2 * Copyright 2008-2016 The OpenSSL Project Authors. All Rights Reserved.
4 * Licensed under the OpenSSL license (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
12 #include "internal/cryptlib.h"
13 #include <openssl/rand.h>
14 #include <openssl/x509.h>
15 #include <openssl/asn1.h>
16 #include <openssl/asn1t.h>
17 #include "internal/evp_int.h"
18 #include "internal/bio.h"
19 #include "asn1_locl.h"
22 * Generalised MIME like utilities for streaming ASN1. Although many have a
23 * PKCS7/CMS like flavour others are more general purpose.
27 * MIME format structures Note that all are translated to lower case apart
28 * from parameter values. Quotes are stripped off
31 struct mime_param_st {
32 char *param_name; /* Param name e.g. "micalg" */
33 char *param_value; /* Param value e.g. "sha1" */
36 struct mime_header_st {
37 char *name; /* Name of line e.g. "content-type" */
38 char *value; /* Value of line e.g. "text/plain" */
39 STACK_OF(MIME_PARAM) *params; /* Zero or more parameters */
42 static int asn1_output_data(BIO *out, BIO *data, ASN1_VALUE *val, int flags,
44 static char *strip_ends(char *name);
45 static char *strip_start(char *name);
46 static char *strip_end(char *name);
47 static MIME_HEADER *mime_hdr_new(const char *name, const char *value);
48 static int mime_hdr_addparam(MIME_HEADER *mhdr, const char *name, const char *value);
49 static STACK_OF(MIME_HEADER) *mime_parse_hdr(BIO *bio);
50 static int mime_hdr_cmp(const MIME_HEADER *const *a,
51 const MIME_HEADER *const *b);
52 static int mime_param_cmp(const MIME_PARAM *const *a,
53 const MIME_PARAM *const *b);
54 static void mime_param_free(MIME_PARAM *param);
55 static int mime_bound_check(char *line, int linelen, const char *bound, int blen);
56 static int multi_split(BIO *bio, const char *bound, STACK_OF(BIO) **ret);
57 static int strip_eol(char *linebuf, int *plen, int flags);
58 static MIME_HEADER *mime_hdr_find(STACK_OF(MIME_HEADER) *hdrs, const char *name);
59 static MIME_PARAM *mime_param_find(MIME_HEADER *hdr, const char *name);
60 static void mime_hdr_free(MIME_HEADER *hdr);
62 #define MAX_SMLEN 1024
63 #define mime_debug(x) /* x */
65 /* Output an ASN1 structure in BER format streaming if necessary */
67 int i2d_ASN1_bio_stream(BIO *out, ASN1_VALUE *val, BIO *in, int flags,
70 /* If streaming create stream BIO and copy all content through it */
71 if (flags & SMIME_STREAM) {
73 bio = BIO_new_NDEF(out, val, it);
75 ASN1err(ASN1_F_I2D_ASN1_BIO_STREAM, ERR_R_MALLOC_FAILURE);
78 SMIME_crlf_copy(in, bio, flags);
80 /* Free up successive BIOs until we hit the old output BIO */
88 * else just write out ASN1 structure which will have all content stored
92 ASN1_item_i2d_bio(it, out, val);
96 /* Base 64 read and write of ASN1 structure */
98 static int B64_write_ASN1(BIO *out, ASN1_VALUE *val, BIO *in, int flags,
103 b64 = BIO_new(BIO_f_base64());
105 ASN1err(ASN1_F_B64_WRITE_ASN1, ERR_R_MALLOC_FAILURE);
109 * prepend the b64 BIO so all data is base64 encoded.
