Import of old SSLeay release: SSLeay 0.9.1b (unreleased) SSLeay
authorRalf S. Engelschall <rse@openssl.org>
Mon, 21 Dec 1998 11:00:56 +0000 (11:00 +0000)
committerRalf S. Engelschall <rse@openssl.org>
Mon, 21 Dec 1998 11:00:56 +0000 (11:00 +0000)
501 files changed:
Configure
HISTORY.090 [new file with mode: 0644]
INSTALL
MINFO
Makefile.ssl
PATENTS
README
README.090
apps/asn1pars.c
apps/ca-cert.srl
apps/ca.c
apps/cert.der [new file with mode: 0644]
apps/crl.c
apps/dgst.c
apps/dsaparam.c
apps/g_ssleay.pl
apps/gmon.out [new file with mode: 0644]
apps/mklinks
apps/oid.cnf [new file with mode: 0644]
apps/openssl.c
apps/openssl.cnf
apps/privkey.pem
apps/progs.h
apps/progs.pl
apps/req.c
apps/rmlinks
apps/rsa/01.pem [new file with mode: 0644]
apps/rsa/1.txt [new file with mode: 0644]
apps/rsa/SecureServer.pem [new file with mode: 0644]
apps/rsa/s.txt [new file with mode: 0644]
apps/s_cb.c
apps/s_client.c
apps/s_server.c
apps/s_time.c
apps/sc.c [new file with mode: 0644]
apps/server.pem
apps/sess_id.c
apps/speed.c
apps/ssleay.c
apps/ssleay.cnf
apps/verify.c
apps/version.c
apps/x509.c
bugs/sgiccbug.c
bugs/ultrixcc.c [new file with mode: 0644]
certs/expired/ICE-CA.pem [new file with mode: 0644]
certs/expired/ICE-root.pem [new file with mode: 0644]
certs/expired/ICE-user.pem [new file with mode: 0644]
certs/expired/ICE.crl [new file with mode: 0644]
certs/vsign1.pem
certs/vsign2.pem
certs/vsign3.pem
certs/vsignss.pem [new file with mode: 0644]
certs/vsigntca.pem [new file with mode: 0644]
config
crypto/Makefile.ssl
crypto/asn1/Makefile.ssl
crypto/asn1/a_bitstr.c
crypto/asn1/a_bitstr.orig.c [new file with mode: 0644]
crypto/asn1/a_bmp.c
crypto/asn1/a_bytes.c
crypto/asn1/a_hdr.c
crypto/asn1/a_int.c
crypto/asn1/a_object.c
crypto/asn1/a_octet.c
crypto/asn1/a_set.c
crypto/asn1/a_sign.c
crypto/asn1/a_type.c
crypto/asn1/a_utctm.c
crypto/asn1/asn1.err
crypto/asn1/asn1.h
crypto/asn1/asn1_err.c
crypto/asn1/asn1_lib.c
crypto/asn1/asn1_mac.h
crypto/asn1/asn1_par.c
crypto/asn1/d2i_dhp.c
crypto/asn1/d2i_dsap.c
crypto/asn1/d2i_pr.c
crypto/asn1/d2i_pu.c
crypto/asn1/d2i_r_pr.c
crypto/asn1/d2i_r_pu.c
crypto/asn1/d2i_s_pr.c
crypto/asn1/d2i_s_pu.c
crypto/asn1/evp_asn1.c
crypto/asn1/i2d_dhp.c
crypto/asn1/i2d_dsap.c
crypto/asn1/i2d_r_pr.c
crypto/asn1/i2d_r_pu.c
crypto/asn1/n_pkey.c
crypto/asn1/p7_dgst.c
crypto/asn1/p7_enc.c
crypto/asn1/p7_enc_c.c
crypto/asn1/p7_evp.c
crypto/asn1/p7_i_s.c
crypto/asn1/p7_lib.c
crypto/asn1/p7_recip.c
crypto/asn1/p7_s_e.c
crypto/asn1/p7_signd.c
crypto/asn1/p7_signi.c
crypto/asn1/pkcs8.c
crypto/asn1/t_x509.c
crypto/asn1/x [new file with mode: 0644]
crypto/asn1/x_algor.c
crypto/asn1/x_attrib.c
crypto/asn1/x_cinf.c
crypto/asn1/x_crl.c
crypto/asn1/x_exten.c
crypto/asn1/x_name.c
crypto/asn1/x_pkey.c
crypto/asn1/x_pubkey.c
crypto/asn1/x_req.c
crypto/asn1/x_sig.c
crypto/asn1/x_spki.c
crypto/asn1/x_val.c
crypto/asn1/x_x509.c
crypto/bf/Makefile.ssl
crypto/bf/bf_ecb.c
crypto/bf/bf_opts.c
crypto/bf/bfspeed.c
crypto/bio/b_sock.c
crypto/bio/bio.err
crypto/bio/bio.h
crypto/bio/bio_err.c
crypto/bio/bio_lib.c
crypto/bio/bss_acpt.c
crypto/bio/bss_conn.c
crypto/bio/bss_file.c
crypto/bio/bss_mem.c
crypto/bio/bss_sock.c
crypto/bio/cd [new file with mode: 0644]
crypto/bio/fg [new file with mode: 0644]
crypto/bio/grep [new file with mode: 0644]
crypto/bio/vi [new file with mode: 0644]
crypto/bn/DSA [new file with mode: 0644]
crypto/bn/Makefile.ssl
crypto/bn/alpha.s [new file with mode: 0644]
crypto/bn/asm/a.out [new file with mode: 0644]
crypto/bn/asm/alpha.s
crypto/bn/asm/alpha.s.works [new file with mode: 0644]
crypto/bn/asm/alpha.works/add.pl [new file with mode: 0644]
crypto/bn/asm/alpha.works/div.pl [new file with mode: 0644]
crypto/bn/asm/alpha.works/mul.pl [new file with mode: 0644]
crypto/bn/asm/alpha.works/mul_add.pl [new file with mode: 0644]
crypto/bn/asm/alpha.works/mul_c4.pl [new file with mode: 0644]
crypto/bn/asm/alpha.works/mul_c4.works.pl [new file with mode: 0644]
crypto/bn/asm/alpha.works/mul_c8.pl [new file with mode: 0644]
crypto/bn/asm/alpha.works/sqr.pl [new file with mode: 0644]
crypto/bn/asm/alpha.works/sqr_c4.pl [new file with mode: 0644]
crypto/bn/asm/alpha.works/sqr_c8.pl [new file with mode: 0644]
crypto/bn/asm/alpha.works/sub.pl [new file with mode: 0644]
crypto/bn/asm/alpha/add.pl [new file with mode: 0644]
crypto/bn/asm/alpha/div.pl [new file with mode: 0644]
crypto/bn/asm/alpha/mul.pl [new file with mode: 0644]
crypto/bn/asm/alpha/mul_add.pl [new file with mode: 0644]
crypto/bn/asm/alpha/mul_c4.pl [new file with mode: 0644]
crypto/bn/asm/alpha/mul_c4.works.pl [new file with mode: 0644]
crypto/bn/asm/alpha/mul_c8.pl [new file with mode: 0644]
crypto/bn/asm/alpha/sqr.pl [new file with mode: 0644]
crypto/bn/asm/alpha/sqr_c4.pl [new file with mode: 0644]
crypto/bn/asm/alpha/sqr_c8.pl [new file with mode: 0644]
crypto/bn/asm/alpha/sub.pl [new file with mode: 0644]
crypto/bn/asm/bn-586.pl
crypto/bn/asm/bn-alpha.pl [new file with mode: 0644]
crypto/bn/asm/bn-win32.asm
crypto/bn/asm/bn86unix.cpp
crypto/bn/asm/ca.pl [new file with mode: 0644]
crypto/bn/asm/co-586.pl [new file with mode: 0644]
crypto/bn/asm/co-alpha.pl [new file with mode: 0644]
crypto/bn/asm/co86unix.cpp [new file with mode: 0644]
crypto/bn/asm/elf.s [new file with mode: 0644]
crypto/bn/asm/f [new file with mode: 0644]
crypto/bn/asm/f.c [new file with mode: 0644]
crypto/bn/asm/f.elf [new file with mode: 0644]
crypto/bn/asm/f.s [new file with mode: 0644]
crypto/bn/asm/ff [new file with mode: 0644]
crypto/bn/asm/mips1.s [new file with mode: 0644]
crypto/bn/asm/mips3.s [new file with mode: 0644]
crypto/bn/asm/x86.pl [new file with mode: 0644]
crypto/bn/asm/x86/add.pl [new file with mode: 0644]
crypto/bn/asm/x86/comba.pl [new file with mode: 0644]
crypto/bn/asm/x86/div.pl [new file with mode: 0644]
crypto/bn/asm/x86/f [new file with mode: 0644]
crypto/bn/asm/x86/mul.pl [new file with mode: 0644]
crypto/bn/asm/x86/mul_add.pl [new file with mode: 0644]
crypto/bn/asm/x86/sqr.pl [new file with mode: 0644]
crypto/bn/asm/x86/sub.pl [new file with mode: 0644]
crypto/bn/asm/x86w16.asm
crypto/bn/asm/x86w32.asm
crypto/bn/bn.err
crypto/bn/bn.h
crypto/bn/bn.mul [new file with mode: 0644]
crypto/bn/bn.org
crypto/bn/bn_add.c
crypto/bn/bn_asm.c [new file with mode: 0644]
crypto/bn/bn_blind.c
crypto/bn/bn_comba.c [new file with mode: 0644]
crypto/bn/bn_div.c
crypto/bn/bn_err.c
crypto/bn/bn_exp.c
crypto/bn/bn_exp2.c [new file with mode: 0644]
crypto/bn/bn_gcd.c
crypto/bn/bn_lcl.h
crypto/bn/bn_lib.c
crypto/bn/bn_mont.c
crypto/bn/bn_mpi.c
crypto/bn/bn_mul.c
crypto/bn/bn_opts.c [new file with mode: 0644]
crypto/bn/bn_prime.c
crypto/bn/bn_recp.c
crypto/bn/bn_sqr.c
crypto/bn/bn_word.c
crypto/bn/bnspeed.c
crypto/bn/bntest.c
crypto/bn/comba.pl [new file with mode: 0644]
crypto/bn/d.c [new file with mode: 0644]
crypto/bn/exp.c [new file with mode: 0644]
crypto/bn/expspeed.c
crypto/bn/exptest.c
crypto/bn/m.pl [new file with mode: 0644]
crypto/bn/new [new file with mode: 0644]
crypto/bn/old/b_sqr.c [new file with mode: 0644]
crypto/bn/old/bn_com.c [new file with mode: 0644]
crypto/bn/old/bn_high.c [new file with mode: 0644]
crypto/bn/old/bn_ka.c [new file with mode: 0644]
crypto/bn/old/bn_low.c [new file with mode: 0644]
crypto/bn/old/bn_m.c [new file with mode: 0644]
crypto/bn/old/bn_mul.c.works [new file with mode: 0644]
crypto/bn/old/bn_wmul.c [new file with mode: 0644]
crypto/bn/old/build [new file with mode: 0755]
crypto/bn/old/info [new file with mode: 0644]
crypto/bn/old/test.works [new file with mode: 0644]
crypto/bn/test.c [new file with mode: 0644]
crypto/bn/todo [new file with mode: 0644]
crypto/buffer/buf_err.c
crypto/cast/Makefile.ssl
crypto/cast/c_ecb.c
crypto/cast/cast_spd.c
crypto/cast/castopts.c
crypto/comp/Makefile.ssl [new file with mode: 0644]
crypto/comp/c_rle.c [new file with mode: 0644]
crypto/comp/c_zlib.c [new file with mode: 0644]
crypto/comp/comp.err [new file with mode: 0644]
crypto/comp/comp.h [new file with mode: 0644]
crypto/comp/comp_err.c [new file with mode: 0644]
crypto/comp/comp_lib.c [new file with mode: 0644]
crypto/conf/conf.c
crypto/conf/conf_err.c
crypto/cpt_err.c
crypto/cryptlib.c
crypto/crypto.h
crypto/cversion.c
crypto/date.h
crypto/des/Makefile.ssl
crypto/des/VERSION
crypto/des/asm/f.cpp [new file with mode: 0644]
crypto/des/des.h
crypto/des/des.org
crypto/des/des_locl.h
crypto/des/des_locl.org
crypto/des/des_opts.c
crypto/des/destest.c
crypto/des/ecb_enc.c
crypto/des/fcrypt.c
crypto/des/set_key.c
crypto/des/speed.c
crypto/dh/dh.h
crypto/dh/dh_err.c
crypto/dh/dh_gen.c
crypto/dh/dh_key.c
crypto/dh/dh_lib.c
crypto/dh/dhtest.c
crypto/dsa/dsa.h
crypto/dsa/dsa_err.c
crypto/dsa/dsa_gen.c
crypto/dsa/dsa_lib.c
crypto/dsa/dsa_sign.c
crypto/dsa/dsa_vrf.c
crypto/dsa/f [new file with mode: 0644]
crypto/err/err.c
crypto/err/err.h
crypto/err/err_genc.pl
crypto/err/ssleay.ec
crypto/evp/abc.c [new file with mode: 0644]
crypto/evp/abcs.c [new file with mode: 0644]
crypto/evp/bio_enc.c
crypto/evp/c_all.c
crypto/evp/e_cbc_r2.c
crypto/evp/e_cfb_r2.c
crypto/evp/e_ecb_r2.c
crypto/evp/e_ofb_r2.c
crypto/evp/evp.err
crypto/evp/evp.h
crypto/evp/evp_enc.c
crypto/evp/evp_err.c
crypto/evp/evp_lib.c
crypto/evp/names.c
crypto/evp/p_lib.c
crypto/ex_data.c
crypto/idea/i_ecb.c
crypto/idea/idea_spd.c
crypto/lhash/lhash.c
crypto/lhash/lhash.h
crypto/md2/md2_dgst.c
crypto/md5/Makefile.ssl
crypto/md5/f [new file with mode: 0644]
crypto/md5/md5_dgst.c
crypto/mdc2/mdc2dgst.c
crypto/mem.c
crypto/objects/Makefile.ssl
crypto/objects/o_names.c [new file with mode: 0644]
crypto/objects/obj_dat.c
crypto/objects/obj_dat.h
crypto/objects/obj_err.c
crypto/objects/obj_lib.c
crypto/objects/objects.h
crypto/pem/gmon.out [new file with mode: 0644]
crypto/pem/pem_err.c
crypto/pem/pem_lib.c
crypto/perlasm/alpha.pl [new file with mode: 0644]
crypto/perlasm/f [new file with mode: 0644]
crypto/pkcs7/bio_ber.c [new file with mode: 0644]
crypto/pkcs7/build [new file with mode: 0755]
crypto/pkcs7/dec.c [new file with mode: 0644]
crypto/pkcs7/des.pem [new file with mode: 0644]
crypto/pkcs7/enc.c
crypto/pkcs7/es1.pem [new file with mode: 0644]
crypto/pkcs7/example.c [new file with mode: 0644]
crypto/pkcs7/info.pem [new file with mode: 0644]
crypto/pkcs7/infokey.pem [new file with mode: 0644]
crypto/pkcs7/pk7_doit.c
crypto/pkcs7/pk7_lib.c
crypto/pkcs7/pkcs7.err
crypto/pkcs7/pkcs7.h
crypto/pkcs7/pkcs7err.c
crypto/pkcs7/sign.c
crypto/pkcs7/t/3des.pem [new file with mode: 0644]
crypto/pkcs7/t/3dess.pem [new file with mode: 0644]
crypto/pkcs7/t/c.pem [new file with mode: 0644]
crypto/pkcs7/t/f [new file with mode: 0644]
crypto/pkcs7/t/ff [new file with mode: 0644]
crypto/pkcs7/t/msie-e [new file with mode: 0644]
crypto/pkcs7/t/msie-e.pem [new file with mode: 0644]
crypto/pkcs7/t/msie-enc-01 [new file with mode: 0644]
crypto/pkcs7/t/msie-enc-01.pem [new file with mode: 0644]
crypto/pkcs7/t/msie-enc-02 [new file with mode: 0644]
crypto/pkcs7/t/msie-enc-02.pem [new file with mode: 0644]
crypto/pkcs7/t/msie-s-a-e [new file with mode: 0644]
crypto/pkcs7/t/msie-s-a-e.pem [new file with mode: 0644]
crypto/pkcs7/t/nav-smime [new file with mode: 0644]
crypto/pkcs7/t/s.pem [new file with mode: 0644]
crypto/pkcs7/t/server.pem [new file with mode: 0644]
crypto/pkcs7/t/z [new file with mode: 0644]
crypto/pkcs7/t/zz [new file with mode: 0644]
crypto/pkcs7/verify.c
crypto/rand/Makefile.ssl
crypto/rand/md_rand.c
crypto/rand/rand.h
crypto/rand/rand_lib.c [new file with mode: 0644]
crypto/rand/randfile.c
crypto/rc2/rc2_ecb.c
crypto/rc2/rc2speed.c
crypto/rc2/tab.c [new file with mode: 0644]
crypto/rc4/Makefile.ssl
crypto/rc4/rc4_enc.c
crypto/rc4/rc4_skey.c
crypto/rc4/rc4speed.c
crypto/rc5/Makefile.ssl
crypto/rc5/rc5_ecb.c
crypto/rc5/rc5speed.c
crypto/ripemd/Makefile.ssl
crypto/ripemd/rmd_dgst.c
crypto/rsa/f [new file with mode: 0644]
crypto/rsa/rsa.err
crypto/rsa/rsa.h
crypto/rsa/rsa_eay.c
crypto/rsa/rsa_err.c
crypto/rsa/rsa_gen.c
crypto/rsa/rsa_lib.c
crypto/rsa/rsa_none.c
crypto/rsa/rsa_pk1.c
crypto/rsa/rsa_sign.c
crypto/rsa/rsa_ssl.c
crypto/sha/Makefile.ssl
crypto/sha/asm/a.out [new file with mode: 0644]
crypto/sha/asm/f [new file with mode: 0644]
crypto/sha/asm/f.s [new file with mode: 0644]
crypto/sha/sha1dgst.c
crypto/sha/sha_dgst.c
crypto/stack/stack.c
crypto/threads/f [new file with mode: 0644]
crypto/tmdiff.c
crypto/tmdiff.h [new file with mode: 0644]
crypto/txt_db/txt_db.c
crypto/x509/v3_x509.c
crypto/x509/x509.h
crypto/x509/x509_cmp.c
crypto/x509/x509_err.c
crypto/x509/x509_lu.c
crypto/x509/x509_r2x.c
crypto/x509/x509_vfy.c
crypto/x509/x509_vfy.h
crypto/x509/x_all.c
demos/bio/sconnect.c
demos/eay/base64.c [new file with mode: 0644]
demos/eay/conn.c [new file with mode: 0644]
demos/eay/loadrsa.c [new file with mode: 0644]
dep/files
e_os.h
makefile.one
ms/certCA.srl
ms/certCA.ss
ms/certU.ss
ms/f.bat [new file with mode: 0755]
ms/keyCA.ss
ms/keyU.ss
ms/libeay16.def
ms/libeay32.def
ms/ntdll.mak
ms/req2CA.ss
ms/reqCA.ss
ms/reqU.ss
ms/ssleay16.def
ms/ssleay32.def
ms/test.bat
ms/testenc.bat
ms/w31dll.mak
ms/zzz [new file with mode: 0755]
perl/OpenSSL.xs
perl/SSLeay.xs
perl/bio.pl
perl/bio.xs
perl/callback.c
perl/f.pl
perl/openssl_bio.xs
perl/openssl_cb.c
perl/openssl_ssl.xs
perl/ssl.pl
perl/ssl.xs
rsaref/rsar_err.c
ssl/KEYS [new file with mode: 0644]
ssl/f
ssl/f.mak [new file with mode: 0644]
ssl/s23_clnt.c
ssl/s23_lib.c
ssl/s23_srvr.c
ssl/s2_clnt.c
ssl/s2_lib.c
ssl/s3_both.c
ssl/s3_clnt.c
ssl/s3_enc.c
ssl/s3_lib.c
ssl/s3_pkt.c
ssl/s3_srvr.c
ssl/ssl.err
ssl/ssl.h
ssl/ssl3.h
ssl/ssl_algs.c
ssl/ssl_cert.c
ssl/ssl_ciph.c
ssl/ssl_comp.c [new file with mode: 0644]
ssl/ssl_err.c
ssl/ssl_lib.c
ssl/ssl_locl.h
ssl/ssl_rsa.c
ssl/ssl_sess.c
ssl/ssltest.c
ssl/t1_enc.c
ssl/t1_lib.c
test/Makefile.ssl
test/certCA.srl
test/f [new file with mode: 0644]
test/testkey.pem
test/testreq.pem
times/091/486-50.nt [new file with mode: 0644]
times/091/586-100.lnx [new file with mode: 0644]
times/091/68000.bsd [new file with mode: 0644]
times/091/686-200.lnx [new file with mode: 0644]
times/091/alpha064.osf [new file with mode: 0644]
times/091/alpha164.lnx [new file with mode: 0644]
times/091/alpha164.osf [new file with mode: 0644]
times/091/mips-rel.pl [new file with mode: 0644]
times/091/r10000.irx [new file with mode: 0644]
times/091/r3000.ult [new file with mode: 0644]
times/091/r4400.irx [new file with mode: 0644]
tools/c_rehash
util/ck_errf.pl
util/f.mak [new file with mode: 0644]
util/libeay.num
util/mk1mf.pl
util/mkdef.pl
util/pl/BC-16.pl
util/pl/BC-32.pl
util/pl/VC-16.pl
util/pl/VC-32.pl
util/pl/f [new file with mode: 0644]
util/pl/linux.pl
util/pl/ultrix.pl [new file with mode: 0644]
util/pl/unix.pl
util/ssleay.num
util/up_ver.pl
util/x86asm.sh

index 4f66d64..b1c4782 100755 (executable)
--- a/Configure
+++ b/Configure
@@ -36,7 +36,6 @@
 # MD5_ASM      use some extra md5 assember,
 # SHA1_ASM     use some extra sha1 assember, must define L_ENDIAN for x86
 # RMD160_ASM   use some extra ripemd160 assember,
-# BN_ASM       use some extra bn assember,
 
 $x86_gcc_des="DES_PTR DES_RISC1 DES_UNROLL";
 
@@ -55,10 +54,10 @@ $tlib="-lnsl -lsocket";
 $bits1="THIRTY_TWO_BIT ";
 $bits2="SIXTY_FOUR_BIT ";
 
-$x86_sol_asm="asm/bn86-sol.o:asm/dx86-sol.o asm/yx86-sol.o:asm/bx86-sol.o:asm/mx86-sol.o:asm/sx86-sol.o:asm/cx86-sol.o:asm/rx86-sol.o:asm/rm86-sol.o:asm/r586-sol.o";
-$x86_elf_asm="asm/bn86-elf.o:asm/dx86-elf.o asm/yx86-elf.o:asm/bx86-elf.o:asm/mx86-elf.o:asm/sx86-elf.o:asm/cx86-elf.o:asm/rx86-elf.o:asm/rm86-elf.o:asm/r586-elf.o";
-$x86_out_asm="asm/bn86-out.o:asm/dx86-out.o asm/yx86-out.o:asm/bx86-out.o:asm/mx86-out.o:asm/sx86-out.o:asm/cx86-out.o:asm/rx86-out.o:asm/rm86-out.o:asm/r586-out.o";
-$x86_bsdi_asm="asm/bn86bsdi.o:asm/dx86bsdi.o asm/yx86bsdi.o:asm/bx86bsdi.o:asm/mx86bsdi.o:asm/sx86bsdi.o:asm/cx86bsdi.o:asm/rx86bsdi.o:asm/rm86bsdi.o:asm/r586bsdi.o";
+$x86_sol_asm="asm/bn86-sol.o asm/co86-sol.o:asm/dx86-sol.o asm/yx86-sol.o:asm/bx86-sol.o:asm/mx86-sol.o:asm/sx86-sol.o:asm/cx86-sol.o:asm/rx86-sol.o:asm/rm86-sol.o:asm/r586-sol.o";
+$x86_elf_asm="asm/bn86-elf.o asm/co86-elf.o:asm/dx86-elf.o asm/yx86-elf.o:asm/bx86-elf.o:asm/mx86-elf.o:asm/sx86-elf.o:asm/cx86-elf.o:asm/rx86-elf.o:asm/rm86-elf.o:asm/r586-elf.o";
+$x86_out_asm="asm/bn86-out.o asm/co86-out.o:asm/dx86-out.o asm/yx86-out.o:asm/bx86-out.o:asm/mx86-out.o:asm/sx86-out.o:asm/cx86-out.o:asm/rx86-out.o:asm/rm86-out.o:asm/r586-out.o";
+$x86_bsdi_asm="asm/bn86bsdi.o asm/co86bsdi.o:asm/dx86bsdi.o asm/yx86bsdi.o:asm/bx86bsdi.o:asm/mx86bsdi.o:asm/sx86bsdi.o:asm/cx86bsdi.o:asm/rx86bsdi.o:asm/rm86bsdi.o:asm/r586bsdi.o";
 
 # -DB_ENDIAN slows things down on a sparc for md5, but helps sha1.
 # So the md5_locl.h file has an undef B_ENDIAN if sun is defined
@@ -73,7 +72,7 @@ $x86_bsdi_asm="asm/bn86bsdi.o:asm/dx86bsdi.o asm/yx86bsdi.o:asm/bx86bsdi.o:asm/m
 
 # A few of my development configs
 "purify",      "purify gcc:-g -DPURIFY -Wall:-lsocket -lnsl::::",
-"debug",       "gcc:-DREF_CHECK -DCRYPTO_MDEBUG -ggdb -g2 -Wformat -Wshadow -Wmissing-prototypes -Wmissing-declarations -Werror:::::",
+"debug",       "gcc:-DBN_DEBUG -DREF_CHECK -DCRYPTO_MDEBUG -ggdb -g2 -Wformat -Wshadow -Wmissing-prototypes -Wmissing-declarations -Werror:-lefence::::",
 "dist",                "cc:-O -DNOPROTO::::",
 
 # Basic configs that should work on any box
@@ -82,7 +81,7 @@ $x86_bsdi_asm="asm/bn86bsdi.o:asm/dx86bsdi.o asm/yx86bsdi.o:asm/bx86bsdi.o:asm/m
 
 
 # My solaris setups
-"solaris-x86-gcc","gcc:-O3 -fomit-frame-pointer -m486 -Wall -DL_ENDIAN -DBN_ASM:-lsocket -lnsl:BN_LLONG $x86_gcc_des $x86_gcc_opts:$x86_sol_asm:",
+"solaris-x86-gcc","gcc:-O3 -fomit-frame-pointer -m486 -Wall -DL_ENDIAN:-lsocket -lnsl:BN_LLONG $x86_gcc_des $x86_gcc_opts:$x86_sol_asm",
 "solaris-sparc-gcc","gcc:-O3 -fomit-frame-pointer -mv8 -Wall -DB_ENDIAN:-lsocket -lnsl:BN_LLONG RC4_CHAR DES_UNROLL BF_PTR:::",
 # DO NOT use /xO[34] on sparc with SC3.0. 
 # It is broken, and will not pass the tests
@@ -103,10 +102,16 @@ $x86_bsdi_asm="asm/bn86bsdi.o:asm/dx86bsdi.o asm/yx86bsdi.o:asm/bx86bsdi.o:asm/m
 # SGI configurations.  If the box is rather old (r3000 cpu), you will
 # probably have to remove the '-mips2' flag.  I've only been using
 # IRIX 5.[23].
-#"irix-gcc","gcc:-O2 -mips2::BN_LLONG RC4_INDEX RC4_CHAR:::",
-"irix-gcc","gcc:-O2 -DTERMIOS -DB_ENDIAN::BN_LLONG MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC2 DES_PTR BF_PTR:::",
-"irix-cc", "cc:-O2 -DTERMIOS -DB_ENDIAN::DES_PTR DES_RISC2 DES_UNROLL BF_PTR:asm/r3000.o::",
+# I've recently done 32 and 64 bit mips assember, it make this RSA
+# 3 times faster, use if at all possible.
+#"irix-gcc","gcc:-O2 -mips2::SIXTY_FOUR_BIT BN_LLONG RC4_INDEX RC4_CHAR:::",
+"irix-gcc","gcc:-O2 -DTERMIOS -DB_ENDIAN::BN_LLONG MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC2 DES_PTR BF_PTR:asm/mips1.o::",
+"irix64-gcc","gcc:-mips3 -O2 -DTERMIOS -DB_ENDIAN::MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC2 DES_PTR BF_PTR SIXTY_FOUR_BIT:asm/mips3.o::",
+"irix-cc", "cc:-O2 -use_readonly_const -DTERMIOS -DB_ENDIAN::BN_LLONG DES_PTR DES_RISC2 DES_UNROLL BF_PTR:asm/mips1.o::",
+"irix64-cc", "cc:-O2 -use_readonly_const -DTERMIOS -DB_ENDIAN::DES_PTR DES_RISC2 DES_UNROLL BF_PTR SIXTY_FOUR_BIT:asm/mips3.o::",
 "debug-irix-cc", "cc:-w2 -g -DCRYPTO_MDEBUG -DTERMIOS -DB_ENDIAN:::asm/r3000.o::",
+# This is the n64 mode build.
+"irix-n64-cc", "cc:-64 -O2 -use_readonly_const -DTERMIOS::DES_RISC2 DES_UNROLL SIXTY_FOUR_BIT:asm/mips3_64.o::",
 
 # HPUX config.  I've been building on HPUX 9, so the options may be
 # different on version 10.  The pa-risc2.o assember file is 2 times
@@ -118,23 +123,24 @@ $x86_bsdi_asm="asm/bn86bsdi.o:asm/dx86bsdi.o asm/yx86bsdi.o:asm/bx86bsdi.o:asm/m
 "hpux-kr-cc",  "cc:-DB_ENDIAN -DNOCONST -DNOPROTO -D_HPUX_SOURCE::DES_PTR DES_UNROLL:asm/pa-risc2.o::",
 "hpux-gcc",    "gcc:-DB_ENDIAN -O3::BN_LLONG DES_PTR DES_UNROLL DES_RISC1:::",
 
-# Dec Alpha, OSF/1 - the alpha400-cc is the flags for a 21164A with
+# Dec Alpha, OSF/1 - the alpha164-cc is the flags for a 21164A with
 # the new compiler
-"alpha-gcc","gcc:-O3::SIXTY_FOUR_BIT_LONGS DES_INT DES_PTR DES_RISC2:asm/alpha.o::",
-"alpha-cc", "cc:-O2::SIXTY_FOUR_BIT_LONGS DES_INT DES_PTR DES_RISC2:asm/alpha.o::",
-"alpha400-cc", "cc:-arch host -tune host -fast -std -O4 -inline speed::SIXTY_FOUR_BIT_LONG:asm/alpha.o::",
+# For gcc, the following gave a %50 speedup on a 164 over the 'DES_INT' version
+"alpha-gcc","gcc:-O3::SIXTY_FOUR_BIT_LONG DES_UNROLL DES_RISC1:asm/alpha.o::",
+"alpha-cc", "cc:-tune host -O4 -readonly_strings::SIXTY_FOUR_BIT_LONG:asm/alpha.o::",
+"alpha164-cc", "cc:-tune host -fast -readonly_strings::SIXTY_FOUR_BIT_LONG:asm/alpha.o::",
 
 # The intel boxes :-), It would be worth seeing if bsdi-gcc can use the
 # bn86-elf.o file file since it is hand tweaked assembler.
-"linux-elf",   "gcc:-DL_ENDIAN -DTERMIO -DBN_ASM -O3 -fomit-frame-pointer -m486 -Wall -Wuninitialized::BN_LLONG $x86_gcc_des $x86_gcc_opts:$x86_elf_asm",
-"debug-linux-elf","gcc:-DREF_CHECK -DBN_ASM -DCRYPTO_MDEBUG -DL_ENDIAN -DTERMIO -g -m486 -Wall:-lefence:BN_LLONG $x86_gcc_des $x86_gcc_opts:$x86_elf_asm",
-"linux-aout",  "gcc:-DL_ENDIAN -DTERMIO -DBN_ASM -O3 -fomit-frame-pointer -m486 -Wall::BN_LLONG $x86_gcc_des $x86_gcc_opts:$x86_out_asm",
+"linux-elf",   "gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -m486 -Wall -Wuninitialized::BN_LLONG $x86_gcc_des $x86_gcc_opts:$x86_elf_asm",
+"debug-linux-elf","gcc:-DREF_CHECK -DCRYPTO_MDEBUG -DL_ENDIAN -DTERMIO -g -m486 -Wall:-lefence:BN_LLONG $x86_gcc_des $x86_gcc_opts:$x86_elf_asm",
+"linux-aout",  "gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -m486 -Wall::BN_LLONG $x86_gcc_des $x86_gcc_opts:$x86_out_asm",
 "NetBSD-sparc",        "gcc:-DTERMIOS -O3 -fomit-frame-pointer -mv8 -Wall -DB_ENDIAN::BN_LLONG MD2_CHAR RC4_INDEX DES_UNROLL:::",
-"NetBSD-m86",  "gcc:-DTERMIOS -O3 -fomit-frame-pointer -Wall -DB_ENDIAN::BN_LLONG MD2_CHAR RC4_INDEX DES_UNROLL:::",
-"NetBSD-x86",  "gcc:-DTERMIOS -DBN_ASM -D_ANSI_SOURCE -O3 -fomit-frame-pointer -m486 -Wall::BN_LLONG $x86_gcc_des $x86_gcc_opts:",
-"FreeBSD",   "gcc:-DTERMIOS -DBN_ASM -DL_ENDIAN -D_ANSI_SOURCE -fomit-frame-pointer -O3 -m486 -Wall::BN_LLONG $x86_gcc_des $x86_gcc_opts:$x86_out_asm",
-#"bsdi-gcc",     "gcc:-O3 -ffast-math -DBN_ASM -DL_ENDIAN -DPERL5 -m486::RSA_LLONG $x86_gc_des $x86_gcc_opts:$x86_bsdi_asm",
-"nextstep",    "cc:-O3 -Wall -DBN_ASM::BN_LLONG $x86_gcc_des $x86_gcc_opts:::",
+"NetBSD-m68",  "gcc:-DTERMIOS -O3 -fomit-frame-pointer -Wall -DB_ENDIAN::BN_LLONG MD2_CHAR RC4_INDEX DES_UNROLL:::",
+"NetBSD-x86",  "gcc:-DTERMIOS -D_ANSI_SOURCE -O3 -fomit-frame-pointer -m486 -Wall::BN_LLONG $x86_gcc_des $x86_gcc_opts:",
+"FreeBSD",   "gcc:-DTERMIOS -DL_ENDIAN -D_ANSI_SOURCE -fomit-frame-pointer -O3 -m486 -Wall::BN_LLONG $x86_gcc_des $x86_gcc_opts:$x86_out_asm",
+#"bsdi-gcc",     "gcc:-O3 -ffast-math -DL_ENDIAN -DPERL5 -m486::RSA_LLONG $x86_gc_des $x86_gcc_opts:$x86_bsdi_asm",
+"nextstep",    "cc:-O3 -Wall::BN_LLONG $x86_gcc_des $x86_gcc_opts:::",
 # NCR MP-RAS UNIX ver 02.03.01
 "ncr-scde","cc:-O6 -Xa -Hoff=BEHAVED -686 -Hwide -Hiw:-lsocket -lnsl:$x86_gcc_des $x86_gcc_opts:::",
 
@@ -162,10 +168,11 @@ $x86_bsdi_asm="asm/bn86bsdi.o:asm/dx86bsdi.o asm/yx86bsdi.o:asm/bx86bsdi.o:asm/m
 # DGUX, 88100.
 "dgux-R3-gcc", "gcc:-O3 -fomit-frame-pointer::RC4_INDEX DES_UNROLL:::",
 "dgux-R4-gcc", "gcc:-O3 -fomit-frame-pointer:-lnsl -lsocket:RC4_INDEX:RC4_INDEX DES_UNROLL:::",
-"dgux-R4-x86-gcc",     "gcc:-O3 -DBN_ASM -fomit-frame-pointer -DL_ENDIAN:-lnsl -lsocket:BN_LLONG $x86_gcc_des $x86_gcc_opts:$x86_elf_asm",
+"dgux-R4-x86-gcc",     "gcc:-O3 -fomit-frame-pointer -DL_ENDIAN:-lnsl -lsocket:BN_LLONG $x86_gcc_des $x86_gcc_opts:$x86_elf_asm",
 
-# SCO 5
-"sco5-cc",  "cc:-O:-lsocket:$x86_gcc_des $x86_gcc_opts:::", # des options?
+# SCO 5 - Ben Laurie <ben@algroup.co.uk> says the -O breaks the
+# SCO cc.
+"sco5-cc",  "cc::-lsocket:$x86_gcc_des $x86_gcc_opts:::", # des options?
 
