDOM - FILE *fh; + int num_ceil; + int ok; + long md_c[2]; + unsigned char local_md[MD_DIGEST_LENGTH]; + EVP_MD_CTX m; +#ifndef GETPID_IS_MEANINGLESS + pid_t curr_pid = getpid(); #endif + int do_stir_pool = 0; #ifdef PREDICT - { - static unsigned char val=0; + if (rand_predictable) + { + static unsigned char val=0; - for (i=0; i= ENTROPY_NEEDED); + if (!ok) + { + /* If the PRNG state is not yet unpredictable, then seeing + * the PRNG output may help attackers to determine the new + * state; thus we have to decrease the entropy estimate. + * Once we've had enough initial seeding we don't bother to + * adjust the entropy count, though, because we're not ambitious + * to provide *information-theoretic* randomness. + * + * NOTE: This approach fails if the program forks before + * we have enough entropy. Entropy should be collected + * in a separate input pool and be transferred to the + * output pool only when the entropy limit has been reached. */ - if ((fh = fopen(DEVRANDOM, "r")) != NULL) + entropy -= num; + if (entropy < 0) + entropy = 0; + } + + if (do_stir_pool) + { + /* In the output function only half of 'md' remains secret, + * so we better make sure that the required entropy gets + * 'evenly distributed' through 'state', our randomness pool. + * The input function (ssleay_rand_add) chains all of 'md', + * which makes it more suitable for this purpose. + */ + + int n = STATE_SIZE; /* so that the complete pool gets accessed */ + while (n > 0) { - unsigned char tmpbuf[32]; - - fread((unsigned char *)tmpbuf,1,32,fh); - /* we don't care how many bytes we read, - * we will just copy the 'stack' if there is - * nothing else :-) */ - fclose(fh); - RAND_seed(tmpbuf,32); - memset(tmpbuf,0,32); - } -/* #endif */ -#ifdef PURIFY - memset(state,0,STATE_SIZE); - memset(md,0,MD_DIGEST_LENGTH); +#if MD_DIGEST_LENGTH > 20 +# error "Please adjust DUMMY_SEED." #endif - CRYPTO_w_lock(CRYPTO_LOCK_RAND); +#define DUMMY_SEED "...................." /* at least MD_DIGEST_LENGTH */ + /* Note that the seed does not matter, it's just that + * ssleay_rand_add expects to have something to hash. */ + ssleay_rand_add(DUMMY_SEED, MD_DIGEST_LENGTH, 0.0); + n -= MD_DIGEST_LENGTH; + } + if (ok) + stirred_pool = 1; } st_idx=state_index; st_num=state_num; - state_index+=num; + md_c[0] = md_count[0]; + md_c[1] = md_count[1]; + memcpy(local_md, md, sizeof md); + + state_index+=num_ceil; if (state_index > state_num) - state_index=(state_index%state_num); + state_index %= state_num; + /* state[st_idx], ..., state[(st_idx + num_ceil - 1) % st_num] + * are now ours (but other threads may use them too) */ + + md_count[0] += 1; + + /* before unlocking, we must clear 'crypto_lock_rand' */ + crypto_lock_rand = 0; CRYPTO_w_unlock(CRYPTO_LOCK_RAND); while (num > 0) { + /* num_ceil -= MD_DIGEST_LENGTH/2 */ j=(num >= MD_DIGEST_LENGTH/2)?MD_DIGEST_LENGTH/2:num; num-=j; MD_Init(&m); - MD_Update(&m,&(md[MD_DIGEST_LENGTH/2]),MD_DIGEST_LENGTH/2); +#ifndef GETPID_IS_MEANINGLESS + if (curr_pid) /* just in the first iteration to save time */ + { + MD_Update(&m,(unsigned char*)&curr_pid,sizeof curr_pid); + curr_pid = 0; + } +#endif + MD_Update(&m,local_md,MD_DIGEST_LENGTH); + MD_Update(&m,(unsigned char *)&(md_c[0]),sizeof(md_c)); #ifndef PURIFY MD_Update(&m,buf,j); /* purify complains */ #endif - k=(st_idx+j)-st_num; + k=(st_idx+MD_DIGEST_LENGTH/2)-st_num; if (k > 0) { - MD_Update(&m,&(state[st_idx]),j-k); + MD_Update(&m,&(state[st_idx]),MD_DIGEST_LENGTH/2-k); MD_Update(&m,&(state[0]),k); } else - MD_Update(&m,&(state[st_idx]),j); - MD_Final(md,&m); + MD_Update(&m,&(state[st_idx]),MD_DIGEST_LENGTH/2); + MD_Final(&m,local_md); - for (i=0; i= st_num) st_idx=0; - state[st_idx++]^=md[i]; - *(buf++)=md[i+MD_DIGEST_LENGTH/2]; + if (i < j) + *(buf++)=local_md[i+MD_DIGEST_LENGTH/2]; } } MD_Init(&m); - MD_Update(&m,(unsigned char *)&md_count,sizeof(md_count)); md_count++; + MD_Update(&m,(unsigned char *)&(md_c[0]),sizeof(md_c)); + MD_Update(&m,local_md,MD_DIGEST_LENGTH); + CRYPTO_w_lock(CRYPTO_LOCK_RAND); MD_Update(&m,md,MD_DIGEST_LENGTH); - MD_Final(md,&m); - memset(&m,0,sizeof(m)); + MD_Final(&m,md); + CRYPTO_w_unlock(CRYPTO_LOCK_RAND); + + EVP_MD_CTX_cleanup(&m); + if (ok) + return(1); + else + { + RANDerr(RAND_F_SSLEAY_RAND_BYTES,RAND_R_PRNG_NOT_SEEDED); + ERR_add_error_data(1, "You need to read the OpenSSL FAQ, " + "http://www.openssl.org/support/faq.html"); + return(0); + } } -#ifdef WINDOWS -#include -#include +/* pseudo-random bytes that are guaranteed to be unique but not + unpredictable */ +static int ssleay_rand_pseudo_bytes(unsigned char *buf, int num) + { + int ret; + unsigned long err; -/***************************************************************************** - * Initialisation function for the SSL random generator. Takes the contents - * of the screen as random seed. - * - * Created 960901 by Gertjan van Oosten, gertjan@West.NL, West Consulting B.V. - * - * Code adapted from - * ; - * the original copyright message is: - * -// (C) Copyright Microsoft Corp. 1993. All rights reserved. -// -// You have a royalty-free right to use, modify, reproduce and -// distribute the Sample Files (and/or any modified version) in -// any way you find useful, provided that you agree that -// Microsoft has no warranty obligations or liability for any -// Sample Application Files which are modified. - */ -/* - * I have modified the loading of bytes via RAND_seed() mechanism since - * the origional would have been very very CPU intensive since RAND_seed() - * does an MD5 per 16 bytes of input. The cost to digest 16 bytes is the same - * as that to digest 56 bytes. So under the old system, a screen of - * 1024*768*256 would have been CPU cost of approximatly 49,000 56 byte MD5 - * digests or digesting 2.7 mbytes. What I have put in place would - * be 48 16k MD5 digests, or efectivly 48*16+48 MD5 bytes or 816 kbytes - * or about 3.5 times as much. - * - eric - */ -void RAND_screen(void) -{ - HDC hScrDC; /* screen DC */ - HDC hMemDC; /* memory DC */ - HBITMAP hBitmap; /* handle for our bitmap */ - HBITMAP hOldBitmap; /* handle for previous bitmap */ - BITMAP bm; /* bitmap properties */ - unsigned int size; /* size of bitmap */ - char *bmbits; /* contents of bitmap */ - int w; /* screen width */ - int h; /* screen height */ - int y; /* y-coordinate of screen lines to grab */ - int n = 16; /* number of screen lines to grab at a time */ - - /* Create a screen DC and a memory DC compatible to screen DC */ - hScrDC = CreateDC("DISPLAY", NULL, NULL, NULL); - hMemDC = CreateCompatibleDC(hScrDC); - - /* Get screen resolution */ - w = GetDeviceCaps(hScrDC, HORZRES); - h = GetDeviceCaps(hScrDC, VERTRES); - - /* Create a bitmap compatible with the screen DC */ - hBitmap = CreateCompatibleBitmap(hScrDC, w, n); - - /* Select new bitmap into memory DC */ - hOldBitmap = SelectObject(hMemDC, hBitmap); - - /* Get bitmap properties */ - GetObject(hBitmap, sizeof(BITMAP), (LPSTR)&bm); - size = (unsigned int)bm.bmWidthBytes * bm.bmHeight * bm.bmPlanes; - - bmbits = Malloc(size); - if (bmbits) { - /* Now go through the whole screen, repeatedly grabbing n lines */ - for (y = 0; y < h-n; y += n) - { - unsigned char md[MD_DIGEST_LENGTH]; - - /* Bitblt screen DC to memory DC */ - BitBlt(hMemDC, 0, 0, w, n, hScrDC, 0, y, SRCCOPY); - - /* Copy bitmap bits from memory DC to bmbits */ - GetBitmapBits(hBitmap, size, bmbits); - - /* Get the MD5 of the bitmap */ - MD5(bmbits,size,md); - - /* Seed the random generator with the MD5 digest */ - RAND_seed(md, MD_DIGEST_LENGTH); + ret = RAND_bytes(buf, num); + if (ret == 0) + { + err = ERR_peek_error(); + if (ERR_GET_LIB(err) == ERR_LIB_RAND && + ERR_GET_REASON(err) == RAND_R_PRNG_NOT_SEEDED) + (void)ERR_get_error(); + } + return (ret); } - Free(bmbits); - } +static int ssleay_rand_status(void) + { + int ret; + int do_not_lock; - /* Select old bitmap back into memory DC */ - hBitmap = SelectObject(hMemDC, hOldBitmap); + /* check if we already have the lock + * (could happen if a RAND_poll() implementation calls RAND_status()) */ + if (crypto_lock_rand) + { + CRYPTO_r_lock(CRYPTO_LOCK_RAND2); + do_not_lock = (locking_thread == CRYPTO_thread_id()); + CRYPTO_r_unlock(CRYPTO_LOCK_RAND2); + } + else + do_not_lock = 0; + + if (!do_not_lock) + { + CRYPTO_w_lock(CRYPTO_LOCK_RAND); + + /* prevent ssleay_rand_bytes() from trying to obtain the lock again */ + CRYPTO_w_lock(CRYPTO_LOCK_RAND2); + locking_thread = CRYPTO_thread_id(); + CRYPTO_w_unlock(CRYPTO_LOCK_RAND2); + crypto_lock_rand = 1; + } + + if (!initialized) + { + RAND_poll(); + initialized = 1; + } - /* Clean up */ - DeleteObject(hBitmap); - DeleteDC(hMemDC); - DeleteDC(hScrDC); -} -#endif + ret = entropy >= ENTROPY_NEEDED; + + if (!do_not_lock) + { + /* before unlocking, we must clear 'crypto_lock_rand' */ + crypto_lock_rand = 0; + + CRYPTO_w_unlock(CRYPTO_LOCK_RAND); + } + + return ret; + } diff --git a/src/lib/libcrypto/rand/rand_egd.c b/src/lib/libcrypto/rand/rand_egd.c index d834408bd4..97ed12cf67 100644 --- a/src/lib/libcrypto/rand/rand_egd.c +++ b/src/lib/libcrypto/rand/rand_egd.c @@ -1,5 +1,5 @@ /* crypto/rand/rand_egd.c */ -/* Written by Ulf Moeller for the OpenSSL project. */ +/* Written by Ulf Moeller and Lutz Jaenicke for the OpenSSL project. */ /* ==================================================================== * Copyright (c) 1998-2000 The OpenSSL Project. All rights reserved. * @@ -54,35 +54,92 @@ * */ +#include #include -/* Query the EGD . +/* + * Query the EGD . + * + * This module supplies three routines: + * + * RAND_query_egd_bytes(path, buf, bytes) + * will actually query "bytes" bytes of entropy form the egd-socket located + * at path and will write them to buf (if supplied) or will directly feed + * it to RAND_seed() if buf==NULL. + * The number of bytes is not limited by the maximum chunk size of EGD, + * which is 255 bytes. If more than 255 bytes are wanted, several chunks + * of entropy bytes are requested. The connection is left open until the + * query is competed. + * RAND_query_egd_bytes() returns with + * -1 if an error occured during connection or communication. + * num the number of bytes read from the EGD socket. This number is either + * the number of bytes requested or smaller, if the EGD pool is + * drained and the daemon signals that the pool is empty. + * This routine does not touch any RAND_status(). This is necessary, since + * PRNG functions may call it during initialization. + * + * RAND_egd_bytes(path, bytes) will query "bytes" bytes and have them + * used to seed the PRNG. + * RAND_egd_bytes() is a wrapper for RAND_query_egd_bytes() with buf=NULL. + * Unlike RAND_query_egd_bytes(), RAND_status() is used to test the + * seed status so that the return value can reflect the seed state: + * -1 if an error occured during connection or communication _or_ + * if the PRNG has still not received the required seeding. + * num the number of bytes read from the EGD socket. This number is either + * the number of bytes requested or smaller, if the EGD pool is + * drained and the daemon signals that the pool is empty. + * + * RAND_egd(path) will query 255 bytes and use the bytes retreived to seed + * the PRNG. + * RAND_egd() is a wrapper for RAND_egd_bytes() with numbytes=255. */ -#if defined(WIN32) || defined(VMS) || defined(__VMS) +#if defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_VMS) +int RAND_query_egd_bytes(const char *path, unsigned char *buf, int bytes) + { + return(-1); + } int RAND_egd(const char *path) { return(-1); } + +int RAND_egd_bytes(const char *path,int bytes) + { + return(-1); + } #else #include #include OPENSSL_UNISTD #include #include -#include +#ifndef NO_SYS_UN_H +# ifdef OPENSSL_SYS_VSWORKS +# include +# else +# include +# endif +#else +struct sockaddr_un { + short sun_family; /* AF_UNIX */ + char sun_path[108]; /* path name (gag) */ +}; +#endif /* NO_SYS_UN_H */ #include +#include #ifndef offsetof # define offsetof(TYPE, MEMBER) ((size_t) &((TYPE *)0)->MEMBER) #endif -int RAND_egd(const char *path) +int RAND_query_egd_bytes(const char *path, unsigned char *buf, int bytes) { - int ret = -1; + int ret = 0; struct sockaddr_un addr; - int len, num; + int len, num, numbytes; int fd = -1; - unsigned char buf[256]; + int success; + unsigned char egdbuf[2], tempbuf[255], *retrievebuf; memset(&addr, 0, sizeof(addr)); addr.sun_family = AF_UNIX; @@ -92,19 +149,150 @@ int RAND_egd(const char *path) len = offsetof(struct sockaddr_un, sun_path) + strlen(path); fd = socket(AF_UNIX, SOCK_STREAM, 0); if (fd == -1) return (-1); - if (connect(fd, (struct sockaddr *)&addr, len) == -1) goto err; - buf[0] = 1; - buf[1] = 255; - write(fd, buf, 2); - if (read(fd, buf, 1) != 1) goto err; - if (buf[0] == 0) goto err; - num = read(fd, buf, 255); + success = 0; + while (!success) + { + if (connect(fd, (struct sockaddr *)&addr, len) == 0) + success = 1; + else + { + switch (errno) + { +#ifdef EINTR + case EINTR: +#endif +#ifdef EAGAIN + case EAGAIN: +#endif +#ifdef EINPROGRESS + case EINPROGRESS: +#endif +#ifdef EALREADY + case EALREADY: +#endif + /* No error, try again */ + break; +#ifdef EISCONN + case EISCONN: + success = 1; + break; +#endif + default: + goto err; /* failure */ + } + } + } + + while(bytes > 0) + { + egdbuf[0] = 1; + egdbuf[1] = bytes < 255 ? bytes : 255; + numbytes = 0; + while (numbytes != 2) + { + num = write(fd, egdbuf + numbytes, 2 - numbytes); + if (num >= 0) + numbytes += num; + else + { + switch (errno) + { +#ifdef EINTR + case EINTR: +#endif +#ifdef EAGAIN + case EAGAIN: +#endif + /* No error, try again */ + break; + default: + ret = -1; + goto err; /* failure */ + } + } + } + numbytes = 0; + while (numbytes != 1) + { + num = read(fd, egdbuf, 1); + if (num >= 0) + numbytes += num; + else + { + switch (errno) + { +#ifdef EINTR + case EINTR: +#endif +#ifdef EAGAIN + case EAGAIN: +#endif + /* No error, try again */ + break; + default: + ret = -1; + goto err; /* failure */ + } + } + } + if(egdbuf[0] == 0) + goto err; + if (buf) + retrievebuf = buf + ret; + else + retrievebuf = tempbuf; + numbytes = 0; + while (numbytes != egdbuf[0]) + { + num = read(fd, retrievebuf + numbytes, egdbuf[0] - numbytes); + if (num >= 0) + numbytes += num; + else + { + switch (errno) + { +#ifdef EINTR + case EINTR: +#endif +#ifdef EAGAIN + case EAGAIN: +#endif + /* No error, try again */ + break; + default: + ret = -1; + goto err; /* failure */ + } + } + } + ret += egdbuf[0]; + bytes -= egdbuf[0]; + if (!buf) + RAND_seed(tempbuf, egdbuf[0]); + } + err: + if (fd != -1) close(fd); + return(ret); + } + + +int RAND_egd_bytes(const char *path, int bytes) + { + int num, ret = 0; + + num = RAND_query_egd_bytes(path, NULL, bytes); if (num < 1) goto err; - RAND_seed(buf, num); if (RAND_status() == 1) - ret = num; + ret = num; err: - if (fd != -1) close(fd); return(ret); } + + +int RAND_egd(const char *path) + { + return (RAND_egd_bytes(path, 255)); + } + + #endif diff --git a/src/lib/libcrypto/rand/rand_lcl.h b/src/lib/libcrypto/rand/rand_lcl.h index 120e9366d2..618a8ec899 100644 --- a/src/lib/libcrypto/rand/rand_lcl.h +++ b/src/lib/libcrypto/rand/rand_lcl.h @@ -1,4 +1,4 @@ -/* crypto/rand/md_rand.c */ +/* crypto/rand/rand_lcl.h */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -112,72 +112,46 @@ #ifndef HEADER_RAND_LCL_H #define HEADER_RAND_LCL_H -#define ENTROPY_NEEDED 20 /* require 160 bits = 20 bytes of randomness */ +#define ENTROPY_NEEDED 32 /* require 256 bits = 32 bytes of randomness */ #if !defined(USE_MD5_RAND) && !defined(USE_SHA1_RAND) && !defined(USE_MDC2_RAND) && !defined(USE_MD2_RAND) -#if !defined(NO_SHA) && !defined(NO_SHA1) +#if !defined(OPENSSL_NO_SHA) && !defined(OPENSSL_NO_SHA1) #define USE_SHA1_RAND -#elif !defined(NO_MD5) +#elif !defined(OPENSSL_NO_MD5) #define USE_MD5_RAND -#elif !defined(NO_MDC2) && !defined(NO_DES) +#elif !defined(OPENSSL_NO_MDC2) && !defined(OPENSSL_NO_DES) #define USE_MDC2_RAND -#elif !defined(NO_MD2) +#elif !defined(OPENSSL_NO_MD2) #define USE_MD2_RAND #else #error No message digest algorithm available #endif #endif +#include +#define MD_Update(a,b,c) EVP_DigestUpdate(a,b,c) +#define MD_Final(a,b) EVP_DigestFinal_ex(a,b,NULL) #if defined(USE_MD5_RAND) #include #define MD_DIGEST_LENGTH MD5_DIGEST_LENGTH -#define MD(a,b,c) MD5(a,b,c) +#define MD_Init(a) EVP_DigestInit_ex(a,EVP_md5(), NULL) +#define MD(a,b,c) EVP_Digest(a,b,c,NULL,EVP_md5(), NULL) #elif defined(USE_SHA1_RAND) #include #define MD_DIGEST_LENGTH SHA_DIGEST_LENGTH -#define MD(a,b,c) SHA1(a,b,c) +#define MD_Init(a) EVP_DigestInit_ex(a,EVP_sha1(), NULL) +#define MD(a,b,c) EVP_Digest(a,b,c,NULL,EVP_sha1(), NULL) #elif defined(USE_MDC2_RAND) #include #define MD_DIGEST_LENGTH MDC2_DIGEST_LENGTH -#define MD(a,b,c) MDC2(a,b,c) +#define MD_Init(a) EVP_DigestInit_ex(a,EVP_mdc2(), NULL) +#define MD(a,b,c) EVP_Digest(a,b,c,NULL,EVP_mdc2(), NULL) #elif defined(USE_MD2_RAND) #include #define MD_DIGEST_LENGTH MD2_DIGEST_LENGTH -#define MD(a,b,c) MD2(a,b,c) -#endif -#if defined(USE_MD5_RAND) -#include -#define MD_DIGEST_LENGTH MD5_DIGEST_LENGTH -#define MD_CTX MD5_CTX -#define MD_Init(a) MD5_Init(a) -#define MD_Update(a,b,c) MD5_Update(a,b,c) -#define MD_Final(a,b) MD5_Final(a,b) -#define MD(a,b,c) MD5(a,b,c) -#elif defined(USE_SHA1_RAND) -#include -#define MD_DIGEST_LENGTH SHA_DIGEST_LENGTH -#define MD_CTX SHA_CTX -#define MD_Init(a) SHA1_Init(a) -#define MD_Update(a,b,c) SHA1_Update(a,b,c) -#define MD_Final(a,b) SHA1_Final(a,b) -#define MD(a,b,c) SHA1(a,b,c) -#elif defined(USE_MDC2_RAND) -#include -#define MD_DIGEST_LENGTH MDC2_DIGEST_LENGTH -#define MD_CTX MDC2_CTX -#define MD_Init(a) MDC2_Init(a) -#define MD_Update(a,b,c) MDC2_Update(a,b,c) -#define MD_Final(a,b) MDC2_Final(a,b) -#define MD(a,b,c) MDC2(a,b,c) -#elif defined(USE_MD2_RAND) -#include -#define MD_DIGEST_LENGTH MD2_DIGEST_LENGTH -#define MD_CTX MD2_CTX -#define MD_Init(a) MD2_Init(a) -#define MD_Update(a,b,c) MD2_Update(a,b,c) -#define MD_Final(a,b) MD2_Final(a,b) -#define MD(a,b,c) MD2(a,b,c) +#define MD_Init(a) EVP_DigestInit_ex(a,EVP_md2(), NULL) +#define MD(a,b,c) EVP_Digest(a,b,c,NULL,EVP_md2(), NULL) #endif diff --git a/src/lib/libcrypto/rand/rand_unix.c b/src/lib/libcrypto/rand/rand_unix.c index 0b29235130..5a78009e9a 100644 --- a/src/lib/libcrypto/rand/rand_unix.c +++ b/src/lib/libcrypto/rand/rand_unix.c @@ -122,43 +122,6 @@ #include #include -#ifdef __OpenBSD__ -#undef DEVRANDOM -#define DEVRANDOM "/dev/arandom" -int RAND_poll(void) -{ - unsigned long l; - pid_t curr_pid = getpid(); - FILE *fh; - - /* Use a random entropy pool device. Linux, FreeBSD and OpenBSD - * have this. Use /dev/urandom if you can as /dev/random may block - * if it runs out of random entries. */ - - if ((fh = fopen(DEVRANDOM, "r")) != NULL) - { - unsigned char tmpbuf[ENTROPY_NEEDED]; - int n; - - setvbuf(fh, NULL, _IONBF, 0); - n=fread((unsigned char *)tmpbuf,1,ENTROPY_NEEDED,fh); - fclose(fh); - RAND_add(tmpbuf,sizeof tmpbuf,n); - memset(tmpbuf,0,n); - } - - /* put in some default random data, we need more than just this */ - l=curr_pid; - RAND_add(&l,sizeof(l),0); - l=getuid(); - RAND_add(&l,sizeof(l),0); - - l=time(NULL); - RAND_add(&l,sizeof(l),0); - - return 1; -} -#else int RAND_poll(void) { unsigned long l; @@ -271,4 +234,3 @@ int RAND_poll(void) } #endif -#endif diff --git a/src/lib/libcrypto/rand/rand_win.c b/src/lib/libcrypto/rand/rand_win.c index 9f2dcff9a9..c1b955b06f 100644 --- a/src/lib/libcrypto/rand/rand_win.c +++ b/src/lib/libcrypto/rand/rand_win.c @@ -113,7 +113,7 @@ #include #include "rand_lcl.h" -#if defined(WINDOWS) || defined(WIN32) +#if defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_WIN32) #include #ifndef _WIN32_WINNT # define _WIN32_WINNT 0x0400 @@ -254,6 +254,10 @@ int RAND_poll(void) * at random times on Windows 2000. Reported by Jeffrey Altman. * Only use it on NT. */ + /* Wolfgang Marczy reports that + * the RegQueryValueEx call below can hang on NT4.0 (SP6). + * So we don't use this at all for now. */ +#if 0 if ( osverinfo.dwPlatformId == VER_PLATFORM_WIN32_NT && osverinfo.dwMajorVersion < 5) { @@ -290,6 +294,7 @@ int RAND_poll(void) if (buf) free(buf); } +#endif if (advapi) { @@ -310,8 +315,8 @@ int RAND_poll(void) { if (gen(hProvider, sizeof(buf), buf) != 0) { - RAND_add(buf, sizeof(buf), sizeof(buf)); -#ifdef DEBUG + RAND_add(buf, sizeof(buf), 0); +#if 0 printf("randomness from PROV_RSA_FULL\n"); #endif } @@ -324,7 +329,7 @@ int RAND_poll(void) if (gen(hProvider, sizeof(buf), buf) != 0) { RAND_add(buf, sizeof(buf), sizeof(buf)); -#ifdef DEBUG +#if 0 printf("randomness from PROV_INTEL_SEC\n"); #endif } @@ -461,7 +466,7 @@ int RAND_poll(void) hlist.th32ProcessID, hlist.th32HeapID)) { - int entrycnt = 50; + int entrycnt = 80; do RAND_add(&hentry, hentry.dwSize, 5); @@ -510,7 +515,7 @@ int RAND_poll(void) FreeLibrary(kernel); } -#ifdef DEBUG +#if 0 printf("Exiting RAND_poll\n"); #endif @@ -570,14 +575,15 @@ static void readtimer(void) DWORD w; LARGE_INTEGER l; static int have_perfc = 1; -#ifndef __GNUC__ +#ifdef _MSC_VER static int have_tsc = 1; DWORD cyclecount; if (have_tsc) { __try { __asm { - rdtsc + _emit 0x0f + _emit 0x31 mov cyclecount, eax } RAND_add(&cyclecount, sizeof(cyclecount), 1); @@ -684,49 +690,4 @@ static void readscreen(void) DeleteDC(hScrDC); } -#else /* Unix version */ - -#include - -int RAND_poll(void) -{ - unsigned long l; - pid_t curr_pid = getpid(); -#ifdef DEVRANDOM - FILE *fh; -#endif - -#ifdef DEVRANDOM - /* Use a random entropy pool device. Linux, FreeBSD and OpenBSD - * have this. Use /dev/urandom if you can as /dev/random may block - * if it runs out of random entries. */ - - if ((fh = fopen(DEVRANDOM, "r")) != NULL) - { - unsigned char tmpbuf[ENTROPY_NEEDED]; - int n; - - setvbuf(fh, NULL, _IONBF, 0); - n=fread((unsigned char *)tmpbuf,1,ENTROPY_NEEDED,fh); - fclose(fh); - RAND_add(tmpbuf,sizeof tmpbuf,n); - memset(tmpbuf,0,n); - } -#endif - - /* put in some default random data, we need more than just this */ - l=curr_pid; - RAND_add(&l,sizeof(l),0); - l=getuid(); - RAND_add(&l,sizeof(l),0); - - l=time(NULL); - RAND_add(&l,sizeof(l),0); - -#ifdef DEVRANDOM - return 1; -#endif - return 0; -} - #endif diff --git a/src/lib/libcrypto/rand/randtest.c b/src/lib/libcrypto/rand/randtest.c index e0ba61e123..b64de616db 100644 --- a/src/lib/libcrypto/rand/randtest.c +++ b/src/lib/libcrypto/rand/randtest.c @@ -58,7 +58,7 @@ #include #include -#include "rand.h" +#include /* some FIPS 140-1 random number test */ /* some simple tests */ @@ -73,7 +73,13 @@ int main() /*double d; */ long d; - RAND_bytes(buf,2500); + i = RAND_pseudo_bytes(buf,2500); + if (i < 0) + { + printf ("init failed, the rand method is not properly installed\n"); + err++; + goto err; + } n1=0; for (i=0; i<16; i++) n2[i]=0; @@ -117,7 +123,7 @@ int main() /* test 1 */ if (!((9654 < n1) && (n1 < 10346))) { - printf("test 1 failed, X=%ld\n",n1); + printf("test 1 failed, X=%lu\n",n1); err++; } printf("test 1 done\n"); @@ -150,37 +156,37 @@ int main() { if (!((2267 < runs[i][0]) && (runs[i][0] < 2733))) { - printf("test 3 failed, bit=%d run=%d num=%ld\n", + printf("test 3 failed, bit=%d run=%d num=%lu\n", i,1,runs[i][0]); err++; } if (!((1079 < runs[i][1]) && (runs[i][1] < 1421))) { - printf("test 3 failed, bit=%d run=%d num=%ld\n", + printf("test 3 failed, bit=%d run=%d num=%lu\n", i,2,runs[i][1]); err++; } if (!(( 502 < runs[i][2]) && (runs[i][2] < 748))) { - printf("test 3 failed, bit=%d run=%d num=%ld\n", + printf("test 3 failed, bit=%d run=%d num=%lu\n", i,3,runs[i][2]); err++; } if (!(( 223 < runs[i][3]) && (runs[i][3] < 402))) { - printf("test 3 failed, bit=%d run=%d num=%ld\n", + printf("test 3 failed, bit=%d run=%d num=%lu\n", i,4,runs[i][3]); err++; } if (!(( 90 < runs[i][4]) && (runs[i][4] < 223))) { - printf("test 3 failed, bit=%d run=%d num=%ld\n", + printf("test 3 failed, bit=%d run=%d num=%lu\n", i,5,runs[i][4]); err++; } if (!(( 90 < runs[i][5]) && (runs[i][5] < 223))) { - printf("test 3 failed, bit=%d run=%d num=%ld\n", + printf("test 3 failed, bit=%d run=%d num=%lu\n", i,6,runs[i][5]); err++; } @@ -190,17 +196,18 @@ int main() /* test 4 */ if (runs[0][33] != 0) { - printf("test 4 failed, bit=%d run=%d num=%ld\n", + printf("test 4 failed, bit=%d run=%d num=%lu\n", 0,34,runs[0][33]); err++; } if (runs[1][33] != 0) { - printf("test 4 failed, bit=%d run=%d num=%ld\n", + printf("test 4 failed, bit=%d run=%d num=%lu\n", 1,34,runs[1][33]); err++; } printf("test 4 done\n"); + err: err=((err)?1:0); exit(err); return(err); diff --git a/src/lib/libcrypto/rc2/rc2speed.c b/src/lib/libcrypto/rc2/rc2speed.c index 6cd8ea8f27..47d34b444e 100644 --- a/src/lib/libcrypto/rc2/rc2speed.c +++ b/src/lib/libcrypto/rc2/rc2speed.c @@ -59,19 +59,17 @@ /* 11-Sep-92 Andrew Daviel Support for Silicon Graphics IRIX added */ /* 06-Apr-92 Luke Brennan Support for VMS and add extra signal calls */ -#ifndef MSDOS +#if !defined(OPENSSL_SYS_MSDOS) && (!defined(OPENSSL_SYS_VMS) || defined(__DECC)) && !defined(OPENSSL_SYS_MACOSX) #define TIMES #endif #include -#ifndef MSDOS -#include -#else -#include -extern int exit(); -#endif + +#include +#include OPENSSL_UNISTD_IO +OPENSSL_DECLARE_EXIT + #include -#ifndef VMS #ifndef _IRIX #include #endif @@ -79,48 +77,40 @@ extern int exit(); #include #include #endif -#else /* VMS */ -#include -struct tms { - time_t tms_utime; - time_t tms_stime; - time_t tms_uchild; /* I dunno... */ - time_t tms_uchildsys; /* so these names are a guess :-) */ - } + +/* Depending on the VMS version, the tms structure is perhaps defined. + The __TMS macro will show if it was. If it wasn't defined, we should + undefine TIMES, since that tells the rest of the program how things + should be handled. -- Richard Levitte */ +#if defined(OPENSSL_SYS_VMS_DECC) && !defined(__TMS) +#undef TIMES #endif + #ifndef TIMES #include #endif -#ifdef sun +#if defined(sun) || defined(__ultrix) +#define _POSIX_SOURCE #include #include #endif -#include "rc2.h" +#include /* The following if from times(3) man page. It may need to be changed */ #ifndef HZ #ifndef CLK_TCK -#ifndef VMS -#define HZ 100.0 -#else /* VMS */ #define HZ 100.0 #endif #else /* CLK_TCK */ #define HZ ((double)CLK_TCK) #endif -#endif #define BUFSIZE ((long)1024) long run=0; -#ifndef NOPROTO double Time_F(int s); -#else -double Time_F(); -#endif - #ifdef SIGALRM #if defined(__STDC__) || defined(sgi) || defined(_AIX) #define SIGRETTYPE void @@ -128,14 +118,8 @@ double Time_F(); #define SIGRETTYPE int #endif -#ifndef NOPROTO SIGRETTYPE sig_done(int sig); -#else -SIGRETTYPE sig_done(); -#endif - -SIGRETTYPE sig_done(sig) -int sig; +SIGRETTYPE sig_done(int sig) { signal(SIGALRM,sig_done); run=0; @@ -148,8 +132,7 @@ int sig; #define START 0 #define STOP 1 -double Time_F(s) -int s; +double Time_F(int s) { double ret; #ifdef TIMES @@ -185,9 +168,7 @@ int s; #endif } -int main(argc,argv) -int argc; -char **argv; +int main(int argc, char **argv) { long count; static unsigned char buf[BUFSIZE]; @@ -202,7 +183,7 @@ char **argv; #endif #ifndef TIMES - printf("To get the most acurate results, try to run this\n"); + printf("To get the most accurate results, try to run this\n"); printf("program when this computer is idle.\n"); #endif @@ -287,7 +268,7 @@ char **argv; printf("RC2 raw ecb bytes per sec = %12.2f (%9.3fuS)\n",b,8.0e6/b); printf("RC2 cbc bytes per sec = %12.2f (%9.3fuS)\n",c,8.0e6/c); exit(0); -#if defined(LINT) || defined(MSDOS) +#if defined(LINT) || defined(OPENSSL_SYS_MSDOS) return(0); #endif } diff --git a/src/lib/libcrypto/rc2/rc2test.c b/src/lib/libcrypto/rc2/rc2test.c index 9d0f8016ec..d9a2a0a1cb 100644 --- a/src/lib/libcrypto/rc2/rc2test.c +++ b/src/lib/libcrypto/rc2/rc2test.c @@ -62,9 +62,17 @@ #include #include #include -#include "rc2.h" -unsigned char RC2key[4][16]={ +#ifdef OPENSSL_NO_RC2 +int main(int argc, char *argv[]) +{ + printf("No RC2 support\n"); + return(0); +} +#else +#include + +static unsigned char RC2key[4][16]={ {0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00}, {0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, @@ -75,14 +83,14 @@ unsigned char RC2key[4][16]={ 0x08,0x09,0x0A,0x0B,0x0C,0x0D,0x0E,0x0F}, }; -unsigned char RC2plain[4][8]={ +static unsigned char RC2plain[4][8]={ {0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00}, {0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00}, {0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF}, {0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00}, }; -unsigned char RC2cipher[4][8]={ +static unsigned char RC2cipher[4][8]={ {0x1C,0x19,0x8A,0x83,0x8D,0xF0,0x28,0xB7}, {0x21,0x82,0x9C,0x78,0xA9,0xF9,0xC0,0x74}, {0x13,0xDB,0x35,0x17,0xD3,0x21,0x86,0x9E}, @@ -125,19 +133,11 @@ static unsigned char cfb_cipher64[CFB_TEST_SIZE]={ }; -#ifndef NOPROTO /*static int cfb64_test(unsigned char *cfb_cipher);*/ static char *pt(unsigned char *p); -#else -/*static int cfb64_test(); */ -static char *pt(); #endif -#endif - -int main(argc,argv) -int argc; -char *argv[]; +int main(int argc, char *argv[]) { int i,n,err=0; RC2_KEY key; @@ -208,8 +208,7 @@ char *argv[]; } #ifdef undef -static int cfb64_test(cfb_cipher) -unsigned char *cfb_cipher; +static int cfb64_test(unsigned char *cfb_cipher) { IDEA_KEY_SCHEDULE eks,dks; int err=0,i,n; @@ -247,8 +246,7 @@ unsigned char *cfb_cipher; return(err); } -static char *pt(p) -unsigned char *p; +static char *pt(unsigned char *p) { static char bufs[10][20]; static int bnum=0; @@ -268,3 +266,4 @@ unsigned char *p; } #endif +#endif diff --git a/src/lib/libcrypto/rc4/rc4.c b/src/lib/libcrypto/rc4/rc4.c index 127e8a5093..c2165b0b75 100644 --- a/src/lib/libcrypto/rc4/rc4.c +++ b/src/lib/libcrypto/rc4/rc4.c @@ -59,7 +59,7 @@ #include #include #include -#include "rc4.h" +#include char *usage[]={ "usage: rc4 args\n", @@ -70,9 +70,7 @@ char *usage[]={ NULL }; -int main(argc, argv) -int argc; -char *argv[]; +int main(int argc, char *argv[]) { FILE *in=NULL,*out=NULL; char *infile=NULL,*outfile=NULL,*keystr=NULL; @@ -115,7 +113,7 @@ char *argv[]; { bad: for (pp=usage; (*pp != NULL); pp++) - fprintf(stderr,*pp); + fprintf(stderr,"%s",*pp); exit(1); } @@ -143,7 +141,7 @@ bad: } } -#ifdef MSDOS +#ifdef OPENSSL_SYS_MSDOS /* This should set the file to binary mode. */ { #include @@ -164,7 +162,7 @@ bad: keystr=buf; } - MD5((unsigned char *)keystr,(unsigned long)strlen(keystr),md); + EVP_Digest((unsigned char *)keystr,(unsigned long)strlen(keystr),md,NULL,EVP_md5()); memset(keystr,0,strlen(keystr)); RC4_set_key(&key,MD5_DIGEST_LENGTH,md); diff --git a/src/lib/libcrypto/rc4/rc4s.cpp b/src/lib/libcrypto/rc4/rc4s.cpp index 39f1727dd3..3814fde997 100644 --- a/src/lib/libcrypto/rc4/rc4s.cpp +++ b/src/lib/libcrypto/rc4/rc4s.cpp @@ -32,7 +32,7 @@ void GetTSC(unsigned long& tsc) #include #include -#include "rc4.h" +#include void main(int argc,char *argv[]) { diff --git a/src/lib/libcrypto/rc4/rc4speed.c b/src/lib/libcrypto/rc4/rc4speed.c index 5298dad6d0..ced98c52df 100644 --- a/src/lib/libcrypto/rc4/rc4speed.c +++ b/src/lib/libcrypto/rc4/rc4speed.c @@ -59,19 +59,17 @@ /* 11-Sep-92 Andrew Daviel Support for Silicon Graphics IRIX added */ /* 06-Apr-92 Luke Brennan Support for VMS and add extra signal calls */ -#ifndef MSDOS +#if !defined(OPENSSL_SYS_MSDOS) && (!defined(OPENSSL_SYS_VMS) || defined(__DECC)) && !defined(OPENSSL_SYS_MACOSX) #define TIMES #endif #include -#ifndef MSDOS -#include -#else -#include -extern int exit(); -#endif + +#include +#include OPENSSL_UNISTD_IO +OPENSSL_DECLARE_EXIT + #include -#ifndef VMS #ifndef _IRIX #include #endif @@ -79,34 +77,31 @@ extern int exit(); #include #include #endif -#else /* VMS */ -#include -struct tms { - time_t tms_utime; - time_t tms_stime; - time_t tms_uchild; /* I dunno... */ - time_t tms_uchildsys; /* so these names are a guess :-) */ - } + +/* Depending on the VMS version, the tms structure is perhaps defined. + The __TMS macro will show if it was. If it wasn't defined, we should + undefine TIMES, since that tells the rest of the program how things + should be handled. -- Richard Levitte */ +#if defined(OPENSSL_SYS_VMS_DECC) && !defined(__TMS) +#undef TIMES #endif + #ifndef TIMES #include #endif -#ifdef sun +#if defined(sun) || defined(__ultrix) +#define _POSIX_SOURCE #include #include #endif -#include "rc4.h" +#include /* The following if from times(3) man page. It may need to be changed */ #ifndef HZ #ifndef CLK_TCK -#ifndef VMS -#define HZ 100.0 -#else /* VMS */ #define HZ 100.0 -#endif #else /* CLK_TCK */ #define HZ ((double)CLK_TCK) #endif @@ -115,12 +110,7 @@ struct tms { #define BUFSIZE ((long)1024) long run=0; -#ifndef NOPROTO double Time_F(int s); -#else -double Time_F(); -#endif - #ifdef SIGALRM #if defined(__STDC__) || defined(sgi) || defined(_AIX) #define SIGRETTYPE void @@ -128,14 +118,8 @@ double Time_F(); #define SIGRETTYPE int #endif -#ifndef NOPROTO SIGRETTYPE sig_done(int sig); -#else -SIGRETTYPE sig_done(); -#endif - -SIGRETTYPE sig_done(sig) -int sig; +SIGRETTYPE sig_done(int sig) { signal(SIGALRM,sig_done); run=0; @@ -148,8 +132,7 @@ int sig; #define START 0 #define STOP 1 -double Time_F(s) -int s; +double Time_F(int s) { double ret; #ifdef TIMES @@ -185,9 +168,7 @@ int s; #endif } -int main(argc,argv) -int argc; -char **argv; +int main(int argc, char **argv) { long count; static unsigned char buf[BUFSIZE]; @@ -202,7 +183,7 @@ char **argv; #endif #ifndef TIMES - printf("To get the most acurate results, try to run this\n"); + printf("To get the most accurate results, try to run this\n"); printf("program when this computer is idle.\n"); #endif @@ -262,7 +243,7 @@ char **argv; printf("RC4 set_key per sec = %12.2f (%9.3fuS)\n",a,1.0e6/a); printf("RC4 bytes per sec = %12.2f (%9.3fuS)\n",c,8.0e6/c); exit(0); -#if defined(LINT) || defined(MSDOS) +#if defined(LINT) || defined(OPENSSL_SYS_MSDOS) return(0); #endif } diff --git a/src/lib/libcrypto/rc4/rc4test.c b/src/lib/libcrypto/rc4/rc4test.c index 041e1aff95..a28d457c8d 100644 --- a/src/lib/libcrypto/rc4/rc4test.c +++ b/src/lib/libcrypto/rc4/rc4test.c @@ -59,9 +59,17 @@ #include #include #include -#include "rc4.h" -unsigned char keys[7][30]={ +#ifdef OPENSSL_NO_RC4 +int main(int argc, char *argv[]) +{ + printf("No RC4 support\n"); + return(0); +} +#else +#include + +static unsigned char keys[7][30]={ {8,0x01,0x23,0x45,0x67,0x89,0xab,0xcd,0xef}, {8,0x01,0x23,0x45,0x67,0x89,0xab,0xcd,0xef}, {8,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00}, @@ -70,8 +78,8 @@ unsigned char keys[7][30]={ {4,0xef,0x01,0x23,0x45}, }; -unsigned char data_len[7]={8,8,8,20,28,10}; -unsigned char data[7][30]={ +static unsigned char data_len[7]={8,8,8,20,28,10}; +static unsigned char data[7][30]={ {0x01,0x23,0x45,0x67,0x89,0xab,0xcd,0xef,0xff}, {0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0xff}, {0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0xff}, @@ -86,7 +94,7 @@ unsigned char data[7][30]={ {0}, }; -unsigned char output[7][30]={ +static unsigned char output[7][30]={ {0x75,0xb7,0x87,0x80,0x99,0xe0,0xc5,0x96,0x00}, {0x74,0x94,0xc2,0xe7,0x10,0x4b,0x08,0x79,0x00}, {0xde,0x18,0x89,0x41,0xa3,0x37,0x5d,0x3a,0x00}, @@ -101,9 +109,7 @@ unsigned char output[7][30]={ {0}, }; -int main(argc,argv) -int argc; -char *argv[]; +int main(int argc, char *argv[]) { int i,err=0; int j; @@ -192,4 +198,4 @@ char *argv[]; exit(err); return(0); } - +#endif diff --git a/src/lib/libcrypto/rc5/rc5.h b/src/lib/libcrypto/rc5/rc5.h index 5fd64e3f10..4adfd2db5a 100644 --- a/src/lib/libcrypto/rc5/rc5.h +++ b/src/lib/libcrypto/rc5/rc5.h @@ -63,6 +63,10 @@ extern "C" { #endif +#ifdef OPENSSL_NO_RC5 +#error RC5 is disabled. +#endif + #define RC5_ENCRYPT 1 #define RC5_DECRYPT 0 @@ -88,32 +92,22 @@ typedef struct rc5_key_st RC5_32_INT data[2*(RC5_16_ROUNDS+1)]; } RC5_32_KEY; -#ifndef NOPROTO -void RC5_32_set_key(RC5_32_KEY *key, int len, unsigned char *data, +void RC5_32_set_key(RC5_32_KEY *key, int len, const unsigned char *data, int rounds); -void RC5_32_ecb_encrypt(unsigned char *in,unsigned char *out,RC5_32_KEY *key, +void RC5_32_ecb_encrypt(const unsigned char *in,unsigned char *out,RC5_32_KEY *key, int enc); void RC5_32_encrypt(unsigned long *data,RC5_32_KEY *key); void RC5_32_decrypt(unsigned long *data,RC5_32_KEY *key); -void RC5_32_cbc_encrypt(unsigned char *in, unsigned char *out, long length, - RC5_32_KEY *ks, unsigned char *iv, int enc); -void RC5_32_cfb64_encrypt(unsigned char *in, unsigned char *out, long length, - RC5_32_KEY *schedule, unsigned char *ivec, int *num, int enc); -void RC5_32_ofb64_encrypt(unsigned char *in, unsigned char *out, long length, - RC5_32_KEY *schedule, unsigned char *ivec, int *num); - -#else - -void RC5_32_set_key(); -void RC5_32_ecb_encrypt(); -void RC5_32_encrypt(); -void RC5_32_decrypt(); -void RC5_32_cbc_encrypt(); -void RC5_32_cfb64_encrypt(); -void RC5_32_ofb64_encrypt(); - -#endif +void RC5_32_cbc_encrypt(const unsigned char *in, unsigned char *out, + long length, RC5_32_KEY *ks, unsigned char *iv, + int enc); +void RC5_32_cfb64_encrypt(const unsigned char *in, unsigned char *out, + long length, RC5_32_KEY *schedule, + unsigned char *ivec, int *num, int enc); +void RC5_32_ofb64_encrypt(const unsigned char *in, unsigned char *out, + long length, RC5_32_KEY *schedule, + unsigned char *ivec, int *num); #ifdef __cplusplus } diff --git a/src/lib/libcrypto/ripemd/asm/rips.cpp b/src/lib/libcrypto/ripemd/asm/rips.cpp index 78a933c448..f7a13677a9 100644 --- a/src/lib/libcrypto/ripemd/asm/rips.cpp +++ b/src/lib/libcrypto/ripemd/asm/rips.cpp @@ -32,7 +32,9 @@ void GetTSC(unsigned long& tsc) #include #include -#include "ripemd.h" +#include + +#define ripemd160_block_x86 ripemd160_block_asm_host_order extern "C" { void ripemd160_block_x86(RIPEMD160_CTX *ctx, unsigned char *buffer,int num); @@ -55,8 +57,10 @@ void main(int argc,char *argv[]) if (num == 0) num=16; if (num > 250) num=16; numm=num+2; +#if 0 num*=64; numm*=64; +#endif for (j=0; j<6; j++) { @@ -71,7 +75,7 @@ void main(int argc,char *argv[]) GetTSC(e2); ripemd160_block_x86(&ctx,buffer,num); } - printf("ripemd160 (%d bytes) %d %d (%.2f)\n",num, + printf("ripemd160 (%d bytes) %d %d (%.2f)\n",num*64, e1-s1,e2-s2,(double)((e1-s1)-(e2-s2))/2); } } diff --git a/src/lib/libcrypto/ripemd/rmd160.c b/src/lib/libcrypto/ripemd/rmd160.c index 3fa1b8096e..4f8b88a18a 100644 --- a/src/lib/libcrypto/ripemd/rmd160.c +++ b/src/lib/libcrypto/ripemd/rmd160.c @@ -58,23 +58,17 @@ #include #include -#include "ripemd.h" +#include #define BUFSIZE 1024*16 -#ifndef NOPROTO void do_fp(FILE *f); void pt(unsigned char *md); +#ifndef _OSD_POSIX int read(int, void *, unsigned int); -#else -void do_fp(); -void pt(); -int read(); #endif -int main(argc, argv) -int argc; -char **argv; +int main(int argc, char **argv) { int i,err=0; FILE *IN; @@ -102,8 +96,7 @@ char **argv; exit(err); } -void do_fp(f) -FILE *f; +void do_fp(FILE *f) { RIPEMD160_CTX c; unsigned char md[RIPEMD160_DIGEST_LENGTH]; @@ -123,8 +116,7 @@ FILE *f; pt(md); } -void pt(md) -unsigned char *md; +void pt(unsigned char *md) { int i; diff --git a/src/lib/libcrypto/ripemd/rmdtest.c b/src/lib/libcrypto/ripemd/rmdtest.c index 6a0297f975..19e9741db2 100644 --- a/src/lib/libcrypto/ripemd/rmdtest.c +++ b/src/lib/libcrypto/ripemd/rmdtest.c @@ -59,9 +59,22 @@ #include #include #include -#include "ripemd.h" +#include -char *test[]={ +#ifdef OPENSSL_NO_RIPEMD +int main(int argc, char *argv[]) +{ + printf("No ripemd support\n"); + return(0); +} +#else +#include + +#ifdef CHARSET_EBCDIC +#include +#endif + +static char *test[]={ "", "a", "abc", @@ -73,7 +86,7 @@ char *test[]={ NULL, }; -char *ret[]={ +static char *ret[]={ "9c1185a5c5e9fc54612808977ee8f548b2258d31", "0bdc9d2d256b3ee9daae347be6f4dc835a467ffe", "8eb208f7e05d987a9b044a8e98c6b087f15a0bfc", @@ -84,26 +97,24 @@ char *ret[]={ "9b752e45573d4b39f4dbd3323cab82bf63326bfb", }; -#ifndef NOPROTO static char *pt(unsigned char *md); -#else -static char *pt(); -#endif - -int main(argc,argv) -int argc; -char *argv[]; +int main(int argc, char *argv[]) { int i,err=0; unsigned char **P,**R; char *p; + unsigned char md[RIPEMD160_DIGEST_LENGTH]; P=(unsigned char **)test; R=(unsigned char **)ret; i=1; while (*P != NULL) { - p=pt(RIPEMD160(&(P[0][0]),(unsigned long)strlen((char *)*P),NULL)); +#ifdef CHARSET_EBCDIC + ebcdic2ascii((char *)*P, (char *)*P, strlen((char *)*P)); +#endif + EVP_Digest(&(P[0][0]),(unsigned long)strlen((char *)*P),md,NULL,EVP_ripemd160(), NULL); + p=pt(md); if (strcmp(p,(char *)*R) != 0) { printf("error calculating RIPEMD160 on '%s'\n",*P); @@ -120,8 +131,7 @@ char *argv[]; return(0); } -static char *pt(md) -unsigned char *md; +static char *pt(unsigned char *md) { int i; static char buf[80]; @@ -130,4 +140,4 @@ unsigned char *md; sprintf(&(buf[i*2]),"%02x",md[i]); return(buf); } - +#endif diff --git a/src/lib/libcrypto/rsa/rsa_null.c b/src/lib/libcrypto/rsa/rsa_null.c index 7b58a0eca3..64057fbdcf 100644 --- a/src/lib/libcrypto/rsa/rsa_null.c +++ b/src/lib/libcrypto/rsa/rsa_null.c @@ -69,16 +69,16 @@ * operations (like storing RSA keys) are permitted. */ -static int RSA_null_public_encrypt(int flen, unsigned char *from, +static int RSA_null_public_encrypt(int flen, const unsigned char *from, unsigned char *to, RSA *rsa,int padding); -static int RSA_null_private_encrypt(int flen, unsigned char *from, +static int RSA_null_private_encrypt(int flen, const unsigned char *from, unsigned char *to, RSA *rsa,int padding); -static int RSA_null_public_decrypt(int flen, unsigned char *from, +static int RSA_null_public_decrypt(int flen, const unsigned char *from, unsigned char *to, RSA *rsa,int padding); -static int RSA_null_private_decrypt(int flen, unsigned char *from, +static int RSA_null_private_decrypt(int flen, const unsigned char *from, unsigned char *to, RSA *rsa,int padding); #if 0 /* not currently used */ -static int RSA_null_mod_exp(BIGNUM *r0, BIGNUM *i, RSA *rsa); +static int RSA_null_mod_exp(const BIGNUM *r0, const BIGNUM *i, RSA *rsa); #endif static int RSA_null_init(RSA *rsa); static int RSA_null_finish(RSA *rsa); @@ -88,40 +88,41 @@ static RSA_METHOD rsa_null_meth={ RSA_null_public_decrypt, RSA_null_private_encrypt, RSA_null_private_decrypt, - NULL, NULL, + NULL, + NULL, RSA_null_init, RSA_null_finish, 0, NULL, }; -RSA_METHOD *RSA_null_method(void) +const RSA_METHOD *RSA_null_method(void) { return(&rsa_null_meth); } -static int RSA_null_public_encrypt(int flen, unsigned char *from, +static int RSA_null_public_encrypt(int flen, const unsigned char *from, unsigned char *to, RSA *rsa, int padding) { RSAerr(RSA_F_RSA_NULL, RSA_R_RSA_OPERATIONS_NOT_SUPPORTED); return -1; } -static int RSA_null_private_encrypt(int flen, unsigned char *from, +static int RSA_null_private_encrypt(int flen, const unsigned char *from, unsigned char *to, RSA *rsa, int padding) { RSAerr(RSA_F_RSA_NULL, RSA_R_RSA_OPERATIONS_NOT_SUPPORTED); return -1; } -static int RSA_null_private_decrypt(int flen, unsigned char *from, +static int RSA_null_private_decrypt(int flen, const unsigned char *from, unsigned char *to, RSA *rsa, int padding) { RSAerr(RSA_F_RSA_NULL, RSA_R_RSA_OPERATIONS_NOT_SUPPORTED); return -1; } -static int RSA_null_public_decrypt(int flen, unsigned char *from, +static int RSA_null_public_decrypt(int flen, const unsigned char *from, unsigned char *to, RSA *rsa, int padding) { RSAerr(RSA_F_RSA_NULL, RSA_R_RSA_OPERATIONS_NOT_SUPPORTED); diff --git a/src/lib/libcrypto/rsa/rsa_test.c b/src/lib/libcrypto/rsa/rsa_test.c index e5ae0c1f69..b8b462d33b 100644 --- a/src/lib/libcrypto/rsa/rsa_test.c +++ b/src/lib/libcrypto/rsa/rsa_test.c @@ -3,12 +3,12 @@ #include #include -#include "openssl/e_os.h" +#include "e_os.h" #include #include #include -#ifdef NO_RSA +#ifdef OPENSSL_NO_RSA int main(int argc, char *argv[]) { printf("No RSA support\n"); @@ -16,6 +16,7 @@ int main(int argc, char *argv[]) } #else #include +#include #define SetKey \ key->n = BN_bin2bn(n, sizeof(n)-1, key->n); \ @@ -219,10 +220,12 @@ int main(int argc, char *argv[]) int clen = 0; int num; + CRYPTO_malloc_debug_init(); + CRYPTO_dbg_set_options(V_CRYPTO_MDEBUG_ALL); + CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON); + RAND_seed(rnd_seed, sizeof rnd_seed); /* or OAEP may fail */ - CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON); - plen = sizeof(ptext_ex) - 1; for (v = 0; v < 3; v++) @@ -305,9 +308,10 @@ int main(int argc, char *argv[]) RSA_free(key); } + CRYPTO_cleanup_all_ex_data(); ERR_remove_state(0); - CRYPTO_mem_leaks_fp(stdout); + CRYPTO_mem_leaks_fp(stderr); return err; } diff --git a/src/lib/libcrypto/sha/sha.c b/src/lib/libcrypto/sha/sha.c index 713fec3610..42126551d1 100644 --- a/src/lib/libcrypto/sha/sha.c +++ b/src/lib/libcrypto/sha/sha.c @@ -58,23 +58,14 @@ #include #include -#include "sha.h" +#include #define BUFSIZE 1024*16 -#ifndef NOPROTO void do_fp(FILE *f); void pt(unsigned char *md); int read(int, void *, unsigned int); -#else -void do_fp(); -void pt(); -int read(); -#endif - -int main(argc, argv) -int argc; -char **argv; +int main(int argc, char **argv) { int i,err=0; FILE *IN; @@ -102,8 +93,7 @@ char **argv; exit(err); } -void do_fp(f) -FILE *f; +void do_fp(FILE *f) { SHA_CTX c; unsigned char md[SHA_DIGEST_LENGTH]; @@ -123,8 +113,7 @@ FILE *f; pt(md); } -void pt(md) -unsigned char *md; +void pt(unsigned char *md) { int i; diff --git a/src/lib/libcrypto/sha/sha1.c b/src/lib/libcrypto/sha/sha1.c index a4739ac9fd..d350c88ee4 100644 --- a/src/lib/libcrypto/sha/sha1.c +++ b/src/lib/libcrypto/sha/sha1.c @@ -58,23 +58,17 @@ #include #include -#include "sha.h" +#include #define BUFSIZE 1024*16 -#ifndef NOPROTO void do_fp(FILE *f); void pt(unsigned char *md); +#ifndef _OSD_POSIX int read(int, void *, unsigned int); -#else -void do_fp(); -void pt(); -int read(); #endif -int main(argc, argv) -int argc; -char **argv; +int main(int argc, char **argv) { int i,err=0; FILE *IN; @@ -102,8 +96,7 @@ char **argv; exit(err); } -void do_fp(f) -FILE *f; +void do_fp(FILE *f) { SHA_CTX c; unsigned char md[SHA_DIGEST_LENGTH]; @@ -123,8 +116,7 @@ FILE *f; pt(md); } -void pt(md) -unsigned char *md; +void pt(unsigned char *md) { int i; diff --git a/src/lib/libcrypto/sha/sha1s.cpp b/src/lib/libcrypto/sha/sha1s.cpp index 0163377de6..af23d1e0f2 100644 --- a/src/lib/libcrypto/sha/sha1s.cpp +++ b/src/lib/libcrypto/sha/sha1s.cpp @@ -32,8 +32,9 @@ void GetTSC(unsigned long& tsc) #include #include -#include "sha.h" +#include +#define sha1_block_x86 sha1_block_asm_data_order extern "C" { void sha1_block_x86(SHA_CTX *ctx, unsigned char *buffer,int num); } @@ -55,8 +56,10 @@ void main(int argc,char *argv[]) if (num == 0) num=16; if (num > 250) num=16; numm=num+2; +#if 0 num*=64; numm*=64; +#endif for (j=0; j<6; j++) { @@ -72,7 +75,7 @@ void main(int argc,char *argv[]) sha1_block_x86(&ctx,buffer,num); } - printf("sha1 (%d bytes) %d %d (%.2f)\n",num, + printf("sha1 (%d bytes) %d %d (%.2f)\n",num*64, e1-s1,e2-s2,(double)((e1-s1)-(e2-s2))/2); } } diff --git a/src/lib/libcrypto/sha/sha1test.c b/src/lib/libcrypto/sha/sha1test.c index 3c62a218b4..499a1cf5af 100644 --- a/src/lib/libcrypto/sha/sha1test.c +++ b/src/lib/libcrypto/sha/sha1test.c @@ -59,57 +59,70 @@ #include #include #include -#include "sha.h" + +#ifdef OPENSSL_NO_SHA +int main(int argc, char *argv[]) +{ + printf("No SHA support\n"); + return(0); +} +#else +#include +#include + +#ifdef CHARSET_EBCDIC +#include +#endif #undef SHA_0 /* FIPS 180 */ #define SHA_1 /* FIPS 180-1 */ -char *test[]={ +static char *test[]={ "abc", "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq", NULL, }; #ifdef SHA_0 -char *ret[]={ +static char *ret[]={ "0164b8a914cd2a5e74c4f7ff082c4d97f1edf880", "d2516ee1acfa5baf33dfc1c471e438449ef134c8", }; -char *bigret= +static char *bigret= "3232affa48628a26653b5aaa44541fd90d690603"; #endif #ifdef SHA_1 -char *ret[]={ +static char *ret[]={ "a9993e364706816aba3e25717850c26c9cd0d89d", "84983e441c3bd26ebaae4aa1f95129e5e54670f1", }; -char *bigret= +static char *bigret= "34aa973cd4c4daa4f61eeb2bdbad27316534016f"; #endif -#ifndef NOPROTO static char *pt(unsigned char *md); -#else -static char *pt(); -#endif - -int main(argc,argv) -int argc; -char *argv[]; +int main(int argc, char *argv[]) { int i,err=0; unsigned char **P,**R; static unsigned char buf[1000]; char *p,*r; - SHA_CTX c; + EVP_MD_CTX c; unsigned char md[SHA_DIGEST_LENGTH]; +#ifdef CHARSET_EBCDIC + ebcdic2ascii(test[0], test[0], strlen(test[0])); + ebcdic2ascii(test[1], test[1], strlen(test[1])); +#endif + + EVP_MD_CTX_init(&c); P=(unsigned char **)test; R=(unsigned char **)ret; i=1; while (*P != NULL) { - p=pt(SHA1(*P,(unsigned long)strlen((char *)*P),NULL)); + EVP_Digest(*P,(unsigned long)strlen((char *)*P),md,NULL,EVP_sha1(), NULL); + p=pt(md); if (strcmp(p,(char *)*R) != 0) { printf("error calculating SHA1 on '%s'\n",*P); @@ -124,10 +137,13 @@ char *argv[]; } memset(buf,'a',1000); - SHA1_Init(&c); +#ifdef CHARSET_EBCDIC + ebcdic2ascii(buf, buf, 1000); +#endif /*CHARSET_EBCDIC*/ + EVP_DigestInit_ex(&c,EVP_sha1(), NULL); for (i=0; i<1000; i++) - SHA1_Update(&c,buf,1000); - SHA1_Final(md,&c); + EVP_DigestUpdate(&c,buf,1000); + EVP_DigestFinal_ex(&c,md,NULL); p=pt(md); r=bigret; @@ -140,11 +156,11 @@ char *argv[]; else printf("test 3 ok\n"); exit(err); + EVP_MD_CTX_cleanup(&c); return(0); } -static char *pt(md) -unsigned char *md; +static char *pt(unsigned char *md) { int i; static char buf[80]; @@ -153,3 +169,4 @@ unsigned char *md; sprintf(&(buf[i*2]),"%02x",md[i]); return(buf); } +#endif diff --git a/src/lib/libcrypto/sha/sha_dgst.c b/src/lib/libcrypto/sha/sha_dgst.c index 8ed533ea26..5a4b3ab204 100644 --- a/src/lib/libcrypto/sha/sha_dgst.c +++ b/src/lib/libcrypto/sha/sha_dgst.c @@ -1,4 +1,4 @@ -/* crypto/sha/sha_dgst.c */ +/* crypto/sha/sha1dgst.c */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -56,387 +56,18 @@ * [including the GNU Public Licence.] */ -#include -#include -#define SHA_0 -#undef SHA_1 -#include "sha.h" -#include "sha_locl.h" - -char *SHA_version="SHA part of SSLeay 0.9.0b 29-Jun-1998"; - -/* Implemented from SHA-0 document - The Secure Hash Algorithm - */ - -#define INIT_DATA_h0 (unsigned long)0x67452301L -#define INIT_DATA_h1 (unsigned long)0xefcdab89L -#define INIT_DATA_h2 (unsigned long)0x98badcfeL -#define INIT_DATA_h3 (unsigned long)0x10325476L -#define INIT_DATA_h4 (unsigned long)0xc3d2e1f0L - -#define K_00_19 0x5a827999L -#define K_20_39 0x6ed9eba1L -#define K_40_59 0x8f1bbcdcL -#define K_60_79 0xca62c1d6L - -#ifndef NOPROTO - void sha_block(SHA_CTX *c, register unsigned long *p, int num); -#else - void sha_block(); -#endif - -#define M_c2nl c2nl -#define M_p_c2nl p_c2nl -#define M_c2nl_p c2nl_p -#define M_p_c2nl_p p_c2nl_p -#define M_nl2c nl2c - -void SHA_Init(c) -SHA_CTX *c; - { - c->h0=INIT_DATA_h0; - c->h1=INIT_DATA_h1; - c->h2=INIT_DATA_h2; - c->h3=INIT_DATA_h3; - c->h4=INIT_DATA_h4; - c->Nl=0; - c->Nh=0; - c->num=0; - } - -void SHA_Update(c, data, len) -SHA_CTX *c; -register unsigned char *data; -unsigned long len; - { - register ULONG *p; - int ew,ec,sw,sc; - ULONG l; - - if (len == 0) return; - - l=(c->Nl+(len<<3))&0xffffffffL; - if (l < c->Nl) /* overflow */ - c->Nh++; - c->Nh+=(len>>29); - c->Nl=l; - - if (c->num != 0) - { - p=c->data; - sw=c->num>>2; - sc=c->num&0x03; - - if ((c->num+len) >= SHA_CBLOCK) - { - l= p[sw]; - M_p_c2nl(data,l,sc); - p[sw++]=l; - for (; swnum); - - sha_block(c,p,64); - c->num=0; - /* drop through and do the rest */ - } - else - { - c->num+=(int)len; - if ((sc+len) < 4) /* ugly, add char's to a word */ - { - l= p[sw]; - M_p_c2nl_p(data,l,sc,len); - p[sw]=l; - } - else - { - ew=(c->num>>2); - ec=(c->num&0x03); - l= p[sw]; - M_p_c2nl(data,l,sc); - p[sw++]=l; - for (; sw < ew; sw++) - { M_c2nl(data,l); p[sw]=l; } - if (ec) - { - M_c2nl_p(data,l,ec); - p[sw]=l; - } - } - return; - } - } - /* We can only do the following code for assember, the reason - * being that the sha_block 'C' version changes the values - * in the 'data' array. The assember code avoids this and - * copies it to a local array. I should be able to do this for - * the C version as well.... - */ -#if 1 -#if defined(B_ENDIAN) || defined(SHA_ASM) - if ((((unsigned int)data)%sizeof(ULONG)) == 0) - { - sw=len/SHA_CBLOCK; - if (sw) - { - sw*=SHA_CBLOCK; - sha_block(c,(ULONG *)data,sw); - data+=sw; - len-=sw; - } - } -#endif -#endif - /* we now can process the input data in blocks of SHA_CBLOCK - * chars and save the leftovers to c->data. */ - p=c->data; - while (len >= SHA_CBLOCK) - { -#if defined(B_ENDIAN) || defined(L_ENDIAN) - if (p != (unsigned long *)data) - memcpy(p,data,SHA_CBLOCK); - data+=SHA_CBLOCK; -# ifdef L_ENDIAN -# ifndef SHA_ASM /* Will not happen */ - for (sw=(SHA_LBLOCK/4); sw; sw--) - { - Endian_Reverse32(p[0]); - Endian_Reverse32(p[1]); - Endian_Reverse32(p[2]); - Endian_Reverse32(p[3]); - p+=4; - } - p=c->data; -# endif -# endif -#else - for (sw=(SHA_BLOCK/4); sw; sw--) - { - M_c2nl(data,l); *(p++)=l; - M_c2nl(data,l); *(p++)=l; - M_c2nl(data,l); *(p++)=l; - M_c2nl(data,l); *(p++)=l; - } - p=c->data; -#endif - sha_block(c,p,64); - len-=SHA_CBLOCK; - } - ec=(int)len; - c->num=ec; - ew=(ec>>2); - ec&=0x03; - - for (sw=0; sw < ew; sw++) - { M_c2nl(data,l); p[sw]=l; } - M_c2nl_p(data,l,ec); - p[sw]=l; - } - -void SHA_Transform(c,b) -SHA_CTX *c; -unsigned char *b; - { - ULONG p[16]; -#if !defined(B_ENDIAN) - ULONG *q; - int i; -#endif - -#if defined(B_ENDIAN) || defined(L_ENDIAN) - memcpy(p,b,64); -#ifdef L_ENDIAN - q=p; - for (i=(SHA_LBLOCK/4); i; i--) - { - Endian_Reverse32(q[0]); - Endian_Reverse32(q[1]); - Endian_Reverse32(q[2]); - Endian_Reverse32(q[3]); - q+=4; - } -#endif -#else - q=p; - for (i=(SHA_LBLOCK/4); i; i--) - { - ULONG l; - c2nl(b,l); *(q++)=l; - c2nl(b,l); *(q++)=l; - c2nl(b,l); *(q++)=l; - c2nl(b,l); *(q++)=l; - } -#endif - sha_block(c,p,64); - } - -void sha_block(c, W, num) -SHA_CTX *c; -register unsigned long *W; -int num; - { - register ULONG A,B,C,D,E,T; - ULONG X[16]; - - A=c->h0; - B=c->h1; - C=c->h2; - D=c->h3; - E=c->h4; - - for (;;) - { - BODY_00_15( 0,A,B,C,D,E,T,W); - BODY_00_15( 1,T,A,B,C,D,E,W); - BODY_00_15( 2,E,T,A,B,C,D,W); - BODY_00_15( 3,D,E,T,A,B,C,W); - BODY_00_15( 4,C,D,E,T,A,B,W); - BODY_00_15( 5,B,C,D,E,T,A,W); - BODY_00_15( 6,A,B,C,D,E,T,W); - BODY_00_15( 7,T,A,B,C,D,E,W); - BODY_00_15( 8,E,T,A,B,C,D,W); - BODY_00_15( 9,D,E,T,A,B,C,W); - BODY_00_15(10,C,D,E,T,A,B,W); - BODY_00_15(11,B,C,D,E,T,A,W); - BODY_00_15(12,A,B,C,D,E,T,W); - BODY_00_15(13,T,A,B,C,D,E,W); - BODY_00_15(14,E,T,A,B,C,D,W); - BODY_00_15(15,D,E,T,A,B,C,W); - BODY_16_19(16,C,D,E,T,A,B,W,W,W,W); - BODY_16_19(17,B,C,D,E,T,A,W,W,W,W); - BODY_16_19(18,A,B,C,D,E,T,W,W,W,W); - BODY_16_19(19,T,A,B,C,D,E,W,W,W,X); +#if !defined(OPENSSL_NO_SHA0) && !defined(OPENSSL_NO_SHA) - BODY_20_31(20,E,T,A,B,C,D,W,W,W,X); - BODY_20_31(21,D,E,T,A,B,C,W,W,W,X); - BODY_20_31(22,C,D,E,T,A,B,W,W,W,X); - BODY_20_31(23,B,C,D,E,T,A,W,W,W,X); - BODY_20_31(24,A,B,C,D,E,T,W,W,X,X); - BODY_20_31(25,T,A,B,C,D,E,W,W,X,X); - BODY_20_31(26,E,T,A,B,C,D,W,W,X,X); - BODY_20_31(27,D,E,T,A,B,C,W,W,X,X); - BODY_20_31(28,C,D,E,T,A,B,W,W,X,X); - BODY_20_31(29,B,C,D,E,T,A,W,W,X,X); - BODY_20_31(30,A,B,C,D,E,T,W,X,X,X); - BODY_20_31(31,T,A,B,C,D,E,W,X,X,X); - BODY_32_39(32,E,T,A,B,C,D,X); - BODY_32_39(33,D,E,T,A,B,C,X); - BODY_32_39(34,C,D,E,T,A,B,X); - BODY_32_39(35,B,C,D,E,T,A,X); - BODY_32_39(36,A,B,C,D,E,T,X); - BODY_32_39(37,T,A,B,C,D,E,X); - BODY_32_39(38,E,T,A,B,C,D,X); - BODY_32_39(39,D,E,T,A,B,C,X); +#undef SHA_1 +#define SHA_0 - BODY_40_59(40,C,D,E,T,A,B,X); - BODY_40_59(41,B,C,D,E,T,A,X); - BODY_40_59(42,A,B,C,D,E,T,X); - BODY_40_59(43,T,A,B,C,D,E,X); - BODY_40_59(44,E,T,A,B,C,D,X); - BODY_40_59(45,D,E,T,A,B,C,X); - BODY_40_59(46,C,D,E,T,A,B,X); - BODY_40_59(47,B,C,D,E,T,A,X); - BODY_40_59(48,A,B,C,D,E,T,X); - BODY_40_59(49,T,A,B,C,D,E,X); - BODY_40_59(50,E,T,A,B,C,D,X); - BODY_40_59(51,D,E,T,A,B,C,X); - BODY_40_59(52,C,D,E,T,A,B,X); - BODY_40_59(53,B,C,D,E,T,A,X); - BODY_40_59(54,A,B,C,D,E,T,X); - BODY_40_59(55,T,A,B,C,D,E,X); - BODY_40_59(56,E,T,A,B,C,D,X); - BODY_40_59(57,D,E,T,A,B,C,X); - BODY_40_59(58,C,D,E,T,A,B,X); - BODY_40_59(59,B,C,D,E,T,A,X); +#include - BODY_60_79(60,A,B,C,D,E,T,X); - BODY_60_79(61,T,A,B,C,D,E,X); - BODY_60_79(62,E,T,A,B,C,D,X); - BODY_60_79(63,D,E,T,A,B,C,X); - BODY_60_79(64,C,D,E,T,A,B,X); - BODY_60_79(65,B,C,D,E,T,A,X); - BODY_60_79(66,A,B,C,D,E,T,X); - BODY_60_79(67,T,A,B,C,D,E,X); - BODY_60_79(68,E,T,A,B,C,D,X); - BODY_60_79(69,D,E,T,A,B,C,X); - BODY_60_79(70,C,D,E,T,A,B,X); - BODY_60_79(71,B,C,D,E,T,A,X); - BODY_60_79(72,A,B,C,D,E,T,X); - BODY_60_79(73,T,A,B,C,D,E,X); - BODY_60_79(74,E,T,A,B,C,D,X); - BODY_60_79(75,D,E,T,A,B,C,X); - BODY_60_79(76,C,D,E,T,A,B,X); - BODY_60_79(77,B,C,D,E,T,A,X); - BODY_60_79(78,A,B,C,D,E,T,X); - BODY_60_79(79,T,A,B,C,D,E,X); - - c->h0=(c->h0+E)&0xffffffffL; - c->h1=(c->h1+T)&0xffffffffL; - c->h2=(c->h2+A)&0xffffffffL; - c->h3=(c->h3+B)&0xffffffffL; - c->h4=(c->h4+C)&0xffffffffL; +const char *SHA_version="SHA" OPENSSL_VERSION_PTEXT; - num-=64; - if (num <= 0) break; +/* The implementation is in ../md32_common.h */ - A=c->h0; - B=c->h1; - C=c->h2; - D=c->h3; - E=c->h4; - - W+=16; - } - } - -void SHA_Final(md, c) -unsigned char *md; -SHA_CTX *c; - { - register int i,j; - register ULONG l; - register ULONG *p; - static unsigned char end[4]={0x80,0x00,0x00,0x00}; - unsigned char *cp=end; +#include "sha_locl.h" - /* c->num should definitly have room for at least one more byte. */ - p=c->data; - j=c->num; - i=j>>2; -#ifdef PURIFY - if ((j&0x03) == 0) p[i]=0; #endif - l=p[i]; - M_p_c2nl(cp,l,j&0x03); - p[i]=l; - i++; - /* i is the next 'undefined word' */ - if (c->num >= SHA_LAST_BLOCK) - { - for (; iNh; - p[SHA_LBLOCK-1]=c->Nl; - sha_block(c,p,64); - cp=md; - l=c->h0; nl2c(l,cp); - l=c->h1; nl2c(l,cp); - l=c->h2; nl2c(l,cp); - l=c->h3; nl2c(l,cp); - l=c->h4; nl2c(l,cp); - - /* clear stuff, sha_block may be leaving some stuff on the stack - * but I'm not worried :-) */ - c->num=0; -/* memset((char *)&c,0,sizeof(c));*/ - } diff --git a/src/lib/libcrypto/sha/sha_one.c b/src/lib/libcrypto/sha/sha_one.c index 18ab7f61bc..5426faae4a 100644 --- a/src/lib/libcrypto/sha/sha_one.c +++ b/src/lib/libcrypto/sha/sha_one.c @@ -58,12 +58,10 @@ #include #include -#include "sha.h" +#include -unsigned char *SHA(d, n, md) -unsigned char *d; -unsigned long n; -unsigned char *md; +#ifndef OPENSSL_NO_SHA0 +unsigned char *SHA(const unsigned char *d, unsigned long n, unsigned char *md) { SHA_CTX c; static unsigned char m[SHA_DIGEST_LENGTH]; @@ -75,3 +73,4 @@ unsigned char *md; memset(&c,0,sizeof(c)); return(md); } +#endif diff --git a/src/lib/libcrypto/sha/shatest.c b/src/lib/libcrypto/sha/shatest.c index 03816e9b39..331294a74f 100644 --- a/src/lib/libcrypto/sha/shatest.c +++ b/src/lib/libcrypto/sha/shatest.c @@ -59,57 +59,70 @@ #include #include #include -#include "sha.h" + +#ifdef OPENSSL_NO_SHA +int main(int argc, char *argv[]) +{ + printf("No SHA support\n"); + return(0); +} +#else +#include +#include + +#ifdef CHARSET_EBCDIC +#include +#endif #define SHA_0 /* FIPS 180 */ #undef SHA_1 /* FIPS 180-1 */ -char *test[]={ +static char *test[]={ "abc", "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq", NULL, }; #ifdef SHA_0 -char *ret[]={ +static char *ret[]={ "0164b8a914cd2a5e74c4f7ff082c4d97f1edf880", "d2516ee1acfa5baf33dfc1c471e438449ef134c8", }; -char *bigret= +static char *bigret= "3232affa48628a26653b5aaa44541fd90d690603"; #endif #ifdef SHA_1 -char *ret[]={ +static char *ret[]={ "a9993e364706816aba3e25717850c26c9cd0d89d", "84983e441c3bd26ebaae4aa1f95129e5e54670f1", }; -char *bigret= +static char *bigret= "34aa973cd4c4daa4f61eeb2bdbad27316534016f"; #endif -#ifndef NOPROTO static char *pt(unsigned char *md); -#else -static char *pt(); -#endif - -int main(argc,argv) -int argc; -char *argv[]; +int main(int argc, char *argv[]) { int i,err=0; unsigned char **P,**R; static unsigned char buf[1000]; char *p,*r; - SHA_CTX c; + EVP_MD_CTX c; unsigned char md[SHA_DIGEST_LENGTH]; +#ifdef CHARSET_EBCDIC + ebcdic2ascii(test[0], test[0], strlen(test[0])); + ebcdic2ascii(test[1], test[1], strlen(test[1])); +#endif + + EVP_MD_CTX_init(&c); P=(unsigned char **)test; R=(unsigned char **)ret; i=1; while (*P != NULL) { - p=pt(SHA(*P,(unsigned long)strlen((char *)*P),NULL)); + EVP_Digest(*P,(unsigned long)strlen((char *)*P),md,NULL,EVP_sha(), NULL); + p=pt(md); if (strcmp(p,(char *)*R) != 0) { printf("error calculating SHA on '%s'\n",*P); @@ -124,10 +137,13 @@ char *argv[]; } memset(buf,'a',1000); - SHA_Init(&c); +#ifdef CHARSET_EBCDIC + ebcdic2ascii(buf, buf, 1000); +#endif /*CHARSET_EBCDIC*/ + EVP_DigestInit_ex(&c,EVP_sha(), NULL); for (i=0; i<1000; i++) - SHA_Update(&c,buf,1000); - SHA_Final(md,&c); + EVP_DigestUpdate(&c,buf,1000); + EVP_DigestFinal_ex(&c,md,NULL); p=pt(md); r=bigret; @@ -139,12 +155,12 @@ char *argv[]; } else printf("test 3 ok\n"); + EVP_MD_CTX_cleanup(&c); exit(err); return(0); } -static char *pt(md) -unsigned char *md; +static char *pt(unsigned char *md) { int i; static char buf[80]; @@ -153,3 +169,4 @@ unsigned char *md; sprintf(&(buf[i*2]),"%02x",md[i]); return(buf); } +#endif diff --git a/src/lib/libcrypto/symhacks.h b/src/lib/libcrypto/symhacks.h index 358ad355bb..de0f452b47 100644 --- a/src/lib/libcrypto/symhacks.h +++ b/src/lib/libcrypto/symhacks.h @@ -55,10 +55,18 @@ #ifndef HEADER_SYMHACKS_H #define HEADER_SYMHACKS_H +#include + /* Hacks to solve the problem with linkers incapable of handling very long symbol names. In the case of VMS, the limit is 31 characters on VMS for VAX. */ -#ifdef VMS +#ifdef OPENSSL_SYS_VMS + +/* Hack a long name in crypto/ex_data.c */ +#undef CRYPTO_get_ex_data_implementation +#define CRYPTO_get_ex_data_implementation CRYPTO_get_ex_data_impl +#undef CRYPTO_set_ex_data_implementation +#define CRYPTO_set_ex_data_implementation CRYPTO_set_ex_data_impl /* Hack a long name in crypto/asn1/a_mbstr.c */ #undef ASN1_STRING_set_default_mask_asc @@ -121,33 +129,146 @@ #define X509_REVOKED_get_ext_by_critical X509_REVOKED_get_ext_by_critic /* Hack some long CRYPTO names */ +#undef CRYPTO_set_dynlock_destroy_callback #define CRYPTO_set_dynlock_destroy_callback CRYPTO_set_dynlock_destroy_cb +#undef CRYPTO_set_dynlock_create_callback #define CRYPTO_set_dynlock_create_callback CRYPTO_set_dynlock_create_cb +#undef CRYPTO_set_dynlock_lock_callback #define CRYPTO_set_dynlock_lock_callback CRYPTO_set_dynlock_lock_cb +#undef CRYPTO_get_dynlock_lock_callback #define CRYPTO_get_dynlock_lock_callback CRYPTO_get_dynlock_lock_cb +#undef CRYPTO_get_dynlock_destroy_callback #define CRYPTO_get_dynlock_destroy_callback CRYPTO_get_dynlock_destroy_cb +#undef CRYPTO_get_dynlock_create_callback #define CRYPTO_get_dynlock_create_callback CRYPTO_get_dynlock_create_cb +#undef CRYPTO_set_locked_mem_ex_functions +#define CRYPTO_set_locked_mem_ex_functions CRYPTO_set_locked_mem_ex_funcs +#undef CRYPTO_get_locked_mem_ex_functions +#define CRYPTO_get_locked_mem_ex_functions CRYPTO_get_locked_mem_ex_funcs /* Hack some long SSL names */ +#undef SSL_CTX_set_default_verify_paths #define SSL_CTX_set_default_verify_paths SSL_CTX_set_def_verify_paths +#undef SSL_get_ex_data_X509_STORE_CTX_idx #define SSL_get_ex_data_X509_STORE_CTX_idx SSL_get_ex_d_X509_STORE_CTX_idx +#undef SSL_add_file_cert_subjects_to_stack #define SSL_add_file_cert_subjects_to_stack SSL_add_file_cert_subjs_to_stk +#if 0 /* This function is not defined i VMS. */ +#undef SSL_add_dir_cert_subjects_to_stack #define SSL_add_dir_cert_subjects_to_stack SSL_add_dir_cert_subjs_to_stk +#endif +#undef SSL_CTX_use_certificate_chain_file #define SSL_CTX_use_certificate_chain_file SSL_CTX_use_cert_chain_file +#undef SSL_CTX_set_cert_verify_callback #define SSL_CTX_set_cert_verify_callback SSL_CTX_set_cert_verify_cb +#undef SSL_CTX_set_default_passwd_cb_userdata #define SSL_CTX_set_default_passwd_cb_userdata SSL_CTX_set_def_passwd_cb_ud /* Hack some long ENGINE names */ -#define ENGINE_get_default_BN_mod_exp_crt ENGINE_get_def_BN_mod_exp_crt -#define ENGINE_set_default_BN_mod_exp_crt ENGINE_set_def_BN_mod_exp_crt +#undef ENGINE_get_default_BN_mod_exp_crt +#define ENGINE_get_default_BN_mod_exp_crt ENGINE_get_def_BN_mod_exp_crt +#undef ENGINE_set_default_BN_mod_exp_crt +#define ENGINE_set_default_BN_mod_exp_crt ENGINE_set_def_BN_mod_exp_crt +#undef ENGINE_set_load_privkey_function +#define ENGINE_set_load_privkey_function ENGINE_set_load_privkey_fn +#undef ENGINE_get_load_privkey_function +#define ENGINE_get_load_privkey_function ENGINE_get_load_privkey_fn + +/* Hack some long OCSP names */ +#undef OCSP_REQUEST_get_ext_by_critical +#define OCSP_REQUEST_get_ext_by_critical OCSP_REQUEST_get_ext_by_crit +#undef OCSP_BASICRESP_get_ext_by_critical +#define OCSP_BASICRESP_get_ext_by_critical OCSP_BASICRESP_get_ext_by_crit +#undef OCSP_SINGLERESP_get_ext_by_critical +#define OCSP_SINGLERESP_get_ext_by_critical OCSP_SINGLERESP_get_ext_by_crit + +/* Hack some long DES names */ +#undef _ossl_old_des_ede3_cfb64_encrypt +#define _ossl_old_des_ede3_cfb64_encrypt _ossl_odes_ede3_cfb64_encrypt +#undef _ossl_old_des_ede3_ofb64_encrypt +#define _ossl_old_des_ede3_ofb64_encrypt _ossl_odes_ede3_ofb64_encrypt -#endif /* defined VMS */ +/* Hack some long EVP names */ +#undef OPENSSL_add_all_algorithms_noconf +#define OPENSSL_add_all_algorithms_noconf OPENSSL_add_all_algo_noconf +#undef OPENSSL_add_all_algorithms_conf +#define OPENSSL_add_all_algorithms_conf OPENSSL_add_all_algo_conf + +/* Hack some long EC names */ +#undef EC_POINT_set_Jprojective_coordinates_GFp +#define EC_POINT_set_Jprojective_coordinates_GFp \ + EC_POINT_set_Jproj_coords_GFp +#undef EC_POINT_get_Jprojective_coordinates_GFp +#define EC_POINT_get_Jprojective_coordinates_GFp \ + EC_POINT_get_Jproj_coords_GFp +#undef EC_POINT_set_affine_coordinates_GFp +#define EC_POINT_set_affine_coordinates_GFp EC_POINT_set_affine_coords_GFp +#undef EC_POINT_get_affine_coordinates_GFp +#define EC_POINT_get_affine_coordinates_GFp EC_POINT_get_affine_coords_GFp +#undef EC_POINT_set_compressed_coordinates_GFp +#define EC_POINT_set_compressed_coordinates_GFp EC_POINT_set_compr_coords_GFp +#undef ec_GFp_simple_group_set_curve_GFp +#define ec_GFp_simple_group_set_curve_GFp ec_GFp_simple_grp_set_curve_GFp +#undef ec_GFp_simple_group_get_curve_GFp +#define ec_GFp_simple_group_get_curve_GFp ec_GFp_simple_grp_get_curve_GFp +#undef ec_GFp_simple_group_clear_finish +#define ec_GFp_simple_group_clear_finish ec_GFp_simple_grp_clear_finish +#undef ec_GFp_simple_group_set_generator +#define ec_GFp_simple_group_set_generator ec_GFp_simple_grp_set_generator +#undef ec_GFp_simple_group_get0_generator +#define ec_GFp_simple_group_get0_generator ec_GFp_simple_grp_gt0_generator +#undef ec_GFp_simple_group_get_cofactor +#define ec_GFp_simple_group_get_cofactor ec_GFp_simple_grp_get_cofactor +#undef ec_GFp_simple_point_clear_finish +#define ec_GFp_simple_point_clear_finish ec_GFp_simple_pt_clear_finish +#undef ec_GFp_simple_point_set_to_infinity +#define ec_GFp_simple_point_set_to_infinity ec_GFp_simple_pt_set_to_inf +#undef ec_GFp_simple_points_make_affine +#define ec_GFp_simple_points_make_affine ec_GFp_simple_pts_make_affine +#undef ec_GFp_simple_group_get_curve_GFp +#define ec_GFp_simple_group_get_curve_GFp ec_GFp_simple_grp_get_curve_GFp +#undef ec_GFp_simple_set_Jprojective_coordinates_GFp +#define ec_GFp_simple_set_Jprojective_coordinates_GFp \ + ec_GFp_smp_set_Jproj_coords_GFp +#undef ec_GFp_simple_get_Jprojective_coordinates_GFp +#define ec_GFp_simple_get_Jprojective_coordinates_GFp \ + ec_GFp_smp_get_Jproj_coords_GFp +#undef ec_GFp_simple_point_set_affine_coordinates_GFp +#define ec_GFp_simple_point_set_affine_coordinates_GFp \ + ec_GFp_smp_pt_set_af_coords_GFp +#undef ec_GFp_simple_point_get_affine_coordinates_GFp +#define ec_GFp_simple_point_get_affine_coordinates_GFp \ + ec_GFp_smp_pt_get_af_coords_GFp +#undef ec_GFp_simple_set_compressed_coordinates_GFp +#define ec_GFp_simple_set_compressed_coordinates_GFp \ + ec_GFp_smp_set_compr_coords_GFp + +#endif /* defined OPENSSL_SYS_VMS */ /* Case insensiteve linking causes problems.... */ -#if defined(WIN16) || defined(VMS) +#if defined(OPENSSL_SYS_WIN16) || defined(OPENSSL_SYS_VMS) #undef ERR_load_CRYPTO_strings #define ERR_load_CRYPTO_strings ERR_load_CRYPTOlib_strings +#undef OCSP_crlID_new +#define OCSP_crlID_new OCSP_crlID2_new + +/* These functions do not seem to exist! However, I'm paranoid... + Original command in x509v3.h: + These functions are being redefined in another directory, + and clash when the linker is case-insensitive, so let's + hide them a little, by giving them an extra 'o' at the + beginning of the name... */ +#undef X509v3_cleanup_extensions +#define X509v3_cleanup_extensions oX509v3_cleanup_extensions +#undef X509v3_add_extension +#define X509v3_add_extension oX509v3_add_extension +#undef X509v3_add_netscape_extensions +#define X509v3_add_netscape_extensions oX509v3_add_netscape_extensions +#undef X509v3_add_standard_extensions +#define X509v3_add_standard_extensions oX509v3_add_standard_extensions + + #endif diff --git a/src/lib/libcrypto/threads/mttest.c b/src/lib/libcrypto/threads/mttest.c index be395f2bc4..7142e4edc7 100644 --- a/src/lib/libcrypto/threads/mttest.c +++ b/src/lib/libcrypto/threads/mttest.c @@ -63,7 +63,7 @@ #ifdef LINUX #include #endif -#ifdef WIN32 +#ifdef OPENSSL_SYS_WIN32 #include #endif #ifdef SOLARIS @@ -74,27 +74,29 @@ #include #include #endif -#include "lhash.h" -#include "crypto.h" -#include "buffer.h" -#include "../e_os.h" -#include "x509.h" -#include "ssl.h" -#include "err.h" - -#ifdef NO_FP_API +#ifdef PTHREADS +#include +#endif +#include +#include +#include +#include "../../e_os.h" +#include +#include +#include +#include + +#ifdef OPENSSL_NO_FP_API #define APPS_WIN16 -#include "../crypto/buffer/bss_file.c" +#include "../buffer/bss_file.c" #endif -#define TEST_SERVER_CERT "../apps/server.pem" -#define TEST_CLIENT_CERT "../apps/client.pem" +#define TEST_SERVER_CERT "../../apps/server.pem" +#define TEST_CLIENT_CERT "../../apps/client.pem" #define MAX_THREAD_NUMBER 100 -#ifndef NOPROTO -int MS_CALLBACK verify_callback(int ok, X509 *xs, X509 *xi, int depth, - int error,char *arg); +int MS_CALLBACK verify_callback(int ok, X509_STORE_CTX *xs); void thread_setup(void); void thread_cleanup(void); void do_threads(SSL_CTX *s_ctx,SSL_CTX *c_ctx); @@ -108,23 +110,6 @@ unsigned long irix_thread_id(void ); unsigned long solaris_thread_id(void ); unsigned long pthreads_thread_id(void ); -#else -int MS_CALLBACK verify_callback(); -void thread_setup(); -void thread_cleanup(); -void do_threads(); - -void irix_locking_callback(); -void solaris_locking_callback(); -void win32_locking_callback(); -void pthreads_locking_callback(); - -unsigned long irix_thread_id(); -unsigned long solaris_thread_id(); -unsigned long pthreads_thread_id(); - -#endif - BIO *bio_err=NULL; BIO *bio_stdout=NULL; @@ -139,15 +124,10 @@ int number_of_loops=10; int reconnect=0; int cache_stats=0; -#ifndef NOPROTO -int doit(char *ctx[4]); -#else -int doit(); -#endif +static const char rnd_seed[] = "string to make the random number generator think it has entropy"; -static void print_stats(fp,ctx) -FILE *fp; -SSL_CTX *ctx; +int doit(char *ctx[4]); +static void print_stats(FILE *fp, SSL_CTX *ctx) { fprintf(fp,"%4ld items in the session cache\n", SSL_CTX_sess_number(ctx)); @@ -164,7 +144,7 @@ SSL_CTX *ctx; fprintf(fp,"%4d session cache timeouts\n",SSL_CTX_sess_timeouts(ctx)); } -static void sv_usage() +static void sv_usage(void) { fprintf(stderr,"usage: ssltest [args ...]\n"); fprintf(stderr,"\n"); @@ -182,9 +162,7 @@ static void sv_usage() fprintf(stderr," -ssl3 - just SSLv3n\n"); } -int main(argc, argv) -int argc; -char *argv[]; +int main(int argc, char *argv[]) { char *CApath=NULL,*CAfile=NULL; int badop=0; @@ -197,6 +175,8 @@ char *argv[]; char *ccert=TEST_CLIENT_CERT; SSL_METHOD *ssl_method=SSLv23_method(); + RAND_seed(rnd_seed, sizeof rnd_seed); + if (bio_err == NULL) bio_err=BIO_new_fp(stderr,BIO_NOCLOSE); if (bio_stdout == NULL) @@ -271,7 +251,7 @@ bad: if (cipher == NULL) cipher=getenv("SSL_CIPHER"); SSL_load_error_strings(); - SSLeay_add_ssl_algorithms(); + OpenSSL_add_ssl_algorithms(); c_ctx=SSL_CTX_new(ssl_method); s_ctx=SSL_CTX_new(ssl_method); @@ -286,8 +266,15 @@ bad: SSL_CTX_set_session_cache_mode(c_ctx, SSL_SESS_CACHE_NO_AUTO_CLEAR|SSL_SESS_CACHE_SERVER); - SSL_CTX_use_certificate_file(s_ctx,scert,SSL_FILETYPE_PEM); - SSL_CTX_use_RSAPrivateKey_file(s_ctx,scert,SSL_FILETYPE_PEM); + if (!SSL_CTX_use_certificate_file(s_ctx,scert,SSL_FILETYPE_PEM)) + { + ERR_print_errors(bio_err); + } + else if (!SSL_CTX_use_RSAPrivateKey_file(s_ctx,scert,SSL_FILETYPE_PEM)) + { + ERR_print_errors(bio_err); + goto end; + } if (client_auth) { @@ -358,8 +345,7 @@ end: #define C_DONE 1 #define S_DONE 2 -int ndoit(ssl_ctx) -SSL_CTX *ssl_ctx[2]; +int ndoit(SSL_CTX *ssl_ctx[2]) { int i; int ret; @@ -405,8 +391,7 @@ SSL_CTX *ssl_ctx[2]; return(0); } -int doit(ctx) -char *ctx[4]; +int doit(char *ctx[4]) { SSL_CTX *s_ctx,*c_ctx; static char cbuf[200],sbuf[200]; @@ -518,6 +503,7 @@ char *ctx[4]; else { fprintf(stderr,"ERROR in CLIENT\n"); + ERR_print_errors_fp(stderr); return(1); } } @@ -549,6 +535,7 @@ char *ctx[4]; else { fprintf(stderr,"ERROR in CLIENT\n"); + ERR_print_errors_fp(stderr); return(1); } } @@ -681,38 +668,39 @@ err: return(0); } -int MS_CALLBACK verify_callback(ok, xs, xi, depth, error, arg) -int ok; -X509 *xs; -X509 *xi; -int depth; -int error; -char *arg; +int MS_CALLBACK verify_callback(int ok, X509_STORE_CTX *ctx) { - char buf[256]; + char *s, buf[256]; if (verbose) { - X509_NAME_oneline(X509_get_subject_name(xs),buf,256); - if (ok) - fprintf(stderr,"depth=%d %s\n",depth,buf); - else - fprintf(stderr,"depth=%d error=%d %s\n",depth,error,buf); + s=X509_NAME_oneline(X509_get_subject_name(ctx->current_cert), + buf,256); + if (s != NULL) + { + if (ok) + fprintf(stderr,"depth=%d %s\n", + ctx->error_depth,buf); + else + fprintf(stderr,"depth=%d error=%d %s\n", + ctx->error_depth,ctx->error,buf); + } } return(ok); } #define THREAD_STACK_SIZE (16*1024) -#ifdef WIN32 +#ifdef OPENSSL_SYS_WIN32 -static HANDLE lock_cs[CRYPTO_NUM_LOCKS]; +static HANDLE *lock_cs; -void thread_setup() +void thread_setup(void) { int i; - for (i=0; ireferences,c_ctx->references); } -unsigned long solaris_thread_id() +unsigned long solaris_thread_id(void) { unsigned long ret; @@ -915,9 +902,9 @@ unsigned long solaris_thread_id() static usptr_t *arena; -static usema_t *lock_cs[CRYPTO_NUM_LOCKS]; +static usema_t **lock_cs; -void thread_setup() +void thread_setup(void) { int i; char filename[20]; @@ -932,7 +919,8 @@ void thread_setup() arena=usinit(filename); unlink(filename); - for (i=0; ireferences,c_ctx->references); } -unsigned long irix_thread_id() +unsigned long irix_thread_id(void) { unsigned long ret; @@ -1011,14 +995,16 @@ unsigned long irix_thread_id() #ifdef PTHREADS -static pthread_mutex_t lock_cs[CRYPTO_NUM_LOCKS]; -static long lock_count[CRYPTO_NUM_LOCKS]; +static pthread_mutex_t *lock_cs; +static long *lock_count; -void thread_setup() +void thread_setup(void) { int i; - for (i=0; ireferences,c_ctx->references); + s_ctx->references,c_ctx->references); } -unsigned long pthreads_thread_id() +unsigned long pthreads_thread_id(void) { unsigned long ret; diff --git a/src/lib/libcrypto/threads/th-lock.c b/src/lib/libcrypto/threads/th-lock.c index 039022446d..a6a79b9f45 100644 --- a/src/lib/libcrypto/threads/th-lock.c +++ b/src/lib/libcrypto/threads/th-lock.c @@ -63,7 +63,7 @@ #ifdef LINUX #include #endif -#ifdef WIN32 +#ifdef OPENSSL_SYS_WIN32 #include #endif #ifdef SOLARIS @@ -74,16 +74,18 @@ #include #include #endif -#include "lhash.h" -#include "crypto.h" -#include "buffer.h" -#include "e_os.h" -#include "x509.h" -#include "ssl.h" -#include "err.h" - -#ifndef NOPROTO -int CRYPTO_thread_setup(void); +#ifdef PTHREADS +#include +#endif +#include +#include +#include +#include +#include +#include +#include + +void CRYPTO_thread_setup(void); void CRYPTO_thread_cleanup(void); static void irix_locking_callback(int mode,int type,char *file,int line); @@ -95,38 +97,24 @@ static unsigned long irix_thread_id(void ); static unsigned long solaris_thread_id(void ); static unsigned long pthreads_thread_id(void ); -#else -int CRYPOTO_thread_setup(); -void CRYPTO_cleanup(); - -static void irix_locking_callback(); -static void solaris_locking_callback(); -static void win32_locking_callback(); -static void pthreads_locking_callback(); - -static unsigned long irix_thread_id(); -static unsigned long solaris_thread_id(); -static unsigned long pthreads_thread_id(); - -#endif - /* usage: * CRYPTO_thread_setup(); - * applicaion code + * application code * CRYPTO_thread_cleanup(); */ #define THREAD_STACK_SIZE (16*1024) -#ifdef WIN32 +#ifdef OPENSSL_SYS_WIN32 -static HANDLE lock_cs[CRYPTO_NUM_LOCKS]; +static HANDLE *lock_cs; -int CRYPTO_thread_setup() +void CRYPTO_thread_setup(void) { int i; - for (i=0; i #include +#include "cryptlib.h" +#include -#ifndef MSDOS -# ifndef WIN32 -# define TIMES -# endif +#ifdef TIMEB +#undef OPENSSL_SYS_WIN32 +#undef TIMES #endif -#ifndef VMS -# ifndef _IRIX -# include -# endif -# ifdef TIMES -# include -# include -# endif -#else /* VMS */ -# include - struct tms { - time_t tms_utime; - time_t tms_stime; - time_t tms_uchild; /* I dunno... */ - time_t tms_uchildsys; /* so these names are a guess :-) */ - } -#endif /* VMS */ - -#ifdef sun +#if !defined(OPENSSL_SYS_MSDOS) && !defined(OPENSSL_SYS_WIN32) && !defined(OPENSSL_SYS_VMS) || defined(__DECC) && !defined(OPENSSL_SYS_MACOSX) && !defined(OPENSSL_SYS_VXWORKS) +# define TIMES +#endif + +#ifndef _IRIX +# include +#endif +#ifdef TIMES +# include +# include +#endif + +/* Depending on the VMS version, the tms structure is perhaps defined. + The __TMS macro will show if it was. If it wasn't defined, we should + undefine TIMES, since that tells the rest of the program how things + should be handled. -- Richard Levitte */ +#if defined(OPENSSL_SYS_VMS_DECC) && !defined(__TMS) +#undef TIMES +#endif + +#if defined(sun) || defined(__ultrix) +#define _POSIX_SOURCE #include #include #endif -#ifndef TIMES +#if !defined(TIMES) && !defined(OPENSSL_SYS_VXWORKS) #include #endif -#ifdef WIN32 +#ifdef OPENSSL_SYS_WIN32 #include #endif @@ -99,11 +103,7 @@ #ifndef HZ # ifndef CLK_TCK # ifndef _BSD_CLK_TCK_ /* FreeBSD hack */ -# ifndef VMS -# define HZ 100.0 -# else /* VMS */ -# define HZ 100.0 -# endif +# define HZ 100.0 # else /* _BSD_CLK_TCK_ */ # define HZ ((double)_BSD_CLK_TCK_) # endif @@ -117,57 +117,62 @@ typedef struct ms_tm #ifdef TIMES struct tms ms_tms; #else -# ifdef WIN32 +# ifdef OPENSSL_SYS_WIN32 HANDLE thread_id; FILETIME ms_win32; # else +# ifdef OPENSSL_SYS_VSWORKS + unsigned long ticks; +# else struct timeb ms_timeb; +# endif # endif #endif } MS_TM; -char *ms_time_init() +char *ms_time_new(void) { MS_TM *ret; - ret=malloc(sizeof(MS_TM)); + ret=(MS_TM *)OPENSSL_malloc(sizeof(MS_TM)); if (ret == NULL) return(NULL); memset(ret,0,sizeof(MS_TM)); -#ifdef WIN32 +#ifdef OPENSSL_SYS_WIN32 ret->thread_id=GetCurrentThread(); #endif return((char *)ret); } -void ms_time_final(a) -char *a; +void ms_time_free(char *a) { if (a != NULL) - free(a); + OPENSSL_free(a); } -void ms_time_get(a) -char *a; +void ms_time_get(char *a) { MS_TM *tm=(MS_TM *)a; - FILETIME tmpa,tmpb,tmpc; +#ifdef OPENSSL_SYS_WIN32 + FILETIME tmpa,tmpb,tmpc; +#endif #ifdef TIMES - printf("AAA\n"); times(&tm->ms_tms); #else -# ifdef WIN32 +# ifdef OPENSSL_SYS_WIN32 GetThreadTimes(tm->thread_id,&tmpa,&tmpb,&tmpc,&(tm->ms_win32)); # else - printf("CCC\n"); - ftime(tm->ms_timeb); +# ifdef OPENSSL_SYS_VSWORKS + tm->ticks = tickGet(); +# else + ftime(&tm->ms_timeb); +# endif # endif #endif } -double ms_time_diff(ap,bp) -char *ap,*bp; +double ms_time_diff(char *ap, char *bp) { MS_TM *a=(MS_TM *)ap; MS_TM *b=(MS_TM *)bp; @@ -176,20 +181,35 @@ char *ap,*bp; #ifdef TIMES ret=(b->ms_tms.tms_utime-a->ms_tms.tms_utime)/HZ; #else -# ifdef WIN32 - ret =(double)(b->ms_win32.dwHighDateTime&0x000fffff)*10+ - b->ms_win32.dwLowDateTime/1e7; - ret-=(double)(a->ms_win32.dwHighDateTime&0x000fffff)*10+a->ms_win32.dwLowDateTime/1e7; +# ifdef OPENSSL_SYS_WIN32 + { +#ifdef __GNUC__ + signed long long la,lb; +#else + signed _int64 la,lb; +#endif + la=a->ms_win32.dwHighDateTime; + lb=b->ms_win32.dwHighDateTime; + la<<=32; + lb<<=32; + la+=a->ms_win32.dwLowDateTime; + lb+=b->ms_win32.dwLowDateTime; + ret=((double)(lb-la))/1e7; + } # else - ret= (double)(b->time-a->time)+ - ((double)((unsigned long)b->mullitm-(unsigned long)))/1000.0; +# ifdef OPENSSL_SYS_VSWORKS + ret = (double)(b->ticks - a->ticks) / (double)sysClkRateGet(); +# else + ret= (double)(b->ms_timeb.time-a->ms_timeb.time)+ + (((double)b->ms_timeb.millitm)- + ((double)a->ms_timeb.millitm))/1000.0; # endif +# endif #endif return((ret < 0.0000001)?0.0000001:ret); } -int ms_time_cmp(ap,bp) -char *ap,*bp; +int ms_time_cmp(char *ap, char *bp) { MS_TM *a=(MS_TM *)ap,*b=(MS_TM *)bp; double d; @@ -198,13 +218,17 @@ char *ap,*bp; #ifdef TIMES d=(b->ms_tms.tms_utime-a->ms_tms.tms_utime)/HZ; #else -# ifdef WIN32 +# ifdef OPENSSL_SYS_WIN32 d =(b->ms_win32.dwHighDateTime&0x000fffff)*10+b->ms_win32.dwLowDateTime/1e7; d-=(a->ms_win32.dwHighDateTime&0x000fffff)*10+a->ms_win32.dwLowDateTime/1e7; # else - d= (double)(b->time-a->time)+ - ((double)((unsigned long)b->mullitm-(unsigned long)))/1000.0; +# ifdef OPENSSL_SYS_VSWORKS + d = (b->ticks - a->ticks); +# else + d= (double)(b->ms_timeb.time-a->ms_timeb.time)+ + (((double)b->ms_timeb.millitm)-(double)a->ms_timeb.millitm)/1000.0; # endif +# endif #endif if (d == 0.0) ret=0; diff --git a/src/lib/libcrypto/uid.c b/src/lib/libcrypto/uid.c index b5b61b76d4..d3d249c36f 100644 --- a/src/lib/libcrypto/uid.c +++ b/src/lib/libcrypto/uid.c @@ -54,17 +54,18 @@ */ #include +#include #if defined(__OpenBSD__) || (defined(__FreeBSD__) && __FreeBSD__ > 2) -#include +#include OPENSSL_UNISTD int OPENSSL_issetugid(void) { return issetugid(); } -#elif defined(WIN32) +#elif defined(OPENSSL_SYS_WIN32) int OPENSSL_issetugid(void) { @@ -73,7 +74,7 @@ int OPENSSL_issetugid(void) #else -#include +#include OPENSSL_UNISTD #include int OPENSSL_issetugid(void) diff --git a/src/lib/libcrypto/util/add_cr.pl b/src/lib/libcrypto/util/add_cr.pl index ddd6d61e2d..c7b62c11ec 100644 --- a/src/lib/libcrypto/util/add_cr.pl +++ b/src/lib/libcrypto/util/add_cr.pl @@ -1,4 +1,4 @@ -#!