+++ /dev/null
-/* crypto/asn1/a_bitstr.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include "asn1.h"
-
-/* ASN1err(ASN1_F_ASN1_STRING_NEW,ASN1_R_STRING_TOO_SHORT);
- * ASN1err(ASN1_F_D2I_ASN1_BIT_STRING,ASN1_R_EXPECTING_A_BIT_STRING);
- */
-
-int i2d_ASN1_BIT_STRING(a,pp)
-ASN1_BIT_STRING *a;
-unsigned char **pp;
- {
- int ret,i,j,r,bits,len;
- unsigned char *p,*d;
-
- if (a == NULL) return(0);
-
- len=a->length;
-
- if ((len > 0)
- {
- if (a->flags & ASN1_FG_BITS_LEFT))
- {
- bits=a->flags&0x07;
- }
- else
- {
- for ( ; len > 0; len--)
- {
- if (a->data[len-1]) break;
- }
- j=a->data[len-1];
- if (j & 0x80) bits=1;
- else if (j & 0x40) bits=2;
- else if (j & 0x20) bits=3;
- else if (j & 0x10) bits=4;
- else if (j & 0x08) bits=5;
- else if (j & 0x04) bits=6;
- else if (j & 0x02) bits=7;
- else if (j & 0x01) bits=8;
- else bits=0;
- }
- }
- else
- bits=0;
- ret=1+len;
- r=ASN1_object_size(0,ret,V_ASN1_BIT_STRING);
- if (pp == NULL) return(r);
- p= *pp;
-
- ASN1_put_object(&p,0,ret,V_ASN1_BIT_STRING,V_ASN1_UNIVERSAL);
- if (bits == 0)
- j=0;
- else j=8-bits;
- *(p++)=(unsigned char)j;
- d=a->data;
- memcpy(p,d,len);
- p+=len;
- if (len > 0) p[-1]&=(0xff<<j);
- *pp=p;
- return(r);
- }
-
-ASN1_BIT_STRING *d2i_ASN1_BIT_STRING(a, pp, length)
-ASN1_BIT_STRING **a;
-unsigned char **pp;
-long length;
- {
- ASN1_BIT_STRING *ret=NULL;
- unsigned char *p,*s;
- long len;
- int inf,tag,xclass;
- int i;
-
- if ((a == NULL) || ((*a) == NULL))
- {
- if ((ret=ASN1_BIT_STRING_new()) == NULL) return(NULL);
- }
- else
- ret=(*a);
-
- p= *pp;
- inf=ASN1_get_object(&p,&len,&tag,&xclass,length);
- if (inf & 0x80)
- {
- i=ASN1_R_BAD_OBJECT_HEADER;
- goto err;
- }
-
- if (tag != V_ASN1_BIT_STRING)
- {
- i=ASN1_R_EXPECTING_A_BIT_STRING;
- goto err;
- }
- if (len < 1) { i=ASN1_R_STRING_TOO_SHORT; goto err; }
-
- i= *(p++);
- ret->flag&= ~(ASN1_FG_BITS_LEFT|0x07); /* clear */
- if (i > 0)
- ret->flag|=(ASN1_FG_BITS_LEFT|(i&0x07)); /* set */
-
- if (len-- > 1) /* using one because of the bits left byte */
- {
- s=(unsigned char *)Malloc((int)len);
- if (s == NULL)
- {
- i=ERR_R_MALLOC_FAILURE;
- goto err;
- }
- memcpy(s,p,(int)len);
- s[len-1]&=(0xff<<i);
- p+=len;
- }
- else
- s=NULL;
-
- ret->length=(int)len;
- if (ret->data != NULL) Free((char *)ret->data);
- ret->data=s;
- ret->type=V_ASN1_BIT_STRING;
- if (a != NULL) (*a)=ret;
- *pp=p;
- return(ret);
-err:
- ASN1err(ASN1_F_D2I_ASN1_BIT_STRING,i);
- if ((ret != NULL) && ((a == NULL) || (*a != ret)))
- ASN1_BIT_STRING_free(ret);
- return(NULL);
- }
-
-/* These next 2 functions from Goetz Babin-Ebell <babinebell@trustcenter.de>
- */
-int ASN1_BIT_STRING_set_bit(a,n,value)
-ASN1_BIT_STRING *a;
-int n;
-int value;
- {
- int w,v,iv;
- unsigned char *c;
-
- w=n/8;
- v=1<<(7-(n&0x07));
- iv= ~v;
-
- a->flag&= ~(ASN1_FG_BITS_LEFT|0x07); /* clear, set on write */
-
- if (a == NULL) return(0);
- if ((a->length < (w+1)) || (a->data == NULL))
- {
- if (!value) return(1); /* Don't need to set */
- if (a->data == NULL)
- c=(unsigned char *)Malloc(w+1);
- else
- c=(unsigned char *)Realloc(a->data,w+1);
- if (c == NULL) return(0);
- a->data=c;
- a->length=w+1;
- c[w]=0;
- }
- a->data[w]=((a->data[w])&iv)|v;
- while ((a->length > 0) && (a->data[a->length-1] == 0))
- a->length--;
- return(1);
- }
-
-int ASN1_BIT_STRING_get_bit(a,n)
-ASN1_BIT_STRING *a;
-int n;
- {
- int w,v;
-
- w=n/8;
- v=1<<(7-(n&0x07));
- if ((a == NULL) || (a->length < (w+1)) || (a->data == NULL))
- return(0);
- return((a->data[w]&v) != 0);
- }
-
+++ /dev/null
-/* crypto/asn1/x_crl.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include "asn1_mac.h"
-#include "x509.h"
-
-/*
- * ASN1err(ASN1_F_D2I_X509_CRL,ASN1_R_LENGTH_MISMATCH);
- * ASN1err(ASN1_F_D2I_X509_CRL_INFO,ASN1_R_EXPECTING_A_SEQUENCE);
- * ASN1err(ASN1_F_D2I_X509_REVOKED,ASN1_R_LENGTH_MISMATCH);
- * ASN1err(ASN1_F_X509_CRL_NEW,ASN1_R_LENGTH_MISMATCH);
- * ASN1err(ASN1_F_X509_CRL_INFO_NEW,ASN1_R_EXPECTING_A_SEQUENCE);
- * ASN1err(ASN1_F_X509_REVOKED_NEW,ASN1_R_LENGTH_MISMATCH);
- */
-
-#ifndef NOPROTO
-static int X509_REVOKED_cmp(X509_REVOKED **a,X509_REVOKED **b);
-static int X509_REVOKED_seq_cmp(X509_REVOKED **a,X509_REVOKED **b);
-#else
-static int X509_REVOKED_cmp();
-static int X509_REVOKED_seq_cmp();
-#endif
-
-int i2d_X509_REVOKED(a,pp)
-X509_REVOKED *a;
-unsigned char **pp;
- {
- M_ASN1_I2D_vars(a);
-
- M_ASN1_I2D_len(a->serialNumber,i2d_ASN1_INTEGER);
- M_ASN1_I2D_len(a->revocationDate,i2d_ASN1_UTCTIME);
- M_ASN1_I2D_len_SEQ_opt(a->extensions,i2d_X509_EXTENSION);
-
- M_ASN1_I2D_seq_total();
-
- M_ASN1_I2D_put(a->serialNumber,i2d_ASN1_INTEGER);
- M_ASN1_I2D_put(a->revocationDate,i2d_ASN1_UTCTIME);
- M_ASN1_I2D_put_SEQ_opt(a->extensions,i2d_X509_EXTENSION);
-
- M_ASN1_I2D_finish();
- }
-
-X509_REVOKED *d2i_X509_REVOKED(a,pp,length)
-X509_REVOKED **a;
-unsigned char **pp;
-long length;
- {
- M_ASN1_D2I_vars(a,X509_REVOKED *,X509_REVOKED_new);
-
- M_ASN1_D2I_Init();
- M_ASN1_D2I_start_sequence();
- M_ASN1_D2I_get(ret->serialNumber,d2i_ASN1_INTEGER);
- M_ASN1_D2I_get(ret->revocationDate,d2i_ASN1_UTCTIME);
- M_ASN1_D2I_get_seq_opt(ret->extensions,d2i_X509_EXTENSION);
- M_ASN1_D2I_Finish(a,X509_REVOKED_free,ASN1_F_D2I_X509_REVOKED);
- }
-
-int i2d_X509_CRL_INFO(a,pp)
-X509_CRL_INFO *a;
-unsigned char **pp;
- {
- int v1=0;
- long l=0;
- M_ASN1_I2D_vars(a);
-
- if (sk_num(a->revoked) != 0)
- qsort((char *)a->revoked->data,sk_num(a->revoked),
- sizeof(X509_REVOKED *),(int (*)(P_CC_CC))X509_REVOKED_seq_cmp);
- if ((a->version != NULL) && ((l=ASN1_INTEGER_get(a->version)) != 0))
- {
- M_ASN1_I2D_len(a->version,i2d_ASN1_INTEGER);
- }
- M_ASN1_I2D_len(a->sig_alg,i2d_X509_ALGOR);
- M_ASN1_I2D_len(a->issuer,i2d_X509_NAME);
- M_ASN1_I2D_len(a->lastUpdate,i2d_ASN1_UTCTIME);
- if (a->nextUpdate != NULL)
- { M_ASN1_I2D_len(a->nextUpdate,i2d_ASN1_UTCTIME); }
- M_ASN1_I2D_len_SEQ_opt(a->revoked,i2d_X509_REVOKED);
- M_ASN1_I2D_len_EXP_set_opt(a->extensions,i2d_X509_EXTENSION,0,
- V_ASN1_SEQUENCE,v1);
-
- M_ASN1_I2D_seq_total();
-
- if ((a->version != NULL) && (l != 0))
- {
- M_ASN1_I2D_put(a->version,i2d_ASN1_INTEGER);
- }
- M_ASN1_I2D_put(a->sig_alg,i2d_X509_ALGOR);
- M_ASN1_I2D_put(a->issuer,i2d_X509_NAME);
- M_ASN1_I2D_put(a->lastUpdate,i2d_ASN1_UTCTIME);
- if (a->nextUpdate != NULL)
- { M_ASN1_I2D_put(a->nextUpdate,i2d_ASN1_UTCTIME); }
- M_ASN1_I2D_put_SEQ_opt(a->revoked,i2d_X509_REVOKED);
- M_ASN1_I2D_put_EXP_set_opt(a->extensions,i2d_X509_EXTENSION,0,
- V_ASN1_SEQUENCE,v1);
-
- M_ASN1_I2D_finish();
- }
-
-X509_CRL_INFO *d2i_X509_CRL_INFO(a,pp,length)
-X509_CRL_INFO **a;
-unsigned char **pp;
-long length;
- {
- int i,ver=0;
- M_ASN1_D2I_vars(a,X509_CRL_INFO *,X509_CRL_INFO_new);
-
-
- M_ASN1_D2I_Init();
- M_ASN1_D2I_start_sequence();
- M_ASN1_D2I_get_opt(ret->version,d2i_ASN1_INTEGER,V_ASN1_INTEGER);
- if (ret->version != NULL)
- ver=ret->version->data[0];
-
- if ((ver == 0) && (ret->version != NULL))
- {
- ASN1_INTEGER_free(ret->version);
- ret->version=NULL;
- }
- M_ASN1_D2I_get(ret->sig_alg,d2i_X509_ALGOR);
- M_ASN1_D2I_get(ret->issuer,d2i_X509_NAME);
- M_ASN1_D2I_get(ret->lastUpdate,d2i_ASN1_UTCTIME);
- M_ASN1_D2I_get_opt(ret->nextUpdate,d2i_ASN1_UTCTIME,V_ASN1_UTCTIME);
- if (ret->revoked != NULL)
- {
- while (sk_num(ret->revoked))
- X509_REVOKED_free((X509_REVOKED *)sk_pop(ret->revoked));
- }
- M_ASN1_D2I_get_seq_opt(ret->revoked,d2i_X509_REVOKED);
-
- if (ret->revoked != NULL)
- {
- for (i=0; i<sk_num(ret->revoked); i++)
- {
- ((X509_REVOKED *)sk_value(ret->revoked,i))->sequence=i;
- }
- }
-
- if (ver >= 1)
- {
- if (ret->extensions != NULL)
- {
- while (sk_num(ret->extensions))
- X509_EXTENSION_free((X509_EXTENSION *)
- sk_pop(ret->extensions));
- }
-
- M_ASN1_D2I_get_EXP_set_opt(ret->extensions,d2i_X509_EXTENSION,
- 0,V_ASN1_SEQUENCE);
- }
-
- M_ASN1_D2I_Finish(a,X509_CRL_INFO_free,ASN1_F_D2I_X509_CRL_INFO);
- }
-
-int i2d_X509_CRL(a,pp)
-X509_CRL *a;
-unsigned char **pp;
- {
- M_ASN1_I2D_vars(a);
-
- M_ASN1_I2D_len(a->crl,i2d_X509_CRL_INFO);
- M_ASN1_I2D_len(a->sig_alg,i2d_X509_ALGOR);
- M_ASN1_I2D_len(a->signature,i2d_ASN1_BIT_STRING);
-
- M_ASN1_I2D_seq_total();
-
- M_ASN1_I2D_put(a->crl,i2d_X509_CRL_INFO);
- M_ASN1_I2D_put(a->sig_alg,i2d_X509_ALGOR);
- M_ASN1_I2D_put(a->signature,i2d_ASN1_BIT_STRING);
-
- M_ASN1_I2D_finish();
- }
-
-X509_CRL *d2i_X509_CRL(a,pp,length)
-X509_CRL **a;
-unsigned char **pp;
-long length;
- {
- M_ASN1_D2I_vars(a,X509_CRL *,X509_CRL_new);
-
- M_ASN1_D2I_Init();
- M_ASN1_D2I_start_sequence();
- M_ASN1_D2I_get(ret->crl,d2i_X509_CRL_INFO);
- M_ASN1_D2I_get(ret->sig_alg,d2i_X509_ALGOR);
- M_ASN1_D2I_get(ret->signature,d2i_ASN1_BIT_STRING);
-
- M_ASN1_D2I_Finish(a,X509_CRL_free,ASN1_F_D2I_X509_CRL);
- }
-
-
-X509_REVOKED *X509_REVOKED_new()
- {
- X509_REVOKED *ret=NULL;
-
- M_ASN1_New_Malloc(ret,X509_REVOKED);
- M_ASN1_New(ret->serialNumber,ASN1_INTEGER_new);
- M_ASN1_New(ret->revocationDate,ASN1_UTCTIME_new);
- ret->extensions=NULL;
- return(ret);
- M_ASN1_New_Error(ASN1_F_X509_REVOKED_NEW);
- }
-
-X509_CRL_INFO *X509_CRL_INFO_new()
- {
- X509_CRL_INFO *ret=NULL;
-
- M_ASN1_New_Malloc(ret,X509_CRL_INFO);
- ret->version=NULL;
- M_ASN1_New(ret->sig_alg,X509_ALGOR_new);
- M_ASN1_New(ret->issuer,X509_NAME_new);
- M_ASN1_New(ret->lastUpdate,ASN1_UTCTIME_new);
- ret->nextUpdate=NULL;
- M_ASN1_New(ret->revoked,sk_new_null);
- M_ASN1_New(ret->extensions,sk_new_null);
- ret->revoked->comp=(int (*)())X509_REVOKED_cmp;
- return(ret);
- M_ASN1_New_Error(ASN1_F_X509_CRL_INFO_NEW);
- }
-
-X509_CRL *X509_CRL_new()
- {
- X509_CRL *ret=NULL;
-
- M_ASN1_New_Malloc(ret,X509_CRL);
- ret->references=1;
- M_ASN1_New(ret->crl,X509_CRL_INFO_new);
- M_ASN1_New(ret->sig_alg,X509_ALGOR_new);
- M_ASN1_New(ret->signature,ASN1_BIT_STRING_new);
- return(ret);
- M_ASN1_New_Error(ASN1_F_X509_CRL_NEW);
- }
-
-void X509_REVOKED_free(a)
-X509_REVOKED *a;
- {
- if (a == NULL) return;
- ASN1_INTEGER_free(a->serialNumber);
- ASN1_UTCTIME_free(a->revocationDate);
- sk_pop_free(a->extensions,X509_EXTENSION_free);
- Free((char *)a);
- }
-
-void X509_CRL_INFO_free(a)
-X509_CRL_INFO *a;
- {
- if (a == NULL) return;
- ASN1_INTEGER_free(a->version);
- X509_ALGOR_free(a->sig_alg);
- X509_NAME_free(a->issuer);
- ASN1_UTCTIME_free(a->lastUpdate);
- if (a->nextUpdate)
- ASN1_UTCTIME_free(a->nextUpdate);
- sk_pop_free(a->revoked,X509_REVOKED_free);
- sk_pop_free(a->extensions,X509_EXTENSION_free);
- Free((char *)a);
- }
-
-void X509_CRL_free(a)
-X509_CRL *a;
- {
- int i;
-
- if (a == NULL) return;
-
- i=CRYPTO_add(&a->references,-1,CRYPTO_LOCK_X509_CRL);
-#ifdef REF_PRINT
- REF_PRINT("X509_CRL",a);
-#endif
- if (i > 0) return;
-#ifdef REF_CHECK
- if (i < 0)
- {
- fprintf(stderr,"X509_CRL_free, bad reference count\n");
- abort();
- }
-#endif
-
- X509_CRL_INFO_free(a->crl);
- X509_ALGOR_free(a->sig_alg);
- ASN1_BIT_STRING_free(a->signature);
- Free((char *)a);
- }
-
-static int X509_REVOKED_cmp(a,b)
-X509_REVOKED **a,**b;
- {
- return(ASN1_STRING_cmp(
- (ASN1_STRING *)(*a)->serialNumber,
- (ASN1_STRING *)(*b)->serialNumber));
- }
-
-static int X509_REVOKED_seq_cmp(a,b)
-X509_REVOKED **a,**b;
- {
- return((*a)->sequence-(*b)->sequence);
- }
+++ /dev/null
-/* crypto/bf/bf_local.h */
-/* Copyright (C) 1995-1997 Eric Young (eay@mincom.oz.au)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@mincom.oz.au).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@mincom.oz.au).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@mincom.oz.au)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@mincom.oz.au)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-/* WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING
- *
- * Always modify bf_locl.org since bf_locl.h is automatically generated from
- * it during SSLeay configuration.