 # Sinix RM400
 "SINIX-N","/usr/ucb/cc:-O2 -misaligned:-lucb:RC4_INDEX RC4_CHAR:::",
@@ -183,8 +190,19 @@ $x86_bsdi_asm="asm/bn86bsdi.o:asm/dx86bsdi.o asm/yx86bsdi.o:asm/bx86bsdi.o:asm/m
 # Borland C++ 4.5
 "BC-32","bcc32:::DES_PTR RC4_INDEX:::",
 "BC-16","bcc:::BN_LLONG DES_PTR RC4_INDEX SIXTEEN_BIT:::",
+
+# Our old Ultrix box :-). -O2 breaks some of the bignum stuff (now fixed,
+# it is a compiler bug, look in bug/ultrixcc.c for example code.
+"ultrix","cc:-O2 -DNOPROTO -DNOCONST -DL_ENDIAN:::asm/mips1.o:::",
+
+# Some OpenBSD from Bob Beck <beck@obtuse.com>
+"OpenBSD-alpha","gcc:-DTERMIOS -O3 -fomit-frame-pointer:SIXTY_FOUR_BIT_LONG DES_INT DES_PTR DES_RISC2:asm/alpha.o::",
+"OpenBSD-x86",  "gcc:-DL_ENDIAN -DTERMIOS -O3 -fomit-frame-pointer -m486::BN_LLONG $x86_gcc_des $x86_gcc_opts:$x86_out_asm",
+"OpenBSD",      "gcc:-DTERMIOS -O3 -fomit-frame-pointer::BN_LLONG RC2_CHAR RC4_INDEX DES_UNROLL:::",
+"OpenBSD-mips","gcc:-O2 -DL_ENDIAN:BN_LLONG MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC2 DES_PTR BF_PTR::::",
 );
 
+$no_asm=0;
 $postfix="org";
 $Makefile="Makefile.ssl";
 $des_locl="crypto/des/des_locl.h";
@@ -196,7 +214,7 @@ $rc4_locl="crypto/rc4/rc4_locl.h";
 $idea  ="crypto/idea/idea.h";
 $rc2   ="crypto/rc2/rc2.h";
 $bf    ="crypto/bf/bf_locl.h";
-$bn_mulw="bn_mulw.o";
+$bn_asm        ="bn_asm.o";
 $des_enc="des_enc.o fcrypt_b.o";
 $bf_enc        ="bf_enc.o";
 $cast_enc="c_enc.o";
@@ -215,7 +233,9 @@ if ($#ARGV < 0)
 $flags="";
 foreach (@ARGV)
        {
-       if ($_ =~ /^-/)
+       if ($_ =~ /^no-asm$/)
+               { $no_asm=1; }
+       elsif ($_ =~ /^-/)
                {
                if ($_ =~ /^-[lL](.*)$/)
                        {
@@ -254,7 +274,16 @@ if (!defined($table{$target}))
 $cflags="$flags$cflags" if ($flags ne "");
 $lflags="$libs$lflags"if ($libs ne "");
 
-$bn_obj=$bn_mulw       unless ($bn_obj =~ /\.o$/);
+if ($no_asm)
+       {
+       $bn_obj=$des_obj=$bf_obj=$cast_obj=$rc4_obj=$rc5_obj="";
+       $sha1_obj=$md5_obj=$rmd160_obj="";
+       }
+
+($bn1)=split(/\s+/,$bn_obj);
+$bn1=$bn_asm unless ($bn1 =~ /\.o$/);
+$bn_obj="$bn1";
+
 $des_obj=$des_enc      unless ($des_obj =~ /\.o$/);
 $bf_obj=$bf_enc                unless ($bf_obj =~ /\.o$/);
 $cast_obj=$cast_enc    unless ($cast_obj =~ /\.o$/);
@@ -282,6 +311,7 @@ open(OUT,">".$n) || die "unable to read $n:$!\n";
 while (<IN>)
        {
        chop;
+       s/^PLATFORM=.*$/PLATFORM=$target/;
        s/^CC=.*$/CC= $cc/;
        s/^CFLAG=.*$/CFLAG= $cflags/;
        s/^EX_LIBS=.*$/EX_LIBS= $lflags/;
diff --git a/HISTORY.090 b/HISTORY.090
new file mode 100644 (file)
index 0000000..b7bbb5e
--- /dev/null
@@ -0,0 +1,7 @@
+-      A minor bug in ssl/s3_clnt.c where there would always be 4 0 bytes
+       sent in the client random, thanks to 
+       Edward Bishop <ebishop@spyglass.com>
+-      Changed some BIGNUM api stuff.
+
+-      I Deleted the HISTORY.090 I was working on and when I found out, it was
+       permanently gone :-(
diff --git a/INSTALL b/INSTALL
index d394bf8..2cddfb9 100644 (file)
--- a/INSTALL
+++ b/INSTALL
@@ -126,3 +126,8 @@ The examples for solaris and windows NT/95 are in the mt directory.
 have fun
 
 eric 25-Jun-1997
+
+IRIX 5.x will build as a 32 bit system with mips1 assember.
+IRIX 6.x will build as a 64 bit system with mips3 assember.  It conforms
+to n32 standards. In theory you can compile the 64 bit assember under
+IRIX 5.x but you will have to have the correct system software installed.
diff --git a/MINFO b/MINFO
index 0509f33..4680e23 100644 (file)
--- a/MINFO
+++ b/MINFO
@@ -2,13 +2,13 @@ RELATIVE_DIRECTORY=.
 AR=ar r
 BASENAME=SSLeay
 BF_ENC=bf_enc.o
-BN_MULW=bn_mulw.o
+BN_ASM=bn_asm.o
 CAST_ENC=c_enc.o
-CC=cc
-CFLAG=-O -DNOPROTO
+CC=cl
+CFLAG=
 DES_ENC=des_enc.o fcrypt_b.o
 DIRS=crypto ssl rsaref apps test tools
-EDIRS=times doc bugs util include certs ms shlib mt demos perl dep
+EDIRS=times doc bugs util include certs ms shlib mt demos perl sf dep
 EXHEADER=e_os.h
 EX_LIBS=
 GENERAL=Makefile
@@ -20,49 +20,50 @@ MAKEFILE=Makefile.ssl
 MAN1=1
 MAN3=3
 MD5_ASM_OBJ=
-MISC=COPYRIGHT Configure HISTORY.066 INSTALL Makefile.ssl Makefile README TODO HISTORY README.066 README.080 README.090 VERSION PROBLEMS MINFO makefile.one e_os.h MICROSOFT makevms.com config PATENTS
-NAME=SSLeay-0.9.0
+MISC=COPYRIGHT Configure HISTORY.090 HISTORY.066 INSTALL Makefile.ssl Makefile README TODO HISTORY README.066 README.080 README.090 VERSION PROBLEMS MINFO makefile.one e_os.h MICROSOFT makevms.com config PATENTS
+NAME=SSLeay-0.9.1b
 ONEDIRS=out tmp
 PEX_LIBS=-L. -L.. -L../.. -L../../..
+PLATFORM=VC-WIN32
 RC4_ENC=rc4_enc.o
 RC5_ENC=rc5_enc.o
 RMD160_ASM_OBJ=
-SDIRS=md2 md5 sha mdc2 hmac ripemd des rc2 rc4 rc5 idea bf cast bn rsa dsa dh buffer bio stack lhash rand err objects evp pem asn1 x509 conf txt_db pkcs7
+SDIRS=md2 md5 sha mdc2 hmac ripemd des rc2 rc4 rc5 idea bf cast bn rsa dsa dh buffer bio stack lhash rand err objects evp pem asn1 x509 conf txt_db pkcs7 proxy comp
 SHA1_ASM_OBJ=
 SHELL=/bin/sh
-TARFILE=SSLeay-0.9.0.tar
+TARFILE=SSLeay-0.9.1b.tar
 TOP=.
-VERSION=0.9.0
+VERSION=0.9.1b
 WDIRS=windows
-WTARFILE=SSLeay-0.9.0-win.tar
+WTARFILE=SSLeay-0.9.1b-win.tar
 RELATIVE_DIRECTORY=
 RELATIVE_DIRECTORY=crypto
-ALL=Makefile README cryptlib.c mem.c cversion.c ex_data.c cpt_err.c cryptlib.h date.h crypto.h cryptall.h
+ALL=Makefile README cryptlib.c mem.c cversion.c ex_data.c tmdiff.c cpt_err.c cryptlib.h date.h crypto.h cryptall.h tmdiff.h
 AR=ar r
 CC=cc
 CFLAG=-g
-CFLAGS=-I. -I../include -g -DCFLAGS=" \"cc -g\" "
+CFLAGS=-I. -I../include -g -DCFLAGS=" \"cc -g\" " -DPLATFORM=" \"\" "
 DIR=crypto
 ERR=crypto
 ERRC=cpt_err
-EXHEADER=crypto.h cryptall.h
+EXHEADER=crypto.h cryptall.h tmdiff.h
 EX_LIBS=
 GENERAL=Makefile README
-HEADER=cryptlib.h date.h crypto.h cryptall.h
+HEADER=cryptlib.h date.h crypto.h cryptall.h tmdiff.h
 INCLUDE=-I. -I../include
 INCLUDES=-I.. -I../../include
 INSTALLTOP=/usr/local/ssl
 LIB=../libcrypto.a
-LIBOBJ=cryptlib.o mem.o cversion.o ex_data.o cpt_err.o
+LIBOBJ=cryptlib.o mem.o cversion.o ex_data.o tmdiff.o cpt_err.o
 LIBS=
-LIBSRC=cryptlib.c mem.c cversion.c ex_data.c cpt_err.c
+LIBSRC=cryptlib.c mem.c cversion.c ex_data.c tmdiff.c cpt_err.c
 MAKE=make -f Makefile.ssl
 MAKEDEPEND=makedepend -f Makefile.ssl
 MAKEFILE=Makefile.ssl
 PEX_LIBS=
 RM=/bin/rm -f
-SDIRS=md2 md5 sha mdc2 hmac ripemd des rc2 rc4 rc5 idea bf cast bn rsa dsa dh buffer bio stack lhash rand err objects evp pem x509 asn1 conf txt_db pkcs7
-SRC=cryptlib.c mem.c cversion.c ex_data.c cpt_err.c
+SDIRS=md2 md5 sha mdc2 hmac ripemd des rc2 rc4 rc5 idea bf cast bn rsa dsa dh buffer bio stack lhash rand err objects evp pem x509 asn1 conf txt_db pkcs7 proxy comp
+SRC=cryptlib.c mem.c cversion.c ex_data.c tmdiff.c cpt_err.c
 TOP=..
 RELATIVE_DIRECTORY=
 RELATIVE_DIRECTORY=crypto/md2
@@ -379,10 +380,10 @@ TEST=casttest.c
 TOP=../..
 RELATIVE_DIRECTORY=
 RELATIVE_DIRECTORY=crypto/bn
-ALL=Makefile bn_add.c bn_div.c bn_exp.c bn_lib.c bn_mod.c bn_mul.c bn_print.c bn_rand.c bn_shift.c bn_sub.c bn_word.c bn_blind.c bn_gcd.c bn_prime.c bn_err.c bn_sqr.c bn_mulw.c bn_recp.c bn_mont.c bn_mpi.c bn_lcl.h bn_prime.h bn.h
+ALL=Makefile bn_add.c bn_div.c bn_exp.c bn_lib.c bn_mul.c bn_print.c bn_rand.c bn_shift.c bn_word.c bn_blind.c bn_gcd.c bn_prime.c bn_err.c bn_sqr.c bn_asm.c bn_recp.c bn_mont.c bn_mpi.c bn_exp2.c bn_lcl.h bn_prime.h bn.h
 APPS=
 AR=ar r
-BN_MULW=bn_mulw.o
+BN_ASM=bn_asm.o
 CC=cc
 CFLAG=-g
 CFLAGS=-I.. -I../../include -g
@@ -395,12 +396,12 @@ HEADER=bn_lcl.h bn_prime.h bn.h
 INCLUDES=-I.. -I../../include
 INSTALLTOP=/usr/local/ssl
 LIB=../../libcrypto.a
-LIBOBJ=bn_add.o bn_div.o bn_exp.o bn_lib.o bn_mod.o bn_mul.o bn_print.o bn_rand.o bn_shift.o bn_sub.o bn_word.o bn_blind.o bn_gcd.o bn_prime.o bn_err.o bn_sqr.o bn_mulw.o bn_recp.o bn_mont.o bn_mpi.o
-LIBSRC=bn_add.c bn_div.c bn_exp.c bn_lib.c bn_mod.c bn_mul.c bn_print.c bn_rand.c bn_shift.c bn_sub.c bn_word.c bn_blind.c bn_gcd.c bn_prime.c bn_err.c bn_sqr.c bn_mulw.c bn_recp.c bn_mont.c bn_mpi.c
+LIBOBJ=bn_add.o bn_div.o bn_exp.o bn_lib.o bn_mul.o bn_print.o bn_rand.o bn_shift.o bn_word.o bn_blind.o bn_gcd.o bn_prime.o bn_err.o bn_sqr.o bn_asm.o bn_recp.o bn_mont.o bn_mpi.o bn_exp2.o
+LIBSRC=bn_add.c bn_div.c bn_exp.c bn_lib.c bn_mul.c bn_print.c bn_rand.c bn_shift.c bn_word.c bn_blind.c bn_gcd.c bn_prime.c bn_err.c bn_sqr.c bn_asm.c bn_recp.c bn_mont.c bn_mpi.c bn_exp2.c
 MAKE=make -f Makefile.ssl
 MAKEDEPEND=makedepend -f Makefile.ssl
 MAKEFILE=Makefile.ssl
-SRC=bn_add.c bn_div.c bn_exp.c bn_lib.c bn_mod.c bn_mul.c bn_print.c bn_rand.c bn_shift.c bn_sub.c bn_word.c bn_blind.c bn_gcd.c bn_prime.c bn_err.c bn_sqr.c bn_mulw.c bn_recp.c bn_mont.c bn_mpi.c
+SRC=bn_add.c bn_div.c bn_exp.c bn_lib.c bn_mul.c bn_print.c bn_rand.c bn_shift.c bn_word.c bn_blind.c bn_gcd.c bn_prime.c bn_err.c bn_sqr.c bn_asm.c bn_recp.c bn_mont.c bn_mpi.c bn_exp2.c
 TEST=bntest.c exptest.c
 TOP=../..
 RELATIVE_DIRECTORY=
@@ -505,7 +506,7 @@ TEST=
 TOP=../..
 RELATIVE_DIRECTORY=
 RELATIVE_DIRECTORY=crypto/bio
-ALL=Makefile bio_lib.c bio_cb.c bio_err.c bss_mem.c bss_null.c bss_fd.c bss_file.c bss_sock.c bss_conn.c bf_null.c bf_buff.c b_print.c b_dump.c b_sock.c bss_acpt.c bf_nbio.c bio.h bss_file.c
+ALL=Makefile bio_lib.c bio_cb.c bio_err.c bss_mem.c bss_null.c bss_fd.c bss_file.c bss_sock.c bss_conn.c bf_null.c bf_buff.c b_print.c b_dump.c b_sock.c bss_acpt.c bf_nbio.c bss_cs4a.c bio.h bss_file.c
 APPS=
 AR=ar r
 CC=cc
@@ -520,12 +521,12 @@ HEADER=bio.h bss_file.c
 INCLUDES=-I.. -I../../include
 INSTALLTOP=/usr/local/ssl
 LIB=../../libcrypto.a
-LIBOBJ=bio_lib.o bio_cb.o bio_err.o bss_mem.o bss_null.o bss_fd.o bss_file.o bss_sock.o bss_conn.o bf_null.o bf_buff.o b_print.o b_dump.o b_sock.o bss_acpt.o bf_nbio.o
-LIBSRC=bio_lib.c bio_cb.c bio_err.c bss_mem.c bss_null.c bss_fd.c bss_file.c bss_sock.c bss_conn.c bf_null.c bf_buff.c b_print.c b_dump.c b_sock.c bss_acpt.c bf_nbio.c
+LIBOBJ=bio_lib.o bio_cb.o bio_err.o bss_mem.o bss_null.o bss_fd.o bss_file.o bss_sock.o bss_conn.o bf_null.o bf_buff.o b_print.o b_dump.o b_sock.o bss_acpt.o bf_nbio.o bss_cs4a.o
+LIBSRC=bio_lib.c bio_cb.c bio_err.c bss_mem.c bss_null.c bss_fd.c bss_file.c bss_sock.c bss_conn.c bf_null.c bf_buff.c b_print.c b_dump.c b_sock.c bss_acpt.c bf_nbio.c bss_cs4a.c
 MAKE=make -f Makefile.ssl
 MAKEDEPEND=makedepend -f Makefile.ssl
 MAKEFILE=Makefile.ssl
-SRC=bio_lib.c bio_cb.c bio_err.c bss_mem.c bss_null.c bss_fd.c bss_file.c bss_sock.c bss_conn.c bf_null.c bf_buff.c b_print.c b_dump.c b_sock.c bss_acpt.c bf_nbio.c
+SRC=bio_lib.c bio_cb.c bio_err.c bss_mem.c bss_null.c bss_fd.c bss_file.c bss_sock.c bss_conn.c bf_null.c bf_buff.c b_print.c b_dump.c b_sock.c bss_acpt.c bf_nbio.c bss_cs4a.c
 TEST=
 TOP=../..
 RELATIVE_DIRECTORY=
@@ -576,7 +577,7 @@ TEST=
 TOP=../..
 RELATIVE_DIRECTORY=
 RELATIVE_DIRECTORY=crypto/rand
-ALL=Makefile md_rand.c randfile.c rand.h
+ALL=Makefile md_rand.c randfile.c rand_lib.c rand.h
 APPS=
 AR=ar r
 CC=cc
@@ -589,12 +590,12 @@ HEADER=rand.h
 INCLUDES=
 INSTALLTOP=/usr/local/ssl
 LIB=../../libcrypto.a
-LIBOBJ=md_rand.o randfile.o
-LIBSRC=md_rand.c randfile.c
+LIBOBJ=md_rand.o randfile.o rand_lib.o
+LIBSRC=md_rand.c randfile.c rand_lib.c
 MAKE=make -f Makefile.ssl
 MAKEDEPEND=makedepend -f Makefile.ssl
 MAKEFILE=Makefile.ssl
-SRC=md_rand.c randfile.c
+SRC=md_rand.c randfile.c rand_lib.c
 TEST=randtest.c
 TOP=../..
 RELATIVE_DIRECTORY=
@@ -622,7 +623,7 @@ TEST=
 TOP=../..
 RELATIVE_DIRECTORY=
 RELATIVE_DIRECTORY=crypto/objects
-ALL=Makefile README obj_dat.c obj_lib.c obj_err.c objects.h obj_dat.h
+ALL=Makefile README o_names.c obj_dat.c obj_lib.c obj_err.c objects.h obj_dat.h
 APPS=
 AR=ar r
 CC=cc
@@ -637,12 +638,12 @@ HEADER=objects.h obj_dat.h
 INCLUDES=-I.. -I../../include
 INSTALLTOP=/usr/local/ssl
 LIB=../../libcrypto.a
-LIBOBJ=obj_dat.o obj_lib.o obj_err.o
-LIBSRC=obj_dat.c obj_lib.c obj_err.c
+LIBOBJ=o_names.o obj_dat.o obj_lib.o obj_err.o
+LIBSRC=o_names.c obj_dat.c obj_lib.c obj_err.c
 MAKE=make -f Makefile.ssl
 MAKEDEPEND=makedepend -f Makefile.ssl
 MAKEFILE=Makefile.ssl
-SRC=obj_dat.c obj_lib.c obj_err.c
+SRC=o_names.c obj_dat.c obj_lib.c obj_err.c
 TEST=
 TOP=../..
 RELATIVE_DIRECTORY=
@@ -698,7 +699,7 @@ TEST=
 TOP=../..
 RELATIVE_DIRECTORY=
 RELATIVE_DIRECTORY=crypto/asn1
-ALL=Makefile README a_object.c a_bitstr.c a_utctm.c a_int.c a_octet.c a_print.c a_type.c a_set.c a_dup.c a_d2i_fp.c a_i2d_fp.c a_sign.c a_digest.c a_verify.c x_algor.c x_val.c x_pubkey.c x_sig.c x_req.c x_attrib.c x_name.c x_cinf.c x_x509.c x_crl.c x_info.c x_spki.c d2i_r_pr.c i2d_r_pr.c d2i_r_pu.c i2d_r_pu.c d2i_s_pr.c i2d_s_pr.c d2i_s_pu.c i2d_s_pu.c d2i_pu.c d2i_pr.c i2d_pu.c i2d_pr.c t_req.c t_x509.c t_pkey.c p7_i_s.c p7_signi.c p7_signd.c p7_recip.c p7_enc_c.c p7_evp.c p7_dgst.c p7_s_e.c p7_enc.c p7_lib.c f_int.c f_string.c i2d_dhp.c i2d_dsap.c d2i_dhp.c d2i_dsap.c n_pkey.c a_hdr.c x_pkey.c a_bool.c x_exten.c asn1_par.c asn1_lib.c asn1_err.c a_meth.c a_bytes.c evp_asn1.c asn1.h asn1_mac.h
+ALL=Makefile README a_object.c a_bitstr.c a_utctm.c a_int.c a_octet.c a_print.c a_type.c a_set.c a_dup.c a_d2i_fp.c a_i2d_fp.c a_bmp.c a_sign.c a_digest.c a_verify.c x_algor.c x_val.c x_pubkey.c x_sig.c x_req.c x_attrib.c x_name.c x_cinf.c x_x509.c x_crl.c x_info.c x_spki.c d2i_r_pr.c i2d_r_pr.c d2i_r_pu.c i2d_r_pu.c d2i_s_pr.c i2d_s_pr.c d2i_s_pu.c i2d_s_pu.c d2i_pu.c d2i_pr.c i2d_pu.c i2d_pr.c t_req.c t_x509.c t_pkey.c p7_i_s.c p7_signi.c p7_signd.c p7_recip.c p7_enc_c.c p7_evp.c p7_dgst.c p7_s_e.c p7_enc.c p7_lib.c f_int.c f_string.c i2d_dhp.c i2d_dsap.c d2i_dhp.c d2i_dsap.c n_pkey.c a_hdr.c x_pkey.c a_bool.c x_exten.c asn1_par.c asn1_lib.c asn1_err.c a_meth.c a_bytes.c evp_asn1.c asn1.h asn1_mac.h
 APPS=
 AR=ar r
 CC=cc
@@ -713,12 +714,12 @@ HEADER=asn1.h asn1_mac.h
 INCLUDES=-I.. -I../../include
 INSTALLTOP=/usr/local/ssl
 LIB=../../libcrypto.a
-LIBOBJ=a_object.o a_bitstr.o a_utctm.o a_int.o a_octet.o a_print.o a_type.o a_set.o a_dup.o a_d2i_fp.o a_i2d_fp.o a_sign.o a_digest.o a_verify.o x_algor.o x_val.o x_pubkey.o x_sig.o x_req.o x_attrib.o x_name.o x_cinf.o x_x509.o x_crl.o x_info.o x_spki.o d2i_r_pr.o i2d_r_pr.o d2i_r_pu.o i2d_r_pu.o d2i_s_pr.o i2d_s_pr.o d2i_s_pu.o i2d_s_pu.o d2i_pu.o d2i_pr.o i2d_pu.o i2d_pr.o t_req.o t_x509.o t_pkey.o p7_i_s.o p7_signi.o p7_signd.o p7_recip.o p7_enc_c.o p7_evp.o p7_dgst.o p7_s_e.o p7_enc.o p7_lib.o f_int.o f_string.o i2d_dhp.o i2d_dsap.o d2i_dhp.o d2i_dsap.o n_pkey.o a_hdr.o x_pkey.o a_bool.o x_exten.o asn1_par.o asn1_lib.o asn1_err.o a_meth.o a_bytes.o evp_asn1.o
-LIBSRC=a_object.c a_bitstr.c a_utctm.c a_int.c a_octet.c a_print.c a_type.c a_set.c a_dup.c a_d2i_fp.c a_i2d_fp.c a_sign.c a_digest.c a_verify.c x_algor.c x_val.c x_pubkey.c x_sig.c x_req.c x_attrib.c x_name.c x_cinf.c x_x509.c x_crl.c x_info.c x_spki.c d2i_r_pr.c i2d_r_pr.c d2i_r_pu.c i2d_r_pu.c d2i_s_pr.c i2d_s_pr.c d2i_s_pu.c i2d_s_pu.c d2i_pu.c d2i_pr.c i2d_pu.c i2d_pr.c t_req.c t_x509.c t_pkey.c p7_i_s.c p7_signi.c p7_signd.c p7_recip.c p7_enc_c.c p7_evp.c p7_dgst.c p7_s_e.c p7_enc.c p7_lib.c f_int.c f_string.c i2d_dhp.c i2d_dsap.c d2i_dhp.c d2i_dsap.c n_pkey.c a_hdr.c x_pkey.c a_bool.c x_exten.c asn1_par.c asn1_lib.c asn1_err.c a_meth.c a_bytes.c evp_asn1.c
+LIBOBJ=a_object.o a_bitstr.o a_utctm.o a_int.o a_octet.o a_print.o a_type.o a_set.o a_dup.o a_d2i_fp.o a_i2d_fp.o a_bmp.o a_sign.o a_digest.o a_verify.o x_algor.o x_val.o x_pubkey.o x_sig.o x_req.o x_attrib.o x_name.o x_cinf.o x_x509.o x_crl.o x_info.o x_spki.o d2i_r_pr.o i2d_r_pr.o d2i_r_pu.o i2d_r_pu.o d2i_s_pr.o i2d_s_pr.o d2i_s_pu.o i2d_s_pu.o d2i_pu.o d2i_pr.o i2d_pu.o i2d_pr.o t_req.o t_x509.o t_pkey.o p7_i_s.o p7_signi.o p7_signd.o p7_recip.o p7_enc_c.o p7_evp.o p7_dgst.o p7_s_e.o p7_enc.o p7_lib.o f_int.o f_string.o i2d_dhp.o i2d_dsap.o d2i_dhp.o d2i_dsap.o n_pkey.o a_hdr.o x_pkey.o a_bool.o x_exten.o asn1_par.o asn1_lib.o asn1_err.o a_meth.o a_bytes.o evp_asn1.o
+LIBSRC=a_object.c a_bitstr.c a_utctm.c a_int.c a_octet.c a_print.c a_type.c a_set.c a_dup.c a_d2i_fp.c a_i2d_fp.c a_bmp.c a_sign.c a_digest.c a_verify.c x_algor.c x_val.c x_pubkey.c x_sig.c x_req.c x_attrib.c x_name.c x_cinf.c x_x509.c x_crl.c x_info.c x_spki.c d2i_r_pr.c i2d_r_pr.c d2i_r_pu.c i2d_r_pu.c d2i_s_pr.c i2d_s_pr.c d2i_s_pu.c i2d_s_pu.c d2i_pu.c d2i_pr.c i2d_pu.c i2d_pr.c t_req.c t_x509.c t_pkey.c p7_i_s.c p7_signi.c p7_signd.c p7_recip.c p7_enc_c.c p7_evp.c p7_dgst.c p7_s_e.c p7_enc.c p7_lib.c f_int.c f_string.c i2d_dhp.c i2d_dsap.c d2i_dhp.c d2i_dsap.c n_pkey.c a_hdr.c x_pkey.c a_bool.c x_exten.c asn1_par.c asn1_lib.c asn1_err.c a_meth.c a_bytes.c evp_asn1.c
 MAKE=make -f Makefile.ssl
 MAKEDEPEND=makedepend -f Makefile.ssl
 MAKEFILE=Makefile.ssl
-SRC=a_object.c a_bitstr.c a_utctm.c a_int.c a_octet.c a_print.c a_type.c a_set.c a_dup.c a_d2i_fp.c a_i2d_fp.c a_sign.c a_digest.c a_verify.c x_algor.c x_val.c x_pubkey.c x_sig.c x_req.c x_attrib.c x_name.c x_cinf.c x_x509.c x_crl.c x_info.c x_spki.c d2i_r_pr.c i2d_r_pr.c d2i_r_pu.c i2d_r_pu.c d2i_s_pr.c i2d_s_pr.c d2i_s_pu.c i2d_s_pu.c d2i_pu.c d2i_pr.c i2d_pu.c i2d_pr.c t_req.c t_x509.c t_pkey.c p7_i_s.c p7_signi.c p7_signd.c p7_recip.c p7_enc_c.c p7_evp.c p7_dgst.c p7_s_e.c p7_enc.c p7_lib.c f_int.c f_string.c i2d_dhp.c i2d_dsap.c d2i_dhp.c d2i_dsap.c n_pkey.c a_hdr.c x_pkey.c a_bool.c x_exten.c asn1_par.c asn1_lib.c asn1_err.c a_meth.c a_bytes.c evp_asn1.c
+SRC=a_object.c a_bitstr.c a_utctm.c a_int.c a_octet.c a_print.c a_type.c a_set.c a_dup.c a_d2i_fp.c a_i2d_fp.c a_bmp.c a_sign.c a_digest.c a_verify.c x_algor.c x_val.c x_pubkey.c x_sig.c x_req.c x_attrib.c x_name.c x_cinf.c x_x509.c x_crl.c x_info.c x_spki.c d2i_r_pr.c i2d_r_pr.c d2i_r_pu.c i2d_r_pu.c d2i_s_pr.c i2d_s_pr.c d2i_s_pu.c i2d_s_pu.c d2i_pu.c d2i_pr.c i2d_pu.c i2d_pr.c t_req.c t_x509.c t_pkey.c p7_i_s.c p7_signi.c p7_signd.c p7_recip.c p7_enc_c.c p7_evp.c p7_dgst.c p7_s_e.c p7_enc.c p7_lib.c f_int.c f_string.c i2d_dhp.c i2d_dsap.c d2i_dhp.c d2i_dsap.c n_pkey.c a_hdr.c x_pkey.c a_bool.c x_exten.c asn1_par.c asn1_lib.c asn1_err.c a_meth.c a_bytes.c evp_asn1.c
 TEST=
 TOP=../..
 RELATIVE_DIRECTORY=
@@ -820,8 +821,58 @@ SRC=pk7_lib.c pkcs7err.c pk7_doit.c
 TEST=
 TOP=../..
 RELATIVE_DIRECTORY=
+RELATIVE_DIRECTORY=crypto/proxy
+ALL=Makefile proxy.c pxy_txt.c bf_proxy.c pxy_conf.c pxy_err.c proxy.h
+APPS=
+AR=ar r
+CC=cc
+CFLAG=-g
+CFLAGS=-I.. -I../../include -g
+DIR=proxy
+ERR=proxy
+ERRC=pxy_err
+EXHEADER=proxy.h
+GENERAL=Makefile
+HEADER=proxy.h
+INCLUDES=-I.. -I../../include
+INSTALLTOP=/usr/local/ssl
+LIB=../../libcrypto.a
+LIBOBJ=proxy.o pxy_txt.o bf_proxy.o pxy_conf.o pxy_err.o
+LIBSRC=proxy.c pxy_txt.c bf_proxy.c pxy_conf.c pxy_err.c
+MAKE=make -f Makefile.ssl
+MAKEDEPEND=makedepend -f Makefile.ssl
+MAKEFILE=Makefile.ssl
+SRC=proxy.c pxy_txt.c bf_proxy.c pxy_conf.c pxy_err.c
+TEST=
+TOP=../..
+RELATIVE_DIRECTORY=
+RELATIVE_DIRECTORY=crypto/comp
+ALL=Makefile comp_lib.c c_rle.c c_zlib.c comp.h
+APPS=
+AR=ar r
+CC=cc
+CFLAG=-g
+CFLAGS=-I.. -I../../include -g
+DIR=comp
+ERR=comp
+ERRC=comp_err
+EXHEADER=comp.h
+GENERAL=Makefile
+HEADER=comp.h
+INCLUDES=-I.. -I../../include
+INSTALLTOP=/usr/local/ssl
+LIB=../../libcrypto.a
+LIBOBJ=comp_lib.o c_rle.o c_zlib.o
+LIBSRC=comp_lib.c c_rle.c c_zlib.c
+MAKE=make -f Makefile.ssl
+MAKEDEPEND=makedepend -f Makefile.ssl
+MAKEFILE=Makefile.ssl
+SRC=comp_lib.c c_rle.c c_zlib.c
+TEST=
+TOP=../..
+RELATIVE_DIRECTORY=
 RELATIVE_DIRECTORY=ssl
-ALL=Makefile README s2_meth.c s2_srvr.c s2_clnt.c s2_lib.c s2_enc.c s2_pkt.c s3_meth.c s3_srvr.c s3_clnt.c s3_lib.c s3_enc.c s3_pkt.c s3_both.c s23_meth.c s23_srvr.c s23_clnt.c s23_lib.c s23_pkt.c t1_meth.c t1_srvr.c t1_clnt.c t1_lib.c t1_enc.c ssl_lib.c ssl_err2.c ssl_cert.c ssl_sess.c ssl_ciph.c ssl_stat.c ssl_rsa.c ssl_asn1.c ssl_txt.c ssl_algs.c bio_ssl.c ssl_err.c ssl.h ssl2.h ssl3.h ssl23.h tls1.h ssl_locl.h
+ALL=Makefile README s2_meth.c s2_srvr.c s2_clnt.c s2_lib.c s2_enc.c s2_pkt.c s3_meth.c s3_srvr.c s3_clnt.c s3_lib.c s3_enc.c s3_pkt.c s3_both.c s23_meth.c s23_srvr.c s23_clnt.c s23_lib.c s23_pkt.c t1_meth.c t1_srvr.c t1_clnt.c t1_lib.c t1_enc.c ssl_lib.c ssl_err2.c ssl_cert.c ssl_sess.c ssl_ciph.c ssl_stat.c ssl_rsa.c ssl_asn1.c ssl_txt.c ssl_algs.c bio_ssl.c pxy_ssl.c ssl_err.c ssl.h ssl2.h ssl3.h ssl23.h tls1.h ssl_locl.h
 APPS=
 AR=ar r
 CC=cc
@@ -836,12 +887,12 @@ HEADER=ssl.h ssl2.h ssl3.h ssl23.h tls1.h ssl_locl.h
 INCLUDES=-I../crypto -I../include
 INSTALLTOP=/usr/local/ssl
 LIB=../libssl.a
-LIBOBJ=s2_meth.o s2_srvr.o s2_clnt.o s2_lib.o s2_enc.o s2_pkt.o s3_meth.o s3_srvr.o s3_clnt.o s3_lib.o s3_enc.o s3_pkt.o s3_both.o s23_meth.o s23_srvr.o s23_clnt.o s23_lib.o s23_pkt.o t1_meth.o t1_srvr.o t1_clnt.o t1_lib.o t1_enc.o ssl_lib.o ssl_err2.o ssl_cert.o ssl_sess.o ssl_ciph.o ssl_stat.o ssl_rsa.o ssl_asn1.o ssl_txt.o ssl_algs.o bio_ssl.o ssl_err.o
-LIBSRC=s2_meth.c s2_srvr.c s2_clnt.c s2_lib.c s2_enc.c s2_pkt.c s3_meth.c s3_srvr.c s3_clnt.c s3_lib.c s3_enc.c s3_pkt.c s3_both.c s23_meth.c s23_srvr.c s23_clnt.c s23_lib.c s23_pkt.c t1_meth.c t1_srvr.c t1_clnt.c t1_lib.c t1_enc.c ssl_lib.c ssl_err2.c ssl_cert.c ssl_sess.c ssl_ciph.c ssl_stat.c ssl_rsa.c ssl_asn1.c ssl_txt.c ssl_algs.c bio_ssl.c ssl_err.c
+LIBOBJ=s2_meth.o s2_srvr.o s2_clnt.o s2_lib.o s2_enc.o s2_pkt.o s3_meth.o s3_srvr.o s3_clnt.o s3_lib.o s3_enc.o s3_pkt.o s3_both.o s23_meth.o s23_srvr.o s23_clnt.o s23_lib.o s23_pkt.o t1_meth.o t1_srvr.o t1_clnt.o t1_lib.o t1_enc.o ssl_lib.o ssl_err2.o ssl_cert.o ssl_sess.o ssl_ciph.o ssl_stat.o ssl_rsa.o ssl_asn1.o ssl_txt.o ssl_algs.o bio_ssl.o pxy_ssl.o ssl_err.o
+LIBSRC=s2_meth.c s2_srvr.c s2_clnt.c s2_lib.c s2_enc.c s2_pkt.c s3_meth.c s3_srvr.c s3_clnt.c s3_lib.c s3_enc.c s3_pkt.c s3_both.c s23_meth.c s23_srvr.c s23_clnt.c s23_lib.c s23_pkt.c t1_meth.c t1_srvr.c t1_clnt.c t1_lib.c t1_enc.c ssl_lib.c ssl_err2.c ssl_cert.c ssl_sess.c ssl_ciph.c ssl_stat.c ssl_rsa.c ssl_asn1.c ssl_txt.c ssl_algs.c bio_ssl.c pxy_ssl.c ssl_err.c
 MAKE=make -f Makefile.ssl
 MAKEDEPEND=makedepend -f Makefile.ssl
 MAKEFILE=Makefile.ssl
-SRC=s2_meth.c s2_srvr.c s2_clnt.c s2_lib.c s2_enc.c s2_pkt.c s3_meth.c s3_srvr.c s3_clnt.c s3_lib.c s3_enc.c s3_pkt.c s3_both.c s23_meth.c s23_srvr.c s23_clnt.c s23_lib.c s23_pkt.c t1_meth.c t1_srvr.c t1_clnt.c t1_lib.c t1_enc.c ssl_lib.c ssl_err2.c ssl_cert.c ssl_sess.c ssl_ciph.c ssl_stat.c ssl_rsa.c ssl_asn1.c ssl_txt.c ssl_algs.c bio_ssl.c ssl_err.c
+SRC=s2_meth.c s2_srvr.c s2_clnt.c s2_lib.c s2_enc.c s2_pkt.c s3_meth.c s3_srvr.c s3_clnt.c s3_lib.c s3_enc.c s3_pkt.c s3_both.c s23_meth.c s23_srvr.c s23_clnt.c s23_lib.c s23_pkt.c t1_meth.c t1_srvr.c t1_clnt.c t1_lib.c t1_enc.c ssl_lib.c ssl_err2.c ssl_cert.c ssl_sess.c ssl_ciph.c ssl_stat.c ssl_rsa.c ssl_asn1.c ssl_txt.c ssl_algs.c bio_ssl.c pxy_ssl.c ssl_err.c
 TEST=ssltest.c
 TOP=..
 RELATIVE_DIRECTORY=
@@ -871,7 +922,7 @@ TEST=
 TOP=..
 RELATIVE_DIRECTORY=
 RELATIVE_DIRECTORY=apps
-ALL=Makefile verify.c asn1pars.c req.c dgst.c dh.c enc.c gendh.c errstr.c ca.c pkcs7.c crl2p7.c crl.c rsa.c dsa.c dsaparam.c x509.c genrsa.c s_server.c s_client.c speed.c s_time.c apps.c s_cb.c s_socket.c version.c sess_id.c ciphers.c apps.h progs.h s_apps.h testdsa.h testrsa.h 
+ALL=Makefile verify.c asn1pars.c req.c dgst.c dh.c enc.c gendh.c errstr.c ca.c pkcs7.c crl2p7.c crl.c rsa.c dsa.c dsaparam.c x509.c genrsa.c s_server.c s_client.c speed.c s_time.c apps.c s_cb.c s_socket.c bf_perm.c version.c sess_id.c ciphers.c apps.h progs.h s_apps.h testdsa.h testrsa.h 
 A_OBJ=apps.o
 A_SRC=apps.c
 CC=cc
@@ -884,8 +935,8 @@ EXE=ssleay
 EXHEADER=
 EX_LIBS=
 E_EXE=verify asn1pars req dgst dh enc gendh errstr ca crl rsa dsa dsaparam x509 genrsa s_server s_client speed s_time version pkcs7 crl2pkcs7 sess_id ciphers
-E_OBJ=verify.o asn1pars.o req.o dgst.o dh.o enc.o gendh.o errstr.o ca.o pkcs7.o crl2p7.o crl.o rsa.o dsa.o dsaparam.o x509.o genrsa.o s_server.o s_client.o speed.o s_time.o apps.o s_cb.o s_socket.o version.o sess_id.o ciphers.o
-E_SRC=verify.c asn1pars.c req.c dgst.c dh.c enc.c gendh.c errstr.c ca.c pkcs7.c crl2p7.c crl.c rsa.c dsa.c dsaparam.c x509.c genrsa.c s_server.c s_client.c speed.c s_time.c apps.c s_cb.c s_socket.c version.c sess_id.c ciphers.c
+E_OBJ=verify.o asn1pars.o req.o dgst.o dh.o enc.o gendh.o errstr.o ca.o pkcs7.o crl2p7.o crl.o rsa.o dsa.o dsaparam.o x509.o genrsa.o s_server.o s_client.o s_ speed.o s_time.o apps.o s_cb.o s_socket.o bf_perm.o version.o sess_id.o ciphers.o
+E_SRC=verify.c asn1pars.c req.c dgst.c dh.c enc.c gendh.c errstr.c ca.c pkcs7.c crl2p7.c crl.c rsa.c dsa.c dsaparam.c x509.c genrsa.c s_server.c s_client.c speed.c s_time.c apps.c s_cb.c s_socket.c bf_perm.c version.c sess_id.c ciphers.c
 GENERAL=Makefile
 HEADER=apps.h progs.h s_apps.h testdsa.h testrsa.h 
 INCLUDES=-I../include
@@ -899,10 +950,10 @@ PEX_LIBS=
 PROGS=ssleay.c
 RM=/bin/rm -f
 SCRIPTS=CA.sh der_chop
-SRC=verify.c asn1pars.c req.c dgst.c dh.c enc.c gendh.c errstr.c ca.c pkcs7.c crl2p7.c crl.c rsa.c dsa.c dsaparam.c x509.c genrsa.c s_server.c s_client.c speed.c s_time.c apps.c s_cb.c s_socket.c version.c sess_id.c ciphers.c
+SRC=verify.c asn1pars.c req.c dgst.c dh.c enc.c gendh.c errstr.c ca.c pkcs7.c crl2p7.c crl.c rsa.c dsa.c dsaparam.c x509.c genrsa.c s_server.c s_client.c speed.c s_time.c apps.c s_cb.c s_socket.c bf_perm.c version.c sess_id.c ciphers.c
 SSLEAY=ssleay
-S_OBJ=s_cb.o s_socket.o
-S_SRC=s_cb.c s_socket.c
+S_OBJ=s_cb.o s_socket.o bf_perm.o
+S_SRC=s_cb.c s_socket.c bf_perm.c
 TOP=..
 RELATIVE_DIRECTORY=
 RELATIVE_DIRECTORY=test
index 0f35202..09c2ff2 100644 (file)
@@ -1,6 +1,7 @@
 #
 # Makefile for all the SSL related library routines and utilities
-VERSION = 0.9.0a
+VERSION = 0.9.1b
+PLATFORM=debug
 #
 # make install will install:
 #   libraries into $INSTALLTOP/lib
@@ -57,29 +58,31 @@ VERSION = 0.9.0a
 # MD5_ASM needs to be defined to use the x86 assembler for MD5
 # SHA1_ASM needs to be defined to use the x86 assembler for SHA1
 # RMD160_ASM needs to be defined to use the x86 assembler for RIPEMD160
+# Do not define B_ENDIAN or L_ENDIAN if 'unsigned long' == 8.  It must
+# equal 4.
+# PKCS1_CHECK - pkcs1 tests.
 