/usr/bin/perl +#!/usr/local/bin/perl # # This adds a copyright message to a souce code file. # It also gets the file name correct. diff --git a/src/lib/libcrypto/util/ck_errf.pl b/src/lib/libcrypto/util/ck_errf.pl index c5764e40df..7a24d6c5a2 100644 --- a/src/lib/libcrypto/util/ck_errf.pl +++ b/src/lib/libcrypto/util/ck_errf.pl @@ -1,4 +1,4 @@ -#!/usr/bin/perl +#!/usr/local/bin/perl # # This is just a quick script to scan for cases where the 'error' # function name in a XXXerr() macro is wrong. @@ -40,5 +40,6 @@ foreach $file (@ARGV) # print "$func:$1\n"; } } + close(IN); } diff --git a/src/lib/libcrypto/util/clean-depend.pl b/src/lib/libcrypto/util/clean-depend.pl index af676af751..6c485d1e2f 100644 --- a/src/lib/libcrypto/util/clean-depend.pl +++ b/src/lib/libcrypto/util/clean-depend.pl @@ -11,20 +11,36 @@ while() { my %files; +my $thisfile=""; while() { - my ($file,$deps)=/^(.*): (.*)$/; + my ($dummy, $file,$deps)=/^((.*):)? (.*)$/; + my $origfile=""; + $thisfile=$file if defined $file; next if !defined $deps; + $origfile=$thisfile; + $origfile=~s/\.o$/.c/; my @deps=split ' ',$deps; - @deps=grep(!/^\/usr\/include/,@deps); - @deps=grep(!/^\/usr\/lib\/gcc-lib/,@deps); - push @{$files{$file}},@deps; + @deps=grep(!/^\//,@deps); + @deps=grep(!/^\\$/,@deps); + @deps=grep(!/^$origfile$/,@deps); +# pull out the kludged kerberos header (if present). + @deps=grep(!/^[.\/]+\/krb5.h/,@deps); + push @{$files{$thisfile}},@deps; } my $file; foreach $file (sort keys %files) { my $len=0; my $dep; + my $origfile=$file; + $origfile=~s/\.o$/.c/; + $file=~s/^\.\///; + push @{$files{$file}},$origfile; + my $prevdep=""; foreach $dep (sort @{$files{$file}}) { + $dep=~s/^\.\///; + next if $prevdep eq $dep; # to exterminate duplicates... + $prevdep = $dep; $len=0 if $len+length($dep)+1 >= 80; if($len == 0) { print "\n$file:"; diff --git a/src/lib/libcrypto/util/deleof.pl b/src/lib/libcrypto/util/deleof.pl index 04f30f0e47..155acd88ff 100644 --- a/src/lib/libcrypto/util/deleof.pl +++ b/src/lib/libcrypto/util/deleof.pl @@ -1,4 +1,4 @@ -#!/usr/bin/perl +#!/usr/local/bin/perl while (<>) { diff --git a/src/lib/libcrypto/util/do_ms.sh b/src/lib/libcrypto/util/do_ms.sh index f498d842b7..515b074cff 100644 --- a/src/lib/libcrypto/util/do_ms.sh +++ b/src/lib/libcrypto/util/do_ms.sh @@ -5,11 +5,13 @@ PATH=util:../util:$PATH -# perl util/mk1mf.pl VC-MSDOS no-sock >ms/msdos.mak +# perl util/mk1mf.pl no-sock VC-MSDOS >ms/msdos.mak # perl util/mk1mf.pl VC-W31-32 >ms/w31.mak -perl util/mk1mf.pl VC-WIN16 dll >ms/w31dll.mak +perl util/mk1mf.pl dll VC-WIN16 >ms/w31dll.mak # perl util/mk1mf.pl VC-WIN32 >ms/nt.mak -perl util/mk1mf.pl VC-WIN32 dll >ms/ntdll.mak +perl util/mk1mf.pl dll VC-WIN32 >ms/ntdll.mak +perl util/mk1mf.pl Mingw32 >ms/mingw32.mak +perl util/mk1mf.pl Mingw32-files >ms/mingw32f.mak perl util/mkdef.pl 16 libeay > ms/libeay16.def perl util/mkdef.pl 32 libeay > ms/libeay32.def diff --git a/src/lib/libcrypto/util/domd b/src/lib/libcrypto/util/domd index 324051f60b..aa99cb0523 100644 --- a/src/lib/libcrypto/util/domd +++ b/src/lib/libcrypto/util/domd @@ -4,8 +4,26 @@ TOP=$1 shift +if [ "$1" = "-MD" ]; then + shift + MAKEDEPEND=$1 + shift +fi +if [ "$MAKEDEPEND" = "" ]; then MAKEDEPEND=makedepend; fi cp Makefile.ssl Makefile.save -makedepend -f Makefile.ssl $@ -$TOP/util/clean-depend.pl < Makefile.ssl > Makefile.new +# fake the presence of Kerberos +touch $TOP/krb5.h +if [ "$MAKEDEPEND" = "gcc" ]; then + sed -e '/^# DO NOT DELETE.*/,$d' < Makefile.ssl > Makefile.tmp + echo '# DO NOT DELETE THIS LINE -- make depend depends on it.' >> Makefile.tmp + gcc -D OPENSSL_DOING_MAKEDEPEND -M $@ >> Makefile.tmp + perl $TOP/util/clean-depend.pl < Makefile.tmp > Makefile.new + rm -f Makefile.tmp +else + ${MAKEDEPEND} -D OPENSSL_DOING_MAKEDEPEND -f Makefile.ssl $@ + perl $TOP/util/clean-depend.pl < Makefile.ssl > Makefile.new +fi mv Makefile.new Makefile.ssl +# unfake the presence of Kerberos +rm $TOP/krb5.h diff --git a/src/lib/libcrypto/util/err-ins.pl b/src/lib/libcrypto/util/err-ins.pl index db1bb48275..31b70df8d0 100644 --- a/src/lib/libcrypto/util/err-ins.pl +++ b/src/lib/libcrypto/util/err-ins.pl @@ -1,4 +1,4 @@ -#!/usr/bin/perl +#!/usr/local/bin/perl # # tack error codes onto the end of a file # diff --git a/src/lib/libcrypto/util/files.pl b/src/lib/libcrypto/util/files.pl index bf3b7effdc..41f033e3b9 100644 --- a/src/lib/libcrypto/util/files.pl +++ b/src/lib/libcrypto/util/files.pl @@ -1,4 +1,4 @@ -#!/usr/bin/perl +#!/usr/local/bin/perl # # used to generate the file MINFO for use by util/mk1mf.pl # It is basically a list of all variables from the passed makefile diff --git a/src/lib/libcrypto/util/libeay.num b/src/lib/libcrypto/util/libeay.num index fcaf254287..b74749e5de 100644 --- a/src/lib/libcrypto/util/libeay.num +++ b/src/lib/libcrypto/util/libeay.num @@ -1,1065 +1,2776 @@ -SSLeay 1 -SSLeay_version 2 -ASN1_BIT_STRING_asn1_meth 3 -ASN1_HEADER_free 4 -ASN1_HEADER_new 5 -ASN1_IA5STRING_asn1_meth 6 -ASN1_INTEGER_get 7 -ASN1_INTEGER_set 8 -ASN1_INTEGER_to_BN 9 -ASN1_OBJECT_create 10 -ASN1_OBJECT_free 11 -ASN1_OBJECT_new 12 -ASN1_PRINTABLE_type 13 -ASN1_STRING_cmp 14 -ASN1_STRING_dup 15 -ASN1_STRING_free 16 -ASN1_STRING_new 17 -ASN1_STRING_print 18 -ASN1_STRING_set 19 -ASN1_STRING_type_new 20 -ASN1_TYPE_free 21 -ASN1_TYPE_new 22 -ASN1_UNIVERSALSTRING_to_string 23 -ASN1_UTCTIME_check 24 -ASN1_UTCTIME_print 25 -ASN1_UTCTIME_set 26 -ASN1_check_infinite_end 27 -ASN1_d2i_bio 28 -ASN1_d2i_fp 29 -ASN1_digest 30 -ASN1_dup 31 -ASN1_get_object 32 -ASN1_i2d_bio 33 -ASN1_i2d_fp 34 -ASN1_object_size 35 -ASN1_parse 36 -ASN1_put_object 37 -ASN1_sign 38 -ASN1_verify 39 -BF_cbc_encrypt 40 -BF_cfb64_encrypt 41 -BF_ecb_encrypt 42 -BF_encrypt 43 -BF_ofb64_encrypt 44 -BF_options 45 -BF_set_key 46 -BIO_CONNECT_free 47 -BIO_CONNECT_new 48 -BIO_accept 51 -BIO_ctrl 52 -BIO_int_ctrl 53 -BIO_debug_callback 54 -BIO_dump 55 -BIO_dup_chain 56 -BIO_f_base64 57 -BIO_f_buffer 58 -BIO_f_cipher 59 -BIO_f_md 60 -BIO_f_null 61 -BIO_f_proxy_server 62 -BIO_fd_non_fatal_error 63 -BIO_fd_should_retry 64 -BIO_find_type 65 -BIO_free 66 -BIO_free_all 67 -BIO_get_accept_socket 69 -BIO_get_filter_bio 70 -BIO_get_host_ip 71 -BIO_get_port 72 -BIO_get_retry_BIO 73 -BIO_get_retry_reason 74 -BIO_gethostbyname 75 -BIO_gets 76 -BIO_new 78 -BIO_new_accept 79 -BIO_new_connect 80 -BIO_new_fd 81 -BIO_new_file 82 -BIO_new_fp 83 -BIO_new_socket 84 -BIO_pop 85 -BIO_printf 86 -BIO_push 87 -BIO_puts 88 -BIO_read 89 -BIO_s_accept 90 -BIO_s_connect 91 -BIO_s_fd 92 -BIO_s_file 93 -BIO_s_mem 95 -BIO_s_null 96 -BIO_s_proxy_client 97 -BIO_s_socket 98 -BIO_set 100 -BIO_set_cipher 101 -BIO_set_tcp_ndelay 102 -BIO_sock_cleanup 103 -BIO_sock_error 104 -BIO_sock_init 105 -BIO_sock_non_fatal_error 106 -BIO_sock_should_retry 107 -BIO_socket_ioctl 108 -BIO_write 109 -BN_CTX_free 110 -BN_CTX_new 111 -BN_MONT_CTX_free 112 -BN_MONT_CTX_new 113 -BN_MONT_CTX_set 114 -BN_add 115 -BN_add_word 116 -BN_hex2bn 117 -BN_bin2bn 118 -BN_bn2hex 119 -BN_bn2bin 120 -BN_clear 121 -BN_clear_bit 122 -BN_clear_free 123 -BN_cmp 124 -BN_copy 125 -BN_div 126 -BN_div_word 127 -BN_dup 128 -BN_free 129 -BN_from_montgomery 130 -BN_gcd 131 -BN_generate_prime 132 -BN_get_word 133 -BN_is_bit_set 134 -BN_is_prime 135 -BN_lshift 136 -BN_lshift1 137 -BN_mask_bits 138 -BN_mod 139 -BN_mod_exp 140 -BN_mod_exp_mont 141 -BN_mod_exp_recp 142 -BN_mod_exp_simple 143 -BN_mod_inverse 144 -BN_mod_mul 145 -BN_mod_mul_montgomery 146 -BN_mod_mul_reciprocal 147 -BN_mod_word 148 -BN_mul 149 -BN_new 150 -BN_num_bits 151 -BN_num_bits_word 152 -BN_options 153 -BN_print 154 -BN_print_fp 155 -BN_rand 156 -BN_reciprocal 157 -BN_rshift 158 -BN_rshift1 159 -BN_set_bit 160 -BN_set_word 161 -BN_sqr 162 -BN_sub 163 -BN_to_ASN1_INTEGER 164 -BN_ucmp 165 -BN_value_one 166 -BUF_MEM_free 167 -BUF_MEM_grow 168 -BUF_MEM_new 169 -BUF_strdup 170 -CONF_free 171 -CONF_get_number 172 -CONF_get_section 173 -CONF_get_string 174 -CONF_load 175 -CRYPTO_add_lock 176 -CRYPTO_dbg_free 177 -CRYPTO_dbg_malloc 178 -CRYPTO_dbg_realloc 179 -CRYPTO_dbg_remalloc 180 -CRYPTO_free 181 -CRYPTO_get_add_lock_callback 182 -CRYPTO_get_id_callback 183 -CRYPTO_get_lock_name 184 -CRYPTO_get_locking_callback 185 -CRYPTO_get_mem_functions 186 -CRYPTO_lock 187 -CRYPTO_malloc 188 -CRYPTO_mem_ctrl 189 -CRYPTO_mem_leaks 190 -CRYPTO_mem_leaks_cb 191 -CRYPTO_mem_leaks_fp 192 -CRYPTO_realloc 193 -CRYPTO_remalloc 194 -CRYPTO_set_add_lock_callback 195 -CRYPTO_set_id_callback 196 -CRYPTO_set_locking_callback 197 -CRYPTO_set_mem_functions 198 -CRYPTO_thread_id 199 -DH_check 200 -DH_compute_key 201 -DH_free 202 -DH_generate_key 203 -DH_generate_parameters 204 -DH_new 205 -DH_size 206 -DHparams_print 207 -DHparams_print_fp 208 -DSA_free 209 -DSA_generate_key 210 -DSA_generate_parameters 211 -DSA_is_prime 212 -DSA_new 213 -DSA_print 214 -DSA_print_fp 215 -DSA_sign 216 -DSA_sign_setup 217 -DSA_size 218 -DSA_verify 219 -DSAparams_print 220 -DSAparams_print_fp 221 -ERR_clear_error 222 -ERR_error_string 223 -ERR_free_strings 224 -ERR_func_error_string 225 -ERR_get_err_state_table 226 -ERR_get_error 227 -ERR_get_error_line 228 -ERR_get_state 229 -ERR_get_string_table 230 -ERR_lib_error_string 231 -ERR_load_ASN1_strings 232 -ERR_load_BIO_strings 233 -ERR_load_BN_strings 234 -ERR_load_BUF_strings 235 -ERR_load_CONF_strings 236 -ERR_load_DH_strings 237 -ERR_load_DSA_strings 238 -ERR_load_ERR_strings 239 -ERR_load_EVP_strings 240 -ERR_load_OBJ_strings 241 -ERR_load_PEM_strings 242 -ERR_load_PROXY_strings 243 -ERR_load_RSA_strings 244 -ERR_load_X509_strings 245 -ERR_load_crypto_strings 246 -ERR_load_strings 247 -ERR_peek_error 248 -ERR_peek_error_line 249 -ERR_print_errors 250 -ERR_print_errors_fp 251 -ERR_put_error 252 -ERR_reason_error_string 253 -ERR_remove_state 254 -EVP_BytesToKey 255 -EVP_CIPHER_CTX_cleanup 256 -EVP_CipherFinal 257 -EVP_CipherInit 258 -EVP_CipherUpdate 259 -EVP_DecodeBlock 260 -EVP_DecodeFinal 261 -EVP_DecodeInit 262 -EVP_DecodeUpdate 263 -EVP_DecryptFinal 264 -EVP_DecryptInit 265 -EVP_DecryptUpdate 266 -EVP_DigestFinal 267 -EVP_DigestInit 268 -EVP_DigestUpdate 269 -EVP_EncodeBlock 270 -EVP_EncodeFinal 271 -EVP_EncodeInit 272 -EVP_EncodeUpdate 273 -EVP_EncryptFinal 274 -EVP_EncryptInit 275 -EVP_EncryptUpdate 276 -EVP_OpenFinal 277 -EVP_OpenInit 278 -EVP_PKEY_assign 279 -EVP_PKEY_copy_parameters 280 -EVP_PKEY_free 281 -EVP_PKEY_missing_parameters 282 -EVP_PKEY_new 283 -EVP_PKEY_save_parameters 284 -EVP_PKEY_size 285 -EVP_PKEY_type 286 -EVP_SealFinal 287 -EVP_SealInit 288 -EVP_SignFinal 289 -EVP_VerifyFinal 290 -EVP_add_alias 291 -EVP_add_cipher 292 -EVP_add_digest 293 -EVP_bf_cbc 294 -EVP_bf_cfb 295 -EVP_bf_ecb 296 -EVP_bf_ofb 297 -EVP_cleanup 298 -EVP_des_cbc 299 -EVP_des_cfb 300 -EVP_des_ecb 301 -EVP_des_ede 302 -EVP_des_ede3 303 -EVP_des_ede3_cbc 304 -EVP_des_ede3_cfb 305 -EVP_des_ede3_ofb 306 -EVP_des_ede_cbc 307 -EVP_des_ede_cfb 308 -EVP_des_ede_ofb 309 -EVP_des_ofb 310 -EVP_desx_cbc 311 -EVP_dss 312 -EVP_dss1 313 -EVP_enc_null 314 -EVP_get_cipherbyname 315 -EVP_get_digestbyname 316 -EVP_get_pw_prompt 317 -EVP_idea_cbc 318 -EVP_idea_cfb 319 -EVP_idea_ecb 320 -EVP_idea_ofb 321 -EVP_md2 322 -EVP_md5 323 -EVP_md_null 324 -EVP_rc2_cbc 325 -EVP_rc2_cfb 326 -EVP_rc2_ecb 327 -EVP_rc2_ofb 328 -EVP_rc4 329 -EVP_read_pw_string 330 -EVP_set_pw_prompt 331 -EVP_sha 332 -EVP_sha1 333 -MD2 334 -MD2_Final 335 -MD2_Init 336 -MD2_Update 337 -MD2_options 338 -MD5 339 -MD5_Final 340 -MD5_Init 341 -MD5_Update 342 -MDC2 343 -MDC2_Final 344 -MDC2_Init 345 -MDC2_Update 346 -NETSCAPE_SPKAC_free 347 -NETSCAPE_SPKAC_new 348 -NETSCAPE_SPKI_free 349 -NETSCAPE_SPKI_new 350 -NETSCAPE_SPKI_sign 351 -NETSCAPE_SPKI_verify 352 -OBJ_add_object 353 -OBJ_bsearch 354 -OBJ_cleanup 355 -OBJ_cmp 356 -OBJ_create 357 -OBJ_dup 358 -OBJ_ln2nid 359 -OBJ_new_nid 360 -OBJ_nid2ln 361 -OBJ_nid2obj 362 -OBJ_nid2sn 363 -OBJ_obj2nid 364 -OBJ_sn2nid 365 -OBJ_txt2nid 366 -PEM_ASN1_read 367 -PEM_ASN1_read_bio 368 -PEM_ASN1_write 369 -PEM_ASN1_write_bio 370 -PEM_SealFinal 371 -PEM_SealInit 372 -PEM_SealUpdate 373 -PEM_SignFinal 374 -PEM_SignInit 375 -PEM_SignUpdate 376 -PEM_X509_INFO_read 377 -PEM_X509_INFO_read_bio 378 -PEM_X509_INFO_write_bio 379 -PEM_dek_info 380 -PEM_do_header 381 -PEM_get_EVP_CIPHER_INFO 382 -PEM_proc_type 383 -PEM_read 384 -PEM_read_DHparams 385 -PEM_read_DSAPrivateKey 386 -PEM_read_DSAparams 387 -PEM_read_PKCS7 388 -PEM_read_PrivateKey 389 -PEM_read_RSAPrivateKey 390 -PEM_read_X509 391 -PEM_read_X509_CRL 392 -PEM_read_X509_REQ 393 -PEM_read_bio 394 -PEM_read_bio_DHparams 395 -PEM_read_bio_DSAPrivateKey 396 -PEM_read_bio_DSAparams 397 -PEM_read_bio_PKCS7 398 -PEM_read_bio_PrivateKey 399 -PEM_read_bio_RSAPrivateKey 400 -PEM_read_bio_X509 401 -PEM_read_bio_X509_CRL 402 -PEM_read_bio_X509_REQ 403 -PEM_write 404 -PEM_write_DHparams 405 -PEM_write_DSAPrivateKey 406 -PEM_write_DSAparams 407 -PEM_write_PKCS7 408 -PEM_write_PrivateKey 409 -PEM_write_RSAPrivateKey 410 -PEM_write_X509 411 -PEM_write_X509_CRL 412 -PEM_write_X509_REQ 413 -PEM_write_bio 414 -PEM_write_bio_DHparams 415 -PEM_write_bio_DSAPrivateKey 416 -PEM_write_bio_DSAparams 417 -PEM_write_bio_PKCS7 418 -PEM_write_bio_PrivateKey 419 -PEM_write_bio_RSAPrivateKey 420 -PEM_write_bio_X509 421 -PEM_write_bio_X509_CRL 422 -PEM_write_bio_X509_REQ 423 -PKCS7_DIGEST_free 424 -PKCS7_DIGEST_new 425 -PKCS7_ENCRYPT_free 426 -PKCS7_ENCRYPT_new 427 -PKCS7_ENC_CONTENT_free 428 -PKCS7_ENC_CONTENT_new 429 -PKCS7_ENVELOPE_free 430 -PKCS7_ENVELOPE_new 431 -PKCS7_ISSUER_AND_SERIAL_digest 432 -PKCS7_ISSUER_AND_SERIAL_free 433 -PKCS7_ISSUER_AND_SERIAL_new 434 -PKCS7_RECIP_INFO_free 435 -PKCS7_RECIP_INFO_new 436 -PKCS7_SIGNED_free 437 -PKCS7_SIGNED_new 438 -PKCS7_SIGNER_INFO_free 439 -PKCS7_SIGNER_INFO_new 440 -PKCS7_SIGN_ENVELOPE_free 441 -PKCS7_SIGN_ENVELOPE_new 442 -PKCS7_dup 443 -PKCS7_free 444 -PKCS7_new 445 -PROXY_ENTRY_add_noproxy 446 -PROXY_ENTRY_clear_noproxy 447 -PROXY_ENTRY_free 448 -PROXY_ENTRY_get_noproxy 449 -PROXY_ENTRY_new 450 -PROXY_ENTRY_set_server 451 -PROXY_add_noproxy 452 -PROXY_add_server 453 -PROXY_check_by_host 454 -PROXY_check_url 455 -PROXY_clear_noproxy 456 -PROXY_free 457 -PROXY_get_noproxy 458 -PROXY_get_proxies 459 -PROXY_get_proxy_entry 460 -PROXY_load_conf 461 -PROXY_new 462 -PROXY_print 463 -RAND_bytes 464 -RAND_cleanup 465 -RAND_file_name 466 -RAND_load_file 467 -RAND_screen 468 -RAND_seed 469 -RAND_write_file 470 -RC2_cbc_encrypt 471 -RC2_cfb64_encrypt 472 -RC2_ecb_encrypt 473 -RC2_encrypt 474 -RC2_ofb64_encrypt 475 -RC2_set_key 476 -RC4 477 -RC4_options 478 -RC4_set_key 479 -RSAPrivateKey_asn1_meth 480 -RSAPrivateKey_dup 481 -RSAPublicKey_dup 482 -RSA_PKCS1_SSLeay 483 -RSA_free 484 -RSA_generate_key 485 -RSA_new 486 -RSA_new_method 487 -RSA_print 488 -RSA_print_fp 489 -RSA_private_decrypt 490 -RSA_private_encrypt 491 -RSA_public_decrypt 492 -RSA_public_encrypt 493 -RSA_set_default_method 494 -RSA_sign 495 -RSA_sign_ASN1_OCTET_STRING 496 -RSA_size 497 -RSA_verify 498 -RSA_verify_ASN1_OCTET_STRING 499 -SHA 500 -SHA1 501 -SHA1_Final 502 -SHA1_Init 503 -SHA1_Update 504 -SHA_Final 505 -SHA_Init 506 -SHA_Update 507 -SSLeay_add_all_algorithms 508 -SSLeay_add_all_ciphers 509 -SSLeay_add_all_digests 510 -TXT_DB_create_index 511 -TXT_DB_free 512 -TXT_DB_get_by_index 513 -TXT_DB_insert 514 -TXT_DB_read 515 -TXT_DB_write 516 -X509_ALGOR_free 517 -X509_ALGOR_new 518 -X509_ATTRIBUTE_free 519 -X509_ATTRIBUTE_new 520 -X509_CINF_free 521 -X509_CINF_new 522 -X509_CRL_INFO_free 523 -X509_CRL_INFO_new 524 -X509_CRL_add_ext 525 -X509_CRL_cmp 526 -X509_CRL_delete_ext 527 -X509_CRL_dup 528 -X509_CRL_free 529 -X509_CRL_get_ext 530 -X509_CRL_get_ext_by_NID 531 -X509_CRL_get_ext_by_OBJ 532 -X509_CRL_get_ext_by_critical 533 -X509_CRL_get_ext_count 534 -X509_CRL_new 535 -X509_CRL_sign 536 -X509_CRL_verify 537 -X509_EXTENSION_create_by_NID 538 -X509_EXTENSION_create_by_OBJ 539 -X509_EXTENSION_dup 540 -X509_EXTENSION_free 541 -X509_EXTENSION_get_critical 542 -X509_EXTENSION_get_data 543 -X509_EXTENSION_get_object 544 -X509_EXTENSION_new 545 -X509_EXTENSION_set_critical 546 -X509_EXTENSION_set_data 547 -X509_EXTENSION_set_object 548 -X509_INFO_free 549 -X509_INFO_new 550 -X509_LOOKUP_by_alias 551 -X509_LOOKUP_by_fingerprint 552 -X509_LOOKUP_by_issuer_serial 553 -X509_LOOKUP_by_subject 554 -X509_LOOKUP_ctrl 555 -X509_LOOKUP_file 556 -X509_LOOKUP_free 557 -X509_LOOKUP_hash_dir 558 -X509_LOOKUP_init 559 -X509_LOOKUP_new 560 -X509_LOOKUP_shutdown 561 -X509_NAME_ENTRY_create_by_NID 562 -X509_NAME_ENTRY_create_by_OBJ 563 -X509_NAME_ENTRY_dup 564 -X509_NAME_ENTRY_free 565 -X509_NAME_ENTRY_get_data 566 -X509_NAME_ENTRY_get_object 567 -X509_NAME_ENTRY_new 568 -X509_NAME_ENTRY_set_data 569 -X509_NAME_ENTRY_set_object 570 -X509_NAME_add_entry 571 -X509_NAME_cmp 572 -X509_NAME_delete_entry 573 -X509_NAME_digest 574 -X509_NAME_dup 575 -X509_NAME_entry_count 576 -X509_NAME_free 577 -X509_NAME_get_entry 578 -X509_NAME_get_index_by_NID 579 -X509_NAME_get_index_by_OBJ 580 -X509_NAME_get_text_by_NID 581 -X509_NAME_get_text_by_OBJ 582 -X509_NAME_hash 583 -X509_NAME_new 584 -X509_NAME_oneline 585 -X509_NAME_print 586 -X509_NAME_set 587 -X509_OBJECT_free_contents 588 -X509_OBJECT_retrive_by_subject 589 -X509_OBJECT_up_ref_count 590 -X509_PKEY_free 591 -X509_PKEY_new 592 -X509_PUBKEY_free 593 -X509_PUBKEY_get 594 -X509_PUBKEY_new 595 -X509_PUBKEY_set 596 -X509_REQ_INFO_free 597 -X509_REQ_INFO_new 598 -X509_REQ_dup 599 -X509_REQ_free 600 -X509_REQ_get_pubkey 601 -X509_REQ_new 602 -X509_REQ_print 603 -X509_REQ_print_fp 604 -X509_REQ_set_pubkey 605 -X509_REQ_set_subject_name 606 -X509_REQ_set_version 607 -X509_REQ_sign 608 -X509_REQ_to_X509 609 -X509_REQ_verify 610 -X509_REVOKED_add_ext 611 -X509_REVOKED_delete_ext 612 -X509_REVOKED_free 613 -X509_REVOKED_get_ext 614 -X509_REVOKED_get_ext_by_NID 615 -X509_REVOKED_get_ext_by_OBJ 616 -X509_REVOKED_get_ext_by_critical 617 -X509_REVOKED_get_ext_count 618 -X509_REVOKED_new 619 -X509_SIG_free 620 -X509_SIG_new 621 -X509_STORE_CTX_cleanup 622 -X509_STORE_CTX_init 623 -X509_STORE_add_cert 624 -X509_STORE_add_lookup 625 -X509_STORE_free 626 -X509_STORE_get_by_subject 627 -X509_STORE_load_locations 628 -X509_STORE_new 629 -X509_STORE_set_default_paths 630 -X509_VAL_free 631 -X509_VAL_new 632 -X509_add_ext 633 -X509_asn1_meth 634 -X509_certificate_type 635 -X509_check_private_key 636 -X509_cmp_current_time 637 -X509_delete_ext 638 -X509_digest 639 -X509_dup 640 -X509_free 641 -X509_get_default_cert_area 642 -X509_get_default_cert_dir 643 -X509_get_default_cert_dir_env 644 -X509_get_default_cert_file 645 -X509_get_default_cert_file_env 646 -X509_get_default_private_dir 647 -X509_get_ext 648 -X509_get_ext_by_NID 649 -X509_get_ext_by_OBJ 650 -X509_get_ext_by_critical 651 -X509_get_ext_count 652 -X509_get_issuer_name 653 -X509_get_pubkey 654 -X509_get_pubkey_parameters 655 -X509_get_serialNumber 656 -X509_get_subject_name 657 -X509_gmtime_adj 658 -X509_issuer_and_serial_cmp 659 -X509_issuer_and_serial_hash 660 -X509_issuer_name_cmp 661 -X509_issuer_name_hash 662 -X509_load_cert_file 663 -X509_new 664 -X509_print 665 -X509_print_fp 666 -X509_set_issuer_name 667 -X509_set_notAfter 668 -X509_set_notBefore 669 -X509_set_pubkey 670 -X509_set_serialNumber 671 -X509_set_subject_name 672 -X509_set_version 673 -X509_sign 674 -X509_subject_name_cmp 675 -X509_subject_name_hash 676 -X509_to_X509_REQ 677 -X509_verify 678 -X509_verify_cert 679 -X509_verify_cert_error_string 680 -X509v3_add_ext 681 -X509v3_add_extension 682 -X509v3_add_netscape_extensions 683 -X509v3_add_standard_extensions 684 -X509v3_cleanup_extensions 685 -X509v3_data_type_by_NID 686 -X509v3_data_type_by_OBJ 687 -X509v3_delete_ext 688 -X509v3_get_ext 689 -X509v3_get_ext_by_NID 690 -X509v3_get_ext_by_OBJ 691 -X509v3_get_ext_by_critical 692 -X509v3_get_ext_count 693 -X509v3_pack_string 694 -X509v3_pack_type_by_NID 695 -X509v3_pack_type_by_OBJ 696 -X509v3_unpack_string 697 -_des_crypt 698 -a2d_ASN1_OBJECT 699 -a2i_ASN1_INTEGER 700 -a2i_ASN1_STRING 701 -asn1_Finish 702 -asn1_GetSequence 703 -bn_div64 704 -bn_expand2 705 -bn_mul_add_words 706 -bn_mul_words 707 -bn_qadd 708 -bn_qsub 709 -bn_sqr_words 710 -crypt 711 -d2i_ASN1_BIT_STRING 712 -d2i_ASN1_BOOLEAN 713 -d2i_ASN1_HEADER 714 -d2i_ASN1_IA5STRING 715 -d2i_ASN1_INTEGER 716 -d2i_ASN1_OBJECT 717 -d2i_ASN1_OCTET_STRING 718 -d2i_ASN1_PRINTABLE 719 -d2i_ASN1_PRINTABLESTRING 720 -d2i_ASN1_SET 721 -d2i_ASN1_T61STRING 722 -d2i_ASN1_TYPE 723 -d2i_ASN1_UTCTIME 724 -d2i_ASN1_bytes 725 -d2i_ASN1_type_bytes 726 -d2i_DHparams 727 -d2i_DSAPrivateKey 728 -d2i_DSAPrivateKey_bio 729 -d2i_DSAPrivateKey_fp 730 -d2i_DSAPublicKey 731 -d2i_DSAparams 732 -d2i_NETSCAPE_SPKAC 733 -d2i_NETSCAPE_SPKI 734 -d2i_Netscape_RSA 735 -d2i_PKCS7 736 -d2i_PKCS7_DIGEST 737 -d2i_PKCS7_ENCRYPT 738 -d2i_PKCS7_ENC_CONTENT 739 -d2i_PKCS7_ENVELOPE 740 -d2i_PKCS7_ISSUER_AND_SERIAL 741 -d2i_PKCS7_RECIP_INFO 742 -d2i_PKCS7_SIGNED 743 -d2i_PKCS7_SIGNER_INFO 744 -d2i_PKCS7_SIGN_ENVELOPE 745 -d2i_PKCS7_bio 746 -d2i_PKCS7_fp 747 -d2i_PrivateKey 748 -d2i_PublicKey 749 -d2i_RSAPrivateKey 750 -d2i_RSAPrivateKey_bio 751 -d2i_RSAPrivateKey_fp 752 -d2i_RSAPublicKey 753 -d2i_X509 754 -d2i_X509_ALGOR 755 -d2i_X509_ATTRIBUTE 756 -d2i_X509_CINF 757 -d2i_X509_CRL 758 -d2i_X509_CRL_INFO 759 -d2i_X509_CRL_bio 760 -d2i_X509_CRL_fp 761 -d2i_X509_EXTENSION 762 -d2i_X509_NAME 763 -d2i_X509_NAME_ENTRY 764 -d2i_X509_PKEY 765 -d2i_X509_PUBKEY 766 -d2i_X509_REQ 767 -d2i_X509_REQ_INFO 768 -d2i_X509_REQ_bio 769 -d2i_X509_REQ_fp 770 -d2i_X509_REVOKED 771 -d2i_X509_SIG 772 -d2i_X509_VAL 773 -d2i_X509_bio 774 -d2i_X509_fp 775 -des_cbc_cksum 777 -des_cbc_encrypt 778 -des_cblock_print_file 779 -des_cfb64_encrypt 780 -des_cfb_encrypt 781 -des_decrypt3 782 -des_ecb3_encrypt 783 -des_ecb_encrypt 784 -des_ede3_cbc_encrypt 785 -des_ede3_cfb64_encrypt 786 -des_ede3_ofb64_encrypt 787 -des_enc_read 788 -des_enc_write 789 -des_encrypt 790 -des_encrypt2 791 -des_encrypt3 792 -des_fcrypt 793 -des_is_weak_key 794 -des_key_sched 795 -des_ncbc_encrypt 796 -des_ofb64_encrypt 797 -des_ofb_encrypt 798 -des_options 799 -des_pcbc_encrypt 800 -des_quad_cksum 801 -des_random_key 802 -des_random_seed 803 -des_read_2passwords 804 -des_read_password 805 -des_read_pw 806 -des_read_pw_string 807 -des_set_key 808 -des_set_odd_parity 809 -des_string_to_2keys 810 -des_string_to_key 811 -des_xcbc_encrypt 812 -des_xwhite_in2out 813 -fcrypt_body 814 -i2a_ASN1_INTEGER 815 -i2a_ASN1_OBJECT 816 -i2a_ASN1_STRING 817 -i2d_ASN1_BIT_STRING 818 -i2d_ASN1_BOOLEAN 819 -i2d_ASN1_HEADER 820 -i2d_ASN1_IA5STRING 821 -i2d_ASN1_INTEGER 822 -i2d_ASN1_OBJECT 823 -i2d_ASN1_OCTET_STRING 824 -i2d_ASN1_PRINTABLE 825 -i2d_ASN1_SET 826 -i2d_ASN1_TYPE 827 -i2d_ASN1_UTCTIME 828 -i2d_ASN1_bytes 829 -i2d_DHparams 830 -i2d_DSAPrivateKey 831 -i2d_DSAPrivateKey_bio 832 -i2d_DSAPrivateKey_fp 833 -i2d_DSAPublicKey 834 -i2d_DSAparams 835 -i2d_NETSCAPE_SPKAC 836 -i2d_NETSCAPE_SPKI 837 -i2d_Netscape_RSA 838 -i2d_PKCS7 839 -i2d_PKCS7_DIGEST 840 -i2d_PKCS7_ENCRYPT 841 -i2d_PKCS7_ENC_CONTENT 842 -i2d_PKCS7_ENVELOPE 843 -i2d_PKCS7_ISSUER_AND_SERIAL 844 -i2d_PKCS7_RECIP_INFO 845 -i2d_PKCS7_SIGNED 846 -i2d_PKCS7_SIGNER_INFO 847 -i2d_PKCS7_SIGN_ENVELOPE 848 -i2d_PKCS7_bio 849 -i2d_PKCS7_fp 850 -i2d_PrivateKey 851 -i2d_PublicKey 852 -i2d_RSAPrivateKey 853 -i2d_RSAPrivateKey_bio 854 -i2d_RSAPrivateKey_fp 855 -i2d_RSAPublicKey 856 -i2d_X509 857 -i2d_X509_ALGOR 858 -i2d_X509_ATTRIBUTE 859 -i2d_X509_CINF 860 -i2d_X509_CRL 861 -i2d_X509_CRL_INFO 862 -i2d_X509_CRL_bio 863 -i2d_X509_CRL_fp 864 -i2d_X509_EXTENSION 865 -i2d_X509_NAME 866 -i2d_X509_NAME_ENTRY 867 -i2d_X509_PKEY 868 -i2d_X509_PUBKEY 869 -i2d_X509_REQ 870 -i2d_X509_REQ_INFO 871 -i2d_X509_REQ_bio 872 -i2d_X509_REQ_fp 873 -i2d_X509_REVOKED 874 -i2d_X509_SIG 875 -i2d_X509_VAL 876 -i2d_X509_bio 877 -i2d_X509_fp 878 -idea_cbc_encrypt 879 -idea_cfb64_encrypt 880 -idea_ecb_encrypt 881 -idea_encrypt 882 -idea_ofb64_encrypt 883 -idea_options 884 -idea_set_decrypt_key 885 -idea_set_encrypt_key 886 -lh_delete 887 -lh_doall 888 -lh_doall_arg 889 -lh_free 890 -lh_insert 891 -lh_new 892 -lh_node_stats 893 -lh_node_stats_bio 894 -lh_node_usage_stats 895 -lh_node_usage_stats_bio 896 -lh_retrieve 897 -lh_stats 898 -lh_stats_bio 899 -lh_strhash 900 -sk_delete 901 -sk_delete_ptr 902 -sk_dup 903 -sk_find 904 -sk_free 905 -sk_insert 906 -sk_new 907 -sk_pop 908 -sk_pop_free 909 -sk_push 910 -sk_set_cmp_func 911 -sk_shift 912 -sk_unshift 913 -sk_zero 914 -BIO_f_nbio_test 915 -ASN1_TYPE_get 916 -ASN1_TYPE_set 917 -PKCS7_content_free 918 -ERR_load_PKCS7_strings 919 -X509_find_by_issuer_and_serial 920 -X509_find_by_subject 921 -PKCS7_ctrl 927 -PKCS7_set_type 928 -PKCS7_set_content 929 -PKCS7_SIGNER_INFO_set 930 -PKCS7_add_signer 931 -PKCS7_add_certificate 932 -PKCS7_add_crl 933 -PKCS7_content_new 934 -PKCS7_dataSign 935 -PKCS7_dataVerify 936 -PKCS7_dataInit 937 -PKCS7_add_signature 938 -PKCS7_cert_from_signer_info 939 -PKCS7_get_signer_info 940 -EVP_delete_alias 941 -EVP_mdc2 942 -PEM_read_bio_RSAPublicKey 943 -PEM_write_bio_RSAPublicKey 944 -d2i_RSAPublicKey_bio 945 -i2d_RSAPublicKey_bio 946 -PEM_read_RSAPublicKey 947 -PEM_write_RSAPublicKey 949 -d2i_RSAPublicKey_fp 952 -i2d_RSAPublicKey_fp 954 -BIO_copy_next_retry 955 -RSA_flags 956 -X509_STORE_add_crl 957 -X509_load_crl_file 958 -EVP_rc2_40_cbc 959 -EVP_rc4_40 960 -EVP_CIPHER_CTX_init 961 -HMAC 962 -HMAC_Init 963 -HMAC_Update 964 -HMAC_Final 965 -ERR_get_next_error_library 966 -EVP_PKEY_cmp_parameters 967 -HMAC_cleanup 968 -BIO_ptr_ctrl 969 -BIO_new_file_internal 970 -BIO_new_fp_internal 971 -BIO_s_file_internal 972 -BN_BLINDING_convert 973 -BN_BLINDING_invert 974 -BN_BLINDING_update 975 -RSA_blinding_on 977 -RSA_blinding_off 978 -i2t_ASN1_OBJECT 979 -BN_BLINDING_new 980 -BN_BLINDING_free 981 -EVP_cast5_cbc 983 -EVP_cast5_cfb 984 -EVP_cast5_ecb 985 -EVP_cast5_ofb 986 -BF_decrypt 987 -CAST_set_key 988 -CAST_encrypt 989 -CAST_decrypt 990 -CAST_ecb_encrypt 991 -CAST_cbc_encrypt 992 -CAST_cfb64_encrypt 993 -CAST_ofb64_encrypt 994 -RC2_decrypt 995 -OBJ_create_objects 997 -BN_exp 998 -BN_mul_word 999 -BN_sub_word 1000 -BN_dec2bn 1001 -BN_bn2dec 1002 -BIO_ghbn_ctrl 1003 -CRYPTO_free_ex_data 1004 -CRYPTO_get_ex_data 1005 -CRYPTO_set_ex_data 1007 -ERR_load_CRYPTO_strings 1009 -ERR_load_CRYPTOlib_strings 1009 -EVP_PKEY_bits 1010 -MD5_Transform 1011 -SHA1_Transform 1012 -SHA_Transform 1013 -X509_STORE_CTX_get_chain 1014 -X509_STORE_CTX_get_current_cert 1015 -X509_STORE_CTX_get_error 1016 -X509_STORE_CTX_get_error_depth 1017 -X509_STORE_CTX_get_ex_data 1018 -X509_STORE_CTX_set_cert 1020 -X509_STORE_CTX_set_chain 1021 -X509_STORE_CTX_set_error 1022 -X509_STORE_CTX_set_ex_data 1023 -CRYPTO_dup_ex_data 1025 -CRYPTO_get_new_lockid 1026 -CRYPTO_new_ex_data 1027 -RSA_set_ex_data 1028 -RSA_get_ex_data 1029 -RSA_get_ex_new_index 1030 -RSA_padding_add_PKCS1_type_1 1031 -RSA_padding_add_PKCS1_type_2 1032 -RSA_padding_add_SSLv23 1033 -RSA_padding_add_none 1034 -RSA_padding_check_PKCS1_type_1 1035 -RSA_padding_check_PKCS1_type_2 1036 -RSA_padding_check_SSLv23 1037 -RSA_padding_check_none 1038 -bn_add_words 1039 -d2i_Netscape_RSA_2 1040 -CRYPTO_get_ex_new_index 1041 -RIPEMD160_Init 1042 -RIPEMD160_Update 1043 -RIPEMD160_Final 1044 -RIPEMD160 1045 -RIPEMD160_Transform 1046 -RC5_32_set_key 1047 -RC5_32_ecb_encrypt 1048 -RC5_32_encrypt 1049 -RC5_32_decrypt 1050 -RC5_32_cbc_encrypt 1051 -RC5_32_cfb64_encrypt 1052 -RC5_32_ofb64_encrypt 1053 -BN_bn2mpi 1058 -BN_mpi2bn 1059 -ASN1_BIT_STRING_get_bit 1060 -ASN1_BIT_STRING_set_bit 1061 -BIO_get_ex_data 1062 -BIO_get_ex_new_index 1063 -BIO_set_ex_data 1064 -X509_STORE_CTX_get_ex_new_index 1065 -X509v3_get_key_usage 1066 -X509v3_set_key_usage 1067 -a2i_X509v3_key_usage 1068 -i2a_X509v3_key_usage 1069 -EVP_PKEY_decrypt 1070 -EVP_PKEY_encrypt 1071 -PKCS7_RECIP_INFO_set 1072 -PKCS7_add_recipient 1073 -PKCS7_add_recipient_info 1074 -PKCS7_set_cipher 1075 -ASN1_TYPE_get_int_octetstring 1076 -ASN1_TYPE_get_octetstring 1077 -ASN1_TYPE_set_int_octetstring 1078 -ASN1_TYPE_set_octetstring 1079 -ASN1_UTCTIME_set_string 1080 -ERR_add_error_data 1081 -ERR_set_error_data 1082 -EVP_CIPHER_asn1_to_param 1083 -EVP_CIPHER_param_to_asn1 1084 -EVP_CIPHER_get_asn1_iv 1085 -EVP_CIPHER_set_asn1_iv 1086 -EVP_rc5_32_12_16_cbc 1087 -EVP_rc5_32_12_16_cfb 1088 -EVP_rc5_32_12_16_ecb 1089 -EVP_rc5_32_12_16_ofb 1090 -asn1_add_error 1091 +SSLeay 1 EXIST::FUNCTION: +SSLeay_version 2 EXIST::FUNCTION: +ASN1_BIT_STRING_asn1_meth 3 EXIST::FUNCTION: +ASN1_HEADER_free 4 EXIST::FUNCTION: +ASN1_HEADER_new 5 EXIST::FUNCTION: +ASN1_IA5STRING_asn1_meth 6 EXIST::FUNCTION: +ASN1_INTEGER_get 7 EXIST::FUNCTION: +ASN1_INTEGER_set 8 EXIST::FUNCTION: +ASN1_INTEGER_to_BN 9 EXIST::FUNCTION: +ASN1_OBJECT_create 10 EXIST::FUNCTION: +ASN1_OBJECT_free 11 EXIST::FUNCTION: +ASN1_OBJECT_new 12 EXIST::FUNCTION: +ASN1_PRINTABLE_type 13 EXIST::FUNCTION: +ASN1_STRING_cmp 14 EXIST::FUNCTION: +ASN1_STRING_dup 15 EXIST::FUNCTION: +ASN1_STRING_free 16 EXIST::FUNCTION: +ASN1_STRING_new 17 EXIST::FUNCTION: +ASN1_STRING_print 18 EXIST::FUNCTION:BIO +ASN1_STRING_set 19 EXIST::FUNCTION: +ASN1_STRING_type_new 20 EXIST::FUNCTION: +ASN1_TYPE_free 21 EXIST::FUNCTION: +ASN1_TYPE_new 22 EXIST::FUNCTION: +ASN1_UNIVERSALSTRING_to_string 23 EXIST::FUNCTION: +ASN1_UTCTIME_check 24 EXIST::FUNCTION: +ASN1_UTCTIME_print 25 EXIST::FUNCTION:BIO +ASN1_UTCTIME_set 26 EXIST::FUNCTION: +ASN1_check_infinite_end 27 EXIST::FUNCTION: +ASN1_d2i_bio 28 EXIST::FUNCTION:BIO +ASN1_d2i_fp 29 EXIST::FUNCTION:FP_API +ASN1_digest 30 EXIST::FUNCTION:EVP +ASN1_dup 31 EXIST::FUNCTION: +ASN1_get_object 32 EXIST::FUNCTION: +ASN1_i2d_bio 33 EXIST::FUNCTION:BIO +ASN1_i2d_fp 34 EXIST::FUNCTION:FP_API +ASN1_object_size 35 EXIST::FUNCTION: +ASN1_parse 36 EXIST::FUNCTION:BIO +ASN1_put_object 37 EXIST::FUNCTION: +ASN1_sign 38 EXIST::FUNCTION:EVP +ASN1_verify 39 EXIST::FUNCTION:EVP +BF_cbc_encrypt 40 EXIST::FUNCTION:BF +BF_cfb64_encrypt 41 EXIST::FUNCTION:BF +BF_ecb_encrypt 42 EXIST::FUNCTION:BF +BF_encrypt 43 EXIST::FUNCTION:BF +BF_ofb64_encrypt 44 EXIST::FUNCTION:BF +BF_options 45 EXIST::FUNCTION:BF +BF_set_key 46 EXIST::FUNCTION:BF +BIO_CONNECT_free 47 NOEXIST::FUNCTION: +BIO_CONNECT_new 48 NOEXIST::FUNCTION: +BIO_accept 51 EXIST::FUNCTION: +BIO_ctrl 52 EXIST::FUNCTION: +BIO_int_ctrl 53 EXIST::FUNCTION: +BIO_debug_callback 54 EXIST::FUNCTION: +BIO_dump 55 EXIST::FUNCTION: +BIO_dup_chain 56 EXIST::FUNCTION: +BIO_f_base64 57 EXIST::FUNCTION:BIO +BIO_f_buffer 58 EXIST::FUNCTION: +BIO_f_cipher 59 EXIST::FUNCTION:BIO +BIO_f_md 60 EXIST::FUNCTION:BIO +BIO_f_null 61 EXIST::FUNCTION: +BIO_f_proxy_server 62 NOEXIST::FUNCTION: +BIO_fd_non_fatal_error 63 EXIST::FUNCTION: +BIO_fd_should_retry 64 EXIST::FUNCTION: +BIO_find_type 65 EXIST::FUNCTION: +BIO_free 66 EXIST::FUNCTION: +BIO_free_all 67 EXIST::FUNCTION: +BIO_get_accept_socket 69 EXIST::FUNCTION: +BIO_get_filter_bio 70 NOEXIST::FUNCTION: +BIO_get_host_ip 71 EXIST::FUNCTION: +BIO_get_port 72 EXIST::FUNCTION: +BIO_get_retry_BIO 73 EXIST::FUNCTION: +BIO_get_retry_reason 74 EXIST::FUNCTION: +BIO_gethostbyname 75 EXIST::FUNCTION: +BIO_gets 76 EXIST::FUNCTION: +BIO_new 78 EXIST::FUNCTION: +BIO_new_accept 79 EXIST::FUNCTION: +BIO_new_connect 80 EXIST::FUNCTION: +BIO_new_fd 81 EXIST::FUNCTION: +BIO_new_file 82 EXIST:!WIN16:FUNCTION:FP_API +BIO_new_fp 83 EXIST:!WIN16:FUNCTION:FP_API +BIO_new_socket 84 EXIST::FUNCTION: +BIO_pop 85 EXIST::FUNCTION: +BIO_printf 86 EXIST::FUNCTION: +BIO_push 87 EXIST::FUNCTION: +BIO_puts 88 EXIST::FUNCTION: +BIO_read 89 EXIST::FUNCTION: +BIO_s_accept 90 EXIST::FUNCTION: +BIO_s_connect 91 EXIST::FUNCTION: +BIO_s_fd 92 EXIST::FUNCTION: +BIO_s_file 93 EXIST:!WIN16:FUNCTION:FP_API +BIO_s_mem 95 EXIST::FUNCTION: +BIO_s_null 96 EXIST::FUNCTION: +BIO_s_proxy_client 97 NOEXIST::FUNCTION: +BIO_s_socket 98 EXIST::FUNCTION: +BIO_set 100 EXIST::FUNCTION: +BIO_set_cipher 101 EXIST::FUNCTION:BIO +BIO_set_tcp_ndelay 102 EXIST::FUNCTION: +BIO_sock_cleanup 103 EXIST::FUNCTION: +BIO_sock_error 104 EXIST::FUNCTION: +BIO_sock_init 105 EXIST::FUNCTION: +BIO_sock_non_fatal_error 106 EXIST::FUNCTION: +BIO_sock_should_retry 107 EXIST::FUNCTION: +BIO_socket_ioctl 108 EXIST::FUNCTION: +BIO_write 109 EXIST::FUNCTION: +BN_CTX_free 110 EXIST::FUNCTION: +BN_CTX_new 111 EXIST::FUNCTION: +BN_MONT_CTX_free 112 EXIST::FUNCTION: +BN_MONT_CTX_new 113 EXIST::FUNCTION: +BN_MONT_CTX_set 114 EXIST::FUNCTION: +BN_add 115 EXIST::FUNCTION: +BN_add_word 116 EXIST::FUNCTION: +BN_hex2bn 117 EXIST::FUNCTION: +BN_bin2bn 118 EXIST::FUNCTION: +BN_bn2hex 119 EXIST::FUNCTION: +BN_bn2bin 120 EXIST::FUNCTION: +BN_clear 121 EXIST::FUNCTION: +BN_clear_bit 122 EXIST::FUNCTION: +BN_clear_free 123 EXIST::FUNCTION: +BN_cmp 124 EXIST::FUNCTION: +BN_copy 125 EXIST::FUNCTION: +BN_div 126 EXIST::FUNCTION: +BN_div_word 127 EXIST::FUNCTION: +BN_dup 128 EXIST::FUNCTION: +BN_free 129 EXIST::FUNCTION: +BN_from_montgomery 130 EXIST::FUNCTION: +BN_gcd 131 EXIST::FUNCTION: +BN_generate_prime 132 EXIST::FUNCTION: +BN_get_word 133 EXIST::FUNCTION: +BN_is_bit_set 134 EXIST::FUNCTION: +BN_is_prime 135 EXIST::FUNCTION: +BN_lshift 136 EXIST::FUNCTION: +BN_lshift1 137 EXIST::FUNCTION: +BN_mask_bits 138 EXIST::FUNCTION: +BN_mod 139 NOEXIST::FUNCTION: +BN_mod_exp 140 EXIST::FUNCTION: +BN_mod_exp_mont 141 EXIST::FUNCTION: +BN_mod_exp_simple 143 EXIST::FUNCTION: +BN_mod_inverse 144 EXIST::FUNCTION: +BN_mod_mul 145 EXIST::FUNCTION: +BN_mod_mul_montgomery 146 EXIST::FUNCTION: +BN_mod_word 148 EXIST::FUNCTION: +BN_mul 149 EXIST::FUNCTION: +BN_new 150 EXIST::FUNCTION: +BN_num_bits 151 EXIST::FUNCTION: +BN_num_bits_word 152 EXIST::FUNCTION: +BN_options 153 EXIST::FUNCTION: +BN_print 154 EXIST::FUNCTION: +BN_print_fp 155 EXIST::FUNCTION:FP_API +BN_rand 156 EXIST::FUNCTION: +BN_reciprocal 157 EXIST::FUNCTION: +BN_rshift 158 EXIST::FUNCTION: +BN_rshift1 159 EXIST::FUNCTION: +BN_set_bit 160 EXIST::FUNCTION: +BN_set_word 161 EXIST::FUNCTION: +BN_sqr 162 EXIST::FUNCTION: +BN_sub 163 EXIST::FUNCTION: +BN_to_ASN1_INTEGER 164 EXIST::FUNCTION: +BN_ucmp 165 EXIST::FUNCTION: +BN_value_one 166 EXIST::FUNCTION: +BUF_MEM_free 167 EXIST::FUNCTION: +BUF_MEM_grow 168 EXIST::FUNCTION: +BUF_MEM_new 169 EXIST::FUNCTION: +BUF_strdup 170 EXIST::FUNCTION: +CONF_free 171 EXIST::FUNCTION: +CONF_get_number 172 EXIST::FUNCTION: +CONF_get_section 173 EXIST::FUNCTION: +CONF_get_string 174 EXIST::FUNCTION: +CONF_load 175 EXIST::FUNCTION: +CRYPTO_add_lock 176 EXIST::FUNCTION: +CRYPTO_dbg_free 177 EXIST::FUNCTION: +CRYPTO_dbg_malloc 178 EXIST::FUNCTION: +CRYPTO_dbg_realloc 179 EXIST::FUNCTION: +CRYPTO_dbg_remalloc 180 NOEXIST::FUNCTION: +CRYPTO_free 181 EXIST::FUNCTION: +CRYPTO_get_add_lock_callback 182 EXIST::FUNCTION: +CRYPTO_get_id_callback 183 EXIST::FUNCTION: +CRYPTO_get_lock_name 184 EXIST::FUNCTION: +CRYPTO_get_locking_callback 185 EXIST::FUNCTION: +CRYPTO_get_mem_functions 186 EXIST::FUNCTION: +CRYPTO_lock 187 EXIST::FUNCTION: +CRYPTO_malloc 188 EXIST::FUNCTION: +CRYPTO_mem_ctrl 189 EXIST::FUNCTION: +CRYPTO_mem_leaks 190 EXIST::FUNCTION: +CRYPTO_mem_leaks_cb 191 EXIST::FUNCTION: +CRYPTO_mem_leaks_fp 192 EXIST::FUNCTION:FP_API +CRYPTO_realloc 193 EXIST::FUNCTION: +CRYPTO_remalloc 194 EXIST::FUNCTION: +CRYPTO_set_add_lock_callback 195 EXIST::FUNCTION: +CRYPTO_set_id_callback 196 EXIST::FUNCTION: +CRYPTO_set_locking_callback 197 EXIST::FUNCTION: +CRYPTO_set_mem_functions 198 EXIST::FUNCTION: +CRYPTO_thread_id 199 EXIST::FUNCTION: +DH_check 200 EXIST::FUNCTION:DH +DH_compute_key 201 EXIST::FUNCTION:DH +DH_free 202 EXIST::FUNCTION:DH +DH_generate_key 203 EXIST::FUNCTION:DH +DH_generate_parameters 204 EXIST::FUNCTION:DH +DH_new 205 EXIST::FUNCTION:DH +DH_size 206 EXIST::FUNCTION:DH +DHparams_print 207 EXIST::FUNCTION:BIO,DH +DHparams_print_fp 208 EXIST::FUNCTION:DH,FP_API +DSA_free 209 EXIST::FUNCTION:DSA +DSA_generate_key 210 EXIST::FUNCTION:DSA +DSA_generate_parameters 211 EXIST::FUNCTION:DSA +DSA_is_prime 212 NOEXIST::FUNCTION: +DSA_new 213 EXIST::FUNCTION:DSA +DSA_print 214 EXIST::FUNCTION:BIO,DSA +DSA_print_fp 215 EXIST::FUNCTION:DSA,FP_API +DSA_sign 216 EXIST::FUNCTION:DSA +DSA_sign_setup 217 EXIST::FUNCTION:DSA +DSA_size 218 EXIST::FUNCTION:DSA +DSA_verify 219 EXIST::FUNCTION:DSA +DSAparams_print 220 EXIST::FUNCTION:BIO,DSA +DSAparams_print_fp 221 EXIST::FUNCTION:DSA,FP_API +ERR_clear_error 222 EXIST::FUNCTION: +ERR_error_string 223 EXIST::FUNCTION: +ERR_free_strings 224 EXIST::FUNCTION: +ERR_func_error_string 225 EXIST::FUNCTION: +ERR_get_err_state_table 226 EXIST::FUNCTION:LHASH +ERR_get_error 227 EXIST::FUNCTION: +ERR_get_error_line 228 EXIST::FUNCTION: +ERR_get_state 229 EXIST::FUNCTION: +ERR_get_string_table 230 EXIST::FUNCTION:LHASH +ERR_lib_error_string 231 EXIST::FUNCTION: +ERR_load_ASN1_strings 232 EXIST::FUNCTION: +ERR_load_BIO_strings 233 EXIST::FUNCTION: +ERR_load_BN_strings 234 EXIST::FUNCTION: +ERR_load_BUF_strings 235 EXIST::FUNCTION: +ERR_load_CONF_strings 236 EXIST::FUNCTION: +ERR_load_DH_strings 237 EXIST::FUNCTION:DH +ERR_load_DSA_strings 238 EXIST::FUNCTION:DSA +ERR_load_ERR_strings 239 EXIST::FUNCTION: +ERR_load_EVP_strings 240 EXIST::FUNCTION: +ERR_load_OBJ_strings 241 EXIST::FUNCTION: +ERR_load_PEM_strings 242 EXIST::FUNCTION: +ERR_load_PROXY_strings 243 NOEXIST::FUNCTION: +ERR_load_RSA_strings 244 EXIST::FUNCTION:RSA +ERR_load_X509_strings 245 EXIST::FUNCTION: +ERR_load_crypto_strings 246 EXIST::FUNCTION: +ERR_load_strings 247 EXIST::FUNCTION: +ERR_peek_error 248 EXIST::FUNCTION: +ERR_peek_error_line 249 EXIST::FUNCTION: +ERR_print_errors 250 EXIST::FUNCTION:BIO +ERR_print_errors_fp 251 EXIST::FUNCTION:FP_API +ERR_put_error 252 EXIST::FUNCTION: +ERR_reason_error_string 253 EXIST::FUNCTION: +ERR_remove_state 254 EXIST::FUNCTION: +EVP_BytesToKey 255 EXIST::FUNCTION: +EVP_CIPHER_CTX_cleanup 256 EXIST::FUNCTION: +EVP_CipherFinal 257 EXIST::FUNCTION: +EVP_CipherInit 258 EXIST::FUNCTION: +EVP_CipherUpdate 259 EXIST::FUNCTION: +EVP_DecodeBlock 260 EXIST::FUNCTION: +EVP_DecodeFinal 261 EXIST::FUNCTION: +EVP_DecodeInit 262 EXIST::FUNCTION: +EVP_DecodeUpdate 263 EXIST::FUNCTION: +EVP_DecryptFinal 264 EXIST::FUNCTION: +EVP_DecryptInit 265 EXIST::FUNCTION: +EVP_DecryptUpdate 266 EXIST::FUNCTION: +EVP_DigestFinal 267 EXIST::FUNCTION: +EVP_DigestInit 268 EXIST::FUNCTION: +EVP_DigestUpdate 269 EXIST::FUNCTION: +EVP_EncodeBlock 270 EXIST::FUNCTION: +EVP_EncodeFinal 271 EXIST::FUNCTION: +EVP_EncodeInit 272 EXIST::FUNCTION: +EVP_EncodeUpdate 273 EXIST::FUNCTION: +EVP_EncryptFinal 274 EXIST::FUNCTION: +EVP_EncryptInit 275 EXIST::FUNCTION: +EVP_EncryptUpdate 276 EXIST::FUNCTION: +EVP_OpenFinal 277 EXIST::FUNCTION:RSA +EVP_OpenInit 278 EXIST::FUNCTION:RSA +EVP_PKEY_assign 279 EXIST::FUNCTION: +EVP_PKEY_copy_parameters 280 EXIST::FUNCTION: +EVP_PKEY_free 281 EXIST::FUNCTION: +EVP_PKEY_missing_parameters 282 EXIST::FUNCTION: +EVP_PKEY_new 283 EXIST::FUNCTION: +EVP_PKEY_save_parameters 284 EXIST::FUNCTION: +EVP_PKEY_size 285 EXIST::FUNCTION: +EVP_PKEY_type 286 EXIST::FUNCTION: +EVP_SealFinal 287 EXIST::FUNCTION:RSA +EVP_SealInit 288 EXIST::FUNCTION:RSA +EVP_SignFinal 289 EXIST::FUNCTION: +EVP_VerifyFinal 290 EXIST::FUNCTION: +EVP_add_alias 291 NOEXIST::FUNCTION: +EVP_add_cipher 292 EXIST::FUNCTION: +EVP_add_digest 293 EXIST::FUNCTION: +EVP_bf_cbc 294 EXIST::FUNCTION:BF +EVP_bf_cfb 295 EXIST::FUNCTION:BF +EVP_bf_ecb 296 EXIST::FUNCTION:BF +EVP_bf_ofb 297 EXIST::FUNCTION:BF +EVP_cleanup 298 EXIST::FUNCTION: +EVP_des_cbc 299 EXIST::FUNCTION:DES +EVP_des_cfb 300 EXIST::FUNCTION:DES +EVP_des_ecb 301 EXIST::FUNCTION:DES +EVP_des_ede 302 EXIST::FUNCTION:DES +EVP_des_ede3 303 EXIST::FUNCTION:DES +EVP_des_ede3_cbc 304 EXIST::FUNCTION:DES +EVP_des_ede3_cfb 305 EXIST::FUNCTION:DES +EVP_des_ede3_ofb 306 EXIST::FUNCTION:DES +EVP_des_ede_cbc 307 EXIST::FUNCTION:DES +EVP_des_ede_cfb 308 EXIST::FUNCTION:DES +EVP_des_ede_ofb 309 EXIST::FUNCTION:DES +EVP_des_ofb 310 EXIST::FUNCTION:DES +EVP_desx_cbc 311 EXIST::FUNCTION:DES +EVP_dss 312 EXIST::FUNCTION:DSA,SHA +EVP_dss1 313 EXIST::FUNCTION:DSA,SHA +EVP_enc_null 314 EXIST::FUNCTION: +EVP_get_cipherbyname 315 EXIST::FUNCTION: +EVP_get_digestbyname 316 EXIST::FUNCTION: +EVP_get_pw_prompt 317 EXIST::FUNCTION: +EVP_idea_cbc 318 EXIST::FUNCTION:IDEA +EVP_idea_cfb 319 EXIST::FUNCTION:IDEA +EVP_idea_ecb 320 EXIST::FUNCTION:IDEA +EVP_idea_ofb 321 EXIST::FUNCTION:IDEA +EVP_md2 322 EXIST::FUNCTION:MD2 +EVP_md5 323 EXIST::FUNCTION:MD5 +EVP_md_null 324 EXIST::FUNCTION: +EVP_rc2_cbc 325 EXIST::FUNCTION:RC2 +EVP_rc2_cfb 326 EXIST::FUNCTION:RC2 +EVP_rc2_ecb 327 EXIST::FUNCTION:RC2 +EVP_rc2_ofb 328 EXIST::FUNCTION:RC2 +EVP_rc4 329 EXIST::FUNCTION:RC4 +EVP_read_pw_string 330 EXIST::FUNCTION: +EVP_set_pw_prompt 331 EXIST::FUNCTION: +EVP_sha 332 EXIST::FUNCTION:SHA +EVP_sha1 333 EXIST::FUNCTION:SHA +MD2 334 EXIST::FUNCTION:MD2 +MD2_Final 335 EXIST::FUNCTION:MD2 +MD2_Init 336 EXIST::FUNCTION:MD2 +MD2_Update 337 EXIST::FUNCTION:MD2 +MD2_options 338 EXIST::FUNCTION:MD2 +MD5 339 EXIST::FUNCTION:MD5 +MD5_Final 340 EXIST::FUNCTION:MD5 +MD5_Init 341 EXIST::FUNCTION:MD5 +MD5_Update 342 EXIST::FUNCTION:MD5 +MDC2 343 EXIST::FUNCTION:MDC2 +MDC2_Final 344 EXIST::FUNCTION:MDC2 +MDC2_Init 345 EXIST::FUNCTION:MDC2 +MDC2_Update 346 EXIST::FUNCTION:MDC2 +NETSCAPE_SPKAC_free 347 EXIST::FUNCTION: +NETSCAPE_SPKAC_new 348 EXIST::FUNCTION: +NETSCAPE_SPKI_free 349 EXIST::FUNCTION: +NETSCAPE_SPKI_new 350 EXIST::FUNCTION: +NETSCAPE_SPKI_sign 351 EXIST::FUNCTION:EVP +NETSCAPE_SPKI_verify 352 EXIST::FUNCTION:EVP +OBJ_add_object 353 EXIST::FUNCTION: +OBJ_bsearch 354 EXIST::FUNCTION: +OBJ_cleanup 355 EXIST::FUNCTION: +OBJ_cmp 356 EXIST::FUNCTION: +OBJ_create 357 EXIST::FUNCTION: +OBJ_dup 358 EXIST::FUNCTION: +OBJ_ln2nid 359 EXIST::FUNCTION: +OBJ_new_nid 360 EXIST::FUNCTION: +OBJ_nid2ln 361 EXIST::FUNCTION: +OBJ_nid2obj 362 EXIST::FUNCTION: +OBJ_nid2sn 363 EXIST::FUNCTION: +OBJ_obj2nid 364 EXIST::FUNCTION: +OBJ_sn2nid 365 EXIST::FUNCTION: +OBJ_txt2nid 366 EXIST::FUNCTION: +PEM_ASN1_read 367 EXIST:!WIN16:FUNCTION: +PEM_ASN1_read_bio 368 EXIST::FUNCTION:BIO +PEM_ASN1_write 369 EXIST:!WIN16:FUNCTION: +PEM_ASN1_write_bio 370 EXIST::FUNCTION:BIO +PEM_SealFinal 371 EXIST::FUNCTION:RSA +PEM_SealInit 372 EXIST::FUNCTION:RSA +PEM_SealUpdate 373 EXIST::FUNCTION:RSA +PEM_SignFinal 374 EXIST::FUNCTION: +PEM_SignInit 375 EXIST::FUNCTION: +PEM_SignUpdate 376 EXIST::FUNCTION: +PEM_X509_INFO_read 377 EXIST:!WIN16:FUNCTION: +PEM_X509_INFO_read_bio 378 EXIST::FUNCTION:BIO +PEM_X509_INFO_write_bio 379 EXIST::FUNCTION:BIO +PEM_dek_info 380 EXIST::FUNCTION: +PEM_do_header 381 EXIST::FUNCTION: +PEM_get_EVP_CIPHER_INFO 382 EXIST::FUNCTION: +PEM_proc_type 383 EXIST::FUNCTION: +PEM_read 384 EXIST:!WIN16:FUNCTION: +PEM_read_DHparams 385 EXIST:!WIN16:FUNCTION:DH +PEM_read_DSAPrivateKey 386 EXIST:!WIN16:FUNCTION:DSA +PEM_read_DSAparams 387 EXIST:!WIN16:FUNCTION:DSA +PEM_read_PKCS7 388 EXIST:!WIN16:FUNCTION: +PEM_read_PrivateKey 389 EXIST:!WIN16:FUNCTION: +PEM_read_RSAPrivateKey 390 EXIST:!WIN16:FUNCTION:RSA +PEM_read_X509 391 EXIST:!WIN16:FUNCTION: +PEM_read_X509_CRL 392 EXIST:!WIN16:FUNCTION: +PEM_read_X509_REQ 393 EXIST:!WIN16:FUNCTION: +PEM_read_bio 394 EXIST::FUNCTION:BIO +PEM_read_bio_DHparams 395 EXIST::FUNCTION:DH +PEM_read_bio_DSAPrivateKey 396 EXIST::FUNCTION:DSA +PEM_read_bio_DSAparams 397 EXIST::FUNCTION:DSA +PEM_read_bio_PKCS7 398 EXIST::FUNCTION: +PEM_read_bio_PrivateKey 399 EXIST::FUNCTION: +PEM_read_bio_RSAPrivateKey 400 EXIST::FUNCTION:RSA +PEM_read_bio_X509 401 EXIST::FUNCTION: +PEM_read_bio_X509_CRL 402 EXIST::FUNCTION: +PEM_read_bio_X509_REQ 403 EXIST::FUNCTION: +PEM_write 404 EXIST:!WIN16:FUNCTION: +PEM_write_DHparams 405 EXIST:!WIN16:FUNCTION:DH +PEM_write_DSAPrivateKey 406 EXIST:!WIN16:FUNCTION:DSA +PEM_write_DSAparams 407 EXIST:!WIN16:FUNCTION:DSA +PEM_write_PKCS7 408 EXIST:!WIN16:FUNCTION: +PEM_write_PrivateKey 409 EXIST:!WIN16:FUNCTION: +PEM_write_RSAPrivateKey 410 EXIST:!WIN16:FUNCTION:RSA +PEM_write_X509 411 EXIST:!WIN16:FUNCTION: +PEM_write_X509_CRL 412 EXIST:!WIN16:FUNCTION: +PEM_write_X509_REQ 413 EXIST:!WIN16:FUNCTION: +PEM_write_bio 414 EXIST::FUNCTION:BIO +PEM_write_bio_DHparams 415 EXIST::FUNCTION:DH +PEM_write_bio_DSAPrivateKey 416 EXIST::FUNCTION:DSA +PEM_write_bio_DSAparams 417 EXIST::FUNCTION:DSA +PEM_write_bio_PKCS7 418 EXIST::FUNCTION: +PEM_write_bio_PrivateKey 419 EXIST::FUNCTION: +PEM_write_bio_RSAPrivateKey 420 EXIST::FUNCTION:RSA +PEM_write_bio_X509 421 EXIST::FUNCTION: +PEM_write_bio_X509_CRL 422 EXIST::FUNCTION: +PEM_write_bio_X509_REQ 423 EXIST::FUNCTION: +PKCS7_DIGEST_free 424 EXIST::FUNCTION: +PKCS7_DIGEST_new 425 EXIST::FUNCTION: +PKCS7_ENCRYPT_free 426 EXIST::FUNCTION: +PKCS7_ENCRYPT_new 427 EXIST::FUNCTION: +PKCS7_ENC_CONTENT_free 428 EXIST::FUNCTION: +PKCS7_ENC_CONTENT_new 429 EXIST::FUNCTION: +PKCS7_ENVELOPE_free 430 EXIST::FUNCTION: +PKCS7_ENVELOPE_new 431 EXIST::FUNCTION: +PKCS7_ISSUER_AND_SERIAL_digest 432 EXIST::FUNCTION: +PKCS7_ISSUER_AND_SERIAL_free 433 EXIST::FUNCTION: +PKCS7_ISSUER_AND_SERIAL_new 434 EXIST::FUNCTION: +PKCS7_RECIP_INFO_free 435 EXIST::FUNCTION: +PKCS7_RECIP_INFO_new 436 EXIST::FUNCTION: +PKCS7_SIGNED_free 437 EXIST::FUNCTION: +PKCS7_SIGNED_new 438 EXIST::FUNCTION: +PKCS7_SIGNER_INFO_free 439 EXIST::FUNCTION: +PKCS7_SIGNER_INFO_new 440 EXIST::FUNCTION: +PKCS7_SIGN_ENVELOPE_free 441 EXIST::FUNCTION: +PKCS7_SIGN_ENVELOPE_new 442 EXIST::FUNCTION: +PKCS7_dup 443 EXIST::FUNCTION: +PKCS7_free 444 EXIST::FUNCTION: +PKCS7_new 445 EXIST::FUNCTION: +PROXY_ENTRY_add_noproxy 446 NOEXIST::FUNCTION: +PROXY_ENTRY_clear_noproxy 447 NOEXIST::FUNCTION: +PROXY_ENTRY_free 448 NOEXIST::FUNCTION: +PROXY_ENTRY_get_noproxy 449 NOEXIST::FUNCTION: +PROXY_ENTRY_new 450 NOEXIST::FUNCTION: +PROXY_ENTRY_set_server 451 NOEXIST::FUNCTION: +PROXY_add_noproxy 452 NOEXIST::FUNCTION: +PROXY_add_server 453 NOEXIST::FUNCTION: +PROXY_check_by_host 454 NOEXIST::FUNCTION: +PROXY_check_url 455 NOEXIST::FUNCTION: +PROXY_clear_noproxy 456 NOEXIST::FUNCTION: +PROXY_free 457 NOEXIST::FUNCTION: +PROXY_get_noproxy 458 NOEXIST::FUNCTION: +PROXY_get_proxies 459 NOEXIST::FUNCTION: +PROXY_get_proxy_entry 460 NOEXIST::FUNCTION: +PROXY_load_conf 461 NOEXIST::FUNCTION: +PROXY_new 462 NOEXIST::FUNCTION: +PROXY_print 463 NOEXIST::FUNCTION: +RAND_bytes 464 EXIST::FUNCTION: +RAND_cleanup 465 EXIST::FUNCTION: +RAND_file_name 466 EXIST::FUNCTION: +RAND_load_file 467 EXIST::FUNCTION: +RAND_screen 468 EXIST:WIN32:FUNCTION: +RAND_seed 469 EXIST::FUNCTION: +RAND_write_file 470 EXIST::FUNCTION: +RC2_cbc_encrypt 471 EXIST::FUNCTION:RC2 +RC2_cfb64_encrypt 472 EXIST::FUNCTION:RC2 +RC2_ecb_encrypt 473 EXIST::FUNCTION:RC2 +RC2_encrypt 474 EXIST::FUNCTION:RC2 +RC2_ofb64_encrypt 475 EXIST::FUNCTION:RC2 +RC2_set_key 476 EXIST::FUNCTION:RC2 +RC4 477 EXIST::FUNCTION:RC4 +RC4_options 478 EXIST::FUNCTION:RC4 +RC4_set_key 479 EXIST::FUNCTION:RC4 +RSAPrivateKey_asn1_meth 480 EXIST::FUNCTION:RSA +RSAPrivateKey_dup 481 EXIST::FUNCTION:RSA +RSAPublicKey_dup 482 EXIST::FUNCTION:RSA +RSA_PKCS1_SSLeay 483 EXIST::FUNCTION:RSA +RSA_free 484 EXIST::FUNCTION:RSA +RSA_generate_key 485 EXIST::FUNCTION:RSA +RSA_new 486 EXIST::FUNCTION:RSA +RSA_new_method 487 EXIST::FUNCTION:RSA +RSA_print 488 EXIST::FUNCTION:BIO,RSA +RSA_print_fp 489 EXIST::FUNCTION:FP_API,RSA +RSA_private_decrypt 490 EXIST::FUNCTION:RSA +RSA_private_encrypt 491 EXIST::FUNCTION:RSA +RSA_public_decrypt 492 EXIST::FUNCTION:RSA +RSA_public_encrypt 493 EXIST::FUNCTION:RSA +RSA_set_default_method 494 EXIST::FUNCTION:RSA +RSA_sign 495 EXIST::FUNCTION:RSA +RSA_sign_ASN1_OCTET_STRING 496 EXIST::FUNCTION:RSA +RSA_size 497 EXIST::FUNCTION:RSA +RSA_verify 498 EXIST::FUNCTION:RSA +RSA_verify_ASN1_OCTET_STRING 499 EXIST::FUNCTION:RSA +SHA 500 EXIST::FUNCTION:SHA,SHA0 +SHA1 501 EXIST::FUNCTION:SHA,SHA1 +SHA1_Final 502 EXIST::FUNCTION:SHA,SHA1 +SHA1_Init 503 EXIST::FUNCTION:SHA,SHA1 +SHA1_Update 504 EXIST::FUNCTION:SHA,SHA1 +SHA_Final 505 EXIST::FUNCTION:SHA,SHA0 +SHA_Init 506 EXIST::FUNCTION:SHA,SHA0 +SHA_Update 507 EXIST::FUNCTION:SHA,SHA0 +OpenSSL_add_all_algorithms 508 NOEXIST::FUNCTION: +OpenSSL_add_all_ciphers 509 EXIST::FUNCTION: +OpenSSL_add_all_digests 510 EXIST::FUNCTION: +TXT_DB_create_index 511 EXIST::FUNCTION: +TXT_DB_free 512 EXIST::FUNCTION: +TXT_DB_get_by_index 513 EXIST::FUNCTION: +TXT_DB_insert 514 EXIST::FUNCTION: +TXT_DB_read 515 EXIST::FUNCTION:BIO +TXT_DB_write 516 EXIST::FUNCTION:BIO +X509_ALGOR_free 517 EXIST::FUNCTION: +X509_ALGOR_new 518 EXIST::FUNCTION: +X509_ATTRIBUTE_free 519 EXIST::FUNCTION: +X509_ATTRIBUTE_new 520 EXIST::FUNCTION: +X509_CINF_free 521 EXIST::FUNCTION: +X509_CINF_new 522 EXIST::FUNCTION: +X509_CRL_INFO_free 523 EXIST::FUNCTION: +X509_CRL_INFO_new 524 EXIST::FUNCTION: +X509_CRL_add_ext 525 EXIST::FUNCTION: +X509_CRL_cmp 526 EXIST::FUNCTION: +X509_CRL_delete_ext 527 EXIST::FUNCTION: +X509_CRL_dup 528 EXIST::FUNCTION: +X509_CRL_free 529 EXIST::FUNCTION: +X509_CRL_get_ext 530 EXIST::FUNCTION: +X509_CRL_get_ext_by_NID 531 EXIST::FUNCTION: +X509_CRL_get_ext_by_OBJ 532 EXIST::FUNCTION: +X509_CRL_get_ext_by_critical 533 EXIST::FUNCTION: +X509_CRL_get_ext_count 534 EXIST::FUNCTION: +X509_CRL_new 535 EXIST::FUNCTION: +X509_CRL_sign 536 EXIST::FUNCTION:EVP +X509_CRL_verify 537 EXIST::FUNCTION:EVP +X509_EXTENSION_create_by_NID 538 EXIST::FUNCTION: +X509_EXTENSION_create_by_OBJ 539 EXIST::FUNCTION: +X509_EXTENSION_dup 540 EXIST::FUNCTION: +X509_EXTENSION_free 541 EXIST::FUNCTION: +X509_EXTENSION_get_critical 542 EXIST::FUNCTION: +X509_EXTENSION_get_data 543 EXIST::FUNCTION: +X509_EXTENSION_get_object 544 EXIST::FUNCTION: +X509_EXTENSION_new 545 EXIST::FUNCTION: +X509_EXTENSION_set_critical 546 EXIST::FUNCTION: +X509_EXTENSION_set_data 547 EXIST::FUNCTION: +X509_EXTENSION_set_object 548 EXIST::FUNCTION: +X509_INFO_free 549 EXIST::FUNCTION:EVP +X509_INFO_new 550 EXIST::FUNCTION:EVP +X509_LOOKUP_by_alias 551 EXIST::FUNCTION: +X509_LOOKUP_by_fingerprint 552 EXIST::FUNCTION: +X509_LOOKUP_by_issuer_serial 553 EXIST::FUNCTION: +X509_LOOKUP_by_subject 554 EXIST::FUNCTION: +X509_LOOKUP_ctrl 555 EXIST::FUNCTION: +X509_LOOKUP_file 556 EXIST::FUNCTION: +X509_LOOKUP_free 557 EXIST::FUNCTION: +X509_LOOKUP_hash_dir 558 EXIST::FUNCTION: +X509_LOOKUP_init 559 EXIST::FUNCTION: +X509_LOOKUP_new 560 EXIST::FUNCTION: +X509_LOOKUP_shutdown 561 EXIST::FUNCTION: +X509_NAME_ENTRY_create_by_NID 562 EXIST::FUNCTION: +X509_NAME_ENTRY_create_by_OBJ 563 EXIST::FUNCTION: +X509_NAME_ENTRY_dup 564 EXIST::FUNCTION: +X509_NAME_ENTRY_free 565 EXIST::FUNCTION: +X509_NAME_ENTRY_get_data 566 EXIST::FUNCTION: +X509_NAME_ENTRY_get_object 567 EXIST::FUNCTION: +X509_NAME_ENTRY_new 568 EXIST::FUNCTION: +X509_NAME_ENTRY_set_data 569 EXIST::FUNCTION: +X509_NAME_ENTRY_set_object 570 EXIST::FUNCTION: +X509_NAME_add_entry 571 EXIST::FUNCTION: +X509_NAME_cmp 572 EXIST::FUNCTION: +X509_NAME_delete_entry 573 EXIST::FUNCTION: +X509_NAME_digest 574 EXIST::FUNCTION:EVP +X509_NAME_dup 575 EXIST::FUNCTION: +X509_NAME_entry_count 576 EXIST::FUNCTION: +X509_NAME_free 577 EXIST::FUNCTION: +X509_NAME_get_entry 578 EXIST::FUNCTION: +X509_NAME_get_index_by_NID 579 EXIST::FUNCTION: +X509_NAME_get_index_by_OBJ 580 EXIST::FUNCTION: +X509_NAME_get_text_by_NID 581 EXIST::FUNCTION: +X509_NAME_get_text_by_OBJ 582 EXIST::FUNCTION: +X509_NAME_hash 583 EXIST::FUNCTION: +X509_NAME_new 584 EXIST::FUNCTION: +X509_NAME_oneline 585 EXIST::FUNCTION:EVP +X509_NAME_print 586 EXIST::FUNCTION:BIO +X509_NAME_set 587 EXIST::FUNCTION: +X509_OBJECT_free_contents 588 EXIST::FUNCTION: +X509_OBJECT_retrieve_by_subject 589 EXIST::FUNCTION: +X509_OBJECT_up_ref_count 590 EXIST::FUNCTION: +X509_PKEY_free 591 EXIST::FUNCTION: +X509_PKEY_new 592 EXIST::FUNCTION: +X509_PUBKEY_free 593 EXIST::FUNCTION: +X509_PUBKEY_get 594 EXIST::FUNCTION: +X509_PUBKEY_new 595 EXIST::FUNCTION: +X509_PUBKEY_set 596 EXIST::FUNCTION: +X509_REQ_INFO_free 597 EXIST::FUNCTION: +X509_REQ_INFO_new 598 EXIST::FUNCTION: +X509_REQ_dup 599 EXIST::FUNCTION: +X509_REQ_free 600 EXIST::FUNCTION: +X509_REQ_get_pubkey 601 EXIST::FUNCTION: +X509_REQ_new 602 EXIST::FUNCTION: +X509_REQ_print 603 EXIST::FUNCTION:BIO +X509_REQ_print_fp 604 EXIST::FUNCTION:FP_API +X509_REQ_set_pubkey 605 EXIST::FUNCTION: +X509_REQ_set_subject_name 606 EXIST::FUNCTION: +X509_REQ_set_version 607 EXIST::FUNCTION: +X509_REQ_sign 608 EXIST::FUNCTION:EVP +X509_REQ_to_X509 609 EXIST::FUNCTION: +X509_REQ_verify 610 EXIST::FUNCTION:EVP +X509_REVOKED_add_ext 611 EXIST::FUNCTION: +X509_REVOKED_delete_ext 612 EXIST::FUNCTION: +X509_REVOKED_free 613 EXIST::FUNCTION: +X509_REVOKED_get_ext 614 EXIST::FUNCTION: +X509_REVOKED_get_ext_by_NID 615 EXIST::FUNCTION: +X509_REVOKED_get_ext_by_OBJ 616 EXIST::FUNCTION: +X509_REVOKED_get_ext_by_critical 617 EXIST:!VMS:FUNCTION: +X509_REVOKED_get_ext_by_critic 617 EXIST:VMS:FUNCTION: +X509_REVOKED_get_ext_count 618 EXIST::FUNCTION: +X509_REVOKED_new 619 EXIST::FUNCTION: +X509_SIG_free 620 EXIST::FUNCTION: +X509_SIG_new 621 EXIST::FUNCTION: +X509_STORE_CTX_cleanup 622 EXIST::FUNCTION: +X509_STORE_CTX_init 623 EXIST::FUNCTION: +X509_STORE_add_cert 624 EXIST::FUNCTION: +X509_STORE_add_lookup 625 EXIST::FUNCTION: +X509_STORE_free 626 EXIST::FUNCTION: +X509_STORE_get_by_subject 627 EXIST::FUNCTION: +X509_STORE_load_locations 628 EXIST::FUNCTION:STDIO +X509_STORE_new 629 EXIST::FUNCTION: +X509_STORE_set_default_paths 630 EXIST::FUNCTION:STDIO +X509_VAL_free 631 EXIST::FUNCTION: +X509_VAL_new 632 EXIST::FUNCTION: +X509_add_ext 633 EXIST::FUNCTION: +X509_asn1_meth 634 EXIST::FUNCTION: +X509_certificate_type 635 EXIST::FUNCTION: +X509_check_private_key 636 EXIST::FUNCTION: +X509_cmp_current_time 637 EXIST::FUNCTION: +X509_delete_ext 638 EXIST::FUNCTION: +X509_digest 639 EXIST::FUNCTION:EVP +X509_dup 640 EXIST::FUNCTION: +X509_free 641 EXIST::FUNCTION: +X509_get_default_cert_area 642 EXIST::FUNCTION: +X509_get_default_cert_dir 643 EXIST::FUNCTION: +X509_get_default_cert_dir_env 644 EXIST::FUNCTION: +X509_get_default_cert_file 645 EXIST::FUNCTION: +X509_get_default_cert_file_env 646 EXIST::FUNCTION: +X509_get_default_private_dir 647 EXIST::FUNCTION: +X509_get_ext 648 EXIST::FUNCTION: +X509_get_ext_by_NID 649 EXIST::FUNCTION: +X509_get_ext_by_OBJ 650 EXIST::FUNCTION: +X509_get_ext_by_critical 651 EXIST::FUNCTION: +X509_get_ext_count 652 EXIST::FUNCTION: +X509_get_issuer_name 653 EXIST::FUNCTION: +X509_get_pubkey 654 EXIST::FUNCTION: +X509_get_pubkey_parameters 655 EXIST::FUNCTION: +X509_get_serialNumber 656 EXIST::FUNCTION: +X509_get_subject_name 657 EXIST::FUNCTION: +X509_gmtime_adj 658 EXIST::FUNCTION: +X509_issuer_and_serial_cmp 659 EXIST::FUNCTION: +X509_issuer_and_serial_hash 660 EXIST::FUNCTION: +X509_issuer_name_cmp 661 EXIST::FUNCTION: +X509_issuer_name_hash 662 EXIST::FUNCTION: +X509_load_cert_file 663 EXIST::FUNCTION:STDIO +X509_new 664 EXIST::FUNCTION: +X509_print 665 EXIST::FUNCTION:BIO +X509_print_fp 666 EXIST::FUNCTION:FP_API +X509_set_issuer_name 667 EXIST::FUNCTION: +X509_set_notAfter 668 EXIST::FUNCTION: +X509_set_notBefore 669 EXIST::FUNCTION: +X509_set_pubkey 670 EXIST::FUNCTION: +X509_set_serialNumber 671 EXIST::FUNCTION: +X509_set_subject_name 672 EXIST::FUNCTION: +X509_set_version 673 EXIST::FUNCTION: +X509_sign 674 EXIST::FUNCTION:EVP +X509_subject_name_cmp 675 EXIST::FUNCTION: +X509_subject_name_hash 676 EXIST::FUNCTION: +X509_to_X509_REQ 677 EXIST::FUNCTION: +X509_verify 678 EXIST::FUNCTION:EVP +X509_verify_cert 679 EXIST::FUNCTION: +X509_verify_cert_error_string 680 EXIST::FUNCTION: +X509v3_add_ext 681 EXIST::FUNCTION: +X509v3_add_extension 682 NOEXIST::FUNCTION: +X509v3_add_netscape_extensions 683 NOEXIST::FUNCTION: +X509v3_add_standard_extensions 684 NOEXIST::FUNCTION: +X509v3_cleanup_extensions 685 NOEXIST::FUNCTION: +X509v3_data_type_by_NID 686 NOEXIST::FUNCTION: +X509v3_data_type_by_OBJ 687 NOEXIST::FUNCTION: +X509v3_delete_ext 688 EXIST::FUNCTION: +X509v3_get_ext 689 EXIST::FUNCTION: +X509v3_get_ext_by_NID 690 EXIST::FUNCTION: +X509v3_get_ext_by_OBJ 691 EXIST::FUNCTION: +X509v3_get_ext_by_critical 692 EXIST::FUNCTION: +X509v3_get_ext_count 693 EXIST::FUNCTION: +X509v3_pack_string 694 NOEXIST::FUNCTION: +X509v3_pack_type_by_NID 695 NOEXIST::FUNCTION: +X509v3_pack_type_by_OBJ 696 NOEXIST::FUNCTION: +X509v3_unpack_string 697 NOEXIST::FUNCTION: +_des_crypt 698 NOEXIST::FUNCTION: +a2d_ASN1_OBJECT 699 EXIST::FUNCTION: +a2i_ASN1_INTEGER 700 EXIST::FUNCTION:BIO +a2i_ASN1_STRING 701 EXIST::FUNCTION:BIO +asn1_Finish 702 EXIST::FUNCTION: +asn1_GetSequence 703 EXIST::FUNCTION: +bn_div_words 704 EXIST::FUNCTION: +bn_expand2 705 EXIST::FUNCTION: +bn_mul_add_words 706 EXIST::FUNCTION: +bn_mul_words 707 EXIST::FUNCTION: +BN_uadd 708 EXIST::FUNCTION: +BN_usub 709 EXIST::FUNCTION: +bn_sqr_words 710 EXIST::FUNCTION: +_ossl_old_crypt 711 EXIST:!NeXT,!PERL5,!__FreeBSD__:FUNCTION:DES +d2i_ASN1_BIT_STRING 712 EXIST::FUNCTION: +d2i_ASN1_BOOLEAN 713 EXIST::FUNCTION: +d2i_ASN1_HEADER 714 EXIST::FUNCTION: +d2i_ASN1_IA5STRING 715 EXIST::FUNCTION: +d2i_ASN1_INTEGER 716 EXIST::FUNCTION: +d2i_ASN1_OBJECT 717 EXIST::FUNCTION: +d2i_ASN1_OCTET_STRING 718 EXIST::FUNCTION: +d2i_ASN1_PRINTABLE 719 EXIST::FUNCTION: +d2i_ASN1_PRINTABLESTRING 720 EXIST::FUNCTION: +d2i_ASN1_SET 721 EXIST::FUNCTION: +d2i_ASN1_T61STRING 722 EXIST::FUNCTION: +d2i_ASN1_TYPE 723 EXIST::FUNCTION: +d2i_ASN1_UTCTIME 724 EXIST::FUNCTION: +d2i_ASN1_bytes 725 EXIST::FUNCTION: +d2i_ASN1_type_bytes 726 EXIST::FUNCTION: +d2i_DHparams 727 EXIST::FUNCTION:DH +d2i_DSAPrivateKey 728 EXIST::FUNCTION:DSA +d2i_DSAPrivateKey_bio 729 EXIST::FUNCTION:BIO,DSA +d2i_DSAPrivateKey_fp 730 EXIST::FUNCTION:DSA,FP_API +d2i_DSAPublicKey 731 EXIST::FUNCTION:DSA +d2i_DSAparams 732 EXIST::FUNCTION:DSA +d2i_NETSCAPE_SPKAC 733 EXIST::FUNCTION: +d2i_NETSCAPE_SPKI 734 EXIST::FUNCTION: +d2i_Netscape_RSA 735 EXIST::FUNCTION:RSA +d2i_PKCS7 736 EXIST::FUNCTION: +d2i_PKCS7_DIGEST 737 EXIST::FUNCTION: +d2i_PKCS7_ENCRYPT 738 EXIST::FUNCTION: +d2i_PKCS7_ENC_CONTENT 739 EXIST::FUNCTION: +d2i_PKCS7_ENVELOPE 740 EXIST::FUNCTION: +d2i_PKCS7_ISSUER_AND_SERIAL 741 EXIST::FUNCTION: +d2i_PKCS7_RECIP_INFO 742 EXIST::FUNCTION: +d2i_PKCS7_SIGNED 743 EXIST::FUNCTION: +d2i_PKCS7_SIGNER_INFO 744 EXIST::FUNCTION: +d2i_PKCS7_SIGN_ENVELOPE 745 EXIST::FUNCTION: +d2i_PKCS7_bio 746 EXIST::FUNCTION: +d2i_PKCS7_fp 747 EXIST::FUNCTION:FP_API +d2i_PrivateKey 748 EXIST::FUNCTION: +d2i_PublicKey 749 EXIST::FUNCTION: +d2i_RSAPrivateKey 750 EXIST::FUNCTION:RSA +d2i_RSAPrivateKey_bio 751 EXIST::FUNCTION:BIO,RSA +d2i_RSAPrivateKey_fp 752 EXIST::FUNCTION:FP_API,RSA +d2i_RSAPublicKey 753 EXIST::FUNCTION:RSA +d2i_X509 754 EXIST::FUNCTION: +d2i_X509_ALGOR 755 EXIST::FUNCTION: +d2i_X509_ATTRIBUTE 756 EXIST::FUNCTION: +d2i_X509_CINF 757 EXIST::FUNCTION: +d2i_X509_CRL 758 EXIST::FUNCTION: +d2i_X509_CRL_INFO 759 EXIST::FUNCTION: +d2i_X509_CRL_bio 760 EXIST::FUNCTION:BIO +d2i_X509_CRL_fp 761 EXIST::FUNCTION:FP_API +d2i_X509_EXTENSION 762 EXIST::FUNCTION: +d2i_X509_NAME 763 EXIST::FUNCTION: +d2i_X509_NAME_ENTRY 764 EXIST::FUNCTION: +d2i_X509_PKEY 765 EXIST::FUNCTION: +d2i_X509_PUBKEY 766 EXIST::FUNCTION: +d2i_X509_REQ 767 EXIST::FUNCTION: +d2i_X509_REQ_INFO 768 EXIST::FUNCTION: +d2i_X509_REQ_bio 769 EXIST::FUNCTION:BIO +d2i_X509_REQ_fp 770 EXIST::FUNCTION:FP_API +d2i_X509_REVOKED 771 EXIST::FUNCTION: +d2i_X509_SIG 772 EXIST::FUNCTION: +d2i_X509_VAL 773 EXIST::FUNCTION: +d2i_X509_bio 774 EXIST::FUNCTION:BIO +d2i_X509_fp 775 EXIST::FUNCTION:FP_API +DES_cbc_cksum 777 EXIST::FUNCTION:DES +DES_cbc_encrypt 778 EXIST::FUNCTION:DES +DES_cblock_print_file 779 NOEXIST::FUNCTION: +DES_cfb64_encrypt 780 EXIST::FUNCTION:DES +DES_cfb_encrypt 781 EXIST::FUNCTION:DES +DES_decrypt3 782 EXIST::FUNCTION:DES +DES_ecb3_encrypt 783 EXIST::FUNCTION:DES +DES_ecb_encrypt 784 EXIST::FUNCTION:DES +DES_ede3_cbc_encrypt 785 EXIST::FUNCTION:DES +DES_ede3_cfb64_encrypt 786 EXIST::FUNCTION:DES +DES_ede3_ofb64_encrypt 787 EXIST::FUNCTION:DES +DES_enc_read 788 EXIST::FUNCTION:DES +DES_enc_write 789 EXIST::FUNCTION:DES +DES_encrypt1 790 EXIST::FUNCTION:DES +DES_encrypt2 791 EXIST::FUNCTION:DES +DES_encrypt3 792 EXIST::FUNCTION:DES +DES_fcrypt 793 EXIST::FUNCTION:DES +DES_is_weak_key 794 EXIST::FUNCTION:DES +DES_key_sched 795 EXIST::FUNCTION:DES +DES_ncbc_encrypt 796 EXIST::FUNCTION:DES +DES_ofb64_encrypt 797 EXIST::FUNCTION:DES +DES_ofb_encrypt 798 EXIST::FUNCTION:DES +DES_options 799 EXIST::FUNCTION:DES +DES_pcbc_encrypt 800 EXIST::FUNCTION:DES +DES_quad_cksum 801 EXIST::FUNCTION:DES +DES_random_key 802 EXIST::FUNCTION:DES +_ossl_old_des_random_seed 803 EXIST::FUNCTION:DES +_ossl_old_des_read_2passwords 804 EXIST::FUNCTION:DES +_ossl_old_des_read_password 805 EXIST::FUNCTION:DES +_ossl_old_des_read_pw 806 EXIST::FUNCTION: +_ossl_old_des_read_pw_string 807 EXIST::FUNCTION: +DES_set_key 808 EXIST::FUNCTION:DES +DES_set_odd_parity 809 EXIST::FUNCTION:DES +DES_string_to_2keys 810 EXIST::FUNCTION:DES +DES_string_to_key 811 EXIST::FUNCTION:DES +DES_xcbc_encrypt 812 EXIST::FUNCTION:DES +DES_xwhite_in2out 813 EXIST::FUNCTION:DES +fcrypt_body 814 NOEXIST::FUNCTION: +i2a_ASN1_INTEGER 815 EXIST::FUNCTION:BIO +i2a_ASN1_OBJECT 816 EXIST::FUNCTION:BIO +i2a_ASN1_STRING 817 EXIST::FUNCTION:BIO +i2d_ASN1_BIT_STRING 818 EXIST::FUNCTION: +i2d_ASN1_BOOLEAN 819 EXIST::FUNCTION: +i2d_ASN1_HEADER 820 EXIST::FUNCTION: +i2d_ASN1_IA5STRING 821 EXIST::FUNCTION: +i2d_ASN1_INTEGER 822 EXIST::FUNCTION: +i2d_ASN1_OBJECT 823 EXIST::FUNCTION: +i2d_ASN1_OCTET_STRING 824 EXIST::FUNCTION: +i2d_ASN1_PRINTABLE 825 EXIST::FUNCTION: +i2d_ASN1_SET 826 EXIST::FUNCTION: +i2d_ASN1_TYPE 827 EXIST::FUNCTION: +i2d_ASN1_UTCTIME 828 EXIST::FUNCTION: +i2d_ASN1_bytes 829 EXIST::FUNCTION: +i2d_DHparams 830 EXIST::FUNCTION:DH +i2d_DSAPrivateKey 831 EXIST::FUNCTION:DSA +i2d_DSAPrivateKey_bio 832 EXIST::FUNCTION:BIO,DSA +i2d_DSAPrivateKey_fp 833 EXIST::FUNCTION:DSA,FP_API +i2d_DSAPublicKey 834 EXIST::FUNCTION:DSA +i2d_DSAparams 835 EXIST::FUNCTION:DSA +i2d_NETSCAPE_SPKAC 836 EXIST::FUNCTION: +i2d_NETSCAPE_SPKI 837 EXIST::FUNCTION: +i2d_Netscape_RSA 838 EXIST::FUNCTION:RSA +i2d_PKCS7 839 EXIST::FUNCTION: +i2d_PKCS7_DIGEST 840 EXIST::FUNCTION: +i2d_PKCS7_ENCRYPT 841 EXIST::FUNCTION: +i2d_PKCS7_ENC_CONTENT 842 EXIST::FUNCTION: +i2d_PKCS7_ENVELOPE 843 EXIST::FUNCTION: +i2d_PKCS7_ISSUER_AND_SERIAL 844 EXIST::FUNCTION: +i2d_PKCS7_RECIP_INFO 845 EXIST::FUNCTION: +i2d_PKCS7_SIGNED 846 EXIST::FUNCTION: +i2d_PKCS7_SIGNER_INFO 847 EXIST::FUNCTION: +i2d_PKCS7_SIGN_ENVELOPE 848 EXIST::FUNCTION: +i2d_PKCS7_bio 849 EXIST::FUNCTION: +i2d_PKCS7_fp 850 EXIST::FUNCTION:FP_API +i2d_PrivateKey 851 EXIST::FUNCTION: +i2d_PublicKey 852 EXIST::FUNCTION: +i2d_RSAPrivateKey 853 EXIST::FUNCTION:RSA +i2d_RSAPrivateKey_bio 854 EXIST::FUNCTION:BIO,RSA +i2d_RSAPrivateKey_fp 855 EXIST::FUNCTION:FP_API,RSA +i2d_RSAPublicKey 856 EXIST::FUNCTION:RSA +i2d_X509 857 EXIST::FUNCTION: +i2d_X509_ALGOR 858 EXIST::FUNCTION: +i2d_X509_ATTRIBUTE 859 EXIST::FUNCTION: +i2d_X509_CINF 860 EXIST::FUNCTION: +i2d_X509_CRL 861 EXIST::FUNCTION: +i2d_X509_CRL_INFO 862 EXIST::FUNCTION: +i2d_X509_CRL_bio 863 EXIST::FUNCTION:BIO +i2d_X509_CRL_fp 864 EXIST::FUNCTION:FP_API +i2d_X509_EXTENSION 865 EXIST::FUNCTION: +i2d_X509_NAME 866 EXIST::FUNCTION: +i2d_X509_NAME_ENTRY 867 EXIST::FUNCTION: +i2d_X509_PKEY 868 EXIST::FUNCTION: +i2d_X509_PUBKEY 869 EXIST::FUNCTION: +i2d_X509_REQ 870 EXIST::FUNCTION: +i2d_X509_REQ_INFO 871 EXIST::FUNCTION: +i2d_X509_REQ_bio 872 EXIST::FUNCTION:BIO +i2d_X509_REQ_fp 873 EXIST::FUNCTION:FP_API +i2d_X509_REVOKED 874 EXIST::FUNCTION: +i2d_X509_SIG 875 EXIST::FUNCTION: +i2d_X509_VAL 876 EXIST::FUNCTION: +i2d_X509_bio 877 EXIST::FUNCTION:BIO +i2d_X509_fp 878 EXIST::FUNCTION:FP_API +idea_cbc_encrypt 879 EXIST::FUNCTION:IDEA +idea_cfb64_encrypt 880 EXIST::FUNCTION:IDEA +idea_ecb_encrypt 881 EXIST::FUNCTION:IDEA +idea_encrypt 882 EXIST::FUNCTION:IDEA +idea_ofb64_encrypt 883 EXIST::FUNCTION:IDEA +idea_options 884 EXIST::FUNCTION:IDEA +idea_set_decrypt_key 885 EXIST::FUNCTION:IDEA +idea_set_encrypt_key 886 EXIST::FUNCTION:IDEA +lh_delete 887 EXIST::FUNCTION: +lh_doall 888 EXIST::FUNCTION: +lh_doall_arg 889 EXIST::FUNCTION: +lh_free 890 EXIST::FUNCTION: +lh_insert 891 EXIST::FUNCTION: +lh_new 892 EXIST::FUNCTION: +lh_node_stats 893 EXIST::FUNCTION:FP_API +lh_node_stats_bio 894 EXIST::FUNCTION:BIO +lh_node_usage_stats 895 EXIST::FUNCTION:FP_API +lh_node_usage_stats_bio 896 EXIST::FUNCTION:BIO +lh_retrieve 897 EXIST::FUNCTION: +lh_stats 898 EXIST::FUNCTION:FP_API +lh_stats_bio 899 EXIST::FUNCTION:BIO +lh_strhash 900 EXIST::FUNCTION: +sk_delete 901 EXIST::FUNCTION: +sk_delete_ptr 902 EXIST::FUNCTION: +sk_dup 903 EXIST::FUNCTION: +sk_find 904 EXIST::FUNCTION: +sk_free 905 EXIST::FUNCTION: +sk_insert 906 EXIST::FUNCTION: +sk_new 907 EXIST::FUNCTION: +sk_pop 908 EXIST::FUNCTION: +sk_pop_free 909 EXIST::FUNCTION: +sk_push 910 EXIST::FUNCTION: +sk_set_cmp_func 911 EXIST::FUNCTION: +sk_shift 912 EXIST::FUNCTION: +sk_unshift 913 EXIST::FUNCTION: +sk_zero 914 EXIST::FUNCTION: +BIO_f_nbio_test 915 EXIST::FUNCTION: +ASN1_TYPE_get 916 EXIST::FUNCTION: +ASN1_TYPE_set 917 EXIST::FUNCTION: +PKCS7_content_free 918 NOEXIST::FUNCTION: +ERR_load_PKCS7_strings 919 EXIST::FUNCTION: +X509_find_by_issuer_and_serial 920 EXIST::FUNCTION: +X509_find_by_subject 921 EXIST::FUNCTION: +PKCS7_ctrl 927 EXIST::FUNCTION: +PKCS7_set_type 928 EXIST::FUNCTION: +PKCS7_set_content 929 EXIST::FUNCTION: +PKCS7_SIGNER_INFO_set 930 EXIST::FUNCTION: +PKCS7_add_signer 931 EXIST::FUNCTION: +PKCS7_add_certificate 932 EXIST::FUNCTION: +PKCS7_add_crl 933 EXIST::FUNCTION: +PKCS7_content_new 934 EXIST::FUNCTION: +PKCS7_dataSign 935 NOEXIST::FUNCTION: +PKCS7_dataVerify 936 EXIST::FUNCTION: +PKCS7_dataInit 937 EXIST::FUNCTION: +PKCS7_add_signature 938 EXIST::FUNCTION: +PKCS7_cert_from_signer_info 939 EXIST::FUNCTION: +PKCS7_get_signer_info 940 EXIST::FUNCTION: +EVP_delete_alias 941 NOEXIST::FUNCTION: +EVP_mdc2 942 EXIST::FUNCTION:MDC2 +PEM_read_bio_RSAPublicKey 943 EXIST::FUNCTION:RSA +PEM_write_bio_RSAPublicKey 944 EXIST::FUNCTION:RSA +d2i_RSAPublicKey_bio 945 EXIST::FUNCTION:BIO,RSA +i2d_RSAPublicKey_bio 946 EXIST::FUNCTION:BIO,RSA +PEM_read_RSAPublicKey 947 EXIST:!WIN16:FUNCTION:RSA +PEM_write_RSAPublicKey 949 EXIST:!WIN16:FUNCTION:RSA +d2i_RSAPublicKey_fp 952 EXIST::FUNCTION:FP_API,RSA +i2d_RSAPublicKey_fp 954 EXIST::FUNCTION:FP_API,RSA +BIO_copy_next_retry 955 EXIST::FUNCTION: +RSA_flags 956 EXIST::FUNCTION:RSA +X509_STORE_add_crl 957 EXIST::FUNCTION: +X509_load_crl_file 958 EXIST::FUNCTION:STDIO +EVP_rc2_40_cbc 959 EXIST::FUNCTION:RC2 +EVP_rc4_40 960 EXIST::FUNCTION:RC4 +EVP_CIPHER_CTX_init 961 EXIST::FUNCTION: +HMAC 962 EXIST::FUNCTION:HMAC +HMAC_Init 963 EXIST::FUNCTION:HMAC +HMAC_Update 964 EXIST::FUNCTION:HMAC +HMAC_Final 965 EXIST::FUNCTION:HMAC +ERR_get_next_error_library 966 EXIST::FUNCTION: +EVP_PKEY_cmp_parameters 967 EXIST::FUNCTION: +HMAC_cleanup 968 NOEXIST::FUNCTION: +BIO_ptr_ctrl 969 EXIST::FUNCTION: +BIO_new_file_internal 970 EXIST:WIN16:FUNCTION:FP_API +BIO_new_fp_internal 971 EXIST:WIN16:FUNCTION:FP_API +BIO_s_file_internal 972 EXIST:WIN16:FUNCTION:FP_API +BN_BLINDING_convert 973 EXIST::FUNCTION: +BN_BLINDING_invert 974 EXIST::FUNCTION: +BN_BLINDING_update 975 EXIST::FUNCTION: +RSA_blinding_on 977 EXIST::FUNCTION:RSA +RSA_blinding_off 978 EXIST::FUNCTION:RSA +i2t_ASN1_OBJECT 979 EXIST::FUNCTION: +BN_BLINDING_new 980 EXIST::FUNCTION: +BN_BLINDING_free 981 EXIST::FUNCTION: +EVP_cast5_cbc 983 EXIST::FUNCTION:CAST +EVP_cast5_cfb 984 EXIST::FUNCTION:CAST +EVP_cast5_ecb 985 EXIST::FUNCTION:CAST +EVP_cast5_ofb 986 EXIST::FUNCTION:CAST +BF_decrypt 987 EXIST::FUNCTION:BF +CAST_set_key 988 EXIST::FUNCTION:CAST +CAST_encrypt 989 EXIST::FUNCTION:CAST +CAST_decrypt 990 EXIST::FUNCTION:CAST +CAST_ecb_encrypt 991 EXIST::FUNCTION:CAST +CAST_cbc_encrypt 992 EXIST::FUNCTION:CAST +CAST_cfb64_encrypt 993 EXIST::FUNCTION:CAST +CAST_ofb64_encrypt 994 EXIST::FUNCTION:CAST +RC2_decrypt 995 EXIST::FUNCTION:RC2 +OBJ_create_objects 997 EXIST::FUNCTION: +BN_exp 998 EXIST::FUNCTION: +BN_mul_word 999 EXIST::FUNCTION: +BN_sub_word 1000 EXIST::FUNCTION: +BN_dec2bn 1001 EXIST::FUNCTION: +BN_bn2dec 1002 EXIST::FUNCTION: +BIO_ghbn_ctrl 1003 EXIST::FUNCTION: +CRYPTO_free_ex_data 1004 EXIST::FUNCTION: +CRYPTO_get_ex_data 1005 EXIST::FUNCTION: +CRYPTO_set_ex_data 1007 EXIST::FUNCTION: +ERR_load_CRYPTO_strings 1009 EXIST:!VMS,!WIN16:FUNCTION: +ERR_load_CRYPTOlib_strings 1009 EXIST:VMS,WIN16:FUNCTION: +EVP_PKEY_bits 1010 EXIST::FUNCTION: +MD5_Transform 1011 EXIST::FUNCTION:MD5 +SHA1_Transform 1012 EXIST::FUNCTION:SHA,SHA1 +SHA_Transform 1013 EXIST::FUNCTION:SHA,SHA0 +X509_STORE_CTX_get_chain 1014 EXIST::FUNCTION: +X509_STORE_CTX_get_current_cert 1015 EXIST::FUNCTION: +X509_STORE_CTX_get_error 1016 EXIST::FUNCTION: +X509_STORE_CTX_get_error_depth 1017 EXIST::FUNCTION: +X509_STORE_CTX_get_ex_data 1018 EXIST::FUNCTION: +X509_STORE_CTX_set_cert 1020 EXIST::FUNCTION: +X509_STORE_CTX_set_chain 1021 EXIST::FUNCTION: +X509_STORE_CTX_set_error 1022 EXIST::FUNCTION: +X509_STORE_CTX_set_ex_data 1023 EXIST::FUNCTION: +CRYPTO_dup_ex_data 1025 EXIST::FUNCTION: +CRYPTO_get_new_lockid 1026 EXIST::FUNCTION: +CRYPTO_new_ex_data 1027 EXIST::FUNCTION: +RSA_set_ex_data 1028 EXIST::FUNCTION:RSA +RSA_get_ex_data 1029 EXIST::FUNCTION:RSA +RSA_get_ex_new_index 1030 EXIST::FUNCTION:RSA +RSA_padding_add_PKCS1_type_1 1031 EXIST::FUNCTION:RSA +RSA_padding_add_PKCS1_type_2 1032 EXIST::FUNCTION:RSA +RSA_padding_add_SSLv23 1033 EXIST::FUNCTION:RSA +RSA_padding_add_none 1034 EXIST::FUNCTION:RSA +RSA_padding_check_PKCS1_type_1 1035 EXIST::FUNCTION:RSA +RSA_padding_check_PKCS1_type_2 1036 EXIST::FUNCTION:RSA +RSA_padding_check_SSLv23 1037 EXIST::FUNCTION:RSA +RSA_padding_check_none 1038 EXIST::FUNCTION:RSA +bn_add_words 1039 EXIST::FUNCTION: +d2i_Netscape_RSA_2 1040 NOEXIST::FUNCTION: +CRYPTO_get_ex_new_index 1041 EXIST::FUNCTION: +RIPEMD160_Init 1042 EXIST::FUNCTION:RIPEMD +RIPEMD160_Update 1043 EXIST::FUNCTION:RIPEMD +RIPEMD160_Final 1044 EXIST::FUNCTION:RIPEMD +RIPEMD160 1045 EXIST::FUNCTION:RIPEMD +RIPEMD160_Transform 1046 EXIST::FUNCTION:RIPEMD +RC5_32_set_key 1047 EXIST::FUNCTION:RC5 +RC5_32_ecb_encrypt 1048 EXIST::FUNCTION:RC5 +RC5_32_encrypt 1049 EXIST::FUNCTION:RC5 +RC5_32_decrypt 1050 EXIST::FUNCTION:RC5 +RC5_32_cbc_encrypt 1051 EXIST::FUNCTION:RC5 +RC5_32_cfb64_encrypt 1052 EXIST::FUNCTION:RC5 +RC5_32_ofb64_encrypt 1053 EXIST::FUNCTION:RC5 +BN_bn2mpi 1058 EXIST::FUNCTION: +BN_mpi2bn 1059 EXIST::FUNCTION: +ASN1_BIT_STRING_get_bit 1060 EXIST::FUNCTION: +ASN1_BIT_STRING_set_bit 1061 EXIST::FUNCTION: +BIO_get_ex_data 1062 EXIST::FUNCTION: +BIO_get_ex_new_index 1063 EXIST::FUNCTION: +BIO_set_ex_data 1064 EXIST::FUNCTION: +X509v3_get_key_usage 1066 NOEXIST::FUNCTION: +X509v3_set_key_usage 1067 NOEXIST::FUNCTION: +a2i_X509v3_key_usage 1068 NOEXIST::FUNCTION: +i2a_X509v3_key_usage 1069 NOEXIST::FUNCTION: +EVP_PKEY_decrypt 1070 EXIST::FUNCTION: +EVP_PKEY_encrypt 1071 EXIST::FUNCTION: +PKCS7_RECIP_INFO_set 1072 EXIST::FUNCTION: +PKCS7_add_recipient 1073 EXIST::FUNCTION: +PKCS7_add_recipient_info 1074 EXIST::FUNCTION: +PKCS7_set_cipher 1075 EXIST::FUNCTION: +ASN1_TYPE_get_int_octetstring 1076 EXIST::FUNCTION: +ASN1_TYPE_get_octetstring 1077 EXIST::FUNCTION: +ASN1_TYPE_set_int_octetstring 1078 EXIST::FUNCTION: +ASN1_TYPE_set_octetstring 1079 EXIST::FUNCTION: +ASN1_UTCTIME_set_string 1080 EXIST::FUNCTION: +ERR_add_error_data 1081 EXIST::FUNCTION:BIO +ERR_set_error_data 1082 EXIST::FUNCTION: +EVP_CIPHER_asn1_to_param 1083 EXIST::FUNCTION: +EVP_CIPHER_param_to_asn1 1084 EXIST::FUNCTION: +EVP_CIPHER_get_asn1_iv 1085 EXIST::FUNCTION: +EVP_CIPHER_set_asn1_iv 1086 EXIST::FUNCTION: +EVP_rc5_32_12_16_cbc 1087 EXIST::FUNCTION:RC5 +EVP_rc5_32_12_16_cfb 1088 EXIST::FUNCTION:RC5 +EVP_rc5_32_12_16_ecb 1089 EXIST::FUNCTION:RC5 +EVP_rc5_32_12_16_ofb 1090 EXIST::FUNCTION:RC5 +asn1_add_error 1091 EXIST::FUNCTION: +d2i_ASN1_BMPSTRING 1092 EXIST::FUNCTION: +i2d_ASN1_BMPSTRING 1093 EXIST::FUNCTION: +BIO_f_ber 1094 NOEXIST::FUNCTION: +BN_init 1095 EXIST::FUNCTION: +COMP_CTX_new 1096 EXIST::FUNCTION: +COMP_CTX_free 1097 EXIST::FUNCTION: +COMP_CTX_compress_block 1098 NOEXIST::FUNCTION: +COMP_CTX_expand_block 1099 NOEXIST::FUNCTION: +X509_STORE_CTX_get_ex_new_index 1100 EXIST::FUNCTION: +OBJ_NAME_add 1101 EXIST::FUNCTION: +BIO_socket_nbio 1102 EXIST::FUNCTION: +EVP_rc2_64_cbc 1103 EXIST::FUNCTION:RC2 +OBJ_NAME_cleanup 1104 EXIST::FUNCTION: +OBJ_NAME_get 1105 EXIST::FUNCTION: +OBJ_NAME_init 1106 EXIST::FUNCTION: +OBJ_NAME_new_index 1107 EXIST::FUNCTION: +OBJ_NAME_remove 1108 EXIST::FUNCTION: +BN_MONT_CTX_copy 1109 EXIST::FUNCTION: +BIO_new_socks4a_connect 1110 NOEXIST::FUNCTION: +BIO_s_socks4a_connect 1111 NOEXIST::FUNCTION: +PROXY_set_connect_mode 1112 NOEXIST::FUNCTION: +RAND_SSLeay 1113 EXIST::FUNCTION: +RAND_set_rand_method 1114 EXIST::FUNCTION: +RSA_memory_lock 1115 EXIST::FUNCTION:RSA +bn_sub_words 1116 EXIST::FUNCTION: +bn_mul_normal 1117 NOEXIST::FUNCTION: +bn_mul_comba8 1118 NOEXIST::FUNCTION: +bn_mul_comba4 1119 NOEXIST::FUNCTION: +bn_sqr_normal 1120 NOEXIST::FUNCTION: +bn_sqr_comba8 1121 NOEXIST::FUNCTION: +bn_sqr_comba4 1122 NOEXIST::FUNCTION: +bn_cmp_words 1123 NOEXIST::FUNCTION: +bn_mul_recursive 1124 NOEXIST::FUNCTION: +bn_mul_part_recursive 1125 NOEXIST::FUNCTION: +bn_sqr_recursive 1126 NOEXIST::FUNCTION: +bn_mul_low_normal 1127 NOEXIST::FUNCTION: +BN_RECP_CTX_init 1128 EXIST::FUNCTION: +BN_RECP_CTX_new 1129 EXIST::FUNCTION: +BN_RECP_CTX_free 1130 EXIST::FUNCTION: +BN_RECP_CTX_set 1131 EXIST::FUNCTION: +BN_mod_mul_reciprocal 1132 EXIST::FUNCTION: +BN_mod_exp_recp 1133 EXIST::FUNCTION: +BN_div_recp 1134 EXIST::FUNCTION: +BN_CTX_init 1135 EXIST::FUNCTION: +BN_MONT_CTX_init 1136 EXIST::FUNCTION: +RAND_get_rand_method 1137 EXIST::FUNCTION: +PKCS7_add_attribute 1138 EXIST::FUNCTION: +PKCS7_add_signed_attribute 1139 EXIST::FUNCTION: +PKCS7_digest_from_attributes 1140 EXIST::FUNCTION: +PKCS7_get_attribute 1141 EXIST::FUNCTION: +PKCS7_get_issuer_and_serial 1142 EXIST::FUNCTION: +PKCS7_get_signed_attribute 1143 EXIST::FUNCTION: +COMP_compress_block 1144 EXIST::FUNCTION: +COMP_expand_block 1145 EXIST::FUNCTION: +COMP_rle 1146 EXIST::FUNCTION: +COMP_zlib 1147 EXIST::FUNCTION: +ms_time_diff 1148 EXIST::FUNCTION: +ms_time_new 1149 EXIST::FUNCTION: +ms_time_free 1150 EXIST::FUNCTION: +ms_time_cmp 1151 EXIST::FUNCTION: +ms_time_get 1152 EXIST::FUNCTION: +PKCS7_set_attributes 1153 EXIST::FUNCTION: +PKCS7_set_signed_attributes 1154 EXIST::FUNCTION: +X509_ATTRIBUTE_create 1155 EXIST::FUNCTION: +X509_ATTRIBUTE_dup 1156 EXIST::FUNCTION: +ASN1_GENERALIZEDTIME_check 1157 EXIST::FUNCTION: +ASN1_GENERALIZEDTIME_print 1158 EXIST::FUNCTION:BIO +ASN1_GENERALIZEDTIME_set 1159 EXIST::FUNCTION: +ASN1_GENERALIZEDTIME_set_string 1160 EXIST::FUNCTION: +ASN1_TIME_print 1161 EXIST::FUNCTION:BIO +BASIC_CONSTRAINTS_free 1162 EXIST::FUNCTION: +BASIC_CONSTRAINTS_new 1163 EXIST::FUNCTION: +ERR_load_X509V3_strings 1164 EXIST::FUNCTION: +NETSCAPE_CERT_SEQUENCE_free 1165 EXIST::FUNCTION: +NETSCAPE_CERT_SEQUENCE_new 1166 EXIST::FUNCTION: +OBJ_txt2obj 1167 EXIST::FUNCTION: +PEM_read_NETSCAPE_CERT_SEQUENCE 1168 EXIST:!VMS,!WIN16:FUNCTION: +PEM_read_NS_CERT_SEQ 1168 EXIST:VMS:FUNCTION: +PEM_read_bio_NETSCAPE_CERT_SEQUENCE 1169 EXIST:!VMS:FUNCTION: +PEM_read_bio_NS_CERT_SEQ 1169 EXIST:VMS:FUNCTION: +PEM_write_NETSCAPE_CERT_SEQUENCE 1170 EXIST:!VMS,!WIN16:FUNCTION: +PEM_write_NS_CERT_SEQ 1170 EXIST:VMS:FUNCTION: +PEM_write_bio_NETSCAPE_CERT_SEQUENCE 1171 EXIST:!VMS:FUNCTION: +PEM_write_bio_NS_CERT_SEQ 1171 EXIST:VMS:FUNCTION: +X509V3_EXT_add 1172 EXIST::FUNCTION: +X509V3_EXT_add_alias 1173 EXIST::FUNCTION: +X509V3_EXT_add_conf 1174 EXIST::FUNCTION: +X509V3_EXT_cleanup 1175 EXIST::FUNCTION: +X509V3_EXT_conf 1176 EXIST::FUNCTION: +X509V3_EXT_conf_nid 1177 EXIST::FUNCTION: +X509V3_EXT_get 1178 EXIST::FUNCTION: +X509V3_EXT_get_nid 1179 EXIST::FUNCTION: +X509V3_EXT_print 1180 EXIST::FUNCTION: +X509V3_EXT_print_fp 1181 EXIST::FUNCTION: +X509V3_add_standard_extensions 1182 EXIST::FUNCTION: +X509V3_add_value 1183 EXIST::FUNCTION: +X509V3_add_value_bool 1184 EXIST::FUNCTION: +X509V3_add_value_int 1185 EXIST::FUNCTION: +X509V3_conf_free 1186 EXIST::FUNCTION: +X509V3_get_value_bool 1187 EXIST::FUNCTION: +X509V3_get_value_int 1188 EXIST::FUNCTION: +X509V3_parse_list 1189 EXIST::FUNCTION: +d2i_ASN1_GENERALIZEDTIME 1190 EXIST::FUNCTION: +d2i_ASN1_TIME 1191 EXIST::FUNCTION: +d2i_BASIC_CONSTRAINTS 1192 EXIST::FUNCTION: +d2i_NETSCAPE_CERT_SEQUENCE 1193 EXIST::FUNCTION: +d2i_ext_ku 1194 NOEXIST::FUNCTION: +ext_ku_free 1195 NOEXIST::FUNCTION: +ext_ku_new 1196 NOEXIST::FUNCTION: +i2d_ASN1_GENERALIZEDTIME 1197 EXIST::FUNCTION: +i2d_ASN1_TIME 1198 EXIST::FUNCTION: +i2d_BASIC_CONSTRAINTS 1199 EXIST::FUNCTION: +i2d_NETSCAPE_CERT_SEQUENCE 1200 EXIST::FUNCTION: +i2d_ext_ku 1201 NOEXIST::FUNCTION: +EVP_MD_CTX_copy 1202 EXIST::FUNCTION: +i2d_ASN1_ENUMERATED 1203 EXIST::FUNCTION: +d2i_ASN1_ENUMERATED 1204 EXIST::FUNCTION: +ASN1_ENUMERATED_set 1205 EXIST::FUNCTION: +ASN1_ENUMERATED_get 1206 EXIST::FUNCTION: +BN_to_ASN1_ENUMERATED 1207 EXIST::FUNCTION: +ASN1_ENUMERATED_to_BN 1208 EXIST::FUNCTION: +i2a_ASN1_ENUMERATED 1209 EXIST::FUNCTION:BIO +a2i_ASN1_ENUMERATED 1210 EXIST::FUNCTION:BIO +i2d_GENERAL_NAME 1211 EXIST::FUNCTION: +d2i_GENERAL_NAME 1212 EXIST::FUNCTION: +GENERAL_NAME_new 1213 EXIST::FUNCTION: +GENERAL_NAME_free 1214 EXIST::FUNCTION: +GENERAL_NAMES_new 1215 EXIST::FUNCTION: +GENERAL_NAMES_free 1216 EXIST::FUNCTION: +d2i_GENERAL_NAMES 1217 EXIST::FUNCTION: +i2d_GENERAL_NAMES 1218 EXIST::FUNCTION: +i2v_GENERAL_NAMES 1219 EXIST::FUNCTION: +i2s_ASN1_OCTET_STRING 1220 EXIST::FUNCTION: +s2i_ASN1_OCTET_STRING 1221 EXIST::FUNCTION: +X509V3_EXT_check_conf 1222 NOEXIST::FUNCTION: +hex_to_string 1223 EXIST::FUNCTION: +string_to_hex 1224 EXIST::FUNCTION: +DES_ede3_cbcm_encrypt 