crypto/evp/evp_test.c

   1 /* Written by Ben Laurie, 2001 */
   2 /*
   3  * Copyright (c) 2001 The OpenSSL Project.  All rights reserved.
   4  *
   5  * Redistribution and use in source and binary forms, with or without
   6  * modification, are permitted provided that the following conditions
   7  * are met:
   8  *
   9  * 1. Redistributions of source code must retain the above copyright
  10  *    notice, this list of conditions and the following disclaimer.
  11  *
  12  * 2. Redistributions in binary form must reproduce the above copyright
  13  *    notice, this list of conditions and the following disclaimer in
  14  *    the documentation and/or other materials provided with the
  15  *    distribution.
  16  *
  17  * 3. All advertising materials mentioning features or use of this
  18  *    software must display the following acknowledgment:
  19  *    "This product includes software developed by the OpenSSL Project
  20  *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
  21  *
  22  * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
  23  *    endorse or promote products derived from this software without
  24  *    prior written permission. For written permission, please contact
  25  *    openssl-core@openssl.org.
  26  *
  27  * 5. Products derived from this software may not be called "OpenSSL"
  28  *    nor may "OpenSSL" appear in their names without prior written
  29  *    permission of the OpenSSL Project.
  30  *
  31  * 6. Redistributions of any form whatsoever must retain the following
  32  *    acknowledgment:
  33  *    "This product includes software developed by the OpenSSL Project
  34  *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
  35  *
  36  * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
  37  * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
  38  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
  39  * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
  40  * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
  41  * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
  42  * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
  43  * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
  44  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
  45  * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
  46  * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
  47  * OF THE POSSIBILITY OF SUCH DAMAGE.
  48  */
  49
  50 #include <stdio.h>
  51 #include <string.h>
  52
  53 #include "../e_os.h"
  54
  55 #include <openssl/opensslconf.h>
  56 #include <openssl/evp.h>
  57 #ifndef OPENSSL_NO_ENGINE
  58 #include <openssl/engine.h>
  59 #endif
  60 #include <openssl/err.h>
  61 #include <openssl/conf.h>
  62
  63 static void hexdump(FILE *f,const char *title,const unsigned char *s,int l)
  64     {
  65     int n=0;
  66
  67     fprintf(f,"%s",title);
  68     for( ; n < l ; ++n)
  69         {
  70         if((n%16) == 0)
  71             fprintf(f,"\n%04x",n);
  72         fprintf(f," %02x",s[n]);
  73         }
  74     fprintf(f,"\n");
  75     }
  76
  77 static int convert(unsigned char *s)
  78     {
  79     unsigned char *d;
  80
  81     for(d=s ; *s ; s+=2,++d)
  82         {
  83         unsigned int n;
  84
  85         if(!s[1])
  86             {
  87             fprintf(stderr,"Odd number of hex digits!");
  88             EXIT(4);
  89             }
  90         sscanf((char *)s,"%2x",&n);
  91         *d=(unsigned char)n;
  92         }
  93     return s-d;
  94     }
  95
  96 static char *sstrsep(char **string, const char *delim)
  97     {
  98     char isdelim[256];
  99     char *token = *string;
 100
 101     if (**string == 0)
 102         return NULL;
 103
 104     memset(isdelim, 0, 256);
 105     isdelim[0] = 1;
 106
