# MD5_ASM use some extra md5 assember,
# SHA1_ASM use some extra sha1 assember, must define L_ENDIAN for x86
# RMD160_ASM use some extra ripemd160 assember,
-# BN_ASM use some extra bn assember,
$x86_gcc_des="DES_PTR DES_RISC1 DES_UNROLL";
$bits1="THIRTY_TWO_BIT ";
$bits2="SIXTY_FOUR_BIT ";
-$x86_sol_asm="asm/bn86-sol.o:asm/dx86-sol.o asm/yx86-sol.o:asm/bx86-sol.o:asm/mx86-sol.o:asm/sx86-sol.o:asm/cx86-sol.o:asm/rx86-sol.o:asm/rm86-sol.o:asm/r586-sol.o";
-$x86_elf_asm="asm/bn86-elf.o:asm/dx86-elf.o asm/yx86-elf.o:asm/bx86-elf.o:asm/mx86-elf.o:asm/sx86-elf.o:asm/cx86-elf.o:asm/rx86-elf.o:asm/rm86-elf.o:asm/r586-elf.o";
-$x86_out_asm="asm/bn86-out.o:asm/dx86-out.o asm/yx86-out.o:asm/bx86-out.o:asm/mx86-out.o:asm/sx86-out.o:asm/cx86-out.o:asm/rx86-out.o:asm/rm86-out.o:asm/r586-out.o";
-$x86_bsdi_asm="asm/bn86bsdi.o:asm/dx86bsdi.o asm/yx86bsdi.o:asm/bx86bsdi.o:asm/mx86bsdi.o:asm/sx86bsdi.o:asm/cx86bsdi.o:asm/rx86bsdi.o:asm/rm86bsdi.o:asm/r586bsdi.o";
+$x86_sol_asm="asm/bn86-sol.o asm/co86-sol.o:asm/dx86-sol.o asm/yx86-sol.o:asm/bx86-sol.o:asm/mx86-sol.o:asm/sx86-sol.o:asm/cx86-sol.o:asm/rx86-sol.o:asm/rm86-sol.o:asm/r586-sol.o";
+$x86_elf_asm="asm/bn86-elf.o asm/co86-elf.o:asm/dx86-elf.o asm/yx86-elf.o:asm/bx86-elf.o:asm/mx86-elf.o:asm/sx86-elf.o:asm/cx86-elf.o:asm/rx86-elf.o:asm/rm86-elf.o:asm/r586-elf.o";
+$x86_out_asm="asm/bn86-out.o asm/co86-out.o:asm/dx86-out.o asm/yx86-out.o:asm/bx86-out.o:asm/mx86-out.o:asm/sx86-out.o:asm/cx86-out.o:asm/rx86-out.o:asm/rm86-out.o:asm/r586-out.o";
+$x86_bsdi_asm="asm/bn86bsdi.o asm/co86bsdi.o:asm/dx86bsdi.o asm/yx86bsdi.o:asm/bx86bsdi.o:asm/mx86bsdi.o:asm/sx86bsdi.o:asm/cx86bsdi.o:asm/rx86bsdi.o:asm/rm86bsdi.o:asm/r586bsdi.o";
# -DB_ENDIAN slows things down on a sparc for md5, but helps sha1.
# So the md5_locl.h file has an undef B_ENDIAN if sun is defined
# A few of my development configs
"purify", "purify gcc:-g -DPURIFY -Wall:-lsocket -lnsl::::",
-"debug", "gcc:-DREF_CHECK -DCRYPTO_MDEBUG -ggdb -g2 -Wformat -Wshadow -Wmissing-prototypes -Wmissing-declarations -Werror:::::",
+"debug", "gcc:-DBN_DEBUG -DREF_CHECK -DCRYPTO_MDEBUG -ggdb -g2 -Wformat -Wshadow -Wmissing-prototypes -Wmissing-declarations -Werror:-lefence::::",
"dist", "cc:-O -DNOPROTO::::",
# Basic configs that should work on any box
# My solaris setups
-"solaris-x86-gcc","gcc:-O3 -fomit-frame-pointer -m486 -Wall -DL_ENDIAN -DBN_ASM:-lsocket -lnsl:BN_LLONG $x86_gcc_des $x86_gcc_opts:$x86_sol_asm:",
+"solaris-x86-gcc","gcc:-O3 -fomit-frame-pointer -m486 -Wall -DL_ENDIAN:-lsocket -lnsl:BN_LLONG $x86_gcc_des $x86_gcc_opts:$x86_sol_asm",
"solaris-sparc-gcc","gcc:-O3 -fomit-frame-pointer -mv8 -Wall -DB_ENDIAN:-lsocket -lnsl:BN_LLONG RC4_CHAR DES_UNROLL BF_PTR:::",
# DO NOT use /xO[34] on sparc with SC3.0.
# It is broken, and will not pass the tests
# SGI configurations. If the box is rather old (r3000 cpu), you will
# probably have to remove the '-mips2' flag. I've only been using
# IRIX 5.[23].
-#"irix-gcc","gcc:-O2 -mips2::BN_LLONG RC4_INDEX RC4_CHAR:::",
-"irix-gcc","gcc:-O2 -DTERMIOS -DB_ENDIAN::BN_LLONG MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC2 DES_PTR BF_PTR:::",
-"irix-cc", "cc:-O2 -DTERMIOS -DB_ENDIAN::DES_PTR DES_RISC2 DES_UNROLL BF_PTR:asm/r3000.o::",
+# I've recently done 32 and 64 bit mips assember, it make this RSA
+# 3 times faster, use if at all possible.
+#"irix-gcc","gcc:-O2 -mips2::SIXTY_FOUR_BIT BN_LLONG RC4_INDEX RC4_CHAR:::",
+"irix-gcc","gcc:-O2 -DTERMIOS -DB_ENDIAN::BN_LLONG MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC2 DES_PTR BF_PTR:asm/mips1.o::",
+"irix64-gcc","gcc:-mips3 -O2 -DTERMIOS -DB_ENDIAN::MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC2 DES_PTR BF_PTR SIXTY_FOUR_BIT:asm/mips3.o::",
+"irix-cc", "cc:-O2 -use_readonly_const -DTERMIOS -DB_ENDIAN::BN_LLONG DES_PTR DES_RISC2 DES_UNROLL BF_PTR:asm/mips1.o::",
+"irix64-cc", "cc:-O2 -use_readonly_const -DTERMIOS -DB_ENDIAN::DES_PTR DES_RISC2 DES_UNROLL BF_PTR SIXTY_FOUR_BIT:asm/mips3.o::",
"debug-irix-cc", "cc:-w2 -g -DCRYPTO_MDEBUG -DTERMIOS -DB_ENDIAN:::asm/r3000.o::",
+# This is the n64 mode build.
+"irix-n64-cc", "cc:-64 -O2 -use_readonly_const -DTERMIOS::DES_RISC2 DES_UNROLL SIXTY_FOUR_BIT:asm/mips3_64.o::",
# HPUX config. I've been building on HPUX 9, so the options may be
# different on version 10. The pa-risc2.o assember file is 2 times
"hpux-kr-cc", "cc:-DB_ENDIAN -DNOCONST -DNOPROTO -D_HPUX_SOURCE::DES_PTR DES_UNROLL:asm/pa-risc2.o::",
"hpux-gcc", "gcc:-DB_ENDIAN -O3::BN_LLONG DES_PTR DES_UNROLL DES_RISC1:::",
-# Dec Alpha, OSF/1 - the alpha400-cc is the flags for a 21164A with
+# Dec Alpha, OSF/1 - the alpha164-cc is the flags for a 21164A with
# the new compiler
-"alpha-gcc","gcc:-O3::SIXTY_FOUR_BIT_LONGS DES_INT DES_PTR DES_RISC2:asm/alpha.o::",
-"alpha-cc", "cc:-O2::SIXTY_FOUR_BIT_LONGS DES_INT DES_PTR DES_RISC2:asm/alpha.o::",
-"alpha400-cc", "cc:-arch host -tune host -fast -std -O4 -inline speed::SIXTY_FOUR_BIT_LONG:asm/alpha.o::",
+# For gcc, the following gave a %50 speedup on a 164 over the 'DES_INT' version
+"alpha-gcc","gcc:-O3::SIXTY_FOUR_BIT_LONG DES_UNROLL DES_RISC1:asm/alpha.o::",
+"alpha-cc", "cc:-tune host -O4 -readonly_strings::SIXTY_FOUR_BIT_LONG:asm/alpha.o::",
+"alpha164-cc", "cc:-tune host -fast -readonly_strings::SIXTY_FOUR_BIT_LONG:asm/alpha.o::",
# The intel boxes :-), It would be worth seeing if bsdi-gcc can use the
# bn86-elf.o file file since it is hand tweaked assembler.
-"linux-elf", "gcc:-DL_ENDIAN -DTERMIO -DBN_ASM -O3 -fomit-frame-pointer -m486 -Wall -Wuninitialized::BN_LLONG $x86_gcc_des $x86_gcc_opts:$x86_elf_asm",
-"debug-linux-elf","gcc:-DREF_CHECK -DBN_ASM -DCRYPTO_MDEBUG -DL_ENDIAN -DTERMIO -g -m486 -Wall:-lefence:BN_LLONG $x86_gcc_des $x86_gcc_opts:$x86_elf_asm",
-"linux-aout", "gcc:-DL_ENDIAN -DTERMIO -DBN_ASM -O3 -fomit-frame-pointer -m486 -Wall::BN_LLONG $x86_gcc_des $x86_gcc_opts:$x86_out_asm",
+"linux-elf", "gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -m486 -Wall -Wuninitialized::BN_LLONG $x86_gcc_des $x86_gcc_opts:$x86_elf_asm",
+"debug-linux-elf","gcc:-DREF_CHECK -DCRYPTO_MDEBUG -DL_ENDIAN -DTERMIO -g -m486 -Wall:-lefence:BN_LLONG $x86_gcc_des $x86_gcc_opts:$x86_elf_asm",
+"linux-aout", "gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -m486 -Wall::BN_LLONG $x86_gcc_des $x86_gcc_opts:$x86_out_asm",
"NetBSD-sparc", "gcc:-DTERMIOS -O3 -fomit-frame-pointer -mv8 -Wall -DB_ENDIAN::BN_LLONG MD2_CHAR RC4_INDEX DES_UNROLL:::",
-"NetBSD-m86", "gcc:-DTERMIOS -O3 -fomit-frame-pointer -Wall -DB_ENDIAN::BN_LLONG MD2_CHAR RC4_INDEX DES_UNROLL:::",
-"NetBSD-x86", "gcc:-DTERMIOS -DBN_ASM -D_ANSI_SOURCE -O3 -fomit-frame-pointer -m486 -Wall::BN_LLONG $x86_gcc_des $x86_gcc_opts:",
-"FreeBSD", "gcc:-DTERMIOS -DBN_ASM -DL_ENDIAN -D_ANSI_SOURCE -fomit-frame-pointer -O3 -m486 -Wall::BN_LLONG $x86_gcc_des $x86_gcc_opts:$x86_out_asm",
-#"bsdi-gcc", "gcc:-O3 -ffast-math -DBN_ASM -DL_ENDIAN -DPERL5 -m486::RSA_LLONG $x86_gc_des $x86_gcc_opts:$x86_bsdi_asm",
-"nextstep", "cc:-O3 -Wall -DBN_ASM::BN_LLONG $x86_gcc_des $x86_gcc_opts:::",
+"NetBSD-m68", "gcc:-DTERMIOS -O3 -fomit-frame-pointer -Wall -DB_ENDIAN::BN_LLONG MD2_CHAR RC4_INDEX DES_UNROLL:::",
+"NetBSD-x86", "gcc:-DTERMIOS -D_ANSI_SOURCE -O3 -fomit-frame-pointer -m486 -Wall::BN_LLONG $x86_gcc_des $x86_gcc_opts:",
+"FreeBSD", "gcc:-DTERMIOS -DL_ENDIAN -D_ANSI_SOURCE -fomit-frame-pointer -O3 -m486 -Wall::BN_LLONG $x86_gcc_des $x86_gcc_opts:$x86_out_asm",
+#"bsdi-gcc", "gcc:-O3 -ffast-math -DL_ENDIAN -DPERL5 -m486::RSA_LLONG $x86_gc_des $x86_gcc_opts:$x86_bsdi_asm",
+"nextstep", "cc:-O3 -Wall::BN_LLONG $x86_gcc_des $x86_gcc_opts:::",
# NCR MP-RAS UNIX ver 02.03.01
"ncr-scde","cc:-O6 -Xa -Hoff=BEHAVED -686 -Hwide -Hiw:-lsocket -lnsl:$x86_gcc_des $x86_gcc_opts:::",
# DGUX, 88100.
"dgux-R3-gcc", "gcc:-O3 -fomit-frame-pointer::RC4_INDEX DES_UNROLL:::",
"dgux-R4-gcc", "gcc:-O3 -fomit-frame-pointer:-lnsl -lsocket:RC4_INDEX:RC4_INDEX DES_UNROLL:::",
-"dgux-R4-x86-gcc", "gcc:-O3 -DBN_ASM -fomit-frame-pointer -DL_ENDIAN:-lnsl -lsocket:BN_LLONG $x86_gcc_des $x86_gcc_opts:$x86_elf_asm",
+"dgux-R4-x86-gcc", "gcc:-O3 -fomit-frame-pointer -DL_ENDIAN:-lnsl -lsocket:BN_LLONG $x86_gcc_des $x86_gcc_opts:$x86_elf_asm",
-# SCO 5
-"sco5-cc", "cc:-O:-lsocket:$x86_gcc_des $x86_gcc_opts:::", # des options?
+# SCO 5 - Ben Laurie <ben@algroup.co.uk> says the -O breaks the
+# SCO cc.
+"sco5-cc", "cc::-lsocket:$x86_gcc_des $x86_gcc_opts:::", # des options?
# Sinix RM400
"SINIX-N","/usr/ucb/cc:-O2 -misaligned:-lucb:RC4_INDEX RC4_CHAR:::",
# Borland C++ 4.5
"BC-32","bcc32:::DES_PTR RC4_INDEX:::",
"BC-16","bcc:::BN_LLONG DES_PTR RC4_INDEX SIXTEEN_BIT:::",
+
+# Our old Ultrix box :-). -O2 breaks some of the bignum stuff (now fixed,
+# it is a compiler bug, look in bug/ultrixcc.c for example code.
+"ultrix","cc:-O2 -DNOPROTO -DNOCONST -DL_ENDIAN:::asm/mips1.o:::",
+
+# Some OpenBSD from Bob Beck <beck@obtuse.com>
+"OpenBSD-alpha","gcc:-DTERMIOS -O3 -fomit-frame-pointer:SIXTY_FOUR_BIT_LONG DES_INT DES_PTR DES_RISC2:asm/alpha.o::",
+"OpenBSD-x86", "gcc:-DL_ENDIAN -DTERMIOS -O3 -fomit-frame-pointer -m486::BN_LLONG $x86_gcc_des $x86_gcc_opts:$x86_out_asm",
+"OpenBSD", "gcc:-DTERMIOS -O3 -fomit-frame-pointer::BN_LLONG RC2_CHAR RC4_INDEX DES_UNROLL:::",
+"OpenBSD-mips","gcc:-O2 -DL_ENDIAN:BN_LLONG MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC2 DES_PTR BF_PTR::::",
);
+$no_asm=0;
$postfix="org";
$Makefile="Makefile.ssl";
$des_locl="crypto/des/des_locl.h";
$idea ="crypto/idea/idea.h";
$rc2 ="crypto/rc2/rc2.h";
$bf ="crypto/bf/bf_locl.h";
-$bn_mulw="bn_mulw.o";
+$bn_asm ="bn_asm.o";
$des_enc="des_enc.o fcrypt_b.o";
$bf_enc ="bf_enc.o";
$cast_enc="c_enc.o";
$flags="";
foreach (@ARGV)
{
- if ($_ =~ /^-/)
+ if ($_ =~ /^no-asm$/)
+ { $no_asm=1; }
+ elsif ($_ =~ /^-/)
{
if ($_ =~ /^-[lL](.*)$/)
{
$cflags="$flags$cflags" if ($flags ne "");
$lflags="$libs$lflags"if ($libs ne "");
-$bn_obj=$bn_mulw unless ($bn_obj =~ /\.o$/);
+if ($no_asm)
+ {
+ $bn_obj=$des_obj=$bf_obj=$cast_obj=$rc4_obj=$rc5_obj="";
+ $sha1_obj=$md5_obj=$rmd160_obj="";
+ }
+
+($bn1)=split(/\s+/,$bn_obj);
+$bn1=$bn_asm unless ($bn1 =~ /\.o$/);
+$bn_obj="$bn1";
+
$des_obj=$des_enc unless ($des_obj =~ /\.o$/);
$bf_obj=$bf_enc unless ($bf_obj =~ /\.o$/);
$cast_obj=$cast_enc unless ($cast_obj =~ /\.o$/);
while (<IN>)
{
chop;
+ s/^PLATFORM=.*$/PLATFORM=$target/;
s/^CC=.*$/CC= $cc/;
s/^CFLAG=.*$/CFLAG= $cflags/;
s/^EX_LIBS=.*$/EX_LIBS= $lflags/;
--- /dev/null
+- A minor bug in ssl/s3_clnt.c where there would always be 4 0 bytes
+ sent in the client random, thanks to
+ Edward Bishop <ebishop@spyglass.com>
+- Changed some BIGNUM api stuff.
+
+- I Deleted the HISTORY.090 I was working on and when I found out, it was
+ permanently gone :-(
have fun
eric 25-Jun-1997
+
+IRIX 5.x will build as a 32 bit system with mips1 assember.
+IRIX 6.x will build as a 64 bit system with mips3 assember. It conforms
+to n32 standards. In theory you can compile the 64 bit assember under
+IRIX 5.x but you will have to have the correct system software installed.
AR=ar r
BASENAME=SSLeay
BF_ENC=bf_enc.o
-BN_MULW=bn_mulw.o
+BN_ASM=bn_asm.o
CAST_ENC=c_enc.o
-CC=cc
-CFLAG=-O -DNOPROTO
+CC=cl
+CFLAG=
DES_ENC=des_enc.o fcrypt_b.o
DIRS=crypto ssl rsaref apps test tools
-EDIRS=times doc bugs util include certs ms shlib mt demos perl dep
+EDIRS=times doc bugs util include certs ms shlib mt demos perl sf dep
EXHEADER=e_os.h
EX_LIBS=
GENERAL=Makefile
MAN1=1
MAN3=3
MD5_ASM_OBJ=
-MISC=COPYRIGHT Configure HISTORY.066 INSTALL Makefile.ssl Makefile README TODO HISTORY README.066 README.080 README.090 VERSION PROBLEMS MINFO makefile.one e_os.h MICROSOFT makevms.com config PATENTS
-NAME=SSLeay-0.9.0
+MISC=COPYRIGHT Configure HISTORY.090 HISTORY.066 INSTALL Makefile.ssl Makefile README TODO HISTORY README.066 README.080 README.090 VERSION PROBLEMS MINFO makefile.one e_os.h MICROSOFT makevms.com config PATENTS
+NAME=SSLeay-0.9.1b
ONEDIRS=out tmp
PEX_LIBS=-L. -L.. -L../.. -L../../..
+PLATFORM=VC-WIN32
RC4_ENC=rc4_enc.o
RC5_ENC=rc5_enc.o
RMD160_ASM_OBJ=
-SDIRS=md2 md5 sha mdc2 hmac ripemd des rc2 rc4 rc5 idea bf cast bn rsa dsa dh buffer bio stack lhash rand err objects evp pem asn1 x509 conf txt_db pkcs7
+SDIRS=md2 md5 sha mdc2 hmac ripemd des rc2 rc4 rc5 idea bf cast bn rsa dsa dh buffer bio stack lhash rand err objects evp pem asn1 x509 conf txt_db pkcs7 proxy comp
SHA1_ASM_OBJ=
SHELL=/bin/sh
-TARFILE=SSLeay-0.9.0.tar
+TARFILE=SSLeay-0.9.1b.tar
TOP=.
-VERSION=0.9.0
+VERSION=0.9.1b
WDIRS=windows
-WTARFILE=SSLeay-0.9.0-win.tar
+WTARFILE=SSLeay-0.9.1b-win.tar
RELATIVE_DIRECTORY=
RELATIVE_DIRECTORY=crypto
-ALL=Makefile README cryptlib.c mem.c cversion.c ex_data.c cpt_err.c cryptlib.h date.h crypto.h cryptall.h
+ALL=Makefile README cryptlib.c mem.c cversion.c ex_data.c tmdiff.c cpt_err.c cryptlib.h date.h crypto.h cryptall.h tmdiff.h
AR=ar r
CC=cc
CFLAG=-g
-CFLAGS=-I. -I../include -g -DCFLAGS=" \"cc -g\" "
+CFLAGS=-I. -I../include -g -DCFLAGS=" \"cc -g\" " -DPLATFORM=" \"\" "
DIR=crypto
ERR=crypto
ERRC=cpt_err
-EXHEADER=crypto.h cryptall.h
+EXHEADER=crypto.h cryptall.h tmdiff.h
EX_LIBS=
GENERAL=Makefile README
-HEADER=cryptlib.h date.h crypto.h cryptall.h
+HEADER=cryptlib.h date.h crypto.h cryptall.h tmdiff.h
INCLUDE=-I. -I../include
INCLUDES=-I.. -I../../include
INSTALLTOP=/usr/local/ssl
LIB=../libcrypto.a
-LIBOBJ=cryptlib.o mem.o cversion.o ex_data.o cpt_err.o
+LIBOBJ=cryptlib.o mem.o cversion.o ex_data.o tmdiff.o cpt_err.o
LIBS=
-LIBSRC=cryptlib.c mem.c cversion.c ex_data.c cpt_err.c
+LIBSRC=cryptlib.c mem.c cversion.c ex_data.c tmdiff.c cpt_err.c
MAKE=make -f Makefile.ssl
MAKEDEPEND=makedepend -f Makefile.ssl
MAKEFILE=Makefile.ssl
PEX_LIBS=
RM=/bin/rm -f
-SDIRS=md2 md5 sha mdc2 hmac ripemd des rc2 rc4 rc5 idea bf cast bn rsa dsa dh buffer bio stack lhash rand err objects evp pem x509 asn1 conf txt_db pkcs7
-SRC=cryptlib.c mem.c cversion.c ex_data.c cpt_err.c
+SDIRS=md2 md5 sha mdc2 hmac ripemd des rc2 rc4 rc5 idea bf cast bn rsa dsa dh buffer bio stack lhash rand err objects evp pem x509 asn1 conf txt_db pkcs7 proxy comp
+SRC=cryptlib.c mem.c cversion.c ex_data.c tmdiff.c cpt_err.c
TOP=..
RELATIVE_DIRECTORY=
RELATIVE_DIRECTORY=crypto/md2
TOP=../..
RELATIVE_DIRECTORY=
RELATIVE_DIRECTORY=crypto/bn
-ALL=Makefile bn_add.c bn_div.c bn_exp.c bn_lib.c bn_mod.c bn_mul.c bn_print.c bn_rand.c bn_shift.c bn_sub.c bn_word.c bn_blind.c bn_gcd.c bn_prime.c bn_err.c bn_sqr.c bn_mulw.c bn_recp.c bn_mont.c bn_mpi.c bn_lcl.h bn_prime.h bn.h
+ALL=Makefile bn_add.c bn_div.c bn_exp.c bn_lib.c bn_mul.c bn_print.c bn_rand.c bn_shift.c bn_word.c bn_blind.c bn_gcd.c bn_prime.c bn_err.c bn_sqr.c bn_asm.c bn_recp.c bn_mont.c bn_mpi.c bn_exp2.c bn_lcl.h bn_prime.h bn.h
APPS=
AR=ar r
-BN_MULW=bn_mulw.o
+BN_ASM=bn_asm.o
CC=cc
CFLAG=-g
CFLAGS=-I.. -I../../include -g
INCLUDES=-I.. -I../../include
INSTALLTOP=/usr/local/ssl
LIB=../../libcrypto.a
-LIBOBJ=bn_add.o bn_div.o bn_exp.o bn_lib.o bn_mod.o bn_mul.o bn_print.o bn_rand.o bn_shift.o bn_sub.o bn_word.o bn_blind.o bn_gcd.o bn_prime.o bn_err.o bn_sqr.o bn_mulw.o bn_recp.o bn_mont.o bn_mpi.o
-LIBSRC=bn_add.c bn_div.c bn_exp.c bn_lib.c bn_mod.c bn_mul.c bn_print.c bn_rand.c bn_shift.c bn_sub.c bn_word.c bn_blind.c bn_gcd.c bn_prime.c bn_err.c bn_sqr.c bn_mulw.c bn_recp.c bn_mont.c bn_mpi.c
+LIBOBJ=bn_add.o bn_div.o bn_exp.o bn_lib.o bn_mul.o bn_print.o bn_rand.o bn_shift.o bn_word.o bn_blind.o bn_gcd.o bn_prime.o bn_err.o bn_sqr.o bn_asm.o bn_recp.o bn_mont.o bn_mpi.o bn_exp2.o
+LIBSRC=bn_add.c bn_div.c bn_exp.c bn_lib.c bn_mul.c bn_print.c bn_rand.c bn_shift.c bn_word.c bn_blind.c bn_gcd.c bn_prime.c bn_err.c bn_sqr.c bn_asm.c bn_recp.c bn_mont.c bn_mpi.c bn_exp2.c
MAKE=make -f Makefile.ssl
MAKEDEPEND=makedepend -f Makefile.ssl
MAKEFILE=Makefile.ssl
-SRC=bn_add.c bn_div.c bn_exp.c bn_lib.c bn_mod.c bn_mul.c bn_print.c bn_rand.c bn_shift.c bn_sub.c bn_word.c bn_blind.c bn_gcd.c bn_prime.c bn_err.c bn_sqr.c bn_mulw.c bn_recp.c bn_mont.c bn_mpi.c
+SRC=bn_add.c bn_div.c bn_exp.c bn_lib.c bn_mul.c bn_print.c bn_rand.c bn_shift.c bn_word.c bn_blind.c bn_gcd.c bn_prime.c bn_err.c bn_sqr.c bn_asm.c bn_recp.c bn_mont.c bn_mpi.c bn_exp2.c
TEST=bntest.c exptest.c
TOP=../..
RELATIVE_DIRECTORY=
TOP=../..
RELATIVE_DIRECTORY=
RELATIVE_DIRECTORY=crypto/bio
-ALL=Makefile bio_lib.c bio_cb.c bio_err.c bss_mem.c bss_null.c bss_fd.c bss_file.c bss_sock.c bss_conn.c bf_null.c bf_buff.c b_print.c b_dump.c b_sock.c bss_acpt.c bf_nbio.c bio.h bss_file.c
+ALL=Makefile bio_lib.c bio_cb.c bio_err.c bss_mem.c bss_null.c bss_fd.c bss_file.c bss_sock.c bss_conn.c bf_null.c bf_buff.c b_print.c b_dump.c b_sock.c bss_acpt.c bf_nbio.c bss_cs4a.c bio.h bss_file.c
APPS=
AR=ar r
CC=cc
INCLUDES=-I.. -I../../include
INSTALLTOP=/usr/local/ssl
LIB=../../libcrypto.a
-LIBOBJ=bio_lib.o bio_cb.o bio_err.o bss_mem.o bss_null.o bss_fd.o bss_file.o bss_sock.o bss_conn.o bf_null.o bf_buff.o b_print.o b_dump.o b_sock.o bss_acpt.o bf_nbio.o
-LIBSRC=bio_lib.c bio_cb.c bio_err.c bss_mem.c bss_null.c bss_fd.c bss_file.c bss_sock.c bss_conn.c bf_null.c bf_buff.c b_print.c b_dump.c b_sock.c bss_acpt.c bf_nbio.c
+LIBOBJ=bio_lib.o bio_cb.o bio_err.o bss_mem.o bss_null.o bss_fd.o bss_file.o bss_sock.o bss_conn.o bf_null.o bf_buff.o b_print.o b_dump.o b_sock.o bss_acpt.o bf_nbio.o bss_cs4a.o
+LIBSRC=bio_lib.c bio_cb.c bio_err.c bss_mem.c bss_null.c bss_fd.c bss_file.c bss_sock.c bss_conn.c bf_null.c bf_buff.c b_print.c b_dump.c b_sock.c bss_acpt.c bf_nbio.c bss_cs4a.c
MAKE=make -f Makefile.ssl
MAKEDEPEND=makedepend -f Makefile.ssl
MAKEFILE=Makefile.ssl
-SRC=bio_lib.c bio_cb.c bio_err.c bss_mem.c bss_null.c bss_fd.c bss_file.c bss_sock.c bss_conn.c bf_null.c bf_buff.c b_print.c b_dump.c b_sock.c bss_acpt.c bf_nbio.c
+SRC=bio_lib.c bio_cb.c bio_err.c bss_mem.c bss_null.c bss_fd.c bss_file.c bss_sock.c bss_conn.c bf_null.c bf_buff.c b_print.c b_dump.c b_sock.c bss_acpt.c bf_nbio.c bss_cs4a.c
TEST=
TOP=../..
RELATIVE_DIRECTORY=
TOP=../..
RELATIVE_DIRECTORY=
RELATIVE_DIRECTORY=crypto/rand
-ALL=Makefile md_rand.c randfile.c rand.h
+ALL=Makefile md_rand.c randfile.c rand_lib.c rand.h
APPS=
AR=ar r
CC=cc
INCLUDES=
INSTALLTOP=/usr/local/ssl
LIB=../../libcrypto.a
-LIBOBJ=md_rand.o randfile.o
-LIBSRC=md_rand.c randfile.c
+LIBOBJ=md_rand.o randfile.o rand_lib.o
+LIBSRC=md_rand.c randfile.c rand_lib.c
MAKE=make -f Makefile.ssl
MAKEDEPEND=makedepend -f Makefile.ssl
MAKEFILE=Makefile.ssl
-SRC=md_rand.c randfile.c
+SRC=md_rand.c randfile.c rand_lib.c
TEST=randtest.c
TOP=../..
RELATIVE_DIRECTORY=
TOP=../..
RELATIVE_DIRECTORY=
RELATIVE_DIRECTORY=crypto/objects
-ALL=Makefile README obj_dat.c obj_lib.c obj_err.c objects.h obj_dat.h
+ALL=Makefile README o_names.c obj_dat.c obj_lib.c obj_err.c objects.h obj_dat.h
APPS=
AR=ar r
CC=cc
INCLUDES=-I.. -I../../include
INSTALLTOP=/usr/local/ssl
LIB=../../libcrypto.a
-LIBOBJ=obj_dat.o obj_lib.o obj_err.o
-LIBSRC=obj_dat.c obj_lib.c obj_err.c
+LIBOBJ=o_names.o obj_dat.o obj_lib.o obj_err.o
+LIBSRC=o_names.c obj_dat.c obj_lib.c obj_err.c
MAKE=make -f Makefile.ssl
MAKEDEPEND=makedepend -f Makefile.ssl
MAKEFILE=Makefile.ssl
-SRC=obj_dat.c obj_lib.c obj_err.c
+SRC=o_names.c obj_dat.c obj_lib.c obj_err.c
TEST=
TOP=../..