- *
- * WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING
- */
-
-/* Special defines which change the way the code is built depending on the
- CPU and OS. For SGI machines you can use _MIPS_SZLONG (32 or 64) to find
- even newer MIPS CPU's, but at the moment one size fits all for
- optimization options. Older Sparc's work better with only UNROLL, but
- there's no way to tell at compile time what it is you're running on */
-
-#if defined( sun ) /* Newer Sparc's */
-# define BF_PTR
-#elif defined( __ultrix ) /* Older MIPS */
-# define BF_PTR
-#elif defined( __osf1__ ) /* Alpha */
- /* None */
-#elif defined ( _AIX ) /* RS6000 */
- /* Unknown */
-#elif defined( __hpux ) /* HP-PA */
- /* None */
-#elif defined( __aux ) /* 68K */
- /* Unknown */
-#elif defined( __dgux ) /* 88K (but P6 in latest boxes) */
- /* Unknown */
-#elif defined( __sgi ) /* Newer MIPS */
-# define BF_PTR
-#elif defined( i386 ) /* x86 boxes, should be gcc */
-# define BF_PTR2
-#elif defined( _MSC_VER ) /* x86 boxes, Visual C */
-# define BF_PTR2
-#endif /* Systems-specific speed defines */
-
-#undef c2l
-#define c2l(c,l) (l =((unsigned long)(*((c)++))) , \
- l|=((unsigned long)(*((c)++)))<< 8L, \
- l|=((unsigned long)(*((c)++)))<<16L, \
- l|=((unsigned long)(*((c)++)))<<24L)
-
-/* NOTE - c is not incremented as per c2l */
-#undef c2ln
-#define c2ln(c,l1,l2,n) { \
- c+=n; \
- l1=l2=0; \
- switch (n) { \
- case 8: l2 =((unsigned long)(*(--(c))))<<24L; \
- case 7: l2|=((unsigned long)(*(--(c))))<<16L; \
- case 6: l2|=((unsigned long)(*(--(c))))<< 8L; \
- case 5: l2|=((unsigned long)(*(--(c)))); \
- case 4: l1 =((unsigned long)(*(--(c))))<<24L; \
- case 3: l1|=((unsigned long)(*(--(c))))<<16L; \
- case 2: l1|=((unsigned long)(*(--(c))))<< 8L; \
- case 1: l1|=((unsigned long)(*(--(c)))); \
- } \
- }
-
-#undef l2c
-#define l2c(l,c) (*((c)++)=(unsigned char)(((l) )&0xff), \
- *((c)++)=(unsigned char)(((l)>> 8L)&0xff), \
- *((c)++)=(unsigned char)(((l)>>16L)&0xff), \
- *((c)++)=(unsigned char)(((l)>>24L)&0xff))
-
-/* NOTE - c is not incremented as per l2c */
-#undef l2cn
-#define l2cn(l1,l2,c,n) { \
- c+=n; \
- switch (n) { \
- case 8: *(--(c))=(unsigned char)(((l2)>>24L)&0xff); \
- case 7: *(--(c))=(unsigned char)(((l2)>>16L)&0xff); \
- case 6: *(--(c))=(unsigned char)(((l2)>> 8L)&0xff); \
- case 5: *(--(c))=(unsigned char)(((l2) )&0xff); \
- case 4: *(--(c))=(unsigned char)(((l1)>>24L)&0xff); \
- case 3: *(--(c))=(unsigned char)(((l1)>>16L)&0xff); \
- case 2: *(--(c))=(unsigned char)(((l1)>> 8L)&0xff); \
- case 1: *(--(c))=(unsigned char)(((l1) )&0xff); \
- } \
- }
-
-/* NOTE - c is not incremented as per n2l */
-#define n2ln(c,l1,l2,n) { \
- c+=n; \
- l1=l2=0; \
- switch (n) { \
- case 8: l2 =((unsigned long)(*(--(c)))) ; \
- case 7: l2|=((unsigned long)(*(--(c))))<< 8; \
- case 6: l2|=((unsigned long)(*(--(c))))<<16; \
- case 5: l2|=((unsigned long)(*(--(c))))<<24; \
- case 4: l1 =((unsigned long)(*(--(c)))) ; \
- case 3: l1|=((unsigned long)(*(--(c))))<< 8; \
- case 2: l1|=((unsigned long)(*(--(c))))<<16; \
- case 1: l1|=((unsigned long)(*(--(c))))<<24; \
- } \
- }
-
-/* NOTE - c is not incremented as per l2n */
-#define l2nn(l1,l2,c,n) { \
- c+=n; \
- switch (n) { \
- case 8: *(--(c))=(unsigned char)(((l2) )&0xff); \
- case 7: *(--(c))=(unsigned char)(((l2)>> 8)&0xff); \
- case 6: *(--(c))=(unsigned char)(((l2)>>16)&0xff); \
- case 5: *(--(c))=(unsigned char)(((l2)>>24)&0xff); \
- case 4: *(--(c))=(unsigned char)(((l1) )&0xff); \
- case 3: *(--(c))=(unsigned char)(((l1)>> 8)&0xff); \
- case 2: *(--(c))=(unsigned char)(((l1)>>16)&0xff); \
- case 1: *(--(c))=(unsigned char)(((l1)>>24)&0xff); \
- } \
- }
-
-#undef n2l
-#define n2l(c,l) (l =((unsigned long)(*((c)++)))<<24L, \
- l|=((unsigned long)(*((c)++)))<<16L, \
- l|=((unsigned long)(*((c)++)))<< 8L, \
- l|=((unsigned long)(*((c)++))))
-
-#undef l2n
-#define l2n(l,c) (*((c)++)=(unsigned char)(((l)>>24L)&0xff), \
- *((c)++)=(unsigned char)(((l)>>16L)&0xff), \
- *((c)++)=(unsigned char)(((l)>> 8L)&0xff), \
- *((c)++)=(unsigned char)(((l) )&0xff))
-
-/* This is actually a big endian algorithm, the most significate byte
- * is used to lookup array 0 */
-
-/* use BF_PTR2 for intel boxes,
- * BF_PTR for sparc and MIPS/SGI
- * use nothing for Alpha and HP.
- */
-#if !defined(BF_PTR) && !defined(BF_PTR2)
-#undef BF_PTR
-#endif
-
-#define BF_M 0x3fc
-#define BF_0 22L
-#define BF_1 14L
-#define BF_2 6L
-#define BF_3 2L /* left shift */
-
-#if defined(BF_PTR2)
-
-/* This is basically a special pentium verson */
-#define BF_ENC(LL,R,S,P) \
- { \
- BF_LONG t,u,v; \
- u=R>>BF_0; \
- v=R>>BF_1; \
- u&=BF_M; \
- v&=BF_M; \
- t= *(BF_LONG *)((unsigned char *)&(S[ 0])+u); \
- u=R>>BF_2; \
- t+= *(BF_LONG *)((unsigned char *)&(S[256])+v); \
- v=R<<BF_3; \
- u&=BF_M; \
- v&=BF_M; \
- t^= *(BF_LONG *)((unsigned char *)&(S[512])+u); \
- LL^=P; \
- t+= *(BF_LONG *)((unsigned char *)&(S[768])+v); \
- LL^=t; \
- }
-
-#elif defined(BF_PTR)
-
-/* This is normally very good */
-
-#define BF_ENC(LL,R,S,P) \
- LL^=P; \
- LL^= (((*(BF_LONG *)((unsigned char *)&(S[ 0])+((R>>BF_0)&BF_M))+ \
- *(BF_LONG *)((unsigned char *)&(S[256])+((R>>BF_1)&BF_M)))^ \
- *(BF_LONG *)((unsigned char *)&(S[512])+((R>>BF_2)&BF_M)))+ \
- *(BF_LONG *)((unsigned char *)&(S[768])+((R<<BF_3)&BF_M)));
-#else
-
-/* This will always work, even on 64 bit machines and strangly enough,
- * on the Alpha it is faster than the pointer versions (both 32 and 64
- * versions of BF_LONG) */
-
-#define BF_ENC(LL,R,S,P) \
- LL^=P; \
- LL^=((( S[ (int)(R>>24L) ] + \
- S[0x0100+((int)(R>>16L)&0xff)])^ \
- S[0x0200+((int)(R>> 8L)&0xff)])+ \
- S[0x0300+((int)(R )&0xff)])&0xffffffffL;
-#endif
+++ /dev/null
-DSA wants 64*32 to use word mont mul, but
-RSA wants to use full.
+++ /dev/null
-/* crypto/des/des.h */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@mincom.oz.au).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@mincom.oz.au).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@mincom.oz.au)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@mincom.oz.au)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-/* WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING
- *
- * Always modify des.org since des.h is automatically generated from
- * it during SSLeay configuration.
- *
- * WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING
- */
-
-#ifndef HEADER_DES_H
-#define HEADER_DES_H
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-#include <stdio.h>
-
-/* If this is set to 'unsigned int' on a DEC Alpha, this gives about a
- * %20 speed up (longs are 8 bytes, int's are 4). */
-#ifndef DES_LONG
-#define DES_LONG unsigned long
-#endif
-
-typedef unsigned char des_cblock[8];
-typedef struct des_ks_struct
- {
- union {
- des_cblock _;
- /* make sure things are correct size on machines with
- * 8 byte longs */
- DES_LONG pad[2];
- } ks;
-#undef _
-#define _ ks._
- } des_key_schedule[16];
-
-#define DES_KEY_SZ (sizeof(des_cblock))
-#define DES_SCHEDULE_SZ (sizeof(des_key_schedule))
-
-#define DES_ENCRYPT 1
-#define DES_DECRYPT 0
-
-#define DES_CBC_MODE 0
-#define DES_PCBC_MODE 1
-
-#define des_ecb2_encrypt(i,o,k1,k2,e) \
- des_ecb3_encrypt((i),(o),(k1),(k2),(k1),(e))
-
-#define des_ede2_cbc_encrypt(i,o,l,k1,k2,iv,e) \
- des_ede3_cbc_encrypt((i),(o),(l),(k1),(k2),(k1),(iv),(e))
-
-#define des_ede2_cfb64_encrypt(i,o,l,k1,k2,iv,n,e) \
- des_ede3_cfb64_encrypt((i),(o),(l),(k1),(k2),(k1),(iv),(n),(e))
-
-#define des_ede2_ofb64_encrypt(i,o,l,k1,k2,iv,n) \
- des_ede3_ofb64_encrypt((i),(o),(l),(k1),(k2),(k1),(iv),(n))
-
-#define C_Block des_cblock
-#define Key_schedule des_key_schedule
-#ifdef KERBEROS
-#define ENCRYPT DES_ENCRYPT
-#define DECRYPT DES_DECRYPT
-#endif
-#define KEY_SZ DES_KEY_SZ
-#define string_to_key des_string_to_key
-#define read_pw_string des_read_pw_string
-#define random_key des_random_key
-#define pcbc_encrypt des_pcbc_encrypt
-#define set_key des_set_key
-#define key_sched des_key_sched
-#define ecb_encrypt des_ecb_encrypt
-#define cbc_encrypt des_cbc_encrypt
-#define ncbc_encrypt des_ncbc_encrypt
-#define xcbc_encrypt des_xcbc_encrypt
-#define cbc_cksum des_cbc_cksum
-#define quad_cksum des_quad_cksum
-
-/* For compatibility with the MIT lib - eay 20/05/92 */
-typedef des_key_schedule bit_64;
-#define des_fixup_key_parity des_set_odd_parity
-#define des_check_key_parity check_parity
-
-extern int des_check_key; /* defaults to false */
-extern int des_rw_mode; /* defaults to DES_PCBC_MODE */
-
-/* The next line is used to disable full ANSI prototypes, if your
- * compiler has problems with the prototypes, make sure this line always
- * evaluates to true :-) */
-#if defined(MSDOS) || defined(__STDC__)
-#undef NOPROTO
-#endif
-#ifndef NOPROTO
-char *des_options(void);
-void des_ecb3_encrypt(des_cblock *input,des_cblock *output,
- des_key_schedule ks1,des_key_schedule ks2,
- des_key_schedule ks3, int enc);
-DES_LONG des_cbc_cksum(des_cblock *input,des_cblock *output,
- long length,des_key_schedule schedule,des_cblock *ivec);
-void des_cbc_encrypt(des_cblock *input,des_cblock *output,long length,
- des_key_schedule schedule,des_cblock *ivec,int enc);
-void des_ncbc_encrypt(des_cblock *input,des_cblock *output,long length,
- des_key_schedule schedule,des_cblock *ivec,int enc);
-void des_xcbc_encrypt(des_cblock *input,des_cblock *output,long length,
- des_key_schedule schedule,des_cblock *ivec,
- des_cblock *inw,des_cblock *outw,int enc);
-void des_3cbc_encrypt(des_cblock *input,des_cblock *output,long length,
- des_key_schedule sk1,des_key_schedule sk2,
- des_cblock *ivec1,des_cblock *ivec2,int enc);
-void des_cfb_encrypt(unsigned char *in,unsigned char *out,int numbits,
- long length,des_key_schedule schedule,des_cblock *ivec,int enc);
-void des_ecb_encrypt(des_cblock *input,des_cblock *output,
- des_key_schedule ks,int enc);
-void des_encrypt(DES_LONG *data,des_key_schedule ks, int enc);
-void des_encrypt2(DES_LONG *data,des_key_schedule ks, int enc);
-void des_encrypt3(DES_LONG *data, des_key_schedule ks1,
- des_key_schedule ks2, des_key_schedule ks3);
-void des_decrypt3(DES_LONG *data, des_key_schedule ks1,
- des_key_schedule ks2, des_key_schedule ks3);
-void des_ede3_cbc_encrypt(des_cblock *input, des_cblock *output,
- long length, des_key_schedule ks1, des_key_schedule ks2,
- des_key_schedule ks3, des_cblock *ivec, int enc);
-void des_ede3_cfb64_encrypt(unsigned char *in, unsigned char *out,
- long length, des_key_schedule ks1, des_key_schedule ks2,
- des_key_schedule ks3, des_cblock *ivec, int *num, int enc);
-void des_ede3_ofb64_encrypt(unsigned char *in, unsigned char *out,
- long length, des_key_schedule ks1, des_key_schedule ks2,
- des_key_schedule ks3, des_cblock *ivec, int *num);
-
-void des_xwhite_in2out(des_cblock (*des_key), des_cblock (*in_white),
- des_cblock (*out_white));
-
-int des_enc_read(int fd,char *buf,int len,des_key_schedule sched,
- des_cblock *iv);
-int des_enc_write(int fd,char *buf,int len,des_key_schedule sched,
- des_cblock *iv);
-char *des_fcrypt(const char *buf,const char *salt, char *ret);
-#ifdef PERL5
-char *des_crypt(const char *buf,const char *salt);
-#else
-/* some stupid compilers complain because I have declared char instead
- * of const char */
-#ifdef HEADER_DES_LOCL_H
-char *crypt(const char *buf,const char *salt);
-#else
-char *crypt();
-#endif
-#endif
-void des_ofb_encrypt(unsigned char *in,unsigned char *out,
- int numbits,long length,des_key_schedule schedule,des_cblock *ivec);
-void des_pcbc_encrypt(des_cblock *input,des_cblock *output,long length,
- des_key_schedule schedule,des_cblock *ivec,int enc);
-DES_LONG des_quad_cksum(des_cblock *input,des_cblock *output,
- long length,int out_count,des_cblock *seed);
-void des_random_seed(des_cblock key);
-void des_random_key(des_cblock ret);
-int des_read_password(des_cblock *key,char *prompt,int verify);
-int des_read_2passwords(des_cblock *key1,des_cblock *key2,
- char *prompt,int verify);
-int des_read_pw_string(char *buf,int length,char *prompt,int verify);
-void des_set_odd_parity(des_cblock *key);
-int des_is_weak_key(des_cblock *key);
-int des_set_key(des_cblock *key,des_key_schedule schedule);
-int des_key_sched(des_cblock *key,des_key_schedule schedule);
-void des_string_to_key(char *str,des_cblock *key);
-void des_string_to_2keys(char *str,des_cblock *key1,des_cblock *key2);
-void des_cfb64_encrypt(unsigned char *in, unsigned char *out, long length,
- des_key_schedule schedule, des_cblock *ivec, int *num, int enc);
-void des_ofb64_encrypt(unsigned char *in, unsigned char *out, long length,
- des_key_schedule schedule, des_cblock *ivec, int *num);
-int des_read_pw(char *buf, char *buff, int size, char *prompt, int verify);
-
-/* Extra functions from Mark Murray <mark@grondar.za> */
-void des_cblock_print_file(des_cblock *cb, FILE *fp);
-/* The following functions are not in the normal unix build or the
- * SSLeay build. When using the SSLeay build, use RAND_seed()
- * and RAND_bytes() instead. */
-int des_new_random_key(des_cblock *key);
-void des_init_random_number_generator(des_cblock *key);
-void des_set_random_generator_seed(des_cblock *key);
-void des_set_sequence_number(des_cblock new_sequence_number);
-void des_generate_random_block(des_cblock *block);
-
-#else
-
-char *des_options();
-void des_ecb3_encrypt();
-DES_LONG des_cbc_cksum();
-void des_cbc_encrypt();
-void des_ncbc_encrypt();
-void des_xcbc_encrypt();
-void des_3cbc_encrypt();
-void des_cfb_encrypt();
-void des_ede3_cfb64_encrypt();
-void des_ede3_ofb64_encrypt();
-void des_ecb_encrypt();
-void des_encrypt();
-void des_encrypt2();
-void des_encrypt3();
-void des_decrypt3();
-void des_ede3_cbc_encrypt();
-int des_enc_read();
-int des_enc_write();
-char *des_fcrypt();
-#ifdef PERL5
-char *des_crypt();
-#else
-char *crypt();
-#endif
-void des_ofb_encrypt();
-void des_pcbc_encrypt();
-DES_LONG des_quad_cksum();
-void des_random_seed();
-void des_random_key();
-int des_read_password();
-int des_read_2passwords();
-int des_read_pw_string();
-void des_set_odd_parity();
-int des_is_weak_key();
-int des_set_key();
-int des_key_sched();
-void des_string_to_key();
-void des_string_to_2keys();
-void des_cfb64_encrypt();
-void des_ofb64_encrypt();
-int des_read_pw();
-void des_xwhite_in2out();
-
-/* Extra functions from Mark Murray <mark@grondar.za> */
-void des_cblock_print_file();
-/* The following functions are not in the normal unix build or the
- * SSLeay build. When using the SSLeay build, use RAND_seed()
- * and RAND_bytes() instead. */
-#ifdef FreeBSD
-int des_new_random_key();
-void des_init_random_number_generator();
-void des_set_random_generator_seed();
-void des_set_sequence_number();
-void des_generate_random_block();
-#endif
-
-#endif
-
-#ifdef __cplusplus
-}
-#endif
-
-#endif
+++ /dev/null
-#
-# SSLeay/crypto/md/Makefile
-#
-
-DIR= md
-TOP= ../..
-CC= cc
-INCLUDES=
-CFLAG=-g
-INSTALLTOP=/usr/local/ssl
-MAKE= make -f Makefile.ssl
-MAKEDEPEND= $(TOP)/util/domd $(TOP)
-MAKEFILE= Makefile.ssl
-AR= ar r
-
-CFLAGS= $(INCLUDES) $(CFLAG)
-
-GENERAL=Makefile
-TEST=md2test.c md5test.c
-APPS=
-
-LIB=$(TOP)/libcrypto.a
-LIBSRC=md2_dgst.c md5_dgst.c md2_one.c md5_one.c
-LIBOBJ=md2_dgst.o md5_dgst.o md2_one.o md5_one.o
-
-SRC= $(LIBSRC)
-
-EXHEADER= md2.h md5.h
-HEADER= md5_locl.h $(EXHEADER)
-
-ALL= $(GENERAL) $(SRC) $(HEADER)
-
-top:
- (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
-
-all: lib
-
-lib: $(LIBOBJ)
- $(AR) $(LIB) $(LIBOBJ)
- sh $(TOP)/util/ranlib.sh $(LIB)
- @touch lib
-
-files:
- perl $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
-
-links:
- /bin/rm -f Makefile
- $(TOP)/util/point.sh Makefile.ssl Makefile ;
- $(TOP)/util/mklink.sh ../../include $(EXHEADER)
- $(TOP)/util/mklink.sh ../../test $(TEST)
- $(TOP)/util/mklink.sh ../../apps $(APPS)
-
-install:
- @for i in $(EXHEADER) ; \
- do \
- (cp $$i $(INSTALLTOP)/include/$$i; \
- chmod 644 $(INSTALLTOP)/include/$$i ); \
- done;
-
-tags:
- ctags $(SRC)
-
-tests:
-
-lint:
- lint -DLINT $(INCLUDES) $(SRC)>fluff
-
-depend:
- $(MAKEDEPEND) $(INCLUDES) $(PROGS) $(LIBSRC)
-
-dclean:
- perl -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
- mv -f Makefile.new $(MAKEFILE)
-
-clean:
- /bin/rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
-
-errors:
-
-# DO NOT DELETE THIS LINE -- make depend depends on it.