-
-CC= cc
-#CFLAG= -DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -m486 -Wall -Wuninitialized -DMD5_ASM -DSHA1_ASM -DRMD160_ASM
-CFLAG= -O -DNOPROTO
+CC= gcc
+#CFLAG= -DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -m486 -Wall -Wuninitialized -DSHA1_ASM -DMD5_ASM -DRMD160_ASM
+CFLAG= -DBN_DEBUG -DREF_CHECK -DCRYPTO_MDEBUG -ggdb -g2 -Wformat -Wshadow -Wmissing-prototypes -Wmissing-declarations -Werror
 PEX_LIBS= -L. -L.. -L../.. -L../../..
-EX_LIBS= 
+EX_LIBS= -lefence
 AR=ar r
 
-# Set BN_MULW to bn_mulw.o if you want to use the C version
-BN_MULW= bn_mulw.o
-#BN_MULW= bn_mulw.o
-#BN_MULW= asm/bn86-elf.o        # elf, linux-elf
-#BN_MULW= asm/bn86-sol.o        # solaris
-#BN_MULW= asm/bn86-out.o        # a.out, FreeBSD
-#BN_MULW= asm/bn86bsdi.o        # bsdi
-#BN_MULW= asm/alpha.o           # DEC Alpha
-#BN_MULW= asm/pa-risc2.o        # HP-UX PA-RISC
-#BN_MULW= asm/r3000.o           # SGI MIPS cpu
-#BN_MULW= asm/sparc.o           # Sun solaris/SunOS
-#BN_MULW= asm/bn-win32.o                # Windows 95/NT
-#BN_MULW= asm/x86w16.o          # 16 bit code for Windows 3.1/DOS
-#BN_MULW= asm/x86w32.o          # 32 bit code for Windows 3.1
+# Set BN_ASM to bn_asm.o if you want to use the C version
+BN_ASM= bn_asm.o
+#BN_ASM= bn_asm.o
+#BN_ASM= asm/bn86-elf.o        # elf, linux-elf
+#BN_ASM= asm/bn86-sol.o # solaris
+#BN_ASM= asm/bn86-out.o # a.out, FreeBSD
+#BN_ASM= asm/bn86bsdi.o # bsdi
+#BN_ASM= asm/alpha.o    # DEC Alpha
+#BN_ASM= asm/pa-risc2.o # HP-UX PA-RISC
+#BN_ASM= asm/r3000.o    # SGI MIPS cpu
+#BN_ASM= asm/sparc.o    # Sun solaris/SunOS
+#BN_ASM= asm/bn-win32.o # Windows 95/NT
+#BN_ASM= asm/x86w16.o   # 16 bit code for Windows 3.1/DOS
+#BN_ASM= asm/x86w32.o   # 32 bit code for Windows 3.1
 
 # Set DES_ENC to des_enc.o if you want to use the C version
 #There are 4 x86 assember options.
@@ -154,7 +157,7 @@ SDIRS=  \
        des rc2 rc4 rc5 idea bf cast \
        bn rsa dsa dh \
        buffer bio stack lhash rand err objects \
-       evp pem asn1 x509 conf txt_db pkcs7
+       evp pem asn1 x509 conf txt_db pkcs7 comp
 
 # If you change the INSTALLTOP, make sure to also change the values
 # in crypto/location.h
@@ -169,8 +172,9 @@ SHELL=/bin/sh
 
 TOP=    .
 ONEDIRS=out tmp
-EDIRS=  times doc bugs util include certs ms shlib mt demos perl dep
-MISC=   COPYRIGHT Configure HISTORY.066 INSTALL Makefile.ssl Makefile \
+EDIRS=  times doc bugs util include certs ms shlib mt demos perl sf dep
+MISC=   COPYRIGHT Configure HISTORY.090        HISTORY.066 INSTALL Makefile.ssl \
+       Makefile \
        README TODO HISTORY README.066 README.080 README.090 \
        VERSION PROBLEMS MINFO makefile.one e_os.h \
        MICROSOFT makevms.com config PATENTS
@@ -189,16 +193,19 @@ all:
        @for i in $(DIRS) ;\
        do \
        (cd $$i; echo "making $$i..."; \
-       $(MAKE) CC='${CC}' CFLAG='${CFLAG}' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' BN_MULW='${BN_MULW}' DES_ENC='${DES_ENC}' BF_ENC='${BF_ENC}' CAST_ENC='${CAST_ENC}' RC4_ENC='${RC4_ENC}' RC5_ENC='${RC5_ENC}' SHA1_ASM_OBJ='${SHA1_ASM_OBJ}' MD5_ASM_OBJ='${MD5_ASM_OBJ}' RMD160_ASM_OBJ='${RMD160_ASM_OBJ}' SDIRS='${SDIRS}' AR='${AR}' all ); \
+       $(MAKE) CC='${CC}' PLATFORM='${PLATFORM}' CFLAG='${CFLAG}' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' BN_ASM='${BN_ASM}' DES_ENC='${DES_ENC}' BF_ENC='${BF_ENC}' CAST_ENC='${CAST_ENC}' RC4_ENC='${RC4_ENC}' RC5_ENC='${RC5_ENC}' SHA1_ASM_OBJ='${SHA1_ASM_OBJ}' MD5_ASM_OBJ='${MD5_ASM_OBJ}' RMD160_ASM_OBJ='${RMD160_ASM_OBJ}' SDIRS='${SDIRS}' AR='${AR}' all ); \
        done;
 
 sub_all:
        @for i in $(DIRS) ;\
        do \
        (cd $$i; echo "making $$i..."; \
-       $(MAKE) CC='${CC}' CFLAG='${CFLAG}' SDIRS='$(SDIRS)' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' BN_MULW='${BN_MULW}' DES_ENC='${DES_ENC}' BF_ENC='${BF_ENC}' CAST_ENC='${CAST_ENC}' RC4_ENC='${RC4_ENC}' RC5_ENC='${RC5_ENC}' SHA1_ASM_OBJ='${SHA1_ASM_OBJ}' MD5_ASM_OBJ='${MD5_ASM_OBJ}' RMD160_ASM_OBJ='${RMD160_ASM_OBJ}' AR='${AR}' all ); \
+       $(MAKE) CC='${CC}' PLATFORM='${PLATFORM}' CFLAG='${CFLAG}' SDIRS='$(SDIRS)' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' BN_ASM='${BN_ASM}' DES_ENC='${DES_ENC}' BF_ENC='${BF_ENC}' CAST_ENC='${CAST_ENC}' RC4_ENC='${RC4_ENC}' RC5_ENC='${RC5_ENC}' SHA1_ASM_OBJ='${SHA1_ASM_OBJ}' MD5_ASM_OBJ='${MD5_ASM_OBJ}' RMD160_ASM_OBJ='${RMD160_ASM_OBJ}' AR='${AR}' all ); \
        done;
 
+libclean:
+       /bin/rm *.a */lib */*/lib
+
 clean:
        /bin/rm -f shlib/*.o *.o core a.out fluff *.map
        @for i in $(DIRS) ;\
@@ -253,7 +260,7 @@ test:   tests
 
 tests:
        (cd test; echo "testing $$i..."; \
-       $(MAKE) CC='${CC}' CFLAG='${CFLAG}' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' BN_MULW='${BN_MULW}' DES_ENC='${DES_ENC}' BF_ENC='${BF_ENC}' CAST_ENC='${CAST_ENC}' RC4_ENC='${RC4_ENC}' RC5_ENC='${RC5_ENC}' SDIRS='${SDIRS}' SHA1_ASM_OBJ='${SHA1_ASM_OBJ}' MD5_ASM_OBJ='${MD5_ASM_OBJ}' RMD160_ASM_OBJ='${RMD160_ASM_OBJ}' AR='${AR}' tests );
+       $(MAKE) CC='${CC}' CFLAG='${CFLAG}' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' BN_ASM='${BN_ASM}' DES_ENC='${DES_ENC}' BF_ENC='${BF_ENC}' CAST_ENC='${CAST_ENC}' RC4_ENC='${RC4_ENC}' RC5_ENC='${RC5_ENC}' SDIRS='${SDIRS}' SHA1_ASM_OBJ='${SHA1_ASM_OBJ}' MD5_ASM_OBJ='${MD5_ASM_OBJ}' RMD160_ASM_OBJ='${RMD160_ASM_OBJ}' AR='${AR}' tests );
        @apps/ssleay version -a
 
 depend:
diff --git a/PATENTS b/PATENTS
index 61423d0..1e09003 100644 (file)
--- a/PATENTS
+++ b/PATENTS
@@ -1,9 +1,13 @@
 RSA Data Security holds software patents on the RSA and RC5 algorithms.
 If there ciphers are used used inside the USA (and Japan?), you must contact
-RSA Data Security for licencing conditions.
-
-The IDEA algorithm is patented by XXXX and they should be contacted if that
-algorithm is to be used.
+RSA Data Security for licencing conditions.  Their web page is
+http://www.rsa.com
 
 RC4 is a trademark of RSA Data Security, so use of this label should perhaps
-only me used with RSA Data Security's permission.
+only me used with RSA Data Security's permission. 
+
+The IDEA algorithm is patented by Ascom in Austria, France, Germany,
+Italy, Japan, Netherlands, Spain, Sweden, Switzerland, UK and the USA.
+They should be contacted if that algorithm is to be used, their web page is
+http://www.ascom.ch
+
diff --git a/README b/README
index eaa7700..bc72bfe 100644 (file)
--- a/README
+++ b/README
@@ -1,4 +1,4 @@
-               SSLeay 0.9.0b 29-Jun-1998
+               SSLeay 0.9.1a 06-Jul-1998
                Copyright (c) 1997, Eric Young
                All rights reserved.
 
index 634870d..811037f 100644 (file)
@@ -5,67 +5,4 @@ I expect a 0.9.1 will follow with portability fixes in the next few weeks.
 This is a quick, meet the deadline.  Look to ssl-users for comments on what
 is new etc.
 
-The state of play
-- TLSv1 - I need to do some explaining about how the methods interact.
-  The bad news is that SSLeay 0.8.x application will not roll back to
-  SSLv3, I suffed up.  0.8.x is rather pedantic about the '3.0' version
-  number.  Look at the 'no-tls' options in applications in the apps directory.
-- The perl5 stuff is very rough.  The SSL part does not work due to
-  reference count hassles in the BIO stuff.  I just have not had time to
-  look at it.  The cipher, digest and bignum stuff works though.  I just
-  need to clean up the API.
-- Lots of x86 assember.  I now have it for des, 3des, rc4, rc5, blowfish,
-  cast, md5, sha1 and ripemd160.  It has been tested on win32, linux (elf)
-  and FreeBSD (a.out).
-- As mentioned above, cast, rc5 and ripemd160 have been added.
-- A simple HMAC set of functions.
-- EX_DATA strucutre, which can be used by applications or other libraries
-  to tack arbitarty data against strucutures that include it.
-  You will probably have to see examples to see how to use it, and I will
-  elaberate on the ssl-users mailing list
-- RSA blinding.  If you fear timing attacks on RSA, you can turn on
-  blinding which defeats it.
-- From Tim Hudson, try running 'sh config' instead of 'perl Configure'.
-  I makes an educated guess as to what you are and then runs 'perl Configure'
-- The error stuff has been modified so arbitary strings can be taged
-  against an error message.  It is used in a few places to elaberate on
-  parameters that caused the error.
-
-Areas of work
-- The 16bit big-num assember needs a routine added.  The WIN16 and
-  WIN32 stuff is ok, but MS-DOS or 286 builds need the update.
-- Most of the bignum assember will not work.  There will be a function
-  missing, bn_add_words().  I need people to send me the C compiler output
-  for platforms I don't already have.  Currently, the assember is correct for
-  x86, win32, win16(386+), linux elf, FreeBSD a.out and sparc.
-- PKCS7, I have delusions of s/MIME.  I need to do a BIO interface.
-- perl5, it needs finishing
-- X509v3 extension.  I have some ideas, I just need to
-  implement them :-)
-- Public key methods.  I need to clean up the library internally so
-  public key methods are loaded is a similar way to symetric ciphers
-  and digests.  I also need to seperate out the digests from public
-  key methods.  This stuff is needed to support sortware patents, smaller
-  code size and hardware tokens.
-
-Anyway, this release gets out the bug fixes and TLS, but be warned, until
-all those old SSLeay 0.8.x based server get upgraded, you will need to
-connect with SSLv3 if TLSv1 fails.
-
 eric (about to go bushwalking for the 4 day easter break :-)
-
-PS Common problems
-- For Win32 build, use /MD to specify your libraries, or build SSLeay with
-  the same flags as your application.  Visual C stuffs up the malloc routines
-  if memory allocated by one memory model is freed by another.  FILE pointers
-  are a major cause of these problem.
-- If you are trying to use non-blocking IO and it is not working,
-  try 'ssleay s_client -help' and see if the -nbio option is listed.
-  For unixware, it has the non-block IO define in 'differnt' header file
-  and SSLeay will silently build without non-blocking IO calls (but for
-  unixware, the special header has been included).
-- -DL_ENDIAN.  For the message digests, some code needs to be turned off
-  in the C code when assember is used.  For x86, this means the L_ENDIAN
-  needs to defined when x86 -DSHA1_ASM is defined.  The reasons this is
-  not automagically done is because non-x86 assember could be bigendian.
-  For pure C code builds, the B_ENDIAN/L_ENDIAN flags are optional.
index 3d38228..edeffaa 100644 (file)
  * [including the GNU Public Licence.]
  */
 
+/* A nice addition from Dr Stephen Henson <shenson@bigfoot.com> to 
+ * add the -strparse option which parses nested binarary structures
+ */
+
 #include <stdio.h>
 #include <stdlib.h>
 #include <string.h>
 #include "x509.h"
 #include "pem.h"
 
-#define FORMAT_UNDEF   0
-#define FORMAT_ASN1    1
-#define FORMAT_TEXT    2
-#define FORMAT_PEM     3
-
 /* -inform arg - input format - default PEM (DER or PEM)
  * -in arg     - input file - default stdin
  * -i          - indent the details by depth
@@ -85,13 +84,16 @@ int MAIN(argc, argv)
 int argc;
 char **argv;
        {
-       int i,badops=0,offset=0,ret=1;
+       int i,badops=0,offset=0,ret=1,j;
        unsigned int length=0;
-       long num;
+       long num,tmplen;
        BIO *in=NULL,*out=NULL,*b64=NULL;
        int informat,indent=0;
        char *infile=NULL,*str=NULL,*prog,*oidfile=NULL;
+       unsigned char *tmpbuf;
        BUF_MEM *buf=NULL;
+       STACK *osk=NULL;
+       ASN1_TYPE *at=NULL;
 
        informat=FORMAT_PEM;
 
@@ -104,6 +106,11 @@ char **argv;
        prog=argv[0];
        argc--;
        argv++;
+       if ((osk=sk_new_null()) == NULL)
+               {
+               BIO_printf(bio_err,"Malloc failure\n");
+               goto end;
+               }
        while (argc >= 1)
                {
                if      (strcmp(*argv,"-inform") == 0)
@@ -136,6 +143,11 @@ char **argv;
                        length= atoi(*(++argv));
                        if (length == 0) goto bad;
                        }
+               else if (strcmp(*argv,"-strparse") == 0)
+                       {
+                       if (--argc < 1) goto bad;
+                       sk_push(osk,*(++argv));
+                       }
                else
                        {
                        BIO_printf(bio_err,"unknown option %s\n",*argv);
@@ -157,6 +169,9 @@ bad:
                BIO_printf(bio_err," -length arg   lenth of section in file\n");
                BIO_printf(bio_err," -i            indent entries\n");
                BIO_printf(bio_err," -oid file     file of extra oid definitions\n");
+               BIO_printf(bio_err," -strparse offset\n");
+               BIO_printf(bio_err,"               a series of these can be used to 'dig' into multiple\n");
+               BIO_printf(bio_err,"               ASN1 blob wrappings\n");
                goto end;
                }
 
@@ -218,6 +233,36 @@ bad:
                }
        str=buf->data;
 
+       /* If any structs to parse go through in sequence */
+
+       if (sk_num(osk))
+               {
+               tmpbuf=(unsigned char *)str;
+               tmplen=num;
+               for (i=0; i<sk_num(osk); i++)
+                       {
+                       j=atoi(sk_value(osk,i));
+                       if (j == 0)
+                               {
+                               BIO_printf(bio_err,"'%s' is an invalid number\n",sk_value(osk,i));
+                               continue;
+                               }
+                       tmpbuf+=j;
+                       tmplen-=j;
+                       if (d2i_ASN1_TYPE(&at,&tmpbuf,tmplen) == NULL)
+                               {
+                               BIO_printf(bio_err,"Error parsing structure\n");
+                               ERR_print_errors(bio_err);
+                               goto end;
+                               }
+                       /* hmm... this is a little evil but it works */
+                       tmpbuf=at->value.asn1_string->data;
+                       tmplen=at->value.asn1_string->length;
+                       }
+               str=(char *)tmpbuf;
+               num=tmplen;
+               }
+
        if (length == 0) length=(unsigned int)num;
        if (!ASN1_parse(out,(unsigned char *)&(str[offset]),length,indent))
                {
@@ -232,6 +277,8 @@ end:
        if (ret != 0)
                ERR_print_errors(bio_err);
        if (buf != NULL) BUF_MEM_free(buf);
+       if (at != NULL) ASN1_TYPE_free(at);
+       if (osk != NULL) sk_free(osk);
        OBJ_cleanup();
        EXIT(ret);
        }
index 75016ea..eeee65e 100644 (file)
@@ -1 +1 @@
-03
+05
index a584836..8990aa2 100644 (file)
--- a/apps/ca.c
+++ b/apps/ca.c
@@ -431,6 +431,29 @@ bad:
                        }
                }
 
+       if (conf != NULL)
+               {
+               p=CONF_get_string(conf,NULL,"oid_file");
+               if (p != NULL)
+                       {
+                       BIO *oid_bio;
+
+                       oid_bio=BIO_new_file(p,"r");
+                       if (oid_bio == NULL) 
+                               {
+                               /*
+                               BIO_printf(bio_err,"problems opening %s for extra oid's\n",p);
+                               ERR_print_errors(bio_err);
+                               */
+                               }
+                       else
+                               {
+                               OBJ_create_objects(oid_bio);
+                               BIO_free(oid_bio);
+                               }
+                       }
+               }
+
        in=BIO_new(BIO_s_file());
        out=BIO_new(BIO_s_file());
        Sout=BIO_new(BIO_s_file());
@@ -490,6 +513,12 @@ bad:
                goto err;
                }
 
+       if (!X509_check_private_key(x509,pkey))
+               {
+               BIO_printf(bio_err,"CA certificate and CA private key do not match\n");
+               goto err;
+               }
+
        f=CONF_get_string(conf,BASE_SECTION,ENV_PRESERVE);
        if ((f != NULL) && ((*f == 'y') || (*f == 'Y')))
                preserve=1;
@@ -700,7 +729,7 @@ bad:
                        }
                if (verbose)
                        {
-                       if ((f=BN_bn2ascii(serial)) == NULL) goto err;
+                       if ((f=BN_bn2hex(serial)) == NULL) goto err;
                        BIO_printf(bio_err,"next serial number is %s\n",f);
                        Free(f);
                        }
@@ -1273,7 +1302,7 @@ int verbose;
        if (i == 0)
                {
                ok=0;
-               BIO_printf(bio_err,"Signature did not match the certificate request\n");
+               BIO_printf(bio_err,"Signature did not match the certificate\n");
                goto err;
                }
        else
@@ -1530,7 +1559,7 @@ again2:
                BIO_printf(bio_err,"The subject name apears to be ok, checking data base for clashes\n");
 
        row[DB_name]=X509_NAME_oneline(subject,NULL,0);
-       row[DB_serial]=BN_bn2ascii(serial);
+       row[DB_serial]=BN_bn2hex(serial);
        if ((row[DB_name] == NULL) || (row[DB_serial] == NULL))
                {
                BIO_printf(bio_err,"Malloc failure\n");
@@ -1661,6 +1690,8 @@ again2:
                        }
                }
 
+       if (pkey->type == EVP_PKEY_DSA) dgst=EVP_dss1();
+
 #ifndef NO_DSA
         pktmp=X509_get_pubkey(ret);
         if (EVP_PKEY_missing_parameters(pktmp) &&
@@ -2022,7 +2053,7 @@ char *sec;
                default:
                        BIO_printf(bio_err,"Don't know how to pack extension %s\n",cv->name);
                        goto err;
-                       break;
+                       /* break; */
                        }
 
                if ((x=X509_EXTENSION_create_by_NID(NULL,nid,0,str)) == NULL)
diff --git a/apps/cert.der b/apps/cert.der
new file mode 100644 (file)
index 0000000..58d9fd8
Binary files /dev/null and b/apps/cert.der differ
index 2c18374..acb5cb9 100644 (file)
 #undef POSTFIX
 #define        POSTFIX ".rvk"
 
-#define FORMAT_UNDEF   0
-#define FORMAT_ASN1    1
-#define FORMAT_TEXT    2
-#define FORMAT_PEM     3
-
 static char *crl_usage[]={
 "usage: crl args\n",
 "\n",
index eea291d..86d60c5 100644 (file)
@@ -146,6 +146,8 @@ char **argv;
                        LN_sha,LN_sha);
                BIO_printf(bio_err,"-%3s to use the %s message digest algorithm\n",
                        LN_mdc2,LN_mdc2);
+               BIO_printf(bio_err,"-%3s to use the %s message digest algorithm\n",
+                       LN_ripemd160,LN_ripemd160);
                err=1;
                goto end;
                }
index 6e99289..de1d0cc 100644 (file)
@@ -80,6 +80,7 @@
  * -text
  * -C
  * -noout
+ * -genkey
  */
 
