crypto/evp/evp_test.c

   1 /* Written by Ben Laurie, 2001 */
   2 /*
   3  * Copyright (c) 2001 The OpenSSL Project.  All rights reserved.
   4  *
   5  * Redistribution and use in source and binary forms, with or without
   6  * modification, are permitted provided that the following conditions
   7  * are met:
   8  *
   9  * 1. Redistributions of source code must retain the above copyright
  10  *    notice, this list of conditions and the following disclaimer.
  11  *
  12  * 2. Redistributions in binary form must reproduce the above copyright
  13  *    notice, this list of conditions and the following disclaimer in
  14  *    the documentation and/or other materials provided with the
  15  *    distribution.
  16  *
  17  * 3. All advertising materials mentioning features or use of this
  18  *    software must display the following acknowledgment:
  19  *    "This product includes software developed by the OpenSSL Project
  20  *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
  21  *
  22  * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
  23  *    endorse or promote products derived from this software without
  24  *    prior written permission. For written permission, please contact
  25  *    openssl-core@openssl.org.
  26  *
  27  * 5. Products derived from this software may not be called "OpenSSL"
  28  *    nor may "OpenSSL" appear in their names without prior written
  29  *    permission of the OpenSSL Project.
  30  *
  31  * 6. Redistributions of any form whatsoever must retain the following
  32  *    acknowledgment:
  33  *    "This product includes software developed by the OpenSSL Project
  34  *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
  35  *
  36  * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
  37  * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
  38  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
  39  * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
  40  * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
  41  * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
  42  * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
  43  * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
  44  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
  45  * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
  46  * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
  47  * OF THE POSSIBILITY OF SUCH DAMAGE.
  48  */
  49
  50 #include <stdio.h>
  51 #include <string.h>
  52
  53 #include "../e_os.h"
  54
  55 #include <openssl/opensslconf.h>
  56 #include <openssl/evp.h>
  57 #ifndef OPENSSL_NO_ENGINE
  58 #include <openssl/engine.h>
  59 #endif
  60 #include <openssl/err.h>
  61 #include <openssl/conf.h>
  62
  63 static void hexdump(FILE *f,const char *title,const unsigned char *s,int l)
  64     {
  65     int n=0;
  66
  67     fprintf(f,"%s",title);
  68     for( ; n < l ; ++n)
  69         {
  70         if((n%16) == 0)
  71             fprintf(f,"\n%04x",n);
  72         fprintf(f," %02x",s[n]);
  73         }
  74     fprintf(f,"\n");
  75     }
  76
  77 static int convert(unsigned char *s)
  78     {
  79     unsigned char *d;
  80
  81     for(d=s ; *s ; s+=2,++d)
  82         {
  83         unsigned int n;
  84
  85         if(!s[1])
  86             {
  87             fprintf(stderr,"Odd number of hex digits!");
  88             EXIT(4);
  89             }
  90         sscanf((char *)s,"%2x",&n);
  91         *d=(unsigned char)n;
  92         }
  93     return s-d;
  94     }
  95
  96 static char *sstrsep(char **string, const char *delim)
  97     {
  98     char isdelim[256];
  99     char *token = *string;
 100
 101     if (**string == 0)
 102         return NULL;
 103
 104     memset(isdelim, 0, 256);
 105     isdelim[0] = 1;
 106
 107     while (*delim)
 108         {
 109         isdelim[(unsigned char)(*delim)] = 1;
 110         delim++;
 111         }