RELATIVE_DIRECTORY=
TOP=../..
RELATIVE_DIRECTORY=
RELATIVE_DIRECTORY=crypto/asn1
-ALL=Makefile README a_object.c a_bitstr.c a_utctm.c a_int.c a_octet.c a_print.c a_type.c a_set.c a_dup.c a_d2i_fp.c a_i2d_fp.c a_sign.c a_digest.c a_verify.c x_algor.c x_val.c x_pubkey.c x_sig.c x_req.c x_attrib.c x_name.c x_cinf.c x_x509.c x_crl.c x_info.c x_spki.c d2i_r_pr.c i2d_r_pr.c d2i_r_pu.c i2d_r_pu.c d2i_s_pr.c i2d_s_pr.c d2i_s_pu.c i2d_s_pu.c d2i_pu.c d2i_pr.c i2d_pu.c i2d_pr.c t_req.c t_x509.c t_pkey.c p7_i_s.c p7_signi.c p7_signd.c p7_recip.c p7_enc_c.c p7_evp.c p7_dgst.c p7_s_e.c p7_enc.c p7_lib.c f_int.c f_string.c i2d_dhp.c i2d_dsap.c d2i_dhp.c d2i_dsap.c n_pkey.c a_hdr.c x_pkey.c a_bool.c x_exten.c asn1_par.c asn1_lib.c asn1_err.c a_meth.c a_bytes.c evp_asn1.c asn1.h asn1_mac.h
+ALL=Makefile README a_object.c a_bitstr.c a_utctm.c a_int.c a_octet.c a_print.c a_type.c a_set.c a_dup.c a_d2i_fp.c a_i2d_fp.c a_bmp.c a_sign.c a_digest.c a_verify.c x_algor.c x_val.c x_pubkey.c x_sig.c x_req.c x_attrib.c x_name.c x_cinf.c x_x509.c x_crl.c x_info.c x_spki.c d2i_r_pr.c i2d_r_pr.c d2i_r_pu.c i2d_r_pu.c d2i_s_pr.c i2d_s_pr.c d2i_s_pu.c i2d_s_pu.c d2i_pu.c d2i_pr.c i2d_pu.c i2d_pr.c t_req.c t_x509.c t_pkey.c p7_i_s.c p7_signi.c p7_signd.c p7_recip.c p7_enc_c.c p7_evp.c p7_dgst.c p7_s_e.c p7_enc.c p7_lib.c f_int.c f_string.c i2d_dhp.c i2d_dsap.c d2i_dhp.c d2i_dsap.c n_pkey.c a_hdr.c x_pkey.c a_bool.c x_exten.c asn1_par.c asn1_lib.c asn1_err.c a_meth.c a_bytes.c evp_asn1.c asn1.h asn1_mac.h
APPS=
AR=ar r
CC=cc
INCLUDES=-I.. -I../../include
INSTALLTOP=/usr/local/ssl
LIB=../../libcrypto.a
-LIBOBJ=a_object.o a_bitstr.o a_utctm.o a_int.o a_octet.o a_print.o a_type.o a_set.o a_dup.o a_d2i_fp.o a_i2d_fp.o a_sign.o a_digest.o a_verify.o x_algor.o x_val.o x_pubkey.o x_sig.o x_req.o x_attrib.o x_name.o x_cinf.o x_x509.o x_crl.o x_info.o x_spki.o d2i_r_pr.o i2d_r_pr.o d2i_r_pu.o i2d_r_pu.o d2i_s_pr.o i2d_s_pr.o d2i_s_pu.o i2d_s_pu.o d2i_pu.o d2i_pr.o i2d_pu.o i2d_pr.o t_req.o t_x509.o t_pkey.o p7_i_s.o p7_signi.o p7_signd.o p7_recip.o p7_enc_c.o p7_evp.o p7_dgst.o p7_s_e.o p7_enc.o p7_lib.o f_int.o f_string.o i2d_dhp.o i2d_dsap.o d2i_dhp.o d2i_dsap.o n_pkey.o a_hdr.o x_pkey.o a_bool.o x_exten.o asn1_par.o asn1_lib.o asn1_err.o a_meth.o a_bytes.o evp_asn1.o
-LIBSRC=a_object.c a_bitstr.c a_utctm.c a_int.c a_octet.c a_print.c a_type.c a_set.c a_dup.c a_d2i_fp.c a_i2d_fp.c a_sign.c a_digest.c a_verify.c x_algor.c x_val.c x_pubkey.c x_sig.c x_req.c x_attrib.c x_name.c x_cinf.c x_x509.c x_crl.c x_info.c x_spki.c d2i_r_pr.c i2d_r_pr.c d2i_r_pu.c i2d_r_pu.c d2i_s_pr.c i2d_s_pr.c d2i_s_pu.c i2d_s_pu.c d2i_pu.c d2i_pr.c i2d_pu.c i2d_pr.c t_req.c t_x509.c t_pkey.c p7_i_s.c p7_signi.c p7_signd.c p7_recip.c p7_enc_c.c p7_evp.c p7_dgst.c p7_s_e.c p7_enc.c p7_lib.c f_int.c f_string.c i2d_dhp.c i2d_dsap.c d2i_dhp.c d2i_dsap.c n_pkey.c a_hdr.c x_pkey.c a_bool.c x_exten.c asn1_par.c asn1_lib.c asn1_err.c a_meth.c a_bytes.c evp_asn1.c
+LIBOBJ=a_object.o a_bitstr.o a_utctm.o a_int.o a_octet.o a_print.o a_type.o a_set.o a_dup.o a_d2i_fp.o a_i2d_fp.o a_bmp.o a_sign.o a_digest.o a_verify.o x_algor.o x_val.o x_pubkey.o x_sig.o x_req.o x_attrib.o x_name.o x_cinf.o x_x509.o x_crl.o x_info.o x_spki.o d2i_r_pr.o i2d_r_pr.o d2i_r_pu.o i2d_r_pu.o d2i_s_pr.o i2d_s_pr.o d2i_s_pu.o i2d_s_pu.o d2i_pu.o d2i_pr.o i2d_pu.o i2d_pr.o t_req.o t_x509.o t_pkey.o p7_i_s.o p7_signi.o p7_signd.o p7_recip.o p7_enc_c.o p7_evp.o p7_dgst.o p7_s_e.o p7_enc.o p7_lib.o f_int.o f_string.o i2d_dhp.o i2d_dsap.o d2i_dhp.o d2i_dsap.o n_pkey.o a_hdr.o x_pkey.o a_bool.o x_exten.o asn1_par.o asn1_lib.o asn1_err.o a_meth.o a_bytes.o evp_asn1.o
+LIBSRC=a_object.c a_bitstr.c a_utctm.c a_int.c a_octet.c a_print.c a_type.c a_set.c a_dup.c a_d2i_fp.c a_i2d_fp.c a_bmp.c a_sign.c a_digest.c a_verify.c x_algor.c x_val.c x_pubkey.c x_sig.c x_req.c x_attrib.c x_name.c x_cinf.c x_x509.c x_crl.c x_info.c x_spki.c d2i_r_pr.c i2d_r_pr.c d2i_r_pu.c i2d_r_pu.c d2i_s_pr.c i2d_s_pr.c d2i_s_pu.c i2d_s_pu.c d2i_pu.c d2i_pr.c i2d_pu.c i2d_pr.c t_req.c t_x509.c t_pkey.c p7_i_s.c p7_signi.c p7_signd.c p7_recip.c p7_enc_c.c p7_evp.c p7_dgst.c p7_s_e.c p7_enc.c p7_lib.c f_int.c f_string.c i2d_dhp.c i2d_dsap.c d2i_dhp.c d2i_dsap.c n_pkey.c a_hdr.c x_pkey.c a_bool.c x_exten.c asn1_par.c asn1_lib.c asn1_err.c a_meth.c a_bytes.c evp_asn1.c
MAKE=make -f Makefile.ssl
MAKEDEPEND=makedepend -f Makefile.ssl
MAKEFILE=Makefile.ssl
-SRC=a_object.c a_bitstr.c a_utctm.c a_int.c a_octet.c a_print.c a_type.c a_set.c a_dup.c a_d2i_fp.c a_i2d_fp.c a_sign.c a_digest.c a_verify.c x_algor.c x_val.c x_pubkey.c x_sig.c x_req.c x_attrib.c x_name.c x_cinf.c x_x509.c x_crl.c x_info.c x_spki.c d2i_r_pr.c i2d_r_pr.c d2i_r_pu.c i2d_r_pu.c d2i_s_pr.c i2d_s_pr.c d2i_s_pu.c i2d_s_pu.c d2i_pu.c d2i_pr.c i2d_pu.c i2d_pr.c t_req.c t_x509.c t_pkey.c p7_i_s.c p7_signi.c p7_signd.c p7_recip.c p7_enc_c.c p7_evp.c p7_dgst.c p7_s_e.c p7_enc.c p7_lib.c f_int.c f_string.c i2d_dhp.c i2d_dsap.c d2i_dhp.c d2i_dsap.c n_pkey.c a_hdr.c x_pkey.c a_bool.c x_exten.c asn1_par.c asn1_lib.c asn1_err.c a_meth.c a_bytes.c evp_asn1.c
+SRC=a_object.c a_bitstr.c a_utctm.c a_int.c a_octet.c a_print.c a_type.c a_set.c a_dup.c a_d2i_fp.c a_i2d_fp.c a_bmp.c a_sign.c a_digest.c a_verify.c x_algor.c x_val.c x_pubkey.c x_sig.c x_req.c x_attrib.c x_name.c x_cinf.c x_x509.c x_crl.c x_info.c x_spki.c d2i_r_pr.c i2d_r_pr.c d2i_r_pu.c i2d_r_pu.c d2i_s_pr.c i2d_s_pr.c d2i_s_pu.c i2d_s_pu.c d2i_pu.c d2i_pr.c i2d_pu.c i2d_pr.c t_req.c t_x509.c t_pkey.c p7_i_s.c p7_signi.c p7_signd.c p7_recip.c p7_enc_c.c p7_evp.c p7_dgst.c p7_s_e.c p7_enc.c p7_lib.c f_int.c f_string.c i2d_dhp.c i2d_dsap.c d2i_dhp.c d2i_dsap.c n_pkey.c a_hdr.c x_pkey.c a_bool.c x_exten.c asn1_par.c asn1_lib.c asn1_err.c a_meth.c a_bytes.c evp_asn1.c
TEST=
TOP=../..
RELATIVE_DIRECTORY=
TEST=
TOP=../..
RELATIVE_DIRECTORY=
+RELATIVE_DIRECTORY=crypto/proxy
+ALL=Makefile proxy.c pxy_txt.c bf_proxy.c pxy_conf.c pxy_err.c proxy.h
+APPS=
+AR=ar r
+CC=cc
+CFLAG=-g
+CFLAGS=-I.. -I../../include -g
+DIR=proxy
+ERR=proxy
+ERRC=pxy_err
+EXHEADER=proxy.h
+GENERAL=Makefile
+HEADER=proxy.h
+INCLUDES=-I.. -I../../include
+INSTALLTOP=/usr/local/ssl
+LIB=../../libcrypto.a
+LIBOBJ=proxy.o pxy_txt.o bf_proxy.o pxy_conf.o pxy_err.o
+LIBSRC=proxy.c pxy_txt.c bf_proxy.c pxy_conf.c pxy_err.c
+MAKE=make -f Makefile.ssl
+MAKEDEPEND=makedepend -f Makefile.ssl
+MAKEFILE=Makefile.ssl
+SRC=proxy.c pxy_txt.c bf_proxy.c pxy_conf.c pxy_err.c
+TEST=
+TOP=../..
+RELATIVE_DIRECTORY=
+RELATIVE_DIRECTORY=crypto/comp
+ALL=Makefile comp_lib.c c_rle.c c_zlib.c comp.h
+APPS=
+AR=ar r
+CC=cc
+CFLAG=-g
+CFLAGS=-I.. -I../../include -g
+DIR=comp
+ERR=comp
+ERRC=comp_err
+EXHEADER=comp.h
+GENERAL=Makefile
+HEADER=comp.h
+INCLUDES=-I.. -I../../include
+INSTALLTOP=/usr/local/ssl
+LIB=../../libcrypto.a
+LIBOBJ=comp_lib.o c_rle.o c_zlib.o
+LIBSRC=comp_lib.c c_rle.c c_zlib.c
+MAKE=make -f Makefile.ssl
+MAKEDEPEND=makedepend -f Makefile.ssl
+MAKEFILE=Makefile.ssl
+SRC=comp_lib.c c_rle.c c_zlib.c
+TEST=
+TOP=../..
+RELATIVE_DIRECTORY=
RELATIVE_DIRECTORY=ssl
-ALL=Makefile README s2_meth.c s2_srvr.c s2_clnt.c s2_lib.c s2_enc.c s2_pkt.c s3_meth.c s3_srvr.c s3_clnt.c s3_lib.c s3_enc.c s3_pkt.c s3_both.c s23_meth.c s23_srvr.c s23_clnt.c s23_lib.c s23_pkt.c t1_meth.c t1_srvr.c t1_clnt.c t1_lib.c t1_enc.c ssl_lib.c ssl_err2.c ssl_cert.c ssl_sess.c ssl_ciph.c ssl_stat.c ssl_rsa.c ssl_asn1.c ssl_txt.c ssl_algs.c bio_ssl.c ssl_err.c ssl.h ssl2.h ssl3.h ssl23.h tls1.h ssl_locl.h
+ALL=Makefile README s2_meth.c s2_srvr.c s2_clnt.c s2_lib.c s2_enc.c s2_pkt.c s3_meth.c s3_srvr.c s3_clnt.c s3_lib.c s3_enc.c s3_pkt.c s3_both.c s23_meth.c s23_srvr.c s23_clnt.c s23_lib.c s23_pkt.c t1_meth.c t1_srvr.c t1_clnt.c t1_lib.c t1_enc.c ssl_lib.c ssl_err2.c ssl_cert.c ssl_sess.c ssl_ciph.c ssl_stat.c ssl_rsa.c ssl_asn1.c ssl_txt.c ssl_algs.c bio_ssl.c pxy_ssl.c ssl_err.c ssl.h ssl2.h ssl3.h ssl23.h tls1.h ssl_locl.h
APPS=
AR=ar r
CC=cc
INCLUDES=-I../crypto -I../include
INSTALLTOP=/usr/local/ssl
LIB=../libssl.a
-LIBOBJ=s2_meth.o s2_srvr.o s2_clnt.o s2_lib.o s2_enc.o s2_pkt.o s3_meth.o s3_srvr.o s3_clnt.o s3_lib.o s3_enc.o s3_pkt.o s3_both.o s23_meth.o s23_srvr.o s23_clnt.o s23_lib.o s23_pkt.o t1_meth.o t1_srvr.o t1_clnt.o t1_lib.o t1_enc.o ssl_lib.o ssl_err2.o ssl_cert.o ssl_sess.o ssl_ciph.o ssl_stat.o ssl_rsa.o ssl_asn1.o ssl_txt.o ssl_algs.o bio_ssl.o ssl_err.o
-LIBSRC=s2_meth.c s2_srvr.c s2_clnt.c s2_lib.c s2_enc.c s2_pkt.c s3_meth.c s3_srvr.c s3_clnt.c s3_lib.c s3_enc.c s3_pkt.c s3_both.c s23_meth.c s23_srvr.c s23_clnt.c s23_lib.c s23_pkt.c t1_meth.c t1_srvr.c t1_clnt.c t1_lib.c t1_enc.c ssl_lib.c ssl_err2.c ssl_cert.c ssl_sess.c ssl_ciph.c ssl_stat.c ssl_rsa.c ssl_asn1.c ssl_txt.c ssl_algs.c bio_ssl.c ssl_err.c
+LIBOBJ=s2_meth.o s2_srvr.o s2_clnt.o s2_lib.o s2_enc.o s2_pkt.o s3_meth.o s3_srvr.o s3_clnt.o s3_lib.o s3_enc.o s3_pkt.o s3_both.o s23_meth.o s23_srvr.o s23_clnt.o s23_lib.o s23_pkt.o t1_meth.o t1_srvr.o t1_clnt.o t1_lib.o t1_enc.o ssl_lib.o ssl_err2.o ssl_cert.o ssl_sess.o ssl_ciph.o ssl_stat.o ssl_rsa.o ssl_asn1.o ssl_txt.o ssl_algs.o bio_ssl.o pxy_ssl.o ssl_err.o
+LIBSRC=s2_meth.c s2_srvr.c s2_clnt.c s2_lib.c s2_enc.c s2_pkt.c s3_meth.c s3_srvr.c s3_clnt.c s3_lib.c s3_enc.c s3_pkt.c s3_both.c s23_meth.c s23_srvr.c s23_clnt.c s23_lib.c s23_pkt.c t1_meth.c t1_srvr.c t1_clnt.c t1_lib.c t1_enc.c ssl_lib.c ssl_err2.c ssl_cert.c ssl_sess.c ssl_ciph.c ssl_stat.c ssl_rsa.c ssl_asn1.c ssl_txt.c ssl_algs.c bio_ssl.c pxy_ssl.c ssl_err.c
MAKE=make -f Makefile.ssl
MAKEDEPEND=makedepend -f Makefile.ssl
MAKEFILE=Makefile.ssl
-SRC=s2_meth.c s2_srvr.c s2_clnt.c s2_lib.c s2_enc.c s2_pkt.c s3_meth.c s3_srvr.c s3_clnt.c s3_lib.c s3_enc.c s3_pkt.c s3_both.c s23_meth.c s23_srvr.c s23_clnt.c s23_lib.c s23_pkt.c t1_meth.c t1_srvr.c t1_clnt.c t1_lib.c t1_enc.c ssl_lib.c ssl_err2.c ssl_cert.c ssl_sess.c ssl_ciph.c ssl_stat.c ssl_rsa.c ssl_asn1.c ssl_txt.c ssl_algs.c bio_ssl.c ssl_err.c
+SRC=s2_meth.c s2_srvr.c s2_clnt.c s2_lib.c s2_enc.c s2_pkt.c s3_meth.c s3_srvr.c s3_clnt.c s3_lib.c s3_enc.c s3_pkt.c s3_both.c s23_meth.c s23_srvr.c s23_clnt.c s23_lib.c s23_pkt.c t1_meth.c t1_srvr.c t1_clnt.c t1_lib.c t1_enc.c ssl_lib.c ssl_err2.c ssl_cert.c ssl_sess.c ssl_ciph.c ssl_stat.c ssl_rsa.c ssl_asn1.c ssl_txt.c ssl_algs.c bio_ssl.c pxy_ssl.c ssl_err.c
TEST=ssltest.c
TOP=..
RELATIVE_DIRECTORY=
TOP=..
RELATIVE_DIRECTORY=
RELATIVE_DIRECTORY=apps
-ALL=Makefile verify.c asn1pars.c req.c dgst.c dh.c enc.c gendh.c errstr.c ca.c pkcs7.c crl2p7.c crl.c rsa.c dsa.c dsaparam.c x509.c genrsa.c s_server.c s_client.c speed.c s_time.c apps.c s_cb.c s_socket.c version.c sess_id.c ciphers.c apps.h progs.h s_apps.h testdsa.h testrsa.h
+ALL=Makefile verify.c asn1pars.c req.c dgst.c dh.c enc.c gendh.c errstr.c ca.c pkcs7.c crl2p7.c crl.c rsa.c dsa.c dsaparam.c x509.c genrsa.c s_server.c s_client.c speed.c s_time.c apps.c s_cb.c s_socket.c bf_perm.c version.c sess_id.c ciphers.c apps.h progs.h s_apps.h testdsa.h testrsa.h
A_OBJ=apps.o
A_SRC=apps.c
CC=cc
EXHEADER=
EX_LIBS=
E_EXE=verify asn1pars req dgst dh enc gendh errstr ca crl rsa dsa dsaparam x509 genrsa s_server s_client speed s_time version pkcs7 crl2pkcs7 sess_id ciphers
-E_OBJ=verify.o asn1pars.o req.o dgst.o dh.o enc.o gendh.o errstr.o ca.o pkcs7.o crl2p7.o crl.o rsa.o dsa.o dsaparam.o x509.o genrsa.o s_server.o s_client.o speed.o s_time.o apps.o s_cb.o s_socket.o version.o sess_id.o ciphers.o
-E_SRC=verify.c asn1pars.c req.c dgst.c dh.c enc.c gendh.c errstr.c ca.c pkcs7.c crl2p7.c crl.c rsa.c dsa.c dsaparam.c x509.c genrsa.c s_server.c s_client.c speed.c s_time.c apps.c s_cb.c s_socket.c version.c sess_id.c ciphers.c
+E_OBJ=verify.o asn1pars.o req.o dgst.o dh.o enc.o gendh.o errstr.o ca.o pkcs7.o crl2p7.o crl.o rsa.o dsa.o dsaparam.o x509.o genrsa.o s_server.o s_client.o s_ speed.o s_time.o apps.o s_cb.o s_socket.o bf_perm.o version.o sess_id.o ciphers.o
+E_SRC=verify.c asn1pars.c req.c dgst.c dh.c enc.c gendh.c errstr.c ca.c pkcs7.c crl2p7.c crl.c rsa.c dsa.c dsaparam.c x509.c genrsa.c s_server.c s_client.c speed.c s_time.c apps.c s_cb.c s_socket.c bf_perm.c version.c sess_id.c ciphers.c
GENERAL=Makefile
HEADER=apps.h progs.h s_apps.h testdsa.h testrsa.h
INCLUDES=-I../include
PROGS=ssleay.c
RM=/bin/rm -f
SCRIPTS=CA.sh der_chop
-SRC=verify.c asn1pars.c req.c dgst.c dh.c enc.c gendh.c errstr.c ca.c pkcs7.c crl2p7.c crl.c rsa.c dsa.c dsaparam.c x509.c genrsa.c s_server.c s_client.c speed.c s_time.c apps.c s_cb.c s_socket.c version.c sess_id.c ciphers.c
+SRC=verify.c asn1pars.c req.c dgst.c dh.c enc.c gendh.c errstr.c ca.c pkcs7.c crl2p7.c crl.c rsa.c dsa.c dsaparam.c x509.c genrsa.c s_server.c s_client.c speed.c s_time.c apps.c s_cb.c s_socket.c bf_perm.c version.c sess_id.c ciphers.c
SSLEAY=ssleay
-S_OBJ=s_cb.o s_socket.o
-S_SRC=s_cb.c s_socket.c
+S_OBJ=s_cb.o s_socket.o bf_perm.o
+S_SRC=s_cb.c s_socket.c bf_perm.c
TOP=..
RELATIVE_DIRECTORY=
RELATIVE_DIRECTORY=test
#
# Makefile for all the SSL related library routines and utilities
-VERSION = 0.9.0a
+VERSION = 0.9.1b
+PLATFORM=debug
#
# make install will install:
# libraries into $INSTALLTOP/lib
# MD5_ASM needs to be defined to use the x86 assembler for MD5
# SHA1_ASM needs to be defined to use the x86 assembler for SHA1
# RMD160_ASM needs to be defined to use the x86 assembler for RIPEMD160
+# Do not define B_ENDIAN or L_ENDIAN if 'unsigned long' == 8. It must
+# equal 4.
+# PKCS1_CHECK - pkcs1 tests.
-
-CC= cc
-#CFLAG= -DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -m486 -Wall -Wuninitialized -DMD5_ASM -DSHA1_ASM -DRMD160_ASM
-CFLAG= -O -DNOPROTO
+CC= gcc
+#CFLAG= -DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -m486 -Wall -Wuninitialized -DSHA1_ASM -DMD5_ASM -DRMD160_ASM
+CFLAG= -DBN_DEBUG -DREF_CHECK -DCRYPTO_MDEBUG -ggdb -g2 -Wformat -Wshadow -Wmissing-prototypes -Wmissing-declarations -Werror
PEX_LIBS= -L. -L.. -L../.. -L../../..
-EX_LIBS=
+EX_LIBS= -lefence
AR=ar r
-# Set BN_MULW to bn_mulw.o if you want to use the C version
-BN_MULW= bn_mulw.o
-#BN_MULW= bn_mulw.o
-#BN_MULW= asm/bn86-elf.o # elf, linux-elf
-#BN_MULW= asm/bn86-sol.o # solaris
-#BN_MULW= asm/bn86-out.o # a.out, FreeBSD
-#BN_MULW= asm/bn86bsdi.o # bsdi
-#BN_MULW= asm/alpha.o # DEC Alpha
-#BN_MULW= asm/pa-risc2.o # HP-UX PA-RISC
-#BN_MULW= asm/r3000.o # SGI MIPS cpu
-#BN_MULW= asm/sparc.o # Sun solaris/SunOS
-#BN_MULW= asm/bn-win32.o # Windows 95/NT
-#BN_MULW= asm/x86w16.o # 16 bit code for Windows 3.1/DOS
-#BN_MULW= asm/x86w32.o # 32 bit code for Windows 3.1
+# Set BN_ASM to bn_asm.o if you want to use the C version
+BN_ASM= bn_asm.o
+#BN_ASM= bn_asm.o
+#BN_ASM= asm/bn86-elf.o # elf, linux-elf
+#BN_ASM= asm/bn86-sol.o # solaris
+#BN_ASM= asm/bn86-out.o # a.out, FreeBSD
+#BN_ASM= asm/bn86bsdi.o # bsdi
+#BN_ASM= asm/alpha.o # DEC Alpha
+#BN_ASM= asm/pa-risc2.o # HP-UX PA-RISC
+#BN_ASM= asm/r3000.o # SGI MIPS cpu
+#BN_ASM= asm/sparc.o # Sun solaris/SunOS
+#BN_ASM= asm/bn-win32.o # Windows 95/NT
+#BN_ASM= asm/x86w16.o # 16 bit code for Windows 3.1/DOS
+#BN_ASM= asm/x86w32.o # 32 bit code for Windows 3.1
# Set DES_ENC to des_enc.o if you want to use the C version
#There are 4 x86 assember options.
des rc2 rc4 rc5 idea bf cast \
bn rsa dsa dh \
buffer bio stack lhash rand err objects \
- evp pem asn1 x509 conf txt_db pkcs7
+ evp pem asn1 x509 conf txt_db pkcs7 comp
# If you change the INSTALLTOP, make sure to also change the values
# in crypto/location.h
TOP= .
ONEDIRS=out tmp
-EDIRS= times doc bugs util include certs ms shlib mt demos perl dep
-MISC= COPYRIGHT Configure HISTORY.066 INSTALL Makefile.ssl Makefile \
+EDIRS= times doc bugs util include certs ms shlib mt demos perl sf dep
+MISC= COPYRIGHT Configure HISTORY.090 HISTORY.066 INSTALL Makefile.ssl \
+ Makefile \
README TODO HISTORY README.066 README.080 README.090 \
VERSION PROBLEMS MINFO makefile.one e_os.h \
MICROSOFT makevms.com config PATENTS
@for i in $(DIRS) ;\
do \
(cd $$i; echo "making $$i..."; \
- $(MAKE) CC='${CC}' CFLAG='${CFLAG}' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' BN_MULW='${BN_MULW}' DES_ENC='${DES_ENC}' BF_ENC='${BF_ENC}' CAST_ENC='${CAST_ENC}' RC4_ENC='${RC4_ENC}' RC5_ENC='${RC5_ENC}' SHA1_ASM_OBJ='${SHA1_ASM_OBJ}' MD5_ASM_OBJ='${MD5_ASM_OBJ}' RMD160_ASM_OBJ='${RMD160_ASM_OBJ}' SDIRS='${SDIRS}' AR='${AR}' all ); \
+ $(MAKE) CC='${CC}' PLATFORM='${PLATFORM}' CFLAG='${CFLAG}' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' BN_ASM='${BN_ASM}' DES_ENC='${DES_ENC}' BF_ENC='${BF_ENC}' CAST_ENC='${CAST_ENC}' RC4_ENC='${RC4_ENC}' RC5_ENC='${RC5_ENC}' SHA1_ASM_OBJ='${SHA1_ASM_OBJ}' MD5_ASM_OBJ='${MD5_ASM_OBJ}' RMD160_ASM_OBJ='${RMD160_ASM_OBJ}' SDIRS='${SDIRS}' AR='${AR}' all ); \
done;
sub_all:
@for i in $(DIRS) ;\
do \
(cd $$i; echo "making $$i..."; \
- $(MAKE) CC='${CC}' CFLAG='${CFLAG}' SDIRS='$(SDIRS)' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' BN_MULW='${BN_MULW}' DES_ENC='${DES_ENC}' BF_ENC='${BF_ENC}' CAST_ENC='${CAST_ENC}' RC4_ENC='${RC4_ENC}' RC5_ENC='${RC5_ENC}' SHA1_ASM_OBJ='${SHA1_ASM_OBJ}' MD5_ASM_OBJ='${MD5_ASM_OBJ}' RMD160_ASM_OBJ='${RMD160_ASM_OBJ}' AR='${AR}' all ); \
+ $(MAKE) CC='${CC}' PLATFORM='${PLATFORM}' CFLAG='${CFLAG}' SDIRS='$(SDIRS)' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' BN_ASM='${BN_ASM}' DES_ENC='${DES_ENC}' BF_ENC='${BF_ENC}' CAST_ENC='${CAST_ENC}' RC4_ENC='${RC4_ENC}' RC5_ENC='${RC5_ENC}' SHA1_ASM_OBJ='${SHA1_ASM_OBJ}' MD5_ASM_OBJ='${MD5_ASM_OBJ}' RMD160_ASM_OBJ='${RMD160_ASM_OBJ}' AR='${AR}' all ); \
done;
+libclean:
+ /bin/rm *.a */lib */*/lib
+
clean:
/bin/rm -f shlib/*.o *.o core a.out fluff *.map
@for i in $(DIRS) ;\
tests:
(cd test; echo "testing $$i..."; \
- $(MAKE) CC='${CC}' CFLAG='${CFLAG}' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' BN_MULW='${BN_MULW}' DES_ENC='${DES_ENC}' BF_ENC='${BF_ENC}' CAST_ENC='${CAST_ENC}' RC4_ENC='${RC4_ENC}' RC5_ENC='${RC5_ENC}' SDIRS='${SDIRS}' SHA1_ASM_OBJ='${SHA1_ASM_OBJ}' MD5_ASM_OBJ='${MD5_ASM_OBJ}' RMD160_ASM_OBJ='${RMD160_ASM_OBJ}' AR='${AR}' tests );
+ $(MAKE) CC='${CC}' CFLAG='${CFLAG}' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' BN_ASM='${BN_ASM}' DES_ENC='${DES_ENC}' BF_ENC='${BF_ENC}' CAST_ENC='${CAST_ENC}' RC4_ENC='${RC4_ENC}' RC5_ENC='${RC5_ENC}' SDIRS='${SDIRS}' SHA1_ASM_OBJ='${SHA1_ASM_OBJ}' MD5_ASM_OBJ='${MD5_ASM_OBJ}' RMD160_ASM_OBJ='${RMD160_ASM_OBJ}' AR='${AR}' tests );
@apps/ssleay version -a
depend:
RSA Data Security holds software patents on the RSA and RC5 algorithms.