111 out = BIO_push(b64, out);
112 r = i2d_ASN1_bio_stream(out, val, in, flags, it);
113 (void)BIO_flush(out);
119 /* Streaming ASN1 PEM write */
121 int PEM_write_bio_ASN1_stream(BIO *out, ASN1_VALUE *val, BIO *in, int flags,
122 const char *hdr, const ASN1_ITEM *it)
125 BIO_printf(out, "-----BEGIN %s-----\n", hdr);
126 r = B64_write_ASN1(out, val, in, flags, it);
127 BIO_printf(out, "-----END %s-----\n", hdr);
131 static ASN1_VALUE *b64_read_asn1(BIO *bio, const ASN1_ITEM *it)
136 if ((b64 = BIO_new(BIO_f_base64())) == NULL) {
137 ASN1err(ASN1_F_B64_READ_ASN1, ERR_R_MALLOC_FAILURE);
140 bio = BIO_push(b64, bio);
141 val = ASN1_item_d2i_bio(it, bio, NULL);
143 ASN1err(ASN1_F_B64_READ_ASN1, ASN1_R_DECODE_ERROR);
144 (void)BIO_flush(bio);
150 /* Generate the MIME "micalg" parameter from RFC3851, RFC4490 */
152 static int asn1_write_micalg(BIO *out, STACK_OF(X509_ALGOR) *mdalgs)
155 int i, have_unknown = 0, write_comma, ret = 0, md_nid;
158 for (i = 0; i < sk_X509_ALGOR_num(mdalgs); i++) {
160 BIO_write(out, ",", 1);
162 md_nid = OBJ_obj2nid(sk_X509_ALGOR_value(mdalgs, i)->algorithm);
163 md = EVP_get_digestbynid(md_nid);
164 if (md && md->md_ctrl) {
167 rv = md->md_ctrl(NULL, EVP_MD_CTRL_MICALG, 0, &micstr);
169 BIO_puts(out, micstr);
170 OPENSSL_free(micstr);
178 BIO_puts(out, "sha1");
182 BIO_puts(out, "md5");
186 BIO_puts(out, "sha-256");
190 BIO_puts(out, "sha-384");
194 BIO_puts(out, "sha-512");
197 case NID_id_GostR3411_94:
198 BIO_puts(out, "gostr3411-94");
205 BIO_puts(out, "unknown");
222 int SMIME_write_ASN1(BIO *bio, ASN1_VALUE *val, BIO *data, int flags,
223 int ctype_nid, int econt_nid,
224 STACK_OF(X509_ALGOR) *mdalgs, const ASN1_ITEM *it)
228 const char *mime_prefix, *mime_eol, *cname = "smime.p7m";
229 const char *msg_type = NULL;
230 if (flags & SMIME_OLDMIME)
231 mime_prefix = "application/x-pkcs7-";
233 mime_prefix = "application/pkcs7-";
235 if (flags & SMIME_CRLFEOL)
239 if ((flags & SMIME_DETACHED) && data) {
240 /* We want multipart/signed */
241 /* Generate a random boundary */
242 if (RAND_bytes((unsigned char *)bound, 32) <= 0)
244 for (i = 0; i < 32; i++) {
253 BIO_printf(bio, "MIME-Version: 1.0%s", mime_eol);
254 BIO_printf(bio, "Content-Type: multipart/signed;");
255 BIO_printf(bio, " protocol=\"%ssignature\";", mime_prefix);
256 BIO_puts(bio, " micalg=\"");
257 asn1_write_micalg(bio, mdalgs);
258 BIO_printf(bio, "\"; boundary=\"----%s\"%s%s",
259 bound, mime_eol, mime_eol);
260 BIO_printf(bio, "This is an S/MIME signed message%s%s",
262 /* Now write out the first part */
263 BIO_printf(bio, "------%s%s", bound, mime_eol);
264 if (!asn1_output_data(bio, data, val, flags, it))
266 BIO_printf(bio, "%s------%s%s", mime_eol, bound, mime_eol);
268 /* Headers for signature */
270 BIO_printf(bio, "Content-Type: %ssignature;", mime_prefix);
271 BIO_printf(bio, " name=\"smime.p7s\"%s", mime_eol);
272 BIO_printf(bio, "Content-Transfer-Encoding: base64%s", mime_eol);
273 BIO_printf(bio, "Content-Disposition: attachment;");
274 BIO_printf(bio, " filename=\"smime.p7s\"%s%s", mime_eol, mime_eol);
275 B64_write_ASN1(bio, val, NULL, 0, it);
276 BIO_printf(bio, "%s------%s--%s%s", mime_eol, bound,