 107     while (*delim)
 108         {
 109         isdelim[(unsigned char)(*delim)] = 1;
 110         delim++;
 111         }
 112
 113     while (!isdelim[(unsigned char)(**string)])
 114         {
 115         (*string)++;
 116         }
 117
 118     if (**string)
 119         {
 120         **string = 0;
 121         (*string)++;
 122         }
 123
 124     return token;
 125     }
 126
 127 static unsigned char *ustrsep(char **p,const char *sep)
 128     { return (unsigned char *)sstrsep(p,sep); }
 129
 130 static int test1_exit(int ec)
 131         {
 132         EXIT(ec);
 133         return(0);              /* To keep some compilers quiet */
 134         }
 135
 136 static void test1(const EVP_CIPHER *c,const unsigned char *key,int kn,
 137                   const unsigned char *iv,int in,
 138                   const unsigned char *plaintext,int pn,
 139                   const unsigned char *ciphertext,int cn,
 140                   const unsigned char *aad,int an,
 141                   const unsigned char *tag,int tn,
 142                   int encdec)
 143     {
 144     EVP_CIPHER_CTX ctx;
 145     unsigned char out[4096];
 146     int outl,outl2,mode;
 147
 148     printf("Testing cipher %s%s\n",EVP_CIPHER_name(c),
 149            (encdec == 1 ? "(encrypt)" : (encdec == 0 ? "(decrypt)" : "(encrypt/decrypt)")));
 150     hexdump(stdout,"Key",key,kn);
 151     if(in)
 152         hexdump(stdout,"IV",iv,in);
 153     hexdump(stdout,"Plaintext",plaintext,pn);
 154     hexdump(stdout,"Ciphertext",ciphertext,cn);
 155     if (an)
 156         hexdump(stdout,"AAD",aad,an);
 157     if (tn)
 158         hexdump(stdout,"Tag",tag,tn);
 159     mode = EVP_CIPHER_mode(c);
 160     if(kn != EVP_CIPHER_key_length(c))
 161         {
 162         fprintf(stderr,"Key length doesn't match, got %d expected %lu\n",kn,
 163                 (unsigned long)EVP_CIPHER_key_length(c));
 164         test1_exit(5);
 165         }
 166     EVP_CIPHER_CTX_init(&ctx);
 167     if (encdec != 0)
 168         {
 169         if (mode == EVP_CIPH_GCM_MODE)
 170             {
 171             if(!EVP_EncryptInit_ex(&ctx,c,NULL,NULL,NULL))
 172                 {
 173                 fprintf(stderr,"EncryptInit failed\n");
 174                 ERR_print_errors_fp(stderr);
 175                 test1_exit(10);
 176                 }
 177             if(!EVP_CIPHER_CTX_ctrl(&ctx, EVP_CTRL_GCM_SET_IVLEN, in, NULL))
 178                 {
 179                 fprintf(stderr,"IV length set failed\n");
 180                 ERR_print_errors_fp(stderr);
 181                 test1_exit(11);
 182                 }
 183             if(!EVP_EncryptInit_ex(&ctx,NULL,NULL,key,iv))
 184                 {
 185                 fprintf(stderr,"Key/IV set failed\n");
 186                 ERR_print_errors_fp(stderr);
 187                 test1_exit(12);
 188                 }
 189             if (an && !EVP_EncryptUpdate(&ctx,NULL,&outl,aad,an))
 190                 {
 191                 fprintf(stderr,"AAD set failed\n");
 192                 ERR_print_errors_fp(stderr);
 193                 test1_exit(13);
 194                 }
 195             }
 196         else if (mode == EVP_CIPH_CCM_MODE)
 197             {
 198             if(!EVP_EncryptInit_ex(&ctx,c,NULL,NULL,NULL))
 199                 {
 200                 fprintf(stderr,"EncryptInit failed\n");
 201                 ERR_print_errors_fp(stderr);
 202                 test1_exit(10);
 203                 }
 204             if(!EVP_CIPHER_CTX_ctrl(&ctx, EVP_CTRL_CCM_SET_IVLEN, in, NULL))
 205                 {
 206                 fprintf(stderr,"IV length set failed\n");
 207                 ERR_print_errors_fp(stderr);
 208                 test1_exit(11);
 209                 }
 210             if(!EVP_CIPHER_CTX_ctrl(&ctx, EVP_CTRL_CCM_SET_TAG, tn, NULL))