If there ciphers are used used inside the USA (and Japan?), you must contact
-RSA Data Security for licencing conditions.
-
-The IDEA algorithm is patented by XXXX and they should be contacted if that
-algorithm is to be used.
+RSA Data Security for licencing conditions. Their web page is
+http://www.rsa.com
RC4 is a trademark of RSA Data Security, so use of this label should perhaps
-only me used with RSA Data Security's permission.
+only me used with RSA Data Security's permission.
+
+The IDEA algorithm is patented by Ascom in Austria, France, Germany,
+Italy, Japan, Netherlands, Spain, Sweden, Switzerland, UK and the USA.
+They should be contacted if that algorithm is to be used, their web page is
+http://www.ascom.ch
+
- SSLeay 0.9.0b 29-Jun-1998
+ SSLeay 0.9.1a 06-Jul-1998
Copyright (c) 1997, Eric Young
All rights reserved.
This is a quick, meet the deadline. Look to ssl-users for comments on what
is new etc.
-The state of play
-- TLSv1 - I need to do some explaining about how the methods interact.
- The bad news is that SSLeay 0.8.x application will not roll back to
- SSLv3, I suffed up. 0.8.x is rather pedantic about the '3.0' version
- number. Look at the 'no-tls' options in applications in the apps directory.
-- The perl5 stuff is very rough. The SSL part does not work due to
- reference count hassles in the BIO stuff. I just have not had time to
- look at it. The cipher, digest and bignum stuff works though. I just
- need to clean up the API.
-- Lots of x86 assember. I now have it for des, 3des, rc4, rc5, blowfish,
- cast, md5, sha1 and ripemd160. It has been tested on win32, linux (elf)
- and FreeBSD (a.out).
-- As mentioned above, cast, rc5 and ripemd160 have been added.
-- A simple HMAC set of functions.
-- EX_DATA strucutre, which can be used by applications or other libraries
- to tack arbitarty data against strucutures that include it.
- You will probably have to see examples to see how to use it, and I will
- elaberate on the ssl-users mailing list
-- RSA blinding. If you fear timing attacks on RSA, you can turn on
- blinding which defeats it.
-- From Tim Hudson, try running 'sh config' instead of 'perl Configure'.
- I makes an educated guess as to what you are and then runs 'perl Configure'
-- The error stuff has been modified so arbitary strings can be taged
- against an error message. It is used in a few places to elaberate on
- parameters that caused the error.
-
-Areas of work
-- The 16bit big-num assember needs a routine added. The WIN16 and
- WIN32 stuff is ok, but MS-DOS or 286 builds need the update.
-- Most of the bignum assember will not work. There will be a function
- missing, bn_add_words(). I need people to send me the C compiler output
- for platforms I don't already have. Currently, the assember is correct for
- x86, win32, win16(386+), linux elf, FreeBSD a.out and sparc.
-- PKCS7, I have delusions of s/MIME. I need to do a BIO interface.
-- perl5, it needs finishing
-- X509v3 extension. I have some ideas, I just need to
- implement them :-)
-- Public key methods. I need to clean up the library internally so
- public key methods are loaded is a similar way to symetric ciphers
- and digests. I also need to seperate out the digests from public
- key methods. This stuff is needed to support sortware patents, smaller
- code size and hardware tokens.
-
-Anyway, this release gets out the bug fixes and TLS, but be warned, until
-all those old SSLeay 0.8.x based server get upgraded, you will need to
-connect with SSLv3 if TLSv1 fails.
-
eric (about to go bushwalking for the 4 day easter break :-)
-
-PS Common problems
-- For Win32 build, use /MD to specify your libraries, or build SSLeay with
- the same flags as your application. Visual C stuffs up the malloc routines
- if memory allocated by one memory model is freed by another. FILE pointers
- are a major cause of these problem.
-- If you are trying to use non-blocking IO and it is not working,
- try 'ssleay s_client -help' and see if the -nbio option is listed.
- For unixware, it has the non-block IO define in 'differnt' header file
- and SSLeay will silently build without non-blocking IO calls (but for
- unixware, the special header has been included).
-- -DL_ENDIAN. For the message digests, some code needs to be turned off
- in the C code when assember is used. For x86, this means the L_ENDIAN
- needs to defined when x86 -DSHA1_ASM is defined. The reasons this is
- not automagically done is because non-x86 assember could be bigendian.
- For pure C code builds, the B_ENDIAN/L_ENDIAN flags are optional.
* [including the GNU Public Licence.]
*/
+/* A nice addition from Dr Stephen Henson <shenson@bigfoot.com> to
+ * add the -strparse option which parses nested binarary structures
+ */
+
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include "x509.h"
#include "pem.h"
-#define FORMAT_UNDEF 0
-#define FORMAT_ASN1 1
-#define FORMAT_TEXT 2
-#define FORMAT_PEM 3
-
/* -inform arg - input format - default PEM (DER or PEM)
* -in arg - input file - default stdin
* -i - indent the details by depth
int argc;
char **argv;
{
- int i,badops=0,offset=0,ret=1;
+ int i,badops=0,offset=0,ret=1,j;
unsigned int length=0;
- long num;
+ long num,tmplen;
BIO *in=NULL,*out=NULL,*b64=NULL;
int informat,indent=0;
char *infile=NULL,*str=NULL,*prog,*oidfile=NULL;
+ unsigned char *tmpbuf;
BUF_MEM *buf=NULL;
+ STACK *osk=NULL;
+ ASN1_TYPE *at=NULL;
informat=FORMAT_PEM;
prog=argv[0];
argc--;
argv++;
+ if ((osk=sk_new_null()) == NULL)
+ {
+ BIO_printf(bio_err,"Malloc failure\n");
+ goto end;
+ }
while (argc >= 1)
{
if (strcmp(*argv,"-inform") == 0)
length= atoi(*(++argv));
if (length == 0) goto bad;
}
+ else if (strcmp(*argv,"-strparse") == 0)
+ {
+ if (--argc < 1) goto bad;
+ sk_push(osk,*(++argv));
+ }
else
{
BIO_printf(bio_err,"unknown option %s\n",*argv);
BIO_printf(bio_err," -length arg lenth of section in file\n");
BIO_printf(bio_err," -i indent entries\n");
BIO_printf(bio_err," -oid file file of extra oid definitions\n");
+ BIO_printf(bio_err," -strparse offset\n");
+ BIO_printf(bio_err," a series of these can be used to 'dig' into multiple\n");
+ BIO_printf(bio_err," ASN1 blob wrappings\n");
goto end;
}
}
str=buf->data;
+ /* If any structs to parse go through in sequence */
+
+ if (sk_num(osk))
+ {
+ tmpbuf=(unsigned char *)str;
+ tmplen=num;
+ for (i=0; i<sk_num(osk); i++)
+ {
+ j=atoi(sk_value(osk,i));
+ if (j == 0)
+ {
+ BIO_printf(bio_err,"'%s' is an invalid number\n",sk_value(osk,i));
+ continue;
+ }
+ tmpbuf+=j;
+ tmplen-=j;
+ if (d2i_ASN1_TYPE(&at,&tmpbuf,tmplen) == NULL)
+ {
+ BIO_printf(bio_err,"Error parsing structure\n");
+ ERR_print_errors(bio_err);
+ goto end;
+ }
+ /* hmm... this is a little evil but it works */
+ tmpbuf=at->value.asn1_string->data;
+ tmplen=at->value.asn1_string->length;
+ }
+ str=(char *)tmpbuf;
+ num=tmplen;
+ }
+
if (length == 0) length=(unsigned int)num;
if (!ASN1_parse(out,(unsigned char *)&(str[offset]),length,indent))
{
if (ret != 0)
ERR_print_errors(bio_err);
if (buf != NULL) BUF_MEM_free(buf);
+ if (at != NULL) ASN1_TYPE_free(at);
+ if (osk != NULL) sk_free(osk);
OBJ_cleanup();
EXIT(ret);
}
}
}
+ if (conf != NULL)
+ {
+ p=CONF_get_string(conf,NULL,"oid_file");
+ if (p != NULL)
+ {
+ BIO *oid_bio;
+
+ oid_bio=BIO_new_file(p,"r");
+ if (oid_bio == NULL)
+ {
+ /*
+ BIO_printf(bio_err,"problems opening %s for extra oid's\n",p);
+ ERR_print_errors(bio_err);
+ */
+ }
+ else
+ {
+ OBJ_create_objects(oid_bio);
+ BIO_free(oid_bio);
+ }
+ }
+ }
+
in=BIO_new(BIO_s_file());
out=BIO_new(BIO_s_file());
Sout=BIO_new(BIO_s_file());
goto err;
}
+ if (!X509_check_private_key(x509,pkey))
+ {
+ BIO_printf(bio_err,"CA certificate and CA private key do not match\n");
+ goto err;
+ }
+
f=CONF_get_string(conf,BASE_SECTION,ENV_PRESERVE);
if ((f != NULL) && ((*f == 'y') || (*f == 'Y')))
preserve=1;
}
if (verbose)
{
- if ((f=BN_bn2ascii(serial)) == NULL) goto err;
+ if ((f=BN_bn2hex(serial)) == NULL) goto err;
BIO_printf(bio_err,"next serial number is %s\n",f);
Free(f);
}
if (i == 0)
{
ok=0;
- BIO_printf(bio_err,"Signature did not match the certificate request\n");
+ BIO_printf(bio_err,"Signature did not match the certificate\n");
goto err;
}
else
BIO_printf(bio_err,"The subject name apears to be ok, checking data base for clashes\n");
row[DB_name]=X509_NAME_oneline(subject,NULL,0);
- row[DB_serial]=BN_bn2ascii(serial);
+ row[DB_serial]=BN_bn2hex(serial);
if ((row[DB_name] == NULL) || (row[DB_serial] == NULL))
{
BIO_printf(bio_err,"Malloc failure\n");
}
}
+ if (pkey->type == EVP_PKEY_DSA) dgst=EVP_dss1();
+
#ifndef NO_DSA
pktmp=X509_get_pubkey(ret);
if (EVP_PKEY_missing_parameters(pktmp) &&
default:
BIO_printf(bio_err,"Don't know how to pack extension %s\n",cv->name);
goto err;
- break;
+ /* break; */
}
if ((x=X509_EXTENSION_create_by_NID(NULL,nid,0,str)) == NULL)
#undef POSTFIX
#define POSTFIX ".rvk"
-#define FORMAT_UNDEF 0
-#define FORMAT_ASN1 1
-#define FORMAT_TEXT 2
-#define FORMAT_PEM 3
-
static char *crl_usage[]={
"usage: crl args\n",
"\n",
LN_sha,LN_sha);
BIO_printf(bio_err,"-%3s to use the %s message digest algorithm\n",
LN_mdc2,LN_mdc2);
+ BIO_printf(bio_err,"-%3s to use the %s message digest algorithm\n",
+ LN_ripemd160,LN_ripemd160);
err=1;
goto end;
}
* -text
* -C
* -noout
+ * -genkey
*/
#ifndef NOPROTO
BIO *in=NULL,*out=NULL;
int informat,outformat,noout=0,C=0,ret=1;
char *infile,*outfile,*prog,*inrand=NULL;
- int numbits= -1,num;
+ int numbits= -1,num,genkey=0;
char buffer[200],*randfile=NULL;
apps_startup();
text=1;
else if (strcmp(*argv,"-C") == 0)
C=1;
+ else if (strcmp(*argv,"-genkey") == 0)
+ genkey=1;
else if (strcmp(*argv,"-rand") == 0)
{
if (--argc < 1) goto bad;
goto end;
}
}
+ if (genkey)
+ {
+ DSA *dsakey;
+
+ if ((dsakey=DSAparams_dup(dsa)) == NULL) goto end;
+ if (!DSA_generate_key(dsakey)) goto end;
+ if (outformat == FORMAT_ASN1)
+ i=i2d_DSAPrivateKey_bio(out,dsakey);
+ else if (outformat == FORMAT_PEM)
+ i=PEM_write_bio_DSAPrivateKey(out,dsakey,NULL,NULL,0,NULL);
+ else {
+ BIO_printf(bio_err,"bad output format specified for outfile\n");
+ goto end;
+ }
+ DSA_free(dsakey);
+ }
ret=0;
end:
if (in != NULL) BIO_free(in);
{ print $str; }
}
-foreach ("md2","md5","sha","sha1","mdc2")
+foreach ("md2","md5","sha","sha1","mdc2","rmd160")
{
push(@files,$_);
printf "\t{FUNC_TYPE_MD,\"%s\",dgst_main},\n",$_;
#!/bin/sh
-for i in verify asn1parse req dgst dh enc gendh errstr ca crl rsa dsa dsaparam x509 genrsa s_server s_client speed s_time version pkcs7 crl2pkcs7 sess_id ciphers md2 md5 sha sha1 mdc2 base64 des des3 desx idea rc4 rc2 bf cast rc5 des-ecb des-ede des-ede3 des-cbc des-ede-cbc des-ede3-cbc des-cfb des-ede-cfb des-ede3-cfb des-ofb des-ede-ofb des-ede3-ofb idea-cbc idea-ecb idea-cfb idea-ofb rc2-cbc rc2-ecb rc2-cfb rc2-ofb bf-cbc bf-ecb bf-cfb bf-ofb cast5-cbc cast5-ecb cast5-cfb cast5-ofb cast-cbc rc5-cbc rc5-ecb rc5-cfb rc5-ofb
+for i in verify asn1parse req dgst dh enc gendh errstr ca crl rsa dsa dsaparam x509 genrsa s_server s_client speed s_time version pkcs7 crl2pkcs7 sess_id ciphers md2 md5 sha sha1 mdc2 rmd160 base64 des des3 desx idea rc4 rc2 bf cast rc5 des-ecb des-ede des-ede3 des-cbc des-ede-cbc des-ede3-cbc des-cfb des-ede-cfb des-ede3-cfb des-ofb des-ede-ofb des-ede3-ofb idea-cbc idea-ecb idea-cfb idea-ofb rc2-cbc rc2-ecb rc2-cfb rc2-ofb bf-cbc bf-ecb bf-cfb bf-ofb cast5-cbc cast5-ecb cast5-cfb cast5-ofb cast-cbc rc5-cbc rc5-ecb rc5-cfb rc5-ofb
do
echo making symlink for $i
/bin/rm -f $i
--- /dev/null
+2.99999.1 SET.ex1 SET x509v3 extension 1
+2.99999.2 SET.ex2 SET x509v3 extension 2
+2.99999.3 SET.ex3 SET x509v3 extension 3
+2.99999.4 SET.ex4 SET x509v3 extension 4
+2.99999.5 SET.ex5 SET x509v3 extension 5
+2.99999.6 SET.ex6 SET x509v3 extension 6
ERR_remove_state(0);
EVP_cleanup();
+ ERR_free_strings();
CRYPTO_mem_leaks(bio_err);
if (bio_err != NULL)
#
RANDFILE = $ENV::HOME/.rnd
+oid_file = $ENV::HOME/.oid
####################################################################
[ ca ]
emailAddress = Email Address
emailAddress_max = 40
+SET-ex3 = SET extension number 3
+
[ req_attributes ]
challengePassword = A challenge password
challengePassword_min = 4
------BEGIN DSA PRIVATE KEY-----
+-----BEGIN RSA PRIVATE KEY-----
Proc-Type: 4,ENCRYPTED
-DEK-Info: DES-EDE3-CBC,1BF8E9CE60B9941C
+DEK-Info: DES-EDE3-CBC,BA26229A1653B7FF
-JuhgIvVRrxCRedTTC9ABlIByMsq6IcpqyDZwOPS4rxTtVWvjj1BMHtoCebK7CKMZ
-dLsvztfSkdAYmTGK62C73RwlmnMxB4JXhTLaoAX2eL9iylojTWRg+/0Y4rbIKmUe
-hrmwrHld7vnfE9XHL8OoaFp6aJ8BB9B8HIfdJMnrNcTWJSGS6gYPTWPdm7ZCykEV
-2fFEX6IqWjBjaRm36Esj5mHLRVhBbi2n/jy5IhZeqjEsQ8adYGUulzPSe5xc2JZa
-+OO4ch/RRqWTFP59eNPfdke3UE7uNlUhPnYDAOXhSdMJBzI+T9RQXU2y/tMOrYYK
-3+jNQcQ9q1Xy1s5dz/BOvw==
------END DSA PRIVATE KEY-----
+6nhWG8PKhTPO/s3ZvjUa6226NlKdvPDZFsNXOOoSUs9ejxpb/aj5huhs6qRYzsz9
+Year47uaAZYhGD0vAagnNiBnYmjWEpN9G/wQxG7pgZThK1ZxDi63qn8aQ8UjuGHo
+F6RpnnBQIAnWTWqr/Qsybtc5EoNkrj/Cpx0OfbSr6gZsFBCxwX1R1hT3/mhJ45f3
+XMofY32Vdfx9/vtw1O7HmlHXQnXaqnbd9/nn1EpvFJG9+UjPoW7gV4jCOLuR4deE
+jS8hm+cpkwXmFtk3VGjT9tQXPpMv3JpYfBqgGQoMAJ5Toq0DWcHi6Wg08PsD8lgy
+vmTioPsRg+JGkJkJ8GnusgLpQdlQJbjzd7wGE6ElUFLfOxLo8bLlRHoriHNdWYhh
+JjY0LyeTkovcmWxVjImc6ZyBz5Ly4t0BYf1gq3OkjsV91Q1taBxnhiavfizqMCAf
+PPB3sLQnlXG77TOXkNxpqbZfEYrVZW2Nsqqdn8s07Uj4IMONZyq2odYKWFPMJBiM
+POYwXjMAOcmFMTHYsVlhcUJuV6LOuipw/FEbTtPH/MYMxLe4zx65dYo1rb4iLKLS
+gMtB0o/Wl4Xno3ZXh1ucicYnV2J7NpVcjVq+3SFiCRu2SrSkZHZ23EPS13Ec6fcz
+8X/YGA2vTJ8MAOozAzQUwHQYvLk7bIoQVekqDq4p0AZQbhdspHpArCk0Ifqqzg/v
+Uyky/zZiQYanzDenTSRVI/8wac3olxpU8QvbySxYqmbkgq6bTpXJfYFQfnAttEsC
+dA4S5UFgyOPZluxCAM4yaJF3Ft6neutNwftuJQMbgCUi9vYg2tGdSw==
+-----END RSA PRIVATE KEY-----
{FUNC_TYPE_MD,"sha",dgst_main},
{FUNC_TYPE_MD,"sha1",dgst_main},
{FUNC_TYPE_MD,"mdc2",dgst_main},
+ {FUNC_TYPE_MD,"rmd160",dgst_main},
{FUNC_TYPE_CIPHER,"base64",enc_main},
#ifndef NO_DES
{FUNC_TYPE_CIPHER,"des",enc_main},
{ print $str; }
}
-foreach ("md2","md5","sha","sha1","mdc2")
+foreach ("md2","md5","sha","sha1","mdc2","rmd160")
{
push(@files,$_);
printf "\t{FUNC_TYPE_MD,\"%s\",dgst_main},\n",$_;
}
}
+ if (req_conf != NULL)
+ {
+ p=CONF_get_string(req_conf,NULL,"oid_file");
+ if (p != NULL)
+ {
+ BIO *oid_bio;
+
+ oid_bio=BIO_new_file(p,"r");
+ if (oid_bio == NULL)
+ {
+ /*
+ BIO_printf(bio_err,"problems opening %s for extra oid's\n",p);
+ ERR_print_errors(bio_err);
+ */
+ }
+ else
+ {
+ OBJ_create_objects(oid_bio);
+ BIO_free(oid_bio);
+ }
+ }
+ }
+
if ((md_alg == NULL) &&
((p=CONF_get_string(req_conf,SECTION,"default_md")) != NULL))
{
#!/bin/sh
-for i in verify asn1parse req dgst dh enc gendh errstr ca crl rsa dsa dsaparam x509 genrsa s_server s_client speed s_time version pkcs7 crl2pkcs7 sess_id ciphers md2 md5 sha sha1 mdc2 base64 des des3 desx idea rc4 rc2 bf cast rc5 des-ecb des-ede des-ede3 des-cbc des-ede-cbc des-ede3-cbc des-cfb des-ede-cfb des-ede3-cfb des-ofb des-ede-ofb des-ede3-ofb idea-cbc idea-ecb idea-cfb idea-ofb rc2-cbc rc2-ecb rc2-cfb rc2-ofb bf-cbc bf-ecb bf-cfb bf-ofb cast5-cbc cast5-ecb cast5-cfb cast5-ofb cast-cbc rc5-cbc rc5-ecb rc5-cfb rc5-ofb
+for i in verify asn1parse req dgst dh enc gendh errstr ca crl rsa dsa dsaparam x509 genrsa s_server s_client speed s_time version pkcs7 crl2pkcs7 sess_id ciphers md2 md5 sha sha1 mdc2 rmd160 base64 des des3 desx idea rc4 rc2 bf cast rc5 des-ecb des-ede des-ede3 des-cbc des-ede-cbc des-ede3-cbc des-cfb des-ede-cfb des-ede3-cfb des-ofb des-ede-ofb des-ede3-ofb idea-cbc idea-ecb idea-cfb idea-ofb rc2-cbc rc2-ecb rc2-cfb rc2-ofb bf-cbc bf-ecb bf-cfb bf-ofb cast5-cbc cast5-ecb cast5-cfb cast5-ofb cast-cbc rc5-cbc rc5-ecb rc5-cfb rc5-ofb
do
echo removing $i
/bin/rm -f $i
--- /dev/null
+-----BEGIN CERTIFICATE-----
+MIICTjCCAbsCEGiuFKTJn6nzmiPPLxUZs1owDQYJKoZIhvcNAQEEBQAwXzELMAkG
+A1UEBhMCVVMxIDAeBgNVBAoTF1JTQSBEYXRhIFNlY3VyaXR5LCBJbmMuMS4wLAYD
+VQQLEyVTZWN1cmUgU2VydmVyIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTk4
+MDUxODAwMDAwMFoXDTk5MDUxODIzNTk1OVowdTELMAkGA1UEBhMCVVMxETAPBgNV
+BAgTCE5ldyBZb3JrMREwDwYDVQQHFAhOZXcgWW9yazEeMBwGA1UEChQVSW5kdXN0
+cmlhbCBQcmVzcyBJbmMuMSAwHgYDVQQDFBd3d3cuaW5kdXN0cmlhbHByZXNzLmNv
+bTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAqiH9xUJNHvqCmaDon27ValJb
+qTLymF3yKKWBxbODLWjX7yKjewoqWhotaEARI6jXPqomU87gFU1tH4r/bgwh3FmU
+MK3qo92XOsvwNAHzXzWRXQNJmm54g2F1RUt00pgYiOximDse1t9RL5POCDEbfX8D
+gugrE/WwkS2FrSoc5/cCAwEAATANBgkqhkiG9w0BAQQFAAN+AIw7fvF0EtEvrNS/
+LYuqAgUw/tH0FLgCkqKLmYYm/yR+Z0hD2eP/UhF+jAwmV8rHtBnaTM7oN23RVW2k
+Cf8soiGfr2PYtfufpXtd7azUFa+WJCWnp0N29EG0BR1JOFC0Q/4dh/X9qulM8luq
+Pjrmw2eSgbdmmdumWAcNPVbV
+-----END CERTIFICATE-----
--- /dev/null
+issuer= /C=US/O=RSA Data Security, Inc./OU=Secure Server Certification Authority
+subject=/C=US/ST=New York/L=New York/O=Industrial Press Inc./CN=www.industrialpress.com
+Certificate:
+ Data:
+ Version: 1 (0x0)
+ Serial Number:
+ 68:ae:14:a4:c9:9f:a9:f3:9a:23:cf:2f:15:19:b3:5a
+ Signature Algorithm: md5WithRSAEncryption
+ Issuer: C=US, O=RSA Data Security, Inc., OU=Secure Server Certification Authority
+ Validity
+ Not Before: May 18 00:00:00 1998 GMT
+ Not After : May 18 23:59:59 1999 GMT
+ Subject: C=US, ST=New York, L=New York, O=Industrial Press Inc., CN=www.industrialpress.com
+ Subject Public Key Info:
+ Public Key Algorithm: rsaEncryption
+ RSA Public Key: (1024 bit)
+ Modulus (1024 bit):
+ 00:aa:21:fd:c5:42:4d:1e:fa:82:99:a0:e8:9f:6e:
+ d5:6a:52:5b:a9:32:f2:98:5d:f2:28:a5:81:c5:b3:
+ 83:2d:68:d7:ef:22:a3:7b:0a:2a:5a:1a:2d:68:40:
+ 11:23:a8:d7:3e:aa:26:53:ce:e0:15:4d:6d:1f:8a:
+ ff:6e:0c:21:dc:59:94:30:ad:ea:a3:dd:97:3a:cb:
+ f0:34:01:f3:5f:35:91:5d:03:49:9a:6e:78:83:61:
+ 75:45:4b:74:d2:98:18:88:ec:62:98:3b:1e:d6:df:
+ 51:2f:93:ce:08:31:1b:7d:7f:03:82:e8:2b:13:f5:
+ b0:91:2d:85:ad:2a:1c:e7:f7
+ Exponent: 65537 (0x10001)
+ Signature Algorithm: md5WithRSAEncryption
+ 8c:3b:7e:f1:74:12:d1:2f:ac:d4:bf:2d:8b:aa:02:05:30:fe:
+ d1:f4:14:b8:02:92:a2:8b:99:86:26:ff:24:7e:67:48:43:d9:
+ e3:ff:52:11:7e:8c:0c:26:57:ca:c7:b4:19:da:4c:ce:e8:37:
+ 6d:d1:55:6d:a4:09:ff:2c:a2:21:9f:af:63:d8:b5:fb:9f:a5:
+ 7b:5d:ed:ac:d4:15:af:96:24:25:a7:a7:43:76:f4:41:b4:05:
+ 1d:49:38:50:b4:43:fe:1d:87:f5:fd:aa:e9:4c:f2:5b:aa:3e:
+ 3a:e6:c3:67:92:81:b7:66:99:db:a6:58:07:0d:3d:56:d5
+-----BEGIN CERTIFICATE-----
+MIICTjCCAbsCEGiuFKTJn6nzmiPPLxUZs1owDQYJKoZIhvcNAQEEBQAwXzELMAkG
+A1UEBhMCVVMxIDAeBgNVBAoTF1JTQSBEYXRhIFNlY3VyaXR5LCBJbmMuMS4wLAYD
+VQQLEyVTZWN1cmUgU2VydmVyIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTk4
+MDUxODAwMDAwMFoXDTk5MDUxODIzNTk1OVowdTELMAkGA1UEBhMCVVMxETAPBgNV
+BAgTCE5ldyBZb3JrMREwDwYDVQQHFAhOZXcgWW9yazEeMBwGA1UEChQVSW5kdXN0
+cmlhbCBQcmVzcyBJbmMuMSAwHgYDVQQDFBd3d3cuaW5kdXN0cmlhbHByZXNzLmNv
+bTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAqiH9xUJNHvqCmaDon27ValJb
+qTLymF3yKKWBxbODLWjX7yKjewoqWhotaEARI6jXPqomU87gFU1tH4r/bgwh3FmU
+MK3qo92XOsvwNAHzXzWRXQNJmm54g2F1RUt00pgYiOximDse1t9RL5POCDEbfX8D
+gugrE/WwkS2FrSoc5/cCAwEAATANBgkqhkiG9w0BAQQFAAN+AIw7fvF0EtEvrNS/
+LYuqAgUw/tH0FLgCkqKLmYYm/yR+Z0hD2eP/UhF+jAwmV8rHtBnaTM7oN23RVW2k
+Cf8soiGfr2PYtfufpXtd7azUFa+WJCWnp0N29EG0BR1JOFC0Q/4dh/X9qulM8luq
+Pjrmw2eSgbdmmdumWAcNPVbV
+-----END CERTIFICATE-----
--- /dev/null
+Certificate:
+ Data:
+ Version: 1 (0x0)
+ Serial Number:
+ 02:ad:66:7e:4e:45:fe:5e:57:6f:3c:98:19:5e:dd:c0
+ Signature Algorithm: md2WithRSAEncryption
+ Issuer: C=US, O=RSA Data Security, Inc., OU=Secure Server Certification Authority
+ Validity
+ Not Before: Nov 9 00:00:00 1994 GMT
+ Not After : Jan 7 23:59:59 2010 GMT
+ Subject: C=US, O=RSA Data Security, Inc., OU=Secure Server Certification Authority
+ Subject Public Key Info:
+ Public Key Algorithm: rsaEncryption
+ RSA Public Key: (1000 bit)
+ Modulus (1000 bit):
+ 00:92:ce:7a:c1:ae:83:3e:5a:aa:89:83:57:ac:25:
+ 01:76:0c:ad:ae:8e:2c:37:ce:eb:35:78:64:54:03:
+ e5:84:40:51:c9:bf:8f:08:e2:8a:82:08:d2:16:86:
+ 37:55:e9:b1:21:02:ad:76:68:81:9a:05:a2:4b:c9:
+ 4b:25:66:22:56:6c:88:07:8f:f7:81:59:6d:84:07:
+ 65:70:13:71:76:3e:9b:77:4c:e3:50:89:56:98:48:
+ b9:1d:a7:29:1a:13:2e:4a:11:59:9c:1e:15:d5:49:
+ 54:2c:73:3a:69:82:b1:97:39:9c:6d:70:67:48:e5:
+ dd:2d:d6:c8:1e:7b
+ Exponent: 65537 (0x10001)