+++ /dev/null
-/* crypto/md/md2.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "md2.h"
-
-#define BUFSIZE 1024*16
-
-#ifndef NOPROTO
-void do_fp(FILE *f);
-void pt(unsigned char *md);
-int read(int, void *, unsigned int);
-void exit(int);
-void perror(const char *);
-#else
-void do_fp();
-void pt();
-int read();
-void exit();
-void perror();
-#endif
-
-int main(argc, argv)
-int argc;
-char *argv[];
- {
- int i,err=0;
- FILE *IN;
-
- if (argc == 1)
- {
- do_fp(stdin);
- }
- else
- {
- for (i=1; i<argc; i++)
- {
- IN=fopen(argv[i],"r");
- if (IN == NULL)
- {
- perror(argv[i]);
- err++;
- continue;
- }
- printf("MD2(%s)= ",argv[i]);
- do_fp(IN);
- fclose(IN);
- }
- }
- exit(err);
- return(err);
- }
-
-void do_fp(f)
-FILE *f;
- {
- MD2_CTX c;
- unsigned char md[MD2_DIGEST_LENGTH];
- int fd,i;
- static unsigned char buf[BUFSIZE];
-
- fd=fileno(f);
- MD2_Init(&c);
- for (;;)
- {
- i=read(fd,buf,BUFSIZE);
- if (i <= 0) break;
- MD2_Update(&c,buf,(unsigned long)i);
- }
- MD2_Final(&(md[0]),&c);
- pt(md);
- }
-
-void pt(md)
-unsigned char *md;
- {
- int i;
-
- for (i=0; i<MD2_DIGEST_LENGTH; i++)
- printf("%02x",md[i]);
- printf("\n");
- }
+++ /dev/null
-/* crypto/md/md2.org */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-/* WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING
- *
- * Always modify md2.org since md2.h is automatically generated from
- * it during SSLeay configuration.
- *
- * WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING
- */
-
-
-#ifndef HEADER_MD2_H
-#define HEADER_MD2_H
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-#define MD2_DIGEST_LENGTH 16
-#define MD2_BLOCK 16
-
-#define MD2_INT unsigned int
-
-typedef struct MD2state_st
- {
- int num;
- unsigned char data[MD2_BLOCK];
- MD2_INT cksm[MD2_BLOCK];
- MD2_INT state[MD2_BLOCK];
- } MD2_CTX;
-
-#ifndef NOPROTO
-char *MD2_options(void);
-void MD2_Init(MD2_CTX *c);
-void MD2_Update(MD2_CTX *c, register unsigned char *data, unsigned long len);
-void MD2_Final(unsigned char *md, MD2_CTX *c);
-unsigned char *MD2(unsigned char *d, unsigned long n,unsigned char *md);
-#else
-char *MD2_options();
-void MD2_Init();
-void MD2_Update();
-void MD2_Final();
-unsigned char *MD2();
-#endif
-
-#ifdef __cplusplus
-}
-#endif
-
-#endif
+++ /dev/null
-/* crypto/md/md2.org */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-/* WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING
- *
- * Always modify md2.org since md2.h is automatically generated from
- * it during SSLeay configuration.
- *
- * WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING
- */
-
-
-#ifndef HEADER_MD2_H
-#define HEADER_MD2_H
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-#define MD2_DIGEST_LENGTH 16
-#define MD2_BLOCK 16
-
-#define MD2_INT unsigned int
-
-typedef struct MD2state_st
- {
- int num;
- unsigned char data[MD2_BLOCK];
- MD2_INT cksm[MD2_BLOCK];
- MD2_INT state[MD2_BLOCK];
- } MD2_CTX;
-
-#ifndef NOPROTO
-char *MD2_options(void);
-void MD2_Init(MD2_CTX *c);
-void MD2_Update(MD2_CTX *c, register unsigned char *data, unsigned long len);
-void MD2_Final(unsigned char *md, MD2_CTX *c);
-unsigned char *MD2(unsigned char *d, unsigned long n,unsigned char *md);
-#else
-char *MD2_options();
-void MD2_Init();
-void MD2_Update();
-void MD2_Final();
-unsigned char *MD2();
-#endif
-
-#ifdef __cplusplus
-}
-#endif
-
-#endif
+++ /dev/null
-/* crypto/md/md2_dgst.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include "md2.h"
-
-char *MD2_version="MD2 part of SSLeay 0.8.1b 29-Jun-1998";
-
-/* Implemented from RFC1319 The MD2 Message-Digest Algorithm
- */
-
-#define UCHAR unsigned char
-
-#ifndef NOPROTO
-static void md2_block(MD2_CTX *c, unsigned char *d);
-#else
-static void md2_block();
-#endif
-
-/* The magic S table - I have converted it to hex since it is
- * basicaly just a random byte string. */
-static MD2_INT S[256]={
- 0x29, 0x2E, 0x43, 0xC9, 0xA2, 0xD8, 0x7C, 0x01,
- 0x3D, 0x36, 0x54, 0xA1, 0xEC, 0xF0, 0x06, 0x13,
- 0x62, 0xA7, 0x05, 0xF3, 0xC0, 0xC7, 0x73, 0x8C,
- 0x98, 0x93, 0x2B, 0xD9, 0xBC, 0x4C, 0x82, 0xCA,
- 0x1E, 0x9B, 0x57, 0x3C, 0xFD, 0xD4, 0xE0, 0x16,
- 0x67, 0x42, 0x6F, 0x18, 0x8A, 0x17, 0xE5, 0x12,
- 0xBE, 0x4E, 0xC4, 0xD6, 0xDA, 0x9E, 0xDE, 0x49,
- 0xA0, 0xFB, 0xF5, 0x8E, 0xBB, 0x2F, 0xEE, 0x7A,
- 0xA9, 0x68, 0x79, 0x91, 0x15, 0xB2, 0x07, 0x3F,
- 0x94, 0xC2, 0x10, 0x89, 0x0B, 0x22, 0x5F, 0x21,
- 0x80, 0x7F, 0x5D, 0x9A, 0x5A, 0x90, 0x32, 0x27,
- 0x35, 0x3E, 0xCC, 0xE7, 0xBF, 0xF7, 0x97, 0x03,
- 0xFF, 0x19, 0x30, 0xB3, 0x48, 0xA5, 0xB5, 0xD1,
- 0xD7, 0x5E, 0x92, 0x2A, 0xAC, 0x56, 0xAA, 0xC6,
- 0x4F, 0xB8, 0x38, 0xD2, 0x96, 0xA4, 0x7D, 0xB6,
- 0x76, 0xFC, 0x6B, 0xE2, 0x9C, 0x74, 0x04, 0xF1,
- 0x45, 0x9D, 0x70, 0x59, 0x64, 0x71, 0x87, 0x20,
- 0x86, 0x5B, 0xCF, 0x65, 0xE6, 0x2D, 0xA8, 0x02,
- 0x1B, 0x60, 0x25, 0xAD, 0xAE, 0xB0, 0xB9, 0xF6,
- 0x1C, 0x46, 0x61, 0x69, 0x34, 0x40, 0x7E, 0x0F,
- 0x55, 0x47, 0xA3, 0x23, 0xDD, 0x51, 0xAF, 0x3A,
- 0xC3, 0x5C, 0xF9, 0xCE, 0xBA, 0xC5, 0xEA, 0x26,
- 0x2C, 0x53, 0x0D, 0x6E, 0x85, 0x28, 0x84, 0x09,
- 0xD3, 0xDF, 0xCD, 0xF4, 0x41, 0x81, 0x4D, 0x52,
- 0x6A, 0xDC, 0x37, 0xC8, 0x6C, 0xC1, 0xAB, 0xFA,
- 0x24, 0xE1, 0x7B, 0x08, 0x0C, 0xBD, 0xB1, 0x4A,
- 0x78, 0x88, 0x95, 0x8B, 0xE3, 0x63, 0xE8, 0x6D,
- 0xE9, 0xCB, 0xD5, 0xFE, 0x3B, 0x00, 0x1D, 0x39,
- 0xF2, 0xEF, 0xB7, 0x0E, 0x66, 0x58, 0xD0, 0xE4,
- 0xA6, 0x77, 0x72, 0xF8, 0xEB, 0x75, 0x4B, 0x0A,
- 0x31, 0x44, 0x50, 0xB4, 0x8F, 0xED, 0x1F, 0x1A,
- 0xDB, 0x99, 0x8D, 0x33, 0x9F, 0x11, 0x83, 0x14,
- };
-
-char *MD2_options()
- {
- if (sizeof(MD2_INT) == 1)
- return("md2(char)");
- else
- return("md2(int)");
- }
-
-void MD2_Init(c)
-MD2_CTX *c;
- {
- c->num=0;
- memset(c->state,0,MD2_BLOCK*sizeof(MD2_INT));
- memset(c->cksm,0,MD2_BLOCK*sizeof(MD2_INT));
- memset(c->data,0,MD2_BLOCK);
- }
-
-void MD2_Update(c, data, len)
-MD2_CTX *c;
-register unsigned char *data;
-unsigned long len;
- {
- register UCHAR *p;
-
- if (len == 0) return;
-
- p=c->data;
- if (c->num != 0)
- {
- if ((c->num+len) >= MD2_BLOCK)
- {
- memcpy(&(p[c->num]),data,MD2_BLOCK-c->num);
- md2_block(c,c->data);
- data+=(MD2_BLOCK - c->num);
- len-=(MD2_BLOCK - c->num);
- c->num=0;
- /* drop through and do the rest */
- }
- else
- {
- memcpy(&(p[c->num]),data,(int)len);
- /* data+=len; */
- c->num+=(int)len;
- return;
- }
- }
- /* we now can process the input data in blocks of MD2_BLOCK
- * chars and save the leftovers to c->data. */
- while (len >= MD2_BLOCK)
- {
- md2_block(c,data);
- data+=MD2_BLOCK;
- len-=MD2_BLOCK;
- }
- memcpy(p,data,(int)len);
- c->num=(int)len;
- }
-
-static void md2_block(c, d)
-MD2_CTX *c;
-unsigned char *d;
- {
- register MD2_INT t,*sp1,*sp2;
- register int i,j;
- MD2_INT state[48];
-
- sp1=c->state;
- sp2=c->cksm;
- j=sp2[MD2_BLOCK-1];
- for (i=0; i<16; i++)
- {
- state[i]=sp1[i];
- state[i+16]=t=d[i];
- state[i+32]=(t^sp1[i]);
- j=sp2[i]^=S[t^j];
- }
- t=0;
- for (i=0; i<18; i++)
- {
- for (j=0; j<48; j+=8)
- {
- t= state[j+ 0]^=S[t];
- t= state[j+ 1]^=S[t];
- t= state[j+ 2]^=S[t];
- t= state[j+ 3]^=S[t];
- t= state[j+ 4]^=S[t];
- t= state[j+ 5]^=S[t];
- t= state[j+ 6]^=S[t];
- t= state[j+ 7]^=S[t];
- }
- t=(t+i)&0xff;
- }
- memcpy(sp1,state,16*sizeof(MD2_INT));
- memset(state,0,48*sizeof(MD2_INT));
- }
-
-void MD2_Final(md, c)
-unsigned char *md;
-MD2_CTX *c;
- {
- int i,v;
- register UCHAR *cp;
- register MD2_INT *p1,*p2;
-
- cp=c->data;
- p1=c->state;
- p2=c->cksm;
- v=MD2_BLOCK-c->num;
- for (i=c->num; i<MD2_BLOCK; i++)
- cp[i]=(UCHAR)v;
-
- md2_block(c,cp);
-
- for (i=0; i<MD2_BLOCK; i++)
- cp[i]=(UCHAR)p2[i];
- md2_block(c,cp);
-
- for (i=0; i<16; i++)
- md[i]=(UCHAR)(p1[i]&0xff);
- memset((char *)&c,0,sizeof(c));
- }
-
+++ /dev/null
-/* crypto/md/md2_one.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include "md2.h"
-
-/* This is a separate file so that #defines in cryptlib.h can
- * map my MD functions to different names */
-
-unsigned char *MD2(d, n, md)
-unsigned char *d;
-unsigned long n;
-unsigned char *md;
- {
- MD2_CTX c;
- static unsigned char m[MD2_DIGEST_LENGTH];
-
- if (md == NULL) md=m;
- MD2_Init(&c);
- MD2_Update(&c,d,n);
- MD2_Final(md,&c);
- memset(&c,0,sizeof(c)); /* Security consideration */
- return(md);
- }
+++ /dev/null
-/* crypto/md/md2test.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include "md2.h"
-
-char *test[]={
- "",
- "a",
- "abc",
- "message digest",
- "abcdefghijklmnopqrstuvwxyz",
- "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789",
- "12345678901234567890123456789012345678901234567890123456789012345678901234567890",
- NULL,
- };
-
-char *ret[]={
- "8350e5a3e24c153df2275c9f80692773",
- "32ec01ec4a6dac72c0ab96fb34c0b5d1",
- "da853b0d3f88d99b30283a69e6ded6bb",
- "ab4f496bfb2a530b219ff33031fe06b0",
- "4e8ddff3650292ab5a4108c3aa47940b",
- "da33def2a42df13975352846c30338cd",
- "d5976f79d83d3a0dc9806c3c66f3efd8",
- };
-
-#ifndef NOPROTO
-static char *pt(unsigned char *md);
-#else
-static char *pt();
-#endif
-
-int main(argc,argv)
-int argc;
-char *argv[];
- {
- int i,err=0;
- char **P,**R;
- char *p;
-
- P=test;
- R=ret;
- i=1;
- while (*P != NULL)
- {
- p=pt(MD2((unsigned char *)*P,(unsigned long)strlen(*P),NULL));
- if (strcmp(p,*R) != 0)
- {
- printf("error calculating MD2 on '%s'\n",*P);
- printf("got %s instead of %s\n",p,*R);
- err++;
- }
- else
- printf("test %d ok\n",i);
- i++;
- R++;
- P++;
- }
- exit(err);
- return(0);
- }
-
-static char *pt(md)
-unsigned char *md;
- {
- int i;
- static char buf[80];
-
- for (i=0; i<MD2_DIGEST_LENGTH; i++)
- sprintf(&(buf[i*2]),"%02x",md[i]);
- return(buf);
- }
+++ /dev/null
-/* crypto/md/md5.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include "md5.h"
-
-#define BUFSIZE 1024*16
-
-#ifndef NOPROTO
-void do_fp(FILE *f);
-void pt(unsigned char *md);
-int read(int, void *, unsigned int);
-#else
-void do_fp();
-void pt();
-int read();
-#endif
-
-int main(argc, argv)
-int argc;
-char **argv;
- {
- int i,err=0;
- FILE *IN;
-
- if (argc == 1)
- {
- do_fp(stdin);
- }
- else
- {
- for (i=1; i<argc; i++)
- {
- IN=fopen(argv[i],"r");
- if (IN == NULL)
- {
- perror(argv[i]);
- err++;
- continue;
- }
- printf("MD5(%s)= ",argv[i]);
- do_fp(IN);
- fclose(IN);
- }
- }
- exit(err);
- }
-
-void do_fp(f)
-FILE *f;
- {
- MD5_CTX c;
- unsigned char md[MD5_DIGEST_LENGTH];
- int fd;
- int i;
- static unsigned char buf[BUFSIZE];
-
- fd=fileno(f);
- MD5_Init(&c);
- for (;;)
- {
- i=read(fd,buf,BUFSIZE);
- if (i <= 0) break;
- MD5_Update(&c,buf,(unsigned long)i);
- }
- MD5_Final(&(md[0]),&c);
- pt(md);
- }
-
-void pt(md)
-unsigned char *md;
- {
- int i;
-
- for (i=0; i<MD5_DIGEST_LENGTH; i++)
- printf("%02x",md[i]);
- printf("\n");
- }
-
+++ /dev/null