 #ifndef NOPROTO
@@ -97,7 +98,7 @@ char **argv;
        BIO *in=NULL,*out=NULL;
        int informat,outformat,noout=0,C=0,ret=1;
        char *infile,*outfile,*prog,*inrand=NULL;
-       int numbits= -1,num;
+       int numbits= -1,num,genkey=0;
        char buffer[200],*randfile=NULL;
 
        apps_startup();
@@ -140,6 +141,8 @@ char **argv;
                        text=1;
                else if (strcmp(*argv,"-C") == 0)
                        C=1;
+               else if (strcmp(*argv,"-genkey") == 0)
+                       genkey=1;
                else if (strcmp(*argv,"-rand") == 0)
                        {
                        if (--argc < 1) goto bad;
@@ -315,6 +318,22 @@ bad:
                        goto end;
                        }
                }
+       if (genkey)
+               {
+               DSA *dsakey;
+
+               if ((dsakey=DSAparams_dup(dsa)) == NULL) goto end;
+               if (!DSA_generate_key(dsakey)) goto end;
+               if      (outformat == FORMAT_ASN1)
+                       i=i2d_DSAPrivateKey_bio(out,dsakey);
+               else if (outformat == FORMAT_PEM)
+                       i=PEM_write_bio_DSAPrivateKey(out,dsakey,NULL,NULL,0,NULL);
+               else    {
+                       BIO_printf(bio_err,"bad output format specified for outfile\n");
+                       goto end;
+                       }
+               DSA_free(dsakey);
+               }
        ret=0;
 end:
        if (in != NULL) BIO_free(in);
index cd05fe6..4c63e86 100644 (file)
@@ -49,7 +49,7 @@ foreach (@ARGV)
                { print $str; }
        }
 
-foreach ("md2","md5","sha","sha1","mdc2")
+foreach ("md2","md5","sha","sha1","mdc2","rmd160")
        {
        push(@files,$_);
        printf "\t{FUNC_TYPE_MD,\"%s\",dgst_main},\n",$_;
diff --git a/apps/gmon.out b/apps/gmon.out
new file mode 100644 (file)
index 0000000..abab8b9
Binary files /dev/null and b/apps/gmon.out differ
index 55a56b3..d9be1c3 100644 (file)
@@ -1,5 +1,5 @@
 #!/bin/sh
-for i in verify asn1parse req dgst dh enc gendh errstr ca crl rsa dsa dsaparam x509 genrsa s_server s_client speed s_time version pkcs7 crl2pkcs7 sess_id ciphers md2 md5 sha sha1 mdc2 base64 des des3 desx idea rc4 rc2 bf cast rc5 des-ecb des-ede des-ede3 des-cbc des-ede-cbc des-ede3-cbc des-cfb des-ede-cfb des-ede3-cfb des-ofb des-ede-ofb des-ede3-ofb idea-cbc idea-ecb idea-cfb idea-ofb rc2-cbc rc2-ecb rc2-cfb rc2-ofb bf-cbc bf-ecb bf-cfb bf-ofb cast5-cbc cast5-ecb cast5-cfb cast5-ofb cast-cbc rc5-cbc rc5-ecb rc5-cfb rc5-ofb 
+for i in verify asn1parse req dgst dh enc gendh errstr ca crl rsa dsa dsaparam x509 genrsa s_server s_client speed s_time version pkcs7 crl2pkcs7 sess_id ciphers md2 md5 sha sha1 mdc2 rmd160 base64 des des3 desx idea rc4 rc2 bf cast rc5 des-ecb des-ede des-ede3 des-cbc des-ede-cbc des-ede3-cbc des-cfb des-ede-cfb des-ede3-cfb des-ofb des-ede-ofb des-ede3-ofb idea-cbc idea-ecb idea-cfb idea-ofb rc2-cbc rc2-ecb rc2-cfb rc2-ofb bf-cbc bf-ecb bf-cfb bf-ofb cast5-cbc cast5-ecb cast5-cfb cast5-ofb cast-cbc rc5-cbc rc5-ecb rc5-cfb rc5-ofb 
 do
 echo making symlink for $i
 /bin/rm -f $i
diff --git a/apps/oid.cnf b/apps/oid.cnf
new file mode 100644 (file)
index 0000000..faf425a
--- /dev/null
@@ -0,0 +1,6 @@
+2.99999.1       SET.ex1         SET x509v3 extension 1
+2.99999.2       SET.ex2         SET x509v3 extension 2
+2.99999.3       SET.ex3         SET x509v3 extension 3
+2.99999.4       SET.ex4         SET x509v3 extension 4
+2.99999.5       SET.ex5         SET x509v3 extension 5
+2.99999.6       SET.ex6         SET x509v3 extension 6
index eac411b..739a0e8 100644 (file)
@@ -241,6 +241,7 @@ end:
        ERR_remove_state(0);
 
        EVP_cleanup();
+       ERR_free_strings();
 
        CRYPTO_mem_leaks(bio_err);
        if (bio_err != NULL)
index 0b3bfa6..2621d90 100644 (file)
@@ -4,6 +4,7 @@
 #
 
 RANDFILE               = $ENV::HOME/.rnd
+oid_file               = $ENV::HOME/.oid
 
 ####################################################################
 [ ca ]
@@ -90,6 +91,8 @@ commonName_max                        = 64
 emailAddress                   = Email Address
 emailAddress_max               = 40
 
+SET-ex3                                = SET extension number 3
+
 [ req_attributes ]
 challengePassword              = A challenge password
 challengePassword_min          = 4
index b567e41..0af4647 100644 (file)
@@ -1,11 +1,18 @@
------BEGIN DSA PRIVATE KEY-----
+-----BEGIN RSA PRIVATE KEY-----
 Proc-Type: 4,ENCRYPTED
-DEK-Info: DES-EDE3-CBC,1BF8E9CE60B9941C
+DEK-Info: DES-EDE3-CBC,BA26229A1653B7FF
 
-JuhgIvVRrxCRedTTC9ABlIByMsq6IcpqyDZwOPS4rxTtVWvjj1BMHtoCebK7CKMZ
-dLsvztfSkdAYmTGK62C73RwlmnMxB4JXhTLaoAX2eL9iylojTWRg+/0Y4rbIKmUe
-hrmwrHld7vnfE9XHL8OoaFp6aJ8BB9B8HIfdJMnrNcTWJSGS6gYPTWPdm7ZCykEV
-2fFEX6IqWjBjaRm36Esj5mHLRVhBbi2n/jy5IhZeqjEsQ8adYGUulzPSe5xc2JZa
-+OO4ch/RRqWTFP59eNPfdke3UE7uNlUhPnYDAOXhSdMJBzI+T9RQXU2y/tMOrYYK
-3+jNQcQ9q1Xy1s5dz/BOvw==
------END DSA PRIVATE KEY-----
+6nhWG8PKhTPO/s3ZvjUa6226NlKdvPDZFsNXOOoSUs9ejxpb/aj5huhs6qRYzsz9
+Year47uaAZYhGD0vAagnNiBnYmjWEpN9G/wQxG7pgZThK1ZxDi63qn8aQ8UjuGHo
+F6RpnnBQIAnWTWqr/Qsybtc5EoNkrj/Cpx0OfbSr6gZsFBCxwX1R1hT3/mhJ45f3
+XMofY32Vdfx9/vtw1O7HmlHXQnXaqnbd9/nn1EpvFJG9+UjPoW7gV4jCOLuR4deE
+jS8hm+cpkwXmFtk3VGjT9tQXPpMv3JpYfBqgGQoMAJ5Toq0DWcHi6Wg08PsD8lgy
+vmTioPsRg+JGkJkJ8GnusgLpQdlQJbjzd7wGE6ElUFLfOxLo8bLlRHoriHNdWYhh
+JjY0LyeTkovcmWxVjImc6ZyBz5Ly4t0BYf1gq3OkjsV91Q1taBxnhiavfizqMCAf
+PPB3sLQnlXG77TOXkNxpqbZfEYrVZW2Nsqqdn8s07Uj4IMONZyq2odYKWFPMJBiM
+POYwXjMAOcmFMTHYsVlhcUJuV6LOuipw/FEbTtPH/MYMxLe4zx65dYo1rb4iLKLS
+gMtB0o/Wl4Xno3ZXh1ucicYnV2J7NpVcjVq+3SFiCRu2SrSkZHZ23EPS13Ec6fcz
+8X/YGA2vTJ8MAOozAzQUwHQYvLk7bIoQVekqDq4p0AZQbhdspHpArCk0Ifqqzg/v
+Uyky/zZiQYanzDenTSRVI/8wac3olxpU8QvbySxYqmbkgq6bTpXJfYFQfnAttEsC
+dA4S5UFgyOPZluxCAM4yaJF3Ft6neutNwftuJQMbgCUi9vYg2tGdSw==
+-----END RSA PRIVATE KEY-----
index ec00396..578bfcf 100644 (file)
@@ -118,6 +118,7 @@ FUNCTION functions[] = {
        {FUNC_TYPE_MD,"sha",dgst_main},
        {FUNC_TYPE_MD,"sha1",dgst_main},
        {FUNC_TYPE_MD,"mdc2",dgst_main},
+       {FUNC_TYPE_MD,"rmd160",dgst_main},
        {FUNC_TYPE_CIPHER,"base64",enc_main},
 #ifndef NO_DES
        {FUNC_TYPE_CIPHER,"des",enc_main},
index cd05fe6..4c63e86 100644 (file)
@@ -49,7 +49,7 @@ foreach (@ARGV)
                { print $str; }
        }
 
-foreach ("md2","md5","sha","sha1","mdc2")
+foreach ("md2","md5","sha","sha1","mdc2","rmd160")
        {
        push(@files,$_);
        printf "\t{FUNC_TYPE_MD,\"%s\",dgst_main},\n",$_;
index f51345f..9af5b49 100644 (file)
@@ -392,6 +392,29 @@ bad:
                        }
                }
 
+       if (req_conf != NULL)
+               {
+               p=CONF_get_string(req_conf,NULL,"oid_file");
+               if (p != NULL)
+                       {
+                       BIO *oid_bio;
+
+                       oid_bio=BIO_new_file(p,"r");
+                       if (oid_bio == NULL) 
+                               {
+                               /*
+                               BIO_printf(bio_err,"problems opening %s for extra oid's\n",p);
+                               ERR_print_errors(bio_err);
+                               */
+                               }
+                       else
+                               {
+                               OBJ_create_objects(oid_bio);
+                               BIO_free(oid_bio);
+                               }
+                       }
+               }
+
        if ((md_alg == NULL) &&
                ((p=CONF_get_string(req_conf,SECTION,"default_md")) != NULL))
                {
index 7c4f898..0056736 100644 (file)
@@ -1,5 +1,5 @@
 #!/bin/sh
-for i in verify asn1parse req dgst dh enc gendh errstr ca crl rsa dsa dsaparam x509 genrsa s_server s_client speed s_time version pkcs7 crl2pkcs7 sess_id ciphers md2 md5 sha sha1 mdc2 base64 des des3 desx idea rc4 rc2 bf cast rc5 des-ecb des-ede des-ede3 des-cbc des-ede-cbc des-ede3-cbc des-cfb des-ede-cfb des-ede3-cfb des-ofb des-ede-ofb des-ede3-ofb idea-cbc idea-ecb idea-cfb idea-ofb rc2-cbc rc2-ecb rc2-cfb rc2-ofb bf-cbc bf-ecb bf-cfb bf-ofb cast5-cbc cast5-ecb cast5-cfb cast5-ofb cast-cbc rc5-cbc rc5-ecb rc5-cfb rc5-ofb 
+for i in verify asn1parse req dgst dh enc gendh errstr ca crl rsa dsa dsaparam x509 genrsa s_server s_client speed s_time version pkcs7 crl2pkcs7 sess_id ciphers md2 md5 sha sha1 mdc2 rmd160 base64 des des3 desx idea rc4 rc2 bf cast rc5 des-ecb des-ede des-ede3 des-cbc des-ede-cbc des-ede3-cbc des-cfb des-ede-cfb des-ede3-cfb des-ofb des-ede-ofb des-ede3-ofb idea-cbc idea-ecb idea-cfb idea-ofb rc2-cbc rc2-ecb rc2-cfb rc2-ofb bf-cbc bf-ecb bf-cfb bf-ofb cast5-cbc cast5-ecb cast5-cfb cast5-ofb cast-cbc rc5-cbc rc5-ecb rc5-cfb rc5-ofb 
 do
 echo removing $i
 /bin/rm -f $i
diff --git a/apps/rsa/01.pem b/apps/rsa/01.pem
new file mode 100644 (file)
index 0000000..36ec575
--- /dev/null
@@ -0,0 +1,15 @@
+-----BEGIN CERTIFICATE-----
+MIICTjCCAbsCEGiuFKTJn6nzmiPPLxUZs1owDQYJKoZIhvcNAQEEBQAwXzELMAkG
+A1UEBhMCVVMxIDAeBgNVBAoTF1JTQSBEYXRhIFNlY3VyaXR5LCBJbmMuMS4wLAYD
+VQQLEyVTZWN1cmUgU2VydmVyIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTk4
+MDUxODAwMDAwMFoXDTk5MDUxODIzNTk1OVowdTELMAkGA1UEBhMCVVMxETAPBgNV
+BAgTCE5ldyBZb3JrMREwDwYDVQQHFAhOZXcgWW9yazEeMBwGA1UEChQVSW5kdXN0
+cmlhbCBQcmVzcyBJbmMuMSAwHgYDVQQDFBd3d3cuaW5kdXN0cmlhbHByZXNzLmNv
+bTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAqiH9xUJNHvqCmaDon27ValJb
+qTLymF3yKKWBxbODLWjX7yKjewoqWhotaEARI6jXPqomU87gFU1tH4r/bgwh3FmU
+MK3qo92XOsvwNAHzXzWRXQNJmm54g2F1RUt00pgYiOximDse1t9RL5POCDEbfX8D
+gugrE/WwkS2FrSoc5/cCAwEAATANBgkqhkiG9w0BAQQFAAN+AIw7fvF0EtEvrNS/
+LYuqAgUw/tH0FLgCkqKLmYYm/yR+Z0hD2eP/UhF+jAwmV8rHtBnaTM7oN23RVW2k
+Cf8soiGfr2PYtfufpXtd7azUFa+WJCWnp0N29EG0BR1JOFC0Q/4dh/X9qulM8luq
+Pjrmw2eSgbdmmdumWAcNPVbV
+-----END CERTIFICATE-----
diff --git a/apps/rsa/1.txt b/apps/rsa/1.txt
new file mode 100644 (file)
index 0000000..95a862e
--- /dev/null
@@ -0,0 +1,50 @@
+issuer= /C=US/O=RSA Data Security, Inc./OU=Secure Server Certification Authority
+subject=/C=US/ST=New York/L=New York/O=Industrial Press Inc./CN=www.industrialpress.com
+Certificate:
+    Data:
+        Version: 1 (0x0)
+        Serial Number:
+            68:ae:14:a4:c9:9f:a9:f3:9a:23:cf:2f:15:19:b3:5a
+        Signature Algorithm: md5WithRSAEncryption
+        Issuer: C=US, O=RSA Data Security, Inc., OU=Secure Server Certification Authority
+        Validity
+            Not Before: May 18 00:00:00 1998 GMT
+            Not After : May 18 23:59:59 1999 GMT
+        Subject: C=US, ST=New York, L=New York, O=Industrial Press Inc., CN=www.industrialpress.com
+        Subject Public Key Info:
+            Public Key Algorithm: rsaEncryption
+            RSA Public Key: (1024 bit)
+                Modulus (1024 bit):
+                    00:aa:21:fd:c5:42:4d:1e:fa:82:99:a0:e8:9f:6e:
+                    d5:6a:52:5b:a9:32:f2:98:5d:f2:28:a5:81:c5:b3:
+                    83:2d:68:d7:ef:22:a3:7b:0a:2a:5a:1a:2d:68:40:
+                    11:23:a8:d7:3e:aa:26:53:ce:e0:15:4d:6d:1f:8a:
+                    ff:6e:0c:21:dc:59:94:30:ad:ea:a3:dd:97:3a:cb:
+                    f0:34:01:f3:5f:35:91:5d:03:49:9a:6e:78:83:61:
+                    75:45:4b:74:d2:98:18:88:ec:62:98:3b:1e:d6:df:
+                    51:2f:93:ce:08:31:1b:7d:7f:03:82:e8:2b:13:f5:
+                    b0:91:2d:85:ad:2a:1c:e7:f7
+                Exponent: 65537 (0x10001)
+    Signature Algorithm: md5WithRSAEncryption
+        8c:3b:7e:f1:74:12:d1:2f:ac:d4:bf:2d:8b:aa:02:05:30:fe:
+        d1:f4:14:b8:02:92:a2:8b:99:86:26:ff:24:7e:67:48:43:d9:
+        e3:ff:52:11:7e:8c:0c:26:57:ca:c7:b4:19:da:4c:ce:e8:37:
+        6d:d1:55:6d:a4:09:ff:2c:a2:21:9f:af:63:d8:b5:fb:9f:a5:
+        7b:5d:ed:ac:d4:15:af:96:24:25:a7:a7:43:76:f4:41:b4:05:
+        1d:49:38:50:b4:43:fe:1d:87:f5:fd:aa:e9:4c:f2:5b:aa:3e:
+        3a:e6:c3:67:92:81:b7:66:99:db:a6:58:07:0d:3d:56:d5
+-----BEGIN CERTIFICATE-----
+MIICTjCCAbsCEGiuFKTJn6nzmiPPLxUZs1owDQYJKoZIhvcNAQEEBQAwXzELMAkG
+A1UEBhMCVVMxIDAeBgNVBAoTF1JTQSBEYXRhIFNlY3VyaXR5LCBJbmMuMS4wLAYD
+VQQLEyVTZWN1cmUgU2VydmVyIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTk4
+MDUxODAwMDAwMFoXDTk5MDUxODIzNTk1OVowdTELMAkGA1UEBhMCVVMxETAPBgNV
+BAgTCE5ldyBZb3JrMREwDwYDVQQHFAhOZXcgWW9yazEeMBwGA1UEChQVSW5kdXN0
+cmlhbCBQcmVzcyBJbmMuMSAwHgYDVQQDFBd3d3cuaW5kdXN0cmlhbHByZXNzLmNv
+bTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAqiH9xUJNHvqCmaDon27ValJb
+qTLymF3yKKWBxbODLWjX7yKjewoqWhotaEARI6jXPqomU87gFU1tH4r/bgwh3FmU
+MK3qo92XOsvwNAHzXzWRXQNJmm54g2F1RUt00pgYiOximDse1t9RL5POCDEbfX8D
+gugrE/WwkS2FrSoc5/cCAwEAATANBgkqhkiG9w0BAQQFAAN+AIw7fvF0EtEvrNS/
+LYuqAgUw/tH0FLgCkqKLmYYm/yR+Z0hD2eP/UhF+jAwmV8rHtBnaTM7oN23RVW2k
+Cf8soiGfr2PYtfufpXtd7azUFa+WJCWnp0N29EG0BR1JOFC0Q/4dh/X9qulM8luq
+Pjrmw2eSgbdmmdumWAcNPVbV
+-----END CERTIFICATE-----
diff --git a/apps/rsa/SecureServer.pem b/apps/rsa/SecureServer.pem
new file mode 100644 (file)
index 0000000..7c8ffb2
--- /dev/null
@@ -0,0 +1,47 @@
+Certificate:
+    Data:
+        Version: 1 (0x0)
+        Serial Number:
+            02:ad:66:7e:4e:45:fe:5e:57:6f:3c:98:19:5e:dd:c0
+        Signature Algorithm: md2WithRSAEncryption
+        Issuer: C=US, O=RSA Data Security, Inc., OU=Secure Server Certification Authority
+        Validity
+            Not Before: Nov  9 00:00:00 1994 GMT
+            Not After : Jan  7 23:59:59 2010 GMT
+        Subject: C=US, O=RSA Data Security, Inc., OU=Secure Server Certification Authority
+        Subject Public Key Info:
+            Public Key Algorithm: rsaEncryption
+            RSA Public Key: (1000 bit)
+                Modulus (1000 bit):
+                    00:92:ce:7a:c1:ae:83:3e:5a:aa:89:83:57:ac:25:
+                    01:76:0c:ad:ae:8e:2c:37:ce:eb:35:78:64:54:03:
+                    e5:84:40:51:c9:bf:8f:08:e2:8a:82:08:d2:16:86:
+                    37:55:e9:b1:21:02:ad:76:68:81:9a:05:a2:4b:c9:
+                    4b:25:66:22:56:6c:88:07:8f:f7:81:59:6d:84:07:
+                    65:70:13:71:76:3e:9b:77:4c:e3:50:89:56:98:48:
+                    b9:1d:a7:29:1a:13:2e:4a:11:59:9c:1e:15:d5:49:
+                    54:2c:73:3a:69:82:b1:97:39:9c:6d:70:67:48:e5:
+                    dd:2d:d6:c8:1e:7b
+                Exponent: 65537 (0x10001)
+    Signature Algorithm: md2WithRSAEncryption
+        65:dd:7e:e1:b2:ec:b0:e2:3a:e0:ec:71:46:9a:19:11:b8:d3:
+        c7:a0:b4:03:40:26:02:3e:09:9c:e1:12:b3:d1:5a:f6:37:a5:
+        b7:61:03:b6:5b:16:69:3b:c6:44:08:0c:88:53:0c:6b:97:49:
+        c7:3e:35:dc:6c:b9:bb:aa:df:5c:bb:3a:2f:93:60:b6:a9:4b:
+        4d:f2:20:f7:cd:5f:7f:64:7b:8e:dc:00:5c:d7:fa:77:ca:39:
+        16:59:6f:0e:ea:d3:b5:83:7f:4d:4d:42:56:76:b4:c9:5f:04:
+        f8:38:f8:eb:d2:5f:75:5f:cd:7b:fc:e5:8e:80:7c:fc:50
+-----BEGIN CERTIFICATE-----
+MIICNDCCAaECEAKtZn5ORf5eV288mBle3cAwDQYJKoZIhvcNAQECBQAwXzELMAkG
+A1UEBhMCVVMxIDAeBgNVBAoTF1JTQSBEYXRhIFNlY3VyaXR5LCBJbmMuMS4wLAYD
+VQQLEyVTZWN1cmUgU2VydmVyIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTk0
+MTEwOTAwMDAwMFoXDTEwMDEwNzIzNTk1OVowXzELMAkGA1UEBhMCVVMxIDAeBgNV
+BAoTF1JTQSBEYXRhIFNlY3VyaXR5LCBJbmMuMS4wLAYDVQQLEyVTZWN1cmUgU2Vy
+dmVyIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MIGbMA0GCSqGSIb3DQEBAQUAA4GJ
+ADCBhQJ+AJLOesGugz5aqomDV6wlAXYMra6OLDfO6zV4ZFQD5YRAUcm/jwjiioII
+0haGN1XpsSECrXZogZoFokvJSyVmIlZsiAeP94FZbYQHZXATcXY+m3dM41CJVphI
+uR2nKRoTLkoRWZweFdVJVCxzOmmCsZc5nG1wZ0jl3S3WyB57AgMBAAEwDQYJKoZI
+hvcNAQECBQADfgBl3X7hsuyw4jrg7HFGmhkRuNPHoLQDQCYCPgmc4RKz0Vr2N6W3
+YQO2WxZpO8ZECAyIUwxrl0nHPjXcbLm7qt9cuzovk2C2qUtN8iD3zV9/ZHuO3ABc
+1/p3yjkWWW8O6tO1g39NTUJWdrTJXwT4OPjr0l91X817/OWOgHz8UA==
+-----END CERTIFICATE-----
diff --git a/apps/rsa/s.txt b/apps/rsa/s.txt
new file mode 100644 (file)
index 0000000..7de7e07
--- /dev/null
@@ -0,0 +1,49 @@
+issuer= /C=US/O=RSA Data Security, Inc./OU=Secure Server Certification Authority
+subject=/C=US/O=RSA Data Security, Inc./OU=Secure Server Certification Authority
+Certificate:
+    Data:
+        Version: 1 (0x0)
+        Serial Number:
+            02:ad:66:7e:4e:45:fe:5e:57:6f:3c:98:19:5e:dd:c0
+        Signature Algorithm: md2WithRSAEncryption
+        Issuer: C=US, O=RSA Data Security, Inc., OU=Secure Server Certification Authority
+        Validity
+            Not Before: Nov  9 00:00:00 1994 GMT
+            Not After : Jan  7 23:59:59 2010 GMT
+        Subject: C=US, O=RSA Data Security, Inc., OU=Secure Server Certification Authority
+        Subject Public Key Info:
+            Public Key Algorithm: rsaEncryption
+            RSA Public Key: (1000 bit)
+                Modulus (1000 bit):
+                    00:92:ce:7a:c1:ae:83:3e:5a:aa:89:83:57:ac:25:
+                    01:76:0c:ad:ae:8e:2c:37:ce:eb:35:78:64:54:03:
+                    e5:84:40:51:c9:bf:8f:08:e2:8a:82:08:d2:16:86:
+                    37:55:e9:b1:21:02:ad:76:68:81:9a:05:a2:4b:c9:
+                    4b:25:66:22:56:6c:88:07:8f:f7:81:59:6d:84:07:
+                    65:70:13:71:76:3e:9b:77:4c:e3:50:89:56:98:48:
+                    b9:1d:a7:29:1a:13:2e:4a:11:59:9c:1e:15:d5:49:
+                    54:2c:73:3a:69:82:b1:97:39:9c:6d:70:67:48:e5:
+                    dd:2d:d6:c8:1e:7b
+                Exponent: 65537 (0x10001)
+    Signature Algorithm: md2WithRSAEncryption
+        65:dd:7e:e1:b2:ec:b0:e2:3a:e0:ec:71:46:9a:19:11:b8:d3:
+        c7:a0:b4:03:40:26:02:3e:09:9c:e1:12:b3:d1:5a:f6:37:a5:
+        b7:61:03:b6:5b:16:69:3b:c6:44:08:0c:88:53:0c:6b:97:49:
+        c7:3e:35:dc:6c:b9:bb:aa:df:5c:bb:3a:2f:93:60:b6:a9:4b:
+        4d:f2:20:f7:cd:5f:7f:64:7b:8e:dc:00:5c:d7:fa:77:ca:39:
+        16:59:6f:0e:ea:d3:b5:83:7f:4d:4d:42:56:76:b4:c9:5f:04:
+        f8:38:f8:eb:d2:5f:75:5f:cd:7b:fc:e5:8e:80:7c:fc:50
+-----BEGIN CERTIFICATE-----
+MIICNDCCAaECEAKtZn5ORf5eV288mBle3cAwDQYJKoZIhvcNAQECBQAwXzELMAkG
+A1UEBhMCVVMxIDAeBgNVBAoTF1JTQSBEYXRhIFNlY3VyaXR5LCBJbmMuMS4wLAYD
+VQQLEyVTZWN1cmUgU2VydmVyIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTk0
+MTEwOTAwMDAwMFoXDTEwMDEwNzIzNTk1OVowXzELMAkGA1UEBhMCVVMxIDAeBgNV
+BAoTF1JTQSBEYXRhIFNlY3VyaXR5LCBJbmMuMS4wLAYDVQQLEyVTZWN1cmUgU2Vy
+dmVyIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MIGbMA0GCSqGSIb3DQEBAQUAA4GJ
+ADCBhQJ+AJLOesGugz5aqomDV6wlAXYMra6OLDfO6zV4ZFQD5YRAUcm/jwjiioII
+0haGN1XpsSECrXZogZoFokvJSyVmIlZsiAeP94FZbYQHZXATcXY+m3dM41CJVphI
+uR2nKRoTLkoRWZweFdVJVCxzOmmCsZc5nG1wZ0jl3S3WyB57AgMBAAEwDQYJKoZI
+hvcNAQECBQADfgBl3X7hsuyw4jrg7HFGmhkRuNPHoLQDQCYCPgmc4RKz0Vr2N6W3
+YQO2WxZpO8ZECAyIUwxrl0nHPjXcbLm7qt9cuzovk2C2qUtN8iD3zV9/ZHuO3ABc
+1/p3yjkWWW8O6tO1g39NTUJWdrTJXwT4OPjr0l91X817/OWOgHz8UA==
+-----END CERTIFICATE-----
index cd086bb..7fa855c 100644 (file)
@@ -130,8 +130,10 @@ char *key_file;
        {
        if (cert_file != NULL)
                {
+               /*
                SSL *ssl;
                X509 *x509;
+               */
 
                if (SSL_CTX_use_certificate_file(ctx,cert_file,
                        SSL_FILETYPE_PEM) <= 0)
@@ -149,6 +151,8 @@ char *key_file;
                        return(0);
                        }
 
+               /*
+               In theory this is no longer needed 
                ssl=SSL_new(ctx);
                x509=SSL_get_certificate(ssl);
 
@@ -156,6 +160,7 @@ char *key_file;
                        EVP_PKEY_copy_parameters(X509_get_pubkey(x509),
                                SSL_get_privatekey(ssl));
                SSL_free(ssl);
+               */
 
                /* If we are using DSA, we can copy the parameters from
                 * the private key */
index e783eb7..e0cb245 100644 (file)
@@ -131,7 +131,7 @@ static void sc_usage()
        BIO_printf(bio_err," -no_tls1/-no_ssl3/-no_ssl2 - turn off that protocol\n");
        BIO_printf(bio_err," -bugs         - Switch on all SSL implementation bug workarounds\n");
        BIO_printf(bio_err," -cipher       - prefered cipher to use, use the 'ssleay ciphers'\n");
-       BIO_printf(bio_err,"                 command to se what is available\n");
+       BIO_printf(bio_err,"                 command to see what is available\n");
 
        }
 
@@ -551,7 +551,15 @@ re_start:
 #ifdef RENEG
 { static int iiii; if (++iiii == 52) { SSL_renegotiate(con); iiii=0; } }
 #endif
+#if 1
                        k=SSL_read(con,sbuf,1024 /* BUFSIZZ */ );
+#else
+/* Demo for pending and peek :-) */
+                       k=SSL_read(con,sbuf,16);
+{ char zbuf[10240]; 
+printf("read=%d pending=%d peek=%d\n",k,SSL_pending(con),SSL_peek(con,zbuf,10240));
+}
+#endif
 
                        switch (SSL_get_error(con,k))
                                {
@@ -588,7 +596,7 @@ re_start:
                        case SSL_ERROR_SSL:
                                ERR_print_errors(bio_err);
                                goto shut;
-                               break;
+                               /* break; */
                                }
                        }
 
@@ -658,7 +666,7 @@ int full;
                sk=SSL_get_peer_cert_chain(s);
                if (sk != NULL)
                        {
-                       BIO_printf(bio,"---\nCertficate chain\n");
+                       BIO_printf(bio,"---\nCertificate chain\n");
                        for (i=0; i<sk_num(sk); i++)
                                {
                                X509_NAME_oneline(X509_get_subject_name((X509 *)
index 5012ef2..c9651b8 100644 (file)
@@ -136,7 +136,8 @@ static DH *get_dh512()
 /* static int load_CA(SSL_CTX *ctx, char *file);*/
 
 #undef BUFSIZZ
-#define BUFSIZZ        8*1024
+#define BUFSIZZ        16*1024
+static int bufsize=32;
 static int accept_socket= -1;
 
 #define TEST_CERT      "server.pem"
@@ -562,7 +563,7 @@ int s;
        SSL *con=NULL;
        BIO *sbio;
 
-       if ((buf=Malloc(BUFSIZZ)) == NULL)
+       if ((buf=Malloc(bufsize)) == NULL)
                {
                BIO_printf(bio_err,"out of memory\n");
                goto err;
@@ -614,7 +615,7 @@ int s;
                if (i <= 0) continue;
                if (FD_ISSET(fileno(stdin),&readfds))
                        {
-                       i=read(fileno(stdin),buf,128/*BUFSIZZ*/);
+                       i=read(fileno(stdin),buf,bufsize);
                        if (!s_quiet)
                                {
                                if ((i <= 0) || (buf[0] == 'Q'))
@@ -641,7 +642,7 @@ int s;
                                        printf("SSL_do_handshake -> %d\n",i);
                                        i=0; /*13; */
                                        continue;
-                                       strcpy(buf,"server side RE-NEGOTIATE\n");
+                                       /* strcpy(buf,"server side RE-NEGOTIATE\n"); */
                                        }
                                if ((buf[0] == 'R') &&
                                        ((buf[1] == '\0') || (buf[1] == '\r')))
@@ -653,7 +654,7 @@ int s;
                                        printf("SSL_do_handshake -> %d\n",i);
                                        i=0; /* 13; */
                                        continue;
-                                       strcpy(buf,"server side RE-NEGOTIATE asking for client cert\n");
+                                       /* strcpy(buf,"server side RE-NEGOTIATE asking for client cert\n"); */
                                        }
                                if (buf[0] == 'P')
                                        {
@@ -688,7 +689,7 @@ int s;
                                        ERR_print_errors(bio_err);
                                        ret=1;
                                        goto err;
-                                       break;
+                                       /* break; */
                                case SSL_ERROR_ZERO_RETURN:
                                        BIO_printf(bio_s_out,"DONE\n");
                                        ret=1;
@@ -718,12 +719,14 @@ int s;
                                }
                        else
                                {
-                               i=SSL_read(con,(char *)buf,128 /*BUFSIZZ */);
+again: 
+                               i=SSL_read(con,(char *)buf,bufsize);
                                switch (SSL_get_error(con,i))
                                        {
                                case SSL_ERROR_NONE:
                                        write(fileno(stdout),buf,
                                                (unsigned int)i);
+                                       if (SSL_pending(con)) goto again;
                                        break;
                                case SSL_ERROR_WANT_WRITE:
                                case SSL_ERROR_WANT_READ:
@@ -755,7 +758,7 @@ err:
        BIO_printf(bio_s_out,"CONNECTION CLOSED\n");
        if (buf != NULL)
                {
-               memset(buf,0,BUFSIZZ);
+               memset(buf,0,bufsize);
                Free(buf);
                }
        if (ret >= 0)
@@ -820,6 +823,10 @@ SSL *con;
        str=SSL_CIPHER_get_name(SSL_get_current_cipher(con));
        BIO_printf(bio_s_out,"CIPHER is %s\n",(str != NULL)?str:"(NONE)");
        if (con->hit) BIO_printf(bio_s_out,"Reused session-id\n");
+       if (SSL_ctrl(con,SSL_CTRL_GET_FLAGS,0,NULL) &
+               TLS1_FLAGS_TLS_PADDING_BUG)
+               BIO_printf(bio_s_out,"Peer has incorrect TLSv1 block padding\n");
+
        return(1);
        }
 