1225 EXIST::FUNCTION:DES +RSA_padding_add_PKCS1_OAEP 1226 EXIST::FUNCTION:RSA +RSA_padding_check_PKCS1_OAEP 1227 EXIST::FUNCTION:RSA +X509_CRL_print_fp 1228 EXIST::FUNCTION:FP_API +X509_CRL_print 1229 EXIST::FUNCTION:BIO +i2v_GENERAL_NAME 1230 EXIST::FUNCTION: +v2i_GENERAL_NAME 1231 EXIST::FUNCTION: +i2d_PKEY_USAGE_PERIOD 1232 EXIST::FUNCTION: +d2i_PKEY_USAGE_PERIOD 1233 EXIST::FUNCTION: +PKEY_USAGE_PERIOD_new 1234 EXIST::FUNCTION: +PKEY_USAGE_PERIOD_free 1235 EXIST::FUNCTION: +v2i_GENERAL_NAMES 1236 EXIST::FUNCTION: +i2s_ASN1_INTEGER 1237 EXIST::FUNCTION: +X509V3_EXT_d2i 1238 EXIST::FUNCTION: +name_cmp 1239 EXIST::FUNCTION: +str_dup 1240 NOEXIST::FUNCTION: +i2s_ASN1_ENUMERATED 1241 EXIST::FUNCTION: +i2s_ASN1_ENUMERATED_TABLE 1242 EXIST::FUNCTION: +BIO_s_log 1243 EXIST:!WIN16,!WIN32,!macintosh:FUNCTION: +BIO_f_reliable 1244 EXIST::FUNCTION:BIO +PKCS7_dataFinal 1245 EXIST::FUNCTION: +PKCS7_dataDecode 1246 EXIST::FUNCTION: +X509V3_EXT_CRL_add_conf 1247 EXIST::FUNCTION: +BN_set_params 1248 EXIST::FUNCTION: +BN_get_params 1249 EXIST::FUNCTION: +BIO_get_ex_num 1250 NOEXIST::FUNCTION: +BIO_set_ex_free_func 1251 NOEXIST::FUNCTION: +EVP_ripemd160 1252 EXIST::FUNCTION:RIPEMD +ASN1_TIME_set 1253 EXIST::FUNCTION: +i2d_AUTHORITY_KEYID 1254 EXIST::FUNCTION: +d2i_AUTHORITY_KEYID 1255 EXIST::FUNCTION: +AUTHORITY_KEYID_new 1256 EXIST::FUNCTION: +AUTHORITY_KEYID_free 1257 EXIST::FUNCTION: +ASN1_seq_unpack 1258 EXIST::FUNCTION: +ASN1_seq_pack 1259 EXIST::FUNCTION: +ASN1_unpack_string 1260 EXIST::FUNCTION: +ASN1_pack_string 1261 EXIST::FUNCTION: +PKCS12_pack_safebag 1262 NOEXIST::FUNCTION: +PKCS12_MAKE_KEYBAG 1263 EXIST::FUNCTION: +PKCS8_encrypt 1264 EXIST::FUNCTION: +PKCS12_MAKE_SHKEYBAG 1265 EXIST::FUNCTION: +PKCS12_pack_p7data 1266 EXIST::FUNCTION: +PKCS12_pack_p7encdata 1267 EXIST::FUNCTION: +PKCS12_add_localkeyid 1268 EXIST::FUNCTION: +PKCS12_add_friendlyname_asc 1269 EXIST::FUNCTION: +PKCS12_add_friendlyname_uni 1270 EXIST::FUNCTION: +PKCS12_get_friendlyname 1271 EXIST::FUNCTION: +PKCS12_pbe_crypt 1272 EXIST::FUNCTION: +PKCS12_decrypt_d2i 1273 NOEXIST::FUNCTION: +PKCS12_i2d_encrypt 1274 NOEXIST::FUNCTION: +PKCS12_init 1275 EXIST::FUNCTION: +PKCS12_key_gen_asc 1276 EXIST::FUNCTION: +PKCS12_key_gen_uni 1277 EXIST::FUNCTION: +PKCS12_gen_mac 1278 EXIST::FUNCTION: +PKCS12_verify_mac 1279 EXIST::FUNCTION: +PKCS12_set_mac 1280 EXIST::FUNCTION: +PKCS12_setup_mac 1281 EXIST::FUNCTION: +asc2uni 1282 EXIST::FUNCTION: +uni2asc 1283 EXIST::FUNCTION: +i2d_PKCS12_BAGS 1284 EXIST::FUNCTION: +PKCS12_BAGS_new 1285 EXIST::FUNCTION: +d2i_PKCS12_BAGS 1286 EXIST::FUNCTION: +PKCS12_BAGS_free 1287 EXIST::FUNCTION: +i2d_PKCS12 1288 EXIST::FUNCTION: +d2i_PKCS12 1289 EXIST::FUNCTION: +PKCS12_new 1290 EXIST::FUNCTION: +PKCS12_free 1291 EXIST::FUNCTION: +i2d_PKCS12_MAC_DATA 1292 EXIST::FUNCTION: +PKCS12_MAC_DATA_new 1293 EXIST::FUNCTION: +d2i_PKCS12_MAC_DATA 1294 EXIST::FUNCTION: +PKCS12_MAC_DATA_free 1295 EXIST::FUNCTION: +i2d_PKCS12_SAFEBAG 1296 EXIST::FUNCTION: +PKCS12_SAFEBAG_new 1297 EXIST::FUNCTION: +d2i_PKCS12_SAFEBAG 1298 EXIST::FUNCTION: +PKCS12_SAFEBAG_free 1299 EXIST::FUNCTION: +ERR_load_PKCS12_strings 1300 EXIST::FUNCTION: +PKCS12_PBE_add 1301 EXIST::FUNCTION: +PKCS8_add_keyusage 1302 EXIST::FUNCTION: +PKCS12_get_attr_gen 1303 EXIST::FUNCTION: +PKCS12_parse 1304 EXIST::FUNCTION: +PKCS12_create 1305 EXIST::FUNCTION: +i2d_PKCS12_bio 1306 EXIST::FUNCTION: +i2d_PKCS12_fp 1307 EXIST::FUNCTION: +d2i_PKCS12_bio 1308 EXIST::FUNCTION: +d2i_PKCS12_fp 1309 EXIST::FUNCTION: +i2d_PBEPARAM 1310 EXIST::FUNCTION: +PBEPARAM_new 1311 EXIST::FUNCTION: +d2i_PBEPARAM 1312 EXIST::FUNCTION: +PBEPARAM_free 1313 EXIST::FUNCTION: +i2d_PKCS8_PRIV_KEY_INFO 1314 EXIST::FUNCTION: +PKCS8_PRIV_KEY_INFO_new 1315 EXIST::FUNCTION: +d2i_PKCS8_PRIV_KEY_INFO 1316 EXIST::FUNCTION: +PKCS8_PRIV_KEY_INFO_free 1317 EXIST::FUNCTION: +EVP_PKCS82PKEY 1318 EXIST::FUNCTION: +EVP_PKEY2PKCS8 1319 EXIST::FUNCTION: +PKCS8_set_broken 1320 EXIST::FUNCTION: +EVP_PBE_ALGOR_CipherInit 1321 NOEXIST::FUNCTION: +EVP_PBE_alg_add 1322 EXIST::FUNCTION: +PKCS5_pbe_set 1323 EXIST::FUNCTION: +EVP_PBE_cleanup 1324 EXIST::FUNCTION: +i2d_SXNET 1325 EXIST::FUNCTION: +d2i_SXNET 1326 EXIST::FUNCTION: +SXNET_new 1327 EXIST::FUNCTION: +SXNET_free 1328 EXIST::FUNCTION: +i2d_SXNETID 1329 EXIST::FUNCTION: +d2i_SXNETID 1330 EXIST::FUNCTION: +SXNETID_new 1331 EXIST::FUNCTION: +SXNETID_free 1332 EXIST::FUNCTION: +DSA_SIG_new 1333 EXIST::FUNCTION:DSA +DSA_SIG_free 1334 EXIST::FUNCTION:DSA +DSA_do_sign 1335 EXIST::FUNCTION:DSA +DSA_do_verify 1336 EXIST::FUNCTION:DSA +d2i_DSA_SIG 1337 EXIST::FUNCTION:DSA +i2d_DSA_SIG 1338 EXIST::FUNCTION:DSA +i2d_ASN1_VISIBLESTRING 1339 EXIST::FUNCTION: +d2i_ASN1_VISIBLESTRING 1340 EXIST::FUNCTION: +i2d_ASN1_UTF8STRING 1341 EXIST::FUNCTION: +d2i_ASN1_UTF8STRING 1342 EXIST::FUNCTION: +i2d_DIRECTORYSTRING 1343 EXIST::FUNCTION: +d2i_DIRECTORYSTRING 1344 EXIST::FUNCTION: +i2d_DISPLAYTEXT 1345 EXIST::FUNCTION: +d2i_DISPLAYTEXT 1346 EXIST::FUNCTION: +d2i_ASN1_SET_OF_X509 1379 NOEXIST::FUNCTION: +i2d_ASN1_SET_OF_X509 1380 NOEXIST::FUNCTION: +i2d_PBKDF2PARAM 1397 EXIST::FUNCTION: +PBKDF2PARAM_new 1398 EXIST::FUNCTION: +d2i_PBKDF2PARAM 1399 EXIST::FUNCTION: +PBKDF2PARAM_free 1400 EXIST::FUNCTION: +i2d_PBE2PARAM 1401 EXIST::FUNCTION: +PBE2PARAM_new 1402 EXIST::FUNCTION: +d2i_PBE2PARAM 1403 EXIST::FUNCTION: +PBE2PARAM_free 1404 EXIST::FUNCTION: +d2i_ASN1_SET_OF_GENERAL_NAME 1421 NOEXIST::FUNCTION: +i2d_ASN1_SET_OF_GENERAL_NAME 1422 NOEXIST::FUNCTION: +d2i_ASN1_SET_OF_SXNETID 1439 NOEXIST::FUNCTION: +i2d_ASN1_SET_OF_SXNETID 1440 NOEXIST::FUNCTION: +d2i_ASN1_SET_OF_POLICYQUALINFO 1457 NOEXIST::FUNCTION: +i2d_ASN1_SET_OF_POLICYQUALINFO 1458 NOEXIST::FUNCTION: +d2i_ASN1_SET_OF_POLICYINFO 1475 NOEXIST::FUNCTION: +i2d_ASN1_SET_OF_POLICYINFO 1476 NOEXIST::FUNCTION: +SXNET_add_id_asc 1477 EXIST::FUNCTION: +SXNET_add_id_ulong 1478 EXIST::FUNCTION: +SXNET_add_id_INTEGER 1479 EXIST::FUNCTION: +SXNET_get_id_asc 1480 EXIST::FUNCTION: +SXNET_get_id_ulong 1481 EXIST::FUNCTION: +SXNET_get_id_INTEGER 1482 EXIST::FUNCTION: +X509V3_set_conf_lhash 1483 EXIST::FUNCTION: +i2d_CERTIFICATEPOLICIES 1484 EXIST::FUNCTION: +CERTIFICATEPOLICIES_new 1485 EXIST::FUNCTION: +CERTIFICATEPOLICIES_free 1486 EXIST::FUNCTION: +d2i_CERTIFICATEPOLICIES 1487 EXIST::FUNCTION: +i2d_POLICYINFO 1488 EXIST::FUNCTION: +POLICYINFO_new 1489 EXIST::FUNCTION: +d2i_POLICYINFO 1490 EXIST::FUNCTION: +POLICYINFO_free 1491 EXIST::FUNCTION: +i2d_POLICYQUALINFO 1492 EXIST::FUNCTION: +POLICYQUALINFO_new 1493 EXIST::FUNCTION: +d2i_POLICYQUALINFO 1494 EXIST::FUNCTION: +POLICYQUALINFO_free 1495 EXIST::FUNCTION: +i2d_USERNOTICE 1496 EXIST::FUNCTION: +USERNOTICE_new 1497 EXIST::FUNCTION: +d2i_USERNOTICE 1498 EXIST::FUNCTION: +USERNOTICE_free 1499 EXIST::FUNCTION: +i2d_NOTICEREF 1500 EXIST::FUNCTION: +NOTICEREF_new 1501 EXIST::FUNCTION: +d2i_NOTICEREF 1502 EXIST::FUNCTION: +NOTICEREF_free 1503 EXIST::FUNCTION: +X509V3_get_string 1504 EXIST::FUNCTION: +X509V3_get_section 1505 EXIST::FUNCTION: +X509V3_string_free 1506 EXIST::FUNCTION: +X509V3_section_free 1507 EXIST::FUNCTION: +X509V3_set_ctx 1508 EXIST::FUNCTION: +s2i_ASN1_INTEGER 1509 EXIST::FUNCTION: +CRYPTO_set_locked_mem_functions 1510 EXIST::FUNCTION: +CRYPTO_get_locked_mem_functions 1511 EXIST::FUNCTION: +CRYPTO_malloc_locked 1512 EXIST::FUNCTION: +CRYPTO_free_locked 1513 EXIST::FUNCTION: +BN_mod_exp2_mont 1514 EXIST::FUNCTION: +ERR_get_error_line_data 1515 EXIST::FUNCTION: +ERR_peek_error_line_data 1516 EXIST::FUNCTION: +PKCS12_PBE_keyivgen 1517 EXIST::FUNCTION: +X509_ALGOR_dup 1518 EXIST::FUNCTION: +d2i_ASN1_SET_OF_DIST_POINT 1535 NOEXIST::FUNCTION: +i2d_ASN1_SET_OF_DIST_POINT 1536 NOEXIST::FUNCTION: +i2d_CRL_DIST_POINTS 1537 EXIST::FUNCTION: +CRL_DIST_POINTS_new 1538 EXIST::FUNCTION: +CRL_DIST_POINTS_free 1539 EXIST::FUNCTION: +d2i_CRL_DIST_POINTS 1540 EXIST::FUNCTION: +i2d_DIST_POINT 1541 EXIST::FUNCTION: +DIST_POINT_new 1542 EXIST::FUNCTION: +d2i_DIST_POINT 1543 EXIST::FUNCTION: +DIST_POINT_free 1544 EXIST::FUNCTION: +i2d_DIST_POINT_NAME 1545 EXIST::FUNCTION: +DIST_POINT_NAME_new 1546 EXIST::FUNCTION: +DIST_POINT_NAME_free 1547 EXIST::FUNCTION: +d2i_DIST_POINT_NAME 1548 EXIST::FUNCTION: +X509V3_add_value_uchar 1549 EXIST::FUNCTION: +d2i_ASN1_SET_OF_X509_ATTRIBUTE 1555 NOEXIST::FUNCTION: +i2d_ASN1_SET_OF_ASN1_TYPE 1560 NOEXIST::FUNCTION: +d2i_ASN1_SET_OF_X509_EXTENSION 1567 NOEXIST::FUNCTION: +d2i_ASN1_SET_OF_X509_NAME_ENTRY 1574 NOEXIST::FUNCTION: +d2i_ASN1_SET_OF_ASN1_TYPE 1589 NOEXIST::FUNCTION: +i2d_ASN1_SET_OF_X509_ATTRIBUTE 1615 NOEXIST::FUNCTION: +i2d_ASN1_SET_OF_X509_EXTENSION 1624 NOEXIST::FUNCTION: +i2d_ASN1_SET_OF_X509_NAME_ENTRY 1633 NOEXIST::FUNCTION: +X509V3_EXT_i2d 1646 EXIST::FUNCTION: +X509V3_EXT_val_prn 1647 EXIST::FUNCTION: +X509V3_EXT_add_list 1648 EXIST::FUNCTION: +EVP_CIPHER_type 1649 EXIST::FUNCTION: +EVP_PBE_CipherInit 1650 EXIST::FUNCTION: +X509V3_add_value_bool_nf 1651 EXIST::FUNCTION: +d2i_ASN1_UINTEGER 1652 EXIST::FUNCTION: +sk_value 1653 EXIST::FUNCTION: +sk_num 1654 EXIST::FUNCTION: +sk_set 1655 EXIST::FUNCTION: +i2d_ASN1_SET_OF_X509_REVOKED 1661 NOEXIST::FUNCTION: +sk_sort 1671 EXIST::FUNCTION: +d2i_ASN1_SET_OF_X509_REVOKED 1674 NOEXIST::FUNCTION: +i2d_ASN1_SET_OF_X509_ALGOR 1682 NOEXIST::FUNCTION: +i2d_ASN1_SET_OF_X509_CRL 1685 NOEXIST::FUNCTION: +d2i_ASN1_SET_OF_X509_ALGOR 1696 NOEXIST::FUNCTION: +d2i_ASN1_SET_OF_X509_CRL 1702 NOEXIST::FUNCTION: +i2d_ASN1_SET_OF_PKCS7_SIGNER_INFO 1723 NOEXIST::FUNCTION: +i2d_ASN1_SET_OF_PKCS7_RECIP_INFO 1738 NOEXIST::FUNCTION: +d2i_ASN1_SET_OF_PKCS7_SIGNER_INFO 1748 NOEXIST::FUNCTION: +d2i_ASN1_SET_OF_PKCS7_RECIP_INFO 1753 NOEXIST::FUNCTION: +PKCS5_PBE_add 1775 EXIST::FUNCTION: +PEM_write_bio_PKCS8 1776 EXIST::FUNCTION: +i2d_PKCS8_fp 1777 EXIST::FUNCTION:FP_API +PEM_read_bio_PKCS8_PRIV_KEY_INFO 1778 EXIST:!VMS:FUNCTION: +PEM_read_bio_P8_PRIV_KEY_INFO 1778 EXIST:VMS:FUNCTION: +d2i_PKCS8_bio 1779 EXIST::FUNCTION:BIO +d2i_PKCS8_PRIV_KEY_INFO_fp 1780 EXIST::FUNCTION:FP_API +PEM_write_bio_PKCS8_PRIV_KEY_INFO 1781 EXIST:!VMS:FUNCTION: +PEM_write_bio_P8_PRIV_KEY_INFO 1781 EXIST:VMS:FUNCTION: +PEM_read_PKCS8 1782 EXIST:!WIN16:FUNCTION: +d2i_PKCS8_PRIV_KEY_INFO_bio 1783 EXIST::FUNCTION:BIO +d2i_PKCS8_fp 1784 EXIST::FUNCTION:FP_API +PEM_write_PKCS8 1785 EXIST:!WIN16:FUNCTION: +PEM_read_PKCS8_PRIV_KEY_INFO 1786 EXIST:!VMS,!WIN16:FUNCTION: +PEM_read_P8_PRIV_KEY_INFO 1786 EXIST:VMS:FUNCTION: +PEM_read_bio_PKCS8 1787 EXIST::FUNCTION: +PEM_write_PKCS8_PRIV_KEY_INFO 1788 EXIST:!VMS,!WIN16:FUNCTION: +PEM_write_P8_PRIV_KEY_INFO 1788 EXIST:VMS:FUNCTION: +PKCS5_PBE_keyivgen 1789 EXIST::FUNCTION: +i2d_PKCS8_bio 1790 EXIST::FUNCTION:BIO +i2d_PKCS8_PRIV_KEY_INFO_fp 1791 EXIST::FUNCTION:FP_API +i2d_PKCS8_PRIV_KEY_INFO_bio 1792 EXIST::FUNCTION:BIO +BIO_s_bio 1793 EXIST::FUNCTION: +PKCS5_pbe2_set 1794 EXIST::FUNCTION: +PKCS5_PBKDF2_HMAC_SHA1 1795 EXIST::FUNCTION: +PKCS5_v2_PBE_keyivgen 1796 EXIST::FUNCTION: +PEM_write_bio_PKCS8PrivateKey 1797 EXIST::FUNCTION: +PEM_write_PKCS8PrivateKey 1798 EXIST::FUNCTION: +BIO_ctrl_get_read_request 1799 EXIST::FUNCTION: +BIO_ctrl_pending 1800 EXIST::FUNCTION: +BIO_ctrl_wpending 1801 EXIST::FUNCTION: +BIO_new_bio_pair 1802 EXIST::FUNCTION: +BIO_ctrl_get_write_guarantee 1803 EXIST::FUNCTION: +CRYPTO_num_locks 1804 EXIST::FUNCTION: +CONF_load_bio 1805 EXIST::FUNCTION: +CONF_load_fp 1806 EXIST::FUNCTION:FP_API +i2d_ASN1_SET_OF_ASN1_OBJECT 1837 NOEXIST::FUNCTION: +d2i_ASN1_SET_OF_ASN1_OBJECT 1844 NOEXIST::FUNCTION: +PKCS7_signatureVerify 1845 EXIST::FUNCTION: +RSA_set_method 1846 EXIST::FUNCTION:RSA +RSA_get_method 1847 EXIST::FUNCTION:RSA +RSA_get_default_method 1848 EXIST::FUNCTION:RSA +RSA_check_key 1869 EXIST::FUNCTION:RSA +OBJ_obj2txt 1870 EXIST::FUNCTION: +DSA_dup_DH 1871 EXIST::FUNCTION:DH,DSA +X509_REQ_get_extensions 1872 EXIST::FUNCTION: +X509_REQ_set_extension_nids 1873 EXIST::FUNCTION: +BIO_nwrite 1874 EXIST::FUNCTION: +X509_REQ_extension_nid 1875 EXIST::FUNCTION: +BIO_nread 1876 EXIST::FUNCTION: +X509_REQ_get_extension_nids 1877 EXIST::FUNCTION: +BIO_nwrite0 1878 EXIST::FUNCTION: +X509_REQ_add_extensions_nid 1879 EXIST::FUNCTION: +BIO_nread0 1880 EXIST::FUNCTION: +X509_REQ_add_extensions 1881 EXIST::FUNCTION: +BIO_new_mem_buf 1882 EXIST::FUNCTION: +DH_set_ex_data 1883 EXIST::FUNCTION:DH +DH_set_method 1884 EXIST::FUNCTION:DH +DSA_OpenSSL 1885 EXIST::FUNCTION:DSA +DH_get_ex_data 1886 EXIST::FUNCTION:DH +DH_get_ex_new_index 1887 EXIST::FUNCTION:DH +DSA_new_method 1888 EXIST::FUNCTION:DSA +DH_new_method 1889 EXIST::FUNCTION:DH +DH_OpenSSL 1890 EXIST::FUNCTION:DH +DSA_get_ex_new_index 1891 EXIST::FUNCTION:DSA +DH_get_default_method 1892 EXIST::FUNCTION:DH +DSA_set_ex_data 1893 EXIST::FUNCTION:DSA +DH_set_default_method 1894 EXIST::FUNCTION:DH +DSA_get_ex_data 1895 EXIST::FUNCTION:DSA +X509V3_EXT_REQ_add_conf 1896 EXIST::FUNCTION: +NETSCAPE_SPKI_print 1897 EXIST::FUNCTION:EVP +NETSCAPE_SPKI_set_pubkey 1898 EXIST::FUNCTION:EVP +NETSCAPE_SPKI_b64_encode 1899 EXIST::FUNCTION:EVP +NETSCAPE_SPKI_get_pubkey 1900 EXIST::FUNCTION:EVP +NETSCAPE_SPKI_b64_decode 1901 EXIST::FUNCTION:EVP +UTF8_putc 1902 EXIST::FUNCTION: +UTF8_getc 1903 EXIST::FUNCTION: +RSA_null_method 1904 EXIST::FUNCTION:RSA +ASN1_tag2str 1905 EXIST::FUNCTION: +BIO_ctrl_reset_read_request 1906 EXIST::FUNCTION: +DISPLAYTEXT_new 1907 EXIST::FUNCTION: +ASN1_GENERALIZEDTIME_free 1908 EXIST::FUNCTION: +X509_REVOKED_get_ext_d2i 1909 EXIST::FUNCTION: +X509_set_ex_data 1910 EXIST::FUNCTION: +X509_reject_set_bit_asc 1911 NOEXIST::FUNCTION: +X509_NAME_add_entry_by_txt 1912 EXIST::FUNCTION: +X509_NAME_add_entry_by_NID 1914 EXIST::FUNCTION: +X509_PURPOSE_get0 1915 EXIST::FUNCTION: +PEM_read_X509_AUX 1917 EXIST:!WIN16:FUNCTION: +d2i_AUTHORITY_INFO_ACCESS 1918 EXIST::FUNCTION: +PEM_write_PUBKEY 1921 EXIST:!WIN16:FUNCTION: +ACCESS_DESCRIPTION_new 1925 EXIST::FUNCTION: +X509_CERT_AUX_free 1926 EXIST::FUNCTION: +d2i_ACCESS_DESCRIPTION 1927 EXIST::FUNCTION: +X509_trust_clear 1928 EXIST::FUNCTION: +X509_TRUST_add 1931 EXIST::FUNCTION: +ASN1_VISIBLESTRING_new 1932 EXIST::FUNCTION: +X509_alias_set1 1933 EXIST::FUNCTION: +ASN1_PRINTABLESTRING_free 1934 EXIST::FUNCTION: +EVP_PKEY_get1_DSA 1935 EXIST::FUNCTION:DSA +ASN1_BMPSTRING_new 1936 EXIST::FUNCTION: +ASN1_mbstring_copy 1937 EXIST::FUNCTION: +ASN1_UTF8STRING_new 1938 EXIST::FUNCTION: +DSA_get_default_method 1941 EXIST::FUNCTION:DSA +i2d_ASN1_SET_OF_ACCESS_DESCRIPTION 1945 NOEXIST::FUNCTION: +ASN1_T61STRING_free 1946 EXIST::FUNCTION: +DSA_set_method 1949 EXIST::FUNCTION:DSA +X509_get_ex_data 1950 EXIST::FUNCTION: +ASN1_STRING_type 1951 EXIST::FUNCTION: +X509_PURPOSE_get_by_sname 1952 EXIST::FUNCTION: +ASN1_TIME_free 1954 EXIST::FUNCTION: +ASN1_OCTET_STRING_cmp 1955 EXIST::FUNCTION: +ASN1_BIT_STRING_new 1957 EXIST::FUNCTION: +X509_get_ext_d2i 1958 EXIST::FUNCTION: +PEM_read_bio_X509_AUX 1959 EXIST::FUNCTION: +ASN1_STRING_set_default_mask_asc 1960 EXIST:!VMS:FUNCTION: +ASN1_STRING_set_def_mask_asc 1960 EXIST:VMS:FUNCTION: +PEM_write_bio_RSA_PUBKEY 1961 EXIST::FUNCTION:RSA +ASN1_INTEGER_cmp 1963 EXIST::FUNCTION: +d2i_RSA_PUBKEY_fp 1964 EXIST::FUNCTION:FP_API,RSA +X509_trust_set_bit_asc 1967 NOEXIST::FUNCTION: +PEM_write_bio_DSA_PUBKEY 1968 EXIST::FUNCTION:DSA +X509_STORE_CTX_free 1969 EXIST::FUNCTION: +EVP_PKEY_set1_DSA 1970 EXIST::FUNCTION:DSA +i2d_DSA_PUBKEY_fp 1971 EXIST::FUNCTION:DSA,FP_API +X509_load_cert_crl_file 1972 EXIST::FUNCTION:STDIO +ASN1_TIME_new 1973 EXIST::FUNCTION: +i2d_RSA_PUBKEY 1974 EXIST::FUNCTION:RSA +X509_STORE_CTX_purpose_inherit 1976 EXIST::FUNCTION: +PEM_read_RSA_PUBKEY 1977 EXIST:!WIN16:FUNCTION:RSA +d2i_X509_AUX 1980 EXIST::FUNCTION: +i2d_DSA_PUBKEY 1981 EXIST::FUNCTION:DSA +X509_CERT_AUX_print 1982 EXIST::FUNCTION:BIO +PEM_read_DSA_PUBKEY 1984 EXIST:!WIN16:FUNCTION:DSA +i2d_RSA_PUBKEY_bio 1985 EXIST::FUNCTION:BIO,RSA +ASN1_BIT_STRING_num_asc 1986 EXIST::FUNCTION: +i2d_PUBKEY 1987 EXIST::FUNCTION: +ASN1_UTCTIME_free 1988 EXIST::FUNCTION: +DSA_set_default_method 1989 EXIST::FUNCTION:DSA +X509_PURPOSE_get_by_id 1990 EXIST::FUNCTION: +ACCESS_DESCRIPTION_free 1994 EXIST::FUNCTION: +PEM_read_bio_PUBKEY 1995 EXIST::FUNCTION: +ASN1_STRING_set_by_NID 1996 EXIST::FUNCTION: +X509_PURPOSE_get_id 1997 EXIST::FUNCTION: +DISPLAYTEXT_free 1998 EXIST::FUNCTION: +OTHERNAME_new 1999 EXIST::FUNCTION: +X509_CERT_AUX_new 2001 EXIST::FUNCTION: +X509_TRUST_cleanup 2007 EXIST::FUNCTION: +X509_NAME_add_entry_by_OBJ 2008 EXIST::FUNCTION: +X509_CRL_get_ext_d2i 2009 EXIST::FUNCTION: +X509_PURPOSE_get0_name 2011 EXIST::FUNCTION: +PEM_read_PUBKEY 2012 EXIST:!WIN16:FUNCTION: +i2d_DSA_PUBKEY_bio 2014 EXIST::FUNCTION:BIO,DSA +i2d_OTHERNAME 2015 EXIST::FUNCTION: +ASN1_OCTET_STRING_free 2016 EXIST::FUNCTION: +ASN1_BIT_STRING_set_asc 2017 EXIST::FUNCTION: +X509_get_ex_new_index 2019 EXIST::FUNCTION: +ASN1_STRING_TABLE_cleanup 2020 EXIST::FUNCTION: +X509_TRUST_get_by_id 2021 EXIST::FUNCTION: +X509_PURPOSE_get_trust 2022 EXIST::FUNCTION: +ASN1_STRING_length 2023 EXIST::FUNCTION: +d2i_ASN1_SET_OF_ACCESS_DESCRIPTION 2024 NOEXIST::FUNCTION: +ASN1_PRINTABLESTRING_new 2025 EXIST::FUNCTION: +X509V3_get_d2i 2026 EXIST::FUNCTION: +ASN1_ENUMERATED_free 2027 EXIST::FUNCTION: +i2d_X509_CERT_AUX 2028 EXIST::FUNCTION: +X509_STORE_CTX_set_trust 2030 EXIST::FUNCTION: +ASN1_STRING_set_default_mask 2032 EXIST::FUNCTION: +X509_STORE_CTX_new 2033 EXIST::FUNCTION: +EVP_PKEY_get1_RSA 2034 EXIST::FUNCTION:RSA +DIRECTORYSTRING_free 2038 EXIST::FUNCTION: +PEM_write_X509_AUX 2039 EXIST:!WIN16:FUNCTION: +ASN1_OCTET_STRING_set 2040 EXIST::FUNCTION: +d2i_DSA_PUBKEY_fp 2041 EXIST::FUNCTION:DSA,FP_API +d2i_RSA_PUBKEY 2044 EXIST::FUNCTION:RSA +X509_TRUST_get0_name 2046 EXIST::FUNCTION: +X509_TRUST_get0 2047 EXIST::FUNCTION: +AUTHORITY_INFO_ACCESS_free 2048 EXIST::FUNCTION: +ASN1_IA5STRING_new 2049 EXIST::FUNCTION: +d2i_DSA_PUBKEY 2050 EXIST::FUNCTION:DSA +X509_check_purpose 2051 EXIST::FUNCTION: +ASN1_ENUMERATED_new 2052 EXIST::FUNCTION: +d2i_RSA_PUBKEY_bio 2053 EXIST::FUNCTION:BIO,RSA +d2i_PUBKEY 2054 EXIST::FUNCTION: +X509_TRUST_get_trust 2055 EXIST::FUNCTION: +X509_TRUST_get_flags 2056 EXIST::FUNCTION: +ASN1_BMPSTRING_free 2057 EXIST::FUNCTION: +ASN1_T61STRING_new 2058 EXIST::FUNCTION: +ASN1_UTCTIME_new 2060 EXIST::FUNCTION: +i2d_AUTHORITY_INFO_ACCESS 2062 EXIST::FUNCTION: +EVP_PKEY_set1_RSA 2063 EXIST::FUNCTION:RSA +X509_STORE_CTX_set_purpose 2064 EXIST::FUNCTION: +ASN1_IA5STRING_free 2065 EXIST::FUNCTION: +PEM_write_bio_X509_AUX 2066 EXIST::FUNCTION: +X509_PURPOSE_get_count 2067 EXIST::FUNCTION: +CRYPTO_add_info 2068 NOEXIST::FUNCTION: +X509_NAME_ENTRY_create_by_txt 2071 EXIST::FUNCTION: +ASN1_STRING_get_default_mask 2072 EXIST::FUNCTION: +X509_alias_get0 2074 EXIST::FUNCTION: +ASN1_STRING_data 2075 EXIST::FUNCTION: +i2d_ACCESS_DESCRIPTION 2077 EXIST::FUNCTION: +X509_trust_set_bit 2078 NOEXIST::FUNCTION: +ASN1_BIT_STRING_free 2080 EXIST::FUNCTION: +PEM_read_bio_RSA_PUBKEY 2081 EXIST::FUNCTION:RSA +X509_add1_reject_object 2082 EXIST::FUNCTION: +X509_check_trust 2083 EXIST::FUNCTION: +PEM_read_bio_DSA_PUBKEY 2088 EXIST::FUNCTION:DSA +X509_PURPOSE_add 2090 EXIST::FUNCTION: +ASN1_STRING_TABLE_get 2091 EXIST::FUNCTION: +ASN1_UTF8STRING_free 2092 EXIST::FUNCTION: +d2i_DSA_PUBKEY_bio 2093 EXIST::FUNCTION:BIO,DSA +PEM_write_RSA_PUBKEY 2095 EXIST:!WIN16:FUNCTION:RSA +d2i_OTHERNAME 2096 EXIST::FUNCTION: +X509_reject_set_bit 2098 NOEXIST::FUNCTION: +PEM_write_DSA_PUBKEY 2101 EXIST:!WIN16:FUNCTION:DSA +X509_PURPOSE_get0_sname 2105 EXIST::FUNCTION: +EVP_PKEY_set1_DH 2107 EXIST::FUNCTION:DH +ASN1_OCTET_STRING_dup 2108 EXIST::FUNCTION: +ASN1_BIT_STRING_set 2109 EXIST::FUNCTION: +X509_TRUST_get_count 2110 EXIST::FUNCTION: +ASN1_INTEGER_free 2111 EXIST::FUNCTION: +OTHERNAME_free 2112 EXIST::FUNCTION: +i2d_RSA_PUBKEY_fp 2113 EXIST::FUNCTION:FP_API,RSA +ASN1_INTEGER_dup 2114 EXIST::FUNCTION: +d2i_X509_CERT_AUX 2115 EXIST::FUNCTION: +PEM_write_bio_PUBKEY 2117 EXIST::FUNCTION: +ASN1_VISIBLESTRING_free 2118 EXIST::FUNCTION: +X509_PURPOSE_cleanup 2119 EXIST::FUNCTION: +ASN1_mbstring_ncopy 2123 EXIST::FUNCTION: +ASN1_GENERALIZEDTIME_new 2126 EXIST::FUNCTION: +EVP_PKEY_get1_DH 2128 EXIST::FUNCTION:DH +ASN1_OCTET_STRING_new 2130 EXIST::FUNCTION: +ASN1_INTEGER_new 2131 EXIST::FUNCTION: +i2d_X509_AUX 2132 EXIST::FUNCTION: +ASN1_BIT_STRING_name_print 2134 EXIST::FUNCTION:BIO +X509_cmp 2135 EXIST::FUNCTION: +ASN1_STRING_length_set 2136 EXIST::FUNCTION: +DIRECTORYSTRING_new 2137 EXIST::FUNCTION: +X509_add1_trust_object 2140 EXIST::FUNCTION: +PKCS12_newpass 2141 EXIST::FUNCTION: +SMIME_write_PKCS7 2142 EXIST::FUNCTION: +SMIME_read_PKCS7 2143 EXIST::FUNCTION: +DES_set_key_checked 2144 EXIST::FUNCTION:DES +PKCS7_verify 2145 EXIST::FUNCTION: +PKCS7_encrypt 2146 EXIST::FUNCTION: +DES_set_key_unchecked 2147 EXIST::FUNCTION:DES +SMIME_crlf_copy 2148 EXIST::FUNCTION: +i2d_ASN1_PRINTABLESTRING 2149 EXIST::FUNCTION: +PKCS7_get0_signers 2150 EXIST::FUNCTION: +PKCS7_decrypt 2151 EXIST::FUNCTION: +SMIME_text 2152 EXIST::FUNCTION: +PKCS7_simple_smimecap 2153 EXIST::FUNCTION: +PKCS7_get_smimecap 2154 EXIST::FUNCTION: +PKCS7_sign 2155 EXIST::FUNCTION: +PKCS7_add_attrib_smimecap 2156 EXIST::FUNCTION: +CRYPTO_dbg_set_options 2157 EXIST::FUNCTION: +CRYPTO_remove_all_info 2158 EXIST::FUNCTION: +CRYPTO_get_mem_debug_functions 2159 EXIST::FUNCTION: +CRYPTO_is_mem_check_on 2160 EXIST::FUNCTION: +CRYPTO_set_mem_debug_functions 2161 EXIST::FUNCTION: +CRYPTO_pop_info 2162 EXIST::FUNCTION: +CRYPTO_push_info_ 2163 EXIST::FUNCTION: +CRYPTO_set_mem_debug_options 2164 EXIST::FUNCTION: +PEM_write_PKCS8PrivateKey_nid 2165 EXIST::FUNCTION: +PEM_write_bio_PKCS8PrivateKey_nid 2166 EXIST:!VMS:FUNCTION: +PEM_write_bio_PKCS8PrivKey_nid 2166 EXIST:VMS:FUNCTION: +d2i_PKCS8PrivateKey_bio 2167 EXIST::FUNCTION: +ASN1_NULL_free 2168 EXIST::FUNCTION: +d2i_ASN1_NULL 2169 EXIST::FUNCTION: +ASN1_NULL_new 2170 EXIST::FUNCTION: +i2d_PKCS8PrivateKey_bio 2171 EXIST::FUNCTION: +i2d_PKCS8PrivateKey_fp 2172 EXIST::FUNCTION: +i2d_ASN1_NULL 2173 EXIST::FUNCTION: +i2d_PKCS8PrivateKey_nid_fp 2174 EXIST::FUNCTION: +d2i_PKCS8PrivateKey_fp 2175 EXIST::FUNCTION: +i2d_PKCS8PrivateKey_nid_bio 2176 EXIST::FUNCTION: +i2d_PKCS8PrivateKeyInfo_fp 2177 EXIST::FUNCTION:FP_API +i2d_PKCS8PrivateKeyInfo_bio 2178 EXIST::FUNCTION:BIO +PEM_cb 2179 NOEXIST::FUNCTION: +i2d_PrivateKey_fp 2180 EXIST::FUNCTION:FP_API +d2i_PrivateKey_bio 2181 EXIST::FUNCTION:BIO +d2i_PrivateKey_fp 2182 EXIST::FUNCTION:FP_API +i2d_PrivateKey_bio 2183 EXIST::FUNCTION:BIO +X509_reject_clear 2184 EXIST::FUNCTION: +X509_TRUST_set_default 2185 EXIST::FUNCTION: +d2i_AutoPrivateKey 2186 EXIST::FUNCTION: +X509_ATTRIBUTE_get0_type 2187 EXIST::FUNCTION: +X509_ATTRIBUTE_set1_data 2188 EXIST::FUNCTION: +X509at_get_attr 2189 EXIST::FUNCTION: +X509at_get_attr_count 2190 EXIST::FUNCTION: +X509_ATTRIBUTE_create_by_NID 2191 EXIST::FUNCTION: +X509_ATTRIBUTE_set1_object 2192 EXIST::FUNCTION: +X509_ATTRIBUTE_count 2193 EXIST::FUNCTION: +X509_ATTRIBUTE_create_by_OBJ 2194 EXIST::FUNCTION: +X509_ATTRIBUTE_get0_object 2195 EXIST::FUNCTION: +X509at_get_attr_by_NID 2196 EXIST::FUNCTION: +X509at_add1_attr 2197 EXIST::FUNCTION: +X509_ATTRIBUTE_get0_data 2198 EXIST::FUNCTION: +X509at_delete_attr 2199 EXIST::FUNCTION: +X509at_get_attr_by_OBJ 2200 EXIST::FUNCTION: +RAND_add 2201 EXIST::FUNCTION: +BIO_number_written 2202 EXIST::FUNCTION: +BIO_number_read 2203 EXIST::FUNCTION: +X509_STORE_CTX_get1_chain 2204 EXIST::FUNCTION: +ERR_load_RAND_strings 2205 EXIST::FUNCTION: +RAND_pseudo_bytes 2206 EXIST::FUNCTION: +X509_REQ_get_attr_by_NID 2207 EXIST::FUNCTION: +X509_REQ_get_attr 2208 EXIST::FUNCTION: +X509_REQ_add1_attr_by_NID 2209 EXIST::FUNCTION: +X509_REQ_get_attr_by_OBJ 2210 EXIST::FUNCTION: +X509at_add1_attr_by_NID 2211 EXIST::FUNCTION: +X509_REQ_add1_attr_by_OBJ 2212 EXIST::FUNCTION: +X509_REQ_get_attr_count 2213 EXIST::FUNCTION: +X509_REQ_add1_attr 2214 EXIST::FUNCTION: +X509_REQ_delete_attr 2215 EXIST::FUNCTION: +X509at_add1_attr_by_OBJ 2216 EXIST::FUNCTION: +X509_REQ_add1_attr_by_txt 2217 EXIST::FUNCTION: +X509_ATTRIBUTE_create_by_txt 2218 EXIST::FUNCTION: +X509at_add1_attr_by_txt 2219 EXIST::FUNCTION: +BN_pseudo_rand 2239 EXIST::FUNCTION: +BN_is_prime_fasttest 2240 EXIST::FUNCTION: +BN_CTX_end 2241 EXIST::FUNCTION: +BN_CTX_start 2242 EXIST::FUNCTION: +BN_CTX_get 2243 EXIST::FUNCTION: +EVP_PKEY2PKCS8_broken 2244 EXIST::FUNCTION: +ASN1_STRING_TABLE_add 2245 EXIST::FUNCTION: +CRYPTO_dbg_get_options 2246 EXIST::FUNCTION: +AUTHORITY_INFO_ACCESS_new 2247 EXIST::FUNCTION: +CRYPTO_get_mem_debug_options 2248 EXIST::FUNCTION: +DES_crypt 2249 EXIST::FUNCTION:DES +PEM_write_bio_X509_REQ_NEW 2250 EXIST::FUNCTION: +PEM_write_X509_REQ_NEW 2251 EXIST:!WIN16:FUNCTION: +BIO_callback_ctrl 2252 EXIST::FUNCTION: +RAND_egd 2253 EXIST::FUNCTION: +RAND_status 2254 EXIST::FUNCTION: +bn_dump1 2255 NOEXIST::FUNCTION: +DES_check_key_parity 2256 EXIST::FUNCTION:DES +lh_num_items 2257 EXIST::FUNCTION: +RAND_event 2258 EXIST:WIN32:FUNCTION: +DSO_new 2259 EXIST::FUNCTION: +DSO_new_method 2260 EXIST::FUNCTION: +DSO_free 2261 EXIST::FUNCTION: +DSO_flags 2262 EXIST::FUNCTION: +DSO_up 2263 NOEXIST::FUNCTION: +DSO_set_default_method 2264 EXIST::FUNCTION: +DSO_get_default_method 2265 EXIST::FUNCTION: +DSO_get_method 2266 EXIST::FUNCTION: +DSO_set_method 2267 EXIST::FUNCTION: +DSO_load 2268 EXIST::FUNCTION: +DSO_bind_var 2269 EXIST::FUNCTION: +DSO_METHOD_null 2270 EXIST::FUNCTION: +DSO_METHOD_openssl 2271 EXIST::FUNCTION: +DSO_METHOD_dlfcn 2272 EXIST::FUNCTION: +DSO_METHOD_win32 2273 EXIST::FUNCTION: +ERR_load_DSO_strings 2274 EXIST::FUNCTION: +DSO_METHOD_dl 2275 EXIST::FUNCTION: +NCONF_load 2276 EXIST::FUNCTION: +NCONF_load_fp 2278 EXIST::FUNCTION:FP_API +NCONF_new 2279 EXIST::FUNCTION: +NCONF_get_string 2280 EXIST::FUNCTION: +NCONF_free 2281 EXIST::FUNCTION: +NCONF_get_number 2282 NOEXIST::FUNCTION: +CONF_dump_fp 2283 EXIST::FUNCTION: +NCONF_load_bio 2284 EXIST::FUNCTION: +NCONF_dump_fp 2285 EXIST::FUNCTION: +NCONF_get_section 2286 EXIST::FUNCTION: +NCONF_dump_bio 2287 EXIST::FUNCTION: +CONF_dump_bio 2288 EXIST::FUNCTION: +NCONF_free_data 2289 EXIST::FUNCTION: +CONF_set_default_method 2290 EXIST::FUNCTION: +ERR_error_string_n 2291 EXIST::FUNCTION: +BIO_snprintf 2292 EXIST::FUNCTION: +DSO_ctrl 2293 EXIST::FUNCTION: +i2d_ASN1_SET_OF_ASN1_INTEGER 2317 NOEXIST::FUNCTION: +i2d_ASN1_SET_OF_PKCS12_SAFEBAG 2320 NOEXIST::FUNCTION: +i2d_ASN1_SET_OF_PKCS7 2328 NOEXIST::FUNCTION: +BIO_vfree 2334 EXIST::FUNCTION: +d2i_ASN1_SET_OF_ASN1_INTEGER 2339 NOEXIST::FUNCTION: +d2i_ASN1_SET_OF_PKCS12_SAFEBAG 2341 NOEXIST::FUNCTION: +ASN1_UTCTIME_get 2350 NOEXIST::FUNCTION: +X509_REQ_digest 2362 EXIST::FUNCTION:EVP +X509_CRL_digest 2391 EXIST::FUNCTION:EVP +d2i_ASN1_SET_OF_PKCS7 2397 NOEXIST::FUNCTION: +EVP_CIPHER_CTX_set_key_length 2399 EXIST::FUNCTION: +EVP_CIPHER_CTX_ctrl 2400 EXIST::FUNCTION: +BN_mod_exp_mont_word 2401 EXIST::FUNCTION: +RAND_egd_bytes 2402 EXIST::FUNCTION: +X509_REQ_get1_email 2403 EXIST::FUNCTION: +X509_get1_email 2404 EXIST::FUNCTION: +X509_email_free 2405 EXIST::FUNCTION: +i2d_RSA_NET 2406 EXIST::FUNCTION:RSA +d2i_RSA_NET_2 2407 NOEXIST::FUNCTION: +d2i_RSA_NET 2408 EXIST::FUNCTION:RSA +DSO_bind_func 2409 EXIST::FUNCTION: +CRYPTO_get_new_dynlockid 2410 EXIST::FUNCTION: +sk_new_null 2411 EXIST::FUNCTION: +CRYPTO_set_dynlock_destroy_callback 2412 EXIST:!VMS:FUNCTION: +CRYPTO_set_dynlock_destroy_cb 2412 EXIST:VMS:FUNCTION: +CRYPTO_destroy_dynlockid 2413 EXIST::FUNCTION: +CRYPTO_set_dynlock_size 2414 NOEXIST::FUNCTION: +CRYPTO_set_dynlock_create_callback 2415 EXIST:!VMS:FUNCTION: +CRYPTO_set_dynlock_create_cb 2415 EXIST:VMS:FUNCTION: +CRYPTO_set_dynlock_lock_callback 2416 EXIST:!VMS:FUNCTION: +CRYPTO_set_dynlock_lock_cb 2416 EXIST:VMS:FUNCTION: +CRYPTO_get_dynlock_lock_callback 2417 EXIST:!VMS:FUNCTION: +CRYPTO_get_dynlock_lock_cb 2417 EXIST:VMS:FUNCTION: +CRYPTO_get_dynlock_destroy_callback 2418 EXIST:!VMS:FUNCTION: +CRYPTO_get_dynlock_destroy_cb 2418 EXIST:VMS:FUNCTION: +CRYPTO_get_dynlock_value 2419 EXIST::FUNCTION: +CRYPTO_get_dynlock_create_callback 2420 EXIST:!VMS:FUNCTION: +CRYPTO_get_dynlock_create_cb 2420 EXIST:VMS:FUNCTION: +c2i_ASN1_BIT_STRING 2421 EXIST::FUNCTION: +i2c_ASN1_BIT_STRING 2422 EXIST::FUNCTION: +RAND_poll 2423 EXIST::FUNCTION: +c2i_ASN1_INTEGER 2424 EXIST::FUNCTION: +i2c_ASN1_INTEGER 2425 EXIST::FUNCTION: +BIO_dump_indent 2426 EXIST::FUNCTION: +ASN1_parse_dump 2427 EXIST::FUNCTION:BIO +c2i_ASN1_OBJECT 2428 EXIST::FUNCTION: +X509_NAME_print_ex_fp 2429 EXIST::FUNCTION:FP_API +ASN1_STRING_print_ex_fp 2430 EXIST::FUNCTION:FP_API +X509_NAME_print_ex 2431 EXIST::FUNCTION:BIO +ASN1_STRING_print_ex 2432 EXIST::FUNCTION:BIO +MD4 2433 EXIST::FUNCTION:MD4 +MD4_Transform 2434 EXIST::FUNCTION:MD4 +MD4_Final 2435 EXIST::FUNCTION:MD4 +MD4_Update 2436 EXIST::FUNCTION:MD4 +MD4_Init 2437 EXIST::FUNCTION:MD4 +EVP_md4 2438 EXIST::FUNCTION:MD4 +i2d_PUBKEY_bio 2439 EXIST::FUNCTION:BIO +i2d_PUBKEY_fp 2440 EXIST::FUNCTION:FP_API +d2i_PUBKEY_bio 2441 EXIST::FUNCTION:BIO +ASN1_STRING_to_UTF8 2442 EXIST::FUNCTION: +BIO_vprintf 2443 EXIST::FUNCTION: +BIO_vsnprintf 2444 EXIST::FUNCTION: +d2i_PUBKEY_fp 2445 EXIST::FUNCTION:FP_API +X509_cmp_time 2446 EXIST::FUNCTION: +X509_STORE_CTX_set_time 2447 EXIST::FUNCTION: +X509_STORE_CTX_get1_issuer 2448 EXIST::FUNCTION: +X509_OBJECT_retrieve_match 2449 EXIST::FUNCTION: +X509_OBJECT_idx_by_subject 2450 EXIST::FUNCTION: +X509_STORE_CTX_set_flags 2451 EXIST::FUNCTION: +X509_STORE_CTX_trusted_stack 2452 EXIST::FUNCTION: +X509_time_adj 2453 EXIST::FUNCTION: +X509_check_issued 2454 EXIST::FUNCTION: +ASN1_UTCTIME_cmp_time_t 2455 EXIST::FUNCTION: +DES_set_weak_key_flag 2456 NOEXIST::FUNCTION: +DES_check_key 2457 NOEXIST::FUNCTION: +DES_rw_mode 2458 NOEXIST::FUNCTION: +RSA_PKCS1_RSAref 2459 NOEXIST::FUNCTION: +X509_keyid_set1 2460 EXIST::FUNCTION: +BIO_next 2461 EXIST::FUNCTION: +DSO_METHOD_vms 2462 EXIST::FUNCTION: +BIO_f_linebuffer 2463 EXIST:VMS:FUNCTION: +BN_bntest_rand 2464 EXIST::FUNCTION: +OPENSSL_issetugid 2465 EXIST::FUNCTION: +BN_rand_range 2466 EXIST::FUNCTION: +ERR_load_ENGINE_strings 2467 EXIST::FUNCTION: +ENGINE_set_DSA 2468 EXIST::FUNCTION: +ENGINE_get_finish_function 2469 EXIST::FUNCTION: +ENGINE_get_default_RSA 2470 EXIST::FUNCTION: +ENGINE_get_BN_mod_exp 2471 NOEXIST::FUNCTION: +DSA_get_default_openssl_method 2472 NOEXIST::FUNCTION: +ENGINE_set_DH 2473 EXIST::FUNCTION: +ENGINE_set_def_BN_mod_exp_crt 2474 NOEXIST::FUNCTION: +ENGINE_set_default_BN_mod_exp_crt 2474 NOEXIST::FUNCTION: +ENGINE_init 2475 EXIST::FUNCTION: +DH_get_default_openssl_method 2476 NOEXIST::FUNCTION: +RSA_set_default_openssl_method 2477 NOEXIST::FUNCTION: +ENGINE_finish 2478 EXIST::FUNCTION: +ENGINE_load_public_key 2479 EXIST::FUNCTION: +ENGINE_get_DH 2480 EXIST::FUNCTION: +ENGINE_ctrl 2481 EXIST::FUNCTION: +ENGINE_get_init_function 2482 EXIST::FUNCTION: +ENGINE_set_init_function 2483 EXIST::FUNCTION: +ENGINE_set_default_DSA 2484 EXIST::FUNCTION: +ENGINE_get_name 2485 EXIST::FUNCTION: +ENGINE_get_last 2486 EXIST::FUNCTION: +ENGINE_get_prev 2487 EXIST::FUNCTION: +ENGINE_get_default_DH 2488 EXIST::FUNCTION: +ENGINE_get_RSA 2489 EXIST::FUNCTION: +ENGINE_set_default 2490 EXIST::FUNCTION: +ENGINE_get_RAND 2491 EXIST::FUNCTION: +ENGINE_get_first 2492 EXIST::FUNCTION: +ENGINE_by_id 2493 EXIST::FUNCTION: +ENGINE_set_finish_function 2494 EXIST::FUNCTION: +ENGINE_get_def_BN_mod_exp_crt 2495 NOEXIST::FUNCTION: +ENGINE_get_default_BN_mod_exp_crt 2495 NOEXIST::FUNCTION: +RSA_get_default_openssl_method 2496 NOEXIST::FUNCTION: +ENGINE_set_RSA 2497 EXIST::FUNCTION: +ENGINE_load_private_key 2498 EXIST::FUNCTION: +ENGINE_set_default_RAND 2499 EXIST::FUNCTION: +ENGINE_set_BN_mod_exp 2500 NOEXIST::FUNCTION: +ENGINE_remove 2501 EXIST::FUNCTION: +ENGINE_free 2502 EXIST::FUNCTION: +ENGINE_get_BN_mod_exp_crt 2503 NOEXIST::FUNCTION: +ENGINE_get_next 2504 EXIST::FUNCTION: +ENGINE_set_name 2505 EXIST::FUNCTION: +ENGINE_get_default_DSA 2506 EXIST::FUNCTION: +ENGINE_set_default_BN_mod_exp 2507 NOEXIST::FUNCTION: +ENGINE_set_default_RSA 2508 EXIST::FUNCTION: +ENGINE_get_default_RAND 2509 EXIST::FUNCTION: +ENGINE_get_default_BN_mod_exp 2510 NOEXIST::FUNCTION: +ENGINE_set_RAND 2511 EXIST::FUNCTION: +ENGINE_set_id 2512 EXIST::FUNCTION: +ENGINE_set_BN_mod_exp_crt 2513 NOEXIST::FUNCTION: +ENGINE_set_default_DH 2514 EXIST::FUNCTION: +ENGINE_new 2515 EXIST::FUNCTION: +ENGINE_get_id 2516 EXIST::FUNCTION: +DSA_set_default_openssl_method 2517 NOEXIST::FUNCTION: +ENGINE_add 2518 EXIST::FUNCTION: +DH_set_default_openssl_method 2519 NOEXIST::FUNCTION: +ENGINE_get_DSA 2520 EXIST::FUNCTION: +ENGINE_get_ctrl_function 2521 EXIST::FUNCTION: +ENGINE_set_ctrl_function 2522 EXIST::FUNCTION: +BN_pseudo_rand_range 2523 EXIST::FUNCTION: +X509_STORE_CTX_set_verify_cb 2524 EXIST::FUNCTION: +ERR_load_COMP_strings 2525 EXIST::FUNCTION: +PKCS12_item_decrypt_d2i 2526 EXIST::FUNCTION: +ASN1_UTF8STRING_it 2527 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +ASN1_UTF8STRING_it 2527 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +ENGINE_unregister_ciphers 2528 EXIST::FUNCTION: +ENGINE_get_ciphers 2529 EXIST::FUNCTION: +d2i_OCSP_BASICRESP 2530 EXIST::FUNCTION: +KRB5_CHECKSUM_it 2531 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +KRB5_CHECKSUM_it 2531 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +EC_POINT_add 2532 EXIST::FUNCTION:EC +ASN1_item_ex_i2d 2533 EXIST::FUNCTION: +OCSP_CERTID_it 2534 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +OCSP_CERTID_it 2534 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +d2i_OCSP_RESPBYTES 2535 EXIST::FUNCTION: +X509V3_add1_i2d 2536 EXIST::FUNCTION: +PKCS7_ENVELOPE_it 2537 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +PKCS7_ENVELOPE_it 2537 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +UI_add_input_boolean 2538 EXIST::FUNCTION: +ENGINE_unregister_RSA 2539 EXIST::FUNCTION: +X509V3_EXT_nconf 2540 EXIST::FUNCTION: +ASN1_GENERALSTRING_free 2541 EXIST::FUNCTION: +d2i_OCSP_CERTSTATUS 2542 EXIST::FUNCTION: +X509_REVOKED_set_serialNumber 2543 EXIST::FUNCTION: +X509_print_ex 2544 EXIST::FUNCTION:BIO +OCSP_ONEREQ_get1_ext_d2i 2545 EXIST::FUNCTION: +ENGINE_register_all_RAND 2546 EXIST::FUNCTION: +ENGINE_load_dynamic 2547 EXIST::FUNCTION: +PBKDF2PARAM_it 2548 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +PBKDF2PARAM_it 2548 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +EXTENDED_KEY_USAGE_new 2549 EXIST::FUNCTION: +EC_GROUP_clear_free 2550 EXIST::FUNCTION:EC +OCSP_sendreq_bio 2551 EXIST::FUNCTION: +ASN1_item_digest 2552 EXIST::FUNCTION:EVP +OCSP_BASICRESP_delete_ext 2553 EXIST::FUNCTION: +OCSP_SIGNATURE_it 2554 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +OCSP_SIGNATURE_it 2554 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +X509_CRL_it 2555 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +X509_CRL_it 2555 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +OCSP_BASICRESP_add_ext 2556 EXIST::FUNCTION: +KRB5_ENCKEY_it 2557 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +KRB5_ENCKEY_it 2557 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +UI_method_set_closer 2558 EXIST::FUNCTION: +X509_STORE_set_purpose 2559 EXIST::FUNCTION: +i2d_ASN1_GENERALSTRING 2560 EXIST::FUNCTION: +OCSP_response_status 2561 EXIST::FUNCTION: +i2d_OCSP_SERVICELOC 2562 EXIST::FUNCTION: +ENGINE_get_digest_engine 2563 EXIST::FUNCTION: +EC_GROUP_set_curve_GFp 2564 EXIST::FUNCTION:EC +OCSP_REQUEST_get_ext_by_OBJ 2565 EXIST::FUNCTION: +_ossl_old_des_random_key 2566 EXIST::FUNCTION:DES +ASN1_T61STRING_it 2567 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +ASN1_T61STRING_it 2567 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +EC_GROUP_method_of 2568 EXIST::FUNCTION:EC +i2d_KRB5_APREQ 2569 EXIST::FUNCTION: +_ossl_old_des_encrypt 2570 EXIST::FUNCTION:DES +ASN1_PRINTABLE_new 2571 EXIST::FUNCTION: +HMAC_Init_ex 2572 EXIST::FUNCTION:HMAC +d2i_KRB5_AUTHENT 2573 EXIST::FUNCTION: +OCSP_archive_cutoff_new 2574 EXIST::FUNCTION: +EC_POINT_set_Jprojective_coordinates_GFp 2575 EXIST:!VMS:FUNCTION:EC +EC_POINT_set_Jproj_coords_GFp 2575 EXIST:VMS:FUNCTION:EC +_ossl_old_des_is_weak_key 2576 EXIST::FUNCTION:DES +OCSP_BASICRESP_get_ext_by_OBJ 2577 EXIST::FUNCTION: +EC_POINT_oct2point 2578 EXIST::FUNCTION:EC +OCSP_SINGLERESP_get_ext_count 2579 EXIST::FUNCTION: +UI_ctrl 2580 EXIST::FUNCTION: +_shadow_DES_rw_mode 2581 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:DES +_shadow_DES_rw_mode 2581 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:DES +asn1_do_adb 2582 EXIST::FUNCTION: +ASN1_template_i2d 2583 EXIST::FUNCTION: +ENGINE_register_DH 2584 EXIST::FUNCTION: +UI_construct_prompt 2585 EXIST::FUNCTION: +X509_STORE_set_trust 2586 EXIST::FUNCTION: +UI_dup_input_string 2587 EXIST::FUNCTION: +d2i_KRB5_APREQ 2588 EXIST::FUNCTION: +EVP_MD_CTX_copy_ex 2589 EXIST::FUNCTION: +OCSP_request_is_signed 2590 EXIST::FUNCTION: +i2d_OCSP_REQINFO 2591 EXIST::FUNCTION: +KRB5_ENCKEY_free 2592 EXIST::FUNCTION: +OCSP_resp_get0 2593 EXIST::FUNCTION: +GENERAL_NAME_it 2594 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +GENERAL_NAME_it 2594 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +ASN1_GENERALIZEDTIME_it 2595 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +ASN1_GENERALIZEDTIME_it 2595 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +X509_STORE_set_flags 2596 EXIST::FUNCTION: +EC_POINT_set_compressed_coordinates_GFp 2597 EXIST:!VMS:FUNCTION:EC +EC_POINT_set_compr_coords_GFp 2597 EXIST:VMS:FUNCTION:EC +OCSP_response_status_str 2598 EXIST::FUNCTION: +d2i_OCSP_REVOKEDINFO 2599 EXIST::FUNCTION: +OCSP_basic_add1_cert 2600 EXIST::FUNCTION: +ERR_get_implementation 2601 EXIST::FUNCTION: +EVP_CipherFinal_ex 2602 EXIST::FUNCTION: +OCSP_CERTSTATUS_new 2603 EXIST::FUNCTION: +CRYPTO_cleanup_all_ex_data 2604 EXIST::FUNCTION: +OCSP_resp_find 2605 EXIST::FUNCTION: +BN_nnmod 2606 EXIST::FUNCTION: +X509_CRL_sort 2607 EXIST::FUNCTION: +X509_REVOKED_set_revocationDate 2608 EXIST::FUNCTION: +ENGINE_register_RAND 2609 EXIST::FUNCTION: +OCSP_SERVICELOC_new 2610 EXIST::FUNCTION: +EC_POINT_set_affine_coordinates_GFp 2611 EXIST:!VMS:FUNCTION:EC +EC_POINT_set_affine_coords_GFp 2611 EXIST:VMS:FUNCTION:EC +_ossl_old_des_options 2612 EXIST::FUNCTION:DES +SXNET_it 2613 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +SXNET_it 2613 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +UI_dup_input_boolean 2614 EXIST::FUNCTION: +PKCS12_add_CSPName_asc 2615 EXIST::FUNCTION: +EC_POINT_is_at_infinity 2616 EXIST::FUNCTION:EC +ENGINE_load_openbsd_dev_crypto 2617 EXIST::FUNCTION: +DSO_convert_filename 2618 EXIST::FUNCTION: +POLICYQUALINFO_it 2619 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +POLICYQUALINFO_it 2619 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +ENGINE_register_ciphers 2620 EXIST::FUNCTION: +BN_mod_lshift_quick 2621 EXIST::FUNCTION: +DSO_set_filename 2622 EXIST::FUNCTION: +ASN1_item_free 2623 EXIST::FUNCTION: +KRB5_TKTBODY_free 2624 EXIST::FUNCTION: +AUTHORITY_KEYID_it 2625 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +AUTHORITY_KEYID_it 2625 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +KRB5_APREQBODY_new 2626 EXIST::FUNCTION: +X509V3_EXT_REQ_add_nconf 2627 EXIST::FUNCTION: +ENGINE_ctrl_cmd_string 2628 EXIST::FUNCTION: +i2d_OCSP_RESPDATA 2629 EXIST::FUNCTION: +EVP_MD_CTX_init 2630 EXIST::FUNCTION: +EXTENDED_KEY_USAGE_free 2631 EXIST::FUNCTION: +PKCS7_ATTR_SIGN_it 2632 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +PKCS7_ATTR_SIGN_it 2632 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +UI_add_error_string 2633 EXIST::FUNCTION: +KRB5_CHECKSUM_free 2634 EXIST::FUNCTION: +OCSP_REQUEST_get_ext 2635 EXIST::FUNCTION: +ENGINE_load_ubsec 2636 EXIST::FUNCTION: +ENGINE_register_all_digests 2637 EXIST::FUNCTION: +PKEY_USAGE_PERIOD_it 2638 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +PKEY_USAGE_PERIOD_it 2638 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +PKCS12_unpack_authsafes 2639 EXIST::FUNCTION: +ASN1_item_unpack 2640 EXIST::FUNCTION: +NETSCAPE_SPKAC_it 2641 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +NETSCAPE_SPKAC_it 2641 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +X509_REVOKED_it 2642 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +X509_REVOKED_it 2642 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +ASN1_STRING_encode 2643 EXIST::FUNCTION: +EVP_aes_128_ecb 2644 EXIST::FUNCTION:AES +KRB5_AUTHENT_free 2645 EXIST::FUNCTION: +OCSP_BASICRESP_get_ext_by_critical 2646 EXIST:!VMS:FUNCTION: +OCSP_BASICRESP_get_ext_by_crit 2646 EXIST:VMS:FUNCTION: +OCSP_cert_status_str 2647 EXIST::FUNCTION: +d2i_OCSP_REQUEST 2648 EXIST::FUNCTION: +UI_dup_info_string 2649 EXIST::FUNCTION: +_ossl_old_des_xwhite_in2out 2650 EXIST::FUNCTION:DES +PKCS12_it 2651 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +PKCS12_it 2651 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +OCSP_SINGLERESP_get_ext_by_critical 2652 EXIST:!VMS:FUNCTION: +OCSP_SINGLERESP_get_ext_by_crit 2652 EXIST:VMS:FUNCTION: +OCSP_CERTSTATUS_free 2653 EXIST::FUNCTION: +_ossl_old_des_crypt 2654 EXIST::FUNCTION:DES +ASN1_item_i2d 2655 EXIST::FUNCTION: +EVP_DecryptFinal_ex 2656 EXIST::FUNCTION: +ENGINE_load_openssl 2657 EXIST::FUNCTION: +ENGINE_get_cmd_defns 2658 EXIST::FUNCTION: +ENGINE_set_load_privkey_function 2659 EXIST:!VMS:FUNCTION: +ENGINE_set_load_privkey_fn 2659 EXIST:VMS:FUNCTION: +EVP_EncryptFinal_ex 2660 EXIST::FUNCTION: +ENGINE_set_default_digests 2661 EXIST::FUNCTION: +X509_get0_pubkey_bitstr 2662 EXIST::FUNCTION: +asn1_ex_i2c 2663 EXIST::FUNCTION: +ENGINE_register_RSA 2664 EXIST::FUNCTION: +ENGINE_unregister_DSA 2665 EXIST::FUNCTION: +_ossl_old_des_key_sched 2666 EXIST::FUNCTION:DES +X509_EXTENSION_it 2667 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +X509_EXTENSION_it 2667 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +i2d_KRB5_AUTHENT 2668 EXIST::FUNCTION: +SXNETID_it 2669 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +SXNETID_it 2669 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +d2i_OCSP_SINGLERESP 2670 EXIST::FUNCTION: +EDIPARTYNAME_new 2671 EXIST::FUNCTION: +PKCS12_certbag2x509 2672 EXIST::FUNCTION: +_ossl_old_des_ofb64_encrypt 2673 EXIST::FUNCTION:DES +d2i_EXTENDED_KEY_USAGE 2674 EXIST::FUNCTION: +ERR_print_errors_cb 2675 EXIST::FUNCTION: +ENGINE_set_ciphers 2676 EXIST::FUNCTION: +d2i_KRB5_APREQBODY 2677 EXIST::FUNCTION: +UI_method_get_flusher 2678 EXIST::FUNCTION: +X509_PUBKEY_it 2679 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +X509_PUBKEY_it 2679 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +_ossl_old_des_enc_read 2680 EXIST::FUNCTION:DES +PKCS7_ENCRYPT_it 2681 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +PKCS7_ENCRYPT_it 2681 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +i2d_OCSP_RESPONSE 2682 EXIST::FUNCTION: +EC_GROUP_get_cofactor 2683 EXIST::FUNCTION:EC +PKCS12_unpack_p7data 2684 EXIST::FUNCTION: +d2i_KRB5_AUTHDATA 2685 EXIST::FUNCTION: +OCSP_copy_nonce 2686 EXIST::FUNCTION: +KRB5_AUTHDATA_new 2687 EXIST::FUNCTION: +OCSP_RESPDATA_new 2688 EXIST::FUNCTION: +EC_GFp_mont_method 2689 EXIST::FUNCTION:EC +OCSP_REVOKEDINFO_free 2690 EXIST::FUNCTION: +UI_get_ex_data 2691 EXIST::FUNCTION: +KRB5_APREQBODY_free 2692 EXIST::FUNCTION: +EC_GROUP_get0_generator 2693 EXIST::FUNCTION:EC +UI_get_default_method 2694 EXIST::FUNCTION: +X509V3_set_nconf 2695 EXIST::FUNCTION: +PKCS12_item_i2d_encrypt 2696 EXIST::FUNCTION: +X509_add1_ext_i2d 2697 EXIST::FUNCTION: +PKCS7_SIGNER_INFO_it 2698 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +PKCS7_SIGNER_INFO_it 2698 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +KRB5_PRINCNAME_new 2699 EXIST::FUNCTION: +PKCS12_SAFEBAG_it 2700 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +PKCS12_SAFEBAG_it 2700 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +EC_GROUP_get_order 2701 EXIST::FUNCTION:EC +d2i_OCSP_RESPID 2702 EXIST::FUNCTION: +OCSP_request_verify 2703 EXIST::FUNCTION: +NCONF_get_number_e 2704 EXIST::FUNCTION: +_ossl_old_des_decrypt3 2705 EXIST::FUNCTION:DES +X509_signature_print 2706 EXIST::FUNCTION:EVP +OCSP_SINGLERESP_free 2707 EXIST::FUNCTION: +ENGINE_load_builtin_engines 2708 EXIST::FUNCTION: +i2d_OCSP_ONEREQ 2709 EXIST::FUNCTION: +OCSP_REQUEST_add_ext 2710 EXIST::FUNCTION: +OCSP_RESPBYTES_new 2711 EXIST::FUNCTION: +EVP_MD_CTX_create 2712 EXIST::FUNCTION: +OCSP_resp_find_status 2713 EXIST::FUNCTION: +X509_ALGOR_it 2714 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +X509_ALGOR_it 2714 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +ASN1_TIME_it 2715 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +ASN1_TIME_it 2715 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +OCSP_request_set1_name 2716 EXIST::FUNCTION: +OCSP_ONEREQ_get_ext_count 2717 EXIST::FUNCTION: +UI_get0_result 2718 EXIST::FUNCTION: +PKCS12_AUTHSAFES_it 2719 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +PKCS12_AUTHSAFES_it 2719 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +EVP_aes_256_ecb 2720 EXIST::FUNCTION:AES +PKCS12_pack_authsafes 2721 EXIST::FUNCTION: +ASN1_IA5STRING_it 2722 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +ASN1_IA5STRING_it 2722 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +UI_get_input_flags 2723 EXIST::FUNCTION: +EC_GROUP_set_generator 2724 EXIST::FUNCTION:EC +_ossl_old_des_string_to_2keys 2725 EXIST::FUNCTION:DES +OCSP_CERTID_free 2726 EXIST::FUNCTION: +X509_CERT_AUX_it 2727 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +X509_CERT_AUX_it 2727 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +CERTIFICATEPOLICIES_it 2728 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +CERTIFICATEPOLICIES_it 2728 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +_ossl_old_des_ede3_cbc_encrypt 2729 EXIST::FUNCTION:DES +RAND_set_rand_engine 2730 EXIST::FUNCTION: +DSO_get_loaded_filename 2731 EXIST::FUNCTION: +X509_ATTRIBUTE_it 2732 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +X509_ATTRIBUTE_it 2732 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +OCSP_ONEREQ_get_ext_by_NID 2733 EXIST::FUNCTION: +PKCS12_decrypt_skey 2734 EXIST::FUNCTION: +KRB5_AUTHENT_it 2735 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +KRB5_AUTHENT_it 2735 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +UI_dup_error_string 2736 EXIST::FUNCTION: +RSAPublicKey_it 2737 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:RSA +RSAPublicKey_it 2737 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:RSA +i2d_OCSP_REQUEST 2738 EXIST::FUNCTION: +PKCS12_x509crl2certbag 2739 EXIST::FUNCTION: +OCSP_SERVICELOC_it 2740 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +OCSP_SERVICELOC_it 2740 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +ASN1_item_sign 2741 EXIST::FUNCTION:EVP +X509_CRL_set_issuer_name 2742 EXIST::FUNCTION: +OBJ_NAME_do_all_sorted 2743 EXIST::FUNCTION: +i2d_OCSP_BASICRESP 2744 EXIST::FUNCTION: +i2d_OCSP_RESPBYTES 2745 EXIST::FUNCTION: +PKCS12_unpack_p7encdata 2746 EXIST::FUNCTION: +HMAC_CTX_init 2747 EXIST::FUNCTION:HMAC +ENGINE_get_digest 2748 EXIST::FUNCTION: +OCSP_RESPONSE_print 2749 EXIST::FUNCTION: +KRB5_TKTBODY_it 2750 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +KRB5_TKTBODY_it 2750 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +ACCESS_DESCRIPTION_it 2751 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +ACCESS_DESCRIPTION_it 2751 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +PKCS7_ISSUER_AND_SERIAL_it 2752 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +PKCS7_ISSUER_AND_SERIAL_it 2752 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +PBE2PARAM_it 2753 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +PBE2PARAM_it 2753 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +PKCS12_certbag2x509crl 2754 EXIST::FUNCTION: +PKCS7_SIGNED_it 2755 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +PKCS7_SIGNED_it 2755 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +ENGINE_get_cipher 2756 EXIST::FUNCTION: +i2d_OCSP_CRLID 2757 EXIST::FUNCTION: +OCSP_SINGLERESP_new 2758 EXIST::FUNCTION: +ENGINE_cmd_is_executable 2759 EXIST::FUNCTION: +RSA_up_ref 2760 EXIST::FUNCTION:RSA +ASN1_GENERALSTRING_it 2761 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +ASN1_GENERALSTRING_it 2761 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +ENGINE_register_DSA 2762 EXIST::FUNCTION: +X509V3_EXT_add_nconf_sk 2763 EXIST::FUNCTION: +ENGINE_set_load_pubkey_function 2764 EXIST::FUNCTION: +PKCS8_decrypt 2765 EXIST::FUNCTION: +PEM_bytes_read_bio 2766 EXIST::FUNCTION:BIO +DIRECTORYSTRING_it 2767 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +DIRECTORYSTRING_it 2767 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +d2i_OCSP_CRLID 2768 EXIST::FUNCTION: +EC_POINT_is_on_curve 2769 EXIST::FUNCTION:EC +CRYPTO_set_locked_mem_ex_functions 2770 EXIST:!VMS:FUNCTION: +CRYPTO_set_locked_mem_ex_funcs 2770 EXIST:VMS:FUNCTION: +d2i_KRB5_CHECKSUM 2771 EXIST::FUNCTION: +ASN1_item_dup 2772 EXIST::FUNCTION: +X509_it 2773 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +X509_it 2773 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +BN_mod_add 2774 EXIST::FUNCTION: +KRB5_AUTHDATA_free 2775 EXIST::FUNCTION: +_ossl_old_des_cbc_cksum 2776 EXIST::FUNCTION:DES +ASN1_item_verify 2777 EXIST::FUNCTION:EVP +CRYPTO_set_mem_ex_functions 2778 EXIST::FUNCTION: +EC_POINT_get_Jprojective_coordinates_GFp 2779 EXIST:!VMS:FUNCTION:EC +EC_POINT_get_Jproj_coords_GFp 2779 EXIST:VMS:FUNCTION:EC +ZLONG_it 2780 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +ZLONG_it 2780 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +CRYPTO_get_locked_mem_ex_functions 2781 EXIST:!VMS:FUNCTION: +CRYPTO_get_locked_mem_ex_funcs 2781 EXIST:VMS:FUNCTION: +ASN1_TIME_check 2782 EXIST::FUNCTION: +UI_get0_user_data 2783 EXIST::FUNCTION: +HMAC_CTX_cleanup 2784 EXIST::FUNCTION:HMAC +DSA_up_ref 2785 EXIST::FUNCTION:DSA +_ossl_old_des_ede3_cfb64_encrypt 2786 EXIST:!VMS:FUNCTION:DES +_ossl_odes_ede3_cfb64_encrypt 2786 EXIST:VMS:FUNCTION:DES +ASN1_BMPSTRING_it 2787 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +ASN1_BMPSTRING_it 2787 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +ASN1_tag2bit 2788 EXIST::FUNCTION: +UI_method_set_flusher 2789 EXIST::FUNCTION: +X509_ocspid_print 2790 EXIST::FUNCTION:BIO +KRB5_ENCDATA_it 2791 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +KRB5_ENCDATA_it 2791 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +ENGINE_get_load_pubkey_function 2792 EXIST::FUNCTION: +UI_add_user_data 2793 EXIST::FUNCTION: +OCSP_REQUEST_delete_ext 2794 EXIST::FUNCTION: +UI_get_method 2795 EXIST::FUNCTION: +OCSP_ONEREQ_free 2796 EXIST::FUNCTION: +ASN1_PRINTABLESTRING_it 2797 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +ASN1_PRINTABLESTRING_it 2797 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +X509_CRL_set_nextUpdate 2798 EXIST::FUNCTION: +OCSP_REQUEST_it 2799 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +OCSP_REQUEST_it 2799 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +OCSP_BASICRESP_it 2800 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +OCSP_BASICRESP_it 2800 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +AES_ecb_encrypt 2801 EXIST::FUNCTION:AES +BN_mod_sqr 2802 EXIST::FUNCTION: +NETSCAPE_CERT_SEQUENCE_it 2803 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +NETSCAPE_CERT_SEQUENCE_it 2803 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +GENERAL_NAMES_it 2804 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +GENERAL_NAMES_it 2804 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +AUTHORITY_INFO_ACCESS_it 2805 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +AUTHORITY_INFO_ACCESS_it 2805 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +ASN1_FBOOLEAN_it 2806 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +ASN1_FBOOLEAN_it 2806 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +UI_set_ex_data 2807 EXIST::FUNCTION: +_ossl_old_des_string_to_key 2808 EXIST::FUNCTION:DES +ENGINE_register_all_RSA 2809 EXIST::FUNCTION: +d2i_KRB5_PRINCNAME 2810 EXIST::FUNCTION: +OCSP_RESPBYTES_it 2811 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +OCSP_RESPBYTES_it 2811 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +X509_CINF_it 2812 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +X509_CINF_it 2812 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +ENGINE_unregister_digests 2813 EXIST::FUNCTION: +d2i_EDIPARTYNAME 2814 EXIST::FUNCTION: +d2i_OCSP_SERVICELOC 2815 EXIST::FUNCTION: +ENGINE_get_digests 2816 EXIST::FUNCTION: +_ossl_old_des_set_odd_parity 2817 EXIST::FUNCTION:DES +OCSP_RESPDATA_free 2818 EXIST::FUNCTION: +d2i_KRB5_TICKET 2819 EXIST::FUNCTION: +OTHERNAME_it 2820 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +OTHERNAME_it 2820 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +EVP_MD_CTX_cleanup 2821 EXIST::FUNCTION: +d2i_ASN1_GENERALSTRING 2822 EXIST::FUNCTION: +X509_CRL_set_version 2823 EXIST::FUNCTION: +BN_mod_sub 2824 EXIST::FUNCTION: +OCSP_SINGLERESP_get_ext_by_NID 2825 EXIST::FUNCTION: +ENGINE_get_ex_new_index 2826 EXIST::FUNCTION: +OCSP_REQUEST_free 2827 EXIST::FUNCTION: +OCSP_REQUEST_add1_ext_i2d 2828 EXIST::FUNCTION: +X509_VAL_it 2829 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +X509_VAL_it 2829 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +EC_POINTs_make_affine 2830 EXIST::FUNCTION:EC +EC_POINT_mul 2831 EXIST::FUNCTION:EC +X509V3_EXT_add_nconf 2832 EXIST::FUNCTION: +X509_TRUST_set 2833 EXIST::FUNCTION: +X509_CRL_add1_ext_i2d 2834 EXIST::FUNCTION: +_ossl_old_des_fcrypt 2835 EXIST::FUNCTION:DES +DISPLAYTEXT_it 2836 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +DISPLAYTEXT_it 2836 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +X509_CRL_set_lastUpdate 2837 EXIST::FUNCTION: +OCSP_BASICRESP_free 2838 EXIST::FUNCTION: +OCSP_BASICRESP_add1_ext_i2d 2839 EXIST::FUNCTION: +d2i_KRB5_AUTHENTBODY 2840 EXIST::FUNCTION: +CRYPTO_set_ex_data_implementation 2841 EXIST:!VMS:FUNCTION: +CRYPTO_set_ex_data_impl 2841 EXIST:VMS:FUNCTION: +KRB5_ENCDATA_new 2842 EXIST::FUNCTION: +DSO_up_ref 2843 EXIST::FUNCTION: +OCSP_crl_reason_str 2844 EXIST::FUNCTION: +UI_get0_result_string 2845 EXIST::FUNCTION: +ASN1_GENERALSTRING_new 2846 EXIST::FUNCTION: +X509_SIG_it 2847 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +X509_SIG_it 2847 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +ERR_set_implementation 2848 EXIST::FUNCTION: +ERR_load_EC_strings 2849 EXIST::FUNCTION:EC +UI_get0_action_string 2850 EXIST::FUNCTION: +OCSP_ONEREQ_get_ext 2851 EXIST::FUNCTION: +EC_POINT_method_of 2852 EXIST::FUNCTION:EC +i2d_KRB5_APREQBODY 2853 EXIST::FUNCTION: +_ossl_old_des_ecb3_encrypt 2854 EXIST::FUNCTION:DES +CRYPTO_get_mem_ex_functions 2855 EXIST::FUNCTION: +ENGINE_get_ex_data 2856 EXIST::FUNCTION: +UI_destroy_method 2857 EXIST::FUNCTION: +ASN1_item_i2d_bio 2858 EXIST::FUNCTION:BIO +OCSP_ONEREQ_get_ext_by_OBJ 2859 EXIST::FUNCTION: +ASN1_primitive_new 2860 EXIST::FUNCTION: +ASN1_PRINTABLE_it 2861 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +ASN1_PRINTABLE_it 2861 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +EVP_aes_192_ecb 2862 EXIST::FUNCTION:AES +OCSP_SIGNATURE_new 2863 EXIST::FUNCTION: +LONG_it 2864 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +LONG_it 2864 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +ASN1_VISIBLESTRING_it 2865 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +ASN1_VISIBLESTRING_it 2865 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +OCSP_SINGLERESP_add1_ext_i2d 2866 EXIST::FUNCTION: +d2i_OCSP_CERTID 2867 EXIST::FUNCTION: +ASN1_item_d2i_fp 2868 EXIST::FUNCTION:FP_API +CRL_DIST_POINTS_it 2869 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +CRL_DIST_POINTS_it 2869 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +GENERAL_NAME_print 2870 EXIST::FUNCTION: +OCSP_SINGLERESP_delete_ext 2871 EXIST::FUNCTION: +PKCS12_SAFEBAGS_it 2872 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +PKCS12_SAFEBAGS_it 2872 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +d2i_OCSP_SIGNATURE 2873 EXIST::FUNCTION: +OCSP_request_add1_nonce 2874 EXIST::FUNCTION: +ENGINE_set_cmd_defns 2875 EXIST::FUNCTION: +OCSP_SERVICELOC_free 2876 EXIST::FUNCTION: +EC_GROUP_free 2877 EXIST::FUNCTION:EC +ASN1_BIT_STRING_it 2878 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +ASN1_BIT_STRING_it 2878 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +X509_REQ_it 2879 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +X509_REQ_it 2879 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +_ossl_old_des_cbc_encrypt 2880 EXIST::FUNCTION:DES +ERR_unload_strings 2881 EXIST::FUNCTION: +PKCS7_SIGN_ENVELOPE_it 2882 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +PKCS7_SIGN_ENVELOPE_it 2882 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +EDIPARTYNAME_free 2883 EXIST::FUNCTION: +OCSP_REQINFO_free 2884 EXIST::FUNCTION: +EC_GROUP_new_curve_GFp 2885 EXIST::FUNCTION:EC +OCSP_REQUEST_get1_ext_d2i 2886 EXIST::FUNCTION: +PKCS12_item_pack_safebag 2887 EXIST::FUNCTION: +asn1_ex_c2i 2888 EXIST::FUNCTION: +ENGINE_register_digests 2889 EXIST::FUNCTION: +i2d_OCSP_REVOKEDINFO 2890 EXIST::FUNCTION: +asn1_enc_restore 2891 EXIST::FUNCTION: +UI_free 2892 EXIST::FUNCTION: +UI_new_method 2893 EXIST::FUNCTION: +EVP_EncryptInit_ex 2894 EXIST::FUNCTION: +X509_pubkey_digest 2895 EXIST::FUNCTION:EVP +EC_POINT_invert 2896 EXIST::FUNCTION:EC +OCSP_basic_sign 2897 EXIST::FUNCTION: +i2d_OCSP_RESPID 2898 EXIST::FUNCTION: +OCSP_check_nonce 2899 EXIST::FUNCTION: +ENGINE_ctrl_cmd 2900 EXIST::FUNCTION: +d2i_KRB5_ENCKEY 2901 EXIST::FUNCTION: +OCSP_parse_url 2902 EXIST::FUNCTION: +OCSP_SINGLERESP_get_ext 2903 EXIST::FUNCTION: +OCSP_CRLID_free 2904 EXIST::FUNCTION: +OCSP_BASICRESP_get1_ext_d2i 2905 EXIST::FUNCTION: +RSAPrivateKey_it 2906 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:RSA +RSAPrivateKey_it 2906 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:RSA +ENGINE_register_all_DH 2907 EXIST::FUNCTION: +i2d_EDIPARTYNAME 2908 EXIST::FUNCTION: +EC_POINT_get_affine_coordinates_GFp 2909 EXIST:!VMS:FUNCTION:EC +EC_POINT_get_affine_coords_GFp 2909 EXIST:VMS:FUNCTION:EC +OCSP_CRLID_new 2910 EXIST::FUNCTION: +ENGINE_get_flags 2911 EXIST::FUNCTION: +OCSP_ONEREQ_it 2912 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +OCSP_ONEREQ_it 2912 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +UI_process 2913 EXIST::FUNCTION: +ASN1_INTEGER_it 2914 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +ASN1_INTEGER_it 2914 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +EVP_CipherInit_ex 2915 EXIST::FUNCTION: +UI_get_string_type 2916 EXIST::FUNCTION: +ENGINE_unregister_DH 2917 EXIST::FUNCTION: +ENGINE_register_all_DSA 2918 EXIST::FUNCTION: +OCSP_ONEREQ_get_ext_by_critical 2919 EXIST::FUNCTION: +bn_dup_expand 2920 EXIST::FUNCTION: +OCSP_cert_id_new 2921 EXIST::FUNCTION: +BASIC_CONSTRAINTS_it 2922 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +BASIC_CONSTRAINTS_it 2922 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +BN_mod_add_quick 2923 EXIST::FUNCTION: +EC_POINT_new 2924 EXIST::FUNCTION:EC +EVP_MD_CTX_destroy 2925 EXIST::FUNCTION: +OCSP_RESPBYTES_free 2926 EXIST::FUNCTION: +EVP_aes_128_cbc 2927 EXIST::FUNCTION:AES +OCSP_SINGLERESP_get1_ext_d2i 2928 EXIST::FUNCTION: +EC_POINT_free 2929 EXIST::FUNCTION:EC +DH_up_ref 2930 EXIST::FUNCTION:DH +X509_NAME_ENTRY_it 2931 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +X509_NAME_ENTRY_it 2931 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +UI_get_ex_new_index 2932 EXIST::FUNCTION: +BN_mod_sub_quick 2933 EXIST::FUNCTION: +OCSP_ONEREQ_add_ext 2934 EXIST::FUNCTION: +OCSP_request_sign 2935 EXIST::FUNCTION: +EVP_DigestFinal_ex 2936 EXIST::FUNCTION: +ENGINE_set_digests 2937 EXIST::FUNCTION: +OCSP_id_issuer_cmp 2938 EXIST::FUNCTION: +OBJ_NAME_do_all 2939 EXIST::FUNCTION: +EC_POINTs_mul 2940 EXIST::FUNCTION:EC +ENGINE_register_complete 2941 EXIST::FUNCTION: +X509V3_EXT_nconf_nid 2942 EXIST::FUNCTION: +ASN1_SEQUENCE_it 2943 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +ASN1_SEQUENCE_it 2943 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +UI_set_default_method 2944 EXIST::FUNCTION: +RAND_query_egd_bytes 2945 EXIST::FUNCTION: +UI_method_get_writer 2946 EXIST::FUNCTION: +UI_OpenSSL 2947 EXIST::FUNCTION: +PEM_def_callback 2948 EXIST::FUNCTION: +ENGINE_cleanup 2949 EXIST::FUNCTION: +DIST_POINT_it 2950 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +DIST_POINT_it 2950 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +OCSP_SINGLERESP_it 2951 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +OCSP_SINGLERESP_it 2951 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +d2i_KRB5_TKTBODY 2952 EXIST::FUNCTION: +EC_POINT_cmp 2953 EXIST::FUNCTION:EC +OCSP_REVOKEDINFO_new 2954 EXIST::FUNCTION: +i2d_OCSP_CERTSTATUS 2955 EXIST::FUNCTION: +OCSP_basic_add1_nonce 2956 EXIST::FUNCTION: +ASN1_item_ex_d2i 2957 EXIST::FUNCTION: +BN_mod_lshift1_quick 2958 EXIST::FUNCTION: +UI_set_method 2959 EXIST::FUNCTION: +OCSP_id_get0_info 2960 EXIST::FUNCTION: +BN_mod_sqrt 2961 EXIST::FUNCTION: +EC_GROUP_copy 2962 EXIST::FUNCTION:EC +KRB5_ENCDATA_free 2963 EXIST::FUNCTION: +_ossl_old_des_cfb_encrypt 2964 EXIST::FUNCTION:DES +OCSP_SINGLERESP_get_ext_by_OBJ 2965 EXIST::FUNCTION: +OCSP_cert_to_id 2966 EXIST::FUNCTION: +OCSP_RESPID_new 2967 EXIST::FUNCTION: +OCSP_RESPDATA_it 2968 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +OCSP_RESPDATA_it 2968 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +d2i_OCSP_RESPDATA 2969 EXIST::FUNCTION: +ENGINE_register_all_complete 2970 EXIST::FUNCTION: +OCSP_check_validity 2971 EXIST::FUNCTION: +PKCS12_BAGS_it 2972 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +PKCS12_BAGS_it 2972 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +OCSP_url_svcloc_new 2973 EXIST::FUNCTION: +ASN1_template_free 2974 EXIST::FUNCTION: +OCSP_SINGLERESP_add_ext 2975 EXIST::FUNCTION: +KRB5_AUTHENTBODY_it 2976 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +KRB5_AUTHENTBODY_it 2976 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +X509_supported_extension 2977 EXIST::FUNCTION: +i2d_KRB5_AUTHDATA 2978 EXIST::FUNCTION: +UI_method_get_opener 2979 EXIST::FUNCTION: +ENGINE_set_ex_data 2980 EXIST::FUNCTION: +OCSP_REQUEST_print 2981 EXIST::FUNCTION: +CBIGNUM_it 2982 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +CBIGNUM_it 2982 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +KRB5_TICKET_new 2983 EXIST::FUNCTION: +KRB5_APREQ_new 2984 EXIST::FUNCTION: +EC_GROUP_get_curve_GFp 2985 EXIST::FUNCTION:EC +KRB5_ENCKEY_new 2986 EXIST::FUNCTION: +ASN1_template_d2i 2987 EXIST::FUNCTION: +_ossl_old_des_quad_cksum 2988 EXIST::FUNCTION:DES +OCSP_single_get0_status 2989 EXIST::FUNCTION: +BN_swap 2990 EXIST::FUNCTION: +POLICYINFO_it 2991 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +POLICYINFO_it 2991 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +ENGINE_set_destroy_function 2992 EXIST::FUNCTION: +asn1_enc_free 2993 EXIST::FUNCTION: +OCSP_RESPID_it 2994 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +OCSP_RESPID_it 2994 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +EC_GROUP_new 2995 EXIST::FUNCTION:EC +EVP_aes_256_cbc 2996 EXIST::FUNCTION:AES +i2d_KRB5_PRINCNAME 2997 EXIST::FUNCTION: +_ossl_old_des_encrypt2 2998 EXIST::FUNCTION:DES +_ossl_old_des_encrypt3 2999 EXIST::FUNCTION:DES +PKCS8_PRIV_KEY_INFO_it 3000 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +PKCS8_PRIV_KEY_INFO_it 3000 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +OCSP_REQINFO_it 3001 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +OCSP_REQINFO_it 3001 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +PBEPARAM_it 3002 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +PBEPARAM_it 3002 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +KRB5_AUTHENTBODY_new 3003 EXIST::FUNCTION: +X509_CRL_add0_revoked 3004 EXIST::FUNCTION: +EDIPARTYNAME_it 3005 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +EDIPARTYNAME_it 3005 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +NETSCAPE_SPKI_it 3006 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +NETSCAPE_SPKI_it 3006 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +UI_get0_test_string 3007 EXIST::FUNCTION: +ENGINE_get_cipher_engine 3008 EXIST::FUNCTION: +ENGINE_register_all_ciphers 3009 EXIST::FUNCTION: +EC_POINT_copy 3010 EXIST::FUNCTION:EC +BN_kronecker 3011 EXIST::FUNCTION: +_ossl_old_des_ede3_ofb64_encrypt 3012 EXIST:!VMS:FUNCTION:DES +_ossl_odes_ede3_ofb64_encrypt 3012 EXIST:VMS:FUNCTION:DES +UI_method_get_reader 3013 EXIST::FUNCTION: +OCSP_BASICRESP_get_ext_count 3014 EXIST::FUNCTION: +ASN1_ENUMERATED_it 3015 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +ASN1_ENUMERATED_it 3015 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +UI_set_result 3016 EXIST::FUNCTION: +i2d_KRB5_TICKET 3017 EXIST::FUNCTION: +X509_print_ex_fp 3018 EXIST::FUNCTION:FP_API +EVP_CIPHER_CTX_set_padding 3019 EXIST::FUNCTION: +d2i_OCSP_RESPONSE 3020 EXIST::FUNCTION: +ASN1_UTCTIME_it 3021 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +ASN1_UTCTIME_it 3021 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +_ossl_old_des_enc_write 3022 EXIST::FUNCTION:DES +OCSP_RESPONSE_new 3023 EXIST::FUNCTION: +AES_set_encrypt_key 3024 EXIST::FUNCTION:AES +OCSP_resp_count 3025 EXIST::FUNCTION: +KRB5_CHECKSUM_new 3026 EXIST::FUNCTION: +ENGINE_load_cswift 3027 EXIST::FUNCTION: +OCSP_onereq_get0_id 3028 EXIST::FUNCTION: +ENGINE_set_default_ciphers 3029 EXIST::FUNCTION: +NOTICEREF_it 3030 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +NOTICEREF_it 3030 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +X509V3_EXT_CRL_add_nconf 3031 EXIST::FUNCTION: +OCSP_REVOKEDINFO_it 3032 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +OCSP_REVOKEDINFO_it 3032 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +AES_encrypt 3033 EXIST::FUNCTION:AES +OCSP_REQUEST_new 3034 EXIST::FUNCTION: +ASN1_ANY_it 3035 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +ASN1_ANY_it 3035 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +CRYPTO_ex_data_new_class 3036 EXIST::FUNCTION: +_ossl_old_des_ncbc_encrypt 3037 EXIST::FUNCTION:DES +i2d_KRB5_TKTBODY 3038 EXIST::FUNCTION: +EC_POINT_clear_free 3039 EXIST::FUNCTION:EC +AES_decrypt 3040 EXIST::FUNCTION:AES +asn1_enc_init 3041 EXIST::FUNCTION: +UI_get_result_maxsize 3042 EXIST::FUNCTION: +OCSP_CERTID_new 3043 EXIST::FUNCTION: +ENGINE_unregister_RAND 3044 EXIST::FUNCTION: +UI_method_get_closer 3045 EXIST::FUNCTION: +d2i_KRB5_ENCDATA 3046 EXIST::FUNCTION: +OCSP_request_onereq_count 3047 EXIST::FUNCTION: +OCSP_basic_verify 3048 EXIST::FUNCTION: +KRB5_AUTHENTBODY_free 3049 EXIST::FUNCTION: +ASN1_item_d2i 3050 EXIST::FUNCTION: +ASN1_primitive_free 3051 EXIST::FUNCTION: +i2d_EXTENDED_KEY_USAGE 3052 EXIST::FUNCTION: +i2d_OCSP_SIGNATURE 3053 EXIST::FUNCTION: +asn1_enc_save 3054 EXIST::FUNCTION: +ENGINE_load_nuron 3055 EXIST::FUNCTION: +_ossl_old_des_pcbc_encrypt 3056 EXIST::FUNCTION:DES +PKCS12_MAC_DATA_it 3057 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +PKCS12_MAC_DATA_it 3057 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +OCSP_accept_responses_new 3058 EXIST::FUNCTION: +asn1_do_lock 3059 EXIST::FUNCTION: +PKCS7_ATTR_VERIFY_it 3060 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +PKCS7_ATTR_VERIFY_it 3060 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +KRB5_APREQBODY_it 3061 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +KRB5_APREQBODY_it 3061 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +i2d_OCSP_SINGLERESP 3062 EXIST::FUNCTION: +ASN1_item_ex_new 3063 EXIST::FUNCTION: +UI_add_verify_string 3064 EXIST::FUNCTION: +_ossl_old_des_set_key 3065 EXIST::FUNCTION:DES +KRB5_PRINCNAME_it 3066 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +KRB5_PRINCNAME_it 3066 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +EVP_DecryptInit_ex 3067 EXIST::FUNCTION: +i2d_OCSP_CERTID 3068 EXIST::FUNCTION: +ASN1_item_d2i_bio 3069 EXIST::FUNCTION:BIO +EC_POINT_dbl 3070 EXIST::FUNCTION:EC +asn1_get_choice_selector 3071 EXIST::FUNCTION: +i2d_KRB5_CHECKSUM 3072 EXIST::FUNCTION: +ENGINE_set_table_flags 3073 EXIST::FUNCTION: +AES_options 3074 EXIST::FUNCTION:AES +ENGINE_load_chil 3075 EXIST::FUNCTION: +OCSP_id_cmp 3076 EXIST::FUNCTION: +OCSP_BASICRESP_new 3077 EXIST::FUNCTION: +OCSP_REQUEST_get_ext_by_NID 3078 EXIST::FUNCTION: +KRB5_APREQ_it 3079 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +KRB5_APREQ_it 3079 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +ENGINE_get_destroy_function 3080 EXIST::FUNCTION: +CONF_set_nconf 3081 EXIST::FUNCTION: +ASN1_PRINTABLE_free 3082 EXIST::FUNCTION: +OCSP_BASICRESP_get_ext_by_NID 3083 EXIST::FUNCTION: +DIST_POINT_NAME_it 3084 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +DIST_POINT_NAME_it 3084 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +X509V3_extensions_print 3085 EXIST::FUNCTION: +_ossl_old_des_cfb64_encrypt 3086 EXIST::FUNCTION:DES +X509_REVOKED_add1_ext_i2d 3087 EXIST::FUNCTION: +_ossl_old_des_ofb_encrypt 3088 EXIST::FUNCTION:DES +KRB5_TKTBODY_new 3089 EXIST::FUNCTION: +ASN1_OCTET_STRING_it 3090 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +ASN1_OCTET_STRING_it 3090 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +ERR_load_UI_strings 3091 EXIST::FUNCTION: +i2d_KRB5_ENCKEY 3092 EXIST::FUNCTION: +ASN1_template_new 3093 EXIST::FUNCTION: +OCSP_SIGNATURE_free 3094 EXIST::FUNCTION: +ASN1_item_i2d_fp 3095 EXIST::FUNCTION:FP_API +KRB5_PRINCNAME_free 3096 EXIST::FUNCTION: +PKCS7_RECIP_INFO_it 3097 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +PKCS7_RECIP_INFO_it 3097 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +EXTENDED_KEY_USAGE_it 3098 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +EXTENDED_KEY_USAGE_it 3098 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +EC_GFp_simple_method 3099 EXIST::FUNCTION:EC +EC_GROUP_precompute_mult 3100 EXIST::FUNCTION:EC +OCSP_request_onereq_get0 3101 EXIST::FUNCTION: +UI_method_set_writer 3102 EXIST::FUNCTION: +KRB5_AUTHENT_new 3103 EXIST::FUNCTION: +X509_CRL_INFO_it 3104 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +X509_CRL_INFO_it 3104 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +DSO_set_name_converter 3105 EXIST::FUNCTION: +AES_set_decrypt_key 3106 EXIST::FUNCTION:AES +PKCS7_DIGEST_it 3107 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +PKCS7_DIGEST_it 3107 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +PKCS12_x5092certbag 3108 EXIST::FUNCTION: +EVP_DigestInit_ex 3109 EXIST::FUNCTION: +i2a_ACCESS_DESCRIPTION 3110 EXIST::FUNCTION: +OCSP_RESPONSE_it 3111 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +OCSP_RESPONSE_it 3111 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +PKCS7_ENC_CONTENT_it 3112 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +PKCS7_ENC_CONTENT_it 3112 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +OCSP_request_add0_id 3113 EXIST::FUNCTION: +EC_POINT_make_affine 3114 EXIST::FUNCTION:EC +DSO_get_filename 3115 EXIST::FUNCTION: +OCSP_CERTSTATUS_it 3116 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +OCSP_CERTSTATUS_it 3116 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +OCSP_request_add1_cert 3117 EXIST::FUNCTION: +UI_get0_output_string 3118 EXIST::FUNCTION: +UI_dup_verify_string 3119 EXIST::FUNCTION: +BN_mod_lshift 3120 EXIST::FUNCTION: +KRB5_AUTHDATA_it 3121 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +KRB5_AUTHDATA_it 3121 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +asn1_set_choice_selector 3122 EXIST::FUNCTION: +OCSP_basic_add1_status 3123 EXIST::FUNCTION: +OCSP_RESPID_free 3124 EXIST::FUNCTION: +asn1_get_field_ptr 3125 EXIST::FUNCTION: +UI_add_input_string 3126 EXIST::FUNCTION: +OCSP_CRLID_it 3127 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +OCSP_CRLID_it 3127 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +i2d_KRB5_AUTHENTBODY 3128 EXIST::FUNCTION: +OCSP_REQUEST_get_ext_count 3129 EXIST::FUNCTION: +ENGINE_load_atalla 3130 EXIST::FUNCTION: +X509_NAME_it 3131 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +X509_NAME_it 3131 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +USERNOTICE_it 3132 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +USERNOTICE_it 3132 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +OCSP_REQINFO_new 3133 EXIST::FUNCTION: +OCSP_BASICRESP_get_ext 3134 EXIST::FUNCTION: +CRYPTO_get_ex_data_implementation 3135 EXIST:!VMS:FUNCTION: +CRYPTO_get_ex_data_impl 3135 EXIST:VMS:FUNCTION: +ASN1_item_pack 3136 EXIST::FUNCTION: +i2d_KRB5_ENCDATA 3137 EXIST::FUNCTION: +X509_PURPOSE_set 3138 EXIST::FUNCTION: +X509_REQ_INFO_it 3139 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +X509_REQ_INFO_it 3139 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +UI_method_set_opener 3140 EXIST::FUNCTION: +ASN1_item_ex_free 3141 EXIST::FUNCTION: +ASN1_BOOLEAN_it 3142 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +ASN1_BOOLEAN_it 3142 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +ENGINE_get_table_flags 3143 EXIST::FUNCTION: +UI_create_method 3144 EXIST::FUNCTION: +OCSP_ONEREQ_add1_ext_i2d 3145 EXIST::FUNCTION: +_shadow_DES_check_key 3146 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:DES +_shadow_DES_check_key 3146 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:DES +d2i_OCSP_REQINFO 3147 EXIST::FUNCTION: +UI_add_info_string 3148 EXIST::FUNCTION: +UI_get_result_minsize 3149 EXIST::FUNCTION: +ASN1_NULL_it 3150 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +ASN1_NULL_it 3150 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +BN_mod_lshift1 3151 EXIST::FUNCTION: +d2i_OCSP_ONEREQ 3152 EXIST::FUNCTION: +OCSP_ONEREQ_new 3153 EXIST::FUNCTION: +KRB5_TICKET_it 3154 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +KRB5_TICKET_it 3154 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +EVP_aes_192_cbc 3155 EXIST::FUNCTION:AES +KRB5_TICKET_free 3156 EXIST::FUNCTION: +UI_new 3157 EXIST::FUNCTION: +OCSP_response_create 3158 EXIST::FUNCTION: +_ossl_old_des_xcbc_encrypt 3159 EXIST::FUNCTION:DES +PKCS7_it 3160 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +PKCS7_it 3160 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +OCSP_REQUEST_get_ext_by_critical 3161 EXIST:!VMS:FUNCTION: +OCSP_REQUEST_get_ext_by_crit 3161 EXIST:VMS:FUNCTION: +ENGINE_set_flags 3162 EXIST::FUNCTION: +_ossl_old_des_ecb_encrypt 3163 EXIST::FUNCTION:DES +OCSP_response_get1_basic 3164 EXIST::FUNCTION: +EVP_Digest 3165 EXIST::FUNCTION: +OCSP_ONEREQ_delete_ext 3166 EXIST::FUNCTION: +ASN1_TBOOLEAN_it 3167 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +ASN1_TBOOLEAN_it 3167 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +ASN1_item_new 3168 EXIST::FUNCTION: +ASN1_TIME_to_generalizedtime 3169 EXIST::FUNCTION: +BIGNUM_it 3170 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +BIGNUM_it 3170 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +AES_cbc_encrypt 3171 EXIST::FUNCTION:AES +ENGINE_get_load_privkey_function 3172 EXIST:!VMS:FUNCTION: +ENGINE_get_load_privkey_fn 3172 EXIST:VMS:FUNCTION: +OCSP_RESPONSE_free 3173 EXIST::FUNCTION: +UI_method_set_reader 3174 EXIST::FUNCTION: +i2d_ASN1_T61STRING 3175 EXIST::FUNCTION: +EC_POINT_set_to_infinity 3176 EXIST::FUNCTION:EC +ERR_load_OCSP_strings 3177 EXIST::FUNCTION: +EC_POINT_point2oct 3178 EXIST::FUNCTION:EC +KRB5_APREQ_free 3179 EXIST::FUNCTION: +ASN1_OBJECT_it 3180 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +ASN1_OBJECT_it 3180 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +OCSP_crlID_new 3181 EXIST:!VMS,!WIN16:FUNCTION: +OCSP_crlID2_new 3181 EXIST:VMS,WIN16:FUNCTION: +CONF_modules_load_file 3182 EXIST::FUNCTION: +CONF_imodule_set_usr_data 3183 EXIST::FUNCTION: +ENGINE_set_default_string 3184 EXIST::FUNCTION: +CONF_module_get_usr_data 3185 EXIST::FUNCTION: +ASN1_add_oid_module 3186 EXIST::FUNCTION: +CONF_modules_finish 3187 EXIST::FUNCTION: +OPENSSL_config 3188 EXIST::FUNCTION: +CONF_modules_unload 3189 EXIST::FUNCTION: +CONF_imodule_get_value 3190 EXIST::FUNCTION: +CONF_module_set_usr_data 3191 EXIST::FUNCTION: +CONF_parse_list 3192 EXIST::FUNCTION: +CONF_module_add 3193 EXIST::FUNCTION: +CONF_get1_default_config_file 3194 EXIST::FUNCTION: +CONF_imodule_get_flags 3195 EXIST::FUNCTION: +CONF_imodule_get_module 3196 EXIST::FUNCTION: +CONF_modules_load 3197 EXIST::FUNCTION: +CONF_imodule_get_name 3198 EXIST::FUNCTION: +ERR_peek_top_error 3199 NOEXIST::FUNCTION: +CONF_imodule_get_usr_data 3200 EXIST::FUNCTION: +CONF_imodule_set_flags 3201 EXIST::FUNCTION: +ENGINE_add_conf_module 3202 EXIST::FUNCTION: +ERR_peek_last_error_line 3203 EXIST::FUNCTION: +ERR_peek_last_error_line_data 3204 EXIST::FUNCTION: +ERR_peek_last_error 3205 EXIST::FUNCTION: +DES_read_2passwords 3206 EXIST::FUNCTION:DES +DES_read_password 3207 EXIST::FUNCTION:DES +UI_UTIL_read_pw 3208 EXIST::FUNCTION: +UI_UTIL_read_pw_string 3209 EXIST::FUNCTION: +ENGINE_load_aep 3210 EXIST::FUNCTION: +ENGINE_load_sureware 3211 EXIST::FUNCTION: +OPENSSL_add_all_algorithms_noconf 3212 EXIST:!VMS:FUNCTION: +OPENSSL_add_all_algo_noconf 3212 EXIST:VMS:FUNCTION: +OPENSSL_add_all_algorithms_conf 3213 EXIST:!VMS:FUNCTION: +OPENSSL_add_all_algo_conf 3213 EXIST:VMS:FUNCTION: +OPENSSL_load_builtin_modules 3214 EXIST::FUNCTION: +AES_ofb128_encrypt 3215 EXIST::FUNCTION:AES +AES_ctr128_encrypt 3216 EXIST::FUNCTION:AES +AES_cfb128_encrypt 3217 EXIST::FUNCTION:AES +ENGINE_load_4758cca 3218 EXIST::FUNCTION: +_ossl_096_des_random_seed 3219 EXIST::FUNCTION:DES diff --git a/src/lib/libcrypto/util/mk1mf.pl b/src/lib/libcrypto/util/mk1mf.pl index 149a0f4f80..8b6b2e668a 100644 --- a/src/lib/libcrypto/util/mk1mf.pl +++ b/src/lib/libcrypto/util/mk1mf.pl @@ -1,4 +1,4 @@ -#!/usr/bin/perl +#!/usr/local/bin/perl # A bit of an evil hack but it post processes the file ../MINFO which # is generated by `make files` in the top directory. # This script outputs one mega makefile that has no shell stuff or any @@ -6,88 +6,71 @@ # $INSTALLTOP="/usr/local/ssl"; +$OPTIONS=""; +$ssl_version=""; +$banner="\t\@echo Building OpenSSL"; + +open(IN,") { + $ssl_version=$1 if (/^VERSION=(.*)$/); + $OPTIONS=$1 if (/^OPTIONS=(.*)$/); + $INSTALLTOP=$1 if (/^INSTALLTOP=(.*$)/); +} +close(IN); -$ssl_version="0.8.2"; +die "Makefile.ssl is not the toplevel Makefile!\n" if $ssl_version eq ""; $infile="MINFO"; %ops=( - "VC-WIN32", "Microsoft Visual C++ 4.[01] - Windows NT [34].x", + "VC-WIN32", "Microsoft Visual C++ [4-6] - Windows NT or 9X", + "VC-NT", "Microsoft Visual C++ [4-6] - Windows NT ONLY", "VC-W31-16", "Microsoft Visual C++ 1.52 - Windows 3.1 - 286", "VC-WIN16", "Alias for VC-W31-32", "VC-W31-32", "Microsoft Visual C++ 1.52 - Windows 3.1 - 386+", "VC-MSDOS","Microsoft Visual C++ 1.52 - MSDOS", - "BC-NT", "Borland C++ 4.5 - Windows NT - PROBABLY NOT WORKING", + "Mingw32", "GNU C++ - Windows NT or 9x", + "Mingw32-files", "Create files with DOS copy ...", + "BC-NT", "Borland C++ 4.5 - Windows NT", "BC-W31", "Borland C++ 4.5 - Windows 3.1 - PROBABLY NOT WORKING", "BC-MSDOS","Borland C++ 4.5 - MSDOS", "linux-elf","Linux elf", + "ultrix-mips","DEC mips ultrix", "FreeBSD","FreeBSD distribution", + "OS2-EMX", "EMX GCC OS/2", "default","cc under unix", ); -$type=""; +$platform=""; foreach (@ARGV) { - if (/^no-rc2$/) { $no_rc2=1; } - elsif (/^no-rc4$/) { $no_rc4=1; } - elsif (/^no-rc5$/) { $no_rc5=1; } - elsif (/^no-idea$/) { $no_idea=1; } - elsif (/^no-des$/) { $no_des=1; } - elsif (/^no-bf$/) { $no_bf=1; } - elsif (/^no-cast$/) { $no_cast=1; } - elsif (/^no-md2$/) { $no_md2=1; } - elsif (/^no-md5$/) { $no_md5=1; } - elsif (/^no-sha$/) { $no_sha=1; } - elsif (/^no-sha1$/) { $no_sha1=1; } - elsif (/^no-rmd160$/) { $no_rmd160=1; } - elsif (/^no-mdc2$/) { $no_mdc2=1; } - elsif (/^no-patents$/) { $no_rc2=$no_rc4=$no_rc5=$no_idea=$no_rsa=1; } - elsif (/^no-rsa$/) { $no_rsa=1; } - elsif (/^no-dsa$/) { $no_dsa=1; } - elsif (/^no-dh$/) { $no_dh=1; } - elsif (/^no-asm$/) { $no_asm=1; } - elsif (/^no-ssl2$/) { $no_ssl2=1; } - elsif (/^no-ssl3$/) { $no_ssl3=1; } - elsif (/^no-err$/) { $no_err=1; } - elsif (/^no-sock$/) { $no_sock=1; } - - elsif (/^just-ssl$/) { $no_rc2=$no_idea=$no_des=$no_bf=$no_cast=1; - $no_md2=$no_sha=$no_mdc2=$no_dsa=$no_dh=1; - $no_ssl2=$no_err=1; } - - elsif (/^rsaref$/) { $rsaref=1; } - elsif (/^gcc$/) { $gcc=1; } - elsif (/^debug$/) { $debug=1; } - elsif (/^shlib$/) { $shlib=1; } - elsif (/^dll$/) { $shlib=1; } - elsif (/^([^=]*)=(.