+ Signature Algorithm: md2WithRSAEncryption
+ 65:dd:7e:e1:b2:ec:b0:e2:3a:e0:ec:71:46:9a:19:11:b8:d3:
+ c7:a0:b4:03:40:26:02:3e:09:9c:e1:12:b3:d1:5a:f6:37:a5:
+ b7:61:03:b6:5b:16:69:3b:c6:44:08:0c:88:53:0c:6b:97:49:
+ c7:3e:35:dc:6c:b9:bb:aa:df:5c:bb:3a:2f:93:60:b6:a9:4b:
+ 4d:f2:20:f7:cd:5f:7f:64:7b:8e:dc:00:5c:d7:fa:77:ca:39:
+ 16:59:6f:0e:ea:d3:b5:83:7f:4d:4d:42:56:76:b4:c9:5f:04:
+ f8:38:f8:eb:d2:5f:75:5f:cd:7b:fc:e5:8e:80:7c:fc:50
+-----BEGIN CERTIFICATE-----
+MIICNDCCAaECEAKtZn5ORf5eV288mBle3cAwDQYJKoZIhvcNAQECBQAwXzELMAkG
+A1UEBhMCVVMxIDAeBgNVBAoTF1JTQSBEYXRhIFNlY3VyaXR5LCBJbmMuMS4wLAYD
+VQQLEyVTZWN1cmUgU2VydmVyIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTk0
+MTEwOTAwMDAwMFoXDTEwMDEwNzIzNTk1OVowXzELMAkGA1UEBhMCVVMxIDAeBgNV
+BAoTF1JTQSBEYXRhIFNlY3VyaXR5LCBJbmMuMS4wLAYDVQQLEyVTZWN1cmUgU2Vy
+dmVyIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MIGbMA0GCSqGSIb3DQEBAQUAA4GJ
+ADCBhQJ+AJLOesGugz5aqomDV6wlAXYMra6OLDfO6zV4ZFQD5YRAUcm/jwjiioII
+0haGN1XpsSECrXZogZoFokvJSyVmIlZsiAeP94FZbYQHZXATcXY+m3dM41CJVphI
+uR2nKRoTLkoRWZweFdVJVCxzOmmCsZc5nG1wZ0jl3S3WyB57AgMBAAEwDQYJKoZI
+hvcNAQECBQADfgBl3X7hsuyw4jrg7HFGmhkRuNPHoLQDQCYCPgmc4RKz0Vr2N6W3
+YQO2WxZpO8ZECAyIUwxrl0nHPjXcbLm7qt9cuzovk2C2qUtN8iD3zV9/ZHuO3ABc
+1/p3yjkWWW8O6tO1g39NTUJWdrTJXwT4OPjr0l91X817/OWOgHz8UA==
+-----END CERTIFICATE-----
--- /dev/null
+issuer= /C=US/O=RSA Data Security, Inc./OU=Secure Server Certification Authority
+subject=/C=US/O=RSA Data Security, Inc./OU=Secure Server Certification Authority
+Certificate:
+ Data:
+ Version: 1 (0x0)
+ Serial Number:
+ 02:ad:66:7e:4e:45:fe:5e:57:6f:3c:98:19:5e:dd:c0
+ Signature Algorithm: md2WithRSAEncryption
+ Issuer: C=US, O=RSA Data Security, Inc., OU=Secure Server Certification Authority
+ Validity
+ Not Before: Nov 9 00:00:00 1994 GMT
+ Not After : Jan 7 23:59:59 2010 GMT
+ Subject: C=US, O=RSA Data Security, Inc., OU=Secure Server Certification Authority
+ Subject Public Key Info:
+ Public Key Algorithm: rsaEncryption
+ RSA Public Key: (1000 bit)
+ Modulus (1000 bit):
+ 00:92:ce:7a:c1:ae:83:3e:5a:aa:89:83:57:ac:25:
+ 01:76:0c:ad:ae:8e:2c:37:ce:eb:35:78:64:54:03:
+ e5:84:40:51:c9:bf:8f:08:e2:8a:82:08:d2:16:86:
+ 37:55:e9:b1:21:02:ad:76:68:81:9a:05:a2:4b:c9:
+ 4b:25:66:22:56:6c:88:07:8f:f7:81:59:6d:84:07:
+ 65:70:13:71:76:3e:9b:77:4c:e3:50:89:56:98:48:
+ b9:1d:a7:29:1a:13:2e:4a:11:59:9c:1e:15:d5:49:
+ 54:2c:73:3a:69:82:b1:97:39:9c:6d:70:67:48:e5:
+ dd:2d:d6:c8:1e:7b
+ Exponent: 65537 (0x10001)
+ Signature Algorithm: md2WithRSAEncryption
+ 65:dd:7e:e1:b2:ec:b0:e2:3a:e0:ec:71:46:9a:19:11:b8:d3:
+ c7:a0:b4:03:40:26:02:3e:09:9c:e1:12:b3:d1:5a:f6:37:a5:
+ b7:61:03:b6:5b:16:69:3b:c6:44:08:0c:88:53:0c:6b:97:49:
+ c7:3e:35:dc:6c:b9:bb:aa:df:5c:bb:3a:2f:93:60:b6:a9:4b:
+ 4d:f2:20:f7:cd:5f:7f:64:7b:8e:dc:00:5c:d7:fa:77:ca:39:
+ 16:59:6f:0e:ea:d3:b5:83:7f:4d:4d:42:56:76:b4:c9:5f:04:
+ f8:38:f8:eb:d2:5f:75:5f:cd:7b:fc:e5:8e:80:7c:fc:50
+-----BEGIN CERTIFICATE-----
+MIICNDCCAaECEAKtZn5ORf5eV288mBle3cAwDQYJKoZIhvcNAQECBQAwXzELMAkG
+A1UEBhMCVVMxIDAeBgNVBAoTF1JTQSBEYXRhIFNlY3VyaXR5LCBJbmMuMS4wLAYD
+VQQLEyVTZWN1cmUgU2VydmVyIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTk0
+MTEwOTAwMDAwMFoXDTEwMDEwNzIzNTk1OVowXzELMAkGA1UEBhMCVVMxIDAeBgNV
+BAoTF1JTQSBEYXRhIFNlY3VyaXR5LCBJbmMuMS4wLAYDVQQLEyVTZWN1cmUgU2Vy
+dmVyIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MIGbMA0GCSqGSIb3DQEBAQUAA4GJ
+ADCBhQJ+AJLOesGugz5aqomDV6wlAXYMra6OLDfO6zV4ZFQD5YRAUcm/jwjiioII
+0haGN1XpsSECrXZogZoFokvJSyVmIlZsiAeP94FZbYQHZXATcXY+m3dM41CJVphI
+uR2nKRoTLkoRWZweFdVJVCxzOmmCsZc5nG1wZ0jl3S3WyB57AgMBAAEwDQYJKoZI
+hvcNAQECBQADfgBl3X7hsuyw4jrg7HFGmhkRuNPHoLQDQCYCPgmc4RKz0Vr2N6W3
+YQO2WxZpO8ZECAyIUwxrl0nHPjXcbLm7qt9cuzovk2C2qUtN8iD3zV9/ZHuO3ABc
+1/p3yjkWWW8O6tO1g39NTUJWdrTJXwT4OPjr0l91X817/OWOgHz8UA==
+-----END CERTIFICATE-----
{
if (cert_file != NULL)
{
+ /*
SSL *ssl;
X509 *x509;
+ */
if (SSL_CTX_use_certificate_file(ctx,cert_file,
SSL_FILETYPE_PEM) <= 0)
return(0);
}
+ /*
+ In theory this is no longer needed
ssl=SSL_new(ctx);
x509=SSL_get_certificate(ssl);
EVP_PKEY_copy_parameters(X509_get_pubkey(x509),
SSL_get_privatekey(ssl));
SSL_free(ssl);
+ */
/* If we are using DSA, we can copy the parameters from
* the private key */
BIO_printf(bio_err," -no_tls1/-no_ssl3/-no_ssl2 - turn off that protocol\n");
BIO_printf(bio_err," -bugs - Switch on all SSL implementation bug workarounds\n");
BIO_printf(bio_err," -cipher - prefered cipher to use, use the 'ssleay ciphers'\n");
- BIO_printf(bio_err," command to se what is available\n");
+ BIO_printf(bio_err," command to see what is available\n");
}
#ifdef RENEG
{ static int iiii; if (++iiii == 52) { SSL_renegotiate(con); iiii=0; } }
#endif
+#if 1
k=SSL_read(con,sbuf,1024 /* BUFSIZZ */ );
+#else
+/* Demo for pending and peek :-) */
+ k=SSL_read(con,sbuf,16);
+{ char zbuf[10240];
+printf("read=%d pending=%d peek=%d\n",k,SSL_pending(con),SSL_peek(con,zbuf,10240));
+}
+#endif
switch (SSL_get_error(con,k))
{
case SSL_ERROR_SSL:
ERR_print_errors(bio_err);
goto shut;
- break;
+ /* break; */
}
}
sk=SSL_get_peer_cert_chain(s);
if (sk != NULL)
{
- BIO_printf(bio,"---\nCertficate chain\n");
+ BIO_printf(bio,"---\nCertificate chain\n");
for (i=0; i<sk_num(sk); i++)
{
X509_NAME_oneline(X509_get_subject_name((X509 *)
/* static int load_CA(SSL_CTX *ctx, char *file);*/
#undef BUFSIZZ
-#define BUFSIZZ 8*1024
+#define BUFSIZZ 16*1024
+static int bufsize=32;
static int accept_socket= -1;
#define TEST_CERT "server.pem"
SSL *con=NULL;
BIO *sbio;
- if ((buf=Malloc(BUFSIZZ)) == NULL)
+ if ((buf=Malloc(bufsize)) == NULL)
{
BIO_printf(bio_err,"out of memory\n");
goto err;
if (i <= 0) continue;
if (FD_ISSET(fileno(stdin),&readfds))
{
- i=read(fileno(stdin),buf,128/*BUFSIZZ*/);
+ i=read(fileno(stdin),buf,bufsize);
if (!s_quiet)
{
if ((i <= 0) || (buf[0] == 'Q'))
printf("SSL_do_handshake -> %d\n",i);
i=0; /*13; */
continue;
- strcpy(buf,"server side RE-NEGOTIATE\n");
+ /* strcpy(buf,"server side RE-NEGOTIATE\n"); */
}
if ((buf[0] == 'R') &&
((buf[1] == '\0') || (buf[1] == '\r')))
printf("SSL_do_handshake -> %d\n",i);
i=0; /* 13; */
continue;
- strcpy(buf,"server side RE-NEGOTIATE asking for client cert\n");
+ /* strcpy(buf,"server side RE-NEGOTIATE asking for client cert\n"); */
}
if (buf[0] == 'P')
{
ERR_print_errors(bio_err);
ret=1;
goto err;
- break;
+ /* break; */
case SSL_ERROR_ZERO_RETURN:
BIO_printf(bio_s_out,"DONE\n");
ret=1;
}
else
{
- i=SSL_read(con,(char *)buf,128 /*BUFSIZZ */);
+again:
+ i=SSL_read(con,(char *)buf,bufsize);
switch (SSL_get_error(con,i))
{
case SSL_ERROR_NONE:
write(fileno(stdout),buf,
(unsigned int)i);
+ if (SSL_pending(con)) goto again;
break;
case SSL_ERROR_WANT_WRITE:
case SSL_ERROR_WANT_READ:
BIO_printf(bio_s_out,"CONNECTION CLOSED\n");
if (buf != NULL)
{
- memset(buf,0,BUFSIZZ);
+ memset(buf,0,bufsize);
Free(buf);
}
if (ret >= 0)
str=SSL_CIPHER_get_name(SSL_get_current_cipher(con));
BIO_printf(bio_s_out,"CIPHER is %s\n",(str != NULL)?str:"(NONE)");
if (con->hit) BIO_printf(bio_s_out,"Reused session-id\n");
+ if (SSL_ctrl(con,SSL_CTRL_GET_FLAGS,0,NULL) &
+ TLS1_FLAGS_TLS_PADDING_BUG)
+ BIO_printf(bio_s_out,"Peer has incorrect TLSv1 block padding\n");
+
return(1);
}
char *hostname;
int s;
{
- char buf[1024];
+ char *buf=NULL;
int ret=1;
int i,j,k,blank,dot;
struct stat st_buf;
BIO *io,*ssl_bio,*sbio;
long total_bytes;
+ buf=Malloc(bufsize);
+ if (buf == NULL) return(0);
io=BIO_new(BIO_f_buffer());
ssl_bio=BIO_new(BIO_f_ssl());
if ((io == NULL) || (ssl_bio == NULL)) goto err;
#endif
/* lets make the output buffer a reasonable size */
- if (!BIO_set_write_buffer_size(io,253 /*16*1024*/)) goto err;
+ if (!BIO_set_write_buffer_size(io,bufsize)) goto err;
if ((con=(SSL *)SSL_new(ctx)) == NULL) goto err;
case SSL_ERROR_ZERO_RETURN:
ret=1;
goto err;
- break;
+ /* break; */
}
SSL_renegotiate(con);
SSL_write(con,NULL,0);
}
- i=BIO_gets(io,buf,sizeof(buf)-1);
+ i=BIO_gets(io,buf,bufsize-1);
if (i < 0) /* error */
{
if (!BIO_should_retry(io))
BIO_puts(io,"\n");
}
BIO_puts(io,"\n");
- p=SSL_get_shared_ciphers(con,buf,sizeof(buf));
+ p=SSL_get_shared_ciphers(con,buf,bufsize);
if (p != NULL)
{
BIO_printf(io,"---\nCiphers common between both SSL end points:\n");
total_bytes=0;
for (;;)
{
- i=BIO_read(file,buf,1024);
+ i=BIO_read(file,buf,bufsize);
if (i <= 0) break;
+#ifdef RENEG
total_bytes+=i;
fprintf(stderr,"%d\n",i);
if (total_bytes > 3*1024)
fprintf(stderr,"RENEGOTIATE\n");
SSL_renegotiate(con);
}
+#endif
for (j=0; j<i; )
{
if (ret >= 0)
BIO_printf(bio_s_out,"ACCEPT\n");
+ if (buf != NULL) Free(buf);
if (io != NULL) BIO_free_all(io);
/* if (ssl_bio != NULL) BIO_free(ssl_bio);*/
return(ret);
#include <sys/select.h>
#endif
-#ifdef sun
+#if defined(sun) || defined(__ultrix)
+#define _POSIX_SOURCE
#include <limits.h>
#include <sys/param.h>
#endif
--- /dev/null
+/* apps/s_client.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#define USE_SOCKETS
+#ifdef NO_STDIO
+#define APPS_WIN16
+#endif
+#include "apps.h"
+#include "x509.h"
+#include "ssl.h"
+#include "err.h"
+#include "pem.h"
+#include "s_apps.h"
+
+#ifdef WINDOWS
+/* Most of the #if(n)def WINDOWS put in by Gerrit van Niekerk
+ <gerritvn@osi.co.za> to support the keyboard under Windows.
+ Tested using Win95, *should* work with NT and Win3.x
+*/
+#include <conio.h>
+#endif
+
+#undef PROG
+#define PROG s_client_main
+
+/*#define SSL_HOST_NAME "www.netscape.com" */
+/*#define SSL_HOST_NAME "193.118.187.102" */
+#define SSL_HOST_NAME "localhost"
+
+/*#define TEST_CERT "client.pem" */ /* no default cert. */
+
+#undef BUFSIZZ
+#define BUFSIZZ 1024*8
+
+extern int verify_depth;
+extern int verify_error;
+
+#ifdef FIONBIO
+static int c_nbio=0;
+#endif
+static int c_Pause=0;
+static int c_debug=0;
+
+#ifndef NOPROTO
+static void sc_usage(void);
+static void print_stuff(BIO *berr,SSL *con,int full);
+#else
+static void sc_usage();
+static void print_stuff();
+#endif
+
+static BIO *bio_c_out=NULL;
+static int c_quiet=0;
+
+static void sc_usage()
+ {
+ BIO_printf(bio_err,"usage: client args\n");
+ BIO_printf(bio_err,"\n");
+ BIO_printf(bio_err," -host host - use -connect instead\n");
+ BIO_printf(bio_err," -port port - use -connect instead\n");
+ BIO_printf(bio_err," -connect host:port - who to connect to (default is %s:%s)\n",SSL_HOST_NAME,PORT_STR);
+
+ BIO_printf(bio_err," -verify arg - turn on peer certificate verification\n");
+ BIO_printf(bio_err," -cert arg - certificate file to use, PEM format assumed\n");
+ BIO_printf(bio_err," -key arg - Private key file to use, PEM format assumed, in cert file if\n");
+ BIO_printf(bio_err," not specified but cert file is.\n");
+ BIO_printf(bio_err," -CApath arg - PEM format directory of CA's\n");
+ BIO_printf(bio_err," -CAfile arg - PEM format file of CA's\n");
+ BIO_printf(bio_err," -reconnect - Drop and re-make the connection with the same Session-ID\n");
+ BIO_printf(bio_err," -pause - sleep(1) after each read(2) and write(2) system call\n");
+ BIO_printf(bio_err," -debug - extra output\n");
+ BIO_printf(bio_err," -nbio_test - more ssl protocol testing\n");
+ BIO_printf(bio_err," -state - print the 'ssl' states\n");
+#ifdef FIONBIO
+ BIO_printf(bio_err," -nbio - Run with non-blocking IO\n");
+#endif
+ BIO_printf(bio_err," -quiet - no s_client output\n");
+ BIO_printf(bio_err," -ssl2 - just use SSLv2\n");
+ BIO_printf(bio_err," -ssl3 - just use SSLv3\n");
+ BIO_printf(bio_err," -tls1 - just use TLSv1\n");
+ BIO_printf(bio_err," -no_tls1/-no_ssl3/-no_ssl2 - turn off that protocol\n");
+ BIO_printf(bio_err," -bugs - Switch on all SSL implementation bug workarounds\n");
+ BIO_printf(bio_err," -cipher - prefered cipher to use, use the 'ssleay ciphers'\n");
+ BIO_printf(bio_err," command to see what is available\n");
+
+ }
+
+int MAIN(argc, argv)
+int argc;
+char **argv;
+ {
+ int off=0;
+ SSL *con=NULL,*con2=NULL;
+ int s,k,width,state=0;
+ char *cbuf=NULL,*sbuf=NULL;
+ int cbuf_len,cbuf_off;
+ int sbuf_len,sbuf_off;
+ fd_set readfds,writefds;
+ short port=PORT;
+ int full_log=1;
+ char *host=SSL_HOST_NAME;
+ char *cert_file=NULL,*key_file=NULL;
+ char *CApath=NULL,*CAfile=NULL,*cipher=NULL;
+ int reconnect=0,badop=0,verify=SSL_VERIFY_NONE,bugs=0;
+ int write_tty,read_tty,write_ssl,read_ssl,tty_on;
+ SSL_CTX *ctx=NULL;
+ int ret=1,in_init=1,i,nbio_test=0;
+ SSL_METHOD *meth=NULL;
+ BIO *sbio;
+ /*static struct timeval timeout={10,0};*/
+
+#if !defined(NO_SSL2) && !defined(NO_SSL3)
+ meth=SSLv23_client_method();
+#elif !defined(NO_SSL3)
+ meth=SSLv3_client_method();
+#elif !defined(NO_SSL2)
+ meth=SSLv2_client_method();
+#endif
+
+ apps_startup();
+ c_Pause=0;
+ c_quiet=0;
+ c_debug=0;
+
+ if (bio_err == NULL)
+ bio_err=BIO_new_fp(stderr,BIO_NOCLOSE);
+
+ if ( ((cbuf=Malloc(BUFSIZZ)) == NULL) ||
+ ((sbuf=Malloc(BUFSIZZ)) == NULL))
+ {
+ BIO_printf(bio_err,"out of memory\n");
+ goto end;
+ }
+
+ verify_depth=0;
+ verify_error=X509_V_OK;
+#ifdef FIONBIO
+ c_nbio=0;
+#endif
+#ifdef WINDOWS
+ c_nbio = 1;
+#endif
+
+ argc--;
+ argv++;
+ while (argc >= 1)
+ {
+ if (strcmp(*argv,"-host") == 0)
+ {
+ if (--argc < 1) goto bad;
+ host= *(++argv);
+ }
+ else if (strcmp(*argv,"-port") == 0)
+ {
+ if (--argc < 1) goto bad;
+ port=atoi(*(++argv));
+ if (port == 0) goto bad;
+ }
+ else if (strcmp(*argv,"-connect") == 0)
+ {
+ if (--argc < 1) goto bad;
+ if (!extract_host_port(*(++argv),&host,NULL,&port))
+ goto bad;
+ }
+ else if (strcmp(*argv,"-verify") == 0)
+ {
+ verify=SSL_VERIFY_PEER;
+ if (--argc < 1) goto bad;
+ verify_depth=atoi(*(++argv));
+ BIO_printf(bio_err,"verify depth is %d\n",verify_depth);
+ }
+ else if (strcmp(*argv,"-cert") == 0)
+ {
+ if (--argc < 1) goto bad;
+ cert_file= *(++argv);
+ }
+ else if (strcmp(*argv,"-quiet") == 0)
+ c_quiet=1;
+ else if (strcmp(*argv,"-pause") == 0)
+ c_Pause=1;
+ else if (strcmp(*argv,"-debug") == 0)
+ c_debug=1;
+ else if (strcmp(*argv,"-nbio_test") == 0)
+ nbio_test=1;
+ else if (strcmp(*argv,"-state") == 0)
+ state=1;
+#ifndef NO_SSL2
+ else if (strcmp(*argv,"-ssl2") == 0)
+ meth=SSLv2_client_method();
+#endif
+#ifndef NO_SSL3
+ else if (strcmp(*argv,"-ssl3") == 0)
+ meth=SSLv3_client_method();
+#endif
+#ifndef NO_TLS1
+ else if (strcmp(*argv,"-tls1") == 0)
+ meth=TLSv1_client_method();
+#endif
+ else if (strcmp(*argv,"-bugs") == 0)
+ bugs=1;
+ else if (strcmp(*argv,"-key") == 0)
+ {
+ if (--argc < 1) goto bad;
+ key_file= *(++argv);
+ }
+ else if (strcmp(*argv,"-reconnect") == 0)
+ {
+ reconnect=5;
+ }
+ else if (strcmp(*argv,"-CApath") == 0)
+ {
+ if (--argc < 1) goto bad;
+ CApath= *(++argv);
+ }
+ else if (strcmp(*argv,"-CAfile") == 0)
+ {
+ if (--argc < 1) goto bad;
+ CAfile= *(++argv);
+ }
+ else if (strcmp(*argv,"-no_tls1") == 0)
+ off|=SSL_OP_NO_TLSv1;
+ else if (strcmp(*argv,"-no_ssl3") == 0)
+ off|=SSL_OP_NO_SSLv3;
+ else if (strcmp(*argv,"-no_ssl2") == 0)
+ off|=SSL_OP_NO_SSLv2;
+ else if (strcmp(*argv,"-cipher") == 0)
+ {
+ if (--argc < 1) goto bad;
+ cipher= *(++argv);
+ }
+#ifdef FIONBIO
+ else if (strcmp(*argv,"-nbio") == 0)
+ { c_nbio=1; }
+#endif
+ else
+ {
+ BIO_printf(bio_err,"unknown option %s\n",*argv);
+ badop=1;
+ break;
+ }
+ argc--;
+ argv++;
+ }
+ if (badop)
+ {
+bad:
+ sc_usage();
+ goto end;
+ }
+
+ if (bio_c_out == NULL)
+ {
+ if (c_quiet)
+ {
+ bio_c_out=BIO_new(BIO_s_null());
+ }
+ else
+ {
+ if (bio_c_out == NULL)
+ bio_c_out=BIO_new_fp(stdout,BIO_NOCLOSE);
+ }
+ }
+
+ SSLeay_add_ssl_algorithms();
+ ctx=SSL_CTX_new(meth);
+ if (ctx == NULL)
+ {
+ ERR_print_errors(bio_err);
+ goto end;
+ }
+
+ if (bugs)
+ SSL_CTX_set_options(ctx,SSL_OP_ALL|off);
+ else
+ SSL_CTX_set_options(ctx,off);
+
+ if (state) SSL_CTX_set_info_callback(ctx,apps_ssl_info_callback);
+ if (cipher != NULL)
+ SSL_CTX_set_cipher_list(ctx,cipher);
+#if 0
+ else
+ SSL_CTX_set_cipher_list(ctx,getenv("SSL_CIPHER"));
+#endif
+
+ SSL_CTX_set_verify(ctx,verify,verify_callback);
+ if (!set_cert_stuff(ctx,cert_file,key_file))
+ goto end;
+
+ if ((!SSL_CTX_load_verify_locations(ctx,CAfile,CApath)) ||
+ (!SSL_CTX_set_default_verify_paths(ctx)))
+ {
+ /* BIO_printf(bio_err,"error seting default verify locations\n"); */
+ ERR_print_errors(bio_err);
+ /* goto end; */
+ }
+
+ SSL_load_error_strings();
+
+ con=(SSL *)SSL_new(ctx);
+/* SSL_set_cipher_list(con,"RC4-MD5"); */
+
+re_start:
+
+ if (init_client(&s,host,port) == 0)
+ {
+ BIO_printf(bio_err,"connect:errno=%d\n",get_last_socket_error());
+ SHUTDOWN(s);
+ goto end;
+ }
+ BIO_printf(bio_c_out,"CONNECTED(%08X)\n",s);
+
+#ifdef FIONBIO
+ if (c_nbio)
+ {
+ unsigned long l=1;
+ BIO_printf(bio_c_out,"turning on non blocking io\n");
+ if (BIO_socket_ioctl(s,FIONBIO,&l) < 0)
+ {
+ ERR_print_errors(bio_err);
+ goto end;
+ }
+ }
+#endif
+ if (c_Pause & 0x01) con->debug=1;
+ sbio=BIO_new_socket(s,BIO_NOCLOSE);
+
+ if (nbio_test)
+ {
+ BIO *test;
+
+ test=BIO_new(BIO_f_nbio_test());
+ sbio=BIO_push(test,sbio);
+ }
+
+ if (c_debug)
+ {
+ con->debug=1;
+ BIO_set_callback(sbio,bio_dump_cb);
+ BIO_set_callback_arg(sbio,bio_c_out);
+ }
+
+ SSL_set_bio(con,sbio,sbio);
+ SSL_set_connect_state(con);
+
+ /* ok, lets connect */
+ width=SSL_get_fd(con)+1;
+
+ read_tty=1;
+ write_tty=0;
+ tty_on=0;
+ read_ssl=1;
+ write_ssl=1;
+
+ cbuf_len=0;
+ cbuf_off=0;
+ sbuf_len=0;
+ sbuf_off=0;
+
+ for (;;)
+ {
+ FD_ZERO(&readfds);
+ FD_ZERO(&writefds);
+
+ if (SSL_in_init(con) && !SSL_total_renegotiations(con))
+ {
+ in_init=1;
+ tty_on=0;
+ }
+ else
+ {
+ tty_on=1;
+ if (in_init)
+ {
+ in_init=0;
+ print_stuff(bio_c_out,con,full_log);
+ if (full_log > 0) full_log--;
+
+ if (reconnect)
+ {
+ reconnect--;
+ BIO_printf(bio_c_out,"drop connection and then reconnect\n");
+ SSL_shutdown(con);
+ SSL_set_connect_state(con);
+ SHUTDOWN(SSL_get_fd(con));
+ goto re_start;
+ }
+ }
+ }
+
+#ifndef WINDOWS
+ if (tty_on)
+ {
+ if (read_tty) FD_SET(fileno(stdin),&readfds);
+ if (write_tty) FD_SET(fileno(stdout),&writefds);
+ }
+#endif
+ if (read_ssl)
+ FD_SET(SSL_get_fd(con),&readfds);
+ if (write_ssl)
+ FD_SET(SSL_get_fd(con),&writefds);
+
+/* printf("mode tty(%d %d%d) ssl(%d%d)\n",
+ tty_on,read_tty,write_tty,read_ssl,write_ssl);*/
+
+#ifndef WINDOWS
+ i=select(width,&readfds,&writefds,NULL,NULL);
+ if ( i < 0)
+ {
+ BIO_printf(bio_err,"bad select %d\n",
+ get_last_socket_error());
+ goto shut;
+ /* goto end; */
+ }
+
+ if (FD_ISSET(SSL_get_fd(con),&writefds))
+#else
+ if (write_ssl)
+#endif
+ {
+ k=SSL_write(con,&(cbuf[cbuf_off]),
+ (unsigned int)cbuf_len);
+ switch (SSL_get_error(con,k))
+ {
+ case SSL_ERROR_NONE:
+ cbuf_off+=k;
+ cbuf_len-=k;
+ if (k <= 0) goto end;
+ /* we have done a write(con,NULL,0); */
+ if (cbuf_len <= 0)
+ {
+ read_tty=1;
+ write_ssl=0;
+ }
+ else /* if (cbuf_len > 0) */
+ {
+ read_tty=0;
+ write_ssl=1;
+ }
+ break;
+ case SSL_ERROR_WANT_WRITE:
+#ifndef WINDOWS
+ BIO_printf(bio_c_out,"write W BLOCK\n");
+#endif
+ write_ssl=1;
+ read_tty=0;
+ break;
+ case SSL_ERROR_WANT_READ:
+#ifndef WINDOWS
+ BIO_printf(bio_c_out,"write R BLOCK\n");
+#endif
+ write_tty=0;
+ read_ssl=1;
+ write_ssl=0;
+ break;
+ case SSL_ERROR_WANT_X509_LOOKUP:
+ BIO_printf(bio_c_out,"write X BLOCK\n");
+ break;
+ case SSL_ERROR_ZERO_RETURN:
+ if (cbuf_len != 0)
+ {
+ BIO_printf(bio_c_out,"shutdown\n");
+ goto shut;
+ }
+ else
+ {
+ read_tty=1;
+ write_ssl=0;
+ break;
+ }
+
+ case SSL_ERROR_SYSCALL:
+ if ((k != 0) || (cbuf_len != 0))
+ {
+ BIO_printf(bio_err,"write:errno=%d\n",
+ get_last_socket_error());
+ goto shut;
+ }
+ else
+ {
+ read_tty=1;
+ write_ssl=0;
+ }
+ break;
+ case SSL_ERROR_SSL:
+ ERR_print_errors(bio_err);
+ goto shut;
+ }
+ }
+#ifndef WINDOWS
+ else if (FD_ISSET(fileno(stdout),&writefds))
+#else
+ else if (tty_on && write_tty)
+#endif
+ {
+ i=write(fileno(stdout),&(sbuf[sbuf_off]),sbuf_len);
+
+ if (i <= 0)
+ {
+ BIO_printf(bio_c_out,"DONE\n");
+ goto shut;
+ /* goto end; */
+ }
+
+ sbuf_len-=i;;
+ sbuf_off+=i;
+ if (sbuf_len <= 0)
+ {
+ read_ssl=1;
+ write_tty=0;
+ }
+ }
+#ifndef WINDOWS
+ else if (FD_ISSET(SSL_get_fd(con),&readfds))
+#else
+ if (read_ssl)
+#endif
+ {
+#ifdef RENEG
+{ static int iiii; if (++iiii == 52) { SSL_renegotiate(con); iiii=0; } }
+#endif
+ k=SSL_read(con,sbuf,1024 /* BUFSIZZ */ );