@@ -865,7 +872,7 @@ static int www_body(hostname, s)
 char *hostname;
 int s;
        {
-       char buf[1024];
+       char *buf=NULL;
        int ret=1;
        int i,j,k,blank,dot;
        struct stat st_buf;
@@ -874,6 +881,8 @@ int s;
        BIO *io,*ssl_bio,*sbio;
        long total_bytes;
 
+       buf=Malloc(bufsize);
+       if (buf == NULL) return(0);
        io=BIO_new(BIO_f_buffer());
        ssl_bio=BIO_new(BIO_f_ssl());
        if ((io == NULL) || (ssl_bio == NULL)) goto err;
@@ -891,7 +900,7 @@ int s;
 #endif
 
        /* lets make the output buffer a reasonable size */
-       if (!BIO_set_write_buffer_size(io,253 /*16*1024*/)) goto err;
+       if (!BIO_set_write_buffer_size(io,bufsize)) goto err;
 
        if ((con=(SSL *)SSL_new(ctx)) == NULL) goto err;
 
@@ -937,14 +946,14 @@ int s;
                        case SSL_ERROR_ZERO_RETURN:
                                ret=1;
                                goto err;
-                               break;
+                               /* break; */
                                }
 
                        SSL_renegotiate(con);
                        SSL_write(con,NULL,0);
                        }
 
-               i=BIO_gets(io,buf,sizeof(buf)-1);
+               i=BIO_gets(io,buf,bufsize-1);
                if (i < 0) /* error */
                        {
                        if (!BIO_should_retry(io))
@@ -1004,7 +1013,7 @@ int s;
                                        BIO_puts(io,"\n");
                                }
                        BIO_puts(io,"\n");
-                       p=SSL_get_shared_ciphers(con,buf,sizeof(buf));
+                       p=SSL_get_shared_ciphers(con,buf,bufsize);
                        if (p != NULL)
                                {
                                BIO_printf(io,"---\nCiphers common between both SSL end points:\n");
@@ -1129,9 +1138,10 @@ int s;
                        total_bytes=0;
                        for (;;)
                                {
-                               i=BIO_read(file,buf,1024);
+                               i=BIO_read(file,buf,bufsize);
                                if (i <= 0) break;
 
+#ifdef RENEG
                                total_bytes+=i;
                                fprintf(stderr,"%d\n",i);
                                if (total_bytes > 3*1024)
@@ -1140,6 +1150,7 @@ int s;
                                        fprintf(stderr,"RENEGOTIATE\n");
                                        SSL_renegotiate(con);
                                        }
+#endif
 
                                for (j=0; j<i; )
                                        {
@@ -1194,6 +1205,7 @@ err:
        if (ret >= 0)
                BIO_printf(bio_s_out,"ACCEPT\n");
 
+       if (buf != NULL) Free(buf);
        if (io != NULL) BIO_free_all(io);
 /*     if (ssl_bio != NULL) BIO_free(ssl_bio);*/
        return(ret);
index 7571c20..02f54f9 100644 (file)
@@ -111,7 +111,8 @@ struct tms {
 #include <sys/select.h>
 #endif
 
-#ifdef sun
+#if defined(sun) || defined(__ultrix)
+#define _POSIX_SOURCE
 #include <limits.h>
 #include <sys/param.h>
 #endif
diff --git a/apps/sc.c b/apps/sc.c
new file mode 100644 (file)
index 0000000..0c00c37
--- /dev/null
+++ b/apps/sc.c
@@ -0,0 +1,780 @@
+/* apps/s_client.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#define USE_SOCKETS
+#ifdef NO_STDIO
+#define APPS_WIN16
+#endif
+#include "apps.h"
+#include "x509.h"
+#include "ssl.h"
+#include "err.h"
+#include "pem.h"
+#include "s_apps.h"
+
+#ifdef WINDOWS
+/* Most of the #if(n)def WINDOWS put in by Gerrit van Niekerk 
+   <gerritvn@osi.co.za> to support the keyboard under Windows.
+   Tested using Win95, *should* work with NT and Win3.x
+*/
+#include <conio.h>
+#endif
+
+#undef PROG
+#define PROG   s_client_main
+
+/*#define SSL_HOST_NAME        "www.netscape.com" */
+/*#define SSL_HOST_NAME        "193.118.187.102" */
+#define SSL_HOST_NAME  "localhost"
+
+/*#define TEST_CERT "client.pem" */ /* no default cert. */
+
+#undef BUFSIZZ
+#define BUFSIZZ 1024*8
+
+extern int verify_depth;
+extern int verify_error;
+
+#ifdef FIONBIO
+static int c_nbio=0;
+#endif
+static int c_Pause=0;
+static int c_debug=0;
+
+#ifndef NOPROTO
+static void sc_usage(void);
+static void print_stuff(BIO *berr,SSL *con,int full);
+#else
+static void sc_usage();
+static void print_stuff();
+#endif
+
+static BIO *bio_c_out=NULL;
+static int c_quiet=0;
+
+static void sc_usage()
+       {
+       BIO_printf(bio_err,"usage: client args\n");
+       BIO_printf(bio_err,"\n");
+       BIO_printf(bio_err," -host host     - use -connect instead\n");
+       BIO_printf(bio_err," -port port     - use -connect instead\n");
+       BIO_printf(bio_err," -connect host:port - who to connect to (default is %s:%s)\n",SSL_HOST_NAME,PORT_STR);
+
+       BIO_printf(bio_err," -verify arg   - turn on peer certificate verification\n");
+       BIO_printf(bio_err," -cert arg     - certificate file to use, PEM format assumed\n");
+       BIO_printf(bio_err," -key arg      - Private key file to use, PEM format assumed, in cert file if\n");
+       BIO_printf(bio_err,"                 not specified but cert file is.\n");
+       BIO_printf(bio_err," -CApath arg   - PEM format directory of CA's\n");
+       BIO_printf(bio_err," -CAfile arg   - PEM format file of CA's\n");
+       BIO_printf(bio_err," -reconnect    - Drop and re-make the connection with the same Session-ID\n");
+       BIO_printf(bio_err," -pause        - sleep(1) after each read(2) and write(2) system call\n");
+       BIO_printf(bio_err," -debug        - extra output\n");
+       BIO_printf(bio_err," -nbio_test    - more ssl protocol testing\n");
+       BIO_printf(bio_err," -state        - print the 'ssl' states\n");
+#ifdef FIONBIO
+       BIO_printf(bio_err," -nbio         - Run with non-blocking IO\n");
+#endif
+       BIO_printf(bio_err," -quiet        - no s_client output\n");
+       BIO_printf(bio_err," -ssl2         - just use SSLv2\n");
+       BIO_printf(bio_err," -ssl3         - just use SSLv3\n");
+       BIO_printf(bio_err," -tls1         - just use TLSv1\n");
+       BIO_printf(bio_err," -no_tls1/-no_ssl3/-no_ssl2 - turn off that protocol\n");
+       BIO_printf(bio_err," -bugs         - Switch on all SSL implementation bug workarounds\n");
+       BIO_printf(bio_err," -cipher       - prefered cipher to use, use the 'ssleay ciphers'\n");
+       BIO_printf(bio_err,"                 command to see what is available\n");
+
+       }
+
+int MAIN(argc, argv)
+int argc;
+char **argv;
+       {
+       int off=0;
+       SSL *con=NULL,*con2=NULL;
+       int s,k,width,state=0;
+       char *cbuf=NULL,*sbuf=NULL;
+       int cbuf_len,cbuf_off;
+       int sbuf_len,sbuf_off;
+       fd_set readfds,writefds;
+       short port=PORT;
+       int full_log=1;
+       char *host=SSL_HOST_NAME;
+       char *cert_file=NULL,*key_file=NULL;
+       char *CApath=NULL,*CAfile=NULL,*cipher=NULL;
+       int reconnect=0,badop=0,verify=SSL_VERIFY_NONE,bugs=0;
+       int write_tty,read_tty,write_ssl,read_ssl,tty_on;
+       SSL_CTX *ctx=NULL;
+       int ret=1,in_init=1,i,nbio_test=0;
+       SSL_METHOD *meth=NULL;
+       BIO *sbio;
+       /*static struct timeval timeout={10,0};*/
+
+#if !defined(NO_SSL2) && !defined(NO_SSL3)
+       meth=SSLv23_client_method();
+#elif !defined(NO_SSL3)
+       meth=SSLv3_client_method();
+#elif !defined(NO_SSL2)
+       meth=SSLv2_client_method();
+#endif
+
+       apps_startup();
+       c_Pause=0;
+       c_quiet=0;
+       c_debug=0;
+
+       if (bio_err == NULL)
+               bio_err=BIO_new_fp(stderr,BIO_NOCLOSE);
+
+       if (    ((cbuf=Malloc(BUFSIZZ)) == NULL) ||
+               ((sbuf=Malloc(BUFSIZZ)) == NULL))
+               {
+               BIO_printf(bio_err,"out of memory\n");
+               goto end;
+               }
+
+       verify_depth=0;
+       verify_error=X509_V_OK;
+#ifdef FIONBIO
+       c_nbio=0;
+#endif
+#ifdef WINDOWS
+       c_nbio = 1;
+#endif
+
+       argc--;
+       argv++;
+       while (argc >= 1)
+               {
+               if      (strcmp(*argv,"-host") == 0)
+                       {
+                       if (--argc < 1) goto bad;
+                       host= *(++argv);
+                       }
+               else if (strcmp(*argv,"-port") == 0)
+                       {
+                       if (--argc < 1) goto bad;
+                       port=atoi(*(++argv));
+                       if (port == 0) goto bad;
+                       }
+               else if (strcmp(*argv,"-connect") == 0)
+                       {
+                       if (--argc < 1) goto bad;
+                       if (!extract_host_port(*(++argv),&host,NULL,&port))
+                               goto bad;
+                       }
+               else if (strcmp(*argv,"-verify") == 0)
+                       {
+                       verify=SSL_VERIFY_PEER;
+                       if (--argc < 1) goto bad;
+                       verify_depth=atoi(*(++argv));
+                       BIO_printf(bio_err,"verify depth is %d\n",verify_depth);
+                       }
+               else if (strcmp(*argv,"-cert") == 0)
+                       {
+                       if (--argc < 1) goto bad;
+                       cert_file= *(++argv);
+                       }
+               else if (strcmp(*argv,"-quiet") == 0)
+                       c_quiet=1;
+               else if (strcmp(*argv,"-pause") == 0)
+                       c_Pause=1;
+               else if (strcmp(*argv,"-debug") == 0)
+                       c_debug=1;
+               else if (strcmp(*argv,"-nbio_test") == 0)
+                       nbio_test=1;
+               else if (strcmp(*argv,"-state") == 0)
+                       state=1;
+#ifndef NO_SSL2
+               else if (strcmp(*argv,"-ssl2") == 0)
+                       meth=SSLv2_client_method();
+#endif
+#ifndef NO_SSL3
+               else if (strcmp(*argv,"-ssl3") == 0)
+                       meth=SSLv3_client_method();
+#endif
+#ifndef NO_TLS1
+               else if (strcmp(*argv,"-tls1") == 0)
+                       meth=TLSv1_client_method();
+#endif
+               else if (strcmp(*argv,"-bugs") == 0)
+                       bugs=1;
+               else if (strcmp(*argv,"-key") == 0)
+                       {
+                       if (--argc < 1) goto bad;
+                       key_file= *(++argv);
+                       }
+               else if (strcmp(*argv,"-reconnect") == 0)
+                       {
+                       reconnect=5;
+                       }
+               else if (strcmp(*argv,"-CApath") == 0)
+                       {
+                       if (--argc < 1) goto bad;
+                       CApath= *(++argv);
+                       }
+               else if (strcmp(*argv,"-CAfile") == 0)
+                       {
+                       if (--argc < 1) goto bad;
+                       CAfile= *(++argv);
+                       }
+               else if (strcmp(*argv,"-no_tls1") == 0)
+                       off|=SSL_OP_NO_TLSv1;
+               else if (strcmp(*argv,"-no_ssl3") == 0)
+                       off|=SSL_OP_NO_SSLv3;
+               else if (strcmp(*argv,"-no_ssl2") == 0)
+                       off|=SSL_OP_NO_SSLv2;
+               else if (strcmp(*argv,"-cipher") == 0)
+                       {
+                       if (--argc < 1) goto bad;
+                       cipher= *(++argv);
+                       }
+#ifdef FIONBIO
+               else if (strcmp(*argv,"-nbio") == 0)
+                       { c_nbio=1; }
+#endif
+               else
+                       {
+                       BIO_printf(bio_err,"unknown option %s\n",*argv);
+                       badop=1;
+                       break;
+                       }
+               argc--;
+               argv++;
+               }
+       if (badop)
+               {
+bad:
+               sc_usage();
+               goto end;
+               }
+
+       if (bio_c_out == NULL)
+               {
+               if (c_quiet)
+                       {
+                       bio_c_out=BIO_new(BIO_s_null());
+                       }
+               else
+                       {
+                       if (bio_c_out == NULL)
+                               bio_c_out=BIO_new_fp(stdout,BIO_NOCLOSE);
+                       }
+               }
+
+       SSLeay_add_ssl_algorithms();
+       ctx=SSL_CTX_new(meth);
+       if (ctx == NULL)
+               {
+               ERR_print_errors(bio_err);
+               goto end;
+               }
+
+       if (bugs)
+               SSL_CTX_set_options(ctx,SSL_OP_ALL|off);
+       else
+               SSL_CTX_set_options(ctx,off);
+
+       if (state) SSL_CTX_set_info_callback(ctx,apps_ssl_info_callback);
+       if (cipher != NULL)
+               SSL_CTX_set_cipher_list(ctx,cipher);
+#if 0
+       else
+               SSL_CTX_set_cipher_list(ctx,getenv("SSL_CIPHER"));
+#endif
+
+       SSL_CTX_set_verify(ctx,verify,verify_callback);
+       if (!set_cert_stuff(ctx,cert_file,key_file))
+               goto end;
+
+       if ((!SSL_CTX_load_verify_locations(ctx,CAfile,CApath)) ||
+               (!SSL_CTX_set_default_verify_paths(ctx)))
+               {
+               /* BIO_printf(bio_err,"error seting default verify locations\n"); */
+               ERR_print_errors(bio_err);
+               /* goto end; */
+               }
+
+       SSL_load_error_strings();
+
+       con=(SSL *)SSL_new(ctx);
+/*     SSL_set_cipher_list(con,"RC4-MD5"); */
+
+re_start:
+
+       if (init_client(&s,host,port) == 0)
+               {
+               BIO_printf(bio_err,"connect:errno=%d\n",get_last_socket_error());
+               SHUTDOWN(s);
+               goto end;
+               }
+       BIO_printf(bio_c_out,"CONNECTED(%08X)\n",s);
+
+#ifdef FIONBIO
+       if (c_nbio)
+               {
+               unsigned long l=1;
+               BIO_printf(bio_c_out,"turning on non blocking io\n");
+               if (BIO_socket_ioctl(s,FIONBIO,&l) < 0)
+                       {
+                       ERR_print_errors(bio_err);
+                       goto end;
+                       }
+               }
+#endif                                              
+       if (c_Pause & 0x01) con->debug=1;
+       sbio=BIO_new_socket(s,BIO_NOCLOSE);
+
+       if (nbio_test)
+               {
+               BIO *test;
+
+               test=BIO_new(BIO_f_nbio_test());
+               sbio=BIO_push(test,sbio);
+               }
+
+       if (c_debug)
+               {
+               con->debug=1;
+               BIO_set_callback(sbio,bio_dump_cb);
+               BIO_set_callback_arg(sbio,bio_c_out);
+               }
+
+       SSL_set_bio(con,sbio,sbio);
+       SSL_set_connect_state(con);
+
+       /* ok, lets connect */
+       width=SSL_get_fd(con)+1;
+
+       read_tty=1;
+       write_tty=0;
+       tty_on=0;
+       read_ssl=1;
+       write_ssl=1;
+       
+       cbuf_len=0;
+       cbuf_off=0;
+       sbuf_len=0;
+       sbuf_off=0;
+
+       for (;;)
+               {
+               FD_ZERO(&readfds);
+               FD_ZERO(&writefds);
+
+               if (SSL_in_init(con) && !SSL_total_renegotiations(con))
+                       {
+                       in_init=1;
+                       tty_on=0;
+                       }
+               else
+                       {
+                       tty_on=1;
+                       if (in_init)
+                               {
+                               in_init=0;
+                               print_stuff(bio_c_out,con,full_log);
+                               if (full_log > 0) full_log--;
+
+                               if (reconnect)
+                                       {
+                                       reconnect--;
+                                       BIO_printf(bio_c_out,"drop connection and then reconnect\n");
+                                       SSL_shutdown(con);
+                                       SSL_set_connect_state(con);
+                                       SHUTDOWN(SSL_get_fd(con));
+                                       goto re_start;
+                                       }
+                               }
+                       }
+
+#ifndef WINDOWS
+               if (tty_on)
+                       {
+                       if (read_tty)  FD_SET(fileno(stdin),&readfds);
+                       if (write_tty) FD_SET(fileno(stdout),&writefds);
+                       }
+#endif
+               if (read_ssl)
+                       FD_SET(SSL_get_fd(con),&readfds);
+               if (write_ssl)
+                       FD_SET(SSL_get_fd(con),&writefds);
+
+/*             printf("mode tty(%d %d%d) ssl(%d%d)\n",
+                       tty_on,read_tty,write_tty,read_ssl,write_ssl);*/
+
+#ifndef WINDOWS
+               i=select(width,&readfds,&writefds,NULL,NULL);
+               if ( i < 0)
+                       {
+                       BIO_printf(bio_err,"bad select %d\n",
+                               get_last_socket_error());
+                       goto shut;
+                       /* goto end; */
+                       }
+
+               if (FD_ISSET(SSL_get_fd(con),&writefds))
+#else
+               if (write_ssl)
+#endif
+                       {
+                       k=SSL_write(con,&(cbuf[cbuf_off]),
+                               (unsigned int)cbuf_len);
+                       switch (SSL_get_error(con,k))
+                               {
+                       case SSL_ERROR_NONE:
+                               cbuf_off+=k;
+                               cbuf_len-=k;
+                               if (k <= 0) goto end;
+                               /* we have done a  write(con,NULL,0); */
+                               if (cbuf_len <= 0)
+                                       {
+                                       read_tty=1;
+                                       write_ssl=0;
+                                       }
+                               else /* if (cbuf_len > 0) */
+                                       {
+                                       read_tty=0;
+                                       write_ssl=1;
+                                       }
+                               break;
+                       case SSL_ERROR_WANT_WRITE:
+#ifndef WINDOWS
+                               BIO_printf(bio_c_out,"write W BLOCK\n");
+#endif
+                               write_ssl=1;
+                               read_tty=0;
+                               break;
+                       case SSL_ERROR_WANT_READ:
+#ifndef WINDOWS
+                               BIO_printf(bio_c_out,"write R BLOCK\n");
+#endif
+                               write_tty=0;
+                               read_ssl=1;
+                               write_ssl=0;
+                               break;
+                       case SSL_ERROR_WANT_X509_LOOKUP:
+                               BIO_printf(bio_c_out,"write X BLOCK\n");
+                               break;
+                       case SSL_ERROR_ZERO_RETURN:
+                               if (cbuf_len != 0)
+                                       {
+                                       BIO_printf(bio_c_out,"shutdown\n");
+                                       goto shut;
+                                       }
+                               else
+                                       {
+                                       read_tty=1;
+                                       write_ssl=0;
+                                       break;
+                                       }
+                               
+                       case SSL_ERROR_SYSCALL:
+                               if ((k != 0) || (cbuf_len != 0))
+                                       {
+                                       BIO_printf(bio_err,"write:errno=%d\n",
+                                               get_last_socket_error());
+                                       goto shut;
+                                       }
+                               else
+                                       {
+                                       read_tty=1;
+                                       write_ssl=0;
+                                       }
+                               break;
+                       case SSL_ERROR_SSL:
+                               ERR_print_errors(bio_err);
+                               goto shut;
+                               }
+                       }
+#ifndef WINDOWS
+               else if (FD_ISSET(fileno(stdout),&writefds))
+#else
+               else if (tty_on && write_tty)
+#endif
+                       {
+                       i=write(fileno(stdout),&(sbuf[sbuf_off]),sbuf_len);
+
+                       if (i <= 0)
+                               {
+                               BIO_printf(bio_c_out,"DONE\n");
+                               goto shut;
+                               /* goto end; */
+                               }
+
+                       sbuf_len-=i;;
+                       sbuf_off+=i;
+                       if (sbuf_len <= 0)
+                               {
+                               read_ssl=1;
+                               write_tty=0;
+                               }
+                       }
+#ifndef WINDOWS
+               else if (FD_ISSET(SSL_get_fd(con),&readfds))
+#else
+               if (read_ssl)
+#endif
+                       {
+#ifdef RENEG
+{ static int iiii; if (++iiii == 52) { SSL_renegotiate(con); iiii=0; } }
+#endif
+                       k=SSL_read(con,sbuf,1024 /* BUFSIZZ */ );
+
+                       switch (SSL_get_error(con,k))
+                               {
+                       case SSL_ERROR_NONE:
+                               if (k <= 0)
+                                       goto end;
+                               sbuf_off=0;
+                               sbuf_len=k;
+
+                               read_ssl=0;
+                               write_tty=1;
+                               break;
+                       case SSL_ERROR_WANT_WRITE:
+#ifndef WINDOWS
+                               BIO_printf(bio_c_out,"read W BLOCK\n");
+#endif
+                               write_ssl=1;
+                               read_tty=0;
+                               break;
+                       case SSL_ERROR_WANT_READ:
+#ifndef WINDOWS
+                               BIO_printf(bio_c_out,"read R BLOCK\n");
+#endif
+                               write_tty=0;
+                               read_ssl=1;
+                               if ((read_tty == 0) && (write_ssl == 0))
+                                       write_ssl=1;
+                               break;
+                       case SSL_ERROR_WANT_X509_LOOKUP:
+                               BIO_printf(bio_c_out,"read X BLOCK\n");
+                               break;
+                       case SSL_ERROR_SYSCALL:
+                               BIO_printf(bio_err,"read:errno=%d\n",get_last_socket_error());
+                               goto shut;
+                       case SSL_ERROR_ZERO_RETURN:
+                               BIO_printf(bio_c_out,"closed\n");
+                               goto shut;
+                       case SSL_ERROR_SSL:
+                               ERR_print_errors(bio_err);
+                               goto shut;
+                               break;
+                               }
+                       }
+
+#ifndef WINDOWS
+               else if (FD_ISSET(fileno(stdin),&readfds))
+                       {
+                       i=read(fileno(stdin),cbuf,BUFSIZZ);
+#else
+               if (tty_on && read_tty && _kbhit())
+                       {
+                       i = 1;
+                       cbuf[0] = _getch();
+#endif
+
+                       if ((!c_quiet) && ((i <= 0) || (cbuf[0] == 'Q')))
+                               {
+                               BIO_printf(bio_err,"DONE\n");
+                               goto shut;
+                               }
+
+                       if ((!c_quiet) && (cbuf[0] == 'R'))
+                               {
+                               SSL_renegotiate(con);
+                               read_tty=0;
+                               write_ssl=1;
+                               }
+                       else
+                               {
+                               cbuf_len=i;
+                               cbuf_off=0;
+                               }
+
+                       read_tty=0;
+                       write_ssl=1;
+                       }
+               }
+shut:
+       SSL_shutdown(con);
+       SHUTDOWN(SSL_get_fd(con));
+       ret=0;
+end:
+       if (con != NULL) SSL_free(con);
+       if (con2 != NULL) SSL_free(con2);
+       if (ctx != NULL) SSL_CTX_free(ctx);
+       if (cbuf != NULL) { memset(cbuf,0,BUFSIZZ); Free(cbuf); }
+       if (sbuf != NULL) { memset(sbuf,0,BUFSIZZ); Free(sbuf); }
+       if (bio_c_out != NULL)
+               {
+               BIO_free(bio_c_out);
+               bio_c_out=NULL;
+               }
+       EXIT(ret);
+       }
+
+
+static void print_stuff(bio,s,full)
+BIO *bio;
+SSL *s;
+int full;
+       {
+       X509 *peer=NULL;
+       char *p;
+       static char *space="                ";
+       char buf[BUFSIZ];
+       STACK *sk;
+       SSL_CIPHER *c;
+       X509_NAME *xn;
+       int j,i;
+
+       if (full)
+               {
+               sk=SSL_get_peer_cert_chain(s);
+               if (sk != NULL)
+                       {
+                       BIO_printf(bio,"---\nCertificate chain\n");
+                       for (i=0; i<sk_num(sk); i++)
+                               {
+                               X509_NAME_oneline(X509_get_subject_name((X509 *)
+                                       sk_value(sk,i)),buf,BUFSIZ);
+                               BIO_printf(bio,"%2d s:%s\n",i,buf);
+                               X509_NAME_oneline(X509_get_issuer_name((X509 *)
+                                       sk_value(sk,i)),buf,BUFSIZ);
+                               BIO_printf(bio,"   i:%s\n",buf);
+                               }
+                       }
+
+               BIO_printf(bio,"---\n");
+               peer=SSL_get_peer_certificate(s);
+               if (peer != NULL)
+                       {
+                       BIO_printf(bio,"Server certificate\n");
+                       PEM_write_bio_X509(bio,peer);
+                       X509_NAME_oneline(X509_get_subject_name(peer),
+                               buf,BUFSIZ);
+                       BIO_printf(bio,"subject=%s\n",buf);
+                       X509_NAME_oneline(X509_get_issuer_name(peer),
+                               buf,BUFSIZ);
+                       BIO_printf(bio,"issuer=%s\n",buf);
+                       }
+               else
+                       BIO_printf(bio,"no peer certificate available\n");
+
+               sk=SSL_get_client_CA_list(s);
+               if ((sk != NULL) && (sk_num(sk) > 0))
+                       {
+                       BIO_printf(bio,"---\nAcceptable client certificate CA names\n");
+                       for (i=0; i<sk_num(sk); i++)
+                               {
+                               xn=(X509_NAME *)sk_value(sk,i);
+                               X509_NAME_oneline(xn,buf,sizeof(buf));
+                               BIO_write(bio,buf,strlen(buf));
+                               BIO_write(bio,"\n",1);
+                               }
+                       }
+               else
+                       {
+                       BIO_printf(bio,"---\nNo client certificate CA names sent\n");
+                       }
+               p=SSL_get_shared_ciphers(s,buf,BUFSIZ);
+               if (p != NULL)
+                       {
+                       BIO_printf(bio,"---\nCiphers common between both SSL endpoints:\n");
+                       j=i=0;
+                       while (*p)
+                               {
+                               if (*p == ':')
+                                       {
+                                       BIO_write(bio,space,15-j%25);
+                                       i++;
+                                       j=0;
+                                       BIO_write(bio,((i%3)?" ":"\n"),1);
+                                       }
+                               else
+                                       {
+                                       BIO_write(bio,p,1);
+                                       j++;
+                                       }
+                               p++;
+                               }
+                       BIO_write(bio,"\n",1);
+                       }
+
+               BIO_printf(bio,"---\nSSL handshake has read %ld bytes and written %ld bytes\n",
+                       BIO_number_read(SSL_get_rbio(s)),
+                       BIO_number_written(SSL_get_wbio(s)));
+               }
+       BIO_printf(bio,((s->hit)?"---\nReused, ":"---\nNew, "));
+       c=SSL_get_current_cipher(s);
+       BIO_printf(bio,"%s, Cipher is %s\n",
+               SSL_CIPHER_get_version(c),
+               SSL_CIPHER_get_name(c));
+       if (peer != NULL)
+               BIO_printf(bio,"Server public key is %d bit\n",
+                       EVP_PKEY_bits(X509_get_pubkey(peer)));
+       SSL_SESSION_print(bio,SSL_get_session(s));
+       BIO_printf(bio,"---\n");
+       if (peer != NULL)
+               X509_free(peer);
+       }
+
index eabb927..c57b325 100644 (file)
@@ -1,17 +1,17 @@
 issuer= /C=AU/ST=Queensland/O=CryptSoft Pty Ltd/CN=Test CA (1024 bit)
 subject=/C=AU/ST=Queensland/O=CryptSoft Pty Ltd/CN=Server test cert (512 bit)
 -----BEGIN CERTIFICATE-----
-MIIB6TCCAVICAQAwDQYJKoZIhvcNAQEEBQAwWzELMAkGA1UEBhMCQVUxEzARBgNV
+MIIB6TCCAVICAQQwDQYJKoZIhvcNAQEEBQAwWzELMAkGA1UEBhMCQVUxEzARBgNV
 BAgTClF1ZWVuc2xhbmQxGjAYBgNVBAoTEUNyeXB0U29mdCBQdHkgTHRkMRswGQYD
-VQQDExJUZXN0IENBICgxMDI0IGJpdCkwHhcNOTcwNjA5MTM1NzQ2WhcNOTgwNjA5
-MTM1NzQ2WjBjMQswCQYDVQQGEwJBVTETMBEGA1UECBMKUXVlZW5zbGFuZDEaMBgG
+VQQDExJUZXN0IENBICgxMDI0IGJpdCkwHhcNOTgwNjI5MjM1MjQwWhcNMDAwNjI4
+MjM1MjQwWjBjMQswCQYDVQQGEwJBVTETMBEGA1UECBMKUXVlZW5zbGFuZDEaMBgG
 A1UEChMRQ3J5cHRTb2Z0IFB0eSBMdGQxIzAhBgNVBAMTGlNlcnZlciB0ZXN0IGNl
 cnQgKDUxMiBiaXQpMFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJ+zw4Qnlf8SMVIP
 Fe9GEcStgOY2Ww/dgNdhjeD8ckUJNP5VZkVDTGiXav6ooKXfX3j/7tdkuD8Ey2//
-Kv7+ue0CAwEAATANBgkqhkiG9w0BAQQFAAOBgQB4TMR2CvacKE9wAsu9jyCX8YiW
-mgCM+YoP6kt4Zkj2z5IRfm7WrycKsnpnOR+tGeqAjkCeZ6/36o9l91RvPnN1VJ/i
-xQv2df0KFeMr00IkDdTNAdIWqFkSsZTAY2QAdgenb7MB1joejquYzO2DQIO7+wpH
-irObpESxAZLySCmPPg==
+Kv7+ue0CAwEAATANBgkqhkiG9w0BAQQFAAOBgQCVvvfkGSe2GHgDFfmOua4Isjb9
+JVhImWMASiOClkZlMESDJjsszg/6+d/W+8TrbObhazpl95FivXBVucbj9dudh7AO
+IZu1h1MAPlyknc9Ud816vz3FejB4qqUoaXjnlkrIgEbr/un7jSS86WOe0hRhwHkJ
+FUGcPZf9ND22Etc+AQ==
 -----END CERTIFICATE-----
 -----BEGIN RSA PRIVATE KEY-----
 MIIBPAIBAAJBAJ+zw4Qnlf8SMVIPFe9GEcStgOY2Ww/dgNdhjeD8ckUJNP5VZkVD
index 2fad36a..a606ca3 100644 (file)
 #undef PROG
 #define PROG   sess_id_main
 
-#define FORMAT_UNDEF   0
-#define FORMAT_ASN1    1
-#define FORMAT_TEXT    2
-#define FORMAT_PEM     3
-
 static char *sess_id_usage[]={
 "usage: crl args\n",
 "\n",
index 0003934..9e20b72 100644 (file)
@@ -60,8 +60,8 @@
 
 #undef SECONDS
 #define SECONDS                3       
-#define RSA_SECONDS    10      
-#define DSA_SECONDS    10      
+#define RSA_SECONDS    10
+#define DSA_SECONDS    10
 
 /* 11-Sep-92 Andrew Daviel   Support for Silicon Graphics IRIX added */
 /* 06-Apr-92 Luke Brennan    Support for VMS and add extra signal calls */
@@ -107,7 +107,8 @@ struct tms {
 #include <sys/timeb.h>
 #endif
 
-#ifdef sun
+#if defined(sun) || defined(__ultrix)
+#define _POSIX_SOURCE
 #include <limits.h>
 #include <sys/param.h>
 #endif
@@ -361,13 +362,19 @@ char **argv;
        int pr_header=0;
 
        apps_startup();
+#ifdef NO_DSA
+       memset(dsa_key,0,sizeof(dsa_key));
+#endif
 
        if (bio_err == NULL)
                if ((bio_err=BIO_new(BIO_s_file())) != NULL)
                        BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
 