*)$/){ $VARS{$1}=$2; } - elsif (/^-[lL].*$/) { $l_flags.="$_ "; } - elsif ((!/^-help/) && (!/^-h/) && (!/^-\?/) && /^-.*$/) - { $c_flags.="$_ "; } - else + if (!&read_options && !defined($ops{$_})) { - if (!defined($ops{$_})) - { - print STDERR "unknown option - $_\n"; - print STDERR "usage: perl mk1mf.pl [system] [options]\n"; - print STDERR "\nwhere [system] can be one of the following\n"; - foreach $i (sort keys %ops) - { printf STDERR "\t%-10s\t%s\n",$i,$ops{$i}; } - print STDERR <<"EOF"; + print STDERR "unknown option - $_\n"; + print STDERR "usage: perl mk1mf.pl [options] [system]\n"; + print STDERR "\nwhere [system] can be one of the following\n"; + foreach $i (sort keys %ops) + { printf STDERR "\t%-10s\t%s\n",$i,$ops{$i}; } + print STDERR <<"EOF"; and [options] can be one of - no-md2 no-md5 no-sha no-sha1 no-mdc2 no-rmd160 - Skip this digest - no-rc2 no-rc4 no-idea no-des no-bf no-cast - Skip this symetric cipher - no-rc5 + no-md2 no-md4 no-md5 no-sha no-mdc2 - Skip this digest + no-ripemd + no-rc2 no-rc4 no-rc5 no-idea no-des - Skip this symetric cipher + no-bf no-cast no-aes no-rsa no-dsa no-dh - Skip this public key cipher no-ssl2 no-ssl3 - Skip this version of SSL just-ssl - remove all non-ssl keys/digest no-asm - No x86 asm + no-krb5 - No KRB5 + no-ec - No EC + nasm - Use NASM for x86 asm + gaswin - Use GNU as with Mingw32 no-socks - No socket code no-err - No error strings dll/shlib - Build shared libraries (MS) debug - Debug build + profile - Profiling build gcc - Use Gcc (unix) - rsaref - Build to require RSAref Values that can be set TMP=tmpdir OUT=outdir SRC=srcdir BIN=binpath INC=header-outdir CC=C-compiler @@ -96,27 +79,30 @@ TMP=tmpdir OUT=outdir SRC=srcdir BIN=binpath INC=header-outdir CC=C-compiler - - extra 'cc' flags, added (MS), or replace (unix) EOF - exit(1); - } - $type=$_; + exit(1); } + $platform=$_; + } +foreach (grep(!/^$/, split(/ /, $OPTIONS))) + { + print STDERR "unknown option - $_\n" if !&read_options; } $no_mdc2=1 if ($no_des); -$no_ssl3=1 if ($no_md5 || $no_sha1); +$no_ssl3=1 if ($no_md5 || $no_sha); $no_ssl3=1 if ($no_rsa && $no_dh); -$no_ssl2=1 if ($no_md5 || $no_rsa); +$no_ssl2=1 if ($no_md5); $no_ssl2=1 if ($no_rsa); $out_def="out"; $inc_def="outinc"; $tmp_def="tmp"; +$mkdir="mkdir"; ($ssl,$crypto)=("ssl","crypto"); -$RSAglue="RSAglue"; $ranlib="echo ranlib"; $cc=(defined($VARS{'CC'}))?$VARS{'CC'}:'cc'; @@ -125,62 +111,84 @@ $bin_dir=(defined($VARS{'BIN'}))?$VARS{'BIN'}:''; # $bin_dir.=$o causes a core dump on my sparc :-( +$NT=0; + push(@INC,"util/pl","pl"); -if ($type eq "VC-MSDOS") +if ($platform eq "VC-MSDOS") { $asmbits=16; $msdos=1; require 'VC-16.pl'; } -elsif ($type eq "VC-W31-16") +elsif ($platform eq "VC-W31-16") { $asmbits=16; $msdos=1; $win16=1; require 'VC-16.pl'; } -elsif (($type eq "VC-W31-32") || ($type eq "VC-WIN16")) +elsif (($platform eq "VC-W31-32") || ($platform eq "VC-WIN16")) { $asmbits=32; $msdos=1; $win16=1; require 'VC-16.pl'; } -elsif (($type eq "VC-WIN32") || ($type eq "VC-NT")) +elsif (($platform eq "VC-WIN32") || ($platform eq "VC-NT")) { + $NT = 1 if $platform eq "VC-NT"; require 'VC-32.pl'; } -elsif ($type eq "BC-NT") +elsif ($platform eq "Mingw32") + { + require 'Mingw32.pl'; + } +elsif ($platform eq "Mingw32-files") + { + require 'Mingw32f.pl'; + } +elsif ($platform eq "BC-NT") { $bc=1; require 'BC-32.pl'; } -elsif ($type eq "BC-W31") +elsif ($platform eq "BC-W31") { $bc=1; $msdos=1; $w16=1; require 'BC-16.pl'; } -elsif ($type eq "BC-Q16") +elsif ($platform eq "BC-Q16") { $msdos=1; $w16=1; $shlib=0; $qw=1; require 'BC-16.pl'; } -elsif ($type eq "BC-MSDOS") +elsif ($platform eq "BC-MSDOS") { $asmbits=16; $msdos=1; require 'BC-16.pl'; } -elsif ($type eq "FreeBSD") +elsif ($platform eq "FreeBSD") { require 'unix.pl'; $cflags='-DTERMIO -D_ANSI_SOURCE -O2 -fomit-frame-pointer'; } -elsif ($type eq "linux-elf") +elsif ($platform eq "linux-elf") { require "unix.pl"; require "linux.pl"; $unix=1; } +elsif ($platform eq "ultrix-mips") + { + require "unix.pl"; + require "ultrix.pl"; + $unix=1; + } +elsif ($platform eq "OS2-EMX") + { + $wc=1; + require 'OS2-EMX.pl'; + } else { require "unix.pl"; @@ -195,42 +203,45 @@ $inc_dir=(defined($VARS{'INC'}))?$VARS{'INC'}:$inc_def; $bin_dir=$bin_dir.$o unless ((substr($bin_dir,-1,1) eq $o) || ($bin_dir eq '')); -$cflags.=" -DNO_IDEA" if $no_idea; -$cflags.=" -DNO_RC2" if $no_rc2; -$cflags.=" -DNO_RC4" if $no_rc4; -$cflags.=" -DNO_RC5" if $no_rc5; -$cflags.=" -DNO_MD2" if $no_md2; -$cflags.=" -DNO_MD5" if $no_md5; -$cflags.=" -DNO_SHA" if $no_sha; -$cflags.=" -DNO_SHA1" if $no_sha1; -$cflags.=" -DNO_RMD160" if $no_rmd160; -$cflags.=" -DNO_MDC2" if $no_mdc2; -$cflags.=" -DNO_BLOWFISH" if $no_bf; -$cflags.=" -DNO_CAST" if $no_cast; -$cflags.=" -DNO_DES" if $no_des; -$cflags.=" -DNO_RSA" if $no_rsa; -$cflags.=" -DNO_DSA" if $no_dsa; -$cflags.=" -DNO_DH" if $no_dh; -$cflags.=" -DNO_SOCK" if $no_sock; -$cflags.=" -DNO_SSL2" if $no_ssl2; -$cflags.=" -DNO_SSL3" if $no_ssl3; -$cflags.=" -DNO_ERR" if $no_err; -$cflags.=" -DRSAref" if $rsaref ne ""; - -if ($unix) - { $cflags="$c_flags" if ($c_flags ne ""); } -else { $cflags="$c_flags$cflags" if ($c_flags ne ""); } +$cflags.=" -DOPENSSL_NO_IDEA" if $no_idea; +$cflags.=" -DOPENSSL_NO_AES" if $no_aes; +$cflags.=" -DOPENSSL_NO_RC2" if $no_rc2; +$cflags.=" -DOPENSSL_NO_RC4" if $no_rc4; +$cflags.=" -DOPENSSL_NO_RC5" if $no_rc5; +$cflags.=" -DOPENSSL_NO_MD2" if $no_md2; +$cflags.=" -DOPENSSL_NO_MD4" if $no_md4; +$cflags.=" -DOPENSSL_NO_MD5" if $no_md5; +$cflags.=" -DOPENSSL_NO_SHA" if $no_sha; +$cflags.=" -DOPENSSL_NO_SHA1" if $no_sha1; +$cflags.=" -DOPENSSL_NO_RIPEMD" if $no_rmd160; +$cflags.=" -DOPENSSL_NO_MDC2" if $no_mdc2; +$cflags.=" -DOPENSSL_NO_BF" if $no_bf; +$cflags.=" -DOPENSSL_NO_CAST" if $no_cast; +$cflags.=" -DOPENSSL_NO_DES" if $no_des; +$cflags.=" -DOPENSSL_NO_RSA" if $no_rsa; +$cflags.=" -DOPENSSL_NO_DSA" if $no_dsa; +$cflags.=" -DOPENSSL_NO_DH" if $no_dh; +$cflags.=" -DOPENSSL_NO_SOCK" if $no_sock; +$cflags.=" -DOPENSSL_NO_SSL2" if $no_ssl2; +$cflags.=" -DOPENSSL_NO_SSL3" if $no_ssl3; +$cflags.=" -DOPENSSL_NO_ERR" if $no_err; +$cflags.=" -DOPENSSL_NO_KRB5" if $no_krb5; +$cflags.=" -DOPENSSL_NO_EC" if $no_ec; +#$cflags.=" -DRSAref" if $rsaref ne ""; + +## if ($unix) +## { $cflags="$c_flags" if ($c_flags ne ""); } +##else + { $cflags="$c_flags$cflags" if ($c_flags ne ""); } $ex_libs="$l_flags$ex_libs" if ($l_flags ne ""); -if ($ranlib ne "") - { - $ranlib="\$(SRC_D)$o$ranlib"; - } +%shlib_ex_cflags=("SSL" => " -DOPENSSL_BUILD_SHLIBSSL", + "CRYPTO" => " -DOPENSSL_BUILD_SHLIBCRYPTO"); if ($msdos) { - $banner ="\t\@echo Make sure you have run 'perl Configure $type' in the\n"; + $banner ="\t\@echo Make sure you have run 'perl Configure $platform' in the\n"; $banner.="\t\@echo top level directory, if you don't have perl, you will\n"; $banner.="\t\@echo need to probably edit crypto/bn/bn.h, check the\n"; $banner.="\t\@echo documentation for details.\n"; @@ -242,8 +253,8 @@ $link="$bin_dir$link" if ($link !~ /^\$/); $INSTALLTOP =~ s|/|$o|g; $defs= <<"EOF"; -# This makefile has been automatically generated from the SSLeay distribution. -# This single makefile will build the complete SSLeay distribution and +# This makefile has been automatically generated from the OpenSSL distribution. +# This single makefile will build the complete OpenSSL distribution and # by default leave the 'intertesting' output files in .${o}out and the stuff # that needs deleting in .${o}tmp. # The file was generated by running 'make makefile.one', which @@ -258,6 +269,7 @@ $defs= <<"EOF"; INSTALLTOP=$INSTALLTOP # Set your compiler options +PLATFORM=$platform CC=$bin_dir${cc} CFLAG=$cflags APP_CFLAG=$app_cflag @@ -269,18 +281,18 @@ SHLIB_EX_OBJ=$shlib_ex_obj # be added EX_LIBS=$ex_libs -# The SSLeay directory +# The OpenSSL directory SRC_D=$src_dir LINK=$link LFLAGS=$lflags -BN_MULW_OBJ=$bn_mulw_obj -BN_MULW_SRC=$bn_mulw_src +BN_ASM_OBJ=$bn_asm_obj +BN_ASM_SRC=$bn_asm_src +BNCO_ASM_OBJ=$bnco_asm_obj +BNCO_ASM_SRC=$bnco_asm_src DES_ENC_OBJ=$des_enc_obj DES_ENC_SRC=$des_enc_src -DES_CRYPT_OBJ=$des_crypt_obj -DES_CRYPT_SRC=$des_crypt_src BF_ENC_OBJ=$bf_enc_obj BF_ENC_SRC=$bf_enc_src CAST_ENC_OBJ=$cast_enc_obj @@ -302,11 +314,12 @@ OUT_D=$out_dir TMP_D=$tmp_dir # The output directory for the header files INC_D=$inc_dir +INCO_D=$inc_dir${o}openssl CP=$cp RM=$rm RANLIB=$ranlib -MKDIR=mkdir +MKDIR=$mkdir MKLIB=$bin_dir$mklib MLFLAGS=$mlflags ASM=$bin_dir$asm @@ -315,14 +328,16 @@ ASM=$bin_dir$asm # You should not need to touch anything below this point ###################################################### -E_EXE=ssleay +E_EXE=openssl SSL=$ssl CRYPTO=$crypto -RSAGLUE=$RSAglue # BIN_D - Binary output directory # TEST_D - Binary test file output directory # LIB_D - library output directory +# Note: if you change these point to different directories then uncomment out +# the lines around the 'NB' comment below. +# BIN_D=\$(OUT_D) TEST_D=\$(OUT_D) LIB_D=\$(OUT_D) @@ -334,14 +349,12 @@ INCL_D=\$(TMP_D) O_SSL= \$(LIB_D)$o$plib\$(SSL)$shlibp O_CRYPTO= \$(LIB_D)$o$plib\$(CRYPTO)$shlibp -O_RSAGLUE= \$(LIB_D)$o$plib\$(RSAGLUE)$libp SO_SSL= $plib\$(SSL)$so_shlibp SO_CRYPTO= $plib\$(CRYPTO)$so_shlibp -L_SSL= \$(LIB_D)$o\$(SSL)$libp -L_CRYPTO= \$(LIB_D)$o\$(CRYPTO)$libp +L_SSL= \$(LIB_D)$o$plib\$(SSL)$libp +L_CRYPTO= \$(LIB_D)$o$plib\$(CRYPTO)$libp L_LIBS= \$(L_SSL) \$(L_CRYPTO) -#L_LIBS= \$(O_SSL) \$(O_RSAGLUE) -lrsaref \$(O_CRYPTO) ###################################################### # Don't touch anything below this point @@ -351,33 +364,37 @@ INC=-I\$(INC_D) -I\$(INCL_D) APP_CFLAGS=\$(INC) \$(CFLAG) \$(APP_CFLAG) LIB_CFLAGS=\$(INC) \$(CFLAG) \$(LIB_CFLAG) SHLIB_CFLAGS=\$(INC) \$(CFLAG) \$(LIB_CFLAG) \$(SHLIB_CFLAG) -LIBS_DEP=\$(O_CRYPTO) \$(O_RSAGLUE) \$(O_SSL) +LIBS_DEP=\$(O_CRYPTO) \$(O_SSL) ############################################# EOF $rules=<<"EOF"; -all: banner \$(TMP_D) \$(BIN_D) \$(TEST_D) \$(LIB_D) \$(INC_D) headers lib exe +all: banner \$(TMP_D) \$(BIN_D) \$(TEST_D) \$(LIB_D) \$(INCO_D) headers lib exe banner: $banner \$(TMP_D): \$(MKDIR) \$(TMP_D) - -\$(BIN_D): - \$(MKDIR) \$(BIN_D) - -\$(TEST_D): - \$(MKDIR) \$(TEST_D) +# NB: uncomment out these lines if BIN_D, TEST_D and LIB_D are different +#\$(BIN_D): +# \$(MKDIR) \$(BIN_D) +# +#\$(TEST_D): +# \$(MKDIR) \$(TEST_D) \$(LIB_D): \$(MKDIR) \$(LIB_D) +\$(INCO_D): \$(INC_D) + \$(MKDIR) \$(INCO_D) + \$(INC_D): \$(MKDIR) \$(INC_D) headers: \$(HEADER) \$(EXHEADER) + @ lib: \$(LIBS_DEP) @@ -387,8 +404,9 @@ install: \$(MKDIR) \$(INSTALLTOP) \$(MKDIR) \$(INSTALLTOP)${o}bin \$(MKDIR) \$(INSTALLTOP)${o}include + \$(MKDIR) \$(INSTALLTOP)${o}include${o}openssl \$(MKDIR) \$(INSTALLTOP)${o}lib - \$(CP) \$(INC_D)${o}*.\[ch\] \$(INSTALLTOP)${o}include + \$(CP) \$(INCO_D)${o}*.\[ch\] \$(INSTALLTOP)${o}include${o}openssl \$(CP) \$(BIN_D)$o\$(E_EXE)$exep \$(INSTALLTOP)${o}bin \$(CP) \$(O_SSL) \$(INSTALLTOP)${o}lib \$(CP) \$(O_CRYPTO) \$(INSTALLTOP)${o}lib @@ -401,6 +419,42 @@ vclean: \$(RM) \$(OUT_D)$o*.* EOF + +my $platform_cpp_symbol = "MK1MF_PLATFORM_$platform"; +$platform_cpp_symbol =~ s/-/_/g; +if (open(IN,"crypto/buildinf.h")) + { + # Remove entry for this platform in existing file buildinf.h. + + my $old_buildinf_h = ""; + while () + { + if (/^\#ifdef $platform_cpp_symbol$/) + { + while () { last if (/^\#endif/); } + } + else + { + $old_buildinf_h .= $_; + } + } + close(IN); + + open(OUT,">crypto/buildinf.h") || die "Can't open buildinf.h"; + print OUT $old_buildinf_h; + close(OUT); + } + +open (OUT,">>crypto/buildinf.h") || die "Can't open buildinf.h"; +printf OUT <) { + $options=$1 if (/^OPTIONS=(.*)$/); +} +close(IN); + +# The following ciphers may be excluded (by Configure). This means functions +# defined with ifndef(NO_XXX) are not included in the .def file, and everything +# in directory xxx is ignored. +my $no_rc2; my $no_rc4; my $no_rc5; my $no_idea; my $no_des; my $no_bf; +my $no_cast; +my $no_md2; my $no_md4; my $no_md5; my $no_sha; my $no_ripemd; my $no_mdc2; +my $no_rsa; my $no_dsa; my $no_dh; my $no_hmac=0; my $no_aes; my $no_krb5; +my $no_ec; +my $no_fp_api; + +foreach (@ARGV, split(/ /, $options)) { - $NT=1 if $_ eq "32"; - $NT=0 if $_ eq "16"; + $debug=1 if $_ eq "debug"; + $W32=1 if $_ eq "32"; + $W16=1 if $_ eq "16"; + if($_ eq "NT") { + $W32 = 1; + $NT = 1; + } + if ($_ eq "VMS-VAX") { + $VMS=1; + $VMSVAX=1; + } + if ($_ eq "VMS-Alpha") { + $VMS=1; + $VMSAlpha=1; + } + $VMS=1 if $_ eq "VMS"; + $do_ssl=1 if $_ eq "ssleay"; + $do_ssl=1 if $_ eq "ssl"; $do_crypto=1 if $_ eq "libeay"; + $do_crypto=1 if $_ eq "crypto"; + $do_update=1 if $_ eq "update"; + $do_rewrite=1 if $_ eq "rewrite"; + $do_ctest=1 if $_ eq "ctest"; + $do_ctestall=1 if $_ eq "ctestall"; + $do_checkexist=1 if $_ eq "exist"; + #$safe_stack_def=1 if $_ eq "-DDEBUG_SAFESTACK"; + + if (/^no-rc2$/) { $no_rc2=1; } + elsif (/^no-rc4$/) { $no_rc4=1; } + elsif (/^no-rc5$/) { $no_rc5=1; } + elsif (/^no-idea$/) { $no_idea=1; } + elsif (/^no-des$/) { $no_des=1; $no_mdc2=1; } + elsif (/^no-bf$/) { $no_bf=1; } + elsif (/^no-cast$/) { $no_cast=1; } + elsif (/^no-md2$/) { $no_md2=1; } + elsif (/^no-md4$/) { $no_md4=1; } + elsif (/^no-md5$/) { $no_md5=1; } + elsif (/^no-sha$/) { $no_sha=1; } + elsif (/^no-ripemd$/) { $no_ripemd=1; } + elsif (/^no-mdc2$/) { $no_mdc2=1; } + elsif (/^no-rsa$/) { $no_rsa=1; } + elsif (/^no-dsa$/) { $no_dsa=1; } + elsif (/^no-dh$/) { $no_dh=1; } + elsif (/^no-ec$/) { $no_ec=1; } + elsif (/^no-hmac$/) { $no_hmac=1; } + elsif (/^no-aes$/) { $no_aes=1; } + elsif (/^no-evp$/) { $no_evp=1; } + elsif (/^no-lhash$/) { $no_lhash=1; } + elsif (/^no-stack$/) { $no_stack=1; } + elsif (/^no-err$/) { $no_err=1; } + elsif (/^no-buffer$/) { $no_buffer=1; } + elsif (/^no-bio$/) { $no_bio=1; } + #elsif (/^no-locking$/) { $no_locking=1; } + elsif (/^no-comp$/) { $no_comp=1; } + elsif (/^no-dso$/) { $no_dso=1; } + elsif (/^no-krb5$/) { $no_krb5=1; } } + +# If no platform is given, assume WIN32 +if ($W32 + $W16 + $VMS == 0) { + $W32 = 1; +} + +# Add extra knowledge +if ($W16) { + $no_fp_api=1; +} + if (!$do_ssl && !$do_crypto) { - print STDERR "usage: $0 ( ssl | crypto ) [ 16 | 32 ]\n"; + print STDERR "usage: $0 ( ssl | crypto ) [ 16 | 32 | NT ]\n"; exit(1); } %ssl_list=&load_numbers($ssl_num); +$max_ssl = $max_num; %crypto_list=&load_numbers($crypto_num); +$max_crypto = $max_num; + +my $ssl="ssl/ssl.h"; +$ssl.=" ssl/kssl.h"; -$ssl="ssl/ssl.h"; - -$crypto ="crypto/crypto.h"; -$crypto.=" crypto/des/des.h"; -$crypto.=" crypto/idea/idea.h"; -$crypto.=" crypto/rc4/rc4.h"; -$crypto.=" crypto/rc5/rc5.h"; -$crypto.=" crypto/rc2/rc2.h"; -$crypto.=" crypto/bf/blowfish.h"; -$crypto.=" crypto/cast/cast.h"; -$crypto.=" crypto/md2/md2.h"; -$crypto.=" crypto/md5/md5.h"; -$crypto.=" crypto/mdc2/mdc2.h"; -$crypto.=" crypto/sha/sha.h"; -$crypto.=" crypto/ripemd/ripemd.h"; +my $crypto ="crypto/crypto.h"; +$crypto.=" crypto/des/des.h crypto/des/des_old.h" ; # unless $no_des; +$crypto.=" crypto/idea/idea.h" ; # unless $no_idea; +$crypto.=" crypto/rc4/rc4.h" ; # unless $no_rc4; +$crypto.=" crypto/rc5/rc5.h" ; # unless $no_rc5; +$crypto.=" crypto/rc2/rc2.h" ; # unless $no_rc2; +$crypto.=" crypto/bf/blowfish.h" ; # unless $no_bf; +$crypto.=" crypto/cast/cast.h" ; # unless $no_cast; +$crypto.=" crypto/md2/md2.h" ; # unless $no_md2; +$crypto.=" crypto/md4/md4.h" ; # unless $no_md4; +$crypto.=" crypto/md5/md5.h" ; # unless $no_md5; +$crypto.=" crypto/mdc2/mdc2.h" ; # unless $no_mdc2; +$crypto.=" crypto/sha/sha.h" ; # unless $no_sha; +$crypto.=" crypto/ripemd/ripemd.h" ; # unless $no_ripemd; +$crypto.=" crypto/aes/aes.h" ; # unless $no_aes; $crypto.=" crypto/bn/bn.h"; -$crypto.=" crypto/rsa/rsa.h"; -$crypto.=" crypto/dsa/dsa.h"; -$crypto.=" crypto/dh/dh.h"; - -$crypto.=" crypto/stack/stack.h"; -$crypto.=" crypto/buffer/buffer.h"; -$crypto.=" crypto/bio/bio.h"; -$crypto.=" crypto/lhash/lhash.h"; +$crypto.=" crypto/rsa/rsa.h" ; # unless $no_rsa; +$crypto.=" crypto/dsa/dsa.h" ; # unless $no_dsa; +$crypto.=" crypto/dh/dh.h" ; # unless $no_dh; +$crypto.=" crypto/ec/ec.h" ; # unless $no_ec; +$crypto.=" crypto/hmac/hmac.h" ; # unless $no_hmac; + +$crypto.=" crypto/engine/engine.h"; +$crypto.=" crypto/stack/stack.h" ; # unless $no_stack; +$crypto.=" crypto/buffer/buffer.h" ; # unless $no_buffer; +$crypto.=" crypto/bio/bio.h" ; # unless $no_bio; +$crypto.=" crypto/dso/dso.h" ; # unless $no_dso; +$crypto.=" crypto/lhash/lhash.h" ; # unless $no_lhash; $crypto.=" crypto/conf/conf.h"; $crypto.=" crypto/txt_db/txt_db.h"; -$crypto.=" crypto/evp/evp.h"; +$crypto.=" crypto/evp/evp.h" ; # unless $no_evp; $crypto.=" crypto/objects/objects.h"; $crypto.=" crypto/pem/pem.h"; #$crypto.=" crypto/meth/meth.h"; $crypto.=" crypto/asn1/asn1.h"; +$crypto.=" crypto/asn1/asn1t.h"; $crypto.=" crypto/asn1/asn1_mac.h"; -$crypto.=" crypto/err/err.h"; +$crypto.=" crypto/err/err.h" ; # unless $no_err; $crypto.=" crypto/pkcs7/pkcs7.h"; +$crypto.=" crypto/pkcs12/pkcs12.h"; $crypto.=" crypto/x509/x509.h"; $crypto.=" crypto/x509/x509_vfy.h"; +$crypto.=" crypto/x509v3/x509v3.h"; $crypto.=" crypto/rand/rand.h"; -$crypto.=" crypto/hmac/hmac.h"; +$crypto.=" crypto/comp/comp.h" ; # unless $no_comp; +$crypto.=" crypto/ocsp/ocsp.h"; +$crypto.=" crypto/ui/ui.h crypto/ui/ui_compat.h"; +$crypto.=" crypto/krb5/krb5_asn.h"; +$crypto.=" crypto/tmdiff.h"; + +my $symhacks="crypto/symhacks.h"; + +my @ssl_symbols = &do_defs("SSLEAY", $ssl, $symhacks); +my @crypto_symbols = &do_defs("LIBEAY", $crypto, $symhacks); + +if ($do_update) { + +if ($do_ssl == 1) { + + &maybe_add_info("SSLEAY",*ssl_list,@ssl_symbols); + if ($do_rewrite == 1) { + open(OUT, ">$ssl_num"); + &rewrite_numbers(*OUT,"SSLEAY",*ssl_list,@ssl_symbols); + } else { + open(OUT, ">>$ssl_num"); + } + &update_numbers(*OUT,"SSLEAY",*ssl_list,$max_ssl,@ssl_symbols); + close OUT; +} + +if($do_crypto == 1) { + + &maybe_add_info("LIBEAY",*crypto_list,@crypto_symbols); + if ($do_rewrite == 1) { + open(OUT, ">$crypto_num"); + &rewrite_numbers(*OUT,"LIBEAY",*crypto_list,@crypto_symbols); + } else { + open(OUT, ">>$crypto_num"); + } + &update_numbers(*OUT,"LIBEAY",*crypto_list,$max_crypto,@crypto_symbols); + close OUT; +} + +} elsif ($do_checkexist) { + &check_existing(*ssl_list, @ssl_symbols) + if $do_ssl == 1; + &check_existing(*crypto_list, @crypto_symbols) + if $do_crypto == 1; +} elsif ($do_ctest || $do_ctestall) { -$match{'NOPROTO'}=1; -$match2{'PERL5'}=1; + print <<"EOF"; -&print_def_file(*STDOUT,"SSLEAY",*ssl_list,&do_defs("SSLEAY",$ssl)) - if $do_ssl == 1; +/* Test file to check all DEF file symbols are present by trying + * to link to all of them. This is *not* intended to be run! + */ + +int main() +{ +EOF + &print_test_file(*STDOUT,"SSLEAY",*ssl_list,$do_ctestall,@ssl_symbols) + if $do_ssl == 1; + + &print_test_file(*STDOUT,"LIBEAY",*crypto_list,$do_ctestall,@crypto_symbols) + if $do_crypto == 1; + + print "}\n"; + +} else { + + &print_def_file(*STDOUT,"SSLEAY",*ssl_list,@ssl_symbols) + if $do_ssl == 1; + + &print_def_file(*STDOUT,"LIBEAY",*crypto_list,@crypto_symbols) + if $do_crypto == 1; + +} -&print_def_file(*STDOUT,"LIBEAY",*crypto_list,&do_defs("LIBEAY",$crypto)) - if $do_crypto == 1; sub do_defs - { - local($name,$files)=@_; - local(@ret); +{ + my($name,$files,$symhacksfile)=@_; + my $file; + my @ret; + my %syms; + my %platform; # For anything undefined, we assume "" + my %kind; # For anything undefined, we assume "FUNCTION" + my %algorithm; # For anything undefined, we assume "" + my %variant; + my %variant_cnt; # To be able to allocate "name{n}" if "name" + # is the same name as the original. + my $cpp; + my %unknown_algorithms = (); - $off=-1; - foreach $file (split(/\s+/,$files)) + foreach $file (split(/\s+/,$symhacksfile." ".$files)) { -# print STDERR "reading $file\n"; + print STDERR "DEBUG: starting on $file:\n" if $debug; open(IN,"<$file") || die "unable to open $file:$!\n"; - $depth=0; - $pr=-1; - @np=""; - $/=undef; - $a=; - while (($i=index($a,"/*")) >= 0) + my $line = "", my $def= ""; + my %tag = ( + (map { $_ => 0 } @known_platforms), + (map { "OPENSSL_SYS_".$_ => 0 } @known_ossl_platforms), + (map { "OPENSSL_NO_".$_ => 0 } @known_algorithms), + NOPROTO => 0, + PERL5 => 0, + _WINDLL => 0, + CONST_STRICT => 0, + TRUE => 1, + ); + my $symhacking = $file eq $symhacksfile; + my @current_platforms = (); + my @current_algorithms = (); + + # params: symbol, alias, platforms, kind + # The reason to put this subroutine in a variable is that + # it will otherwise create it's own, unshared, version of + # %tag and %variant... + my $make_variant = sub + { + my ($s, $a, $p, $k) = @_; + my ($a1, $a2); + + print STDERR "DEBUG: make_variant: Entered with ",$s,", ",$a,", ",(defined($p)?$p:""),", ",(defined($k)?$k:""),"\n" if $debug; + if (defined($p)) { - $j=index($a,"*/"); - break unless ($j >= 0); - $a=substr($a,0,$i).substr($a,$j+2); - # print "$i $j\n"; + $a1 = join(",",$p, + grep(!/^$/, + map { $tag{$_} == 1 ? $_ : "" } + @known_platforms)); } - foreach (split("\n",$a)) + else + { + $a1 = join(",", + grep(!/^$/, + map { $tag{$_} == 1 ? $_ : "" } + @known_platforms)); + } + $a2 = join(",", + grep(!/^$/, + map { $tag{"OPENSSL_SYS_".$_} == 1 ? $_ : "" } + @known_ossl_platforms)); + print STDERR "DEBUG: make_variant: a1 = $a1; a2 = $a2\n" if $debug; + if ($a1 eq "") { $a1 = $a2; } + elsif ($a1 ne "" && $a2 ne "") { $a1 .= ",".$a2; } + if ($a eq $s) { - if (/^\#\s*ifndef (.*)/) + if (!defined($variant_cnt{$s})) { - push(@tag,$1); - $tag{$1}=-1; - next; + $variant_cnt{$s} = 0; } - elsif (/^\#\s*if !defined\(([^\)]+)\)/) - { + $variant_cnt{$s}++; + $a .= "{$variant_cnt{$s}}"; + } + my $toadd = $a.":".$a1.(defined($k)?":".$k:""); + my $togrep = $s.'(\{[0-9]+\})?:'.$a1.(defined($k)?":".$k:""); + if (!grep(/^$togrep$/, + split(/;/, defined($variant{$s})?$variant{$s}:""))) { + if (defined($variant{$s})) { $variant{$s} .= ";"; } + $variant{$s} .= $toadd; + } + print STDERR "DEBUG: make_variant: Exit with variant of ",$s," = ",$variant{$s},"\n" if $debug; + }; + + print STDERR "DEBUG: parsing ----------\n" if $debug; + while() { + last if (/\/\* Error codes for the \w+ functions\. \*\//); + if ($line ne '') { + $_ = $line . $_; + $line = ''; + } + + if (/\\$/) { + chomp; # remove eol + chop; # remove ending backslash + $line = $_; + next; + } + + $cpp = 1 if /^\#.*ifdef.*cplusplus/; + if ($cpp) { + $cpp = 0 if /^\#.*endif/; + next; + } + + s/\/\*.*?\*\///gs; # ignore comments + s/{[^{}]*}//gs; # ignore {} blocks + print STDERR "DEBUG: \$_=\"$_\"\n" if $debug; + if (/^\#\s*ifndef\s+(.*)/) { + push(@tag,"-"); push(@tag,$1); $tag{$1}=-1; - next; + print STDERR "DEBUG: $file: found tag $1 = -1\n" if $debug; + } elsif (/^\#\s*if\s+!defined\(([^\)]+)\)/) { + push(@tag,"-"); + if (/^\#\s*if\s+(!defined\(([^\)]+)\)(\s+\&\&\s+!defined\(([^\)]+)\))*)$/) { + my $tmp_1 = $1; + my $tmp_; + foreach $tmp_ (split '\&\&',$tmp_1) { + $tmp_ =~ /!defined\(([^\)]+)\)/; + print STDERR "DEBUG: $file: found tag $1 = -1\n" if $debug; + push(@tag,$1); + $tag{$1}=-1; + } + } else { + print STDERR "Warning: $file: complicated expression: $_" if $debug; # because it is O... + print STDERR "DEBUG: $file: found tag $1 = -1\n" if $debug; + push(@tag,$1); + $tag{$1}=-1; } - elsif (/^\#\s*ifdef (.*)/) - { + } elsif (/^\#\s*ifdef\s+(.*)/) { + push(@tag,"-"); push(@tag,$1); $tag{$1}=1; - next; + print STDERR "DEBUG: $file: found tag $1 = 1\n" if $debug; + } elsif (/^\#\s*if\s+defined\(([^\)]+)\)/) { + push(@tag,"-"); + if (/^\#\s*if\s+(defined\(([^\)]+)\)(\s+\|\|\s+defined\(([^\)]+)\))*)$/) { + my $tmp_1 = $1; + my $tmp_; + foreach $tmp_ (split '\|\|',$tmp_1) { + $tmp_ =~ /defined\(([^\)]+)\)/; + print STDERR "DEBUG: $file: found tag $1 = 1\n" if $debug; + push(@tag,$1); + $tag{$1}=1; + } + } else { + print STDERR "Warning: $file: complicated expression: $_\n" if $debug; # because it is O... + print STDERR "DEBUG: $file: found tag $1 = 1\n" if $debug; + push(@tag,$1); + $tag{$1}=1; } - elsif (/^\#\s*if defined(.*)/) - { - push(@tag,$1); - $tag{$1}=1; - next; + } elsif (/^\#\s*error\s+(\w+) is disabled\./) { + my $tag_i = $#tag; + while($tag[$tag_i] ne "-") { + if ($tag[$tag_i] eq "OPENSSL_NO_".$1) { + $tag{$tag[$tag_i]}=2; + print STDERR "DEBUG: $file: chaged tag $1 = 2\n" if $debug; + } + $tag_i--; + } + } elsif (/^\#\s*endif/) { + my $tag_i = $#tag; + while($tag[$tag_i] ne "-") { + my $t=$tag[$tag_i]; + print STDERR "DEBUG: \$t=\"$t\"\n" if $debug; + if ($tag{$t}==2) { + $tag{$t}=-1; + } else { + $tag{$t}=0; + } + print STDERR "DEBUG: $file: changed tag ",$t," = ",$tag{$t},"\n" if $debug; + pop(@tag); + if ($t =~ /^OPENSSL_NO_([A-Z0-9_]+)$/) { + $t=$1; + } else { + $t=""; + } + if ($t ne "" + && !grep(/^$t$/, @known_algorithms)) { + $unknown_algorithms{$t} = 1; + #print STDERR "DEBUG: Added as unknown algorithm: $t\n" if $debug; + } + $tag_i--; } - elsif (/^\#\s*endif/) - { - $tag{$tag[$#tag]}=0; pop(@tag); + } elsif (/^\#\s*else/) { + my $tag_i = $#tag; + while($tag[$tag_i] ne "-") { + my $t=$tag[$tag_i]; + $tag{$t}= -$tag{$t}; + print STDERR "DEBUG: $file: changed tag ",$t," = ",$tag{$t},"\n" if $debug; + $tag_i--; + } + } elsif (/^\#\s*if\s+1/) { + push(@tag,"-"); + # Dummy tag + push(@tag,"TRUE"); + $tag{"TRUE"}=1; + print STDERR "DEBUG: $file: found 1\n" if $debug; + } elsif (/^\#\s*if\s+0/) { + push(@tag,"-"); + # Dummy tag + push(@tag,"TRUE"); + $tag{"TRUE"}=-1; + print STDERR "DEBUG: $file: found 0\n" if $debug; + } elsif (/^\#\s*define\s+(\w+)\s+(\w+)/ + && $symhacking && $tag{'TRUE'} != -1) { + # This is for aliasing. When we find an alias, + # we have to invert + &$make_variant($1,$2); + print STDERR "DEBUG: $file: defined $1 = $2\n" if $debug; + } + if (/^\#/) { + @current_platforms = + grep(!/^$/, + map { $tag{$_} == 1 ? $_ : + $tag{$_} == -1 ? "!".$_ : "" } + @known_platforms); + push @current_platforms + , grep(!/^$/, + map { $tag{"OPENSSL_SYS_".$_} == 1 ? $_ : + $tag{"OPENSSL_SYS_".$_} == -1 ? "!".$_ : "" } + @known_ossl_platforms); + @current_algorithms = + grep(!/^$/, + map { $tag{"OPENSSL_NO_".$_} == -1 ? $_ : "" } + @known_algorithms); + $def .= + "#INFO:" + .join(',',@current_platforms).":" + .join(',',@current_algorithms).";"; next; + } + if ($tag{'TRUE'} != -1) { + if (/^\s*DECLARE_STACK_OF\s*\(\s*(\w*)\s*\)/) { + next; + } elsif (/^\s*DECLARE_ASN1_ENCODE_FUNCTIONS\s*\(\s*(\w*)\s*,\s*(\w*)\s*,\s*(\w*)\s*\)/) { + $def .= "int d2i_$3(void);"; + $def .= "int i2d_$3(void);"; + # Variant for platforms that do not + # have to access globale variables + # in shared libraries through functions + $def .= + "#INFO:" + .join(',',"!EXPORT_VAR_AS_FUNCTION",@current_platforms).":" + .join(',',@current_algorithms).";"; + $def .= "OPENSSL_EXTERN int $2_it;"; + $def .= + "#INFO:" + .join(',',@current_platforms).":" + .join(',',@current_algorithms).";"; + # Variant for platforms that have to + # access globale variables in shared + # libraries through functions + &$make_variant("$2_it","$2_it", + "EXPORT_VAR_AS_FUNCTION", + "FUNCTION"); + next; + } elsif (/^\s*DECLARE_ASN1_FUNCTIONS_fname\s*\(\s*(\w*)\s*,\s*(\w*)\s*,\s*(\w*)\s*\)/) { + $def .= "int d2i_$3(void);"; + $def .= "int i2d_$3(void);"; + $def .= "int $3_free(void);"; + $def .= "int $3_new(void);"; + # Variant for platforms that do not + # have to access globale variables + # in shared libraries through functions + $def .= + "#INFO:" + .join(',',"!EXPORT_VAR_AS_FUNCTION",@current_platforms).":" + .join(',',@current_algorithms).";"; + $def .= "OPENSSL_EXTERN int $2_it;"; + $def .= + "#INFO:" + .join(',',@current_platforms).":" + .join(',',@current_algorithms).";"; + # Variant for platforms that have to + # access globale variables in shared + # libraries through functions + &$make_variant("$2_it","$2_it", + "EXPORT_VAR_AS_FUNCTION", + "FUNCTION"); + next; + } elsif (/^\s*DECLARE_ASN1_FUNCTIONS\s*\(\s*(\w*)\s*\)/ || + /^\s*DECLARE_ASN1_FUNCTIONS_const\s*\(\s*(\w*)\s*\)/) { + $def .= "int d2i_$1(void);"; + $def .= "int i2d_$1(void);"; + $def .= "int $1_free(void);"; + $def .= "int $1_new(void);"; + # Variant for platforms that do not + # have to access globale variables + # in shared libraries through functions + $def .= + "#INFO:" + .join(',',"!EXPORT_VAR_AS_FUNCTION",@current_platforms).":" + .join(',',@current_algorithms).";"; + $def .= "OPENSSL_EXTERN int $1_it;"; + $def .= + "#INFO:" + .join(',',@current_platforms).":" + .join(',',@current_algorithms).";"; + # Variant for platforms that have to + # access globale variables in shared + # libraries through functions + &$make_variant("$1_it","$1_it", + "EXPORT_VAR_AS_FUNCTION", + "FUNCTION"); + next; + } elsif (/^\s*DECLARE_ASN1_ENCODE_FUNCTIONS_const\s*\(\s*(\w*)\s*,\s*(\w*)\s*\)/) { + $def .= "int d2i_$2(void);"; + $def .= "int i2d_$2(void);"; + # Variant for platforms that do not + # have to access globale variables + # in shared libraries through functions + $def .= + "#INFO:" + .join(',',"!EXPORT_VAR_AS_FUNCTION",@current_platforms).":" + .join(',',@current_algorithms).";"; + $def .= "OPENSSL_EXTERN int $2_it;"; + $def .= + "#INFO:" + .join(',',@current_platforms).":" + .join(',',@current_algorithms).";"; + # Variant for platforms that have to + # access globale variables in shared + # libraries through functions + &$make_variant("$2_it","$2_it", + "EXPORT_VAR_AS_FUNCTION", + "FUNCTION"); + next; + } elsif (/^\s*DECLARE_ASN1_FUNCTIONS_name\s*\(\s*(\w*)\s*,\s*(\w*)\s*\)/) { + $def .= "int d2i_$2(void);"; + $def .= "int i2d_$2(void);"; + $def .= "int $2_free(void);"; + $def .= "int $2_new(void);"; + # Variant for platforms that do not + # have to access globale variables + # in shared libraries through functions + $def .= + "#INFO:" + .join(',',"!EXPORT_VAR_AS_FUNCTION",@current_platforms).":" + .join(',',@current_algorithms).";"; + $def .= "OPENSSL_EXTERN int $2_it;"; + $def .= + "#INFO:" + .join(',',@current_platforms).":" + .join(',',@current_algorithms).";"; + # Variant for platforms that have to + # access globale variables in shared + # libraries through functions + &$make_variant("$2_it","$2_it", + "EXPORT_VAR_AS_FUNCTION", + "FUNCTION"); + next; + } elsif (/^\s*DECLARE_ASN1_ITEM\s*\(\s*(\w*)\s*\)/) { + # Variant for platforms that do not + # have to access globale variables + # in shared libraries through functions + $def .= + "#INFO:" + .join(',',"!EXPORT_VAR_AS_FUNCTION",@current_platforms).":" + .join(',',@current_algorithms).";"; + $def .= "OPENSSL_EXTERN int $1_it;"; + $def .= + "#INFO:" + .join(',',@current_platforms).":" + .join(',',@current_algorithms).";"; + # Variant for platforms that have to + # access globale variables in shared + # libraries through functions + &$make_variant("$1_it","$1_it", + "EXPORT_VAR_AS_FUNCTION", + "FUNCTION"); + next; + } elsif (/^\s*DECLARE_ASN1_SET_OF\s*\(\s*(\w*)\s*\)/) { + next; + } elsif (/^\s*DECLARE_PKCS12_STACK_OF\s*\(\s*(\w*)\s*\)/) { + next; + } elsif (/^DECLARE_PEM_rw\s*\(\s*(\w*)\s*,/ || + /^DECLARE_PEM_rw_cb\s*\(\s*(\w*)\s*,/ ) { + # Things not in Win16 + $def .= + "#INFO:" + .join(',',"!WIN16",@current_platforms).":" + .join(',',@current_algorithms).";"; + $def .= "int PEM_read_$1(void);"; + $def .= "int PEM_write_$1(void);"; + $def .= + "#INFO:" + .join(',',@current_platforms).":" + .join(',',@current_algorithms).";"; + # Things that are everywhere + $def .= "int PEM_read_bio_$1(void);"; + $def .= "int PEM_write_bio_$1(void);"; + next; + } elsif (/^DECLARE_PEM_write\s*\(\s*(\w*)\s*,/ || + /^DECLARE_PEM_write_cb\s*\(\s*(\w*)\s*,/ ) { + # Things not in Win16 + $def .= + "#INFO:" + .join(',',"!WIN16",@current_platforms).":" + .join(',',@current_algorithms).";"; + $def .= "int PEM_write_$1(void);"; + $def .= + "#INFO:" + .join(',',@current_platforms).":" + .join(',',@current_algorithms).";"; + # Things that are everywhere + $def .= "int PEM_write_bio_$1(void);"; + next; + } elsif (/^DECLARE_PEM_read\s*\(\s*(\w*)\s*,/ || + /^DECLARE_PEM_read_cb\s*\(\s*(\w*)\s*,/ ) { + # Things not in Win16 + $def .= + "#INFO:" + .join(',',"!WIN16",@current_platforms).":" + .join(',',@current_algorithms).";"; + $def .= "int PEM_read_$1(void);"; + $def .= + "#INFO:" + .join(',',@current_platforms).":" + .join(',',@current_algorithms).";"; + # Things that are everywhere + $def .= "int PEM_read_bio_$1(void);"; + next; + } elsif (/^OPENSSL_DECLARE_GLOBAL\s*\(\s*(\w*)\s*,\s*(\w*)\s*\)/) { + # Variant for platforms that do not + # have to access globale variables + # in shared libraries through functions + $def .= + "#INFO:" + .join(',',"!EXPORT_VAR_AS_FUNCTION",@current_platforms).":" + .join(',',@current_algorithms).";"; + $def .= "OPENSSL_EXTERN int _shadow_$2;"; + $def .= + "#INFO:" + .join(',',@current_platforms).":" + .join(',',@current_algorithms).";"; + # Variant for platforms that have to + # access globale variables in shared + # libraries through functions + &$make_variant("_shadow_$2","_shadow_$2", + "EXPORT_VAR_AS_FUNCTION", + "FUNCTION"); + } elsif ($tag{'CONST_STRICT'} != 1) { + if (/\{|\/\*|\([^\)]*$/) { + $line = $_; + } else { + $def .= $_; + } } - elsif (/^\#\s*else/) - { - $t=$tag[$#tag]; - $tag{$t}= -$tag{$t}; + } + } + close(IN); + + my $algs; + my $plays; + + print STDERR "DEBUG: postprocessing ----------\n" if $debug; + foreach (split /;/, $def) { + my $s; my $k = "FUNCTION"; my $p; my $a; + s/^[\n\s]*//g; + s/[\n\s]*$//g; + next if(/\#undef/); + next if(/typedef\W/); + next if(/\#define/); + + print STDERR "DEBUG: \$_ = \"$_\"\n" if $debug; + if (/^\#INFO:([^:]*):(.*)$/) { + $plats = $1; + $algs = $2; + print STDERR "DEBUG: found info on platforms ($plats) and algorithms ($algs)\n" if $debug; + next; + } elsif (/^\s*OPENSSL_EXTERN\s.*?(\w+(\{[0-9]+\})?)(\[[0-9]*\])*\s*$/) { + $s = $1; + $k = "VARIABLE"; + print STDERR "DEBUG: found external variable $s\n" if $debug; + } elsif (/\(\*(\w*(\{[0-9]+\})?)\([^\)]+/) { + $s = $1; + print STDERR "DEBUG: found ANSI C function $s\n" if $debug; + } elsif (/\w+\W+(\w+)\W*\(\s*\)$/s) { + # K&R C + print STDERR "DEBUG: found K&R C function $s\n" if $debug; next; + } elsif (/\w+\W+\w+(\{[0-9]+\})?\W*\(.*\)$/s) { + while (not /\(\)$/s) { + s/[^\(\)]*\)$/\)/s; + s/\([^\(\)]*\)\)$/\)/s; } -#printf STDERR "$_\n%2d %2d %2d %2d %2d $NT\n", -#$tag{'NOPROTO'},$tag{'FreeBSD'},$tag{'WIN16'},$tag{'PERL5'},$tag{'NO_FP_API'}; - - $t=undef; - if (/^extern .*;$/) - { $t=&do_extern($name,$_); } - elsif ( ($tag{'NOPROTO'} == 1) && - ($tag{'FreeBSD'} != 1) && - (($NT && ($tag{'WIN16'} != 1)) || - (!$NT && ($tag{'WIN16'} != -1))) && - ($tag{'PERL5'} != 1) && -# ($tag{'_WINDLL'} != -1) && - ((!$NT && $tag{'_WINDLL'} != -1) || - ($NT && $tag{'_WINDLL'} != 1)) && - ((($tag{'NO_FP_API'} != 1) && $NT) || - (($tag{'NO_FP_API'} != -1) && !$NT))) - { $t=&do_line($name,$_); } - else - { $t=undef; } - if (($t ne undef) && (!$done{$name,$t})) - { - $done{$name,$t}++; - push(@ret,$t); -#printf STDERR "one:$t\n" if $t =~ /BIO_/; + s/\(void\)//; + /(\w+(\{[0-9]+\})?)\W*\(\)/s; + $s = $1; + print STDERR "DEBUG: found function $s\n" if $debug; + } elsif (/\(/ and not (/=/)) { + print STDERR "File $file: cannot parse: $_;\n"; + next; + } else { + next; + } + + $syms{$s} = 1; + $kind{$s} = $k; + + $p = $plats; + $a = $algs; + $a .= ",BF" if($s =~ /EVP_bf/); + $a .= ",CAST" if($s =~ /EVP_cast/); + $a .= ",DES" if($s =~ /EVP_des/); + $a .= ",DSA" if($s =~ /EVP_dss/); + $a .= ",IDEA" if($s =~ /EVP_idea/); + $a .= ",MD2" if($s =~ /EVP_md2/); + $a .= ",MD4" if($s =~ /EVP_md4/); + $a .= ",MD5" if($s =~ /EVP_md5/); + $a .= ",RC2" if($s =~ /EVP_rc2/); + $a .= ",RC4" if($s =~ /EVP_rc4/); + $a .= ",RC5" if($s =~ /EVP_rc5/); + $a .= ",RIPEMD" if($s =~ /EVP_ripemd/); + $a .= ",SHA" if($s =~ /EVP_sha/); + $a .= ",RSA" if($s =~ /EVP_(Open|Seal)(Final|Init)/); + $a .= ",RSA" if($s =~ /PEM_Seal(Final|Init|Update)/); + $a .= ",RSA" if($s =~ /RSAPrivateKey/); + $a .= ",RSA" if($s =~ /SSLv23?_((client|server)_)?method/); + + $platform{$s} = + &reduce_platforms((defined($platform{$s})?$platform{$s}.',':"").$p); + $algorithm{$s} .= ','.$a; + + if (defined($variant{$s})) { + foreach $v (split /;/,$variant{$s}) { + (my $r, my $p, my $k) = split(/:/,$v); + my $ip = join ',',map({ /^!(.*)$/ ? $1 : "!".$_ } split /,/, $p); + $syms{$r} = 1; + if (!defined($k)) { $k = $kind{$s}; } + $kind{$r} = $k."(".$s.")"; + $algorithm{$r} = $algorithm{$s}; + $platform{$r} = &reduce_platforms($platform{$s}.",".$p.",".$p); + $platform{$s} = &reduce_platforms($platform{$s}.','.$ip.','.$ip); + print STDERR "DEBUG: \$variant{\"$s\"} = ",$v,"; \$r = $r; \$p = ",$platform{$r},"; \$a = ",$algorithm{$r},"; \$kind = ",$kind{$r},"\n" if $debug; } } - close(IN); + print STDERR "DEBUG: \$s = $s; \$p = ",$platform{$s},"; \$a = ",$algorithm{$s},"; \$kind = ",$kind{$s},"\n" if $debug; } + } + + # Prune the returned symbols + + delete $syms{"bn_dump1"}; + $platform{"BIO_s_log"} .= ",!WIN32,!WIN16,!macintosh"; + + $platform{"PEM_read_NS_CERT_SEQ"} = "VMS"; + $platform{"PEM_write_NS_CERT_SEQ"} = "VMS"; + $platform{"PEM_read_P8_PRIV_KEY_INFO"} = "VMS"; + $platform{"PEM_write_P8_PRIV_KEY_INFO"} = "VMS"; + + # Info we know about + + push @ret, map { $_."\\".&info_string($_,"EXIST", + $platform{$_}, + $kind{$_}, + $algorithm{$_}) } keys %syms; + + if (keys %unknown_algorithms) { + print STDERR "WARNING: mkdef.pl doesn't know the following algorithms:\n"; + print STDERR "\t",join("\n\t",keys %unknown_algorithms),"\n"; + } return(@ret); +} + +# Param: string of comma-separated platform-specs. +sub reduce_platforms +{ + my ($platforms) = @_; + my $pl = defined($platforms) ? $platforms : ""; + my %p = map { $_ => 0 } split /,/, $pl; + my $ret; + + print STDERR "DEBUG: Entered reduce_platforms with \"$platforms\"\n" + if $debug; + # We do this, because if there's code like the following, it really + # means the function exists in all cases and should therefore be + # everywhere. By increasing and decreasing, we may attain 0: + # + # ifndef WIN16 + # int foo(); + # else + # int _fat foo(); + # endif + foreach $platform (split /,/, $pl) { + if ($platform =~ /^!(.*)$/) { + $p{$1}--; + } else { + $p{$platform}++; + } + } + foreach $platform (keys %p) { + if ($p{$platform} == 0) { delete $p{$platform}; } } -sub do_line - { - local($file,$_)=@_; - local($n); - - return(undef) if /^$/; - return(undef) if /^\s/; -#printf STDERR "two:$_\n" if $_ =~ /BIO_/; - if (/(CRYPTO_get_locking_callback)/) - { return($1); } - elsif (/(CRYPTO_get_id_callback)/) - { return($1); } - elsif (/(CRYPTO_get_add_lock_callback)/) - { return($1); } - elsif (/(SSL_CTX_get_verify_callback)/) - { return($1); } - elsif (/(SSL_get_info_callback)/) - { return($1); } - elsif ((!$NT) && /(ERR_load_CRYPTO_strings)/) - { return("ERR_load_CRYPTOlib_strings"); } - elsif (!$NT && /BIO_s_file/) - { return(undef); } - elsif (!$NT && /BIO_new_file/) - { return(undef); } - elsif (!$NT && /BIO_new_fp/) - { return(undef); } - elsif ($NT && /BIO_s_file_internal/) - { return(undef); } - elsif ($NT && /BIO_new_file_internal/) - { return(undef); } - elsif ($NT && /BIO_new_fp_internal/) - { return(undef); } - else - { - /\s\**(\S+)\s*\(/; - return($1); + delete $p{""}; + + $ret = join(',',sort(map { $p{$_} < 0 ? "!".$_ : $_ } keys %p)); + print STDERR "DEBUG: Exiting reduce_platforms with \"$ret\"\n" + if $debug; + return $ret; +} + +sub info_string { + (my $symbol, my $exist, my $platforms, my $kind, my $algorithms) = @_; + + my %a = defined($algorithms) ? + map { $_ => 1 } split /,/, $algorithms : (); + my $k = defined($kind) ? $kind : "FUNCTION"; + my $ret; + my $p = &reduce_platforms($platforms); + + delete $a{""}; + + $ret = $exist; + $ret .= ":".$p; + $ret .= ":".$k; + $ret .= ":".join(',',sort keys %a); + return $ret; +} + +sub maybe_add_info { + (my $name, *nums, my @symbols) = @_; + my $sym; + my $new_info = 0; + my %syms=(); + + print STDERR "Updating $name info\n"; + foreach $sym (@symbols) { + (my $s, my $i) = split /\\/, $sym; + if (defined($nums{$s})) { + $i =~ s/^(.*?:.*?:\w+)(\(\w+\))?/$1/; + (my $n, my $dummy) = split /\\/, $nums{$s}; + if (!defined($dummy) || $i ne $dummy) { + $nums{$s} = $n."\\".$i; + $new_info++; + print STDERR "DEBUG: maybe_add_info for $s: \"$dummy\" => \"$i\"\n" if $debug; + } } + $syms{$s} = 1; } -sub do_extern + my @s=sort { &parse_number($nums{$a},"n") <=> &parse_number($nums{$b},"n") } keys %nums; + foreach $sym (@s) { + (my $n, my $i) = split /\\/, $nums{$sym}; + if (!defined($syms{$sym}) && $i !~ /^NOEXIST:/) { + $new_info++; + print STDERR "DEBUG: maybe_add_info for $sym: -> undefined\n" if $debug; + } + } + if ($new_info) { + print STDERR "$new_info old symbols got an info update\n"; + if (!$do_rewrite) { + print STDERR "You should do a rewrite to fix this.\n"; + } + } else { + print STDERR "No old symbols needed info update\n"; + } +} + +# Param: string of comma-separated keywords, each possibly prefixed with a "!" +sub is_valid +{ + my ($keywords_txt,$platforms) = @_; + my (@keywords) = split /,/,$keywords_txt; + my ($falsesum, $truesum) = (0, !grep(/^[^!]/,@keywords)); + + # Param: one keyword + sub recognise { - local($file,$_)=@_; - local($n); + my ($keyword,$platforms) = @_; - /\s\**(\S+);$/; - return($1); + if ($platforms) { + # platforms + if ($keyword eq "VMS" && $VMS) { return 1; } + if ($keyword eq "WIN32" && $W32) { return 1; } + if ($keyword eq "WIN16" && $W16) { return 1; } + if ($keyword eq "WINNT" && $NT) { return 1; } + # Special platforms: + # EXPORT_VAR_AS_FUNCTION means that global variables + # will be represented as functions. This currently + # only happens on VMS-VAX. + if ($keyword eq "EXPORT_VAR_AS_FUNCTION" && ($VMSVAX || $W32 || $W16)) { + return 1; + } + return 0; + } else { + # algorithms + if ($keyword eq "RC2" && $no_rc2) { return 0; } + if ($keyword eq "RC4" && $no_rc4) { return 0; } + if ($keyword eq "RC5" && $no_rc5) { return 0; } + if ($keyword eq "IDEA" && $no_idea) { return 0; } + if ($keyword eq "DES" && $no_des) { return 0; } + if ($keyword eq "BF" && $no_bf) { return 0; } + if ($keyword eq "CAST" && $no_cast) { return 0; } + if ($keyword eq "MD2" && $no_md2) { return 0; } + if ($keyword eq "MD4" && $no_md4) { return 0; } + if ($keyword eq "MD5" && $no_md5) { return 0; } + if ($keyword eq "SHA" && $no_sha) { return 0; } + if ($keyword eq "RIPEMD" && $no_ripemd) { return 0; } + if ($keyword eq "MDC2" && $no_mdc2) { return 0; } + if ($keyword eq "RSA" && $no_rsa) { return 0; } + if ($keyword eq "DSA" && $no_dsa) { return 0; } + if ($keyword eq "DH" && $no_dh) { return 0; } + if ($keyword eq "EC" && $no_ec) { return 0; } + if ($keyword eq "HMAC" && $no_hmac) { return 0; } + if ($keyword eq "AES" && $no_aes) { return 0; } + if ($keyword eq "EVP" && $no_evp) { return 0; } + if ($keyword eq "LHASH" && $no_lhash) { return 0; } + if ($keyword eq "STACK" && $no_stack) { return 0; } + if ($keyword eq "ERR" && $no_err) { return 0; } + if ($keyword eq "BUFFER" && $no_buffer) { return 0; } + if ($keyword eq "BIO" && $no_bio) { return 0; } + if ($keyword eq "COMP" && $no_comp) { return 0; } + if ($keyword eq "DSO" && $no_dso) { return 0; } + if ($keyword eq "KRB5" && $no_krb5) { return 0; } + if ($keyword eq "FP_API" && $no_fp_api) { return 0; } + + # Nothing recognise as true + return 1; + } + } + + foreach $k (@keywords) { + if ($k =~ /^!(.*)$/) { + $falsesum += &recognise($1,$platforms); + } else { + $truesum += &recognise($k,$platforms); + } } + print STDERR "DEBUG: [",$#keywords,",",$#keywords < 0,"] is_valid($keywords_txt) => (\!$falsesum) && $truesum = ",(!$falsesum) && $truesum,"\n" if $debug; + return (!$falsesum) && $truesum; +} + +sub print_test_file +{ + (*OUT,my $name,*nums,my $testall,my @symbols)=@_; + my $n = 1; my @e; my @r; + my $sym; my $prev = ""; my $prefSSLeay; + + (@e)=grep(/^SSLeay(\{[0-9]+\})?\\.*?:.*?:.*/,@symbols); + (@r)=grep(/^\w+(\{[0-9]+\})?\\.*?:.*?:.*/ && !/^SSLeay(\{[0-9]+\})?\\.*?:.*?:.*/,@symbols); + @symbols=((sort @e),(sort @r)); + + foreach $sym (@symbols) { + (my $s, my $i) = $sym =~ /^(.*?)\\(.*)$/; + my $v = 0; + $v = 1 if $i=~ /^.*?:.*?:VARIABLE/; + my $p = ($i =~ /^[^:]*:([^:]*):/,$1); + my $a = ($i =~ /^[^:]*:[^:]*:[^:]*:([^:]*)/,$1); + if (!defined($nums{$s})) { + print STDERR "Warning: $s does not have a number assigned\n" + if(!$do_update); + } elsif (is_valid($p,1) && is_valid($a,0)) { + my $s2 = ($s =~ /^(.*?)(\{[0-9]+\})?$/, $1); + if ($prev eq $s2) { + print OUT "\t/* The following has already appeared previously */\n"; + print STDERR "Warning: Symbol '",$s2,"' redefined. old=",($nums{$prev} =~ /^(.*?)\\/,$1),", new=",($nums{$s2} =~ /^(.*?)\\/,$1),"\n"; + } + $prev = $s2; # To warn about duplicates... + + ($nn,$ni)=($nums{$s2} =~ /^(.*?)\\(.*)$/); + if ($v) { + print OUT "\textern int $s2; /* type unknown */ /* $nn $ni */\n"; + } else { + print OUT "\textern int $s2(); /* type unknown */ /* $nn $ni */\n"; + } + } + } +} sub print_def_file - { - local(*OUT,$name,*nums,@functions)=@_; - local($n)=1; +{ + (*OUT,my $name,*nums,my @symbols)=@_; + my $n = 1; my @e; my @r; my @v; my $prev=""; - if ($NT) + if ($W32) { $name.="32"; } else { $name.="16"; } print OUT <<"EOF"; ; -; Definition file for the DDL version of the $name library from SSLeay +; Definition file for the DLL version of the $name library from OpenSSL ; LIBRARY $name -DESCRIPTION 'SSLeay $name - eay\@cryptsoft.com' +DESCRIPTION 'OpenSSL $name - http://www.openssl.org/' EOF - if (!$NT) - { + if (!$W32) { print <<"EOF"; CODE PRELOAD MOVEABLE DATA PRELOAD MOVEABLE SINGLE @@ -249,44 +1120,219 @@ HEAPSIZE 4096 STACKSIZE 8192 EOF - } + } print "EXPORTS\n"; + (@e)=grep(/^SSLeay(\{[0-9]+\})?\\.*?:.*?:FUNCTION/,@symbols); + (@r)=grep(/^\w+(\{[0-9]+\})?\\.*?:.*?:FUNCTION/ && !/^SSLeay(\{[0-9]+\})?\\.*?:.*?:FUNCTION/,@symbols); + (@v)=grep(/^\w+(\{[0-9]+\})?\\.*?:.*?:VARIABLE/,@symbols); + @symbols=((sort @e),(sort @r), (sort @v)); - (@e)=grep(/^SSLeay/,@functions); - (@r)=grep(!/^SSLeay/,@functions); - @functions=((sort @e),(sort @r)); - foreach $func (@functions) - { - if (!defined($nums{$func})) - { - printf STDERR "$func does not have a number assigned\n"; - } - else - { - $n=$nums{$func}; - printf OUT " %s%-35s@%d\n",($NT)?"":"_",$func,$n; + foreach $sym (@symbols) { + (my $s, my $i) = $sym =~ /^(.*?)\\(.*)$/; + my $v = 0; + $v = 1 if $i =~ /^.*?:.*?:VARIABLE/; + if (!defined($nums{$s})) { + printf STDERR "Warning: $s does not have a number assigned\n" + if(!$do_update); + } else { + (my $n, my $dummy) = split /\\/, $nums{$s}; + my %pf = (); + my $p = ($i =~ /^[^:]*:([^:]*):/,$1); + my $a = ($i =~ /^[^:]*:[^:]*:[^:]*:([^:]*)/,$1); + if (is_valid($p,1) && is_valid($a,0)) { + my $s2 = ($s =~ /^(.*?)(\{[0-9]+\})?$/, $1); + if ($prev eq $s2) { + print STDERR "Warning: Symbol '",$s2,"' redefined. old=",($nums{$prev} =~ /^(.*?)\\/,$1),", new=",($nums{$s2} =~ /^(.*?)\\/,$1),"\n"; + } + $prev = $s2; # To warn about duplicates... + if($v) { + printf OUT " %s%-39s @%-8d DATA\n",($W32)?"":"_",$s2,$n; + } else { + printf OUT " %s%-39s @%d\n",($W32)?"":"_",$s2,$n; + } } } - printf OUT "\n"; } + printf OUT "\n"; +} sub load_numbers - { - local($name)=@_; - local($j,@a,%ret); +{ + my($name)=@_; + my(@a,%ret); + + $max_num = 0; + $num_noinfo = 0; + $prev = ""; + $prev_cnt = 0; open(IN,"<$name") || die "unable to open $name:$!\n"; - while () - { + while () { chop; s/#.*$//; next if /^\s*$/; @a=split; - $ret{$a[0]}=$a[1]; + if (defined $ret{$a[0]}) { + # This is actually perfectly OK + #print STDERR "Warning: Symbol '",$a[0],"' redefined. old=",$ret{$a[0]},", new=",$a[1],"\n"; } + if ($max_num > $a[1]) { + print STDERR "Warning: Number decreased from ",$max_num," to ",$a[1],"\n"; + } + elsif ($max_num == $a[1]) { + # This is actually perfectly OK + #print STDERR "Warning: Symbol ",$a[0]," has same number as previous ",$prev,": ",$a[1],"\n"; + if ($a[0] eq $prev) { + $prev_cnt++; + $a[0] .= "{$prev_cnt}"; + } + } + else { + $prev_cnt = 0; + } + if ($#a < 2) { + # Existence will be proven later, in do_defs + $ret{$a[0]}=$a[1]; + $num_noinfo++; + } else { + $ret{$a[0]}=$a[1]."\\".$a[2]; # \\ is a special marker + } + $max_num = $a[1] if $a[1] > $max_num; + $prev=$a[0]; + } + if ($num_noinfo) { + print STDERR "Warning: $num_noinfo symbols were without info."; + if ($do_rewrite) { + printf STDERR " The rewrite will fix this.\n"; + } else { + printf STDERR " You should do a rewrite to fix this.\n"; + } + } close(IN); return(%ret); +} + +sub parse_number +{ + (my $str, my $what) = @_; + (my $n, my $i) = split(/\\/,$str); + if ($what eq "n") { + return $n; + } else { + return $i; + } +} + +sub rewrite_numbers +{ + (*OUT,$name,*nums,@symbols)=@_; + my $thing; + + print STDERR "Rewriting $name\n"; + + my @r = grep(/^\w+(\{[0-9]+\})?\\.*?:.*?:\w+\(\w+\)/,@symbols); + my $r; my %r; my %rsyms; + foreach $r (@r) { + (my $s, my $i) = split /\\/, $r; + my $a = $1 if $i =~ /^.*?:.*?:\w+\((\w+)\)/; + $i =~ s/^(.*?:.*?:\w+)\(\w+\)/$1/; + $r{$a} = $s."\\".$i; + $rsyms{$s} = 1; + } + + my %syms = (); + foreach $_ (@symbols) { + (my $n, my $i) = split /\\/; + $syms{$n} = 1; + } + + my @s=sort { + &parse_number($nums{$a},"n") <=> &parse_number($nums{$b},"n") + || $a cmp $b + } keys %nums; + foreach $sym (@s) { + (my $n, my $i) = split /\\/, $nums{$sym}; + next if defined($i) && $i =~ /^.*?:.*?:\w+\(\w+\)/; + next if defined($rsyms{$sym}); + print STDERR "DEBUG: rewrite_numbers for sym = ",$sym,": i = ",$i,", n = ",$n,", rsym{sym} = ",$rsyms{$sym},"syms{sym} = ",$syms{$sym},"\n" if $debug; + $i="NOEXIST::FUNCTION:" + if !defined($i) || $i eq "" || !defined($syms{$sym}); + my $s2 = $sym; + $s2 =~ s/\{[0-9]+\}$//; + printf OUT "%s%-39s %d\t%s\n","",$s2,$n,$i; + if (exists $r{$sym}) { + (my $s, $i) = split /\\/,$r{$sym}; + my $s2 = $s; + $s2 =~ s/\{[0-9]+\}$//; + printf OUT "%s%-39s %d\t%s\n","",$s2,$n,$i; + } + } +} + +sub update_numbers +{ + (*OUT,$name,*nums,my $start_num, my @symbols)=@_; + my $new_syms = 0; + + print STDERR "Updating $name numbers\n"; + + my @r = grep(/^\w+(\{[0-9]+\})?\\.*?:.*?:\w+\(\w+\)/,@symbols); + my $r; my %r; my %rsyms; + foreach $r (@r) { + (my $s, my $i) = split /\\/, $r; + my $a = $1 if $i =~ /^.*?:.*?:\w+\((\w+)\)/; + $i =~ s/^(.*?:.*?:\w+)\(\w+\)/$1/; + $r{$a} = $s."\\".$i; + $rsyms{$s} = 1; } + + foreach $sym (@symbols) { + (my $s, my $i) = $sym =~ /^(.*?)\\(.*)$/; + next if $i =~ /^.*?:.*?:\w+\(\w+\)/; + next if defined($rsyms{$sym}); + die "ERROR: Symbol $sym had no info attached to it." + if $i eq ""; + if (!exists $nums{$s}) { + $new_syms++; + my $s2 = $s; + $s2 =~ s/\{[0-9]+\}$//; + printf OUT "%s%-39s %d\t%s\n","",$s2, ++$start_num,$i; + if (exists $r{$s}) { + ($s, $i) = split /\\/,$r{$s}; + $s =~ s/\{[0-9]+\}$//; + printf OUT "%s%-39s %d\t%s\n","",$s, $start_num,$i; + } + } + } + if($new_syms) { + print STDERR "$new_syms New symbols added\n"; + } else { + print STDERR "No New symbols Added\n"; + } +} + +sub check_existing +{ + (*nums, my @symbols)=@_; + my %existing; my @remaining; + @remaining=(); + foreach $sym (@symbols) { + (my $s, my $i) = $sym =~ /^(.*?)\\(.*)$/; + $existing{$s}=1; + } + foreach $sym (keys %nums) { + if (!exists $existing{$sym}) { + push @remaining, $sym; + } + } + if(@remaining) { + print STDERR "The following symbols do not seem to exist:\n"; + foreach $sym (@remaining) { + print STDERR "\t",$sym,"\n"; + } + } +} + diff --git a/src/lib/libcrypto/util/mkfiles.pl b/src/lib/libcrypto/util/mkfiles.pl index 6fa424bd19..29e1404c69 100644 --- a/src/lib/libcrypto/util/mkfiles.pl +++ b/src/lib/libcrypto/util/mkfiles.pl @@ -10,6 +10,7 @@ my @dirs = ( ".", "crypto", "crypto/md2", +"crypto/md4", "crypto/md5", "crypto/sha", "crypto/mdc2", @@ -22,10 +23,13 @@ my @dirs = ( "crypto/idea", "crypto/bf", "crypto/cast", +"crypto/aes", "crypto/bn", "crypto/rsa", "crypto/dsa", +"crypto/dso", "crypto/dh", +"crypto/ec", "crypto/buffer", "crypto/bio", "crypto/stack", @@ -43,8 +47,11 @@ my @dirs = ( "crypto/pkcs7", "crypto/pkcs12", "crypto/comp", +"crypto/engine", +"crypto/ocsp", +"crypto/ui", +"crypto/krb5", "ssl", -"rsaref", "apps", "test", "tools" diff --git a/src/lib/libcrypto/util/mklink.pl b/src/lib/libcrypto/util/mklink.pl index de555820ec..9e9c9a5146 100644 --- a/src/lib/libcrypto/util/mklink.pl +++ b/src/lib/libcrypto/util/mklink.pl @@ -48,8 +48,13 @@ foreach $dirname (@from_path) { my $to = join('/', @to_path); my $file; +$symlink_exists=eval {symlink("",""); 1}; foreach $file (@files) { -# print "ln -s $to/$file $from/$file\n"; - symlink("$to/$file", "$from/$file"); - print $file . " => $from/$file\n"; + my $err = ""; + if ($symlink_exists) { + symlink("$to/$file", "$from/$file") or $err = " [$!]"; + } else { + system ("cp", "$file", "$from/$file") and $err = " [$!]"; + } + print $file . " => $from/$file$err\n"; } diff --git a/src/lib/libcrypto/util/perlpath.pl b/src/lib/libcrypto/util/perlpath.pl index 9e57e10ad4..a1f236bd98 100644 --- a/src/lib/libcrypto/util/perlpath.pl +++ b/src/lib/libcrypto/util/perlpath.pl @@ -1,4 +1,4 @@ -#!/usr/bin/perl +#!/usr/local/bin/perl # # modify the '#!/usr/local/bin/perl' # line in all scripts that rely on perl. @@ -17,7 +17,12 @@ sub wanted @a=; close(IN); - $a[0]="#!$ARGV[0]/perl\n"; + if (-d $ARGV[0]) { + $a[0]="#!$ARGV[0]/perl\n"; + } + else { + $a[0]="#!$ARGV[0]\n"; + } # Playing it safe... $new="$_.new"; diff --git a/src/lib/libcrypto/util/pl/BC-16.pl b/src/lib/libcrypto/util/pl/BC-16.pl index 7c3fdb68f4..2033f524ca 100644 --- a/src/lib/libcrypto/util/pl/BC-16.pl +++ b/src/lib/libcrypto/util/pl/BC-16.pl @@ -1,4 +1,4 @@ -#!/usr/bin/perl +#!/usr/local/bin/perl # VCw16lib.pl - the file for Visual C++ 1.52b for windows, static libraries # @@ -21,14 +21,14 @@ $lflags="$base_lflags"; if ($win16) { $shlib=1; - $cflags.=" -DWINDOWS -DWIN16"; + $cflags.=" -DOPENSSL_SYSNAME_WIN16"; $app_cflag="-W"; $lib_cflag="-WD"; $lflags.="/Twe"; } else { - $cflags.=" -DMSDOS"; + $cflags.=" -DOENSSL_SYSNAME_MSDOS"; $lflags.=" /Tde"; } @@ -66,18 +66,18 @@ $asm='bcc -c -B -Tml'; $afile='/o'; if ($no_asm) { - $bn_mulw_obj=''; - $bn_mulw_src=''; + $bn_asm_obj=''; + $bn_asm_src=''; } elsif ($asmbits == 32) { - $bn_mulw_obj='crypto\bn\asm\x86w32.obj'; - $bn_mulw_src='crypto\bn\asm\x86w32.asm'; + $bn_asm_obj='crypto\bn\asm\x86w32.obj'; + $bn_asm_src='crypto\bn\asm\x86w32.asm'; } else { - $bn_mulw_obj='crypto\bn\asm\x86w16.obj'; - $bn_mulw_src='crypto\bn\asm\x86w16.asm'; + $bn_asm_obj='crypto\bn\asm\x86w16.obj'; + $bn_asm_src='crypto\bn\asm\x86w16.asm'; } sub do_lib_rule diff --git a/src/lib/libcrypto/util/pl/BC-32.pl b/src/lib/libcrypto/util/pl/BC-32.pl index 3898d16f61..78d60616a6 100644 --- a/src/lib/libcrypto/util/pl/BC-32.pl +++ b/src/lib/libcrypto/util/pl/BC-32.pl @@ -1,102 +1,120 @@ -#!/usr/bin/perl -# VCw16lib.pl - the file for Visual C++ 1.52b for windows, static libraries +#!/usr/local/bin/perl +# Borland C++ builder 3 and 4 -- Janez Jere # +$ssl= "ssleay32"; +$crypto="libeay32"; + $o='\\'; $cp='copy'; $rm='del'; # C compiler stuff $cc='bcc32'; - +$lflags="-ap -Tpe -x -Gn "; +$mlflags=''; + +$out_def="out32"; +$tmp_def="tmp32"; +$inc_def="inc32"; +#enable max error messages, disable most common warnings +$cflags="-DWIN32_LEAN_AND_MEAN -q -w-aus -w-par -w-inl -c -tWC -tWM -DOPENSSL_SYSNAME_WIN32 -DL_ENDIAN -DDSO_WIN32 "; if ($debug) - { $op="-v "; } -else { $op="-O "; } - -$cflags="-d $op -DL_ENDIAN "; -# I add the stack opt -$base_lflags="-c"; -$lflags="$base_lflags"; - -$cflags.=" -DWINDOWS -DWIN32"; -$app_cflag="-WC"; -$lib_cflag="-WC"; -$lflags.=" -Tpe"; - -if ($shlib) - { - $mlflags="$base_lflags -Tpe"; # stack if defined in .def file - $libs="libw ldllcew"; - } +{ + $cflags.="-Od -y -v -vi- -D_DEBUG"; + $mlflags.=' '; +} else - { $mlflags=''; } +{ + $cflags.="-O2 -ff -fp"; +} $obj='.obj'; $ofile="-o"; # EXE linking stuff -$link="tlink32"; +$link="ilink32"; $efile=""; $exep='.exe'; -$ex_libs="CW32.LIB IMPORT32.LIB"; -$ex_libs.=$no_sock?"":" wsock32.lib"; -$shlib_ex_obj="" if $shlib; -$app_ex_obj="C0X32.OBJ"; +if ($no_sock) + { $ex_libs=""; } +else { $ex_libs="cw32mt.lib import32.lib"; } # static library stuff -$mklib='tlib'; +$mklib='tlib /P64'; $ranlib=''; $plib=""; $libp=".lib"; $shlibp=($shlib)?".dll":".lib"; $lfile=''; -$asm='ml /Cp /c /Cx'; +$shlib_ex_obj=""; +$app_ex_obj="c0x32.obj"; + +$asm='n_o_T_a_s_m'; +$asm.=" /Zi" if $debug; $afile='/Fo'; -if ($noasm) + +$bn_mulw_obj=''; +$bn_mulw_src=''; +$des_enc_obj=''; +$des_enc_src=''; +$bf_enc_obj=''; +$bf_enc_src=''; + +if (!$no_asm) { - $bn_mulw_obj=''; - $bn_mulw_src=''; + $bn_mulw_obj='crypto\bn\asm\bn-win32.obj'; + $bn_mulw_src='crypto\bn\asm\bn-win32.asm'; + $des_enc_obj='crypto\des\asm\d-win32.obj crypto\des\asm\y-win32.obj'; + $des_enc_src='crypto\des\asm\d-win32.asm crypto\des\asm\y-win32.asm'; + $bf_enc_obj='crypto\bf\asm\b-win32.obj'; + $bf_enc_src='crypto\bf\asm\b-win32.asm'; + $cast_enc_obj='crypto\cast\asm\c-win32.obj'; + $cast_enc_src='crypto\cast\asm\c-win32.asm'; + $rc4_enc_obj='crypto\rc4\asm\r4-win32.obj'; + $rc4_enc_src='crypto\rc4\asm\r4-win32.asm'; + $rc5_enc_obj='crypto\rc5\asm\r5-win32.obj'; + $rc5_enc_src='crypto\rc5\asm\r5-win32.asm'; + $md5_asm_obj='crypto\md5\asm\m5-win32.obj'; + $md5_asm_src='crypto\md5\asm\m5-win32.asm'; + $sha1_asm_obj='crypto\sha\asm\s1-win32.obj'; + $sha1_asm_src='crypto\sha\asm\s1-win32.asm'; + $rmd160_asm_obj='crypto\ripemd\asm\rm-win32.obj'; + $rmd160_asm_src='crypto\ripemd\asm\rm-win32.asm'; + $cflags.=" -DBN_ASM -DMD5_ASM -DSHA1_ASM -DRMD160_ASM"; } -else + +if ($shlib) { - $bn_mulw_obj='crypto\bn\asm\x86b32.obj'; - $bn_mulw_src='crypto\bn\asm\x86m32.asm'; + $mlflags.=" $lflags /dll"; +# $cflags =~ s| /MD| /MT|; + $lib_cflag=" /GD -D_WINDLL -D_DLL"; + $out_def="out32dll"; + $tmp_def="tmp32dll"; } sub do_lib_rule { - local($target,$name,$shlib)=@_; + local($objs,$target,$name,$shlib)=@_; local($ret,$Name); $taget =~ s/\//$o/g if $o ne '/'; ($Name=$name) =~ tr/a-z/A-Z/; - $ret.="$target: \$(${Name}OBJ)\n"; - $ret.="\t\$(RM) \$(O_$Name)\n"; - - # Due to a pathetic line length limit, I unwrap the args. - local($lib_names)=""; - local($dll_names)=""; - foreach $_ (sort split(/\s+/,$Vars{"${Name}OBJ"})) - { - $lib_names.=" +$_ &\n"; - $dll_names.=" $_\n"; - } - +# $target="\$(LIB_D)$o$target"; + $ret.="$target: $objs\n"; if (!$shlib) { - $ret.="\t\$(MKLIB) $target & <<|\n$lib_names\n,\n|\n"; + # $ret.="\t\$(RM) \$(O_$Name)\n"; + $ret.="\techo LIB $<\n"; + $ret.="\t&\$(MKLIB) $lfile$target -+\$**\n"; } else { - # $(SHLIB_EX_OBJ) - local($ex)=($Name eq "SSL")?' $(L_CRYPTO) winsock':""; - $ret.="\t\$(LINK) \$(MLFLAGS) @&&|\n"; - $ret.=$dll_names; - $ret.="\n $target\n\n $ex $libs\nms$o${name}16.def;\n|\n"; - ($out_lib=$target) =~ s/O_/L_/; - $ret.="\timplib /nowep $out_lib $target\n\n"; + local($ex)=($target =~ /O_SSL/)?' $(L_CRYPTO)':''; + $ex.=' wsock32.lib gdi32.lib'; + $ret.="\t\$(LINK) \$(MLFLAGS) $efile$target /def:ms/${Name}.def @<<\n \$(SHLIB_EX_OBJ) $objs $ex\n<<\n"; } $ret.="\n"; return($ret); @@ -105,30 +123,12 @@ sub do_lib_rule sub do_link_rule { local($target,$files,$dep_libs,$libs)=@_; - local($ret,$f,$_,@f); + local($ret,$_); $file =~ s/\//$o/g if $o ne '/'; $n=&bname($targer); $ret.="$target: $files $dep_libs\n"; - $ret.=" \$(LINK) @&&|"; - - # Due to a pathetic line length limit, I have to unwrap the args. - $r=" \$(LFLAGS) "; - if ($files =~ /\(([^)]*)\)$/) - { - @a=('$(APP_EX_OBJ)'); - push(@a,sort split(/\s+/,$Vars{$1})); - foreach $_ (@a) - { - $ret.="\n $r $_ +"; - $r=""; - } - chop($ret); - $ret.="\n"; - } - else - { $ret.="\n $r \$(APP_EX_OBJ) $files\n"; } - $ret.=" $target\n\n $libs\n\n|\n\n"; + $ret.="\t\$(LINK) \$(LFLAGS) $files \$(APP_EX_OBJ), $target,, $libs\n\n"; return($ret); } diff --git a/src/lib/libcrypto/util/pl/Mingw32.pl b/src/lib/libcrypto/util/pl/Mingw32.pl index 84c2a22db3..45ab685974 100644 --- a/src/lib/libcrypto/util/pl/Mingw32.pl +++ b/src/lib/libcrypto/util/pl/Mingw32.pl @@ -17,9 +17,35 @@ $mkdir='gmkdir'; $cc='gcc'; if ($debug) - { $cflags="-g2 -ggdb"; } + { $cflags="-DL_ENDIAN -DDSO_WIN32 -g2 -ggdb"; } else - { $cflags="-DL_ENDIAN -fomit-frame-pointer -O3 -m486 -Wall"; } + { $cflags="-DL_ENDIAN -DDSO_WIN32 -fomit-frame-pointer -O3 -m486 -Wall"; } + +if ($gaswin and !$no_asm) + { + $bn_asm_obj='$(OBJ_D)/bn-win32.o'; + $bn_asm_src='crypto/bn/asm/bn-win32.s'; + $bnco_asm_obj='$(OBJ_D)/co-win32.o'; + $bnco_asm_src='crypto/bn/asm/co-win32.s'; + $des_enc_obj='$(OBJ_D)/d-win32.o $(OBJ_D)/y-win32.o'; + $des_enc_src='crypto/des/asm/d-win32.s crypto/des/asm/y-win32.s'; + $bf_enc_obj='$(OBJ_D)/b-win32.o'; + $bf_enc_src='crypto/bf/asm/b-win32.s'; +# $cast_enc_obj='$(OBJ_D)/c-win32.o'; +# $cast_enc_src='crypto/cast/asm/c-win32.s'; + $rc4_enc_obj='$(OBJ_D)/r4-win32.o'; + $rc4_enc_src='crypto/rc4/asm/r4-win32.s'; + $rc5_enc_obj='$(OBJ_D)/r5-win32.o'; + $rc5_enc_src='crypto/rc5/asm/r5-win32.s'; + $md5_asm_obj='$(OBJ_D)/m5-win32.o'; + $md5_asm_src='crypto/md5/asm/m5-win32.s'; + $rmd160_asm_obj='$(OBJ_D)/rm-win32.o'; + $rmd160_asm_src='crypto/ripemd/asm/rm-win32.s'; + $sha1_asm_obj='$(OBJ_D)/s1-win32.o'; + $sha1_asm_src='crypto/sha/asm/s1-win32.s'; + $cflags.=" -DBN_ASM -DMD5_ASM -DSHA1_ASM"; + } + $obj='.o'; $ofile='-o '; @@ -42,12 +68,12 @@ $lfile=''; $asm='as'; $afile='-o '; -$bn_asm_obj=""; -$bn_asm_src=""; -$des_enc_obj=""; -$des_enc_src=""; -$bf_enc_obj=""; -$bf_enc_src=""; +#$bn_asm_obj=""; +#$bn_asm_src=""; +#$des_enc_obj=""; +#$des_enc_src=""; +#$bf_enc_obj=""; +#$bf_enc_src=""; sub do_lib_rule { @@ -76,4 +102,3 @@ sub do_link_rule return($ret); } 1; - diff --git a/src/lib/libcrypto/util/pl/VC-16.pl b/src/lib/libcrypto/util/pl/VC-16.pl index a6e6c0241c..7cda5e67a9 100644 --- a/src/lib/libcrypto/util/pl/VC-16.pl +++ b/src/lib/libcrypto/util/pl/VC-16.pl @@ -1,10 +1,9 @@ -#!/usr/bin/perl +#!/usr/local/bin/perl # VCw16lib.pl - the file for Visual C++ 1.52b for windows, static libraries # $ssl= "ssleay16"; $crypto="libeay16"; -$RSAref="RSAref16"; $o='\\'; $cp='copy'; @@ -34,7 +33,7 @@ $lflags="$base_lflags /STACK:20000"; if ($win16) { - $cflags.=" -DWINDOWS -DWIN16"; + $cflags.=" -DOPENSSL_SYSNAME_WIN16"; $app_cflag="/Gw /FPi87"; $lib_cflag="/Gw"; $lib_cflag.=" -D_WINDLL -D_DLL" if $shlib; @@ -84,8 +83,8 @@ $lfile=''; $asm='ml /Cp /c /Cx'; $afile='/Fo'; -$bn_mulw_obj=''; -$bn_mulw_src=''; +$bn_asm_obj=''; +$bn_asm_src=''; $des_enc_obj=''; $des_enc_src=''; $bf_enc_obj=''; @@ -95,13 +94,13 @@ if (!$no_asm) { if ($asmbits == 32) { - $bn_mulw_obj='crypto\bn\asm\x86w32.obj'; - $bn_mulw_src='crypto\bn\asm\x86w32.asm'; + $bn_asm_obj='crypto\bn\asm\x86w32.obj'; + $bn_asm_src='crypto\bn\asm\x86w32.asm'; } else { - $bn_mulw_obj='crypto\bn\asm\x86w16.obj'; - $bn_mulw_src='crypto\bn\asm\x86w16.asm'; + $bn_asm_obj='crypto\bn\asm\x86w16.obj'; + $bn_asm_src='crypto\bn\asm\x86w16.asm'; } } diff --git a/src/lib/libcrypto/util/pl/VC-32.pl b/src/lib/libcrypto/util/pl/VC-32.pl index 701e282c33..50bfb34385 100644 --- a/src/lib/libcrypto/util/pl/VC-32.pl +++ b/src/lib/libcrypto/util/pl/VC-32.pl @@ -1,18 +1,17 @@ -#!/usr/bin/perl +#!/usr/local/bin/perl # VCw32lib.pl - the file for Visual C++ 4.[01] for windows NT, static libraries # $ssl= "ssleay32"; $crypto="libeay32"; -$RSAref="RSAref32"; $o='\\'; -$cp='copy'; +$cp='copy nul+'; # Timestamps get stuffed otherwise $rm='del'; # C compiler stuff $cc='cl'; -$cflags=' /MD /W3 /WX /G5 /Ox /O2 /Ob2 /Gs0 /GF /Gy /nologo -DWIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN'; +$cflags=' /MD /W3 /WX /G5 /Ox /O2 /Ob2 /Gs0 /GF /Gy /nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -DDSO_WIN32'; $lflags="/nologo /subsystem:console /machine:I386 /opt:ref"; $mlflags=''; @@ -22,10 +21,11 @@ $inc_def="inc32"; if ($debug) { - $cflags=" /MDd /W3 /WX /Zi /Yd /Od /nologo -DWINDOWS -DWIN32 -D_DEBUG -DL_ENDIAN"; + $cflags=" /MDd /W3 /WX /Zi /Yd /Od /nologo -DOPENSSL_SYSNAME_WIN32 -D_DEBUG -DL_ENDIAN -DWIN32_LEAN_AND_MEAN -DDEBUG -DDSO_WIN32"; $lflags.=" /debug"; $mlflags.=' /debug'; } +$cflags .= " -DOPENSSL_SYSNAME_WINNT" if $NT == 1; $obj='.obj'; $ofile="/Fo"; @@ -48,13 +48,17 @@ $lfile='/out:'; $shlib_ex_obj=""; $app_ex_obj="setargv.obj"; - -$asm='ml /Cp /coff /c /Cx'; -$asm.=" /Zi" if $debug; -$afile='/Fo'; - -$bn_mulw_obj=''; -$bn_mulw_src=''; +if ($nasm) { + $asm='nasmw -f win32'; + $afile='-o '; +} else { + $asm='ml /Cp /coff /c /Cx'; + $asm.=" /Zi" if $debug; + $afile='/Fo'; +} + +$bn_asm_obj=''; +$bn_asm_src=''; $des_enc_obj=''; $des_enc_src=''; $bf_enc_obj=''; @@ -62,8 +66,8 @@ $bf_enc_src=''; if (!$no_asm) { - $bn_mulw_obj='crypto\bn\asm\bn-win32.obj'; - $bn_mulw_src='crypto\bn\asm\bn-win32.asm'; + $bn_asm_obj='crypto\bn\asm\bn-win32.obj'; + $bn_asm_src='crypto\bn\asm\bn-win32.asm'; $des_enc_obj='crypto\des\asm\d-win32.obj crypto\des\asm\y-win32.obj'; $des_enc_src='crypto\des\asm\d-win32.asm crypto\des\asm\y-win32.asm'; $bf_enc_obj='crypto\bf\asm\b-win32.obj'; @@ -87,11 +91,13 @@ if ($shlib) { $mlflags.=" $lflags /dll"; # $cflags =~ s| /MD| /MT|; - $lib_cflag=" /GD -D_WINDLL -D_DLL"; + $lib_cflag=" -D_WINDLL -D_DLL"; $out_def="out32dll"; $tmp_def="tmp32dll"; } +$cflags.=" /Fd$out_def"; + sub do_lib_rule { local($objs,$target,$name,$shlib)=@_; @@ -105,12 +111,13 @@ sub do_lib_rule if (!$shlib) { # $ret.="\t\$(RM) \$(O_$Name)\n"; - $ret.="\t\$(MKLIB) $lfile$target @<<\n $objs\n<<\n"; + $ex =' advapi32.lib'; + $ret.="\t\$(MKLIB) $lfile$target @<<\n $objs $ex\n<<\n"; } else { local($ex)=($target =~ /O_SSL/)?' $(L_CRYPTO)':''; - $ex.=' wsock32.lib gdi32.lib'; + $ex.=' wsock32.lib gdi32.lib advapi32.lib'; $ret.="\t\$(LINK) \$(MLFLAGS) $efile$target /def:ms/${Name}.def @<<\n \$(SHLIB_EX_OBJ) $objs $ex\n<<\n"; } $ret.="\n"; diff --git a/src/lib/libcrypto/util/pl/linux.pl b/src/lib/libcrypto/util/pl/linux.pl index 2b13da1bfc..8924ed5480 100644 --- a/src/lib/libcrypto/util/pl/linux.pl +++ b/src/lib/libcrypto/util/pl/linux.pl @@ -1,4 +1,4 @@ -#!/usr/bin/perl +#!/usr/local/bin/perl # # linux.pl - the standard unix makefile stuff. # @@ -12,13 +12,17 @@ $rm='/bin/rm -f'; $cc='gcc'; if ($debug) { $cflags="-g2 -ggdb -DREF_CHECK -DCRYPTO_MDEBUG"; } +elsif ($profile) + { $cflags="-pg -O3"; } else { $cflags="-O3 -fomit-frame-pointer"; } if (!$no_asm) { - $bn_mulw_obj='$(OBJ_D)/bn86-elf.o'; - $bn_mulw_src='crypto/bn/asm/bn86unix.cpp'; + $bn_asm_obj='$(OBJ_D)/bn86-elf.o'; + $bn_asm_src='crypto/bn/asm/bn86unix.cpp'; + $bnco_asm_obj='$(OBJ_D)/co86-elf.o'; + $bnco_asm_src='crypto/bn/asm/co86unix.cpp'; $des_enc_obj='$(OBJ_D)/dx86-elf.o $(OBJ_D)/yx86-elf.o'; $des_enc_src='crypto/des/asm/dx86unix.cpp crypto/des/asm/yx86unix.cpp'; $bf_enc_obj='$(OBJ_D)/bx86-elf.o'; @@ -27,8 +31,12 @@ if (!$no_asm) $cast_enc_src='crypto/cast/asm/cx86unix.cpp'; $rc4_enc_obj='$(OBJ_D)/rx86-elf.o'; $rc4_enc_src='crypto/rc4/asm/rx86unix.cpp'; + $rc5_enc_obj='$(OBJ_D)/r586-elf.o'; + $rc5_enc_src='crypto/rc5/asm/r586unix.cpp'; $md5_asm_obj='$(OBJ_D)/mx86-elf.o'; $md5_asm_src='crypto/md5/asm/mx86unix.cpp'; + $rmd160_asm_obj='$(OBJ_D)/rm86-elf.o'; + $rmd160_asm_src='crypto/ripemd/asm/rm86unix.cpp'; $sha1_asm_obj='$(OBJ_D)/sx86-elf.o'; $sha1_asm_src='crypto/sha/asm/sx86unix.cpp'; $cflags.=" -DBN_ASM -DMD5_ASM -DSHA1_ASM"; @@ -51,9 +59,9 @@ sub do_shlib_rule $target =~ s/\//$o/g if $o ne '/'; ($Name=$name) =~ tr/a-z/A-Z/; - $ret.="\$(LIB_D)$o$target: \$(${Name}OBJ)\n"; - $ret.="\t\$(RM) \$(LIB_D)$o$target\n"; - $ret.="\tgcc \${CFLAGS} -shared -Wl,-soname,$target -o \$(LIB_D)$o$target \$(${Name}OBJ)\n"; + $ret.="$target: \$(${Name}OBJ)\n"; + $ret.="\t\$(RM) target\n"; + $ret.="\tgcc \${CFLAGS} -shared -Wl,-soname,$target -o $target \$(${Name}OBJ)\n"; ($t=$target) =~ s/(^.*)\/[^\/]*$/$1/; if ($so_name ne "") { diff --git a/src/lib/libcrypto/util/pl/unix.pl b/src/lib/libcrypto/util/pl/unix.pl index ab4978fd20..146611ad99 100644 --- a/src/lib/libcrypto/util/pl/unix.pl +++ b/src/lib/libcrypto/util/pl/unix.pl @@ -1,4 +1,4 @@ -#!/usr/bin/perl +#!/usr/local/bin/perl # # unix.pl - the standard unix makefile stuff. # @@ -38,7 +38,7 @@ $ex_libs=""; # static library stuff $mklib='ar r'; $mlflags=''; -$ranlib='util/ranlib.sh'; +$ranlib=&which("ranlib") or $ranlib="true"; $plib='lib'; $libp=".a"; $shlibp=".a"; @@ -46,8 +46,8 @@ $lfile=''; $asm='as'; $afile='-o '; -$bn_mulw_obj=""; -$bn_mulw_src=""; +$bn_asm_obj=""; +$bn_asm_src=""; $des_enc_obj=""; $des_enc_src=""; $bf_enc_obj=""; @@ -59,7 +59,7 @@ sub do_lib_rule local($ret,$_,$Name); $target =~ s/\//$o/g if $o ne '/'; - $target="\$(LIB_D)$o$target"; + $target="$target"; ($Name=$name) =~ tr/a-z/A-Z/; $ret.="$target: \$(${Name}OBJ)\n"; @@ -80,4 +80,17 @@ sub do_link_rule return($ret); } +sub which + { + my ($name)=@_; + my $path; + foreach $path (split /:/, $ENV{PATH}) + { + if (-x "$path/$name") + { + return "$path/$name"; + } + } + } + 1; diff --git a/src/lib/libcrypto/util/pod2man.pl b/src/lib/libcrypto/util/pod2man.pl index f5ec0767ed..657e4e264e 100644 --- a/src/lib/libcrypto/util/pod2man.pl +++ b/src/lib/libcrypto/util/pod2man.pl @@ -416,6 +416,8 @@ if ($name ne 'something') { warn "$0: Improper man page - malformed NAME header in paragraph $. of $ARGV[0]\n" } else { + $n[0] =~ s/\n/ /g; + $n[1] =~ s/\n/ /g; %namedesc = @n; } } diff --git a/src/lib/libcrypto/util/pod2mantest b/src/lib/libcrypto/util/pod2mantest new file mode 100644 index 0000000000..79aefafac0 --- /dev/null +++ b/src/lib/libcrypto/util/pod2mantest @@ -0,0 +1,53 @@ +#!/bin/sh + +# This script is used by test/Makefile.ssl to check whether a sane 'pod2man' +# is installed. +# ('make install' should not try to run 'pod2man' if it does not exist or if +# it is a broken 'pod2man' version that is known to cause trouble. if we find +# the system 'pod2man' to be broken, we use our own copy instead) +# +# In any case, output an appropriate command line for running (or not +# running) pod2man. + + +IFS=: +try_without_dir=true +# First we try "pod2man", then "$dir/pod2man" for each item in $PATH. +for dir in dummy:$PATH; do + if [ "$try_without_dir" = true ]; then + # first iteration + pod2man=pod2man + try_without_dir=false + else + # second and later iterations + pod2man="$dir/pod2man" + if [ ! -f "$pod2man" ]; then # '-x' is not available on Ultrix + pod2man='' + fi + fi + + if [ ! "$pod2man" = '' ]; then + failure=none + + + if "$pod2man" --section=1 --center=OpenSSL --release=dev pod2mantest.pod | grep '^MARKER - ' >/dev/null 2>&1; then + failure=MultilineTest + fi + + + if [ "$failure" = none ]; then + echo "$pod2man" + exit 0 + fi + + echo "$pod2man does not work properly ('$failure' failed). Looking for another pod2man ..." >&2 + fi +done + +echo "No working pod2man found. Consider installing a new version." >&2 +if [ "$1" = ignore ]; then + echo "As a workaround, we'll use a bundled old copy of pod2man.pl." >&2 + echo "util/pod2man.pl" + exit 0 +fi +exit 1 diff --git a/src/lib/libcrypto/util/pod2mantest.pod b/src/lib/libcrypto/util/pod2mantest.pod new file mode 100644 index 0000000000..5d2539a17f --- /dev/null +++ b/src/lib/libcrypto/util/pod2mantest.pod @@ -0,0 +1,15 @@ +=pod + +=head1 NAME + +foo, bar, +MARKER - test of multiline name section + +=head1 DESCRIPTION + +This is a test .pod file to see if we have a buggy pod2man or not. +If we have a buggy implementation, we will get a line matching the +regular expression "^ +MARKER - test of multiline name section *$" +at the end of the resulting document. + +=cut diff --git a/src/lib/libcrypto/util/point.sh b/src/lib/libcrypto/util/point.sh index 92c12e8282..47543c88e2 100644 --- a/src/lib/libcrypto/util/point.sh +++ b/src/lib/libcrypto/util/point.sh @@ -1,4 +1,6 @@ #!/bin/sh -/bin/rm -f $2 +rm -f $2 ln -s $1 $2 +echo "$2 => $1" + diff --git a/src/lib/libcrypto/util/selftest.pl b/src/lib/libcrypto/util/selftest.pl index 91e962a312..276b81183d 100644 --- a/src/lib/libcrypto/util/selftest.pl +++ b/src/lib/libcrypto/util/selftest.pl @@ -19,13 +19,14 @@ my $ok=0; my $cc="cc"; my $cversion="??"; my $sep="-----------------------------------------------------------------------------\n"; +my $not_our_fault="\nPlease ask your system administrator/vendor for more information.\n[Problems with your operating system setup should not be reported\nto the OpenSSL project.]\n"; open(OUT,">$report") or die; print OUT "OpenSSL self-test report:\n\n"; $uname=`uname -a`; -$uname="??" if $uname eq ""; +$uname="??\n" if $uname eq ""; $c=`sh config -t`; foreach $_ (split("\n",$c)) { @@ -49,6 +50,7 @@ if (open(IN,"&1`; $cversion=`$cc -V 2>&1` if $cversion =~ "usage"; +$cversion=`$cc -V |head -1` if $cversion =~ "Error"; $cversion=`$cc --version` if $cversion eq ""; $cversion =~ s/Reading specs.*\n//; $cversion =~ s/usage.*\n//; @@ -56,7 +58,7 @@ chomp $cversion; if (open(IN,") { - if (/\*\) (.{0,55})/) { + if (/\*\) (.{0,55})/ && !/applies to/) { $last=$1; last; } @@ -76,11 +78,18 @@ print OUT "\n"; print "Checking compiler...\n"; if (open(TEST,">cctest.c")) { - print TEST "#include \nmain(){printf(\"Hello world\\n\");}\n"; + print TEST "#include \n#include \nmain(){printf(\"Hello world\\n\");}\n"; close(TEST); system("$cc -o cctest cctest.c"); if (`./cctest` !~ /Hello world/) { print OUT "Compiler doesn't work.\n"; + print OUT $not_our_fault; + goto err; + } + system("ar r cctest.a /dev/null"); + if (not -f "cctest.a") { + print OUT "Check your archive tool (ar).\n"; + print OUT $not_our_fault; goto err; } } else { @@ -97,6 +106,7 @@ if (open(TEST,">cctest.c")) { } else { print OUT "Can't compile test program!\n"; } + print OUT $not_our_fault; goto err; } } else { @@ -122,6 +132,8 @@ if (system("make 2>&1 | tee make.log") > 255) { $_=$options; s/no-asm//; +s/no-shared//; +s/no-krb5//; if (/no-/) { print OUT "Test skipped.\n"; @@ -129,14 +141,14 @@ if (/no-/) } print "Running make test...\n"; -if (system("make test 2>&1 | tee make.log") > 255) +if (system("make test 2>&1 | tee maketest.log") > 255) { print OUT "make test failed!\n"; } else { $ok=1; } -if ($ok and open(IN,") { $ok=2 if /^platform: $platform/; } @@ -155,6 +167,15 @@ if ($ok != 2) { } else { print OUT "make.log not found!\n"; } + if (open(IN,") { + print OUT; + } + close(IN); + print OUT $sep; + } else { + print OUT "maketest.log not found!\n"; + } } else { print OUT "Test passed.\n"; } diff --git a/src/lib/libcrypto/util/sp-diff.pl b/src/lib/libcrypto/util/sp-diff.pl index 2c88336858..9d6c60387f 100644 --- a/src/lib/libcrypto/util/sp-diff.pl +++ b/src/lib/libcrypto/util/sp-diff.pl @@ -1,4 +1,4 @@ -#!/usr/bin/perl +#!/usr/local/bin/perl # # This file takes as input, the files that have been output from # ssleay speed. @@ -11,7 +11,7 @@ %two=&loadfile($ARGV[1]); $line=0; -foreach $a ("md2","md5","sha","sha1","rc4","des cfb","des cbc","des ede3", +foreach $a ("md2","md4","md5","sha","sha1","rc4","des cfb","des cbc","des ede3", "idea cfb","idea cbc","rc2 cfb","rc2 cbc","blowfish cbc","cast cbc") { if (defined($one{$a,8}) && defined($two{$a,8})) diff --git a/src/lib/libcrypto/util/src-dep.pl b/src/lib/libcrypto/util/src-dep.pl index 91242f7bb6..ad997e4746 100644 --- a/src/lib/libcrypto/util/src-dep.pl +++ b/src/lib/libcrypto/util/src-dep.pl @@ -1,4 +1,4 @@ -#!/usr/bin/perl +#!