 211                 {
 212                 fprintf(stderr,"Tag length set failed\n");
 213                 ERR_print_errors_fp(stderr);
 214                 test1_exit(11);
 215                 }
 216             if(!EVP_EncryptInit_ex(&ctx,NULL,NULL,key,iv))
 217                 {
 218                 fprintf(stderr,"Key/IV set failed\n");
 219                 ERR_print_errors_fp(stderr);
 220                 test1_exit(12);
 221                 }
 222             if (!EVP_EncryptUpdate(&ctx,NULL,&outl,NULL,pn))
 223                 {
 224                 fprintf(stderr,"Plaintext length set failed\n");
 225                 ERR_print_errors_fp(stderr);
 226                 test1_exit(12);
 227                 }
 228             if (an && !EVP_EncryptUpdate(&ctx,NULL,&outl,aad,an))
 229                 {
 230                 fprintf(stderr,"AAD set failed\n");
 231                 ERR_print_errors_fp(stderr);
 232                 test1_exit(13);
 233                 }
 234             }
 235         else if(!EVP_EncryptInit_ex(&ctx,c,NULL,key,iv))
 236             {
 237             fprintf(stderr,"EncryptInit failed\n");
 238             ERR_print_errors_fp(stderr);
 239             test1_exit(10);
 240             }
 241         EVP_CIPHER_CTX_set_padding(&ctx,0);
 242
 243         if(!EVP_EncryptUpdate(&ctx,out,&outl,plaintext,pn))
 244             {
 245             fprintf(stderr,"Encrypt failed\n");
 246             ERR_print_errors_fp(stderr);
 247             test1_exit(6);
 248             }
 249         if(!EVP_EncryptFinal_ex(&ctx,out+outl,&outl2))
 250             {
 251             fprintf(stderr,"EncryptFinal failed\n");
 252             ERR_print_errors_fp(stderr);
 253             test1_exit(7);
 254             }
 255
 256         if(outl+outl2 != cn)
 257             {
 258             fprintf(stderr,"Ciphertext length mismatch got %d expected %d\n",
 259                     outl+outl2,cn);
 260             test1_exit(8);
 261             }
 262
 263         if(memcmp(out,ciphertext,cn))
 264             {
 265             fprintf(stderr,"Ciphertext mismatch\n");
 266             hexdump(stderr,"Got",out,cn);
 267             hexdump(stderr,"Expected",ciphertext,cn);
 268             test1_exit(9);
 269             }
 270         if (mode == EVP_CIPH_GCM_MODE || mode == EVP_CIPH_CCM_MODE)
 271             {
 272             unsigned char rtag[16];
 273             /* Note: EVP_CTRL_CCM_GET_TAG has same value as
 274              * EVP_CTRL_GCM_GET_TAG
 275              */
 276             if (!EVP_CIPHER_CTX_ctrl(&ctx, EVP_CTRL_GCM_GET_TAG, tn, rtag))
 277                 {
 278                 fprintf(stderr,"Get tag failed\n");
 279                 ERR_print_errors_fp(stderr);
 280                 test1_exit(14);
 281                 }
 282             if (memcmp(rtag, tag, tn))
 283                 {
 284                 fprintf(stderr,"Tag mismatch\n");
 285                 hexdump(stderr,"Got",rtag,tn);
 286                 hexdump(stderr,"Expected",tag,tn);
 287                 test1_exit(9);
 288                 }
 289             }
 290         }
 291
 292     if (encdec <= 0)
 293         {
 294         if (mode == EVP_CIPH_GCM_MODE)
 295             {
 296             if(!EVP_DecryptInit_ex(&ctx,c,NULL,NULL,NULL))
 297                 {
 298                 fprintf(stderr,"EncryptInit failed\n");
 299                 ERR_print_errors_fp(stderr);
 300                 test1_exit(10);
 301                 }
 302             if(!EVP_CIPHER_CTX_ctrl(&ctx, EVP_CTRL_GCM_SET_IVLEN, in, NULL))
 303                 {
 304                 fprintf(stderr,"IV length set failed\n");
 305                 ERR_print_errors_fp(stderr);
 306                 test1_exit(11);
 307                 }