281 /* Determine smime-type header */
283 if (ctype_nid == NID_pkcs7_enveloped)
284 msg_type = "enveloped-data";
285 else if (ctype_nid == NID_pkcs7_signed) {
286 if (econt_nid == NID_id_smime_ct_receipt)
287 msg_type = "signed-receipt";
288 else if (sk_X509_ALGOR_num(mdalgs) >= 0)
289 msg_type = "signed-data";
291 msg_type = "certs-only";
292 } else if (ctype_nid == NID_id_smime_ct_compressedData) {
293 msg_type = "compressed-data";
297 BIO_printf(bio, "MIME-Version: 1.0%s", mime_eol);
298 BIO_printf(bio, "Content-Disposition: attachment;");
299 BIO_printf(bio, " filename=\"%s\"%s", cname, mime_eol);
300 BIO_printf(bio, "Content-Type: %smime;", mime_prefix);
302 BIO_printf(bio, " smime-type=%s;", msg_type);
303 BIO_printf(bio, " name=\"%s\"%s", cname, mime_eol);
304 BIO_printf(bio, "Content-Transfer-Encoding: base64%s%s",
306 if (!B64_write_ASN1(bio, val, data, flags, it))
308 BIO_printf(bio, "%s", mime_eol);
312 /* Handle output of ASN1 data */
314 static int asn1_output_data(BIO *out, BIO *data, ASN1_VALUE *val, int flags,
318 const ASN1_AUX *aux = it->funcs;
319 ASN1_STREAM_ARG sarg;
323 * If data is not detached or resigning then the output BIO is already
324 * set up to finalise when it is written through.
326 if (!(flags & SMIME_DETACHED) || (flags & PKCS7_REUSE_DIGEST)) {
327 SMIME_crlf_copy(data, out, flags);
331 if (!aux || !aux->asn1_cb) {
332 ASN1err(ASN1_F_ASN1_OUTPUT_DATA, ASN1_R_STREAMING_NOT_SUPPORTED);
337 sarg.ndef_bio = NULL;
338 sarg.boundary = NULL;
340 /* Let ASN1 code prepend any needed BIOs */
342 if (aux->asn1_cb(ASN1_OP_DETACHED_PRE, &val, it, &sarg) <= 0)
345 /* Copy data across, passing through filter BIOs for processing */
346 SMIME_crlf_copy(data, sarg.ndef_bio, flags);
348 /* Finalize structure */
349 if (aux->asn1_cb(ASN1_OP_DETACHED_POST, &val, it, &sarg) <= 0)
352 /* Now remove any digests prepended to the BIO */
354 while (sarg.ndef_bio != out) {
355 tmpbio = BIO_pop(sarg.ndef_bio);
356 BIO_free(sarg.ndef_bio);
357 sarg.ndef_bio = tmpbio;
365 * SMIME reader: handle multipart/signed and opaque signing. in multipart
366 * case the content is placed in a memory BIO pointed to by "bcont". In
367 * opaque this is set to NULL
370 ASN1_VALUE *SMIME_read_ASN1(BIO *bio, BIO **bcont, const ASN1_ITEM *it)
373 STACK_OF(MIME_HEADER) *headers = NULL;
374 STACK_OF(BIO) *parts = NULL;
383 if ((headers = mime_parse_hdr(bio)) == NULL) {
384 ASN1err(ASN1_F_SMIME_READ_ASN1, ASN1_R_MIME_PARSE_ERROR);
388 if ((hdr = mime_hdr_find(headers, "content-type")) == NULL
389 || hdr->value == NULL) {
390 sk_MIME_HEADER_pop_free(headers, mime_hdr_free);
391 ASN1err(ASN1_F_SMIME_READ_ASN1, ASN1_R_NO_CONTENT_TYPE);
395 /* Handle multipart/signed */
397 if (strcmp(hdr->value, "multipart/signed") == 0) {
398 /* Split into two parts */
399 prm = mime_param_find(hdr, "boundary");
400 if (!prm || !prm->param_value) {
401 sk_MIME_HEADER_pop_free(headers, mime_hdr_free);
402 ASN1err(ASN1_F_SMIME_READ_ASN1, ASN1_R_NO_MULTIPART_BOUNDARY);
405 ret = multi_split(bio, prm->param_value, &parts);
406 sk_MIME_HEADER_pop_free(headers, mime_hdr_free);
407 if (!ret || (sk_BIO_num(parts) != 2)) {