/usr/local/bin/perl # we make up an array of # $file{function_name}=filename; diff --git a/src/lib/libcrypto/util/ssleay.num b/src/lib/libcrypto/util/ssleay.num index 359fa15df1..fdea47205d 100644 --- a/src/lib/libcrypto/util/ssleay.num +++ b/src/lib/libcrypto/util/ssleay.num @@ -1,156 +1,217 @@ -ERR_load_SSL_strings 1 -SSL_CIPHER_description 2 -SSL_CTX_add_client_CA 3 -SSL_CTX_add_session 4 -SSL_CTX_check_private_key 5 -SSL_CTX_ctrl 6 -SSL_CTX_flush_sessions 7 -SSL_CTX_free 8 -SSL_CTX_get_client_CA_list 9 -SSL_CTX_get_verify_callback 10 -SSL_CTX_get_verify_mode 11 -SSL_CTX_new 12 -SSL_CTX_remove_session 13 -SSL_CTX_set_cert_verify_cb 14 -SSL_CTX_set_cipher_list 15 -SSL_CTX_set_client_CA_list 16 -SSL_CTX_set_default_passwd_cb 17 -SSL_CTX_set_ssl_version 19 -SSL_CTX_set_verify 21 -SSL_CTX_use_PrivateKey 22 -SSL_CTX_use_PrivateKey_ASN1 23 -SSL_CTX_use_PrivateKey_file 24 -SSL_CTX_use_RSAPrivateKey 25 -SSL_CTX_use_RSAPrivateKey_ASN1 26 -SSL_CTX_use_RSAPrivateKey_file 27 -SSL_CTX_use_certificate 28 -SSL_CTX_use_certificate_ASN1 29 -SSL_CTX_use_certificate_file 30 -SSL_SESSION_free 31 -SSL_SESSION_new 32 -SSL_SESSION_print 33 -SSL_SESSION_print_fp 34 -SSL_accept 35 -SSL_add_client_CA 36 -SSL_alert_desc_string 37 -SSL_alert_desc_string_long 38 -SSL_alert_type_string 39 -SSL_alert_type_string_long 40 -SSL_check_private_key 41 -SSL_clear 42 -SSL_connect 43 -SSL_copy_session_id 44 -SSL_ctrl 45 -SSL_dup 46 -SSL_dup_CA_list 47 -SSL_free 48 -SSL_get_certificate 49 -SSL_get_cipher_list 52 -SSL_get_ciphers 55 -SSL_get_client_CA_list 56 -SSL_get_default_timeout 57 -SSL_get_error 58 -SSL_get_fd 59 -SSL_get_peer_cert_chain 60 -SSL_get_peer_certificate 61 -SSL_get_rbio 63 -SSL_get_read_ahead 64 -SSL_get_shared_ciphers 65 -SSL_get_ssl_method 66 -SSL_get_verify_callback 69 -SSL_get_verify_mode 70 -SSL_get_version 71 -SSL_get_wbio 72 -SSL_load_client_CA_file 73 -SSL_load_error_strings 74 -SSL_new 75 -SSL_peek 76 -SSL_pending 77 -SSL_read 78 -SSL_renegotiate 79 -SSL_rstate_string 80 -SSL_rstate_string_long 81 -SSL_set_accept_state 82 -SSL_set_bio 83 -SSL_set_cipher_list 84 -SSL_set_client_CA_list 85 -SSL_set_connect_state 86 -SSL_set_fd 87 -SSL_set_read_ahead 88 -SSL_set_rfd 89 -SSL_set_session 90 -SSL_set_ssl_method 91 -SSL_set_verify 94 -SSL_set_wfd 95 -SSL_shutdown 96 -SSL_state_string 97 -SSL_state_string_long 98 -SSL_use_PrivateKey 99 -SSL_use_PrivateKey_ASN1 100 -SSL_use_PrivateKey_file 101 -SSL_use_RSAPrivateKey 102 -SSL_use_RSAPrivateKey_ASN1 103 -SSL_use_RSAPrivateKey_file 104 -SSL_use_certificate 105 -SSL_use_certificate_ASN1 106 -SSL_use_certificate_file 107 -SSL_write 108 -SSLeay_add_ssl_algorithms 109 -SSLv23_client_method 110 -SSLv23_method 111 -SSLv23_server_method 112 -SSLv2_client_method 113 -SSLv2_method 114 -SSLv2_server_method 115 -SSLv3_client_method 116 -SSLv3_method 117 -SSLv3_server_method 118 -d2i_SSL_SESSION 119 -i2d_SSL_SESSION 120 -BIO_f_ssl 121 -BIO_new_ssl 122 -BIO_proxy_ssl_copy_session_id 123 -BIO_ssl_copy_session_id 124 -SSL_do_handshake 125 -SSL_get_privatekey 126 -SSL_get_current_cipher 127 -SSL_CIPHER_get_bits 128 -SSL_CIPHER_get_version 129 -SSL_CIPHER_get_name 130 -BIO_ssl_shutdown 131 -SSL_SESSION_cmp 132 -SSL_SESSION_hash 133 -SSL_SESSION_get_time 134 -SSL_SESSION_set_time 135 -SSL_SESSION_get_timeout 136 -SSL_SESSION_set_timeout 137 -SSL_CTX_get_ex_data 138 -SSL_CTX_get_quiet_shutdown 140 -SSL_CTX_load_verify_locations 141 -SSL_CTX_set_default_verify_paths 142 -SSL_CTX_set_ex_data 143 -SSL_CTX_set_quiet_shutdown 145 -SSL_SESSION_get_ex_data 146 -SSL_SESSION_set_ex_data 148 -SSL_get_SSL_CTX 150 -SSL_get_ex_data 151 -SSL_get_quiet_shutdown 153 -SSL_get_session 154 -SSL_get_shutdown 155 -SSL_get_verify_result 157 -SSL_set_ex_data 158 -SSL_set_info_callback 160 -SSL_set_quiet_shutdown 161 -SSL_set_shutdown 162 -SSL_set_verify_result 163 -SSL_version 164 -SSL_get_info_callback 165 -SSL_state 166 -SSL_CTX_get_ex_new_index 167 -SSL_SESSION_get_ex_new_index 168 -SSL_get_ex_new_index 169 -TLSv1_method 170 -TLSv1_server_method 171 -TLSv1_client_method 172 -BIO_new_buffer_ssl_connect 173 -BIO_new_ssl_connect 174 +ERR_load_SSL_strings 1 EXIST::FUNCTION: +SSL_CIPHER_description 2 EXIST::FUNCTION: +SSL_CTX_add_client_CA 3 EXIST::FUNCTION: +SSL_CTX_add_session 4 EXIST::FUNCTION: +SSL_CTX_check_private_key 5 EXIST::FUNCTION: +SSL_CTX_ctrl 6 EXIST::FUNCTION: +SSL_CTX_flush_sessions 7 EXIST::FUNCTION: +SSL_CTX_free 8 EXIST::FUNCTION: +SSL_CTX_get_client_CA_list 9 EXIST::FUNCTION: +SSL_CTX_get_verify_callback 10 EXIST::FUNCTION: +SSL_CTX_get_verify_mode 11 EXIST::FUNCTION: +SSL_CTX_new 12 EXIST::FUNCTION: +SSL_CTX_remove_session 13 EXIST::FUNCTION: +SSL_CTX_set_cipher_list 15 EXIST::FUNCTION: +SSL_CTX_set_client_CA_list 16 EXIST::FUNCTION: +SSL_CTX_set_default_passwd_cb 17 EXIST::FUNCTION: +SSL_CTX_set_ssl_version 19 EXIST::FUNCTION: +SSL_CTX_set_verify 21 EXIST::FUNCTION: +SSL_CTX_use_PrivateKey 22 EXIST::FUNCTION: +SSL_CTX_use_PrivateKey_ASN1 23 EXIST::FUNCTION: +SSL_CTX_use_PrivateKey_file 24 EXIST::FUNCTION:STDIO +SSL_CTX_use_RSAPrivateKey 25 EXIST::FUNCTION:RSA +SSL_CTX_use_RSAPrivateKey_ASN1 26 EXIST::FUNCTION:RSA +SSL_CTX_use_RSAPrivateKey_file 27 EXIST::FUNCTION:RSA,STDIO +SSL_CTX_use_certificate 28 EXIST::FUNCTION: +SSL_CTX_use_certificate_ASN1 29 EXIST::FUNCTION: +SSL_CTX_use_certificate_file 30 EXIST::FUNCTION:STDIO +SSL_SESSION_free 31 EXIST::FUNCTION: +SSL_SESSION_new 32 EXIST::FUNCTION: +SSL_SESSION_print 33 EXIST::FUNCTION:BIO +SSL_SESSION_print_fp 34 EXIST::FUNCTION:FP_API +SSL_accept 35 EXIST::FUNCTION: +SSL_add_client_CA 36 EXIST::FUNCTION: +SSL_alert_desc_string 37 EXIST::FUNCTION: +SSL_alert_desc_string_long 38 EXIST::FUNCTION: +SSL_alert_type_string 39 EXIST::FUNCTION: +SSL_alert_type_string_long 40 EXIST::FUNCTION: +SSL_check_private_key 41 EXIST::FUNCTION: +SSL_clear 42 EXIST::FUNCTION: +SSL_connect 43 EXIST::FUNCTION: +SSL_copy_session_id 44 EXIST::FUNCTION: +SSL_ctrl 45 EXIST::FUNCTION: +SSL_dup 46 EXIST::FUNCTION: +SSL_dup_CA_list 47 EXIST::FUNCTION: +SSL_free 48 EXIST::FUNCTION: +SSL_get_certificate 49 EXIST::FUNCTION: +SSL_get_cipher_list 52 EXIST::FUNCTION: +SSL_get_ciphers 55 EXIST::FUNCTION: +SSL_get_client_CA_list 56 EXIST::FUNCTION: +SSL_get_default_timeout 57 EXIST::FUNCTION: +SSL_get_error 58 EXIST::FUNCTION: +SSL_get_fd 59 EXIST::FUNCTION: +SSL_get_peer_cert_chain 60 EXIST::FUNCTION: +SSL_get_peer_certificate 61 EXIST::FUNCTION: +SSL_get_rbio 63 EXIST::FUNCTION:BIO +SSL_get_read_ahead 64 EXIST::FUNCTION: +SSL_get_shared_ciphers 65 EXIST::FUNCTION: +SSL_get_ssl_method 66 EXIST::FUNCTION: +SSL_get_verify_callback 69 EXIST::FUNCTION: +SSL_get_verify_mode 70 EXIST::FUNCTION: +SSL_get_version 71 EXIST::FUNCTION: +SSL_get_wbio 72 EXIST::FUNCTION:BIO +SSL_load_client_CA_file 73 EXIST::FUNCTION:STDIO +SSL_load_error_strings 74 EXIST::FUNCTION: +SSL_new 75 EXIST::FUNCTION: +SSL_peek 76 EXIST::FUNCTION: +SSL_pending 77 EXIST::FUNCTION: +SSL_read 78 EXIST::FUNCTION: +SSL_renegotiate 79 EXIST::FUNCTION: +SSL_rstate_string 80 EXIST::FUNCTION: +SSL_rstate_string_long 81 EXIST::FUNCTION: +SSL_set_accept_state 82 EXIST::FUNCTION: +SSL_set_bio 83 EXIST::FUNCTION:BIO +SSL_set_cipher_list 84 EXIST::FUNCTION: +SSL_set_client_CA_list 85 EXIST::FUNCTION: +SSL_set_connect_state 86 EXIST::FUNCTION: +SSL_set_fd 87 EXIST::FUNCTION:SOCK +SSL_set_read_ahead 88 EXIST::FUNCTION: +SSL_set_rfd 89 EXIST::FUNCTION:SOCK +SSL_set_session 90 EXIST::FUNCTION: +SSL_set_ssl_method 91 EXIST::FUNCTION: +SSL_set_verify 94 EXIST::FUNCTION: +SSL_set_wfd 95 EXIST::FUNCTION:SOCK +SSL_shutdown 96 EXIST::FUNCTION: +SSL_state_string 97 EXIST::FUNCTION: +SSL_state_string_long 98 EXIST::FUNCTION: +SSL_use_PrivateKey 99 EXIST::FUNCTION: +SSL_use_PrivateKey_ASN1 100 EXIST::FUNCTION: +SSL_use_PrivateKey_file 101 EXIST::FUNCTION:STDIO +SSL_use_RSAPrivateKey 102 EXIST::FUNCTION:RSA +SSL_use_RSAPrivateKey_ASN1 103 EXIST::FUNCTION:RSA +SSL_use_RSAPrivateKey_file 104 EXIST::FUNCTION:RSA,STDIO +SSL_use_certificate 105 EXIST::FUNCTION: +SSL_use_certificate_ASN1 106 EXIST::FUNCTION: +SSL_use_certificate_file 107 EXIST::FUNCTION:STDIO +SSL_write 108 EXIST::FUNCTION: +SSLeay_add_ssl_algorithms 109 NOEXIST::FUNCTION: +SSLv23_client_method 110 EXIST::FUNCTION:RSA +SSLv23_method 111 EXIST::FUNCTION:RSA +SSLv23_server_method 112 EXIST::FUNCTION:RSA +SSLv2_client_method 113 EXIST::FUNCTION:RSA +SSLv2_method 114 EXIST::FUNCTION:RSA +SSLv2_server_method 115 EXIST::FUNCTION:RSA +SSLv3_client_method 116 EXIST::FUNCTION: +SSLv3_method 117 EXIST::FUNCTION: +SSLv3_server_method 118 EXIST::FUNCTION: +d2i_SSL_SESSION 119 EXIST::FUNCTION: +i2d_SSL_SESSION 120 EXIST::FUNCTION: +BIO_f_ssl 121 EXIST::FUNCTION:BIO +BIO_new_ssl 122 EXIST::FUNCTION:BIO +BIO_proxy_ssl_copy_session_id 123 NOEXIST::FUNCTION: +BIO_ssl_copy_session_id 124 EXIST::FUNCTION:BIO +SSL_do_handshake 125 EXIST::FUNCTION: +SSL_get_privatekey 126 EXIST::FUNCTION: +SSL_get_current_cipher 127 EXIST::FUNCTION: +SSL_CIPHER_get_bits 128 EXIST::FUNCTION: +SSL_CIPHER_get_version 129 EXIST::FUNCTION: +SSL_CIPHER_get_name 130 EXIST::FUNCTION: +BIO_ssl_shutdown 131 EXIST::FUNCTION:BIO +SSL_SESSION_cmp 132 EXIST::FUNCTION: +SSL_SESSION_hash 133 EXIST::FUNCTION: +SSL_SESSION_get_time 134 EXIST::FUNCTION: +SSL_SESSION_set_time 135 EXIST::FUNCTION: +SSL_SESSION_get_timeout 136 EXIST::FUNCTION: +SSL_SESSION_set_timeout 137 EXIST::FUNCTION: +SSL_CTX_get_ex_data 138 EXIST::FUNCTION: +SSL_CTX_get_quiet_shutdown 140 EXIST::FUNCTION: +SSL_CTX_load_verify_locations 141 EXIST::FUNCTION: +SSL_CTX_set_default_verify_paths 142 EXIST:!VMS:FUNCTION: +SSL_CTX_set_def_verify_paths 142 EXIST:VMS:FUNCTION: +SSL_CTX_set_ex_data 143 EXIST::FUNCTION: +SSL_CTX_set_quiet_shutdown 145 EXIST::FUNCTION: +SSL_SESSION_get_ex_data 146 EXIST::FUNCTION: +SSL_SESSION_set_ex_data 148 EXIST::FUNCTION: +SSL_get_SSL_CTX 150 EXIST::FUNCTION: +SSL_get_ex_data 151 EXIST::FUNCTION: +SSL_get_quiet_shutdown 153 EXIST::FUNCTION: +SSL_get_session 154 EXIST::FUNCTION: +SSL_get_shutdown 155 EXIST::FUNCTION: +SSL_get_verify_result 157 EXIST::FUNCTION: +SSL_set_ex_data 158 EXIST::FUNCTION: +SSL_set_info_callback 160 EXIST::FUNCTION: +SSL_set_quiet_shutdown 161 EXIST::FUNCTION: +SSL_set_shutdown 162 EXIST::FUNCTION: +SSL_set_verify_result 163 EXIST::FUNCTION: +SSL_version 164 EXIST::FUNCTION: +SSL_get_info_callback 165 EXIST::FUNCTION: +SSL_state 166 EXIST::FUNCTION: +SSL_CTX_get_ex_new_index 167 EXIST::FUNCTION: +SSL_SESSION_get_ex_new_index 168 EXIST::FUNCTION: +SSL_get_ex_new_index 169 EXIST::FUNCTION: +TLSv1_method 170 EXIST::FUNCTION: +TLSv1_server_method 171 EXIST::FUNCTION: +TLSv1_client_method 172 EXIST::FUNCTION: +BIO_new_buffer_ssl_connect 173 EXIST::FUNCTION:BIO +BIO_new_ssl_connect 174 EXIST::FUNCTION:BIO +SSL_get_ex_data_X509_STORE_CTX_idx 175 EXIST:!VMS:FUNCTION: +SSL_get_ex_d_X509_STORE_CTX_idx 175 EXIST:VMS:FUNCTION: +SSL_CTX_set_tmp_dh_callback 176 EXIST::FUNCTION:DH +SSL_CTX_set_tmp_rsa_callback 177 EXIST::FUNCTION:RSA +SSL_CTX_set_timeout 178 EXIST::FUNCTION: +SSL_CTX_get_timeout 179 EXIST::FUNCTION: +SSL_CTX_get_cert_store 180 EXIST::FUNCTION: +SSL_CTX_set_cert_store 181 EXIST::FUNCTION: +SSL_want 182 EXIST::FUNCTION: +SSL_library_init 183 EXIST::FUNCTION: +SSL_COMP_add_compression_method 184 EXIST::FUNCTION:COMP +SSL_add_file_cert_subjects_to_stack 185 EXIST:!VMS:FUNCTION:STDIO +SSL_add_file_cert_subjs_to_stk 185 EXIST:VMS:FUNCTION:STDIO +SSL_set_tmp_rsa_callback 186 EXIST::FUNCTION:RSA +SSL_set_tmp_dh_callback 187 EXIST::FUNCTION:DH +SSL_add_dir_cert_subjects_to_stack 188 EXIST:!VMS,!WIN32:FUNCTION:STDIO +SSL_add_dir_cert_subjs_to_stk 188 NOEXIST::FUNCTION: +SSL_set_session_id_context 189 EXIST::FUNCTION: +SSL_CTX_use_certificate_chain_file 222 EXIST:!VMS:FUNCTION:STDIO +SSL_CTX_use_cert_chain_file 222 EXIST:VMS:FUNCTION:STDIO +SSL_CTX_set_verify_depth 225 EXIST::FUNCTION: +SSL_set_verify_depth 226 EXIST::FUNCTION: +SSL_CTX_get_verify_depth 228 EXIST::FUNCTION: +SSL_get_verify_depth 229 EXIST::FUNCTION: +SSL_CTX_set_session_id_context 231 EXIST::FUNCTION: +SSL_CTX_set_cert_verify_callback 232 EXIST:!VMS:FUNCTION: +SSL_CTX_set_cert_verify_cb 232 EXIST:VMS:FUNCTION: +SSL_CTX_set_default_passwd_cb_userdata 235 EXIST:!VMS:FUNCTION: +SSL_CTX_set_def_passwd_cb_ud 235 EXIST:VMS:FUNCTION: +SSL_set_purpose 236 EXIST::FUNCTION: +SSL_CTX_set_trust 237 EXIST::FUNCTION: +SSL_CTX_set_purpose 238 EXIST::FUNCTION: +SSL_set_trust 239 EXIST::FUNCTION: +SSL_get_finished 240 EXIST::FUNCTION: +SSL_get_peer_finished 241 EXIST::FUNCTION: +SSL_get1_session 242 EXIST::FUNCTION: +SSL_CTX_callback_ctrl 243 EXIST::FUNCTION: +SSL_callback_ctrl 244 EXIST::FUNCTION: +SSL_CTX_sessions 245 EXIST::FUNCTION: +SSL_get_rfd 246 EXIST::FUNCTION: +SSL_get_wfd 247 EXIST::FUNCTION: +kssl_cget_tkt 248 EXIST::FUNCTION:KRB5 +SSL_has_matching_session_id 249 EXIST::FUNCTION: +kssl_err_set 250 EXIST::FUNCTION:KRB5 +kssl_ctx_show 251 EXIST::FUNCTION:KRB5 +kssl_validate_times 252 EXIST::FUNCTION:KRB5 +kssl_check_authent 253 EXIST::FUNCTION:KRB5 +kssl_ctx_new 254 EXIST::FUNCTION:KRB5 +kssl_build_principal_2 255 EXIST::FUNCTION:KRB5 +kssl_skip_confound 256 EXIST::FUNCTION:KRB5 +kssl_sget_tkt 257 EXIST::FUNCTION:KRB5 +SSL_set_generate_session_id 258 EXIST::FUNCTION: +kssl_ctx_setkey 259 EXIST::FUNCTION:KRB5 +kssl_ctx_setprinc 260 EXIST::FUNCTION:KRB5 +kssl_ctx_free 261 EXIST::FUNCTION:KRB5 +kssl_krb5_free_data_contents 262 EXIST::FUNCTION:KRB5 +kssl_ctx_setstring 263 EXIST::FUNCTION:KRB5 +SSL_CTX_set_generate_session_id 264 EXIST::FUNCTION: +SSL_renegotiate_pending 265 EXIST::FUNCTION: +SSL_CTX_set_msg_callback 266 EXIST::FUNCTION: +SSL_set_msg_callback 267 EXIST::FUNCTION: diff --git a/src/lib/libcrypto/util/tab_num.pl b/src/lib/libcrypto/util/tab_num.pl index 77b591d92f..a81ed0edc2 100644 --- a/src/lib/libcrypto/util/tab_num.pl +++ b/src/lib/libcrypto/util/tab_num.pl @@ -1,4 +1,4 @@ -#!/usr/bin/perl +#!/usr/local/bin/perl $num=1; $width=40; diff --git a/src/lib/libcrypto/util/x86asm.sh b/src/lib/libcrypto/util/x86asm.sh index 81d3289860..d2090a9849 100644 --- a/src/lib/libcrypto/util/x86asm.sh +++ b/src/lib/libcrypto/util/x86asm.sh @@ -2,8 +2,8 @@ echo Generating x86 assember echo Bignum -(cd crypto/bn/asm; perl bn-586.pl cpp > bn86unix.cpp) -(cd crypto/bn/asm; perl bn-586.pl win32 > bn-win32.asm) +(cd crypto/bn/asm; perl x86.pl cpp > bn86unix.cpp) +(cd crypto/bn/asm; perl x86.pl win32 > bn-win32.asm) echo DES (cd crypto/des/asm; perl des-586.pl cpp > dx86unix.cpp) diff --git a/src/lib/libcrypto/x509v3/v3conf.c b/src/lib/libcrypto/x509v3/v3conf.c index 21cf746f45..67ee14f334 100644 --- a/src/lib/libcrypto/x509v3/v3conf.c +++ b/src/lib/libcrypto/x509v3/v3conf.c @@ -60,7 +60,6 @@ #include #include "cryptlib.h" #include -#include #include #include #include diff --git a/src/lib/libcrypto/x509v3/v3prin.c b/src/lib/libcrypto/x509v3/v3prin.c index ee798859f0..b529814319 100644 --- a/src/lib/libcrypto/x509v3/v3prin.c +++ b/src/lib/libcrypto/x509v3/v3prin.c @@ -59,9 +59,7 @@ #include -#include "cryptlib.h" #include -#include #include #include #include diff --git a/src/lib/libssl/src/CHANGES b/src/lib/libssl/src/CHANGES index d0db7eaf61..d63996c70d 100644 --- a/src/lib/libssl/src/CHANGES +++ b/src/lib/libssl/src/CHANGES @@ -2,6 +2,4286 @@ OpenSSL CHANGES _______________ + Changes between 0.9.6d and 0.9.7 [XX xxx 2002] + + *) Add AES modes CFB and OFB to the object database. Correct an + error in AES-CFB decryption. + [Richard Levitte] + + *) Remove most calls to EVP_CIPHER_CTX_cleanup() in evp_enc.c, this + allows existing EVP_CIPHER_CTX structures to be reused after + calling EVP_*Final(). This behaviour is used by encryption + BIOs and some applications. This has the side effect that + applications must explicitly clean up cipher contexts with + EVP_CIPHER_CTX_cleanup() or they will leak memory. + [Steve Henson] + + *) Check the values of dna and dnb in bn_mul_recursive before calling + bn_mul_comba (a non zero value means the a or b arrays do not contain + n2 elements) and fallback to bn_mul_normal if either is not zero. + [Steve Henson] + + *) Fix escaping of non-ASCII characters when using the -subj option + of the "openssl req" command line tool. (Robert Joop ) + [Lutz Jaenicke] + + *) Make object definitions compliant to LDAP (RFC2256): SN is the short + form for "surname", serialNumber has no short form. + Use "mail" as the short name for "rfc822Mailbox" according to RFC2798; + therefore remove "mail" short name for "internet 7". + Some more OID additions. (Michael Bell ) + [Lutz Jaenicke] + + *) Add an "init" command to the ENGINE config module and auto initialize + ENGINEs. Without any "init" command the ENGINE will be initialized + after all ctrl commands have been executed on it. If init=1 the + ENGINE is initailized at that point (ctrls before that point are run + on the uninitialized ENGINE and after on the initialized one). If + init=0 then the ENGINE will not be iniatialized at all. + [Steve Henson] + + *) Fix the 'app_verify_callback' interface so that the user-defined + argument is actually passed to the callback: In the + SSL_CTX_set_cert_verify_callback() prototype, the callback + declaration has been changed from + int (*cb)() + into + int (*cb)(X509_STORE_CTX *,void *); + in ssl_verify_cert_chain (ssl/ssl_cert.c), the call + i=s->ctx->app_verify_callback(&ctx) + has been changed into + i=s->ctx->app_verify_callback(&ctx, s->ctx->app_verify_arg). + + To update applications using SSL_CTX_set_cert_verify_callback(), + a dummy argument can be added to their callback functions. + [D. K. Smetters ] + + *) Added the '4758cca' ENGINE to support IBM 4758 cards. + [Maurice Gittens , touchups by Geoff Thorpe] + + *) Add and OPENSSL_LOAD_CONF define which will cause + OpenSSL_add_all_algorithms() to load the openssl.cnf config file. + This allows older applications to transparently support certain + OpenSSL features: such as crypto acceleration and dynamic ENGINE loading. + Two new functions OPENSSL_add_all_algorithms_noconf() which will never + load the config file and OPENSSL_add_all_algorithms_conf() which will + always load it have also been added. + [Steve Henson] + + *) Add the OFB, CFB and CTR (all with 128 bit feedback) to AES. + Adjust NIDs and EVP layer. + [Stephen Sprunk and Richard Levitte] + + *) Config modules support in openssl utility. + + Most commands now load modules from the config file, + though in a few (such as version) this isn't done + because it couldn't be used for anything. + + In the case of ca and req the config file used is + the same as the utility itself: that is the -config + command line option can be used to specify an + alternative file. + [Steve Henson] + + *) Move default behaviour from OPENSSL_config(). If appname is NULL + use "openssl_conf" if filename is NULL use default openssl config file. + [Steve Henson] + + *) Add an argument to OPENSSL_config() to allow the use of an alternative + config section name. Add a new flag to tolerate a missing config file + and move code to CONF_modules_load_file(). + [Steve Henson] + + *) Support for crypto accelerator cards from Accelerated Encryption + Processing, www.aep.ie. (Use engine 'aep') + The support was copied from 0.9.6c [engine] and adapted/corrected + to work with the new engine framework. + [AEP Inc. and Richard Levitte] + + *) Support for SureWare crypto accelerator cards from Baltimore + Technologies. (Use engine 'sureware') + The support was copied from 0.9.6c [engine] and adapted + to work with the new engine framework. + [Richard Levitte] + + *) Have the CHIL engine fork-safe (as defined by nCipher) and actually + make the newer ENGINE framework commands for the CHIL engine work. + [Toomas Kiisk and Richard Levitte] + + *) Make it possible to produce shared libraries on ReliantUNIX. + [Robert Dahlem via Richard Levitte] + + *) Add the configuration target debug-linux-ppro. + Make 'openssl rsa' use the general key loading routines + implemented in apps.c, and make those routines able to + handle the key format FORMAT_NETSCAPE and the variant + FORMAT_IISSGC. + [Toomas Kiisk via Richard Levitte] + + *) Fix a crashbug and a logic bug in hwcrhk_load_pubkey(). + [Toomas Kiisk via Richard Levitte] + + *) Add -keyform to rsautl, and document -engine. + [Richard Levitte, inspired by Toomas Kiisk ] + + *) Change BIO_new_file (crypto/bio/bss_file.c) to use new + BIO_R_NO_SUCH_FILE error code rather than the generic + ERR_R_SYS_LIB error code if fopen() fails with ENOENT. + [Ben Laurie] + + *) Add new functions + ERR_peek_last_error + ERR_peek_last_error_line + ERR_peek_last_error_line_data. + These are similar to + ERR_peek_error + ERR_peek_error_line + ERR_peek_error_line_data, + but report on the latest error recorded rather than the first one + still in the error queue. + [Ben Laurie, Bodo Moeller] + + *) default_algorithms option in ENGINE config module. This allows things + like: + default_algorithms = ALL + default_algorithms = RSA, DSA, RAND, CIPHERS, DIGESTS + [Steve Henson] + + *) Prelminary ENGINE config module. + [Steve Henson] + + *) New experimental application configuration code. + [Steve Henson] + + *) Change the AES code to follow the same name structure as all other + symmetric ciphers, and behave the same way. Move everything to + the directory crypto/aes, thereby obsoleting crypto/rijndael. + [Stephen Sprunk and Richard Levitte] + + *) SECURITY: remove unsafe setjmp/signal interaction from ui_openssl.c. + [Ben Laurie and Theo de Raadt] + + *) Add option to output public keys in req command. + [Massimiliano Pala madwolf@openca.org] + + *) Use wNAFs in EC_POINTs_mul() for improved efficiency + (up to about 10% better than before for P-192 and P-224). + [Bodo Moeller] + + *) New functions/macros + + SSL_CTX_set_msg_callback(ctx, cb) + SSL_CTX_set_msg_callback_arg(ctx, arg) + SSL_set_msg_callback(ssl, cb) + SSL_set_msg_callback_arg(ssl, arg) + + to request calling a callback function + + void cb(int write_p, int version, int content_type, + const void *buf, size_t len, SSL *ssl, void *arg) + + whenever a protocol message has been completely received + (write_p == 0) or sent (write_p == 1). Here 'version' is the + protocol version according to which the SSL library interprets + the current protocol message (SSL2_VERSION, SSL3_VERSION, or + TLS1_VERSION). 'content_type' is 0 in the case of SSL 2.0, or + the content type as defined in the SSL 3.0/TLS 1.0 protocol + specification (change_cipher_spec(20), alert(21), handshake(22)). + 'buf' and 'len' point to the actual message, 'ssl' to the + SSL object, and 'arg' is the application-defined value set by + SSL[_CTX]_set_msg_callback_arg(). + + 'openssl s_client' and 'openssl s_server' have new '-msg' options + to enable a callback that displays all protocol messages. + [Bodo Moeller] + + *) Change the shared library support so shared libraries are built as + soon as the corresponding static library is finished, and thereby get + openssl and the test programs linked against the shared library. + This still only happens when the keyword "shard" has been given to + the configuration scripts. + + NOTE: shared library support is still an experimental thing, and + backward binary compatibility is still not guaranteed. + ["Maciej W. Rozycki" and Richard Levitte] + + *) Add support for Subject Information Access extension. + [Peter Sylvester ] + + *) Make BUF_MEM_grow() behaviour more consistent: Initialise to zero + additional bytes when new memory had to be allocated, not just + when reusing an existing buffer. + [Bodo Moeller] + + *) New command line and configuration option 'utf8' for the req command. + This allows field values to be specified as UTF8 strings. + [Steve Henson] + + *) Add -multi and -mr options to "openssl speed" - giving multiple parallel + runs for the former and machine-readable output for the latter. + [Ben Laurie] + + *) Add '-noemailDN' option to 'openssl ca'. This prevents inclusion + of the e-mail address in the DN (i.e., it will go into a certificate + extension only). The new configuration file option 'email_in_dn = no' + has the same effect. + [Massimiliano Pala madwolf@openca.org] + + *) Change all functions with names starting with des_ to be starting + with DES_ instead. Add wrappers that are compatible with libdes, + but are named _ossl_old_des_*. Finally, add macros that map the + des_* symbols to the corresponding _ossl_old_des_* if libdes + compatibility is desired. If OpenSSL 0.9.6c compatibility is + desired, the des_* symbols will be mapped to DES_*, with one + exception. + + Since we provide two compatibility mappings, the user needs to + define the macro OPENSSL_DES_LIBDES_COMPATIBILITY if libdes + compatibility is desired. The default (i.e., when that macro + isn't defined) is OpenSSL 0.9.6c compatibility. + + There are also macros that enable and disable the support of old + des functions altogether. Those are OPENSSL_ENABLE_OLD_DES_SUPPORT + and OPENSSL_DISABLE_OLD_DES_SUPPORT. If none or both of those + are defined, the default will apply: to support the old des routines. + + In either case, one must include openssl/des.h to get the correct + definitions. Do not try to just include openssl/des_old.h, that + won't work. + + NOTE: This is a major break of an old API into a new one. Software + authors are encouraged to switch to the DES_ style functions. Some + time in the future, des_old.h and the libdes compatibility functions + will be disable (i.e. OPENSSL_DISABLE_OLD_DES_SUPPORT will be the + default), and then completely removed. + [Richard Levitte] + + *) Test for certificates which contain unsupported critical extensions. + If such a certificate is found during a verify operation it is + rejected by default: this behaviour can be overridden by either + handling the new error X509_V_ERR_UNHANDLED_CRITICAL_EXTENSION or + by setting the verify flag X509_V_FLAG_IGNORE_CRITICAL. A new function + X509_supported_extension() has also been added which returns 1 if a + particular extension is supported. + [Steve Henson] + + *) Modify the behaviour of EVP cipher functions in similar way to digests + to retain compatibility with existing code. + [Steve Henson] + + *) Modify the behaviour of EVP_DigestInit() and EVP_DigestFinal() to retain + compatibility with existing code. In particular the 'ctx' parameter does + not have to be to be initialized before the call to EVP_DigestInit() and + it is tidied up after a call to EVP_DigestFinal(). New function + EVP_DigestFinal_ex() which does not tidy up the ctx. Similarly function + EVP_MD_CTX_copy() changed to not require the destination to be + initialized valid and new function EVP_MD_CTX_copy_ex() added which + requires the destination to be valid. + + Modify all the OpenSSL digest calls to use EVP_DigestInit_ex(), + EVP_DigestFinal_ex() and EVP_MD_CTX_copy_ex(). + [Steve Henson] + + *) Change ssl3_get_message (ssl/s3_both.c) and the functions using it + so that complete 'Handshake' protocol structures are kept in memory + instead of overwriting 'msg_type' and 'length' with 'body' data. + [Bodo Moeller] + + *) Add an implementation of SSL_add_dir_cert_subjects_to_stack for Win32. + [Massimo Santin via Richard Levitte] + + *) Major restructuring to the underlying ENGINE code. This includes + reduction of linker bloat, separation of pure "ENGINE" manipulation + (initialisation, etc) from functionality dealing with implementations + of specific crypto iterfaces. This change also introduces integrated + support for symmetric ciphers and digest implementations - so ENGINEs + can now accelerate these by providing EVP_CIPHER and EVP_MD + implementations of their own. This is detailed in crypto/engine/README + as it couldn't be adequately described here. However, there are a few + API changes worth noting - some RSA, DSA, DH, and RAND functions that + were changed in the original introduction of ENGINE code have now + reverted back - the hooking from this code to ENGINE is now a good + deal more passive and at run-time, operations deal directly with + RSA_METHODs, DSA_METHODs (etc) as they did before, rather than + dereferencing through an ENGINE pointer any more. Also, the ENGINE + functions dealing with BN_MOD_EXP[_CRT] handlers have been removed - + they were not being used by the framework as there is no concept of a + BIGNUM_METHOD and they could not be generalised to the new + 'ENGINE_TABLE' mechanism that underlies the new code. Similarly, + ENGINE_cpy() has been removed as it cannot be consistently defined in + the new code. + [Geoff Thorpe] + + *) Change ASN1_GENERALIZEDTIME_check() to allow fractional seconds. + [Steve Henson] + + *) Change mkdef.pl to sort symbols that get the same entry number, + and make sure the automatically generated functions ERR_load_* + become part of libeay.num as well. + [Richard Levitte] + + *) New function SSL_renegotiate_pending(). This returns true once + renegotiation has been requested (either SSL_renegotiate() call + or HelloRequest/ClientHello receveived from the peer) and becomes + false once a handshake has been completed. + (For servers, SSL_renegotiate() followed by SSL_do_handshake() + sends a HelloRequest, but does not ensure that a handshake takes + place. SSL_renegotiate_pending() is useful for checking if the + client has followed the request.) + [Bodo Moeller] + + *) New SSL option SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION. + By default, clients may request session resumption even during + renegotiation (if session ID contexts permit); with this option, + session resumption is possible only in the first handshake. + [Bodo Moeller] + + *) Add some demos for certificate and certificate request creation. + [Steve Henson] + + *) Make maximum certificate chain size accepted from the peer application + settable (SSL*_get/set_max_cert_list()), as proposed by + "Douglas E. Engert" . + [Lutz Jaenicke] + + *) Add support for shared libraries for Unixware-7 + (Boyd Lynn Gerber ). + [Lutz Jaenicke] + + *) Add a "destroy" handler to ENGINEs that allows structural cleanup to + be done prior to destruction. Use this to unload error strings from + ENGINEs that load their own error strings. NB: This adds two new API + functions to "get" and "set" this destroy handler in an ENGINE. + [Geoff Thorpe] + + *) Alter all existing ENGINE implementations (except "openssl" and + "openbsd") to dynamically instantiate their own error strings. This + makes them more flexible to be built both as statically-linked ENGINEs + and self-contained shared-libraries loadable via the "dynamic" ENGINE. + Also, add stub code to each that makes building them as self-contained + shared-libraries easier (see README.ENGINE). + [Geoff Thorpe] + + *) Add a "dynamic" ENGINE that provides a mechanism for binding ENGINE + implementations into applications that are completely implemented in + self-contained shared-libraries. The "dynamic" ENGINE exposes control + commands that can be used to configure what shared-library to load and + to control aspects of the way it is handled. Also, made an update to + the README.ENGINE file that brings its information up-to-date and + provides some information and instructions on the "dynamic" ENGINE + (ie. how to use it, how to build "dynamic"-loadable ENGINEs, etc). + [Geoff Thorpe] + + *) Make it possible to unload ranges of ERR strings with a new + "ERR_unload_strings" function. + [Geoff Thorpe] + + *) Add a copy() function to EVP_MD. + [Ben Laurie] + + *) Make EVP_MD routines take a context pointer instead of just the + md_data void pointer. + [Ben Laurie] + + *) Add flags to EVP_MD and EVP_MD_CTX. EVP_MD_FLAG_ONESHOT indicates + that the digest can only process a single chunk of data + (typically because it is provided by a piece of + hardware). EVP_MD_CTX_FLAG_ONESHOT indicates that the application + is only going to provide a single chunk of data, and hence the + framework needn't accumulate the data for oneshot drivers. + [Ben Laurie] + + *) As with "ERR", make it possible to replace the underlying "ex_data" + functions. This change also alters the storage and management of global + ex_data state - it's now all inside ex_data.c and all "class" code (eg. + RSA, BIO, SSL_CTX, etc) no longer stores its own STACKS and per-class + index counters. The API functions that use this state have been changed + to take a "class_index" rather than pointers to the class's local STACK + and counter, and there is now an API function to dynamically create new + classes. This centralisation allows us to (a) plug a lot of the + thread-safety problems that existed, and (b) makes it possible to clean + up all allocated state using "CRYPTO_cleanup_all_ex_data()". W.r.t. (b) + such data would previously have always leaked in application code and + workarounds were in place to make the memory debugging turn a blind eye + to it. Application code that doesn't use this new function will still + leak as before, but their memory debugging output will announce it now + rather than letting it slide. + + Besides the addition of CRYPTO_cleanup_all_ex_data(), another API change + induced by the "ex_data" overhaul is that X509_STORE_CTX_init() now + has a return value to indicate success or failure. + [Geoff Thorpe] + + *) Make it possible to replace the underlying "ERR" functions such that the + global state (2 LHASH tables and 2 locks) is only used by the "default" + implementation. This change also adds two functions to "get" and "set" + the implementation prior to it being automatically set the first time + any other ERR function takes place. Ie. an application can call "get", + pass the return value to a module it has just loaded, and that module + can call its own "set" function using that value. This means the + module's "ERR" operations will use (and modify) the error state in the + application and not in its own statically linked copy of OpenSSL code. + [Geoff Thorpe] + + *) Give DH, DSA, and RSA types their own "**_up_ref()" function to increment + reference counts. This performs normal REF_PRINT/REF_CHECK macros on + the operation, and provides a more encapsulated way for external code + (crypto/evp/ and ssl/) to do this. Also changed the evp and ssl code + to use these functions rather than manually incrementing the counts. + + Also rename "DSO_up()" function to more descriptive "DSO_up_ref()". + [Geoff Thorpe] + + *) Add EVP test program. + [Ben Laurie] + + *) Add symmetric cipher support to ENGINE. Expect the API to change! + [Ben Laurie] + + *) New CRL functions: X509_CRL_set_version(), X509_CRL_set_issuer_name() + X509_CRL_set_lastUpdate(), X509_CRL_set_nextUpdate(), X509_CRL_sort(), + X509_REVOKED_set_serialNumber(), and X509_REVOKED_set_revocationDate(). + These allow a CRL to be built without having to access X509_CRL fields + directly. Modify 'ca' application to use new functions. + [Steve Henson] + + *) Move SSL_OP_TLS_ROLLBACK_BUG out of the SSL_OP_ALL list of recommended + bug workarounds. Rollback attack detection is a security feature. + The problem will only arise on OpenSSL servers when TLSv1 is not + available (sslv3_server_method() or SSL_OP_NO_TLSv1). + Software authors not wanting to support TLSv1 will have special reasons + for their choice and can explicitly enable this option. + [Bodo Moeller, Lutz Jaenicke] + + *) Rationalise EVP so it can be extended: don't include a union of + cipher/digest structures, add init/cleanup functions. This also reduces + the number of header dependencies. + Usage example: + + EVP_MD_CTX md; + + EVP_MD_CTX_init(&md); /* new function call */ + EVP_DigestInit(&md, EVP_sha1()); + EVP_DigestUpdate(&md, in, len); + EVP_DigestFinal(&md, out, NULL); + EVP_MD_CTX_cleanup(&md); /* new function call */ + + [Ben Laurie] + + *) Make DES key schedule conform to the usual scheme, as well as + correcting its structure. This means that calls to DES functions + now have to pass a pointer to a des_key_schedule instead of a + plain des_key_schedule (which was actually always a pointer + anyway): E.g., + + des_key_schedule ks; + + des_set_key_checked(..., &ks); + des_ncbc_encrypt(..., &ks, ...); + + (Note that a later change renames 'des_...' into 'DES_...'.) + [Ben Laurie] + + *) Initial reduction of linker bloat: the use of some functions, such as + PEM causes large amounts of unused functions to be linked in due to + poor organisation. For example pem_all.c contains every PEM function + which has a knock on effect of linking in large amounts of (unused) + ASN1 code. Grouping together similar functions and splitting unrelated + functions prevents this. + [Steve Henson] + + *) Cleanup of EVP macros. + [Ben Laurie] + + *) Change historical references to {NID,SN,LN}_des_ede and ede3 to add the + correct _ecb suffix. + [Ben Laurie] + + *) Add initial OCSP responder support to ocsp application. The + revocation information is handled using the text based index + use by the ca application. The responder can either handle + requests generated internally, supplied in files (for example + via a CGI script) or using an internal minimal server. + [Steve Henson] + + *) Add configuration choices to get zlib compression for TLS. + [Richard Levitte] + + *) Changes to Kerberos SSL for RFC 2712 compliance: + 1. Implemented real KerberosWrapper, instead of just using + KRB5 AP_REQ message. [Thanks to Simon Wilkinson ] + 2. Implemented optional authenticator field of KerberosWrapper. + + Added openssl-style ASN.1 macros for Kerberos ticket, ap_req, + and authenticator structs; see crypto/krb5/. + + Generalized Kerberos calls to support multiple Kerberos libraries. + [Vern Staats , + Jeffrey Altman + via Richard Levitte] + + *) Cause 'openssl speed' to use fully hard-coded DSA keys as it + already does with RSA. testdsa.h now has 'priv_key/pub_key' + values for each of the key sizes rather than having just + parameters (and 'speed' generating keys each time). + [Geoff Thorpe] + + *) Speed up EVP routines. + Before: +encrypt +type 8 bytes 64 bytes 256 bytes 1024 bytes 8192 bytes +des-cbc 4408.85k 5560.51k 5778.46k 5862.20k 5825.16k +des-cbc 4389.55k 5571.17k 5792.23k 5846.91k 5832.11k +des-cbc 4394.32k 5575.92k 5807.44k 5848.37k 5841.30k +decrypt +des-cbc 3482.66k 5069.49k 5496.39k 5614.16k 5639.28k +des-cbc 3480.74k 5068.76k 5510.34k 5609.87k 5635.52k +des-cbc 3483.72k 5067.62k 5504.60k 5708.01k 5724.80k + After: +encrypt +des-cbc 4660.16k 5650.19k 5807.19k 5827.13k 5783.32k +decrypt +des-cbc 3624.96k 5258.21k 5530.91k 5624.30k 5628.26k + [Ben Laurie] + + *) Added the OS2-EMX target. + ["Brian Havard" and Richard Levitte] + + *) Rewrite apps to use NCONF routines instead of the old CONF. New functions + to support NCONF routines in extension code. New function CONF_set_nconf() + to allow functions which take an NCONF to also handle the old LHASH + structure: this means that the old CONF compatible routines can be + retained (in particular wrt extensions) without having to duplicate the + code. New function X509V3_add_ext_nconf_sk to add extensions to a stack. + [Steve Henson] + + *) Enhance the general user interface with mechanisms for inner control + and with possibilities to have yes/no kind of prompts. + [Richard Levitte] + + *) Change all calls to low level digest routines in the library and + applications to use EVP. Add missing calls to HMAC_cleanup() and + don't assume HMAC_CTX can be copied using memcpy(). + [Verdon Walker , Steve Henson] + + *) Add the possibility to control engines through control names but with + arbitrary arguments instead of just a string. + Change the key loaders to take a UI_METHOD instead of a callback + function pointer. NOTE: this breaks binary compatibility with earlier + versions of OpenSSL [engine]. + Adapt the nCipher code for these new conditions and add a card insertion + callback. + [Richard Levitte] + + *) Enhance the general user interface with mechanisms to better support + dialog box interfaces, application-defined prompts, the possibility + to use defaults (for example default passwords from somewhere else) + and interrupts/cancellations. + [Richard Levitte] + + *) Tidy up PKCS#12 attribute handling. Add support for the CSP name + attribute in PKCS#12 files, add new -CSP option to pkcs12 utility. + [Steve Henson] + + *) Fix a memory leak in 'sk_dup()' in the case reallocation fails. (Also + tidy up some unnecessarily weird code in 'sk_new()'). + [Geoff, reported by Diego Tartara ] + + *) Change the key loading routines for ENGINEs to use the same kind + callback (pem_password_cb) as all other routines that need this + kind of callback. + [Richard Levitte] + + *) Increase ENTROPY_NEEDED to 32 bytes, as Rijndael can operate with + 256 bit (=32 byte) keys. Of course seeding with more entropy bytes + than this minimum value is recommended. + [Lutz Jaenicke] + + *) New random seeder for OpenVMS, using the system process statistics + that are easily reachable. + [Richard Levitte] + + *) Windows apparently can't transparently handle global + variables defined in DLLs. Initialisations such as: + + const ASN1_ITEM *it = &ASN1_INTEGER_it; + + wont compile. This is used by the any applications that need to + declare their own ASN1 modules. This was fixed by adding the option + EXPORT_VAR_AS_FN to all Win32 platforms, although this isn't strictly + needed for static libraries under Win32. + [Steve Henson] + + *) New functions X509_PURPOSE_set() and X509_TRUST_set() to handle + setting of purpose and trust fields. New X509_STORE trust and + purpose functions and tidy up setting in other SSL functions. + [Steve Henson] + + *) Add copies of X509_STORE_CTX fields and callbacks to X509_STORE + structure. These are inherited by X509_STORE_CTX when it is + initialised. This allows various defaults to be set in the + X509_STORE structure (such as flags for CRL checking and custom + purpose or trust settings) for functions which only use X509_STORE_CTX + internally such as S/MIME. + + Modify X509_STORE_CTX_purpose_inherit() so it only sets purposes and + trust settings if they are not set in X509_STORE. This allows X509_STORE + purposes and trust (in S/MIME for example) to override any set by default. + + Add command line options for CRL checking to smime, s_client and s_server + applications. + [Steve Henson] + + *) Initial CRL based revocation checking. If the CRL checking flag(s) + are set then the CRL is looked up in the X509_STORE structure and + its validity and signature checked, then if the certificate is found + in the CRL the verify fails with a revoked error. + + Various new CRL related callbacks added to X509_STORE_CTX structure. + + Command line options added to 'verify' application to support this. + + This needs some additional work, such as being able to handle multiple + CRLs with different times, extension based lookup (rather than just + by subject name) and ultimately more complete V2 CRL extension + handling. + [Steve Henson] + + *) Add a general user interface API (crypto/ui/). This is designed + to replace things like des_read_password and friends (backward + compatibility functions using this new API are provided). + The purpose is to remove prompting functions from the DES code + section as well as provide for prompting through dialog boxes in + a window system and the like. + [Richard Levitte] + + *) Add "ex_data" support to ENGINE so implementations can add state at a + per-structure level rather than having to store it globally. + [Geoff] + + *) Make it possible for ENGINE structures to be copied when retrieved by + ENGINE_by_id() if the ENGINE specifies a new flag: ENGINE_FLAGS_BY_ID_COPY. + This causes the "original" ENGINE structure to act like a template, + analogous to the RSA vs. RSA_METHOD type of separation. Because of this + operational state can be localised to each ENGINE structure, despite the + fact they all share the same "methods". New ENGINE structures returned in + this case have no functional references and the return value is the single + structural reference. This matches the single structural reference returned + by ENGINE_by_id() normally, when it is incremented on the pre-existing + ENGINE structure. + [Geoff] + + *) Fix ASN1 decoder when decoding type ANY and V_ASN1_OTHER: since this + needs to match any other type at all we need to manually clear the + tag cache. + [Steve Henson] + + *) Changes to the "openssl engine" utility to include; + - verbosity levels ('-v', '-vv', and '-vvv') that provide information + about an ENGINE's available control commands. + - executing control commands from command line arguments using the + '-pre' and '-post' switches. '-post' is only used if '-t' is + specified and the ENGINE is successfully initialised. The syntax for + the individual commands are colon-separated, for example; + openssl engine chil -pre FORK_CHECK:0 -pre SO_PATH:/lib/test.so + [Geoff] + + *) New dynamic control command support for ENGINEs. ENGINEs can now + declare their own commands (numbers), names (strings), descriptions, + and input types for run-time discovery by calling applications. A + subset of these commands are implicitly classed as "executable" + depending on their input type, and only these can be invoked through + the new string-based API function ENGINE_ctrl_cmd_string(). (Eg. this + can be based on user input, config files, etc). The distinction is + that "executable" commands cannot return anything other than a boolean + result and can only support numeric or string input, whereas some + discoverable commands may only be for direct use through + ENGINE_ctrl(), eg. supporting the exchange of binary data, function + pointers, or other custom uses. The "executable" commands are to + support parameterisations of ENGINE behaviour that can be + unambiguously defined by ENGINEs and used consistently across any + OpenSSL-based application. Commands have been added to all the + existing hardware-supporting ENGINEs, noticeably "SO_PATH" to allow + control over shared-library paths without source code alterations. + [Geoff] + + *) Changed all ENGINE implementations to dynamically allocate their + ENGINEs rather than declaring them statically. Apart from this being + necessary with the removal of the ENGINE_FLAGS_MALLOCED distinction, + this also allows the implementations to compile without using the + internal engine_int.h header. + [Geoff] + + *) Minor adjustment to "rand" code. RAND_get_rand_method() now returns a + 'const' value. Any code that should be able to modify a RAND_METHOD + should already have non-const pointers to it (ie. they should only + modify their own ones). + [Geoff] + + *) Made a variety of little tweaks to the ENGINE code. + - "atalla" and "ubsec" string definitions were moved from header files + to C code. "nuron" string definitions were placed in variables + rather than hard-coded - allowing parameterisation of these values + later on via ctrl() commands. + - Removed unused "#if 0"'d code. + - Fixed engine list iteration code so it uses ENGINE_free() to release + structural references. + - Constified the RAND_METHOD element of ENGINE structures. + - Constified various get/set functions as appropriate and added + missing functions (including a catch-all ENGINE_cpy that duplicates + all ENGINE values onto a new ENGINE except reference counts/state). + - Removed NULL parameter checks in get/set functions. Setting a method + or function to NULL is a way of cancelling out a previously set + value. Passing a NULL ENGINE parameter is just plain stupid anyway + and doesn't justify the extra error symbols and code. + - Deprecate the ENGINE_FLAGS_MALLOCED define and move the area for + flags from engine_int.h to engine.h. + - Changed prototypes for ENGINE handler functions (init(), finish(), + ctrl(), key-load functions, etc) to take an (ENGINE*) parameter. + [Geoff] + + *) Implement binary inversion algorithm for BN_mod_inverse in addition + to the algorithm using long division. The binary algorithm can be + used only if the modulus is odd. On 32-bit systems, it is faster + only for relatively small moduli (roughly 20-30% for 128-bit moduli, + roughly 5-15% for 256-bit moduli), so we use it only for moduli + up to 450 bits. In 64-bit environments, the binary algorithm + appears to be advantageous for much longer moduli; here we use it + for moduli up to 2048 bits. + [Bodo Moeller] + + *) Rewrite CHOICE field setting in ASN1_item_ex_d2i(). The old code + could not support the combine flag in choice fields. + [Steve Henson] + + *) Add a 'copy_extensions' option to the 'ca' utility. This copies + extensions from a certificate request to the certificate. + [Steve Henson] + + *) Allow multiple 'certopt' and 'nameopt' options to be separated + by commas. Add 'namopt' and 'certopt' options to the 'ca' config + file: this allows the display of the certificate about to be + signed to be customised, to allow certain fields to be included + or excluded and extension details. The old system didn't display + multicharacter strings properly, omitted fields not in the policy + and couldn't display additional details such as extensions. + [Steve Henson] + + *) Function EC_POINTs_mul for multiple scalar multiplication + of an arbitrary number of elliptic curve points + \sum scalars[i]*points[i], + optionally including the generator defined for the EC_GROUP: + scalar*generator + \sum scalars[i]*points[i]. + + EC_POINT_mul is a simple wrapper function for the typical case + that the point list has just one item (besides the optional + generator). + [Bodo Moeller] + + *) First EC_METHODs for curves over GF(p): + + EC_GFp_simple_method() uses the basic BN_mod_mul and BN_mod_sqr + operations and provides various method functions that can also + operate with faster implementations of modular arithmetic. + + EC_GFp_mont_method() reuses most functions that are part of + EC_GFp_simple_method, but uses Montgomery arithmetic. + + [Bodo Moeller; point addition and point doubling + implementation directly derived from source code provided by + Lenka Fibikova ] + + *) Framework for elliptic curves (crypto/ec/ec.h, crypto/ec/ec_lcl.h, + crypto/ec/ec_lib.c): + + Curves are EC_GROUP objects (with an optional group generator) + based on EC_METHODs that are built into the library. + + Points are EC_POINT objects based on EC_GROUP objects. + + Most of the framework would be able to handle curves over arbitrary + finite fields, but as there are no obvious types for fields other + than GF(p), some functions are limited to that for now. + [Bodo Moeller] + + *) Add the -HTTP option to s_server. It is similar to -WWW, but requires + that the file contains a complete HTTP response. + [Richard Levitte] + + *) Add the ec directory to mkdef.pl and mkfiles.pl. In mkdef.pl + change the def and num file printf format specifier from "%-40sXXX" + to "%-39s XXX". The latter will always guarantee a space after the + field while the former will cause them to run together if the field + is 40 of more characters long. + [Steve Henson] + + *) Constify the cipher and digest 'method' functions and structures + and modify related functions to take constant EVP_MD and EVP_CIPHER + pointers. + [Steve Henson] + + *) Hide BN_CTX structure details in bn_lcl.h instead of publishing them + in . Also further increase BN_CTX_NUM to 32. + [Bodo Moeller] + + *) Modify EVP_Digest*() routines so they now return values. Although the + internal software routines can never fail additional hardware versions + might. + [Steve Henson] + + *) Clean up crypto/err/err.h and change some error codes to avoid conflicts: + + Previously ERR_R_FATAL was too small and coincided with ERR_LIB_PKCS7 + (= ERR_R_PKCS7_LIB); it is now 64 instead of 32. + + ASN1 error codes + ERR_R_NESTED_ASN1_ERROR + ... + ERR_R_MISSING_ASN1_EOS + were 4 .. 9, conflicting with + ERR_LIB_RSA (= ERR_R_RSA_LIB) + ... + ERR_LIB_PEM (= ERR_R_PEM_LIB). + They are now 58 .. 63 (i.e., just below ERR_R_FATAL). + + Add new error code 'ERR_R_INTERNAL_ERROR'. + [Bodo Moeller] + + *) Don't overuse locks in crypto/err/err.c: For data retrieval, CRYPTO_r_lock + suffices. + [Bodo Moeller] + + *) New option '-subj arg' for 'openssl req' and 'openssl ca'. This + sets the subject name for a new request or supersedes the + subject name in a given request. Formats that can be parsed are + 'CN=Some Name, OU=myOU, C=IT' + and + 'CN=Some Name/OU=myOU/C=IT'. + + Add options '-batch' and '-verbose' to 'openssl req'. + [Massimiliano Pala ] + + *) Introduce the possibility to access global variables through + functions on platform were that's the best way to handle exporting + global variables in shared libraries. To enable this functionality, + one must configure with "EXPORT_VAR_AS_FN" or defined the C macro + "OPENSSL_EXPORT_VAR_AS_FUNCTION" in crypto/opensslconf.h (the latter + is normally done by Configure or something similar). + + To implement a global variable, use the macro OPENSSL_IMPLEMENT_GLOBAL + in the source file (foo.c) like this: + + OPENSSL_IMPLEMENT_GLOBAL(int,foo)=1; + OPENSSL_IMPLEMENT_GLOBAL(double,bar); + + To declare a global variable, use the macros OPENSSL_DECLARE_GLOBAL + and OPENSSL_GLOBAL_REF in the header file (foo.h) like this: + + OPENSSL_DECLARE_GLOBAL(int,foo); + #define foo OPENSSL_GLOBAL_REF(foo) + OPENSSL_DECLARE_GLOBAL(double,bar); + #define bar OPENSSL_GLOBAL_REF(bar) + + The #defines are very important, and therefore so is including the + header file everywhere where the defined globals are used. + + The macro OPENSSL_EXPORT_VAR_AS_FUNCTION also affects the definition + of ASN.1 items, but that structure is a bit different. + + The largest change is in util/mkdef.pl which has been enhanced with + better and easier to understand logic to choose which symbols should + go into the Windows .def files as well as a number of fixes and code + cleanup (among others, algorithm keywords are now sorted + lexicographically to avoid constant rewrites). + [Richard Levitte] + + *) In BN_div() keep a copy of the sign of 'num' before writing the + result to 'rm' because if rm==num the value will be overwritten + and produce the wrong result if 'num' is negative: this caused + problems with BN_mod() and BN_nnmod(). + [Steve Henson] + + *) Function OCSP_request_verify(). This checks the signature on an + OCSP request and verifies the signer certificate. The signer + certificate is just checked for a generic purpose and OCSP request + trust settings. + [Steve Henson] + + *) Add OCSP_check_validity() function to check the validity of OCSP + responses. OCSP responses are prepared in real time and may only + be a few seconds old. Simply checking that the current time lies + between thisUpdate and nextUpdate max reject otherwise valid responses + caused by either OCSP responder or client clock inaccuracy. Instead + we allow thisUpdate and nextUpdate to fall within a certain period of + the current time. The age of the response can also optionally be + checked. Two new options -validity_period and -status_age added to + ocsp utility. + [Steve Henson] + + *) If signature or public key algorithm is unrecognized print out its + OID rather that just UNKNOWN. + [Steve Henson] + + *) Change OCSP_cert_to_id() to tolerate a NULL subject certificate and + OCSP_cert_id_new() a NULL serialNumber. This allows a partial certificate + ID to be generated from the issuer certificate alone which can then be + passed to OCSP_id_issuer_cmp(). + [Steve Henson] + + *) New compilation option ASN1_ITEM_FUNCTIONS. This causes the new + ASN1 modules to export functions returning ASN1_ITEM pointers + instead of the ASN1_ITEM structures themselves. This adds several + new macros which allow the underlying ASN1 function/structure to + be accessed transparently. As a result code should not use ASN1_ITEM + references directly (such as &X509_it) but instead use the relevant + macros (such as ASN1_ITEM_rptr(X509)). This option is to allow + use of the new ASN1 code on platforms where exporting structures + is problematical (for example in shared libraries) but exporting + functions returning pointers to structures is not. + [Steve Henson] + + *) Add support for overriding the generation of SSL/TLS session IDs. + These callbacks can be registered either in an SSL_CTX or per SSL. + The purpose of this is to allow applications to control, if they wish, + the arbitrary values chosen for use as session IDs, particularly as it + can be useful for session caching in multiple-server environments. A + command-line switch for testing this (and any client code that wishes + to use such a feature) has been added to "s_server". + [Geoff Thorpe, Lutz Jaenicke] + + *) Modify mkdef.pl to recognise and parse preprocessor conditionals + of the form '#if defined(...) || defined(...) || ...' and + '#if !defined(...) && !defined(...) && ...'. This also avoids + the growing number of special cases it was previously handling. + [Richard Levitte] + + *) Make all configuration macros available for application by making + sure they are available in opensslconf.h, by giving them names starting + with "OPENSSL_" to avoid conflicts with other packages and by making + sure e_os2.h will cover all platform-specific cases together with + opensslconf.h. + Additionally, it is now possible to define configuration/platform- + specific names (called "system identities"). In the C code, these + are prefixed with "OPENSSL_SYSNAME_". e_os2.h will create another + macro with the name beginning with "OPENSSL_SYS_", which is determined + from "OPENSSL_SYSNAME_*" or compiler-specific macros depending on + what is available. + [Richard Levitte] + + *) New option -set_serial to 'req' and 'x509' this allows the serial + number to use to be specified on the command line. Previously self + signed certificates were hard coded with serial number 0 and the + CA options of 'x509' had to use a serial number in a file which was + auto incremented. + [Steve Henson] + + *) New options to 'ca' utility to support V2 CRL entry extensions. + Currently CRL reason, invalidity date and hold instruction are + supported. Add new CRL extensions to V3 code and some new objects. + [Steve Henson] + + *) New function EVP_CIPHER_CTX_set_padding() this is used to + disable standard block padding (aka PKCS#5 padding) in the EVP + API, which was previously mandatory. This means that the data is + not padded in any way and so the total length much be a multiple + of the block size, otherwise an error occurs. + [Steve Henson] + + *) Initial (incomplete) OCSP SSL support. + [Steve Henson] + + *) New function OCSP_parse_url(). This splits up a URL into its host, + port and path components: primarily to parse OCSP URLs. New -url + option to ocsp utility. + [Steve Henson] + + *) New nonce behavior. The return value of OCSP_check_nonce() now + reflects the various checks performed. Applications can decide + whether to tolerate certain situations such as an absent nonce + in a response when one was present in a request: the ocsp application + just prints out a warning. New function OCSP_add1_basic_nonce() + this is to allow responders to include a nonce in a response even if + the request is nonce-less. + [Steve Henson] + + *) Disable stdin buffering in load_cert (apps/apps.c) so that no certs are + skipped when using openssl x509 multiple times on a single input file, + e.g. "(openssl x509 -out cert1; openssl x509 -out cert2) ] + + *) New OCSP verify flag OCSP_TRUSTOTHER. When set the "other" certificates + passed by the function are trusted implicitly. If any of them signed the + response then it is assumed to be valid and is not verified. + [Steve Henson] + + *) In PKCS7_set_type() initialise content_type in PKCS7_ENC_CONTENT + to data. This was previously part of the PKCS7 ASN1 code. This + was causing problems with OpenSSL created PKCS#12 and PKCS#7 structures. + [Steve Henson, reported by Kenneth R. Robinette + ] + + *) Add CRYPTO_push_info() and CRYPTO_pop_info() calls to new ASN1 + routines: without these tracing memory leaks is very painful. + Fix leaks in PKCS12 and PKCS7 routines. + [Steve Henson] + + *) Make X509_time_adj() cope with the new behaviour of ASN1_TIME_new(). + Previously it initialised the 'type' argument to V_ASN1_UTCTIME which + effectively meant GeneralizedTime would never be used. Now it + is initialised to -1 but X509_time_adj() now has to check the value + and use ASN1_TIME_set() if the value is not V_ASN1_UTCTIME or + V_ASN1_GENERALIZEDTIME, without this it always uses GeneralizedTime. + [Steve Henson, reported by Kenneth R. Robinette + ] + + *) Fixes to BN_to_ASN1_INTEGER when bn is zero. This would previously + result in a zero length in the ASN1_INTEGER structure which was + not consistent with the structure when d2i_ASN1_INTEGER() was used + and would cause ASN1_INTEGER_cmp() to fail. Enhance s2i_ASN1_INTEGER() + to cope with hex and negative integers. Fix bug in i2a_ASN1_INTEGER() + where it did not print out a minus for negative ASN1_INTEGER. + [Steve Henson] + + *) Add summary printout to ocsp utility. The various functions which + convert status values to strings have been renamed to: + OCSP_response_status_str(), OCSP_cert_status_str() and + OCSP_crl_reason_str() and are no longer static. New options + to verify nonce values and to disable verification. OCSP response + printout format cleaned up. + [Steve Henson] + + *) Add additional OCSP certificate checks. These are those specified + in RFC2560. This consists of two separate checks: the CA of the + certificate being checked must either be the OCSP signer certificate + or the issuer of the OCSP signer certificate. In the latter case the + OCSP signer certificate must contain the OCSP signing extended key + usage. This check is performed by attempting to match the OCSP + signer or the OCSP signer CA to the issuerNameHash and issuerKeyHash + in the OCSP_CERTID structures of the response. + [Steve Henson] + + *) Initial OCSP certificate verification added to OCSP_basic_verify() + and related routines. This uses the standard OpenSSL certificate + verify routines to perform initial checks (just CA validity) and + to obtain the certificate chain. Then additional checks will be + performed on the chain. Currently the root CA is checked to see + if it is explicitly trusted for OCSP signing. This is used to set + a root CA as a global signing root: that is any certificate that + chains to that CA is an acceptable OCSP signing certificate. + [Steve Henson] + + *) New '-extfile ...' option to 'openssl ca' for reading X.509v3 + extensions from a separate configuration file. + As when reading extensions from the main configuration file, + the '-extensions ...' option may be used for specifying the + section to use. + [Massimiliano Pala ] + + *) New OCSP utility. Allows OCSP requests to be generated or + read. The request can be sent to a responder and the output + parsed, outputed or printed in text form. Not complete yet: + still needs to check the OCSP response validity. + [Steve Henson] + + *) New subcommands for 'openssl ca': + 'openssl ca -status ' prints the status of the cert with + the given serial number (according to the index file). + 'openssl ca -updatedb' updates the expiry status of certificates + in the index file. + [Massimiliano Pala ] + + *) New '-newreq-nodes' command option to CA.pl. This is like + '-newreq', but calls 'openssl req' with the '-nodes' option + so that the resulting key is not encrypted. + [Damien Miller ] + + *) New configuration for the GNU Hurd. + [Jonathan Bartlett via Richard Levitte] + + *) Initial code to implement OCSP basic response verify. This + is currently incomplete. Currently just finds the signer's + certificate and verifies the signature on the response. + [Steve Henson] + + *) New SSLeay_version code SSLEAY_DIR to determine the compiled-in + value of OPENSSLDIR. This is available via the new '-d' option + to 'openssl version', and is also included in 'openssl version -a'. + [Bodo Moeller] + + *) Allowing defining memory allocation callbacks that will be given + file name and line number information in additional arguments + (a const char* and an int). The basic functionality remains, as + well as the original possibility to just replace malloc(), + realloc() and free() by functions that do not know about these + additional arguments. To register and find out the current + settings for extended allocation functions, the following + functions are provided: + + CRYPTO_set_mem_ex_functions + CRYPTO_set_locked_mem_ex_functions + CRYPTO_get_mem_ex_functions + CRYPTO_get_locked_mem_ex_functions + + These work the same way as CRYPTO_set_mem_functions and friends. + CRYPTO_get_[locked_]mem_functions now writes 0 where such an + extended allocation function is enabled. + Similarly, CRYPTO_get_[locked_]mem_ex_functions writes 0 where + a conventional allocation function is enabled. + [Richard Levitte, Bodo Moeller] + + *) Finish off removing the remaining LHASH function pointer casts. + There should no longer be any prototype-casting required when using + the LHASH abstraction, and any casts that remain are "bugs". See + the callback types and macros at the head of lhash.h for details + (and "OBJ_cleanup" in crypto/objects/obj_dat.c as an example). + [Geoff Thorpe] + + *) Add automatic query of EGD sockets in RAND_poll() for the unix variant. + If /dev/[u]random devices are not available or do not return enough + entropy, EGD style sockets (served by EGD or PRNGD) will automatically + be queried. + The locations /var/run/egd-pool, /dev/egd-pool, /etc/egd-pool, and + /etc/entropy will be queried once each in this sequence, quering stops + when enough entropy was collected without querying more sockets. + [Lutz Jaenicke] + + *) Change the Unix RAND_poll() variant to be able to poll several + random devices, as specified by DEVRANDOM, until a sufficient amount + of data has been collected. We spend at most 10 ms on each file + (select timeout) and read in non-blocking mode. DEVRANDOM now + defaults to the list "/dev/urandom", "/dev/random", "/dev/srandom" + (previously it was just the string "/dev/urandom"), so on typical + platforms the 10 ms delay will never occur. + Also separate out the Unix variant to its own file, rand_unix.c. + For VMS, there's a currently-empty rand_vms.c. + [Richard Levitte] + + *) Move OCSP client related routines to ocsp_cl.c. These + provide utility functions which an application needing + to issue a request to an OCSP responder and analyse the + response will typically need: as opposed to those which an + OCSP responder itself would need which will be added later. + + OCSP_request_sign() signs an OCSP request with an API similar + to PKCS7_sign(). OCSP_response_status() returns status of OCSP + response. OCSP_response_get1_basic() extracts basic response + from response. OCSP_resp_find_status(): finds and extracts status + information from an OCSP_CERTID structure (which will be created + when the request structure is built). These are built from lower + level functions which work on OCSP_SINGLERESP structures but + wont normally be used unless the application wishes to examine + extensions in the OCSP response for example. + + Replace nonce routines with a pair of functions. + OCSP_request_add1_nonce() adds a nonce value and optionally + generates a random value. OCSP_check_nonce() checks the + validity of the nonce in an OCSP response. + [Steve Henson] + + *) Change function OCSP_request_add() to OCSP_request_add0_id(). + This doesn't copy the supplied OCSP_CERTID and avoids the + need to free up the newly created id. Change return type + to OCSP_ONEREQ to return the internal OCSP_ONEREQ structure. + This can then be used to add extensions to the request. + Deleted OCSP_request_new(), since most of its functionality + is now in OCSP_REQUEST_new() (and the case insensitive name + clash) apart from the ability to set the request name which + will be added elsewhere. + [Steve Henson] + + *) Update OCSP API. Remove obsolete extensions argument from + various functions. Extensions are now handled using the new + OCSP extension code. New simple OCSP HTTP function which + can be used to send requests and parse the response. + [Steve Henson] + + *) Fix the PKCS#7 (S/MIME) code to work with new ASN1. Two new + ASN1_ITEM structures help with sign and verify. PKCS7_ATTR_SIGN + uses the special reorder version of SET OF to sort the attributes + and reorder them to match the encoded order. This resolves a long + standing problem: a verify on a PKCS7 structure just after signing + it used to fail because the attribute order did not match the + encoded order. PKCS7_ATTR_VERIFY does not reorder the attributes: + it uses the received order. This is necessary to tolerate some broken + software that does not order SET OF. This is handled by encoding + as a SEQUENCE OF but using implicit tagging (with UNIVERSAL class) + to produce the required SET OF. + [Steve Henson] + + *) Have mk1mf.pl generate the macros OPENSSL_BUILD_SHLIBCRYPTO and + OPENSSL_BUILD_SHLIBSSL and use them appropriately in the header + files to get correct declarations of the ASN.1 item variables. + [Richard Levitte] + + *) Rewrite of PKCS#12 code to use new ASN1 functionality. Replace many + PKCS#12 macros with real functions. Fix two unrelated ASN1 bugs: + asn1_check_tlen() would sometimes attempt to use 'ctx' when it was + NULL and ASN1_TYPE was not dereferenced properly in asn1_ex_c2i(). + New ASN1 macro: DECLARE_ASN1_ITEM() which just declares the relevant + ASN1_ITEM and no wrapper functions. + [Steve Henson] + + *) New functions or ASN1_item_d2i_fp() and ASN1_item_d2i_bio(). These + replace the old function pointer based I/O routines. Change most of + the *_d2i_bio() and *_d2i_fp() functions to use these. + [Steve Henson] + + *) Enhance mkdef.pl to be more accepting about spacing in C preprocessor + lines, recognice more "algorithms" that can be deselected, and make + it complain about algorithm deselection that isn't recognised. + [Richard Levitte] + + *) New ASN1 functions to handle dup, sign, verify, digest, pack and + unpack operations in terms of ASN1_ITEM. Modify existing wrappers + to use new functions. Add NO_ASN1_OLD which can be set to remove + some old style ASN1 functions: this can be used to determine if old + code will still work when these eventually go away. + [Steve Henson] + + *) New extension functions for OCSP structures, these follow the + same conventions as certificates and CRLs. + [Steve Henson] + + *) New function X509V3_add1_i2d(). This automatically encodes and + adds an extension. Its behaviour can be customised with various + flags to append, replace or delete. Various wrappers added for + certifcates and CRLs. + [Steve Henson] + + *) Fix to avoid calling the underlying ASN1 print routine when + an extension cannot be parsed. Correct a typo in the + OCSP_SERVICELOC extension. Tidy up print OCSP format. + [Steve Henson] + + *) Make mkdef.pl parse some of the ASN1 macros and add apropriate + entries for variables. + [Steve Henson] + + *) Add functionality to apps/openssl.c for detecting locking + problems: As the program is single-threaded, all we have + to do is register a locking callback using an array for + storing which locks are currently held by the program. + [Bodo Moeller] + + *) Use a lock around the call to CRYPTO_get_ex_new_index() in + SSL_get_ex_data_X509_STORE_idx(), which is used in + ssl_verify_cert_chain() and thus can be called at any time + during TLS/SSL handshakes so that thread-safety is essential. + Unfortunately, the ex_data design is not at all suited + for multi-threaded use, so it probably should be abolished. + [Bodo Moeller] + + *) Added Broadcom "ubsec" ENGINE to OpenSSL. + [Broadcom, tweaked and integrated by Geoff Thorpe] + + *) Move common extension printing code to new function + X509V3_print_extensions(). Reorganise OCSP print routines and + implement some needed OCSP ASN1 functions. Add OCSP extensions. + [Steve Henson] + + *) New function X509_signature_print() to remove duplication in some + print routines. + [Steve Henson] + + *) Add a special meaning when SET OF and SEQUENCE OF flags are both + set (this was treated exactly the same as SET OF previously). This + is used to reorder the STACK representing the structure to match the + encoding. This will be used to get round a problem where a PKCS7 + structure which was signed could not be verified because the STACK + order did not reflect the encoded order. + [Steve Henson] + + *) Reimplement the OCSP ASN1 module using the new code. + [Steve Henson] + + *) Update the X509V3 code to permit the use of an ASN1_ITEM structure + for its ASN1 operations. The old style function pointers still exist + for now but they will eventually go away. + [Steve Henson] + + *) Merge in replacement ASN1 code from the ASN1 branch. This almost + completely replaces the old ASN1 functionality with a table driven + encoder and decoder which interprets an ASN1_ITEM structure describing + the ASN1 module. Compatibility with the existing ASN1 API (i2d,d2i) is + largely maintained. Almost all of the old asn1_mac.h macro based ASN1 + has also been converted to the new form. + [Steve Henson] + + *) Change BN_mod_exp_recp so that negative moduli are tolerated + (the sign is ignored). Similarly, ignore the sign in BN_MONT_CTX_set + so that BN_mod_exp_mont and BN_mod_exp_mont_word work + for negative moduli. + [Bodo Moeller] + + *) Fix BN_uadd and BN_usub: Always return non-negative results instead + of not touching the result's sign bit. + [Bodo Moeller] + + *) BN_div bugfix: If the result is 0, the sign (res->neg) must not be + set. + [Bodo Moeller] + + *) Changed the LHASH code to use prototypes for callbacks, and created + macros to declare and implement thin (optionally static) functions + that provide type-safety and avoid function pointer casting for the + type-specific callbacks. + [Geoff Thorpe] + + *) Added Kerberos Cipher Suites to be used with TLS, as written in + RFC 2712. + [Veers Staats , + Jeffrey Altman , via Richard Levitte] + + *) Reformat the FAQ so the different questions and answers can be divided + in sections depending on the subject. + [Richard Levitte] + + *) Have the zlib compression code load ZLIB.DLL dynamically under + Windows. + [Richard Levitte] + + *) New function BN_mod_sqrt for computing square roots modulo a prime + (using the probabilistic Tonelli-Shanks algorithm unless + p == 3 (mod 4) or p == 5 (mod 8), which are cases that can + be handled deterministically). + [Lenka Fibikova , Bodo Moeller] + + *) Make BN_mod_inverse faster by explicitly handling small quotients + in the Euclid loop. (Speed gain about 20% for small moduli [256 or + 512 bits], about 30% for larger ones [1024 or 2048 bits].) + [Bodo Moeller] + + *) New function BN_kronecker. + [Bodo Moeller] + + *) Fix BN_gcd so that it works on negative inputs; the result is + positive unless both parameters are zero. + Previously something reasonably close to an infinite loop was + possible because numbers could be growing instead of shrinking + in the implementation of Euclid's algorithm. + [Bodo Moeller] + + *) Fix BN_is_word() and BN_is_one() macros to take into account the + sign of the number in question. + + Fix BN_is_word(a,w) to work correctly for w == 0. + + The old BN_is_word(a,w) macro is now called BN_abs_is_word(a,w) + because its test if the absolute value of 'a' equals 'w'. + Note that BN_abs_is_word does *not* handle w == 0 reliably; + it exists mostly for use in the implementations of BN_is_zero(), + BN_is_one(), and BN_is_word(). + [Bodo Moeller] + + *) New function BN_swap. + [Bodo Moeller] + + *) Use BN_nnmod instead of BN_mod in crypto/bn/bn_exp.c so that + the exponentiation functions are more likely to produce reasonable + results on negative inputs. + [Bodo Moeller] + + *) Change BN_mod_mul so that the result is always non-negative. + Previously, it could be negative if one of the factors was negative; + I don't think anyone really wanted that behaviour. + [Bodo Moeller] + + *) Move BN_mod_... functions into new file crypto/bn/bn_mod.c + (except for exponentiation, which stays in crypto/bn/bn_exp.c, + and BN_mod_mul_reciprocal, which stays in crypto/bn/bn_recp.c) + and add new functions: + + BN_nnmod + BN_mod_sqr + BN_mod_add + BN_mod_add_quick + BN_mod_sub + BN_mod_sub_quick + BN_mod_lshift1 + BN_mod_lshift1_quick + BN_mod_lshift + BN_mod_lshift_quick + + These functions always generate non-negative results. + + BN_nnmod otherwise is like BN_mod (if BN_mod computes a remainder r + such that |m| < r < 0, BN_nnmod will output rem + |m| instead). + + BN_mod_XXX_quick(r, a, [b,] m) generates the same result as + BN_mod_XXX(r, a, [b,] m, ctx), but requires that a [and b] + be reduced modulo m. + [Lenka Fibikova , Bodo Moeller] + + *) Remove a few calls to bn_wexpand() in BN_sqr() (the one in there + was actually never needed) and in BN_mul(). The removal in BN_mul() + required a small change in bn_mul_part_recursive() and the addition + of the functions bn_cmp_part_words(), bn_sub_part_words() and + bn_add_part_words(), which do the same thing as bn_cmp_words(), + bn_sub_words() and bn_add_words() except they take arrays with + differing sizes. + [Richard Levitte] + + *) In 'openssl passwd', verify passwords read from the terminal + unless the '-salt' option is used (which usually means that + verification would just waste user's time since the resulting + hash is going to be compared with some given password hash) + or the new '-noverify' option is used. + + This is an incompatible change, but it does not affect + non-interactive use of 'openssl passwd' (passwords on the command + line, '-stdin' option, '-in ...' option) and thus should not + cause any problems. + [Bodo Moeller] + + *) Remove all references to RSAref, since there's no more need for it. + [Richard Levitte] + + *) Make DSO load along a path given through an environment variable + (SHLIB_PATH) with shl_load(). + [Richard Levitte] + + *) Constify the ENGINE code as a result of BIGNUM constification. + Also constify the RSA code and most things related to it. In a + few places, most notable in the depth of the ASN.1 code, ugly + casts back to non-const were required (to be solved at a later + time) + [Richard Levitte] + + *) Make it so the openssl application has all engines loaded by default. + [Richard Levitte] + + *) Constify the BIGNUM routines a little more. + [Richard Levitte] + + *) Add the following functions: + + ENGINE_load_cswift() + ENGINE_load_chil() + ENGINE_load_atalla() + ENGINE_load_nuron() + ENGINE_load_builtin_engines() + + That way, an application can itself choose if external engines that + are built-in in OpenSSL shall ever be used or not. The benefit is + that applications won't have to be linked with libdl or other dso + libraries unless it's really needed. + + Changed 'openssl engine' to load all engines on demand. + Changed the engine header files to avoid the duplication of some + declarations (they differed!). + [Richard Levitte] + + *) 'openssl engine' can now list capabilities. + [Richard Levitte] + + *) Better error reporting in 'openssl engine'. + [Richard Levitte] + + *) Never call load_dh_param(NULL) in s_server. + [Bodo Moeller] + + *) Add engine application. It can currently list engines by name and + identity, and test if they are actually available. + [Richard Levitte] + + *) Improve RPM specification file by forcing symbolic linking and making + sure the installed documentation is also owned by root.root. + [Damien Miller ] + + *) Give the OpenSSL applications more possibilities to make use of + keys (public as well as private) handled by engines. + [Richard Levitte] + + *) Add OCSP code that comes from CertCo. + [Richard Levitte] + + *) Add VMS support for the Rijndael code. + [Richard Levitte] + + *) Added untested support for Nuron crypto accelerator. + [Ben Laurie] + + *) Add support for external cryptographic devices. This code was + previously distributed separately as the "engine" branch. + [Geoff Thorpe, Richard Levitte] + + *) Rework the filename-translation in the DSO code. It is now possible to + have far greater control over how a "name" is turned into a filename + depending on the operating environment and any oddities about the + different shared library filenames on each system. + [Geoff Thorpe] + + *) Support threads on FreeBSD-elf in Configure. + [Richard Levitte] + + *) Fix for SHA1 assembly problem with MASM: it produces + warnings about corrupt line number information when assembling + with debugging information. This is caused by the overlapping + of two sections. + [Bernd Matthes , Steve Henson] + + *) NCONF changes. + NCONF_get_number() has no error checking at all. As a replacement, + NCONF_get_number_e() is defined (_e for "error checking") and is + promoted strongly. The old NCONF_get_number is kept around for + binary backward compatibility. + Make it possible for methods to load from something other than a BIO, + by providing a function pointer that is given a name instead of a BIO. + For example, this could be used to load configuration data from an + LDAP server. + [Richard Levitte] + + *) Fix for non blocking accept BIOs. Added new I/O special reason + BIO_RR_ACCEPT to cover this case. Previously use of accept BIOs + with non blocking I/O was not possible because no retry code was + implemented. Also added new SSL code SSL_WANT_ACCEPT to cover + this case. + [Steve Henson] + + *) Added the beginnings of Rijndael support. + [Ben Laurie] + + *) Fix for bug in DirectoryString mask setting. Add support for + X509_NAME_print_ex() in 'req' and X509_print_ex() function + to allow certificate printing to more controllable, additional + 'certopt' option to 'x509' to allow new printing options to be + set. + [Steve Henson] + + *) Clean old EAY MD5 hack from e_os.h. + [Richard Levitte] + + Changes between 0.9.6d and 0.9.6e [XX xxx XXXX] + + *) Fix EVP_dsa_sha macro. + [Nils Larsch] + + Changes between 0.9.6c and 0.9.6d [9 May 2002] + + *) Fix crypto/asn1/a_sign.c so that 'parameters' is omitted (not + encoded as NULL) with id-dsa-with-sha1. + [Nils Larsch ; problem pointed out by Bodo Moeller] + + *) Check various X509_...