+
+ switch (SSL_get_error(con,k))
+ {
+ case SSL_ERROR_NONE:
+ if (k <= 0)
+ goto end;
+ sbuf_off=0;
+ sbuf_len=k;
+
+ read_ssl=0;
+ write_tty=1;
+ break;
+ case SSL_ERROR_WANT_WRITE:
+#ifndef WINDOWS
+ BIO_printf(bio_c_out,"read W BLOCK\n");
+#endif
+ write_ssl=1;
+ read_tty=0;
+ break;
+ case SSL_ERROR_WANT_READ:
+#ifndef WINDOWS
+ BIO_printf(bio_c_out,"read R BLOCK\n");
+#endif
+ write_tty=0;
+ read_ssl=1;
+ if ((read_tty == 0) && (write_ssl == 0))
+ write_ssl=1;
+ break;
+ case SSL_ERROR_WANT_X509_LOOKUP:
+ BIO_printf(bio_c_out,"read X BLOCK\n");
+ break;
+ case SSL_ERROR_SYSCALL:
+ BIO_printf(bio_err,"read:errno=%d\n",get_last_socket_error());
+ goto shut;
+ case SSL_ERROR_ZERO_RETURN:
+ BIO_printf(bio_c_out,"closed\n");
+ goto shut;
+ case SSL_ERROR_SSL:
+ ERR_print_errors(bio_err);
+ goto shut;
+ break;
+ }
+ }
+
+#ifndef WINDOWS
+ else if (FD_ISSET(fileno(stdin),&readfds))
+ {
+ i=read(fileno(stdin),cbuf,BUFSIZZ);
+#else
+ if (tty_on && read_tty && _kbhit())
+ {
+ i = 1;
+ cbuf[0] = _getch();
+#endif
+
+ if ((!c_quiet) && ((i <= 0) || (cbuf[0] == 'Q')))
+ {
+ BIO_printf(bio_err,"DONE\n");
+ goto shut;
+ }
+
+ if ((!c_quiet) && (cbuf[0] == 'R'))
+ {
+ SSL_renegotiate(con);
+ read_tty=0;
+ write_ssl=1;
+ }
+ else
+ {
+ cbuf_len=i;
+ cbuf_off=0;
+ }
+
+ read_tty=0;
+ write_ssl=1;
+ }
+ }
+shut:
+ SSL_shutdown(con);
+ SHUTDOWN(SSL_get_fd(con));
+ ret=0;
+end:
+ if (con != NULL) SSL_free(con);
+ if (con2 != NULL) SSL_free(con2);
+ if (ctx != NULL) SSL_CTX_free(ctx);
+ if (cbuf != NULL) { memset(cbuf,0,BUFSIZZ); Free(cbuf); }
+ if (sbuf != NULL) { memset(sbuf,0,BUFSIZZ); Free(sbuf); }
+ if (bio_c_out != NULL)
+ {
+ BIO_free(bio_c_out);
+ bio_c_out=NULL;
+ }
+ EXIT(ret);
+ }
+
+
+static void print_stuff(bio,s,full)
+BIO *bio;
+SSL *s;
+int full;
+ {
+ X509 *peer=NULL;
+ char *p;
+ static char *space=" ";
+ char buf[BUFSIZ];
+ STACK *sk;
+ SSL_CIPHER *c;
+ X509_NAME *xn;
+ int j,i;
+
+ if (full)
+ {
+ sk=SSL_get_peer_cert_chain(s);
+ if (sk != NULL)
+ {
+ BIO_printf(bio,"---\nCertificate chain\n");
+ for (i=0; i<sk_num(sk); i++)
+ {
+ X509_NAME_oneline(X509_get_subject_name((X509 *)
+ sk_value(sk,i)),buf,BUFSIZ);
+ BIO_printf(bio,"%2d s:%s\n",i,buf);
+ X509_NAME_oneline(X509_get_issuer_name((X509 *)
+ sk_value(sk,i)),buf,BUFSIZ);
+ BIO_printf(bio," i:%s\n",buf);
+ }
+ }
+
+ BIO_printf(bio,"---\n");
+ peer=SSL_get_peer_certificate(s);
+ if (peer != NULL)
+ {
+ BIO_printf(bio,"Server certificate\n");
+ PEM_write_bio_X509(bio,peer);
+ X509_NAME_oneline(X509_get_subject_name(peer),
+ buf,BUFSIZ);
+ BIO_printf(bio,"subject=%s\n",buf);
+ X509_NAME_oneline(X509_get_issuer_name(peer),
+ buf,BUFSIZ);
+ BIO_printf(bio,"issuer=%s\n",buf);
+ }
+ else
+ BIO_printf(bio,"no peer certificate available\n");
+
+ sk=SSL_get_client_CA_list(s);
+ if ((sk != NULL) && (sk_num(sk) > 0))
+ {
+ BIO_printf(bio,"---\nAcceptable client certificate CA names\n");
+ for (i=0; i<sk_num(sk); i++)
+ {
+ xn=(X509_NAME *)sk_value(sk,i);
+ X509_NAME_oneline(xn,buf,sizeof(buf));
+ BIO_write(bio,buf,strlen(buf));
+ BIO_write(bio,"\n",1);
+ }
+ }
+ else
+ {
+ BIO_printf(bio,"---\nNo client certificate CA names sent\n");
+ }
+ p=SSL_get_shared_ciphers(s,buf,BUFSIZ);
+ if (p != NULL)
+ {
+ BIO_printf(bio,"---\nCiphers common between both SSL endpoints:\n");
+ j=i=0;
+ while (*p)
+ {
+ if (*p == ':')
+ {
+ BIO_write(bio,space,15-j%25);
+ i++;
+ j=0;
+ BIO_write(bio,((i%3)?" ":"\n"),1);
+ }
+ else
+ {
+ BIO_write(bio,p,1);
+ j++;
+ }
+ p++;
+ }
+ BIO_write(bio,"\n",1);
+ }
+
+ BIO_printf(bio,"---\nSSL handshake has read %ld bytes and written %ld bytes\n",
+ BIO_number_read(SSL_get_rbio(s)),
+ BIO_number_written(SSL_get_wbio(s)));
+ }
+ BIO_printf(bio,((s->hit)?"---\nReused, ":"---\nNew, "));
+ c=SSL_get_current_cipher(s);
+ BIO_printf(bio,"%s, Cipher is %s\n",
+ SSL_CIPHER_get_version(c),
+ SSL_CIPHER_get_name(c));
+ if (peer != NULL)
+ BIO_printf(bio,"Server public key is %d bit\n",
+ EVP_PKEY_bits(X509_get_pubkey(peer)));
+ SSL_SESSION_print(bio,SSL_get_session(s));
+ BIO_printf(bio,"---\n");
+ if (peer != NULL)
+ X509_free(peer);
+ }
+
issuer= /C=AU/ST=Queensland/O=CryptSoft Pty Ltd/CN=Test CA (1024 bit)
subject=/C=AU/ST=Queensland/O=CryptSoft Pty Ltd/CN=Server test cert (512 bit)
-----BEGIN CERTIFICATE-----
-MIIB6TCCAVICAQAwDQYJKoZIhvcNAQEEBQAwWzELMAkGA1UEBhMCQVUxEzARBgNV
+MIIB6TCCAVICAQQwDQYJKoZIhvcNAQEEBQAwWzELMAkGA1UEBhMCQVUxEzARBgNV
BAgTClF1ZWVuc2xhbmQxGjAYBgNVBAoTEUNyeXB0U29mdCBQdHkgTHRkMRswGQYD
-VQQDExJUZXN0IENBICgxMDI0IGJpdCkwHhcNOTcwNjA5MTM1NzQ2WhcNOTgwNjA5
-MTM1NzQ2WjBjMQswCQYDVQQGEwJBVTETMBEGA1UECBMKUXVlZW5zbGFuZDEaMBgG
+VQQDExJUZXN0IENBICgxMDI0IGJpdCkwHhcNOTgwNjI5MjM1MjQwWhcNMDAwNjI4
+MjM1MjQwWjBjMQswCQYDVQQGEwJBVTETMBEGA1UECBMKUXVlZW5zbGFuZDEaMBgG
A1UEChMRQ3J5cHRTb2Z0IFB0eSBMdGQxIzAhBgNVBAMTGlNlcnZlciB0ZXN0IGNl
cnQgKDUxMiBiaXQpMFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJ+zw4Qnlf8SMVIP
Fe9GEcStgOY2Ww/dgNdhjeD8ckUJNP5VZkVDTGiXav6ooKXfX3j/7tdkuD8Ey2//
-Kv7+ue0CAwEAATANBgkqhkiG9w0BAQQFAAOBgQB4TMR2CvacKE9wAsu9jyCX8YiW
-mgCM+YoP6kt4Zkj2z5IRfm7WrycKsnpnOR+tGeqAjkCeZ6/36o9l91RvPnN1VJ/i
-xQv2df0KFeMr00IkDdTNAdIWqFkSsZTAY2QAdgenb7MB1joejquYzO2DQIO7+wpH
-irObpESxAZLySCmPPg==
+Kv7+ue0CAwEAATANBgkqhkiG9w0BAQQFAAOBgQCVvvfkGSe2GHgDFfmOua4Isjb9
+JVhImWMASiOClkZlMESDJjsszg/6+d/W+8TrbObhazpl95FivXBVucbj9dudh7AO
+IZu1h1MAPlyknc9Ud816vz3FejB4qqUoaXjnlkrIgEbr/un7jSS86WOe0hRhwHkJ
+FUGcPZf9ND22Etc+AQ==
-----END CERTIFICATE-----
-----BEGIN RSA PRIVATE KEY-----
MIIBPAIBAAJBAJ+zw4Qnlf8SMVIPFe9GEcStgOY2Ww/dgNdhjeD8ckUJNP5VZkVD
#undef PROG
#define PROG sess_id_main
-#define FORMAT_UNDEF 0
-#define FORMAT_ASN1 1
-#define FORMAT_TEXT 2
-#define FORMAT_PEM 3
-
static char *sess_id_usage[]={
"usage: crl args\n",
"\n",
#undef SECONDS
#define SECONDS 3
-#define RSA_SECONDS 10
-#define DSA_SECONDS 10
+#define RSA_SECONDS 10
+#define DSA_SECONDS 10
/* 11-Sep-92 Andrew Daviel Support for Silicon Graphics IRIX added */
/* 06-Apr-92 Luke Brennan Support for VMS and add extra signal calls */
#include <sys/timeb.h>
#endif
-#ifdef sun
+#if defined(sun) || defined(__ultrix)
+#define _POSIX_SOURCE
#include <limits.h>
#include <sys/param.h>
#endif
int pr_header=0;
apps_startup();
+#ifdef NO_DSA
+ memset(dsa_key,0,sizeof(dsa_key));
+#endif
if (bio_err == NULL)
if ((bio_err=BIO_new(BIO_s_file())) != NULL)
BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
+#ifndef NO_RSA
+ memset(rsa_key,0,sizeof(rsa_key));
for (i=0; i<RSA_NUM; i++)
rsa_key[i]=NULL;
+#endif
if ((buf=(unsigned char *)Malloc((int)BUFSIZE)) == NULL)
{
rsa_doit[i]=0;
else
{
- if (rsa_c[i] == 0)
+ if (rsa_c[i][0] == 0)
{
rsa_c[i][0]=1;
rsa_c[i][1]=20;
for (j=0; j<RSA_NUM; j++)
{
if (!rsa_doit[j]) continue;
+ rsa_num=RSA_private_encrypt(30,buf,buf2,rsa_key[j],
+ RSA_PKCS1_PADDING);
pkey_print_message("private","rsa",rsa_c[j][0],rsa_bits[j],
RSA_SECONDS);
/* RSA_blinding_on(rsa_key[j],NULL); */
rsa_count=count;
#if 1
+ rsa_num2=RSA_public_decrypt(rsa_num,buf2,buf,rsa_key[j],
+ RSA_PKCS1_PADDING);
pkey_print_message("public","rsa",rsa_c[j][1],rsa_bits[j],
RSA_SECONDS);
Time_F(START);
if (!dsa_doit[j]) continue;
DSA_generate_key(dsa_key[j]);
/* DSA_sign_setup(dsa_key[j],NULL); */
+ rsa_num=DSA_sign(EVP_PKEY_DSA,buf,20,buf2,
+ &kk,dsa_key[j]);
pkey_print_message("sign","dsa",dsa_c[j][0],dsa_bits[j],
DSA_SECONDS);
Time_F(START);
dsa_results[j][0]=d/(double)count;
rsa_count=count;
+ rsa_num2=DSA_verify(EVP_PKEY_DSA,buf,20,buf2,
+ kk,dsa_key[j]);
pkey_print_message("verify","dsa",dsa_c[j][1],dsa_bits[j],
DSA_SECONDS);
Time_F(START);
ERR_remove_state(0);
EVP_cleanup();
+ ERR_free_strings();
CRYPTO_mem_leaks(bio_err);
if (bio_err != NULL)
#
RANDFILE = $ENV::HOME/.rnd
+oid_file = $ENV::HOME/.oid
####################################################################
[ ca ]
emailAddress = Email Address
emailAddress_max = 40
+SET-ex3 = SET extension number 3
+
[ req_attributes ]
challengePassword = A challenge password
challengePassword_min = 4
X509_LOOKUP_add_dir(lookup,NULL,X509_FILETYPE_DEFAULT);
+ ERR_clear_error();
if (argc < 1) check(cert_ctx,NULL);
else
for (i=0; i<argc; i++)
char **argv;
{
int i,ret=0;
- int cflags=0,version=0,date=0,options=0;
+ int cflags=0,version=0,date=0,options=0,platform=0;
apps_startup();
cflags=1;
else if (strcmp(argv[i],"-o") == 0)
options=1;
+ else if (strcmp(argv[i],"-p") == 0)
+ platform=1;
else if (strcmp(argv[i],"-a") == 0)
- date=version=cflags=options=1;
+ date=version=cflags=options=platform=1;
else
{
- BIO_printf(bio_err,"usage:version [-a] [-v] [-b] [-o] [-f]\n");
+ BIO_printf(bio_err,"usage:version -[avbofp]\n");
ret=1;
goto end;
}
if (version) printf("%s\n",SSLeay_version(SSLEAY_VERSION));
if (date) printf("%s\n",SSLeay_version(SSLEAY_BUILT_ON));
+ if (platform) printf("%s\n",SSLeay_version(SSLEAY_PLATFORM));
if (options)
{
printf("options:");
#define POSTFIX ".srl"
#define DEF_DAYS 30
-#define FORMAT_UNDEF 0
-#define FORMAT_ASN1 1
-#define FORMAT_TEXT 2
-#define FORMAT_PEM 3
-
#define CERT_HDR "certificate"
static char *x509_usage[]={
days=atoi(*(++argv));
if (days == 0)
{
- BIO_printf(bio_err,"bad number of days\n");
+ BIO_printf(STDout,"bad number of days\n");
goto bad;
}
}
X509_gmtime_adj(X509_get_notBefore(x),0);
X509_gmtime_adj(X509_get_notAfter(x),(long)60*60*24*days);
+#if 0
X509_PUBKEY_free(ci->key);
ci->key=req->req_info->pubkey;
req->req_info->pubkey=NULL;
+#else
+ X509_set_pubkey(x,X509_REQ_get_pubkey(req));
+#endif
}
else
x=load_cert(infile,informat);
{
X509_NAME_oneline(X509_get_issuer_name(x),
buf,256);
- fprintf(stdout,"issuer= %s\n",buf);
+ BIO_printf(STDout,"issuer= %s\n",buf);
}
else if (subject == i)
{
X509_NAME_oneline(X509_get_subject_name(x),
buf,256);
- fprintf(stdout,"subject=%s\n",buf);
+ BIO_printf(STDout,"subject=%s\n",buf);
}
else if (serial == i)
{
- fprintf(stdout,"serial=");
+ BIO_printf(STDout,"serial=");
i2a_ASN1_INTEGER(STDout,x->cert_info->serialNumber);
- fprintf(stdout,"\n");
+ BIO_printf(STDout,"\n");
}
else if (hash == i)
{
- fprintf(stdout,"%08lx\n",
- X509_subject_name_hash(x));
+ BIO_printf(STDout,"%08lx\n",X509_subject_name_hash(x));
}
else
#ifndef NO_RSA
pkey=X509_get_pubkey(x);
if (pkey == NULL)
{
- fprintf(stdout,"Modulus=unavailable\n");
+ BIO_printf(bio_err,"Modulus=unavailable\n");
ERR_print_errors(bio_err);
goto end;
}
- fprintf(stdout,"Modulus=");
+ BIO_printf(STDout,"Modulus=");
if (pkey->type == EVP_PKEY_RSA)
BN_print(STDout,pkey->pkey.rsa->n);
else
- fprintf(stdout,"Wrong Algorithm type");
- fprintf(stdout,"\n");
+ BIO_printf(STDout,"Wrong Algorithm type");
+ BIO_printf(STDout,"\n");
}
else
#endif
X509_NAME_oneline(X509_get_subject_name(x),
buf,256);
- printf("/* subject:%s */\n",buf);
+ BIO_printf(STDout,"/* subject:%s */\n",buf);
m=X509_NAME_oneline(
X509_get_issuer_name(x),buf,256);
- printf("/* issuer :%s */\n",buf);
+ BIO_printf(STDout,"/* issuer :%s */\n",buf);
z=i2d_X509(x,NULL);
m=Malloc(z);
d=(unsigned char *)m;
z=i2d_X509_NAME(X509_get_subject_name(x),&d);
- printf("unsigned char XXX_subject_name[%d]={\n",z);
+ BIO_printf(STDout,"unsigned char XXX_subject_name[%d]={\n",z);
d=(unsigned char *)m;
for (y=0; y<z; y++)
{
- printf("0x%02X,",d[y]);
- if ((y & 0x0f) == 0x0f) printf("\n");
+ BIO_printf(STDout,"0x%02X,",d[y]);
+ if ((y & 0x0f) == 0x0f) BIO_printf(STDout,"\n");
}
- if (y%16 != 0) printf("\n");
- printf("};\n");
+ if (y%16 != 0) BIO_printf(STDout,"\n");
+ BIO_printf(STDout,"};\n");
z=i2d_X509_PUBKEY(X509_get_X509_PUBKEY(x),&d);
- printf("unsigned char XXX_public_key[%d]={\n",z);
+ BIO_printf(STDout,"unsigned char XXX_public_key[%d]={\n",z);
d=(unsigned char *)m;
for (y=0; y<z; y++)
{
- printf("0x%02X,",d[y]);
- if ((y & 0x0f) == 0x0f) printf("\n");
+ BIO_printf(STDout,"0x%02X,",d[y]);
+ if ((y & 0x0f) == 0x0f)
+ BIO_printf(STDout,"\n");
}
- if (y%16 != 0) printf("\n");
- printf("};\n");
+ if (y%16 != 0) BIO_printf(STDout,"\n");
+ BIO_printf(STDout,"};\n");
z=i2d_X509(x,&d);
- printf("unsigned char XXX_certificate[%d]={\n",z);
+ BIO_printf(STDout,"unsigned char XXX_certificate[%d]={\n",z);
d=(unsigned char *)m;
for (y=0; y<z; y++)
{
- printf("0x%02X,",d[y]);
- if ((y & 0x0f) == 0x0f) printf("\n");
+ BIO_printf(STDout,"0x%02X,",d[y]);
+ if ((y & 0x0f) == 0x0f)
+ BIO_printf(STDout,"\n");
}
- if (y%16 != 0) printf("\n");
- printf("};\n");
+ if (y%16 != 0) BIO_printf(STDout,"\n");
+ BIO_printf(STDout,"};\n");
Free(m);
}
BIO_printf(bio_err,"out of memory\n");
goto end;
}
- fprintf(stdout,"MD5 Fingerprint=");
+ BIO_printf(STDout,"MD5 Fingerprint=");
for (j=0; j<(int)n; j++)
{
- fprintf(stdout,"%02X%c",md[j],
+ BIO_printf(STDout,"%02X%c",md[j],
(j+1 == (int)n)
?'\n':':');
}
if (CApkey->type == EVP_PKEY_DSA)
digest=EVP_dss1();
#endif
+
if (!x509_certify(ctx,CAfile,digest,x,xca,
CApkey,
CAserial,CA_createserial,days))
if (!reqfile && !X509_verify_cert(&xsc))
goto end;
+ if (!X509_check_private_key(xca,pkey))
+ {
+ BIO_printf(bio_err,"CA certificate and CA private key do not match\n");
+ goto end;
+ }
+
if (!X509_set_issuer_name(x,X509_get_subject_name(xca))) goto end;
if (!X509_set_serialNumber(x,bs)) goto end;
* DEPTH_ZERO_SELF_.... */
if (ok)
{
- printf("error with certificate to be certified - should be self signed\n");
+ BIO_printf(bio_err,"error with certificate to be certified - should be self signed\n");
return(0);
}
else
{
err_cert=X509_STORE_CTX_get_current_cert(ctx);
X509_NAME_oneline(X509_get_subject_name(err_cert),buf,256);
- printf("%s\n",buf);
- printf("error with certificate - error %d at depth %d\n%s\n",
+ BIO_printf(bio_err,"%s\n",buf);
+ BIO_printf(bio_err,"error with certificate - error %d at depth %d\n%s\n",
err,X509_STORE_CTX_get_error_depth(ctx),
X509_verify_cert_error_string(err));
return(1);
/* This compiler bug it present on IRIX 5.3, 5.1 and 4.0.5 (these are
* the only versions of IRIX I have access to.
* defining FIXBUG removes the bug.
+ * (bug is still present in IRIX 6.3 according to
+ * Gage <agage@forgetmenot.Mines.EDU>
*/
/* Compare the output from
--- /dev/null
+#include <stdio.h>
+
+/* This is a cc optimiser bug for ultrix 4.3, mips CPU.
+ * What happens is that the compiler, due to the (a)&7,
+ * does
+ * i=a&7;
+ * i--;
+ * i*=4;
+ * Then uses i as the offset into a jump table.
+ * The problem is that a value of 0 generates an offset of
+ * 0xfffffffc.
+ */
+
+main()
+ {
+ f(5);
+ f(0);
+ }
+
+int f(a)
+int a;
+ {
+ switch(a&7)
+ {
+ case 7:
+ printf("7\n");
+ case 6:
+ printf("6\n");
+ case 5:
+ printf("5\n");
+ case 4:
+ printf("4\n");
+ case 3:
+ printf("3\n");
+ case 2:
+ printf("2\n");
+ case 1:
+ printf("1\n");
+#ifdef FIX_BUG
+ case 0:
+ ;
+#endif
+ }
+ }
+
--- /dev/null
+Certificate:
+ Data:
+ Version: 3 (0x2)
+ Serial Number: 1 (0x1)
+ Signature Algorithm: md5WithRSAEncryption
+ Issuer: O=European ICE-TEL project, OU=V3-Certification Authority
+ Validity
+ Not Before: Apr 2 17:35:53 1997 GMT
+ Not After : Apr 2 17:35:53 1998 GMT
+ Subject: O=European ICE-TEL project, OU=V3-Certification Authority, L=Darmstadt
+ Subject Public Key Info:
+ Public Key Algorithm: rsa
+ RSA Public Key: (512 bit)
+ Modulus (512 bit):
+ 00:82:75:ba:f6:d1:60:b5:f9:15:b3:6a:dd:29:8f:
+ 8b:a4:6f:1a:88:e0:50:43:40:0b:79:41:d5:d3:16:
+ 44:7d:74:65:17:42:06:52:0b:e9:50:c8:10:cd:24:
+ e2:ae:8d:22:30:73:e6:b4:b7:93:1f:e5:6e:a2:ae:
+ 49:11:a5:c9:45
+ Exponent: 65537 (0x10001)
+ X509v3 extensions:
+ X509v3 Authority Key Identifier:
+ 0.........z.."p......e..
+ X509v3 Subject Key Identifier:
+ ..~r..:..B.44fu......3
+ X509v3 Key Usage: critical
+ ....
+ X509v3 Certificate Policies: critical
+ 0.0...*...
+ X509v3 Subject Alternative Name:
+ 0!..secude-support@darmstadt.gmd.de
+ X509v3 Issuer Alternative Name:
+ 0I..ice-tel-ca@darmstadt.gmd.de.*http://www.darmstadt.gmd.de/ice-tel/euroca
+ X509v3 Basic Constraints: critical
+ 0....
+ X509v3 CRL Distribution Points:
+ 0200...,.*http://www.darmstadt.gmd.de/ice-tel/euroca
+ Signature Algorithm: md5WithRSAEncryption
+ 17:a2:88:b7:99:5a:05:41:e4:13:34:67:e6:1f:3e:26:ec:4b:
+ 69:f9:3e:28:22:be:9d:1c:ab:41:6f:0c:00:85:fe:45:74:f6:
+ 98:f0:ce:9b:65:53:4a:50:42:c7:d4:92:bd:d7:a2:a8:3d:98:
+ 88:73:cd:60:28:79:a3:fc:48:7a
+-----BEGIN CERTIFICATE-----
+MIICzDCCAnagAwIBAgIBATANBgkqhkiG9w0BAQQFADBIMSEwHwYDVQQKExhFdXJv
+cGVhbiBJQ0UtVEVMIHByb2plY3QxIzAhBgNVBAsTGlYzLUNlcnRpZmljYXRpb24g
+QXV0aG9yaXR5MB4XDTk3MDQwMjE3MzU1M1oXDTk4MDQwMjE3MzU1M1owXDEhMB8G
+A1UEChMYRXVyb3BlYW4gSUNFLVRFTCBwcm9qZWN0MSMwIQYDVQQLExpWMy1DZXJ0
+aWZpY2F0aW9uIEF1dGhvcml0eTESMBAGA1UEBxMJRGFybXN0YWR0MFkwCgYEVQgB
+AQICAgADSwAwSAJBAIJ1uvbRYLX5FbNq3SmPi6RvGojgUENAC3lB1dMWRH10ZRdC
+BlIL6VDIEM0k4q6NIjBz5rS3kx/lbqKuSRGlyUUCAwEAAaOCATgwggE0MB8GA1Ud
+IwQYMBaAFIr3yNUOx3ro1yJw4AuJ1bbsZbzPMB0GA1UdDgQWBBR+cvL4OoacQog0
+NGZ1w9T80aIRMzAOBgNVHQ8BAf8EBAMCAfYwFAYDVR0gAQH/BAowCDAGBgQqAwQF
+MCoGA1UdEQQjMCGBH3NlY3VkZS1zdXBwb3J0QGRhcm1zdGFkdC5nbWQuZGUwUgYD
+VR0SBEswSYEbaWNlLXRlbC1jYUBkYXJtc3RhZHQuZ21kLmRlhipodHRwOi8vd3d3
+LmRhcm1zdGFkdC5nbWQuZGUvaWNlLXRlbC9ldXJvY2EwDwYDVR0TAQH/BAUwAwEB
+/zA7BgNVHR8ENDAyMDCgLqAshipodHRwOi8vd3d3LmRhcm1zdGFkdC5nbWQuZGUv
+aWNlLXRlbC9ldXJvY2EwDQYJKoZIhvcNAQEEBQADQQAXooi3mVoFQeQTNGfmHz4m
+7Etp+T4oIr6dHKtBbwwAhf5FdPaY8M6bZVNKUELH1JK916KoPZiIc81gKHmj/Eh6
+-----END CERTIFICATE-----
--- /dev/null
+Certificate:
+ Data:
+ Version: 3 (0x2)
+ Serial Number: 0 (0x0)
+ Signature Algorithm: md5WithRSAEncryption
+ Issuer: O=European ICE-TEL project, OU=V3-Certification Authority
+ Validity
+ Not Before: Apr 2 17:33:36 1997 GMT
+ Not After : Apr 2 17:33:36 1998 GMT
+ Subject: O=European ICE-TEL project, OU=V3-Certification Authority
+ Subject Public Key Info:
+ Public Key Algorithm: rsa
+ RSA Public Key: (512 bit)
+ Modulus (512 bit):
+ 00:80:3e:eb:ae:47:a9:fe:10:54:0b:81:8b:9c:2b:
+ 82:ab:3a:61:36:65:8b:f3:73:9f:ac:ac:7a:15:a7:
+ 13:8f:b4:c4:ba:a3:0f:bc:a5:58:8d:cc:b1:93:31:
+ 9e:81:9e:8c:19:61:86:fa:52:73:54:d1:97:76:22:
+ e7:c7:9f:41:cd
+ Exponent: 65537 (0x10001)
+ X509v3 extensions:
+ X509v3 Subject Key Identifier:
+ ........z.."p......e..
+ X509v3 Key Usage: critical
+ ....
+ X509v3 Subject Alternative Name:
+ 0I.*http://www.darmstadt.gmd.de/ice-tel/euroca..ice-tel-ca@darmstadt.gmd.de
+ X509v3 Basic Constraints: critical
+ 0....
+ Signature Algorithm: md5WithRSAEncryption
+ 76:69:61:db:b7:cf:8b:06:9e:d8:8c:96:53:d2:4d:a8:23:a6:
+ 03:44:e8:8f:24:a5:c0:84:a8:4b:77:d4:2d:2b:7d:37:91:67:
+ f2:2c:ce:02:31:4c:6b:cc:ce:f2:68:a6:11:11:ab:7d:88:b8:
+ 7e:22:9f:25:06:60:bd:79:30:3d
+-----BEGIN CERTIFICATE-----
+MIICFjCCAcCgAwIBAgIBADANBgkqhkiG9w0BAQQFADBIMSEwHwYDVQQKExhFdXJv
+cGVhbiBJQ0UtVEVMIHByb2plY3QxIzAhBgNVBAsTGlYzLUNlcnRpZmljYXRpb24g
+QXV0aG9yaXR5MB4XDTk3MDQwMjE3MzMzNloXDTk4MDQwMjE3MzMzNlowSDEhMB8G
+A1UEChMYRXVyb3BlYW4gSUNFLVRFTCBwcm9qZWN0MSMwIQYDVQQLExpWMy1DZXJ0
+aWZpY2F0aW9uIEF1dGhvcml0eTBZMAoGBFUIAQECAgIAA0sAMEgCQQCAPuuuR6n+
+EFQLgYucK4KrOmE2ZYvzc5+srHoVpxOPtMS6ow+8pViNzLGTMZ6BnowZYYb6UnNU
+0Zd2IufHn0HNAgMBAAGjgZcwgZQwHQYDVR0OBBYEFIr3yNUOx3ro1yJw4AuJ1bbs
+ZbzPMA4GA1UdDwEB/wQEAwIB9jBSBgNVHREESzBJhipodHRwOi8vd3d3LmRhcm1z
+dGFkdC5nbWQuZGUvaWNlLXRlbC9ldXJvY2GBG2ljZS10ZWwtY2FAZGFybXN0YWR0
+LmdtZC5kZTAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBBAUAA0EAdmlh27fP
+iwae2IyWU9JNqCOmA0TojySlwISoS3fULSt9N5Fn8izOAjFMa8zO8mimERGrfYi4
+fiKfJQZgvXkwPQ==
+-----END CERTIFICATE-----
--- /dev/null
+Certificate:
+ Data:
+ Version: 3 (0x2)
+ Serial Number: 1 (0x1)
+ Signature Algorithm: md5WithRSAEncryption
+ Issuer: O=European ICE-TEL project, OU=V3-Certification Authority, L=Darmstadt
+ Validity
+ Not Before: Apr 2 17:35:59 1997 GMT
+ Not After : Apr 2 17:35:59 1998 GMT
+ Subject: O=European ICE-TEL project, OU=V3-Certification Authority, L=Darmstadt, CN=USER
+ Subject Public Key Info:
+ Public Key Algorithm: rsa
+ RSA Public Key: (512 bit)
+ Modulus (512 bit):
+ 00:a8:a8:53:63:49:1b:93:c3:c3:0b:6c:88:11:55:
+ de:7e:6a:e2:f9:52:a0:dc:69:25:c4:c8:bf:55:e1:
+ 31:a8:ce:e4:a9:29:85:99:8a:15:9a:de:f6:2f:e1:
+ b4:50:5f:5e:04:75:a6:f4:76:dc:3c:0e:39:dc:3a:
+ be:3e:a4:61:8b
+ Exponent: 65537 (0x10001)
+ X509v3 extensions:
+ X509v3 Authority Key Identifier:
+ 0...~r..:..B.44fu......3
+ X509v3 Subject Key Identifier:
+ ...... .*...1.*.......