408 ASN1err(ASN1_F_SMIME_READ_ASN1, ASN1_R_NO_MULTIPART_BODY_FAILURE);
409 sk_BIO_pop_free(parts, BIO_vfree);
413 /* Parse the signature piece */
414 asnin = sk_BIO_value(parts, 1);
416 if ((headers = mime_parse_hdr(asnin)) == NULL) {
417 ASN1err(ASN1_F_SMIME_READ_ASN1, ASN1_R_MIME_SIG_PARSE_ERROR);
418 sk_BIO_pop_free(parts, BIO_vfree);
422 /* Get content type */
424 if ((hdr = mime_hdr_find(headers, "content-type")) == NULL
425 || hdr->value == NULL) {
426 sk_MIME_HEADER_pop_free(headers, mime_hdr_free);
427 ASN1err(ASN1_F_SMIME_READ_ASN1, ASN1_R_NO_SIG_CONTENT_TYPE);
431 if (strcmp(hdr->value, "application/x-pkcs7-signature") &&
432 strcmp(hdr->value, "application/pkcs7-signature")) {
433 ASN1err(ASN1_F_SMIME_READ_ASN1, ASN1_R_SIG_INVALID_MIME_TYPE);
434 ERR_add_error_data(2, "type: ", hdr->value);
435 sk_MIME_HEADER_pop_free(headers, mime_hdr_free);
436 sk_BIO_pop_free(parts, BIO_vfree);
439 sk_MIME_HEADER_pop_free(headers, mime_hdr_free);
441 if ((val = b64_read_asn1(asnin, it)) == NULL) {
442 ASN1err(ASN1_F_SMIME_READ_ASN1, ASN1_R_ASN1_SIG_PARSE_ERROR);
443 sk_BIO_pop_free(parts, BIO_vfree);
448 *bcont = sk_BIO_value(parts, 0);
452 sk_BIO_pop_free(parts, BIO_vfree);
456 /* OK, if not multipart/signed try opaque signature */
458 if (strcmp(hdr->value, "application/x-pkcs7-mime") &&
459 strcmp(hdr->value, "application/pkcs7-mime")) {
460 ASN1err(ASN1_F_SMIME_READ_ASN1, ASN1_R_INVALID_MIME_TYPE);
461 ERR_add_error_data(2, "type: ", hdr->value);
462 sk_MIME_HEADER_pop_free(headers, mime_hdr_free);
466 sk_MIME_HEADER_pop_free(headers, mime_hdr_free);
468 if ((val = b64_read_asn1(bio, it)) == NULL) {
469 ASN1err(ASN1_F_SMIME_READ_ASN1, ASN1_R_ASN1_PARSE_ERROR);
476 /* Copy text from one BIO to another making the output CRLF at EOL */
477 int SMIME_crlf_copy(BIO *in, BIO *out, int flags)
482 char linebuf[MAX_SMLEN];
484 * Buffer output so we don't write one line at a time. This is useful
485 * when streaming as we don't end up with one OCTET STRING per line.
487 bf = BIO_new(BIO_f_buffer());
490 out = BIO_push(bf, out);
491 if (flags & SMIME_BINARY) {
492 while ((len = BIO_read(in, linebuf, MAX_SMLEN)) > 0)
493 BIO_write(out, linebuf, len);
496 if (flags & SMIME_TEXT)
497 BIO_printf(out, "Content-Type: text/plain\r\n\r\n");
498 while ((len = BIO_gets(in, linebuf, MAX_SMLEN)) > 0) {
499 eol = strip_eol(linebuf, &len, flags);
501 /* Not EOF: write out all CRLF */
502 if (flags & SMIME_ASCIICRLF) {
504 for (i = 0; i < eolcnt; i++)
505 BIO_write(out, "\r\n", 2);
508 BIO_write(out, linebuf, len);
510 BIO_write(out, "\r\n", 2);
511 } else if (flags & SMIME_ASCIICRLF)
514 BIO_write(out, "\r\n", 2);
517 (void)BIO_flush(out);
523 /* Strip off headers if they are text/plain */
524 int SMIME_text(BIO *in, BIO *out)
528 STACK_OF(MIME_HEADER) *headers;
531 if ((headers = mime_parse_hdr(in)) == NULL) {
532 ASN1err(ASN1_F_SMIME_TEXT, ASN1_R_MIME_PARSE_ERROR);
535 if ((hdr = mime_hdr_find(headers, "content-type")) == NULL
536 || hdr->value == NULL) {
537 ASN1err(ASN1_F_SMIME_TEXT, ASN1_R_MIME_NO_CONTENT_TYPE);
538 sk_MIME_HEADER_pop_free(headers, mime_hdr_free);
541 if (strcmp(hdr->value, "text/plain")) {