() return values in apps/req.c. + [Nils Larsch ] + + *) Fix BASE64 decode (EVP_DecodeUpdate) for data with CR/LF ended lines: + an end-of-file condition would erronously be flagged, when the CRLF + was just at the end of a processed block. The bug was discovered when + processing data through a buffering memory BIO handing the data to a + BASE64-decoding BIO. Bug fund and patch submitted by Pavel Tsekov + and Nedelcho Stanev. + [Lutz Jaenicke] + + *) Implement a countermeasure against a vulnerability recently found + in CBC ciphersuites in SSL 3.0/TLS 1.0: Send an empty fragment + before application data chunks to avoid the use of known IVs + with data potentially chosen by the attacker. + [Bodo Moeller] + + *) Fix length checks in ssl3_get_client_hello(). + [Bodo Moeller] + + *) TLS/SSL library bugfix: use s->s3->in_read_app_data differently + to prevent ssl3_read_internal() from incorrectly assuming that + ssl3_read_bytes() found application data while handshake + processing was enabled when in fact s->s3->in_read_app_data was + merely automatically cleared during the initial handshake. + [Bodo Moeller; problem pointed out by Arne Ansper ] + + *) Fix object definitions for Private and Enterprise: they were not + recognized in their shortname (=lowercase) representation. Extend + obj_dat.pl to issue an error when using undefined keywords instead + of silently ignoring the problem (Svenning Sorensen + ). + [Lutz Jaenicke] + + *) Fix DH_generate_parameters() so that it works for 'non-standard' + generators, i.e. generators other than 2 and 5. (Previously, the + code did not properly initialise the 'add' and 'rem' values to + BN_generate_prime().) + + In the new general case, we do not insist that 'generator' is + actually a primitive root: This requirement is rather pointless; + a generator of the order-q subgroup is just as good, if not + better. + [Bodo Moeller] + + *) Map new X509 verification errors to alerts. Discovered and submitted by + Tom Wu . + [Lutz Jaenicke] + + *) Fix ssl3_pending() (ssl/s3_lib.c) to prevent SSL_pending() from + returning non-zero before the data has been completely received + when using non-blocking I/O. + [Bodo Moeller; problem pointed out by John Hughes] + + *) Some of the ciphers missed the strength entry (SSL_LOW etc). + [Ben Laurie, Lutz Jaenicke] + + *) Fix bug in SSL_clear(): bad sessions were not removed (found by + Yoram Zahavi ). + [Lutz Jaenicke] + + *) Add information about CygWin 1.3 and on, and preserve proper + configuration for the versions before that. + [Corinna Vinschen and Richard Levitte] + + *) Make removal from session cache (SSL_CTX_remove_session()) more robust: + check whether we deal with a copy of a session and do not delete from + the cache in this case. Problem reported by "Izhar Shoshani Levi" + . + [Lutz Jaenicke] + + *) Do not store session data into the internal session cache, if it + is never intended to be looked up (SSL_SESS_CACHE_NO_INTERNAL_LOOKUP + flag is set). Proposed by Aslam . + [Lutz Jaenicke] + + *) Have ASN1_BIT_STRING_set_bit() really clear a bit when the requested + value is 0. + [Richard Levitte] + + *) Add the configuration target linux-s390x. + [Neale Ferguson via Richard Levitte] + + *) [In 0.9.6d-engine release:] + Fix a crashbug and a logic bug in hwcrhk_load_pubkey(). + [Toomas Kiisk via Richard Levitte] + + *) The earlier bugfix for the SSL3_ST_SW_HELLO_REQ_C case of + ssl3_accept (ssl/s3_srvr.c) incorrectly used a local flag + variable as an indication that a ClientHello message has been + received. As the flag value will be lost between multiple + invocations of ssl3_accept when using non-blocking I/O, the + function may not be aware that a handshake has actually taken + place, thus preventing a new session from being added to the + session cache. + + To avoid this problem, we now set s->new_session to 2 instead of + using a local variable. + [Lutz Jaenicke, Bodo Moeller] + + *) Bugfix: Return -1 from ssl3_get_server_done (ssl3/s3_clnt.c) + if the SSL_R_LENGTH_MISMATCH error is detected. + [Geoff Thorpe, Bodo Moeller] + + *) New 'shared_ldflag' column in Configure platform table. + [Richard Levitte] + + *) Fix EVP_CIPHER_mode macro. + ["Dan S. Camper" ] + + *) Fix ssl3_read_bytes (ssl/s3_pkt.c): To ignore messages of unknown + type, we must throw them away by setting rr->length to 0. + [D P Chang ] + + Changes between 0.9.6b and 0.9.6c [21 dec 2001] + + *) Fix BN_rand_range bug pointed out by Dominikus Scherkl + . (The previous implementation + worked incorrectly for those cases where range = 10..._2 and + 3*range is two bits longer than range.) + [Bodo Moeller] + + *) Only add signing time to PKCS7 structures if it is not already + present. + [Steve Henson] + + *) Fix crypto/objects/objects.h: "ld-ce" should be "id-ce", + OBJ_ld_ce should be OBJ_id_ce. + Also some ip-pda OIDs in crypto/objects/objects.txt were + incorrect (cf. RFC 3039). + [Matt Cooper, Frederic Giudicelli, Bodo Moeller] + + *) Release CRYPTO_LOCK_DYNLOCK when CRYPTO_destroy_dynlockid() + returns early because it has nothing to do. + [Andy Schneider ] + + *) [In 0.9.6c-engine release:] + Fix mutex callback return values in crypto/engine/hw_ncipher.c. + [Andy Schneider ] + + *) [In 0.9.6c-engine release:] + Add support for Cryptographic Appliance's keyserver technology. + (Use engine 'keyclient') + [Cryptographic Appliances and Geoff Thorpe] + + *) Add a configuration entry for OS/390 Unix. The C compiler 'c89' + is called via tools/c89.sh because arguments have to be + rearranged (all '-L' options must appear before the first object + modules). + [Richard Shapiro ] + + *) [In 0.9.6c-engine release:] + Add support for Broadcom crypto accelerator cards, backported + from 0.9.7. + [Broadcom, Nalin Dahyabhai , Mark Cox] + + *) [In 0.9.6c-engine release:] + Add support for SureWare crypto accelerator cards from + Baltimore Technologies. (Use engine 'sureware') + [Baltimore Technologies and Mark Cox] + + *) [In 0.9.6c-engine release:] + Add support for crypto accelerator cards from Accelerated + Encryption Processing, www.aep.ie. (Use engine 'aep') + [AEP Inc. and Mark Cox] + + *) Add a configuration entry for gcc on UnixWare. + [Gary Benson ] + + *) Change ssl/s2_clnt.c and ssl/s2_srvr.c so that received handshake + messages are stored in a single piece (fixed-length part and + variable-length part combined) and fix various bugs found on the way. + [Bodo Moeller] + + *) Disable caching in BIO_gethostbyname(), directly use gethostbyname() + instead. BIO_gethostbyname() does not know what timeouts are + appropriate, so entries would stay in cache even when they have + become invalid. + [Bodo Moeller; problem pointed out by Rich Salz + + *) Change ssl23_get_client_hello (ssl/s23_srvr.c) behaviour when + faced with a pathologically small ClientHello fragment that does + not contain client_version: Instead of aborting with an error, + simply choose the highest available protocol version (i.e., + TLS 1.0 unless it is disabled). In practice, ClientHello + messages are never sent like this, but this change gives us + strictly correct behaviour at least for TLS. + [Bodo Moeller] + + *) Fix SSL handshake functions and SSL_clear() such that SSL_clear() + never resets s->method to s->ctx->method when called from within + one of the SSL handshake functions. + [Bodo Moeller; problem pointed out by Niko Baric] + + *) In ssl3_get_client_hello (ssl/s3_srvr.c), generate a fatal alert + (sent using the client's version number) if client_version is + smaller than the protocol version in use. Also change + ssl23_get_client_hello (ssl/s23_srvr.c) to select TLS 1.0 if + the client demanded SSL 3.0 but only TLS 1.0 is enabled; then + the client will at least see that alert. + [Bodo Moeller] + + *) Fix ssl3_get_message (ssl/s3_both.c) to handle message fragmentation + correctly. + [Bodo Moeller] + + *) Avoid infinite loop in ssl3_get_message (ssl/s3_both.c) if a + client receives HelloRequest while in a handshake. + [Bodo Moeller; bug noticed by Andy Schneider ] + + *) Bugfix in ssl3_accept (ssl/s3_srvr.c): Case SSL3_ST_SW_HELLO_REQ_C + should end in 'break', not 'goto end' which circuments various + cleanups done in state SSL_ST_OK. But session related stuff + must be disabled for SSL_ST_OK in the case that we just sent a + HelloRequest. + + Also avoid some overhead by not calling ssl_init_wbio_buffer() + before just sending a HelloRequest. + [Bodo Moeller, Eric Rescorla ] + + *) Fix ssl/s3_enc.c, ssl/t1_enc.c and ssl/s3_pkt.c so that we don't + reveal whether illegal block cipher padding was found or a MAC + verification error occured. (Neither SSLerr() codes nor alerts + are directly visible to potential attackers, but the information + may leak via logfiles.) + + Similar changes are not required for the SSL 2.0 implementation + because the number of padding bytes is sent in clear for SSL 2.0, + and the extra bytes are just ignored. However ssl/s2_pkt.c + failed to verify that the purported number of padding bytes is in + the legal range. + [Bodo Moeller] + + *) Add OpenUNIX-8 support including shared libraries + (Boyd Lynn Gerber ). + [Lutz Jaenicke] + + *) Improve RSA_padding_check_PKCS1_OAEP() check again to avoid + 'wristwatch attack' using huge encoding parameters (cf. + James H. Manger's CRYPTO 2001 paper). Note that the + RSA_PKCS1_OAEP_PADDING case of RSA_private_decrypt() does not use + encoding parameters and hence was not vulnerable. + [Bodo Moeller] + + *) BN_sqr() bug fix. + [Ulf Möller, reported by Jim Ellis ] + + *) Rabin-Miller test analyses assume uniformly distributed witnesses, + so use BN_pseudo_rand_range() instead of using BN_pseudo_rand() + followed by modular reduction. + [Bodo Moeller; pointed out by Adam Young ] + + *) Add BN_pseudo_rand_range() with obvious functionality: BN_rand_range() + equivalent based on BN_pseudo_rand() instead of BN_rand(). + [Bodo Moeller] + + *) s3_srvr.c: allow sending of large client certificate lists (> 16 kB). + This function was broken, as the check for a new client hello message + to handle SGC did not allow these large messages. + (Tracked down by "Douglas E. Engert" .) + [Lutz Jaenicke] + + *) Add alert descriptions for TLSv1 to SSL_alert_desc_string[_long](). + [Lutz Jaenicke] + + *) Fix buggy behaviour of BIO_get_num_renegotiates() and BIO_ctrl() + for BIO_C_GET_WRITE_BUF_SIZE ("Stephen Hinton" ). + [Lutz Jaenicke] + + *) Rework the configuration and shared library support for Tru64 Unix. + The configuration part makes use of modern compiler features and + still retains old compiler behavior for those that run older versions + of the OS. The shared library support part includes a variant that + uses the RPATH feature, and is available through the special + configuration target "alpha-cc-rpath", which will never be selected + automatically. + [Tim Mooney via Richard Levitte] + + *) In ssl3_get_key_exchange (ssl/s3_clnt.c), call ssl3_get_message() + with the same message size as in ssl3_get_certificate_request(). + Otherwise, if no ServerKeyExchange message occurs, CertificateRequest + messages might inadvertently be reject as too long. + [Petr Lampa ] + + *) Enhanced support for IA-64 Unix platforms (well, Linux and HP-UX). + [Andy Polyakov] + + *) Modified SSL library such that the verify_callback that has been set + specificly for an SSL object with SSL_set_verify() is actually being + used. Before the change, a verify_callback set with this function was + ignored and the verify_callback() set in the SSL_CTX at the time of + the call was used. New function X509_STORE_CTX_set_verify_cb() introduced + to allow the necessary settings. + [Lutz Jaenicke] + + *) Initialize static variable in crypto/dsa/dsa_lib.c and crypto/dh/dh_lib.c + explicitly to NULL, as at least on Solaris 8 this seems not always to be + done automatically (in contradiction to the requirements of the C + standard). This made problems when used from OpenSSH. + [Lutz Jaenicke] + + *) In OpenSSL 0.9.6a and 0.9.6b, crypto/dh/dh_key.c ignored + dh->length and always used + + BN_rand_range(priv_key, dh->p). + + BN_rand_range() is not necessary for Diffie-Hellman, and this + specific range makes Diffie-Hellman unnecessarily inefficient if + dh->length (recommended exponent length) is much smaller than the + length of dh->p. We could use BN_rand_range() if the order of + the subgroup was stored in the DH structure, but we only have + dh->length. + + So switch back to + + BN_rand(priv_key, l, ...) + + where 'l' is dh->length if this is defined, or BN_num_bits(dh->p)-1 + otherwise. + [Bodo Moeller] + + *) In + + RSA_eay_public_encrypt + RSA_eay_private_decrypt + RSA_eay_private_encrypt (signing) + RSA_eay_public_decrypt (signature verification) + + (default implementations for RSA_public_encrypt, + RSA_private_decrypt, RSA_private_encrypt, RSA_public_decrypt), + always reject numbers >= n. + [Bodo Moeller] + + *) In crypto/rand/md_rand.c, use a new short-time lock CRYPTO_LOCK_RAND2 + to synchronize access to 'locking_thread'. This is necessary on + systems where access to 'locking_thread' (an 'unsigned long' + variable) is not atomic. + [Bodo Moeller] + + *) In crypto/rand/md_rand.c, set 'locking_thread' to current thread's ID + *before* setting the 'crypto_lock_rand' flag. The previous code had + a race condition if 0 is a valid thread ID. + [Travis Vitek ] + + *) Add support for shared libraries under Irix. + [Albert Chin-A-Young ] + + *) Add configuration option to build on Linux on both big-endian and + little-endian MIPS. + [Ralf Baechle ] + + *) Add the possibility to create shared libraries on HP-UX. + [Richard Levitte] + + Changes between 0.9.6a and 0.9.6b [9 Jul 2001] + + *) Change ssleay_rand_bytes (crypto/rand/md_rand.c) + to avoid a SSLeay/OpenSSL PRNG weakness pointed out by + Markku-Juhani O. Saarinen : + PRNG state recovery was possible based on the output of + one PRNG request appropriately sized to gain knowledge on + 'md' followed by enough consecutive 1-byte PRNG requests + to traverse all of 'state'. + + 1. When updating 'md_local' (the current thread's copy of 'md') + during PRNG output generation, hash all of the previous + 'md_local' value, not just the half used for PRNG output. + + 2. Make the number of bytes from 'state' included into the hash + independent from the number of PRNG bytes requested. + + The first measure alone would be sufficient to avoid + Markku-Juhani's attack. (Actually it had never occurred + to me that the half of 'md_local' used for chaining was the + half from which PRNG output bytes were taken -- I had always + assumed that the secret half would be used.) The second + measure makes sure that additional data from 'state' is never + mixed into 'md_local' in small portions; this heuristically + further strengthens the PRNG. + [Bodo Moeller] + + *) Fix crypto/bn/asm/mips3.s. + [Andy Polyakov] + + *) When only the key is given to "enc", the IV is undefined. Print out + an error message in this case. + [Lutz Jaenicke] + + *) Handle special case when X509_NAME is empty in X509 printing routines. + [Steve Henson] + + *) In dsa_do_verify (crypto/dsa/dsa_ossl.c), verify that r and s are + positive and less than q. + [Bodo Moeller] + + *) Don't change *pointer in CRYPTO_add_lock() is add_lock_callback is + used: it isn't thread safe and the add_lock_callback should handle + that itself. + [Paul Rose ] + + *) Verify that incoming data obeys the block size in + ssl3_enc (ssl/s3_enc.c) and tls1_enc (ssl/t1_enc.c). + [Bodo Moeller] + + *) Fix OAEP check. + [Ulf Möller, Bodo Möller] + + *) The countermeasure against Bleichbacher's attack on PKCS #1 v1.5 + RSA encryption was accidentally removed in s3_srvr.c in OpenSSL 0.9.5 + when fixing the server behaviour for backwards-compatible 'client + hello' messages. (Note that the attack is impractical against + SSL 3.0 and TLS 1.0 anyway because length and version checking + means that the probability of guessing a valid ciphertext is + around 2^-40; see section 5 in Bleichenbacher's CRYPTO '98 + paper.) + + Before 0.9.5, the countermeasure (hide the error by generating a + random 'decryption result') did not work properly because + ERR_clear_error() was missing, meaning that SSL_get_error() would + detect the supposedly ignored error. + + Both problems are now fixed. + [Bodo Moeller] + + *) In crypto/bio/bf_buff.c, increase DEFAULT_BUFFER_SIZE to 4096 + (previously it was 1024). + [Bodo Moeller] + + *) Fix for compatibility mode trust settings: ignore trust settings + unless some valid trust or reject settings are present. + [Steve Henson] + + *) Fix for blowfish EVP: its a variable length cipher. + [Steve Henson] + + *) Fix various bugs related to DSA S/MIME verification. Handle missing + parameters in DSA public key structures and return an error in the + DSA routines if parameters are absent. + [Steve Henson] + + *) In versions up to 0.9.6, RAND_file_name() resorted to file ".rnd" + in the current directory if neither $RANDFILE nor $HOME was set. + RAND_file_name() in 0.9.6a returned NULL in this case. This has + caused some confusion to Windows users who haven't defined $HOME. + Thus RAND_file_name() is changed again: e_os.h can define a + DEFAULT_HOME, which will be used if $HOME is not set. + For Windows, we use "C:"; on other platforms, we still require + environment variables. + + *) Move 'if (!initialized) RAND_poll()' into regions protected by + CRYPTO_LOCK_RAND. This is not strictly necessary, but avoids + having multiple threads call RAND_poll() concurrently. + [Bodo Moeller] + + *) In crypto/rand/md_rand.c, replace 'add_do_not_lock' flag by a + combination of a flag and a thread ID variable. + Otherwise while one thread is in ssleay_rand_bytes (which sets the + flag), *other* threads can enter ssleay_add_bytes without obeying + the CRYPTO_LOCK_RAND lock (and may even illegally release the lock + that they do not hold after the first thread unsets add_do_not_lock). + [Bodo Moeller] + + *) Change bctest again: '-x' expressions are not available in all + versions of 'test'. + [Bodo Moeller] + + Changes between 0.9.6 and 0.9.6a [5 Apr 2001] + + *) Fix a couple of memory leaks in PKCS7_dataDecode() + [Steve Henson, reported by Heyun Zheng ] + + *) Change Configure and Makefiles to provide EXE_EXT, which will contain + the default extension for executables, if any. Also, make the perl + scripts that use symlink() to test if it really exists and use "cp" + if it doesn't. All this made OpenSSL compilable and installable in + CygWin. + [Richard Levitte] + + *) Fix for asn1_GetSequence() for indefinite length constructed data. + If SEQUENCE is length is indefinite just set c->slen to the total + amount of data available. + [Steve Henson, reported by shige@FreeBSD.org] + [This change does not apply to 0.9.7.] + + *) Change bctest to avoid here-documents inside command substitution + (workaround for FreeBSD /bin/sh bug). + For compatibility with Ultrix, avoid shell functions (introduced + in the bctest version that searches along $PATH). + [Bodo Moeller] + + *) Rename 'des_encrypt' to 'des_encrypt1'. This avoids the clashes + with des_encrypt() defined on some operating systems, like Solaris + and UnixWare. + [Richard Levitte] + + *) Check the result of RSA-CRT (see D. Boneh, R. DeMillo, R. Lipton: + On the Importance of Eliminating Errors in Cryptographic + Computations, J. Cryptology 14 (2001) 2, 101-119, + http://theory.stanford.edu/~dabo/papers/faults.ps.gz). + [Ulf Moeller] + + *) MIPS assembler BIGNUM division bug fix. + [Andy Polyakov] + + *) Disabled incorrect Alpha assembler code. + [Richard Levitte] + + *) Fix PKCS#7 decode routines so they correctly update the length + after reading an EOC for the EXPLICIT tag. + [Steve Henson] + [This change does not apply to 0.9.7.] + + *) Fix bug in PKCS#12 key generation routines. This was triggered + if a 3DES key was generated with a 0 initial byte. Include + PKCS12_BROKEN_KEYGEN compilation option to retain the old + (but broken) behaviour. + [Steve Henson] + + *) Enhance bctest to search for a working bc along $PATH and print + it when found. + [Tim Rice via Richard Levitte] + + *) Fix memory leaks in err.c: free err_data string if necessary; + don't write to the wrong index in ERR_set_error_data. + [Bodo Moeller] + + *) Implement ssl23_peek (analogous to ssl23_read), which previously + did not exist. + [Bodo Moeller] + + *) Replace rdtsc with _emit statements for VC++ version 5. + [Jeremy Cooper ] + + *) Make it possible to reuse SSLv2 sessions. + [Richard Levitte] + + *) In copy_email() check for >= 0 as a return value for + X509_NAME_get_index_by_NID() since 0 is a valid index. + [Steve Henson reported by Massimiliano Pala ] + + *) Avoid coredump with unsupported or invalid public keys by checking if + X509_get_pubkey() fails in PKCS7_verify(). Fix memory leak when + PKCS7_verify() fails with non detached data. + [Steve Henson] + + *) Don't use getenv in library functions when run as setuid/setgid. + New function OPENSSL_issetugid(). + [Ulf Moeller] + + *) Avoid false positives in memory leak detection code (crypto/mem_dbg.c) + due to incorrect handling of multi-threading: + + 1. Fix timing glitch in the MemCheck_off() portion of CRYPTO_mem_ctrl(). + + 2. Fix logical glitch in is_MemCheck_on() aka CRYPTO_is_mem_check_on(). + + 3. Count how many times MemCheck_off() has been called so that + nested use can be treated correctly. This also avoids + inband-signalling in the previous code (which relied on the + assumption that thread ID 0 is impossible). + [Bodo Moeller] + + *) Add "-rand" option also to s_client and s_server. + [Lutz Jaenicke] + + *) Fix CPU detection on Irix 6.x. + [Kurt Hockenbury and + "Bruce W. Forsberg" ] + + *) Fix X509_NAME bug which produced incorrect encoding if X509_NAME + was empty. + [Steve Henson] + [This change does not apply to 0.9.7.] + + *) Use the cached encoding of an X509_NAME structure rather than + copying it. This is apparently the reason for the libsafe "errors" + but the code is actually correct. + [Steve Henson] + + *) Add new function BN_rand_range(), and fix DSA_sign_setup() to prevent + Bleichenbacher's DSA attack. + Extend BN_[pseudo_]rand: As before, top=1 forces the highest two bits + to be set and top=0 forces the highest bit to be set; top=-1 is new + and leaves the highest bit random. + [Ulf Moeller, Bodo Moeller] + + *) In the NCONF_...-based implementations for CONF_... queries + (crypto/conf/conf_lib.c), if the input LHASH is NULL, avoid using + a temporary CONF structure with the data component set to NULL + (which gives segmentation faults in lh_retrieve). + Instead, use NULL for the CONF pointer in CONF_get_string and + CONF_get_number (which may use environment variables) and directly + return NULL from CONF_get_section. + [Bodo Moeller] + + *) Fix potential buffer overrun for EBCDIC. + [Ulf Moeller] + + *) Tolerate nonRepudiation as being valid for S/MIME signing and certSign + keyUsage if basicConstraints absent for a CA. + [Steve Henson] + + *) Make SMIME_write_PKCS7() write mail header values with a format that + is more generally accepted (no spaces before the semicolon), since + some programs can't parse those values properly otherwise. Also make + sure BIO's that break lines after each write do not create invalid + headers. + [Richard Levitte] + + *) Make the CRL encoding routines work with empty SEQUENCE OF. The + macros previously used would not encode an empty SEQUENCE OF + and break the signature. + [Steve Henson] + [This change does not apply to 0.9.7.] + + *) Zero the premaster secret after deriving the master secret in + DH ciphersuites. + [Steve Henson] + + *) Add some EVP_add_digest_alias registrations (as found in + OpenSSL_add_all_digests()) to SSL_library_init() + aka OpenSSL_add_ssl_algorithms(). This provides improved + compatibility with peers using X.509 certificates + with unconventional AlgorithmIdentifier OIDs. + [Bodo Moeller] + + *) Fix for Irix with NO_ASM. + ["Bruce W. Forsberg" ] + + *) ./config script fixes. + [Ulf Moeller, Richard Levitte] + + *) Fix 'openssl passwd -1'. + [Bodo Moeller] + + *) Change PKCS12_key_gen_asc() so it can cope with non null + terminated strings whose length is passed in the passlen + parameter, for example from PEM callbacks. This was done + by adding an extra length parameter to asc2uni(). + [Steve Henson, reported by ] + + *) Fix C code generated by 'openssl dsaparam -C': If a BN_bin2bn + call failed, free the DSA structure. + [Bodo Moeller] + + *) Fix to uni2asc() to cope with zero length Unicode strings. + These are present in some PKCS#12 files. + [Steve Henson] + + *) Increase s2->wbuf allocation by one byte in ssl2_new (ssl/s2_lib.c). + Otherwise do_ssl_write (ssl/s2_pkt.c) will write beyond buffer limits + when writing a 32767 byte record. + [Bodo Moeller; problem reported by Eric Day ] + + *) In RSA_eay_public_{en,ed}crypt and RSA_eay_mod_exp (rsa_eay.c), + obtain lock CRYPTO_LOCK_RSA before setting rsa->_method_mod_{n,p,q}. + + (RSA objects have a reference count access to which is protected + by CRYPTO_LOCK_RSA [see rsa_lib.c, s3_srvr.c, ssl_cert.c, ssl_rsa.c], + so they are meant to be shared between threads.) + [Bodo Moeller, Geoff Thorpe; original patch submitted by + "Reddie, Steven" ] + + *) Fix a deadlock in CRYPTO_mem_leaks(). + [Bodo Moeller] + + *) Use better test patterns in bntest. + [Ulf Möller] + + *) rand_win.c fix for Borland C. + [Ulf Möller] + + *) BN_rshift bugfix for n == 0. + [Bodo Moeller] + + *) Add a 'bctest' script that checks for some known 'bc' bugs + so that 'make test' does not abort just because 'bc' is broken. + [Bodo Moeller] + + *) Store verify_result within SSL_SESSION also for client side to + avoid potential security hole. (Re-used sessions on the client side + always resulted in verify_result==X509_V_OK, not using the original + result of the server certificate verification.) + [Lutz Jaenicke] + + *) Fix ssl3_pending: If the record in s->s3->rrec is not of type + SSL3_RT_APPLICATION_DATA, return 0. + Similarly, change ssl2_pending to return 0 if SSL_in_init(s) is true. + [Bodo Moeller] + + *) Fix SSL_peek: + Both ssl2_peek and ssl3_peek, which were totally broken in earlier + releases, have been re-implemented by renaming the previous + implementations of ssl2_read and ssl3_read to ssl2_read_internal + and ssl3_read_internal, respectively, and adding 'peek' parameters + to them. The new ssl[23]_{read,peek} functions are calls to + ssl[23]_read_internal with the 'peek' flag set appropriately. + A 'peek' parameter has also been added to ssl3_read_bytes, which + does the actual work for ssl3_read_internal. + [Bodo Moeller] + + *) Initialise "ex_data" member of RSA/DSA/DH structures prior to calling + the method-specific "init()" handler. Also clean up ex_data after + calling the method-specific "finish()" handler. Previously, this was + happening the other way round. + [Geoff Thorpe] + + *) Increase BN_CTX_NUM (the number of BIGNUMs in a BN_CTX) to 16. + The previous value, 12, was not always sufficient for BN_mod_exp(). + [Bodo Moeller] + + *) Make sure that shared libraries get the internal name engine with + the full version number and not just 0. This should mark the + shared libraries as not backward compatible. Of course, this should + be changed again when we can guarantee backward binary compatibility. + [Richard Levitte] + + *) Fix typo in get_cert_by_subject() in by_dir.c + [Jean-Marc Desperrier ] + + *) Rework the system to generate shared libraries: + + - Make note of the expected extension for the shared libraries and + if there is a need for symbolic links from for example libcrypto.so.0 + to libcrypto.so.0.9.7. There is extended info in Configure for + that. + + - Make as few rebuilds of the shared libraries as possible. + + - Still avoid linking the OpenSSL programs with the shared libraries. + + - When installing, install the shared libraries separately from the + static ones. + [Richard Levitte] + + *) Fix SSL_CTX_set_read_ahead macro to actually use its argument. + + Copy SSL_CTX's read_ahead flag to SSL object directly in SSL_new + and not in SSL_clear because the latter is also used by the + accept/connect functions; previously, the settings made by + SSL_set_read_ahead would be lost during the handshake. + [Bodo Moeller; problems reported by Anders Gertz ] + + *) Correct util/mkdef.pl to be selective about disabled algorithms. + Previously, it would create entries for disableed algorithms no + matter what. + [Richard Levitte] + + *) Added several new manual pages for SSL_* function. + [Lutz Jaenicke] + + Changes between 0.9.5a and 0.9.6 [24 Sep 2000] + + *) In ssl23_get_client_hello, generate an error message when faced + with an initial SSL 3.0/TLS record that is too small to contain the + first two bytes of the ClientHello message, i.e. client_version. + (Note that this is a pathologic case that probably has never happened + in real life.) The previous approach was to use the version number + from the record header as a substitute; but our protocol choice + should not depend on that one because it is not authenticated + by the Finished messages. + [Bodo Moeller] + + *) More robust randomness gathering functions for Windows. + [Jeffrey Altman ] + + *) For compatibility reasons if the flag X509_V_FLAG_ISSUER_CHECK is + not set then we don't setup the error code for issuer check errors + to avoid possibly overwriting other errors which the callback does + handle. If an application does set the flag then we assume it knows + what it is doing and can handle the new informational codes + appropriately. + [Steve Henson] + + *) Fix for a nasty bug in ASN1_TYPE handling. ASN1_TYPE is used for + a general "ANY" type, as such it should be able to decode anything + including tagged types. However it didn't check the class so it would + wrongly interpret tagged types in the same way as their universal + counterpart and unknown types were just rejected. Changed so that the + tagged and unknown types are handled in the same way as a SEQUENCE: + that is the encoding is stored intact. There is also a new type + "V_ASN1_OTHER" which is used when the class is not universal, in this + case we have no idea what the actual type is so we just lump them all + together. + [Steve Henson] + + *) On VMS, stdout may very well lead to a file that is written to + in a record-oriented fashion. That means that every write() will + write a separate record, which will be read separately by the + programs trying to read from it. This can be very confusing. + + The solution is to put a BIO filter in the way that will buffer + text until a linefeed is reached, and then write everything a + line at a time, so every record written will be an actual line, + not chunks of lines and not (usually doesn't happen, but I've + seen it once) several lines in one record. BIO_f_linebuffer() is + the answer. + + Currently, it's a VMS-only method, because that's where it has + been tested well enough. + [Richard Levitte] + + *) Remove 'optimized' squaring variant in BN_mod_mul_montgomery, + it can return incorrect results. + (Note: The buggy variant was not enabled in OpenSSL 0.9.5a, + but it was in 0.9.6-beta[12].) + [Bodo Moeller] + + *) Disable the check for content being present when verifying detached + signatures in pk7_smime.c. Some versions of Netscape (wrongly) + include zero length content when signing messages. + [Steve Henson] + + *) New BIO_shutdown_wr macro, which invokes the BIO_C_SHUTDOWN_WR + BIO_ctrl (for BIO pairs). + [Bodo Möller] + + *) Add DSO method for VMS. + [Richard Levitte] + + *) Bug fix: Montgomery multiplication could produce results with the + wrong sign. + [Ulf Möller] + + *) Add RPM specification openssl.spec and modify it to build three + packages. The default package contains applications, application + documentation and run-time libraries. The devel package contains + include files, static libraries and function documentation. The + doc package contains the contents of the doc directory. The original + openssl.spec was provided by Damien Miller . + [Richard Levitte] + + *) Add a large number of documentation files for many SSL routines. + [Lutz Jaenicke ] + + *) Add a configuration entry for Sony News 4. + [NAKAJI Hiroyuki ] + + *) Don't set the two most significant bits to one when generating a + random number < q in the DSA library. + [Ulf Möller] + + *) New SSL API mode 'SSL_MODE_AUTO_RETRY'. This disables the default + behaviour that SSL_read may result in SSL_ERROR_WANT_READ (even if + the underlying transport is blocking) if a handshake took place. + (The default behaviour is needed by applications such as s_client + and s_server that use select() to determine when to use SSL_read; + but for applications that know in advance when to expect data, it + just makes things more complicated.) + [Bodo Moeller] + + *) Add RAND_egd_bytes(), which gives control over the number of bytes read + from EGD. + [Ben Laurie] + + *) Add a few more EBCDIC conditionals that make `req' and `x509' + work better on such systems. + [Martin Kraemer ] + + *) Add two demo programs for PKCS12_parse() and PKCS12_create(). + Update PKCS12_parse() so it copies the friendlyName and the + keyid to the certificates aux info. + [Steve Henson] + + *) Fix bug in PKCS7_verify() which caused an infinite loop + if there was more than one signature. + [Sven Uszpelkat ] + + *) Major change in util/mkdef.pl to include extra information + about each symbol, as well as presentig variables as well + as functions. This change means that there's n more need + to rebuild the .num files when some algorithms are excluded. + [Richard Levitte] + + *) Allow the verify time to be set by an application, + rather than always using the current time. + [Steve Henson] + + *) Phase 2 verify code reorganisation. The certificate + verify code now looks up an issuer certificate by a + number of criteria: subject name, authority key id + and key usage. It also verifies self signed certificates + by the same criteria. The main comparison function is + X509_check_issued() which performs these checks. + + Lot of changes were necessary in order to support this + without completely rewriting the lookup code. + + Authority and subject key identifier are now cached. + + The LHASH 'certs' is X509_STORE has now been replaced + by a STACK_OF(X509_OBJECT). This is mainly because an + LHASH can't store or retrieve multiple objects with + the same hash value. + + As a result various functions (which were all internal + use only) have changed to handle the new X509_STORE + structure. This will break anything that messed round + with X509_STORE internally. + + The functions X509_STORE_add_cert() now checks for an + exact match, rather than just subject name. + + The X509_STORE API doesn't directly support the retrieval + of multiple certificates matching a given criteria, however + this can be worked round by performing a lookup first + (which will fill the cache with candidate certificates) + and then examining the cache for matches. This is probably + the best we can do without throwing out X509_LOOKUP + entirely (maybe later...). + + The X509_VERIFY_CTX structure has been enhanced considerably. + + All certificate lookup operations now go via a get_issuer() + callback. Although this currently uses an X509_STORE it + can be replaced by custom lookups. This is a simple way + to bypass the X509_STORE hackery necessary to make this + work and makes it possible to use more efficient techniques + in future. A very simple version which uses a simple + STACK for its trusted certificate store is also provided + using X509_STORE_CTX_trusted_stack(). + + The verify_cb() and verify() callbacks now have equivalents + in the X509_STORE_CTX structure. + + X509_STORE_CTX also has a 'flags' field which can be used + to customise the verify behaviour. + [Steve Henson] + + *) Add new PKCS#7 signing option PKCS7_NOSMIMECAP which + excludes S/MIME capabilities. + [Steve Henson] + + *) When a certificate request is read in keep a copy of the + original encoding of the signed data and use it when outputing + again. Signatures then use the original encoding rather than + a decoded, encoded version which may cause problems if the + request is improperly encoded. + [Steve Henson] + + *) For consistency with other BIO_puts implementations, call + buffer_write(b, ...) directly in buffer_puts instead of calling + BIO_write(b, ...). + + In BIO_puts, increment b->num_write as in BIO_write. + [Peter.Sylvester@EdelWeb.fr] + + *) Fix BN_mul_word for the case where the word is 0. (We have to use + BN_zero, we may not return a BIGNUM with an array consisting of + words set to zero.) + [Bodo Moeller] + + *) Avoid calling abort() from within the library when problems are + detected, except if preprocessor symbols have been defined + (such as REF_CHECK, BN_DEBUG etc.). + [Bodo Moeller] + + *) New openssl application 'rsautl'. This utility can be + used for low level RSA operations. DER public key + BIO/fp routines also added. + [Steve Henson] + + *) New Configure entry and patches for compiling on QNX 4. + [Andreas Schneider ] + + *) A demo state-machine implementation was sponsored by + Nuron (http://www.nuron.com/) and is now available in + demos/state_machine. + [Ben Laurie] + + *) New options added to the 'dgst' utility for signature + generation and verification. + [Steve Henson] + + *) Unrecognized PKCS#7 content types are now handled via a + catch all ASN1_TYPE structure. This allows unsupported + types to be stored as a "blob" and an application can + encode and decode it manually. + [Steve Henson] + + *) Fix various signed/unsigned issues to make a_strex.c + compile under VC++. + [Oscar Jacobsson ] + + *) ASN1 fixes. i2d_ASN1_OBJECT was not returning the correct + length if passed a buffer. ASN1_INTEGER_to_BN failed + if passed a NULL BN and its argument was negative. + [Steve Henson, pointed out by Sven Heiberg ] + + *) Modification to PKCS#7 encoding routines to output definite + length encoding. Since currently the whole structures are in + memory there's not real point in using indefinite length + constructed encoding. However if OpenSSL is compiled with + the flag PKCS7_INDEFINITE_ENCODING the old form is used. + [Steve Henson] + + *) Added BIO_vprintf() and BIO_vsnprintf(). + [Richard Levitte] + + *) Added more prefixes to parse for in the the strings written + through a logging bio, to cover all the levels that are available + through syslog. The prefixes are now: + + PANIC, EMERG, EMR => LOG_EMERG + ALERT, ALR => LOG_ALERT + CRIT, CRI => LOG_CRIT + ERROR, ERR => LOG_ERR + WARNING, WARN, WAR => LOG_WARNING + NOTICE, NOTE, NOT => LOG_NOTICE + INFO, INF => LOG_INFO + DEBUG, DBG => LOG_DEBUG + + and as before, if none of those prefixes are present at the + beginning of the string, LOG_ERR is chosen. + + On Win32, the LOG_* levels are mapped according to this: + + LOG_EMERG, LOG_ALERT, LOG_CRIT, LOG_ERR => EVENTLOG_ERROR_TYPE + LOG_WARNING => EVENTLOG_WARNING_TYPE + LOG_NOTICE, LOG_INFO, LOG_DEBUG => EVENTLOG_INFORMATION_TYPE + + [Richard Levitte] + + *) Made it possible to reconfigure with just the configuration + argument "reconf" or "reconfigure". The command line arguments + are stored in Makefile.ssl in the variable CONFIGURE_ARGS, + and are retrieved from there when reconfiguring. + [Richard Levitte] + + *) MD4 implemented. + [Assar Westerlund , Richard Levitte] + + *) Add the arguments -CAfile and -CApath to the pkcs12 utility. + [Richard Levitte] + + *) The obj_dat.pl script was messing up the sorting of object + names. The reason was that it compared the quoted version + of strings as a result "OCSP" > "OCSP Signing" because + " > SPACE. Changed script to store unquoted versions of + names and add quotes on output. It was also omitting some + names from the lookup table if they were given a default + value (that is if SN is missing it is given the same + value as LN and vice versa), these are now added on the + grounds that if an object has a name we should be able to + look it up. Finally added warning output when duplicate + short or long names are found. + [Steve Henson] + + *) Changes needed for Tandem NSK. + [Scott Uroff ] + + *) Fix SSL 2.0 rollback checking: Due to an off-by-one error in + RSA_padding_check_SSLv23(), special padding was never detected + and thus the SSL 3.0/TLS 1.0 countermeasure against protocol + version rollback attacks was not effective. + + In s23_clnt.c, don't use special rollback-attack detection padding + (RSA_SSLV23_PADDING) if SSL 2.0 is the only protocol enabled in the + client; similarly, in s23_srvr.c, don't do the rollback check if + SSL 2.0 is the only protocol enabled in the server. + [Bodo Moeller] + + *) Make it possible to get hexdumps of unprintable data with 'openssl + asn1parse'. By implication, the functions ASN1_parse_dump() and + BIO_dump_indent() are added. + [Richard Levitte] + + *) New functions ASN1_STRING_print_ex() and X509_NAME_print_ex() + these print out strings and name structures based on various + flags including RFC2253 support and proper handling of + multibyte characters. Added options to the 'x509' utility + to allow the various flags to be set. + [Steve Henson] + + *) Various fixes to use ASN1_TIME instead of ASN1_UTCTIME. + Also change the functions X509_cmp_current_time() and + X509_gmtime_adj() work with an ASN1_TIME structure, + this will enable certificates using GeneralizedTime in validity + dates to be checked. + [Steve Henson] + + *) Make the NEG_PUBKEY_BUG code (which tolerates invalid + negative public key encodings) on by default, + NO_NEG_PUBKEY_BUG can be set to disable it. + [Steve Henson] + + *) New function c2i_ASN1_OBJECT() which acts on ASN1_OBJECT + content octets. An i2c_ASN1_OBJECT is unnecessary because + the encoding can be trivially obtained from the structure. + [Steve Henson] + + *) crypto/err.c locking bugfix: Use write locks (CRYPTO_w_[un]lock), + not read locks (CRYPTO_r_[un]lock). + [Bodo Moeller] + + *) A first attempt at creating official support for shared + libraries through configuration. I've kept it so the + default is static libraries only, and the OpenSSL programs + are always statically linked for now, but there are + preparations for dynamic linking in place. + This has been tested on Linux and Tru64. + [Richard Levitte] + + *) Randomness polling function for Win9x, as described in: + Peter Gutmann, Software Generation of Practically Strong + Random Numbers. + [Ulf Möller] + + *) Fix so PRNG is seeded in req if using an already existing + DSA key. + [Steve Henson] + + *) New options to smime application. -inform and -outform + allow alternative formats for the S/MIME message including + PEM and DER. The -content option allows the content to be + specified separately. This should allow things like Netscape + form signing output easier to verify. + [Steve Henson] + + *) Fix the ASN1 encoding of tags using the 'long form'. + [Steve Henson] + + *) New ASN1 functions, i2c_* and c2i_* for INTEGER and BIT + STRING types. These convert content octets to and from the + underlying type. The actual tag and length octets are + already assumed to have been read in and checked. These + are needed because all other string types have virtually + identical handling apart from the tag. By having versions + of the ASN1 functions that just operate on content octets + IMPLICIT tagging can be handled properly. It also allows + the ASN1_ENUMERATED code to be cut down because ASN1_ENUMERATED + and ASN1_INTEGER are identical apart from the tag. + [Steve Henson] + + *) Change the handling of OID objects as follows: + + - New object identifiers are inserted in objects.txt, following + the syntax given in objects.README. + - objects.pl is used to process obj_mac.num and create a new + obj_mac.h. + - obj_dat.pl is used to create a new obj_dat.h, using the data in + obj_mac.h. + + This is currently kind of a hack, and the perl code in objects.pl + isn't very elegant, but it works as I intended. The simplest way + to check that it worked correctly is to look in obj_dat.h and + check the array nid_objs and make sure the objects haven't moved + around (this is important!). Additions are OK, as well as + consistent name changes. + [Richard Levitte] + + *) Add BSD-style MD5-based passwords to 'openssl passwd' (option '-1'). + [Bodo Moeller] + + *) Addition of the command line parameter '-rand file' to 'openssl req'. + The given file adds to whatever has already been seeded into the + random pool through the RANDFILE configuration file option or + environment variable, or the default random state file. + [Richard Levitte] + + *) mkstack.pl now sorts each macro group into lexical order. + Previously the output order depended on the order the files + appeared in the directory, resulting in needless rewriting + of safestack.h . + [Steve Henson] + + *) Patches to make OpenSSL compile under Win32 again. Mostly + work arounds for the VC++ problem that it treats func() as + func(void). Also stripped out the parts of mkdef.pl that + added extra typesafe functions: these no longer exist. + [Steve Henson] + + *) Reorganisation of the stack code. The macros are now all + collected in safestack.h . Each macro is defined in terms of + a "stack macro" of the form SKM_(type, a, b). The + DEBUG_SAFESTACK is now handled in terms of function casts, + this has the advantage of retaining type safety without the + use of additional functions. If DEBUG_SAFESTACK is not defined + then the non typesafe macros are used instead. Also modified the + mkstack.pl script to handle the new form. Needs testing to see + if which (if any) compilers it chokes and maybe make DEBUG_SAFESTACK + the default if no major problems. Similar behaviour for ASN1_SET_OF + and PKCS12_STACK_OF. + [Steve Henson] + + *) When some versions of IIS use the 'NET' form of private key the + key derivation algorithm is different. Normally MD5(password) is + used as a 128 bit RC4 key. In the modified case + MD5(MD5(password) + "SGCKEYSALT") is used insted. Added some + new functions i2d_RSA_NET(), d2i_RSA_NET() etc which are the same + as the old Netscape_RSA functions except they have an additional + 'sgckey' parameter which uses the modified algorithm. Also added + an -sgckey command line option to the rsa utility. Thanks to + Adrian Peck for posting details of the modified + algorithm to openssl-dev. + [Steve Henson] + + *) The evp_local.h macros were using 'c.##kname' which resulted in + invalid expansion on some systems (SCO 5.0.5 for example). + Corrected to 'c.kname'. + [Phillip Porch ] + + *) New X509_get1_email() and X509_REQ_get1_email() functions that return + a STACK of email addresses from a certificate or request, these look + in the subject name and the subject alternative name extensions and + omit any duplicate addresses. + [Steve Henson] + + *) Re-implement BN_mod_exp2_mont using independent (and larger) windows. + This makes DSA verification about 2 % faster. + [Bodo Moeller] + + *) Increase maximum window size in BN_mod_exp_... to 6 bits instead of 5 + (meaning that now 2^5 values will be precomputed, which is only 4 KB + plus overhead for 1024 bit moduli). + This makes exponentiations about 0.5 % faster for 1024 bit + exponents (as measured by "openssl speed rsa2048"). + [Bodo Moeller] + + *) Rename memory handling macros to avoid conflicts with other + software: + Malloc => OPENSSL_malloc + Malloc_locked => OPENSSL_malloc_locked + Realloc => OPENSSL_realloc + Free => OPENSSL_free + [Richard Levitte] + + *) New function BN_mod_exp_mont_word for small bases (roughly 15% + faster than BN_mod_exp_mont, i.e. 7% for a full DH exchange). + [Bodo Moeller] + + *) CygWin32 support. + [John Jarvie ] + + *) The type-safe stack code has been rejigged. It is now only compiled + in when OpenSSL is configured with the DEBUG_SAFESTACK option and + by default all type-specific stack functions are "#define"d back to + standard stack functions. This results in more streamlined output + but retains the type-safety checking possibilities of the original + approach. + [Geoff Thorpe] + + *) The STACK code has been cleaned up, and certain type declarations + that didn't make a lot of sense have been brought in line. This has + also involved a cleanup of sorts in safestack.h to more correctly + map type-safe stack functions onto their plain stack counterparts. + This work has also resulted in a variety of "const"ifications of + lots of the code, especially "_cmp" operations which should normally + be prototyped with "const" parameters anyway. + [Geoff Thorpe] + + *) When generating bytes for the first time in md_rand.c, 'stir the pool' + by seeding with STATE_SIZE dummy bytes (with zero entropy count). + (The PRNG state consists of two parts, the large pool 'state' and 'md', + where all of 'md' is used each time the PRNG is used, but 'state' + is used only indexed by a cyclic counter. As entropy may not be + well distributed from the beginning, 'md' is important as a + chaining variable. However, the output function chains only half + of 'md', i.e. 80 bits. ssleay_rand_add, on the other hand, chains + all of 'md', and seeding with STATE_SIZE dummy bytes will result + in all of 'state' being rewritten, with the new values depending + on virtually all of 'md'. This overcomes the 80 bit limitation.) + [Bodo Moeller] + + *) In ssl/s2_clnt.c and ssl/s3_clnt.c, call ERR_clear_error() when + the handshake is continued after ssl_verify_cert_chain(); + otherwise, if SSL_VERIFY_NONE is set, remaining error codes + can lead to 'unexplainable' connection aborts later. + [Bodo Moeller; problem tracked down by Lutz Jaenicke] + + *) Major EVP API cipher revision. + Add hooks for extra EVP features. This allows various cipher + parameters to be set in the EVP interface. Support added for variable + key length ciphers via the EVP_CIPHER_CTX_set_key_length() function and + setting of RC2 and RC5 parameters. + + Modify EVP_OpenInit() and EVP_SealInit() to cope with variable key length + ciphers. + + Remove lots of duplicated code from the EVP library. For example *every* + cipher init() function handles the 'iv' in the same way according to the + cipher mode. They also all do nothing if the 'key' parameter is NULL and + for CFB and OFB modes they zero ctx->num. + + New functionality allows removal of S/MIME code RC2 hack. + + Most of the routines have the same form and so can be declared in terms + of macros. + + By shifting this to the top level EVP_CipherInit() it can be removed from + all individual ciphers. If the cipher wants to handle IVs or keys + differently it can set the EVP_CIPH_CUSTOM_IV or EVP_CIPH_ALWAYS_CALL_INIT + flags. + + Change lots of functions like EVP_EncryptUpdate() to now return a + value: although software versions of the algorithms cannot fail + any installed hardware versions can. + [Steve Henson] + + *) Implement SSL_OP_TLS_ROLLBACK_BUG: In ssl3_get_client_key_exchange, if + this option is set, tolerate broken clients that send the negotiated + protocol version number instead of the requested protocol version + number. + [Bodo Moeller] + + *) Call dh_tmp_cb (set by ..._TMP_DH_CB) with correct 'is_export' flag; + i.e. non-zero for export ciphersuites, zero otherwise. + Previous versions had this flag inverted, inconsistent with + rsa_tmp_cb (..._TMP_RSA_CB). + [Bodo Moeller; problem reported by Amit Chopra] + + *) Add missing DSA library text string. Work around for some IIS + key files with invalid SEQUENCE encoding. + [Steve Henson] + + *) Add a document (doc/standards.txt) that list all kinds of standards + and so on that are implemented in OpenSSL. + [Richard Levitte] + + *) Enhance c_rehash script. Old version would mishandle certificates + with the same subject name hash and wouldn't handle CRLs at all. + Added -fingerprint option to crl utility, to support new c_rehash + features. + [Steve Henson] + + *) Eliminate non-ANSI declarations in crypto.h and stack.h. + [Ulf Möller] + + *) Fix for SSL server purpose checking. Server checking was + rejecting certificates which had extended key usage present + but no ssl client purpose. + [Steve Henson, reported by Rene Grosser ] + + *) Make PKCS#12 code work with no password. The PKCS#12 spec + is a little unclear about how a blank password is handled. + Since the password in encoded as a BMPString with terminating + double NULL a zero length password would end up as just the + double NULL. However no password at all is different and is + handled differently in the PKCS#12 key generation code. NS + treats a blank password as zero length. MSIE treats it as no + password on export: but it will try both on import. We now do + the same: PKCS12_parse() tries zero length and no password if + the password is set to "" or NULL (NULL is now a valid password: + it wasn't before) as does the pkcs12 application. + [Steve Henson] + + *) Bugfixes in apps/x509.c: Avoid a memory leak; and don't use + perror when PEM_read_bio_X509_REQ fails, the error message must + be obtained from the error queue. + [Bodo Moeller] + + *) Avoid 'thread_hash' memory leak in crypto/err/err.c by freeing + it in ERR_remove_state if appropriate, and change ERR_get_state + accordingly to avoid race conditions (this is necessary because + thread_hash is no longer constant once set). + [Bodo Moeller] + + *) Bugfix for linux-elf makefile.one. + [Ulf Möller] + + *) RSA_get_default_method() will now cause a default + RSA_METHOD to be chosen if one doesn't exist already. + Previously this was only set during a call to RSA_new() + or RSA_new_method(NULL) meaning it was possible for + RSA_get_default_method() to return NULL. + [Geoff Thorpe] + + *) Added native name translation to the existing DSO code + that will convert (if the flag to do so is set) filenames + that are sufficiently small and have no path information + into a canonical native form. Eg. "blah" converted to + "libblah.so" or "blah.dll" etc. + [Geoff Thorpe] + + *) New function ERR_error_string_n(e, buf, len) which is like + ERR_error_string(e, buf), but writes at most 'len' bytes + including the 0 terminator. For ERR_error_string_n, 'buf' + may not be NULL. + [Damien Miller , Bodo Moeller] + + *) CONF library reworked to become more general. A new CONF + configuration file reader "class" is implemented as well as a + new functions (NCONF_*, for "New CONF") to handle it. The now + old CONF_* functions are still there, but are reimplemented to + work in terms of the new functions. Also, a set of functions + to handle the internal storage of the configuration data is + provided to make it easier to write new configuration file + reader "classes" (I can definitely see something reading a + configuration file in XML format, for example), called _CONF_*, + or "the configuration storage API"... + + The new configuration file reading functions are: + + NCONF_new, NCONF_free, NCONF_load, NCONF_load_fp, NCONF_load_bio, + NCONF_get_section, NCONF_get_string, NCONF_get_numbre + + NCONF_default, NCONF_WIN32 + + NCONF_dump_fp, NCONF_dump_bio + + NCONF_default and NCONF_WIN32 are method (or "class") choosers, + NCONF_new creates a new CONF object. This works in the same way + as other interfaces in OpenSSL, like the BIO interface. + NCONF_dump_* dump the internal storage of the configuration file, + which is useful for debugging. All other functions take the same + arguments as the old CONF_* functions wth the exception of the + first that must be a `CONF *' instead of a `LHASH *'. + + To make it easer to use the new classes with the old CONF_* functions, + the function CONF_set_default_method is provided. + [Richard Levitte] + + *) Add '-tls1' option to 'openssl ciphers', which was already + mentioned in the documentation but had not been implemented. + (This option is not yet really useful because even the additional + experimental TLS 1.0 ciphers are currently treated as SSL 3.0 ciphers.) + [Bodo Moeller] + + *) Initial DSO code added into libcrypto for letting OpenSSL (and + OpenSSL-based applications) load shared libraries and bind to + them in a portable way. + [Geoff Thorpe, with contributions from Richard Levitte] + + Changes between 0.9.5 and 0.9.5a [1 Apr 2000] + + *) Make sure _lrotl and _lrotr are only used with MSVC. + + *) Use lock CRYPTO_LOCK_RAND correctly in ssleay_rand_status + (the default implementation of RAND_status). + + *) Rename openssl x509 option '-crlext', which was added in 0.9.5, + to '-clrext' (= clear extensions), as intended and documented. + [Bodo Moeller; inconsistency pointed out by Michael Attili + ] + + *) Fix for HMAC. It wasn't zeroing the rest of the block if the key length + was larger than the MD block size. + [Steve Henson, pointed out by Yost William ] + + *) Modernise PKCS12_parse() so it uses STACK_OF(X509) for its ca argument + fix a leak when the ca argument was passed as NULL. Stop X509_PUBKEY_set() + using the passed key: if the passed key was a private key the result + of X509_print(), for example, would be to print out all the private key + components. + [Steve Henson] + + *) des_quad_cksum() byte order bug fix. + [Ulf Möller, using the problem description in krb4-0.9.7, where + the solution is attributed to Derrick J Brashear ] + + *) Fix so V_ASN1_APP_CHOOSE works again: however its use is strongly + discouraged. + [Steve Henson, pointed out by Brian Korver ] + + *) For easily testing in shell scripts whether some command + 'openssl XXX' exists, the new pseudo-command 'openssl no-XXX' + returns with exit code 0 iff no command of the given name is available. + 'no-XXX' is printed in this case, 'XXX' otherwise. In both cases, + the output goes to stdout and nothing is printed to stderr. + Additional arguments are always ignored. + + Since for each cipher there is a command of the same name, + the 'no-cipher' compilation switches can be tested this way. + + ('openssl no-XXX' is not able to detect pseudo-commands such + as 'quit', 'list-XXX-commands', or 'no-XXX' itself.) + [Bodo Moeller] + + *) Update test suite so that 'make test' succeeds in 'no-rsa' configuration. + [Bodo Moeller] + + *) For SSL_[CTX_]set_tmp_dh, don't create a DH key if SSL_OP_SINGLE_DH_USE + is set; it will be thrown away anyway because each handshake creates + its own key. + ssl_cert_dup, which is used by SSL_new, now copies DH keys in addition + to parameters -- in previous versions (since OpenSSL 0.9.3) the + 'default key' from SSL_CTX_set_tmp_dh would always be lost, meanining + you effectivly got SSL_OP_SINGLE_DH_USE when using this macro. + [Bodo Moeller] + + *) New s_client option -ign_eof: EOF at stdin is ignored, and + 'Q' and 'R' lose their special meanings (quit/renegotiate). + This is part of what -quiet does; unlike -quiet, -ign_eof + does not suppress any output. + [Richard Levitte] + + *) Add compatibility options to the purpose and trust code. The + purpose X509_PURPOSE_ANY is "any purpose" which automatically + accepts a certificate or CA, this was the previous behaviour, + with all the associated security issues. + + X509_TRUST_COMPAT is the old trust behaviour: only and + automatically trust self signed roots in certificate store. A + new trust setting X509_TRUST_DEFAULT is used to specify that + a purpose has no associated trust setting and it should instead + use the value in the default purpose. + [Steve Henson] + + *) Fix the PKCS#8 DSA private key code so it decodes keys again + and fix a memory leak. + [Steve Henson] + + *) In util/mkerr.pl (which implements 'make errors'), preserve + reason strings from the previous version of the .c file, as + the default to have only downcase letters (and digits) in + automatically generated reasons codes is not always appropriate. + [Bodo Moeller] + + *) In ERR_load_ERR_strings(), build an ERR_LIB_SYS error reason table + using strerror. Previously, ERR_reason_error_string() returned + library names as reason strings for SYSerr; but SYSerr is a special + case where small numbers are errno values, not library numbers. + [Bodo Moeller] + + *) Add '-dsaparam' option to 'openssl dhparam' application. This + converts DSA parameters into DH parameters. (When creating parameters, + DSA_generate_parameters is used.) + [Bodo Moeller] + + *) Include 'length' (recommended exponent length) in C code generated + by 'openssl dhparam -C'. + [Bodo Moeller] + + *) The second argument to set_label in perlasm was already being used + so couldn't be used as a "file scope" flag. Moved to third argument + which was free. + [Steve Henson] + + *) In PEM_ASN1_write_bio and some other functions, use RAND_pseudo_bytes + instead of RAND_bytes for encryption IVs and salts. + [Bodo Moeller] + + *) Include RAND_status() into RAND_METHOD instead of implementing + it only for md_rand.c Otherwise replacing the PRNG by calling + RAND_set_rand_method would be impossible. + [Bodo Moeller] + + *) Don't let DSA_generate_key() enter an infinite loop if the random + number generation fails. + [Bodo Moeller] + + *) New 'rand' application for creating pseudo-random output. + [Bodo Moeller] + + *) Added configuration support for Linux/IA64 + [Rolf Haberrecker ] + + *) Assembler module support for Mingw32. + [Ulf Möller] + + *) Shared library support for HPUX (in shlib/). + [Lutz Jaenicke and Anonymous] + + *) Shared library support for Solaris gcc. + [Lutz Behnke ] + + Changes between 0.9.4 and 0.9.5 [28 Feb 2000] + + *) PKCS7_encrypt() was adding text MIME headers twice because they + were added manually and by SMIME_crlf_copy(). + [Steve Henson] + + *) In bntest.c don't call BN_rand with zero bits argument. + [Steve Henson, pointed out by Andrew W. Gray ] + + *) BN_mul bugfix: In bn_mul_part_recursion() only the a>a[n] && b>b[n] + case was implemented. This caused BN_div_recp() to fail occasionally. + [Ulf Möller] + + *) Add an optional second argument to the set_label() in the perl + assembly language builder. If this argument exists and is set + to 1 it signals that the assembler should use a symbol whose + scope is the entire file, not just the current function. This + is needed with MASM which uses the format label:: for this scope. + [Steve Henson, pointed out by Peter Runestig ] + + *) Change the ASN1 types so they are typedefs by default. Before + almost all types were #define'd to ASN1_STRING which was causing + STACK_OF() problems: you couldn't declare STACK_OF(ASN1_UTF8STRING) + for example. + [Steve Henson] + + *) Change names of new functions to the new get1/get0 naming + convention: After 'get1', the caller owns a reference count + and has to call ..._free; 'get0' returns a pointer to some + data structure without incrementing reference counters. + (Some of the existing 'get' functions increment a reference + counter, some don't.) + Similarly, 'set1' and 'add1' functions increase reference + counters or duplicate objects. + [Steve Henson] + + *) Allow for the possibility of temp RSA key generation failure: + the code used to assume it always worked and crashed on failure. + [Steve Henson] + + *) Fix potential buffer overrun problem in BIO_printf(). + [Ulf Möller, using public domain code by Patrick Powell; problem + pointed out by David Sacerdote ] + + *) Support EGD . New functions + RAND_egd() and RAND_status(). In the command line application, + the EGD socket can be specified like a seed file using RANDFILE + or -rand. + [Ulf Möller] + + *) Allow the string CERTIFICATE to be tolerated in PKCS#7 structures. + Some CAs (e.g. Verisign) distribute certificates in this form. + [Steve Henson] + + *) Remove the SSL_ALLOW_ADH compile option and set the default cipher + list to exclude them. This means that no special compilation option + is needed to use anonymous DH: it just needs to be included in the + cipher list. + [Steve Henson] + + *) Change the EVP_MD_CTX_type macro so its meaning consistent with + EVP_MD_type. The old functionality is available in a new macro called + EVP_MD_md(). Change code that uses it and update docs. + [Steve Henson] + + *) ..._ctrl functions now have corresponding ..._callback_ctrl functions + where the 'void *' argument is replaced by a function pointer argument. + Previously 'void *' was abused to point to functions, which works on + many platforms, but is not correct. As these functions are usually + called by macros defined in OpenSSL header files, most source code + should work without changes. + [Richard Levitte] + + *) (which is created by Configure) now contains + sections with information on -D... compiler switches used for + compiling the library so that applications can see them. To enable + one of these sections, a pre-processor symbol OPENSSL_..._DEFINES + must be defined. E.g., + #define OPENSSL_ALGORITHM_DEFINES + #include + defines all pertinent NO_ symbols, such as NO_IDEA, NO_RSA, etc. + [Richard Levitte, Ulf and Bodo Möller] + + *) Bugfix: Tolerate fragmentation and interleaving in the SSL 3/TLS + record layer. + [Bodo Moeller] + + *) Change the 'other' type in certificate aux info to a STACK_OF + X509_ALGOR. Although not an AlgorithmIdentifier as such it has + the required ASN1 format: arbitrary types determined by an OID. + [Steve Henson] + + *) Add some PEM_write_X509_REQ_NEW() functions and a command line + argument to 'req'. This is not because the function is newer or + better than others it just uses the work 'NEW' in the certificate + request header lines. Some software needs this. + [Steve Henson] + + *) Reorganise password command line arguments: now passwords can be + obtained from various sources. Delete the PEM_cb function and make + it the default behaviour: i.e. if the callback is NULL and the + usrdata argument is not NULL interpret it as a null terminated pass + phrase. If usrdata and the callback are NULL then the pass phrase + is prompted for as usual. + [Steve Henson] + + *) Add support for the Compaq Atalla crypto accelerator. If it is installed, + the support is automatically enabled. The resulting binaries will + autodetect the card and use it if present. + [Ben Laurie and Compaq Inc.] + + *) Work around for Netscape hang bug. This sends certificate request + and server done in one record. Since this is perfectly legal in the + SSL/TLS protocol it isn't a "bug" option and is on by default. See + the bugs/SSLv3 entry for more info. + [Steve Henson] + + *) HP-UX tune-up: new unified configs, HP C compiler bug workaround. + [Andy Polyakov] + + *) Add -rand argument to smime and pkcs12 applications and read/write + of seed file. + [Steve Henson] + + *) New 'passwd' tool for crypt(3) and apr1 password hashes. + [Bodo Moeller] + + *) Add command line password options to the remaining applications. + [Steve Henson] + + *) Bug fix for BN_div_recp() for numerators with an even number of + bits. + [Ulf Möller] + + *) More tests in bntest.c, and changed test_bn output. + [Ulf Möller] + + *) ./config recognizes MacOS X now. + [Andy Polyakov] + + *) Bug fix for BN_div() when the first words of num and divsor are + equal (it gave wrong results if (rem=(n1-q*d0)&BN_MASK2) < d0). + [Ulf Möller] + + *) Add support for various broken PKCS#8 formats, and command line + options to produce them. + [Steve Henson] + + *) New functions BN_CTX_start(), BN_CTX_get() and BT_CTX_end() to + get temporary BIGNUMs from a BN_CTX. + [Ulf Möller] + + *) Correct return values in BN_mod_exp_mont() and BN_mod_exp2_mont() + for p == 0. + [Ulf Möller] + + *) Change the SSLeay_add_all_*() functions to OpenSSL_add_all_*() and + include a #define from the old name to the new. The original intent + was that statically linked binaries could for example just call + SSLeay_add_all_ciphers() to just add ciphers to the table and not + link with digests. This never worked becayse SSLeay_add_all_digests() + and SSLeay_add_all_ciphers() were in the same source file so calling + one would link with the other. They are now in separate source files. + [Steve Henson] + + *) Add a new -notext option to 'ca' and a -pubkey option to 'spkac'. + [Steve Henson] + + *) Use a less unusual form of the Miller-Rabin primality test (it used + a binary algorithm for exponentiation integrated into the Miller-Rabin + loop, our standard modexp algorithms are faster). + [Bodo Moeller] + + *) Support for the EBCDIC character set completed. + [Martin Kraemer ] + + *) Source code cleanups: use const where appropriate, eliminate casts, + use void * instead of char * in lhash. + [Ulf Möller] + + *) Bugfix: ssl3_send_server_key_exchange was not restartable + (the state was not changed to SSL3_ST_SW_KEY_EXCH_B, and because of + this the server could overwrite ephemeral keys that the client + has already seen). + [Bodo Moeller] + + *) Turn DSA_is_prime into a macro that calls BN_is_prime, + using 50 iterations of the Rabin-Miller test. + + DSA_generate_parameters now uses BN_is_prime_fasttest (with 50 + iterations of the Rabin-Miller test as required by the appendix + to FIPS PUB 186[-1]) instead of DSA_is_prime. + As BN_is_prime_fasttest includes trial division, DSA parameter + generation becomes much faster. + + This implies a change for the callback functions in DSA_is_prime + and DSA_generate_parameters: The callback function is called once + for each positive witness in the Rabin-Miller test, not just + occasionally in the inner loop; and the parameters to the + callback function now provide an iteration count for the outer + loop rather than for the current invocation of the inner loop. + DSA_generate_parameters additionally can call the callback + function with an 'iteration count' of -1, meaning that a + candidate has passed the trial division test (when q is generated + from an application-provided seed, trial division is skipped). + [Bodo Moeller] + + *) New function BN_is_prime_fasttest that optionally does trial + division before starting the Rabin-Miller test and has + an additional BN_CTX * argument (whereas BN_is_prime always + has to allocate at least one BN_CTX). + 'callback(1, -1, cb_arg)' is called when a number has passed the + trial division stage. + [Bodo Moeller] + + *) Fix for bug in CRL encoding. The validity dates weren't being handled + as ASN1_TIME. + [Steve Henson] + + *) New -pkcs12 option to CA.pl script to write out a PKCS#12 file. + [Steve Henson] + + *) New function BN_pseudo_rand(). + [Ulf Möller] + + *) Clean up BN_mod_mul_montgomery(): replace the broken (and unreadable) + bignum version of BN_from_montgomery() with the working code from + SSLeay 0.9.0 (the word based version is faster anyway), and clean up + the comments. + [Ulf Möller] + + *) Avoid a race condition in s2_clnt.c (function get_server_hello) that + made it impossible to use the same SSL_SESSION data structure in + SSL2 clients in multiple threads. + [Bodo Moeller] + + *) The return value of RAND_load_file() no longer counts bytes obtained + by stat(). RAND_load_file(..., -1) is new and uses the complete file + to seed the PRNG (previously an explicit byte count was required). + [Ulf Möller, Bodo Möller] + + *) Clean up CRYPTO_EX_DATA functions, some of these didn't have prototypes + used (char *) instead of (void *) and had casts all over the place. + [Steve Henson] + + *) Make BN_generate_prime() return NULL on error if ret!