+ X509v3 Key Usage: critical
+ ....
+ X509v3 Certificate Policies: critical
+ 0.0...*...0.......
+ X509v3 Subject Alternative Name:
+ 0:..user@darmstadt.gmd.de.!http://www.darmstadt.gmd.de/~user
+ X509v3 Issuer Alternative Name:
+ 0....gmdca@gmd.de..http://www.gmd.de..saturn.darmstadt.gmd.de.\1!0...U.
+..European ICE-TEL project1#0!..U....V3-Certification Authority1.0...U....Darmstadt..141.12.62.26
+ X509v3 Basic Constraints: critical
+ 0.
+ X509v3 CRL Distribution Points:
+ 0.0.......gmdca@gmd.de
+ Signature Algorithm: md5WithRSAEncryption
+ 69:0c:e1:b7:a7:f2:d8:fb:e8:69:c0:13:cd:37:ad:21:06:22:
+ 4d:e8:c6:db:f1:04:0b:b7:e0:b3:d6:0c:81:03:ce:c3:6a:3e:
+ c7:e7:24:24:a4:92:64:c2:83:83:06:42:53:0e:6f:09:1e:84:
+ 9a:f7:6f:63:9b:94:99:83:d6:a4
+-----BEGIN CERTIFICATE-----
+MIIDTzCCAvmgAwIBAgIBATANBgkqhkiG9w0BAQQFADBcMSEwHwYDVQQKExhFdXJv
+cGVhbiBJQ0UtVEVMIHByb2plY3QxIzAhBgNVBAsTGlYzLUNlcnRpZmljYXRpb24g
+QXV0aG9yaXR5MRIwEAYDVQQHEwlEYXJtc3RhZHQwHhcNOTcwNDAyMTczNTU5WhcN
+OTgwNDAyMTczNTU5WjBrMSEwHwYDVQQKExhFdXJvcGVhbiBJQ0UtVEVMIHByb2pl
+Y3QxIzAhBgNVBAsTGlYzLUNlcnRpZmljYXRpb24gQXV0aG9yaXR5MRIwEAYDVQQH
+EwlEYXJtc3RhZHQxDTALBgNVBAMTBFVTRVIwWTAKBgRVCAEBAgICAANLADBIAkEA
+qKhTY0kbk8PDC2yIEVXefmri+VKg3GklxMi/VeExqM7kqSmFmYoVmt72L+G0UF9e
+BHWm9HbcPA453Dq+PqRhiwIDAQABo4IBmDCCAZQwHwYDVR0jBBgwFoAUfnLy+DqG
+nEKINDRmdcPU/NGiETMwHQYDVR0OBBYEFJfc4B8gjSoRmLUx4Sq/ucIYiMrPMA4G
+A1UdDwEB/wQEAwIB8DAcBgNVHSABAf8EEjAQMAYGBCoDBAUwBgYECQgHBjBDBgNV
+HREEPDA6gRV1c2VyQGRhcm1zdGFkdC5nbWQuZGWGIWh0dHA6Ly93d3cuZGFybXN0
+YWR0LmdtZC5kZS9+dXNlcjCBsQYDVR0SBIGpMIGmgQxnbWRjYUBnbWQuZGWGEWh0
+dHA6Ly93d3cuZ21kLmRlghdzYXR1cm4uZGFybXN0YWR0LmdtZC5kZaRcMSEwHwYD
+VQQKExhFdXJvcGVhbiBJQ0UtVEVMIHByb2plY3QxIzAhBgNVBAsTGlYzLUNlcnRp
+ZmljYXRpb24gQXV0aG9yaXR5MRIwEAYDVQQHEwlEYXJtc3RhZHSHDDE0MS4xMi42
+Mi4yNjAMBgNVHRMBAf8EAjAAMB0GA1UdHwQWMBQwEqAQoA6BDGdtZGNhQGdtZC5k
+ZTANBgkqhkiG9w0BAQQFAANBAGkM4ben8tj76GnAE803rSEGIk3oxtvxBAu34LPW
+DIEDzsNqPsfnJCSkkmTCg4MGQlMObwkehJr3b2OblJmD1qQ=
+-----END CERTIFICATE-----
--- /dev/null
+-----BEGIN X509 CRL-----
+MIIBNDCBnjANBgkqhkiG9w0BAQIFADBFMSEwHwYDVQQKExhFdXJvcGVhbiBJQ0Ut
+VEVMIFByb2plY3QxIDAeBgNVBAsTF0NlcnRpZmljYXRpb24gQXV0aG9yaXR5Fw05
+NzA2MDkxNDQyNDNaFw05NzA3MDkxNDQyNDNaMCgwEgIBChcNOTcwMzAzMTQ0MjU0
+WjASAgEJFw05NjEwMDIxMjI5MjdaMA0GCSqGSIb3DQEBAgUAA4GBAH4vgWo2Tej/
+i7kbiw4Imd30If91iosjClNpBFwvwUDBclPEeMuYimHbLOk4H8Nofc0fw11+U/IO
+KSNouUDcqG7B64oY7c4SXKn+i1MWOb5OJiWeodX3TehHjBlyWzoNMWCnYA8XqFP1
+mOKp8Jla1BibEZf14+/HqCi2hnZUiEXh
+-----END X509 CRL-----
+subject=/C=US/O=VeriSign, Inc./OU=Class 1 Public Primary Certification Authority
+notBefore=Jan 29 00:00:00 1996 GMT
+notAfter=Jan 7 23:59:59 2020 GMT
-----BEGIN CERTIFICATE-----
-MIAwgKADAgECAgEAMA0GCSqGSIb3DQEBBAUAMGIxETAPBgNVBAcTCEludGVybmV0
-MRcwFQYDVQQKEw5WZXJpU2lnbiwgSW5jLjE0MDIGA1UECxMrVmVyaVNpZ24gQ2xh
-c3MgMSBDQSAtIEluZGl2aWR1YWwgU3Vic2NyaWJlcjAeFw05NjA0MDgxMDIwMjda
-Fw05NzA0MDgxMDIwMjdaMGIxETAPBgNVBAcTCEludGVybmV0MRcwFQYDVQQKEw5W
-ZXJpU2lnbiwgSW5jLjE0MDIGA1UECxMrVmVyaVNpZ24gQ2xhc3MgMSBDQSAtIElu
-ZGl2aWR1YWwgU3Vic2NyaWJlcjCAMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC2
-FKbPTdAFDdjKI9BvqrQpkmOOLPhvltcunXZLEbE2jVfJw/0cxrr+Hgi6M8qV6r7j
-W80GqLd5HUQq7XPysVKDaBBwZJHXPmv5912dFEObbpdFmIFH0S3L3bty10w/cari
-QPJUObwW7s987LrbP2wqsxaxhhKdrpM01bjV0Pc+qQIDAQABAAAAADANBgkqhkiG
-9w0BAQQFAAOBgQA+1nJryNt8VBRjRr07ArDAV/3jAH7GjDc9jsrxZS68ost9v06C
-TvTNKGL+LISNmFLXl+JXhgGB0JZ9fvyYzNgHQ46HBUng1H6voalfJgS2KdEo50wW
-8EFZYMDkT1k4uynwJqkVN2QJK/2q4/A/VCov5h6SlM8Affg2W+1TLqvqkwAA
+MIICPDCCAaUCEDJQM89Q0VbzXIGtZVxPyCUwDQYJKoZIhvcNAQECBQAwXzELMAkG
+A1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMTcwNQYDVQQLEy5DbGFz
+cyAxIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTk2
+MDEyOTAwMDAwMFoXDTIwMDEwNzIzNTk1OVowXzELMAkGA1UEBhMCVVMxFzAVBgNV
+BAoTDlZlcmlTaWduLCBJbmMuMTcwNQYDVQQLEy5DbGFzcyAxIFB1YmxpYyBQcmlt
+YXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MIGfMA0GCSqGSIb3DQEBAQUAA4GN
+ADCBiQKBgQDlGb9to1ZhLZlIcfZn3rmN67eehoAKkQ76OCWvRoiC5XOooJskXQ0f
+zGVuDLDQVoQYh5oGmxChc9+0WDlrbsH2FdWoqD+qEgaNMax/sDTXjzRniAnNFBHi
+TkVWaR94AoDa3EeRKbs2yWNcxeDXLYd7obcysHswuiovMaruo2fa2wIDAQABMA0G
+CSqGSIb3DQEBAgUAA4GBAEtEZmBoZOSYG/OwcuaViXzde7OVwB0u2NgZ0C00PcZQ
+mhCGjKo/O6gE/DdSlcPZydvN8oYGxLEb8IKIMEKOF1AcZHq4PplJdJf8rAJD+5YM
+VgQlDHx8h50kp9jwMim1pN9dokzFFjKoQvZFprY2ueC/ZTaTwtLXa9zeWdaiNfhF
-----END CERTIFICATE-----
-
- subject=/L=Internet/O=VeriSign, Inc./OU=VeriSign Class 2 CA - Individual Subscriber
- issuer= /L=Internet/O=VeriSign, Inc./OU=VeriSign Class 2 CA - Individual Subscriber
-
+subject=/C=US/O=VeriSign, Inc./OU=Class 2 Public Primary Certification Authority
+notBefore=Jan 29 00:00:00 1996 GMT
+notAfter=Jan 7 23:59:59 2004 GMT
-----BEGIN CERTIFICATE-----
-MIIEkzCCA/ygAwIBAgIRANDTUpSRL3nTFeMrMayFSPAwDQYJKoZIhvcNAQECBQAw
-YjERMA8GA1UEBxMISW50ZXJuZXQxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMTQw
-MgYDVQQLEytWZXJpU2lnbiBDbGFzcyAyIENBIC0gSW5kaXZpZHVhbCBTdWJzY3Jp
-YmVyMB4XDTk2MDYwNDAwMDAwMFoXDTk4MDYwNDIzNTk1OVowYjERMA8GA1UEBxMI
-SW50ZXJuZXQxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMTQwMgYDVQQLEytWZXJp
-U2lnbiBDbGFzcyAyIENBIC0gSW5kaXZpZHVhbCBTdWJzY3JpYmVyMIGfMA0GCSqG
-SIb3DQEBAQUAA4GNADCBiQKBgQC6A+2czKGRcYMfm8gdnk+0de99TDDzsqo0v5nb
-RsbUmMcdRQ7nsMbRWe0SAb/9QoLTZ/cJ0iOBqdrkz7UpqqKarVoTSdlSMVM92tWp
-3bJncZHQD1t4xd6lQVdI1/T6R+5J0T1ukOdsI9Jmf+F28S6g3R3L1SFwiHKeZKZv
-z+793wIDAQABo4ICRzCCAkMwggIpBgNVHQMBAf8EggIdMIICGTCCAhUwggIRBgtg
-hkgBhvhFAQcBATCCAgAWggGrVGhpcyBjZXJ0aWZpY2F0ZSBpbmNvcnBvcmF0ZXMg
-YnkgcmVmZXJlbmNlLCBhbmQgaXRzIHVzZSBpcyBzdHJpY3RseSBzdWJqZWN0IHRv
-LCB0aGUgVmVyaVNpZ24gQ2VydGlmaWNhdGlvbiBQcmFjdGljZSBTdGF0ZW1lbnQg
-KENQUyksIGF2YWlsYWJsZSBhdDogaHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL0NQ
-Uy0xLjA7IGJ5IEUtbWFpbCBhdCBDUFMtcmVxdWVzdHNAdmVyaXNpZ24uY29tOyBv
-ciBieSBtYWlsIGF0IFZlcmlTaWduLCBJbmMuLCAyNTkzIENvYXN0IEF2ZS4sIE1v
-dW50YWluIFZpZXcsIENBIDk0MDQzIFVTQSBUZWwuICsxICg0MTUpIDk2MS04ODMw
-IENvcHlyaWdodCAoYykgMTk5NiBWZXJpU2lnbiwgSW5jLiAgQWxsIFJpZ2h0cyBS
-ZXNlcnZlZC4gQ0VSVEFJTiBXQVJSQU5USUVTIERJU0NMQUlNRUQgYW5kIExJQUJJ
-TElUWSBMSU1JVEVELqAOBgxghkgBhvhFAQcBAQGhDgYMYIZIAYb4RQEHAQECMC8w
-LRYraHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL3JlcG9zaXRvcnkvQ1BTLTEuMDAU
-BglghkgBhvhCAQEBAf8EBAMCAgQwDQYJKoZIhvcNAQECBQADgYEApRJRkNBqLLgs
-53IR/d18ODdLOWMTZ+QOOxBrq460iBEdUwgF8vmPRX1ku7UiDeNzaLlurE6eFqHq
-2zPyK5j60zfTLVJMWKcQWwTJLjHtXrW8pxhNtFc6Fdvy5ZkHnC/9NIl7/t4U6WqB
-p4y+p7SdMIkEwIZfds0VbnQyX5MRUJY=
+MIICPTCCAaYCEQC6WslMBTuS1qe2307QU5INMA0GCSqGSIb3DQEBAgUAMF8xCzAJ
+BgNVBAYTAlVTMRcwFQYDVQQKEw5WZXJpU2lnbiwgSW5jLjE3MDUGA1UECxMuQ2xh
+c3MgMiBQdWJsaWMgUHJpbWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw05
+NjAxMjkwMDAwMDBaFw0wNDAxMDcyMzU5NTlaMF8xCzAJBgNVBAYTAlVTMRcwFQYD
+VQQKEw5WZXJpU2lnbiwgSW5jLjE3MDUGA1UECxMuQ2xhc3MgMiBQdWJsaWMgUHJp
+bWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTCBnzANBgkqhkiG9w0BAQEFAAOB
+jQAwgYkCgYEAtlqLow1qI4OAa885h/QhEzMGTCWi7VUSl8WngLn6g8EgoPovFQ18
+oWBrfnks+gYPOq72G2+x0v8vKFJfg31LxHq3+GYfgFT8t8KOWUoUV0bRmpO+QZED
+uxWAk1zr58wIbD8+s0r8/0tsI9VQgiZEGY4jw3HqGSRHBJ51v8imAB8CAwEAATAN
+BgkqhkiG9w0BAQIFAAOBgQC2AB+TV6QHp0DOZUA/VV7t7/pUSaUw1iF8YYfug5ML
+v7Qz8pisnwa/TqjOFIFMywROWMPPX+5815pvy0GKt3+BuP+EYcYnQ2UdDOyxAArd
+G6S7x3ggKLKi3TaVLuFUT79guXdoEZkj6OpS6KoATmdOu5C1RZtG644W78QzWzM9
+1Q==
-----END CERTIFICATE-----
-
- subject=/C=US/O=VeriSign, Inc./OU=Class 3 Public Primary Certification Authority
- issuer= /C=US/O=VeriSign, Inc./OU=Class 3 Public Primary Certification Authority
+subject=/C=US/O=VeriSign, Inc./OU=Class 3 Public Primary Certification Authority
+notBefore=Jan 29 00:00:00 1996 GMT
+notAfter=Jan 7 23:59:59 2004 GMT
-----BEGIN CERTIFICATE-----
-MIICMTCCAZoCBQKhAAABMA0GCSqGSIb3DQEBAgUAMF8xCzAJBgNVBAYTAlVTMRcw
-FQYDVQQKEw5WZXJpU2lnbiwgSW5jLjE3MDUGA1UECxMuQ2xhc3MgMyBQdWJsaWMg
-UHJpbWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw05NjAxMjkwMDAwMDBa
-Fw05OTEyMzEyMzU5NTlaMF8xCzAJBgNVBAYTAlVTMRcwFQYDVQQKEw5WZXJpU2ln
-biwgSW5jLjE3MDUGA1UECxMuQ2xhc3MgMyBQdWJsaWMgUHJpbWFyeSBDZXJ0aWZp
-Y2F0aW9uIEF1dGhvcml0eTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAyVxZ
-nvIbigEUtBDfBEDb41evakVAj4QMC9Ez2dkRz+4CWB8l9yqoRAWq7AMfeH+ek7ma
-AKojfdashaJjRcdyJ8z0TMZ1cdI5709C8HXfCpDGjiBvmA/4rCNfcCk2pMmG57Ga
-IMtTpYXnPb59mv4kRTPcdhXtD6JxZExlLoFoRacCAwEAATANBgkqhkiG9w0BAQIF
-AAOBgQB1Zmw+0c2B27X4LzZRtvdCvM1Cr9wO+hVs+GeTVzrrtpLotgHKjLeOQ7RJ
-Zfk+7r11Ri7J/CVdqMcvi5uPaM+0nJcYwE3vH9mvgrPmZLiEXIqaB1JDYft0nls6
-NvxMsvwaPxUupVs8G5DsiCnkWRb5zget7Ond2tIxik/W2O8XjQ==
+MIICPTCCAaYCEQDknv3zOugOz6URPhmkJAIyMA0GCSqGSIb3DQEBAgUAMF8xCzAJ
+BgNVBAYTAlVTMRcwFQYDVQQKEw5WZXJpU2lnbiwgSW5jLjE3MDUGA1UECxMuQ2xh
+c3MgMyBQdWJsaWMgUHJpbWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw05
+NjAxMjkwMDAwMDBaFw0wNDAxMDcyMzU5NTlaMF8xCzAJBgNVBAYTAlVTMRcwFQYD
+VQQKEw5WZXJpU2lnbiwgSW5jLjE3MDUGA1UECxMuQ2xhc3MgMyBQdWJsaWMgUHJp
+bWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTCBnzANBgkqhkiG9w0BAQEFAAOB
+jQAwgYkCgYEAyVxZnvIbigEUtBDfBEDb41evakVAj4QMC9Ez2dkRz+4CWB8l9yqo
+RAWq7AMfeH+ek7maAKojfdashaJjRcdyJ8z0TMZ1cdI5709C8HXfCpDGjiBvmA/4
+rCNfcCk2pMmG57GaIMtTpYXnPb59mv4kRTPcdhXtD6JxZExlLoFoRacCAwEAATAN
+BgkqhkiG9w0BAQIFAAOBgQBhcOwvP579K+ZoVCGwZ3kIDCCWMYoNer62Jt95LCJp
+STbjl3diYaIy13pUITa6Ask05yXaRDWw0lyAXbOU+Pms7qRgdSoflUkjsUp89LNH
+ciFbfperVKxi513srpvSybIk+4Kt6WcVS7qqpvCXoPawl1cAyAw8CaCCBLpB2veZ
+pA==
-----END CERTIFICATE-----
--- /dev/null
+subject=/C=US/O=RSA Data Security, Inc./OU=Secure Server Certification Authority
+notBefore=Nov 9 00:00:00 1994 GMT
+notAfter=Jan 7 23:59:59 2010 GMT
+-----BEGIN CERTIFICATE-----
+MIICNDCCAaECEAKtZn5ORf5eV288mBle3cAwDQYJKoZIhvcNAQECBQAwXzELMAkG
+A1UEBhMCVVMxIDAeBgNVBAoTF1JTQSBEYXRhIFNlY3VyaXR5LCBJbmMuMS4wLAYD
+VQQLEyVTZWN1cmUgU2VydmVyIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTk0
+MTEwOTAwMDAwMFoXDTEwMDEwNzIzNTk1OVowXzELMAkGA1UEBhMCVVMxIDAeBgNV
+BAoTF1JTQSBEYXRhIFNlY3VyaXR5LCBJbmMuMS4wLAYDVQQLEyVTZWN1cmUgU2Vy
+dmVyIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MIGbMA0GCSqGSIb3DQEBAQUAA4GJ
+ADCBhQJ+AJLOesGugz5aqomDV6wlAXYMra6OLDfO6zV4ZFQD5YRAUcm/jwjiioII
+0haGN1XpsSECrXZogZoFokvJSyVmIlZsiAeP94FZbYQHZXATcXY+m3dM41CJVphI
+uR2nKRoTLkoRWZweFdVJVCxzOmmCsZc5nG1wZ0jl3S3WyB57AgMBAAEwDQYJKoZI
+hvcNAQECBQADfgBl3X7hsuyw4jrg7HFGmhkRuNPHoLQDQCYCPgmc4RKz0Vr2N6W3
+YQO2WxZpO8ZECAyIUwxrl0nHPjXcbLm7qt9cuzovk2C2qUtN8iD3zV9/ZHuO3ABc
+1/p3yjkWWW8O6tO1g39NTUJWdrTJXwT4OPjr0l91X817/OWOgHz8UA==
+-----END CERTIFICATE-----
--- /dev/null
+subject=/O=VeriSign, Inc/OU=www.verisign.com/repository/TestCPS Incorp. By Ref. Liab. LTD./OU=For VeriSign authorized testing only. No assurances (C)VS1997
+notBefore=Mar 4 00:00:00 1997 GMT
+notAfter=Mar 4 23:59:59 2025 GMT
+-----BEGIN CERTIFICATE-----
+MIICTTCCAfcCEEdoCqpuXxnoK27q7d58Qc4wDQYJKoZIhvcNAQEEBQAwgakxFjAU
+BgNVBAoTDVZlcmlTaWduLCBJbmMxRzBFBgNVBAsTPnd3dy52ZXJpc2lnbi5jb20v
+cmVwb3NpdG9yeS9UZXN0Q1BTIEluY29ycC4gQnkgUmVmLiBMaWFiLiBMVEQuMUYw
+RAYDVQQLEz1Gb3IgVmVyaVNpZ24gYXV0aG9yaXplZCB0ZXN0aW5nIG9ubHkuIE5v
+IGFzc3VyYW5jZXMgKEMpVlMxOTk3MB4XDTk3MDMwNDAwMDAwMFoXDTI1MDMwNDIz
+NTk1OVowgakxFjAUBgNVBAoTDVZlcmlTaWduLCBJbmMxRzBFBgNVBAsTPnd3dy52
+ZXJpc2lnbi5jb20vcmVwb3NpdG9yeS9UZXN0Q1BTIEluY29ycC4gQnkgUmVmLiBM
+aWFiLiBMVEQuMUYwRAYDVQQLEz1Gb3IgVmVyaVNpZ24gYXV0aG9yaXplZCB0ZXN0
+aW5nIG9ubHkuIE5vIGFzc3VyYW5jZXMgKEMpVlMxOTk3MFwwDQYJKoZIhvcNAQEB
+BQADSwAwSAJBAMak6xImJx44jMKcbkACy5/CyMA2fqXK4PlzTtCxRq5tFkDzne7s
+cI8oFK/J+gFZNE3bjidDxf07O3JOYG9RGx8CAwEAATANBgkqhkiG9w0BAQQFAANB
+ADT523tENOKrEheZFpsJx1UUjPrG7TwYc/C4NBHrZI4gZJcKVFIfNulftVS6UMYW
+ToLEMaUojc3DuNXHG21PDG8=
+-----END CERTIFICATE-----
# which then automatically runs Configure from SSLeay after
# mapping the Apache names for OSs into SSLeay names
#
+# 29-May-97 eay Added no-asm option
+# 27-May-97 eay Alpha linux mods
+# ??-May-97 eay IRIX mods
# 16-Sep-97 tjh first cut of merged version
#
# Tim Hudson
SYSTEM=`(uname -s) 2>/dev/null` || SYSTEM="unknown"
VERSION=`(uname -v) 2>/dev/null` || VERSION="unknown"
-
# Now test for ISC and SCO, since it is has a braindamaged uname.
#
# We need to work around FreeBSD 1.1.5.1
case "$i" in
-d*) PREFIX="debug-";;
-v*) VERBOSE="true";;
--n*|-t*) TEST="true";;
+-t*) TEST="true";;
+-h*) cat <<EOF
+usage: config [options]
+ -d Add a debug- prefix to machine choice.
+ -v Verbose mode.
+ -t Test mode, do not run the Configure perl script.
+ -h This help.
+
+Any other text will be passed to ther Configure perl script.
+Usefull options include
+ no-asm Build with no assember code.
+ -Dxxx Add xxx define to compilation.
+ -Lxxx Add xxx library include path to build.
+ -lxxx Add xxx library to build.