 112
 113     while (!isdelim[(unsigned char)(**string)])
 114         {
 115         (*string)++;
 116         }
 117
 118     if (**string)
 119         {
 120         **string = 0;
 121         (*string)++;
 122         }
 123
 124     return token;
 125     }
 126
 127 static unsigned char *ustrsep(char **p,const char *sep)
 128     { return (unsigned char *)sstrsep(p,sep); }
 129
 130 static int test1_exit(int ec)
 131         {
 132         EXIT(ec);
 133         return(0);              /* To keep some compilers quiet */
 134         }
 135
 136 static void test1(const EVP_CIPHER *c,const unsigned char *key,int kn,
 137                   const unsigned char *iv,int in,
 138                   const unsigned char *plaintext,int pn,
 139                   const unsigned char *ciphertext,int cn,
 140                   const unsigned char *aad,int an,
 141                   const unsigned char *tag,int tn,
 142                   int encdec)
 143     {
 144     EVP_CIPHER_CTX ctx;
 145     unsigned char out[4096];
 146     int outl,outl2,mode;
 147
 148     printf("Testing cipher %s%s\n",EVP_CIPHER_name(c),
 149            (encdec == 1 ? "(encrypt)" : (encdec == 0 ? "(decrypt)" : "(encrypt/decrypt)")));
 150     hexdump(stdout,"Key",key,kn);
 151     if(in)
 152         hexdump(stdout,"IV",iv,in);
 153     hexdump(stdout,"Plaintext",plaintext,pn);
 154     hexdump(stdout,"Ciphertext",ciphertext,cn);
 155     if (an)
 156         hexdump(stdout,"AAD",aad,an);
 157     if (tn)
 158         hexdump(stdout,"Tag",tag,tn);
 159     mode = EVP_CIPHER_mode(c);
 160     if(kn != EVP_CIPHER_key_length(c))
 161         {
 162         fprintf(stderr,"Key length doesn't match, got %d expected %lu\n",kn,
 163                 (unsigned long)EVP_CIPHER_key_length(c));
 164         test1_exit(5);
 165         }
 166     EVP_CIPHER_CTX_init(&ctx);
 167     EVP_CIPHER_CTX_set_flags(&ctx,EVP_CIPHER_CTX_FLAG_WRAP_ALLOW);
 168     if (encdec != 0)
 169         {
 170         if (mode == EVP_CIPH_GCM_MODE)
 171             {
 172             if(!EVP_EncryptInit_ex(&ctx,c,NULL,NULL,NULL))
 173                 {
 174                 fprintf(stderr,"EncryptInit failed\n");
 175                 ERR_print_errors_fp(stderr);
 176                 test1_exit(10);
 177                 }
 178             if(!EVP_CIPHER_CTX_ctrl(&ctx, EVP_CTRL_GCM_SET_IVLEN, in, NULL))
 179                 {
 180                 fprintf(stderr,"IV length set failed\n");
 181                 ERR_print_errors_fp(stderr);
 182                 test1_exit(11);
 183                 }
 184             if(!EVP_EncryptInit_ex(&ctx,NULL,NULL,key,iv))
 185                 {
 186                 fprintf(stderr,"Key/IV set failed\n");
 187                 ERR_print_errors_fp(stderr);
 188                 test1_exit(12);
 189                 }
 190             if (an && !EVP_EncryptUpdate(&ctx,NULL,&outl,aad,an))
 191                 {
 192                 fprintf(stderr,"AAD set failed\n");
 193                 ERR_print_errors_fp(stderr);
 194                 test1_exit(13);
 195                 }
 196             }
 197         else if (mode == EVP_CIPH_CCM_MODE)
 198             {
 199             if(!EVP_EncryptInit_ex(&ctx,c,NULL,NULL,NULL))
 200                 {
 201                 fprintf(stderr,"EncryptInit failed\n");
 202                 ERR_print_errors_fp(stderr);
 203                 test1_exit(10);
 204                 }
 205             if(!EVP_CIPHER_CTX_ctrl(&ctx, EVP_CTRL_CCM_SET_IVLEN, in, NULL))
 206                 {
 207                 fprintf(stderr,"IV length set failed\n");
 208                 ERR_print_errors_fp(stderr);
 209                 test1_exit(11);
 210                 }
 211             if(!EVP_CIPHER_CTX_ctrl(&ctx, EVP_CTRL_CCM_SET_TAG, tn, NULL))
 212                 {
 213                 fprintf(stderr,"Tag length set failed\n");
 214                 ERR_print_errors_fp(stderr);