-/* crypto/md/md5.h */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef HEADER_MD5_H
-#define HEADER_MD5_H
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-#define MD5_CBLOCK 64
-#define MD5_LBLOCK 16
-#define MD5_BLOCK 16
-#define MD5_LAST_BLOCK 56
-#define MD5_LENGTH_BLOCK 8
-#define MD5_DIGEST_LENGTH 16
-
-typedef struct MD5state_st
- {
- unsigned long A,B,C,D;
- unsigned long Nl,Nh;
- unsigned long data[MD5_LBLOCK];
- int num;
- } MD5_CTX;
-
-#ifndef NOPROTO
-void MD5_Init(MD5_CTX *c);
-void MD5_Update(MD5_CTX *c, unsigned char *data, unsigned long len);
-void MD5_Final(unsigned char *md, MD5_CTX *c);
-unsigned char *MD5(unsigned char *d, unsigned long n, unsigned char *md);
-#else
-void MD5_Init();
-void MD5_Update();
-void MD5_Final();
-unsigned char *MD5();
-#endif
-
-#ifdef __cplusplus
-}
-#endif
-
-#endif
+++ /dev/null
-/* crypto/md/md5_dgst.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "md5_locl.h"
-
-char *MD5_version="MD5 part of SSLeay 0.8.1b 29-Jun-1998";
-
-/* Implemented from RFC1321 The MD5 Message-Digest Algorithm
- */
-
-#define INIT_DATA_A (unsigned long)0x67452301L
-#define INIT_DATA_B (unsigned long)0xefcdab89L
-#define INIT_DATA_C (unsigned long)0x98badcfeL
-#define INIT_DATA_D (unsigned long)0x10325476L
-
-#ifndef NOPROTO
-static void md5_block(MD5_CTX *c, unsigned long *p);
-#else
-static void md5_block();
-#endif
-
-void MD5_Init(c)
-MD5_CTX *c;
- {
- c->A=INIT_DATA_A;
- c->B=INIT_DATA_B;
- c->C=INIT_DATA_C;
- c->D=INIT_DATA_D;
- c->Nl=0;
- c->Nh=0;
- c->num=0;
- }
-
-void MD5_Update(c, data, len)
-MD5_CTX *c;
-register unsigned char *data;
-unsigned long len;
- {
- register ULONG *p;
- int sw,sc;
- ULONG l;
-
- if (len == 0) return;
-
- l=(c->Nl+(len<<3))&0xffffffffL;
- /* 95-05-24 eay Fixed a bug with the overflow handling, thanks to
- * Wei Dai <weidai@eskimo.com> for pointing it out. */
- if (l < c->Nl) /* overflow */
- c->Nh++;
- c->Nh+=(len>>29);
- c->Nl=l;
-
- if (c->num != 0)
- {
- p=c->data;
- sw=c->num>>2;
- sc=c->num&0x03;
-
- if ((c->num+len) >= MD5_CBLOCK)
- {
- l= p[sw];
- p_c2l(data,l,sc);
- p[sw++]=l;
- for (; sw<MD5_LBLOCK; sw++)
- {
- c2l(data,l);
- p[sw]=l;
- }
- len-=(MD5_CBLOCK-c->num);
-
- md5_block(c,p);
- c->num=0;
- /* drop through and do the rest */
- }
- else
- {
- int ew,ec;
-
- c->num+=(int)len;
- if ((sc+len) < 4) /* ugly, add char's to a word */
- {
- l= p[sw];
- p_c2l_p(data,l,sc,len);
- p[sw]=l;
- }
- else
- {
- ew=(c->num>>2);
- ec=(c->num&0x03);
- l= p[sw];
- p_c2l(data,l,sc);
- p[sw++]=l;
- for (; sw < ew; sw++)
- { c2l(data,l); p[sw]=l; }
- if (ec)
- {
- c2l_p(data,l,ec);
- p[sw]=l;
- }
- }
- return;
- }
- }
- /* we now can process the input data in blocks of MD5_CBLOCK
- * chars and save the leftovers to c->data. */
- p=c->data;
- while (len >= MD5_CBLOCK)
- {
-#if defined(L_ENDIAN) || defined(B_ENDIAN)
- memcpy(p,data,MD5_CBLOCK);
- data+=MD5_CBLOCK;
-#ifdef B_ENDIAN
- for (sw=(MD5_LBLOCK/4); sw; sw--)
- {
- Endian_Reverse32(p[0]);
- Endian_Reverse32(p[1]);
- Endian_Reverse32(p[2]);
- Endian_Reverse32(p[3]);
- p+=4;
- }
-#endif
-#else
- for (sw=(MD5_LBLOCK/4); sw; sw--)
- {
- c2l(data,l); *(p++)=l;
- c2l(data,l); *(p++)=l;
- c2l(data,l); *(p++)=l;
- c2l(data,l); *(p++)=l;
- }
-#endif
- p=c->data;
- md5_block(c,p);
- len-=MD5_CBLOCK;
- }
- sc=(int)len;
- c->num=sc;
- if (sc)
- {
- sw=sc>>2; /* words to copy */
-#ifdef L_ENDIAN
- p[sw]=0;
- memcpy(p,data,sc);
-#else
- sc&=0x03;
- for ( ; sw; sw--)
- { c2l(data,l); *(p++)=l; }
- c2l_p(data,l,sc);
- *p=l;
-#endif
- }
- }
-
-static void md5_block(c, X)
-MD5_CTX *c;
-register ULONG *X;
- {
- register ULONG A,B,C,D;
-
- A=c->A;
- B=c->B;
- C=c->C;
- D=c->D;
-
- /* Round 0 */
- R0(A,B,C,D,X[ 0], 7,0xd76aa478L);
- R0(D,A,B,C,X[ 1],12,0xe8c7b756L);
- R0(C,D,A,B,X[ 2],17,0x242070dbL);
- R0(B,C,D,A,X[ 3],22,0xc1bdceeeL);
- R0(A,B,C,D,X[ 4], 7,0xf57c0fafL);
- R0(D,A,B,C,X[ 5],12,0x4787c62aL);
- R0(C,D,A,B,X[ 6],17,0xa8304613L);
- R0(B,C,D,A,X[ 7],22,0xfd469501L);
- R0(A,B,C,D,X[ 8], 7,0x698098d8L);
- R0(D,A,B,C,X[ 9],12,0x8b44f7afL);
- R0(C,D,A,B,X[10],17,0xffff5bb1L);
- R0(B,C,D,A,X[11],22,0x895cd7beL);
- R0(A,B,C,D,X[12], 7,0x6b901122L);
- R0(D,A,B,C,X[13],12,0xfd987193L);
- R0(C,D,A,B,X[14],17,0xa679438eL);
- R0(B,C,D,A,X[15],22,0x49b40821L);
- /* Round 1 */
- R1(A,B,C,D,X[ 1], 5,0xf61e2562L);
- R1(D,A,B,C,X[ 6], 9,0xc040b340L);
- R1(C,D,A,B,X[11],14,0x265e5a51L);
- R1(B,C,D,A,X[ 0],20,0xe9b6c7aaL);
- R1(A,B,C,D,X[ 5], 5,0xd62f105dL);
- R1(D,A,B,C,X[10], 9,0x02441453L);
- R1(C,D,A,B,X[15],14,0xd8a1e681L);
- R1(B,C,D,A,X[ 4],20,0xe7d3fbc8L);
- R1(A,B,C,D,X[ 9], 5,0x21e1cde6L);
- R1(D,A,B,C,X[14], 9,0xc33707d6L);
- R1(C,D,A,B,X[ 3],14,0xf4d50d87L);
- R1(B,C,D,A,X[ 8],20,0x455a14edL);
- R1(A,B,C,D,X[13], 5,0xa9e3e905L);
- R1(D,A,B,C,X[ 2], 9,0xfcefa3f8L);
- R1(C,D,A,B,X[ 7],14,0x676f02d9L);
- R1(B,C,D,A,X[12],20,0x8d2a4c8aL);
- /* Round 2 */
- R2(A,B,C,D,X[ 5], 4,0xfffa3942L);
- R2(D,A,B,C,X[ 8],11,0x8771f681L);
- R2(C,D,A,B,X[11],16,0x6d9d6122L);
- R2(B,C,D,A,X[14],23,0xfde5380cL);
- R2(A,B,C,D,X[ 1], 4,0xa4beea44L);
- R2(D,A,B,C,X[ 4],11,0x4bdecfa9L);
- R2(C,D,A,B,X[ 7],16,0xf6bb4b60L);
- R2(B,C,D,A,X[10],23,0xbebfbc70L);
- R2(A,B,C,D,X[13], 4,0x289b7ec6L);
- R2(D,A,B,C,X[ 0],11,0xeaa127faL);
- R2(C,D,A,B,X[ 3],16,0xd4ef3085L);
- R2(B,C,D,A,X[ 6],23,0x04881d05L);
- R2(A,B,C,D,X[ 9], 4,0xd9d4d039L);
- R2(D,A,B,C,X[12],11,0xe6db99e5L);
- R2(C,D,A,B,X[15],16,0x1fa27cf8L);
- R2(B,C,D,A,X[ 2],23,0xc4ac5665L);
- /* Round 3 */
- R3(A,B,C,D,X[ 0], 6,0xf4292244L);
- R3(D,A,B,C,X[ 7],10,0x432aff97L);
- R3(C,D,A,B,X[14],15,0xab9423a7L);
- R3(B,C,D,A,X[ 5],21,0xfc93a039L);
- R3(A,B,C,D,X[12], 6,0x655b59c3L);
- R3(D,A,B,C,X[ 3],10,0x8f0ccc92L);
- R3(C,D,A,B,X[10],15,0xffeff47dL);
- R3(B,C,D,A,X[ 1],21,0x85845dd1L);
- R3(A,B,C,D,X[ 8], 6,0x6fa87e4fL);
- R3(D,A,B,C,X[15],10,0xfe2ce6e0L);
- R3(C,D,A,B,X[ 6],15,0xa3014314L);
- R3(B,C,D,A,X[13],21,0x4e0811a1L);
- R3(A,B,C,D,X[ 4], 6,0xf7537e82L);
- R3(D,A,B,C,X[11],10,0xbd3af235L);
- R3(C,D,A,B,X[ 2],15,0x2ad7d2bbL);
- R3(B,C,D,A,X[ 9],21,0xeb86d391L);
-
- c->A+=A&0xffffffffL;
- c->B+=B&0xffffffffL;
- c->C+=C&0xffffffffL;
- c->D+=D&0xffffffffL;
- }
-
-void MD5_Final(md, c)
-unsigned char *md;
-MD5_CTX *c;
- {
- register int i,j;
- register ULONG l;
- register ULONG *p;
- static unsigned char end[4]={0x80,0x00,0x00,0x00};
- unsigned char *cp=end;
-
- /* c->num should definitly have room for at least one more byte. */
- p=c->data;
- j=c->num;
- i=j>>2;
-
- /* purify often complains about the following line as an
- * Uninitialized Memory Read. While this can be true, the
- * following p_c2l macro will reset l when that case is true.
- * This is because j&0x03 contains the number of 'valid' bytes
- * already in p[i]. If and only if j&0x03 == 0, the UMR will
- * occur but this is also the only time p_c2l will do
- * l= *(cp++) instead of l|= *(cp++)
- * Many thanks to Alex Tang <altitude@cic.net> for pickup this
- * 'potential bug' */
-#ifdef PURIFY
- if ((j&0x03) == 0) p[i]=0;
-#endif
- l=p[i];
- p_c2l(cp,l,j&0x03);
- p[i]=l;
- i++;
- /* i is the next 'undefined word' */
- if (c->num >= MD5_LAST_BLOCK)
- {
- for (; i<MD5_LBLOCK; i++)
- p[i]=0;
- md5_block(c,p);
- i=0;
- }
- for (; i<(MD5_LBLOCK-2); i++)
- p[i]=0;
- p[MD5_LBLOCK-2]=c->Nl;
- p[MD5_LBLOCK-1]=c->Nh;
- md5_block(c,p);
- cp=md;
- l=c->A; l2c(l,cp);
- l=c->B; l2c(l,cp);
- l=c->C; l2c(l,cp);
- l=c->D; l2c(l,cp);
-
- /* clear stuff, md5_block may be leaving some stuff on the stack
- * but I'm not worried :-) */
- c->num=0;
-/* memset((char *)&c,0,sizeof(c));*/
- }
-
-#ifdef undef
-int printit(l)
-unsigned long *l;
- {
- int i,ii;
-
- for (i=0; i<2; i++)
- {
- for (ii=0; ii<8; ii++)
- {
- fprintf(stderr,"%08lx ",l[i*8+ii]);
- }
- fprintf(stderr,"\n");
- }
- }
-#endif
+++ /dev/null
-/* crypto/md/md5_locl.h */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdlib.h>
-#include <string.h>
-#include "md5.h"
-
-#define ULONG unsigned long
-#define UCHAR unsigned char
-#define UINT unsigned int
-
-#if defined(NOCONST)
-#define const
-#endif
-
-#undef c2l
-#define c2l(c,l) (l = ((unsigned long)(*((c)++))) , \
- l|=(((unsigned long)(*((c)++)))<< 8), \
- l|=(((unsigned long)(*((c)++)))<<16), \
- l|=(((unsigned long)(*((c)++)))<<24))
-
-#undef p_c2l
-#define p_c2l(c,l,n) { \
- switch (n) { \
- case 0: l =((unsigned long)(*((c)++))); \
- case 1: l|=((unsigned long)(*((c)++)))<< 8; \
- case 2: l|=((unsigned long)(*((c)++)))<<16; \
- case 3: l|=((unsigned long)(*((c)++)))<<24; \
- } \
- }
-
-/* NOTE the pointer is not incremented at the end of this */
-#undef c2l_p
-#define c2l_p(c,l,n) { \
- l=0; \
- (c)+=n; \
- switch (n) { \
- case 3: l =((unsigned long)(*(--(c))))<<16; \
- case 2: l|=((unsigned long)(*(--(c))))<< 8; \
- case 1: l|=((unsigned long)(*(--(c)))) ; \
- } \
- }
-
-#undef p_c2l_p
-#define p_c2l_p(c,l,sc,len) { \
- switch (sc) \
- { \
- case 0: l =((unsigned long)(*((c)++))); \
- if (--len == 0) break; \
- case 1: l|=((unsigned long)(*((c)++)))<< 8; \
- if (--len == 0) break; \
- case 2: l|=((unsigned long)(*((c)++)))<<16; \
- } \
- }
-
-#undef l2c
-#define l2c(l,c) (*((c)++)=(unsigned char)(((l) )&0xff), \
- *((c)++)=(unsigned char)(((l)>> 8)&0xff), \
- *((c)++)=(unsigned char)(((l)>>16)&0xff), \
- *((c)++)=(unsigned char)(((l)>>24)&0xff))
-
-/* NOTE - c is not incremented as per l2c */
-#undef l2cn
-#define l2cn(l1,l2,c,n) { \
- c+=n; \
- switch (n) { \
- case 8: *(--(c))=(unsigned char)(((l2)>>24)&0xff); \
- case 7: *(--(c))=(unsigned char)(((l2)>>16)&0xff); \
- case 6: *(--(c))=(unsigned char)(((l2)>> 8)&0xff); \
- case 5: *(--(c))=(unsigned char)(((l2) )&0xff); \
- case 4: *(--(c))=(unsigned char)(((l1)>>24)&0xff); \
- case 3: *(--(c))=(unsigned char)(((l1)>>16)&0xff); \
- case 2: *(--(c))=(unsigned char)(((l1)>> 8)&0xff); \
- case 1: *(--(c))=(unsigned char)(((l1) )&0xff); \
- } \
- }
-
-/* A nice byte order reversal from Wei Dai <weidai@eskimo.com> */
-#if defined(WIN32)
-/* 5 instructions with rotate instruction, else 9 */
-#define Endian_Reverse32(a) \
- { \
- unsigned long l=(a); \
- (a)=((ROTATE(l,8)&0x00FF00FF)|(ROTATE(l,24)&0xFF00FF00)); \
- }
-#else
-/* 6 instructions with rotate instruction, else 8 */
-#define Endian_Reverse32(a) \
- { \
- unsigned long l=(a); \
- l=(((l&0xFF00FF00)>>8L)|((l&0x00FF00FF)<<8L)); \
- (a)=ROTATE(l,16L); \
- }
-#endif
-/*
-#define F(x,y,z) (((x) & (y)) | ((~(x)) & (z)))
-#define G(x,y,z) (((x) & (z)) | ((y) & (~(z))))
-*/
-
-/* As pointed out by Wei Dai <weidai@eskimo.com>, the above can be
- * simplified to the code below. Wei attributes these optimisations
- * to Peter Gutmann's SHS code, and he attributes it to Rich Schroeppel.