+#ifndef NO_RSA
+       memset(rsa_key,0,sizeof(rsa_key));
        for (i=0; i<RSA_NUM; i++)
                rsa_key[i]=NULL;
+#endif
 
        if ((buf=(unsigned char *)Malloc((int)BUFSIZE)) == NULL)
                {
@@ -679,7 +686,7 @@ char **argv;
                        rsa_doit[i]=0;
                else
                        {
-                       if (rsa_c[i] == 0)
+                       if (rsa_c[i][0] == 0)
                                {
                                rsa_c[i][0]=1;
                                rsa_c[i][1]=20;
@@ -969,6 +976,8 @@ char **argv;
        for (j=0; j<RSA_NUM; j++)
                {
                if (!rsa_doit[j]) continue;
+               rsa_num=RSA_private_encrypt(30,buf,buf2,rsa_key[j],
+                       RSA_PKCS1_PADDING);
                pkey_print_message("private","rsa",rsa_c[j][0],rsa_bits[j],
                        RSA_SECONDS);
 /*             RSA_blinding_on(rsa_key[j],NULL); */
@@ -992,6 +1001,8 @@ char **argv;
                rsa_count=count;
 
 #if 1
+               rsa_num2=RSA_public_decrypt(rsa_num,buf2,buf,rsa_key[j],
+                       RSA_PKCS1_PADDING);
                pkey_print_message("public","rsa",rsa_c[j][1],rsa_bits[j],
                        RSA_SECONDS);
                Time_F(START);
@@ -1031,6 +1042,8 @@ char **argv;
                if (!dsa_doit[j]) continue;
                DSA_generate_key(dsa_key[j]);
 /*             DSA_sign_setup(dsa_key[j],NULL); */
+               rsa_num=DSA_sign(EVP_PKEY_DSA,buf,20,buf2,
+                       &kk,dsa_key[j]);
                pkey_print_message("sign","dsa",dsa_c[j][0],dsa_bits[j],
                        DSA_SECONDS);
                Time_F(START);
@@ -1052,6 +1065,8 @@ char **argv;
                dsa_results[j][0]=d/(double)count;
                rsa_count=count;
 
+               rsa_num2=DSA_verify(EVP_PKEY_DSA,buf,20,buf2,
+                       kk,dsa_key[j]);
                pkey_print_message("verify","dsa",dsa_c[j][1],dsa_bits[j],
                        DSA_SECONDS);
                Time_F(START);
index eac411b..739a0e8 100644 (file)
@@ -241,6 +241,7 @@ end:
        ERR_remove_state(0);
 
        EVP_cleanup();
+       ERR_free_strings();
 
        CRYPTO_mem_leaks(bio_err);
        if (bio_err != NULL)
index 0b3bfa6..2621d90 100644 (file)
@@ -4,6 +4,7 @@
 #
 
 RANDFILE               = $ENV::HOME/.rnd
+oid_file               = $ENV::HOME/.oid
 
 ####################################################################
 [ ca ]
@@ -90,6 +91,8 @@ commonName_max                        = 64
 emailAddress                   = Email Address
 emailAddress_max               = 40
 
+SET-ex3                                = SET extension number 3
+
 [ req_attributes ]
 challengePassword              = A challenge password
 challengePassword_min          = 4
index 8cd675f..2179110 100644 (file)
@@ -141,6 +141,7 @@ char **argv;
                X509_LOOKUP_add_dir(lookup,NULL,X509_FILETYPE_DEFAULT);
 
 
+       ERR_clear_error();
        if (argc < 1) check(cert_ctx,NULL);
        else
                for (i=0; i<argc; i++)
index fcf1f08..8d154ea 100644 (file)
@@ -71,7 +71,7 @@ int argc;
 char **argv;
        {
        int i,ret=0;
-       int cflags=0,version=0,date=0,options=0;
+       int cflags=0,version=0,date=0,options=0,platform=0;
 
        apps_startup();
 
@@ -90,11 +90,13 @@ char **argv;
                        cflags=1;
                else if (strcmp(argv[i],"-o") == 0)
                        options=1;
+               else if (strcmp(argv[i],"-p") == 0)
+                       platform=1;
                else if (strcmp(argv[i],"-a") == 0)
-                       date=version=cflags=options=1;
+                       date=version=cflags=options=platform=1;
                else
                        {
-                       BIO_printf(bio_err,"usage:version [-a] [-v] [-b] [-o] [-f]\n");
+                       BIO_printf(bio_err,"usage:version -[avbofp]\n");
                        ret=1;
                        goto end;
                        }
@@ -102,6 +104,7 @@ char **argv;
 
        if (version) printf("%s\n",SSLeay_version(SSLEAY_VERSION));
        if (date)    printf("%s\n",SSLeay_version(SSLEAY_BUILT_ON));
+       if (platform) printf("%s\n",SSLeay_version(SSLEAY_PLATFORM));
        if (options) 
                {
                printf("options:");
index f5e8be1..94d57bb 100644 (file)
 #define        POSTFIX ".srl"
 #define DEF_DAYS       30
 
-#define FORMAT_UNDEF   0
-#define FORMAT_ASN1    1
-#define FORMAT_TEXT    2
-#define FORMAT_PEM     3
-
 #define CERT_HDR       "certificate"
 
 static char *x509_usage[]={
@@ -219,7 +214,7 @@ char **argv;
                        days=atoi(*(++argv));
                        if (days == 0)
                                {
-                               BIO_printf(bio_err,"bad number of days\n");
+                               BIO_printf(STDout,"bad number of days\n");
                                goto bad;
                                }
                        }
@@ -400,9 +395,13 @@ bad:
                X509_gmtime_adj(X509_get_notBefore(x),0);
                X509_gmtime_adj(X509_get_notAfter(x),(long)60*60*24*days);
 
+#if 0
                X509_PUBKEY_free(ci->key);
                ci->key=req->req_info->pubkey;
                req->req_info->pubkey=NULL;
+#else
+               X509_set_pubkey(x,X509_REQ_get_pubkey(req));
+#endif
                }
        else
                x=load_cert(infile,informat);
@@ -445,24 +444,23 @@ bad:
                                {
                                X509_NAME_oneline(X509_get_issuer_name(x),
                                        buf,256);
-                               fprintf(stdout,"issuer= %s\n",buf);
+                               BIO_printf(STDout,"issuer= %s\n",buf);
                                }
                        else if (subject == i) 
                                {
                                X509_NAME_oneline(X509_get_subject_name(x),
                                        buf,256);
-                               fprintf(stdout,"subject=%s\n",buf);
+                               BIO_printf(STDout,"subject=%s\n",buf);
                                }
                        else if (serial == i)
                                {
-                               fprintf(stdout,"serial=");
+                               BIO_printf(STDout,"serial=");
                                i2a_ASN1_INTEGER(STDout,x->cert_info->serialNumber);
-                               fprintf(stdout,"\n");
+                               BIO_printf(STDout,"\n");
                                }
                        else if (hash == i)
                                {
-                               fprintf(stdout,"%08lx\n",
-                                       X509_subject_name_hash(x));
+                               BIO_printf(STDout,"%08lx\n",X509_subject_name_hash(x));
                                }
                        else
 #ifndef NO_RSA
@@ -473,16 +471,16 @@ bad:
                                pkey=X509_get_pubkey(x);
                                if (pkey == NULL)
                                        {
-                                       fprintf(stdout,"Modulus=unavailable\n");
+                                       BIO_printf(bio_err,"Modulus=unavailable\n");
                                        ERR_print_errors(bio_err);
                                        goto end;
                                        }
-                               fprintf(stdout,"Modulus=");
+                               BIO_printf(STDout,"Modulus=");
                                if (pkey->type == EVP_PKEY_RSA)
                                        BN_print(STDout,pkey->pkey.rsa->n);
                                else
-                                       fprintf(stdout,"Wrong Algorithm type");
-                               fprintf(stdout,"\n");
+                                       BIO_printf(STDout,"Wrong Algorithm type");
+                               BIO_printf(STDout,"\n");
                                }
                        else
 #endif
@@ -494,47 +492,49 @@ bad:
 
                                X509_NAME_oneline(X509_get_subject_name(x),
                                        buf,256);
-                               printf("/* subject:%s */\n",buf);
+                               BIO_printf(STDout,"/* subject:%s */\n",buf);
                                m=X509_NAME_oneline(
                                        X509_get_issuer_name(x),buf,256);
-                               printf("/* issuer :%s */\n",buf);
+                               BIO_printf(STDout,"/* issuer :%s */\n",buf);
 
                                z=i2d_X509(x,NULL);
                                m=Malloc(z);
 
                                d=(unsigned char *)m;
                                z=i2d_X509_NAME(X509_get_subject_name(x),&d);
-                               printf("unsigned char XXX_subject_name[%d]={\n",z);
+                               BIO_printf(STDout,"unsigned char XXX_subject_name[%d]={\n",z);
                                d=(unsigned char *)m;
                                for (y=0; y<z; y++)
                                        {
-                                       printf("0x%02X,",d[y]);
-                                       if ((y & 0x0f) == 0x0f) printf("\n");
+                                       BIO_printf(STDout,"0x%02X,",d[y]);
+                                       if ((y & 0x0f) == 0x0f) BIO_printf(STDout,"\n");
                                        }
-                               if (y%16 != 0) printf("\n");
-                               printf("};\n");
+                               if (y%16 != 0) BIO_printf(STDout,"\n");
+                               BIO_printf(STDout,"};\n");
 
                                z=i2d_X509_PUBKEY(X509_get_X509_PUBKEY(x),&d);
-                               printf("unsigned char XXX_public_key[%d]={\n",z);
+                               BIO_printf(STDout,"unsigned char XXX_public_key[%d]={\n",z);
                                d=(unsigned char *)m;
                                for (y=0; y<z; y++)
                                        {
-                                       printf("0x%02X,",d[y]);
-                                       if ((y & 0x0f) == 0x0f) printf("\n");
+                                       BIO_printf(STDout,"0x%02X,",d[y]);
+                                       if ((y & 0x0f) == 0x0f)
+                                               BIO_printf(STDout,"\n");
                                        }
-                               if (y%16 != 0) printf("\n");
-                               printf("};\n");
+                               if (y%16 != 0) BIO_printf(STDout,"\n");
+                               BIO_printf(STDout,"};\n");
 
                                z=i2d_X509(x,&d);
-                               printf("unsigned char XXX_certificate[%d]={\n",z);
+                               BIO_printf(STDout,"unsigned char XXX_certificate[%d]={\n",z);
                                d=(unsigned char *)m;
                                for (y=0; y<z; y++)
                                        {
-                                       printf("0x%02X,",d[y]);
-                                       if ((y & 0x0f) == 0x0f) printf("\n");
+                                       BIO_printf(STDout,"0x%02X,",d[y]);
+                                       if ((y & 0x0f) == 0x0f)
+                                               BIO_printf(STDout,"\n");
                                        }
-                               if (y%16 != 0) printf("\n");
-                               printf("};\n");
+                               if (y%16 != 0) BIO_printf(STDout,"\n");
+                               BIO_printf(STDout,"};\n");
 
                                Free(m);
                                }
@@ -565,10 +565,10 @@ bad:
                                        BIO_printf(bio_err,"out of memory\n");
                                        goto end;
                                        }
-                               fprintf(stdout,"MD5 Fingerprint=");
+                               BIO_printf(STDout,"MD5 Fingerprint=");
                                for (j=0; j<(int)n; j++)
                                        {
-                                       fprintf(stdout,"%02X%c",md[j],
+                                       BIO_printf(STDout,"%02X%c",md[j],
                                                (j+1 == (int)n)
                                                ?'\n':':');
                                        }
@@ -602,6 +602,7 @@ bad:
                                if (CApkey->type == EVP_PKEY_DSA)
                                        digest=EVP_dss1();
 #endif
+                               
                                if (!x509_certify(ctx,CAfile,digest,x,xca,
                                        CApkey,
                                        CAserial,CA_createserial,days))
@@ -802,6 +803,12 @@ int days;
        if (!reqfile && !X509_verify_cert(&xsc))
                goto end;
 
+       if (!X509_check_private_key(xca,pkey))
+               {
+               BIO_printf(bio_err,"CA certificate and CA private key do not match\n");
+               goto end;
+               }
+
        if (!X509_set_issuer_name(x,X509_get_subject_name(xca))) goto end;
        if (!X509_set_serialNumber(x,bs)) goto end;
 
@@ -856,15 +863,15 @@ X509_STORE_CTX *ctx;
         * DEPTH_ZERO_SELF_.... */
        if (ok)
                {
-               printf("error with certificate to be certified - should be self signed\n");
+               BIO_printf(bio_err,"error with certificate to be certified - should be self signed\n");
                return(0);
                }
        else
                {
                err_cert=X509_STORE_CTX_get_current_cert(ctx);
                X509_NAME_oneline(X509_get_subject_name(err_cert),buf,256);
-               printf("%s\n",buf);
-               printf("error with certificate - error %d at depth %d\n%s\n",
+               BIO_printf(bio_err,"%s\n",buf);
+               BIO_printf(bio_err,"error with certificate - error %d at depth %d\n%s\n",
                        err,X509_STORE_CTX_get_error_depth(ctx),
                        X509_verify_cert_error_string(err));
                return(1);
index 48bd060..178239d 100644 (file)
@@ -7,6 +7,8 @@
 /* This compiler bug it present on IRIX 5.3, 5.1 and 4.0.5 (these are
  * the only versions of IRIX I have access to.
  * defining FIXBUG removes the bug.
+ * (bug is still present in IRIX 6.3 according to
+ * Gage <agage@forgetmenot.Mines.EDU>
  */
  
 /* Compare the output from
diff --git a/bugs/ultrixcc.c b/bugs/ultrixcc.c
new file mode 100644 (file)
index 0000000..7ba75b1
--- /dev/null
@@ -0,0 +1,45 @@
+#include <stdio.h>
+
+/* This is a cc optimiser bug for ultrix 4.3, mips CPU.
+ * What happens is that the compiler, due to the (a)&7,
+ * does
+ * i=a&7;
+ * i--;
+ * i*=4;
+ * Then uses i as the offset into a jump table.
+ * The problem is that a value of 0 generates an offset of
+ * 0xfffffffc.
+ */
+
+main()
+       {
+       f(5);
+       f(0);
+       }
+
+int f(a)
+int a;
+       {
+       switch(a&7)
+               {
+       case 7:
+               printf("7\n");
+       case 6:
+               printf("6\n");
+       case 5:
+               printf("5\n");
+       case 4:
+               printf("4\n");
+       case 3:
+               printf("3\n");
+       case 2:
+               printf("2\n");
+       case 1:
+               printf("1\n");
+#ifdef FIX_BUG
+       case 0:
+               ;
+#endif
+               }
+       }       
+
diff --git a/certs/expired/ICE-CA.pem b/certs/expired/ICE-CA.pem
new file mode 100644 (file)
index 0000000..7565236
--- /dev/null
@@ -0,0 +1,59 @@
+Certificate:
+    Data:
+        Version: 3 (0x2)
+        Serial Number: 1 (0x1)
+        Signature Algorithm: md5WithRSAEncryption
+        Issuer: O=European ICE-TEL project, OU=V3-Certification Authority
+        Validity
+            Not Before: Apr  2 17:35:53 1997 GMT
+            Not After : Apr  2 17:35:53 1998 GMT
+        Subject: O=European ICE-TEL project, OU=V3-Certification Authority, L=Darmstadt
+        Subject Public Key Info:
+            Public Key Algorithm: rsa
+            RSA Public Key: (512 bit)
+                Modulus (512 bit):
+                    00:82:75:ba:f6:d1:60:b5:f9:15:b3:6a:dd:29:8f:
+                    8b:a4:6f:1a:88:e0:50:43:40:0b:79:41:d5:d3:16:
+                    44:7d:74:65:17:42:06:52:0b:e9:50:c8:10:cd:24:
+                    e2:ae:8d:22:30:73:e6:b4:b7:93:1f:e5:6e:a2:ae:
+                    49:11:a5:c9:45
+                Exponent: 65537 (0x10001)
+        X509v3 extensions:
+            X509v3 Authority Key Identifier: 
+                0.........z.."p......e..
+            X509v3 Subject Key Identifier: 
+                ..~r..:..B.44fu......3
+            X509v3 Key Usage: critical
+                ....
+            X509v3 Certificate Policies: critical
+                0.0...*...
+            X509v3 Subject Alternative Name: 
+                0!..secude-support@darmstadt.gmd.de
+            X509v3 Issuer Alternative Name: 
+                0I..ice-tel-ca@darmstadt.gmd.de.*http://www.darmstadt.gmd.de/ice-tel/euroca
+            X509v3 Basic Constraints: critical
+                0....
+            X509v3 CRL Distribution Points: 
+                0200...,.*http://www.darmstadt.gmd.de/ice-tel/euroca
+    Signature Algorithm: md5WithRSAEncryption
+        17:a2:88:b7:99:5a:05:41:e4:13:34:67:e6:1f:3e:26:ec:4b:
+        69:f9:3e:28:22:be:9d:1c:ab:41:6f:0c:00:85:fe:45:74:f6:
+        98:f0:ce:9b:65:53:4a:50:42:c7:d4:92:bd:d7:a2:a8:3d:98:
+        88:73:cd:60:28:79:a3:fc:48:7a
+-----BEGIN CERTIFICATE-----
+MIICzDCCAnagAwIBAgIBATANBgkqhkiG9w0BAQQFADBIMSEwHwYDVQQKExhFdXJv
+cGVhbiBJQ0UtVEVMIHByb2plY3QxIzAhBgNVBAsTGlYzLUNlcnRpZmljYXRpb24g
+QXV0aG9yaXR5MB4XDTk3MDQwMjE3MzU1M1oXDTk4MDQwMjE3MzU1M1owXDEhMB8G
+A1UEChMYRXVyb3BlYW4gSUNFLVRFTCBwcm9qZWN0MSMwIQYDVQQLExpWMy1DZXJ0
+aWZpY2F0aW9uIEF1dGhvcml0eTESMBAGA1UEBxMJRGFybXN0YWR0MFkwCgYEVQgB
+AQICAgADSwAwSAJBAIJ1uvbRYLX5FbNq3SmPi6RvGojgUENAC3lB1dMWRH10ZRdC
+BlIL6VDIEM0k4q6NIjBz5rS3kx/lbqKuSRGlyUUCAwEAAaOCATgwggE0MB8GA1Ud
+IwQYMBaAFIr3yNUOx3ro1yJw4AuJ1bbsZbzPMB0GA1UdDgQWBBR+cvL4OoacQog0
+NGZ1w9T80aIRMzAOBgNVHQ8BAf8EBAMCAfYwFAYDVR0gAQH/BAowCDAGBgQqAwQF
+MCoGA1UdEQQjMCGBH3NlY3VkZS1zdXBwb3J0QGRhcm1zdGFkdC5nbWQuZGUwUgYD
+VR0SBEswSYEbaWNlLXRlbC1jYUBkYXJtc3RhZHQuZ21kLmRlhipodHRwOi8vd3d3
+LmRhcm1zdGFkdC5nbWQuZGUvaWNlLXRlbC9ldXJvY2EwDwYDVR0TAQH/BAUwAwEB
+/zA7BgNVHR8ENDAyMDCgLqAshipodHRwOi8vd3d3LmRhcm1zdGFkdC5nbWQuZGUv
+aWNlLXRlbC9ldXJvY2EwDQYJKoZIhvcNAQEEBQADQQAXooi3mVoFQeQTNGfmHz4m
+7Etp+T4oIr6dHKtBbwwAhf5FdPaY8M6bZVNKUELH1JK916KoPZiIc81gKHmj/Eh6
+-----END CERTIFICATE-----
diff --git a/certs/expired/ICE-root.pem b/certs/expired/ICE-root.pem
new file mode 100644 (file)
index 0000000..fa99159
--- /dev/null
@@ -0,0 +1,48 @@
+Certificate:
+    Data:
+        Version: 3 (0x2)
+        Serial Number: 0 (0x0)
+        Signature Algorithm: md5WithRSAEncryption
+        Issuer: O=European ICE-TEL project, OU=V3-Certification Authority
+        Validity
+            Not Before: Apr  2 17:33:36 1997 GMT
+            Not After : Apr  2 17:33:36 1998 GMT
+        Subject: O=European ICE-TEL project, OU=V3-Certification Authority
+        Subject Public Key Info:
+            Public Key Algorithm: rsa
+            RSA Public Key: (512 bit)
+                Modulus (512 bit):
+                    00:80:3e:eb:ae:47:a9:fe:10:54:0b:81:8b:9c:2b:
+                    82:ab:3a:61:36:65:8b:f3:73:9f:ac:ac:7a:15:a7:
+                    13:8f:b4:c4:ba:a3:0f:bc:a5:58:8d:cc:b1:93:31:
+                    9e:81:9e:8c:19:61:86:fa:52:73:54:d1:97:76:22:
+                    e7:c7:9f:41:cd
+                Exponent: 65537 (0x10001)
+        X509v3 extensions:
+            X509v3 Subject Key Identifier: 
+                ........z.."p......e..
+            X509v3 Key Usage: critical
+                ....
+            X509v3 Subject Alternative Name: 
+                0I.*http://www.darmstadt.gmd.de/ice-tel/euroca..ice-tel-ca@darmstadt.gmd.de
+            X509v3 Basic Constraints: critical
+                0....
+    Signature Algorithm: md5WithRSAEncryption
+        76:69:61:db:b7:cf:8b:06:9e:d8:8c:96:53:d2:4d:a8:23:a6:
+        03:44:e8:8f:24:a5:c0:84:a8:4b:77:d4:2d:2b:7d:37:91:67:
+        f2:2c:ce:02:31:4c:6b:cc:ce:f2:68:a6:11:11:ab:7d:88:b8:
+        7e:22:9f:25:06:60:bd:79:30:3d
+-----BEGIN CERTIFICATE-----
+MIICFjCCAcCgAwIBAgIBADANBgkqhkiG9w0BAQQFADBIMSEwHwYDVQQKExhFdXJv
+cGVhbiBJQ0UtVEVMIHByb2plY3QxIzAhBgNVBAsTGlYzLUNlcnRpZmljYXRpb24g
+QXV0aG9yaXR5MB4XDTk3MDQwMjE3MzMzNloXDTk4MDQwMjE3MzMzNlowSDEhMB8G
+A1UEChMYRXVyb3BlYW4gSUNFLVRFTCBwcm9qZWN0MSMwIQYDVQQLExpWMy1DZXJ0
+aWZpY2F0aW9uIEF1dGhvcml0eTBZMAoGBFUIAQECAgIAA0sAMEgCQQCAPuuuR6n+
+EFQLgYucK4KrOmE2ZYvzc5+srHoVpxOPtMS6ow+8pViNzLGTMZ6BnowZYYb6UnNU
+0Zd2IufHn0HNAgMBAAGjgZcwgZQwHQYDVR0OBBYEFIr3yNUOx3ro1yJw4AuJ1bbs
+ZbzPMA4GA1UdDwEB/wQEAwIB9jBSBgNVHREESzBJhipodHRwOi8vd3d3LmRhcm1z
+dGFkdC5nbWQuZGUvaWNlLXRlbC9ldXJvY2GBG2ljZS10ZWwtY2FAZGFybXN0YWR0
+LmdtZC5kZTAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBBAUAA0EAdmlh27fP
+iwae2IyWU9JNqCOmA0TojySlwISoS3fULSt9N5Fn8izOAjFMa8zO8mimERGrfYi4
+fiKfJQZgvXkwPQ==
+-----END CERTIFICATE-----
diff --git a/certs/expired/ICE-user.pem b/certs/expired/ICE-user.pem
new file mode 100644 (file)
index 0000000..28065fd
--- /dev/null
@@ -0,0 +1,63 @@
+Certificate:
+    Data:
+        Version: 3 (0x2)
+        Serial Number: 1 (0x1)
+        Signature Algorithm: md5WithRSAEncryption
+        Issuer: O=European ICE-TEL project, OU=V3-Certification Authority, L=Darmstadt
+        Validity
+            Not Before: Apr  2 17:35:59 1997 GMT
+            Not After : Apr  2 17:35:59 1998 GMT
+        Subject: O=European ICE-TEL project, OU=V3-Certification Authority, L=Darmstadt, CN=USER
+        Subject Public Key Info:
+            Public Key Algorithm: rsa
+            RSA Public Key: (512 bit)
+                Modulus (512 bit):
+                    00:a8:a8:53:63:49:1b:93:c3:c3:0b:6c:88:11:55:
+                    de:7e:6a:e2:f9:52:a0:dc:69:25:c4:c8:bf:55:e1:
+                    31:a8:ce:e4:a9:29:85:99:8a:15:9a:de:f6:2f:e1:
+                    b4:50:5f:5e:04:75:a6:f4:76:dc:3c:0e:39:dc:3a:
+                    be:3e:a4:61:8b
+                Exponent: 65537 (0x10001)
+        X509v3 extensions:
+            X509v3 Authority Key Identifier: 
+                0...~r..:..B.44fu......3
+            X509v3 Subject Key Identifier: 
+                ...... .*...1.*.......
+            X509v3 Key Usage: critical
+                ....
+            X509v3 Certificate Policies: critical
+                0.0...*...0.......
+            X509v3 Subject Alternative Name: 
+                0:..user@darmstadt.gmd.de.!http://www.darmstadt.gmd.de/~user
+            X509v3 Issuer Alternative Name: 
+                0....gmdca@gmd.de..http://www.gmd.de..saturn.darmstadt.gmd.de.\1!0...U.
+..European ICE-TEL project1#0!..U....V3-Certification Authority1.0...U....Darmstadt..141.12.62.26
+            X509v3 Basic Constraints: critical
+                0.
+            X509v3 CRL Distribution Points: 
+                0.0.......gmdca@gmd.de
+    Signature Algorithm: md5WithRSAEncryption
+        69:0c:e1:b7:a7:f2:d8:fb:e8:69:c0:13:cd:37:ad:21:06:22:
+        4d:e8:c6:db:f1:04:0b:b7:e0:b3:d6:0c:81:03:ce:c3:6a:3e:
+        c7:e7:24:24:a4:92:64:c2:83:83:06:42:53:0e:6f:09:1e:84:
+        9a:f7:6f:63:9b:94:99:83:d6:a4
+-----BEGIN CERTIFICATE-----
+MIIDTzCCAvmgAwIBAgIBATANBgkqhkiG9w0BAQQFADBcMSEwHwYDVQQKExhFdXJv
+cGVhbiBJQ0UtVEVMIHByb2plY3QxIzAhBgNVBAsTGlYzLUNlcnRpZmljYXRpb24g
+QXV0aG9yaXR5MRIwEAYDVQQHEwlEYXJtc3RhZHQwHhcNOTcwNDAyMTczNTU5WhcN
+OTgwNDAyMTczNTU5WjBrMSEwHwYDVQQKExhFdXJvcGVhbiBJQ0UtVEVMIHByb2pl
+Y3QxIzAhBgNVBAsTGlYzLUNlcnRpZmljYXRpb24gQXV0aG9yaXR5MRIwEAYDVQQH
+EwlEYXJtc3RhZHQxDTALBgNVBAMTBFVTRVIwWTAKBgRVCAEBAgICAANLADBIAkEA
+qKhTY0kbk8PDC2yIEVXefmri+VKg3GklxMi/VeExqM7kqSmFmYoVmt72L+G0UF9e
+BHWm9HbcPA453Dq+PqRhiwIDAQABo4IBmDCCAZQwHwYDVR0jBBgwFoAUfnLy+DqG
+nEKINDRmdcPU/NGiETMwHQYDVR0OBBYEFJfc4B8gjSoRmLUx4Sq/ucIYiMrPMA4G
+A1UdDwEB/wQEAwIB8DAcBgNVHSABAf8EEjAQMAYGBCoDBAUwBgYECQgHBjBDBgNV
+HREEPDA6gRV1c2VyQGRhcm1zdGFkdC5nbWQuZGWGIWh0dHA6Ly93d3cuZGFybXN0
+YWR0LmdtZC5kZS9+dXNlcjCBsQYDVR0SBIGpMIGmgQxnbWRjYUBnbWQuZGWGEWh0
+dHA6Ly93d3cuZ21kLmRlghdzYXR1cm4uZGFybXN0YWR0LmdtZC5kZaRcMSEwHwYD
+VQQKExhFdXJvcGVhbiBJQ0UtVEVMIHByb2plY3QxIzAhBgNVBAsTGlYzLUNlcnRp
+ZmljYXRpb24gQXV0aG9yaXR5MRIwEAYDVQQHEwlEYXJtc3RhZHSHDDE0MS4xMi42
+Mi4yNjAMBgNVHRMBAf8EAjAAMB0GA1UdHwQWMBQwEqAQoA6BDGdtZGNhQGdtZC5k
+ZTANBgkqhkiG9w0BAQQFAANBAGkM4ben8tj76GnAE803rSEGIk3oxtvxBAu34LPW
+DIEDzsNqPsfnJCSkkmTCg4MGQlMObwkehJr3b2OblJmD1qQ=
+-----END CERTIFICATE-----
diff --git a/certs/expired/ICE.crl b/certs/expired/ICE.crl
new file mode 100644 (file)
index 0000000..21939e8
--- /dev/null
@@ -0,0 +1,9 @@
+-----BEGIN X509 CRL-----
+MIIBNDCBnjANBgkqhkiG9w0BAQIFADBFMSEwHwYDVQQKExhFdXJvcGVhbiBJQ0Ut
+VEVMIFByb2plY3QxIDAeBgNVBAsTF0NlcnRpZmljYXRpb24gQXV0aG9yaXR5Fw05
+NzA2MDkxNDQyNDNaFw05NzA3MDkxNDQyNDNaMCgwEgIBChcNOTcwMzAzMTQ0MjU0
+WjASAgEJFw05NjEwMDIxMjI5MjdaMA0GCSqGSIb3DQEBAgUAA4GBAH4vgWo2Tej/
+i7kbiw4Imd30If91iosjClNpBFwvwUDBclPEeMuYimHbLOk4H8Nofc0fw11+U/IO
+KSNouUDcqG7B64oY7c4SXKn+i1MWOb5OJiWeodX3TehHjBlyWzoNMWCnYA8XqFP1
+mOKp8Jla1BibEZf14+/HqCi2hnZUiEXh
+-----END X509 CRL-----
index 08c70f2..277894d 100644 (file)
@@ -1,15 +1,17 @@
+subject=/C=US/O=VeriSign, Inc./OU=Class 1 Public Primary Certification Authority
+notBefore=Jan 29 00:00:00 1996 GMT
+notAfter=Jan  7 23:59:59 2020 GMT
 -----BEGIN CERTIFICATE-----
-MIAwgKADAgECAgEAMA0GCSqGSIb3DQEBBAUAMGIxETAPBgNVBAcTCEludGVybmV0
-MRcwFQYDVQQKEw5WZXJpU2lnbiwgSW5jLjE0MDIGA1UECxMrVmVyaVNpZ24gQ2xh
-c3MgMSBDQSAtIEluZGl2aWR1YWwgU3Vic2NyaWJlcjAeFw05NjA0MDgxMDIwMjda
-Fw05NzA0MDgxMDIwMjdaMGIxETAPBgNVBAcTCEludGVybmV0MRcwFQYDVQQKEw5W
-ZXJpU2lnbiwgSW5jLjE0MDIGA1UECxMrVmVyaVNpZ24gQ2xhc3MgMSBDQSAtIElu
-ZGl2aWR1YWwgU3Vic2NyaWJlcjCAMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC2
-FKbPTdAFDdjKI9BvqrQpkmOOLPhvltcunXZLEbE2jVfJw/0cxrr+Hgi6M8qV6r7j
-W80GqLd5HUQq7XPysVKDaBBwZJHXPmv5912dFEObbpdFmIFH0S3L3bty10w/cari
-QPJUObwW7s987LrbP2wqsxaxhhKdrpM01bjV0Pc+qQIDAQABAAAAADANBgkqhkiG
-9w0BAQQFAAOBgQA+1nJryNt8VBRjRr07ArDAV/3jAH7GjDc9jsrxZS68ost9v06C
-TvTNKGL+LISNmFLXl+JXhgGB0JZ9fvyYzNgHQ46HBUng1H6voalfJgS2KdEo50wW
-8EFZYMDkT1k4uynwJqkVN2QJK/2q4/A/VCov5h6SlM8Affg2W+1TLqvqkwAA
+MIICPDCCAaUCEDJQM89Q0VbzXIGtZVxPyCUwDQYJKoZIhvcNAQECBQAwXzELMAkG
+A1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMTcwNQYDVQQLEy5DbGFz
+cyAxIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTk2
+MDEyOTAwMDAwMFoXDTIwMDEwNzIzNTk1OVowXzELMAkGA1UEBhMCVVMxFzAVBgNV
+BAoTDlZlcmlTaWduLCBJbmMuMTcwNQYDVQQLEy5DbGFzcyAxIFB1YmxpYyBQcmlt
+YXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MIGfMA0GCSqGSIb3DQEBAQUAA4GN
+ADCBiQKBgQDlGb9to1ZhLZlIcfZn3rmN67eehoAKkQ76OCWvRoiC5XOooJskXQ0f
+zGVuDLDQVoQYh5oGmxChc9+0WDlrbsH2FdWoqD+qEgaNMax/sDTXjzRniAnNFBHi
+TkVWaR94AoDa3EeRKbs2yWNcxeDXLYd7obcysHswuiovMaruo2fa2wIDAQABMA0G
+CSqGSIb3DQEBAgUAA4GBAEtEZmBoZOSYG/OwcuaViXzde7OVwB0u2NgZ0C00PcZQ
+mhCGjKo/O6gE/DdSlcPZydvN8oYGxLEb8IKIMEKOF1AcZHq4PplJdJf8rAJD+5YM
+VgQlDHx8h50kp9jwMim1pN9dokzFFjKoQvZFprY2ueC/ZTaTwtLXa9zeWdaiNfhF
 -----END CERTIFICATE-----
-
index 2386e14..d8bdd8c 100644 (file)
@@ -1,31 +1,18 @@
- subject=/L=Internet/O=VeriSign, Inc./OU=VeriSign Class 2 CA - Individual Subscriber
- issuer= /L=Internet/O=VeriSign, Inc./OU=VeriSign Class 2 CA - Individual Subscriber
-
+subject=/C=US/O=VeriSign, Inc./OU=Class 2 Public Primary Certification Authority
+notBefore=Jan 29 00:00:00 1996 GMT
+notAfter=Jan  7 23:59:59 2004 GMT
 -----BEGIN CERTIFICATE-----
-MIIEkzCCA/ygAwIBAgIRANDTUpSRL3nTFeMrMayFSPAwDQYJKoZIhvcNAQECBQAw
-YjERMA8GA1UEBxMISW50ZXJuZXQxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMTQw
-MgYDVQQLEytWZXJpU2lnbiBDbGFzcyAyIENBIC0gSW5kaXZpZHVhbCBTdWJzY3Jp
-YmVyMB4XDTk2MDYwNDAwMDAwMFoXDTk4MDYwNDIzNTk1OVowYjERMA8GA1UEBxMI
-SW50ZXJuZXQxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMTQwMgYDVQQLEytWZXJp
-U2lnbiBDbGFzcyAyIENBIC0gSW5kaXZpZHVhbCBTdWJzY3JpYmVyMIGfMA0GCSqG
-SIb3DQEBAQUAA4GNADCBiQKBgQC6A+2czKGRcYMfm8gdnk+0de99TDDzsqo0v5nb
-RsbUmMcdRQ7nsMbRWe0SAb/9QoLTZ/cJ0iOBqdrkz7UpqqKarVoTSdlSMVM92tWp
-3bJncZHQD1t4xd6lQVdI1/T6R+5J0T1ukOdsI9Jmf+F28S6g3R3L1SFwiHKeZKZv
-z+793wIDAQABo4ICRzCCAkMwggIpBgNVHQMBAf8EggIdMIICGTCCAhUwggIRBgtg
-hkgBhvhFAQcBATCCAgAWggGrVGhpcyBjZXJ0aWZpY2F0ZSBpbmNvcnBvcmF0ZXMg
-YnkgcmVmZXJlbmNlLCBhbmQgaXRzIHVzZSBpcyBzdHJpY3RseSBzdWJqZWN0IHRv
-LCB0aGUgVmVyaVNpZ24gQ2VydGlmaWNhdGlvbiBQcmFjdGljZSBTdGF0ZW1lbnQg
-KENQUyksIGF2YWlsYWJsZSBhdDogaHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL0NQ
-Uy0xLjA7IGJ5IEUtbWFpbCBhdCBDUFMtcmVxdWVzdHNAdmVyaXNpZ24uY29tOyBv
-ciBieSBtYWlsIGF0IFZlcmlTaWduLCBJbmMuLCAyNTkzIENvYXN0IEF2ZS4sIE1v
-dW50YWluIFZpZXcsIENBIDk0MDQzIFVTQSBUZWwuICsxICg0MTUpIDk2MS04ODMw
-IENvcHlyaWdodCAoYykgMTk5NiBWZXJpU2lnbiwgSW5jLiAgQWxsIFJpZ2h0cyBS
-ZXNlcnZlZC4gQ0VSVEFJTiBXQVJSQU5USUVTIERJU0NMQUlNRUQgYW5kIExJQUJJ
-TElUWSBMSU1JVEVELqAOBgxghkgBhvhFAQcBAQGhDgYMYIZIAYb4RQEHAQECMC8w
-LRYraHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL3JlcG9zaXRvcnkvQ1BTLTEuMDAU
-BglghkgBhvhCAQEBAf8EBAMCAgQwDQYJKoZIhvcNAQECBQADgYEApRJRkNBqLLgs
-53IR/d18ODdLOWMTZ+QOOxBrq460iBEdUwgF8vmPRX1ku7UiDeNzaLlurE6eFqHq
-2zPyK5j60zfTLVJMWKcQWwTJLjHtXrW8pxhNtFc6Fdvy5ZkHnC/9NIl7/t4U6WqB
-p4y+p7SdMIkEwIZfds0VbnQyX5MRUJY=
+MIICPTCCAaYCEQC6WslMBTuS1qe2307QU5INMA0GCSqGSIb3DQEBAgUAMF8xCzAJ
+BgNVBAYTAlVTMRcwFQYDVQQKEw5WZXJpU2lnbiwgSW5jLjE3MDUGA1UECxMuQ2xh
+c3MgMiBQdWJsaWMgUHJpbWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw05
+NjAxMjkwMDAwMDBaFw0wNDAxMDcyMzU5NTlaMF8xCzAJBgNVBAYTAlVTMRcwFQYD
+VQQKEw5WZXJpU2lnbiwgSW5jLjE3MDUGA1UECxMuQ2xhc3MgMiBQdWJsaWMgUHJp
+bWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTCBnzANBgkqhkiG9w0BAQEFAAOB
+jQAwgYkCgYEAtlqLow1qI4OAa885h/QhEzMGTCWi7VUSl8WngLn6g8EgoPovFQ18
+oWBrfnks+gYPOq72G2+x0v8vKFJfg31LxHq3+GYfgFT8t8KOWUoUV0bRmpO+QZED
+uxWAk1zr58wIbD8+s0r8/0tsI9VQgiZEGY4jw3HqGSRHBJ51v8imAB8CAwEAATAN
+BgkqhkiG9w0BAQIFAAOBgQC2AB+TV6QHp0DOZUA/VV7t7/pUSaUw1iF8YYfug5ML
+v7Qz8pisnwa/TqjOFIFMywROWMPPX+5815pvy0GKt3+BuP+EYcYnQ2UdDOyxAArd
+G6S7x3ggKLKi3TaVLuFUT79guXdoEZkj6OpS6KoATmdOu5C1RZtG644W78QzWzM9
+1Q==
 -----END CERTIFICATE-----
-
index e6e3187..aa5bb4c 100644 (file)
@@ -1,16 +1,18 @@
- subject=/C=US/O=VeriSign, Inc./OU=Class 3 Public Primary Certification Authority
- issuer= /C=US/O=VeriSign, Inc./OU=Class 3 Public Primary Certification Authority
+subject=/C=US/O=VeriSign, Inc./OU=Class 3 Public Primary Certification Authority
+notBefore=Jan 29 00:00:00 1996 GMT
+notAfter=Jan  7 23:59:59 2004 GMT
 -----BEGIN CERTIFICATE-----
-MIICMTCCAZoCBQKhAAABMA0GCSqGSIb3DQEBAgUAMF8xCzAJBgNVBAYTAlVTMRcw
-FQYDVQQKEw5WZXJpU2lnbiwgSW5jLjE3MDUGA1UECxMuQ2xhc3MgMyBQdWJsaWMg
-UHJpbWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw05NjAxMjkwMDAwMDBa
-Fw05OTEyMzEyMzU5NTlaMF8xCzAJBgNVBAYTAlVTMRcwFQYDVQQKEw5WZXJpU2ln
-biwgSW5jLjE3MDUGA1UECxMuQ2xhc3MgMyBQdWJsaWMgUHJpbWFyeSBDZXJ0aWZp
-Y2F0aW9uIEF1dGhvcml0eTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAyVxZ
-nvIbigEUtBDfBEDb41evakVAj4QMC9Ez2dkRz+4CWB8l9yqoRAWq7AMfeH+ek7ma
-AKojfdashaJjRcdyJ8z0TMZ1cdI5709C8HXfCpDGjiBvmA/4rCNfcCk2pMmG57Ga
-IMtTpYXnPb59mv4kRTPcdhXtD6JxZExlLoFoRacCAwEAATANBgkqhkiG9w0BAQIF
-AAOBgQB1Zmw+0c2B27X4LzZRtvdCvM1Cr9wO+hVs+GeTVzrrtpLotgHKjLeOQ7RJ
-Zfk+7r11Ri7J/CVdqMcvi5uPaM+0nJcYwE3vH9mvgrPmZLiEXIqaB1JDYft0nls6
-NvxMsvwaPxUupVs8G5DsiCnkWRb5zget7Ond2tIxik/W2O8XjQ==
+MIICPTCCAaYCEQDknv3zOugOz6URPhmkJAIyMA0GCSqGSIb3DQEBAgUAMF8xCzAJ
+BgNVBAYTAlVTMRcwFQYDVQQKEw5WZXJpU2lnbiwgSW5jLjE3MDUGA1UECxMuQ2xh
+c3MgMyBQdWJsaWMgUHJpbWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw05
+NjAxMjkwMDAwMDBaFw0wNDAxMDcyMzU5NTlaMF8xCzAJBgNVBAYTAlVTMRcwFQYD
+VQQKEw5WZXJpU2lnbiwgSW5jLjE3MDUGA1UECxMuQ2xhc3MgMyBQdWJsaWMgUHJp
+bWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTCBnzANBgkqhkiG9w0BAQEFAAOB
+jQAwgYkCgYEAyVxZnvIbigEUtBDfBEDb41evakVAj4QMC9Ez2dkRz+4CWB8l9yqo
+RAWq7AMfeH+ek7maAKojfdashaJjRcdyJ8z0TMZ1cdI5709C8HXfCpDGjiBvmA/4
+rCNfcCk2pMmG57GaIMtTpYXnPb59mv4kRTPcdhXtD6JxZExlLoFoRacCAwEAATAN
+BgkqhkiG9w0BAQIFAAOBgQBhcOwvP579K+ZoVCGwZ3kIDCCWMYoNer62Jt95LCJp
+STbjl3diYaIy13pUITa6Ask05yXaRDWw0lyAXbOU+Pms7qRgdSoflUkjsUp89LNH
+ciFbfperVKxi513srpvSybIk+4Kt6WcVS7qqpvCXoPawl1cAyAw8CaCCBLpB2veZ
+pA==
 -----END CERTIFICATE-----
diff --git a/certs/vsignss.pem b/certs/vsignss.pem
new file mode 100644 (file)
index 0000000..5de48bf
--- /dev/null
@@ -0,0 +1,17 @@
+subject=/C=US/O=RSA Data Security, Inc./OU=Secure Server Certification Authority
+notBefore=Nov  9 00:00:00 1994 GMT
+notAfter=Jan  7 23:59:59 2010 GMT
+-----BEGIN CERTIFICATE-----
+MIICNDCCAaECEAKtZn5ORf5eV288mBle3cAwDQYJKoZIhvcNAQECBQAwXzELMAkG
+A1UEBhMCVVMxIDAeBgNVBAoTF1JTQSBEYXRhIFNlY3VyaXR5LCBJbmMuMS4wLAYD
+VQQLEyVTZWN1cmUgU2VydmVyIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTk0
+MTEwOTAwMDAwMFoXDTEwMDEwNzIzNTk1OVowXzELMAkGA1UEBhMCVVMxIDAeBgNV
+BAoTF1JTQSBEYXRhIFNlY3VyaXR5LCBJbmMuMS4wLAYDVQQLEyVTZWN1cmUgU2Vy
+dmVyIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MIGbMA0GCSqGSIb3DQEBAQUAA4GJ
+ADCBhQJ+AJLOesGugz5aqomDV6wlAXYMra6OLDfO6zV4ZFQD5YRAUcm/jwjiioII
+0haGN1XpsSECrXZogZoFokvJSyVmIlZsiAeP94FZbYQHZXATcXY+m3dM41CJVphI
+uR2nKRoTLkoRWZweFdVJVCxzOmmCsZc5nG1wZ0jl3S3WyB57AgMBAAEwDQYJKoZI
+hvcNAQECBQADfgBl3X7hsuyw4jrg7HFGmhkRuNPHoLQDQCYCPgmc4RKz0Vr2N6W3
+YQO2WxZpO8ZECAyIUwxrl0nHPjXcbLm7qt9cuzovk2C2qUtN8iD3zV9/ZHuO3ABc
+1/p3yjkWWW8O6tO1g39NTUJWdrTJXwT4OPjr0l91X817/OWOgHz8UA==
+-----END CERTIFICATE-----
diff --git a/certs/vsigntca.pem b/certs/vsigntca.pem
new file mode 100644 (file)
index 0000000..05acf76
--- /dev/null
@@ -0,0 +1,18 @@
+subject=/O=VeriSign, Inc/OU=www.verisign.com/repository/TestCPS Incorp. By Ref. Liab. LTD./OU=For VeriSign authorized testing only. No assurances (C)VS1997
+notBefore=Mar  4 00:00:00 1997 GMT
+notAfter=Mar  4 23:59:59 2025 GMT
+-----BEGIN CERTIFICATE-----
+MIICTTCCAfcCEEdoCqpuXxnoK27q7d58Qc4wDQYJKoZIhvcNAQEEBQAwgakxFjAU
+BgNVBAoTDVZlcmlTaWduLCBJbmMxRzBFBgNVBAsTPnd3dy52ZXJpc2lnbi5jb20v
+cmVwb3NpdG9yeS9UZXN0Q1BTIEluY29ycC4gQnkgUmVmLiBMaWFiLiBMVEQuMUYw
+RAYDVQQLEz1Gb3IgVmVyaVNpZ24gYXV0aG9yaXplZCB0ZXN0aW5nIG9ubHkuIE5v
+IGFzc3VyYW5jZXMgKEMpVlMxOTk3MB4XDTk3MDMwNDAwMDAwMFoXDTI1MDMwNDIz
+NTk1OVowgakxFjAUBgNVBAoTDVZlcmlTaWduLCBJbmMxRzBFBgNVBAsTPnd3dy52
+ZXJpc2lnbi5jb20vcmVwb3NpdG9yeS9UZXN0Q1BTIEluY29ycC4gQnkgUmVmLiBM
+aWFiLiBMVEQuMUYwRAYDVQQLEz1Gb3IgVmVyaVNpZ24gYXV0aG9yaXplZCB0ZXN0
+aW5nIG9ubHkuIE5vIGFzc3VyYW5jZXMgKEMpVlMxOTk3MFwwDQYJKoZIhvcNAQEB
+BQADSwAwSAJBAMak6xImJx44jMKcbkACy5/CyMA2fqXK4PlzTtCxRq5tFkDzne7s
+cI8oFK/J+gFZNE3bjidDxf07O3JOYG9RGx8CAwEAATANBgkqhkiG9w0BAQQFAANB
+ADT523tENOKrEheZFpsJx1UUjPrG7TwYc/C4NBHrZI4gZJcKVFIfNulftVS6UMYW
+ToLEMaUojc3DuNXHG21PDG8=
+-----END CERTIFICATE-----
diff --git a/config b/config
index 0afbccc..f403a22 100755 (executable)
--- a/config
+++ b/config
@@ -4,6 +4,9 @@
 #          which then automatically runs Configure from SSLeay after
 #         mapping the Apache names for OSs into SSLeay names
 #
+# 29-May-97 eay                Added no-asm option
+# 27-May-97 eay                Alpha linux mods
+# ??-May-97 eay                IRIX mods
 # 16-Sep-97 tjh                first cut of merged version
 #
 # Tim Hudson
@@ -30,7 +33,6 @@ RELEASE=`(uname -r) 2>/dev/null` || RELEASE="unknown"
 SYSTEM=`(uname -s) 2>/dev/null`  || SYSTEM="unknown"
 VERSION=`(uname -v) 2>/dev/null` || VERSION="unknown"
 