 215                 test1_exit(11);
 216                 }
 217             if(!EVP_EncryptInit_ex(&ctx,NULL,NULL,key,iv))
 218                 {
 219                 fprintf(stderr,"Key/IV set failed\n");
 220                 ERR_print_errors_fp(stderr);
 221                 test1_exit(12);
 222                 }
 223             if (!EVP_EncryptUpdate(&ctx,NULL,&outl,NULL,pn))
 224                 {
 225                 fprintf(stderr,"Plaintext length set failed\n");
 226                 ERR_print_errors_fp(stderr);
 227                 test1_exit(12);
 228                 }
 229             if (an && !EVP_EncryptUpdate(&ctx,NULL,&outl,aad,an))
 230                 {
 231                 fprintf(stderr,"AAD set failed\n");
 232                 ERR_print_errors_fp(stderr);
 233                 test1_exit(13);
 234                 }
 235             }
 236         else if (mode == EVP_CIPH_WRAP_MODE)
 237             {
 238             if(!EVP_EncryptInit_ex(&ctx,c,NULL,key,in ? iv : NULL))
 239                 {
 240                 fprintf(stderr,"EncryptInit failed\n");
 241                 ERR_print_errors_fp(stderr);
 242                 test1_exit(10);
 243                 }
 244             }
 245         else if(!EVP_EncryptInit_ex(&ctx,c,NULL,key,iv))
 246             {
 247             fprintf(stderr,"EncryptInit failed\n");
 248             ERR_print_errors_fp(stderr);
 249             test1_exit(10);
 250             }
 251         EVP_CIPHER_CTX_set_padding(&ctx,0);
 252
 253         if(!EVP_EncryptUpdate(&ctx,out,&outl,plaintext,pn))
 254             {
 255             fprintf(stderr,"Encrypt failed\n");
 256             ERR_print_errors_fp(stderr);
 257             test1_exit(6);
 258             }
 259         if(!EVP_EncryptFinal_ex(&ctx,out+outl,&outl2))
 260             {
 261             fprintf(stderr,"EncryptFinal failed\n");
 262             ERR_print_errors_fp(stderr);
 263             test1_exit(7);
 264             }
 265
 266         if(outl+outl2 != cn)
 267             {
 268             fprintf(stderr,"Ciphertext length mismatch got %d expected %d\n",
 269                     outl+outl2,cn);
 270             test1_exit(8);
 271             }
 272
 273         if(memcmp(out,ciphertext,cn))
 274             {
 275             fprintf(stderr,"Ciphertext mismatch\n");
 276             hexdump(stderr,"Got",out,cn);
 277             hexdump(stderr,"Expected",ciphertext,cn);
 278             test1_exit(9);
 279             }
 280         if (mode == EVP_CIPH_GCM_MODE || mode == EVP_CIPH_CCM_MODE)
 281             {
 282             unsigned char rtag[16];
 283             /* Note: EVP_CTRL_CCM_GET_TAG has same value as
 284              * EVP_CTRL_GCM_GET_TAG
 285              */
 286             if (!EVP_CIPHER_CTX_ctrl(&ctx, EVP_CTRL_GCM_GET_TAG, tn, rtag))
 287                 {
 288                 fprintf(stderr,"Get tag failed\n");
 289                 ERR_print_errors_fp(stderr);
 290                 test1_exit(14);
 291                 }
 292             if (memcmp(rtag, tag, tn))
 293                 {
 294                 fprintf(stderr,"Tag mismatch\n");
 295                 hexdump(stderr,"Got",rtag,tn);
 296                 hexdump(stderr,"Expected",tag,tn);
 297                 test1_exit(9);
 298                 }
 299             }
 300         }
 301
 302     if (encdec <= 0)
 303         {
 304         if (mode == EVP_CIPH_GCM_MODE)
 305             {
 306             if(!EVP_DecryptInit_ex(&ctx,c,NULL,NULL,NULL))
 307                 {
 308                 fprintf(stderr,"EncryptInit failed\n");
 309                 ERR_print_errors_fp(stderr);
 310                 test1_exit(10);
 311                 }
 312             if(!EVP_CIPHER_CTX_ctrl(&ctx, EVP_CTRL_GCM_SET_IVLEN, in, NULL))
 313                 {
 314                 fprintf(stderr,"IV length set failed\n");