- */
-#define F(x,y,z) ((((y) ^ (z)) & (x)) ^ (z))
-#define G(x,y,z) ((((x) ^ (y)) & (z)) ^ (y))
-#define H(x,y,z) ((x) ^ (y) ^ (z))
-#define I(x,y,z) (((x) | (~(z))) ^ (y))
-
-#undef ROTATE
-#if defined(WIN32)
-#define ROTATE(a,n) _lrotl(a,n)
-#else
-#define ROTATE(a,n) (((a)<<(n))|(((a)&0xffffffff)>>(32-(n))))
-#endif
-
-
-#define R0(a,b,c,d,k,s,t) { \
- a+=((k)+(t)+F((b),(c),(d))); \
- a=ROTATE(a,s); \
- a+=b; };\
-
-#define R1(a,b,c,d,k,s,t) { \
- a+=((k)+(t)+G((b),(c),(d))); \
- a=ROTATE(a,s); \
- a+=b; };
-
-#define R2(a,b,c,d,k,s,t) { \
- a+=((k)+(t)+H((b),(c),(d))); \
- a=ROTATE(a,s); \
- a+=b; };
-
-#define R3(a,b,c,d,k,s,t) { \
- a+=((k)+(t)+I((b),(c),(d))); \
- a=ROTATE(a,s); \
- a+=b; };
+++ /dev/null
-/* crypto/md/md5_one.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include "md5_locl.h"
-
-unsigned char *MD5(d, n, md)
-unsigned char *d;
-unsigned long n;
-unsigned char *md;
- {
- MD5_CTX c;
- static unsigned char m[MD5_DIGEST_LENGTH];
-
- if (md == NULL) md=m;
- MD5_Init(&c);
- MD5_Update(&c,d,n);
- MD5_Final(md,&c);
- memset(&c,0,sizeof(c)); /* security consideration */
- return(md);
- }
-
+++ /dev/null
-/* crypto/md/md5test.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <string.h>
-#include <stdlib.h>
-#include "md5.h"
-
-char *test[]={
- "",
- "a",
- "abc",
- "message digest",
- "abcdefghijklmnopqrstuvwxyz",
- "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789",
- "12345678901234567890123456789012345678901234567890123456789012345678901234567890",
- NULL,
- };
-
-char *ret[]={
- "d41d8cd98f00b204e9800998ecf8427e",
- "0cc175b9c0f1b6a831c399e269772661",
- "900150983cd24fb0d6963f7d28e17f72",
- "f96b697d7cb7938d525a2f31aaf161d0",
- "c3fcd3d76192e4007dfb496cca67e13b",
- "d174ab98d277d9f5a5611c2c9f419d9f",
- "57edf4a22be3c955ac49da2e2107b67a",
- };
-
-#ifndef NOPROTO
-static char *pt(unsigned char *md);
-#else
-static char *pt();
-#endif
-
-int main(argc,argv)
-int argc;
-char *argv[];
- {
- int i,err=0;
- unsigned char **P,**R;
- char *p;
-
- P=(unsigned char **)test;
- R=(unsigned char **)ret;
- i=1;
- while (*P != NULL)
- {
- p=pt(MD5(*P,(unsigned long)strlen((char *)*P),NULL));
- if (strcmp(p,(char *)*R) != 0)
- {
- printf("error calculating MD5 on '%s'\n",*P);
- printf("got %s instead of %s\n",p,*R);
- err++;
- }
- else
- printf("test %d ok\n",i);
- i++;
- R++;
- P++;
- }
- exit(err);
- return(0);
- }
-
-static char *pt(md)
-unsigned char *md;
- {
- int i;
- static char buf[80];
-
- for (i=0; i<MD5_DIGEST_LENGTH; i++)
- sprintf(&(buf[i*2]),"%02x",md[i]);
- return(buf);
- }
+++ /dev/null
-/* crypto/rsa/rsa_enc.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include "bn.h"
-#include "rsa.h"
-#include "rand.h"
-
-#ifndef NOPROTO
-static int RSA_eay_public_encrypt(int flen, unsigned char *from,
- unsigned char *to, RSA *rsa,int padding);
-static int RSA_eay_private_encrypt(int flen, unsigned char *from,
- unsigned char *to, RSA *rsa,int padding);
-static int RSA_eay_public_decrypt(int flen, unsigned char *from,
- unsigned char *to, RSA *rsa,int padding);
-static int RSA_eay_private_decrypt(int flen, unsigned char *from,
- unsigned char *to, RSA *rsa,int padding);
-static int RSA_eay_mod_exp(BIGNUM *r0, BIGNUM *i, RSA *rsa);
-#else
-static int RSA_eay_public_encrypt();
-static int RSA_eay_private_encrypt();
-static int RSA_eay_public_decrypt();
-static int RSA_eay_private_decrypt();
-static int RSA_eay_mod_exp();
-#endif
-
-static RSA_METHOD rsa_pkcs1_eay_meth={
- "Eric Young's PKCS#1 RSA",
- RSA_eay_public_encrypt,
- RSA_eay_public_decrypt,
- RSA_eay_private_encrypt,
- RSA_eay_private_decrypt,
- RSA_eay_mod_exp,
- BN_mod_exp,
- NULL,
- NULL,
- };
-
-RSA_METHOD *RSA_PKCS1_SSLeay()
- {
- return(&rsa_pkcs1_eay_meth);
- }
-
-static int RSA_eay_public_encrypt(flen, from, to, rsa, padding)
-int flen;
-unsigned char *from;
-unsigned char *to;
-RSA *rsa;
-int padding;
- {
- BIGNUM *f=NULL,*ret=NULL;
- int i,j,k,num=0,r= -1;
- unsigned char *p;
- unsigned char *buf=NULL;
- BN_CTX *ctx=NULL;
-
- if ( (padding != RSA_PKCS1_PADDING) &&
- (padding != RSA_SSLV23_PADDING))
- {
- RSAerr(RSA_F_RSA_EAY_PUBLIC_ENCRYPT,RSA_R_UNKNOWN_PADDING_TYPE);
- goto err;
- }
-
- ctx=BN_CTX_new();
- if (ctx == NULL) goto err;
-
- num=BN_num_bytes(rsa->n);
- if (flen > (num-11))
- {
- RSAerr(RSA_F_RSA_EAY_PUBLIC_ENCRYPT,RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE);
- goto err;
- }
-
- buf=(unsigned char *)Malloc(num);
- if (buf == NULL)
- {
- RSAerr(RSA_F_RSA_EAY_PUBLIC_ENCRYPT,ERR_R_MALLOC_FAILURE);
- goto err;
- }
- p=(unsigned char *)buf;
-
- *(p++)=0;
- *(p++)=2; /* Public Key BT (Block Type) */
-
- /* pad out with non-zero random data */
- j=num-3-flen;
-
- RAND_bytes(p,j);
- for (i=0; i<j; i++)
- {
- if (*p == '\0')
- do {
- RAND_bytes(p,1);
- } while (*p == '\0');
- p++;
- }
-
- if (padding == RSA_SSLV23_PADDING)
- memset(&(p[-8]),3,8);
-
- *(p++)='\0';
-
- memcpy(p,from,(unsigned int)flen);
-
- f=BN_new();
- ret=BN_new();
- if ((f == NULL) || (ret == NULL)) goto err;
-
- if (BN_bin2bn(buf,num,f) == NULL) goto err;
- if (!rsa->meth->bn_mod_exp(ret,f,rsa->e,rsa->n,ctx)) goto err;
-
- /* put in leading 0 bytes if the number is less than the
- * length of the modulus */
- j=BN_num_bytes(ret);
- i=BN_bn2bin(ret,&(to[num-j]));
- for (k=0; k<(num-i); k++)
- to[k]=0;
-
- r=num;
-err:
- if (ctx != NULL) BN_CTX_free(ctx);
- if (f != NULL) BN_free(f);
- if (ret != NULL) BN_free(ret);
- if (buf != NULL)
- {
- memset(buf,0,num);
- Free(buf);
- }
- return(r);
- }
-
-static int RSA_eay_private_encrypt(flen, from, to, rsa, padding)
-int flen;
-unsigned char *from;
-unsigned char *to;
-RSA *rsa;
-int padding;
- {
- BIGNUM *f=NULL,*ret=NULL;
- int i,j,k,num=0,r= -1;
- unsigned char *p;
- unsigned char *buf=NULL;
- BN_CTX *ctx=NULL;
-
- if (padding != RSA_PKCS1_PADDING)
- {
- RSAerr(RSA_F_RSA_EAY_PRIVATE_ENCRYPT,RSA_R_UNKNOWN_PADDING_TYPE);
- goto err;
- }
-
- ctx=BN_CTX_new();
- if (ctx == NULL) goto err;
-
- num=BN_num_bytes(rsa->n);
- if (flen > (num-11))
- {
- RSAerr(RSA_F_RSA_EAY_PRIVATE_ENCRYPT,RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE);
- goto err;
- }
- buf=(unsigned char *)Malloc(num);
- if (buf == NULL)
- {
- RSAerr(RSA_F_RSA_EAY_PRIVATE_ENCRYPT,ERR_R_MALLOC_FAILURE);
- goto err;
- }
- p=buf;
-
- *(p++)=0;
- *(p++)=1; /* Private Key BT (Block Type) */
-
- /* padd out with 0xff data */
- j=num-3-flen;
- for (i=0; i<j; i++)
- *(p++)=0xff;
- *(p++)='\0';
- memcpy(p,from,(unsigned int)flen);
- ret=BN_new();
- f=BN_new();
- if ((ret == NULL) || (f == NULL)) goto err;
- if (BN_bin2bn(buf,num,f) == NULL) goto err;
- if ( (rsa->p != NULL) &&
- (rsa->q != NULL) &&
- (rsa->dmp1 != NULL) &&
- (rsa->dmq1 != NULL) &&
- (rsa->iqmp != NULL))
- { if (!rsa->meth->rsa_mod_exp(ret,f,rsa)) goto err; }
- else
- { if (!rsa->meth->bn_mod_exp(ret,f,rsa->d,rsa->n,ctx)) goto err; }
-
- p=buf;
- BN_bn2bin(ret,p);
-
- /* put in leading 0 bytes if the number is less than the
- * length of the modulus */
- j=BN_num_bytes(ret);
- i=BN_bn2bin(ret,&(to[num-j]));
- for (k=0; k<(num-i); k++)
- to[k]=0;
-
- r=num;
-err:
- if (ctx != NULL) BN_CTX_free(ctx);
- if (ret != NULL) BN_free(ret);
- if (f != NULL) BN_free(f);
- if (buf != NULL)
- {
- memset(buf,0,num);
- Free(buf);
- }
- return(r);
- }
-
-static int RSA_eay_private_decrypt(flen, from, to, rsa,padding)
-int flen;
-unsigned char *from;
-unsigned char *to;
-RSA *rsa;
-int padding;
- {
- BIGNUM *f=NULL,*ret=NULL;
- int i,j,num=0,r= -1;
- unsigned char *p;
- unsigned char *buf=NULL;
- BN_CTX *ctx=NULL;
-
- if ((padding != RSA_PKCS1_PADDING) && (padding != RSA_SSLV23_PADDING))
- {
- RSAerr(RSA_F_RSA_EAY_PRIVATE_DECRYPT,RSA_R_UNKNOWN_PADDING_TYPE);
- goto err;
- }
-
- ctx=BN_CTX_new();
- if (ctx == NULL) goto err;
-
- num=BN_num_bytes(rsa->n);
-
- buf=(unsigned char *)Malloc(num);
- if (buf == NULL)
- {
- RSAerr(RSA_F_RSA_EAY_PRIVATE_DECRYPT,ERR_R_MALLOC_FAILURE);
- goto err;
- }
-
- /* This check was for equallity but PGP does evil things
- * and chops off the top '0' bytes */
- if (flen > num)
- {
- RSAerr(RSA_F_RSA_EAY_PRIVATE_DECRYPT,RSA_R_DATA_GREATER_THAN_MOD_LEN);
- goto err;
- }
-
- /* make data into a big number */
- ret=BN_new();
- f=BN_new();
- if ((ret == NULL) || (f == NULL)) goto err;
- if (BN_bin2bn(from,(int)flen,f) == NULL) goto err;
- /* do the decrypt */
- if ( (rsa->p != NULL) &&
- (rsa->q != NULL) &&
- (rsa->dmp1 != NULL) &&
- (rsa->dmq1 != NULL) &&
- (rsa->iqmp != NULL))
- { if (!rsa->meth->rsa_mod_exp(ret,f,rsa)) goto err; }
- else
- { if (!rsa->meth->bn_mod_exp(ret,f,rsa->d,rsa->n,ctx)) goto err; }
-
- p=buf;
- BN_bn2bin(ret,p);
-
- /* BT must be 02 */
- if (*(p++) != 02)
- {
- RSAerr(RSA_F_RSA_EAY_PRIVATE_DECRYPT,RSA_R_BLOCK_TYPE_IS_NOT_02);
- goto err;
- }
-
- /* scan over padding data */
- j=num-2; /* one for type and one for the prepended 0. */
- for (i=0; i<j; i++)
- if (*(p++) == 0) break;
-
- if (i == j)
- {
- RSAerr(RSA_F_RSA_EAY_PRIVATE_DECRYPT,RSA_R_NULL_BEFORE_BLOCK_MISSING);
- goto err;
- }
-
- if (i < 8)
- {
- RSAerr(RSA_F_RSA_EAY_PRIVATE_DECRYPT,RSA_R_BAD_PAD_BYTE_COUNT);
- goto err;
- }
-
-#undef RSA_DEBUG
-#ifdef RSA_DEBUG
- {
- int z;
- unsigned char *q;
- q= &(p[-9]);
- fprintf(stderr,"\n");
- for (z=0; z<8; z++) fprintf(stderr,"%02X",q[z]);
- fprintf(stderr,"\n");
- }
-#endif
-
- if (padding == RSA_SSLV23_PADDING)
- {
- int z;
- unsigned char *q;
-
- /* -9 because we have jumped the '\0' */
- q= &(p[-9]);
- for (z=0; z<8; z++)
- {
- if (*(q++) != 0x03)
- break;
- }
- if (z == 8)
- {
- RSAerr(RSA_F_RSA_EAY_PRIVATE_DECRYPT,RSA_R_SSLV3_ROLLBACK_ATTACK);
- goto err;
- }
- }
-
- /* skip over the '\0' */
- i++;
- j-=i;
-
- /* output data */
- memcpy(to,p,(unsigned int)j);
- r=j;
-err:
- if (ctx != NULL) BN_CTX_free(ctx);
- if (f != NULL) BN_free(f);
- if (ret != NULL) BN_free(ret);
- if (buf != NULL)
- {
- memset(buf,0,num);
- Free(buf);
- }
- return(r);
- }
-
-static int RSA_eay_public_decrypt(flen, from, to, rsa, padding)
-int flen;
-unsigned char *from;
-unsigned char *to;
-RSA *rsa;
-int padding;
- {
- BIGNUM *f=NULL,*ret=NULL;
- int i,j,num=0,r= -1;
- unsigned char *p;
- unsigned char *buf=NULL;
- BN_CTX *ctx=NULL;
-
- if (padding != RSA_PKCS1_PADDING)
- {
- RSAerr(RSA_F_RSA_EAY_PUBLIC_DECRYPT,RSA_R_UNKNOWN_PADDING_TYPE);
- goto err;
- }
-
- ctx=BN_CTX_new();
- if (ctx == NULL) goto err;
-
- num=BN_num_bytes(rsa->n);
- buf=(unsigned char *)Malloc(num);
- if (buf == NULL)
- {
- RSAerr(RSA_F_RSA_EAY_PUBLIC_DECRYPT,ERR_R_MALLOC_FAILURE);
- goto err;
- }
-
- /* This check was for equallity but PGP does evil things
- * and chops off the top '0' bytes */
- if (flen > num)
- {
- RSAerr(RSA_F_RSA_EAY_PUBLIC_DECRYPT,RSA_R_DATA_GREATER_THAN_MOD_LEN);
- goto err;
- }
-
- /* make data into a big number */
- f=BN_new();
- ret=BN_new();
- if ((f == NULL) || (ret == NULL)) goto err;
-
- if (BN_bin2bn(from,flen,f) == NULL) goto err;
- /* do the decrypt */
- if (!rsa->meth->bn_mod_exp(ret,f,rsa->e,rsa->n,ctx)) goto err;
-
- p=buf;
- i=BN_bn2bin(ret,p);
-
- /* BT must be 01 */
- if (*(p++) != 01)
- {
- RSAerr(RSA_F_RSA_EAY_PUBLIC_DECRYPT,RSA_R_BLOCK_TYPE_IS_NOT_01);
- goto err;
- }
-
- /* scan over padding data */
- j=num-2; /* one for type and one for the prepended 0. */
- for (i=0; i<j; i++)
- {
- if (*p != 0xff) /* should decrypt to 0xff */
- {
- if (*p == 0)
- { p++; break; }
- else {
- RSAerr(RSA_F_RSA_EAY_PUBLIC_DECRYPT,RSA_R_BAD_FIXED_HEADER_DECRYPT);
- goto err;
- }
- }
- p++;
- }
- if (i == j)
- {
- RSAerr(RSA_F_RSA_EAY_PUBLIC_DECRYPT,RSA_R_NULL_BEFORE_BLOCK_MISSING);
- goto err;
- }
- if (i < 8)
- {
- RSAerr(RSA_F_RSA_EAY_PUBLIC_DECRYPT,RSA_R_BAD_PAD_BYTE_COUNT);
- goto err;
- }
-
- /* skip over the '\0' */
- i++;
- j-=i;
-
- /* output data */
- memcpy(to,p,(unsigned int)j);
- r=j;
-err:
- if (ctx != NULL) BN_CTX_free(ctx);
- if (f != NULL) BN_free(f);
- if (ret != NULL) BN_free(ret);
- if (buf != NULL)
- {
- memset(buf,0,num);
- Free(buf);
- }
- return(r);
- }
-
-static int RSA_eay_mod_exp(r0, I, rsa)
-BIGNUM *r0;
-BIGNUM *I;
-RSA *rsa;
- {
- BIGNUM *r1=NULL,*m1=NULL;
- int ret=0;
- BN_CTX *ctx;
-
- if ((ctx=BN_CTX_new()) == NULL) goto err;
- m1=BN_new();
- r1=BN_new();
- if ((m1 == NULL) || (r1 == NULL)) goto err;
-
- if (!BN_mod(r1,I,rsa->q,ctx)) goto err;
- if (!rsa->meth->bn_mod_exp(m1,r1,rsa->dmq1,rsa->q,ctx)) goto err;
-
- if (!BN_mod(r1,I,rsa->p,ctx)) goto err;
- if (!rsa->meth->bn_mod_exp(r0,r1,rsa->dmp1,rsa->p,ctx)) goto err;
-
- if (!BN_add(r1,r0,rsa->p)) goto err;
- if (!BN_sub(r0,r1,m1)) goto err;
-
- if (!BN_mul(r1,r0,rsa->iqmp)) goto err;
- if (!BN_mod(r0,r1,rsa->p,ctx)) goto err;
- if (!BN_mul(r1,r0,rsa->q)) goto err;
- if (!BN_add(r0,r1,m1)) goto err;
-
- ret=1;
-err:
- if (m1 != NULL) BN_free(m1);
- if (r1 != NULL) BN_free(r1);
- BN_CTX_free(ctx);
- return(ret);
- }
-
-
+++ /dev/null
-
-PKCS7
- STACK of X509_ATTRIBUTES
- ASN1_OBJECT
- STACK of ASN1_TYPE
-
-So it is
-
-p7.xa[].obj
-p7.xa[].data[]
-
-get_obj_by_nid(STACK , nid)
-get_num_by_nid(STACK , nid)
-get_data_by_nid(STACK , nid, index)
-
-X509_ATTRIBUTE *X509_ATTRIBUTE_new(void );
-void X509_ATTRIBUTE_free(X509_ATTRIBUTE *a);
-
-X509_ATTRIBUTE *X509_ATTRIBUTE_create_by_NID(X509_ATTRIBUTE **ex,
- int nid, STACK *value);
-
-X509_ATTRIBUTE *X509_ATTRIBUTE_create_by_OBJ(X509_ATTRIBUTE **ex,
- int nid, STACK *value);
-
-int X509_ATTRIBUTE_set_object(X509_ATTRIBUTE *ex,ASN1_OBJECT *obj);
-int X509_ATTRIBUTE_add_data(X509_ATTRIBUTE *ex, int index,
- ASN1_TYPE *value);
-
-ASN1_OBJECT * X509_ATTRIBUTE_get_object(X509_ATTRIBUTE *ex);
-int X509_ATTRIBUTE_get_num(X509_ATTRIBUTE *ne);
-ASN1_TYPE * X509_ATTRIBUTE_get_data(X509_ATTRIBUTE *ne,int index);
-
-ASN1_TYPE * X509_ATTRIBUTE_get_data_by_NID(X509_ATTRIBUTE *ne,
- ASN1_OBJECT *obj);
-
-X509_ATTRUBUTE *PKCS7_get_s_att_by_NID(PKCS7 *p7,int nid);
-X509_ATTRUBUTE *PKCS7_get_u_att_by_NID(PKCS7 *p7,int nid);
-
+++ /dev/null
-*** x509name.c Wed Jul 2 09:35:35 1997
---- /home/eay/play/x Sat Jul 5 01:39:56 1997
-***************
-*** 1,202 ****
-! /* crypto/x509/x509name.c */
-! /* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
-! * All rights reserved.
-! *
-! * This package is an SSL implementation written
-! * by Eric Young (eay@cryptsoft.com).
-! * The implementation was written so as to conform with Netscapes SSL.
-! *
-! * This library is free for commercial and non-commercial use as long as
-! * the following conditions are aheared to. The following conditions
-! * apply to all code found in this distribution, be it the RC4, RSA,
-! * lhash, DES, etc., code; not just the SSL code. The SSL documentation
-! * included with this distribution is covered by the same copyright terms
-! * except that the holder is Tim Hudson (tjh@cryptsoft.com).
-! *
-! * Copyright remains Eric Young's, and as such any Copyright notices in
-! * the code are not to be removed.
-! * If this package is used in a product, Eric Young should be given attribution
-! * as the author of the parts of the library used.
-! * This can be in the form of a textual message at program startup or
-! * in documentation (online or textual) provided with the package.
-! *
-! * Redistribution and use in source and binary forms, with or without
-! * modification, are permitted provided that the following conditions
-! * are met:
-! * 1. Redistributions of source code must retain the copyright
-! * notice, this list of conditions and the following disclaimer.
-! * 2. Redistributions in binary form must reproduce the above copyright
-! * notice, this list of conditions and the following disclaimer in the
-! * documentation and/or other materials provided with the distribution.
-! * 3. All advertising materials mentioning features or use of this software
-! * must display the following acknowledgement:
-! * "This product includes cryptographic software written by
-! * Eric Young (eay@cryptsoft.com)"
-! * The word 'cryptographic' can be left out if the rouines from the library
-! * being used are not cryptographic related :-).
-! * 4. If you include any Windows specific code (or a derivative thereof) from
-! * the apps directory (application code) you must include an acknowledgement:
-! * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
-! *
-! * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
-! * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
-! * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
-! * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
-! * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
-! * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
-! * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
-! * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
-! * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
-! * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
-! * SUCH DAMAGE.
-! *
-! * The licence and distribution terms for any publically available version or
-! * derivative of this code cannot be changed. i.e. this code cannot simply be
-! * copied and put under another distribution licence
-! * [including the GNU Public Licence.]
-! */
-!
-! #include <stdio.h>
-! #include "stack.h"
-! #include "cryptlib.h"
-! #include "asn1.h"
-! #include "objects.h"
-! #include "evp.h"
-! #include "x509.h"
-!