 308             if(!EVP_DecryptInit_ex(&ctx,NULL,NULL,key,iv))
 309                 {
 310                 fprintf(stderr,"Key/IV set failed\n");
 311                 ERR_print_errors_fp(stderr);
 312                 test1_exit(12);
 313                 }
 314             if (!EVP_CIPHER_CTX_ctrl(&ctx, EVP_CTRL_GCM_SET_TAG, tn, (void *)tag))
 315                 {
 316                 fprintf(stderr,"Set tag failed\n");
 317                 ERR_print_errors_fp(stderr);
 318                 test1_exit(14);
 319                 }
 320             if (an && !EVP_DecryptUpdate(&ctx,NULL,&outl,aad,an))
 321                 {
 322                 fprintf(stderr,"AAD set failed\n");
 323                 ERR_print_errors_fp(stderr);
 324                 test1_exit(13);
 325                 }
 326             }
 327         else if (mode == EVP_CIPH_CCM_MODE)
 328             {
 329             if(!EVP_DecryptInit_ex(&ctx,c,NULL,NULL,NULL))
 330                 {
 331                 fprintf(stderr,"DecryptInit failed\n");
 332                 ERR_print_errors_fp(stderr);
 333                 test1_exit(10);
 334                 }
 335             if(!EVP_CIPHER_CTX_ctrl(&ctx, EVP_CTRL_CCM_SET_IVLEN, in, NULL))
 336                 {
 337                 fprintf(stderr,"IV length set failed\n");
 338                 ERR_print_errors_fp(stderr);
 339                 test1_exit(11);
 340                 }
 341             if(!EVP_CIPHER_CTX_ctrl(&ctx, EVP_CTRL_CCM_SET_TAG, tn, (void *)tag))
 342                 {
 343                 fprintf(stderr,"Tag length set failed\n");
 344                 ERR_print_errors_fp(stderr);
 345                 test1_exit(11);
 346                 }
 347             if(!EVP_DecryptInit_ex(&ctx,NULL,NULL,key,iv))
 348                 {
 349                 fprintf(stderr,"Key/Nonce set failed\n");
 350                 ERR_print_errors_fp(stderr);
 351                 test1_exit(12);
 352                 }
 353             if (!EVP_DecryptUpdate(&ctx,NULL,&outl,NULL,pn))
 354                 {
 355                 fprintf(stderr,"Plaintext length set failed\n");
 356                 ERR_print_errors_fp(stderr);
 357                 test1_exit(12);
 358                 }
 359             if (an && !EVP_EncryptUpdate(&ctx,NULL,&outl,aad,an))
 360                 {
 361                 fprintf(stderr,"AAD set failed\n");
 362                 ERR_print_errors_fp(stderr);
 363                 test1_exit(13);
 364                 }
 365             }
 366         else if(!EVP_DecryptInit_ex(&ctx,c,NULL,key,iv))
 367             {
 368             fprintf(stderr,"DecryptInit failed\n");
 369             ERR_print_errors_fp(stderr);
 370             test1_exit(11);
 371             }
 372         EVP_CIPHER_CTX_set_padding(&ctx,0);
 373
 374         if(!EVP_DecryptUpdate(&ctx,out,&outl,ciphertext,cn))
 375             {
 376             fprintf(stderr,"Decrypt failed\n");
 377             ERR_print_errors_fp(stderr);
 378             test1_exit(6);
 379             }
 380         if(mode != EVP_CIPH_CCM_MODE && !EVP_DecryptFinal_ex(&ctx,out+outl,&outl2))
 381             {
 382             fprintf(stderr,"DecryptFinal failed\n");
 383             ERR_print_errors_fp(stderr);
 384             test1_exit(7);
 385             }
 386
 387         if(outl+outl2 != pn)
 388             {
 389             fprintf(stderr,"Plaintext length mismatch got %d expected %d\n",
 390                     outl+outl2,pn);
 391             test1_exit(8);
 392             }
 393
 394         if(memcmp(out,plaintext,pn))
 395             {
 396             fprintf(stderr,"Plaintext mismatch\n");
 397             hexdump(stderr,"Got",out,pn);
 398             hexdump(stderr,"Expected",plaintext,pn);
 399             test1_exit(9);