 315                 ERR_print_errors_fp(stderr);
 316                 test1_exit(11);
 317                 }
 318             if(!EVP_DecryptInit_ex(&ctx,NULL,NULL,key,iv))
 319                 {
 320                 fprintf(stderr,"Key/IV set failed\n");
 321                 ERR_print_errors_fp(stderr);
 322                 test1_exit(12);
 323                 }
 324             if (!EVP_CIPHER_CTX_ctrl(&ctx, EVP_CTRL_GCM_SET_TAG, tn, (void *)tag))
 325                 {
 326                 fprintf(stderr,"Set tag failed\n");
 327                 ERR_print_errors_fp(stderr);
 328                 test1_exit(14);
 329                 }
 330             if (an && !EVP_DecryptUpdate(&ctx,NULL,&outl,aad,an))
 331                 {
 332                 fprintf(stderr,"AAD set failed\n");
 333                 ERR_print_errors_fp(stderr);
 334                 test1_exit(13);
 335                 }
 336             }
 337         else if (mode == EVP_CIPH_CCM_MODE)
 338             {
 339             if(!EVP_DecryptInit_ex(&ctx,c,NULL,NULL,NULL))
 340                 {
 341                 fprintf(stderr,"DecryptInit failed\n");
 342                 ERR_print_errors_fp(stderr);
 343                 test1_exit(10);
 344                 }
 345             if(!EVP_CIPHER_CTX_ctrl(&ctx, EVP_CTRL_CCM_SET_IVLEN, in, NULL))
 346                 {
 347                 fprintf(stderr,"IV length set failed\n");
 348                 ERR_print_errors_fp(stderr);
 349                 test1_exit(11);
 350                 }
 351             if(!EVP_CIPHER_CTX_ctrl(&ctx, EVP_CTRL_CCM_SET_TAG, tn, (void *)tag))
 352                 {
 353                 fprintf(stderr,"Tag length set failed\n");
 354                 ERR_print_errors_fp(stderr);
 355                 test1_exit(11);
 356                 }
 357             if(!EVP_DecryptInit_ex(&ctx,NULL,NULL,key,iv))
 358                 {
 359                 fprintf(stderr,"Key/Nonce set failed\n");
 360                 ERR_print_errors_fp(stderr);
 361                 test1_exit(12);
 362                 }
 363             if (!EVP_DecryptUpdate(&ctx,NULL,&outl,NULL,pn))
 364                 {
 365                 fprintf(stderr,"Plaintext length set failed\n");
 366                 ERR_print_errors_fp(stderr);
 367                 test1_exit(12);
 368                 }
 369             if (an && !EVP_EncryptUpdate(&ctx,NULL,&outl,aad,an))
 370                 {
 371                 fprintf(stderr,"AAD set failed\n");
 372                 ERR_print_errors_fp(stderr);
 373                 test1_exit(13);
 374                 }
 375             }
 376         else if (mode == EVP_CIPH_WRAP_MODE)
 377             {
 378             if(!EVP_DecryptInit_ex(&ctx,c,NULL,key,in ? iv : NULL))
 379                 {
 380                 fprintf(stderr,"EncryptInit failed\n");
 381                 ERR_print_errors_fp(stderr);
 382                 test1_exit(10);
 383                 }
 384             }
 385         else if(!EVP_DecryptInit_ex(&ctx,c,NULL,key,iv))
 386             {
 387             fprintf(stderr,"DecryptInit failed\n");
 388             ERR_print_errors_fp(stderr);
 389             test1_exit(11);
 390             }
 391         EVP_CIPHER_CTX_set_padding(&ctx,0);
 392
 393         if(!EVP_DecryptUpdate(&ctx,out,&outl,ciphertext,cn))
 394             {
 395             fprintf(stderr,"Decrypt failed\n");
 396             ERR_print_errors_fp(stderr);
 397             test1_exit(6);
 398             }
 399         if(mode != EVP_CIPH_CCM_MODE && !EVP_DecryptFinal_ex(&ctx,out+outl,&outl2))
 400             {
 401             fprintf(stderr,"DecryptFinal failed\n");
 402             ERR_print_errors_fp(stderr);
 403             test1_exit(7);
 404             }
 405
 406         if(outl+outl2 != pn)
 407             {
 408             fprintf(stderr,"Plaintext length mismatch got %d expected %d\n",
 409                     outl+outl2,pn);