-! int X509_NAME_get_text_by_NID(name,nid,buf,len)
-! X509_NAME *name;
-! int nid;
-! char *buf;
-! int len;
- {
- ASN1_OBJECT *obj;
-
- obj=OBJ_nid2obj(nid);
-! if (obj == NULL) return(-1);
-! return(X509_NAME_get_text_by_OBJ(name,obj,buf,len));
- }
-
-- int X509_NAME_get_text_by_OBJ(name,obj,buf,len)
-- X509_NAME *name;
-- ASN1_OBJECT *obj;
-- char *buf;
-- int len;
-- {
-- int i;
-- ASN1_STRING *data;
-
-! i=X509_NAME_get_index_by_OBJ(name,obj,0);
-! if (i < 0) return(-1);
-! data=X509_NAME_ENTRY_get_data(X509_NAME_get_entry(name,i));
-! i=(data->length > (len-1))?(len-1):data->length;
-! if (buf == NULL) return(data->length);
-! memcpy(buf,data->data,i);
-! buf[i]='\0';
-! return(i);
-! }
-
-! int X509_NAME_entry_count(name)
-! X509_NAME *name;
- {
-! if (name == NULL) return(0);
-! return(sk_num(name->entries));
- }
-
-! int X509_NAME_get_index_by_NID(name,nid,oldpos)
-! X509_NAME *name;
-! int nid;
-! int oldpos;
-! {
-! ASN1_OBJECT *obj;
-
-! obj=OBJ_nid2obj(nid);
-! if (obj == NULL) return(-2);
-! return(X509_NAME_get_index_by_OBJ(name,obj,oldpos));
- }
-
-- int X509_NAME_get_index_by_OBJ(name,obj,oldpos)
-- X509_NAME *name;
-- ASN1_OBJECT *obj;
-- int oldpos;
-- {
-- int n;
-- X509_NAME_ENTRY *ne;
-- STACK *sk;
-
-! if (name == NULL) return(-1);
-! if (oldpos < 0)
-! oldpos= -1;
-! sk=name->entries;
-! n=sk_num(sk);
-! for (oldpos++; oldpos < n; oldpos++)
- {
-! ne=(X509_NAME_ENTRY *)sk_value(sk,oldpos);
-! if (OBJ_cmp(ne->object,obj) == 0)
-! return(oldpos);
- }
-! return(-1);
- }
-
-- X509_NAME_ENTRY *X509_NAME_get_entry(name,loc)
-- X509_NAME *name;
-- int loc;
-- {
-- if ( (name == NULL) || (sk_num(name->entries) <= loc) || (loc < 0))
-- return(NULL);
-- else
-- return((X509_NAME_ENTRY *)sk_value(name->entries,loc));
-- }
-
-! X509_NAME_ENTRY *X509_NAME_delete_entry(name,loc)
-! X509_NAME *name;
-! int loc;
- {
-! X509_NAME_ENTRY *ret;
-! int i,j,n,set_prev,set_next;
-! STACK *sk;
-!
-! if ((name == NULL) || (sk_num(name->entries) <= loc) || (loc < 0))
-! return(NULL);
-! sk=name->entries;
-! ret=(X509_NAME_ENTRY *)sk_delete(sk,loc);
-! n=sk_num(sk);
-! name->modified=1;
-! if (loc == n) return(ret);
-!
-! /* else we need to fixup the set field */
-! if (loc != 0)
-! set_prev=((X509_NAME_ENTRY *)sk_value(sk,loc-1))->set;
-! else
-! set_prev=ret->set-1;
-! set_next=((X509_NAME_ENTRY *)sk_value(sk,loc))->set;
-
-! /* set_prev is the previous set
-! * set is the current set
-! * set_next is the following
-! * prev 1 1 1 1 1 1 1 1
-! * set 1 1 2 2
-! * next 1 1 2 2 2 2 3 2
-! * so basically only if prev and next differ by 2, then
-! * re-number down by 1 */
-! if (set_prev+1 < set_next)
-! {
-! j=set_next-set_prev-1;
-! for (i=loc; i<n; i++)
-! ((X509_NAME_ENTRY *)sk_value(sk,loc-1))->set-=j;
-! }
-! return(ret);
- }
-
- /* if set is -1, append to previous set, 0 'a new one', and 1,
- * prepend to the guy we are about to stomp on. */
-! int X509_NAME_add_entry(name,ne,loc,set)
-! X509_NAME *name;
-! X509_NAME_ENTRY *ne;
-! int loc;
-! int set;
- {
-! X509_NAME_ENTRY *new_name=NULL;
- int n,i,inc;
- STACK *sk;
-
---- 1,77 ----
-! X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_NID(X509_NAME_ENTRY **ne, int nid,
-! int type,unsigned char *bytes, int len)
- {
- ASN1_OBJECT *obj;
-
- obj=OBJ_nid2obj(nid);
-! if (obj == NULL)
-! {
-! X509err(X509_F_X509_NAME_ENTRY_CREATE_BY_NID,X509_R_UNKNOWN_NID);
-! return(NULL);
-! }
-! return(X509_NAME_ENTRY_create_by_OBJ(ne,obj,type,bytes,len));
- }
-
-
-! X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_OBJ(X509_NAME_ENTRY **ne,
-! ASN1_OBJECT *obj, int type,unsigned char *bytes,
-! int len)
-! {
-! X509_NAME_ENTRY *ret;
-
-! if ((ne == NULL) || (*ne == NULL))
- {
-! if ((ret=X509_NAME_ENTRY_new()) == NULL)
-! return(NULL);
- }
-+ else
-+ ret= *ne;
-
-! if (!X509_NAME_ENTRY_set_object(ret,obj))
-! goto err;
-! if (!X509_NAME_ENTRY_set_data(ret,type,bytes,len))
-! goto err;
-
-! if ((ne != NULL) && (*ne == NULL)) *ne=ret;
-! return(ret);
-! err:
-! if ((ne == NULL) || (ret != *ne))
-! X509_NAME_ENTRY_free(ret);
-! return(NULL);
- }
-
-
-! int X509_NAME_ENTRY_set_object(X509_NAME_ENTRY *ne, ASN1_OBJECT *obj)
-! {
-! if ((ne == NULL) || (obj == NULL))
- {
-! X509err(X509_F_X509_NAME_ENTRY_SET_OBJECT,ERR_R_PASSED_NULL_PARAMETER);
-! return(0);
- }
-! ASN1_OBJECT_free(ne->object);
-! ne->object=OBJ_dup(obj);
-! return((ne->object == NULL)?0:1);
- }
-
-
-! int X509_NAME_ENTRY_set_data(X509_NAME_ENTRY *ne,int type,unsigned char *bytes,int len)
- {
-! int i;
-
-! if ((ne == NULL) || ((bytes == NULL) && (len != 0))) return(0);
-! if (len < 0) len=strlen((char *)bytes);
-! i=ASN1_STRING_set(ne->value,bytes,len);
-! if (!i) return(0);
-! ne->value->type=ASN1_PRINTABLE_type(bytes,len);
-! return(1);
- }
-
- /* if set is -1, append to previous set, 0 'a new one', and 1,
- * prepend to the guy we are about to stomp on. */
-! int X509_NAME_add_entry(X509_NAME *name,X509_NAME_ENTRY *ne,int loc,int set)
- {
-! /* ERIC: renamed new to nenew for C++ users --tjh */
-! X509_NAME_ENTRY *nenew;
- int n,i,inc;
- STACK *sk;
-
-***************
-*** 206,213 ****
- if (loc > n) loc=n;
- else if (loc < 0) loc=n;
-
-- name->modified=1;
--
- if (set == -1)
- {
- if (loc == 0)
---- 81,86 ----
-***************
-*** 223,245 ****
- }
- else /* if (set >= 0) */
- {
-- inc=(set == 0)?1:0;
- if (loc >= n)
- {
- if (loc != 0)
- set=((X509_NAME_ENTRY *)
-! sk_value(sk,n-1))->set+1;
- else
- set=0;
- }
- else
- set=((X509_NAME_ENTRY *)sk_value(sk,loc))->set;
- }
-
-! if ((new_name=X509_NAME_ENTRY_dup(ne)) == NULL)
- goto err;
-! new_name->set=set;
-! if (!sk_insert(sk,(char *)new_name,loc))
- {
- X509err(X509_F_X509_NAME_ADD_ENTRY,ERR_R_MALLOC_FAILURE);
- goto err;
---- 96,122 ----
- }
- else /* if (set >= 0) */
- {
- if (loc >= n)
- {
- if (loc != 0)
- set=((X509_NAME_ENTRY *)
-! sk_value(sk,loc-1))->set+1;
- else
- set=0;
- }
- else
- set=((X509_NAME_ENTRY *)sk_value(sk,loc))->set;
-+ inc=(set == 0)?1:0;
- }
-
-! if ((nenew=X509_NAME_ENTRY_dup(ne)) == NULL)
- goto err;
-! /* eric forgot to put this in when he cut the nice
-! * interface so that I don't have to do the icky things
-! * that req.c does --tjh :-)
-! */
-! nenew->set=set;
-! if (!sk_insert(sk,(char *)nenew,loc))
- {
- X509err(X509_F_X509_NAME_ADD_ENTRY,ERR_R_MALLOC_FAILURE);
- goto err;
-***************
-*** 252,357 ****
- }
- return(1);
- err:
-! if (new_name != NULL)
- X509_NAME_ENTRY_free(ne);
- return(0);
-- }
--
-- X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_NID(ne,nid,type,bytes,len)
-- X509_NAME_ENTRY **ne;
-- int nid;
-- int type;
-- unsigned char *bytes;
-- int len;
-- {
-- ASN1_OBJECT *obj;
--
-- obj=OBJ_nid2obj(nid);
-- if (obj == NULL)
-- {
-- X509err(X509_F_X509_NAME_ENTRY_CREATE_BY_NID,X509_R_UNKNOWN_NID);
-- return(NULL);
-- }
-- return(X509_NAME_ENTRY_create_by_OBJ(ne,obj,type,bytes,len));
-- }
--
-- X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_OBJ(ne,obj,type,bytes,len)
-- X509_NAME_ENTRY **ne;
-- ASN1_OBJECT *obj;
-- int type;
-- unsigned char *bytes;
-- int len;
-- {
-- X509_NAME_ENTRY *ret;
--
-- if ((ne == NULL) || (*ne == NULL))
-- {
-- if ((ret=X509_NAME_ENTRY_new()) == NULL)
-- return(NULL);
-- }
-- else
-- ret= *ne;
--
-- if (!X509_NAME_ENTRY_set_object(ret,obj))
-- goto err;
-- if (!X509_NAME_ENTRY_set_data(ret,type,bytes,len))
-- goto err;
--
-- if ((ne != NULL) && (*ne == NULL)) *ne=ret;
-- return(ret);
-- err:
-- if ((ne == NULL) || (ret != *ne))
-- X509_NAME_ENTRY_free(ret);
-- return(NULL);
-- }
--
-- int X509_NAME_ENTRY_set_object(ne,obj)
-- X509_NAME_ENTRY *ne;
-- ASN1_OBJECT *obj;
-- {
-- if ((ne == NULL) || (obj == NULL))
-- {
-- X509err(X509_F_X509_NAME_ENTRY_SET_OBJECT,ERR_R_PASSED_NULL_PARAMETER);
-- return(0);
-- }
-- ASN1_OBJECT_free(ne->object);
-- ne->object=OBJ_dup(obj);
-- return((ne->object == NULL)?0:1);
-- }
--
-- int X509_NAME_ENTRY_set_data(ne,type,bytes,len)
-- X509_NAME_ENTRY *ne;
-- int type;
-- unsigned char *bytes;
-- int len;
-- {
-- int i;
--
-- if ((ne == NULL) || ((bytes == NULL) && (len != 0))) return(0);
-- if (len < 0) len=strlen((char *)bytes);
-- i=ASN1_STRING_set(ne->value,bytes,len);
-- if (!i) return(0);
-- if (type != V_ASN1_UNDEF)
-- {
-- if (type == V_ASN1_APP_CHOOSE)
-- ne->value->type=ASN1_PRINTABLE_type(bytes,len);
-- else
-- ne->value->type=type;
-- }
-- return(1);
-- }
--
-- ASN1_OBJECT *X509_NAME_ENTRY_get_object(ne)
-- X509_NAME_ENTRY *ne;
-- {
-- if (ne == NULL) return(NULL);
-- return(ne->object);
-- }
--
-- ASN1_STRING *X509_NAME_ENTRY_get_data(ne)
-- X509_NAME_ENTRY *ne;
-- {
-- if (ne == NULL) return(NULL);
-- return(ne->value);
- }
-
---- 129,136 ----
- }
- return(1);
- err:
-! if (nenew != NULL)
- X509_NAME_ENTRY_free(ne);
- return(0);
- }
-
+++ /dev/null
-X509_verify()
-X509_sign()
-
-X509_get_version()
-X509_get_serialNumber()
-X509_get_issuer()
-X509_get_subject()
-X509_get_notBefore()
-X509_get_notAfter()
-X509_get_pubkey()
-
-X509_set_version()
-X509_set_serialNumber()
-X509_set_issuer()
-X509_set_subject()
-X509_set_notBefore()
-X509_set_notAfter()
-X509_set_pubkey()
-
-X509_get_extensions()
-X509_set_extensions()
-
-X509_EXTENSIONS_clear()
-X509_EXTENSIONS_retrieve()
-X509_EXTENSIONS_add()
-X509_EXTENSIONS_delete()
-
+++ /dev/null
-The 'new' system.
-
-The X509_EXTENSION_METHOD includes extensions and attributes and/or names.
-Basically everthing that can be added to an X509 with an OID identifying it.
-
-It operates via 2 methods per object id.
-int a2i_XXX(X509 *x,char *str,int len);
-int i2a_XXX(BIO *bp,X509 *x);
-
-The a2i_XXX function will add the object with a value converted from the
-string into the X509. Len can be -1 in which case the length is calculated
-via strlen(str). Applications can always use direct knowledge to load and
-unload the relevent objects themselves.
-
-i2a_XXX will print to the passed BIO, a text representation of the
-relevet object. Use a memory BIO if you want it printed to a buffer :-).
-
-X509_add_by_NID(X509 *x,int nid,char *str,int len);
-X509_add_by_OBJ(X509 *x,ASN1_OBJECT *obj,char *str,int len);
-
-X509_print_by_name(BIO *bp,X509 *x);
-X509_print_by_NID(BIO *bp,X509 *x);
-X509_print_by_OBJ(BIO *bp,X509 *x);
-
PEM - parsing
+==== ssl/readme =====================================================
+
+22 Jun 1996
+This file belongs in ../apps, but I'll leave it here because it deals
+with SSL :-) It is rather dated but it gives you an idea of how
+things work.
+===
+
+17 Jul 1995
+I have been changing things quite a bit and have not fully updated
+this file, so take what you read with a grain of salt
+eric
+===
+The s_client and s_server programs can be used to test SSL capable
+IP/port addresses and the verification of the X509 certificates in use
+by these services. I strongly advise having a look at the code to get
+an idea of how to use the authentication under SSLeay. Any feedback
+on changes and improvements would be greatly accepted.
+
+This file will probably be gibberish unless you have read
+rfc1421, rfc1422, rfc1423 and rfc1424 which describe PEM
+authentication.
+
+A Brief outline (and examples) how to use them to do so.
+
+NOTE:
+The environment variable SSL_CIPER is used to specify the prefered
+cipher to use, play around with setting it's value to combinations of
+RC4-MD5, EXP-RC4-MD5, CBC-DES-MD5, CBC3-DES-MD5, CFB-DES-NULL
+in a : separated list.
+
+This directory contains 3 X509 certificates which can be used by these programs.
+client.pem: a file containing a certificate and private key to be used
+ by s_client.
+server.pem :a file containing a certificate and private key to be used
+ by s_server.
+eay1024.pem:the certificate used to sign client.pem and server.pem.
+ This would be your CA's certificate. There is also a link
+ from the file a8556381.0 to eay1024.PEM. The value a8556381
+ is returned by 'x509 -hash -noout <eay1024.pem' and is the
+ value used by X509 verification routines to 'find' this
+ certificte when search a directory for it.
+ [the above is not true any more, the CA cert is
+ ../certs/testca.pem which is signed by ../certs/mincomca.pem]
+
+When testing the s_server, you may get
+bind: Address already in use
+errors. These indicate the port is still being held by the unix
+kernel and you are going to have to wait for it to let go of it. If
+this is the case, remember to use the port commands on the s_server and
+s_client to talk on an alternative port.
+
+=====
+s_client.
+This program can be used to connect to any IP/hostname:port that is
+talking SSL. Once connected, it will attempt to authenticate the
+certificate it was passed and if everything works as expected, a 2
+directional channel will be open. Any text typed will be sent to the
+other end. type Q<cr> to exit. Flags are as follows.
+-host arg : Arg is the host or IP address to connect to.
+-port arg : Arg is the port to connect to (https is 443).
+-verify arg : Turn on authentication of the server certificate.
+ : Arg specifies the 'depth', this will covered below.
+-cert arg : The optional certificate to use. This certificate
+ : will be returned to the server if the server
+ : requests it for client authentication.
+-key arg : The private key that matches the certificate
+ : specified by the -cert option. If this is not
+ : specified (but -cert is), the -cert file will be
+ : searched for the Private key. Both files are
+ : assumed to be in PEM format.
+-CApath arg : When to look for certificates when 'verifying' the
+ : certificate from the server.
+-CAfile arg : A file containing certificates to be used for
+ : 'verifying' the server certificate.
+-reconnect : Once a connection has been made, drop it and
+ : reconnect with same session-id. This is for testing :-).
+
+The '-verify n' parameter specifies not only to verify the servers
+certificate but to also only take notice of 'n' levels. The best way
+to explain is to show via examples.
+Given
+s_server -cert server.PEM is running.
+
+s_client
+ CONNECTED
+ depth=0 /C=AU/SOP=QLD/O=Mincom Pty. Ltd./OU=CS/CN=SSLeay demo server
+ issuer= /C=AU/SOP=QLD/O=Mincom Pty. Ltd./OU=CS/CN=CA
+ verify error:num=1:unable to get issuer certificate
+ verify return:1
+ CIPHER is CBC-DES-MD5
+What has happened is that the 'SSLeay demo server' certificate's
+issuer ('CA') could not be found but because verify is not on, we
+don't care and the connection has been made anyway. It is now 'up'
+using CBC-DES-MD5 mode. This is an unauthenticate secure channel.
+You may not be talking to the right person but the data going to them
+is encrypted.
+
+s_client -verify 0
+ CONNECTED
+ depth=0 /C=AU/SOP=QLD/O=Mincom Pty. Ltd./OU=CS/CN=SSLeay demo server
+ issuer= /C=AU/SOP=QLD/O=Mincom Pty. Ltd./OU=CS/CN=CA
+ verify error:num=1:unable to get issuer certificate
+ verify return:1
+ CIPHER is CBC-DES-MD5
+We are 'verifying' but only to depth 0, so since the 'SSLeay demo server'
+certificate passed the date and checksum, we are happy to proceed.
+
+s_client -verify 1
+ CONNECTED
+ depth=0 /C=AU/SOP=QLD/O=Mincom Pty. Ltd./OU=CS/CN=SSLeay demo server
+ issuer= /C=AU/SOP=QLD/O=Mincom Pty. Ltd./OU=CS/CN=CA
+ verify error:num=1:unable to get issuer certificate
+ verify return:0
+ ERROR
+ verify error:unable to get issuer certificate
+In this case we failed to make the connection because we could not
+authenticate the certificate because we could not find the
+'CA' certificate.