 400             }
 401         }
 402
 403     EVP_CIPHER_CTX_cleanup(&ctx);
 404
 405     printf("\n");
 406     }
 407
 408 static int test_cipher(const char *cipher,const unsigned char *key,int kn,
 409                        const unsigned char *iv,int in,
 410                        const unsigned char *plaintext,int pn,
 411                        const unsigned char *ciphertext,int cn,
 412                        const unsigned char *aad,int an,
 413                        const unsigned char *tag,int tn,
 414                        int encdec)
 415     {
 416     const EVP_CIPHER *c;
 417
 418     c=EVP_get_cipherbyname(cipher);
 419     if(!c)
 420         return 0;
 421
 422     test1(c,key,kn,iv,in,plaintext,pn,ciphertext,cn,aad,an,tag,tn,encdec);
 423
 424     return 1;
 425     }
 426
 427 static int test_digest(const char *digest,
 428                        const unsigned char *plaintext,int pn,
 429                        const unsigned char *ciphertext, unsigned int cn)
 430     {
 431     const EVP_MD *d;
 432     EVP_MD_CTX ctx;
 433     unsigned char md[EVP_MAX_MD_SIZE];
 434     unsigned int mdn;
 435
 436     d=EVP_get_digestbyname(digest);
 437     if(!d)
 438         return 0;
 439
 440     printf("Testing digest %s\n",EVP_MD_name(d));
 441     hexdump(stdout,"Plaintext",plaintext,pn);
 442     hexdump(stdout,"Digest",ciphertext,cn);
 443
 444     EVP_MD_CTX_init(&ctx);
 445     if(!EVP_DigestInit_ex(&ctx,d, NULL))
 446         {
 447         fprintf(stderr,"DigestInit failed\n");
 448         ERR_print_errors_fp(stderr);
 449         EXIT(100);
 450         }
 451     if(!EVP_DigestUpdate(&ctx,plaintext,pn))
 452         {
 453         fprintf(stderr,"DigestUpdate failed\n");
 454         ERR_print_errors_fp(stderr);
 455         EXIT(101);
 456         }
 457     if(!EVP_DigestFinal_ex(&ctx,md,&mdn))
 458         {
 459         fprintf(stderr,"DigestFinal failed\n");
 460         ERR_print_errors_fp(stderr);
 461         EXIT(101);
 462         }
 463     EVP_MD_CTX_cleanup(&ctx);
 464
 465     if(mdn != cn)
 466         {
 467         fprintf(stderr,"Digest length mismatch, got %d expected %d\n",mdn,cn);
 468         EXIT(102);
 469         }
 470
 471     if(memcmp(md,ciphertext,cn))
 472         {
 473         fprintf(stderr,"Digest mismatch\n");
 474         hexdump(stderr,"Got",md,cn);
 475         hexdump(stderr,"Expected",ciphertext,cn);
 476         EXIT(103);
 477         }
 478
 479     printf("\n");
 480
 481     EVP_MD_CTX_cleanup(&ctx);
 482
 483     return 1;
 484     }
 485
 486 int main(int argc,char **argv)
 487     {
 488     const char *szTestFile;
 489     FILE *f;
 490
 491     if(argc != 2)
 492         {
 493         fprintf(stderr,"%s <test file>\n",argv[0]);
 494         EXIT(1);
 495         }
 496     CRYPTO_malloc_debug_init();
 497     CRYPTO_set_mem_debug_options(V_CRYPTO_MDEBUG_ALL);
 498     CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
 499
 500     szTestFile=argv[1];
 501
 502     f=fopen(szTestFile,"r");
 503     if(!f)
 504         {
 505         perror(szTestFile);
 506         EXIT(2);
 507         }
 508
 509     /* Load up the software EVP_CIPHER and EVP_MD definitions */
 510     OpenSSL_add_all_ciphers();
 511     OpenSSL_add_all_digests();
 512 #ifndef OPENSSL_NO_ENGINE
 513     /* Load all compiled-in ENGINEs */
 514     ENGINE_load_builtin_engines();
 515 #endif
 516 #if 0
 517     OPENSSL_config();
 518 #endif
 519 #ifndef OPENSSL_NO_ENGINE
 520     /* Register all available ENGINE implementations of ciphers and digests.
 521      * This could perhaps be changed to "ENGINE_register_all_complete()"? */
 522     ENGINE_register_all_ciphers();
 523     ENGINE_register_all_digests();
 524     /* If we add command-line options, this statement should be switchable.