=NULL. + [Ulf Möller] + + *) Retain source code compatibility for BN_prime_checks macro: + BN_is_prime(..., BN_prime_checks, ...) now uses + BN_prime_checks_for_size to determine the appropriate number of + Rabin-Miller iterations. + [Ulf Möller] + + *) Diffie-Hellman uses "safe" primes: DH_check() return code renamed to + DH_CHECK_P_NOT_SAFE_PRIME. + (Check if this is true? OpenPGP calls them "strong".) + [Ulf Möller] + + *) Merge the functionality of "dh" and "gendh" programs into a new program + "dhparam". The old programs are retained for now but will handle DH keys + (instead of parameters) in future. + [Steve Henson] + + *) Make the ciphers, s_server and s_client programs check the return values + when a new cipher list is set. + [Steve Henson] + + *) Enhance the SSL/TLS cipher mechanism to correctly handle the TLS 56bit + ciphers. Before when the 56bit ciphers were enabled the sorting was + wrong. + + The syntax for the cipher sorting has been extended to support sorting by + cipher-strength (using the strength_bits hard coded in the tables). + The new command is "@STRENGTH" (see also doc/apps/ciphers.pod). + + Fix a bug in the cipher-command parser: when supplying a cipher command + string with an "undefined" symbol (neither command nor alphanumeric + [A-Za-z0-9], ssl_set_cipher_list used to hang in an endless loop. Now + an error is flagged. + + Due to the strength-sorting extension, the code of the + ssl_create_cipher_list() function was completely rearranged. I hope that + the readability was also increased :-) + [Lutz Jaenicke ] + + *) Minor change to 'x509' utility. The -CAcreateserial option now uses 1 + for the first serial number and places 2 in the serial number file. This + avoids problems when the root CA is created with serial number zero and + the first user certificate has the same issuer name and serial number + as the root CA. + [Steve Henson] + + *) Fixes to X509_ATTRIBUTE utilities, change the 'req' program so it uses + the new code. Add documentation for this stuff. + [Steve Henson] + + *) Changes to X509_ATTRIBUTE utilities. These have been renamed from + X509_*() to X509at_*() on the grounds that they don't handle X509 + structures and behave in an analagous way to the X509v3 functions: + they shouldn't be called directly but wrapper functions should be used + instead. + + So we also now have some wrapper functions that call the X509at functions + when passed certificate requests. (TO DO: similar things can be done with + PKCS#7 signed and unsigned attributes, PKCS#12 attributes and a few other + things. Some of these need some d2i or i2d and print functionality + because they handle more complex structures.) + [Steve Henson] + + *) Add missing #ifndefs that caused missing symbols when building libssl + as a shared library without RSA. Use #ifndef NO_SSL2 instead of + NO_RSA in ssl/s2*.c. + [Kris Kennaway , modified by Ulf Möller] + + *) Precautions against using the PRNG uninitialized: RAND_bytes() now + has a return value which indicates the quality of the random data + (1 = ok, 0 = not seeded). Also an error is recorded on the thread's + error queue. New function RAND_pseudo_bytes() generates output that is + guaranteed to be unique but not unpredictable. RAND_add is like + RAND_seed, but takes an extra argument for an entropy estimate + (RAND_seed always assumes full entropy). + [Ulf Möller] + + *) Do more iterations of Rabin-Miller probable prime test (specifically, + 3 for 1024-bit primes, 6 for 512-bit primes, 12 for 256-bit primes + instead of only 2 for all lengths; see BN_prime_checks_for_size definition + in crypto/bn/bn_prime.c for the complete table). This guarantees a + false-positive rate of at most 2^-80 for random input. + [Bodo Moeller] + + *) Rewrite ssl3_read_n (ssl/s3_pkt.c) avoiding a couple of bugs. + [Bodo Moeller] + + *) New function X509_CTX_rget_chain() (renamed to X509_CTX_get1_chain + in the 0.9.5 release), this returns the chain + from an X509_CTX structure with a dup of the stack and all + the X509 reference counts upped: so the stack will exist + after X509_CTX_cleanup() has been called. Modify pkcs12.c + to use this. + + Also make SSL_SESSION_print() print out the verify return + code. + [Steve Henson] + + *) Add manpage for the pkcs12 command. Also change the default + behaviour so MAC iteration counts are used unless the new + -nomaciter option is used. This improves file security and + only older versions of MSIE (4.0 for example) need it. + [Steve Henson] + + *) Honor the no-xxx Configure options when creating .DEF files. + [Ulf Möller] + + *) Add PKCS#10 attributes to field table: challengePassword, + unstructuredName and unstructuredAddress. These are taken from + draft PKCS#9 v2.0 but are compatible with v1.2 provided no + international characters are used. + + More changes to X509_ATTRIBUTE code: allow the setting of types + based on strings. Remove the 'loc' parameter when adding + attributes because these will be a SET OF encoding which is sorted + in ASN1 order. + [Steve Henson] + + *) Initial changes to the 'req' utility to allow request generation + automation. This will allow an application to just generate a template + file containing all the field values and have req construct the + request. + + Initial support for X509_ATTRIBUTE handling. Stacks of these are + used all over the place including certificate requests and PKCS#7 + structures. They are currently handled manually where necessary with + some primitive wrappers for PKCS#7. The new functions behave in a + manner analogous to the X509 extension functions: they allow + attributes to be looked up by NID and added. + + Later something similar to the X509V3 code would be desirable to + automatically handle the encoding, decoding and printing of the + more complex types. The string types like challengePassword can + be handled by the string table functions. + + Also modified the multi byte string table handling. Now there is + a 'global mask' which masks out certain types. The table itself + can use the flag STABLE_NO_MASK to ignore the mask setting: this + is useful when for example there is only one permissible type + (as in countryName) and using the mask might result in no valid + types at all. + [Steve Henson] + + *) Clean up 'Finished' handling, and add functions SSL_get_finished and + SSL_get_peer_finished to allow applications to obtain the latest + Finished messages sent to the peer or expected from the peer, + respectively. (SSL_get_peer_finished is usually the Finished message + actually received from the peer, otherwise the protocol will be aborted.) + + As the Finished message are message digests of the complete handshake + (with a total of 192 bits for TLS 1.0 and more for SSL 3.0), they can + be used for external authentication procedures when the authentication + provided by SSL/TLS is not desired or is not enough. + [Bodo Moeller] + + *) Enhanced support for Alpha Linux is added. Now ./config checks if + the host supports BWX extension and if Compaq C is present on the + $PATH. Just exploiting of the BWX extension results in 20-30% + performance kick for some algorithms, e.g. DES and RC4 to mention + a couple. Compaq C in turn generates ~20% faster code for MD5 and + SHA1. + [Andy Polyakov] + + *) Add support for MS "fast SGC". This is arguably a violation of the + SSL3/TLS protocol. Netscape SGC does two handshakes: the first with + weak crypto and after checking the certificate is SGC a second one + with strong crypto. MS SGC stops the first handshake after receiving + the server certificate message and sends a second client hello. Since + a server will typically do all the time consuming operations before + expecting any further messages from the client (server key exchange + is the most expensive) there is little difference between the two. + + To get OpenSSL to support MS SGC we have to permit a second client + hello message after we have sent server done. In addition we have to + reset the MAC if we do get this second client hello. + [Steve Henson] + + *) Add a function 'd2i_AutoPrivateKey()' this will automatically decide + if a DER encoded private key is RSA or DSA traditional format. Changed + d2i_PrivateKey_bio() to use it. This is only needed for the "traditional" + format DER encoded private key. Newer code should use PKCS#8 format which + has the key type encoded in the ASN1 structure. Added DER private key + support to pkcs8 application. + [Steve Henson] + + *) SSL 3/TLS 1 servers now don't request certificates when an anonymous + ciphersuites has been selected (as required by the SSL 3/TLS 1 + specifications). Exception: When SSL_VERIFY_FAIL_IF_NO_PEER_CERT + is set, we interpret this as a request to violate the specification + (the worst that can happen is a handshake failure, and 'correct' + behaviour would result in a handshake failure anyway). + [Bodo Moeller] + + *) In SSL_CTX_add_session, take into account that there might be multiple + SSL_SESSION structures with the same session ID (e.g. when two threads + concurrently obtain them from an external cache). + The internal cache can handle only one SSL_SESSION with a given ID, + so if there's a conflict, we now throw out the old one to achieve + consistency. + [Bodo Moeller] + + *) Add OIDs for idea and blowfish in CBC mode. This will allow both + to be used in PKCS#5 v2.0 and S/MIME. Also add checking to + some routines that use cipher OIDs: some ciphers do not have OIDs + defined and so they cannot be used for S/MIME and PKCS#5 v2.0 for + example. + [Steve Henson] + + *) Simplify the trust setting structure and code. Now we just have + two sequences of OIDs for trusted and rejected settings. These will + typically have values the same as the extended key usage extension + and any application specific purposes. + + The trust checking code now has a default behaviour: it will just + check for an object with the same NID as the passed id. Functions can + be provided to override either the default behaviour or the behaviour + for a given id. SSL client, server and email already have functions + in place for compatibility: they check the NID and also return "trusted" + if the certificate is self signed. + [Steve Henson] + + *) Add d2i,i2d bio/fp functions for PrivateKey: these convert the + traditional format into an EVP_PKEY structure. + [Steve Henson] + + *) Add a password callback function PEM_cb() which either prompts for + a password if usr_data is NULL or otherwise assumes it is a null + terminated password. Allow passwords to be passed on command line + environment or config files in a few more utilities. + [Steve Henson] + + *) Add a bunch of DER and PEM functions to handle PKCS#8 format private + keys. Add some short names for PKCS#8 PBE algorithms and allow them + to be specified on the command line for the pkcs8 and pkcs12 utilities. + Update documentation. + [Steve Henson] + + *) Support for ASN1 "NULL" type. This could be handled before by using + ASN1_TYPE but there wasn't any function that would try to read a NULL + and produce an error if it couldn't. For compatibility we also have + ASN1_NULL_new() and ASN1_NULL_free() functions but these are faked and + don't allocate anything because they don't need to. + [Steve Henson] + + *) Initial support for MacOS is now provided. Examine INSTALL.MacOS + for details. + [Andy Polyakov, Roy Woods ] + + *) Rebuild of the memory allocation routines used by OpenSSL code and + possibly others as well. The purpose is to make an interface that + provide hooks so anyone can build a separate set of allocation and + deallocation routines to be used by OpenSSL, for example memory + pool implementations, or something else, which was previously hard + since Malloc(), Realloc() and Free() were defined as macros having + the values malloc, realloc and free, respectively (except for Win32 + compilations). The same is provided for memory debugging code. + OpenSSL already comes with functionality to find memory leaks, but + this gives people a chance to debug other memory problems. + + With these changes, a new set of functions and macros have appeared: + + CRYPTO_set_mem_debug_functions() [F] + CRYPTO_get_mem_debug_functions() [F] + CRYPTO_dbg_set_options() [F] + CRYPTO_dbg_get_options() [F] + CRYPTO_malloc_debug_init() [M] + + The memory debug functions are NULL by default, unless the library + is compiled with CRYPTO_MDEBUG or friends is defined. If someone + wants to debug memory anyway, CRYPTO_malloc_debug_init() (which + gives the standard debugging functions that come with OpenSSL) or + CRYPTO_set_mem_debug_functions() (tells OpenSSL to use functions + provided by the library user) must be used. When the standard + debugging functions are used, CRYPTO_dbg_set_options can be used to + request additional information: + CRYPTO_dbg_set_options(V_CYRPTO_MDEBUG_xxx) corresponds to setting + the CRYPTO_MDEBUG_xxx macro when compiling the library. + + Also, things like CRYPTO_set_mem_functions will always give the + expected result (the new set of functions is used for allocation + and deallocation) at all times, regardless of platform and compiler + options. + + To finish it up, some functions that were never use in any other + way than through macros have a new API and new semantic: + + CRYPTO_dbg_malloc() + CRYPTO_dbg_realloc() + CRYPTO_dbg_free() + + All macros of value have retained their old syntax. + [Richard Levitte and Bodo Moeller] + + *) Some S/MIME fixes. The OID for SMIMECapabilities was wrong, the + ordering of SMIMECapabilities wasn't in "strength order" and there + was a missing NULL in the AlgorithmIdentifier for the SHA1 signature + algorithm. + [Steve Henson] + + *) Some ASN1 types with illegal zero length encoding (INTEGER, + ENUMERATED and OBJECT IDENTIFIER) choked the ASN1 routines. + [Frans Heymans , modified by Steve Henson] + + *) Merge in my S/MIME library for OpenSSL. This provides a simple + S/MIME API on top of the PKCS#7 code, a MIME parser (with enough + functionality to handle multipart/signed properly) and a utility + called 'smime' to call all this stuff. This is based on code I + originally wrote for Celo who have kindly allowed it to be + included in OpenSSL. + [Steve Henson] + + *) Add variants des_set_key_checked and des_set_key_unchecked of + des_set_key (aka des_key_sched). Global variable des_check_key + decides which of these is called by des_set_key; this way + des_check_key behaves as it always did, but applications and + the library itself, which was buggy for des_check_key == 1, + have a cleaner way to pick the version they need. + [Bodo Moeller] + + *) New function PKCS12_newpass() which changes the password of a + PKCS12 structure. + [Steve Henson] + + *) Modify X509_TRUST and X509_PURPOSE so it also uses a static and + dynamic mix. In both cases the ids can be used as an index into the + table. Also modified the X509_TRUST_add() and X509_PURPOSE_add() + functions so they accept a list of the field values and the + application doesn't need to directly manipulate the X509_TRUST + structure. + [Steve Henson] + + *) Modify the ASN1_STRING_TABLE stuff so it also uses bsearch and doesn't + need initialising. + [Steve Henson] + + *) Modify the way the V3 extension code looks up extensions. This now + works in a similar way to the object code: we have some "standard" + extensions in a static table which is searched with OBJ_bsearch() + and the application can add dynamic ones if needed. The file + crypto/x509v3/ext_dat.h now has the info: this file needs to be + updated whenever a new extension is added to the core code and kept + in ext_nid order. There is a simple program 'tabtest.c' which checks + this. New extensions are not added too often so this file can readily + be maintained manually. + + There are two big advantages in doing things this way. The extensions + can be looked up immediately and no longer need to be "added" using + X509V3_add_standard_extensions(): this function now does nothing. + [Side note: I get *lots* of email saying the extension code doesn't + work because people forget to call this function] + Also no dynamic allocation is done unless new extensions are added: + so if we don't add custom extensions there is no need to call + X509V3_EXT_cleanup(). + [Steve Henson] + + *) Modify enc utility's salting as follows: make salting the default. Add a + magic header, so unsalted files fail gracefully instead of just decrypting + to garbage. This is because not salting is a big security hole, so people + should be discouraged from doing it. + [Ben Laurie] + + *) Fixes and enhancements to the 'x509' utility. It allowed a message + digest to be passed on the command line but it only used this + parameter when signing a certificate. Modified so all relevant + operations are affected by the digest parameter including the + -fingerprint and -x509toreq options. Also -x509toreq choked if a + DSA key was used because it didn't fix the digest. + [Steve Henson] + + *) Initial certificate chain verify code. Currently tests the untrusted + certificates for consistency with the verify purpose (which is set + when the X509_STORE_CTX structure is set up) and checks the pathlength. + + There is a NO_CHAIN_VERIFY compilation option to keep the old behaviour: + this is because it will reject chains with invalid extensions whereas + every previous version of OpenSSL and SSLeay made no checks at all. + + Trust code: checks the root CA for the relevant trust settings. Trust + settings have an initial value consistent with the verify purpose: e.g. + if the verify purpose is for SSL client use it expects the CA to be + trusted for SSL client use. However the default value can be changed to + permit custom trust settings: one example of this would be to only trust + certificates from a specific "secure" set of CAs. + + Also added X509_STORE_CTX_new() and X509_STORE_CTX_free() functions + which should be used for version portability: especially since the + verify structure is likely to change more often now. + + SSL integration. Add purpose and trust to SSL_CTX and SSL and functions + to set them. If not set then assume SSL clients will verify SSL servers + and vice versa. + + Two new options to the verify program: -untrusted allows a set of + untrusted certificates to be passed in and -purpose which sets the + intended purpose of the certificate. If a purpose is set then the + new chain verify code is used to check extension consistency. + [Steve Henson] + + *) Support for the authority information access extension. + [Steve Henson] + + *) Modify RSA and DSA PEM read routines to transparently handle + PKCS#8 format private keys. New *_PUBKEY_* functions that handle + public keys in a format compatible with certificate + SubjectPublicKeyInfo structures. Unfortunately there were already + functions called *_PublicKey_* which used various odd formats so + these are retained for compatibility: however the DSA variants were + never in a public release so they have been deleted. Changed dsa/rsa + utilities to handle the new format: note no releases ever handled public + keys so we should be OK. + + The primary motivation for this change is to avoid the same fiasco + that dogs private keys: there are several incompatible private key + formats some of which are standard and some OpenSSL specific and + require various evil hacks to allow partial transparent handling and + even then it doesn't work with DER formats. Given the option anything + other than PKCS#8 should be dumped: but the other formats have to + stay in the name of compatibility. + + With public keys and the benefit of hindsight one standard format + is used which works with EVP_PKEY, RSA or DSA structures: though + it clearly returns an error if you try to read the wrong kind of key. + + Added a -pubkey option to the 'x509' utility to output the public key. + Also rename the EVP_PKEY_get_*() to EVP_PKEY_rget_*() + (renamed to EVP_PKEY_get1_*() in the OpenSSL 0.9.5 release) and add + EVP_PKEY_rset_*() functions (renamed to EVP_PKEY_set1_*()) + that do the same as the EVP_PKEY_assign_*() except they up the + reference count of the added key (they don't "swallow" the + supplied key). + [Steve Henson] + + *) Fixes to crypto/x509/by_file.c the code to read in certificates and + CRLs would fail if the file contained no certificates or no CRLs: + added a new function to read in both types and return the number + read: this means that if none are read it will be an error. The + DER versions of the certificate and CRL reader would always fail + because it isn't possible to mix certificates and CRLs in DER format + without choking one or the other routine. Changed this to just read + a certificate: this is the best we can do. Also modified the code + in apps/verify.c to take notice of return codes: it was previously + attempting to read in certificates from NULL pointers and ignoring + any errors: this is one reason why the cert and CRL reader seemed + to work. It doesn't check return codes from the default certificate + routines: these may well fail if the certificates aren't installed. + [Steve Henson] + + *) Code to support otherName option in GeneralName. + [Steve Henson] + + *) First update to verify code. Change the verify utility + so it warns if it is passed a self signed certificate: + for consistency with the normal behaviour. X509_verify + has been modified to it will now verify a self signed + certificate if *exactly* the same certificate appears + in the store: it was previously impossible to trust a + single self signed certificate. This means that: + openssl verify ss.pem + now gives a warning about a self signed certificate but + openssl verify -CAfile ss.pem ss.pem + is OK. + [Steve Henson] + + *) For servers, store verify_result in SSL_SESSION data structure + (and add it to external session representation). + This is needed when client certificate verifications fails, + but an application-provided verification callback (set by + SSL_CTX_set_cert_verify_callback) allows accepting the session + anyway (i.e. leaves x509_store_ctx->error != X509_V_OK + but returns 1): When the session is reused, we have to set + ssl->verify_result to the appropriate error code to avoid + security holes. + [Bodo Moeller, problem pointed out by Lutz Jaenicke] + + *) Fix a bug in the new PKCS#7 code: it didn't consider the + case in PKCS7_dataInit() where the signed PKCS7 structure + didn't contain any existing data because it was being created. + [Po-Cheng Chen , slightly modified by Steve Henson] + + *) Add a salt to the key derivation routines in enc.c. This + forms the first 8 bytes of the encrypted file. Also add a + -S option to allow a salt to be input on the command line. + [Steve Henson] + + *) New function X509_cmp(). Oddly enough there wasn't a function + to compare two certificates. We do this by working out the SHA1 + hash and comparing that. X509_cmp() will be needed by the trust + code. + [Steve Henson] + + *) SSL_get1_session() is like SSL_get_session(), but increments + the reference count in the SSL_SESSION returned. + [Geoff Thorpe ] + + *) Fix for 'req': it was adding a null to request attributes. + Also change the X509_LOOKUP and X509_INFO code to handle + certificate auxiliary information. + [Steve Henson] + + *) Add support for 40 and 64 bit RC2 and RC4 algorithms: document + the 'enc' command. + [Steve Henson] + + *) Add the possibility to add extra information to the memory leak + detecting output, to form tracebacks, showing from where each + allocation was originated: CRYPTO_push_info("constant string") adds + the string plus current file name and line number to a per-thread + stack, CRYPTO_pop_info() does the obvious, CRYPTO_remove_all_info() + is like calling CYRPTO_pop_info() until the stack is empty. + Also updated memory leak detection code to be multi-thread-safe. + [Richard Levitte] + + *) Add options -text and -noout to pkcs7 utility and delete the + encryption options which never did anything. Update docs. + [Steve Henson] + + *) Add options to some of the utilities to allow the pass phrase + to be included on either the command line (not recommended on + OSes like Unix) or read from the environment. Update the + manpages and fix a few bugs. + [Steve Henson] + + *) Add a few manpages for some of the openssl commands. + [Steve Henson] + + *) Fix the -revoke option in ca. It was freeing up memory twice, + leaking and not finding already revoked certificates. + [Steve Henson] + + *) Extensive changes to support certificate auxiliary information. + This involves the use of X509_CERT_AUX structure and X509_AUX + functions. An X509_AUX function such as PEM_read_X509_AUX() + can still read in a certificate file in the usual way but it + will also read in any additional "auxiliary information". By + doing things this way a fair degree of compatibility can be + retained: existing certificates can have this information added + using the new 'x509' options. + + Current auxiliary information includes an "alias" and some trust + settings. The trust settings will ultimately be used in enhanced + certificate chain verification routines: currently a certificate + can only be trusted if it is self signed and then it is trusted + for all purposes. + [Steve Henson] + + *) Fix assembler for Alpha (tested only on DEC OSF not Linux or *BSD). + The problem was that one of the replacement routines had not been working + since SSLeay releases. For now the offending routine has been replaced + with non-optimised assembler. Even so, this now gives around 95% + performance improvement for 1024 bit RSA signs. + [Mark Cox] + + *) Hack to fix PKCS#7 decryption when used with some unorthodox RC2 + handling. Most clients have the effective key size in bits equal to + the key length in bits: so a 40 bit RC2 key uses a 40 bit (5 byte) key. + A few however don't do this and instead use the size of the decrypted key + to determine the RC2 key length and the AlgorithmIdentifier to determine + the effective key length. In this case the effective key length can still + be 40 bits but the key length can be 168 bits for example. This is fixed + by manually forcing an RC2 key into the EVP_PKEY structure because the + EVP code can't currently handle unusual RC2 key sizes: it always assumes + the key length and effective key length are equal. + [Steve Henson] + + *) Add a bunch of functions that should simplify the creation of + X509_NAME structures. Now you should be able to do: + X509_NAME_add_entry_by_txt(nm, "CN", MBSTRING_ASC, "Steve", -1, -1, 0); + and have it automatically work out the correct field type and fill in + the structures. The more adventurous can try: + X509_NAME_add_entry_by_txt(nm, field, MBSTRING_UTF8, str, -1, -1, 0); + and it will (hopefully) work out the correct multibyte encoding. + [Steve Henson] + + *) Change the 'req' utility to use the new field handling and multibyte + copy routines. Before the DN field creation was handled in an ad hoc + way in req, ca, and x509 which was rather broken and didn't support + BMPStrings or UTF8Strings. Since some software doesn't implement + BMPStrings or UTF8Strings yet, they can be enabled using the config file + using the dirstring_type option. See the new comment in the default + openssl.cnf for more info. + [Steve Henson] + + *) Make crypto/rand/md_rand.c more robust: + - Assure unique random numbers after fork(). + - Make sure that concurrent threads access the global counter and + md serializably so that we never lose entropy in them + or use exactly the same state in multiple threads. + Access to the large state is not always serializable because + the additional locking could be a performance killer, and + md should be large enough anyway. + [Bodo Moeller] + + *) New file apps/app_rand.c with commonly needed functionality + for handling the random seed file. + + Use the random seed file in some applications that previously did not: + ca, + dsaparam -genkey (which also ignored its '-rand' option), + s_client, + s_server, + x509 (when signing). + Except on systems with /dev/urandom, it is crucial to have a random + seed file at least for key creation, DSA signing, and for DH exchanges; + for RSA signatures we could do without one. + + gendh and gendsa (unlike genrsa) used to read only the first byte + of each file listed in the '-rand' option. The function as previously + found in genrsa is now in app_rand.c and is used by all programs + that support '-rand'. + [Bodo Moeller] + + *) In RAND_write_file, use mode 0600 for creating files; + don't just chmod when it may be too late. + [Bodo Moeller] + + *) Report an error from X509_STORE_load_locations + when X509_LOOKUP_load_file or X509_LOOKUP_add_dir failed. + [Bill Perry] + + *) New function ASN1_mbstring_copy() this copies a string in either + ASCII, Unicode, Universal (4 bytes per character) or UTF8 format + into an ASN1_STRING type. A mask of permissible types is passed + and it chooses the "minimal" type to use or an error if not type + is suitable. + [Steve Henson] + + *) Add function equivalents to the various macros in asn1.h. The old + macros are retained with an M_ prefix. Code inside the library can + use the M_ macros. External code (including the openssl utility) + should *NOT* in order to be "shared library friendly". + [Steve Henson] + + *) Add various functions that can check a certificate's extensions + to see if it usable for various purposes such as SSL client, + server or S/MIME and CAs of these types. This is currently + VERY EXPERIMENTAL but will ultimately be used for certificate chain + verification. Also added a -purpose flag to x509 utility to + print out all the purposes. + [Steve Henson] + + *) Add a CRYPTO_EX_DATA to X509 certificate structure and associated + functions. + [Steve Henson] + + *) New X509V3_{X509,CRL,REVOKED}_get_d2i() functions. These will search + for, obtain and decode and extension and obtain its critical flag. + This allows all the necessary extension code to be handled in a + single function call. + [Steve Henson] + + *) RC4 tune-up featuring 30-40% performance improvement on most RISC + platforms. See crypto/rc4/rc4_enc.c for further details. + [Andy Polyakov] + + *) New -noout option to asn1parse. This causes no output to be produced + its main use is when combined with -strparse and -out to extract data + from a file (which may not be in ASN.1 format). + [Steve Henson] + + *) Fix for pkcs12 program. It was hashing an invalid certificate pointer + when producing the local key id. + [Richard Levitte ] + + *) New option -dhparam in s_server. This allows a DH parameter file to be + stated explicitly. If it is not stated then it tries the first server + certificate file. The previous behaviour hard coded the filename + "server.pem". + [Steve Henson] + + *) Add -pubin and -pubout options to the rsa and dsa commands. These allow + a public key to be input or output. For example: + openssl rsa -in key.pem -pubout -out pubkey.pem + Also added necessary DSA public key functions to handle this. + [Steve Henson] + + *) Fix so PKCS7_dataVerify() doesn't crash if no certificates are contained + in the message. This was handled by allowing + X509_find_by_issuer_and_serial() to tolerate a NULL passed to it. + [Steve Henson, reported by Sampo Kellomaki ] + + *) Fix for bug in d2i_ASN1_bytes(): other ASN1 functions add an extra null + to the end of the strings whereas this didn't. This would cause problems + if strings read with d2i_ASN1_bytes() were later modified. + [Steve Henson, reported by Arne Ansper ] + + *) Fix for base64 decode bug. When a base64 bio reads only one line of + data and it contains EOF it will end up returning an error. This is + caused by input 46 bytes long. The cause is due to the way base64 + BIOs find the start of base64 encoded data. They do this by trying a + trial decode on each line until they find one that works. When they + do a flag is set and it starts again knowing it can pass all the + data directly through the decoder. Unfortunately it doesn't reset + the context it uses. This means that if EOF is reached an attempt + is made to pass two EOFs through the context and this causes the + resulting error. This can also cause other problems as well. As is + usual with these problems it takes *ages* to find and the fix is + trivial: move one line. + [Steve Henson, reported by ian@uns.ns.ac.yu (Ivan Nejgebauer) ] + + *) Ugly workaround to get s_client and s_server working under Windows. The + old code wouldn't work because it needed to select() on sockets and the + tty (for keypresses and to see if data could be written). Win32 only + supports select() on sockets so we select() with a 1s timeout on the + sockets and then see if any characters are waiting to be read, if none + are present then we retry, we also assume we can always write data to + the tty. This isn't nice because the code then blocks until we've + received a complete line of data and it is effectively polling the + keyboard at 1s intervals: however it's quite a bit better than not + working at all :-) A dedicated Windows application might handle this + with an event loop for example. + [Steve Henson] + + *) Enhance RSA_METHOD structure. Now there are two extra methods, rsa_sign + and rsa_verify. When the RSA_FLAGS_SIGN_VER option is set these functions + will be called when RSA_sign() and RSA_verify() are used. This is useful + if rsa_pub_dec() and rsa_priv_enc() equivalents are not available. + For this to work properly RSA_public_decrypt() and RSA_private_encrypt() + should *not* be used: RSA_sign() and RSA_verify() must be used instead. + This necessitated the support of an extra signature type NID_md5_sha1 + for SSL signatures and modifications to the SSL library to use it instead + of calling RSA_public_decrypt() and RSA_private_encrypt(). + [Steve Henson] + + *) Add new -verify -CAfile and -CApath options to the crl program, these + will lookup a CRL issuers certificate and verify the signature in a + similar way to the verify program. Tidy up the crl program so it + no longer accesses structures directly. Make the ASN1 CRL parsing a bit + less strict. It will now permit CRL extensions even if it is not + a V2 CRL: this will allow it to tolerate some broken CRLs. + [Steve Henson] + + *) Initialize all non-automatic variables each time one of the openssl + sub-programs is started (this is necessary as they may be started + multiple times from the "OpenSSL>" prompt). + [Lennart Bang, Bodo Moeller] + + *) Preliminary compilation option RSA_NULL which disables RSA crypto without + removing all other RSA functionality (this is what NO_RSA does). This + is so (for example) those in the US can disable those operations covered + by the RSA patent while allowing storage and parsing of RSA keys and RSA + key generation. + [Steve Henson] + + *) Non-copying interface to BIO pairs. + (still largely untested) + [Bodo Moeller] + + *) New function ANS1_tag2str() to convert an ASN1 tag to a descriptive + ASCII string. This was handled independently in various places before. + [Steve Henson] + + *) New functions UTF8_getc() and UTF8_putc() that parse and generate + UTF8 strings a character at a time. + [Steve Henson] + + *) Use client_version from client hello to select the protocol + (s23_srvr.c) and for RSA client key exchange verification + (s3_srvr.c), as required by the SSL 3.0/TLS 1.0 specifications. + [Bodo Moeller] + + *) Add various utility functions to handle SPKACs, these were previously + handled by poking round in the structure internals. Added new function + NETSCAPE_SPKI_print() to print out SPKAC and a new utility 'spkac' to + print, verify and generate SPKACs. Based on an original idea from + Massimiliano Pala but extensively modified. + [Steve Henson] + + *) RIPEMD160 is operational on all platforms and is back in 'make test'. + [Andy Polyakov] + + *) Allow the config file extension section to be overwritten on the + command line. Based on an original idea from Massimiliano Pala + . The new option is called -extensions + and can be applied to ca, req and x509. Also -reqexts to override + the request extensions in req and -crlexts to override the crl extensions + in ca. + [Steve Henson] + + *) Add new feature to the SPKAC handling in ca. Now you can include + the same field multiple times by preceding it by "XXXX." for example: + 1.OU="Unit name 1" + 2.OU="Unit name 2" + this is the same syntax as used in the req config file. + [Steve Henson] + + *) Allow certificate extensions to be added to certificate requests. These + are specified in a 'req_extensions' option of the req section of the + config file. They can be printed out with the -text option to req but + are otherwise ignored at present. + [Steve Henson] + + *) Fix a horrible bug in enc_read() in crypto/evp/bio_enc.c: if the first + data read consists of only the final block it would not decrypted because + EVP_CipherUpdate() would correctly report zero bytes had been decrypted. + A misplaced 'break' also meant the decrypted final block might not be + copied until the next read. + [Steve Henson] + + *) Initial support for DH_METHOD. Again based on RSA_METHOD. Also added + a few extra parameters to the DH structure: these will be useful if + for example we want the value of 'q' or implement X9.42 DH. + [Steve Henson] + + *) Initial support for DSA_METHOD. This is based on the RSA_METHOD and + provides hooks that allow the default DSA functions or functions on a + "per key" basis to be replaced. This allows hardware acceleration and + hardware key storage to be handled without major modification to the + library. Also added low level modexp hooks and CRYPTO_EX structure and + associated functions. + [Steve Henson] + + *) Add a new flag to memory BIOs, BIO_FLAG_MEM_RDONLY. This marks the BIO + as "read only": it can't be written to and the buffer it points to will + not be freed. Reading from a read only BIO is much more efficient than + a normal memory BIO. This was added because there are several times when + an area of memory needs to be read from a BIO. The previous method was + to create a memory BIO and write the data to it, this results in two + copies of the data and an O(n^2) reading algorithm. There is a new + function BIO_new_mem_buf() which creates a read only memory BIO from + an area of memory. Also modified the PKCS#7 routines to use read only + memory BIOs. + [Steve Henson] + + *) Bugfix: ssl23_get_client_hello did not work properly when called in + state SSL23_ST_SR_CLNT_HELLO_B, i.e. when the first 7 bytes of + a SSLv2-compatible client hello for SSLv3 or TLSv1 could be read, + but a retry condition occured while trying to read the rest. + [Bodo Moeller] + + *) The PKCS7_ENC_CONTENT_new() function was setting the content type as + NID_pkcs7_encrypted by default: this was wrong since this should almost + always be NID_pkcs7_data. Also modified the PKCS7_set_type() to handle + the encrypted data type: this is a more sensible place to put it and it + allows the PKCS#12 code to be tidied up that duplicated this + functionality. + [Steve Henson] + + *) Changed obj_dat.pl script so it takes its input and output files on + the command line. This should avoid shell escape redirection problems + under Win32. + [Steve Henson] + + *) Initial support for certificate extension requests, these are included + in things like Xenroll certificate requests. Included functions to allow + extensions to be obtained and added. + [Steve Henson] + + *) -crlf option to s_client and s_server for sending newlines as + CRLF (as required by many protocols). + [Bodo Moeller] + Changes between 0.9.3a and 0.9.4 [09 Aug 1999] *) Install libRSAglue.a when OpenSSL is built with RSAref. @@ -49,9 +4329,9 @@ method only got called if p,q,dmp1,dmq1,iqmp components were present, otherwise bn_mod_exp was called. In the case of hardware keys for example no private key components need be present and it might store extra data - in the RSA structure, which cannot be accessed from bn_mod_exp. By setting - RSA_FLAG_EXT_PKEY rsa_mod_exp will always be called for private key - operations. + in the RSA structure, which cannot be accessed from bn_mod_exp. + By setting RSA_FLAG_EXT_PKEY rsa_mod_exp will always be called for + private key operations. [Steve Henson] *) Added support for SPARC Linux. @@ -65,7 +4345,7 @@ The PEM[_ASN1]_{read,write}... functions and macros now take an additional void * argument, which is just handed through whenever the password callback is called. - [Damien Miller , with tiny changes by Bodo Moeller] + [Damien Miller ; tiny changes by Bodo Moeller] New function SSL_CTX_set_default_passwd_cb_userdata. @@ -175,7 +4455,7 @@ copied!) [Bodo Moeller] - *) Bugfix: SSL_set_mode ignored its parameter, only SSL_CTX_set_mode + *) Bugfix: SSL_set_options ignored its parameter, only SSL_CTX_set_options worked. *) Fix problems with no-hmac etc. diff --git a/src/lib/libssl/src/Configure b/src/lib/libssl/src/Configure index 1dc0ed320c..986db2f614 100644 --- a/src/lib/libssl/src/Configure +++ b/src/lib/libssl/src/Configure @@ -1,17 +1,66 @@ -#!/usr/bin/perl +: +eval 'exec perl -S $0 ${1+"$@"}' + if $running_under_some_shell; +## +## Configure -- OpenSSL source tree configuration script +## -# see PROBLEMS for instructions on what sort of things to do when -# tracking a bug --tjh +require 5.000; +use strict; + +# see INSTALL for instructions. + +my $usage="Usage: Configure [no- ...] [-Dxxx] [-lxxx] [-Lxxx] [-fxxx] [-Kxxx] [no-hw-xxx|no-hw] [[no-]threads] [[no-]shared] [[no-]zlib|zlib-dynamic] [no-asm] [no-dso] [no-krb5] [386] [--prefix=DIR] [--openssldir=OPENSSLDIR] [--with-xxx[=vvv]] [--test-sanity] os/compiler[:flags]\n"; + +# Options: +# +# --openssldir install OpenSSL in OPENSSLDIR (Default: DIR/ssl if the +# --prefix option is given; /usr/local/ssl otherwise) +# --prefix prefix for the OpenSSL include, lib and bin directories +# (Default: the OPENSSLDIR directory) +# +# --install_prefix Additional prefix for package builders (empty by +# default). This needn't be set in advance, you can +# just as well use "make INSTALL_PREFIX=/whatever install". # -# extra options -# -DRSAref build to use RSAref -# -DNO_IDEA build with no IDEA algorithm -# -DNO_RC4 build with no RC4 algorithm -# -DNO_RC2 build with no RC2 algorithm -# -DNO_BF build with no Blowfish algorithm -# -DNO_DES build with no DES/3DES algorithm -# -DNO_MD2 build with no MD2 algorithm +# --with-krb5-dir Declare where Kerberos 5 lives. The libraries are expected +# to live in the subdirectory lib/ and the header files in +# include/. A value is required. +# --with-krb5-lib Declare where the Kerberos 5 libraries live. A value is +# required. +# (Default: KRB5_DIR/lib) +# --with-krb5-include Declare where the Kerberos 5 header files live. A +# value is required. +# (Default: KRB5_DIR/include) +# --with-krb5-flavor Declare what flavor of Kerberos 5 is used. Currently +# supported values are "MIT" and "Heimdal". A value is required. # +# --test-sanity Make a number of sanity checks on the data in this file. +# This is a debugging tool for OpenSSL developers. +# +# no-hw-xxx do not compile support for specific crypto hardware. +# Generic OpenSSL-style methods relating to this support +# are always compiled but return NULL if the hardware +# support isn't compiled. +# no-hw do not compile support for any crypto hardware. +# [no-]threads [don't] try to create a library that is suitable for +# multithreaded applications (default is "threads" if we +# know how to do it) +# [no-]shared [don't] try to create shared libraries when supported. +# no-asm do not use assembler +# no-dso do not compile in any native shared-library methods. This +# will ensure that all methods just return NULL. +# no-krb5 do not compile in any KRB5 library or code. +# [no-]zlib [don't] compile support for zlib compression. +# zlib-dynamic Like "zlib", but the zlib library is expected to be a shared +# library and will be loaded in run-time by the OpenSSL library. +# 386 generate 80386 code +# no- build without specified algorithm (rsa, idea, rc5, ...) +# - + compiler options are passed through +# +# DEBUG_SAFESTACK use type-safe stacks to enforce type-safety on stack items +# provided to stack calls. Generates unique stack functions for +# each possible stack type. # DES_PTR use pointer lookup vs arrays in the DES in crypto/des/des_locl.h # DES_RISC1 use different DES_ENCRYPT macro that helps reduce register # dependancies but needs to more registers, good for RISC CPU's @@ -31,126 +80,364 @@ # RC4_LONG use 'long' instead of 'int' for RC4_INT in crypto/rc4/rc4.h # RC4_INDEX define RC4_INDEX in crypto/rc4/rc4_locl.h. This turns on # array lookups instead of pointer use. +# RC4_CHUNK enables code that handles data aligned at long (natural CPU +# word) boundary. +# RC4_CHUNK_LL enables code that handles data aligned at long long boundary +# (intended for 64-bit CPUs running 32-bit OS). # BF_PTR use 'pointer arithmatic' for Blowfish (unsafe on Alpha). -# BF_PTR2 use a pentium/intel specific version. +# BF_PTR2 intel specific version (generic version is more efficient). # MD5_ASM use some extra md5 assember, # SHA1_ASM use some extra sha1 assember, must define L_ENDIAN for x86 # RMD160_ASM use some extra ripemd160 assember, -# BN_ASM use some extra bn assember, -$x86_gcc_des="DES_PTR DES_RISC1 DES_UNROLL"; +my $x86_gcc_des="DES_PTR DES_RISC1 DES_UNROLL"; # MD2_CHAR slags pentium pros -$x86_gcc_opts="RC4_INDEX MD2_INT BF_PTR2"; +my $x86_gcc_opts="RC4_INDEX MD2_INT"; # MODIFY THESE PARAMETERS IF YOU ARE GOING TO USE THE 'util/speed.sh SCRIPT # Don't worry about these normally -$tcc="cc"; -$tflags="-fast -Xa"; -$tbn_mul=""; -$tlib="-lnsl -lsocket"; +my $tcc="cc"; +my $tflags="-fast -Xa"; +my $tbn_mul=""; +my $tlib="-lnsl -lsocket"; #$bits1="SIXTEEN_BIT "; #$bits2="THIRTY_TWO_BIT "; -$bits1="THIRTY_TWO_BIT "; -$bits2="SIXTY_FOUR_BIT "; +my $bits1="THIRTY_TWO_BIT "; +my $bits2="SIXTY_FOUR_BIT "; + +my $x86_sol_asm="asm/bn86-sol.o asm/co86-sol.o:asm/dx86-sol.o asm/yx86-sol.o:asm/bx86-sol.o:asm/mx86-sol.o:asm/sx86-sol.o:asm/cx86-sol.o:asm/rx86-sol.o:asm/rm86-sol.o:asm/r586-sol.o"; +my $x86_elf_asm="asm/bn86-elf.o asm/co86-elf.o:asm/dx86-elf.o asm/yx86-elf.o:asm/bx86-elf.o:asm/mx86-elf.o:asm/sx86-elf.o:asm/cx86-elf.o:asm/rx86-elf.o:asm/rm86-elf.o:asm/r586-elf.o"; +my $x86_out_asm="asm/bn86-out.o asm/co86-out.o:asm/dx86-out.o asm/yx86-out.o:asm/bx86-out.o:asm/mx86-out.o:asm/sx86-out.o:asm/cx86-out.o:asm/rx86-out.o:asm/rm86-out.o:asm/r586-out.o"; +my $x86_bsdi_asm="asm/bn86bsdi.o asm/co86bsdi.o:asm/dx86bsdi.o asm/yx86bsdi.o:asm/bx86bsdi.o:asm/mx86bsdi.o:asm/sx86bsdi.o:asm/cx86bsdi.o:asm/rx86bsdi.o:asm/rm86bsdi.o:asm/r586bsdi.o"; -$x86_sol_asm="asm/bn86-sol.o:asm/dx86-sol.o:asm/yx86-sol.o:asm/bx86-sol.o:asm/mx86-sol.o:asm/sx86-sol.o:asm/cx86-sol.o:asm/rx86-sol.o:asm/rm86-sol.o:asm/r586-sol.o"; -$x86_elf_asm="asm/bn86-elf.o:asm/dx86-elf.o asm/yx86-elf.o:asm/bx86-elf.o:asm/mx86-elf.o:asm/sx86-elf.o:asm/cx86-elf.o:asm/rx86-elf.o:asm/rm86-elf.o:asm/r586-elf.o"; -$x86_out_asm="asm/bn86-out.o:asm/dx86-out.o asm/yx86-out.o:asm/bx86-out.o:asm/mx86-out.o:asm/sx86-out.o:asm/cx86-out.o:asm/rx86-out.o:asm/rm86-out.o:asm/r586-out.o"; -$x86_bsdi_asm="asm/bn86bsdi.o:asm/dx86bsdi.o asm/yx86bsdi.o:asm/bx86bsdi.o:asm/mx86bsdi.o:asm/sx86bsdi.o:asm/cx86bsdi.o:asm/rx86bsdi.o:asm/rm86bsdi.o:asm/r586bsdi.o"; +my $mips3_irix_asm="asm/mips3.o::::::::"; +# There seems to be boundary faults in asm/alpha.s. +#my $alpha_asm="asm/alpha.o::::::::"; +my $alpha_asm="::::::::"; # -DB_ENDIAN slows things down on a sparc for md5, but helps sha1. # So the md5_locl.h file has an undef B_ENDIAN if sun is defined -#config-string CC : CFLAGS : LDFLAGS : special header file mods:bn_asm \ -# des_asm:bf_asm -%table=( -#"b", "$tcc:$tflags:$tlib:$bits1:$tbn_mul::", -#"bl-4c-2c", "$tcc:$tflags:$tlib:${bits1}BN_LLONG RC4_CHAR MD2_CHAR:$tbn_mul::", -#"bl-4c-ri", "$tcc:$tflags:$tlib:${bits1}BN_LLONG RC4_CHAR RC4_INDEX:$tbn_mul::", -#"b2-is-ri-dp", "$tcc:$tflags:$tlib:${bits2}IDEA_SHORT RC4_INDEX DES_PTR:$tbn_mul::", - -# A few of my development configs -"purify", "purify gcc:-g -DPURIFY -Wall:-lsocket -lnsl::::", -"debug", "gcc:-DREF_CHECK -DCRYPTO_MDEBUG -ggdb -g2 -Wformat -Wshadow -Wmissing-prototypes -Wmissing-declarations -Werror:::::", -"dist", "cc:-O -DNOPROTO::::", - -# Basic configs that should work on any box -"gcc", "gcc:-O3::BN_LLONG:::", -"cc", "cc:-O -DNOPROTO -DNOCONST:::::", - - -# My solaris setups -"solaris-x86-gcc","gcc:-O3 -fomit-frame-pointer -m486 -Wall -DL_ENDIAN -DBN_ASM:-lsocket -lnsl:BN_LLONG $x86_gcc_des $x86_gcc_opts:$x86_sol_asm:", -"solaris-sparc-gcc","gcc:-O3 -fomit-frame-pointer -mv8 -Wall -DB_ENDIAN:-lsocket -lnsl:BN_LLONG RC4_CHAR DES_UNROLL BF_PTR:::", -# DO NOT use /xO[34] on sparc with SC3.0. -# It is broken, and will not pass the tests -"solaris-sparc-cc","cc:-fast -O -Xa -DB_ENDIAN:\ - -lsocket -lnsl:BN_LLONG RC4_CHAR DES_PTR DES_UNROLL BF_PTR:asm/sparc.o::", -# SC4.0 is ok, better than gcc, except for the bignum stuff. -# -fast slows things like DES down quite a lot -"solaris-sparc-sc4","cc:-xO5 -Xa -DB_ENDIAN:-lsocket -lnsl:\ - BN_LLONG RC4_CHAR DES_PTR DES_RISC1 DES_UNROLL BF_PTR:asm/sparc.o::", -"solaris-usparc-sc4","cc:-xtarget=ultra -xarch=v8plus -Xa -xO5 -DB_ENDIAN:\ - -lsocket -lnsl:\ - BN_LLONG RC4_CHAR DES_PTR DES_RISC1 DES_UNROLL BF_PTR:asm/sparc.o::", +#config-string $cc : $cflags : $unistd : $thread_cflag : $sys_id : $lflags : $bn_ops : $bn_obj : $des_obj : $bf_obj : $md5_obj : $sha1_obj : $cast_obj : $rc4_obj : $rmd160_obj : $rc5_obj : $dso_scheme : $shared_target : $shared_cflag : $shared_ldflag : $shared_extension : $ranlib + +my %table=( +# File 'TABLE' (created by 'make TABLE') contains the data from this list, +# formatted for better readability. + + +#"b", "${tcc}:${tflags}::${tlib}:${bits1}:${tbn_mul}::", +#"bl-4c-2c", "${tcc}:${tflags}::${tlib}:${bits1}BN_LLONG RC4_CHAR MD2_CHAR:${tbn_mul}::", +#"bl-4c-ri", "${tcc}:${tflags}::${tlib}:${bits1}BN_LLONG RC4_CHAR RC4_INDEX:${tbn_mul}::", +#"b2-is-ri-dp", "${tcc}:${tflags}::${tlib}:${bits2}IDEA_SHORT RC4_INDEX DES_PTR:${tbn_mul}::", + +# Our development configs +"purify", "purify gcc:-g -DPURIFY -Wall::(unknown)::-lsocket -lnsl::::", +"debug", "gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -ggdb -g2 -Wformat -Wshadow -Wmissing-prototypes -Wmissing-declarations -Werror::(unknown)::-lefence::::", +"debug-ben", "gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DPEDANTIC -DDEBUG_SAFESTACK -O2 -pedantic -Wall -Wshadow -Werror -pipe::(unknown)::::asm/bn86-elf.o asm/co86-elf.o", +"debug-ben-openbsd","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DPEDANTIC -DDEBUG_SAFESTACK -DOPENSSL_OPENBSD_DEV_CRYPTO -DOPENSSL_NO_ASM -O2 -pedantic -Wall -Wshadow -Werror -pipe::(unknown)::::", +"debug-ben-openbsd-debug","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DPEDANTIC -DDEBUG_SAFESTACK -DOPENSSL_OPENBSD_DEV_CRYPTO -DOPENSSL_NO_ASM -g3 -O2 -pedantic -Wall -Wshadow -Werror -pipe::(unknown)::::", +"debug-ben-debug", "gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DPEDANTIC -DDEBUG_SAFESTACK -g3 -O2 -pedantic -Wall -Wshadow -Werror -pipe::(unknown)::::::", +"debug-ben-strict", "gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DCONST_STRICT -O2 -Wall -Wshadow -Werror -Wpointer-arith -Wcast-qual -Wwrite-strings -pipe::(unknown)::::::", +"debug-rse","cc:-DTERMIOS -DL_ENDIAN -pipe -O -g -ggdb3 -Wall::(unknown):::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}", +"debug-bodo", "gcc:-DL_ENDIAN -DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DBIO_PAIR_DEBUG -DPEDANTIC -g -m486 -pedantic -Wshadow -Wall::-D_REENTRANT:::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}", +"debug-ulf", "gcc:-DL_ENDIAN -DREF_CHECK -DCONF_DEBUG -DBN_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG_ALL -g -O2 -m486 -Wall -Werror -Wshadow -pipe::-D_REENTRANT:::${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}", +"debug-steve", "gcc:-DL_ENDIAN -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DDEBUG_SAFESTACK -DCRYPTO_MDEBUG_ALL -DPEDANTIC -g -mcpu=i486 -pedantic -Wall -Werror -Wshadow -pipe::-D_REENTRANT::-rdynamic -ldl:${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn", +"debug-steve-linux-pseudo64", "gcc:-DL_ENDIAN -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DDEBUG_SAFESTACK -DCRYPTO_MDEBUG_ALL -DOPENSSL_NO_ASM -g -mcpu=i486 -Wall -Werror -Wshadow -pipe::-D_REENTRANT::-rdynamic -ldl:SIXTY_FOUR_BIT::dlfcn", +"debug-levitte-linux-elf","gcc:-DLEVITTE_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DL_ENDIAN -DTERMIO -D_POSIX_SOURCE -DPEDANTIC -ggdb -g3 -mcpu=i486 -pedantic -ansi -Wall -W -Wtraditional -Wundef -Wshadow -Wid-clash-31 -Wcast-align -Wconversion -Wno-long-long -pipe::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", +"debug-levitte-linux-noasm","gcc:-DLEVITTE_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DOPENSSL_NO_ASM -DL_ENDIAN -DTERMIO -D_POSIX_SOURCE -DPEDANTIC -ggdb -g3 -mcpu=i486 -pedantic -ansi -Wall -W -Wtraditional -Wundef -Wshadow -Wid-clash-31 -Wcast-align -Wconversion -Wno-long-long -pipe::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", +"dist", "cc:-O::(unknown)::::::", + +# Basic configs that should work on any (32 and less bit) box +"gcc", "gcc:-O3::(unknown):::BN_LLONG:::", +"cc", "cc:-O::(unknown)::::::", + +#### Solaris x86 with GNU C setups +# -DOPENSSL_NO_INLINE_ASM switches off inline assembler. We have to do it +# here because whenever GNU C instantiates an assembler template it +# surrounds it with #APP #NO_APP comment pair which (at least Solaris +# 7_x86) /usr/ccs/bin/as fails to assemble with "Illegal mnemonic" +# error message. +"solaris-x86-gcc","gcc:-O3 -fomit-frame-pointer -m486 -Wall -DL_ENDIAN -DOPENSSL_NO_INLINE_ASM::-D_REENTRANT::-lsocket -lnsl -ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_sol_asm}:dlfcn:solaris-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", + +#### Solaris x86 with Sun C setups +"solaris-x86-cc","cc:-fast -O -Xa::-D_REENTRANT::-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_PTR DES_UNROLL BF_PTR::::::::::dlfcn:solaris-shared:-KPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", + +#### SPARC Solaris with GNU C setups +"solaris-sparcv7-gcc","gcc:-O3 -fomit-frame-pointer -Wall -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT::-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR::::::::::dlfcn:solaris-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", +"solaris-sparcv8-gcc","gcc:-mv8 -O3 -fomit-frame-pointer -Wall -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT::-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:asm/sparcv8.o:::::::::dlfcn:solaris-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", +# -m32 should be safe to add as long as driver recognizes -mcpu=ultrasparc +"solaris-sparcv9-gcc","gcc:-m32 -mcpu=ultrasparc -O3 -fomit-frame-pointer -Wall -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT:ULTRASPARC:-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:asm/sparcv8plus.o:::asm/md5-sparcv8plus.o::::::dlfcn:solaris-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", +"solaris64-sparcv9-gcc31","gcc:-mcpu=ultrasparc -m64 -O3 -fomit-frame-pointer -Wall -DB_ENDIAN::-D_REENTRANT:ULTRASPARC:-lsocket -lnsl -ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_PTR DES_RISC1 DES_UNROLL BF_PTR::::asm/md5-sparcv9.o::::::dlfcn:solaris-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", +# gcc pre-2.8 doesn't understand -mcpu=ultrasparc, so fall down to -mv8 +# but keep the assembler modules. +"solaris-sparcv9-gcc27","gcc:-mv8 -O3 -fomit-frame-pointer -Wall -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT:ULTRASPARC:-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:asm/sparcv8plus-gcc27.o:::asm/md5-sparcv8plus-gcc27.o::::::dlfcn:solaris-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", +"solaris64-sparcv9-gcc","gcc:-m64 -mcpu=ultrasparc -O3 -Wall -DB_ENDIAN::-D_REENTRANT:ULTRASPARC:-lsocket -lnsl -ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_PTR DES_RISC1 DES_UNROLL BF_PTR::::asm/md5-sparcv9.o::::::dlfcn:solaris-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", + +#### +"debug-solaris-sparcv8-gcc","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG_ALL -O -g -mv8 -Wall -DB_ENDIAN::-D_REENTRANT::-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:asm/sparcv8.o:::::::::dlfcn:solaris-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", +"debug-solaris-sparcv9-gcc","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG_ALL -O -g -mcpu=ultrasparc -Wall -DB_ENDIAN::-D_REENTRANT::-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:asm/sparcv8plus.o:::::::::dlfcn:solaris-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", + +#### SPARC Solaris with Sun C setups +# DO NOT use /xO[34] on sparc with SC3.0. It is broken, and will not pass the tests +"solaris-sparc-sc3","cc:-fast -O -Xa -DB_ENDIAN::-D_REENTRANT::-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_PTR DES_UNROLL BF_PTR::::::::::dlfcn:solaris-shared:-KPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", +# SC4.0 doesn't pass 'make test', upgrade to SC5.0 or SC4.2. +# SC4.2 is ok, better than gcc even on bn as long as you tell it -xarch=v8 +# SC5.0 note: Compiler common patch 107357-01 or later is required! +"solaris-sparcv7-cc","cc:-xO5 -xstrconst -xdepend -Xa -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT::-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_PTR DES_RISC1 DES_UNROLL BF_PTR::::::::::dlfcn:solaris-shared:-KPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", +"solaris-sparcv8-cc","cc:-xarch=v8 -xO5 -xstrconst -xdepend -Xa -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT::-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_PTR DES_RISC1 DES_UNROLL BF_PTR:asm/sparcv8.o:::::::::dlfcn:solaris-shared:-KPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", +"solaris-sparcv9-cc","cc:-xtarget=ultra -xarch=v8plus -xO5 -xstrconst -xdepend -Xa -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT:ULTRASPARC:-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK_LL DES_PTR DES_RISC1 DES_UNROLL BF_PTR:asm/sparcv8plus.o:::asm/md5-sparcv8plus.o::::::dlfcn:solaris-shared:-KPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", +"solaris64-sparcv9-cc","cc:-xtarget=ultra -xarch=v9 -xO5 -xstrconst -xdepend -Xa -DB_ENDIAN::-D_REENTRANT:ULTRASPARC:-lsocket -lnsl -ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_PTR DES_RISC1 DES_UNROLL BF_PTR::::asm/md5-sparcv9.o::::::dlfcn:solaris-shared:-KPIC:-xarch=v9:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):/usr/ccs/bin/ar rs", +#### +"debug-solaris-sparcv8-cc","cc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG_ALL -xarch=v8 -g -O -xstrconst -Xa -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT::-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_PTR DES_RISC1 DES_UNROLL BF_PTR:asm/sparcv8.o:::::::::dlfcn:solaris-shared:-KPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", +"debug-solaris-sparcv9-cc","cc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG_ALL -xtarget=ultra -xarch=v8plus -g -O -xstrconst -Xa -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT:ULTRASPARC:-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK_LL DES_PTR DES_RISC1 DES_UNROLL BF_PTR:asm/sparcv8plus.o:::asm/md5-sparcv8plus.o::::::dlfcn:solaris-shared:-KPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", + +#### SPARC Linux setups +"linux-sparcv7","gcc:-DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT:::BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR::", +# Ray Miller has patiently +# assisted with debugging of following two configs. +"linux-sparcv8","gcc:-mv8 -DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall -DBN_DIV2W::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:asm/sparcv8.o:::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", +# it's a real mess with -mcpu=ultrasparc option under Linux, but +# -Wa,-Av8plus should do the trick no matter what. +"linux-sparcv9","gcc:-mcpu=ultrasparc -DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall -Wa,-Av8plus -DBN_DIV2W::-D_REENTRANT:ULTRASPARC:-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:asm/sparcv8plus.o:::asm/md5-sparcv8plus.o::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", +# !!!Folowing can't be even tested yet!!! +# We have to wait till 64-bit glibc for SPARC is operational!!! +#"linux64-sparcv9","sparc64-linux-gcc:-m64 -mcpu=v9 -DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall -DBN_DIV2W::-D_REENTRANT:ULTRASPARC::BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR::::asm/md5-sparcv9.o:", # Sunos configs, assuming sparc for the gcc one. -"sunos-cc", "cc:-O4 -DNOPROTO -DNOCONST::DES_UNROLL:::", -"sunos-gcc","gcc:-O3 -mv8::BN_LLONG RC4_CHAR DES_UNROLL DES_PTR DES_RISC1:::", - -# SGI configurations. If the box is rather old (r3000 cpu), you will -# probably have to remove the '-mips2' flag. I've only been using -# IRIX 5.[23]. -#"irix-gcc","gcc:-O2 -mips2::BN_LLONG RC4_INDEX RC4_CHAR:::", -"irix-gcc","gcc:-O2 -DTERMIOS -DB_ENDIAN::BN_LLONG MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC2 DES_PTR BF_PTR:::", -"irix-cc", "cc:-O2 -DTERMIOS -DB_ENDIAN::DES_PTR DES_RISC2 DES_UNROLL BF_PTR:asm/r3000.o::", -"debug-irix-cc", "cc:-w2 -g -DCRYPTO_MDEBUG -DTERMIOS -DB_ENDIAN:::asm/r3000.o::", - -# HPUX config. I've been building on HPUX 9, so the options may be -# different on version 10. The pa-risc2.o assember file is 2 times -# faster than the old asm/pa-risc.o version but it may not run on old -# PA-RISC CPUs. If you have problems, swap back to the old one. -# Both were generated by gcc, so use the C version with the PA-RISC specific -# options turned on if you are using gcc. -"hpux-cc", "cc:-DB_ENDIAN -D_HPUX_SOURCE -Aa -Ae +ESlit +O4 -Wl,-a,archive::DES_PTR DES_UNROLL DES_RISC1:asm/pa-risc2.o::", -"hpux-kr-cc", "cc:-DB_ENDIAN -DNOCONST -DNOPROTO -D_HPUX_SOURCE::DES_PTR DES_UNROLL:asm/pa-risc2.o::", -"hpux-gcc", "gcc:-DB_ENDIAN -O3::BN_LLONG DES_PTR DES_UNROLL DES_RISC1:::", - -# Dec Alpha, OSF/1 - the alpha400-cc is the flags for a 21164A with -# the new compiler -"alpha-gcc","gcc:-O3::SIXTY_FOUR_BIT_LONGS DES_INT DES_PTR DES_RISC2:asm/alpha.o::", -"alpha-cc", "cc:-O2::SIXTY_FOUR_BIT_LONGS DES_INT DES_PTR DES_RISC2:asm/alpha.o::", -"alpha400-cc", "cc:-arch host -tune host -fast -std -O4 -inline speed::SIXTY_FOUR_BIT_LONG:asm/alpha.o::", +##"sunos-cc", "cc:-O4 -DNOPROTO -DNOCONST::(unknown):::DES_UNROLL:::", +"sunos-gcc","gcc:-O3 -mv8 -Dssize_t=int::(unknown):::BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL DES_PTR DES_RISC1:::", + +#### IRIX 5.x configs +# -mips2 flag is added by ./config when appropriate. +"irix-gcc","gcc:-O3 -DTERMIOS -DB_ENDIAN::(unknown):::BN_LLONG MD2_CHAR RC4_INDEX RC4_CHAR RC4_CHUNK DES_UNROLL DES_RISC2 DES_PTR BF_PTR::::::::::dlfcn:irix-shared:::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", +"irix-cc", "cc:-O2 -use_readonly_const -DTERMIOS -DB_ENDIAN::(unknown):::BN_LLONG RC4_CHAR RC4_CHUNK DES_PTR DES_RISC2 DES_UNROLL BF_PTR::::::::::dlfcn:irix-shared:::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", +#### IRIX 6.x configs +# Only N32 and N64 ABIs are supported. If you need O32 ABI build, invoke +# './Configure irix-[g]cc' manually. +# -mips4 flag is added by ./config when appropriate. +"irix-mips3-gcc","gcc:-mabi=n32 -mmips-as -O3 -DTERMIOS -DB_ENDIAN -DBN_DIV3W::-D_SGI_MP_SOURCE:::MD2_CHAR RC4_INDEX RC4_CHAR RC4_CHUNK_LL DES_UNROLL DES_RISC2 DES_PTR BF_PTR SIXTY_FOUR_BIT:${mips3_irix_asm}:dlfcn:irix-shared:::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", +"irix-mips3-cc", "cc:-n32 -O2 -use_readonly_const -DTERMIOS -DB_ENDIAN -DBN_DIV3W::-D_SGI_MP_SOURCE:::DES_PTR RC4_CHAR RC4_CHUNK_LL DES_RISC2 DES_UNROLL BF_PTR SIXTY_FOUR_BIT:${mips3_irix_asm}:dlfcn:irix-shared:::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", +# N64 ABI builds. +"irix64-mips4-gcc","gcc:-mabi=64 -mips4 -mmips-as -O3 -DTERMIOS -DB_ENDIAN -DBN_DIV3W::-D_SGI_MP_SOURCE:::RC4_CHAR RC4_CHUNK DES_RISC2 DES_UNROLL SIXTY_FOUR_BIT_LONG:${mips3_irix_asm}:dlfcn:irix-shared:::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", +"irix64-mips4-cc", "cc:-64 -mips4 -O2 -use_readonly_const -DTERMIOS -DB_ENDIAN -DBN_DIV3W::-D_SGI_MP_SOURCE:::RC4_CHAR RC4_CHUNK DES_RISC2 DES_UNROLL SIXTY_FOUR_BIT_LONG:${mips3_irix_asm}:dlfcn:irix-shared:::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", + +#### Unified HP-UX ANSI C configs. +# Special notes: +# - Originally we were optimizing at +O4 level. It should be noted +# that the only difference between +O3 and +O4 is global inter- +# procedural analysis. As it has to be performed during the link +# stage the compiler leaves behind certain pseudo-code in lib*.a +# which might be release or even patch level specific. Generating +# the machine code for and analyzing the *whole* program appears +# to be *extremely* memory demanding while the performance gain is +# actually questionable. The situation is intensified by the default +# HP-UX data set size limit (infamous 'maxdsiz' tunable) of 64MB +# which is way too low for +O4. In other words, doesn't +O3 make +# more sense? +# - Keep in mind that the HP compiler by default generates code +# suitable for execution on the host you're currently compiling at. +# If the toolkit is ment to be used on various PA-RISC processors +# consider './config +DAportable'. +# - +DD64 is chosen in favour of +DA2.0W because it's ment to be +# compatible with *future* releases. +# - If you run ./Configure hpux-parisc-[g]cc manually don't forget to +# pass -D_REENTRANT on HP-UX 10 and later. +# - -DMD32_XARRAY triggers workaround for compiler bug we ran into in +# 32-bit message digests. (For the moment of this writing) HP C +# doesn't seem to "digest" too many local variables (they make "him" +# chew forever:-). For more details look-up MD32_XARRAY comment in +# crypto/sha/sha_lcl.h. +# +# +#!#"hpux-parisc-cc","cc:-Ae +O3 +ESlit -z -DB_ENDIAN -DBN_DIV2W -DMD32_XARRAY::::-ldld:BN_LLONG DES_PTR DES_UNROLL DES_RISC1::::::::::dl", +# Since there is mention of this in shlib/hpux10-cc.sh +"hpux-parisc-cc-o4","cc:-Ae +O4 +ESlit -z -DB_ENDIAN -DBN_DIV2W -DMD32_XARRAY::::-ldld:BN_LLONG DES_PTR DES_UNROLL DES_RISC1::::::::::dl:hpux-shared:+Z::.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", +"hpux-parisc-gcc","gcc:-O3 -DB_ENDIAN -DBN_DIV2W::::-Wl,+s -ldld:BN_LLONG DES_PTR DES_UNROLL DES_RISC1::::::::::dl:hpux-shared:-fPIC::.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", +"hpux64-parisc-cc","cc:-Ae +DD64 +O3 +ESlit -z -DB_ENDIAN -DMD32_XARRAY::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT::::::::::dlfcn:hpux64-shared:+Z::.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", + +# IA-64 targets +# I have no idea if this one actually works, feedback needed. +"hpux-ia64-cc","cc:-Ae +DD32 +O3 +ESlit -z -DB_ENDIAN::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT:asm/ia64-cpp.o:::::::::dlfcn:hpux-shared:+Z::.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", +# Frank Geurts has patiently assisted with +# with debugging of the following config. +"hpux64-ia64-cc","cc:-Ae +DD64 +O3 +ESlit -z -DB_ENDIAN::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT:asm/ia64-cpp.o:::::::::dlfcn:hpux64-shared:+Z::.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", + +# More attempts at unified 10.X and 11.X targets for HP C compiler. +# +# Chris Ruemmler +# Kevin Steves +"hpux-parisc-cc","cc:+O3 +Optrs_strongly_typed +Olibcalls -Ae +ESlit -DB_ENDIAN -DBN_DIV2W -DMD32_XARRAY::-D_REENTRANT::-Wl,+s -ldld:MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT::::::::::dl:hpux-shared:+Z::.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", +"hpux-parisc2-cc","cc:+DA2.0 +DS2.0 +O3 +Optrs_strongly_typed +Olibcalls -Ae +ESlit -DB_ENDIAN -DMD32_XARRAY::-D_REENTRANT::-Wl,+s -ldld:SIXTY_FOUR_BIT MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT:asm/pa-risc2.o:::::::::dl:hpux-shared:+Z::.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", +"hpux64-parisc2-cc","cc:+DD64 +O3 +Optrs_strongly_typed +Olibcalls -Ae +ESlit -DB_ENDIAN -DMD32_XARRAY::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT:asm/pa-risc2W.o:::::::::dlfcn:hpux64-shared:+Z::.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", +# Isn't the line below meaningless? HP-UX cc optimizes for host by default. +# hpux-parisc1_0-cc with +DAportable flag would make more sense. +"hpux-parisc1_1-cc","cc:+DA1.1 +DS1.1 +O3 +Optrs_strongly_typed +Olibcalls -Ae +ESlit -DB_ENDIAN -DMD32_XARRAY::-D_REENTRANT::-Wl,+s -ldld:MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT::::::::::dl:hpux-shared:+Z::.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", + +# HPUX 9.X config. +# Don't use the bundled cc. It is broken. Use HP ANSI C if possible, or +# egcs. gcc 2.8.1 is also broken. + +"hpux-cc", "cc:-DB_ENDIAN -DBN_DIV2W -DMD32_XARRAY -Ae +ESlit +O3 -z::(unknown)::-Wl,+s -ldld:BN_LLONG DES_PTR DES_UNROLL DES_RISC1::::::::::dl:hpux-shared:+Z::.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", +# If hpux-cc fails (e.g. during "make test"), try the next one; otherwise, +# please report your OS and compiler version to the openssl-bugs@openssl.org +# mailing list. +"hpux-brokencc", "cc:-DB_ENDIAN -DBN_DIV2W -Ae +ESlit +O2 -z::(unknown)::-Wl,+s -ldld:DES_PTR DES_UNROLL DES_RISC1::::::::::dl:hpux-shared:+Z::.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", + +"hpux-gcc", "gcc:-DB_ENDIAN -DBN_DIV2W -O3::(unknown)::-Wl,+s -ldld:BN_LLONG DES_PTR DES_UNROLL DES_RISC1::::::::::dl:hpux-shared:-fPIC::.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", +# If hpux-gcc fails, try this one: +"hpux-brokengcc", "gcc:-DB_ENDIAN -DBN_DIV2W -O3::(unknown)::-Wl,+s -ldld:DES_PTR DES_UNROLL DES_RISC1::::::::::dl:hpux-shared:-fPIC::.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", + +# HPUX 9.X on Motorola 68k platforms with gcc +"hpux-m68k-gcc", "gcc:-DB_ENDIAN -DBN_DIV2W -O3::(unknown):::BN_LLONG DES_PTR DES_UNROLL:::::::::::::", + +# HPUX 10.X config. Supports threads. +"hpux10-cc", "cc:-DB_ENDIAN -DBN_DIV2W -DMD32_XARRAY -Ae +ESlit +O3 -z::-D_REENTRANT::-Wl,+s -ldld:BN_LLONG DES_PTR DES_UNROLL DES_RISC1::::::::::dl:hpux-shared:+Z::.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", +# If hpux10-cc fails, try this one (if still fails, try deleting BN_LLONG): +"hpux10-brokencc", "cc:-DB_ENDIAN -DBN_DIV2W -Ae +ESlit +O2 -z::-D_REENTRANT::-Wl,+s -ldld:BN_LLONG DES_PTR DES_UNROLL DES_RISC1::::::::::dl:hpux-shared:+Z::.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", + +"hpux10-gcc", "gcc:-DB_ENDIAN -DBN_DIV2W -O3::-D_REENTRANT::-Wl,+s -ldld:BN_LLONG DES_PTR DES_UNROLL DES_RISC1::::::::::dl:hpux-shared:-fPIC::.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", +# If hpux10-gcc fails, try this one: +"hpux10-brokengcc", "gcc:-DB_ENDIAN -DBN_DIV2W -O3::-D_REENTRANT::-Wl,+s -ldld:DES_PTR DES_UNROLL DES_RISC1::::::::::dl:hpux-shared:-fPIC::.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", + +# HPUX 11.X from www.globus.org. +# Only works on PA-RISC 2.0 cpus, and not optimized. Why? +#"hpux11-32bit-cc","cc:+DA2.0 -DB_ENDIAN -D_HPUX_SOURCE -Aa -Ae +ESlit::-D_REENTRANT:::DES_PTR DES_UNROLL DES_RISC1:::", +#"hpux11-64bit-cc","cc:+DA2.0W -g -D_HPUX_SOURCE -Aa -Ae +ESlit::-D_REENTRANT:::SIXTY_FOUR_BIT_LONG MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT :::", +# Use unified settings above instead. + +#### HP MPE/iX http://jazz.external.hp.com/src/openssl/ +"MPE/iX-gcc", "gcc:-D_ENDIAN -DBN_DIV2W -O3 -D_POSIX_SOURCE -D_SOCKET_SOURCE -I/SYSLOG/PUB::(unknown):MPE:-L/SYSLOG/PUB -lsyslog -lsocket -lcurses:BN_LLONG DES_PTR DES_UNROLL DES_RISC1:::", + +#### PARISC Linux setups +"linux-parisc","gcc:-DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall -DBN_DIV2W::-D_REENTRANT:::BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR::", + +# Dec Alpha, OSF/1 - the alpha164-cc is historical, for the conversion +# from the older DEC C Compiler to the newer compiler. It's now the +# same as the preferred entry, alpha-cc. If you are still using the +# older compiler (you're at 3.x or earlier, or perhaps very early 4.x) +# you should use `alphaold-cc'. +# +# "What's in a name? That which we call a rose +# By any other word would smell as sweet." +# +# - William Shakespeare, "Romeo & Juliet", Act II, scene II. +# +# For OSF/1 3.2b and earlier, and Digital UNIX 3.2c - 3.2g, with the +# vendor compiler, use alphaold-cc. +# For Digital UNIX 4.0 - 4.0e, with the vendor compiler, use alpha-cc. +# For Tru64 UNIX 4.f - current, with the vendor compiler, use alpha-cc. +# +# There's also an alternate target available (which `config' will never +# select) called alpha-cc-rpath. This target builds an RPATH into the +# shared libraries, which is very convenient on Tru64 since binaries +# linked against that shared library will automatically inherit that RPATH, +# and hence know where to look for the openssl libraries, even if they're in +# an odd place. +# +# For gcc, the following gave a %50 speedup on a 164 over the 'DES_INT' version +# +"alpha-gcc","gcc:-O3::(unknown):::SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_UNROLL DES_RISC1:${alpha_asm}:dlfcn:alpha-osf1-shared:::.so", +"alphaold-cc", "cc:-std1 -tune host -O4 -readonly_strings::(unknown):::SIXTY_FOUR_BIT_LONG RC4_CHUNK:${alpha_asm}:dlfcn:alpha-osf1-shared:::.so", +"alpha164-cc", "cc:-std1 -tune host -fast -readonly_strings::-pthread:::SIXTY_FOUR_BIT_LONG RC4_CHUNK:${alpha_asm}:dlfcn:tru64-shared:::.so", +"alpha-cc", "cc:-std1 -tune host -fast -readonly_strings::-pthread:::SIXTY_FOUR_BIT_LONG RC4_CHUNK:${alpha_asm}:dlfcn:tru64-shared:::.so", +"alpha-cc-rpath", "cc:-std1 -tune host -fast -readonly_strings::-pthread:::SIXTY_FOUR_BIT_LONG RC4_CHUNK:${alpha_asm}:dlfcn:tru64-shared-rpath:::.so", +# +# This probably belongs in a different section. +# +"FreeBSD-alpha","gcc:-DTERMIOS -O -fomit-frame-pointer::(unknown):::SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_PTR DES_RISC2::::::::::dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", + +#### Alpha Linux with GNU C and Compaq C setups +# Special notes: +# - linux-alpha+bwx-gcc is ment to be used from ./config only. If you +# ought to run './Configure linux-alpha+bwx-gcc' manually, do +# complement the command line with -mcpu=ev56, -mcpu=ev6 or whatever +# which is appropriate. +# - If you use ccc keep in mind that -fast implies -arch host and the +# compiler is free to issue instructions which gonna make elder CPU +# choke. If you wish to build "blended" toolkit, add -arch generic +# *after* -fast and invoke './Configure linux-alpha-ccc' manually. +# +# +# +"linux-alpha-gcc","gcc:-O3 -DL_ENDIAN -DTERMIO::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_RISC1 DES_UNROLL:${alpha_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", +"linux-alpha+bwx-gcc","gcc:-O3 -DL_ENDIAN -DTERMIO::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_RISC1 DES_UNROLL:${alpha_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", +"linux-alpha-ccc","ccc:-fast -readonly_strings -DL_ENDIAN -DTERMIO::-D_REENTRANT:::SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_PTR DES_RISC1 DES_UNROLL:${alpha_asm}", +"linux-alpha+bwx-ccc","ccc:-fast -readonly_strings -DL_ENDIAN -DTERMIO::-D_REENTRANT:::SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_PTR DES_RISC1 DES_UNROLL:${alpha_asm}", + +# assembler versions -- currently defunct: +##"OpenBSD-alpha","gcc:-DTERMIOS -O3 -fomit-frame-pointer:::(unknown):SIXTY_FOUR_BIT_LONG DES_INT DES_PTR DES_RISC2:${alpha_asm}", # The intel boxes :-), It would be worth seeing if bsdi-gcc can use the # bn86-elf.o file file since it is hand tweaked assembler. -"linux-elf", "gcc:-DL_ENDIAN -DTERMIO -DBN_ASM -O3 -fomit-frame-pointer -m486 -Wall -Wuninitialized::BN_LLONG $x86_gcc_des $x86_gcc_opts:$x86_elf_asm", -"debug-linux-elf","gcc:-DREF_CHECK -DBN_ASM -DCRYPTO_MDEBUG -DL_ENDIAN -DTERMIO -g -m486 -Wall:-lefence:BN_LLONG $x86_gcc_des $x86_gcc_opts:$x86_elf_asm", -"linux-aout", "gcc:-DL_ENDIAN -DTERMIO -DBN_ASM -O3 -fomit-frame-pointer -m486 -Wall::BN_LLONG $x86_gcc_des $x86_gcc_opts:$x86_out_asm", -"NetBSD-sparc", "gcc:-DTERMIOS -O3 -fomit-frame-pointer -mv8 -Wall -DB_ENDIAN::BN_LLONG MD2_CHAR RC4_INDEX DES_UNROLL:::", -"NetBSD-m86", "gcc:-DTERMIOS -O3 -fomit-frame-pointer -Wall -DB_ENDIAN::BN_LLONG MD2_CHAR RC4_INDEX DES_UNROLL:::", -"NetBSD-x86", "gcc:-DTERMIOS -DBN_ASM -D_ANSI_SOURCE -O3 -fomit-frame-pointer -m486 -Wall::BN_LLONG $x86_gcc_des $x86_gcc_opts:", -"OpenBSD-alpha","gcc:-DTERMIOS -O3 -fomit-frame-pointer -Wall::SIXTY_FOUR_BIT_LONGS DES_INT DES_PTR DES_RISC2:::", -"OpenBSD-x86", "gcc:-DTERMIOS -DBN_ASM -DL_ENDIAN -D_ANSI_SOURCE -fomit-frame-pointer -O3 -m486 -Wall::BN_LLONG $x86_gcc_des $x86_gcc_opts:$x86_out_asm", -"OpenBSD-bigendian", "gcc:-DTERMIOS -O3 -fomit-frame-pointer -Wall -DB_ENDIAN::BN_LLONG MD2_CHAR RC4_INDEX DES_UNROLL:::", -"FreeBSD", "gcc:-DTERMIOS -DBN_ASM -DL_ENDIAN -D_ANSI_SOURCE -fomit-frame-pointer -O3 -m486 -Wall::BN_LLONG $x86_gcc_des $x86_gcc_opts:$x86_out_asm", -#"bsdi-gcc", "gcc:-O3 -ffast-math -DBN_ASM -DL_ENDIAN -DPERL5 -m486::RSA_LLONG $x86_gc_des $x86_gcc_opts:$x86_bsdi_asm", -"nextstep", "cc:-O3 -Wall -DBN_ASM::BN_LLONG $x86_gcc_des $x86_gcc_opts:::", +"linux-elf", "gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -m486 -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", +"linux-pentium", "gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -mcpu=pentium -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", +"linux-ppro", "gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -mcpu=pentiumpro -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", +"linux-k6", "gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -mcpu=k6 -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", +"debug-linux-pentium","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DL_ENDIAN -DTERMIO -g -mcpu=pentium -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn", +"debug-linux-ppro","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DL_ENDIAN -DTERMIO -g -mcpu=pentiumpro -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn", +"debug-linux-elf","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DL_ENDIAN -DTERMIO -g -m486 -Wall::-D_REENTRANT::-lefence -ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", +"debug-linux-elf-noefence","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DL_ENDIAN -DTERMIO -g -m486 -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn", +"linux-aout", "gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -m486 -Wall::(unknown):::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_out_asm}", +"linux-mipsel", "gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::(unknown):::BN_LLONG:::", +"linux-mips", "gcc:-DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::(unknown):::BN_LLONG:::", +"linux-ppc", "gcc:-DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_RISC1 DES_UNROLL::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", +"linux-m68k", "gcc:-DB_ENDIAN -DTERMIO -O2 -fomit-frame-pointer -Wall::-D_REENTRANT:::BN_LLONG::", +"linux-s390", "gcc:-DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT:::BN_LLONG::", +"linux-s390x", "gcc:-DB_ENDIAN -DTERMIO -DNO_ASM -O3 -fomit-frame-pointer -Wall::-D_REENTRANT:::SIXTY_FOUR_BIT_LONG:::::::::::linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", +"linux-ia64", "gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK RC4_CHAR:asm/ia64.o:::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", +"NetBSD-sparc", "gcc:-DTERMIOS -O3 -fomit-frame-pointer -mv8 -Wall -DB_ENDIAN::(unknown):::BN_LLONG MD2_CHAR RC4_INDEX DES_UNROLL::::::::::dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", +"NetBSD-m68", "gcc:-DTERMIOS -O3 -fomit-frame-pointer -Wall -DB_ENDIAN::(unknown):::BN_LLONG MD2_CHAR RC4_INDEX DES_UNROLL::::::::::dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", +"NetBSD-x86", "gcc:-DTERMIOS -O3 -fomit-frame-pointer -m486 -Wall::(unknown):::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}::::::::::dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", +"FreeBSD-elf", "gcc:-DTERMIOS -DL_ENDIAN -fomit-frame-pointer -O3 -m486 -Wall::-pthread -D_REENTRANT -D_THREAD_SAFE -D_THREADSAFE:::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", +"FreeBSD", "gcc:-DTERMIOS -DL_ENDIAN -fomit-frame-pointer -O3 -m486 -Wall::(unknown):::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_out_asm}", +"bsdi-gcc", "gcc:-O3 -ffast-math -DL_ENDIAN -DPERL5 -m486::(unknown):::RSA_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_bsdi_asm}", +"bsdi-elf-gcc", "gcc:-DPERL5 -DL_ENDIAN -fomit-frame-pointer -O3 -m486 -Wall::(unknown)::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", +"nextstep", "cc:-O -Wall::(unknown):::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:::", +"nextstep3.3", "cc:-O3 -Wall::(unknown):::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:::", + # NCR MP-RAS UNIX ver 02.03.01 -"ncr-scde","cc:-O6 -Xa -Hoff=BEHAVED -686 -Hwide -Hiw:-lsocket -lnsl:$x86_gcc_des $x86_gcc_opts:::", +"ncr-scde","cc:-O6 -Xa -Hoff=BEHAVED -686 -Hwide -Hiw::(unknown)::-lsocket -lnsl:${x86_gcc_des} ${x86_gcc_opts}:::", + +# QNX 4 +"qnx4", "cc:-DL_ENDIAN -DTERMIO::(unknown):::${x86_gcc_des} ${x86_gcc_opts}:", + +# QNX 6 +"qnx6", "cc:-DL_ENDIAN -DTERMIOS::(unknown)::-lsocket:${x86_gcc_des} ${x86_gcc_opts}:", -# UnixWare 2.0 -"unixware-2.0","cc:-O -DFILIO_H:-lsocket -lnsl:$x86_gcc_des $x86_gcc_opts:::", -"unixware-2.0-pentium","cc:-O -DFILIO_H -Kpentium -Kthread:-lsocket -lnsl:MD2_CHAR RC4_INDEX $x86_des_des::", +# Linux on ARM +"linux-elf-arm","gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT:::BN_LLONG::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", + +# UnixWare 2.0x fails destest with -O +"unixware-2.0","cc:-DFILIO_H::-Kthread::-lsocket -lnsl -lx:${x86_gcc_des} ${x86_gcc_opts}:::", +"unixware-2.0-pentium","cc:-DFILIO_H -Kpentium::-Kthread::-lsocket -lnsl -lx:MD2_CHAR RC4_INDEX ${x86_gcc_des}::", + +# UnixWare 2.1 +"unixware-2.1","cc:-O -DFILIO_H::-Kthread::-lsocket -lnsl -lx:${x86_gcc_des} ${x86_gcc_opts}:::", +"unixware-2.1-pentium","cc:-O -DFILIO_H -Kpentium::-Kthread::-lsocket -lnsl -lx:MD2_CHAR RC4_INDEX ${x86_gcc_des}::", +"unixware-2.1-p6","cc:-O -DFILIO_H -Kp6::-Kthread::-lsocket -lnsl -lx:MD2_CHAR RC4_INDEX ${x86_gcc_des}::", + +# UnixWare 7 +"unixware-7","cc:-O -DFILIO_H -Kalloca::-Kthread::-lsocket -lnsl:BN_LLONG MD2_CHAR RC4_INDEX ${x86_gcc_des}::::::::::dlfcn:svr5-shared:-Kpic::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", +"unixware-7-pentium","cc:-O -DFILIO_H -Kalloca -Kpentium::-Kthread::-lsocket -lnsl:BN_LLONG MD2_CHAR RC4_INDEX ${x86_gcc_des}::::::::::dlfcn:svr5-shared:-Kpic::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", +"unixware-7-pentium_pro","cc:-O -DFILIO_H -Kalloca -Kpentium_pro::-Kthread::-lsocket -lnsl:BN_LLONG MD2_CHAR RC4_INDEX ${x86_gcc_des}::::::::::dlfcn:svr5-shared:-Kpic::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", +"unixware-7-gcc","gcc:-DL_ENDIAN -DFILIO_H -O3 -fomit-frame-pointer -m486 -Wall::-D_REENTRANT::-lsocket -lnsl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}::::::::::dlfcn:gnu-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", + +# OpenUNIX 8 +"OpenUNIX-8","cc:-O -DFILIO_H -Kalloca::-Kthread::-lsocket -lnsl:BN_LLONG MD2_CHAR RC4_INDEX ${x86_gcc_des}::::::::::dlfcn:svr5-shared:-Kpic::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", +"OpenUNIX-8-gcc","gcc:-O -DFILIO_H -fomit-frame-pointer::-pthread::-lsocket -lnsl:BN_LLONG MD2_CHAR RC4_INDEX ${x86_gcc_des}::::::::::dlfcn:svr5-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", +"OpenUNIX-8-pentium","cc:-O -DFILIO_H -Kalloca -Kpentium::-Kthread::-lsocket -lnsl:BN_LLONG MD2_CHAR RC4_INDEX ${x86_gcc_des}::::::::::dlfcn:svr5-shared:-Kpic::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", +"OpenUNIX-8-pentium_pro","cc:-O -DFILIO_H -Kalloca -Kpentium_pro::-Kthread::-lsocket -lnsl:BN_LLONG MD2_CHAR RC4_INDEX ${x86_gcc_des}::::::::::dlfcn:svr5-shared:-Kpic::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", # IBM's AIX. -"aix-cc", "cc:-O -DAIX -DB_ENDIAN::BN_LLONG RC4_CHAR:::", -"aix-gcc", "gcc:-O2 -DAIX -DB_ENDIAN::BN_LLONG RC4_CHAR:::", +"aix-cc", "cc:-O -DB_ENDIAN -qmaxmem=16384::(unknown):AIX::BN_LLONG RC4_CHAR:::", +"aix-gcc", "gcc:-O3 -DB_ENDIAN::(unknown):AIX::BN_LLONG RC4_CHAR:::", +"aix43-cc", "cc:-O -DAIX -DB_ENDIAN -qmaxmem=16384::(unknown):::BN_LLONG RC4_CHAR::::::::::dlfcn:", +"aix43-gcc", "gcc:-O3 -DAIX -DB_ENDIAN::(unknown):::BN_LLONG RC4_CHAR::::::::::dlfcn:", # -# Cray T90 (SDSC) +# Cray T90 and similar (SDSC) # It's Big-endian, but the algorithms work properly when B_ENDIAN is NOT # defined. The T90 ints and longs are 8 bytes long, and apparently the # B_ENDIAN code assumes 4 byte ints. Fortunately, the non-B_ENDIAN and @@ -160,104 +447,654 @@ $x86_bsdi_asm="asm/bn86bsdi.o:asm/dx86bsdi.o asm/yx86bsdi.o:asm/bx86bsdi.o:asm/m #'Taking the address of a bit field is not allowed. ' #'An expression with bit field exists as the operand of "sizeof" ' # (written by Wayne Schroeder ) -"cray-t90-cc", "cc: -DBIT_FIELD_LIMITS -DTERMIOS::SIXTY_FOUR_BIT_LONG DES_INT:::", +# +# j90 is considered the base machine type for unicos machines, +# so this configuration is now called "cray-j90" ... +"cray-j90", "cc: -DBIT_FIELD_LIMITS -DTERMIOS::(unknown):CRAY::SIXTY_FOUR_BIT_LONG DES_INT:::", + +# +# Cray T3E (Research Center Juelich, beckman@acl.lanl.gov) +# +# The BIT_FIELD_LIMITS define was written for the C90 (it seems). I added +# another use. Basically, the problem is that the T3E uses some bit fields +# for some st_addr stuff, and then sizeof and address-of fails +# I could not use the ams/alpha.o option because the Cray assembler, 'cam' +# did not like it. +"cray-t3e", "cc: -DBIT_FIELD_LIMITS -DTERMIOS::(unknown):CRAY::SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT:::", # DGUX, 88100. -"dgux-R3-gcc", "gcc:-O3 -fomit-frame-pointer::RC4_INDEX DES_UNROLL:::", -"dgux-R4-gcc", "gcc:-O3 -fomit-frame-pointer:-lnsl -lsocket:RC4_INDEX:RC4_INDEX DES_UNROLL:::", -"dgux-R4-x86-gcc", "gcc:-O3 -DBN_ASM -fomit-frame-pointer -DL_ENDIAN:-lnsl -lsocket:BN_LLONG $x86_gcc_des $x86_gcc_opts:$x86_elf_asm", +"dgux-R3-gcc", "gcc:-O3 -fomit-frame-pointer::(unknown):::RC4_INDEX DES_UNROLL:::", +"dgux-R4-gcc", "gcc:-O3 -fomit-frame-pointer::(unknown)::-lnsl -lsocket:RC4_INDEX DES_UNROLL:::", +"dgux-R4-x86-gcc", "gcc:-O3 -fomit-frame-pointer -DL_ENDIAN::(unknown)::-lnsl -lsocket:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}", + +# SCO 3 - Tim Rice +"sco3-gcc", "gcc:-O3 -fomit-frame-pointer -Dssize_t=int -DNO_SYS_UN_H::(unknown)::-lsocket:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:::", # the SCO assembler doesn't seem to like our assembler files ... + +# SCO 5 - Ben Laurie says the -O breaks the +# SCO cc. +"sco5-cc", "cc:-belf::(unknown)::-lsocket -lresolv -lnsl:${x86_gcc_des} ${x86_gcc_opts}::::::::::dlfcn:svr3-shared:-Kpic", # des options? +"sco5-cc-pentium", "cc:-Kpentium::(unknown)::-lsocket:${x86_gcc_des} ${x86_gcc_opts}:::", # des options? +"sco5-gcc", "gcc:-O3 -fomit-frame-pointer::(unknown)::-lsocket -lresolv -lnsl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:svr3-shared:-fPIC", # the SCO assembler doesn't seem to like our assembler files ... -# SCO 5 -"sco5-cc", "cc:-O:-lsocket:$x86_gcc_des $x86_gcc_opts:::", # des options? +# Sinix/ReliantUNIX RM400 +# NOTE: The CDS++ Compiler up to V2.0Bsomething has the IRIX_CC_BUG optimizer problem. Better use -g */ +"ReliantUNIX","cc:-KPIC -g -DTERMIOS -DB_ENDIAN::-Kthread:SNI:-lsocket -lnsl -lc -L/usr/ucblib -lucb:BN_LLONG DES_PTR DES_RISC2 DES_UNROLL BF_PTR::::::::::dlfcn:reliantunix-shared:::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", +"SINIX","cc:-O::(unknown):SNI:-lsocket -lnsl -lc -L/usr/ucblib -lucb:RC4_INDEX RC4_CHAR:::", +"SINIX-N","/usr/ucb/cc:-O2 -misaligned::(unknown)::-lucb:RC4_INDEX RC4_CHAR:::", -# Sinix RM400 -"SINIX-N","/usr/ucb/cc:-O2 -misaligned:-lucb:RC4_INDEX RC4_CHAR:::", +# SIEMENS BS2000/OSD: an EBCDIC-based mainframe +"BS2000-OSD","c89:-O -XLLML -XLLMK -XL -DB_ENDIAN -DTERMIOS -DCHARSET_EBCDIC::(unknown)::-lsocket -lnsl:THIRTY_TWO_BIT DES_PTR DES_UNROLL MD2_CHAR RC4_INDEX RC4_CHAR BF_PTR:::", + +# OS/390 Unix an EBCDIC-based Unix system on IBM mainframe +# You need to compile using the c89.sh wrapper in the tools directory, because the +# IBM compiler does not like the -L switch after any object modules. +# +"OS390-Unix","c89.sh:-O -DB_ENDIAN -DCHARSET_EBCDIC -DNO_SYS_PARAM_H -D_ALL_SOURCE::(unknown):::THIRTY_TWO_BIT DES_PTR DES_UNROLL MD2_CHAR RC4_INDEX RC4_CHAR BF_PTR:::", # Windows NT, Microsoft Visual C++ 4.0 -# hmm... bug in perl under NT, I need to concatinate :-( -"VC-NT","cl:::BN_LLONG RC4_INDEX ".$x86_gcc_opts.":::", -"VC-WIN32","cl:::BN_LLONG RC4_INDEX ".