 410             test1_exit(8);
 411             }
 412
 413         if(memcmp(out,plaintext,pn))
 414             {
 415             fprintf(stderr,"Plaintext mismatch\n");
 416             hexdump(stderr,"Got",out,pn);
 417             hexdump(stderr,"Expected",plaintext,pn);
 418             test1_exit(9);
 419             }
 420         }
 421
 422     EVP_CIPHER_CTX_cleanup(&ctx);
 423
 424     printf("\n");
 425     }
 426
 427 static int test_cipher(const char *cipher,const unsigned char *key,int kn,
 428                        const unsigned char *iv,int in,
 429                        const unsigned char *plaintext,int pn,
 430                        const unsigned char *ciphertext,int cn,
 431                        const unsigned char *aad,int an,
 432                        const unsigned char *tag,int tn,
 433                        int encdec)
 434     {
 435     const EVP_CIPHER *c;
 436
 437     c=EVP_get_cipherbyname(cipher);
 438     if(!c)
 439         return 0;
 440
 441     test1(c,key,kn,iv,in,plaintext,pn,ciphertext,cn,aad,an,tag,tn,encdec);
 442
 443     return 1;
 444     }
 445
 446 static int test_digest(const char *digest,
 447                        const unsigned char *plaintext,int pn,
 448                        const unsigned char *ciphertext, unsigned int cn)
 449     {
 450     const EVP_MD *d;
 451     EVP_MD_CTX ctx;
 452     unsigned char md[EVP_MAX_MD_SIZE];
 453     unsigned int mdn;
 454
 455     d=EVP_get_digestbyname(digest);
 456     if(!d)
 457         return 0;
 458
 459     printf("Testing digest %s\n",EVP_MD_name(d));
 460     hexdump(stdout,"Plaintext",plaintext,pn);
 461     hexdump(stdout,"Digest",ciphertext,cn);
 462
 463     EVP_MD_CTX_init(&ctx);
 464     if(!EVP_DigestInit_ex(&ctx,d, NULL))
 465         {
 466         fprintf(stderr,"DigestInit failed\n");
 467         ERR_print_errors_fp(stderr);
 468         EXIT(100);
 469         }
 470     if(!EVP_DigestUpdate(&ctx,plaintext,pn))
 471         {
 472         fprintf(stderr,"DigestUpdate failed\n");
 473         ERR_print_errors_fp(stderr);
 474         EXIT(101);
 475         }
 476     if(!EVP_DigestFinal_ex(&ctx,md,&mdn))
 477         {
 478         fprintf(stderr,"DigestFinal failed\n");
 479         ERR_print_errors_fp(stderr);
 480         EXIT(101);
 481         }
 482     EVP_MD_CTX_cleanup(&ctx);
 483
 484     if(mdn != cn)
 485         {
 486         fprintf(stderr,"Digest length mismatch, got %d expected %d\n",mdn,cn);
 487         EXIT(102);
 488         }
 489
 490     if(memcmp(md,ciphertext,cn))
 491         {
 492         fprintf(stderr,"Digest mismatch\n");
 493         hexdump(stderr,"Got",md,cn);
 494         hexdump(stderr,"Expected",ciphertext,cn);
 495         EXIT(103);
 496         }
 497
 498     printf("\n");
 499
 500     EVP_MD_CTX_cleanup(&ctx);
 501
 502     return 1;
 503     }
 504
 505 int main(int argc,char **argv)
 506     {
 507     const char *szTestFile;
 508     FILE *f;
 509
 510     if(argc != 2)
 511         {
 512         fprintf(stderr,"%s <test file>\n",argv[0]);
 513         EXIT(1);
 514         }
 515     CRYPTO_malloc_debug_init();
 516     CRYPTO_set_mem_debug_options(V_CRYPTO_MDEBUG_ALL);
 517     CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
 518
 519     szTestFile=argv[1];
 520
 521     f=fopen(szTestFile,"r");
 522     if(!f)
 523         {
 524         perror(szTestFile);
 525         EXIT(2);
 526         }
 527     ERR_load_crypto_strings();
 528     /* Load up the software EVP_CIPHER and EVP_MD definitions */
 529     OpenSSL_add_all_ciphers();
 530     OpenSSL_add_all_digests();
 531 #ifndef OPENSSL_NO_ENGINE
 532     /* Load all compiled-in ENGINEs */
 533     ENGINE_load_builtin_engines();
 534 #endif
 535 #if 0
 536     OPENSSL_config();
 537 #endif
 538 #ifndef OPENSSL_NO_ENGINE
 539     /* Register all available ENGINE implementations of ciphers and digests.