-
 # Now test for ISC and SCO, since it is has a braindamaged uname.
 #
 # We need to work around FreeBSD 1.1.5.1 
@@ -252,7 +254,27 @@ do
 case "$i" in 
 -d*) PREFIX="debug-";;
 -v*) VERBOSE="true";;
--n*|-t*) TEST="true";;
+-t*) TEST="true";;
+-h*) cat <<EOF
+usage: config [options]
+ -d    Add a debug- prefix to machine choice.
+ -v    Verbose mode.
+ -t    Test mode, do not run the Configure perl script.
+ -h    This help.
+
+Any other text will be passed to ther Configure perl script.
+Usefull options include
+ no-asm Build with no assember code.
+ -Dxxx Add xxx define to compilation.
+ -Lxxx Add xxx library include path to build.
+ -lxxx Add xxx library to build.
+
+eg, to build using RSAref, without assember, building to allow anon-DH
+ciphers and null encryption ciphers,
+ config no-asm -DRSAref -DSSL_ALLOW_ADH -DSSL_ALLOW_ENULL -lrsaref
+EOF
+;;
+*) options=$options" $i" ;;
 esac
 done
 
@@ -276,6 +298,7 @@ fi
 # script above so we end up with values in vars but that would take
 # more time that I want to waste at the moment
 case "$GUESSOS" in
+  alpha-*-linux2) OUT="alpha-gcc" ;;
   *-*-linux2) OUT="linux-elf" ;;
   *-*-linux) OUT="linux-aout" ;;
   sun4*-sun-solaris2) OUT="solaris-sparc-$CC" ;;
@@ -285,11 +308,15 @@ case "$GUESSOS" in
   *86*-*-netbsd) OUT="NetBSD-x86" ;;
   sun3*-*-netbsd) OUT="NetBSD-m68" ;;
   *-*-netbsd) OUT="NetBSD-sparc" ;;
-  *-*-osf) OUT="alpha-$CC" ;;
+  *86*-*-openbsd) OUT="OpenBSD-x86" ;;
+  alpha*-*-openbsd) OUT="OpenBSD-alpha" ;;
+  pmax*-*-openbsd) OUT="OpenBSD-mips" ;;
+  *-*-openbsd) OUT="OpenBSD" ;;
+  *-*-osf) OUT="alpha-cc" ;;
   *-*-unixware*) OUT="unixware-2.0" ;;
   *-sni-sysv4) OUT="SINIX" ;;
+  *-hpux*) OUT="hpux-$CC" ;;
   # these are all covered by the catchall below
-  # *-hpux) OUT="hpux-$CC" ;;
   # *-aix) OUT="aix-$CC" ;;
   # *-dgux) OUT="dgux" ;;
   *) OUT=`echo $GUESSOS | awk -F- '{print $3}'`;;
@@ -302,7 +329,7 @@ fi
 # run Configure to check to see if we need to specify the 
 # compiler for the platform ... in which case we add it on
 # the end ... otherwise we leave it off
-./Configure 2>&1 | grep '$OUT-$CC' > /dev/null
+perl ./Configure 2>&1 | grep "$OUT-$CC" > /dev/null
 if [ $? = "0" ]; then
   OUT="$OUT-$CC"
 fi
@@ -315,9 +342,9 @@ OUT="$PREFIX$OUT"
 echo Configuring for $OUT
 
 if [ "$TEST" = "true" ]; then
-  echo ./Configure $OUT
+  echo ./Configure $OUT $options
 else
-  ./Configure $OUT
+  perl ./Configure $OUT $options
 fi
 
 )
index efdbba3..ab821e2 100644 (file)
@@ -22,7 +22,7 @@ MAKEFILE=     Makefile.ssl
 PEX_LIBS=
 EX_LIBS=
  
-CFLAGS= $(INCLUDE) $(CFLAG) -DCFLAGS=" \"$(CC) $(CFLAG)\" "
+CFLAGS= $(INCLUDE) $(CFLAG) -DCFLAGS=" \"$(CC) $(CFLAG)\" " -DPLATFORM=" \"$(PLATFORM)\" "
 
 ERR=crypto
 ERRC=cpt_err
@@ -34,17 +34,17 @@ SDIRS=      md2 md5 sha mdc2 hmac ripemd \
        bn rsa dsa dh \
        buffer bio stack lhash rand err objects \
        evp pem x509 \
-       asn1 conf txt_db pkcs7
+       asn1 conf txt_db pkcs7 comp
 
 GENERAL=Makefile README
 
 LIB= $(TOP)/libcrypto.a
-LIBSRC=        cryptlib.c mem.c cversion.c ex_data.c $(ERRC).c
-LIBOBJ= cryptlib.o mem.o cversion.o ex_data.o $(ERRC).o
+LIBSRC=        cryptlib.c mem.c cversion.c ex_data.c tmdiff.c $(ERRC).c
+LIBOBJ= cryptlib.o mem.o cversion.o ex_data.o tmdiff.o $(ERRC).o
 
 SRC= $(LIBSRC)
 
-EXHEADER= crypto.h cryptall.h
+EXHEADER= crypto.h cryptall.h tmdiff.h
 HEADER=        cryptlib.h date.h $(EXHEADER)
 
 ALL=    $(GENERAL) $(SRC) $(HEADER)
@@ -61,7 +61,7 @@ subdirs:
        @for i in $(SDIRS) ;\
        do \
        (cd $$i; echo "making all in $$i..."; \
-       $(MAKE) CC='$(CC)' INCLUDES='${INCLUDES}' CFLAG='${CFLAG}' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' BN_MULW='${BN_MULW}' DES_ENC='${DES_ENC}' SHA1_ASM_OBJ='${SHA1_ASM_OBJ}' MD5_ASM_OBJ='${MD5_ASM_OBJ}' RMD160_ASM_OBJ='${RMD160_ASM_OBJ}' BF_ENC='${BF_ENC}' CAST_ENC='${CAST_ENC}' RC4_ENC='${RC4_ENC}' RC5_ENC='${RC5_ENC}' AR='${AR}' all ); \
+       $(MAKE) CC='$(CC)' INCLUDES='${INCLUDES}' CFLAG='${CFLAG}' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' BN_ASM='${BN_ASM}' DES_ENC='${DES_ENC}' SHA1_ASM_OBJ='${SHA1_ASM_OBJ}' MD5_ASM_OBJ='${MD5_ASM_OBJ}' RMD160_ASM_OBJ='${RMD160_ASM_OBJ}' BF_ENC='${BF_ENC}' CAST_ENC='${CAST_ENC}' RC4_ENC='${RC4_ENC}' RC5_ENC='${RC5_ENC}' AR='${AR}' all ); \
        done;
 
 files:
index 30751bd..1e9951f 100644 (file)
@@ -23,7 +23,7 @@ APPS=
 
 LIB=$(TOP)/libcrypto.a
 LIBSRC=        a_object.c a_bitstr.c a_utctm.c a_int.c a_octet.c a_print.c \
-       a_type.c a_set.c a_dup.c a_d2i_fp.c a_i2d_fp.c \
+       a_type.c a_set.c a_dup.c a_d2i_fp.c a_i2d_fp.c a_bmp.c \
        a_sign.c a_digest.c a_verify.c \
        x_algor.c x_val.c x_pubkey.c x_sig.c x_req.c x_attrib.c \
        x_name.c x_cinf.c x_x509.c x_crl.c x_info.c x_spki.c \
@@ -38,7 +38,7 @@ LIBSRC=       a_object.c a_bitstr.c a_utctm.c a_int.c a_octet.c a_print.c \
        asn1_par.c asn1_lib.c $(ERRC).c a_meth.c a_bytes.c \
        evp_asn1.c
 LIBOBJ= a_object.o a_bitstr.o a_utctm.o a_int.o a_octet.o a_print.o \
-       a_type.o a_set.o a_dup.o a_d2i_fp.o a_i2d_fp.o \
+       a_type.o a_set.o a_dup.o a_d2i_fp.o a_i2d_fp.o a_bmp.o \
        a_sign.o a_digest.o a_verify.o \
        x_algor.o x_val.o x_pubkey.o x_sig.o x_req.o x_attrib.o \
        x_name.o x_cinf.o x_x509.o x_crl.o x_info.o x_spki.o \
index 2c10120..275de43 100644 (file)
@@ -68,27 +68,50 @@ int i2d_ASN1_BIT_STRING(a,pp)
 ASN1_BIT_STRING *a;
 unsigned char **pp;
        {
-       int ret,j,r,bits;
+       int ret,j,r,bits,len;
        unsigned char *p,*d;
 
        if (a == NULL) return(0);
 
-       /* our bit strings are always a multiple of 8 :-) */
-       bits=0;
-       ret=1+a->length;
+       len=a->length;
+
+       if (len > 0)
+               {
+               if (a->flags & ASN1_STRING_FLAG_BITS_LEFT)
+                       {
+                       bits=(int)a->flags&0x07;
+                       }
+               else
+                       {
+                       for ( ; len > 0; len--)
+                               {
+                               if (a->data[len-1]) break;
+                               }
+                       j=a->data[len-1];
+                       if      (j & 0x01) bits=0;
+                       else if (j & 0x02) bits=1;
+                       else if (j & 0x04) bits=2;
+                       else if (j & 0x08) bits=3;
+                       else if (j & 0x10) bits=4;
+                       else if (j & 0x20) bits=5;
+                       else if (j & 0x40) bits=6;
+                       else if (j & 0x80) bits=7;
+                       else bits=0; /* should not happen */
+                       }
+               }
+       else
+               bits=0;
+       ret=1+len;
        r=ASN1_object_size(0,ret,V_ASN1_BIT_STRING);
        if (pp == NULL) return(r);
        p= *pp;
 
        ASN1_put_object(&p,0,ret,V_ASN1_BIT_STRING,V_ASN1_UNIVERSAL);
-       if (bits == 0)
-               j=0;
-       else    j=8-bits;
-       *(p++)=(unsigned char)j;
+       *(p++)=(unsigned char)bits;
        d=a->data;
-       memcpy(p,d,a->length);
-       p+=a->length;
-       if (a->length > 0) p[-1]&=(0xff<<j);
+       memcpy(p,d,len);
+       p+=len;
+       if (len > 0) p[-1]&=(0xff<<bits);
        *pp=p;
        return(r);
        }
@@ -127,6 +150,12 @@ long length;
        if (len < 1) { i=ASN1_R_STRING_TOO_SHORT; goto err; }
 
        i= *(p++);
+       /* We do this to preserve the settings.  If we modify
+        * the settings, via the _set_bit function, we will recalculate
+        * on output */
+       ret->flags&= ~(ASN1_STRING_FLAG_BITS_LEFT|0x07); /* clear */
+       ret->flags|=(ASN1_STRING_FLAG_BITS_LEFT|(i&0x07)); /* set */
+
        if (len-- > 1) /* using one because of the bits left byte */
                {
                s=(unsigned char *)Malloc((int)len);
@@ -170,6 +199,8 @@ int value;
        v=1<<(7-(n&0x07));
        iv= ~v;
 
+       a->flags&= ~(ASN1_STRING_FLAG_BITS_LEFT|0x07); /* clear, set on write */
+
        if (a == NULL) return(0);
        if ((a->length < (w+1)) || (a->data == NULL))
                {
diff --git a/crypto/asn1/a_bitstr.orig.c b/crypto/asn1/a_bitstr.orig.c
new file mode 100644 (file)
index 0000000..871e057
--- /dev/null
@@ -0,0 +1,236 @@
+/* crypto/asn1/a_bitstr.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "asn1.h"
+
+/* ASN1err(ASN1_F_ASN1_STRING_NEW,ASN1_R_STRING_TOO_SHORT);
+ * ASN1err(ASN1_F_D2I_ASN1_BIT_STRING,ASN1_R_EXPECTING_A_BIT_STRING);
+ */
+
+int i2d_ASN1_BIT_STRING(a,pp)
+ASN1_BIT_STRING *a;
+unsigned char **pp;
+       {
+       int ret,i,j,r,bits,len;
+       unsigned char *p,*d;
+
+       if (a == NULL) return(0);
+
+       len=a->length;
+
+       if ((len > 0)
+               {
+               if (a->flags & ASN1_FG_BITS_LEFT))
+                       {
+                       bits=a->flags&0x07;
+                       }
+               else
+                       {
+                       for ( ; len > 0; len--)
+                               {
+                               if (a->data[len-1]) break;
+                               }
+                       j=a->data[len-1];
+                       if      (j & 0x80) bits=1;
+                       else if (j & 0x40) bits=2;
+                       else if (j & 0x20) bits=3;
+                       else if (j & 0x10) bits=4;
+                       else if (j & 0x08) bits=5;
+                       else if (j & 0x04) bits=6;
+                       else if (j & 0x02) bits=7;
+                       else if (j & 0x01) bits=8;
+                       else bits=0;
+                       }
+               }
+       else
+               bits=0;
+       ret=1+len;
+       r=ASN1_object_size(0,ret,V_ASN1_BIT_STRING);
+       if (pp == NULL) return(r);
+       p= *pp;
+
+       ASN1_put_object(&p,0,ret,V_ASN1_BIT_STRING,V_ASN1_UNIVERSAL);
+       if (bits == 0)
+               j=0;
+       else    j=8-bits;
+       *(p++)=(unsigned char)j;
+       d=a->data;
+       memcpy(p,d,len);
+       p+=len;
+       if (len > 0) p[-1]&=(0xff<<j);
+       *pp=p;
+       return(r);
+       }
+
+ASN1_BIT_STRING *d2i_ASN1_BIT_STRING(a, pp, length)
+ASN1_BIT_STRING **a;
+unsigned char **pp;
+long length;
+       {
+       ASN1_BIT_STRING *ret=NULL;
+       unsigned char *p,*s;
+       long len;
+       int inf,tag,xclass;
+       int i;
+
+       if ((a == NULL) || ((*a) == NULL))
+               {
+               if ((ret=ASN1_BIT_STRING_new()) == NULL) return(NULL);
+               }
+       else
+               ret=(*a);
+
+       p= *pp;
+       inf=ASN1_get_object(&p,&len,&tag,&xclass,length);
+       if (inf & 0x80)
+               {
+               i=ASN1_R_BAD_OBJECT_HEADER;
+               goto err;
+               }
+
+       if (tag != V_ASN1_BIT_STRING)
+               {
+               i=ASN1_R_EXPECTING_A_BIT_STRING;
+               goto err;
+               }
+       if (len < 1) { i=ASN1_R_STRING_TOO_SHORT; goto err; }
+
+       i= *(p++);
+       ret->flag&= ~(ASN1_FG_BITS_LEFT|0x07); /* clear */
+       if (i > 0)
+               ret->flag|=(ASN1_FG_BITS_LEFT|(i&0x07)); /* set */
+
+       if (len-- > 1) /* using one because of the bits left byte */
+               {
+               s=(unsigned char *)Malloc((int)len);
+               if (s == NULL)
+                       {
+                       i=ERR_R_MALLOC_FAILURE;
+                       goto err;
+                       }
+               memcpy(s,p,(int)len);
+               s[len-1]&=(0xff<<i);
+               p+=len;
+               }
+       else
+               s=NULL;
+
+       ret->length=(int)len;
+       if (ret->data != NULL) Free((char *)ret->data);
+       ret->data=s;
+       ret->type=V_ASN1_BIT_STRING;
+       if (a != NULL) (*a)=ret;
+       *pp=p;
+       return(ret);
+err:
+       ASN1err(ASN1_F_D2I_ASN1_BIT_STRING,i);
+       if ((ret != NULL) && ((a == NULL) || (*a != ret)))
+               ASN1_BIT_STRING_free(ret);
+       return(NULL);
+       }
+
+/* These next 2 functions from Goetz Babin-Ebell <babinebell@trustcenter.de>
+ */
+int ASN1_BIT_STRING_set_bit(a,n,value)
+ASN1_BIT_STRING *a;
+int n;
+int value;
+       {
+       int w,v,iv;
+       unsigned char *c;
+
+       w=n/8;
+       v=1<<(7-(n&0x07));
+       iv= ~v;
+
+       a->flag&= ~(ASN1_FG_BITS_LEFT|0x07); /* clear, set on write */
+
+       if (a == NULL) return(0);
+       if ((a->length < (w+1)) || (a->data == NULL))
+               {
+               if (!value) return(1); /* Don't need to set */
+               if (a->data == NULL)
+                       c=(unsigned char *)Malloc(w+1);
+               else
+                       c=(unsigned char *)Realloc(a->data,w+1);
+               if (c == NULL) return(0);
+               a->data=c;
+               a->length=w+1;
+               c[w]=0;
+               }
+       a->data[w]=((a->data[w])&iv)|v;
+       while ((a->length > 0) && (a->data[a->length-1] == 0))
+               a->length--;
+       return(1);
+       }
+
+int ASN1_BIT_STRING_get_bit(a,n)
+ASN1_BIT_STRING *a;
+int n;
+       {
+       int w,v;
+
+       w=n/8;
+       v=1<<(7-(n&0x07));
+       if ((a == NULL) || (a->length < (w+1)) || (a->data == NULL))
+               return(0);
+       return((a->data[w]&v) != 0);
+       }
+
index 774502b..76a6f1c 100644 (file)
@@ -79,10 +79,10 @@ long length;
        ASN1_BMPSTRING *ret=NULL;
 
        ret=(ASN1_BMPSTRING *)d2i_ASN1_bytes((ASN1_STRING **)a,
-       pp,length,V_ASN1_BMPSTRING,V_ASN1_UNIVERSAL);
+               pp,length,V_ASN1_BMPSTRING,V_ASN1_UNIVERSAL);
        if (ret == NULL)
                {
-               ASN1err(ASN1_F_D2I_ASN1_BMPSTRING,ASN1_R_ERROR_STACK);
+               ASN1err(ASN1_F_D2I_ASN1_BMPSTRING,ERR_R_NESTED_ASN1_ERROR);
                return(NULL);
                }
        return(ret);
index 14168d6..6bfa983 100644 (file)
@@ -60,9 +60,7 @@
 #include "cryptlib.h"
 #include "asn1_mac.h"
 
-/* ASN1err(ASN1_F_ASN1_TYPE_NEW,ASN1_R_ERROR_STACK);
- * ASN1err(ASN1_F_D2I_ASN1_TYPE_BYTES,ASN1_R_ERROR_STACK);
- * ASN1err(ASN1_F_D2I_ASN1_TYPE_BYTES,ASN1_R_WRONG_TYPE);
+/* ASN1err(ASN1_F_D2I_ASN1_TYPE_BYTES,ASN1_R_WRONG_TYPE);
  * ASN1err(ASN1_F_ASN1_COLLATE_PRIMATIVE,ASN1_R_WRONG_TAG);
  */
 
index 4fb7a5f..e9de283 100644 (file)
 #include "asn1.h"
 