$x86_gcc_opts.":::", -"VC-WIN16","cl:::MD2_CHAR DES_UNROLL DES_PTR RC4_INDEX THIRTY_TWO_BIT:::", -"VC-W31-16","cl:::BN_LLONG MD2_CHAR DES_UNROLL DES_PTR RC4_INDEX SIXTEEN_BIT:::", -"VC-W31-32","cl:::MD2_CHAR DES_UNROLL DES_PTR RC4_INDEX THIRTY_TWO_BIT:::", -"VC-MSDOS","cl:::BN_LLONG MD2_CHAR DES_UNROLL DES_PTR RC4_INDEX SIXTEEN_BIT:::", +"VC-NT","cl::::WINNT::BN_LLONG RC4_INDEX EXPORT_VAR_AS_FN ${x86_gcc_opts}::::::::::win32", +"VC-WIN32","cl::::WIN32::BN_LLONG RC4_INDEX EXPORT_VAR_AS_FN ${x86_gcc_opts}::::::::::win32", +"VC-WIN16","cl:::(unknown):WIN16::MD2_CHAR DES_UNROLL DES_PTR RC4_INDEX THIRTY_TWO_BIT:::", +"VC-W31-16","cl:::(unknown):WIN16::BN_LLONG MD2_CHAR DES_UNROLL DES_PTR RC4_INDEX SIXTEEN_BIT:::", +"VC-W31-32","cl::::WIN16::BN_LLONG MD2_CHAR DES_UNROLL DES_PTR RC4_INDEX THIRTY_TWO_BIT:::", +"VC-MSDOS","cl:::(unknown):MSDOS::BN_LLONG MD2_CHAR DES_UNROLL DES_PTR RC4_INDEX SIXTEEN_BIT:::", # Borland C++ 4.5 -"BC-32","bcc32:::DES_PTR RC4_INDEX:::", -"BC-16","bcc:::BN_LLONG DES_PTR RC4_INDEX SIXTEEN_BIT:::", +"BC-32","bcc32::::WIN32::BN_LLONG DES_PTR RC4_INDEX::::::::::win32", +"BC-16","bcc:::(unknown):WIN16::BN_LLONG DES_PTR RC4_INDEX SIXTEEN_BIT:::", + +# Mingw32 +# (Note: the real CFLAGS for Windows builds are defined by util/mk1mf.pl +# and its library files in util/pl/*) +"Mingw32", "gcc:-DL_ENDIAN -fomit-frame-pointer -O3 -m486 -Wall:::::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}::::::::::win32", + +# Cygwin +"Cygwin-pre1.3", "gcc:-DTERMIOS -DL_ENDIAN -fomit-frame-pointer -O3 -m486 -Wall::(unknown):CYGWIN32::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}::::::::::win32", +"Cygwin", "gcc:-DTERMIOS -DL_ENDIAN -fomit-frame-pointer -O3 -m486 -Wall:::CYGWIN32::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_out_asm}:win32:cygwin-shared:::.dll", + +# Ultrix from Bernhard Simon +"ultrix-cc","cc:-std1 -O -Olimit 1000 -DL_ENDIAN::(unknown):::::::", +"ultrix-gcc","gcc:-O3 -DL_ENDIAN::(unknown):::::::", +# K&R C is no longer supported; you need gcc on old Ultrix installations +##"ultrix","cc:-O2 -DNOPROTO -DNOCONST -DL_ENDIAN::(unknown):::::::", + +# Some OpenBSD from Bob Beck +"OpenBSD", "gcc:-DTERMIOS -O3 -fomit-frame-pointer::(unknown):::BN_LLONG RC2_CHAR RC4_INDEX DES_INT DES_UNROLL::::::::::dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", +"OpenBSD-alpha", "gcc:-DTERMIOS -O3 -fomit-frame-pointer::(unknown):::SIXTY_FOUR_BIT_LONG DES_INT DES_PTR DES_RISC2::::::::::dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", +"OpenBSD-i386", "gcc:-DL_ENDIAN -DTERMIOS -O3 -fomit-frame-pointer::(unknown):::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_out_asm}:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", +"OpenBSD-m68k", "gcc:-DTERMIOS -O3 -fomit-frame-pointer::(unknown):::BN_LLONG RC2_CHAR RC4_INDEX DES_INT DES_UNROLL::::::::::dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", +"OpenBSD-m88k", "gcc:-DTERMIOS -O3 -fomit-frame-pointer::(unknown):::BN_LLONG RC2_CHAR RC4_INDEX DES_INT DES_UNROLL::::::::::dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", +"OpenBSD-mips", "gcc:-DL_ENDIAN -DTERMIOS -O3 -fomit-frame-pointer::(unknown):::BN_LLONG RC2_CHAR RC4_INDEX DES_INT DES_UNROLL DES_RISC2::::::::::dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", +"OpenBSD-powerpc", "gcc:-DTERMIOS -O3 -fomit-frame-pointer::(unknown):::BN_LLONG RC2_CHAR RC4_INDEX DES_INT DES_UNROLL::::::::::dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", +"OpenBSD-sparc", "gcc:-DTERMIOS -O3 -fomit-frame-pointer::(unknown):::BN_LLONG RC2_CHAR RC4_INDEX DES_INT DES_UNROLL::::::::::dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", +"OpenBSD-sparc64", "gcc:-DB_ENDIAN -DTERMIOS -O3 -fomit-frame-pointer::(unknown):::SIXTY_FOUR_BIT_LONG DES_INT DES_PTR DES_RISC2 BF_PTR::::::::::dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", +"OpenBSD-vax", "gcc:-DL_ENDIAN -DTERMIOS -O3 -fomit-frame-pointer::(unknown):::BN_LLONG RC2_CHAR RC4_INDEX DES_INT DES_UNROLL::::::::::dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", +"OpenBSD-hppa", "gcc:-DTERMIOS -O3 -fomit-frame-pointer::(unknown):::BN_LLONG RC2_CHAR RC4_INDEX DES_UNROLL::::::::::dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", + +##### MacOS X (a.k.a. Rhapsody or Darwin) setup +"rhapsody-ppc-cc","cc:-O3 -DB_ENDIAN::(unknown):MACOSX::BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:::", +"darwin-ppc-cc","cc:-O3 -nostdinc -I/System/Library/Frameworks/System.framework/Headers -I/System/Library/Frameworks/System.frameworks/Headers/bsd -I/usr/include -fomit-frame-pointer -Wall -DB_ENDIAN::(unknown):MACOSX::BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:::::::::::darwin-shared:-fPIC::.\$(SHLIB_MAJOR).\$(SHLIB_MINOR).dylib", +"darwin-i386-cc","cc:-O3 -nostdinc -I/System/Library/Frameworks/System.framework/Headers -I/System/Library/Frameworks/System.frameworks/Headers/bsd -I/usr/include -fomit-frame-pointer -Wall -DB_ENDIAN::(unknown):MACOSX::BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:::::::::::darwin-shared:-fPIC::.\$(SHLIB_MAJOR).\$(SHLIB_MINOR).dylib", + +##### Sony NEWS-OS 4.x +"newsos4-gcc","gcc:-O -DB_ENDIAN::(unknown):NEWS4:-lmld -liberty:BN_LLONG RC4_CHAR RC4_CHUNK DES_PTR DES_RISC1 DES_UNROLL BF_PTR::::", + +##### GNU Hurd +"hurd-x86", "gcc:-DL_ENDIAN -DTERMIOS -O3 -fomit-frame-pointer -m486 -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC", + +##### OS/2 EMX +"OS2-EMX", "gcc::::::::", + +##### VxWorks for various targets +"vxworks-ppc405","ccppc:-g -msoft-float -mlongcall -DCPU=PPC405 -I\$(WIND_BASE)/target/h:::VXWORKS:-r:::::", + ); -$postfix="org"; -$Makefile="Makefile.ssl"; -$des_locl="crypto/des/des_locl.h"; -$des ="crypto/des/des.h"; -$bn ="crypto/bn/bn.h"; -$md2 ="crypto/md2/md2.h"; -$rc4 ="crypto/rc4/rc4.h"; -$rc4_locl="crypto/rc4/rc4_locl.h"; -$idea ="crypto/idea/idea.h"; -$rc2 ="crypto/rc2/rc2.h"; -$bf ="crypto/bf/bf_locl.h"; -$bn_mulw="bn_mulw.o"; -$des_enc="des_enc.o fcrypt_b.o"; -$bf_enc ="bf_enc.o"; -$cast_enc="c_enc.o"; -$rc4_enc="rc4_enc.o"; -$rc5_enc="rc5_enc.o"; -$md5_obj=""; -$sha1_obj=""; -$rmd160_obj=""; - -if ($#ARGV < 0) - { - &bad_target; - exit(1); - } +my @WinTargets=qw(VC-NT VC-WIN32 VC-WIN16 VC-W31-16 VC-W31-32 VC-MSDOS BC-32 + BC-16 Mingw32 OS2-EMX); + +my $idx = 0; +my $idx_cc = $idx++; +my $idx_cflags = $idx++; +my $idx_unistd = $idx++; +my $idx_thread_cflag = $idx++; +my $idx_sys_id = $idx++; +my $idx_lflags = $idx++; +my $idx_bn_ops = $idx++; +my $idx_bn_obj = $idx++; +my $idx_des_obj = $idx++; +my $idx_bf_obj = $idx++; +my $idx_md5_obj = $idx++; +my $idx_sha1_obj = $idx++; +my $idx_cast_obj = $idx++; +my $idx_rc4_obj = $idx++; +my $idx_rmd160_obj = $idx++; +my $idx_rc5_obj = $idx++; +my $idx_dso_scheme = $idx++; +my $idx_shared_target = $idx++; +my $idx_shared_cflag = $idx++; +my $idx_shared_ldflag = $idx++; +my $idx_shared_extension = $idx++; +my $idx_ranlib = $idx++; + +my $prefix=""; +my $openssldir=""; +my $exe_ext=""; +my $install_prefix=""; +my $no_threads=0; +my $no_shared=1; +my $zlib=0; +my $no_krb5=0; +my $threads=0; +my $no_asm=0; +my $no_dso=0; +my @skip=(); +my $Makefile="Makefile.ssl"; +my $des_locl="crypto/des/des_locl.h"; +my $des ="crypto/des/des.h"; +my $bn ="crypto/bn/bn.h"; +my $md2 ="crypto/md2/md2.h"; +my $rc4 ="crypto/rc4/rc4.h"; +my $rc4_locl="crypto/rc4/rc4_locl.h"; +my $idea ="crypto/idea/idea.h"; +my $rc2 ="crypto/rc2/rc2.h"; +my $bf ="crypto/bf/bf_locl.h"; +my $bn_asm ="bn_asm.o"; +my $des_enc="des_enc.o fcrypt_b.o"; +my $bf_enc ="bf_enc.o"; +my $cast_enc="c_enc.o"; +my $rc4_enc="rc4_enc.o"; +my $rc5_enc="rc5_enc.o"; +my $md5_obj=""; +my $sha1_obj=""; +my $rmd160_obj=""; +my $processor=""; +my $default_ranlib; +my $perl; + +my $no_ssl2=0; +my $no_ssl3=0; +my $no_tls1=0; +my $no_md5=0; +my $no_sha=0; +my $no_rsa=0; +my $no_dh=0; + +$default_ranlib= &which("ranlib") or $default_ranlib="true"; +$perl=$ENV{'PERL'} or $perl=&which("perl5") or $perl=&which("perl") + or $perl="perl"; + +&usage if ($#ARGV < 0); -$flags=""; -foreach (@ARGV) +my $flags; +my $depflags; +my $openssl_algorithm_defines; +my $openssl_thread_defines; +my $openssl_sys_defines=""; +my $openssl_other_defines; +my $libs; +my $target; +my $options; +my $symlink; +my %withargs=(); + +my @argvcopy=@ARGV; +my $argvstring=""; +my $argv_unprocessed=1; + +while($argv_unprocessed) { - if ($_ =~ /^-/) + $flags=""; + $depflags=""; + $openssl_algorithm_defines=""; + $openssl_thread_defines=""; + $openssl_sys_defines=""; + $openssl_other_defines=""; + $libs=""; + $target=""; + $options=""; + $symlink=1; + + $argv_unprocessed=0; + $argvstring=join(' ',@argvcopy); + +PROCESS_ARGS: + foreach (@argvcopy) { - if ($_ =~ /^-[lL](.*)$/) + s /^-no-/no-/; # some people just can't read the instructions + if (/^--test-sanity$/) + { + exit(&test_sanity()); + } + elsif (/^no-asm$/) + { + $no_asm=1; + $flags .= "-DOPENSSL_NO_ASM "; + $openssl_other_defines .= "#define OPENSSL_NO_ASM\n"; + } + elsif (/^no-hw-(.+)$/) + { + my $hw=$1; + $hw =~ tr/[a-z]/[A-Z]/; + $flags .= "-DOPENSSL_NO_HW_$hw "; + $openssl_other_defines .= "#define OPENSSL_NO_HW_$hw\n"; + } + elsif (/^no-hw$/) + { + $flags .= "-DOPENSSL_NO_HW "; + $openssl_other_defines .= "#define OPENSSL_NO_HW\n"; + } + elsif (/^no-dso$/) + { $no_dso=1; } + elsif (/^no-krb5$/) + { $no_krb5=1; } + elsif (/^no-threads$/) + { $no_threads=1; } + elsif (/^threads$/) + { $threads=1; } + elsif (/^no-shared$/) + { $no_shared=1; } + elsif (/^shared$/) + { $no_shared=0; } + elsif (/^no-zlib$/) + { $zlib=0; } + elsif (/^zlib$/) + { $zlib=1; } + elsif (/^zlib-dynamic$/) + { $zlib=2; } + elsif (/^no-symlinks$/) + { $symlink=0; } + elsif (/^no-ssl$/) + { $no_ssl2 = $no_ssl3 = 1; } + elsif (/^no-ssl2$/) + { $no_ssl2 = 1; } + elsif (/^no-ssl3$/) + { $no_ssl3 = 1; } + elsif (/^no-tls1?$/) + { $no_tls1 = 1; } + elsif (/^no-(.+)$/) + { + my $algo=$1; + push @skip,$algo; + $algo =~ tr/[a-z]/[A-Z]/; + $flags .= "-DOPENSSL_NO_$algo "; + $depflags .= "-DOPENSSL_NO_$algo "; + $openssl_algorithm_defines .= "#define OPENSSL_NO_$algo\n"; + if ($algo eq "RIJNDAEL") + { + $flags .= "-DOPENSSL_NO_AES "; + $depflags .= "-DOPENSSL_NO_AES "; + $openssl_algorithm_defines .= "#define OPENSSL_NO_AES\n"; + } + if ($algo eq "DES") + { + push @skip, "mdc2"; + $options .= " no-mdc2"; + $flags .= "-DOPENSSL_NO_MDC2 "; + $depflags .= "-DOPENSSL_NO_MDC2 "; + $openssl_algorithm_defines .= "#define OPENSSL_NO_MDC2\n"; + } + if ($algo eq "MD5") + { + $no_md5 = 1; + } + if ($algo eq "SHA") + { + $no_sha = 1; + } + if ($algo eq "RSA") + { + $no_rsa = 1; + } + if ($algo eq "DH") + { + $no_dh = 1; + } + } + elsif (/^reconfigure/ || /^reconf/) + { + if (open(IN,"<$Makefile")) + { + while () + { + chop; + if (/^CONFIGURE_ARGS=(.*)/) + { + $argvstring=$1; + @argvcopy=split(' ',$argvstring); + die "Incorrect data to reconfigure, please do a normal configuration\n" + if (grep(/^reconf/,@argvcopy)); + print "Reconfiguring with: $argvstring\n"; + $argv_unprocessed=1; + close(IN); + last PROCESS_ARGS; + } + } + close(IN); + } + die "Insufficient data to reconfigure, please do a normal configuration\n"; + } + elsif (/^386$/) + { $processor=386; } + elsif (/^rsaref$/) { - $libs.=$_." "; + # No RSAref support any more since it's not needed. + # The check for the option is there so scripts aren't + # broken } - elsif ($_ =~ /^-D(.*)$/) + elsif (/^[-+]/) { - $flags.=$_." "; + if (/^-[lL](.*)$/) + { + $libs.=$_." "; + } + elsif (/^-[^-]/ or /^\+/) + { + $flags.=$_." "; + } + elsif (/^--prefix=(.*)$/) + { + $prefix=$1; + } + elsif (/^--openssldir=(.*)$/) + { + $openssldir=$1; + } + elsif (/^--install.prefix=(.*)$/) + { + $install_prefix=$1; + } + elsif (/^--with-krb5-(dir|lib|include|flavor)=(.*)$/) + { + $withargs{"krb5-".$1}=$2; + } + else + { + print STDERR $usage; + exit(1); + } + } + elsif ($_ =~ /^([^:]+):(.+)$/) + { + eval "\$table{\$1} = \"$2\""; # allow $xxx constructs in the string + $target=$1; } else { - die "unknown options, only -Dxxx, -Lxxx -lxxx supported\n"; + die "target already defined - $target\n" if ($target ne ""); + $target=$_; + } + unless ($_ eq $target) { + if ($options eq "") { + $options = $_; + } else { + $options .= " ".$_; } } - else + } +} + +$no_ssl3=1 if ($no_md5 || $no_sha); +$no_ssl3=1 if ($no_rsa && $no_dh); + +$no_ssl2=1 if ($no_md5); +$no_ssl2=1 if ($no_rsa); + +$no_tls1=1 if ($no_md5 || $no_sha); +$no_tls1=1 if ($no_dh); + +if ($no_ssl2) + { + push @skip,"SSL2"; + $flags .= "-DOPENSSL_NO_SSL2 "; + $depflags .= "-DOPENSSL_NO_SSL2 "; + $openssl_algorithm_defines .= "#define OPENSSL_NO_SSL2\n"; + } + +if ($no_ssl3) + { + push @skip,"SSL3"; + $flags .= "-DOPENSSL_NO_SSL3 "; + $depflags .= "-DOPENSSL_NO_SSL3 "; + $openssl_algorithm_defines .= "#define OPENSSL_NO_SSL3\n"; + } + +if ($no_tls1) + { + push @skip,"TLS1"; + $flags .= "-DOPENSSL_NO_TLS1 "; + $depflags .= "-DOPENSSL_NO_TLS1 "; + $openssl_algorithm_defines .= "#define OPENSSL_NO_TLS1\n"; + } + +if ($target eq "TABLE") { + foreach $target (sort keys %table) { + print_table_entry($target); + } + exit 0; +} + +if ($target eq "LIST") { + foreach (sort keys %table) { + print; + print "\n"; + } + exit 0; +} + +if ($target =~ m/^CygWin32(-.*)$/) { + $target = "Cygwin".$1; +} + +print "Configuring for $target\n"; + +&usage if (!defined($table{$target})); + +my $IsWindows=scalar grep /^$target$/,@WinTargets; + +$exe_ext=".exe" if ($target eq "Cygwin"); +$openssldir="/usr/local/ssl" if ($openssldir eq "" and $prefix eq ""); +$prefix=$openssldir if $prefix eq ""; + +chop $openssldir if $openssldir =~ /\/$/; +chop $prefix if $prefix =~ /\/$/; + +$openssldir=$prefix . "/ssl" if $openssldir eq ""; +$openssldir=$prefix . "/" . $openssldir if $openssldir !~ /^\//; + + +print "IsWindows=$IsWindows\n"; + +my @fields = split(/\s*:\s*/,$table{$target} . ":" x 30 , -1); +my $cc = $fields[$idx_cc]; +my $cflags = $fields[$idx_cflags]; +my $unistd = $fields[$idx_unistd]; +my $thread_cflag = $fields[$idx_thread_cflag]; +my $sys_id = $fields[$idx_sys_id]; +my $lflags = $fields[$idx_lflags]; +my $bn_ops = $fields[$idx_bn_ops]; +my $bn_obj = $fields[$idx_bn_obj]; +my $des_obj = $fields[$idx_des_obj]; +my $bf_obj = $fields[$idx_bf_obj]; +$md5_obj = $fields[$idx_md5_obj]; +$sha1_obj = $fields[$idx_sha1_obj]; +my $cast_obj = $fields[$idx_cast_obj]; +my $rc4_obj = $fields[$idx_rc4_obj]; +$rmd160_obj = $fields[$idx_rmd160_obj]; +my $rc5_obj = $fields[$idx_rc5_obj]; +my $dso_scheme = $fields[$idx_dso_scheme]; +my $shared_target = $fields[$idx_shared_target]; +my $shared_cflag = $fields[$idx_shared_cflag]; +my $shared_ldflag = $fields[$idx_shared_ldflag]; +my $shared_extension = $fields[$idx_shared_extension]; +my $ranlib = $fields[$idx_ranlib]; + +$cflags="$flags$cflags" if ($flags ne ""); + +# Kerberos settings. The flavor must be provided from outside, either through +# the script "config" or manually. +if ($no_krb5 + || !defined($withargs{"krb5-flavor"}) + || $withargs{"krb5-flavor"} eq "") + { + $cflags="-DOPENSSL_NO_KRB5 $cflags"; + $options.=" no-krb5" unless $no_krb5; + $openssl_algorithm_defines .= "#define OPENSSL_NO_KRB5\n"; + } +else + { + my ($lresolv, $lpath, $lext); + if ($withargs{"krb5-flavor"} =~ /^[Hh]eimdal$/) + { + $withargs{"krb5-dir"} = "/usr/heimdal" + if $withargs{"krb5-dir"} eq ""; + $withargs{"krb5-lib"} = "-L".$withargs{"krb5-dir"}. + "/lib -lgssapi -lkrb5 -lcom_err" + if $withargs{"krb5-lib"} eq ""; + $cflags="-DKRB5_HEIMDAL $cflags"; + } + if ($withargs{"krb5-flavor"} =~ /^[Mm][Ii][Tt]/) + { + $withargs{"krb5-dir"} = "/usr/kerberos" + if $withargs{"krb5-dir"} eq ""; + $withargs{"krb5-lib"} = "-L".$withargs{"krb5-dir"}. + "/lib -lgssapi_krb5 -lkrb5 -lcom_err -lk5crypto" + if $withargs{"krb5-lib"} eq ""; + $cflags="-DKRB5_MIT $cflags"; + $withargs{"krb5-flavor"} =~ s/^[Mm][Ii][Tt][._-]*//; + if ($withargs{"krb5-flavor"} =~ /^1[._-]*[01]/) + { + $cflags="-DKRB5_MIT_OLD11 $cflags"; + } + } + LRESOLV: + foreach $lpath ("/lib", "/usr/lib") { - die "target already defined - $target\n" if ($target ne ""); - $target=$_; - if (!defined($table{$target})) + foreach $lext ("a", "so") { - &bad_target; - exit(1); + $lresolv = "$lpath/libresolv.$lext"; + last LRESOLV if (-r "$lresolv"); + $lresolv = ""; } } + $withargs{"krb5-lib"} .= " -lresolv" + if ("$lresolv"); + $withargs{"krb5-include"} = "-I".$withargs{"krb5-dir"}."/include" + if $withargs{"krb5-include"} eq "" && + $withargs{"krb5-dir"} ne ""; } -if (!defined($table{$target})) +# The DSO code currently always implements all functions so that no +# applications will have to worry about that from a compilation point +# of view. However, the "method"s may return zero unless that platform +# has support compiled in for them. Currently each method is enabled +# by a define "DSO_" ... we translate the "dso_scheme" config +# string entry into using the following logic; +my $dso_cflags; +if (!$no_dso && $dso_scheme ne "") { - &bad_target; - exit(1); + $dso_scheme =~ tr/[a-z]/[A-Z]/; + if ($dso_scheme eq "DLFCN") + { + $dso_cflags = "-DDSO_DLFCN -DHAVE_DLFCN_H"; + } + elsif ($dso_scheme eq "DLFCN_NO_H") + { + $dso_cflags = "-DDSO_DLFCN"; + } + else + { + $dso_cflags = "-DDSO_$dso_scheme"; + } + $cflags = "$dso_cflags $cflags"; } -($cc,$cflags,$lflags,$bn_ops,$bn_obj,$des_obj,$bf_obj,$md5_obj,$sha1_obj, - $cast_obj,$rc4_obj,$rmd160_obj,$rc5_obj)= - split(/\s*:\s*/,$table{$target}); -$cflags="$flags$cflags" if ($flags ne ""); +my $thread_cflags; +my $thread_defines; +if ($thread_cflag ne "(unknown)" && !$no_threads) + { + # If we know how to do it, support threads by default. + $threads = 1; + } +if ($thread_cflag eq "(unknown)") + { + # If the user asked for "threads", hopefully they also provided + # any system-dependent compiler options that are necessary. + $thread_cflags="-DOPENSSL_THREADS $cflags" ; + $thread_defines .= "#define OPENSSL_THREADS\n"; + } +else + { + $thread_cflags="-DOPENSSL_THREADS $thread_cflag $cflags"; + $thread_defines .= "#define OPENSSL_THREADS\n"; +# my $def; +# foreach $def (split ' ',$thread_cflag) +# { +# if ($def =~ s/^-D// && $def !~ /^_/) +# { +# $thread_defines .= "#define $def\n"; +# } +# } + } + $lflags="$libs$lflags"if ($libs ne ""); -$bn_obj=$bn_mulw unless ($bn_obj =~ /\.o$/); +if ($no_asm) + { + $bn_obj=$des_obj=$bf_obj=$cast_obj=$rc4_obj=$rc5_obj=""; + $sha1_obj=$md5_obj=$rmd160_obj=""; + } + +if ($threads) + { + $cflags=$thread_cflags; + $openssl_thread_defines .= $thread_defines; + } + +if ($zlib) + { + $cflags = "-DZLIB $cflags"; + $cflags = "-DZLIB_SHARED $cflags" if $zlib == 2; + $lflags = "$lflags -lz" if $zlib == 2; + } + +# You will find shlib_mark1 and shlib_mark2 explained in Makefile.org +my $shared_mark = ""; +if ($shared_target ne "") + { + if ($shared_cflag ne "") + { + $cflags = "$shared_cflag $cflags"; + } + if (!$no_shared) + { + #$shared_mark = "\$(SHARED_LIBS)"; + } + } +else + { + $no_shared = 1; + } + +if ($sys_id ne "") + { + $cflags="-DOPENSSL_SYSNAME_$sys_id $cflags"; + $openssl_sys_defines="#define OPENSSL_SYSNAME_$sys_id\n"; + } + +if ($ranlib eq "") + { + $ranlib = $default_ranlib; + } + +#my ($bn1)=split(/\s+/,$bn_obj); +#$bn1 = "" unless defined $bn1; +#$bn1=$bn_asm unless ($bn1 =~ /\.o$/); +#$bn_obj="$bn1"; + +$bn_obj = $bn_asm unless $bn_obj ne ""; + $des_obj=$des_enc unless ($des_obj =~ /\.o$/); $bf_obj=$bf_enc unless ($bf_obj =~ /\.o$/); $cast_obj=$cast_enc unless ($cast_obj =~ /\.o$/); @@ -279,16 +1116,76 @@ if ($rmd160_obj =~ /\.o$/) $cflags.=" -DRMD160_ASM"; } -$n=&file_new($Makefile); -open(IN,"<".$Makefile) || die "unable to read $Makefile:$!\n"; -open(OUT,">".$n) || die "unable to read $n:$!\n"; +# "Stringify" the C flags string. This permits it to be made part of a string +# and works as well on command lines. +$cflags =~ s/([\\\"])/\\\1/g; + +my $version = "unknown"; +my $major = "unknown"; +my $minor = "unknown"; +my $shlib_version_number = "unknown"; +my $shlib_version_history = "unknown"; +my $shlib_major = "unknown"; +my $shlib_minor = "unknown"; + +open(IN,') + { + $version=$1 if /OPENSSL.VERSION.TEXT.*OpenSSL (\S+) /; + $shlib_version_number=$1 if /SHLIB_VERSION_NUMBER *"([^"]+)"/; + $shlib_version_history=$1 if /SHLIB_VERSION_HISTORY *"([^"]*)"/; + } +close(IN); +if ($shlib_version_history ne "") { $shlib_version_history .= ":"; } + +if ($version =~ /(^[0-9]*)\.([0-9\.]*)/) + { + $major=$1; + $minor=$2; + } + +if ($shlib_version_number =~ /(^[0-9]*)\.([0-9\.]*)/) + { + $shlib_major=$1; + $shlib_minor=$2; + } + +open(IN,'$Makefile") || die "unable to create $Makefile:$!\n"; +print OUT "### Generated automatically from Makefile.org by Configure.\n\n"; +my $sdirs=0; while () { chop; + $sdirs = 1 if /^SDIRS=/; + if ($sdirs) { + my $dir; + foreach $dir (@skip) { + s/([ ])$dir /\1/; + } + } + $sdirs = 0 unless /\\$/; + s/^VERSION=.*/VERSION=$version/; + s/^MAJOR=.*/MAJOR=$major/; + s/^MINOR=.*/MINOR=$minor/; + s/^SHLIB_VERSION_NUMBER=.*/SHLIB_VERSION_NUMBER=$shlib_version_number/; + s/^SHLIB_VERSION_HISTORY=.*/SHLIB_VERSION_HISTORY=$shlib_version_history/; + s/^SHLIB_MAJOR=.*/SHLIB_MAJOR=$shlib_major/; + s/^SHLIB_MINOR=.*/SHLIB_MINOR=$shlib_minor/; + s/^SHLIB_EXT=.*/SHLIB_EXT=$shared_extension/; + s/^INSTALLTOP=.*$/INSTALLTOP=$prefix/; + s/^OPENSSLDIR=.*$/OPENSSLDIR=$openssldir/; + s/^INSTALL_PREFIX=.*$/INSTALL_PREFIX=$install_prefix/; + s/^PLATFORM=.*$/PLATFORM=$target/; + s/^OPTIONS=.*$/OPTIONS=$options/; + s/^CONFIGURE_ARGS=.*$/CONFIGURE_ARGS=$argvstring/; s/^CC=.*$/CC= $cc/; + s/^MAKEDEPPROG=.*$/MAKEDEPPROG= $cc/ if $cc eq "gcc"; s/^CFLAG=.*$/CFLAG= $cflags/; + s/^DEPFLAG=.*$/DEPFLAG= $depflags/; s/^EX_LIBS=.*$/EX_LIBS= $lflags/; - s/^BN_MULW=.*$/BN_MULW= $bn_obj/; + s/^EXE_EXT=.*$/EXE_EXT= $exe_ext/; + s/^BN_ASM=.*$/BN_ASM= $bn_obj/; s/^DES_ENC=.*$/DES_ENC= $des_obj/; s/^BF_ENC=.*$/BF_ENC= $bf_obj/; s/^CAST_ENC=.*$/CAST_ENC= $cast_obj/; @@ -297,16 +1194,42 @@ while () s/^MD5_ASM_OBJ=.*$/MD5_ASM_OBJ= $md5_obj/; s/^SHA1_ASM_OBJ=.*$/SHA1_ASM_OBJ= $sha1_obj/; s/^RMD160_ASM_OBJ=.*$/RMD160_ASM_OBJ= $rmd160_obj/; + s/^PROCESSOR=.*/PROCESSOR= $processor/; + s/^RANLIB=.*/RANLIB= $ranlib/; + s/^PERL=.*/PERL= $perl/; + s/^KRB5_INCLUDES=.*/KRB5_INCLUDES=$withargs{"krb5-include"}/; + s/^LIBKRB5=.*/LIBKRB5=$withargs{"krb5-lib"}/; + s/^SHLIB_TARGET=.*/SHLIB_TARGET=$shared_target/; + s/^SHLIB_MARK=.*/SHLIB_MARK=$shared_mark/; + s/^SHARED_LIBS=.*/SHARED_LIBS=\$(SHARED_CRYPTO) \$(SHARED_SSL)/ if (!$no_shared); + if ($shared_extension ne "" && $shared_extension =~ /^\.s([ol])\.[^\.]*$/) + { + my $sotmp = $1; + s/^SHARED_LIBS_LINK_EXTS=.*/SHARED_LIBS_LINK_EXTS=.s$sotmp/; + } + elsif ($shared_extension ne "" && $shared_extension =~ /^\.[^\.]*\.dylib$/) + { + s/^SHARED_LIBS_LINK_EXTS=.*/SHARED_LIBS_LINK_EXTS=.dylib/; + } + elsif ($shared_extension ne "" && $shared_extension =~ /^\.s([ol])\.[^\.]*\.[^\.]*$/) + { + my $sotmp = $1; + s/^SHARED_LIBS_LINK_EXTS=.*/SHARED_LIBS_LINK_EXTS=.s$sotmp.\$(SHLIB_MAJOR) .s$sotmp/; + } + elsif ($shared_extension ne "" && $shared_extension =~ /^\.[^\.]*\.[^\.]*\.dylib$/) + { + s/^SHARED_LIBS_LINK_EXTS=.*/SHARED_LIBS_LINK_EXTS=.\$(SHLIB_MAJOR).dylib .dylib/; + } + s/^SHARED_LDFLAGS=.*/SHARED_LDFLAGS=$shared_ldflag/; print OUT $_."\n"; } close(IN); close(OUT); -&Rename($Makefile,&file_old($Makefile)); -&Rename($n,$Makefile); + print "CC =$cc\n"; print "CFLAG =$cflags\n"; print "EX_LIBS =$lflags\n"; -print "BN_MULW =$bn_obj\n"; +print "BN_ASM =$bn_obj\n"; print "DES_ENC =$des_obj\n"; print "BF_ENC =$bf_obj\n"; print "CAST_ENC =$cast_obj\n"; @@ -315,21 +1238,32 @@ print "RC5_ENC =$rc5_obj\n"; print "MD5_OBJ_ASM =$md5_obj\n"; print "SHA1_OBJ_ASM =$sha1_obj\n"; print "RMD160_OBJ_ASM=$rmd160_obj\n"; +print "PROCESSOR =$processor\n"; +print "RANLIB =$ranlib\n"; +print "PERL =$perl\n"; +print "KRB5_INCLUDES =",$withargs{"krb5-include"},"\n" + if $withargs{"krb5-include"} ne ""; +print "LIBKRB5 =",$withargs{"krb5-lib"},"\n" + if $withargs{"krb5-lib"} ne ""; -$des_ptr=0; -$des_risc1=0; -$des_risc2=0; -$des_unroll=0; -$bn_ll=0; -$def_int=2; -$rc4_int=$def_int; -$md2_int=$def_int; -$idea_int=$def_int; -$rc2_int=$def_int; -$rc4_idx=0; -$bf_ptr=0; -@type=("char","short","int","long"); -($b64l,$b64,$b32,$b16,$b8)=(0,0,1,0,0); +my $des_ptr=0; +my $des_risc1=0; +my $des_risc2=0; +my $des_unroll=0; +my $bn_ll=0; +my $def_int=2; +my $rc4_int=$def_int; +my $md2_int=$def_int; +my $idea_int=$def_int; +my $rc2_int=$def_int; +my $rc4_idx=0; +my $rc4_chunk=0; +my $bf_ptr=0; +my @type=("char","short","int","long"); +my ($b64l,$b64,$b32,$b16,$b8)=(0,0,1,0,0); +my $export_var_as_fn=0; + +my $des_int; foreach (sort split(/\s+/,$bn_ops)) { @@ -342,6 +1276,8 @@ foreach (sort split(/\s+/,$bn_ops)) $rc4_int=0 if /RC4_CHAR/; $rc4_int=3 if /RC4_LONG/; $rc4_idx=1 if /RC4_INDEX/; + $rc4_chunk=1 if /RC4_CHUNK/; + $rc4_chunk=2 if /RC4_CHUNK_LL/; $md2_int=0 if /MD2_CHAR/; $md2_int=3 if /MD2_LONG/; $idea_int=1 if /IDEA_SHORT/; @@ -355,15 +1291,52 @@ foreach (sort split(/\s+/,$bn_ops)) ($b64l,$b64,$b32,$b16,$b8)=(0,0,1,0,0) if /THIRTY_TWO_BIT/; ($b64l,$b64,$b32,$b16,$b8)=(0,0,0,1,0) if /SIXTEEN_BIT/; ($b64l,$b64,$b32,$b16,$b8)=(0,0,0,0,1) if /EIGHT_BIT/; + $export_var_as_fn=1 if /EXPORT_VAR_AS_FN/; } -(($in=$bn) =~ s/\.([^.]+)/.$postfix/); -$n=&file_new($bn); -open(IN,"<".$in) || die "unable to read $bn:$!\n"; -open(OUT,">$n") || die "unable to read $n:$!\n"; +open(IN,'crypto/opensslconf.h') || die "unable to create crypto/opensslconf.h:$!\n"; +print OUT "/* opensslconf.h */\n"; +print OUT "/* WARNING: Generated automatically from opensslconf.h.in by Configure. */\n\n"; + +print OUT "/* OpenSSL was configured with the following options: */\n"; +my $openssl_algorithm_defines_trans = $openssl_algorithm_defines; +$openssl_algorithm_defines_trans =~ s/^\s*#\s*define\s+OPENSSL_(.*)/# if defined(OPENSSL_$1) \&\& !defined($1)\n# define $1\n# endif/mg; +$openssl_algorithm_defines =~ s/^\s*#\s*define\s+(.*)/#ifndef $1\n# define $1\n#endif/mg; +$openssl_algorithm_defines = " /* no ciphers excluded */\n" if $openssl_algorithm_defines eq ""; +$openssl_thread_defines =~ s/^\s*#\s*define\s+(.*)/#ifndef $1\n# define $1\n#endif/mg; +$openssl_sys_defines =~ s/^\s*#\s*define\s+(.*)/#ifndef $1\n# define $1\n#endif/mg; +$openssl_other_defines =~ s/^\s*#\s*define\s+(.*)/#ifndef $1\n# define $1\n#endif/mg; +print OUT $openssl_sys_defines; +print OUT "#ifndef OPENSSL_DOING_MAKEDEPEND\n\n"; +print OUT $openssl_algorithm_defines; +print OUT "\n#endif /* OPENSSL_DOING_MAKEDEPEND */\n"; +print OUT $openssl_thread_defines; +print OUT $openssl_other_defines,"\n"; + +print OUT "/* The OPENSSL_NO_* macros are also defined as NO_* if the application\n"; +print OUT " asks for it. This is a transient feature that is provided for those\n"; +print OUT " who haven't had the time to do the appropriate changes in their\n"; +print OUT " applications. */\n"; +print OUT "#ifdef OPENSSL_ALGORITHM_DEFINES\n"; +print OUT $openssl_algorithm_defines_trans; +print OUT "#endif\n\n"; + while () { - if (/^#((define)|(undef))\s+SIXTY_FOUR_BIT_LONG/) + if (/^#define\s+OPENSSLDIR/) + { print OUT "#define OPENSSLDIR \"$openssldir\"\n"; } + elsif (/^#((define)|(undef))\s+OPENSSL_EXPORT_VAR_AS_FUNCTION/) + { printf OUT "#undef OPENSSL_EXPORT_VAR_AS_FUNCTION\n" + if $export_var_as_fn; + printf OUT "#%s OPENSSL_EXPORT_VAR_AS_FUNCTION\n", + ($export_var_as_fn)?"define":"undef"; } + elsif (/^#define\s+OPENSSL_UNISTD/) + { + $unistd = "" if $unistd eq ""; + print OUT "#define OPENSSL_UNISTD $unistd\n"; + } + elsif (/^#((define)|(undef))\s+SIXTY_FOUR_BIT_LONG/) { printf OUT "#%s SIXTY_FOUR_BIT_LONG\n",($b64l)?"define":"undef"; } elsif (/^#((define)|(undef))\s+SIXTY_FOUR_BIT/) { printf OUT "#%s SIXTY_FOUR_BIT\n",($b64)?"define":"undef"; } @@ -375,38 +1348,10 @@ while () { printf OUT "#%s EIGHT_BIT\n",($b8)?"define":"undef"; } elsif (/^#((define)|(undef))\s+BN_LLONG\s*$/) { printf OUT "#%s BN_LLONG\n",($bn_ll)?"define":"undef"; } - else - { print OUT $_; } - } -close(IN); -close(OUT); -&Rename($bn,&file_old($bn)); -&Rename($n,$bn); - -(($in=$des) =~ s/\.([^.]+)/.$postfix/); -$n=&file_new($des); -open(IN,"<".$in) || die "unable to read $des:$!\n"; -open(OUT,">$n") || die "unable to read $n:$!\n"; -while () - { - if (/^\#define\s+DES_LONG\s+.*/) + elsif (/^\#define\s+DES_LONG\s+.*/) { printf OUT "#define DES_LONG unsigned %s\n", ($des_int)?'int':'long'; } - else - { print OUT $_; } - } -close(IN); -close(OUT); -&Rename($des,&file_old($des)); -&Rename($n,$des); - -(($in=$des_locl) =~ s/\.([^.]+)/.$postfix/); -$n=&file_new($des_locl); -open(IN,"<".$in) || die "unable to read $des_locl:$!\n"; -open(OUT,">$n") || die "unable to read $n:$!\n"; -while () - { - if (/^\#(define|undef)\s+DES_PTR/) + elsif (/^\#(define|undef)\s+DES_PTR/) { printf OUT "#%s DES_PTR\n",($des_ptr)?'define':'undef'; } elsif (/^\#(define|undef)\s+DES_RISC1/) { printf OUT "#%s DES_RISC1\n",($des_risc1)?'define':'undef'; } @@ -414,113 +1359,39 @@ while () { printf OUT "#%s DES_RISC2\n",($des_risc2)?'define':'undef'; } elsif (/^\#(define|undef)\s+DES_UNROLL/) { printf OUT "#%s DES_UNROLL\n",($des_unroll)?'define':'undef'; } - else - { print OUT $_; } - } -close(IN); -close(OUT); -&Rename($des_locl,&file_old($des_locl)); -&Rename($n,$des_locl); - -(($in=$rc4) =~ s/\.([^.]+)/.$postfix/); -$n=&file_new($rc4); -open(IN,"<".$in) || die "unable to read $rc4:$!\n"; -open(OUT,">$n") || die "unable to read $n:$!\n"; -while () - { - if (/^#define\s+RC4_INT\s/) + elsif (/^#define\s+RC4_INT\s/) { printf OUT "#define RC4_INT unsigned %s\n",$type[$rc4_int]; } - else - { print OUT $_; } - } -close(IN); -close(OUT); -&Rename($rc4,&file_old($rc4)); -&Rename($n,$rc4); - -(($in=$rc4_locl) =~ s/\.([^.]+)/.$postfix/); -$n=&file_new($rc4_locl); -open(IN,"<".$in) || die "unable to read $rc4_locl:$!\n"; -open(OUT,">$n") || die "unable to read $n:$!\n"; -while () - { - if (/^#((define)|(undef))\s+RC4_INDEX/) + elsif (/^#undef\s+RC4_CHUNK/) + { + printf OUT "#undef RC4_CHUNK\n" if $rc4_chunk==0; + printf OUT "#define RC4_CHUNK unsigned long\n" if $rc4_chunk==1; + printf OUT "#define RC4_CHUNK unsigned long long\n" if $rc4_chunk==2; + } + elsif (/^#((define)|(undef))\s+RC4_INDEX/) { printf OUT "#%s RC4_INDEX\n",($rc4_idx)?"define":"undef"; } - else - { print OUT $_; } - } -close(IN); -close(OUT); -&Rename($rc4_locl,&file_old($rc4_locl)); -&Rename($n,$rc4_locl); - -(($in=$md2) =~ s/\.([^.]+)/.$postfix/); -$n=&file_new($md2); -open(IN,"<".$in) || die "unable to read $bn:$!\n"; -open(OUT,">$n") || die "unable to read $n:$!\n"; -while () - { - if (/^#define\s+MD2_INT\s/) + elsif (/^#(define|undef)\s+I386_ONLY/) + { printf OUT "#%s I386_ONLY\n", ($processor == 386)? + "define":"undef"; } + elsif (/^#define\s+MD2_INT\s/) { printf OUT "#define MD2_INT unsigned %s\n",$type[$md2_int]; } - else - { print OUT $_; } - } -close(IN); -close(OUT); -&Rename($md2,&file_old($md2)); -&Rename($n,$md2); - -(($in=$idea) =~ s/\.([^.]+)/.$postfix/); -$n=&file_new($idea); -open(IN,"<".$in) || die "unable to read $idea:$!\n"; -open(OUT,">$n") || die "unable to read $n:$!\n"; -while () - { - if (/^#define\s+IDEA_INT\s/) + elsif (/^#define\s+IDEA_INT\s/) {printf OUT "#define IDEA_INT unsigned %s\n",$type[$idea_int];} - else - { print OUT $_; } - } -close(IN); -close(OUT); -&Rename($idea,&file_old($idea)); -&Rename($n,$idea); - -(($in=$rc2) =~ s/\.([^.]+)/.$postfix/); -$n=&file_new($rc2); -open(IN,"<".$in) || die "unable to read $rc2:$!\n"; -open(OUT,">$n") || die "unable to read $n:$!\n"; -while () - { - if (/^#define\s+RC2_INT\s/) + elsif (/^#define\s+RC2_INT\s/) {printf OUT "#define RC2_INT unsigned %s\n",$type[$rc2_int];} - else - { print OUT $_; } - } -close(IN); -close(OUT); -&Rename($rc2,&file_old($rc2)); -&Rename($n,$rc2); - -(($in=$bf) =~ s/\.([^.]+)/.$postfix/); -$n=&file_new($bf); -open(IN,"<".$in) || die "unable to read $bf:$!\n"; -open(OUT,">$n") || die "unable to read $n:$!\n"; -while () - { - if (/^#(define|undef)\s+BF_PTR/) + elsif (/^#(define|undef)\s+BF_PTR/) { printf OUT "#undef BF_PTR\n" if $bf_ptr == 0; printf OUT "#define BF_PTR\n" if $bf_ptr == 1; printf OUT "#define BF_PTR2\n" if $bf_ptr == 2; - } + } else { print OUT $_; } } close(IN); close(OUT); -&Rename($bf,&file_old($bf)); -&Rename($n,$bf); + + +# Fix the date print "SIXTY_FOUR_BIT_LONG mode\n" if $b64l; print "SIXTY_FOUR_BIT mode\n" if $b64; @@ -535,35 +1406,196 @@ print "DES_INT used\n" if $des_int; print "BN_LLONG mode\n" if $bn_ll; print "RC4 uses u$type[$rc4_int]\n" if $rc4_int != $def_int; print "RC4_INDEX mode\n" if $rc4_idx; +print "RC4_CHUNK is undefined\n" if $rc4_chunk==0; +print "RC4_CHUNK is unsigned long\n" if $rc4_chunk==1; +print "RC4_CHUNK is unsigned long long\n" if $rc4_chunk==2; print "MD2 uses u$type[$md2_int]\n" if $md2_int != $def_int; print "IDEA uses u$type[$idea_int]\n" if $idea_int != $def_int; print "RC2 uses u$type[$rc2_int]\n" if $rc2_int != $def_int; print "BF_PTR used\n" if $bf_ptr == 1; print "BF_PTR2 used\n" if $bf_ptr == 2; + +if($IsWindows) { + open (OUT,">crypto/buildinf.h") || die "Can't open buildinf.h"; + printf OUT < 78) + { + print STDERR "\n"; + $k=length($i); + } + print STDERR $i . " "; + } foreach $i (sort keys %table) { - next if /^b-/; - print STDERR "\n" if ($j++ % 4) == 0; - printf(STDERR "%-18s ",$i); + next if $i !~ /^debug/; + $k += length($i) + 1; + if ($k > 78) + { + print STDERR "\n"; + $k=length($i); + } + print STDERR $i . " "; + } + print STDERR "\n\nNOTE: If in doubt, on Unix-ish systems use './config'.\n"; + exit(1); + } + +sub which + { + my($name)=@_; + my $path; + foreach $path (split /:/, $ENV{PATH}) + { + if (-f "$path/$name" and -x _) + { + return "$path/$name" unless ($name eq "perl" and + system("$path/$name -e " . '\'exit($]<5.0);\'')); + } } - print STDERR "\n"; } -sub Rename +sub dofile { - local($from,$to)=@_; + my $f; my $p; my %m; my @a; my $k; my $ff; + ($f,$p,%m)=@_; - unlink($to); -# rename($from,$to) || die "unable to rename $from to $to:$!\n"; - rename($from,$to) # Don't care if it fails.. + open(IN,"<$f.in") || open(IN,"<$f") || die "unable to open $f:$!\n"; + @a=; + close(IN); + foreach $k (keys %m) + { + grep(/$k/ && ($_=sprintf($m{$k}."\n",$p)),@a); + } + open(OUT,">$f.new") || die "unable to open $f.new:$!\n"; + print OUT @a; + close(OUT); + rename($f,"$f.bak") || die "unable to rename $f\n" if -e $f; + rename("$f.new",$f) || die "unable to rename $f.new\n"; + } + +sub print_table_entry + { + my $target = shift; + + (my $cc,my $cflags,my $unistd,my $thread_cflag,my $sys_id,my $lflags, + my $bn_ops,my $bn_obj,my $des_obj,my $bf_obj, + my $md5_obj,my $sha1_obj,my $cast_obj,my $rc4_obj,my $rmd160_obj, + my $rc5_obj,my $dso_scheme,my $shared_target,my $shared_cflag, + my $shared_ldflag,my $shared_extension,my $ranlib)= + split(/\s*:\s*/,$table{$target} . ":" x 30 , -1); + + print < fail with a certificate verify error? +* Why can I only use weak ciphers when I connect to a server using OpenSSL? +* How can I create DSA certificates? +* Why can't I make an SSL connection using a DSA certificate? +* How can I remove the passphrase on a private key? +* Why can't I use OpenSSL certificates with SSL client authentication? +* Why does my browser give a warning about a mismatched hostname? +* How do I install a CA certificate into a browser? +* Why is OpenSSL x509 DN output not conformant to RFC2253? + +[BUILD] Questions about building and testing OpenSSL + * Why does the linker complain about undefined symbols? -* Where can I get a compiled version of OpenSSL? +* Why does the OpenSSL test fail with "bc: command not found"? +* Why does the OpenSSL test fail with "bc: 1 no implemented"? +* Why does the OpenSSL compilation fail on Alpha Tru64 Unix? +* Why does the OpenSSL compilation fail with "ar: command not found"? +* Why does the OpenSSL compilation fail on Win32 with VC++? +[PROG] Questions about programming with OpenSSL + +* Is OpenSSL thread-safe? +* I've compiled a program under Windows and it crashes: why? +* How do I read or write a DER encoded buffer using the ASN1 functions? +* I've tried using and I get errors why? +* I've called and it fails, why? +* I just get a load of numbers for the error output, what do they mean? +* Why do I get errors about unknown algorithms? +* Why can't the OpenSSH configure script detect OpenSSL? +* Can I use OpenSSL's SSL library with non-blocking I/O? +* Why doesn't my server application receive a client certificate? + +=============================================================================== + +[MISC] ======================================================================== * Which is the current version of OpenSSL? The current version is available from . -OpenSSL 0.9.5 was released on February 28th, 2000. +OpenSSL 0.9.6d was released on May 9, 2002. In addition to the current stable release, you can also access daily snapshots of the OpenSSL development version at . +* Where can I get a compiled version of OpenSSL? + +Some applications that use OpenSSL are distributed in binary form. +When using such an application, you don't need to install OpenSSL +yourself; the application will include the required parts (e.g. DLLs). + +If you want to install OpenSSL on a Windows system and you don't have +a C compiler, read the "Mingw32" section of INSTALL.W32 for information +on how to obtain and install the free GNU C compiler. + +A number of Linux and *BSD distributions include OpenSSL. + + +* Why aren't tools like 'autoconf' and 'libtool' used? + +autoconf will probably be used in future OpenSSL versions. If it was +less Unix-centric, it might have been used much earlier. + +* What is an 'engine' version? + +With version 0.9.6 OpenSSL was extended to interface to external crypto +hardware. This was realized in a special release '0.9.6-engine'. With +version 0.9.7 (not yet released) the changes were merged into the main +development line, so that the special release is no longer necessary. + +[LEGAL] ======================================================================= + * Do I need patent licenses to use OpenSSL? The patents section of the README file lists patents that may apply to @@ -70,22 +143,26 @@ offer legal advice. You can configure OpenSSL so as not to use RC5 and IDEA by using ./config no-rc5 no-idea -Until the RSA patent expires, U.S. users may want to use - ./config no-rc5 no-idea no-rsa -Please note that you will *not* be able to communicate with most of -the popular web browsers without RSA support. +* Can I use OpenSSL with GPL software? +On many systems including the major Linux and BSD distributions, yes (the +GPL does not place restrictions on using libraries that are part of the +normal operating system distribution). -* Is OpenSSL thread-safe? +On other systems, the situation is less clear. Some GPL software copyright +holders claim that you infringe on their rights if you use OpenSSL with +their software on operating systems that don't normally include OpenSSL. -Yes. On Windows and many Unix systems, OpenSSL automatically uses the -multi-threaded versions of the standard libraries. If your platform -is not one of these, consult the INSTALL file. +If you develop open source software that uses OpenSSL, you may find it +useful to choose an other license than the GPL, or state explicitly that +"This program is released under the GPL with the additional exemption that +compiling, linking, and/or using OpenSSL is allowed." If you are using +GPL software developed by others, you may want to ask the copyright holder +for permission to use their software with OpenSSL. -Multi-threaded applications must provide two callback functions to -OpenSSL. This is described in the threads(3) manpage. +[USER] ======================================================================== * Why do I get a "PRNG not seeded" error message? @@ -94,15 +171,188 @@ correctly. Many open source operating systems provide a "randomness device" that serves this purpose. On other systems, applications have to call the RAND_add() or RAND_seed() function with appropriate data before generating keys or performing public key encryption. +(These functions initialize the pseudo-random number generator, PRNG.) Some broken applications do not do this. As of version 0.9.5, the OpenSSL functions that need randomness report an error if the random number generator has not been seeded with at least 128 bits of randomness. If this error occurs, please contact the author of the application you are using. It is likely that it never worked -correctly. OpenSSL 0.9.5 makes the error visible by refusing to -perform potentially insecure encryption. +correctly. OpenSSL 0.9.5 and later make the error visible by refusing +to perform potentially insecure encryption. + +On systems without /dev/urandom and /dev/random, it is a good idea to +use the Entropy Gathering Demon (EGD); see the RAND_egd() manpage for +details. Starting with version 0.9.7, OpenSSL will automatically look +for an EGD socket at /var/run/egd-pool, /dev/egd-pool, /etc/egd-pool and +/etc/entropy. + +Most components of the openssl command line utility automatically try +to seed the random number generator from a file. The name of the +default seeding file is determined as follows: If environment variable +RANDFILE is set, then it names the seeding file. Otherwise if +environment variable HOME is set, then the seeding file is $HOME/.rnd. +If neither RANDFILE nor HOME is set, versions up to OpenSSL 0.9.6 will +use file .rnd in the current directory while OpenSSL 0.9.6a uses no +default seeding file at all. OpenSSL 0.9.6b and later will behave +similarly to 0.9.6a, but will use a default of "C:\" for HOME on +Windows systems if the environment variable has not been set. + +If the default seeding file does not exist or is too short, the "PRNG +not seeded" error message may occur. + +The openssl command line utility will write back a new state to the +default seeding file (and create this file if necessary) unless +there was no sufficient seeding. + +Pointing $RANDFILE to an Entropy Gathering Daemon socket does not work. +Use the "-rand" option of the OpenSSL command line tools instead. +The $RANDFILE environment variable and $HOME/.rnd are only used by the +OpenSSL command line tools. Applications using the OpenSSL library +provide their own configuration options to specify the entropy source, +please check out the documentation coming the with application. + +For Solaris 2.6, Tim Nibbe and others have suggested +installing the SUNski package from Sun patch 105710-01 (Sparc) which +adds a /dev/random device and make sure it gets used, usually through +$RANDFILE. There are probably similar patches for the other Solaris +versions. However, be warned that /dev/random is usually a blocking +device, which may have some effects on OpenSSL. + + +* Why do I get an "unable to write 'random state'" error message? + + +Sometimes the openssl command line utility does not abort with +a "PRNG not seeded" error message, but complains that it is +"unable to write 'random state'". This message refers to the +default seeding file (see previous answer). A possible reason +is that no default filename is known because neither RANDFILE +nor HOME is set. (Versions up to 0.9.6 used file ".rnd" in the +current directory in this case, but this has changed with 0.9.6a.) + + +* How do I create certificates or certificate requests? + +Check out the CA.pl(1) manual page. This provides a simple wrapper round +the 'req', 'verify', 'ca' and 'pkcs12' utilities. For finer control check +out the manual pages for the individual utilities and the certificate +extensions documentation (currently in doc/openssl.txt). + + +* Why can't I create certificate requests? + +You typically get the error: + + unable to find 'distinguished_name' in config + problems making Certificate Request + +This is because it can't find the configuration file. Check out the +DIAGNOSTICS section of req(1) for more information. + + +* Why does fail with a certificate verify error? + +This problem is usually indicated by log messages saying something like +"unable to get local issuer certificate" or "self signed certificate". +When a certificate is verified its root CA must be "trusted" by OpenSSL +this typically means that the CA certificate must be placed in a directory +or file and the relevant program configured to read it. The OpenSSL program +'verify' behaves in a similar way and issues similar error messages: check +the verify(1) program manual page for more information. + + +* Why can I only use weak ciphers when I connect to a server using OpenSSL? + +This is almost certainly because you are using an old "export grade" browser +which only supports weak encryption. Upgrade your browser to support 128 bit +ciphers. + + +* How can I create DSA certificates? + +Check the CA.pl(1) manual page for a DSA certificate example. + + +* Why can't I make an SSL connection to a server using a DSA certificate? + +Typically you'll see a message saying there are no shared ciphers when +the same setup works fine with an RSA certificate. There are two possible +causes. The client may not support connections to DSA servers most web +browsers (including Netscape and MSIE) only support connections to servers +supporting RSA cipher suites. The other cause is that a set of DH parameters +has not been supplied to the server. DH parameters can be created with the +dhparam(1) command and loaded using the SSL_CTX_set_tmp_dh() for example: +check the source to s_server in apps/s_server.c for an example. + + +* How can I remove the passphrase on a private key? + +Firstly you should be really *really* sure you want to do this. Leaving +a private key unencrypted is a major security risk. If you decide that +you do have to do this check the EXAMPLES sections of the rsa(1) and +dsa(1) manual pages. + + +* Why can't I use OpenSSL certificates with SSL client authentication? + +What will typically happen is that when a server requests authentication +it will either not include your certificate or tell you that you have +no client certificates (Netscape) or present you with an empty list box +(MSIE). The reason for this is that when a server requests a client +certificate it includes a list of CAs names which it will accept. Browsers +will only let you select certificates from the list on the grounds that +there is little point presenting a certificate which the server will +reject. + +The solution is to add the relevant CA certificate to your servers "trusted +CA list". How you do this depends on the server software in uses. You can +print out the servers list of acceptable CAs using the OpenSSL s_client tool: + +openssl s_client -connect www.some.host:443 -prexit + +If your server only requests certificates on certain URLs then you may need +to manually issue an HTTP GET command to get the list when s_client connects: + +GET /some/page/needing/a/certificate.html + +If your CA does not appear in the list then this confirms the problem. + + +* Why does my browser give a warning about a mismatched hostname? + +Browsers expect the server's hostname to match the value in the commonName +(CN) field of the certificate. If it does not then you get a warning. + + +* How do I install a CA certificate into a browser? + +The usual way is to send the DER encoded certificate to the browser as +MIME type application/x-x509-ca-cert, for example by clicking on an appropriate +link. On MSIE certain extensions such as .der or .cacert may also work, or you +can import the certificate using the certificate import wizard. + +You can convert a certificate to DER form using the command: + +openssl x509 -in ca.pem -outform DER -out ca.der + +Occasionally someone suggests using a command such as: +openssl pkcs12 -export -out cacert.p12 -in cacert.pem -inkey cakey.pem + +DO NOT DO THIS! This command will give away your CAs private key and +reduces its security to zero: allowing anyone to forge certificates in +whatever name they choose. + +* Why is OpenSSL x509 DN output not conformant to RFC2253? + +The ways to print out the oneline format of the DN (Distinguished Name) have +been extended in version 0.9.7 of OpenSSL. Using the new X509_NAME_print_ex() +interface, the "-nameopt" option could be introduded. See the manual +page of the "openssl x509" commandline tool for details. The old behaviour +has however been left as default for the sake of compatibility. + +[BUILD] ======================================================================= * Why does the linker complain about undefined symbols? @@ -113,18 +363,266 @@ If you used ./Configure instead of ./config, make sure that you selected the right target. File formats may differ slightly between OS versions (for example sparcv8/sparcv9, or a.out/elf). -If that doesn't help, you may want to try using the current snapshot. +In case you get errors about the following symbols, use the config +option "no-asm", as described in INSTALL: + + BF_cbc_encrypt, BF_decrypt, BF_encrypt, CAST_cbc_encrypt, + CAST_decrypt, CAST_encrypt, RC4, RC5_32_cbc_encrypt, RC5_32_decrypt, + RC5_32_encrypt, bn_add_words, bn_div_words, bn_mul_add_words, + bn_mul_comba4, bn_mul_comba8, bn_mul_words, bn_sqr_comba4, + bn_sqr_comba8, bn_sqr_words, bn_sub_words, des_decrypt3, + des_ede3_cbc_encrypt, des_encrypt, des_encrypt2, des_encrypt3, + des_ncbc_encrypt, md5_block_asm_host_order, sha1_block_asm_data_order + +If none of these helps, you may want to try using the current snapshot. If the problem persists, please submit a bug report. -* Where can I get a compiled version of OpenSSL? +* Why does the OpenSSL test fail with "bc: command not found"? -Some applications that use OpenSSL are distributed in binary form. -When using such an application, you don't need to install OpenSSL -yourself; the application will include the required parts (e.g. DLLs). +You didn't install "bc", the Unix calculator. If you want to run the +tests, get GNU bc from ftp://ftp.gnu.org or from your OS distributor. -If you want to install OpenSSL on a Windows system and you don't have -a C compiler, read the "Mingw32" section of INSTALL.W32 for information -on how to obtain and install the free GNU C compiler. -A number of Linux and *BSD distributions include OpenSSL. +* Why does the OpenSSL test fail with "bc: 1 no implemented"? + +On some SCO installations or versions, bc has a bug that gets triggered +when you run the test suite (using "make test"). The message returned is +"bc: 1 not implemented". + +The best way to deal with this is to find another implementation of bc +and compile/install it. GNU bc (see http://www.gnu.org/software/software.html +for download instructions) can be safely used, for example. + + +* Why does the OpenSSL compilation fail on Alpha Tru64 Unix? + +On some Alpha installations running Tru64 Unix and Compaq C, the compilation +of crypto/sha/sha_dgst.c fails with the message 'Fatal: Insufficient virtual +memory to continue compilation.' As far as the tests have shown, this may be +a compiler bug. What happens is that it eats up a lot of resident memory +to build something, probably a table. The problem is clearly in the +optimization code, because if one eliminates optimization completely (-O0), +the compilation goes through (and the compiler consumes about 2MB of resident +memory instead of 240MB or whatever one's limit is currently). + +There are three options to solve this problem: + +1. set your current data segment size soft limit higher. Experience shows +that about 241000 kbytes seems to be enough on an AlphaServer DS10. You do +this with the command 'ulimit -Sd nnnnnn', where 'nnnnnn' is the number of +kbytes to set the limit to. + +2. If you have a hard limit that is lower than what you need and you can't +get it changed, you can compile all of OpenSSL with -O0 as optimization +level. This is however not a very nice thing to do for those who expect to +get the best result from OpenSSL. A bit more complicated solution is the +following: + +----- snip:start ----- + make DIRS=crypto SDIRS=sha "`grep '^CFLAG=' Makefile.ssl | \ + sed -e 's/ -O[0-9] / -O0 /'`" + rm `ls crypto/*.o crypto/sha/*.o | grep -v 'sha_dgst\.o'` + make +----- snip:end ----- + +This will only compile sha_dgst.c with -O0, the rest with the optimization +level chosen by the configuration process. When the above is done, do the +test and installation and you're set. + + +* Why does the OpenSSL compilation fail with "ar: command not found"? + +Getting this message is quite usual on Solaris 2, because Sun has hidden +away 'ar' and other development commands in directories that aren't in +$PATH by default. One of those directories is '/usr/ccs/bin'. The +quickest way to fix this is to do the following (it assumes you use sh +or any sh-compatible shell): + +----- snip:start ----- + PATH=${PATH}:/usr/ccs/bin; export PATH +----- snip:end ----- + +and then redo the compilation. What you should really do is make sure +'/usr/ccs/bin' is permanently in your $PATH, for example through your +'.profile' (again, assuming you use a sh-compatible shell). + + +* Why does the OpenSSL compilation fail on Win32 with VC++? + +Sometimes, you may get reports from VC++ command line (cl) that it +can't find standard include files like stdio.h and other weirdnesses. +One possible cause is that the environment isn't correctly set up. +To solve that problem, one should run VCVARS32.BAT which is found in +the 'bin' subdirectory of the VC++ installation directory (somewhere +under 'Program Files'). This needs to be done prior to running NMAKE, +and the changes are only valid for the current DOS session. + + +[PROG] ======================================================================== + +* Is OpenSSL thread-safe? + +Yes (with limitations: an SSL connection may not concurrently be used +by multiple threads). On Windows and many Unix systems, OpenSSL +automatically uses the multi-threaded versions of the standard +libraries. If your platform is not one of these, consult the INSTALL +file. + +Multi-threaded applications must provide two callback functions to +OpenSSL. This is described in the threads(3) manpage. + + +* I've compiled a program under Windows and it crashes: why? + +This is usually because you've missed the comment in INSTALL.W32. +Your application must link against the same version of the Win32 +C-Runtime against which your openssl libraries were linked. The +default version for OpenSSL is /MD - "Multithreaded DLL". + +If you are using Microsoft Visual C++'s IDE (Visual Studio), in +many cases, your new project most likely defaulted to "Debug +Singlethreaded" - /ML. This is NOT interchangeable with /MD and your +program will crash, typically on the first BIO related read or write +operation. + +For each of the six possible link stage configurations within Win32, +your application must link against the same by which OpenSSL was +built. If you are using MS Visual C++ (Studio) this can be changed +by: + +1. Select Settings... from the Project Menu. +2. Select the C/C++ Tab. +3. Select "Code Generation from the "Category" drop down list box +4. Select the Appropriate library (see table below) from the "Use + run-time library" drop down list box. Perform this step for both + your debug and release versions of your application (look at the + top left of the settings panel to change between the two) + + Single Threaded /ML - MS VC++ often defaults to + this for the release + version of a new project. + Debug Single Threaded /MLd - MS VC++ often defaults to + this for the debug version + of a new project. + Multithreaded /MT + Debug Multithreaded /MTd + Multithreaded DLL /MD - OpenSSL defaults to this. + Debug Multithreaded DLL /MDd + +Note that debug and release libraries are NOT interchangeable. If you +built OpenSSL with /MD your application must use /MD and cannot use /MDd. + + +* How do I read or write a DER encoded buffer using the ASN1 functions? + +You have two options. You can either use a memory BIO in conjunction +with the i2d_XXX_bio() or d2i_XXX_bio() functions or you can use the +i2d_XXX(), d2i_XXX() functions directly. Since these are often the +cause of grief here are some code fragments using PKCS7 as an example: + +unsigned char *buf, *p; +int len; + +len = i2d_PKCS7(p7, NULL); +buf = OPENSSL_malloc(len); /* or Malloc, error checking omitted */ +p = buf; +i2d_PKCS7(p7, &p); + +At this point buf contains the len bytes of the DER encoding of +p7. + +The opposite assumes we already have len bytes in buf: + +unsigned char *p; +p = buf; +p7 = d2i_PKCS7(NULL, &p, len); + +At this point p7 contains a valid PKCS7 structure of NULL if an error +occurred. If an error occurred ERR_print_errors(bio) should give more +information. + +The reason for the temporary variable 'p' is that the ASN1 functions +increment the passed pointer so it is ready to read or write the next +structure. This is often a cause of problems: without the temporary +variable the buffer pointer is changed to point just after the data +that has been read or written. This may well be uninitialized data +and attempts to free the buffer will have unpredictable results +because it no longer points to the same address. + + +* I've tried using and I get errors why? + +This usually happens when you try compiling something using the PKCS#12 +macros with a C++ compiler. There is hardly ever any need to use the +PKCS#12 macros in a program, it is much easier to parse and create +PKCS#12 files using the PKCS12_parse() and PKCS12_create() functions +documented in doc/openssl.txt and with examples in demos/pkcs12. The +'pkcs12' application has to use the macros because it prints out +debugging information. + + +* I've called and it fails, why? + +Before submitting a report or asking in one of the mailing lists, you +should try to determine the cause. In particular, you should call +ERR_print_errors() or ERR_print_errors_fp() after the failed call +and see if the message helps. Note that the problem may occur earlier +than you think -- you should check for errors after every call where +it is possible, otherwise the actual problem may be hidden because +some OpenSSL functions clear the error state. + + +* I just get a load of numbers for the error output, what do they mean? + +The actual format is described in the ERR_print_errors() manual page. +You should call the function ERR_load_crypto_strings() before hand and +the message will be output in text form. If you can't do this (for example +it is a pre-compiled binary) you can use the errstr utility on the error +code itself (the hex digits after the second colon). + + +* Why do I get errors about unknown algorithms? + +This can happen under several circumstances such as reading in an +encrypted private key or attempting to decrypt a PKCS#12 file. The cause +is forgetting to load OpenSSL's table of algorithms with +OpenSSL_add_all_algorithms(). See the manual page for more information. + + +* Why can't the OpenSSH configure script detect OpenSSL? + +Several reasons for problems with the automatic detection exist. +OpenSSH requires at least version 0.9.5a of the OpenSSL libraries. +Sometimes the distribution has installed an older version in the system +locations that is detected instead of a new one installed. The OpenSSL +library might have been compiled for another CPU or another mode (32/64 bits). +Permissions might be wrong. + +The general answer is to check the config.log file generated when running +the OpenSSH configure script. It should contain the detailed information +on why the OpenSSL library was not detected or considered incompatible. + +* Can I use OpenSSL's SSL library with non-blocking I/O? + +Yes; make sure to read the SSL_get_error(3) manual page! + +A pitfall to avoid: Don't assume that SSL_read() will just read from +the underlying transport or that SSL_write() will just write to it -- +it is also possible that SSL_write() cannot do any useful work until +there is data to read, or that SSL_read() cannot do anything until it +is possible to send data. One reason for this is that the peer may +request a new TLS/SSL handshake at any time during the protocol, +requiring a bi-directional message exchange; both SSL_read() and +SSL_write() will try to continue any pending handshake. + + +* Why doesn't my server application receive a client certificate? + +Due to the TLS protocol definition, a client will only send a certificate, +if explicitly asked by the server. Use the SSL_VERIFY_PEER flag of the +SSL_CTX_set_verify() function to enable the use of client certificates. + + +=============================================================================== + diff --git a/src/lib/libssl/src/INSTALL b/src/lib/libssl/src/INSTALL index d394bf8a7b..7eaa8147c3 100644 --- a/src/lib/libssl/src/INSTALL +++ b/src/lib/libssl/src/INSTALL @@ -1,128 +1,292 @@ -# Installation of SSLeay. -# It depends on perl for a few bits but those steps can be skipped and -# the top level makefile edited by hand - -# When bringing the SSLeay distribution back from the evil intel world -# of Windows NT, do the following to make it nice again under unix :-) -# You don't normally need to run this. -sh util/fixNT.sh # This only works for NT now - eay - 21-Jun-1996 - -# If you have perl, and it is not in /usr/local/bin, you can run -perl util/perlpath.pl /new/path -# and this will fix the paths in all the scripts. DO NOT put -# /new/path/perl, just /new/path. The build -# environment always run scripts as 'perl perlscript.pl' but some of the -# 'applications' are easier to usr with the path fixed. - -# Edit crypto/cryptlib.h, tools/c_rehash, and Makefile.ssl -# to set the install locations if you don't like -# the default location of /usr/local/ssl -# Do this by running -perl util/ssldir.pl /new/ssl/home -# if you have perl, or by hand if not. - -# If things have been stuffed up with the sym links, run -make -f Makefile.ssl links -# This will re-populate lib/include with symlinks and for each -# directory, link Makefile to Makefile.ssl - -# Setup the machine dependent stuff for the top level makefile -# and some select .h files -# If you don't have perl, this will bomb, in which case just edit the -# top level Makefile.ssl -./Configure 'system type' - -# The 'Configure' command contains default configuration parameters -# for lots of machines. Configure edits 5 lines in the top level Makefile -# It modifies the following values in the following files -Makefile.ssl CC CFLAG EX_LIBS BN_MULW -crypto/des/des.h DES_LONG -crypto/des/des_locl.h DES_PTR -crypto/md2/md2.h MD2_INT -crypto/rc4/rc4.h RC4_INT -crypto/rc4/rc4_enc.c RC4_INDEX -crypto/rc2/rc2.h RC2_INT -crypto/bf/bf_locl.h BF_INT -crypto/idea/idea.h IDEA_INT -crypto/bn/bn.h BN_LLONG (and defines one of SIXTY_FOUR_BIT, - SIXTY_FOUR_BIT_LONG, THIRTY_TWO_BIT, - SIXTEEN_BIT or EIGHT_BIT) -Please remember that all these files are actually copies of the file with -a .org extention. So if you change crypto/des/des.h, the next time -you run Configure, it will be runover by a 'configured' version of -crypto/des/des.org. So to make the changer the default, change the .org -files. The reason these files have to be edited is because most of -these modifications change the size of fundamental data types. -While in theory this stuff is optional, it often makes a big -difference in performance and when using assember, it is importaint -for the 'Bignum bits' match those required by the assember code. -A warning for people using gcc with sparc cpu's. Gcc needs the -mv8 -flag to use the hardware multiply instruction which was not present in -earlier versions of the sparc CPU. I define it by default. If you -have an old sparc, and it crashes, try rebuilding with this flag -removed. I am leaving this flag on by default because it makes -things run 4 times faster :-) - -# clean out all the old stuff -make clean - -# Do a make depend only if you have the makedepend command installed -# This is not needed but it does make things nice when developing. -make depend - -# make should build everything -make - -# fix up the demo certificate hash directory if it has been stuffed up. -make rehash - -# test everything -make test - -# install the lot -make install - -# It is worth noting that all the applications are built into the one -# program, ssleay, which is then has links from the other programs -# names to it. -# The applicatons can be built by themselves, just don't define the -# 'MONOLITH' flag. So to build the 'enc' program stand alone, -gcc -O2 -Iinclude apps/enc.c apps/apps.c libcrypto.a - -# Other useful make options are -make makefile.one -# which generate a 'makefile.one' file which will build the complete -# SSLeay distribution with temp. files in './tmp' and 'installable' files -# in './out' - -# Have a look at running -perl util/mk1mf.pl help -# this can be used to generate a single makefile and is about the only -# way to generate makefiles for windows. - -# There is actually a final way of building SSLeay. -gcc -O2 -c -Icrypto -Iinclude crypto/crypto.c -gcc -O2 -c -Issl -Iinclude ssl/ssl.c -# and you now have the 2 libraries as single object files :-). -# If you want to use the assember code for your particular platform -# (DEC alpha/x86 are the main ones, the other assember is just the -# output from gcc) you will need to link the assember with the above generated -# object file and also do the above compile as -gcc -O2 -DBN_ASM -c -Icrypto -Iinclude crypto/crypto.c - -This last option is probably the best way to go when porting to another -platform or building shared libraries. It is not good for development so -I don't normally use it. - -To build shared libararies under unix, have a look in shlib, basically -you are on your own, but it is quite easy and all you have to do -is compile 2 (or 3) files. - -For mult-threading, have a read of doc/threads.doc. Again it is quite -easy and normally only requires some extra callbacks to be defined -by the application. -The examples for solaris and windows NT/95 are in the mt directory. - -have fun - -eric 25-Jun-1997 + + INSTALLATION ON THE UNIX PLATFORM + --------------------------------- + + [Installation on Windows, OpenVMS and MacOS (before MacOS X) is described + in INSTALL.W32, INSTALL.VMS and INSTALL.MacOS.] + + To install OpenSSL, you will need: + + * make + * Perl 5 + * an ANSI C compiler + * a development environment in form of development libraries and C + header files + * a supported Unix operating system + + Quick Start + ----------- + + If you want to just get on with it, do: + + $ ./config + $ make + $ make test + $ make install + + [If any of these steps fails, see section Installation in Detail below.] + + This will build and install OpenSSL in the default location, which is (for + historical reasons) /usr/local/ssl. If you want to install it anywhere else, + run config like this: + + $ ./config --prefix=/usr/local --openssldir=/usr/local/openssl + + + Configuration Options + --------------------- + + There are several options to ./config (or ./Configure) to customize + the build: + + --prefix=DIR Install in DIR/bin, DIR/lib, DIR/include/openssl. + Configuration files used by OpenSSL will be in DIR/ssl + or the directory specified by --openssldir. + + --openssldir=DIR Directory for OpenSSL files. If no prefix is specified, + the library files and binaries are also installed there. + + no-threads Don't try to build with support for multi-threaded + applications. + + threads Build with support for multi-threaded applications. + This will usually require additional system-dependent options! + See "Note on multi-threading" below. + + no-zlib Don't try to build with support for zlib compression and + decompression. + + zlib Build with support for zlib compression/decompression. + + zlib-dynamic Like "zlib", but has OpenSSL load the zlib library dynamically + when needed. This is only supported on systems where loading + of shared libraries is supported. This is the default choice. + + no-shared Don't try to create shared libraries. + + shared In addition to the usual static libraries, create shared + libraries on platforms where it's supported. See "Note on + shared libraries" below. + + no-asm Do not use assembler code. + + 386 Use the 80386 instruction set only (the default x86 code is + more efficient, but requires at least a 486). + + no- Build without the specified cipher (bf, cast, des, dh, dsa, + hmac, md2, md5, mdc2, rc2, rc4, rc5, rsa, sha). + The crypto/ directory can be removed after running + "make depend". + + -Dxxx, -lxxx, -Lxxx, -fxxx, -Kxxx These system specific options will + be passed through to the compiler to allow you to + define preprocessor symbols, specify additional libraries, + library directories or other compiler options. + + + Installation in Detail + ---------------------- + + 1a. Configure OpenSSL for your operation system automatically: + + $ ./config [options] + + This guesses at your operating system (and compiler, if necessary) and + configures OpenSSL based on this guess. Run ./config -t to see + if it guessed correctly. If you want to use a different compiler, you + are cross-compiling for another platform, or the ./config guess was + wrong for other reasons, go to step 1b. Otherwise go to step 2. + + On some systems, you can include debugging information as follows: + + $ ./config -d [options] + + 1b. Configure OpenSSL for your operating system manually + + OpenSSL knows about a range of different operating system, hardware and + compiler combinations. To see the ones it knows about, run + + $ ./Configure + + Pick a suitable name from the list that matches your system. For most + operating systems there is a choice between using "cc" or "gcc". When + you have identified your system (and if necessary compiler) use this name + as the argument to ./Configure. For example, a "linux-elf" user would + run: + + $ ./Configure linux-elf [options] + + If your system is not available, you will have to edit the Configure + program and add the correct configuration for your system. The + generic configurations "cc" or "gcc" should usually work on 32 bit + systems. + + Configure creates the file Makefile.ssl from Makefile.org and + defines various macros in crypto/opensslconf.h (generated from + crypto/opensslconf.h.in). + + 2. Build OpenSSL by running: + + $ make + + This will build the OpenSSL libraries (libcrypto.a and libssl.a) and the + OpenSSL binary ("openssl"). The libraries will be built in the top-level + directory, and the binary will be in the "apps" directory. + + If "make" fails, look at the output. There may be reasons for + the failure that aren't problems in OpenSSL itself (like missing + standard headers). If it is a problem with OpenSSL itself, please + report the problem to (note that your + message will be forwarded to a public mailing list). Include the + output of "make report" in your message. + + [If you encounter assembler error messages, try the "no-asm" + configuration option as an immediate fix.] + + Compiling parts of OpenSSL with gcc and others with the system + compiler will result in unresolved symbols on some systems. + + 3. After a successful build, the libraries should be tested. Run: + + $ make test + + If a test fails, look at the output. There may be reasons for + the failure that isn't a problem in OpenSSL itself (like a missing + or malfunctioning bc). If it is a problem with OpenSSL itself, + try removing any compiler optimization flags from the CFLAGS line + in Makefile.ssl and run "make clean; make". Please send a bug + report to , including the output of + "make report". + + 4. If everything tests ok, install OpenSSL with + + $ make install + + This will create the installation directory (if it does not exist) and + then the following subdirectories: + + certs Initially empty, this is the default location + for certificate files. + man/man1 Manual pages for the 'openssl' command line tool + man/man3 Manual pages for the libraries (very incomplete) + misc Various scripts. + private Initially empty, this is the default location + for private key files. + + If you didn't choose a different installation prefix, the + following additional subdirectories will be created: + + bin Contains the openssl binary and a few other + utility programs. + include/openssl Contains the header files needed if you want to + compile programs with libcrypto or libssl. + lib Contains the OpenSSL library files themselves. + + Package builders who want to configure the library for standard + locations, but have the package installed somewhere else so that + it can easily be packaged, can use + + $ make INSTALL_PREFIX=/tmp/package-root install + + (or specify "--install_prefix=/tmp/package-root" as a configure + option). The specified prefix will be prepended to all + installation target filenames. + + + NOTE: The header files used to reside directly in the include + directory, but have now been moved to include/openssl so that + OpenSSL can co-exist with other libraries which use some of the + same filenames. This means that applications that use OpenSSL + should now use C preprocessor directives of the form + + #include + + instead of "#include ", which was used with library versions + up to OpenSSL 0.9.2b. + + If you install a new version of OpenSSL over an old library version, + you should delete the old header files in the include directory. + + Compatibility issues: + + * COMPILING existing applications + + To compile an application that uses old filenames -- e.g. + "#include " --, it will usually be enough to find + the CFLAGS definition in the application's Makefile and + add a C option such as + + -I/usr/local/ssl/include/openssl + + to it. + + But don't delete the existing -I option that points to + the ..../include directory! Otherwise, OpenSSL header files + could not #include each other. + + * WRITING applications + + To write an application that is able to handle both the new + and the old directory layout, so that it can still be compiled + with library versions up to OpenSSL 0.9.2b without bothering + the user, you can proceed as follows: + + - Always use the new filename of OpenSSL header files, + e.g. #include . + + - Create a directory "incl" that contains only a symbolic + link named "openssl", which points to the "include" directory + of OpenSSL. + For example, your application's Makefile might contain the + following rule, if OPENSSLDIR is a pathname (absolute or + relative) of the directory where OpenSSL resides: + + incl/openssl: + -mkdir incl + cd $(OPENSSLDIR) # Check whether the directory really exists + -ln -s `cd $(OPENSSLDIR); pwd`/include incl/openssl + + You will have to add "incl/openssl" to the dependencies + of those C files that include some OpenSSL header file. + + - Add "-Iincl" to your CFLAGS. + + With these additions, the OpenSSL header files will be available + under both name variants if an old library version is used: + Your application can reach them under names like , + while the header files still are able to #include each other + with names of the form . + + + Note on multi-threading + ----------------------- + + For some systems, the OpenSSL Configure script knows what compiler options + are needed to generate a library that is suitable for multi-threaded + applications. On these systems, support for multi-threading is enabled + by default; use the "no-threads" option to disable (this should never be + necessary). + + On other systems, to enable support for multi-threading, you will have + to specify at least two options: "threads", and a system-dependent option. + (The latter is "-D_REENTRANT" on various systems.) The default in this + case, obviously, is not to include support for multi-threading (but + you can still use "no-threads" to suppress an annoying warning message + from the Configure script.) + + + Note on shared libraries + ------------------------ + + Shared library is currently an experimental feature. The only reason to + have them would be to conserve memory on systems where several program + are using OpenSSL. Binary backward compatibility can't be guaranteed + before OpenSSL version 1.0. + + For some systems, the OpenSSL Configure script knows what is needed to + build shared libraries for libcrypto and libssl. On these systems, + the shared libraries are currently not created by default, but giving + the option "shared" will get them created. This method supports Makefile + targets for shared library creation, like linux-shared. Those targets + can currently be used on their own just as well, but this is expected + to change in future versions of OpenSSL. diff --git a/src/lib/libssl/src/INSTALL.MacOS b/src/lib/libssl/src/INSTALL.MacOS index a8c4f7f1da..01c60d81f9 100644 --- a/src/lib/libssl/src/INSTALL.MacOS +++ b/src/lib/libssl/src/INSTALL.MacOS @@ -1,7 +1,7 @@ -OpenSSL - Port To The Macintosh -=============================== +OpenSSL - Port To The Macintosh OS 9 or Earlier +=============================================== -Thanks to Roy Wood initial support for MacOS (pre +Thanks to Roy Wood initial support for Mac OS (pre X) is now provided. "Initial" means that unlike other platforms where you get an SDK and a "swiss army" openssl application, on Macintosh you only get one sample application which fetches a page over HTTPS(*) and dumps it @@ -32,17 +32,17 @@ Installation procedure: to 42, change appropriately. (**) If you use SUNtar, then it might have already unbinhexed the files in question. -(***) The project file was saved with CW Pro 5.3. If you have earlier +(***) The project file was saved with CW Pro 5.3. If you have an earlier version and it refuses to open it, then download http://www.openssl.org/~appro/OpenSSL.mcp.xml and import it overwriting the original OpenSSL.mcp. -(****) Other targets are work in progress. If you feel like giving 'em a +(****) Other targets are works in progress. If you feel like giving 'em a shot, then you should know that OpenSSL* and Lib* targets are supposed to be built with the GUSI, MacOS library which mimics BSD sockets and some other POSIX APIs. The GUSI distribution is - expected to be found in the same directory as openssl source tree, - i.e. in the parent directory to the one where this very file, - namely INSTALL.MacOS. For more informations about GUSI, see + expected to be found in the same directory as the openssl source tree, + i.e., in the parent directory to the one where this very file, + namely INSTALL.MacOS, resides. For more information about GUSI, see http://www.iis.ee.ethz.ch/~neeri/macintosh/gusi-qa.html Finally some essential comments from our generous contributor:-) diff --git a/src/lib/libssl/src/INSTALL.VMS b/src/lib/libssl/src/INSTALL.VMS index 4c01560d3d..7658f64e1d 100644 --- a/src/lib/libssl/src/INSTALL.VMS +++ b/src/lib/libssl/src/INSTALL.VMS @@ -8,13 +8,54 @@ Intro: This file is divided in the following parts: + Requirements - Mandatory reading. + Checking the distribution - Mandatory reading. Compilation - Mandatory reading. + Logical names - Mandatory reading. Test - Mandatory reading. Installation - Mandatory reading. Backward portability - Read if it's an issue. Possible bugs or quirks - A few warnings on things that may go wrong or may surprise you. - Report - How to get in touch with me. + TODO - Things that are to come. + + +Requirements: +============= + +To build and install OpenSSL, you will need: + + * DEC C or some other ANSI C compiler. VAX C is *not* supported. + [Note: OpenSSL has only been tested with DEC C. Compiling with + a different ANSI C compiler may require some work] + +Checking the distribution: +========================== + +There have been reports of places where the distribution didn't quite get +through, for example if you've copied the tree from a NFS-mounted Unix +mount point. + +The easiest way to check if everything got through as it should is to check +for one of the following files: + + [.CRYPTO]OPENSSLCONF.H_IN + [.CRYPTO]OPENSSLCONF_H.IN + +They should never exist both at once, but one of them should (preferably +the first variant). If you can't find any of those two, something went +wrong. + +The best way to get a correct distribution is to download the gzipped tar +file from ftp://ftp.openssl.org/source/, use GUNZIP to uncompress it and +use VMSTAR to unpack the resulting tar file. + +GUNZIP is available in many places on the net. One of the distribution +points is the WKU software archive, ftp://ftp.wku.edu/vms/fileserv/ . + +VMSTAR is also available in many places on the net. The recommended place +to find information about it is http://www.free.lp.se/vmstar/ . + Compilation: ============ @@ -28,33 +69,40 @@ for a command procedure name xxx-LIB.COM (in the library directories) or MAKExxx.COM (in the program directories) and read the comments at the top to understand how to use them. However, if you want to compile all you can get, the simplest is to use MAKEVMS.COM in the top -directory. The syntax is trhe following: +directory. The syntax is the following: @MAKEVMS