+
+s_client -verify 1 -CAfile eay1024.PEM
+ CONNECTED
+ depth=0 /C=AU/SOP=QLD/O=Mincom Pty. Ltd./OU=CS/CN=SSLeay demo server
+ verify return:1
+ depth=1 /C=AU/SOP=QLD/O=Mincom Pty. Ltd./OU=CS/CN=CA
+ verify return:1
+ CIPHER is CBC-DES-MD5
+We loaded the certificates from the file eay1024.PEM. Everything
+checked out and so we made the connection.
+
+s_client -verify 1 -CApath .
+ CONNECTED
+ depth=0 /C=AU/SOP=QLD/O=Mincom Pty. Ltd./OU=CS/CN=SSLeay demo server
+ verify return:1
+ depth=1 /C=AU/SOP=QLD/O=Mincom Pty. Ltd./OU=CS/CN=CA
+ verify return:1
+ CIPHER is CBC-DES-MD5
+We looked in out local directory for issuer certificates and 'found'
+a8556381.0 and so everything is ok.
+
+It is worth noting that 'CA' is a self certified certificate. If you
+are passed one of these, it will fail to 'verify' at depth 0 because
+we need to lookup the certifier of a certificate from some information
+that we trust and keep locally.
+
+SSL_CIPHER=CBC3-DES-MD5:RC4-MD5
+export SSL_CIPHER
+s_client -verify 10 -CApath . -reconnect
+ CONNECTED
+ depth=0 /C=AU/SOP=QLD/O=Mincom Pty. Ltd./OU=CS/CN=SSLeay demo server
+ verify return:1
+ depth=1 /C=AU/SOP=QLD/O=Mincom Pty. Ltd./OU=CS/CN=CA
+ verify return:1
+ drop the connection and reconnect with the same session id
+ CIPHER is CBC3-DES-MD5
+This has done a full connection and then re-estabished it with the
+same session id but a new socket. No RSA stuff occures on the second
+connection. Note that we said we would prefer to use CBC3-DES-MD5
+encryption and so, since the server supports it, we are.
+
+=====
+s_server
+This program accepts SSL connections on a specified port
+Once connected, it will estabish an SSL connection and optionaly
+attempt to authenticate the client. A 2 directional channel will be
+open. Any text typed will be sent to the other end. Type Q<cr> to exit.
+Flags are as follows.
+-port arg : Arg is the port to listen on.
+-verify arg : Turn on authentication of the client if they have a
+ : certificate. Arg specifies the 'depth'.
+-Verify arg : Turn on authentication of the client. If they don't
+ : have a valid certificate, drop the connection.
+-cert arg : The certificate to use. This certificate
+ : will be passed to the client. If it is not
+ : specified, it will default to server.PEM
+-key arg : The private key that matches the certificate
+ : specified by the -cert option. If this is not
+ : specified (but -cert is), the -cert file will be
+ : searched for the Private key. Both files are
+ : assumed to be in PEM format. Default is server.PEM
+-CApath arg : When to look for certificates when 'verifying' the
+ : certificate from the client.
+-CAfile arg : A file containing certificates to be used for
+ : 'verifying' the client certificate.
+
+For the following 'demo' I will specify the s_server command and
+the s_client command and then list the output from the s_server.
+s_server
+s_client
+ CONNECTED
+ CIPHER is CBC-DES-MD5
+Everything up and running
+
+s_server -verify 0
+s_client
+ CONNECTED
+ CIPHER is CBC-DES-MD5
+Ok since no certificate was returned and we don't care.
+
+s_server -verify 0
+./s_client -cert client.PEM
+ CONNECTED
+ depth=0 /C=AU/SOP=QLD/O=Mincom Pty. Ltd./OU=CS/CN=SSLeay demo client
+ issuer= /C=AU/SOP=QLD/O=Mincom Pty. Ltd./OU=CS/CN=CA
+ verify error:num=1:unable to get issuer certificate
+ verify return:1
+ CIPHER is CBC-DES-MD5
+Ok since we were only verifying to level 0
+
+s_server -verify 4
+s_client -cert client.PEM
+ CONNECTED
+ depth=0 /C=AU/SOP=QLD/O=Mincom Pty. Ltd./OU=CS/CN=SSLeay demo client
+ issuer= /C=AU/SOP=QLD/O=Mincom Pty. Ltd./OU=CS/CN=CA
+ verify error:num=1:unable to get issuer certificate
+ verify return:0
+ ERROR
+ verify error:unable to get issuer certificate
+Bad because we could not authenticate the returned certificate.
+
+s_server -verify 4 -CApath .
+s_client -cert client.PEM
+ CONNECTED
+ depth=0 /C=AU/SOP=QLD/O=Mincom Pty. Ltd./OU=CS/CN=SSLeay demo client
+ verify return:1
+ depth=1 /C=AU/SOP=QLD/O=Mincom Pty. Ltd./OU=CS/CN=CA
+ verify return:1
+ CIPHER is CBC-DES-MD5
+Ok because we could authenticate the returned certificate :-).
+
+s_server -Verify 0 -CApath .
+s_client
+ CONNECTED
+ ERROR
+ SSL error:function is:REQUEST_CERTIFICATE
+ :error is :client end did not return a certificate
+Error because no certificate returned.
+
+s_server -Verify 4 -CApath .
+s_client -cert client.PEM
+ CONNECTED
+ depth=0 /C=AU/SOP=QLD/O=Mincom Pty. Ltd./OU=CS/CN=SSLeay demo client
+ verify return:1
+ depth=1 /C=AU/SOP=QLD/O=Mincom Pty. Ltd./OU=CS/CN=CA
+ verify return:1
+ CIPHER is CBC-DES-MD5
+Full authentication of the client.
+
+So in summary to do full authentication of both ends
+s_server -Verify 9 -CApath .
+s_client -cert client.PEM -CApath . -verify 9
+From the server side
+ CONNECTED
+ depth=0 /C=AU/SOP=QLD/O=Mincom Pty. Ltd./OU=CS/CN=SSLeay demo client
+ verify return:1
+ depth=1 /C=AU/SOP=QLD/O=Mincom Pty. Ltd./OU=CS/CN=CA
+ verify return:1
+ CIPHER is CBC-DES-MD5
+From the client side
+ CONNECTED
+ depth=0 /C=AU/SOP=QLD/O=Mincom Pty. Ltd./OU=CS/CN=SSLeay demo server
+ verify return:1
+ depth=1 /C=AU/SOP=QLD/O=Mincom Pty. Ltd./OU=CS/CN=CA
+ verify return:1
+ CIPHER is CBC-DES-MD5
+
+For general probing of the 'internet https' servers for the
+distribution area, run
+s_client -host www.netscape.com -port 443 -verify 4 -CApath ../rsa/hash
+Then enter
+GET /
+and you should be talking to the https server on that host.
+
+www.rsa.com was refusing to respond to connections on 443 when I was
+testing.
+
+have fun :-).
+
+eric
+
==== a_verify.doc ========================================================
From eay@mincom.com Fri Oct 4 18:29:06 1996
Eric Young | BOOL is tri-state according to Bill Gates.
AARNet: eay@mincom.oz.au | RTFM Win32 GetMessage().
+==== x509 =======================================================
+
+X509_verify()
+X509_sign()
+
+X509_get_version()
+X509_get_serialNumber()
+X509_get_issuer()
+X509_get_subject()
+X509_get_notBefore()
+X509_get_notAfter()
+X509_get_pubkey()
+
+X509_set_version()
+X509_set_serialNumber()
+X509_set_issuer()
+X509_set_subject()
+X509_set_notBefore()
+X509_set_notAfter()
+X509_set_pubkey()
+
+X509_get_extensions()
+X509_set_extensions()
+
+X509_EXTENSIONS_clear()
+X509_EXTENSIONS_retrieve()
+X509_EXTENSIONS_add()
+X509_EXTENSIONS_delete()
+
+==== x509 attribute ================================================
+
+PKCS7
+ STACK of X509_ATTRIBUTES
+ ASN1_OBJECT
+ STACK of ASN1_TYPE
+
+So it is
+
+p7.xa[].obj
+p7.xa[].data[]
+
+get_obj_by_nid(STACK , nid)
+get_num_by_nid(STACK , nid)
+get_data_by_nid(STACK , nid, index)
+
+X509_ATTRIBUTE *X509_ATTRIBUTE_new(void );
+void X509_ATTRIBUTE_free(X509_ATTRIBUTE *a);
+
+X509_ATTRIBUTE *X509_ATTRIBUTE_create_by_NID(X509_ATTRIBUTE **ex,
+ int nid, STACK *value);
+
+X509_ATTRIBUTE *X509_ATTRIBUTE_create_by_OBJ(X509_ATTRIBUTE **ex,
+ int nid, STACK *value);
+
+int X509_ATTRIBUTE_set_object(X509_ATTRIBUTE *ex,ASN1_OBJECT *obj);
+int X509_ATTRIBUTE_add_data(X509_ATTRIBUTE *ex, int index,
+ ASN1_TYPE *value);
+
+ASN1_OBJECT * X509_ATTRIBUTE_get_object(X509_ATTRIBUTE *ex);
+int X509_ATTRIBUTE_get_num(X509_ATTRIBUTE *ne);
+ASN1_TYPE * X509_ATTRIBUTE_get_data(X509_ATTRIBUTE *ne,int index);
+
+ASN1_TYPE * X509_ATTRIBUTE_get_data_by_NID(X509_ATTRIBUTE *ne,
+ ASN1_OBJECT *obj);
+
+X509_ATTRIBUTE *PKCS7_get_s_att_by_NID(PKCS7 *p7,int nid);
+X509_ATTRIBUTE *PKCS7_get_u_att_by_NID(PKCS7 *p7,int nid);
+
+==== x509 v3 ========================================================
+
+The 'new' system.
+
+The X509_EXTENSION_METHOD includes extensions and attributes and/or names.
+Basically everthing that can be added to an X509 with an OID identifying it.
+
+It operates via 2 methods per object id.
+int a2i_XXX(X509 *x,char *str,int len);
+int i2a_XXX(BIO *bp,X509 *x);
+
+The a2i_XXX function will add the object with a value converted from the
+string into the X509. Len can be -1 in which case the length is calculated
+via strlen(str). Applications can always use direct knowledge to load and
+unload the relevent objects themselves.
+
+i2a_XXX will print to the passed BIO, a text representation of the
+relevet object. Use a memory BIO if you want it printed to a buffer :-).
+
+X509_add_by_NID(X509 *x,int nid,char *str,int len);
+X509_add_by_OBJ(X509 *x,ASN1_OBJECT *obj,char *str,int len);
+
+X509_print_by_name(BIO *bp,X509 *x);
+X509_print_by_NID(BIO *bp,X509 *x);
+X509_print_by_OBJ(BIO *bp,X509 *x);
+
==== verify ========================================================
X509_verify_cert_chain(
callback(1,round++,cb_arg). Each successful 'round' in BN_is_prime().
callback(2,round,cb_arg). For each successful BN_is_prime() test.
+Hints
+-----
+
+DSA wants 64*32 to use word mont mul, but RSA wants to use full.
==== callback.doc ========================================================
normal system bsearch(3) if it is present. This version also
has tolerance of being passed NULL pointers.
+==== keys ===========================================================
+
+EVP_PKEY_DSA
+EVP_PKEY_DSA2
+EVP_PKEY_DSA3
+EVP_PKEY_DSA4
+
+EVP_PKEY_RSA
+EVP_PKEY_RSA2
+
+valid DSA pkey types
+ NID_dsa
+ NID_dsaWithSHA
+ NID_dsaWithSHA1
+ NID_dsaWithSHA1_2
+
+valid RSA pkey types
+ NID_rsaEncryption
+ NID_rsa
+
+NID_dsaWithSHA NID_dsaWithSHA DSA SHA
+NID_dsa NID_dsaWithSHA1 DSA SHA1
+NID_md2 NID_md2WithRSAEncryption RSA-pkcs1 MD2
+NID_md5 NID_md5WithRSAEncryption RSA-pkcs1 MD5
+NID_mdc2 NID_mdc2WithRSA RSA-none MDC2
+NID_ripemd160 NID_ripemd160WithRSA RSA-pkcs1 RIPEMD160
+NID_sha NID_shaWithRSAEncryption RSA-pkcs1 SHA
+NID_sha1 NID_sha1WithRSAEncryption RSA-pkcs1 SHA1
+
==== rand.doc ========================================================
My Random number library.
+++ /dev/null
-echo %%\r
-\r
+++ /dev/null
-EVP_PKEY_DSA
-EVP_PKEY_DSA2
-EVP_PKEY_DSA3
-EVP_PKEY_DSA4
-
-EVP_PKEY_RSA
-EVP_PKEY_RSA2
-
-valid DSA pkey types
- NID_dsa
- NID_dsaWithSHA
- NID_dsaWithSHA1
- NID_dsaWithSHA1_2
-
-valid RSA pkey types
- NID_rsaEncryption
- NID_rsa
-
-NID_dsaWithSHA NID_dsaWithSHA DSA SHA
-NID_dsa NID_dsaWithSHA1 DSA SHA1
-NID_md2 NID_md2WithRSAEncryption RSA-pkcs1 MD2
-NID_md5 NID_md5WithRSAEncryption RSA-pkcs1 MD5
-NID_mdc2 NID_mdc2WithRSA RSA-none MDC2
-NID_ripemd160 NID_ripemd160WithRSA RSA-pkcs1 RIPEMD160
-NID_sha NID_shaWithRSAEncryption RSA-pkcs1 SHA
-NID_sha1 NID_sha1WithRSAEncryption RSA-pkcs1 SHA1
-:w
-
+++ /dev/null
-/* ssl/bio_ssl.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <string.h>
-#include <errno.h>
-#include "bio.h"
-#include "err.h"
-#include "ssl.h"
-
-#ifndef NOPROTO
-static int ssl_write(BIO *h,char *buf,int num);
-static int ssl_read(BIO *h,char *buf,int size);
-static int ssl_puts(BIO *h,char *str);
-static long ssl_ctrl(BIO *h,int cmd,long arg1,char *arg2);
-static int ssl_new(BIO *h);
-static int ssl_free(BIO *data);
-#else
-static int ssl_write();
-static int ssl_read();
-static int ssl_puts();
-static long ssl_ctrl();
-static int ssl_new();
-static int ssl_free();
-#endif
-
-static BIO_METHOD methods_sslp=
- {
- BIO_TYPE_SSL,"ssl",
- ssl_write,
- ssl_read,
- ssl_puts,
- NULL, /* ssl_gets, */
- ssl_ctrl,
- ssl_new,
- ssl_free,
- };
-
-BIO_METHOD *BIO_f_ssl()
- {
- return(&methods_sslp);
- }
-
-static int ssl_new(bi)
-BIO *bi;
- {
- bi->init=0;
- bi->ptr=NULL; /* The SSL structure */
- bi->flags=0;
- return(1);
- }
-
-static int ssl_free(a)
-BIO *a;
- {
- if (a == NULL) return(0);
- if (a->ptr != NULL) SSL_shutdown((SSL *)a->ptr);
- if (a->shutdown)
- {
- if (a->init) SSL_free((SSL *)a->ptr);
- a->init=0;
- a->flags=0;
- a->ptr=NULL;
- }
- return(1);
- }
-
-static int ssl_read(b,out,outl)
-BIO *b;
-char *out;
-int outl;
- {
- int ret=1,dr,dw;
- int inflags,outflags;
- SSL *ssl;
- int retry_reason=0;
-
- if (out == NULL) return(0);
- ssl=(SSL *)b->ptr;
-
- inflags=outflags=b->flags;
-
- dr=inflags&BIO_FLAGS_PROTOCOL_DELAYED_READ;
- dw=inflags&BIO_FLAGS_PROTOCOL_DELAYED_WRITE;
-
- outflags&= ~(BIO_FLAGS_RWS|BIO_FLAGS_SHOULD_RETRY|
- BIO_FLAGS_PROTOCOL_DELAYED_WRITE|
- BIO_FLAGS_PROTOCOL_DELAYED_READ);
-
- if (!SSL_is_init_finished(ssl))
- {
- ret=SSL_do_handshake(ssl);
-#if 0
- if (ret > 0)
- {
- outflags=(BIO_FLAGS_READ|BIO_FLAGS_SHOULD_RETRY|
- BIO_FLAGS_PROTOCOL_DELAYED_READ|dw);
- ret= -1;
- goto end;
- }
-#endif
- }
- if (ret > 0)
- ret=SSL_read(ssl,out,outl);
-
- switch (SSL_get_error(ssl,ret))
- {
- case SSL_ERROR_NONE:
- if (ret <= 0) break;
- if (dw)
- outflags|=(BIO_FLAGS_WRITE|BIO_FLAGS_SHOULD_RETRY);
- break;
- case SSL_ERROR_WANT_READ:
- outflags=(BIO_FLAGS_READ|BIO_FLAGS_SHOULD_RETRY|
- BIO_FLAGS_PROTOCOL_DELAYED_READ|dw);
- break;
- case SSL_ERROR_WANT_WRITE:
- outflags=(BIO_FLAGS_WRITE|BIO_FLAGS_SHOULD_RETRY|
- BIO_FLAGS_PROTOCOL_DELAYED_READ|dw);
- break;
- case SSL_ERROR_WANT_X509_LOOKUP:
- outflags=(BIO_FLAGS_IO_SPECIAL|BIO_FLAGS_SHOULD_RETRY|
- BIO_FLAGS_PROTOCOL_DELAYED_READ|dw);
- retry_reason=BIO_RR_SSL_X509_LOOKUP;
- break;
- case SSL_ERROR_WANT_CONNECT:
- outflags=(BIO_FLAGS_IO_SPECIAL|BIO_FLAGS_SHOULD_RETRY|
- BIO_FLAGS_PROTOCOL_DELAYED_READ|dw);
- retry_reason=BIO_RR_CONNECT;
- break;
- case SSL_ERROR_SYSCALL:
- case SSL_ERROR_SSL:
- case SSL_ERROR_ZERO_RETURN:
- default:
- break;
- }
-
- b->retry_reason=retry_reason;
- b->flags=outflags;
- return(ret);
- }
-
-static int ssl_write(b,out,outl)
-BIO *b;
-char *out;
-int outl;
- {
- int ret,dr,dw;
- int inflags,outflags,retry_reason=0;
- SSL *ssl;
-
- if (out == NULL) return(0);
- ssl=(SSL *)b->ptr;
-
- inflags=outflags=b->flags;
-
- dr=inflags&BIO_FLAGS_PROTOCOL_DELAYED_READ;
- dw=inflags&BIO_FLAGS_PROTOCOL_DELAYED_WRITE;
-
- outflags&= ~(BIO_FLAGS_RWS|BIO_FLAGS_SHOULD_RETRY|
- BIO_FLAGS_PROTOCOL_DELAYED_WRITE|
- BIO_FLAGS_PROTOCOL_DELAYED_READ);
-
- ret=SSL_do_handshake(ssl);
- if (ret > 0)
- ret=SSL_write(ssl,out,outl);
-
- switch (SSL_get_error(ssl,ret))
- {
- case SSL_ERROR_NONE:
- if (ret <= 0) break;
- if (dr)
- outflags|=(BIO_FLAGS_READ|BIO_FLAGS_SHOULD_RETRY);
- break;
- case SSL_ERROR_WANT_WRITE:
- outflags=(BIO_FLAGS_WRITE|BIO_FLAGS_SHOULD_RETRY|
- BIO_FLAGS_PROTOCOL_DELAYED_WRITE|dr);
- break;
- case SSL_ERROR_WANT_READ:
- outflags=(BIO_FLAGS_READ|BIO_FLAGS_SHOULD_RETRY|
- BIO_FLAGS_PROTOCOL_DELAYED_WRITE|dr);
- break;
- case SSL_ERROR_WANT_X509_LOOKUP:
- outflags=(BIO_FLAGS_IO_SPECIAL|BIO_FLAGS_SHOULD_RETRY|
- BIO_FLAGS_PROTOCOL_DELAYED_WRITE|dr);
- retry_reason=BIO_RR_SSL_X509_LOOKUP;
- break;
- case SSL_ERROR_WANT_CONNECT:
- outflags=(BIO_FLAGS_IO_SPECIAL|BIO_FLAGS_SHOULD_RETRY|
- BIO_FLAGS_PROTOCOL_DELAYED_READ|dw);
- retry_reason=BIO_RR_CONNECT;
- case SSL_ERROR_SYSCALL:
- case SSL_ERROR_SSL:
- default:
- break;
- }
-
- b->retry_reason=retry_reason;
- b->flags=outflags;
- return(ret);