542 ASN1err(ASN1_F_SMIME_TEXT, ASN1_R_INVALID_MIME_TYPE);
543 ERR_add_error_data(2, "type: ", hdr->value);
544 sk_MIME_HEADER_pop_free(headers, mime_hdr_free);
547 sk_MIME_HEADER_pop_free(headers, mime_hdr_free);
548 while ((len = BIO_read(in, iobuf, sizeof(iobuf))) > 0)
549 BIO_write(out, iobuf, len);
556 * Split a multipart/XXX message body into component parts: result is
557 * canonical parts in a STACK of bios
560 static int multi_split(BIO *bio, const char *bound, STACK_OF(BIO) **ret)
562 char linebuf[MAX_SMLEN];
564 int eol = 0, next_eol = 0;
566 STACK_OF(BIO) *parts;
567 char state, part, first;
569 blen = strlen(bound);
573 parts = sk_BIO_new_null();
577 while ((len = BIO_gets(bio, linebuf, MAX_SMLEN)) > 0) {
578 state = mime_bound_check(linebuf, len, bound, blen);
582 } else if (state == 2) {
583 if (!sk_BIO_push(parts, bpart)) {
589 /* Strip CR+LF from linebuf */
590 next_eol = strip_eol(linebuf, &len, 0);
594 if (!sk_BIO_push(parts, bpart)) {
598 bpart = BIO_new(BIO_s_mem());
601 BIO_set_mem_eof_return(bpart, 0);
603 BIO_write(bpart, "\r\n", 2);
606 BIO_write(bpart, linebuf, len);
613 /* This is the big one: parse MIME header lines up to message body */
615 #define MIME_INVALID 0
621 #define MIME_COMMENT 6
623 static STACK_OF(MIME_HEADER) *mime_parse_hdr(BIO *bio)
627 char linebuf[MAX_SMLEN];
628 MIME_HEADER *mhdr = NULL;
629 STACK_OF(MIME_HEADER) *headers;
630 int len, state, save_state = 0;
632 headers = sk_MIME_HEADER_new(mime_hdr_cmp);
635 while ((len = BIO_gets(bio, linebuf, MAX_SMLEN)) > 0) {
636 /* If whitespace at line start then continuation line */
637 if (mhdr && isspace((unsigned char)linebuf[0]))
642 /* Go through all characters */
643 for (p = linebuf, q = linebuf; (c = *p) && (c != '\r') && (c != '\n');
647 * State machine to handle MIME headers if this looks horrible
648 * that's because it *is*
656 ntmp = strip_ends(q);
663 mime_debug("Found End Value\n");
665 mhdr = mime_hdr_new(ntmp, strip_ends(q));
666 sk_MIME_HEADER_push(headers, mhdr);
670 } else if (c == '(') {
672 state = MIME_COMMENT;
686 ntmp = strip_ends(q);
695 mime_hdr_addparam(mhdr, ntmp, strip_ends(q));
698 } else if (c == '"') {
699 mime_debug("Found Quote\n");
701 } else if (c == '(') {
703 state = MIME_COMMENT;
709 mime_debug("Found Match Quote\n");
716 if (state == MIME_TYPE) {
717 mhdr = mime_hdr_new(ntmp, strip_ends(q));
718 sk_MIME_HEADER_push(headers, mhdr);
719 } else if (state == MIME_VALUE)
720 mime_hdr_addparam(mhdr, ntmp, strip_ends(q));
722 break; /* Blank line means end of headers */
729 static char *strip_ends(char *name)
731 return strip_end(strip_start(name));
734 /* Strip a parameter of whitespace from start of param */
735 static char *strip_start(char *name)
738 /* Look for first non white space or quote */
739 for (p = name; (c = *p); p++) {
741 /* Next char is start of string if non null */
744 /* Else null string */
747 if (!isspace((unsigned char)c))
753 /* As above but strip from end of string : maybe should handle brackets? */
754 static char *strip_end(char *name)
759 /* Look for first non white space or quote */
760 for (p = name + strlen(name) - 1; p >= name; p--) {