 /*
- * ASN1err(ASN1_F_D2I_ASN1_HEADER,ASN1_R_LENGTH_MISMATCH);
- * ASN1err(ASN1_F_I2D_ASN1_HEADER,ASN1_R_BAD_GET_OBJECT);
- * ASN1err(ASN1_F_I2D_ASN1_HEADER,ASN1_R_BAD_GET_OBJECT);
- * ASN1err(ASN1_F_ASN1_HEADER_NEW,ASN1_R_BAD_GET_OBJECT);
+ * ASN1err(ASN1_F_D2I_ASN1_HEADER,ERR_R_ASN1_LENGTH_MISMATCH);
+ * ASN1err(ASN1_F_I2D_ASN1_HEADER,ERR_R_BAD_GET_ASN1_OBJECT_CALL);
+ * ASN1err(ASN1_F_I2D_ASN1_HEADER,ERR_R_BAD_GET_ASN1_OBJECT_CALL);
+ * ASN1err(ASN1_F_ASN1_HEADER_NEW,ERR_R_BAD_GET_ASN1_OBJECT_CALL);
  */
 
 int i2d_ASN1_HEADER(a,pp)
@@ -110,6 +110,7 @@ long length;
 ASN1_HEADER *ASN1_HEADER_new()
        {
        ASN1_HEADER *ret=NULL;
+       ASN1_CTX c;
 
        M_ASN1_New_Malloc(ret,ASN1_HEADER);
        M_ASN1_New(ret->header,ASN1_OCTET_STRING_new);
index df79cf9..e847efe 100644 (file)
@@ -279,7 +279,7 @@ ASN1_INTEGER *ai;
                ret=ai;
        if (ret == NULL)
                {
-               ASN1err(ASN1_F_BN_TO_ASN1_INTEGER,ASN1_R_ERROR_STACK);
+               ASN1err(ASN1_F_BN_TO_ASN1_INTEGER,ERR_R_NESTED_ASN1_ERROR);
                goto err;
                }
        ret->type=V_ASN1_INTEGER;
index 5a7eeef..a476960 100644 (file)
@@ -382,8 +382,8 @@ char *sn,*ln;
        o.data=data;
        o.nid=nid;
        o.length=len;
-       o.flags=ASN1_OBJECT_FLAG_DYNAMIC|
-               ASN1_OBJECT_FLAG_DYNAMIC_STRINGS|ASN1_OBJECT_FLAG_DYNAMIC_DATA;
+       o.flags=ASN1_OBJECT_FLAG_DYNAMIC|ASN1_OBJECT_FLAG_DYNAMIC_STRINGS|
+               ASN1_OBJECT_FLAG_DYNAMIC_DATA;
        return(OBJ_dup(&o));
        }
 
index be3f172..5954c7b 100644 (file)
@@ -82,7 +82,7 @@ long length;
                pp,length,V_ASN1_OCTET_STRING,V_ASN1_UNIVERSAL);
        if (ret == NULL)
                {
-               ASN1err(ASN1_F_D2I_ASN1_OCTET_STRING,ASN1_R_ERROR_STACK);
+               ASN1err(ASN1_F_D2I_ASN1_OCTET_STRING,ERR_R_NESTED_ASN1_ERROR);
                return(NULL);
                }
        return(ret);
index 17c4994..7fd4807 100644 (file)
@@ -89,11 +89,12 @@ int ex_class;
        return(r);
        }
 
-STACK *d2i_ASN1_SET(a,pp,length,func,ex_tag,ex_class)
+STACK *d2i_ASN1_SET(a,pp,length,func,free_func,ex_tag,ex_class)
 STACK **a;
 unsigned char **pp;
 long length;
 char *(*func)();
+void (*free_func)();
 int ex_tag;
 int ex_class;
        {
@@ -136,14 +137,25 @@ int ex_class;
                char *s;
 
                if (M_ASN1_D2I_end_sequence()) break;
-               if ((s=func(NULL,&c.p,c.slen,c.max-c.p)) == NULL) goto err;
+               if ((s=func(NULL,&c.p,c.slen,c.max-c.p)) == NULL)
+                       {
+                       ASN1err(ASN1_F_D2I_ASN1_SET,ASN1_R_ERROR_PARSING_SET_ELEMENT);
+                       asn1_add_error(*pp,(int)(c.q- *pp));
+                       goto err;
+                       }
                if (!sk_push(ret,s)) goto err;
                }
        if (a != NULL) (*a)=ret;
        *pp=c.p;
        return(ret);
 err:
-       if ((ret != NULL) && ((a == NULL) || (*a != ret))) sk_free(ret);
+       if ((ret != NULL) && ((a == NULL) || (*a != ret)))
+               {
+               if (free_func != NULL)
+                       sk_pop_free(ret,free_func);
+               else
+                       sk_free(ret);
+               }
        return(NULL);
        }
 
index 02188e6..c2ff978 100644 (file)
@@ -136,7 +136,11 @@ EVP_MD *type;
        signature->data=buf_out;
        buf_out=NULL;
        signature->length=outl;
-
+       /* In the interests of compatability, I'll make sure that
+        * the bit string has a 'not-used bits' value of 0
+        */
+       signature->flags&= ~(ASN1_STRING_FLAG_BITS_LEFT|0x07);
+       signature->flags|=ASN1_STRING_FLAG_BITS_LEFT;
 err:
        memset(&ctx,0,sizeof(ctx));
        if (buf_in != NULL)
index 7c00040..7ddf5f9 100644 (file)
@@ -60,9 +60,7 @@
 #include "cryptlib.h"
 #include "asn1_mac.h"
 
-/* ASN1err(ASN1_F_ASN1_TYPE_NEW,ASN1_R_ERROR_STACK);
- * ASN1err(ASN1_F_D2I_ASN1_BYTES,ASN1_R_ERROR_STACK);
- * ASN1err(ASN1_F_D2I_ASN1_BYTES,ASN1_R_WRONG_TAG);
+/* ASN1err(ASN1_F_D2I_ASN1_BYTES,ASN1_R_WRONG_TAG);
  * ASN1err(ASN1_F_ASN1_COLLATE_PRIMATIVE,ASN1_R_WRONG_TAG);
  */
 
@@ -252,6 +250,7 @@ err:
 ASN1_TYPE *ASN1_TYPE_new()
        {
        ASN1_TYPE *ret=NULL;
+       ASN1_CTX c;
 
        M_ASN1_New_Malloc(ret,ASN1_TYPE);
        ret->type= -1;
@@ -304,14 +303,20 @@ ASN1_TYPE *a;
                case V_ASN1_NEG_INTEGER:
                case V_ASN1_BIT_STRING:
                case V_ASN1_OCTET_STRING:
+               case V_ASN1_SEQUENCE:
+               case V_ASN1_SET:
+               case V_ASN1_NUMERICSTRING:
                case V_ASN1_PRINTABLESTRING:
                case V_ASN1_T61STRING:
+               case V_ASN1_VIDEOTEXSTRING:
                case V_ASN1_IA5STRING:
-               case V_ASN1_UNIVERSALSTRING:
-               case V_ASN1_GENERALSTRING:
                case V_ASN1_UTCTIME:
-               case V_ASN1_SET:
-               case V_ASN1_SEQUENCE:
+               case V_ASN1_GENERALIZEDTIME:
+               case V_ASN1_GRAPHICSTRING:
+               case V_ASN1_VISIBLESTRING:
+               case V_ASN1_GENERALSTRING:
+               case V_ASN1_UNIVERSALSTRING:
+               case V_ASN1_BMPSTRING:
                        ASN1_STRING_free((ASN1_STRING *)a->value.ptr);
                        break;
                default:
index 17a7abb..ddd1a40 100644 (file)
@@ -85,7 +85,7 @@ long length;
                V_ASN1_UTCTIME,V_ASN1_UNIVERSAL);
        if (ret == NULL)
                {
-               ASN1err(ASN1_F_D2I_ASN1_UTCTIME,ASN1_R_ERROR_STACK);
+               ASN1err(ASN1_F_D2I_ASN1_UTCTIME,ERR_R_NESTED_ASN1_ERROR);
                return(NULL);
                }
        if (!ASN1_UTCTIME_check(ret))
@@ -180,7 +180,7 @@ time_t t;
        {
        char *p;
        struct tm *ts;
-#if defined(THREADS)
+#if defined(THREADS) && !defined(WIN32)
        struct tm data;
 #endif
 
@@ -189,7 +189,7 @@ time_t t;
        if (s == NULL)
                return(NULL);
 
-#if defined(THREADS)
+#if defined(THREADS) && !defined(WIN32)
        ts=(struct tm *)gmtime_r(&t,&data);
 #else
        ts=(struct tm *)gmtime(&t);
index c8b7011..1f5af96 100644 (file)
 
 /* Reason codes. */
 #define ASN1_R_BAD_CLASS                                100
-#define ASN1_R_BAD_GET_OBJECT                           101
-#define ASN1_R_BAD_OBJECT_HEADER                        102
-#define ASN1_R_BAD_PASSWORD_READ                        103
-#define ASN1_R_BAD_PKCS7_CONTENT                        104
-#define ASN1_R_BAD_PKCS7_TYPE                           105
-#define ASN1_R_BAD_TAG                                  106
-#define ASN1_R_BAD_TYPE                                         107
-#define ASN1_R_BN_LIB                                   108
-#define ASN1_R_BOOLEAN_IS_WRONG_LENGTH                  109
-#define ASN1_R_BUFFER_TOO_SMALL                                 110
-#define ASN1_R_DATA_IS_WRONG                            111
-#define ASN1_R_DECODING_ERROR                           112
-#define ASN1_R_ERROR_STACK                              113
-#define ASN1_R_EXPECTING_AN_INTEGER                     114
-#define ASN1_R_EXPECTING_AN_OBJECT                      115
-#define ASN1_R_EXPECTING_AN_OCTET_STRING                116
-#define ASN1_R_EXPECTING_A_BIT_STRING                   117
-#define ASN1_R_EXPECTING_A_BOOLEAN                      118
-#define ASN1_R_EXPECTING_A_SEQUENCE                     119
-#define ASN1_R_EXPECTING_A_UTCTIME                      120
-#define ASN1_R_FIRST_NUM_TOO_LARGE                      121
-#define ASN1_R_HEADER_TOO_LONG                          122
-#define ASN1_R_INVALID_DIGIT                            123
-#define ASN1_R_INVALID_SEPARATOR                        124
-#define ASN1_R_INVALID_TIME_FORMAT                      125
-#define ASN1_R_IV_TOO_LARGE                             126
-#define ASN1_R_LENGTH_ERROR                             127
-#define ASN1_R_LENGTH_MISMATCH                          128
-#define ASN1_R_MISSING_EOS                              129
-#define ASN1_R_MISSING_SECOND_NUMBER                    130
-#define ASN1_R_NON_HEX_CHARACTERS                       131
-#define ASN1_R_NOT_ENOUGH_DATA                          132
-#define ASN1_R_ODD_NUMBER_OF_CHARS                      133
-#define ASN1_R_PARSING                                  134
-#define ASN1_R_PRIVATE_KEY_HEADER_MISSING               135
-#define ASN1_R_SECOND_NUMBER_TOO_LARGE                  136
-#define ASN1_R_SHORT_LINE                               137
-#define ASN1_R_STRING_TOO_SHORT                                 138
-#define ASN1_R_TAG_VALUE_TOO_HIGH                       139
-#define ASN1_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD 140
-#define ASN1_R_TOO_LONG                                         141
-#define ASN1_R_UNABLE_TO_DECODE_RSA_KEY                         142
-#define ASN1_R_UNABLE_TO_DECODE_RSA_PRIVATE_KEY                 143
-#define ASN1_R_UNKNOWN_ATTRIBUTE_TYPE                   144
-#define ASN1_R_UNKNOWN_MESSAGE_DIGEST_ALGORITHM                 145
-#define ASN1_R_UNKNOWN_OBJECT_TYPE                      146
-#define ASN1_R_UNKNOWN_PUBLIC_KEY_TYPE                  147
-#define ASN1_R_UNSUPPORTED_CIPHER                       148
-#define ASN1_R_UNSUPPORTED_ENCRYPTION_ALGORITHM                 149
-#define ASN1_R_UNSUPPORTED_PUBLIC_KEY_TYPE              150
-#define ASN1_R_UTCTIME_TOO_LONG                                 151
-#define ASN1_R_WRONG_PRINTABLE_TYPE                     152
-#define ASN1_R_WRONG_TAG                                153
-#define ASN1_R_WRONG_TYPE                               154
+#define ASN1_R_BAD_OBJECT_HEADER                        101
+#define ASN1_R_BAD_PASSWORD_READ                        102
+#define ASN1_R_BAD_PKCS7_CONTENT                        103
+#define ASN1_R_BAD_PKCS7_TYPE                           104
+#define ASN1_R_BAD_TAG                                  105
+#define ASN1_R_BAD_TYPE                                         106
+#define ASN1_R_BN_LIB                                   107
+#define ASN1_R_BOOLEAN_IS_WRONG_LENGTH                  108
+#define ASN1_R_BUFFER_TOO_SMALL                                 109
+#define ASN1_R_DATA_IS_WRONG                            110
+#define ASN1_R_DECODING_ERROR                           111
+#define ASN1_R_ERROR_PARSING_SET_ELEMENT                112
+#define ASN1_R_EXPECTING_AN_INTEGER                     113
+#define ASN1_R_EXPECTING_AN_OBJECT                      114
+#define ASN1_R_EXPECTING_AN_OCTET_STRING                115
+#define ASN1_R_EXPECTING_A_BIT_STRING                   116
+#define ASN1_R_EXPECTING_A_BOOLEAN                      117
+#define ASN1_R_EXPECTING_A_UTCTIME                      118
+#define ASN1_R_FIRST_NUM_TOO_LARGE                      119
+#define ASN1_R_HEADER_TOO_LONG                          120
+#define ASN1_R_INVALID_DIGIT                            121
+#define ASN1_R_INVALID_SEPARATOR                        122
+#define ASN1_R_INVALID_TIME_FORMAT                      123
+#define ASN1_R_IV_TOO_LARGE                             124
+#define ASN1_R_LENGTH_ERROR                             125
+#define ASN1_R_MISSING_SECOND_NUMBER                    126
+#define ASN1_R_NON_HEX_CHARACTERS                       127
+#define ASN1_R_NOT_ENOUGH_DATA                          128
+#define ASN1_R_ODD_NUMBER_OF_CHARS                      129
+#define ASN1_R_PARSING                                  130
+#define ASN1_R_PRIVATE_KEY_HEADER_MISSING               131
+#define ASN1_R_SECOND_NUMBER_TOO_LARGE                  132
+#define ASN1_R_SHORT_LINE                               133
+#define ASN1_R_STRING_TOO_SHORT                                 134
+#define ASN1_R_TAG_VALUE_TOO_HIGH                       135
+#define ASN1_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD 136
+#define ASN1_R_TOO_LONG                                         137
+#define ASN1_R_UNABLE_TO_DECODE_RSA_KEY                         138
+#define ASN1_R_UNABLE_TO_DECODE_RSA_PRIVATE_KEY                 139
+#define ASN1_R_UNKNOWN_ATTRIBUTE_TYPE                   140
+#define ASN1_R_UNKNOWN_MESSAGE_DIGEST_ALGORITHM                 141
+#define ASN1_R_UNKNOWN_OBJECT_TYPE                      142
+#define ASN1_R_UNKNOWN_PUBLIC_KEY_TYPE                  143
+#define ASN1_R_UNSUPPORTED_CIPHER                       144
+#define ASN1_R_UNSUPPORTED_ENCRYPTION_ALGORITHM                 145
+#define ASN1_R_UNSUPPORTED_PUBLIC_KEY_TYPE              146
+#define ASN1_R_UTCTIME_TOO_LONG                                 147
+#define ASN1_R_WRONG_PRINTABLE_TYPE                     148
+#define ASN1_R_WRONG_TAG                                149
+#define ASN1_R_WRONG_TYPE                               150
index 9793db3..0aa1ca0 100644 (file)
@@ -122,101 +122,6 @@ extern "C" {
 #define B_ASN1_BMPSTRING       0x0800
 #define B_ASN1_UNKNOWN         0x1000
 
-#ifndef DEBUG
-
-#define ASN1_INTEGER           ASN1_STRING
-#define ASN1_BIT_STRING                ASN1_STRING
-#define ASN1_OCTET_STRING      ASN1_STRING
-#define ASN1_PRINTABLESTRING   ASN1_STRING
-#define ASN1_T61STRING         ASN1_STRING
-#define ASN1_IA5STRING         ASN1_STRING
-#define ASN1_UTCTIME           ASN1_STRING
-#define ASN1_GENERALIZEDTIME   ASN1_STRING
-#define ASN1_GENERALSTRING     ASN1_STRING
-#define ASN1_UNIVERSALSTRING   ASN1_STRING
-#define ASN1_BMPSTRING         ASN1_STRING
-
-#else
-
-typedef struct asn1_integer_st
-       {
-       int length;
-       int type;
-       unsigned char *data;
-       } ASN1_INTEGER;
-
-typedef struct asn1_bit_string_st
-       {
-       int length;
-       int type;
-       unsigned char *data;
-       } ASN1_BIT_STRING;
-
-typedef struct asn1_octet_string_st
-       {
-       int length;
-       int type;
-       unsigned char *data;
-       } ASN1_OCTET_STRING;
-
-typedef struct asn1_printablestring_st
-       {
-       int length;
-       int type;
-       unsigned char *data;
-       } ASN1_PRINTABLESTRING;
-
-typedef struct asn1_t61string_st
-       {
-       int length;
-       int type;
-       unsigned char *data;
-       } ASN1_T61STRING;
-
-typedef struct asn1_ia5string_st
-       {
-       int length;
-       int type;
-       unsigned char *data;
-       } ASN1_IA5STRING;
-
-typedef struct asn1_generalstring_st
-       {
-       int length;
-       int type;
-       unsigned char *data;
-       } ASN1_GENERALSTRING;
-
-typedef struct asn1_universalstring_st
-       {
-       int length;
-       int type;
-       unsigned char *data;
-       } ASN1_UNIVERSALSTRING;
-
-typedef struct asn1_bmpstring_st
-       {
-       int length;
-       int type;
-       unsigned char *data;
-       } ASN1_BMPSTRING;
-
-typedef struct asn1_utctime_st
-       {
-       int length;
-       int type;
-       unsigned char *data;
-       } ASN1_UTCTIME;
-
-typedef struct asn1_generalizedtime_st
-       {
-       int length;
-       int type;
-       unsigned char *data;
-       } ASN1_GENERALIZEDTIME;
-
-#endif
-
 typedef struct asn1_ctx_st
        {
        unsigned char *p;/* work char pointer */
@@ -229,6 +134,7 @@ typedef struct asn1_ctx_st
        unsigned char *max; /* largest value of p alowed */
        unsigned char *q;/* temporary variable */
        unsigned char **pp;/* variable */
+       int line;       /* used in error processing */
        } ASN1_CTX;
 
 /* These are used internally in the ASN1_OBJECT to keep track of
@@ -246,14 +152,46 @@ typedef struct asn1_object_st
        int flags;      /* Should we free this one */
        } ASN1_OBJECT;
 
+#define ASN1_STRING_FLAG_BITS_LEFT 0x08 /* Set if 0x07 has bits left value */
 /* This is the base type that holds just about everything :-) */
 typedef struct asn1_string_st
        {
        int length;
        int type;
        unsigned char *data;
+       /* The value of the following field depends on the type being
+        * held.  It is mostly being used for BIT_STRING so if the
+        * input data has a non-zero 'unused bits' value, it will be
+        * handled correctly */
+       long flags;
        } ASN1_STRING;
 
+#ifndef DEBUG
+#define ASN1_INTEGER           ASN1_STRING
+#define ASN1_BIT_STRING                ASN1_STRING
+#define ASN1_OCTET_STRING      ASN1_STRING
+#define ASN1_PRINTABLESTRING   ASN1_STRING
+#define ASN1_T61STRING         ASN1_STRING
+#define ASN1_IA5STRING         ASN1_STRING
+#define ASN1_UTCTIME           ASN1_STRING
+#define ASN1_GENERALIZEDTIME   ASN1_STRING
+#define ASN1_GENERALSTRING     ASN1_STRING
+#define ASN1_UNIVERSALSTRING   ASN1_STRING
+#define ASN1_BMPSTRING         ASN1_STRING
+#else
+typedef struct asn1_string_st ASN1_INTEGER;
+typedef struct asn1_string_st ASN1_BIT_STRING;
+typedef struct asn1_string_st ASN1_OCTET_STRING;
+typedef struct asn1_string_st ASN1_PRINTABLESTRING;
+typedef struct asn1_string_st ASN1_T61STRING;
+typedef struct asn1_string_st ASN1_IA5STRING;
+typedef struct asn1_string_st ASN1_GENERALSTRING;
+typedef struct asn1_string_st ASN1_UNIVERSALSTRING;
+typedef struct asn1_string_st ASN1_BMPSTRING;
+typedef struct asn1_string_st ASN1_UTCTIME;
+typedef struct asn1_string_st ASN1_GENERALIZEDTIME;
+#endif
+
 typedef struct asn1_type_st
        {
        int type;
@@ -472,6 +410,10 @@ int                i2d_ASN1_OCTET_STRING(ASN1_OCTET_STRING *a,unsigned char **pp);
 ASN1_OCTET_STRING *d2i_ASN1_OCTET_STRING(ASN1_OCTET_STRING **a,
                        unsigned char **pp,long length);
 
+int i2d_ASN1_BMPSTRING(ASN1_BMPSTRING *a, unsigned char **pp);
+ASN1_BMPSTRING *d2i_ASN1_BMPSTRING(ASN1_BMPSTRING **a, unsigned char **pp,
+       long length);
+
 int i2d_ASN1_PRINTABLE(ASN1_STRING *a,unsigned char **pp);
 ASN1_STRING *d2i_ASN1_PRINTABLE(ASN1_STRING **a,
        unsigned char **pp, long l);
@@ -491,7 +433,8 @@ ASN1_UTCTIME *      d2i_ASN1_UTCTIME(ASN1_UTCTIME **a,unsigned char **pp,
 int            i2d_ASN1_SET(STACK *a, unsigned char **pp,
                        int (*func)(), int ex_tag, int ex_class);
 STACK *                d2i_ASN1_SET(STACK **a, unsigned char **pp, long length,
-                       char *(*func)(), int ex_tag, int ex_class);
+                       char *(*func)(), void (*free_func)(),
+                       int ex_tag, int ex_class);
 
 #ifdef HEADER_BIO_H
 int i2a_ASN1_INTEGER(BIO *bp, ASN1_INTEGER *a);
@@ -666,6 +609,9 @@ int ASN1_TYPE_get_octetstring();
 int ASN1_TYPE_set_int_octetstring();
 int ASN1_TYPE_get_int_octetstring();
 
+int i2d_ASN1_BMPSTRING();
+ASN1_BMPSTRING *d2i_ASN1_BMPSTRING();
+
 #endif
 
 /* BEGIN ERROR CODES */
@@ -797,60 +743,56 @@ int ASN1_TYPE_get_int_octetstring();
 
 /* Reason codes. */
 #define ASN1_R_BAD_CLASS                                100
-#define ASN1_R_BAD_GET_OBJECT                           101
-#define ASN1_R_BAD_OBJECT_HEADER                        102
-#define ASN1_R_BAD_PASSWORD_READ                        103
-#define ASN1_R_BAD_PKCS7_CONTENT                        104
-#define ASN1_R_BAD_PKCS7_TYPE                           105
-#define ASN1_R_BAD_TAG                                  106
-#define ASN1_R_BAD_TYPE                                         107
-#define ASN1_R_BN_LIB                                   108
-#define ASN1_R_BOOLEAN_IS_WRONG_LENGTH                  109
-#define ASN1_R_BUFFER_TOO_SMALL                                 110
-#define ASN1_R_DATA_IS_WRONG                            111
-#define ASN1_R_DECODING_ERROR                           112
-#define ASN1_R_ERROR_STACK                              113
-#define ASN1_R_EXPECTING_AN_INTEGER                     114
-#define ASN1_R_EXPECTING_AN_OBJECT                      115
-#define ASN1_R_EXPECTING_AN_OCTET_STRING                116
-#define ASN1_R_EXPECTING_A_BIT_STRING                   117
-#define ASN1_R_EXPECTING_A_BOOLEAN                      118
-#define ASN1_R_EXPECTING_A_SEQUENCE                     119
-#define ASN1_R_EXPECTING_A_UTCTIME                      120
-#define ASN1_R_FIRST_NUM_TOO_LARGE                      121
-#define ASN1_R_HEADER_TOO_LONG                          122
-#define ASN1_R_INVALID_DIGIT                            123
-#define ASN1_R_INVALID_SEPARATOR                        124
-#define ASN1_R_INVALID_TIME_FORMAT                      125
-#define ASN1_R_IV_TOO_LARGE                             126
-#define ASN1_R_LENGTH_ERROR                             127
-#define ASN1_R_LENGTH_MISMATCH                          128
-#define ASN1_R_MISSING_EOS                              129
-#define ASN1_R_MISSING_SECOND_NUMBER                    130
-#define ASN1_R_NON_HEX_CHARACTERS                       131
-#define ASN1_R_NOT_ENOUGH_DATA                          132
-#define ASN1_R_ODD_NUMBER_OF_CHARS                      133
-#define ASN1_R_PARSING                                  134
-#define ASN1_R_PRIVATE_KEY_HEADER_MISSING               135
-#define ASN1_R_SECOND_NUMBER_TOO_LARGE                  136
-#define ASN1_R_SHORT_LINE                               137
-#define ASN1_R_STRING_TOO_SHORT                                 138
-#define ASN1_R_TAG_VALUE_TOO_HIGH                       139
-#define ASN1_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD 140
-#define ASN1_R_TOO_LONG                                         141
-#define ASN1_R_UNABLE_TO_DECODE_RSA_KEY                         142
-#define ASN1_R_UNABLE_TO_DECODE_RSA_PRIVATE_KEY                 143
-#define ASN1_R_UNKNOWN_ATTRIBUTE_TYPE                   144
-#define ASN1_R_UNKNOWN_MESSAGE_DIGEST_ALGORITHM                 145
-#define ASN1_R_UNKNOWN_OBJECT_TYPE                      146
-#define ASN1_R_UNKNOWN_PUBLIC_KEY_TYPE                  147
-#define ASN1_R_UNSUPPORTED_CIPHER                       148
-#define ASN1_R_UNSUPPORTED_ENCRYPTION_ALGORITHM                 149
-#define ASN1_R_UNSUPPORTED_PUBLIC_KEY_TYPE              150
-#define ASN1_R_UTCTIME_TOO_LONG                                 151
-#define ASN1_R_WRONG_PRINTABLE_TYPE                     152
-#define ASN1_R_WRONG_TAG                                153
-#define ASN1_R_WRONG_TYPE                               154
+#define ASN1_R_BAD_OBJECT_HEADER                        101
+#define ASN1_R_BAD_PASSWORD_READ                        102
+#define ASN1_R_BAD_PKCS7_CONTENT                        103
+#define ASN1_R_BAD_PKCS7_TYPE                           104
+#define ASN1_R_BAD_TAG                                  105
+#define ASN1_R_BAD_TYPE                                         106
+#define ASN1_R_BN_LIB                                   107
+#define ASN1_R_BOOLEAN_IS_WRONG_LENGTH                  108
+#define ASN1_R_BUFFER_TOO_SMALL                                 109
+#define ASN1_R_DATA_IS_WRONG                            110
+#define ASN1_R_DECODING_ERROR                           111
+#define ASN1_R_ERROR_PARSING_SET_ELEMENT                112
+#define ASN1_R_EXPECTING_AN_INTEGER                     113
+#define ASN1_R_EXPECTING_AN_OBJECT                      114
+#define ASN1_R_EXPECTING_AN_OCTET_STRING                115
+#define ASN1_R_EXPECTING_A_BIT_STRING                   116
+#define ASN1_R_EXPECTING_A_BOOLEAN                      117
+#define ASN1_R_EXPECTING_A_UTCTIME                      118
+#define ASN1_R_FIRST_NUM_TOO_LARGE                      119
+#define ASN1_R_HEADER_TOO_LONG                          120
+#define ASN1_R_INVALID_DIGIT                            121
+#define ASN1_R_INVALID_SEPARATOR                        122
+#define ASN1_R_INVALID_TIME_FORMAT                      123
+#define ASN1_R_IV_TOO_LARGE                             124
+#define ASN1_R_LENGTH_ERROR                             125
+#define ASN1_R_MISSING_SECOND_NUMBER                    126
+#define ASN1_R_NON_HEX_CHARACTERS                       127
+#define ASN1_R_NOT_ENOUGH_DATA                          128
+#define ASN1_R_ODD_NUMBER_OF_CHARS                      129
+#define ASN1_R_PARSING                                  130
+#define ASN1_R_PRIVATE_KEY_HEADER_MISSING               131
+#define ASN1_R_SECOND_NUMBER_TOO_LARGE                  132
+#define ASN1_R_SHORT_LINE                               133
+#define ASN1_R_STRING_TOO_SHORT                                 134
+#define ASN1_R_TAG_VALUE_TOO_HIGH                       135
+#define ASN1_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD 136
+#define ASN1_R_TOO_LONG                                         137
+#define ASN1_R_UNABLE_TO_DECODE_RSA_KEY                         138
+#define ASN1_R_UNABLE_TO_DECODE_RSA_PRIVATE_KEY                 139
+#define ASN1_R_UNKNOWN_ATTRIBUTE_TYPE                   140
+#define ASN1_R_UNKNOWN_MESSAGE_DIGEST_ALGORITHM                 141
+#define ASN1_R_UNKNOWN_OBJECT_TYPE                      142
+#define ASN1_R_UNKNOWN_PUBLIC_KEY_TYPE                  143
+#define ASN1_R_UNSUPPORTED_CIPHER                       144
+#define ASN1_R_UNSUPPORTED_ENCRYPTION_ALGORITHM                 145
+#define ASN1_R_UNSUPPORTED_PUBLIC_KEY_TYPE              146
+#define ASN1_R_UTCTIME_TOO_LONG                                 147
+#define ASN1_R_WRONG_PRINTABLE_TYPE                     148
+#define ASN1_R_WRONG_TAG                                149
+#define ASN1_R_WRONG_TYPE                               150
  
 #ifdef  __cplusplus
 }
index 03c2858..b7818f8 100644 (file)
@@ -87,7 +87,7 @@ static ERR_STRING_DATA ASN1_str_functs[]=
 {ERR_PACK(0,ASN1_F_ASN1_VERIFY,0),     "ASN1_VERIFY"},
 {ERR_PACK(0,ASN1_F_BN_TO_ASN1_INTEGER,0),      "BN_to_ASN1_INTEGER"},
 {ERR_PACK(0,ASN1_F_D2I_ASN1_BIT_STRING,0),     "d2i_ASN1_BIT_STRING"},
-{ERR_PACK(0,ASN1_F_D2I_ASN1_BMPSTRING,0),      "D2I_ASN1_BMPSTRING"},
+{ERR_PACK(0,ASN1_F_D2I_ASN1_BMPSTRING,0),      "d2i_ASN1_BMPSTRING"},
 {ERR_PACK(0,ASN1_F_D2I_ASN1_BOOLEAN,0),        "d2i_ASN1_BOOLEAN"},
 {ERR_PACK(0,ASN1_F_D2I_ASN1_BYTES,0),  "d2i_ASN1_bytes"},
 {ERR_PACK(0,ASN1_F_D2I_ASN1_HEADER,0), "d2i_ASN1_HEADER"},
@@ -191,7 +191,6 @@ static ERR_STRING_DATA ASN1_str_functs[]=
 static ERR_STRING_DATA ASN1_str_reasons[]=
        {
 {ASN1_R_BAD_CLASS                        ,"bad class"},
-{ASN1_R_BAD_GET_OBJECT                   ,"bad get object"},
 {ASN1_R_BAD_OBJECT_HEADER                ,"bad object header"},
 {ASN1_R_BAD_PASSWORD_READ                ,"bad password read"},
 {ASN1_R_BAD_PKCS7_CONTENT                ,"bad pkcs7 content"},
@@ -203,13 +202,12 @@ static ERR_STRING_DATA ASN1_str_reasons[]=
 {ASN1_R_BUFFER_TOO_SMALL                 ,"buffer too small"},
 {ASN1_R_DATA_IS_WRONG                    ,"data is wrong"},
 {ASN1_R_DECODING_ERROR                   ,"decoding error"},
-{ASN1_R_ERROR_STACK                      ,"error stack"},
+{ASN1_R_ERROR_PARSING_SET_ELEMENT        ,"error parsing set element"},
 {ASN1_R_EXPECTING_AN_INTEGER             ,"expecting an integer"},
 {ASN1_R_EXPECTING_AN_OBJECT              ,"expecting an object"},
 {ASN1_R_EXPECTING_AN_OCTET_STRING        ,"expecting an octet string"},
 {ASN1_R_EXPECTING_A_BIT_STRING           ,"expecting a bit string"},
 {ASN1_R_EXPECTING_A_BOOLEAN              ,"expecting a boolean"},
-{ASN1_R_EXPECTING_A_SEQUENCE             ,"expecting a sequence"},
 {ASN1_R_EXPECTING_A_UTCTIME              ,"expecting a utctime"},
 {ASN1_R_FIRST_NUM_TOO_LARGE              ,"first num too large"},
 {ASN1_R_HEADER_TOO_LONG                  ,"header too long"},
@@ -218,8 +216,6 @@ static ERR_STRING_DATA ASN1_str_reasons[]=
 {ASN1_R_INVALID_TIME_FORMAT              ,"invalid time format"},
 {ASN1_R_IV_TOO_LARGE                     ,"iv too large"},
 {ASN1_R_LENGTH_ERROR                     ,"length error"},
-{ASN1_R_LENGTH_MISMATCH                  ,"length mismatch"},
-{ASN1_R_MISSING_EOS                      ,"missing eos"},
 {ASN1_R_MISSING_SECOND_NUMBER            ,"missing second number"},
 {ASN1_R_NON_HEX_CHARACTERS               ,"non hex characters"},
 {ASN1_R_NOT_ENOUGH_DATA                  ,"not enough data"},
@@ -254,8 +250,8 @@ void ERR_load_ASN1_strings()
        {
        static int init=1;
 
-       if (init);
-               {;
+       if (init)
+               {
                init=0;
 #ifndef NO_ERR
                ERR_load_strings(ERR_LIB_ASN1,ASN1_str_functs);