- }
-
-static long ssl_ctrl(b,cmd,num,ptr)
-BIO *b;
-int cmd;
-long num;
-char *ptr;
- {
- SSL **sslp,*ssl;
- BIO *dbio,*bio;
- long ret=1;
-
- ssl=(SSL *)b->ptr;
- switch (cmd)
- {
- case BIO_CTRL_RESET:
- SSL_shutdown(ssl);
-
- if (ssl->handshake_func == ssl->method->ssl_connect)
- SSL_set_connect_state(ssl);
- else if (ssl->handshake_func == ssl->method->ssl_accept)
- SSL_set_accept_state(ssl);
-
- SSL_clear(ssl);
-
- if (b->next_bio != NULL)
- ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
- else if (ssl->rbio != NULL)
- ret=BIO_ctrl(ssl->rbio,cmd,num,ptr);
- else
- ret=1;
- break;
- case BIO_CTRL_EOF:
- case BIO_CTRL_INFO:
- ret=0;
- break;
- case BIO_C_SSL_MODE:
- if (num) /* client mode */
- SSL_set_connect_state(ssl);
- else
- SSL_set_accept_state(ssl);
- break;
- case BIO_C_SET_SSL:
- ssl_free(b);
- b->shutdown=(int)num;
- b->ptr=ptr;
- ssl=(SSL *)ptr;
- bio=SSL_get_rbio(ssl);
- if (bio != NULL)
- {
- if (b->next_bio != NULL)
- BIO_push(bio,b->next_bio);
- b->next_bio=bio;
- }
- b->init=1;
- break;
- case BIO_C_GET_SSL:
- if (ptr != NULL)
- {
- sslp=(SSL **)ptr;
- *sslp=ssl;
- }
- break;
- case BIO_CTRL_GET_CLOSE:
- ret=b->shutdown;
- break;
- case BIO_CTRL_SET_CLOSE:
- b->shutdown=(int)num;
- break;
- case BIO_CTRL_WPENDING:
- ret=BIO_ctrl(ssl->wbio,cmd,num,ptr);
- break;
- case BIO_CTRL_PENDING:
- ret=SSL_pending(ssl);
- if (ret == 0)
- ret=BIO_pending(ssl->rbio);
- break;
- case BIO_CTRL_FLUSH:
- BIO_clear_retry_flags(b);
- ret=BIO_ctrl(ssl->wbio,cmd,num,ptr);
- BIO_copy_next_retry(b);
- break;
- case BIO_CTRL_PUSH:
- if (b->next_bio != NULL)
- {
- SSL_set_bio(ssl,b->next_bio,b->next_bio);
- b->next_bio->references++;
- }
- break;
- case BIO_CTRL_POP:
- /* ugly bit of a hack */
- if (ssl->rbio != ssl->wbio) /* we are in trouble :-( */
- {
- BIO_free_all(ssl->wbio);
- }
- ssl->wbio=NULL;
- ssl->rbio=NULL;
- break;
- case BIO_C_DO_STATE_MACHINE:
- BIO_clear_retry_flags(b);
-
- b->retry_reason=0;
- ret=(int)SSL_do_handshake(ssl);
-
- switch (SSL_get_error(ssl,ret))
- {
- case SSL_ERROR_WANT_READ:
- BIO_set_flags(b,
- BIO_FLAGS_READ|BIO_FLAGS_SHOULD_RETRY);
- break;
- case SSL_ERROR_WANT_WRITE:
- BIO_set_flags(b,
- BIO_FLAGS_WRITE|BIO_FLAGS_SHOULD_RETRY);
- break;
- case SSL_ERROR_WANT_CONNECT:
- BIO_set_flags(b,
- BIO_FLAGS_IO_SPECIAL|BIO_FLAGS_SHOULD_RETRY);
- b->retry_reason=b->next_bio->retry_reason;
- break;
- default:
- break;
- }
- break;
- case BIO_CTRL_DUP:
- dbio=(BIO *)ptr;
- if (dbio->ptr != NULL)
- SSL_free((SSL *)dbio->ptr);
- dbio->ptr=(char *)SSL_dup(ssl);
- ret=(dbio->ptr != NULL);
- break;
- default:
- return(0);
- break;
- }
- return(ret);
- }
-
-static int ssl_puts(bp,str)
-BIO *bp;
-char *str;
- {
- int n,ret;
-
- n=strlen(str);
- ret=BIO_write(bp,str,n);
- return(ret);
- }
-
-BIO *BIO_new_ssl(ctx,client)
-SSL_CTX *ctx;
-int client;
- {
- BIO *ret;
- SSL *ssl;
-
- if ((ret=BIO_new(BIO_f_ssl())) == NULL)
- return(NULL);
- if ((ssl=SSL_new(ctx)) == NULL)
- {
- BIO_free(ret);
- return(NULL);
- }
- if (client)
- SSL_set_connect_state(ssl);
- else
- SSL_set_accept_state(ssl);
-
- BIO_set_ssl(ret,ssl,BIO_CLOSE);
- return(ret);
- }
-
-int BIO_ssl_copy_session_id(t,f)
-BIO *t,*f;
- {
- t=BIO_find_type(t,BIO_TYPE_SSL);
- f=BIO_find_type(f,BIO_TYPE_SSL);
- if ((t == NULL) || (f == NULL))
- return(0);
- if ((t->ptr == NULL) || (f->ptr == NULL))
- return(0);
- SSL_copy_session_id((SSL *)t->ptr,(SSL *)f->ptr);
- return(1);
- }
-
-
+++ /dev/null
-#!/bin/sh
-for i in BUILD_SSLV23 BUILD_SSLV2 BUILD_SSLV3 BUILD_SSL_COMMON BUILD_SSL_BIO BUILD_SSL_OPTIONAL
-do
-time gcc -D$i -o $i.o -c -I. -I../include -O3 -fomit-frame-pointer ssl.c
-done
-
+++ /dev/null
-
-Must do a
-SSL_init_eay_ciphers();
-before calls to SSL_CTX_new()
-
-SSL_CTX *SSL_CTX_new(void ) -> SSL_CTX *SSL_CTX_new(SSL_METHOD *meth);
-
-SSL_CTX_set_cert_verify_cb -> the callback is now
-int callback(char *arg,SSL *s,X509 *xs,STACK *cert_chain);
-where the 'cert_chain' has been added.
+++ /dev/null
-22 Jun 1996
-This file belongs in ../apps, but I'll leave it here because it deals
-with SSL :-) It is rather dated but it gives you an idea of how
-things work.
-===
-
-17 Jul 1995
-I have been changing things quite a bit and have not fully updated
-this file, so take what you read with a grain of salt
-eric
-===
-The s_client and s_server programs can be used to test SSL capable
-IP/port addresses and the verification of the X509 certificates in use
-by these services. I strongly advise having a look at the code to get
-an idea of how to use the authentication under SSLeay. Any feedback
-on changes and improvements would be greatly accepted.
-
-This file will probably be gibberish unless you have read
-rfc1421, rfc1422, rfc1423 and rfc1424 which describe PEM
-authentication.
-
-A Brief outline (and examples) how to use them to do so.
-
-NOTE:
-The environment variable SSL_CIPER is used to specify the prefered
-cipher to use, play around with setting it's value to combinations of
-RC4-MD5, EXP-RC4-MD5, CBC-DES-MD5, CBC3-DES-MD5, CFB-DES-NULL
-in a : separated list.
-
-This directory contains 3 X509 certificates which can be used by these programs.
-client.pem: a file containing a certificate and private key to be used
- by s_client.
-server.pem :a file containing a certificate and private key to be used
- by s_server.
-eay1024.pem:the certificate used to sign client.pem and server.pem.
- This would be your CA's certificate. There is also a link
- from the file a8556381.0 to eay1024.PEM. The value a8556381
- is returned by 'x509 -hash -noout <eay1024.pem' and is the
- value used by X509 verification routines to 'find' this
- certificte when search a directory for it.
- [the above is not true any more, the CA cert is
- ../certs/testca.pem which is signed by ../certs/mincomca.pem]
-
-When testing the s_server, you may get
-bind: Address already in use
-errors. These indicate the port is still being held by the unix
-kernel and you are going to have to wait for it to let go of it. If
-this is the case, remember to use the port commands on the s_server and
-s_client to talk on an alternative port.
-
-=====
-s_client.
-This program can be used to connect to any IP/hostname:port that is
-talking SSL. Once connected, it will attempt to authenticate the
-certificate it was passed and if everything works as expected, a 2
-directional channel will be open. Any text typed will be sent to the
-other end. type Q<cr> to exit. Flags are as follows.
--host arg : Arg is the host or IP address to connect to.
--port arg : Arg is the port to connect to (https is 443).
--verify arg : Turn on authentication of the server certificate.
- : Arg specifies the 'depth', this will covered below.
--cert arg : The optional certificate to use. This certificate
- : will be returned to the server if the server
- : requests it for client authentication.
--key arg : The private key that matches the certificate
- : specified by the -cert option. If this is not
- : specified (but -cert is), the -cert file will be
- : searched for the Private key. Both files are
- : assumed to be in PEM format.
--CApath arg : When to look for certificates when 'verifying' the
- : certificate from the server.
--CAfile arg : A file containing certificates to be used for
- : 'verifying' the server certificate.
--reconnect : Once a connection has been made, drop it and
- : reconnect with same session-id. This is for testing :-).
-
-The '-verify n' parameter specifies not only to verify the servers
-certificate but to also only take notice of 'n' levels. The best way
-to explain is to show via examples.
-Given
-s_server -cert server.PEM is running.
-
-s_client
- CONNECTED
- depth=0 /C=AU/SOP=QLD/O=Mincom Pty. Ltd./OU=CS/CN=SSLeay demo server
- issuer= /C=AU/SOP=QLD/O=Mincom Pty. Ltd./OU=CS/CN=CA
- verify error:num=1:unable to get issuer certificate
- verify return:1
- CIPHER is CBC-DES-MD5
-What has happened is that the 'SSLeay demo server' certificate's
-issuer ('CA') could not be found but because verify is not on, we
-don't care and the connection has been made anyway. It is now 'up'
-using CBC-DES-MD5 mode. This is an unauthenticate secure channel.
-You may not be talking to the right person but the data going to them
-is encrypted.
-
-s_client -verify 0
- CONNECTED
- depth=0 /C=AU/SOP=QLD/O=Mincom Pty. Ltd./OU=CS/CN=SSLeay demo server
- issuer= /C=AU/SOP=QLD/O=Mincom Pty. Ltd./OU=CS/CN=CA
- verify error:num=1:unable to get issuer certificate
- verify return:1
- CIPHER is CBC-DES-MD5
-We are 'verifying' but only to depth 0, so since the 'SSLeay demo server'
-certificate passed the date and checksum, we are happy to proceed.
-
-s_client -verify 1
- CONNECTED
- depth=0 /C=AU/SOP=QLD/O=Mincom Pty. Ltd./OU=CS/CN=SSLeay demo server
- issuer= /C=AU/SOP=QLD/O=Mincom Pty. Ltd./OU=CS/CN=CA
- verify error:num=1:unable to get issuer certificate
- verify return:0
- ERROR
- verify error:unable to get issuer certificate
-In this case we failed to make the connection because we could not
-authenticate the certificate because we could not find the
-'CA' certificate.
-
-s_client -verify 1 -CAfile eay1024.PEM
- CONNECTED
- depth=0 /C=AU/SOP=QLD/O=Mincom Pty. Ltd./OU=CS/CN=SSLeay demo server
- verify return:1
- depth=1 /C=AU/SOP=QLD/O=Mincom Pty. Ltd./OU=CS/CN=CA
- verify return:1
- CIPHER is CBC-DES-MD5
-We loaded the certificates from the file eay1024.PEM. Everything
-checked out and so we made the connection.
-
-s_client -verify 1 -CApath .
- CONNECTED
- depth=0 /C=AU/SOP=QLD/O=Mincom Pty. Ltd./OU=CS/CN=SSLeay demo server
- verify return:1
- depth=1 /C=AU/SOP=QLD/O=Mincom Pty. Ltd./OU=CS/CN=CA
- verify return:1
- CIPHER is CBC-DES-MD5
-We looked in out local directory for issuer certificates and 'found'
-a8556381.0 and so everything is ok.
-
-It is worth noting that 'CA' is a self certified certificate. If you
-are passed one of these, it will fail to 'verify' at depth 0 because
-we need to lookup the certifier of a certificate from some information
-that we trust and keep locally.
-
-SSL_CIPHER=CBC3-DES-MD5:RC4-MD5
-export SSL_CIPHER
-s_client -verify 10 -CApath . -reconnect
- CONNECTED
- depth=0 /C=AU/SOP=QLD/O=Mincom Pty. Ltd./OU=CS/CN=SSLeay demo server
- verify return:1
- depth=1 /C=AU/SOP=QLD/O=Mincom Pty. Ltd./OU=CS/CN=CA
- verify return:1
- drop the connection and reconnect with the same session id
- CIPHER is CBC3-DES-MD5
-This has done a full connection and then re-estabished it with the
-same session id but a new socket. No RSA stuff occures on the second
-connection. Note that we said we would prefer to use CBC3-DES-MD5
-encryption and so, since the server supports it, we are.
-
-=====
-s_server
-This program accepts SSL connections on a specified port
-Once connected, it will estabish an SSL connection and optionaly
-attempt to authenticate the client. A 2 directional channel will be
-open. Any text typed will be sent to the other end. Type Q<cr> to exit.
-Flags are as follows.
--port arg : Arg is the port to listen on.
--verify arg : Turn on authentication of the client if they have a
- : certificate. Arg specifies the 'depth'.
--Verify arg : Turn on authentication of the client. If they don't
- : have a valid certificate, drop the connection.
--cert arg : The certificate to use. This certificate
- : will be passed to the client. If it is not
- : specified, it will default to server.PEM
--key arg : The private key that matches the certificate
- : specified by the -cert option. If this is not
- : specified (but -cert is), the -cert file will be
- : searched for the Private key. Both files are
- : assumed to be in PEM format. Default is server.PEM
--CApath arg : When to look for certificates when 'verifying' the
- : certificate from the client.
--CAfile arg : A file containing certificates to be used for
- : 'verifying' the client certificate.
-
-For the following 'demo' I will specify the s_server command and
-the s_client command and then list the output from the s_server.
-s_server
-s_client
- CONNECTED
- CIPHER is CBC-DES-MD5
-Everything up and running
-
-s_server -verify 0
-s_client
- CONNECTED
- CIPHER is CBC-DES-MD5
-Ok since no certificate was returned and we don't care.
-
-s_server -verify 0
-./s_client -cert client.PEM
- CONNECTED
- depth=0 /C=AU/SOP=QLD/O=Mincom Pty. Ltd./OU=CS/CN=SSLeay demo client
- issuer= /C=AU/SOP=QLD/O=Mincom Pty. Ltd./OU=CS/CN=CA
- verify error:num=1:unable to get issuer certificate
- verify return:1
- CIPHER is CBC-DES-MD5
-Ok since we were only verifying to level 0
-
-s_server -verify 4
-s_client -cert client.PEM
- CONNECTED
- depth=0 /C=AU/SOP=QLD/O=Mincom Pty. Ltd./OU=CS/CN=SSLeay demo client
- issuer= /C=AU/SOP=QLD/O=Mincom Pty. Ltd./OU=CS/CN=CA
- verify error:num=1:unable to get issuer certificate
- verify return:0
- ERROR
- verify error:unable to get issuer certificate
-Bad because we could not authenticate the returned certificate.
-
-s_server -verify 4 -CApath .
-s_client -cert client.PEM
- CONNECTED
- depth=0 /C=AU/SOP=QLD/O=Mincom Pty. Ltd./OU=CS/CN=SSLeay demo client
- verify return:1
- depth=1 /C=AU/SOP=QLD/O=Mincom Pty. Ltd./OU=CS/CN=CA
- verify return:1
- CIPHER is CBC-DES-MD5
-Ok because we could authenticate the returned certificate :-).
-
-s_server -Verify 0 -CApath .
-s_client
- CONNECTED
- ERROR
- SSL error:function is:REQUEST_CERTIFICATE
- :error is :client end did not return a certificate
-Error because no certificate returned.
-
-s_server -Verify 4 -CApath .
-s_client -cert client.PEM
- CONNECTED
- depth=0 /C=AU/SOP=QLD/O=Mincom Pty. Ltd./OU=CS/CN=SSLeay demo client
- verify return:1
- depth=1 /C=AU/SOP=QLD/O=Mincom Pty. Ltd./OU=CS/CN=CA
- verify return:1
- CIPHER is CBC-DES-MD5
-Full authentication of the client.
-
-So in summary to do full authentication of both ends
-s_server -Verify 9 -CApath .
-s_client -cert client.PEM -CApath . -verify 9
-From the server side
- CONNECTED
- depth=0 /C=AU/SOP=QLD/O=Mincom Pty. Ltd./OU=CS/CN=SSLeay demo client
- verify return:1
- depth=1 /C=AU/SOP=QLD/O=Mincom Pty. Ltd./OU=CS/CN=CA
- verify return:1
- CIPHER is CBC-DES-MD5
-From the client side
- CONNECTED
- depth=0 /C=AU/SOP=QLD/O=Mincom Pty. Ltd./OU=CS/CN=SSLeay demo server
- verify return:1
- depth=1 /C=AU/SOP=QLD/O=Mincom Pty. Ltd./OU=CS/CN=CA
- verify return:1
- CIPHER is CBC-DES-MD5
-
-For general probing of the 'internet https' servers for the
-distribution area, run
-s_client -host www.netscape.com -port 443 -verify 4 -CApath ../rsa/hash
-Then enter
-GET /
-and you should be talking to the https server on that host.
-
-www.rsa.com was refusing to respond to connections on 443 when I was
-testing.
-
-have fun :-).
-
-eric
projects / openssl.git / commitdiff