768 if (isspace((unsigned char)c))
776 static MIME_HEADER *mime_hdr_new(const char *name, const char *value)
778 MIME_HEADER *mhdr = NULL;
779 char *tmpname = NULL, *tmpval = NULL, *p;
783 if ((tmpname = OPENSSL_strdup(name)) == NULL)
785 for (p = tmpname; *p; p++) {
786 c = (unsigned char)*p;
794 if ((tmpval = OPENSSL_strdup(value)) == NULL)
796 for (p = tmpval; *p; p++) {
797 c = (unsigned char)*p;
804 mhdr = OPENSSL_malloc(sizeof(*mhdr));
807 mhdr->name = tmpname;
808 mhdr->value = tmpval;
809 if ((mhdr->params = sk_MIME_PARAM_new(mime_param_cmp)) == NULL)
814 OPENSSL_free(tmpname);
815 OPENSSL_free(tmpval);
820 static int mime_hdr_addparam(MIME_HEADER *mhdr, const char *name, const char *value)
822 char *tmpname = NULL, *tmpval = NULL, *p;
824 MIME_PARAM *mparam = NULL;
826 tmpname = OPENSSL_strdup(name);
829 for (p = tmpname; *p; p++) {
830 c = (unsigned char)*p;
838 tmpval = OPENSSL_strdup(value);
842 /* Parameter values are case sensitive so leave as is */
843 mparam = OPENSSL_malloc(sizeof(*mparam));
846 mparam->param_name = tmpname;
847 mparam->param_value = tmpval;
848 if (!sk_MIME_PARAM_push(mhdr->params, mparam))
852 OPENSSL_free(tmpname);
853 OPENSSL_free(tmpval);
854 OPENSSL_free(mparam);
858 static int mime_hdr_cmp(const MIME_HEADER *const *a,
859 const MIME_HEADER *const *b)
861 if (!(*a)->name || !(*b)->name)
862 return ! !(*a)->name - ! !(*b)->name;
864 return (strcmp((*a)->name, (*b)->name));
867 static int mime_param_cmp(const MIME_PARAM *const *a,
868 const MIME_PARAM *const *b)
870 if (!(*a)->param_name || !(*b)->param_name)
871 return ! !(*a)->param_name - ! !(*b)->param_name;
872 return (strcmp((*a)->param_name, (*b)->param_name));
875 /* Find a header with a given name (if possible) */
877 static MIME_HEADER *mime_hdr_find(STACK_OF(MIME_HEADER) *hdrs, const char *name)
882 htmp.name = (char *)name;
886 idx = sk_MIME_HEADER_find(hdrs, &htmp);
889 return sk_MIME_HEADER_value(hdrs, idx);
892 static MIME_PARAM *mime_param_find(MIME_HEADER *hdr, const char *name)
897 param.param_name = (char *)name;
898 param.param_value = NULL;
899 idx = sk_MIME_PARAM_find(hdr->params, ¶m);
902 return sk_MIME_PARAM_value(hdr->params, idx);
905 static void mime_hdr_free(MIME_HEADER *hdr)
907 OPENSSL_free(hdr->name);
908 OPENSSL_free(hdr->value);
910 sk_MIME_PARAM_pop_free(hdr->params, mime_param_free);
914 static void mime_param_free(MIME_PARAM *param)
916 OPENSSL_free(param->param_name);
917 OPENSSL_free(param->param_value);
922 * Check for a multipart boundary. Returns:
927 static int mime_bound_check(char *line, int linelen, const char *bound, int blen)
930 linelen = strlen(line);
932 blen = strlen(bound);
933 /* Quickly eliminate if line length too short */
934 if (blen + 2 > linelen)
936 /* Check for part boundary */
937 if ((strncmp(line, "--", 2) == 0)
938 && strncmp(line + 2, bound, blen) == 0) {
939 if (strncmp(line + blen + 2, "--", 2) == 0)
947 static int strip_eol(char *linebuf, int *plen, int flags)
952 p = linebuf + len - 1;
953 for (p = linebuf + len - 1; len > 0; len--, p--) {
957 else if (is_eol && flags & SMIME_ASCIICRLF && c < 33)
projects / openssl.git / blob