+
+eg, to build using RSAref, without assember, building to allow anon-DH
+ciphers and null encryption ciphers,
+ config no-asm -DRSAref -DSSL_ALLOW_ADH -DSSL_ALLOW_ENULL -lrsaref
+EOF
+;;
+*) options=$options" $i" ;;
esac
done
# script above so we end up with values in vars but that would take
# more time that I want to waste at the moment
case "$GUESSOS" in
+ alpha-*-linux2) OUT="alpha-gcc" ;;
*-*-linux2) OUT="linux-elf" ;;
*-*-linux) OUT="linux-aout" ;;
sun4*-sun-solaris2) OUT="solaris-sparc-$CC" ;;
*86*-*-netbsd) OUT="NetBSD-x86" ;;
sun3*-*-netbsd) OUT="NetBSD-m68" ;;
*-*-netbsd) OUT="NetBSD-sparc" ;;
- *-*-osf) OUT="alpha-$CC" ;;
+ *86*-*-openbsd) OUT="OpenBSD-x86" ;;
+ alpha*-*-openbsd) OUT="OpenBSD-alpha" ;;
+ pmax*-*-openbsd) OUT="OpenBSD-mips" ;;
+ *-*-openbsd) OUT="OpenBSD" ;;
+ *-*-osf) OUT="alpha-cc" ;;
*-*-unixware*) OUT="unixware-2.0" ;;
*-sni-sysv4) OUT="SINIX" ;;
+ *-hpux*) OUT="hpux-$CC" ;;
# these are all covered by the catchall below
- # *-hpux) OUT="hpux-$CC" ;;
# *-aix) OUT="aix-$CC" ;;
# *-dgux) OUT="dgux" ;;
*) OUT=`echo $GUESSOS | awk -F- '{print $3}'`;;
# run Configure to check to see if we need to specify the
# compiler for the platform ... in which case we add it on
# the end ... otherwise we leave it off
-./Configure 2>&1 | grep '$OUT-$CC' > /dev/null
+perl ./Configure 2>&1 | grep "$OUT-$CC" > /dev/null
if [ $? = "0" ]; then
OUT="$OUT-$CC"
fi
echo Configuring for $OUT
if [ "$TEST" = "true" ]; then
- echo ./Configure $OUT
+ echo ./Configure $OUT $options
else
- ./Configure $OUT
+ perl ./Configure $OUT $options
fi
)
PEX_LIBS=
EX_LIBS=
-CFLAGS= $(INCLUDE) $(CFLAG) -DCFLAGS=" \"$(CC) $(CFLAG)\" "
+CFLAGS= $(INCLUDE) $(CFLAG) -DCFLAGS=" \"$(CC) $(CFLAG)\" " -DPLATFORM=" \"$(PLATFORM)\" "
ERR=crypto
ERRC=cpt_err
bn rsa dsa dh \
buffer bio stack lhash rand err objects \
evp pem x509 \
- asn1 conf txt_db pkcs7
+ asn1 conf txt_db pkcs7 comp
GENERAL=Makefile README
LIB= $(TOP)/libcrypto.a
-LIBSRC= cryptlib.c mem.c cversion.c ex_data.c $(ERRC).c
-LIBOBJ= cryptlib.o mem.o cversion.o ex_data.o $(ERRC).o
+LIBSRC= cryptlib.c mem.c cversion.c ex_data.c tmdiff.c $(ERRC).c
+LIBOBJ= cryptlib.o mem.o cversion.o ex_data.o tmdiff.o $(ERRC).o
SRC= $(LIBSRC)
-EXHEADER= crypto.h cryptall.h
+EXHEADER= crypto.h cryptall.h tmdiff.h
HEADER= cryptlib.h date.h $(EXHEADER)
ALL= $(GENERAL) $(SRC) $(HEADER)
@for i in $(SDIRS) ;\
do \
(cd $$i; echo "making all in $$i..."; \
- $(MAKE) CC='$(CC)' INCLUDES='${INCLUDES}' CFLAG='${CFLAG}' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' BN_MULW='${BN_MULW}' DES_ENC='${DES_ENC}' SHA1_ASM_OBJ='${SHA1_ASM_OBJ}' MD5_ASM_OBJ='${MD5_ASM_OBJ}' RMD160_ASM_OBJ='${RMD160_ASM_OBJ}' BF_ENC='${BF_ENC}' CAST_ENC='${CAST_ENC}' RC4_ENC='${RC4_ENC}' RC5_ENC='${RC5_ENC}' AR='${AR}' all ); \
+ $(MAKE) CC='$(CC)' INCLUDES='${INCLUDES}' CFLAG='${CFLAG}' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' BN_ASM='${BN_ASM}' DES_ENC='${DES_ENC}' SHA1_ASM_OBJ='${SHA1_ASM_OBJ}' MD5_ASM_OBJ='${MD5_ASM_OBJ}' RMD160_ASM_OBJ='${RMD160_ASM_OBJ}' BF_ENC='${BF_ENC}' CAST_ENC='${CAST_ENC}' RC4_ENC='${RC4_ENC}' RC5_ENC='${RC5_ENC}' AR='${AR}' all ); \
done;
files:
LIB=$(TOP)/libcrypto.a
LIBSRC= a_object.c a_bitstr.c a_utctm.c a_int.c a_octet.c a_print.c \
- a_type.c a_set.c a_dup.c a_d2i_fp.c a_i2d_fp.c \
+ a_type.c a_set.c a_dup.c a_d2i_fp.c a_i2d_fp.c a_bmp.c \
a_sign.c a_digest.c a_verify.c \
x_algor.c x_val.c x_pubkey.c x_sig.c x_req.c x_attrib.c \
x_name.c x_cinf.c x_x509.c x_crl.c x_info.c x_spki.c \
asn1_par.c asn1_lib.c $(ERRC).c a_meth.c a_bytes.c \
evp_asn1.c
LIBOBJ= a_object.o a_bitstr.o a_utctm.o a_int.o a_octet.o a_print.o \
- a_type.o a_set.o a_dup.o a_d2i_fp.o a_i2d_fp.o \
+ a_type.o a_set.o a_dup.o a_d2i_fp.o a_i2d_fp.o a_bmp.o \
a_sign.o a_digest.o a_verify.o \
x_algor.o x_val.o x_pubkey.o x_sig.o x_req.o x_attrib.o \
x_name.o x_cinf.o x_x509.o x_crl.o x_info.o x_spki.o \
ASN1_BIT_STRING *a;
unsigned char **pp;
{
- int ret,j,r,bits;
+ int ret,j,r,bits,len;
unsigned char *p,*d;
if (a == NULL) return(0);
- /* our bit strings are always a multiple of 8 :-) */
- bits=0;
- ret=1+a->length;
+ len=a->length;
+
+ if (len > 0)
+ {
+ if (a->flags & ASN1_STRING_FLAG_BITS_LEFT)
+ {
+ bits=(int)a->flags&0x07;
+ }
+ else
+ {
+ for ( ; len > 0; len--)
+ {
+ if (a->data[len-1]) break;
+ }
+ j=a->data[len-1];
+ if (j & 0x01) bits=0;
+ else if (j & 0x02) bits=1;
+ else if (j & 0x04) bits=2;
+ else if (j & 0x08) bits=3;
+ else if (j & 0x10) bits=4;
+ else if (j & 0x20) bits=5;
+ else if (j & 0x40) bits=6;
+ else if (j & 0x80) bits=7;
+ else bits=0; /* should not happen */
+ }
+ }
+ else
+ bits=0;
+ ret=1+len;
r=ASN1_object_size(0,ret,V_ASN1_BIT_STRING);
if (pp == NULL) return(r);
p= *pp;
ASN1_put_object(&p,0,ret,V_ASN1_BIT_STRING,V_ASN1_UNIVERSAL);
- if (bits == 0)
- j=0;
- else j=8-bits;
- *(p++)=(unsigned char)j;
+ *(p++)=(unsigned char)bits;
d=a->data;
- memcpy(p,d,a->length);
- p+=a->length;
- if (a->length > 0) p[-1]&=(0xff<<j);
+ memcpy(p,d,len);
+ p+=len;
+ if (len > 0) p[-1]&=(0xff<<bits);
*pp=p;
return(r);
}
if (len < 1) { i=ASN1_R_STRING_TOO_SHORT; goto err; }
i= *(p++);
+ /* We do this to preserve the settings. If we modify
+ * the settings, via the _set_bit function, we will recalculate
+ * on output */
+ ret->flags&= ~(ASN1_STRING_FLAG_BITS_LEFT|0x07); /* clear */
+ ret->flags|=(ASN1_STRING_FLAG_BITS_LEFT|(i&0x07)); /* set */
+
if (len-- > 1) /* using one because of the bits left byte */
{
s=(unsigned char *)Malloc((int)len);
v=1<<(7-(n&0x07));
iv= ~v;
+ a->flags&= ~(ASN1_STRING_FLAG_BITS_LEFT|0x07); /* clear, set on write */
+
if (a == NULL) return(0);
if ((a->length < (w+1)) || (a->data == NULL))
{
--- /dev/null
+/* crypto/asn1/a_bitstr.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "asn1.h"
+
+/* ASN1err(ASN1_F_ASN1_STRING_NEW,ASN1_R_STRING_TOO_SHORT);
+ * ASN1err(ASN1_F_D2I_ASN1_BIT_STRING,ASN1_R_EXPECTING_A_BIT_STRING);
+ */
+
+int i2d_ASN1_BIT_STRING(a,pp)
+ASN1_BIT_STRING *a;
+unsigned char **pp;
+ {
+ int ret,i,j,r,bits,len;
+ unsigned char *p,*d;
+
+ if (a == NULL) return(0);
+
+ len=a->length;
+
+ if ((len > 0)
+ {
+ if (a->flags & ASN1_FG_BITS_LEFT))
+ {
+ bits=a->flags&0x07;
+ }
+ else
+ {
+ for ( ; len > 0; len--)
+ {
+ if (a->data[len-1]) break;
+ }
+ j=a->data[len-1];
+ if (j & 0x80) bits=1;
+ else if (j & 0x40) bits=2;
+ else if (j & 0x20) bits=3;
+ else if (j & 0x10) bits=4;
+ else if (j & 0x08) bits=5;
+ else if (j & 0x04) bits=6;
+ else if (j & 0x02) bits=7;
+ else if (j & 0x01) bits=8;
+ else bits=0;
+ }
+ }
+ else
+ bits=0;
+ ret=1+len;
+ r=ASN1_object_size(0,ret,V_ASN1_BIT_STRING);
+ if (pp == NULL) return(r);
+ p= *pp;
+
+ ASN1_put_object(&p,0,ret,V_ASN1_BIT_STRING,V_ASN1_UNIVERSAL);
+ if (bits == 0)
+ j=0;
+ else j=8-bits;
+ *(p++)=(unsigned char)j;
+ d=a->data;
+ memcpy(p,d,len);
+ p+=len;
+ if (len > 0) p[-1]&=(0xff<<j);
+ *pp=p;
+ return(r);
+ }
+
+ASN1_BIT_STRING *d2i_ASN1_BIT_STRING(a, pp, length)
+ASN1_BIT_STRING **a;
+unsigned char **pp;
+long length;
+ {
+ ASN1_BIT_STRING *ret=NULL;
+ unsigned char *p,*s;
+ long len;
+ int inf,tag,xclass;
+ int i;
+
+ if ((a == NULL) || ((*a) == NULL))
+ {
+ if ((ret=ASN1_BIT_STRING_new()) == NULL) return(NULL);
+ }
+ else
+ ret=(*a);
+
+ p= *pp;
+ inf=ASN1_get_object(&p,&len,&tag,&xclass,length);
+ if (inf & 0x80)
+ {
+ i=ASN1_R_BAD_OBJECT_HEADER;
+ goto err;
+ }
+
+ if (tag != V_ASN1_BIT_STRING)
+ {
+ i=ASN1_R_EXPECTING_A_BIT_STRING;
+ goto err;
+ }
+ if (len < 1) { i=ASN1_R_STRING_TOO_SHORT; goto err; }
+
+ i= *(p++);
+ ret->flag&= ~(ASN1_FG_BITS_LEFT|0x07); /* clear */
+ if (i > 0)
+ ret->flag|=(ASN1_FG_BITS_LEFT|(i&0x07)); /* set */
+
+ if (len-- > 1) /* using one because of the bits left byte */
+ {
+ s=(unsigned char *)Malloc((int)len);
+ if (s == NULL)
+ {
+ i=ERR_R_MALLOC_FAILURE;
+ goto err;
+ }
+ memcpy(s,p,(int)len);
+ s[len-1]&=(0xff<<i);
+ p+=len;
+ }
+ else
+ s=NULL;
+
+ ret->length=(int)len;
+ if (ret->data != NULL) Free((char *)ret->data);
+ ret->data=s;
+ ret->type=V_ASN1_BIT_STRING;
+ if (a != NULL) (*a)=ret;
+ *pp=p;
+ return(ret);
+err:
+ ASN1err(ASN1_F_D2I_ASN1_BIT_STRING,i);
+ if ((ret != NULL) && ((a == NULL) || (*a != ret)))
+ ASN1_BIT_STRING_free(ret);
+ return(NULL);
+ }
+
+/* These next 2 functions from Goetz Babin-Ebell <babinebell@trustcenter.de>
+ */
+int ASN1_BIT_STRING_set_bit(a,n,value)
+ASN1_BIT_STRING *a;
+int n;
+int value;
+ {
+ int w,v,iv;
+ unsigned char *c;
+
+ w=n/8;
+ v=1<<(7-(n&0x07));
+ iv= ~v;
+
+ a->flag&= ~(ASN1_FG_BITS_LEFT|0x07); /* clear, set on write */
+
+ if (a == NULL) return(0);
+ if ((a->length < (w+1)) || (a->data == NULL))
+ {
+ if (!value) return(1); /* Don't need to set */
+ if (a->data == NULL)
+ c=(unsigned char *)Malloc(w+1);
+ else
+ c=(unsigned char *)Realloc(a->data,w+1);
+ if (c == NULL) return(0);
+ a->data=c;
+ a->length=w+1;
+ c[w]=0;
+ }
+ a->data[w]=((a->data[w])&iv)|v;
+ while ((a->length > 0) && (a->data[a->length-1] == 0))
+ a->length--;
+ return(1);
+ }
+
+int ASN1_BIT_STRING_get_bit(a,n)
+ASN1_BIT_STRING *a;
+int n;
+ {
+ int w,v;
+
+ w=n/8;
+ v=1<<(7-(n&0x07));
+ if ((a == NULL) || (a->length < (w+1)) || (a->data == NULL))
+ return(0);
+ return((a->data[w]&v) != 0);
+ }
+
ASN1_BMPSTRING *ret=NULL;
ret=(ASN1_BMPSTRING *)d2i_ASN1_bytes((ASN1_STRING **)a,
- pp,length,V_ASN1_BMPSTRING,V_ASN1_UNIVERSAL);
+ pp,length,V_ASN1_BMPSTRING,V_ASN1_UNIVERSAL);
if (ret == NULL)
{
- ASN1err(ASN1_F_D2I_ASN1_BMPSTRING,ASN1_R_ERROR_STACK);
+ ASN1err(ASN1_F_D2I_ASN1_BMPSTRING,ERR_R_NESTED_ASN1_ERROR);
return(NULL);
}
return(ret);
#include "cryptlib.h"
#include "asn1_mac.h"
-/* ASN1err(ASN1_F_ASN1_TYPE_NEW,ASN1_R_ERROR_STACK);
- * ASN1err(ASN1_F_D2I_ASN1_TYPE_BYTES,ASN1_R_ERROR_STACK);
- * ASN1err(ASN1_F_D2I_ASN1_TYPE_BYTES,ASN1_R_WRONG_TYPE);
+/* ASN1err(ASN1_F_D2I_ASN1_TYPE_BYTES,ASN1_R_WRONG_TYPE);
* ASN1err(ASN1_F_ASN1_COLLATE_PRIMATIVE,ASN1_R_WRONG_TAG);
*/
#include "asn1.h"
/*
- * ASN1err(ASN1_F_D2I_ASN1_HEADER,ASN1_R_LENGTH_MISMATCH);
- * ASN1err(ASN1_F_I2D_ASN1_HEADER,ASN1_R_BAD_GET_OBJECT);
- * ASN1err(ASN1_F_I2D_ASN1_HEADER,ASN1_R_BAD_GET_OBJECT);
- * ASN1err(ASN1_F_ASN1_HEADER_NEW,ASN1_R_BAD_GET_OBJECT);
+ * ASN1err(ASN1_F_D2I_ASN1_HEADER,ERR_R_ASN1_LENGTH_MISMATCH);
+ * ASN1err(ASN1_F_I2D_ASN1_HEADER,ERR_R_BAD_GET_ASN1_OBJECT_CALL);
+ * ASN1err(ASN1_F_I2D_ASN1_HEADER,ERR_R_BAD_GET_ASN1_OBJECT_CALL);
+ * ASN1err(ASN1_F_ASN1_HEADER_NEW,ERR_R_BAD_GET_ASN1_OBJECT_CALL);
*/
int i2d_ASN1_HEADER(a,pp)
ASN1_HEADER *ASN1_HEADER_new()
{
ASN1_HEADER *ret=NULL;
+ ASN1_CTX c;
M_ASN1_New_Malloc(ret,ASN1_HEADER);
M_ASN1_New(ret->header,ASN1_OCTET_STRING_new);
ret=ai;
if (ret == NULL)
{
- ASN1err(ASN1_F_BN_TO_ASN1_INTEGER,ASN1_R_ERROR_STACK);
+ ASN1err(ASN1_F_BN_TO_ASN1_INTEGER,ERR_R_NESTED_ASN1_ERROR);
goto err;
}
ret->type=V_ASN1_INTEGER;
o.data=data;
o.nid=nid;
o.length=len;
- o.flags=ASN1_OBJECT_FLAG_DYNAMIC|
- ASN1_OBJECT_FLAG_DYNAMIC_STRINGS|ASN1_OBJECT_FLAG_DYNAMIC_DATA;
+ o.flags=ASN1_OBJECT_FLAG_DYNAMIC|ASN1_OBJECT_FLAG_DYNAMIC_STRINGS|
+ ASN1_OBJECT_FLAG_DYNAMIC_DATA;
return(OBJ_dup(&o));
}
pp,length,V_ASN1_OCTET_STRING,V_ASN1_UNIVERSAL);
if (ret == NULL)
{
- ASN1err(ASN1_F_D2I_ASN1_OCTET_STRING,ASN1_R_ERROR_STACK);
+ ASN1err(ASN1_F_D2I_ASN1_OCTET_STRING,ERR_R_NESTED_ASN1_ERROR);
return(NULL);
}
return(ret);
return(r);
}
-STACK *d2i_ASN1_SET(a,pp,length,func,ex_tag,ex_class)
+STACK *d2i_ASN1_SET(a,pp,length,func,free_func,ex_tag,ex_class)
STACK **a;
unsigned char **pp;
long length;
char *(*func)();
+void (*free_func)();
int ex_tag;
int ex_class;
{
char *s;
if (M_ASN1_D2I_end_sequence()) break;
- if ((s=func(NULL,&c.p,c.slen,c.max-c.p)) == NULL) goto err;
+ if ((s=func(NULL,&c.p,c.slen,c.max-c.p)) == NULL)
+ {
+ ASN1err(ASN1_F_D2I_ASN1_SET,ASN1_R_ERROR_PARSING_SET_ELEMENT);
+ asn1_add_error(*pp,(int)(c.q- *pp));
+ goto err;
+ }
if (!sk_push(ret,s)) goto err;
}
if (a != NULL) (*a)=ret;
*pp=c.p;
return(ret);
err:
- if ((ret != NULL) && ((a == NULL) || (*a != ret))) sk_free(ret);
+ if ((ret != NULL) && ((a == NULL) || (*a != ret)))
+ {
+ if (free_func != NULL)
+ sk_pop_free(ret,free_func);
+ else
+ sk_free(ret);
+ }
return(NULL);
}
signature->data=buf_out;
buf_out=NULL;
signature->length=outl;
-
+ /* In the interests of compatability, I'll make sure that
+ * the bit string has a 'not-used bits' value of 0
+ */
+ signature->flags&= ~(ASN1_STRING_FLAG_BITS_LEFT|0x07);
+ signature->flags|=ASN1_STRING_FLAG_BITS_LEFT;
err:
memset(&ctx,0,sizeof(ctx));
if (buf_in != NULL)
#include "cryptlib.h"
#include "asn1_mac.h"
-/* ASN1err(ASN1_F_ASN1_TYPE_NEW,ASN1_R_ERROR_STACK);
- * ASN1err(ASN1_F_D2I_ASN1_BYTES,ASN1_R_ERROR_STACK);
- * ASN1err(ASN1_F_D2I_ASN1_BYTES,ASN1_R_WRONG_TAG);
+/* ASN1err(ASN1_F_D2I_ASN1_BYTES,ASN1_R_WRONG_TAG);
* ASN1err(ASN1_F_ASN1_COLLATE_PRIMATIVE,ASN1_R_WRONG_TAG);
*/
ASN1_TYPE *ASN1_TYPE_new()
{
ASN1_TYPE *ret=NULL;
+ ASN1_CTX c;
M_ASN1_New_Malloc(ret,ASN1_TYPE);
ret->type= -1;
case V_ASN1_NEG_INTEGER:
case V_ASN1_BIT_STRING:
case V_ASN1_OCTET_STRING:
+ case V_ASN1_SEQUENCE:
+ case V_ASN1_SET:
+ case V_ASN1_NUMERICSTRING:
case V_ASN1_PRINTABLESTRING:
case V_ASN1_T61STRING:
+ case V_ASN1_VIDEOTEXSTRING:
case V_ASN1_IA5STRING:
- case V_ASN1_UNIVERSALSTRING:
- case V_ASN1_GENERALSTRING:
case V_ASN1_UTCTIME:
- case V_ASN1_SET:
- case V_ASN1_SEQUENCE:
+ case V_ASN1_GENERALIZEDTIME:
+ case V_ASN1_GRAPHICSTRING:
+ case V_ASN1_VISIBLESTRING:
+ case V_ASN1_GENERALSTRING:
+ case V_ASN1_UNIVERSALSTRING:
+ case V_ASN1_BMPSTRING:
ASN1_STRING_free((ASN1_STRING *)a->value.ptr);
break;
default:
V_ASN1_UTCTIME,V_ASN1_UNIVERSAL);
if (ret == NULL)
{
- ASN1err(ASN1_F_D2I_ASN1_UTCTIME,ASN1_R_ERROR_STACK);
+ ASN1err(ASN1_F_D2I_ASN1_UTCTIME,ERR_R_NESTED_ASN1_ERROR);
return(NULL);
}
if (!ASN1_UTCTIME_check(ret))
{
char *p;
struct tm *ts;
-#if defined(THREADS)
+#if defined(THREADS) && !defined(WIN32)
struct tm data;
#endif
if (s == NULL)
return(NULL);
-#if defined(THREADS)
+#if defined(THREADS) && !defined(WIN32)
ts=(struct tm *)gmtime_r(&t,&data);
#else
ts=(struct tm *)gmtime(&t);
/* Reason codes. */
#define ASN1_R_BAD_CLASS 100
-#define ASN1_R_BAD_GET_OBJECT 101
-#define ASN1_R_BAD_OBJECT_HEADER 102
-#define ASN1_R_BAD_PASSWORD_READ 103
-#define ASN1_R_BAD_PKCS7_CONTENT 104
-#define ASN1_R_BAD_PKCS7_TYPE 105
-#define ASN1_R_BAD_TAG 106
-#define ASN1_R_BAD_TYPE 107
-#define ASN1_R_BN_LIB 108
-#define ASN1_R_BOOLEAN_IS_WRONG_LENGTH 109
-#define ASN1_R_BUFFER_TOO_SMALL 110
-#define ASN1_R_DATA_IS_WRONG 111
-#define ASN1_R_DECODING_ERROR 112
-#define ASN1_R_ERROR_STACK 113
-#define ASN1_R_EXPECTING_AN_INTEGER 114
-#define ASN1_R_EXPECTING_AN_OBJECT 115
-#define ASN1_R_EXPECTING_AN_OCTET_STRING 116
-#define ASN1_R_EXPECTING_A_BIT_STRING 117
-#define ASN1_R_EXPECTING_A_BOOLEAN 118
-#define ASN1_R_EXPECTING_A_SEQUENCE 119
-#define ASN1_R_EXPECTING_A_UTCTIME 120
-#define ASN1_R_FIRST_NUM_TOO_LARGE 121
-#define ASN1_R_HEADER_TOO_LONG 122
-#define ASN1_R_INVALID_DIGIT 123
-#define ASN1_R_INVALID_SEPARATOR 124
-#define ASN1_R_INVALID_TIME_FORMAT 125
-#define ASN1_R_IV_TOO_LARGE 126
-#define ASN1_R_LENGTH_ERROR 127
-#define ASN1_R_LENGTH_MISMATCH 128
-#define ASN1_R_MISSING_EOS 129
-#define ASN1_R_MISSING_SECOND_NUMBER 130
-#define ASN1_R_NON_HEX_CHARACTERS 131
-#define ASN1_R_NOT_ENOUGH_DATA 132
-#define ASN1_R_ODD_NUMBER_OF_CHARS 133
-#define ASN1_R_PARSING 134
-#define ASN1_R_PRIVATE_KEY_HEADER_MISSING 135
-#define ASN1_R_SECOND_NUMBER_TOO_LARGE 136
-#define ASN1_R_SHORT_LINE 137
-#define ASN1_R_STRING_TOO_SHORT 138
-#define ASN1_R_TAG_VALUE_TOO_HIGH 139
-#define ASN1_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD 140
-#define ASN1_R_TOO_LONG 141
-#define ASN1_R_UNABLE_TO_DECODE_RSA_KEY 142
-#define ASN1_R_UNABLE_TO_DECODE_RSA_PRIVATE_KEY 143
-#define ASN1_R_UNKNOWN_ATTRIBUTE_TYPE 144
-#define ASN1_R_UNKNOWN_MESSAGE_DIGEST_ALGORITHM 145
-#define ASN1_R_UNKNOWN_OBJECT_TYPE 146
-#define ASN1_R_UNKNOWN_PUBLIC_KEY_TYPE 147
-#define ASN1_R_UNSUPPORTED_CIPHER 148
-#define ASN1_R_UNSUPPORTED_ENCRYPTION_ALGORITHM 149
-#define ASN1_R_UNSUPPORTED_PUBLIC_KEY_TYPE 150
-#define ASN1_R_UTCTIME_TOO_LONG 151
-#define ASN1_R_WRONG_PRINTABLE_TYPE 152
-#define ASN1_R_WRONG_TAG 153
-#define ASN1_R_WRONG_TYPE 154
+#define ASN1_R_BAD_OBJECT_HEADER 101
+#define ASN1_R_BAD_PASSWORD_READ 102
+#define ASN1_R_BAD_PKCS7_CONTENT 103
+#define ASN1_R_BAD_PKCS7_TYPE 104
+#define ASN1_R_BAD_TAG 105
+#define ASN1_R_BAD_TYPE 106
+#define ASN1_R_BN_LIB 107
+#define ASN1_R_BOOLEAN_IS_WRONG_LENGTH 108
+#define ASN1_R_BUFFER_TOO_SMALL 109
+#define ASN1_R_DATA_IS_WRONG 110
+#define ASN1_R_DECODING_ERROR 111
+#define ASN1_R_ERROR_PARSING_SET_ELEMENT 112
+#define ASN1_R_EXPECTING_AN_INTEGER 113
+#define ASN1_R_EXPECTING_AN_OBJECT 114
+#define ASN1_R_EXPECTING_AN_OCTET_STRING 115
+#define ASN1_R_EXPECTING_A_BIT_STRING 116
+#define ASN1_R_EXPECTING_A_BOOLEAN 117
+#define ASN1_R_EXPECTING_A_UTCTIME 118
+#define ASN1_R_FIRST_NUM_TOO_LARGE 119
+#define ASN1_R_HEADER_TOO_LONG 120
+#define ASN1_R_INVALID_DIGIT 121
+#define ASN1_R_INVALID_SEPARATOR 122
+#define ASN1_R_INVALID_TIME_FORMAT 123
+#define ASN1_R_IV_TOO_LARGE 124
+#define ASN1_R_LENGTH_ERROR 125
+#define ASN1_R_MISSING_SECOND_NUMBER 126
+#define ASN1_R_NON_HEX_CHARACTERS 127
+#define ASN1_R_NOT_ENOUGH_DATA 128
+#define ASN1_R_ODD_NUMBER_OF_CHARS 129
+#define ASN1_R_PARSING 130
+#define ASN1_R_PRIVATE_KEY_HEADER_MISSING 131
+#define ASN1_R_SECOND_NUMBER_TOO_LARGE 132
+#define ASN1_R_SHORT_LINE 133
+#define ASN1_R_STRING_TOO_SHORT 134
+#define ASN1_R_TAG_VALUE_TOO_HIGH 135
+#define ASN1_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD 136
+#define ASN1_R_TOO_LONG 137
+#define ASN1_R_UNABLE_TO_DECODE_RSA_KEY 138
+#define ASN1_R_UNABLE_TO_DECODE_RSA_PRIVATE_KEY 139
+#define ASN1_R_UNKNOWN_ATTRIBUTE_TYPE 140
+#define ASN1_R_UNKNOWN_MESSAGE_DIGEST_ALGORITHM 141
+#define ASN1_R_UNKNOWN_OBJECT_TYPE 142
+#define ASN1_R_UNKNOWN_PUBLIC_KEY_TYPE 143
+#define ASN1_R_UNSUPPORTED_CIPHER 144
+#define ASN1_R_UNSUPPORTED_ENCRYPTION_ALGORITHM 145
+#define ASN1_R_UNSUPPORTED_PUBLIC_KEY_TYPE 146
+#define ASN1_R_UTCTIME_TOO_LONG 147
+#define ASN1_R_WRONG_PRINTABLE_TYPE 148
+#define ASN1_R_WRONG_TAG 149
+#define ASN1_R_WRONG_TYPE 150
#define B_ASN1_BMPSTRING 0x0800
#define B_ASN1_UNKNOWN 0x1000
-#ifndef DEBUG
-
-#define ASN1_INTEGER ASN1_STRING
-#define ASN1_BIT_STRING ASN1_STRING
-#define ASN1_OCTET_STRING ASN1_STRING
-#define ASN1_PRINTABLESTRING ASN1_STRING
-#define ASN1_T61STRING ASN1_STRING
-#define ASN1_IA5STRING ASN1_STRING
-#define ASN1_UTCTIME ASN1_STRING
-#define ASN1_GENERALIZEDTIME ASN1_STRING
-#define ASN1_GENERALSTRING ASN1_STRING
-#define ASN1_UNIVERSALSTRING ASN1_STRING
-#define ASN1_BMPSTRING ASN1_STRING
-
-#else
-
-typedef struct asn1_integer_st
- {
- int length;
- int type;
- unsigned char *data;
- } ASN1_INTEGER;
-
-typedef struct asn1_bit_string_st
- {
- int length;
- int type;
- unsigned char *data;
- } ASN1_BIT_STRING;
-
-typedef struct asn1_octet_string_st
- {
- int length;
- int type;
- unsigned char *data;
- } ASN1_OCTET_STRING;
-
-typedef struct asn1_printablestring_st
- {
- int length;
- int type;
- unsigned char *data;
- } ASN1_PRINTABLESTRING;
-
-typedef struct asn1_t61string_st
- {
- int length;
- int type;
- unsigned char *data;
- } ASN1_T61STRING;
-
-typedef struct asn1_ia5string_st
- {
- int length;
- int type;
- unsigned char *data;
- } ASN1_IA5STRING;
-
-typedef struct asn1_generalstring_st
- {
- int length;
- int type;
- unsigned char *data;
- } ASN1_GENERALSTRING;
-
-typedef struct asn1_universalstring_st
- {
- int length;
- int type;
- unsigned char *data;
- } ASN1_UNIVERSALSTRING;
-
-typedef struct asn1_bmpstring_st
- {
- int length;
- int type;
- unsigned char *data;
- } ASN1_BMPSTRING;
-
-typedef struct asn1_utctime_st
- {
- int length;
- int type;
- unsigned char *data;
- } ASN1_UTCTIME;
-
-typedef struct asn1_generalizedtime_st
- {
- int length;
- int type;
- unsigned char *data;
- } ASN1_GENERALIZEDTIME;
-
-#endif
-
typedef struct asn1_ctx_st
{
unsigned char *p;/* work char pointer */
unsigned char *max; /* largest value of p alowed */
unsigned char *q;/* temporary variable */
unsigned char **pp;/* variable */
+ int line; /* used in error processing */
} ASN1_CTX;
/* These are used internally in the ASN1_OBJECT to keep track of
int flags; /* Should we free this one */
} ASN1_OBJECT;
+#define ASN1_STRING_FLAG_BITS_LEFT 0x08 /* Set if 0x07 has bits left value */