 540      * This could perhaps be changed to "ENGINE_register_all_complete()"? */
 541     ENGINE_register_all_ciphers();
 542     ENGINE_register_all_digests();
 543     /* If we add command-line options, this statement should be switchable.
 544      * It'll prevent ENGINEs being ENGINE_init()ialised for cipher/digest use if
 545      * they weren't already initialised. */
 546     /* ENGINE_set_cipher_flags(ENGINE_CIPHER_FLAG_NOINIT); */
 547 #endif
 548
 549     for( ; ; )
 550         {
 551         char line[4096];
 552         char *p;
 553         char *cipher;
 554         unsigned char *iv,*key,*plaintext,*ciphertext,*aad,*tag;
 555         int encdec;
 556         int kn,in,pn,cn;
 557         int an = 0;
 558         int tn = 0;
 559
 560         if(!fgets((char *)line,sizeof line,f))
 561             break;
 562         if(line[0] == '#' || line[0] == '\n')
 563             continue;
 564         p=line;
 565         cipher=sstrsep(&p,":");
 566         key=ustrsep(&p,":");
 567         iv=ustrsep(&p,":");
 568         plaintext=ustrsep(&p,":");
 569         ciphertext=ustrsep(&p,":");
 570         if (p[-1] == '\n') {
 571             encdec = -1;
 572             p[-1] = '\0';
 573             tag=aad=NULL;
 574             an=tn=0;
 575         } else {
 576             aad=ustrsep(&p,":");
 577             tag=ustrsep(&p,":");
 578             if (tag == NULL) {
 579                 p = (char *)aad;
 580                 tag=aad=NULL;
 581                 an=tn=0;
 582             }
 583             if (p [-1] == '\n') {
 584                 encdec = -1;
 585                 p[-1] = '\0';
 586             } else
 587                 encdec = atoi(sstrsep(&p,"\n"));
 588         }
 589
 590         kn=convert(key);
 591         in=convert(iv);
 592         pn=convert(plaintext);
 593         cn=convert(ciphertext);
 594         if (aad) {
 595             an=convert(aad);
 596             tn=convert(tag);
 597         }
 598
 599         if(!test_cipher(cipher,key,kn,iv,in,plaintext,pn,ciphertext,cn,aad,an,tag,tn,encdec)
 600            && !test_digest(cipher,plaintext,pn,ciphertext,cn))
 601             {
 602 #ifdef OPENSSL_NO_AES
 603             if (strstr(cipher, "AES") == cipher)
 604                 {
 605                 fprintf(stdout, "Cipher disabled, skipping %s\n", cipher);
 606                 continue;
 607                 }
 608 #endif
 609 #ifdef OPENSSL_NO_DES
 610             if (strstr(cipher, "DES") == cipher)
 611                 {
 612                 fprintf(stdout, "Cipher disabled, skipping %s\n", cipher);
 613                 continue;
 614                 }
 615 #endif
 616 #ifdef OPENSSL_NO_RC4
 617             if (strstr(cipher, "RC4") == cipher)
 618                 {
 619                 fprintf(stdout, "Cipher disabled, skipping %s\n", cipher);
 620                 continue;
 621                 }
 622 #endif
 623 #ifdef OPENSSL_NO_CAMELLIA
 624             if (strstr(cipher, "CAMELLIA") == cipher)
 625                 {
 626                 fprintf(stdout, "Cipher disabled, skipping %s\n", cipher);
 627                 continue;
 628                 }
 629 #endif
 630 #ifdef OPENSSL_NO_SEED
 631             if (strstr(cipher, "SEED") == cipher)
 632                 {
 633                 fprintf(stdout, "Cipher disabled, skipping %s\n", cipher);
 634                 continue;
 635                 }
 636 #endif
 637             fprintf(stderr,"Can't find %s\n",cipher);
 638             EXIT(3);
 639             }
 640         }
 641         fclose(f);
 642
 643 #ifndef OPENSSL_NO_ENGINE
 644     ENGINE_cleanup();
 645 #endif
 646     EVP_cleanup();
 647     CRYPTO_cleanup_all_ex_data();
 648     ERR_remove_thread_state(NULL);
 649     ERR_free_strings();
 650     CRYPTO_mem_leaks_fp(stderr);
 651
 652     return 0;
 653     }