 525      * It'll prevent ENGINEs being ENGINE_init()ialised for cipher/digest use if
 526      * they weren't already initialised. */
 527     /* ENGINE_set_cipher_flags(ENGINE_CIPHER_FLAG_NOINIT); */
 528 #endif
 529
 530     for( ; ; )
 531         {
 532         char line[4096];
 533         char *p;
 534         char *cipher;
 535         unsigned char *iv,*key,*plaintext,*ciphertext,*aad,*tag;
 536         int encdec;
 537         int kn,in,pn,cn,an,tn;
 538
 539         if(!fgets((char *)line,sizeof line,f))
 540             break;
 541         if(line[0] == '#' || line[0] == '\n')
 542             continue;
 543         p=line;
 544         cipher=sstrsep(&p,":");
 545         key=ustrsep(&p,":");
 546         iv=ustrsep(&p,":");
 547         plaintext=ustrsep(&p,":");
 548         ciphertext=ustrsep(&p,":");
 549         if (p[-1] == '\n') {
 550             encdec = -1;
 551             p[-1] = '\0';
 552             tag=aad=NULL;
 553             an=tn=0;
 554         } else {
 555             aad=ustrsep(&p,":");
 556             tag=ustrsep(&p,":");
 557             if (tag == NULL) {
 558                 p = (char *)aad;
 559                 tag=aad=NULL;
 560                 an=tn=0;
 561             }
 562             if (p [-1] == '\n') {
 563                 encdec = -1;
 564                 p[-1] = '\0';
 565             } else
 566                 encdec = atoi(sstrsep(&p,"\n"));
 567         }
 568
 569         kn=convert(key);
 570         in=convert(iv);
 571         pn=convert(plaintext);
 572         cn=convert(ciphertext);
 573         if (aad) {
 574             an=convert(aad);
 575             tn=convert(tag);
 576         }
 577
 578         if(!test_cipher(cipher,key,kn,iv,in,plaintext,pn,ciphertext,cn,aad,an,tag,tn,encdec)
 579            && !test_digest(cipher,plaintext,pn,ciphertext,cn))
 580             {
 581 #ifdef OPENSSL_NO_AES
 582             if (strstr(cipher, "AES") == cipher)
 583                 {
 584                 fprintf(stdout, "Cipher disabled, skipping %s\n", cipher);
 585                 continue;
 586                 }
 587 #endif
 588 #ifdef OPENSSL_NO_DES
 589             if (strstr(cipher, "DES") == cipher)
 590                 {
 591                 fprintf(stdout, "Cipher disabled, skipping %s\n", cipher);
 592                 continue;
 593                 }
 594 #endif
 595 #ifdef OPENSSL_NO_RC4
 596             if (strstr(cipher, "RC4") == cipher)
 597                 {
 598                 fprintf(stdout, "Cipher disabled, skipping %s\n", cipher);
 599                 continue;
 600                 }
 601 #endif
 602 #ifdef OPENSSL_NO_CAMELLIA
 603             if (strstr(cipher, "CAMELLIA") == cipher)
 604                 {
 605                 fprintf(stdout, "Cipher disabled, skipping %s\n", cipher);
 606                 continue;
 607                 }
 608 #endif
 609 #ifdef OPENSSL_NO_SEED
 610             if (strstr(cipher, "SEED") == cipher)
 611                 {
 612                 fprintf(stdout, "Cipher disabled, skipping %s\n", cipher);
 613                 continue;
 614                 }
 615 #endif
 616             fprintf(stderr,"Can't find %s\n",cipher);
 617             EXIT(3);
 618             }
 619         }
 620         fclose(f);
 621
 622 #ifndef OPENSSL_NO_ENGINE
 623     ENGINE_cleanup();
 624 #endif
 625     EVP_cleanup();
 626     CRYPTO_cleanup_all_ex_data();
 627     ERR_remove_thread_state(NULL);
 628     ERR_free_strings();
 629     CRYPTO_mem_leaks_fp(stderr);
 630
 631     return 0;
 632     }