/* This is the base type that holds just about everything :-) */
typedef struct asn1_string_st
{
int length;
int type;
unsigned char *data;
+ /* The value of the following field depends on the type being
+ * held. It is mostly being used for BIT_STRING so if the
+ * input data has a non-zero 'unused bits' value, it will be
+ * handled correctly */
+ long flags;
} ASN1_STRING;
+#ifndef DEBUG
+#define ASN1_INTEGER ASN1_STRING
+#define ASN1_BIT_STRING ASN1_STRING
+#define ASN1_OCTET_STRING ASN1_STRING
+#define ASN1_PRINTABLESTRING ASN1_STRING
+#define ASN1_T61STRING ASN1_STRING
+#define ASN1_IA5STRING ASN1_STRING
+#define ASN1_UTCTIME ASN1_STRING
+#define ASN1_GENERALIZEDTIME ASN1_STRING
+#define ASN1_GENERALSTRING ASN1_STRING
+#define ASN1_UNIVERSALSTRING ASN1_STRING
+#define ASN1_BMPSTRING ASN1_STRING
+#else
+typedef struct asn1_string_st ASN1_INTEGER;
+typedef struct asn1_string_st ASN1_BIT_STRING;
+typedef struct asn1_string_st ASN1_OCTET_STRING;
+typedef struct asn1_string_st ASN1_PRINTABLESTRING;
+typedef struct asn1_string_st ASN1_T61STRING;
+typedef struct asn1_string_st ASN1_IA5STRING;
+typedef struct asn1_string_st ASN1_GENERALSTRING;
+typedef struct asn1_string_st ASN1_UNIVERSALSTRING;
+typedef struct asn1_string_st ASN1_BMPSTRING;
+typedef struct asn1_string_st ASN1_UTCTIME;
+typedef struct asn1_string_st ASN1_GENERALIZEDTIME;
+#endif
+
typedef struct asn1_type_st
{
int type;
ASN1_OCTET_STRING *d2i_ASN1_OCTET_STRING(ASN1_OCTET_STRING **a,
unsigned char **pp,long length);
+int i2d_ASN1_BMPSTRING(ASN1_BMPSTRING *a, unsigned char **pp);
+ASN1_BMPSTRING *d2i_ASN1_BMPSTRING(ASN1_BMPSTRING **a, unsigned char **pp,
+ long length);
+
int i2d_ASN1_PRINTABLE(ASN1_STRING *a,unsigned char **pp);
ASN1_STRING *d2i_ASN1_PRINTABLE(ASN1_STRING **a,
unsigned char **pp, long l);
int i2d_ASN1_SET(STACK *a, unsigned char **pp,
int (*func)(), int ex_tag, int ex_class);
STACK * d2i_ASN1_SET(STACK **a, unsigned char **pp, long length,
- char *(*func)(), int ex_tag, int ex_class);
+ char *(*func)(), void (*free_func)(),
+ int ex_tag, int ex_class);
#ifdef HEADER_BIO_H
int i2a_ASN1_INTEGER(BIO *bp, ASN1_INTEGER *a);
int ASN1_TYPE_set_int_octetstring();
int ASN1_TYPE_get_int_octetstring();
+int i2d_ASN1_BMPSTRING();
+ASN1_BMPSTRING *d2i_ASN1_BMPSTRING();
+
#endif
/* BEGIN ERROR CODES */
/* Reason codes. */
#define ASN1_R_BAD_CLASS 100
-#define ASN1_R_BAD_GET_OBJECT 101
-#define ASN1_R_BAD_OBJECT_HEADER 102
-#define ASN1_R_BAD_PASSWORD_READ 103
-#define ASN1_R_BAD_PKCS7_CONTENT 104
-#define ASN1_R_BAD_PKCS7_TYPE 105
-#define ASN1_R_BAD_TAG 106
-#define ASN1_R_BAD_TYPE 107
-#define ASN1_R_BN_LIB 108
-#define ASN1_R_BOOLEAN_IS_WRONG_LENGTH 109
-#define ASN1_R_BUFFER_TOO_SMALL 110
-#define ASN1_R_DATA_IS_WRONG 111
-#define ASN1_R_DECODING_ERROR 112
-#define ASN1_R_ERROR_STACK 113
-#define ASN1_R_EXPECTING_AN_INTEGER 114
-#define ASN1_R_EXPECTING_AN_OBJECT 115
-#define ASN1_R_EXPECTING_AN_OCTET_STRING 116
-#define ASN1_R_EXPECTING_A_BIT_STRING 117
-#define ASN1_R_EXPECTING_A_BOOLEAN 118
-#define ASN1_R_EXPECTING_A_SEQUENCE 119
-#define ASN1_R_EXPECTING_A_UTCTIME 120
-#define ASN1_R_FIRST_NUM_TOO_LARGE 121
-#define ASN1_R_HEADER_TOO_LONG 122
-#define ASN1_R_INVALID_DIGIT 123
-#define ASN1_R_INVALID_SEPARATOR 124
-#define ASN1_R_INVALID_TIME_FORMAT 125
-#define ASN1_R_IV_TOO_LARGE 126
-#define ASN1_R_LENGTH_ERROR 127
-#define ASN1_R_LENGTH_MISMATCH 128
-#define ASN1_R_MISSING_EOS 129
-#define ASN1_R_MISSING_SECOND_NUMBER 130
-#define ASN1_R_NON_HEX_CHARACTERS 131
-#define ASN1_R_NOT_ENOUGH_DATA 132
-#define ASN1_R_ODD_NUMBER_OF_CHARS 133
-#define ASN1_R_PARSING 134
-#define ASN1_R_PRIVATE_KEY_HEADER_MISSING 135
-#define ASN1_R_SECOND_NUMBER_TOO_LARGE 136
-#define ASN1_R_SHORT_LINE 137
-#define ASN1_R_STRING_TOO_SHORT 138
-#define ASN1_R_TAG_VALUE_TOO_HIGH 139
-#define ASN1_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD 140
-#define ASN1_R_TOO_LONG 141
-#define ASN1_R_UNABLE_TO_DECODE_RSA_KEY 142
-#define ASN1_R_UNABLE_TO_DECODE_RSA_PRIVATE_KEY 143
-#define ASN1_R_UNKNOWN_ATTRIBUTE_TYPE 144
-#define ASN1_R_UNKNOWN_MESSAGE_DIGEST_ALGORITHM 145
-#define ASN1_R_UNKNOWN_OBJECT_TYPE 146
-#define ASN1_R_UNKNOWN_PUBLIC_KEY_TYPE 147
-#define ASN1_R_UNSUPPORTED_CIPHER 148
-#define ASN1_R_UNSUPPORTED_ENCRYPTION_ALGORITHM 149
-#define ASN1_R_UNSUPPORTED_PUBLIC_KEY_TYPE 150
-#define ASN1_R_UTCTIME_TOO_LONG 151
-#define ASN1_R_WRONG_PRINTABLE_TYPE 152
-#define ASN1_R_WRONG_TAG 153
-#define ASN1_R_WRONG_TYPE 154
+#define ASN1_R_BAD_OBJECT_HEADER 101
+#define ASN1_R_BAD_PASSWORD_READ 102
+#define ASN1_R_BAD_PKCS7_CONTENT 103
+#define ASN1_R_BAD_PKCS7_TYPE 104
+#define ASN1_R_BAD_TAG 105
+#define ASN1_R_BAD_TYPE 106
+#define ASN1_R_BN_LIB 107
+#define ASN1_R_BOOLEAN_IS_WRONG_LENGTH 108
+#define ASN1_R_BUFFER_TOO_SMALL 109
+#define ASN1_R_DATA_IS_WRONG 110
+#define ASN1_R_DECODING_ERROR 111
+#define ASN1_R_ERROR_PARSING_SET_ELEMENT 112
+#define ASN1_R_EXPECTING_AN_INTEGER 113
+#define ASN1_R_EXPECTING_AN_OBJECT 114
+#define ASN1_R_EXPECTING_AN_OCTET_STRING 115
+#define ASN1_R_EXPECTING_A_BIT_STRING 116
+#define ASN1_R_EXPECTING_A_BOOLEAN 117
+#define ASN1_R_EXPECTING_A_UTCTIME 118
+#define ASN1_R_FIRST_NUM_TOO_LARGE 119
+#define ASN1_R_HEADER_TOO_LONG 120
+#define ASN1_R_INVALID_DIGIT 121
+#define ASN1_R_INVALID_SEPARATOR 122
+#define ASN1_R_INVALID_TIME_FORMAT 123
+#define ASN1_R_IV_TOO_LARGE 124
+#define ASN1_R_LENGTH_ERROR 125
+#define ASN1_R_MISSING_SECOND_NUMBER 126
+#define ASN1_R_NON_HEX_CHARACTERS 127
+#define ASN1_R_NOT_ENOUGH_DATA 128
+#define ASN1_R_ODD_NUMBER_OF_CHARS 129
+#define ASN1_R_PARSING 130
+#define ASN1_R_PRIVATE_KEY_HEADER_MISSING 131
+#define ASN1_R_SECOND_NUMBER_TOO_LARGE 132
+#define ASN1_R_SHORT_LINE 133
+#define ASN1_R_STRING_TOO_SHORT 134
+#define ASN1_R_TAG_VALUE_TOO_HIGH 135
+#define ASN1_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD 136
+#define ASN1_R_TOO_LONG 137
+#define ASN1_R_UNABLE_TO_DECODE_RSA_KEY 138
+#define ASN1_R_UNABLE_TO_DECODE_RSA_PRIVATE_KEY 139
+#define ASN1_R_UNKNOWN_ATTRIBUTE_TYPE 140
+#define ASN1_R_UNKNOWN_MESSAGE_DIGEST_ALGORITHM 141
+#define ASN1_R_UNKNOWN_OBJECT_TYPE 142
+#define ASN1_R_UNKNOWN_PUBLIC_KEY_TYPE 143
+#define ASN1_R_UNSUPPORTED_CIPHER 144
+#define ASN1_R_UNSUPPORTED_ENCRYPTION_ALGORITHM 145
+#define ASN1_R_UNSUPPORTED_PUBLIC_KEY_TYPE 146
+#define ASN1_R_UTCTIME_TOO_LONG 147
+#define ASN1_R_WRONG_PRINTABLE_TYPE 148
+#define ASN1_R_WRONG_TAG 149
+#define ASN1_R_WRONG_TYPE 150
#ifdef __cplusplus
}
{ERR_PACK(0,ASN1_F_ASN1_VERIFY,0), "ASN1_VERIFY"},
{ERR_PACK(0,ASN1_F_BN_TO_ASN1_INTEGER,0), "BN_to_ASN1_INTEGER"},
{ERR_PACK(0,ASN1_F_D2I_ASN1_BIT_STRING,0), "d2i_ASN1_BIT_STRING"},
-{ERR_PACK(0,ASN1_F_D2I_ASN1_BMPSTRING,0), "D2I_ASN1_BMPSTRING"},
+{ERR_PACK(0,ASN1_F_D2I_ASN1_BMPSTRING,0), "d2i_ASN1_BMPSTRING"},
{ERR_PACK(0,ASN1_F_D2I_ASN1_BOOLEAN,0), "d2i_ASN1_BOOLEAN"},
{ERR_PACK(0,ASN1_F_D2I_ASN1_BYTES,0), "d2i_ASN1_bytes"},
{ERR_PACK(0,ASN1_F_D2I_ASN1_HEADER,0), "d2i_ASN1_HEADER"},
static ERR_STRING_DATA ASN1_str_reasons[]=
{
{ASN1_R_BAD_CLASS ,"bad class"},
-{ASN1_R_BAD_GET_OBJECT ,"bad get object"},
{ASN1_R_BAD_OBJECT_HEADER ,"bad object header"},
{ASN1_R_BAD_PASSWORD_READ ,"bad password read"},
{ASN1_R_BAD_PKCS7_CONTENT ,"bad pkcs7 content"},
{ASN1_R_BUFFER_TOO_SMALL ,"buffer too small"},
{ASN1_R_DATA_IS_WRONG ,"data is wrong"},
{ASN1_R_DECODING_ERROR ,"decoding error"},
-{ASN1_R_ERROR_STACK ,"error stack"},
+{ASN1_R_ERROR_PARSING_SET_ELEMENT ,"error parsing set element"},
{ASN1_R_EXPECTING_AN_INTEGER ,"expecting an integer"},
{ASN1_R_EXPECTING_AN_OBJECT ,"expecting an object"},
{ASN1_R_EXPECTING_AN_OCTET_STRING ,"expecting an octet string"},
{ASN1_R_EXPECTING_A_BIT_STRING ,"expecting a bit string"},
{ASN1_R_EXPECTING_A_BOOLEAN ,"expecting a boolean"},
-{ASN1_R_EXPECTING_A_SEQUENCE ,"expecting a sequence"},
{ASN1_R_EXPECTING_A_UTCTIME ,"expecting a utctime"},
{ASN1_R_FIRST_NUM_TOO_LARGE ,"first num too large"},
{ASN1_R_HEADER_TOO_LONG ,"header too long"},
{ASN1_R_INVALID_TIME_FORMAT ,"invalid time format"},
{ASN1_R_IV_TOO_LARGE ,"iv too large"},
{ASN1_R_LENGTH_ERROR ,"length error"},
-{ASN1_R_LENGTH_MISMATCH ,"length mismatch"},
-{ASN1_R_MISSING_EOS ,"missing eos"},
{ASN1_R_MISSING_SECOND_NUMBER ,"missing second number"},
{ASN1_R_NON_HEX_CHARACTERS ,"non hex characters"},
{ASN1_R_NOT_ENOUGH_DATA ,"not enough data"},
{
static int init=1;
- if (init);
- {;
+ if (init)
+ {
init=0;
#ifndef NO_ERR
ERR_load_strings(ERR_LIB_ASN1,ASN1_str_functs);
static void asn1_put_length();
#endif
-char *ASN1_version="ASN1 part of SSLeay 0.9.0b 29-Jun-1998";
+char *ASN1_version="ASN1 part of SSLeay 0.9.1a 06-Jul-1998";
int ASN1_check_infinite_end(p,len)
unsigned char **p;
*pclass=xclass;
if (!asn1_get_length(&p,&inf,plength,(int)max)) goto err;
-#ifdef undef
- fprintf(stderr,"p=%d + *plength=%d > omax=%d + *pp=%d (%d > %d)\n",
- p,*plength,omax,*pp,(p+ *plength),omax+ *pp);
+#if 0
+ fprintf(stderr,"p=%d + *plength=%ld > omax=%ld + *pp=%d (%d > %d)\n",
+ (int)p,*plength,omax,(int)*pp,(int)(p+ *plength),
+ (int)(omax+ *pp));
#endif
+#if 0
if ((p+ *plength) > (omax+ *pp))
{
ASN1err(ASN1_F_ASN1_GET_OBJECT,ASN1_R_TOO_LONG);
* the values are set correctly */
ret|=0x80;
}
+#endif
*pp=p;
- return(ret+inf);
+ return(ret|inf);
err:
ASN1err(ASN1_F_ASN1_GET_OBJECT,ASN1_R_HEADER_TOO_LONG);
return(0x80);
{
if (!ASN1_check_infinite_end(&c->p,c->slen))
{
- c->error=ASN1_R_MISSING_EOS;
+ c->error=ERR_R_MISSING_ASN1_EOS;
return(0);
}
}
if ( ((c->slen != 0) && !(c->inf & 1)) ||
((c->slen < 0) && (c->inf & 1)))
{
- c->error=ASN1_R_LENGTH_MISMATCH;
+ c->error=ERR_R_ASN1_LENGTH_MISMATCH;
return(0);
}
return(1);
*length);
if (c->inf & 0x80)
{
- c->error=ASN1_R_BAD_GET_OBJECT;
+ c->error=ERR_R_BAD_GET_ASN1_OBJECT_CALL;
return(0);
}
if (c->tag != V_ASN1_SEQUENCE)
{
- c->error=ASN1_R_EXPECTING_A_SEQUENCE;
+ c->error=ERR_R_EXPECTING_AN_ASN1_SEQUENCE;
return(0);
}
(*length)-=(c->p-q);
if (c->max && (*length < 0))
{
- c->error=ASN1_R_LENGTH_MISMATCH;
+ c->error=ERR_R_ASN1_LENGTH_MISMATCH;
return(0);
}
if (c->inf == (1|V_ASN1_CONSTRUCTED))
ret->length=0;
ret->type=type;
ret->data=NULL;
+ ret->flags=0;
return(ret);
}
#include "x509.h"
#include "pkcs7.h"
+#ifndef ASN1_MAC_ERR_LIB
+#define ASN1_MAC_ERR_LIB ERR_LIB_ASN1
+#endif
+
+#define ASN1_MAC_H_err(f,r,line) \
+ ERR_PUT_error(ASN1_MAC_ERR_LIB,(f),(r),ERR_file_name,(line))
+
#define M_ASN1_D2I_vars(a,type,func) \
ASN1_CTX c; \
type ret=NULL; \
\
c.pp=pp; \
- c.error=ASN1_R_ERROR_STACK; \
+ c.q= *pp; \
+ c.error=ERR_R_NESTED_ASN1_ERROR; \
if ((a == NULL) || ((*a) == NULL)) \
- { if ((ret=(type)func()) == NULL) goto err; } \
+ { if ((ret=(type)func()) == NULL) \
+ { c.line=__LINE__; goto err; } } \
else ret=(*a);
#define M_ASN1_D2I_Init() \
c.max=(length == 0)?0:(c.p+length);
#define M_ASN1_D2I_Finish_2(a) \
- if (!asn1_Finish(&c)) goto err; \
+ if (!asn1_Finish(&c)) \
+ { c.line=__LINE__; goto err; } \
*pp=c.p; \
if (a != NULL) (*a)=ret; \
return(ret);
#define M_ASN1_D2I_Finish(a,func,e) \
M_ASN1_D2I_Finish_2(a); \
err:\
- ASN1err((e),c.error); \
+ ASN1_MAC_H_err((e),c.error,c.line); \
asn1_add_error(*pp,(int)(c.q- *pp)); \
if ((ret != NULL) && ((a == NULL) || (*a != ret))) func(ret); \
return(NULL)
#define M_ASN1_D2I_start_sequence() \
- if (!asn1_GetSequence(&c,&length)) goto err;
+ if (!asn1_GetSequence(&c,&length)) \
+ { c.line=__LINE__; goto err; }
#define M_ASN1_D2I_end_sequence() \
(((c.inf&1) == 0)?(c.slen <= 0): \
(c.eos=ASN1_check_infinite_end(&c.p,c.slen)))
+/* Don't use this with d2i_ASN1_BOOLEAN() */
#define M_ASN1_D2I_get(b,func) \
c.q=c.p; \
- if (func(&(b),&c.p,c.slen) == NULL) goto err; \
+ if (func(&(b),&c.p,c.slen) == NULL) \
+ {c.line=__LINE__; goto err; } \
+ c.slen-=(c.p-c.q);
+
+/* use this instead () */
+#define M_ASN1_D2I_get_int(b,func) \
+ c.q=c.p; \
+ if (func(&(b),&c.p,c.slen) < 0) \
+ {c.line=__LINE__; goto err; } \
c.slen-=(c.p-c.q);
#define M_ASN1_D2I_get_opt(b,func,type) \
M_ASN1_next_prev=tmp; \
}
-#define M_ASN1_D2I_get_set(r,func) \
- M_ASN1_D2I_get_imp_set(r,func,V_ASN1_SET,V_ASN1_UNIVERSAL);
+#define M_ASN1_D2I_get_set(r,func,free_func) \
+ M_ASN1_D2I_get_imp_set(r,func,free_func, \
+ V_ASN1_SET,V_ASN1_UNIVERSAL);
+
+#define M_ASN1_D2I_get_set_opt(r,func,free_func) \
+ if ((c.slen != 0) && (M_ASN1_next == (V_ASN1_UNIVERSAL| \
+ V_ASN1_CONSTRUCTED|V_ASN1_SET)))\
+ { M_ASN1_D2I_get_set(r,func,free_func); }
+
+#define M_ASN1_I2D_len_SET_opt(a,f) \
+ if ((a != NULL) && (sk_num(a) != 0)) \
+ M_ASN1_I2D_len_SET(a,f);
+
+#define M_ASN1_I2D_put_SET_opt(a,f) \
+ if ((a != NULL) && (sk_num(a) != 0)) \
+ M_ASN1_I2D_put_SET(a,f);
-#define M_ASN1_D2I_get_IMP_set_opt(b,func,tag) \
+#define M_ASN1_D2I_get_IMP_set_opt(b,func,free_func,tag) \
if ((c.slen != 0) && \
(M_ASN1_next == \
(V_ASN1_CONTEXT_SPECIFIC|V_ASN1_CONSTRUCTED|(tag))))\
{ \
- M_ASN1_D2I_get_imp_set(b,func,tag,V_ASN1_CONTEXT_SPECIFIC); \
+ M_ASN1_D2I_get_imp_set(b,func,free_func,\
+ tag,V_ASN1_CONTEXT_SPECIFIC); \
}
-#define M_ASN1_D2I_get_seq(r,func) \
- M_ASN1_D2I_get_imp_set(r,func,V_ASN1_SEQUENCE,V_ASN1_UNIVERSAL);
+#define M_ASN1_D2I_get_seq(r,func,free_func) \
+ M_ASN1_D2I_get_imp_set(r,func,free_func,\
+ V_ASN1_SEQUENCE,V_ASN1_UNIVERSAL);
-#define M_ASN1_D2I_get_seq_opt(r,func) \
+#define M_ASN1_D2I_get_seq_opt(r,func,free_func) \
if ((c.slen != 0) && (M_ASN1_next == (V_ASN1_UNIVERSAL| \
V_ASN1_CONSTRUCTED|V_ASN1_SEQUENCE)))\
- { M_ASN1_D2I_get_seq(r,func); }
+ { M_ASN1_D2I_get_seq(r,func,free_func); }
-#define M_ASN1_D2I_get_IMP_set(r,func,x) \
- M_ASN1_D2I_get_imp_set(r,func,x,V_ASN1_CONTEXT_SPECIFIC);
+#define M_ASN1_D2I_get_IMP_set(r,func,free_func,x) \
+ M_ASN1_D2I_get_imp_set(r,func,free_func,\
+ x,V_ASN1_CONTEXT_SPECIFIC);
-#define M_ASN1_D2I_get_imp_set(r,func,a,b) \
+#define M_ASN1_D2I_get_imp_set(r,func,free_func,a,b) \
c.q=c.p; \
- if (d2i_ASN1_SET(&(r),&c.p,c.slen,(char *(*)())func,a,b) == NULL) \
- goto err; \
+ if (d2i_ASN1_SET(&(r),&c.p,c.slen,(char *(*)())func,\
+ (void (*)())free_func,a,b) == NULL) \
+ { c.line=__LINE__; goto err; } \
c.slen-=(c.p-c.q);
#define M_ASN1_D2I_get_set_strings(r,func,a,b) \
c.q=c.p; \
if (d2i_ASN1_STRING_SET(&(r),&c.p,c.slen,a,b) == NULL) \
- goto err; \
+ { c.line=__LINE__; goto err; } \
c.slen-=(c.p-c.q);
#define M_ASN1_D2I_get_EXP_opt(r,func,tag) \
c.q=c.p; \
Tinf=ASN1_get_object(&c.p,&Tlen,&Ttag,&Tclass,c.slen); \
if (Tinf & 0x80) \
- { c.error=ASN1_R_BAD_OBJECT_HEADER; goto err; } \
+ { c.error=ERR_R_BAD_ASN1_OBJECT_HEADER; \
+ c.line=__LINE__; goto err; } \
if (func(&(r),&c.p,Tlen) == NULL) \
- goto err; \
+ { c.line=__LINE__; goto err; } \
c.slen-=(c.p-c.q); \
}
-#define M_ASN1_D2I_get_EXP_set_opt(r,func,tag,b) \
+#define M_ASN1_D2I_get_EXP_set_opt(r,func,free_func,tag,b) \
if ((c.slen != 0) && (M_ASN1_next == \
(V_ASN1_CONSTRUCTED|V_ASN1_CONTEXT_SPECIFIC|tag))) \
{ \
c.q=c.p; \
Tinf=ASN1_get_object(&c.p,&Tlen,&Ttag,&Tclass,c.slen); \
if (Tinf & 0x80) \
- { c.error=ASN1_R_BAD_OBJECT_HEADER; goto err; } \
+ { c.error=ERR_R_BAD_ASN1_OBJECT_HEADER; \
+ c.line=__LINE__; goto err; } \
if (d2i_ASN1_SET(&(r),&c.p,Tlen,(char *(*)())func, \
+ (void (*)())free_func, \
b,V_ASN1_UNIVERSAL) == NULL) \
- goto err; \
+ { c.line=__LINE__; goto err; } \
c.slen-=(c.p-c.q); \
}
/* New macros */
#define M_ASN1_New_Malloc(ret,type) \
- if ((ret=(type *)Malloc(sizeof(type))) == NULL) goto err2;
+ if ((ret=(type *)Malloc(sizeof(type))) == NULL) \
+ { c.line=__LINE__; goto err2; }
#define M_ASN1_New(arg,func) \
if (((arg)=func()) == NULL) return(NULL)
#define M_ASN1_New_Error(a) \
-/* err: ASN1err((a),ASN1_R_ERROR_STACK); \
+/* err: ASN1_MAC_H_err((a),ERR_R_NESTED_ASN1_ERROR,c.line); \
return(NULL);*/ \
- err2: ASN1err((a),ERR_R_MALLOC_FAILURE); \
+ err2: ASN1_MAC_H_err((a),ERR_R_MALLOC_FAILURE,c.line); \
return(NULL)
if ( (tag == V_ASN1_PRINTABLESTRING) ||
(tag == V_ASN1_T61STRING) ||
(tag == V_ASN1_IA5STRING) ||
- (tag == V_ASN1_UTCTIME))
+ (tag == V_ASN1_UTCTIME) ||
+ (tag == V_ASN1_GENERALIZEDTIME))
{
if (BIO_write(bp,":",1) <= 0) goto end;
if ((len > 0) &&
#include "asn1_mac.h"
/*
- * ASN1err(ASN1_F_D2I_DHPARAMS,ASN1_R_LENGTH_MISMATCH);
+ * ASN1err(ASN1_F_D2I_DHPARAMS,ERR_R_ASN1_LENGTH_MISMATCH);
* ASN1err(ASN1_F_I2D_DHPARAMS,ASN1_R_UNKNOWN_ATTRIBUTE_TYPE);
*/
unsigned char **pp;
long length;
{
- int i=ASN1_R_ERROR_STACK;
+ int i=ERR_R_NESTED_ASN1_ERROR;
ASN1_INTEGER *bs=NULL;
long v=0;
M_ASN1_D2I_vars(a,DH *,DH_new);
#include "asn1_mac.h"
/*
- * ASN1err(ASN1_F_D2I_DSAPARAMS,ASN1_R_LENGTH_MISMATCH);
+ * ASN1err(ASN1_F_D2I_DSAPARAMS,ERR_R_ASN1_LENGTH_MISMATCH);
* ASN1err(ASN1_F_I2D_DSAPARAMS,ASN1_R_UNKNOWN_ATTRIBUTE_TYPE);
*/
unsigned char **pp;
long length;
{
- int i=ASN1_R_ERROR_STACK;
+ int i=ERR_R_NESTED_ASN1_ERROR;
ASN1_INTEGER *bs=NULL;
M_ASN1_D2I_vars(a,DSA *,DSA_new);
default:
ASN1err(ASN1_F_D2I_PRIVATEKEY,ASN1_R_UNKNOWN_PUBLIC_KEY_TYPE);
goto err;
- break;
+ /* break; */
}
if (a != NULL) (*a)=ret;
return(ret);
default:
ASN1err(ASN1_F_D2I_PUBLICKEY,ASN1_R_UNKNOWN_PUBLIC_KEY_TYPE);
goto err;
- break;
+ /* break; */
}
if (a != NULL) (*a)=ret;
return(ret);
#include "asn1_mac.h"
/*
- * ASN1err(ASN1_F_D2I_RSAPRIVATEKEY,ASN1_R_LENGTH_MISMATCH);
+ * ASN1err(ASN1_F_D2I_RSAPRIVATEKEY,ERR_R_ASN1_LENGTH_MISMATCH);
* ASN1err(ASN1_F_I2D_RSAPRIVATEKEY,ASN1_R_UNKNOWN_ATTRIBUTE_TYPE);
* ASN1err(ASN1_F_I2D_RSAPRIVATEKEY,ASN1_R_PARSING);
*/
#include "asn1_mac.h"
/*
- * ASN1err(ASN1_F_D2I_RSAPUBLICKEY,ASN1_R_LENGTH_MISMATCH);
+ * ASN1err(ASN1_F_D2I_RSAPUBLICKEY,ERR_R_ASN1_LENGTH_MISMATCH);
* ASN1err(ASN1_F_I2D_RSAPUBLICKEY,ASN1_R_UNKNOWN_ATTRIBUTE_TYPE);
*/
#include "asn1_mac.h"
/*
- * ASN1err(ASN1_F_D2I_DSAPRIVATEKEY,ASN1_R_LENGTH_MISMATCH);
+ * ASN1err(ASN1_F_D2I_DSAPRIVATEKEY,ERR_R_ASN1_LENGTH_MISMATCH);
* ASN1err(ASN1_F_I2D_DSAPRIVATEKEY,ASN1_R_UNKNOWN_ATTRIBUTE_TYPE);
* ASN1err(ASN1_F_I2D_DSAPRIVATEKEY,ASN1_R_PARSING);
*/
#include "asn1_mac.h"
/*
- * ASN1err(ASN1_F_D2I_DSAPUBLICKEY,ASN1_R_LENGTH_MISMATCH);
+ * ASN1err(ASN1_F_D2I_DSAPUBLICKEY,ERR_R_ASN1_LENGTH_MISMATCH);
* ASN1err(ASN1_F_I2D_DSAPUBLICKEY,ASN1_R_UNKNOWN_ATTRIBUTE_TYPE);
*/
return(1);
}
-/* we return the actual length... */
+/* we return the actual length..., num may be missing, in which
+ * case, set it to zero */
int ASN1_TYPE_get_int_octetstring(a,num,data,max_len)
ASN1_TYPE *a;
long *num;
#include "dh.h"
/*
- * ASN1err(ASN1_F_D2I_DHPARAMS,ASN1_R_LENGTH_MISMATCH);
- * ASN1err(ASN1_F_X509_DHPARAMS_NEW,ASN1_R_LENGTH_MISMATCH);
+ * ASN1err(ASN1_F_D2I_DHPARAMS,ERR_R_ASN1_LENGTH_MISMATCH);
+ * ASN1err(ASN1_F_X509_DHPARAMS_NEW,ERR_R_ASN1_LENGTH_MISMATCH);
*/
int i2d_DHparams(a,pp)
#include "dsa.h"
/*
- * ASN1err(ASN1_F_D2I_DSAPARAMS,ASN1_R_LENGTH_MISMATCH);
+ * ASN1err(ASN1_F_D2I_DSAPARAMS,ERR_R_ASN1_LENGTH_MISMATCH);
*/
int i2d_DSAparams(a,pp)
#include "asn1_mac.h"
/*
- * ASN1err(ASN1_F_D2I_RSAPRIVATEKEY,ASN1_R_LENGTH_MISMATCH);
+ * ASN1err(ASN1_F_D2I_RSAPRIVATEKEY,ERR_R_ASN1_LENGTH_MISMATCH);
* ASN1err(ASN1_F_I2D_RSAPRIVATEKEY,ASN1_R_UNKNOWN_ATTRIBUTE_TYPE);
*/
#include "asn1_mac.h"
/*
- * ASN1err(ASN1_F_D2I_RSAPUBLICKEY,ASN1_R_LENGTH_MISMATCH);
+ * ASN1err(ASN1_F_D2I_RSAPUBLICKEY,ERR_R_ASN1_LENGTH_MISMATCH);
* ASN1err(ASN1_F_I2D_RSAPUBLICKEY,ASN1_R_UNKNOWN_ATTRIBUTE_TYPE);
*/
} NETSCAPE_PKEY;
/*
- * ASN1err(ASN1_F_D2I_NETSCAPE_RSA,ASN1_R_LENGTH_MISMATCH);
+ * ASN1err(ASN1_F_D2I_NETSCAPE_RSA,ERR_R_ASN1_LENGTH_MISMATCH);
* ASN1err(ASN1_F_D2I_NETSCAPE_RSA,ASN1_R_DECODING_ERROR);
* ASN1err(ASN1_F_D2I_NETSCAPE_PKEY,ASN1_R_DECODING_ERROR);
* ASN1err(ASN1_F_NETSCAPE_PKEY_NEW,ASN1_R_DECODING_ERROR);
ASN1_OCTET_STRING *os=NULL;
ASN1_CTX c;
- c.error=ASN1_R_ERROR_STACK;
+ c.error=ERR_R_NESTED_ASN1_ERROR;
c.pp=pp;
M_ASN1_D2I_Init();
static NETSCAPE_PKEY *NETSCAPE_PKEY_new()
{
NETSCAPE_PKEY *ret=NULL;
+ ASN1_CTX c;
M_ASN1_New_Malloc(ret,NETSCAPE_PKEY);
M_ASN1_New(ret->version,ASN1_INTEGER_new);
#include "x509.h"
/*
- * ASN1err(ASN1_F_PKCS7_DIGEST_NEW,ASN1_R_MISSING_EOS);
- * ASN1err(ASN1_F_D2I_PKCS7_DIGEST,ASN1_R_LENGTH_MISMATCH);
+ * ASN1err(ASN1_F_PKCS7_DIGEST_NEW,ERR_R_MISSING_ASN1_EOS);
+ * ASN1err(ASN1_F_D2I_PKCS7_DIGEST,ERR_R_ASN1_LENGTH_MISMATCH);
*/
int i2d_PKCS7_DIGEST(a,pp)
PKCS7_DIGEST *PKCS7_DIGEST_new()
{
PKCS7_DIGEST *ret=NULL;
+ ASN1_CTX c;
M_ASN1_New_Malloc(ret,PKCS7_DIGEST);
M_ASN1_New(ret->version,ASN1_INTEGER_new);
projects / openssl.git / commitdiff